Repository: envoyproxy/envoy-wasm Branch: master Commit: ab5d9381fdf9 Files: 7386 Total size: 35.1 MB Directory structure: gitextract_0bqlinc2/ ├── .azure-pipelines/ │ ├── bazel.yml │ ├── cleanup.sh │ └── pipelines.yml ├── .bazelci/ │ └── presubmit.yml ├── .bazelignore ├── .bazelrc ├── .bazelversion ├── .circleci/ │ └── config.yml ├── .clang-format ├── .clang-tidy ├── .devcontainer/ │ ├── .gitignore │ ├── Dockerfile │ ├── README.md │ ├── devcontainer.json │ └── setup.sh ├── .gitattributes ├── .github/ │ ├── ISSUE_TEMPLATE/ │ │ ├── config.yml │ │ ├── feature_request.md │ │ ├── non--crash-security--bug.md │ │ └── other.md │ ├── stale.yml │ └── workflows/ │ ├── codeql-daily.yml │ ├── codeql-push.yml │ └── get_build_targets.sh ├── .gitignore ├── .zuul/ │ └── playbooks/ │ └── envoy-build/ │ └── run.yaml ├── .zuul.yaml ├── BUILD ├── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── DCO ├── DEPENDENCY_POLICY.md ├── DEPRECATED.md ├── DEVELOPER.md ├── EXTENSION_POLICY.md ├── GOVERNANCE.md ├── LICENSE ├── NOTICE ├── OWNERS.md ├── PULL_REQUESTS.md ├── PULL_REQUEST_TEMPLATE.md ├── README.md ├── RELEASES.md ├── REPO_LAYOUT.md ├── SECURITY.md ├── STYLE.md ├── VERSION ├── WORKSPACE ├── api/ │ ├── API_OVERVIEW.md │ ├── API_VERSIONING.md │ ├── BUILD │ ├── CONTRIBUTING.md │ ├── README.md │ ├── STYLE.md │ ├── bazel/ │ │ ├── BUILD │ │ ├── api_build_system.bzl │ │ ├── envoy_http_archive.bzl │ │ ├── external_proto_deps.bzl │ │ ├── repositories.bzl │ │ └── repository_locations.bzl │ ├── envoy/ │ │ ├── admin/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── certs.proto │ │ │ │ ├── clusters.proto │ │ │ │ ├── config_dump.proto │ │ │ │ ├── listeners.proto │ │ │ │ ├── memory.proto │ │ │ │ ├── metrics.proto │ │ │ │ ├── mutex_stats.proto │ │ │ │ ├── server_info.proto │ │ │ │ └── tap.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── certs.proto │ │ │ │ ├── clusters.proto │ │ │ │ ├── config_dump.proto │ │ │ │ ├── init_dump.proto │ │ │ │ ├── listeners.proto │ │ │ │ ├── memory.proto │ │ │ │ ├── metrics.proto │ │ │ │ ├── mutex_stats.proto │ │ │ │ ├── server_info.proto │ │ │ │ └── tap.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── certs.proto │ │ │ ├── clusters.proto │ │ │ ├── config_dump.proto │ │ │ ├── init_dump.proto │ │ │ ├── listeners.proto │ │ │ ├── memory.proto │ │ │ ├── metrics.proto │ │ │ ├── mutex_stats.proto │ │ │ ├── server_info.proto │ │ │ └── tap.proto │ │ ├── annotations/ │ │ │ ├── BUILD │ │ │ ├── deprecation.proto │ │ │ └── resource.proto │ │ ├── api/ │ │ │ └── v2/ │ │ │ ├── BUILD │ │ │ ├── README.md │ │ │ ├── auth/ │ │ │ │ ├── BUILD │ │ │ │ ├── cert.proto │ │ │ │ ├── common.proto │ │ │ │ ├── secret.proto │ │ │ │ └── tls.proto │ │ │ ├── cds.proto │ │ │ ├── cluster/ │ │ │ │ ├── BUILD │ │ │ │ ├── circuit_breaker.proto │ │ │ │ ├── filter.proto │ │ │ │ └── outlier_detection.proto │ │ │ ├── cluster.proto │ │ │ ├── core/ │ │ │ │ ├── BUILD │ │ │ │ ├── address.proto │ │ │ │ ├── backoff.proto │ │ │ │ ├── base.proto │ │ │ │ ├── config_source.proto │ │ │ │ ├── event_service_config.proto │ │ │ │ ├── grpc_method_list.proto │ │ │ │ ├── grpc_service.proto │ │ │ │ ├── health_check.proto │ │ │ │ ├── http_uri.proto │ │ │ │ ├── protocol.proto │ │ │ │ └── socket_option.proto │ │ │ ├── discovery.proto │ │ │ ├── eds.proto │ │ │ ├── endpoint/ │ │ │ │ ├── BUILD │ │ │ │ ├── endpoint.proto │ │ │ │ ├── endpoint_components.proto │ │ │ │ └── load_report.proto │ │ │ ├── endpoint.proto │ │ │ ├── lds.proto │ │ │ ├── listener/ │ │ │ │ ├── BUILD │ │ │ │ ├── listener.proto │ │ │ │ ├── listener_components.proto │ │ │ │ ├── quic_config.proto │ │ │ │ └── udp_listener_config.proto │ │ │ ├── listener.proto │ │ │ ├── ratelimit/ │ │ │ │ ├── BUILD │ │ │ │ └── ratelimit.proto │ │ │ ├── rds.proto │ │ │ ├── route/ │ │ │ │ ├── BUILD │ │ │ │ ├── route.proto │ │ │ │ └── route_components.proto │ │ │ ├── route.proto │ │ │ ├── scoped_route.proto │ │ │ └── srds.proto │ │ ├── config/ │ │ │ ├── README.md │ │ │ ├── accesslog/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── als.proto │ │ │ │ │ └── file.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── accesslog.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── accesslog.proto │ │ │ ├── bootstrap/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── bootstrap.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── bootstrap.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── bootstrap.proto │ │ │ ├── cluster/ │ │ │ │ ├── aggregate/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cluster.proto │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cluster.proto │ │ │ │ ├── redis/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── redis_cluster.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── circuit_breaker.proto │ │ │ │ │ ├── cluster.proto │ │ │ │ │ ├── filter.proto │ │ │ │ │ └── outlier_detection.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── circuit_breaker.proto │ │ │ │ ├── cluster.proto │ │ │ │ ├── filter.proto │ │ │ │ └── outlier_detection.proto │ │ │ ├── common/ │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_cache.proto │ │ │ │ ├── matcher/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── matcher.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── matcher.proto │ │ │ │ └── tap/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── common.proto │ │ │ ├── core/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── address.proto │ │ │ │ │ ├── backoff.proto │ │ │ │ │ ├── base.proto │ │ │ │ │ ├── config_source.proto │ │ │ │ │ ├── event_service_config.proto │ │ │ │ │ ├── extension.proto │ │ │ │ │ ├── grpc_method_list.proto │ │ │ │ │ ├── grpc_service.proto │ │ │ │ │ ├── health_check.proto │ │ │ │ │ ├── http_uri.proto │ │ │ │ │ ├── protocol.proto │ │ │ │ │ ├── proxy_protocol.proto │ │ │ │ │ ├── socket_option.proto │ │ │ │ │ └── substitution_format_string.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── address.proto │ │ │ │ ├── backoff.proto │ │ │ │ ├── base.proto │ │ │ │ ├── config_source.proto │ │ │ │ ├── event_service_config.proto │ │ │ │ ├── extension.proto │ │ │ │ ├── grpc_method_list.proto │ │ │ │ ├── grpc_service.proto │ │ │ │ ├── health_check.proto │ │ │ │ ├── http_uri.proto │ │ │ │ ├── protocol.proto │ │ │ │ ├── proxy_protocol.proto │ │ │ │ ├── socket_option.proto │ │ │ │ └── substitution_format_string.proto │ │ │ ├── endpoint/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── endpoint.proto │ │ │ │ ├── endpoint_components.proto │ │ │ │ └── load_report.proto │ │ │ ├── filter/ │ │ │ │ ├── README.md │ │ │ │ ├── accesslog/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── accesslog.proto │ │ │ │ ├── dubbo/ │ │ │ │ │ └── router/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── router.proto │ │ │ │ ├── fault/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fault.proto │ │ │ │ ├── http/ │ │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── adaptive_concurrency.proto │ │ │ │ │ ├── aws_lambda/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── aws_lambda.proto │ │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── aws_request_signing.proto │ │ │ │ │ ├── buffer/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── buffer.proto │ │ │ │ │ ├── cache/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cache.proto │ │ │ │ │ ├── compressor/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── compressor.proto │ │ │ │ │ ├── cors/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cors.proto │ │ │ │ │ ├── csrf/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── csrf.proto │ │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── dynamic_forward_proxy.proto │ │ │ │ │ ├── dynamo/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── dynamo.proto │ │ │ │ │ ├── ext_authz/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ ├── fault/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── fault.proto │ │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_stats/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_web/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── grpc_web.proto │ │ │ │ │ ├── gzip/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── gzip.proto │ │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ │ ├── health_check/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── health_check.proto │ │ │ │ │ ├── ip_tagging/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ip_tagging.proto │ │ │ │ │ ├── jwt_authn/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── lua/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── lua.proto │ │ │ │ │ ├── on_demand/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── on_demand.proto │ │ │ │ │ ├── original_src/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_src.proto │ │ │ │ │ ├── rate_limit/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ ├── rbac/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ ├── router/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── router.proto │ │ │ │ │ ├── squash/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── squash.proto │ │ │ │ │ ├── tap/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tap.proto │ │ │ │ │ └── transcoder/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── transcoder.proto │ │ │ │ ├── listener/ │ │ │ │ │ ├── http_inspector/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── http_inspector.proto │ │ │ │ │ ├── original_dst/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_dst.proto │ │ │ │ │ ├── original_src/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_src.proto │ │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── proxy_protocol.proto │ │ │ │ │ └── tls_inspector/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tls_inspector.proto │ │ │ │ ├── network/ │ │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── client_ssl_auth.proto │ │ │ │ │ ├── direct_response/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ │ └── route.proto │ │ │ │ │ ├── echo/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── echo.proto │ │ │ │ │ ├── ext_authz/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ │ ├── kafka_broker/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── kafka_broker.proto │ │ │ │ │ ├── local_rate_limit/ │ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── mongo_proxy.proto │ │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ │ └── v1alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── mysql_proxy.proto │ │ │ │ │ ├── rate_limit/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ ├── rbac/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ ├── redis_proxy/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── redis_proxy.proto │ │ │ │ │ ├── sni_cluster/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── sni_cluster.proto │ │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ │ └── v2/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ ├── route.proto │ │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ │ └── zookeeper_proxy/ │ │ │ │ │ └── v1alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── zookeeper_proxy.proto │ │ │ │ ├── thrift/ │ │ │ │ │ ├── rate_limit/ │ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ └── router/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── router.proto │ │ │ │ └── udp/ │ │ │ │ └── udp_proxy/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── udp_proxy.proto │ │ │ ├── grpc_credential/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── aws_iam.proto │ │ │ │ │ └── file_based_metadata.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── aws_iam.proto │ │ │ │ └── file_based_metadata.proto │ │ │ ├── health_checker/ │ │ │ │ └── redis/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── redis.proto │ │ │ ├── listener/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── api_listener.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── api_listener.proto │ │ │ │ │ ├── listener.proto │ │ │ │ │ ├── listener_components.proto │ │ │ │ │ ├── quic_config.proto │ │ │ │ │ ├── udp_default_writer_config.proto │ │ │ │ │ ├── udp_gso_batch_writer_config.proto │ │ │ │ │ └── udp_listener_config.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── api_listener.proto │ │ │ │ ├── listener.proto │ │ │ │ ├── listener_components.proto │ │ │ │ ├── quic_config.proto │ │ │ │ ├── udp_default_writer_config.proto │ │ │ │ ├── udp_gso_batch_writer_config.proto │ │ │ │ └── udp_listener_config.proto │ │ │ ├── metrics/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── metrics_service.proto │ │ │ │ │ └── stats.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── metrics_service.proto │ │ │ │ │ └── stats.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── metrics_service.proto │ │ │ │ └── stats.proto │ │ │ ├── overload/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── overload.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── overload.proto │ │ │ ├── ratelimit/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rls.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── rls.proto │ │ │ ├── rbac/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── rbac.proto │ │ │ ├── resource_monitor/ │ │ │ │ ├── fixed_heap/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fixed_heap.proto │ │ │ │ └── injected_resource/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── injected_resource.proto │ │ │ ├── retry/ │ │ │ │ ├── omit_canary_hosts/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── omit_canary_hosts.proto │ │ │ │ ├── omit_host_metadata/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── omit_host_metadata_config.proto │ │ │ │ ├── previous_hosts/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── previous_hosts.proto │ │ │ │ └── previous_priorities/ │ │ │ │ ├── BUILD │ │ │ │ └── previous_priorities_config.proto │ │ │ ├── route/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── route.proto │ │ │ │ │ ├── route_components.proto │ │ │ │ │ └── scoped_route.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── route.proto │ │ │ │ ├── route_components.proto │ │ │ │ └── scoped_route.proto │ │ │ ├── tap/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── common.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── common.proto │ │ │ ├── trace/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── datadog.proto │ │ │ │ │ ├── dynamic_ot.proto │ │ │ │ │ ├── http_tracer.proto │ │ │ │ │ ├── lightstep.proto │ │ │ │ │ ├── opencensus.proto │ │ │ │ │ ├── service.proto │ │ │ │ │ ├── trace.proto │ │ │ │ │ └── zipkin.proto │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── xray.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── datadog.proto │ │ │ │ │ ├── dynamic_ot.proto │ │ │ │ │ ├── http_tracer.proto │ │ │ │ │ ├── lightstep.proto │ │ │ │ │ ├── opencensus.proto │ │ │ │ │ ├── service.proto │ │ │ │ │ ├── trace.proto │ │ │ │ │ ├── xray.proto │ │ │ │ │ └── zipkin.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── http_tracer.proto │ │ │ │ └── service.proto │ │ │ └── transport_socket/ │ │ │ ├── alts/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── alts.proto │ │ │ ├── raw_buffer/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── raw_buffer.proto │ │ │ └── tap/ │ │ │ └── v2alpha/ │ │ │ ├── BUILD │ │ │ └── tap.proto │ │ ├── data/ │ │ │ ├── accesslog/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── accesslog.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── accesslog.proto │ │ │ ├── cluster/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── outlier_detection_event.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── outlier_detection_event.proto │ │ │ ├── core/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── health_check_event.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── health_check_event.proto │ │ │ ├── dns/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_table.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_table.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_table.proto │ │ │ └── tap/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── common.proto │ │ │ │ ├── http.proto │ │ │ │ ├── transport.proto │ │ │ │ └── wrapper.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ ├── common.proto │ │ │ ├── http.proto │ │ │ ├── transport.proto │ │ │ └── wrapper.proto │ │ ├── extensions/ │ │ │ ├── access_loggers/ │ │ │ │ ├── file/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── file.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── file.proto │ │ │ │ ├── grpc/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── als.proto │ │ │ │ └── wasm/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── wasm.proto │ │ │ ├── clusters/ │ │ │ │ ├── aggregate/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cluster.proto │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cluster.proto │ │ │ │ └── redis/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── redis_cluster.proto │ │ │ ├── common/ │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_cache.proto │ │ │ │ ├── ratelimit/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ratelimit.proto │ │ │ │ └── tap/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── common.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── common.proto │ │ │ ├── compression/ │ │ │ │ └── gzip/ │ │ │ │ ├── compressor/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── gzip.proto │ │ │ │ └── decompressor/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── gzip.proto │ │ │ ├── filters/ │ │ │ │ ├── common/ │ │ │ │ │ └── fault/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fault.proto │ │ │ │ ├── http/ │ │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── adaptive_concurrency.proto │ │ │ │ │ ├── admission_control/ │ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── admission_control.proto │ │ │ │ │ ├── aws_lambda/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── aws_lambda.proto │ │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── aws_request_signing.proto │ │ │ │ │ ├── buffer/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── buffer.proto │ │ │ │ │ ├── cache/ │ │ │ │ │ │ ├── v3alpha/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── cache.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cache.proto │ │ │ │ │ ├── cdn_loop/ │ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cdn_loop.proto │ │ │ │ │ ├── compressor/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── compressor.proto │ │ │ │ │ ├── cors/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cors.proto │ │ │ │ │ ├── csrf/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── csrf.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── csrf.proto │ │ │ │ │ ├── decompressor/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── decompressor.proto │ │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── dynamic_forward_proxy.proto │ │ │ │ │ ├── dynamo/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── dynamo.proto │ │ │ │ │ ├── ext_authz/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ ├── fault/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── fault.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── fault.proto │ │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_json_transcoder/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── transcoder.proto │ │ │ │ │ ├── grpc_stats/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── grpc_web/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── grpc_web.proto │ │ │ │ │ ├── gzip/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── gzip.proto │ │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ │ ├── health_check/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── health_check.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── health_check.proto │ │ │ │ │ ├── ip_tagging/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ip_tagging.proto │ │ │ │ │ ├── jwt_authn/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ │ └── config.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ │ ├── lua/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── lua.proto │ │ │ │ │ ├── oauth2/ │ │ │ │ │ │ ├── v3alpha/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── oauth.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── oauth.proto │ │ │ │ │ ├── on_demand/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── on_demand.proto │ │ │ │ │ ├── original_src/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_src.proto │ │ │ │ │ ├── ratelimit/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ ├── rbac/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ ├── router/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── router.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── router.proto │ │ │ │ │ ├── squash/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── squash.proto │ │ │ │ │ ├── tap/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── tap.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tap.proto │ │ │ │ │ └── wasm/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── wasm.proto │ │ │ │ ├── listener/ │ │ │ │ │ ├── http_inspector/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── http_inspector.proto │ │ │ │ │ ├── original_dst/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_dst.proto │ │ │ │ │ ├── original_src/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── original_src.proto │ │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── proxy_protocol.proto │ │ │ │ │ └── tls_inspector/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tls_inspector.proto │ │ │ │ ├── network/ │ │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── client_ssl_auth.proto │ │ │ │ │ ├── direct_response/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ │ ├── router/ │ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── router.proto │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ │ │ └── route.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ │ └── route.proto │ │ │ │ │ ├── echo/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── echo.proto │ │ │ │ │ ├── ext_authz/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ │ ├── kafka_broker/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── kafka_broker.proto │ │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── mongo_proxy.proto │ │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── mysql_proxy.proto │ │ │ │ │ ├── postgres_proxy/ │ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── postgres_proxy.proto │ │ │ │ │ ├── ratelimit/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ ├── rbac/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ ├── redis_proxy/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── redis_proxy.proto │ │ │ │ │ ├── rocketmq_proxy/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ │ ├── rocketmq_proxy.proto │ │ │ │ │ │ │ └── route.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── rocketmq_proxy.proto │ │ │ │ │ │ └── route.proto │ │ │ │ │ ├── sni_cluster/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── sni_cluster.proto │ │ │ │ │ ├── sni_dynamic_forward_proxy/ │ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── sni_dynamic_forward_proxy.proto │ │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ │ ├── filters/ │ │ │ │ │ │ │ └── ratelimit/ │ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ │ ├── route.proto │ │ │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── route.proto │ │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ │ ├── wasm/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── wasm.proto │ │ │ │ │ └── zookeeper_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── zookeeper_proxy.proto │ │ │ │ └── udp/ │ │ │ │ ├── dns_filter/ │ │ │ │ │ ├── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── dns_filter.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_filter.proto │ │ │ │ └── udp_proxy/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── udp_proxy.proto │ │ │ ├── internal_redirect/ │ │ │ │ ├── allow_listed_routes/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── allow_listed_routes_config.proto │ │ │ │ ├── previous_routes/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── previous_routes_config.proto │ │ │ │ └── safe_cross_scheme/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── safe_cross_scheme_config.proto │ │ │ ├── network/ │ │ │ │ └── socket_interface/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── default_socket_interface.proto │ │ │ ├── retry/ │ │ │ │ ├── host/ │ │ │ │ │ └── omit_host_metadata/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── omit_host_metadata_config.proto │ │ │ │ └── priority/ │ │ │ │ └── previous_priorities/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── previous_priorities_config.proto │ │ │ ├── stat_sinks/ │ │ │ │ └── wasm/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── wasm.proto │ │ │ ├── tracers/ │ │ │ │ ├── datadog/ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── datadog.proto │ │ │ │ ├── dynamic_ot/ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dynamic_ot.proto │ │ │ │ ├── lightstep/ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── lightstep.proto │ │ │ │ ├── opencensus/ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── opencensus.proto │ │ │ │ ├── xray/ │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── xray.proto │ │ │ │ └── zipkin/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── zipkin.proto │ │ │ ├── transport_sockets/ │ │ │ │ ├── alts/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── alts.proto │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── upstream_proxy_protocol.proto │ │ │ │ ├── quic/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── quic_transport.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── quic_transport.proto │ │ │ │ ├── raw_buffer/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── raw_buffer.proto │ │ │ │ ├── tap/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tap.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tap.proto │ │ │ │ └── tls/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── cert.proto │ │ │ │ │ ├── common.proto │ │ │ │ │ ├── secret.proto │ │ │ │ │ └── tls.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── common.proto │ │ │ │ ├── secret.proto │ │ │ │ └── tls.proto │ │ │ ├── upstreams/ │ │ │ │ └── http/ │ │ │ │ ├── generic/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── generic_connection_pool.proto │ │ │ │ ├── http/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── http_connection_pool.proto │ │ │ │ └── tcp/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── tcp_connection_pool.proto │ │ │ ├── wasm/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── wasm.proto │ │ │ └── watchdog/ │ │ │ ├── abort_action/ │ │ │ │ └── v3alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── abort_action.proto │ │ │ └── profile_action/ │ │ │ └── v3alpha/ │ │ │ ├── BUILD │ │ │ └── profile_action.proto │ │ ├── service/ │ │ │ ├── README.md │ │ │ ├── accesslog/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── als.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── als.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── als.proto │ │ │ ├── auth/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── attribute_context.proto │ │ │ │ │ └── external_auth.proto │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── external_auth.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── attribute_context.proto │ │ │ │ │ └── external_auth.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── attribute_context.proto │ │ │ │ └── external_auth.proto │ │ │ ├── cluster/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── cds.proto │ │ │ ├── discovery/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── ads.proto │ │ │ │ │ ├── hds.proto │ │ │ │ │ ├── rtds.proto │ │ │ │ │ └── sds.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── ads.proto │ │ │ │ │ └── discovery.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── ads.proto │ │ │ │ └── discovery.proto │ │ │ ├── endpoint/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── eds.proto │ │ │ ├── event_reporting/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── event_reporting_service.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── event_reporting_service.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── event_reporting_service.proto │ │ │ ├── extension/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── config_discovery.proto │ │ │ ├── health/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── hds.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── hds.proto │ │ │ ├── listener/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── lds.proto │ │ │ ├── load_stats/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── lrs.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── lrs.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── lrs.proto │ │ │ ├── metrics/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── metrics_service.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── metrics_service.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── metrics_service.proto │ │ │ ├── ratelimit/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rls.proto │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── rls.proto │ │ │ ├── route/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── rds.proto │ │ │ │ └── srds.proto │ │ │ ├── runtime/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── rtds.proto │ │ │ ├── secret/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── sds.proto │ │ │ ├── status/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── csds.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── csds.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── csds.proto │ │ │ ├── tap/ │ │ │ │ ├── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── common.proto │ │ │ │ │ └── tap.proto │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tap.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── tap.proto │ │ │ └── trace/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── trace_service.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── trace_service.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── trace_service.proto │ │ └── type/ │ │ ├── BUILD │ │ ├── hash_policy.proto │ │ ├── http.proto │ │ ├── http_status.proto │ │ ├── matcher/ │ │ │ ├── BUILD │ │ │ ├── metadata.proto │ │ │ ├── node.proto │ │ │ ├── number.proto │ │ │ ├── path.proto │ │ │ ├── regex.proto │ │ │ ├── string.proto │ │ │ ├── struct.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── metadata.proto │ │ │ │ ├── node.proto │ │ │ │ ├── number.proto │ │ │ │ ├── path.proto │ │ │ │ ├── regex.proto │ │ │ │ ├── string.proto │ │ │ │ ├── struct.proto │ │ │ │ └── value.proto │ │ │ ├── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── metadata.proto │ │ │ │ ├── node.proto │ │ │ │ ├── number.proto │ │ │ │ ├── path.proto │ │ │ │ ├── regex.proto │ │ │ │ ├── string.proto │ │ │ │ ├── struct.proto │ │ │ │ └── value.proto │ │ │ └── value.proto │ │ ├── metadata/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── metadata.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── metadata.proto │ │ ├── percent.proto │ │ ├── range.proto │ │ ├── semantic_version.proto │ │ ├── token_bucket.proto │ │ ├── tracing/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── custom_tag.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── custom_tag.proto │ │ └── v3/ │ │ ├── BUILD │ │ ├── hash_policy.proto │ │ ├── http.proto │ │ ├── http_status.proto │ │ ├── percent.proto │ │ ├── range.proto │ │ ├── ratelimit_unit.proto │ │ ├── semantic_version.proto │ │ └── token_bucket.proto │ ├── examples/ │ │ └── service_envoy/ │ │ ├── BUILD │ │ ├── http_connection_manager.pb │ │ └── listeners.pb │ ├── test/ │ │ ├── build/ │ │ │ ├── BUILD │ │ │ ├── build_test.cc │ │ │ └── go_build_test.go │ │ └── validate/ │ │ ├── BUILD │ │ └── pgv_test.cc │ ├── tools/ │ │ ├── BUILD │ │ ├── data/ │ │ │ ├── tap2pcap_h2_ipv4.pb_text │ │ │ └── tap2pcap_h2_ipv4.txt │ │ ├── generate_listeners.py │ │ ├── generate_listeners_test.py │ │ ├── tap2pcap.py │ │ └── tap2pcap_test.py │ ├── versioning/ │ │ └── BUILD │ └── xds_protocol.rst ├── bazel/ │ ├── BUILD │ ├── DEVELOPER.md │ ├── EXTERNAL_DEPS.md │ ├── PPROF.md │ ├── README.md │ ├── antlr.patch │ ├── api_binding.bzl │ ├── api_repositories.bzl │ ├── boringssl_static.patch │ ├── coverage/ │ │ ├── BUILD │ │ ├── collect_cc_coverage.sh │ │ └── fuzz_coverage_wrapper.sh │ ├── crates.bzl │ ├── dependency_imports.bzl │ ├── dev_binding.bzl │ ├── envoy_binary.bzl │ ├── envoy_build_system.bzl │ ├── envoy_internal.bzl │ ├── envoy_library.bzl │ ├── envoy_select.bzl │ ├── envoy_test.bzl │ ├── external/ │ │ ├── BUILD │ │ ├── boringssl_fips.BUILD │ │ ├── boringssl_fips.genrule_cmd │ │ ├── boringssl_fips.patch │ │ ├── cargo/ │ │ │ ├── BUILD │ │ │ └── remote/ │ │ │ ├── BUILD │ │ │ ├── ahash-0.3.8.BUILD │ │ │ ├── autocfg-1.0.0.BUILD │ │ │ ├── cfg-if-0.1.10.BUILD │ │ │ ├── hashbrown-0.7.2.BUILD │ │ │ ├── libc-0.2.74.BUILD │ │ │ ├── log-0.4.11.BUILD │ │ │ ├── memory_units-0.4.0.BUILD │ │ │ ├── proxy-wasm-0.1.2.BUILD │ │ │ ├── wee_alloc-0.4.5.BUILD │ │ │ ├── winapi-0.3.9.BUILD │ │ │ ├── winapi-i686-pc-windows-gnu-0.4.0.BUILD │ │ │ └── winapi-x86_64-pc-windows-gnu-0.4.0.BUILD │ │ ├── compiler_rt.BUILD │ │ ├── fmtlib.BUILD │ │ ├── http-parser.BUILD │ │ ├── kafka_int32.patch │ │ ├── libcircllhist.BUILD │ │ ├── libprotobuf_mutator.BUILD │ │ ├── proxy_wasm_cpp_host.BUILD │ │ ├── quiche.BUILD │ │ ├── quiche.genrule_cmd │ │ ├── rapidjson.BUILD │ │ ├── spdlog.BUILD │ │ ├── sqlparser.BUILD │ │ ├── tclap.BUILD │ │ ├── twitter_common_finagle_thrift.BUILD │ │ ├── twitter_common_lang.BUILD │ │ ├── twitter_common_rpc.BUILD │ │ ├── wee8.BUILD │ │ ├── wee8.genrule_cmd │ │ ├── wee8.patch │ │ └── xxhash.BUILD │ ├── foreign_cc/ │ │ ├── BUILD │ │ ├── llvm.patch │ │ ├── luajit.patch │ │ ├── moonjit.patch │ │ ├── nghttp2.patch │ │ └── zlib.patch │ ├── gen_sh_test_runner.sh │ ├── genrule_repository.bzl │ ├── get_workspace_status │ ├── io_opentracing_cpp.patch │ ├── protobuf.patch │ ├── repositories.bzl │ ├── repositories_extra.bzl │ ├── repository_locations.bzl │ ├── rules_go.patch │ ├── setup_clang.sh │ ├── setup_local_tsan.sh │ ├── sh_test_wrapper.sh │ ├── tclap-win64-ull-sizet.patch │ ├── test/ │ │ ├── BUILD │ │ └── verify_tap_test.sh │ ├── test_for_benchmark_wrapper.sh │ ├── toolchains/ │ │ └── BUILD │ ├── upb.patch │ └── wasm/ │ ├── BUILD │ └── wasm.bzl ├── ci/ │ ├── Dockerfile-envoy │ ├── Dockerfile-envoy-alpine │ ├── Dockerfile-envoy-google-vrp │ ├── README.md │ ├── WORKSPACE.filter.example │ ├── api_mirror.sh │ ├── build_setup.sh │ ├── check_and_fix_format.sh │ ├── do_ci.sh │ ├── do_circle_ci.sh │ ├── do_coverity_local.sh │ ├── docker-entrypoint.sh │ ├── docker_ci.sh │ ├── docker_rebuild_google-vrp.sh │ ├── envoy_build_sha.sh │ ├── filter_example_mirror.sh │ ├── filter_example_setup.sh │ ├── flaky_test/ │ │ ├── process_xml.py │ │ ├── requirements.txt │ │ ├── run_process_xml.sh │ │ └── run_process_xml_mac.sh │ ├── go_mirror.sh │ ├── mac_ci_setup.sh │ ├── mac_ci_steps.sh │ ├── repokitteh/ │ │ └── modules/ │ │ ├── azure_pipelines.star │ │ └── ownerscheck.star │ ├── run_clang_tidy.sh │ ├── run_envoy_docker.sh │ ├── setup_cache.sh │ ├── upload_gcs_artifact.sh │ ├── verify_examples.sh │ └── windows_ci_steps.sh ├── configs/ │ ├── BUILD │ ├── Dockerfile │ ├── access_log_format_helper_v2.template.yaml │ ├── configgen.py │ ├── configgen.sh │ ├── encapsulate_in_connect.v3.yaml │ ├── envoy_double_proxy_v2.template.yaml │ ├── envoy_front_proxy_v2.template.yaml │ ├── envoy_router_v2.template.yaml │ ├── envoy_service_to_service_v2.template.yaml │ ├── freebind/ │ │ ├── README.md │ │ └── freebind.yaml │ ├── google-vrp/ │ │ ├── envoy-edge.yaml │ │ ├── envoy-origin.yaml │ │ ├── launch_envoy.sh │ │ └── supervisor.conf │ ├── google_com_proxy.v2.yaml │ ├── original-dst-cluster/ │ │ ├── README.md │ │ ├── netns_cleanup.sh │ │ ├── netns_setup.sh │ │ └── proxy_config.yaml │ ├── requirements.txt │ ├── routing_helper_v2.template.yaml │ ├── terminate_connect.v3.yaml │ └── using_deprecated_config.v2.yaml ├── docs/ │ ├── BUILD │ ├── README.md │ ├── _ext/ │ │ └── validating_code_block.py │ ├── build.sh │ ├── conf.py │ ├── empty_extensions.json │ ├── generate_extension_db.py │ ├── generate_extension_rst.py │ ├── generate_external_dep_rst.py │ ├── protodoc_manifest.yaml │ ├── publish.sh │ ├── requirements.txt │ └── root/ │ ├── _static/ │ │ ├── css/ │ │ │ └── envoy.css │ │ ├── placeholder │ │ └── searchtools.js │ ├── about_docs.rst │ ├── api/ │ │ ├── api.rst │ │ ├── api_supported_versions.rst │ │ └── client_features.rst │ ├── api-v2/ │ │ ├── admin/ │ │ │ └── admin.rst │ │ ├── api.rst │ │ ├── bootstrap/ │ │ │ └── bootstrap.rst │ │ ├── clusters/ │ │ │ └── clusters.rst │ │ ├── common_messages/ │ │ │ └── common_messages.rst │ │ ├── config/ │ │ │ ├── accesslog/ │ │ │ │ └── accesslog.rst │ │ │ ├── cluster/ │ │ │ │ └── cluster.rst │ │ │ ├── common/ │ │ │ │ └── common.rst │ │ │ ├── config.rst │ │ │ ├── filter/ │ │ │ │ ├── dubbo/ │ │ │ │ │ └── dubbo.rst │ │ │ │ ├── filter.rst │ │ │ │ ├── http/ │ │ │ │ │ └── http.rst │ │ │ │ ├── listener/ │ │ │ │ │ └── listener.rst │ │ │ │ ├── network/ │ │ │ │ │ └── network.rst │ │ │ │ ├── thrift/ │ │ │ │ │ └── thrift.rst │ │ │ │ └── udp/ │ │ │ │ └── udp.rst │ │ │ ├── grpc_credential/ │ │ │ │ └── grpc_credential.rst │ │ │ ├── health_checker/ │ │ │ │ └── health_checker.rst │ │ │ ├── listener/ │ │ │ │ └── listener.rst │ │ │ ├── rbac/ │ │ │ │ └── rbac.rst │ │ │ ├── resource_monitor/ │ │ │ │ └── resource_monitor.rst │ │ │ ├── retry/ │ │ │ │ └── retry.rst │ │ │ ├── trace/ │ │ │ │ └── trace.rst │ │ │ └── transport_socket/ │ │ │ └── transport_socket.rst │ │ ├── data/ │ │ │ ├── accesslog/ │ │ │ │ └── accesslog.rst │ │ │ ├── cluster/ │ │ │ │ └── cluster.rst │ │ │ ├── core/ │ │ │ │ └── core.rst │ │ │ ├── data.rst │ │ │ ├── dns/ │ │ │ │ └── dns.rst │ │ │ └── tap/ │ │ │ └── tap.rst │ │ ├── http_routes/ │ │ │ └── http_routes.rst │ │ ├── listeners/ │ │ │ └── listeners.rst │ │ ├── service/ │ │ │ └── service.rst │ │ └── types/ │ │ └── types.rst │ ├── api-v3/ │ │ ├── admin/ │ │ │ └── admin.rst │ │ ├── api.rst │ │ ├── bootstrap/ │ │ │ └── bootstrap.rst │ │ ├── clusters/ │ │ │ └── clusters.rst │ │ ├── common_messages/ │ │ │ └── common_messages.rst │ │ ├── config/ │ │ │ ├── accesslog/ │ │ │ │ └── accesslog.rst │ │ │ ├── cluster/ │ │ │ │ └── cluster.rst │ │ │ ├── common/ │ │ │ │ └── common.rst │ │ │ ├── compression/ │ │ │ │ └── compression.rst │ │ │ ├── config.rst │ │ │ ├── endpoint/ │ │ │ │ └── endpoint.rst │ │ │ ├── filter/ │ │ │ │ ├── dubbo/ │ │ │ │ │ └── dubbo.rst │ │ │ │ ├── filter.rst │ │ │ │ ├── http/ │ │ │ │ │ └── http.rst │ │ │ │ ├── listener/ │ │ │ │ │ └── listener.rst │ │ │ │ ├── network/ │ │ │ │ │ └── network.rst │ │ │ │ ├── thrift/ │ │ │ │ │ └── thrift.rst │ │ │ │ └── udp/ │ │ │ │ └── udp.rst │ │ │ ├── grpc_credential/ │ │ │ │ └── grpc_credential.rst │ │ │ ├── health_checker/ │ │ │ │ └── health_checker.rst │ │ │ ├── internal_redirect/ │ │ │ │ └── internal_redirect.rst │ │ │ ├── rbac/ │ │ │ │ └── rbac.rst │ │ │ ├── resource_monitor/ │ │ │ │ └── resource_monitor.rst │ │ │ ├── retry/ │ │ │ │ └── retry.rst │ │ │ ├── trace/ │ │ │ │ └── trace.rst │ │ │ ├── transport_socket/ │ │ │ │ └── transport_socket.rst │ │ │ ├── upstream/ │ │ │ │ └── upstream.rst │ │ │ ├── wasm/ │ │ │ │ └── wasm.rst │ │ │ └── watchdog/ │ │ │ └── watchdog.rst │ │ ├── data/ │ │ │ ├── accesslog/ │ │ │ │ └── accesslog.rst │ │ │ ├── cluster/ │ │ │ │ └── cluster.rst │ │ │ ├── core/ │ │ │ │ └── core.rst │ │ │ ├── data.rst │ │ │ ├── dns/ │ │ │ │ └── dns.rst │ │ │ └── tap/ │ │ │ └── tap.rst │ │ ├── http_routes/ │ │ │ └── http_routes.rst │ │ ├── listeners/ │ │ │ └── listeners.rst │ │ ├── service/ │ │ │ └── service.rst │ │ └── types/ │ │ └── types.rst │ ├── configuration/ │ │ ├── advanced/ │ │ │ ├── advanced.rst │ │ │ └── well_known_dynamic_metadata.rst │ │ ├── best_practices/ │ │ │ ├── _include/ │ │ │ │ └── edge.yaml │ │ │ ├── best_practices.rst │ │ │ ├── edge.rst │ │ │ └── level_two.rst │ │ ├── configuration.rst │ │ ├── http/ │ │ │ ├── http.rst │ │ │ ├── http_conn_man/ │ │ │ │ ├── header_casing.rst │ │ │ │ ├── header_sanitizing.rst │ │ │ │ ├── headers.rst │ │ │ │ ├── http_conn_man.rst │ │ │ │ ├── local_reply.rst │ │ │ │ ├── overview.rst │ │ │ │ ├── rds.rst │ │ │ │ ├── response_code_details.rst │ │ │ │ ├── route_matching.rst │ │ │ │ ├── runtime.rst │ │ │ │ ├── stats.rst │ │ │ │ ├── traffic_splitting.rst │ │ │ │ └── vhds.rst │ │ │ └── http_filters/ │ │ │ ├── _include/ │ │ │ │ ├── dns-cache-circuit-breaker.yaml │ │ │ │ ├── grpc-reverse-bridge-filter.yaml │ │ │ │ └── grpc-transcoder-filter.yaml │ │ │ ├── adaptive_concurrency_filter.rst │ │ │ ├── admission_control_filter.rst │ │ │ ├── aws_lambda_filter.rst │ │ │ ├── aws_request_signing_filter.rst │ │ │ ├── buffer_filter.rst │ │ │ ├── cdn_loop_filter.rst │ │ │ ├── compressor_filter.rst │ │ │ ├── cors_filter.rst │ │ │ ├── csrf_filter.rst │ │ │ ├── decompressor_filter.rst │ │ │ ├── dynamic_forward_proxy_filter.rst │ │ │ ├── dynamodb_filter.rst │ │ │ ├── ext_authz_filter.rst │ │ │ ├── fault_filter.rst │ │ │ ├── grpc_http1_bridge_filter.rst │ │ │ ├── grpc_http1_reverse_bridge_filter.rst │ │ │ ├── grpc_json_transcoder_filter.rst │ │ │ ├── grpc_stats_filter.rst │ │ │ ├── grpc_web_filter.rst │ │ │ ├── gzip_filter.rst │ │ │ ├── header_to_metadata_filter.rst │ │ │ ├── health_check_filter.rst │ │ │ ├── http_filters.rst │ │ │ ├── ip_tagging_filter.rst │ │ │ ├── jwt_authn_filter.rst │ │ │ ├── local_rate_limit_filter.rst │ │ │ ├── lua_filter.rst │ │ │ ├── oauth2_filter.rst │ │ │ ├── on_demand_updates_filter.rst │ │ │ ├── original_src_filter.rst │ │ │ ├── rate_limit_filter.rst │ │ │ ├── rbac_filter.rst │ │ │ ├── router_filter.rst │ │ │ ├── squash_filter.rst │ │ │ ├── tap_filter.rst │ │ │ └── wasm_filter.rst │ │ ├── listeners/ │ │ │ ├── lds.rst │ │ │ ├── listener_filters/ │ │ │ │ ├── http_inspector.rst │ │ │ │ ├── listener_filters.rst │ │ │ │ ├── original_dst_filter.rst │ │ │ │ ├── original_src_filter.rst │ │ │ │ ├── proxy_protocol.rst │ │ │ │ └── tls_inspector.rst │ │ │ ├── listeners.rst │ │ │ ├── network_filters/ │ │ │ │ ├── _include/ │ │ │ │ │ └── sni-dynamic-forward-proxy-filter.yaml │ │ │ │ ├── client_ssl_auth_filter.rst │ │ │ │ ├── direct_response_filter.rst │ │ │ │ ├── dubbo_proxy_filter.rst │ │ │ │ ├── echo_filter.rst │ │ │ │ ├── ext_authz_filter.rst │ │ │ │ ├── kafka_broker_filter.rst │ │ │ │ ├── local_rate_limit_filter.rst │ │ │ │ ├── mongo_proxy_filter.rst │ │ │ │ ├── mysql_proxy_filter.rst │ │ │ │ ├── network_filters.rst │ │ │ │ ├── postgres_proxy_filter.rst │ │ │ │ ├── rate_limit_filter.rst │ │ │ │ ├── rbac_filter.rst │ │ │ │ ├── redis_proxy_filter.rst │ │ │ │ ├── rocketmq_proxy_filter.rst │ │ │ │ ├── sni_cluster_filter.rst │ │ │ │ ├── sni_dynamic_forward_proxy_filter.rst │ │ │ │ ├── tcp_proxy_filter.rst │ │ │ │ ├── thrift_proxy_filter.rst │ │ │ │ ├── wasm_filter.rst │ │ │ │ └── zookeeper_proxy_filter.rst │ │ │ ├── overview.rst │ │ │ ├── runtime.rst │ │ │ ├── stats.rst │ │ │ └── udp_filters/ │ │ │ ├── _include/ │ │ │ │ └── udp-proxy.yaml │ │ │ ├── dns_filter.rst │ │ │ ├── udp_filters.rst │ │ │ └── udp_proxy.rst │ │ ├── observability/ │ │ │ ├── access_log/ │ │ │ │ ├── access_log.rst │ │ │ │ ├── overview.rst │ │ │ │ ├── stats.rst │ │ │ │ └── usage.rst │ │ │ ├── application_logging.rst │ │ │ ├── observability.rst │ │ │ └── statistics.rst │ │ ├── operations/ │ │ │ ├── operations.rst │ │ │ ├── overload_manager/ │ │ │ │ └── overload_manager.rst │ │ │ ├── runtime.rst │ │ │ └── tools/ │ │ │ └── router_check.rst │ │ ├── other_features/ │ │ │ ├── other_features.rst │ │ │ ├── rate_limit.rst │ │ │ ├── wasm.rst │ │ │ └── wasm_stat_sink.rst │ │ ├── other_protocols/ │ │ │ ├── dubbo_filters/ │ │ │ │ ├── dubbo_filters.rst │ │ │ │ └── router_filter.rst │ │ │ ├── other_protocols.rst │ │ │ └── thrift_filters/ │ │ │ ├── rate_limit_filter.rst │ │ │ ├── router_filter.rst │ │ │ └── thrift_filters.rst │ │ ├── overview/ │ │ │ ├── bootstrap.rst │ │ │ ├── examples.rst │ │ │ ├── extension.rst │ │ │ ├── introduction.rst │ │ │ ├── mgmt_server.rst │ │ │ ├── overview.rst │ │ │ ├── versioning.rst │ │ │ └── xds_api.rst │ │ ├── security/ │ │ │ ├── secret.rst │ │ │ └── security.rst │ │ └── upstream/ │ │ ├── cluster_manager/ │ │ │ ├── cds.rst │ │ │ ├── cluster_circuit_breakers.rst │ │ │ ├── cluster_hc.rst │ │ │ ├── cluster_manager.rst │ │ │ ├── cluster_runtime.rst │ │ │ ├── cluster_stats.rst │ │ │ └── overview.rst │ │ ├── health_checkers/ │ │ │ ├── health_checkers.rst │ │ │ └── redis.rst │ │ └── upstream.rst │ ├── extending/ │ │ └── extending.rst │ ├── faq/ │ │ ├── api/ │ │ │ ├── control_plane.rst │ │ │ ├── control_plane_version_support.rst │ │ │ ├── envoy_upgrade_v3.rst │ │ │ ├── envoy_v2_support.rst │ │ │ ├── envoy_v3.rst │ │ │ ├── extensions.rst │ │ │ ├── incremental.rst │ │ │ ├── package_naming.rst │ │ │ └── why_versioning.rst │ │ ├── build/ │ │ │ ├── binaries.rst │ │ │ └── boringssl.rst │ │ ├── configuration/ │ │ │ ├── deprecation.rst │ │ │ ├── edge.rst │ │ │ ├── flow_control.rst │ │ │ ├── level_two.rst │ │ │ ├── resource_limits.rst │ │ │ ├── sni.rst │ │ │ ├── timeouts.rst │ │ │ ├── zipkin_tracing.rst │ │ │ └── zone_aware_routing.rst │ │ ├── debugging/ │ │ │ ├── why_is_envoy_404ing_connect_requests.rst │ │ │ ├── why_is_envoy_sending_413s.rst │ │ │ ├── why_is_envoy_sending_http2_resets.rst │ │ │ ├── why_is_envoy_sending_internal_responses.rst │ │ │ └── why_is_my_route_not_found.rst │ │ ├── extensions/ │ │ │ └── contract.rst │ │ ├── load_balancing/ │ │ │ ├── concurrency_lb.rst │ │ │ ├── disable_circuit_breaking.rst │ │ │ ├── lb_panic_threshold.rst │ │ │ ├── region_failover.rst │ │ │ └── transient_failures.rst │ │ ├── overview.rst │ │ └── performance/ │ │ ├── how_fast_is_envoy.rst │ │ └── how_to_benchmark_envoy.rst │ ├── index.rst │ ├── install/ │ │ ├── building.rst │ │ ├── install.rst │ │ ├── ref_configs.rst │ │ ├── sandboxes/ │ │ │ └── local_docker_build.rst │ │ └── tools/ │ │ ├── config_load_check_tool.rst │ │ ├── route_table_check_tool.rst │ │ ├── schema_validator_check_tool.rst │ │ └── tools.rst │ ├── intro/ │ │ ├── _include/ │ │ │ └── life-of-a-request.yaml │ │ ├── arch_overview/ │ │ │ ├── advanced/ │ │ │ │ ├── advanced.rst │ │ │ │ └── data_sharing_between_filters.rst │ │ │ ├── arch_overview.rst │ │ │ ├── http/ │ │ │ │ ├── http.rst │ │ │ │ ├── http_connection_management.rst │ │ │ │ ├── http_filters.rst │ │ │ │ ├── http_proxy.rst │ │ │ │ ├── http_routing.rst │ │ │ │ └── upgrades.rst │ │ │ ├── intro/ │ │ │ │ ├── intro.rst │ │ │ │ ├── terminology.rst │ │ │ │ └── threading_model.rst │ │ │ ├── listeners/ │ │ │ │ ├── dns_filter.rst │ │ │ │ ├── listener_filters.rst │ │ │ │ ├── listeners.rst │ │ │ │ ├── listeners_toc.rst │ │ │ │ ├── network_filters.rst │ │ │ │ ├── tcp_proxy.rst │ │ │ │ └── udp_proxy.rst │ │ │ ├── observability/ │ │ │ │ ├── access_logging.rst │ │ │ │ ├── observability.rst │ │ │ │ ├── statistics.rst │ │ │ │ └── tracing.rst │ │ │ ├── operations/ │ │ │ │ ├── draining.rst │ │ │ │ ├── dynamic_configuration.rst │ │ │ │ ├── hot_restart.rst │ │ │ │ ├── init.rst │ │ │ │ ├── operations.rst │ │ │ │ ├── overload_manager.rst │ │ │ │ └── runtime.rst │ │ │ ├── other_features/ │ │ │ │ ├── compression/ │ │ │ │ │ └── libraries.rst │ │ │ │ ├── global_rate_limiting.rst │ │ │ │ ├── ip_transparency.rst │ │ │ │ ├── local_rate_limiting.rst │ │ │ │ ├── other_features.rst │ │ │ │ └── scripting.rst │ │ │ ├── other_protocols/ │ │ │ │ ├── dynamo.rst │ │ │ │ ├── grpc.rst │ │ │ │ ├── mongo.rst │ │ │ │ ├── other_protocols.rst │ │ │ │ ├── postgres.rst │ │ │ │ └── redis.rst │ │ │ ├── security/ │ │ │ │ ├── _include/ │ │ │ │ │ └── ssl.yaml │ │ │ │ ├── ext_authz_filter.rst │ │ │ │ ├── external_deps.rst │ │ │ │ ├── google_vrp.rst │ │ │ │ ├── jwt_authn_filter.rst │ │ │ │ ├── rbac_filter.rst │ │ │ │ ├── security.rst │ │ │ │ ├── ssl.rst │ │ │ │ └── threat_model.rst │ │ │ └── upstream/ │ │ │ ├── aggregate_cluster.rst │ │ │ ├── circuit_breaking.rst │ │ │ ├── cluster_manager.rst │ │ │ ├── connection_pooling.rst │ │ │ ├── health_checking.rst │ │ │ ├── load_balancing/ │ │ │ │ ├── degraded.rst │ │ │ │ ├── load_balancers.rst │ │ │ │ ├── load_balancing.rst │ │ │ │ ├── locality_weight.rst │ │ │ │ ├── original_dst.rst │ │ │ │ ├── overprovisioning.rst │ │ │ │ ├── overview.rst │ │ │ │ ├── panic_threshold.rst │ │ │ │ ├── priority.rst │ │ │ │ ├── subsets.rst │ │ │ │ └── zone_aware.rst │ │ │ ├── load_reporting_service.rst │ │ │ ├── outlier.rst │ │ │ ├── service_discovery.rst │ │ │ ├── upstream.rst │ │ │ └── upstream_filters.rst │ │ ├── deployment_types/ │ │ │ ├── deployment_types.rst │ │ │ ├── double_proxy.rst │ │ │ ├── front_proxy.rst │ │ │ └── service_to_service.rst │ │ ├── deprecated.rst │ │ ├── getting_help.rst │ │ ├── intro.rst │ │ ├── life_of_a_request.rst │ │ ├── version_history.rst │ │ └── what_is_envoy.rst │ ├── operations/ │ │ ├── admin.rst │ │ ├── certificates.rst │ │ ├── cli.rst │ │ ├── fs_flags.rst │ │ ├── hot_restarter.rst │ │ ├── operations.rst │ │ ├── performance.rst │ │ ├── runtime.rst │ │ ├── stats_overview.rst │ │ └── traffic_tapping.rst │ ├── start/ │ │ ├── sandboxes/ │ │ │ ├── _include/ │ │ │ │ └── docker-env-setup.rst │ │ │ ├── cache.rst │ │ │ ├── cors.rst │ │ │ ├── csrf.rst │ │ │ ├── ext_authz.rst │ │ │ ├── fault_injection.rst │ │ │ ├── front_proxy.rst │ │ │ ├── grpc_bridge.rst │ │ │ ├── jaeger_native_tracing.rst │ │ │ ├── jaeger_tracing.rst │ │ │ ├── load_reporting_service.rst │ │ │ ├── lua.rst │ │ │ ├── mysql.rst │ │ │ ├── redis.rst │ │ │ └── zipkin_tracing.rst │ │ └── start.rst │ └── version_history/ │ ├── current.rst │ ├── v1.0.0.rst │ ├── v1.1.0.rst │ ├── v1.10.0.rst │ ├── v1.11.0.rst │ ├── v1.11.1.rst │ ├── v1.11.2.rst │ ├── v1.12.0.rst │ ├── v1.12.1.rst │ ├── v1.12.2.rst │ ├── v1.12.3.rst │ ├── v1.12.4.rst │ ├── v1.12.5.rst │ ├── v1.12.6.rst │ ├── v1.12.7.rst │ ├── v1.13.0.rst │ ├── v1.13.1.rst │ ├── v1.13.2.rst │ ├── v1.13.3.rst │ ├── v1.13.4.rst │ ├── v1.13.5.rst │ ├── v1.13.6.rst │ ├── v1.14.0.rst │ ├── v1.14.1.rst │ ├── v1.14.2.rst │ ├── v1.14.3.rst │ ├── v1.14.4.rst │ ├── v1.14.5.rst │ ├── v1.15.0.rst │ ├── v1.15.1.rst │ ├── v1.15.2.rst │ ├── v1.2.0.rst │ ├── v1.3.0.rst │ ├── v1.4.0.rst │ ├── v1.5.0.rst │ ├── v1.6.0.rst │ ├── v1.7.0.rst │ ├── v1.8.0.rst │ ├── v1.9.0.rst │ ├── v1.9.1.rst │ └── version_history.rst ├── examples/ │ ├── BUILD │ ├── DEVELOPER.md │ ├── cache/ │ │ ├── Dockerfile-frontenvoy │ │ ├── Dockerfile-service │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── front-envoy.yaml │ │ ├── responses.yaml │ │ ├── service-envoy.yaml │ │ ├── service.py │ │ ├── start_service.sh │ │ └── verify.sh │ ├── cors/ │ │ ├── README.md │ │ ├── backend/ │ │ │ ├── Dockerfile-frontenvoy │ │ │ ├── Dockerfile-service │ │ │ ├── docker-compose.yaml │ │ │ ├── front-envoy.yaml │ │ │ ├── service-envoy.yaml │ │ │ ├── service.py │ │ │ └── start_service.sh │ │ ├── frontend/ │ │ │ ├── Dockerfile-frontenvoy │ │ │ ├── Dockerfile-service │ │ │ ├── docker-compose.yaml │ │ │ ├── front-envoy.yaml │ │ │ ├── index.html │ │ │ ├── service-envoy.yaml │ │ │ ├── service.py │ │ │ └── start_service.sh │ │ └── verify.sh │ ├── csrf/ │ │ ├── README.md │ │ ├── crosssite/ │ │ │ ├── Dockerfile-frontenvoy │ │ │ ├── Dockerfile-service │ │ │ ├── docker-compose.yml │ │ │ ├── front-envoy.yaml │ │ │ └── service.py │ │ ├── index.html │ │ ├── samesite/ │ │ │ ├── Dockerfile-frontenvoy │ │ │ ├── Dockerfile-service │ │ │ ├── docker-compose.yml │ │ │ ├── front-envoy.yaml │ │ │ └── service.py │ │ ├── service-envoy.yaml │ │ ├── start_service.sh │ │ └── verify.sh │ ├── ext_authz/ │ │ ├── Dockerfile-frontenvoy │ │ ├── README.md │ │ ├── auth/ │ │ │ ├── grpc-service/ │ │ │ │ ├── Dockerfile │ │ │ │ ├── Makefile │ │ │ │ ├── go.mod │ │ │ │ ├── go.sum │ │ │ │ ├── main.go │ │ │ │ └── pkg/ │ │ │ │ └── auth/ │ │ │ │ ├── users.go │ │ │ │ ├── v2/ │ │ │ │ │ └── auth.go │ │ │ │ └── v3/ │ │ │ │ └── auth.go │ │ │ ├── http-service/ │ │ │ │ ├── Dockerfile │ │ │ │ └── server.js │ │ │ └── users.json │ │ ├── config/ │ │ │ ├── grpc-service/ │ │ │ │ ├── v2.yaml │ │ │ │ └── v3.yaml │ │ │ ├── http-service.yaml │ │ │ └── opa-service/ │ │ │ ├── policy.rego │ │ │ └── v2.yaml │ │ ├── docker-compose.yaml │ │ ├── run_envoy.sh │ │ ├── upstream/ │ │ │ └── service/ │ │ │ ├── Dockerfile │ │ │ └── server.py │ │ ├── users.json │ │ └── verify.sh │ ├── fault-injection/ │ │ ├── .gitignore │ │ ├── Dockerfile-envoy │ │ ├── README.md │ │ ├── disable_abort_fault_injection.sh │ │ ├── disable_delay_fault_injection.sh │ │ ├── docker-compose.yaml │ │ ├── enable_abort_fault_injection.sh │ │ ├── enable_delay_fault_injection.sh │ │ ├── envoy.yaml │ │ ├── send_request.sh │ │ └── verify.sh │ ├── front-proxy/ │ │ ├── Dockerfile-frontenvoy │ │ ├── Dockerfile-jaeger-service │ │ ├── Dockerfile-service │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── front-envoy.yaml │ │ ├── service-envoy.yaml │ │ ├── service.py │ │ ├── start_service.sh │ │ └── verify.sh │ ├── grpc-bridge/ │ │ ├── .gitignore │ │ ├── Dockerfile-client │ │ ├── Dockerfile-server │ │ ├── README.md │ │ ├── client/ │ │ │ ├── Dockerfile │ │ │ ├── client.py │ │ │ ├── envoy-proxy.yaml │ │ │ ├── kv/ │ │ │ │ └── __init__.py │ │ │ └── requirements.txt │ │ ├── docker-compose-protos.yaml │ │ ├── docker-compose.yaml │ │ ├── protos/ │ │ │ └── kv.proto │ │ ├── server/ │ │ │ ├── Dockerfile │ │ │ ├── envoy-proxy.yaml │ │ │ ├── go.mod │ │ │ ├── go.sum │ │ │ ├── kv/ │ │ │ │ └── go.mod │ │ │ └── service.go │ │ └── verify.sh │ ├── jaeger-native-tracing/ │ │ ├── Dockerfile-frontenvoy │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── front-envoy-jaeger.yaml │ │ ├── install-jaeger-plugin.sh │ │ ├── service1-envoy-jaeger.yaml │ │ ├── service2-envoy-jaeger.yaml │ │ └── verify.sh │ ├── jaeger-tracing/ │ │ ├── Dockerfile-frontenvoy │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── front-envoy-jaeger.yaml │ │ ├── service1-envoy-jaeger.yaml │ │ ├── service2-envoy-jaeger.yaml │ │ └── verify.sh │ ├── load-reporting-service/ │ │ ├── Dockerfile-http-server │ │ ├── Dockerfile-lrs │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── go.mod │ │ ├── go.sum │ │ ├── http_server.py │ │ ├── main.go │ │ ├── send_requests.sh │ │ ├── server/ │ │ │ └── lrs_server.go │ │ ├── service-envoy-w-lrs.yaml │ │ ├── start_service.sh │ │ └── verify.sh │ ├── lua/ │ │ ├── Dockerfile-proxy │ │ ├── Dockerfile-web-service │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── envoy.yaml │ │ ├── lib/ │ │ │ └── mylibrary.lua │ │ └── verify.sh │ ├── mysql/ │ │ ├── Dockerfile-mysql │ │ ├── Dockerfile-proxy │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── envoy.yaml │ │ └── verify.sh │ ├── redis/ │ │ ├── Dockerfile-proxy │ │ ├── Dockerfile-redis │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── envoy.yaml │ │ └── verify.sh │ ├── verify-common.sh │ ├── wasm/ │ │ ├── BUILD │ │ ├── Dockerfile-proxy │ │ ├── Dockerfile-web-service │ │ ├── README.md │ │ ├── docker-compose.yaml │ │ ├── envoy.yaml │ │ ├── envoy_filter_http_wasm_example.cc │ │ └── verify.sh │ └── zipkin-tracing/ │ ├── Dockerfile-frontenvoy │ ├── README.md │ ├── docker-compose.yaml │ ├── front-envoy-zipkin.yaml │ ├── service1-envoy-zipkin.yaml │ ├── service2-envoy-zipkin.yaml │ └── verify.sh ├── generated_api_shadow/ │ ├── BUILD │ ├── README.md │ ├── bazel/ │ │ ├── BUILD │ │ ├── api_build_system.bzl │ │ ├── envoy_http_archive.bzl │ │ ├── external_proto_deps.bzl │ │ ├── repositories.bzl │ │ └── repository_locations.bzl │ └── envoy/ │ ├── admin/ │ │ ├── v2alpha/ │ │ │ ├── BUILD │ │ │ ├── certs.proto │ │ │ ├── clusters.proto │ │ │ ├── config_dump.proto │ │ │ ├── listeners.proto │ │ │ ├── memory.proto │ │ │ ├── metrics.proto │ │ │ ├── mutex_stats.proto │ │ │ ├── server_info.proto │ │ │ └── tap.proto │ │ ├── v3/ │ │ │ ├── BUILD │ │ │ ├── certs.proto │ │ │ ├── clusters.proto │ │ │ ├── config_dump.proto │ │ │ ├── init_dump.proto │ │ │ ├── listeners.proto │ │ │ ├── memory.proto │ │ │ ├── metrics.proto │ │ │ ├── mutex_stats.proto │ │ │ ├── server_info.proto │ │ │ └── tap.proto │ │ └── v4alpha/ │ │ ├── BUILD │ │ ├── certs.proto │ │ ├── clusters.proto │ │ ├── config_dump.proto │ │ ├── init_dump.proto │ │ ├── listeners.proto │ │ ├── memory.proto │ │ ├── metrics.proto │ │ ├── mutex_stats.proto │ │ ├── server_info.proto │ │ └── tap.proto │ ├── annotations/ │ │ ├── BUILD │ │ ├── deprecation.proto │ │ └── resource.proto │ ├── api/ │ │ └── v2/ │ │ ├── BUILD │ │ ├── README.md │ │ ├── auth/ │ │ │ ├── BUILD │ │ │ ├── cert.proto │ │ │ ├── common.proto │ │ │ ├── secret.proto │ │ │ └── tls.proto │ │ ├── cds.proto │ │ ├── cluster/ │ │ │ ├── BUILD │ │ │ ├── circuit_breaker.proto │ │ │ ├── filter.proto │ │ │ └── outlier_detection.proto │ │ ├── cluster.proto │ │ ├── core/ │ │ │ ├── BUILD │ │ │ ├── address.proto │ │ │ ├── backoff.proto │ │ │ ├── base.proto │ │ │ ├── config_source.proto │ │ │ ├── event_service_config.proto │ │ │ ├── grpc_method_list.proto │ │ │ ├── grpc_service.proto │ │ │ ├── health_check.proto │ │ │ ├── http_uri.proto │ │ │ ├── protocol.proto │ │ │ └── socket_option.proto │ │ ├── discovery.proto │ │ ├── eds.proto │ │ ├── endpoint/ │ │ │ ├── BUILD │ │ │ ├── endpoint.proto │ │ │ ├── endpoint_components.proto │ │ │ └── load_report.proto │ │ ├── endpoint.proto │ │ ├── lds.proto │ │ ├── listener/ │ │ │ ├── BUILD │ │ │ ├── listener.proto │ │ │ ├── listener_components.proto │ │ │ ├── quic_config.proto │ │ │ └── udp_listener_config.proto │ │ ├── listener.proto │ │ ├── ratelimit/ │ │ │ ├── BUILD │ │ │ └── ratelimit.proto │ │ ├── rds.proto │ │ ├── route/ │ │ │ ├── BUILD │ │ │ ├── route.proto │ │ │ └── route_components.proto │ │ ├── route.proto │ │ ├── scoped_route.proto │ │ └── srds.proto │ ├── config/ │ │ ├── README.md │ │ ├── accesslog/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── als.proto │ │ │ │ └── file.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── accesslog.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── accesslog.proto │ │ ├── bootstrap/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── bootstrap.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── bootstrap.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── bootstrap.proto │ │ ├── cluster/ │ │ │ ├── aggregate/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── cluster.proto │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── cluster.proto │ │ │ ├── redis/ │ │ │ │ ├── BUILD │ │ │ │ └── redis_cluster.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── circuit_breaker.proto │ │ │ │ ├── cluster.proto │ │ │ │ ├── filter.proto │ │ │ │ └── outlier_detection.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── circuit_breaker.proto │ │ │ ├── cluster.proto │ │ │ ├── filter.proto │ │ │ └── outlier_detection.proto │ │ ├── common/ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_cache.proto │ │ │ ├── matcher/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── matcher.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── matcher.proto │ │ │ └── tap/ │ │ │ └── v2alpha/ │ │ │ ├── BUILD │ │ │ └── common.proto │ │ ├── core/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── address.proto │ │ │ │ ├── backoff.proto │ │ │ │ ├── base.proto │ │ │ │ ├── config_source.proto │ │ │ │ ├── event_service_config.proto │ │ │ │ ├── extension.proto │ │ │ │ ├── grpc_method_list.proto │ │ │ │ ├── grpc_service.proto │ │ │ │ ├── health_check.proto │ │ │ │ ├── http_uri.proto │ │ │ │ ├── protocol.proto │ │ │ │ ├── proxy_protocol.proto │ │ │ │ ├── socket_option.proto │ │ │ │ └── substitution_format_string.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── address.proto │ │ │ ├── backoff.proto │ │ │ ├── base.proto │ │ │ ├── config_source.proto │ │ │ ├── event_service_config.proto │ │ │ ├── extension.proto │ │ │ ├── grpc_method_list.proto │ │ │ ├── grpc_service.proto │ │ │ ├── health_check.proto │ │ │ ├── http_uri.proto │ │ │ ├── protocol.proto │ │ │ ├── proxy_protocol.proto │ │ │ ├── socket_option.proto │ │ │ └── substitution_format_string.proto │ │ ├── endpoint/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ ├── endpoint.proto │ │ │ ├── endpoint_components.proto │ │ │ └── load_report.proto │ │ ├── filter/ │ │ │ ├── README.md │ │ │ ├── accesslog/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── accesslog.proto │ │ │ ├── dubbo/ │ │ │ │ └── router/ │ │ │ │ └── v2alpha1/ │ │ │ │ ├── BUILD │ │ │ │ └── router.proto │ │ │ ├── fault/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── fault.proto │ │ │ ├── http/ │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── adaptive_concurrency.proto │ │ │ │ ├── aws_lambda/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── aws_lambda.proto │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── aws_request_signing.proto │ │ │ │ ├── buffer/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── buffer.proto │ │ │ │ ├── cache/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cache.proto │ │ │ │ ├── compressor/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── compressor.proto │ │ │ │ ├── cors/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cors.proto │ │ │ │ ├── csrf/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── csrf.proto │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dynamic_forward_proxy.proto │ │ │ │ ├── dynamo/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dynamo.proto │ │ │ │ ├── ext_authz/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ext_authz.proto │ │ │ │ ├── fault/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fault.proto │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_stats/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_web/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── grpc_web.proto │ │ │ │ ├── gzip/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── gzip.proto │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ ├── health_check/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── health_check.proto │ │ │ │ ├── ip_tagging/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ip_tagging.proto │ │ │ │ ├── jwt_authn/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── README.md │ │ │ │ │ └── config.proto │ │ │ │ ├── lua/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── lua.proto │ │ │ │ ├── on_demand/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── on_demand.proto │ │ │ │ ├── original_src/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_src.proto │ │ │ │ ├── rate_limit/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rate_limit.proto │ │ │ │ ├── rbac/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ ├── router/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── router.proto │ │ │ │ ├── squash/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── squash.proto │ │ │ │ ├── tap/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tap.proto │ │ │ │ └── transcoder/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── transcoder.proto │ │ │ ├── listener/ │ │ │ │ ├── http_inspector/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── http_inspector.proto │ │ │ │ ├── original_dst/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_dst.proto │ │ │ │ ├── original_src/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_src.proto │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── proxy_protocol.proto │ │ │ │ └── tls_inspector/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── tls_inspector.proto │ │ │ ├── network/ │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── client_ssl_auth.proto │ │ │ │ ├── direct_response/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── README.md │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ └── route.proto │ │ │ │ ├── echo/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── echo.proto │ │ │ │ ├── ext_authz/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ext_authz.proto │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ ├── kafka_broker/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── kafka_broker.proto │ │ │ │ ├── local_rate_limit/ │ │ │ │ │ └── v2alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── mongo_proxy.proto │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ └── v1alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── mysql_proxy.proto │ │ │ │ ├── rate_limit/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rate_limit.proto │ │ │ │ ├── rbac/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ ├── redis_proxy/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── redis_proxy.proto │ │ │ │ ├── sni_cluster/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── sni_cluster.proto │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ └── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── README.md │ │ │ │ │ ├── route.proto │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ └── zookeeper_proxy/ │ │ │ │ └── v1alpha1/ │ │ │ │ ├── BUILD │ │ │ │ └── zookeeper_proxy.proto │ │ │ ├── thrift/ │ │ │ │ ├── rate_limit/ │ │ │ │ │ └── v2alpha1/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rate_limit.proto │ │ │ │ └── router/ │ │ │ │ └── v2alpha1/ │ │ │ │ ├── BUILD │ │ │ │ └── router.proto │ │ │ └── udp/ │ │ │ └── udp_proxy/ │ │ │ └── v2alpha/ │ │ │ ├── BUILD │ │ │ └── udp_proxy.proto │ │ ├── grpc_credential/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── aws_iam.proto │ │ │ │ └── file_based_metadata.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ ├── aws_iam.proto │ │ │ └── file_based_metadata.proto │ │ ├── health_checker/ │ │ │ └── redis/ │ │ │ └── v2/ │ │ │ ├── BUILD │ │ │ └── redis.proto │ │ ├── listener/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── api_listener.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── api_listener.proto │ │ │ │ ├── listener.proto │ │ │ │ ├── listener_components.proto │ │ │ │ ├── quic_config.proto │ │ │ │ ├── udp_default_writer_config.proto │ │ │ │ ├── udp_gso_batch_writer_config.proto │ │ │ │ └── udp_listener_config.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── api_listener.proto │ │ │ ├── listener.proto │ │ │ ├── listener_components.proto │ │ │ ├── quic_config.proto │ │ │ ├── udp_default_writer_config.proto │ │ │ ├── udp_gso_batch_writer_config.proto │ │ │ └── udp_listener_config.proto │ │ ├── metrics/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── metrics_service.proto │ │ │ │ └── stats.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── metrics_service.proto │ │ │ │ └── stats.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── metrics_service.proto │ │ │ └── stats.proto │ │ ├── overload/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── overload.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── overload.proto │ │ ├── ratelimit/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── rls.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── rls.proto │ │ ├── rbac/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── rbac.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── rbac.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── rbac.proto │ │ ├── resource_monitor/ │ │ │ ├── fixed_heap/ │ │ │ │ └── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── fixed_heap.proto │ │ │ └── injected_resource/ │ │ │ └── v2alpha/ │ │ │ ├── BUILD │ │ │ └── injected_resource.proto │ │ ├── retry/ │ │ │ ├── omit_canary_hosts/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── omit_canary_hosts.proto │ │ │ ├── omit_host_metadata/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── omit_host_metadata_config.proto │ │ │ ├── previous_hosts/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── previous_hosts.proto │ │ │ └── previous_priorities/ │ │ │ ├── BUILD │ │ │ └── previous_priorities_config.proto │ │ ├── route/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── route.proto │ │ │ │ ├── route_components.proto │ │ │ │ └── scoped_route.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── route.proto │ │ │ ├── route_components.proto │ │ │ └── scoped_route.proto │ │ ├── tap/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── common.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── common.proto │ │ ├── trace/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── datadog.proto │ │ │ │ ├── dynamic_ot.proto │ │ │ │ ├── http_tracer.proto │ │ │ │ ├── lightstep.proto │ │ │ │ ├── opencensus.proto │ │ │ │ ├── service.proto │ │ │ │ ├── trace.proto │ │ │ │ └── zipkin.proto │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── xray.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── datadog.proto │ │ │ │ ├── dynamic_ot.proto │ │ │ │ ├── http_tracer.proto │ │ │ │ ├── lightstep.proto │ │ │ │ ├── opencensus.proto │ │ │ │ ├── service.proto │ │ │ │ ├── trace.proto │ │ │ │ ├── xray.proto │ │ │ │ └── zipkin.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── http_tracer.proto │ │ │ └── service.proto │ │ └── transport_socket/ │ │ ├── alts/ │ │ │ └── v2alpha/ │ │ │ ├── BUILD │ │ │ └── alts.proto │ │ ├── raw_buffer/ │ │ │ └── v2/ │ │ │ ├── BUILD │ │ │ └── raw_buffer.proto │ │ └── tap/ │ │ └── v2alpha/ │ │ ├── BUILD │ │ └── tap.proto │ ├── data/ │ │ ├── accesslog/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── accesslog.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── accesslog.proto │ │ ├── cluster/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── outlier_detection_event.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── outlier_detection_event.proto │ │ ├── core/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── health_check_event.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── health_check_event.proto │ │ ├── dns/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_table.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_table.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── dns_table.proto │ │ └── tap/ │ │ ├── v2alpha/ │ │ │ ├── BUILD │ │ │ ├── common.proto │ │ │ ├── http.proto │ │ │ ├── transport.proto │ │ │ └── wrapper.proto │ │ └── v3/ │ │ ├── BUILD │ │ ├── common.proto │ │ ├── http.proto │ │ ├── transport.proto │ │ └── wrapper.proto │ ├── extensions/ │ │ ├── access_loggers/ │ │ │ ├── file/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── file.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── file.proto │ │ │ ├── grpc/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── als.proto │ │ │ └── wasm/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── wasm.proto │ │ ├── clusters/ │ │ │ ├── aggregate/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── cluster.proto │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── cluster.proto │ │ │ └── redis/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── redis_cluster.proto │ │ ├── common/ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_cache.proto │ │ │ ├── ratelimit/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── ratelimit.proto │ │ │ └── tap/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── common.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── common.proto │ │ ├── compression/ │ │ │ └── gzip/ │ │ │ ├── compressor/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── gzip.proto │ │ │ └── decompressor/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── gzip.proto │ │ ├── filters/ │ │ │ ├── common/ │ │ │ │ └── fault/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── fault.proto │ │ │ ├── http/ │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── adaptive_concurrency.proto │ │ │ │ ├── admission_control/ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── admission_control.proto │ │ │ │ ├── aws_lambda/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── aws_lambda.proto │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── aws_request_signing.proto │ │ │ │ ├── buffer/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── buffer.proto │ │ │ │ ├── cache/ │ │ │ │ │ ├── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── cache.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cache.proto │ │ │ │ ├── cdn_loop/ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cdn_loop.proto │ │ │ │ ├── compressor/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── compressor.proto │ │ │ │ ├── cors/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── cors.proto │ │ │ │ ├── csrf/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── csrf.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── csrf.proto │ │ │ │ ├── decompressor/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── decompressor.proto │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dynamic_forward_proxy.proto │ │ │ │ ├── dynamo/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dynamo.proto │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ext_authz.proto │ │ │ │ ├── fault/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── fault.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fault.proto │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_json_transcoder/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── transcoder.proto │ │ │ │ ├── grpc_stats/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── grpc_web/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── grpc_web.proto │ │ │ │ ├── gzip/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── gzip.proto │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── header_to_metadata.proto │ │ │ │ ├── health_check/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── health_check.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── health_check.proto │ │ │ │ ├── ip_tagging/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ip_tagging.proto │ │ │ │ ├── jwt_authn/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── config.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ ├── lua/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── lua.proto │ │ │ │ ├── oauth2/ │ │ │ │ │ ├── v3alpha/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── oauth.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── oauth.proto │ │ │ │ ├── on_demand/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── on_demand.proto │ │ │ │ ├── original_src/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_src.proto │ │ │ │ ├── ratelimit/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rate_limit.proto │ │ │ │ ├── rbac/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ ├── router/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── router.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── router.proto │ │ │ │ ├── squash/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── squash.proto │ │ │ │ ├── tap/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tap.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tap.proto │ │ │ │ └── wasm/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── wasm.proto │ │ │ ├── listener/ │ │ │ │ ├── http_inspector/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── http_inspector.proto │ │ │ │ ├── original_dst/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_dst.proto │ │ │ │ ├── original_src/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_src.proto │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── proxy_protocol.proto │ │ │ │ └── tls_inspector/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── tls_inspector.proto │ │ │ ├── network/ │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── client_ssl_auth.proto │ │ │ │ ├── direct_response/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config.proto │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ ├── router/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── router.proto │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ │ └── route.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── dubbo_proxy.proto │ │ │ │ │ └── route.proto │ │ │ │ ├── echo/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── echo.proto │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── ext_authz.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ext_authz.proto │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── http_connection_manager.proto │ │ │ │ ├── kafka_broker/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── kafka_broker.proto │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── local_rate_limit.proto │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── mongo_proxy.proto │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── mysql_proxy.proto │ │ │ │ ├── postgres_proxy/ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── postgres_proxy.proto │ │ │ │ ├── ratelimit/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rate_limit.proto │ │ │ │ ├── rbac/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rbac.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── rbac.proto │ │ │ │ ├── redis_proxy/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── redis_proxy.proto │ │ │ │ ├── rocketmq_proxy/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── rocketmq_proxy.proto │ │ │ │ │ │ └── route.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── rocketmq_proxy.proto │ │ │ │ │ └── route.proto │ │ │ │ ├── sni_cluster/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── sni_cluster.proto │ │ │ │ ├── sni_dynamic_forward_proxy/ │ │ │ │ │ └── v3alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── sni_dynamic_forward_proxy.proto │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tcp_proxy.proto │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ ├── filters/ │ │ │ │ │ │ └── ratelimit/ │ │ │ │ │ │ └── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── rate_limit.proto │ │ │ │ │ ├── v3/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── route.proto │ │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ │ └── v4alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── route.proto │ │ │ │ │ └── thrift_proxy.proto │ │ │ │ ├── wasm/ │ │ │ │ │ └── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── wasm.proto │ │ │ │ └── zookeeper_proxy/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── zookeeper_proxy.proto │ │ │ └── udp/ │ │ │ ├── dns_filter/ │ │ │ │ ├── v3alpha/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── dns_filter.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── dns_filter.proto │ │ │ └── udp_proxy/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── udp_proxy.proto │ │ ├── internal_redirect/ │ │ │ ├── allow_listed_routes/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── allow_listed_routes_config.proto │ │ │ ├── previous_routes/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── previous_routes_config.proto │ │ │ └── safe_cross_scheme/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── safe_cross_scheme_config.proto │ │ ├── network/ │ │ │ └── socket_interface/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── default_socket_interface.proto │ │ ├── retry/ │ │ │ ├── host/ │ │ │ │ └── omit_host_metadata/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── omit_host_metadata_config.proto │ │ │ └── priority/ │ │ │ └── previous_priorities/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── previous_priorities_config.proto │ │ ├── stat_sinks/ │ │ │ └── wasm/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── wasm.proto │ │ ├── tracers/ │ │ │ ├── datadog/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── datadog.proto │ │ │ ├── dynamic_ot/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── dynamic_ot.proto │ │ │ ├── lightstep/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── lightstep.proto │ │ │ ├── opencensus/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── opencensus.proto │ │ │ ├── xray/ │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── xray.proto │ │ │ └── zipkin/ │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── zipkin.proto │ │ ├── transport_sockets/ │ │ │ ├── alts/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── alts.proto │ │ │ ├── proxy_protocol/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── upstream_proxy_protocol.proto │ │ │ ├── quic/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── quic_transport.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── quic_transport.proto │ │ │ ├── raw_buffer/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── raw_buffer.proto │ │ │ ├── tap/ │ │ │ │ ├── v3/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── tap.proto │ │ │ │ └── v4alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── tap.proto │ │ │ └── tls/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── cert.proto │ │ │ │ ├── common.proto │ │ │ │ ├── secret.proto │ │ │ │ └── tls.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── common.proto │ │ │ ├── secret.proto │ │ │ └── tls.proto │ │ ├── upstreams/ │ │ │ └── http/ │ │ │ ├── generic/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── generic_connection_pool.proto │ │ │ ├── http/ │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── http_connection_pool.proto │ │ │ └── tcp/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── tcp_connection_pool.proto │ │ ├── wasm/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── wasm.proto │ │ └── watchdog/ │ │ ├── abort_action/ │ │ │ └── v3alpha/ │ │ │ ├── BUILD │ │ │ └── abort_action.proto │ │ └── profile_action/ │ │ └── v3alpha/ │ │ ├── BUILD │ │ └── profile_action.proto │ ├── service/ │ │ ├── README.md │ │ ├── accesslog/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── als.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── als.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── als.proto │ │ ├── auth/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── attribute_context.proto │ │ │ │ └── external_auth.proto │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── external_auth.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── attribute_context.proto │ │ │ │ └── external_auth.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── attribute_context.proto │ │ │ └── external_auth.proto │ │ ├── cluster/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── cds.proto │ │ ├── discovery/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── ads.proto │ │ │ │ ├── hds.proto │ │ │ │ ├── rtds.proto │ │ │ │ └── sds.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── ads.proto │ │ │ │ └── discovery.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── ads.proto │ │ │ └── discovery.proto │ │ ├── endpoint/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── eds.proto │ │ ├── event_reporting/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ └── event_reporting_service.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── event_reporting_service.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── event_reporting_service.proto │ │ ├── extension/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── config_discovery.proto │ │ ├── health/ │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── hds.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── hds.proto │ │ ├── listener/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── lds.proto │ │ ├── load_stats/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── lrs.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── lrs.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── lrs.proto │ │ ├── metrics/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── metrics_service.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── metrics_service.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── metrics_service.proto │ │ ├── ratelimit/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── rls.proto │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── rls.proto │ │ ├── route/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ ├── rds.proto │ │ │ └── srds.proto │ │ ├── runtime/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── rtds.proto │ │ ├── secret/ │ │ │ └── v3/ │ │ │ ├── BUILD │ │ │ └── sds.proto │ │ ├── status/ │ │ │ ├── v2/ │ │ │ │ ├── BUILD │ │ │ │ └── csds.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── csds.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── csds.proto │ │ ├── tap/ │ │ │ ├── v2alpha/ │ │ │ │ ├── BUILD │ │ │ │ ├── common.proto │ │ │ │ └── tap.proto │ │ │ ├── v3/ │ │ │ │ ├── BUILD │ │ │ │ └── tap.proto │ │ │ └── v4alpha/ │ │ │ ├── BUILD │ │ │ └── tap.proto │ │ └── trace/ │ │ ├── v2/ │ │ │ ├── BUILD │ │ │ └── trace_service.proto │ │ ├── v3/ │ │ │ ├── BUILD │ │ │ └── trace_service.proto │ │ └── v4alpha/ │ │ ├── BUILD │ │ └── trace_service.proto │ └── type/ │ ├── BUILD │ ├── hash_policy.proto │ ├── http.proto │ ├── http_status.proto │ ├── matcher/ │ │ ├── BUILD │ │ ├── metadata.proto │ │ ├── node.proto │ │ ├── number.proto │ │ ├── path.proto │ │ ├── regex.proto │ │ ├── string.proto │ │ ├── struct.proto │ │ ├── v3/ │ │ │ ├── BUILD │ │ │ ├── metadata.proto │ │ │ ├── node.proto │ │ │ ├── number.proto │ │ │ ├── path.proto │ │ │ ├── regex.proto │ │ │ ├── string.proto │ │ │ ├── struct.proto │ │ │ └── value.proto │ │ ├── v4alpha/ │ │ │ ├── BUILD │ │ │ ├── metadata.proto │ │ │ ├── node.proto │ │ │ ├── number.proto │ │ │ ├── path.proto │ │ │ ├── regex.proto │ │ │ ├── string.proto │ │ │ ├── struct.proto │ │ │ └── value.proto │ │ └── value.proto │ ├── metadata/ │ │ ├── v2/ │ │ │ ├── BUILD │ │ │ └── metadata.proto │ │ └── v3/ │ │ ├── BUILD │ │ └── metadata.proto │ ├── percent.proto │ ├── range.proto │ ├── semantic_version.proto │ ├── token_bucket.proto │ ├── tracing/ │ │ ├── v2/ │ │ │ ├── BUILD │ │ │ └── custom_tag.proto │ │ └── v3/ │ │ ├── BUILD │ │ └── custom_tag.proto │ └── v3/ │ ├── BUILD │ ├── hash_policy.proto │ ├── http.proto │ ├── http_status.proto │ ├── percent.proto │ ├── range.proto │ ├── ratelimit_unit.proto │ ├── semantic_version.proto │ └── token_bucket.proto ├── include/ │ └── envoy/ │ ├── access_log/ │ │ ├── BUILD │ │ └── access_log.h │ ├── api/ │ │ ├── BUILD │ │ ├── api.h │ │ ├── io_error.h │ │ ├── os_sys_calls.h │ │ ├── os_sys_calls_common.h │ │ ├── os_sys_calls_hot_restart.h │ │ └── os_sys_calls_linux.h │ ├── buffer/ │ │ ├── BUILD │ │ └── buffer.h │ ├── common/ │ │ ├── BUILD │ │ ├── backoff_strategy.h │ │ ├── callback.h │ │ ├── conn_pool.h │ │ ├── crypto/ │ │ │ ├── BUILD │ │ │ └── crypto.h │ │ ├── exception.h │ │ ├── interval_set.h │ │ ├── matchers.h │ │ ├── mutex_tracer.h │ │ ├── platform.h │ │ ├── pure.h │ │ ├── random_generator.h │ │ ├── regex.h │ │ ├── resource.h │ │ ├── scope_tracker.h │ │ ├── time.h │ │ └── token_bucket.h │ ├── compression/ │ │ ├── compressor/ │ │ │ ├── BUILD │ │ │ ├── compressor.h │ │ │ ├── config.h │ │ │ └── factory.h │ │ └── decompressor/ │ │ ├── BUILD │ │ ├── config.h │ │ ├── decompressor.h │ │ └── factory.h │ ├── config/ │ │ ├── BUILD │ │ ├── config_provider.h │ │ ├── config_provider_manager.h │ │ ├── extension_config_provider.h │ │ ├── grpc_mux.h │ │ ├── subscription.h │ │ ├── subscription_factory.h │ │ ├── typed_config.h │ │ └── typed_metadata.h │ ├── event/ │ │ ├── BUILD │ │ ├── deferred_deletable.h │ │ ├── dispatcher.h │ │ ├── file_event.h │ │ ├── range_timer.h │ │ ├── schedulable_cb.h │ │ ├── signal.h │ │ └── timer.h │ ├── filesystem/ │ │ ├── BUILD │ │ ├── filesystem.h │ │ └── watcher.h │ ├── filter/ │ │ └── http/ │ │ ├── BUILD │ │ └── filter_config_provider.h │ ├── formatter/ │ │ ├── BUILD │ │ └── substitution_formatter.h │ ├── grpc/ │ │ ├── BUILD │ │ ├── async_client.h │ │ ├── async_client_manager.h │ │ ├── context.h │ │ ├── google_grpc_creds.h │ │ └── status.h │ ├── http/ │ │ ├── BUILD │ │ ├── api_listener.h │ │ ├── async_client.h │ │ ├── codec.h │ │ ├── codes.h │ │ ├── conn_pool.h │ │ ├── context.h │ │ ├── filter.h │ │ ├── hash_policy.h │ │ ├── header_map.h │ │ ├── message.h │ │ ├── metadata_interface.h │ │ ├── protocol.h │ │ ├── query_params.h │ │ └── request_id_extension.h │ ├── init/ │ │ ├── BUILD │ │ ├── manager.h │ │ ├── target.h │ │ └── watcher.h │ ├── json/ │ │ ├── BUILD │ │ └── json_object.h │ ├── local_info/ │ │ ├── BUILD │ │ └── local_info.h │ ├── network/ │ │ ├── BUILD │ │ ├── address.h │ │ ├── connection.h │ │ ├── connection_balancer.h │ │ ├── connection_handler.h │ │ ├── dns.h │ │ ├── drain_decision.h │ │ ├── exception.h │ │ ├── filter.h │ │ ├── hash_policy.h │ │ ├── io_handle.h │ │ ├── listen_socket.h │ │ ├── listener.h │ │ ├── post_io_action.h │ │ ├── proxy_protocol.h │ │ ├── resolver.h │ │ ├── socket.h │ │ ├── socket_interface.h │ │ ├── transport_socket.h │ │ ├── udp_packet_writer_config.h │ │ └── udp_packet_writer_handler.h │ ├── protobuf/ │ │ ├── BUILD │ │ └── message_validator.h │ ├── ratelimit/ │ │ ├── BUILD │ │ └── ratelimit.h │ ├── registry/ │ │ ├── BUILD │ │ └── registry.h │ ├── router/ │ │ ├── BUILD │ │ ├── internal_redirect.h │ │ ├── rds.h │ │ ├── route_config_provider_manager.h │ │ ├── route_config_update_receiver.h │ │ ├── router.h │ │ ├── router_ratelimit.h │ │ ├── scopes.h │ │ ├── shadow_writer.h │ │ └── string_accessor.h │ ├── runtime/ │ │ ├── BUILD │ │ └── runtime.h │ ├── secret/ │ │ ├── BUILD │ │ ├── secret_callbacks.h │ │ ├── secret_manager.h │ │ └── secret_provider.h │ ├── server/ │ │ ├── BUILD │ │ ├── access_log_config.h │ │ ├── active_udp_listener_config.h │ │ ├── admin.h │ │ ├── api_listener.h │ │ ├── bootstrap_extension_config.h │ │ ├── config_tracker.h │ │ ├── configuration.h │ │ ├── drain_manager.h │ │ ├── factory_context.h │ │ ├── filter_config.h │ │ ├── guarddog.h │ │ ├── guarddog_config.h │ │ ├── health_checker_config.h │ │ ├── hot_restart.h │ │ ├── instance.h │ │ ├── lifecycle_notifier.h │ │ ├── listener_manager.h │ │ ├── options.h │ │ ├── overload_manager.h │ │ ├── process_context.h │ │ ├── request_id_extension_config.h │ │ ├── resource_monitor.h │ │ ├── resource_monitor_config.h │ │ ├── tracer_config.h │ │ ├── transport_socket_config.h │ │ ├── watchdog.h │ │ └── worker.h │ ├── singleton/ │ │ ├── BUILD │ │ ├── instance.h │ │ └── manager.h │ ├── ssl/ │ │ ├── BUILD │ │ ├── certificate_validation_context_config.h │ │ ├── connection.h │ │ ├── context.h │ │ ├── context_config.h │ │ ├── context_manager.h │ │ ├── handshaker.h │ │ ├── private_key/ │ │ │ ├── BUILD │ │ │ ├── private_key.h │ │ │ ├── private_key_callbacks.h │ │ │ └── private_key_config.h │ │ ├── ssl_socket_extended_info.h │ │ ├── ssl_socket_state.h │ │ └── tls_certificate_config.h │ ├── stats/ │ │ ├── BUILD │ │ ├── allocator.h │ │ ├── histogram.h │ │ ├── primitive_stats.h │ │ ├── primitive_stats_macros.h │ │ ├── refcount_ptr.h │ │ ├── scope.h │ │ ├── sink.h │ │ ├── stats.h │ │ ├── stats_macros.h │ │ ├── stats_matcher.h │ │ ├── store.h │ │ ├── symbol_table.h │ │ ├── tag.h │ │ ├── tag_extractor.h │ │ ├── tag_producer.h │ │ └── timespan.h │ ├── stream_info/ │ │ ├── BUILD │ │ ├── filter_state.h │ │ ├── stream_info.h │ │ └── uint32_accessor.h │ ├── tcp/ │ │ ├── BUILD │ │ └── conn_pool.h │ ├── thread/ │ │ ├── BUILD │ │ └── thread.h │ ├── thread_local/ │ │ ├── BUILD │ │ └── thread_local.h │ ├── tracing/ │ │ ├── BUILD │ │ ├── http_tracer.h │ │ └── http_tracer_manager.h │ ├── udp/ │ │ ├── BUILD │ │ └── hash_policy.h │ └── upstream/ │ ├── BUILD │ ├── cluster_factory.h │ ├── cluster_manager.h │ ├── health_check_host_monitor.h │ ├── health_checker.h │ ├── host_description.h │ ├── load_balancer.h │ ├── load_balancer_type.h │ ├── locality.h │ ├── outlier_detection.h │ ├── resource_manager.h │ ├── retry.h │ ├── thread_local_cluster.h │ ├── types.h │ └── upstream.h ├── repokitteh.star ├── restarter/ │ ├── BUILD │ └── hot-restarter.py ├── security/ │ ├── email-templates.md │ ├── gh-cve-template.md │ ├── postmortem-template.md │ └── postmortems/ │ ├── cve-2019-15225.md │ ├── cve-2019-15226.md │ ├── cve-2019-9900.md │ └── cve-2019-9901.md ├── source/ │ ├── common/ │ │ ├── access_log/ │ │ │ ├── BUILD │ │ │ ├── access_log_impl.cc │ │ │ ├── access_log_impl.h │ │ │ ├── access_log_manager_impl.cc │ │ │ └── access_log_manager_impl.h │ │ ├── api/ │ │ │ ├── BUILD │ │ │ ├── api_impl.cc │ │ │ ├── api_impl.h │ │ │ ├── posix/ │ │ │ │ ├── os_sys_calls_impl.cc │ │ │ │ ├── os_sys_calls_impl.h │ │ │ │ ├── os_sys_calls_impl_hot_restart.cc │ │ │ │ ├── os_sys_calls_impl_hot_restart.h │ │ │ │ ├── os_sys_calls_impl_linux.cc │ │ │ │ └── os_sys_calls_impl_linux.h │ │ │ └── win32/ │ │ │ ├── os_sys_calls_impl.cc │ │ │ └── os_sys_calls_impl.h │ │ ├── buffer/ │ │ │ ├── BUILD │ │ │ ├── buffer_impl.cc │ │ │ ├── buffer_impl.h │ │ │ ├── watermark_buffer.cc │ │ │ ├── watermark_buffer.h │ │ │ ├── zero_copy_input_stream_impl.cc │ │ │ └── zero_copy_input_stream_impl.h │ │ ├── chromium_url/ │ │ │ ├── BUILD │ │ │ ├── LICENSE │ │ │ ├── README.md │ │ │ ├── envoy_shim.h │ │ │ ├── url_canon.cc │ │ │ ├── url_canon.h │ │ │ ├── url_canon_internal.cc │ │ │ ├── url_canon_internal.h │ │ │ ├── url_canon_path.cc │ │ │ ├── url_canon_stdstring.cc │ │ │ ├── url_canon_stdstring.h │ │ │ ├── url_parse.h │ │ │ └── url_parse_internal.h │ │ ├── common/ │ │ │ ├── BUILD │ │ │ ├── android/ │ │ │ │ ├── logger_impl.cc │ │ │ │ └── logger_impl.h │ │ │ ├── assert.cc │ │ │ ├── assert.h │ │ │ ├── backoff_strategy.cc │ │ │ ├── backoff_strategy.h │ │ │ ├── base64.cc │ │ │ ├── base64.h │ │ │ ├── base_logger.cc │ │ │ ├── base_logger.h │ │ │ ├── basic_resource_impl.h │ │ │ ├── byte_order.h │ │ │ ├── c_smart_ptr.h │ │ │ ├── callback_impl.h │ │ │ ├── cleanup.h │ │ │ ├── compiler_requirements.h │ │ │ ├── debug_recursion_checker.h │ │ │ ├── documentation_url.h │ │ │ ├── dump_state_utils.h │ │ │ ├── empty_string.h │ │ │ ├── enum_to_int.h │ │ │ ├── fancy_logger.cc │ │ │ ├── fancy_logger.h │ │ │ ├── fmt.h │ │ │ ├── hash.cc │ │ │ ├── hash.h │ │ │ ├── hex.cc │ │ │ ├── hex.h │ │ │ ├── linked_object.h │ │ │ ├── lock_guard.h │ │ │ ├── logger.cc │ │ │ ├── logger.h │ │ │ ├── logger_delegates.cc │ │ │ ├── logger_delegates.h │ │ │ ├── macros.h │ │ │ ├── matchers.cc │ │ │ ├── matchers.h │ │ │ ├── mem_block_builder.h │ │ │ ├── mutex_tracer_impl.cc │ │ │ ├── mutex_tracer_impl.h │ │ │ ├── non_copyable.h │ │ │ ├── perf_annotation.cc │ │ │ ├── perf_annotation.h │ │ │ ├── phantom.h │ │ │ ├── posix/ │ │ │ │ ├── thread_impl.cc │ │ │ │ └── thread_impl.h │ │ │ ├── random_generator.cc │ │ │ ├── random_generator.h │ │ │ ├── regex.cc │ │ │ ├── regex.h │ │ │ ├── scalar_to_byte_vector.h │ │ │ ├── scope_tracker.h │ │ │ ├── standard/ │ │ │ │ └── logger_impl.h │ │ │ ├── statusor.h │ │ │ ├── stl_helpers.h │ │ │ ├── thread.h │ │ │ ├── thread_annotations.h │ │ │ ├── thread_synchronizer.cc │ │ │ ├── thread_synchronizer.h │ │ │ ├── token_bucket_impl.cc │ │ │ ├── token_bucket_impl.h │ │ │ ├── utility.cc │ │ │ ├── utility.h │ │ │ └── win32/ │ │ │ ├── thread_impl.cc │ │ │ └── thread_impl.h │ │ ├── config/ │ │ │ ├── BUILD │ │ │ ├── README.md │ │ │ ├── api_type_oracle.cc │ │ │ ├── api_type_oracle.h │ │ │ ├── api_version.h │ │ │ ├── config_provider_impl.cc │ │ │ ├── config_provider_impl.h │ │ │ ├── datasource.cc │ │ │ ├── datasource.h │ │ │ ├── decoded_resource_impl.h │ │ │ ├── delta_subscription_state.cc │ │ │ ├── delta_subscription_state.h │ │ │ ├── filesystem_subscription_impl.cc │ │ │ ├── filesystem_subscription_impl.h │ │ │ ├── grpc_mux_impl.cc │ │ │ ├── grpc_mux_impl.h │ │ │ ├── grpc_stream.h │ │ │ ├── grpc_subscription_impl.cc │ │ │ ├── grpc_subscription_impl.h │ │ │ ├── http_subscription_impl.cc │ │ │ ├── http_subscription_impl.h │ │ │ ├── metadata.cc │ │ │ ├── metadata.h │ │ │ ├── new_grpc_mux_impl.cc │ │ │ ├── new_grpc_mux_impl.h │ │ │ ├── opaque_resource_decoder_impl.h │ │ │ ├── pausable_ack_queue.cc │ │ │ ├── pausable_ack_queue.h │ │ │ ├── protobuf_link_hacks.h │ │ │ ├── remote_data_fetcher.cc │ │ │ ├── remote_data_fetcher.h │ │ │ ├── resource_name.h │ │ │ ├── runtime_utility.cc │ │ │ ├── runtime_utility.h │ │ │ ├── subscription_base.h │ │ │ ├── subscription_factory_impl.cc │ │ │ ├── subscription_factory_impl.h │ │ │ ├── type_to_endpoint.cc │ │ │ ├── type_to_endpoint.h │ │ │ ├── udpa_context_params.cc │ │ │ ├── udpa_context_params.h │ │ │ ├── udpa_resource.cc │ │ │ ├── udpa_resource.h │ │ │ ├── update_ack.h │ │ │ ├── utility.cc │ │ │ ├── utility.h │ │ │ ├── version_converter.cc │ │ │ ├── version_converter.h │ │ │ ├── watch_map.cc │ │ │ ├── watch_map.h │ │ │ ├── well_known_names.cc │ │ │ └── well_known_names.h │ │ ├── conn_pool/ │ │ │ ├── BUILD │ │ │ ├── conn_pool_base.cc │ │ │ └── conn_pool_base.h │ │ ├── crypto/ │ │ │ ├── BUILD │ │ │ └── utility.h │ │ ├── event/ │ │ │ ├── BUILD │ │ │ ├── deferred_task.h │ │ │ ├── dispatcher_impl.cc │ │ │ ├── dispatcher_impl.h │ │ │ ├── event_impl_base.cc │ │ │ ├── event_impl_base.h │ │ │ ├── file_event_impl.cc │ │ │ ├── file_event_impl.h │ │ │ ├── libevent.cc │ │ │ ├── libevent.h │ │ │ ├── libevent_scheduler.cc │ │ │ ├── libevent_scheduler.h │ │ │ ├── real_time_system.cc │ │ │ ├── real_time_system.h │ │ │ ├── scaled_range_timer_manager.cc │ │ │ ├── scaled_range_timer_manager.h │ │ │ ├── schedulable_cb_impl.cc │ │ │ ├── schedulable_cb_impl.h │ │ │ ├── signal_impl.cc │ │ │ ├── signal_impl.h │ │ │ ├── timer_impl.cc │ │ │ └── timer_impl.h │ │ ├── filesystem/ │ │ │ ├── BUILD │ │ │ ├── directory.h │ │ │ ├── file_shared_impl.cc │ │ │ ├── file_shared_impl.h │ │ │ ├── inotify/ │ │ │ │ ├── watcher_impl.cc │ │ │ │ └── watcher_impl.h │ │ │ ├── kqueue/ │ │ │ │ ├── watcher_impl.cc │ │ │ │ └── watcher_impl.h │ │ │ ├── posix/ │ │ │ │ ├── directory_iterator_impl.cc │ │ │ │ ├── directory_iterator_impl.h │ │ │ │ ├── filesystem_impl.cc │ │ │ │ └── filesystem_impl.h │ │ │ └── win32/ │ │ │ ├── directory_iterator_impl.cc │ │ │ ├── directory_iterator_impl.h │ │ │ ├── filesystem_impl.cc │ │ │ ├── filesystem_impl.h │ │ │ ├── watcher_impl.cc │ │ │ └── watcher_impl.h │ │ ├── filter/ │ │ │ └── http/ │ │ │ ├── BUILD │ │ │ ├── filter_config_discovery_impl.cc │ │ │ └── filter_config_discovery_impl.h │ │ ├── formatter/ │ │ │ ├── BUILD │ │ │ ├── substitution_format_string.cc │ │ │ ├── substitution_format_string.h │ │ │ ├── substitution_formatter.cc │ │ │ └── substitution_formatter.h │ │ ├── grpc/ │ │ │ ├── BUILD │ │ │ ├── async_client_impl.cc │ │ │ ├── async_client_impl.h │ │ │ ├── async_client_manager_impl.cc │ │ │ ├── async_client_manager_impl.h │ │ │ ├── codec.cc │ │ │ ├── codec.h │ │ │ ├── common.cc │ │ │ ├── common.h │ │ │ ├── context_impl.cc │ │ │ ├── context_impl.h │ │ │ ├── google_async_client_impl.cc │ │ │ ├── google_async_client_impl.h │ │ │ ├── google_grpc_context.cc │ │ │ ├── google_grpc_context.h │ │ │ ├── google_grpc_creds_impl.cc │ │ │ ├── google_grpc_creds_impl.h │ │ │ ├── google_grpc_utils.cc │ │ │ ├── google_grpc_utils.h │ │ │ ├── stat_names.cc │ │ │ ├── stat_names.h │ │ │ ├── status.cc │ │ │ ├── status.h │ │ │ ├── typed_async_client.cc │ │ │ └── typed_async_client.h │ │ ├── html/ │ │ │ ├── BUILD │ │ │ ├── utility.cc │ │ │ └── utility.h │ │ ├── http/ │ │ │ ├── BUILD │ │ │ ├── async_client_impl.cc │ │ │ ├── async_client_impl.h │ │ │ ├── async_client_utility.cc │ │ │ ├── async_client_utility.h │ │ │ ├── codec_client.cc │ │ │ ├── codec_client.h │ │ │ ├── codec_helper.h │ │ │ ├── codec_wrappers.h │ │ │ ├── codes.cc │ │ │ ├── codes.h │ │ │ ├── conn_manager_config.h │ │ │ ├── conn_manager_impl.cc │ │ │ ├── conn_manager_impl.h │ │ │ ├── conn_manager_utility.cc │ │ │ ├── conn_manager_utility.h │ │ │ ├── conn_pool_base.cc │ │ │ ├── conn_pool_base.h │ │ │ ├── context_impl.cc │ │ │ ├── context_impl.h │ │ │ ├── date_provider.h │ │ │ ├── date_provider_impl.cc │ │ │ ├── date_provider_impl.h │ │ │ ├── default_server_string.h │ │ │ ├── exception.h │ │ │ ├── filter_manager.cc │ │ │ ├── filter_manager.h │ │ │ ├── hash_policy.cc │ │ │ ├── hash_policy.h │ │ │ ├── header_list_view.cc │ │ │ ├── header_list_view.h │ │ │ ├── header_map_impl.cc │ │ │ ├── header_map_impl.h │ │ │ ├── header_utility.cc │ │ │ ├── header_utility.h │ │ │ ├── headers.h │ │ │ ├── http1/ │ │ │ │ ├── BUILD │ │ │ │ ├── codec_impl.cc │ │ │ │ ├── codec_impl.h │ │ │ │ ├── codec_impl_legacy.cc │ │ │ │ ├── codec_impl_legacy.h │ │ │ │ ├── codec_stats.h │ │ │ │ ├── conn_pool.cc │ │ │ │ ├── conn_pool.h │ │ │ │ ├── header_formatter.cc │ │ │ │ └── header_formatter.h │ │ │ ├── http2/ │ │ │ │ ├── BUILD │ │ │ │ ├── codec_impl.cc │ │ │ │ ├── codec_impl.h │ │ │ │ ├── codec_impl_legacy.cc │ │ │ │ ├── codec_impl_legacy.h │ │ │ │ ├── codec_stats.h │ │ │ │ ├── conn_pool.cc │ │ │ │ ├── conn_pool.h │ │ │ │ ├── metadata_decoder.cc │ │ │ │ ├── metadata_decoder.h │ │ │ │ ├── metadata_encoder.cc │ │ │ │ ├── metadata_encoder.h │ │ │ │ ├── nghttp2.cc │ │ │ │ ├── nghttp2.h │ │ │ │ ├── protocol_constraints.cc │ │ │ │ └── protocol_constraints.h │ │ │ ├── http3/ │ │ │ │ ├── BUILD │ │ │ │ ├── quic_codec_factory.h │ │ │ │ └── well_known_names.h │ │ │ ├── message_impl.h │ │ │ ├── path_utility.cc │ │ │ ├── path_utility.h │ │ │ ├── request_id_extension_impl.cc │ │ │ ├── request_id_extension_impl.h │ │ │ ├── request_id_extension_uuid_impl.cc │ │ │ ├── request_id_extension_uuid_impl.h │ │ │ ├── rest_api_fetcher.cc │ │ │ ├── rest_api_fetcher.h │ │ │ ├── status.cc │ │ │ ├── status.h │ │ │ ├── user_agent.cc │ │ │ ├── user_agent.h │ │ │ ├── utility.cc │ │ │ └── utility.h │ │ ├── init/ │ │ │ ├── BUILD │ │ │ ├── manager_impl.cc │ │ │ ├── manager_impl.h │ │ │ ├── target_impl.cc │ │ │ ├── target_impl.h │ │ │ ├── watcher_impl.cc │ │ │ └── watcher_impl.h │ │ ├── json/ │ │ │ ├── BUILD │ │ │ ├── json_loader.cc │ │ │ └── json_loader.h │ │ ├── local_info/ │ │ │ ├── BUILD │ │ │ └── local_info_impl.h │ │ ├── local_reply/ │ │ │ ├── BUILD │ │ │ ├── local_reply.cc │ │ │ └── local_reply.h │ │ ├── memory/ │ │ │ ├── BUILD │ │ │ ├── heap_shrinker.cc │ │ │ ├── heap_shrinker.h │ │ │ ├── stats.cc │ │ │ ├── stats.h │ │ │ ├── utils.cc │ │ │ └── utils.h │ │ ├── network/ │ │ │ ├── BUILD │ │ │ ├── addr_family_aware_socket_option_impl.cc │ │ │ ├── addr_family_aware_socket_option_impl.h │ │ │ ├── address_impl.cc │ │ │ ├── address_impl.h │ │ │ ├── apple_dns_impl.cc │ │ │ ├── apple_dns_impl.h │ │ │ ├── application_protocol.cc │ │ │ ├── application_protocol.h │ │ │ ├── base_listener_impl.cc │ │ │ ├── base_listener_impl.h │ │ │ ├── cidr_range.cc │ │ │ ├── cidr_range.h │ │ │ ├── connection_balancer_impl.cc │ │ │ ├── connection_balancer_impl.h │ │ │ ├── connection_impl.cc │ │ │ ├── connection_impl.h │ │ │ ├── connection_impl_base.cc │ │ │ ├── connection_impl_base.h │ │ │ ├── dns_impl.cc │ │ │ ├── dns_impl.h │ │ │ ├── filter_impl.h │ │ │ ├── filter_manager_impl.cc │ │ │ ├── filter_manager_impl.h │ │ │ ├── filter_matcher.cc │ │ │ ├── filter_matcher.h │ │ │ ├── hash_policy.cc │ │ │ ├── hash_policy.h │ │ │ ├── io_socket_error_impl.cc │ │ │ ├── io_socket_error_impl.h │ │ │ ├── io_socket_handle_impl.cc │ │ │ ├── io_socket_handle_impl.h │ │ │ ├── lc_trie.h │ │ │ ├── listen_socket_impl.cc │ │ │ ├── listen_socket_impl.h │ │ │ ├── proxy_protocol_filter_state.cc │ │ │ ├── proxy_protocol_filter_state.h │ │ │ ├── raw_buffer_socket.cc │ │ │ ├── raw_buffer_socket.h │ │ │ ├── resolver_impl.cc │ │ │ ├── resolver_impl.h │ │ │ ├── socket_impl.cc │ │ │ ├── socket_impl.h │ │ │ ├── socket_interface.h │ │ │ ├── socket_interface_impl.cc │ │ │ ├── socket_interface_impl.h │ │ │ ├── socket_option_factory.cc │ │ │ ├── socket_option_factory.h │ │ │ ├── socket_option_impl.cc │ │ │ ├── socket_option_impl.h │ │ │ ├── tcp_listener_impl.cc │ │ │ ├── tcp_listener_impl.h │ │ │ ├── transport_socket_options_impl.cc │ │ │ ├── transport_socket_options_impl.h │ │ │ ├── udp_default_writer_config.cc │ │ │ ├── udp_default_writer_config.h │ │ │ ├── udp_listener_impl.cc │ │ │ ├── udp_listener_impl.h │ │ │ ├── udp_packet_writer_handler_impl.cc │ │ │ ├── udp_packet_writer_handler_impl.h │ │ │ ├── upstream_server_name.cc │ │ │ ├── upstream_server_name.h │ │ │ ├── upstream_subject_alt_names.cc │ │ │ ├── upstream_subject_alt_names.h │ │ │ ├── utility.cc │ │ │ └── utility.h │ │ ├── profiler/ │ │ │ ├── BUILD │ │ │ ├── profiler.cc │ │ │ └── profiler.h │ │ ├── protobuf/ │ │ │ ├── BUILD │ │ │ ├── message_validator_impl.cc │ │ │ ├── message_validator_impl.h │ │ │ ├── protobuf.h │ │ │ ├── type_util.cc │ │ │ ├── type_util.h │ │ │ ├── utility.cc │ │ │ ├── utility.h │ │ │ ├── visitor.cc │ │ │ ├── visitor.h │ │ │ └── well_known.h │ │ ├── router/ │ │ │ ├── BUILD │ │ │ ├── config_impl.cc │ │ │ ├── config_impl.h │ │ │ ├── config_utility.cc │ │ │ ├── config_utility.h │ │ │ ├── debug_config.cc │ │ │ ├── debug_config.h │ │ │ ├── header_formatter.cc │ │ │ ├── header_formatter.h │ │ │ ├── header_parser.cc │ │ │ ├── header_parser.h │ │ │ ├── metadatamatchcriteria_impl.cc │ │ │ ├── metadatamatchcriteria_impl.h │ │ │ ├── rds_impl.cc │ │ │ ├── rds_impl.h │ │ │ ├── reset_header_parser.cc │ │ │ ├── reset_header_parser.h │ │ │ ├── retry_state_impl.cc │ │ │ ├── retry_state_impl.h │ │ │ ├── route_config_update_receiver_impl.cc │ │ │ ├── route_config_update_receiver_impl.h │ │ │ ├── router.cc │ │ │ ├── router.h │ │ │ ├── router_ratelimit.cc │ │ │ ├── router_ratelimit.h │ │ │ ├── scoped_config_impl.cc │ │ │ ├── scoped_config_impl.h │ │ │ ├── scoped_rds.cc │ │ │ ├── scoped_rds.h │ │ │ ├── shadow_writer_impl.cc │ │ │ ├── shadow_writer_impl.h │ │ │ ├── string_accessor_impl.h │ │ │ ├── tls_context_match_criteria_impl.cc │ │ │ ├── tls_context_match_criteria_impl.h │ │ │ ├── upstream_request.cc │ │ │ ├── upstream_request.h │ │ │ ├── vhds.cc │ │ │ └── vhds.h │ │ ├── runtime/ │ │ │ ├── BUILD │ │ │ ├── runtime_features.cc │ │ │ ├── runtime_features.h │ │ │ ├── runtime_impl.cc │ │ │ ├── runtime_impl.h │ │ │ └── runtime_protos.h │ │ ├── secret/ │ │ │ ├── BUILD │ │ │ ├── sds_api.cc │ │ │ ├── sds_api.h │ │ │ ├── secret_manager_impl.cc │ │ │ ├── secret_manager_impl.h │ │ │ ├── secret_provider_impl.cc │ │ │ └── secret_provider_impl.h │ │ ├── shared_pool/ │ │ │ ├── BUILD │ │ │ └── shared_pool.h │ │ ├── signal/ │ │ │ ├── BUILD │ │ │ ├── fatal_error_handler.cc │ │ │ ├── fatal_error_handler.h │ │ │ ├── signal_action.cc │ │ │ └── signal_action.h │ │ ├── singleton/ │ │ │ ├── BUILD │ │ │ ├── const_singleton.h │ │ │ ├── manager_impl.cc │ │ │ ├── manager_impl.h │ │ │ └── threadsafe_singleton.h │ │ ├── ssl/ │ │ │ ├── BUILD │ │ │ ├── certificate_validation_context_config_impl.cc │ │ │ ├── certificate_validation_context_config_impl.h │ │ │ ├── tls_certificate_config_impl.cc │ │ │ └── tls_certificate_config_impl.h │ │ ├── stats/ │ │ │ ├── BUILD │ │ │ ├── allocator_impl.cc │ │ │ ├── allocator_impl.h │ │ │ ├── histogram_impl.cc │ │ │ ├── histogram_impl.h │ │ │ ├── isolated_store_impl.cc │ │ │ ├── isolated_store_impl.h │ │ │ ├── metric_impl.cc │ │ │ ├── metric_impl.h │ │ │ ├── null_counter.h │ │ │ ├── null_gauge.h │ │ │ ├── null_text_readout.h │ │ │ ├── recent_lookups.cc │ │ │ ├── recent_lookups.h │ │ │ ├── scope_prefixer.cc │ │ │ ├── scope_prefixer.h │ │ │ ├── stat_merger.cc │ │ │ ├── stat_merger.h │ │ │ ├── stats_matcher_impl.cc │ │ │ ├── stats_matcher_impl.h │ │ │ ├── store_impl.h │ │ │ ├── symbol_table_impl.cc │ │ │ ├── symbol_table_impl.h │ │ │ ├── tag_extractor_impl.cc │ │ │ ├── tag_extractor_impl.h │ │ │ ├── tag_producer_impl.cc │ │ │ ├── tag_producer_impl.h │ │ │ ├── tag_utility.cc │ │ │ ├── tag_utility.h │ │ │ ├── thread_local_store.cc │ │ │ ├── thread_local_store.h │ │ │ ├── timespan_impl.cc │ │ │ ├── timespan_impl.h │ │ │ ├── utility.cc │ │ │ └── utility.h │ │ ├── stream_info/ │ │ │ ├── BUILD │ │ │ ├── filter_state_impl.cc │ │ │ ├── filter_state_impl.h │ │ │ ├── stream_info_impl.h │ │ │ ├── uint32_accessor_impl.h │ │ │ ├── utility.cc │ │ │ └── utility.h │ │ ├── tcp/ │ │ │ ├── BUILD │ │ │ ├── conn_pool.cc │ │ │ ├── conn_pool.h │ │ │ ├── original_conn_pool.cc │ │ │ └── original_conn_pool.h │ │ ├── tcp_proxy/ │ │ │ ├── BUILD │ │ │ ├── tcp_proxy.cc │ │ │ ├── tcp_proxy.h │ │ │ ├── upstream.cc │ │ │ └── upstream.h │ │ ├── thread_local/ │ │ │ ├── BUILD │ │ │ ├── thread_local_impl.cc │ │ │ └── thread_local_impl.h │ │ ├── tracing/ │ │ │ ├── BUILD │ │ │ ├── http_tracer_config_impl.h │ │ │ ├── http_tracer_impl.cc │ │ │ ├── http_tracer_impl.h │ │ │ ├── http_tracer_manager_impl.cc │ │ │ └── http_tracer_manager_impl.h │ │ ├── upstream/ │ │ │ ├── BUILD │ │ │ ├── cds_api_impl.cc │ │ │ ├── cds_api_impl.h │ │ │ ├── cluster_factory_impl.cc │ │ │ ├── cluster_factory_impl.h │ │ │ ├── cluster_manager_impl.cc │ │ │ ├── cluster_manager_impl.h │ │ │ ├── cluster_update_tracker.cc │ │ │ ├── cluster_update_tracker.h │ │ │ ├── conn_pool_map.h │ │ │ ├── conn_pool_map_impl.h │ │ │ ├── edf_scheduler.h │ │ │ ├── eds.cc │ │ │ ├── eds.h │ │ │ ├── health_checker_base_impl.cc │ │ │ ├── health_checker_base_impl.h │ │ │ ├── health_checker_impl.cc │ │ │ ├── health_checker_impl.h │ │ │ ├── health_discovery_service.cc │ │ │ ├── health_discovery_service.h │ │ │ ├── host_utility.cc │ │ │ ├── host_utility.h │ │ │ ├── load_balancer_impl.cc │ │ │ ├── load_balancer_impl.h │ │ │ ├── load_stats_reporter.cc │ │ │ ├── load_stats_reporter.h │ │ │ ├── logical_dns_cluster.cc │ │ │ ├── logical_dns_cluster.h │ │ │ ├── logical_host.cc │ │ │ ├── logical_host.h │ │ │ ├── maglev_lb.cc │ │ │ ├── maglev_lb.h │ │ │ ├── original_dst_cluster.cc │ │ │ ├── original_dst_cluster.h │ │ │ ├── outlier_detection_impl.cc │ │ │ ├── outlier_detection_impl.h │ │ │ ├── priority_conn_pool_map.h │ │ │ ├── priority_conn_pool_map_impl.h │ │ │ ├── resource_manager_impl.h │ │ │ ├── ring_hash_lb.cc │ │ │ ├── ring_hash_lb.h │ │ │ ├── static_cluster.cc │ │ │ ├── static_cluster.h │ │ │ ├── strict_dns_cluster.cc │ │ │ ├── strict_dns_cluster.h │ │ │ ├── subset_lb.cc │ │ │ ├── subset_lb.h │ │ │ ├── thread_aware_lb_impl.cc │ │ │ ├── thread_aware_lb_impl.h │ │ │ ├── transport_socket_match_impl.cc │ │ │ ├── transport_socket_match_impl.h │ │ │ ├── upstream_impl.cc │ │ │ └── upstream_impl.h │ │ └── version/ │ │ ├── BUILD │ │ ├── generate_version_linkstamp.sh │ │ ├── version.cc │ │ ├── version.h │ │ └── version_linkstamp.cc │ ├── docs/ │ │ ├── fancy_logger.md │ │ ├── filters/ │ │ │ └── http/ │ │ │ └── cache/ │ │ │ ├── cache_filter.md │ │ │ └── cache_filter_plugins.md │ │ ├── flow_control.md │ │ ├── h2_metadata.md │ │ ├── header_map.md │ │ ├── network_filter_fuzzing.md │ │ ├── quiche_integration.md │ │ ├── repokitteh.md │ │ ├── stats.md │ │ └── subset_load_balancer.md │ ├── exe/ │ │ ├── BUILD │ │ ├── main.cc │ │ ├── main_common.cc │ │ ├── main_common.h │ │ ├── platform_impl.h │ │ ├── posix/ │ │ │ └── platform_impl.cc │ │ ├── process_wide.cc │ │ ├── process_wide.h │ │ ├── terminate_handler.cc │ │ ├── terminate_handler.h │ │ └── win32/ │ │ └── platform_impl.cc │ ├── extensions/ │ │ ├── BUILD │ │ ├── access_loggers/ │ │ │ ├── BUILD │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ ├── access_log_base.cc │ │ │ │ └── access_log_base.h │ │ │ ├── file/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── file_access_log_impl.cc │ │ │ │ └── file_access_log_impl.h │ │ │ ├── grpc/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_utils.cc │ │ │ │ ├── config_utils.h │ │ │ │ ├── grpc_access_log_impl.cc │ │ │ │ ├── grpc_access_log_impl.h │ │ │ │ ├── grpc_access_log_proto_descriptors.cc │ │ │ │ ├── grpc_access_log_proto_descriptors.h │ │ │ │ ├── grpc_access_log_utils.cc │ │ │ │ ├── grpc_access_log_utils.h │ │ │ │ ├── http_config.cc │ │ │ │ ├── http_config.h │ │ │ │ ├── http_grpc_access_log_impl.cc │ │ │ │ ├── http_grpc_access_log_impl.h │ │ │ │ ├── tcp_config.cc │ │ │ │ ├── tcp_config.h │ │ │ │ ├── tcp_grpc_access_log_impl.cc │ │ │ │ └── tcp_grpc_access_log_impl.h │ │ │ ├── wasm/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ └── wasm_access_log_impl.h │ │ │ └── well_known_names.h │ │ ├── all_extensions.bzl │ │ ├── bootstrap/ │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── config.cc │ │ │ └── config.h │ │ ├── clusters/ │ │ │ ├── BUILD │ │ │ ├── aggregate/ │ │ │ │ ├── BUILD │ │ │ │ ├── cluster.cc │ │ │ │ ├── cluster.h │ │ │ │ └── lb_context.h │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ ├── BUILD │ │ │ │ ├── cluster.cc │ │ │ │ └── cluster.h │ │ │ ├── redis/ │ │ │ │ ├── BUILD │ │ │ │ ├── crc16.cc │ │ │ │ ├── crc16.h │ │ │ │ ├── redis_cluster.cc │ │ │ │ ├── redis_cluster.h │ │ │ │ ├── redis_cluster_lb.cc │ │ │ │ └── redis_cluster_lb.h │ │ │ └── well_known_names.h │ │ ├── common/ │ │ │ ├── BUILD │ │ │ ├── aws/ │ │ │ │ ├── BUILD │ │ │ │ ├── credentials_provider.h │ │ │ │ ├── credentials_provider_impl.cc │ │ │ │ ├── credentials_provider_impl.h │ │ │ │ ├── region_provider.h │ │ │ │ ├── region_provider_impl.cc │ │ │ │ ├── region_provider_impl.h │ │ │ │ ├── signer.h │ │ │ │ ├── signer_impl.cc │ │ │ │ ├── signer_impl.h │ │ │ │ ├── utility.cc │ │ │ │ └── utility.h │ │ │ ├── crypto/ │ │ │ │ ├── BUILD │ │ │ │ ├── crypto_impl.cc │ │ │ │ ├── crypto_impl.h │ │ │ │ ├── utility_impl.cc │ │ │ │ └── utility_impl.h │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ ├── BUILD │ │ │ │ ├── dns_cache.h │ │ │ │ ├── dns_cache_impl.cc │ │ │ │ ├── dns_cache_impl.h │ │ │ │ ├── dns_cache_manager_impl.cc │ │ │ │ ├── dns_cache_manager_impl.h │ │ │ │ ├── dns_cache_resource_manager.cc │ │ │ │ └── dns_cache_resource_manager.h │ │ │ ├── matcher/ │ │ │ │ ├── BUILD │ │ │ │ ├── matcher.cc │ │ │ │ └── matcher.h │ │ │ ├── proxy_protocol/ │ │ │ │ ├── BUILD │ │ │ │ ├── proxy_protocol_header.cc │ │ │ │ └── proxy_protocol_header.h │ │ │ ├── redis/ │ │ │ │ ├── BUILD │ │ │ │ ├── cluster_refresh_manager.h │ │ │ │ ├── cluster_refresh_manager_impl.cc │ │ │ │ └── cluster_refresh_manager_impl.h │ │ │ ├── sqlutils/ │ │ │ │ ├── BUILD │ │ │ │ ├── sqlutils.cc │ │ │ │ └── sqlutils.h │ │ │ ├── tap/ │ │ │ │ ├── BUILD │ │ │ │ ├── admin.cc │ │ │ │ ├── admin.h │ │ │ │ ├── extension_config_base.cc │ │ │ │ ├── extension_config_base.h │ │ │ │ ├── tap.h │ │ │ │ ├── tap_config_base.cc │ │ │ │ └── tap_config_base.h │ │ │ ├── utility.h │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── context.cc │ │ │ ├── context.h │ │ │ ├── ext/ │ │ │ │ ├── BUILD │ │ │ │ ├── README.md │ │ │ │ ├── declare_property.proto │ │ │ │ ├── envoy_null_plugin.h │ │ │ │ ├── envoy_null_vm_wasm_api.h │ │ │ │ ├── envoy_proxy_wasm_api.cc │ │ │ │ ├── envoy_proxy_wasm_api.h │ │ │ │ ├── envoy_wasm_intrinsics.js │ │ │ │ └── node_subset.proto │ │ │ ├── foreign.cc │ │ │ ├── wasm.cc │ │ │ ├── wasm.h │ │ │ ├── wasm_extension.cc │ │ │ ├── wasm_extension.h │ │ │ ├── wasm_state.cc │ │ │ ├── wasm_state.h │ │ │ ├── wasm_vm.cc │ │ │ ├── wasm_vm.h │ │ │ ├── wasm_vm_base.h │ │ │ └── well_known_names.h │ │ ├── compression/ │ │ │ ├── common/ │ │ │ │ ├── compressor/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── factory_base.h │ │ │ │ └── decompressor/ │ │ │ │ ├── BUILD │ │ │ │ └── factory_base.h │ │ │ └── gzip/ │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ ├── base.cc │ │ │ │ └── base.h │ │ │ ├── compressor/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── zlib_compressor_impl.cc │ │ │ │ └── zlib_compressor_impl.h │ │ │ └── decompressor/ │ │ │ ├── BUILD │ │ │ ├── config.cc │ │ │ ├── config.h │ │ │ ├── zlib_decompressor_impl.cc │ │ │ └── zlib_decompressor_impl.h │ │ ├── extensions_build_config.bzl │ │ ├── filters/ │ │ │ ├── common/ │ │ │ │ ├── expr/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── context.cc │ │ │ │ │ ├── context.h │ │ │ │ │ ├── evaluator.cc │ │ │ │ │ └── evaluator.h │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── check_request_utils.cc │ │ │ │ │ ├── check_request_utils.h │ │ │ │ │ ├── ext_authz.h │ │ │ │ │ ├── ext_authz_grpc_impl.cc │ │ │ │ │ ├── ext_authz_grpc_impl.h │ │ │ │ │ ├── ext_authz_http_impl.cc │ │ │ │ │ └── ext_authz_http_impl.h │ │ │ │ ├── fault/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── fault_config.cc │ │ │ │ │ └── fault_config.h │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── local_ratelimit_impl.cc │ │ │ │ │ └── local_ratelimit_impl.h │ │ │ │ ├── lua/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── lua.cc │ │ │ │ │ ├── lua.h │ │ │ │ │ ├── wrappers.cc │ │ │ │ │ └── wrappers.h │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── original_src_socket_option.cc │ │ │ │ │ ├── original_src_socket_option.h │ │ │ │ │ ├── socket_option_factory.cc │ │ │ │ │ └── socket_option_factory.h │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── ratelimit.h │ │ │ │ │ ├── ratelimit_impl.cc │ │ │ │ │ ├── ratelimit_impl.h │ │ │ │ │ └── stat_names.h │ │ │ │ └── rbac/ │ │ │ │ ├── BUILD │ │ │ │ ├── engine.h │ │ │ │ ├── engine_impl.cc │ │ │ │ ├── engine_impl.h │ │ │ │ ├── matchers.cc │ │ │ │ ├── matchers.h │ │ │ │ ├── utility.cc │ │ │ │ └── utility.h │ │ │ ├── http/ │ │ │ │ ├── BUILD │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── adaptive_concurrency_filter.cc │ │ │ │ │ ├── adaptive_concurrency_filter.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ └── controller/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── controller.h │ │ │ │ │ ├── gradient_controller.cc │ │ │ │ │ └── gradient_controller.h │ │ │ │ ├── admission_control/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── admission_control.cc │ │ │ │ │ ├── admission_control.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── evaluators/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── response_evaluator.h │ │ │ │ │ │ ├── success_criteria_evaluator.cc │ │ │ │ │ │ └── success_criteria_evaluator.h │ │ │ │ │ ├── thread_local_controller.cc │ │ │ │ │ └── thread_local_controller.h │ │ │ │ ├── aws_lambda/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── aws_lambda_filter.cc │ │ │ │ │ ├── aws_lambda_filter.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ └── request_response.proto │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── aws_request_signing_filter.cc │ │ │ │ │ ├── aws_request_signing_filter.h │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── buffer/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── buffer_filter.cc │ │ │ │ │ ├── buffer_filter.h │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── cache/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── cache_filter.cc │ │ │ │ │ ├── cache_filter.h │ │ │ │ │ ├── cache_headers_utils.cc │ │ │ │ │ ├── cache_headers_utils.h │ │ │ │ │ ├── cacheability_utils.cc │ │ │ │ │ ├── cacheability_utils.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── http_cache.cc │ │ │ │ │ ├── http_cache.h │ │ │ │ │ ├── inline_headers_handles.h │ │ │ │ │ ├── key.proto │ │ │ │ │ └── simple_http_cache/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.proto │ │ │ │ │ ├── simple_http_cache.cc │ │ │ │ │ └── simple_http_cache.h │ │ │ │ ├── cdn_loop/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── filter.cc │ │ │ │ │ ├── filter.h │ │ │ │ │ ├── parser.cc │ │ │ │ │ ├── parser.h │ │ │ │ │ ├── utils.cc │ │ │ │ │ └── utils.h │ │ │ │ ├── common/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── compressor/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── compressor.cc │ │ │ │ │ │ └── compressor.h │ │ │ │ │ ├── factory_base.h │ │ │ │ │ ├── jwks_fetcher.cc │ │ │ │ │ ├── jwks_fetcher.h │ │ │ │ │ ├── pass_through_filter.h │ │ │ │ │ └── utility.h │ │ │ │ ├── compressor/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── compressor_filter.cc │ │ │ │ │ ├── compressor_filter.h │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── cors/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── cors_filter.cc │ │ │ │ │ └── cors_filter.h │ │ │ │ ├── csrf/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── csrf_filter.cc │ │ │ │ │ └── csrf_filter.h │ │ │ │ ├── decompressor/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── decompressor_filter.cc │ │ │ │ │ └── decompressor_filter.h │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── proxy_filter.cc │ │ │ │ │ └── proxy_filter.h │ │ │ │ ├── dynamo/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── dynamo_filter.cc │ │ │ │ │ ├── dynamo_filter.h │ │ │ │ │ ├── dynamo_request_parser.cc │ │ │ │ │ ├── dynamo_request_parser.h │ │ │ │ │ ├── dynamo_stats.cc │ │ │ │ │ └── dynamo_stats.h │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── ext_authz.cc │ │ │ │ │ └── ext_authz.h │ │ │ │ ├── fault/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── fault_filter.cc │ │ │ │ │ └── fault_filter.h │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── http1_bridge_filter.cc │ │ │ │ │ └── http1_bridge_filter.h │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── filter.cc │ │ │ │ │ └── filter.h │ │ │ │ ├── grpc_json_transcoder/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── http_body_utils.cc │ │ │ │ │ ├── http_body_utils.h │ │ │ │ │ ├── json_transcoder_filter.cc │ │ │ │ │ ├── json_transcoder_filter.h │ │ │ │ │ ├── transcoder_input_stream_impl.cc │ │ │ │ │ └── transcoder_input_stream_impl.h │ │ │ │ ├── grpc_stats/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── grpc_stats_filter.cc │ │ │ │ │ └── grpc_stats_filter.h │ │ │ │ ├── grpc_web/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── grpc_web_filter.cc │ │ │ │ │ └── grpc_web_filter.h │ │ │ │ ├── gzip/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── gzip_filter.cc │ │ │ │ │ └── gzip_filter.h │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── header_to_metadata_filter.cc │ │ │ │ │ └── header_to_metadata_filter.h │ │ │ │ ├── health_check/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── health_check.cc │ │ │ │ │ └── health_check.h │ │ │ │ ├── ip_tagging/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── ip_tagging_filter.cc │ │ │ │ │ └── ip_tagging_filter.h │ │ │ │ ├── jwt_authn/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── authenticator.cc │ │ │ │ │ ├── authenticator.h │ │ │ │ │ ├── extractor.cc │ │ │ │ │ ├── extractor.h │ │ │ │ │ ├── filter.cc │ │ │ │ │ ├── filter.h │ │ │ │ │ ├── filter_config.cc │ │ │ │ │ ├── filter_config.h │ │ │ │ │ ├── filter_factory.cc │ │ │ │ │ ├── filter_factory.h │ │ │ │ │ ├── jwks_cache.cc │ │ │ │ │ ├── jwks_cache.h │ │ │ │ │ ├── matcher.cc │ │ │ │ │ ├── matcher.h │ │ │ │ │ ├── verifier.cc │ │ │ │ │ └── verifier.h │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── local_ratelimit.cc │ │ │ │ │ └── local_ratelimit.h │ │ │ │ ├── lua/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── lua_filter.cc │ │ │ │ │ ├── lua_filter.h │ │ │ │ │ ├── wrappers.cc │ │ │ │ │ └── wrappers.h │ │ │ │ ├── oauth2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── filter.cc │ │ │ │ │ ├── filter.h │ │ │ │ │ ├── oauth.h │ │ │ │ │ ├── oauth_client.cc │ │ │ │ │ ├── oauth_client.h │ │ │ │ │ └── oauth_response.proto │ │ │ │ ├── on_demand/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── on_demand_update.cc │ │ │ │ │ └── on_demand_update.h │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── original_src.cc │ │ │ │ │ ├── original_src.h │ │ │ │ │ ├── original_src_config_factory.cc │ │ │ │ │ └── original_src_config_factory.h │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── ratelimit.cc │ │ │ │ │ ├── ratelimit.h │ │ │ │ │ ├── ratelimit_headers.cc │ │ │ │ │ └── ratelimit_headers.h │ │ │ │ ├── rbac/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── rbac_filter.cc │ │ │ │ │ └── rbac_filter.h │ │ │ │ ├── router/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── squash/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── squash_filter.cc │ │ │ │ │ └── squash_filter.h │ │ │ │ ├── tap/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── tap_config.h │ │ │ │ │ ├── tap_config_impl.cc │ │ │ │ │ ├── tap_config_impl.h │ │ │ │ │ ├── tap_filter.cc │ │ │ │ │ └── tap_filter.h │ │ │ │ ├── wasm/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── wasm_filter.cc │ │ │ │ │ └── wasm_filter.h │ │ │ │ └── well_known_names.h │ │ │ ├── listener/ │ │ │ │ ├── BUILD │ │ │ │ ├── http_inspector/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── http_inspector.cc │ │ │ │ │ └── http_inspector.h │ │ │ │ ├── original_dst/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── original_dst.cc │ │ │ │ │ └── original_dst.h │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── original_src.cc │ │ │ │ │ ├── original_src.h │ │ │ │ │ ├── original_src_config_factory.cc │ │ │ │ │ └── original_src_config_factory.h │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── proxy_protocol.cc │ │ │ │ │ ├── proxy_protocol.h │ │ │ │ │ └── proxy_protocol_header.h │ │ │ │ ├── tls_inspector/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── tls_inspector.cc │ │ │ │ │ └── tls_inspector.h │ │ │ │ └── well_known_names.h │ │ │ ├── network/ │ │ │ │ ├── BUILD │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── client_ssl_auth.cc │ │ │ │ │ ├── client_ssl_auth.h │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── common/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── factory_base.h │ │ │ │ │ ├── redis/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── client.h │ │ │ │ │ │ ├── client_impl.cc │ │ │ │ │ │ ├── client_impl.h │ │ │ │ │ │ ├── codec.h │ │ │ │ │ │ ├── codec_impl.cc │ │ │ │ │ │ ├── codec_impl.h │ │ │ │ │ │ ├── fault.h │ │ │ │ │ │ ├── fault_impl.cc │ │ │ │ │ │ ├── fault_impl.h │ │ │ │ │ │ ├── redis_command_stats.cc │ │ │ │ │ │ ├── redis_command_stats.h │ │ │ │ │ │ ├── supported_commands.h │ │ │ │ │ │ ├── utility.cc │ │ │ │ │ │ └── utility.h │ │ │ │ │ └── utility.h │ │ │ │ ├── direct_response/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── filter.cc │ │ │ │ │ └── filter.h │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── active_message.cc │ │ │ │ │ ├── active_message.h │ │ │ │ │ ├── app_exception.cc │ │ │ │ │ ├── app_exception.h │ │ │ │ │ ├── buffer_helper.cc │ │ │ │ │ ├── buffer_helper.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── conn_manager.cc │ │ │ │ │ ├── conn_manager.h │ │ │ │ │ ├── decoder.cc │ │ │ │ │ ├── decoder.h │ │ │ │ │ ├── decoder_event_handler.h │ │ │ │ │ ├── dubbo_hessian2_serializer_impl.cc │ │ │ │ │ ├── dubbo_hessian2_serializer_impl.h │ │ │ │ │ ├── dubbo_protocol_impl.cc │ │ │ │ │ ├── dubbo_protocol_impl.h │ │ │ │ │ ├── filters/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── factory_base.h │ │ │ │ │ │ ├── filter.h │ │ │ │ │ │ ├── filter_config.h │ │ │ │ │ │ └── well_known_names.h │ │ │ │ │ ├── heartbeat_response.cc │ │ │ │ │ ├── heartbeat_response.h │ │ │ │ │ ├── hessian_utils.cc │ │ │ │ │ ├── hessian_utils.h │ │ │ │ │ ├── message.h │ │ │ │ │ ├── message_impl.h │ │ │ │ │ ├── metadata.h │ │ │ │ │ ├── protocol.h │ │ │ │ │ ├── protocol_constants.h │ │ │ │ │ ├── router/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── config.cc │ │ │ │ │ │ ├── config.h │ │ │ │ │ │ ├── route.h │ │ │ │ │ │ ├── route_matcher.cc │ │ │ │ │ │ ├── route_matcher.h │ │ │ │ │ │ ├── router.h │ │ │ │ │ │ ├── router_impl.cc │ │ │ │ │ │ └── router_impl.h │ │ │ │ │ ├── serializer.h │ │ │ │ │ ├── serializer_impl.cc │ │ │ │ │ ├── serializer_impl.h │ │ │ │ │ └── stats.h │ │ │ │ ├── echo/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── echo.cc │ │ │ │ │ └── echo.h │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── ext_authz.cc │ │ │ │ │ └── ext_authz.h │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── kafka/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── broker/ │ │ │ │ │ │ ├── config.cc │ │ │ │ │ │ ├── config.h │ │ │ │ │ │ ├── filter.cc │ │ │ │ │ │ └── filter.h │ │ │ │ │ ├── codec.h │ │ │ │ │ ├── kafka_request.h │ │ │ │ │ ├── kafka_request_parser.cc │ │ │ │ │ ├── kafka_request_parser.h │ │ │ │ │ ├── kafka_response.h │ │ │ │ │ ├── kafka_response_parser.cc │ │ │ │ │ ├── kafka_response_parser.h │ │ │ │ │ ├── kafka_types.h │ │ │ │ │ ├── parser.h │ │ │ │ │ ├── protocol/ │ │ │ │ │ │ ├── complex_type_template.j2 │ │ │ │ │ │ ├── generator.py │ │ │ │ │ │ ├── kafka_request_resolver_cc.j2 │ │ │ │ │ │ ├── kafka_response_resolver_cc.j2 │ │ │ │ │ │ ├── launcher.py │ │ │ │ │ │ ├── request_metrics_h.j2 │ │ │ │ │ │ ├── request_parser.j2 │ │ │ │ │ │ ├── requests_h.j2 │ │ │ │ │ │ ├── response_metrics_h.j2 │ │ │ │ │ │ ├── response_parser.j2 │ │ │ │ │ │ └── responses_h.j2 │ │ │ │ │ ├── request_codec.cc │ │ │ │ │ ├── request_codec.h │ │ │ │ │ ├── requirements.txt │ │ │ │ │ ├── response_codec.cc │ │ │ │ │ ├── response_codec.h │ │ │ │ │ ├── serialization/ │ │ │ │ │ │ ├── generator.py │ │ │ │ │ │ ├── launcher.py │ │ │ │ │ │ └── serialization_composite_h.j2 │ │ │ │ │ ├── serialization.cc │ │ │ │ │ ├── serialization.h │ │ │ │ │ └── tagged_fields.h │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── local_ratelimit.cc │ │ │ │ │ └── local_ratelimit.h │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── bson.h │ │ │ │ │ ├── bson_impl.cc │ │ │ │ │ ├── bson_impl.h │ │ │ │ │ ├── codec.h │ │ │ │ │ ├── codec_impl.cc │ │ │ │ │ ├── codec_impl.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── mongo_stats.cc │ │ │ │ │ ├── mongo_stats.h │ │ │ │ │ ├── proxy.cc │ │ │ │ │ ├── proxy.h │ │ │ │ │ ├── utility.cc │ │ │ │ │ └── utility.h │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── mysql_codec.h │ │ │ │ │ ├── mysql_codec_clogin.cc │ │ │ │ │ ├── mysql_codec_clogin.h │ │ │ │ │ ├── mysql_codec_clogin_resp.cc │ │ │ │ │ ├── mysql_codec_clogin_resp.h │ │ │ │ │ ├── mysql_codec_command.cc │ │ │ │ │ ├── mysql_codec_command.h │ │ │ │ │ ├── mysql_codec_greeting.cc │ │ │ │ │ ├── mysql_codec_greeting.h │ │ │ │ │ ├── mysql_codec_switch_resp.cc │ │ │ │ │ ├── mysql_codec_switch_resp.h │ │ │ │ │ ├── mysql_config.cc │ │ │ │ │ ├── mysql_config.h │ │ │ │ │ ├── mysql_decoder.cc │ │ │ │ │ ├── mysql_decoder.h │ │ │ │ │ ├── mysql_filter.cc │ │ │ │ │ ├── mysql_filter.h │ │ │ │ │ ├── mysql_session.h │ │ │ │ │ ├── mysql_utils.cc │ │ │ │ │ └── mysql_utils.h │ │ │ │ ├── postgres_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── postgres_decoder.cc │ │ │ │ │ ├── postgres_decoder.h │ │ │ │ │ ├── postgres_filter.cc │ │ │ │ │ ├── postgres_filter.h │ │ │ │ │ ├── postgres_message.cc │ │ │ │ │ ├── postgres_message.h │ │ │ │ │ └── postgres_session.h │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── ratelimit.cc │ │ │ │ │ └── ratelimit.h │ │ │ │ ├── rbac/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── rbac_filter.cc │ │ │ │ │ └── rbac_filter.h │ │ │ │ ├── redis_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── command_splitter.h │ │ │ │ │ ├── command_splitter_impl.cc │ │ │ │ │ ├── command_splitter_impl.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── conn_pool.h │ │ │ │ │ ├── conn_pool_impl.cc │ │ │ │ │ ├── conn_pool_impl.h │ │ │ │ │ ├── proxy_filter.cc │ │ │ │ │ ├── proxy_filter.h │ │ │ │ │ ├── router.h │ │ │ │ │ ├── router_impl.cc │ │ │ │ │ └── router_impl.h │ │ │ │ ├── rocketmq_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── active_message.cc │ │ │ │ │ ├── active_message.h │ │ │ │ │ ├── codec.cc │ │ │ │ │ ├── codec.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── conn_manager.cc │ │ │ │ │ ├── conn_manager.h │ │ │ │ │ ├── metadata.h │ │ │ │ │ ├── protocol.cc │ │ │ │ │ ├── protocol.h │ │ │ │ │ ├── router/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── route_matcher.cc │ │ │ │ │ │ ├── route_matcher.h │ │ │ │ │ │ ├── router.h │ │ │ │ │ │ ├── router_impl.cc │ │ │ │ │ │ └── router_impl.h │ │ │ │ │ ├── stats.h │ │ │ │ │ ├── topic_route.cc │ │ │ │ │ ├── topic_route.h │ │ │ │ │ └── well_known_names.h │ │ │ │ ├── sni_cluster/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── sni_cluster.cc │ │ │ │ │ └── sni_cluster.h │ │ │ │ ├── sni_dynamic_forward_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── proxy_filter.cc │ │ │ │ │ └── proxy_filter.h │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ └── config.h │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── app_exception_impl.cc │ │ │ │ │ ├── app_exception_impl.h │ │ │ │ │ ├── auto_protocol_impl.cc │ │ │ │ │ ├── auto_protocol_impl.h │ │ │ │ │ ├── auto_transport_impl.cc │ │ │ │ │ ├── auto_transport_impl.h │ │ │ │ │ ├── binary_protocol_impl.cc │ │ │ │ │ ├── binary_protocol_impl.h │ │ │ │ │ ├── buffer_helper.cc │ │ │ │ │ ├── buffer_helper.h │ │ │ │ │ ├── compact_protocol_impl.cc │ │ │ │ │ ├── compact_protocol_impl.h │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── conn_manager.cc │ │ │ │ │ ├── conn_manager.h │ │ │ │ │ ├── conn_state.h │ │ │ │ │ ├── decoder.cc │ │ │ │ │ ├── decoder.h │ │ │ │ │ ├── decoder_events.h │ │ │ │ │ ├── docs/ │ │ │ │ │ │ ├── thrift_state_machine.dot │ │ │ │ │ │ └── thrift_state_machine.md │ │ │ │ │ ├── filters/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── factory_base.h │ │ │ │ │ │ ├── filter.h │ │ │ │ │ │ ├── filter_config.h │ │ │ │ │ │ ├── pass_through_filter.h │ │ │ │ │ │ ├── ratelimit/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── config.cc │ │ │ │ │ │ │ ├── config.h │ │ │ │ │ │ │ ├── ratelimit.cc │ │ │ │ │ │ │ └── ratelimit.h │ │ │ │ │ │ └── well_known_names.h │ │ │ │ │ ├── framed_transport_impl.cc │ │ │ │ │ ├── framed_transport_impl.h │ │ │ │ │ ├── header_transport_impl.cc │ │ │ │ │ ├── header_transport_impl.h │ │ │ │ │ ├── metadata.h │ │ │ │ │ ├── protocol.h │ │ │ │ │ ├── protocol_converter.h │ │ │ │ │ ├── router/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── config.cc │ │ │ │ │ │ ├── config.h │ │ │ │ │ │ ├── router.h │ │ │ │ │ │ ├── router_impl.cc │ │ │ │ │ │ ├── router_impl.h │ │ │ │ │ │ ├── router_ratelimit.h │ │ │ │ │ │ ├── router_ratelimit_impl.cc │ │ │ │ │ │ └── router_ratelimit_impl.h │ │ │ │ │ ├── stats.h │ │ │ │ │ ├── thrift.h │ │ │ │ │ ├── thrift_object.h │ │ │ │ │ ├── thrift_object_impl.cc │ │ │ │ │ ├── thrift_object_impl.h │ │ │ │ │ ├── tracing.h │ │ │ │ │ ├── transport.h │ │ │ │ │ ├── twitter_protocol_impl.cc │ │ │ │ │ ├── twitter_protocol_impl.h │ │ │ │ │ ├── unframed_transport_impl.cc │ │ │ │ │ └── unframed_transport_impl.h │ │ │ │ ├── wasm/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── wasm_filter.cc │ │ │ │ │ └── wasm_filter.h │ │ │ │ ├── well_known_names.h │ │ │ │ └── zookeeper_proxy/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── decoder.cc │ │ │ │ ├── decoder.h │ │ │ │ ├── filter.cc │ │ │ │ ├── filter.h │ │ │ │ ├── utils.cc │ │ │ │ └── utils.h │ │ │ └── udp/ │ │ │ ├── dns_filter/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── dns_filter.cc │ │ │ │ ├── dns_filter.h │ │ │ │ ├── dns_filter_constants.h │ │ │ │ ├── dns_filter_resolver.cc │ │ │ │ ├── dns_filter_resolver.h │ │ │ │ ├── dns_filter_utils.cc │ │ │ │ ├── dns_filter_utils.h │ │ │ │ ├── dns_parser.cc │ │ │ │ └── dns_parser.h │ │ │ └── udp_proxy/ │ │ │ ├── BUILD │ │ │ ├── config.cc │ │ │ ├── config.h │ │ │ ├── hash_policy_impl.cc │ │ │ ├── hash_policy_impl.h │ │ │ ├── udp_proxy_filter.cc │ │ │ └── udp_proxy_filter.h │ │ ├── grpc_credentials/ │ │ │ ├── BUILD │ │ │ ├── aws_iam/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── example/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── file_based_metadata/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ └── well_known_names.h │ │ ├── health_checkers/ │ │ │ ├── BUILD │ │ │ ├── redis/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── redis.cc │ │ │ │ ├── redis.h │ │ │ │ └── utility.h │ │ │ └── well_known_names.h │ │ ├── internal_redirect/ │ │ │ ├── BUILD │ │ │ ├── allow_listed_routes/ │ │ │ │ ├── BUILD │ │ │ │ ├── allow_listed_routes.h │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── previous_routes/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── previous_routes.cc │ │ │ │ └── previous_routes.h │ │ │ ├── safe_cross_scheme/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ └── safe_cross_scheme.h │ │ │ └── well_known_names.h │ │ ├── quic_listeners/ │ │ │ └── quiche/ │ │ │ ├── BUILD │ │ │ ├── active_quic_listener.cc │ │ │ ├── active_quic_listener.h │ │ │ ├── active_quic_listener_config.cc │ │ │ ├── active_quic_listener_config.h │ │ │ ├── codec_impl.cc │ │ │ ├── codec_impl.h │ │ │ ├── envoy_quic_alarm.cc │ │ │ ├── envoy_quic_alarm.h │ │ │ ├── envoy_quic_alarm_factory.cc │ │ │ ├── envoy_quic_alarm_factory.h │ │ │ ├── envoy_quic_client_connection.cc │ │ │ ├── envoy_quic_client_connection.h │ │ │ ├── envoy_quic_client_session.cc │ │ │ ├── envoy_quic_client_session.h │ │ │ ├── envoy_quic_client_stream.cc │ │ │ ├── envoy_quic_client_stream.h │ │ │ ├── envoy_quic_connection.cc │ │ │ ├── envoy_quic_connection.h │ │ │ ├── envoy_quic_connection_helper.h │ │ │ ├── envoy_quic_dispatcher.cc │ │ │ ├── envoy_quic_dispatcher.h │ │ │ ├── envoy_quic_packet_writer.cc │ │ │ ├── envoy_quic_packet_writer.h │ │ │ ├── envoy_quic_proof_source.cc │ │ │ ├── envoy_quic_proof_source.h │ │ │ ├── envoy_quic_proof_source_base.cc │ │ │ ├── envoy_quic_proof_source_base.h │ │ │ ├── envoy_quic_proof_verifier.cc │ │ │ ├── envoy_quic_proof_verifier.h │ │ │ ├── envoy_quic_proof_verifier_base.cc │ │ │ ├── envoy_quic_proof_verifier_base.h │ │ │ ├── envoy_quic_server_connection.cc │ │ │ ├── envoy_quic_server_connection.h │ │ │ ├── envoy_quic_server_session.cc │ │ │ ├── envoy_quic_server_session.h │ │ │ ├── envoy_quic_server_stream.cc │ │ │ ├── envoy_quic_server_stream.h │ │ │ ├── envoy_quic_simulated_watermark_buffer.h │ │ │ ├── envoy_quic_stream.h │ │ │ ├── envoy_quic_utils.cc │ │ │ ├── envoy_quic_utils.h │ │ │ ├── platform/ │ │ │ │ ├── BUILD │ │ │ │ ├── envoy_quic_clock.cc │ │ │ │ ├── envoy_quic_clock.h │ │ │ │ ├── flags_impl.cc │ │ │ │ ├── flags_impl.h │ │ │ │ ├── flags_list.h │ │ │ │ ├── http2_arraysize_impl.h │ │ │ │ ├── http2_bug_tracker_impl.h │ │ │ │ ├── http2_containers_impl.h │ │ │ │ ├── http2_estimate_memory_usage_impl.h │ │ │ │ ├── http2_flag_utils_impl.h │ │ │ │ ├── http2_flags_impl.h │ │ │ │ ├── http2_logging_impl.h │ │ │ │ ├── http2_macros_impl.h │ │ │ │ ├── http2_string_piece_impl.h │ │ │ │ ├── http2_string_utils_impl.h │ │ │ │ ├── quic_aligned_impl.h │ │ │ │ ├── quic_bug_tracker_impl.h │ │ │ │ ├── quic_cert_utils_impl.cc │ │ │ │ ├── quic_cert_utils_impl.h │ │ │ │ ├── quic_client_stats_impl.h │ │ │ │ ├── quic_containers_impl.h │ │ │ │ ├── quic_error_code_wrappers_impl.h │ │ │ │ ├── quic_estimate_memory_usage_impl.h │ │ │ │ ├── quic_export_impl.h │ │ │ │ ├── quic_fallthrough_impl.h │ │ │ │ ├── quic_file_utils_impl.cc │ │ │ │ ├── quic_file_utils_impl.h │ │ │ │ ├── quic_flag_utils_impl.h │ │ │ │ ├── quic_flags_impl.h │ │ │ │ ├── quic_hostname_utils_impl.cc │ │ │ │ ├── quic_hostname_utils_impl.h │ │ │ │ ├── quic_iovec_impl.h │ │ │ │ ├── quic_logging_impl.cc │ │ │ │ ├── quic_logging_impl.h │ │ │ │ ├── quic_macros_impl.h │ │ │ │ ├── quic_map_util_impl.h │ │ │ │ ├── quic_mem_slice_impl.cc │ │ │ │ ├── quic_mem_slice_impl.h │ │ │ │ ├── quic_mem_slice_span_impl.cc │ │ │ │ ├── quic_mem_slice_span_impl.h │ │ │ │ ├── quic_mem_slice_storage_impl.cc │ │ │ │ ├── quic_mem_slice_storage_impl.h │ │ │ │ ├── quic_mutex_impl.h │ │ │ │ ├── quic_pcc_sender_impl.h │ │ │ │ ├── quic_prefetch_impl.h │ │ │ │ ├── quic_ptr_util_impl.h │ │ │ │ ├── quic_reference_counted_impl.h │ │ │ │ ├── quic_server_stats_impl.h │ │ │ │ ├── quic_stack_trace_impl.h │ │ │ │ ├── quic_stream_buffer_allocator_impl.h │ │ │ │ ├── quic_string_utils_impl.h │ │ │ │ ├── quic_udp_socket_platform_impl.h │ │ │ │ ├── quic_uint128_impl.h │ │ │ │ ├── quiche_arraysize_impl.h │ │ │ │ ├── quiche_endian_impl.h │ │ │ │ ├── quiche_export_impl.h │ │ │ │ ├── quiche_logging_impl.h │ │ │ │ ├── quiche_map_util_impl.h │ │ │ │ ├── quiche_optional_impl.h │ │ │ │ ├── quiche_ptr_util_impl.h │ │ │ │ ├── quiche_str_cat_impl.h │ │ │ │ ├── quiche_string_piece_impl.h │ │ │ │ ├── quiche_text_utils_impl.h │ │ │ │ ├── quiche_time_utils_impl.cc │ │ │ │ ├── quiche_time_utils_impl.h │ │ │ │ ├── quiche_unordered_containers_impl.h │ │ │ │ ├── spdy_arraysize_impl.h │ │ │ │ ├── spdy_bug_tracker_impl.h │ │ │ │ ├── spdy_containers_impl.h │ │ │ │ ├── spdy_endianness_util_impl.h │ │ │ │ ├── spdy_estimate_memory_usage_impl.h │ │ │ │ ├── spdy_flags_impl.h │ │ │ │ ├── spdy_logging_impl.h │ │ │ │ ├── spdy_macros_impl.h │ │ │ │ ├── spdy_mem_slice_impl.h │ │ │ │ ├── spdy_string_utils_impl.h │ │ │ │ ├── spdy_test_helpers_impl.h │ │ │ │ ├── spdy_test_utils_prod_impl.h │ │ │ │ ├── spdy_unsafe_arena_impl.h │ │ │ │ ├── string_utils.cc │ │ │ │ └── string_utils.h │ │ │ ├── quic_filter_manager_connection_impl.cc │ │ │ ├── quic_filter_manager_connection_impl.h │ │ │ ├── quic_io_handle_wrapper.h │ │ │ ├── quic_transport_socket_factory.cc │ │ │ ├── quic_transport_socket_factory.h │ │ │ ├── spdy_server_push_utils_for_envoy.cc │ │ │ ├── udp_gso_batch_writer.cc │ │ │ ├── udp_gso_batch_writer.h │ │ │ ├── udp_gso_batch_writer_config.cc │ │ │ └── udp_gso_batch_writer_config.h │ │ ├── resource_monitors/ │ │ │ ├── BUILD │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ └── factory_base.h │ │ │ ├── fixed_heap/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── fixed_heap_monitor.cc │ │ │ │ └── fixed_heap_monitor.h │ │ │ ├── injected_resource/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── injected_resource_monitor.cc │ │ │ │ └── injected_resource_monitor.h │ │ │ └── well_known_names.h │ │ ├── retry/ │ │ │ ├── host/ │ │ │ │ ├── omit_canary_hosts/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ └── omit_canary_hosts.h │ │ │ │ ├── omit_host_metadata/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.cc │ │ │ │ │ ├── config.h │ │ │ │ │ ├── omit_host_metadata.cc │ │ │ │ │ └── omit_host_metadata.h │ │ │ │ └── previous_hosts/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ └── previous_hosts.h │ │ │ └── priority/ │ │ │ ├── BUILD │ │ │ ├── previous_priorities/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── previous_priorities.cc │ │ │ │ └── previous_priorities.h │ │ │ └── well_known_names.h │ │ ├── stat_sinks/ │ │ │ ├── BUILD │ │ │ ├── common/ │ │ │ │ └── statsd/ │ │ │ │ ├── BUILD │ │ │ │ ├── statsd.cc │ │ │ │ └── statsd.h │ │ │ ├── dog_statsd/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── hystrix/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── hystrix.cc │ │ │ │ └── hystrix.h │ │ │ ├── metrics_service/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── grpc_metrics_proto_descriptors.cc │ │ │ │ ├── grpc_metrics_proto_descriptors.h │ │ │ │ ├── grpc_metrics_service_impl.cc │ │ │ │ └── grpc_metrics_service_impl.h │ │ │ ├── statsd/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── wasm/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ └── wasm_stat_sink_impl.h │ │ │ └── well_known_names.h │ │ ├── tracers/ │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ ├── factory_base.h │ │ │ │ └── ot/ │ │ │ │ ├── BUILD │ │ │ │ ├── opentracing_driver_impl.cc │ │ │ │ └── opentracing_driver_impl.h │ │ │ ├── datadog/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── datadog_tracer_impl.cc │ │ │ │ └── datadog_tracer_impl.h │ │ │ ├── dynamic_ot/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── dynamic_opentracing_driver_impl.cc │ │ │ │ └── dynamic_opentracing_driver_impl.h │ │ │ ├── lightstep/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── lightstep_tracer_impl.cc │ │ │ │ └── lightstep_tracer_impl.h │ │ │ ├── opencensus/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── opencensus_tracer_impl.cc │ │ │ │ └── opencensus_tracer_impl.h │ │ │ ├── xray/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── daemon.proto │ │ │ │ ├── daemon_broker.cc │ │ │ │ ├── daemon_broker.h │ │ │ │ ├── localized_sampling.cc │ │ │ │ ├── localized_sampling.h │ │ │ │ ├── reservoir.h │ │ │ │ ├── sampling_strategy.h │ │ │ │ ├── tracer.cc │ │ │ │ ├── tracer.h │ │ │ │ ├── util.cc │ │ │ │ ├── util.h │ │ │ │ ├── xray_configuration.h │ │ │ │ ├── xray_tracer_impl.cc │ │ │ │ └── xray_tracer_impl.h │ │ │ └── zipkin/ │ │ │ ├── BUILD │ │ │ ├── config.cc │ │ │ ├── config.h │ │ │ ├── span_buffer.cc │ │ │ ├── span_buffer.h │ │ │ ├── span_context.cc │ │ │ ├── span_context.h │ │ │ ├── span_context_extractor.cc │ │ │ ├── span_context_extractor.h │ │ │ ├── tracer.cc │ │ │ ├── tracer.h │ │ │ ├── tracer_interface.h │ │ │ ├── util.cc │ │ │ ├── util.h │ │ │ ├── zipkin_core_constants.h │ │ │ ├── zipkin_core_types.cc │ │ │ ├── zipkin_core_types.h │ │ │ ├── zipkin_json_field_names.h │ │ │ ├── zipkin_tracer_impl.cc │ │ │ └── zipkin_tracer_impl.h │ │ ├── transport_sockets/ │ │ │ ├── BUILD │ │ │ ├── alts/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── grpc_tsi.h │ │ │ │ ├── noop_transport_socket_callbacks.h │ │ │ │ ├── tsi_frame_protector.cc │ │ │ │ ├── tsi_frame_protector.h │ │ │ │ ├── tsi_handshaker.cc │ │ │ │ ├── tsi_handshaker.h │ │ │ │ ├── tsi_socket.cc │ │ │ │ └── tsi_socket.h │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ ├── passthrough.cc │ │ │ │ └── passthrough.h │ │ │ ├── proxy_protocol/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── proxy_protocol.cc │ │ │ │ └── proxy_protocol.h │ │ │ ├── raw_buffer/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── tap/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── tap.cc │ │ │ │ ├── tap.h │ │ │ │ ├── tap_config.h │ │ │ │ ├── tap_config_impl.cc │ │ │ │ └── tap_config_impl.h │ │ │ ├── tls/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── context_config_impl.cc │ │ │ │ ├── context_config_impl.h │ │ │ │ ├── context_impl.cc │ │ │ │ ├── context_impl.h │ │ │ │ ├── context_manager_impl.cc │ │ │ │ ├── context_manager_impl.h │ │ │ │ ├── io_handle_bio.cc │ │ │ │ ├── io_handle_bio.h │ │ │ │ ├── ocsp/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── asn1_utility.cc │ │ │ │ │ ├── asn1_utility.h │ │ │ │ │ ├── ocsp.cc │ │ │ │ │ └── ocsp.h │ │ │ │ ├── private_key/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── private_key_manager_impl.cc │ │ │ │ │ └── private_key_manager_impl.h │ │ │ │ ├── ssl_handshaker.cc │ │ │ │ ├── ssl_handshaker.h │ │ │ │ ├── ssl_socket.cc │ │ │ │ ├── ssl_socket.h │ │ │ │ ├── utility.cc │ │ │ │ └── utility.h │ │ │ └── well_known_names.h │ │ ├── upstreams/ │ │ │ └── http/ │ │ │ ├── generic/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ └── config.h │ │ │ ├── http/ │ │ │ │ ├── BUILD │ │ │ │ ├── config.cc │ │ │ │ ├── config.h │ │ │ │ ├── upstream_request.cc │ │ │ │ └── upstream_request.h │ │ │ └── tcp/ │ │ │ ├── BUILD │ │ │ ├── config.cc │ │ │ ├── config.h │ │ │ ├── upstream_request.cc │ │ │ └── upstream_request.h │ │ └── watchdog/ │ │ ├── abort_action/ │ │ │ ├── BUILD │ │ │ ├── abort_action.cc │ │ │ ├── abort_action.h │ │ │ ├── config.cc │ │ │ └── config.h │ │ └── profile_action/ │ │ ├── BUILD │ │ ├── config.cc │ │ ├── config.h │ │ ├── profile_action.cc │ │ └── profile_action.h │ └── server/ │ ├── BUILD │ ├── active_raw_udp_listener_config.cc │ ├── active_raw_udp_listener_config.h │ ├── admin/ │ │ ├── BUILD │ │ ├── admin.cc │ │ ├── admin.h │ │ ├── admin_filter.cc │ │ ├── admin_filter.h │ │ ├── clusters_handler.cc │ │ ├── clusters_handler.h │ │ ├── config_dump_handler.cc │ │ ├── config_dump_handler.h │ │ ├── config_tracker_impl.cc │ │ ├── config_tracker_impl.h │ │ ├── handler_ctx.h │ │ ├── init_dump_handler.cc │ │ ├── init_dump_handler.h │ │ ├── listeners_handler.cc │ │ ├── listeners_handler.h │ │ ├── logs_handler.cc │ │ ├── logs_handler.h │ │ ├── profiling_handler.cc │ │ ├── profiling_handler.h │ │ ├── prometheus_stats.cc │ │ ├── prometheus_stats.h │ │ ├── runtime_handler.cc │ │ ├── runtime_handler.h │ │ ├── server_cmd_handler.cc │ │ ├── server_cmd_handler.h │ │ ├── server_info_handler.cc │ │ ├── server_info_handler.h │ │ ├── stats_handler.cc │ │ ├── stats_handler.h │ │ ├── utils.cc │ │ └── utils.h │ ├── api_listener_impl.cc │ ├── api_listener_impl.h │ ├── backtrace.cc │ ├── backtrace.h │ ├── config_validation/ │ │ ├── BUILD │ │ ├── admin.cc │ │ ├── admin.h │ │ ├── api.cc │ │ ├── api.h │ │ ├── async_client.cc │ │ ├── async_client.h │ │ ├── cluster_manager.cc │ │ ├── cluster_manager.h │ │ ├── connection.h │ │ ├── dispatcher.cc │ │ ├── dispatcher.h │ │ ├── dns.cc │ │ ├── dns.h │ │ ├── server.cc │ │ └── server.h │ ├── configuration_impl.cc │ ├── configuration_impl.h │ ├── connection_handler_impl.cc │ ├── connection_handler_impl.h │ ├── drain_manager_impl.cc │ ├── drain_manager_impl.h │ ├── filter_chain_factory_context_callback.h │ ├── filter_chain_manager_impl.cc │ ├── filter_chain_manager_impl.h │ ├── guarddog_impl.cc │ ├── guarddog_impl.h │ ├── hot_restart.proto │ ├── hot_restart_impl.cc │ ├── hot_restart_impl.h │ ├── hot_restart_nop_impl.h │ ├── hot_restarting_base.cc │ ├── hot_restarting_base.h │ ├── hot_restarting_child.cc │ ├── hot_restarting_child.h │ ├── hot_restarting_parent.cc │ ├── hot_restarting_parent.h │ ├── lds_api.cc │ ├── lds_api.h │ ├── listener_hooks.h │ ├── listener_impl.cc │ ├── listener_impl.h │ ├── listener_manager_impl.cc │ ├── listener_manager_impl.h │ ├── options_impl.cc │ ├── options_impl.h │ ├── options_impl_platform.h │ ├── options_impl_platform_default.cc │ ├── options_impl_platform_linux.cc │ ├── options_impl_platform_linux.h │ ├── overload_manager_impl.cc │ ├── overload_manager_impl.h │ ├── process_context_impl.h │ ├── proto_descriptors.cc │ ├── proto_descriptors.h │ ├── resource_monitor_config_impl.h │ ├── server.cc │ ├── server.h │ ├── ssl_context_manager.cc │ ├── ssl_context_manager.h │ ├── transport_socket_config_impl.h │ ├── watchdog_impl.cc │ ├── watchdog_impl.h │ ├── well_known_names.h │ ├── worker_impl.cc │ └── worker_impl.h ├── support/ │ ├── README.md │ ├── bootstrap │ └── hooks/ │ ├── pre-push │ └── prepare-commit-msg ├── test/ │ ├── BUILD │ ├── README.md │ ├── benchmark/ │ │ ├── BUILD │ │ ├── main.cc │ │ └── main.h │ ├── common/ │ │ ├── access_log/ │ │ │ ├── BUILD │ │ │ ├── access_log_impl_test.cc │ │ │ └── access_log_manager_impl_test.cc │ │ ├── buffer/ │ │ │ ├── BUILD │ │ │ ├── buffer_corpus/ │ │ │ │ ├── basic │ │ │ │ ├── case │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5080353465696256 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5644734729551872 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5654939127250944 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5664992304562176 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5668091688648704 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5669274699431936 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5716850116132864 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5744501719564288 │ │ │ │ ├── clusterfuzz-testcase-minimized-buffer_fuzz_test-5760708737761280 │ │ │ │ ├── clusterfuzz-testcase-minimized-new_buffer_fuzz_test-5714377684025344 │ │ │ │ ├── crash-d60939b6186fa6186e0b574ac67aa6df8f1081cd │ │ │ │ └── crash-ed103900aec1285149aafc05102a541d9ec51363 │ │ │ ├── buffer_fuzz.cc │ │ │ ├── buffer_fuzz.h │ │ │ ├── buffer_fuzz.proto │ │ │ ├── buffer_fuzz_test.cc │ │ │ ├── buffer_speed_test.cc │ │ │ ├── buffer_test.cc │ │ │ ├── owned_impl_test.cc │ │ │ ├── utility.h │ │ │ ├── watermark_buffer_test.cc │ │ │ └── zero_copy_input_stream_test.cc │ │ ├── common/ │ │ │ ├── BUILD │ │ │ ├── assert_test.cc │ │ │ ├── backoff_strategy_test.cc │ │ │ ├── base64_corpus/ │ │ │ │ └── singleton │ │ │ ├── base64_fuzz_test.cc │ │ │ ├── base64_test.cc │ │ │ ├── basic_resource_impl_test.cc │ │ │ ├── callback_impl_test.cc │ │ │ ├── cleanup_test.cc │ │ │ ├── fmt_test.cc │ │ │ ├── hash_corpus/ │ │ │ │ └── example │ │ │ ├── hash_fuzz_test.cc │ │ │ ├── hash_test.cc │ │ │ ├── hex_test.cc │ │ │ ├── linked_object_test.cc │ │ │ ├── lock_guard_test.cc │ │ │ ├── log_macros_test.cc │ │ │ ├── logger_corpus/ │ │ │ │ └── test │ │ │ ├── logger_fuzz_test.cc │ │ │ ├── logger_speed_test.cc │ │ │ ├── logger_test.cc │ │ │ ├── matchers_test.cc │ │ │ ├── mem_block_builder_test.cc │ │ │ ├── mutex_tracer_test.cc │ │ │ ├── perf_annotation_disabled_test.cc │ │ │ ├── perf_annotation_test.cc │ │ │ ├── phantom_test.cc │ │ │ ├── random_generator_test.cc │ │ │ ├── regex_test.cc │ │ │ ├── statusor_test.cc │ │ │ ├── stl_helpers_test.cc │ │ │ ├── thread_id_test.cc │ │ │ ├── thread_test.cc │ │ │ ├── token_bucket_impl_test.cc │ │ │ ├── utility_corpus/ │ │ │ │ └── test │ │ │ ├── utility_fuzz_test.cc │ │ │ ├── utility_speed_test.cc │ │ │ ├── utility_test.cc │ │ │ └── version_test.cc │ │ ├── config/ │ │ │ ├── BUILD │ │ │ ├── api_shadow_test.cc │ │ │ ├── api_type_oracle_test.cc │ │ │ ├── config_provider_impl_test.cc │ │ │ ├── datasource_test.cc │ │ │ ├── decoded_resource_impl_test.cc │ │ │ ├── delta_subscription_impl_test.cc │ │ │ ├── delta_subscription_state_test.cc │ │ │ ├── delta_subscription_test_harness.h │ │ │ ├── dummy_config.proto │ │ │ ├── filesystem_subscription_impl_test.cc │ │ │ ├── filesystem_subscription_test_harness.h │ │ │ ├── grpc_mux_impl_test.cc │ │ │ ├── grpc_stream_test.cc │ │ │ ├── grpc_subscription_impl_test.cc │ │ │ ├── grpc_subscription_test_harness.h │ │ │ ├── http_subscription_impl_test.cc │ │ │ ├── http_subscription_test_harness.h │ │ │ ├── metadata_test.cc │ │ │ ├── new_grpc_mux_impl_test.cc │ │ │ ├── opaque_resource_decoder_impl_test.cc │ │ │ ├── pausable_ack_queue_test.cc │ │ │ ├── registry_test.cc │ │ │ ├── runtime_utility_test.cc │ │ │ ├── subscription_factory_impl_test.cc │ │ │ ├── subscription_impl_test.cc │ │ │ ├── subscription_test_harness.h │ │ │ ├── type_to_endpoint_test.cc │ │ │ ├── udpa_context_params_test.cc │ │ │ ├── udpa_resource_test.cc │ │ │ ├── udpa_test_utility.h │ │ │ ├── utility_test.cc │ │ │ ├── version_converter.proto │ │ │ ├── version_converter_test.cc │ │ │ └── watch_map_test.cc │ │ ├── conn_pool/ │ │ │ ├── BUILD │ │ │ └── conn_pool_base_test.cc │ │ ├── crypto/ │ │ │ ├── BUILD │ │ │ ├── get_sha_256_digest_corpus/ │ │ │ │ ├── 35d26780ea66d4ffb726bbafaa9302687bda7624 │ │ │ │ ├── 58030c65410d7553b1804eb7ed64bdff1188f145 │ │ │ │ ├── 9c8bd40d34a88522d71d184c462af82e3148c02d │ │ │ │ └── e7af10a10f2540b1d1d497df2926786640285b1c │ │ │ ├── get_sha_256_digest_fuzz_test.cc │ │ │ ├── utility_test.cc │ │ │ ├── verify_signature_corpus/ │ │ │ │ ├── test_contains_sha1_wrong │ │ │ │ └── test_contains_sha256_correct │ │ │ ├── verify_signature_fuzz.proto │ │ │ ├── verify_signature_fuzz_test.cc │ │ │ └── verify_signature_fuzz_test.dict │ │ ├── event/ │ │ │ ├── BUILD │ │ │ ├── dispatcher_impl_test.cc │ │ │ ├── file_event_impl_test.cc │ │ │ └── scaled_range_timer_manager_test.cc │ │ ├── filesystem/ │ │ │ ├── BUILD │ │ │ ├── directory_test.cc │ │ │ ├── filesystem_impl_test.cc │ │ │ └── watcher_impl_test.cc │ │ ├── filter/ │ │ │ └── http/ │ │ │ ├── BUILD │ │ │ └── filter_config_discovery_impl_test.cc │ │ ├── formatter/ │ │ │ ├── BUILD │ │ │ ├── substitution_format_string_test.cc │ │ │ ├── substitution_formatter_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-4673648219652096 │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5630958620901376 │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5633770020929536 │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5645869313687552 │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5701824317751296 │ │ │ │ ├── clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5758486359572480 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-5633924724424704.fuzz │ │ │ │ ├── dynamic_metadata │ │ │ │ ├── empty │ │ │ │ ├── headers │ │ │ │ ├── invalid_0 │ │ │ │ ├── invalid_1 │ │ │ │ ├── invalid_10 │ │ │ │ ├── invalid_11 │ │ │ │ ├── invalid_12 │ │ │ │ ├── invalid_13 │ │ │ │ ├── invalid_14 │ │ │ │ ├── invalid_15 │ │ │ │ ├── invalid_16 │ │ │ │ ├── invalid_17 │ │ │ │ ├── invalid_18 │ │ │ │ ├── invalid_19 │ │ │ │ ├── invalid_2 │ │ │ │ ├── invalid_3 │ │ │ │ ├── invalid_4 │ │ │ │ ├── invalid_5 │ │ │ │ ├── invalid_6 │ │ │ │ ├── invalid_7 │ │ │ │ ├── invalid_8 │ │ │ │ ├── invalid_9 │ │ │ │ ├── plain_string │ │ │ │ ├── response_code │ │ │ │ ├── start_time_0 │ │ │ │ ├── start_time_1 │ │ │ │ ├── start_time_2 │ │ │ │ ├── start_time_3 │ │ │ │ └── upstream_local_address │ │ │ ├── substitution_formatter_fuzz.proto │ │ │ ├── substitution_formatter_fuzz_test.cc │ │ │ ├── substitution_formatter_fuzz_test.dict │ │ │ ├── substitution_formatter_speed_test.cc │ │ │ └── substitution_formatter_test.cc │ │ ├── grpc/ │ │ │ ├── BUILD │ │ │ ├── async_client_impl_test.cc │ │ │ ├── async_client_manager_impl_test.cc │ │ │ ├── codec_corpus/ │ │ │ │ └── empty │ │ │ ├── codec_fuzz_test.cc │ │ │ ├── codec_test.cc │ │ │ ├── common_test.cc │ │ │ ├── context_impl_test.cc │ │ │ ├── google_async_client_impl_test.cc │ │ │ ├── google_grpc_creds_test.cc │ │ │ ├── google_grpc_utils_test.cc │ │ │ ├── grpc_client_integration.h │ │ │ ├── grpc_client_integration_test.cc │ │ │ ├── grpc_client_integration_test_harness.h │ │ │ ├── service_key.json │ │ │ └── utility.h │ │ ├── html/ │ │ │ ├── BUILD │ │ │ └── utility_test.cc │ │ ├── http/ │ │ │ ├── BUILD │ │ │ ├── async_client_impl_test.cc │ │ │ ├── async_client_utility_test.cc │ │ │ ├── codec_client_test.cc │ │ │ ├── codec_impl_corpus/ │ │ │ │ ├── 100-continue │ │ │ │ ├── absolute_url_bad │ │ │ │ ├── absolute_url_disallow │ │ │ │ ├── absolute_url_ok │ │ │ │ ├── chunked │ │ │ │ ├── clusterfuzz-testcase-codec_impl_fuzz_test-5687788200001536 │ │ │ │ ├── clusterfuzz-testcase-codec_impl_fuzz_test-5692024096817152 │ │ │ │ ├── clusterfuzz-testcase-codec_impl_fuzz_test-5723814130876416 │ │ │ │ ├── clusterfuzz-testcase-codec_impl_fuzz_test-5750359880892416 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5102523695497216 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5107763548520448 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5629973466710016 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5635096546639872 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5635865126895616 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5650111579815936 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5657409819770880 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5658640424370176 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5693519941861376 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5698895985508352 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5699757025263616 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5720162173452288 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5722972495544320 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5726642969772032 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5728207897624576 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5731902089592832 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5748356020699136 │ │ │ │ ├── clusterfuzz-testcase-minimized-codec_impl_fuzz_test-6299606751641600 │ │ │ │ ├── connect │ │ │ │ ├── empty │ │ │ │ ├── example │ │ │ │ ├── goaway │ │ │ │ ├── h1_dispatch_after_reset │ │ │ │ ├── head │ │ │ │ ├── http_10 │ │ │ │ ├── metadata │ │ │ │ ├── metadata_corrupt │ │ │ │ ├── metadata_dispatch │ │ │ │ ├── method_connect │ │ │ │ ├── multi_stream │ │ │ │ ├── protocol_exception │ │ │ │ ├── read_disable │ │ │ │ ├── reset_stream │ │ │ │ ├── response_204_A │ │ │ │ ├── response_204_B │ │ │ │ ├── simple_stream │ │ │ │ ├── swap_buffer │ │ │ │ └── upgrade │ │ │ ├── codec_impl_fuzz.proto │ │ │ ├── codec_impl_fuzz_test.cc │ │ │ ├── codec_wrappers_test.cc │ │ │ ├── codes_speed_test.cc │ │ │ ├── codes_test.cc │ │ │ ├── common.cc │ │ │ ├── common.h │ │ │ ├── conn_manager_impl_common.h │ │ │ ├── conn_manager_impl_corpus/ │ │ │ │ ├── clusterfuzz-testcase-continueandendstream-endstream │ │ │ │ ├── clusterfuzz-testcase-failed-dispatch │ │ │ │ ├── clusterfuzz-testcase-invalidhost │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5638706466652160 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5669833168912384 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5674283828772864 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5679723404328960 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5687458439102464 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5701624673861632 │ │ │ │ ├── clusterfuzz-testcase-minimized-conn_manager_impl_fuzz_test-5714279517126656 │ │ │ │ ├── codec_exception │ │ │ │ ├── empty │ │ │ │ ├── example │ │ │ │ ├── invalid_host │ │ │ │ ├── missing_host │ │ │ │ ├── regression_test_reuse_codec │ │ │ │ ├── state_local_complete │ │ │ │ ├── status_163 │ │ │ │ └── upgrade_test_case │ │ │ ├── conn_manager_impl_fuzz.proto │ │ │ ├── conn_manager_impl_fuzz_test.cc │ │ │ ├── conn_manager_impl_test.cc │ │ │ ├── conn_manager_impl_test_2.cc │ │ │ ├── conn_manager_impl_test_base.cc │ │ │ ├── conn_manager_impl_test_base.h │ │ │ ├── conn_manager_utility_test.cc │ │ │ ├── date_provider_impl_test.cc │ │ │ ├── filter_manager_test.cc │ │ │ ├── header_map_impl_corpus/ │ │ │ │ ├── appendheader │ │ │ │ ├── clusterfuzz-testcase-header_map_impl_fuzz_test-5633882138869760-prefix │ │ │ │ ├── clusterfuzz-testcase-minimized-header_map_impl_fuzz_test-5182326490791936 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_map_impl_fuzz_test-5689833624698880 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_map_impl_fuzz_test-6363647045533696 │ │ │ │ ├── crash-5fb09ca426eb21db14151b94fd74d418b49042e4 │ │ │ │ ├── empty │ │ │ │ ├── example │ │ │ │ └── example_lazymap │ │ │ ├── header_map_impl_fuzz.proto │ │ │ ├── header_map_impl_fuzz_test.cc │ │ │ ├── header_map_impl_speed_test.cc │ │ │ ├── header_map_impl_test.cc │ │ │ ├── header_utility_test.cc │ │ │ ├── http1/ │ │ │ │ ├── BUILD │ │ │ │ ├── codec_impl_test.cc │ │ │ │ ├── conn_pool_test.cc │ │ │ │ └── header_formatter_test.cc │ │ │ ├── http2/ │ │ │ │ ├── BUILD │ │ │ │ ├── codec_impl_test.cc │ │ │ │ ├── codec_impl_test_util.h │ │ │ │ ├── conn_pool_test.cc │ │ │ │ ├── frame_replay.cc │ │ │ │ ├── frame_replay.h │ │ │ │ ├── frame_replay_test.cc │ │ │ │ ├── http2_frame.cc │ │ │ │ ├── http2_frame.h │ │ │ │ ├── http2_frame_test.cc │ │ │ │ ├── metadata_encoder_decoder_test.cc │ │ │ │ ├── protocol_constraints_test.cc │ │ │ │ ├── request_header_corpus/ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-request_header_fuzz_test-4795710559223808.fuzz │ │ │ │ │ ├── crash-da39a3ee5e6b4b0d3255bfef95601890afd80709 │ │ │ │ │ ├── simple_example_huffman │ │ │ │ │ └── simple_example_plain │ │ │ │ ├── request_header_fuzz_test.cc │ │ │ │ ├── response_header_corpus/ │ │ │ │ │ ├── set_details_twice │ │ │ │ │ ├── simple_example_huffman │ │ │ │ │ └── simple_example_plain │ │ │ │ └── response_header_fuzz_test.cc │ │ │ ├── path_utility_corpus/ │ │ │ │ ├── Testcase_1 │ │ │ │ ├── Testcase_2 │ │ │ │ ├── Testcase_3 │ │ │ │ ├── Testcase_4 │ │ │ │ └── clusterfuzz-testcase-minimized-path_utility_fuzz_test-5770162224234496 │ │ │ ├── path_utility_fuzz.proto │ │ │ ├── path_utility_fuzz_test.cc │ │ │ ├── path_utility_test.cc │ │ │ ├── request_id_extension_uuid_impl_test.cc │ │ │ ├── status_test.cc │ │ │ ├── user_agent_test.cc │ │ │ ├── utility_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-utility_fuzz_test-5091558495092736 │ │ │ │ ├── clusterfuzz-testcase-minimized-utility_fuzz_test-5653272551751680 │ │ │ │ ├── clusterfuzz-testcase-utility_fuzz_test-5206456636276736 │ │ │ │ ├── clusterfuzz-testcase-utility_fuzz_test-5735325211557888 │ │ │ │ ├── extract_host_path_from_uri_0 │ │ │ │ ├── extract_host_path_from_uri_1 │ │ │ │ ├── extract_host_path_from_uri_2 │ │ │ │ ├── extract_host_path_from_uri_3 │ │ │ │ ├── extract_host_path_from_uri_4 │ │ │ │ ├── extract_host_path_from_uri_5 │ │ │ │ ├── extract_host_path_from_uri_6 │ │ │ │ ├── find_query_string_0 │ │ │ │ ├── find_query_string_1 │ │ │ │ ├── find_query_string_2 │ │ │ │ ├── find_query_string_3 │ │ │ │ ├── get_last_address_from_xff_0 │ │ │ │ ├── get_last_address_from_xff_1 │ │ │ │ ├── get_last_address_from_xff_2 │ │ │ │ ├── get_last_address_from_xff_3 │ │ │ │ ├── get_last_address_from_xff_4 │ │ │ │ ├── get_last_address_from_xff_5 │ │ │ │ ├── has_set_cookie_0 │ │ │ │ ├── has_set_cookie_1 │ │ │ │ ├── has_set_cookie_2 │ │ │ │ ├── has_set_cookie_3 │ │ │ │ ├── has_set_cookie_4 │ │ │ │ ├── make_set_cookie_value_0 │ │ │ │ ├── make_set_cookie_value_1 │ │ │ │ ├── make_set_cookie_value_2 │ │ │ │ ├── make_set_cookie_value_3 │ │ │ │ ├── parse_authority_string_0 │ │ │ │ ├── parse_authority_string_1 │ │ │ │ ├── parse_authority_string_2 │ │ │ │ ├── parse_authority_string_3 │ │ │ │ ├── parse_authority_string_4 │ │ │ │ ├── parse_cookie_value_0 │ │ │ │ ├── parse_cookie_value_1 │ │ │ │ ├── parse_cookie_value_2 │ │ │ │ ├── parse_cookie_value_3 │ │ │ │ ├── parse_cookie_value_4 │ │ │ │ ├── parse_cookie_value_5 │ │ │ │ ├── parse_cookie_value_6 │ │ │ │ ├── parse_cookie_value_7 │ │ │ │ ├── parse_cookie_value_8 │ │ │ │ ├── parse_parameters_0 │ │ │ │ ├── parse_parameters_1 │ │ │ │ ├── parse_parameters_2 │ │ │ │ ├── parse_parameters_3 │ │ │ │ ├── parse_query_string_0 │ │ │ │ ├── parse_query_string_1 │ │ │ │ ├── parse_query_string_2 │ │ │ │ ├── parse_query_string_3 │ │ │ │ ├── parse_query_string_4 │ │ │ │ ├── parse_query_string_5 │ │ │ │ ├── parse_query_string_6 │ │ │ │ ├── parse_query_string_7 │ │ │ │ ├── percent_decoding_string_0 │ │ │ │ ├── percent_decoding_string_1 │ │ │ │ ├── percent_decoding_string_2 │ │ │ │ ├── percent_encoding_string_0 │ │ │ │ ├── percent_encoding_string_1 │ │ │ │ ├── percent_encoding_string_2 │ │ │ │ └── valid │ │ │ ├── utility_fuzz.proto │ │ │ ├── utility_fuzz_test.cc │ │ │ └── utility_test.cc │ │ ├── init/ │ │ │ ├── BUILD │ │ │ ├── manager_impl_test.cc │ │ │ ├── target_impl_test.cc │ │ │ └── watcher_impl_test.cc │ │ ├── json/ │ │ │ ├── BUILD │ │ │ ├── config_schemas_test_data/ │ │ │ │ ├── BUILD │ │ │ │ ├── README.md │ │ │ │ ├── generate_test_data.py │ │ │ │ ├── test_access_log_schema.py │ │ │ │ ├── test_cluster_schema.py │ │ │ │ ├── test_http_conn_network_filter_schema.py │ │ │ │ ├── test_http_router_schema.py │ │ │ │ ├── test_listener_schema.py │ │ │ │ ├── test_route_configuration_schema.py │ │ │ │ ├── test_route_entry_schema.py │ │ │ │ ├── test_top_level_config_schema.py │ │ │ │ └── util.py │ │ │ ├── json_corpus/ │ │ │ │ ├── basic_descriptors.json │ │ │ │ ├── basic_double.json │ │ │ │ ├── basic_double_null.json │ │ │ │ ├── basic_empty.json │ │ │ │ ├── basic_empty_braces.json │ │ │ │ ├── basic_empty_inner.json │ │ │ │ ├── basic_failure.json │ │ │ │ ├── basic_hello_bool.json │ │ │ │ ├── basic_hello_int.json │ │ │ │ ├── basic_nested_int_list.json │ │ │ │ ├── basic_unterminated.json │ │ │ │ ├── clusterfuzz-testcase-minimized-json_fuzz_test-5724109283786752 │ │ │ │ ├── deep_recursion.json │ │ │ │ ├── double_some_values.json │ │ │ │ ├── int_max_min.json │ │ │ │ ├── int_too_high.json │ │ │ │ ├── int_too_low.json │ │ │ │ ├── missing_enclosing_document.json │ │ │ │ └── some_complex_example.json │ │ │ ├── json_fuzz_test.cc │ │ │ └── json_loader_test.cc │ │ ├── local_reply/ │ │ │ ├── BUILD │ │ │ └── local_reply_test.cc │ │ ├── memory/ │ │ │ ├── BUILD │ │ │ ├── debug_test.cc │ │ │ └── heap_shrinker_test.cc │ │ ├── network/ │ │ │ ├── BUILD │ │ │ ├── addr_family_aware_socket_option_impl_test.cc │ │ │ ├── address_impl_speed_test.cc │ │ │ ├── address_impl_test.cc │ │ │ ├── apple_dns_impl_test.cc │ │ │ ├── cidr_range_test.cc │ │ │ ├── connection_impl_test.cc │ │ │ ├── dns_impl_test.cc │ │ │ ├── filter_manager_impl_test.cc │ │ │ ├── filter_matcher_test.cc │ │ │ ├── io_socket_handle_impl_test.cc │ │ │ ├── lc_trie_speed_test.cc │ │ │ ├── lc_trie_test.cc │ │ │ ├── listen_socket_impl_test.cc │ │ │ ├── listener_impl_test.cc │ │ │ ├── listener_impl_test_base.h │ │ │ ├── resolver_impl_test.cc │ │ │ ├── socket_option_factory_test.cc │ │ │ ├── socket_option_impl_test.cc │ │ │ ├── socket_option_test.h │ │ │ ├── transport_socket_options_impl_test.cc │ │ │ ├── udp_listener_impl_batch_writer_test.cc │ │ │ ├── udp_listener_impl_test.cc │ │ │ ├── udp_listener_impl_test_base.h │ │ │ ├── utility_corpus/ │ │ │ │ └── test │ │ │ ├── utility_fuzz_test.cc │ │ │ └── utility_test.cc │ │ ├── protobuf/ │ │ │ ├── BUILD │ │ │ ├── message_validator_impl_test.cc │ │ │ ├── type_util_test.cc │ │ │ ├── utility_test.cc │ │ │ ├── value_util_corpus/ │ │ │ │ ├── empty │ │ │ │ ├── string_value │ │ │ │ └── struct_value │ │ │ └── value_util_fuzz_test.cc │ │ ├── router/ │ │ │ ├── BUILD │ │ │ ├── config_impl_headermap_benchmark_test.cc │ │ │ ├── config_impl_speed_test.cc │ │ │ ├── config_impl_test.cc │ │ │ ├── corpus_from_config_impl.sh │ │ │ ├── header_formatter_test.cc │ │ │ ├── header_parser_corpus/ │ │ │ │ ├── address_0 │ │ │ │ ├── address_1 │ │ │ │ ├── address_2 │ │ │ │ ├── address_3 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-5107723602493440 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-5163306626580480 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-5648325682921472 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-5702537941876736 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-5710655463620608 │ │ │ │ ├── clusterfuzz-testcase-header_parser_fuzz_test-6195059702628352 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-4709439954485248 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-5191408676241408 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-5201773654704128 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-5630125928873984 │ │ │ │ ├── clusterfuzz-testcase-minimized-header_parser_fuzz_test-5647641023610880 │ │ │ │ ├── compound_headers │ │ │ │ ├── crash-af52fc744a3a7d7c9fe632ca457830ca323023bd │ │ │ │ ├── foo │ │ │ │ ├── invalid_0 │ │ │ │ ├── invalid_1 │ │ │ │ ├── invalid_10 │ │ │ │ ├── invalid_11 │ │ │ │ ├── invalid_2 │ │ │ │ ├── invalid_3 │ │ │ │ ├── invalid_4 │ │ │ │ ├── invalid_5 │ │ │ │ ├── invalid_6 │ │ │ │ ├── invalid_7 │ │ │ │ ├── invalid_8 │ │ │ │ ├── invalid_9 │ │ │ │ ├── protocol │ │ │ │ ├── start_time │ │ │ │ ├── timeout_test_case │ │ │ │ ├── upstream_metadata_0 │ │ │ │ ├── upstream_metadata_1 │ │ │ │ └── valid │ │ │ ├── header_parser_fuzz.proto │ │ │ ├── header_parser_fuzz_test.cc │ │ │ ├── rds_impl_test.cc │ │ │ ├── reset_header_parser_test.cc │ │ │ ├── retry_state_impl_test.cc │ │ │ ├── route_corpus/ │ │ │ │ ├── Response_headers_to_remove │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-4592245302362112 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-4701452596674560.fuzz │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-4803620674732032.fuzz │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5074413991231488.fuzz │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5077190058704896 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5118898564497408.fuzz │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5142800207708160 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5198208916520960 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5206842068697088 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5634743613259776 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5635252339343360 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5650952886943744 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5654717359718400 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5661762636742656 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5699465522970624 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5731276071370752 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5748492233605120 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-5750746072481792 │ │ │ │ ├── clusterfuzz-testcase-minimized-route_fuzz_test-6249350586171392 │ │ │ │ ├── clusterfuzz-testcase-route_fuzz_test-5084150522707968.fuzz │ │ │ │ ├── clusterfuzz-testcase-route_fuzz_test-5088096376324096 │ │ │ │ ├── clusterfuzz-testcase-route_fuzz_test-5137346677178368 │ │ │ │ ├── clusterfuzz-testcase-route_fuzz_test-5647162250625024 │ │ │ │ ├── clusterfuzz-testcase-route_fuzz_test-5671270751141888 │ │ │ │ ├── config_impl_test_0 │ │ │ │ ├── empty │ │ │ │ ├── internal_redirect_nullderef │ │ │ │ ├── regex │ │ │ │ └── valid_headers_to_remove │ │ │ ├── route_fuzz.proto │ │ │ ├── route_fuzz_test.cc │ │ │ ├── router_fuzz.proto │ │ │ ├── router_ratelimit_test.cc │ │ │ ├── router_test.cc │ │ │ ├── router_upstream_log_test.cc │ │ │ ├── scoped_config_impl_test.cc │ │ │ ├── scoped_rds_test.cc │ │ │ ├── shadow_writer_impl_test.cc │ │ │ ├── string_accessor_impl_test.cc │ │ │ ├── upstream_request_test.cc │ │ │ └── vhds_test.cc │ │ ├── runtime/ │ │ │ ├── BUILD │ │ │ ├── filesystem_setup.sh │ │ │ ├── runtime_flag_override_noop_test.cc │ │ │ ├── runtime_flag_override_test.cc │ │ │ ├── runtime_impl_test.cc │ │ │ ├── runtime_protos_test.cc │ │ │ ├── test_data/ │ │ │ │ └── root/ │ │ │ │ ├── envoy/ │ │ │ │ │ ├── file1 │ │ │ │ │ ├── file10 │ │ │ │ │ ├── file11 │ │ │ │ │ ├── file12 │ │ │ │ │ ├── file13 │ │ │ │ │ ├── file14 │ │ │ │ │ ├── file15 │ │ │ │ │ ├── file2 │ │ │ │ │ ├── file3 │ │ │ │ │ ├── file4 │ │ │ │ │ ├── file5 │ │ │ │ │ ├── file6 │ │ │ │ │ ├── file7 │ │ │ │ │ ├── file8 │ │ │ │ │ ├── file9 │ │ │ │ │ ├── file_with_double │ │ │ │ │ ├── file_with_double_comment │ │ │ │ │ ├── file_with_double_newlines │ │ │ │ │ ├── file_with_large_integer │ │ │ │ │ ├── file_with_negative_double │ │ │ │ │ ├── file_with_words │ │ │ │ │ └── subdir/ │ │ │ │ │ └── file │ │ │ │ └── envoy_override/ │ │ │ │ └── file1 │ │ │ └── utility.h │ │ ├── secret/ │ │ │ ├── BUILD │ │ │ ├── sds_api_test.cc │ │ │ └── secret_manager_impl_test.cc │ │ ├── shared_pool/ │ │ │ ├── BUILD │ │ │ └── shared_pool_test.cc │ │ ├── signal/ │ │ │ ├── BUILD │ │ │ └── signals_test.cc │ │ ├── singleton/ │ │ │ ├── BUILD │ │ │ ├── manager_impl_test.cc │ │ │ └── threadsafe_singleton_test.cc │ │ ├── stats/ │ │ │ ├── BUILD │ │ │ ├── allocator_impl_test.cc │ │ │ ├── histogram_impl_test.cc │ │ │ ├── isolated_store_impl_test.cc │ │ │ ├── make_elements_helper.cc │ │ │ ├── make_elements_helper.h │ │ │ ├── metric_impl_test.cc │ │ │ ├── recent_lookups_speed_test.cc │ │ │ ├── recent_lookups_test.cc │ │ │ ├── refcount_ptr_test.cc │ │ │ ├── stat_merger_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-stat_merger_fuzz_test-4800677542100992.fuzz │ │ │ │ ├── example1 │ │ │ │ ├── example2 │ │ │ │ ├── example3 │ │ │ │ ├── example4 │ │ │ │ └── example5 │ │ │ ├── stat_merger_fuzz_test.cc │ │ │ ├── stat_merger_test.cc │ │ │ ├── stat_test_utility.cc │ │ │ ├── stat_test_utility.h │ │ │ ├── stat_test_utility_test.cc │ │ │ ├── stats_matcher_impl_test.cc │ │ │ ├── symbol_table_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-symbol_table_fuzz_test-5645970620809216 │ │ │ │ ├── example1 │ │ │ │ ├── example2 │ │ │ │ ├── example3 │ │ │ │ └── jan_22.fuzz │ │ │ ├── symbol_table_fuzz_test.cc │ │ │ ├── symbol_table_impl_test.cc │ │ │ ├── symbol_table_speed_test.cc │ │ │ ├── tag_extractor_impl_test.cc │ │ │ ├── tag_producer_impl_test.cc │ │ │ ├── thread_local_store_speed_test.cc │ │ │ ├── thread_local_store_test.cc │ │ │ ├── utility_corpus/ │ │ │ │ └── test │ │ │ ├── utility_fuzz_test.cc │ │ │ └── utility_test.cc │ │ ├── stream_info/ │ │ │ ├── BUILD │ │ │ ├── filter_state_impl_test.cc │ │ │ ├── stream_info_impl_test.cc │ │ │ ├── test_int_accessor.h │ │ │ ├── test_util.h │ │ │ ├── uint32_accessor_impl_test.cc │ │ │ └── utility_test.cc │ │ ├── tcp/ │ │ │ ├── BUILD │ │ │ └── conn_pool_test.cc │ │ ├── tcp_proxy/ │ │ │ ├── BUILD │ │ │ ├── tcp_proxy_test.cc │ │ │ └── upstream_test.cc │ │ ├── thread_local/ │ │ │ ├── BUILD │ │ │ └── thread_local_impl_test.cc │ │ ├── tracing/ │ │ │ ├── BUILD │ │ │ ├── http_tracer_impl_test.cc │ │ │ └── http_tracer_manager_impl_test.cc │ │ └── upstream/ │ │ ├── BUILD │ │ ├── bounded_load_hlb_test.cc │ │ ├── cds_api_impl_test.cc │ │ ├── cluster_factory_impl_test.cc │ │ ├── cluster_manager_impl_test.cc │ │ ├── cluster_update_tracker_test.cc │ │ ├── conn_pool_map_impl_test.cc │ │ ├── edf_scheduler_test.cc │ │ ├── eds_speed_test.cc │ │ ├── eds_test.cc │ │ ├── hds_test.cc │ │ ├── health_check_corpus/ │ │ │ ├── clusterfuzz-testcase-minimized-health_check_fuzz_test-5678121129607168 │ │ │ ├── clusterfuzz-testcase-minimized-health_check_fuzz_test-5748071634567168 │ │ │ ├── custom_health_check │ │ │ ├── grpc_Success │ │ │ ├── grpc_SuccessWithAuthority │ │ │ ├── grpc_crash-33da964bf71e02e3324ceee47fbb204532817e61 │ │ │ ├── grpc_crash-50b2ffbcf518e8f078ad8ed1f9801feb89a4d158 │ │ │ ├── grpc_crash-5747b3523c44ce0a228a8d8884ed7aeea2608341 │ │ │ ├── grpc_crash-5d27a3a5fc4fa384c9cbd76f0e7a3d841083396a │ │ │ ├── grpc_crash-d9287189542575619bdf21886dd396334fded9c6 │ │ │ ├── grpc_no-trailers │ │ │ ├── http_ConnectionClose │ │ │ ├── http_Degraded │ │ │ ├── http_Disconnect │ │ │ ├── http_LargeNanos │ │ │ ├── http_RemoteCloseBetweenChecks │ │ │ ├── http_Success │ │ │ ├── http_SuccessStartFailedSuccessFirst │ │ │ ├── http_Timeout │ │ │ ├── http_TimeoutThenRemoteClose │ │ │ ├── http_TimeoutThenSuccess │ │ │ ├── http_ZeroRetryInterval │ │ │ ├── http_crash-daebc8c8bcb985b777d6fa462a265ba5cdd8b06e │ │ │ ├── http_crash-test │ │ │ ├── http_crash_1 │ │ │ ├── http_crash_2 │ │ │ ├── http_crash_3 │ │ │ ├── http_crash_4 │ │ │ ├── http_crash_5 │ │ │ ├── http_out_of_range_status │ │ │ ├── http_test-something │ │ │ ├── tcp-expect_close_test │ │ │ ├── tcp_DataWithoutReusingConnection │ │ │ ├── tcp_Success │ │ │ ├── tcp_Timeout │ │ │ ├── tcp_TimeoutThenRemoteClose │ │ │ ├── tcp_WrongData │ │ │ ├── tcp_crash-3596e4a310a1c131312ba869578be28a86a0439b │ │ │ ├── tcp_crash-449c4bf2d000d6e56b782fdd26a86e20a7f87b4f │ │ │ ├── tcp_crash-e899b54d3e39838939bdde4000acbe8bcc8c37b9 │ │ │ ├── tcp_crash-test │ │ │ ├── tcp_crash-test-1 │ │ │ ├── tcp_crash_test │ │ │ ├── tcp_expect_close_test │ │ │ └── tcp_expect_close_test_2 │ │ ├── health_check_fuzz.cc │ │ ├── health_check_fuzz.h │ │ ├── health_check_fuzz.proto │ │ ├── health_check_fuzz_test.cc │ │ ├── health_checker_impl_test.cc │ │ ├── health_checker_impl_test_utils.cc │ │ ├── health_checker_impl_test_utils.h │ │ ├── host_stats_test.cc │ │ ├── host_utility_test.cc │ │ ├── load_balancer_benchmark.cc │ │ ├── load_balancer_impl_test.cc │ │ ├── load_balancer_simulation_test.cc │ │ ├── load_stats_reporter_test.cc │ │ ├── logical_dns_cluster_test.cc │ │ ├── maglev_lb_test.cc │ │ ├── original_dst_cluster_test.cc │ │ ├── outlier_detection_impl_test.cc │ │ ├── priority_conn_pool_map_impl_test.cc │ │ ├── resource_manager_impl_test.cc │ │ ├── ring_hash_lb_test.cc │ │ ├── subset_lb_test.cc │ │ ├── test_cluster_manager.h │ │ ├── test_data/ │ │ │ ├── sds_response.json │ │ │ ├── sds_response_2.json │ │ │ ├── sds_response_3.json │ │ │ └── sds_response_weight_change.json │ │ ├── transport_socket_matcher_test.cc │ │ ├── upstream_impl_test.cc │ │ └── utility.h │ ├── config/ │ │ ├── BUILD │ │ ├── integration/ │ │ │ ├── BUILD │ │ │ ├── certs/ │ │ │ │ ├── BUILD │ │ │ │ ├── README.md │ │ │ │ ├── cacert.cfg │ │ │ │ ├── cacert.pem │ │ │ │ ├── cakey.pem │ │ │ │ ├── certs.sh │ │ │ │ ├── client_ecdsacert.pem │ │ │ │ ├── client_ecdsacert_hash.h │ │ │ │ ├── client_ecdsakey.pem │ │ │ │ ├── clientcert.cfg │ │ │ │ ├── clientcert.pem │ │ │ │ ├── clientcert_hash.h │ │ │ │ ├── clientkey.pem │ │ │ │ ├── server_ecdsa_ocsp_resp.der │ │ │ │ ├── server_ecdsacert.pem │ │ │ │ ├── server_ecdsacert_hash.h │ │ │ │ ├── server_ecdsakey.pem │ │ │ │ ├── server_ocsp_resp.der │ │ │ │ ├── servercert.cfg │ │ │ │ ├── servercert.pem │ │ │ │ ├── servercert_hash.h │ │ │ │ ├── serverkey.pem │ │ │ │ ├── upstreamcacert.cfg │ │ │ │ ├── upstreamcacert.pem │ │ │ │ ├── upstreamcakey.pem │ │ │ │ ├── upstreamcert.cfg │ │ │ │ ├── upstreamcert.pem │ │ │ │ ├── upstreamcert_hash.h │ │ │ │ ├── upstreamkey.pem │ │ │ │ ├── upstreamlocalhostcert.cfg │ │ │ │ ├── upstreamlocalhostcert.pem │ │ │ │ ├── upstreamlocalhostcert_hash.h │ │ │ │ └── upstreamlocalhostkey.pem │ │ │ ├── google_com_proxy_port_0.v2.yaml │ │ │ ├── server.yaml │ │ │ ├── server_unix_listener.yaml │ │ │ ├── server_xds.bootstrap.udpa.yaml │ │ │ ├── server_xds.bootstrap.yaml │ │ │ ├── server_xds.cds.with_unknown_field.yaml │ │ │ ├── server_xds.cds.yaml │ │ │ ├── server_xds.eds.ads_cluster.yaml │ │ │ ├── server_xds.eds.with_unknown_field.yaml │ │ │ ├── server_xds.eds.yaml │ │ │ ├── server_xds.lds.typed_struct.yaml │ │ │ ├── server_xds.lds.udpa.list_collection.yaml │ │ │ ├── server_xds.lds.with_unknown_field.typed_struct.yaml │ │ │ ├── server_xds.lds.with_unknown_field.yaml │ │ │ ├── server_xds.lds.yaml │ │ │ ├── server_xds.rds.with_unknown_field.yaml │ │ │ └── server_xds.rds.yaml │ │ ├── utility.cc │ │ └── utility.h │ ├── config_test/ │ │ ├── BUILD │ │ ├── config_test.cc │ │ ├── config_test.h │ │ ├── deprecated_configs_test.cc │ │ ├── example_configs_test.cc │ │ └── example_configs_test_setup.sh │ ├── dependencies/ │ │ ├── BUILD │ │ └── curl_test.cc │ ├── dummy_main.cc │ ├── exe/ │ │ ├── BUILD │ │ ├── build_id_test.sh │ │ ├── envoy_static_test.sh │ │ ├── main_common_test.cc │ │ ├── pie_test.sh │ │ ├── terminate_handler_test.cc │ │ └── version_out_test.sh │ ├── extensions/ │ │ ├── BUILD │ │ ├── access_loggers/ │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ └── access_log_base_test.cc │ │ │ ├── file/ │ │ │ │ ├── BUILD │ │ │ │ └── config_test.cc │ │ │ ├── grpc/ │ │ │ │ ├── BUILD │ │ │ │ ├── grpc_access_log_impl_test.cc │ │ │ │ ├── grpc_access_log_utils_test.cc │ │ │ │ ├── http_config_test.cc │ │ │ │ ├── http_grpc_access_log_impl_test.cc │ │ │ │ ├── http_grpc_access_log_integration_test.cc │ │ │ │ └── tcp_grpc_access_log_integration_test.cc │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ └── test_data/ │ │ │ ├── BUILD │ │ │ ├── test_cpp.cc │ │ │ └── test_cpp_null_plugin.cc │ │ ├── bootstrap/ │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ ├── test_data/ │ │ │ │ ├── BUILD │ │ │ │ ├── asm2wasm_cpp.cc │ │ │ │ ├── bad_signature_cpp.cc │ │ │ │ ├── emscripten_cpp.cc │ │ │ │ ├── logging_cpp.cc │ │ │ │ ├── logging_rust/ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ └── src/ │ │ │ │ │ └── lib.rs │ │ │ │ ├── missing_cpp.cc │ │ │ │ ├── segv_cpp.cc │ │ │ │ ├── speed_cpp.cc │ │ │ │ ├── speed_cpp_null_plugin.cc │ │ │ │ ├── start_cpp.cc │ │ │ │ ├── start_cpp_null_plugin.cc │ │ │ │ ├── stats_cpp.cc │ │ │ │ └── stats_cpp_null_plugin.cc │ │ │ ├── wasm_speed_test.cc │ │ │ └── wasm_test.cc │ │ ├── clusters/ │ │ │ ├── aggregate/ │ │ │ │ ├── BUILD │ │ │ │ ├── cluster_integration_test.cc │ │ │ │ ├── cluster_test.cc │ │ │ │ └── cluster_update_test.cc │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ ├── BUILD │ │ │ │ └── cluster_test.cc │ │ │ └── redis/ │ │ │ ├── BUILD │ │ │ ├── crc16_test.cc │ │ │ ├── mocks.cc │ │ │ ├── mocks.h │ │ │ ├── redis_cluster_integration_test.cc │ │ │ ├── redis_cluster_lb_test.cc │ │ │ └── redis_cluster_test.cc │ │ ├── common/ │ │ │ ├── BUILD │ │ │ ├── aws/ │ │ │ │ ├── BUILD │ │ │ │ ├── aws_metadata_fetcher_integration_test.cc │ │ │ │ ├── credentials_provider_impl_test.cc │ │ │ │ ├── credentials_provider_test.cc │ │ │ │ ├── mocks.cc │ │ │ │ ├── mocks.h │ │ │ │ ├── region_provider_impl_test.cc │ │ │ │ ├── signer_impl_test.cc │ │ │ │ └── utility_test.cc │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ ├── BUILD │ │ │ │ ├── dns_cache_impl_test.cc │ │ │ │ ├── dns_cache_resource_manager_test.cc │ │ │ │ ├── mocks.cc │ │ │ │ └── mocks.h │ │ │ ├── matcher/ │ │ │ │ ├── BUILD │ │ │ │ └── matcher_test.cc │ │ │ ├── proxy_protocol/ │ │ │ │ ├── BUILD │ │ │ │ ├── proxy_protocol_header_test.cc │ │ │ │ └── proxy_protocol_regression_test.cc │ │ │ ├── redis/ │ │ │ │ ├── BUILD │ │ │ │ ├── cluster_refresh_manager_test.cc │ │ │ │ ├── mocks.cc │ │ │ │ └── mocks.h │ │ │ ├── sqlutils/ │ │ │ │ ├── BUILD │ │ │ │ └── sqlutils_test.cc │ │ │ ├── tap/ │ │ │ │ ├── BUILD │ │ │ │ ├── admin_test.cc │ │ │ │ ├── common.cc │ │ │ │ ├── common.h │ │ │ │ └── tap_config_base_test.cc │ │ │ ├── utility_test.cc │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── test_data/ │ │ │ │ ├── BUILD │ │ │ │ ├── Makefile │ │ │ │ ├── bad_signature_cpp.cc │ │ │ │ ├── test_context_cpp.cc │ │ │ │ ├── test_context_cpp_null_plugin.cc │ │ │ │ ├── test_cpp.cc │ │ │ │ ├── test_cpp_null_plugin.cc │ │ │ │ └── test_rust.rs │ │ │ ├── wasm_speed_test.cc │ │ │ ├── wasm_test.cc │ │ │ └── wasm_vm_test.cc │ │ ├── compression/ │ │ │ └── gzip/ │ │ │ ├── BUILD │ │ │ ├── compressor/ │ │ │ │ ├── BUILD │ │ │ │ └── zlib_compressor_impl_test.cc │ │ │ ├── compressor_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-compressor_fuzz_test-5149986500640768 │ │ │ │ ├── clusterfuzz-testcase-minimized-compressor_fuzz_test-5407695477932032 │ │ │ │ ├── clusterfuzz-testcase-minimized-compressor_fuzz_test-5644831560302592 │ │ │ │ ├── clusterfuzz-testcase-minimized-compressor_fuzz_test-6005942746873856 │ │ │ │ ├── empty │ │ │ │ ├── noise │ │ │ │ └── simple │ │ │ ├── compressor_fuzz_test.cc │ │ │ └── decompressor/ │ │ │ ├── BUILD │ │ │ └── zlib_decompressor_impl_test.cc │ │ ├── extensions_build_system.bzl │ │ ├── filters/ │ │ │ ├── common/ │ │ │ │ ├── expr/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── context_test.cc │ │ │ │ │ ├── evaluator_corpus/ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-evaluator_fuzz_test-4803938816884736.fuzz │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-evaluator_fuzz_test-5723735986536448 │ │ │ │ │ │ ├── crash-67e48e44650e25b93159729a7a4dd386625bb5c2 │ │ │ │ │ │ ├── crash-87e3c780acf4403ddd8b182496e6cad5ac5efd66 │ │ │ │ │ │ ├── crash-d6a9858c9b8e8b60845af9f5adc9eaead58147bd │ │ │ │ │ │ ├── emptystruct │ │ │ │ │ │ ├── errorcondition │ │ │ │ │ │ ├── example │ │ │ │ │ │ ├── example1 │ │ │ │ │ │ ├── headercondition │ │ │ │ │ │ ├── metadatacondition │ │ │ │ │ │ └── mistypedcondition │ │ │ │ │ ├── evaluator_fuzz.proto │ │ │ │ │ └── evaluator_fuzz_test.cc │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── check_request_utils_test.cc │ │ │ │ │ ├── ext_authz_grpc_impl_test.cc │ │ │ │ │ ├── ext_authz_http_impl_test.cc │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── test_common.cc │ │ │ │ │ └── test_common.h │ │ │ │ ├── fault/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── fault_config_test.cc │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── local_ratelimit_test.cc │ │ │ │ ├── lua/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── lua_test.cc │ │ │ │ │ ├── lua_wrappers.h │ │ │ │ │ └── wrappers_test.cc │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── original_src_socket_option_test.cc │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── ratelimit_impl_test.cc │ │ │ │ │ └── utils.h │ │ │ │ └── rbac/ │ │ │ │ ├── BUILD │ │ │ │ ├── engine_impl_test.cc │ │ │ │ ├── matchers_test.cc │ │ │ │ ├── mocks.h │ │ │ │ └── utility_test.cc │ │ │ ├── http/ │ │ │ │ ├── adaptive_concurrency/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── adaptive_concurrency_filter_integration_test.cc │ │ │ │ │ ├── adaptive_concurrency_filter_integration_test.h │ │ │ │ │ ├── adaptive_concurrency_filter_test.cc │ │ │ │ │ └── controller/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── gradient_controller_test.cc │ │ │ │ ├── admission_control/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── admission_control_filter_test.cc │ │ │ │ │ ├── admission_control_integration_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── controller_test.cc │ │ │ │ │ └── success_criteria_evaluator_test.cc │ │ │ │ ├── aws_lambda/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── arn_test.cc │ │ │ │ │ ├── aws_lambda_filter_integration_test.cc │ │ │ │ │ ├── aws_lambda_filter_test.cc │ │ │ │ │ └── config_test.cc │ │ │ │ ├── aws_request_signing/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── aws_request_signing_filter_test.cc │ │ │ │ │ └── config_test.cc │ │ │ │ ├── buffer/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── buffer_filter_integration_test.cc │ │ │ │ │ ├── buffer_filter_test.cc │ │ │ │ │ └── config_test.cc │ │ │ │ ├── cache/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── cache_filter_integration_test.cc │ │ │ │ │ ├── cache_filter_test.cc │ │ │ │ │ ├── cache_headers_utils_test.cc │ │ │ │ │ ├── cacheability_utils_test.cc │ │ │ │ │ ├── common.h │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── http_cache_test.cc │ │ │ │ │ └── simple_http_cache/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── simple_http_cache_test.cc │ │ │ │ ├── cdn_loop/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── filter_integration_test.cc │ │ │ │ │ ├── filter_test.cc │ │ │ │ │ ├── parser_corpus/ │ │ │ │ │ │ ├── ParseCdnInfo-InvalidParameter.txt │ │ │ │ │ │ ├── ParseCdnInfo-MissingParameter.txt │ │ │ │ │ │ ├── ParseCdnInfo-MultipleParametersWithWhitespace.txt │ │ │ │ │ │ ├── ParseCdnInfo-SingleParameter.txt │ │ │ │ │ │ ├── ParseCdnInfo-SingleParameterExtraWhitespace.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-ExtraWhiteSpace.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-InvalidCdnId.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-InvalidParseNoComma.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-1.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-2.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-3.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-4-empty.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-5.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Rfc7230Section7Tests-6.txt │ │ │ │ │ │ ├── ParseCdnInfoTest-Simple.txt │ │ │ │ │ │ └── rfc8586-example.txt │ │ │ │ │ ├── parser_fuzz_test.cc │ │ │ │ │ ├── parser_test.cc │ │ │ │ │ └── utils_test.cc │ │ │ │ ├── common/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── compressor/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── compressor_filter_speed_test.cc │ │ │ │ │ │ └── compressor_filter_test.cc │ │ │ │ │ ├── empty_http_filter_config.h │ │ │ │ │ ├── fuzz/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── filter_corpus/ │ │ │ │ │ │ │ ├── adminnullptr │ │ │ │ │ │ │ ├── buffer1 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-filter_fuzz_test-5082368313655296 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-filter_fuzz_test-5728684315770880 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5107908850483200.fuzz │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5115447232692224 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5143098977157120.fuzz │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5144919410999296 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5167332043522048 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5635252589690880 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5661692476522496 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5710239968264192 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5713820013297664 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5714246842449920.fuzz │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5726031248621568 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5728217898680320 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5762605081952256 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-5969746626609152 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-6133921480966144 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-6246534715539456 │ │ │ │ │ │ │ ├── clusterfuzz-testcase-minimized-filter_fuzz_test-6506457133219840 │ │ │ │ │ │ │ ├── crash-3014465358f0947e73ac12ccb40b299d5b0646b3 │ │ │ │ │ │ │ ├── crash-7137be4f227ac0faa82d76aa9b4c32a68e4c15f9 │ │ │ │ │ │ │ ├── crash-803e5cd629426a361101632f37b4651ef595c92e │ │ │ │ │ │ │ ├── crash-a45927a3f6e2efcbdb8ba12a1816895b219a09d2 │ │ │ │ │ │ │ ├── crash-bb74d7280823776808e881b20c0a9c87f7a2163b │ │ │ │ │ │ │ ├── crash-da39a3ee5e6b4b0d3255bfef95601890afd80709 │ │ │ │ │ │ │ ├── crash-ee8851a25304e8515905d09019afe8798b2376ac │ │ │ │ │ │ │ ├── grpc_stats │ │ │ │ │ │ │ ├── grpc_transcoding_decode_encode │ │ │ │ │ │ │ ├── grpc_transcoding_http_data │ │ │ │ │ │ │ ├── grpc_transcoding_proto_data │ │ │ │ │ │ │ ├── jwt_connect │ │ │ │ │ │ │ ├── metadata_not_reached │ │ │ │ │ │ │ ├── not_implemented_tap │ │ │ │ │ │ │ ├── oom-da39a3ee5e6b4b0d3255bfef95601890afd80709 │ │ │ │ │ │ │ ├── router_buffering │ │ │ │ │ │ │ └── valid_jwt │ │ │ │ │ │ ├── filter_fuzz.proto │ │ │ │ │ │ ├── filter_fuzz_test.cc │ │ │ │ │ │ ├── http_filter_fuzzer.h │ │ │ │ │ │ ├── uber_filter.cc │ │ │ │ │ │ ├── uber_filter.h │ │ │ │ │ │ └── uber_per_filter.cc │ │ │ │ │ ├── jwks_fetcher_test.cc │ │ │ │ │ ├── mock.cc │ │ │ │ │ ├── mock.h │ │ │ │ │ └── utility_test.cc │ │ │ │ ├── compressor/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── compressor_filter_integration_test.cc │ │ │ │ │ ├── compressor_filter_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── mock_compressor_library.proto │ │ │ │ ├── cors/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── cors_filter_integration_test.cc │ │ │ │ │ └── cors_filter_test.cc │ │ │ │ ├── csrf/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── csrf_filter_integration_test.cc │ │ │ │ │ └── csrf_filter_test.cc │ │ │ │ ├── decompressor/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── decompressor_filter_integration_test.cc │ │ │ │ │ └── decompressor_filter_test.cc │ │ │ │ ├── dynamic_forward_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── proxy_filter_integration_test.cc │ │ │ │ │ └── proxy_filter_test.cc │ │ │ │ ├── dynamo/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── dynamo_filter_test.cc │ │ │ │ │ ├── dynamo_request_parser_test.cc │ │ │ │ │ └── dynamo_stats_test.cc │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── ext_authz_integration_test.cc │ │ │ │ │ └── ext_authz_test.cc │ │ │ │ ├── fault/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── fault_filter_integration_test.cc │ │ │ │ │ ├── fault_filter_test.cc │ │ │ │ │ └── utility.h │ │ │ │ ├── grpc_http1_bridge/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── http1_bridge_filter_test.cc │ │ │ │ ├── grpc_http1_reverse_bridge/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── reverse_bridge_integration_test.cc │ │ │ │ │ └── reverse_bridge_test.cc │ │ │ │ ├── grpc_json_transcoder/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── grpc_json_transcoder_integration_test.cc │ │ │ │ │ ├── http_body_utils_test.cc │ │ │ │ │ ├── json_transcoder_filter_test.cc │ │ │ │ │ └── transcoder_input_stream_test.cc │ │ │ │ ├── grpc_stats/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config_test.cc │ │ │ │ ├── grpc_web/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── grpc_web_filter_integration_test.cc │ │ │ │ │ └── grpc_web_filter_test.cc │ │ │ │ ├── gzip/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── gzip_filter_integration_test.cc │ │ │ │ │ └── gzip_filter_test.cc │ │ │ │ ├── header_to_metadata/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── header_to_metadata_filter_test.cc │ │ │ │ ├── health_check/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── health_check_test.cc │ │ │ │ ├── ip_tagging/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── ip_tagging_filter_test.cc │ │ │ │ ├── jwt_authn/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── all_verifier_test.cc │ │ │ │ │ ├── authenticator_test.cc │ │ │ │ │ ├── extractor_test.cc │ │ │ │ │ ├── filter_config_test.cc │ │ │ │ │ ├── filter_factory_test.cc │ │ │ │ │ ├── filter_integration_test.cc │ │ │ │ │ ├── filter_test.cc │ │ │ │ │ ├── group_verifier_test.cc │ │ │ │ │ ├── jwks_cache_test.cc │ │ │ │ │ ├── matcher_test.cc │ │ │ │ │ ├── mock.h │ │ │ │ │ ├── provider_verifier_test.cc │ │ │ │ │ └── test_common.h │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── filter_test.cc │ │ │ │ ├── lua/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── lua_filter_test.cc │ │ │ │ │ ├── lua_integration_test.cc │ │ │ │ │ └── wrappers_test.cc │ │ │ │ ├── oauth2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── filter_test.cc │ │ │ │ │ ├── oauth_integration_test.cc │ │ │ │ │ └── oauth_test.cc │ │ │ │ ├── on_demand/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── on_demand_filter_test.cc │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── original_src_config_factory_test.cc │ │ │ │ │ └── original_src_test.cc │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── ratelimit_headers_test.cc │ │ │ │ │ ├── ratelimit_integration_test.cc │ │ │ │ │ └── ratelimit_test.cc │ │ │ │ ├── rbac/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── rbac_filter_integration_test.cc │ │ │ │ │ └── rbac_filter_test.cc │ │ │ │ ├── router/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── auto_sni_integration_test.cc │ │ │ │ │ └── config_test.cc │ │ │ │ ├── squash/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── squash_filter_integration_test.cc │ │ │ │ │ └── squash_filter_test.cc │ │ │ │ ├── tap/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── common.h │ │ │ │ │ ├── tap_config_impl_test.cc │ │ │ │ │ ├── tap_filter_integration_test.cc │ │ │ │ │ └── tap_filter_test.cc │ │ │ │ └── wasm/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ ├── test_data/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── async_call_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── body_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── headers_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── metadata_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── shared_data_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── shared_queue_rust/ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ └── src/ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ ├── test.proto │ │ │ │ │ ├── test_async_call_cpp.cc │ │ │ │ │ ├── test_body_cpp.cc │ │ │ │ │ ├── test_cpp.cc │ │ │ │ │ ├── test_cpp_null_plugin.cc │ │ │ │ │ ├── test_grpc_call_cpp.cc │ │ │ │ │ ├── test_grpc_stream_cpp.cc │ │ │ │ │ ├── test_shared_data_cpp.cc │ │ │ │ │ └── test_shared_queue_cpp.cc │ │ │ │ └── wasm_filter_test.cc │ │ │ ├── listener/ │ │ │ │ ├── common/ │ │ │ │ │ └── fuzz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── fuzzed_input_test.cc │ │ │ │ │ ├── listener_filter_fakes.cc │ │ │ │ │ ├── listener_filter_fakes.h │ │ │ │ │ ├── listener_filter_fuzzer.cc │ │ │ │ │ ├── listener_filter_fuzzer.h │ │ │ │ │ └── listener_filter_fuzzer.proto │ │ │ │ ├── http_inspector/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── http_inspector_config_test.cc │ │ │ │ │ ├── http_inspector_corpus/ │ │ │ │ │ │ ├── bad_header │ │ │ │ │ │ ├── incomplete_header │ │ │ │ │ │ ├── invalid_method │ │ │ │ │ │ ├── invalid_request │ │ │ │ │ │ ├── multiple_http10 │ │ │ │ │ │ ├── multiple_incomplete │ │ │ │ │ │ ├── valid_http10 │ │ │ │ │ │ ├── valid_http11 │ │ │ │ │ │ └── valid_http2 │ │ │ │ │ ├── http_inspector_fuzz_test.cc │ │ │ │ │ └── http_inspector_test.cc │ │ │ │ ├── original_dst/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── original_dst_corpus/ │ │ │ │ │ │ ├── invalid_scheme │ │ │ │ │ │ ├── invalid_unix │ │ │ │ │ │ ├── valid_ipv4 │ │ │ │ │ │ └── valid_ipv6 │ │ │ │ │ └── original_dst_fuzz_test.cc │ │ │ │ ├── original_src/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── original_src_config_factory_test.cc │ │ │ │ │ ├── original_src_corpus/ │ │ │ │ │ │ ├── valid_ipv4 │ │ │ │ │ │ └── valid_unix │ │ │ │ │ ├── original_src_fuzz_test.cc │ │ │ │ │ ├── original_src_fuzz_test.proto │ │ │ │ │ └── original_src_test.cc │ │ │ │ ├── proxy_protocol/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── proxy_protocol_corpus/ │ │ │ │ │ │ ├── v1_basic │ │ │ │ │ │ ├── v1_basic_v6 │ │ │ │ │ │ ├── v1_minimal │ │ │ │ │ │ ├── v2_basic │ │ │ │ │ │ ├── v2_basic_v6 │ │ │ │ │ │ ├── v2_extensions │ │ │ │ │ │ ├── v2_tlv │ │ │ │ │ │ └── v2_tlv_multiple │ │ │ │ │ ├── proxy_protocol_fuzz_test.cc │ │ │ │ │ ├── proxy_protocol_fuzz_test.proto │ │ │ │ │ └── proxy_protocol_test.cc │ │ │ │ └── tls_inspector/ │ │ │ │ ├── BUILD │ │ │ │ ├── tls_inspector_benchmark.cc │ │ │ │ ├── tls_inspector_corpus/ │ │ │ │ │ ├── multiple_reads │ │ │ │ │ ├── no_extensions │ │ │ │ │ ├── not_ssl │ │ │ │ │ ├── too_large │ │ │ │ │ ├── valid_alpn │ │ │ │ │ └── valid_sni │ │ │ │ ├── tls_inspector_fuzz_test.cc │ │ │ │ ├── tls_inspector_fuzz_test.proto │ │ │ │ ├── tls_inspector_test.cc │ │ │ │ ├── tls_utility.cc │ │ │ │ └── tls_utility.h │ │ │ ├── network/ │ │ │ │ ├── client_ssl_auth/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── client_ssl_auth_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── test_data/ │ │ │ │ │ └── vpn_response_1.json │ │ │ │ ├── common/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── fuzz/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ ├── network_readfilter_corpus/ │ │ │ │ │ │ │ ├── client_sslL_auth_2 │ │ │ │ │ │ │ ├── client_ssl_authz_1 │ │ │ │ │ │ │ ├── direct_response_1 │ │ │ │ │ │ │ ├── direct_response_open_file │ │ │ │ │ │ │ ├── dubbo_proxy_1 │ │ │ │ │ │ │ ├── dubbo_proxy_ondata_msg_split │ │ │ │ │ │ │ ├── dubbo_proxy_ondata_twoway │ │ │ │ │ │ │ ├── dubbo_proxy_protocol_routing │ │ │ │ │ │ │ ├── dubbo_proxy_protocol_routing_failure │ │ │ │ │ │ │ ├── echo_1 │ │ │ │ │ │ │ ├── empty │ │ │ │ │ │ │ ├── ext_authz_1 │ │ │ │ │ │ │ ├── ext_authz_2 │ │ │ │ │ │ │ ├── http_connection_manager_1 │ │ │ │ │ │ │ ├── http_connection_manager_2 │ │ │ │ │ │ │ ├── kafka_1 │ │ │ │ │ │ │ ├── kafka_process_msg │ │ │ │ │ │ │ ├── kafka_request1 │ │ │ │ │ │ │ ├── kafka_unknown_request │ │ │ │ │ │ │ ├── local_ratelimit_1 │ │ │ │ │ │ │ ├── local_ratelimit_time_overflow │ │ │ │ │ │ │ ├── mongodb_proxy_1 │ │ │ │ │ │ │ ├── mongodb_proxy_2 │ │ │ │ │ │ │ ├── mysql_proxy_1 │ │ │ │ │ │ │ ├── oss_redis_proxy_stackoverflow_with_long_route_prefix │ │ │ │ │ │ │ ├── ratelimit_1 │ │ │ │ │ │ │ ├── rbac_1 │ │ │ │ │ │ │ ├── redis_proxy_1 │ │ │ │ │ │ │ ├── redis_proxy_1_auth_no_pwd_set │ │ │ │ │ │ │ ├── redis_proxy_1_auth_pwd_set │ │ │ │ │ │ │ ├── redis_proxy_1_bulk_string │ │ │ │ │ │ │ ├── redis_proxy_1_negative_large_integer │ │ │ │ │ │ │ ├── redis_proxy_1_nested_array │ │ │ │ │ │ │ ├── redis_proxy_1_null │ │ │ │ │ │ │ ├── rocketmq_proxy_crash │ │ │ │ │ │ │ ├── rocketmq_proxy_end_stream │ │ │ │ │ │ │ ├── rocketmq_proxy_invalid_header │ │ │ │ │ │ │ ├── rocketmq_proxy_on_ack_msg │ │ │ │ │ │ │ ├── rocketmq_proxy_on_get_topic_route │ │ │ │ │ │ │ ├── rocketmq_proxy_on_heartbeat │ │ │ │ │ │ │ ├── rocketmq_proxy_on_pop_msg │ │ │ │ │ │ │ ├── rocketmq_proxy_sendmsg │ │ │ │ │ │ │ ├── rocketmq_proxy_sendmsg2 │ │ │ │ │ │ │ ├── rocketmq_proxy_unregistered_client │ │ │ │ │ │ │ ├── sni_cluster_1 │ │ │ │ │ │ │ ├── sni_cluster_2 │ │ │ │ │ │ │ ├── sni_dynamic_forward_proxy_1 │ │ │ │ │ │ │ ├── thrift_proxy_1 │ │ │ │ │ │ │ ├── thrift_proxy_3 │ │ │ │ │ │ │ ├── thrift_proxy_app_exception │ │ │ │ │ │ │ ├── thrift_proxy_assert_failure │ │ │ │ │ │ │ ├── thrift_proxy_garbage_request │ │ │ │ │ │ │ ├── thrift_proxy_invalid_msg_type │ │ │ │ │ │ │ ├── thrift_proxy_on_data_handles_oneway │ │ │ │ │ │ │ ├── thrift_proxy_on_data_handles_thriftcall │ │ │ │ │ │ │ ├── thrift_proxy_pipelined_request1 │ │ │ │ │ │ │ ├── thrift_proxy_protocol_error │ │ │ │ │ │ │ ├── thrift_proxy_router_test │ │ │ │ │ │ │ ├── thrift_proxy_stop_and_resume │ │ │ │ │ │ │ ├── zookeeper_proxy_1 │ │ │ │ │ │ │ ├── zookeeper_proxy_auth │ │ │ │ │ │ │ ├── zookeeper_proxy_connect │ │ │ │ │ │ │ ├── zookeeper_proxy_multirequest │ │ │ │ │ │ │ ├── zookeeper_proxy_request_container │ │ │ │ │ │ │ ├── zookeeper_proxy_request_ephemeral │ │ │ │ │ │ │ ├── zookeeper_proxy_request_persistent │ │ │ │ │ │ │ ├── zookeeper_proxy_request_persistent_ephemeral_sequential │ │ │ │ │ │ │ ├── zookeeper_proxy_request_persistent_sequential │ │ │ │ │ │ │ ├── zookeeper_proxy_request_ttl │ │ │ │ │ │ │ ├── zookeeper_proxy_request_ttl_sequential │ │ │ │ │ │ │ └── zookeeper_proxy_watch_request │ │ │ │ │ │ ├── network_readfilter_fuzz.proto │ │ │ │ │ │ ├── network_readfilter_fuzz_test.cc │ │ │ │ │ │ ├── network_readfilter_fuzz_test.dict │ │ │ │ │ │ ├── network_writefilter_corpus/ │ │ │ │ │ │ │ ├── kafka_broker_1 │ │ │ │ │ │ │ ├── kafka_broker_process_response │ │ │ │ │ │ │ ├── kafka_broker_response1 │ │ │ │ │ │ │ ├── kafka_broker_unknown_response │ │ │ │ │ │ │ ├── mongodb_proxy_1 │ │ │ │ │ │ │ ├── mongodb_proxy_response │ │ │ │ │ │ │ ├── mysql_proxy_1 │ │ │ │ │ │ │ ├── mysql_proxy_msg_split │ │ │ │ │ │ │ ├── zookeeper_proxy_1 │ │ │ │ │ │ │ ├── zookeeper_proxy_assert_failure_onwrite │ │ │ │ │ │ │ ├── zookeeper_proxy_auth │ │ │ │ │ │ │ ├── zookeeper_proxy_connect │ │ │ │ │ │ │ ├── zookeeper_proxy_ping │ │ │ │ │ │ │ ├── zookeeper_proxy_watch_control │ │ │ │ │ │ │ └── zookeeper_proxy_watch_event │ │ │ │ │ │ ├── network_writefilter_fuzz.proto │ │ │ │ │ │ ├── network_writefilter_fuzz_test.cc │ │ │ │ │ │ ├── uber_per_readfilter.cc │ │ │ │ │ │ ├── uber_per_writefilter.cc │ │ │ │ │ │ ├── uber_readfilter.cc │ │ │ │ │ │ ├── uber_readfilter.h │ │ │ │ │ │ ├── uber_writefilter.cc │ │ │ │ │ │ ├── uber_writefilter.h │ │ │ │ │ │ └── utils/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ └── fakes.h │ │ │ │ │ ├── redis/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── client_impl_test.cc │ │ │ │ │ │ ├── codec_impl_test.cc │ │ │ │ │ │ ├── fault_test.cc │ │ │ │ │ │ ├── mocks.cc │ │ │ │ │ │ ├── mocks.h │ │ │ │ │ │ └── test_utils.h │ │ │ │ │ └── utility_test.cc │ │ │ │ ├── direct_response/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── direct_response_integration_test.cc │ │ │ │ │ └── direct_response_test.cc │ │ │ │ ├── dubbo_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── app_exception_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── conn_manager_test.cc │ │ │ │ │ ├── decoder_test.cc │ │ │ │ │ ├── dubbo_hessian2_serializer_impl_test.cc │ │ │ │ │ ├── dubbo_protocol_impl_test.cc │ │ │ │ │ ├── hessian_utils_test.cc │ │ │ │ │ ├── metadata_test.cc │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── route_matcher_test.cc │ │ │ │ │ ├── router_filter_config_test.cc │ │ │ │ │ ├── router_test.cc │ │ │ │ │ └── utility.h │ │ │ │ ├── ext_authz/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── ext_authz_corpus/ │ │ │ │ │ │ ├── crash-309531f09ce8c0c71f272c7145da9d5528c3e8fc │ │ │ │ │ │ └── crash-72c994c40b30ff66b72f401055681e9851fea7a2 │ │ │ │ │ ├── ext_authz_fuzz.proto │ │ │ │ │ ├── ext_authz_fuzz_test.cc │ │ │ │ │ └── ext_authz_test.cc │ │ │ │ ├── http_connection_manager/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config.proto │ │ │ │ │ └── config_test.cc │ │ │ │ ├── kafka/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── broker/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── config_unit_test.cc │ │ │ │ │ │ ├── filter_protocol_test.cc │ │ │ │ │ │ ├── filter_unit_test.cc │ │ │ │ │ │ └── integration_test/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ ├── envoy_config_yaml.j2 │ │ │ │ │ │ ├── kafka_broker_integration_test.py │ │ │ │ │ │ ├── kafka_server_properties.j2 │ │ │ │ │ │ └── zookeeper_properties.j2 │ │ │ │ │ ├── buffer_based_test.h │ │ │ │ │ ├── kafka_request_parser_test.cc │ │ │ │ │ ├── kafka_response_parser_test.cc │ │ │ │ │ ├── message_utilities.h │ │ │ │ │ ├── metrics_integration_test.cc │ │ │ │ │ ├── protocol/ │ │ │ │ │ │ ├── launcher.py │ │ │ │ │ │ ├── request_codec_request_test_cc.j2 │ │ │ │ │ │ ├── request_utilities_cc.j2 │ │ │ │ │ │ ├── requests_test_cc.j2 │ │ │ │ │ │ ├── response_codec_response_test_cc.j2 │ │ │ │ │ │ ├── response_utilities_cc.j2 │ │ │ │ │ │ └── responses_test_cc.j2 │ │ │ │ │ ├── request_codec_integration_test.cc │ │ │ │ │ ├── request_codec_unit_test.cc │ │ │ │ │ ├── response_codec_integration_test.cc │ │ │ │ │ ├── response_codec_unit_test.cc │ │ │ │ │ ├── serialization/ │ │ │ │ │ │ ├── launcher.py │ │ │ │ │ │ └── serialization_composite_test_cc.j2 │ │ │ │ │ ├── serialization_test.cc │ │ │ │ │ ├── serialization_utilities.cc │ │ │ │ │ └── serialization_utilities.h │ │ │ │ ├── local_ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── local_ratelimit_corpus/ │ │ │ │ │ │ └── basic_test_case │ │ │ │ │ ├── local_ratelimit_fuzz.proto │ │ │ │ │ ├── local_ratelimit_fuzz_test.cc │ │ │ │ │ ├── local_ratelimit_integration_test.cc │ │ │ │ │ └── local_ratelimit_test.cc │ │ │ │ ├── mongo_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── bson_impl_test.cc │ │ │ │ │ ├── codec_impl_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── proxy_test.cc │ │ │ │ │ └── utility_test.cc │ │ │ │ ├── mysql_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── mysql_codec_test.cc │ │ │ │ │ ├── mysql_command_test.cc │ │ │ │ │ ├── mysql_filter_test.cc │ │ │ │ │ ├── mysql_integration_test.cc │ │ │ │ │ ├── mysql_test_config.yaml │ │ │ │ │ ├── mysql_test_utils.cc │ │ │ │ │ └── mysql_test_utils.h │ │ │ │ ├── postgres_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── postgres_decoder_test.cc │ │ │ │ │ ├── postgres_filter_test.cc │ │ │ │ │ ├── postgres_integration_test.cc │ │ │ │ │ ├── postgres_message_test.cc │ │ │ │ │ ├── postgres_test_config.yaml │ │ │ │ │ ├── postgres_test_utils.cc │ │ │ │ │ └── postgres_test_utils.h │ │ │ │ ├── ratelimit/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ └── ratelimit_test.cc │ │ │ │ ├── rbac/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── filter_test.cc │ │ │ │ │ └── integration_test.cc │ │ │ │ ├── redis_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── command_lookup_speed_test.cc │ │ │ │ │ ├── command_split_speed_test.cc │ │ │ │ │ ├── command_splitter_impl_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── conn_pool_impl_test.cc │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── proxy_filter_test.cc │ │ │ │ │ ├── redis_proxy_integration_test.cc │ │ │ │ │ └── router_impl_test.cc │ │ │ │ ├── rocketmq_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── active_message_test.cc │ │ │ │ │ ├── codec_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── conn_manager_test.cc │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── protocol_test.cc │ │ │ │ │ ├── route_matcher_test.cc │ │ │ │ │ ├── router_test.cc │ │ │ │ │ ├── topic_route_test.cc │ │ │ │ │ ├── utility.cc │ │ │ │ │ └── utility.h │ │ │ │ ├── sni_cluster/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── sni_cluster_test.cc │ │ │ │ ├── sni_dynamic_forward_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── proxy_filter_integration_test.cc │ │ │ │ │ └── proxy_filter_test.cc │ │ │ │ ├── tcp_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config_test.cc │ │ │ │ ├── thrift_proxy/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── app_exception_impl_test.cc │ │ │ │ │ ├── auto_protocol_impl_test.cc │ │ │ │ │ ├── auto_transport_impl_test.cc │ │ │ │ │ ├── binary_protocol_impl_test.cc │ │ │ │ │ ├── buffer_helper_test.cc │ │ │ │ │ ├── compact_protocol_impl_test.cc │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── conn_manager_test.cc │ │ │ │ │ ├── conn_state_test.cc │ │ │ │ │ ├── decoder_test.cc │ │ │ │ │ ├── driver/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ ├── client.py │ │ │ │ │ │ ├── example.thrift │ │ │ │ │ │ ├── fbthrift/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── THeaderTransport.py │ │ │ │ │ │ │ └── __init__.py │ │ │ │ │ │ ├── finagle/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── TFinagleServerProcessor.py │ │ │ │ │ │ │ ├── TFinagleServerProtocol.py │ │ │ │ │ │ │ └── __init__.py │ │ │ │ │ │ ├── generate_bindings.sh │ │ │ │ │ │ ├── generate_fixture.sh │ │ │ │ │ │ ├── generated/ │ │ │ │ │ │ │ ├── __init__.py │ │ │ │ │ │ │ └── example/ │ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ │ ├── Example-remote │ │ │ │ │ │ │ ├── Example.py │ │ │ │ │ │ │ ├── __init__.py │ │ │ │ │ │ │ ├── constants.py │ │ │ │ │ │ │ └── ttypes.py │ │ │ │ │ │ └── server.py │ │ │ │ │ ├── filters/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── pass_through_filter_test.cc │ │ │ │ │ │ └── ratelimit/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── config_test.cc │ │ │ │ │ │ └── ratelimit_test.cc │ │ │ │ │ ├── framed_transport_impl_test.cc │ │ │ │ │ ├── header_transport_impl_test.cc │ │ │ │ │ ├── integration.cc │ │ │ │ │ ├── integration.h │ │ │ │ │ ├── integration_test.cc │ │ │ │ │ ├── metadata_test.cc │ │ │ │ │ ├── mocks.cc │ │ │ │ │ ├── mocks.h │ │ │ │ │ ├── requirements.txt │ │ │ │ │ ├── route_matcher_test.cc │ │ │ │ │ ├── router_ratelimit_test.cc │ │ │ │ │ ├── router_test.cc │ │ │ │ │ ├── thrift_object_impl_test.cc │ │ │ │ │ ├── translation_integration_test.cc │ │ │ │ │ ├── twitter_protocol_impl_test.cc │ │ │ │ │ ├── unframed_transport_impl_test.cc │ │ │ │ │ └── utility.h │ │ │ │ ├── wasm/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── config_test.cc │ │ │ │ │ ├── test_data/ │ │ │ │ │ │ ├── BUILD │ │ │ │ │ │ ├── logging_rust/ │ │ │ │ │ │ │ ├── Cargo.toml │ │ │ │ │ │ │ └── src/ │ │ │ │ │ │ │ └── lib.rs │ │ │ │ │ │ ├── test_cpp.cc │ │ │ │ │ │ └── test_cpp_null_plugin.cc │ │ │ │ │ └── wasm_filter_test.cc │ │ │ │ └── zookeeper_proxy/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── filter_test.cc │ │ │ └── udp/ │ │ │ ├── dns_filter/ │ │ │ │ ├── BUILD │ │ │ │ ├── dns_filter_corpus/ │ │ │ │ │ ├── 016fac1e4a40199b26b08df73179f9249e6a680b │ │ │ │ │ ├── 110be4738f0cc29218ba95bd16a1442b57b3caaf │ │ │ │ │ ├── 3d6e5d07c6ce8f5996f0ac001fed89f0962e50d7 │ │ │ │ │ ├── 497a3f29c3a53a65853a9e0ab3dd315fb92ac025 │ │ │ │ │ ├── 7c09f450b6667337fd111fad0049bf4601c1aece │ │ │ │ │ ├── 88c22fd07c15d34576b085cb3e869e5da9b23b3f │ │ │ │ │ ├── 95bcb3090cb222d80fa4fee7b88e84b99ae408b1 │ │ │ │ │ ├── e9c8cd789e907d07e56e7e4d998e3de6c0550b9d │ │ │ │ │ ├── f1220105b4e868a7ce4d908eefbec7f403e5ddb8 │ │ │ │ │ └── fb9282f0af3341cfc98d56f10fffffd5529d8802 │ │ │ │ ├── dns_filter_fuzz_test.cc │ │ │ │ ├── dns_filter_integration_test.cc │ │ │ │ ├── dns_filter_test.cc │ │ │ │ ├── dns_filter_test_utils.cc │ │ │ │ ├── dns_filter_test_utils.h │ │ │ │ └── dns_filter_utils_test.cc │ │ │ └── udp_proxy/ │ │ │ ├── BUILD │ │ │ ├── hash_policy_impl_test.cc │ │ │ ├── udp_proxy_filter_test.cc │ │ │ └── udp_proxy_integration_test.cc │ │ ├── grpc_credentials/ │ │ │ ├── aws_iam/ │ │ │ │ ├── BUILD │ │ │ │ └── aws_iam_grpc_credentials_test.cc │ │ │ └── file_based_metadata/ │ │ │ ├── BUILD │ │ │ └── file_based_metadata_grpc_credentials_test.cc │ │ ├── health_checkers/ │ │ │ └── redis/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ └── redis_test.cc │ │ ├── internal_redirect/ │ │ │ └── previous_routes/ │ │ │ ├── BUILD │ │ │ └── config_test.cc │ │ ├── quic_listeners/ │ │ │ └── quiche/ │ │ │ ├── BUILD │ │ │ ├── active_quic_listener_config_test.cc │ │ │ ├── active_quic_listener_test.cc │ │ │ ├── crypto_test_utils_for_envoy.cc │ │ │ ├── envoy_quic_alarm_test.cc │ │ │ ├── envoy_quic_client_session_test.cc │ │ │ ├── envoy_quic_client_stream_test.cc │ │ │ ├── envoy_quic_dispatcher_test.cc │ │ │ ├── envoy_quic_proof_source_test.cc │ │ │ ├── envoy_quic_proof_verifier_test.cc │ │ │ ├── envoy_quic_server_session_test.cc │ │ │ ├── envoy_quic_server_stream_test.cc │ │ │ ├── envoy_quic_simulated_watermark_buffer_test.cc │ │ │ ├── envoy_quic_utils_test.cc │ │ │ ├── envoy_quic_writer_test.cc │ │ │ ├── integration/ │ │ │ │ ├── BUILD │ │ │ │ └── quic_http_integration_test.cc │ │ │ ├── platform/ │ │ │ │ ├── BUILD │ │ │ │ ├── envoy_quic_clock_test.cc │ │ │ │ ├── epoll_address_test_utils_impl.h │ │ │ │ ├── epoll_bug_impl.h │ │ │ │ ├── epoll_expect_bug_impl.h │ │ │ │ ├── epoll_export_impl.h │ │ │ │ ├── epoll_logging_impl.h │ │ │ │ ├── epoll_ptr_util_impl.h │ │ │ │ ├── epoll_test_impl.h │ │ │ │ ├── epoll_thread_impl.h │ │ │ │ ├── epoll_time_impl.h │ │ │ │ ├── http2_platform_test.cc │ │ │ │ ├── quic_epoll_clock.cc │ │ │ │ ├── quic_epoll_clock.h │ │ │ │ ├── quic_epoll_impl.h │ │ │ │ ├── quic_expect_bug_impl.h │ │ │ │ ├── quic_mock_log_impl.h │ │ │ │ ├── quic_platform_test.cc │ │ │ │ ├── quic_port_utils_impl.cc │ │ │ │ ├── quic_port_utils_impl.h │ │ │ │ ├── quic_sleep_impl.h │ │ │ │ ├── quic_system_event_loop_impl.h │ │ │ │ ├── quic_test_impl.h │ │ │ │ ├── quic_test_mem_slice_vector_impl.h │ │ │ │ ├── quic_test_output_impl.cc │ │ │ │ ├── quic_test_output_impl.h │ │ │ │ ├── quic_thread_impl.h │ │ │ │ ├── quiche_platform_test.cc │ │ │ │ ├── quiche_test_impl.h │ │ │ │ ├── spdy_platform_test.cc │ │ │ │ └── spdy_test_helpers_impl.h │ │ │ ├── quic_io_handle_wrapper_test.cc │ │ │ ├── test_proof_source.h │ │ │ ├── test_proof_verifier.h │ │ │ └── test_utils.h │ │ ├── resource_monitors/ │ │ │ ├── fixed_heap/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── fixed_heap_monitor_test.cc │ │ │ └── injected_resource/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ └── injected_resource_monitor_test.cc │ │ ├── retry/ │ │ │ ├── host/ │ │ │ │ ├── omit_canary_hosts/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config_test.cc │ │ │ │ ├── omit_host_metadata/ │ │ │ │ │ ├── BUILD │ │ │ │ │ └── config_test.cc │ │ │ │ └── previous_hosts/ │ │ │ │ ├── BUILD │ │ │ │ └── config_test.cc │ │ │ └── priority/ │ │ │ └── previous_priorities/ │ │ │ ├── BUILD │ │ │ └── config_test.cc │ │ ├── stats_sinks/ │ │ │ ├── common/ │ │ │ │ └── statsd/ │ │ │ │ ├── BUILD │ │ │ │ ├── statsd_test.cc │ │ │ │ └── udp_statsd_test.cc │ │ │ ├── dog_statsd/ │ │ │ │ ├── BUILD │ │ │ │ └── config_test.cc │ │ │ ├── hystrix/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ ├── hystrix_integration_test.cc │ │ │ │ └── hystrix_test.cc │ │ │ ├── metrics_service/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ ├── grpc_metrics_service_impl_test.cc │ │ │ │ └── metrics_service_integration_test.cc │ │ │ ├── statsd/ │ │ │ │ ├── BUILD │ │ │ │ └── config_test.cc │ │ │ └── wasm/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ ├── test_data/ │ │ │ │ ├── BUILD │ │ │ │ ├── test_context_cpp.cc │ │ │ │ └── test_context_cpp_null_plugin.cc │ │ │ └── wasm_stat_sink_test.cc │ │ ├── tracers/ │ │ │ ├── common/ │ │ │ │ └── ot/ │ │ │ │ ├── BUILD │ │ │ │ └── opentracing_driver_impl_test.cc │ │ │ ├── datadog/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── datadog_tracer_impl_test.cc │ │ │ ├── dynamic_ot/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── dynamic_opentracing_driver_impl_test.cc │ │ │ ├── lightstep/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── lightstep_tracer_impl_test.cc │ │ │ ├── opencensus/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ └── tracer_test.cc │ │ │ ├── xray/ │ │ │ │ ├── BUILD │ │ │ │ ├── config_test.cc │ │ │ │ ├── fuzz_test.cc │ │ │ │ ├── localized_sampling_test.cc │ │ │ │ ├── tracer_test.cc │ │ │ │ ├── util_test.cc │ │ │ │ ├── wildcard_matcher_corpus/ │ │ │ │ │ └── example │ │ │ │ └── xray_tracer_impl_test.cc │ │ │ └── zipkin/ │ │ │ ├── BUILD │ │ │ ├── config_test.cc │ │ │ ├── span_buffer_test.cc │ │ │ ├── span_context_extractor_test.cc │ │ │ ├── tracer_test.cc │ │ │ ├── zipkin_core_types_test.cc │ │ │ └── zipkin_tracer_impl_test.cc │ │ ├── transport_sockets/ │ │ │ ├── alts/ │ │ │ │ ├── BUILD │ │ │ │ ├── alts_integration_test.cc │ │ │ │ ├── config_test.cc │ │ │ │ ├── noop_transport_socket_callbacks_test.cc │ │ │ │ ├── tsi_frame_protector_test.cc │ │ │ │ ├── tsi_handshaker_test.cc │ │ │ │ └── tsi_socket_test.cc │ │ │ ├── common/ │ │ │ │ ├── BUILD │ │ │ │ └── passthrough_test.cc │ │ │ ├── proxy_protocol/ │ │ │ │ ├── BUILD │ │ │ │ ├── proxy_protocol_integration_test.cc │ │ │ │ └── proxy_protocol_test.cc │ │ │ ├── tap/ │ │ │ │ ├── BUILD │ │ │ │ └── tap_config_impl_test.cc │ │ │ └── tls/ │ │ │ ├── BUILD │ │ │ ├── context_impl_test.cc │ │ │ ├── gen_unittest_certs.sh │ │ │ ├── handshaker_test.cc │ │ │ ├── integration/ │ │ │ │ ├── BUILD │ │ │ │ ├── ssl_integration_test.cc │ │ │ │ └── ssl_integration_test.h │ │ │ ├── io_handle_bio_test.cc │ │ │ ├── ocsp/ │ │ │ │ ├── BUILD │ │ │ │ ├── asn1_utility_test.cc │ │ │ │ ├── gen_unittest_ocsp_data.sh │ │ │ │ └── ocsp_test.cc │ │ │ ├── ssl_certs_test.h │ │ │ ├── ssl_socket_test.cc │ │ │ ├── ssl_test_utility.h │ │ │ ├── test_data/ │ │ │ │ ├── BUILD │ │ │ │ ├── README.md │ │ │ │ ├── aes_128_key │ │ │ │ ├── ca_cert.cfg │ │ │ │ ├── ca_cert.crl │ │ │ │ ├── ca_cert.pem │ │ │ │ ├── ca_cert_info.h │ │ │ │ ├── ca_cert_with_crl.pem │ │ │ │ ├── ca_certificates.pem │ │ │ │ ├── ca_key.pem │ │ │ │ ├── certs.sh │ │ │ │ ├── expired_cert.pem │ │ │ │ ├── expired_cert_info.h │ │ │ │ ├── expired_key.pem │ │ │ │ ├── expired_san_uri_cert.pem │ │ │ │ ├── expired_san_uri_cert_info.h │ │ │ │ ├── expired_san_uri_key.pem │ │ │ │ ├── extensions_cert.cfg │ │ │ │ ├── extensions_cert.pem │ │ │ │ ├── extensions_cert_info.h │ │ │ │ ├── extensions_key.pem │ │ │ │ ├── fake_ca_cert.cfg │ │ │ │ ├── fake_ca_cert.pem │ │ │ │ ├── fake_ca_cert_info.h │ │ │ │ ├── fake_ca_key.pem │ │ │ │ ├── intermediate_ca_cert.cfg │ │ │ │ ├── intermediate_ca_cert.crl │ │ │ │ ├── intermediate_ca_cert.pem │ │ │ │ ├── intermediate_ca_cert_chain.crl │ │ │ │ ├── intermediate_ca_cert_chain.pem │ │ │ │ ├── intermediate_ca_cert_chain_with_crl.pem │ │ │ │ ├── intermediate_ca_cert_chain_with_crl_chain.pem │ │ │ │ ├── intermediate_ca_cert_info.h │ │ │ │ ├── intermediate_ca_key.pem │ │ │ │ ├── long_validity_cert.pem │ │ │ │ ├── long_validity_cert_info.h │ │ │ │ ├── long_validity_key.pem │ │ │ │ ├── no_san_cert.cfg │ │ │ │ ├── no_san_cert.pem │ │ │ │ ├── no_san_cert_info.h │ │ │ │ ├── no_san_chain.pem │ │ │ │ ├── no_san_key.pem │ │ │ │ ├── no_subject_cert.cfg │ │ │ │ ├── no_subject_cert.pem │ │ │ │ ├── no_subject_cert_info.h │ │ │ │ ├── no_subject_key.pem │ │ │ │ ├── not_a_crl.crl │ │ │ │ ├── password_protected_cert.pem │ │ │ │ ├── password_protected_cert_info.h │ │ │ │ ├── password_protected_key.pem │ │ │ │ ├── password_protected_password.txt │ │ │ │ ├── san_dns2_cert.pem │ │ │ │ ├── san_dns2_cert_info.h │ │ │ │ ├── san_dns2_key.pem │ │ │ │ ├── san_dns3_cert.pem │ │ │ │ ├── san_dns3_cert_info.h │ │ │ │ ├── san_dns3_chain.pem │ │ │ │ ├── san_dns3_key.pem │ │ │ │ ├── san_dns4_cert.pem │ │ │ │ ├── san_dns4_cert_info.h │ │ │ │ ├── san_dns4_key.pem │ │ │ │ ├── san_dns_cert.cfg │ │ │ │ ├── san_dns_cert.pem │ │ │ │ ├── san_dns_cert_info.h │ │ │ │ ├── san_dns_key.pem │ │ │ │ ├── san_ip_cert.cfg │ │ │ │ ├── san_ip_cert.pem │ │ │ │ ├── san_ip_cert_info.h │ │ │ │ ├── san_ip_chain.pem │ │ │ │ ├── san_ip_key.pem │ │ │ │ ├── san_multiple_dns_cert.cfg │ │ │ │ ├── san_multiple_dns_cert.pem │ │ │ │ ├── san_multiple_dns_cert_info.h │ │ │ │ ├── san_multiple_dns_key.pem │ │ │ │ ├── san_only_dns_cert.cfg │ │ │ │ ├── san_only_dns_cert.pem │ │ │ │ ├── san_only_dns_cert_info.h │ │ │ │ ├── san_only_dns_key.pem │ │ │ │ ├── san_uri_cert.cfg │ │ │ │ ├── san_uri_cert.pem │ │ │ │ ├── san_uri_cert_info.h │ │ │ │ ├── san_uri_key.pem │ │ │ │ ├── selfsigned2_cert.pem │ │ │ │ ├── selfsigned2_cert_info.h │ │ │ │ ├── selfsigned2_ecdsa_p256_cert.pem │ │ │ │ ├── selfsigned2_ecdsa_p256_cert_info.h │ │ │ │ ├── selfsigned_cert.cfg │ │ │ │ ├── selfsigned_cert.pem │ │ │ │ ├── selfsigned_cert_info.h │ │ │ │ ├── selfsigned_ecdsa_p256_cert.pem │ │ │ │ ├── selfsigned_ecdsa_p256_cert_info.h │ │ │ │ ├── selfsigned_ecdsa_p256_key.pem │ │ │ │ ├── selfsigned_ecdsa_p384_cert.pem │ │ │ │ ├── selfsigned_ecdsa_p384_cert_info.h │ │ │ │ ├── selfsigned_ecdsa_p384_key.pem │ │ │ │ ├── selfsigned_key.pem │ │ │ │ ├── selfsigned_rsa_1024_cert.pem │ │ │ │ ├── selfsigned_rsa_1024_cert_info.h │ │ │ │ ├── selfsigned_rsa_1024_key.pem │ │ │ │ ├── selfsigned_rsa_3072_cert.pem │ │ │ │ ├── selfsigned_rsa_3072_cert_info.h │ │ │ │ ├── selfsigned_rsa_3072_key.pem │ │ │ │ ├── selfsigned_rsa_4096_cert.pem │ │ │ │ ├── selfsigned_rsa_4096_cert_info.h │ │ │ │ ├── selfsigned_rsa_4096_key.pem │ │ │ │ ├── ticket_key_a │ │ │ │ ├── ticket_key_b │ │ │ │ └── ticket_key_wrong_len │ │ │ ├── test_private_key_method_provider.cc │ │ │ ├── test_private_key_method_provider.h │ │ │ └── utility_test.cc │ │ ├── upstreams/ │ │ │ └── http/ │ │ │ └── tcp/ │ │ │ ├── BUILD │ │ │ └── upstream_request_test.cc │ │ └── watchdog/ │ │ ├── abort_action/ │ │ │ ├── BUILD │ │ │ ├── abort_action_test.cc │ │ │ └── config_test.cc │ │ └── profile_action/ │ │ ├── BUILD │ │ ├── config_test.cc │ │ └── profile_action_test.cc │ ├── fuzz/ │ │ ├── BUILD │ │ ├── README.md │ │ ├── common.proto │ │ ├── fuzz_runner.cc │ │ ├── fuzz_runner.h │ │ ├── headers.dict │ │ ├── main.cc │ │ └── utility.h │ ├── integration/ │ │ ├── BUILD │ │ ├── README.md │ │ ├── ads_integration.cc │ │ ├── ads_integration.h │ │ ├── ads_integration_test.cc │ │ ├── alpn_selection_integration_test.cc │ │ ├── api_listener_integration_test.cc │ │ ├── api_version_integration_test.cc │ │ ├── autonomous_upstream.cc │ │ ├── autonomous_upstream.h │ │ ├── base_integration_test.cc │ │ ├── base_integration_test.h │ │ ├── capture_fuzz.proto │ │ ├── capture_fuzz_gen.py │ │ ├── cds_integration_test.cc │ │ ├── cluster_filter_integration_test.cc │ │ ├── clusters/ │ │ │ ├── BUILD │ │ │ ├── cluster_factory_config.proto │ │ │ ├── custom_static_cluster.cc │ │ │ └── custom_static_cluster.h │ │ ├── custom_cluster_integration_test.cc │ │ ├── cx_limit_integration_test.cc │ │ ├── drain_close_integration_test.cc │ │ ├── dynamic_validation_integration_test.cc │ │ ├── echo_integration_test.cc │ │ ├── eds_integration_test.cc │ │ ├── extension_discovery_integration_test.cc │ │ ├── fake_upstream.cc │ │ ├── fake_upstream.h │ │ ├── filter_manager_integration_test.cc │ │ ├── filter_manager_integration_test.proto │ │ ├── filters/ │ │ │ ├── BUILD │ │ │ ├── add_body_filter.cc │ │ │ ├── add_trailers_filter.cc │ │ │ ├── backpressure_filter.cc │ │ │ ├── call_decodedata_once_filter.cc │ │ │ ├── clear_route_cache_filter.cc │ │ │ ├── common.h │ │ │ ├── continue_headers_only_inject_body_filter.cc │ │ │ ├── decode_headers_return_stop_all_filter.cc │ │ │ ├── eds_ready_filter.cc │ │ │ ├── encode_headers_return_stop_all_filter.cc │ │ │ ├── encoder_decoder_buffer_filter.cc │ │ │ ├── headers_only_filter.cc │ │ │ ├── local_reply_during_encoding_filter.cc │ │ │ ├── metadata_stop_all_filter.cc │ │ │ ├── modify_buffer_filter.cc │ │ │ ├── passthrough_filter.cc │ │ │ ├── pause_filter.cc │ │ │ ├── process_context_filter.cc │ │ │ ├── process_context_filter.h │ │ │ ├── random_pause_filter.cc │ │ │ ├── request_metadata_filter.cc │ │ │ ├── response_metadata_filter.cc │ │ │ ├── set_response_code_filter.cc │ │ │ ├── set_response_code_filter_config.proto │ │ │ ├── stop_iteration_and_continue_filter.cc │ │ │ ├── test_socket_interface.cc │ │ │ ├── test_socket_interface.h │ │ │ └── wait_for_whole_request_and_response.cc │ │ ├── h1_capture_direct_response_fuzz_test.cc │ │ ├── h1_capture_fuzz_test.cc │ │ ├── h1_corpus/ │ │ │ ├── BadPath.pb_text │ │ │ ├── EnvoyHandling100Continue.pb_text │ │ │ ├── InvalidContentLength.pb_text │ │ │ ├── NoHost.pb_text │ │ │ ├── RouterDownstreamDisconnectBeforeRequestComplete.pb_text │ │ │ ├── RouterDownstreamDisconnectBeforeResponseComplete.pb_text │ │ │ ├── RouterHeaderOnlyRequestAndResponseNoBuffer.pb_text │ │ │ ├── RouterRequestAndResponseWithBodyNoBuffer.pb_text │ │ │ ├── RouterUpstreamDisconnectBeforeRequestcomplete.pb_text │ │ │ ├── RouterUpstreamDisconnectBeforeResponseComplete.pb_text │ │ │ ├── RouterUpstreamResponseBeforeRequestComplete.pb_text │ │ │ ├── clusterfuzz-testcase-h1_capture_fuzz_test-5696503594090496 │ │ │ ├── clusterfuzz-testcase-h1_capture_fuzz_test-6215556767154176 │ │ │ ├── clusterfuzz-testcase-minimized-h1_capture_fuzz_test-5675304995782656 │ │ │ ├── clusterfuzz-testcase-minimized-h1_capture_fuzz_test-5738507290542080 │ │ │ ├── embed_null.pb_text │ │ │ ├── stream_info_destructor │ │ │ └── upstream_extra_crlf.pb_text │ │ ├── h1_fuzz.cc │ │ ├── h1_fuzz.h │ │ ├── h2_capture_direct_response_fuzz_test.cc │ │ ├── h2_capture_fuzz.proto │ │ ├── h2_capture_fuzz_test.cc │ │ ├── h2_corpus/ │ │ │ ├── metadata_test │ │ │ └── simple_test │ │ ├── h2_fuzz.cc │ │ ├── h2_fuzz.h │ │ ├── hds_integration_test.cc │ │ ├── header_casing_integration_test.cc │ │ ├── header_integration_test.cc │ │ ├── header_prefix_integration_test.cc │ │ ├── health_check_integration_test.cc │ │ ├── hotrestart_main.cc │ │ ├── hotrestart_test.sh │ │ ├── http2_integration_test.cc │ │ ├── http2_integration_test.h │ │ ├── http2_upstream_integration_test.cc │ │ ├── http2_upstream_integration_test.h │ │ ├── http_integration.cc │ │ ├── http_integration.h │ │ ├── http_protocol_integration.cc │ │ ├── http_protocol_integration.h │ │ ├── http_subset_lb_integration_test.cc │ │ ├── http_timeout_integration_test.cc │ │ ├── http_timeout_integration_test.h │ │ ├── idle_timeout_integration_test.cc │ │ ├── integration.h │ │ ├── integration_admin_test.cc │ │ ├── integration_admin_test.h │ │ ├── integration_stream_decoder.cc │ │ ├── integration_stream_decoder.h │ │ ├── integration_tcp_client.cc │ │ ├── integration_tcp_client.h │ │ ├── integration_test.cc │ │ ├── integration_test.h │ │ ├── listener_filter_integration_test.cc │ │ ├── listener_lds_integration_test.cc │ │ ├── load_stats_integration_test.cc │ │ ├── local_reply_integration_test.cc │ │ ├── overload_integration_test.cc │ │ ├── protocol_integration_test.cc │ │ ├── proxy_proto_integration_test.cc │ │ ├── proxy_proto_integration_test.h │ │ ├── redirect_integration_test.cc │ │ ├── rtds_integration_test.cc │ │ ├── run_envoy_test.sh │ │ ├── scoped_rds_integration_test.cc │ │ ├── sds_dynamic_integration_test.cc │ │ ├── sds_generic_secret_integration_test.cc │ │ ├── sds_static_integration_test.cc │ │ ├── server.cc │ │ ├── server.h │ │ ├── server_stats.h │ │ ├── socket_interface_integration_test.cc │ │ ├── ssl_utility.cc │ │ ├── ssl_utility.h │ │ ├── stats_integration_test.cc │ │ ├── tcp_conn_pool_integration_test.cc │ │ ├── tcp_dump.cc │ │ ├── tcp_dump.h │ │ ├── tcp_proxy_integration_test.cc │ │ ├── tcp_proxy_integration_test.h │ │ ├── tcp_proxy_integration_test.proto │ │ ├── tcp_tunneling_integration_test.cc │ │ ├── test_host_predicate.h │ │ ├── test_host_predicate_config.h │ │ ├── test_utility.sh │ │ ├── transport_socket_match_integration_test.cc │ │ ├── uds_integration_test.cc │ │ ├── uds_integration_test.h │ │ ├── utility.cc │ │ ├── utility.h │ │ ├── version_integration_test.cc │ │ ├── vhds_integration_test.cc │ │ ├── websocket_integration_test.cc │ │ ├── websocket_integration_test.h │ │ ├── xds_integration_test.cc │ │ ├── xfcc_integration_test.cc │ │ └── xfcc_integration_test.h │ ├── main.cc │ ├── mocks/ │ │ ├── BUILD │ │ ├── access_log/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── api/ │ │ │ ├── BUILD │ │ │ ├── hot_restart.h │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── buffer/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── common.cc │ │ ├── common.h │ │ ├── compression/ │ │ │ ├── compressor/ │ │ │ │ ├── BUILD │ │ │ │ ├── mocks.cc │ │ │ │ └── mocks.h │ │ │ └── decompressor/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── config/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── event/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ ├── mocks.h │ │ │ └── wrapped_dispatcher.h │ │ ├── filesystem/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── grpc/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── http/ │ │ │ ├── BUILD │ │ │ ├── api_listener.cc │ │ │ ├── api_listener.h │ │ │ ├── conn_pool.cc │ │ │ ├── conn_pool.h │ │ │ ├── mocks.cc │ │ │ ├── mocks.h │ │ │ ├── mocks_test.cc │ │ │ ├── stream.cc │ │ │ ├── stream.h │ │ │ ├── stream_decoder.cc │ │ │ ├── stream_decoder.h │ │ │ ├── stream_encoder.cc │ │ │ └── stream_encoder.h │ │ ├── init/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── local_info/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── local_reply/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── network/ │ │ │ ├── BUILD │ │ │ ├── connection.cc │ │ │ ├── connection.h │ │ │ ├── io_handle.cc │ │ │ ├── io_handle.h │ │ │ ├── mocks.cc │ │ │ ├── mocks.h │ │ │ ├── socket.cc │ │ │ ├── socket.h │ │ │ ├── transport_socket.cc │ │ │ └── transport_socket.h │ │ ├── protobuf/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── ratelimit/ │ │ │ ├── BUILD │ │ │ └── mocks.h │ │ ├── redis/ │ │ │ └── BUILD │ │ ├── router/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ ├── mocks.h │ │ │ ├── router_filter_interface.cc │ │ │ └── router_filter_interface.h │ │ ├── runtime/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── secret/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── server/ │ │ │ ├── BUILD │ │ │ ├── admin.cc │ │ │ ├── admin.h │ │ │ ├── admin_stream.cc │ │ │ ├── admin_stream.h │ │ │ ├── bootstrap_extension_factory.cc │ │ │ ├── bootstrap_extension_factory.h │ │ │ ├── config_tracker.cc │ │ │ ├── config_tracker.h │ │ │ ├── drain_manager.cc │ │ │ ├── drain_manager.h │ │ │ ├── factory_context.cc │ │ │ ├── factory_context.h │ │ │ ├── filter_chain_factory_context.cc │ │ │ ├── filter_chain_factory_context.h │ │ │ ├── guard_dog.cc │ │ │ ├── guard_dog.h │ │ │ ├── health_checker_factory_context.cc │ │ │ ├── health_checker_factory_context.h │ │ │ ├── hot_restart.cc │ │ │ ├── hot_restart.h │ │ │ ├── instance.cc │ │ │ ├── instance.h │ │ │ ├── listener_component_factory.cc │ │ │ ├── listener_component_factory.h │ │ │ ├── listener_factory_context.cc │ │ │ ├── listener_factory_context.h │ │ │ ├── listener_manager.cc │ │ │ ├── listener_manager.h │ │ │ ├── main.h │ │ │ ├── mocks.h │ │ │ ├── options.cc │ │ │ ├── options.h │ │ │ ├── overload_manager.cc │ │ │ ├── overload_manager.h │ │ │ ├── server_lifecycle_notifier.cc │ │ │ ├── server_lifecycle_notifier.h │ │ │ ├── tracer_factory.cc │ │ │ ├── tracer_factory.h │ │ │ ├── tracer_factory_context.cc │ │ │ ├── tracer_factory_context.h │ │ │ ├── transport_socket_factory_context.cc │ │ │ ├── transport_socket_factory_context.h │ │ │ ├── watch_dog.cc │ │ │ ├── watch_dog.h │ │ │ ├── watchdog_config.cc │ │ │ ├── watchdog_config.h │ │ │ ├── worker.cc │ │ │ ├── worker.h │ │ │ ├── worker_factory.cc │ │ │ └── worker_factory.h │ │ ├── ssl/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── stats/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── stream_info/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── tcp/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── thread_local/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ ├── tracing/ │ │ │ ├── BUILD │ │ │ ├── mocks.cc │ │ │ └── mocks.h │ │ └── upstream/ │ │ ├── BUILD │ │ ├── basic_resource_limit.cc │ │ ├── basic_resource_limit.h │ │ ├── cds_api.cc │ │ ├── cds_api.h │ │ ├── cluster.cc │ │ ├── cluster.h │ │ ├── cluster_info.cc │ │ ├── cluster_info.h │ │ ├── cluster_info_factory.cc │ │ ├── cluster_info_factory.h │ │ ├── cluster_manager.cc │ │ ├── cluster_manager.h │ │ ├── cluster_manager_factory.cc │ │ ├── cluster_manager_factory.h │ │ ├── cluster_priority_set.cc │ │ ├── cluster_priority_set.h │ │ ├── cluster_real_priority_set.cc │ │ ├── cluster_real_priority_set.h │ │ ├── cluster_update_callbacks.cc │ │ ├── cluster_update_callbacks.h │ │ ├── cluster_update_callbacks_handle.cc │ │ ├── cluster_update_callbacks_handle.h │ │ ├── health_check_event_logger.h │ │ ├── health_checker.cc │ │ ├── health_checker.h │ │ ├── host.cc │ │ ├── host.h │ │ ├── host_set.cc │ │ ├── host_set.h │ │ ├── load_balancer.cc │ │ ├── load_balancer.h │ │ ├── load_balancer_context.cc │ │ ├── load_balancer_context.h │ │ ├── mocks.h │ │ ├── priority_set.cc │ │ ├── priority_set.h │ │ ├── retry_host_predicate.cc │ │ ├── retry_host_predicate.h │ │ ├── retry_priority.cc │ │ ├── retry_priority.h │ │ ├── retry_priority_factory.h │ │ ├── test_retry_host_predicate_factory.h │ │ ├── thread_aware_load_balancer.cc │ │ ├── thread_aware_load_balancer.h │ │ ├── thread_local_cluster.cc │ │ ├── thread_local_cluster.h │ │ ├── transport_socket_match.cc │ │ └── transport_socket_match.h │ ├── per_file_coverage.sh │ ├── proto/ │ │ ├── BUILD │ │ ├── bookstore.proto │ │ ├── deprecated.proto │ │ ├── helloworld.proto │ │ └── sensitive.proto │ ├── run_envoy_bazel_coverage.sh │ ├── server/ │ │ ├── BUILD │ │ ├── admin/ │ │ │ ├── BUILD │ │ │ ├── admin_filter_test.cc │ │ │ ├── admin_instance.cc │ │ │ ├── admin_instance.h │ │ │ ├── admin_test.cc │ │ │ ├── clusters_handler_test.cc │ │ │ ├── config_dump_handler_test.cc │ │ │ ├── config_tracker_impl_test.cc │ │ │ ├── init_dump_handler_test.cc │ │ │ ├── logs_handler_test.cc │ │ │ ├── profiling_handler_test.cc │ │ │ ├── prometheus_stats_test.cc │ │ │ ├── runtime_handler_test.cc │ │ │ ├── server_info_handler_test.cc │ │ │ └── stats_handler_test.cc │ │ ├── api_listener_test.cc │ │ ├── backtrace_test.cc │ │ ├── config_validation/ │ │ │ ├── BUILD │ │ │ ├── async_client_test.cc │ │ │ ├── cluster_manager_test.cc │ │ │ ├── config_fuzz_test.cc │ │ │ ├── dispatcher_test.cc │ │ │ ├── server_test.cc │ │ │ ├── test_data/ │ │ │ │ └── runtime_config.yaml │ │ │ ├── xds_corpus/ │ │ │ │ ├── clusterfuzz-testcase-minimized-xds_fuzz_test-6524356210196480 │ │ │ │ ├── clusterfuzz-testcase-xds_fuzz_test-6589246463541248 │ │ │ │ ├── example0 │ │ │ │ ├── example1 │ │ │ │ ├── example10 │ │ │ │ ├── example13 │ │ │ │ ├── example2 │ │ │ │ ├── example3 │ │ │ │ ├── example4 │ │ │ │ ├── example5 │ │ │ │ ├── example6 │ │ │ │ ├── example7 │ │ │ │ ├── example8 │ │ │ │ └── example9 │ │ │ ├── xds_fuzz.cc │ │ │ ├── xds_fuzz.h │ │ │ ├── xds_fuzz.proto │ │ │ ├── xds_fuzz_test.cc │ │ │ ├── xds_verifier.cc │ │ │ ├── xds_verifier.h │ │ │ └── xds_verifier_test.cc │ │ ├── configuration_impl_test.cc │ │ ├── connection_handler_test.cc │ │ ├── drain_manager_impl_test.cc │ │ ├── filter_chain_benchmark_test.cc │ │ ├── filter_chain_manager_impl_test.cc │ │ ├── guarddog_impl_test.cc │ │ ├── hot_restart_impl_test.cc │ │ ├── hot_restarting_parent_test.cc │ │ ├── lds_api_test.cc │ │ ├── listener_manager_impl_quic_only_test.cc │ │ ├── listener_manager_impl_test.cc │ │ ├── listener_manager_impl_test.h │ │ ├── options_impl_test.cc │ │ ├── overload_manager_impl_test.cc │ │ ├── server_corpus/ │ │ │ ├── api_boost_crash │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-4788023076847616 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-5067970991095808 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-5664687524413440 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-5697041979146240 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-5729922022113280 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-5747944989392896 │ │ │ ├── clusterfuzz-testcase-config_fuzz_test-6287096397430784 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5118008002871296 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5118008002871297 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5186283155750912 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5666128418832384 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5674078337236992 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5702999713513472 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5754548048625664 │ │ │ ├── clusterfuzz-testcase-minimized-config_fuzz_test-5762646786179072 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5083428128030720 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5084029869883392 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5632902623657984 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5633109961998336 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5665272556158976 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5665941383282688 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5686444035670016 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5690948441341952 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5705296232579072 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5714049408172032 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5724853840117760 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5730612661452800 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5733243234811904 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5742573780467712 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5751467204411392 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-5761881319407616 │ │ │ ├── clusterfuzz-testcase-minimized-server_fuzz_test-6246954531291136 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-4832853025095680 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-4890981380915200 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5085107063881728 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5366294281977856 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5647989147697152 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5691106634760192 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5696568846450688 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5697356077989888 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5704964522377216 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5705154446753792 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5734693923717120 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5754606195310592 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5755877701713920 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5763613693837312 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5809171076218880 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-5988544525893632 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6036175623028736 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6236930453798912 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6280208148594688 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6288786894880768 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6313779791921152 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6419204524736512 │ │ │ ├── clusterfuzz-testcase-server_fuzz_test-6610050496856064 │ │ │ ├── crash-38abba5264d01217f4f027f02dc403eae6eda8bb │ │ │ ├── crash-ac725507195d840cdb90bed3079b877e6e9419e3 │ │ │ ├── crash-cbd98584afd43791dc2143260c4438f4d2db5e87 │ │ │ ├── crash-d60f68abcafaae8e7b135ca5144b062d969e5575 │ │ │ ├── crash-da39a3ee5e6b4b0d3255bfef95601890afd80709 │ │ │ ├── crash-db2ee19f50162f2079dc0c5ba24fd0e3dcb8b9bc │ │ │ ├── crash-e0339370f24027b5c73b5355e74c0b68c8b33314 │ │ │ ├── google_com_proxy.v2.pb_text │ │ │ ├── not_implemented_envoy_internal │ │ │ ├── not_reached │ │ │ └── valid │ │ ├── server_fuzz_test.cc │ │ ├── server_test.cc │ │ ├── ssl_context_manager_test.cc │ │ ├── test_data/ │ │ │ ├── runtime/ │ │ │ │ ├── override/ │ │ │ │ │ └── some_service/ │ │ │ │ │ └── fizz │ │ │ │ └── primary/ │ │ │ │ └── fizz │ │ │ ├── server/ │ │ │ │ ├── bad_sds_config_source.yaml │ │ │ │ ├── bootstrap_extensions.yaml │ │ │ │ ├── callbacks_stats_sink_bootstrap.yaml │ │ │ │ ├── cluster_dupe_bootstrap.yaml │ │ │ │ ├── cluster_health_check_bootstrap.yaml │ │ │ │ ├── empty_bootstrap.yaml │ │ │ │ ├── invalid_bootstrap.yaml │ │ │ │ ├── invalid_layered_runtime_duplicate_name.yaml │ │ │ │ ├── invalid_layered_runtime_missing_name.yaml │ │ │ │ ├── invalid_layered_runtime_no_layer_specifier.yaml │ │ │ │ ├── invalid_legacy_runtime_bootstrap.yaml │ │ │ │ ├── invalid_runtime_bootstrap.yaml │ │ │ │ ├── node_bootstrap.pb_text │ │ │ │ ├── node_bootstrap.yaml │ │ │ │ ├── node_bootstrap_no_admin_port.yaml │ │ │ │ ├── node_bootstrap_with_admin_socket_options.yaml │ │ │ │ ├── node_bootstrap_without_access_log.yaml │ │ │ │ ├── proxy_version_bootstrap.yaml │ │ │ │ ├── runtime_bootstrap.yaml │ │ │ │ ├── runtime_bootstrap_ads_eds.yaml │ │ │ │ ├── runtime_bootstrap_eds.yaml │ │ │ │ ├── stats_sink_bootstrap.yaml │ │ │ │ ├── unparseable_bootstrap.yaml │ │ │ │ ├── valid_v2_but_invalid_v3_bootstrap.pb_text │ │ │ │ ├── valid_v2_but_invalid_v3_bootstrap.yaml │ │ │ │ ├── valid_v3_but_invalid_v2_bootstrap.pb_text │ │ │ │ ├── valid_v3_but_invalid_v2_bootstrap.yaml │ │ │ │ ├── watchdogs_bootstrap_with_deprecated_field.yaml │ │ │ │ └── zipkin_tracing_deprecated_config.yaml │ │ │ └── static_validation/ │ │ │ ├── bootstrap_unknown_field.yaml │ │ │ ├── cluster_unknown_field.yaml │ │ │ ├── listener_unknown_field.yaml │ │ │ └── network_filter_unknown_field.yaml │ │ ├── utility.h │ │ └── worker_impl_test.cc │ ├── test_common/ │ │ ├── BUILD │ │ ├── contention.cc │ │ ├── contention.h │ │ ├── environment.cc │ │ ├── environment.h │ │ ├── file_system_for_test.cc │ │ ├── file_system_for_test.h │ │ ├── global.cc │ │ ├── global.h │ │ ├── global_test.cc │ │ ├── logging.cc │ │ ├── logging.h │ │ ├── network_utility.cc │ │ ├── network_utility.h │ │ ├── network_utility_test.cc │ │ ├── only_one_thread.cc │ │ ├── only_one_thread.h │ │ ├── printers.cc │ │ ├── printers.h │ │ ├── registry.h │ │ ├── resources.h │ │ ├── simulated_time_system.cc │ │ ├── simulated_time_system.h │ │ ├── simulated_time_system_test.cc │ │ ├── status_utility.h │ │ ├── test_runtime.h │ │ ├── test_time.cc │ │ ├── test_time.h │ │ ├── test_time_system.cc │ │ ├── test_time_system.h │ │ ├── test_time_system_test.cc │ │ ├── test_version_linkstamp.cc │ │ ├── thread_factory_for_test.cc │ │ ├── thread_factory_for_test.h │ │ ├── threadsafe_singleton_injector.h │ │ ├── utility.cc │ │ ├── utility.h │ │ ├── utility_test.cc │ │ └── wasm_base.h │ ├── test_listener.cc │ ├── test_listener.h │ ├── test_runner.cc │ ├── test_runner.h │ └── tools/ │ ├── config_load_check/ │ │ ├── BUILD │ │ └── config_load_check.cc │ ├── router_check/ │ │ ├── BUILD │ │ ├── coverage.cc │ │ ├── coverage.h │ │ ├── router.cc │ │ ├── router.h │ │ ├── router_check.cc │ │ ├── test/ │ │ │ ├── BUILD │ │ │ ├── config/ │ │ │ │ ├── ClusterHeader.golden.proto.json │ │ │ │ ├── ClusterHeader.yaml │ │ │ │ ├── ComprehensiveRoutes.golden.proto.json │ │ │ │ ├── ComprehensiveRoutes.yaml │ │ │ │ ├── ContentType.golden.proto.json │ │ │ │ ├── ContentType.yaml │ │ │ │ ├── DirectResponse.golden.proto.json │ │ │ │ ├── DirectResponse.yaml │ │ │ │ ├── HeaderMatchedRouting.golden.proto.json │ │ │ │ ├── HeaderMatchedRouting.yaml │ │ │ │ ├── Redirect.golden.proto.json │ │ │ │ ├── Redirect.yaml │ │ │ │ ├── Redirect2.golden.proto.json │ │ │ │ ├── Redirect2.yaml │ │ │ │ ├── Redirect3.golden.proto.json │ │ │ │ ├── Redirect3.yaml │ │ │ │ ├── Runtime.golden.proto.json │ │ │ │ ├── Runtime.yaml │ │ │ │ ├── TestRoutes.golden.proto.json │ │ │ │ ├── TestRoutes.yaml │ │ │ │ ├── TestRoutesFailures.golden.proto.json │ │ │ │ ├── Weighted.golden.proto.json │ │ │ │ ├── Weighted.golden.proto.pb_text │ │ │ │ ├── Weighted.golden.proto.yaml │ │ │ │ └── Weighted.yaml │ │ │ └── route_tests.sh │ │ └── validation.proto │ ├── schema_validator/ │ │ ├── BUILD │ │ ├── schema_validator.cc │ │ ├── validator.cc │ │ └── validator.h │ ├── type_whisperer/ │ │ ├── BUILD │ │ └── api_type_db_test.cc │ └── wee8_compile/ │ ├── BUILD │ └── wee8_compile.cc ├── third_party/ │ └── statusor/ │ ├── BUILD │ ├── statusor.cc │ ├── statusor.h │ ├── statusor_internals.h │ └── statusor_test.cc └── tools/ ├── BUILD ├── api/ │ ├── generate_go_protobuf.py │ └── validate_structure.py ├── api_boost/ │ ├── README.md │ ├── api_boost.py │ ├── api_boost_test.py │ └── testdata/ │ ├── BUILD │ ├── decl_ref_expr.cc │ ├── decl_ref_expr.cc.gold │ ├── deprecate.cc │ ├── deprecate.cc.gold │ ├── elaborated_type.cc │ ├── elaborated_type.cc.gold │ ├── no_boost_file.cc │ ├── no_boost_file.cc.gold │ ├── rename.cc │ ├── rename.cc.gold │ ├── using_decl.cc │ ├── using_decl.cc.gold │ ├── validate.cc │ └── validate.cc.gold ├── api_proto_plugin/ │ ├── BUILD │ ├── __init__.py │ ├── annotations.py │ ├── plugin.bzl │ ├── plugin.py │ ├── traverse.py │ ├── type_context.py │ ├── utils.py │ └── visitor.py ├── bazel-test-docker.sh ├── bootstrap2pb.cc ├── build_profile.py ├── check_repositories.sh ├── clang_tools/ │ ├── README.md │ ├── api_booster/ │ │ ├── BUILD │ │ ├── main.cc │ │ ├── proto_cxx_utils.cc │ │ ├── proto_cxx_utils.h │ │ └── proto_cxx_utils_test.cc │ ├── support/ │ │ ├── BUILD │ │ ├── BUILD.prebuilt │ │ └── clang_tools.bzl │ └── syntax_only/ │ ├── BUILD │ └── main.cc ├── code_format/ │ ├── .style.yapf │ ├── check_format.py │ ├── check_format_test.sh │ ├── check_format_test_helper.py │ ├── check_format_test_helper.sh │ ├── check_shellcheck_format.sh │ ├── common.py │ ├── envoy_build_fixer.py │ ├── format_python_tools.py │ ├── format_python_tools.sh │ ├── header_order.py │ ├── paths.py │ └── requirements.txt ├── config_validation/ │ ├── BUILD │ ├── requirements.txt │ └── validate_fragment.py ├── debugging/ │ ├── run-valgrind.sh │ └── valgrind-suppressions.txt ├── dependency/ │ ├── validate.py │ └── validate_test.py ├── deprecate_features/ │ ├── deprecate_features.py │ ├── deprecate_features.sh │ └── requirements.txt ├── deprecate_version/ │ ├── deprecate_version.py │ ├── deprecate_version.sh │ └── requirements.txt ├── docker_wrapper.sh ├── envoy-rotate-files.el ├── envoy_collect/ │ ├── README.md │ └── envoy_collect.py ├── envoy_headersplit/ │ ├── BUILD │ ├── README.md │ ├── code_corpus/ │ │ ├── class_defn.h │ │ ├── class_defn_without_namespace.h │ │ ├── class_impl.cc │ │ ├── fail_mocks.cc │ │ ├── fail_mocks.h │ │ ├── fake_build │ │ ├── fake_source_code.cc │ │ └── hello.h │ ├── headersplit.py │ ├── headersplit_test.py │ ├── replace_includes.py │ ├── replace_includes_test.py │ └── requirements.txt ├── find_related_envoy_files.py ├── gen_compilation_database.py ├── git/ │ ├── last_github_commit.sh │ └── modified_since_last_github_commit.sh ├── github/ │ ├── requirements.txt │ ├── sync_assignable.py │ └── sync_assignable.sh ├── path_fix.sh ├── print_dependencies.py ├── proto_format/ │ ├── active_protos_gen.py │ ├── proto_format.sh │ └── proto_sync.py ├── protodoc/ │ ├── BUILD │ ├── generate_empty.py │ ├── manifest.proto │ ├── protodoc.bzl │ ├── protodoc.py │ └── requirements.txt ├── protoxform/ │ ├── BUILD │ ├── merge_active_shadow.py │ ├── merge_active_shadow_test.py │ ├── migrate.py │ ├── options.py │ ├── protoprint.py │ ├── protoxform.bzl │ ├── protoxform.py │ ├── protoxform_test.sh │ ├── protoxform_test_helper.py │ └── utils.py ├── run_command.py ├── shell_utils.sh ├── socket_passing.py ├── spelling/ │ ├── check_spelling.sh │ ├── check_spelling_pedantic.py │ ├── check_spelling_pedantic_test.py │ ├── check_spelling_pedantic_test.sh │ ├── spelling_allowlist_words.txt │ ├── spelling_dictionary.txt │ └── spelling_skip_files.txt ├── stack_decode.py ├── testdata/ │ ├── check_format/ │ │ ├── add_envoy_package.BUILD │ │ ├── add_envoy_package.BUILD.gold │ │ ├── angle_bracket_include.cc │ │ ├── angle_bracket_include.cc.gold │ │ ├── api/ │ │ │ └── missing_package.proto │ │ ├── attribute_packed.cc │ │ ├── bad_envoy_build_sys_ref.BUILD │ │ ├── bad_envoy_build_sys_ref.BUILD.gold │ │ ├── bazel_tools.BUILD │ │ ├── canonical_api_deps.BUILD │ │ ├── canonical_api_deps.BUILD.gold │ │ ├── canonical_api_deps.cc │ │ ├── canonical_api_deps.h │ │ ├── canonical_api_deps.other.cc │ │ ├── canonical_spacing.BUILD │ │ ├── canonical_spacing.BUILD.gold │ │ ├── clang_format_double_off.cc │ │ ├── clang_format_double_on.cc │ │ ├── clang_format_off.cc │ │ ├── clang_format_on.cc │ │ ├── clang_format_on.cc.gold │ │ ├── clang_format_trailing_off.cc │ │ ├── commented_throw.cc │ │ ├── condition_variable.cc │ │ ├── condition_variable_any.cc │ │ ├── condvar_wait_for.cc │ │ ├── counter_from_string.cc │ │ ├── cpp_std.cc │ │ ├── cpp_std.cc.gold │ │ ├── designated_initializers.cc │ │ ├── duration_value.cc │ │ ├── duration_value_zero.cc │ │ ├── elvis_operator.cc │ │ ├── extra_enthusiastic_spaces.cc │ │ ├── extra_enthusiastic_spaces.cc.gold │ │ ├── gauge_from_string.cc │ │ ├── grpc_init.cc │ │ ├── grpc_shutdown.cc │ │ ├── header_order.cc │ │ ├── header_order.cc.gold │ │ ├── histogram_from_string.cc │ │ ├── license.BUILD │ │ ├── license.BUILD.gold │ │ ├── long_line.cc │ │ ├── long_line.cc.gold │ │ ├── mutex.cc │ │ ├── no_namespace_envoy.cc │ │ ├── over_enthusiastic_spaces.cc │ │ ├── over_enthusiastic_spaces.cc.gold │ │ ├── pgv_string.proto │ │ ├── proto.BUILD │ │ ├── proto.BUILD.gold │ │ ├── proto_deps.cc │ │ ├── proto_deps.cc.gold │ │ ├── proto_enum_mangling.cc │ │ ├── proto_format.proto │ │ ├── proto_format.proto.gold │ │ ├── proto_style.cc │ │ ├── proto_style.cc.gold │ │ ├── real_time_source.cc │ │ ├── real_time_source_override.cc │ │ ├── real_time_system.cc │ │ ├── regex.cc │ │ ├── remove_unused_loads.BUILD │ │ ├── remove_unused_loads.BUILD.gold │ │ ├── serialize_as_string.cc │ │ ├── shared_mutex.cc │ │ ├── skip_envoy_package.BUILD │ │ ├── skip_envoy_package.BUILD.gold │ │ ├── sleep.cc │ │ ├── std_any.cc │ │ ├── std_atomic_free_functions.cc │ │ ├── std_get_if.cc │ │ ├── std_get_time.cc │ │ ├── std_holds_alternative.cc │ │ ├── std_make_optional.cc │ │ ├── std_monostate.cc │ │ ├── std_optional.cc │ │ ├── std_string_view.cc │ │ ├── std_unordered_map.cc │ │ ├── std_unordered_set.cc │ │ ├── std_variant.cc │ │ ├── std_visit.cc │ │ ├── steady_clock.cc │ │ ├── strerror.cc │ │ ├── system_clock.cc │ │ ├── test/ │ │ │ └── register_factory.cc │ │ ├── test_naming.cc │ │ ├── testing_test.cc │ │ ├── throw.cc │ │ ├── time_system_wait_for.cc │ │ ├── unpack_to.cc │ │ ├── update_license.BUILD │ │ ├── update_license.BUILD.gold │ │ └── version_history/ │ │ └── current.rst │ ├── protoxform/ │ │ ├── BUILD │ │ ├── envoy/ │ │ │ ├── active_non_terminal/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── active_non_terminal.proto │ │ │ │ ├── active_non_terminal.proto.active_or_frozen.gold │ │ │ │ ├── active_non_terminal.proto.next_major_version_candidate.envoy_internal.gold │ │ │ │ └── active_non_terminal.proto.next_major_version_candidate.gold │ │ │ ├── active_terminal/ │ │ │ │ └── v2/ │ │ │ │ ├── BUILD │ │ │ │ ├── active_terminal.proto │ │ │ │ ├── active_terminal.proto.active_or_frozen.gold │ │ │ │ ├── active_terminal.proto.next_major_version_candidate.envoy_internal.gold │ │ │ │ └── active_terminal.proto.next_major_version_candidate.gold │ │ │ ├── frozen/ │ │ │ │ ├── v2/ │ │ │ │ │ ├── BUILD │ │ │ │ │ ├── frozen.proto │ │ │ │ │ ├── frozen.proto.active_or_frozen.gold │ │ │ │ │ ├── frozen.proto.next_major_version_candidate.envoy_internal.gold │ │ │ │ │ └── frozen.proto.next_major_version_candidate.gold │ │ │ │ └── v3/ │ │ │ │ ├── BUILD │ │ │ │ ├── frozen.proto │ │ │ │ ├── frozen.proto.active_or_frozen.gold │ │ │ │ ├── frozen.proto.next_major_version_candidate.envoy_internal.gold │ │ │ │ └── frozen.proto.next_major_version_candidate.gold │ │ │ └── v2/ │ │ │ ├── BUILD │ │ │ ├── discovery_service.proto │ │ │ ├── discovery_service.proto.active_or_frozen.gold │ │ │ ├── discovery_service.proto.next_major_version_candidate.envoy_internal.gold │ │ │ ├── discovery_service.proto.next_major_version_candidate.gold │ │ │ ├── fully_qualified_names.proto │ │ │ ├── fully_qualified_names.proto.active_or_frozen.gold │ │ │ ├── fully_qualified_names.proto.next_major_version_candidate.envoy_internal.gold │ │ │ ├── fully_qualified_names.proto.next_major_version_candidate.gold │ │ │ ├── oneof.proto │ │ │ ├── oneof.proto.active_or_frozen.gold │ │ │ ├── oneof.proto.next_major_version_candidate.envoy_internal.gold │ │ │ ├── oneof.proto.next_major_version_candidate.gold │ │ │ ├── package_move.proto │ │ │ ├── package_move.proto.active_or_frozen.gold │ │ │ ├── package_move.proto.next_major_version_candidate.envoy_internal.gold │ │ │ ├── package_move.proto.next_major_version_candidate.gold │ │ │ ├── sample.proto │ │ │ ├── sample.proto.active_or_frozen.gold │ │ │ ├── sample.proto.next_major_version_candidate.envoy_internal.gold │ │ │ └── sample.proto.next_major_version_candidate.gold │ │ └── external/ │ │ ├── BUILD │ │ ├── package_type.proto │ │ └── root_type.proto │ └── spelling/ │ ├── exclusions │ ├── on_off │ ├── rst_code_block │ ├── skip_blocks │ ├── skip_file │ ├── typos │ ├── valid │ └── word_splitting ├── type_whisperer/ │ ├── BUILD │ ├── api_build_file.bzl │ ├── api_type_db.cc │ ├── api_type_db.h │ ├── api_type_db.proto │ ├── file_descriptor_set_text.bzl │ ├── file_descriptor_set_text_gen.py │ ├── proto_build_targets_gen.py │ ├── proto_cc_source.bzl │ ├── proto_cc_source_gen.py │ ├── type_database.bzl │ ├── type_whisperer.bzl │ ├── type_whisperer.py │ ├── typedb_gen.py │ └── types.proto └── vscode/ ├── README.md ├── generate_debug_config.py └── refresh_compdb.sh ================================================ FILE CONTENTS ================================================ ================================================ FILE: .azure-pipelines/bazel.yml ================================================ parameters: - name: ciTarget displayName: "CI target" type: string default: bazel.release - name: artifactSuffix displayName: "Suffix of artifact" type: string default: "" - name: rbe displayName: "Enable RBE" type: boolean default: true - name: managedAgent type: boolean default: true - name: bazelBuildExtraOptions type: string default: "--flaky_test_attempts=2" steps: - task: Cache@2 inputs: key: '"${{ parameters.ciTarget }}" | ./WORKSPACE | **/*.bzl' path: $(Build.StagingDirectory)/repository_cache continueOnError: true - bash: .azure-pipelines/cleanup.sh displayName: "Removing tools from agent" condition: ${{ parameters.managedAgent }} - bash: | echo "disk space at beginning of build:" df -h displayName: "Check disk space at beginning" - bash: | sudo mkdir -p /etc/docker echo '{ "ipv6": true, "fixed-cidr-v6": "2001:db8:1::/64" }' | sudo tee /etc/docker/daemon.json sudo service docker restart displayName: "Enable IPv6" condition: ${{ parameters.managedAgent }} - script: ci/run_envoy_docker.sh 'ci/do_ci.sh ${{ parameters.ciTarget }}' workingDirectory: $(Build.SourcesDirectory) env: ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) SLACK_TOKEN: $(SLACK_TOKEN) REPO_URI: $(Build.Repository.Uri) BUILD_URI: $(Build.BuildUri) ${{ if parameters.rbe }}: ENVOY_RBE: "1" BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --jobs=$(RbeJobs) ${{ parameters.bazelBuildExtraOptions }}" BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) ${{ if eq(parameters.rbe, false) }}: BAZEL_BUILD_EXTRA_OPTIONS: "${{ parameters.bazelBuildExtraOptions }}" BAZEL_REMOTE_CACHE: $(LocalBuildCache) displayName: "Run CI script" - bash: | echo "disk space at end of build:" df -h displayName: "Check disk space at end" condition: always() - task: PublishTestResults@2 inputs: testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" testRunTitle: "${{ parameters.ciTarget }}" searchFolder: $(Build.StagingDirectory)/tmp condition: always() - task: PublishBuildArtifacts@1 inputs: pathtoPublish: "$(Build.StagingDirectory)/envoy" artifactName: ${{ parameters.ciTarget }}${{ parameters.artifactSuffix }} condition: always() ================================================ FILE: .azure-pipelines/cleanup.sh ================================================ #!/bin/bash set -e # Temporary script to remove tools from Azure pipelines agent to create more disk space room. sudo apt-get update -y sudo apt-get purge -y --no-upgrade 'ghc-*' 'zulu-*-azure-jdk' 'libllvm*' 'mysql-*' 'dotnet-*' 'libgl1' \ 'adoptopenjdk-*' 'azure-cli' 'google-chrome-stable' 'firefox' 'hhvm' dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -rn ================================================ FILE: .azure-pipelines/pipelines.yml ================================================ trigger: branches: include: - "master" - "release/v*" tags: include: - "v*" # PR build config is manually overridden in Azure pipelines UI with different secrets pr: none jobs: - job: format dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel. pool: vmImage: "ubuntu-18.04" steps: - task: Cache@2 inputs: key: "format | ./WORKSPACE | **/*.bzl" path: $(Build.StagingDirectory)/repository_cache continueOnError: true - script: ci/run_envoy_docker.sh 'ci/check_and_fix_format.sh' workingDirectory: $(Build.SourcesDirectory) env: ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) displayName: "Run check format scripts" - task: PublishBuildArtifacts@1 inputs: pathtoPublish: "$(Build.StagingDirectory)/fix_format.diff" artifactName: format condition: failed() - job: release displayName: "Linux-x64 release" dependsOn: ["format"] # For master builds, continue even if format fails condition: and(not(canceled()), or(succeeded(), ne(variables['Build.Reason'], 'PullRequest'))) timeoutInMinutes: 360 pool: vmImage: "ubuntu-18.04" steps: - template: bazel.yml parameters: ciTarget: bazel.release - job: release_arm64 displayName: "Linux-arm64 release" dependsOn: ["format"] # For master builds, continue even if format fails condition: and(not(canceled()), or(succeeded(), ne(variables['Build.Reason'], 'PullRequest'))) timeoutInMinutes: 360 pool: "arm-large" steps: - template: bazel.yml parameters: managedAgent: false ciTarget: bazel.release rbe: false artifactSuffix: ".arm64" bazelBuildExtraOptions: "--sandbox_base=/tmp/sandbox_base" - job: bazel displayName: "Linux-x64" dependsOn: ["release"] # For master builds, continue even if format fails condition: and(not(canceled()), or(succeeded(), ne(variables['Build.Reason'], 'PullRequest'))) strategy: maxParallel: 3 matrix: gcc: CI_TARGET: "bazel.gcc" clang_tidy: CI_TARGET: "bazel.clang_tidy" asan: CI_TARGET: "bazel.asan" tsan: CI_TARGET: "bazel.tsan" compile_time_options: CI_TARGET: "bazel.compile_time_options" timeoutInMinutes: 360 pool: vmImage: "ubuntu-18.04" steps: - template: bazel.yml parameters: ciTarget: $(CI_TARGET) - job: coverage displayName: "Linux-x64" dependsOn: ["release"] timeoutInMinutes: 360 pool: "x64-large" strategy: maxParallel: 2 matrix: coverage: CI_TARGET: "coverage" fuzz_coverage: CI_TARGET: "fuzz_coverage" steps: - template: bazel.yml parameters: managedAgent: false ciTarget: bazel.$(CI_TARGET) rbe: false # /tmp/sandbox_base is a tmpfs in CI environment to optimize large I/O for coverage traces bazelBuildExtraOptions: "--define=no_debug_info=1 --linkopt=-Wl,-s --test_env=ENVOY_IP_TEST_VERSIONS=v4only --sandbox_base=/tmp/sandbox_base" - script: ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/$(CI_TARGET) $(CI_TARGET)' displayName: "Upload $(CI_TARGET) Report to GCS" env: ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) condition: always() - job: docker displayName: "Linux multi-arch docker" dependsOn: ["release", "release_arm64"] pool: vmImage: "ubuntu-18.04" steps: - bash: .azure-pipelines/cleanup.sh displayName: "Removing tools from agent" - task: DownloadBuildArtifacts@0 inputs: buildType: current artifactName: "bazel.release" itemPattern: "bazel.release/envoy_binary.tar.gz" downloadType: single targetPath: $(Build.StagingDirectory) - task: DownloadBuildArtifacts@0 inputs: buildType: current artifactName: "bazel.release.arm64" itemPattern: "bazel.release.arm64/envoy_binary.tar.gz" downloadType: single targetPath: $(Build.StagingDirectory) - bash: | set -e mkdir -p linux/amd64 && tar zxf $(Build.StagingDirectory)/bazel.release/envoy_binary.tar.gz -C ./linux/amd64 mkdir -p linux/arm64 && tar zxf $(Build.StagingDirectory)/bazel.release.arm64/envoy_binary.tar.gz -C ./linux/arm64 ci/docker_ci.sh workingDirectory: $(Build.SourcesDirectory) env: AZP_BRANCH: $(Build.SourceBranch) AZP_SHA1: $(Build.SourceVersion) DOCKERHUB_USERNAME: $(DockerUsername) DOCKERHUB_PASSWORD: $(DockerPassword) - task: PublishBuildArtifacts@1 inputs: pathtoPublish: "$(Build.StagingDirectory)/build_images" artifactName: docker condition: always() - job: examples dependsOn: ["docker"] displayName: "Verify examples run as documented" pool: vmImage: "ubuntu-18.04" steps: - task: DownloadBuildArtifacts@0 inputs: buildType: current artifactName: "docker" itemPattern: "docker/envoy-docker-images.tar.xz" downloadType: single targetPath: $(Build.StagingDirectory) - bash: ./ci/do_ci.sh verify_examples env: ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) NO_BUILD_SETUP: 1 - job: macOS dependsOn: ["format"] timeoutInMinutes: 360 pool: vmImage: "macos-latest" steps: - script: ./ci/mac_ci_setup.sh displayName: "Install dependencies" - script: ./ci/mac_ci_steps.sh displayName: "Run Mac CI" env: BAZEL_BUILD_EXTRA_OPTIONS: "--remote_download_toplevel --flaky_test_attempts=2" BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - task: PublishTestResults@2 inputs: testResultsFiles: "**/bazel-testlogs/**/test.xml" testRunTitle: "macOS" condition: always() - script: ./ci/flaky_test/run_process_xml_mac.sh displayName: "Process Test Results" env: TEST_TMPDIR: $(Build.SourcesDirectory) SLACK_TOKEN: $(SLACK_TOKEN) CI_TARGET: "MacOS" REPO_URI: $(Build.Repository.Uri) BUILD_URI: $(Build.BuildUri) - job: Windows dependsOn: ["format"] timeoutInMinutes: 360 pool: vmImage: "windows-latest" steps: - bash: ci/run_envoy_docker.sh ci/windows_ci_steps.sh displayName: "Run Windows CI" env: ENVOY_DOCKER_BUILD_DIR: "$(Build.StagingDirectory)" ENVOY_RBE: "true" BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --config=remote-msvc-cl --jobs=$(RbeJobs)" BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - task: PublishBuildArtifacts@1 inputs: pathtoPublish: "$(Build.StagingDirectory)/envoy" artifactName: windows.release condition: always() ================================================ FILE: .bazelci/presubmit.yml ================================================ --- tasks: rbe: name: "RBE" platform: ubuntu1804 test_targets: - "//test/common/common/..." - "//test/integration/..." - "//test/exe/..." test_flags: - "--config=remote-clang-libc++" - "--config=remote-ci" - "--jobs=75" coverage: name: "Coverage" platform: ubuntu1804 shell_commands: - "bazel/setup_clang.sh /usr/lib/llvm-10" test_targets: - "//test/common/common/..." - "//test/integration/..." - "//test/exe/..." test_flags: - "--config=coverage" - "--config=clang" ================================================ FILE: .bazelignore ================================================ api examples/grpc-bridge/script tools/clang_tools ================================================ FILE: .bazelrc ================================================ # Envoy specific Bazel build/test options. # Bazel doesn't need more than 200MB of memory for local build based on memory profiling: # https://docs.bazel.build/versions/master/skylark/performance.html#memory-profiling # The default JVM max heapsize is 1/4 of physical memory up to 32GB which could be large # enough to consume all memory constrained by cgroup in large host, which is the case in CircleCI. # Limiting JVM heapsize here to let it do GC more when approaching the limit to # leave room for compiler/linker. # The number 2G is choosed heuristically to both support in CircleCI and large enough for RBE. # Startup options cannot be selected via config. startup --host_jvm_args=-Xmx2g build --workspace_status_command="bash bazel/get_workspace_status" build --experimental_strict_action_env=true build --host_force_python=PY3 build --action_env=BAZEL_LINKLIBS=-l%:libstdc++.a build --action_env=BAZEL_LINKOPTS=-lm build --host_javabase=@bazel_tools//tools/jdk:remote_jdk11 build --javabase=@bazel_tools//tools/jdk:remote_jdk11 build --enable_platform_specific_config # Enable position independent code, this option is not supported on Windows and default on on macOS. build:linux --copt=-fPIC build:linux --cxxopt=-std=c++17 build:linux --conlyopt=-fexceptions build:linux --fission=dbg,opt build:linux --features=per_object_debug_info # We already have absl in the build, define absl=1 to tell googletest to use absl for backtrace. build --define absl=1 # Pass PATH, CC, CXX and LLVM_CONFIG variables from the environment. build --action_env=CC build --action_env=CXX build --action_env=LLVM_CONFIG build --action_env=PATH # Common flags for sanitizers build:sanitizer --define tcmalloc=disabled build:sanitizer --linkopt -ldl build:sanitizer --build_tag_filters=-no_san build:sanitizer --test_tag_filters=-no_san # Common flags for Clang build:clang --action_env=BAZEL_COMPILER=clang build:clang --linkopt=-fuse-ld=lld # Basic ASAN/UBSAN that works for gcc build:asan --action_env=ENVOY_ASAN=1 build:asan --config=sanitizer # ASAN install its signal handler, disable ours so the stacktrace will be printed by ASAN build:asan --define signal_trace=disabled build:asan --define ENVOY_CONFIG_ASAN=1 build:asan --copt -fsanitize=address,undefined build:asan --linkopt -fsanitize=address,undefined # vptr and function sanitizer are enabled in clang-asan if it is set up via bazel/setup_clang.sh. build:asan --copt -fno-sanitize=vptr,function build:asan --linkopt -fno-sanitize=vptr,function build:asan --copt -DADDRESS_SANITIZER=1 build:asan --copt -D__SANITIZE_ADDRESS__ build:asan --test_env=ASAN_OPTIONS=handle_abort=1:allow_addr2line=true:check_initialization_order=true:strict_init_order=true:detect_odr_violation=1 build:asan --test_env=UBSAN_OPTIONS=halt_on_error=true:print_stacktrace=1 build:asan --test_env=ASAN_SYMBOLIZER_PATH # Clang ASAN/UBSAN build:clang-asan --config=asan build:clang-asan --linkopt -fuse-ld=lld # macOS ASAN/UBSAN build:macos --cxxopt=-std=c++17 build:macos-asan --config=asan # Workaround, see https://github.com/bazelbuild/bazel/issues/6932 build:macos-asan --copt -Wno-macro-redefined build:macos-asan --copt -D_FORTIFY_SOURCE=0 # Workaround, see https://github.com/bazelbuild/bazel/issues/4341 build:macos-asan --copt -DGRPC_BAZEL_BUILD # Dynamic link cause issues like: `dyld: malformed mach-o: load commands size (59272) > 32768` build:macos-asan --dynamic_mode=off # Clang TSAN build:clang-tsan --action_env=ENVOY_TSAN=1 build:clang-tsan --config=sanitizer build:clang-tsan --define ENVOY_CONFIG_TSAN=1 build:clang-tsan --copt -fsanitize=thread build:clang-tsan --linkopt -fsanitize=thread build:clang-tsan --linkopt -fuse-ld=lld build:clang-tsan --build_tag_filters=-no_san,-no_tsan build:clang-tsan --test_tag_filters=-no_san,-no_tsan # Needed due to https://github.com/libevent/libevent/issues/777 build:clang-tsan --copt -DEVENT__DISABLE_DEBUG_MODE # https://github.com/abseil/abseil-cpp/issues/760 # https://github.com/google/sanitizers/issues/953 build:clang-tsan --test_env="TSAN_OPTIONS=report_atomic_races=0" # Clang MSAN - this is the base config for remote-msan and docker-msan. To run this config without # our build image, follow https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo # with libc++ instruction and provide corresponding `--copt` and `--linkopt` as well. build:clang-msan --action_env=ENVOY_MSAN=1 build:clang-msan --config=sanitizer build:clang-msan --define ENVOY_CONFIG_MSAN=1 build:clang-msan --copt -fsanitize=memory build:clang-msan --linkopt -fsanitize=memory build:clang-msan --copt -fsanitize-memory-track-origins=2 # MSAN needs -O1 to get reasonable performance. build:clang-msan --copt -O1 # Clang with libc++ build:libc++ --config=clang build:libc++ --action_env=CXXFLAGS=-stdlib=libc++ build:libc++ --action_env=LDFLAGS=-stdlib=libc++ build:libc++ --action_env=BAZEL_CXXOPTS=-stdlib=libc++ build:libc++ --action_env=BAZEL_LINKLIBS=-l%:libc++.a:-l%:libc++abi.a build:libc++ --action_env=BAZEL_LINKOPTS=-lm:-pthread build:libc++ --define force_libcpp=enabled # Optimize build for binary size reduction. build:sizeopt -c opt --copt -Os # Test options build --test_env=HEAPCHECK=normal --test_env=PPROF_PATH # Coverage options coverage --config=coverage coverage --build_tests_only build:coverage --action_env=BAZEL_USE_LLVM_NATIVE_COVERAGE=1 build:coverage --action_env=GCOV=llvm-profdata build:coverage --copt=-DNDEBUG # 1.5x original timeout + 300s for trace merger in all categories build:coverage --test_timeout=390,750,1500,5700 build:coverage --define=dynamic_link_tests=true build:coverage --define=ENVOY_CONFIG_COVERAGE=1 build:coverage --cxxopt="-DENVOY_CONFIG_COVERAGE=1" build:coverage --coverage_support=@envoy//bazel/coverage:coverage_support build:coverage --test_env=CC_CODE_COVERAGE_SCRIPT=external/envoy/bazel/coverage/collect_cc_coverage.sh build:coverage --test_env=HEAPCHECK= build:coverage --combined_report=lcov build:coverage --strategy=TestRunner=sandboxed,local build:coverage --strategy=CoverageReport=sandboxed,local build:coverage --experimental_use_llvm_covmap build:coverage --collect_code_coverage build:coverage --test_tag_filters=-nocoverage build:coverage --instrumentation_filter="//source(?!/common/chromium_url|/extensions/quic_listeners/quiche/platform)[/:],//include[/:]" coverage:test-coverage --test_arg="-l trace" coverage:fuzz-coverage --config=plain-fuzzer coverage:fuzz-coverage --run_under=@envoy//bazel/coverage:fuzz_coverage_wrapper.sh # Remote execution: https://docs.bazel.build/versions/master/remote-execution.html build:rbe-toolchain --action_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 build:rbe-toolchain-clang --config=rbe-toolchain build:rbe-toolchain-clang --platforms=@rbe_ubuntu_clang//config:platform build:rbe-toolchain-clang --host_platform=@rbe_ubuntu_clang//config:platform build:rbe-toolchain-clang --crosstool_top=@rbe_ubuntu_clang//cc:toolchain build:rbe-toolchain-clang --extra_toolchains=@rbe_ubuntu_clang//config:cc-toolchain build:rbe-toolchain-clang --action_env=CC=clang --action_env=CXX=clang++ --action_env=PATH=/usr/sbin:/usr/bin:/sbin:/bin:/opt/llvm/bin build:rbe-toolchain-clang-libc++ --config=rbe-toolchain build:rbe-toolchain-clang-libc++ --platforms=@rbe_ubuntu_clang_libcxx//config:platform build:rbe-toolchain-clang-libc++ --host_platform=@rbe_ubuntu_clang_libcxx//config:platform build:rbe-toolchain-clang-libc++ --crosstool_top=@rbe_ubuntu_clang_libcxx//cc:toolchain build:rbe-toolchain-clang-libc++ --extra_toolchains=@rbe_ubuntu_clang_libcxx//config:cc-toolchain build:rbe-toolchain-clang-libc++ --action_env=CC=clang --action_env=CXX=clang++ --action_env=PATH=/usr/sbin:/usr/bin:/sbin:/bin:/opt/llvm/bin build:rbe-toolchain-clang-libc++ --action_env=CXXFLAGS=-stdlib=libc++ build:rbe-toolchain-clang-libc++ --action_env=LDFLAGS=-stdlib=libc++ build:rbe-toolchain-clang-libc++ --define force_libcpp=enabled build:rbe-toolchain-msan --linkopt=-L/opt/libcxx_msan/lib build:rbe-toolchain-msan --linkopt=-Wl,-rpath,/opt/libcxx_msan/lib build:rbe-toolchain-msan --config=clang-msan build:rbe-toolchain-tsan --linkopt=-L/opt/libcxx_tsan/lib build:rbe-toolchain-tsan --linkopt=-Wl,-rpath,/opt/libcxx_tsan/lib build:rbe-toolchain-tsan --config=clang-tsan build:rbe-toolchain-gcc --config=rbe-toolchain build:rbe-toolchain-gcc --platforms=@rbe_ubuntu_gcc//config:platform build:rbe-toolchain-gcc --host_platform=@rbe_ubuntu_gcc//config:platform build:rbe-toolchain-gcc --crosstool_top=@rbe_ubuntu_gcc//cc:toolchain build:rbe-toolchain-gcc --extra_toolchains=@rbe_ubuntu_gcc//config:cc-toolchain build:rbe-toolchain-msvc-cl --host_platform=@rbe_windows_msvc_cl//config:platform build:rbe-toolchain-msvc-cl --platforms=@rbe_windows_msvc_cl//config:platform build:rbe-toolchain-msvc-cl --crosstool_top=@rbe_windows_msvc_cl//cc:toolchain build:rbe-toolchain-msvc-cl --extra_toolchains=@rbe_windows_msvc_cl//config:cc-toolchain build:rbe-toolchain-clang-cl --host_platform=@rbe_windows_clang_cl//config:platform build:rbe-toolchain-clang-cl --platforms=@rbe_windows_clang_cl//config:platform build:rbe-toolchain-clang-cl --crosstool_top=@rbe_windows_clang_cl//cc:toolchain build:rbe-toolchain-clang-cl --extra_toolchains=@rbe_windows_clang_cl//config:cc-toolchain build:remote --spawn_strategy=remote,sandboxed,local build:remote --strategy=Javac=remote,sandboxed,local build:remote --strategy=Closure=remote,sandboxed,local build:remote --strategy=Genrule=remote,sandboxed,local # rules_rust is not remote runnable (yet) build:remote --strategy=Rustc=sandboxed,local build:remote --remote_timeout=7200 build:remote --auth_enabled=true build:remote --remote_download_toplevel # Windows bazel does not allow sandboxed as a spawn strategy build:remote-windows --spawn_strategy=remote,local build:remote-windows --strategy=Javac=remote,local build:remote-windows --strategy=Closure=remote,local build:remote-windows --strategy=Genrule=remote,local build:remote-windows --remote_timeout=7200 build:remote-windows --auth_enabled=true build:remote-windows --remote_download_toplevel build:remote-clang --config=remote build:remote-clang --config=rbe-toolchain-clang build:remote-clang-libc++ --config=remote build:remote-clang-libc++ --config=rbe-toolchain-clang-libc++ build:remote-gcc --config=remote build:remote-gcc --config=rbe-toolchain-gcc build:remote-msan --config=remote build:remote-msan --config=rbe-toolchain-clang-libc++ build:remote-msan --config=rbe-toolchain-msan build:remote-msvc-cl --config=remote-windows build:remote-msvc-cl --config=msvc-cl build:remote-msvc-cl --config=rbe-toolchain-msvc-cl build:remote-clang-cl --config=remote-windows build:remote-clang-cl --config=clang-cl build:remote-clang-cl --config=rbe-toolchain-clang-cl # Docker sandbox # NOTE: Update this from https://github.com/envoyproxy/envoy-build-tools/blob/master/toolchains/rbe_toolchains_config.bzl#L8 build:docker-sandbox --experimental_docker_image=envoyproxy/envoy-build-ubuntu:b480535e8423b5fd7c102fd30c92f4785519e33a build:docker-sandbox --spawn_strategy=docker build:docker-sandbox --strategy=Javac=docker build:docker-sandbox --strategy=Closure=docker build:docker-sandbox --strategy=Genrule=docker build:docker-sandbox --define=EXECUTOR=remote build:docker-sandbox --experimental_docker_verbose build:docker-sandbox --experimental_enable_docker_sandbox build:docker-clang --config=docker-sandbox build:docker-clang --config=rbe-toolchain-clang build:docker-clang-libc++ --config=docker-sandbox build:docker-clang-libc++ --config=rbe-toolchain-clang-libc++ build:docker-gcc --config=docker-sandbox build:docker-gcc --config=rbe-toolchain-gcc build:docker-msan --config=docker-sandbox build:docker-msan --config=rbe-toolchain-clang-libc++ build:docker-msan --config=rbe-toolchain-msan build:docker-tsan --config=docker-sandbox build:docker-tsan --config=rbe-toolchain-clang-libc++ build:docker-tsan --config=rbe-toolchain-tsan # CI configurations build:remote-ci --remote_cache=grpcs://remotebuildexecution.googleapis.com build:remote-ci --remote_executor=grpcs://remotebuildexecution.googleapis.com # Fuzz builds # -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is passed in in the bazel build target # rules for fuzz tests. Passing it in the CLI will cause dependencies to be build # with the macro. Causing issues in RouteMatcherTest.TestRoutes that expect prod # behavior from RE2 library. build:asan-fuzzer --config=asan build:asan-fuzzer --define=FUZZING_ENGINE=libfuzzer build:asan-fuzzer --copt=-fsanitize=fuzzer-no-link build:asan-fuzzer --copt=-fno-omit-frame-pointer # Remove UBSAN halt_on_error to avoid crashing on protobuf errors. build:asan-fuzzer --test_env=UBSAN_OPTIONS=print_stacktrace=1 # Fuzzing without ASAN. This is useful for profiling fuzzers without any ASAN artifacts. build:plain-fuzzer --define=FUZZING_ENGINE=libfuzzer build:plain-fuzzer --define ENVOY_CONFIG_ASAN=1 build:plain-fuzzer --copt=-fsanitize=fuzzer-no-link build:plain-fuzzer --linkopt=-fsanitize=fuzzer-no-link # Compile database generation config build:compdb --build_tag_filters=-nocompdb # Windows build quirks build:windows --action_env=TMPDIR build:windows --define signal_trace=disabled build:windows --define hot_restart=disabled build:windows --define tcmalloc=disabled build:windows --define manual_stamp=manual_stamp # Should not be required after upstream fix to bazel, # and already a no-op to linux/macos builds # see issue https://github.com/bazelbuild/rules_foreign_cc/issues/301 build:windows --copt="-DCARES_STATICLIB" build:windows --copt="-DNGHTTP2_STATICLIB" build:windows --copt="-DCURL_STATICLIB" build:windows --cxxopt="/std:c++17" # Required to work around build defects on Windows MSVC cl # Unguarded gcc pragmas in quiche are not recognized by MSVC build:msvc-cl --copt="/wd4068" # Allows 'nodiscard' function return values to be discarded build:msvc-cl --copt="/wd4834" # Allows inline functions to be undefined build:msvc-cl --copt="/wd4506" build:msvc-cl --copt="-D_SILENCE_EXPERIMENTAL_FILESYSTEM_DEPRECATION_WARNING" # Required to work around Windows clang-cl build defects # Ignore conflicting definitions of _WIN32_WINNT # Overriding __TIME__ etc is problematic (and is actually an invalid no-op) build:clang-cl --copt="-Wno-macro-redefined" build:clang-cl --copt="-Wno-builtin-macro-redefined" build:clang-cl --action_env=USE_CLANG_CL=1 # Defaults to 'auto' - Off for windows, so override to linux behavior build:windows --enable_runfiles=yes # This should become adopted by bazel as the default build:windows --features=compiler_param_file # These options attempt to force a monolithic binary including the CRT build:windows --features=fully_static_link build:windows --features=static_link_msvcrt build:windows --dynamic_mode=off try-import %workspace%/clang.bazelrc try-import %workspace%/user.bazelrc try-import %workspace%/local_tsan.bazelrc ================================================ FILE: .bazelversion ================================================ 3.4.1 ================================================ FILE: .circleci/config.yml ================================================ version: 2.1 executors: ubuntu-build: description: "A regular build executor based on ubuntu image" docker: # NOTE: Update this from https://github.com/envoyproxy/envoy-build-tools/blob/master/toolchains/rbe_toolchains_config.bzl#L8 - image: envoyproxy/envoy-build-ubuntu:b480535e8423b5fd7c102fd30c92f4785519e33a resource_class: xlarge working_directory: /source jobs: api: executor: ubuntu-build steps: - run: rm -rf /home/circleci/project/.git # CircleCI git caching is likely broken - checkout - run: ci/do_circle_ci.sh bazel.api - add_ssh_keys: fingerprints: - "fb:f3:fe:be:1c:b2:ec:b6:25:f9:7b:a6:87:54:02:8c" - run: ci/api_mirror.sh - store_artifacts: path: /build/envoy/generated destination: / go_control_plane_mirror: executor: ubuntu-build steps: - run: rm -rf /home/circleci/project/.git # CircleCI git caching is likely broken - checkout - run: ci/do_circle_ci.sh bazel.api - add_ssh_keys: fingerprints: - "9d:3b:fe:7c:09:3b:ce:a9:6a:de:de:41:fb:6b:52:62" - run: ci/go_mirror.sh filter_example_mirror: executor: ubuntu-build steps: - run: rm -rf /home/circleci/project/.git # CircleCI git caching is likely broken - checkout - add_ssh_keys: fingerprints: - "f6:f9:df:90:9c:4b:5f:9c:f4:69:fd:42:94:ff:88:24" - run: ci/filter_example_mirror.sh docs: executor: ubuntu-build steps: - run: rm -rf /home/circleci/project/.git # CircleCI git caching is likely broken - checkout - run: ci/do_circle_ci.sh docs - add_ssh_keys: fingerprints: - "44:c7:a1:9e:f4:9e:a5:33:11:f1:0e:79:e1:55:c9:04" - run: docs/publish.sh - store_artifacts: path: generated/docs workflows: version: 2 all: jobs: - api - go_control_plane_mirror - filter_example_mirror - docs: filters: tags: only: /^v.*/ ================================================ FILE: .clang-format ================================================ --- Language: Cpp AccessModifierOffset: -2 ColumnLimit: 100 DerivePointerAlignment: false PointerAlignment: Left SortIncludes: false ... --- Language: Proto ColumnLimit: 100 SpacesInContainerLiterals: false AllowShortFunctionsOnASingleLine: false ReflowComments: false ... ================================================ FILE: .clang-tidy ================================================ Checks: '-clang-analyzer-core.NonNullParamChecker, -clang-analyzer-optin.cplusplus.UninitializedObject, abseil-duration-*, abseil-faster-strsplit-delimiter, abseil-no-namespace, abseil-redundant-strcat-calls, abseil-str-cat-append, abseil-string-find-startswith, abseil-upgrade-duration-conversions, bugprone-assert-side-effect, bugprone-unused-raii, bugprone-use-after-move, clang-analyzer-core.DivideZero, misc-unused-using-decls, modernize-deprecated-headers, modernize-loop-convert, modernize-make-shared, modernize-make-unique, modernize-return-braced-init-list, modernize-use-default-member-init, modernize-use-equals-default, modernize-use-nullptr, modernize-use-override, modernize-use-using, performance-faster-string-find, performance-for-range-copy, performance-inefficient-algorithm, performance-inefficient-vector-operation, performance-noexcept-move-constructor, performance-move-constructor-init, performance-type-promotion-in-math-fn, performance-unnecessary-copy-initialization, readability-braces-around-statements, readability-container-size-empty, readability-identifier-naming, readability-redundant-control-flow, readability-redundant-member-init, readability-redundant-smartptr-get, readability-redundant-string-cstr' WarningsAsErrors: '*' CheckOptions: - key: bugprone-assert-side-effect.AssertMacros value: 'ASSERT' - key: bugprone-dangling-handle.HandleClasses value: 'std::basic_string_view;std::experimental::basic_string_view;absl::string_view' - key: modernize-use-auto.MinTypeNameLength value: '10' - key: readability-identifier-naming.ClassCase value: 'CamelCase' - key: readability-identifier-naming.EnumCase value: 'CamelCase' - key: readability-identifier-naming.EnumConstantCase value: 'CamelCase' - key: readability-identifier-naming.ParameterCase value: 'lower_case' - key: readability-identifier-naming.PrivateMemberCase value: 'lower_case' - key: readability-identifier-naming.PrivateMemberSuffix value: '_' - key: readability-identifier-naming.StructCase value: 'CamelCase' - key: readability-identifier-naming.TypeAliasCase value: 'CamelCase' - key: readability-identifier-naming.UnionCase value: 'CamelCase' - key: readability-identifier-naming.FunctionCase value: 'camelBack' ================================================ FILE: .devcontainer/.gitignore ================================================ devcontainer.env ================================================ FILE: .devcontainer/Dockerfile ================================================ FROM gcr.io/envoy-ci/envoy-build:b480535e8423b5fd7c102fd30c92f4785519e33a ARG USERNAME=vscode ARG USER_UID=501 ARG USER_GID=$USER_UID ENV BUILD_DIR=/build ENV ENVOY_STDLIB=libstdc++ ENV DEBIAN_FRONTEND=noninteractive RUN apt-get -y update \ && apt-get -y install --no-install-recommends libpython2.7 net-tools psmisc vim 2>&1 \ # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. && groupadd --gid $USER_GID $USERNAME \ && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME -G pcap -d /build \ # [Optional] Add sudo support for non-root user && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ && chmod 0440 /etc/sudoers.d/$USERNAME ENV DEBIAN_FRONTEND= ENV PATH=/opt/llvm/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ENV CLANG_FORMAT=/opt/llvm/bin/clang-format ================================================ FILE: .devcontainer/README.md ================================================ # Envoy Dev Container (experimental) This directory contains some experimental tools for Envoy Development in [VSCode Remote - Containers](https://code.visualstudio.com/docs/remote/containers). ## How to use Open with VSCode with the Container extension installed. Follow the [official guide](https://code.visualstudio.com/docs/remote/containers) to open this repository directly from GitHub or from checked-out source tree. After opening, run the `Refresh Compilation Database` task to generate compilation database to navigate in source code. This will run partial build of Envoy and may take a while depends on the machine performance. This task is needed to run everytime after: - Changing a BUILD file that add/remove files from a target, changes dependencies - Changing API proto files There are additional tools for VS Code located in [`tools/vscode`](../tools/vscode) directory. ## Advanced Usages ### Using Remote Build Execution Write the following content to `devcontainer.env` and rebuild the container. The key will be persisted in the container's `~/.bazelrc`. ``` GCP_SERVICE_ACCOUNT_KEY= BAZEL_REMOTE_INSTANCE= BAZEL_REMOTE_CACHE=grpcs://remotebuildexecution.googleapis.com BAZEL_BUILD_EXTRA_OPTIONS=--config=remote-ci --config=remote --jobs= ``` By default the `--config=remote` implies [`--remote_download_toplevel`](https://docs.bazel.build/versions/master/command-line-reference.html#flag--remote_download_toplevel), change this to `minimal` or `all` depending on where you're running the container by adding them to `BAZEL_BUILD_EXTRA_OPTIONS`. ### Disk performance Docker for Mac/Windows is known to have disk performance issue, this makes formatting all files in the container very slow. [Update the mount consistency to 'delegated'](https://code.visualstudio.com/docs/remote/containers-advanced#_update-the-mount-consistency-to-delegated-for-macos) is recommended. ================================================ FILE: .devcontainer/devcontainer.json ================================================ { "name": "Envoy Dev", "dockerFile": "Dockerfile", "runArgs": [ "--user=vscode", "--cap-add=SYS_PTRACE", "--cap-add=NET_RAW", "--cap-add=NET_ADMIN", "--security-opt=seccomp=unconfined", "--volume=${env:HOME}:${env:HOME}", "--volume=envoy-build:/build", // Uncomment next line if you have devcontainer.env // "--env-file=.devcontainer/devcontainer.env" ], "settings": { "terminal.integrated.shell.linux": "/bin/bash", "bazel.buildifierFixOnFormat": true, "clangd.path": "/opt/llvm/bin/clangd", "python.pythonPath": "/usr/bin/python3", "python.formatting.provider": "yapf", "python.formatting.yapfArgs": [ "--style=${workspaceFolder}/tools/code_format/.style.yapf" ], "files.exclude": { "**/.clangd/**": true, "**/bazel-*/**": true }, "files.watcherExclude": { "**/.clangd/**": true, "**/bazel-*/**": true } }, "remoteUser": "vscode", "containerUser": "vscode", "postCreateCommand": ".devcontainer/setup.sh", "extensions": [ "github.vscode-pull-request-github", "zxh404.vscode-proto3", "bazelbuild.vscode-bazel", "llvm-vs-code-extensions.vscode-clangd", "vadimcn.vscode-lldb", "webfreak.debug", "ms-python.python" ] } ================================================ FILE: .devcontainer/setup.sh ================================================ #!/usr/bin/env bash . ci/setup_cache.sh trap - EXIT # Don't remove the key file written into a temporary file BAZELRC_FILE=~/.bazelrc bazel/setup_clang.sh /opt/llvm # Use generated toolchain config because we know the base container is the one we're using in RBE. # Not using libc++ here because clangd will raise some tidy issue in libc++ header as of version 9. echo "build --config=rbe-toolchain-clang" >> ~/.bazelrc echo "build ${BAZEL_BUILD_EXTRA_OPTIONS}" | tee -a ~/.bazelrc # Ideally we want this line so bazel doesn't pollute things outside of the devcontainer, but some of # API tooling (proto_sync) depends on symlink like bazel-bin. # TODO(lizan): Fix API tooling and enable this again #echo "build --symlink_prefix=/" >> ~/.bazelrc [[ -n "${BUILD_DIR}" ]] && sudo chown -R "$(id -u):$(id -g)" "${BUILD_DIR}" ================================================ FILE: .gitattributes ================================================ /docs/root/version_history/current.rst merge=union /api/envoy/**/v4alpha/* linguist-generated=true /generated_api_shadow/envoy/** linguist-generated=true /generated_api_shadow/bazel/** linguist-generated=true *.svg binary /test/**/*_corpus/* linguist-generated=true ================================================ FILE: .github/ISSUE_TEMPLATE/config.yml ================================================ blank_issues_enabled: false contact_links: - name: "Crash bug" url: https://github.com/envoyproxy/envoy/security/policy about: "Please file any crash bug with envoy-security@googlegroups.com." ================================================ FILE: .github/ISSUE_TEMPLATE/feature_request.md ================================================ --- name: Feature request about: Suggest an idea for this project title: '' labels: enhancement,triage assignees: '' --- *Title*: *One line description* *Description*: >Describe the the desired behavior, what scenario it enables and how it would be used. [optional *Relevant Links*:] >Any extra documentation required to understand the issue. ================================================ FILE: .github/ISSUE_TEMPLATE/non--crash-security--bug.md ================================================ --- name: Non-{crash,security} bug about: Bugs which are not crashes, DoS or other security issue title: '' labels: bug,triage assignees: '' --- **If you are reporting *any* crash or *any* potential security issue, *do not* open an issue in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately.** *Title*: *One line description* *Description*: >What issue is being seen? Describe what should be happening instead of the bug, for example: Envoy should not crash, the expected value isn't returned, etc. *Repro steps*: > Include sample requests, environment, etc. All data and inputs required to reproduce the bug. >**Note**: The [Envoy_collect tool](https://github.com/envoyproxy/envoy/blob/master/tools/envoy_collect/README.md) gathers a tarball with debug logs, config and the following admin endpoints: /stats, /clusters and /server_info. Please note if there are privacy concerns, sanitize the data prior to sharing the tarball/pasting. *Admin and Stats Output*: >Include the admin output for the following endpoints: /stats, /clusters, /routes, /server_info. For more information, refer to the [admin endpoint documentation.](https://www.envoyproxy.io/docs/envoy/latest/operations/admin) >**Note**: If there are privacy concerns, sanitize the data prior to sharing. *Config*: >Include the config used to configure Envoy. *Logs*: >Include the access logs and the Envoy logs. >**Note**: If there are privacy concerns, sanitize the data prior to sharing. *Call Stack*: > If the Envoy binary is crashing, a call stack is **required**. Please refer to the [Bazel Stack trace documentation](https://github.com/envoyproxy/envoy/tree/master/bazel#stack-trace-symbol-resolution). ================================================ FILE: .github/ISSUE_TEMPLATE/other.md ================================================ --- name: Other about: Questions, design proposals, tech debt, etc. title: '' labels: triage assignees: '' --- **If you are reporting *any* crash or *any* potential security issue, *do not* open an issue in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately.** *Title*: *One line description* *Description*: >Describe the issue. [optional *Relevant Links*:] >Any extra documentation required to understand the issue. ================================================ FILE: .github/stale.yml ================================================ # Configuration for probot-stale - https://github.com/probot/stale # General configuration # Label to use when marking as stale staleLabel: stale # Pull request specific configuration pulls: # Number of days of inactivity before an Issue or Pull Request becomes stale daysUntilStale: 7 # Number of days of inactivity before a stale Issue or Pull Request is closed. # Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale. daysUntilClose: 7 # Comment to post when marking as stale. Set to `false` to disable markComment: > This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! # Comment to post when closing a stale Issue or Pull Request. closeComment: > This pull request has been automatically closed because it has not had activity in the last 14 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! # Limit the number of actions per hour, from 1-30. Default is 30 limitPerRun: 1 exemptLabels: - no stalebot # Issue specific configuration issues: # TODO: Consider increasing the limitPerRun once we are satisfied with the bot's performance limitPerRun: 1 daysUntilStale: 30 daysUntilClose: 7 markComment: > This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions. closeComment: > This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted". Thank you for your contributions. exemptLabels: - help wanted - no stalebot ================================================ FILE: .github/workflows/codeql-daily.yml ================================================ on: schedule: - cron: '0 12 * * 4' jobs: CodeQL-Build: strategy: fail-fast: false # CodeQL runs on ubuntu-latest and windows-latest runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. fetch-depth: 2 # If this run was triggered by a pull request event, then checkout # the head of the pull request instead of the merge commit. - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v1 # Override language selection by uncommenting this and choosing your languages with: languages: cpp - name: Install deps shell: bash run: | sudo apt-get update && sudo apt-get install libtool cmake automake autoconf make ninja-build curl unzip virtualenv openjdk-11-jdk build-essential libc++1 mkdir -p bin/clang10 cd bin/clang10 wget https://github.com/llvm/llvm-project/releases/download/llvmorg-10.0.0/clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz tar -xf clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz --strip-components 1 export PATH=bin/clang10/bin:$PATH - name: Build run: | bazel/setup_clang.sh bin/clang10 bazelisk shutdown bazelisk build -c fastbuild --spawn_strategy=local --discard_analysis_cache --nouse_action_cache --config clang --config libc++ //source/common/http/... - name: Clean Artifacts run: | git clean -xdf - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 ================================================ FILE: .github/workflows/codeql-push.yml ================================================ on: push: paths: - 'source/common/**' pull_request: jobs: CodeQL-Build: strategy: fail-fast: false # CodeQL runs on ubuntu-latest and windows-latest runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. fetch-depth: 2 - name: Get build targets run: | . .github/workflows/get_build_targets.sh echo ::set-env name=BUILD_TARGETS::$(echo $BUILD_TARGETS_LOCAL) # If this run was triggered by a pull request event, then checkout # the head of the pull request instead of the merge commit. - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v1 # Override language selection by uncommenting this and choosing your languages with: languages: cpp - name: Install deps shell: bash run: | sudo apt-get update && sudo apt-get install libtool cmake automake autoconf make ninja-build curl unzip virtualenv openjdk-11-jdk build-essential libc++1 mkdir -p bin/clang10 cd bin/clang10 wget https://github.com/llvm/llvm-project/releases/download/llvmorg-10.0.0/clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz tar -xf clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz --strip-components 1 export PATH=bin/clang10/bin:$PATH - name: Build run: | bazel/setup_clang.sh bin/clang10 bazelisk shutdown bazelisk build -c fastbuild --spawn_strategy=local --discard_analysis_cache --nouse_action_cache --config clang --config libc++ $BUILD_TARGETS echo -e "Built targets...\n$BUILD_TARGETS" - name: Clean Artifacts run: | git clean -xdf - name: Perform CodeQL Analysis if: env.BUILD_TARGETS != '' uses: github/codeql-action/analyze@v1 ================================================ FILE: .github/workflows/get_build_targets.sh ================================================ #!/bin/bash # This limits the directory that bazel query is going to search under. readonly SEARCH_FOLDER="//source/common/..." set -e -o pipefail function get_targets() { # Comparing the PR HEAD with the upstream master HEAD. git diff --name-only HEAD FETCH_HEAD | while IFS= read -r line do # Only targets under those folders. case "$line" in source/*|include/*) bazel query "rdeps($SEARCH_FOLDER, $line, 1)" 2>/dev/null ;; esac # This chain of commands from left to right are: # 1. Excluding the redundant .cc/.h targets that bazel query emits. # 2. Storing only the unique output. # 3. Limiting to the first 10 targets. done | grep -v '\.cc\|\.h' | sort -u | head -n 10 } # Fetching the upstream HEAD to compare with and stored in FETCH_HEAD. git fetch https://github.com/envoyproxy/envoy.git master 2>/dev/null export BUILD_TARGETS_LOCAL=$(echo $(get_targets)) ================================================ FILE: .gitignore ================================================ /bazel-* BROWSE /build /build_* *.bzlc .cache .clangd .classpath .clwb/ /ci/bazel-* compile_commands.json cscope.* .deps .devcontainer.json /docs/landing_source/.bundle /generated .idea/ .project *.pyc **/pyformat SOURCE_VERSION .settings/ *.sw* tags TAGS /test/coverage/BUILD /tools/spelling/.aspell.en.pws .vimrc .vs .vscode clang-tidy-fixes.yaml .gdb_history clang.bazelrc user.bazelrc CMakeLists.txt cmake-build-debug /linux bazel.output.txt *~ ================================================ FILE: .zuul/playbooks/envoy-build/run.yaml ================================================ - hosts: all become: yes roles: - role: config-gcc gcc_version: 7 - role: config-bazel bazel_version: 0.28.1 tasks: - name: Build envoy shell: cmd: | apt update apt-get update apt-get install -y \ libtool \ cmake \ automake \ autoconf \ make \ ninja-build \ curl \ unzip \ virtualenv bazel build //source/exe:envoy-static | tee $LOGS_PATH//bazel.txt cp -r ./bazel-bin $RESULTS_PATH chdir: '{{ zuul.project.src_dir }}' executable: /bin/bash environment: '{{ global_env }}' ================================================ FILE: .zuul.yaml ================================================ - project: name: envoyproxy/envoy check: jobs: - envoy-build-arm64 - job: name: envoy-build-arm64 parent: init-test description: | Envoy build in openlab cluster. run: .zuul/playbooks/envoy-build/run.yaml nodeset: ubuntu-xenial-arm64 voting: false ================================================ FILE: BUILD ================================================ licenses(["notice"]) # Apache 2 exports_files([ "VERSION", ".clang-format", ]) # These two definitions exist to help reduce Envoy upstream core code depending on extensions. # To avoid visibility problems, see notes in source/extensions/extensions_build_config.bzl # # TODO(#9953) //test/config_test:__pkg__ should probably be split up and removed. # TODO(#9953) the config fuzz tests should be moved somewhere local and //test/config_test and //test/server removed. package_group( name = "extension_config", packages = [ "//source/exe", "//source/extensions/...", "//test/config_test", "//test/extensions/...", "//test/server", "//test/server/config_validation", ], ) package_group( name = "extension_library", packages = [ "//source/extensions/...", "//test/extensions/...", ], ) ================================================ FILE: CODEOWNERS ================================================ # TODO(zuercher): determine how we want to deal with auto-assignment # By default, @envoyproxy/maintainers own everything. #* @envoyproxy/maintainers # api /api/ @envoyproxy/api-shepherds # access loggers /*/extensions/access_loggers/common @auni53 @zuercher # compression extensions /*/extensions/compression/common/compressor @rojkov @junr03 /*/extensions/compression/gzip/compressor @rojkov @junr03 # csrf extension /*/extensions/filters/http/csrf @dschaller @mattklein123 # original_src http filter extension /*/extensions/filters/http/original_src @snowp @klarose # original_src listener filter extension /*/extensions/filters/listener/original_src @snowp @klarose # original_src common extension extensions/filters/common/original_src @snowp @klarose # dubbo_proxy extension /*/extensions/filters/network/dubbo_proxy @zyfjeff @lizan # rocketmq_proxy extension /*/extensions/filters/network/rocketmq_proxy @aaron-ai @lizhanhui @lizan # thrift_proxy extension /*/extensions/filters/network/thrift_proxy @zuercher @rgs1 # cdn_loop extension /*/extensions/filters/http/cdn_loop @justin-mp @penguingao @alyssawilk # compressor used by http compression filters /*/extensions/filters/http/common/compressor @gsagula @rojkov @dio /*/extensions/filters/http/compressor @rojkov @dio # jwt_authn http filter extension /*/extensions/filters/http/jwt_authn @qiwzhang @lizan # grpc_http1_reverse_bridge http filter extension /*/extensions/filters/http/grpc_http1_reverse_bridge @snowp @zuercher # header_to_metadata extension /*/extensions/filters/http/header_to_metadata @rgs1 @zuercher # alts transport socket extension /*/extensions/transport_sockets/alts @htuch @yangminzhu # tls transport socket extension /*/extensions/transport_sockets/tls @PiotrSikora @lizan # proxy protocol socket extension /*/extensions/transport_sockets/proxy_protocol @alyssawilk @wez470 # common transport socket /*/extensions/transport_sockets/common @alyssawilk @wez470 # sni_cluster extension /*/extensions/filters/network/sni_cluster @rshriram @lizan # sni_dynamic_forward_proxy extension /*/extensions/filters/network/sni_dynamic_forward_proxy @rshriram @lizan # tracers.datadog extension /*/extensions/tracers/datadog @cgilmour @palazzem @mattklein123 # tracers.xray extension /*/extensions/tracers/xray @marcomagdy @lavignes @mattklein123 # mysql_proxy extension /*/extensions/filters/network/mysql_proxy @rshriram @venilnoronha @mattklein123 # postgres_proxy extension /*/extensions/filters/network/postgres_proxy @fabriziomello @cpakulski @dio # quic extension /*/extensions/quic_listeners/ @alyssawilk @danzh2010 @mattklein123 @mpwarres @wu-bin # zookeeper_proxy extension /*/extensions/filters/network/zookeeper_proxy @rgs1 @snowp # redis cluster extension /*/extensions/clusters/redis @msukalski @henryyyang @mattklein123 /*/extensions/common/redis @msukalski @henryyyang @mattklein123 # dynamic forward proxy /*/extensions/clusters/dynamic_forward_proxy @mattklein123 @alyssawilk /*/extensions/common/dynamic_forward_proxy @mattklein123 @alyssawilk /*/extensions/filters/http/dynamic_forward_proxy @mattklein123 @alyssawilk # omit_canary_hosts retry predicate /*/extensions/retry/host/omit_canary_hosts @sriduth @snowp # HTTP caching extension /*/extensions/filters/http/cache @toddmgreer @jmarantz # aws_iam grpc credentials /*/extensions/grpc_credentials/aws_iam @lavignes @mattklein123 /*/extensions/common/aws @lavignes @mattklein123 # adaptive concurrency limit extension. /*/extensions/filters/http/adaptive_concurrency @tonya11en @mattklein123 # admission control extension. /*/extensions/filters/http/admission_control @tonya11en @mattklein123 # http inspector /*/extensions/filters/listener/http_inspector @yxue @PiotrSikora @lizan # attribute context /*/extensions/filters/common/expr @kyessenov @yangminzhu @lizan # webassembly access logger extensions /*/extensions/access_loggers/wasm @jplevyak @PiotrSikora @lizan # webassembly bootstrap extensions /*/extensions/bootstrap/wasm @jplevyak @PiotrSikora @lizan # webassembly http extensions /*/extensions/filters/http/wasm @jplevyak @PiotrSikora @lizan # webassembly network extensions /*/extensions/filters/network/wasm @jplevyak @PiotrSikora @lizan # webassembly common extension /*/extensions/common/wasm @jplevyak @PiotrSikora @lizan # common matcher /*/extensions/common/matcher @mattklein123 @yangminzhu # common crypto extension /*/extensions/common/crypto @lizan @PiotrSikora @bdecoste /*/extensions/common/proxy_protocol @alyssawilk @wez470 /*/extensions/common/sqlutils @cpakulski @dio /*/extensions/filters/http/grpc_http1_bridge @snowp @jose /*/extensions/filters/http/gzip @gsagula @dio /*/extensions/filters/http/fault @rshriram @alyssawilk /*/extensions/filters/common/fault @rshriram @alyssawilk /*/extensions/filters/http/grpc_json_transcoder @qiwzhang @lizan /*/extensions/filters/http/router @alyssawilk @mattklein123 @snowp /*/extensions/filters/http/ext_authz @gsagula @dio /*/extensions/filters/http/grpc_web @fengli79 @lizan /*/extensions/filters/http/grpc_stats @kyessenov @lizan /*/extensions/filters/http/squash @yuval-k @alyssawilk /*/extensions/filters/common/ext_authz @gsagula @dio /*/extensions/filters/common/original_src @klarose @snowp /*/extensions/filters/listener/tls_inspector @piotrsikora @htuch /*/extensions/grpc_credentials/example @wozz @htuch /*/extensions/grpc_credentials/file_based_metadata @wozz @htuch /*/extensions/internal_redirect @alyssawilk @penguingao /*/extensions/stat_sinks/dog_statsd @taiki45 @jmarantz /*/extensions/stat_sinks/hystrix @trabetti @jmarantz /*/extensions/stat_sinks/metrics_service @ramaraochavali @jmarantz # webassembly stat-sink extensions /*/extensions/stat_sinks/wasm @Aakash2017 @jplevyak @lizan /*/extensions/resource_monitors/injected_resource @eziskind @htuch /*/extensions/resource_monitors/common @eziskind @htuch /*/extensions/resource_monitors/fixed_heap @eziskind @htuch /*/extensions/retry/priority @snowp @alyssawilk /*/extensions/retry/priority/previous_priorities @snowp @alyssawilk /*/extensions/retry/host @snowp @alyssawilk /*/extensions/filters/network/http_connection_manager @alyssawilk @mattklein123 /*/extensions/filters/network/ext_authz @gsagula @dio /*/extensions/filters/network/tcp_proxy @alyssawilk @zuercher /*/extensions/filters/network/echo @htuch @alyssawilk /*/extensions/filters/udp/dns_filter @abaptiste @mattklein123 /*/extensions/filters/network/direct_response @kyessenov @zuercher /*/extensions/filters/udp/udp_proxy @mattklein123 @danzh2010 /*/extensions/clusters/aggregate @yxue @snowp # support for on-demand VHDS requests /*/extensions/filters/http/on_demand @dmitri-d @htuch @lambdai /*/extensions/filters/network/local_ratelimit @mattklein123 @junr03 /*/extensions/filters/http/aws_request_signing @rgs1 @derekargueta @mattklein123 @marcomagdy /*/extensions/filters/http/aws_lambda @mattklein123 @marcomagdy @lavignes # Compression /*/extensions/compression/common @junr03 @rojkov /*/extensions/compression/gzip @junr03 @rojkov /*/extensions/filters/http/decompressor @rojkov @dio # Watchdog Extensions /*/extensions/watchdog/profile_action @kbaichoo @antoniovicente /*/extensions/watchdog/abort_action @kbaichoo @antoniovicente # Core upstream code extensions/upstreams/http @alyssawilk @snowp @mattklein123 extensions/upstreams/http/http @alyssawilk @snowp @mattklein123 extensions/upstreams/http/tcp @alyssawilk @mattklein123 extensions/upstreams/http/default @alyssawilk @snowp @mattklein123 # OAuth2 extensions/filters/http/oauth2 @rgs1 @derekargueta @snowp # HTTP Local Rate Limit /*/extensions/filters/http/local_ratelimit @rgs1 @mattklein123 /*/extensions/filters/common/local_ratelimit @mattklein123 @rgs1 ================================================ FILE: CODE_OF_CONDUCT.md ================================================ ## Community Code of Conduct Envoy follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). ================================================ FILE: CONTRIBUTING.md ================================================ We welcome contributions from the community. Please read the following guidelines carefully to maximize the chances of your PR being merged. # Communication * Before starting work on a major feature, please reach out to us via GitHub, Slack, email, etc. We will make sure no one else is already working on it and ask you to open a GitHub issue. * A "major feature" is defined as any change that is > 100 LOC altered (not including tests), or changes any user-facing behavior. We will use the GitHub issue to discuss the feature and come to agreement. This is to prevent your time being wasted, as well as ours. The GitHub review process for major features is also important so that [organizations with commit access](OWNERS.md) can come to agreement on design. If it is appropriate to write a design document, the document must be hosted either in the GitHub tracking issue, or linked to from the issue and hosted in a world-readable location. * Specifically, if the goal is to add a new [extension](REPO_LAYOUT.md#sourceextensions-layout), please read the [extension policy](GOVERNANCE.md#extension-addition-policy). * Small patches and bug fixes don't need prior communication. # Coding style * See [STYLE.md](STYLE.md) # Inclusive language policy The Envoy community has an explicit goal to be inclusive to all. As such, all PRs must adhere to the following guidelines for all code, APIs, and documentation: * The following words and phrases are not allowed: * *Whitelist*: use allowlist instead. * *Blacklist*: use denylist or blocklist instead. * *Master*: use primary instead. * *Slave*: use secondary or replica instead. * Documentation should be written in an inclusive style. The [Google developer documentation](https://developers.google.com/style/inclusive-documentation) contains an excellent reference on this topic. * The above policy is not considered definitive and may be amended in the future as industry best practices evolve. Additional comments on this topic may be provided by maintainers during code review. # Breaking change policy Both API and implementation stability are important to Envoy. Since the API is consumed by clients beyond Envoy, it has a distinct set of [versioning guidelines](api/API_VERSIONING.md). Below, we articulate the Envoy implementation stability rules, which operate within the context of the API versioning guidelines: * Features may be marked as deprecated in a given versioned API at any point in time, but this may only be done when a replacement implementation and configuration path is available in Envoy on master. Deprecators must implement a conversion from the deprecated configuration to the latest `vNalpha` (with the deprecated field) that Envoy uses internally. A field may be deprecated if this tool would be able to perform the conversion. For example, removing a field to describe HTTP/2 window settings is valid if a more comprehensive HTTP/2 protocol options field is being introduced to replace it. The PR author deprecating the old configuration is responsible for updating all tests and canonical configuration, or guarding them with the `DEPRECATED_FEATURE_TEST()` macro. This will be validated by the `bazel.compile_time_options` target, which will hard-fail when deprecated configuration is used. The majority of tests and configuration for a feature should be expressed in terms of the latest Envoy internal configuration (i.e. `vNalpha`), only a minimal number of tests necessary to validate configuration translation should be guarded via the `DEPRECATED_FEATURE_TEST()` macro. * We will delete deprecated configuration across major API versions. E.g. a field marked deprecated in v2 will be removed in v3. * Unless the community and Envoy maintainer team agrees on an exception, during the first release cycle after a feature has been deprecated, use of that feature will cause a logged warning, and incrementing the [runtime](https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#statistics) `runtime.deprecated_feature_use` stat. During the second release cycle, use of the deprecated configuration will cause a configuration load failure, unless the feature in question is explicitly overridden in [runtime](https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features) config ([example](configs/using_deprecated_config.v2.yaml)). Finally, following the deprecation of the API major version where the field was first marked deprecated, the entire implementation code will be removed from the Envoy implementation. * This policy means that organizations deploying master should have some time to get ready for breaking changes at the next major API version. This is typically a window of at least 12 months or until the organization moves to the next major API version. * The breaking change policy also applies to source level extensions (e.g., filters). Code that conforms to the public interface documentation should continue to compile and work within the deprecation window. Within this window, a warning of deprecation should be carefully logged (some features might need rate limiting for logging this). We make no guarantees about code or deployments that rely on undocumented behavior. * All deprecations/breaking changes will be clearly listed in the [version history](docs/root/version_history/). * High risk deprecations/breaking changes may be announced to the [envoy-announce](https://groups.google.com/forum/#!forum/envoy-announce) email list but by default it is expected the multi-phase warn-by-default/fail-by-default is sufficient to warn users to move away from deprecated features. # Submitting a PR * Fork the repo. * In your local repo, install the git hooks that implement various important pre-commit and pre-push checks: ``` ./support/bootstrap ``` Please see [support/README.md](support/README.md) for more information on these hooks. * Create your PR. * Tests will automatically run for you. * We will **not** merge any PR that is not passing tests. * PRs are expected to have 100% test coverage for added code. This can be verified with a coverage build. If your PR cannot have 100% coverage for some reason please clearly explain why when you open it. * Any PR that changes user-facing behavior **must** have associated documentation in [docs](docs) as well as [release notes](docs/root/version_history/current.rst). API changes should be documented inline with protos as per the [API contribution guidelines](api/CONTRIBUTING.md). If a change applies to multiple sections of the release notes, it should be noted in the first (most important) section that applies. For instance, a bug fix that introduces incompatible behavior should be noted in `Incompatible Behavior Changes` but not in `Bug Fixes`. * All code comments and documentation are expected to have proper English grammar and punctuation. If you are not a fluent English speaker (or a bad writer ;-)) please let us know and we will try to find some help but there are no guarantees. * Your PR title should be descriptive, and generally start with a subsystem name followed by a colon. Examples: * "docs: fix grammar error" * "http conn man: add new feature" * Your PR commit message will be used as the commit message when your PR is merged. You should update this field if your PR diverges during review. * Your PR description should have details on what the PR does. If it fixes an existing issue it should end with "Fixes #XXX". * If your PR is co-authored or based on an earlier PR from another contributor, please attribute them with `Co-authored-by: name `. See GitHub's [multiple author guidance](https://help.github.com/en/github/committing-changes-to-your-project/creating-a-commit-with-multiple-authors) for further details. * When all of the tests are passing and all other conditions described herein are satisfied, a maintainer will be assigned to review and merge the PR. * Once you submit a PR, *please do not rebase it*. It's much easier to review if subsequent commits are new commits and/or merges. We squash rebase the final merged commit so the number of commits you have in the PR don't matter. * We expect that once a PR is opened, it will be actively worked on until it is merged or closed. We reserve the right to close PRs that are not making progress. This is generally defined as no changes for 7 days. Obviously PRs that are closed due to lack of activity can be reopened later. Closing stale PRs helps us to keep on top of all of the work currently in flight. * If a commit deprecates a feature, the commit message must mention what has been deprecated. Additionally, the [version history](docs/root/version_history/current.rst) must be updated with relevant RST links for fields and messages as part of the commit. * Please consider joining the [envoy-dev](https://groups.google.com/forum/#!forum/envoy-dev) mailing list. * If your PR involves any changes to [envoy-filter-example](https://github.com/envoyproxy/envoy-filter-example) (for example making a new branch so that CI can pass) it is your responsibility to follow through with merging those changes back to master once the CI dance is done. * If your PR is a high risk change, the reviewer may ask that you runtime guard it. See the section on runtime guarding below. # Runtime guarding Some changes in Envoy are deemed worthy of runtime guarding. Instead of just replacing old code with new code, both code paths are supported for between one Envoy release (if it is guarded due to performance concerns) and a full deprecation cycle (if it is a high risk behavioral change). Generally as a community we try to guard both high risk changes (major refactors such as replacing Envoy's buffer implementation) and most user-visible non-config-guarded changes to protocol processing (for example additions or changes to HTTP headers or how HTTP is serialized out) for non-alpha features. Feel free to tag @envoyproxy/maintainers if you aren't sure if a given change merits runtime guarding. The canonical way to runtime guard a feature is ``` if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.my_feature_name")) { [new code path] } else { [old_code_path] } ``` Runtime guarded features named with the "envoy.reloadable_features." prefix must be safe to flip true or false on running Envoy instances. In some situations it may make more sense to latch the value in a member variable on class creation, for example: ``` bool use_new_code_path_ = Runtime::runtimeFeatureEnabled("envoy.reloadable_features.my_feature_name") ``` This should only be done if the lifetime of the object in question is relatively short compared to the lifetime of most Envoy instances, i.e. latching state on creation of the Http::ConnectionManagerImpl or all Network::ConnectionImpl classes, to ensure that the new behavior will be exercised as the runtime value is flipped, and that the old behavior will trail off over time. Runtime guarded features may either set true (running the new code by default) in the initial PR, after a testing interval, or during the next release cycle, at the PR author's and reviewing maintainer's discretion. Generally all runtime guarded features will be set true when a release is cut. Old code paths for refactors can be cleaned up after a release and there has been some production run time. Old code for behavioral changes will be deprecated after six months. Runtime features are set true by default by inclusion in [source/common/runtime/runtime_features.cc](https://github.com/envoyproxy/envoy/blob/master/source/common/runtime/runtime_features.cc) There are four suggested options for testing new runtime features: 1. Create a per-test Runtime::LoaderSingleton as done in [DeprecatedFieldsTest.IndividualFieldDisallowedWithRuntimeOverride](https://github.com/envoyproxy/envoy/blob/master/test/common/protobuf/utility_test.cc) 2. Create a [parameterized test](https://github.com/google/googletest/blob/master/googletest/docs/advanced.md#how-to-write-value-parameterized-tests) where the set up of the test sets the new runtime value explicitly to GetParam() as outlined in (1). 3. Set up integration tests with custom runtime defaults as documented in the [integration test README](https://github.com/envoyproxy/envoy/blob/master/test/integration/README.md) 4. Run a given unit test with the new runtime value explicitly set true or false as done for [runtime_flag_override_test](https://github.com/envoyproxy/envoy/blob/master/test/common/runtime/BUILD) Runtime code is held to the same standard as regular Envoy code, so both the old path and the new should have 100% coverage both with the feature defaulting true and false. # PR review policy for maintainers * Typically we try to turn around reviews within one business day. * See [OWNERS.md](OWNERS.md) for the current list of maintainers. * It is generally expected that a senior maintainer should review every PR. * It is also generally expected that a "domain expert" for the code the PR touches should review the PR. This person does not necessarily need to have commit access. * The previous two points generally mean that every PR should have two approvals. (Exceptions can be made by the senior maintainers). * The above rules may be waived for PRs which only update docs or comments, or trivial changes to tests and tools (where trivial is decided by the maintainer in question). * In general, we should also attempt to make sure that at least one of the approvals is *from an organization different from the PR author.* E.g., if Lyft authors a PR, at least one approver should be from an organization other than Lyft. This helps us make sure that we aren't putting organization specific shortcuts into the code. * If there is a question on who should review a PR please discuss in Slack. * Anyone is welcome to review any PR that they want, whether they are a maintainer or not. * Please make sure that the PR title, commit message, and description are updated if the PR changes significantly during review. * Please **clean up the title and body** before merging. By default, GitHub fills the squash merge title with the original title, and the commit body with every individual commit from the PR. The maintainer doing the merge should make sure the title follows the guidelines above and should overwrite the body with the original commit message from the PR (cleaning it up if necessary) while preserving the PR author's final DCO sign-off. * If a PR includes a deprecation/breaking change, notification should be sent to the [envoy-announce](https://groups.google.com/forum/#!forum/envoy-announce) email list. # Adding new extensions For developers adding a new extension, one can take an existing extension as the starting point. Extension configuration should be located in a directory structure like `api/envoy/extensions/area/plugin/`, for example `api/envoy/extensions/access_loggers/file/` The code for the extension should be located under the equivalent `source/extensions/area/plugin`, and include an *envoy_cc_extension* with the configuration and tagged with the appropriate security posture, and an *envoy_cc_library* with the code. More details on how to add a new extension API can be found [here](api/STYLE.md#adding-an-extension-configuration-to-the-api): Other changes will likely include * Editing [source/extensions/extensions_build_config.bzl](source/extensions/extensions_build_config.bzl) to include the new extensions * Editing [docs/root/api-v3/config/config.rst](docs/root/api-v3/config/config.rst) to add area/area * Adding `docs/root/api-v3/config/area/area.rst` to add a table of contents for the API docs * Adding `source/extensions/area/well_known_names.h` for registered plugins # DCO: Sign your work Envoy ships commit hooks that allow you to auto-generate the DCO signoff line if it doesn't exist when you run `git commit`. Simply navigate to the Envoy project root and run: ```bash ./support/bootstrap ``` From here, simply commit as normal, and you will see the signoff at the bottom of each commit. The sign-off is a simple line at the end of the explanation for the patch, which certifies that you wrote it or otherwise have the right to pass it on as an open-source patch. The rules are pretty simple: if you can certify the below (from [developercertificate.org](https://developercertificate.org/)): ``` Developer Certificate of Origin Version 1.1 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 660 York Street, Suite 102, San Francisco, CA 94110 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Developer's Certificate of Origin 1.1 By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. ``` then you just add a line to every git commit message: Signed-off-by: Joe Smith using your real name (sorry, no pseudonyms or anonymous contributions.) You can add the sign off when creating the git commit via `git commit -s`. If you want this to be automatic you can set up some aliases: ```bash git config --add alias.amend "commit -s --amend" git config --add alias.c "commit -s" ``` ## Fixing DCO If your PR fails the DCO check, it's necessary to fix the entire commit history in the PR. Best practice is to [squash](https://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html) the commit history to a single commit, append the DCO sign-off as described above, and [force push](https://git-scm.com/docs/git-push#git-push---force). For example, if you have 2 commits in your history: ```bash git rebase -i HEAD^^ (interactive squash + DCO append) git push origin -f ``` Note, that in general rewriting history in this way is a hindrance to the review process and this should only be done to correct a DCO mistake. ## Triggering CI re-run without making changes To rerun failed tasks in Circle-CI, add a comment with the line ``` /retest-circle ``` in it. This should rebuild only the failed tasks. To rerun failed tasks in Azure pipelines, add a comment with the line ``` /retest ``` in it. This should rebuild only the failed tasks. Sometimes tasks will be stuck in CI and won't be marked as failed, which means the above command won't work. Should this happen, pushing an empty commit should re-run all the CI tasks. Consider adding an alias into your `.gitconfig` file: ``` [alias] kick-ci = !"git commit -s --allow-empty -m 'Kick CI' && git push" ``` Once you add this alias you can issue the command `git kick-ci` and the PR will be sent back for a retest. ================================================ FILE: DCO ================================================ Developer Certificate of Origin Version 1.1 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 1 Letterman Drive Suite D4700 San Francisco, CA, 94129 Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Developer's Certificate of Origin 1.1 By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. ================================================ FILE: DEPENDENCY_POLICY.md ================================================ # Envoy External Dependency Policy Envoy has an evolving policy on external dependencies, tracked at https://github.com/envoyproxy/envoy/issues/10471. This will become stricter over time, below we detail the policy as it currently applies. ## External dependencies dashboard The list of external dependencies in Envoy with their current version is available at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/external_deps ## Declaring external dependencies In general, all external dependencies for the Envoy proxy binary build and test should be declared in either [bazel/repository_locations.bzl](bazel/repository_locations.bzl) or [api/bazel/repository_locations.bzl](api/bazel/repository_locations.bzl), unless listed under [policy exceptions](#policy-exceptions). An example entry for the `nghttp2` dependency is: ```python com_github_nghttp2_nghttp2 = dict( project_name = "Nghttp2", project_desc = "Implementation of HTTP/2 and its header compression ...", project_url = "https://nghttp2.org", version = "1.41.0", sha256 = "eacc6f0f8543583ecd659faf0a3f906ed03826f1d4157b536b4b385fe47c5bb8", strip_prefix = "nghttp2-{version}", urls = ["https://github.com/nghttp2/nghttp2/releases/download/v{version}/nghttp2-{version}.tar.gz"], use_category = ["dataplane"], last_updated = "2020-06-02", cpe = "cpe:2.3:a:nghttp2:nghttp2:*", ), ``` Dependency declarations must: * Provide a meaningful project name and URL. * State the version in the `version` field. String interpolation should be used in `strip_prefix` and `urls` to reference the version. If you need to reference version `X.Y.Z` as `X_Y_Z`, this may appear in a string as `{underscore_version}`, similarly for `X-Y-Z` you can use `{dash_version}`. * Versions should prefer release versions over master branch GitHub SHA tarballs. A comment is necessary if the latter is used. This comment should contain the reason that a non-release version is being used. * Provide accurate entries for `use_category`. Please think carefully about whether there are data or control plane implications of the dependency. * Reflect the date (YYYY-MM-DD) at which they were last updated in the `last_updated` field. This date is preferably the date at which the PR is created. * CPEs are compulsory for all dependencies that are not purely build/test. [CPEs](https://en.wikipedia.org/wiki/Common_Platform_Enumeration) provide metadata that allow us to correlate with related CVEs in dashboards and other tooling, and also provide a machine consumable join key. You can consult the latest [CPE dictionary](https://nvd.nist.gov/products/cpe) to find a CPE for a dependency.`"N/A"` should only be used if no CPE for the project is available in the CPE database. CPEs should be _versionless_ with a `:*` suffix, since the version can be computed from `version`. When build or test code references Python modules, they should be imported via `pip3_import` in [bazel/repositories_extra.bzl](bazel/repositories_extra.bzl). Python modules should not be listed in `repository_locations.bzl` entries. `requirements.txt` files for Python dependencies must pin to exact versions, e.g. `PyYAML==5.3.1` and ideally also include a [SHA256 checksum](https://davidwalsh.name/hashin). Pure developer tooling and documentation builds may reference Python via standalone `requirements.txt`, following the above policy. ## New external dependencies * Any new dependency on the Envoy data or control plane that impacts Envoy core (i.e. is not specific to a single non-core extension) must be cleared with the Envoy security team, please file an issue and tag [@envoyproxy/security-team](https://github.com/orgs/envoyproxy/teams/security-team). While policy is still [evolving](robust_to_untrusted_downstream_and_upstream), criteria that will be used in evaluation include: * Does the project have release versions? How often do releases happen? * Does the project have a security vulnerability disclosure process and contact details? * Does the project have effective governance, e.g. multiple maintainers, a governance policy? * Does the project have a code review culture? Are patches reviewed by independent maintainers prior to merge? * Does the project enable mandatory GitHub 2FA for contributors? * Does the project have evidence of high test coverage, fuzzing, static analysis (e.g. CodeQL), etc.? * Dependencies for extensions that are tagged as `robust_to_untrusted_downstream` or `robust_to_untrusted_downstream_and_upstream` should be sensitive to the same set of concerns as the core data plane. ## Maintaining existing dependencies We rely on community volunteers to help track the latest versions of dependencies. On a best effort basis: * Core Envoy dependencies will be updated by the Envoy maintainers/security team. * Extension [CODEOWNERS](CODEOWNERS) should update extension specific dependencies. Where possible, we prefer the latest release version for external dependencies, rather than master branch GitHub SHA tarballs. ## Dependency patches Occasionally it is necessary to introduce an Envoy-side patch to a dependency in a `.patch` file. These are typically applied in [bazel/repositories.bzl](bazel/repositories.bzl). Our policy on this is as follows: * Patch files impede dependency updates. They are expedient at creation time but are a maintenance penalty. They reduce the velocity and increase the effort of upgrades in response to security vulnerabilities in external dependencies. * No patch will be accepted without a sincere and sustained effort to upstream the patch to the dependency's canonical repository. * There should exist a plan-of-record, filed as an issue in Envoy or the upstream GitHub tracking elimination of the patch. * Every patch must have comments at its point-of-use in [bazel/repositories.bzl](bazel/repositories.bzl) providing a rationale and detailing the tracking issue. ## Policy exceptions The following dependencies are exempt from the policy: * Any developer-only facing tooling or the documentation build. * Transitive build time dependencies, e.g. Go projects vendored into [protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate). ================================================ FILE: DEPRECATED.md ================================================ # DEPRECATED The [deprecated log](https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history) for each version can be found in the official Envoy developer documentation. ================================================ FILE: DEVELOPER.md ================================================ # Developer documentation Envoy is built using the Bazel build system. CircleCI builds, tests, and runs coverage against all pull requests and the master branch. To get started building Envoy locally, see the [Bazel quick start](https://github.com/envoyproxy/envoy/blob/master/bazel/README.md#quick-start-bazel-build-for-developers). To run tests, there are Bazel [targets](https://github.com/envoyproxy/envoy/blob/master/bazel/README.md#testing-envoy-with-bazel) for Google Test. To generate a coverage report, there is a [coverage build script](https://github.com/envoyproxy/envoy/blob/master/bazel/README.md#coverage-builds). If you plan to contribute to Envoy, you may find it useful to install the Envoy [development support toolchain](https://github.com/envoyproxy/envoy/blob/master/support/README.md), which helps automate parts of the development process, particularly those involving code review. Below is a list of additional documentation to aid the development process: - [General build and installation documentation](https://www.envoyproxy.io/docs/envoy/latest/install/install) - [Building and testing Envoy with Bazel](https://github.com/envoyproxy/envoy/blob/master/bazel/README.md) - [Managing external dependencies with Bazel](https://github.com/envoyproxy/envoy/blob/master/bazel/EXTERNAL_DEPS.md) - [Guide to Envoy Bazel rules (managing `BUILD` files)](https://github.com/envoyproxy/envoy/blob/master/bazel/DEVELOPER.md) - [Using Docker for building and testing](https://github.com/envoyproxy/envoy/tree/master/ci) - [Guide to contributing to Envoy](https://github.com/envoyproxy/envoy/blob/master/CONTRIBUTING.md) - [Overview of Envoy's testing frameworks](https://github.com/envoyproxy/envoy/blob/master/test/README.md) - [Overview of how to write integration tests for new code](https://github.com/envoyproxy/envoy/blob/master/test/integration/README.md) - [Envoy filter example project (how to consume and extend Envoy as a submodule)](https://github.com/envoyproxy/envoy-filter-example) - [Performance testing Envoy with `tcmalloc`/`pprof`](https://github.com/envoyproxy/envoy/blob/master/bazel/PPROF.md) And some documents on components of Envoy architecture: - [Envoy flow control](https://github.com/envoyproxy/envoy/blob/master/source/docs/flow_control.md) - [Envoy's subset load balancer](https://github.com/envoyproxy/envoy/blob/master/source/docs/subset_load_balancer.md) ================================================ FILE: EXTENSION_POLICY.md ================================================ # Envoy Extension Policy ## Quality requirements All extensions contained in the main Envoy repository will be held to the same quality bar as the core Envoy code. This includes coding style, code reviews, test coverage, etc. In the future we may consider creating a sandbox repository for extensions that are not compiled/tested by default and held to a lower quality standard, but that is out of scope currently. ## Adding new extensions The following procedure will be used when proposing new extensions for inclusion in the repository: 1. A GitHub issue should be opened describing the proposed extension as with any major feature proposal. 2. All extensions must be sponsored by an existing maintainer. Sponsorship means that the maintainer will shepherd the extension through design/code reviews. Maintainers can self-sponsor extensions if they are going to write them, shepherd them, and maintain them. Sponsorship serves two purposes: * It ensures that the extension will ultimately meet the Envoy quality bar. * It makes sure that incentives are aligned and that extensions are not added to the repo without sufficient thought put into future maintenance. *If sponsorship cannot be found from an existing maintainer, an organization can consider [doing the work to become a maintainer](./GOVERNANCE.md#process-for-becoming-a-maintainer) in order to be able to self-sponsor extensions.* 3. Each extension must have two reviewers proposed for reviewing PRs to the extension. Neither of the reviewers must be a senior maintainer. Existing maintainers (including the sponsor) and other contributors can count towards this number. The initial reviewers will be codified in the [CODEOWNERS](./CODEOWNERS) file for long term maintenance. These reviewers can be swapped out as needed. 4. Any extension added via this process becomes a full part of the repository. This means that any API breaking changes in the core code will be automatically fixed as part of the normal PR process by other contributors. 5. Any new dependencies added for this extension must comply with [DEPENDENCY_POLICY.md](DEPENDENCY_POLICY.md), please follow the steps detailed there. ## Removing existing extensions As stated in the previous section, once an extension becomes part of the repository it will be maintained by the collective set of Envoy contributors as needed. However, if an extension has known issues that are not being rectified by the original sponsor and reviewers or new contributors that are willing to step into the role of extension owner, a [vote of the maintainers](./GOVERNANCE.md#conflict-resolution-and-voting) can be called to remove the extension from the repository. ## Extension pull request reviews Extension PRs must not modify core Envoy code. In the event that an extension requires changes to core Envoy code, those changes should be submitted as a separate PR and will undergo the normal code review process, as documented in the [contributor's guide](./CONTRIBUTING.md). Extension PRs must be approved by at least one sponsoring maintainer and an extension reviewer. These may be a single individual, but it is always preferred to have multiple reviewers when feasible. In the event that the Extension PR author is a sponsoring maintainer and no other sponsoring maintainer is available, another maintainer may be enlisted to perform a minimal review for style and common C++ anti-patterns. The Extension PR must still be approved by a non-maintainer reviewer. ## Extension stability and security posture Every extension is expected to be tagged with a `status` and `security_posture` in its `envoy_cc_extension` rule. The `status` is one of: * `stable`: The extension is stable and is expected to be production usable. This is the default if no `status` is specified. * `alpha`: The extension is functional but has not had substantial production burn time, use only with this caveat. * `wip`: The extension is work-in-progress. Functionality is incomplete and it is not intended for production use. The extension status may be adjusted by the extension [CODEOWNERS](./CODEOWNERS) and/or Envoy maintainers based on an assessment of the above criteria. Note that the status of the extension reflects the implementation status. It is orthogonal to the API stability, for example, an extension with configuration `envoy.foo.v3alpha.Bar` might have a `stable` implementation and `envoy.foo.v3.Baz` can have a `wip` implementation. The `security_posture` is one of: * `robust_to_untrusted_downstream`: The extension is hardened against untrusted downstream traffic. It assumes that the upstream is trusted. * `robust_to_untrusted_downstream_and_upstream`: The extension is hardened against both untrusted downstream and upstream traffic. * `requires_trusted_downstream_and_upstream`: The extension is not hardened and should only be used in deployments where both the downstream and upstream are trusted. * `unknown`: This is functionally equivalent to `requires_trusted_downstream_and_upstream`, but acts as a placeholder to allow us to identify extensions that need classifying. * `data_plane_agnostic`: Not relevant to data plane threats, e.g. stats sinks. An assessment of a robust security posture for an extension is subject to the following guidelines: * Does the extension have fuzz coverage? If it's only receiving fuzzing courtesy of the generic listener/network/HTTP filter fuzzers, does it have a dedicated fuzzer for any parts of the code that would benefit? * Does the extension have unbounded internal buffering? Does it participate in flow control via watermarking as needed? * Does the extension have at least one deployment with live untrusted traffic for a period of time, N months? * Does the extension rely on dependencies that meet our [extension maturity model](https://github.com/envoyproxy/envoy/issues/10471)? * Is the extension reasonable to audit by Envoy security team? * Is the extension free of obvious scary things, e.g. `memcpy`, does it have gnarly parsing code, etc? * Does the extension have active [CODEOWNERS](CODEOWNERS) who are willing to vouch for the robustness of the extension? * Is the extension absent a [low coverage exception](https://github.com/envoyproxy/envoy/blob/master/test/per_file_coverage.sh#L5)? The current stability and security posture of all extensions can be seen [here](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions). ================================================ FILE: GOVERNANCE.md ================================================ # Process for becoming a maintainer ## Your organization is not yet a maintainer * Express interest to the senior maintainers that your organization is interested in becoming a maintainer. Becoming a maintainer generally means that you are going to be spending substantial time (>25%) on Envoy for the foreseeable future. You should have domain expertise and be extremely proficient in C++. Ultimately your goal is to become a senior maintainer that will represent your organization. * We will expect you to start contributing increasingly complicated PRs, under the guidance of the existing senior maintainers. * We may ask you to do some PRs from our backlog. * As you gain experience with the code base and our standards, we will ask you to do code reviews for incoming PRs (i.e., all maintainers are expected to shoulder a proportional share of community reviews). * After a period of approximately 2-3 months of working together and making sure we see eye to eye, the existing senior maintainers will confer and decide whether to grant maintainer status or not. We make no guarantees on the length of time this will take, but 2-3 months is the approximate goal. ## Your organization is currently a maintainer * First decide whether your organization really needs more people with maintainer access. Valid reasons are "blast radius", a large organization that is working on multiple unrelated projects, etc. * Contact a senior maintainer for your organization and express interest. * Start doing PRs and code reviews under the guidance of your senior maintainer. * After a period of 1-2 months the existing senior maintainers will discuss granting "standard" maintainer access. * "Standard" maintainer access can be upgraded to "senior" maintainer access after another 1-2 months of work and another conference of the existing senior committers. ## Maintainer responsibilities * Monitor email aliases. * Monitor Slack (delayed response is perfectly acceptable). * Triage GitHub issues and perform pull request reviews for other maintainers and the community. The areas of specialization listed in [OWNERS.md](OWNERS.md) can be used to help with routing an issue/question to the right person. * Triage build issues - file issues for known flaky builds or bugs, and either fix or find someone to fix any master build breakages. * During GitHub issue triage, apply all applicable [labels](https://github.com/envoyproxy/envoy/labels) to each new issue. Labels are extremely useful for future issue follow up. Which labels to apply is somewhat subjective so just use your best judgment. A few of the most important labels that are not self explanatory are: * **beginner**: Mark any issue that can reasonably be accomplished by a new contributor with this label. * **help wanted**: Unless it is immediately obvious that someone is going to work on an issue (and if so assign it), mark it help wanted. * **question**: If it's unclear if an issue is immediately actionable, mark it with the question label. Questions are easy to search for and close out at a later time. Questions can be promoted to other issue types once it's clear they are actionable (at which point the question label should be removed). * Make sure that ongoing PRs are moving forward at the right pace or closing them. * Participate when called upon in the [security release process](SECURITY.md). Note that although this should be a rare occurrence, if a serious vulnerability is found, the process may take up to several full days of work to implement. This reality should be taken into account when discussing time commitment obligations with employers. * In general continue to be willing to spend at least 25% of ones time working on Envoy (~1.25 business days per week). * We currently maintain an "on-call" rotation within the maintainers. Each on-call is 1 week. Although all maintainers are welcome to perform all of the above tasks, it is the on-call maintainer's responsibility to triage incoming issues/questions and marshal ongoing work forward. To reiterate, it is *not* the responsibility of the on-call maintainer to answer all questions and do all reviews, but it is their responsibility to make sure that everything is being actively covered by someone. * The on-call rotation is tracked at Opsgenie. The calendar is visible [here](https://calendar.google.com/calendar/embed?src=d6glc0l5rc3v235q9l2j29dgovh3dn48%40import.calendar.google.com&ctz=America%2FNew_York) or you can subscribe to the iCal feed [here](webcal://kubernetes.app.opsgenie.com/webapi/webcal/getRecentSchedule?webcalToken=39dd1a892faa8d0d689f889b9d09ae787355ddff894396546726a5a02bac5b26&scheduleId=a3505963-c064-4c97-8865-947dfcb06060) ## Cutting a release * We do releases every 3 months, at the end of each quarter, as described in the [release schedule](RELEASES.md#release-schedule). * Take a look at open issues tagged with the current release, by [searching](https://github.com/envoyproxy/envoy/issues) for "is:open is:issue milestone:[current milestone]" and either hold off until they are fixed or bump them to the next milestone. * Begin marshalling the ongoing PR flow in this repo. Ask maintainers to hold off merging any particularly risky PRs until after the release is tagged. This is because we aim for master to be at release candidate quality at all times. * Do a final check of the [release notes](docs/root/version_history/current.rst): * Make any needed corrections (grammar, punctuation, formatting, etc.). * Check to see if any security/stable version release notes are duplicated in the major version release notes. These should not be duplicated. * If the "Deprecated" section is empty, delete it. * Remove the "Pending" tags and add dates to the top of the [release notes for this version](docs/root/version_history/current.rst). * Switch the [VERSION](VERSION) from a "dev" variant to a final variant. E.g., "1.6.0-dev" to "1.6.0". * Update the [RELEASES](RELEASES.md) doc with the relevant dates. * Get a review and merge. * Wait for tests to pass on [master](https://dev.azure.com/cncf/envoy/_build). * Create a [tagged release](https://github.com/envoyproxy/envoy/releases). The release should start with "v" and be followed by the version number. E.g., "v1.6.0". **This must match the [VERSION](VERSION).** * From the envoy [landing page](https://github.com/envoyproxy/envoy) use the branch drop-down to create a branch from the tagged release, e.g. "release/v1.6". It will be used for the [stable releases](RELEASES.md#stable-releases). * Monitor the AZP tag build to make sure that the final docker images get pushed along with the final docs. The final documentation will end up in the [envoyproxy.github.io repository](https://github.com/envoyproxy/envoyproxy.github.io/tree/master/docs/envoy). * Update the website ([example PR](https://github.com/envoyproxy/envoyproxy.github.io/pull/148)) for the new release. * Craft a witty/uplifting email and send it to all the email aliases including envoy-announce@. * Make sure we tweet the new release: either have Matt do it or email social@cncf.io and ask them to do an Envoy account post. * Do a new PR to setup the next version * Update [VERSION](VERSION) to the next development release. E.g., "1.7.0-dev". * `git mv docs/root/version_history/current.rst docs/root/version_history/v1.6.0.rst`, filling in the previous release version number in the filename, and add an entry for the new file in the `toctree` in [version_history.rst](docs/root/version_history/version_history.rst). * Create a new "current" version history file at the [release notes](docs/root/version_history/current.rst) for the following version. E.g., "1.7.0 (pending)". Use this text as the template for the new file: ``` 1.7.0 (Pending) =============== Incompatible Behavior Changes ----------------------------- *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* Minor Behavior Changes ---------------------- *Changes that may cause incompatibilities for some users, but should not for most* Bug Fixes --------- *Changes expected to improve the state of the world and are unlikely to have negative effects* Removed Config or Runtime ------------------------- *Normally occurs at the end of the* :ref:`deprecation period ` New Features ------------ Deprecated ---------- ``` * Run the deprecate_versions.py script (e.g. `sh tools/deprecate_version/deprecate_version.sh`) to file tracking issues for runtime guarded code which can be removed. * Check source/common/runtime/runtime_features.cc and see if any runtime guards in disabled_runtime_features should be reassessed, and ping on the relevant issues. ## When does a maintainer lose maintainer status If a maintainer is no longer interested or cannot perform the maintainer duties listed above, they should volunteer to be moved to emeritus status. In extreme cases this can also occur by a vote of the maintainers per the voting process below. # xDS API shepherds The [xDS API shepherds](https://github.com/orgs/envoyproxy/teams/api-shepherds) are responsible for approving any PR that modifies the [api/](api/) tree. They ensure that API [style](api/STYLE.md) and [versioning](api/API_VERSIONING.md) policies are enforced and that a consistent approach is taken towards API evolution. The xDS API shepherds are also the xDS API maintainers; they work collaboratively with the community to drive the xDS API roadmap and review major proposed design changes. The API shepherds are intended to be representative of xDS client and control plane developers who are actively working on xDS development and evolution. As with maintainers, an API shepherd should be spending at least 25% of their time working on xDS developments and expect to be active in this space in the near future. API shepherds are expected to take on API shepherd review load and participate in meetings. They should be active on Slack `#xds` and responsive to GitHub issues and PRs on which they are tagged. The API shepherds are distinct to the [UDPA working group](https://github.com/cncf/udpa/blob/master/README.md), which aims to evolve xDS directionally towards a universal dataplane API. API shepherds are responsible for the execution of the xDS day-to-day and guiding xDS implementation changes. Proposals from UDPA-WG will be aligned with the xDS API shepherds to ensure that xDS is heading towards the UDPA goal. xDS API shepherds operate under the [envoyproxy](https://github.com/envoyproxy) organization but are expected to keep in mind the needs of all xDS clients (currently Envoy and gRPC, but we are aware of other in-house implementations) and the goals of UDPA-WG. If you wish to become an API shepherd and satisfy the above criteria, please contact an existing API shepherd. We will factor in PR and review history to determine if the above API shepherd requirements are met. We may ask you to shadow an existing API shepherd for a period of time to build confidence in consistent application of the API guidelines to PRs. # Extension addition policy Adding new [extensions](REPO_LAYOUT.md#sourceextensions-layout) has a dedicated policy. Please see [this](./EXTENSION_POLICY.md) document for more information. # External dependency policy Adding new external dependencies has a dedicated policy. Please see [this](DEPENDENCY_POLICY.md) document for more information. # Conflict resolution and voting In general, we prefer that technical issues and maintainer membership are amicably worked out between the persons involved. If a dispute cannot be decided independently, the maintainers can be called in to decide an issue. If the maintainers themselves cannot decide an issue, the issue will be resolved by voting. The voting process is a simple majority in which each senior maintainer receives two votes and each normal maintainer receives one vote. # Adding new projects to the envoyproxy GitHub organization New projects will be added to the envoyproxy organization via GitHub issue discussion in one of the existing projects in the organization. Once sufficient discussion has taken place (~3-5 business days but depending on the volume of conversation), the maintainers of *the project where the issue was opened* (since different projects in the organization may have different maintainers) will decide whether the new project should be added. See the section above on voting if the maintainers cannot easily decide. ================================================ FILE: LICENSE ================================================ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner]. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================ FILE: NOTICE ================================================ Envoy Copyright 2016-2019 Envoy Project Authors Licensed under Apache License 2.0. See LICENSE for terms. ================================================ FILE: OWNERS.md ================================================ * See [CONTRIBUTING.md](CONTRIBUTING.md) for general contribution guidelines. * See [GOVERNANCE.md](GOVERNANCE.md) for governance guidelines and maintainer responsibilities. This page lists all active maintainers and their areas of expertise. This can be used for routing PRs, questions, etc. to the right place. # Senior maintainers * Matt Klein ([mattklein123](https://github.com/mattklein123)) (mklein@lyft.com) * Catch-all, "all the things", and generally trying to make himself obsolete as fast as possible. * Harvey Tuch ([htuch](https://github.com/htuch)) (htuch@google.com) * APIs, xDS, UDPA, gRPC, configuration, security, Python, and Bash. * Alyssa Wilk ([alyssawilk](https://github.com/alyssawilk)) (alyssar@google.com) * HTTP, flow control, cluster manager, load balancing, and core networking (listeners, connections, etc.). * Stephan Zuercher ([zuercher](https://github.com/zuercher)) (zuercher@gmail.com) * Load balancing, upstream clusters and cluster manager, logging, complex HTTP routing (metadata, etc.), and macOS build. * Lizan Zhou ([lizan](https://github.com/lizan)) (lizan@tetrate.io) * gRPC, gRPC/JSON transcoding, and core networking (transport socket abstractions), Bazel, build issues, and CI in general. * Snow Pettersen ([snowp](https://github.com/snowp)) (aickck@gmail.com) * Upstream, host/priority sets, load balancing, and retry plugins. * Greg Greenway ([ggreenway](https://github.com/ggreenway)) (ggreenway@apple.com) * TLS, TCP proxy, listeners, and HTTP proxy/connection pooling. # Maintainers * Asra Ali ([asraa](https://github.com/asraa)) (asraa@google.com) * Fuzzing, security, headers, HTTP/gRPC, router, access log, tests. * Yan Avlasov ([yanavlasov](https://github.com/yanavlasov)) (yavlasov@google.com) * Data plane, codecs, security, configuration. * Jose Nino ([junr03](https://github.com/junr03)) (jnino@lyft.com) * Outlier detection, HTTP routing, xDS, configuration/operational questions. * Dhi Aurrahman ([dio](https://github.com/dio)) (dio@tetrate.io) * Lua, access logging, and general miscellany. * Joshua Marantz ([jmarantz](https://github.com/jmarantz)) (jmarantz@google.com) * Stats, abseil, scalability, and performance. * Antonio Vicente ([antoniovicente](https://github.com/antoniovicente)) (avd@google.com) * Event management, security, performance, data plane. # Envoy security team * All maintainers * Piotr Sikora ([PiotrSikora](https://github.com/PiotrSikora)) (piotrsikora@google.com) * Tony Allen ([tonya11en](https://github.com/tonya11en)) (tallen@lyft.com) # Emeritus maintainers * Constance Caramanolis ([ccaraman](https://github.com/ccaraman)) (ccaramanolis@lyft.com) * Roman Dzhabarov ([RomanDzhabarov](https://github.com/RomanDzhabarov)) (rdzhabarov@lyft.com) * Bill Gallagher ([wgallagher](https://github.com/wgallagher)) (bgallagher@lyft.com) * Dan Noé ([dnoe](https://github.com/dnoe)) (dpn@google.com) # Friends of Envoy This section lists a few people that are not maintainers but typically help out with subject matter expert reviews. Feel free to loop them in as needed. * Piotr Sikora ([PiotrSikora](https://github.com/PiotrSikora)) (piotrsikora@google.com) * TLS, BoringSSL, and core networking (listeners, connections, etc.). * Shriram Rajagopalan ([rshriram](https://github.com/rshriram)) (shriram@us.ibm.com) * Istio, APIs, HTTP routing, and WebSocket. * John Millikin ([jmillikin-stripe](https://github.com/jmillikin-stripe)) (jmillikin@stripe.com) * Bazel/build. * Daniel Hochman ([danielhochman](https://github.com/danielhochman)) (dhochman@lyft.com) * Redis, Python, configuration/operational questions. * Yuchen Dai ([lambdai](https://github.com/lambdai)) (lambdai@google.com) * v2 xDS, listeners, filter chain discovery service. ================================================ FILE: PULL_REQUESTS.md ================================================ When creating an Envoy pull request (PR) the text box will automatically be filled in with the basic fields from the [pull request template](PULL_REQUEST_TEMPLATE.md). The following is a more detailed explanation of what should go in each field. ### Title The title of the PR should brief (one line) noting the subsystem or the aspect this PR applies to and explaining the overall change. Both the component and the explanation must be lower case. For example: * ci: update build image to 44d539cb * docs: fix indent, buffer: add copyOut() method * router:add x-envoy-overloaded header * tls: add support for specifying TLS session ticket keys ### Commit Message The commit message field should include an explanation of what this PR does. This will be used as the final commit message that maintainers will use to populate the commit message when merging. If this PR causes a change in behavior it should document the behavior before and after. If fixing a bug, please describe what the original issue is and how the change resolves it. If it is configuration controlled, it should note how the feature is enabled etc... ### Additional Description The additional description field should include information of what this PR does that may be out of scope for a commit message. This could include additional information or context useful to reviewers. ### Risk Risk Level is one of: Low | Medium | High Low: Small bug fix or small optional feature. Medium: New features that are not enabled(for example: new filter). Small-medium features added to existing components(for example: modification to an existing filter). High: Complicated changes such as flow control, rewrites of critical components, etc. Note: The above is only a rough guide for choosing a level, please ask if you have any concerns about the risk of the PR. ### Testing The testing section should include an explanation of what testing was done, for example: unit test, integration, manual testing, etc. Note: It isn’t expected to do all forms of testing, please use your best judgement or ask for guidance if you are unsure. A good rule of thumb is the riskier the change, the more comprehensive the testing should be. ### Documentation If there are documentation changes, please include a brief description of what they are. Docs changes may be in [docs/root](docs/root) and/or inline with the API protos. Please write in N/A if there were no documentation changes. Any PRs with structural changes to the dataplane should also update the [Life of a Request](docs/root/intro/life_of_a_request.md) documentation as appropriate. ### Release notes If this change is user impacting OR extension developer impacting (filter API, etc.) you **must** add a release note to the [version history](docs/root/version_history/current.rst) for the current version. Please include any relevant links. Each release note should be prefixed with the relevant subsystem in **alphabetical order** (see existing examples as a guide) and include links to relevant parts of the documentation. Thank you! Please write in N/A if there are no release notes. ### Runtime guard If this PR has a user-visible behavioral change, or otherwise falls under the guidelines for runtime guarding in the [contributing doc](CONTRIBUTING.md) it should have a runtime guard, which should be documented both in the release notes and here in the PR description. For new feature additions guarded by configs, no-op refactors, docs changes etc. this field can be disregarded and/or removed. ### Issues If this PR fixes an outstanding issue, please add a line of the form: Fixes #Issue This will result in the linked issue being automatically closed when the PR is merged. If you want to associate an issue with a PR without closing the issue, you may instead just tag the PR with the issue: \#Issue ### Deprecated If this PR deprecates existing Envoy APIs or code, it should include an update to the deprecated section of the [version history](docs/root/version_history/current.rst) and a one line note in the PR description. If you mark existing APIs or code as deprecated, when the next release is cut, the deprecation script will create and assign an issue to you for cleaning up the deprecated code path. ================================================ FILE: PULL_REQUEST_TEMPLATE.md ================================================ For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/master/PULL_REQUESTS.md) Commit Message: Additional Description: Risk Level: Testing: Docs Changes: Release Notes: [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Deprecated:] ================================================ FILE: README.md ================================================ ![Envoy Logo](https://github.com/envoyproxy/artwork/blob/master/PNG/Envoy_Logo_Final_PANTONE.png) [Cloud-native high-performance edge/middle/service proxy](https://www.envoyproxy.io/) Envoy is hosted by the [Cloud Native Computing Foundation](https://cncf.io) (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who's involved and how Envoy plays a role, read the CNCF [announcement](https://www.cncf.io/blog/2017/09/13/cncf-hosts-envoy/). [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/1266/badge)](https://bestpractices.coreinfrastructure.org/projects/1266) [![Azure Pipelines](https://dev.azure.com/cncf/envoy/_apis/build/status/11?branchName=master)](https://dev.azure.com/cncf/envoy/_build/latest?definitionId=11&branchName=master) [![CircleCI](https://circleci.com/gh/envoyproxy/envoy/tree/master.svg?style=shield)](https://circleci.com/gh/envoyproxy/envoy/tree/master) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/envoy.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:envoy) [![Jenkins](https://img.shields.io/jenkins/s/https/powerci.osuosl.org/job/build-envoy-master/badge/icon/.svg?label=ppc64le%20build)](http://powerci.osuosl.org/job/build-envoy-master/) ## Documentation * [Official documentation](https://www.envoyproxy.io/) * [FAQ](https://www.envoyproxy.io/docs/envoy/latest/faq/overview) * [Unofficial Chinese documentation](https://www.servicemesher.com/envoy/) * Watch [a video overview of Envoy](https://www.youtube.com/watch?v=RVZX4CwKhGE) ([transcript](https://www.microservices.com/talks/lyfts-envoy-monolith-service-mesh-matt-klein/)) to find out more about the origin story and design philosophy of Envoy * [Blog](https://medium.com/@mattklein123/envoy-threading-model-a8d44b922310) about the threading model * [Blog](https://medium.com/@mattklein123/envoy-hot-restart-1d16b14555b5) about hot restart * [Blog](https://medium.com/@mattklein123/envoy-stats-b65c7f363342) about stats architecture * [Blog](https://medium.com/@mattklein123/the-universal-data-plane-api-d15cec7a) about universal data plane API * [Blog](https://medium.com/@mattklein123/lyfts-envoy-dashboards-5c91738816b1) on Lyft's Envoy dashboards ## Related * [data-plane-api](https://github.com/envoyproxy/data-plane-api): v2 API definitions as a standalone repository. This is a read-only mirror of [api](api/). * [envoy-perf](https://github.com/envoyproxy/envoy-perf): Performance testing framework. * [envoy-filter-example](https://github.com/envoyproxy/envoy-filter-example): Example of how to add new filters and link to the main repository. ## Contact * [envoy-announce](https://groups.google.com/forum/#!forum/envoy-announce): Low frequency mailing list where we will email announcements only. * [envoy-security-announce](https://groups.google.com/forum/#!forum/envoy-security-announce): Low frequency mailing list where we will email security related announcements only. * [envoy-users](https://groups.google.com/forum/#!forum/envoy-users): General user discussion. * [envoy-dev](https://groups.google.com/forum/#!forum/envoy-dev): Envoy developer discussion (APIs, feature design, etc.). * [envoy-maintainers](https://groups.google.com/forum/#!forum/envoy-maintainers): Use this list to reach all core Envoy maintainers. * [Twitter](https://twitter.com/EnvoyProxy/): Follow along on Twitter! * [Slack](https://envoyproxy.slack.com/): Slack, to get invited go [here](https://envoyslack.cncf.io). We have the IRC/XMPP gateways enabled if you prefer either of those. Once an account is created, connection instructions for IRC/XMPP can be found [here](https://envoyproxy.slack.com/account/gateways). * NOTE: Response to user questions is best effort on Slack. For a "guaranteed" response please email envoy-users@ per the guidance in the following linked thread. Please see [this](https://groups.google.com/forum/#!topic/envoy-announce/l9zjYsnS3TY) email thread for information on email list usage. ## Contributing Contributing to Envoy is fun and modern C++ is a lot less scary than you might think if you don't have prior experience. To get started: * [Contributing guide](CONTRIBUTING.md) * [Beginner issues](https://github.com/envoyproxy/envoy/issues?q=is%3Aopen+is%3Aissue+label%3Abeginner) * [Build/test quick start using docker](ci#building-and-running-tests-as-a-developer) * [Developer guide](DEVELOPER.md) * Consider installing the Envoy [development support toolchain](https://github.com/envoyproxy/envoy/blob/master/support/README.md), which helps automate parts of the development process, particularly those involving code review. * Please make sure that you let us know if you are working on an issue so we don't duplicate work! ## Community Meeting The Envoy team meets twice per month on Tuesday, alternating between 9am PT and 5PM PT. The public Google calendar is here: https://goo.gl/PkDijT * Meeting minutes are [here](https://goo.gl/5Cergb) * Recorded videos are posted [here](https://www.youtube.com/channel/UCvqbFHwN-nwalWPjPUKpvTA/videos?view=0&sort=dd&shelf_id=1) ## Security ### Security Audit A third party security audit was performed by Cure53, you can see the full report [here](docs/SECURITY_AUDIT.pdf). ### Reporting security vulnerabilities If you've found a vulnerability or a potential vulnerability in Envoy please let us know at [envoy-security](mailto:envoy-security@googlegroups.com). We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively. For further details please see our complete [security release process](SECURITY.md). ================================================ FILE: RELEASES.md ================================================ # Release Process ## Active development Active development is happening on the `master` branch, and a new version is released from it at the end of each quarter. ## Stable releases Stable releases of Envoy include: * Extended maintenance window (any version released in the last 12 months). * Security fixes backported from the `master` branch (including those deemed not worthy of creating a CVE). * Stability fixes backported from the `master` branch (anything that can result in a crash, including crashes triggered by a trusted control plane). * Bugfixes, deemed worthwhile by the maintainers of stable releases. ### Hand-off Hand-off to the maintainers of stable releases happens after Envoy maintainers release a new version from the `master` branch by creating a `vX.Y.0` tag and a corresponding `release/vX.Y` branch, with merge permissions given to the release manager of stable releases, and CI configured to execute tests on it. ### Security releases Critical security fixes are owned by the Envoy security team, which provides fixes for the `master` branch, and the latest release branch. Once those fixes are ready, the maintainers of stable releases backport them to the remaining supported stable releases. ### Backports All other security and reliability fixes can be nominated for backporting to stable releases by Envoy maintainers, Envoy security team, the change author, or members of the Envoy community by adding the `backport/review` or `backport/approved` label (this can be done using [repokitteh]'s `/backport` command). Changes nominated by the change author and/or members of the Envoy community are evaluated for backporting on a case-by-case basis, and require approval from either the release manager of stable release, Envoy maintainers, or Envoy security team. Once approved, those fixes are backported from the `master` branch to all supported stable branches by the maintainers of stable releases. New stable versions from non-critical security fixes are released on a regular schedule, initially aiming for the bi-weekly releases. ### Release management Release managers of stable releases are responsible for approving and merging backports, tagging stable releases and sending announcements about them. This role is rotating on a quarterly basis. | Quarter | Release manager | |:-------:|:----------------------------:| | 2020 Q1 | Piotr Sikora ([PiotrSikora]) | | 2020 Q2 | Piotr Sikora ([PiotrSikora]) | | 2020 Q3 | Yuchen Dai ([lambdai]) | ## Release schedule In order to accommodate downstream projects, new Envoy releases are produced on a fixed release schedule (at the end of each quarter), with an acceptable delay of up to 2 weeks, with a hard deadline of 3 weeks. | Version | Expected | Actual | Difference | End of Life | |:-------:|:----------:|:----------:|:----------:|:-----------:| | 1.12.0 | 2019/09/30 | 2019/10/31 | +31 days | 2020/10/31 | | 1.13.0 | 2019/12/31 | 2020/01/20 | +20 days | 2021/01/20 | | 1.14.0 | 2020/03/31 | 2020/04/08 | +8 days | 2021/04/08 | | 1.15.0 | 2020/06/30 | 2020/07/07 | +7 days | 2021/07/07 | | 1.16.0 | 2020/09/30 | 2020/10/08 | +8 days | 2021/10/08 | | 1.17.0 | 2020/12/31 | | | | [repokitteh]: https://github.com/repokitteh [PiotrSikora]: https://github.com/PiotrSikora ================================================ FILE: REPO_LAYOUT.md ================================================ # Repository layout overview This is a high level overview of how the repository is laid out to both aid in code investigation, as well as to clearly specify how extensions are added to the repository. The top level directories are: * [.circleci/](.circleci/): Configuration for [CircleCI](https://circleci.com/gh/envoyproxy). * [api/](api/): Envoy data plane API. * [bazel/](bazel/): Configuration for Envoy's use of [Bazel](https://bazel.build/). * [ci/](ci/): Scripts used both during CI as well as to build Docker containers. * [configs/](configs/): Example Envoy configurations. * [docs/](docs/): End user facing Envoy proxy and data plane API documentation as well as scripts for publishing final docs during releases. * [examples/](examples/): Larger Envoy examples using Docker and Docker Compose. * [include/](include/): "Public" interface headers for "core" Envoy. In general, these are almost entirely 100% abstract classes. There are a few cases of not-abstract classes in the "public" headers, typically for performance reasons. Note that "core" includes some "extensions" such as the HTTP connection manager filter and associated functionality which are so fundamental to Envoy that they will likely never be optional from a compilation perspective. * [restarter/](restarter/): Envoy's hot restart wrapper Python script. * [source/](source/): Source code for core Envoy as well as extensions. The layout of this directory is discussed in further detail below. * [support/](support/): Development support scripts (pre-commit Git hooks, etc.) * [test/](test/): Test code for core Envoy as well as extensions. The layout of this directory is discussed in further detail below. * [tools/](tools/): Miscellaneous tools that have not found a home somewhere else. ## [source/](source/) * [common/](source/common/): Core Envoy code (not specific to extensions) that is also not specific to a standalone server implementation. I.e., this is the code that could be used if Envoy were eventually embedded as a library. * [docs/](source/docs/): Miscellaneous developer/design documentation that is not relevant for the public user documentation. * [exe/](source/exe/): Code specific to building the final production Envoy server binary. This is the only code that is not shared by integration and unit tests. * [extensions/](source/extensions/): Extensions to the core Envoy code. The layout of this directory is discussed in further detail below. * [server/](source/server/): Code specific to running Envoy as a standalone server. E.g, configuration, server startup, workers, etc. Over time, the line between `common/` and `server/` has become somewhat blurred. Use best judgment as to where to place something. ## [test/](test/) Not every directory within test is described below, but a few highlights: * Unit tests are found in directories matching their [source/](source/) equivalents. E.g., [common/](test/common/), [exe/](test/exe/), and [server/](test/server/). * Extension unit tests also match their source equivalents in [extensions/](test/extensions/). * [integration/](test/integration/) holds end-to-end integration tests using roughly the real Envoy server code, fake downstream clients, and fake upstream servers. Integration tests also test some of the extensions found in the repository. Note that in the future, we would like to allow integration tests that are specific to extensions and are not required for covering "core" Envoy functionality. Those integration tests will likely end up in the [extensions/](test/extensions/) directory but further work and thinking is required before we get to that point. * [mocks/](test/mocks/) contains mock implementations of all of the core Envoy interfaces found in [include/](include/). * Other directories include tooling used for configuration testing, coverage testing, fuzz testing, common test code, etc. ## [source/extensions](source/extensions/) layout We maintain a very specific code and namespace layout for extensions. This aids in discovering code/extensions, and also will allow us in the future to more easily scale out our extension maintainers by having OWNERS files specific to certain extensions. (As of this writing, this is not currently implemented but that is the plan moving forward.) * All extensions are either registered in [all_extensions.bzl](source/extensions/all_extensions.bzl) or [extensions_build_config.bzl](source/extensions/extensions_build_config.bzl). The former is for extensions that cannot be removed from the primary Envoy build. The latter is for extensions that can be removed on a site specific basis. See [bazel/README.md](bazel/README.md) for how to compile out extensions on a site specific basis. Note that by default extensions should be removable from the build unless there is a very good reason. * These are the top level extension directories and associated namespaces: * [access_loggers/](/source/extensions/access_loggers): Access log implementations which use the `Envoy::Extensions::AccessLoggers` namespace. * [filters/http/](/source/extensions/filters/http): HTTP L7 filters which use the `Envoy::Extensions::HttpFilters` namespace. * [filters/listener/](/source/extensions/filters/listener): Listener filters which use the `Envoy::Extensions::ListenerFilters` namespace. * [filters/network/](/source/extensions/filters/network): L4 network filters which use the `Envoy::Extensions::NetworkFilters` namespace. * [grpc_credentials/](/source/extensions/grpc_credentials): Custom gRPC credentials which use the `Envoy::Extensions::GrpcCredentials` namespace. * [health_checker/](/source/extensions/health_checker): Custom health checkers which use the `Envoy::Extensions::HealthCheckers` namespace. * [resolvers/](/source/extensions/resolvers): Network address resolvers which use the `Envoy::Extensions::Resolvers` namespace. * [stat_sinks/](/source/extensions/stat_sinks): Stat sink implementations which use the `Envoy::Extensions::StatSinks` namespace. * [tracers/](/source/extensions/tracers): Tracers which use the `Envoy::Extensions::Tracers` namespace. * [transport_sockets/](/source/extensions/transport_sockets): Transport socket implementations which use the `Envoy::Extensions::TransportSockets` namespace. * Each extension is contained wholly in its own namespace. E.g., `Envoy::Extensions::NetworkFilters::Echo`. * Common code that is used by multiple extensions should be in a `common/` directory as close to the extensions as possible. E.g., [filters/common/](/source/extensions/filters/common) for common code that is used by both HTTP and network filters. Common code used only by two HTTP filters would be found in `filters/http/common/`. Common code should be placed in a common namespace. E.g., `Envoy::Extensions::Filters::Common`. ================================================ FILE: SECURITY.md ================================================ # Security Reporting Process Please report any security issue or Envoy crash report to envoy-security@googlegroups.com where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. # Security Release Process Envoy is a large growing community of volunteers, users, and vendors. The Envoy community has adopted this security disclosure and response policy to ensure we responsibly handle critical issues. ## Product Security Team (PST) Security vulnerabilities should be handled quickly and sometimes privately. The primary goal of this process is to reduce the total time users are vulnerable to publicly known exploits. The Product Security Team (PST) is responsible for organizing the entire response including internal communication and external disclosure but will need help from relevant developers to successfully run this process. The initial Product Security Team will consist of all [maintainers](OWNERS.md) in the private [envoy-security](https://groups.google.com/forum/#!forum/envoy-security) list. In the future we may decide to have a subset of maintainers work on security response given that this process is time consuming. ## Disclosures ### Private Disclosure Processes The Envoy community asks that all suspected vulnerabilities be privately and responsibly disclosed via the [reporting policy](README.md#reporting-security-vulnerabilities). ### Public Disclosure Processes If you know of a publicly disclosed security vulnerability please IMMEDIATELY email [envoy-security](https://groups.google.com/forum/#!forum/envoy-security) to inform the Product Security Team (PST) about the vulnerability so they may start the patch, release, and communication process. If possible the PST will ask the person making the public report if the issue can be handled via a private disclosure process (for example if the full exploit details have not yet been published). If the reporter denies the request for private disclosure, the PST will move swiftly with the fix and release process. In extreme cases GitHub can be asked to delete the issue but this generally isn't necessary and is unlikely to make a public disclosure less damaging. ## Patch, Release, and Public Communication For each vulnerability a member of the PST will volunteer to lead coordination with the "Fix Team" and is responsible for sending disclosure emails to the rest of the community. This lead will be referred to as the "Fix Lead." The role of Fix Lead should rotate round-robin across the PST. Note that given the current size of the Envoy community it is likely that the PST is the same as the "Fix team." (I.e., all maintainers). The PST may decide to bring in additional contributors for added expertise depending on the area of the code that contains the vulnerability. All of the timelines below are suggestions and assume a private disclosure. The Fix Lead drives the schedule using their best judgment based on severity and development time. If the Fix Lead is dealing with a public disclosure all timelines become ASAP (assuming the vulnerability has a CVSS score >= 4; see below). If the fix relies on another upstream project's disclosure timeline, that will adjust the process as well. We will work with the upstream project to fit their timeline and best protect our users. ### Released versions and master branch If the vulnerability affects the last point release version, e.g. 1.10, then the full security release process described in this document will be activated. A security point release will be created for 1.10, e.g. 1.10.1, together with a fix to master if necessary. Older point releases, e.g. 1.9, are not supported by the Envoy project and will not have any security release created. If a security vulnerability affects only these older versions but not master or the last supported point release, the Envoy security team will share this information with the private distributor list, following the standard embargo process, but not create a security release. After the embargo expires, the vulnerability will be described as a GitHub issue. A CVE will be filed if warranted by severity. If a vulnerability does not affect any point release but only master, additional caveats apply: * If the issue is detected and a fix is available within 7 days of the introduction of the vulnerability, or the issue is deemed a low severity vulnerability by the Envoy maintainer and security teams, the fix will be publicly reviewed and landed on master. If the severity is at least medium or at maintainer discretion a courtesy e-mail will be sent to envoy-users@googlegroups.com, envoy-dev@googlegroups.com, envoy-security-announce@googlegroups.com and cncf-envoy-distributors-announce@lists.cncf.io. * If the vulnerability has been in existence for more than 7 days and is medium or higher, we will activate the security release process. We advise distributors and operators working from the master branch to allow at least 5 days soak time after cutting a binary release before distribution or rollout, to allow time for our fuzzers to detect issues during their execution on ClusterFuzz. A soak period of 7 days provides an even stronger guarantee, since we will invoke the security release process for medium or higher severity issues for these older bugs. ### Threat model See https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model. Vulnerabilities are evaluated against this threat model when deciding whether to activate the Envoy security release process. ### Fix Team Organization These steps should be completed within the first 24 hours of disclosure. - The Fix Lead will work quickly to identify relevant engineers from the affected projects and packages and CC those engineers into the disclosure thread. These selected developers are the Fix Team. - The Fix Lead will get the Fix Team access to private security repos to develop the fix. ### Fix Development Process These steps should be completed within the 1-7 days of Disclosure. - The Fix Lead and the Fix Team will create a [CVSS](https://www.first.org/cvss/specification-document) using the [CVSS Calculator](https://www.first.org/cvss/calculator/3.0). The Fix Lead makes the final call on the calculated CVSS; it is better to move quickly than making the CVSS perfect. - The Fix Team will notify the Fix Lead that work on the fix branch is complete once there are LGTMs on all commits in the private repo from one or more maintainers. If the CVSS score is under 4.0 ([a low severity score](https://www.first.org/cvss/specification-document#i5)) the Fix Team can decide to slow the release process down in the face of holidays, developer bandwidth, etc. These decisions must be discussed on the envoy-security mailing list. A three week window will be provided to members of the private distributor list from candidate patch availability until the security release date. It is expected that distributors will normally be able to perform a release within this time window. If there are exceptional circumstances, the Envoy security team will raise this window to four weeks. The release window will be reduced if the security issue is public or embargo is broken. We will endeavor not to overlap this three week window with or place it adjacent to major corporate holiday periods or end-of-quarter (e.g. impacting downstream Istio releases), where possible. ### Fix and disclosure SLOs * All reports to envoy-security@googlegroups.com will be triaged and have an initial response within 1 business day. * Privately disclosed issues will be fixed or publicly disclosed within 90 days by the Envoy security team. In exceptional circumstances we reserve the right to work with the discloser to coordinate on an extension, but this will be rarely used. * Any issue discovered by the Envoy security team and raised in our private bug tracker will be converted to a public issue within 90 days. We will regularly audit these issues to ensure that no major vulnerability (from the perspective of the threat model) is accidentally leaked. * Fuzz bugs are subject to a 90 day disclosure deadline. * Three weeks notice will be provided to private distributors from patch availability until the embargo deadline. * Public zero days will be fixed ASAP, but there is no SLO for this, since this will depend on the severity and impact to the organizations backing the Envoy security team. ### Fix Disclosure Process With the fix development underway, the Fix Lead needs to come up with an overall communication plan for the wider community. This Disclosure process should begin after the Fix Team has developed a Fix or mitigation so that a realistic timeline can be communicated to users. **Disclosure of Forthcoming Fix to Users** (Completed within 1-7 days of Disclosure) - The Fix Lead will email [envoy-security-announce@googlegroups.com](https://groups.google.com/forum/#!forum/envoy-security-announce) (CC [envoy-announce@googlegroups.com](https://groups.google.com/forum/#!forum/envoy-announce)) informing users that a security vulnerability has been disclosed and that a fix will be made available at YYYY-MM-DD HH:MM UTC in the future via this list. This time is the Release Date. - The Fix Lead will include any mitigating steps users can take until a fix is available. The communication to users should be actionable. They should know when to block time to apply patches, understand exact mitigation steps, etc. **Optional Fix Disclosure to Private Distributors List** (Completed within 1-14 days of Disclosure): - The Fix Lead will make a determination with the help of the Fix Team if an issue is critical enough to require early disclosure to distributors. Generally this Private Distributor Disclosure process should be reserved for remotely exploitable or privilege escalation issues. Otherwise, this process can be skipped. - The Fix Lead will email the patches to cncf-envoy-distributors-announce@lists.cncf.io so distributors can prepare builds to be available to users on the day of the issue's announcement. Any patches against main will be updated and resent weekly. Distributors should read about the [Private Distributors List](#private-distributors-list) to find out the requirements for being added to this list. - **What if a vendor breaks embargo?** The PST will assess the damage. The Fix Lead will make the call to release earlier or continue with the plan. When in doubt push forward and go public ASAP. **Fix Release Day** (Completed within 1-21 days of Disclosure) - The maintainers will create a new patch release branch from the latest patch release tag + the fix from the security branch. As a practical example if v1.5.3 is the latest patch release in Envoy.git a new branch will be created called v1.5.4 which includes only patches required to fix the issue. - The Fix Lead will cherry-pick the patches onto the master branch and all relevant release branches. The Fix Team will LGTM and merge. Maintainers will merge these PRs as quickly as possible. Changes shouldn't be made to the commits even for a typo in the CHANGELOG as this will change the git sha of the commits leading to confusion and potentially conflicts as the fix is cherry-picked around branches. - The Fix Lead will request a CVE from [DWF](https://github.com/distributedweaknessfiling/DWF-Documentation) and include the CVSS and release details. - The Fix Lead will email envoy-{dev,users,announce}@googlegroups.com now that everything is public announcing the new releases, the CVE number, and the relevant merged PRs to get wide distribution and user action. As much as possible this email should be actionable and include links on how to apply the fix to user's environments; this can include links to external distributor documentation. - The Fix Lead will remove the Fix Team from the private security repo. ### Retrospective These steps should be completed 1-3 days after the Release Date. The retrospective process [should be blameless](https://landing.google.com/sre/book/chapters/postmortem-culture.html). - The Fix Lead will send a retrospective of the process to envoy-dev@googlegroups.com including details on everyone involved, the timeline of the process, links to relevant PRs that introduced the issue, if relevant, and any critiques of the response and release process. - Maintainers and Fix Team are also encouraged to send their own feedback on the process to envoy-dev@googlegroups.com. Honest critique is the only way we are going to get good at this as a community. ## Private Distributors List This list is intended to be used primarily to provide actionable information to multiple distribution vendors as well as a *limited* set of high impact end users at once. *This list is not intended in the general case for end users to find out about security issues*. ### Embargo Policy The information members receive on cncf-envoy-distributors-announce must not be made public, shared, nor even hinted at anywhere beyond the need-to-know within your specific team except with the list's explicit approval. This holds true until the public disclosure date/time that was agreed upon by the list. Members of the list and others may not use the information for anything other than getting the issue fixed for your respective users. Before any information from the list is shared with respective members of your team required to fix said issue, they must agree to the same terms and only find out information on a need-to-know basis. We typically expect a single point-of-contact (PoC) at any given legal entity. Within the organization, it is the responsibility of the PoC to share CVE and related patches internally. This should be performed on a strictly need-to-know basis with affected groups to the extent that this is technically plausible. All teams should be aware of the embargo conditions and accept them. Ultimately, if an organization breaks embargo transitively through such sharing, they will lose the early disclosure privilege, so it's in their best interest to carefully share information internally, following best practices and use their judgement in balancing the tradeoff between protecting users and maintaining confidentiality. The embargo applies to information shared, source code and binary images. **It is a violation of the embargo policy to share binary distributions of the security fixes before the public release date.** This includes, but is not limited to, Envoy binaries and Docker images. It is expected that distributors have a method to stage and validate new binaries without exposing them publicly. If the information shared is under embargo from a third party, where Envoy is one of many projects that a disclosure is shared with, it is critical to consider that the ramifications of any leak will extend beyond the Envoy community and will leave us in a position in which we will be less likely to receive embargoed reports in the future. In the unfortunate event you share the information beyond what is allowed by this policy, you _must_ urgently inform the envoy-security@googlegroups.com mailing list of exactly what information leaked and to whom. A retrospective will take place after the leak so we can assess how to prevent making the same mistake in the future. If you continue to leak information and break the policy outlined here, you will be removed from the list. ### Contributing Back This is a team effort. As a member of the list you must carry some water. This could be in the form of the following: **Technical** - Review and/or test the proposed patches and point out potential issues with them (such as incomplete fixes for the originally reported issues, additional issues you might notice, and newly introduced bugs), and inform the list of the work done even if no issues were encountered. **Administrative** - Help draft emails to the public disclosure mailing list. - Help with release notes. ### Membership Criteria To be eligible for the cncf-envoy-distributors-announce mailing list, your use of Envoy should: 1. Be either: 1. An actively maintained distribution of Envoy components. An example is "SuperAwesomeLinuxDistro" which offers Envoy pre-built packages. Another example is "SuperAwesomeServiceMesh" which offers a service mesh product that includes Envoy as a component. OR 2. Offer Envoy as a publicly available infrastructure or platform service, in which the product clearly states (e.g. public documentation, blog posts, marketing copy, etc.) that it is built on top of Envoy. E.g., "SuperAwesomeCloudProvider's Envoy as a Service (EaaS)". An infrastructure service that uses Envoy for a product but does not publicly say they are using Envoy does not *generally* qualify (see option 3 that follows). This is essentially IaaS or PaaS. If you use Envoy to support a SaaS, e.g. "SuperAwesomeCatVideoService", this does not *generally* qualify. OR 3. An end user of Envoy that satisfies the following requirements: 1. Is "well known" to the Envoy community. Being "well known" is fully subjective and determined by the Envoy maintainers and security team. Becoming "well known" would generally be achieved by activities such as: PR contributions, either code or documentation; helping other end users on Slack, GitHub, and the mailing lists; speaking about use of Envoy at conferences; writing about use of Envoy in blog posts; sponsoring Envoy conferences, meetups, and other activities; etc. This is a more strict variant of item 5 below. 2. Is of sufficient size, scale, and impact to make your inclusion on the list worthwhile. The definition of size, scale, and impact is fully subjective and determined by the Envoy maintainers and security team. The definition will not be discussed further in this document. 3. You *must* smoke test and then widely deploy security patches promptly and report back success or failure ASAP. Furthermore, the Envoy maintainers may occasionally ask you to smoke test especially risky public PRs before they are merged. Not performing these tasks in a reasonably prompt timeframe will result in removal from the list. This is a more strict variant of item 7 below. 4. In order to balance inclusion in the list versus a greater chance of accidental disclosure, end users added to the list via this option will be limited to a total of **10** slots. Periodic review (see below) may allow new slots to open, so please continue to apply if it seems your organization would otherwise qualify. The security team also reserves the right to change this limit in the future. 2. Have a user or customer base not limited to your own organization (except for option 3 above). We will use the size of the user or customer base as part of the criteria to determine eligibility. 3. Have a publicly verifiable track record up to present day of fixing security issues. 4. Not be a downstream or rebuild of another distribution. 5. Be a participant and active contributor in the community. 6. Accept the [Embargo Policy](#embargo-policy) that is outlined above. You must have a way to privately stage and validate your updates that does not violate the embargo. 7. Be willing to [contribute back](#contributing-back) as outlined above. 8. Be able to perform a security release of your product within a three week window from candidate fix patch availability. 9. Have someone already on the list vouch for the person requesting membership on behalf of your distribution. 10. Nominate an e-mail alias or list for your organization to receive updates. This should not be an individual user address, but instead a list that can be maintained by your organization as individuals come and go. A good example is envoy-security@seven.com, a bad example is acidburn@seven.com. You must accept the invite sent to this address or you will not receive any e-mail updates. This e-mail address will be [shared with the Envoy community](#Members). Note that Envoy maintainers are members of the Envoy security team. [Members of the Envoy security team](OWNERS.md#envoy-security-team) and the organizations that they represent are implicitly included in the private distributor list. These organizations do not need to meet the above list of criteria with the exception of the acceptance of the embargo policy. ### Requesting to Join New membership requests are sent to envoy-security@googlegroups.com. In the body of your request please specify how you qualify and fulfill each criterion listed in [Membership Criteria](#membership-criteria). Here is a pseudo example: ``` To: envoy-security@googlegroups.com Subject: Seven-Corp Membership to cncf-envoy-distributors-announce Below are each criterion and why I think we, Seven-Corp, qualify. > 1. Be an actively maintained distribution of Envoy components OR offer Envoy as a publicly available service in which the product clearly states that it is built on top of Envoy OR be a well known end user of sufficient size, scale, and impact to make your inclusion worthwhile. We distribute the "Seven" distribution of Envoy [link]. We have been doing this since 1999 before proxies were even cool. OR We use Envoy for our #1 rated cat video service and have 40 billion MAU, proxying 40 trillion^2 RPS through Envoy at the edge. Secure cat videos are our top priority. We also contribute a lot to the Envoy community by implementing features, not making Matt ask for documentation or tests, and writing blog posts about efficient Envoy cat video serving. > 2. Have a user or customer base not limited to your own organization. Please specify an > approximate size of your user or customer base, including the number of > production deployments. Our user base spans of the extensive "Seven" community. We have a slack and GitHub repos and mailing lists where the community hangs out. We have ~2000 customers, of which approximately 400 are using Seven in production. [links] > 3. Have a publicly verifiable track record up to present day of fixing security issues. We announce on our blog all upstream patches we apply to "Seven." [link to blog posts] > 4. Not be a downstream or rebuild of another distribution. If you offer Envoy as a publicly > available infrastructure or platform service, this condition does not need to apply. This does not apply, "Seven" is a unique snowflake distribution. > 5. Be a participant and active contributor in the community. Our members, Acidburn, Cereal, and ZeroCool are outstanding members and are well known throughout the Envoy community. Especially for their contributions in hacking the Gibson. > 6. Accept the Embargo Policy that is outlined above. You must have a way to privately stage and validate your updates that does not violate the embargo. We accept. > 7. Be willing to contribute back as outlined above. We are definitely willing to help! > 8. Be able to perform a security release of your product within a three week window from candidate fix patch availability. We affirm we can spin out new security releases within a 2 week window. > 9. Have someone already on the list vouch for the person requesting membership > on behalf of your distribution. CrashOverride will vouch for the "Seven" distribution joining the distribution list. > 10. Nominate an e-mail alias or list for your organization to receive updates. This should not be an individual user address, but instead a list that can be maintained by your organization as individuals come and go. A good example is envoy-security@seven.com, a bad example is acidburn@seven.com. You must accept the invite sent to this address or you will not receive any e-mail updates. This e-mail address will be shared with the Envoy community. envoy-security@seven.com ``` ### Review of membership criteria In all cases, members of the distribution list will be reviewed on a yearly basis by the maintainers and security team to ensure they still qualify for inclusion on the list. ### Members | E-mail | Organization | End User | Last Review | |-------------------------------------------------------|:-------------:|:--------:|:-----------:| | envoy-security-team@aspenmesh.io | Aspen Mesh | No | 12/19 | | aws-app-mesh-security@amazon.com | AWS | No | 12/19 | | security@cilium.io | Cilium | No | 12/19 | | vulnerabilityreports@cloudfoundry.org | Cloud Foundry | No | 12/19 | | secalert@datawire.io | Datawire | No | 12/19 | | google-internal-envoy-security@google.com | Google | No | 12/19 | | argoprod@us.ibm.com | IBM | No | 12/19 | | istio-security-vulnerability-reports@googlegroups.com | Istio | No | 12/19 | | secalert@redhat.com | Red Hat | No | 12/19 | | envoy-security@solo.io | solo.io | No | 12/19 | | envoy-security@tetrate.io | Tetrate | No | 12/19 | | security@vmware.com | VMware | No | 12/19 | | envoy-security@pinterest.com | Pinterest | Yes | 12/19 | | envoy-security@dropbox.com | Dropbox | Yes | 01/20 | | envoy-security-predisclosure@stripe.com | Stripe | Yes | 01/20 | ================================================ FILE: STYLE.md ================================================ # C++ coding style * The Envoy source code is formatted using clang-format. Thus all white spaces, etc. issues are taken care of automatically. The CircleCI tests will automatically check the code format and fail. There are make targets that can both check the format (check_format) as well as fix the code format for you (fix_format). Errors in .clang-tidy are enforced while other warnings are suggestions. Note that code and comment blocks designated `clang-format off` must be closed with `clang-format on`. To run these checks locally, see [Support Tools](support/README.md). * Beyond code formatting, for the most part Envoy uses the [Google C++ style guidelines](https://google.github.io/styleguide/cppguide.html). The following section covers the major areas where we deviate from the Google guidelines. # Repository file layout * Please see [REPO_LAYOUT.md](REPO_LAYOUT.md). # Documentation * If you are modifying the data plane structually, please keep the [Life of a Request](docs/root/intro/life_of_a_request.md) documentation up-to-date. # Deviations from Google C++ style guidelines * Exceptions are allowed and encouraged where appropriate. When using exceptions, do not add additional error handing that cannot possibly happen in the case an exception is thrown. * Do use exceptions for: - Configuration ingestion error handling. Invalid configurations (dynamic and static) should throw meaningful `EnvoyException`s, the configuration ingestion code will catch these. - Constructor failure. - Error handling in deep call stacks, where exceptions provide material improvements to code complexity and readability. * Apply caution when using exceptions on the data path for general purpose error handling. Exceptions are not caught on the data path and they should not be used for simple error handling, e.g. with shallow call stacks, where explicit error handling provides a more readable and easier to reason about implementation. * References are always preferred over pointers when the reference cannot be null. This includes both const and non-const references. * Function names should all use camel case starting with a lower case letter (e.g., `doFoo()`). * Struct/Class member variables have a `_` postfix (e.g., `int foo_;`). * Enum values using PascalCase (e.g., `RoundRobin`). * 100 columns is the line limit. * Use your GitHub name in TODO comments, e.g. `TODO(foobar): blah`. * Smart pointers are type aliased: * `using FooPtr = std::unique_ptr;` * `using BarSharedPtr = std::shared_ptr;` * `using BlahConstSharedPtr = std::shared_ptr;` * Regular pointers (e.g. `int* foo`) should not be type aliased. * `absl::optional> is type aliased: * `using FooOptRef = absl::optional>;` * `using FooOptConstRef = absl::optional>;` * If move semantics are intended, prefer specifying function arguments with `&&`. E.g., `void onHeaders(Http::HeaderMapPtr&& headers, ...)`. The rationale for this is that it forces the caller to specify `std::move(...)` or pass a temporary and makes the intention at the callsite clear. Otherwise, it's difficult to tell if a const reference is actually being passed to the called function. This is true even for `std::unique_ptr`. * Prefer `unique_ptr` over `shared_ptr` wherever possible. `unique_ptr` makes ownership in production code easier to reason about. Note that this creates some test oddities where production code requires a `unique_ptr` but the test must still have access to the memory the production code is using (mock or otherwise). In these cases it is acceptable to allocate raw memory in a test and return it to the production code with the expectation that the production code will hold it in a `unique_ptr` and free it. Envoy uses the factory pattern quite a bit for these cases. (Search the code for "factory"). * The Google C++ style guide points out that [non-PoD static and global variables are forbidden](https://google.github.io/styleguide/cppguide.html#Static_and_Global_Variables). This _includes_ types such as `std::string`. We encourage the use of the advice in the [C++ FAQ on the static initialization fiasco](https://isocpp.org/wiki/faq/ctors#static-init-order-on-first-use) for how to best handle this. * The Google C++ style guide points out that [constant vars should be named `kConstantVar`](https://google.github.io/styleguide/cppguide.html#Constant_Names). In the Envoy codebase we use `ConstantVar` or `CONSTANT_VAR`. If you pick `CONSTANT_VAR`, please be certain the name is globally significant to avoid potential conflicts with #defines, which are not namespace-scoped, and may appear in externally controlled header files. * API-level comments should follow normal Doxygen conventions. Use `@param` to describe parameters and `@return ` for return values. Internal comments for methods and member variables may be regular C++ `//` comments or Doxygen at developer discretion. Where possible, methods should have meaningful documentation on expected input and state preconditions. * Header guards should use `#pragma once`. * All code should be inside a top-level Envoy namespace. There are some exceptions such as `main()` functions. When code cannot be placed inside the Envoy namespace there should be a comment of the form `// NOLINT(namespace-envoy)` at the top of the file. * If a method that must be defined outside the `test` directory is intended to be called only from test code then it should have a name that ends in `ForTest()` such as `aMethodForTest()`. In most cases tests can and should be structured so this is not necessary. * Tests default to StrictMock so will fail if hitting unexpected warnings. Feel free to use NiceMock for mocks whose behavior is not the focus of a test. * [Thread annotations](https://github.com/abseil/abseil-cpp/blob/master/absl/base/thread_annotations.h), such as `GUARDED_BY`, should be used for shared state guarded by locks/mutexes. * Functions intended to be local to a cc file should be declared in an anonymous namespace, rather than using the 'static' keyword. Note that the [Google C++ style guide](https://google.github.io/styleguide/cppguide.html#Unnamed_Namespaces_and_Static_Variables) allows either, but in Envoy we prefer anonymous namespaces. * Braces are required for all control statements include single line if, while, etc. statements. * Don't use [mangled Protobuf enum names](https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#enum). # Error handling A few general notes on our error handling philosophy: * All error code returns should be checked. * At a very high level, our philosophy is that errors should be handled gracefully when caused by: - Untrusted network traffic OR - Raised by the Envoy process environment and are *likely* to happen * Examples of likely environnmental errors include any type of network error, disk IO error, bad data returned by an API call, bad data read from runtime files, etc. Errors in the Envoy environment that are *unlikely* to happen after process initialization, should lead to process death, under the assumption that the additional burden of defensive coding and testing is not an effective use of time for an error that should not happen given proper system setup. Examples of these types of errors include not being able to open the shared memory region, system calls that should not fail assuming correct parameters (which should be validated via tests), etc. Examples of system calls that should not fail when passed valid parameters include the kernel returning a valid `sockaddr` after a successful call to `accept()`, `pthread_create()`, `pthread_join()`, etc. * OOM events (both memory and FDs) are considered fatal crashing errors. An OOM error should never silently be ignored and should crash the process either via the C++ allocation error exception, an explicit `RELEASE_ASSERT` following a third party library call, or an obvious crash on a subsequent line via null pointer dereference. This rule is again based on the philosophy that the engineering costs of properly handling these cases are not worth it. Time is better spent designing proper system controls that shed load if resource usage becomes too high, etc. * The "less is more" error handling philosophy described in the previous two points is primarily based on the fact that restarts are designed to be fast, reliable and cheap. * Although we strongly recommend that any type of startup error leads to a fatal error, since this is almost always a result of faulty configuration which should be caught during a canary process, there may be cases in which we want some classes of startup errors to be non-fatal. For example, if a misconfigured option is not necessary for server operation. Although this is discouraged, we will discuss these on a case by case basis during code review (an example of this is the `--admin-address-path` option). **If degraded mode error handling is implemented, we require that there is complete test coverage for the degraded case.** Additionally, the user should be aware of the degraded state minimally via an error log of level warn or greater and via the increment of a stat. * If you do need to log a non-fatal warning or error, you can unit-test it with EXPECT_LOG_CONTAINS or EXPECT_NO_LOGS from [logging.h](test/test_common/logging.h). It's generally bad practice to test by depending on log messages unless the actual behavior being validated is logging. It's preferable to export statistics to enable consumption by external monitoring for any behavior that should be externally consumed or to introduce appropriate internal interfaces such as mocks for internal behavior. * The error handling philosophy described herein is based on the assumption that Envoy is deployed using industry best practices (primarily canary). Major and obvious errors should always be caught in canary. If a low rate error leads to periodic crash cycling when deployed to production, the error rate should allow for rollback without large customer impact. * Tip: If the thought of adding the extra test coverage, logging, and stats to handle an error and continue seems ridiculous because *"this should never happen"*, it's a very good indication that the appropriate behavior is to terminate the process and not handle the error. When in doubt, please discuss. * Per above it's acceptable to turn failures into crash semantics via `RELEASE_ASSERT(condition)` or `PANIC(message)` if there is no other sensible behavior, e.g. in OOM (memory/FD) scenarios. Only `RELEASE_ASSERT(condition)` should be used to validate conditions that might be imposed by the external environment. `ASSERT(condition)` should be used to document (and check in debug-only builds) program invariants. Use `ASSERT` liberally, but do not use it for things that will crash in an obvious way in a subsequent line. E.g., do not do `ASSERT(foo != nullptr); foo->doSomething();`. Note that there is a gray line between external environment failures and program invariant violations. For example, memory corruption due to a security issue (a bug, deliberate buffer overflow etc.) might manifest as a violation of program invariants or as a detectable condition in the external environment (e.g. some library returning a highly unexpected error code or buffer contents). Unfortunately no rule can cleanly cover when to use `RELEASE_ASSERT` vs. `ASSERT`. In general we view `ASSERT` as the common case and `RELEASE_ASSERT` as the uncommon case, but experience and judgment may dictate a particular approach depending on the situation. # Hermetic and deterministic tests Tests should be hermetic, i.e. have all dependencies explicitly captured and not depend on the local environment. In general, there should be no non-local network access. In addition: * Port numbers should not be hardcoded. Tests should bind to port zero and then discover the bound port when needed. This avoids flakes due to conflicting ports and allows tests to be executed concurrently by Bazel. See [`test/integration/integration_test.h`](test/integration/integration_test.h) and [`test/common/network/listener_impl_test.cc`](test/common/network/listener_impl_test.cc) for examples of tests that do this. * Paths should be constructed using: * The methods in [`TestEnvironment`](test/test_common/environment.h) for C++ tests. * With `${TEST_TMPDIR}` (for writable temporary space) or `${TEST_SRCDIR}` for read-only access to test inputs in shell tests. * With `{{ test_tmpdir }}`, `{{ test_rundir }}` and `{{ test_udsdir }}` respectively for JSON templates. `{{ test_udsdir }}` is provided for pathname based Unix Domain Sockets, which must fit within a 108 character limit on Linux, a property that might not hold for `{{ test_tmpdir }}`. Tests should be deterministic. They should not rely on randomness or details such as the current time. Instead, mocks such as [`MockRandomGenerator`](test/mocks/runtime/mocks.h) and [`Mock*TimeSource`](test/mocks/common.h) should be used. # Google style guides for other languages * [Python](https://google.github.io/styleguide/pyguide.html) * [Bash](https://google.github.io/styleguide/shell.xml) * [Bazel](https://bazel.build/versions/master/docs/skylark/build-style.html) ================================================ FILE: VERSION ================================================ 1.16.0 ================================================ FILE: WORKSPACE ================================================ workspace(name = "envoy") load("//bazel:api_binding.bzl", "envoy_api_binding") envoy_api_binding() load("//bazel:api_repositories.bzl", "envoy_api_dependencies") envoy_api_dependencies() load("//bazel:repositories.bzl", "envoy_dependencies") envoy_dependencies() load("//bazel:repositories_extra.bzl", "envoy_dependencies_extra") envoy_dependencies_extra() load("//bazel:dependency_imports.bzl", "envoy_dependency_imports") envoy_dependency_imports() ================================================ FILE: api/API_OVERVIEW.md ================================================ # Envoy v2 APIs for developers ## Goals This repository contains both the implemented and draft v2 JSON REST and gRPC [Envoy](https://github.com/envoyproxy/envoy/) APIs. Version 2 of the Envoy API evolves existing APIs and introduces new APIs to: * Allow for more advanced load balancing through load and resource utilization reporting to management servers. * Improve N^2 health check scalability issues by optionally offloading health checking to other Envoy instances. * Support Envoy deployment in edge, sidecar and middle proxy deployment models via changes to the listener model, CDS API, and EDS (formerly called SDS in v1) API. * Allow streaming updates from the management server on change, instead of polling APIs from Envoy. gRPC APIs will be supported alongside JSON REST APIs to provide for this. * Ensure all Envoy runtime configuration is dynamically discoverable via API calls, including listener configuration, certificates and runtime settings, which are today sourced from the filesystem. There will still remain a static bootstrap configuration file that will specify items unlikely to change during runtime, including the Envoy node identity, xDS management server addresses, administration interface and tracing configuration. * Revisit and where appropriate cleanup any v1 technical debt. ## Status See [here](https://www.envoyproxy.io/docs/envoy/latest/configuration/overview/v2_overview.html#status) for the current status of the v2 APIs. See [here](CONTRIBUTING.md#api-changes) for the v2 API change process. ## Principles * [Proto3](https://developers.google.com/protocol-buffers/docs/proto3) will be used to specify the canonical API. This will provide directly the gRPC API and via gRPC-JSON transcoding the JSON REST API. A textual YAML input will be supported for filesystem configuration files (e.g. the bootstrap file), in addition to JSON, as a syntactic convenience. YAML file contents will be internally converted to JSON and then follow the standard JSON-proto3 conversion during Envoy config ingestion. * xDS APIs should support eventual consistency. For example, if RDS references a cluster that has not yet been supplied by CDS, it should be silently ignored and traffic not forwarded until the CDS update occurs. Stronger consistency guarantees are possible if the management server is able to sequence the xDS APIs carefully (for example by using the ADS API below). By following the `[CDS, EDS, LDS, RDS]` sequence for all pertinent resources, it will be possible to avoid traffic outages during configuration update. * The API is primarily intended for machine generation and consumption. It is expected that the management server is responsible for mapping higher level configuration concepts to API responses. Similarly, static configuration fragments may be generated by templating tools, etc. The APIs and tools used to generate xDS configuration are beyond the scope of the definitions in this repository. * REST-JSON API equivalents will be provided for the basic singleton xDS subscription services CDS/EDS/LDS/RDS/SDS. Advanced APIs such as HDS, ADS and EDS multi-dimensional LB will be gRPC only. This avoids having to map complicated bidirectional stream semantics onto REST. * Listeners will be immutable. Any updates to a listener via LDS will require the draining of existing connections for the specific bound IP/port. As a result, new requests will only be guaranteed to observe the new configuration after existing connections have drained or the drain timeout. * Versioning will be expressed via [proto3 package namespaces](https://developers.google.com/protocol-buffers/docs/proto3#packages), i.e. `package envoy.api.v2;`. * Custom components (e.g. filters, resolvers, loggers) will use a reverse DNS naming scheme, e.g. `com.google.widget`, `com.lyft.widget`. ## APIs Unless otherwise stated, the APIs with the same names as v1 APIs have a similar role. * [Cluster Discovery Service (CDS)](envoy/api/v2/cds.proto). * [Endpoint Discovery Service (EDS)](envoy/api/v2/eds.proto). This has the same role as SDS in the [v1 API](https://www.envoyproxy.io/docs/envoy/latest/api-v1/cluster_manager/sds), the new name better describes what the API does in practice. Advanced global load balancing capable of utilizing N-dimensional upstream metrics is now supported. * [Health Discovery Service (HDS)](envoy/service/discovery/v2/hds.proto). This new API supports efficient endpoint health discovery by the management server via the Envoy instances it manages. Individual Envoy instances will typically receive HDS instructions to health check a subset of all endpoints. The health check subset may not be a subset of the Envoy instance's EDS endpoints. * [Listener Discovery Service (LDS)](envoy/api/v2/lds.proto). This new API supports dynamic discovery of the listener configuration (which ports to bind to, TLS details, filter chains, etc.). * [Metric Service (MS)](envoy/service/metrics/v2/metrics_service.proto). This new API allows Envoy to push (stream) metrics forever for servers to consume. * [Rate Limit Service (RLS)](envoy/service/ratelimit/v2/rls.proto) * [Route Discovery Service (RDS)](envoy/api/v2/rds.proto). * [Secret Discovery Service (SDS)](envoy/service/discovery/v2/sds.proto). In addition to the above APIs, an aggregation API will be provided to allow for fine grained control over the sequencing of API updates across discovery services: * [Aggregated Discovery Service (ADS)](envoy/api/v2/discovery.proto). See the [ADS overview](https://www.envoyproxy.io/docs/envoy/latest/configuration/overview/v2_overview#aggregated-discovery-service). A protocol description for the xDS APIs is provided [here](https://www.envoyproxy.io/docs/envoy/latest/api-docs/xds_protocol). ## Terminology Some relevant [existing terminology](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/terminology.html) is repeated below and some new v2 terms introduced. * Cluster: A cluster is a group of logically similar endpoints that Envoy connects to. In v2, RDS routes points to clusters, CDS provides cluster configuration and Envoy discovers the cluster members via EDS. * Downstream: A downstream host connects to Envoy, sends requests, and receives responses. * Endpoint: An endpoint is an upstream host that is a member of one or more clusters. Endpoints are discovered via EDS. * Listener: A listener is a named network location (e.g., port, unix domain socket, etc.) that can be connected to by downstream clients. Envoy exposes one or more listeners that downstream hosts connect to. * Locality: A location where an Envoy instance or an endpoint runs. This includes region, zone and sub-zone identification. * Management server: A logical server implementing the v2 Envoy APIs. This is not necessarily a single physical machine since it may be replicated/sharded and API serving for different xDS APIs may be implemented on different physical machines. * Region: Geographic region where a zone is located. * Sub-zone: Location within a zone where an Envoy instance or an endpoint runs. This allows for multiple load balancing targets within a zone. * Upstream: An upstream host receives connections and requests from Envoy and returns responses. * xDS: CDS/EDS/HDS/LDS/RLS/RDS/SDS APIs. * Zone: Availability Zone (AZ) in AWS, Zone in GCP. ================================================ FILE: api/API_VERSIONING.md ================================================ # API versioning guidelines The Envoy project (and in the future [UDPA](https://github.com/cncf/udpa)) takes API stability and versioning seriously. Providing stable APIs is a necessary step in ensuring API adoption and success of the ecosystem. Below we articulate the API versioning guidelines that aim to deliver this stability. # API semantic versioning The Envoy APIs consist of a family of packages, e.g. `envoy.admin.v2alpha`, `envoy.service.trace.v2`. Each package is independently versioned with a protobuf semantic versioning scheme based on https://cloud.google.com/apis/design/versioning. The major version for a package is captured in its name (and directory structure). E.g. version 2 of the tracing API package is named `envoy.service.trace.v2` and its constituent protos are located in `api/envoy/service/trace/v2`. Every protobuf must live directly in a versioned package namespace, we do not allow subpackages such as `envoy.service.trace.v2.somethingelse`. Minor and patch versions will be implemented in the future, this effort is tracked in https://github.com/envoyproxy/envoy/issues/8416. In everyday discussion and GitHub labels, we refer to the `v2`, `v3`, `vN`, `...` APIs. This has a specific technical meaning. Any given message in the Envoy API, e.g. the `Bootstrap` at `envoy.config.bootstrap.v3.Boostrap`, will transitively reference a number of packages in the Envoy API. These may be at `vN`, `v(N-1)`, etc. The Envoy API is technically a DAG of versioned package namespaces. When we talk about the `vN xDS API`, we really refer to the `N` of the root configuration resources (e.g. bootstrap, xDS resources such as `Cluster`). The v3 API bootstrap configuration is `envoy.config.bootstrap.v3.Boostrap`, even though it might might transitively reference `envoy.service.trace.v2`. # Backwards compatibility In general, within a package's major API version, we do not allow any breaking changes. The guiding principle is that neither the wire format nor protobuf compiler generated language bindings should experience a backward compatible break on a change. Specifically: * Fields should not be renumbered or have their types changed. This is standard proto development procedure. * Renaming of fields or package namespaces for a proto must not occur. This is inherently dangerous, since: * Field renames break wire compatibility. This is stricter than standard proto development procedure in the sense that it does not break binary wire format. However, it **does** break loading of YAML/JSON into protos as well as text protos. Since we consider YAML/JSON to be first class inputs, we must not change field names. * For service definitions, the gRPC endpoint URL is inferred from package namespace, so this will break client/server communication. * For a message embedded in an `Any` object, the type URL, which the package namespace is a part of, may be used by Envoy or other API consuming code. Currently, this applies to the top-level resources embedded in `DiscoveryResponse` objects, e.g. `Cluster`, `Listener`, etc. * Consuming code will break and require source code changes to match the API changes. * Some other changes are considered breaking for Envoy APIs that are usually considered safe in terms of protobuf wire compatibility: * Upgrading a singleton field to a repeated, e.g. `uint32 foo = 1;` to `repeated uint32 foo = 1`. This changes the JSON wire representation and hence is considered a breaking change. * Wrapping an existing field with `oneof`. This has no protobuf or JSON/YAML wire implications, but is disruptive to various consuming stubs in languages such as Go, creating unnecessary churn. * Increasing the strictness of [protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) annotations. Exceptions may be granted for scenarios in which these stricter conditions model behavior already implied structurally or by documentation. The exception to the above policy is for API versions tagged `vNalpha`. Within an alpha major version, arbitrary breaking changes are allowed. Note that changes to default values for wrapped types, e.g. `google.protobuf.UInt32Value` are not governed by the above policy. Any management server requiring stability across Envoy API or implementations within a major version should set explicit values for these fields. # API lifecycle A new major version is a significant event in the xDS API ecosystem, inevitably requiring support from clients (Envoy, gRPC) and a large number of control planes, ranging from simple in-house custom management servers to xDS-as-a-service offerings run by vendors. The [xDS API shepherds](https://github.com/orgs/envoyproxy/teams/api-shepherds) will make the decision to add a new major version subject to the following constraints: * There exists sufficient technical debt in the xDS APIs in the existing supported major version to justify the cost burden for xDS client/server implementations. * At least one year has elapsed since the last major version was cut. * Consultation with the Envoy community (via Envoy community call, `#xds` channel on Slack), as well as gRPC OSS community (via reaching out to language maintainers) is made. This is not a veto process; the API shepherds retain the right to move forward with a new major API version after weighing this input with the first two considerations above. Following the release of a new major version, the API lifecycle follows a deprecation clock. Envoy will support at most three major versions of any API package at all times: * The current stable major version, e.g. v3. * The previous stable major version, e.g. v2. This is needed to ensure that we provide at least 1 year for a supported major version to sunset. By supporting two stable major versions simultaneously, this makes it easier to coordinate control plane and Envoy rollouts as well. This previous stable major version will be supported for exactly 1 year after the introduction of the new current stable major version, after which it will be removed from the Envoy implementation. * Optionally, the next experimental alpha major version, e.g. v4alpha. This is a release candidate for the next stable major version. This is only generated when the current stable major version requires a breaking change at the next cycle, e.g. a deprecation or field rename. This release candidate is mechanically generated via the [protoxform](https://github.com/envoyproxy/envoy/tree/master/tools/protoxform) tool from the current stable major version, making use of annotations such as `deprecated = true`. This is not a human editable artifact. An example of how this might play out is that at the end of December in 2020, if a v4 major version is justified, we might freeze `envoy.config.bootstrap.v4alpha` and this package would then become the current stable major version `envoy.config.bootstrap.v4`. The `envoy.config.bootstrap.v3` package will become the previous stable major version and support for `envoy.config.bootstrap.v2` will be dropped from the Envoy implementation. Note that some transitively referenced package, e.g. `envoy.config.filter.network.foo.v2` may remain at version 2 during this release, if no changes were made to the referenced package. If no major version is justified at this point, the decision to cut v4 might occur at some point in 2021 or beyond, however v2 support will still be removed at the end of 2020. The implication of this API lifecycle and clock is that any deprecated feature in the Envoy API will retain implementation support for at least 1-2 years. We are currently working on a strategy to introduce minor versions (https://github.com/envoyproxy/envoy/issues/8416). This will bump the xDS API minor version on every deprecation and field introduction/modification. This will provide an opportunity for the control plane to condition on client and major/minor API version support. Currently under discussion, but not finalized will be the sunsetting of Envoy client support for deprecated features after a year of support within a major version. Please post to https://github.com/envoyproxy/envoy/issues/8416 any thoughts around this. # New API features The Envoy APIs can be [safely extended](https://cloud.google.com/apis/design/compatibility) with new packages, messages, enums, fields and enum values, while maintaining [backwards compatibility](#backwards-compatibility). Additions to the API for a given package should normally only be made to the *current stable major version*. The rationale for this policy is that: * The feature is immediately available to Envoy users who consume the current stable major version. This would not be the case if the feature was placed in `vNalpha`. * `vNalpha` can be mechanically generated from `vN` without requiring developers to maintain the new feature in both locations. * We encourage Envoy users to move to the current stable major version from the previous one to consume new functionality. # When can an API change be made to a package's previous stable major version? As a pragmatic concession, we allow API feature additions to the previous stable major version for a single quarter following a major API version increment. Any changes to the previous stable major version must be manually reflected in a consistent manner in the current stable major version as well. # How to make a breaking change across major versions We maintain [backwards compatibility](#backwards-compatibility) within a major version but allow breaking changes across major versions. This enables API deprecations, cleanups, refactoring and reorganization. The Envoy APIs have a stylized workflow for achieving this. There are two prescribed methods, depending on whether the change is mechanical or manual. ## Mechanical breaking changes Field deprecations, renames, etc. are mechanical changes that are supported by the [protoxform](https://github.com/envoyproxy/envoy/tree/master/tools/protoxform) tool. These are guided by [annotations](STYLE.md#api-annotations). ## Manual breaking changes A manual breaking change is distinct from the mechanical changes such as field deprecation, since in general it requires new code and tests to be implemented in Envoy by hand. For example, if a developer wants to unify `HeaderMatcher` with `StringMatcher` in the route configuration, this is a likely candidate for this class of change. The following steps are required: 1. The new version of the feature, e.g. the `NewHeaderMatcher` message should be added, together with referencing fields, in the current stable major version for the route configuration proto. 2. The Envoy implementation should be changed to consume configuration from the fields added in (1). Translation code (and tests) should be written to map from the existing field and messages to (1). 3. The old message/enum/field/enum value should be annotated as deprecated. 4. At the next major version, `protoxform` will remove the deprecated version automatically. This make-before-break approach ensures that API major version releases are predictable and mechanical, and has the bulk of the Envoy code and test changes owned by feature developers, rather than the API owners. There will be no major `vN` initiative to address technical debt beyond that enabled by the above process. # Client features Not all clients will support all fields and features in a given major API version. In general, it is preferable to use Protobuf semantics to support this, for example: * Ignoring a field's contents is sufficient to indicate that the support is missing in a client. * Setting both deprecated and the new method for expressing a field if support for a range of clients is desired (where this does not involve huge overhead or gymnastics). This approach does not always work, for example: * A route matcher conjunct condition should not be ignored just because the client is missing the ability to implement the match; this might result in route policy bypass. * A client may expect the server to provide a response in a certain format or encoding, for example a JSON encoded `Struct`-in-`Any` representation of opaque extension configuration. For this purpose, we have [client features](https://www.envoyproxy.io/docs/envoy/latest/api/client_features). # One Definition Rule (ODR) To avoid maintaining more than two stable major versions of a package, and to cope with diamond dependency, we add a restriction on how packages may be referenced transitively; a package may have at most one version of another package in its transitive dependency set. This implies that some packages will have a major version bump during a release cycle simply to allow them to catch up to the current stable version of their dependencies. Some of this complexity and churn can be avoided by having strict rules on how packages may reference each other. Package organization and `BUILD` visibility constraints should be used restrictions to maintain a shallow depth in the dependency tree for any given package. # Minimizing the impact of churn In addition to stability, the API versioning policy has an explicit goal of minimizing the developer overhead for the Envoy community, other clients of the APIs (e.g. gRPC), management server vendors and the wider API tooling ecosystem. A certain amount of API churn between major versions is desirable to reduce technical debt and to support API evolution, but too much creates costs and barriers to upgrade. We consider deprecations to be *mandatory changes*. Any deprecation will be removed at the next stable API version. Other mechanical breaking changes are considered *discretionary*. These include changes such as field renames and are largely reflected in protobuf comments. The `protoxform` tool may decide to minimize API churn by deferring application of discretionary changes until a major version cycle where the respective message is undergoing a mandatory change. The Envoy API structure helps with minimizing churn between versions. Developers should architect and split packages such that high churn protos, e.g. HTTP connection manager, are isolated in packages and have a shallow reference hierarchy. ================================================ FILE: api/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "v2_protos", visibility = ["//visibility:public"], deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/api/v2/listener:pkg", "//envoy/api/v2/ratelimit:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/accesslog/v2:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/config/cluster/aggregate/v2alpha:pkg", "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/cluster/redis:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", "//envoy/config/filter/http/buffer/v2:pkg", "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/filter/http/compressor/v2:pkg", "//envoy/config/filter/http/cors/v2:pkg", "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/filter/http/dynamo/v2:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "//envoy/config/filter/http/grpc_web/v2:pkg", "//envoy/config/filter/http/gzip/v2:pkg", "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/filter/http/lua/v2:pkg", "//envoy/config/filter/http/on_demand/v2:pkg", "//envoy/config/filter/http/original_src/v2alpha1:pkg", "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/filter/http/router/v2:pkg", "//envoy/config/filter/http/squash/v2:pkg", "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/config/filter/http/transcoder/v2:pkg", "//envoy/config/filter/listener/http_inspector/v2:pkg", "//envoy/config/filter/listener/original_dst/v2:pkg", "//envoy/config/filter/listener/original_src/v2alpha1:pkg", "//envoy/config/filter/listener/proxy_protocol/v2:pkg", "//envoy/config/filter/listener/tls_inspector/v2:pkg", "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "//envoy/config/filter/network/direct_response/v2:pkg", "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/filter/network/echo/v2:pkg", "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", "//envoy/config/filter/network/sni_cluster/v2:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "//envoy/config/grpc_credential/v2alpha:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", "//envoy/config/ratelimit/v2:pkg", "//envoy/config/rbac/v2:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", "//envoy/config/retry/omit_host_metadata/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", "//envoy/config/retry/previous_priorities:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "//envoy/config/transport_socket/alts/v2alpha:pkg", "//envoy/config/transport_socket/raw_buffer/v2:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", "//envoy/data/cluster/v2alpha:pkg", "//envoy/data/core/v2alpha:pkg", "//envoy/data/dns/v2alpha:pkg", "//envoy/data/tap/v2alpha:pkg", "//envoy/service/accesslog/v2:pkg", "//envoy/service/auth/v2:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/event_reporting/v2alpha:pkg", "//envoy/service/load_stats/v2:pkg", "//envoy/service/metrics/v2:pkg", "//envoy/service/ratelimit/v2:pkg", "//envoy/service/status/v2:pkg", "//envoy/service/tap/v2alpha:pkg", "//envoy/service/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/metadata/v2:pkg", "//envoy/type/tracing/v2:pkg", ], ) proto_library( name = "v3_protos", visibility = ["//visibility:public"], deps = [ "//envoy/admin/v3:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/common/matcher/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", "//envoy/config/grpc_credential/v3:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v3:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/config/rbac/v3:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/config/tap/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/data/cluster/v3:pkg", "//envoy/data/core/v3:pkg", "//envoy/data/dns/v3:pkg", "//envoy/data/tap/v3:pkg", "//envoy/extensions/access_loggers/file/v3:pkg", "//envoy/extensions/access_loggers/grpc/v3:pkg", "//envoy/extensions/access_loggers/wasm/v3:pkg", "//envoy/extensions/clusters/aggregate/v3:pkg", "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/clusters/redis/v3:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "//envoy/extensions/common/tap/v3:pkg", "//envoy/extensions/compression/gzip/compressor/v3:pkg", "//envoy/extensions/compression/gzip/decompressor/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", "//envoy/extensions/filters/http/aws_lambda/v3:pkg", "//envoy/extensions/filters/http/aws_request_signing/v3:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg", "//envoy/extensions/filters/http/compressor/v3:pkg", "//envoy/extensions/filters/http/cors/v3:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", "//envoy/extensions/filters/http/decompressor/v3:pkg", "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/filters/http/dynamo/v3:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", "//envoy/extensions/filters/http/fault/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg", "//envoy/extensions/filters/http/grpc_stats/v3:pkg", "//envoy/extensions/filters/http/grpc_web/v3:pkg", "//envoy/extensions/filters/http/gzip/v3:pkg", "//envoy/extensions/filters/http/header_to_metadata/v3:pkg", "//envoy/extensions/filters/http/health_check/v3:pkg", "//envoy/extensions/filters/http/ip_tagging/v3:pkg", "//envoy/extensions/filters/http/jwt_authn/v3:pkg", "//envoy/extensions/filters/http/local_ratelimit/v3:pkg", "//envoy/extensions/filters/http/lua/v3:pkg", "//envoy/extensions/filters/http/oauth2/v3alpha:pkg", "//envoy/extensions/filters/http/on_demand/v3:pkg", "//envoy/extensions/filters/http/original_src/v3:pkg", "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", "//envoy/extensions/filters/listener/http_inspector/v3:pkg", "//envoy/extensions/filters/listener/original_dst/v3:pkg", "//envoy/extensions/filters/listener/original_src/v3:pkg", "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", "//envoy/extensions/filters/network/direct_response/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", "//envoy/extensions/filters/network/echo/v3:pkg", "//envoy/extensions/filters/network/ext_authz/v3:pkg", "//envoy/extensions/filters/network/http_connection_manager/v3:pkg", "//envoy/extensions/filters/network/kafka_broker/v3:pkg", "//envoy/extensions/filters/network/local_ratelimit/v3:pkg", "//envoy/extensions/filters/network/mongo_proxy/v3:pkg", "//envoy/extensions/filters/network/mysql_proxy/v3:pkg", "//envoy/extensions/filters/network/postgres_proxy/v3alpha:pkg", "//envoy/extensions/filters/network/ratelimit/v3:pkg", "//envoy/extensions/filters/network/rbac/v3:pkg", "//envoy/extensions/filters/network/redis_proxy/v3:pkg", "//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg", "//envoy/extensions/filters/network/sni_cluster/v3:pkg", "//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg", "//envoy/extensions/filters/network/tcp_proxy/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/v3:pkg", "//envoy/extensions/filters/network/wasm/v3:pkg", "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "//envoy/extensions/filters/udp/udp_proxy/v3:pkg", "//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg", "//envoy/extensions/internal_redirect/previous_routes/v3:pkg", "//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg", "//envoy/extensions/network/socket_interface/v3:pkg", "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", "//envoy/extensions/stat_sinks/wasm/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg", "//envoy/extensions/transport_sockets/quic/v3:pkg", "//envoy/extensions/transport_sockets/raw_buffer/v3:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/extensions/upstreams/http/generic/v3:pkg", "//envoy/extensions/upstreams/http/http/v3:pkg", "//envoy/extensions/upstreams/http/tcp/v3:pkg", "//envoy/extensions/wasm/v3:pkg", "//envoy/extensions/watchdog/abort_action/v3alpha:pkg", "//envoy/extensions/watchdog/profile_action/v3alpha:pkg", "//envoy/service/accesslog/v3:pkg", "//envoy/service/auth/v3:pkg", "//envoy/service/cluster/v3:pkg", "//envoy/service/discovery/v3:pkg", "//envoy/service/endpoint/v3:pkg", "//envoy/service/event_reporting/v3:pkg", "//envoy/service/extension/v3:pkg", "//envoy/service/health/v3:pkg", "//envoy/service/listener/v3:pkg", "//envoy/service/load_stats/v3:pkg", "//envoy/service/metrics/v3:pkg", "//envoy/service/ratelimit/v3:pkg", "//envoy/service/route/v3:pkg", "//envoy/service/runtime/v3:pkg", "//envoy/service/secret/v3:pkg", "//envoy/service/status/v3:pkg", "//envoy/service/tap/v3:pkg", "//envoy/service/trace/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", ], ) proto_library( name = "all_protos", visibility = ["//visibility:public"], deps = [ ":v2_protos", ":v3_protos", ], ) ================================================ FILE: api/CONTRIBUTING.md ================================================ # Contributing guide ## API changes All API changes should follow the [style guide](STYLE.md). API changes are regular PRs in https://github.com/envoyproxy/envoy for the API/configuration changes. They may be as part of a larger implementation PR. Please follow the standard Bazel and CI process for validating build/test sanity of `api/` before submitting a PR. *Note: New .proto files should be added to [BUILD](https://github.com/envoyproxy/envoy/blob/master/api/versioning/BUILD) in order to get the RSTs generated.* ## Documentation changes The Envoy project takes documentation seriously. We view it as one of the reasons the project has seen rapid adoption. As such, it is required that all features have complete documentation. This is generally going to be a combination of API documentation as well as architecture/overview documentation. ### Building documentation locally The documentation can be built locally in the root of https://github.com/envoyproxy/envoy via: ``` docs/build.sh ``` To skip configuration examples validation: ``` SPHINX_SKIP_CONFIG_VALIDATION=true docs/build.sh ``` Or to use a hermetic Docker container: ``` ./ci/run_envoy_docker.sh './ci/do_ci.sh docs' ``` This process builds RST documentation directly from the proto files, merges it with the static RST files, and then runs [Sphinx](https://www.sphinx-doc.org/en/stable/rest.html) over the entire tree to produce the final documentation. The generated RST files are not committed as they are regenerated every time the documentation is built. ### Viewing documentation Once the documentation is built, it is available rooted at `generated/docs/index.html`. The generated RST files are also viewable in `generated/rst`. Note also that the generated documentation can be viewed in CI: 1. Open docs job in CircleCI. 2. Navigate to "artifacts" tab. 3. Expand files and click on `index.html`. If you do not see an artifacts tab this is a bug in CircleCI. Try logging out and logging back in. ### Documentation guidelines The following are some general guidelines around documentation. * Cross link as much as possible. Sphinx is fantastic at this. Use it! See ample examples with the existing documentation as a guide. * Please use a **single space** after a period in documentation so that all generated text is consistent. * Comments can be left inside comments if needed (that's pretty deep, right?) via the `[#comment:]` special tag. E.g., ``` // This is a really cool field! // [#comment:TODO(mattklein123): Do something cooler] string foo_field = 3; ``` * Prefer *italics* for emphasis as `backtick` emphasis is somewhat jarring in our Sphinx theme. * All documentation is expected to use proper English grammar with proper punctuation. If you are not a fluent English speaker please let us know and we will help out. ================================================ FILE: api/README.md ================================================ # Data plane API This tree hosts the configuration and APIs that drive [Envoy](https://www.envoyproxy.io/). The APIs are also in some cases used by other proxy solutions that aim to interoperate with management systems and configuration generators that are built against this standard. Thus, we consider these a set of *universal data plane* APIs. See [this](https://medium.com/@mattklein123/the-universal-data-plane-api-d15cec7a) blog post for more information on the universal data plane concept. # Repository structure The API tree can be found at two locations: * https://github.com/envoyproxy/envoy/tree/master/api - canonical read/write home for the APIs. * https://github.com/envoyproxy/data-plane-api - read-only mirror of https://github.com/envoyproxy/envoy/tree/master/api, providing the ability to consume the data plane APIs without the Envoy implementation. # Further API reading * [API overview for developers](API_OVERVIEW.md) * [API overview for users](https://www.envoyproxy.io/docs/envoy/latest/configuration/overview/v2_overview#) * [xDS protocol overview](https://www.envoyproxy.io/docs/envoy/latest/api-docs/xds_protocol) * [Contributing guide](CONTRIBUTING.md) ================================================ FILE: api/STYLE.md ================================================ # API style guidelines Generally follow guidance at https://cloud.google.com/apis/design/, in particular for proto3 as described at: * https://cloud.google.com/apis/design/proto3 * https://cloud.google.com/apis/design/naming_convention * https://developers.google.com/protocol-buffers/docs/style A key aspect of our API style is maintaining stability by following the [API versioning guidelines](API_VERSIONING.md). All developers must familiarize themselves with these guidelines, any PR which makes breaking changes to the API will not be merged. In addition, the following conventions should be followed: * Every proto directory should have a `README.md` describing its content. See for example [envoy.service](envoy/service/README.md). * The data plane APIs are primarily intended for machine generation and consumption. It is expected that the management server is responsible for mapping higher level configuration concepts to concrete API concepts. Similarly, static configuration fragments may be generated by tools and UIs, etc. The APIs and tools used to generate xDS configuration are beyond the scope of the definitions in this repository. * Use [wrapped scalar types](https://github.com/google/protobuf/blob/master/src/google/protobuf/wrappers.proto) where there is a real need for the field to have a default value that does not match the proto3 defaults (0/false/""). This should not be done for fields where the proto3 defaults make sense. All things being equal, pick appropriate logic, e.g. enable vs. disable for a `bool` field, such that the proto3 defaults work, but only where this doesn't result in API gymnastics. * Use a `[#not-implemented-hide:]` `protodoc` annotation in comments for fields that lack Envoy implementation. These indicate that the entity is not implemented in Envoy and the entity should be hidden from the Envoy documentation. * Always use plural field names for `repeated` fields, such as `filters`. * Due to the fact that we consider JSON/YAML to be first class inputs, we cannot easily change a a singular field to a repeated field (both due to JSON/YAML array structural differences as well as singular vs. plural field naming). If there is a reasonable expectation that a field may need to be repeated in the future, but we don't need it to be repeated right away, consider making it repeated now but using constraints to enforce a maximum repeated size of 1. E.g.: ```proto repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1, max_items: 1}]; ``` * Always use upper camel case names for message types and enum types without embedded acronyms, such as `HttpRequest`. * Prefer `oneof` selections to boolean overloads of fields, for example, prefer: ```proto oneof path_specifier { string simple_path = 1; string regex_path = 2; } ``` to ```proto string path = 1; bool path_is_regex = 2; ``` This is more efficient, extendable and self-describing. * The API includes two types for representing [percents](envoy/type/percent.proto). `Percent` is effectively a double value in the range 0.0-100.0. `FractionalPercent` is an integral fraction that can be used to create a truncated percentage also in the range 0.0-100.0. In high performance paths, `FractionalPercent` is preferred as randomness calculations can be performed using integral modulo and comparison operations only without any floating point conversions. Typically, most users do not need infinite precision in these paths. * For enum types, if one of the enum values is used for most cases, make it the first enum value with `0` numeric value. Otherwise, define the first enum value like `TYPE_NAME_UNSPECIFIED = 0`, and treat it as an error. This design pattern forces developers to explicitly choose the correct enum value for their use case, and avoid misunderstanding of the default behavior. * Proto fields should be sorted logically, not by field number. ## Package organization API definitions are layered hierarchically in packages from top-to-bottom as following: - `envoy.extensions` contains all definitions for the extensions, the package should match the structure of the `source` directory. - `envoy.service` contains gRPC definitions of supporting services and top-level messages for the services. e.g. `envoy.service.route.v3` contains RDS, `envoy.service.listener.v3` contains LDS. - `envoy.config` contains other definitions for service configuration, bootstrap and some legacy core types. - `envoy.data` contains data format declaration for data types that Envoy produces. - `envoy.type` contains common protobuf types such as percent, range and matchers. Extensions should use the regular hierarchy. For example, configuration for network filters belongs in a package under `envoy.extensions.filter.network`. ## Adding an extension configuration to the API Extensions must currently be added as v3 APIs following the [package organization](#package-organization) above. To add an extension config to the API, the steps below should be followed: 1. If this is still WiP and subject to breaking changes, use `vNalpha` instead of `vN` in steps below. Refer to the [Cache filter config](envoy/extensions/filter/http/cache/v3alpha/cache.proto) as an example of `v3alpha`, and the [Buffer filter config](envoy/extensions/filter/http/buffer/v3/buffer.proto) as an example of `v3`. 1. Place the v3 extension configuration `.proto` in `api/envoy/extensions`, e.g. `api/envoy/extensions/filter/http/foobar/v3/foobar.proto` together with an initial BUILD file: ```bazel load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ``` 1. Add to the v3 extension config proto `import "udpa/annotations/migrate.proto";` and `import "udpa/annotations/status.proto";` 1. If this is still WiP and subject to breaking changes, set `option (udpa.annotations.file_status).work_in_progress = true;`. 1. Add to the v3 extension config proto a file level `option (udpa.annotations.file_status).package_version_status = ACTIVE;`. This is required to automatically include the config proto in [api/versioning/BUILD](versioning/BUILD). 1. Add a reference to the v3 extension config in (1) in [api/versioning/BUILD](versioning/BUILD) under `active_protos`. 1. Run `./tools/proto_format/proto_format.sh fix`. This should regenerate the `BUILD` file, reformat `foobar.proto` as needed and also generate the v4alpha extension config (if needed), together with shadow API protos. 1. `git add api/ generated_api_shadow/` to add any new files to your Git index. ## API annotations A number of annotations are used in the Envoy APIs to provide additional API metadata. We describe these annotations below by category. ### Field level * `[deprecated = true]` to denote fields that are deprecated in a major version. These fields are slated for removal at the next major cycle and follow the [breaking change policy](../CONTRIBUTING.md#breaking-change-policy). * `[envoy.annotations.disallowed_by_default = true]` to denote fields that have been disallowed by default as per the [breaking change policy](../CONTRIBUTING.md#breaking-change-policy). * `[(udpa.annotations.field_migrate).rename = ""]` to denote that the field will be renamed to a given name in the next API major version. * `[(udpa.annotations.field_migrate).oneof_promotion = ""]` to denote that the field will be promoted to a given `oneof` in the next API major version. * `[(udpa.annotations.sensitive) = true]` to denote sensitive fields that should be redacted in output such as logging or configuration dumps. * [PGV annotations](https://github.com/envoyproxy/protoc-gen-validate) to denote field value constraints. ### Enum value level * `[(udpa.annotations.enum_value_migrate).rename = "new enum value name"]` to denote that the enum value will be renamed to a given name in the next API major version. ### Message level * `option (udpa.annotations.versioning).previous_message_type = "";` to denote the previous type name for an upgraded message. You should never have to write these manually, they are generated by `protoxform`. ### Service level * `option (envoy.annotations.resource).type = "";` to denote the resource type for an xDS service definition. ### File level * `option (udpa.annotations.file_migrate).move_to_package = "";` to denote that in the next major version of the API, the file will be moved to the given package. This is consumed by `protoxform`. * `option (udpa.annotations.file_status).work_in_progress = true;` to denote a file that is still work-in-progress and subject to breaking changes. ================================================ FILE: api/bazel/BUILD ================================================ load("@io_bazel_rules_go//proto:compiler.bzl", "go_proto_compiler") licenses(["notice"]) # Apache 2 go_proto_compiler( name = "pgv_plugin_go", options = ["lang=go"], plugin = "@com_envoyproxy_protoc_gen_validate//:protoc-gen-validate", suffix = ".pb.validate.go", valid_archive = False, visibility = ["//visibility:public"], ) ================================================ FILE: api/bazel/api_build_system.bzl ================================================ load("@rules_cc//cc:defs.bzl", "cc_test") load("@com_envoyproxy_protoc_gen_validate//bazel:pgv_proto_library.bzl", "pgv_cc_proto_library") load("@com_github_grpc_grpc//bazel:cc_grpc_library.bzl", "cc_grpc_library") load("@com_google_protobuf//:protobuf.bzl", _py_proto_library = "py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") load("@io_bazel_rules_go//go:def.bzl", "go_test") load("@rules_proto//proto:defs.bzl", "proto_library") load( "//bazel:external_proto_deps.bzl", "EXTERNAL_PROTO_CC_BAZEL_DEP_MAP", "EXTERNAL_PROTO_GO_BAZEL_DEP_MAP", "EXTERNAL_PROTO_PY_BAZEL_DEP_MAP", ) _PY_PROTO_SUFFIX = "_py_proto" _CC_PROTO_SUFFIX = "_cc_proto" _CC_GRPC_SUFFIX = "_cc_grpc" _GO_PROTO_SUFFIX = "_go_proto" _GO_IMPORTPATH_PREFIX = "github.com/envoyproxy/go-control-plane/" _COMMON_PROTO_DEPS = [ "@com_google_protobuf//:any_proto", "@com_google_protobuf//:descriptor_proto", "@com_google_protobuf//:duration_proto", "@com_google_protobuf//:empty_proto", "@com_google_protobuf//:struct_proto", "@com_google_protobuf//:timestamp_proto", "@com_google_protobuf//:wrappers_proto", "@com_google_googleapis//google/api:http_proto", "@com_google_googleapis//google/api:httpbody_proto", "@com_google_googleapis//google/api:annotations_proto", "@com_google_googleapis//google/rpc:status_proto", "@com_envoyproxy_protoc_gen_validate//validate:validate_proto", ] def _proto_mapping(dep, proto_dep_map, proto_suffix): mapped = proto_dep_map.get(dep) if mapped == None: prefix = "@" + Label(dep).workspace_name if not dep.startswith("//") else "" return prefix + "//" + Label(dep).package + ":" + Label(dep).name + proto_suffix return mapped def _go_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_GO_BAZEL_DEP_MAP, _GO_PROTO_SUFFIX) def _cc_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_CC_BAZEL_DEP_MAP, _CC_PROTO_SUFFIX) def _py_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_PY_BAZEL_DEP_MAP, _PY_PROTO_SUFFIX) # TODO(htuch): Convert this to native py_proto_library once # https://github.com/bazelbuild/bazel/issues/3935 and/or # https://github.com/bazelbuild/bazel/issues/2626 are resolved. def _api_py_proto_library(name, srcs = [], deps = []): _py_proto_library( name = name + _PY_PROTO_SUFFIX, srcs = srcs, default_runtime = "@com_google_protobuf//:protobuf_python", protoc = "@com_google_protobuf//:protoc", deps = [_py_proto_mapping(dep) for dep in deps] + [ "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_google_googleapis//google/rpc:status_py_proto", "@com_google_googleapis//google/api:annotations_py_proto", "@com_google_googleapis//google/api:http_py_proto", "@com_google_googleapis//google/api:httpbody_py_proto", ], visibility = ["//visibility:public"], ) # This defines googleapis py_proto_library. The repository does not provide its definition and requires # overriding it in the consuming project (see https://github.com/grpc/grpc/issues/19255 for more details). def py_proto_library(name, deps = [], plugin = None): srcs = [dep[:-6] + ".proto" if dep.endswith("_proto") else dep for dep in deps] proto_deps = [] # py_proto_library in googleapis specifies *_proto rules in dependencies. # By rewriting *_proto to *.proto above, the dependencies in *_proto rules are not preserved. # As a workaround, manually specify the proto dependencies for the imported python rules. if name == "annotations_py_proto": proto_deps = proto_deps + [":http_py_proto"] # checked.proto depends on syntax.proto, we have to add this dependency manually as well. if name == "checked_py_proto": proto_deps = proto_deps + [":syntax_py_proto"] # py_proto_library does not support plugin as an argument yet at gRPC v1.25.0: # https://github.com/grpc/grpc/blob/v1.25.0/bazel/python_rules.bzl#L72. # plugin should also be passed in here when gRPC version is greater than v1.25.x. _py_proto_library( name = name, srcs = srcs, default_runtime = "@com_google_protobuf//:protobuf_python", protoc = "@com_google_protobuf//:protoc", deps = proto_deps + ["@com_google_protobuf//:protobuf_python"], visibility = ["//visibility:public"], ) def _api_cc_grpc_library(name, proto, deps = []): cc_grpc_library( name = name, srcs = [proto], deps = deps, proto_only = False, grpc_only = True, visibility = ["//visibility:public"], ) def api_cc_py_proto_library( name, visibility = ["//visibility:private"], srcs = [], deps = [], linkstatic = 0, has_services = 0): relative_name = ":" + name proto_library( name = name, srcs = srcs, deps = deps + _COMMON_PROTO_DEPS, visibility = visibility, ) cc_proto_library_name = name + _CC_PROTO_SUFFIX pgv_cc_proto_library( name = cc_proto_library_name, linkstatic = linkstatic, cc_deps = [_cc_proto_mapping(dep) for dep in deps] + [ "@com_google_googleapis//google/api:http_cc_proto", "@com_google_googleapis//google/api:httpbody_cc_proto", "@com_google_googleapis//google/api:annotations_cc_proto", "@com_google_googleapis//google/rpc:status_cc_proto", ], deps = [relative_name], visibility = ["//visibility:public"], ) _api_py_proto_library(name, srcs, deps) # Optionally define gRPC services if has_services: # TODO: when Python services are required, add to the below stub generations. cc_grpc_name = name + _CC_GRPC_SUFFIX cc_proto_deps = [cc_proto_library_name] + [_cc_proto_mapping(dep) for dep in deps] _api_cc_grpc_library(name = cc_grpc_name, proto = relative_name, deps = cc_proto_deps) def api_cc_test(name, **kwargs): cc_test( name = name, **kwargs ) def api_go_test(name, **kwargs): go_test( name = name, **kwargs ) def api_proto_package( name = "pkg", srcs = [], deps = [], has_services = False, visibility = ["//visibility:public"]): if srcs == []: srcs = native.glob(["*.proto"]) name = "pkg" api_cc_py_proto_library( name = name, visibility = visibility, srcs = srcs, deps = deps, has_services = has_services, ) compilers = ["@io_bazel_rules_go//proto:go_proto", "@envoy_api//bazel:pgv_plugin_go"] if has_services: compilers = ["@io_bazel_rules_go//proto:go_grpc", "@envoy_api//bazel:pgv_plugin_go"] # Because RBAC proro depends on googleapis syntax.proto and checked.proto, # which share the same go proto library, it causes duplicative dependencies. # Thus, we use depset().to_list() to remove duplicated depenencies. go_proto_library( name = name + _GO_PROTO_SUFFIX, compilers = compilers, importpath = _GO_IMPORTPATH_PREFIX + native.package_name(), proto = name, visibility = ["//visibility:public"], deps = depset([_go_proto_mapping(dep) for dep in deps] + [ "@com_github_golang_protobuf//ptypes:go_default_library", "@com_github_golang_protobuf//ptypes/any:go_default_library", "@com_github_golang_protobuf//ptypes/duration:go_default_library", "@com_github_golang_protobuf//ptypes/struct:go_default_library", "@com_github_golang_protobuf//ptypes/timestamp:go_default_library", "@com_github_golang_protobuf//ptypes/wrappers:go_default_library", "@com_envoyproxy_protoc_gen_validate//validate:go_default_library", "@com_google_googleapis//google/api:annotations_go_proto", "@com_google_googleapis//google/rpc:status_go_proto", ]).to_list(), ) ================================================ FILE: api/bazel/envoy_http_archive.bzl ================================================ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") def envoy_http_archive(name, locations, **kwargs): # `existing_rule_keys` contains the names of repositories that have already # been defined in the Bazel workspace. By skipping repos with existing keys, # users can override dependency versions by using standard Bazel repository # rules in their WORKSPACE files. existing_rule_keys = native.existing_rules().keys() if name in existing_rule_keys: # This repository has already been defined, probably because the user # wants to override the version. Do nothing. return loc_key = kwargs.pop("repository_key", name) location = locations[loc_key] # HTTP tarball at a given URL. Add a BUILD file if requested. http_archive( name = name, urls = location["urls"], sha256 = location["sha256"], strip_prefix = location.get("strip_prefix", ""), **kwargs ) ================================================ FILE: api/bazel/external_proto_deps.bzl ================================================ # Any external dependency imported in the api/ .protos requires entries in # the maps below, to allow the Bazel proto and language specific bindings to be # inferred from the import directives. # # This file needs to be interpreted as both Python 3 and Starlark, so only the # common subset of Python should be used. # This maps from .proto import directive path to the Bazel dependency path for # external dependencies. Since BUILD files are generated, this is the canonical # place to define this mapping. EXTERNAL_PROTO_IMPORT_BAZEL_DEP_MAP = { "google/api/expr/v1alpha1/checked.proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "google/api/expr/v1alpha1/syntax.proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", "metrics.proto": "@prometheus_metrics_model//:client_model", "opencensus/proto/trace/v1/trace.proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", "opencensus/proto/trace/v1/trace_config.proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", } # This maps from the Bazel proto_library target to the Go language binding target for external dependencies. EXTERNAL_PROTO_GO_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:expr_go_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:expr_go_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_go", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_and_config_proto_go", } # This maps from the Bazel proto_library target to the C++ language binding target for external dependencies. EXTERNAL_PROTO_CC_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_cc_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_cc_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_cc", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto_cc", } # This maps from the Bazel proto_library target to the Python language binding target for external dependencies. EXTERNAL_PROTO_PY_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_py_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_py_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_py", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto_py", } ================================================ FILE: api/bazel/repositories.bzl ================================================ load(":envoy_http_archive.bzl", "envoy_http_archive") load(":repository_locations.bzl", "REPOSITORY_LOCATIONS") def api_dependencies(): envoy_http_archive( "bazel_skylib", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( "com_envoyproxy_protoc_gen_validate", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_google_googleapis", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_github_cncf_udpa", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "prometheus_metrics_model", locations = REPOSITORY_LOCATIONS, build_file_content = PROMETHEUSMETRICS_BUILD_CONTENT, ) envoy_http_archive( name = "opencensus_proto", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "rules_proto", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_github_openzipkin_zipkinapi", locations = REPOSITORY_LOCATIONS, build_file_content = ZIPKINAPI_BUILD_CONTENT, ) PROMETHEUSMETRICS_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "client_model", srcs = [ "metrics.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "client_model_go_proto", importpath = "github.com/prometheus/client_model/go", proto = ":client_model", visibility = ["//visibility:public"], ) """ OPENCENSUSTRACE_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "trace_model", srcs = [ "trace.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "trace_model_go_proto", importpath = "trace_model", proto = ":trace_model", visibility = ["//visibility:public"], ) """ ZIPKINAPI_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "zipkin", srcs = [ "zipkin-jsonv2.proto", "zipkin.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "zipkin_go_proto", proto = ":zipkin", visibility = ["//visibility:public"], ) """ ================================================ FILE: api/bazel/repository_locations.bzl ================================================ DEPENDENCY_REPOSITORIES_SPEC = dict( bazel_skylib = dict( project_name = "bazel-skylib", project_desc = "Common useful functions and rules for Bazel", project_url = "https://github.com/bazelbuild/bazel-skylib", version = "1.0.3", sha256 = "1c531376ac7e5a180e0237938a2536de0c54d93f5c278634818e0efc952dd56c", urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], last_updated = "2020-08-27", use_category = ["api"], ), com_envoyproxy_protoc_gen_validate = dict( project_name = "protoc-gen-validate (PGV)", project_desc = "protoc plugin to generate polyglot message validators", project_url = "https://github.com/envoyproxy/protoc-gen-validate", version = "278964a8052f96a2f514add0298098f63fb7f47f", sha256 = "e368733c9fb7f8489591ffaf269170d7658cc0cd1ee322b601512b769446d3c8", strip_prefix = "protoc-gen-validate-{version}", urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/{version}.tar.gz"], last_updated = "2020-06-09", use_category = ["api"], ), com_github_cncf_udpa = dict( project_name = "Universal Data Plane API", project_desc = "Universal Data Plane API Working Group (UDPA-WG)", project_url = "https://github.com/cncf/udpa", version = "0.0.1", sha256 = "83a7dcc316d741031f34c0409021432b74a39c4811845a177133f02f948fe2d8", strip_prefix = "udpa-{version}", urls = ["https://github.com/cncf/udpa/archive/v{version}.tar.gz"], last_updated = "2020-09-23", use_category = ["api"], ), com_github_openzipkin_zipkinapi = dict( project_name = "Zipkin API", project_desc = "Zipkin's language independent model and HTTP Api Definitions", project_url = "https://github.com/openzipkin/zipkin-api", version = "0.2.2", sha256 = "688c4fe170821dd589f36ec45aaadc03a618a40283bc1f97da8fa11686fc816b", strip_prefix = "zipkin-api-{version}", urls = ["https://github.com/openzipkin/zipkin-api/archive/{version}.tar.gz"], last_updated = "2020-09-23", use_category = ["api"], ), com_google_googleapis = dict( # TODO(dio): Consider writing a Starlark macro for importing Google API proto. project_name = "Google APIs", project_desc = "Public interface definitions of Google APIs", project_url = "https://github.com/googleapis/googleapis", version = "82944da21578a53b74e547774cf62ed31a05b841", sha256 = "a45019af4d3290f02eaeb1ce10990166978c807cb33a9692141a076ba46d1405", strip_prefix = "googleapis-{version}", urls = ["https://github.com/googleapis/googleapis/archive/{version}.tar.gz"], last_updated = "2019-12-02", use_category = ["api"], ), opencensus_proto = dict( project_name = "OpenCensus Proto", project_desc = "Language Independent Interface Types For OpenCensus", project_url = "https://github.com/census-instrumentation/opencensus-proto", version = "0.3.0", sha256 = "b7e13f0b4259e80c3070b583c2f39e53153085a6918718b1c710caf7037572b0", strip_prefix = "opencensus-proto-{version}/src", urls = ["https://github.com/census-instrumentation/opencensus-proto/archive/v{version}.tar.gz"], last_updated = "2020-06-20", use_category = ["api"], ), prometheus_metrics_model = dict( project_name = "Prometheus client model", project_desc = "Data model artifacts for Prometheus", project_url = "https://github.com/prometheus/client_model", version = "60555c9708c786597e6b07bf846d0dc5c2a46f54", sha256 = "6748b42f6879ad4d045c71019d2512c94be3dd86f60965e9e31e44a3f464323e", strip_prefix = "client_model-{version}", urls = ["https://github.com/prometheus/client_model/archive/{version}.tar.gz"], last_updated = "2020-06-23", use_category = ["api"], ), rules_proto = dict( project_name = "Protobuf Rules for Bazel", project_desc = "Protocol buffer rules for Bazel", project_url = "https://github.com/bazelbuild/rules_proto", version = "40298556293ae502c66579620a7ce867d5f57311", sha256 = "aa1ee19226f707d44bee44c720915199c20c84a23318bb0597ed4e5c873ccbd5", strip_prefix = "rules_proto-{version}", urls = ["https://github.com/bazelbuild/rules_proto/archive/{version}.tar.gz"], last_updated = "2020-08-17", use_category = ["api"], ), ) def _format_version(s, version): return s.format(version = version, dash_version = version.replace(".", "-"), underscore_version = version.replace(".", "_")) # Interpolate {version} in the above dependency specs. This code should be capable of running in both Python # and Starlark. def _dependency_repositories(): locations = {} for key, location in DEPENDENCY_REPOSITORIES_SPEC.items(): mutable_location = dict(location) locations[key] = mutable_location # Fixup with version information. if "version" in location: if "strip_prefix" in location: mutable_location["strip_prefix"] = _format_version(location["strip_prefix"], location["version"]) mutable_location["urls"] = [_format_version(url, location["version"]) for url in location["urls"]] return locations REPOSITORY_LOCATIONS = _dependency_repositories() ================================================ FILE: api/envoy/admin/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/service/tap/v2alpha:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/admin/v2alpha/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 7] message CertificateDetails { // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; } message SubjectAlternateName { // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: api/envoy/admin/v2alpha/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/admin/v2alpha/metrics.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/type/percent.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 6] message ClusterStatus { // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.Percent local_origin_success_rate_ejection_threshold = 5; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { // Address of this host. api.v2.core.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.Percent local_origin_success_rate = 8; // locality of the host. api.v2.core.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] api.v2.core.HealthStatus eds_health_status = 3; } ================================================ FILE: api/envoy/admin/v2alpha/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/config/bootstrap/v2/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { config.bootstrap.v2.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { // Describes a statically loaded listener. message StaticListener { // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { // Describes a statically loaded cluster. message StaticCluster { // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { message StaticRouteConfig { // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { message InlineScopedRouteConfigs { // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } ================================================ FILE: api/envoy/admin/v2alpha/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/api/v2/core/address.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. api.v2.core.Address local_address = 2; } ================================================ FILE: api/envoy/admin/v2alpha/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: api/envoy/admin/v2alpha/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: api/envoy/admin/v2alpha/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: api/envoy/admin/v2alpha/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 7] message ServerInfo { enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; } // [#next-free-field: 29] message CommandLineOptions { enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } reserved 12; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // max_stats and max_obj_name_len are now unused and have no effect. uint64 max_stats = 20 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; uint64 max_obj_name_len = 21 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; } ================================================ FILE: api/envoy/admin/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/service/tap/v2alpha/common.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_bytes: 1}]; // The tap configuration to load. service.tap.v2alpha.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/admin/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/annotations:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/tap/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/admin/v3/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificates"; // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificate"; // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 8] message CertificateDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.CertificateDetails"; message OcspDetails { // Indicates the time from which the OCSP response is valid. google.protobuf.Timestamp valid_from = 1; // Indicates the time at which the OCSP response expires. google.protobuf.Timestamp expiration = 2; } // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; // Details related to the OCSP response associated with this certificate, if any. OcspDetails ocsp_details = 7; } message SubjectAlternateName { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SubjectAlternateName"; // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: api/envoy/admin/v3/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/admin/v3/metrics.proto"; import "envoy/config/cluster/v3/circuit_breaker.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/type/v3/percent.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Clusters"; // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 7] message ClusterStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClusterStatus"; // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent local_origin_success_rate_ejection_threshold = 5; // :ref:`Circuit breaking ` settings of the cluster. config.cluster.v3.CircuitBreakers circuit_breakers = 6; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.HostStatus"; // Address of this host. config.core.v3.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent local_origin_success_rate = 8; // locality of the host. config.core.v3.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.HostHealthStatus"; // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] config.core.v3.HealthStatus eds_health_status = 3; } ================================================ FILE: api/envoy/admin/v3/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/bootstrap/v3/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ConfigDump"; // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *endpoints*: :ref:`EndpointsConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // EDS Configuration will only be dumped by using parameter `?include_eds` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.UpdateFailureState"; // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.BootstrapConfigDump"; config.bootstrap.v3.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump"; // Describes a statically loaded listener. message StaticListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.StaticListener"; // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.DynamicListenerState"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.DynamicListener"; // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump"; // Describes a statically loaded cluster. message StaticCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump.StaticCluster"; // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump.DynamicCluster"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump"; message StaticRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump.StaticRouteConfig"; // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump.DynamicRouteConfig"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump"; message InlineScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump.InlineScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump.DynamicScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump"; // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump.DynamicSecret"; // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump.StaticSecret"; // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } // Envoy's admin fill this message with all currently known endpoints. Endpoint // configuration information can be used to recreate an Envoy configuration by populating all // endpoints as static endpoints or by returning them in an EDS response. message EndpointsConfigDump { message StaticEndpointConfig { // The endpoint config. google.protobuf.Any endpoint_config = 1; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicEndpointConfig { // [#not-implemented-hide:] This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the endpoint configuration was loaded. string version_info = 1; // The endpoint config. google.protobuf.Any endpoint_config = 2; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded endpoint configs. repeated StaticEndpointConfig static_endpoint_configs = 2; // The dynamically loaded endpoint configs. repeated DynamicEndpointConfig dynamic_endpoint_configs = 3; } ================================================ FILE: api/envoy/admin/v3/init_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "InitDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: InitDump] // Dumps of unready targets of envoy init managers. Envoy's admin fills this message with init managers, // which provides the information of their unready targets. // The :ref:`/init_dump ` will dump all unready targets information. message UnreadyTargetsDumps { // Message of unready targets information of an init manager. message UnreadyTargetsDump { // Name of the init manager. Example: "init_manager_xxx". string name = 1; // Names of unready targets of the init manager. Example: "target_xxx". repeated string target_names = 2; } // You can choose specific component to dump unready targets with mask query parameter. // See :ref:`/init_dump?mask={} ` for more information. // The dumps of unready targets of all init managers. repeated UnreadyTargetsDump unready_targets_dumps = 1; } ================================================ FILE: api/envoy/admin/v3/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/core/v3/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Listeners"; // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenerStatus"; // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. config.core.v3.Address local_address = 2; } ================================================ FILE: api/envoy/admin/v3/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Memory"; // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: api/envoy/admin/v3/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SimpleMetric"; enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: api/envoy/admin/v3/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.MutexStats"; // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: api/envoy/admin/v3/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 8] message ServerInfo { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ServerInfo"; enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; // Populated node identity of this server. config.core.v3.Node node = 7; } // [#next-free-field: 37] message CommandLineOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.CommandLineOptions"; enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } enum DrainStrategy { // Gradually discourage connections over the course of the drain period. Gradual = 0; // Discourage all connections for the duration of the drain sequence. Immediate = 1; } reserved 12, 20, 21; reserved "max_stats", "max_obj_name_len"; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--use-dynamic-base-id` for details. bool use_dynamic_base_id = 31; // See :option:`--base-id-path` for details. string base_id_path = 32; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--ignore-unknown-dynamic-fields` for details. bool ignore_unknown_dynamic_fields = 30; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--drain-strategy` for details. DrainStrategy drain_strategy = 33; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; // See :option:`--bootstrap-version` for details. uint32 bootstrap_version = 29; // See :option:`--enable-fine-grain-logging` for details. bool enable_fine_grain_logging = 34; // See :option:`--socket-path` for details. string socket_path = 35; // See :option:`--socket-mode` for details. uint32 socket_mode = 36; } ================================================ FILE: api/envoy/admin/v3/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.TapRequest"; // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_len: 1}]; // The tap configuration to load. config.tap.v3.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/admin/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/admin/v3:pkg", "//envoy/annotations:pkg", "//envoy/config/bootstrap/v4alpha:pkg", "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/tap/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/admin/v4alpha/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Certificates"; // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Certificate"; // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 8] message CertificateDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CertificateDetails"; message OcspDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CertificateDetails.OcspDetails"; // Indicates the time from which the OCSP response is valid. google.protobuf.Timestamp valid_from = 1; // Indicates the time at which the OCSP response expires. google.protobuf.Timestamp expiration = 2; } // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; // Details related to the OCSP response associated with this certificate, if any. OcspDetails ocsp_details = 7; } message SubjectAlternateName { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SubjectAlternateName"; // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: api/envoy/admin/v4alpha/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/admin/v4alpha/metrics.proto"; import "envoy/config/cluster/v4alpha/circuit_breaker.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/type/v3/percent.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Clusters"; // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 7] message ClusterStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClusterStatus"; // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent local_origin_success_rate_ejection_threshold = 5; // :ref:`Circuit breaking ` settings of the cluster. config.cluster.v4alpha.CircuitBreakers circuit_breakers = 6; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.HostStatus"; // Address of this host. config.core.v4alpha.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent local_origin_success_rate = 8; // locality of the host. config.core.v4alpha.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.HostHealthStatus"; // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] config.core.v4alpha.HealthStatus eds_health_status = 3; } ================================================ FILE: api/envoy/admin/v4alpha/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/bootstrap/v4alpha/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ConfigDump"; // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *endpoints*: :ref:`EndpointsConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // EDS Configuration will only be dumped by using parameter `?include_eds` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UpdateFailureState"; // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.BootstrapConfigDump"; config.bootstrap.v4alpha.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump"; // Describes a statically loaded listener. message StaticListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.StaticListener"; // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.DynamicListenerState"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.DynamicListener"; // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump"; // Describes a statically loaded cluster. message StaticCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump.StaticCluster"; // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump.DynamicCluster"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump"; message StaticRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump.StaticRouteConfig"; // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump"; message InlineScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump"; // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump.DynamicSecret"; // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump.StaticSecret"; // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } // Envoy's admin fill this message with all currently known endpoints. Endpoint // configuration information can be used to recreate an Envoy configuration by populating all // endpoints as static endpoints or by returning them in an EDS response. message EndpointsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump"; message StaticEndpointConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig"; // The endpoint config. google.protobuf.Any endpoint_config = 1; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicEndpointConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig"; // [#not-implemented-hide:] This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the endpoint configuration was loaded. string version_info = 1; // The endpoint config. google.protobuf.Any endpoint_config = 2; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded endpoint configs. repeated StaticEndpointConfig static_endpoint_configs = 2; // The dynamically loaded endpoint configs. repeated DynamicEndpointConfig dynamic_endpoint_configs = 3; } ================================================ FILE: api/envoy/admin/v4alpha/init_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "InitDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: InitDump] // Dumps of unready targets of envoy init managers. Envoy's admin fills this message with init managers, // which provides the information of their unready targets. // The :ref:`/init_dump ` will dump all unready targets information. message UnreadyTargetsDumps { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UnreadyTargetsDumps"; // Message of unready targets information of an init manager. message UnreadyTargetsDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UnreadyTargetsDumps.UnreadyTargetsDump"; // Name of the init manager. Example: "init_manager_xxx". string name = 1; // Names of unready targets of the init manager. Example: "target_xxx". repeated string target_names = 2; } // You can choose specific component to dump unready targets with mask query parameter. // See :ref:`/init_dump?mask={} ` for more information. // The dumps of unready targets of all init managers. repeated UnreadyTargetsDump unready_targets_dumps = 1; } ================================================ FILE: api/envoy/admin/v4alpha/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Listeners"; // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenerStatus"; // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. config.core.v4alpha.Address local_address = 2; } ================================================ FILE: api/envoy/admin/v4alpha/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Memory"; // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: api/envoy/admin/v4alpha/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SimpleMetric"; enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: api/envoy/admin/v4alpha/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.MutexStats"; // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: api/envoy/admin/v4alpha/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 8] message ServerInfo { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ServerInfo"; enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; // Populated node identity of this server. config.core.v4alpha.Node node = 7; } // [#next-free-field: 37] message CommandLineOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CommandLineOptions"; enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } enum DrainStrategy { // Gradually discourage connections over the course of the drain period. Gradual = 0; // Discourage all connections for the duration of the drain sequence. Immediate = 1; } reserved 12, 20, 21; reserved "max_stats", "max_obj_name_len"; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--use-dynamic-base-id` for details. bool use_dynamic_base_id = 31; // See :option:`--base-id-path` for details. string base_id_path = 32; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--ignore-unknown-dynamic-fields` for details. bool ignore_unknown_dynamic_fields = 30; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--drain-strategy` for details. DrainStrategy drain_strategy = 33; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; // See :option:`--bootstrap-version` for details. uint32 bootstrap_version = 29; // See :option:`--enable-fine-grain-logging` for details. bool enable_fine_grain_logging = 34; // See :option:`--socket-path` for details. string socket_path = 35; // See :option:`--socket-mode` for details. uint32 socket_mode = 36; } ================================================ FILE: api/envoy/admin/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.TapRequest"; // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_len: 1}]; // The tap configuration to load. config.tap.v4alpha.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/annotations/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package() ================================================ FILE: api/envoy/annotations/deprecation.proto ================================================ syntax = "proto3"; package envoy.annotations; import "google/protobuf/descriptor.proto"; // [#protodoc-title: Deprecation] // Allows tagging proto fields as fatal by default. One Envoy release after // deprecation, deprecated fields will be disallowed by default, a state which // is reversible with :ref:`runtime overrides `. // Magic number in this file derived from top 28bit of SHA256 digest of // "envoy.annotation.disallowed_by_default" extend google.protobuf.FieldOptions { bool disallowed_by_default = 189503207; } // Magic number in this file derived from top 28bit of SHA256 digest of // "envoy.annotation.disallowed_by_default_enum" extend google.protobuf.EnumValueOptions { bool disallowed_by_default_enum = 70100853; } ================================================ FILE: api/envoy/annotations/resource.proto ================================================ syntax = "proto3"; package envoy.annotations; import "google/protobuf/descriptor.proto"; // [#protodoc-title: Resource] // Magic number in this file derived from top 28bit of SHA256 digest of "envoy.annotation.resource". extend google.protobuf.ServiceOptions { ResourceAnnotation resource = 265073217; } message ResourceAnnotation { // Annotation for xDS services that indicates the fully-qualified Protobuf type for the resource // type. string type = 1; } ================================================ FILE: api/envoy/api/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/api/v2/listener:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/README.md ================================================ Protocol buffer definitions for xDS and top-level resource API messages. Package group `//envoy/api/v2:friends` enumerates all consumers of the shared API messages. That includes package envoy.api.v2 itself, which contains several xDS definitions. Default visibility for all shared definitions should be set to `//envoy/api/v2:friends`. Additionally, packages envoy.api.v2.core and envoy.api.v2.auth are also consumed throughout the subpackages of `//envoy/api/v2`. ================================================ FILE: api/envoy/api/v2/auth/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/auth/cert.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/auth/common.proto"; import public "envoy/api/v2/auth/secret.proto"; import public "envoy/api/v2/auth/tls.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "CertProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; ================================================ FILE: api/envoy/api/v2/auth/common.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common TLS configuration] message TlsParameters { enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_bytes: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true, (udpa.annotations.sensitive) = true]; google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { // The TLS certificate chain. core.DataSource certificate_chain = 1; // The TLS private key. core.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. core.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // [#not-implemented-hide:] core.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated core.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated core.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. // // See :ref:`the TLS overview ` for a list of common // system CA locations. core.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_bytes: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_bytes: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative Names. If specified, Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified values. // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated string verify_subject_alt_name = 4 [deprecated = true]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present a signed time-stamped OCSP response. google.protobuf.BoolValue require_ocsp_staple = 5; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. core.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/api/v2/auth/secret.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/auth/common.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Secrets configuration] message GenericSecret { // Secret of generic type and is available to filters. core.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1; core.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: api/envoy/api/v2/auth/tls.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/auth/common.proto"; import "envoy/api/v2/auth/secret.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 8] message DownstreamTlsContext { // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 9] message CommonTlsContext { message CombinedCertificateValidationContext { // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; // Config for fetching validation context via SDS API. SdsSecretConfig validation_context_sds_secret_config = 2 [(validate.rules).message = {required: true}]; } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; } ================================================ FILE: api/envoy/api/v2/cds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/cluster.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "CdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: CDS] // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.Cluster"; rpc StreamClusters(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaClusters(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchClusters(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:clusters"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message CdsDummy { } ================================================ FILE: api/envoy/api/v2/cluster/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/cluster/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "envoy/api/v2/core/base.proto"; import "envoy/type/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { message RetryBudget { // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: api/envoy/api/v2/cluster/filter.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: api/envoy/api/v2/cluster/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: api/envoy/api/v2/cluster.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/auth/tls.proto"; import "envoy/api/v2/cluster/circuit_breaker.proto"; import "envoy/api/v2/cluster/filter.proto"; import "envoy/api/v2/cluster/outlier_detection.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/api/v2/core/protocol.proto"; import "envoy/api/v2/endpoint.proto"; import "envoy/type/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Cluster configuration] // Configuration for a single upstream cluster. // [#next-free-field: 48] message Cluster { // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`original destination load balancing // policy` // for an explanation. // // .. attention:: // // **This load balancing policy is deprecated**. Use CLUSTER_PROVIDED instead. // ORIGINAL_DST_LB = 4 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { // Configuration for the source of EDS updates for this Cluster. core.ConfigSource eds_config = 1; // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2; } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } reserved 12, 15; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; // The :ref:`load balancer type ` to use // when picking a host in the cluster. LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true}]; // If the service discovery type is // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS`, // then hosts is required. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`load_assignment` field instead. // repeated core.Address hosts = 7 [deprecated = true]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. cluster.CircuitBreakers circuit_breakers = 10; // The TLS configuration for connections to the upstream cluster. // // .. attention:: // // **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are // set, `transport_socket` takes priority. auth.UpstreamTlsContext tls_context = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.Http2ProtocolOptions http2_protocol_options = 14; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map extension_protocol_options = 35 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. cluster.OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool drain_connections_on_host_removal = 32 [(udpa.annotations.field_migrate).rename = "ignore_health_on_host_removal"]; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated cluster.Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.ConfigSource lrs_server = 42; // If track_timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool track_timeout_budgets = 47; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { message Policy { // Required. The name of the LB policy. string name = 1; // Optional config for the LB policy. // No more than one of these two fields may be populated. google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { // The address Envoy should bind to when establishing upstream connections. core.Address source_address = 1; } message UpstreamConnectionOptions { // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.TcpKeepalive tcp_keepalive = 1; } ================================================ FILE: api/envoy/api/v2/core/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/core/address.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Network addresses] message Pipe { // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_bytes: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#next-free-field: 7] message SocketAddress { enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_bytes: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: api/envoy/api/v2/core/backoff.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: api/envoy/api/v2/core/base.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/backoff.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/type/percent.proto"; import "envoy/type/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/core/socket_option.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { // SemVer version of extension. type.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // This is motivated by informing a management server during canary which // version of Envoy is being tested in a heterogeneous fleet. This will be set // by Envoy in management server RPCs. // This field is deprecated in favor of the user_agent_name and user_agent_version values. string build_version = 5 [deprecated = true]; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server // for filtering :ref:`listeners ` to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address listening_addresses = 11; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_bytes: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // Header name/value pair. message HeaderValue { // Header name. string key = 1 [(validate.rules).string = {min_bytes: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_bytes: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_bytes: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value num_retries = 2; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_bytes: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { // Default value if the runtime value's for the numerator/denominator keys are not available. type.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: api/envoy/api/v2/core/config_source.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Configuration sources] // xDS API version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. UNSUPPORTED_REST_LEGACY = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // gRPC v2 API. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 7] message ConfigSource { oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/api/v2/core/event_service_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: api/envoy/api/v2/core/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { message Service { // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: api/envoy/api/v2/core/grpc_service.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { message EnvoyGrpc { // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; } // [#next-free-field: 7] message GoogleGrpc { // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { message ServiceAccountJWTAccessCredentials { string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { string name = 1; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_bytes: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_bytes: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_bytes: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_bytes: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: api/envoy/api/v2/core/health_check.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/event_service_config.proto"; import "envoy/type/http.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 23] message HealthCheck { // Describes the encoding of the payload bytes in the payload. message Payload { oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // An optional service name parameter which is used to validate the identity of // the health checked cluster. See the :ref:`architecture overview // ` for more information. // // .. attention:: // // This field has been deprecated in favor of `service_name_matcher` for better flexibility // over matching with service-cluster name. string service_name = 5 [deprecated = true]; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8; // If set, health checks will be made using http/2. // Deprecated, use :ref:`codec_client_type // ` instead. bool use_http2 = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.StringMatcher service_name_matcher = 11; } message TcpHealthCheck { // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2; } // Custom health check. message CustomHealthCheck { // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; } ================================================ FILE: api/envoy/api/v2/core/http_uri.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_bytes: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_bytes: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: api/envoy/api/v2/core/protocol.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { } message UpstreamHttpProtocolOptions { // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 6] message Http1ProtocolOptions { message HeaderKeyFormat { message ProperCaseWords { } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; } // [#next-free-field: 14] message Http2ProtocolOptions { // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65536 gte: 1}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // See `RFC7540, sec. 8.1 `_ for details. bool stream_error_on_invalid_http_messaging = 12; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; } // [#not-implemented-hide:] message GrpcProtocolOptions { Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: api/envoy/api/v2/core/socket_option.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/api/v2/discovery.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.discovery.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. core.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. core.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 8] message DeltaDiscoveryRequest { // The node making the request. core.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 7] message DeltaDiscoveryResponse { // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } message Resource { // The resource's name, to distinguish it from others of the same type of resource. string name = 3; // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: api/envoy/api/v2/eds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/endpoint.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "EdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: EDS] // Endpoint discovery :ref:`architecture overview ` service EndpointDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.ClusterLoadAssignment"; // The resource_names field in DiscoveryRequest specifies a list of clusters // to subscribe to updates for. rpc StreamEndpoints(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaEndpoints(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchEndpoints(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:endpoints"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message EdsDummy { } ================================================ FILE: api/envoy/api/v2/endpoint/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/endpoint/endpoint.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "udpa/annotations/status.proto"; import public "envoy/api/v2/endpoint/endpoint_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; ================================================ FILE: api/envoy/api/v2/endpoint/endpoint_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "EndpointComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Endpoints] // Upstream host identifier. message Endpoint { // The optional health check configuration. message HealthCheckConfig { // Optional alternative health check port value. // // By default the health check address port of an upstream host is the same // as the host's serving address port. This provides an alternative health // check port. Setting this with a non-zero value allows an upstream host // to have different health check address port. uint32 port_value = 1 [(validate.rules).uint32 = {lte: 65535}]; // By default, the host header for L7 health checks is controlled by cluster level configuration // (see: :ref:`host ` and // :ref:`authority `). Setting this // to a non-empty value allows overriding the cluster level configuration for a specific // endpoint. string hostname = 2; } // The upstream host address. // // .. attention:: // // The form of host address depends on the given cluster type. For STATIC or EDS, // it is expected to be a direct IP address (or something resolvable by the // specified :ref:`resolver ` // in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname, // and will be resolved via DNS. core.Address address = 1; // The optional health check configuration is used as configuration for the // health checker to contact the health checked host. // // .. attention:: // // This takes into effect only for upstream clusters with // :ref:`active health checking ` enabled. HealthCheckConfig health_check_config = 2; // The hostname associated with this endpoint. This hostname is not used for routing or address // resolution. If provided, it will be associated with the endpoint, and can be used for features // that require a hostname, like // :ref:`auto_host_rewrite `. string hostname = 3; } // An Endpoint that Envoy can route traffic to. // [#next-free-field: 6] message LbEndpoint { // Upstream host identifier or a named reference. oneof host_identifier { Endpoint endpoint = 1; // [#not-implemented-hide:] string endpoint_name = 5; } // Optional health status when known and supplied by EDS server. core.HealthStatus health_status = 2; // The endpoint metadata specifies values that may be used by the load // balancer to select endpoints in a cluster for a given request. The filter // name should be specified as *envoy.lb*. An example boolean key-value pair // is *canary*, providing the optional canary status of the upstream host. // This may be matched against in a route's // :ref:`RouteAction ` metadata_match field // to subset the endpoints considered in cluster load balancing. core.Metadata metadata = 3; // The optional load balancing weight of the upstream host; at least 1. // Envoy uses the load balancing weight in some of the built in load // balancers. The load balancing weight for an endpoint is divided by the sum // of the weights of all endpoints in the endpoint's locality to produce a // percentage of traffic for the endpoint. This percentage is then further // weighted by the endpoint's locality's load balancing weight from // LocalityLbEndpoints. If unspecified, each host is presumed to have equal // weight in a locality. The sum of the weights of all endpoints in the // endpoint's locality must not exceed uint32_t maximal value (4294967295). google.protobuf.UInt32Value load_balancing_weight = 4 [(validate.rules).uint32 = {gte: 1}]; } // A group of endpoints belonging to a Locality. // One can have multiple LocalityLbEndpoints for a locality, but this is // generally only done if the different groups need to have different load // balancing weights or different priorities. // [#next-free-field: 7] message LocalityLbEndpoints { // Identifies location of where the upstream hosts run. core.Locality locality = 1; // The group of endpoints belonging to the locality specified. repeated LbEndpoint lb_endpoints = 2; // Optional: Per priority/region/zone/sub_zone weight; at least 1. The load // balancing weight for a locality is divided by the sum of the weights of all // localities at the same priority level to produce the effective percentage // of traffic for the locality. The sum of the weights of all localities at // the same priority level must not exceed uint32_t maximal value (4294967295). // // Locality weights are only considered when :ref:`locality weighted load // balancing ` is // configured. These weights are ignored otherwise. If no weights are // specified when locality weighted load balancing is enabled, the locality is // assigned no load. google.protobuf.UInt32Value load_balancing_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Optional: the priority for this LocalityLbEndpoints. If unspecified this will // default to the highest priority (0). // // Under usual circumstances, Envoy will only select endpoints for the highest // priority (0). In the event all endpoints for a particular priority are // unavailable/unhealthy, Envoy will fail over to selecting endpoints for the // next highest priority group. // // Priorities should range from 0 (highest) to N (lowest) without skipping. uint32 priority = 5 [(validate.rules).uint32 = {lte: 128}]; // Optional: Per locality proximity value which indicates how close this // locality is from the source locality. This value only provides ordering // information (lower the value, closer it is to the source locality). // This will be consumed by load balancing schemes that need proximity order // to determine where to route the requests. // [#not-implemented-hide:] google.protobuf.UInt32Value proximity = 6; } ================================================ FILE: api/envoy/api/v2/endpoint/load_report.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "LoadReportProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // These are stats Envoy reports to GLB every so often. Report frequency is // defined by // :ref:`LoadStatsResponse.load_reporting_interval`. // Stats per upstream region/zone and optionally per subzone. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // [#next-free-field: 9] message UpstreamLocalityStats { // Name of zone, region and optionally endpoint group these metrics were // collected from. Zone and region names could be empty if unknown. core.Locality locality = 1; // The total number of requests successfully completed by the endpoints in the // locality. uint64 total_successful_requests = 2; // The total number of unfinished requests uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint, // aggregated over all endpoints in the locality. uint64 total_error_requests = 4; // The total number of requests that were issued by this Envoy since // the last report. This information is aggregated over all the // upstream endpoints in the locality. uint64 total_issued_requests = 8; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; // Endpoint granularity stats information for this locality. This information // is populated if the Server requests it by setting // :ref:`LoadStatsResponse.report_endpoint_granularity`. repeated UpstreamEndpointStats upstream_endpoint_stats = 7; // [#not-implemented-hide:] The priority of the endpoint group these metrics // were collected from. uint32 priority = 6; } // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // [#next-free-field: 8] message UpstreamEndpointStats { // Upstream host address. core.Address address = 1; // Opaque and implementation dependent metadata of the // endpoint. Envoy will pass this directly to the management server. google.protobuf.Struct metadata = 6; // The total number of requests successfully completed by the endpoints in the // locality. These include non-5xx responses for HTTP, where errors // originate at the client and the endpoint responded successfully. For gRPC, // the grpc-status values are those not covered by total_error_requests below. uint64 total_successful_requests = 2; // The total number of unfinished requests for this endpoint. uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint. // For HTTP these are responses with 5xx status codes and for gRPC the // grpc-status values: // // - DeadlineExceeded // - Unimplemented // - Internal // - Unavailable // - Unknown // - DataLoss uint64 total_error_requests = 4; // The total number of requests that were issued to this endpoint // since the last report. A single TCP connection, HTTP or gRPC // request or stream is counted as one request. uint64 total_issued_requests = 7; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; } // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message EndpointLoadMetricStats { // Name of the metric; may be empty. string metric_name = 1; // Number of calls that finished and included this metric. uint64 num_requests_finished_with_metric = 2; // Sum of metric values across all calls that finished with this metric for // load_reporting_interval. double total_metric_value = 3; } // Per cluster load stats. Envoy reports these stats a management server in a // :ref:`LoadStatsRequest` // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // Next ID: 7 // [#next-free-field: 7] message ClusterStats { message DroppedRequests { // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_bytes: 1}]; // Total number of deliberately dropped requests for the category. uint64 dropped_count = 2; } // The name of the cluster. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The eds_cluster_config service_name of the cluster. // It's possible that two clusters send the same service_name to EDS, // in that case, the management server is supposed to do aggregation on the load reports. string cluster_service_name = 6; // Need at least one. repeated UpstreamLocalityStats upstream_locality_stats = 2 [(validate.rules).repeated = {min_items: 1}]; // Cluster-level stats such as total_successful_requests may be computed by // summing upstream_locality_stats. In addition, below there are additional // cluster-wide stats. // // The total number of dropped requests. This covers requests // deliberately dropped by the drop_overload policy and circuit breaking. uint64 total_dropped_requests = 3; // Information about deliberately dropped requests for each category specified // in the DropOverload policy. repeated DroppedRequests dropped_requests = 5; // Period over which the actual load report occurred. This will be guaranteed to include every // request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy // and the *LoadStatsResponse* message sent from the management server, this may be longer than // the requested load reporting interval in the *LoadStatsResponse*. google.protobuf.Duration load_report_interval = 4; } ================================================ FILE: api/envoy/api/v2/endpoint.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/endpoint/endpoint_components.proto"; import "envoy/type/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Endpoint configuration] // Endpoint discovery :ref:`architecture overview ` // Each route from RDS will map to a single cluster or traffic split across // clusters using weights expressed in the RDS WeightedCluster. // // With EDS, each cluster is treated independently from a LB perspective, with // LB taking place between the Localities within a cluster and at a finer // granularity between the hosts within a locality. The percentage of traffic // for each endpoint is determined by both its load_balancing_weight, and the // load_balancing_weight of its locality. First, a locality will be selected, // then an endpoint within that locality will be chose based on its weight. // [#next-free-field: 6] message ClusterLoadAssignment { // Load balancing policy settings. // [#next-free-field: 6] message Policy { // [#not-implemented-hide:] message DropOverload { // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_bytes: 1}]; // Percentage of traffic that should be dropped for the category. type.FractionalPercent drop_percentage = 2; } reserved 1; // Action to trim the overall incoming traffic to protect the upstream // hosts. This action allows protection in case the hosts are unable to // recover from an outage, or unable to autoscale or unable to handle // incoming traffic volume for any reason. // // At the client each category is applied one after the other to generate // the 'actual' drop percentage on all outgoing traffic. For example: // // .. code-block:: json // // { "drop_overloads": [ // { "category": "throttle", "drop_percentage": 60 } // { "category": "lb", "drop_percentage": 50 } // ]} // // The actual drop percentages applied to the traffic at the clients will be // "throttle"_drop = 60% // "lb"_drop = 20% // 50% of the remaining 'actual' load, which is 40%. // actual_outgoing_load = 20% // remaining after applying all categories. // [#not-implemented-hide:] repeated DropOverload drop_overloads = 2; // Priority levels and localities are considered overprovisioned with this // factor (in percentage). This means that we don't consider a priority // level or locality unhealthy until the percentage of healthy hosts // multiplied by the overprovisioning factor drops below 100. // With the default value 140(1.4), Envoy doesn't consider a priority level // or a locality unhealthy until their percentage of healthy hosts drops // below 72%. For example: // // .. code-block:: json // // { "overprovisioning_factor": 100 } // // Read more at :ref:`priority levels ` and // :ref:`localities `. google.protobuf.UInt32Value overprovisioning_factor = 3 [(validate.rules).uint32 = {gt: 0}]; // The max time until which the endpoints from this assignment can be used. // If no new assignments are received before this time expires the endpoints // are considered stale and should be marked unhealthy. // Defaults to 0 which means endpoints never go stale. google.protobuf.Duration endpoint_stale_after = 4 [(validate.rules).duration = {gt {}}]; // The flag to disable overprovisioning. If it is set to true, // :ref:`overprovisioning factor // ` will be ignored // and Envoy will not perform graceful failover between priority levels or // localities as endpoints become unhealthy. Otherwise Envoy will perform // graceful failover as :ref:`overprovisioning factor // ` suggests. // [#not-implemented-hide:] bool disable_overprovisioning = 5 [deprecated = true]; } // Name of the cluster. This will be the :ref:`service_name // ` value if specified // in the cluster :ref:`EdsClusterConfig // `. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; // List of endpoints to load balance to. repeated endpoint.LocalityLbEndpoints endpoints = 2; // Map of named endpoints that can be referenced in LocalityLbEndpoints. // [#not-implemented-hide:] map named_endpoints = 5; // Load balancing policy settings. Policy policy = 4; } ================================================ FILE: api/envoy/api/v2/lds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/listener.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "LdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener] // Listener :ref:`configuration overview ` // The Envoy instance initiates an RPC at startup to discover a list of // listeners. Updates are delivered via streaming from the LDS server and // consist of a complete update of all listeners. Existing connections will be // allowed to drain from listeners that are no longer present. service ListenerDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.Listener"; rpc DeltaListeners(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc StreamListeners(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc FetchListeners(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:listeners"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message LdsDummy { } ================================================ FILE: api/envoy/api/v2/listener/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/auth:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/listener/listener.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "udpa/annotations/status.proto"; import public "envoy/api/v2/listener/listener_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; ================================================ FILE: api/envoy/api/v2/listener/listener_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "envoy/api/v2/auth/tls.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/type/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { reserved 3; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 4; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. LOCAL = 1 [(udpa.annotations.enum_value_migrate).rename = "SAME_IP_OR_LOOPBACK"]; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 8] message FilterChain { // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // The TLS context for this filter chain. // // .. attention:: // // **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are // set, `transport_socket` takes priority. auth.DownstreamTlsContext tls_context = 2 [deprecated = true]; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.Int32Range destination_port_range = 5; } } message ListenerFilter { // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: api/envoy/api/v2/listener/quic_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 4 message QuicProtocolOptions { // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; } ================================================ FILE: api/envoy/api/v2/listener/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message ActiveRawUdpListenerConfig { } ================================================ FILE: api/envoy/api/v2/listener.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/socket_option.proto"; import "envoy/api/v2/listener/listener_components.proto"; import "envoy/api/v2/listener/udp_listener_config.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/config/listener/v2/api_listener.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // [#next-free-field: 23] message Listener { enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated listener.FilterChain filter_chains = 3; // If a connection is redirected using *iptables*, the port on which the proxy // receives it might be different from the original destination address. When this flag is set to // true, the listener hands off redirected connections to the listener associated with the // original destination address. If there is no listener associated with the original destination // address, the connection is handled by the listener that receives it. Defaults to false. // // .. attention:: // // This field is deprecated. Use :ref:`an original_dst ` // :ref:`listener filter ` instead. // // Note that hand off to another listener is *NOT* performed without this flag. Once // :ref:`FilterChainMatch ` is implemented this flag // will be removed, as filter chain matching can be used to select a filter chain based on the // restored destination address. google.protobuf.BoolValue use_original_dst = 4 [deprecated = true]; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; // Listener metadata. core.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated listener.ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". listener.UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] config.listener.v2.ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated config.filter.accesslog.v2.AccessLog access_log = 22; } ================================================ FILE: api/envoy/api/v2/ratelimit/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/api/v2/ratelimit/ratelimit.proto ================================================ syntax = "proto3"; package envoy.api.v2.ratelimit; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.ratelimit"; option java_outer_classname = "RatelimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common rate limit components] // A RateLimitDescriptor is a list of hierarchical entries that are used by the service to // determine the final rate limit key and overall allowed limit. Here are some examples of how // they might be used for the domain "envoy". // // .. code-block:: cpp // // ["authenticated": "false"], ["remote_address": "10.0.0.1"] // // What it does: Limits all unauthenticated traffic for the IP address 10.0.0.1. The // configuration supplies a default limit for the *remote_address* key. If there is a desire to // raise the limit for 10.0.0.1 or block it entirely it can be specified directly in the // configuration. // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"] // // What it does: Limits all unauthenticated traffic globally for a specific path (or prefix if // configured that way in the service). // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"], ["remote_address": "10.0.0.1"] // // What it does: Limits unauthenticated traffic to a specific path for a specific IP address. // Like (1) we can raise/block specific IP addresses if we want with an override configuration. // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"] // // What it does: Limits all traffic for an authenticated client "foo" // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"], ["path": "/foo/bar"] // // What it does: Limits traffic to a specific path for an authenticated client "foo" // // The idea behind the API is that (1)/(2)/(3) and (4)/(5) can be sent in 1 request if desired. // This enables building complex application scenarios with a generic backend. message RateLimitDescriptor { message Entry { // Descriptor key. string key = 1 [(validate.rules).string = {min_bytes: 1}]; // Descriptor value. string value = 2 [(validate.rules).string = {min_bytes: 1}]; } // Descriptor entries. repeated Entry entries = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/api/v2/rds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/route.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "RdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. // This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. Each listener will bind its HTTP connection manager filter to // a route table via this identifier. service RouteDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.RouteConfiguration"; rpc StreamRoutes(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaRoutes(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchRoutes(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:routes"; option (google.api.http).body = "*"; } } // Virtual Host Discovery Service (VHDS) is used to dynamically update the list of virtual hosts for // a given RouteConfiguration. If VHDS is configured a virtual host list update will be triggered // during the processing of an HTTP request if a route for the request cannot be resolved. The // :ref:`resource_names_subscribe ` // field contains a list of virtual host names or aliases to track. The contents of an alias would // be the contents of a *host* or *authority* header used to make an http request. An xDS server // will match an alias to a virtual host based on the content of :ref:`domains' // ` field. The *resource_names_unsubscribe* field // contains a list of virtual host names that have been :ref:`unsubscribed // ` from the routing table associated with the RouteConfiguration. service VirtualHostDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.route.VirtualHost"; rpc DeltaVirtualHosts(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message RdsDummy { } ================================================ FILE: api/envoy/api/v2/route/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/api/v2/route/route.proto ================================================ syntax = "proto3"; package envoy.api.v2.route; import "udpa/annotations/status.proto"; import public "envoy/api/v2/route/route_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.route"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; ================================================ FILE: api/envoy/api/v2/route/route_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.route; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/regex.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/percent.proto"; import "envoy/type/range.proto"; import "envoy/type/tracing/v2/custom_tag.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.route"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map per_filter_config = 12 [deprecated = true]; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; } // A filter-defined action type. message FilterAction { google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { reserved 6; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map per_filter_config = 8 [deprecated = true]; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_route.VirtualHost` and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_route.VirtualHost` and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { // [#next-free-field: 11] message ClusterWeight { reserved 7; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_route.RouteAction`. repeated string request_headers_to_remove = 9; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. repeated string response_headers_to_remove = 6; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map per_filter_config = 8 [deprecated = true]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 12] message RouteMatch { message GrpcRouteMatchOptions { } message TlsContextMatchOptions { // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } reserved 5; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. The regex grammar is defined `here // `_. // // Examples: // // * The regex ``/b[io]t`` matches the path */bit* // * The regex ``/b[io]t`` matches the path */bot* // * The regex ``/b[io]t`` does not match the path */bite* // * The regex ``/b[io]t`` does not match the path */bit/bot* // // .. attention:: // This field has been deprecated in favor of `safe_regex` as it is not safe for use with // untrusted input in all cases. string regex = 3 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { // Specifies the origins that will be allowed to do CORS requests. // // An origin is allowed if either allow_origin or allow_origin_regex match. // // .. attention:: // This field has been deprecated in favor of `allow_origin_string_match`. repeated string allow_origin = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies regex patterns that match allowed origins. // // An origin is allowed if either allow_origin or allow_origin_regex match. // // .. attention:: // This field has been deprecated in favor of `allow_origin_string_match` as it is not safe for // use with untrusted input in all cases. repeated string allow_origin_regex = 8 [deprecated = true, (validate.rules).repeated = {items {string {max_bytes: 1024}}}]; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies if the CORS filter is enabled. Defaults to true. Only effective on route. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`filter_enabled` field instead. google.protobuf.BoolValue enabled = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.RuntimeFractionalPercent filter_enabled = 9; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.RuntimeFractionalPercent shadow_enabled = 10; } // [#next-free-field: 34] message RouteAction { enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // Configures :ref:`internal redirect ` behavior. enum InternalRedirectAction { PASS_THROUGH_INTERNAL_REDIRECT = 0; HANDLE_INTERNAL_REDIRECT = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // If not specified, all requests to the target cluster will be mirrored. If // specified, Envoy will lookup the runtime key to get the % of requests to // mirror. Valid values are from 0 to 10000, allowing for increments of // 0.01% of requests to be mirrored. If the runtime key is specified in the // configuration but not present in runtime, 0 is the default and thus 0% of // requests will be mirrored. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`runtime_fraction // ` // field instead. Mirroring occurs if both this and // ` // are not set. string runtime_key = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { message Header { // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [ (validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false} ]; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { // Hash on source IP address. bool source_ip = 1; } message QueryParameter { // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_bytes: 1}]; } message FilterState { // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_bytes: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; } reserved 12, 18, 19, 16, 22, 21; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite = 6 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}, (udpa.annotations.field_migrate).rename = "host_rewrite_literal" ]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string auto_host_rewrite_header = 29 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).rename = "host_rewrite_header" ]; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has a request mirroring policy. // // .. attention:: // This field has been deprecated in favor of `request_mirror_policies` which supports one or // more mirroring policies. RequestMirrorPolicy request_mirror_policy = 10 [deprecated = true]; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host // :ref:`rate_limits ` are not applied to the // request. google.protobuf.BoolValue include_vh_rate_limits = 14; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; // If present, and the request is a gRPC request, use the // `grpc-timeout header `_, // or its default value (infinity) instead of // :ref:`timeout `, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using // :ref:`timeout ` or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // // .. note:: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes // precedence over `grpc-timeout header `_, when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration max_grpc_timeout = 23; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global // timeout to be less than that of the deadline imposed by the calling client, which makes it more // likely that Envoy will handle the timeout instead of having the call canceled by the client. // The offset will only be applied if the provided grpc_timeout is greater than the offset. This // ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning // infinity). google.protobuf.Duration grpc_timeout_offset = 28; repeated UpgradeConfig upgrade_configs = 25; InternalRedirectAction internal_redirect_action = 26; // An internal redirect is handled, iff the number of previous internal redirects that a // downstream request has encountered is lower than this value, and // :ref:`internal_redirect_action ` // is set to :ref:`HANDLE_INTERNAL_REDIRECT // ` // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or has // :ref:`internal_redirect_action ` // set to // :ref:`PASS_THROUGH_INTERNAL_REDIRECT // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 31; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 11] message RetryPolicy { message RetryPriority { string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message RetryHostPredicate { string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message RetryBackOff { // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value num_retries = 2; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_RouteConfiguration` or // :ref:`envoy_api_msg_route.VirtualHost`. core.DataSource body = 2; } message Decorator { // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_bytes: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v2.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { // Specifies a regex pattern to use for matching requests. The entire path of the request // must match the regex. The regex grammar used is defined `here // `_. // // Examples: // // * The regex ``/rides/\d+`` matches the path */rides/0* // * The regex ``/rides/\d+`` matches the path */rides/123* // * The regex ``/rides/\d+`` does not match the path */rides/123/456* // // .. attention:: // This field has been deprecated in favor of `headers` as it is not safe for use with // untrusted input in all cases. string pattern = 1 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_bytes: 1}]; // Optionally specifies the HTTP method to match on. For example GET, PUT, // etc. // // .. attention:: // This field has been deprecated in favor of `headers`. core.RequestMethod method = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { // [#next-free-field: 7] message Action { // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [ (validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false} ]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_bytes: 1}]; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_bytes: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 12] message HeaderMatcher { reserved 2, 3; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. The regex grammar used in the value field is defined // `here `_. // // Examples: // // * The regex ``\d{3}`` matches the value *123* // * The regex ``\d{3}`` does not match the value *1234* // * The regex ``\d{3}`` does not match the value *123.456* // // .. attention:: // This field has been deprecated in favor of `safe_regex_match` as it is not safe for use // with untrusted input in all cases. string regex_match = 5 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_bytes: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_bytes: 1}]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_bytes: 1 max_bytes: 1024}]; // Specifies the value of the key. If the value is absent, a request // that contains the key in its query string will match, whether the // key appears with a value (e.g., "?debug=true") or not (e.g., "?debug") // // ..attention:: // This field is deprecated. Use an `exact` match inside the `string_match` field. string value = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies whether the query parameter value is a regular expression. // Defaults to false. The entire query parameter value (i.e., the part to // the right of the equals sign in "key=value") must match the regex. // E.g., the regex ``\d+$`` will match *123* but not *a123* or *123a*. // // ..attention:: // This field is deprecated. Use a `safe_regex` match inside the `string_match` field. google.protobuf.BoolValue regex = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } } ================================================ FILE: api/envoy/api/v2/route.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_config.filter.network.http_connection_manager.v2.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated route.VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { // Configuration source specifier for VHDS. core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/api/v2/scoped_route.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { message Fragment { oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The resource name to use for a :ref:`envoy_api_msg_DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_bytes: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/api/v2/srds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/scoped_route.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "SrdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: SRDS] // * Routing :ref:`architecture overview ` // The Scoped Routes Discovery Service (SRDS) API distributes // :ref:`ScopedRouteConfiguration` // resources. Each ScopedRouteConfiguration resource represents a "routing // scope" containing a mapping that allows the HTTP connection manager to // dynamically assign a routing table (specified via a // :ref:`RouteConfiguration` message) to each // HTTP request. service ScopedRoutesDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.ScopedRouteConfiguration"; rpc StreamScopedRoutes(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaScopedRoutes(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchScopedRoutes(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:scoped-routes"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message SrdsDummy { } ================================================ FILE: api/envoy/config/README.md ================================================ Protocol buffer definitions for Envoy's bootstrap, filter, and service configuration. Visibility should be constrained to none or `//envoy/config/bootstrap/v2` by default. ================================================ FILE: api/envoy/config/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/accesslog/v2/als.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v2; import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.grpc.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Access Log Service (ALS)] // Configuration for the built-in *envoy.access_loggers.http_grpc* // :ref:`AccessLog `. This configuration will // populate :ref:`StreamAccessLogsMessage.http_logs // `. // [#extension: envoy.access_loggers.http_grpc] message HttpGrpcAccessLogConfig { CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; // Additional request headers to log in :ref:`HTTPRequestProperties.request_headers // `. repeated string additional_request_headers_to_log = 2; // Additional response headers to log in :ref:`HTTPResponseProperties.response_headers // `. repeated string additional_response_headers_to_log = 3; // Additional response trailers to log in :ref:`HTTPResponseProperties.response_trailers // `. repeated string additional_response_trailers_to_log = 4; } // Configuration for the built-in *envoy.access_loggers.tcp_grpc* type. This configuration will // populate *StreamAccessLogsMessage.tcp_logs*. // [#extension: envoy.access_loggers.tcp_grpc] message TcpGrpcAccessLogConfig { CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; } // Common configuration for gRPC access logs. // [#next-free-field: 6] message CommonGrpcAccessLogConfig { // The friendly name of the access log to be returned in :ref:`StreamAccessLogsMessage.Identifier // `. This allows the // access log server to differentiate between different access logs coming from the same Envoy. string log_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The gRPC service for the access log service. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // Interval for flushing access logs to the gRPC stream. Logger will flush requests every time // this interval is elapsed, or when batch size limit is hit, whichever comes first. Defaults to // 1 second. google.protobuf.Duration buffer_flush_interval = 3 [(validate.rules).duration = {gt {}}]; // Soft size limit in bytes for access log entries buffer. Logger will buffer requests until // this limit it hit, or every time flush interval is elapsed, whichever comes first. Setting it // to zero effectively disables the batching. Defaults to 16384. google.protobuf.UInt32Value buffer_size_bytes = 4; // Additional filter state objects to log in :ref:`filter_state_objects // `. // Logger will call `FilterState::Object::serializeAsProto` to serialize the filter state object. repeated string filter_state_objects_to_log = 5; } ================================================ FILE: api/envoy/config/accesslog/v2/file.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v2; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.file.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. message FileAccessLog { // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_bytes: 1}]; oneof access_log_format { // Access log :ref:`format string`. // Envoy supports :ref:`custom access log formats ` as well as a // :ref:`default format `. string format = 2; // Access log :ref:`format dictionary`. All values // are rendered as strings. google.protobuf.Struct json_format = 3; // Access log :ref:`format dictionary`. Values are // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the // documentation for a specific command operator for details. google.protobuf.Struct typed_json_format = 4; } } ================================================ FILE: api/envoy/config/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/accesslog/v3/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v3"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common access log types] message AccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AccessLog"; reserved 3; reserved "config"; // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. // Built-in configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Any typed_config = 4; } } // [#next-free-field: 13] message AccessLogFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AccessLogFilter"; oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; // Metadata Filter MetadataFilter metadata_filter = 12; } } // Filter on an integer comparison. message ComparisonFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ComparisonFilter"; enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. core.v3.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.StatusCodeFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.DurationFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.NotHealthCheckFilter"; } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.TraceableFilter"; } // Filters for random sampling of requests. message RuntimeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.RuntimeFilter"; // Runtime key to get an optional overridden numerator for use in the // *percent_sampled* field. If found in runtime, this value will replace the // default numerator. string runtime_key = 1 [(validate.rules).string = {min_len: 1}]; // The default sampling percentage. If not specified, defaults to 0% with // denominator of 100. type.v3.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being // present. If :ref:`x-request-id` // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will // randomly sample based on the runtime key value alone. // *use_independent_randomness* can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to // reason about from a probability perspective (i.e., setting to true will // cause the filter to behave like an independent random variable when // composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AndFilter"; repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.OrFilter"; repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.HeaderFilter"; // Only requests with a header which matches the specified HeaderMatcher will // pass the filter check. route.v3.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter // :ref:`documentation`. message ResponseFlagFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ResponseFlagFilter"; // Only responses with the any of the flags listed in this field will be // logged. This field is optional. If it is not specified, then any response // flag will pass the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" in: "UMSDR" in: "RFCF" in: "NFCF" in: "DT" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not // provided, the filter will infer the status from the HTTP status code. message GrpcStatusFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.GrpcStatusFilter"; enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses // with a gRPC status or inferred gRPC status enumerated in statuses, and // allow all other responses. bool exclude = 2; } // Filters based on matching dynamic metadata. // If the matcher path and key correspond to an existing key in dynamic // metadata, the request is logged only if the matcher value is equal to the // metadata value. If the matcher path and key *do not* correspond to an // existing key in dynamic metadata, the request is logged only if // match_if_key_not_found is "true" or unset. message MetadataFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.MetadataFilter"; // Matcher to check metadata for specified value. For example, to match on the // access_log_hint metadata, set the filter to "envoy.common" and the path to // "access_log_hint", and the value to "true". type.matcher.v3.MetadataMatcher matcher = 1; // Default result if the key does not exist in dynamic metadata: if unset or // true, then log; if false, then don't log. google.protobuf.BoolValue match_if_key_not_found = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ExtensionFilter"; reserved 2; reserved "config"; // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; } } ================================================ FILE: api/envoy/config/accesslog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/accesslog/v4alpha/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v4alpha"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common access log types] message AccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AccessLog"; reserved 3; reserved "config"; // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. // Built-in configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Any typed_config = 4; } } // [#next-free-field: 13] message AccessLogFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AccessLogFilter"; oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; // Metadata Filter MetadataFilter metadata_filter = 12; } } // Filter on an integer comparison. message ComparisonFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ComparisonFilter"; enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. core.v4alpha.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.StatusCodeFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.DurationFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.NotHealthCheckFilter"; } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.TraceableFilter"; } // Filters for random sampling of requests. message RuntimeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.RuntimeFilter"; // Runtime key to get an optional overridden numerator for use in the // *percent_sampled* field. If found in runtime, this value will replace the // default numerator. string runtime_key = 1 [(validate.rules).string = {min_len: 1}]; // The default sampling percentage. If not specified, defaults to 0% with // denominator of 100. type.v3.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being // present. If :ref:`x-request-id` // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will // randomly sample based on the runtime key value alone. // *use_independent_randomness* can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to // reason about from a probability perspective (i.e., setting to true will // cause the filter to behave like an independent random variable when // composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AndFilter"; repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.OrFilter"; repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.HeaderFilter"; // Only requests with a header which matches the specified HeaderMatcher will // pass the filter check. route.v4alpha.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter // :ref:`documentation`. message ResponseFlagFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ResponseFlagFilter"; // Only responses with the any of the flags listed in this field will be // logged. This field is optional. If it is not specified, then any response // flag will pass the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" in: "UMSDR" in: "RFCF" in: "NFCF" in: "DT" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not // provided, the filter will infer the status from the HTTP status code. message GrpcStatusFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.GrpcStatusFilter"; enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses // with a gRPC status or inferred gRPC status enumerated in statuses, and // allow all other responses. bool exclude = 2; } // Filters based on matching dynamic metadata. // If the matcher path and key correspond to an existing key in dynamic // metadata, the request is logged only if the matcher value is equal to the // metadata value. If the matcher path and key *do not* correspond to an // existing key in dynamic metadata, the request is logged only if // match_if_key_not_found is "true" or unset. message MetadataFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.MetadataFilter"; // Matcher to check metadata for specified value. For example, to match on the // access_log_hint metadata, set the filter to "envoy.common" and the path to // "access_log_hint", and the value to "true". type.matcher.v4alpha.MetadataMatcher matcher = 1; // Default result if the key does not exist in dynamic metadata: if unset or // true, then log; if false, then don't log. google.protobuf.BoolValue match_if_key_not_found = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ExtensionFilter"; reserved 2; reserved "config"; // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; } } ================================================ FILE: api/envoy/config/bootstrap/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", "//envoy/config/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/bootstrap/v2/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v2; import "envoy/api/v2/auth/secret.proto"; import "envoy/api/v2/cluster.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/event_service_config.proto"; import "envoy/api/v2/core/socket_option.proto"; import "envoy/api/v2/listener.proto"; import "envoy/config/metrics/v2/stats.proto"; import "envoy/config/overload/v2alpha/overload.proto"; import "envoy/config/trace/v2/http_tracer.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v2"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 21] message Bootstrap { message StaticResources { // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated api.v2.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated api.v2.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated api.v2.auth.Secret secrets = 3; } message DynamicResources { reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. api.v2.core.ConfigSource lds_config = 1; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. api.v2.core.ConfigSource cds_config = 2; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. api.v2.core.ApiConfigSource ads_config = 3; } reserved 10; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). api.v2.core.Node node = 1; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) api.v2.core.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v2.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v2.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdog configuration. Watchdog watchdog = 8; // Configuration for an external tracing provider. // // .. attention:: // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider // `. trace.v2.Tracing tracing = 9; // Configuration for the runtime configuration provider (deprecated). If not // specified, a “null” provider will be used which will result in all defaults // being used. Runtime runtime = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v2alpha.OverloadManager overload_manager = 15; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; } // Administration interface :ref:`operations documentation // `. message Admin { // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. api.v2.core.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated api.v2.core.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { message OutlierDetection { // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. api.v2.core.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. api.v2.core.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. api.v2.core.ApiConfigSource load_stats_config = 4; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. message Watchdog { // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // If at least two watched threads have been nonresponsive for at least this // duration assume a true deadlock and kill the entire Envoy process. Set to 0 // to disable this behavior. If not specified the default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { // :ref:`Disk runtime ` layer. message DiskLayer { // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1; // RTDS configuration source. api.v2.core.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: api/envoy/config/bootstrap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/listener/v3:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/bootstrap/v3/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v3; import "envoy/config/cluster/v3/cluster.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/listener.proto"; import "envoy/config/metrics/v3/stats.proto"; import "envoy/config/overload/v3/overload.proto"; import "envoy/config/trace/v3/http_tracer.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v3"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 28] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap"; message StaticResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap.StaticResources"; // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated listener.v3.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated cluster.v3.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated envoy.extensions.transport_sockets.tls.v3.Secret secrets = 3; } // [#next-free-field: 7] message DynamicResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap.DynamicResources"; reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. core.v3.ConfigSource lds_config = 1; // Resource locator for listener collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator lds_resources_locator = 5; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. core.v3.ConfigSource cds_config = 2; // Resource locator for cluster collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator cds_resources_locator = 6; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. core.v3.ApiConfigSource ads_config = 3; } reserved 10, 11; reserved "runtime"; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). core.v3.Node node = 1; // A list of :ref:`Node ` field names // that will be included in the context parameters of the effective // *UdpaResourceLocator* that is sent in a discovery request when resource // locators are used for LDS/CDS. Any non-string field will have its JSON // encoding set as the context parameter value, with the exception of // metadata, which will be flattened (see example below). The supported field // names are: // - "cluster" // - "id" // - "locality.region" // - "locality.sub_zone" // - "locality.zone" // - "metadata" // - "user_agent_build_version.metadata" // - "user_agent_build_version.version" // - "user_agent_name" // - "user_agent_version" // // The node context parameters act as a base layer dictionary for the context // parameters (i.e. more specific resource specific context parameters will // override). Field names will be prefixed with “udpa.node.” when included in // context parameters. // // For example, if node_context_params is ``["user_agent_name", "metadata"]``, // the implied context parameters might be:: // // node.user_agent_name: "envoy" // node.metadata.foo: "{\"bar\": \"baz\"}" // node.metadata.some: "42" // node.metadata.thing: "\"thing\"" // // [#not-implemented-hide:] repeated string node_context_params = 26; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) core.v3.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v3.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v3.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdog configuration. // This is for a single watchdog configuration for the entire system. // Deprecated in favor of *watchdogs* which has finer granularity. Watchdog watchdog = 8 [deprecated = true]; // Optional watchdogs configuration. // This is used for specifying different watchdogs for the different subsystems. Watchdogs watchdogs = 27; // Configuration for an external tracing provider. // // .. attention:: // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider // `. trace.v3.Tracing tracing = 9 [deprecated = true]; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v3.OverloadManager overload_manager = 15 [ (udpa.annotations.security).configure_for_untrusted_downstream = true, (udpa.annotations.security).configure_for_untrusted_upstream = true ]; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. repeated core.v3.TypedExtensionConfig bootstrap_extensions = 21; // Configuration sources that will participate in // *udpa.core.v1.ResourceLocator* authority resolution. The algorithm is as // follows: // 1. The authority field is taken from the *udpa.core.v1.ResourceLocator*, call // this *resource_authority*. // 2. *resource_authority* is compared against the authorities in any peer // *ConfigSource*. The peer *ConfigSource* is the configuration source // message which would have been used unconditionally for resolution // with opaque resource names. If there is a match with an authority, the // peer *ConfigSource* message is used. // 3. *resource_authority* is compared sequentially with the authorities in // each configuration source in *config_sources*. The first *ConfigSource* // to match wins. // 4. As a fallback, if no configuration source matches, then // *default_config_source* is used. // 5. If *default_config_source* is not specified, resolution fails. // [#not-implemented-hide:] repeated core.v3.ConfigSource config_sources = 22; // Default configuration source for *udpa.core.v1.ResourceLocator* if all // other resolution fails. // [#not-implemented-hide:] core.v3.ConfigSource default_config_source = 23; // Optional overriding of default socket interface. The value must be the name of one of the // socket interface factories initialized through a bootstrap extension string default_socket_interface = 24; // Global map of CertificateProvider instances. These instances are referred to by name in the // :ref:`CommonTlsContext.CertificateProviderInstance.instance_name // ` // field. // [#not-implemented-hide:] map certificate_provider_instances = 25; } // Administration interface :ref:`operations documentation // `. message Admin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Admin"; // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. core.v3.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v3.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.ClusterManager"; message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.ClusterManager.OutlierDetection"; // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. core.v3.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. core.v3.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. core.v3.ApiConfigSource load_stats_config = 4; } // Allows you to specify different watchdog configs for different subsystems. // This allows finer tuned policies for the watchdog. If a subsystem is omitted // the default values for that system will be used. message Watchdogs { // Watchdog for the main thread. Watchdog main_thread_watchdog = 1; // Watchdog for the worker threads. Watchdog worker_watchdog = 2; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. // [#next-free-field: 8] message Watchdog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Watchdog"; message WatchdogAction { // The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS. // Within an event type, actions execute in the order they are configured. // For KILL/MULTIKILL there is a default PANIC that will run after the // registered actions and kills the process if it wasn't already killed. // It might be useful to specify several debug actions, and possibly an // alternate FATAL action. enum WatchdogEvent { UNKNOWN = 0; KILL = 1; MULTIKILL = 2; MEGAMISS = 3; MISS = 4; } // Extension specific configuration for the action. core.v3.TypedExtensionConfig config = 1; WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}]; } // Register actions that will fire on given WatchDog events. // See *WatchDogAction* for priority of events. repeated WatchdogAction actions = 7; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // Defines the maximum jitter used to adjust the *kill_timeout* if *kill_timeout* is // enabled. Enabling this feature would help to reduce risk of synchronized // watchdog kill events across proxies due to external triggers. Set to 0 to // disable. If not specified the default is 0 (disabled). google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}]; // If max(2, ceil(registered_threads * Fraction(*multikill_threshold*))) // threads have been nonresponsive for at least this duration kill the entire // Envoy process. Set to 0 to disable this behavior. If not specified the // default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; // Sets the threshold for *multikill_timeout* in terms of the percentage of // nonresponsive threads required for the *multikill_timeout*. // If not specified the default is 0. type.v3.Percent multikill_threshold = 5; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Runtime"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer"; // :ref:`Disk runtime ` layer. message DiskLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.DiskLayer"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.AdminLayer"; } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.RtdsLayer"; // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for RTDS layer. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rtds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // RTDS configuration source. core.v3.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.LayeredRuntime"; // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: api/envoy/config/bootstrap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/listener/v4alpha:pkg", "//envoy/config/metrics/v4alpha:pkg", "//envoy/config/overload/v3:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/bootstrap/v4alpha/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v4alpha; import "envoy/config/cluster/v4alpha/cluster.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/listener.proto"; import "envoy/config/metrics/v4alpha/stats.proto"; import "envoy/config/overload/v3/overload.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v4alpha"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 28] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap"; message StaticResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap.StaticResources"; // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated listener.v4alpha.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated cluster.v4alpha.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated envoy.extensions.transport_sockets.tls.v4alpha.Secret secrets = 3; } // [#next-free-field: 7] message DynamicResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap.DynamicResources"; reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. core.v4alpha.ConfigSource lds_config = 1; // Resource locator for listener collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator lds_resources_locator = 5; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. core.v4alpha.ConfigSource cds_config = 2; // Resource locator for cluster collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator cds_resources_locator = 6; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. core.v4alpha.ApiConfigSource ads_config = 3; } reserved 10, 11, 8, 9; reserved "runtime", "watchdog", "tracing"; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). core.v4alpha.Node node = 1; // A list of :ref:`Node ` field names // that will be included in the context parameters of the effective // *UdpaResourceLocator* that is sent in a discovery request when resource // locators are used for LDS/CDS. Any non-string field will have its JSON // encoding set as the context parameter value, with the exception of // metadata, which will be flattened (see example below). The supported field // names are: // - "cluster" // - "id" // - "locality.region" // - "locality.sub_zone" // - "locality.zone" // - "metadata" // - "user_agent_build_version.metadata" // - "user_agent_build_version.version" // - "user_agent_name" // - "user_agent_version" // // The node context parameters act as a base layer dictionary for the context // parameters (i.e. more specific resource specific context parameters will // override). Field names will be prefixed with “udpa.node.” when included in // context parameters. // // For example, if node_context_params is ``["user_agent_name", "metadata"]``, // the implied context parameters might be:: // // node.user_agent_name: "envoy" // node.metadata.foo: "{\"bar\": \"baz\"}" // node.metadata.some: "42" // node.metadata.thing: "\"thing\"" // // [#not-implemented-hide:] repeated string node_context_params = 26; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) core.v4alpha.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v4alpha.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v4alpha.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdogs configuration. // This is used for specifying different watchdogs for the different subsystems. Watchdogs watchdogs = 27; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v3.OverloadManager overload_manager = 15 [ (udpa.annotations.security).configure_for_untrusted_downstream = true, (udpa.annotations.security).configure_for_untrusted_upstream = true ]; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. repeated core.v4alpha.TypedExtensionConfig bootstrap_extensions = 21; // Configuration sources that will participate in // *udpa.core.v1.ResourceLocator* authority resolution. The algorithm is as // follows: // 1. The authority field is taken from the *udpa.core.v1.ResourceLocator*, call // this *resource_authority*. // 2. *resource_authority* is compared against the authorities in any peer // *ConfigSource*. The peer *ConfigSource* is the configuration source // message which would have been used unconditionally for resolution // with opaque resource names. If there is a match with an authority, the // peer *ConfigSource* message is used. // 3. *resource_authority* is compared sequentially with the authorities in // each configuration source in *config_sources*. The first *ConfigSource* // to match wins. // 4. As a fallback, if no configuration source matches, then // *default_config_source* is used. // 5. If *default_config_source* is not specified, resolution fails. // [#not-implemented-hide:] repeated core.v4alpha.ConfigSource config_sources = 22; // Default configuration source for *udpa.core.v1.ResourceLocator* if all // other resolution fails. // [#not-implemented-hide:] core.v4alpha.ConfigSource default_config_source = 23; // Optional overriding of default socket interface. The value must be the name of one of the // socket interface factories initialized through a bootstrap extension string default_socket_interface = 24; // Global map of CertificateProvider instances. These instances are referred to by name in the // :ref:`CommonTlsContext.CertificateProviderInstance.instance_name // ` // field. // [#not-implemented-hide:] map certificate_provider_instances = 25; } // Administration interface :ref:`operations documentation // `. message Admin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Admin"; // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. core.v4alpha.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v4alpha.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.ClusterManager"; message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.ClusterManager.OutlierDetection"; // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. core.v4alpha.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. core.v4alpha.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. core.v4alpha.ApiConfigSource load_stats_config = 4; } // Allows you to specify different watchdog configs for different subsystems. // This allows finer tuned policies for the watchdog. If a subsystem is omitted // the default values for that system will be used. message Watchdogs { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdogs"; // Watchdog for the main thread. Watchdog main_thread_watchdog = 1; // Watchdog for the worker threads. Watchdog worker_watchdog = 2; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. // [#next-free-field: 8] message Watchdog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdog"; message WatchdogAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdog.WatchdogAction"; // The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS. // Within an event type, actions execute in the order they are configured. // For KILL/MULTIKILL there is a default PANIC that will run after the // registered actions and kills the process if it wasn't already killed. // It might be useful to specify several debug actions, and possibly an // alternate FATAL action. enum WatchdogEvent { UNKNOWN = 0; KILL = 1; MULTIKILL = 2; MEGAMISS = 3; MISS = 4; } // Extension specific configuration for the action. core.v4alpha.TypedExtensionConfig config = 1; WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}]; } // Register actions that will fire on given WatchDog events. // See *WatchDogAction* for priority of events. repeated WatchdogAction actions = 7; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // Defines the maximum jitter used to adjust the *kill_timeout* if *kill_timeout* is // enabled. Enabling this feature would help to reduce risk of synchronized // watchdog kill events across proxies due to external triggers. Set to 0 to // disable. If not specified the default is 0 (disabled). google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}]; // If max(2, ceil(registered_threads * Fraction(*multikill_threshold*))) // threads have been nonresponsive for at least this duration kill the entire // Envoy process. Set to 0 to disable this behavior. If not specified the // default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; // Sets the threshold for *multikill_timeout* in terms of the percentage of // nonresponsive threads required for the *multikill_timeout*. // If not specified the default is 0. type.v3.Percent multikill_threshold = 5; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Runtime"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer"; // :ref:`Disk runtime ` layer. message DiskLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.DiskLayer"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.AdminLayer"; } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.RtdsLayer"; oneof name_specifier { // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1; // Resource locator for RTDS layer. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rtds_resource_locator = 3; } // RTDS configuration source. core.v4alpha.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.LayeredRuntime"; // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: api/envoy/config/cluster/aggregate/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/cluster/aggregate/v2alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.aggregate.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.aggregate.v2alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.clusters.aggregate.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Aggregate cluster configuration] // Configuration for the aggregate cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.aggregate] message ClusterConfig { // Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they // appear in this list. repeated string clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/cluster/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/cluster/dynamic_forward_proxy/v2alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.dynamic_forward_proxy.v2alpha; import "envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.clusters.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy cluster configuration] // Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.dynamic_forward_proxy] message ClusterConfig { // The DNS cache configuration that the cluster will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy HTTP filter configuration // `. common.dynamic_forward_proxy.v2alpha.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/cluster/redis/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/cluster/redis/redis_cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.redis; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.redis"; option java_outer_classname = "RedisClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Redis Cluster Configuration] // This cluster adds support for `Redis Cluster `_, as part // of :ref:`Envoy's support for Redis Cluster `. // // Redis Cluster is an extension of Redis which supports sharding and high availability (where a // shard that loses its primary fails over to a replica, and designates it as the new primary). // However, as there is no unified frontend or proxy service in front of Redis Cluster, the client // (in this case Envoy) must locally maintain the state of the Redis Cluster, specifically the // topology. A random node in the cluster is queried for the topology using the `CLUSTER SLOTS // command `_. This result is then stored locally, and // updated at user-configured intervals. // // Additionally, if // :ref:`enable_redirection` // is true, then moved and ask redirection errors from upstream servers will trigger a topology // refresh when they exceed a user-configured error threshold. // // Example: // // .. code-block:: yaml // // name: name // connect_timeout: 0.25s // dns_lookup_family: V4_ONLY // hosts: // - socket_address: // address: foo.bar.com // port_value: 22120 // cluster_type: // name: envoy.clusters.redis // typed_config: // "@type": type.googleapis.com/google.protobuf.Struct // value: // cluster_refresh_rate: 30s // cluster_refresh_timeout: 0.5s // redirect_refresh_interval: 10s // redirect_refresh_threshold: 10 // [#extension: envoy.clusters.redis] // [#next-free-field: 7] message RedisClusterConfig { // Interval between successive topology refresh requests. If not set, this defaults to 5s. google.protobuf.Duration cluster_refresh_rate = 1 [(validate.rules).duration = {gt {}}]; // Timeout for topology refresh request. If not set, this defaults to 3s. google.protobuf.Duration cluster_refresh_timeout = 2 [(validate.rules).duration = {gt {}}]; // The minimum interval that must pass after triggering a topology refresh request before a new // request can possibly be triggered again. Any errors received during one of these // time intervals are ignored. If not set, this defaults to 5s. google.protobuf.Duration redirect_refresh_interval = 3; // The number of redirection errors that must be received before // triggering a topology refresh request. If not set, this defaults to 5. // If this is set to 0, topology refresh after redirect is disabled. google.protobuf.UInt32Value redirect_refresh_threshold = 4; // The number of failures that must be received before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to failure. uint32 failure_refresh_threshold = 5; // The number of hosts became degraded or unhealthy before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to degraded or // unhealthy host. uint32 host_degraded_refresh_threshold = 6; } ================================================ FILE: api/envoy/config/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/cluster/v3/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers"; // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers.Thresholds"; message RetryBudget { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget"; // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.v3.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.v3.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: api/envoy/config/cluster/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "envoy/config/cluster/v3/circuit_breaker.proto"; import "envoy/config/cluster/v3/filter.proto"; import "envoy/config/cluster/v3/outlier_detection.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/core/v3/protocol.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Cluster configuration] // Cluster list collections. Entries are *Cluster* resources or references. // [#not-implemented-hide:] message ClusterCollection { udpa.core.v1.CollectionEntry entries = 1; } // Configuration for a single upstream cluster. // [#next-free-field: 53] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster"; // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { reserved 4; reserved "ORIGINAL_DST_LB"; // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.TransportSocketMatch"; // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.v3.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CustomClusterType"; // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_len: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.EdsClusterConfig"; // Configuration for the source of EDS updates for this Cluster. core.v3.ConfigSource eds_config = 1; // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for EDS. This is mutually exclusive to *service_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator eds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LbSubsetConfig"; // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector"; // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // Selects a mode of operation in which each subset has only one host. This mode uses the same rules for // choosing a host, but updating hosts is faster, especially for large numbers of hosts. // // If a match is found to a host, that host will be used regardless of priority levels, unless the host is unhealthy. // // Currently, this mode is only supported if `subset_selectors` has only one entry, and `keys` contains // only one entry. // // When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in `keys` // will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge // :ref:`lb_subsets_single_host_per_subset_duplicate` indicates how many duplicates are // present in the current configuration. bool single_host_per_subset = 4; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LeastRequestLbConfig"; // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; // The following formula is used to calculate the dynamic weights when hosts have different load // balancing weights: // // `weight = load_balancing_weight / (active_requests + 1)^active_request_bias` // // The larger the active request bias is, the more aggressively active requests will lower the // effective weight when all host weights are not equal. // // `active_request_bias` must be greater than or equal to 0.0. // // When `active_request_bias == 0.0` the Least Request Load Balancer doesn't consider the number // of active requests at the time it picks a host and behaves like the Round Robin Load // Balancer. // // When `active_request_bias > 0.0` the Least Request Load Balancer scales the load balancing // weight by the number of active requests at the time it does a pick. // // The value is cached for performance reasons and refreshed whenever one of the Load Balancer's // host sets changes, e.g., whenever there is a host membership update or a host load balancing // weight change. // // .. note:: // This setting only takes effect if all host weights are not equal. core.v3.RuntimeDouble active_request_bias = 2; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RingHashLbConfig"; // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the :ref:`Maglev` // load balancing policy. message MaglevLbConfig { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. // The table size must be prime number. If it is not specified, the default is 65537. google.protobuf.UInt64Value table_size = 1; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.OriginalDstLbConfig"; // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig"; // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig"; // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.v3.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.LocalityWeightedLbConfig"; } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.ConsistentHashingLbConfig"; // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; // Configures percentage of average cluster load to bound per upstream host. For example, with a value of 150 // no upstream host will get a load more than 1.5 times the average load of all the hosts in the cluster. // If not specified, the load is not bounded for any upstream host. Typical value for this parameter is between 120 and 200. // Minimum is 100. // // Applies to both Ring Hash and Maglev load balancers. // // This is implemented based on the method described in the paper https://arxiv.org/abs/1608.01350. For the specified // `hash_balance_factor`, requests to any upstream host are capped at `hash_balance_factor/100` times the average number of requests // across the cluster. When a request arrives for an upstream host that is currently serving at its max capacity, linear probing // is used to identify an eligible host. Further, the linear probe is implemented using a random jump in hosts ring/table to identify // the eligible host (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump avoids the // cascading overflow effect when choosing the next host in the ring/table). // // If weights are specified on the hosts, they are respected. // // This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` results in more hosts // being probed, so use a higher value if you require better performance. google.protobuf.UInt32Value hash_balance_factor = 2 [(validate.rules).uint32 = {gte: 100}]; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.v3.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate"; // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } // [#not-implemented-hide:] message PrefetchPolicy { // Indicates how many streams (rounded up) can be anticipated per-upstream for each // incoming stream. This is useful for high-QPS or latency-sensitive services. Prefetching // will only be done if the upstream is healthy. // // For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be // established, one for the new incoming stream, and one for a presumed follow-up stream. For // HTTP/2, only one connection would be established by default as one connection can // serve both the original and presumed follow-up stream. // // In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100 // active streams, there would be 100 connections in use, and 50 connections prefetched. // This might be a useful value for something like short lived single-use connections, // for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection // termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP // or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more // reasonable, where for every 100 connections, 5 prefetched connections would be in the queue // in case of unexpected disconnects where the connection could not be reused. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight. This means in steady state if a connection is torn down, // a subsequent streams will pay an upstream-rtt latency penalty waiting for streams to be // prefetched. // // This is limited somewhat arbitrarily to 3 because prefetching connections too aggressively can // harm latency more than the prefetching helps. google.protobuf.DoubleValue per_upstream_prefetch_ratio = 1 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; // Indicates how many many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). // Unlike per_upstream_prefetch_ratio this prefetches across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. // // For example if prefetching is set to 2 for a round robin HTTP/2 cluster, on the first // incoming stream, 2 connections will be prefetched - one to the first upstream for this // cluster, one to the second on the assumption there will be a follow-up stream. // // Prefetching will be limited to one prefetch per configured upstream in the cluster. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight, so during warm up and in steady state if a connection // is closed (and per_upstream_prefetch_ratio is not set), there will be a latency hit for // connection establishment. // // If both this and prefetch_ratio are set, Envoy will make sure both predicted needs are met, // basically prefetching max(predictive-prefetch, per-upstream-prefetch), for each upstream. // TODO(alyssawilk) per LB docs and LB overview docs when unhiding. google.protobuf.DoubleValue predictive_prefetch_ratio = 2 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } reserved 12, 15, 7, 11, 35; reserved "hosts", "tls_context", "extension_protocol_options"; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // This field can be used to specify custom transport socket configurations for health // checks by adding matching key/value pairs in a health check's // :ref:`transport socket match criteria ` field. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_len: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The :ref:`load balancer type ` to use // when picking a host in the cluster. // [#comment:TODO: Remove enum constraint :ref:`LOAD_BALANCING_POLICY_CONFIG` when implemented.] LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true not_in: 7}]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // endpoint.v3.ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.v3.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. CircuitBreakers circuit_breakers = 10; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.v3.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.v3.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.v3.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.v3.Http2ProtocolOptions http2_protocol_options = 14 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.v3.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.v3.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH`, // :ref:`MAGLEV` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or maglev_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Maglev load balancing policy. MaglevLbConfig maglev_lb_config = 52; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v3.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.v3.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool ignore_health_on_host_removal = 32; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.v3.ConfigSource lrs_server = 42; // If track_timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. // // .. attention:: // // This field has been deprecated in favor of `timeout_budgets`, part of // :ref:`track_cluster_stats `. bool track_timeout_budgets = 47 [deprecated = true]; // Optional customization and configuration of upstream connection pool, and upstream type. // // Currently this field only applies for HTTP traffic but is designed for eventual use for custom // TCP upstreams. // // For HTTP traffic, Envoy will generally take downstream HTTP and send it upstream as upstream // HTTP, using the http connection pool and the codec from `http2_protocol_options` // // For routes where CONNECT termination is configured, Envoy will take downstream CONNECT // requests and forward the CONNECT payload upstream over raw TCP using the tcp connection pool. // // The default pool used is the generic connection pool which creates the HTTP upstream for most // HTTP requests, and the TCP upstream if CONNECT termination is configured. // // If users desire custom connection pool or upstream behavior, for example terminating // CONNECT only if a custom filter indicates it is appropriate, the custom factories // can be registered and configured here. core.v3.TypedExtensionConfig upstream_config = 48; // Configuration to track optional cluster stats. TrackClusterStats track_cluster_stats = 49; // [#not-implemented-hide:] // Prefetch configuration for this cluster. PrefetchPolicy prefetch_policy = 50; // If `connection_pool_per_downstream_connection` is true, the cluster will use a separate // connection pool for every downstream connection bool connection_pool_per_downstream_connection = 51; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LoadBalancingPolicy"; message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LoadBalancingPolicy.Policy"; reserved 2; reserved "config"; // Required. The name of the LB policy. string name = 1; google.protobuf.Any typed_config = 3; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.UpstreamBindConfig"; // The address Envoy should bind to when establishing upstream connections. core.v3.Address source_address = 1; } message UpstreamConnectionOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.UpstreamConnectionOptions"; // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.v3.TcpKeepalive tcp_keepalive = 1; } message TrackClusterStats { // If timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool timeout_budgets = 1; // If request_response_sizes is true, then the :ref:`histograms // ` tracking header and body sizes // of requests and responses will be published. bool request_response_sizes = 2; } ================================================ FILE: api/envoy/config/cluster/v3/filter.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.Filter"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: api/envoy/config/cluster/v3/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.OutlierDetection"; // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: api/envoy/config/cluster/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/cluster/v4alpha/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers"; // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers.Thresholds"; message RetryBudget { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget"; // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.v3.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.v4alpha.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: api/envoy/config/cluster/v4alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "envoy/config/cluster/v4alpha/circuit_breaker.proto"; import "envoy/config/cluster/v4alpha/filter.proto"; import "envoy/config/cluster/v4alpha/outlier_detection.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Cluster configuration] // Cluster list collections. Entries are *Cluster* resources or references. // [#not-implemented-hide:] message ClusterCollection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.ClusterCollection"; udpa.core.v1.CollectionEntry entries = 1; } // Configuration for a single upstream cluster. // [#next-free-field: 53] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster"; // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { reserved 4; reserved "ORIGINAL_DST_LB"; // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.TransportSocketMatch"; // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.v4alpha.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CustomClusterType"; // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_len: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.EdsClusterConfig"; // Configuration for the source of EDS updates for this Cluster. core.v4alpha.ConfigSource eds_config = 1; oneof name_specifier { // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2; // Resource locator for EDS. This is mutually exclusive to *service_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator eds_resource_locator = 3; } } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LbSubsetConfig"; // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector"; // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // Selects a mode of operation in which each subset has only one host. This mode uses the same rules for // choosing a host, but updating hosts is faster, especially for large numbers of hosts. // // If a match is found to a host, that host will be used regardless of priority levels, unless the host is unhealthy. // // Currently, this mode is only supported if `subset_selectors` has only one entry, and `keys` contains // only one entry. // // When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in `keys` // will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge // :ref:`lb_subsets_single_host_per_subset_duplicate` indicates how many duplicates are // present in the current configuration. bool single_host_per_subset = 4; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LeastRequestLbConfig"; // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; // The following formula is used to calculate the dynamic weights when hosts have different load // balancing weights: // // `weight = load_balancing_weight / (active_requests + 1)^active_request_bias` // // The larger the active request bias is, the more aggressively active requests will lower the // effective weight when all host weights are not equal. // // `active_request_bias` must be greater than or equal to 0.0. // // When `active_request_bias == 0.0` the Least Request Load Balancer doesn't consider the number // of active requests at the time it picks a host and behaves like the Round Robin Load // Balancer. // // When `active_request_bias > 0.0` the Least Request Load Balancer scales the load balancing // weight by the number of active requests at the time it does a pick. // // The value is cached for performance reasons and refreshed whenever one of the Load Balancer's // host sets changes, e.g., whenever there is a host membership update or a host load balancing // weight change. // // .. note:: // This setting only takes effect if all host weights are not equal. core.v4alpha.RuntimeDouble active_request_bias = 2; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.RingHashLbConfig"; // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the :ref:`Maglev` // load balancing policy. message MaglevLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.MaglevLbConfig"; // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. // The table size must be prime number. If it is not specified, the default is 65537. google.protobuf.UInt64Value table_size = 1; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.OriginalDstLbConfig"; // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig"; // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig"; // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.v3.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.LocalityWeightedLbConfig"; } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfig"; // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; // Configures percentage of average cluster load to bound per upstream host. For example, with a value of 150 // no upstream host will get a load more than 1.5 times the average load of all the hosts in the cluster. // If not specified, the load is not bounded for any upstream host. Typical value for this parameter is between 120 and 200. // Minimum is 100. // // Applies to both Ring Hash and Maglev load balancers. // // This is implemented based on the method described in the paper https://arxiv.org/abs/1608.01350. For the specified // `hash_balance_factor`, requests to any upstream host are capped at `hash_balance_factor/100` times the average number of requests // across the cluster. When a request arrives for an upstream host that is currently serving at its max capacity, linear probing // is used to identify an eligible host. Further, the linear probe is implemented using a random jump in hosts ring/table to identify // the eligible host (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump avoids the // cascading overflow effect when choosing the next host in the ring/table). // // If weights are specified on the hosts, they are respected. // // This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` results in more hosts // being probed, so use a higher value if you require better performance. google.protobuf.UInt32Value hash_balance_factor = 2 [(validate.rules).uint32 = {gte: 100}]; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.v3.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.RefreshRate"; // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } // [#not-implemented-hide:] message PrefetchPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.PrefetchPolicy"; // Indicates how many streams (rounded up) can be anticipated per-upstream for each // incoming stream. This is useful for high-QPS or latency-sensitive services. Prefetching // will only be done if the upstream is healthy. // // For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be // established, one for the new incoming stream, and one for a presumed follow-up stream. For // HTTP/2, only one connection would be established by default as one connection can // serve both the original and presumed follow-up stream. // // In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100 // active streams, there would be 100 connections in use, and 50 connections prefetched. // This might be a useful value for something like short lived single-use connections, // for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection // termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP // or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more // reasonable, where for every 100 connections, 5 prefetched connections would be in the queue // in case of unexpected disconnects where the connection could not be reused. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight. This means in steady state if a connection is torn down, // a subsequent streams will pay an upstream-rtt latency penalty waiting for streams to be // prefetched. // // This is limited somewhat arbitrarily to 3 because prefetching connections too aggressively can // harm latency more than the prefetching helps. google.protobuf.DoubleValue per_upstream_prefetch_ratio = 1 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; // Indicates how many many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). // Unlike per_upstream_prefetch_ratio this prefetches across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. // // For example if prefetching is set to 2 for a round robin HTTP/2 cluster, on the first // incoming stream, 2 connections will be prefetched - one to the first upstream for this // cluster, one to the second on the assumption there will be a follow-up stream. // // Prefetching will be limited to one prefetch per configured upstream in the cluster. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight, so during warm up and in steady state if a connection // is closed (and per_upstream_prefetch_ratio is not set), there will be a latency hit for // connection establishment. // // If both this and prefetch_ratio are set, Envoy will make sure both predicted needs are met, // basically prefetching max(predictive-prefetch, per-upstream-prefetch), for each upstream. // TODO(alyssawilk) per LB docs and LB overview docs when unhiding. google.protobuf.DoubleValue predictive_prefetch_ratio = 2 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } reserved 12, 15, 7, 11, 35, 47; reserved "hosts", "tls_context", "extension_protocol_options", "track_timeout_budgets"; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // This field can be used to specify custom transport socket configurations for health // checks by adding matching key/value pairs in a health check's // :ref:`transport socket match criteria ` field. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_len: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The :ref:`load balancer type ` to use // when picking a host in the cluster. // [#comment:TODO: Remove enum constraint :ref:`LOAD_BALANCING_POLICY_CONFIG` when implemented.] LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true not_in: 7}]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // endpoint.v3.ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.v4alpha.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. CircuitBreakers circuit_breakers = 10; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.v4alpha.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.v4alpha.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.v4alpha.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.v4alpha.Http2ProtocolOptions http2_protocol_options = 14 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.v4alpha.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.v4alpha.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH`, // :ref:`MAGLEV` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or maglev_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Maglev load balancing policy. MaglevLbConfig maglev_lb_config = 52; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v4alpha.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.v4alpha.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool ignore_health_on_host_removal = 32; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.v4alpha.ConfigSource lrs_server = 42; // Optional customization and configuration of upstream connection pool, and upstream type. // // Currently this field only applies for HTTP traffic but is designed for eventual use for custom // TCP upstreams. // // For HTTP traffic, Envoy will generally take downstream HTTP and send it upstream as upstream // HTTP, using the http connection pool and the codec from `http2_protocol_options` // // For routes where CONNECT termination is configured, Envoy will take downstream CONNECT // requests and forward the CONNECT payload upstream over raw TCP using the tcp connection pool. // // The default pool used is the generic connection pool which creates the HTTP upstream for most // HTTP requests, and the TCP upstream if CONNECT termination is configured. // // If users desire custom connection pool or upstream behavior, for example terminating // CONNECT only if a custom filter indicates it is appropriate, the custom factories // can be registered and configured here. core.v4alpha.TypedExtensionConfig upstream_config = 48; // Configuration to track optional cluster stats. TrackClusterStats track_cluster_stats = 49; // [#not-implemented-hide:] // Prefetch configuration for this cluster. PrefetchPolicy prefetch_policy = 50; // If `connection_pool_per_downstream_connection` is true, the cluster will use a separate // connection pool for every downstream connection bool connection_pool_per_downstream_connection = 51; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.LoadBalancingPolicy"; message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.LoadBalancingPolicy.Policy"; reserved 2; reserved "config"; // Required. The name of the LB policy. string name = 1; google.protobuf.Any typed_config = 3; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.UpstreamBindConfig"; // The address Envoy should bind to when establishing upstream connections. core.v4alpha.Address source_address = 1; } message UpstreamConnectionOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.UpstreamConnectionOptions"; // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.v4alpha.TcpKeepalive tcp_keepalive = 1; } message TrackClusterStats { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.TrackClusterStats"; // If timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool timeout_budgets = 1; // If request_response_sizes is true, then the :ref:`histograms // ` tracking header and body sizes // of requests and responses will be published. bool request_response_sizes = 2; } ================================================ FILE: api/envoy/config/cluster/v4alpha/filter.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Filter"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: api/envoy/config/cluster/v4alpha/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.OutlierDetection"; // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: api/envoy/config/common/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto ================================================ syntax = "proto3"; package envoy.config.common.dynamic_forward_proxy.v2alpha; import "envoy/api/v2/cluster.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "DnsCacheProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy common configuration] // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. // [#next-free-field: 7] message DnsCacheConfig { // The name of the cache. Multiple named caches allow independent dynamic forward proxy // configurations to operate within a single Envoy process using different configurations. All // configurations with the same name *must* otherwise have the same settings when referenced // from different configuration components. Configuration will fail to load if this is not // the case. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The DNS lookup family to use during resolution. // // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and // then configures a host to have a primary and fall back address. With this, we could very // likely build a "happy eyeballs" connection pool which would race the primary / fall back // address and return the one that wins. This same method could potentially also be used for // QUIC to TCP fall back.] api.v2.Cluster.DnsLookupFamily dns_lookup_family = 2 [(validate.rules).enum = {defined_only: true}]; // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. // // .. note: // // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be // added in a future change. // // .. note: // // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gte {nanos: 1000000}}]; // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // // .. note: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // // .. note: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // // .. note: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured // value depending on timing. This is similar to how other circuit breakers work. google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; // If the DNS failure refresh rate is specified, // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is // not specified, the failure refresh rate defaults to the dns_refresh_rate. api.v2.Cluster.RefreshRate dns_failure_refresh_rate = 6; } ================================================ FILE: api/envoy/config/common/matcher/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/common/matcher/v3/matcher.proto ================================================ syntax = "proto3"; package envoy.config.common.matcher.v3; import "envoy/config/route/v3/route_components.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.matcher.v3"; option java_outer_classname = "MatcherProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Unified Matcher API] // Match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { // HTTP headers to match. repeated route.v3.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { message GenericTextMatch { oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/common/matcher/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v3:pkg", "//envoy/config/route/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/common/matcher/v4alpha/matcher.proto ================================================ syntax = "proto3"; package envoy.config.common.matcher.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.matcher.v4alpha"; option java_outer_classname = "MatcherProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Unified Matcher API] // Match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpHeadersMatch"; // HTTP headers to match. repeated route.v4alpha.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpGenericBodyMatch"; message GenericTextMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpGenericBodyMatch.GenericTextMatch"; oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/common/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/common/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.config.common.tap.v2alpha; import "envoy/api/v2/core/config_source.proto"; import "envoy/service/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { // [#not-implemented-hide:] message TapDSConfig { // Configuration for the source of TapDS updates for this Cluster. api.v2.core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // Tap config to request from XDS server. string name = 2 [(validate.rules).string = {min_bytes: 1}]; } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. service.tap.v2alpha.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: api/envoy/config/core/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/core/v3/address.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Network addresses] message Pipe { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Pipe"; // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_len: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#not-implemented-hide:] The address represents an envoy internal listener. // TODO(lambdai): Make this address available for listener and endpoint. // TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30. message EnvoyInternalAddress { oneof address_name_specifier { option (validate.required) = true; // [#not-implemented-hide:] The :ref:`listener name ` of the destination internal listener. string server_listener_name = 1; } } // [#next-free-field: 7] message SocketAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketAddress"; enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_len: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpKeepalive"; // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BindConfig"; // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Address"; oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; // [#not-implemented-hide:] EnvoyInternalAddress envoy_internal_address = 3; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.CidrRange"; // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: api/envoy/config/core/v3/backoff.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BackoffStrategy"; // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: api/envoy/config/core/v3/base.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/backoff.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Locality"; // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BuildVersion"; // SemVer version of extension. type.v3.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Extension"; // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Node"; reserved 5; reserved "build_version"; // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server // for filtering :ref:`listeners ` to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address listening_addresses = 11 [deprecated = true]; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Metadata"; // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeUInt32"; // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_len: 1}]; } // Runtime derived percentage with a default when not specified. message RuntimePercent { // Default value if runtime value is not available. type.v3.Percent default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeDouble"; // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeFeatureFlag"; // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Header name/value pair. message HeaderValue { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderValue"; // Header name. string key = 1 [(validate.rules).string = {min_len: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderValueOption"; // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. Otherwise it replaces any existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderMap"; repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.DataSource"; oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_len: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_len: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RetryPolicy"; // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value num_retries = 2 [(udpa.annotations.field_migrate).rename = "max_retries"]; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RemoteDataSource"; // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_len: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.AsyncDataSource"; oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TransportSocket"; reserved 2; reserved "config"; // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeFractionalPercent"; // Default value if the runtime value's for the numerator/denominator keys are not available. type.v3.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ControlPlane"; // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: api/envoy/config/core/v3/config_source.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/authority.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Configuration sources] // xDS API and non-xDS services version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ApiConfigSource"; // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // SotW gRPC service. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; // SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_GRPC = 5; // Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_DELTA_GRPC = 6; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.AggregatedConfigSource"; } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SelfConfigSource"; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RateLimitSettings"; // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 8] message ConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ConfigSource"; // Authorities that this config source may be used for. An authority specified // in a *udpa.core.v1.ResourceLocator* is resolved to a *ConfigSource* prior // to configuration fetch. This field provides the association between // authority name and configuration source. // [#not-implemented-hide:] repeated udpa.core.v1.Authority authorities = 7; oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/core/v3/event_service_config.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.EventServiceConfig"; oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: api/envoy/config/core/v3/extension.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/config_source.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ExtensionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Extension configuration] // Message type for extension configuration. // [#next-major-version: revisit all existing typed_config that doesn't use this wrapper.]. message TypedExtensionConfig { // The name of an extension. This is not used to select the extension, instead // it serves the role of an opaque identifier. string name = 1 [(validate.rules).string = {min_len: 1}]; // The typed config for the extension. The type URL will be used to identify // the extension. In the case that the type URL is *udpa.type.v1.TypedStruct*, // the inner type URL of *TypedStruct* will be utilized. See the // :ref:`extension configuration overview // ` for further details. google.protobuf.Any typed_config = 2 [(validate.rules).any = {required: true}]; } // Configuration source specifier for a late-bound extension configuration. The // parent resource is warmed until all the initial extension configurations are // received, unless the flag to apply the default configuration is set. // Subsequent extension updates are atomic on a per-worker basis. Once an // extension configuration is applied to a request or a connection, it remains // constant for the duration of processing. If the initial delivery of the // extension configuration fails, due to a timeout for example, the optional // default configuration is applied. Without a default configuration, the // extension is disabled, until an extension configuration is received. The // behavior of a disabled extension depends on the context. For example, a // filter chain with a disabled extension filter rejects all incoming streams. message ExtensionConfigSource { ConfigSource config_source = 1 [(validate.rules).any = {required: true}]; // Optional default configuration to use as the initial configuration if // there is a failure to receive the initial extension configuration or if // `apply_default_config_without_warming` flag is set. google.protobuf.Any default_config = 2; // Use the default config as the initial configuration without warming and // waiting for the first discovery response. Requires the default configuration // to be supplied. bool apply_default_config_without_warming = 3; // A set of permitted extension type URLs. Extension configuration updates are rejected // if they do not match any type URL in the set. repeated string type_urls = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/core/v3/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcMethodList"; message Service { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcMethodList.Service"; // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_len: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: api/envoy/config/core/v3/grpc_service.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService"; message EnvoyGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.EnvoyGrpc"; // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. string authority = 2 [(validate.rules).string = {min_len: 0 max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // [#next-free-field: 9] message GoogleGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc"; // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials"; // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.GoogleLocalCredentials"; } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials"; oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials"; message ServiceAccountJWTAccessCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials." "ServiceAccountJWTAccessCredentials"; string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials"; string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials." "MetadataCredentialsFromPlugin"; reserved 2; reserved "config"; string name = 1; oneof config_type { google.protobuf.Any typed_config = 3; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService"; // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_len: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_len: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // Channel arguments. message ChannelArgs { message Value { // Pointer values are not supported, since they don't make any sense when // delivered via the API. oneof value_specifier { option (validate.required) = true; string string_value = 1; int64 int_value = 2; } } // See grpc_types.h GRPC_ARG #defines for keys that work here. map args = 1; } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_len: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_len: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; // How many bytes each stream can buffer internally. // If not set an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7; // Custom channels args. ChannelArgs channel_args = 8; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: api/envoy/config/core/v3/health_check.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/http.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 24] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck"; // Describes the encoding of the payload bytes in the payload. message Payload { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.Payload"; oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.HttpHealthCheck"; reserved 5, 7; reserved "service_name", "use_http2"; // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.v3.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.v3.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.v3.StringMatcher service_name_matcher = 11; } message TcpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.TcpHealthCheck"; // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.RedisHealthCheck"; // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.GrpcHealthCheck"; // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Custom health check. message CustomHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.CustomHealthCheck"; reserved 2; reserved "config"; // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_len: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Any typed_config = 3; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.TlsOptions"; // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's // :ref:`tranport socket matches `. // For example, the following match criteria // // .. code-block:: yaml // // transport_socket_match_criteria: // useMTLS: true // // Will match the following :ref:`cluster socket match ` // // .. code-block:: yaml // // transport_socket_matches: // - name: "useMTLS" // match: // useMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the // :ref:`LbEndpoint.Metadata `. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any // :ref:`transport socket matches `, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. google.protobuf.Struct transport_socket_match_criteria = 23; } ================================================ FILE: api/envoy/config/core/v3/http_uri.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HttpUri"; // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_len: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: api/envoy/config/core/v3/protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpProtocolOptions"; } message UpstreamHttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.UpstreamHttpProtocolOptions"; // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HttpProtocolOptions"; // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 8] message Http1ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions"; message HeaderKeyFormat { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat"; message ProperCaseWords { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords"; } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; // Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding` // headers set. By default such messages are rejected, but if option is enabled - Envoy will // remove Content-Length header and process message. // See `RFC7230, sec. 3.3.3 ` for details. // // .. attention:: // Enabling this option might lead to request smuggling vulnerability, especially if traffic // is proxied via multiple layers of proxies. bool allow_chunked_length = 6; // Allows invalid HTTP messaging. When this option is false, then Envoy will terminate // HTTP/1.1 connections upon receiving an invalid HTTP message. However, // when this option is true, then Envoy will leave the HTTP/1.1 connection // open where possible. // If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging // `. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 7; } message KeepaliveSettings { // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. google.protobuf.Duration timeout = 2 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // A random jitter amount as a percentage of interval that will be added to each interval. // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; } // [#next-free-field: 16] message Http2ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http2ProtocolOptions"; // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter"; // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65535 gte: 0}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This is overridden by HCM :ref:`stream_error_on_invalid_http_messaging // ` // iff present. // // This is deprecated in favor of :ref:`override_stream_error_on_invalid_http_message // ` // // See `RFC7540, sec. 8.1 `_ for details. bool stream_error_on_invalid_http_messaging = 12 [deprecated = true]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // // See `RFC7540, sec. 8.1 `_ for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 14; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; // Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer // does not respond within the configured timeout, the connection will be aborted. KeepaliveSettings connection_keepalive = 15; } // [#not-implemented-hide:] message GrpcProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcProtocolOptions"; Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: api/envoy/config/core/v3/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Proxy Protocol] message ProxyProtocolConfig { enum Version { // PROXY protocol version 1. Human readable format. V1 = 0; // PROXY protocol version 2. Binary format. V2 = 1; } // The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details Version version = 1; } ================================================ FILE: api/envoy/config/core/v3/socket_option.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketOption"; enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/core/v3/substitution_format_string.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "SubstitutionFormatStringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Substitution format string] // Configuration to use multiple :ref:`command operators ` // to generate a new string in either plain text or JSON format. message SubstitutionFormatString { oneof format { option (validate.required) = true; // Specify a format with command operators to form a text string. // Its details is described in :ref:`format string`. // // For example, setting ``text_format`` like below, // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // generates plain text similar to: // // .. code-block:: text // // upstream connect error:503:path=/foo // string text_format = 1 [(validate.rules).string = {min_len: 1}]; // Specify a format with command operators to form a JSON string. // Its details is described in :ref:`format dictionary`. // Values are rendered as strings, numbers, or boolean values as appropriate. // Nested JSON objects may be produced by some command operators (e.g. FILTER_STATE or DYNAMIC_METADATA). // See the documentation for a specific command operator for details. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // // The following JSON object would be created: // // .. code-block:: json // // { // "status": 500, // "message": "My error message" // } // google.protobuf.Struct json_format = 2 [(validate.rules).message = {required: true}]; } // If set to true, when command operators are evaluated to null, // // * for ``text_format``, the output of the empty operator is changed from ``-`` to an // empty string, so that empty values are omitted entirely. // * for ``json_format`` the keys with null values are omitted in the output structure. bool omit_empty_values = 3; // Specify a *content_type* field. // If this field is not set then ``text/plain`` is used for *text_format* and // ``application/json`` is used for *json_format*. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // content_type: "text/html; charset=UTF-8" // string content_type = 4; } ================================================ FILE: api/envoy/config/core/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/core/v4alpha/address.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Network addresses] message Pipe { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Pipe"; // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_len: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#not-implemented-hide:] The address represents an envoy internal listener. // TODO(lambdai): Make this address available for listener and endpoint. // TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30. message EnvoyInternalAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.EnvoyInternalAddress"; oneof address_name_specifier { option (validate.required) = true; // [#not-implemented-hide:] The :ref:`listener name ` of the destination internal listener. string server_listener_name = 1; } } // [#next-free-field: 7] message SocketAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SocketAddress"; enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_len: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TcpKeepalive"; // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BindConfig"; // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Address"; oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; // [#not-implemented-hide:] EnvoyInternalAddress envoy_internal_address = 3; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.CidrRange"; // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: api/envoy/config/core/v4alpha/backoff.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BackoffStrategy"; // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: api/envoy/config/core/v4alpha/base.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/backoff.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Locality"; // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BuildVersion"; // SemVer version of extension. type.v3.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Extension"; // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Node"; reserved 5, 11; reserved "build_version", "listening_addresses"; // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Metadata"; // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeUInt32"; // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_len: 1}]; } // Runtime derived percentage with a default when not specified. message RuntimePercent { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimePercent"; // Default value if runtime value is not available. type.v3.Percent default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeDouble"; // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeFeatureFlag"; // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Header name/value pair. message HeaderValue { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderValue"; // Header name. string key = 1 [(validate.rules).string = {min_len: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderValueOption"; // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. Otherwise it replaces any existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderMap"; repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.DataSource"; oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_len: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_len: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RetryPolicy"; // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value max_retries = 2; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RemoteDataSource"; // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_len: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.AsyncDataSource"; oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TransportSocket"; reserved 2; reserved "config"; // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeFractionalPercent"; // Default value if the runtime value's for the numerator/denominator keys are not available. type.v3.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ControlPlane"; // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: api/envoy/config/core/v4alpha/config_source.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/authority.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Configuration sources] // xDS API and non-xDS services version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ApiConfigSource"; // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // SotW gRPC service. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; // SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_GRPC = 5; // Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_DELTA_GRPC = 6; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.AggregatedConfigSource"; } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SelfConfigSource"; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RateLimitSettings"; // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 8] message ConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ConfigSource"; // Authorities that this config source may be used for. An authority specified // in a *udpa.core.v1.ResourceLocator* is resolved to a *ConfigSource* prior // to configuration fetch. This field provides the association between // authority name and configuration source. // [#not-implemented-hide:] repeated udpa.core.v1.Authority authorities = 7; oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/core/v4alpha/event_service_config.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.EventServiceConfig"; oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: api/envoy/config/core/v4alpha/extension.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ExtensionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Extension configuration] // Message type for extension configuration. // [#next-major-version: revisit all existing typed_config that doesn't use this wrapper.]. message TypedExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TypedExtensionConfig"; // The name of an extension. This is not used to select the extension, instead // it serves the role of an opaque identifier. string name = 1 [(validate.rules).string = {min_len: 1}]; // The typed config for the extension. The type URL will be used to identify // the extension. In the case that the type URL is *udpa.type.v1.TypedStruct*, // the inner type URL of *TypedStruct* will be utilized. See the // :ref:`extension configuration overview // ` for further details. google.protobuf.Any typed_config = 2 [(validate.rules).any = {required: true}]; } // Configuration source specifier for a late-bound extension configuration. The // parent resource is warmed until all the initial extension configurations are // received, unless the flag to apply the default configuration is set. // Subsequent extension updates are atomic on a per-worker basis. Once an // extension configuration is applied to a request or a connection, it remains // constant for the duration of processing. If the initial delivery of the // extension configuration fails, due to a timeout for example, the optional // default configuration is applied. Without a default configuration, the // extension is disabled, until an extension configuration is received. The // behavior of a disabled extension depends on the context. For example, a // filter chain with a disabled extension filter rejects all incoming streams. message ExtensionConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ExtensionConfigSource"; ConfigSource config_source = 1 [(validate.rules).any = {required: true}]; // Optional default configuration to use as the initial configuration if // there is a failure to receive the initial extension configuration or if // `apply_default_config_without_warming` flag is set. google.protobuf.Any default_config = 2; // Use the default config as the initial configuration without warming and // waiting for the first discovery response. Requires the default configuration // to be supplied. bool apply_default_config_without_warming = 3; // A set of permitted extension type URLs. Extension configuration updates are rejected // if they do not match any type URL in the set. repeated string type_urls = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/core/v4alpha/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcMethodList"; message Service { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcMethodList.Service"; // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_len: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: api/envoy/config/core/v4alpha/grpc_service.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService"; message EnvoyGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.EnvoyGrpc"; // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. string authority = 2 [(validate.rules).string = {min_len: 0 max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // [#next-free-field: 9] message GoogleGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc"; // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials"; // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials"; } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials"; oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials"; message ServiceAccountJWTAccessCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials." "ServiceAccountJWTAccessCredentials"; string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials"; string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials." "MetadataCredentialsFromPlugin"; reserved 2; reserved "config"; string name = 1; oneof config_type { google.protobuf.Any typed_config = 3; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService"; // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_len: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_len: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // Channel arguments. message ChannelArgs { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs"; message Value { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.Value"; // Pointer values are not supported, since they don't make any sense when // delivered via the API. oneof value_specifier { option (validate.required) = true; string string_value = 1; int64 int_value = 2; } } // See grpc_types.h GRPC_ARG #defines for keys that work here. map args = 1; } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_len: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_len: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; // How many bytes each stream can buffer internally. // If not set an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7; // Custom channels args. ChannelArgs channel_args = 8; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: api/envoy/config/core/v4alpha/health_check.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/http.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 24] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck"; // Describes the encoding of the payload bytes in the payload. message Payload { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.Payload"; oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.HttpHealthCheck"; reserved 5, 7; reserved "service_name", "use_http2"; // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.v3.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.v3.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.v4alpha.StringMatcher service_name_matcher = 11; } message TcpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.TcpHealthCheck"; // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.RedisHealthCheck"; // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.GrpcHealthCheck"; // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Custom health check. message CustomHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.CustomHealthCheck"; reserved 2; reserved "config"; // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_len: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Any typed_config = 3; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.TlsOptions"; // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's // :ref:`tranport socket matches `. // For example, the following match criteria // // .. code-block:: yaml // // transport_socket_match_criteria: // useMTLS: true // // Will match the following :ref:`cluster socket match ` // // .. code-block:: yaml // // transport_socket_matches: // - name: "useMTLS" // match: // useMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the // :ref:`LbEndpoint.Metadata `. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any // :ref:`transport socket matches `, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. google.protobuf.Struct transport_socket_match_criteria = 23; } ================================================ FILE: api/envoy/config/core/v4alpha/http_uri.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HttpUri"; // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_len: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: api/envoy/config/core/v4alpha/protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TcpProtocolOptions"; } message UpstreamHttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.UpstreamHttpProtocolOptions"; // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HttpProtocolOptions"; // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 8] message Http1ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions"; message HeaderKeyFormat { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat"; message ProperCaseWords { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords"; } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; // Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding` // headers set. By default such messages are rejected, but if option is enabled - Envoy will // remove Content-Length header and process message. // See `RFC7230, sec. 3.3.3 ` for details. // // .. attention:: // Enabling this option might lead to request smuggling vulnerability, especially if traffic // is proxied via multiple layers of proxies. bool allow_chunked_length = 6; // Allows invalid HTTP messaging. When this option is false, then Envoy will terminate // HTTP/1.1 connections upon receiving an invalid HTTP message. However, // when this option is true, then Envoy will leave the HTTP/1.1 connection // open where possible. // If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging // `. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 7; } message KeepaliveSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.KeepaliveSettings"; // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. google.protobuf.Duration timeout = 2 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // A random jitter amount as a percentage of interval that will be added to each interval. // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; } // [#next-free-field: 16] message Http2ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http2ProtocolOptions"; // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter"; // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65535 gte: 0}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } reserved 12; reserved "stream_error_on_invalid_http_messaging"; // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // // See `RFC7540, sec. 8.1 `_ for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 14; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; // Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer // does not respond within the configured timeout, the connection will be aborted. KeepaliveSettings connection_keepalive = 15; } // [#not-implemented-hide:] message GrpcProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcProtocolOptions"; Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: api/envoy/config/core/v4alpha/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Proxy Protocol] message ProxyProtocolConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ProxyProtocolConfig"; enum Version { // PROXY protocol version 1. Human readable format. V1 = 0; // PROXY protocol version 2. Binary format. V2 = 1; } // The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details Version version = 1; } ================================================ FILE: api/envoy/config/core/v4alpha/socket_option.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SocketOption"; enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/core/v4alpha/substitution_format_string.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "SubstitutionFormatStringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Substitution format string] // Configuration to use multiple :ref:`command operators ` // to generate a new string in either plain text or JSON format. message SubstitutionFormatString { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SubstitutionFormatString"; oneof format { option (validate.required) = true; // Specify a format with command operators to form a text string. // Its details is described in :ref:`format string`. // // For example, setting ``text_format`` like below, // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // generates plain text similar to: // // .. code-block:: text // // upstream connect error:503:path=/foo // string text_format = 1 [(validate.rules).string = {min_len: 1}]; // Specify a format with command operators to form a JSON string. // Its details is described in :ref:`format dictionary`. // Values are rendered as strings, numbers, or boolean values as appropriate. // Nested JSON objects may be produced by some command operators (e.g. FILTER_STATE or DYNAMIC_METADATA). // See the documentation for a specific command operator for details. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // // The following JSON object would be created: // // .. code-block:: json // // { // "status": 500, // "message": "My error message" // } // google.protobuf.Struct json_format = 2 [(validate.rules).message = {required: true}]; } // If set to true, when command operators are evaluated to null, // // * for ``text_format``, the output of the empty operator is changed from ``-`` to an // empty string, so that empty values are omitted entirely. // * for ``json_format`` the keys with null values are omitted in the output structure. bool omit_empty_values = 3; // Specify a *content_type* field. // If this field is not set then ``text/plain`` is used for *text_format* and // ``application/json`` is used for *json_format*. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // content_type: "text/html; charset=UTF-8" // string content_type = 4; } ================================================ FILE: api/envoy/config/endpoint/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/endpoint/v3/endpoint.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "envoy/type/v3/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Endpoint configuration] // Endpoint discovery :ref:`architecture overview ` // Each route from RDS will map to a single cluster or traffic split across // clusters using weights expressed in the RDS WeightedCluster. // // With EDS, each cluster is treated independently from a LB perspective, with // LB taking place between the Localities within a cluster and at a finer // granularity between the hosts within a locality. The percentage of traffic // for each endpoint is determined by both its load_balancing_weight, and the // load_balancing_weight of its locality. First, a locality will be selected, // then an endpoint within that locality will be chose based on its weight. // [#next-free-field: 6] message ClusterLoadAssignment { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment"; // Load balancing policy settings. // [#next-free-field: 6] message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment.Policy"; // [#not-implemented-hide:] message DropOverload { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload"; // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_len: 1}]; // Percentage of traffic that should be dropped for the category. type.v3.FractionalPercent drop_percentage = 2; } reserved 1, 5; reserved "disable_overprovisioning"; // Action to trim the overall incoming traffic to protect the upstream // hosts. This action allows protection in case the hosts are unable to // recover from an outage, or unable to autoscale or unable to handle // incoming traffic volume for any reason. // // At the client each category is applied one after the other to generate // the 'actual' drop percentage on all outgoing traffic. For example: // // .. code-block:: json // // { "drop_overloads": [ // { "category": "throttle", "drop_percentage": 60 } // { "category": "lb", "drop_percentage": 50 } // ]} // // The actual drop percentages applied to the traffic at the clients will be // "throttle"_drop = 60% // "lb"_drop = 20% // 50% of the remaining 'actual' load, which is 40%. // actual_outgoing_load = 20% // remaining after applying all categories. // [#not-implemented-hide:] repeated DropOverload drop_overloads = 2; // Priority levels and localities are considered overprovisioned with this // factor (in percentage). This means that we don't consider a priority // level or locality unhealthy until the fraction of healthy hosts // multiplied by the overprovisioning factor drops below 100. // With the default value 140(1.4), Envoy doesn't consider a priority level // or a locality unhealthy until their percentage of healthy hosts drops // below 72%. For example: // // .. code-block:: json // // { "overprovisioning_factor": 100 } // // Read more at :ref:`priority levels ` and // :ref:`localities `. google.protobuf.UInt32Value overprovisioning_factor = 3 [(validate.rules).uint32 = {gt: 0}]; // The max time until which the endpoints from this assignment can be used. // If no new assignments are received before this time expires the endpoints // are considered stale and should be marked unhealthy. // Defaults to 0 which means endpoints never go stale. google.protobuf.Duration endpoint_stale_after = 4 [(validate.rules).duration = {gt {}}]; } // Name of the cluster. This will be the :ref:`service_name // ` value if specified // in the cluster :ref:`EdsClusterConfig // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // List of endpoints to load balance to. repeated LocalityLbEndpoints endpoints = 2; // Map of named endpoints that can be referenced in LocalityLbEndpoints. // [#not-implemented-hide:] map named_endpoints = 5; // Load balancing policy settings. Policy policy = 4; } ================================================ FILE: api/envoy/config/endpoint/v3/endpoint_components.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "EndpointComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Endpoints] // Upstream host identifier. message Endpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.Endpoint"; // The optional health check configuration. message HealthCheckConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.Endpoint.HealthCheckConfig"; // Optional alternative health check port value. // // By default the health check address port of an upstream host is the same // as the host's serving address port. This provides an alternative health // check port. Setting this with a non-zero value allows an upstream host // to have different health check address port. uint32 port_value = 1 [(validate.rules).uint32 = {lte: 65535}]; // By default, the host header for L7 health checks is controlled by cluster level configuration // (see: :ref:`host ` and // :ref:`authority `). Setting this // to a non-empty value allows overriding the cluster level configuration for a specific // endpoint. string hostname = 2; } // The upstream host address. // // .. attention:: // // The form of host address depends on the given cluster type. For STATIC or EDS, // it is expected to be a direct IP address (or something resolvable by the // specified :ref:`resolver ` // in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname, // and will be resolved via DNS. core.v3.Address address = 1; // The optional health check configuration is used as configuration for the // health checker to contact the health checked host. // // .. attention:: // // This takes into effect only for upstream clusters with // :ref:`active health checking ` enabled. HealthCheckConfig health_check_config = 2; // The hostname associated with this endpoint. This hostname is not used for routing or address // resolution. If provided, it will be associated with the endpoint, and can be used for features // that require a hostname, like // :ref:`auto_host_rewrite `. string hostname = 3; } // An Endpoint that Envoy can route traffic to. // [#next-free-field: 6] message LbEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.LbEndpoint"; // Upstream host identifier or a named reference. oneof host_identifier { Endpoint endpoint = 1; // [#not-implemented-hide:] string endpoint_name = 5; } // Optional health status when known and supplied by EDS server. core.v3.HealthStatus health_status = 2; // The endpoint metadata specifies values that may be used by the load // balancer to select endpoints in a cluster for a given request. The filter // name should be specified as *envoy.lb*. An example boolean key-value pair // is *canary*, providing the optional canary status of the upstream host. // This may be matched against in a route's // :ref:`RouteAction ` metadata_match field // to subset the endpoints considered in cluster load balancing. core.v3.Metadata metadata = 3; // The optional load balancing weight of the upstream host; at least 1. // Envoy uses the load balancing weight in some of the built in load // balancers. The load balancing weight for an endpoint is divided by the sum // of the weights of all endpoints in the endpoint's locality to produce a // percentage of traffic for the endpoint. This percentage is then further // weighted by the endpoint's locality's load balancing weight from // LocalityLbEndpoints. If unspecified, each host is presumed to have equal // weight in a locality. The sum of the weights of all endpoints in the // endpoint's locality must not exceed uint32_t maximal value (4294967295). google.protobuf.UInt32Value load_balancing_weight = 4 [(validate.rules).uint32 = {gte: 1}]; } // A group of endpoints belonging to a Locality. // One can have multiple LocalityLbEndpoints for a locality, but this is // generally only done if the different groups need to have different load // balancing weights or different priorities. // [#next-free-field: 7] message LocalityLbEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.LocalityLbEndpoints"; // Identifies location of where the upstream hosts run. core.v3.Locality locality = 1; // The group of endpoints belonging to the locality specified. repeated LbEndpoint lb_endpoints = 2; // Optional: Per priority/region/zone/sub_zone weight; at least 1. The load // balancing weight for a locality is divided by the sum of the weights of all // localities at the same priority level to produce the effective percentage // of traffic for the locality. The sum of the weights of all localities at // the same priority level must not exceed uint32_t maximal value (4294967295). // // Locality weights are only considered when :ref:`locality weighted load // balancing ` is // configured. These weights are ignored otherwise. If no weights are // specified when locality weighted load balancing is enabled, the locality is // assigned no load. google.protobuf.UInt32Value load_balancing_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Optional: the priority for this LocalityLbEndpoints. If unspecified this will // default to the highest priority (0). // // Under usual circumstances, Envoy will only select endpoints for the highest // priority (0). In the event all endpoints for a particular priority are // unavailable/unhealthy, Envoy will fail over to selecting endpoints for the // next highest priority group. // // Priorities should range from 0 (highest) to N (lowest) without skipping. uint32 priority = 5 [(validate.rules).uint32 = {lte: 128}]; // Optional: Per locality proximity value which indicates how close this // locality is from the source locality. This value only provides ordering // information (lower the value, closer it is to the source locality). // This will be consumed by load balancing schemes that need proximity order // to determine where to route the requests. // [#not-implemented-hide:] google.protobuf.UInt32Value proximity = 6; } ================================================ FILE: api/envoy/config/endpoint/v3/load_report.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "LoadReportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Load Report] // These are stats Envoy reports to the management server at a frequency defined by // :ref:`LoadStatsResponse.load_reporting_interval`. // Stats per upstream region/zone and optionally per subzone. // [#next-free-field: 9] message UpstreamLocalityStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.UpstreamLocalityStats"; // Name of zone, region and optionally endpoint group these metrics were // collected from. Zone and region names could be empty if unknown. core.v3.Locality locality = 1; // The total number of requests successfully completed by the endpoints in the // locality. uint64 total_successful_requests = 2; // The total number of unfinished requests uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint, // aggregated over all endpoints in the locality. uint64 total_error_requests = 4; // The total number of requests that were issued by this Envoy since // the last report. This information is aggregated over all the // upstream endpoints in the locality. uint64 total_issued_requests = 8; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; // Endpoint granularity stats information for this locality. This information // is populated if the Server requests it by setting // :ref:`LoadStatsResponse.report_endpoint_granularity`. repeated UpstreamEndpointStats upstream_endpoint_stats = 7; // [#not-implemented-hide:] The priority of the endpoint group these metrics // were collected from. uint32 priority = 6; } // [#next-free-field: 8] message UpstreamEndpointStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.UpstreamEndpointStats"; // Upstream host address. core.v3.Address address = 1; // Opaque and implementation dependent metadata of the // endpoint. Envoy will pass this directly to the management server. google.protobuf.Struct metadata = 6; // The total number of requests successfully completed by the endpoints in the // locality. These include non-5xx responses for HTTP, where errors // originate at the client and the endpoint responded successfully. For gRPC, // the grpc-status values are those not covered by total_error_requests below. uint64 total_successful_requests = 2; // The total number of unfinished requests for this endpoint. uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint. // For HTTP these are responses with 5xx status codes and for gRPC the // grpc-status values: // // - DeadlineExceeded // - Unimplemented // - Internal // - Unavailable // - Unknown // - DataLoss uint64 total_error_requests = 4; // The total number of requests that were issued to this endpoint // since the last report. A single TCP connection, HTTP or gRPC // request or stream is counted as one request. uint64 total_issued_requests = 7; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; } message EndpointLoadMetricStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.EndpointLoadMetricStats"; // Name of the metric; may be empty. string metric_name = 1; // Number of calls that finished and included this metric. uint64 num_requests_finished_with_metric = 2; // Sum of metric values across all calls that finished with this metric for // load_reporting_interval. double total_metric_value = 3; } // Per cluster load stats. Envoy reports these stats a management server in a // :ref:`LoadStatsRequest` // Next ID: 7 // [#next-free-field: 7] message ClusterStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.ClusterStats"; message DroppedRequests { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.ClusterStats.DroppedRequests"; // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_len: 1}]; // Total number of deliberately dropped requests for the category. uint64 dropped_count = 2; } // The name of the cluster. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The eds_cluster_config service_name of the cluster. // It's possible that two clusters send the same service_name to EDS, // in that case, the management server is supposed to do aggregation on the load reports. string cluster_service_name = 6; // Need at least one. repeated UpstreamLocalityStats upstream_locality_stats = 2 [(validate.rules).repeated = {min_items: 1}]; // Cluster-level stats such as total_successful_requests may be computed by // summing upstream_locality_stats. In addition, below there are additional // cluster-wide stats. // // The total number of dropped requests. This covers requests // deliberately dropped by the drop_overload policy and circuit breaking. uint64 total_dropped_requests = 3; // Information about deliberately dropped requests for each category specified // in the DropOverload policy. repeated DroppedRequests dropped_requests = 5; // Period over which the actual load report occurred. This will be guaranteed to include every // request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy // and the *LoadStatsResponse* message sent from the management server, this may be longer than // the requested load reporting interval in the *LoadStatsResponse*. google.protobuf.Duration load_report_interval = 4; } ================================================ FILE: api/envoy/config/filter/README.md ================================================ Protocol buffer definitions for filters. Visibility of the definitions should be constrained to none except for shared definitions between explicitly enumerated filters (e.g. accesslog and fault definitions). ================================================ FILE: api/envoy/config/filter/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/accesslog/v2/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.filter.accesslog.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.accesslog.v2"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.accesslog.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common access log types] message AccessLog { // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. Built-in // configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Struct config = 3 [deprecated = true]; google.protobuf.Any typed_config = 4; } } // [#next-free-field: 12] message AccessLogFilter { oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; } } // Filter on an integer comparison. message ComparisonFilter { enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. api.v2.core.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { } // Filters for random sampling of requests. message RuntimeFilter { // Runtime key to get an optional overridden numerator for use in the *percent_sampled* field. // If found in runtime, this value will replace the default numerator. string runtime_key = 1 [(validate.rules).string = {min_bytes: 1}]; // The default sampling percentage. If not specified, defaults to 0% with denominator of 100. type.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being present. If // :ref:`x-request-id` is present, the filter will // consistently sample across multiple hosts based on the runtime key value and the value // extracted from :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will randomly sample based // on the runtime key value alone. *use_independent_randomness* can be used for logging kill // switches within complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to reason about // from a probability perspective (i.e., setting to true will cause the filter to behave like // an independent random variable when composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { // Only requests with a header which matches the specified HeaderMatcher will pass the filter // check. api.v2.route.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter :ref:`documentation`. message ResponseFlagFilter { // Only responses with the any of the flags listed in this field will be logged. // This field is optional. If it is not specified, then any response flag will pass // the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not provided, the // filter will infer the status from the HTTP status code. message GrpcStatusFilter { enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses with a gRPC status or // inferred gRPC status enumerated in statuses, and allow all other responses. bool exclude = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } ================================================ FILE: api/envoy/config/filter/dubbo/router/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/dubbo/router/v2alpha1/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.dubbo.router.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.dubbo.router.v2alpha1"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.router.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Router] // Dubbo router :ref:`configuration overview `. message Router { } ================================================ FILE: api/envoy/config/filter/fault/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/fault/v2/fault.proto ================================================ syntax = "proto3"; package envoy.config.filter.fault.v2; import "envoy/type/percent.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.fault.v2"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.common.fault.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common fault injection types] // Delay specification is used to inject latency into the // HTTP/gRPC/Mongo/Redis operation or delay proxying of TCP connections. // [#next-free-field: 6] message FaultDelay { enum FaultDelayType { // Unused and deprecated. FIXED = 0; } // Fault delays are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderDelay { } reserved 2; // Unused and deprecated. Will be removed in the next release. FaultDelayType type = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; oneof fault_delay_secifier { option (validate.required) = true; // Add a fixed delay before forwarding the operation upstream. See // https://developers.google.com/protocol-buffers/docs/proto3#json for // the JSON/YAML Duration mapping. For HTTP/Mongo/Redis, the specified // delay will be injected before a new request/operation. For TCP // connections, the proxying of the connection upstream will be delayed // for the specified period. This is required if type is FIXED. google.protobuf.Duration fixed_delay = 3 [(validate.rules).duration = {gt {}}]; // Fault delays are controlled via an HTTP header (if applicable). HeaderDelay header_delay = 5; } // The percentage of operations/connections/requests on which the delay will be injected. type.FractionalPercent percentage = 4; } // Describes a rate limit to be applied. message FaultRateLimit { // Describes a fixed/constant rate limit. message FixedLimit { // The limit supplied in KiB/s. uint64 limit_kbps = 1 [(validate.rules).uint64 = {gte: 1}]; } // Rate limits are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderLimit { } oneof limit_type { option (validate.required) = true; // A fixed rate limit. FixedLimit fixed_limit = 1; // Rate limits are controlled via an HTTP header (if applicable). HeaderLimit header_limit = 3; } // The percentage of operations/connections/requests on which the rate limit will be injected. type.FractionalPercent percentage = 2; } ================================================ FILE: api/envoy/config/filter/http/adaptive_concurrency/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/adaptive_concurrency/v2alpha/adaptive_concurrency.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.adaptive_concurrency.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/type/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.adaptive_concurrency.v2alpha"; option java_outer_classname = "AdaptiveConcurrencyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.adaptive_concurrency.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Adaptive Concurrency] // Adaptive Concurrency Control :ref:`configuration overview // `. // [#extension: envoy.filters.http.adaptive_concurrency] // Configuration parameters for the gradient controller. message GradientControllerConfig { // Parameters controlling the periodic recalculation of the concurrency limit from sampled request // latencies. message ConcurrencyLimitCalculationParams { // The allowed upper-bound on the calculated concurrency limit. Defaults to 1000. google.protobuf.UInt32Value max_concurrency_limit = 2 [(validate.rules).uint32 = {gt: 0}]; // The period of time samples are taken to recalculate the concurrency limit. google.protobuf.Duration concurrency_update_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } // Parameters controlling the periodic minRTT recalculation. // [#next-free-field: 6] message MinimumRTTCalculationParams { // The time interval between recalculating the minimum request round-trip time. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gt {} }]; // The number of requests to aggregate/sample during the minRTT recalculation window before // updating. Defaults to 50. google.protobuf.UInt32Value request_count = 2 [(validate.rules).uint32 = {gt: 0}]; // Randomized time delta that will be introduced to the start of the minRTT calculation window. // This is represented as a percentage of the interval duration. Defaults to 15%. // // Example: If the interval is 10s and the jitter is 15%, the next window will begin // somewhere in the range (10s - 11.5s). type.Percent jitter = 3; // The concurrency limit set while measuring the minRTT. Defaults to 3. google.protobuf.UInt32Value min_concurrency = 4 [(validate.rules).uint32 = {gt: 0}]; // Amount added to the measured minRTT to add stability to the concurrency limit during natural // variability in latency. This is expressed as a percentage of the measured value and can be // adjusted to allow more or less tolerance to the sampled latency values. // // Defaults to 25%. type.Percent buffer = 5; } // The percentile to use when summarizing aggregated samples. Defaults to p50. type.Percent sample_aggregate_percentile = 1; ConcurrencyLimitCalculationParams concurrency_limit_params = 2 [(validate.rules).message = {required: true}]; MinimumRTTCalculationParams min_rtt_calc_params = 3 [(validate.rules).message = {required: true}]; } message AdaptiveConcurrency { oneof concurrency_controller_config { option (validate.required) = true; // Gradient concurrency control will be used. GradientControllerConfig gradient_controller_config = 1 [(validate.rules).message = {required: true}]; } // If set to false, the adaptive concurrency filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. api.v2.core.RuntimeFeatureFlag enabled = 2; } ================================================ FILE: api/envoy/config/filter/http/aws_lambda/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/aws_lambda/v2alpha/aws_lambda.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.aws_lambda.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.aws_lambda.v2alpha"; option java_outer_classname = "AwsLambdaProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.aws_lambda.v3"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AWS Lambda] // AWS Lambda :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_lambda] // AWS Lambda filter config message Config { enum InvocationMode { // This is the more common mode of invocation, in which Lambda responds after it has completed the function. In // this mode the output of the Lambda function becomes the response of the HTTP request. SYNCHRONOUS = 0; // In this mode Lambda responds immediately but continues to process the function asynchronously. This mode can be // used to signal events for example. In this mode, Lambda responds with an acknowledgment that it received the // call which is translated to an HTTP 200 OK by the filter. ASYNCHRONOUS = 1; } // The ARN of the AWS Lambda to invoke when the filter is engaged // Must be in the following format: // arn::lambda:::function: string arn = 1 [(validate.rules).string = {min_len: 1}]; // Whether to transform the request (headers and body) to a JSON payload or pass it as is. bool payload_passthrough = 2; // Determines the way to invoke the Lambda function. InvocationMode invocation_mode = 3 [(validate.rules).enum = {defined_only: true}]; } // Per-route configuration for AWS Lambda. This can be useful when invoking a different Lambda function or a different // version of the same Lambda depending on the route. message PerRouteConfig { Config invoke_config = 1; } ================================================ FILE: api/envoy/config/filter/http/aws_request_signing/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/aws_request_signing/v2alpha/aws_request_signing.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.aws_request_signing.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.aws_request_signing.v2alpha"; option java_outer_classname = "AwsRequestSigningProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.aws_request_signing.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AwsRequestSigning] // AwsRequestSigning :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_request_signing] // Top level configuration for the AWS request signing filter. message AwsRequestSigning { // The `service namespace // `_ // of the HTTP endpoint. // // Example: s3 string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The `region `_ hosting the HTTP // endpoint. // // Example: us-west-2 string region = 2 [(validate.rules).string = {min_bytes: 1}]; // Indicates that before signing headers, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both signing and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for signing whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 3; } ================================================ FILE: api/envoy/config/filter/http/buffer/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/buffer/v2/buffer.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.buffer.v2; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.buffer.v2"; option java_outer_classname = "BufferProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.buffer.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Buffer] // Buffer :ref:`configuration overview `. // [#extension: envoy.filters.http.buffer] message Buffer { reserved 2; // The maximum request size that the filter will buffer before the connection // manager will stop buffering and return a 413 response. google.protobuf.UInt32Value max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}, (validate.rules).message = {required: true}]; } message BufferPerRoute { oneof override { option (validate.required) = true; // Disable the buffer filter for this particular vhost or route. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Override the global configuration of the filter with this new config. Buffer buffer = 2 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/config/filter/http/cache/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/cache/v2alpha/cache.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.cache.v2alpha; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.cache.v2alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.cache.v3alpha"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated api.v2.route.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated api.v2.route.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: api/envoy/config/filter/http/compressor/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/compressor/v2/compressor.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.compressor.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.compressor.v2"; option java_outer_classname = "CompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.compressor.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Compressor] // [#next-free-field: 6] message Compressor { // Minimum response length, in bytes, which will trigger compression. The default value is 30. google.protobuf.UInt32Value content_length = 1; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml" // and their synonyms. repeated string content_type = 2; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. bool disable_on_etag_header = 3; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // To avoid interfering with other compression filters in the same chain use this option in // the filter closest to the upstream. bool remove_accept_encoding_header = 4; // Runtime flag that controls whether the filter is enabled or not. If set to false, the // filter will operate as a pass-through filter. If not specified, defaults to enabled. api.v2.core.RuntimeFeatureFlag runtime_enabled = 5; } ================================================ FILE: api/envoy/config/filter/http/cors/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/cors/v2/cors.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.cors.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.cors.v2"; option java_outer_classname = "CorsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.cors.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Cors] // CORS Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.cors] // Cors filter config. message Cors { } ================================================ FILE: api/envoy/config/filter/http/csrf/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/csrf/v2/csrf.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.csrf.v2; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/string.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.csrf.v2"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.csrf.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. api.v2.core.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. api.v2.core.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.StringMatcher additional_origins = 3; } ================================================ FILE: api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.dynamic_forward_proxy.v2alpha; import "envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "DynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy] // Configuration for the dynamic forward proxy HTTP filter. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.filters.http.dynamic_forward_proxy] message FilterConfig { // The DNS cache configuration that the filter will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy cluster configuration // `. common.dynamic_forward_proxy.v2alpha.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } // Per route Configuration for the dynamic forward proxy HTTP filter. message PerRouteConfig { oneof host_rewrite_specifier { // Indicates that before DNS lookup, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 1 [(udpa.annotations.field_migrate).rename = "host_rewrite_literal"]; // Indicates that before DNS lookup, the host header will be swapped with // the value of this header. If not set or empty, the original host header // value will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite header ` // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. string auto_host_rewrite_header = 2 [(udpa.annotations.field_migrate).rename = "host_rewrite_header"]; } } ================================================ FILE: api/envoy/config/filter/http/dynamo/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/dynamo/v2/dynamo.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.dynamo.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.dynamo.v2"; option java_outer_classname = "DynamoProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.dynamo.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamo] // Dynamo :ref:`configuration overview `. // [#extension: envoy.filters.http.dynamo] // Dynamo filter config. message Dynamo { } ================================================ FILE: api/envoy/config/filter/http/ext_authz/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/ext_authz/v2/ext_authz.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.ext_authz.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/grpc_service.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/type/http_status.proto"; import "envoy/type/matcher/string.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.ext_authz.v2"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ext_authz.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 12] message ExtAuthz { // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). api.v2.core.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Sets the package version the gRPC service should use. This is particularly // useful when transitioning from alpha to release versions assuming that both definitions are // semantically compatible. Deprecation note: This field is deprecated and should only be used for // version upgrade. See release notes for more details. bool use_alpha = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. api.v2.core.RuntimeFractionalPercent filter_enabled = 9; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. api.v2.core.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; } // Configuration for buffering the request data. message BufferSettings { // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. api.v2.core.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated api.v2.core.HeaderValue headers_to_add = 2; } message AuthorizationResponse { // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. You can use this to provide extra context for the // external authorization server on specific virtual hosts \ routes. For example, adding a context // extension on the virtual host level can give the ext-authz server information on what virtual // host is used without needing to parse the host header. If CheckSettings is specified in multiple // per-filter-configs, they will be merged in order, and the result will be used. message CheckSettings { // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; } ================================================ FILE: api/envoy/config/filter/http/fault/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/fault/v2/fault.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.fault.v2; import "envoy/api/v2/route/route_components.proto"; import "envoy/config/filter/fault/v2/fault.proto"; import "envoy/type/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.fault.v2"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.fault.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] message FaultAbort { // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.FractionalPercent percentage = 3; } // [#next-free-field: 14] message HTTPFault { // If specified, the filter will inject delays based on the values in the // object. filter.fault.v2.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated api.v2.route.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. filter.fault.v2.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; } ================================================ FILE: api/envoy/config/filter/http/grpc_http1_bridge/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/grpc_http1_bridge/v2/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_http1_bridge.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_bridge.v2"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_http1_bridge.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC HTTP/1.1 Bridge] // gRPC HTTP/1.1 Bridge Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_http1_bridge] // gRPC HTTP/1.1 Bridge filter config. message Config { } ================================================ FILE: api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC HTTP/1.1 Reverse Bridge] // gRPC HTTP/1.1 Reverse Bridge :ref:`configuration overview // `. // [#extension: envoy.filters.http.grpc_http1_reverse_bridge] // gRPC reverse bridge filter configuration message FilterConfig { // The content-type to pass to the upstream when the gRPC bridge filter is applied. // The filter will also validate that the upstream responds with the same content type. string content_type = 1 [(validate.rules).string = {min_bytes: 1}]; // If true, Envoy will assume that the upstream doesn't understand gRPC frames and // strip the gRPC frame from the request, and add it back in to the response. This will // hide the gRPC semantics from the upstream, allowing it to receive and respond with a // simple binary encoded protobuf. bool withhold_grpc_frames = 2; } // gRPC reverse bridge filter configuration per virtualhost/route/weighted-cluster level. message FilterConfigPerRoute { // If true, disables gRPC reverse bridge filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1; } ================================================ FILE: api/envoy/config/filter/http/grpc_stats/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/grpc_stats/v2alpha/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_stats.v2alpha; import "envoy/api/v2/core/grpc_method_list.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_stats.v2alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_stats.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC statistics] gRPC statistics filter // :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_stats] // gRPC statistics filter configuration message FilterConfig { // If true, the filter maintains a filter state object with the request and response message // counts. bool emit_filter_state = 1; oneof per_method_stat_specifier { // If set, specifies an allowlist of service/methods that will have individual stats // emitted for them. Any call that does not match the allowlist will be counted // in a stat with no method specifier: `cluster..grpc.*`. api.v2.core.GrpcMethodList individual_method_stats_allowlist = 2; // If set to true, emit stats for all service/method names. // // If set to false, emit stats for all service/message types to the same stats without including // the service/method in the name, with prefix `cluster..grpc`. This can be useful if // service/method granularity is not needed, or if each cluster only receives a single method. // // .. attention:: // This option is only safe if all clients are trusted. If this option is enabled // with untrusted clients, the clients could cause unbounded growth in the number of stats in // Envoy, using unbounded memory and potentially slowing down stats pipelines. // // .. attention:: // If neither `individual_method_stats_allowlist` nor `stats_for_all_methods` is set, the // behavior will default to `stats_for_all_methods=true`. This default value is deprecated, // and in a future release, if neither field is set, it will default to // `stats_for_all_methods=false` in order to be safe by default. This behavior can be // controlled with runtime override // `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. google.protobuf.BoolValue stats_for_all_methods = 3; } } // gRPC statistics filter state object in protobuf form. message FilterObject { // Count of request messages in the request stream. uint64 request_message_count = 1; // Count of response messages in the response stream. uint64 response_message_count = 2; } ================================================ FILE: api/envoy/config/filter/http/grpc_web/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/grpc_web/v2/grpc_web.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_web.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_web.v2"; option java_outer_classname = "GrpcWebProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_web.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Web] // gRPC Web :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_web] // gRPC Web filter config. message GrpcWeb { } ================================================ FILE: api/envoy/config/filter/http/gzip/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/compressor/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/gzip/v2/gzip.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.gzip.v2; import "envoy/config/filter/http/compressor/v2/compressor.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.gzip.v2"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.gzip.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Gzip] // Gzip :ref:`configuration overview `. // [#extension: envoy.filters.http.gzip] // [#next-free-field: 11] message Gzip { enum CompressionStrategy { DEFAULT = 0; FILTERED = 1; HUFFMAN = 2; RLE = 3; } message CompressionLevel { enum Enum { DEFAULT = 0; BEST = 1; SPEED = 2; } } // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // Minimum response length, in bytes, which will trigger compression. The default value is 30. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. google.protobuf.UInt32Value content_length = 2 [deprecated = true]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST" provides higher compression at the cost of // higher latency, "SPEED" provides lower compression with minimum impact on response time. // "DEFAULT" provides an optimal result between speed and compression. This field will be set to // "DEFAULT" if not specified. CompressionLevel.Enum compression_level = 3 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT" will be the best choice, though // there are situations which changing this parameter might produce better results. For example, // run-length encoding (RLE) is typically used when the content is known for having sequences // which same data occurs many consecutive times. For more information about each strategy, please // refer to zlib manual. CompressionStrategy compression_strategy = 4 [(validate.rules).enum = {defined_only: true}]; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml". // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. repeated string content_type = 6 [deprecated = true]; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. bool disable_on_etag_header = 7 [deprecated = true]; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. bool remove_accept_encoding_header = 8 [deprecated = true]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 9 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Set of configuration parameters common for all compression filters. If this field is set then // the fields `content_length`, `content_type`, `disable_on_etag_header` and // `remove_accept_encoding_header` are ignored. compressor.v2.Compressor compressor = 10; } ================================================ FILE: api/envoy/config/filter/http/header_to_metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.header_to_metadata.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.header_to_metadata.v2"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.header_to_metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 6] message KeyValuePair { // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_bytes: 1}]; // The value to pair with the given key. // // When used for a `on_header_present` case, if value is non-empty it'll be used // instead of the header value. If both are empty, no metadata is added. // // When used for a `on_header_missing` case, a non-empty value must be provided // otherwise no metadata is added. string value = 3; // The value's type — defaults to string. ValueType type = 4; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. message Rule { // The header that triggers this rule — required. string header = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If the header is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header value. KeyValuePair on_header_present = 2; // If the header is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header value. KeyValuePair on_header_missing = 3; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: api/envoy/config/filter/http/health_check/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/health_check/v2/health_check.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.health_check.v2; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.health_check.v2"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.health_check.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated api.v2.route.HeaderMatcher headers = 5; } ================================================ FILE: api/envoy/config/filter/http/ip_tagging/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/ip_tagging/v2/ip_tagging.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.ip_tagging.v2; import "envoy/api/v2/core/address.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.ip_tagging.v2"; option java_outer_classname = "IpTaggingProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ip_tagging.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: IP tagging] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.ip_tagging] message IPTagging { // The type of requests the filter should apply to. The supported types // are internal, external or both. The // :ref:`x-forwarded-for` header is // used to determine if a request is internal and will result in // :ref:`x-envoy-internal` // being set. The filter defaults to both, and it will apply to all request types. enum RequestType { // Both external and internal requests will be tagged. This is the default value. BOTH = 0; // Only internal requests will be tagged. INTERNAL = 1; // Only external requests will be tagged. EXTERNAL = 2; } // Supplies the IP tag name and the IP address subnets. message IPTag { // Specifies the IP tag name to apply. string ip_tag_name = 1; // A list of IP address subnets that will be tagged with // ip_tag_name. Both IPv4 and IPv6 are supported. repeated api.v2.core.CidrRange ip_list = 2; } // The type of request the filter should apply to. RequestType request_type = 1 [(validate.rules).enum = {defined_only: true}]; // [#comment:TODO(ccaraman): Extend functionality to load IP tags from file system. // Tracked by issue https://github.com/envoyproxy/envoy/issues/2695] // The set of IP tags for the filter. repeated IPTag ip_tags = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/filter/http/jwt_authn/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/jwt_authn/v2alpha/README.md ================================================ # JWT Authentication HTTP filter config ## Overview 1. The proto file in this folder defines an HTTP filter config for "jwt_authn" filter. 2. This filter will verify the JWT in the HTTP request as: - The signature should be valid - JWT should not be expired - Issuer and audiences are valid and specified in the filter config. 3. [JWK](https://tools.ietf.org/html/rfc7517#appendix-A) is needed to verify JWT signature. It can be fetched from a remote server or read from a local file. If the JWKS is fetched remotely, it will be cached by the filter. 3. If a JWT is valid, the user is authenticated and the request will be forwarded to the backend server. If a JWT is not valid, the request will be rejected with an error message. ## The locations to extract JWT JWT will be extracted from the HTTP headers or query parameters. The default location is the HTTP header: ``` Authorization: Bearer ``` The next default location is in the query parameter as: ``` ?access_token= ``` If a custom location is desired, `from_headers` or `from_params` can be used to specify custom locations to extract JWT. ## HTTP header to pass successfully verified JWT If a JWT is valid, its payload will be passed to the backend in a new HTTP header specified in `forward_payload_header` field. Its value is base64url-encoded JWT payload in JSON. ## Further header options In addition to the `name` field, which specifies the HTTP header name, the `from_headers` section can specify an optional `value_prefix` value, as in: ```yaml from_headers: - name: bespoke value_prefix: jwt_value ``` The above will cause the jwt_authn filter to look for the JWT in the `bespoke` header, following the tag `jwt_value`. Any non-JWT characters (i.e., anything _other than_ alphanumerics, `_`, `-`, and `.`) will be skipped, and all following, contiguous, JWT-legal chars will be taken as the JWT. This means all of the following will return a JWT of `eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk`: ```text bespoke: jwt_value=eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk bespoke: {"jwt_value": "eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk"} bespoke: beta:true,jwt_value:"eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk",trace=1234 ``` The header `name` may be `Authorization`. The `value_prefix` must match exactly, i.e., case-sensitively. If the `value_prefix` is not found, the header is skipped: not considered as a source for a JWT token. If there are no JWT-legal characters after the `value_prefix`, the entire string after it is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. ================================================ FILE: api/envoy/config/filter/http/jwt_authn/v2alpha/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.jwt_authn.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.jwt_authn.v2alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.jwt_authn.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_bytes: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // api.v2.core.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // api.v2.core.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { // The HTTP header name. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2; } // Specify a required provider with audiences. message ProviderWithAudiences { // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // api.v2.route.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: api/envoy/config/filter/http/lua/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/lua/v2/lua.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.lua.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.lua.v2"; option java_outer_classname = "LuaProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.lua.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Lua] // Lua :ref:`configuration overview `. // [#extension: envoy.filters.http.lua] message Lua { // The Lua code that Envoy will execute. This can be a very small script that // further loads code from disk if desired. Note that if JSON configuration is used, the code must // be properly escaped. YAML configuration may be easier to read since YAML supports multi-line // strings so complex scripts can be easily expressed inline in the configuration. string inline_code = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: api/envoy/config/filter/http/on_demand/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/on_demand/v2/on_demand.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.on_demand.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.on_demand.v2"; option java_outer_classname = "OnDemandProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.on_demand.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: OnDemand] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.on_demand] message OnDemand { } ================================================ FILE: api/envoy/config/filter/http/original_src/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/original_src/v2alpha1/original_src.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.original_src.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.original_src.v2alpha1"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.original_src.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // The Original Src filter binds upstream connections to the original source address determined // for the request. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. // [#extension: envoy.filters.http.original_src] message OriginalSrc { // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 1; } ================================================ FILE: api/envoy/config/filter/http/rate_limit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/rate_limit/v2/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.rate_limit.v2; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.rate_limit.v2"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.ratelimit] // [#next-free-field: 8] message RateLimit { // The rate limit domain to use when calling the rate limit service. string domain = 1 [(validate.rules).string = {min_bytes: 1}]; // Specifies the rate limit configurations to be applied with the same // stage number. If not set, the default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The type of requests the filter should apply to. The supported // types are *internal*, *external* or *both*. A request is considered internal if // :ref:`x-envoy-internal` is set to true. If // :ref:`x-envoy-internal` is not set or false, a // request is considered external. The filter defaults to *both*, and it will apply to all request // types. string request_type = 3 [(validate.rules).string = {in: "internal" in: "external" in: "both" in: ""}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Specifies whether a `RESOURCE_EXHAUSTED` gRPC code must be returned instead // of the default `UNAVAILABLE` gRPC code for a rate limited gRPC call. The // HTTP code will be 200 for a gRPC response. bool rate_limited_as_resource_exhausted = 6; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 7 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/filter/http/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.rbac.v2; import "envoy/config/rbac/v2/rbac.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.rbac.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v2.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v2.RBAC shadow_rules = 2; } message RBACPerRoute { reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: api/envoy/config/filter/http/router/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/router/v2/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.router.v2; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.router.v2"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.router.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated accesslog.v2.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: api/envoy/config/filter/http/squash/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/squash/v2/squash.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.squash.v2; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.squash.v2"; option java_outer_classname = "SquashProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.squash.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Squash] // Squash :ref:`configuration overview `. // [#extension: envoy.filters.http.squash] // [#next-free-field: 6] message Squash { // The name of the cluster that hosts the Squash server. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // When the filter requests the Squash server to create a DebugAttachment, it will use this // structure as template for the body of the request. It can contain reference to environment // variables in the form of '{{ ENV_VAR_NAME }}'. These can be used to provide the Squash server // with more information to find the process to attach the debugger to. For example, in a // Istio/k8s environment, this will contain information on the pod: // // .. code-block:: json // // { // "spec": { // "attachment": { // "pod": "{{ POD_NAME }}", // "namespace": "{{ POD_NAMESPACE }}" // }, // "match_request": true // } // } // // (where POD_NAME, POD_NAMESPACE are configured in the pod via the Downward API) google.protobuf.Struct attachment_template = 2; // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. google.protobuf.Duration request_timeout = 3; // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 // seconds. google.protobuf.Duration attachment_timeout = 4; // Amount of time to poll for the status of the attachment object in the Squash server // (to check if has been attached). Defaults to 1 second. google.protobuf.Duration attachment_poll_period = 5; } ================================================ FILE: api/envoy/config/filter/http/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/http/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.tap.v2alpha; import "envoy/config/common/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { // Common configuration for the HTTP tap filter. common.tap.v2alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/filter/http/transcoder/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/http/transcoder/v2/transcoder.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.transcoder.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.transcoder.v2"; option java_outer_classname = "TranscoderProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_json_transcoder.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC-JSON transcoder] // gRPC-JSON transcoder :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_json_transcoder] // [#next-free-field: 10] message GrpcJsonTranscoder { message PrintOptions { // Whether to add spaces, line breaks and indentation to make the JSON // output easy to read. Defaults to false. bool add_whitespace = 1; // Whether to always print primitive fields. By default primitive // fields with default values will be omitted in JSON output. For // example, an int32 field set to 0 will be omitted. Setting this flag to // true will override the default behavior and print primitive fields // regardless of their values. Defaults to false. bool always_print_primitive_fields = 2; // Whether to always print enums as ints. By default they are rendered // as strings. Defaults to false. bool always_print_enums_as_ints = 3; // Whether to preserve proto field names. By default protobuf will // generate JSON field names using the ``json_name`` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. bool preserve_proto_field_names = 4; } oneof descriptor_set { option (validate.required) = true; // Supplies the filename of // :ref:`the proto descriptor set ` for the gRPC // services. string proto_descriptor = 1; // Supplies the binary content of // :ref:`the proto descriptor set ` for the gRPC // services. bytes proto_descriptor_bin = 4; } // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than // the service names specified here, but they won't be translated. repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; // Control options for response JSON. These options are passed directly to // `JsonPrintOptions `_. PrintOptions print_options = 3; // Whether to keep the incoming request route after the outgoing headers have been transformed to // the match the upstream gRPC service. Note: This means that routes for gRPC services that are // not transcoded cannot be used in combination with *match_incoming_request_route*. bool match_incoming_request_route = 5; // A list of query parameters to be ignored for transcoding method mapping. // By default, the transcoder filter will not transcode a request if there are any // unknown/invalid query parameters. // // Example : // // .. code-block:: proto // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) { // option (google.api.http) = { // get: "/shelves/{shelf}" // }; // } // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow // the same request to be mapped to ``GetShelf``. repeated string ignored_query_parameters = 6; // Whether to route methods without the ``google.api.http`` option. // // Example : // // .. code-block:: proto // // package bookstore; // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) {} // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. bool auto_mapping = 7; // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do // not know them beforehand. Otherwise use ``ignored_query_parameters``. // Defaults to false. bool ignore_unknown_query_parameters = 8; // Whether to convert gRPC status headers to JSON. // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` // from the ``grpc-status-details-bin`` header and use it as JSON body. // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and // ``grpc-message`` headers. // The error details types must be present in the ``proto_descriptor``. // // For example, if an upstream server replies with headers: // // .. code-block:: none // // grpc-status: 5 // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message // ``google.rpc.Status``. It will be transcoded into: // // .. code-block:: none // // HTTP/1.1 404 Not Found // content-type: application/json // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // // In order to transcode the message, the ``google.rpc.RequestInfo`` type from // the ``google/rpc/error_details.proto`` should be included in the configured // :ref:`proto descriptor set `. bool convert_grpc_status = 9; } ================================================ FILE: api/envoy/config/filter/listener/http_inspector/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/listener/http_inspector/v2/http_inspector.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.http_inspector.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.http_inspector.v2"; option java_outer_classname = "HttpInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.http_inspector.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Inspector Filter] // Detect whether the application protocol is HTTP. // [#extension: envoy.filters.listener.http_inspector] message HttpInspector { } ================================================ FILE: api/envoy/config/filter/listener/original_dst/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/listener/original_dst/v2/original_dst.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.original_dst.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.original_dst.v2"; option java_outer_classname = "OriginalDstProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.original_dst.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Dst Filter] // Use the Original destination address on downstream connections. // [#extension: envoy.filters.listener.original_dst] message OriginalDst { } ================================================ FILE: api/envoy/config/filter/listener/original_src/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/listener/original_src/v2alpha1/original_src.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.original_src.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.original_src.v2alpha1"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.original_src.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // [#extension: envoy.filters.listener.original_src] // The Original Src filter binds upstream connections to the original source address determined // for the connection. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. message OriginalSrc { // Whether to bind the port to the one used in the original downstream connection. // [#not-implemented-hide:] bool bind_port = 1; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 2; } ================================================ FILE: api/envoy/config/filter/listener/proxy_protocol/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/listener/proxy_protocol/v2/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.proxy_protocol.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.proxy_protocol.v2"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.proxy_protocol.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Proxy Protocol Filter] // PROXY protocol listener filter. // [#extension: envoy.filters.listener.proxy_protocol] message ProxyProtocol { } ================================================ FILE: api/envoy/config/filter/listener/tls_inspector/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/listener/tls_inspector/v2/tls_inspector.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.tls_inspector.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.tls_inspector.v2"; option java_outer_classname = "TlsInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.tls_inspector.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TLS Inspector Filter] // Allows detecting whether the transport appears to be TLS or plaintext. // [#extension: envoy.filters.listener.tls_inspector] message TlsInspector { } ================================================ FILE: api/envoy/config/filter/network/client_ssl_auth/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.client_ssl_auth.v2; import "envoy/api/v2/core/address.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.client_ssl_auth.v2"; option java_outer_classname = "ClientSslAuthProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.client_ssl_auth.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Client TLS authentication] // Client TLS authentication // :ref:`configuration overview `. // [#extension: envoy.filters.network.client_ssl_auth] message ClientSSLAuth { // The :ref:`cluster manager ` cluster that runs // the authentication service. The filter will connect to the service every 60s to fetch the list // of principals. The service must support the expected :ref:`REST API // `. string auth_api_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 2 [(validate.rules).string = {min_bytes: 1}]; // Time in milliseconds between principal refreshes from the // authentication service. Default is 60000 (60s). The actual fetch time // will be this value plus a random jittered value between // 0-refresh_delay_ms milliseconds. google.protobuf.Duration refresh_delay = 3; // An optional list of IP address and subnet masks that should be white // listed for access by the filter. If no list is provided, there is no // IP allowlist. repeated api.v2.core.CidrRange ip_white_list = 4; } ================================================ FILE: api/envoy/config/filter/network/direct_response/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/direct_response/v2/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.direct_response.v2; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.direct_response.v2"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.direct_response.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Direct response] // Direct response :ref:`configuration overview `. // [#extension: envoy.filters.network.direct_response] message Config { // Response data as a data source. api.v2.core.DataSource response = 1; } ================================================ FILE: api/envoy/config/filter/network/dubbo_proxy/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/dubbo_proxy/v2alpha1/README.md ================================================ Protocol buffer definitions for the Dubbo proxy. ================================================ FILE: api/envoy/config/filter/network/dubbo_proxy/v2alpha1/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.dubbo_proxy.v2alpha1; import "envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.dubbo_proxy.v2alpha1"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: api/envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.dubbo_proxy.v2alpha1; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/range.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.dubbo_proxy.v2alpha1"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated api.v2.route.HeaderMatcher headers = 2; } message RouteAction { oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. api.v2.route.WeightedCluster weighted_clusters = 2; } } message MethodMatch { // The parameter matching type. message ParameterMatchSpecifier { oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.Int64Range range_match = 4; } } // The name of the method. type.matcher.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: api/envoy/config/filter/network/echo/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/network/echo/v2/echo.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.echo.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.echo.v2"; option java_outer_classname = "EchoProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.echo.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Echo] // Echo :ref:`configuration overview `. // [#extension: envoy.filters.network.echo] message Echo { } ================================================ FILE: api/envoy/config/filter/network/ext_authz/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/ext_authz/v2/ext_authz.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.ext_authz.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.ext_authz.v2"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.ext_authz.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. message ExtAuthz { // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. api.v2.core.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; } ================================================ FILE: api/envoy/config/filter/network/http_connection_manager/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.http_connection_manager.v2; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/protocol.proto"; import "envoy/api/v2/route.proto"; import "envoy/api/v2/scoped_route.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/config/trace/v2/http_tracer.proto"; import "envoy/type/percent.proto"; import "envoy/type/tracing/v2/custom_tag.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.http_connection_manager.v2"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.http_connection_manager.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 37] message HttpConnectionManager { enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } // The span name will be derived from this field. If // :ref:`traffic_direction ` is // specified on the parent listener, then it is used instead of this field. // // .. attention:: // This field has been deprecated in favor of `traffic_direction`. OperationName operation_name = 1 [ deprecated = true, (validate.rules).enum = {defined_only: true}, (envoy.annotations.disallowed_by_default) = true ]; // A list of header names used to create tags for the active span. The header name is used to // populate the tag name, and the header value is used to populate the tag value. The tag is // created if the specified header name is present in the request's headers. // // .. attention:: // This field has been deprecated in favor of :ref:`custom_tags // `. repeated string request_headers_for_tags = 2 [deprecated = true]; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v2.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. trace.v2.Tracing.Http provider = 9; } message InternalAddressConfig { // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_bytes: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. api.v2.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. api.v2.core.HttpProtocolOptions common_http_protocol_options = 35; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. api.v2.core.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. api.v2.core.Http2ProtocolOptions http2_protocol_options = 9; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The idle timeout for connections managed by the connection manager. The // idle timeout is defined as the period in which there are no active // requests. If not set, there is no idle timeout. When the idle timeout is // reached the connection will be closed. If the connection is an HTTP/2 // connection a drain sequence will occur prior to closing the connection. // This field is deprecated. Use :ref:`idle_timeout // ` // instead. google.protobuf.Duration idle_timeout = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to this corner // case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated accesslog.v2.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; } message Rds { // Configuration source specifier for RDS. api.v2.core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2 [(validate.rules).string = {min_bytes: 1}]; } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { repeated api.v2.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { // Specifies a header field's key value pair to match on. message KvElement { // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_bytes: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_bytes: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. api.v2.core.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { // Configuration source specifier for scoped RDS. api.v2.core.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } message HttpFilter { reserved 3; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 4; } } message RequestIDExtension { // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: api/envoy/config/filter/network/kafka_broker/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/network/kafka_broker/v2alpha1/kafka_broker.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.kafka_broker.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.kafka_broker.v2alpha1"; option java_outer_classname = "KafkaBrokerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.kafka_broker.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Kafka Broker] // Kafka Broker :ref:`configuration overview `. // [#extension: envoy.filters.network.kafka_broker] message KafkaBroker { // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: api/envoy/config/filter/network/local_rate_limit/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/local_rate_limit/v2alpha/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.local_rate_limit.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/type/token_bucket.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.local_rate_limit.v2alpha"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.local_ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Local rate limit] // Local rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.local_ratelimit] message LocalRateLimit { // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The token bucket configuration to use for rate limiting connections that are processed by the // filter's filter chain. Each incoming connection processed by the filter consumes a single // token. If the token is available, the connection will be allowed. If no tokens are available, // the connection will be immediately closed. // // .. note:: // In the current implementation each filter and filter chain has an independent rate limit. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults // to enabled. api.v2.core.RuntimeFeatureFlag runtime_enabled = 3; } ================================================ FILE: api/envoy/config/filter/network/mongo_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/fault/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.mongo_proxy.v2; import "envoy/config/filter/fault/v2/fault.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.mongo_proxy.v2"; option java_outer_classname = "MongoProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.mongo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Mongo proxy] // MongoDB :ref:`configuration overview `. // [#extension: envoy.filters.network.mongo_proxy] message MongoProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The optional path to use for writing Mongo access logs. If not access log // path is specified no access logs will be written. Note that access log is // also gated :ref:`runtime `. string access_log = 2; // Inject a fixed delay before proxying a Mongo operation. Delays are // applied to the following MongoDB operations: Query, Insert, GetMore, // and KillCursors. Once an active delay is in progress, all incoming // data up until the timer event fires will be a part of the delay. fault.v2.FaultDelay delay = 3; // Flag to specify whether :ref:`dynamic metadata // ` should be emitted. Defaults to false. bool emit_dynamic_metadata = 4; } ================================================ FILE: api/envoy/config/filter/network/mysql_proxy/v1alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/network/mysql_proxy/v1alpha1/mysql_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.mysql_proxy.v1alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.mysql_proxy.v1alpha1"; option java_outer_classname = "MysqlProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.mysql_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: MySQL proxy] // MySQL Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.mysql_proxy] message MySQLProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] The optional path to use for writing MySQL access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; } ================================================ FILE: api/envoy/config/filter/network/rate_limit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/ratelimit:pkg", "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/rate_limit/v2/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.rate_limit.v2; import "envoy/api/v2/ratelimit/ratelimit.proto"; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.rate_limit.v2"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.ratelimit] // [#next-free-field: 7] message RateLimit { // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The rate limit domain to use in the rate limit service request. string domain = 2 [(validate.rules).string = {min_bytes: 1}]; // The rate limit descriptor list to use in the rate limit service request. repeated api.v2.ratelimit.RateLimitDescriptor descriptors = 3 [(validate.rules).repeated = {min_items: 1}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 6 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/filter/network/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.rbac.v2; import "envoy/config/rbac/v2/rbac.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.rbac.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v2.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v2.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_bytes: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: api/envoy/config/filter/network/redis_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.redis_proxy.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.redis_proxy.v2"; option java_outer_classname = "RedisProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.redis_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Redis Proxy] // Redis Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.redis_proxy] // [#next-free-field: 7] message RedisProxy { // Redis connection pool settings. // [#next-free-field: 9] message ConnPoolSettings { // ReadPolicy controls how Envoy routes read commands to Redis nodes. This is currently // supported for Redis Cluster. All ReadPolicy settings except MASTER may return stale data // because replication is asynchronous and requires some delay. You need to ensure that your // application can tolerate stale data. enum ReadPolicy { // Default mode. Read from the current primary node. MASTER = 0; // Read from the primary, but if it is unavailable, read from replica nodes. PREFER_MASTER = 1; // Read from replica nodes. If multiple replica nodes are present within a shard, a random // node is selected. Healthy nodes have precedent over unhealthy nodes. REPLICA = 2; // Read from the replica nodes (similar to REPLICA), but if all replicas are unavailable (not // present or unhealthy), read from the primary. PREFER_REPLICA = 3; // Read from any node of the cluster. A random node is selected among the primary and // replicas, healthy nodes have precedent over unhealthy nodes. ANY = 4; } // Per-operation timeout in milliseconds. The timer starts when the first // command of a pipeline is written to the backend connection. Each response received from Redis // resets the timer since it signifies that the next command is being processed by the backend. // The only exception to this behavior is when a connection to a backend is not yet established. // In that case, the connect timeout on the cluster will govern the timeout until the connection // is ready. google.protobuf.Duration op_timeout = 1 [(validate.rules).duration = {required: true}]; // Use hash tagging on every redis key to guarantee that keys with the same hash tag will be // forwarded to the same upstream. The hash key used for determining the upstream in a // consistent hash ring configuration will be computed from the hash tagged key instead of the // whole key. The algorithm used to compute the hash tag is identical to the `redis-cluster // implementation `_. // // Examples: // // * '{user1000}.following' and '{user1000}.followers' **will** be sent to the same upstream // * '{user1000}.following' and '{user1001}.following' **might** be sent to the same upstream bool enable_hashtagging = 2; // Accept `moved and ask redirection // `_ errors from upstream // redis servers, and retry commands to the specified target server. The target server does not // need to be known to the cluster manager. If the command cannot be redirected, then the // original error is passed downstream unchanged. By default, this support is not enabled. bool enable_redirection = 3; // Maximum size of encoded request buffer before flush is triggered and encoded requests // are sent upstream. If this is unset, the buffer flushes whenever it receives data // and performs no batching. // This feature makes it possible for multiple clients to send requests to Envoy and have // them batched- for example if one is running several worker processes, each with its own // Redis connection. There is no benefit to using this with a single downstream process. // Recommended size (if enabled) is 1024 bytes. uint32 max_buffer_size_before_flush = 4; // The encoded request buffer is flushed N milliseconds after the first request has been // encoded, unless the buffer size has already exceeded `max_buffer_size_before_flush`. // If `max_buffer_size_before_flush` is not set, this flush timer is not used. Otherwise, // the timer should be set according to the number of clients, overall request rate and // desired maximum latency for a single command. For example, if there are many requests // being batched together at a high rate, the buffer will likely be filled before the timer // fires. Alternatively, if the request rate is lower the buffer will not be filled as often // before the timer fires. // If `max_buffer_size_before_flush` is set, but `buffer_flush_timeout` is not, the latter // defaults to 3ms. google.protobuf.Duration buffer_flush_timeout = 5; // `max_upstream_unknown_connections` controls how many upstream connections to unknown hosts // can be created at any given time by any given worker thread (see `enable_redirection` for // more details). If the host is unknown and a connection cannot be created due to enforcing // this limit, then redirection will fail and the original redirection error will be passed // downstream unchanged. This limit defaults to 100. google.protobuf.UInt32Value max_upstream_unknown_connections = 6; // Enable per-command statistics per upstream cluster, in addition to the filter level aggregate // count. bool enable_command_stats = 8; // Read policy. The default is to read from the primary. ReadPolicy read_policy = 7 [(validate.rules).enum = {defined_only: true}]; } message PrefixRoutes { message Route { // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. message RequestMirrorPolicy { // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // If not specified or the runtime key is not present, all requests to the target cluster // will be mirrored. // // If specified, Envoy will lookup the runtime key to get the percentage of requests to the // mirror. api.v2.core.RuntimeFractionalPercent runtime_fraction = 2; // Set this to TRUE to only mirror write commands, this is effectively replicating the // writes in a "fire and forget" manner. bool exclude_read_commands = 3; } // String prefix that must match the beginning of the keys. Envoy will always favor the // longest match. string prefix = 1; // Indicates if the prefix needs to be removed from the key when forwarded. bool remove_prefix = 2; // Upstream cluster to forward the command to. string cluster = 3 [(validate.rules).string = {min_bytes: 1}]; // Indicates that the route has a request mirroring policy. repeated RequestMirrorPolicy request_mirror_policy = 4; } // List of prefix routes. repeated Route routes = 1; // Indicates that prefix matching should be case insensitive. bool case_insensitive = 2; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. // .. attention:: // // This field is deprecated. Use a :ref:`catch_all // route` // instead. string catch_all_cluster = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. Route catch_all_route = 4; } // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Name of cluster from cluster manager. See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing cluster. // // .. attention:: // // This field is deprecated. Use a :ref:`catch_all // route` // instead. string cluster = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Network settings for the connection pool to the upstream clusters. ConnPoolSettings settings = 3 [(validate.rules).message = {required: true}]; // Indicates that latency stat should be computed in microseconds. By default it is computed in // milliseconds. bool latency_in_micros = 4; // List of **unique** prefixes used to separate keys from different workloads to different // clusters. Envoy will always favor the longest match first in case of overlap. A catch-all // cluster can be used to forward commands when there is no match. Time complexity of the // lookups are in O(min(longest key prefix, key length)). // // Example: // // .. code-block:: yaml // // prefix_routes: // routes: // - prefix: "ab" // cluster: "cluster_a" // - prefix: "abc" // cluster: "cluster_b" // // When using the above routes, the following prefixes would be sent to: // // * ``get abc:users`` would retrieve the key 'abc:users' from cluster_b. // * ``get ab:users`` would retrieve the key 'ab:users' from cluster_a. // * ``get z:users`` would return a NoUpstreamHost error. A :ref:`catch-all // route` // would have retrieved the key from that cluster instead. // // See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing clusters. PrefixRoutes prefix_routes = 5; // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this password before enabling any other // command. If an AUTH command's password matches this password, an "OK" response will be returned // to the client. If the AUTH command password does not match this password, then an "ERR invalid // password" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no password is set" error will be returned. api.v2.core.DataSource downstream_auth_password = 6 [(udpa.annotations.sensitive) = true]; } // RedisProtocolOptions specifies Redis upstream protocol options. This object is used in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.redis_proxy`. message RedisProtocolOptions { // Upstream server password as defined by the `requirepass` directive // `_ in the server's configuration file. api.v2.core.DataSource auth_password = 1 [(udpa.annotations.sensitive) = true]; } ================================================ FILE: api/envoy/config/filter/network/sni_cluster/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/network/sni_cluster/v2/sni_cluster.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.sni_cluster.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.sni_cluster.v2"; option java_outer_classname = "SniClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.sni_cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: SNI Cluster Filter] // Set the upstream cluster name from the SNI field in the TLS connection. // [#extension: envoy.filters.network.sni_cluster] message SniCluster { } ================================================ FILE: api/envoy/config/filter/network/tcp_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.tcp_proxy.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/type/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.tcp_proxy.v2"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.tcp_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 13] message TcpProxy { // [#not-implemented-hide:] Deprecated. // TCP Proxy filter configuration using V1 format. message DeprecatedV1 { option deprecated = true; // A TCP proxy route consists of a set of optional L4 criteria and the // name of a cluster. If a downstream connection matches all the // specified criteria, the cluster in the route is used for the // corresponding upstream connection. Routes are tried in the order // specified until a match is found. If no match is found, the connection // is closed. A route with no criteria is valid and always produces a // match. // [#next-free-field: 6] message TCPRoute { // The cluster to connect to when a the downstream network connection // matches the specified criteria. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // An optional list of IP address subnets in the form // “ip_address/xx”. The criteria is satisfied if the destination IP // address of the downstream connection is contained in at least one of // the specified subnets. If the parameter is not specified or the list // is empty, the destination IP address is ignored. The destination IP // address of the downstream connection might be different from the // addresses on which the proxy is listening if the connection has been // redirected. repeated api.v2.core.CidrRange destination_ip_list = 2; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the destination port of the // downstream connection is contained in at least one of the specified // ranges. If the parameter is not specified, the destination port is // ignored. The destination port address of the downstream connection // might be different from the port on which the proxy is listening if // the connection has been redirected. string destination_ports = 3; // An optional list of IP address subnets in the form // “ip_address/xx”. The criteria is satisfied if the source IP address // of the downstream connection is contained in at least one of the // specified subnets. If the parameter is not specified or the list is // empty, the source IP address is ignored. repeated api.v2.core.CidrRange source_ip_list = 4; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the source port of the // downstream connection is contained in at least one of the specified // ranges. If the parameter is not specified, the source port is // ignored. string source_ports = 5; } // The route table for the filter. All filter instances must have a route // table, even if it is empty. repeated TCPRoute routes = 1 [(validate.rules).repeated = {min_items: 1}]; } // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { message ClusterWeight { // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. api.v2.core.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_bytes: 1}]; } // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. api.v2.core.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated accesslog.v2.AccessLog access_log = 5; // [#not-implemented-hide:] Deprecated. DeprecatedV1 deprecated_v1 = 6 [deprecated = true]; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; } ================================================ FILE: api/envoy/config/filter/network/thrift_proxy/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/network/thrift_proxy/v2alpha1/README.md ================================================ Protocol buffer definitions for the Thrift proxy. ================================================ FILE: api/envoy/config/filter/network/thrift_proxy/v2alpha1/route.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.thrift_proxy.v2alpha1; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.thrift_proxy.v2alpha1"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated api.v2.route.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_bytes: 1}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. api.v2.core.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated api.v2.route.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { message ClusterWeight { // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. api.v2.core.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/config/filter/network/thrift_proxy/v2alpha1/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.thrift_proxy.v2alpha1; import "envoy/config/filter/network/thrift_proxy/v2alpha1/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.thrift_proxy.v2alpha1"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/zookeeper_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.zookeeper_proxy.v1alpha1; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.zookeeper_proxy.v1alpha1"; option java_outer_classname = "ZookeeperProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.zookeeper_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ZooKeeper proxy] // ZooKeeper Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.zookeeper_proxy] message ZooKeeperProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] The optional path to use for writing ZooKeeper access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; // Messages — requests, responses and events — that are bigger than this value will // be ignored. If it is not set, the default value is 1Mb. // // The value here should match the jute.maxbuffer property in your cluster configuration: // // https://zookeeper.apache.org/doc/r3.4.10/zookeeperAdmin.html#Unsafe+Options // // if that is set. If it isn't, ZooKeeper's default is also 1Mb. google.protobuf.UInt32Value max_packet_bytes = 3; } ================================================ FILE: api/envoy/config/filter/thrift/rate_limit/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/filter/thrift/rate_limit/v2alpha1/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.thrift.rate_limit.v2alpha1; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.thrift.rate_limit.v2alpha1"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.thrift.ratelimit] // [#next-free-field: 6] message RateLimit { // The rate limit domain to use in the rate limit service request. string domain = 1 [(validate.rules).string = {min_bytes: 1}]; // Specifies the rate limit configuration stage. Each configured rate limit filter performs a // rate limit check using descriptors configured in the // :ref:`envoy_api_msg_config.filter.network.thrift_proxy.v2alpha1.RouteAction` for the request. // Only those entries with a matching stage number are used for a given filter. If not set, the // default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 3; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 4; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 5 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/filter/thrift/router/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/thrift/router/v2alpha1/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.thrift.router.v2alpha1; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.thrift.router.v2alpha1"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Thrift router :ref:`configuration overview `. // [#extension: envoy.filters.thrift.router] message Router { } ================================================ FILE: api/envoy/config/filter/udp/udp_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/filter/udp/udp_proxy/v2alpha/udp_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.udp.udp_proxy.v2alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.udp.udp_proxy.v2alpha"; option java_outer_classname = "UdpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.udp.udp_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: UDP proxy] // UDP proxy :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.udp_proxy] // Configuration for the UDP proxy filter. message UdpProxyConfig { // The stat prefix used when emitting UDP proxy filter stats. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; oneof route_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2 [(validate.rules).string = {min_bytes: 1}]; } // The idle timeout for sessions. Idle is defined as no datagrams between received or sent by // the session. The default if not specified is 1 minute. google.protobuf.Duration idle_timeout = 3; } ================================================ FILE: api/envoy/config/grpc_credential/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/grpc_credential/v2alpha/aws_iam.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; option java_outer_classname = "AwsIamProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Grpc Credentials AWS IAM] // Configuration for AWS IAM Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.aws_iam] message AwsIamConfig { // The `service namespace // `_ // of the Grpc endpoint. // // Example: appmesh string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The `region `_ hosting the Grpc // endpoint. If unspecified, the extension will use the value in the ``AWS_REGION`` environment // variable. // // Example: us-west-2 string region = 2; } ================================================ FILE: api/envoy/config/grpc_credential/v2alpha/file_based_metadata.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v2alpha; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; option java_outer_classname = "FileBasedMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Grpc Credentials File Based Metadata] // Configuration for File Based Metadata Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.file_based_metadata] message FileBasedMetadataConfig { // Location or inline data of secret to use for authentication of the Google gRPC connection // this secret will be attached to a header of the gRPC connection api.v2.core.DataSource secret_data = 1 [(udpa.annotations.sensitive) = true]; // Metadata header key to use for sending the secret data // if no header key is set, "authorization" header will be used string header_key = 2; // Prefix to prepend to the secret in the metadata header // if no prefix is set, the default is to use no prefix string header_prefix = 3; } ================================================ FILE: api/envoy/config/grpc_credential/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/grpc_credential/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/grpc_credential/v3/aws_iam.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v3"; option java_outer_classname = "AwsIamProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Grpc Credentials AWS IAM] // Configuration for AWS IAM Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.aws_iam] message AwsIamConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.grpc_credential.v2alpha.AwsIamConfig"; // The `service namespace // `_ // of the Grpc endpoint. // // Example: appmesh string service_name = 1 [(validate.rules).string = {min_len: 1}]; // The `region `_ hosting the Grpc // endpoint. If unspecified, the extension will use the value in the ``AWS_REGION`` environment // variable. // // Example: us-west-2 string region = 2; } ================================================ FILE: api/envoy/config/grpc_credential/v3/file_based_metadata.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v3"; option java_outer_classname = "FileBasedMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Grpc Credentials File Based Metadata] // Configuration for File Based Metadata Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.file_based_metadata] message FileBasedMetadataConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.grpc_credential.v2alpha.FileBasedMetadataConfig"; // Location or inline data of secret to use for authentication of the Google gRPC connection // this secret will be attached to a header of the gRPC connection core.v3.DataSource secret_data = 1 [(udpa.annotations.sensitive) = true]; // Metadata header key to use for sending the secret data // if no header key is set, "authorization" header will be used string header_key = 2; // Prefix to prepend to the secret in the metadata header // if no prefix is set, the default is to use no prefix string header_prefix = 3; } ================================================ FILE: api/envoy/config/health_checker/redis/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/health_checker/redis/v2/redis.proto ================================================ syntax = "proto3"; package envoy.config.health_checker.redis.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.health_checker.redis.v2"; option java_outer_classname = "RedisProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis] // Redis health checker :ref:`configuration overview `. // [#extension: envoy.health_checkers.redis] message Redis { // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } ================================================ FILE: api/envoy/config/listener/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/listener/v2/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v2; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v2"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: api/envoy/config/listener/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "//envoy/api/v2/listener:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/listener/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/listener/v3/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v2.ApiListener"; // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: api/envoy/config/listener/v3/listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/api_listener.proto"; import "envoy/config/listener/v3/listener_components.proto"; import "envoy/config/listener/v3/udp_listener_config.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // Listener list collections. Entries are *Listener* resources or references. // [#not-implemented-hide:] message ListenerCollection { repeated udpa.core.v1.CollectionEntry entries = 1; } // [#next-free-field: 25] message Listener { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener"; enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.DeprecatedV1"; // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.ConnectionBalanceConfig"; // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.ConnectionBalanceConfig.ExactBalance"; } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14, 4; reserved "use_original_dst"; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.v3.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated FilterChain filter_chains = 3; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Listener metadata. core.v3.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v3.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.v3.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated accesslog.v3.AccessLog access_log = 22; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // writer to create, i.e. :ref:`name ` // = "udp_default_writer" for creating a udp writer with writing in passthrough mode, // = "udp_gso_batch_writer" for creating a udp writer with writing in batch mode. // If not present, treat it as "udp_default_writer". // [#not-implemented-hide:] core.v3.TypedExtensionConfig udp_writer_config = 23; // The maximum length a tcp listener's pending connections queue can grow to. If no value is // provided net.core.somaxconn will be used on Linux and 128 otherwise. google.protobuf.UInt32Value tcp_backlog_size = 24; } ================================================ FILE: api/envoy/config/listener/v3/listener_components.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.Filter"; reserved 3, 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 4; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.FilterChainMatch"; enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. SAME_IP_OR_LOOPBACK = 1; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.v3.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.v3.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 9] message FilterChain { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.FilterChain"; // The configuration for on-demand filter chain. If this field is not empty in FilterChain message, // a filter chain will be built on-demand. // On-demand filter chains help speedup the warming up of listeners since the building and initialization of // an on-demand filter chain will be postponed to the arrival of new connection requests that require this filter chain. // Filter chains that are not often used can be set as on-demand. message OnDemandConfiguration { // The timeout to wait for filter chain placeholders to complete rebuilding. // 1. If this field is set to 0, timeout is disabled. // 2. If not specified, a default timeout of 15s is used. // Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached. // Upon failure or timeout, all connections related to this filter chain will be closed. // Rebuilding will start again on the next new connection. google.protobuf.Duration rebuild_timeout = 1; } reserved 2; reserved "tls_context"; // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.v3.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v3.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; // [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand. // If this field is not empty, the filter chain will be built on-demand. // Otherwise, the filter chain will be built normally and block listener warming. OnDemandConfiguration on_demand_configuration = 8; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilterChainMatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet"; // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.v3.Int32Range destination_port_range = 5; } } message ListenerFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: api/envoy/config/listener/v3/quic_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 5 message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.QuicProtocolOptions"; // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v3.RuntimeFeatureFlag enabled = 4; } ================================================ FILE: api/envoy/config/listener/v3/udp_default_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpDefaultWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Udp Default Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Default Writer. message UdpDefaultWriterOptions { } ================================================ FILE: api/envoy/config/listener/v3/udp_gso_batch_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpGsoBatchWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Udp Gso Batch Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Gso Batch Writer. message UdpGsoBatchWriterOptions { } ================================================ FILE: api/envoy/config/listener/v3/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.UdpListenerConfig"; reserved 2; reserved "config"; // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Any typed_config = 3; } } message ActiveRawUdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ActiveRawUdpListenerConfig"; } ================================================ FILE: api/envoy/config/listener/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/listener/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/config/listener/v4alpha/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ApiListener"; // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: api/envoy/config/listener/v4alpha/listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/api_listener.proto"; import "envoy/config/listener/v4alpha/listener_components.proto"; import "envoy/config/listener/v4alpha/udp_listener_config.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // Listener list collections. Entries are *Listener* resources or references. // [#not-implemented-hide:] message ListenerCollection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerCollection"; repeated udpa.core.v1.CollectionEntry entries = 1; } // [#next-free-field: 25] message Listener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener"; enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.DeprecatedV1"; // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.ConnectionBalanceConfig"; // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.ConnectionBalanceConfig.ExactBalance"; } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14, 4; reserved "use_original_dst"; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.v4alpha.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated FilterChain filter_chains = 3; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Listener metadata. core.v4alpha.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v4alpha.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.v4alpha.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated accesslog.v4alpha.AccessLog access_log = 22; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // writer to create, i.e. :ref:`name ` // = "udp_default_writer" for creating a udp writer with writing in passthrough mode, // = "udp_gso_batch_writer" for creating a udp writer with writing in batch mode. // If not present, treat it as "udp_default_writer". // [#not-implemented-hide:] core.v4alpha.TypedExtensionConfig udp_writer_config = 23; // The maximum length a tcp listener's pending connections queue can grow to. If no value is // provided net.core.somaxconn will be used on Linux and 128 otherwise. google.protobuf.UInt32Value tcp_backlog_size = 24; } ================================================ FILE: api/envoy/config/listener/v4alpha/listener_components.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Filter"; reserved 3, 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 4; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChainMatch"; enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. SAME_IP_OR_LOOPBACK = 1; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.v4alpha.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.v4alpha.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 9] message FilterChain { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChain"; // The configuration for on-demand filter chain. If this field is not empty in FilterChain message, // a filter chain will be built on-demand. // On-demand filter chains help speedup the warming up of listeners since the building and initialization of // an on-demand filter chain will be postponed to the arrival of new connection requests that require this filter chain. // Filter chains that are not often used can be set as on-demand. message OnDemandConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChain.OnDemandConfiguration"; // The timeout to wait for filter chain placeholders to complete rebuilding. // 1. If this field is set to 0, timeout is disabled. // 2. If not specified, a default timeout of 15s is used. // Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached. // Upon failure or timeout, all connections related to this filter chain will be closed. // Rebuilding will start again on the next new connection. google.protobuf.Duration rebuild_timeout = 1; } reserved 2; reserved "tls_context"; // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.v4alpha.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v4alpha.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; // [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand. // If this field is not empty, the filter chain will be built on-demand. // Otherwise, the filter chain will be built normally and block listener warming. OnDemandConfiguration on_demand_configuration = 8; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilterChainMatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet"; // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.v3.Int32Range destination_port_range = 5; } } message ListenerFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: api/envoy/config/listener/v4alpha/quic_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 5 message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.QuicProtocolOptions"; // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v4alpha.RuntimeFeatureFlag enabled = 4; } ================================================ FILE: api/envoy/config/listener/v4alpha/udp_default_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpDefaultWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Udp Default Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Default Writer. message UdpDefaultWriterOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpDefaultWriterOptions"; } ================================================ FILE: api/envoy/config/listener/v4alpha/udp_gso_batch_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpGsoBatchWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Udp Gso Batch Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Gso Batch Writer. message UdpGsoBatchWriterOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpGsoBatchWriterOptions"; } ================================================ FILE: api/envoy/config/listener/v4alpha/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpListenerConfig"; reserved 2; reserved "config"; // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Any typed_config = 3; } } message ActiveRawUdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ActiveRawUdpListenerConfig"; } ================================================ FILE: api/envoy/config/metrics/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/metrics/v2/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v2"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { // The upstream gRPC cluster that hosts the metrics service. api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/metrics/v2/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v2; import "envoy/api/v2/core/address.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v2"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Statistics configuration such as tagging. message StatsConfig { // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. api.v2.core.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. api.v2.core.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: api/envoy/config/metrics/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/metrics/v3/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v3"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.MetricsServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v3.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; // API version for metric service transport protocol. This describes the metric service gRPC // endpoint and version of messages used on the wire. core.v3.ApiVersion transport_api_version = 3 [(validate.rules).enum = {defined_only: true}]; // If true, counters are reported as the delta between flushing intervals. Otherwise, the current // counter value is reported. Defaults to false. // Eventually (https://github.com/envoyproxy/envoy/issues/10968) if this value is not set, the // sink will take updates from the :ref:`MetricsResponse `. google.protobuf.BoolValue report_counters_as_deltas = 2; } ================================================ FILE: api/envoy/config/metrics/v3/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v3; import "envoy/config/core/v3/address.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v3"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsSink"; reserved 2; reserved "config"; // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Any typed_config = 3; } } // Statistics configuration such as tagging. message StatsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsConfig"; // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; // Defines rules for setting the histogram buckets. Rules are evaluated in order, and the first // match is applied. If no match is found (or if no rules are set), the following default buckets // are used: // // .. code-block:: json // // [ // 0.5, // 1, // 5, // 10, // 25, // 50, // 100, // 250, // 500, // 1000, // 2500, // 5000, // 10000, // 30000, // 60000, // 300000, // 600000, // 1800000, // 3600000 // ] repeated HistogramBucketSettings histogram_bucket_settings = 4; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsMatcher"; oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v3.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v3.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.TagSpecifier"; // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Specifies a matcher for stats and the buckets that matching stats should use. message HistogramBucketSettings { // The stats that this rule applies to. The match is applied to the original stat name // before tag-extraction, for example `cluster.exampleclustername.upstream_cx_length_ms`. type.matcher.v3.StringMatcher match = 1 [(validate.rules).message = {required: true}]; // Each value is the upper bound of a bucket. Each bucket must be greater than 0 and unique. // The order of the buckets does not matter. repeated double buckets = 2 [(validate.rules).repeated = { min_items: 1 unique: true items {double {gt: 0.0}} }]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsdSink"; oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. core.v3.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.DogStatsdSink"; reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. core.v3.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; // Optional max datagram size to use when sending UDP messages. By default Envoy // will emit one metric per datagram. By specifying a max-size larger than a single // metric, Envoy will emit multiple, new-line separated metrics. The max datagram // size should not exceed your network's MTU. // // Note that this value may not be respected if smaller than a single metric. google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.HystrixSink"; // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: api/envoy/config/metrics/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/metrics/v4alpha/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v4alpha"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.MetricsServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v4alpha.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; // API version for metric service transport protocol. This describes the metric service gRPC // endpoint and version of messages used on the wire. core.v4alpha.ApiVersion transport_api_version = 3 [(validate.rules).enum = {defined_only: true}]; // If true, counters are reported as the delta between flushing intervals. Otherwise, the current // counter value is reported. Defaults to false. // Eventually (https://github.com/envoyproxy/envoy/issues/10968) if this value is not set, the // sink will take updates from the :ref:`MetricsResponse `. google.protobuf.BoolValue report_counters_as_deltas = 2; } ================================================ FILE: api/envoy/config/metrics/v4alpha/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v4alpha"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsSink"; reserved 2; reserved "config"; // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Any typed_config = 3; } } // Statistics configuration such as tagging. message StatsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsConfig"; // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; // Defines rules for setting the histogram buckets. Rules are evaluated in order, and the first // match is applied. If no match is found (or if no rules are set), the following default buckets // are used: // // .. code-block:: json // // [ // 0.5, // 1, // 5, // 10, // 25, // 50, // 100, // 250, // 500, // 1000, // 2500, // 5000, // 10000, // 30000, // 60000, // 300000, // 600000, // 1800000, // 3600000 // ] repeated HistogramBucketSettings histogram_bucket_settings = 4; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsMatcher"; oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v4alpha.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v4alpha.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.TagSpecifier"; // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Specifies a matcher for stats and the buckets that matching stats should use. message HistogramBucketSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.HistogramBucketSettings"; // The stats that this rule applies to. The match is applied to the original stat name // before tag-extraction, for example `cluster.exampleclustername.upstream_cx_length_ms`. type.matcher.v4alpha.StringMatcher match = 1 [(validate.rules).message = {required: true}]; // Each value is the upper bound of a bucket. Each bucket must be greater than 0 and unique. // The order of the buckets does not matter. repeated double buckets = 2 [(validate.rules).repeated = { min_items: 1 unique: true items {double {gt: 0.0}} }]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsdSink"; oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. core.v4alpha.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.DogStatsdSink"; reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. core.v4alpha.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; // Optional max datagram size to use when sending UDP messages. By default Envoy // will emit one metric per datagram. By specifying a max-size larger than a single // metric, Envoy will emit multiple, new-line separated metrics. The max datagram // size should not exceed your network's MTU. // // Note that this value may not be respected if smaller than a single metric. google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.HystrixSink"; // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: api/envoy/config/overload/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/overload/v2alpha/overload.proto ================================================ syntax = "proto3"; package envoy.config.overload.v2alpha; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.overload.v2alpha"; option java_outer_classname = "OverloadProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Overload Manager] // The Overload Manager provides an extensible framework to protect Envoy instances // from overload of various resources (memory, cpu, file descriptors, etc). // It monitors a configurable set of resources and notifies registered listeners // when triggers related to those resources fire. message ResourceMonitor { // The name of the resource monitor to instantiate. Must match a registered // resource monitor type. The built-in resource monitors are: // // * :ref:`envoy.resource_monitors.fixed_heap // ` // * :ref:`envoy.resource_monitors.injected_resource // ` string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Configuration for the resource monitor being instantiated. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message ThresholdTrigger { // If the resource pressure is greater than or equal to this value, the trigger // will fire. double value = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message Trigger { // The name of the resource this is a trigger for. string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof trigger_oneof { option (validate.required) = true; ThresholdTrigger threshold = 2; } } message OverloadAction { // The name of the overload action. This is just a well-known string that listeners can // use for registering callbacks. Custom overload actions should be named using reverse // DNS to ensure uniqueness. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A set of triggers for this action. If any of these triggers fire the overload action // is activated. Listeners are notified when the overload action transitions from // inactivated to activated, or vice versa. repeated Trigger triggers = 2 [(validate.rules).repeated = {min_items: 1}]; } message OverloadManager { // The interval for refreshing resource usage. google.protobuf.Duration refresh_interval = 1; // The set of resources to monitor. repeated ResourceMonitor resource_monitors = 2 [(validate.rules).repeated = {min_items: 1}]; // The set of overload actions. repeated OverloadAction actions = 3; } ================================================ FILE: api/envoy/config/overload/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/overload/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/overload/v3/overload.proto ================================================ syntax = "proto3"; package envoy.config.overload.v3; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.overload.v3"; option java_outer_classname = "OverloadProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Overload Manager] // The Overload Manager provides an extensible framework to protect Envoy instances // from overload of various resources (memory, cpu, file descriptors, etc). // It monitors a configurable set of resources and notifies registered listeners // when triggers related to those resources fire. message ResourceMonitor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.ResourceMonitor"; reserved 2; reserved "config"; // The name of the resource monitor to instantiate. Must match a registered // resource monitor type. The built-in resource monitors are: // // * :ref:`envoy.resource_monitors.fixed_heap // ` // * :ref:`envoy.resource_monitors.injected_resource // ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Configuration for the resource monitor being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; } } message ThresholdTrigger { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.ThresholdTrigger"; // If the resource pressure is greater than or equal to this value, the trigger // will enter saturation. double value = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message ScaledTrigger { // If the resource pressure is greater than this value, the trigger will be in the // :ref:`scaling ` state with value // `(pressure - scaling_threshold) / (saturation_threshold - scaling_threshold)`. double scaling_threshold = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; // If the resource pressure is greater than this value, the trigger will enter saturation. double saturation_threshold = 2 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message Trigger { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.Trigger"; // The name of the resource this is a trigger for. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof trigger_oneof { option (validate.required) = true; ThresholdTrigger threshold = 2; ScaledTrigger scaled = 3; } } message OverloadAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.OverloadAction"; // The name of the overload action. This is just a well-known string that listeners can // use for registering callbacks. Custom overload actions should be named using reverse // DNS to ensure uniqueness. string name = 1 [(validate.rules).string = {min_len: 1}]; // A set of triggers for this action. The state of the action is the maximum // state of all triggers, which can be scaling between 0 and 1 or saturated. Listeners // are notified when the overload action changes state. repeated Trigger triggers = 2 [(validate.rules).repeated = {min_items: 1}]; } message OverloadManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.OverloadManager"; // The interval for refreshing resource usage. google.protobuf.Duration refresh_interval = 1; // The set of resources to monitor. repeated ResourceMonitor resource_monitors = 2 [(validate.rules).repeated = {min_items: 1}]; // The set of overload actions. repeated OverloadAction actions = 3; } ================================================ FILE: api/envoy/config/ratelimit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/ratelimit/v2/rls.proto ================================================ syntax = "proto3"; package envoy.config.ratelimit.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.ratelimit.v2"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit service] // Rate limit :ref:`configuration overview `. message RateLimitServiceConfig { reserved 1, 3; // Specifies the gRPC service that hosts the rate limit service. The client // will connect to this cluster when it needs to make rate limit service // requests. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/ratelimit/v3/rls.proto ================================================ syntax = "proto3"; package envoy.config.ratelimit.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.ratelimit.v3"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit service] // Rate limit :ref:`configuration overview `. message RateLimitServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.ratelimit.v2.RateLimitServiceConfig"; reserved 1, 3; // Specifies the gRPC service that hosts the rate limit service. The client // will connect to this cluster when it needs to make rate limit service // requests. core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // API version for rate limit transport protocol. This describes the rate limit gRPC endpoint and // version of messages used on the wire. core.v3.ApiVersion transport_api_version = 4 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/config/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: api/envoy/config/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/metadata.proto"; import "envoy/type/matcher/path.proto"; import "envoy/type/matcher/string.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. A request is allowed // once a matching policy is found (suppose the `action` is ALLOW). // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest is denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest is allowed. This is block-list style // access control. DENY = 1; } // The action to take if a policy matches. The request is allowed if and only if: // // * `action` is "ALLOWED" and at least one policy matches // * `action` is "DENY" and none of the policies match Action action = 1; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. A policy matches if // and only if at least one of its permissions match the action taking place AND at least one of its // principals match the downstream AND the condition is true if specified. message Policy { // Required. The set of permissions that define a role. Each permission is matched with OR // semantics. To match all actions for this policy, a single Permission with the `any` field set // to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on “action”. Each // principal is matched with OR semantics. To match all downstreams for this policy, a single // Principal with the `any` field set to true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. google.api.expr.v1alpha1.Expr condition = 3; } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. api.v2.route.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. api.v2.core.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of `not_rule` would // match, this permission would not match. Conversely, if the value of `not_rule` would not // match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream subject. // [#next-free-field: 12] message Principal { // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. Depending on the context, // each are applied with the associated behavior. message Set { repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order is used from the // certificate, otherwise the subject field is used. If unset, it applies to any user that is // authenticated. type.matcher.StringMatcher principal_name = 2; } oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream IP. // This address will honor proxy protocol, but will not honor XFF. api.v2.core.CidrRange source_ip = 5 [deprecated = true]; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is inferred // from for example the x-forwarder-for header, proxy protocol, etc. api.v2.core.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip `. // E.g, if the remote ip is inferred from for example the x-forwarder-for header, // proxy protocol, etc. api.v2.core.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. api.v2.route.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of `not_id` would match, // this principal would not match. Conversely, if the value of `not_id` would not match, this // principal would match. Principal not_id = 8; } } ================================================ FILE: api/envoy/config/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/rbac/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: api/envoy/config/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/matcher/v3/path.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/api/expr/v1alpha1/checked.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. Requests are allowed // or denied based on the `action` and whether a matching policy is found. For instance, if the // action is ALLOW and a matching policy is found the request should be allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the // `access_log_hint` value in the shared key namespace 'envoy.common' is set to `true` indicating // the request should be logged. // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.RBAC"; // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest are denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest are allowed. This is block-list style // access control. DENY = 1; // The policies set the `access_log_hint` dynamic metadata key based on if requests match. // All requests are allowed. LOG = 2; } // The action to take if a policy matches. Every action either allows or denies a request, // and can also carry out action-specific operations. // // Actions: // // * ALLOW: Allows the request if and only if there is a policy that matches // the request. // * DENY: Allows the request if and only if there are no policies that // match the request. // * LOG: Allows all requests. If at least one policy matches, the dynamic // metadata key `access_log_hint` is set to the value `true` under the shared // key namespace 'envoy.common'. If no policies match, it is set to `false`. // Other actions do not modify this key. // Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. // A policy matches if and only if at least one of its permissions match the // action taking place AND at least one of its principals match the downstream // AND the condition is true if specified. message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Policy"; // Required. The set of permissions that define a role. Each permission is // matched with OR semantics. To match all actions for this policy, a single // Permission with the `any` field set to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on // “action”. Each principal is matched with OR semantics. To match all // downstreams for this policy, a single Principal with the `any` field set to // true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. // Only be used when checked_condition is not used. google.api.expr.v1alpha1.Expr condition = 3 [(udpa.annotations.field_migrate).oneof_promotion = "expression_specifier"]; // [#not-implemented-hide:] // An optional symbolic expression that has been successfully type checked. // Only be used when condition is not used. google.api.expr.v1alpha1.CheckedExpr checked_condition = 4 [(udpa.annotations.field_migrate).oneof_promotion = "expression_specifier"]; } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Permission"; // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Permission.Set"; repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. route.v3.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v3.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. core.v3.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.v3.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of // `not_rule` would match, this permission would not match. Conversely, if // the value of `not_rule` would not match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name // `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.v3.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream // subject. // [#next-free-field: 12] message Principal { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal"; // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. // Depending on the context, each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal.Set"; repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal.Authenticated"; reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order // is used from the certificate, otherwise the subject field is used. If // unset, it applies to any user that is authenticated. type.matcher.v3.StringMatcher principal_name = 2; } oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the // downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the // downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream IP. // This address will honor proxy protocol, but will not honor XFF. core.v3.CidrRange source_ip = 5 [deprecated = true]; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is // inferred from for example the x-forwarder-for header, proxy protocol, // etc. core.v3.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip // `. E.g, if the // remote ip is inferred from for example the x-forwarder-for header, proxy // protocol, etc. core.v3.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP // request. Only available for HTTP request. Note: the pseudo-header :path // includes the query and fragment string. Use the `url_path` field if you // want to match the URL path without the query and fragment string. route.v3.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v3.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.v3.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of // `not_id` would match, this principal would not match. Conversely, if the // value of `not_id` would not match, this principal would match. Principal not_id = 8; } } ================================================ FILE: api/envoy/config/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/rbac/v3:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: api/envoy/config/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/matcher/v4alpha/path.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/api/expr/v1alpha1/checked.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. Requests are allowed // or denied based on the `action` and whether a matching policy is found. For instance, if the // action is ALLOW and a matching policy is found the request should be allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the // `access_log_hint` value in the shared key namespace 'envoy.common' is set to `true` indicating // the request should be logged. // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.RBAC"; // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest are denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest are allowed. This is block-list style // access control. DENY = 1; // The policies set the `access_log_hint` dynamic metadata key based on if requests match. // All requests are allowed. LOG = 2; } // The action to take if a policy matches. Every action either allows or denies a request, // and can also carry out action-specific operations. // // Actions: // // * ALLOW: Allows the request if and only if there is a policy that matches // the request. // * DENY: Allows the request if and only if there are no policies that // match the request. // * LOG: Allows all requests. If at least one policy matches, the dynamic // metadata key `access_log_hint` is set to the value `true` under the shared // key namespace 'envoy.common'. If no policies match, it is set to `false`. // Other actions do not modify this key. // Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. // A policy matches if and only if at least one of its permissions match the // action taking place AND at least one of its principals match the downstream // AND the condition is true if specified. message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Policy"; // Required. The set of permissions that define a role. Each permission is // matched with OR semantics. To match all actions for this policy, a single // Permission with the `any` field set to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on // “action”. Each principal is matched with OR semantics. To match all // downstreams for this policy, a single Principal with the `any` field set to // true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; oneof expression_specifier { // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. // Only be used when checked_condition is not used. google.api.expr.v1alpha1.Expr condition = 3; // [#not-implemented-hide:] // An optional symbolic expression that has been successfully type checked. // Only be used when condition is not used. google.api.expr.v1alpha1.CheckedExpr checked_condition = 4; } } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Permission"; // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Permission.Set"; repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. route.v4alpha.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v4alpha.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. core.v4alpha.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.v4alpha.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of // `not_rule` would match, this permission would not match. Conversely, if // the value of `not_rule` would not match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name // `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.v4alpha.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream // subject. // [#next-free-field: 12] message Principal { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal"; // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. // Depending on the context, each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal.Set"; repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal.Authenticated"; reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order // is used from the certificate, otherwise the subject field is used. If // unset, it applies to any user that is authenticated. type.matcher.v4alpha.StringMatcher principal_name = 2; } reserved 5; reserved "source_ip"; oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the // downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the // downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is // inferred from for example the x-forwarder-for header, proxy protocol, // etc. core.v4alpha.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip // `. E.g, if the // remote ip is inferred from for example the x-forwarder-for header, proxy // protocol, etc. core.v4alpha.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP // request. Only available for HTTP request. Note: the pseudo-header :path // includes the query and fragment string. Use the `url_path` field if you // want to match the URL path without the query and fragment string. route.v4alpha.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v4alpha.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.v4alpha.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of // `not_id` would match, this principal would not match. Conversely, if the // value of `not_id` would not match, this principal would match. Principal not_id = 8; } } ================================================ FILE: api/envoy/config/resource_monitor/fixed_heap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.proto ================================================ syntax = "proto3"; package envoy.config.resource_monitor.fixed_heap.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.resource_monitor.fixed_heap.v2alpha"; option java_outer_classname = "FixedHeapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Fixed heap] // [#extension: envoy.resource_monitors.fixed_heap] // The fixed heap resource monitor reports the Envoy process memory pressure, computed as a // fraction of currently reserved heap memory divided by a statically configured maximum // specified in the FixedHeapConfig. message FixedHeapConfig { uint64 max_heap_size_bytes = 1 [(validate.rules).uint64 = {gt: 0}]; } ================================================ FILE: api/envoy/config/resource_monitor/injected_resource/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.proto ================================================ syntax = "proto3"; package envoy.config.resource_monitor.injected_resource.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.resource_monitor.injected_resource.v2alpha"; option java_outer_classname = "InjectedResourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Injected resource] // [#extension: envoy.resource_monitors.injected_resource] // The injected resource monitor allows injecting a synthetic resource pressure into Envoy // via a text file, which must contain a floating-point number in the range [0..1] representing // the resource pressure and be updated atomically by a symbolic link swap. // This is intended primarily for integration tests to force Envoy into an overloaded state. message InjectedResourceConfig { string filename = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: api/envoy/config/retry/omit_canary_hosts/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/retry/omit_canary_hosts/v2/omit_canary_hosts.proto ================================================ syntax = "proto3"; package envoy.config.retry.omit_canary_hosts.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.omit_canary_hosts.v2"; option java_outer_classname = "OmitCanaryHostsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Omit Canary Hosts Predicate] // [#extension: envoy.retry_host_predicates.omit_canary_hosts] message OmitCanaryHostsPredicate { } ================================================ FILE: api/envoy/config/retry/omit_host_metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/retry/omit_host_metadata/v2/omit_host_metadata_config.proto ================================================ syntax = "proto3"; package envoy.config.retry.omit_host_metadata.v2; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.omit_host_metadata.v2"; option java_outer_classname = "OmitHostMetadataConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.retry.host.omit_host_metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Omit host metadata retry predicate] // A retry host predicate that can be used to reject a host based on // predefined metadata match criteria. // [#extension: envoy.retry_host_predicates.omit_host_metadata] message OmitHostMetadataConfig { // Retry host predicate metadata match criteria. The hosts in // the upstream cluster with matching metadata will be omitted while // attempting a retry of a failed request. The metadata should be specified // under the *envoy.lb* key. api.v2.core.Metadata metadata_match = 1; } ================================================ FILE: api/envoy/config/retry/previous_hosts/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/retry/previous_hosts/v2/previous_hosts.proto ================================================ syntax = "proto3"; package envoy.config.retry.previous_hosts.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.previous_hosts.v2"; option java_outer_classname = "PreviousHostsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous Hosts Predicate] // [#extension: envoy.retry_host_predicates.previous_hosts] message PreviousHostsPredicate { } ================================================ FILE: api/envoy/config/retry/previous_priorities/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/retry/previous_priorities/previous_priorities_config.proto ================================================ syntax = "proto3"; package envoy.config.retry.previous_priorities; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.retry.previous_priorities"; option java_outer_classname = "PreviousPrioritiesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Previous priorities retry selector] // A retry host selector that attempts to spread retries between priorities, even if certain // priorities would not normally be attempted due to higher priorities being available. // // As priorities get excluded, load will be distributed amongst the remaining healthy priorities // based on the relative health of the priorities, matching how load is distributed during regular // host selection. For example, given priority healths of {100, 50, 50}, the original load will be // {100, 0, 0} (since P0 has capacity to handle 100% of the traffic). If P0 is excluded, the load // changes to {0, 50, 50}, because P1 is only able to handle 50% of the traffic, causing the // remaining to spill over to P2. // // Each priority attempted will be excluded until there are no healthy priorities left, at which // point the list of attempted priorities will be reset, essentially starting from the beginning. // For example, given three priorities P0, P1, P2 with healthy % of 100, 0 and 50 respectively, the // following sequence of priorities would be selected (assuming update_frequency = 1): // Attempt 1: P0 (P0 is 100% healthy) // Attempt 2: P2 (P0 already attempted, P2 only healthy priority) // Attempt 3: P0 (no healthy priorities, reset) // Attempt 4: P2 // // In the case of all upstream hosts being unhealthy, no adjustments will be made to the original // priority load, so behavior should be identical to not using this plugin. // // Using this PriorityFilter requires rebuilding the priority load, which runs in O(# of // priorities), which might incur significant overhead for clusters with many priorities. // [#extension: envoy.retry_priorities.previous_priorities] message PreviousPrioritiesConfig { // How often the priority load should be updated based on previously attempted priorities. Useful // to allow each priorities to receive more than one request before being excluded or to reduce // the number of times that the priority load has to be recomputed. // // For example, by setting this to 2, then the first two attempts (initial attempt and first // retry) will use the unmodified priority load. The third and fourth attempt will use priority // load which excludes the priorities routed to with the first two attempts, and the fifth and // sixth attempt will use the priority load excluding the priorities used for the first four // attempts. // // Must be greater than 0. int32 update_frequency = 1 [(validate.rules).int32 = {gt: 0}]; } ================================================ FILE: api/envoy/config/route/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/route/v3/route.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.RouteConfiguration"; // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_extensions.filters.network.http_connection_manager.v3.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_config.route.v3.VirtualHost` or // :ref:`envoy_api_msg_config.route.v3.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_config.route.v3.VirtualHost` or // :ref:`envoy_api_msg_config.route.v3.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Vhds"; // Configuration source specifier for VHDS. core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/route/v3/route_components.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/proxy_protocol.proto"; import "envoy/type/matcher/v3/regex.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/metadata/v3/metadata.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.VirtualHost"; enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9, 12; reserved "per_filter_config"; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_len: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; } // A filter-defined action type. message FilterAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.FilterAction"; google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Route"; reserved 6, 8; reserved "per_filter_config"; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). // [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when // implemented] FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.v3.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.v3.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.WeightedCluster"; // [#next-free-field: 11] message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.WeightedCluster.ClusterWeight"; reserved 7, 8; reserved "per_filter_config"; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_len: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.v3.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. repeated string request_headers_to_remove = 9 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. repeated string response_headers_to_remove = 6 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 13] message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch"; message GrpcRouteMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch.GrpcRouteMatchOptions"; } message TlsContextMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch.TlsContextMatchOptions"; // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } // An extensible message for matching CONNECT requests. message ConnectMatcher { } reserved 5, 3; reserved "regex"; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.v3.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; // If this is used as the matcher, the matcher will only match CONNECT requests. // Note that this will not match HTTP/2 upgrade-style CONNECT requests // (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style // upgrades. // This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, // where Extended CONNECT requests may have a path, the path matchers will work if // there is a path present. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectMatcher connect_matcher = 12; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.v3.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.CorsPolicy"; reserved 1, 8, 7; reserved "allow_origin", "allow_origin_regex", "enabled"; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.v3.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.v3.RuntimeFractionalPercent filter_enabled = 9; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.v3.RuntimeFractionalPercent shadow_enabled = 10; } // [#next-free-field: 37] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction"; enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // Configures :ref:`internal redirect ` behavior. // [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] enum InternalRedirectAction { option deprecated = true; PASS_THROUGH_INTERNAL_REDIRECT = 0; HANDLE_INTERNAL_REDIRECT = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.RequestMirrorPolicy"; reserved 2; reserved "runtime_key"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.v3.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy"; message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.Header"; // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If specified, the request header value will be rewritten and used // to produce the hash key. type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 2; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.Cookie"; // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_len: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.ConnectionProperties"; // Hash on source IP address. bool source_ip = 1; } message QueryParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.QueryParameter"; // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_len: 1}]; } message FilterState { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.FilterState"; // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_len: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.UpgradeConfig"; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. message ConnectConfig { // If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream. core.v3.ProxyProtocolConfig proxy_protocol_config = 1; } // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectConfig connect_config = 3; } message MaxStreamDuration { // Specifies the maximum duration allowed for streams on the route. If not specified, the value // from the :ref:`max_stream_duration // ` field in // :ref:`HttpConnectionManager.common_http_protocol_options // ` // is used. If this field is set explicitly to zero, any // HttpConnectionManager max_stream_duration timeout will be disabled for // this route. google.protobuf.Duration max_stream_duration = 1; // If present, and the request contains a `grpc-timeout header // `_, use that value as the // *max_stream_duration*, but limit the applied timeout to the maximum value specified here. // If set to 0, the `grpc-timeout` header is used without modification. google.protobuf.Duration grpc_timeout_header_max = 2; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by // subtracting the provided duration from the header. This is useful for allowing Envoy to set // its global timeout to be less than that of the deadline imposed by the calling client, which // makes it more likely that Envoy will handle the timeout instead of having the call canceled // by the client. If, after applying the offset, the resulting timeout is zero or negative, // the stream will timeout immediately. google.protobuf.Duration grpc_timeout_header_offset = 3; } reserved 12, 18, 19, 16, 22, 21, 10; reserved "request_mirror_policy"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.v3.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite_literal = 6 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string host_rewrite_header = 29 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the result of the regex substitution executed on path value with query and fragment removed. // This is useful for transitioning variable content between path segment and subdomain. // // For example with the following config: // // .. code-block:: yaml // // host_rewrite_path_regex: // pattern: // google_re2: {} // regex: "^/(.+)/.+$" // substitution: \1 // // Would rewrite the host header to `envoyproxy.io` given the path `/envoyproxy.io/some/path`. type.matcher.v3.RegexMatchAndSubstitute host_rewrite_path_regex = 35; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.v3.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host // :ref:`rate_limits ` are not applied to the // request. // // This field is deprecated. Please use :ref:`vh_rate_limits ` google.protobuf.BoolValue include_vh_rate_limits = 14 [deprecated = true]; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; // Deprecated by :ref:`grpc_timeout_header_max ` // If present, and the request is a gRPC request, use the // `grpc-timeout header `_, // or its default value (infinity) instead of // :ref:`timeout `, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using // :ref:`timeout ` or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // // .. note:: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes // precedence over `grpc-timeout header `_, when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration max_grpc_timeout = 23 [deprecated = true]; // Deprecated by :ref:`grpc_timeout_header_offset `. // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global // timeout to be less than that of the deadline imposed by the calling client, which makes it more // likely that Envoy will handle the timeout instead of having the call canceled by the client. // The offset will only be applied if the provided grpc_timeout is greater than the offset. This // ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning // infinity). google.protobuf.Duration grpc_timeout_offset = 28 [deprecated = true]; repeated UpgradeConfig upgrade_configs = 25; // If present, Envoy will try to follow an upstream redirect response instead of proxying the // response back to the downstream. An upstream redirect response is defined // by :ref:`redirect_response_codes // `. InternalRedirectPolicy internal_redirect_policy = 34; InternalRedirectAction internal_redirect_action = 26 [deprecated = true]; // An internal redirect is handled, iff the number of previous internal redirects that a // downstream request has encountered is lower than this value, and // :ref:`internal_redirect_action ` // is set to :ref:`HANDLE_INTERNAL_REDIRECT // ` // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or has // :ref:`internal_redirect_action ` // set to // :ref:`PASS_THROUGH_INTERNAL_REDIRECT // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 31 [deprecated = true]; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; // Specifies the maximum stream duration for this route. MaxStreamDuration max_stream_duration = 36; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 12] message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy"; enum ResetHeaderFormat { SECONDS = 0; UNIX_TIMESTAMP = 1; } message RetryPriority { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryPriority"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryHostPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryHostPredicate"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryBackOff"; // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } message ResetHeader { string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; ResetHeaderFormat format = 2 [(validate.rules).enum = {defined_only: true}]; } // A retry back-off strategy that applies when the upstream server rate limits // the request. // // Given this configuration: // // .. code-block:: yaml // // rate_limited_retry_back_off: // reset_headers: // - name: Retry-After // format: SECONDS // - name: X-RateLimit-Reset // format: UNIX_TIMESTAMP // max_interval: "300s" // // The following algorithm will apply: // // 1. If the response contains the header ``Retry-After`` its value must be on // the form ``120`` (an integer that represents the number of seconds to // wait before retrying). If so, this value is used as the back-off interval. // 2. Otherwise, if the response contains the header ``X-RateLimit-Reset`` its // value must be on the form ``1595320702`` (an integer that represents the // point in time at which to retry, as a Unix timestamp in seconds). If so, // the current time is subtracted from this value and the result is used as // the back-off interval. // 3. Otherwise, Envoy will use the default // :ref:`exponential back-off ` // strategy. // // No matter which format is used, if the resulting back-off interval exceeds // ``max_interval`` it is discarded and the next header in ``reset_headers`` // is tried. If a request timeout is configured for the route it will further // limit how long the request will be allowed to run. // // To prevent many clients retrying at the same point in time jitter is added // to the back-off interval, so the resulting interval is decided by taking: // ``random(interval, interval * 1.5)``. // // .. attention:: // // Configuring ``rate_limited_retry_back_off`` will not by itself cause a request // to be retried. You will still need to configure the right retry policy to match // the responses from the upstream server. message RateLimitedRetryBackOff { // Specifies the reset headers (like ``Retry-After`` or ``X-RateLimit-Reset``) // to match against the response. Headers are tried in order, and matched case // insensitive. The first header to be parsed successfully is used. If no headers // match the default exponential back-off is used instead. repeated ResetHeader reset_headers = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the maximum back off interval that Envoy will allow. If a reset // header contains an interval longer than this then it will be discarded and // the next header will be tried. Defaults to 300 seconds. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value num_retries = 2 [(udpa.annotations.field_migrate).rename = "max_retries"]; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control exponential retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // Specifies parameters that control a retry back-off strategy that is used // when the request is rate limited by the upstream server. The server may // return a response header like ``Retry-After`` or ``X-RateLimit-Reset`` to // provide feedback to the client on how long to wait before retrying. If // configured, this back-off strategy will be used instead of the // default exponential back off strategy (configured using `retry_back_off`) // whenever a response includes the matching headers. RateLimitedRetryBackOff rate_limited_retry_back_off = 11; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.HedgePolicy"; // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.v3.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RedirectAction"; enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.DirectResponseAction"; // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` or // :ref:`envoy_api_msg_config.route.v3.VirtualHost`. core.v3.DataSource body = 2; } message Decorator { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Decorator"; // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_len: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Tracing"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v3.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.VirtualCluster"; reserved 1, 3; reserved "pattern", "method"; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_len: 1}]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit"; // [#next-free-field: 8] message Action { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action"; // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.SourceCluster"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.DestinationCluster"; } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.RequestHeaders"; // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_len: 1}]; // If set to true, Envoy skips the descriptor while calling rate limiting service // when header is not present in the request. By default it skips calling the // rate limiting service if this header is not present in the request. bool skip_if_absent = 3; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.RemoteAddress"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.GenericKey"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // An optional key to use in the descriptor entry. If not set it defaults // to 'generic_key' as the descriptor key. string descriptor_key = 2; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.HeaderValueMatch"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } // The following descriptor entry is appended when the dynamic metadata contains a key value: // // .. code-block:: cpp // // ("", "") message DynamicMetaData { // The key to use in the descriptor entry. string descriptor_key = 1 [(validate.rules).string = {min_len: 1}]; // Metadata struct that defines the key and path to retrieve the string value. A match will // only happen if the value in the dynamic metadata is of type string. type.metadata.v3.MetadataKey metadata_key = 2 [(validate.rules).message = {required: true}]; // An optional value to use if *metadata_key* is empty. If not set and // no value is present under the metadata_key then no descriptor is generated. string default_value = 3; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; // Rate limit on dynamic metadata. DynamicMetaData dynamic_metadata = 7; } } message Override { // Fetches the override from the dynamic metadata. message DynamicMetadata { // Metadata struct that defines the key and path to retrieve the struct value. // The value must be a struct containing an integer "requests_per_unit" property // and a "unit" property with a value parseable to :ref:`RateLimitUnit // enum ` type.metadata.v3.MetadataKey metadata_key = 1 [(validate.rules).message = {required: true}]; } oneof override_specifier { option (validate.required) = true; // Limit override from dynamic metadata. DynamicMetadata dynamic_metadata = 1; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; // An optional limit override to be appended to the descriptor produced by this // rate limit configuration. If the override value is invalid or cannot be resolved // from metadata, no override is provided. See :ref:`rate limit override // ` for more information. Override limit = 4; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 13] message HeaderMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.HeaderMatcher"; reserved 2, 3, 5; reserved "regex_match"; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.v3.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.v3.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on whether the header value contains // the given value or not. // Note: empty contains match is not allowed, please use present_match instead. // // Examples: // // * The value *abcd* matches the value *xyzabcdpqr*, but not for *xyzbcdpqr*. string contains_match = 12 [(validate.rules).string = {min_len: 1}]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.QueryParameterMatcher"; reserved 3, 4; reserved "value", "regex"; // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_len: 1 max_bytes: 1024}]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.v3.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } } // HTTP Internal Redirect :ref:`architecture overview `. message InternalRedirectPolicy { // An internal redirect is not handled, unless the number of previous internal redirects that a // downstream request has encountered is lower than this value. // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or does not set :ref:`internal_redirect_policy // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 1; // Defines what upstream response codes are allowed to trigger internal redirect. If unspecified, // only 302 will be treated as internal redirect. // Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored. repeated uint32 redirect_response_codes = 2 [(validate.rules).repeated = {max_items: 5}]; // Specifies a list of predicates that are queried when an upstream response is deemed // to trigger an internal redirect by all other criteria. Any predicate in the list can reject // the redirect, causing the response to be proxied to downstream. repeated core.v3.TypedExtensionConfig predicates = 3; // Allow internal redirect to follow a target URI with a different scheme than the value of // x-forwarded-proto. The default is false. bool allow_cross_scheme_redirect = 4; } ================================================ FILE: api/envoy/config/route/v3/scoped_route.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration"; // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration.Key"; message Fragment { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration.Key.Fragment"; oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // Whether the RouteConfiguration should be loaded on demand. bool on_demand = 4; // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_len: 1}]; // The resource name to use for a :ref:`envoy_api_msg_service.discovery.v3.DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_len: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/route/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/route/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteConfiguration"; // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_extensions.filters.network.http_connection_manager.v4alpha.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` or // :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` or // :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Vhds"; // Configuration source specifier for VHDS. core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/route/v4alpha/route_components.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/proxy_protocol.proto"; import "envoy/type/matcher/v4alpha/regex.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/metadata/v3/metadata.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.VirtualHost"; enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9, 12; reserved "per_filter_config"; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_len: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v4alpha.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v4alpha.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; } // A filter-defined action type. message FilterAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.FilterAction"; google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Route"; reserved 6, 8; reserved "per_filter_config"; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). // [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when // implemented] FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.v4alpha.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.WeightedCluster"; // [#next-free-field: 11] message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.WeightedCluster.ClusterWeight"; reserved 7, 8; reserved "per_filter_config"; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_len: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.v4alpha.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. repeated string request_headers_to_remove = 9 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. repeated string response_headers_to_remove = 6 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 13] message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch"; message GrpcRouteMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions"; } message TlsContextMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.TlsContextMatchOptions"; // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } // An extensible message for matching CONNECT requests. message ConnectMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.ConnectMatcher"; } reserved 5, 3; reserved "regex"; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.v4alpha.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; // If this is used as the matcher, the matcher will only match CONNECT requests. // Note that this will not match HTTP/2 upgrade-style CONNECT requests // (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style // upgrades. // This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, // where Extended CONNECT requests may have a path, the path matchers will work if // there is a path present. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectMatcher connect_matcher = 12; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.v4alpha.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.CorsPolicy"; reserved 1, 8, 7; reserved "allow_origin", "allow_origin_regex", "enabled"; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.v4alpha.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.v4alpha.RuntimeFractionalPercent filter_enabled = 9; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.v4alpha.RuntimeFractionalPercent shadow_enabled = 10; } // [#next-free-field: 37] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction"; enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.RequestMirrorPolicy"; reserved 2; reserved "runtime_key"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.v4alpha.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy"; message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.Header"; // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If specified, the request header value will be rewritten and used // to produce the hash key. type.matcher.v4alpha.RegexMatchAndSubstitute regex_rewrite = 2; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.Cookie"; // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_len: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties"; // Hash on source IP address. bool source_ip = 1; } message QueryParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter"; // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_len: 1}]; } message FilterState { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.FilterState"; // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_len: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.UpgradeConfig"; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. message ConnectConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig"; // If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream. core.v4alpha.ProxyProtocolConfig proxy_protocol_config = 1; } // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectConfig connect_config = 3; } message MaxStreamDuration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.MaxStreamDuration"; // Specifies the maximum duration allowed for streams on the route. If not specified, the value // from the :ref:`max_stream_duration // ` field in // :ref:`HttpConnectionManager.common_http_protocol_options // ` // is used. If this field is set explicitly to zero, any // HttpConnectionManager max_stream_duration timeout will be disabled for // this route. google.protobuf.Duration max_stream_duration = 1; // If present, and the request contains a `grpc-timeout header // `_, use that value as the // *max_stream_duration*, but limit the applied timeout to the maximum value specified here. // If set to 0, the `grpc-timeout` header is used without modification. google.protobuf.Duration grpc_timeout_header_max = 2; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by // subtracting the provided duration from the header. This is useful for allowing Envoy to set // its global timeout to be less than that of the deadline imposed by the calling client, which // makes it more likely that Envoy will handle the timeout instead of having the call canceled // by the client. If, after applying the offset, the resulting timeout is zero or negative, // the stream will timeout immediately. google.protobuf.Duration grpc_timeout_header_offset = 3; } reserved 12, 18, 19, 16, 22, 21, 10, 14, 23, 28, 26, 31; reserved "request_mirror_policy", "include_vh_rate_limits", "max_grpc_timeout", "grpc_timeout_offset", "internal_redirect_action", "max_internal_redirects"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.v4alpha.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.v4alpha.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite_literal = 6 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string host_rewrite_header = 29 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the result of the regex substitution executed on path value with query and fragment removed. // This is useful for transitioning variable content between path segment and subdomain. // // For example with the following config: // // .. code-block:: yaml // // host_rewrite_path_regex: // pattern: // google_re2: {} // regex: "^/(.+)/.+$" // substitution: \1 // // Would rewrite the host header to `envoyproxy.io` given the path `/envoyproxy.io/some/path`. type.matcher.v4alpha.RegexMatchAndSubstitute host_rewrite_path_regex = 35; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.v4alpha.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; repeated UpgradeConfig upgrade_configs = 25; // If present, Envoy will try to follow an upstream redirect response instead of proxying the // response back to the downstream. An upstream redirect response is defined // by :ref:`redirect_response_codes // `. InternalRedirectPolicy internal_redirect_policy = 34; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; // Specifies the maximum stream duration for this route. MaxStreamDuration max_stream_duration = 36; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 12] message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy"; enum ResetHeaderFormat { SECONDS = 0; UNIX_TIMESTAMP = 1; } message RetryPriority { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryPriority"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryHostPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryHostPredicate"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryBackOff"; // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } message ResetHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.ResetHeader"; string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; ResetHeaderFormat format = 2 [(validate.rules).enum = {defined_only: true}]; } // A retry back-off strategy that applies when the upstream server rate limits // the request. // // Given this configuration: // // .. code-block:: yaml // // rate_limited_retry_back_off: // reset_headers: // - name: Retry-After // format: SECONDS // - name: X-RateLimit-Reset // format: UNIX_TIMESTAMP // max_interval: "300s" // // The following algorithm will apply: // // 1. If the response contains the header ``Retry-After`` its value must be on // the form ``120`` (an integer that represents the number of seconds to // wait before retrying). If so, this value is used as the back-off interval. // 2. Otherwise, if the response contains the header ``X-RateLimit-Reset`` its // value must be on the form ``1595320702`` (an integer that represents the // point in time at which to retry, as a Unix timestamp in seconds). If so, // the current time is subtracted from this value and the result is used as // the back-off interval. // 3. Otherwise, Envoy will use the default // :ref:`exponential back-off ` // strategy. // // No matter which format is used, if the resulting back-off interval exceeds // ``max_interval`` it is discarded and the next header in ``reset_headers`` // is tried. If a request timeout is configured for the route it will further // limit how long the request will be allowed to run. // // To prevent many clients retrying at the same point in time jitter is added // to the back-off interval, so the resulting interval is decided by taking: // ``random(interval, interval * 1.5)``. // // .. attention:: // // Configuring ``rate_limited_retry_back_off`` will not by itself cause a request // to be retried. You will still need to configure the right retry policy to match // the responses from the upstream server. message RateLimitedRetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff"; // Specifies the reset headers (like ``Retry-After`` or ``X-RateLimit-Reset``) // to match against the response. Headers are tried in order, and matched case // insensitive. The first header to be parsed successfully is used. If no headers // match the default exponential back-off is used instead. repeated ResetHeader reset_headers = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the maximum back off interval that Envoy will allow. If a reset // header contains an interval longer than this then it will be discarded and // the next header will be tried. Defaults to 300 seconds. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value max_retries = 2; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control exponential retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // Specifies parameters that control a retry back-off strategy that is used // when the request is rate limited by the upstream server. The server may // return a response header like ``Retry-After`` or ``X-RateLimit-Reset`` to // provide feedback to the client on how long to wait before retrying. If // configured, this back-off strategy will be used instead of the // default exponential back off strategy (configured using `retry_back_off`) // whenever a response includes the matching headers. RateLimitedRetryBackOff rate_limited_retry_back_off = 11; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.HedgePolicy"; // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.v3.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RedirectAction"; enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.DirectResponseAction"; // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` or // :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`. core.v4alpha.DataSource body = 2; } message Decorator { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Decorator"; // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_len: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Tracing"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v3.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.VirtualCluster"; reserved 1, 3; reserved "pattern", "method"; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_len: 1}]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit"; // [#next-free-field: 8] message Action { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action"; // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.SourceCluster"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.DestinationCluster"; } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.RequestHeaders"; // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_len: 1}]; // If set to true, Envoy skips the descriptor while calling rate limiting service // when header is not present in the request. By default it skips calling the // rate limiting service if this header is not present in the request. bool skip_if_absent = 3; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.RemoteAddress"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.GenericKey"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // An optional key to use in the descriptor entry. If not set it defaults // to 'generic_key' as the descriptor key. string descriptor_key = 2; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.HeaderValueMatch"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } // The following descriptor entry is appended when the dynamic metadata contains a key value: // // .. code-block:: cpp // // ("", "") message DynamicMetaData { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.DynamicMetaData"; // The key to use in the descriptor entry. string descriptor_key = 1 [(validate.rules).string = {min_len: 1}]; // Metadata struct that defines the key and path to retrieve the string value. A match will // only happen if the value in the dynamic metadata is of type string. type.metadata.v3.MetadataKey metadata_key = 2 [(validate.rules).message = {required: true}]; // An optional value to use if *metadata_key* is empty. If not set and // no value is present under the metadata_key then no descriptor is generated. string default_value = 3; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; // Rate limit on dynamic metadata. DynamicMetaData dynamic_metadata = 7; } } message Override { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Override"; // Fetches the override from the dynamic metadata. message DynamicMetadata { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Override.DynamicMetadata"; // Metadata struct that defines the key and path to retrieve the struct value. // The value must be a struct containing an integer "requests_per_unit" property // and a "unit" property with a value parseable to :ref:`RateLimitUnit // enum ` type.metadata.v3.MetadataKey metadata_key = 1 [(validate.rules).message = {required: true}]; } oneof override_specifier { option (validate.required) = true; // Limit override from dynamic metadata. DynamicMetadata dynamic_metadata = 1; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; // An optional limit override to be appended to the descriptor produced by this // rate limit configuration. If the override value is invalid or cannot be resolved // from metadata, no override is provided. See :ref:`rate limit override // ` for more information. Override limit = 4; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 13] message HeaderMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.HeaderMatcher"; reserved 2, 3, 5; reserved "regex_match"; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.v4alpha.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.v3.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on whether the header value contains // the given value or not. // Note: empty contains match is not allowed, please use present_match instead. // // Examples: // // * The value *abcd* matches the value *xyzabcdpqr*, but not for *xyzbcdpqr*. string contains_match = 12 [(validate.rules).string = {min_len: 1}]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.QueryParameterMatcher"; reserved 3, 4; reserved "value", "regex"; // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_len: 1 max_bytes: 1024}]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.v4alpha.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } } // HTTP Internal Redirect :ref:`architecture overview `. message InternalRedirectPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.InternalRedirectPolicy"; // An internal redirect is not handled, unless the number of previous internal redirects that a // downstream request has encountered is lower than this value. // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or does not set :ref:`internal_redirect_policy // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 1; // Defines what upstream response codes are allowed to trigger internal redirect. If unspecified, // only 302 will be treated as internal redirect. // Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored. repeated uint32 redirect_response_codes = 2 [(validate.rules).repeated = {max_items: 5}]; // Specifies a list of predicates that are queried when an upstream response is deemed // to trigger an internal redirect by all other criteria. Any predicate in the list can reject // the redirect, causing the response to be proxied to downstream. repeated core.v4alpha.TypedExtensionConfig predicates = 3; // Allow internal redirect to follow a target URI with a different scheme than the value of // x-forwarded-proto. The default is false. bool allow_cross_scheme_redirect = 4; } ================================================ FILE: api/envoy/config/route/v4alpha/scoped_route.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration"; // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration.Key"; message Fragment { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration.Key.Fragment"; oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // Whether the RouteConfiguration should be loaded on demand. bool on_demand = 4; // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_len: 1}]; // The resource name to use for a :ref:`envoy_api_msg_service.discovery.v4alpha.DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_len: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.config.tap.v3; import "envoy/config/common/matcher/v3/matcher.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.TapConfig"; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. MatchPredicate match_config = 1 [deprecated = true]; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. common.matcher.v3.MatchPredicate match = 4; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. core.v3.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.HttpHeadersMatch"; // HTTP headers to match. repeated route.v3.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { message GenericTextMatch { oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } // Tap output configuration. message OutputConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.OutputConfig"; // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.OutputSink"; // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. // [#comment: TODO(samflattery): remove cleanup in uber_per_filter.cc once implemented] StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamingAdminSink"; } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.FilePerTapSink"; // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_len: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamingGrpcSink"; // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/tap/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.config.tap.v4alpha; import "envoy/config/common/matcher/v4alpha/matcher.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.tap.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.TapConfig"; reserved 1; reserved "match_config"; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. common.matcher.v4alpha.MatchPredicate match = 4; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. core.v4alpha.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpHeadersMatch"; // HTTP headers to match. repeated route.v4alpha.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpGenericBodyMatch"; message GenericTextMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpGenericBodyMatch.GenericTextMatch"; oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } // Tap output configuration. message OutputConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.OutputConfig"; // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.OutputSink"; // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. // [#comment: TODO(samflattery): remove cleanup in uber_per_filter.cc once implemented] StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.StreamingAdminSink"; } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.FilePerTapSink"; // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_len: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.StreamingGrpcSink"; // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. core.v4alpha.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/trace/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: api/envoy/config/trace/v2/datadog.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: api/envoy/config/trace/v2/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_bytes: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: api/envoy/config/trace/v2/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: api/envoy/config/trace/v2/lightstep.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_bytes: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: api/envoy/config/trace/v2/opencensus.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "envoy/api/v2/core/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. api.v2.core.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. api.v2.core.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: api/envoy/config/trace/v2/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { // The upstream gRPC cluster that hosts the metrics service. api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/trace/v2/trace.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import public "envoy/config/trace/v2/datadog.proto"; import public "envoy/config/trace/v2/dynamic_ot.proto"; import public "envoy/config/trace/v2/http_tracer.proto"; import public "envoy/config/trace/v2/lightstep.proto"; import public "envoy/config/trace/v2/opencensus.proto"; import public "envoy/config/trace/v2/service.proto"; import public "envoy/config/trace/v2/zipkin.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "TraceProto"; option java_multiple_files = true; ================================================ FILE: api/envoy/config/trace/v2/zipkin.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] HTTP_JSON_V1 = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_bytes: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: api/envoy/config/trace/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/trace/v2alpha/xray.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2alpha; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2alpha"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. api.v2.core.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ api.v2.core.DataSource sampling_rule_manifest = 3; } ================================================ FILE: api/envoy/config/trace/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: api/envoy/config/trace/v3/datadog.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.datadog.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.DatadogConfig"; // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: api/envoy/config/trace/v3/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.dynamic_ot.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.DynamicOtConfig"; // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_len: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: api/envoy/config/trace/v3/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.Tracing"; // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.Tracing.Http"; reserved 2; reserved "config"; // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_len: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Any typed_config = 3; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: api/envoy/config/trace/v3/lightstep.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.lightstep.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.LightstepConfig"; // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_len: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: api/envoy/config/trace/v3/opencensus.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.opencensus.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.OpenCensusConfig"; enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. core.v3.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. core.v3.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: api/envoy/config/trace/v3/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.TraceServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v3.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/trace/v3/trace.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/status.proto"; import public "envoy/config/trace/v3/datadog.proto"; import public "envoy/config/trace/v3/dynamic_ot.proto"; import public "envoy/config/trace/v3/http_tracer.proto"; import public "envoy/config/trace/v3/lightstep.proto"; import public "envoy/config/trace/v3/opencensus.proto"; import public "envoy/config/trace/v3/service.proto"; import public "envoy/config/trace/v3/zipkin.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "TraceProto"; option java_multiple_files = true; ================================================ FILE: api/envoy/config/trace/v3/xray.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.xray.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2alpha.XRayConfig"; message SegmentFields { // The type of AWS resource, e.g. "AWS::AppMesh::Proxy". string origin = 1; // AWS resource metadata dictionary. // See: `X-Ray Segment Document documentation `__ google.protobuf.Struct aws = 2; } // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. core.v3.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ core.v3.DataSource sampling_rule_manifest = 3; // Optional custom fields to be added to each trace segment. // see: `X-Ray Segment Document documentation // `__ SegmentFields segment_fields = 4; } ================================================ FILE: api/envoy/config/trace/v3/zipkin.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.zipkin.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.ZipkinConfig"; // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: api/envoy/config/trace/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/trace/v4alpha/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v4alpha; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v4alpha"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.Tracing"; // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.Tracing.Http"; reserved 2; reserved "config"; // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_len: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Any typed_config = 3; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: api/envoy/config/trace/v4alpha/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v4alpha"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.TraceServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v4alpha.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/config/transport_socket/alts/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/transport_socket/alts/v2alpha/alts.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.alts.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.alts.v2alpha"; option java_outer_classname = "AltsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.alts.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ALTS] // [#extension: envoy.transport_sockets.alts] // Configuration for ALTS transport socket. This provides Google's ALTS protocol to Envoy. // https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/ message Alts { // The location of a handshaker service, this is usually 169.254.169.254:8080 // on GCE. string handshaker_service = 1 [(validate.rules).string = {min_bytes: 1}]; // The acceptable service accounts from peer, peers not in the list will be rejected in the // handshake validation step. If empty, no validation will be performed. repeated string peer_service_accounts = 2; } ================================================ FILE: api/envoy/config/transport_socket/raw_buffer/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/config/transport_socket/raw_buffer/v2/raw_buffer.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.raw_buffer.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.raw_buffer.v2"; option java_outer_classname = "RawBufferProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.raw_buffer.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Raw Buffer] // [#extension: envoy.transport_sockets.raw_buffer] // Configuration for raw buffer transport socket. message RawBuffer { } ================================================ FILE: api/envoy/config/transport_socket/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/config/common/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/config/transport_socket/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/config/common/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tap.v3"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { // Common configuration for the tap transport socket. common.tap.v2alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. api.v2.core.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/data/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/accesslog/v2/accesslog.proto ================================================ syntax = "proto3"; package envoy.data.accesslog.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.accesslog.v2"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC access logs] // Envoy access logs describe incoming interaction with Envoy over a fixed // period of time, and typically cover a single request/response exchange, // (e.g. HTTP), stream (e.g. over HTTP/gRPC), or proxied connection (e.g. TCP). // Access logs contain fields defined in protocol-specific protobuf messages. // // Except where explicitly declared otherwise, all fields describe // *downstream* interaction between Envoy and a connected client. // Fields describing *upstream* interaction will explicitly include ``upstream`` // in their name. message TCPAccessLogEntry { // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; // Properties of the TCP connection. ConnectionProperties connection_properties = 2; } message HTTPAccessLogEntry { // HTTP version enum HTTPVersion { PROTOCOL_UNSPECIFIED = 0; HTTP10 = 1; HTTP11 = 2; HTTP2 = 3; HTTP3 = 4; } // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; HTTPVersion protocol_version = 2; // Description of the incoming HTTP request. HTTPRequestProperties request = 3; // Description of the outgoing HTTP response. HTTPResponseProperties response = 4; } // Defines fields for a connection message ConnectionProperties { // Number of bytes received from downstream. uint64 received_bytes = 1; // Number of bytes sent to downstream. uint64 sent_bytes = 2; } // Defines fields that are shared by all Envoy access logs. // [#next-free-field: 22] message AccessLogCommon { // [#not-implemented-hide:] // This field indicates the rate at which this log entry was sampled. // Valid range is (0.0, 1.0]. double sample_rate = 1 [(validate.rules).double = {lte: 1.0 gt: 0.0}]; // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. api.v2.core.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. api.v2.core.Address downstream_local_address = 3; // If the connection is secure,S this field will contain TLS properties. TLSProperties tls_properties = 4; // The time that Envoy started servicing this request. This is effectively the time that the first // downstream byte is received. google.protobuf.Timestamp start_time = 5; // Interval between the first downstream byte received and the last // downstream byte received (i.e. time it takes to receive a request). google.protobuf.Duration time_to_last_rx_byte = 6; // Interval between the first downstream byte received and the first upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_upstream_tx_byte = 7; // Interval between the first downstream byte received and the last upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_last_upstream_tx_byte = 8; // Interval between the first downstream byte received and the first upstream // byte received (i.e. time it takes to start receiving a response). google.protobuf.Duration time_to_first_upstream_rx_byte = 9; // Interval between the first downstream byte received and the last upstream // byte received (i.e. time it takes to receive a complete response). google.protobuf.Duration time_to_last_upstream_rx_byte = 10; // Interval between the first downstream byte received and the first downstream byte sent. // There may be a considerable delta between the *time_to_first_upstream_rx_byte* and this field // due to filters. Additionally, the same caveats apply as documented in // *time_to_last_downstream_tx_byte* about not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_downstream_tx_byte = 11; // Interval between the first downstream byte received and the last downstream byte sent. // Depending on protocol, buffering, windowing, filters, etc. there may be a considerable delta // between *time_to_last_upstream_rx_byte* and this field. Note also that this is an approximate // time. In the current implementation it does not include kernel socket buffer time. In the // current implementation it also does not include send window buffering inside the HTTP/2 codec. // In the future it is likely that work will be done to make this duration more accurate. google.protobuf.Duration time_to_last_downstream_tx_byte = 12; // The upstream remote/destination address that handles this exchange. This does not include // retries. api.v2.core.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. api.v2.core.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; // Flags indicating occurrences during request/response processing. ResponseFlags response_flags = 16; // All metadata encountered during request processing, including endpoint // selection. // // This can be used to associate IDs attached to the various configurations // used to process this request with the access log entry. For example, a // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. api.v2.core.Metadata metadata = 17; // If upstream connection failed due to transport socket (e.g. TLS handshake), provides the // failure reason from the transport socket. The format of this field depends on the configured // upstream transport socket. Common TLS failures are in // :ref:`TLS trouble shooting `. string upstream_transport_failure_reason = 18; // The name of the route string route_name = 19; // This field is the downstream direct remote address on which the request from the user was // received. Note: This is always the physical peer, even if the remote address is inferred from // for example the x-forwarder-for header, proxy protocol, etc. api.v2.core.Address downstream_direct_remote_address = 20; // Map of filter state in stream info that have been configured to be logged. If the filter // state serialized to any message other than `google.protobuf.Any` it will be packed into // `google.protobuf.Any`. map filter_state_objects = 21; } // Flags indicating occurrences during request/response processing. // [#next-free-field: 20] message ResponseFlags { message Unauthorized { // Reasons why the request was unauthorized enum Reason { REASON_UNSPECIFIED = 0; // The request was denied by the external authorization service. EXTERNAL_SERVICE = 1; } Reason reason = 1; } // Indicates local server healthcheck failed. bool failed_local_healthcheck = 1; // Indicates there was no healthy upstream. bool no_healthy_upstream = 2; // Indicates an there was an upstream request timeout. bool upstream_request_timeout = 3; // Indicates local codec level reset was sent on the stream. bool local_reset = 4; // Indicates remote codec level reset was received on the stream. bool upstream_remote_reset = 5; // Indicates there was a local reset by a connection pool due to an initial connection failure. bool upstream_connection_failure = 6; // Indicates the stream was reset due to an upstream connection termination. bool upstream_connection_termination = 7; // Indicates the stream was reset because of a resource overflow. bool upstream_overflow = 8; // Indicates no route was found for the request. bool no_route_found = 9; // Indicates that the request was delayed before proxying. bool delay_injected = 10; // Indicates that the request was aborted with an injected error code. bool fault_injected = 11; // Indicates that the request was rate-limited locally. bool rate_limited = 12; // Indicates if the request was deemed unauthorized and the reason for it. Unauthorized unauthorized_details = 13; // Indicates that the request was rejected because there was an error in rate limit service. bool rate_limit_service_error = 14; // Indicates the stream was reset due to a downstream connection termination. bool downstream_connection_termination = 15; // Indicates that the upstream retry limit was exceeded, resulting in a downstream error. bool upstream_retry_limit_exceeded = 16; // Indicates that the stream idle timeout was hit, resulting in a downstream 408. bool stream_idle_timeout = 17; // Indicates that the request was rejected because an envoy request header failed strict // validation. bool invalid_envoy_request_headers = 18; // Indicates there was an HTTP protocol error on the downstream request. bool downstream_protocol_error = 19; } // Properties of a negotiated TLS connection. // [#next-free-field: 7] message TLSProperties { enum TLSVersion { VERSION_UNSPECIFIED = 0; TLSv1 = 1; TLSv1_1 = 2; TLSv1_2 = 3; TLSv1_3 = 4; } message CertificateProperties { message SubjectAltName { oneof san { string uri = 1; // [#not-implemented-hide:] string dns = 2; } } // SANs present in the certificate. repeated SubjectAltName subject_alt_name = 1; // The subject field of the certificate. string subject = 2; } // Version of TLS that was negotiated. TLSVersion tls_version = 1; // TLS cipher suite negotiated during handshake. The value is a // four-digit hex code defined by the IANA TLS Cipher Suite Registry // (e.g. ``009C`` for ``TLS_RSA_WITH_AES_128_GCM_SHA256``). // // Here it is expressed as an integer. google.protobuf.UInt32Value tls_cipher_suite = 2; // SNI hostname from handshake. string tls_sni_hostname = 3; // Properties of the local certificate used to negotiate TLS. CertificateProperties local_certificate_properties = 4; // Properties of the peer certificate used to negotiate TLS. CertificateProperties peer_certificate_properties = 5; // The TLS session ID. string tls_session_id = 6; } // [#next-free-field: 14] message HTTPRequestProperties { // The request method (RFC 7231/2616). api.v2.core.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; // The scheme portion of the incoming request URI. string scheme = 2; // HTTP/2 ``:authority`` or HTTP/1.1 ``Host`` header value. string authority = 3; // The port of the incoming request URI // (unused currently, as port is composed onto authority). google.protobuf.UInt32Value port = 4; // The path portion from the incoming request URI. string path = 5; // Value of the ``User-Agent`` request header. string user_agent = 6; // Value of the ``Referer`` request header. string referer = 7; // Value of the ``X-Forwarded-For`` request header. string forwarded_for = 8; // Value of the ``X-Request-Id`` request header // // This header is used by Envoy to uniquely identify a request. // It will be generated for all external requests and internal requests that // do not already have a request ID. string request_id = 9; // Value of the ``X-Envoy-Original-Path`` request header. string original_path = 10; // Size of the HTTP request headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_headers_bytes = 11; // Size of the HTTP request body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_body_bytes = 12; // Map of additional headers that have been configured to be logged. map request_headers = 13; } // [#next-free-field: 7] message HTTPResponseProperties { // The HTTP response code returned by Envoy. google.protobuf.UInt32Value response_code = 1; // Size of the HTTP response headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_headers_bytes = 2; // Size of the HTTP response body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_body_bytes = 3; // Map of additional headers configured to be logged. map response_headers = 4; // Map of trailers configured to be logged. map response_trailers = 5; // The HTTP response code details. string response_code_details = 6; } ================================================ FILE: api/envoy/data/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/accesslog/v3/accesslog.proto ================================================ syntax = "proto3"; package envoy.data.accesslog.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.accesslog.v3"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC access logs] // Envoy access logs describe incoming interaction with Envoy over a fixed // period of time, and typically cover a single request/response exchange, // (e.g. HTTP), stream (e.g. over HTTP/gRPC), or proxied connection (e.g. TCP). // Access logs contain fields defined in protocol-specific protobuf messages. // // Except where explicitly declared otherwise, all fields describe // *downstream* interaction between Envoy and a connected client. // Fields describing *upstream* interaction will explicitly include ``upstream`` // in their name. message TCPAccessLogEntry { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TCPAccessLogEntry"; // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; // Properties of the TCP connection. ConnectionProperties connection_properties = 2; } message HTTPAccessLogEntry { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPAccessLogEntry"; // HTTP version enum HTTPVersion { PROTOCOL_UNSPECIFIED = 0; HTTP10 = 1; HTTP11 = 2; HTTP2 = 3; HTTP3 = 4; } // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; HTTPVersion protocol_version = 2; // Description of the incoming HTTP request. HTTPRequestProperties request = 3; // Description of the outgoing HTTP response. HTTPResponseProperties response = 4; } // Defines fields for a connection message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ConnectionProperties"; // Number of bytes received from downstream. uint64 received_bytes = 1; // Number of bytes sent to downstream. uint64 sent_bytes = 2; } // Defines fields that are shared by all Envoy access logs. // [#next-free-field: 22] message AccessLogCommon { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.AccessLogCommon"; // [#not-implemented-hide:] // This field indicates the rate at which this log entry was sampled. // Valid range is (0.0, 1.0]. double sample_rate = 1 [(validate.rules).double = {lte: 1.0 gt: 0.0}]; // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. config.core.v3.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. config.core.v3.Address downstream_local_address = 3; // If the connection is secure,S this field will contain TLS properties. TLSProperties tls_properties = 4; // The time that Envoy started servicing this request. This is effectively the time that the first // downstream byte is received. google.protobuf.Timestamp start_time = 5; // Interval between the first downstream byte received and the last // downstream byte received (i.e. time it takes to receive a request). google.protobuf.Duration time_to_last_rx_byte = 6; // Interval between the first downstream byte received and the first upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_upstream_tx_byte = 7; // Interval between the first downstream byte received and the last upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_last_upstream_tx_byte = 8; // Interval between the first downstream byte received and the first upstream // byte received (i.e. time it takes to start receiving a response). google.protobuf.Duration time_to_first_upstream_rx_byte = 9; // Interval between the first downstream byte received and the last upstream // byte received (i.e. time it takes to receive a complete response). google.protobuf.Duration time_to_last_upstream_rx_byte = 10; // Interval between the first downstream byte received and the first downstream byte sent. // There may be a considerable delta between the *time_to_first_upstream_rx_byte* and this field // due to filters. Additionally, the same caveats apply as documented in // *time_to_last_downstream_tx_byte* about not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_downstream_tx_byte = 11; // Interval between the first downstream byte received and the last downstream byte sent. // Depending on protocol, buffering, windowing, filters, etc. there may be a considerable delta // between *time_to_last_upstream_rx_byte* and this field. Note also that this is an approximate // time. In the current implementation it does not include kernel socket buffer time. In the // current implementation it also does not include send window buffering inside the HTTP/2 codec. // In the future it is likely that work will be done to make this duration more accurate. google.protobuf.Duration time_to_last_downstream_tx_byte = 12; // The upstream remote/destination address that handles this exchange. This does not include // retries. config.core.v3.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. config.core.v3.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; // Flags indicating occurrences during request/response processing. ResponseFlags response_flags = 16; // All metadata encountered during request processing, including endpoint // selection. // // This can be used to associate IDs attached to the various configurations // used to process this request with the access log entry. For example, a // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. config.core.v3.Metadata metadata = 17; // If upstream connection failed due to transport socket (e.g. TLS handshake), provides the // failure reason from the transport socket. The format of this field depends on the configured // upstream transport socket. Common TLS failures are in // :ref:`TLS trouble shooting `. string upstream_transport_failure_reason = 18; // The name of the route string route_name = 19; // This field is the downstream direct remote address on which the request from the user was // received. Note: This is always the physical peer, even if the remote address is inferred from // for example the x-forwarder-for header, proxy protocol, etc. config.core.v3.Address downstream_direct_remote_address = 20; // Map of filter state in stream info that have been configured to be logged. If the filter // state serialized to any message other than `google.protobuf.Any` it will be packed into // `google.protobuf.Any`. map filter_state_objects = 21; } // Flags indicating occurrences during request/response processing. // [#next-free-field: 24] message ResponseFlags { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags"; message Unauthorized { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags.Unauthorized"; // Reasons why the request was unauthorized enum Reason { REASON_UNSPECIFIED = 0; // The request was denied by the external authorization service. EXTERNAL_SERVICE = 1; } Reason reason = 1; } // Indicates local server healthcheck failed. bool failed_local_healthcheck = 1; // Indicates there was no healthy upstream. bool no_healthy_upstream = 2; // Indicates an there was an upstream request timeout. bool upstream_request_timeout = 3; // Indicates local codec level reset was sent on the stream. bool local_reset = 4; // Indicates remote codec level reset was received on the stream. bool upstream_remote_reset = 5; // Indicates there was a local reset by a connection pool due to an initial connection failure. bool upstream_connection_failure = 6; // Indicates the stream was reset due to an upstream connection termination. bool upstream_connection_termination = 7; // Indicates the stream was reset because of a resource overflow. bool upstream_overflow = 8; // Indicates no route was found for the request. bool no_route_found = 9; // Indicates that the request was delayed before proxying. bool delay_injected = 10; // Indicates that the request was aborted with an injected error code. bool fault_injected = 11; // Indicates that the request was rate-limited locally. bool rate_limited = 12; // Indicates if the request was deemed unauthorized and the reason for it. Unauthorized unauthorized_details = 13; // Indicates that the request was rejected because there was an error in rate limit service. bool rate_limit_service_error = 14; // Indicates the stream was reset due to a downstream connection termination. bool downstream_connection_termination = 15; // Indicates that the upstream retry limit was exceeded, resulting in a downstream error. bool upstream_retry_limit_exceeded = 16; // Indicates that the stream idle timeout was hit, resulting in a downstream 408. bool stream_idle_timeout = 17; // Indicates that the request was rejected because an envoy request header failed strict // validation. bool invalid_envoy_request_headers = 18; // Indicates there was an HTTP protocol error on the downstream request. bool downstream_protocol_error = 19; // Indicates there was a max stream duration reached on the upstream request. bool upstream_max_stream_duration_reached = 20; // Indicates the response was served from a cache filter. bool response_from_cache_filter = 21; // Indicates that a filter configuration is not available. bool no_filter_config_found = 22; // Indicates that request or connection exceeded the downstream connection duration. bool duration_timeout = 23; } // Properties of a negotiated TLS connection. // [#next-free-field: 7] message TLSProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties"; enum TLSVersion { VERSION_UNSPECIFIED = 0; TLSv1 = 1; TLSv1_1 = 2; TLSv1_2 = 3; TLSv1_3 = 4; } message CertificateProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties.CertificateProperties"; message SubjectAltName { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties.CertificateProperties.SubjectAltName"; oneof san { string uri = 1; // [#not-implemented-hide:] string dns = 2; } } // SANs present in the certificate. repeated SubjectAltName subject_alt_name = 1; // The subject field of the certificate. string subject = 2; } // Version of TLS that was negotiated. TLSVersion tls_version = 1; // TLS cipher suite negotiated during handshake. The value is a // four-digit hex code defined by the IANA TLS Cipher Suite Registry // (e.g. ``009C`` for ``TLS_RSA_WITH_AES_128_GCM_SHA256``). // // Here it is expressed as an integer. google.protobuf.UInt32Value tls_cipher_suite = 2; // SNI hostname from handshake. string tls_sni_hostname = 3; // Properties of the local certificate used to negotiate TLS. CertificateProperties local_certificate_properties = 4; // Properties of the peer certificate used to negotiate TLS. CertificateProperties peer_certificate_properties = 5; // The TLS session ID. string tls_session_id = 6; } // [#next-free-field: 14] message HTTPRequestProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPRequestProperties"; // The request method (RFC 7231/2616). config.core.v3.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; // The scheme portion of the incoming request URI. string scheme = 2; // HTTP/2 ``:authority`` or HTTP/1.1 ``Host`` header value. string authority = 3; // The port of the incoming request URI // (unused currently, as port is composed onto authority). google.protobuf.UInt32Value port = 4; // The path portion from the incoming request URI. string path = 5; // Value of the ``User-Agent`` request header. string user_agent = 6; // Value of the ``Referer`` request header. string referer = 7; // Value of the ``X-Forwarded-For`` request header. string forwarded_for = 8; // Value of the ``X-Request-Id`` request header // // This header is used by Envoy to uniquely identify a request. // It will be generated for all external requests and internal requests that // do not already have a request ID. string request_id = 9; // Value of the ``X-Envoy-Original-Path`` request header. string original_path = 10; // Size of the HTTP request headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_headers_bytes = 11; // Size of the HTTP request body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_body_bytes = 12; // Map of additional headers that have been configured to be logged. map request_headers = 13; } // [#next-free-field: 7] message HTTPResponseProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPResponseProperties"; // The HTTP response code returned by Envoy. google.protobuf.UInt32Value response_code = 1; // Size of the HTTP response headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_headers_bytes = 2; // Size of the HTTP response body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_body_bytes = 3; // Map of additional headers configured to be logged. map response_headers = 4; // Map of trailers configured to be logged. map response_trailers = 5; // The HTTP response code details. string response_code_details = 6; } ================================================ FILE: api/envoy/data/cluster/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/data/cluster/v2alpha/outlier_detection_event.proto ================================================ syntax = "proto3"; package envoy.data.cluster.v2alpha; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.cluster.v2alpha"; option java_outer_classname = "OutlierDetectionEventProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.data.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Outlier detection logging events] // :ref:`Outlier detection logging `. // Type of ejection that took place enum OutlierEjectionType { // In case upstream host returns certain number of consecutive 5xx. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all type of errors are treated as HTTP 5xx errors. // See :ref:`Cluster outlier detection ` documentation for // details. CONSECUTIVE_5XX = 0; // In case upstream host returns certain number of consecutive gateway errors CONSECUTIVE_GATEWAY_FAILURE = 1; // Runs over aggregated success rate statistics from every host in cluster // and selects hosts for which ratio of successful replies deviates from other hosts // in the cluster. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors (externally and locally generated) are used to calculate success rate // statistics. See :ref:`Cluster outlier detection ` // documentation for details. SUCCESS_RATE = 2; // Consecutive local origin failures: Connection failures, resets, timeouts, etc // This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 3; // Runs over aggregated success rate statistics for local origin failures // for all hosts in the cluster and selects hosts for which success rate deviates from other // hosts in the cluster. This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for SUCCESS_RATE_LOCAL_ORIGIN = 4; // Runs over aggregated success rate statistics from every host in cluster and selects hosts for // which ratio of failed replies is above configured value. FAILURE_PERCENTAGE = 5; // Runs over aggregated success rate statistics for local origin failures from every host in // cluster and selects hosts for which ratio of failed replies is above configured value. FAILURE_PERCENTAGE_LOCAL_ORIGIN = 6; } // Represents possible action applied to upstream host enum Action { // In case host was excluded from service EJECT = 0; // In case host was brought back into service UNEJECT = 1; } // [#next-free-field: 12] message OutlierDetectionEvent { // In case of eject represents type of ejection that took place. OutlierEjectionType type = 1 [(validate.rules).enum = {defined_only: true}]; // Timestamp for event. google.protobuf.Timestamp timestamp = 2; // The time in seconds since the last action (either an ejection or unejection) took place. google.protobuf.UInt64Value secs_since_last_action = 3; // The :ref:`cluster ` that owns the ejected host. string cluster_name = 4 [(validate.rules).string = {min_bytes: 1}]; // The URL of the ejected host. E.g., ``tcp://1.2.3.4:80``. string upstream_url = 5 [(validate.rules).string = {min_bytes: 1}]; // The action that took place. Action action = 6 [(validate.rules).enum = {defined_only: true}]; // If ``action`` is ``eject``, specifies the number of times the host has been ejected (local to // that Envoy and gets reset if the host gets removed from the upstream cluster for any reason and // then re-added). uint32 num_ejections = 7; // If ``action`` is ``eject``, specifies if the ejection was enforced. ``true`` means the host was // ejected. ``false`` means the event was logged but the host was not actually ejected. bool enforced = 8; oneof event { option (validate.required) = true; OutlierEjectSuccessRate eject_success_rate_event = 9; OutlierEjectConsecutive eject_consecutive_event = 10; OutlierEjectFailurePercentage eject_failure_percentage_event = 11; } } message OutlierEjectSuccessRate { // Host’s success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; // Average success rate of the hosts in the cluster at the time of the ejection event on a 0-100 // range. uint32 cluster_average_success_rate = 2 [(validate.rules).uint32 = {lte: 100}]; // Success rate ejection threshold at the time of the ejection event. uint32 cluster_success_rate_ejection_threshold = 3 [(validate.rules).uint32 = {lte: 100}]; } message OutlierEjectConsecutive { } message OutlierEjectFailurePercentage { // Host's success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; } ================================================ FILE: api/envoy/data/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/cluster/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/cluster/v3/outlier_detection_event.proto ================================================ syntax = "proto3"; package envoy.data.cluster.v3; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.cluster.v3"; option java_outer_classname = "OutlierDetectionEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Outlier detection logging events] // :ref:`Outlier detection logging `. // Type of ejection that took place enum OutlierEjectionType { // In case upstream host returns certain number of consecutive 5xx. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all type of errors are treated as HTTP 5xx errors. // See :ref:`Cluster outlier detection ` documentation for // details. CONSECUTIVE_5XX = 0; // In case upstream host returns certain number of consecutive gateway errors CONSECUTIVE_GATEWAY_FAILURE = 1; // Runs over aggregated success rate statistics from every host in cluster // and selects hosts for which ratio of successful replies deviates from other hosts // in the cluster. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors (externally and locally generated) are used to calculate success rate // statistics. See :ref:`Cluster outlier detection ` // documentation for details. SUCCESS_RATE = 2; // Consecutive local origin failures: Connection failures, resets, timeouts, etc // This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 3; // Runs over aggregated success rate statistics for local origin failures // for all hosts in the cluster and selects hosts for which success rate deviates from other // hosts in the cluster. This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for SUCCESS_RATE_LOCAL_ORIGIN = 4; // Runs over aggregated success rate statistics from every host in cluster and selects hosts for // which ratio of failed replies is above configured value. FAILURE_PERCENTAGE = 5; // Runs over aggregated success rate statistics for local origin failures from every host in // cluster and selects hosts for which ratio of failed replies is above configured value. FAILURE_PERCENTAGE_LOCAL_ORIGIN = 6; } // Represents possible action applied to upstream host enum Action { // In case host was excluded from service EJECT = 0; // In case host was brought back into service UNEJECT = 1; } // [#next-free-field: 12] message OutlierDetectionEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierDetectionEvent"; // In case of eject represents type of ejection that took place. OutlierEjectionType type = 1 [(validate.rules).enum = {defined_only: true}]; // Timestamp for event. google.protobuf.Timestamp timestamp = 2; // The time in seconds since the last action (either an ejection or unejection) took place. google.protobuf.UInt64Value secs_since_last_action = 3; // The :ref:`cluster ` that owns the ejected host. string cluster_name = 4 [(validate.rules).string = {min_len: 1}]; // The URL of the ejected host. E.g., ``tcp://1.2.3.4:80``. string upstream_url = 5 [(validate.rules).string = {min_len: 1}]; // The action that took place. Action action = 6 [(validate.rules).enum = {defined_only: true}]; // If ``action`` is ``eject``, specifies the number of times the host has been ejected (local to // that Envoy and gets reset if the host gets removed from the upstream cluster for any reason and // then re-added). uint32 num_ejections = 7; // If ``action`` is ``eject``, specifies if the ejection was enforced. ``true`` means the host was // ejected. ``false`` means the event was logged but the host was not actually ejected. bool enforced = 8; oneof event { option (validate.required) = true; OutlierEjectSuccessRate eject_success_rate_event = 9; OutlierEjectConsecutive eject_consecutive_event = 10; OutlierEjectFailurePercentage eject_failure_percentage_event = 11; } } message OutlierEjectSuccessRate { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectSuccessRate"; // Host’s success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; // Average success rate of the hosts in the cluster at the time of the ejection event on a 0-100 // range. uint32 cluster_average_success_rate = 2 [(validate.rules).uint32 = {lte: 100}]; // Success rate ejection threshold at the time of the ejection event. uint32 cluster_success_rate_ejection_threshold = 3 [(validate.rules).uint32 = {lte: 100}]; } message OutlierEjectConsecutive { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectConsecutive"; } message OutlierEjectFailurePercentage { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectFailurePercentage"; // Host's success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; } ================================================ FILE: api/envoy/data/core/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/core/v2alpha/health_check_event.proto ================================================ syntax = "proto3"; package envoy.data.core.v2alpha; import "envoy/api/v2/core/address.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.core.v2alpha"; option java_outer_classname = "HealthCheckEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check logging events] // :ref:`Health check logging `. enum HealthCheckFailureType { ACTIVE = 0; PASSIVE = 1; NETWORK = 2; } enum HealthCheckerType { HTTP = 0; TCP = 1; GRPC = 2; REDIS = 3; } // [#next-free-field: 10] message HealthCheckEvent { HealthCheckerType health_checker_type = 1 [(validate.rules).enum = {defined_only: true}]; api.v2.core.Address host = 2; string cluster_name = 3 [(validate.rules).string = {min_bytes: 1}]; oneof event { option (validate.required) = true; // Host ejection. HealthCheckEjectUnhealthy eject_unhealthy_event = 4; // Host addition. HealthCheckAddHealthy add_healthy_event = 5; // Host failure. HealthCheckFailure health_check_failure_event = 7; // Healthy host became degraded. DegradedHealthyHost degraded_healthy_host = 8; // A degraded host returned to being healthy. NoLongerDegradedHost no_longer_degraded_host = 9; } // Timestamp for event. google.protobuf.Timestamp timestamp = 6; } message HealthCheckEjectUnhealthy { // The type of failure that caused this ejection. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; } message HealthCheckAddHealthy { // Whether this addition is the result of the first ever health check on a host, in which case // the configured :ref:`healthy threshold ` // is bypassed and the host is immediately added. bool first_check = 1; } message HealthCheckFailure { // The type of failure that caused this event. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; // Whether this event is the result of the first ever health check on a host. bool first_check = 2; } message DegradedHealthyHost { } message NoLongerDegradedHost { } ================================================ FILE: api/envoy/data/core/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/core/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/core/v3/health_check_event.proto ================================================ syntax = "proto3"; package envoy.data.core.v3; import "envoy/config/core/v3/address.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.core.v3"; option java_outer_classname = "HealthCheckEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check logging events] // :ref:`Health check logging `. enum HealthCheckFailureType { ACTIVE = 0; PASSIVE = 1; NETWORK = 2; } enum HealthCheckerType { HTTP = 0; TCP = 1; GRPC = 2; REDIS = 3; } // [#next-free-field: 10] message HealthCheckEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckEvent"; HealthCheckerType health_checker_type = 1 [(validate.rules).enum = {defined_only: true}]; config.core.v3.Address host = 2; string cluster_name = 3 [(validate.rules).string = {min_len: 1}]; oneof event { option (validate.required) = true; // Host ejection. HealthCheckEjectUnhealthy eject_unhealthy_event = 4; // Host addition. HealthCheckAddHealthy add_healthy_event = 5; // Host failure. HealthCheckFailure health_check_failure_event = 7; // Healthy host became degraded. DegradedHealthyHost degraded_healthy_host = 8; // A degraded host returned to being healthy. NoLongerDegradedHost no_longer_degraded_host = 9; } // Timestamp for event. google.protobuf.Timestamp timestamp = 6; } message HealthCheckEjectUnhealthy { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckEjectUnhealthy"; // The type of failure that caused this ejection. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; } message HealthCheckAddHealthy { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckAddHealthy"; // Whether this addition is the result of the first ever health check on a host, in which case // the configured :ref:`healthy threshold ` // is bypassed and the host is immediately added. bool first_check = 1; } message HealthCheckFailure { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckFailure"; // The type of failure that caused this event. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; // Whether this event is the result of the first ever health check on a host. bool first_check = 2; } message DegradedHealthyHost { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.DegradedHealthyHost"; } message NoLongerDegradedHost { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.NoLongerDegradedHost"; } ================================================ FILE: api/envoy/data/dns/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/dns/v2alpha/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v2alpha; import "envoy/type/matcher/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v2alpha"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { // This message contains a list of IP addresses returned for a query for a known name message AddressList { // This field contains a well formed IP address that is returned // in the answer for a name query. The address field can be an // IPv4 or IPv6 address. Address family detection is done automatically // when Envoy parses the string. Since this field is repeated, // Envoy will return one randomly chosen entry from this list in the // DNS response. The random index will vary per query so that we prevent // clients pinning on a single address for a configured domain repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // This message type is extensible and can contain a list of addresses // or dictate some other method for resolving the addresses for an // endpoint message DnsEndpoint { oneof endpoint_config { option (validate.required) = true; AddressList address_list = 1; } } message DnsVirtualDomain { // The domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 2 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address // of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in dns answers from Envoy returned to the client google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gt {}}]; } // Control how many times envoy makes an attempt to forward a query to // an external server uint32 external_retry_count = 1; // Fully qualified domain names for which Envoy will respond to queries repeated DnsVirtualDomain virtual_domains = 2 [(validate.rules).repeated = {min_items: 1}]; // This field serves to help Envoy determine whether it can authoritatively // answer a query for a name matching a suffix in this list. If the query // name does not match a suffix in this list, Envoy will forward // the query to an upstream DNS server repeated type.matcher.StringMatcher known_suffixes = 3; } ================================================ FILE: api/envoy/data/dns/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/dns/v2alpha:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/dns/v3/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v3; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v3"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable"; // This message contains a list of IP addresses returned for a query for a known name message AddressList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.AddressList"; // This field contains a well formed IP address that is returned in the answer for a // name query. The address field can be an IPv4 or IPv6 address. Address family // detection is done automatically when Envoy parses the string. Since this field is // repeated, Envoy will return as many entries from this list in the DNS response while // keeping the response under 512 bytes repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // Specify the service protocol using a numeric or string value message DnsServiceProtocol { oneof protocol_config { option (validate.required) = true; // Specify the protocol number for the service. Envoy will try to resolve the number to // the protocol name. For example, 6 will resolve to "tcp". Refer to: // https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml // for protocol names and numbers uint32 number = 1 [(validate.rules).uint32 = {lt: 255}]; // Specify the protocol name for the service. string name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } } // Specify the target for a given DNS service // [#next-free-field: 6] message DnsServiceTarget { // Specify the name of the endpoint for the Service. The name is a hostname or a cluster oneof endpoint_type { option (validate.required) = true; // Use a resolvable hostname as the endpoint for a service. string host_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // Use a cluster name as the endpoint for a service. string cluster_name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } // The priority of the service record target uint32 priority = 3 [(validate.rules).uint32 = {lt: 65536}]; // The weight of the service record target uint32 weight = 4 [(validate.rules).uint32 = {lt: 65536}]; // The port to which the service is bound. This value is optional if the target is a // cluster. Setting port to zero in this case makes the filter use the port value // from the cluster host uint32 port = 5 [(validate.rules).uint32 = {lt: 65536}]; } // This message defines a service selection record returned for a service query in a domain message DnsService { // The name of the service without the protocol or domain name string service_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The service protocol. This can be specified as a string or the numeric value of the protocol DnsServiceProtocol protocol = 2; // The service entry time to live. This is independent from the DNS Answer record TTL google.protobuf.Duration ttl = 3 [(validate.rules).duration = {gte {seconds: 1}}]; // The list of targets hosting the service repeated DnsServiceTarget targets = 4 [(validate.rules).repeated = {min_items: 1}]; } // Define a list of service records for a given service message DnsServiceList { repeated DnsService services = 1 [(validate.rules).repeated = {min_items: 1}]; } message DnsEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.DnsEndpoint"; oneof endpoint_config { option (validate.required) = true; // Define a list of addresses to return for the specified endpoint AddressList address_list = 1; // Define a cluster whose addresses are returned for the specified endpoint string cluster_name = 2; // Define a DNS Service List for the specified endpoint DnsServiceList service_list = 3; } } message DnsVirtualDomain { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.DnsVirtualDomain"; // A domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in DNS answers from Envoy returned to the client. The default TTL is 300s google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gte {seconds: 30}}]; } // Control how many times Envoy makes an attempt to forward a query to an external DNS server uint32 external_retry_count = 1 [(validate.rules).uint32 = {lte: 3}]; // Fully qualified domain names for which Envoy will respond to DNS queries. By leaving this // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server repeated type.matcher.v3.StringMatcher known_suffixes = 3; } ================================================ FILE: api/envoy/data/dns/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/dns/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/dns/v4alpha/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v4alpha"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable"; // This message contains a list of IP addresses returned for a query for a known name message AddressList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.AddressList"; // This field contains a well formed IP address that is returned in the answer for a // name query. The address field can be an IPv4 or IPv6 address. Address family // detection is done automatically when Envoy parses the string. Since this field is // repeated, Envoy will return as many entries from this list in the DNS response while // keeping the response under 512 bytes repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // Specify the service protocol using a numeric or string value message DnsServiceProtocol { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceProtocol"; oneof protocol_config { option (validate.required) = true; // Specify the protocol number for the service. Envoy will try to resolve the number to // the protocol name. For example, 6 will resolve to "tcp". Refer to: // https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml // for protocol names and numbers uint32 number = 1 [(validate.rules).uint32 = {lt: 255}]; // Specify the protocol name for the service. string name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } } // Specify the target for a given DNS service // [#next-free-field: 6] message DnsServiceTarget { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceTarget"; // Specify the name of the endpoint for the Service. The name is a hostname or a cluster oneof endpoint_type { option (validate.required) = true; // Use a resolvable hostname as the endpoint for a service. string host_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // Use a cluster name as the endpoint for a service. string cluster_name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } // The priority of the service record target uint32 priority = 3 [(validate.rules).uint32 = {lt: 65536}]; // The weight of the service record target uint32 weight = 4 [(validate.rules).uint32 = {lt: 65536}]; // The port to which the service is bound. This value is optional if the target is a // cluster. Setting port to zero in this case makes the filter use the port value // from the cluster host uint32 port = 5 [(validate.rules).uint32 = {lt: 65536}]; } // This message defines a service selection record returned for a service query in a domain message DnsService { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsService"; // The name of the service without the protocol or domain name string service_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The service protocol. This can be specified as a string or the numeric value of the protocol DnsServiceProtocol protocol = 2; // The service entry time to live. This is independent from the DNS Answer record TTL google.protobuf.Duration ttl = 3 [(validate.rules).duration = {gte {seconds: 1}}]; // The list of targets hosting the service repeated DnsServiceTarget targets = 4 [(validate.rules).repeated = {min_items: 1}]; } // Define a list of service records for a given service message DnsServiceList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceList"; repeated DnsService services = 1 [(validate.rules).repeated = {min_items: 1}]; } message DnsEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsEndpoint"; oneof endpoint_config { option (validate.required) = true; // Define a list of addresses to return for the specified endpoint AddressList address_list = 1; // Define a cluster whose addresses are returned for the specified endpoint string cluster_name = 2; // Define a DNS Service List for the specified endpoint DnsServiceList service_list = 3; } } message DnsVirtualDomain { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsVirtualDomain"; // A domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in DNS answers from Envoy returned to the client. The default TTL is 300s google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gte {seconds: 30}}]; } // Control how many times Envoy makes an attempt to forward a query to an external DNS server uint32 external_retry_count = 1 [(validate.rules).uint32 = {lte: 3}]; // Fully qualified domain names for which Envoy will respond to DNS queries. By leaving this // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server repeated type.matcher.v4alpha.StringMatcher known_suffixes = 3; } ================================================ FILE: api/envoy/data/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap common data] // Wrapper for tapped body data. This includes HTTP request/response body, transport socket received // and transmitted data, etc. message Body { oneof body_type { // Body data as bytes. By default, tap body data will be present in this field, as the proto // `bytes` type can contain any valid byte. bytes as_bytes = 1; // Body data as string. This field is only used when the :ref:`JSON_BODY_AS_STRING // ` sink // format type is selected. See the documentation for that option for why this is useful. string as_string = 2; } // Specifies whether body data has been truncated to fit within the specified // :ref:`max_buffered_rx_bytes // ` and // :ref:`max_buffered_tx_bytes // ` settings. bool truncated = 3; } ================================================ FILE: api/envoy/data/tap/v2alpha/http.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/data/tap/v2alpha/common.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP tap data] // A fully buffered HTTP trace message. message HttpBufferedTrace { // HTTP message wrapper. message Message { // Message headers. repeated api.v2.core.HeaderValue headers = 1; // Message body. Body body = 2; // Message trailers. repeated api.v2.core.HeaderValue trailers = 3; } // Request message. Message request = 1; // Response message. Message response = 2; } // A streamed HTTP trace segment. Multiple segments make up a full trace. // [#next-free-field: 8] message HttpStreamedTraceSegment { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. uint64 trace_id = 1; oneof message_piece { // Request headers. api.v2.core.HeaderMap request_headers = 2; // Request body chunk. Body request_body_chunk = 3; // Request trailers. api.v2.core.HeaderMap request_trailers = 4; // Response headers. api.v2.core.HeaderMap response_headers = 5; // Response body chunk. Body response_body_chunk = 6; // Response trailers. api.v2.core.HeaderMap response_trailers = 7; } } ================================================ FILE: api/envoy/data/tap/v2alpha/transport.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/api/v2/core/address.proto"; import "envoy/data/tap/v2alpha/common.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "TransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Transport tap data] // Trace format for the tap transport socket extension. This dumps plain text read/write // sequences on a socket. // Connection properties. message Connection { // Local address. api.v2.core.Address local_address = 2; // Remote address. api.v2.core.Address remote_address = 3; } // Event in a socket trace. message SocketEvent { // Data read by Envoy from the transport socket. message Read { // TODO(htuch): Half-close for reads. // Binary data read. Body data = 1; } // Data written by Envoy to the transport socket. message Write { // Binary data written. Body data = 1; // Stream was half closed after this write. bool end_stream = 2; } // The connection was closed. message Closed { // TODO(mattklein123): Close event type. } // Timestamp for event. google.protobuf.Timestamp timestamp = 1; // Read or write with content as bytes string. oneof event_selector { Read read = 2; Write write = 3; Closed closed = 4; } } // Sequence of read/write events that constitute a buffered trace on a socket. // [#next-free-field: 6] message SocketBufferedTrace { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; // Connection properties. Connection connection = 2; // Sequence of observed events. repeated SocketEvent events = 3; // Set to true if read events were truncated due to the :ref:`max_buffered_rx_bytes // ` setting. bool read_truncated = 4; // Set to true if write events were truncated due to the :ref:`max_buffered_tx_bytes // ` setting. bool write_truncated = 5; } // A streamed socket trace segment. Multiple segments make up a full trace. message SocketStreamedTraceSegment { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; oneof message_piece { // Connection properties. Connection connection = 2; // Socket event. SocketEvent event = 3; } } ================================================ FILE: api/envoy/data/tap/v2alpha/wrapper.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/data/tap/v2alpha/http.proto"; import "envoy/data/tap/v2alpha/transport.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "WrapperProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap data wrappers] // Wrapper for all fully buffered and streamed tap traces that Envoy emits. This is required for // sending traces over gRPC APIs or more easily persisting binary messages to files. message TraceWrapper { oneof trace { option (validate.required) = true; // An HTTP buffered tap trace. HttpBufferedTrace http_buffered_trace = 1; // An HTTP streamed tap trace segment. HttpStreamedTraceSegment http_streamed_trace_segment = 2; // A socket buffered tap trace. SocketBufferedTrace socket_buffered_trace = 3; // A socket streamed tap trace segment. SocketStreamedTraceSegment socket_streamed_trace_segment = 4; } } ================================================ FILE: api/envoy/data/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/data/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap common data] // Wrapper for tapped body data. This includes HTTP request/response body, transport socket received // and transmitted data, etc. message Body { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.Body"; oneof body_type { // Body data as bytes. By default, tap body data will be present in this field, as the proto // `bytes` type can contain any valid byte. bytes as_bytes = 1; // Body data as string. This field is only used when the :ref:`JSON_BODY_AS_STRING // ` sink // format type is selected. See the documentation for that option for why this is useful. string as_string = 2; } // Specifies whether body data has been truncated to fit within the specified // :ref:`max_buffered_rx_bytes // ` and // :ref:`max_buffered_tx_bytes // ` settings. bool truncated = 3; } ================================================ FILE: api/envoy/data/tap/v3/http.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP tap data] // A fully buffered HTTP trace message. message HttpBufferedTrace { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpBufferedTrace"; // HTTP message wrapper. message Message { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpBufferedTrace.Message"; // Message headers. repeated config.core.v3.HeaderValue headers = 1; // Message body. Body body = 2; // Message trailers. repeated config.core.v3.HeaderValue trailers = 3; } // Request message. Message request = 1; // Response message. Message response = 2; } // A streamed HTTP trace segment. Multiple segments make up a full trace. // [#next-free-field: 8] message HttpStreamedTraceSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpStreamedTraceSegment"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. uint64 trace_id = 1; oneof message_piece { // Request headers. config.core.v3.HeaderMap request_headers = 2; // Request body chunk. Body request_body_chunk = 3; // Request trailers. config.core.v3.HeaderMap request_trailers = 4; // Response headers. config.core.v3.HeaderMap response_headers = 5; // Response body chunk. Body response_body_chunk = 6; // Response trailers. config.core.v3.HeaderMap response_trailers = 7; } } ================================================ FILE: api/envoy/data/tap/v3/transport.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/config/core/v3/address.proto"; import "envoy/data/tap/v3/common.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "TransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Transport tap data] // Trace format for the tap transport socket extension. This dumps plain text read/write // sequences on a socket. // Connection properties. message Connection { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.Connection"; // Local address. config.core.v3.Address local_address = 2; // Remote address. config.core.v3.Address remote_address = 3; } // Event in a socket trace. message SocketEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent"; // Data read by Envoy from the transport socket. message Read { // TODO(htuch): Half-close for reads. option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Read"; // Binary data read. Body data = 1; } // Data written by Envoy to the transport socket. message Write { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Write"; // Binary data written. Body data = 1; // Stream was half closed after this write. bool end_stream = 2; } // The connection was closed. message Closed { // TODO(mattklein123): Close event type. option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Closed"; } // Timestamp for event. google.protobuf.Timestamp timestamp = 1; // Read or write with content as bytes string. oneof event_selector { Read read = 2; Write write = 3; Closed closed = 4; } } // Sequence of read/write events that constitute a buffered trace on a socket. // [#next-free-field: 6] message SocketBufferedTrace { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketBufferedTrace"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; // Connection properties. Connection connection = 2; // Sequence of observed events. repeated SocketEvent events = 3; // Set to true if read events were truncated due to the :ref:`max_buffered_rx_bytes // ` setting. bool read_truncated = 4; // Set to true if write events were truncated due to the :ref:`max_buffered_tx_bytes // ` setting. bool write_truncated = 5; } // A streamed socket trace segment. Multiple segments make up a full trace. message SocketStreamedTraceSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketStreamedTraceSegment"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; oneof message_piece { // Connection properties. Connection connection = 2; // Socket event. SocketEvent event = 3; } } ================================================ FILE: api/envoy/data/tap/v3/wrapper.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/data/tap/v3/http.proto"; import "envoy/data/tap/v3/transport.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "WrapperProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap data wrappers] // Wrapper for all fully buffered and streamed tap traces that Envoy emits. This is required for // sending traces over gRPC APIs or more easily persisting binary messages to files. message TraceWrapper { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.TraceWrapper"; oneof trace { option (validate.required) = true; // An HTTP buffered tap trace. HttpBufferedTrace http_buffered_trace = 1; // An HTTP streamed tap trace segment. HttpStreamedTraceSegment http_streamed_trace_segment = 2; // A socket buffered tap trace. SocketBufferedTrace socket_buffered_trace = 3; // A socket streamed tap trace segment. SocketStreamedTraceSegment socket_streamed_trace_segment = 4; } } ================================================ FILE: api/envoy/extensions/access_loggers/file/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/access_loggers/file/v3/file.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.file.v3; import "envoy/config/core/v3/substitution_format_string.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.file.v3"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. // [#next-free-field: 6] message FileAccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.FileAccessLog"; // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_len: 1}]; oneof access_log_format { // Access log :ref:`format string`. // Envoy supports :ref:`custom access log formats ` as well as a // :ref:`default format `. // This field is deprecated. // Please use :ref:`log_format `. string format = 2 [deprecated = true]; // Access log :ref:`format dictionary`. All values // are rendered as strings. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct json_format = 3 [deprecated = true]; // Access log :ref:`format dictionary`. Values are // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the // documentation for a specific command operator for details. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct typed_json_format = 4 [deprecated = true]; // Configuration to form access log data and format. // If not specified, use :ref:`default format `. config.core.v3.SubstitutionFormatString log_format = 5 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/extensions/access_loggers/file/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/access_loggers/file/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/access_loggers/file/v4alpha/file.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.file.v4alpha; import "envoy/config/core/v4alpha/substitution_format_string.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.file.v4alpha"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. // [#next-free-field: 6] message FileAccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.access_loggers.file.v3.FileAccessLog"; reserved 2, 3, 4; reserved "format", "json_format", "typed_json_format"; // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_len: 1}]; oneof access_log_format { // Configuration to form access log data and format. // If not specified, use :ref:`default format `. config.core.v4alpha.SubstitutionFormatString log_format = 5 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/extensions/access_loggers/grpc/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/access_loggers/grpc/v3/als.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.grpc.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.grpc.v3"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Configuration for the built-in *envoy.access_loggers.http_grpc* // :ref:`AccessLog `. This configuration will // populate :ref:`StreamAccessLogsMessage.http_logs // `. // [#extension: envoy.access_loggers.http_grpc] message HttpGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.HttpGrpcAccessLogConfig"; CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; // Additional request headers to log in :ref:`HTTPRequestProperties.request_headers // `. repeated string additional_request_headers_to_log = 2; // Additional response headers to log in :ref:`HTTPResponseProperties.response_headers // `. repeated string additional_response_headers_to_log = 3; // Additional response trailers to log in :ref:`HTTPResponseProperties.response_trailers // `. repeated string additional_response_trailers_to_log = 4; } // Configuration for the built-in *envoy.access_loggers.tcp_grpc* type. This configuration will // populate *StreamAccessLogsMessage.tcp_logs*. // [#extension: envoy.access_loggers.tcp_grpc] message TcpGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.TcpGrpcAccessLogConfig"; CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; } // Common configuration for gRPC access logs. // [#next-free-field: 7] message CommonGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.CommonGrpcAccessLogConfig"; // The friendly name of the access log to be returned in :ref:`StreamAccessLogsMessage.Identifier // `. This allows the // access log server to differentiate between different access logs coming from the same Envoy. string log_name = 1 [(validate.rules).string = {min_len: 1}]; // The gRPC service for the access log service. config.core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // API version for access logs service transport protocol. This describes the access logs service // gRPC endpoint and version of messages used on the wire. config.core.v3.ApiVersion transport_api_version = 6 [(validate.rules).enum = {defined_only: true}]; // Interval for flushing access logs to the gRPC stream. Logger will flush requests every time // this interval is elapsed, or when batch size limit is hit, whichever comes first. Defaults to // 1 second. google.protobuf.Duration buffer_flush_interval = 3 [(validate.rules).duration = {gt {}}]; // Soft size limit in bytes for access log entries buffer. Logger will buffer requests until // this limit it hit, or every time flush interval is elapsed, whichever comes first. Setting it // to zero effectively disables the batching. Defaults to 16384. google.protobuf.UInt32Value buffer_size_bytes = 4; // Additional filter state objects to log in :ref:`filter_state_objects // `. // Logger will call `FilterState::Object::serializeAsProto` to serialize the filter state object. repeated string filter_state_objects_to_log = 5; } ================================================ FILE: api/envoy/extensions/access_loggers/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/access_loggers/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm access log] // [#extension: envoy.access_loggers.wasm] // Custom configuration for an :ref:`AccessLog ` // that calls into a WASM VM. Configures the built-in *envoy.access_loggers.wasm* // AccessLog. message WasmAccessLog { envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: api/envoy/extensions/clusters/aggregate/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/aggregate/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/clusters/aggregate/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.aggregate.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.aggregate.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Aggregate cluster configuration] // Configuration for the aggregate cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.aggregate] message ClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.aggregate.v2alpha.ClusterConfig"; // Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they // appear in this list. repeated string clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/extensions/clusters/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.dynamic_forward_proxy.v3; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.dynamic_forward_proxy.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy cluster configuration] // Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.dynamic_forward_proxy] message ClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig"; // The DNS cache configuration that the cluster will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy HTTP filter configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; // If true allow the cluster configuration to disable the auto_sni and auto_san_validation options // in the :ref:`cluster's upstream_http_protocol_options // ` bool allow_insecure_cluster_options = 2; } ================================================ FILE: api/envoy/extensions/clusters/redis/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/redis:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/clusters/redis/v3/redis_cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.redis.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.redis.v3"; option java_outer_classname = "RedisClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis Cluster Configuration] // This cluster adds support for `Redis Cluster `_, as part // of :ref:`Envoy's support for Redis Cluster `. // // Redis Cluster is an extension of Redis which supports sharding and high availability (where a // shard that loses its primary fails over to a replica, and designates it as the new primary). // However, as there is no unified frontend or proxy service in front of Redis Cluster, the client // (in this case Envoy) must locally maintain the state of the Redis Cluster, specifically the // topology. A random node in the cluster is queried for the topology using the `CLUSTER SLOTS // command `_. This result is then stored locally, and // updated at user-configured intervals. // // Additionally, if // :ref:`enable_redirection` // is true, then moved and ask redirection errors from upstream servers will trigger a topology // refresh when they exceed a user-configured error threshold. // // Example: // // .. code-block:: yaml // // name: name // connect_timeout: 0.25s // dns_lookup_family: V4_ONLY // hosts: // - socket_address: // address: foo.bar.com // port_value: 22120 // cluster_type: // name: envoy.clusters.redis // typed_config: // "@type": type.googleapis.com/google.protobuf.Struct // value: // cluster_refresh_rate: 30s // cluster_refresh_timeout: 0.5s // redirect_refresh_interval: 10s // redirect_refresh_threshold: 10 // [#extension: envoy.clusters.redis] // [#next-free-field: 7] message RedisClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.redis.RedisClusterConfig"; // Interval between successive topology refresh requests. If not set, this defaults to 5s. google.protobuf.Duration cluster_refresh_rate = 1 [(validate.rules).duration = {gt {}}]; // Timeout for topology refresh request. If not set, this defaults to 3s. google.protobuf.Duration cluster_refresh_timeout = 2 [(validate.rules).duration = {gt {}}]; // The minimum interval that must pass after triggering a topology refresh request before a new // request can possibly be triggered again. Any errors received during one of these // time intervals are ignored. If not set, this defaults to 5s. google.protobuf.Duration redirect_refresh_interval = 3; // The number of redirection errors that must be received before // triggering a topology refresh request. If not set, this defaults to 5. // If this is set to 0, topology refresh after redirect is disabled. google.protobuf.UInt32Value redirect_refresh_threshold = 4; // The number of failures that must be received before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to failure. uint32 failure_refresh_threshold = 5; // The number of hosts became degraded or unhealthy before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to degraded or // unhealthy host. uint32 host_degraded_refresh_threshold = 6; } ================================================ FILE: api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/v3:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto ================================================ syntax = "proto3"; package envoy.extensions.common.dynamic_forward_proxy.v3; import "envoy/config/cluster/v3/cluster.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.dynamic_forward_proxy.v3"; option java_outer_classname = "DnsCacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy common configuration] // Configuration of circuit breakers for resolver. message DnsCacheCircuitBreakers { // The maximum number of pending requests that Envoy will allow to the // resolver. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 1; } // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. // [#next-free-field: 9] message DnsCacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.dynamic_forward_proxy.v2alpha.DnsCacheConfig"; // The name of the cache. Multiple named caches allow independent dynamic forward proxy // configurations to operate within a single Envoy process using different configurations. All // configurations with the same name *must* otherwise have the same settings when referenced // from different configuration components. Configuration will fail to load if this is not // the case. string name = 1 [(validate.rules).string = {min_len: 1}]; // The DNS lookup family to use during resolution. // // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and // then configures a host to have a primary and fall back address. With this, we could very // likely build a "happy eyeballs" connection pool which would race the primary / fall back // address and return the one that wins. This same method could potentially also be used for // QUIC to TCP fall back.] config.cluster.v3.Cluster.DnsLookupFamily dns_lookup_family = 2 [(validate.rules).enum = {defined_only: true}]; // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. // // .. note: // // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be // added in a future change. // // .. note: // // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gte {nanos: 1000000}}]; // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // // .. note: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // // .. note: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // // .. note: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured // value depending on timing. This is similar to how other circuit breakers work. google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; // If the DNS failure refresh rate is specified, // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is // not specified, the failure refresh rate defaults to the dns_refresh_rate. config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6; // The config of circuit breakers for resolver. It provides a configurable threshold. // If `envoy.reloadable_features.enable_dns_cache_circuit_breakers` is enabled, // envoy will use dns cache circuit breakers with default settings even if this value is not set. DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 8; } ================================================ FILE: api/envoy/extensions/common/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/ratelimit:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/common/ratelimit/v3/ratelimit.proto ================================================ syntax = "proto3"; package envoy.extensions.common.ratelimit.v3; import "envoy/type/v3/ratelimit_unit.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.ratelimit.v3"; option java_outer_classname = "RatelimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common rate limit components] // A RateLimitDescriptor is a list of hierarchical entries that are used by the service to // determine the final rate limit key and overall allowed limit. Here are some examples of how // they might be used for the domain "envoy". // // .. code-block:: cpp // // ["authenticated": "false"], ["remote_address": "10.0.0.1"] // // What it does: Limits all unauthenticated traffic for the IP address 10.0.0.1. The // configuration supplies a default limit for the *remote_address* key. If there is a desire to // raise the limit for 10.0.0.1 or block it entirely it can be specified directly in the // configuration. // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"] // // What it does: Limits all unauthenticated traffic globally for a specific path (or prefix if // configured that way in the service). // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"], ["remote_address": "10.0.0.1"] // // What it does: Limits unauthenticated traffic to a specific path for a specific IP address. // Like (1) we can raise/block specific IP addresses if we want with an override configuration. // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"] // // What it does: Limits all traffic for an authenticated client "foo" // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"], ["path": "/foo/bar"] // // What it does: Limits traffic to a specific path for an authenticated client "foo" // // The idea behind the API is that (1)/(2)/(3) and (4)/(5) can be sent in 1 request if desired. // This enables building complex application scenarios with a generic backend. // // Optionally the descriptor can contain a limit override under a "limit" key, that specifies // the number of requests per unit to use instead of the number configured in the // rate limiting service. message RateLimitDescriptor { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ratelimit.RateLimitDescriptor"; message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ratelimit.RateLimitDescriptor.Entry"; // Descriptor key. string key = 1 [(validate.rules).string = {min_len: 1}]; // Descriptor value. string value = 2 [(validate.rules).string = {min_len: 1}]; } // Override rate limit to apply to this descriptor instead of the limit // configured in the rate limit service. See :ref:`rate limit override // ` for more information. message RateLimitOverride { // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. type.v3.RateLimitUnit unit = 2 [(validate.rules).enum = {defined_only: true}]; } // Descriptor entries. repeated Entry entries = 1 [(validate.rules).repeated = {min_items: 1}]; // Optional rate limit override to supply to the ratelimit service. RateLimitOverride limit = 2; } ================================================ FILE: api/envoy/extensions/common/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/common/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.extensions.common.tap.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/tap/v3/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.CommonExtensionConfig"; // [#not-implemented-hide:] message TapDSConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.CommonExtensionConfig.TapDSConfig"; // Configuration for the source of TapDS updates for this Cluster. config.core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // Tap config to request from XDS server. string name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for TAP. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator tap_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. config.tap.v3.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.AdminConfig"; // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: api/envoy/extensions/common/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/tap/v4alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/common/tap/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.extensions.common.tap.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/tap/v4alpha/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.tap.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.CommonExtensionConfig"; // [#not-implemented-hide:] message TapDSConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.CommonExtensionConfig.TapDSConfig"; // Configuration for the source of TapDS updates for this Cluster. config.core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; oneof name_specifier { // Tap config to request from XDS server. string name = 2; // Resource locator for TAP. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator tap_resource_locator = 3; } } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. config.tap.v4alpha.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.AdminConfig"; // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: api/envoy/extensions/compression/gzip/compressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/compression/gzip/compressor/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.compression.gzip.compressor.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.compression.gzip.compressor.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip Compressor] // [#extension: envoy.compression.gzip.compressor] // [#next-free-field: 6] message Gzip { // All the values of this enumeration translate directly to zlib's compression strategies. // For more information about each strategy, please refer to zlib manual. enum CompressionStrategy { DEFAULT_STRATEGY = 0; FILTERED = 1; HUFFMAN_ONLY = 2; RLE = 3; FIXED = 4; } enum CompressionLevel { option allow_alias = true; DEFAULT_COMPRESSION = 0; BEST_SPEED = 1; COMPRESSION_LEVEL_1 = 1; COMPRESSION_LEVEL_2 = 2; COMPRESSION_LEVEL_3 = 3; COMPRESSION_LEVEL_4 = 4; COMPRESSION_LEVEL_5 = 5; COMPRESSION_LEVEL_6 = 6; COMPRESSION_LEVEL_7 = 7; COMPRESSION_LEVEL_8 = 8; COMPRESSION_LEVEL_9 = 9; BEST_COMPRESSION = 9; } // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST_COMPRESSION" provides higher compression // at the cost of higher latency and is equal to "COMPRESSION_LEVEL_9". "BEST_SPEED" provides // lower compression with minimum impact on response time, the same as "COMPRESSION_LEVEL_1". // "DEFAULT_COMPRESSION" provides an optimal result between speed and compression. According // to zlib's manual this level gives the same result as "COMPRESSION_LEVEL_6". // This field will be set to "DEFAULT_COMPRESSION" if not specified. CompressionLevel compression_level = 2 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT_STRATEGY" will be the best choice, // which is also the default value for the parameter, though there are situations when // changing this parameter might produce better results. For example, run-length encoding (RLE) // is typically used when the content is known for having sequences which same data occurs many // consecutive times. For more information about each strategy, please refer to zlib manual. CompressionStrategy compression_strategy = 3 [(validate.rules).enum = {defined_only: true}]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 4 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Value for Zlib's next output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. Also see // https://github.com/envoyproxy/envoy/issues/8448 for context on this filter's performance. google.protobuf.UInt32Value chunk_size = 5 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; } ================================================ FILE: api/envoy/extensions/compression/gzip/decompressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.compression.gzip.decompressor.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.compression.gzip.decompressor.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip Decompressor] // [#extension: envoy.compression.gzip.decompressor] message Gzip { // Value from 9 to 15 that represents the base two logarithmic of the decompressor's window size. // The decompression window size needs to be equal or larger than the compression window size. // The default is 12 to match the default in the // :ref:`gzip compressor `. // For more details about this parameter, please refer to `zlib manual `_ > inflateInit2. google.protobuf.UInt32Value window_bits = 1 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Value for zlib's decompressor output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. google.protobuf.UInt32Value chunk_size = 2 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; } ================================================ FILE: api/envoy/extensions/filters/common/fault/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/common/fault/v3/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.common.fault.v3; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.common.fault.v3"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common fault injection types] // Delay specification is used to inject latency into the // HTTP/gRPC/Mongo/Redis operation or delay proxying of TCP connections. // [#next-free-field: 6] message FaultDelay { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultDelay"; enum FaultDelayType { // Unused and deprecated. FIXED = 0; } // Fault delays are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderDelay { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultDelay.HeaderDelay"; } reserved 2, 1; reserved "type"; oneof fault_delay_secifier { option (validate.required) = true; // Add a fixed delay before forwarding the operation upstream. See // https://developers.google.com/protocol-buffers/docs/proto3#json for // the JSON/YAML Duration mapping. For HTTP/Mongo/Redis, the specified // delay will be injected before a new request/operation. For TCP // connections, the proxying of the connection upstream will be delayed // for the specified period. This is required if type is FIXED. google.protobuf.Duration fixed_delay = 3 [(validate.rules).duration = {gt {}}]; // Fault delays are controlled via an HTTP header (if applicable). HeaderDelay header_delay = 5; } // The percentage of operations/connections/requests on which the delay will be injected. type.v3.FractionalPercent percentage = 4; } // Describes a rate limit to be applied. message FaultRateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit"; // Describes a fixed/constant rate limit. message FixedLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit.FixedLimit"; // The limit supplied in KiB/s. uint64 limit_kbps = 1 [(validate.rules).uint64 = {gte: 1}]; } // Rate limits are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit.HeaderLimit"; } oneof limit_type { option (validate.required) = true; // A fixed rate limit. FixedLimit fixed_limit = 1; // Rate limits are controlled via an HTTP header (if applicable). HeaderLimit header_limit = 3; } // The percentage of operations/connections/requests on which the rate limit will be injected. type.v3.FractionalPercent percentage = 2; } ================================================ FILE: api/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.adaptive_concurrency.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.adaptive_concurrency.v3"; option java_outer_classname = "AdaptiveConcurrencyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Adaptive Concurrency] // Adaptive Concurrency Control :ref:`configuration overview // `. // [#extension: envoy.filters.http.adaptive_concurrency] // Configuration parameters for the gradient controller. message GradientControllerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig"; // Parameters controlling the periodic recalculation of the concurrency limit from sampled request // latencies. message ConcurrencyLimitCalculationParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig." "ConcurrencyLimitCalculationParams"; // The allowed upper-bound on the calculated concurrency limit. Defaults to 1000. google.protobuf.UInt32Value max_concurrency_limit = 2 [(validate.rules).uint32 = {gt: 0}]; // The period of time samples are taken to recalculate the concurrency limit. google.protobuf.Duration concurrency_update_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } // Parameters controlling the periodic minRTT recalculation. // [#next-free-field: 6] message MinimumRTTCalculationParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig." "MinimumRTTCalculationParams"; // The time interval between recalculating the minimum request round-trip time. Has to be // positive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // The number of requests to aggregate/sample during the minRTT recalculation window before // updating. Defaults to 50. google.protobuf.UInt32Value request_count = 2 [(validate.rules).uint32 = {gt: 0}]; // Randomized time delta that will be introduced to the start of the minRTT calculation window. // This is represented as a percentage of the interval duration. Defaults to 15%. // // Example: If the interval is 10s and the jitter is 15%, the next window will begin // somewhere in the range (10s - 11.5s). type.v3.Percent jitter = 3; // The concurrency limit set while measuring the minRTT. Defaults to 3. google.protobuf.UInt32Value min_concurrency = 4 [(validate.rules).uint32 = {gt: 0}]; // Amount added to the measured minRTT to add stability to the concurrency limit during natural // variability in latency. This is expressed as a percentage of the measured value and can be // adjusted to allow more or less tolerance to the sampled latency values. // // Defaults to 25%. type.v3.Percent buffer = 5; } // The percentile to use when summarizing aggregated samples. Defaults to p50. type.v3.Percent sample_aggregate_percentile = 1; ConcurrencyLimitCalculationParams concurrency_limit_params = 2 [(validate.rules).message = {required: true}]; MinimumRTTCalculationParams min_rtt_calc_params = 3 [(validate.rules).message = {required: true}]; } message AdaptiveConcurrency { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.AdaptiveConcurrency"; oneof concurrency_controller_config { option (validate.required) = true; // Gradient concurrency control will be used. GradientControllerConfig gradient_controller_config = 1 [(validate.rules).message = {required: true}]; } // If set to false, the adaptive concurrency filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 2; } ================================================ FILE: api/envoy/extensions/filters/http/admission_control/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.admission_control.v3alpha; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/range.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "google/rpc/status.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.admission_control.v3alpha"; option java_outer_classname = "AdmissionControlProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Admission Control] // [#extension: envoy.filters.http.admission_control] // [#next-free-field: 6] message AdmissionControl { // Default method of specifying what constitutes a successful request. All status codes that // indicate a successful request must be explicitly specified if not relying on the default // values. message SuccessCriteria { message HttpCriteria { // Status code ranges that constitute a successful request. Configurable codes are in the // range [100, 600). repeated type.v3.Int32Range http_success_status = 1 [(validate.rules).repeated = {min_items: 1}]; } message GrpcCriteria { // Status codes that constitute a successful request. // Mappings can be found at: https://github.com/grpc/grpc/blob/master/doc/statuscodes.md. repeated uint32 grpc_success_status = 1 [(validate.rules).repeated = {min_items: 1}]; } // If HTTP criteria are unspecified, all HTTP status codes below 500 are treated as successful // responses. // // .. note:: // // The default HTTP codes considered successful by the admission controller are done so due // to the unlikelihood that sending fewer requests would change their behavior (for example: // redirects, unauthorized access, or bad requests won't be alleviated by sending less // traffic). HttpCriteria http_criteria = 1; // GRPC status codes to consider as request successes. If unspecified, defaults to: Ok, // Cancelled, Unknown, InvalidArgument, NotFound, AlreadyExists, Unauthenticated, // FailedPrecondition, OutOfRange, PermissionDenied, and Unimplemented. // // .. note:: // // The default gRPC codes that are considered successful by the admission controller are // chosen because of the unlikelihood that sending fewer requests will change the behavior. GrpcCriteria grpc_criteria = 2; } // If set to false, the admission control filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 1; // Defines how a request is considered a success/failure. oneof evaluation_criteria { option (validate.required) = true; SuccessCriteria success_criteria = 2; } // The sliding time window over which the success rate is calculated. The window is rounded to the // nearest second. Defaults to 30s. google.protobuf.Duration sampling_window = 3; // Rejection probability is defined by the formula:: // // max(0, (rq_count - rq_success_count / sr_threshold) / (rq_count + 1)) ^ (1 / aggression) // // The aggression dictates how heavily the admission controller will throttle requests upon SR // dropping at or below the threshold. A value of 1 will result in a linear increase in // rejection probability as SR drops. Any values less than 1.0, will be set to 1.0. If the // message is unspecified, the aggression is 1.0. See `the admission control documentation // `_ // for a diagram illustrating this. config.core.v3.RuntimeDouble aggression = 4; // Dictates the success rate at which the rejection probability is non-zero. As success rate drops // below this threshold, rejection probability will increase. Any success rate above the threshold // results in a rejection probability of 0. Defaults to 95%. config.core.v3.RuntimePercent sr_threshold = 5; } ================================================ FILE: api/envoy/extensions/filters/http/aws_lambda/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.aws_lambda.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.aws_lambda.v3"; option java_outer_classname = "AwsLambdaProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AWS Lambda] // AWS Lambda :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_lambda] // AWS Lambda filter config message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_lambda.v2alpha.Config"; enum InvocationMode { // This is the more common mode of invocation, in which Lambda responds after it has completed the function. In // this mode the output of the Lambda function becomes the response of the HTTP request. SYNCHRONOUS = 0; // In this mode Lambda responds immediately but continues to process the function asynchronously. This mode can be // used to signal events for example. In this mode, Lambda responds with an acknowledgment that it received the // call which is translated to an HTTP 200 OK by the filter. ASYNCHRONOUS = 1; } // The ARN of the AWS Lambda to invoke when the filter is engaged // Must be in the following format: // arn::lambda:::function: string arn = 1 [(validate.rules).string = {min_len: 1}]; // Whether to transform the request (headers and body) to a JSON payload or pass it as is. bool payload_passthrough = 2; // Determines the way to invoke the Lambda function. InvocationMode invocation_mode = 3 [(validate.rules).enum = {defined_only: true}]; } // Per-route configuration for AWS Lambda. This can be useful when invoking a different Lambda function or a different // version of the same Lambda depending on the route. message PerRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_lambda.v2alpha.PerRouteConfig"; Config invoke_config = 1; } ================================================ FILE: api/envoy/extensions/filters/http/aws_request_signing/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.aws_request_signing.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.aws_request_signing.v3"; option java_outer_classname = "AwsRequestSigningProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AwsRequestSigning] // AwsRequestSigning :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_request_signing] // Top level configuration for the AWS request signing filter. message AwsRequestSigning { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_request_signing.v2alpha.AwsRequestSigning"; // The `service namespace // `_ // of the HTTP endpoint. // // Example: s3 string service_name = 1 [(validate.rules).string = {min_len: 1}]; // The `region `_ hosting the HTTP // endpoint. // // Example: us-west-2 string region = 2 [(validate.rules).string = {min_len: 1}]; // Indicates that before signing headers, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both signing and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for signing whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 3; } ================================================ FILE: api/envoy/extensions/filters/http/buffer/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/buffer/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/buffer/v3/buffer.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.buffer.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.buffer.v3"; option java_outer_classname = "BufferProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Buffer] // Buffer :ref:`configuration overview `. // [#extension: envoy.filters.http.buffer] message Buffer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.buffer.v2.Buffer"; reserved 2; // The maximum request size that the filter will buffer before the connection // manager will stop buffering and return a 413 response. google.protobuf.UInt32Value max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}, (validate.rules).message = {required: true}]; } message BufferPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.buffer.v2.BufferPerRoute"; oneof override { option (validate.required) = true; // Disable the buffer filter for this particular vhost or route. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Override the global configuration of the filter with this new config. Buffer buffer = 2 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/extensions/filters/http/cache/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/cache/v3alpha/cache.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cache.v3alpha; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cache.v3alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cache.v2alpha.CacheConfig"; // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cache.v2alpha.CacheConfig.KeyCreatorParams"; // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated config.route.v3.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated config.route.v3.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.v3.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: api/envoy/extensions/filters/http/cache/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/cache/v4alpha/cache.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cache.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cache.v4alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.cache.v3alpha.CacheConfig"; // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.cache.v3alpha.CacheConfig.KeyCreatorParams"; // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated config.route.v4alpha.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated config.route.v4alpha.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.v4alpha.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: api/envoy/extensions/filters/http/cdn_loop/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cdn_loop.v3alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cdn_loop.v3alpha"; option java_outer_classname = "CdnLoopProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP CDN-Loop Filter] // [#extension: envoy.filters.http.cdn_loop] // CDN-Loop Header filter config. See the :ref:`configuration overview // ` for more information. message CdnLoopConfig { // The CDN identifier to use for loop checks and to append to the // CDN-Loop header. // // RFC 8586 calls this the cdn-id. The cdn-id can either be a // pseudonym or hostname the CDN is in control of. // // cdn_id must not be empty. string cdn_id = 1 [(validate.rules).string = {min_len: 1}]; // The maximum allowed count of cdn_id in the downstream CDN-Loop // request header. // // The default of 0 means a request can transit the CdnLoopFilter // once. A value of 1 means that a request can transit the // CdnLoopFilter twice and so on. uint32 max_allowed_occurrences = 2; } ================================================ FILE: api/envoy/extensions/filters/http/compressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/compressor/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/compressor/v3/compressor.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.compressor.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "google/protobuf/any.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v3"; option java_outer_classname = "CompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Compressor] // Compressor :ref:`configuration overview `. // [#extension: envoy.filters.http.compressor] // [#next-free-field: 7] message Compressor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.compressor.v2.Compressor"; // Minimum response length, in bytes, which will trigger compression. The default value is 30. google.protobuf.UInt32Value content_length = 1; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml" // and their synonyms. repeated string content_type = 2; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. bool disable_on_etag_header = 3; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // To avoid interfering with other compression filters in the same chain use this option in // the filter closest to the upstream. bool remove_accept_encoding_header = 4; // Runtime flag that controls whether the filter is enabled or not. If set to false, the // filter will operate as a pass-through filter. If not specified, defaults to enabled. config.core.v3.RuntimeFeatureFlag runtime_enabled = 5; // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. config.core.v3.TypedExtensionConfig compressor_library = 6; } ================================================ FILE: api/envoy/extensions/filters/http/cors/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/cors/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/cors/v3/cors.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cors.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cors.v3"; option java_outer_classname = "CorsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Cors] // CORS Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.cors] // Cors filter config. message Cors { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cors.v2.Cors"; } ================================================ FILE: api/envoy/extensions/filters/http/csrf/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/csrf/v3/csrf.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.csrf.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.csrf.v3"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.csrf.v2.CsrfPolicy"; // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. config.core.v3.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. config.core.v3.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.v3.StringMatcher additional_origins = 3; } ================================================ FILE: api/envoy/extensions/filters/http/csrf/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/csrf/v4alpha/csrf.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.csrf.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.csrf.v4alpha"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.csrf.v3.CsrfPolicy"; // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. config.core.v4alpha.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. config.core.v4alpha.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.v4alpha.StringMatcher additional_origins = 3; } ================================================ FILE: api/envoy/extensions/filters/http/decompressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/decompressor/v3/decompressor.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.decompressor.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "google/protobuf/any.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.decompressor.v3"; option java_outer_classname = "DecompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Decompressor] // [#extension: envoy.filters.http.decompressor] message Decompressor { // Common configuration for filter behavior on both the request and response direction. message CommonDirectionConfig { // Runtime flag that controls whether the filter is enabled for decompression or not. If set to false, the // filter will operate as a pass-through filter. If the message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 1; } // Configuration for filter behavior on the request direction. message RequestDirectionConfig { CommonDirectionConfig common_config = 1; // If set to true, and response decompression is enabled, the filter modifies the Accept-Encoding // request header by appending the decompressor_library's encoding. Defaults to true. google.protobuf.BoolValue advertise_accept_encoding = 2; } // Configuration for filter behavior on the response direction. message ResponseDirectionConfig { CommonDirectionConfig common_config = 1; } // A decompressor library to use for both request and response decompression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. config.core.v3.TypedExtensionConfig decompressor_library = 1 [(validate.rules).message = {required: true}]; // Configuration for request decompression. Decompression is enabled by default if left empty. RequestDirectionConfig request_direction_config = 2; // Configuration for response decompression. Decompression is enabled by default if left empty. ResponseDirectionConfig response_direction_config = 3; } ================================================ FILE: api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.dynamic_forward_proxy.v3; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamic_forward_proxy.v3"; option java_outer_classname = "DynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy] // Configuration for the dynamic forward proxy HTTP filter. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.filters.http.dynamic_forward_proxy] message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamic_forward_proxy.v2alpha.FilterConfig"; // The DNS cache configuration that the filter will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy cluster configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } // Per route Configuration for the dynamic forward proxy HTTP filter. message PerRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamic_forward_proxy.v2alpha.PerRouteConfig"; oneof host_rewrite_specifier { // Indicates that before DNS lookup, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite_literal = 1; // Indicates that before DNS lookup, the host header will be swapped with // the value of this header. If not set or empty, the original host header // value will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite header ` // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. string host_rewrite_header = 2; } } ================================================ FILE: api/envoy/extensions/filters/http/dynamo/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/dynamo/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/dynamo/v3/dynamo.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.dynamo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamo.v3"; option java_outer_classname = "DynamoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamo] // Dynamo :ref:`configuration overview `. // [#extension: envoy.filters.http.dynamo] // Dynamo filter config. message Dynamo { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamo.v2.Dynamo"; } ================================================ FILE: api/envoy/extensions/filters/http/ext_authz/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/ext_authz/v3/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ext_authz.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 15] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.ExtAuthz"; reserved 4; reserved "use_alpha"; // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). config.core.v3.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of messages used on the wire. config.core.v3.ApiVersion transport_api_version = 12 [(validate.rules).enum = {defined_only: true}]; // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.v3.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. config.core.v3.RuntimeFractionalPercent filter_enabled = 9; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v3.MetadataMatcher filter_enabled_metadata = 14; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. config.core.v3.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; // Optional additional prefix to use when emitting statistics. This allows to distinguish // emitted statistics between configured *ext_authz* filters in an HTTP filter chain. For example: // // .. code-block:: yaml // // http_filters: // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: waf # This emits ext_authz.waf.ok, ext_authz.waf.denied, etc. // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: blocker # This emits ext_authz.blocker.ok, ext_authz.blocker.denied, etc. // string stat_prefix = 13; } // Configuration for buffering the request data. message BufferSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.BufferSettings"; // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; // If true, the body sent to the external authorization service is set with raw bytes, it sets // the :ref:`raw_body` // field of HTTP request attribute context. Otherwise, :ref:` // body` will be filled // with UTF-8 string request body. bool pack_as_bytes = 3; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.HttpService"; reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. config.core.v3.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.AuthorizationRequest"; // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.v3.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated config.core.v3.HeaderValue headers_to_add = 2; } message AuthorizationResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.AuthorizationResponse"; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.v3.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that coexistent headers will be appended. type.matcher.v3.ListStringMatcher allowed_upstream_headers_to_append = 3; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.v3.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.ExtAuthzPerRoute"; oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. message CheckSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.CheckSettings"; // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // You can use this to provide extra context for the external authorization server on specific // virtual hosts/routes. For example, adding a context extension on the virtual host level can // give the ext-authz server information on what virtual host is used without needing to parse the // host header. If CheckSettings is specified in multiple per-filter-configs, they will be merged // in order, and the result will be used. // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; // When set to true, disable the configured :ref:`with_request_body // ` for a route. bool disable_request_body_buffering = 2; } ================================================ FILE: api/envoy/extensions/filters/http/ext_authz/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/ext_authz/v4alpha/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ext_authz.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ext_authz.v4alpha"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 15] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.ExtAuthz"; reserved 4; reserved "use_alpha"; // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). config.core.v4alpha.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of messages used on the wire. config.core.v4alpha.ApiVersion transport_api_version = 12 [(validate.rules).enum = {defined_only: true}]; // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.v3.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. config.core.v4alpha.RuntimeFractionalPercent filter_enabled = 9; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v4alpha.MetadataMatcher filter_enabled_metadata = 14; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. config.core.v4alpha.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; // Optional additional prefix to use when emitting statistics. This allows to distinguish // emitted statistics between configured *ext_authz* filters in an HTTP filter chain. For example: // // .. code-block:: yaml // // http_filters: // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: waf # This emits ext_authz.waf.ok, ext_authz.waf.denied, etc. // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: blocker # This emits ext_authz.blocker.ok, ext_authz.blocker.denied, etc. // string stat_prefix = 13; } // Configuration for buffering the request data. message BufferSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.BufferSettings"; // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; // If true, the body sent to the external authorization service is set with raw bytes, it sets // the :ref:`raw_body` // field of HTTP request attribute context. Otherwise, :ref:` // body` will be filled // with UTF-8 string request body. bool pack_as_bytes = 3; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.HttpService"; reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. config.core.v4alpha.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.AuthorizationRequest"; // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.v4alpha.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated config.core.v4alpha.HeaderValue headers_to_add = 2; } message AuthorizationResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.AuthorizationResponse"; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.v4alpha.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that coexistent headers will be appended. type.matcher.v4alpha.ListStringMatcher allowed_upstream_headers_to_append = 3; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.v4alpha.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute"; oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. message CheckSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.CheckSettings"; // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // You can use this to provide extra context for the external authorization server on specific // virtual hosts/routes. For example, adding a context extension on the virtual host level can // give the ext-authz server information on what virtual host is used without needing to parse the // host header. If CheckSettings is specified in multiple per-filter-configs, they will be merged // in order, and the result will be used. // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; // When set to true, disable the configured :ref:`with_request_body // ` for a route. bool disable_request_body_buffering = 2; } ================================================ FILE: api/envoy/extensions/filters/http/fault/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/fault/v3/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.fault.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.fault.v3"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] // [#next-free-field: 6] message FaultAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.FaultAbort"; // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.FaultAbort.HeaderAbort"; } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // gRPC status code to use to abort the gRPC request. uint32 grpc_status = 5; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.v3.FractionalPercent percentage = 3; } // [#next-free-field: 15] message HTTPFault { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.HTTPFault"; // If specified, the filter will inject delays based on the values in the // object. common.fault.v3.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated config.route.v3.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. common.fault.v3.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.grpc_status string abort_grpc_status_runtime = 14; } ================================================ FILE: api/envoy/extensions/filters/http/fault/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/extensions/filters/http/fault/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/fault/v4alpha/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.fault.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.fault.v4alpha"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] // [#next-free-field: 6] message FaultAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.FaultAbort"; // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.FaultAbort.HeaderAbort"; } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // gRPC status code to use to abort the gRPC request. uint32 grpc_status = 5; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.v3.FractionalPercent percentage = 3; } // [#next-free-field: 15] message HTTPFault { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.HTTPFault"; // If specified, the filter will inject delays based on the values in the // object. common.fault.v3.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. common.fault.v3.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.grpc_status string abort_grpc_status_runtime = 14; } ================================================ FILE: api/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/grpc_http1_bridge/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_http1_bridge.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_http1_bridge.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC HTTP/1.1 Bridge] // gRPC HTTP/1.1 Bridge Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_http1_bridge] // gRPC HTTP/1.1 Bridge filter config. message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_bridge.v2.Config"; } ================================================ FILE: api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC HTTP/1.1 Reverse Bridge] // gRPC HTTP/1.1 Reverse Bridge :ref:`configuration overview // `. // [#extension: envoy.filters.http.grpc_http1_reverse_bridge] // gRPC reverse bridge filter configuration message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1.FilterConfig"; // The content-type to pass to the upstream when the gRPC bridge filter is applied. // The filter will also validate that the upstream responds with the same content type. string content_type = 1 [(validate.rules).string = {min_len: 1}]; // If true, Envoy will assume that the upstream doesn't understand gRPC frames and // strip the gRPC frame from the request, and add it back in to the response. This will // hide the gRPC semantics from the upstream, allowing it to receive and respond with a // simple binary encoded protobuf. bool withhold_grpc_frames = 2; } // gRPC reverse bridge filter configuration per virtualhost/route/weighted-cluster level. message FilterConfigPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1.FilterConfigPerRoute"; // If true, disables gRPC reverse bridge filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1; } ================================================ FILE: api/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/transcoder/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_json_transcoder.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_json_transcoder.v3"; option java_outer_classname = "TranscoderProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC-JSON transcoder] // gRPC-JSON transcoder :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_json_transcoder] // [#next-free-field: 10] message GrpcJsonTranscoder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.transcoder.v2.GrpcJsonTranscoder"; message PrintOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.transcoder.v2.GrpcJsonTranscoder.PrintOptions"; // Whether to add spaces, line breaks and indentation to make the JSON // output easy to read. Defaults to false. bool add_whitespace = 1; // Whether to always print primitive fields. By default primitive // fields with default values will be omitted in JSON output. For // example, an int32 field set to 0 will be omitted. Setting this flag to // true will override the default behavior and print primitive fields // regardless of their values. Defaults to false. bool always_print_primitive_fields = 2; // Whether to always print enums as ints. By default they are rendered // as strings. Defaults to false. bool always_print_enums_as_ints = 3; // Whether to preserve proto field names. By default protobuf will // generate JSON field names using the ``json_name`` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. bool preserve_proto_field_names = 4; } oneof descriptor_set { option (validate.required) = true; // Supplies the filename of // :ref:`the proto descriptor set ` for the gRPC // services. string proto_descriptor = 1; // Supplies the binary content of // :ref:`the proto descriptor set ` for the gRPC // services. bytes proto_descriptor_bin = 4; } // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than // the service names specified here, but they won't be translated. repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; // Control options for response JSON. These options are passed directly to // `JsonPrintOptions `_. PrintOptions print_options = 3; // Whether to keep the incoming request route after the outgoing headers have been transformed to // the match the upstream gRPC service. Note: This means that routes for gRPC services that are // not transcoded cannot be used in combination with *match_incoming_request_route*. bool match_incoming_request_route = 5; // A list of query parameters to be ignored for transcoding method mapping. // By default, the transcoder filter will not transcode a request if there are any // unknown/invalid query parameters. // // Example : // // .. code-block:: proto // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) { // option (google.api.http) = { // get: "/shelves/{shelf}" // }; // } // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow // the same request to be mapped to ``GetShelf``. repeated string ignored_query_parameters = 6; // Whether to route methods without the ``google.api.http`` option. // // Example : // // .. code-block:: proto // // package bookstore; // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) {} // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. bool auto_mapping = 7; // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do // not know them beforehand. Otherwise use ``ignored_query_parameters``. // Defaults to false. bool ignore_unknown_query_parameters = 8; // Whether to convert gRPC status headers to JSON. // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` // from the ``grpc-status-details-bin`` header and use it as JSON body. // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and // ``grpc-message`` headers. // The error details types must be present in the ``proto_descriptor``. // // For example, if an upstream server replies with headers: // // .. code-block:: none // // grpc-status: 5 // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message // ``google.rpc.Status``. It will be transcoded into: // // .. code-block:: none // // HTTP/1.1 404 Not Found // content-type: application/json // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // // In order to transcode the message, the ``google.rpc.RequestInfo`` type from // the ``google/rpc/error_details.proto`` should be included in the configured // :ref:`proto descriptor set `. bool convert_grpc_status = 9; } ================================================ FILE: api/envoy/extensions/filters/http/grpc_stats/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/grpc_stats/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_stats.v3; import "envoy/config/core/v3/grpc_method_list.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_stats.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC statistics] gRPC statistics filter // :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_stats] // gRPC statistics filter configuration message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_stats.v2alpha.FilterConfig"; // If true, the filter maintains a filter state object with the request and response message // counts. bool emit_filter_state = 1; oneof per_method_stat_specifier { // If set, specifies an allowlist of service/methods that will have individual stats // emitted for them. Any call that does not match the allowlist will be counted // in a stat with no method specifier: `cluster..grpc.*`. config.core.v3.GrpcMethodList individual_method_stats_allowlist = 2; // If set to true, emit stats for all service/method names. // // If set to false, emit stats for all service/message types to the same stats without including // the service/method in the name, with prefix `cluster..grpc`. This can be useful if // service/method granularity is not needed, or if each cluster only receives a single method. // // .. attention:: // This option is only safe if all clients are trusted. If this option is enabled // with untrusted clients, the clients could cause unbounded growth in the number of stats in // Envoy, using unbounded memory and potentially slowing down stats pipelines. // // .. attention:: // If neither `individual_method_stats_allowlist` nor `stats_for_all_methods` is set, the // behavior will default to `stats_for_all_methods=true`. This default value is deprecated, // and in a future release, if neither field is set, it will default to // `stats_for_all_methods=false` in order to be safe by default. This behavior can be // controlled with runtime override // `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. google.protobuf.BoolValue stats_for_all_methods = 3; } // If true, the filter will gather a histogram for the request time of the upstream. // It works with :ref:`stats_for_all_methods // ` // and :ref:`individual_method_stats_allowlist // ` the same way // request_message_count and response_message_count works. bool enable_upstream_stats = 4; } // gRPC statistics filter state object in protobuf form. message FilterObject { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_stats.v2alpha.FilterObject"; // Count of request messages in the request stream. uint64 request_message_count = 1; // Count of response messages in the response stream. uint64 response_message_count = 2; } ================================================ FILE: api/envoy/extensions/filters/http/grpc_web/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_web/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/grpc_web/v3/grpc_web.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_web.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_web.v3"; option java_outer_classname = "GrpcWebProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Web] // gRPC Web :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_web] // gRPC Web filter config. message GrpcWeb { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_web.v2.GrpcWeb"; } ================================================ FILE: api/envoy/extensions/filters/http/gzip/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/gzip/v2:pkg", "//envoy/extensions/filters/http/compressor/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/gzip/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.gzip.v3; import "envoy/extensions/filters/http/compressor/v3/compressor.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.gzip.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip] // Gzip :ref:`configuration overview `. // [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.gzip.v2.Gzip"; enum CompressionStrategy { DEFAULT = 0; FILTERED = 1; HUFFMAN = 2; RLE = 3; } message CompressionLevel { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.gzip.v2.Gzip.CompressionLevel"; enum Enum { DEFAULT = 0; BEST = 1; SPEED = 2; } } reserved 2, 6, 7, 8; reserved "content_length", "content_type", "disable_on_etag_header", "remove_accept_encoding_header"; // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST" provides higher compression at the cost of // higher latency, "SPEED" provides lower compression with minimum impact on response time. // "DEFAULT" provides an optimal result between speed and compression. This field will be set to // "DEFAULT" if not specified. CompressionLevel.Enum compression_level = 3 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT" will be the best choice, though // there are situations which changing this parameter might produce better results. For example, // run-length encoding (RLE) is typically used when the content is known for having sequences // which same data occurs many consecutive times. For more information about each strategy, please // refer to zlib manual. CompressionStrategy compression_strategy = 4 [(validate.rules).enum = {defined_only: true}]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 9 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Set of configuration parameters common for all compression filters. If this field is set then // the fields `content_length`, `content_type`, `disable_on_etag_header` and // `remove_accept_encoding_header` are ignored. compressor.v3.Compressor compressor = 10; // Value for Zlib's next output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. Also see // https://github.com/envoyproxy/envoy/issues/8448 for context on this filter's performance. google.protobuf.UInt32Value chunk_size = 11 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; } ================================================ FILE: api/envoy/extensions/filters/http/header_to_metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.header_to_metadata.v3; import "envoy/type/matcher/v3/regex.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.header_to_metadata.v3"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config"; enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 7] message KeyValuePair { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config.KeyValuePair"; // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; // The value to pair with the given key. // // When used for a // :ref:`on_header_present ` // case, if value is non-empty it'll be used instead of the header value. If both are empty, no metadata is added. // // When used for a :ref:`on_header_missing ` // case, a non-empty value must be provided otherwise no metadata is added. string value = 3 [(udpa.annotations.field_migrate).oneof_promotion = "value_type"]; // If present, the header's value will be matched and substituted with this. If there is no match or substitution, the header value // is used as-is. // // This is only used for :ref:`on_header_present `. // // Note: if the `value` field is non-empty this field should be empty. type.matcher.v3.RegexMatchAndSubstitute regex_value_rewrite = 6 [(udpa.annotations.field_migrate).oneof_promotion = "value_type"]; // The value's type — defaults to string. ValueType type = 4 [(validate.rules).enum = {defined_only: true}]; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. // [#next-free-field: 6] message Rule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config.Rule"; // Specifies that a match will be performed on the value of a header or a cookie. // // The header to be extracted. string header = 1 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).oneof_promotion = "header_cookie_specifier" ]; // The cookie to be extracted. string cookie = 5 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).oneof_promotion = "header_cookie_specifier" ]; // If the header or cookie is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header or cookie value. KeyValuePair on_header_present = 2 [(udpa.annotations.field_migrate).rename = "on_present"]; // If the header or cookie is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header or cookie value. KeyValuePair on_header_missing = 3 [(udpa.annotations.field_migrate).rename = "on_missing"]; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. // This field is not supported in case of a cookie. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: api/envoy/extensions/filters/http/header_to_metadata/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/filters/http/header_to_metadata/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/header_to_metadata/v4alpha/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.header_to_metadata.v4alpha; import "envoy/type/matcher/v4alpha/regex.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.header_to_metadata.v4alpha"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config"; enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 7] message KeyValuePair { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config.KeyValuePair"; // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; oneof value_type { // The value to pair with the given key. // // When used for a // :ref:`on_header_present ` // case, if value is non-empty it'll be used instead of the header value. If both are empty, no metadata is added. // // When used for a :ref:`on_header_missing ` // case, a non-empty value must be provided otherwise no metadata is added. string value = 3; // If present, the header's value will be matched and substituted with this. If there is no match or substitution, the header value // is used as-is. // // This is only used for :ref:`on_header_present `. // // Note: if the `value` field is non-empty this field should be empty. type.matcher.v4alpha.RegexMatchAndSubstitute regex_value_rewrite = 6; } // The value's type — defaults to string. ValueType type = 4 [(validate.rules).enum = {defined_only: true}]; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. // [#next-free-field: 6] message Rule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config.Rule"; oneof header_cookie_specifier { // Specifies that a match will be performed on the value of a header or a cookie. // // The header to be extracted. string header = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // The cookie to be extracted. string cookie = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; } // If the header or cookie is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header or cookie value. KeyValuePair on_present = 2; // If the header or cookie is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header or cookie value. KeyValuePair on_missing = 3; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. // This field is not supported in case of a cookie. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: api/envoy/extensions/filters/http/health_check/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/health_check/v3/health_check.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.health_check.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.health_check.v3"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.health_check.v2.HealthCheck"; reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated config.route.v3.HeaderMatcher headers = 5; } ================================================ FILE: api/envoy/extensions/filters/http/health_check/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/health_check/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/health_check/v4alpha/health_check.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.health_check.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.health_check.v4alpha"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.health_check.v3.HealthCheck"; reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated config.route.v4alpha.HeaderMatcher headers = 5; } ================================================ FILE: api/envoy/extensions/filters/http/ip_tagging/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ip_tagging.v3; import "envoy/config/core/v3/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ip_tagging.v3"; option java_outer_classname = "IpTaggingProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: IP tagging] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.ip_tagging] message IPTagging { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ip_tagging.v2.IPTagging"; // The type of requests the filter should apply to. The supported types // are internal, external or both. The // :ref:`x-forwarded-for` header is // used to determine if a request is internal and will result in // :ref:`x-envoy-internal` // being set. The filter defaults to both, and it will apply to all request types. enum RequestType { // Both external and internal requests will be tagged. This is the default value. BOTH = 0; // Only internal requests will be tagged. INTERNAL = 1; // Only external requests will be tagged. EXTERNAL = 2; } // Supplies the IP tag name and the IP address subnets. message IPTag { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ip_tagging.v2.IPTagging.IPTag"; // Specifies the IP tag name to apply. string ip_tag_name = 1; // A list of IP address subnets that will be tagged with // ip_tag_name. Both IPv4 and IPv6 are supported. repeated config.core.v3.CidrRange ip_list = 2; } // The type of request the filter should apply to. RequestType request_type = 1 [(validate.rules).enum = {defined_only: true}]; // [#comment:TODO(ccaraman): Extend functionality to load IP tags from file system. // Tracked by issue https://github.com/envoyproxy/envoy/issues/2695] // The set of IP tags for the filter. repeated IPTag ip_tags = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/extensions/filters/http/jwt_authn/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/jwt_authn/v3/README.md ================================================ # JWT Authentication HTTP filter config ## Overview 1. The proto file in this folder defines an HTTP filter config for "jwt_authn" filter. 2. This filter will verify the JWT in the HTTP request as: - The signature should be valid - JWT should not be expired - Issuer and audiences are valid and specified in the filter config. 3. [JWK](https://tools.ietf.org/html/rfc7517#appendix-A) is needed to verify JWT signature. It can be fetched from a remote server or read from a local file. If the JWKS is fetched remotely, it will be cached by the filter. 3. If a JWT is valid, the user is authenticated and the request will be forwarded to the backend server. If a JWT is not valid, the request will be rejected with an error message. ## The locations to extract JWT JWT will be extracted from the HTTP headers or query parameters. The default location is the HTTP header: ``` Authorization: Bearer ``` The next default location is in the query parameter as: ``` ?access_token= ``` If a custom location is desired, `from_headers` or `from_params` can be used to specify custom locations to extract JWT. ## HTTP header to pass successfully verified JWT If a JWT is valid, its payload will be passed to the backend in a new HTTP header specified in `forward_payload_header` field. Its value is base64url-encoded JWT payload in JSON. ## Further header options In addition to the `name` field, which specifies the HTTP header name, the `from_headers` section can specify an optional `value_prefix` value, as in: ```yaml from_headers: - name: bespoke value_prefix: jwt_value ``` The above will cause the jwt_authn filter to look for the JWT in the `bespoke` header, following the tag `jwt_value`. Any non-JWT characters (i.e., anything _other than_ alphanumerics, `_`, `-`, and `.`) will be skipped, and all following, contiguous, JWT-legal chars will be taken as the JWT. This means all of the following will return a JWT of `eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk`: ```text bespoke: jwt_value=eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk bespoke: {"jwt_value": "eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk"} bespoke: beta:true,jwt_value:"eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk",trace=1234 ``` The header `name` may be `Authorization`. The `value_prefix` must match exactly, i.e., case-sensitively. If the `value_prefix` is not found, the header is skipped: not considered as a source for a JWT token. If there are no JWT-legal characters after the `value_prefix`, the entire string after it is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. ================================================ FILE: api/envoy/extensions/filters/http/jwt_authn/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.jwt_authn.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtProvider"; // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_len: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // config.core.v3.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.RemoteJwks"; // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // config.core.v3.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtHeader"; // The HTTP header name. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Specify a required provider with audiences. message ProviderWithAudiences { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.ProviderWithAudiences"; // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirement"; oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirementOrList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirementAndList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.RequirementRule"; // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // config.route.v3.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.FilterStateRule"; // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_len: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtAuthentication"; // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: api/envoy/extensions/filters/http/jwt_authn/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/jwt_authn/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.jwt_authn.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v4alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtProvider"; // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_len: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // config.core.v4alpha.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks"; // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // config.core.v4alpha.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtHeader"; // The HTTP header name. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Specify a required provider with audiences. message ProviderWithAudiences { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.ProviderWithAudiences"; // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement"; oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementOrList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementAndList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.RequirementRule"; // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // config.route.v4alpha.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.FilterStateRule"; // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_len: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication"; // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: api/envoy/extensions/filters/http/local_ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.local_ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/type/v3/token_bucket.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.local_ratelimit.v3"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Local Rate limit] // Local Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.local_ratelimit] // [#next-free-field: 7] message LocalRateLimit { // The human readable prefix to use when emitting stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // This field allows for a custom HTTP response status code to the downstream client when // the request has been rate limited. // Defaults to 429 (TooManyRequests). // // .. note:: // If this is set to < 400, 429 will be used instead. type.v3.HttpStatus status = 2; // The token bucket configuration to use for rate limiting requests that are processed by this // filter. Each request processed by the filter consumes a single token. If the token is available, // the request will be allowed. If no tokens are available, the request will receive the configured // rate limit status. // // .. note:: // It's fine for the token bucket to be unset for the global configuration since the rate limit // can be applied at a the virtual host or route level. Thus, the token bucket must be set // for the per route configuration otherwise the config will be rejected. // // .. note:: // When using per route configuration, the bucket becomes unique to that route. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.v3.TokenBucket token_bucket = 3; // If set, this will enable -- but not necessarily enforce -- the rate limit for the given // fraction of requests. // Defaults to 0% of requests for safety. config.core.v3.RuntimeFractionalPercent filter_enabled = 4; // If set, this will enforce the rate limit decisions for the given fraction of requests. // // Note: this only applies to the fraction of enabled requests. // // Defaults to 0% of requests for safety. config.core.v3.RuntimeFractionalPercent filter_enforced = 5; // Specifies a list of HTTP headers that should be added to each response for requests that // have been rate limited. repeated config.core.v3.HeaderValueOption response_headers_to_add = 6 [(validate.rules).repeated = {max_items: 10}]; } ================================================ FILE: api/envoy/extensions/filters/http/lua/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/lua/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/lua/v3/lua.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.lua.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.lua.v3"; option java_outer_classname = "LuaProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Lua] // Lua :ref:`configuration overview `. // [#extension: envoy.filters.http.lua] message Lua { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.lua.v2.Lua"; // The Lua code that Envoy will execute. This can be a very small script that // further loads code from disk if desired. Note that if JSON configuration is used, the code must // be properly escaped. YAML configuration may be easier to read since YAML supports multi-line // strings so complex scripts can be easily expressed inline in the configuration. string inline_code = 1 [(validate.rules).string = {min_len: 1}]; // Map of named Lua source codes that can be referenced in :ref:`LuaPerRoute // `. The Lua source codes can be // loaded from inline string or local files. // // Example: // // .. code-block:: yaml // // source_codes: // hello.lua: // inline_string: | // function envoy_on_response(response_handle) // -- Do something. // end // world.lua: // filename: /etc/lua/world.lua // map source_codes = 2; } message LuaPerRoute { oneof override { option (validate.required) = true; // Disable the Lua filter for this particular vhost or route. If disabled is specified in // multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // A name of a Lua source code stored in // :ref:`Lua.source_codes `. string name = 2 [(validate.rules).string = {min_len: 1}]; // A configured per-route Lua source code that can be served by RDS or provided inline. config.core.v3.DataSource source_code = 3; } } ================================================ FILE: api/envoy/extensions/filters/http/oauth2/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/oauth2/v3alpha/oauth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.oauth2.v3alpha; import "envoy/config/core/v3/http_uri.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "envoy/type/matcher/v3/path.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.oauth2.v3alpha"; option java_outer_classname = "OauthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OAuth] // OAuth :ref:`configuration overview `. // [#extension: envoy.filters.http.oauth2] // message OAuth2Credentials { // The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server. string client_id = 1 [(validate.rules).string = {min_len: 1}]; // The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server. transport_sockets.tls.v3.SdsSecretConfig token_secret = 2 [(validate.rules).message = {required: true}]; // Configures how the secret token should be created. oneof token_formation { option (validate.required) = true; // If present, the secret token will be a HMAC using the provided secret. transport_sockets.tls.v3.SdsSecretConfig hmac_secret = 3 [(validate.rules).message = {required: true}]; } } // OAuth config // // [#next-free-field: 9] message OAuth2Config { // Endpoint on the authorization server to retrieve the access token from. config.core.v3.HttpUri token_endpoint = 1; // The endpoint redirect to for authorization in response to unauthorized requests. string authorization_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Credentials used for OAuth. OAuth2Credentials credentials = 3 [(validate.rules).message = {required: true}]; // The redirect URI passed to the authorization endpoint. Supports header formatting // tokens. For more information, including details on header value syntax, see the // documentation on :ref:`custom request headers `. // // This URI should not contain any query parameters. string redirect_uri = 4 [(validate.rules).string = {min_len: 1}]; // Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server. type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(validate.rules).message = {required: true}]; // The path to sign a user out, clearing their credential cookies. type.matcher.v3.PathMatcher signout_path = 6 [(validate.rules).message = {required: true}]; // Forward the OAuth token as a Bearer to upstream web service. bool forward_bearer_token = 7; // Any request that matches any of the provided matchers will be passed through without OAuth validation. repeated config.route.v3.HeaderMatcher pass_through_matcher = 8; } // Filter config. message OAuth2 { // Leave this empty to disable OAuth2 for a specific route, using per filter config. OAuth2Config config = 1; } ================================================ FILE: api/envoy/extensions/filters/http/oauth2/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/oauth2/v3alpha:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/oauth2/v4alpha/oauth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.oauth2.v4alpha; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "envoy/type/matcher/v4alpha/path.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.oauth2.v4alpha"; option java_outer_classname = "OauthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: OAuth] // OAuth :ref:`configuration overview `. // [#extension: envoy.filters.http.oauth2] // message OAuth2Credentials { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2Credentials"; // The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server. string client_id = 1 [(validate.rules).string = {min_len: 1}]; // The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server. transport_sockets.tls.v4alpha.SdsSecretConfig token_secret = 2 [(validate.rules).message = {required: true}]; // Configures how the secret token should be created. oneof token_formation { option (validate.required) = true; // If present, the secret token will be a HMAC using the provided secret. transport_sockets.tls.v4alpha.SdsSecretConfig hmac_secret = 3 [(validate.rules).message = {required: true}]; } } // OAuth config // // [#next-free-field: 9] message OAuth2Config { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2Config"; // Endpoint on the authorization server to retrieve the access token from. config.core.v4alpha.HttpUri token_endpoint = 1; // The endpoint redirect to for authorization in response to unauthorized requests. string authorization_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Credentials used for OAuth. OAuth2Credentials credentials = 3 [(validate.rules).message = {required: true}]; // The redirect URI passed to the authorization endpoint. Supports header formatting // tokens. For more information, including details on header value syntax, see the // documentation on :ref:`custom request headers `. // // This URI should not contain any query parameters. string redirect_uri = 4 [(validate.rules).string = {min_len: 1}]; // Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server. type.matcher.v4alpha.PathMatcher redirect_path_matcher = 5 [(validate.rules).message = {required: true}]; // The path to sign a user out, clearing their credential cookies. type.matcher.v4alpha.PathMatcher signout_path = 6 [(validate.rules).message = {required: true}]; // Forward the OAuth token as a Bearer to upstream web service. bool forward_bearer_token = 7; // Any request that matches any of the provided matchers will be passed through without OAuth validation. repeated config.route.v4alpha.HeaderMatcher pass_through_matcher = 8; } // Filter config. message OAuth2 { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2"; // Leave this empty to disable OAuth2 for a specific route, using per filter config. OAuth2Config config = 1; } ================================================ FILE: api/envoy/extensions/filters/http/on_demand/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/on_demand/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/on_demand/v3/on_demand.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.on_demand.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.on_demand.v3"; option java_outer_classname = "OnDemandProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OnDemand] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.on_demand] message OnDemand { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.on_demand.v2.OnDemand"; } ================================================ FILE: api/envoy/extensions/filters/http/original_src/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/original_src/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/original_src/v3/original_src.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.original_src.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.original_src.v3"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // The Original Src filter binds upstream connections to the original source address determined // for the request. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. // [#extension: envoy.filters.http.original_src] message OriginalSrc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.original_src.v2alpha1.OriginalSrc"; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 1; } ================================================ FILE: api/envoy/extensions/filters/http/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.ratelimit] // [#next-free-field: 9] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rate_limit.v2.RateLimit"; // Defines the version of the standard to use for X-RateLimit headers. enum XRateLimitHeadersRFCVersion { // X-RateLimit headers disabled. OFF = 0; // Use `draft RFC Version 03 `_. DRAFT_VERSION_03 = 1; } // The rate limit domain to use when calling the rate limit service. string domain = 1 [(validate.rules).string = {min_len: 1}]; // Specifies the rate limit configurations to be applied with the same // stage number. If not set, the default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The type of requests the filter should apply to. The supported // types are *internal*, *external* or *both*. A request is considered internal if // :ref:`x-envoy-internal` is set to true. If // :ref:`x-envoy-internal` is not set or false, a // request is considered external. The filter defaults to *both*, and it will apply to all request // types. string request_type = 3 [(validate.rules).string = {in: "internal" in: "external" in: "both" in: ""}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Specifies whether a `RESOURCE_EXHAUSTED` gRPC code must be returned instead // of the default `UNAVAILABLE` gRPC code for a rate limited gRPC call. The // HTTP code will be 200 for a gRPC response. bool rate_limited_as_resource_exhausted = 6; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 7 [(validate.rules).message = {required: true}]; // Defines the standard version to use for X-RateLimit headers emitted by the filter: // // * ``X-RateLimit-Limit`` - indicates the request-quota associated to the // client in the current time-window followed by the description of the // quota policy. The values are returned by the rate limiting service in // :ref:`current_limit` // field. Example: `10, 10;w=1;name="per-ip", 1000;w=3600`. // * ``X-RateLimit-Remaining`` - indicates the remaining requests in the // current time-window. The values are returned by the rate limiting service // in :ref:`limit_remaining` // field. // * ``X-RateLimit-Reset`` - indicates the number of seconds until reset of // the current time-window. The values are returned by the rate limiting service // in :ref:`duration_until_reset` // field. // // In case rate limiting policy specifies more then one time window, the values // above represent the window that is closest to reaching its limit. // // For more information about the headers specification see selected version of // the `draft RFC `_. // // Disabled by default. XRateLimitHeadersRFCVersion enable_x_ratelimit_headers = 8 [(validate.rules).enum = {defined_only: true}]; } message RateLimitPerRoute { enum VhRateLimitsOptions { // Use the virtual host rate limits unless the route has a rate limit policy. OVERRIDE = 0; // Use the virtual host rate limits even if the route has a rate limit policy. INCLUDE = 1; // Ignore the virtual host rate limits even if the route does not have a rate limit policy. IGNORE = 2; } // Specifies if the rate limit filter should include the virtual host rate limits. VhRateLimitsOptions vh_rate_limits = 1 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/extensions/filters/http/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.rbac.v3; import "envoy/config/rbac/v3/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rbac.v2.RBAC"; // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v3.RBAC shadow_rules = 2; } message RBACPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rbac.v2.RBACPerRoute"; reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: api/envoy/extensions/filters/http/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v4alpha:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.rbac.v4alpha; import "envoy/config/rbac/v4alpha/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.rbac.v3.RBAC"; // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v4alpha.RBAC shadow_rules = 2; } message RBACPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.rbac.v3.RBACPerRoute"; reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: api/envoy/extensions/filters/http/router/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/filter/http/router/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/router/v3/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.router.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.router.v3"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.router.v2.Router"; // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated config.accesslog.v3.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: api/envoy/extensions/filters/http/router/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/extensions/filters/http/router/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/router/v4alpha/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.router.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.router.v4alpha"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.router.v3.Router"; // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated config.accesslog.v4alpha.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: api/envoy/extensions/filters/http/squash/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/squash/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/squash/v3/squash.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.squash.v3; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.squash.v3"; option java_outer_classname = "SquashProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Squash] // Squash :ref:`configuration overview `. // [#extension: envoy.filters.http.squash] // [#next-free-field: 6] message Squash { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.squash.v2.Squash"; // The name of the cluster that hosts the Squash server. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // When the filter requests the Squash server to create a DebugAttachment, it will use this // structure as template for the body of the request. It can contain reference to environment // variables in the form of '{{ ENV_VAR_NAME }}'. These can be used to provide the Squash server // with more information to find the process to attach the debugger to. For example, in a // Istio/k8s environment, this will contain information on the pod: // // .. code-block:: json // // { // "spec": { // "attachment": { // "pod": "{{ POD_NAME }}", // "namespace": "{{ POD_NAMESPACE }}" // }, // "match_request": true // } // } // // (where POD_NAME, POD_NAMESPACE are configured in the pod via the Downward API) google.protobuf.Struct attachment_template = 2; // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. google.protobuf.Duration request_timeout = 3; // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 // seconds. google.protobuf.Duration attachment_timeout = 4; // Amount of time to poll for the status of the attachment object in the Squash server // (to check if has been attached). Defaults to 1 second. google.protobuf.Duration attachment_poll_period = 5; } ================================================ FILE: api/envoy/extensions/filters/http/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.tap.v3; import "envoy/extensions/common/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.tap.v2alpha.Tap"; // Common configuration for the HTTP tap filter. common.tap.v3.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/filters/http/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/common/tap/v4alpha:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.tap.v4alpha; import "envoy/extensions/common/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.tap.v3.Tap"; // Common configuration for the HTTP tap filter. common.tap.v4alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/filters/http/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/http/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.filters.http.wasm] // Wasm :ref:`configuration overview `. message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: api/envoy/extensions/filters/listener/http_inspector/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/http_inspector/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/listener/http_inspector/v3/http_inspector.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.http_inspector.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.http_inspector.v3"; option java_outer_classname = "HttpInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Inspector Filter] // Detect whether the application protocol is HTTP. // [#extension: envoy.filters.listener.http_inspector] message HttpInspector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.http_inspector.v2.HttpInspector"; } ================================================ FILE: api/envoy/extensions/filters/listener/original_dst/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/original_dst/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/listener/original_dst/v3/original_dst.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.original_dst.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.original_dst.v3"; option java_outer_classname = "OriginalDstProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Dst Filter] // Use the Original destination address on downstream connections. // [#extension: envoy.filters.listener.original_dst] message OriginalDst { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.original_dst.v2.OriginalDst"; } ================================================ FILE: api/envoy/extensions/filters/listener/original_src/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/original_src/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/listener/original_src/v3/original_src.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.original_src.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.original_src.v3"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // [#extension: envoy.filters.listener.original_src] // The Original Src filter binds upstream connections to the original source address determined // for the connection. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. message OriginalSrc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.original_src.v2alpha1.OriginalSrc"; // Whether to bind the port to the one used in the original downstream connection. // [#not-implemented-hide:] bool bind_port = 1; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 2; } ================================================ FILE: api/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/proxy_protocol/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.proxy_protocol.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.proxy_protocol.v3"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Proxy Protocol Filter] // PROXY protocol listener filter. // [#extension: envoy.filters.listener.proxy_protocol] message ProxyProtocol { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.proxy_protocol.v2.ProxyProtocol"; message KeyValuePair { // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; } // A Rule defines what metadata to apply when a header is present or missing. message Rule { // The type that triggers the rule - required // TLV type is defined as uint8_t in proxy protocol. See `the spec // `_ for details. uint32 tlv_type = 1 [(validate.rules).uint32 = {lt: 256}]; // If the TLV type is present, apply this metadata KeyValuePair. KeyValuePair on_tlv_present = 2; } // The list of rules to apply to requests. repeated Rule rules = 1; } ================================================ FILE: api/envoy/extensions/filters/listener/tls_inspector/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/tls_inspector/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.tls_inspector.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.tls_inspector.v3"; option java_outer_classname = "TlsInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TLS Inspector Filter] // Allows detecting whether the transport appears to be TLS or plaintext. // [#extension: envoy.filters.listener.tls_inspector] message TlsInspector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.tls_inspector.v2.TlsInspector"; } ================================================ FILE: api/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.client_ssl_auth.v3; import "envoy/config/core/v3/address.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.client_ssl_auth.v3"; option java_outer_classname = "ClientSslAuthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Client TLS authentication] // Client TLS authentication // :ref:`configuration overview `. // [#extension: envoy.filters.network.client_ssl_auth] message ClientSSLAuth { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.client_ssl_auth.v2.ClientSSLAuth"; // The :ref:`cluster manager ` cluster that runs // the authentication service. The filter will connect to the service every 60s to fetch the list // of principals. The service must support the expected :ref:`REST API // `. string auth_api_cluster = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; // Time in milliseconds between principal refreshes from the // authentication service. Default is 60000 (60s). The actual fetch time // will be this value plus a random jittered value between // 0-refresh_delay_ms milliseconds. google.protobuf.Duration refresh_delay = 3; // An optional list of IP address and subnet masks that should be white // listed for access by the filter. If no list is provided, there is no // IP allowlist. repeated config.core.v3.CidrRange ip_white_list = 4 [(udpa.annotations.field_migrate).rename = "ip_allowlist"]; } ================================================ FILE: api/envoy/extensions/filters/network/direct_response/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/direct_response/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/direct_response/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.direct_response.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.direct_response.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Direct response] // Direct response :ref:`configuration overview `. // [#extension: envoy.filters.network.direct_response] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.direct_response.v2.Config"; // Response data as a data source. config.core.v3.DataSource response = 1; } ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/router/v3/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.router.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.router.v3"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Dubbo router :ref:`configuration overview `. message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.dubbo.router.v2alpha1.Router"; } ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v3/README.md ================================================ Protocol buffer definitions for the Dubbo proxy. ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v3; import "envoy/extensions/filters/network/dubbo_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v3"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.DubboProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.DubboFilter"; // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteMatch"; // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v3.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. config.route.v3.WeightedCluster weighted_clusters = 2; } } message MethodMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.MethodMatch"; // The parameter matching type. message ParameterMatchSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.MethodMatch.ParameterMatchSpecifier"; oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.v3.Int64Range range_match = 4; } } // The name of the method. type.matcher.v3.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v4alpha/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v4alpha; import "envoy/extensions/filters/network/dubbo_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v4alpha"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.DubboProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.DubboFilter"; // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: api/envoy/extensions/filters/network/dubbo_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteMatch"; // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. config.route.v4alpha.WeightedCluster weighted_clusters = 2; } } message MethodMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.MethodMatch"; // The parameter matching type. message ParameterMatchSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.MethodMatch.ParameterMatchSpecifier"; oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.v3.Int64Range range_match = 4; } } // The name of the method. type.matcher.v4alpha.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: api/envoy/extensions/filters/network/echo/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/echo/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/echo/v3/echo.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.echo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.echo.v3"; option java_outer_classname = "EchoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Echo] // Echo :ref:`configuration overview `. // [#extension: envoy.filters.network.echo] message Echo { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.echo.v2.Echo"; } ================================================ FILE: api/envoy/extensions/filters/network/ext_authz/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/ext_authz/v3/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ext_authz.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ext_authz.v3"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. // [#next-free-field: 7] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.ext_authz.v2.ExtAuthz"; // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. config.core.v3.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of Check{Request,Response} used on the wire. config.core.v3.ApiVersion transport_api_version = 5 [(validate.rules).enum = {defined_only: true}]; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6; } ================================================ FILE: api/envoy/extensions/filters/network/ext_authz/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/network/ext_authz/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/ext_authz/v4alpha/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ext_authz.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ext_authz.v4alpha"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. // [#next-free-field: 7] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.ext_authz.v3.ExtAuthz"; // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. config.core.v4alpha.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of Check{Request,Response} used on the wire. config.core.v4alpha.ApiVersion transport_api_version = 5 [(validate.rules).enum = {defined_only: true}]; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v4alpha.MetadataMatcher filter_enabled_metadata = 6; } ================================================ FILE: api/envoy/extensions/filters/network/http_connection_manager/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.http_connection_manager.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/protocol.proto"; import "envoy/config/core/v3/substitution_format_string.proto"; import "envoy/config/route/v3/route.proto"; import "envoy/config/route/v3/scoped_route.proto"; import "envoy/config/trace/v3/http_tracer.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v3"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 41] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager"; enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager.Tracing"; enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } reserved 1, 2; reserved "operation_name", "request_headers_for_tags"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v3.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. config.trace.v3.Tracing.Http provider = 9; } message InternalAddressConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "InternalAddressConfig"; // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "SetCurrentClientCertDetails"; reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "UpgradeConfig"; // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27, 11; reserved "idle_timeout"; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. config.route.v3.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. config.core.v3.HttpProtocolOptions common_http_protocol_options = 35 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. config.core.v3.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. config.core.v3.Http2ProtocolOptions http2_protocol_options = 9 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to // this corner case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated config.accesslog.v3.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // If set, Envoy will always set :ref:`x-request-id ` header in response. // If this is false or not set, the request ID is returned in responses only if tracing is forced using // :ref:`x-envoy-force-trace ` header. bool always_set_request_id_in_response = 37; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; // The configuration to customize local reply returned by Envoy. It can customize status code, // body text and response content type. If not specified, status code and text body are hard // coded in Envoy, the response content type is plain text. LocalReplyConfig local_reply_config = 38; // Determines if the port part should be removed from host/authority header before any processing // of request by HTTP filters or routing. The port would be removed only if it is equal to the :ref:`listener's` // local port and request method is not CONNECT. This affects the upstream host header as well. // Without setting this option, incoming requests with host `example:443` will not match against // route with :ref:`domains` match set to `example`. Defaults to `false`. Note that port removal is not part // of `HTTP spec `_ and is provided for convenience. bool strip_matching_host_port = 39; // Governs Envoy's behavior when receiving invalid HTTP from downstream. // If this option is false (default), Envoy will err on the conservative side handling HTTP // errors, terminating both HTTP/1.1 and HTTP/2 connections when receiving an invalid request. // If this option is set to true, Envoy will be more permissive, only resetting the invalid // stream in the case of HTTP/2 and leaving the connection open where possible (if the entire // request is read for HTTP/1.1) // In general this should be true for deployments receiving trusted traffic (L2 Envoys, // company-internal mesh) and false when receiving untrusted traffic (edge deployments). // // If different behaviors for invalid_http_message for HTTP/1 and HTTP/2 are // desired, one should use the new HTTP/1 option :ref:`override_stream_error_on_invalid_http_message // ` or the new HTTP/2 option // :ref:`override_stream_error_on_invalid_http_message // ` // *not* the deprecated but similarly named :ref:`stream_error_on_invalid_http_messaging // ` google.protobuf.BoolValue stream_error_on_invalid_http_message = 40; } // The configuration to customize local reply returned by Envoy. message LocalReplyConfig { // Configuration of list of mappers which allows to filter and change local response. // The mappers will be checked by the specified order until one is matched. repeated ResponseMapper mappers = 1; // The configuration to form response body from the :ref:`command operators ` // and to specify response content type as one of: plain/text or application/json. // // Example one: "plain/text" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // The following response body in "plain/text" format will be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: text // // upstream connect error:503:path=/foo // // Example two: "application/json" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // path: "%REQ(:path)%" // // The following response body in "application/json" format would be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: json // // { // "status": 503, // "message": "upstream connection error", // "path": "/foo" // } // config.core.v3.SubstitutionFormatString body_format = 2; } // The configuration to filter and change local response. // [#next-free-field: 6] message ResponseMapper { // Filter to determine if this mapper should apply. config.accesslog.v3.AccessLogFilter filter = 1 [(validate.rules).message = {required: true}]; // The new response status code if specified. google.protobuf.UInt32Value status_code = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // The new local reply body text if specified. It will be used in the `%LOCAL_REPLY_BODY%` // command operator in the `body_format`. config.core.v3.DataSource body = 3; // A per mapper `body_format` to override the :ref:`body_format `. // It will be used when this mapper is matched. config.core.v3.SubstitutionFormatString body_format_override = 4; // HTTP headers to add to a local reply. This allows the response mapper to append, to add // or to override headers of any local reply before it is sent to a downstream client. repeated config.core.v3.HeaderValueOption headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; } message Rds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.Rds"; // Configuration source specifier for RDS. config.core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for RDS. This is mutually exclusive to *route_config_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRouteConfigurationsList"; repeated config.route.v3.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes"; // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder"; // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder"; // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder.HeaderValueExtractor"; // Specifies a header field's key value pair to match on. message KvElement { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder.HeaderValueExtractor.KvElement"; // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_len: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_len: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_len: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_len: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. config.core.v3.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRds"; // Configuration source specifier for scoped RDS. config.core.v3.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } // [#next-free-field: 6] message HttpFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpFilter"; reserved 3, 2; reserved "config"; // The name of the filter configuration. The name is used as a fallback to // select an extension if the type of the configuration proto is not // sufficient. It also serves as a resource name in ExtensionConfigDS. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. google.protobuf.Any typed_config = 4; // Configuration source specifier for an extension configuration discovery service. // In case of a failure and without the default configuration, the HTTP listener responds with code 500. // Extension configs delivered through this mechanism are not expected to require warming (see https://github.com/envoyproxy/envoy/issues/12061). config.core.v3.ExtensionConfigSource config_discovery = 5; } } message RequestIDExtension { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.RequestIDExtension"; // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: api/envoy/extensions/filters/network/http_connection_manager/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/config/trace/v4alpha:pkg", "//envoy/extensions/filters/network/http_connection_manager/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.http_connection_manager.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "envoy/config/core/v4alpha/substitution_format_string.proto"; import "envoy/config/route/v4alpha/route.proto"; import "envoy/config/route/v4alpha/scoped_route.proto"; import "envoy/config/trace/v4alpha/http_tracer.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v4alpha"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 41] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"; enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing"; enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } reserved 1, 2; reserved "operation_name", "request_headers_for_tags"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v3.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. config.trace.v4alpha.Tracing.Http provider = 9; } message InternalAddressConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "InternalAddressConfig"; // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "SetCurrentClientCertDetails"; reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "UpgradeConfig"; // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27, 11; reserved "idle_timeout"; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. config.route.v4alpha.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. config.core.v4alpha.HttpProtocolOptions common_http_protocol_options = 35 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. config.core.v4alpha.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. config.core.v4alpha.Http2ProtocolOptions http2_protocol_options = 9 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to // this corner case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated config.accesslog.v4alpha.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // If set, Envoy will always set :ref:`x-request-id ` header in response. // If this is false or not set, the request ID is returned in responses only if tracing is forced using // :ref:`x-envoy-force-trace ` header. bool always_set_request_id_in_response = 37; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; // The configuration to customize local reply returned by Envoy. It can customize status code, // body text and response content type. If not specified, status code and text body are hard // coded in Envoy, the response content type is plain text. LocalReplyConfig local_reply_config = 38; // Determines if the port part should be removed from host/authority header before any processing // of request by HTTP filters or routing. The port would be removed only if it is equal to the :ref:`listener's` // local port and request method is not CONNECT. This affects the upstream host header as well. // Without setting this option, incoming requests with host `example:443` will not match against // route with :ref:`domains` match set to `example`. Defaults to `false`. Note that port removal is not part // of `HTTP spec `_ and is provided for convenience. bool strip_matching_host_port = 39; // Governs Envoy's behavior when receiving invalid HTTP from downstream. // If this option is false (default), Envoy will err on the conservative side handling HTTP // errors, terminating both HTTP/1.1 and HTTP/2 connections when receiving an invalid request. // If this option is set to true, Envoy will be more permissive, only resetting the invalid // stream in the case of HTTP/2 and leaving the connection open where possible (if the entire // request is read for HTTP/1.1) // In general this should be true for deployments receiving trusted traffic (L2 Envoys, // company-internal mesh) and false when receiving untrusted traffic (edge deployments). // // If different behaviors for invalid_http_message for HTTP/1 and HTTP/2 are // desired, one should use the new HTTP/1 option :ref:`override_stream_error_on_invalid_http_message // ` or the new HTTP/2 option // :ref:`override_stream_error_on_invalid_http_message // ` // *not* the deprecated but similarly named :ref:`stream_error_on_invalid_http_messaging // ` google.protobuf.BoolValue stream_error_on_invalid_http_message = 40; } // The configuration to customize local reply returned by Envoy. message LocalReplyConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig"; // Configuration of list of mappers which allows to filter and change local response. // The mappers will be checked by the specified order until one is matched. repeated ResponseMapper mappers = 1; // The configuration to form response body from the :ref:`command operators ` // and to specify response content type as one of: plain/text or application/json. // // Example one: "plain/text" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // The following response body in "plain/text" format will be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: text // // upstream connect error:503:path=/foo // // Example two: "application/json" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // path: "%REQ(:path)%" // // The following response body in "application/json" format would be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: json // // { // "status": 503, // "message": "upstream connection error", // "path": "/foo" // } // config.core.v4alpha.SubstitutionFormatString body_format = 2; } // The configuration to filter and change local response. // [#next-free-field: 6] message ResponseMapper { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper"; // Filter to determine if this mapper should apply. config.accesslog.v4alpha.AccessLogFilter filter = 1 [(validate.rules).message = {required: true}]; // The new response status code if specified. google.protobuf.UInt32Value status_code = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // The new local reply body text if specified. It will be used in the `%LOCAL_REPLY_BODY%` // command operator in the `body_format`. config.core.v4alpha.DataSource body = 3; // A per mapper `body_format` to override the :ref:`body_format `. // It will be used when this mapper is matched. config.core.v4alpha.SubstitutionFormatString body_format_override = 4; // HTTP headers to add to a local reply. This allows the response mapper to append, to add // or to override headers of any local reply before it is sent to a downstream client. repeated config.core.v4alpha.HeaderValueOption headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; } message Rds { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.Rds"; // Configuration source specifier for RDS. config.core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; oneof name_specifier { // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2; // Resource locator for RDS. This is mutually exclusive to *route_config_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rds_resource_locator = 3; } } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRouteConfigurationsList"; repeated config.route.v4alpha.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes"; // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder"; // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder"; // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor"; // Specifies a header field's key value pair to match on. message KvElement { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor.KvElement"; // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_len: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_len: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_len: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_len: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. config.core.v4alpha.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRds"; // Configuration source specifier for scoped RDS. config.core.v4alpha.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } // [#next-free-field: 6] message HttpFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter"; reserved 3, 2; reserved "config"; // The name of the filter configuration. The name is used as a fallback to // select an extension if the type of the configuration proto is not // sufficient. It also serves as a resource name in ExtensionConfigDS. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. google.protobuf.Any typed_config = 4; // Configuration source specifier for an extension configuration discovery service. // In case of a failure and without the default configuration, the HTTP listener responds with code 500. // Extension configs delivered through this mechanism are not expected to require warming (see https://github.com/envoyproxy/envoy/issues/12061). config.core.v4alpha.ExtensionConfigSource config_discovery = 5; } } message RequestIDExtension { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension"; // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: api/envoy/extensions/filters/network/kafka_broker/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.kafka_broker.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.kafka_broker.v3"; option java_outer_classname = "KafkaBrokerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Kafka Broker] // Kafka Broker :ref:`configuration overview `. // [#extension: envoy.filters.network.kafka_broker] message KafkaBroker { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.kafka_broker.v2alpha1.KafkaBroker"; // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: api/envoy/extensions/filters/network/local_ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.local_ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/token_bucket.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.local_ratelimit.v3"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Local rate limit] // Local rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.local_ratelimit] message LocalRateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.local_rate_limit.v2alpha.LocalRateLimit"; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The token bucket configuration to use for rate limiting connections that are processed by the // filter's filter chain. Each incoming connection processed by the filter consumes a single // token. If the token is available, the connection will be allowed. If no tokens are available, // the connection will be immediately closed. // // .. note:: // In the current implementation each filter and filter chain has an independent rate limit. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.v3.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults // to enabled. config.core.v3.RuntimeFeatureFlag runtime_enabled = 3; } ================================================ FILE: api/envoy/extensions/filters/network/mongo_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.mongo_proxy.v3; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.mongo_proxy.v3"; option java_outer_classname = "MongoProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Mongo proxy] // MongoDB :ref:`configuration overview `. // [#extension: envoy.filters.network.mongo_proxy] message MongoProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.mongo_proxy.v2.MongoProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The optional path to use for writing Mongo access logs. If not access log // path is specified no access logs will be written. Note that access log is // also gated :ref:`runtime `. string access_log = 2; // Inject a fixed delay before proxying a Mongo operation. Delays are // applied to the following MongoDB operations: Query, Insert, GetMore, // and KillCursors. Once an active delay is in progress, all incoming // data up until the timer event fires will be a part of the delay. common.fault.v3.FaultDelay delay = 3; // Flag to specify whether :ref:`dynamic metadata // ` should be emitted. Defaults to false. bool emit_dynamic_metadata = 4; } ================================================ FILE: api/envoy/extensions/filters/network/mysql_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.mysql_proxy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.mysql_proxy.v3"; option java_outer_classname = "MysqlProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: MySQL proxy] // MySQL Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.mysql_proxy] message MySQLProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.mysql_proxy.v1alpha1.MySQLProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] The optional path to use for writing MySQL access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; } ================================================ FILE: api/envoy/extensions/filters/network/postgres_proxy/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.postgres_proxy.v3alpha; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.postgres_proxy.v3alpha"; option java_outer_classname = "PostgresProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Postgres proxy] // Postgres Proxy :ref:`configuration overview // `. // [#extension: envoy.filters.network.postgres_proxy] message PostgresProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Controls whether SQL statements received in Frontend Query messages // are parsed. Parsing is required to produce Postgres proxy filter // metadata. Defaults to true. google.protobuf.BoolValue enable_sql_parsing = 2; } ================================================ FILE: api/envoy/extensions/filters/network/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.ratelimit] // [#next-free-field: 7] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.rate_limit.v2.RateLimit"; // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The rate limit domain to use in the rate limit service request. string domain = 2 [(validate.rules).string = {min_len: 1}]; // The rate limit descriptor list to use in the rate limit service request. repeated common.ratelimit.v3.RateLimitDescriptor descriptors = 3 [(validate.rules).repeated = {min_items: 1}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 6 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/filters/network/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rbac.v3; import "envoy/config/rbac/v3/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.rbac.v2.RBAC"; enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v3.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_len: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: api/envoy/extensions/filters/network/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v4alpha:pkg", "//envoy/extensions/filters/network/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rbac.v4alpha; import "envoy/config/rbac/v4alpha/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rbac.v3.RBAC"; enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v4alpha.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_len: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: api/envoy/extensions/filters/network/redis_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.redis_proxy.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.redis_proxy.v3"; option java_outer_classname = "RedisProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis Proxy] // Redis Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.redis_proxy] // [#next-free-field: 9] message RedisProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy"; // Redis connection pool settings. // [#next-free-field: 9] message ConnPoolSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.ConnPoolSettings"; // ReadPolicy controls how Envoy routes read commands to Redis nodes. This is currently // supported for Redis Cluster. All ReadPolicy settings except MASTER may return stale data // because replication is asynchronous and requires some delay. You need to ensure that your // application can tolerate stale data. enum ReadPolicy { // Default mode. Read from the current primary node. MASTER = 0 [(udpa.annotations.enum_value_migrate).rename = "PRIMARY"]; // Read from the primary, but if it is unavailable, read from replica nodes. PREFER_MASTER = 1 [(udpa.annotations.enum_value_migrate).rename = "PREFER_PRIMARY"]; // Read from replica nodes. If multiple replica nodes are present within a shard, a random // node is selected. Healthy nodes have precedent over unhealthy nodes. REPLICA = 2; // Read from the replica nodes (similar to REPLICA), but if all replicas are unavailable (not // present or unhealthy), read from the primary. PREFER_REPLICA = 3; // Read from any node of the cluster. A random node is selected among the primary and // replicas, healthy nodes have precedent over unhealthy nodes. ANY = 4; } // Per-operation timeout in milliseconds. The timer starts when the first // command of a pipeline is written to the backend connection. Each response received from Redis // resets the timer since it signifies that the next command is being processed by the backend. // The only exception to this behavior is when a connection to a backend is not yet established. // In that case, the connect timeout on the cluster will govern the timeout until the connection // is ready. google.protobuf.Duration op_timeout = 1 [(validate.rules).duration = {required: true}]; // Use hash tagging on every redis key to guarantee that keys with the same hash tag will be // forwarded to the same upstream. The hash key used for determining the upstream in a // consistent hash ring configuration will be computed from the hash tagged key instead of the // whole key. The algorithm used to compute the hash tag is identical to the `redis-cluster // implementation `_. // // Examples: // // * '{user1000}.following' and '{user1000}.followers' **will** be sent to the same upstream // * '{user1000}.following' and '{user1001}.following' **might** be sent to the same upstream bool enable_hashtagging = 2; // Accept `moved and ask redirection // `_ errors from upstream // redis servers, and retry commands to the specified target server. The target server does not // need to be known to the cluster manager. If the command cannot be redirected, then the // original error is passed downstream unchanged. By default, this support is not enabled. bool enable_redirection = 3; // Maximum size of encoded request buffer before flush is triggered and encoded requests // are sent upstream. If this is unset, the buffer flushes whenever it receives data // and performs no batching. // This feature makes it possible for multiple clients to send requests to Envoy and have // them batched- for example if one is running several worker processes, each with its own // Redis connection. There is no benefit to using this with a single downstream process. // Recommended size (if enabled) is 1024 bytes. uint32 max_buffer_size_before_flush = 4; // The encoded request buffer is flushed N milliseconds after the first request has been // encoded, unless the buffer size has already exceeded `max_buffer_size_before_flush`. // If `max_buffer_size_before_flush` is not set, this flush timer is not used. Otherwise, // the timer should be set according to the number of clients, overall request rate and // desired maximum latency for a single command. For example, if there are many requests // being batched together at a high rate, the buffer will likely be filled before the timer // fires. Alternatively, if the request rate is lower the buffer will not be filled as often // before the timer fires. // If `max_buffer_size_before_flush` is set, but `buffer_flush_timeout` is not, the latter // defaults to 3ms. google.protobuf.Duration buffer_flush_timeout = 5; // `max_upstream_unknown_connections` controls how many upstream connections to unknown hosts // can be created at any given time by any given worker thread (see `enable_redirection` for // more details). If the host is unknown and a connection cannot be created due to enforcing // this limit, then redirection will fail and the original redirection error will be passed // downstream unchanged. This limit defaults to 100. google.protobuf.UInt32Value max_upstream_unknown_connections = 6; // Enable per-command statistics per upstream cluster, in addition to the filter level aggregate // count. These commands are measured in microseconds. bool enable_command_stats = 8; // Read policy. The default is to read from the primary. ReadPolicy read_policy = 7 [(validate.rules).enum = {defined_only: true}]; } message PrefixRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes"; message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes.Route"; // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes.Route." "RequestMirrorPolicy"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified or the runtime key is not present, all requests to the target cluster // will be mirrored. // // If specified, Envoy will lookup the runtime key to get the percentage of requests to the // mirror. config.core.v3.RuntimeFractionalPercent runtime_fraction = 2; // Set this to TRUE to only mirror write commands, this is effectively replicating the // writes in a "fire and forget" manner. bool exclude_read_commands = 3; } // String prefix that must match the beginning of the keys. Envoy will always favor the // longest match. string prefix = 1 [(validate.rules).string = {max_bytes: 1000}]; // Indicates if the prefix needs to be removed from the key when forwarded. bool remove_prefix = 2; // Upstream cluster to forward the command to. string cluster = 3 [(validate.rules).string = {min_len: 1}]; // Indicates that the route has a request mirroring policy. repeated RequestMirrorPolicy request_mirror_policy = 4; } reserved 3; reserved "catch_all_cluster"; // List of prefix routes. repeated Route routes = 1; // Indicates that prefix matching should be case insensitive. bool case_insensitive = 2; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. Route catch_all_route = 4; } // RedisFault defines faults used for fault injection. message RedisFault { enum RedisFaultType { // Delays requests. This is the base fault; other faults can have delays added. DELAY = 0; // Returns errors on requests. ERROR = 1; } // Fault type. RedisFaultType fault_type = 1 [(validate.rules).enum = {defined_only: true}]; // Percentage of requests fault applies to. config.core.v3.RuntimeFractionalPercent fault_enabled = 2 [(validate.rules).message = {required: true}]; // Delay for all faults. If not set, defaults to zero google.protobuf.Duration delay = 3; // Commands fault is restricted to, if any. If not set, fault applies to all commands // other than auth and ping (due to special handling of those commands in Envoy). repeated string commands = 4; } reserved 2; reserved "cluster"; // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Network settings for the connection pool to the upstream clusters. ConnPoolSettings settings = 3 [(validate.rules).message = {required: true}]; // Indicates that latency stat should be computed in microseconds. By default it is computed in // milliseconds. This does not apply to upstream command stats currently. bool latency_in_micros = 4; // List of **unique** prefixes used to separate keys from different workloads to different // clusters. Envoy will always favor the longest match first in case of overlap. A catch-all // cluster can be used to forward commands when there is no match. Time complexity of the // lookups are in O(min(longest key prefix, key length)). // // Example: // // .. code-block:: yaml // // prefix_routes: // routes: // - prefix: "ab" // cluster: "cluster_a" // - prefix: "abc" // cluster: "cluster_b" // // When using the above routes, the following prefixes would be sent to: // // * ``get abc:users`` would retrieve the key 'abc:users' from cluster_b. // * ``get ab:users`` would retrieve the key 'ab:users' from cluster_a. // * ``get z:users`` would return a NoUpstreamHost error. A :ref:`catch-all // route` // would have retrieved the key from that cluster instead. // // See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing clusters. PrefixRoutes prefix_routes = 5; // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this password before enabling any other // command. If an AUTH command's password matches this password, an "OK" response will be returned // to the client. If the AUTH command password does not match this password, then an "ERR invalid // password" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no password is set" error will be returned. config.core.v3.DataSource downstream_auth_password = 6 [(udpa.annotations.sensitive) = true]; // List of faults to inject. Faults currently come in two flavors: // - Delay, which delays a request. // - Error, which responds to a request with an error. Errors can also have delays attached. // // Example: // // .. code-block:: yaml // // faults: // - fault_type: ERROR // fault_enabled: // default_value: // numerator: 10 // denominator: HUNDRED // runtime_key: "bogus_key" // commands: // - GET // - fault_type: DELAY // fault_enabled: // default_value: // numerator: 10 // denominator: HUNDRED // runtime_key: "bogus_key" // delay: 2s // // See the :ref:`fault injection section // ` for more information on how to configure this. repeated RedisFault faults = 8; // If a username is provided an ACL style AUTH command will be required with a username and password. // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this username and the *downstream_auth_password* // before enabling any other command. If an AUTH command's username and password matches this username // and the *downstream_auth_password* , an "OK" response will be returned to the client. If the AUTH // command username or password does not match this username or the *downstream_auth_password*, then an // "WRONGPASS invalid username-password pair" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no ACL is set" error will be returned. config.core.v3.DataSource downstream_auth_username = 7 [(udpa.annotations.sensitive) = true]; } // RedisProtocolOptions specifies Redis upstream protocol options. This object is used in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.redis_proxy`. message RedisProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProtocolOptions"; // Upstream server password as defined by the `requirepass` directive // `_ in the server's configuration file. config.core.v3.DataSource auth_password = 1 [(udpa.annotations.sensitive) = true]; // Upstream server username as defined by the `user` directive // `_ in the server's configuration file. config.core.v3.DataSource auth_username = 2 [(udpa.annotations.sensitive) = true]; } ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v3/README.md ================================================ Protocol buffer definitions for the Rocketmq proxy. ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v3; import "envoy/extensions/filters/network/rocketmq_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v3"; option java_outer_classname = "RocketmqProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RocketMQ Proxy] // RocketMQ Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.rocketmq_proxy] message RocketmqProxy { // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is specified in this property. RouteConfiguration route_config = 2; // The largest duration transient object expected to live, more than 10s is recommended. google.protobuf.Duration transient_object_life_span = 3; // If develop_mode is enabled, this proxy plugin may work without dedicated traffic intercepting // facility without considering backward compatibility of exiting RocketMQ client SDK. bool develop_mode = 4; } ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rocketmq Proxy Route Configuration] // Rocketmq Proxy :ref:`configuration overview `. message RouteConfiguration { // The name of the route configuration. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { // The name of the topic. type.matcher.v3.StringMatcher topic = 1 [(validate.rules).message = {required: true}]; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v3.HeaderMatcher headers = 2; } message RouteAction { // Indicates the upstream cluster to which the request should be routed. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. config.core.v3.Metadata metadata_match = 2; } ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/rocketmq_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v4alpha; import "envoy/extensions/filters/network/rocketmq_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v4alpha"; option java_outer_classname = "RocketmqProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RocketMQ Proxy] // RocketMQ Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.rocketmq_proxy] message RocketmqProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RocketmqProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is specified in this property. RouteConfiguration route_config = 2; // The largest duration transient object expected to live, more than 10s is recommended. google.protobuf.Duration transient_object_life_span = 3; // If develop_mode is enabled, this proxy plugin may work without dedicated traffic intercepting // facility without considering backward compatibility of exiting RocketMQ client SDK. bool develop_mode = 4; } ================================================ FILE: api/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Rocketmq Proxy Route Configuration] // Rocketmq Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteConfiguration"; // The name of the route configuration. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteMatch"; // The name of the topic. type.matcher.v4alpha.StringMatcher topic = 1 [(validate.rules).message = {required: true}]; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteAction"; // Indicates the upstream cluster to which the request should be routed. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. config.core.v4alpha.Metadata metadata_match = 2; } ================================================ FILE: api/envoy/extensions/filters/network/sni_cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/sni_cluster/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.sni_cluster.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_cluster.v3"; option java_outer_classname = "SniClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SNI Cluster Filter] // Set the upstream cluster name from the SNI field in the TLS connection. // [#extension: envoy.filters.network.sni_cluster] message SniCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.sni_cluster.v2.SniCluster"; } ================================================ FILE: api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha"; option java_outer_classname = "SniDynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SNI dynamic forward proxy] // Configuration for the SNI-based dynamic forward proxy filter. See the // :ref:`architecture overview ` for // more information. Note this filter must be configured along with // :ref:`TLS inspector listener filter ` // to work. // [#extension: envoy.filters.network.sni_dynamic_forward_proxy] message FilterConfig { // The DNS cache configuration that the filter will attach to. Note this // configuration must match that of associated :ref:`dynamic forward proxy // cluster configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; oneof port_specifier { // The port number to connect to the upstream. uint32 port_value = 2 [(validate.rules).uint32 = {lte: 65535 gt: 0}]; } } ================================================ FILE: api/envoy/extensions/filters/network/tcp_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.tcp_proxy.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.tcp_proxy.v3"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 14] message TcpProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy"; // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. config.core.v3.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.TunnelingConfig"; // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_len: 1}]; } reserved 6; reserved "deprecated_v1"; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. config.core.v3.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated config.accesslog.v3.AccessLog access_log = 5; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.v3.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; // The maximum duration of a connection. The duration is defined as the period since a connection // was established. If not set, there is no max duration. When max_downstream_connection_duration // is reached the connection will be closed. Duration must be at least 1ms. google.protobuf.Duration max_downstream_connection_duration = 13 [(validate.rules).duration = {gte {nanos: 1000000}}]; } ================================================ FILE: api/envoy/extensions/filters/network/tcp_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/network/tcp_proxy/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/tcp_proxy/v4alpha/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.tcp_proxy.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.tcp_proxy.v4alpha"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 14] message TcpProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy"; // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. config.core.v4alpha.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.TunnelingConfig"; // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_len: 1}]; } reserved 6; reserved "deprecated_v1"; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. config.core.v4alpha.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated config.accesslog.v4alpha.AccessLog access_log = 5; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.v3.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; // The maximum duration of a connection. The duration is defined as the period since a connection // was established. If not set, there is no max duration. When max_downstream_connection_duration // is reached the connection will be closed. Duration must be at least 1ms. google.protobuf.Duration max_downstream_connection_duration = 13 [(validate.rules).duration = {gte {nanos: 1000000}}]; } ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.thrift.ratelimit] // [#next-free-field: 6] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.thrift.rate_limit.v2alpha1.RateLimit"; // The rate limit domain to use in the rate limit service request. string domain = 1 [(validate.rules).string = {min_len: 1}]; // Specifies the rate limit configuration stage. Each configured rate limit filter performs a // rate limit check using descriptors configured in the // :ref:`envoy_api_msg_extensions.filters.network.thrift_proxy.v3.RouteAction` for the request. // Only those entries with a matching stage number are used for a given filter. If not set, the // default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 3; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 4; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 5 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v3/README.md ================================================ Protocol buffer definitions for the Thrift proxy. ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteMatch"; oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated config.route.v3.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. config.core.v3.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated config.route.v3.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. config.core.v3.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v3; import "envoy/extensions/filters/network/thrift_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v3"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftProxy"; // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftProtocolOptions"; // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/thrift_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteMatch"; oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated config.route.v4alpha.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. config.core.v4alpha.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated config.route.v4alpha.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. config.core.v4alpha.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/extensions/filters/network/thrift_proxy/v4alpha/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v4alpha; import "envoy/extensions/filters/network/thrift_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v4alpha"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftProxy"; // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftProtocolOptions"; // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/extensions/filters/network/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.filters.network.wasm] // Wasm :ref:`configuration overview `. message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: api/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.zookeeper_proxy.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.zookeeper_proxy.v3"; option java_outer_classname = "ZookeeperProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ZooKeeper proxy] // ZooKeeper Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.zookeeper_proxy] message ZooKeeperProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.zookeeper_proxy.v1alpha1.ZooKeeperProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] The optional path to use for writing ZooKeeper access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; // Messages — requests, responses and events — that are bigger than this value will // be ignored. If it is not set, the default value is 1Mb. // // The value here should match the jute.maxbuffer property in your cluster configuration: // // https://zookeeper.apache.org/doc/r3.4.10/zookeeperAdmin.html#Unsafe+Options // // if that is set. If it isn't, ZooKeeper's default is also 1Mb. google.protobuf.UInt32Value max_packet_bytes = 3; } ================================================ FILE: api/envoy/extensions/filters/udp/dns_filter/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/dns/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v3alpha; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/data/dns/v3/dns_table.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.dns_filter.v3alpha"; option java_outer_classname = "DnsFilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: DNS Filter] // DNS Filter :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.dns_filter] // Configuration for the DNS filter. message DnsFilterConfig { // This message contains the configuration for the DNS Filter operating // in a server context. This message will contain the virtual hosts and // associated addresses with which Envoy will respond to queries message ServerContextConfig { oneof config_source { option (validate.required) = true; // Load the configuration specified from the control plane data.dns.v3.DnsTable inline_dns_table = 1; // Seed the filter configuration from an external path. This source // is a yaml formatted file that contains the DnsTable driving Envoy's // responses to DNS queries config.core.v3.DataSource external_dns_table = 2; } } // This message contains the configuration for the DNS Filter operating // in a client context. This message will contain the timeouts, retry, // and forwarding configuration for Envoy to make DNS requests to other // resolvers message ClientContextConfig { // Sets the maximum time we will wait for the upstream query to complete // We allow 5s for the upstream resolution to complete, so the minimum // value here is 1. Note that the total latency for a failed query is the // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; // A list of DNS servers to which we can forward queries. If not // specified, Envoy will use the ambient DNS resolvers in the // system. repeated config.core.v3.Address upstream_resolvers = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external // resolution times out or is otherwise unsuccessful uint64 max_pending_lookups = 3 [(validate.rules).uint64 = {gte: 1}]; } // The stat prefix used when emitting DNS filter statistics string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Server context configuration contains the data that the filter uses to respond // to DNS requests. ServerContextConfig server_config = 2; // Client context configuration controls Envoy's behavior when it must use external // resolvers to answer a query. This object is optional and if omitted instructs // the filter to resolve queries from the data in the server_config ClientContextConfig client_config = 3; } ================================================ FILE: api/envoy/extensions/filters/udp/dns_filter/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/dns/v4alpha:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/dns/v4alpha/dns_table.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.dns_filter.v4alpha"; option java_outer_classname = "DnsFilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: DNS Filter] // DNS Filter :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.dns_filter] // Configuration for the DNS filter. message DnsFilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig"; // This message contains the configuration for the DNS Filter operating // in a server context. This message will contain the virtual hosts and // associated addresses with which Envoy will respond to queries message ServerContextConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig.ServerContextConfig"; oneof config_source { option (validate.required) = true; // Load the configuration specified from the control plane data.dns.v4alpha.DnsTable inline_dns_table = 1; // Seed the filter configuration from an external path. This source // is a yaml formatted file that contains the DnsTable driving Envoy's // responses to DNS queries config.core.v4alpha.DataSource external_dns_table = 2; } } // This message contains the configuration for the DNS Filter operating // in a client context. This message will contain the timeouts, retry, // and forwarding configuration for Envoy to make DNS requests to other // resolvers message ClientContextConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig.ClientContextConfig"; // Sets the maximum time we will wait for the upstream query to complete // We allow 5s for the upstream resolution to complete, so the minimum // value here is 1. Note that the total latency for a failed query is the // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; // A list of DNS servers to which we can forward queries. If not // specified, Envoy will use the ambient DNS resolvers in the // system. repeated config.core.v4alpha.Address upstream_resolvers = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external // resolution times out or is otherwise unsuccessful uint64 max_pending_lookups = 3 [(validate.rules).uint64 = {gte: 1}]; } // The stat prefix used when emitting DNS filter statistics string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Server context configuration contains the data that the filter uses to respond // to DNS requests. ServerContextConfig server_config = 2; // Client context configuration controls Envoy's behavior when it must use external // resolvers to answer a query. This object is optional and if omitted instructs // the filter to resolve queries from the data in the server_config ClientContextConfig client_config = 3; } ================================================ FILE: api/envoy/extensions/filters/udp/udp_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.udp_proxy.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.udp_proxy.v3"; option java_outer_classname = "UdpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: UDP proxy] // UDP proxy :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.udp_proxy] // Configuration for the UDP proxy filter. // [#next-free-field: 6] message UdpProxyConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.udp.udp_proxy.v2alpha.UdpProxyConfig"; // Specifies the UDP hash policy. // The packets can be routed by hash policy. message HashPolicy { oneof policy_specifier { option (validate.required) = true; // The source IP will be used to compute the hash used by hash-based load balancing algorithms. bool source_ip = 1 [(validate.rules).bool = {const: true}]; } } // The stat prefix used when emitting UDP proxy filter stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // The idle timeout for sessions. Idle is defined as no datagrams between received or sent by // the session. The default if not specified is 1 minute. google.protobuf.Duration idle_timeout = 3; // Use the remote downstream IP address as the sender IP address when sending packets to upstream hosts. // This option requires Envoy to be run with the *CAP_NET_ADMIN* capability on Linux. // And the IPv6 stack must be enabled on Linux kernel. // This option does not preserve the remote downstream port. // If this option is enabled, the IP address of sent datagrams will be changed to the remote downstream IP address. // This means that Envoy will not receive packets that are sent by upstream hosts because the upstream hosts // will send the packets with the remote downstream IP address as the destination. All packets will be routed // to the remote downstream directly if there are route rules on the upstream host side. // There are two options to return the packets back to the remote downstream. // The first one is to use DSR (Direct Server Return). // The other one is to configure routing rules on the upstream hosts to forward // all packets back to Envoy and configure iptables rules on the host running Envoy to // forward all packets from upstream hosts to the Envoy process so that Envoy can forward the packets to the downstream. // If the platform does not support this option, Envoy will raise a configuration error. bool use_original_src_ip = 4; // Optional configuration for UDP proxy hash policies. If hash_policies is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated HashPolicy hash_policies = 5 [(validate.rules).repeated = {max_items: 1}]; } ================================================ FILE: api/envoy/extensions/internal_redirect/allow_listed_routes/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.allow_listed_routes.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.allow_listed_routes.v3"; option java_outer_classname = "AllowListedRoutesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Allow listed routes internal redirect predicate] // An internal redirect predicate that accepts only explicitly allowed target routes. // [#extension: envoy.internal_redirect_predicates.allow_listed_routes] message AllowListedRoutesConfig { // The list of routes that's allowed as redirect target by this predicate, // identified by the route's :ref:`name `. // Empty route names are not allowed. repeated string allowed_route_names = 1 [(validate.rules).repeated = {items {string {min_len: 1}}}]; } ================================================ FILE: api/envoy/extensions/internal_redirect/previous_routes/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/internal_redirect/previous_routes/v3/previous_routes_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.previous_routes.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.previous_routes.v3"; option java_outer_classname = "PreviousRoutesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous routes internal redirect predicate] // An internal redirect predicate that rejects redirect targets that are pointing // to a route that has been followed by a previous redirect from the current route. // [#extension: envoy.internal_redirect_predicates.previous_routes] message PreviousRoutesConfig { } ================================================ FILE: api/envoy/extensions/internal_redirect/safe_cross_scheme/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/internal_redirect/safe_cross_scheme/v3/safe_cross_scheme_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.safe_cross_scheme.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.safe_cross_scheme.v3"; option java_outer_classname = "SafeCrossSchemeConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SafeCrossScheme internal redirect predicate] // An internal redirect predicate that checks the scheme between the // downstream url and the redirect target url and allows a) same scheme // redirect and b) safe cross scheme redirect, which means if the downstream // scheme is HTTPS, both HTTPS and HTTP redirect targets are allowed, but if the // downstream scheme is HTTP, only HTTP redirect targets are allowed. // [#extension: // envoy.internal_redirect_predicates.safe_cross_scheme] message SafeCrossSchemeConfig { } ================================================ FILE: api/envoy/extensions/network/socket_interface/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/network/socket_interface/v3/default_socket_interface.proto ================================================ syntax = "proto3"; package envoy.extensions.network.socket_interface.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.network.socket_interface.v3"; option java_outer_classname = "DefaultSocketInterfaceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Default Socket Interface configuration] // Configuration for default socket interface that relies on OS dependent syscall to create // sockets. message DefaultSocketInterface { } ================================================ FILE: api/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/retry/omit_host_metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.proto ================================================ syntax = "proto3"; package envoy.extensions.retry.host.omit_host_metadata.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.retry.host.omit_host_metadata.v3"; option java_outer_classname = "OmitHostMetadataConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Omit host metadata retry predicate] // A retry host predicate that can be used to reject a host based on // predefined metadata match criteria. // [#extension: envoy.retry_host_predicates.omit_host_metadata] message OmitHostMetadataConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.retry.omit_host_metadata.v2.OmitHostMetadataConfig"; // Retry host predicate metadata match criteria. The hosts in // the upstream cluster with matching metadata will be omitted while // attempting a retry of a failed request. The metadata should be specified // under the *envoy.lb* key. config.core.v3.Metadata metadata_match = 1; } ================================================ FILE: api/envoy/extensions/retry/priority/previous_priorities/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/retry/previous_priorities:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/retry/priority/previous_priorities/v3/previous_priorities_config.proto ================================================ syntax = "proto3"; package envoy.extensions.retry.priority.previous_priorities.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.retry.priority.previous_priorities.v3"; option java_outer_classname = "PreviousPrioritiesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous priorities retry selector] // A retry host selector that attempts to spread retries between priorities, even if certain // priorities would not normally be attempted due to higher priorities being available. // // As priorities get excluded, load will be distributed amongst the remaining healthy priorities // based on the relative health of the priorities, matching how load is distributed during regular // host selection. For example, given priority healths of {100, 50, 50}, the original load will be // {100, 0, 0} (since P0 has capacity to handle 100% of the traffic). If P0 is excluded, the load // changes to {0, 50, 50}, because P1 is only able to handle 50% of the traffic, causing the // remaining to spill over to P2. // // Each priority attempted will be excluded until there are no healthy priorities left, at which // point the list of attempted priorities will be reset, essentially starting from the beginning. // For example, given three priorities P0, P1, P2 with healthy % of 100, 0 and 50 respectively, the // following sequence of priorities would be selected (assuming update_frequency = 1): // Attempt 1: P0 (P0 is 100% healthy) // Attempt 2: P2 (P0 already attempted, P2 only healthy priority) // Attempt 3: P0 (no healthy priorities, reset) // Attempt 4: P2 // // In the case of all upstream hosts being unhealthy, no adjustments will be made to the original // priority load, so behavior should be identical to not using this plugin. // // Using this PriorityFilter requires rebuilding the priority load, which runs in O(# of // priorities), which might incur significant overhead for clusters with many priorities. // [#extension: envoy.retry_priorities.previous_priorities] message PreviousPrioritiesConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.retry.previous_priorities.PreviousPrioritiesConfig"; // How often the priority load should be updated based on previously attempted priorities. Useful // to allow each priorities to receive more than one request before being excluded or to reduce // the number of times that the priority load has to be recomputed. // // For example, by setting this to 2, then the first two attempts (initial attempt and first // retry) will use the unmodified priority load. The third and fourth attempt will use priority // load which excludes the priorities routed to with the first two attempts, and the fifth and // sixth attempt will use the priority load excluding the priorities used for the first four // attempts. // // Must be greater than 0. int32 update_frequency = 1 [(validate.rules).int32 = {gt: 0}]; } ================================================ FILE: api/envoy/extensions/stat_sinks/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/stat_sinks/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.stat_sinks.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.stat_sinks.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // Wasm :ref:`configuration overview `. // [#extension: envoy.stat_sinks.wasm] message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: api/envoy/extensions/tracers/datadog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/tracers/datadog/v4alpha/datadog.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.datadog.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.datadog.v4alpha"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.DatadogConfig"; // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: api/envoy/extensions/tracers/dynamic_ot/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/tracers/dynamic_ot/v4alpha/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.dynamic_ot.v4alpha; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.dynamic_ot.v4alpha"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.DynamicOtConfig"; // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_len: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: api/envoy/extensions/tracers/lightstep/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/tracers/lightstep/v4alpha/lightstep.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.lightstep.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.lightstep.v4alpha"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.LightstepConfig"; // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_len: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: api/envoy/extensions/tracers/opencensus/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: api/envoy/extensions/tracers/opencensus/v4alpha/opencensus.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.opencensus.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.opencensus.v4alpha"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.OpenCensusConfig"; enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. .opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. config.core.v4alpha.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. config.core.v4alpha.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: api/envoy/extensions/tracers/xray/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/tracers/xray/v4alpha/xray.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.xray.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.xray.v4alpha"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.XRayConfig"; message SegmentFields { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.XRayConfig.SegmentFields"; // The type of AWS resource, e.g. "AWS::AppMesh::Proxy". string origin = 1; // AWS resource metadata dictionary. // See: `X-Ray Segment Document documentation `__ google.protobuf.Struct aws = 2; } // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. config.core.v4alpha.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ config.core.v4alpha.DataSource sampling_rule_manifest = 3; // Optional custom fields to be added to each trace segment. // see: `X-Ray Segment Document documentation // `__ SegmentFields segment_fields = 4; } ================================================ FILE: api/envoy/extensions/tracers/zipkin/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/tracers/zipkin/v4alpha/zipkin.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.zipkin.v4alpha; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.zipkin.v4alpha"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.ZipkinConfig"; // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: api/envoy/extensions/transport_sockets/alts/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/transport_socket/alts/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/alts/v3/alts.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.alts.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.alts.v3"; option java_outer_classname = "AltsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ALTS] // [#extension: envoy.transport_sockets.alts] // Configuration for ALTS transport socket. This provides Google's ALTS protocol to Envoy. // https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/ message Alts { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.alts.v2alpha.Alts"; // The location of a handshaker service, this is usually 169.254.169.254:8080 // on GCE. string handshaker_service = 1 [(validate.rules).string = {min_len: 1}]; // The acceptable service accounts from peer, peers not in the list will be rejected in the // handshake validation step. If empty, no validation will be performed. repeated string peer_service_accounts = 2; } ================================================ FILE: api/envoy/extensions/transport_sockets/proxy_protocol/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.proxy_protocol.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/proxy_protocol.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.proxy_protocol.v3"; option java_outer_classname = "UpstreamProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Upstream Proxy Protocol] // [#extension: envoy.transport_sockets.upstream_proxy_protocol] // Configuration for PROXY protocol socket message ProxyProtocolUpstreamTransport { // The PROXY protocol settings config.core.v3.ProxyProtocolConfig config = 1; // The underlying transport socket being wrapped. config.core.v3.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/quic/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/transport_sockets/tls/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/quic/v3/quic_transport.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.quic.v3; import "envoy/extensions/transport_sockets/tls/v3/tls.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.quic.v3"; option java_outer_classname = "QuicTransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: quic transport] // [#extension: envoy.transport_sockets.quic] // Configuration for Downstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicDownstreamTransport { tls.v3.DownstreamTlsContext downstream_tls_context = 1 [(validate.rules).message = {required: true}]; } // Configuration for Upstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicUpstreamTransport { tls.v3.UpstreamTlsContext upstream_tls_context = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/quic/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/transport_sockets/quic/v3:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/quic/v4alpha/quic_transport.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.quic.v4alpha; import "envoy/extensions/transport_sockets/tls/v4alpha/tls.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.quic.v4alpha"; option java_outer_classname = "QuicTransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: quic transport] // [#extension: envoy.transport_sockets.quic] // Configuration for Downstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicDownstreamTransport { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport"; tls.v4alpha.DownstreamTlsContext downstream_tls_context = 1 [(validate.rules).message = {required: true}]; } // Configuration for Upstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicUpstreamTransport { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.quic.v3.QuicUpstreamTransport"; tls.v4alpha.UpstreamTlsContext upstream_tls_context = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/transport_socket/raw_buffer/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/raw_buffer/v3/raw_buffer.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.raw_buffer.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.raw_buffer.v3"; option java_outer_classname = "RawBufferProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Raw Buffer] // [#extension: envoy.transport_sockets.raw_buffer] // Configuration for raw buffer transport socket. message RawBuffer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.raw_buffer.v2.RawBuffer"; } ================================================ FILE: api/envoy/extensions/transport_sockets/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/extensions/common/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.tap.v2alpha.Tap"; // Common configuration for the tap transport socket. common.tap.v3.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. config.core.v3.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/common/tap/v4alpha:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tap.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/extensions/common/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tap.v3.Tap"; // Common configuration for the tap transport socket. common.tap.v4alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. config.core.v4alpha.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/auth:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v3/cert.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "udpa/annotations/status.proto"; import public "envoy/extensions/transport_sockets/tls/v3/common.proto"; import public "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import public "envoy/extensions/transport_sockets/tls/v3/tls.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "CertProto"; option java_multiple_files = true; ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v3/common.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common TLS configuration] message TlsParameters { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsParameters"; enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.PrivateKeyProvider"; reserved 2; reserved "config"; // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_len: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsCertificate"; // The TLS certificate chain. config.core.v3.DataSource certificate_chain = 1; // The TLS private key. config.core.v3.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. config.core.v3.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // The OCSP response to be stapled with this certificate during the handshake. // The response must be DER-encoded and may only be provided via ``filename`` or // ``inline_bytes``. The response may pertain to only one certificate. config.core.v3.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated config.core.v3.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsSessionTicketKeys"; // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated config.core.v3.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CertificateValidationContext"; // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } reserved 4, 5; reserved "verify_subject_alt_name"; // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. Note // that if a CRL is provided for any certificate authority in a trust chain, a CRL must be // provided for all certificate authorities in that chain. Failure to do so will result in // verification failure for both revoked and unrevoked certificates from that chain. // // See :ref:`the TLS overview ` for a list of common // system CA locations. config.core.v3.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_len: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_len: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.v3.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. Note that if a CRL is provided // for any certificate authority in a trust chain, a CRL must be provided // for all certificate authorities in that chain. Failure to do so will // result in verification failure for both revoked and unrevoked certificates // from that chain. config.core.v3.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v3/secret.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/extensions/transport_sockets/tls/v3/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Secrets configuration] message GenericSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.GenericSecret"; // Secret of generic type and is available to filters. config.core.v3.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.SdsSecretConfig"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for SDS. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator sds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; config.core.v3.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.Secret"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v3/tls.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/extension.proto"; import "envoy/extensions/transport_sockets/tls/v3/common.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.UpstreamTlsContext"; // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 9] message DownstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.DownstreamTlsContext"; enum OcspStaplePolicy { // OCSP responses are optional. If an OCSP response is absent // or expired, the associated certificate will be used for // connections without an OCSP staple. LENIENT_STAPLING = 0; // OCSP responses are optional. If an OCSP response is absent, // the associated certificate will be used without an // OCSP staple. If a response is provided but is expired, // the associated certificate will not be used for // subsequent connections. If no suitable certificate is found, // the connection is rejected. STRICT_STAPLING = 1; // OCSP responses are required. Configuration will fail if // a certificate is provided without an OCSP response. If a // response expires, the associated certificate will not be // used connections. If no suitable certificate is found, the // connection is rejected. MUST_STAPLE = 2; } // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; // Config for whether to use certificates if they do not have // an accompanying OCSP response or if the response expires at runtime. // Defaults to LENIENT_STAPLING OcspStaplePolicy ocsp_staple_policy = 8 [(validate.rules).enum = {defined_only: true}]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 14] message CommonTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CommonTlsContext"; // Config for Certificate provider to get certificates. This provider should allow certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. message CertificateProvider { // opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "TLS" to specify a new tls-certificate. string name = 1 [(validate.rules).string = {min_len: 1}]; // Provider specific config. // Note: an implementation is expected to dedup multiple instances of the same config // to maintain a single certificate-provider instance. The sharing can happen, for // example, among multiple clusters or between the tls_certificate and validation_context // certificate providers of a cluster. // This config could be supplied inline or (in future) a named xDS resource. oneof config { option (validate.required) = true; config.core.v3.TypedExtensionConfig typed_config = 2; } } // Similar to CertificateProvider above, but allows the provider instances to be configured on // the client side instead of being sent from the control plane. message CertificateProviderInstance { // Provider instance name. This name must be defined in the client's configuration (e.g., a // bootstrap file) to correspond to a provider instance (i.e., the same data in the typed_config // field that would be sent in the CertificateProvider message if the config was sent by the // control plane). If not present, defaults to "default". // // Instance names should generally be defined not in terms of the underlying provider // implementation (e.g., "file_watcher") but rather in terms of the function of the // certificates (e.g., "foo_deployment_identity"). string instance_name = 1; // Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "example.com" to specify a certificate for a // particular domain. Not all provider instances will actually use this field, so the value // defaults to the empty string. string certificate_name = 2; } message CombinedCertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext"; // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. SdsSecretConfig validation_context_sds_secret_config = 2 [ (validate.rules).message = {required: true}, (udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context" ]; // Certificate provider for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 3 [(udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context"]; // Certificate provider instance for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 4 [(udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context"]; } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] CertificateProvider tls_certificate_certificate_provider = 9; // Certificate provider instance for fetching TLS certificates. // [#not-implemented-hide:] CertificateProviderInstance tls_certificate_certificate_provider_instance = 11; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; // Certificate provider for fetching validation context. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 10; // Certificate provider instance for fetching validation context. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 12; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; // Custom TLS handshaker. If empty, defaults to native TLS handshaking // behavior. config.core.v3.TypedExtensionConfig custom_handshaker = 13; } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common TLS configuration] message TlsParameters { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsParameters"; enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.PrivateKeyProvider"; reserved 2; reserved "config"; // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_len: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsCertificate"; // The TLS certificate chain. config.core.v4alpha.DataSource certificate_chain = 1; // The TLS private key. config.core.v4alpha.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. config.core.v4alpha.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // The OCSP response to be stapled with this certificate during the handshake. // The response must be DER-encoded and may only be provided via ``filename`` or // ``inline_bytes``. The response may pertain to only one certificate. config.core.v4alpha.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated config.core.v4alpha.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys"; // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated config.core.v4alpha.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext"; // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } reserved 4, 5; reserved "verify_subject_alt_name"; // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. Note // that if a CRL is provided for any certificate authority in a trust chain, a CRL must be // provided for all certificate authorities in that chain. Failure to do so will result in // verification failure for both revoked and unrevoked certificates from that chain. // // See :ref:`the TLS overview ` for a list of common // system CA locations. config.core.v4alpha.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_len: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_len: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.v4alpha.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. Note that if a CRL is provided // for any certificate authority in a trust chain, a CRL must be provided // for all certificate authorities in that chain. Failure to do so will // result in verification failure for both revoked and unrevoked certificates // from that chain. config.core.v4alpha.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v4alpha/secret.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Secrets configuration] message GenericSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.GenericSecret"; // Secret of generic type and is available to filters. config.core.v4alpha.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig"; oneof name_specifier { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1; // Resource locator for SDS. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator sds_resource_locator = 3; } config.core.v4alpha.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.Secret"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: api/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/common.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext"; // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 9] message DownstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext"; enum OcspStaplePolicy { // OCSP responses are optional. If an OCSP response is absent // or expired, the associated certificate will be used for // connections without an OCSP staple. LENIENT_STAPLING = 0; // OCSP responses are optional. If an OCSP response is absent, // the associated certificate will be used without an // OCSP staple. If a response is provided but is expired, // the associated certificate will not be used for // subsequent connections. If no suitable certificate is found, // the connection is rejected. STRICT_STAPLING = 1; // OCSP responses are required. Configuration will fail if // a certificate is provided without an OCSP response. If a // response expires, the associated certificate will not be // used connections. If no suitable certificate is found, the // connection is rejected. MUST_STAPLE = 2; } // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; // Config for whether to use certificates if they do not have // an accompanying OCSP response or if the response expires at runtime. // Defaults to LENIENT_STAPLING OcspStaplePolicy ocsp_staple_policy = 8 [(validate.rules).enum = {defined_only: true}]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 14] message CommonTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext"; // Config for Certificate provider to get certificates. This provider should allow certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. message CertificateProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider"; // opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "TLS" to specify a new tls-certificate. string name = 1 [(validate.rules).string = {min_len: 1}]; // Provider specific config. // Note: an implementation is expected to dedup multiple instances of the same config // to maintain a single certificate-provider instance. The sharing can happen, for // example, among multiple clusters or between the tls_certificate and validation_context // certificate providers of a cluster. // This config could be supplied inline or (in future) a named xDS resource. oneof config { option (validate.required) = true; config.core.v4alpha.TypedExtensionConfig typed_config = 2; } } // Similar to CertificateProvider above, but allows the provider instances to be configured on // the client side instead of being sent from the control plane. message CertificateProviderInstance { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance"; // Provider instance name. This name must be defined in the client's configuration (e.g., a // bootstrap file) to correspond to a provider instance (i.e., the same data in the typed_config // field that would be sent in the CertificateProvider message if the config was sent by the // control plane). If not present, defaults to "default". // // Instance names should generally be defined not in terms of the underlying provider // implementation (e.g., "file_watcher") but rather in terms of the function of the // certificates (e.g., "foo_deployment_identity"). string instance_name = 1; // Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "example.com" to specify a certificate for a // particular domain. Not all provider instances will actually use this field, so the value // defaults to the empty string. string certificate_name = 2; } message CombinedCertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext." "CombinedCertificateValidationContext"; // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; oneof dynamic_validation_context { // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. SdsSecretConfig validation_context_sds_secret_config = 2 [(validate.rules).message = {required: true}]; // Certificate provider for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 3; // Certificate provider instance for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 4; } } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] CertificateProvider tls_certificate_certificate_provider = 9; // Certificate provider instance for fetching TLS certificates. // [#not-implemented-hide:] CertificateProviderInstance tls_certificate_certificate_provider_instance = 11; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; // Certificate provider for fetching validation context. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 10; // Certificate provider instance for fetching validation context. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 12; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; // Custom TLS handshaker. If empty, defaults to native TLS handshaking // behavior. config.core.v4alpha.TypedExtensionConfig custom_handshaker = 13; } ================================================ FILE: api/envoy/extensions/upstreams/http/generic/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/upstreams/http/generic/v3/generic_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.generic.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.generic.v3"; option java_outer_classname = "GenericConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Generic Connection Pool] // A connection pool which forwards downstream HTTP as TCP or HTTP to upstream, // based on CONNECT configuration. // [#extension: envoy.upstreams.http.generic] message GenericConnectionPoolProto { } ================================================ FILE: api/envoy/extensions/upstreams/http/http/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/upstreams/http/http/v3/http_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.http.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.http.v3"; option java_outer_classname = "HttpConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Http Connection Pool] // A connection pool which forwards downstream HTTP as HTTP to upstream. // [#extension: envoy.upstreams.http.http] message HttpConnectionPoolProto { } ================================================ FILE: api/envoy/extensions/upstreams/http/tcp/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/upstreams/http/tcp/v3/tcp_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.tcp.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.tcp.v3"; option java_outer_classname = "TcpConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tcp Connection Pool] // A connection pool which forwards downstream HTTP as TCP to upstream, // [#extension: envoy.upstreams.http.tcp] message TcpConnectionPoolProto { } ================================================ FILE: api/envoy/extensions/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/extensions/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.wasm.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.bootstrap.wasm] // Configuration for a Wasm VM. // [#next-free-field: 7] message VmConfig { // An ID which will be used along with a hash of the wasm code (or the name of the registered Null // VM plugin) to determine which VM will be used for the plugin. All plugins which use the same // *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can // reduce memory utilization and make sharing of data easier which may have security implications. // See ref: "TODO: add ref" for details. string vm_id = 1; // The Wasm runtime type (either "v8" or "null" for code compiled into Envoy). string runtime = 2 [(validate.rules).string = {min_len: 1}]; // The Wasm code that Envoy will execute. config.core.v3.AsyncDataSource code = 3; // The Wasm configuration used in initialization of a new VM // (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. google.protobuf.Any configuration = 4; // Allow the wasm file to include pre-compiled code on VMs which support it. // Warning: this should only be enable for trusted sources as the precompiled code is not // verified. bool allow_precompiled = 5; // If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration // update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter // warming state. bool nack_on_code_cache_miss = 6; } // Base Configuration for Wasm Plugins e.g. filters and services. // [#next-free-field: 6] message PluginConfig { // A unique name for a filters/services in a VM for use in identifying the filter/service if // multiple filters/services are handled by the same *vm_id* and *root_id* and for // logging/debugging. string name = 1; // A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts // if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all // filters/services with a blank root_id with the same *vm_id* will share Context(s). string root_id = 2; // Configuration for finding or starting VM. oneof vm { VmConfig vm_config = 3; // TODO: add referential VM configurations. } // Filter/service configuration used to configure or reconfigure a plugin // (proxy_on_configuration). // `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. google.protobuf.Any configuration = 4; // If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false), // then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error, // or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false // during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial // startup the proxy will not start. bool fail_open = 5; } // WasmService is configured as a built-in *envoy.wasm_service* :ref:`WasmService // ` This opaque configuration will be used to create a Wasm Service. message WasmService { // General plugin configuration. PluginConfig config = 1; // If true, create a single VM rather than creating one VM per worker. Such a singleton can // not be used with filters. bool singleton = 2; } ================================================ FILE: api/envoy/extensions/watchdog/abort_action/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/watchdog/abort_action/v3alpha/abort_action.proto ================================================ syntax = "proto3"; package envoy.extensions.watchdog.abort_action.v3alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.watchdog.abort_action.v3alpha"; option java_outer_classname = "AbortActionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Watchdog Action that sends a SIGABRT to kill the process.] // [#extension: envoy.watchdog.abort_action] // A GuardDogAction that will terminate the process by sending SIGABRT to the // stuck thread. This would allow easier access to the call stack of the stuck // thread since we would run signal handlers on that thread. This would be // more useful than the default watchdog kill behaviors since those PANIC // from the watchdog's thread. // This is currently only implemented for systems that support kill to send // signals. message AbortActionConfig { // How long to wait for the thread to respond to the SIGABRT before killing the // process from this action. This is a blocking action. google.protobuf.Duration wait_duration = 1; } ================================================ FILE: api/envoy/extensions/watchdog/profile_action/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/extensions/watchdog/profile_action/v3alpha/profile_action.proto ================================================ syntax = "proto3"; package envoy.extensions.watchdog.profile_action.v3alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.watchdog.profile_action.v3alpha"; option java_outer_classname = "ProfileActionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Watchdog Action that does CPU profiling.] // [#extension: envoy.watchdog.profile_action] // Configuration for the profile watchdog action. message ProfileActionConfig { // How long the profile should last. If not set defaults to 5 seconds. google.protobuf.Duration profile_duration = 1; // File path to the directory to output profiles. string profile_path = 2 [(validate.rules).string = {min_len: 1}]; // Limits the max number of profiles that can be generated by this action // over its lifetime to avoid filling the disk. // If not set (i.e. it's 0), a default of 10 will be used. uint64 max_profiles = 3; } ================================================ FILE: api/envoy/service/README.md ================================================ Protocol buffer definitions for gRPC and REST services. Visibility should be constrained to none (default). ================================================ FILE: api/envoy/service/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/data/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/accesslog/v2/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v2; import "envoy/api/v2/core/base.proto"; import "envoy/data/accesslog/v2/accesslog.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v2"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { message Identifier { // The node sending the access log messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_bytes: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { repeated data.accesslog.v2.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { repeated data.accesslog.v2.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: api/envoy/service/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/service/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/accesslog/v3/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/accesslog/v3/accesslog.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v3"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsResponse"; } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_len: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.HTTPAccessLogEntries"; repeated data.accesslog.v3.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.TCPAccessLogEntries"; repeated data.accesslog.v3.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: api/envoy/service/accesslog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/service/accesslog/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/accesslog/v4alpha/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/accesslog/v3/accesslog.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v4alpha"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsResponse"; } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_len: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.HTTPAccessLogEntries"; repeated data.accesslog.v3.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.TCPAccessLogEntries"; repeated data.accesslog.v3.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: api/envoy/service/auth/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/auth/v2/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v2"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. api.v2.core.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 12] message HttpRequest { // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. api.v2.core.Metadata metadata_context = 11; } ================================================ FILE: api/envoy/service/auth/v2/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2; import "envoy/api/v2/core/base.proto"; import "envoy/service/auth/v2/attribute_context.proto"; import "envoy/type/http_status.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v2"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated api.v2.core.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an ok response. message OkHttpResponse { // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated api.v2.core.HeaderValueOption headers = 2; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } } ================================================ FILE: api/envoy/service/auth/v2alpha/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. api_proto_package( has_services = True, deps = ["//envoy/service/auth/v2:pkg"], ) ================================================ FILE: api/envoy/service/auth/v2alpha/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2alpha; option java_multiple_files = true; option java_generic_services = true; option java_outer_classname = "CertsProto"; option java_package = "io.envoyproxy.envoy.service.auth.v2alpha"; import "envoy/service/auth/v2/external_auth.proto"; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(v2.CheckRequest) returns (v2.CheckResponse); } ================================================ FILE: api/envoy/service/auth/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/auth/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/auth/v3/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v3"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext"; // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.Peer"; // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. config.core.v3.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.Request"; // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 13] message HttpRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.HttpRequest"; // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; // The HTTP request body in bytes. This is used instead of // :ref:`body ` when // :ref:`pack_as_bytes ` // is set to true. bytes raw_body = 12; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. config.core.v3.Metadata metadata_context = 11; } ================================================ FILE: api/envoy/service/auth/v3/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v3; import "envoy/config/core/v3/base.proto"; import "envoy/service/auth/v3/attribute_context.proto"; import "envoy/type/v3/http_status.proto"; import "google/protobuf/struct.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v3"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.CheckRequest"; // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.DeniedHttpResponse"; // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.v3.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated config.core.v3.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an OK response. // [#next-free-field: 6] message OkHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.OkHttpResponse"; // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated config.core.v3.HeaderValueOption headers = 2; // HTTP entity headers to remove from the original request before dispatching // it to the upstream. This allows the authorization service to act on auth // related headers (like `Authorization`), process them, and consume them. // Under this model, the upstream will either receive the request (if it's // authorized) or not receive it (if it's not), but will not see headers // containing authorization credentials. // // Pseudo headers (such as `:authority`, `:method`, `:path` etc), as well as // the header `Host`, may not be removed as that would make the request // malformed. If mentioned in `headers_to_remove` these special headers will // be ignored. // // When using the HTTP service this must instead be set by the HTTP // authorization service as a comma separated list like so: // ``x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header``. repeated string headers_to_remove = 5; // This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata // `. Until it is removed, // setting this field overrides :ref:`CheckResponse.dynamic_metadata // `. google.protobuf.Struct dynamic_metadata = 3 [deprecated = true]; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.CheckResponse"; // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next // filter. This metadata lives in a namespace specified by the canonical name of extension filter // that requires it: // // - :ref:`envoy.filters.http.ext_authz ` for HTTP filter. // - :ref:`envoy.filters.network.ext_authz ` for network filter. google.protobuf.Struct dynamic_metadata = 4; } ================================================ FILE: api/envoy/service/auth/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/auth/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/auth/v4alpha/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v4alpha"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext"; // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.Peer"; // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. config.core.v4alpha.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.Request"; // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 13] message HttpRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.HttpRequest"; // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; // The HTTP request body in bytes. This is used instead of // :ref:`body ` when // :ref:`pack_as_bytes ` // is set to true. bytes raw_body = 12; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. config.core.v4alpha.Metadata metadata_context = 11; } ================================================ FILE: api/envoy/service/auth/v4alpha/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/service/auth/v4alpha/attribute_context.proto"; import "envoy/type/v3/http_status.proto"; import "google/protobuf/struct.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v4alpha"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.CheckRequest"; // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.DeniedHttpResponse"; // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.v3.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated config.core.v4alpha.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an OK response. // [#next-free-field: 6] message OkHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.OkHttpResponse"; reserved 3; reserved "dynamic_metadata"; // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated config.core.v4alpha.HeaderValueOption headers = 2; // HTTP entity headers to remove from the original request before dispatching // it to the upstream. This allows the authorization service to act on auth // related headers (like `Authorization`), process them, and consume them. // Under this model, the upstream will either receive the request (if it's // authorized) or not receive it (if it's not), but will not see headers // containing authorization credentials. // // Pseudo headers (such as `:authority`, `:method`, `:path` etc), as well as // the header `Host`, may not be removed as that would make the request // malformed. If mentioned in `headers_to_remove` these special headers will // be ignored. // // When using the HTTP service this must instead be set by the HTTP // authorization service as a comma separated list like so: // ``x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header``. repeated string headers_to_remove = 5; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.CheckResponse"; // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next // filter. This metadata lives in a namespace specified by the canonical name of extension filter // that requires it: // // - :ref:`envoy.filters.http.ext_authz ` for HTTP filter. // - :ref:`envoy.filters.network.ext_authz ` for network filter. google.protobuf.Struct dynamic_metadata = 4; } ================================================ FILE: api/envoy/service/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/cluster/v3/cds.proto ================================================ syntax = "proto3"; package envoy.service.cluster.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.cluster.v3"; option java_outer_classname = "CdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: CDS] // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.cluster.v3.Cluster"; rpc StreamClusters(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaClusters(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchClusters(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:clusters"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message CdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.CdsDummy"; } ================================================ FILE: api/envoy/service/discovery/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/discovery/v2/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaAggregatedResources(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { } ================================================ FILE: api/envoy/service/discovery/v2/hds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/api/v2/endpoint/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.health.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v2/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { api.v2.core.Node node = 1; Capability capability = 2; } message EndpointHealth { api.v2.endpoint.Endpoint endpoint = 1; api.v2.core.HealthStatus health_status = 2; } message EndpointHealthResponse { repeated EndpointHealth endpoints_health = 1; } message HealthCheckRequestOrEndpointHealthResponse { oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { api.v2.core.Locality locality = 1; repeated api.v2.endpoint.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { string cluster_name = 1; repeated api.v2.core.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; } message HealthCheckSpecifier { repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: api/envoy/service/discovery/v2/rtds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "RtdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.runtime.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Runtime Discovery Service (RTDS)] // RTDS :ref:`configuration overview ` // Discovery service for Runtime resources. service RuntimeDiscoveryService { option (envoy.annotations.resource).type = "envoy.service.discovery.v2.Runtime"; rpc StreamRuntime(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaRuntime(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchRuntime(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:runtime"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message RtdsDummy { } // RTDS resource type. This describes a layer in the runtime virtual filesystem. message Runtime { // Runtime resource name. This makes the Runtime a self-describing xDS // resource. string name = 1 [(validate.rules).string = {min_bytes: 1}]; google.protobuf.Struct layer = 2; } ================================================ FILE: api/envoy/service/discovery/v2/sds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "SdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.secret.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Secret Discovery Service (SDS)] service SecretDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.auth.Secret"; rpc DeltaSecrets(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc StreamSecrets(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc FetchSecrets(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:secrets"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message SdsDummy { } ================================================ FILE: api/envoy/service/discovery/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2:pkg", "//envoy/config/core/v3:pkg", "//envoy/service/discovery/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/service/discovery/v3/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v3; import "envoy/service/discovery/v3/discovery.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v3"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaAggregatedResources(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.AdsDummy"; } ================================================ FILE: api/envoy/service/discovery/v3/discovery.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/core/v1/resource_name.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v3"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryRequest"; // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. config.core.v3.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryResponse"; // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. config.core.v3.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 10] message DeltaDiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryRequest"; // The node making the request. config.core.v3.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This does not need to be set if // resources are only referenced via *udpa_resource_subscribe* and // *udpa_resources_unsubscribe*. string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // As with *resource_names_subscribe* but used when subscribing to resources indicated // by a *udpa.core.v1.ResourceLocator*. The directives in the resource locator // are ignored and the context parameters are matched with // *context_param_specifier* specific semantics. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_subscribe = 8; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // As with *resource_names_unsubscribe* but used when unsubscribing to resources indicated by a // *udpa.core.v1.ResourceLocator*. This must match a previously subscribed // resource locator provided in *udpa_resources_subscribe*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_unsubscribe = 9; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 8] message DeltaDiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryResponse"; // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. // This does not need to be set if *udpa_removed_resources* is used instead of // *removed_resources*. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // As with *removed_resources* but used when a removed resource was named in // its *Resource*s with a *udpa.core.v1.ResourceName*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceName udpa_removed_resources = 7; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } // [#next-free-field: 6] message Resource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Resource"; // The resource's name, to distinguish it from others of the same type of resource. string name = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Used instead of *name* when a resource with a *udpa.core.v1.ResourceName* is delivered. udpa.core.v1.ResourceName udpa_resource_name = 5 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: api/envoy/service/discovery/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: api/envoy/service/discovery/v4alpha/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v4alpha; import "envoy/service/discovery/v4alpha/discovery.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v4alpha"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaAggregatedResources(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.AdsDummy"; } ================================================ FILE: api/envoy/service/discovery/v4alpha/discovery.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/core/v1/resource_name.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v4alpha"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DiscoveryRequest"; // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. config.core.v4alpha.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DiscoveryResponse"; // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. config.core.v4alpha.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 10] message DeltaDiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DeltaDiscoveryRequest"; // The node making the request. config.core.v4alpha.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This does not need to be set if // resources are only referenced via *udpa_resource_subscribe* and // *udpa_resources_unsubscribe*. string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // As with *resource_names_subscribe* but used when subscribing to resources indicated // by a *udpa.core.v1.ResourceLocator*. The directives in the resource locator // are ignored and the context parameters are matched with // *context_param_specifier* specific semantics. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_subscribe = 8; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // As with *resource_names_unsubscribe* but used when unsubscribing to resources indicated by a // *udpa.core.v1.ResourceLocator*. This must match a previously subscribed // resource locator provided in *udpa_resources_subscribe*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_unsubscribe = 9; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 8] message DeltaDiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DeltaDiscoveryResponse"; // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. // This does not need to be set if *udpa_removed_resources* is used instead of // *removed_resources*. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // As with *removed_resources* but used when a removed resource was named in // its *Resource*s with a *udpa.core.v1.ResourceName*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceName udpa_removed_resources = 7; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } // [#next-free-field: 6] message Resource { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.Resource"; oneof name_specifier { // The resource's name, to distinguish it from others of the same type of resource. string name = 3; // Used instead of *name* when a resource with a *udpa.core.v1.ResourceName* is delivered. udpa.core.v1.ResourceName udpa_resource_name = 5; } // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: api/envoy/service/endpoint/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/endpoint/v3/eds.proto ================================================ syntax = "proto3"; package envoy.service.endpoint.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.endpoint.v3"; option java_outer_classname = "EdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: EDS] // Endpoint discovery :ref:`architecture overview ` service EndpointDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.endpoint.v3.ClusterLoadAssignment"; // The resource_names field in DiscoveryRequest specifies a list of clusters // to subscribe to updates for. rpc StreamEndpoints(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaEndpoints(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchEndpoints(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:endpoints"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message EdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.EdsDummy"; } ================================================ FILE: api/envoy/service/event_reporting/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/event_reporting/v2alpha/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v2alpha; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v2alpha"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.event_reporting.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { message Identifier { // The node sending the event messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { } ================================================ FILE: api/envoy/service/event_reporting/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/event_reporting/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/event_reporting/v3/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v3"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsRequest.Identifier"; // The node sending the event messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsResponse"; } ================================================ FILE: api/envoy/service/event_reporting/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/event_reporting/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/event_reporting/v4alpha/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v4alpha"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsRequest.Identifier"; // The node sending the event messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsResponse"; } ================================================ FILE: api/envoy/service/extension/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/extension/v3/config_discovery.proto ================================================ syntax = "proto3"; package envoy.service.extension.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.extension.v3"; option java_outer_classname = "ConfigDiscoveryProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Extension Config Discovery Service (ECDS)] // Return extension configurations. service ExtensionConfigDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.core.v3.TypedExtensionConfig"; rpc StreamExtensionConfigs(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaExtensionConfigs(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchExtensionConfigs(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:extension_configs"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue // with importing services: https://github.com/google/protobuf/issues/4221 and // protoxform to upgrade the file. message EcdsDummy { } ================================================ FILE: api/envoy/service/health/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/discovery/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/health/v3/hds.proto ================================================ syntax = "proto3"; package envoy.service.health.v3; import "envoy/config/cluster/v3/cluster.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.health.v3"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v3/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.Capability"; // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckRequest"; config.core.v3.Node node = 1; Capability capability = 2; } message EndpointHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.EndpointHealth"; config.endpoint.v3.Endpoint endpoint = 1; config.core.v3.HealthStatus health_status = 2; } // Group endpoint health by locality under each cluster. message LocalityEndpointsHealth { config.core.v3.Locality locality = 1; repeated EndpointHealth endpoints_health = 2; } // The health status of endpoints in a cluster. The cluster name and locality // should match the corresponding fields in ClusterHealthCheck message. message ClusterEndpointsHealth { string cluster_name = 1; repeated LocalityEndpointsHealth locality_endpoints_health = 2; } message EndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.EndpointHealthResponse"; // Deprecated - Flat list of endpoint health information. repeated EndpointHealth endpoints_health = 1 [deprecated = true]; // Organize Endpoint health information by cluster. repeated ClusterEndpointsHealth cluster_endpoints_health = 2; } message HealthCheckRequestOrEndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse"; oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.LocalityEndpoints"; config.core.v3.Locality locality = 1; repeated config.endpoint.v3.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.ClusterHealthCheck"; string cluster_name = 1; repeated config.core.v3.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; // Optional map that gets filtered by :ref:`health_checks.transport_socket_match_criteria ` // on connection when health checking. For more details, see // :ref:`config.cluster.v3.Cluster.transport_socket_matches `. repeated config.cluster.v3.Cluster.TransportSocketMatch transport_socket_matches = 4; } message HealthCheckSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckSpecifier"; repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: api/envoy/service/health/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/health/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/health/v4alpha/hds.proto ================================================ syntax = "proto3"; package envoy.service.health.v4alpha; import "envoy/config/cluster/v4alpha/cluster.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.health.v4alpha"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v3/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.Capability"; // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckRequest"; config.core.v4alpha.Node node = 1; Capability capability = 2; } message EndpointHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.EndpointHealth"; config.endpoint.v3.Endpoint endpoint = 1; config.core.v4alpha.HealthStatus health_status = 2; } // Group endpoint health by locality under each cluster. message LocalityEndpointsHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.LocalityEndpointsHealth"; config.core.v4alpha.Locality locality = 1; repeated EndpointHealth endpoints_health = 2; } // The health status of endpoints in a cluster. The cluster name and locality // should match the corresponding fields in ClusterHealthCheck message. message ClusterEndpointsHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.ClusterEndpointsHealth"; string cluster_name = 1; repeated LocalityEndpointsHealth locality_endpoints_health = 2; } message EndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.EndpointHealthResponse"; reserved 1; reserved "endpoints_health"; // Organize Endpoint health information by cluster. repeated ClusterEndpointsHealth cluster_endpoints_health = 2; } message HealthCheckRequestOrEndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckRequestOrEndpointHealthResponse"; oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.LocalityEndpoints"; config.core.v4alpha.Locality locality = 1; repeated config.endpoint.v3.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.ClusterHealthCheck"; string cluster_name = 1; repeated config.core.v4alpha.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; // Optional map that gets filtered by :ref:`health_checks.transport_socket_match_criteria ` // on connection when health checking. For more details, see // :ref:`config.cluster.v3.Cluster.transport_socket_matches `. repeated config.cluster.v4alpha.Cluster.TransportSocketMatch transport_socket_matches = 4; } message HealthCheckSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckSpecifier"; repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: api/envoy/service/listener/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/listener/v3/lds.proto ================================================ syntax = "proto3"; package envoy.service.listener.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.listener.v3"; option java_outer_classname = "LdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener] // Listener :ref:`configuration overview ` // The Envoy instance initiates an RPC at startup to discover a list of // listeners. Updates are delivered via streaming from the LDS server and // consist of a complete update of all listeners. Existing connections will be // allowed to drain from listeners that are no longer present. service ListenerDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.listener.v3.Listener"; rpc DeltaListeners(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc StreamListeners(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc FetchListeners(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:listeners"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message LdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LdsDummy"; } ================================================ FILE: api/envoy/service/load_stats/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/load_stats/v2/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/endpoint/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v2"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Load reporting service] service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message LoadStatsRequest { // Node identifier for Envoy instance. api.v2.core.Node node = 1; // A list of load stats to report. repeated api.v2.endpoint.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message LoadStatsResponse { // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: api/envoy/service/load_stats/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/load_stats/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/load_stats/v3/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/endpoint/v3/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v3"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Load Reporting service (LRS)] // Load Reporting Service is an Envoy API to emit load reports. Envoy will initiate a bi-directional // stream with a management server. Upon connecting, the management server can send a // :ref:`LoadStatsResponse ` to a node it is // interested in getting the load reports for. Envoy in this node will start sending // :ref:`LoadStatsRequest `. This is done periodically // based on the :ref:`load reporting interval ` // For details, take a look at the :ref:`Load Reporting Service sandbox example `. service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. message LoadStatsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v2.LoadStatsRequest"; // Node identifier for Envoy instance. config.core.v3.Node node = 1; // A list of load stats to report. repeated config.endpoint.v3.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. message LoadStatsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v2.LoadStatsResponse"; // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: api/envoy/service/load_stats/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/load_stats/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/load_stats/v4alpha/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/endpoint/v3/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v4alpha"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Load Reporting service (LRS)] // Load Reporting Service is an Envoy API to emit load reports. Envoy will initiate a bi-directional // stream with a management server. Upon connecting, the management server can send a // :ref:`LoadStatsResponse ` to a node it is // interested in getting the load reports for. Envoy in this node will start sending // :ref:`LoadStatsRequest `. This is done periodically // based on the :ref:`load reporting interval ` // For details, take a look at the :ref:`Load Reporting Service sandbox example `. service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. message LoadStatsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v3.LoadStatsRequest"; // Node identifier for Envoy instance. config.core.v4alpha.Node node = 1; // A list of load stats to report. repeated config.endpoint.v3.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. message LoadStatsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v3.LoadStatsResponse"; // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: api/envoy/service/metrics/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: api/envoy/service/metrics/v2/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v2; import "envoy/api/v2/core/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v2"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { } message StreamMetricsMessage { message Identifier { // The node sending metrics over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: api/envoy/service/metrics/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/metrics/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: api/envoy/service/metrics/v3/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v3; import "envoy/config/core/v3/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v3"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsResponse"; } message StreamMetricsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsMessage.Identifier"; // The node sending metrics over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: api/envoy/service/metrics/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/metrics/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: api/envoy/service/metrics/v4alpha/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v4alpha"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsResponse"; } message StreamMetricsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsMessage.Identifier"; // The node sending metrics over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: api/envoy/service/ratelimit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/ratelimit:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/ratelimit/v2/rls.proto ================================================ syntax = "proto3"; package envoy.service.ratelimit.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/ratelimit/ratelimit.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v2"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate Limit Service (RLS)] service RateLimitService { // Determine whether rate limiting should take place. rpc ShouldRateLimit(RateLimitRequest) returns (RateLimitResponse) { } } // Main message for a rate limit request. The rate limit service is designed to be fully generic // in the sense that it can operate on arbitrary hierarchical key/value pairs. The loaded // configuration will parse the request and find the most specific limit to apply. In addition, // a RateLimitRequest can contain multiple "descriptors" to limit on. When multiple descriptors // are provided, the server will limit on *ALL* of them and return an OVER_LIMIT response if any // of them are over limit. This enables more complex application level rate limiting scenarios // if desired. message RateLimitRequest { // All rate limit requests must specify a domain. This enables the configuration to be per // application without fear of overlap. E.g., "envoy". string domain = 1; // All rate limit requests must specify at least one RateLimitDescriptor. Each descriptor is // processed by the service (see below). If any of the descriptors are over limit, the entire // request is considered to be over limit. repeated api.v2.ratelimit.RateLimitDescriptor descriptors = 2; // Rate limit requests can optionally specify the number of hits a request adds to the matched // limit. If the value is not set in the message, a request increases the matched limit by 1. uint32 hits_addend = 3; } // A response from a ShouldRateLimit call. message RateLimitResponse { enum Code { // The response code is not known. UNKNOWN = 0; // The response code to notify that the number of requests are under limit. OK = 1; // The response code to notify that the number of requests are over limit. OVER_LIMIT = 2; } // Defines an actual rate limit in terms of requests per unit of time and the unit itself. message RateLimit { enum Unit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } // A name or description of this limit. string name = 3; // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. Unit unit = 2; } message DescriptorStatus { // The response code for an individual descriptor. Code code = 1; // The current limit as configured by the server. Useful for debugging, etc. RateLimit current_limit = 2; // The limit remaining in the current time unit. uint32 limit_remaining = 3; } // The overall response code which takes into account all of the descriptors that were passed // in the RateLimitRequest message. Code overall_code = 1; // A list of DescriptorStatus messages which matches the length of the descriptor list passed // in the RateLimitRequest. This can be used by the caller to determine which individual // descriptors failed and/or what the currently configured limits are for all of them. repeated DescriptorStatus statuses = 2; // A list of headers to add to the response repeated api.v2.core.HeaderValue headers = 3 [(udpa.annotations.field_migrate).rename = "response_headers_to_add"]; // A list of headers to add to the request when forwarded repeated api.v2.core.HeaderValue request_headers_to_add = 4; } ================================================ FILE: api/envoy/service/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "//envoy/service/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/ratelimit/v3/rls.proto ================================================ syntax = "proto3"; package envoy.service.ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v3"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate Limit Service (RLS)] service RateLimitService { // Determine whether rate limiting should take place. rpc ShouldRateLimit(RateLimitRequest) returns (RateLimitResponse) { } } // Main message for a rate limit request. The rate limit service is designed to be fully generic // in the sense that it can operate on arbitrary hierarchical key/value pairs. The loaded // configuration will parse the request and find the most specific limit to apply. In addition, // a RateLimitRequest can contain multiple "descriptors" to limit on. When multiple descriptors // are provided, the server will limit on *ALL* of them and return an OVER_LIMIT response if any // of them are over limit. This enables more complex application level rate limiting scenarios // if desired. message RateLimitRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitRequest"; // All rate limit requests must specify a domain. This enables the configuration to be per // application without fear of overlap. E.g., "envoy". string domain = 1; // All rate limit requests must specify at least one RateLimitDescriptor. Each descriptor is // processed by the service (see below). If any of the descriptors are over limit, the entire // request is considered to be over limit. repeated envoy.extensions.common.ratelimit.v3.RateLimitDescriptor descriptors = 2; // Rate limit requests can optionally specify the number of hits a request adds to the matched // limit. If the value is not set in the message, a request increases the matched limit by 1. uint32 hits_addend = 3; } // A response from a ShouldRateLimit call. message RateLimitResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse"; enum Code { // The response code is not known. UNKNOWN = 0; // The response code to notify that the number of requests are under limit. OK = 1; // The response code to notify that the number of requests are over limit. OVER_LIMIT = 2; } // Defines an actual rate limit in terms of requests per unit of time and the unit itself. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.RateLimit"; // Identifies the unit of of time for rate limit. // [#comment: replace by envoy/type/v3/ratelimit_unit.proto in v4] enum Unit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } // A name or description of this limit. string name = 3; // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. Unit unit = 2; } message DescriptorStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.DescriptorStatus"; // The response code for an individual descriptor. Code code = 1; // The current limit as configured by the server. Useful for debugging, etc. RateLimit current_limit = 2; // The limit remaining in the current time unit. uint32 limit_remaining = 3; // Duration until reset of the current limit window. google.protobuf.Duration duration_until_reset = 4; } // The overall response code which takes into account all of the descriptors that were passed // in the RateLimitRequest message. Code overall_code = 1; // A list of DescriptorStatus messages which matches the length of the descriptor list passed // in the RateLimitRequest. This can be used by the caller to determine which individual // descriptors failed and/or what the currently configured limits are for all of them. repeated DescriptorStatus statuses = 2; // A list of headers to add to the response repeated config.core.v3.HeaderValue response_headers_to_add = 3; // A list of headers to add to the request when forwarded repeated config.core.v3.HeaderValue request_headers_to_add = 4; } ================================================ FILE: api/envoy/service/route/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/route/v3/rds.proto ================================================ syntax = "proto3"; package envoy.service.route.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.route.v3"; option java_outer_classname = "RdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. // This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. Each listener will bind its HTTP connection manager filter to // a route table via this identifier. service RouteDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.RouteConfiguration"; rpc StreamRoutes(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaRoutes(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchRoutes(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:routes"; option (google.api.http).body = "*"; } } // Virtual Host Discovery Service (VHDS) is used to dynamically update the list of virtual hosts for // a given RouteConfiguration. If VHDS is configured a virtual host list update will be triggered // during the processing of an HTTP request if a route for the request cannot be resolved. The // :ref:`resource_names_subscribe ` // field contains a list of virtual host names or aliases to track. The contents of an alias would // be the contents of a *host* or *authority* header used to make an http request. An xDS server // will match an alias to a virtual host based on the content of :ref:`domains' // ` field. The *resource_names_unsubscribe* field // contains a list of virtual host names that have been :ref:`unsubscribed // ` from the routing table associated with the RouteConfiguration. service VirtualHostDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.VirtualHost"; rpc DeltaVirtualHosts(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message RdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.RdsDummy"; } ================================================ FILE: api/envoy/service/route/v3/srds.proto ================================================ syntax = "proto3"; package envoy.service.route.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.route.v3"; option java_outer_classname = "SrdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SRDS] // * Routing :ref:`architecture overview ` // The Scoped Routes Discovery Service (SRDS) API distributes // :ref:`ScopedRouteConfiguration` // resources. Each ScopedRouteConfiguration resource represents a "routing // scope" containing a mapping that allows the HTTP connection manager to // dynamically assign a routing table (specified via a // :ref:`RouteConfiguration` message) to each // HTTP request. service ScopedRoutesDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.ScopedRouteConfiguration"; rpc StreamScopedRoutes(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaScopedRoutes(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchScopedRoutes(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:scoped-routes"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message SrdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.SrdsDummy"; } ================================================ FILE: api/envoy/service/runtime/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/runtime/v3/rtds.proto ================================================ syntax = "proto3"; package envoy.service.runtime.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.runtime.v3"; option java_outer_classname = "RtdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Runtime Discovery Service (RTDS)] // RTDS :ref:`configuration overview ` // Discovery service for Runtime resources. service RuntimeDiscoveryService { option (envoy.annotations.resource).type = "envoy.service.runtime.v3.Runtime"; rpc StreamRuntime(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaRuntime(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchRuntime(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:runtime"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message RtdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.RtdsDummy"; } // RTDS resource type. This describes a layer in the runtime virtual filesystem. message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.Runtime"; // Runtime resource name. This makes the Runtime a self-describing xDS // resource. string name = 1 [(validate.rules).string = {min_len: 1}]; google.protobuf.Struct layer = 2; } ================================================ FILE: api/envoy/service/secret/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/secret/v3/sds.proto ================================================ syntax = "proto3"; package envoy.service.secret.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.secret.v3"; option java_outer_classname = "SdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Secret Discovery Service (SDS)] service SecretDiscoveryService { option (envoy.annotations.resource).type = "envoy.extensions.transport_sockets.tls.v3.Secret"; rpc DeltaSecrets(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc StreamSecrets(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc FetchSecrets(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:secrets"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message SdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.SdsDummy"; } ================================================ FILE: api/envoy/service/status/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/status/v2/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v2; import "envoy/admin/v2alpha/config_dump.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.status.v2"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. In the // future, it can potentially be used as an interface to get the current // state directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v2/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. ERROR = 4; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.NodeMatcher node_matchers = 1; } // Detailed config (per xDS) with status. // [#next-free-field: 6] message PerXdsConfig { ConfigStatus status = 1; oneof per_xds_config { admin.v2alpha.ListenersConfigDump listener_config = 2; admin.v2alpha.ClustersConfigDump cluster_config = 3; admin.v2alpha.RoutesConfigDump route_config = 4; admin.v2alpha.ScopedRoutesConfigDump scoped_route_config = 5; } } // All xds configs for a particular client. message ClientConfig { // Node for a particular client. api.v2.core.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: api/envoy/service/status/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/service/status/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/status/v3/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v3; import "envoy/admin/v3/config_dump.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.status.v3"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. It can // also be used to get the current xDS states directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v3/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config from a management server view. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. The // attached config dump will be the latest config (the rejected one), since // it is the persisted version in the management server. ERROR = 4; } // Config status from a client-side view. enum ClientConfigStatus { // Config status is not available/unknown. CLIENT_UNKNOWN = 0; // Client requested the config but hasn't received any config from management // server yet. CLIENT_REQUESTED = 1; // Client received the config and replied with ACK. CLIENT_ACKED = 2; // Client received the config and replied with NACK. Notably, the attached // config dump is not the NACKed version, but the most recent accepted one. If // no config is accepted yet, the attached config dump will be empty. CLIENT_NACKED = 3; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientStatusRequest"; // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.v3.NodeMatcher node_matchers = 1; // The node making the csds request. config.core.v3.Node node = 2; } // Detailed config (per xDS) with status. // [#next-free-field: 8] message PerXdsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.PerXdsConfig"; // Config status generated by management servers. Will not be present if the // CSDS server is an xDS client. ConfigStatus status = 1 [(udpa.annotations.field_migrate).oneof_promotion = "status_config"]; // Client config status is populated by xDS clients. Will not be present if // the CSDS server is an xDS server. No matter what the client config status // is, xDS clients should always dump the most recent accepted xDS config. ClientConfigStatus client_status = 7 [(udpa.annotations.field_migrate).oneof_promotion = "status_config"]; oneof per_xds_config { admin.v3.ListenersConfigDump listener_config = 2; admin.v3.ClustersConfigDump cluster_config = 3; admin.v3.RoutesConfigDump route_config = 4; admin.v3.ScopedRoutesConfigDump scoped_route_config = 5; admin.v3.EndpointsConfigDump endpoint_config = 6; } } // All xds configs for a particular client. message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientConfig"; // Node for a particular client. config.core.v3.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientStatusResponse"; // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: api/envoy/service/status/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/service/status/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/status/v4alpha/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v4alpha; import "envoy/admin/v4alpha/config_dump.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.status.v4alpha"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. It can // also be used to get the current xDS states directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v3/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config from a management server view. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. The // attached config dump will be the latest config (the rejected one), since // it is the persisted version in the management server. ERROR = 4; } // Config status from a client-side view. enum ClientConfigStatus { // Config status is not available/unknown. CLIENT_UNKNOWN = 0; // Client requested the config but hasn't received any config from management // server yet. CLIENT_REQUESTED = 1; // Client received the config and replied with ACK. CLIENT_ACKED = 2; // Client received the config and replied with NACK. Notably, the attached // config dump is not the NACKed version, but the most recent accepted one. If // no config is accepted yet, the attached config dump will be empty. CLIENT_NACKED = 3; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientStatusRequest"; // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.v4alpha.NodeMatcher node_matchers = 1; // The node making the csds request. config.core.v4alpha.Node node = 2; } // Detailed config (per xDS) with status. // [#next-free-field: 8] message PerXdsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.PerXdsConfig"; oneof status_config { // Config status generated by management servers. Will not be present if the // CSDS server is an xDS client. ConfigStatus status = 1; // Client config status is populated by xDS clients. Will not be present if // the CSDS server is an xDS server. No matter what the client config status // is, xDS clients should always dump the most recent accepted xDS config. ClientConfigStatus client_status = 7; } oneof per_xds_config { admin.v4alpha.ListenersConfigDump listener_config = 2; admin.v4alpha.ClustersConfigDump cluster_config = 3; admin.v4alpha.RoutesConfigDump route_config = 4; admin.v4alpha.ScopedRoutesConfigDump scoped_route_config = 5; admin.v4alpha.EndpointsConfigDump endpoint_config = 6; } } // All xds configs for a particular client. message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientConfig"; // Node for a particular client. config.core.v4alpha.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientStatusResponse"; // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: api/envoy/service/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/data/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.service.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/grpc_service.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. MatchPredicate match_config = 1 [(validate.rules).message = {required: true}]; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. api.v2.core.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 9] message MatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; } } // HTTP headers match configuration. message HttpHeadersMatch { // HTTP headers to match. repeated api.v2.route.HeaderMatcher headers = 1; } // Tap output configuration. message OutputConfig { // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/service/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/data/tap/v2alpha/wrapper.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { message Identifier { // The node sending taps over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v2alpha.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { } ================================================ FILE: api/envoy/service/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/tap/v3:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/tap/v3/wrapper.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsRequest.Identifier"; // The node sending taps over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v3.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsResponse"; } ================================================ FILE: api/envoy/service/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/tap/v3:pkg", "//envoy/service/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/service/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/tap/v3/wrapper.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsRequest.Identifier"; // The node sending taps over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v3.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsResponse"; } ================================================ FILE: api/envoy/service/trace/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: api/envoy/service/trace/v2/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v2; import "envoy/api/v2/core/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v2"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { } message StreamTracesMessage { message Identifier { // The node sending the access log messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: api/envoy/service/trace/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: api/envoy/service/trace/v3/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v3; import "envoy/config/core/v3/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v3"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesResponse"; } message StreamTracesMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: api/envoy/service/trace/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: api/envoy/service/trace/v4alpha/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v4alpha"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesResponse"; } message StreamTracesMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: api/envoy/type/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/type/hash_policy.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HashPolicyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Hash Policy] // Specifies the hash policy message HashPolicy { // The source IP will be used to compute the hash used by hash-based load balancing // algorithms. message SourceIp { } oneof policy_specifier { option (validate.required) = true; SourceIp source_ip = 1; } } ================================================ FILE: api/envoy/type/http.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP] enum CodecClientType { HTTP1 = 0; HTTP2 = 1; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 2; } ================================================ FILE: api/envoy/type/http_status.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HttpStatusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP status codes] // HTTP response codes supported in Envoy. // For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml enum StatusCode { // Empty - This code not part of the HTTP status code specification, but it is needed for proto // `enum` type. Empty = 0; Continue = 100; OK = 200; Created = 201; Accepted = 202; NonAuthoritativeInformation = 203; NoContent = 204; ResetContent = 205; PartialContent = 206; MultiStatus = 207; AlreadyReported = 208; IMUsed = 226; MultipleChoices = 300; MovedPermanently = 301; Found = 302; SeeOther = 303; NotModified = 304; UseProxy = 305; TemporaryRedirect = 307; PermanentRedirect = 308; BadRequest = 400; Unauthorized = 401; PaymentRequired = 402; Forbidden = 403; NotFound = 404; MethodNotAllowed = 405; NotAcceptable = 406; ProxyAuthenticationRequired = 407; RequestTimeout = 408; Conflict = 409; Gone = 410; LengthRequired = 411; PreconditionFailed = 412; PayloadTooLarge = 413; URITooLong = 414; UnsupportedMediaType = 415; RangeNotSatisfiable = 416; ExpectationFailed = 417; MisdirectedRequest = 421; UnprocessableEntity = 422; Locked = 423; FailedDependency = 424; UpgradeRequired = 426; PreconditionRequired = 428; TooManyRequests = 429; RequestHeaderFieldsTooLarge = 431; InternalServerError = 500; NotImplemented = 501; BadGateway = 502; ServiceUnavailable = 503; GatewayTimeout = 504; HTTPVersionNotSupported = 505; VariantAlsoNegotiates = 506; InsufficientStorage = 507; LoopDetected = 508; NotExtended = 510; NetworkAuthenticationRequired = 511; } // HTTP status. message HttpStatus { // Supplies HTTP response code. StatusCode code = 1 [(validate.rules).enum = {defined_only: true not_in: 0}]; } ================================================ FILE: api/envoy/type/matcher/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/matcher/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/value.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/string.proto"; import "envoy/type/matcher/struct.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: api/envoy/type/matcher/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/range.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: api/envoy/type/matcher/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/string.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/type/matcher/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { // This field controls the RE2 "program size" which is a rough estimate of how complex a // compiled regex is to evaluate. A regex that has a program size greater than the configured // value will fail to compile. In this case, the configured max program size can be increased // or the regex can be simplified. If not specified, the default is 100. // // This field is deprecated; regexp validation should be performed on the management server // instead of being done by each individual client. google.protobuf.UInt32Value max_program_size = 1 [deprecated = true]; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: api/envoy/type/matcher/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 7] message StringMatcher { oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. // The regex grammar is defined `here // `_. // // Examples: // // * The regex ``\d{3}`` matches the value *123* // * The regex ``\d{3}`` does not match the value *1234* // * The regex ``\d{3}`` does not match the value *123.456* // // .. attention:: // This field has been deprecated in favor of `safe_regex` as it is not safe for use with // untrusted input in all cases. string regex = 4 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/type/matcher/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/value.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { // Specifies the segment in a path to retrieve value from Struct. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type/matcher:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/matcher/v3/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.MetadataMatcher"; // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.MetadataMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/v3/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/matcher/v3/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.NodeMatcher"; // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: api/envoy/type/matcher/v3/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.DoubleMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). type.v3.DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: api/envoy/type/matcher/v3/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.PathMatcher"; oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/type/matcher/v3/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatcher"; // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatcher.GoogleRE2"; // This field controls the RE2 "program size" which is a rough estimate of how complex a // compiled regex is to evaluate. A regex that has a program size greater than the configured // value will fail to compile. In this case, the configured max program size can be increased // or the regex can be simplified. If not specified, the default is 100. // // This field is deprecated; regexp validation should be performed on the management server // instead of being done by each individual client. google.protobuf.UInt32Value max_program_size = 1 [deprecated = true]; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatchAndSubstitute"; // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1 [(validate.rules).message = {required: true}]; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: api/envoy/type/matcher/v3/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 8] message StringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StringMatcher"; reserved 4; reserved "regex"; oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; // The input string must have the substring specified here. // Note: empty contains match is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc.def* string contains = 7 [(validate.rules).string = {min_len: 1}]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ListStringMatcher"; repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/type/matcher/v3/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StructMatcher"; // Specifies the segment in a path to retrieve value from Struct. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StructMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/v3/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/number.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ValueMatcher"; // NullMatch is an empty message to specify a null value. message NullMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ValueMatcher.NullMatch"; } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ListMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: api/envoy/type/matcher/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/matcher/v4alpha/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.MetadataMatcher"; // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.MetadataMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/v4alpha/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/matcher/v4alpha/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.NodeMatcher"; // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: api/envoy/type/matcher/v4alpha/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.DoubleMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). v3.DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: api/envoy/type/matcher/v4alpha/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.PathMatcher"; oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: api/envoy/type/matcher/v4alpha/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatcher"; // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatcher.GoogleRE2"; reserved 1; reserved "max_program_size"; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatchAndSubstitute"; // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1 [(validate.rules).message = {required: true}]; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: api/envoy/type/matcher/v4alpha/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 8] message StringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StringMatcher"; reserved 4; reserved "regex"; oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; // The input string must have the substring specified here. // Note: empty contains match is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc.def* string contains = 7 [(validate.rules).string = {min_len: 1}]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ListStringMatcher"; repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: api/envoy/type/matcher/v4alpha/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StructMatcher"; // Specifies the segment in a path to retrieve value from Struct. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StructMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: api/envoy/type/matcher/v4alpha/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/number.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ValueMatcher"; // NullMatch is an empty message to specify a null value. message NullMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ValueMatcher.NullMatch"; } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ListMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: api/envoy/type/matcher/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/number.proto"; import "envoy/type/matcher/string.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { // NullMatch is an empty message to specify a null value. message NullMatch { } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: api/envoy/type/metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: api/envoy/type/metadata/v2/metadata.proto ================================================ syntax = "proto3"; package envoy.type.metadata.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.metadata.v2"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.type.metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metadata] // MetadataKey provides a general interface using `key` and `path` to retrieve value from // :ref:`Metadata `. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.xxx: // prop: // foo: bar // xyz: // hello: envoy // // The following MetadataKey will retrieve a string value "bar" from the Metadata. // // .. code-block:: yaml // // key: envoy.xxx // path: // - key: prop // - key: foo // message MetadataKey { // Specifies the segment in a path to retrieve value from Metadata. // Currently it is only supported to specify the key, i.e. field name, as one segment of a path. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_bytes: 1}]; } } // The key name of Metadata to retrieve the Struct from the metadata. // Typically, it represents a builtin subsystem or custom extension. string key = 1 [(validate.rules).string = {min_bytes: 1}]; // The path to retrieve the Value from the Struct. It can be a prefix or a full path, // e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list // unless the list is the last segment. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; } // Describes what kind of metadata. message MetadataKind { // Represents dynamic metadata associated with the request. message Request { } // Represents metadata from :ref:`the route`. message Route { } // Represents metadata from :ref:`the upstream cluster`. message Cluster { } // Represents metadata from :ref:`the upstream // host`. message Host { } oneof kind { option (validate.required) = true; // Request kind of metadata. Request request = 1; // Route kind of metadata. Route route = 2; // Cluster kind of metadata. Cluster cluster = 3; // Host kind of metadata. Host host = 4; } } ================================================ FILE: api/envoy/type/metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/metadata/v3/metadata.proto ================================================ syntax = "proto3"; package envoy.type.metadata.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.metadata.v3"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metadata] // MetadataKey provides a general interface using `key` and `path` to retrieve value from // :ref:`Metadata `. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.xxx: // prop: // foo: bar // xyz: // hello: envoy // // The following MetadataKey will retrieve a string value "bar" from the Metadata. // // .. code-block:: yaml // // key: envoy.xxx // path: // - key: prop // - key: foo // message MetadataKey { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKey"; // Specifies the segment in a path to retrieve value from Metadata. // Currently it is only supported to specify the key, i.e. field name, as one segment of a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKey.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The key name of Metadata to retrieve the Struct from the metadata. // Typically, it represents a builtin subsystem or custom extension. string key = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. It can be a prefix or a full path, // e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list // unless the list is the last segment. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; } // Describes what kind of metadata. message MetadataKind { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind"; // Represents dynamic metadata associated with the request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Request"; } // Represents metadata from :ref:`the route`. message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Route"; } // Represents metadata from :ref:`the upstream cluster`. message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Cluster"; } // Represents metadata from :ref:`the upstream // host`. message Host { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Host"; } oneof kind { option (validate.required) = true; // Request kind of metadata. Request request = 1; // Route kind of metadata. Route route = 2; // Cluster kind of metadata. Cluster cluster = 3; // Host kind of metadata. Host host = 4; } } ================================================ FILE: api/envoy/type/percent.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "PercentProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Percent] // Identifies a percentage, in the range [0.0, 100.0]. message Percent { double value = 1 [(validate.rules).double = {lte: 100.0 gte: 0.0}]; } // A fractional percentage is used in cases in which for performance reasons performing floating // point to integer conversions during randomness calculations is undesirable. The message includes // both a numerator and denominator that together determine the final fractional value. // // * **Example**: 1/100 = 1%. // * **Example**: 3/10000 = 0.03%. message FractionalPercent { // Fraction percentages support several fixed denominator values. enum DenominatorType { // 100. // // **Example**: 1/100 = 1%. HUNDRED = 0; // 10,000. // // **Example**: 1/10000 = 0.01%. TEN_THOUSAND = 1; // 1,000,000. // // **Example**: 1/1000000 = 0.0001%. MILLION = 2; } // Specifies the numerator. Defaults to 0. uint32 numerator = 1; // Specifies the denominator. If the denominator specified is less than the numerator, the final // fractional percentage is capped at 1 (100%). DenominatorType denominator = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/type/range.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "RangeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Range] // Specifies the int64 start and end of the range using half-open interval semantics [start, // end). message Int64Range { // start of the range (inclusive) int64 start = 1; // end of the range (exclusive) int64 end = 2; } // Specifies the int32 start and end of the range using half-open interval semantics [start, // end). message Int32Range { // start of the range (inclusive) int32 start = 1; // end of the range (exclusive) int32 end = 2; } // Specifies the double start and end of the range using half-open interval semantics [start, // end). message DoubleRange { // start of the range (inclusive) double start = 1; // end of the range (exclusive) double end = 2; } ================================================ FILE: api/envoy/type/semantic_version.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "SemanticVersionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Semantic Version] // Envoy uses SemVer (https://semver.org/). Major/minor versions indicate // expected behaviors and APIs, the patch version field is used only // for security fixes and can be generally ignored. message SemanticVersion { uint32 major_number = 1; uint32 minor_number = 2; uint32 patch = 3; } ================================================ FILE: api/envoy/type/token_bucket.proto ================================================ syntax = "proto3"; package envoy.type; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "TokenBucketProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Token bucket] // Configures a token bucket, typically used for rate limiting. message TokenBucket { // The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket // initially contains. uint32 max_tokens = 1 [(validate.rules).uint32 = {gt: 0}]; // The number of tokens added to the bucket during each fill interval. If not specified, defaults // to a single token. google.protobuf.UInt32Value tokens_per_fill = 2 [(validate.rules).uint32 = {gt: 0}]; // The fill interval that tokens are added to the bucket. During each fill interval // `tokens_per_fill` are added to the bucket. The bucket will never contain more than // `max_tokens` tokens. google.protobuf.Duration fill_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } ================================================ FILE: api/envoy/type/tracing/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/tracing/v2/custom_tag.proto ================================================ syntax = "proto3"; package envoy.type.tracing.v2; import "envoy/type/metadata/v2/metadata.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.tracing.v2"; option java_outer_classname = "CustomTagProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Custom Tag] // Describes custom tags for the active span. // [#next-free-field: 6] message CustomTag { // Literal type custom tag with static value for the tag value. message Literal { // Static literal value to populate the tag value. string value = 1 [(validate.rules).string = {min_bytes: 1}]; } // Environment type custom tag with environment name and default value. message Environment { // Environment variable name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When the environment variable is not found, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Header type custom tag with header name and default value. message Header { // Header name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // When the header does not exist, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Metadata type custom tag using // :ref:`MetadataKey ` to retrieve the protobuf value // from :ref:`Metadata `, and populate the tag value with // `the canonical JSON `_ // representation of it. message Metadata { // Specify what kind of metadata to obtain tag value from. metadata.v2.MetadataKind kind = 1; // Metadata key to define the path to retrieve the tag value. metadata.v2.MetadataKey metadata_key = 2; // When no valid metadata is found, // the tag value would be populated with this default value if specified, // otherwise no tag would be populated. string default_value = 3; } // Used to populate the tag name. string tag = 1 [(validate.rules).string = {min_bytes: 1}]; // Used to specify what kind of custom tag. oneof type { option (validate.required) = true; // A literal custom tag. Literal literal = 2; // An environment custom tag. Environment environment = 3; // A request header custom tag. Header request_header = 4; // A custom tag to obtain tag value from the metadata. Metadata metadata = 5; } } ================================================ FILE: api/envoy/type/tracing/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/tracing/v3/custom_tag.proto ================================================ syntax = "proto3"; package envoy.type.tracing.v3; import "envoy/type/metadata/v3/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.tracing.v3"; option java_outer_classname = "CustomTagProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Custom Tag] // Describes custom tags for the active span. // [#next-free-field: 6] message CustomTag { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag"; // Literal type custom tag with static value for the tag value. message Literal { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Literal"; // Static literal value to populate the tag value. string value = 1 [(validate.rules).string = {min_len: 1}]; } // Environment type custom tag with environment name and default value. message Environment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Environment"; // Environment variable name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_len: 1}]; // When the environment variable is not found, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Header type custom tag with header name and default value. message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Header"; // Header name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // When the header does not exist, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Metadata type custom tag using // :ref:`MetadataKey ` to retrieve the protobuf value // from :ref:`Metadata `, and populate the tag value with // `the canonical JSON `_ // representation of it. message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Metadata"; // Specify what kind of metadata to obtain tag value from. metadata.v3.MetadataKind kind = 1; // Metadata key to define the path to retrieve the tag value. metadata.v3.MetadataKey metadata_key = 2; // When no valid metadata is found, // the tag value would be populated with this default value if specified, // otherwise no tag would be populated. string default_value = 3; } // Used to populate the tag name. string tag = 1 [(validate.rules).string = {min_len: 1}]; // Used to specify what kind of custom tag. oneof type { option (validate.required) = true; // A literal custom tag. Literal literal = 2; // An environment custom tag. Environment environment = 3; // A request header custom tag. Header request_header = 4; // A custom tag to obtain tag value from the metadata. Metadata metadata = 5; } } ================================================ FILE: api/envoy/type/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: api/envoy/type/v3/hash_policy.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HashPolicyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Hash Policy] // Specifies the hash policy message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HashPolicy"; // The source IP will be used to compute the hash used by hash-based load balancing // algorithms. message SourceIp { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HashPolicy.SourceIp"; } oneof policy_specifier { option (validate.required) = true; SourceIp source_ip = 1; } } ================================================ FILE: api/envoy/type/v3/http.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP] enum CodecClientType { HTTP1 = 0; HTTP2 = 1; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 2; } ================================================ FILE: api/envoy/type/v3/http_status.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HttpStatusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP status codes] // HTTP response codes supported in Envoy. // For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml enum StatusCode { // Empty - This code not part of the HTTP status code specification, but it is needed for proto // `enum` type. Empty = 0; Continue = 100; OK = 200; Created = 201; Accepted = 202; NonAuthoritativeInformation = 203; NoContent = 204; ResetContent = 205; PartialContent = 206; MultiStatus = 207; AlreadyReported = 208; IMUsed = 226; MultipleChoices = 300; MovedPermanently = 301; Found = 302; SeeOther = 303; NotModified = 304; UseProxy = 305; TemporaryRedirect = 307; PermanentRedirect = 308; BadRequest = 400; Unauthorized = 401; PaymentRequired = 402; Forbidden = 403; NotFound = 404; MethodNotAllowed = 405; NotAcceptable = 406; ProxyAuthenticationRequired = 407; RequestTimeout = 408; Conflict = 409; Gone = 410; LengthRequired = 411; PreconditionFailed = 412; PayloadTooLarge = 413; URITooLong = 414; UnsupportedMediaType = 415; RangeNotSatisfiable = 416; ExpectationFailed = 417; MisdirectedRequest = 421; UnprocessableEntity = 422; Locked = 423; FailedDependency = 424; UpgradeRequired = 426; PreconditionRequired = 428; TooManyRequests = 429; RequestHeaderFieldsTooLarge = 431; InternalServerError = 500; NotImplemented = 501; BadGateway = 502; ServiceUnavailable = 503; GatewayTimeout = 504; HTTPVersionNotSupported = 505; VariantAlsoNegotiates = 506; InsufficientStorage = 507; LoopDetected = 508; NotExtended = 510; NetworkAuthenticationRequired = 511; } // HTTP status. message HttpStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HttpStatus"; // Supplies HTTP response code. StatusCode code = 1 [(validate.rules).enum = {defined_only: true not_in: 0}]; } ================================================ FILE: api/envoy/type/v3/percent.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "PercentProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Percent] // Identifies a percentage, in the range [0.0, 100.0]. message Percent { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Percent"; double value = 1 [(validate.rules).double = {lte: 100.0 gte: 0.0}]; } // A fractional percentage is used in cases in which for performance reasons performing floating // point to integer conversions during randomness calculations is undesirable. The message includes // both a numerator and denominator that together determine the final fractional value. // // * **Example**: 1/100 = 1%. // * **Example**: 3/10000 = 0.03%. message FractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.type.FractionalPercent"; // Fraction percentages support several fixed denominator values. enum DenominatorType { // 100. // // **Example**: 1/100 = 1%. HUNDRED = 0; // 10,000. // // **Example**: 1/10000 = 0.01%. TEN_THOUSAND = 1; // 1,000,000. // // **Example**: 1/1000000 = 0.0001%. MILLION = 2; } // Specifies the numerator. Defaults to 0. uint32 numerator = 1; // Specifies the denominator. If the denominator specified is less than the numerator, the final // fractional percentage is capped at 1 (100%). DenominatorType denominator = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: api/envoy/type/v3/range.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "RangeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Range] // Specifies the int64 start and end of the range using half-open interval semantics [start, // end). message Int64Range { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Int64Range"; // start of the range (inclusive) int64 start = 1; // end of the range (exclusive) int64 end = 2; } // Specifies the int32 start and end of the range using half-open interval semantics [start, // end). message Int32Range { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Int32Range"; // start of the range (inclusive) int32 start = 1; // end of the range (exclusive) int32 end = 2; } // Specifies the double start and end of the range using half-open interval semantics [start, // end). message DoubleRange { option (udpa.annotations.versioning).previous_message_type = "envoy.type.DoubleRange"; // start of the range (inclusive) double start = 1; // end of the range (exclusive) double end = 2; } ================================================ FILE: api/envoy/type/v3/ratelimit_unit.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "RatelimitUnitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Ratelimit Time Unit] // Identifies the unit of of time for rate limit. enum RateLimitUnit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } ================================================ FILE: api/envoy/type/v3/semantic_version.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "SemanticVersionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Semantic Version] // Envoy uses SemVer (https://semver.org/). Major/minor versions indicate // expected behaviors and APIs, the patch version field is used only // for security fixes and can be generally ignored. message SemanticVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.type.SemanticVersion"; uint32 major_number = 1; uint32 minor_number = 2; uint32 patch = 3; } ================================================ FILE: api/envoy/type/v3/token_bucket.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "TokenBucketProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Token bucket] // Configures a token bucket, typically used for rate limiting. message TokenBucket { option (udpa.annotations.versioning).previous_message_type = "envoy.type.TokenBucket"; // The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket // initially contains. uint32 max_tokens = 1 [(validate.rules).uint32 = {gt: 0}]; // The number of tokens added to the bucket during each fill interval. If not specified, defaults // to a single token. google.protobuf.UInt32Value tokens_per_fill = 2 [(validate.rules).uint32 = {gt: 0}]; // The fill interval that tokens are added to the bucket. During each fill interval // `tokens_per_fill` are added to the bucket. The bucket will never contain more than // `max_tokens` tokens. google.protobuf.Duration fill_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } ================================================ FILE: api/examples/service_envoy/BUILD ================================================ licenses(["notice"]) # Apache 2 exports_files([ "http_connection_manager.pb", "listeners.pb", ]) ================================================ FILE: api/examples/service_envoy/http_connection_manager.pb ================================================ codec_type: AUTO stat_prefix: "ingress_http" route_config { virtual_hosts { name: "service" domains: "*" routes { match { prefix: "/service" } route { cluster: "local_service" timeout { seconds: 0 } } } } } http_filters { name: "router" } ================================================ FILE: api/examples/service_envoy/listeners.pb ================================================ address { socket_address { protocol: TCP port_value: 80 } } filter_chains { filters { name: "http_connection_manager" } } ================================================ FILE: api/test/build/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_test", "api_go_test") licenses(["notice"]) # Apache 2 api_cc_test( name = "build_test", srcs = ["build_test.cc"], deps = [ "//envoy/api/v2:pkg_cc_proto", "//envoy/service/accesslog/v2:pkg_cc_proto", "//envoy/service/discovery/v2:pkg_cc_proto", "//envoy/service/metrics/v2:pkg_cc_proto", "//envoy/service/ratelimit/v2:pkg_cc_proto", "@com_github_cncf_udpa//udpa/service/orca/v1:pkg_cc_proto", ], ) api_go_test( name = "go_build_test", size = "small", srcs = ["go_build_test.go"], importpath = "go_build_test", deps = [ "//envoy/api/v2:pkg_go_proto", "//envoy/api/v2/auth:pkg_go_proto", "//envoy/config/bootstrap/v2:pkg_go_proto", "//envoy/service/accesslog/v2:pkg_go_proto", "//envoy/service/discovery/v2:pkg_go_proto", "//envoy/service/metrics/v2:pkg_go_proto", "//envoy/service/ratelimit/v2:pkg_go_proto", "//envoy/service/trace/v2:pkg_go_proto", ], ) ================================================ FILE: api/test/build/build_test.cc ================================================ // NOLINT(namespace-envoy) #include #include #include "google/protobuf/descriptor.h" // Basic C++ build/link validation for the v2 xDS APIs. int main(int argc, char* argv[]) { const auto methods = { "envoy.api.v2.ClusterDiscoveryService.FetchClusters", "envoy.api.v2.ClusterDiscoveryService.StreamClusters", "envoy.api.v2.EndpointDiscoveryService.FetchEndpoints", "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints", "envoy.api.v2.ListenerDiscoveryService.FetchListeners", "envoy.api.v2.ListenerDiscoveryService.StreamListeners", "envoy.api.v2.RouteDiscoveryService.FetchRoutes", "envoy.api.v2.RouteDiscoveryService.StreamRoutes", "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources", "envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck", "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck", "envoy.service.discovery.v2.RuntimeDiscoveryService.FetchRuntime", "envoy.service.discovery.v2.RuntimeDiscoveryService.StreamRuntime", "envoy.service.accesslog.v2.AccessLogService.StreamAccessLogs", "envoy.service.metrics.v2.MetricsService.StreamMetrics", "envoy.service.ratelimit.v2.RateLimitService.ShouldRateLimit", "udpa.service.orca.v1.OpenRcaService.StreamCoreMetrics", }; for (const auto& method : methods) { if (google::protobuf::DescriptorPool::generated_pool()->FindMethodByName(method) == nullptr) { std::cout << "Unable to find method descriptor for " << method << std::endl; exit(EXIT_FAILURE); } } exit(EXIT_SUCCESS); } ================================================ FILE: api/test/build/go_build_test.go ================================================ package go_build_test import ( "testing" _ "github.com/envoyproxy/go-control-plane/envoy/api/v2" _ "github.com/envoyproxy/go-control-plane/envoy/api/v2/auth" _ "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/accesslog/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/metrics/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/ratelimit/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/trace/v2" ) func TestNoop(t *testing.T) { // Noop test that verifies the successful importation of Envoy V2 API protos } ================================================ FILE: api/test/validate/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_test") licenses(["notice"]) # Apache 2 api_cc_test( name = "pgv_test", srcs = ["pgv_test.cc"], deps = [ "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/api/v2/core:pkg_cc_proto", "@envoy_api//envoy/api/v2/listener:pkg_cc_proto", "@envoy_api//envoy/api/v2/route:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/accesslog/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/buffer/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/fault/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/gzip/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/header_to_metadata/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/health_check/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/ip_tagging/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/lua/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/router/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/squash/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/http/transcoder/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/network/http_connection_manager/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/network/mongo_proxy/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/network/redis_proxy/v2:pkg_cc_proto", "@envoy_api//envoy/config/filter/network/tcp_proxy/v2:pkg_cc_proto", "@envoy_api//envoy/config/health_checker/redis/v2:pkg_cc_proto", ], ) ================================================ FILE: api/test/validate/pgv_test.cc ================================================ // NOLINT(namespace-envoy) #include #include // We don't use all the headers in the test below, but including them anyway as // a cheap way to get some C++ compiler sanity checking. #include "envoy/api/v2/cluster.pb.validate.h" #include "envoy/api/v2/endpoint.pb.validate.h" #include "envoy/api/v2/listener.pb.validate.h" #include "envoy/api/v2/route.pb.validate.h" #include "envoy/api/v2/core/protocol.pb.validate.h" #include "envoy/config/health_checker/redis/v2/redis.pb.validate.h" #include "envoy/config/filter/accesslog/v2/accesslog.pb.validate.h" #include "envoy/config/filter/http/buffer/v2/buffer.pb.validate.h" #include "envoy/config/filter/http/fault/v2/fault.pb.validate.h" #include "envoy/config/filter/http/gzip/v2/gzip.pb.validate.h" #include "envoy/config/filter/http/health_check/v2/health_check.pb.validate.h" #include "envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.pb.validate.h" #include "envoy/config/filter/http/ip_tagging/v2/ip_tagging.pb.validate.h" #include "envoy/config/filter/http/lua/v2/lua.pb.validate.h" #include "envoy/config/filter/http/router/v2/router.pb.validate.h" #include "envoy/config/filter/http/squash/v2/squash.pb.validate.h" #include "envoy/config/filter/http/transcoder/v2/transcoder.pb.validate.h" #include "envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.pb.validate.h" #include "envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.pb.validate.h" #include "envoy/config/filter/network/redis_proxy/v2/redis_proxy.pb.validate.h" #include "envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.pb.validate.h" #include "envoy/api/v2/listener/listener.pb.validate.h" #include "envoy/api/v2/route/route.pb.validate.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h" #include "google/protobuf/text_format.h" template struct TestCase { void run() { std::string err; if (Validate(invalid_message, &err)) { std::cerr << "Unexpected successful validation of invalid message: " << invalid_message.DebugString() << std::endl; exit(EXIT_FAILURE); } if (!Validate(valid_message, &err)) { std::cerr << "Unexpected failed validation of valid message: " << valid_message.DebugString() << ", " << err << std::endl; exit(EXIT_FAILURE); } } Proto& invalid_message; Proto& valid_message; }; // Basic protoc-gen-validate C++ validation header inclusion and Validate calls // from data plane API. int main(int argc, char* argv[]) { envoy::config::bootstrap::v2::Bootstrap invalid_bootstrap; invalid_bootstrap.mutable_static_resources()->add_clusters(); // This is a baseline test of the validation features we care about. It's // probably not worth adding in every filter and field that we want to valid // in the API upfront, but as regressions occur, this is the place to add the // specific case. const std::string valid_bootstrap_text = R"EOF( node {} cluster_manager {} admin { access_log_path: "/dev/null" address { pipe { path: "/" } } } )EOF"; envoy::config::bootstrap::v2::Bootstrap valid_bootstrap; if (!google::protobuf::TextFormat::ParseFromString(valid_bootstrap_text, &valid_bootstrap)) { std::cerr << "Unable to parse text proto: " << valid_bootstrap_text << std::endl; exit(EXIT_FAILURE); } TestCase{invalid_bootstrap, valid_bootstrap}.run(); exit(EXIT_SUCCESS); } ================================================ FILE: api/tools/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary", "py_test") licenses(["notice"]) # Apache 2 py_binary( name = "tap2pcap", srcs = ["tap2pcap.py"], licenses = ["notice"], # Apache 2 visibility = ["//visibility:public"], deps = ["//envoy/data/tap/v2alpha:pkg_py_proto"], ) py_test( name = "tap2pcap_test", srcs = ["tap2pcap_test.py"], data = [ "data/tap2pcap_h2_ipv4.pb_text", "data/tap2pcap_h2_ipv4.txt", ], # Don't run this by default, since we don't want to force local dependency on Wireshark/tshark, # will explicitly invoke in CI. tags = ["manual"], visibility = ["//visibility:public"], deps = [":tap2pcap"], ) py_binary( name = "generate_listeners", srcs = ["generate_listeners.py"], licenses = ["notice"], # Apache 2 visibility = ["//visibility:public"], deps = [ "//envoy/api/v2:pkg_py_proto", "//envoy/config/filter/network/http_connection_manager/v2:pkg_py_proto", ], ) py_test( name = "generate_listeners_test", srcs = ["generate_listeners_test.py"], data = [ "//examples/service_envoy:http_connection_manager.pb", "//examples/service_envoy:listeners.pb", ], visibility = ["//visibility:public"], deps = [":generate_listeners"], ) ================================================ FILE: api/tools/data/tap2pcap_h2_ipv4.pb_text ================================================ socket_buffered_trace { connection { local_address { socket_address { address: "127.0.0.1" port_value: 10000 } } remote_address { socket_address { address: "127.0.0.1" port_value: 53288 } } } events { timestamp { seconds: 1525207293 nanos: 216737962 } read { data: { as_bytes: "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n\000\000\022\004\000\000\000\000\000\000\003\000\000\000d\000\004@\000\000\000\000\002\000\000\000\000\000\000\004\010\000\000\000\000\000?\377\000\001\000\000\036\001\005\000\000\000\001\202\204\206A\212\240\344\035\023\235\t\270\020\000\000z\210%\266P\303\253\266\362\340S\003*/*" } } } events { timestamp { seconds: 1525207293 nanos: 230450657 } write { data: { as_bytes: "\000\000\006\004\000\000\000\000\000\000\004\020\000\000\000\000\000\000\004\001\000\000\000\000\000\000\004\010\000\000\000\000\000\017\377\000\001" } } } events { timestamp { seconds: 1525207293 nanos: 230558250 } read { data: { as_bytes: "\000\000\000\004\001\000\000\000\000" } } } events { timestamp { seconds: 1525207293 nanos: 345386933 } write { data: { as_bytes: "\000\025\223\001\004\000\000\000\001\210@\217\362\264\307<\324\025d\025\0101\352X\325J\177\211\3056\316p\232l\371!\301\000\216\362\264\307<\324\025b\371\254\266\032\222\324\237\377\277 \023n6\357\320\200\027]o\350@\013\300s\350@\013\302\177\351\326\302\333\241\372u\2612\363\237Ae\260\205\327>\202\313b\003\301\372\013-\211\226\333\372\013-\211\226\335\372\013-\211\267\033\372\013-\211\366[\372\013-\211\367\001\364\026[d\017\271\364\026[d/=\364\026[dL\271\364\026[e\221;\364\026[e\267\031\372\013-\262\353N\375\005\226\331x\014\375\005\226\331x\r}\005\226\331x \372\013-\262\360^\372\013-\262\373\200\372\013-\262\373\354\375\005\226\332\003\356}\005\226\332\013\216\375\005\226\332\013\316\375\005\226\332\020\232\372\013-\264&\203\364\026[hN\273\364\026[i\220;\364\026[i\226\231\372\013-\264\350\003\364\026[i\326\335\372\013-\264\360[\372\013-\264\363m}\005\226\332|-\375\005\226\332}\347~\202\313m\201\227~\202\313m\210\"\372\013-\266\'\032\372\013-\266\'\303\364\026[m\246\335\372\013-\266\330]\372\013-\266\333\356\375\005\226\333m\367\376\202\313m\270\340\276\202\313m\272\340~\202\313m\272\350~\202\313m\272\363?Ae\266\335y\377\240\262\333o8\017\240\262\333o\211\237\240\262\333\200\020>\202\313n\000L\375\005\226\334\003N}\005\226\334\003\257\375\005\226\334\010^\372\013-\270\027\201\364\026[p/\013\350,\266\340\234o\350,\266\343 o\350,\266\343L\271\364\026[q\246\201\364\026[q\300\207\350,\266\343\201o\350,\266\343\201w\350,\266\343\201\177\350,\266\343\216\003\350,\266\343\217\273\364\026[q\3215\364\026[q\326\235\372\013-\270\353\257\375\005\226\334u\367>\202\313n<\333?Ae\267\036u\377\240\262\333\217\200?Ae\267\037i\377\240\262\333\240e\317\240\262\333\240x_Ae\267B\313\337Ae\267B\320\276\202\313n\205\307\276\202\313n\205\347>\202\313n\210\017\375\005\226\335\020_\372\013-\272\313m\375\005\226\335h\017\375\005\226\335h!\372\013-\272\320\203\364\026[u\247\237\372\013-\272\343\301\372\013-\272\363-}\005\226\335|.\375\005\226\335}\227~\202\313n\276\343?Ae\267_}\237\240\262\333\300q\257\240\262\333\300t?Ae\267\200\353?Ae\267\200\370~\202\313o\004\017}\005\226\336\010C\364\026[x!s\350,\266\360\204\357\320Ym\3416\037\240\262\333\302}\237\240\262\333\314\205\377\240\262\333\314\272\377\320Ym\346\200\017\240\262\333\315\005\257\240\262\333\315\010?Ae\267\232\023\177Ae\267\234\020~\202\313o8\313\337Ae\267\234h_Ae\267\234}\377\240\262\333\317>\017\240\262\333\317\205\377\240\262\333\340\013\377Ae\267\300\313\337Ae\267\304\360\276\204\330\002&\335\372h\002e\240\277\364\320\004\373\301o\351\2402\020\201\377\246\200\310B\343_M\001\226\231d?M\001\226\236h\037M\001\227\237}\237\246\200\320\002\313\177M\001\246B\370>\232\003L\264\370\276\232\003M\274\320~\232\003N\270\360\276\232\003O2\323\277M\001\261:\340~\232\003m\262\343\177M\001\267\032p\037M\001\267\202\323\337M\001\267\336u\317\246\200\340\237y\277\246\200\343\254\270\327\323@q\346\337\027\323@q\360>\317\323@q\360>\337\323@q\367\031k\351\2408\373\214\271\364\320\034}\347\034\372h\016\204\016\203\351\240:\026\\\007\323@t.\274/\246\200\353o\005\317\246\200\353\217\274\347\323@u\360\t\357\246\200\353\342\003\237M\001\327\334m\317\246\200\353\3568\037\246\200\353\3568\377\323@x\014\211\257\246\200\360\033\013\337M\001\3406&\276\232\003\301\003/}4\007\204 \277\364\320\036d-;\364\320\036e\366\301\364\320\036i\240\263\364\320\036i\2417\364\320\036i\320\273\364\320\036m\327\201\364\320\036q\367]\372h\017>\026\305\364\320\037\000\202/\246\200\370\031\010>\232\003\355\276\020}4\007\334\023\315\3754\007\334\023\316}4\007\334y\306~\232\003\356>\323\337M\001\367B\333?M\001\367Zq\377\246\200\373\257\210_M\001\367_\023\377M\001\367\202\320>\232\003\3574\340>\232\003\3578\373\377M\001\367\235\020~\232\003\357:\'\276\232\010\000!9\364\320@\021\004?M\004\014\205\366~\232\010\031i\340\3754\0204\363b\372h m\226\\\372h m\247\303\364\320@\343-;\364\320@\343\2179\364\320@\343\317\203\351\240\201\326\302\337\323A\003\255\262\017\246\202\007_\013_M\004\017<\006\376\232\010\036y\227~\232\010\037d.}4\020>\323\340\372h!\013\340k\351\240\204/\266\337\323A\010_p?M\004-4\343\277M\004-6\353_M\004-6\373\277M\004-\211\340\3754\020\266\320A\364\320B\333\217\273\364\320B\343 o\351\240\205\306@\357\323A\013\241p?M\004.\205\320\3754\020\272\330Y\372h!u\360\265\364\320B\360\037\027\323A\013\315\264\367\323A\013\340d_M\004/\201\226\276\232\010_\003.}4\020\276\006\201\364\320B\370\035k\351\240\205\366\331g\351\240\205\366\336k\351\240\210\014\262/\246\202 6\373?M\004@q\300}4\021\004.\263\364\320D\020\272\337\323A\020Zi\277\246\202 \264\373?M\004Al/}4\021\005\307\334\372h\"\020\236\027\323A\023.4\037\246\202&\204\323\177M\004M2\370~\232\010\232}\340\3754\0216\323\257}4\0216\363.\3754\0216\373\242\372h\"p@\007\323A\023\202\023\337M\004N:\333_M\004N\201\347>\232\010\235\023L\3754\021:\310\032\372h\"u\2207\364\320D\353A{\351\240\211\326\302\337\323A\023\301\013\277M\004O\010-}4\021< \271\364\320D\363-\265\364\320D\363@\027\323A\023\315\272\017\246\202\'\233y\317\246\202\'\333\020>\232\010\237q\226~\232\010\237u\367>\232\013 \020\232\372h,\201\227\234\372h,\201\267\001\364\320Y\003n?\364\320Y\010B\327\323Ad.2/\246\202\310]e\337\246\202\310^e\257\246\202\310\200\320~\232\013\"\013\355\3754\026D\320^\372h,\211\246\205\364\320Y\023o9\364\320Y\023\217\275\364\320Y\023\317\275\364\320Yd.\013\351\240\262\313-\277\364\320Ye\240\275\364\320Ye\247\003\364\320Ye\260?\364\320Ye\306\\\372h,\262\343/}4\026Yy\266\276\232\013-2\343?M\005\226\232\023\337M\005\226\233q\237\246\202\313`\023\177M\005\226\300\363\337M\005\226\304\323\377M\005\226\332m\337\246\202\313m8\037\246\202\313m\272\347\323Ae\300>/\246\202\313\201e\277\246\202\313\201m\277\246\202\313\201|_M\005\227Z\013\177M\005\227Zq\257\246\202\313\255\205\237\246\202\313\255\276\357\323Ae\327D\357\323Ae\346\233o\351\240\262\363\341k\351\240\262\363\357\007\351\240\262\373L\271\364\320Z\000\002/\246\202\320\000&~\232\013@\003@\372h-\000M3\364\320Z\003\216\267\364\320Z\003\240k\351\240\264\007Yg\351\240\264\007\333\177\351\240\264\0204\377\323Ah,\262/\246\202\320Yi\317\246\202\320Ze\337\246\202\320[\020~\232\013Am\326\376\232\013Am\347\276\232\013Aq\346~\232\013At\016\3754\026\202\370[\372h-\005\366\331\372h-\t\221=\364\320Z\023\314\265\364\320Z\023\340w\351\240\264\310@\317\323Ai\220\205\237\246\202\323\"u\357\246\202\323,\274\337\323Ai\226\200\377\323Ai\227\033g\351\240\264\313\256\275\364\320Ze\327\205\364\320Ze\327\231\372h-2\370\005\364\320Ze\367\035\372h-4&Y\372h-4\310\233\372h-4\330\235\372h-4\333L\3754\026\232p\002\372h-4\340_\372h-4\353B\372h-6\020?\364\320Zm\247\003\364\320Zm\247\233\372h-6\330\005\364\320Zm\327E\364\320Zm\346\\\372h-8\007^\372h-8\007\201\364\320Zp-9\364\320Zp/3\364\320Zq\246\201\364\320Zq\246\205\364\320Zq\247]\372h-8\343!\372h-8\343\316\3754\026\234}\366\376\232\013N\201\267~\232\013N\264\373\337M\005\247_\000>\232\013N\276!}4\026\236\000]\372h-<\007\003\364\320Zx\016;\364\320ZxL\207\351\240\264\360\234{\351\240\264\363 k\351\240\264\363\"s\351\240\264\363\"{\351\240\264\363\"\177\351\240\264\363,\213\351\240\264\363O\275\364\320Zy\261\003\351\240\264\363b\027\323Ai\346\335g\351\240\264\363\255=\364\320Zy\347Y\372h-<\373b\372h->\000\273\364\320Z|\r\275\364\320Z|L\277\364\320Z}\226\303\364\320Z}\266\331\372h->\333\340\372h->\333\341\372h->\333\355\3754\026\237m\367\276\232\013O\270\'\376\232\013O\270\363?M\005\247\336\003\377M\005\247\336\013?M\005\247\336d\037M\005\247\337\013?M\005\260\000.\3754\026\300\006C\364\320[\000\037\007\323Al\r\005\257\246\202\330\032l?M\005\260<\007>\232\013`x.}4\026\302\'\034\372h-\204O\267\364\320[\010\237\177\351\240\266\026_\017\323Al.<\357\323Al.\266/\246\202\330]m\357\246\202\330^m\317\246\202\330^q\277\246\202\330^u\277\246\202\330_\013\377M\005\261\001\247\376\232\013b\013N\3754\026\304\333`\372h-\211\327\201\364\320[\023\341o\351\240\266\'\302\357\323AlO\266\017\246\202\333 i\377\246\202\333 q\357\246\202\333\"\000~\232\013l\210B\372h-\262\'^\372h-\262\313B\372h-\262\320\205\364\320[e\2605\364\320[e\301=\364\320[e\306\332\372h-\262\350\\\372h-\262\373b\372h-\262\373n\3754\026\332\000\201\364\320[h\016\213\351\240\266\320\036\017\323Am\246@\367\323Am\246[k\351\240\266\323\355\277\364\320[l,\277\364\320[l/\265\364\320[m\260\267\364\320[m\267\035\372h-\266\333\217\3754\026\333q\366\376\232\013m\272!}4\026\333u\220}4\026\333u\320}4\026\334\003O}4\026\334\003\356\3754\026\334\010\032\372h-\270\0207\364\320[p w\351\240\266\340Yw\351\240\266\340^\017\323Am\3014\327\323Am\306\202\337\323Am\307\033s\351\240\266\343\240k\351\240\266\343\240s\351\240\266\343\257\003\351\240\266\343\3173\364\320[t\016\207\351\240\266\350Y\177\351\240\266\353-\013\351\240\266\353-\203\351\240\266\353/\007\351\240\266\353/3\364\320[u\2405\364\320[u\306\336\372h-\272\350Z\372h-\272\353\201\372h-\272\353\356}4\026\335u\367\376\232\013n\274\000\3754\026\335y\227~\232\013n\274\363\277M\005\267_\023\377M\005\267\200\313\177M\005\267\200\343_M\005\267\202\373?M\005\267\231\003\177M\005\267\231\003\377M\005\267\234m\337\246\202\333\316\211\257\246\202\333\3176\327\323Am\347\304\017\246\202\333\355\272\017\246\202\333\356\t\277\246\202\333\3564/\246\202\333\356>\317\323Am\367]\007\323Am\367]g\351\240\266\373\256\273\364\320[}\360\013\351\240\266\373\355\007\351\240\266\373\356\273\364\320\\\000[\177\351\240\270\001\010\037M\005\3002\027>\232\013\200h\017}4\027\000\320_\372h.\001\2413\364\320\\\003N3\364\320\\\003O\213\351\240\270\007\304\317\323Ap\017\211\277\246\202\340\037i\317\246\202\340\037y\357\246\202\340@\007~\232\013\201\013\316\3754\027\002\313o}4\027\002\320Y\372h.\005\247\203\364\320\\\013O7\364\320\\\013O?\364\320\\\013a\027\323Ap-\211\317\246\202\340[i\357\246\202\340[|_M\005\300\266\373\177M\005\300\272\373_M\005\300\274\353\237M\005\300\276\027\276\232\013\201}\240\3754\027\004\006\331\372h.\010\017\003\351\240\270 \270/\246\202\340\204\'>\232\013\202\020\236\372h.\t\226C\364\320\\\023A\007\323ApM6\317\323ApM\204_M\005\3018 \3754\027\004\343\201\372h.\t\307\234\372h.2\007\034\372h.2\007\035\372h.2\026\237\372h.2 \013\351\240\270\313-9\364\320\\e\226\236\372h.2\313`\372h.2\313\357\3754\027\031l\017}4\027\031}\247\276\232\013\2152\313\337M\005\306\231q\377\246\202\343M:\017\246\202\343M<\037\246\202\343N\211\357\246\202\343N\270\327\323Aq\247\336\017\323Aq\247\337k\351\240\270\330\002\347\323Aq\2604\037\246\202\343`l?M\005\306\302\350~\232\013\215\210\r}4\027\033\023/}4\027\033\023`\372h.6\310\001\364\320\\m\220\263\364\320\\m\221?\364\320\\m\227\305\364\320\\m\247_\372h.6\330\037\372h.6\340\003\364\320\\m\3003\364\320\\m\300\277\364\320\\m\326\305\364\320\\m\327\205\364\320\\m\340?\364\320\\m\347Y\372h.6\363\255\3754\027\033y\327\276\232\013\215\276\006\376\232\013\215\276\007\276\232\013\216\000N\3754\027\034\020\034\372h.8\'\337\372h.8\333\315}4\027\034q\346\276\232\013\216:\373\337M\005\307\036d_M\005\307B\027\276\232\013\216\205\226~\232\013\216\205\240\3754\027\035\013L\3754\027\035\013M\3754\027\035\013\355}4\027\035\023-}4\027\035\023\357\3754\027\035e\326~\232\013\216\262\373?M\005\307Y}\277\246\202\343\255\005\257\246\202\343\255\205\257\246\202\343\256\266\367\323Aq\327\204\327\323Aq\327\231g\351\240\270\353\315\013\351\240\270\360\032w\351\240\270\360\032{\351\240\270\360\033\007\323Aq\3408\017\246\202\343\301y\277\246\202\343\301|?M\005\307\231}\237\246\202\343\315\205\277\246\202\343\315\266\037\246\202\343\315\266/\246\202\343\315\274/\246\202\343\316\201\257\246\202\343\342h\037M\005\307\304\353\277M\005\307\304\363_M\005\307\333}\357\246\202\343\356\001\337\246\202\343\356\270\367\323Aq\367\234o\351\240\270\373\354\273\364\320\\}\366^\372h.\200\r?\364\320]\000\034\177\351\240\272\000\264\017\246\202\350\002\333\277M\005\3204\323?M\005\320<\340~\232\013\240y\327\376\232\013\240|M\3754\027@\373\254\3758\330D\343\355}8\330D\360\001\364\343ad\r\267\364\343ae\267\301\364\343ae\301\007\351\346@\006\202\317\323\314\200\r<\327\323\314\200\r>\327\323\314\200\r>\357\323\314\200\r\270\347\320@ \000\0173\364\020\010\001}\267>\202\001\000@|\037A\000\200 \266\317\320@ \010M\013\350 \020\004\310\034\372\010\004\0012\310>\202\001\000M4\337\320@ \t\246\335\372\010\004\0016\313\237A\000\200&\332g\350 \020\004\333\217\375\004\002\000\233u\317\240\200@\023n\275\364\020\010\002p@\372\010\004\0018\'\276\202\001\000N2\357\320@ \t\306_\372\010\004\0018\333\177A\000\200\'\034w\350 \020\004\343\256\375\004\002\000\234u\357\240\262\330\000\000\273\364\026\336\003\256\270\327\320\\\020\000\026\\\372\013\202\000\002\353\337Ap@\000\204\357\320_\000\000\'\236\372\013\340\000\032\023?A|\000\003Bw\350/\200\001}\367\376\202\370\000&\332{\350/\200\002y\340}\005\360\001\226D\037\240\276\0002\310\231\372\013\340\003,\211\277\240\276\0002\310\234\372\013\340\003,\211\357\240\276\0002\310\237\372\013\340\003,\262\017\240\276\0002\320\035\372\013\340\003-\001\357\240\276\0002\320\037\372\013\340\003L\201\377\240\276\0004\330\\\372\013\340\003M\205\337\240\276\0004\330^\372\013\340\003M\205\377\240\276\0004\330\201\364\027\300\006\233\020~\202\370\000\323\317\213\350/\200\r>\000\375\005\360\001\261\001\277\240\276\0006 9\364\027\300\006\304\026\276\202\370\000\330\202\337\320_\000\033\020]\372\013\340\003b\013\337A|\000lA\177\350/\200\r\270\343\177A|\000m\307E\364\027\300\006\335e\317\240\276\0006\353M}4\026B\350[oa\226\337i~\224\000T\320?J\010\001yA\002\343A\270\313*b\321\277d\002-1X\215\256\303w\032K\364\245#\362\260\346,\000_\226I|\245\211\323M\037j\022q\330\202\246\014\233\265,\363\315\276\260\177@\230\362\264\307<\324\025i\245*\321\214\235KT\213X^\326\225\tX\325J\177\224)\244\202)/\237\225\203\361\203\261\223\026\301\372\232\274M_\361@\224\362\264\307<\324\025i\274!h\315P\354\364\267r\330\203\036\257\207\013\355\005\246\\m\357@\003p3p\257\275\256\017\347|\346B\206B\225\035*\rMl\353R\263\320bz\376\024\334R\2512\344;\025\263\\\345\242\265%=\212R{\n\241\252\224\353\377?@\236\362\264\307<\324\025i\245*\304\266\313\013RV\260\275\255*\022\261\016\204\255-\207\245i\274#\204\013K\264\017@\217\362\264\307<\324\025i\006\221\255\334\266 \307\253\207\013\355>\333\302m\277v\204-]\317\353@\217\362\264\307<\324\025j\212\232OR\324\0162\321\240b:\220\307k\030\214\366L\307k\030\216\24417\204-]\207\221\211\274 +\240\266w+\016\274\017@\214\362\267\224!j\354:JD\230\365\177\212\017\332\224\236B\301\035\007\'_@\213\362\264\266\016\222\254z\322c\324\217\211\335\016\214\032\266\344\305\223O@\223\362\264\307<\324\025i\245*\326\027\265\245BVM\203!\177\303\031)\350\027\2564\323?]\254\242\240\267q\367\231k\351\210\352C\035\254b3\3313\035\254b:\220\304\336\020\265v\036F&\360\200\256\202\331\334\254:\360>\273YEAn\343\3572\327\320\311O@\275q\246\231@\217\362\264\307<\324\025i\221Dk \266w1\013\003web\017(\300\016\270\262\303\266\001\000/,\006\326\000V\020>\324/\232\315aQ\006\371\355\372Q\220\255\240~\226\020\002\362\202\005\306\203q\226T\305\243\177\332\225\2153\300\307\332\222\036\221\232\250\027\230\347\232\202\256C\323\017(\377\'\323\222\374\001\023\360\037\036L\272\274\305D\276\254\237/\237yd\333\370\224\003\036\275\035w\352\247N\276\306j\251\346\240\277\226\001\313\315\343[\266I\315E\355\274\031\330W,\246\350*\375\351\230\217\342\277\336\034ZC\2435\323BO\323\311\023fK\306\316\314m;\0179\331\313\223\006\216\267\253\353\217e\373\037\305\2012\343\272/\034)\333]\267r\375\250_5\232\302\242\016E\223\351FB\266\242%a\000/( \\h7\031eLZ7\375\251X\323<\014}\251!\351\031\252\201y\216y\250*\344=?jcJk\325U\036\277@\215\362\264\307<\324\025h\306N\245\252D\177\320b:\220\307k\030\214\366L\307k\030\216\24417\204-]\207\221\211\274 +\240\266w+\016\274\017\256\326QP[\270\373\314\265\364\304u!\216\3261\031\354\231\216\3261\035Hbo\010Z\273\017#\023x@W\232R\260\363\237C%=\002\365\306\232g@\222\362\264\307<\324\025i\016\205\220[;\230\205Y6\014\205\207\244f\252\344\347\244\277@\214\362\264\307<\324\025d\026\316\346!\177\207\361\343\307\324\347\244\277@\234\362\264\307<\324\025i\245*\326\025\025\236\244\025b\036B\255!R3P\205\223`\310_\250\260\250\254\365 \261\020\362\026$\0251G\352(\306N\245\252O\253\n\212\317R\013\021\017!bAS\024~\242\214d\352Z\244@\236\362\264\307<\324\025i\245*\326\025\025\236\244\025h\317\'\245\223`\352D\247\262\221\244\307\251\037\215\232\332\275\232\272\313\'\321\'\266\256\245\223@\222\362\264\307<\324\025dNZ(\224\310\235d$i\265\037\207\275\010&\273\202\037_@\205\035\tY\035\311\354\237\264\037\315\306\232g\371\373R\221\300&\337\020\000\017\265;Zb@\330Y\003-2\317\332\235\2551 l,\201\226\231\027\332\235\2551 l,\201\226\231\017\332\235\2551 l,\201\226Y\177\355N\326\230\2206\026@\313,\267\365\332\323\022\017\346\343M3\374\375\251H\340\023o\210\000\007\332\235\340\376Zg\351\241}4\037\246_\372e\277\347@\223\362\264\307<\324\025i\245*\310-\235\314B\254\233\006B\377\207\361\343\307\324\347\244\277R\203\250\365\027{\213\204\204-i[\005D<\206\252o@\225\362\261j\356\177K[Z\023aGJ\310-\235\314B\254\223R_\202\010Z" } } } events { timestamp { seconds: 1525207293 nanos: 346744029 } write { data: { as_bytes: "\000\035V\000\000\000\000\000\001Google

\"Google\"

 

Advanced searchLanguage tools

© 2018 - Privacy - Terms

\000\000\000\000\001\000\000\000\001" } } } } ================================================ FILE: api/tools/data/tap2pcap_h2_ipv4.txt ================================================ 1 0.000000 127.0.0.1 → 127.0.0.1 HTTP2 157 Magic, SETTINGS[0], WINDOW_UPDATE[0], HEADERS[1]: GET / 2 0.013713 127.0.0.1 → 127.0.0.1 HTTP2 91 SETTINGS[0], SETTINGS[0], WINDOW_UPDATE[0] 3 0.013821 127.0.0.1 → 127.0.0.1 HTTP2 63 SETTINGS[0] 4 0.128649 127.0.0.1 → 127.0.0.1 HTTP2 5586 HEADERS[1]: 200 OK 5 0.130007 127.0.0.1 → 127.0.0.1 HTTP2 7573 DATA[1] 6 0.131045 127.0.0.1 → 127.0.0.1 HTTP2 3152 DATA[1], DATA[1] (text/html) ================================================ FILE: api/tools/generate_listeners.py ================================================ # Map from listeners proto, with holes where filter config fragments should go, and # a list of filter config fragment protos, to a final listeners.pb with the # config fragments converted to the opaque Struct representation. import sys # Some evil hack to deal with the fact that Bazel puts both google/api and # google/protobuf roots in the sys.path, and Python gets confused, e.g. it # thinks that there is no api package if it encounters the google/protobuf root # in sys.path first. from pkgutil import extend_path import google google.__path__ = extend_path(google.__path__, google.__name__) from google.protobuf import json_format from google.protobuf import struct_pb2 from google.protobuf import text_format from envoy.api.v2 import lds_pb2 from envoy.config.filter.network.http_connection_manager.v2 import http_connection_manager_pb2 # Convert an arbitrary proto object to its Struct proto representation. def ProtoToStruct(proto): json_rep = json_format.MessageToJson(proto) parsed_msg = struct_pb2.Struct() json_format.Parse(json_rep, parsed_msg) return parsed_msg # Parse a proto from the filesystem. def ParseProto(path, filter_name): # We only know about some filter config protos ahead of time. KNOWN_FILTERS = { 'http_connection_manager': lambda: http_connection_manager_pb2.HttpConnectionManager() } filter_config = KNOWN_FILTERS[filter_name]() with open(path, 'r') as f: text_format.Merge(f.read(), filter_config) return filter_config def GenerateListeners(listeners_pb_path, output_pb_path, output_json_path, fragments): listener = lds_pb2.Listener() with open(listeners_pb_path, 'r') as f: text_format.Merge(f.read(), listener) for filter_chain in listener.filter_chains: for f in filter_chain.filters: f.config.CopyFrom(ProtoToStruct(ParseProto(next(fragments), f.name))) with open(output_pb_path, 'w') as f: f.write(str(listener)) with open(output_json_path, 'w') as f: f.write(json_format.MessageToJson(listener)) if __name__ == '__main__': if len(sys.argv) < 4: print('Usage: %s ') % sys.argv[0] sys.exit(1) GenerateListeners(sys.argv[1], sys.argv[2], sys.argv[3], iter(sys.argv[4:])) ================================================ FILE: api/tools/generate_listeners_test.py ================================================ """Tests for generate_listeners.""" import os import generate_listeners if __name__ == "__main__": srcdir = os.path.join(os.getenv("TEST_SRCDIR"), 'envoy_api_canonical') generate_listeners.GenerateListeners( os.path.join(srcdir, "examples/service_envoy/listeners.pb"), "/dev/stdout", "/dev/stdout", iter([os.path.join(srcdir, "examples/service_envoy/http_connection_manager.pb")])) ================================================ FILE: api/tools/tap2pcap.py ================================================ """Tool to convert Envoy tap trace format to PCAP. Uses od and text2pcap (part of Wireshark) utilities to translate the Envoy tap trace proto format to a PCAP file suitable for consuming in Wireshark and other tools in the PCAP ecosystem. The TCP stream in the output PCAP is synthesized based on the known IP/port/timestamps that Envoy produces in its tap files; it is not a literal wire tap. Usage: bazel run @envoy_api_canonical//tools:tap2pcap Known issues: - IPv6 PCAP generation has malformed TCP packets. This appears to be a text2pcap issue. TODO(htuch): - Figure out IPv6 PCAP issue above, or file a bug once the root cause is clear. """ from __future__ import print_function import datetime import io import socket import subprocess as sp import sys import time from google.protobuf import text_format from envoy.data.tap.v2alpha import wrapper_pb2 def DumpEvent(direction, timestamp, data): dump = io.StringIO() dump.write('%s\n' % direction) # Adjust to local timezone adjusted_dt = timestamp.ToDatetime() - datetime.timedelta(seconds=time.altzone) dump.write('%s\n' % adjusted_dt) od = sp.Popen(['od', '-Ax', '-tx1', '-v'], stdout=sp.PIPE, stdin=sp.PIPE, stderr=sp.PIPE) packet_dump = od.communicate(data)[0] dump.write(packet_dump.decode()) return dump.getvalue() def Tap2Pcap(tap_path, pcap_path): wrapper = wrapper_pb2.TraceWrapper() if tap_path.endswith('.pb_text'): with open(tap_path, 'r') as f: text_format.Merge(f.read(), wrapper) else: with open(tap_path, 'r') as f: wrapper.ParseFromString(f.read()) trace = wrapper.socket_buffered_trace local_address = trace.connection.local_address.socket_address.address local_port = trace.connection.local_address.socket_address.port_value remote_address = trace.connection.remote_address.socket_address.address remote_port = trace.connection.remote_address.socket_address.port_value dumps = [] for event in trace.events: if event.HasField('read'): dumps.append(DumpEvent('I', event.timestamp, event.read.data.as_bytes)) elif event.HasField('write'): dumps.append(DumpEvent('O', event.timestamp, event.write.data.as_bytes)) ipv6 = False try: socket.inet_pton(socket.AF_INET6, local_address) ipv6 = True except socket.error: pass text2pcap_args = [ 'text2pcap', '-D', '-t', '%Y-%m-%d %H:%M:%S.', '-6' if ipv6 else '-4', '%s,%s' % (remote_address, local_address), '-T', '%d,%d' % (remote_port, local_port), '-', pcap_path ] text2pcap = sp.Popen(text2pcap_args, stdout=sp.PIPE, stdin=sp.PIPE) text2pcap.communicate('\n'.join(dumps).encode()) if __name__ == '__main__': if len(sys.argv) != 3: print('Usage: %s ' % sys.argv[0]) sys.exit(1) Tap2Pcap(sys.argv[1], sys.argv[2]) ================================================ FILE: api/tools/tap2pcap_test.py ================================================ """Tests for tap2pcap.""" from __future__ import print_function import os import subprocess as sp import sys import tap2pcap # Validate that the tapped trace when run through tap2cap | tshark matches # a golden output file for the tshark dump. Since we run tap2pcap in a # subshell with a limited environment, the inferred time zone should be UTC. if __name__ == '__main__': srcdir = os.path.join(os.getenv('TEST_SRCDIR'), 'envoy_api_canonical') tap_path = os.path.join(srcdir, 'tools/data/tap2pcap_h2_ipv4.pb_text') expected_path = os.path.join(srcdir, 'tools/data/tap2pcap_h2_ipv4.txt') pcap_path = os.path.join(os.getenv('TEST_TMPDIR'), 'generated.pcap') tap2pcap.Tap2Pcap(tap_path, pcap_path) actual_output = sp.check_output(['tshark', '-r', pcap_path, '-d', 'tcp.port==10000,http2', '-P']) with open(expected_path, 'rb') as f: expected_output = f.read() if actual_output != expected_output: print('Mismatch') print('Expected: %s' % expected_output) print('Actual: %s' % actual_output) sys.exit(1) ================================================ FILE: api/versioning/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/active_protos_gen.py. load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 # This tracks active development versions of protos. proto_library( name = "active_protos", visibility = ["//visibility:public"], deps = [ "//envoy/admin/v3:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/common/matcher/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", "//envoy/config/grpc_credential/v3:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v3:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/config/rbac/v3:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/config/tap/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/data/cluster/v3:pkg", "//envoy/data/core/v3:pkg", "//envoy/data/dns/v3:pkg", "//envoy/data/tap/v3:pkg", "//envoy/extensions/access_loggers/file/v3:pkg", "//envoy/extensions/access_loggers/grpc/v3:pkg", "//envoy/extensions/access_loggers/wasm/v3:pkg", "//envoy/extensions/clusters/aggregate/v3:pkg", "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/clusters/redis/v3:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "//envoy/extensions/common/tap/v3:pkg", "//envoy/extensions/compression/gzip/compressor/v3:pkg", "//envoy/extensions/compression/gzip/decompressor/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", "//envoy/extensions/filters/http/aws_lambda/v3:pkg", "//envoy/extensions/filters/http/aws_request_signing/v3:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg", "//envoy/extensions/filters/http/compressor/v3:pkg", "//envoy/extensions/filters/http/cors/v3:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", "//envoy/extensions/filters/http/decompressor/v3:pkg", "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/filters/http/dynamo/v3:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", "//envoy/extensions/filters/http/fault/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg", "//envoy/extensions/filters/http/grpc_stats/v3:pkg", "//envoy/extensions/filters/http/grpc_web/v3:pkg", "//envoy/extensions/filters/http/gzip/v3:pkg", "//envoy/extensions/filters/http/header_to_metadata/v3:pkg", "//envoy/extensions/filters/http/health_check/v3:pkg", "//envoy/extensions/filters/http/ip_tagging/v3:pkg", "//envoy/extensions/filters/http/jwt_authn/v3:pkg", "//envoy/extensions/filters/http/local_ratelimit/v3:pkg", "//envoy/extensions/filters/http/lua/v3:pkg", "//envoy/extensions/filters/http/oauth2/v3alpha:pkg", "//envoy/extensions/filters/http/on_demand/v3:pkg", "//envoy/extensions/filters/http/original_src/v3:pkg", "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", "//envoy/extensions/filters/listener/http_inspector/v3:pkg", "//envoy/extensions/filters/listener/original_dst/v3:pkg", "//envoy/extensions/filters/listener/original_src/v3:pkg", "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", "//envoy/extensions/filters/network/direct_response/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", "//envoy/extensions/filters/network/echo/v3:pkg", "//envoy/extensions/filters/network/ext_authz/v3:pkg", "//envoy/extensions/filters/network/http_connection_manager/v3:pkg", "//envoy/extensions/filters/network/kafka_broker/v3:pkg", "//envoy/extensions/filters/network/local_ratelimit/v3:pkg", "//envoy/extensions/filters/network/mongo_proxy/v3:pkg", "//envoy/extensions/filters/network/mysql_proxy/v3:pkg", "//envoy/extensions/filters/network/postgres_proxy/v3alpha:pkg", "//envoy/extensions/filters/network/ratelimit/v3:pkg", "//envoy/extensions/filters/network/rbac/v3:pkg", "//envoy/extensions/filters/network/redis_proxy/v3:pkg", "//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg", "//envoy/extensions/filters/network/sni_cluster/v3:pkg", "//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg", "//envoy/extensions/filters/network/tcp_proxy/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/v3:pkg", "//envoy/extensions/filters/network/wasm/v3:pkg", "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "//envoy/extensions/filters/udp/udp_proxy/v3:pkg", "//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg", "//envoy/extensions/internal_redirect/previous_routes/v3:pkg", "//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg", "//envoy/extensions/network/socket_interface/v3:pkg", "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", "//envoy/extensions/stat_sinks/wasm/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg", "//envoy/extensions/transport_sockets/quic/v3:pkg", "//envoy/extensions/transport_sockets/raw_buffer/v3:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/extensions/upstreams/http/generic/v3:pkg", "//envoy/extensions/upstreams/http/http/v3:pkg", "//envoy/extensions/upstreams/http/tcp/v3:pkg", "//envoy/extensions/wasm/v3:pkg", "//envoy/extensions/watchdog/abort_action/v3alpha:pkg", "//envoy/extensions/watchdog/profile_action/v3alpha:pkg", "//envoy/service/accesslog/v3:pkg", "//envoy/service/auth/v3:pkg", "//envoy/service/cluster/v3:pkg", "//envoy/service/discovery/v3:pkg", "//envoy/service/endpoint/v3:pkg", "//envoy/service/event_reporting/v3:pkg", "//envoy/service/extension/v3:pkg", "//envoy/service/health/v3:pkg", "//envoy/service/listener/v3:pkg", "//envoy/service/load_stats/v3:pkg", "//envoy/service/metrics/v3:pkg", "//envoy/service/ratelimit/v3:pkg", "//envoy/service/route/v3:pkg", "//envoy/service/runtime/v3:pkg", "//envoy/service/secret/v3:pkg", "//envoy/service/status/v3:pkg", "//envoy/service/tap/v3:pkg", "//envoy/service/trace/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", ], ) # This tracks frozen versions of protos. proto_library( name = "frozen_protos", visibility = ["//visibility:public"], deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/api/v2/listener:pkg", "//envoy/api/v2/ratelimit:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/accesslog/v2:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/config/cluster/aggregate/v2alpha:pkg", "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/cluster/redis:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", "//envoy/config/filter/http/buffer/v2:pkg", "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/filter/http/compressor/v2:pkg", "//envoy/config/filter/http/cors/v2:pkg", "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/filter/http/dynamo/v2:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "//envoy/config/filter/http/grpc_web/v2:pkg", "//envoy/config/filter/http/gzip/v2:pkg", "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/filter/http/lua/v2:pkg", "//envoy/config/filter/http/on_demand/v2:pkg", "//envoy/config/filter/http/original_src/v2alpha1:pkg", "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/filter/http/router/v2:pkg", "//envoy/config/filter/http/squash/v2:pkg", "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/config/filter/http/transcoder/v2:pkg", "//envoy/config/filter/listener/http_inspector/v2:pkg", "//envoy/config/filter/listener/original_dst/v2:pkg", "//envoy/config/filter/listener/original_src/v2alpha1:pkg", "//envoy/config/filter/listener/proxy_protocol/v2:pkg", "//envoy/config/filter/listener/tls_inspector/v2:pkg", "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "//envoy/config/filter/network/direct_response/v2:pkg", "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/filter/network/echo/v2:pkg", "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", "//envoy/config/filter/network/sni_cluster/v2:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "//envoy/config/grpc_credential/v2alpha:pkg", "//envoy/config/listener/v2:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", "//envoy/config/ratelimit/v2:pkg", "//envoy/config/rbac/v2:pkg", "//envoy/config/retry/omit_host_metadata/v2:pkg", "//envoy/config/retry/previous_priorities:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "//envoy/config/transport_socket/alts/v2alpha:pkg", "//envoy/config/transport_socket/raw_buffer/v2:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", "//envoy/data/cluster/v2alpha:pkg", "//envoy/data/core/v2alpha:pkg", "//envoy/data/dns/v2alpha:pkg", "//envoy/data/tap/v2alpha:pkg", "//envoy/service/accesslog/v2:pkg", "//envoy/service/auth/v2:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/event_reporting/v2alpha:pkg", "//envoy/service/load_stats/v2:pkg", "//envoy/service/metrics/v2:pkg", "//envoy/service/ratelimit/v2:pkg", "//envoy/service/status/v2:pkg", "//envoy/service/tap/v2alpha:pkg", "//envoy/service/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/metadata/v2:pkg", "//envoy/type/tracing/v2:pkg", ], ) ================================================ FILE: api/xds_protocol.rst ================================================ .. _xds_protocol: xDS REST and gRPC protocol ========================== Envoy discovers its various dynamic resources via the filesystem or by querying one or more management servers. Collectively, these discovery services and their corresponding APIs are referred to as *xDS*. Resources are requested via *subscriptions*, by specifying a filesystem path to watch, initiating gRPC streams, or polling a REST-JSON URL. The latter two methods involve sending requests with a :ref:`DiscoveryRequest ` proto payload. Resources are delivered in a :ref:`DiscoveryResponse ` proto payload in all methods. We discuss each type of subscription below. Resource Types -------------- Every configuration resource in the xDS API has a type associated with it. Resource types follow a :repo:`versioning scheme `. Resource types are versioned independent of the transports described below. The following v2 xDS resource types are supported: - :ref:`envoy.api.v2.Listener ` - :ref:`envoy.api.v2.RouteConfiguration ` - :ref:`envoy.api.v2.ScopedRouteConfiguration ` - :ref:`envoy.api.v2.route.VirtualHost ` - :ref:`envoy.api.v2.Cluster ` - :ref:`envoy.api.v2.ClusterLoadAssignment ` - :ref:`envoy.api.v2.Auth.Secret ` - :ref:`envoy.service.discovery.v2.Runtime ` The following v3 xdS resource types are supported: - :ref:`envoy.config.listener.v3.Listener ` - :ref:`envoy.config.route.v3.RouteConfiguration ` - :ref:`envoy.config.route.v3.ScopedRouteConfiguration ` - :ref:`envoy.config.route.v3.VirtualHost ` - :ref:`envoy.config.cluster.v3.Cluster ` - :ref:`envoy.config.endpoint.v3.ClusterLoadAssignment ` - :ref:`envoy.extensions.transport_sockets.tls.v3.Secret ` - :ref:`envoy.service.runtime.v3.Runtime ` The concept of `type URLs `_ appears below, and takes the form `type.googleapis.com/` -- e.g., `type.googleapis.com/envoy.api.v2.Cluster` for a `Cluster` resource. In various requests from Envoy and responses by the management server, the resource type URL is stated. Filesystem subscriptions ------------------------ The simplest approach to delivering dynamic configuration is to place it at a well known path specified in the :ref:`ConfigSource `. Envoy will use `inotify` (`kqueue` on macOS) to monitor the file for changes and parse the :ref:`DiscoveryResponse ` proto in the file on update. Binary protobufs, JSON, YAML and proto text are supported formats for the :ref:`DiscoveryResponse `. There is no mechanism available for filesystem subscriptions to ACK/NACK updates beyond stats counters and logs. The last valid configuration for an xDS API will continue to apply if an configuration update rejection occurs. .. _xds_protocol_streaming_grpc_subscriptions: Streaming gRPC subscriptions ---------------------------- API flow ~~~~~~~~ For typical HTTP routing scenarios, the core resource types for the client's configuration are `Listener`, `RouteConfiguration`, `Cluster`, and `ClusterLoadAssignment`. Each `Listener` resource may point to a `RouteConfiguration` resource, which may point to one or more `Cluster` resources, and each `Cluster` resource may point to a `ClusterLoadAssignment` resource. Envoy fetches all `Listener` and `Cluster` resources at startup. It then fetches whatever `RouteConfiguration` and `ClusterLoadAssignment` resources that are required by the `Listener` and `Cluster` resources. In effect, every `Listener` or `Cluster` resource is a root to part of Envoy's configuration tree. A non-proxy client such as gRPC might start by fetching only the specific `Listener` resources that it is interested in. It then fetches the `RouteConfiguration` resources required by those `Listener` resources, followed by whichever `Cluster` resources are required by those `RouteConfiguration` resources, followed by the `ClusterLoadAssignment` resources required by the `Cluster` resources. In effect, the original `Listener` resources are the roots to the client's configuration tree. Variants of the xDS Transport Protocol ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Four Variants ^^^^^^^^^^^^^ There are four variants of the xDS transport protocol used via streaming gRPC, which cover all combinations of two dimensions. The first dimension is State of the World (SotW) vs. incremental. The SotW approach was the original mechanism used by xDS, in which the client must specify all resource names it is interested in with each request (except when making a wildcard request in LDS/CDS), and the server must return all resources the client has subscribed to in each request (in LDS/CDS). This means that if the client is already subscribing to 99 resources and wants to add an additional one, it must send a request with all 100 resource names, rather than just the one new one. And the server must then respond by sending all 100 resources, even if the 99 that were already subscribed to have not changed (in LDS/CDS). This mechanism can be a scalability limitation, which is why the incremental protocol variant was introduced. The incremental approach allows both the client and server to indicate only deltas relative to their previous state -- i.e., the client can say that it wants to add or remove its subscription to a particular resource name without resending those that have not changed, and the server can send updates only for those resources that have changed. The incremental protocol also provides a mechanism for lazy loading of resources. For details on the incremental protocol, see :ref:`Incremental xDS ` below. The second dimension is using a separate gRPC stream for each resource type vs. aggregating all resource types onto a single gRPC stream. The former approach was the original mechanism used by xDS, and it offers an eventual consistency model. The latter approach was added for environments in which explicit control of sequencing is required. For details, see :ref:`Eventual consistency considerations ` below. So, the four variants of the xDS transport protocol are: 1. State of the World (Basic xDS): SotW, separate gRPC stream for each resource type 2. Incremental xDS: incremental, separate gRPC stream for each resource type 3. Aggregated Discovery Service (ADS): SotW, aggregate stream for all resource types 4. Incremental ADS: incremental, aggregate stream for all resource types RPC Services and Methods for Each Variant ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ For the non-aggregated protocol variants, there is a separate RPC service for each resource type. Each of these RPC services can provide a method for each of the SotW and Incremental protocol variants. Here are the RPC services and methods for each resource type: - Listener: Listener Discovery Service (LDS) - SotW: ListenerDiscoveryService.StreamListeners - Incremental: ListenerDiscoveryService.DeltaListeners - RouteConfiguration: Route Discovery Service (RDS) - SotW: RouteDiscoveryService.StreamRoutes - Incremental: RouteDiscoveryService.DeltaRoutes - ScopedRouteConfiguration: Scoped Route Discovery Service (SRDS) - SotW: ScopedRouteDiscoveryService.StreamScopedRoutes - Incremental: ScopedRouteDiscoveryService.DeltaScopedRoutes - VirtualHost: Virtual Host Discovery Service (VHDS) - SotW: N/A - Incremental: VirtualHostDiscoveryService.DeltaVirtualHosts - Cluster: Cluster Discovery Service (CDS) - SotW: ClusterDiscoveryService.StreamClusters - Incremental: ClusterDiscoveryService.DeltaClusters - ClusterLoadAssignment: Endpoint Discovery Service (EDS) - SotW: EndpointDiscoveryService.StreamEndpoints - Incremental: EndpointDiscoveryService.DeltaEndpoints - Secret: Secret Discovery Service (SDS) - SotW: SecretDiscoveryService.StreamSecrets - Incremental: SecretDiscoveryService.DeltaSecrets - Runtime: Runtime Discovery Service (RTDS) - SotW: RuntimeDiscoveryService.StreamRuntime - Incremental: RuntimeDiscoveryService.DeltaRuntime In the aggregated protocol variants, all resource types are multiplexed on a single gRPC stream, where each resource type is treated as a separate logical stream within the aggregated stream. In effect, it simply combines all of the above separate APIs into a single stream by treating requests and responses for each resource type as a separate sub-stream on the single aggregated stream. The RPC service and methods for the aggregated protocol variants are: - SotW: AggregatedDiscoveryService.StreamAggregatedResources - Incremental: AggregatedDiscoveryService.DeltaAggregatedResources For all of the SotW methods, the request type is :ref:`DiscoveryRequest ` and the response type is :ref:`DiscoveryResponse `. For all of the incremental methods, the request type is :ref:`DeltaDiscoveryRequest ` and the response type is :ref:`DeltaDiscoveryResponse `. Configuring Which Variant to Use ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In the xDS API, the :ref:`ConfigSource ` message indicates how to obtain resources of a particular type. If the :ref:`ConfigSource ` contains a gRPC :ref:`ApiConfigSource `, it points to an upstream cluster for the management server; this will initiate an independent bidirectional gRPC stream for each xDS resource type, potentially to distinct management servers. If the :ref:`ConfigSource ` contains a :ref:`AggregatedConfigSource `, it tells the client to use :ref:`ADS `. Currently, the client is expected to be given some local configuration that tells it how to obtain the :ref:`Listener ` and :ref:`Cluster ` resources. :ref:`Listener ` resources may include a :ref:`ConfigSource ` that indicates how the :ref:`RouteConfiguration ` resources are obtained, and :ref:`Cluster ` resources may include a :ref:`ConfigSource ` that indicates how the :ref:`ClusterLoadAssignment ` resources are obtained. Client Configuration """""""""""""""""""" In Envoy, the bootstrap file contains two :ref:`ConfigSource ` messages, one indicating how :ref:`Listener ` resources are obtained and another indicating how :ref:`Cluster ` resources are obtained. It also contains a separate :ref:`ApiConfigSource ` message indicating how to contact the ADS server, which will be used whenever a :ref:`ConfigSource ` message (either in the bootstrap file or in a :ref:`Listener ` or :ref:`Cluster ` resource obtained from a management server) contains an :ref:`AggregatedConfigSource ` message. In a gRPC client that uses xDS, only ADS is supported, and the bootstrap file contains the name of the ADS server, which will be used for all resources. The :ref:`ConfigSource ` messages in the :ref:`Listener ` and :ref:`Cluster ` resources must contain :ref:`AggregatedConfigSource ` messages. The xDS transport Protocol ~~~~~~~~~~~~~~~~~~~~~~~~~~ Transport API version ^^^^^^^^^^^^^^^^^^^^^ In addition the resource type version described above, the xDS wire protocol has a transport version associated with it. This provides type versioning for messages such as :ref:`DiscoveryRequest ` and :ref:`DiscoveryResponse `. It is also encoded in the gRPC method name, so a server can determine which version a client is speaking based on which method it calls. Basic Protocol Overview ^^^^^^^^^^^^^^^^^^^^^^^ Each xDS stream begins with a :ref:`DiscoveryRequest ` from the client, which specifies the list of resources to subscribe to, the type URL corresponding to the subscribed resources, the node identifier, and an optional resource type instance version indicating the most recent version of the resource type that the client has already seen (see :ref:`ACK/NACK and resource type instance version ` for details). The server will then send a :ref:`DiscoveryResponse ` containing any resources that the client has subscribed to that have changed since the last resource type instance version that the client indicated it has seen. The server may send additional responses at any time when the subscribed resources change. Whenever the client receives a new response, it will send another request indicating whether or not the resources in the response were valid (see :ref:`ACK/NACK and resource type instance version ` for details). Only the first request on a stream is guaranteed to carry the node identifier. The subsequent discovery requests on the same stream may carry an empty node identifier. This holds true regardless of the acceptance of the discovery responses on the same stream. The node identifier should always be identical if present more than once on the stream. It is sufficient to only check the first message for the node identifier as a result. .. _xds_ack_nack: ACK/NACK and resource type instance version ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Every xDS resource type has a version string that indicates the version for that resource type. Whenever one resource of that type changes, the version is changed. In a responses sent by the xDS server, the :ref:`version_info` field indicates the current version for that resource type. The client then sends another request to the server with the :ref:`version_info` field indicating the most recent valid version seen by the client. This provides a way for the server to determine when it sends a version that the client considers invalid. (In the :ref:`incremental protocol variants `, the resource type instance version is sent by the server in the :ref:`system_version_info` field. However, this information is not actually used by the client to communicate which resources are valid, because the incremental API variants have a separate mechanism for that.) The resource type instance version is separate for each resource type. When using the aggregated protocol variants, each resource type has its own version even though all resource types are being sent on the same stream. The resource type is also separate for each xDS server (where an xDS server is identified by a unique :ref:`ConfigSource `). When obtaining resources of a given type from multiple xDS servers, each xDS server will have a different notion of version. Note that the version for a resource type is not a property of an individual xDS stream but rather a property of the resources themselves. If the stream becomes broken and the client creates a new stream, the client's initial request on the new stream should indicate the most recent version seen by the client on the previous stream. An example EDS request might be: .. code:: yaml version_info: node: { id: envoy } resource_names: - foo - bar type_url: type.googleapis.com/envoy.api.v2.ClusterLoadAssignment response_nonce: The management server may reply either immediately or when the requested resources are available with a :ref:`DiscoveryResponse `, e.g.: .. code:: yaml version_info: X resources: - foo ClusterLoadAssignment proto encoding - bar ClusterLoadAssignment proto encoding type_url: type.googleapis.com/envoy.api.v2.ClusterLoadAssignment nonce: A After processing the :ref:`DiscoveryResponse `, Envoy will send a new request on the stream, specifying the last version successfully applied and the nonce provided by the management server. The version provides Envoy and the management server a shared notion of the currently applied configuration, as well as a mechanism to ACK/NACK configuration updates. ACK ^^^ If the update was successfully applied, the :ref:`version_info ` will be **X**, as indicated in the sequence diagram: .. figure:: diagrams/simple-ack.svg :alt: Version update after ACK NACK ^^^^ If Envoy had instead rejected configuration update **X**, it would reply with :ref:`error_detail ` populated and its previous version, which in this case was the empty initial version. The :ref:`error_detail ` has more details around the exact error message populated in the message field: .. figure:: diagrams/simple-nack.svg :alt: No version update after NACK In the sequence diagrams, the following format is used to abbreviate messages: - *DiscoveryRequest*: (V=version_info,R=resource_names,N=response_nonce,T=type_url) - *DiscoveryResponse*: (V=version_info,R=resources,N=nonce,T=type_url) After a NACK, an API update may succeed at a new version **Y**: .. figure:: diagrams/later-ack.svg :alt: ACK after NACK ACK and NACK semantics summary ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - The xDS client should ACK or NACK every :ref:`DiscoveryResponse ` received from the management server. - Like all other requests, the nonce from the :ref:`DiscoveryResponse ` is sent as :ref:`response_nonce `. As described in :ref:`resource update ` the nonce is used in certain race conditions to disambiguate between ACK and NACK. - ACK signifies successful configuration update and contains the :ref:`version_info ` from the :ref:`DiscoveryResponse `. - NACK signifies unsuccessful configuration update and contains the previous (existing) :ref:`version_info `. - Only the NACK should populate the :ref:`error_detail `. .. _xds_protocol_resource_update: When to send an update ^^^^^^^^^^^^^^^^^^^^^^ The management server should only send updates to the Envoy client when the resources in the :ref:`DiscoveryResponse ` have changed. Envoy replies to any :ref:`DiscoveryResponse ` with a :ref:`DiscoveryRequest ` containing the ACK/NACK immediately after it has been either accepted or rejected. If the management server provides the same set of resources rather than waiting for a change to occur, it will cause needless work on both the client and the management server, which could have a severe performance impact. Within a stream, new :ref:`DiscoveryRequests ` supersede any prior :ref:`DiscoveryRequests ` having the same resource type. This means that the management server only needs to respond to the latest :ref:`DiscoveryRequest ` on each stream for any given resource type. .. _xds_protocol_resource_hints: How the client specifies what resources to return ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ xDS requests allow the client to specify a set of resource names as a hint to the server about which resources the client is interested in. In the SotW protocol variants, this is done via the :ref:`resource_names ` specified in the :ref:`DiscoveryRequest `; in the incremental protocol variants, this is done via the :ref:`resource_names_subscribe ` and :ref:`resource_names_unsubscribe ` fields in the :ref:`DeltaDiscoveryRequest `. Normally (see below for exceptions), requests must specify the set of resource names that the client is interested in. The management server must supply the requested resources if they exist. The client will silently ignore any supplied resources that were not explicitly requested. When the client sends a new request that changes the set of resources being requested, the server must resend any newly requested resources, even if it previously sent those resources without having been asked for them and the resources have not changed since that time. If the list of resource names becomes empty, that means that the client is no longer interested in any resources of the specified type. For :ref:`Listener ` and :ref:`Cluster ` resource types, there is also a "wildcard" mode, which is triggered when the initial request on the stream for that resource type contains no resource names. In this case, the server should use site-specific business logic to determine the full set of resources that the client is interested in, typically based on the client's :ref:`node ` identification. Note that once a stream has entered wildcard mode for a given resource type, there is no way to change the stream out of wildcard mode; resource names specified in any subsequent request on the stream will be ignored. Client Behavior """"""""""""""" Envoy will always use wildcard mode for :ref:`Listener ` and :ref:`Cluster ` resources. However, other xDS clients (such as gRPC clients that use xDS) may specify explicit resource names for these resource types, for example if they only have a singleton listener and already know its name from some out-of-band configuration. Grouping Resources into Responses ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In the incremental protocol variants, the server sends each resource in its own response. This means that if the server has previously sent 100 resources and only one of them has changed, it may send a response containing only the changed resource; it does not need to resend the 99 resources that have not changed, and the client must not delete the unchanged resources. In the SotW protocol variants, all resource types except for :ref:`Listener ` and :ref:`Cluster ` are grouped into responses in the same way as in the incremental protocol variants. However, :ref:`Listener ` and :ref:`Cluster ` resource types are handled differently: the server must include the complete state of the world, meaning that all resources of the relevant type that are needed by the client must be included, even if they did not change since the last response. This means that if the server has previously sent 100 resources and only one of them has changed, it must resend all 100 of them, even the 99 that were not modified. Note that all of the protocol variants operate on units of whole named resources. There is no mechanism for providing incremental updates of repeated fields within a named resource. Most notably, there is currently no mechanism for incrementally updating individual endpoints within an EDS response. Duplicate Resource Names ^^^^^^^^^^^^^^^^^^^^^^^^ It is an error for a server to send a single response that contains the same resource name twice. Clients should NACK responses that contain multiple instances of the same resource name. Deleting Resources ^^^^^^^^^^^^^^^^^^ In the incremental proocol variants, the server signals the client that a resource should be deleted via the :ref:`removed_resources ` field of the response. This tells the client to remove the resource from its local cache. In the SotW protocol variants, the criteria for deleting resources is more complex. For :ref:`Listener ` and :ref:`Cluster ` resource types, if a previously seen resource is not present in a new response, that indicates that the resource has been removed, and the client must delete it; a response containing no resources means to delete all resources of that type. However, for other resource types, the API provides no mechanism for the server to tell the client that resources have been deleted; instead, deletions are indicated implicitly by parent resources being changed to no longer refer to a child resource. For example, when the client receives an LDS update removing a :ref:`Listener ` that was previously pointing to :ref:`RouteConfiguration ` A, if no other :ref:`Listener ` is pointing to :ref:`RouteConfiguration ` A, then the client may delete A. For those resource types, an empty :ref:`DiscoveryResponse ` is effectively a no-op from the client's perspective. Knowing When a Requested Resource Does Not Exist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The SotW protocol variants do not provide any explicit mechanism to determine when a requested resource does not exist. Responses for :ref:`Listener ` and :ref:`Cluster ` resource types must include all resources requested by the client. However, it may not be possible for the client to know that a resource does not exist based solely on its absence in a response, because the delivery of the updates is eventually consistent: if the client initially sends a request for resource A, then sends a request for resources A and B, and then sees a response containing only resource A, the client cannot conclude that resource B does not exist, because the response may have been sent on the basis of the first request, before the server saw the second request. For other resource types, because each resource can be sent in its own response, there is no way to know from the next response whether the newly requested resource exists, because the next response could be an unrelated update for another resource that had already been subscribed to previously. As a result, clients are expected to use a timeout (recommended duration is 15 seconds) after sending a request for a new resource, after which they will consider the requested resource to not exist if they have not received the resource. In Envoy, this is done for :ref:`RouteConfiguration ` and :ref:`ClusterLoadAssignment ` resources during :ref:`resource warming `. Note that this timeout is not strictly necessary when using wildcard mode for :ref:`Listener ` and :ref:`Cluster ` resource types, because in that case every response will contain all existing resources that are relevant to the client, so the client can know that a resource does not exist by its absence in the next response it sees. However, using a timeout is still recommended in this case, since it protects against the case where the management server fails to send a response in a timely manner. Note that even if a requested resource does not exist at the moment when the client requests it, that resource could be created at any time. Management servers must remember the set of resources being requested by the client, and if one of those resources springs into existence later, the server must send an update to the client informing it of the new resource. Clients that initially see a resource that does not exist must be prepared for the resource to be created at any time. Unsubscribing From Resources ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In the incremental protocol variants, resources can be unsubscribed to via the :ref:`resource_names_unsubscribe ` field. In the SotW protocol variants, each request must contain the full list of resource names being subscribed to in the :ref:`resource_names ` field, so unsubscribing to a set of resources is done by sending a new request containing all resource names that are still being subscribed to but not containing the resource names being unsubscribed to. For example, if the client had previously been subscribed to resources A and B but wishes to unsubscribe from B, it must send a new request containing only resource A. Note that for :ref:`Listener ` and :ref:`Cluster ` resource types where the stream is in "wildcard" mode (see :ref:`How the client specifies what resources to return ` for details), the set of resources being subscribed to is determined by the server instead of the client, so there is no mechanism for the client to unsubscribe from resources. Requesting Multiple Resources on a Single Stream ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ For EDS/RDS, Envoy may either generate a distinct stream for each resource of a given type (e.g. if each :ref:`ConfigSource ` has its own distinct upstream cluster for a management server), or may combine together multiple resource requests for a given resource type when they are destined for the same management server. While this is left to implementation specifics, management servers should be capable of handling one or more :ref:`resource_names ` for a given resource type in each request. Both sequence diagrams below are valid for fetching two EDS resources `{foo, bar}`: |Multiple EDS requests on the same stream| |Multiple EDS requests on distinct streams| Resource updates ^^^^^^^^^^^^^^^^ As discussed above, Envoy may update the list of :ref:`resource_names ` it presents to the management server in each :ref:`DiscoveryRequest ` that ACK/NACKs a specific :ref:`DiscoveryResponse `. In addition, Envoy may later issue additional :ref:`DiscoveryRequests ` at a given :ref:`version_info ` to update the management server with new resource hints. For example, if Envoy is at EDS version **X** and knows only about cluster ``foo``, but then receives a CDS update and learns about ``bar`` in addition, it may issue an additional :ref:`DiscoveryRequest ` for **X** with `{foo,bar}` as `resource_names`. .. figure:: diagrams/cds-eds-resources.svg :alt: CDS response leads to EDS resource hint update There is a race condition that may arise here; if after a resource hint update is issued by Envoy at **X**, but before the management server processes the update it replies with a new version **Y**, the resource hint update may be interpreted as a rejection of **Y** by presenting an **X** :ref:`version_info `. To avoid this, the management server provides a ``nonce`` that Envoy uses to indicate the specific :ref:`DiscoveryResponse ` each :ref:`DiscoveryRequest ` corresponds to: .. figure:: diagrams/update-race.svg :alt: EDS update race motivates nonces The management server should not send a :ref:`DiscoveryResponse ` for any :ref:`DiscoveryRequest ` that has a stale nonce. A nonce becomes stale following a newer nonce being presented to Envoy in a :ref:`DiscoveryResponse `. A management server does not need to send an update until it determines a new version is available. Earlier requests at a version then also become stale. It may process multiple :ref:`DiscoveryRequests ` at a version until a new version is ready. .. figure:: diagrams/stale-requests.svg :alt: Requests become stale An implication of the above resource update sequencing is that Envoy does not expect a :ref:`DiscoveryResponse ` for every :ref:`DiscoveryRequests ` it issues. .. _xds_protocol_resource_warming: Resource warming ~~~~~~~~~~~~~~~~ :ref:`Clusters ` and :ref:`Listeners ` go through warming before they can serve requests. This process happens both during :ref:`Envoy initialization ` and when the `Cluster` or `Listener` is updated. Warming of `Cluster` is completed only when a `ClusterLoadAssignment` response is supplied by management server. Similarly, warming of `Listener` is completed only when a `RouteConfiguration` is supplied by management server if the listener refers to an RDS configuration. Management server is expected to provide the EDS/RDS updates during warming. If management server does not provide EDS/RDS responses, Envoy will not initialize itself during the initialization phase and the updates sent via CDS/LDS will not take effect until EDS/RDS responses are supplied. .. _xds_protocol_eventual_consistency_considerations: Eventual consistency considerations ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Since Envoy's xDS APIs are eventually consistent, traffic may drop briefly during updates. For example, if only cluster **X** is known via CDS/EDS, a `RouteConfiguration` references cluster **X** and is then adjusted to cluster **Y** just before the CDS/EDS update providing **Y**, traffic will be blackholed until **Y** is known about by the Envoy instance. For some applications, a temporary drop of traffic is acceptable, retries at the client or by other Envoy sidecars will hide this drop. For other scenarios where drop can't be tolerated, traffic drop could have been avoided by providing a CDS/EDS update with both **X** and **Y**, then the RDS update repointing from **X** to **Y** and then a CDS/EDS update dropping **X**. In general, to avoid traffic drop, sequencing of updates should follow a make before break model, wherein: - CDS updates (if any) must always be pushed first. - EDS updates (if any) must arrive after CDS updates for the respective clusters. - LDS updates must arrive after corresponding CDS/EDS updates. - RDS updates related to the newly added listeners must arrive after CDS/EDS/LDS updates. - VHDS updates (if any) related to the newly added RouteConfigurations must arrive after RDS updates. - Stale CDS clusters and related EDS endpoints (ones no longer being referenced) can then be removed. xDS updates can be pushed independently if no new clusters/routes/listeners are added or if it's acceptable to temporarily drop traffic during updates. Note that in case of LDS updates, the listeners will be warmed before they receive traffic, i.e. the dependent routes are fetched through RDS if configured. Clusters are warmed when adding/removing/updating clusters. On the other hand, routes are not warmed, i.e., the management plane must ensure that clusters referenced by a route are in place, before pushing the updates for a route. .. _xds_protocol_ads: Aggregated Discovery Service ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ It's challenging to provide the above guarantees on sequencing to avoid traffic drop when management servers are distributed. ADS allow a single management server, via a single gRPC stream, to deliver all API updates. This provides the ability to carefully sequence updates to avoid traffic drop. With ADS, a single stream is used with multiple independent :ref:`DiscoveryRequest `/:ref:`DiscoveryResponse ` sequences multiplexed via the type URL. For any given type URL, the above sequencing of :ref:`DiscoveryRequest ` and :ref:`DiscoveryResponse ` messages applies. An example update sequence might look like: .. figure:: diagrams/ads.svg :alt: EDS/CDS multiplexed on an ADS stream A single ADS stream is available per Envoy instance. An example minimal ``bootstrap.yaml`` fragment for ADS configuration is: .. code:: yaml node: id: dynamic_resources: cds_config: {ads: {}} lds_config: {ads: {}} ads_config: api_type: GRPC grpc_services: envoy_grpc: cluster_name: ads_cluster static_resources: clusters: - name: ads_cluster connect_timeout: { seconds: 5 } type: STATIC hosts: - socket_address: address: port_value: lb_policy: ROUND_ROBIN # It is recommended to configure either HTTP/2 or TCP keepalives in order to detect # connection issues, and allow Envoy to reconnect. TCP keepalive is less expensive, but # may be inadequate if there is a TCP proxy between Envoy and the management server. # HTTP/2 keepalive is slightly more expensive, but may detect issues through more types # of intermediate proxies. http2_protocol_options: connection_keepalive: interval: 30s timeout: 5s upstream_connection_options: tcp_keepalive: ... admin: ... .. _xds_protocol_delta: Incremental xDS ~~~~~~~~~~~~~~~ Incremental xDS is a separate xDS endpoint that: - Allows the protocol to communicate on the wire in terms of resource/resource name deltas ("Delta xDS"). This supports the goal of scalability of xDS resources. Rather than deliver all 100k clusters when a single cluster is modified, the management server only needs to deliver the single cluster that changed. - Allows the Envoy to on-demand / lazily request additional resources. For example, requesting a cluster only when a request for that cluster arrives. An Incremental xDS session is always in the context of a gRPC bidirectional stream. This allows the xDS server to keep track of the state of xDS clients connected to it. There is no REST version of Incremental xDS yet. In the delta xDS wire protocol, the nonce field is required and used to pair a :ref:`DeltaDiscoveryResponse ` to a :ref:`DeltaDiscoveryRequest ` ACK or NACK. Optionally, a response message level :ref:`system_version_info ` is present for debugging purposes only. :ref:`DeltaDiscoveryRequest ` can be sent in the following situations: - Initial message in a xDS bidirectional gRPC stream. - As an ACK or NACK response to a previous :ref:`DeltaDiscoveryResponse `. In this case the :ref:`response_nonce ` is set to the nonce value in the Response. ACK or NACK is determined by the absence or presence of :ref:`error_detail `. - Spontaneous :ref:`DeltaDiscoveryRequests ` from the client. This can be done to dynamically add or remove elements from the tracked :ref:`resource_names ` set. In this case :ref:`response_nonce ` must be omitted. In this first example the client connects and receives a first update that it ACKs. The second update fails and the client NACKs the update. Later the xDS client spontaneously requests the "wc" resource. .. figure:: diagrams/incremental.svg :alt: Incremental session example On reconnect the Incremental xDS client may tell the server of its known resources to avoid resending them over the network. Because no state is assumed to be preserved from the previous stream, the reconnecting client must provide the server with all resource names it is interested in. .. figure:: diagrams/incremental-reconnect.svg :alt: Incremental reconnect example Resource names ^^^^^^^^^^^^^^ Resources are identified by a resource name or an alias. Aliases of a resource, if present, can be identified by the alias field in the resource of a :ref:`DeltaDiscoveryResponse `. The resource name will be returned in the name field in the resource of a :ref:`DeltaDiscoveryResponse `. .. _xds_protocol_delta_subscribe: Subscribing to Resources ^^^^^^^^^^^^^^^^^^^^^^^^ The client can send either an alias or the name of a resource in the :ref:`resource_names_subscribe ` field of a :ref:`DeltaDiscoveryRequest ` in order to subscribe to a resource. Both the names and aliases of resources should be checked in order to determine whether the entity in question has been subscribed to. A :ref:`resource_names_subscribe ` field may contain resource names that the server believes the client is already subscribed to, and furthermore has the most recent versions of. However, the server *must* still provide those resources in the response; due to implementation details hidden from the server, the client may have "forgotten" those resources despite apparently remaining subscribed. .. _xds_protocol_unsubscribe: Unsubscribing from Resources ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When a client loses interest in some resources, it will indicate that with the :ref:`resource_names_unsubscribe ` field of a :ref:`DeltaDiscoveryRequest `. As with :ref:`resource_names_subscribe `, these may be resource names or aliases. A :ref:`resource_names_unsubscribe ` field may contain superfluous resource names, which the server thought the client was already not subscribed to. The server must cleanly process such a request; it can simply ignore these phantom unsubscriptions. Knowing When a Requested Resource Does Not Exist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When a resource subscribed to by a client does not exist, the server will send a :ref:`Resource ` whose :ref:`name ` field matches the name that the client subscribed to and whose :ref:`resource ` field is unset. This allows the client to quickly determine when a resource does not exist without waiting for a timeout, as would be done in the SotW protocol variants. However, clients are still encouraged to use a timeout to protect against the case where the management server fails to send a response in a timely manner. REST-JSON polling subscriptions ------------------------------- Synchronous (long) polling via REST endpoints is also available for the xDS singleton APIs. The above sequencing of messages is similar, except no persistent stream is maintained to the management server. It is expected that there is only a single outstanding request at any point in time, and as a result the response nonce is optional in REST-JSON. The `JSON canonical transform of proto3 `__ is used to encode :ref:`DiscoveryRequest ` and :ref:`DiscoveryResponse ` messages. ADS is not available for REST-JSON polling. When the poll period is set to a small value, with the intention of long polling, then there is also a requirement to avoid sending a :ref:`DiscoveryResponse ` unless a change to the underlying resources has occurred via a :ref:`resource update `. .. |Multiple EDS requests on the same stream| image:: diagrams/eds-same-stream.svg .. |Multiple EDS requests on distinct streams| image:: diagrams/eds-distinct-stream.svg ================================================ FILE: bazel/BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library", "cc_proto_library") load("//bazel:envoy_build_system.bzl", "envoy_package") load("//bazel:envoy_internal.bzl", "envoy_select_force_libcpp") licenses(["notice"]) # Apache 2 envoy_package() exports_files([ "gen_sh_test_runner.sh", "sh_test_wrapper.sh", "test_for_benchmark_wrapper.sh", ]) genrule( name = "gnu_build_id", outs = ["gnu_build_id.ldscript"], cmd = """ echo --build-id=0x$$( grep BUILD_SCM_REVISION bazel-out/volatile-status.txt \\ | sed 's/^BUILD_SCM_REVISION //') \\ > $@ """, # Undocumented attr to depend on workspace status files. # https://github.com/bazelbuild/bazel/issues/4942 stamp = 1, ) # For macOS, which doesn't have GNU ld's `--build-id` flag. genrule( name = "raw_build_id", outs = ["raw_build_id.ldscript"], cmd = """ grep BUILD_SCM_REVISION bazel-out/volatile-status.txt \\ | sed 's/^BUILD_SCM_REVISION //' \\ | tr -d '\\n' \\ > $@ """, # Undocumented attr to depend on workspace status files. # https://github.com/bazelbuild/bazel/issues/4942 stamp = 1, ) # A target to optionally link C++ standard library dynamically in sanitizer runs. # TSAN doesn't support libc/libstdc++ static linking per doc: # http://releases.llvm.org/8.0.1/tools/clang/docs/ThreadSanitizer.html cc_library( name = "dynamic_stdlib", linkopts = envoy_select_force_libcpp( ["-lc++"], ["-lstdc++"], ), ) cc_library( name = "static_stdlib", linkopts = select({ "//bazel:linux": ["-static-libgcc"], "//conditions:default": [], }), ) config_setting( name = "windows_opt_build", values = { "cpu": "x64_windows", "compilation_mode": "opt", }, ) config_setting( name = "windows_dbg_build", values = { "cpu": "x64_windows", "compilation_mode": "dbg", }, ) config_setting( name = "windows_fastbuild_build", values = { "cpu": "x64_windows", "compilation_mode": "fastbuild", }, ) config_setting( name = "opt_build", values = {"compilation_mode": "opt"}, ) config_setting( name = "fastbuild_build", values = {"compilation_mode": "fastbuild"}, ) config_setting( name = "dbg_build", values = {"compilation_mode": "dbg"}, ) config_setting( name = "no_debug_info", values = {"define": "no_debug_info=1"}, ) config_setting( name = "asan_build", values = {"define": "ENVOY_CONFIG_ASAN=1"}, ) config_setting( name = "tsan_build", values = {"define": "ENVOY_CONFIG_TSAN=1"}, ) config_setting( name = "msan_build", values = {"define": "ENVOY_CONFIG_MSAN=1"}, ) config_setting( name = "coverage_build", values = {"define": "ENVOY_CONFIG_COVERAGE=1"}, ) config_setting( name = "clang_build", flag_values = { "@bazel_tools//tools/cpp:compiler": "clang", }, ) config_setting( name = "gcc_build", flag_values = { "@bazel_tools//tools/cpp:compiler": "gcc", }, ) config_setting( name = "dynamic_link_tests", values = { "define": "dynamic_link_tests=true", }, ) config_setting( name = "disable_tcmalloc", values = {"define": "tcmalloc=disabled"}, ) config_setting( name = "debug_tcmalloc", values = {"define": "tcmalloc=debug"}, ) config_setting( name = "gperftools_tcmalloc", values = {"define": "tcmalloc=gperftools"}, ) # As select() can't be nested we need these specialized settings to avoid ambiguity when choosing # tcmalloc's flavor for x86_64 builds. config_setting( name = "disable_tcmalloc_on_linux_x86_64", values = { "define": "tcmalloc=disabled", "cpu": "k8", }, ) config_setting( name = "gperftools_tcmalloc_on_linux_x86_64", values = { "define": "tcmalloc=gperftools", "cpu": "k8", }, ) config_setting( name = "debug_tcmalloc_on_linux_x86_64", values = { "define": "tcmalloc=debug", "cpu": "k8", }, ) config_setting( name = "disable_signal_trace", values = {"define": "signal_trace=disabled"}, ) config_setting( name = "disable_object_dump_on_signal_trace", values = {"define": "object_dump_on_signal_trace=disabled"}, ) config_setting( name = "disable_deprecated_features", values = {"define": "deprecated_features=disabled"}, ) config_setting( name = "disable_hot_restart", values = {"define": "hot_restart=disabled"}, ) # Used to avoid conflicting selects https://github.com/bazelbuild/bazel/issues/8323 alias( name = "disable_hot_restart_or_apple", actual = select({ ":apple": ":apple", "//conditions:default": ":disable_hot_restart", }), ) config_setting( name = "disable_google_grpc", values = {"define": "google_grpc=disabled"}, ) config_setting( name = "enable_path_normalization_by_default", values = {"define": "path_normalization_by_default=true"}, ) config_setting( name = "enable_new_codecs_in_integration_tests", values = {"define": "use_new_codecs_in_integration_tests=true"}, ) cc_proto_library( name = "grpc_health_proto", deps = ["@com_github_grpc_grpc//src/proto/grpc/health/v1:_health_proto_only"], ) config_setting( name = "enable_exported_symbols", values = {"define": "exported_symbols=enabled"}, ) config_setting( name = "enable_log_debug_assert_in_release", values = {"define": "log_debug_assert_in_release=enabled"}, ) config_setting( name = "disable_known_issue_asserts", values = {"define": "disable_known_issue_asserts=true"}, ) config_setting( name = "enable_perf_annotation", values = {"define": "perf_annotation=enabled"}, ) config_setting( name = "force_libcpp", values = {"define": "force_libcpp=enabled"}, ) config_setting( name = "boringssl_fips", constraint_values = [ "@bazel_tools//platforms:linux", "@bazel_tools//platforms:x86_64", ], values = {"define": "boringssl=fips"}, ) config_setting( name = "boringssl_disabled", values = {"define": "boringssl=disabled"}, ) config_setting( name = "zlib_ng", constraint_values = [ "@bazel_tools//platforms:linux", ], values = {"define": "zlib=ng"}, ) config_setting( name = "enable_quiche", values = {"define": "quiche=enabled"}, ) # TODO: consider converting WAVM VM support to an extension (https://github.com/envoyproxy/envoy/issues/12574) config_setting( name = "wasm_all", values = {"define": "wasm=enabled"}, ) config_setting( name = "wasm_wavm", values = {"define": "wasm=wavm"}, ) config_setting( name = "wasm_v8", values = {"define": "wasm=v8"}, ) config_setting( name = "wasm_none", values = {"define": "wasm=disabled"}, ) # Alias pointing to the selected version of BoringSSL: # - BoringSSL FIPS from @boringssl_fips//:ssl, # - non-FIPS BoringSSL from @boringssl//:ssl. alias( name = "boringssl", actual = select({ "//bazel:boringssl_fips": "@boringssl_fips//:ssl", "//conditions:default": "@boringssl//:ssl", }), ) config_setting( name = "linux_x86_64", values = {"cpu": "k8"}, ) config_setting( name = "linux_aarch64", values = {"cpu": "aarch64"}, ) config_setting( name = "linux_ppc", values = {"cpu": "ppc"}, ) config_setting( name = "linux_s390x", values = {"cpu": "s390x"}, ) config_setting( name = "linux_mips64", values = {"cpu": "mips64"}, ) config_setting( name = "windows_x86_64", values = {"cpu": "x64_windows"}, ) # Configuration settings to make doing selects for Apple vs non-Apple platforms # easier. More details: https://docs.bazel.build/versions/master/configurable-attributes.html#config_settingaliasing config_setting( name = "darwin", values = {"cpu": "darwin"}, ) config_setting( name = "darwin_x86_64", values = {"cpu": "darwin_x86_64"}, ) config_setting( name = "ios_i386", values = {"cpu": "ios_i386"}, ) config_setting( name = "ios_x86_64", values = {"cpu": "ios_x86_64"}, ) config_setting( name = "ios_armv7", values = {"cpu": "ios_armv7"}, ) config_setting( name = "ios_armv7s", values = {"cpu": "ios_armv7s"}, ) config_setting( name = "ios_arm64", values = {"cpu": "ios_arm64"}, ) config_setting( name = "ios_arm64e", values = {"cpu": "ios_arm64e"}, ) config_setting( name = "manual_stamp", values = {"define": "manual_stamp=manual_stamp"}, ) config_setting( name = "android_logger", values = {"define": "logger=android"}, ) config_setting( name = "libfuzzer_coverage", define_values = { "FUZZING_ENGINE": "libfuzzer", "ENVOY_CONFIG_COVERAGE": "1", }, ) config_setting( name = "libfuzzer", values = {"define": "FUZZING_ENGINE=libfuzzer"}, ) alias( name = "apple", actual = select( { ":darwin": ":darwin", ":darwin_x86_64": ":darwin_x86_64", ":ios_arm64": ":ios_arm64", ":ios_arm64e": ":ios_arm64e", ":ios_armv7": ":ios_armv7", ":ios_armv7s": ":ios_armv7s", ":ios_i386": ":ios_i386", ":ios_x86_64": ":ios_x86_64", # If we're not on an apple platform return a value that will never match in the select() statement calling this # since it would have already been matched above. "//conditions:default": ":darwin", }, ), ) alias( name = "linux", actual = select( { ":linux_x86_64": ":linux_x86_64", ":linux_aarch64": ":linux_aarch64", ":linux_ppc": ":linux_ppc", ":linux_s390x": "linux_s390x", ":linux_mips64": ":linux_mips64", # If we're not on an linux platform return a value that will never match in the select() statement calling this # since it would have already been matched above. "//conditions:default": ":linux_x86_64", }, ), ) alias( name = "x86", actual = select( { ":darwin_x86_64": ":darwin_x86_64", ":ios_x86_64": "ios_x86_64", "linux_x86_64": "linux_x86_64", "windows_x86_64": "windows_x86_64", # If we're not on an x86 platform return a value that will never match in the select() statement calling this since it would have already been matched above. "//conditions:default": ":darwin_x86_64", }, ), ) alias( name = "remote_jdk11", actual = "@bazel_tools//tools/jdk:remote_jdk11", ) ================================================ FILE: bazel/DEVELOPER.md ================================================ # Developer guide for writing Envoy Bazel rules When adding or maintaining Envoy binary, library and test targets, it's necessary to write or modify Bazel `BUILD` files. In general, each directory has a `BUILD` file covering the source files contained immediately in the directory. Some guidelines for defining new targets using the [custom Envoy build rules](../bazel/envoy_build_system.bzl) are provided below. The [Bazel BUILD Encyclopedia](https://bazel.build/versions/master/docs/be/overview.html) provides further details regarding the underlying rules. ## Style guide The [BUILD file style guide](https://bazel.build/versions/master/docs/skylark/build-style.html) is the canonical style reference. The [buildifier](https://github.com/bazelbuild/buildifier) tool automatically enforces these guidelines. In addition, within the `BUILD` file, targets should be sorted alphabetically by their `name` attribute. ## Adding files to the Envoy build All modules that make up the Envoy binary are statically linked at compile time. Many of the modules within Envoy have a pure virtual interface living in [`include/envoy`](../include/envoy), implementation sources in [`source`](../source), mocks in [`test/mocks`](../test/mocks) and unit/integration tests in [`test`](../test). The relevant `BUILD` files will require updating or to be added in these locations as you extend Envoy. As an example, consider adding the following interface in `include/envoy/foo/bar.h`: ```c++ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/foo/baz.h" class Bar { public: virtual ~Bar() = default; virtual void someThing() PURE; ... ``` This would require the addition to `include/envoy/foo/BUILD` of the following target: ```python envoy_cc_library( name = "bar_interface", hdrs = ["bar.h"], deps = [ ":baz_interface", "//include/envoy/buffer:buffer_interface", ], ) ``` This declares a new target `bar_interface`, where the convention is that pure virtual interfaces have their targets suffixed with `_interface`. The header `bar.h` is exported to other targets that depend on `//include/envoy/foo:bar_interface`. The interface target itself depends on `baz_interface` (in the same directory, hence the relative Bazel label) and `buffer_interface`. In general, any header included via `#include` in a file belonging to the union of the `hdrs` and `srcs` lists for a Bazel target X should appear directly in the exported `hdrs` list for some target Y listed in the `deps` of X. Continuing the above example, the implementation of `Bar` might take place in `source/common/foo/bar_impl.h`, e.g. ```c++ #pragma once #include "envoy/foo/bar.h" class BarImpl : public Bar { ... ``` and `source/common/foo/bar_impl.cc`: ```c++ #include "common/foo/bar_impl.h" #include "common/buffer/buffer_impl.h" #include "common/foo/bar_internal.h" #include "common/foo/baz_impl.h" ... ``` The corresponding target to be added to `source/common/foo/BUILD` would be: ```python envoy_cc_library( name = "bar_lib", srcs = [ "bar_impl.cc", "bar_internal.h", ], hdrs = ["bar_impl.h"], deps = [ ":baz_lib", "//include/envoy/foo:bar_interface", "//source/common/buffer:buffer_lib", ], ) ``` By convention, Bazel targets for internal implementation libraries are suffixed with `_lib`. Similar to the above, a test mock target might be declared for `test/mocks/foo/mocks.h` in `test/mocks/foo/BUILD` with: ```python envoy_cc_mock( name = "foo_mocks", srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ "//include/envoy/foo:bar_interface", ... ], ) ``` Typically, mocks are provided for all interfaces in a directory in a single `mocks.{cc,h}` and corresponding `_mocks` Bazel target. There are some exceptions, such as [test/mocks/upstream/BUILD](../test/mocks/upstream/BUILD), where more granular mock targets are defined. Unit tests for `BarImpl` would be written in `test/common/foo/bar_impl_test.cc` and a target added to `test/common/foo/BUILD`: ```python envoy_cc_test( name = "bar_impl_test", srcs = ["bar_impl_test.cc"], deps = [ "//test/mocks/buffer:buffer_mocks", "//source/common/foo:bar_lib", ... ], ) ``` ## Binary targets New binary targets, for example tools that make use of some Envoy libraries, can be added with the `envoy_cc_binary` rule, e.g. for a new `tools/hello/world.cc` that depends on `bar_lib`, we might have in `tools/hello/BUILD`: ```python envoy_cc_binary( name = "world", srcs = ["world.cc"], deps = [ "//source/common/foo:bar_lib", ], ) ``` ## Filter linking Filters are registered via static initializers at early runtime by modules in [`source/server/config`](../source/server/config). These require the `alwayslink = 1` attribute to be set in the corresponding `envoy_cc_library` target to ensure they are correctly linked. See [`source/server/config/http/BUILD`](../source/server/config/http/BUILD) for examples. ## Tests with environment dependencies Some tests depends on read-only data files. In general, these can be specified by adding a `data = ["some_file.csv", ...],` attribute to the `envoy_cc_test` target, e.g. ```python envoy_cc_test( name = "bar_impl_test", srcs = ["bar_impl_test.cc"], data = ["some_file.csv"], deps = [ "//test/mocks/buffer:buffer_mocks", "//source/common/foo:bar_lib", ... ], ) ``` A [glob function](https://bazel.build/versions/master/docs/be/functions.html#glob) is available for simple pattern matching. Within a test, the read-only data dependencies can be accessed via the [`TestEnvironment::runfilesPath()`](../test/test_common/environment.h) method. A writable path is provided for test temporary files by [`TestEnvironment::temporaryDirectory()`](../test/test_common/environment.h). Integration tests might rely on JSON files that require paths for writable temporary files and paths for file-based Unix Domain Sockets to be specified in the JSON. Jinja-style `{{ test_tmpdir }}` and `{{ test_udsdir }}` macros can be used as placeholders, with the substituted JSON files made available in [`TestEnvironment::temporaryDirectory()`](../test/test_common/environment.h) by the `envoy_cc_test_with_json` rule, e.g. ```python envoy_cc_test_with_json( name = "bar_integration_test", srcs = ["bar_integration_test.cc"], jsons = ["//test/config/integration:server.json"], deps = [ "//source/server:server_lib", ... ], ) ``` In general, the `setup_cmds` attribute can be used to declare a setup shell script that executes in the [test environment](https://bazel.build/versions/master/docs/test-encyclopedia.html#initial-conditions) prior to the test, see [`bazel/envoy_build_system.bzl`](envoy_build_system.bzl) for further details. ================================================ FILE: bazel/EXTERNAL_DEPS.md ================================================ # Choosing tarballs Where the dependency maintainer provides a tarball, prefer that over the automatically generated Github tarball. Github generated tarball SHA256 values can change when Github change their tar/gzip libraries breaking builds. Maintainer provided tarballs are more stable and the maintainer can provide the SHA256. # Adding external dependencies to Envoy (C++) ## Native Bazel This is the preferred style of adding dependencies that use Bazel for their build process. 1. Define a new Bazel repository in [`bazel/repositories.bzl`](repositories.bzl), in the `envoy_dependencies()` function. 2. Reference your new external dependency in some `envoy_cc_library` via the `external_deps` attribute. 3. `bazel test //test/...` ## External CMake (preferred) This is the preferred style of adding dependencies that use CMake for their build system. 1. Define a the source Bazel repository in [`bazel/repositories.bzl`](repositories.bzl), in the `envoy_dependencies()` function. 2. Add a `cmake_external` rule to [`bazel/foreign_cc/BUILD`](foreign_cc/BUILD). This will reference the source repository in step 1. 3. Reference your new external dependency in some `envoy_cc_library` via the name bound in step 1 `external_deps` attribute. 4. `bazel test //test/...` ## genrule repository This is the newer style of adding dependencies with no upstream Bazel configs. It wraps the dependency's native build tooling in a Bazel-aware shell script, installing to a Bazel-managed prefix. The shell script is executed by Bash, with a few Bazel-specific extensions. See the [Bazel docs for "genrule"](https://docs.bazel.build/versions/master/be/general.html#genrule) for details on Bazel's shell extensions. 1. Add a BUILD file in [`bazel/external/`](external/), using a `genrule` target to build the dependency. Please do not add BUILD logic that replaces the dependency's upstream build tooling. 2. Define a new Bazel repository in [`bazel/repositories.bzl`](repositories.bzl), in the `envoy_dependencies()` function. The repository may use `genrule_repository` from [`bazel/genrule_repository.bzl`](genrule_repository.bzl) to place large genrule shell commands into a separate file. 3. Reference your new external dependency in some `envoy_cc_library` via Y in the `external_deps` attribute. 4. `bazel test //test/...` Dependencies between external libraries can use the standard Bazel dependency resolution logic, using the `$(location)` shell extension to resolve paths to binaries, libraries, headers, etc. # Adding external dependencies to Envoy (Python) Python dependencies should be added via `pip3` and `rules_python`. The process is: 1. Define a `pip3_import()` pointing at your target `requirements.txt` in [`bazel/repositories_extra.bzl`](repositories_extra.bzl) 2. Add a `pip_install()` invocation in [`bazel/dependency_imports.bzl`](dependency_imports.bzl). 3. Add a `requirements(" $ HEAPPROFILE=/tmp/mybin.heapprof bazel-bin/source/exe/envoy-static `CPUPROFILE` or `HEAPPROFILE` sets a location for the profiler output. (See *Methodology*.) There are several other environment variables that can be set to tweak the behavior of gperftools. See https://gperftools.github.io/gperftools/ for more details. ### Analyzing the profile [pprof](https://github.com/google/pprof) can be used to symbolize CPU and heap profiles. For example: $ pprof -text bazel-bin/source/exe/envoy-static /tmp/mybin.cpuprof ## Collecting CPU or heap profile for the full execution of a test target The profiler library is automatically linked into envoy_cc_test targets. Run a test with heap profiling enabled, like so: $ bazel test --test_env=HEAPPROFILE=/tmp/heapprof Run a test with CPU profiling enabled, like so: $ bazel test --test_env=CPUPROFILE=/tmp/cpuprof Note that heap checks and heap profile collection in tests have noticiable performance implications. Use the following command to collect a CPU profile from a test target with heap check and heap profile collection disabled: $ bazel test --test_env=CPUPROFILE=/tmp/cpuprof --test_env=HEAPPROFILE= --test_env=HEAPCHECK= ## Starting and stopping profile programmatically ### Add `tcmalloc_dep` dependency to envoy_cc_library rules It is possible to start/stop the CPU or heap profiler programmatically. The [Gperftools CPU Profiler](https://gperftools.github.io/gperftools/cpuprofile.html) is controlled by `ProfilerStart()`/`ProfilerStop()`, and the [Gperftools Heap Profiler](https://gperftools.github.io/gperftools/heapprofile.html) is controlled by `HeapProfilerStart()`, `HeapProfilerStop()` and `HeapProfilerDump()`. These functions are wrapped by Envoy objects defined in [`source/common/profiler/profiler.h`](https://github.com/envoyproxy/envoy/blob/master/source/common/profiler/profiler.h)). To enable profiling programmatically: 1. Add a library dependency on "//source/common/profiler:profiler_lib" to your envoy_cc_library build rule. 2. Use the `startProfiler`/`stopProfiler` methods of `Envoy::Profiler::Cpu` or `Envoy::Profiler::Heap` to collect a profile. Note that `startProfiler` should only be called if no other profile of that type is currently active (e.i. `profilerEnabled()` returns false). Example: ```c++ // includes #include "common/profiler/profiler.h" ... Function(...) { if (!Profiler::Cpu::startProfiler(profile_path)) { // Error handling } ... Do expensive stuff in one or more threads. ... // Stop the profiler and dump output to the `profile_path` specified when profile was started. Profiler::Cpu::stopProfiler(); } ``` ## Memory Profiling in Tests To support memory leaks detection, tests are built with gperftools dependencies enabled by default. ### Enabling Memory Profiling in Tests Use `HeapProfilerStart()`, `HeapProfilerStop()`, and `HeapProfilerDump()` to start, stop, and persist memory dumps, respectively. Please see [above](#adding-tcmalloc_dep-to-envoy) for more details. ### Bazel Configuration By default, bazel executes tests in a sandbox, which will be deleted together with memory dumps after the test run. To preserve memory dumps, bazel can be forced to run tests without sandboxing, by setting the ```TestRunner``` parameter to ```local```: ``` bazel test --strategy=TestRunner=local ... ``` An alternative is to set ```HEAPPROFILE``` environment variable for the test runner: ``` bazel test --test_env=HEAPPROFILE=/tmp/testprofile ... ``` # Methodology For consistent testing, it makes sense to run Envoy for a constant amount of time across trials: $ timeout bazel-bin/source/exe/envoy Envoy will print to stdout something like: Starting tracking the heap And then a series of stdouts like: Dumping heap profile to (100 MB currently in use) Dumping heap profile to (200 MB currently in use) ... This will generate a series of files; if you statically-linked, these are wherever `HEAPPROFILE` points to. Otherwise, they are in the current directory by default. They'll be named something like `main_common_base.0001.heap`, `main_common_base.0002.heap`, etc. *NB:* There is no reason this needs to be titled `main_common_base`. Whatever flag you supply `HeapProfilerStart` / `HeapProfilerDump` will become the filename. Multiple sections of code could be profiled simultaneously by setting multiple `HeapProfilerStart()` / `HeapProfilerStop()` breakpoints with unique identifiers. # Analyzing with `pprof` [pprof](https://github.com/google/pprof) can read these heap files in a number of ways. Most convenient for first-order inspection might be `pprof -top` or `pprof -text`: $ pprof -text bazel-bin/source/exe/envoy main_common_base* | head -n5 File: envoy Build ID: ... Type: inuse_space Showing nodes accounting for 6402800.62kB, 98.59% of 6494044.58kB total Dropped ... nodes (cum <= ...kB) More complex flame/graph charts can be generated and viewed in a browser, which is often more helpful than text-based output: $ pprof -http=localhost:9999 bazel-bin/source/exe/envoy main_common_base* ================================================ FILE: bazel/README.md ================================================ # Building Envoy with Bazel ## Installing Bazelisk as Bazel It is recommended to use [Bazelisk](https://github.com/bazelbuild/bazelisk) installed as `bazel`, to avoid Bazel compatibility issues. On Linux, run the following commands: ``` sudo wget -O /usr/local/bin/bazel https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-amd64 sudo chmod +x /usr/local/bin/bazel ``` On macOS, run the following command: ``` brew install bazelisk ``` On Windows, run the following commands: ``` mkdir %USERPROFILE%\bazel powershell Invoke-WebRequest https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-windows-amd64.exe -OutFile %USERPROFILE%\bazel\bazel.exe set PATH=%PATH%;%USERPROFILE%\bazel ``` If you're building from an revision of Envoy prior to August 2019, which doesn't contains a `.bazelversion` file, run `ci/run_envoy_docker.sh "bazel version"` to find the right version of Bazel and set the version to `USE_BAZEL_VERSION` environment variable to build. ## Production environments To build Envoy with Bazel in a production environment, where the [Envoy dependencies](https://www.envoyproxy.io/docs/envoy/latest/install/building.html#requirements) are typically independently sourced, the following steps should be followed: 1. Configure, build and/or install the [Envoy dependencies](https://www.envoyproxy.io/docs/envoy/latest/install/building.html#requirements). 1. `bazel build -c opt //source/exe:envoy-static` from the repository root. ## Quick start Bazel build for developers This section describes how to and what dependencies to install to get started building Envoy with Bazel. If you would rather use a pre-build Docker image with required tools installed, skip to [this section](#building-envoy-with-the-ci-docker-image). As a developer convenience, a [WORKSPACE](https://github.com/envoyproxy/envoy/blob/master/WORKSPACE) and [rules for building a recent version](https://github.com/envoyproxy/envoy/blob/master/bazel/repositories.bzl) of the various Envoy dependencies are provided. These are provided as is, they are only suitable for development and testing purposes. The specific versions of the Envoy dependencies used in this build may not be up-to-date with the latest security patches. See [this doc](https://github.com/envoyproxy/envoy/blob/master/bazel/EXTERNAL_DEPS.md#updating-an-external-dependency-version) for how to update or override dependencies. 1. Install external dependencies. ### Ubuntu On Ubuntu, run the following: ``` sudo apt-get install \ libtool \ cmake \ automake \ autoconf \ make \ ninja-build \ curl \ unzip \ virtualenv ``` ### Fedora On Fedora (maybe also other red hat distros), run the following: ``` dnf install cmake libtool libstdc++ libstdc++-static libatomic ninja-build lld patch aspell-en ``` ### Linux On Linux, we recommend using the prebuilt Clang+LLVM package from [LLVM official site](http://releases.llvm.org/download.html). Extract the tar.xz and run the following: ``` bazel/setup_clang.sh ``` This will setup a `clang.bazelrc` file in Envoy source root. If you want to make clang as default, run the following: ``` echo "build --config=clang" >> user.bazelrc ``` Note: Either `libc++` or `libstdc++-7-dev` (or higher) must be installed. These are typically available via a package manager, but may not be available in default repositories depending on OS version. To build against `libc++` build with the `--config=libc++` instead of the `--config=clang` flag. ### macOS On macOS, you'll need to install several dependencies. This can be accomplished via [Homebrew](https://brew.sh/): ``` brew install coreutils wget cmake libtool go bazel automake ninja clang-format autoconf aspell ``` _notes_: `coreutils` is used for `realpath`, `gmd5sum` and `gsha256sum` The full version of Xcode (not just Command Line Tools) is also required to build Envoy on macOS. Envoy compiles and passes tests with the version of clang installed by Xcode 11.1: Apple clang version 11.0.0 (clang-1100.0.33.8). In order for bazel to be aware of the tools installed by brew, the PATH variable must be set for bazel builds. This can be accomplished by setting this in your `user.bazelrc` file: ``` build --action_env=PATH="/usr/local/bin:/opt/local/bin:/usr/bin:/bin" ``` Alternatively, you can pass `--action_env` on the command line when running `bazel build`/`bazel test`. Having the binutils keg installed in Brew is known to cause issues due to putting an incompatible version of `ar` on the PATH, so if you run into issues building third party code like luajit consider uninstalling binutils. ### Windows Install bazelisk in the PATH using the `bazel.exe` executable name as described above in the first section. When building Envoy, Bazel creates very long path names. One way to work around these excessive path lengths is to change the output base directory for bazel to a very short root path. The CI pipeline for Windows uses `C:\_eb` as the bazel base path. This and other preferences should be set up by placing the following bazelrc configuration line in a system `%ProgramData%\bazel.bazelrc` file or the individual user's `%USERPROFILE%\.bazelrc` file (rather than including it on every bazel command line): ``` startup --output_base=C:/_eb ``` Bazel also creates file symlinks when building Envoy. It's strongly recommended to enable file symlink support using [Bazel's instructions](https://docs.bazel.build/versions/master/windows.html#enable-symlink-support). For other common issues, see the [Using Bazel on Windows](https://docs.bazel.build/versions/master/windows.html) page. [python3](https://www.python.org/downloads/): Specifically, the Windows-native flavor distributed by python.org. The POSIX flavor available via MSYS2, the Windows Store flavor and other distributions will not work. Add a symlink for `python3.exe` pointing to the installed `python.exe` for Envoy scripts and Bazel rules which follow POSIX python conventions. Add `pip.exe` to the PATH and install the `wheel` package. ``` mklink %USERPROFILE%\Python38\python3.exe %USERPROFILE%\Python38\python.exe set PATH=%PATH%;%USERPROFILE%\Python38 set PATH=%PATH%;%USERPROFILE%\Python38\Scripts pip install wheel ``` [Build Tools for Visual Studio 2019](https://visualstudio.microsoft.com/downloads/#build-tools-for-visual-studio-2019): For building with MSVC (the `msvc-cl` config option), you must install at least the VC++ workload. You may alternately install the entire Visual Studio 2019 and use the Build Tools installed in that package. Earlier versions of VC++ Build Tools/Visual Studio are not recommended or supported. If installed in a non-standard filesystem location, be sure to set the `BAZEL_VC` environment variable to the path of the VC++ package to allow Bazel to find your installation of VC++. NOTE: ensure that the `link.exe` that resolves on your PATH is from VC++ Build Tools and not `/usr/bin/link.exe` from MSYS2, which is determined by their relative ordering in your PATH. ``` set BAZEL_VC=%USERPROFILE%\VSBT2019\VC set PATH=%PATH%;%USERPROFILE%\VSBT2019\VC\Tools\MSVC\14.26.28801\bin\Hostx64\x64 ``` Ensure `CMake` and `ninja` binaries are on the PATH. The versions packaged with VC++ Build Tools are sufficient in most cases, but are 32 bit binaries. These flavors will not run in the project's GCP CI remote build environment, so 64 bit builds from the CMake and ninja projects are used instead. ``` set PATH=%PATH%;%USERPROFILE%\VSBT2019\Common7\IDE\CommonExtensions\Microsoft\CMake\CMake\bin set PATH=%PATH%;%USERPROFILE%\VSBT2019\Common7\IDE\CommonExtensions\Microsoft\CMake\Ninja ``` [MSYS2 shell](https://msys2.github.io/): Install to a path with no spaces, e.g. C:\msys32. Set the `BAZEL_SH` environment variable to the path of the installed MSYS2 `bash.exe` executable. Additionally, setting the `MSYS2_ARG_CONV_EXCL` environment variable to a value of `*` is often advisable to ensure argument parsing in the MSYS2 shell behaves as expected. ``` set PATH=%PATH%;%USERPROFILE%\msys64\usr\bin set BAZEL_SH=%USERPROFILE%\msys64\usr\bin\bash.exe set MSYS2_ARG_CONV_EXCL=* ``` Set the `TMPDIR` environment variable to a path usable as a temporary directory (e.g. `C:\Windows\TEMP`), and create a directory symlink `C:\c` to `C:\`, so that the MSYS2 path `/c/Windows/TEMP` is equivalent to the Windows path `C:\Windows\TEMP`: ``` set TMPDIR=C:\Windows\TEMP mklink /d C:\c C:\ ``` The TMPDIR path and MSYS2 `mktemp` command are used frequently by the `rules_foreign_cc` component of Bazel as well as Envoy's test scripts, causing problems if not set to a path accessible to both Windows and msys commands. [Note the `ci/windows_ci_steps.sh` script which builds envoy and run tests in CI creates this symlink automatically.] In the MSYS2 shell, install additional packages via pacman: ``` pacman -S diffutils patch unzip zip ``` [Git](https://git-scm.com/downloads): This version from the Git project, or the version distributed using pacman under MSYS2 will both work, ensure one is on the PATH:. ``` set PATH=%PATH%;%USERPROFILE%\Git\bin ``` Lastly, persist environment variable changes. NOTE: The paths in this document are given as examples, make sure to verify you are using the correct paths for your environment. Also note that these examples assume using a `cmd.exe` shell to set environment variables etc., be sure to do the equivalent if using a different shell. ``` setx PATH "%PATH%" setx BAZEL_SH "%BAZEL_SH%" setx MSYS2_ARG_CONV_EXCL "%MSYS2_ARG_CONV_EXCL%" setx BAZEL_VC "%BAZEL_VC%" setx TMPDIR "%TMPDIR%" ``` 1. Install Golang on your machine. This is required as part of building [BoringSSL](https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md) and also for [Buildifer](https://github.com/bazelbuild/buildtools) which is used for formatting bazel BUILD files. 1. `go get -u github.com/bazelbuild/buildtools/buildifier` to install buildifier. You may need to set `BUILDIFIER_BIN` to `$GOPATH/bin/buildifier` in your shell for buildifier to work. 1. `go get -u github.com/bazelbuild/buildtools/buildozer` to install buildozer. You may need to set `BUILDOZER_BIN` to `$GOPATH/bin/buildozer` in your shell for buildozer to work. 1. `bazel build //source/exe:envoy-static` from the Envoy source directory. Add `-c opt` for an optimized release build or `-c dbg` for an unoptimized, fully instrumented debugging build. ## Building Envoy with the CI Docker image Envoy can also be built with the Docker image used for CI, by installing Docker and executing the following. On Linux, run: ``` ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.dev' ``` From a Windows host with Docker installed, the Windows containers feature enabled, and bash (installed via MSYS2 or Git bash), run: ``` ./ci/run_envoy_docker.sh './ci/windows_ci_steps.sh' ``` See also the [documentation](https://github.com/envoyproxy/envoy/tree/master/ci) for developer use of the CI Docker image. ## Building Envoy with Remote Execution Envoy can also be built with Bazel [Remote Execution](https://docs.bazel.build/versions/master/remote-execution.html), part of the CI is running with the hosted [GCP RBE](https://blog.bazel.build/2018/10/05/remote-build-execution.html) service. To build Envoy with a remote build services, run Bazel with your remote build service flags and with `--config=remote-clang`. For example the following command runs build with the GCP RBE service used in CI: ``` bazel build //source/exe:envoy-static --config=remote-clang \ --remote_cache=grpcs://remotebuildexecution.googleapis.com \ --remote_executor=grpcs://remotebuildexecution.googleapis.com \ --remote_instance_name=projects/envoy-ci/instances/default_instance ``` Change the value of `--remote_cache`, `--remote_executor` and `--remote_instance_name` for your remote build services. Tests can be run in remote execution too. Note: Currently the test run configuration in `.bazelrc` doesn't download test binaries and test logs, to override the behavior set [`--experimental_remote_download_outputs`](https://docs.bazel.build/versions/master/command-line-reference.html#flag--experimental_remote_download_outputs) accordingly. ## Building Envoy with Docker sandbox Building Envoy with Docker sandbox uses the same Docker image used in CI with fixed C++ toolchain configuration. It produces more consistent output which is not depending on your local C++ toolchain. It can also help debugging issues with RBE. To build Envoy with Docker sandbox: ``` bazel build //source/exe:envoy-static --config=docker-clang ``` Tests can be run in docker sandbox too. Note that the network environment, such as IPv6, may be different in the docker sandbox so you may want set different options. See below to configure test IP versions. ## Linking against libc++ on Linux To link Envoy against libc++, follow the [quick start](#quick-start-bazel-build-for-developers) to setup Clang+LLVM and run: ``` bazel build --config=libc++ //source/exe:envoy-static ``` Or use our configuration with Remote Execution or Docker sandbox, pass `--config=remote-clang-libc++` or `--config=docker-clang-libc++` respectively. If you want to make libc++ as default, add a line `build --config=libc++` to the `user.bazelrc` file in Envoy source root. ## Using a compiler toolchain in a non-standard location By setting the `CC` and `LD_LIBRARY_PATH` in the environment that Bazel executes from as appropriate, an arbitrary compiler toolchain and standard library location can be specified. One slight caveat is that (at the time of writing), Bazel expects the binutils in `$(dirname $CC)` to be unprefixed, e.g. `as` instead of `x86_64-linux-gnu-as`. Note: this configuration currently doesn't work with Remote Execution or Docker sandbox, you have to generate a custom toolchains configuration for them. See [bazelbuild/bazel-toolchains](https://github.com/bazelbuild/bazel-toolchains) for more details. ## Supported compiler versions We now require Clang >= 5.0 due to known issues with std::string thread safety and C++14 support. GCC >= 7 is also known to work. Currently the CI is running with Clang 10. ## Clang STL debug symbols By default Clang drops some debug symbols that are required for pretty printing to work correctly. More information can be found [here](https://bugs.llvm.org/show_bug.cgi?id=24202). The easy solution is to set ```--copt=-fno-limit-debug-info``` on the CLI or in your .bazelrc file. ## Removing debug info If you don't want your debug or release binaries to contain debug info to reduce binary size, pass `--define=no_debug_info=1` when building. This is primarily useful when building envoy as a static library. When building a linked envoy binary you can build the implicit `.stripped` target from [`cc_binary`](https://docs.bazel.build/versions/master/be/c-cpp.html#cc_binary) or pass [`--strip=always`](https://docs.bazel.build/versions/master/command-line-reference.html#flag--strip) instead. # Testing Envoy with Bazel All the Envoy tests can be built and run with: ``` bazel test //test/... ``` An individual test target can be run with a more specific Bazel [label](https://bazel.build/versions/master/docs/build-ref.html#Labels), e.g. to build and run only the units tests in [test/common/http/async_client_impl_test.cc](https://github.com/envoyproxy/envoy/blob/master/test/common/http/async_client_impl_test.cc): ``` bazel test //test/common/http:async_client_impl_test ``` To observe more verbose test output: ``` bazel test --test_output=streamed //test/common/http:async_client_impl_test ``` It's also possible to pass into an Envoy test additional command-line args via `--test_arg`. For example, for extremely verbose test debugging: ``` bazel test --test_output=streamed //test/common/http:async_client_impl_test --test_arg="-l trace" ``` By default, testing exercises both IPv4 and IPv6 address connections. In IPv4 or IPv6 only environments, set the environment variable ENVOY_IP_TEST_VERSIONS to "v4only" or "v6only", respectively. ``` bazel test //test/... --test_env=ENVOY_IP_TEST_VERSIONS=v4only bazel test //test/... --test_env=ENVOY_IP_TEST_VERSIONS=v6only ``` By default, tests are run with the [gperftools](https://github.com/gperftools/gperftools) heap checker enabled in "normal" mode to detect leaks. For other mode options, see the gperftools heap checker [documentation](https://gperftools.github.io/gperftools/heap_checker.html). To disable the heap checker or change the mode, set the HEAPCHECK environment variable: ``` # Disables the heap checker bazel test //test/... --test_env=HEAPCHECK= # Changes the heap checker to "minimal" mode bazel test //test/... --test_env=HEAPCHECK=minimal ``` If you see a leak detected, by default the reported offsets will require `addr2line` interpretation. You can run under `--config=clang-asan` to have this automatically applied. Bazel will by default cache successful test results. To force it to rerun tests: ``` bazel test //test/common/http:async_client_impl_test --cache_test_results=no ``` Bazel will by default run all tests inside a sandbox, which disallows access to the local filesystem. If you need to break out of the sandbox (for example to run under a local script or tool with [`--run_under`](https://docs.bazel.build/versions/master/user-manual.html#flag--run_under)), you can run the test with `--strategy=TestRunner=local`, e.g.: ``` bazel test //test/common/http:async_client_impl_test --strategy=TestRunner=local --run_under=/some/path/foobar.sh ``` # Stack trace symbol resolution Envoy can produce backtraces on demand and from assertions and other fatal actions like segfaults. Where supported, stack traces will contain resolved symbols, though not include line numbers. On systems where absl::Symbolization is not supported, the stack traces written in the log or to stderr contain addresses rather than resolved symbols. If the symbols were resolved, the address is also included at the end of the line. The `tools/stack_decode.py` script exists to process the output and do additional symbol resolution including file names and line numbers. It requires the `addr2line` program be installed and in your path. Any log lines not relevant to the backtrace capability are passed through the script unchanged (it acts like a filter). File and line information is appended to the stack trace lines. The script runs in one of two modes. To process log input from stdin, pass `-s` as the first argument, followed by the executable file path. You can postprocess a log or pipe the output of an Envoy process. If you do not specify the `-s` argument it runs the arguments as a child process. This enables you to run a test with backtrace post processing. Bazel sandboxing must be disabled by specifying local execution. Example command line with `run_under`: ``` bazel test -c dbg //test/server:backtrace_test --run_under=`pwd`/tools/stack_decode.py --strategy=TestRunner=local --cache_test_results=no --test_output=all ``` Example using input on stdin: ``` bazel test -c dbg //test/server:backtrace_test --cache_test_results=no --test_output=streamed |& tools/stack_decode.py -s bazel-bin/test/server/backtrace_test ``` You will need to use either a `dbg` build type or the `opt` build type to get file and line symbol information in the binaries. By default main.cc will install signal handlers to print backtraces at the location where a fatal signal occurred. The signal handler will re-raise the fatal signal with the default handler so a core file will still be dumped after the stack trace is logged. To inhibit this behavior use `--define=signal_trace=disabled` on the Bazel command line. No signal handlers will be installed. # Running a single Bazel test under GDB ``` bazel build -c dbg //test/common/http:async_client_impl_test bazel build -c dbg //test/common/http:async_client_impl_test.dwp gdb bazel-bin/test/common/http/async_client_impl_test ``` We need to use `-c dbg` Bazel option to generate debugging symbols and without that GDB will not be very useful. The debugging symbols are stored as separate debugging information files (`.dwo` files) and we can build a DWARF package file with `.dwp ` target. The `.dwp` file need to be presented in the same folder with the binary for a full debugging experience. # Running Bazel tests requiring privileges Some tests may require privileges (e.g. CAP_NET_ADMIN) in order to execute. One option is to run them with elevated privileges, e.g. `sudo test`. However, that may not always be possible, particularly if the test needs to run in a CI pipeline. `tools/bazel-test-docker.sh` may be used in such situations to run the tests in a privileged docker container. The script works by wrapping the test execution in the current repository's circle ci build container, then executing it either locally or on a remote docker container. In both cases, the container runs with the `--privileged` flag, allowing it to execute operations which would otherwise be restricted. The command line format is: `tools/bazel-test-docker.sh [optional-flags-to-bazel]` The script uses two optional environment variables to control its behaviour: * `RUN_REMOTE=`: chooses whether to run on a remote docker server. * `LOCAL_MOUNT=`: copy/mount local libraries onto the docker container. Use `RUN_REMOTE=yes` when you don't want to run against your local docker instance. Note that you will need to override a few environment variables to set up the remote docker. The list of variables can be found in the [Documentation](https://docs.docker.com/engine/reference/commandline/cli/). Use `LOCAL_MOUNT=yes` when you are not building with the Envoy build container. This will ensure that the libraries against which the tests dynamically link will be available and of the correct version. ## Examples Running the http integration test in a privileged container: ```bash tools/bazel-test-docker.sh //test/integration:integration_test --jobs=4 -c dbg ``` Running the http integration test compiled locally against a privileged remote container: ```bash setup_remote_docker_variables RUN_REMOTE=yes MOUNT_LOCAL=yes tools/bazel-test-docker.sh //test/integration:integration_test \ --jobs=4 -c dbg ``` # Additional Envoy build and test options In general, there are 3 [compilation modes](https://docs.bazel.build/versions/master/user-manual.html#flag--compilation_mode) that Bazel supports: * `fastbuild`: `-O0`, aimed at developer speed (default). * `opt`: `-O2 -DNDEBUG -ggdb3 -gsplit-dwarf`, for production builds and performance benchmarking. * `dbg`: `-O0 -ggdb3 -gsplit-dwarf`, no optimization and debug symbols. You can use the `-c ` flag to control this, e.g. ``` bazel build -c opt //source/exe:envoy-static ``` To override the compilation mode and optimize the build for binary size, you can use the `sizeopt` configuration: ``` bazel build //source/exe:envoy-static --config=sizeopt ``` ## Sanitizers To build and run tests with the gcc compiler's [address sanitizer (ASAN)](https://github.com/google/sanitizers/wiki/AddressSanitizer) and [undefined behavior (UBSAN)](https://developers.redhat.com/blog/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan) sanitizer enabled: ``` bazel test -c dbg --config=asan //test/... ``` The ASAN failure stack traces include line numbers as a result of running ASAN with a `dbg` build above. If the stack trace is not symbolized, try setting the ASAN_SYMBOLIZER_PATH environment variable to point to the llvm-symbolizer binary (or make sure the llvm-symbolizer is in your $PATH). If you have clang-5.0 or newer, additional checks are provided with: ``` bazel test -c dbg --config=clang-asan //test/... ``` [Thread sanitizer (TSAN)](https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual) tests rely on a TSAN-instrumented version of libc++ and can be run under the docker sandbox: ``` bazel test -c dbg --config=docker-tsan //test/... ``` Alternatively, you can build a local copy of TSAN-instrumented libc++. Follow the [quick start](#quick-start-bazel-build-for-developers) instruction to setup Clang+LLVM environment. Download LLVM sources from the [LLVM official site](https://github.com/llvm/llvm-project) ``` curl -sSfL "https://github.com/llvm/llvm-project/archive/llvmorg-10.0.0.tar.gz" | tar zx ``` Configure and build a TSAN-instrumented libc++. Please note that `LLVM_USE_SANITIZER=Thread` preprocessor definition is used to enable TSAN instrumentation, and `CMAKE_INSTALL_PREFIX="/opt/libcxx_tsan"` defines the installation directory path. ``` mkdir tsan pushd tsan cmake -GNinja -DLLVM_ENABLE_PROJECTS="libcxxabi;libcxx" -DLLVM_USE_LINKER=lld -DLLVM_USE_SANITIZER=Thread -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DCMAKE_INSTALL_PREFIX="/opt/libcxx_tsan" "../llvm-project-llvmorg-10.0.0/llvm" ninja install-cxx install-cxxabi rm -rf /opt/libcxx_tsan/include ``` Generate local_tsan.bazelrc containing bazel configuration for tsan tests: ``` bazel/setup_local_tsan.sh ``` To execute TSAN tests using the local instrumented libc++ library pass `--config=local-tsan` to bazel: ``` bazel test --config=local-tsan //test/... ``` For [memory sanitizer (MSAN)](https://github.com/google/sanitizers/wiki/MemorySanitizer) testing, it has to be run under the docker sandbox which comes with MSAN instrumented libc++: ``` bazel test -c dbg --config=docker-msan //test/... ``` To run the sanitizers on OS X, prefix `macos-` to the config option, e.g.: ``` bazel test -c dbg --config=macos-asan //test/... ``` ## Log Verbosity Log verbosity is controlled at runtime in all builds. To obtain `nghttp2` traces, you can set `ENVOY_NGHTTP2_TRACE` in the environment for enhanced logging at `-l trace`. For example, in tests: ``` bazel test //test/integration:protocol_integration_test --test_output=streamed \ --test_arg="-l trace" --test_env="ENVOY_NGHTTP2_TRACE=" ``` ## Disabling optional features The following optional features can be disabled on the Bazel build command-line: * Hot restart with `--define hot_restart=disabled` * Google C++ gRPC client with `--define google_grpc=disabled` * Backtracing on signals with `--define signal_trace=disabled` * Active stream state dump on signals with `--define signal_trace=disabled` or `--define disable_object_dump_on_signal_trace=disabled` * tcmalloc with `--define tcmalloc=disabled`. Also you can choose Gperftools' implementation of tcmalloc with `--define tcmalloc=gperftools` which is the default for non-x86 builds. * deprecated features with `--define deprecated_features=disabled` ## Enabling optional features The following optional features can be enabled on the Bazel build command-line: * Exported symbols during linking with `--define exported_symbols=enabled`. This is useful in cases where you have a lua script that loads shared object libraries, such as those installed via luarocks. * Perf annotation with `--define perf_annotation=enabled` (see source/common/common/perf_annotation.h for details). * BoringSSL can be built in a FIPS-compliant mode with `--define boringssl=fips` (see [FIPS 140-2](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/ssl#fips-140-2) for details). * ASSERT() can be configured to log failures and increment a stat counter in a release build with `--define log_debug_assert_in_release=enabled`. The default behavior is to compile debug assertions out of release builds so that the condition is not evaluated. This option has no effect in debug builds. * memory-debugging (scribbling over memory after allocation and before freeing) with `--define tcmalloc=debug`. Note this option cannot be used with FIPS-compliant mode BoringSSL and tcmalloc is built from the sources of Gperftools. * Default [path normalization](https://github.com/envoyproxy/envoy/issues/6435) with `--define path_normalization_by_default=true`. Note this still could be disable by explicit xDS config. * Manual stamping via VersionInfo with `--define manual_stamp=manual_stamp`. This is needed if the `version_info_lib` is compiled via a non-binary bazel rules, e.g `envoy_cc_library`. Otherwise, the linker will fail to resolve symbols that are included via the `linktamp` rule, which is only available to binary targets. This is being tracked as a feature in: https://github.com/envoyproxy/envoy/issues/6859. * Process logging for Android applications can be enabled with `--define logger=android`. * Excluding assertions for known issues with `--define disable_known_issue_asserts=true`. A KNOWN_ISSUE_ASSERT is an assertion that should pass (like all assertions), but sometimes fails for some as-yet unidentified or unresolved reason. Because it is known to potentially fail, it can be compiled out even when DEBUG is true, when this flag is set. This allows Envoy to be run in production with assertions generally enabled, without crashing for known issues. KNOWN_ISSUE_ASSERT should only be used for newly-discovered issues that represent benign violations of expectations. * Envoy can be linked to [`zlib-ng`](https://github.com/zlib-ng/zlib-ng) instead of [`zlib`](https://zlib.net) with `--define zlib=ng`. ## Disabling extensions Envoy uses a modular build which allows extensions to be removed if they are not needed or desired. Extensions that can be removed are contained in [extensions_build_config.bzl](../source/extensions/extensions_build_config.bzl). Use the following procedure to customize the extensions for your build: * The Envoy build assumes that a Bazel repository named `@envoy_build_config` exists which contains the file `@envoy_build_config//:extensions_build_config.bzl`. In the default build, a synthetic repository is created containing [extensions_build_config.bzl](../source/extensions/extensions_build_config.bzl). Thus, the default build has all extensions. * Start by creating a new Bazel workspace somewhere in the filesystem that your build can access. This workspace should contain: * Empty WORKSPACE file. * Empty BUILD file. * A copy of [extensions_build_config.bzl](../source/extensions/extensions_build_config.bzl). * Comment out any extensions that you don't want to build in your file copy. To have your local build use your overridden configuration repository there are two options: 1. Use the [`--override_repository`](https://docs.bazel.build/versions/master/command-line-reference.html) CLI option to override the `@envoy_build_config` repo. 2. Use the following snippet in your WORKSPACE before you load the Envoy repository. E.g., ``` workspace(name = "envoy") local_repository( name = "envoy_build_config", # Relative paths are also supported. path = "/somewhere/on/filesystem/envoy_build_config", ) local_repository( name = "envoy", # Relative paths are also supported. path = "/somewhere/on/filesystem/envoy", ) ... ``` ## Extra extensions If you are building your own Envoy extensions or custom Envoy builds and encounter visibility problems with, you may need to adjust the default visibility rules to be public, as documented in [extensions_build_config.bzl](../source/extensions/extensions_build_config.bzl). See the instructions above about how to create your own custom version of [extensions_build_config.bzl](../source/extensions/extensions_build_config.bzl). # Release builds Release builds should be built in `opt` mode, processed with `strip` and have a `.note.gnu.build-id` section with the Git SHA1 at which the build took place. They should also ignore any local `.bazelrc` for reproducibility. This can be achieved with: ``` bazel --bazelrc=/dev/null build -c opt //source/exe:envoy-static.stripped ``` One caveat to note is that the Git SHA1 is truncated to 16 bytes today as a result of the workaround in place for https://github.com/bazelbuild/bazel/issues/2805. # Coverage builds To generate coverage results, make sure you are using a clang toolchain and have `llvm-cov` and `llvm-profdata` in your `PATH`. Then run: ``` test/run_envoy_bazel_coverage.sh ``` The summary results are printed to the standard output and the full coverage report is available in `generated/coverage/coverage.html`. To generate coverage results for fuzz targets, use the `FUZZ_COVERAGE` environment variable, e.g.: ``` FUZZ_COVERAGE=true VALIDATE_COVERAGE=false test/run_envoy_bazel_coverage.sh ``` This generates a coverage report for fuzz targets after running the target for one minute against fuzzing engine libfuzzer using its coprus as initial seed inputs. The full coverage report will be available in `generated/fuzz_coverage/coverage.html`. Coverage for every PR is available in Circle in the "artifacts" tab of the coverage job. You will need to navigate down and open "coverage.html" but then you can navigate per normal. NOTE: We have seen some issues with seeing the artifacts tab. If you can't see it, log out of Circle, and then log back in and it should start working. The latest coverage report for master is available [here](https://storage.googleapis.com/envoy-postsubmit/master/coverage/index.html). The latest fuzz coverage report for master is available [here](https://storage.googleapis.com/envoy-postsubmit/master/fuzz_coverage/index.html). It's also possible to specialize the coverage build to a specified test or test dir. This is useful when doing things like exploring the coverage of a fuzzer over its corpus. This can be done by passing coverage targets as the command-line arguments and using the `VALIDATE_COVERAGE` environment variable, e.g. for a fuzz test: ``` FUZZ_COVERAGE=true VALIDATE_COVERAGE=false test/run_envoy_bazel_coverage.sh //test/common/common:base64_fuzz_test ``` # Cleaning the build and test artifacts `bazel clean` will nuke all the build/test artifacts from the Bazel cache for Envoy proper. To remove the artifacts for the external dependencies run `bazel clean --expunge`. If something goes really wrong and none of the above work to resolve a stale build issue, you can always remove your Bazel cache completely. It is likely located in `~/.cache/bazel`. # Adding or maintaining Envoy build rules See the [developer guide for writing Envoy Bazel rules](DEVELOPER.md). # Bazel performance on (virtual) machines with low resources If the (virtual) machine that is performing the build is low on memory or CPU resources, you can override Bazel's default job parallelism determination with `--jobs=N` to restrict the build to at most `N` simultaneous jobs, e.g.: ``` bazel build --jobs=2 //source/exe:envoy-static ``` # Debugging the Bazel build When trying to understand what Bazel is doing, the `-s` and `--explain` options are useful. To have Bazel provide verbose output on which commands it is executing: ``` bazel build -s //source/exe:envoy-static ``` To have Bazel emit to a text file the rationale for rebuilding a target: ``` bazel build --explain=file.txt //source/exe:envoy-static ``` To get more verbose explanations: ``` bazel build --explain=file.txt --verbose_explanations //source/exe:envoy-static ``` # Resolving paths in bazel build output Sometimes it's useful to see real system paths in bazel error message output (vs. symbolic links). `tools/path_fix.sh` is provided to help with this. See the comments in that file. # Compilation database Run `tools/gen_compilation_database.py` to generate a [JSON Compilation Database](https://clang.llvm.org/docs/JSONCompilationDatabase.html). This could be used with any tools (e.g. clang-tidy) compatible with the format. It is recommended to run this script with `TEST_TMPDIR` set, so the Bazel artifacts doesn't get cleaned up in next `bazel build` or `bazel test`. The compilation database could also be used to setup editors with cross reference, code completion. For example, you can use [You Complete Me](https://valloric.github.io/YouCompleteMe/) or [clangd](https://clangd.llvm.org/) with supported editors. For example, use following command to prepare a compilation database: ``` TEST_TMPDIR=/tmp tools/gen_compilation_database.py ``` # Running clang-format without docker The easiest way to run the clang-format check/fix commands is to run them via docker, which helps ensure the right toolchain is set up. However you may prefer to run clang-format scripts on your workstation directly: * It's possible there is a speed advantage * Docker itself can sometimes go awry and you then have to deal with that * Type-ahead doesn't always work when waiting running a command through docker To run the tools directly, you must install the correct version of clang. This may change over time, check the version of clang in the docker image. You must also have 'buildifier' installed from the bazel distribution. Edit the paths shown here to reflect the installation locations on your system: ```shell export CLANG_FORMAT="$HOME/ext/clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04/bin/clang-format" export BUILDIFIER_BIN="/usr/bin/buildifier" ``` Once this is set up, you can run clang-format without docker: ```shell ./tools/code_format/check_format.py check ./tools/spelling/check_spelling.sh check ./tools/code_format/check_format.py fix ./tools/spelling/check_spelling.sh fix ``` # Advanced caching setup Setting up an HTTP cache for Bazel output helps optimize Bazel performance and resource usage when using multiple compilation modes or multiple trees. ## Setup local cache You may use any [Remote Caching](https://docs.bazel.build/versions/master/remote-caching.html) backend as an alternative to this. This requires Go 1.11+, follow the [instructions](https://golang.org/doc/install#install) to install if you don't have one. To start the cache, run the following from the root of the Envoy repository (or anywhere else that the Go toolchain can find the necessary dependencies): ``` go run github.com/buchgr/bazel-remote --dir ${HOME}/bazel_cache --host 127.0.0.1 --port 28080 --max_size 64 ``` See [Bazel remote cache](https://github.com/buchgr/bazel-remote) for more information on the parameters. The command above will setup a maximum 64 GiB cache at `~/bazel_cache` on port 28080. You might want to setup a larger cache if you run ASAN builds. NOTE: Using docker to run remote cache server described in remote cache docs will likely have slower cache performance on macOS due to slow disk performance on Docker for Mac. Adding the following parameter to Bazel everytime or persist them in `.bazelrc`. ``` --remote_http_cache=http://127.0.0.1:28080/ ``` ================================================ FILE: bazel/antlr.patch ================================================ diff --git a/runtime/Cpp/runtime/src/atn/ATNDeserializer.cpp b/runtime/Cpp/runtime/src/atn/ATNDeserializer.cpp index c6cceda13..e86533759 100755 --- a/runtime/Cpp/runtime/src/atn/ATNDeserializer.cpp +++ b/runtime/Cpp/runtime/src/atn/ATNDeserializer.cpp @@ -104,7 +104,7 @@ void deserializeSets( } -ATNDeserializer::ATNDeserializer(): ATNDeserializer(ATNDeserializationOptions::getDefaultOptions()) { +ATNDeserializer::ATNDeserializer(): ATNDeserializer(ATNDeserializationOptions()) { } ATNDeserializer::ATNDeserializer(const ATNDeserializationOptions& dso): deserializationOptions(dso) { diff --git a/runtime/Cpp/runtime/src/atn/LexerATNSimulator.cpp b/runtime/Cpp/runtime/src/atn/LexerATNSimulator.cpp index 827c3d59f..62914cf55 100755 --- a/runtime/Cpp/runtime/src/atn/LexerATNSimulator.cpp +++ b/runtime/Cpp/runtime/src/atn/LexerATNSimulator.cpp @@ -69,7 +69,7 @@ void LexerATNSimulator::copyState(LexerATNSimulator *simulator) { } size_t LexerATNSimulator::match(CharStream *input, size_t mode) { - match_calls++; + // match_calls++; _mode = mode; ssize_t mark = input->mark(); ================================================ FILE: bazel/api_binding.bzl ================================================ def _default_envoy_api_impl(ctx): ctx.file("WORKSPACE", "") api_dirs = [ "BUILD", "bazel", "envoy", "examples", "test", "tools", "versioning", ] for d in api_dirs: ctx.symlink(ctx.path(ctx.attr.envoy_root).dirname.get_child(ctx.attr.reldir).get_child(d), d) _default_envoy_api = repository_rule( implementation = _default_envoy_api_impl, attrs = { "envoy_root": attr.label(default = "@envoy//:BUILD"), "reldir": attr.string(), }, ) def envoy_api_binding(): # Treat the data plane API as an external repo, this simplifies exporting # the API to https://github.com/envoyproxy/data-plane-api. This is the # shadow API for Envoy internal use, see #9479. if "envoy_api" not in native.existing_rules().keys(): _default_envoy_api(name = "envoy_api", reldir = "generated_api_shadow") # We also provide the non-shadowed API for developer use (see #9479). if "envoy_api_raw" not in native.existing_rules().keys(): _default_envoy_api(name = "envoy_api_canonical", reldir = "api") # TODO(https://github.com/envoyproxy/envoy/issues/7719) need to remove both bindings and use canonical rules native.bind( name = "api_httpbody_protos", actual = "@com_google_googleapis//google/api:httpbody_cc_proto", ) native.bind( name = "http_api_protos", actual = "@com_google_googleapis//google/api:annotations_cc_proto", ) ================================================ FILE: bazel/api_repositories.bzl ================================================ load("@envoy_api//bazel:repositories.bzl", "api_dependencies") def envoy_api_dependencies(): api_dependencies() ================================================ FILE: bazel/boringssl_static.patch ================================================ diff --git a/BUILD b/BUILD index d7c731bf6..315cdeca0 100644 --- a/BUILD +++ b/BUILD @@ -88,6 +88,7 @@ boringssl_copts = select({ ":windows_x86_64": [ "-DWIN32_LEAN_AND_MEAN", "-DOPENSSL_NO_ASM", + "-DBORINGSSL_IMPLEMENTATION", ], "//conditions:default": ["-DOPENSSL_NO_ASM"], }) @@ -141,6 +142,7 @@ cc_library( ":windows_x86_64": ["-defaultlib:advapi32.lib"], "//conditions:default": ["-lpthread"], }), + linkstatic = True, visibility = ["//visibility:public"], ) @@ -150,6 +152,7 @@ cc_library( hdrs = ssl_headers, copts = boringssl_copts_cxx, includes = ["src/include"], + linkstatic = True, visibility = ["//visibility:public"], deps = [ ":crypto", ================================================ FILE: bazel/coverage/BUILD ================================================ licenses(["notice"]) # Apache 2 # TODO(lizan): Add test for this and upstream to upstream Bazel. filegroup( name = "coverage_support", srcs = ["collect_cc_coverage.sh"], ) exports_files(["fuzz_coverage_wrapper.sh"]) ================================================ FILE: bazel/coverage/collect_cc_coverage.sh ================================================ #!/bin/bash -x # # This is a fork of https://github.com/bazelbuild/bazel/blob/3.1.0/tools/test/collect_cc_coverage.sh # to cover most of use cases in Envoy. # TODO(lizan): Move this to upstream Bazel # # Copyright 2016 The Bazel Authors. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # This script collects code coverage data for C++ sources, after the tests # were executed. # # Bazel C++ code coverage collection support is poor and limited. There is # an ongoing effort to improve this (tracking issue #1118). # # Bazel uses the lcov tool for gathering coverage data. There is also # an experimental support for clang llvm coverage, which uses the .profraw # data files to compute the coverage report. # # This script assumes the following environment variables are set: # - COVERAGE_DIR Directory containing metadata files needed for # coverage collection (e.g. gcda files, profraw). # - COVERAGE_MANIFEST Location of the instrumented file manifest. # - COVERAGE_GCOV_PATH Location of gcov. This is set by the TestRunner. # - COVERAGE_GCOV_OPTIONS Additional options to pass to gcov. # - ROOT Location from where the code coverage collection # was invoked. # # The script looks in $COVERAGE_DIR for the C++ metadata coverage files (either # gcda or profraw) and uses either lcov or gcov to get the coverage data. # The coverage data is placed in $COVERAGE_OUTPUT_FILE. read -ra COVERAGE_GCOV_OPTIONS <<< "${COVERAGE_GCOV_OPTIONS:-}" # Checks if clang llvm coverage should be used instead of lcov. function uses_llvm() { if stat "${COVERAGE_DIR}"/*.profraw >/dev/null 2>&1; then return 0 fi return 1 } # Returns 0 if gcov must be used, 1 otherwise. function uses_gcov() { [[ "$GCOV_COVERAGE" -eq "1" ]] && return 0 return 1 } function init_gcov() { # Symlink the gcov tool such with a link called gcov. Clang comes with a tool # called llvm-cov, which behaves like gcov if symlinked in this way (otherwise # we would need to invoke it with "llvm-cov gcov"). # For more details see https://llvm.org/docs/CommandGuide/llvm-cov.html. GCOV="${COVERAGE_DIR}/gcov" ln -s "${COVERAGE_GCOV_PATH}" "${GCOV}" } # Computes code coverage data using the clang generated metadata found under # $COVERAGE_DIR. # Writes the collected coverage into the given output file. function llvm_coverage() { local output_file="${1}" object_file object_files object_param=() shift export LLVM_PROFILE_FILE="${COVERAGE_DIR}/%h-%p-%m.profraw" "${COVERAGE_GCOV_PATH}" merge -output "${output_file}.data" \ "${COVERAGE_DIR}"/*.profraw object_files="$(find -L "${RUNFILES_DIR}" -type f -exec file -L {} \; \ | grep ELF | grep -v "LSB core" | sed 's,:.*,,')" for object_file in ${object_files}; do object_param+=(-object "${object_file}") done llvm-cov export -instr-profile "${output_file}.data" -format=lcov \ -ignore-filename-regex='.*external/.+' \ -ignore-filename-regex='/tmp/.+' \ "${object_param[@]}" | sed 's#/proc/self/cwd/##' > "${output_file}" } # Generates a code coverage report in gcov intermediate text format by invoking # gcov and using the profile data (.gcda) and notes (.gcno) files. # # The profile data files are expected to be found under $COVERAGE_DIR. # The notes file are expected to be found under $ROOT. # # - output_file The location of the file where the generated code coverage # report is written. function gcov_coverage() { local gcda gcno_path line output_file="${1}" shift # Copy .gcno files next to their corresponding .gcda files in $COVERAGE_DIR # because gcov expects them to be in the same directory. while read -r line; do if [[ ${line: -4} == "gcno" ]]; then gcno_path=${line} gcda="${COVERAGE_DIR}/$(dirname "${gcno_path}")/$(basename "${gcno_path}" .gcno).gcda" # If the gcda file was not found we skip generating coverage from the gcno # file. if [[ -f "$gcda" ]]; then # gcov expects both gcno and gcda files to be in the same directory. # We overcome this by copying the gcno to $COVERAGE_DIR where the gcda # files are expected to be. if [ ! -f "${COVERAGE_DIR}/${gcno_path}" ]; then mkdir -p "${COVERAGE_DIR}/$(dirname "${gcno_path}")" cp "$ROOT/${gcno_path}" "${COVERAGE_DIR}/${gcno_path}" fi # Invoke gcov to generate a code coverage report with the flags: # -i Output gcov file in an intermediate text format. # The output is a single .gcov file per .gcda file. # No source code is required. # -o directory The directory containing the .gcno and # .gcda data files. # "${gcda"} The input file name. gcov is looking for data files # named after the input filename without its extension. # gcov produces files called .gcov in the current # directory. These contain the coverage information of the source file # they correspond to. One .gcov file is produced for each source # (or header) file containing code which was compiled to produce the # .gcda files. # Don't generate branch coverage (-b) because of a gcov issue that # segfaults when both -i and -b are used (see # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84879). "${GCOV}" -i "${COVERAGE_GCOV_OPTIONS[@]}" -o "$(dirname "${gcda}")" "${gcda}" # Append all .gcov files in the current directory to the output file. cat ./*.gcov >> "$output_file" # Delete the .gcov files. rm ./*.gcov fi fi done < "${COVERAGE_MANIFEST}" } function main() { init_gcov # If llvm code coverage is used, we output the raw code coverage report in # the $COVERAGE_OUTPUT_FILE. This report will not be converted to any other # format by LcovMerger. # TODO(#5881): Convert profdata reports to lcov. if uses_llvm; then BAZEL_CC_COVERAGE_TOOL="PROFDATA" fi # When using either gcov or lcov, have an output file specific to the test # and format used. For lcov we generate a ".dat" output file and for gcov # a ".gcov" output file. It is important that these files are generated under # COVERAGE_DIR. # When this script is invoked by tools/test/collect_coverage.sh either of # these two coverage reports will be picked up by LcovMerger and their # content will be converted and/or merged with other reports to an lcov # format, generating the final code coverage report. case "$BAZEL_CC_COVERAGE_TOOL" in ("GCOV") gcov_coverage "$COVERAGE_DIR/_cc_coverage.gcov" ;; ("PROFDATA") llvm_coverage "$COVERAGE_DIR/_cc_coverage.dat" ;; (*) echo "Coverage tool $BAZEL_CC_COVERAGE_TOOL not supported" \ && exit 1 esac } main ================================================ FILE: bazel/coverage/fuzz_coverage_wrapper.sh ================================================ #!/bin/bash set -ex TEST_BINARY=$1 shift # Clear existing corpus if previous run wasn't in sandbox rm -rf fuzz_corpus mkdir -p fuzz_corpus/seed_corpus cp -r "$@" fuzz_corpus/seed_corpus # TODO(asraa): When fuzz targets are stable, remove error suppression and run coverage while fuzzing. LLVM_PROFILE_FILE='' ${TEST_BINARY} fuzz_corpus -seed="${FUZZ_CORPUS_SEED:-1}" -max_total_time="${FUZZ_CORPUS_TIME:-60}" -max_len=2048 -rss_limit_mb=8192 -timeout=30 || : # Passing files instead of a directory will run fuzzing as a regression test. # TODO(asraa): Remove manual `|| :`, but this shouldn't be necessary. _CORPUS="$(find fuzz_corpus -type f)" while read -r line; do CORPUS+=("$line"); done \ <<< "$_CORPUS" ${TEST_BINARY} "${CORPUS[@]}" -rss_limit_mb=8192 || : ================================================ FILE: bazel/crates.bzl ================================================ """ cargo-raze crate workspace functions DO NOT EDIT! Replaced on runs of cargo-raze """ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") load("@bazel_tools//tools/build_defs/repo:git.bzl", "new_git_repository") def _new_http_archive(name, **kwargs): if not native.existing_rule(name): http_archive(name = name, **kwargs) def _new_git_repository(name, **kwargs): if not native.existing_rule(name): new_git_repository(name = name, **kwargs) def raze_fetch_remote_crates(): _new_http_archive( name = "raze__ahash__0_3_8", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/ahash/ahash-0.3.8.crate", type = "tar.gz", strip_prefix = "ahash-0.3.8", build_file = Label("//bazel/external/cargo/remote:ahash-0.3.8.BUILD"), ) _new_http_archive( name = "raze__autocfg__1_0_0", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/autocfg/autocfg-1.0.0.crate", type = "tar.gz", strip_prefix = "autocfg-1.0.0", build_file = Label("//bazel/external/cargo/remote:autocfg-1.0.0.BUILD"), ) _new_http_archive( name = "raze__cfg_if__0_1_10", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/cfg-if/cfg-if-0.1.10.crate", type = "tar.gz", strip_prefix = "cfg-if-0.1.10", build_file = Label("//bazel/external/cargo/remote:cfg-if-0.1.10.BUILD"), ) _new_http_archive( name = "raze__hashbrown__0_7_2", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/hashbrown/hashbrown-0.7.2.crate", type = "tar.gz", strip_prefix = "hashbrown-0.7.2", build_file = Label("//bazel/external/cargo/remote:hashbrown-0.7.2.BUILD"), ) _new_http_archive( name = "raze__libc__0_2_74", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/libc/libc-0.2.74.crate", type = "tar.gz", strip_prefix = "libc-0.2.74", build_file = Label("//bazel/external/cargo/remote:libc-0.2.74.BUILD"), ) _new_http_archive( name = "raze__log__0_4_11", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/log/log-0.4.11.crate", type = "tar.gz", strip_prefix = "log-0.4.11", build_file = Label("//bazel/external/cargo/remote:log-0.4.11.BUILD"), ) _new_http_archive( name = "raze__memory_units__0_4_0", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/memory_units/memory_units-0.4.0.crate", type = "tar.gz", strip_prefix = "memory_units-0.4.0", build_file = Label("//bazel/external/cargo/remote:memory_units-0.4.0.BUILD"), ) _new_http_archive( name = "raze__proxy_wasm__0_1_2", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/proxy-wasm/proxy-wasm-0.1.2.crate", type = "tar.gz", strip_prefix = "proxy-wasm-0.1.2", build_file = Label("//bazel/external/cargo/remote:proxy-wasm-0.1.2.BUILD"), ) _new_http_archive( name = "raze__wee_alloc__0_4_5", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/wee_alloc/wee_alloc-0.4.5.crate", type = "tar.gz", strip_prefix = "wee_alloc-0.4.5", build_file = Label("//bazel/external/cargo/remote:wee_alloc-0.4.5.BUILD"), ) _new_http_archive( name = "raze__winapi__0_3_9", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/winapi/winapi-0.3.9.crate", type = "tar.gz", strip_prefix = "winapi-0.3.9", build_file = Label("//bazel/external/cargo/remote:winapi-0.3.9.BUILD"), ) _new_http_archive( name = "raze__winapi_i686_pc_windows_gnu__0_4_0", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/winapi-i686-pc-windows-gnu/winapi-i686-pc-windows-gnu-0.4.0.crate", type = "tar.gz", strip_prefix = "winapi-i686-pc-windows-gnu-0.4.0", build_file = Label("//bazel/external/cargo/remote:winapi-i686-pc-windows-gnu-0.4.0.BUILD"), ) _new_http_archive( name = "raze__winapi_x86_64_pc_windows_gnu__0_4_0", url = "https://crates-io.s3-us-west-1.amazonaws.com/crates/winapi-x86_64-pc-windows-gnu/winapi-x86_64-pc-windows-gnu-0.4.0.crate", type = "tar.gz", strip_prefix = "winapi-x86_64-pc-windows-gnu-0.4.0", build_file = Label("//bazel/external/cargo/remote:winapi-x86_64-pc-windows-gnu-0.4.0.BUILD"), ) ================================================ FILE: bazel/dependency_imports.bzl ================================================ load("@rules_foreign_cc//:workspace_definitions.bzl", "rules_foreign_cc_dependencies") load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies") load("@envoy_build_tools//toolchains:rbe_toolchains_config.bzl", "rbe_toolchains_config") load("@bazel_toolchains//rules/exec_properties:exec_properties.bzl", "create_rbe_exec_properties_dict", "custom_exec_properties") load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies", "go_repository") load("@build_bazel_rules_apple//apple:repositories.bzl", "apple_rules_dependencies") load("@upb//bazel:repository_defs.bzl", upb_bazel_version_repository = "bazel_version_repository") load("@io_bazel_rules_rust//rust:repositories.bzl", "rust_repositories") load("@io_bazel_rules_rust//:workspace.bzl", "bazel_version") load("@config_validation_pip3//:requirements.bzl", config_validation_pip_install = "pip_install") load("@configs_pip3//:requirements.bzl", configs_pip_install = "pip_install") load("@headersplit_pip3//:requirements.bzl", headersplit_pip_install = "pip_install") load("@kafka_pip3//:requirements.bzl", kafka_pip_install = "pip_install") load("@protodoc_pip3//:requirements.bzl", protodoc_pip_install = "pip_install") load("@thrift_pip3//:requirements.bzl", thrift_pip_install = "pip_install") load("@rules_antlr//antlr:deps.bzl", "antlr_dependencies") # go version for rules_go GO_VERSION = "1.14.7" def envoy_dependency_imports(go_version = GO_VERSION): rules_foreign_cc_dependencies() go_rules_dependencies() go_register_toolchains(go_version) rbe_toolchains_config() gazelle_dependencies() apple_rules_dependencies() rust_repositories() bazel_version(name = "bazel_version") upb_bazel_version_repository(name = "upb_bazel_version") antlr_dependencies(472) custom_exec_properties( name = "envoy_large_machine_exec_property", constants = { "LARGE_MACHINE": create_rbe_exec_properties_dict(labels = dict(size = "large")), }, ) go_repository( name = "org_golang_google_grpc", build_file_proto_mode = "disable", importpath = "google.golang.org/grpc", sum = "h1:EC2SB8S04d2r73uptxphDSUG+kTKVgjRPF+N3xpxRB4=", version = "v1.29.1", ) go_repository( name = "org_golang_x_net", importpath = "golang.org/x/net", sum = "h1:fHDIZ2oxGnUZRN6WgWFCbYBjH9uqVPRCUVUDhs0wnbA=", version = "v0.0.0-20190813141303-74dc4d7220e7", ) go_repository( name = "org_golang_x_text", importpath = "golang.org/x/text", sum = "h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=", version = "v0.3.0", ) config_validation_pip_install() configs_pip_install() headersplit_pip_install() kafka_pip_install() protodoc_pip_install() thrift_pip_install() ================================================ FILE: bazel/dev_binding.bzl ================================================ def _default_envoy_dev_impl(ctxt): if "LLVM_CONFIG" in ctxt.os.environ: ctxt.file("WORKSPACE", "") ctxt.file("BUILD.bazel", "") ctxt.symlink(ctxt.path(ctxt.attr.envoy_root).dirname.get_child("tools").get_child("clang_tools"), "clang_tools") _default_envoy_dev = repository_rule( implementation = _default_envoy_dev_impl, attrs = { "envoy_root": attr.label(default = "@envoy//:BUILD"), }, ) def _clang_tools_impl(ctxt): if "LLVM_CONFIG" in ctxt.os.environ: llvm_config_path = ctxt.os.environ["LLVM_CONFIG"] exec_result = ctxt.execute([llvm_config_path, "--includedir"]) if exec_result.return_code != 0: fail(llvm_config_path + " --includedir returned %d" % exec_result.return_code) clang_tools_include_path = exec_result.stdout.rstrip() exec_result = ctxt.execute([llvm_config_path, "--libdir"]) if exec_result.return_code != 0: fail(llvm_config_path + " --libdir returned %d" % exec_result.return_code) clang_tools_lib_path = exec_result.stdout.rstrip() for include_dir in ["clang", "clang-c", "llvm", "llvm-c"]: ctxt.symlink(clang_tools_include_path + "/" + include_dir, include_dir) ctxt.symlink(clang_tools_lib_path, "lib") ctxt.symlink(Label("@envoy_dev//clang_tools/support:BUILD.prebuilt"), "BUILD") _clang_tools = repository_rule( implementation = _clang_tools_impl, environ = ["LLVM_CONFIG"], ) def envoy_dev_binding(): # Treat the Envoy developer tools that require llvm as an external repo, this avoids # breaking bazel build //... when llvm is not installed. if "envoy_dev" not in native.existing_rules().keys(): _default_envoy_dev(name = "envoy_dev") _clang_tools(name = "clang_tools") ================================================ FILE: bazel/envoy_binary.bzl ================================================ load("@rules_cc//cc:defs.bzl", "cc_binary") # DO NOT LOAD THIS FILE. Load envoy_build_system.bzl instead. # Envoy binary targets load( ":envoy_internal.bzl", "envoy_copts", "envoy_external_dep_path", "envoy_stdlib_deps", "tcmalloc_external_dep", ) # Envoy C++ binary targets should be specified with this function. def envoy_cc_binary( name, srcs = [], data = [], testonly = 0, visibility = None, external_deps = [], repository = "", stamped = False, deps = [], linkopts = [], tags = []): if not linkopts: linkopts = _envoy_linkopts() if stamped: linkopts = linkopts + _envoy_stamped_linkopts() deps = deps + _envoy_stamped_deps() deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + envoy_stdlib_deps() cc_binary( name = name, srcs = srcs, data = data, copts = envoy_copts(repository), linkopts = linkopts, testonly = testonly, linkstatic = 1, visibility = visibility, malloc = tcmalloc_external_dep(repository), stamp = 1, deps = deps, tags = tags, ) # Select the given values if exporting is enabled in the current build. def _envoy_select_exported_symbols(xs): return select({ "@envoy//bazel:enable_exported_symbols": xs, "//conditions:default": [], }) # Compute the final linkopts based on various options. def _envoy_linkopts(): return select({ # The macOS system library transitively links common libraries (e.g., pthread). "@envoy//bazel:apple": [ # See note here: https://luajit.org/install.html "-pagezero_size 10000", "-image_base 100000000", ], "@envoy//bazel:windows_x86_64": [ "-DEFAULTLIB:advapi32.lib", "-DEFAULTLIB:ws2_32.lib", "-DEFAULTLIB:iphlpapi.lib", "-WX", ], "//conditions:default": [ "-pthread", "-lrt", "-ldl", "-Wl,-z,relro,-z,now", "-Wl,--hash-style=gnu", ], }) + select({ "@envoy//bazel:boringssl_fips": [], "@envoy//bazel:windows_x86_64": [], "//conditions:default": ["-pie"], }) + _envoy_select_exported_symbols(["-Wl,-E"]) def _envoy_stamped_deps(): return select({ "@envoy//bazel:windows_x86_64": [], "@envoy//bazel:apple": [ "@envoy//bazel:raw_build_id.ldscript", ], "//conditions:default": [ "@envoy//bazel:gnu_build_id.ldscript", ], }) def _envoy_stamped_linkopts(): return select({ # Coverage builds in CI are failing to link when setting a build ID. # # /usr/bin/ld.gold: internal error in write_build_id, at ../../gold/layout.cc:5419 "@envoy//bazel:coverage_build": [], "@envoy//bazel:windows_x86_64": [], # macOS doesn't have an official equivalent to the `.note.gnu.build-id` # ELF section, so just stuff the raw ID into a new text section. "@envoy//bazel:apple": [ "-sectcreate __TEXT __build_id", "$(location @envoy//bazel:raw_build_id.ldscript)", ], # Note: assumes GNU GCC (or compatible) handling of `--build-id` flag. "//conditions:default": [ "-Wl,@$(location @envoy//bazel:gnu_build_id.ldscript)", ], }) ================================================ FILE: bazel/envoy_build_system.bzl ================================================ # The main Envoy bazel file. Load this file for all Envoy-specific build macros # and rules that you'd like to use in your BUILD files. load("@rules_foreign_cc//tools/build_defs:cmake.bzl", "cmake_external") load(":envoy_binary.bzl", _envoy_cc_binary = "envoy_cc_binary") load(":envoy_internal.bzl", "envoy_external_dep_path") load( ":envoy_library.bzl", _envoy_basic_cc_library = "envoy_basic_cc_library", _envoy_cc_extension = "envoy_cc_extension", _envoy_cc_library = "envoy_cc_library", _envoy_cc_posix_library = "envoy_cc_posix_library", _envoy_cc_win32_library = "envoy_cc_win32_library", _envoy_include_prefix = "envoy_include_prefix", _envoy_proto_library = "envoy_proto_library", ) load( ":envoy_select.bzl", _envoy_select_boringssl = "envoy_select_boringssl", _envoy_select_google_grpc = "envoy_select_google_grpc", _envoy_select_hot_restart = "envoy_select_hot_restart", _envoy_select_new_codecs_in_integration_tests = "envoy_select_new_codecs_in_integration_tests", _envoy_select_wasm = "envoy_select_wasm", _envoy_select_wasm_all_v8_wavm_none = "envoy_select_wasm_all_v8_wavm_none", _envoy_select_wasm_v8 = "envoy_select_wasm_v8", _envoy_select_wasm_wavm = "envoy_select_wasm_wavm", ) load( ":envoy_test.bzl", _envoy_benchmark_test = "envoy_benchmark_test", _envoy_cc_benchmark_binary = "envoy_cc_benchmark_binary", _envoy_cc_fuzz_test = "envoy_cc_fuzz_test", _envoy_cc_mock = "envoy_cc_mock", _envoy_cc_test = "envoy_cc_test", _envoy_cc_test_binary = "envoy_cc_test_binary", _envoy_cc_test_library = "envoy_cc_test_library", _envoy_py_test_binary = "envoy_py_test_binary", _envoy_sh_test = "envoy_sh_test", ) load( "@envoy_build_config//:extensions_build_config.bzl", "EXTENSION_PACKAGE_VISIBILITY", ) def envoy_package(): native.package(default_visibility = ["//visibility:public"]) def envoy_extension_package(): native.package(default_visibility = EXTENSION_PACKAGE_VISIBILITY) # A genrule variant that can output a directory. This is useful when doing things like # generating a fuzz corpus mechanically. def _envoy_directory_genrule_impl(ctx): tree = ctx.actions.declare_directory(ctx.attr.name + ".outputs") ctx.actions.run_shell( inputs = ctx.files.srcs, tools = ctx.files.tools, outputs = [tree], command = "mkdir -p " + tree.path + " && " + ctx.expand_location(ctx.attr.cmd), env = {"GENRULE_OUTPUT_DIR": tree.path}, ) return [DefaultInfo(files = depset([tree]))] envoy_directory_genrule = rule( implementation = _envoy_directory_genrule_impl, attrs = { "srcs": attr.label_list(), "cmd": attr.string(), "tools": attr.label_list(), }, ) # External CMake C++ library targets should be specified with this function. This defaults # to building the dependencies with ninja def envoy_cmake_external( name, cache_entries = {}, debug_cache_entries = {}, cmake_options = ["-GNinja"], make_commands = ["ninja -v", "ninja -v install"], lib_source = "", postfix_script = "", static_libraries = [], copy_pdb = False, pdb_name = "", cmake_files_dir = "$BUILD_TMPDIR/CMakeFiles", generate_crosstool_file = False, **kwargs): cache_entries.update({"CMAKE_BUILD_TYPE": "Bazel"}) cache_entries_debug = dict(cache_entries) cache_entries_debug.update(debug_cache_entries) pf = "" if copy_pdb: # TODO: Add iterator of the first list presented of these options; # static_libraries[.pdb], pdb_names, name[.pdb] files if pdb_name == "": pdb_name = name copy_command = "cp {cmake_files_dir}/{pdb_name}.dir/{pdb_name}.pdb $INSTALLDIR/lib/{pdb_name}.pdb".format(cmake_files_dir = cmake_files_dir, pdb_name = pdb_name) if postfix_script != "": copy_command = copy_command + " && " + postfix_script pf = select({ "@envoy//bazel:windows_dbg_build": copy_command, "//conditions:default": postfix_script, }) else: pf = postfix_script cmake_external( name = name, cache_entries = select({ "@envoy//bazel:dbg_build": cache_entries_debug, "//conditions:default": cache_entries, }), cmake_options = cmake_options, # TODO(lizan): Make this always true generate_crosstool_file = select({ "@envoy//bazel:windows_x86_64": True, "//conditions:default": generate_crosstool_file, }), lib_source = lib_source, make_commands = make_commands, postfix_script = pf, static_libraries = static_libraries, **kwargs ) # Used to select a dependency that has different implementations on POSIX vs Windows. # The platform-specific implementations should be specified with envoy_cc_posix_library # and envoy_cc_win32_library respectively def envoy_cc_platform_dep(name): return select({ "@envoy//bazel:windows_x86_64": [name + "_win32"], "//conditions:default": [name + "_posix"], }) # Envoy proto descriptor targets should be specified with this function. # This is used for testing only. def envoy_proto_descriptor(name, out, srcs = [], external_deps = []): input_files = ["$(location " + src + ")" for src in srcs] include_paths = [".", native.package_name()] if "api_httpbody_protos" in external_deps: srcs.append("@com_google_googleapis//google/api:httpbody.proto") include_paths.append("external/com_google_googleapis") if "http_api_protos" in external_deps: srcs.append("@com_google_googleapis//google/api:annotations.proto") srcs.append("@com_google_googleapis//google/api:http.proto") include_paths.append("external/com_google_googleapis") if "well_known_protos" in external_deps: srcs.append("@com_google_protobuf//:well_known_protos") include_paths.append("external/com_google_protobuf/src") options = ["--include_imports"] options.extend(["-I" + include_path for include_path in include_paths]) options.append("--descriptor_set_out=$@") cmd = "$(location //external:protoc) " + " ".join(options + input_files) native.genrule( name = name, srcs = srcs, outs = [out], cmd = cmd, tools = ["//external:protoc"], ) # Dependencies on Google grpc should be wrapped with this function. def envoy_google_grpc_external_deps(): return envoy_select_google_grpc([envoy_external_dep_path("grpc")]) # Here we create wrappers for each of the public targets within the separate bazel # files loaded above. This maintains envoy_build_system.bzl as the preferred import # for BUILD files that need these build macros. Do not use the imports directly # from the other bzl files (e.g. envoy_select.bzl, envoy_binary.bzl, etc.) # Select wrappers (from envoy_select.bzl) envoy_select_boringssl = _envoy_select_boringssl envoy_select_google_grpc = _envoy_select_google_grpc envoy_select_hot_restart = _envoy_select_hot_restart envoy_select_wasm = _envoy_select_wasm envoy_select_wasm_all_v8_wavm_none = _envoy_select_wasm_all_v8_wavm_none envoy_select_wasm_wavm = _envoy_select_wasm_wavm envoy_select_wasm_v8 = _envoy_select_wasm_v8 envoy_select_new_codecs_in_integration_tests = _envoy_select_new_codecs_in_integration_tests # Binary wrappers (from envoy_binary.bzl) envoy_cc_binary = _envoy_cc_binary # Library wrappers (from envoy_library.bzl) envoy_basic_cc_library = _envoy_basic_cc_library envoy_cc_extension = _envoy_cc_extension envoy_cc_library = _envoy_cc_library envoy_cc_posix_library = _envoy_cc_posix_library envoy_cc_win32_library = _envoy_cc_win32_library envoy_include_prefix = _envoy_include_prefix envoy_proto_library = _envoy_proto_library # Test wrappers (from envoy_test.bzl) envoy_cc_fuzz_test = _envoy_cc_fuzz_test envoy_cc_mock = _envoy_cc_mock envoy_cc_test = _envoy_cc_test envoy_cc_test_binary = _envoy_cc_test_binary envoy_cc_test_library = _envoy_cc_test_library envoy_cc_benchmark_binary = _envoy_cc_benchmark_binary envoy_benchmark_test = _envoy_benchmark_test envoy_py_test_binary = _envoy_py_test_binary envoy_sh_test = _envoy_sh_test ================================================ FILE: bazel/envoy_internal.bzl ================================================ # DO NOT LOAD THIS FILE. Targets from this file should be considered private # and not used outside of the @envoy//bazel package. load(":envoy_select.bzl", "envoy_select_google_grpc", "envoy_select_hot_restart") # Compute the final copts based on various options. def envoy_copts(repository, test = False): posix_options = [ "-Wall", "-Wextra", "-Werror", "-Wnon-virtual-dtor", "-Woverloaded-virtual", "-Wold-style-cast", "-Wformat", "-Wformat-security", "-Wvla", ] # Windows options for cleanest service compilation; # General MSVC C++ options for Envoy current expectations. # Target windows.h for all Windows 10 (0x0A) API prototypes (ntohll etc) # (See https://msdn.microsoft.com/en-us/library/windows/desktop/aa383745(v=vs.85).aspx ) # Optimize Windows headers by dropping GUI-oriented features from compilation msvc_options = [ "-WX", "-Zc:__cplusplus", "-DWIN32", "-D_WIN32_WINNT=0x0A00", # _WIN32_WINNT_WIN10 "-DNTDDI_VERSION=0x0A000000", # NTDDI_WIN10 "-DWIN32_LEAN_AND_MEAN", "-DNOUSER", "-DNOMCX", "-DNOIME", "-DNOCRYPT", # Ignore unguarded gcc pragmas in quiche (unrecognized by MSVC) # TODO(wrowe): Drop this change when fixed in bazel/external/quiche.genrule_cmd "-wd4068", # this is to silence the incorrect MSVC compiler warning when trying to convert between # std::optional data types while conversions between primitive types are producing no error "-wd4244", ] return select({ repository + "//bazel:windows_x86_64": msvc_options, "//conditions:default": posix_options, }) + select({ # Bazel adds an implicit -DNDEBUG for opt. repository + "//bazel:opt_build": [] if test else ["-ggdb3", "-gsplit-dwarf"], repository + "//bazel:fastbuild_build": [], repository + "//bazel:dbg_build": ["-ggdb3", "-gsplit-dwarf"], repository + "//bazel:windows_opt_build": [], repository + "//bazel:windows_fastbuild_build": [], repository + "//bazel:windows_dbg_build": [], }) + select({ repository + "//bazel:clang_build": ["-fno-limit-debug-info", "-Wgnu-conditional-omitted-operand", "-Wc++2a-extensions", "-Wrange-loop-analysis"], repository + "//bazel:gcc_build": ["-Wno-maybe-uninitialized"], "//conditions:default": [], }) + select({ repository + "//bazel:no_debug_info": ["-g0"], "//conditions:default": [], }) + select({ repository + "//bazel:disable_tcmalloc": ["-DABSL_MALLOC_HOOK_MMAP_DISABLE"], repository + "//bazel:disable_tcmalloc_on_linux_x86_64": ["-DABSL_MALLOC_HOOK_MMAP_DISABLE"], repository + "//bazel:gperftools_tcmalloc": ["-DGPERFTOOLS_TCMALLOC"], repository + "//bazel:gperftools_tcmalloc_on_linux_x86_64": ["-DGPERFTOOLS_TCMALLOC"], repository + "//bazel:debug_tcmalloc": ["-DENVOY_MEMORY_DEBUG_ENABLED=1", "-DGPERFTOOLS_TCMALLOC"], repository + "//bazel:debug_tcmalloc_on_linux_x86_64": ["-DENVOY_MEMORY_DEBUG_ENABLED=1", "-DGPERFTOOLS_TCMALLOC"], repository + "//bazel:linux_x86_64": ["-DTCMALLOC"], "//conditions:default": ["-DGPERFTOOLS_TCMALLOC"], }) + select({ repository + "//bazel:disable_signal_trace": [], "//conditions:default": ["-DENVOY_HANDLE_SIGNALS"], }) + select({ repository + "//bazel:disable_object_dump_on_signal_trace": [], "//conditions:default": ["-DENVOY_OBJECT_TRACE_ON_DUMP"], }) + select({ repository + "//bazel:disable_deprecated_features": ["-DENVOY_DISABLE_DEPRECATED_FEATURES"], "//conditions:default": [], }) + select({ repository + "//bazel:enable_log_debug_assert_in_release": ["-DENVOY_LOG_DEBUG_ASSERT_IN_RELEASE"], "//conditions:default": [], }) + select({ repository + "//bazel:disable_known_issue_asserts": ["-DENVOY_DISABLE_KNOWN_ISSUE_ASSERTS"], "//conditions:default": [], }) + select({ # APPLE_USE_RFC_3542 is needed to support IPV6_PKTINFO in MAC OS. repository + "//bazel:apple": ["-D__APPLE_USE_RFC_3542"], "//conditions:default": [], }) + envoy_select_hot_restart(["-DENVOY_HOT_RESTART"], repository) + \ _envoy_select_perf_annotation(["-DENVOY_PERF_ANNOTATION"]) + \ envoy_select_google_grpc(["-DENVOY_GOOGLE_GRPC"], repository) + \ _envoy_select_path_normalization_by_default(["-DENVOY_NORMALIZE_PATH_BY_DEFAULT"], repository) # References to Envoy external dependencies should be wrapped with this function. def envoy_external_dep_path(dep): return "//external:%s" % dep def envoy_linkstatic(): return select({ "@envoy//bazel:dynamic_link_tests": 0, "//conditions:default": 1, }) def envoy_select_force_libcpp(if_libcpp, default = None): return select({ "@envoy//bazel:force_libcpp": if_libcpp, "@envoy//bazel:apple": [], "@envoy//bazel:windows_x86_64": [], "//conditions:default": default or [], }) def envoy_stdlib_deps(): return select({ "@envoy//bazel:asan_build": ["@envoy//bazel:dynamic_stdlib"], "@envoy//bazel:msan_build": ["@envoy//bazel:dynamic_stdlib"], "@envoy//bazel:tsan_build": ["@envoy//bazel:dynamic_stdlib"], "//conditions:default": ["@envoy//bazel:static_stdlib"], }) # Dependencies on tcmalloc_and_profiler should be wrapped with this function. def tcmalloc_external_dep(repository): return select({ repository + "//bazel:disable_tcmalloc": None, repository + "//bazel:disable_tcmalloc_on_linux_x86_64": None, repository + "//bazel:debug_tcmalloc": envoy_external_dep_path("gperftools"), repository + "//bazel:debug_tcmalloc_on_linux_x86_64": envoy_external_dep_path("gperftools"), repository + "//bazel:gperftools_tcmalloc": envoy_external_dep_path("gperftools"), repository + "//bazel:gperftools_tcmalloc_on_linux_x86_64": envoy_external_dep_path("gperftools"), repository + "//bazel:linux_x86_64": envoy_external_dep_path("tcmalloc"), "//conditions:default": envoy_external_dep_path("gperftools"), }) # Select the given values if default path normalization is on in the current build. def _envoy_select_path_normalization_by_default(xs, repository = ""): return select({ repository + "//bazel:enable_path_normalization_by_default": xs, "//conditions:default": [], }) def _envoy_select_perf_annotation(xs): return select({ "@envoy//bazel:enable_perf_annotation": xs, "//conditions:default": [], }) ================================================ FILE: bazel/envoy_library.bzl ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") # DO NOT LOAD THIS FILE. Load envoy_build_system.bzl instead. # Envoy library targets load( ":envoy_internal.bzl", "envoy_copts", "envoy_external_dep_path", "envoy_linkstatic", ) load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load( "@envoy_build_config//:extensions_build_config.bzl", "EXTENSION_CONFIG_VISIBILITY", ) # As above, but wrapped in list form for adding to dep lists. This smell seems needed as # SelectorValue values have to match the attribute type. See # https://github.com/bazelbuild/bazel/issues/2273. def tcmalloc_external_deps(repository): return select({ repository + "//bazel:disable_tcmalloc": [], repository + "//bazel:disable_tcmalloc_on_linux_x86_64": [], repository + "//bazel:debug_tcmalloc": [envoy_external_dep_path("gperftools")], repository + "//bazel:debug_tcmalloc_on_linux_x86_64": [envoy_external_dep_path("gperftools")], repository + "//bazel:gperftools_tcmalloc": [envoy_external_dep_path("gperftools")], repository + "//bazel:gperftools_tcmalloc_on_linux_x86_64": [envoy_external_dep_path("gperftools")], repository + "//bazel:linux_x86_64": [envoy_external_dep_path("tcmalloc")], "//conditions:default": [envoy_external_dep_path("gperftools")], }) # Envoy C++ library targets that need no transformations or additional dependencies before being # passed to cc_library should be specified with this function. Note: this exists to ensure that # all envoy targets pass through an envoy-declared Starlark function where they can be modified # before being passed to a native bazel function. def envoy_basic_cc_library(name, deps = [], external_deps = [], **kargs): cc_library( name = name, deps = deps + [envoy_external_dep_path(dep) for dep in external_deps], **kargs ) # All Envoy extensions must be tagged with their security hardening stance with # respect to downstream and upstream data plane threats. These are verbose # labels intended to make clear the trust that operators may place in # extensions. EXTENSION_SECURITY_POSTURES = [ # This extension is hardened against untrusted downstream traffic. It # assumes that the upstream is trusted. "robust_to_untrusted_downstream", # This extension is hardened against both untrusted downstream and upstream # traffic. "robust_to_untrusted_downstream_and_upstream", # This extension is not hardened and should only be used in deployments # where both the downstream and upstream are trusted. "requires_trusted_downstream_and_upstream", # This is functionally equivalent to # requires_trusted_downstream_and_upstream, but acts as a placeholder to # allow us to identify extensions that need classifying. "unknown", # Not relevant to data plane threats, e.g. stats sinks. "data_plane_agnostic", ] EXTENSION_STATUS_VALUES = [ # This extension is stable and is expected to be production usable. "stable", # This extension is functional but has not had substantial production burn # time, use only with this caveat. "alpha", # This extension is work-in-progress. Functionality is incomplete and it is # not intended for production use. "wip", ] def envoy_cc_extension( name, security_posture, # Only set this for internal, undocumented extensions. undocumented = False, status = "stable", tags = [], extra_visibility = [], visibility = EXTENSION_CONFIG_VISIBILITY, **kwargs): if security_posture not in EXTENSION_SECURITY_POSTURES: fail("Unknown extension security posture: " + security_posture) if status not in EXTENSION_STATUS_VALUES: fail("Unknown extension status: " + status) if "//visibility:public" not in visibility: visibility = visibility + extra_visibility envoy_cc_library(name, tags = tags, visibility = visibility, **kwargs) # Envoy C++ library targets should be specified with this function. def envoy_cc_library( name, srcs = [], hdrs = [], copts = [], visibility = None, external_deps = [], tcmalloc_dep = None, repository = "", tags = [], deps = [], strip_include_prefix = None, textual_hdrs = None, defines = []): if tcmalloc_dep: deps += tcmalloc_external_deps(repository) cc_library( name = name, srcs = srcs, hdrs = hdrs, copts = envoy_copts(repository) + copts, visibility = visibility, tags = tags, textual_hdrs = textual_hdrs, deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + [ repository + "//include/envoy/common:base_includes", repository + "//source/common/common:fmt_lib", envoy_external_dep_path("abseil_flat_hash_map"), envoy_external_dep_path("abseil_flat_hash_set"), envoy_external_dep_path("abseil_strings"), envoy_external_dep_path("spdlog"), envoy_external_dep_path("fmtlib"), ], include_prefix = envoy_include_prefix(native.package_name()), alwayslink = 1, linkstatic = envoy_linkstatic(), strip_include_prefix = strip_include_prefix, defines = defines, ) # Intended for usage by external consumers. This allows them to disambiguate # include paths via `external/envoy...` cc_library( name = name + "_with_external_headers", hdrs = hdrs, copts = envoy_copts(repository) + copts, visibility = visibility, tags = ["nocompdb"], deps = [":" + name], strip_include_prefix = strip_include_prefix, ) # Used to specify a library that only builds on POSIX def envoy_cc_posix_library(name, srcs = [], hdrs = [], **kargs): envoy_cc_library( name = name + "_posix", srcs = select({ "@envoy//bazel:windows_x86_64": [], "//conditions:default": srcs, }), hdrs = select({ "@envoy//bazel:windows_x86_64": [], "//conditions:default": hdrs, }), **kargs ) # Used to specify a library that only builds on Windows def envoy_cc_win32_library(name, srcs = [], hdrs = [], **kargs): envoy_cc_library( name = name + "_win32", srcs = select({ "@envoy//bazel:windows_x86_64": srcs, "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:windows_x86_64": hdrs, "//conditions:default": [], }), **kargs ) # Transform the package path (e.g. include/envoy/common) into a path for # exporting the package headers at (e.g. envoy/common). Source files can then # include using this path scheme (e.g. #include "envoy/common/time.h"). def envoy_include_prefix(path): if path.startswith("source/") or path.startswith("include/"): return "/".join(path.split("/")[1:]) return None # Envoy proto targets should be specified with this function. def envoy_proto_library(name, external_deps = [], **kwargs): api_cc_py_proto_library( name, # Avoid generating .so, we don't need it, can interfere with builds # such as OSS-Fuzz. linkstatic = 1, visibility = ["//visibility:public"], **kwargs ) ================================================ FILE: bazel/envoy_select.bzl ================================================ # DO NOT LOAD THIS FILE. Load envoy_build_system.bzl instead. # Envoy select targets. This is in a separate file to avoid a circular # dependency with envoy_build_system.bzl. # Used to select a dependency that has different implementations on POSIX vs Windows. # The platform-specific implementations should be specified with envoy_cc_posix_library # and envoy_cc_win32_library respectively def envoy_cc_platform_dep(name): return select({ "@envoy//bazel:windows_x86_64": [name + "_win32"], "//conditions:default": [name + "_posix"], }) def envoy_select_boringssl(if_fips, default = None, if_disabled = None): return select({ "@envoy//bazel:boringssl_fips": if_fips, "@envoy//bazel:boringssl_disabled": if_disabled or [], "//conditions:default": default or [], }) # Selects the given values if Google gRPC is enabled in the current build. def envoy_select_google_grpc(xs, repository = ""): return select({ repository + "//bazel:disable_google_grpc": [], "//conditions:default": xs, }) # Selects the given values if hot restart is enabled in the current build. def envoy_select_hot_restart(xs, repository = ""): return select({ repository + "//bazel:disable_hot_restart_or_apple": [], "//conditions:default": xs, }) # Selects the given values depending on the WASM runtimes enabled in the current build. def envoy_select_wasm(xs): return select({ "@envoy//bazel:wasm_none": [], "//conditions:default": xs, }) def envoy_select_wasm_v8(xs): return select({ "@envoy//bazel:wasm_wavm": [], "@envoy//bazel:wasm_none": [], "//conditions:default": xs, }) def envoy_select_wasm_wavm(xs): return select({ "@envoy//bazel:wasm_all": xs, "@envoy//bazel:wasm_wavm": xs, "//conditions:default": [], }) def envoy_select_wasm_all_v8_wavm_none(xs1, xs2, xs3, xs4): return select({ "@envoy//bazel:wasm_all": xs1, "@envoy//bazel:wasm_v8": xs2, "@envoy//bazel:wasm_wavm": xs3, "@envoy//bazel:wasm_none": xs4, "//conditions:default": xs2, }) # Select the given values if use legacy codecs in test is on in the current build. def envoy_select_new_codecs_in_integration_tests(xs, repository = ""): return select({ repository + "//bazel:enable_new_codecs_in_integration_tests": xs, "//conditions:default": [], }) ================================================ FILE: bazel/envoy_test.bzl ================================================ load("@rules_python//python:defs.bzl", "py_binary") load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test") # DO NOT LOAD THIS FILE. Load envoy_build_system.bzl instead. # Envoy test targets. This includes both test library and test binary targets. load("@bazel_tools//tools/build_defs/pkg:pkg.bzl", "pkg_tar") load(":envoy_binary.bzl", "envoy_cc_binary") load(":envoy_library.bzl", "tcmalloc_external_deps") load( ":envoy_internal.bzl", "envoy_copts", "envoy_external_dep_path", "envoy_linkstatic", "envoy_select_force_libcpp", "envoy_stdlib_deps", "tcmalloc_external_dep", ) # Envoy C++ related test infrastructure (that want gtest, gmock, but may be # relied on by envoy_cc_test_library) should use this function. def _envoy_cc_test_infrastructure_library( name, srcs = [], hdrs = [], data = [], external_deps = [], deps = [], repository = "", tags = [], include_prefix = None, copts = [], **kargs): # Add implicit tcmalloc external dependency(if available) in order to enable CPU and heap profiling in tests. deps += tcmalloc_external_deps(repository) cc_library( name = name, srcs = srcs, hdrs = hdrs, data = data, copts = envoy_copts(repository, test = True) + copts, testonly = 1, deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + [ envoy_external_dep_path("googletest"), ], tags = tags, include_prefix = include_prefix, alwayslink = 1, linkstatic = envoy_linkstatic(), **kargs ) # Compute the test linkopts based on various options. def _envoy_test_linkopts(): return select({ "@envoy//bazel:apple": [ # See note here: https://luajit.org/install.html "-pagezero_size 10000", "-image_base 100000000", ], "@envoy//bazel:windows_x86_64": [ "-DEFAULTLIB:advapi32.lib", "-DEFAULTLIB:ws2_32.lib", "-DEFAULTLIB:iphlpapi.lib", "-WX", ], # TODO(mattklein123): It's not great that we universally link against the following libs. # In particular, -latomic and -lrt are not needed on all platforms. Make this more granular. "//conditions:default": ["-pthread", "-lrt", "-ldl"], }) + envoy_select_force_libcpp([], ["-lstdc++fs", "-latomic"]) # Envoy C++ fuzz test targets. These are not included in coverage runs. def envoy_cc_fuzz_test( name, corpus, dictionaries = [], repository = "", size = "medium", deps = [], tags = [], **kwargs): if not (corpus.startswith("//") or corpus.startswith(":") or corpus.startswith("@")): corpus_name = name + "_corpus" corpus = native.glob([corpus + "/**"]) native.filegroup( name = corpus_name, srcs = corpus, ) else: corpus_name = corpus tar_src = [corpus_name] if dictionaries: tar_src += dictionaries pkg_tar( name = name + "_corpus_tar", srcs = tar_src, testonly = 1, ) fuzz_copts = ["-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"] test_lib_name = name + "_lib" envoy_cc_test_library( name = test_lib_name, deps = deps + envoy_stdlib_deps() + [ repository + "//test/fuzz:fuzz_runner_lib", repository + "//test/test_common:test_version_linkstamp", ], repository = repository, tags = tags, **kwargs ) cc_test( name = name, copts = fuzz_copts + envoy_copts("@envoy", test = True), linkopts = _envoy_test_linkopts() + select({ "@envoy//bazel:libfuzzer": ["-fsanitize=fuzzer"], "//conditions:default": [], }), linkstatic = envoy_linkstatic(), args = select({ "@envoy//bazel:libfuzzer_coverage": ["$(locations %s)" % corpus_name], "@envoy//bazel:libfuzzer": [], "//conditions:default": ["$(locations %s)" % corpus_name], }), data = [corpus_name], # No fuzzing on macOS or Windows deps = select({ "@envoy//bazel:apple": [repository + "//test:dummy_main"], "@envoy//bazel:windows_x86_64": [repository + "//test:dummy_main"], "@envoy//bazel:libfuzzer": [ ":" + test_lib_name, ], "//conditions:default": [ ":" + test_lib_name, repository + "//test/fuzz:main", ], }), size = size, tags = ["fuzz_target"] + tags, ) # This target exists only for # https://github.com/google/oss-fuzz/blob/master/projects/envoy/build.sh. It won't yield # anything useful on its own, as it expects to be run in an environment where the linker options # provide a path to FuzzingEngine. cc_binary( name = name + "_driverless", copts = fuzz_copts + envoy_copts("@envoy", test = True), linkopts = ["-lFuzzingEngine"] + _envoy_test_linkopts(), linkstatic = 1, testonly = 1, deps = [":" + test_lib_name], tags = ["manual"] + tags, ) # Envoy C++ test targets should be specified with this function. def envoy_cc_test( name, srcs = [], data = [], # List of pairs (Bazel shell script target, shell script args) repository = "", external_deps = [], deps = [], tags = [], args = [], copts = [], shard_count = None, coverage = True, local = False, size = "medium", flaky = False): coverage_tags = tags + ([] if coverage else ["nocoverage"]) cc_test( name = name, srcs = srcs, data = data, copts = envoy_copts(repository, test = True) + copts, linkopts = _envoy_test_linkopts(), linkstatic = envoy_linkstatic(), malloc = tcmalloc_external_dep(repository), deps = envoy_stdlib_deps() + deps + [envoy_external_dep_path(dep) for dep in external_deps + ["googletest"]] + [ repository + "//test:main", repository + "//test/test_common:test_version_linkstamp", ], # from https://github.com/google/googletest/blob/6e1970e2376c14bf658eb88f655a054030353f9f/googlemock/src/gmock.cc#L51 # 2 - by default, mocks act as StrictMocks. args = args + ["--gmock_default_mock_behavior=2"], tags = coverage_tags, local = local, shard_count = shard_count, size = size, flaky = flaky, ) # Envoy C++ test related libraries (that want gtest, gmock) should be specified # with this function. def envoy_cc_test_library( name, srcs = [], hdrs = [], data = [], external_deps = [], deps = [], repository = "", tags = [], include_prefix = None, copts = [], **kargs): deps = deps + [ repository + "//test/test_common:printers_includes", ] _envoy_cc_test_infrastructure_library( name, srcs, hdrs, data, external_deps, deps, repository, tags, include_prefix, copts, visibility = ["//visibility:public"], **kargs ) # Envoy test binaries should be specified with this function. def envoy_cc_test_binary( name, tags = [], deps = [], **kargs): envoy_cc_binary( name, testonly = 1, linkopts = _envoy_test_linkopts(), tags = tags + ["compilation_db_dep"], deps = deps + [ "@envoy//test/test_common:test_version_linkstamp", ], **kargs ) # Envoy benchmark binaries should be specified with this function. bazel run # these targets to measure performance. def envoy_cc_benchmark_binary( name, deps = [], repository = "", **kargs): envoy_cc_test_binary( name, deps = deps + [repository + "//test/benchmark:main"], repository = repository, **kargs ) # Tests to validate that Envoy benchmarks run successfully should be specified # with this function. Not for actual performance measurements: iteratons and # expensive benchmarks will be skipped in the interest of execution time. def envoy_benchmark_test( name, benchmark_binary, data = [], tags = [], **kargs): native.sh_test( name = name, srcs = ["//bazel:test_for_benchmark_wrapper.sh"], data = [":" + benchmark_binary] + data, args = ["%s/%s" % (native.package_name(), benchmark_binary)], tags = tags + ["nocoverage"], **kargs ) # Envoy Python test binaries should be specified with this function. def envoy_py_test_binary( name, external_deps = [], deps = [], **kargs): py_binary( name = name, deps = deps + [envoy_external_dep_path(dep) for dep in external_deps], **kargs ) # Envoy C++ mock targets should be specified with this function. def envoy_cc_mock(name, **kargs): envoy_cc_test_library(name = name, **kargs) # Envoy shell tests that need to be included in coverage run should be specified with this function. def envoy_sh_test( name, srcs = [], data = [], coverage = True, cc_binary = [], tags = [], **kargs): if coverage: if cc_binary == []: fail("cc_binary is required for coverage-enabled test.") test_runner_cc = name + "_test_runner.cc" native.genrule( name = name + "_gen_test_runner", srcs = srcs, outs = [test_runner_cc], cmd = "$(location //bazel:gen_sh_test_runner.sh) $(SRCS) >> $@", tools = ["//bazel:gen_sh_test_runner.sh"], ) envoy_cc_test( name = name, srcs = [test_runner_cc], data = srcs + data + cc_binary, tags = tags, deps = ["//test/test_common:environment_lib"] + cc_binary, **kargs ) else: native.sh_test( name = name, srcs = ["//bazel:sh_test_wrapper.sh"], data = srcs + data + cc_binary, args = srcs, tags = tags + ["nocoverage"], **kargs ) ================================================ FILE: bazel/external/BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 # Use a wrapper cc_library with an empty source source file to force # compilation of other cc_library targets that only list *.a sources. cc_library( name = "all_external", srcs = [":empty.cc"], defines = ["OPENTRACING_STATIC"], # TODO: external/io_opentracing_cpp/BUILD.bazel:19:1: Executing genrule # @io_opentracing_cpp//:generate_version_h failed - needs porting tags = ["skip_on_windows"], deps = [ "@com_github_datadog_dd_opentracing_cpp//:dd_opentracing_cpp", "@com_google_googletest//:gtest", "@com_lightstep_tracer_cpp//:lightstep_tracer", "@io_opentracing_cpp//:opentracing", ], ) genrule( name = "empty_cc", outs = ["empty.cc"], cmd = "touch \"$(@D)/empty.cc\"", visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/boringssl_fips.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") load(":genrule_cmd.bzl", "genrule_cmd") licenses(["notice"]) # Apache 2 cc_library( name = "crypto", srcs = [ "crypto/libcrypto.a", ], hdrs = glob(["boringssl/include/openssl/*.h"]), defines = ["BORINGSSL_FIPS"], includes = ["boringssl/include"], visibility = ["//visibility:public"], ) cc_library( name = "ssl", srcs = [ "ssl/libssl.a", ], hdrs = glob(["boringssl/include/openssl/*.h"]), includes = ["boringssl/include"], visibility = ["//visibility:public"], deps = [":crypto"], ) genrule( name = "build", srcs = glob(["boringssl/**"]), outs = [ "crypto/libcrypto.a", "ssl/libssl.a", ], cmd = genrule_cmd("@envoy//bazel/external:boringssl_fips.genrule_cmd"), ) ================================================ FILE: bazel/external/boringssl_fips.genrule_cmd ================================================ #!/bin/bash set -e # BoringSSL build as described in the Security Policy for BoringCrypto module (2020-07-02): # https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf # This works only on Linux-x86_64. if [[ `uname` != "Linux" || `uname -m` != "x86_64" ]]; then echo "ERROR: BoringSSL FIPS is currently supported only on Linux-x86_64." exit 1 fi # Bazel magic. ROOT=$$(dirname $(rootpath boringssl/BUILDING.md))/.. pushd $$ROOT # Build tools requirements: # - Clang compiler version 7.0.1 (https://releases.llvm.org/download.html) # - Go programming language version 1.12.7 (https://golang.org/dl/) # - Ninja build system version 1.9.0 (https://github.com/ninja-build/ninja/releases) # Override $$PATH for build tools, to avoid picking up anything else. export PATH="$$(dirname `which cmake`):/usr/bin:/bin" # Clang 7.0.1 VERSION=7.0.1 SHA256=02ad925add5b2b934d64c3dd5cbd1b2002258059f7d962993ba7f16524c3089c PLATFORM="x86_64-linux-gnu-ubuntu-16.04" curl -sLO https://releases.llvm.org/"$$VERSION"/clang+llvm-"$$VERSION"-"$$PLATFORM".tar.xz \ && echo "$$SHA256" clang+llvm-"$$VERSION"-"$$PLATFORM".tar.xz | sha256sum --check tar xf clang+llvm-"$$VERSION"-"$$PLATFORM".tar.xz export HOME="$$PWD" printf "set(CMAKE_C_COMPILER \"clang\")\nset(CMAKE_CXX_COMPILER \"clang++\")\n" > $${HOME}/toolchain export PATH="$$PWD/clang+llvm-$$VERSION-$$PLATFORM/bin:$$PATH" if [[ `clang --version | head -1 | awk '{print $$3}'` != "$$VERSION" ]]; then echo "ERROR: Clang version doesn't match." exit 1 fi # Go 1.12.7 VERSION=1.12.7 SHA256=66d83bfb5a9ede000e33c6579a91a29e6b101829ad41fffb5c5bb6c900e109d9 PLATFORM="linux-amd64" curl -sLO https://dl.google.com/go/go"$$VERSION"."$$PLATFORM".tar.gz \ && echo "$$SHA256" go"$$VERSION"."$$PLATFORM".tar.gz | sha256sum --check tar xf go"$$VERSION"."$$PLATFORM".tar.gz export GOPATH="$$PWD/gopath" export GOROOT="$$PWD/go" export PATH="$$GOPATH/bin:$$GOROOT/bin:$$PATH" if [[ `go version | awk '{print $$3}'` != "go$$VERSION" ]]; then echo "ERROR: Go version doesn't match." exit 1 fi # Ninja 1.9.0 VERSION=1.9.0 SHA256=1b1235f2b0b4df55ac6d80bbe681ea3639c9d2c505c7ff2159a3daf63d196305 PLATFORM="linux" curl -sLO https://github.com/ninja-build/ninja/releases/download/v"$$VERSION"/ninja-"$$PLATFORM".zip \ && echo "$$SHA256" ninja-"$$PLATFORM".zip | sha256sum --check unzip -o ninja-"$$PLATFORM".zip export PATH="$$PWD:$$PATH" if [[ `ninja --version` != "$$VERSION" ]]; then echo "ERROR: Ninja version doesn't match." exit 1 fi # Clean after previous build. rm -rf boringssl/build # Build BoringSSL. cd boringssl mkdir build && cd build && cmake -GNinja -DCMAKE_TOOLCHAIN_FILE=$${HOME}/toolchain -DFIPS=1 -DCMAKE_BUILD_TYPE=Release .. ninja ninja run_tests # Verify correctness of the FIPS build. if [[ `tool/bssl isfips` != "1" ]]; then echo "ERROR: BoringSSL tool didn't report FIPS build." exit 1 fi # Move compiled libraries to the expected destinations. popd mv $$ROOT/boringssl/build/crypto/libcrypto.a $(execpath crypto/libcrypto.a) mv $$ROOT/boringssl/build/ssl/libssl.a $(execpath ssl/libssl.a) ================================================ FILE: bazel/external/boringssl_fips.patch ================================================ # Fix FIPS build (from BoringSSL commit 4ca15d5dcbe6e8051a4654df7c971ea8307abfe0). # # The modulewrapper is not a part of the FIPS module, so it can be patched without # concern about breaking the FIPS validation. --- boringssl/util/fipstools/acvp/modulewrapper/modulewrapper.cc +++ boringssl/util/fipstools/acvp/modulewrapper/modulewrapper.cc @@ -12,9 +12,11 @@ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include #include #include +#include #include #include #include ================================================ FILE: bazel/external/cargo/BUILD ================================================ """ cargo-raze workspace build file. DO NOT EDIT! Replaced on runs of cargo-raze """ package(default_visibility = ["//visibility:public"]) licenses([ "notice", # See individual crates for specific licenses ]) alias( name = "log", actual = "@raze__log__0_4_11//:log", tags = ["cargo-raze"], ) alias( name = "proxy_wasm", actual = "@raze__proxy_wasm__0_1_2//:proxy_wasm", tags = ["cargo-raze"], ) ================================================ FILE: bazel/external/cargo/remote/BUILD ================================================ ================================================ FILE: bazel/external/cargo/remote/ahash-0.3.8.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "ahash" with type "bench" omitted rust_library( name = "ahash", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2018", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.3.8", deps = [ ], ) # Unsupported target "bench" with type "test" omitted # Unsupported target "map" with type "bench" omitted # Unsupported target "map_tests" with type "test" omitted # Unsupported target "nopanic" with type "test" omitted ================================================ FILE: bazel/external/cargo/remote/autocfg-1.0.0.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # Apache-2.0 from expression "Apache-2.0 OR MIT" ]) rust_library( name = "autocfg", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "1.0.0", deps = [ ], ) # Unsupported target "integers" with type "example" omitted # Unsupported target "paths" with type "example" omitted # Unsupported target "rustflags" with type "test" omitted # Unsupported target "traits" with type "example" omitted # Unsupported target "versions" with type "example" omitted ================================================ FILE: bazel/external/cargo/remote/cfg-if-0.1.10.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) rust_library( name = "cfg_if", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2018", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.1.10", deps = [ ], ) # Unsupported target "xcrate" with type "test" omitted ================================================ FILE: bazel/external/cargo/remote/hashbrown-0.7.2.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # Apache-2.0 from expression "Apache-2.0 OR MIT" ]) # Unsupported target "bench" with type "bench" omitted # Unsupported target "build-script-build" with type "custom-build" omitted rust_library( name = "hashbrown", srcs = glob(["**/*.rs"]), crate_features = [ "ahash", "inline-more", ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2018", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.7.2", deps = [ "@raze__ahash__0_3_8//:ahash", ], ) # Unsupported target "hasher" with type "test" omitted # Unsupported target "rayon" with type "test" omitted # Unsupported target "serde" with type "test" omitted # Unsupported target "set" with type "test" omitted ================================================ FILE: bazel/external/cargo/remote/libc-0.2.74.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted # Unsupported target "const_fn" with type "test" omitted rust_library( name = "libc", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.2.74", deps = [ ], ) ================================================ FILE: bazel/external/cargo/remote/log-0.4.11.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted # Unsupported target "filters" with type "test" omitted rust_library( name = "log", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", "--cfg=atomic_cas", ], tags = ["cargo-raze"], version = "0.4.11", deps = [ "@raze__cfg_if__0_1_10//:cfg_if", ], ) # Unsupported target "macros" with type "test" omitted ================================================ FILE: bazel/external/cargo/remote/memory_units-0.4.0.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "reciprocal", # MPL-2.0 from expression "MPL-2.0" ]) rust_library( name = "memory_units", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.4.0", deps = [ ], ) ================================================ FILE: bazel/external/cargo/remote/proxy-wasm-0.1.2.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # Apache-2.0 from expression "Apache-2.0" ]) # Unsupported target "hello_world" with type "example" omitted # Unsupported target "http_auth_random" with type "example" omitted # Unsupported target "http_body" with type "example" omitted # Unsupported target "http_headers" with type "example" omitted rust_library( name = "proxy_wasm", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2018", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.1.2", deps = [ "@raze__hashbrown__0_7_2//:hashbrown", "@raze__log__0_4_11//:log", "@raze__wee_alloc__0_4_5//:wee_alloc", ], ) ================================================ FILE: bazel/external/cargo/remote/wee_alloc-0.4.5.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "reciprocal", # MPL-2.0 from expression "MPL-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted rust_library( name = "wee_alloc", srcs = glob(["**/*.rs"]), crate_features = [ "default", "size_classes", ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.4.5", deps = [ "@raze__cfg_if__0_1_10//:cfg_if", "@raze__libc__0_2_74//:libc", "@raze__memory_units__0_4_0//:memory_units", ], ) ================================================ FILE: bazel/external/cargo/remote/winapi-0.3.9.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted rust_library( name = "winapi", srcs = glob(["**/*.rs"]), crate_features = [ "memoryapi", "synchapi", "winbase", ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.3.9", deps = [ ], ) ================================================ FILE: bazel/external/cargo/remote/winapi-i686-pc-windows-gnu-0.4.0.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted rust_library( name = "winapi_i686_pc_windows_gnu", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.4.0", deps = [ ], ) ================================================ FILE: bazel/external/cargo/remote/winapi-x86_64-pc-windows-gnu-0.4.0.BUILD ================================================ """ cargo-raze crate build file. DO NOT EDIT! Replaced on runs of cargo-raze """ load( "@io_bazel_rules_rust//rust:rust.bzl", "rust_library", ) package(default_visibility = [ # Public for visibility by "@raze__crate__version//" targets. # # Prefer access through "//bazel/external/cargo", which limits external # visibility to explicit Cargo.toml dependencies. "//visibility:public", ]) licenses([ "notice", # MIT from expression "MIT OR Apache-2.0" ]) # Unsupported target "build-script-build" with type "custom-build" omitted rust_library( name = "winapi_x86_64_pc_windows_gnu", srcs = glob(["**/*.rs"]), crate_features = [ ], crate_root = "src/lib.rs", crate_type = "lib", edition = "2015", rustc_flags = [ "--cap-lints=allow", ], tags = ["cargo-raze"], version = "0.4.0", deps = [ ], ) ================================================ FILE: bazel/external/compiler_rt.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "fuzzed_data_provider", hdrs = ["include/fuzzer/FuzzedDataProvider.h"], strip_include_prefix = "include", visibility = ["//visibility:public"], ) libfuzzer_copts = [ "-fno-sanitize=address,thread,undefined", "-fsanitize-coverage=0", "-O3", ] cc_library( name = "libfuzzer_main", srcs = ["lib/fuzzer/FuzzerMain.cpp"], copts = libfuzzer_copts, visibility = ["//visibility:public"], deps = [":libfuzzer_no_main"], alwayslink = True, ) cc_library( name = "libfuzzer_no_main", srcs = glob( ["lib/fuzzer/Fuzzer*.cpp"], exclude = ["lib/fuzzer/FuzzerMain.cpp"], ), hdrs = glob([ "lib/fuzzer/Fuzzer*.h", "lib/fuzzer/Fuzzer*.def", ]), copts = libfuzzer_copts, visibility = ["//visibility:public"], alwayslink = True, ) ================================================ FILE: bazel/external/fmtlib.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "fmtlib", hdrs = glob([ "include/fmt/*.h", ]), defines = ["FMT_HEADER_ONLY"], includes = ["include"], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/http-parser.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "http_parser", srcs = [ "http_parser.c", "http_parser.h", ], hdrs = ["http_parser.h"], # This compiler flag is set to an arbtitrarily high number so # as to effectively disables the http_parser header limit, as # we do our own checks in the conn manager and codec. copts = ["-DHTTP_MAX_HEADER_SIZE=0x2000000"], includes = ["."], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/kafka_int32.patch ================================================ --- DescribeGroupsResponse.json 2020-03-25 16:12:16.373302600 -0400 +++ DescribeGroupsResponse.json 2020-03-25 16:11:16.184156200 -0400 @@ -63,7 +63,7 @@ { "name": "MemberAssignment", "type": "bytes", "versions": "0+", "about": "The current assignment provided by the group leader." } ]}, - { "name": "AuthorizedOperations", "type": "int32", "versions": "3+", "default": "-2147483648", + { "name": "AuthorizedOperations", "type": "int32", "versions": "3+", "default": "INT32_MIN", "about": "32-bit bitfield to represent authorized operations for this group." } ]} ] --- MetadataResponse.json 2020-03-25 15:53:36.319161000 -0400 +++ MetadataResponse.json 2020-03-25 15:54:11.510400000 -0400 @@ -81,10 +81,10 @@ { "name": "OfflineReplicas", "type": "[]int32", "versions": "5+", "ignorable": true, "about": "The set of offline replicas of this partition." } ]}, - { "name": "TopicAuthorizedOperations", "type": "int32", "versions": "8+", "default": "-2147483648", + { "name": "TopicAuthorizedOperations", "type": "int32", "versions": "8+", "default": "INT32_MIN", "about": "32-bit bitfield to represent authorized operations for this topic." } ]}, - { "name": "ClusterAuthorizedOperations", "type": "int32", "versions": "8+", "default": "-2147483648", + { "name": "ClusterAuthorizedOperations", "type": "int32", "versions": "8+", "default": "INT32_MIN", "about": "32-bit bitfield to represent authorized operations for this cluster." } ] } ================================================ FILE: bazel/external/libcircllhist.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "libcircllhist", srcs = ["src/circllhist.c"], hdrs = [ "src/circllhist.h", ], copts = select({ "@envoy//bazel:windows_x86_64": ["-DWIN32"], "//conditions:default": [], }), includes = ["src"], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/libprotobuf_mutator.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "libprotobuf_mutator", srcs = glob( [ "src/**/*.cc", "src/**/*.h", "port/protobuf.h", ], exclude = ["**/*_test.cc"], ), hdrs = ["src/libfuzzer/libfuzzer_macro.h"], include_prefix = "libprotobuf_mutator", includes = ["."], visibility = ["//visibility:public"], deps = ["//external:protobuf"], ) ================================================ FILE: bazel/external/proxy_wasm_cpp_host.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") load( "@envoy//bazel:envoy_build_system.bzl", "envoy_select_wasm_all_v8_wavm_none", "envoy_select_wasm_v8", "envoy_select_wasm_wavm", ) licenses(["notice"]) # Apache 2 package(default_visibility = ["//visibility:public"]) cc_library( name = "include", hdrs = glob(["include/proxy-wasm/**/*.h"]), deps = [ "@proxy_wasm_cpp_sdk//:common_lib", ], ) cc_library( name = "lib", # Note that the select cannot appear in the glob. srcs = envoy_select_wasm_all_v8_wavm_none( glob( [ "src/**/*.h", "src/**/*.cc", ], ), glob( [ "src/**/*.h", "src/**/*.cc", ], exclude = ["src/wavm/*"], ), glob( [ "src/**/*.h", "src/**/*.cc", ], exclude = ["src/v8/*"], ), glob( [ "src/**/*.h", "src/**/*.cc", ], exclude = [ "src/wavm/*", "src/v8/*", ], ), ), copts = envoy_select_wasm_wavm([ '-DWAVM_API=""', "-Wno-non-virtual-dtor", "-Wno-old-style-cast", ]), deps = [ ":include", "//external:abseil_flat_hash_map", "//external:abseil_optional", "//external:abseil_strings", "//external:protobuf", "//external:ssl", "//external:zlib", "@proxy_wasm_cpp_sdk//:api_lib", "@proxy_wasm_cpp_sdk//:common_lib", ] + envoy_select_wasm_wavm([ "@envoy//bazel/foreign_cc:wavm", ]) + envoy_select_wasm_v8([ "//external:wee8", ]), ) ================================================ FILE: bazel/external/quiche.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_proto_library") load("@rules_proto//proto:defs.bzl", "proto_library") load(":genrule_cmd.bzl", "genrule_cmd") load( "@envoy//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_cc_test", "envoy_cc_test_library", ) licenses(["notice"]) # Apache 2 # QUICHE is Google's implementation of QUIC and related protocols. It is the # same code used in Chromium and Google's servers, but packaged in a form that # is intended to be easier to incorporate into third-party projects. # # QUICHE code falls into three groups: # 1. Platform-independent code. Most QUICHE code is in this category. # 2. APIs and type aliases to platform-dependent code/types, referenced by code # in group 1. This group is called the "Platform API". # 3. Definitions of types declared in group 2. This group is called the # "Platform impl", and must be provided by the codebase that embeds QUICHE. # # Concretely, header files in group 2 (the Platform API) #include header and # source files in group 3 (the Platform impl). Unfortunately, QUICHE does not # yet provide a built-in way to customize this dependency, e.g. to override the # directory or namespace in which Platform impl types are defined. Hence the # gross hacks in quiche.genrule_cmd, invoked from here to tweak QUICHE source # files into a form usable by Envoy. # # The mechanics of this will change as QUICHE evolves, supplies its own Bazel # buildfiles, and provides a built-in way to override platform impl directory # location. However, the end result (QUICHE files placed under # quiche/{http2,quic,spdy}/, with the Envoy-specific implementation of the # QUICHE platform APIs in //source/extensions/quic_listeners/quiche/platform/, # should remain largely the same. src_files = glob([ "**/*.h", "**/*.c", "**/*.cc", "**/*.inc", "**/*.proto", ]) genrule( name = "quiche_files", srcs = src_files, outs = ["quiche/" + f for f in src_files], cmd = genrule_cmd("@envoy//bazel/external:quiche.genrule_cmd"), visibility = ["//visibility:private"], ) # These options are only used to suppress errors in brought-in QUICHE tests. # Use #pragma GCC diagnostic ignored in integration code to suppress these errors. quiche_common_copts = [ "-Wno-unused-function", # quic_inlined_frame.h uses offsetof() to optimize memory usage in frames. "-Wno-invalid-offsetof", "-Wno-range-loop-analysis", ] quiche_copts = select({ # Ignore unguarded #pragma GCC statements in QUICHE sources "@envoy//bazel:windows_x86_64": ["-wd4068"], # Remove these after upstream fix. "@envoy//bazel:gcc_build": [ "-Wno-sign-compare", ] + quiche_common_copts, "//conditions:default": quiche_common_copts, }) test_suite( name = "ci_tests", tests = [ "http2_platform_api_test", "quic_platform_api_test", "quiche_common_test", "spdy_platform_api_test", ], ) envoy_cc_test_library( name = "http2_test_tools_random", srcs = ["quiche/http2/test_tools/http2_random.cc"], hdrs = ["quiche/http2/test_tools/http2_random.h"], external_deps = ["ssl"], repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_platform", hdrs = [ "quiche/http2/platform/api/http2_bug_tracker.h", "quiche/http2/platform/api/http2_containers.h", "quiche/http2/platform/api/http2_estimate_memory_usage.h", "quiche/http2/platform/api/http2_flag_utils.h", "quiche/http2/platform/api/http2_flags.h", "quiche/http2/platform/api/http2_logging.h", "quiche/http2/platform/api/http2_macros.h", "quiche/http2/platform/api/http2_string_utils.h", # TODO: uncomment the following files as implementations are added. # "quiche/http2/platform/api/http2_test_helpers.h", ], repository = "@envoy", visibility = ["//visibility:public"], deps = [ ":quiche_common_platform", "@envoy//source/extensions/quic_listeners/quiche/platform:http2_platform_impl_lib", ], ) envoy_cc_library( name = "http2_constants_lib", srcs = ["quiche/http2/http2_constants.cc"], hdrs = ["quiche/http2/http2_constants.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_structures_lib", srcs = ["quiche/http2/http2_structures.cc"], hdrs = ["quiche/http2/http2_structures.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_decoder_decode_buffer_lib", srcs = ["quiche/http2/decoder/decode_buffer.cc"], hdrs = ["quiche/http2/decoder/decode_buffer.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_decoder_decode_http2_structures_lib", srcs = ["quiche/http2/decoder/decode_http2_structures.cc"], hdrs = ["quiche/http2/decoder/decode_http2_structures.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_decode_status_lib", srcs = ["quiche/http2/decoder/decode_status.cc"], hdrs = ["quiche/http2/decoder/decode_status.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_decoder_frame_decoder_state_lib", srcs = ["quiche/http2/decoder/frame_decoder_state.cc"], hdrs = ["quiche/http2/decoder/frame_decoder_state.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_structure_decoder_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_frame_decoder_lib", srcs = ["quiche/http2/decoder/http2_frame_decoder.cc"], hdrs = [ "quiche/http2/decoder/frame_decoder_state.h", "quiche/http2/decoder/http2_frame_decoder.h", ], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_decoder_payload_decoders_altsvc_payload_decoder_lib", ":http2_decoder_payload_decoders_continuation_payload_decoder_lib", ":http2_decoder_payload_decoders_data_payload_decoder_lib", ":http2_decoder_payload_decoders_goaway_payload_decoder_lib", ":http2_decoder_payload_decoders_headers_payload_decoder_lib", ":http2_decoder_payload_decoders_ping_payload_decoder_lib", ":http2_decoder_payload_decoders_priority_payload_decoder_lib", ":http2_decoder_payload_decoders_push_promise_payload_decoder_lib", ":http2_decoder_payload_decoders_rst_stream_payload_decoder_lib", ":http2_decoder_payload_decoders_settings_payload_decoder_lib", ":http2_decoder_payload_decoders_unknown_payload_decoder_lib", ":http2_decoder_payload_decoders_window_update_payload_decoder_lib", ":http2_decoder_structure_decoder_lib", ":http2_hpack_varint_hpack_varint_decoder_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_frame_decoder_listener_lib", srcs = ["quiche/http2/decoder/http2_frame_decoder_listener.cc"], hdrs = ["quiche/http2/decoder/http2_frame_decoder_listener.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_altsvc_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/altsvc_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/altsvc_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_continuation_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/continuation_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/continuation_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_data_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/data_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/data_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_goaway_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/goaway_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/goaway_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_headers_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/headers_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/headers_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_ping_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/ping_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/ping_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_priority_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/priority_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/priority_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_push_promise_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/push_promise_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/push_promise_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_rst_stream_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/rst_stream_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/rst_stream_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_settings_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/settings_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/settings_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_unknown_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/unknown_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/unknown_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_payload_decoders_window_update_payload_decoder_lib", srcs = ["quiche/http2/decoder/payload_decoders/window_update_payload_decoder.cc"], hdrs = ["quiche/http2/decoder/payload_decoders/window_update_payload_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_http2_structures_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_decoder_frame_decoder_state_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_decoder_structure_decoder_lib", srcs = ["quiche/http2/decoder/http2_structure_decoder.cc"], hdrs = ["quiche/http2/decoder/http2_structure_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_http2_structures_lib", ":http2_decoder_decode_status_lib", ":http2_platform", ":http2_structures_lib", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_block_decoder_lib", srcs = ["quiche/http2/hpack/decoder/hpack_block_decoder.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_block_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_decoder_hpack_entry_decoder_lib", ":http2_hpack_decoder_hpack_entry_decoder_listener_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoder_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoder.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_decoder_hpack_block_decoder_lib", ":http2_hpack_decoder_hpack_decoder_listener_lib", ":http2_hpack_decoder_hpack_decoder_state_lib", ":http2_hpack_decoder_hpack_decoder_tables_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_decoder_hpack_whole_entry_buffer_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoder_listener_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoder_listener.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoder_listener.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_hpack_constants_lib", ":http2_hpack_hpack_string_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoder_state_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoder_state.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoder_state.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_hpack_decoder_hpack_decoder_listener_lib", ":http2_hpack_decoder_hpack_decoder_string_buffer_lib", ":http2_hpack_decoder_hpack_decoder_tables_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_decoder_hpack_whole_entry_listener_lib", ":http2_hpack_hpack_constants_lib", ":http2_hpack_hpack_string_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoder_string_buffer_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoder_string_buffer.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoder_string_buffer.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_huffman_hpack_huffman_decoder_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoder_tables_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoder_tables.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoder_tables.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_hpack_hpack_constants_lib", ":http2_hpack_hpack_static_table_entries_lib", ":http2_hpack_hpack_string_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_decoding_error_lib", srcs = ["quiche/http2/hpack/decoder/hpack_decoding_error.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_decoding_error.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":quiche_common_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_entry_decoder_lib", srcs = ["quiche/http2/hpack/decoder/hpack_entry_decoder.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_entry_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_decoder_hpack_entry_decoder_listener_lib", ":http2_hpack_decoder_hpack_entry_type_decoder_lib", ":http2_hpack_decoder_hpack_string_decoder_lib", ":http2_hpack_hpack_constants_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_entry_decoder_listener_lib", srcs = ["quiche/http2/hpack/decoder/hpack_entry_decoder_listener.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_entry_decoder_listener.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_hpack_constants_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_entry_type_decoder_lib", srcs = ["quiche/http2/hpack/decoder/hpack_entry_type_decoder.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_entry_type_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_hpack_constants_lib", ":http2_hpack_varint_hpack_varint_decoder_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_string_decoder_lib", srcs = ["quiche/http2/hpack/decoder/hpack_string_decoder.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_string_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_varint_hpack_varint_decoder_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_string_decoder_listener_lib", srcs = ["quiche/http2/hpack/decoder/hpack_string_decoder_listener.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_string_decoder_listener.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_whole_entry_buffer_lib", srcs = ["quiche/http2/hpack/decoder/hpack_whole_entry_buffer.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_whole_entry_buffer.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_decoder_hpack_decoder_string_buffer_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_decoder_hpack_entry_decoder_listener_lib", ":http2_hpack_decoder_hpack_whole_entry_listener_lib", ":http2_hpack_hpack_constants_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_decoder_hpack_whole_entry_listener_lib", srcs = ["quiche/http2/hpack/decoder/hpack_whole_entry_listener.cc"], hdrs = ["quiche/http2/hpack/decoder/hpack_whole_entry_listener.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_decoder_hpack_decoder_string_buffer_lib", ":http2_hpack_decoder_hpack_decoding_error_lib", ":http2_hpack_hpack_constants_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_huffman_hpack_huffman_decoder_lib", srcs = ["quiche/http2/hpack/huffman/hpack_huffman_decoder.cc"], hdrs = ["quiche/http2/hpack/huffman/hpack_huffman_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_platform", ":quiche_common_platform", ], ) envoy_cc_library( name = "http2_hpack_huffman_hpack_huffman_encoder_lib", srcs = ["quiche/http2/hpack/huffman/hpack_huffman_encoder.cc"], hdrs = ["quiche/http2/hpack/huffman/hpack_huffman_encoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_hpack_huffman_huffman_spec_tables_lib", ":http2_platform", ":quiche_common_platform", ], ) envoy_cc_library( name = "http2_hpack_huffman_huffman_spec_tables_lib", srcs = ["quiche/http2/hpack/huffman/huffman_spec_tables.cc"], hdrs = ["quiche/http2/hpack/huffman/huffman_spec_tables.h"], copts = quiche_copts, repository = "@envoy", ) envoy_cc_library( name = "http2_hpack_hpack_constants_lib", srcs = ["quiche/http2/hpack/http2_hpack_constants.cc"], hdrs = ["quiche/http2/hpack/http2_hpack_constants.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "http2_hpack_hpack_static_table_entries_lib", hdrs = ["quiche/http2/hpack/hpack_static_table_entries.inc"], repository = "@envoy", ) envoy_cc_library( name = "http2_hpack_hpack_string_lib", srcs = ["quiche/http2/hpack/hpack_string.cc"], hdrs = ["quiche/http2/hpack/hpack_string.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_platform", ":quiche_common_platform", ], ) envoy_cc_library( name = "http2_hpack_varint_hpack_varint_decoder_lib", srcs = ["quiche/http2/hpack/varint/hpack_varint_decoder.cc"], hdrs = ["quiche/http2/hpack/varint/hpack_varint_decoder.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_platform", ], ) envoy_cc_library( name = "http2_hpack_varint_hpack_varint_encoder_lib", srcs = ["quiche/http2/hpack/varint/hpack_varint_encoder.cc"], hdrs = ["quiche/http2/hpack/varint/hpack_varint_encoder.h"], copts = quiche_copts, repository = "@envoy", deps = [":http2_platform"], ) envoy_cc_library( name = "spdy_platform", hdrs = [ "quiche/spdy/platform/api/spdy_bug_tracker.h", "quiche/spdy/platform/api/spdy_containers.h", "quiche/spdy/platform/api/spdy_endianness_util.h", "quiche/spdy/platform/api/spdy_estimate_memory_usage.h", "quiche/spdy/platform/api/spdy_flags.h", "quiche/spdy/platform/api/spdy_logging.h", "quiche/spdy/platform/api/spdy_macros.h", "quiche/spdy/platform/api/spdy_mem_slice.h", "quiche/spdy/platform/api/spdy_string_utils.h", ], repository = "@envoy", visibility = ["//visibility:public"], deps = [ ":quiche_common_lib", "@envoy//source/extensions/quic_listeners/quiche/platform:spdy_platform_impl_lib", ], ) envoy_cc_library( name = "spdy_simple_arena_lib", srcs = ["quiche/spdy/core/spdy_simple_arena.cc"], hdrs = ["quiche/spdy/core/spdy_simple_arena.h"], repository = "@envoy", visibility = ["//visibility:public"], deps = [":spdy_platform"], ) envoy_cc_test_library( name = "spdy_platform_test_helpers", hdrs = ["quiche/spdy/platform/api/spdy_test_helpers.h"], repository = "@envoy", deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:spdy_platform_test_helpers_impl_lib"], ) envoy_cc_library( name = "spdy_core_alt_svc_wire_format_lib", srcs = ["quiche/spdy/core/spdy_alt_svc_wire_format.cc"], hdrs = ["quiche/spdy/core/spdy_alt_svc_wire_format.h"], copts = quiche_copts, repository = "@envoy", visibility = ["//visibility:public"], deps = [":spdy_platform"], ) envoy_cc_library( name = "spdy_core_fifo_write_scheduler_lib", hdrs = ["quiche/spdy/core/fifo_write_scheduler.h"], repository = "@envoy", deps = [ ":spdy_core_write_scheduler_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_framer_lib", srcs = [ "quiche/spdy/core/spdy_frame_builder.cc", "quiche/spdy/core/spdy_framer.cc", ], hdrs = [ "quiche/spdy/core/spdy_frame_builder.h", "quiche/spdy/core/spdy_framer.h", ], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_platform", ":spdy_core_alt_svc_wire_format_lib", ":spdy_core_frame_reader_lib", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_hpack_hpack_lib", ":spdy_core_protocol_lib", ":spdy_core_zero_copy_output_buffer_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_frame_reader_lib", srcs = ["quiche/spdy/core/spdy_frame_reader.cc"], hdrs = ["quiche/spdy/core/spdy_frame_reader.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":spdy_core_protocol_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_header_block_lib", srcs = ["quiche/spdy/core/spdy_header_block.cc"], hdrs = ["quiche/spdy/core/spdy_header_block.h"], copts = quiche_copts, repository = "@envoy", visibility = ["//visibility:public"], deps = [ ":spdy_core_header_storage_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_header_storage_lib", srcs = ["quiche/spdy/core/spdy_header_storage.cc"], hdrs = ["quiche/spdy/core/spdy_header_storage.h"], copts = quiche_copts, repository = "@envoy", deps = [ "spdy_simple_arena_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_headers_handler_interface_lib", hdrs = ["quiche/spdy/core/spdy_headers_handler_interface.h"], copts = quiche_copts, repository = "@envoy", visibility = ["//visibility:public"], deps = [":spdy_platform"], ) envoy_cc_library( name = "spdy_core_http2_deframer_lib", srcs = ["quiche/spdy/core/http2_frame_decoder_adapter.cc"], hdrs = ["quiche/spdy/core/http2_frame_decoder_adapter.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_constants_lib", ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_decoder_frame_decoder_lib", ":http2_decoder_frame_decoder_listener_lib", ":http2_platform", ":http2_structures_lib", ":spdy_core_alt_svc_wire_format_lib", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_hpack_hpack_decoder_adapter_lib", ":spdy_core_hpack_hpack_lib", ":spdy_core_protocol_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_lifo_write_scheduler_lib", hdrs = ["quiche/spdy/core/lifo_write_scheduler.h"], repository = "@envoy", deps = [ ":spdy_core_write_scheduler_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_intrusive_list_lib", hdrs = ["quiche/spdy/core/spdy_intrusive_list.h"], repository = "@envoy", ) envoy_cc_library( name = "spdy_core_http2_priority_write_scheduler_lib", hdrs = ["quiche/spdy/core/http2_priority_write_scheduler.h"], repository = "@envoy", deps = [ ":spdy_core_intrusive_list_lib", ":spdy_core_protocol_lib", ":spdy_core_write_scheduler_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_hpack_hpack_lib", srcs = [ "quiche/spdy/core/hpack/hpack_constants.cc", "quiche/spdy/core/hpack/hpack_encoder.cc", "quiche/spdy/core/hpack/hpack_entry.cc", "quiche/spdy/core/hpack/hpack_header_table.cc", "quiche/spdy/core/hpack/hpack_huffman_table.cc", "quiche/spdy/core/hpack/hpack_output_stream.cc", "quiche/spdy/core/hpack/hpack_static_table.cc", ], hdrs = [ "quiche/spdy/core/hpack/hpack_constants.h", "quiche/spdy/core/hpack/hpack_encoder.h", "quiche/spdy/core/hpack/hpack_entry.h", "quiche/spdy/core/hpack/hpack_header_table.h", "quiche/spdy/core/hpack/hpack_huffman_table.h", "quiche/spdy/core/hpack/hpack_output_stream.h", "quiche/spdy/core/hpack/hpack_static_table.h", ], copts = quiche_copts, repository = "@envoy", deps = [ ":spdy_core_protocol_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_hpack_hpack_decoder_adapter_lib", srcs = ["quiche/spdy/core/hpack/hpack_decoder_adapter.cc"], hdrs = ["quiche/spdy/core/hpack/hpack_decoder_adapter.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":http2_hpack_decoder_hpack_decoder_lib", ":http2_hpack_decoder_hpack_decoder_listener_lib", ":http2_hpack_decoder_hpack_decoder_tables_lib", ":http2_hpack_hpack_constants_lib", ":http2_hpack_hpack_string_lib", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_hpack_hpack_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_priority_write_scheduler_lib", srcs = ["quiche/spdy/core/priority_write_scheduler.h"], repository = "@envoy", deps = [ ":http2_platform", ":spdy_core_protocol_lib", ":spdy_core_write_scheduler_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_protocol_lib", srcs = ["quiche/spdy/core/spdy_protocol.cc"], hdrs = [ "quiche/spdy/core/spdy_bitmasks.h", "quiche/spdy/core/spdy_protocol.h", ], copts = quiche_copts, repository = "@envoy", visibility = ["//visibility:public"], deps = [ ":spdy_core_alt_svc_wire_format_lib", ":spdy_core_header_block_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_write_scheduler_lib", hdrs = ["quiche/spdy/core/write_scheduler.h"], repository = "@envoy", deps = [ ":spdy_core_protocol_lib", ":spdy_platform", ], ) envoy_cc_test_library( name = "spdy_core_test_utils_lib", srcs = ["quiche/spdy/core/spdy_test_utils.cc"], hdrs = ["quiche/spdy/core/spdy_test_utils.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":quiche_common_test_tools_test_utils_lib", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_protocol_lib", ":spdy_platform", ], ) envoy_cc_library( name = "spdy_core_zero_copy_output_buffer_lib", hdrs = ["quiche/spdy/core/zero_copy_output_buffer.h"], copts = quiche_copts, repository = "@envoy", ) envoy_cc_library( name = "quic_platform", srcs = [ "quiche/quic/platform/api/quic_file_utils.cc", "quiche/quic/platform/api/quic_hostname_utils.cc", "quiche/quic/platform/api/quic_mutex.cc", ], hdrs = [ "quiche/quic/platform/api/quic_cert_utils.h", "quiche/quic/platform/api/quic_file_utils.h", "quiche/quic/platform/api/quic_hostname_utils.h", "quiche/quic/platform/api/quic_mutex.h", "quiche/quic/platform/api/quic_pcc_sender.h", ], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_time_lib", ":quic_platform_base", "@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_impl_lib", ], ) envoy_cc_library( name = "quic_platform_base", hdrs = [ "quiche/quic/platform/api/quic_aligned.h", "quiche/quic/platform/api/quic_bug_tracker.h", "quiche/quic/platform/api/quic_client_stats.h", "quiche/quic/platform/api/quic_containers.h", "quiche/quic/platform/api/quic_error_code_wrappers.h", "quiche/quic/platform/api/quic_estimate_memory_usage.h", "quiche/quic/platform/api/quic_exported_stats.h", "quiche/quic/platform/api/quic_fallthrough.h", "quiche/quic/platform/api/quic_flag_utils.h", "quiche/quic/platform/api/quic_flags.h", "quiche/quic/platform/api/quic_iovec.h", "quiche/quic/platform/api/quic_logging.h", "quiche/quic/platform/api/quic_macros.h", "quiche/quic/platform/api/quic_map_util.h", "quiche/quic/platform/api/quic_mem_slice.h", "quiche/quic/platform/api/quic_prefetch.h", "quiche/quic/platform/api/quic_ptr_util.h", "quiche/quic/platform/api/quic_reference_counted.h", "quiche/quic/platform/api/quic_server_stats.h", "quiche/quic/platform/api/quic_stack_trace.h", "quiche/quic/platform/api/quic_stream_buffer_allocator.h", "quiche/quic/platform/api/quic_string_utils.h", "quiche/quic/platform/api/quic_uint128.h", # TODO: uncomment the following files as implementations are added. # "quiche/quic/platform/api/quic_fuzzed_data_provider.h", # "quiche/quic/platform/api/quic_test_loopback.h", ], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_platform_export", ":quiche_common_lib", "@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_base_impl_lib", ], ) envoy_cc_library( name = "quic_platform_export", hdrs = ["quiche/quic/platform/api/quic_export.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = ["@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_export_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_epoll_lib", hdrs = ["quiche/quic/platform/api/quic_epoll.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_epoll_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_expect_bug", hdrs = ["quiche/quic/platform/api/quic_expect_bug.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_expect_bug_impl_lib"], ) envoy_cc_library( name = "quic_platform_ip_address_family", hdrs = ["quiche/quic/platform/api/quic_ip_address_family.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], ) envoy_cc_library( name = "quic_platform_ip_address", srcs = ["quiche/quic/platform/api/quic_ip_address.cc"], hdrs = ["quiche/quic/platform/api/quic_ip_address.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_platform_base", ":quic_platform_export", ":quic_platform_ip_address_family", ], ) envoy_cc_test_library( name = "quic_platform_mock_log", hdrs = ["quiche/quic/platform/api/quic_mock_log.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_mock_log_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_port_utils", hdrs = ["quiche/quic/platform/api/quic_port_utils.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_port_utils_impl_lib"], ) envoy_cc_library( name = "quic_platform_udp_socket", hdrs = select({ "@envoy//bazel:linux": ["quiche/quic/platform/api/quic_udp_socket_platform_api.h"], "//conditions:default": [], }), repository = "@envoy", tags = ["nofips"], deps = ["@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_udp_socket_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_sleep", hdrs = ["quiche/quic/platform/api/quic_sleep.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_sleep_impl_lib"], ) envoy_cc_library( name = "quic_platform_socket_address", srcs = ["quiche/quic/platform/api/quic_socket_address.cc"], hdrs = ["quiche/quic/platform/api/quic_socket_address.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_platform_export", ":quic_platform_ip_address", ], ) envoy_cc_test_library( name = "quic_platform_test", hdrs = ["quiche/quic/platform/api/quic_test.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_test_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_test_output", hdrs = ["quiche/quic/platform/api/quic_test_output.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_test_output_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_system_event_loop", hdrs = ["quiche/quic/platform/api/quic_system_event_loop.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_system_event_loop_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_thread", hdrs = ["quiche/quic/platform/api/quic_thread.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_thread_impl_lib"], ) envoy_cc_library( name = "quiche_common_platform_endian", hdrs = ["quiche/common/platform/api/quiche_endian.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quiche_common_platform_export", "@envoy//source/extensions/quic_listeners/quiche/platform:quiche_common_platform_endian_impl_lib", ], ) envoy_cc_library( name = "quiche_common_platform_export", hdrs = ["quiche/common/platform/api/quiche_export.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = ["@envoy//source/extensions/quic_listeners/quiche/platform:quiche_common_platform_export_impl_lib"], ) envoy_cc_test_library( name = "quiche_common_test_tools_test_utils_lib", srcs = ["quiche/common/test_tools/quiche_test_utils.cc"], hdrs = [ "quiche/common/platform/api/quiche_test.h", "quiche/common/test_tools/quiche_test_utils.h", ], repository = "@envoy", tags = ["nofips"], deps = [ ":quiche_common_platform", "@envoy//test/extensions/quic_listeners/quiche/platform:quiche_common_platform_test_impl_lib", ], ) #TODO(danzh) Figure out why using envoy_proto_library() fails. proto_library( name = "quic_core_proto_cached_network_parameters_proto", srcs = ["quiche/quic/core/proto/cached_network_parameters.proto"], ) cc_proto_library( name = "quic_core_proto_cached_network_parameters_proto_cc", deps = [":quic_core_proto_cached_network_parameters_proto"], ) envoy_cc_library( name = "quic_core_proto_cached_network_parameters_proto_header", hdrs = ["quiche/quic/core/proto/cached_network_parameters_proto.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_core_proto_cached_network_parameters_proto_cc"], ) proto_library( name = "quic_core_proto_source_address_token_proto", srcs = ["quiche/quic/core/proto/source_address_token.proto"], deps = [":quic_core_proto_cached_network_parameters_proto"], ) cc_proto_library( name = "quic_core_proto_source_address_token_proto_cc", deps = [":quic_core_proto_source_address_token_proto"], ) envoy_cc_library( name = "quic_core_proto_source_address_token_proto_header", hdrs = ["quiche/quic/core/proto/source_address_token_proto.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_core_proto_source_address_token_proto_cc"], ) proto_library( name = "quic_core_proto_crypto_server_config_proto", srcs = ["quiche/quic/core/proto/crypto_server_config.proto"], ) cc_proto_library( name = "quic_core_proto_crypto_server_config_proto_cc", deps = [":quic_core_proto_crypto_server_config_proto"], ) envoy_cc_library( name = "quic_core_proto_crypto_server_config_proto_header", hdrs = ["quiche/quic/core/proto/crypto_server_config_proto.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_core_proto_crypto_server_config_proto_cc"], ) envoy_cc_library( name = "quic_core_ack_listener_interface_lib", srcs = ["quiche/quic/core/quic_ack_listener_interface.cc"], hdrs = ["quiche/quic/core/quic_ack_listener_interface.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_time_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_alarm_interface_lib", srcs = ["quiche/quic/core/quic_alarm.cc"], hdrs = ["quiche/quic/core/quic_alarm.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_arena_scoped_ptr_lib", ":quic_core_time_lib", ], ) envoy_cc_library( name = "quic_core_alarm_factory_interface_lib", hdrs = ["quiche/quic/core/quic_alarm_factory.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_alarm_interface_lib", ":quic_core_one_block_arena_lib", ], ) envoy_cc_library( name = "quic_core_bandwidth_lib", srcs = ["quiche/quic/core/quic_bandwidth.cc"], hdrs = ["quiche/quic/core/quic_bandwidth.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_constants_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_batch_writer_batch_writer_buffer_lib", srcs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_batch_writer_buffer.cc", ], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_batch_writer_buffer.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_linux_socket_utils_lib", ":quic_core_packet_writer_interface_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_batch_writer_batch_writer_base_lib", srcs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_batch_writer_base.cc", ], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_batch_writer_base.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_batch_writer_batch_writer_buffer_lib", ":quic_core_packet_writer_interface_lib", ":quic_core_types_lib", ":quic_platform", ], ) envoy_cc_test_library( name = "quic_core_batch_writer_batch_writer_test_lib", hdrs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_batch_writer_test.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_batch_writer_batch_writer_base_lib", ":quic_core_udp_socket_lib", ":quic_platform_test", ], ) envoy_cc_library( name = "quic_core_batch_writer_gso_batch_writer_lib", srcs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_gso_batch_writer.cc", ], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_gso_batch_writer.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_batch_writer_batch_writer_base_lib", ":quic_core_linux_socket_utils_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_batch_writer_sendmmsg_batch_writer_lib", srcs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_sendmmsg_batch_writer.cc", ], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": [ "quiche/quic/core/batch_writer/quic_sendmmsg_batch_writer.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_batch_writer_batch_writer_base_lib", ":quic_core_linux_socket_utils_lib", ], ) envoy_cc_library( name = "quic_core_blocked_writer_interface_lib", hdrs = ["quiche/quic/core/quic_blocked_writer_interface.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_export"], ) envoy_cc_library( name = "quic_core_arena_scoped_ptr_lib", hdrs = ["quiche/quic/core/quic_arena_scoped_ptr.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_buffer_allocator_lib", srcs = [ "quiche/quic/core/quic_buffer_allocator.cc", "quiche/quic/core/quic_simple_buffer_allocator.cc", ], hdrs = [ "quiche/quic/core/quic_buffer_allocator.h", "quiche/quic/core/quic_simple_buffer_allocator.h", ], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [":quic_platform_export"], ) envoy_cc_library( name = "quic_core_clock_lib", srcs = ["quiche/quic/core/quic_clock.cc"], hdrs = ["quiche/quic/core/quic_clock.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_time_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_coalesced_packet_lib", srcs = ["quiche/quic/core/quic_coalesced_packet.cc"], hdrs = ["quiche/quic/core/quic_coalesced_packet.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":quic_core_packets_lib", ], ) envoy_cc_library( name = "quic_core_config_lib", srcs = ["quiche/quic/core/quic_config.cc"], hdrs = ["quiche/quic/core/quic_config.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_constants_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_packets_lib", ":quic_core_socket_address_coder_lib", ":quic_core_time_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_bandwidth_sampler_lib", srcs = ["quiche/quic/core/congestion_control/bandwidth_sampler.cc"], hdrs = ["quiche/quic/core/congestion_control/bandwidth_sampler.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_congestion_control_windowed_filter_lib", ":quic_core_packet_number_indexed_queue_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_bbr_lib", srcs = ["quiche/quic/core/congestion_control/bbr_sender.cc"], hdrs = ["quiche/quic/core/congestion_control/bbr_sender.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_congestion_control_bandwidth_sampler_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_congestion_control_windowed_filter_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_random_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_core_unacked_packet_map_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_bbr2_lib", srcs = [ "quiche/quic/core/congestion_control/bbr2_drain.cc", "quiche/quic/core/congestion_control/bbr2_misc.cc", "quiche/quic/core/congestion_control/bbr2_probe_bw.cc", "quiche/quic/core/congestion_control/bbr2_probe_rtt.cc", "quiche/quic/core/congestion_control/bbr2_sender.cc", "quiche/quic/core/congestion_control/bbr2_startup.cc", ], hdrs = [ "quiche/quic/core/congestion_control/bbr2_drain.h", "quiche/quic/core/congestion_control/bbr2_misc.h", "quiche/quic/core/congestion_control/bbr2_probe_bw.h", "quiche/quic/core/congestion_control/bbr2_probe_rtt.h", "quiche/quic/core/congestion_control/bbr2_sender.h", "quiche/quic/core/congestion_control/bbr2_startup.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_congestion_control_bandwidth_sampler_lib", ":quic_core_congestion_control_bbr_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_congestion_control_windowed_filter_lib", ":quic_core_crypto_encryption_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_congestion_control_general_loss_algorithm_lib", srcs = ["quiche/quic/core/congestion_control/general_loss_algorithm.cc"], hdrs = ["quiche/quic/core/congestion_control/general_loss_algorithm.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_core_unacked_packet_map_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_congestion_control_interface_lib", hdrs = [ "quiche/quic/core/congestion_control/loss_detection_interface.h", "quiche/quic/core/congestion_control/send_algorithm_interface.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_clock_lib", ":quic_core_config_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_random_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_core_unacked_packet_map_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_congestion_control_congestion_control_lib", srcs = [ "quiche/quic/core/congestion_control/send_algorithm_interface.cc", ], hdrs = [ "quiche/quic/core/congestion_control/loss_detection_interface.h", "quiche/quic/core/congestion_control/send_algorithm_interface.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_config_lib", ":quic_core_congestion_control_bbr2_lib", ":quic_core_congestion_control_bbr_lib", ":quic_core_congestion_control_tcp_cubic_bytes_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_random_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_core_unacked_packet_map_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_congestion_control_pacing_sender_lib", srcs = ["quiche/quic/core/congestion_control/pacing_sender.cc"], hdrs = ["quiche/quic/core/congestion_control/pacing_sender.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_config_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_rtt_stats_lib", srcs = ["quiche/quic/core/congestion_control/rtt_stats.cc"], hdrs = ["quiche/quic/core/congestion_control/rtt_stats.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_congestion_control_tcp_cubic_helper", srcs = [ "quiche/quic/core/congestion_control/hybrid_slow_start.cc", "quiche/quic/core/congestion_control/prr_sender.cc", ], hdrs = [ "quiche/quic/core/congestion_control/hybrid_slow_start.h", "quiche/quic/core/congestion_control/prr_sender.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_platform_base", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_congestion_control_tcp_cubic_bytes_lib", srcs = [ "quiche/quic/core/congestion_control/cubic_bytes.cc", "quiche/quic/core/congestion_control/tcp_cubic_sender_bytes.cc", ], hdrs = [ "quiche/quic/core/congestion_control/cubic_bytes.h", "quiche/quic/core/congestion_control/tcp_cubic_sender_bytes.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_congestion_control_tcp_cubic_helper", ":quic_core_connection_stats_lib", ":quic_core_constants_lib", ":quic_core_crypto_encryption_lib", ":quic_core_packets_lib", ":quic_core_time_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_congestion_control_uber_loss_algorithm_lib", srcs = ["quiche/quic/core/congestion_control/uber_loss_algorithm.cc"], hdrs = ["quiche/quic/core/congestion_control/uber_loss_algorithm.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_core_congestion_control_general_loss_algorithm_lib"], ) envoy_cc_library( name = "quic_core_congestion_control_windowed_filter_lib", hdrs = ["quiche/quic/core/congestion_control/windowed_filter.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_core_time_lib"], ) envoy_cc_library( name = "quic_core_connection_lib", srcs = ["quiche/quic/core/quic_connection.cc"], hdrs = ["quiche/quic/core/quic_connection.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_alarm_factory_interface_lib", ":quic_core_alarm_interface_lib", ":quic_core_bandwidth_lib", ":quic_core_blocked_writer_interface_lib", ":quic_core_config_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_framer_lib", ":quic_core_idle_network_detector_lib", ":quic_core_legacy_version_encapsulator_lib", ":quic_core_mtu_discovery_lib", ":quic_core_network_blackhole_detector_lib", ":quic_core_one_block_arena_lib", ":quic_core_packet_creator_lib", ":quic_core_packet_writer_interface_lib", ":quic_core_packets_lib", ":quic_core_proto_cached_network_parameters_proto_header", ":quic_core_sent_packet_manager_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_core_uber_received_packet_manager_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_connection_stats_lib", srcs = ["quiche/quic/core/quic_connection_stats.cc"], hdrs = ["quiche/quic/core/quic_connection_stats.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_packets_lib", ":quic_core_time_accumulator_lib", ":quic_core_time_lib", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_constants_lib", srcs = ["quiche/quic/core/quic_constants.cc"], hdrs = ["quiche/quic/core/quic_constants.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_types_lib", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_crypto_crypto_handshake_lib", srcs = [ "quiche/quic/core/crypto/cert_compressor.cc", "quiche/quic/core/crypto/channel_id.cc", "quiche/quic/core/crypto/common_cert_set.cc", "quiche/quic/core/crypto/crypto_framer.cc", "quiche/quic/core/crypto/crypto_handshake.cc", "quiche/quic/core/crypto/crypto_handshake_message.cc", "quiche/quic/core/crypto/crypto_secret_boxer.cc", "quiche/quic/core/crypto/crypto_utils.cc", "quiche/quic/core/crypto/curve25519_key_exchange.cc", "quiche/quic/core/crypto/key_exchange.cc", "quiche/quic/core/crypto/p256_key_exchange.cc", "quiche/quic/core/crypto/quic_compressed_certs_cache.cc", "quiche/quic/core/crypto/quic_crypto_client_config.cc", "quiche/quic/core/crypto/quic_crypto_server_config.cc", "quiche/quic/core/crypto/server_proof_verifier.h", "quiche/quic/core/crypto/transport_parameters.cc", ], hdrs = [ "quiche/quic/core/crypto/cert_compressor.h", "quiche/quic/core/crypto/channel_id.h", "quiche/quic/core/crypto/common_cert_set.h", "quiche/quic/core/crypto/crypto_framer.h", "quiche/quic/core/crypto/crypto_handshake.h", "quiche/quic/core/crypto/crypto_handshake_message.h", "quiche/quic/core/crypto/crypto_message_parser.h", "quiche/quic/core/crypto/crypto_secret_boxer.h", "quiche/quic/core/crypto/crypto_utils.h", "quiche/quic/core/crypto/curve25519_key_exchange.h", "quiche/quic/core/crypto/key_exchange.h", "quiche/quic/core/crypto/p256_key_exchange.h", "quiche/quic/core/crypto/proof_verifier.h", "quiche/quic/core/crypto/quic_compressed_certs_cache.h", "quiche/quic/core/crypto/quic_crypto_client_config.h", "quiche/quic/core/crypto/quic_crypto_server_config.h", "quiche/quic/core/crypto/transport_parameters.h", ], copts = quiche_copts, external_deps = [ "ssl", "zlib", ], repository = "@envoy", tags = [ "nofips", "pg3", ], textual_hdrs = [ "quiche/quic/core/crypto/common_cert_set_2.c", "quiche/quic/core/crypto/common_cert_set_2a.inc", "quiche/quic/core/crypto/common_cert_set_2b.inc", "quiche/quic/core/crypto/common_cert_set_3.c", "quiche/quic/core/crypto/common_cert_set_3a.inc", "quiche/quic/core/crypto/common_cert_set_3b.inc", ], visibility = ["//visibility:public"], deps = [ ":quic_core_clock_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_hkdf_lib", ":quic_core_crypto_proof_source_interface_lib", ":quic_core_crypto_random_lib", ":quic_core_crypto_tls_handshake_lib", ":quic_core_data_lib", ":quic_core_error_codes_lib", ":quic_core_lru_cache_lib", ":quic_core_packets_lib", ":quic_core_proto_cached_network_parameters_proto_header", ":quic_core_proto_crypto_server_config_proto_header", ":quic_core_proto_source_address_token_proto_header", ":quic_core_server_id_lib", ":quic_core_socket_address_coder_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_crypto_boring_utils_lib", hdrs = ["quiche/quic/core/crypto/boring_utils.h"], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_export", ":quiche_common_platform", ], ) envoy_cc_library( name = "quic_core_crypto_certificate_view_lib", srcs = ["quiche/quic/core/crypto/certificate_view.cc"], hdrs = ["quiche/quic/core/crypto/certificate_view.h"], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_crypto_boring_utils_lib", ":quic_core_types_lib", ":quic_platform", ":quic_platform_ip_address", ":quiche_common_platform", ], ) envoy_cc_library( name = "quic_core_crypto_encryption_lib", srcs = [ "quiche/quic/core/crypto/aead_base_decrypter.cc", "quiche/quic/core/crypto/aead_base_encrypter.cc", "quiche/quic/core/crypto/aes_128_gcm_12_decrypter.cc", "quiche/quic/core/crypto/aes_128_gcm_12_encrypter.cc", "quiche/quic/core/crypto/aes_128_gcm_decrypter.cc", "quiche/quic/core/crypto/aes_128_gcm_encrypter.cc", "quiche/quic/core/crypto/aes_256_gcm_decrypter.cc", "quiche/quic/core/crypto/aes_256_gcm_encrypter.cc", "quiche/quic/core/crypto/aes_base_decrypter.cc", "quiche/quic/core/crypto/aes_base_encrypter.cc", "quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc", "quiche/quic/core/crypto/chacha20_poly1305_encrypter.cc", "quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc", "quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc", "quiche/quic/core/crypto/chacha_base_decrypter.cc", "quiche/quic/core/crypto/chacha_base_encrypter.cc", "quiche/quic/core/crypto/null_decrypter.cc", "quiche/quic/core/crypto/null_encrypter.cc", "quiche/quic/core/crypto/quic_crypter.cc", "quiche/quic/core/crypto/quic_decrypter.cc", "quiche/quic/core/crypto/quic_encrypter.cc", ], hdrs = [ "quiche/quic/core/crypto/aead_base_decrypter.h", "quiche/quic/core/crypto/aead_base_encrypter.h", "quiche/quic/core/crypto/aes_128_gcm_12_decrypter.h", "quiche/quic/core/crypto/aes_128_gcm_12_encrypter.h", "quiche/quic/core/crypto/aes_128_gcm_decrypter.h", "quiche/quic/core/crypto/aes_128_gcm_encrypter.h", "quiche/quic/core/crypto/aes_256_gcm_decrypter.h", "quiche/quic/core/crypto/aes_256_gcm_encrypter.h", "quiche/quic/core/crypto/aes_base_decrypter.h", "quiche/quic/core/crypto/aes_base_encrypter.h", "quiche/quic/core/crypto/chacha20_poly1305_decrypter.h", "quiche/quic/core/crypto/chacha20_poly1305_encrypter.h", "quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.h", "quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.h", "quiche/quic/core/crypto/chacha_base_decrypter.h", "quiche/quic/core/crypto/chacha_base_encrypter.h", "quiche/quic/core/crypto/crypto_protocol.h", "quiche/quic/core/crypto/null_decrypter.h", "quiche/quic/core/crypto/null_encrypter.h", "quiche/quic/core/crypto/quic_crypter.h", "quiche/quic/core/crypto/quic_decrypter.h", "quiche/quic/core/crypto/quic_encrypter.h", ], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_hkdf_lib", ":quic_core_data_lib", ":quic_core_packets_lib", ":quic_core_tag_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_crypto_hkdf_lib", srcs = ["quiche/quic/core/crypto/quic_hkdf.cc"], hdrs = ["quiche/quic/core/crypto/quic_hkdf.h"], external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_crypto_proof_source_interface_lib", srcs = [ "quiche/quic/core/crypto/proof_source.cc", "quiche/quic/core/crypto/quic_crypto_proof.cc", ], hdrs = [ "quiche/quic/core/crypto/proof_source.h", "quiche/quic/core/crypto/quic_crypto_proof.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_packets_lib", ":quic_core_versions_lib", ":quic_platform_base", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_crypto_random_lib", srcs = ["quiche/quic/core/crypto/quic_random.cc"], hdrs = ["quiche/quic/core/crypto/quic_random.h"], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_crypto_tls_handshake_lib", srcs = [ "quiche/quic/core/crypto/tls_client_connection.cc", "quiche/quic/core/crypto/tls_connection.cc", "quiche/quic/core/crypto/tls_server_connection.cc", ], hdrs = [ "quiche/quic/core/crypto/tls_client_connection.h", "quiche/quic/core/crypto/tls_connection.h", "quiche/quic/core/crypto/tls_server_connection.h", ], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_proof_source_interface_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_circular_deque_lib", hdrs = ["quiche/quic/core/quic_circular_deque.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_data_lib", srcs = [ "quiche/quic/core/quic_data_reader.cc", "quiche/quic/core/quic_data_writer.cc", ], hdrs = [ "quiche/quic/core/quic_data_reader.h", "quiche/quic/core/quic_data_writer.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_constants_lib", ":quic_core_crypto_random_lib", ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_error_codes_lib", srcs = ["quiche/quic/core/quic_error_codes.cc"], hdrs = ["quiche/quic/core/quic_error_codes.h"], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_platform_base", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_framer_lib", srcs = ["quiche/quic/core/quic_framer.cc"], hdrs = ["quiche/quic/core/quic_framer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_constants_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_random_lib", ":quic_core_data_lib", ":quic_core_packets_lib", ":quic_core_socket_address_coder_lib", ":quic_core_stream_frame_data_producer_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_frames_frames_lib", srcs = [ "quiche/quic/core/frames/quic_ack_frame.cc", "quiche/quic/core/frames/quic_ack_frequency_frame.cc", "quiche/quic/core/frames/quic_blocked_frame.cc", "quiche/quic/core/frames/quic_connection_close_frame.cc", "quiche/quic/core/frames/quic_crypto_frame.cc", "quiche/quic/core/frames/quic_frame.cc", "quiche/quic/core/frames/quic_goaway_frame.cc", "quiche/quic/core/frames/quic_handshake_done_frame.cc", "quiche/quic/core/frames/quic_max_streams_frame.cc", "quiche/quic/core/frames/quic_message_frame.cc", "quiche/quic/core/frames/quic_new_connection_id_frame.cc", "quiche/quic/core/frames/quic_new_token_frame.cc", "quiche/quic/core/frames/quic_padding_frame.cc", "quiche/quic/core/frames/quic_path_challenge_frame.cc", "quiche/quic/core/frames/quic_path_response_frame.cc", "quiche/quic/core/frames/quic_ping_frame.cc", "quiche/quic/core/frames/quic_retire_connection_id_frame.cc", "quiche/quic/core/frames/quic_rst_stream_frame.cc", "quiche/quic/core/frames/quic_stop_sending_frame.cc", "quiche/quic/core/frames/quic_stop_waiting_frame.cc", "quiche/quic/core/frames/quic_stream_frame.cc", "quiche/quic/core/frames/quic_streams_blocked_frame.cc", "quiche/quic/core/frames/quic_window_update_frame.cc", ], hdrs = [ "quiche/quic/core/frames/quic_ack_frame.h", "quiche/quic/core/frames/quic_ack_frequency_frame.h", "quiche/quic/core/frames/quic_blocked_frame.h", "quiche/quic/core/frames/quic_connection_close_frame.h", "quiche/quic/core/frames/quic_crypto_frame.h", "quiche/quic/core/frames/quic_frame.h", "quiche/quic/core/frames/quic_goaway_frame.h", "quiche/quic/core/frames/quic_handshake_done_frame.h", "quiche/quic/core/frames/quic_inlined_frame.h", "quiche/quic/core/frames/quic_max_streams_frame.h", "quiche/quic/core/frames/quic_message_frame.h", "quiche/quic/core/frames/quic_mtu_discovery_frame.h", "quiche/quic/core/frames/quic_new_connection_id_frame.h", "quiche/quic/core/frames/quic_new_token_frame.h", "quiche/quic/core/frames/quic_padding_frame.h", "quiche/quic/core/frames/quic_path_challenge_frame.h", "quiche/quic/core/frames/quic_path_response_frame.h", "quiche/quic/core/frames/quic_ping_frame.h", "quiche/quic/core/frames/quic_retire_connection_id_frame.h", "quiche/quic/core/frames/quic_rst_stream_frame.h", "quiche/quic/core/frames/quic_stop_sending_frame.h", "quiche/quic/core/frames/quic_stop_waiting_frame.h", "quiche/quic/core/frames/quic_stream_frame.h", "quiche/quic/core/frames/quic_streams_blocked_frame.h", "quiche/quic/core/frames/quic_window_update_frame.h", ], copts = quiche_copts, # TODO: Work around initializer in anonymous union in fastbuild build. # Remove this after upstream fix. defines = select({ "@envoy//bazel:windows_x86_64": ["QUIC_FRAME_DEBUG=0"], "//conditions:default": [], }), repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_buffer_allocator_lib", ":quic_core_constants_lib", ":quic_core_error_codes_lib", ":quic_core_interval_lib", ":quic_core_interval_set_lib", ":quic_core_types_lib", ":quic_core_versions_lib", ":quic_platform_base", ":quic_platform_mem_slice_span", ], ) envoy_cc_library( name = "quic_core_http_http_constants_lib", hdrs = ["quiche/quic/core/http/http_constants.h"], copts = quiche_copts, repository = "@envoy", deps = [":quic_core_types_lib"], ) envoy_cc_library( name = "quic_core_http_client_lib", srcs = [ "quiche/quic/core/http/quic_client_promised_info.cc", "quiche/quic/core/http/quic_client_push_promise_index.cc", "quiche/quic/core/http/quic_spdy_client_session.cc", "quiche/quic/core/http/quic_spdy_client_session_base.cc", "quiche/quic/core/http/quic_spdy_client_stream.cc", ], hdrs = [ "quiche/quic/core/http/quic_client_promised_info.h", "quiche/quic/core/http/quic_client_push_promise_index.h", "quiche/quic/core/http/quic_spdy_client_session.h", "quiche/quic/core/http/quic_spdy_client_session_base.h", "quiche/quic/core/http/quic_spdy_client_stream.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_alarm_interface_lib", ":quic_core_crypto_encryption_lib", ":quic_core_http_spdy_session_lib", ":quic_core_packets_lib", ":quic_core_qpack_qpack_streams_lib", ":quic_core_server_id_lib", ":quic_core_session_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform_base", ":spdy_core_framer_lib", ":spdy_core_protocol_lib", "@envoy//source/extensions/quic_listeners/quiche:spdy_server_push_utils_for_envoy_lib", ], ) envoy_cc_library( name = "quic_core_http_header_list_lib", srcs = ["quiche/quic/core/http/quic_header_list.cc"], hdrs = ["quiche/quic/core/http/quic_header_list.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_packets_lib", ":quic_core_qpack_qpack_header_table_lib", ":quic_platform_base", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_protocol_lib", ], ) envoy_cc_library( name = "quic_core_http_http_decoder_lib", srcs = ["quiche/quic/core/http/http_decoder.cc"], hdrs = ["quiche/quic/core/http/http_decoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_data_lib", ":quic_core_error_codes_lib", ":quic_core_http_http_frames_lib", ":quic_core_http_spdy_utils_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_http_http_encoder_lib", srcs = ["quiche/quic/core/http/http_encoder.cc"], hdrs = ["quiche/quic/core/http/http_encoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_data_lib", ":quic_core_error_codes_lib", ":quic_core_http_http_frames_lib", ":quic_core_http_spdy_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_http_http_frames_lib", hdrs = ["quiche/quic/core/http/http_frames.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_types_lib", ":quic_platform_base", ":spdy_core_framer_lib", ], ) envoy_cc_library( name = "quic_core_http_spdy_server_push_utils_header", hdrs = ["quiche/quic/core/http/spdy_server_push_utils.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_platform_base", ":spdy_core_header_block_lib", ], ) envoy_cc_library( name = "quic_core_http_spdy_session_lib", srcs = [ "quiche/quic/core/http/quic_headers_stream.cc", "quiche/quic/core/http/quic_receive_control_stream.cc", "quiche/quic/core/http/quic_send_control_stream.cc", "quiche/quic/core/http/quic_server_session_base.cc", "quiche/quic/core/http/quic_spdy_server_stream_base.cc", "quiche/quic/core/http/quic_spdy_session.cc", "quiche/quic/core/http/quic_spdy_stream.cc", ], hdrs = [ "quiche/quic/core/http/quic_headers_stream.h", "quiche/quic/core/http/quic_receive_control_stream.h", "quiche/quic/core/http/quic_send_control_stream.h", "quiche/quic/core/http/quic_server_session_base.h", "quiche/quic/core/http/quic_spdy_server_stream_base.h", "quiche/quic/core/http/quic_spdy_session.h", "quiche/quic/core/http/quic_spdy_stream.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_connection_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_error_codes_lib", ":quic_core_http_header_list_lib", ":quic_core_http_http_constants_lib", ":quic_core_http_http_decoder_lib", ":quic_core_http_http_encoder_lib", ":quic_core_http_spdy_stream_body_manager_lib", ":quic_core_http_spdy_utils_lib", ":quic_core_packets_lib", ":quic_core_proto_cached_network_parameters_proto_header", ":quic_core_qpack_qpack_decoded_headers_accumulator_lib", ":quic_core_qpack_qpack_decoder_lib", ":quic_core_qpack_qpack_decoder_stream_sender_lib", ":quic_core_qpack_qpack_encoder_lib", ":quic_core_qpack_qpack_encoder_stream_sender_lib", ":quic_core_qpack_qpack_streams_lib", ":quic_core_session_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform_base", ":quic_platform_mem_slice_storage", ":spdy_core_framer_lib", ":spdy_core_http2_deframer_lib", ":spdy_core_protocol_lib", ], ) envoy_cc_library( name = "quic_core_http_spdy_stream_body_manager_lib", srcs = ["quiche/quic/core/http/quic_spdy_stream_body_manager.cc"], hdrs = ["quiche/quic/core/http/quic_spdy_stream_body_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_http_http_decoder_lib", ":quic_core_session_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_http_spdy_utils_lib", srcs = ["quiche/quic/core/http/spdy_utils.cc"], hdrs = ["quiche/quic/core/http/spdy_utils.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_http_header_list_lib", ":quic_core_http_http_constants_lib", ":quic_core_packets_lib", ":quic_platform_base", ":spdy_core_framer_lib", ":spdy_core_protocol_lib", ], ) envoy_cc_library( name = "quic_core_idle_network_detector_lib", srcs = ["quiche/quic/core/quic_idle_network_detector.cc"], hdrs = ["quiche/quic/core/quic_idle_network_detector.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_alarm_factory_interface_lib", ":quic_core_alarm_interface_lib", ":quic_core_constants_lib", ":quic_core_one_block_arena_lib", ":quic_core_time_lib", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_interval_lib", hdrs = ["quiche/quic/core/quic_interval.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], ) envoy_cc_library( name = "quic_core_interval_deque_lib", hdrs = ["quiche/quic/core/quic_interval_deque.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_interval_lib", ":quic_core_types_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_interval_set_lib", hdrs = ["quiche/quic/core/quic_interval_set.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_interval_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_lru_cache_lib", hdrs = ["quiche/quic/core/quic_lru_cache.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_mtu_discovery_lib", srcs = ["quiche/quic/core/quic_mtu_discovery.cc"], hdrs = ["quiche/quic/core/quic_mtu_discovery.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":quic_core_constants_lib", ], ) envoy_cc_library( name = "quic_core_one_block_arena_lib", srcs = ["quiche/quic/core/quic_one_block_arena.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_arena_scoped_ptr_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_syscall_wrapper_lib", srcs = select({ "@envoy//bazel:linux": ["quiche/quic/core/quic_syscall_wrapper.cc"], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": ["quiche/quic/core/quic_syscall_wrapper.h"], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_legacy_version_encapsulator_lib", srcs = [ "quiche/quic/core/quic_legacy_version_encapsulator.cc", ], hdrs = [ "quiche/quic/core/quic_legacy_version_encapsulator.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_packet_creator_lib", ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform", ":quiche_common_platform", ], ) envoy_cc_library( name = "quic_core_linux_socket_utils_lib", srcs = select({ "@envoy//bazel:linux": ["quiche/quic/core/quic_linux_socket_utils.cc"], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": ["quiche/quic/core/quic_linux_socket_utils.h"], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packet_writer_interface_lib", ":quic_core_syscall_wrapper_lib", ":quic_core_types_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_network_blackhole_detector_lib", srcs = ["quiche/quic/core/quic_network_blackhole_detector.cc"], hdrs = ["quiche/quic/core/quic_network_blackhole_detector.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_alarm_factory_interface_lib", ":quic_core_alarm_interface_lib", ":quic_core_constants_lib", ":quic_core_one_block_arena_lib", ":quic_core_time_lib", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_packet_creator_lib", srcs = ["quiche/quic/core/quic_packet_creator.cc"], hdrs = ["quiche/quic/core/quic_packet_creator.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_coalesced_packet_lib", ":quic_core_constants_lib", ":quic_core_crypto_encryption_lib", ":quic_core_data_lib", ":quic_core_framer_lib", ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_packet_number_indexed_queue_lib", hdrs = ["quiche/quic/core/packet_number_indexed_queue.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_constants_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_packet_writer_interface_lib", srcs = ["quiche/quic/core/quic_packet_writer_wrapper.cc"], hdrs = [ "quiche/quic/core/quic_packet_writer.h", "quiche/quic/core/quic_packet_writer_wrapper.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_packets_lib", srcs = [ "quiche/quic/core/quic_packets.cc", "quiche/quic/core/quic_write_blocked_list.cc", ], hdrs = [ "quiche/quic/core/quic_packets.h", "quiche/quic/core/quic_write_blocked_list.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_ack_listener_interface_lib", ":quic_core_bandwidth_lib", ":quic_core_constants_lib", ":quic_core_error_codes_lib", ":quic_core_frames_frames_lib", ":quic_core_time_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform", ":quic_platform_socket_address", ":spdy_core_fifo_write_scheduler_lib", ":spdy_core_http2_priority_write_scheduler_lib", ":spdy_core_lifo_write_scheduler_lib", ":spdy_core_priority_write_scheduler_lib", ], ) envoy_cc_library( name = "quic_core_process_packet_interface_lib", hdrs = ["quiche/quic/core/quic_process_packet_interface.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packets_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_blocking_manager_lib", srcs = ["quiche/quic/core/qpack/qpack_blocking_manager.cc"], hdrs = ["quiche/quic/core/qpack/qpack_blocking_manager.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_decoder_lib", srcs = ["quiche/quic/core/qpack/qpack_decoder.cc"], hdrs = ["quiche/quic/core/qpack/qpack_decoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_qpack_decoder_stream_sender_lib", ":quic_core_qpack_qpack_encoder_stream_receiver_lib", ":quic_core_qpack_qpack_header_table_lib", ":quic_core_qpack_qpack_progressive_decoder_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_encoder_lib", srcs = ["quiche/quic/core/qpack/qpack_encoder.cc"], hdrs = ["quiche/quic/core/qpack/qpack_encoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_blocking_manager_lib", ":quic_core_qpack_qpack_decoder_stream_receiver_lib", ":quic_core_qpack_qpack_encoder_stream_sender_lib", ":quic_core_qpack_qpack_header_table_lib", ":quic_core_qpack_qpack_index_conversions_lib", ":quic_core_qpack_qpack_instruction_encoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_required_insert_count_lib", ":quic_core_qpack_value_splitting_header_list_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_header_table_lib", srcs = ["quiche/quic/core/qpack/qpack_header_table.cc"], hdrs = ["quiche/quic/core/qpack/qpack_header_table.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_qpack_static_table_lib", ":quic_platform_base", ":spdy_core_hpack_hpack_lib", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_instruction_decoder_lib", srcs = ["quiche/quic/core/qpack/qpack_instruction_decoder.cc"], hdrs = ["quiche/quic/core/qpack/qpack_instruction_decoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":http2_hpack_huffman_hpack_huffman_decoder_lib", ":http2_hpack_varint_hpack_varint_decoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_instructions_lib", srcs = ["quiche/quic/core/qpack/qpack_instructions.cc"], hdrs = ["quiche/quic/core/qpack/qpack_instructions.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_qpack_qpack_instruction_encoder_lib", srcs = ["quiche/quic/core/qpack/qpack_instruction_encoder.cc"], hdrs = ["quiche/quic/core/qpack/qpack_instruction_encoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":http2_hpack_huffman_hpack_huffman_encoder_lib", ":http2_hpack_varint_hpack_varint_encoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_progressive_decoder_lib", srcs = ["quiche/quic/core/qpack/qpack_progressive_decoder.cc"], hdrs = ["quiche/quic/core/qpack/qpack_progressive_decoder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_qpack_decoder_stream_sender_lib", ":quic_core_qpack_qpack_encoder_stream_receiver_lib", ":quic_core_qpack_qpack_header_table_lib", ":quic_core_qpack_qpack_index_conversions_lib", ":quic_core_qpack_qpack_instruction_decoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_required_insert_count_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_required_insert_count_lib", srcs = ["quiche/quic/core/qpack/qpack_required_insert_count.cc"], hdrs = ["quiche/quic/core/qpack/qpack_required_insert_count.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_qpack_qpack_encoder_stream_sender_lib", srcs = ["quiche/quic/core/qpack/qpack_encoder_stream_sender.cc"], hdrs = ["quiche/quic/core/qpack/qpack_encoder_stream_sender.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_qpack_instruction_encoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_stream_sender_delegate_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_encoder_stream_receiver_lib", srcs = ["quiche/quic/core/qpack/qpack_encoder_stream_receiver.cc"], hdrs = ["quiche/quic/core/qpack/qpack_encoder_stream_receiver.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":quic_core_qpack_qpack_instruction_decoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_stream_receiver_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_decoder_stream_sender_lib", srcs = ["quiche/quic/core/qpack/qpack_decoder_stream_sender.cc"], hdrs = ["quiche/quic/core/qpack/qpack_decoder_stream_sender.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_qpack_qpack_instruction_encoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_stream_sender_delegate_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_decoder_stream_receiver_lib", srcs = ["quiche/quic/core/qpack/qpack_decoder_stream_receiver.cc"], hdrs = ["quiche/quic/core/qpack/qpack_decoder_stream_receiver.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":http2_decoder_decode_buffer_lib", ":http2_decoder_decode_status_lib", ":quic_core_qpack_qpack_instruction_decoder_lib", ":quic_core_qpack_qpack_instructions_lib", ":quic_core_qpack_qpack_stream_receiver_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_index_conversions_lib", srcs = ["quiche/quic/core/qpack/qpack_index_conversions.cc"], hdrs = ["quiche/quic/core/qpack/qpack_index_conversions.h"], copts = quiche_copts, repository = "@envoy", deps = [ ":quic_platform_base", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_static_table_lib", srcs = ["quiche/quic/core/qpack/qpack_static_table.cc"], hdrs = ["quiche/quic/core/qpack/qpack_static_table.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ":spdy_core_hpack_hpack_lib", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_stream_receiver_lib", hdrs = ["quiche/quic/core/qpack/qpack_stream_receiver.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_qpack_qpack_streams_lib", srcs = [ "quiche/quic/core/qpack/qpack_receive_stream.cc", "quiche/quic/core/qpack/qpack_send_stream.cc", ], hdrs = [ "quiche/quic/core/qpack/qpack_receive_stream.h", "quiche/quic/core/qpack/qpack_send_stream.h", ], copts = quiche_copts, repository = "@envoy", deps = [ ":quic_core_qpack_qpack_stream_receiver_lib", ":quic_core_qpack_qpack_stream_sender_delegate_lib", ":quic_core_session_lib", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_decoded_headers_accumulator_lib", srcs = ["quiche/quic/core/qpack/qpack_decoded_headers_accumulator.cc"], hdrs = ["quiche/quic/core/qpack/qpack_decoded_headers_accumulator.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_http_header_list_lib", ":quic_core_qpack_qpack_decoder_lib", ":quic_core_qpack_qpack_progressive_decoder_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_qpack_value_splitting_header_list_lib", srcs = ["quiche/quic/core/qpack/value_splitting_header_list.cc"], hdrs = ["quiche/quic/core/qpack/value_splitting_header_list.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ":spdy_core_header_block_lib", ], ) envoy_cc_library( name = "quic_core_qpack_qpack_stream_sender_delegate_lib", hdrs = ["quiche/quic/core/qpack/qpack_stream_sender_delegate.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_received_packet_manager_lib", srcs = ["quiche/quic/core/quic_received_packet_manager.cc"], hdrs = ["quiche/quic/core/quic_received_packet_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_config_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_encryption_lib", ":quic_core_framer_lib", ":quic_core_packets_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_sent_packet_manager_lib", srcs = ["quiche/quic/core/quic_sent_packet_manager.cc"], hdrs = ["quiche/quic/core/quic_sent_packet_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_congestion_control_congestion_control_lib", ":quic_core_congestion_control_general_loss_algorithm_lib", ":quic_core_congestion_control_pacing_sender_lib", ":quic_core_congestion_control_rtt_stats_lib", ":quic_core_congestion_control_uber_loss_algorithm_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_encryption_lib", ":quic_core_packets_lib", ":quic_core_proto_cached_network_parameters_proto_header", ":quic_core_sustained_bandwidth_recorder_lib", ":quic_core_transmission_info_lib", ":quic_core_types_lib", ":quic_core_unacked_packet_map_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_server_id_lib", srcs = ["quiche/quic/core/quic_server_id.cc"], hdrs = ["quiche/quic/core/quic_server_id.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_server_lib", srcs = [ "quiche/quic/core/chlo_extractor.cc", "quiche/quic/core/quic_buffered_packet_store.cc", "quiche/quic/core/quic_dispatcher.cc", "quiche/quic/core/tls_chlo_extractor.cc", ], hdrs = [ "quiche/quic/core/chlo_extractor.h", "quiche/quic/core/quic_buffered_packet_store.h", "quiche/quic/core/quic_dispatcher.h", "quiche/quic/core/tls_chlo_extractor.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_alarm_factory_interface_lib", ":quic_core_alarm_interface_lib", ":quic_core_blocked_writer_interface_lib", ":quic_core_connection_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_random_lib", ":quic_core_framer_lib", ":quic_core_packets_lib", ":quic_core_process_packet_interface_lib", ":quic_core_session_lib", ":quic_core_time_lib", ":quic_core_time_wait_list_manager_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_version_manager_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_session_lib", srcs = [ "quiche/quic/core/legacy_quic_stream_id_manager.cc", "quiche/quic/core/quic_control_frame_manager.cc", "quiche/quic/core/quic_crypto_client_handshaker.cc", "quiche/quic/core/quic_crypto_client_stream.cc", "quiche/quic/core/quic_crypto_handshaker.cc", "quiche/quic/core/quic_crypto_server_stream.cc", "quiche/quic/core/quic_crypto_server_stream_base.cc", "quiche/quic/core/quic_crypto_stream.cc", "quiche/quic/core/quic_datagram_queue.cc", "quiche/quic/core/quic_flow_controller.cc", "quiche/quic/core/quic_session.cc", "quiche/quic/core/quic_stream.cc", "quiche/quic/core/quic_stream_id_manager.cc", "quiche/quic/core/quic_stream_sequencer.cc", "quiche/quic/core/tls_client_handshaker.cc", "quiche/quic/core/tls_handshaker.cc", "quiche/quic/core/tls_server_handshaker.cc", "quiche/quic/core/uber_quic_stream_id_manager.cc", ], hdrs = [ "quiche/quic/core/handshaker_delegate_interface.h", "quiche/quic/core/legacy_quic_stream_id_manager.h", "quiche/quic/core/quic_control_frame_manager.h", "quiche/quic/core/quic_crypto_client_handshaker.h", "quiche/quic/core/quic_crypto_client_stream.h", "quiche/quic/core/quic_crypto_handshaker.h", "quiche/quic/core/quic_crypto_server_stream.h", "quiche/quic/core/quic_crypto_server_stream_base.h", "quiche/quic/core/quic_crypto_stream.h", "quiche/quic/core/quic_datagram_queue.h", "quiche/quic/core/quic_flow_controller.h", "quiche/quic/core/quic_session.h", "quiche/quic/core/quic_stream.h", "quiche/quic/core/quic_stream_id_manager.h", "quiche/quic/core/quic_stream_sequencer.h", "quiche/quic/core/stream_delegate_interface.h", "quiche/quic/core/tls_client_handshaker.h", "quiche/quic/core/tls_handshaker.h", "quiche/quic/core/tls_server_handshaker.h", "quiche/quic/core/uber_quic_stream_id_manager.h", ], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_config_lib", ":quic_core_connection_lib", ":quic_core_constants_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_random_lib", ":quic_core_crypto_tls_handshake_lib", ":quic_core_frames_frames_lib", ":quic_core_packet_creator_lib", ":quic_core_packets_lib", ":quic_core_server_id_lib", ":quic_core_session_notifier_interface_lib", ":quic_core_stream_frame_data_producer_lib", ":quic_core_stream_send_buffer_lib", ":quic_core_stream_sequencer_buffer_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform", ":quic_platform_mem_slice_span", ":spdy_core_protocol_lib", ], ) envoy_cc_library( name = "quic_core_session_notifier_interface_lib", hdrs = ["quiche/quic/core/session_notifier_interface.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_frames_frames_lib", ":quic_core_time_lib", ], ) envoy_cc_library( name = "quic_core_socket_address_coder_lib", srcs = ["quiche/quic/core/quic_socket_address_coder.cc"], hdrs = ["quiche/quic/core/quic_socket_address_coder.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ":quic_platform_socket_address", ":spdy_core_priority_write_scheduler_lib", ], ) envoy_cc_library( name = "quic_core_stream_frame_data_producer_lib", hdrs = ["quiche/quic/core/quic_stream_frame_data_producer.h"], repository = "@envoy", tags = ["nofips"], deps = [":quic_core_types_lib"], ) envoy_cc_library( name = "quic_core_stream_send_buffer_lib", srcs = ["quiche/quic/core/quic_stream_send_buffer.cc"], hdrs = ["quiche/quic/core/quic_stream_send_buffer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_circular_deque_lib", ":quic_core_data_lib", ":quic_core_frames_frames_lib", ":quic_core_interval_deque_lib", ":quic_core_interval_lib", ":quic_core_interval_set_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform_base", ":quic_platform_mem_slice_span", ], ) envoy_cc_library( name = "quic_core_stream_sequencer_buffer_lib", srcs = ["quiche/quic/core/quic_stream_sequencer_buffer.cc"], hdrs = ["quiche/quic/core/quic_stream_sequencer_buffer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_constants_lib", ":quic_core_interval_lib", ":quic_core_interval_set_lib", ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_sustained_bandwidth_recorder_lib", srcs = ["quiche/quic/core/quic_sustained_bandwidth_recorder.cc"], hdrs = ["quiche/quic/core/quic_sustained_bandwidth_recorder.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_bandwidth_lib", ":quic_core_time_lib", ":quic_platform_base", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_tag_lib", srcs = ["quiche/quic/core/quic_tag.cc"], hdrs = ["quiche/quic/core/quic_tag.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_time_lib", srcs = ["quiche/quic/core/quic_time.cc"], hdrs = ["quiche/quic/core/quic_time.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [":quic_platform_base"], ) envoy_cc_library( name = "quic_core_time_accumulator_lib", hdrs = ["quiche/quic/core/quic_time_accumulator.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [], ) envoy_cc_library( name = "quic_core_time_wait_list_manager_lib", srcs = ["quiche/quic/core/quic_time_wait_list_manager.cc"], hdrs = ["quiche/quic/core/quic_time_wait_list_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_blocked_writer_interface_lib", ":quic_core_crypto_encryption_lib", ":quic_core_framer_lib", ":quic_core_packet_writer_interface_lib", ":quic_core_packets_lib", ":quic_core_session_lib", ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform", ], ) envoy_cc_library( name = "quic_core_transmission_info_lib", srcs = ["quiche/quic/core/quic_transmission_info.cc"], hdrs = ["quiche/quic/core/quic_transmission_info.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_ack_listener_interface_lib", ":quic_core_frames_frames_lib", ":quic_core_types_lib", ":quic_platform_export", ], ) envoy_cc_library( name = "quic_core_types_lib", srcs = [ "quiche/quic/core/quic_connection_id.cc", "quiche/quic/core/quic_packet_number.cc", "quiche/quic/core/quic_types.cc", ], hdrs = [ "quiche/quic/core/quic_connection_id.h", "quiche/quic/core/quic_packet_number.h", "quiche/quic/core/quic_types.h", ], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_crypto_random_lib", ":quic_core_error_codes_lib", ":quic_core_time_lib", ":quic_platform_base", ":quiche_common_platform_endian", ], ) envoy_cc_library( name = "quic_core_uber_received_packet_manager_lib", srcs = ["quiche/quic/core/uber_received_packet_manager.cc"], hdrs = ["quiche/quic/core/uber_received_packet_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_received_packet_manager_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_udp_socket_lib", srcs = select({ "@envoy//bazel:windows_x86_64": [], "//conditions:default": ["quiche/quic/core/quic_udp_socket_posix.cc"], }), hdrs = select({ "@envoy//bazel:windows_x86_64": [], "//conditions:default": ["quiche/quic/core/quic_udp_socket.h"], }), copts = quiche_copts + select({ # On OSX/iOS, condstants from RFC 3542 (e.g. IPV6_RECVPKTINFO) are not usable # without this define. "@envoy//bazel:apple": ["-D__APPLE_USE_RFC_3542"], "//conditions:default": [], }), repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform", ":quic_platform_udp_socket", ], ) envoy_cc_library( name = "quic_core_unacked_packet_map_lib", srcs = ["quiche/quic/core/quic_unacked_packet_map.cc"], hdrs = ["quiche/quic/core/quic_unacked_packet_map.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_connection_stats_lib", ":quic_core_packets_lib", ":quic_core_session_notifier_interface_lib", ":quic_core_transmission_info_lib", ":quic_core_utils_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_utils_lib", srcs = ["quiche/quic/core/quic_utils.cc"], hdrs = ["quiche/quic/core/quic_utils.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_constants_lib", ":quic_core_crypto_random_lib", ":quic_core_error_codes_lib", ":quic_core_frames_frames_lib", ":quic_core_types_lib", ":quic_core_versions_lib", ":quic_platform_base", ":quic_platform_socket_address", ], ) envoy_cc_library( name = "quic_core_version_manager_lib", srcs = ["quiche/quic/core/quic_version_manager.cc"], hdrs = ["quiche/quic/core/quic_version_manager.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_versions_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_core_versions_lib", srcs = ["quiche/quic/core/quic_versions.cc"], hdrs = ["quiche/quic/core/quic_versions.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quic_core_crypto_random_lib", ":quic_core_tag_lib", ":quic_core_types_lib", ":quic_platform_base", ":quiche_common_platform_endian", ], ) envoy_cc_test_library( name = "quic_test_tools_config_peer_lib", srcs = ["quiche/quic/test_tools/quic_config_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_config_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_config_lib", ":quic_core_packets_lib", ":quic_platform_base", ], ) envoy_cc_test_library( name = "quic_test_tools_crypto_server_config_peer_lib", srcs = [ "quiche/quic/test_tools/quic_crypto_server_config_peer.cc", ], hdrs = [ "quiche/quic/test_tools/quic_crypto_server_config_peer.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_crypto_handshake_lib", ":quic_test_tools_mock_clock_lib", ":quic_test_tools_mock_random_lib", ":quic_test_tools_test_utils_interface_lib", ":quiche_common_platform", ], ) envoy_cc_test_library( name = "quic_test_tools_first_flight_lib", srcs = [ "quiche/quic/test_tools/first_flight.cc", ], hdrs = [ "quiche/quic/test_tools/first_flight.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_config_lib", ":quic_core_connection_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_http_client_lib", ":quic_core_packet_writer_interface_lib", ":quic_core_packets_lib", ":quic_core_types_lib", ":quic_core_versions_lib", ":quic_platform", ":quic_test_tools_test_utils_interface_lib", ], ) envoy_cc_library( name = "quic_test_tools_flow_controller_peer_lib", srcs = [ "quiche/quic/test_tools/quic_flow_controller_peer.cc", ], hdrs = [ "quiche/quic/test_tools/quic_flow_controller_peer.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packets_lib", ":quic_core_session_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_framer_peer_lib", srcs = ["quiche/quic/test_tools/quic_framer_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_framer_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_encryption_lib", ":quic_core_framer_lib", ":quic_core_packets_lib", ":quic_platform_base", ], ) envoy_cc_library( name = "quic_test_tools_interval_deque_peer_lib", hdrs = ["quiche/quic/test_tools/quic_interval_deque_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_interval_deque_lib", ":quic_core_interval_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_mock_clock_lib", srcs = ["quiche/quic/test_tools/mock_clock.cc"], hdrs = ["quiche/quic/test_tools/mock_clock.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_clock_lib", ":quic_core_time_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_mock_random_lib", srcs = ["quiche/quic/test_tools/mock_random.cc"], hdrs = ["quiche/quic/test_tools/mock_random.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_core_crypto_random_lib"], ) envoy_cc_test_library( name = "quic_test_tools_mock_syscall_wrapper_lib", srcs = ["quiche/quic/test_tools/quic_mock_syscall_wrapper.cc"], hdrs = ["quiche/quic/test_tools/quic_mock_syscall_wrapper.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_syscall_wrapper_lib", ":quic_platform_base", ":quic_platform_test", ], ) envoy_cc_test_library( name = "quic_test_tools_sent_packet_manager_peer_lib", srcs = ["quiche/quic/test_tools/quic_sent_packet_manager_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_sent_packet_manager_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_packets_lib", ":quic_core_sent_packet_manager_lib", ":quic_test_tools_unacked_packet_map_peer_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_server_session_base_peer", hdrs = [ "quiche/quic/test_tools/quic_server_session_base_peer.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_http_spdy_session_lib", ":quic_core_utils_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_simple_quic_framer_lib", srcs = ["quiche/quic/test_tools/simple_quic_framer.cc"], hdrs = ["quiche/quic/test_tools/simple_quic_framer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_crypto_encryption_lib", ":quic_core_framer_lib", ":quic_core_packets_lib", ":quic_platform_base", ], ) envoy_cc_test_library( name = "quic_test_tools_stream_send_buffer_peer_lib", srcs = ["quiche/quic/test_tools/quic_stream_send_buffer_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_stream_send_buffer_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_stream_send_buffer_lib", ":quic_test_tools_interval_deque_peer_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_stream_peer_lib", srcs = ["quiche/quic/test_tools/quic_stream_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_stream_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packets_lib", ":quic_core_session_lib", ":quic_core_stream_send_buffer_lib", ":quic_platform_base", ":quic_test_tools_flow_controller_peer_lib", ":quic_test_tools_stream_send_buffer_peer_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_test_certificates_lib", srcs = ["quiche/quic/test_tools/test_certificates.cc"], hdrs = ["quiche/quic/test_tools/test_certificates.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_platform_base", ":quiche_common_platform", ], ) envoy_cc_test_library( name = "quic_test_tools_test_utils_interface_lib", srcs = [ "quiche/quic/test_tools/crypto_test_utils.cc", "quiche/quic/test_tools/mock_quic_session_visitor.cc", "quiche/quic/test_tools/mock_quic_time_wait_list_manager.cc", "quiche/quic/test_tools/quic_buffered_packet_store_peer.cc", "quiche/quic/test_tools/quic_connection_peer.cc", "quiche/quic/test_tools/quic_dispatcher_peer.cc", "quiche/quic/test_tools/quic_test_utils.cc", ], hdrs = [ "quiche/quic/test_tools/crypto_test_utils.h", "quiche/quic/test_tools/mock_quic_session_visitor.h", "quiche/quic/test_tools/mock_quic_time_wait_list_manager.h", "quiche/quic/test_tools/quic_buffered_packet_store_peer.h", "quiche/quic/test_tools/quic_connection_peer.h", "quiche/quic/test_tools/quic_dispatcher_peer.h", "quiche/quic/test_tools/quic_test_utils.h", ], copts = quiche_copts, external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_buffer_allocator_lib", ":quic_core_congestion_control_congestion_control_interface_lib", ":quic_core_connection_lib", ":quic_core_connection_stats_lib", ":quic_core_crypto_crypto_handshake_lib", ":quic_core_crypto_encryption_lib", ":quic_core_crypto_proof_source_interface_lib", ":quic_core_crypto_random_lib", ":quic_core_data_lib", ":quic_core_framer_lib", ":quic_core_http_client_lib", ":quic_core_http_spdy_session_lib", ":quic_core_packet_creator_lib", ":quic_core_packet_writer_interface_lib", ":quic_core_packets_lib", ":quic_core_received_packet_manager_lib", ":quic_core_sent_packet_manager_lib", ":quic_core_server_id_lib", ":quic_core_server_lib", ":quic_core_session_lib", ":quic_core_time_wait_list_manager_lib", ":quic_core_utils_lib", ":quic_platform", ":quic_platform_test", ":quic_test_tools_config_peer_lib", ":quic_test_tools_framer_peer_lib", ":quic_test_tools_mock_clock_lib", ":quic_test_tools_mock_random_lib", ":quic_test_tools_sent_packet_manager_peer_lib", ":quic_test_tools_simple_quic_framer_lib", ":quic_test_tools_stream_peer_lib", ":quiche_common_test_tools_test_utils_lib", ":spdy_core_framer_lib", ], ) envoy_cc_test_library( name = "quic_test_tools_session_peer_lib", srcs = [ "quiche/quic/test_tools/quic_session_peer.cc", ], hdrs = [ "quiche/quic/test_tools/quic_session_peer.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_packets_lib", ":quic_core_session_lib", ":quic_core_utils_lib", ":quic_platform", ], ) envoy_cc_test_library( name = "quic_test_tools_unacked_packet_map_peer_lib", srcs = ["quiche/quic/test_tools/quic_unacked_packet_map_peer.cc"], hdrs = ["quiche/quic/test_tools/quic_unacked_packet_map_peer.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":quic_core_unacked_packet_map_lib"], ) envoy_cc_test_library( name = "epoll_server_platform", hdrs = [ "quiche/epoll_server/platform/api/epoll_address_test_utils.h", "quiche/epoll_server/platform/api/epoll_bug.h", "quiche/epoll_server/platform/api/epoll_expect_bug.h", "quiche/epoll_server/platform/api/epoll_export.h", "quiche/epoll_server/platform/api/epoll_logging.h", "quiche/epoll_server/platform/api/epoll_ptr_util.h", "quiche/epoll_server/platform/api/epoll_test.h", "quiche/epoll_server/platform/api/epoll_thread.h", "quiche/epoll_server/platform/api/epoll_time.h", ], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:epoll_server_platform_impl_lib"], ) envoy_cc_test_library( name = "epoll_server_lib", srcs = select({ "@envoy//bazel:linux": [ "quiche/epoll_server/fake_simple_epoll_server.cc", "quiche/epoll_server/simple_epoll_server.cc", ], "//conditions:default": [], }), hdrs = select({ "@envoy//bazel:linux": [ "quiche/epoll_server/fake_simple_epoll_server.h", "quiche/epoll_server/simple_epoll_server.h", ], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":epoll_server_platform"], ) envoy_cc_library( name = "quiche_common_platform_optional", hdrs = ["quiche/common/platform/api/quiche_optional.h"], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quiche_common_platform_export", "@envoy//source/extensions/quic_listeners/quiche/platform:quiche_common_platform_optional_impl_lib", ], ) envoy_cc_library( name = "quiche_common_platform", hdrs = [ "quiche/common/platform/api/quiche_arraysize.h", "quiche/common/platform/api/quiche_logging.h", "quiche/common/platform/api/quiche_optional.h", "quiche/common/platform/api/quiche_ptr_util.h", "quiche/common/platform/api/quiche_str_cat.h", "quiche/common/platform/api/quiche_string_piece.h", "quiche/common/platform/api/quiche_text_utils.h", "quiche/common/platform/api/quiche_time_utils.h", "quiche/common/platform/api/quiche_unordered_containers.h", ], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quiche_common_platform_export", ":quiche_common_platform_optional", "@envoy//source/extensions/quic_listeners/quiche/platform:quiche_common_platform_impl_lib", ], ) envoy_cc_test_library( name = "quiche_common_platform_test", srcs = [ "quiche/common/platform/api/quiche_endian_test.cc", "quiche/common/platform/api/quiche_str_cat_test.cc", "quiche/common/platform/api/quiche_text_utils_test.cc", "quiche/common/platform/api/quiche_time_utils_test.cc", ], hdrs = ["quiche/common/platform/api/quiche_test.h"], repository = "@envoy", tags = ["nofips"], deps = [ ":quiche_common_platform", ":quiche_common_platform_endian", "@envoy//test/extensions/quic_listeners/quiche/platform:quiche_common_platform_test_impl_lib", ], ) envoy_cc_library( name = "quiche_common_lib", srcs = [ "quiche/common/quiche_data_reader.cc", "quiche/common/quiche_data_writer.cc", ], hdrs = [ "quiche/common/quiche_data_reader.h", "quiche/common/quiche_data_writer.h", "quiche/common/simple_linked_hash_map.h", ], repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":quiche_common_platform", ":quiche_common_platform_endian", ], ) envoy_cc_test( name = "epoll_server_test", srcs = select({ "@envoy//bazel:linux": ["quiche/epoll_server/simple_epoll_server_test.cc"], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [":epoll_server_lib"], ) envoy_cc_test( name = "quiche_common_test", srcs = ["quiche/common/simple_linked_hash_map_test.cc"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quiche_common_lib", ":quiche_common_platform_test", ], ) envoy_cc_test( name = "http2_platform_api_test", srcs = [ "quiche/http2/platform/api/http2_string_utils_test.cc", "quiche/http2/test_tools/http2_random_test.cc", ], repository = "@envoy", tags = ["nofips"], deps = [ ":http2_platform", ":http2_test_tools_random", ], ) envoy_cc_test( name = "spdy_platform_api_test", srcs = ["quiche/spdy/platform/api/spdy_string_utils_test.cc"], repository = "@envoy", tags = ["nofips"], deps = [ ":quiche_common_test_tools_test_utils_lib", ":spdy_platform", ], ) envoy_cc_library( name = "quic_platform_mem_slice_span", hdrs = [ "quiche/quic/platform/api/quic_mem_slice_span.h", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], deps = ["@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_mem_slice_span_impl_lib"], ) envoy_cc_test_library( name = "quic_platform_test_mem_slice_vector_lib", hdrs = ["quiche/quic/platform/api/quic_test_mem_slice_vector.h"], repository = "@envoy", tags = ["nofips"], deps = ["@envoy//test/extensions/quic_listeners/quiche/platform:quic_platform_test_mem_slice_vector_impl_lib"], ) envoy_cc_library( name = "quic_platform_mem_slice_storage", hdrs = ["quiche/quic/platform/api/quic_mem_slice_storage.h"], repository = "@envoy", visibility = ["//visibility:public"], deps = ["@envoy//source/extensions/quic_listeners/quiche/platform:quic_platform_mem_slice_storage_impl_lib"], ) envoy_cc_test( name = "spdy_core_header_block_test", srcs = ["quiche/spdy/core/spdy_header_block_test.cc"], copts = quiche_copts, coverage = False, repository = "@envoy", tags = ["nofips"], deps = [ ":spdy_core_header_block_lib", ":spdy_core_test_utils_lib", ], ) envoy_cc_test( name = "quic_platform_api_test", srcs = [ "quiche/quic/platform/api/quic_containers_test.cc", "quiche/quic/platform/api/quic_mem_slice_span_test.cc", # Re-enable it when tests pass. # "quiche/quic/platform/api/quic_mem_slice_storage_test.cc", "quiche/quic/platform/api/quic_mem_slice_test.cc", "quiche/quic/platform/api/quic_reference_counted_test.cc", "quiche/quic/platform/api/quic_string_utils_test.cc", ], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_buffer_allocator_lib", ":quic_platform", ":quic_platform_mem_slice_span", ":quic_platform_mem_slice_storage", ":quic_platform_test", ":quic_platform_test_mem_slice_vector_lib", ], ) envoy_cc_test( name = "quic_core_batch_writer_batch_writer_test", srcs = select({ "@envoy//bazel:linux": ["quiche/quic/core/batch_writer/quic_batch_writer_test.cc"], "//conditions:default": [], }), copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ ":quic_core_batch_writer_batch_writer_test_lib", ":quic_core_batch_writer_gso_batch_writer_lib", ":quic_core_batch_writer_sendmmsg_batch_writer_lib", ":quic_platform", ], ) ================================================ FILE: bazel/external/quiche.genrule_cmd ================================================ #!/bin/bash set -e # This script is invoked from quiche.BUILD to tweak QUICHE source files into a # form usable by Envoy. Transformations performed here: # # - Move subtree under quiche/ base dir, for clarity in #include statements. # - Rewrite include directives for platform/impl files to point to the directory # containing Envoy's QUICHE platform implementation. # - Fix include directives for non-platform/impl files to remove # "net/third_party" from the path. (This is an artifact of Chromium source # tree structure.) # Determine base directory of unmodified QUICHE source files. In practice, this # ends up being "external/com_googlesource_quiche". src_base_dir=$$(dirname $$(dirname $$(dirname $(rootpath quic/core/quic_constants.h)))) # sed commands to apply to each source file. cat <sed_commands # Rewrite include directives for testonly platform impl files. /^#include/ s!net/http2/platform/impl/http2_reconstruct_object_impl.h!test/extensions/quic_listeners/quiche/platform/http2_reconstruct_object_impl.h! /^#include/ s!net/quic/platform/impl/quic_expect_bug_impl.h!test/extensions/quic_listeners/quiche/platform/quic_expect_bug_impl.h! /^#include/ s!net/quic/platform/impl/quic_mock_log_impl.h!test/extensions/quic_listeners/quiche/platform/quic_mock_log_impl.h! /^#include/ s!net/quic/platform/impl/quic_port_utils_impl.h!test/extensions/quic_listeners/quiche/platform/quic_port_utils_impl.h! /^#include/ s!net/quic/platform/impl/quic_sleep_impl.h!test/extensions/quic_listeners/quiche/platform/quic_sleep_impl.h! /^#include/ s!net/quic/platform/impl/quic_system_event_loop_impl.h!test/extensions/quic_listeners/quiche/platform/quic_system_event_loop_impl.h! /^#include/ s!net/quic/platform/impl/quic_test_impl.h!test/extensions/quic_listeners/quiche/platform/quic_test_impl.h! /^#include/ s!net/quic/platform/impl/quic_test_mem_slice_vector_impl.h!test/extensions/quic_listeners/quiche/platform/quic_test_mem_slice_vector_impl.h! /^#include/ s!net/quic/platform/impl/quic_test_output_impl.h!test/extensions/quic_listeners/quiche/platform/quic_test_output_impl.h! /^#include/ s!net/quic/platform/impl/quic_thread_impl.h!test/extensions/quic_listeners/quiche/platform/quic_thread_impl.h! /^#include/ s!net/quiche/common/platform/impl/quiche_test_impl.h!test/extensions/quic_listeners/quiche/platform/quiche_test_impl.h! /^#include/ s!net/spdy/platform/impl/spdy_test_helpers_impl.h!test/extensions/quic_listeners/quiche/platform/spdy_test_helpers_impl.h! /^#include/ s!net/spdy/platform/impl/spdy_test_impl.h!test/extensions/quic_listeners/quiche/platform/spdy_test_impl.h! # Rewrite include directives for platform impl files. /^#include/ s!net/(http2|spdy|quic|quiche/common)/platform/impl/!extensions/quic_listeners/quiche/platform/! # Rewrite include directives for epoll_server platform impl files. /^#include/ s!net/tools/epoll_server/platform/impl!test/extensions/quic_listeners/quiche/platform/! # Strip "net/third_party" from include directives to other QUICHE files. /^#include/ s!net/third_party/quiche/src/!quiche/! # Rewrite gmock & gtest includes. /^#include/ s!testing/gmock/include/gmock/!gmock/! /^#include/ s!testing/gtest/include/gtest/!gtest/! # Rewrite third_party includes. /^#include/ s!third_party/boringssl/src/include/!! /^#include/ s!third_party/zlib/zlib!zlib! /^import/ s!cached_network_parameters!quiche/quic/core/proto/cached_network_parameters! # Rewrite #pragma clang /^#pragma/ s!clang!GCC! /^#pragma/ s!-Weverything!-Wall! EOF for src_file in $(SRCS); do # Extract relative path (e.g. "quic/core/quic_utils.cc") from full path in # src_path (e.g. "external/com_googlesource_quiche/quic/core/quic_utils.cc"). src_path="$${src_file#$$src_base_dir/}" # Map to output file with quiche/ base directory inserted in path. out_file="$(@D)/quiche/$$src_path" mkdir -p "$$(dirname "$$out_file")" # Apply text substitutions. -E ensures consistent behavior on Linux vs. OS X. sed -E -f sed_commands "$$src_file" > "$$out_file" done ================================================ FILE: bazel/external/rapidjson.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "rapidjson", hdrs = glob(["include/rapidjson/**/*.h"]), defines = ["RAPIDJSON_HAS_STDSTRING=1"], includes = ["include"], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/spdlog.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "spdlog", hdrs = glob([ "include/**/*.h", ]), defines = ["SPDLOG_FMT_EXTERNAL"], includes = ["include"], visibility = ["//visibility:public"], deps = ["@com_github_fmtlib_fmt//:fmtlib"], ) ================================================ FILE: bazel/external/sqlparser.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "sqlparser", srcs = glob(["src/**/*.cpp"]), hdrs = glob([ "include/**/*.h", "src/**/*.h", ]), defines = select({ "@envoy//bazel:windows_x86_64": ["YY_NO_UNISTD_H"], "//conditions:default": [], }), visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/tclap.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "tclap", hdrs = glob(["include/tclap/*.h"]), includes = ["include"], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/twitter_common_finagle_thrift.BUILD ================================================ load("@rules_python//python:defs.bzl", "py_library") licenses(["notice"]) # Apache 2 py_library( name = "twitter_common_finagle_thrift", srcs = glob([ "gen/**/*.py", ]), visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/twitter_common_lang.BUILD ================================================ load("@rules_python//python:defs.bzl", "py_library") licenses(["notice"]) # Apache 2 py_library( name = "twitter_common_lang", srcs = glob([ "twitter/**/*.py", ]), visibility = ["//visibility:public"], ) ================================================ FILE: bazel/external/twitter_common_rpc.BUILD ================================================ load("@rules_python//python:defs.bzl", "py_library") licenses(["notice"]) # Apache 2 py_library( name = "twitter_common_rpc", srcs = glob([ "twitter/**/*.py", ]), visibility = ["//visibility:public"], deps = [ "@com_github_twitter_common_finagle_thrift//:twitter_common_finagle_thrift", "@com_github_twitter_common_lang//:twitter_common_lang", ], ) ================================================ FILE: bazel/external/wee8.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") load("@envoy_large_machine_exec_property//:constants.bzl", "LARGE_MACHINE") load(":genrule_cmd.bzl", "genrule_cmd") licenses(["notice"]) # Apache 2 cc_library( name = "wee8", srcs = [ "libwee8.a", ], hdrs = [ "wee8/include/v8-version.h", "wee8/third_party/wasm-api/wasm.hh", ], defines = ["ENVOY_WASM_V8"], includes = [ "wee8/include", "wee8/third_party", ], visibility = ["//visibility:public"], ) genrule( name = "build", srcs = glob(["wee8/**"]), outs = [ "libwee8.a", ], cmd = genrule_cmd("@envoy//bazel/external:wee8.genrule_cmd"), exec_properties = LARGE_MACHINE, ) ================================================ FILE: bazel/external/wee8.genrule_cmd ================================================ #!/bin/bash set -e # This works only on Linux-{x86_64,s390x,aarch64} and macOS-x86_64. case "$$(uname -s)-$$(uname -m)" in Linux-x86_64|Linux-s390x|Linux-aarch64|Darwin-x86_64) ;; *) echo "ERROR: wee8 is currently supported only on Linux-{x86_64,s390x,aarch64} and macOS-x86_64." >&2 exit 1 esac # Bazel magic. ROOT=$$(dirname $(rootpath wee8/BUILD.gn))/.. pushd $$ROOT/wee8 # Clean after previous build. rm -rf out/wee8 # Export compiler configuration. export CXXFLAGS="$${CXXFLAGS-} -Wno-sign-compare -Wno-deprecated-copy -Wno-unknown-warning-option" if [[ ( `uname` == "Darwin" && $${CXX-} == "" ) || $${CXX-} == *"clang"* ]]; then export IS_CLANG=true export CC=$${CC:-clang} export CXX=$${CXX:-clang++} export CXXFLAGS="$${CXXFLAGS} -Wno-implicit-int-float-conversion -Wno-builtin-assume-aligned-alignment -Wno-final-dtor-non-final-class" else export IS_CLANG=false export CC=$${CC:-gcc} export CXX=$${CXX:-g++} fi export AR=$${AR:-ar} export NM=$${NM:-nm} # Hook sanitizers. if [[ $${ENVOY_ASAN-} == "1" ]]; then WEE8_BUILD_ARGS+=" is_asan=true" WEE8_BUILD_ARGS+=" is_lsan=true" fi if [[ $${ENVOY_UBSAN_VPTR-} == "1" ]]; then WEE8_BUILD_ARGS+=" is_ubsan=true" WEE8_BUILD_ARGS+=" is_ubsan_vptr=true" fi if [[ $${ENVOY_MSAN-} == "1" ]]; then WEE8_BUILD_ARGS+=" is_msan=true" export LDFLAGS="$${LDFLAGS} -L/opt/libcxx_msan/lib -Wl,-rpath,/opt/libcxx_msan/lib" fi if [[ $${ENVOY_TSAN-} == "1" ]]; then WEE8_BUILD_ARGS+=" is_tsan=true" fi # Debug/release build. if [[ $(COMPILATION_MODE) == "dbg" && $${ENVOY_UBSAN_VPTR-} != "1" && $${ENVOY_MSAN-} != "1" && $${ENVOY_TSAN-} != "1" ]]; then WEE8_BUILD_ARGS+=" is_debug=true" WEE8_BUILD_ARGS+=" v8_symbol_level=2" WEE8_BUILD_ARGS+=" v8_optimized_debug=false" else WEE8_BUILD_ARGS+=" is_debug=false" WEE8_BUILD_ARGS+=" v8_symbol_level=1" WEE8_BUILD_ARGS+=" v8_enable_handle_zapping=false" fi # Clang or not Clang, that is the question. WEE8_BUILD_ARGS+=" is_clang=$$IS_CLANG" # Hack to disable bleeding-edge compiler flags. WEE8_BUILD_ARGS+=" use_xcode_clang=true" # Use local toolchain. WEE8_BUILD_ARGS+=" custom_toolchain=\"//build/toolchain/linux/unbundle:default\"" # Use local stdlibc++ / libc++. WEE8_BUILD_ARGS+=" use_custom_libcxx=false" # Use local sysroot. WEE8_BUILD_ARGS+=" use_sysroot=false" # Disable unused GLib2 dependency. WEE8_BUILD_ARGS+=" use_glib=false" # Expose debug symbols. WEE8_BUILD_ARGS+=" v8_expose_symbols=true" # Build monolithic library. WEE8_BUILD_ARGS+=" is_component_build=false" WEE8_BUILD_ARGS+=" v8_enable_i18n_support=false" WEE8_BUILD_ARGS+=" v8_enable_gdbjit=false" WEE8_BUILD_ARGS+=" v8_use_external_startup_data=false" # Disable read-only heap, since it's leaky and HEAPCHECK complains about it. # TODO(PiotrSikora): remove when fixed upstream. WEE8_BUILD_ARGS+=" v8_enable_shared_ro_heap=false" # Support Arm64 if [[ `uname -m` == "aarch64" ]]; then WEE8_BUILD_ARGS+=" target_cpu=\"arm64\"" fi # Build wee8. if [[ -f /etc/centos-release ]] && [[ $$(cat /etc/centos-release) =~ "CentOS Linux release 7" ]] && [[ -x "$$(command -v gn)" ]]; then # Using system default gn tools # This is done only for CentOS 7, as it has an old version of GLIBC which is otherwise incompatible gn=$$(command -v gn) elif [[ "$$(uname -s)" == "Darwin" ]]; then gn=buildtools/mac/gn elif [[ "$$(uname -s)-$$(uname -m)" == "Linux-x86_64" ]]; then gn=buildtools/linux64/gn else # Using system default gn tools gn=$$(command -v gn) fi if [[ "$$(uname -s)" == "Darwin" ]]; then ninja=third_party/depot_tools/ninja elif [[ "$$(uname -s)-$$(uname -m)" == "Linux-x86_64" ]]; then ninja=third_party/depot_tools/ninja else # Using system default ninja tools ninja=$$(command -v ninja) fi "$$gn" gen out/wee8 --args="$$WEE8_BUILD_ARGS" "$$ninja" -C out/wee8 wee8 # Move compiled library to the expected destinations. popd mv $$ROOT/wee8/out/wee8/obj/libwee8.a $(execpath libwee8.a) ================================================ FILE: bazel/external/wee8.patch ================================================ # 1. Fix linking with unbundled toolchain on macOS. # 2. Increase VSZ limit to 4TiB (allows us to start up to 409 VMs). # 3. Fix MSAN linking. --- wee8/build/toolchain/gcc_toolchain.gni +++ wee8/build/toolchain/gcc_toolchain.gni @@ -329,6 +329,8 @@ template("gcc_toolchain") { # AIX does not support either -D (deterministic output) or response # files. command = "$ar -X64 {{arflags}} -r -c -s {{output}} {{inputs}}" + } else if (current_os == "mac") { + command = "\"$ar\" {{arflags}} -r -c -s {{output}} {{inputs}}" } else { rspfile = "{{output}}.rsp" rspfile_content = "{{inputs}}" @@ -507,7 +509,7 @@ template("gcc_toolchain") { start_group_flag = "" end_group_flag = "" - if (current_os != "aix") { + if (current_os != "aix" && current_os != "mac") { # the "--start-group .. --end-group" feature isn't available on the aix ld. start_group_flag = "-Wl,--start-group" end_group_flag = "-Wl,--end-group " --- wee8/src/objects/backing-store.cc +++ wee8/src/objects/backing-store.cc @@ -34,7 +34,7 @@ constexpr bool kUseGuardRegions = false; // address space limits needs to be smaller. constexpr size_t kAddressSpaceLimit = 0x8000000000L; // 512 GiB #elif V8_TARGET_ARCH_64_BIT -constexpr size_t kAddressSpaceLimit = 0x10100000000L; // 1 TiB + 4 GiB +constexpr size_t kAddressSpaceLimit = 0x40100000000L; // 4 TiB + 4 GiB #else constexpr size_t kAddressSpaceLimit = 0xC0000000; // 3 GiB #endif --- wee8/build/config/sanitizers/sanitizers.gni +++ wee8/build/config/sanitizers/sanitizers.gni @@ -150,7 +150,7 @@ if (!is_a_target_toolchain) { # standard system libraries. We have instrumented system libraries for msan, # which requires them to prevent false positives. # TODO(thakis): Maybe remove this variable. -use_prebuilt_instrumented_libraries = is_msan +use_prebuilt_instrumented_libraries = false # Whether we are doing a fuzzer build. Normally this should be checked instead # of checking "use_libfuzzer || use_afl" because often developers forget to @@ -198,8 +198,7 @@ assert(!using_sanitizer || is_clang, assert(!is_cfi || is_clang, "is_cfi requires setting is_clang = true in 'gn args'") -prebuilt_instrumented_libraries_available = - is_msan && (msan_track_origins == 0 || msan_track_origins == 2) +prebuilt_instrumented_libraries_available = false if (use_libfuzzer && is_linux) { if (is_asan) { ================================================ FILE: bazel/external/xxhash.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 cc_library( name = "xxhash", srcs = ["xxhash.c"], hdrs = [ "xxh3.h", "xxhash.h", ], visibility = ["//visibility:public"], ) ================================================ FILE: bazel/foreign_cc/BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_library") load("//bazel:envoy_build_system.bzl", "envoy_cmake_external", "envoy_package") load("@rules_foreign_cc//tools/build_defs:configure.bzl", "configure_make") licenses(["notice"]) # Apache 2 envoy_package() # autotools packages are unusable on Windows as-is # TODO: Consider our own gperftools.BUILD file as we do with many other packages configure_make( name = "gperftools_build", configure_options = [ "--enable-shared=no", "--enable-frame-pointers", "--disable-libunwind", ] + select({ "//bazel:apple": ["AR=/usr/bin/ar"], "//conditions:default": [], }), lib_source = "@com_github_gperftools_gperftools//:all", linkopts = ["-lpthread"], make_commands = ["make install-libLTLIBRARIES install-perftoolsincludeHEADERS"], static_libraries = select({ "//bazel:debug_tcmalloc": ["libtcmalloc_debug.a"], "//conditions:default": ["libtcmalloc_and_profiler.a"], }), tags = ["skip_on_windows"], ) # Workaround for https://github.com/bazelbuild/rules_foreign_cc/issues/227 cc_library( name = "gperftools", tags = ["skip_on_windows"], deps = [ "gperftools_build", ], ) configure_make( name = "luajit", configure_command = "build.py", configure_env_vars = select({ # This shouldn't be needed! See # https://github.com/envoyproxy/envoy/issues/6084 # TODO(htuch): Remove when #6084 is fixed "//bazel:asan_build": {"ENVOY_CONFIG_ASAN": "1"}, "//bazel:msan_build": {"ENVOY_CONFIG_MSAN": "1"}, "//bazel:windows_dbg_build": {"WINDOWS_DBG_BUILD": "debug"}, "//conditions:default": {}, }), lib_source = "@com_github_luajit_luajit//:all", make_commands = [], out_include_dir = "include/luajit-2.1", static_libraries = select({ "//bazel:windows_x86_64": ["lua51.lib"], "//conditions:default": ["libluajit-5.1.a"], }), ) configure_make( name = "moonjit", configure_command = "build.py", configure_env_vars = select({ # This shouldn't be needed! See # https://github.com/envoyproxy/envoy/issues/6084 # TODO(htuch): Remove when #6084 is fixed "//bazel:asan_build": {"ENVOY_CONFIG_ASAN": "1"}, "//bazel:msan_build": {"ENVOY_CONFIG_MSAN": "1"}, "//bazel:windows_dbg_build": {"WINDOWS_DBG_BUILD": "debug"}, "//conditions:default": {}, }), lib_source = "@com_github_moonjit_moonjit//:all", make_commands = [], out_include_dir = "include/moonjit-2.2", static_libraries = select({ "//bazel:windows_x86_64": ["lua51.lib"], "//conditions:default": ["libluajit-5.1.a"], }), ) envoy_cmake_external( name = "ares", cache_entries = { "CARES_SHARED": "no", "CARES_STATIC": "on", "CMAKE_CXX_COMPILER_FORCED": "on", "CMAKE_INSTALL_LIBDIR": "lib", }, defines = ["CARES_STATICLIB"], lib_source = "@com_github_c_ares_c_ares//:all", linkopts = select({ "//bazel:apple": ["-lresolv"], "//conditions:default": [], }), postfix_script = select({ "//bazel:windows_x86_64": "cp -L $EXT_BUILD_ROOT/external/com_github_c_ares_c_ares/nameser.h $INSTALLDIR/include/nameser.h", "//conditions:default": "", }), static_libraries = select({ "//bazel:windows_x86_64": ["cares.lib"], "//conditions:default": ["libcares.a"], }), ) envoy_cmake_external( name = "curl", cache_entries = { "BUILD_CURL_EXE": "off", "BUILD_TESTING": "off", "BUILD_SHARED_LIBS": "off", "CURL_HIDDEN_SYMBOLS": "off", "CMAKE_USE_LIBSSH2": "off", "CURL_BROTLI": "off", "CMAKE_USE_GSSAPI": "off", "HTTP_ONLY": "on", "CMAKE_INSTALL_LIBDIR": "lib", # Explicitly enable Unix sockets, once afunix.h is correctly detected # "USE_UNIX_SOCKETS": "on", # Explicitly disable "Windows" crypto for Windows "CURL_DISABLE_CRYPTO_AUTH": "on", # C-Ares. "ENABLE_ARES": "on", "CARES_LIBRARY": "$EXT_BUILD_DEPS/ares", "CARES_INCLUDE_DIR": "$EXT_BUILD_DEPS/ares/include", # SSL (via Envoy's SSL dependency) is disabled, curl's CMake uses # FindOpenSSL.cmake which fails at what looks like version parsing # (the libraries are found ok). "CURL_CA_PATH": "none", "CMAKE_USE_OPENSSL": "off", "OPENSSL_ROOT_DIR": "$EXT_BUILD_DEPS", # NGHTTP2. "USE_NGHTTP2": "on", "NGHTTP2_LIBRARY": "$EXT_BUILD_DEPS/nghttp2", "NGHTTP2_INCLUDE_DIR": "$EXT_BUILD_DEPS/nghttp2/include", # ZLIB. "CURL_ZLIB": "on", "ZLIB_LIBRARY": "$EXT_BUILD_DEPS/zlib", "ZLIB_INCLUDE_DIR": "$EXT_BUILD_DEPS/zlib/include", "CMAKE_CXX_COMPILER_FORCED": "on", "CMAKE_C_FLAGS_BAZEL": "-fPIC", # Note we use Bazel's flags (not _RELEASE/_DEBUG CMake flags), but this toggle # also works around a bug in CMP0091 logic which re-injected a badly placed -M flag. # See https://github.com/bazelbuild/rules_foreign_cc/issues/426 "CURL_STATIC_CRT": "on", }, defines = ["CURL_STATICLIB"], generate_crosstool_file = True, lib_source = "@com_github_curl//:all", static_libraries = select({ "//bazel:windows_x86_64": ["libcurl.lib"], "//conditions:default": ["libcurl.a"], }), deps = [ ":ares", ":nghttp2", "//external:ssl", "//external:zlib", ], ) envoy_cmake_external( name = "event", cache_entries = { "EVENT__DISABLE_OPENSSL": "on", "EVENT__DISABLE_MBEDTLS": "on", "EVENT__DISABLE_REGRESS": "on", "EVENT__DISABLE_TESTS": "on", "EVENT__LIBRARY_TYPE": "STATIC", # Force _GNU_SOURCE on for Android builds. This would be contained in # a 'select' but the downstream macro uses a select on all of these # options, and they cannot be nested. # If https://github.com/bazelbuild/rules_foreign_cc/issues/289 is fixed # this can be removed. # More details https://github.com/lyft/envoy-mobile/issues/116 "_GNU_SOURCE": "on", }, lib_source = "@com_github_libevent_libevent//:all", static_libraries = select({ # macOS organization of libevent is different from Windows/Linux. # Including libevent_core is a requirement on those platforms, but # results in duplicate symbols when built on macOS. # See https://github.com/lyft/envoy-mobile/issues/677 for details. "//bazel:apple": [ "libevent.a", "libevent_pthreads.a", ], "//bazel:windows_x86_64": [ "event.lib", "event_core.lib", ], "//conditions:default": [ "libevent.a", "libevent_pthreads.a", "libevent_core.a", ], }), ) envoy_cmake_external( name = "llvm", cache_entries = { # Disable both: BUILD and INCLUDE, since some of the INCLUDE # targets build code instead of only generating build files. "LLVM_BUILD_DOCS": "off", "LLVM_INCLUDE_DOCS": "off", "LLVM_BUILD_EXAMPLES": "off", "LLVM_INCLUDE_EXAMPLES": "off", "LLVM_BUILD_RUNTIME": "off", "LLVM_BUILD_RUNTIMES": "off", "LLVM_INCLUDE_RUNTIMES": "off", "LLVM_BUILD_TESTS": "off", "LLVM_INCLUDE_TESTS": "off", "LLVM_BUILD_TOOLS": "off", "LLVM_INCLUDE_TOOLS": "off", "LLVM_BUILD_UTILS": "off", "LLVM_INCLUDE_UTILS": "off", "LLVM_ENABLE_LIBEDIT": "off", "LLVM_ENABLE_LIBXML2": "off", "LLVM_ENABLE_TERMINFO": "off", "LLVM_ENABLE_ZLIB": "off", "LLVM_TARGETS_TO_BUILD": "X86", "CMAKE_CXX_COMPILER_FORCED": "on", # Workaround for the issue with statically linked libstdc++ # using -l:libstdc++.a. "CMAKE_CXX_FLAGS": "-lstdc++", }, env_vars = { # Workaround for the -DDEBUG flag added in fastbuild on macOS, # which conflicts with DEBUG macro used in LLVM. "CFLAGS": "-UDEBUG", "CXXFLAGS": "-UDEBUG", "ASMFLAGS": "-UDEBUG", }, lib_source = "@org_llvm_llvm//:all", static_libraries = select({ "//conditions:default": [ # Order from llvm-config --libnames. "libLLVMLTO.a", "libLLVMPasses.a", "libLLVMObjCARCOpts.a", "libLLVMSymbolize.a", "libLLVMDebugInfoPDB.a", "libLLVMDebugInfoDWARF.a", "libLLVMFuzzMutate.a", "libLLVMTableGen.a", "libLLVMDlltoolDriver.a", "libLLVMLineEditor.a", "libLLVMOrcJIT.a", "libLLVMCoverage.a", "libLLVMMIRParser.a", "libLLVMObjectYAML.a", "libLLVMLibDriver.a", "libLLVMOption.a", "libLLVMWindowsManifest.a", "libLLVMX86Disassembler.a", "libLLVMX86AsmParser.a", "libLLVMX86CodeGen.a", "libLLVMGlobalISel.a", "libLLVMSelectionDAG.a", "libLLVMAsmPrinter.a", "libLLVMDebugInfoCodeView.a", "libLLVMDebugInfoMSF.a", "libLLVMX86Desc.a", "libLLVMMCDisassembler.a", "libLLVMX86Info.a", "libLLVMX86Utils.a", "libLLVMMCJIT.a", "libLLVMInterpreter.a", "libLLVMExecutionEngine.a", "libLLVMRuntimeDyld.a", "libLLVMCodeGen.a", "libLLVMTarget.a", "libLLVMCoroutines.a", "libLLVMipo.a", "libLLVMInstrumentation.a", "libLLVMVectorize.a", "libLLVMScalarOpts.a", "libLLVMLinker.a", "libLLVMIRReader.a", "libLLVMAsmParser.a", "libLLVMInstCombine.a", "libLLVMTransformUtils.a", "libLLVMBitWriter.a", "libLLVMAnalysis.a", "libLLVMProfileData.a", "libLLVMObject.a", "libLLVMMCParser.a", "libLLVMMC.a", "libLLVMBitReader.a", "libLLVMBitstreamReader.a", "libLLVMCore.a", "libLLVMBinaryFormat.a", "libLLVMSupport.a", "libLLVMDemangle.a", "libLLVMRemarks.a", "libLLVMCFGuard.a", "libLLVMTextAPI.a", ], }), ) envoy_cmake_external( name = "nghttp2", cache_entries = { "ENABLE_LIB_ONLY": "on", "ENABLE_SHARED_LIB": "off", "ENABLE_STATIC_LIB": "on", "CMAKE_INSTALL_LIBDIR": "lib", "CMAKE_CXX_COMPILER_FORCED": "on", }, cmake_files_dir = "$BUILD_TMPDIR/lib/CMakeFiles", debug_cache_entries = {"ENABLE_DEBUG": "on"}, defines = ["NGHTTP2_STATICLIB"], lib_source = "@com_github_nghttp2_nghttp2//:all", static_libraries = select({ "//bazel:windows_x86_64": ["nghttp2.lib"], "//conditions:default": ["libnghttp2.a"], }), ) envoy_cmake_external( name = "wavm", binaries = ["wavm"], cache_entries = { "LLVM_DIR": "$EXT_BUILD_DEPS/copy_llvm/llvm/lib/cmake/llvm", "WAVM_ENABLE_STATIC_LINKING": "on", "WAVM_ENABLE_RELEASE_ASSERTS": "on", "WAVM_ENABLE_UNWIND": "no", # Workaround for the issue with statically linked libstdc++ # using -l:libstdc++.a. "CMAKE_CXX_FLAGS": "-lstdc++ -Wno-unused-command-line-argument", }, defines = ["ENVOY_WASM_WAVM"], env_vars = { # Workaround for the -DDEBUG flag added in fastbuild on macOS, # which conflicts with DEBUG macro used in LLVM. "CFLAGS": "-UDEBUG", "CXXFLAGS": "-UDEBUG", "ASMFLAGS": "-UDEBUG", }, lib_source = "@com_github_wavm_wavm//:all", static_libraries = select({ "//conditions:default": [ "libWAVM.a", ], }), deps = [":llvm"], ) envoy_cmake_external( name = "zlib", cache_entries = { "BUILD_SHARED_LIBS": "off", "CMAKE_CXX_COMPILER_FORCED": "on", "CMAKE_C_COMPILER_FORCED": "on", "SKIP_BUILD_EXAMPLES": "on", # The following entries are for zlib-ng. Since zlib and zlib-ng are compatible source # codes and CMake ignores unknown cache entries, it is fine to combine it into one # dictionary. # # Reference: https://github.com/zlib-ng/zlib-ng#build-options. "ZLIB_COMPAT": "on", "ZLIB_ENABLE_TESTS": "off", # Warning: Turning WITH_OPTIM to "on" doesn't pass ZlibCompressorImplTest.CallingChecksum. "WITH_OPTIM": "on", # However turning off SSE4 fixes it. "WITH_SSE4": "off", # Warning: Turning WITH_NEW_STRATEGIES to "on" doesn't pass gzip compressor fuzz test. # Turning this off means falling into NO_QUICK_STRATEGY route. "WITH_NEW_STRATEGIES": "off", # Only allow aligned address. # Reference: https://github.com/zlib-ng/zlib-ng#advanced-build-options. "UNALIGNED_OK": "off", }, lib_source = select({ "//bazel:zlib_ng": "@com_github_zlib_ng_zlib_ng//:all", "//conditions:default": "@net_zlib//:all", }), static_libraries = select({ "//bazel:windows_x86_64": ["zlibstatic.lib"], "//conditions:default": ["libz.a"], }), ) ================================================ FILE: bazel/foreign_cc/llvm.patch ================================================ # Workaround for Envoy's CMAKE_BUILD_TYPE=Bazel. --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -247,7 +247,7 @@ string(TOUPPER "${CMAKE_BUILD_TYPE}" uppercase_CMAKE_BUILD_TYPE) if (CMAKE_BUILD_TYPE AND - NOT uppercase_CMAKE_BUILD_TYPE MATCHES "^(DEBUG|RELEASE|RELWITHDEBINFO|MINSIZEREL)$") + NOT uppercase_CMAKE_BUILD_TYPE MATCHES "^(DEBUG|RELEASE|RELWITHDEBINFO|MINSIZEREL|BAZEL)$") message(FATAL_ERROR "Invalid value for CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}") endif() # Workaround for a missing -fuse-ld flag in CXXFLAGS, which results in # different linkers being used during configure and compilation phases. --- a/cmake/modules/HandleLLVMOptions.cmake +++ b/cmake/modules/HandleLLVMOptions.cmake @@ -718,8 +718,6 @@ endif() if (UNIX AND CMAKE_GENERATOR STREQUAL "Ninja") include(CheckLinkerFlag) check_linker_flag("-Wl,--color-diagnostics" LINKER_SUPPORTS_COLOR_DIAGNOSTICS) - append_if(LINKER_SUPPORTS_COLOR_DIAGNOSTICS "-Wl,--color-diagnostics" - CMAKE_EXE_LINKER_FLAGS CMAKE_MODULE_LINKER_FLAGS CMAKE_SHARED_LINKER_FLAGS) endif() # Add flags for add_dead_strip(). ================================================ FILE: bazel/foreign_cc/luajit.patch ================================================ diff --git a/src/Makefile b/src/Makefile index f56465d..5d91fa7 100644 --- a/src/Makefile +++ b/src/Makefile @@ -27,7 +27,7 @@ NODOTABIVER= 51 DEFAULT_CC = gcc # # LuaJIT builds as a native 32 or 64 bit binary by default. -CC= $(DEFAULT_CC) +CC ?= $(DEFAULT_CC) # # Use this if you want to force a 32 bit build on a 64 bit multilib OS. #CC= $(DEFAULT_CC) -m32 @@ -71,10 +71,10 @@ CCWARN= -Wall # as dynamic mode. # # Mixed mode creates a static + dynamic library and a statically linked luajit. -BUILDMODE= mixed +#BUILDMODE= mixed # # Static mode creates a static library and a statically linked luajit. -#BUILDMODE= static +BUILDMODE= static # # Dynamic mode creates a dynamic library and a dynamically linked luajit. # Note: this executable will only run when the library is installed! @@ -99,7 +99,7 @@ XCFLAGS= # enabled by default. Some other features that *might* break some existing # code (e.g. __pairs or os.execute() return values) can be enabled here. # Note: this does not provide full compatibility with Lua 5.2 at this time. -#XCFLAGS+= -DLUAJIT_ENABLE_LUA52COMPAT +XCFLAGS+= -DLUAJIT_ENABLE_LUA52COMPAT # # Disable the JIT compiler, i.e. turn LuaJIT into a pure interpreter. #XCFLAGS+= -DLUAJIT_DISABLE_JIT @@ -111,7 +111,7 @@ XCFLAGS= #XCFLAGS+= -DLUAJIT_NUMMODE=2 # # Enable GC64 mode for x64. -#XCFLAGS+= -DLUAJIT_ENABLE_GC64 +XCFLAGS+= -DLUAJIT_ENABLE_GC64 # ############################################################################## @@ -587,7 +587,7 @@ endif Q= @ E= @echo -#Q= +Q= #E= @: ############################################################################## EOF --- a/src/msvcbuild.bat 2020-08-13 18:42:05.667354300 +0000 +++ b/src/msvcbuild.bat 2020-08-13 19:03:25.092297900 +0000 @@ -14,7 +14,7 @@ @if not defined INCLUDE goto :FAIL @setlocal -@set LJCOMPILE=cl /nologo /c /O2 /W3 /D_CRT_SECURE_NO_DEPRECATE /D_CRT_STDIO_INLINE=__declspec(dllexport)__inline +@set LJCOMPILE=cl /nologo /c /W3 /D_CRT_SECURE_NO_DEPRECATE /D_CRT_STDIO_INLINE=__declspec(dllexport)__inline /DLUAJIT_ENABLE_LUA52COMPAT @set LJLINK=link /nologo @set LJMT=mt /nologo @set LJLIB=lib /nologo /nodefaultlib @@ -25,7 +25,7 @@ @set LJLIBNAME=lua51.lib @set ALL_LIB=lib_base.c lib_math.c lib_bit.c lib_string.c lib_table.c lib_io.c lib_os.c lib_package.c lib_debug.c lib_jit.c lib_ffi.c -%LJCOMPILE% host\minilua.c +%LJCOMPILE% /O2 host\minilua.c @if errorlevel 1 goto :BAD %LJLINK% /out:minilua.exe minilua.obj @if errorlevel 1 goto :BAD @@ -48,7 +48,7 @@ minilua %DASM% -LN %DASMFLAGS% -o host\buildvm_arch.h %DASC% @if errorlevel 1 goto :BAD -%LJCOMPILE% /I "." /I %DASMDIR% host\buildvm*.c +%LJCOMPILE% /O2 /I "." /I %DASMDIR% host\buildvm*.c @if errorlevel 1 goto :BAD %LJLINK% /out:buildvm.exe buildvm*.obj @if errorlevel 1 goto :BAD @@ -72,24 +72,35 @@ @if "%1" neq "debug" goto :NODEBUG @shift -@set LJCOMPILE=%LJCOMPILE% /Zi +@set LJCOMPILE=%LJCOMPILE% /O0 /Z7 @set LJLINK=%LJLINK% /debug /opt:ref /opt:icf /incremental:no +@set LJCRTDBG=d +@goto :ENDDEBUG :NODEBUG +@set LJCOMPILE=%LJCOMPILE% /O2 /Z7 +@set LJLINK=%LJLINK% /release /incremental:no +@set LJCRTDBG= +:ENDDEBUG @if "%1"=="amalg" goto :AMALGDLL @if "%1"=="static" goto :STATIC -%LJCOMPILE% /MD /DLUA_BUILD_AS_DLL lj_*.c lib_*.c +@set LJCOMPILE=%LJCOMPILE% /MD%LJCRTDBG% +%LJCOMPILE% /DLUA_BUILD_AS_DLL lj_*.c lib_*.c @if errorlevel 1 goto :BAD %LJLINK% /DLL /out:%LJDLLNAME% lj_*.obj lib_*.obj @if errorlevel 1 goto :BAD @goto :MTDLL :STATIC +@shift +@set LJCOMPILE=%LJCOMPILE% /MT%LJCRTDBG% %LJCOMPILE% lj_*.c lib_*.c @if errorlevel 1 goto :BAD %LJLIB% /OUT:%LJLIBNAME% lj_*.obj lib_*.obj @if errorlevel 1 goto :BAD @goto :MTDLL :AMALGDLL -%LJCOMPILE% /MD /DLUA_BUILD_AS_DLL ljamalg.c +@shift +@set LJCOMPILE=%LJCOMPILE% /MD%LJCRTDBG% +%LJCOMPILE% /DLUA_BUILD_AS_DLL ljamalg.c @if errorlevel 1 goto :BAD %LJLINK% /DLL /out:%LJDLLNAME% ljamalg.obj lj_vm.obj @if errorlevel 1 goto :BAD diff --git a/build.py b/build.py new file mode 100755 index 0000000..9c71271 --- /dev/null +++ b/build.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python3 + +import argparse +import os +import shutil + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("--prefix") + args = parser.parse_args() + src_dir = os.path.dirname(os.path.realpath(__file__)) + shutil.copytree(src_dir, os.path.basename(src_dir)) + os.chdir(os.path.basename(src_dir)) + + os.environ["MACOSX_DEPLOYMENT_TARGET"] = "10.6" + os.environ["DEFAULT_CC"] = os.environ.get("CC", "") + os.environ["TARGET_CFLAGS"] = os.environ.get("CFLAGS", "") + " -fno-function-sections -fno-data-sections" + os.environ["TARGET_LDFLAGS"] = os.environ.get("CFLAGS", "") + " -fno-function-sections -fno-data-sections" + os.environ["CFLAGS"] = "" + # LuaJIT compile process build a tool `buildvm` and use it, building `buildvm` with ASAN + # will cause LSAN detect its leak and fail the build, set exitcode to 0 to make LSAN doesn't + # fail on it. + os.environ["LSAN_OPTIONS"] = "exitcode=0" + + if "ENVOY_MSAN" in os.environ: + os.environ["HOST_CFLAGS"] = "-fno-sanitize=memory" + os.environ["HOST_LDFLAGS"] = "-fno-sanitize=memory" + + # Remove LuaJIT from ASAN for now. + # TODO(htuch): Remove this when https://github.com/envoyproxy/envoy/issues/6084 is resolved. + if "ENVOY_CONFIG_ASAN" in os.environ or "ENVOY_CONFIG_MSAN" in os.environ: + os.environ["TARGET_CFLAGS"] += " -fsanitize-blacklist=%s/com_github_luajit_luajit/clang-asan-blocklist.txt" % os.environ["PWD"] + with open("clang-asan-blocklist.txt", "w") as f: + f.write("fun:*\n") + + os.system('make -j{} V=1 PREFIX="{}" install'.format(os.cpu_count(), args.prefix)) + +def win_main(): + src_dir = os.path.dirname(os.path.realpath(__file__)) + dst_dir = os.getcwd() + "/luajit" + shutil.copytree(src_dir, os.path.basename(src_dir)) + os.chdir(os.path.basename(src_dir) + "/src") + os.system('msvcbuild.bat gc64 ' + os.getenv('WINDOWS_DBG_BUILD', '') + ' static') + os.makedirs(dst_dir + "/lib", exist_ok=True) + shutil.copy("lua51.lib", dst_dir + "/lib") + os.makedirs(dst_dir + "/include/luajit-2.1", exist_ok=True) + for header in ["lauxlib.h", "luaconf.h", "lua.h", "lua.hpp", "luajit.h", "lualib.h"]: + shutil.copy(header, dst_dir + "/include/luajit-2.1") + os.makedirs(dst_dir + "/bin", exist_ok=True) + shutil.copy("luajit.exe", dst_dir + "/bin") + +if os.name == 'nt': + win_main() +else: + main() + ================================================ FILE: bazel/foreign_cc/moonjit.patch ================================================ diff --git a/build.py b/build.py new file mode 100644 index 00000000..dab3606c --- /dev/null +++ b/build.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python3 + +import argparse +import os +import shutil + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("--prefix") + args = parser.parse_args() + src_dir = os.path.dirname(os.path.realpath(__file__)) + shutil.copytree(src_dir, os.path.basename(src_dir)) + os.chdir(os.path.basename(src_dir)) + + os.environ["MACOSX_DEPLOYMENT_TARGET"] = "10.6" + os.environ["DEFAULT_CC"] = os.environ.get("CC", "") + os.environ["TARGET_CFLAGS"] = os.environ.get("CFLAGS", "") + " -fno-function-sections -fno-data-sections" + os.environ["TARGET_LDFLAGS"] = os.environ.get("CFLAGS", "") + " -fno-function-sections -fno-data-sections" + os.environ["CFLAGS"] = "" + # LuaJIT compile process build a tool `buildvm` and use it, building `buildvm` with ASAN + # will cause LSAN detect its leak and fail the build, set exitcode to 0 to make LSAN doesn't + # fail on it. + os.environ["LSAN_OPTIONS"] = "exitcode=0" + + if "ENVOY_MSAN" in os.environ: + os.environ["HOST_CFLAGS"] = "-fno-sanitize=memory" + os.environ["HOST_LDFLAGS"] = "-fno-sanitize=memory" + + # Remove LuaJIT from ASAN for now. + # TODO(htuch): Remove this when https://github.com/envoyproxy/envoy/issues/6084 is resolved. + if "ENVOY_CONFIG_ASAN" in os.environ or "ENVOY_CONFIG_MSAN" in os.environ: + os.environ["TARGET_CFLAGS"] += " -fsanitize-blacklist=%s/com_github_moonjit_moonjit/clang-asan-blocklist.txt" % os.environ["PWD"] + with open("clang-asan-blocklist.txt", "w") as f: + f.write("fun:*\n") + + os.system('make -j{} V=1 PREFIX="{}" install'.format(os.cpu_count(), args.prefix)) + +def win_main(): + src_dir = os.path.dirname(os.path.realpath(__file__)) + dst_dir = os.getcwd() + "/moonjit" + shutil.copytree(src_dir, os.path.basename(src_dir)) + os.chdir(os.path.basename(src_dir) + "/src") + os.system('msvcbuild.bat gc64 ' + os.getenv('WINDOWS_DBG_BUILD', '') + ' static') + os.makedirs(dst_dir + "/lib", exist_ok=True) + shutil.copy("lua51.lib", dst_dir + "/lib") + os.makedirs(dst_dir + "/include/moonjit-2.2", exist_ok=True) + for header in ["lauxlib.h", "luaconf.h", "lua.h", "lua.hpp", "luajit.h", "lualib.h"]: + shutil.copy(header, dst_dir + "/include/moonjit-2.2") + os.makedirs(dst_dir + "/bin", exist_ok=True) + shutil.copy("luajit.exe", dst_dir + "/bin") + +if os.name == 'nt': + win_main() +else: + main() + diff --git a/src/Makefile b/src/Makefile index dad9aeec..e10b3118 100644 --- a/src/Makefile +++ b/src/Makefile @@ -27,7 +27,7 @@ NODOTABIVER= 51 DEFAULT_CC = gcc # # LuaJIT builds as a native 32 or 64 bit binary by default. -CC= $(DEFAULT_CC) +CC ?= $(DEFAULT_CC) # # Use this if you want to force a 32 bit build on a 64 bit multilib OS. #CC= $(DEFAULT_CC) -m32 @@ -71,10 +71,10 @@ CCWARN= -Wall # as dynamic mode. # # Mixed mode creates a static + dynamic library and a statically linked luajit. -BUILDMODE= mixed +#BUILDMODE= mixed # # Static mode creates a static library and a statically linked luajit. -#BUILDMODE= static +BUILDMODE= static # # Dynamic mode creates a dynamic library and a dynamically linked luajit. # Note: this executable will only run when the library is installed! @@ -99,7 +99,7 @@ XCFLAGS= # enabled by default. Some other features that *might* break some existing # code (e.g. __pairs or os.execute() return values) can be enabled here. # Note: this does not provide full compatibility with Lua 5.2 at this time. -#XCFLAGS+= -DLUAJIT_ENABLE_LUA52COMPAT +XCFLAGS+= -DLUAJIT_ENABLE_LUA52COMPAT # # Disable the JIT compiler, i.e. turn LuaJIT into a pure interpreter. #XCFLAGS+= -DLUAJIT_DISABLE_JIT @@ -612,7 +612,7 @@ endif Q= @ E= @echo -#Q= +Q= #E= @: ############################################################################## diff --git a/src/msvcbuild.bat b/src/msvcbuild.bat index c2d2c212..71f24422 100644 --- a/src/msvcbuild.bat +++ b/src/msvcbuild.bat @@ -15,7 +15,7 @@ @setlocal @rem Add more debug flags here, e.g. DEBUGCFLAGS=/DLUA_USE_APICHECK @set DEBUGCFLAGS= -@set LJCOMPILE=cl /nologo /c /O2 /W3 /D_CRT_SECURE_NO_DEPRECATE /D_CRT_STDIO_INLINE=__declspec(dllexport)__inline +@set LJCOMPILE=cl /nologo /c /W3 /D_CRT_SECURE_NO_DEPRECATE /D_CRT_STDIO_INLINE=__declspec(dllexport)__inline /DLUAJIT_ENABLE_LUA52COMPAT @set LJLINK=link /nologo @set LJMT=mt /nologo @set LJLIB=lib /nologo /nodefaultlib @@ -24,10 +24,9 @@ @set DASC=vm_x86.dasc @set LJDLLNAME=lua51.dll @set LJLIBNAME=lua51.lib -@set BUILDTYPE=release @set ALL_LIB=lib_base.c lib_math.c lib_bit.c lib_string.c lib_table.c lib_io.c lib_os.c lib_package.c lib_debug.c lib_jit.c lib_ffi.c lib_utf8.c -%LJCOMPILE% host\minilua.c +%LJCOMPILE% /O2 host\minilua.c @if errorlevel 1 goto :BAD %LJLINK% /out:minilua.exe minilua.obj @if errorlevel 1 goto :BAD @@ -50,7 +49,7 @@ if exist minilua.exe.manifest^ minilua %DASM% -LN %DASMFLAGS% -o host\buildvm_arch.h %DASC% @if errorlevel 1 goto :BAD -%LJCOMPILE% /I "." /I %DASMDIR% host\buildvm*.c +%LJCOMPILE% /O2 /I "." /I %DASMDIR% host\buildvm*.c @if errorlevel 1 goto :BAD %LJLINK% /out:buildvm.exe buildvm*.obj @if errorlevel 1 goto :BAD @@ -74,25 +73,35 @@ buildvm -m folddef -o lj_folddef.h lj_opt_fold.c @if "%1" neq "debug" goto :NODEBUG @shift -@set BUILDTYPE=debug -@set LJCOMPILE=%LJCOMPILE% /Zi %DEBUGCFLAGS% +@set LJCOMPILE=%LJCOMPILE% /O0 /Z7 +@set LJLINK=%LJLINK% /debug /opt:ref /opt:icf /incremental:no +@set LJCRTDBG=d +@goto :ENDDEBUG :NODEBUG -@set LJLINK=%LJLINK% /%BUILDTYPE% +@set LJCOMPILE=%LJCOMPILE% /O2 /Z7 +@set LJLINK=%LJLINK% /release /incremental:no +@set LJCRTDBG= +:ENDDEBUG @if "%1"=="amalg" goto :AMALGDLL @if "%1"=="static" goto :STATIC -%LJCOMPILE% /MD /DLUA_BUILD_AS_DLL lj_*.c lib_*.c +@set LJCOMPILE=%LJCOMPILE% /MD%LJCRTDBG% +LJCOMPILE% /DLUA_BUILD_AS_DLL lj_*.c lib_*.c @if errorlevel 1 goto :BAD %LJLINK% /DLL /out:%LJDLLNAME% lj_*.obj lib_*.obj @if errorlevel 1 goto :BAD @goto :MTDLL :STATIC +@shift +@set LJCOMPILE=%LJCOMPILE% /MT%LJCRTDBG% %LJCOMPILE% lj_*.c lib_*.c @if errorlevel 1 goto :BAD %LJLIB% /OUT:%LJLIBNAME% lj_*.obj lib_*.obj @if errorlevel 1 goto :BAD @goto :MTDLL :AMALGDLL -%LJCOMPILE% /MD /DLUA_BUILD_AS_DLL ljamalg.c +@shift +@set LJCOMPILE=%LJCOMPILE% /MD%LJCRTDBG% +%LJCOMPILE% /DLUA_BUILD_AS_DLL ljamalg.c @if errorlevel 1 goto :BAD %LJLINK% /DLL /out:%LJDLLNAME% ljamalg.obj lj_vm.obj @if errorlevel 1 goto :BAD ================================================ FILE: bazel/foreign_cc/nghttp2.patch ================================================ diff --git a/CMakeLists.txt b/CMakeLists.txt index 35c77d1d..47bd63f5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -273,7 +273,11 @@ check_type_size("ssize_t" SIZEOF_SSIZE_T) if(SIZEOF_SSIZE_T STREQUAL "") # ssize_t is a signed type in POSIX storing at least -1. # Set it to "int" to match the behavior of AC_TYPE_SSIZE_T (autotools). - set(ssize_t int) + if(WIN32 AND CMAKE_SIZEOF_VOID_P EQUAL 8) + set(ssize_t ptrdiff_t) + else() + set(ssize_t int) + endif() endif() # AC_TYPE_UINT8_T # AC_TYPE_UINT16_T # https://github.com/nghttp2/nghttp2/pull/1468 diff --git a/lib/nghttp2_buf.c b/lib/nghttp2_buf.c index 2a435bebf..92f97f7f2 100644 --- a/lib/nghttp2_buf.c +++ b/lib/nghttp2_buf.c @@ -82,8 +82,10 @@ void nghttp2_buf_reset(nghttp2_buf *buf) { } void nghttp2_buf_wrap_init(nghttp2_buf *buf, uint8_t *begin, size_t len) { - buf->begin = buf->pos = buf->last = buf->mark = begin; - buf->end = begin + len; + buf->begin = buf->pos = buf->last = buf->mark = buf->end = begin; + if (buf->end != NULL) { + buf->end += len; + } } static int buf_chain_new(nghttp2_buf_chain **chain, size_t chunk_length, diff --git a/lib/nghttp2_frame.c b/lib/nghttp2_frame.c index 4821de408..940c723b0 100644 --- a/lib/nghttp2_frame.c +++ b/lib/nghttp2_frame.c @@ -818,8 +818,10 @@ int nghttp2_frame_unpack_origin_payload(nghttp2_extension *frame, size_t len = 0; origin = frame->payload; - p = payload; - end = p + payloadlen; + p = end = payload; + if (end != NULL) { + end += payloadlen; + } for (; p != end;) { if (end - p < 2) { diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c index 563ccd7de..794f141a1 100644 --- a/lib/nghttp2_session.c +++ b/lib/nghttp2_session.c @@ -5349,7 +5349,7 @@ static ssize_t inbound_frame_effective_readlen(nghttp2_inbound_frame *iframe, ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in, size_t inlen) { - const uint8_t *first = in, *last = in + inlen; + const uint8_t *first = in, *last = in; nghttp2_inbound_frame *iframe = &session->iframe; size_t readlen; ssize_t padlen; @@ -5360,6 +5360,10 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in, size_t pri_fieldlen; nghttp2_mem *mem; + if (in != NULL) { + last += inlen; + } + DEBUGF("recv: connection recv_window_size=%d, local_window=%d\n", session->recv_window_size, session->local_window_size); @@ -5389,7 +5393,9 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in, } iframe->payloadleft -= readlen; - in += readlen; + if (in != NULL) { + in += readlen; + } if (iframe->payloadleft == 0) { session_inbound_frame_reset(session); ================================================ FILE: bazel/foreign_cc/zlib.patch ================================================ diff --git a/CMakeLists.txt b/CMakeLists.txt index 0fe939d..2f0475a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -229,21 +229,22 @@ endif() #============================================================================ # Example binaries #============================================================================ - -add_executable(example test/example.c) -target_link_libraries(example zlib) -add_test(example example) - -add_executable(minigzip test/minigzip.c) -target_link_libraries(minigzip zlib) - -if(HAVE_OFF64_T) - add_executable(example64 test/example.c) - target_link_libraries(example64 zlib) - set_target_properties(example64 PROPERTIES COMPILE_FLAGS "-D_FILE_OFFSET_BITS=64") - add_test(example64 example64) - - add_executable(minigzip64 test/minigzip.c) - target_link_libraries(minigzip64 zlib) - set_target_properties(minigzip64 PROPERTIES COMPILE_FLAGS "-D_FILE_OFFSET_BITS=64") +if(NOT SKIP_BUILD_EXAMPLES) + add_executable(example test/example.c) + target_link_libraries(example zlib) + add_test(example example) + + add_executable(minigzip test/minigzip.c) + target_link_libraries(minigzip zlib) + + if(HAVE_OFF64_T) + add_executable(example64 test/example.c) + target_link_libraries(example64 zlib) + set_target_properties(example64 PROPERTIES COMPILE_FLAGS "-D_FILE_OFFSET_BITS=64") + add_test(example64 example64) + + add_executable(minigzip64 test/minigzip.c) + target_link_libraries(minigzip64 zlib) + set_target_properties(minigzip64 PROPERTIES COMPILE_FLAGS "-D_FILE_OFFSET_BITS=64") + endif() endif() ================================================ FILE: bazel/gen_sh_test_runner.sh ================================================ #!/bin/bash # Used in a genrule to wrap sh_test script for execution in # //test/coverage:coverage_tests single binary. # Do not generate test suites for empty source files. if [ -z "$1" ]; then exit 0 fi RAW_TEST_NAME="$(basename "$1")" # Normalize to something we can use in a TEST(ShTest, ...) name TEST_NAME="${RAW_TEST_NAME//./_}" EXEC_ARGS="\"$1\"" shift for a in "$@" do EXEC_ARGS="${EXEC_ARGS}, \"$a\"" done ( cat << EOF #include "test/test_common/environment.h" #include "gtest/gtest.h" TEST(ShTest, ${TEST_NAME}) { Envoy::TestEnvironment::exec({${EXEC_ARGS}}); } EOF ) ================================================ FILE: bazel/genrule_repository.bzl ================================================ def _genrule_repository(ctx): ctx.download_and_extract( ctx.attr.urls, "", # output ctx.attr.sha256, "", # type ctx.attr.strip_prefix, ) for ii, patch in enumerate(ctx.attr.patches): patch_input = "patch-input-%d.patch" % (ii,) ctx.symlink(patch, patch_input) patch_result = ctx.execute(["patch", "-p0", "--input", patch_input]) if patch_result.return_code != 0: fail("Failed to apply patch %r: %s" % (patch, patch_result.stderr)) # https://github.com/bazelbuild/bazel/issues/3766 genrule_cmd_file = Label("@envoy//bazel").relative(str(ctx.attr.genrule_cmd_file)) ctx.symlink(genrule_cmd_file, "_envoy_genrule_cmd.genrule_cmd") cat_genrule_cmd = ctx.execute(["cat", "_envoy_genrule_cmd.genrule_cmd"]) if cat_genrule_cmd.return_code != 0: fail("Failed to read genrule command %r: %s" % ( genrule_cmd_file, cat_genrule_cmd.stderr, )) ctx.file("WORKSPACE", "workspace(name=%r)" % (ctx.name,)) ctx.symlink(ctx.attr.build_file, "BUILD.bazel") # Inject the genrule_cmd content into a .bzl file that can be loaded # from the repository BUILD file. We force the user to look up the # command content "by label" so the inclusion source is obvious. ctx.file("genrule_cmd.bzl", """ _GENRULE_CMD = {%r: %r} def genrule_cmd(label): return _GENRULE_CMD[label] """ % (str(genrule_cmd_file), cat_genrule_cmd.stdout)) genrule_repository = repository_rule( attrs = { "urls": attr.string_list( mandatory = True, allow_empty = False, ), "sha256": attr.string(), "strip_prefix": attr.string(), "patches": attr.label_list( allow_files = [".patch"], allow_empty = True, ), "genrule_cmd_file": attr.label( mandatory = True, allow_single_file = [".genrule_cmd"], ), "build_file": attr.label( mandatory = True, allow_single_file = [".BUILD"], ), }, implementation = _genrule_repository, ) def _genrule_cc_deps(ctx): outs = depset() for dep in ctx.attr.deps: outs = dep.cc.transitive_headers + dep.cc.libs + outs return DefaultInfo(files = outs) genrule_cc_deps = rule( attrs = { "deps": attr.label_list( providers = [], # CcStarlarkApiProvider mandatory = True, allow_empty = False, ), }, implementation = _genrule_cc_deps, ) def _absolute_bin(path): # If the binary path looks like it's relative to the current directory, # transform it to be absolute by appending "${PWD}". if "/" in path and not path.startswith("/"): return '"${PWD}"/%r' % (path,) return "%r" % (path,) def _genrule_environment(ctx): lines = [] # Bazel uses the same command for C and C++ compilation. c_compiler = ctx.var["CC"] # Bare minimum cflags to get included test binaries to link. # # See .bazelrc for the full set. asan_flags = ["-fsanitize=address,undefined"] tsan_flags = ["-fsanitize=thread"] # Older versions of GCC in Ubuntu, including GCC 5 used in CI images, # incorrectly invoke the older `/usr/bin/ld` with gold-specific options when # building with sanitizers enabled. Work around this by forcing use of gold # in sanitize mode. # # This is not a great solution because it doesn't detect GCC when Bazel has # wrapped it in an intermediate script, but it works well enough to keep CI # running. # # https://stackoverflow.com/questions/37603238/fsanitize-not-using-gold-linker-in-gcc-6-1 force_ld = [] if "clang" in c_compiler: force_ld = ["-fuse-ld=lld"] elif "gcc" in c_compiler or "g++" in c_compiler: force_ld = ["-fuse-ld=gold"] cc_flags = [] ld_flags = [] ld_libs = [] if ctx.var.get("ENVOY_CONFIG_COVERAGE"): ld_libs.append("-lgcov") if ctx.var.get("ENVOY_CONFIG_ASAN"): cc_flags += asan_flags ld_flags += asan_flags ld_flags += force_ld if ctx.var.get("ENVOY_CONFIG_TSAN"): cc_flags += tsan_flags ld_flags += tsan_flags ld_flags += force_ld lines.append("export CFLAGS=%r" % (" ".join(cc_flags),)) lines.append("export LDFLAGS=%r" % (" ".join(ld_flags),)) lines.append("export LIBS=%r" % (" ".join(ld_libs),)) lines.append("export CC=%s" % (_absolute_bin(c_compiler),)) lines.append("export CXX=%s" % (_absolute_bin(c_compiler),)) # Some Autoconf helper binaries leak, which makes ./configure think the # system is unable to do anything. Turn off leak checking during part of # the build. lines.append("export ASAN_OPTIONS=detect_leaks=0") lines.append("") out = ctx.actions.declare_file(ctx.attr.name + ".sh") ctx.actions.write(out, "\n".join(lines)) return DefaultInfo(files = depset([out])) genrule_environment = rule( implementation = _genrule_environment, ) ================================================ FILE: bazel/get_workspace_status ================================================ #!/bin/bash # This file was imported from https://github.com/bazelbuild/bazel at d6fec93. # This script will be run bazel when building process starts to # generate key-value information that represents the status of the # workspace. The output should be like # # KEY1 VALUE1 # KEY2 VALUE2 # # If the script exits with non-zero code, it's considered as a failure # and the output will be discarded. # For Envoy in particular, we want to force binaries to relink when the Git # SHA changes (https://github.com/envoyproxy/envoy/issues/2551). This can be # done by prefixing keys with "STABLE_". To avoid breaking compatibility with # other status scripts, this one still echos the non-stable ("volatile") names. # If this SOURCE_VERSION file exists then it must have been placed here by a # distribution doing a non-git, source build. # Distributions would be expected to echo the commit/tag as BUILD_SCM_REVISION if [ -f SOURCE_VERSION ] then echo "BUILD_SCM_REVISION $(cat SOURCE_VERSION)" echo "STABLE_BUILD_SCM_REVISION $(cat SOURCE_VERSION)" echo "BUILD_SCM_STATUS Distribution" exit 0 fi # The code below presents an implementation that works for git repository git_rev=$(git rev-parse HEAD) || exit 1 echo "BUILD_SCM_REVISION ${git_rev}" echo "STABLE_BUILD_SCM_REVISION ${git_rev}" # Check whether there are any uncommitted changes tree_status="Clean" git diff-index --quiet HEAD -- || { tree_status="Modified" } echo "BUILD_SCM_STATUS ${tree_status}" echo "STABLE_BUILD_SCM_STATUS ${tree_status}" ================================================ FILE: bazel/io_opentracing_cpp.patch ================================================ diff --git a/mocktracer/BUILD b/mocktracer/BUILD index 3b22bab..d425e2e 100644 --- a/mocktracer/BUILD +++ b/mocktracer/BUILD @@ -7,11 +7,13 @@ cc_library( deps = [ "//:opentracing", ], + alwayslink = 1, ) cc_binary( name = "libmocktracer_plugin.so", linkshared = 1, + linkstatic = 1, visibility = ["//visibility:public"], deps = [ "//mocktracer:mocktracer" diff --git a/src/dynamic_load_unix.cpp b/src/dynamic_load_unix.cpp index 17e08fd..7e8ac02 100644 --- a/src/dynamic_load_unix.cpp +++ b/src/dynamic_load_unix.cpp @@ -35,7 +35,13 @@ DynamicallyLoadTracingLibrary(const char* shared_library, std::string& error_message) noexcept try { dlerror(); // Clear any existing error. - const auto handle = dlopen(shared_library, RTLD_NOW | RTLD_LOCAL); + const auto handle = dlopen(shared_library, RTLD_NOW | RTLD_LOCAL +#if defined(__has_feature) +#if __has_feature(address_sanitizer) + | RTLD_NODELETE +#endif +#endif + ); if (handle == nullptr) { error_message = dlerror(); return make_unexpected(dynamic_load_failure_error); # commit 3a6f049c123a1906c7381e824292c18fd8698293 # Author: Christian Neumüller # Date: Wed Feb 27 01:48:17 2019 +0100 # # Fix MSVC compiler flags. (#104) # # * All debug specific flags would be replaced by release specific on MSVC. # * The OPENTRACING_STATIC flag would be missing from OpenTracingConfig.cmake when linking against OpenTracing::opentracing-static # diff --git a/CMakeLists.txt b/CMakeLists.txt index 1721fb3..3873b3a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -52,7 +52,7 @@ if ("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang") elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra") elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "MSVC") - set(CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_RELEASE} -D_SCL_SECURE_NO_WARNINGS") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D_SCL_SECURE_NO_WARNINGS") endif() # ============================================================================== ================================================ FILE: bazel/protobuf.patch ================================================ # https://github.com/protocolbuffers/protobuf/pull/6720 diff --git a/third_party/BUILD b/third_party/BUILD new file mode 100644 index 0000000000..b66101a39a --- /dev/null +++ b/third_party/BUILD @@ -0,0 +1 @@ +exports_files(["six.BUILD", "zlib.BUILD"]) # https://github.com/protocolbuffers/protobuf/pull/6896 diff --git a/src/google/protobuf/stubs/strutil.cc b/src/google/protobuf/stubs/strutil.cc index 62b3f0a871..bb3df47ccf 100644 --- a/src/google/protobuf/stubs/strutil.cc +++ b/src/google/protobuf/stubs/strutil.cc @@ -1435,32 +1435,44 @@ AlphaNum::AlphaNum(strings::Hex hex) { // after the area just overwritten. It comes in multiple flavors to minimize // call overhead. static char *Append1(char *out, const AlphaNum &x) { - memcpy(out, x.data(), x.size()); - return out + x.size(); + if (x.size() > 0) { + memcpy(out, x.data(), x.size()); + out += x.size(); + } + return out; } static char *Append2(char *out, const AlphaNum &x1, const AlphaNum &x2) { - memcpy(out, x1.data(), x1.size()); - out += x1.size(); - - memcpy(out, x2.data(), x2.size()); - return out + x2.size(); + if (x1.size() > 0) { + memcpy(out, x1.data(), x1.size()); + out += x1.size(); + } + if (x2.size() > 0) { + memcpy(out, x2.data(), x2.size()); + out += x2.size(); + } + return out; } -static char *Append4(char *out, - const AlphaNum &x1, const AlphaNum &x2, +static char *Append4(char *out, const AlphaNum &x1, const AlphaNum &x2, const AlphaNum &x3, const AlphaNum &x4) { - memcpy(out, x1.data(), x1.size()); - out += x1.size(); - - memcpy(out, x2.data(), x2.size()); - out += x2.size(); - - memcpy(out, x3.data(), x3.size()); - out += x3.size(); - - memcpy(out, x4.data(), x4.size()); - return out + x4.size(); + if (x1.size() > 0) { + memcpy(out, x1.data(), x1.size()); + out += x1.size(); + } + if (x2.size() > 0) { + memcpy(out, x2.data(), x2.size()); + out += x2.size(); + } + if (x3.size() > 0) { + memcpy(out, x3.data(), x3.size()); + out += x3.size(); + } + if (x4.size() > 0) { + memcpy(out, x4.data(), x4.size()); + out += x4.size(); + } + return out; } string StrCat(const AlphaNum &a, const AlphaNum &b) { # patching for zlib binding diff --git a/BUILD b/BUILD index efc3d8e7f..746ad4851 100644 --- a/BUILD +++ b/BUILD @@ -24,7 +24,7 @@ config_setting( # ZLIB configuration ################################################################################ -ZLIB_DEPS = ["@zlib//:zlib"] +ZLIB_DEPS = ["//external:zlib"] ################################################################################ # Protobuf Runtime Library diff --git a/protobuf.bzl b/protobuf.bzl index 5fa5543b1..484bc41a7 100644 --- a/protobuf.bzl +++ b/protobuf.bzl @@ -75,18 +75,17 @@ def _RelativeOutputPath(path, include, dest = ""): def _proto_gen_impl(ctx): """General implementation for generating protos""" srcs = ctx.files.srcs - deps = [] - deps += ctx.files.srcs + deps = depset(direct=ctx.files.srcs) source_dir = _SourceDir(ctx) gen_dir = _GenDir(ctx).rstrip("/") if source_dir: - import_flags = ["-I" + source_dir, "-I" + gen_dir] + import_flags = depset(direct=["-I" + source_dir, "-I" + gen_dir]) else: - import_flags = ["-I."] + import_flags = depset(direct=["-I."]) for dep in ctx.attr.deps: - import_flags += dep.proto.import_flags - deps += dep.proto.deps + import_flags = depset(transitive=[import_flags, dep.proto.import_flags]) + deps = depset(transitive=[deps, dep.proto.deps]) if not ctx.attr.gen_cc and not ctx.attr.gen_py and not ctx.executable.plugin: return struct( @@ -103,7 +102,7 @@ def _proto_gen_impl(ctx): in_gen_dir = src.root.path == gen_dir if in_gen_dir: import_flags_real = [] - for f in depset(import_flags).to_list(): + for f in import_flags.to_list(): path = f.replace("-I", "") import_flags_real.append("-I$(realpath -s %s)" % path) @@ -118,7 +117,7 @@ def _proto_gen_impl(ctx): outs.extend(_PyOuts([src.basename], use_grpc_plugin = use_grpc_plugin)) outs = [ctx.actions.declare_file(out, sibling = src) for out in outs] - inputs = [src] + deps + inputs = [src] + deps.to_list() tools = [ctx.executable.protoc] if ctx.executable.plugin: plugin = ctx.executable.plugin @@ -141,7 +140,7 @@ def _proto_gen_impl(ctx): inputs = inputs, tools = tools, outputs = outs, - arguments = args + import_flags + [src.path], + arguments = args + import_flags.to_list() + [src.path], executable = ctx.executable.protoc, mnemonic = "ProtoCompile", use_default_shell_env = True, ================================================ FILE: bazel/repositories.bzl ================================================ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") load(":dev_binding.bzl", "envoy_dev_binding") load(":genrule_repository.bzl", "genrule_repository") load("@envoy_api//bazel:envoy_http_archive.bzl", "envoy_http_archive") load(":repository_locations.bzl", "DEPENDENCY_ANNOTATIONS", "DEPENDENCY_REPOSITORIES", "USE_CATEGORIES", "USE_CATEGORIES_WITH_CPE_OPTIONAL") load("@com_google_googleapis//:repository_rules.bzl", "switched_rules_by_language") load(":crates.bzl", "raze_fetch_remote_crates") PPC_SKIP_TARGETS = ["envoy.filters.http.lua"] WINDOWS_SKIP_TARGETS = [ "envoy.tracers.dynamic_ot", "envoy.tracers.lightstep", "envoy.tracers.datadog", "envoy.tracers.opencensus", "envoy.watchdog.abort_action", ] # Make all contents of an external repository accessible under a filegroup. Used for external HTTP # archives, e.g. cares. BUILD_ALL_CONTENT = """filegroup(name = "all", srcs = glob(["**"]), visibility = ["//visibility:public"])""" def _build_all_content(exclude = []): return """filegroup(name = "all", srcs = glob(["**"], exclude={}), visibility = ["//visibility:public"])""".format(repr(exclude)) def _fail_missing_attribute(attr, key): fail("The '%s' attribute must be defined for external dependecy " % attr + key) # Method for verifying content of the DEPENDENCY_REPOSITORIES defined in bazel/repository_locations.bzl # Verification is here so that bazel/repository_locations.bzl can be loaded into other tools written in Python, # and as such needs to be free of bazel specific constructs. # # We also remove the attributes for further consumption in this file, since rules such as http_archive # don't recognize them. def _repository_locations(): locations = {} for key, location in DEPENDENCY_REPOSITORIES.items(): mutable_location = dict(location) locations[key] = mutable_location if "sha256" not in location or len(location["sha256"]) == 0: _fail_missing_attribute("sha256", key) if "project_name" not in location: _fail_missing_attribute("project_name", key) mutable_location.pop("project_name") if "project_desc" not in location: _fail_missing_attribute("project_desc", key) mutable_location.pop("project_desc") if "project_url" not in location: _fail_missing_attribute("project_url", key) project_url = mutable_location.pop("project_url") if not project_url.startswith("https://") and not project_url.startswith("http://"): fail("project_url must start with https:// or http://: " + project_url) if "version" not in location: _fail_missing_attribute("version", key) mutable_location.pop("version") if "use_category" not in location: _fail_missing_attribute("use_category", key) use_category = mutable_location.pop("use_category") if "dataplane_ext" in use_category or "observability_ext" in use_category: if "extensions" not in location: _fail_missing_attribute("extensions", key) mutable_location.pop("extensions") if "last_updated" not in location: _fail_missing_attribute("last_updated", key) last_updated = mutable_location.pop("last_updated") # Starlark doesn't have regexes. if len(last_updated) != 10 or last_updated[4] != "-" or last_updated[7] != "-": fail("last_updated must match YYYY-DD-MM: " + last_updated) if "cpe" in location: cpe = mutable_location.pop("cpe") # Starlark doesn't have regexes. cpe_matches = (cpe != "N/A" and (not cpe.startswith("cpe:2.3:a:") or not cpe.endswith(":*") and len(cpe.split(":")) != 6)) if cpe_matches: fail("CPE must match cpe:2.3:a:::*: " + cpe) elif not [category for category in USE_CATEGORIES_WITH_CPE_OPTIONAL if category in location["use_category"]]: _fail_missing_attribute("cpe", key) for category in location["use_category"]: if category not in USE_CATEGORIES: fail("Unknown use_category value '" + category + "' for dependecy " + key) return locations REPOSITORY_LOCATIONS = _repository_locations() # To initialize http_archive REPOSITORY_LOCATIONS dictionaries must be stripped of annotations. # See repository_locations.bzl for the list of annotation attributes. def _get_location(dependency): stripped = dict(REPOSITORY_LOCATIONS[dependency]) for attribute in DEPENDENCY_ANNOTATIONS: stripped.pop(attribute, None) return stripped def _repository_impl(name, **kwargs): envoy_http_archive( name, locations = REPOSITORY_LOCATIONS, **kwargs ) def _default_envoy_build_config_impl(ctx): ctx.file("WORKSPACE", "") ctx.file("BUILD.bazel", "") ctx.symlink(ctx.attr.config, "extensions_build_config.bzl") _default_envoy_build_config = repository_rule( implementation = _default_envoy_build_config_impl, attrs = { "config": attr.label(default = "@envoy//source/extensions:extensions_build_config.bzl"), }, ) # Python dependencies. def _python_deps(): # TODO(htuch): convert these to pip3_import. _repository_impl( name = "com_github_twitter_common_lang", build_file = "@envoy//bazel/external:twitter_common_lang.BUILD", ) _repository_impl( name = "com_github_twitter_common_rpc", build_file = "@envoy//bazel/external:twitter_common_rpc.BUILD", ) _repository_impl( name = "com_github_twitter_common_finagle_thrift", build_file = "@envoy//bazel/external:twitter_common_finagle_thrift.BUILD", ) _repository_impl( name = "six", build_file = "@com_google_protobuf//third_party:six.BUILD", ) # Bazel native C++ dependencies. For the dependencies that doesn't provide autoconf/automake builds. def _cc_deps(): _repository_impl("grpc_httpjson_transcoding") native.bind( name = "path_matcher", actual = "@grpc_httpjson_transcoding//src:path_matcher", ) native.bind( name = "grpc_transcoding", actual = "@grpc_httpjson_transcoding//src:transcoding", ) def _go_deps(skip_targets): # Keep the skip_targets check around until Istio Proxy has stopped using # it to exclude the Go rules. if "io_bazel_rules_go" not in skip_targets: _repository_impl( name = "io_bazel_rules_go", # TODO(wrowe, sunjayBhatia): remove when Windows RBE supports batch file invocation patch_args = ["-p1"], patches = ["@envoy//bazel:rules_go.patch"], ) _repository_impl("bazel_gazelle") def _rust_deps(): _repository_impl("io_bazel_rules_rust") raze_fetch_remote_crates() def envoy_dependencies(skip_targets = []): # Setup Envoy developer tools. envoy_dev_binding() # Treat Envoy's overall build config as an external repo, so projects that # build Envoy as a subcomponent can easily override the config. if "envoy_build_config" not in native.existing_rules().keys(): _default_envoy_build_config(name = "envoy_build_config") # Setup external Bazel rules _foreign_cc_dependencies() # Binding to an alias pointing to the selected version of BoringSSL: # - BoringSSL FIPS from @boringssl_fips//:ssl, # - non-FIPS BoringSSL from @boringssl//:ssl. _boringssl() _boringssl_fips() native.bind( name = "ssl", actual = "@envoy//bazel:boringssl", ) # The long repo names (`com_github_fmtlib_fmt` instead of `fmtlib`) are # semi-standard in the Bazel community, intended to avoid both duplicate # dependencies and name conflicts. _com_github_c_ares_c_ares() _com_github_circonus_labs_libcircllhist() _com_github_cyan4973_xxhash() _com_github_datadog_dd_opentracing_cpp() _com_github_mirror_tclap() _com_github_envoyproxy_sqlparser() _com_github_fmtlib_fmt() _com_github_gabime_spdlog() _com_github_google_benchmark() _com_github_google_jwt_verify() _com_github_google_libprotobuf_mutator() _com_github_google_tcmalloc() _com_github_gperftools_gperftools() _com_github_grpc_grpc() _com_github_jbeder_yaml_cpp() _com_github_libevent_libevent() _com_github_luajit_luajit() _com_github_moonjit_moonjit() _com_github_nghttp2_nghttp2() _com_github_nodejs_http_parser() _com_github_tencent_rapidjson() _com_google_absl() _com_google_googletest() _com_google_protobuf() _io_opencensus_cpp() _com_github_curl() _com_github_envoyproxy_sqlparser() _com_googlesource_chromium_v8() _com_googlesource_quiche() _com_googlesource_googleurl() _com_lightstep_tracer_cpp() _io_opentracing_cpp() _net_zlib() _com_github_zlib_ng_zlib_ng() _upb() _proxy_wasm_cpp_sdk() _proxy_wasm_cpp_host() _emscripten_toolchain() _repository_impl("com_googlesource_code_re2") _com_google_cel_cpp() _repository_impl("com_github_google_flatbuffers") _repository_impl("bazel_toolchains") _repository_impl("bazel_compdb") _repository_impl("envoy_build_tools") _repository_impl("rules_cc") # Unconditional, since we use this only for compiler-agnostic fuzzing utils. _org_llvm_releases_compiler_rt() _python_deps() _cc_deps() _go_deps(skip_targets) _rust_deps() _kafka_deps() _org_llvm_llvm() _com_github_wavm_wavm() switched_rules_by_language( name = "com_google_googleapis_imports", cc = True, go = True, grpc = True, rules_override = { "py_proto_library": "@envoy_api//bazel:api_build_system.bzl", }, ) native.bind( name = "bazel_runfiles", actual = "@bazel_tools//tools/cpp/runfiles", ) def _boringssl(): _repository_impl( name = "boringssl", patch_args = ["-p1"], patches = ["@envoy//bazel:boringssl_static.patch"], ) def _boringssl_fips(): location = REPOSITORY_LOCATIONS["boringssl_fips"] genrule_repository( name = "boringssl_fips", urls = location["urls"], sha256 = location["sha256"], genrule_cmd_file = "@envoy//bazel/external:boringssl_fips.genrule_cmd", build_file = "@envoy//bazel/external:boringssl_fips.BUILD", patches = ["@envoy//bazel/external:boringssl_fips.patch"], ) def _com_github_circonus_labs_libcircllhist(): _repository_impl( name = "com_github_circonus_labs_libcircllhist", build_file = "@envoy//bazel/external:libcircllhist.BUILD", ) native.bind( name = "libcircllhist", actual = "@com_github_circonus_labs_libcircllhist//:libcircllhist", ) def _com_github_c_ares_c_ares(): location = _get_location("com_github_c_ares_c_ares") http_archive( name = "com_github_c_ares_c_ares", build_file_content = BUILD_ALL_CONTENT, **location ) native.bind( name = "ares", actual = "@envoy//bazel/foreign_cc:ares", ) def _com_github_cyan4973_xxhash(): _repository_impl( name = "com_github_cyan4973_xxhash", build_file = "@envoy//bazel/external:xxhash.BUILD", ) native.bind( name = "xxhash", actual = "@com_github_cyan4973_xxhash//:xxhash", ) def _com_github_envoyproxy_sqlparser(): _repository_impl( name = "com_github_envoyproxy_sqlparser", build_file = "@envoy//bazel/external:sqlparser.BUILD", ) native.bind( name = "sqlparser", actual = "@com_github_envoyproxy_sqlparser//:sqlparser", ) def _com_github_mirror_tclap(): _repository_impl( name = "com_github_mirror_tclap", build_file = "@envoy//bazel/external:tclap.BUILD", patch_args = ["-p1"], # If and when we pick up tclap 1.4 or later release, # this entire issue was refactored away 6 years ago; # https://sourceforge.net/p/tclap/code/ci/5d4ffbf2db794af799b8c5727fb6c65c079195ac/ # https://github.com/envoyproxy/envoy/pull/8572#discussion_r337554195 patches = ["@envoy//bazel:tclap-win64-ull-sizet.patch"], ) native.bind( name = "tclap", actual = "@com_github_mirror_tclap//:tclap", ) def _com_github_fmtlib_fmt(): _repository_impl( name = "com_github_fmtlib_fmt", build_file = "@envoy//bazel/external:fmtlib.BUILD", ) native.bind( name = "fmtlib", actual = "@com_github_fmtlib_fmt//:fmtlib", ) def _com_github_gabime_spdlog(): _repository_impl( name = "com_github_gabime_spdlog", build_file = "@envoy//bazel/external:spdlog.BUILD", ) native.bind( name = "spdlog", actual = "@com_github_gabime_spdlog//:spdlog", ) def _com_github_google_benchmark(): location = _get_location("com_github_google_benchmark") http_archive( name = "com_github_google_benchmark", **location ) native.bind( name = "benchmark", actual = "@com_github_google_benchmark//:benchmark", ) def _com_github_google_libprotobuf_mutator(): _repository_impl( name = "com_github_google_libprotobuf_mutator", build_file = "@envoy//bazel/external:libprotobuf_mutator.BUILD", ) def _com_github_jbeder_yaml_cpp(): _repository_impl( name = "com_github_jbeder_yaml_cpp", ) native.bind( name = "yaml_cpp", actual = "@com_github_jbeder_yaml_cpp//:yaml-cpp", ) def _com_github_libevent_libevent(): location = _get_location("com_github_libevent_libevent") http_archive( name = "com_github_libevent_libevent", build_file_content = BUILD_ALL_CONTENT, **location ) native.bind( name = "event", actual = "@envoy//bazel/foreign_cc:event", ) def _net_zlib(): _repository_impl( name = "net_zlib", build_file_content = BUILD_ALL_CONTENT, patch_args = ["-p1"], patches = ["@envoy//bazel/foreign_cc:zlib.patch"], ) native.bind( name = "zlib", actual = "@envoy//bazel/foreign_cc:zlib", ) # Bind for grpc. native.bind( name = "madler_zlib", actual = "@envoy//bazel/foreign_cc:zlib", ) def _com_github_zlib_ng_zlib_ng(): _repository_impl( name = "com_github_zlib_ng_zlib_ng", build_file_content = BUILD_ALL_CONTENT, ) def _com_google_cel_cpp(): _repository_impl("com_google_cel_cpp") _repository_impl("rules_antlr") location = _get_location("antlr4_runtimes") http_archive( name = "antlr4_runtimes", build_file_content = """ package(default_visibility = ["//visibility:public"]) cc_library( name = "cpp", srcs = glob(["runtime/Cpp/runtime/src/**/*.cpp"]), hdrs = glob(["runtime/Cpp/runtime/src/**/*.h"]), includes = ["runtime/Cpp/runtime/src"], ) """, patch_args = ["-p1"], # Patches ASAN violation of initialization fiasco patches = ["@envoy//bazel:antlr.patch"], **location ) # Parser dependencies # TODO: upgrade this when cel is upgraded to use the latest version http_archive( name = "rules_antlr", sha256 = "7249d1569293d9b239e23c65f6b4c81a07da921738bde0dfeb231ed98be40429", strip_prefix = "rules_antlr-3cc2f9502a54ceb7b79b37383316b23c4da66f9a", urls = ["https://github.com/marcohu/rules_antlr/archive/3cc2f9502a54ceb7b79b37383316b23c4da66f9a.tar.gz"], ) http_archive( name = "antlr4_runtimes", build_file_content = """ package(default_visibility = ["//visibility:public"]) cc_library( name = "cpp", srcs = glob(["runtime/Cpp/runtime/src/**/*.cpp"]), hdrs = glob(["runtime/Cpp/runtime/src/**/*.h"]), includes = ["runtime/Cpp/runtime/src"], ) """, sha256 = "46f5e1af5f4bd28ade55cb632f9a069656b31fc8c2408f9aa045f9b5f5caad64", patch_args = ["-p1"], # Patches ASAN violation of initialization fiasco patches = ["@envoy//bazel:antlr.patch"], strip_prefix = "antlr4-4.7.2", urls = ["https://github.com/antlr/antlr4/archive/4.7.2.tar.gz"], ) def _com_github_nghttp2_nghttp2(): location = _get_location("com_github_nghttp2_nghttp2") http_archive( name = "com_github_nghttp2_nghttp2", build_file_content = BUILD_ALL_CONTENT, patch_args = ["-p1"], # This patch cannot be picked up due to ABI rules. Better # solve is likely at the next version-major. Discussion at; # https://github.com/nghttp2/nghttp2/pull/1395 # https://github.com/envoyproxy/envoy/pull/8572#discussion_r334067786 patches = ["@envoy//bazel/foreign_cc:nghttp2.patch"], **location ) native.bind( name = "nghttp2", actual = "@envoy//bazel/foreign_cc:nghttp2", ) def _io_opentracing_cpp(): _repository_impl( name = "io_opentracing_cpp", patch_args = ["-p1"], # Workaround for LSAN false positive in https://github.com/envoyproxy/envoy/issues/7647 patches = ["@envoy//bazel:io_opentracing_cpp.patch"], ) native.bind( name = "opentracing", actual = "@io_opentracing_cpp//:opentracing", ) def _com_lightstep_tracer_cpp(): _repository_impl("com_lightstep_tracer_cpp") native.bind( name = "lightstep", actual = "@com_lightstep_tracer_cpp//:manual_tracer_lib", ) def _com_github_datadog_dd_opentracing_cpp(): _repository_impl("com_github_datadog_dd_opentracing_cpp") _repository_impl( name = "com_github_msgpack_msgpack_c", build_file = "@com_github_datadog_dd_opentracing_cpp//:bazel/external/msgpack.BUILD", ) native.bind( name = "dd_opentracing_cpp", actual = "@com_github_datadog_dd_opentracing_cpp//:dd_opentracing_cpp", ) def _com_github_tencent_rapidjson(): _repository_impl( name = "com_github_tencent_rapidjson", build_file = "@envoy//bazel/external:rapidjson.BUILD", ) native.bind( name = "rapidjson", actual = "@com_github_tencent_rapidjson//:rapidjson", ) def _com_github_nodejs_http_parser(): _repository_impl( name = "com_github_nodejs_http_parser", build_file = "@envoy//bazel/external:http-parser.BUILD", ) native.bind( name = "http_parser", actual = "@com_github_nodejs_http_parser//:http_parser", ) def _com_google_googletest(): _repository_impl("com_google_googletest") native.bind( name = "googletest", actual = "@com_google_googletest//:gtest", ) # TODO(jmarantz): replace the use of bind and external_deps with just # the direct Bazel path at all sites. This will make it easier to # pull in more bits of abseil as needed, and is now the preferred # method for pure Bazel deps. def _com_google_absl(): _repository_impl("com_google_absl") native.bind( name = "abseil_any", actual = "@com_google_absl//absl/types:any", ) native.bind( name = "abseil_base", actual = "@com_google_absl//absl/base:base", ) # Bind for grpc. native.bind( name = "absl-base", actual = "@com_google_absl//absl/base", ) native.bind( name = "abseil_flat_hash_map", actual = "@com_google_absl//absl/container:flat_hash_map", ) native.bind( name = "abseil_flat_hash_set", actual = "@com_google_absl//absl/container:flat_hash_set", ) native.bind( name = "abseil_hash", actual = "@com_google_absl//absl/hash:hash", ) native.bind( name = "abseil_hash_testing", actual = "@com_google_absl//absl/hash:hash_testing", ) native.bind( name = "abseil_inlined_vector", actual = "@com_google_absl//absl/container:inlined_vector", ) native.bind( name = "abseil_memory", actual = "@com_google_absl//absl/memory:memory", ) native.bind( name = "abseil_node_hash_map", actual = "@com_google_absl//absl/container:node_hash_map", ) native.bind( name = "abseil_node_hash_set", actual = "@com_google_absl//absl/container:node_hash_set", ) native.bind( name = "abseil_str_format", actual = "@com_google_absl//absl/strings:str_format", ) native.bind( name = "abseil_strings", actual = "@com_google_absl//absl/strings:strings", ) native.bind( name = "abseil_int128", actual = "@com_google_absl//absl/numeric:int128", ) native.bind( name = "abseil_optional", actual = "@com_google_absl//absl/types:optional", ) native.bind( name = "abseil_synchronization", actual = "@com_google_absl//absl/synchronization:synchronization", ) native.bind( name = "abseil_symbolize", actual = "@com_google_absl//absl/debugging:symbolize", ) native.bind( name = "abseil_stacktrace", actual = "@com_google_absl//absl/debugging:stacktrace", ) # Require abseil_time as an indirect dependency as it is needed by the # direct dependency jwt_verify_lib. native.bind( name = "abseil_time", actual = "@com_google_absl//absl/time:time", ) # Bind for grpc. native.bind( name = "absl-time", actual = "@com_google_absl//absl/time:time", ) native.bind( name = "abseil_algorithm", actual = "@com_google_absl//absl/algorithm:algorithm", ) native.bind( name = "abseil_variant", actual = "@com_google_absl//absl/types:variant", ) native.bind( name = "abseil_status", actual = "@com_google_absl//absl/status", ) def _com_google_protobuf(): _repository_impl("rules_python") _repository_impl( "com_google_protobuf", patches = ["@envoy//bazel:protobuf.patch"], patch_args = ["-p1"], ) native.bind( name = "protobuf", actual = "@com_google_protobuf//:protobuf", ) native.bind( name = "protobuf_clib", actual = "@com_google_protobuf//:protoc_lib", ) native.bind( name = "protocol_compiler", actual = "@com_google_protobuf//:protoc", ) native.bind( name = "protoc", actual = "@com_google_protobuf//:protoc", ) # Needed for `bazel fetch` to work with @com_google_protobuf # https://github.com/google/protobuf/blob/v3.6.1/util/python/BUILD#L6-L9 native.bind( name = "python_headers", actual = "@com_google_protobuf//util/python:python_headers", ) def _io_opencensus_cpp(): location = _get_location("io_opencensus_cpp") http_archive( name = "io_opencensus_cpp", **location ) native.bind( name = "opencensus_trace", actual = "@io_opencensus_cpp//opencensus/trace", ) native.bind( name = "opencensus_trace_b3", actual = "@io_opencensus_cpp//opencensus/trace:b3", ) native.bind( name = "opencensus_trace_cloud_trace_context", actual = "@io_opencensus_cpp//opencensus/trace:cloud_trace_context", ) native.bind( name = "opencensus_trace_grpc_trace_bin", actual = "@io_opencensus_cpp//opencensus/trace:grpc_trace_bin", ) native.bind( name = "opencensus_trace_trace_context", actual = "@io_opencensus_cpp//opencensus/trace:trace_context", ) native.bind( name = "opencensus_exporter_ocagent", actual = "@io_opencensus_cpp//opencensus/exporters/trace/ocagent:ocagent_exporter", ) native.bind( name = "opencensus_exporter_stdout", actual = "@io_opencensus_cpp//opencensus/exporters/trace/stdout:stdout_exporter", ) native.bind( name = "opencensus_exporter_stackdriver", actual = "@io_opencensus_cpp//opencensus/exporters/trace/stackdriver:stackdriver_exporter", ) native.bind( name = "opencensus_exporter_zipkin", actual = "@io_opencensus_cpp//opencensus/exporters/trace/zipkin:zipkin_exporter", ) def _com_github_curl(): # Used by OpenCensus Zipkin exporter. location = _get_location("com_github_curl") http_archive( name = "com_github_curl", build_file_content = BUILD_ALL_CONTENT + """ cc_library(name = "curl", visibility = ["//visibility:public"], deps = ["@envoy//bazel/foreign_cc:curl"]) """, **location ) native.bind( name = "curl", actual = "@envoy//bazel/foreign_cc:curl", ) def _com_googlesource_chromium_v8(): location = _get_location("com_googlesource_chromium_v8") genrule_repository( name = "com_googlesource_chromium_v8", genrule_cmd_file = "@envoy//bazel/external:wee8.genrule_cmd", build_file = "@envoy//bazel/external:wee8.BUILD", patches = ["@envoy//bazel/external:wee8.patch"], **location ) native.bind( name = "wee8", actual = "@com_googlesource_chromium_v8//:wee8", ) def _com_googlesource_quiche(): location = REPOSITORY_LOCATIONS["com_googlesource_quiche"] genrule_repository( name = "com_googlesource_quiche", urls = location["urls"], sha256 = location["sha256"], genrule_cmd_file = "@envoy//bazel/external:quiche.genrule_cmd", build_file = "@envoy//bazel/external:quiche.BUILD", ) native.bind( name = "quiche_common_platform", actual = "@com_googlesource_quiche//:quiche_common_platform", ) native.bind( name = "quiche_http2_platform", actual = "@com_googlesource_quiche//:http2_platform", ) native.bind( name = "quiche_spdy_platform", actual = "@com_googlesource_quiche//:spdy_platform", ) native.bind( name = "quiche_quic_platform", actual = "@com_googlesource_quiche//:quic_platform", ) native.bind( name = "quiche_quic_platform_base", actual = "@com_googlesource_quiche//:quic_platform_base", ) def _com_googlesource_googleurl(): _repository_impl( name = "com_googlesource_googleurl", ) native.bind( name = "googleurl", actual = "@com_googlesource_googleurl//url:url", ) def _org_llvm_releases_compiler_rt(): _repository_impl( name = "org_llvm_releases_compiler_rt", build_file = "@envoy//bazel/external:compiler_rt.BUILD", ) def _com_github_grpc_grpc(): _repository_impl("com_github_grpc_grpc") _repository_impl("build_bazel_rules_apple") # Rebind some stuff to match what the gRPC Bazel is expecting. native.bind( name = "protobuf_headers", actual = "@com_google_protobuf//:protobuf_headers", ) native.bind( name = "libssl", actual = "//external:ssl", ) native.bind( name = "cares", actual = "//external:ares", ) native.bind( name = "grpc", actual = "@com_github_grpc_grpc//:grpc++", ) native.bind( name = "grpc_health_proto", actual = "@envoy//bazel:grpc_health_proto", ) native.bind( name = "grpc_alts_fake_handshaker_server", actual = "@com_github_grpc_grpc//test/core/tsi/alts/fake_handshaker:fake_handshaker_lib", ) native.bind( name = "grpc_alts_handshaker_proto", actual = "@com_github_grpc_grpc//test/core/tsi/alts/fake_handshaker:handshaker_proto", ) native.bind( name = "grpc_alts_transport_security_common_proto", actual = "@com_github_grpc_grpc//test/core/tsi/alts/fake_handshaker:transport_security_common_proto", ) def _upb(): _repository_impl( name = "upb", patches = ["@envoy//bazel:upb.patch"], patch_args = ["-p1"], ) native.bind( name = "upb_lib", actual = "@upb//:upb", ) def _proxy_wasm_cpp_sdk(): _repository_impl(name = "proxy_wasm_cpp_sdk") def _proxy_wasm_cpp_host(): _repository_impl( name = "proxy_wasm_cpp_host", build_file = "@envoy//bazel/external:proxy_wasm_cpp_host.BUILD", ) def _emscripten_toolchain(): _repository_impl( name = "emscripten_toolchain", build_file_content = _build_all_content(exclude = [ "upstream/emscripten/cache/is_vanilla.txt", ".emscripten_sanity", ]), patch_cmds = REPOSITORY_LOCATIONS["emscripten_toolchain"]["patch_cmds"], ) def _com_github_google_jwt_verify(): _repository_impl("com_github_google_jwt_verify") native.bind( name = "jwt_verify_lib", actual = "@com_github_google_jwt_verify//:jwt_verify_lib", ) def _com_github_luajit_luajit(): location = _get_location("com_github_luajit_luajit") http_archive( name = "com_github_luajit_luajit", build_file_content = BUILD_ALL_CONTENT, patches = ["@envoy//bazel/foreign_cc:luajit.patch"], patch_args = ["-p1"], patch_cmds = ["chmod u+x build.py"], **location ) native.bind( name = "luajit", actual = "@envoy//bazel/foreign_cc:luajit", ) def _com_github_moonjit_moonjit(): location = _get_location("com_github_moonjit_moonjit") http_archive( name = "com_github_moonjit_moonjit", build_file_content = BUILD_ALL_CONTENT, patches = ["@envoy//bazel/foreign_cc:moonjit.patch"], patch_args = ["-p1"], patch_cmds = ["chmod u+x build.py"], **location ) native.bind( name = "moonjit", actual = "@envoy//bazel/foreign_cc:moonjit", ) def _com_github_google_tcmalloc(): _repository_impl( name = "com_github_google_tcmalloc", ) native.bind( name = "tcmalloc", actual = "@com_github_google_tcmalloc//tcmalloc", ) def _com_github_gperftools_gperftools(): location = _get_location("com_github_gperftools_gperftools") http_archive( name = "com_github_gperftools_gperftools", build_file_content = BUILD_ALL_CONTENT, **location ) native.bind( name = "gperftools", actual = "@envoy//bazel/foreign_cc:gperftools", ) def _org_llvm_llvm(): location = _get_location("org_llvm_llvm") http_archive( name = "org_llvm_llvm", build_file_content = BUILD_ALL_CONTENT, patch_args = ["-p1"], patches = ["@envoy//bazel/foreign_cc:llvm.patch"], **location ) native.bind( name = "llvm", actual = "@envoy//bazel/foreign_cc:llvm", ) def _com_github_wavm_wavm(): location = _get_location("com_github_wavm_wavm") http_archive( name = "com_github_wavm_wavm", build_file_content = BUILD_ALL_CONTENT, **location ) native.bind( name = "wavm", actual = "@envoy//bazel/foreign_cc:wavm", ) def _kafka_deps(): # This archive contains Kafka client source code. # We are using request/response message format files to generate parser code. KAFKASOURCE_BUILD_CONTENT = """ filegroup( name = "request_protocol_files", srcs = glob(["*Request.json"]), visibility = ["//visibility:public"], ) filegroup( name = "response_protocol_files", srcs = glob(["*Response.json"]), visibility = ["//visibility:public"], ) """ http_archive( name = "kafka_source", build_file_content = KAFKASOURCE_BUILD_CONTENT, patches = ["@envoy//bazel/external:kafka_int32.patch"], **_get_location("kafka_source") ) # This archive provides Kafka (and Zookeeper) binaries, that are used during Kafka integration # tests. http_archive( name = "kafka_server_binary", build_file_content = BUILD_ALL_CONTENT, **_get_location("kafka_server_binary") ) # This archive provides Kafka client in Python, so we can use it to interact with Kafka server # during interation tests. http_archive( name = "kafka_python_client", build_file_content = BUILD_ALL_CONTENT, **_get_location("kafka_python_client") ) def _foreign_cc_dependencies(): _repository_impl("rules_foreign_cc") def _is_linux(ctxt): return ctxt.os.name == "linux" def _is_arch(ctxt, arch): res = ctxt.execute(["uname", "-m"]) return arch in res.stdout def _is_linux_ppc(ctxt): return _is_linux(ctxt) and _is_arch(ctxt, "ppc") def _is_linux_s390x(ctxt): return _is_linux(ctxt) and _is_arch(ctxt, "s390x") def _is_linux_x86_64(ctxt): return _is_linux(ctxt) and _is_arch(ctxt, "x86_64") ================================================ FILE: bazel/repositories_extra.bzl ================================================ load("@rules_python//python:repositories.bzl", "py_repositories") load("@rules_python//python:pip.bzl", "pip3_import", "pip_repositories") # Python dependencies. def _python_deps(): py_repositories() pip_repositories() pip3_import( name = "config_validation_pip3", requirements = "@envoy//tools/config_validation:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "PyYAML", # project_url = "https://github.com/yaml/pyyaml", # version = "5.3.1", # last_update = "2020-03-18" # use_category = ["other"], # cpe = "cpe:2.3:a:pyyaml:pyyaml:*", ) pip3_import( name = "configs_pip3", requirements = "@envoy//configs:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "Jinja", # project_url = "http://palletsprojects.com/p/jinja", # version = "2.11.2", # last_update = "2020-04-13" # use_category = ["test"], # cpe = "cpe:2.3:a:palletsprojects:jinja:*", # project_name = "MarkupSafe", # project_url = "https://markupsafe.palletsprojects.com/en/1.1.x/", # version = "1.1.1", # last_update = "2019-02-23" # use_category = ["test"], ) pip3_import( name = "kafka_pip3", requirements = "@envoy//source/extensions/filters/network/kafka:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "Jinja", # project_url = "http://palletsprojects.com/p/jinja", # version = "2.11.2", # last_update = "2020-04-13" # use_category = ["test"], # cpe = "cpe:2.3:a:palletsprojects:jinja:*", # project_name = "MarkupSafe", # project_url = "https://markupsafe.palletsprojects.com/en/1.1.x/", # version = "1.1.1", # last_update = "2019-02-23" # use_category = ["test"], ) pip3_import( name = "headersplit_pip3", requirements = "@envoy//tools/envoy_headersplit:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "Clang", # project_url = "https://clang.llvm.org/", # version = "10.0.1", # last_update = "2020-07-21" # use_category = ["other"], # cpe = "cpe:2.3:a:llvm:clang:*", ) pip3_import( name = "protodoc_pip3", requirements = "@envoy//tools/protodoc:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "PyYAML", # project_url = "https://github.com/yaml/pyyaml", # version = "5.3.1", # last_update = "2020-03-18" # use_category = ["other"], # cpe = "cpe:2.3:a:pyyaml:pyyaml:*", ) pip3_import( name = "thrift_pip3", requirements = "@envoy//test/extensions/filters/network/thrift_proxy:requirements.txt", extra_pip_args = ["--require-hashes"], # project_name = "Apache Thrift", # project_url = "http://thrift.apache.org/", # version = "0.11.0", # last_update = "2017-12-07" # use_category = ["dataplane"], # cpe = "cpe:2.3:a:apache:thrift:*", # project_name = "Six: Python 2 and 3 Compatibility Library", # project_url = "https://six.readthedocs.io/", # version = "1.15.0", # last_update = "2020-05-21" # use_category = ["dataplane"], ) # Envoy deps that rely on a first stage of dependency loading in envoy_dependencies(). def envoy_dependencies_extra(): _python_deps() ================================================ FILE: bazel/repository_locations.bzl ================================================ # Validation of content in this file is done on the bazel/repositories.bzl file to make it free of bazel # constructs. This is to allow this file to be loaded into Python based build and maintenance tools. # Envoy dependencies may be annotated with the following attributes: DEPENDENCY_ANNOTATIONS = [ # List of the categories describing how the dependency is being used. This attribute is used # for automatic tracking of security posture of Envoy's dependencies. # Possible values are documented in the USE_CATEGORIES list below. # This attribute is mandatory for each dependecy. "use_category", # Attribute specifying CPE (Common Platform Enumeration, see https://nvd.nist.gov/products/cpe) ID # of the dependency. The ID may be in v2.3 or v2.2 format, although v2.3 is prefferred. See # https://nvd.nist.gov/products/cpe for CPE format. Use single wildcard '*' for version and vector elements # i.e. 'cpe:2.3:a:nghttp2:nghttp2:*'. Use "N/A" for dependencies without CPE assigned. # This attribute is optional for components with use categories listed in the # USE_CATEGORIES_WITH_CPE_OPTIONAL "cpe", ] # NOTE: If a dependency use case is either dataplane or controlplane, the other uses are not needed # to be declared. USE_CATEGORIES = [ # This dependency is used in API protos. "api", # This dependency is used in build process. "build", # This dependency is used to process xDS requests. "controlplane", # This dependency is used in processing downstream or upstream requests (core). "dataplane_core", # This dependency is used in processing downstream or upstream requests (extensions). "dataplane_ext", # This dependecy is used for logging, metrics or tracing (core). It may process unstrusted input. "observability_core", # This dependecy is used for logging, metrics or tracing (extensions). It may process unstrusted input. "observability_ext", # This dependency does not handle untrusted data and is used for various utility purposes. "other", # This dependency is used only in tests. "test_only", ] # Components with these use categories are not required to specify the 'cpe' # and 'last_updated' annotation. USE_CATEGORIES_WITH_CPE_OPTIONAL = ["build", "other", "test_only"] DEPENDENCY_REPOSITORIES_SPEC = dict( bazel_compdb = dict( project_name = "bazel-compilation-database", project_desc = "Clang JSON compilation database support for Bazel", project_url = "https://github.com/grailbio/bazel-compilation-database", version = "0.4.5", sha256 = "bcecfd622c4ef272fd4ba42726a52e140b961c4eac23025f18b346c968a8cfb4", strip_prefix = "bazel-compilation-database-{version}", urls = ["https://github.com/grailbio/bazel-compilation-database/archive/{version}.tar.gz"], last_updated = "2020-08-01", use_category = ["build"], ), bazel_gazelle = dict( project_name = "Gazelle", project_desc = "Bazel BUILD file generator for Go projects", project_url = "https://github.com/bazelbuild/bazel-gazelle", version = "0.21.1", sha256 = "cdb02a887a7187ea4d5a27452311a75ed8637379a1287d8eeb952138ea485f7d", urls = ["https://github.com/bazelbuild/bazel-gazelle/releases/download/v{version}/bazel-gazelle-v{version}.tar.gz"], last_updated = "2020-05-28", use_category = ["build"], ), bazel_toolchains = dict( project_name = "bazel-toolchains", project_desc = "Bazel toolchain configs for RBE", project_url = "https://github.com/bazelbuild/bazel-toolchains", version = "3.4.1", sha256 = "7ebb200ed3ca3d1f7505659c7dfed01c4b5cb04c3a6f34140726fe22f5d35e86", strip_prefix = "bazel-toolchains-{version}", urls = [ "https://github.com/bazelbuild/bazel-toolchains/releases/download/{version}/bazel-toolchains-{version}.tar.gz", "https://mirror.bazel.build/github.com/bazelbuild/bazel-toolchains/archive/{version}.tar.gz", ], last_updated = "2020-08-10", use_category = ["build"], ), build_bazel_rules_apple = dict( project_name = "Apple Rules for Bazel", project_desc = "Bazel rules for Apple platforms", project_url = "https://github.com/bazelbuild/rules_apple", version = "0.19.0", sha256 = "7a7afdd4869bb201c9352eed2daf37294d42b093579b70423490c1b4d4f6ce42", urls = ["https://github.com/bazelbuild/rules_apple/releases/download/{version}/rules_apple.{version}.tar.gz"], last_updated = "2020-10-10", use_category = ["build"], ), envoy_build_tools = dict( project_name = "envoy-build-tools", project_desc = "Common build tools shared by the Envoy/UDPA ecosystem", project_url = "https://github.com/envoyproxy/envoy-build-tools", version = "0ba5aa98a6e6c5efcc63f53602f69548d2417683", sha256 = "dc3881d16e7b0c855a7279f5757d55e4aa55fe2befbd9e34215b971818622f9e", strip_prefix = "envoy-build-tools-{version}", urls = ["https://github.com/envoyproxy/envoy-build-tools/archive/{version}.tar.gz"], last_updated = "2020-10-01", use_category = ["build"], ), boringssl = dict( project_name = "BoringSSL", project_desc = "Minimal OpenSSL fork", project_url = "https://github.com/google/boringssl", version = "597b810379e126ae05d32c1d94b1a9464385acd0", sha256 = "1ea42456c020daf0a9b0f9e8d8bc3a403c9314f4f54230c617257af996cd5fa6", strip_prefix = "boringssl-{version}", # To update BoringSSL, which tracks Chromium releases: # 1. Open https://omahaproxy.appspot.com/ and note of linux/stable release. # 2. Open https://chromium.googlesource.com/chromium/src/+/refs/tags//DEPS and note . # 3. Find a commit in BoringSSL's "master-with-bazel" branch that merges . # # chromium-85.0.4183.83 urls = ["https://github.com/google/boringssl/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2020-06-23", cpe = "cpe:2.3:a:google:boringssl:*", ), boringssl_fips = dict( project_name = "BoringSSL (FIPS)", project_desc = "FIPS compliant BoringSSL", project_url = "https://boringssl.googlesource.com/boringssl/+/master/crypto/fipsmodule/FIPS.md", version = "fips-20190808", sha256 = "3b5fdf23274d4179c2077b5e8fa625d9debd7a390aac1d165b7e47234f648bb8", urls = ["https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-ae223d6138807a13006342edfeef32e813246b39.tar.xz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2019-08-08", cpe = "cpe:2.3:a:google:boringssl:*", ), com_google_absl = dict( project_name = "Abseil", project_desc = "Open source collection of C++ libraries drawn from the most fundamental pieces of Google’s internal codebase", project_url = "https://abseil.io/", version = "093cc27604df1c4a179b73bc3f00d4d1ce2ce113", sha256 = "55d33c75aff05a8c4a55bdf0eddad66c71a963107bc2add96cf8eb88ddb47a80", strip_prefix = "abseil-cpp-{version}", urls = ["https://github.com/abseil/abseil-cpp/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-10-01", cpe = "N/A", ), com_github_c_ares_c_ares = dict( project_name = "c-ares", project_desc = "C library for asynchronous DNS requests", project_url = "https://c-ares.haxx.se/", version = "1.16.1", sha256 = "d08312d0ecc3bd48eee0a4cc0d2137c9f194e0a28de2028928c0f6cae85f86ce", strip_prefix = "c-ares-{version}", urls = ["https://github.com/c-ares/c-ares/releases/download/cares-{underscore_version}/c-ares-{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-05-11", cpe = "cpe:2.3:a:c-ares_project:c-ares:*", ), com_github_circonus_labs_libcircllhist = dict( project_name = "libcircllhist", project_desc = "An implementation of Circonus log-linear histograms", project_url = "https://github.com/circonus-labs/libcircllhist", version = "63a16dd6f2fc7bc841bb17ff92be8318df60e2e1", sha256 = "8165aa25e529d7d4b9ae849d3bf30371255a99d6db0421516abcff23214cdc2c", strip_prefix = "libcircllhist-{version}", urls = ["https://github.com/circonus-labs/libcircllhist/archive/{version}.tar.gz"], use_category = ["controlplane", "observability_core", "dataplane_core"], last_updated = "2019-02-11", cpe = "N/A", ), com_github_cyan4973_xxhash = dict( project_name = "xxHash", project_desc = "Extremely fast hash algorithm", project_url = "https://github.com/Cyan4973/xxHash", version = "0.7.3", sha256 = "952ebbf5b11fbf59ae5d760a562d1e9112278f244340ad7714e8556cbe54f7f7", strip_prefix = "xxHash-{version}", urls = ["https://github.com/Cyan4973/xxHash/archive/v{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-03-04", cpe = "N/A", ), com_github_envoyproxy_sqlparser = dict( project_name = "C++ SQL Parser Library", project_desc = "Forked from Hyrise SQL Parser", project_url = "https://github.com/envoyproxy/sql-parser", version = "3b40ba2d106587bdf053a292f7e3bb17e818a57f", sha256 = "96c10c8e950a141a32034f19b19cdeb1da48fe859cf96ae5e19f894f36c62c71", strip_prefix = "sql-parser-{version}", urls = ["https://github.com/envoyproxy/sql-parser/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.filters.network.mysql_proxy", "envoy.filters.network.postgres_proxy", ], last_updated = "2020-06-10", cpe = "N/A", ), com_github_mirror_tclap = dict( project_name = "tclap", project_desc = "Small, flexible library that provides a simple interface for defining and accessing command line arguments", project_url = "http://tclap.sourceforge.net", version = "1-2-1", sha256 = "f0ede0721dddbb5eba3a47385a6e8681b14f155e1129dd39d1a959411935098f", strip_prefix = "tclap-tclap-{version}-release-final", urls = ["https://github.com/mirror/tclap/archive/tclap-{version}-release-final.tar.gz"], last_updated = "2017-11-10", use_category = ["other"], ), com_github_fmtlib_fmt = dict( project_name = "fmt", project_desc = "{fmt} is an open-source formatting library providing a fast and safe alternative to C stdio and C++ iostreams", project_url = "https://fmt.dev", version = "7.0.3", sha256 = "decfdf9ad274070fa85f26407b816f5a4d82205ae86bac1990be658d0795ea4d", strip_prefix = "fmt-{version}", urls = ["https://github.com/fmtlib/fmt/releases/download/{version}/fmt-{version}.zip"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-08-07", cpe = "cpe:2.3:a:fmt:fmt:*", ), com_github_gabime_spdlog = dict( project_name = "spdlog", project_desc = "Very fast, header-only/compiled, C++ logging library", project_url = "https://github.com/gabime/spdlog", version = "1.7.0", sha256 = "f0114a4d3c88be9e696762f37a7c379619443ce9d668546c61b21d41affe5b62", strip_prefix = "spdlog-{version}", urls = ["https://github.com/gabime/spdlog/archive/v{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-07-09", cpe = "N/A", ), com_github_google_libprotobuf_mutator = dict( project_name = "libprotobuf-mutator", project_desc = "Library to randomly mutate protobuffers", project_url = "https://github.com/google/libprotobuf-mutator", version = "8942a9ba43d8bb196230c321d46d6a137957a719", sha256 = "49a26dbe77c75f2eca1dd8a9fbdb31c4496d9af42df027ff57569c5a7a5d980d", strip_prefix = "libprotobuf-mutator-{version}", urls = ["https://github.com/google/libprotobuf-mutator/archive/{version}.tar.gz"], last_updated = "2020-08-18", use_category = ["test_only"], ), com_github_google_tcmalloc = dict( project_name = "tcmalloc", project_desc = "Fast, multi-threaded malloc implementation", project_url = "https://github.com/google/tcmalloc", version = "d1311bf409db47c3441d3de6ea07d768c6551dec", sha256 = "e22444b6544edd81f11c987dd5e482a2e00bbff717badb388779ca57525dad50", strip_prefix = "tcmalloc-{version}", urls = ["https://github.com/google/tcmalloc/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-09-16", cpe = "N/A", ), com_github_gperftools_gperftools = dict( project_name = "gperftools", project_desc = "tcmalloc and profiling libraries", project_url = "https://github.com/gperftools/gperftools", version = "2.8", sha256 = "240deacdd628b6459671b83eb0c4db8e97baadf659f25b92e9a078d536bd513e", strip_prefix = "gperftools-{version}", urls = ["https://github.com/gperftools/gperftools/releases/download/gperftools-{version}/gperftools-{version}.tar.gz"], last_updated = "2020-07-06", use_category = ["dataplane_core", "controlplane"], cpe = "cpe:2.3:a:gperftools_project:gperftools:*", ), com_github_grpc_grpc = dict( project_name = "gRPC", project_desc = "gRPC C core library", project_url = "https://grpc.io", # TODO(JimmyCYJ): Bump to release 1.27 # This sha on grpc:v1.25.x branch is specifically chosen to fix gRPC STS call credential options. version = "d8f4928fa779f6005a7fe55a176bdb373b0f910f", sha256 = "bbc8f020f4e85ec029b047fab939b8c81f3d67254b5c724e1003a2bc49ddd123", strip_prefix = "grpc-{version}", urls = ["https://github.com/grpc/grpc/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-02-11", cpe = "cpe:2.3:a:grpc:grpc:*", ), com_github_luajit_luajit = dict( project_name = "LuaJIT", project_desc = "Just-In-Time compiler for Lua", project_url = "https://luajit.org", version = "2.1.0-beta3", sha256 = "409f7fe570d3c16558e594421c47bdd130238323c9d6fd6c83dedd2aaeb082a8", strip_prefix = "LuaJIT-{version}", urls = ["https://github.com/LuaJIT/LuaJIT/archive/v{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.filters.http.lua"], last_updated = "2017-11-07", cpe = "cpe:2.3:a:luajit:luajit:*", ), com_github_moonjit_moonjit = dict( project_name = "Moonjit", project_desc = "LuaJIT fork with wider platform support", project_url = "https://github.com/moonjit/moonjit", version = "2.2.0", sha256 = "83deb2c880488dfe7dd8ebf09e3b1e7613ef4b8420de53de6f712f01aabca2b6", strip_prefix = "moonjit-{version}", urls = ["https://github.com/moonjit/moonjit/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.filters.http.lua"], last_updated = "2020-01-14", cpe = "cpe:2.3:a:moonjit_project:moonjit:*", ), com_github_nghttp2_nghttp2 = dict( project_name = "Nghttp2", project_desc = "Implementation of HTTP/2 and its header compression algorithm HPACK in Cimplementation of HTTP/2 and its header compression algorithm HPACK in C", project_url = "https://nghttp2.org", version = "1.41.0", sha256 = "eacc6f0f8543583ecd659faf0a3f906ed03826f1d4157b536b4b385fe47c5bb8", strip_prefix = "nghttp2-{version}", urls = ["https://github.com/nghttp2/nghttp2/releases/download/v{version}/nghttp2-{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2020-06-02", cpe = "cpe:2.3:a:nghttp2:nghttp2:*", ), io_opentracing_cpp = dict( project_name = "OpenTracing", project_desc = "Vendor-neutral APIs and instrumentation for distributed tracing", project_url = "https://opentracing.io", version = "1.5.1", sha256 = "015c4187f7a6426a2b5196f0ccd982aa87f010cf61f507ae3ce5c90523f92301", strip_prefix = "opentracing-cpp-{version}", urls = ["https://github.com/opentracing/opentracing-cpp/archive/v{version}.tar.gz"], use_category = ["observability_ext"], extensions = [ "envoy.tracers.datadog", "envoy.tracers.dynamic_ot", "envoy.tracers.lightstep", ], last_updated = "2019-01-16", cpe = "N/A", ), com_lightstep_tracer_cpp = dict( project_name = "lightstep-tracer-cpp", project_desc = "LightStep distributed tracing library for C++", project_url = "https://github.com/lightstep/lightstep-tracer-cpp", version = "1942b3f142e218ebc143a043f32e3278dafec9aa", sha256 = "3238921a8f578beb26c2215cd277e8f6752f3d29b020b881d60d96a240a38aed", strip_prefix = "lightstep-tracer-cpp-{version}", urls = ["https://github.com/lightstep/lightstep-tracer-cpp/archive/{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.lightstep"], last_updated = "2020-08-24", cpe = "N/A", ), com_github_datadog_dd_opentracing_cpp = dict( project_name = "Datadog OpenTracing C++ Client", project_desc = "Datadog OpenTracing C++ Client", project_url = "https://github.com/DataDog/dd-opentracing-cpp", version = "1.1.5", sha256 = "b84fd2fb0bb0578af4901db31d1c0ae909b532a1016fe6534cbe31a6c3ad6924", strip_prefix = "dd-opentracing-cpp-{version}", urls = ["https://github.com/DataDog/dd-opentracing-cpp/archive/v{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.datadog"], last_updated = "2020-05-15", cpe = "N/A", ), com_github_google_benchmark = dict( project_name = "Benchmark", project_desc = "Library to benchmark code snippets", project_url = "https://github.com/google/benchmark", version = "1.5.1", sha256 = "23082937d1663a53b90cb5b61df4bcc312f6dee7018da78ba00dd6bd669dfef2", strip_prefix = "benchmark-{version}", urls = ["https://github.com/google/benchmark/archive/v{version}.tar.gz"], use_category = ["test_only"], last_updated = "2020-06-09", ), com_github_libevent_libevent = dict( project_name = "libevent", project_desc = "Event notification library", project_url = "https://libevent.org", # This SHA includes the new "prepare" and "check" watchers, used for event loop performance # stats (see https://github.com/libevent/libevent/pull/793) and the fix for a race condition # in the watchers (see https://github.com/libevent/libevent/pull/802). # This also includes the fixes for https://github.com/libevent/libevent/issues/806 # and https://github.com/lyft/envoy-mobile/issues/215. # This also includes the fixes for Phantom events with EV_ET (see # https://github.com/libevent/libevent/issues/984). # This also includes the wepoll backend for Windows (see # https://github.com/libevent/libevent/pull/1006) # TODO(adip): Update to v2.2 when it is released. version = "62c152d9a7cd264b993dad730c4163c6ede2e0a3", sha256 = "4c80e5fe044ce5f8055b20a2f141ee32ec2614000f3e95d2aa81611a4c8f5213", strip_prefix = "libevent-{version}", urls = ["https://github.com/libevent/libevent/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-07-31", cpe = "cpe:2.3:a:libevent_project:libevent:*", ), # This should be removed, see https://github.com/envoyproxy/envoy/issues/13261. net_zlib = dict( project_name = "zlib", project_desc = "zlib compression library", project_url = "https://zlib.net", version = "79baebe50e4d6b73ae1f8b603f0ef41300110aa3", # Use the dev branch of zlib to resolve fuzz bugs and out of bound # errors resulting in crashes in zlib 1.2.11. # TODO(asraa): Remove when zlib > 1.2.11 is released. sha256 = "155a8f8c1a753fb05b16a1b0cc0a0a9f61a78e245f9e0da483d13043b3bcbf2e", strip_prefix = "zlib-{version}", urls = ["https://github.com/madler/zlib/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2019-04-14", cpe = "cpe:2.3:a:gnu:zlib:*", ), com_github_zlib_ng_zlib_ng = dict( project_name = "zlib-ng", project_desc = "zlib fork (higher performance)", project_url = "https://github.com/zlib-ng/zlib-ng", version = "193d8fd7dfb7927facab7a3034daa27ad5b9df1c", sha256 = "5fe543e8d007b9e7b729f3d6b3a5ee1f9b68d0eef5f6af1393745a4dcd472a98", strip_prefix = "zlib-ng-{version}", urls = ["https://github.com/zlib-ng/zlib-ng/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2020-08-16", cpe = "N/A", ), com_github_jbeder_yaml_cpp = dict( project_name = "yaml-cpp", project_desc = "YAML parser and emitter in C++ matching the YAML 1.2 spec", project_url = "https://github.com/jbeder/yaml-cpp", version = "98acc5a8874faab28b82c28936f4b400b389f5d6", sha256 = "79ab7069ef1c7c3632e7ffe095f7185d4c77b64d8035db3c085c239d4fe96d5f", strip_prefix = "yaml-cpp-{version}", urls = ["https://github.com/jbeder/yaml-cpp/archive/{version}.tar.gz"], # YAML is also used for runtime as well as controlplane. It shouldn't appear on the # dataplane but we can't verify this automatically due to code structure today. use_category = ["controlplane", "dataplane_core"], last_updated = "2020-07-28", cpe = "cpe:2.3:a:yaml-cpp_project:yaml-cpp:*", ), com_github_msgpack_msgpack_c = dict( project_name = "msgpack for C/C++", project_desc = "MessagePack is an efficient binary serialization format", project_url = "https://github.com/msgpack/msgpack-c", version = "3.3.0", sha256 = "6e114d12a5ddb8cb11f669f83f32246e484a8addd0ce93f274996f1941c1f07b", strip_prefix = "msgpack-{version}", urls = ["https://github.com/msgpack/msgpack-c/releases/download/cpp-{version}/msgpack-{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.datadog"], last_updated = "2020-06-05", cpe = "N/A", ), com_github_google_jwt_verify = dict( project_name = "jwt_verify_lib", project_desc = "JWT verification library for C++", project_url = "https://github.com/google/jwt_verify_lib", version = "7276a339af8426724b744216f619c99152f8c141", sha256 = "f1fde4f3ebb3b2d841332c7a02a4b50e0529a19709934c63bc6208d1bbe28fb1", strip_prefix = "jwt_verify_lib-{version}", urls = ["https://github.com/google/jwt_verify_lib/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.filters.http.jwt_authn"], last_updated = "2020-07-09", cpe = "N/A", ), com_github_nodejs_http_parser = dict( project_name = "HTTP Parser", project_desc = "Parser for HTTP messages written in C", project_url = "https://github.com/nodejs/http-parser", # This SHA includes fix for https://github.com/nodejs/http-parser/issues/517 which allows (opt-in) to serve # requests with both Content-Legth and Transfer-Encoding: chunked headers set. version = "4f15b7d510dc7c6361a26a7c6d2f7c3a17f8d878", sha256 = "6a12896313ce1ca630cf516a0ee43a79b5f13f5a5d8143f56560ac0b21c98fac", strip_prefix = "http-parser-{version}", urls = ["https://github.com/nodejs/http-parser/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2020-07-10", cpe = "cpe:2.3:a:nodejs:node.js:*", ), com_github_tencent_rapidjson = dict( project_name = "RapidJSON", project_desc = "Fast JSON parser/generator for C++", project_url = "https://rapidjson.org", version = "dfbe1db9da455552f7a9ad5d2aea17dd9d832ac1", sha256 = "a2faafbc402394df0fa94602df4b5e4befd734aad6bb55dfef46f62fcaf1090b", strip_prefix = "rapidjson-{version}", urls = ["https://github.com/Tencent/rapidjson/archive/{version}.tar.gz"], # We're mostly using com_google_protobuf for JSON, but there are some extensions and hard to # disentangle uses on the dataplane, e.g. header_formatter, Squash filter. use_category = ["controlplane", "dataplane_core"], last_updated = "2019-12-02", cpe = "cpe:2.3:a:tencent:rapidjson:*", ), com_github_twitter_common_lang = dict( project_name = "twitter.common.lang (Thrift)", project_desc = "twitter.common Python language and compatibility facilities", project_url = "https://pypi.org/project/twitter.common.lang", version = "0.3.9", sha256 = "56d1d266fd4767941d11c27061a57bc1266a3342e551bde3780f9e9eb5ad0ed1", strip_prefix = "twitter.common.lang-{version}/src", urls = ["https://files.pythonhosted.org/packages/08/bc/d6409a813a9dccd4920a6262eb6e5889e90381453a5f58938ba4cf1d9420/twitter.common.lang-{version}.tar.gz"], last_updated = "2018-06-26", use_category = ["test_only"], ), com_github_twitter_common_rpc = dict( project_name = "twitter.common.rpc (Thrift)", project_desc = "twitter.common Thrift helpers including Finagle and SSL transports", project_url = "https://pypi.org/project/twitter.common.rpc", version = "0.3.9", sha256 = "0792b63fb2fb32d970c2e9a409d3d00633190a22eb185145fe3d9067fdaa4514", strip_prefix = "twitter.common.rpc-{version}/src", urls = ["https://files.pythonhosted.org/packages/be/97/f5f701b703d0f25fbf148992cd58d55b4d08d3db785aad209255ee67e2d0/twitter.common.rpc-{version}.tar.gz"], last_updated = "2018-06-26", use_category = ["test_only"], ), com_github_twitter_common_finagle_thrift = dict( project_name = "twitter.common.finagle-thrift", project_desc = "twitter.common Thrift stubs for Zipkin RPC tracing support in Finagle", project_url = "https://pypi.org/project/twitter.common.finagle-thrift", version = "0.3.9", sha256 = "1e3a57d11f94f58745e6b83348ecd4fa74194618704f45444a15bc391fde497a", strip_prefix = "twitter.common.finagle-thrift-{version}/src", urls = ["https://files.pythonhosted.org/packages/f9/e7/4f80d582578f8489226370762d2cf6bc9381175d1929eba1754e03f70708/twitter.common.finagle-thrift-{version}.tar.gz"], last_updated = "2018-06-26", use_category = ["test_only"], ), com_google_googletest = dict( project_name = "Google Test", project_desc = "Google's C++ test framework", project_url = "https://github.com/google/googletest", # Pick up fix for MOCK_METHOD compilation with clang-cl for Windows (resolved after 1.10.0) # see https://github.com/google/googletest/issues/2490 version = "a4ab0abb93620ce26efad9de9296b73b16e88588", sha256 = "7897bfaa5ad39a479177cfb5c3ce010184dbaee22a7c3727b212282871918751", strip_prefix = "googletest-{version}", urls = ["https://github.com/google/googletest/archive/{version}.tar.gz"], last_updated = "2020-09-10", use_category = ["test_only"], ), com_google_protobuf = dict( project_name = "Protocol Buffers", project_desc = "Language-neutral, platform-neutral extensible mechanism for serializing structured data", project_url = "https://developers.google.com/protocol-buffers", version = "3.10.1", sha256 = "d7cfd31620a352b2ee8c1ed883222a0d77e44346643458e062e86b1d069ace3e", strip_prefix = "protobuf-{version}", urls = ["https://github.com/protocolbuffers/protobuf/releases/download/v{version}/protobuf-all-{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], last_updated = "2020-10-24", cpe = "cpe:2.3:a:google:protobuf:*", ), grpc_httpjson_transcoding = dict( project_name = "grpc-httpjson-transcoding", project_desc = "Library that supports transcoding so that HTTP/JSON can be converted to gRPC", project_url = "https://github.com/grpc-ecosystem/grpc-httpjson-transcoding", version = "faf8af1e9788cd4385b94c8f85edab5ea5d4b2d6", sha256 = "62c8cb5ea2cca1142cde9d4a0778c52c6022345c3268c60ef81666946b958ad5", strip_prefix = "grpc-httpjson-transcoding-{version}", urls = ["https://github.com/grpc-ecosystem/grpc-httpjson-transcoding/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.filters.http.grpc_json_transcoder"], last_updated = "2020-03-02", cpe = "N/A", ), io_bazel_rules_go = dict( project_name = "Go rules for Bazel", project_desc = "Bazel rules for the Go language", project_url = "https://github.com/bazelbuild/rules_go", version = "0.23.7", sha256 = "0310e837aed522875791750de44408ec91046c630374990edd51827cb169f616", urls = ["https://github.com/bazelbuild/rules_go/releases/download/v{version}/rules_go-v{version}.tar.gz"], use_category = ["build"], last_updated = "2020-08-06", ), rules_cc = dict( project_name = "C++ rules for Bazel", project_desc = "Bazel rules for the C++ language", project_url = "https://github.com/bazelbuild/rules_cc", # TODO(lizan): pin to a point releases when there's a released version. version = "818289e5613731ae410efb54218a4077fb9dbb03", sha256 = "9d48151ea71b3e225adfb6867e6d2c7d0dce46cbdc8710d9a9a628574dfd40a0", strip_prefix = "rules_cc-{version}", urls = ["https://github.com/bazelbuild/rules_cc/archive/{version}.tar.gz"], last_updated = "2020-05-13", use_category = ["build"], ), rules_foreign_cc = dict( project_name = "Rules for using foreign build systems in Bazel", project_desc = "Rules for using foreign build systems in Bazel", project_url = "https://github.com/bazelbuild/rules_foreign_cc", version = "594bf4d7731e606a705f3ad787dd0a70c5a28b30", sha256 = "2b1cf88de0b6e0195f6571cfde3a5bd406d11b42117d6adef2395c9525a1902e", strip_prefix = "rules_foreign_cc-{version}", urls = ["https://github.com/bazelbuild/rules_foreign_cc/archive/{version}.tar.gz"], last_updated = "2020-08-21", use_category = ["build"], ), rules_python = dict( project_name = "Python rules for Bazel", project_desc = "Bazel rules for the Python language", project_url = "https://github.com/bazelbuild/rules_python", # TODO(htuch): revert back to a point releases when pip3_import appears. version = "a0fbf98d4e3a232144df4d0d80b577c7a693b570", sha256 = "76a8fd4e7eca2a3590f816958faa0d83c9b2ce9c32634c5c375bcccf161d3bb5", strip_prefix = "rules_python-{version}", urls = ["https://github.com/bazelbuild/rules_python/archive/{version}.tar.gz"], last_updated = "2020-04-09", use_category = ["build"], ), six = dict( project_name = "Six", project_desc = "Python 2 and 3 compatibility library", project_url = "https://pypi.org/project/six", version = "1.12.0", sha256 = "d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73", urls = ["https://files.pythonhosted.org/packages/dd/bf/4138e7bfb757de47d1f4b6994648ec67a51efe58fa907c1e11e350cddfca/six-{version}.tar.gz"], last_updated = "2019-11-17", use_category = ["other"], ), org_llvm_llvm = dict( project_name = "LLVM", project_desc = "LLVM Compiler Infrastructure", project_url = "https://llvm.org", version = "10.0", sha256 = "df83a44b3a9a71029049ec101fb0077ecbbdf5fe41e395215025779099a98fdf", strip_prefix = "llvm-{version}.0.src", urls = ["https://github.com/llvm/llvm-project/releases/download/llvmorg-{version}.0/llvm-{version}.0.src.tar.xz"], last_updated = "2020-03-24", use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], cpe = "N/A", ), com_github_wavm_wavm = dict( project_name = "WAVM", project_desc = "WebAssembly Virtual Machine", project_url = "https://wavm.github.io", version = "e8155f1f3af88b4d08802716a7054950ef18d827", sha256 = "cc3fcaf05d57010c9cf8eb920234679dede6c780137b55001fd34e4d14806f7c", strip_prefix = "WAVM-{version}", urls = ["https://github.com/WAVM/WAVM/archive/{version}.tar.gz"], last_updated = "2020-07-06", use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], cpe = "N/A", ), io_opencensus_cpp = dict( project_name = "OpenCensus C++", project_desc = "OpenCensus tracing library", project_url = "https://github.com/census-instrumentation/opencensus-cpp", version = "7877337633466358ed680f9b26967da5b310d7aa", sha256 = "12ff300fa804f97bd07e2ff071d969e09d5f3d7bbffeac438c725fa52a51a212", strip_prefix = "opencensus-cpp-{version}", urls = ["https://github.com/census-instrumentation/opencensus-cpp/archive/{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.opencensus"], last_updated = "2020-06-01", cpe = "N/A", ), # This should be removed, see https://github.com/envoyproxy/envoy/issues/11816. com_github_curl = dict( project_name = "curl", project_desc = "Library for transferring data with URLs", project_url = "https://curl.haxx.se", version = "7.72.0", sha256 = "d4d5899a3868fbb6ae1856c3e55a32ce35913de3956d1973caccd37bd0174fa2", strip_prefix = "curl-{version}", urls = ["https://github.com/curl/curl/releases/download/curl-{underscore_version}/curl-{version}.tar.gz"], use_category = ["dataplane_ext", "observability_ext"], extensions = [ "envoy.filters.http.aws_lambda", "envoy.filters.http.aws_request_signing", "envoy.grpc_credentials.aws_iam", "envoy.tracers.opencensus", ], last_updated = "2020-08-19", cpe = "cpe:2.3:a:haxx:curl:*", ), com_googlesource_chromium_v8 = dict( project_name = "V8", project_desc = "Google’s open source high-performance JavaScript and WebAssembly engine, written in C++", project_url = "https://v8.dev", version = "8.5.210.20", # This archive was created using https://storage.googleapis.com/envoyproxy-wee8/wee8-archive.sh # and contains complete checkout of V8 with all dependencies necessary to build wee8. sha256 = "ef404643d7da6854b76b9fb9950a79a1acbd037b7a26f02c585ac379b0f7dee1", urls = ["https://storage.googleapis.com/envoyproxy-wee8/wee8-{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-08-31", cpe = "cpe:2.3:a:google:v8:*", ), com_googlesource_quiche = dict( project_name = "QUICHE", project_desc = "QUICHE (QUIC, HTTP/2, Etc) is Google‘s implementation of QUIC and related protocols", project_url = "https://quiche.googlesource.com/quiche", # Static snapshot of https://quiche.googlesource.com/quiche/+archive/f555d99a084cdd086a349548c70fb558ac5847cf.tar.gz version = "f555d99a084cdd086a349548c70fb558ac5847cf", sha256 = "1833f08e7b0f18b49d7498b029b7f3e6559a82113ec82a98a9e945553756e351", urls = ["https://storage.googleapis.com/quiche-envoy-integration/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.transport_sockets.quic"], last_updated = "2020-09-18", cpe = "N/A", ), com_googlesource_googleurl = dict( project_name = "Chrome URL parsing library", project_desc = "Chrome URL parsing library", project_url = "https://quiche.googlesource.com/googleurl", # Static snapshot of https://quiche.googlesource.com/quiche/+archive/ef0d23689e240e6c8de4c3a5296b209128c87373.tar.gz. version = "ef0d23689e240e6c8de4c3a5296b209128c87373", sha256 = "d769283fed1319bca68bae8bdd47fbc3a7933999329eee850eff1f1ea61ce176", urls = ["https://storage.googleapis.com/quiche-envoy-integration/googleurl_{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [], last_updated = "2020-08-05", cpe = "N/A", ), com_google_cel_cpp = dict( project_name = "Common Expression Language (CEL) C++ library", project_desc = "Common Expression Language (CEL) C++ library", project_url = "https://opensource.google/projects/cel", version = "b9453a09b28a1531c4917e8792b3ea61f6b1a447", sha256 = "cad7d01139947d78e413d112cb8f7431fbb33cf66b0adf9c280824803fc2a72e", strip_prefix = "cel-cpp-{version}", urls = ["https://github.com/google/cel-cpp/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.rbac", "envoy.filters.http.wasm", "envoy.filters.network.rbac", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-14", cpe = "N/A", ), com_github_google_flatbuffers = dict( project_name = "FlatBuffers", project_desc = "Cross platform serialization library architected for maximum memory efficiency", project_url = "https://github.com/google/flatbuffers", version = "a83caf5910644ba1c421c002ef68e42f21c15f9f", sha256 = "b8efbc25721e76780752bad775a97c3f77a0250271e2db37fc747b20e8b0f24a", strip_prefix = "flatbuffers-{version}", urls = ["https://github.com/google/flatbuffers/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-29", cpe = "N/A", ), com_googlesource_code_re2 = dict( project_name = "RE2", project_desc = "RE2, a regular expression library", project_url = "https://github.com/google/re2", version = "2020-07-06", sha256 = "2e9489a31ae007c81e90e8ec8a15d62d58a9c18d4fd1603f6441ef248556b41f", strip_prefix = "re2-{version}", urls = ["https://github.com/google/re2/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], last_updated = "2020-07-06", cpe = "N/A", ), # Included to access FuzzedDataProvider.h. This is compiler agnostic but # provided as part of the compiler-rt source distribution. We can't use the # Clang variant as we are not a Clang-LLVM only shop today. org_llvm_releases_compiler_rt = dict( project_name = "compiler-rt", project_desc = "LLVM compiler runtime library", project_url = "https://compiler-rt.llvm.org", version = "10.0.0", sha256 = "6a7da64d3a0a7320577b68b9ca4933bdcab676e898b759850e827333c3282c75", # Only allow peeking at fuzzer related files for now. strip_prefix = "compiler-rt-{version}.src", urls = ["https://github.com/llvm/llvm-project/releases/download/llvmorg-{version}/compiler-rt-{version}.src.tar.xz"], last_updated = "2020-03-24", use_category = ["test_only"], ), upb = dict( project_name = "upb", project_desc = "A small protobuf implementation in C (gRPC dependency)", project_url = "https://github.com/protocolbuffers/upb", version = "8a3ae1ef3e3e3f26b45dec735c5776737fc7247f", sha256 = "e9f281c56ab1eb1f97a80ca8a83bb7ef73d230eabb8591f83876f4e7b85d9b47", strip_prefix = "upb-{version}", urls = ["https://github.com/protocolbuffers/upb/archive/{version}.tar.gz"], use_category = ["controlplane"], last_updated = "2019-11-19", cpe = "N/A", ), kafka_source = dict( project_name = "Kafka (source)", project_desc = "Open-source distributed event streaming platform", project_url = "https://kafka.apache.org", version = "2.4.1", sha256 = "740236f44d66e33ea83382383b4fb7eabdab7093a644b525dd5ec90207f933bd", strip_prefix = "kafka-{version}/clients/src/main/resources/common/message", urls = ["https://github.com/apache/kafka/archive/{version}.zip"], use_category = ["dataplane_ext"], extensions = ["envoy.filters.network.kafka_broker"], last_updated = "2020-08-26", cpe = "cpe:2.3:a:apache:kafka:*", ), kafka_server_binary = dict( project_name = "Kafka (server binary)", project_desc = "Open-source distributed event streaming platform", project_url = "https://kafka.apache.org", version = "2.4.1", sha256 = "2177cbd14118999e1d76fec628ca78ace7e6f841219dbc6035027c796bbe1a2a", strip_prefix = "kafka_2.12-{version}", urls = ["https://mirrors.gigenet.com/apache/kafka/{version}/kafka_2.12-{version}.tgz"], last_updated = "2020-08-26", use_category = ["test_only"], ), kafka_python_client = dict( project_name = "Kafka (Python client)", project_desc = "Open-source distributed event streaming platform", project_url = "https://kafka.apache.org", version = "2.0.1", sha256 = "05f7c6eecb402f11fcb7e524c903f1ba1c38d3bdc9bf42bc8ec3cf7567b9f979", strip_prefix = "kafka-python-{version}", urls = ["https://github.com/dpkp/kafka-python/archive/{version}.tar.gz"], last_updated = "2020-08-26", use_category = ["test_only"], ), proxy_wasm_cpp_sdk = dict( project_name = "WebAssembly for Proxies (C++ SDK)", project_desc = "WebAssembly for Proxies (C++ SDK)", project_url = "https://github.com/proxy-wasm/proxy-wasm-cpp-sdk", version = "7afb39d868a973caa6216a535c24e37fb666b6f3", sha256 = "213d0b441bcc3df2c87933b24a593b5fd482fa8f4db158b707c60005b9e70040", strip_prefix = "proxy-wasm-cpp-sdk-{version}", # 2020-09-10 urls = ["https://github.com/proxy-wasm/proxy-wasm-cpp-sdk/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-29", cpe = "N/A", ), proxy_wasm_cpp_host = dict( project_name = "WebAssembly for Proxies (C++ host implementation)", project_desc = "WebAssembly for Proxies (C++ host implementation)", project_url = "https://github.com/proxy-wasm/proxy-wasm-cpp-host", # 2020-09-10 version = "49ed20e895b728aae6b811950a2939ecbaf76f7c", sha256 = "fa03293d01450b9164f8f56ef9227301f7d1af4f373f996400f75c93f6ebc822", strip_prefix = "proxy-wasm-cpp-host-{version}", urls = ["https://github.com/proxy-wasm/proxy-wasm-cpp-host/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-29", cpe = "N/A", ), # TODO: upgrade to the latest version (1.41 currently fails tests) emscripten_toolchain = dict( project_name = "Emscripten SDK", project_desc = "Emscripten SDK (use by Wasm)", project_url = "https://github.com/emscripten-core/emsdk", version = "1.39", sha256 = "4ac0f1f3de8b3f1373d435cd7e58bd94de4146e751f099732167749a229b443b", patch_cmds = [ "[[ \"$(uname -m)\" == \"x86_64\" ]] && ./emsdk install 1.39.6-upstream && ./emsdk activate --embedded 1.39.6-upstream || true", ], strip_prefix = "emsdk-{version}.6", urls = ["https://github.com/emscripten-core/emsdk/archive/{version}.6.tar.gz"], use_category = ["build"], last_updated = "2020-07-29", ), io_bazel_rules_rust = dict( project_name = "Bazel rust rules", project_desc = "Bazel rust rules (used by Wasm)", project_url = "https://github.com/bazelbuild/rules_rust", version = "fda9a1ce6482973adfda022cadbfa6b300e269c3", sha256 = "484a2b2b67cd2d1fa1054876de7f8d291c4b203fd256bc8cbea14d749bb864ce", # Last commit where "out_binary = True" works. # See: https://github.com/bazelbuild/rules_rust/issues/386 strip_prefix = "rules_rust-{version}", urls = ["https://github.com/bazelbuild/rules_rust/archive/{version}.tar.gz"], use_category = ["build"], last_updated = "2020-07-29", ), rules_antlr = dict( project_name = "ANTLR Rules for Bazel", project_desc = "Bazel rules for ANTLR", project_url = "https://github.com/marcohu/rules_antlr", version = "3cc2f9502a54ceb7b79b37383316b23c4da66f9a", sha256 = "7249d1569293d9b239e23c65f6b4c81a07da921738bde0dfeb231ed98be40429", strip_prefix = "rules_antlr-{version}", urls = ["https://github.com/marcohu/rules_antlr/archive/{version}.tar.gz"], # This should be "build", but that trips the verification in the docs. use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-29", cpe = "N/A", ), antlr4_runtimes = dict( project_name = "ANTLR v4", project_desc = "ANTLR (ANother Tool for Language Recognition) is a powerful parser generator for reading, processing, executing, or translating structured text or binary files", project_url = "https://github.com/antlr/antlr4", version = "4.7.1", sha256 = "4d0714f441333a63e50031c9e8e4890c78f3d21e053d46416949803e122a6574", strip_prefix = "antlr4-{version}", urls = ["https://github.com/antlr/antlr4/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = [ "envoy.access_loggers.wasm", "envoy.bootstrap.wasm", "envoy.filters.http.wasm", "envoy.filters.network.wasm", "envoy.stat_sinks.wasm", ], last_updated = "2020-07-29", cpe = "N/A", ), ) def _format_version(s, version): return s.format(version = version, dash_version = version.replace(".", "-"), underscore_version = version.replace(".", "_")) # Interpolate {version} in the above dependency specs. This code should be capable of running in both Python # and Starlark. def _dependency_repositories(): locations = {} for key, location in DEPENDENCY_REPOSITORIES_SPEC.items(): mutable_location = dict(location) locations[key] = mutable_location # Fixup with version information. if "version" in location: if "strip_prefix" in location: mutable_location["strip_prefix"] = _format_version(location["strip_prefix"], location["version"]) mutable_location["urls"] = [_format_version(url, location["version"]) for url in location["urls"]] return locations DEPENDENCY_REPOSITORIES = _dependency_repositories() ================================================ FILE: bazel/rules_go.patch ================================================ # # Bazel RBE on Windows GCP workers currently will not invoke cmd.exe batch files correctly # # Symptom is program not found 'bazel-out', because of the way that the CreateProcess command # is constructed by bazel with actions.run with forward slashes, e.g. the command # cmd.exe /c "bazel-out/host/bin/external/go_sdk/builder.exe.bat" # where cmd.exe on GCP is treating 'bazel-out' as the target, and /host as a command line switch. # This problem was not observed on Azure CI pipelines or locally by the developers. The eventual # fix is not specific to rules_go; this patch simply addresses immediate breakage and can be removed # once the underlying issue within Bazel/RBE is fixed. # See: # - https://github.com/bazelbuild/rules_go/pull/2542 # - https://github.com/envoyproxy/envoy/issues/11657 # diff --git a/go/private/rules/binary.bzl b/go/private/rules/binary.bzl index b88dfd96..e68b5ece 100644 --- a/go/private/rules/binary.bzl +++ b/go/private/rules/binary.bzl @@ -128,8 +128,9 @@ def _go_tool_binary_impl(ctx): content = cmd, ) ctx.actions.run( - executable = bat, - inputs = sdk.libs + sdk.headers + sdk.tools + ctx.files.srcs + [sdk.go], + executable = "cmd.exe", + arguments = ["/S", "/C", bat.path.replace("/", "\\")], + inputs = sdk.libs + sdk.headers + sdk.tools + ctx.files.srcs + [sdk.go, bat], outputs = [cout], env = {"GOROOT": sdk.root_file.dirname}, # NOTE(#2005): avoid realpath in sandbox mnemonic = "GoToolchainBinaryCompile", ================================================ FILE: bazel/setup_clang.sh ================================================ #!/bin/bash BAZELRC_FILE="${BAZELRC_FILE:-$(bazel info workspace)/clang.bazelrc}" LLVM_PREFIX=$1 if [[ ! -e "${LLVM_PREFIX}/bin/llvm-config" ]]; then echo "Error: cannot find llvm-config in ${LLVM_PREFIX}." exit 1 fi PATH="$("${LLVM_PREFIX}"/bin/llvm-config --bindir):${PATH}" export PATH RT_LIBRARY_PATH="$(dirname "$(find "$(llvm-config --libdir)" -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)")" echo "# Generated file, do not edit. If you want to disable clang, just delete this file. build:clang --action_env='PATH=${PATH}' build:clang --action_env=CC=clang build:clang --action_env=CXX=clang++ build:clang --action_env='LLVM_CONFIG=${LLVM_PREFIX}/bin/llvm-config' build:clang --repo_env='LLVM_CONFIG=${LLVM_PREFIX}/bin/llvm-config' build:clang --linkopt='-L$(llvm-config --libdir)' build:clang --linkopt='-Wl,-rpath,$(llvm-config --libdir)' build:clang-asan --action_env=ENVOY_UBSAN_VPTR=1 build:clang-asan --copt=-fsanitize=vptr,function build:clang-asan --linkopt=-fsanitize=vptr,function build:clang-asan --linkopt='-L${RT_LIBRARY_PATH}' build:clang-asan --linkopt=-l:libclang_rt.ubsan_standalone-x86_64.a build:clang-asan --linkopt=-l:libclang_rt.ubsan_standalone_cxx-x86_64.a " > "${BAZELRC_FILE}" ================================================ FILE: bazel/setup_local_tsan.sh ================================================ #!/bin/bash BAZELRC_FILE="${BAZELRC_FILE:-$(bazel info workspace)/local_tsan.bazelrc}" LIBCXX_PREFIX=$1 if [[ ! -e "${LIBCXX_PREFIX}/lib" ]]; then echo "Error: cannot find /lib in ${LIBCXX_PREFIX}." exit 1 fi echo "# Generated file, do not edit. Delete this file if you no longer use local tsan-instrumented libc++ build:local-tsan --config=libc++ build:local-tsan --config=clang-tsan build:local-tsan --linkopt=-L${LIBCXX_PREFIX}/lib build:local-tsan --linkopt=-Wl,-rpath,${LIBCXX_PREFIX}/lib " > "${BAZELRC_FILE}" ================================================ FILE: bazel/sh_test_wrapper.sh ================================================ #!/bin/bash # Dummy shell implementation for nooping tests. # TODO(lizan): remove when we have a solution for # https://github.com/bazelbuild/bazel/issues/3510 cd "$(dirname "$0")" || exit 1 if [ $# -gt 0 ]; then "./${1}" "${@:2}" fi ================================================ FILE: bazel/tclap-win64-ull-sizet.patch ================================================ diff --git a/include/tclap/StandardTraits.h b/include/tclap/StandardTraits.h index 46d7f6f..117057b 100644 --- a/include/tclap/StandardTraits.h +++ b/include/tclap/StandardTraits.h @@ -123,8 +123,9 @@ struct ArgTraits { typedef ValueLike ValueCategory; }; -// Microsoft implements size_t awkwardly. -#if defined(_MSC_VER) && defined(_M_X64) +// Microsoft implements size_t awkwardly. +// Studio 2005 introduces unsigned long long, which conflicts with the size_t template +#if defined(_MSC_VER) && (_MSC_VER < 1400) && defined(_M_X64) /** * size_ts have value-like semantics. */ ================================================ FILE: bazel/test/BUILD ================================================ licenses(["notice"]) # Apache 2 exports_files(["verify_tap_test.sh"]) ================================================ FILE: bazel/test/verify_tap_test.sh ================================================ #!/bin/bash set -ex # Clear existing tap directory if previous run wasn't in sandbox rm -rf tap mkdir -p tap TAP_TMP="$(realpath tap)" TAP_PATH="${TAP_TMP}/tap" "$@" # TODO(htuch): Check for pcap, now CI (with or without RBE) does have # enough capabilities. # Verify that some pb_text files have been created. ls -l "${TAP_TMP}"/tap_*.pb_text > /dev/null ================================================ FILE: bazel/test_for_benchmark_wrapper.sh ================================================ #!/bin/bash # Set the benchmark time to 0 to just verify that the benchmark runs to # completion. We're interacting with two different flag parsers, so the order # of flags and the -- matters. "${TEST_SRCDIR}/envoy/${1}" "${@:2}" --skip_expensive_benchmarks -- --benchmark_min_time=0 ================================================ FILE: bazel/toolchains/BUILD ================================================ licenses(["notice"]) # Apache 2 platform( name = "rbe_ubuntu_clang_platform", parents = ["@rbe_ubuntu_clang//config:platform"], remote_execution_properties = """ {PARENT_REMOTE_EXECUTION_PROPERTIES} properties: { name: "dockerAddCapabilities" value: "SYS_PTRACE,NET_RAW,NET_ADMIN" } properties: { name: "dockerNetwork" value: "standard" } """, ) ================================================ FILE: bazel/upb.patch ================================================ # https://github.com/protocolbuffers/upb/pull/226 diff --git a/bazel/upb_proto_library.bzl b/bazel/upb_proto_library.bzl index f148745be..21ed34b48 100644 --- a/bazel/upb_proto_library.bzl +++ b/bazel/upb_proto_library.bzl @@ -8,7 +8,7 @@ load("@bazel_tools//tools/cpp:toolchain_utils.bzl", "find_cpp_toolchain") # copybara:strip_for_google3_begin load("@bazel_skylib//lib:versions.bzl", "versions") -load("@bazel_version//:bazel_version.bzl", "bazel_version") +load("@upb_bazel_version//:bazel_version.bzl", "bazel_version") # copybara:strip_end # Generic support code ######################################################### diff --git a/bazel/workspace_deps.bzl b/bazel/workspace_deps.bzl index 39bf524a7..aabbc3411 100644 --- a/bazel/workspace_deps.bzl +++ b/bazel/workspace_deps.bzl @@ -5,7 +5,7 @@ load("//bazel:repository_defs.bzl", "bazel_version_repository") def upb_deps(): bazel_version_repository( - name = "bazel_version", + name = "upb_bazel_version", ) git_repository( ================================================ FILE: bazel/wasm/BUILD ================================================ licenses(["notice"]) # Apache 2 ================================================ FILE: bazel/wasm/wasm.bzl ================================================ load("@io_bazel_rules_rust//rust:rust.bzl", "rust_binary") load("@rules_cc//cc:defs.bzl", "cc_binary") def _wasm_cc_transition_impl(settings, attr): return { "//command_line_option:cpu": "wasm32", "//command_line_option:crosstool_top": "@proxy_wasm_cpp_sdk//toolchain:emscripten", # Overriding copt/cxxopt/linkopt to prevent sanitizers/coverage options leak # into WASM build configuration "//command_line_option:copt": [], "//command_line_option:cxxopt": [], "//command_line_option:linkopt": [], "//command_line_option:collect_code_coverage": "false", "//command_line_option:fission": "no", } def _wasm_rust_transition_impl(settings, attr): return { "//command_line_option:platforms": "@io_bazel_rules_rust//rust/platform:wasm", } wasm_cc_transition = transition( implementation = _wasm_cc_transition_impl, inputs = [], outputs = [ "//command_line_option:cpu", "//command_line_option:crosstool_top", "//command_line_option:copt", "//command_line_option:cxxopt", "//command_line_option:fission", "//command_line_option:linkopt", "//command_line_option:collect_code_coverage", ], ) wasm_rust_transition = transition( implementation = _wasm_rust_transition_impl, inputs = [], outputs = [ "//command_line_option:platforms", ], ) def _wasm_binary_impl(ctx): out = ctx.actions.declare_file(ctx.label.name) if ctx.attr.precompile: ctx.actions.run( executable = ctx.executable._compile_tool, arguments = [ctx.files.binary[0].path, out.path], outputs = [out], inputs = ctx.files.binary, ) else: ctx.actions.run( executable = "cp", arguments = [ctx.files.binary[0].path, out.path], outputs = [out], inputs = ctx.files.binary, ) return [DefaultInfo(files = depset([out]), runfiles = ctx.runfiles([out]))] def _wasm_attrs(transition): return { "binary": attr.label(mandatory = True, cfg = transition), "precompile": attr.bool(default = False), # This is deliberately in target configuration to avoid compiling v8 twice. "_compile_tool": attr.label(default = "@envoy//test/tools/wee8_compile:wee8_compile_tool", executable = True, cfg = "target"), "_whitelist_function_transition": attr.label(default = "@bazel_tools//tools/whitelists/function_transition_whitelist"), } # WASM binary rule implementation. # This copies the binary specified in binary attribute in WASM configuration to # target configuration, so a binary in non-WASM configuration can depend on them. wasm_cc_binary_rule = rule( implementation = _wasm_binary_impl, attrs = _wasm_attrs(wasm_cc_transition), ) wasm_rust_binary_rule = rule( implementation = _wasm_binary_impl, attrs = _wasm_attrs(wasm_rust_transition), ) def wasm_cc_binary(name, tags = [], repository = "", **kwargs): wasm_name = "_wasm_" + name kwargs.setdefault("additional_linker_inputs", ["@proxy_wasm_cpp_sdk//:jslib", "@envoy//source/extensions/common/wasm/ext:jslib"]) if repository == "@envoy": envoy_js = "--js-library source/extensions/common/wasm/ext/envoy_wasm_intrinsics.js" else: envoy_js = "--js-library external/envoy/source/extensions/common/wasm/ext/envoy_wasm_intrinsics.js" kwargs.setdefault("linkopts", [ envoy_js, "--js-library external/proxy_wasm_cpp_sdk/proxy_wasm_intrinsics.js", ]) kwargs.setdefault("visibility", ["//visibility:public"]) cc_binary( name = wasm_name, # Adding manual tag it won't be built in non-WASM (e.g. x86_64 config) # when an wildcard is specified, but it will be built in WASM configuration # when the wasm_binary below is built. tags = ["manual"], **kwargs ) wasm_cc_binary_rule( name = name, binary = ":" + wasm_name, tags = tags + ["manual"], ) def envoy_wasm_cc_binary(name, tags = [], **kwargs): wasm_cc_binary(name, tags, repository = "@envoy", **kwargs) def wasm_rust_binary(name, tags = [], **kwargs): wasm_name = "_wasm_" + (name if not ".wasm" in name else name.strip(".wasm")) kwargs.setdefault("visibility", ["//visibility:public"]) rust_binary( name = wasm_name, edition = "2018", crate_type = "cdylib", out_binary = True, tags = ["manual"], **kwargs ) wasm_rust_binary_rule( name = name, precompile = select({ "@envoy//bazel:linux_x86_64": True, "//conditions:default": False, }), binary = ":" + wasm_name, tags = tags + ["manual"], ) ================================================ FILE: ci/Dockerfile-envoy ================================================ ARG BUILD_OS=ubuntu ARG BUILD_TAG=18.04 # Build stage FROM buildpack-deps:$BUILD_TAG as build RUN echo "d6c40440609a23483f12eb6295b5191e94baf08298a856bab6e15b10c3b82891 /tmp/su-exec.c" > /tmp/checksum \ && curl -o /tmp/su-exec.c https://raw.githubusercontent.com/ncopa/su-exec/212b75144bbc06722fbd7661f651390dc47a43d1/su-exec.c \ && sha256sum -c /tmp/checksum \ && gcc -Wall /tmp/su-exec.c -o/usr/local/bin/su-exec \ && chown root:root /usr/local/bin/su-exec \ && chmod 0755 /usr/local/bin/su-exec # Final stage FROM $BUILD_OS:$BUILD_TAG ARG TARGETPLATFORM RUN apt-get update && apt-get upgrade -y \ && apt-get install --no-install-recommends -y ca-certificates \ && apt-get autoremove -y && apt-get clean \ && rm -rf /tmp/* /var/tmp/* \ && rm -rf /var/lib/apt/lists/* COPY --from=build /usr/local/bin/su-exec /usr/local/bin/su-exec RUN adduser --group --system envoy RUN mkdir -p /etc/envoy ARG ENVOY_BINARY_SUFFIX=_stripped ADD ${TARGETPLATFORM}/build_release${ENVOY_BINARY_SUFFIX}/* /usr/local/bin/ ADD configs/google_com_proxy.v2.yaml /etc/envoy/envoy.yaml EXPOSE 10000 COPY ci/docker-entrypoint.sh / ENTRYPOINT ["/docker-entrypoint.sh"] CMD ["envoy", "-c", "/etc/envoy/envoy.yaml"] ================================================ FILE: ci/Dockerfile-envoy-alpine ================================================ FROM frolvlad/alpine-glibc:alpine-3.12_glibc-2.31 RUN mkdir -p /etc/envoy ADD configs/google_com_proxy.v2.yaml /etc/envoy/envoy.yaml RUN apk add --no-cache shadow su-exec \ && addgroup -S envoy && adduser --no-create-home -S envoy -G envoy ARG ENVOY_BINARY_SUFFIX=_stripped ADD linux/amd64/build_release${ENVOY_BINARY_SUFFIX}/* /usr/local/bin/ EXPOSE 10000 COPY ci/docker-entrypoint.sh / ENTRYPOINT ["/docker-entrypoint.sh"] CMD ["envoy", "-c", "/etc/envoy/envoy.yaml"] ================================================ FILE: ci/Dockerfile-envoy-google-vrp ================================================ ARG ENVOY_VRP_BASE_IMAGE FROM $ENVOY_VRP_BASE_IMAGE RUN apt-get update \ && apt-get upgrade -y \ && apt-get install -y libc++1 supervisor gdb strace tshark \ && apt-get autoremove -y \ && apt-get clean \ && rm -rf /tmp/* /var/tmp/* \ && rm -rf /var/lib/apt/lists/* ADD configs/google-vrp/envoy-edge.yaml /etc/envoy/envoy-edge.yaml ADD configs/google-vrp/envoy-origin.yaml /etc/envoy/envoy-origin.yaml ADD configs/google-vrp/launch_envoy.sh /usr/local/bin/launch_envoy.sh ADD configs/google-vrp/supervisor.conf /etc/supervisor.conf ADD test/config/integration/certs/serverkey.pem /etc/envoy/certs/serverkey.pem ADD test/config/integration/certs/servercert.pem /etc/envoy/certs/servercert.pem # ADD %local envoy bin% /usr/local/bin/envoy EXPOSE 10000 EXPOSE 10001 CMD ["supervisord", "-c", "/etc/supervisor.conf"] ================================================ FILE: ci/README.md ================================================ # Developer use of CI Docker images There are two available flavors of Envoy Docker images for Linux, based on Ubuntu and Alpine Linux and an image based on Windows2019. ## Ubuntu Envoy image The Ubuntu based Envoy Docker image at [`envoyproxy/envoy-build:`](https://hub.docker.com/r/envoyproxy/envoy-build/) is used for CircleCI checks, where `` is specified in [`envoy_build_sha.sh`](https://github.com/envoyproxy/envoy/blob/master/ci/envoy_build_sha.sh). Developers may work with the latest build image SHA in [envoy-build-tools](https://github.com/envoyproxy/envoy-build-tools/blob/master/toolchains/rbe_toolchains_config.bzl#L8) repo to provide a self-contained environment for building Envoy binaries and running tests that reflects the latest built Ubuntu Envoy image. Moreover, the Docker image at [`envoyproxy/envoy-dev:`](https://hub.docker.com/r/envoyproxy/envoy-dev/) is an image that has an Envoy binary at `/usr/local/bin/envoy`. The `` corresponds to the master commit at which the binary was compiled. Lastly, `envoyproxy/envoy-dev:latest` contains an Envoy binary built from the latest tip of master that passed tests. ## Alpine Envoy image Minimal images based on Alpine Linux allow for quicker deployment of Envoy. Two Alpine based images are built, one with an Envoy binary with debug (`envoyproxy/envoy-alpine-debug`) symbols and one stripped of them (`envoyproxy/envoy-alpine`). Both images are pushed with two different tags: `` and `latest`. Parallel to the Ubuntu images above, `` corresponds to the master commit at which the binary was compiled, and `latest` corresponds to a binary built from the latest tip of master that passed tests. ## Windows 2019 Envoy image The Windows 2019 based Envoy Docker image at [`envoyproxy/envoy-build-windows2019:`](https://hub.docker.com/r/envoyproxy/envoy-build-windows2019/) is used for CI checks, where `` is specified in [`envoy_build_sha.sh`](https://github.com/envoyproxy/envoy/blob/master/ci/envoy_build_sha.sh). Developers may work with the most recent `envoyproxy/envoy-build-windows2019` image to provide a self-contained environment for building Envoy binaries and running tests that reflects the latest built Windows 2019 Envoy image. # Build image base and compiler versions Currently there are three build images for Linux and one for Windows: * `envoyproxy/envoy-build` — alias to `envoyproxy/envoy-build-ubuntu`. * `envoyproxy/envoy-build-ubuntu` — based on Ubuntu 18.04 (Bionic) with GCC 9 and Clang 10 compiler. * `envoyproxy/envoy-build-centos` — based on CentOS 7 with GCC 9 and Clang 10 compiler, this image is experimental and not well tested. * `envoyproxy/envoy-build-windows2019` — based on Windows 2019 LTS with VS 2019 Build Tools. The source for these images is located in the [envoyproxy/envoy-build-tools](https://github.com/envoyproxy/envoy-build-tools) repository. We use the Clang compiler for all Linux CI runs with tests. We have an additional Linux CI run with GCC which builds binary only. # C++ standard library As of November 2019 after [#8859](https://github.com/envoyproxy/envoy/pull/8859) the official released binary is [linked against libc++ on Linux](https://github.com/envoyproxy/envoy/blob/master/bazel/README.md#linking-against-libc-on-linux). To override the C++ standard library in your build, set environment variable `ENVOY_STDLIB` to `libstdc++` or `libc++` and run `./ci/do_ci.sh` as described below. # Building and running tests as a developer The `./ci/run_envoy_docker.sh` script can be used to set up a Docker container on Linux and Windows to build an Envoy static binary and run tests. The build image defaults to `envoyproxy/envoy-build-ubuntu` on Linux and `envoyproxy/envoy-build-windows2019` on Windows, but you can choose build image by setting `IMAGE_NAME` in the environment. In case your setup is behind a proxy, set `http_proxy` and `https_proxy` to the proxy servers before invoking the build. ```bash IMAGE_NAME=envoyproxy/envoy-build-ubuntu http_proxy=http://proxy.foo.com:8080 https_proxy=http://proxy.bar.com:8080 ./ci/run_envoy_docker.sh ' ``` ## On Linux An example basic invocation to build a developer version of the Envoy static binary (using the Bazel `fastbuild` type) is: ```bash ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.dev' ``` The Envoy binary can be found in `/tmp/envoy-docker-build/envoy/source/exe/envoy-fastbuild` on the Docker host. You can control this by setting `ENVOY_DOCKER_BUILD_DIR` in the environment, e.g. to generate the binary in `~/build/envoy/source/exe/envoy-fastbuild` you can run: ```bash ENVOY_DOCKER_BUILD_DIR=~/build ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.dev' ``` For a release version of the Envoy binary you can run: ```bash ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.release.server_only' ``` The build artifact can be found in `/tmp/envoy-docker-build/envoy/source/exe/envoy` (or wherever `$ENVOY_DOCKER_BUILD_DIR` points). For a debug version of the Envoy binary you can run: ```bash ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.debug.server_only' ``` The build artifact can be found in `/tmp/envoy-docker-build/envoy/source/exe/envoy-debug` (or wherever `$ENVOY_DOCKER_BUILD_DIR` points). To leverage a [bazel remote cache](https://github.com/envoyproxy/envoy/tree/master/bazel#advanced-caching-setup) add the http_remote_cache endpoint to the BAZEL_BUILD_EXTRA_OPTIONS environment variable ```bash ./ci/run_envoy_docker.sh "BAZEL_BUILD_EXTRA_OPTIONS='--remote_http_cache=http://127.0.0.1:28080' ./ci/do_ci.sh bazel.release" ``` The `./ci/run_envoy_docker.sh './ci/do_ci.sh '` targets are: * `bazel.api` — build and run API tests under `-c fastbuild` with clang. * `bazel.asan` — build and run tests under `-c dbg --config=clang-asan` with clang. * `bazel.asan ` — build and run a specified test or test dir under `-c dbg --config=clang-asan` with clang. * `bazel.debug` — build Envoy static binary and run tests under `-c dbg`. * `bazel.debug ` — build Envoy static binary and run a specified test or test dir under `-c dbg`. * `bazel.debug.server_only` — build Envoy static binary under `-c dbg`. * `bazel.dev` — build Envoy static binary and run tests under `-c fastbuild` with clang. * `bazel.dev ` — build Envoy static binary and run a specified test or test dir under `-c fastbuild` with clang. * `bazel.release` — build Envoy static binary and run tests under `-c opt` with clang. * `bazel.release ` — build Envoy static binary and run a specified test or test dir under `-c opt` with clang. * `bazel.release.server_only` — build Envoy static binary under `-c opt` with clang. * `bazel.sizeopt` — build Envoy static binary and run tests under `-c opt --config=sizeopt` with clang. * `bazel.sizeopt ` — build Envoy static binary and run a specified test or test dir under `-c opt --config=sizeopt` with clang. * `bazel.sizeopt.server_only` — build Envoy static binary under `-c opt --config=sizeopt` with clang. * `bazel.coverage` — build and run tests under `-c dbg` with gcc, generating coverage information in `$ENVOY_DOCKER_BUILD_DIR/envoy/generated/coverage/coverage.html`. * `bazel.coverage ` — build and run a specified test or test dir under `-c dbg` with gcc, generating coverage information in `$ENVOY_DOCKER_BUILD_DIR/envoy/generated/coverage/coverage.html`. * `bazel.coverity` — build Envoy static binary and run Coverity Scan static analysis. * `bazel.msan` — build and run tests under `-c dbg --config=clang-msan` with clang. * `bazel.msan ` — build and run a specified test or test dir under `-c dbg --config=clang-msan` with clang. * `bazel.tsan` — build and run tests under `-c dbg --config=clang-tsan` with clang. * `bazel.tsan ` — build and run a specified test or test dir under `-c dbg --config=clang-tsan` with clang. * `bazel.fuzz` — build and run fuzz tests under `-c dbg --config=asan-fuzzer` with clang. * `bazel.fuzz ` — build and run a specified fuzz test or test dir under `-c dbg --config=asan-fuzzer` with clang. If specifying a single fuzz test, must use the full target name with "_with_libfuzzer" for ``. * `bazel.compile_time_options` — build Envoy and run tests with various compile-time options toggled to their non-default state, to ensure they still build. * `bazel.compile_time_options ` — build Envoy and run a specified test or test dir with various compile-time options toggled to their non-default state, to ensure they still build. * `bazel.clang_tidy ` — build and run clang-tidy specified source files, if no files specified, runs against the diff with the last GitHub commit. * `check_format`— run `clang-format` and `buildifier` on entire source tree. * `fix_format`— run and enforce `clang-format` and `buildifier` on entire source tree. * `check_spelling`— run `misspell` on entire project. * `fix_spelling`— run and enforce `misspell` on entire project. * `check_spelling_pedantic`— run `aspell` on C++ and proto comments. * `docs`— build documentation tree in `generated/docs`. ## On Windows An example basic invocation to build the Envoy static binary and run tests is: ```bash ./ci/run_envoy_docker.sh './ci/windows_ci_steps.sh' ``` You can modify `./ci/windows_ci_steps.sh` to modify `bazel` arguments, tests to run, etc. as well as set environment variables to adjust your container build environment as described above. The Envoy binary can be found in `C:\Windows\Temp\envoy-docker-build\envoy\source\exe` on the Docker host. You can control this by setting `ENVOY_DOCKER_BUILD_DIR` in the environment, e.g. to generate the binary in `C:\Users\foo\build\envoy\source\exe` you can run: ```bash ENVOY_DOCKER_BUILD_DIR="C:\Users\foo\build" ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.dev' ``` Note the quotations around the `ENVOY_DOCKER_BUILD_DIR` value to preserve the backslashes in the path. If you would like to run an interactive session to keep the build container running (to persist your local build environment), run: ```bash ./ci/run_envoy_docker.sh 'bash' ``` From an interactive session, you can invoke `bazel` manually or use the `./ci/windows_ci_steps.sh` script to build and run tests. # Testing changes to the build image as a developer While all changes to the build image should eventually be upstreamed, it can be useful to test those changes locally before sending out a pull request. To experiment with a local clone of the upstream build image you can make changes to files such as build_container.sh locally and then run: ```bash DISTRO=ubuntu cd ci/build_container LINUX_DISTRO="${DISTRO}" CIRCLE_SHA1=my_tag ./docker_build.sh # Wait patiently for quite some time cd ../.. IMAGE_NAME="envoyproxy/envoy-build-${DISTRO}" IMAGE_ID=my_tag ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.whatever' ``` This build the Ubuntu based `envoyproxy/envoy-build-ubuntu` image, and the final call will run against your local copy of the build image. # macOS Build Flow The macOS CI build is part of the [CircleCI](https://circleci.com/gh/envoyproxy/envoy) workflow. Dependencies are installed by the `ci/mac_ci_setup.sh` script, via [Homebrew](https://brew.sh), which is pre-installed on the CircleCI macOS image. The dependencies are cached are re-installed on every build. The `ci/mac_ci_steps.sh` script executes the specific commands that build and test Envoy. Note that the full version of Xcode (not just Command Line Tools) is required. # Coverity Scan Build Flow [Coverity Scan Envoy Project](https://scan.coverity.com/projects/envoy-proxy) Coverity Scan static analysis is not run within Envoy CI. However, Envoy can be locally built and submitted for analysis. A Coverity Scan Envoy project token must be generated from the [Coverity Project Settings](https://scan.coverity.com/projects/envoy-proxy?tab=project_settings). Only a Coverity Project Administrator can create a token. With this token, running `ci/do_coverity_local.sh` will use the Ubuntu based `envoyproxy/envoy-build-ubuntu` image to build the Envoy static binary with the Coverity Scan tool chain. This process generates an artifact, envoy-coverity-output.tgz, that is uploaded to Coverity for static analysis. To build and submit for analysis: ```bash COVERITY_TOKEN={generated Coverity project token} ./ci/do_coverity_local.sh ``` ================================================ FILE: ci/WORKSPACE.filter.example ================================================ workspace(name = "envoy_filter_example") local_repository( name = "envoy", path = "{ENVOY_SRCDIR}", ) load("@envoy//bazel:api_binding.bzl", "envoy_api_binding") envoy_api_binding() load("@envoy//bazel:api_repositories.bzl", "envoy_api_dependencies") envoy_api_dependencies() load("@envoy//bazel:repositories.bzl", "envoy_dependencies") envoy_dependencies() load("@envoy//bazel:repositories_extra.bzl", "envoy_dependencies_extra") envoy_dependencies_extra() load("@envoy//bazel:dependency_imports.bzl", "envoy_dependency_imports") envoy_dependency_imports() ================================================ FILE: ci/api_mirror.sh ================================================ #!/bin/bash set -e CHECKOUT_DIR=../data-plane-api if [ -z "$CIRCLE_PULL_REQUEST" ] && [ "$CIRCLE_BRANCH" == "master" ] then echo "Cloning..." git clone git@github.com:envoyproxy/data-plane-api "$CHECKOUT_DIR" git -C "$CHECKOUT_DIR" config user.name "data-plane-api(CircleCI)" git -C "$CHECKOUT_DIR" config user.email data-plane-api@users.noreply.github.com git -C "$CHECKOUT_DIR" fetch git -C "$CHECKOUT_DIR" checkout -B master origin/master # Determine last envoyproxy/envoy SHA in envoyproxy/data-plane-api MIRROR_MSG="Mirrored from https://github.com/envoyproxy/envoy" LAST_ENVOY_SHA=$(git -C "$CHECKOUT_DIR" log --grep="$MIRROR_MSG" -n 1 | grep "$MIRROR_MSG" | \ tail -n 1 | sed -e "s#.*$MIRROR_MSG @ ##") echo "Last mirrored envoyproxy/envoy SHA is $LAST_ENVOY_SHA" # Compute SHA sequence to replay in envoyproxy/data-plane-api SHAS=$(git rev-list --reverse "$LAST_ENVOY_SHA"..HEAD api/) # For each SHA, hard reset, rsync api/ and generate commit in # envoyproxy/data-plane-api API_WORKING_DIR="../envoy-api-mirror" git worktree add "$API_WORKING_DIR" for sha in $SHAS do git -C "$API_WORKING_DIR" reset --hard "$sha" COMMIT_MSG=$(git -C "$API_WORKING_DIR" log --format=%B -n 1) QUALIFIED_COMMIT_MSG=$(echo -e "$COMMIT_MSG\n\n$MIRROR_MSG @ $sha") rsync -acv --delete --exclude "ci/" --exclude ".*" --exclude LICENSE \ "$API_WORKING_DIR"/api/ "$CHECKOUT_DIR"/ git -C "$CHECKOUT_DIR" add . git -C "$CHECKOUT_DIR" commit -m "$QUALIFIED_COMMIT_MSG" done echo "Pushing..." git -C "$CHECKOUT_DIR" push origin master echo "Done" fi ================================================ FILE: ci/build_setup.sh ================================================ #!/bin/bash # Configure environment variables for Bazel build and test. set -e export PPROF_PATH=/thirdparty_build/bin/pprof [ -z "${NUM_CPUS}" ] && NUM_CPUS=$(grep -c ^processor /proc/cpuinfo) [ -z "${ENVOY_SRCDIR}" ] && export ENVOY_SRCDIR=/source [ -z "${ENVOY_BUILD_TARGET}" ] && export ENVOY_BUILD_TARGET=//source/exe:envoy-static [ -z "${ENVOY_BUILD_DEBUG_INFORMATION}" ] && export ENVOY_BUILD_DEBUG_INFORMATION=//source/exe:envoy-static.dwp [ -z "${ENVOY_BUILD_ARCH}" ] && { ENVOY_BUILD_ARCH=$(uname -m) export ENVOY_BUILD_ARCH } read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS:-}" read -ra BAZEL_EXTRA_TEST_OPTIONS <<< "${BAZEL_EXTRA_TEST_OPTIONS:-}" read -ra BAZEL_OPTIONS <<< "${BAZEL_OPTIONS:-}" echo "ENVOY_SRCDIR=${ENVOY_SRCDIR}" echo "ENVOY_BUILD_TARGET=${ENVOY_BUILD_TARGET}" echo "ENVOY_BUILD_ARCH=${ENVOY_BUILD_ARCH}" function setup_gcc_toolchain() { if [[ -n "${ENVOY_STDLIB}" && "${ENVOY_STDLIB}" != "libstdc++" ]]; then echo "gcc toolchain doesn't support ${ENVOY_STDLIB}." exit 1 fi if [[ -z "${ENVOY_RBE}" ]]; then export CC=gcc export CXX=g++ export BAZEL_COMPILER=gcc echo "$CC/$CXX toolchain configured" else BAZEL_BUILD_OPTIONS=("--config=remote-gcc" "${BAZEL_BUILD_OPTIONS[@]}") fi } function setup_clang_toolchain() { ENVOY_STDLIB="${ENVOY_STDLIB:-libc++}" if [[ -z "${ENVOY_RBE}" ]]; then if [[ "${ENVOY_STDLIB}" == "libc++" ]]; then BAZEL_BUILD_OPTIONS=("--config=libc++" "${BAZEL_BUILD_OPTIONS[@]}") else BAZEL_BUILD_OPTIONS=("--config=clang" "${BAZEL_BUILD_OPTIONS[@]}") fi else if [[ "${ENVOY_STDLIB}" == "libc++" ]]; then BAZEL_BUILD_OPTIONS=("--config=remote-clang-libc++" "${BAZEL_BUILD_OPTIONS[@]}") else BAZEL_BUILD_OPTIONS=("--config=remote-clang" "${BAZEL_BUILD_OPTIONS[@]}") fi fi echo "clang toolchain with ${ENVOY_STDLIB} configured" } export BUILD_DIR=${BUILD_DIR:-/build} if [[ ! -d "${BUILD_DIR}" ]] then echo "${BUILD_DIR} mount missing - did you forget -v :${BUILD_DIR}? Creating." mkdir -p "${BUILD_DIR}" fi # Environment setup. export TEST_TMPDIR=${BUILD_DIR}/tmp export PATH=/opt/llvm/bin:${PATH} export CLANG_FORMAT="${CLANG_FORMAT:-clang-format}" if [[ -f "/etc/redhat-release" ]]; then BAZEL_BUILD_EXTRA_OPTIONS+=("--copt=-DENVOY_IGNORE_GLIBCXX_USE_CXX11_ABI_ERROR=1") fi function cleanup() { # Remove build artifacts. This doesn't mess with incremental builds as these # are just symlinks. rm -rf "${ENVOY_SRCDIR}"/bazel-* clang.bazelrc } cleanup trap cleanup EXIT export LLVM_ROOT="${LLVM_ROOT:-/opt/llvm}" "$(dirname "$0")"/../bazel/setup_clang.sh "${LLVM_ROOT}" [[ "${BUILD_REASON}" != "PullRequest" ]] && BAZEL_EXTRA_TEST_OPTIONS+=("--nocache_test_results") # TODO(phlax): deprecate/remove this - i believe it was made redundant here: # https://github.com/envoyproxy/envoy/commit/3ebedeb708a23062332a6fcdf33b462b7070adba#diff-2fa22a1337effee365a51e6844be0ab3 export BAZEL_QUERY_OPTIONS="${BAZEL_OPTIONS[*]}" # Use https://docs.bazel.build/versions/master/command-line-reference.html#flag--experimental_repository_cache_hardlinks # to save disk space. BAZEL_BUILD_OPTIONS=( "${BAZEL_OPTIONS[@]}" "--verbose_failures" "--show_task_finish" "--experimental_generate_json_trace_profile" "--test_output=errors" "--repository_cache=${BUILD_DIR}/repository_cache" "--experimental_repository_cache_hardlinks" "${BAZEL_BUILD_EXTRA_OPTIONS[@]}" "${BAZEL_EXTRA_TEST_OPTIONS[@]}") [[ "${ENVOY_BUILD_ARCH}" == "aarch64" ]] && BAZEL_BUILD_OPTIONS+=( "--define" "wasm=disabled" "--flaky_test_attempts=2" "--test_env=HEAPCHECK=") [[ "${BAZEL_EXPUNGE}" == "1" ]] && bazel clean --expunge # Also setup some space for building Envoy standalone. export ENVOY_BUILD_DIR="${BUILD_DIR}"/envoy mkdir -p "${ENVOY_BUILD_DIR}" # This is where we copy build deliverables to. export ENVOY_DELIVERY_DIR="${ENVOY_BUILD_DIR}"/source/exe mkdir -p "${ENVOY_DELIVERY_DIR}" # This is where we copy the coverage report to. export ENVOY_COVERAGE_ARTIFACT="${ENVOY_BUILD_DIR}"/generated/coverage.tar.gz # This is where we copy the fuzz coverage report to. export ENVOY_FUZZ_COVERAGE_ARTIFACT="${ENVOY_BUILD_DIR}"/generated/fuzz_coverage.tar.gz # This is where we dump failed test logs for CI collection. export ENVOY_FAILED_TEST_LOGS="${ENVOY_BUILD_DIR}"/generated/failed-testlogs mkdir -p "${ENVOY_FAILED_TEST_LOGS}" # This is where we copy the build profile to. export ENVOY_BUILD_PROFILE="${ENVOY_BUILD_DIR}"/generated/build-profile mkdir -p "${ENVOY_BUILD_PROFILE}" export BUILDIFIER_BIN="${BUILDIFIER_BIN:-/usr/local/bin/buildifier}" export BUILDOZER_BIN="${BUILDOZER_BIN:-/usr/local/bin/buildozer}" # We set up an Envoy consuming project for test builds only if '-nofetch' # is not set AND this is an Envoy build. For derivative builds where Envoy # source tree is different than the current workspace, the setup step is # skipped. if [[ "$1" != "-nofetch" && "${ENVOY_SRCDIR}" == "$(bazel info workspace)" ]]; then # shellcheck source=ci/filter_example_setup.sh . "$(dirname "$0")"/filter_example_setup.sh else echo "Skip setting up Envoy Filter Example." fi export ENVOY_BUILD_FILTER_EXAMPLE="${FILTER_WORKSPACE_SET:-0}" ================================================ FILE: ci/check_and_fix_format.sh ================================================ #!/bin/bash set -e DIFF_OUTPUT="${DIFF_OUTPUT:-/build/fix_format.diff}" # We set this for two reasons. First, we want to ensure belt-and-braces that we check these formats # in CI in case the skip-on-file-change heuristics in proto_format.sh etc. are buggy. Second, this # prevents AZP cache weirdness. export FORCE_PROTO_FORMAT=yes export FORCE_PYTHON_FORMAT=yes function fix { set +e ci/do_ci.sh fix_format ci/do_ci.sh fix_spelling ci/do_ci.sh fix_spelling_pedantic echo "Format check failed, try apply following patch to fix:" git add api git diff HEAD | tee "${DIFF_OUTPUT}" exit 1 } # If any of the checks fail, run the fix function above. trap fix ERR ci/do_ci.sh check_format ci/do_ci.sh check_repositories ci/do_ci.sh check_spelling ci/do_ci.sh check_spelling_pedantic ================================================ FILE: ci/do_ci.sh ================================================ #!/bin/bash # Run a CI build/test target, e.g. docs, asan. set -e build_setup_args="" if [[ "$1" == "fix_format" || "$1" == "check_format" || "$1" == "check_repositories" || \ "$1" == "check_spelling" || "$1" == "fix_spelling" || "$1" == "bazel.clang_tidy" || \ "$1" == "check_spelling_pedantic" || "$1" == "fix_spelling_pedantic" ]]; then build_setup_args="-nofetch" fi SRCDIR="${PWD}" NO_BUILD_SETUP="${NO_BUILD_SETUP:-}" if [[ -z "$NO_BUILD_SETUP" ]]; then # shellcheck source=ci/setup_cache.sh . "$(dirname "$0")"/setup_cache.sh # shellcheck source=ci/build_setup.sh . "$(dirname "$0")"/build_setup.sh $build_setup_args fi cd "${SRCDIR}" if [[ "${ENVOY_BUILD_ARCH}" == "x86_64" ]]; then BUILD_ARCH_DIR="/linux/amd64" elif [[ "${ENVOY_BUILD_ARCH}" == "aarch64" ]]; then BUILD_ARCH_DIR="/linux/arm64" else # Fall back to use the ENVOY_BUILD_ARCH itself. BUILD_ARCH_DIR="/linux/${ENVOY_BUILD_ARCH}" fi echo "building using ${NUM_CPUS} CPUs" echo "building for ${ENVOY_BUILD_ARCH}" function collect_build_profile() { declare -g build_profile_count=${build_profile_count:-1} mv -f "$(bazel info output_base)/command.profile.gz" "${ENVOY_BUILD_PROFILE}/${build_profile_count}-$1.profile.gz" || true ((build_profile_count++)) } function bazel_with_collection() { local failed_logs declare -r BAZEL_OUTPUT="${ENVOY_SRCDIR}"/bazel.output.txt bazel "$@" | tee "${BAZEL_OUTPUT}" declare BAZEL_STATUS="${PIPESTATUS[0]}" if [ "${BAZEL_STATUS}" != "0" ] then pushd bazel-testlogs failed_logs=$(grep " /build.*test.log" "${BAZEL_OUTPUT}" | sed -e 's/ \/build.*\/testlogs\/\(.*\)/\1/') while read -r f; do cp --parents -f "$f" "${ENVOY_FAILED_TEST_LOGS}" done <<< "$failed_logs" popd exit "${BAZEL_STATUS}" fi collect_build_profile "$1" run_process_test_result } function cp_binary_for_outside_access() { DELIVERY_LOCATION="$1" cp -f \ bazel-bin/"${ENVOY_BIN}" \ "${ENVOY_DELIVERY_DIR}"/"${DELIVERY_LOCATION}" } function cp_debug_info_for_outside_access() { DELIVERY_LOCATION="$1" cp -f \ bazel-bin/"${ENVOY_BIN}".dwp \ "${ENVOY_DELIVERY_DIR}"/"${DELIVERY_LOCATION}".dwp } function cp_binary_for_image_build() { # TODO(mattklein123): Replace this with caching and a different job which creates images. local BASE_TARGET_DIR="${ENVOY_SRCDIR}${BUILD_ARCH_DIR}" echo "Copying binary for image build..." COMPILE_TYPE="$2" mkdir -p "${BASE_TARGET_DIR}"/build_"$1" cp -f "${ENVOY_DELIVERY_DIR}"/envoy "${BASE_TARGET_DIR}"/build_"$1" if [[ "${COMPILE_TYPE}" == "dbg" || "${COMPILE_TYPE}" == "opt" ]]; then cp -f "${ENVOY_DELIVERY_DIR}"/envoy.dwp "${BASE_TARGET_DIR}"/build_"$1" fi mkdir -p "${BASE_TARGET_DIR}"/build_"$1"_stripped strip "${ENVOY_DELIVERY_DIR}"/envoy -o "${BASE_TARGET_DIR}"/build_"$1"_stripped/envoy # Copy for azp which doesn't preserve permissions, creating a tar archive tar czf "${ENVOY_BUILD_DIR}"/envoy_binary.tar.gz -C "${BASE_TARGET_DIR}" build_"$1" build_"$1"_stripped # Remove binaries to save space, only if BUILD_REASON exists (running in AZP) [[ -z "${BUILD_REASON}" ]] || \ rm -rf "${BASE_TARGET_DIR}"/build_"$1" "${BASE_TARGET_DIR}"/build_"$1"_stripped "${ENVOY_DELIVERY_DIR}"/envoy{,.dwp} \ bazel-bin/"${ENVOY_BIN}"{,.dwp} } function bazel_binary_build() { BINARY_TYPE="$1" if [[ "${BINARY_TYPE}" == "release" ]]; then COMPILE_TYPE="opt" elif [[ "${BINARY_TYPE}" == "debug" ]]; then COMPILE_TYPE="dbg" elif [[ "${BINARY_TYPE}" == "sizeopt" ]]; then # The COMPILE_TYPE variable is redundant in this case and is only here for # readability. It is already set in the .bazelrc config for sizeopt. COMPILE_TYPE="opt" CONFIG_ARGS="--config=sizeopt" elif [[ "${BINARY_TYPE}" == "fastbuild" ]]; then COMPILE_TYPE="fastbuild" fi echo "Building..." ENVOY_BIN=$(echo "${ENVOY_BUILD_TARGET}" | sed -e 's#^@\([^/]*\)/#external/\1#;s#^//##;s#:#/#') # This is a workaround for https://github.com/bazelbuild/bazel/issues/11834 [[ -n "${ENVOY_RBE}" ]] && rm -rf bazel-bin/"${ENVOY_BIN}"* bazel build "${BAZEL_BUILD_OPTIONS[@]}" -c "${COMPILE_TYPE}" "${ENVOY_BUILD_TARGET}" ${CONFIG_ARGS} collect_build_profile "${BINARY_TYPE}"_build # Copy the built envoy binary somewhere that we can access outside of the # container. cp_binary_for_outside_access envoy if [[ "${COMPILE_TYPE}" == "dbg" || "${COMPILE_TYPE}" == "opt" ]]; then # Generate dwp file for debugging since we used split DWARF to reduce binary # size bazel build "${BAZEL_BUILD_OPTIONS[@]}" -c "${COMPILE_TYPE}" "${ENVOY_BUILD_DEBUG_INFORMATION}" ${CONFIG_ARGS} # Copy the debug information cp_debug_info_for_outside_access envoy fi cp_binary_for_image_build "${BINARY_TYPE}" "${COMPILE_TYPE}" } function run_process_test_result() { echo "running flaky test reporting script" "${ENVOY_SRCDIR}"/ci/flaky_test/run_process_xml.sh "$CI_TARGET" } CI_TARGET=$1 shift if [[ $# -ge 1 ]]; then COVERAGE_TEST_TARGETS=("$@") TEST_TARGETS=("$@") else # Coverage test will add QUICHE tests by itself. COVERAGE_TEST_TARGETS=("//test/...") TEST_TARGETS=("${COVERAGE_TEST_TARGETS[@]}" "@com_googlesource_quiche//:ci_tests") fi if [[ "$CI_TARGET" == "bazel.release" ]]; then # When testing memory consumption, we want to test against exact byte-counts # where possible. As these differ between platforms and compile options, we # define the 'release' builds as canonical and test them only in CI, so the # toolchain is kept consistent. This ifdef is checked in # test/common/stats/stat_test_utility.cc when computing # Stats::TestUtil::MemoryTest::mode(). [[ "${ENVOY_BUILD_ARCH}" == "x86_64" ]] && BAZEL_BUILD_OPTIONS+=("--test_env=ENVOY_MEMORY_TEST_EXACT=true") setup_clang_toolchain echo "Testing ${TEST_TARGETS[*]} with options: ${BAZEL_BUILD_OPTIONS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c opt "${TEST_TARGETS[@]}" echo "bazel release build with tests..." bazel_binary_build release exit 0 elif [[ "$CI_TARGET" == "bazel.release.server_only" ]]; then setup_clang_toolchain echo "bazel release build..." bazel_binary_build release exit 0 elif [[ "$CI_TARGET" == "bazel.sizeopt.server_only" ]]; then setup_clang_toolchain echo "bazel size optimized build..." bazel_binary_build sizeopt exit 0 elif [[ "$CI_TARGET" == "bazel.sizeopt" ]]; then setup_clang_toolchain echo "Testing ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" --config=sizeopt "${TEST_TARGETS[@]}" echo "bazel size optimized build with tests..." bazel_binary_build sizeopt exit 0 elif [[ "$CI_TARGET" == "bazel.gcc" ]]; then BAZEL_BUILD_OPTIONS+=("--test_env=HEAPCHECK=") setup_gcc_toolchain echo "Testing ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild "${TEST_TARGETS[@]}" echo "bazel release build with gcc..." bazel_binary_build fastbuild exit 0 elif [[ "$CI_TARGET" == "bazel.debug" ]]; then setup_clang_toolchain echo "Testing ${TEST_TARGETS[*]}" bazel test "${BAZEL_BUILD_OPTIONS[@]}" -c dbg "${TEST_TARGETS[@]}" echo "bazel debug build with tests..." bazel_binary_build debug exit 0 elif [[ "$CI_TARGET" == "bazel.debug.server_only" ]]; then setup_clang_toolchain echo "bazel debug build..." bazel_binary_build debug exit 0 elif [[ "$CI_TARGET" == "bazel.asan" ]]; then setup_clang_toolchain BAZEL_BUILD_OPTIONS+=(-c opt --copt -g "--config=clang-asan" "--build_tests_only") echo "bazel ASAN/UBSAN debug build with tests" echo "Building and testing envoy tests ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${TEST_TARGETS[@]}" if [ "${ENVOY_BUILD_FILTER_EXAMPLE}" == "1" ]; then echo "Building and testing envoy-filter-example tests..." pushd "${ENVOY_FILTER_EXAMPLE_SRCDIR}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${ENVOY_FILTER_EXAMPLE_TESTS[@]}" popd fi # TODO(mattklein123): This part of the test is now flaky in CI and it's unclear why, possibly # due to sandboxing issue. Debug and enable it again. # if [ "${CI_SKIP_INTEGRATION_TEST_TRAFFIC_TAPPING}" != "1" ] ; then # Also validate that integration test traffic tapping (useful when debugging etc.) # works. This requires that we set TAP_PATH. We do this under bazel.asan to # ensure a debug build in CI. # echo "Validating integration test traffic tapping..." # bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" \ # --run_under=@envoy//bazel/test:verify_tap_test.sh \ # //test/extensions/transport_sockets/tls/integration:ssl_integration_test # fi exit 0 elif [[ "$CI_TARGET" == "bazel.tsan" ]]; then setup_clang_toolchain echo "bazel TSAN debug build with tests" echo "Building and testing envoy tests ${TEST_TARGETS[*]}" bazel_with_collection test --config=rbe-toolchain-tsan "${BAZEL_BUILD_OPTIONS[@]}" -c dbg --build_tests_only "${TEST_TARGETS[@]}" if [ "${ENVOY_BUILD_FILTER_EXAMPLE}" == "1" ]; then echo "Building and testing envoy-filter-example tests..." pushd "${ENVOY_FILTER_EXAMPLE_SRCDIR}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c dbg --config=clang-tsan "${ENVOY_FILTER_EXAMPLE_TESTS[@]}" popd fi exit 0 elif [[ "$CI_TARGET" == "bazel.msan" ]]; then ENVOY_STDLIB=libc++ setup_clang_toolchain # rbe-toolchain-msan must comes as first to win library link order. BAZEL_BUILD_OPTIONS=("--config=rbe-toolchain-msan" "${BAZEL_BUILD_OPTIONS[@]}" "-c dbg" "--build_tests_only") echo "bazel MSAN debug build with tests" echo "Building and testing envoy tests ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${TEST_TARGETS[@]}" exit 0 elif [[ "$CI_TARGET" == "bazel.dev" ]]; then setup_clang_toolchain # This doesn't go into CI but is available for developer convenience. echo "bazel fastbuild build with tests..." echo "Building..." bazel_binary_build fastbuild echo "Building and testing ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild "${TEST_TARGETS[@]}" # TODO(foreseeable): consolidate this and the API tool tests in a dedicated target. bazel_with_collection //tools/envoy_headersplit:headersplit_test --spawn_strategy=local bazel_with_collection //tools/envoy_headersplit:replace_includes_test --spawn_strategy=local exit 0 elif [[ "$CI_TARGET" == "bazel.compile_time_options" ]]; then # Right now, none of the available compile-time options conflict with each other. If this # changes, this build type may need to be broken up. # TODO(mpwarres): remove quiche=enabled once QUICHE is built by default. COMPILE_TIME_OPTIONS=( "--define" "signal_trace=disabled" "--define" "hot_restart=disabled" "--define" "google_grpc=disabled" "--define" "boringssl=fips" "--define" "log_debug_assert_in_release=enabled" "--define" "quiche=enabled" "--define" "wasm=disabled" "--define" "path_normalization_by_default=true" "--define" "deprecated_features=disabled" "--define" "use_new_codecs_in_integration_tests=true" "--define" "tcmalloc=gperftools" "--define" "zlib=ng") ENVOY_STDLIB="${ENVOY_STDLIB:-libstdc++}" setup_clang_toolchain # This doesn't go into CI but is available for developer convenience. echo "bazel with different compiletime options build with tests..." if [[ "${TEST_TARGETS[*]}" == "//test/..." ]]; then cd "${ENVOY_FILTER_EXAMPLE_SRCDIR}" TEST_TARGETS=("@envoy//test/...") fi # Building all the dependencies from scratch to link them against libc++. echo "Building and testing ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${COMPILE_TIME_OPTIONS[@]}" -c dbg "${TEST_TARGETS[@]}" --test_tag_filters=-nofips --build_tests_only # Legacy codecs "--define legacy_codecs_in_integration_tests=true" should also be tested in # integration tests with asan. bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${COMPILE_TIME_OPTIONS[@]}" -c dbg @envoy//test/integration/... --config=clang-asan --build_tests_only # "--define log_debug_assert_in_release=enabled" must be tested with a release build, so run only # these tests under "-c opt" to save time in CI. bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" "${COMPILE_TIME_OPTIONS[@]}" -c opt @envoy//test/common/common:assert_test @envoy//test/server:server_test echo "Building binary..." bazel build "${BAZEL_BUILD_OPTIONS[@]}" "${COMPILE_TIME_OPTIONS[@]}" -c dbg @envoy//source/exe:envoy-static --build_tag_filters=-nofips collect_build_profile build exit 0 elif [[ "$CI_TARGET" == "bazel.api" ]]; then setup_clang_toolchain echo "Validating API structure..." ./tools/api/validate_structure.py echo "Building API..." bazel build "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild @envoy_api_canonical//envoy/... echo "Testing API..." bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild @envoy_api_canonical//test/... @envoy_api_canonical//tools/... \ @envoy_api_canonical//tools:tap2pcap_test echo "Testing API boosting (unit tests)..." bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild @envoy_dev//clang_tools/api_booster/... echo "Testing API boosting (golden C++ tests)..." # We use custom BAZEL_BUILD_OPTIONS here; the API booster isn't capable of working with libc++ yet. LLVM_CONFIG="${LLVM_ROOT}"/bin/llvm-config BAZEL_BUILD_OPTIONS="--config=clang" python3.8 ./tools/api_boost/api_boost_test.py exit 0 elif [[ "$CI_TARGET" == "bazel.coverage" || "$CI_TARGET" == "bazel.fuzz_coverage" ]]; then setup_clang_toolchain echo "${CI_TARGET} build with tests ${COVERAGE_TEST_TARGETS[*]}" [[ "$CI_TARGET" == "bazel.fuzz_coverage" ]] && export FUZZ_COVERAGE=true # We use custom BAZEL_BUILD_OPTIONS here to cover profiler's code. BAZEL_BUILD_OPTIONS="${BAZEL_BUILD_OPTIONS[*]} --define tcmalloc=gperftools" test/run_envoy_bazel_coverage.sh "${COVERAGE_TEST_TARGETS[@]}" collect_build_profile coverage exit 0 elif [[ "$CI_TARGET" == "bazel.clang_tidy" ]]; then # clang-tidy will warn on standard library issues with libc++ ENVOY_STDLIB="libstdc++" setup_clang_toolchain BAZEL_BUILD_OPTIONS="${BAZEL_BUILD_OPTIONS[*]}" NUM_CPUS=$NUM_CPUS ci/run_clang_tidy.sh "$@" exit 0 elif [[ "$CI_TARGET" == "bazel.coverity" ]]; then # Coverity Scan version 2017.07 fails to analyze the entirely of the Envoy # build when compiled with Clang 5. Revisit when Coverity Scan explicitly # supports Clang 5. Until this issue is resolved, run Coverity Scan with # the GCC toolchain. setup_gcc_toolchain echo "bazel Coverity Scan build" echo "Building..." /build/cov-analysis/bin/cov-build --dir "${ENVOY_BUILD_DIR}"/cov-int bazel build --action_env=LD_PRELOAD "${BAZEL_BUILD_OPTIONS[@]}" \ -c opt "${ENVOY_BUILD_TARGET}" # tar up the coverity results tar czvf "${ENVOY_BUILD_DIR}"/envoy-coverity-output.tgz -C "${ENVOY_BUILD_DIR}" cov-int # Copy the Coverity results somewhere that we can access outside of the container. cp -f \ "${ENVOY_BUILD_DIR}"/envoy-coverity-output.tgz \ "${ENVOY_DELIVERY_DIR}"/envoy-coverity-output.tgz exit 0 elif [[ "$CI_TARGET" == "bazel.fuzz" ]]; then setup_clang_toolchain FUZZ_TEST_TARGETS=("$(bazel query "attr('tags','fuzzer',${TEST_TARGETS[*]})")") echo "bazel ASAN libFuzzer build with fuzz tests ${FUZZ_TEST_TARGETS[*]}" echo "Building envoy fuzzers and executing 100 fuzz iterations..." bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" --config=asan-fuzzer "${FUZZ_TEST_TARGETS[@]}" --test_arg="-runs=10" exit 0 elif [[ "$CI_TARGET" == "fix_format" ]]; then # proto_format.sh needs to build protobuf. setup_clang_toolchain echo "fix_format..." ./tools/code_format/check_format.py fix ./tools/code_format/format_python_tools.sh fix ./tools/proto_format/proto_format.sh fix --test exit 0 elif [[ "$CI_TARGET" == "check_format" ]]; then # proto_format.sh needs to build protobuf. setup_clang_toolchain echo "check_format_test..." ./tools/code_format/check_format_test_helper.sh --log=WARN echo "check_format..." ./tools/code_format/check_shellcheck_format.sh ./tools/code_format/check_format.py check ./tools/code_format/format_python_tools.sh check ./tools/proto_format/proto_format.sh check --test exit 0 elif [[ "$CI_TARGET" == "check_repositories" ]]; then echo "check_repositories..." ./tools/check_repositories.sh exit 0 elif [[ "$CI_TARGET" == "check_spelling" ]]; then echo "check_spelling..." ./tools/spelling/check_spelling.sh check exit 0 elif [[ "$CI_TARGET" == "fix_spelling" ]];then echo "fix_spell..." ./tools/spelling/check_spelling.sh fix exit 0 elif [[ "$CI_TARGET" == "check_spelling_pedantic" ]]; then echo "check_spelling_pedantic..." ./tools/spelling/check_spelling_pedantic.py --mark check exit 0 elif [[ "$CI_TARGET" == "fix_spelling_pedantic" ]]; then echo "fix_spelling_pedantic..." ./tools/spelling/check_spelling_pedantic.py fix exit 0 elif [[ "$CI_TARGET" == "docs" ]]; then echo "generating docs..." # Validate dependency relationships between core/extensions and external deps. tools/dependency/validate_test.py tools/dependency/validate.py # Build docs. docs/build.sh exit 0 elif [[ "$CI_TARGET" == "verify_examples" ]]; then echo "verify examples..." docker load < "$ENVOY_DOCKER_BUILD_DIR/docker/envoy-docker-images.tar.xz" _images=$(docker image list --format "{{.Repository}}") while read -r line; do images+=("$line"); done \ <<< "$_images" _tags=$(docker image list --format "{{.Tag}}") while read -r line; do tags+=("$line"); done \ <<< "$_tags" for i in "${!images[@]}"; do if [[ "${images[i]}" =~ "envoy" ]]; then docker tag "${images[$i]}:${tags[$i]}" "${images[$i]}:latest" fi done docker images sudo apt-get update -y sudo apt-get install -y -qq --no-install-recommends redis-tools export DOCKER_NO_PULL=1 umask 027 ci/verify_examples.sh exit 0 else echo "Invalid do_ci.sh target, see ci/README.md for valid targets." exit 1 fi ================================================ FILE: ci/do_circle_ci.sh ================================================ #!/bin/bash set -e # Workaround for argument too long issue in protoc ulimit -s 16384 # bazel uses jgit internally and the default circle-ci .gitconfig says to # convert https://github.com to ssh://git@github.com, which jgit does not support. if [[ -e "${HOME}/.gitconfig" ]]; then mv ~/.gitconfig ~/.gitconfig_save fi # Workaround for not using ci/run_envoy_docker.sh # Create a fake home. Python site libs tries to do getpwuid(3) if we don't and the CI # Docker image gets confused as it has no passwd entry when running non-root # unless we do this. FAKE_HOME=/tmp/fake_home mkdir -p "${FAKE_HOME}" export HOME="${FAKE_HOME}" export PYTHONUSERBASE="${FAKE_HOME}" export USER=bazel ENVOY_SRCDIR="$(pwd)" export ENVOY_SRCDIR # xlarge resource_class. # See note: https://circleci.com/docs/2.0/configuration-reference/#resource_class for why we # hard code this (basically due to how docker works). export NUM_CPUS=6 # CircleCI doesn't support IPv6 by default, so we run all tests with IPv4 only. # IPv6 tests are run with Azure Pipelines. export BAZEL_BUILD_EXTRA_OPTIONS+=" \ --test_env=ENVOY_IP_TEST_VERSIONS=v4only \ --local_cpu_resources=${NUM_CPUS} \ --action_env=HOME \ --action_env=PYTHONUSERBASE \ --test_env=HOME \ --test_env=PYTHONUSERBASE" function finish { echo "disk space at end of build:" df -h } trap finish EXIT echo "disk space at beginning of build:" df -h ci/do_ci.sh "$@" ================================================ FILE: ci/do_coverity_local.sh ================================================ #!/bin/bash # # do_coverity_local.sh # # This script builds Envoy with the Coverity Scan Built Tool. # # It expects the following environment variables to be set: # COVERITY_TOKEN - set to the user's Coverity Scan project token. # COVERITY_USER_EMAIL - set to the email address used with the Coverity account. # defaults to the local git config user.email. set -e . ./ci/envoy_build_sha.sh [[ -z "${ENVOY_DOCKER_BUILD_DIR}" ]] && ENVOY_DOCKER_BUILD_DIR=/tmp/envoy-docker-build mkdir -p "${ENVOY_DOCKER_BUILD_DIR}" TEST_TYPE="bazel.coverity" COVERITY_USER_EMAIL="${COVERITY_USER_EMAIL:-$(git config user.email)}" COVERITY_OUTPUT_FILE="${ENVOY_DOCKER_BUILD_DIR}"/envoy/source/exe/envoy-coverity-output.tgz if [ -n "${COVERITY_TOKEN}" ] then pushd "${ENVOY_DOCKER_BUILD_DIR}" rm -rf cov-analysis wget https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=Envoy+Proxy" -O coverity_tool.tgz tar xvf coverity_tool.tgz mv cov-analysis-linux* cov-analysis popd else echo "ERROR: COVERITY_TOKEN is required to download and run Coverity Scan." exit 1 fi ci/run_envoy_docker.sh "ci/do_ci.sh ${TEST_TYPE}" # Check the artifact size as an approximation for determining if the scan tool was successful. if [[ $(find "${COVERITY_OUTPUT_FILE}" -type f -size +256M 2>/dev/null) ]] then echo "Uploading Coverity Scan build" curl \ --form token="${COVERITY_TOKEN}" \ --form email="${COVERITY_USER_EMAIL}" \ --form file=@"${COVERITY_OUTPUT_FILE}" \ --form version="${ENVOY_BUILD_SHA}" \ --form description="Envoy Proxy Build ${ENVOY_BUILD_SHA}" \ https://scan.coverity.com/projects/envoy-proxy else echo "Coverity Scan output file appears to be too small." echo "Not submitting build for analysis." exit 1 fi ================================================ FILE: ci/docker-entrypoint.sh ================================================ #!/usr/bin/env sh set -e loglevel="${loglevel:-}" # if the first argument look like a parameter (i.e. start with '-'), run Envoy if [ "${1#-}" != "$1" ]; then set -- envoy "$@" fi if [ "$1" = 'envoy' ]; then # set the log level if the $loglevel variable is set if [ -n "$loglevel" ]; then set -- "$@" --log-level "$loglevel" fi fi if [ "$ENVOY_UID" != "0" ]; then if [ -n "$ENVOY_UID" ]; then usermod -u "$ENVOY_UID" envoy fi if [ -n "$ENVOY_GID" ]; then groupmod -g "$ENVOY_GID" envoy fi # Ensure the envoy user is able to write to container logs chown envoy:envoy /dev/stdout /dev/stderr su-exec envoy "${@}" else exec "${@}" fi ================================================ FILE: ci/docker_ci.sh ================================================ #!/bin/bash # Do not ever set -x here, it is a security hazard as it will place the credentials below in the # CI logs. set -e ENVOY_DOCKER_IMAGE_DIRECTORY="${ENVOY_DOCKER_IMAGE_DIRECTORY:-${BUILD_STAGINGDIRECTORY:-.}/build_images}" # Setting environments for buildx tools config_env() { # Qemu configurations docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # Remove older build instance docker buildx rm multi-builder || : docker buildx create --use --name multi-builder --platform linux/arm64,linux/amd64 } build_platforms() { TYPE=$1 FILE_SUFFIX="${TYPE/-debug/}" if [[ -z "${FILE_SUFFIX}" ]]; then echo "linux/arm64,linux/amd64" else echo "linux/amd64" fi } build_args() { TYPE=$1 FILE_SUFFIX="${TYPE/-debug/}" printf ' -f ci/Dockerfile-envoy%s' "${FILE_SUFFIX}" if [[ "${TYPE}" == *-debug ]]; then printf ' --build-arg ENVOY_BINARY_SUFFIX=' elif [[ "${TYPE}" == "-google-vrp" ]]; then printf ' --build-arg ENVOY_VRP_BASE_IMAGE=%s' "${VRP_BASE_IMAGE}" fi } use_builder() { TYPE=$1 if [[ "${TYPE}" == "-google-vrp" ]]; then docker buildx use default else docker buildx use multi-builder fi } IMAGES_TO_SAVE=() build_images() { local _args args=() TYPE=$1 BUILD_TAG=$2 use_builder "${TYPE}" _args=$(build_args "${TYPE}") read -ra args <<< "$_args" PLATFORM="$(build_platforms "${TYPE}")" docker buildx build --platform "${PLATFORM}" "${args[@]}" -t "${BUILD_TAG}" . PLATFORM="$(build_platforms "${TYPE}" | tr ',' ' ')" # docker buildx load cannot have multiple platform, load individually for ARCH in ${PLATFORM}; do if [[ "${ARCH}" == "linux/amd64" ]]; then IMAGE_TAG="${BUILD_TAG}" else IMAGE_TAG="${BUILD_TAG}-${ARCH/linux\//}" fi docker buildx build --platform "${ARCH}" "${args[@]}" -t "${IMAGE_TAG}" . --load IMAGES_TO_SAVE+=("${IMAGE_TAG}") done } push_images() { local _args args=() TYPE=$1 BUILD_TAG=$2 use_builder "${TYPE}" _args=$(build_args "${TYPE}") read -ra args <<< "$_args" PLATFORM="$(build_platforms "${TYPE}")" # docker buildx doesn't do push with default builder docker buildx build --platform "${PLATFORM}" "${args[@]}" -t "${BUILD_TAG}" . --push || \ docker push "${BUILD_TAG}" } MASTER_BRANCH="refs/heads/master" RELEASE_BRANCH_REGEX="^refs/heads/release/v.*" RELEASE_TAG_REGEX="^refs/tags/v.*" # For master builds and release branch builds use the dev repo. Otherwise we assume it's a tag and # we push to the primary repo. if [[ "${AZP_BRANCH}" =~ ${RELEASE_TAG_REGEX} ]]; then IMAGE_POSTFIX="" IMAGE_NAME="${AZP_BRANCH/refs\/tags\//}" else IMAGE_POSTFIX="-dev" IMAGE_NAME="${AZP_SHA1}" fi # This prefix is altered for the private security images on setec builds. DOCKER_IMAGE_PREFIX="${DOCKER_IMAGE_PREFIX:-envoyproxy/envoy}" # "-google-vrp" must come afer "" to ensure we rebuild the local base image dependency. BUILD_TYPES=("" "-debug" "-alpine" "-alpine-debug" "-google-vrp") # Configure docker-buildx tools config_env # VRP base image is only for amd64 VRP_BASE_IMAGE="${DOCKER_IMAGE_PREFIX}${IMAGE_POSTFIX}:${IMAGE_NAME}" # Test the docker build in all cases, but use a local tag that we will overwrite before push in the # cases where we do push. for BUILD_TYPE in "${BUILD_TYPES[@]}"; do build_images "${BUILD_TYPE}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${IMAGE_NAME}" done mkdir -p "${ENVOY_DOCKER_IMAGE_DIRECTORY}" ENVOY_DOCKER_TAR="${ENVOY_DOCKER_IMAGE_DIRECTORY}/envoy-docker-images.tar.xz" echo "Saving built images to ${ENVOY_DOCKER_TAR}." docker save "${IMAGES_TO_SAVE[@]}" | xz -T0 -2 >"${ENVOY_DOCKER_TAR}" # Only push images for master builds, release branch builds, and tag builds. if [[ "${AZP_BRANCH}" != "${MASTER_BRANCH}" ]] && ! [[ "${AZP_BRANCH}" =~ ${RELEASE_BRANCH_REGEX} ]] && ! [[ "${AZP_BRANCH}" =~ ${RELEASE_TAG_REGEX} ]]; then echo 'Ignoring non-master branch or tag for docker push.' exit 0 fi docker login -u "$DOCKERHUB_USERNAME" -p "$DOCKERHUB_PASSWORD" for BUILD_TYPE in "${BUILD_TYPES[@]}"; do push_images "${BUILD_TYPE}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${IMAGE_NAME}" # Only push latest on master builds. if [[ "${AZP_BRANCH}" == "${MASTER_BRANCH}" ]]; then docker tag "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${IMAGE_NAME}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:latest" push_images "${BUILD_TYPE}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:latest" fi # Push vX.Y-latest to tag the latest image in a release line if [[ "${AZP_BRANCH}" =~ ${RELEASE_TAG_REGEX} ]]; then RELEASE_LINE=$(echo "$IMAGE_NAME" | sed -E 's/(v[0-9]+\.[0-9]+)\.[0-9]+/\1-latest/') docker tag "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${IMAGE_NAME}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${RELEASE_LINE}" push_images "${BUILD_TYPE}" "${DOCKER_IMAGE_PREFIX}${BUILD_TYPE}${IMAGE_POSTFIX}:${RELEASE_LINE}" fi done ================================================ FILE: ci/docker_rebuild_google-vrp.sh ================================================ #!/bin/bash # Script to rebuild Dockerfile-envoy-google-vrp locally (i.e. not in CI) for development purposes. # This makes use of the latest envoy-dev base image on Docker Hub as the base and takes an # optional local path for an Envoy binary. When a custom local Envoy binary is used, the script # switches to using ${BASE_DOCKER_IMAGE} for the build, which should be configured to provide # compatibility with your local build environment (specifically glibc). # # Usage: # # Basic rebuild of Docker image (tagged envoy-google-vrp:local): # # ./ci/docker_rebuild_google-vrp.sh # # Basic rebuild of Docker image (tagged envoy-google-vrp:local) with some local Envoy binary: # # bazel build //source/exe:envoy-static --config=libc++ -copt # ./ci/docker_rebuild_google-vrp.sh bazel-bin/source/exe/envoy-static set -e # Don't use the local envoy-dev, but pull from Docker Hub instead, this avoids having to rebuild # this local dep which is fairly stable. BASE_DOCKER_IMAGE="envoyproxy/envoy-dev:latest" BUILD_DIR="$(mktemp -d)" declare -r BUILD_DIR cp ci/Dockerfile-envoy-google-vrp "${BUILD_DIR}" declare -r DOCKER_BUILD_FILE="${BUILD_DIR}"/Dockerfile-envoy-google-vrp # If we have a local Envoy binary, use a variant of the build environment that supports it. if [[ -n "$1" ]]; then # This should match your local machine if you are building custom Envoy binaries outside of Docker. # This provides compatibility of locally built Envoy and glibc in the Docker env. BASE_DOCKER_IMAGE="ubuntu:20.04" # Copy the binary to deal with symlinks in Bazel cache and Docker daemon confusion. declare -r LOCAL_ENVOY="envoy-binary" cp -f "$1" "${PWD}/${LOCAL_ENVOY}" sed -i -e "s@# ADD %local envoy bin%@ADD ${LOCAL_ENVOY}@" "${DOCKER_BUILD_FILE}" fi cat "${DOCKER_BUILD_FILE}" docker build -t "envoy-google-vrp:local" --build-arg "ENVOY_VRP_BASE_IMAGE=${BASE_DOCKER_IMAGE}" -f "${DOCKER_BUILD_FILE}" . if [[ -n "$1" ]]; then rm -f "${LOCAL_ENVOY}" fi rm -r "${BUILD_DIR}" ================================================ FILE: ci/envoy_build_sha.sh ================================================ #!/bin/bash ENVOY_BUILD_SHA=$(grep envoyproxy/envoy-build-ubuntu "$(dirname "$0")"/../.bazelrc | sed -e 's#.*envoyproxy/envoy-build-ubuntu:\(.*\)#\1#' | uniq) [[ $(wc -l <<< "${ENVOY_BUILD_SHA}" | awk '{$1=$1};1') == 1 ]] || (echo ".bazelrc envoyproxy/envoy-build-ubuntu hashes are inconsistent!" && exit 1) ================================================ FILE: ci/filter_example_mirror.sh ================================================ #!/bin/bash set -e ENVOY_SRCDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")/../" && pwd) CHECKOUT_DIR=../envoy-filter-example if [ -z "$CIRCLE_PULL_REQUEST" ] && [ "$CIRCLE_BRANCH" == "master" ] then echo "Cloning..." git clone git@github.com:envoyproxy/envoy-filter-example "$CHECKOUT_DIR" git -C "$CHECKOUT_DIR" config user.name "envoy-filter-example(CircleCI)" git -C "$CHECKOUT_DIR" config user.email envoy-filter-example@users.noreply.github.com git -C "$CHECKOUT_DIR" fetch git -C "$CHECKOUT_DIR" checkout -B master origin/master echo "Updating Submodule..." # Update submodule to latest Envoy SHA ENVOY_SHA=$(git rev-parse HEAD) git -C "$CHECKOUT_DIR" submodule update --init git -C "$CHECKOUT_DIR/envoy" checkout "$ENVOY_SHA" echo "Updating Workspace file." sed -e "s|{ENVOY_SRCDIR}|envoy|" "${ENVOY_SRCDIR}"/ci/WORKSPACE.filter.example > "${CHECKOUT_DIR}"/WORKSPACE echo "Committing, and Pushing..." git -C "$CHECKOUT_DIR" commit -a -m "Update Envoy submodule to $ENVOY_SHA" git -C "$CHECKOUT_DIR" push origin master echo "Done" fi ================================================ FILE: ci/filter_example_setup.sh ================================================ #!/bin/bash # Configure environment for Envoy Filter Example build and test. set -e # This is the hash on https://github.com/envoyproxy/envoy-filter-example.git we pin to. ENVOY_FILTER_EXAMPLE_GITSHA="493e2e5bee10bbed1c3c097e09d83d7f672a9f2e" ENVOY_FILTER_EXAMPLE_SRCDIR="${BUILD_DIR}/envoy-filter-example" # shellcheck disable=SC2034 ENVOY_FILTER_EXAMPLE_TESTS=( "//:echo2_integration_test" "//http-filter-example:http_filter_integration_test" "//:envoy_binary_test") if [[ ! -d "${ENVOY_FILTER_EXAMPLE_SRCDIR}/.git" ]]; then rm -rf "${ENVOY_FILTER_EXAMPLE_SRCDIR}" git clone https://github.com/envoyproxy/envoy-filter-example.git "${ENVOY_FILTER_EXAMPLE_SRCDIR}" fi (cd "${ENVOY_FILTER_EXAMPLE_SRCDIR}" && git fetch origin && git checkout -f "${ENVOY_FILTER_EXAMPLE_GITSHA}") sed -e "s|{ENVOY_SRCDIR}|${ENVOY_SRCDIR}|" "${ENVOY_SRCDIR}"/ci/WORKSPACE.filter.example > "${ENVOY_FILTER_EXAMPLE_SRCDIR}"/WORKSPACE mkdir -p "${ENVOY_FILTER_EXAMPLE_SRCDIR}"/bazel ln -sf "${ENVOY_SRCDIR}"/bazel/get_workspace_status "${ENVOY_FILTER_EXAMPLE_SRCDIR}"/bazel/ cp -f "${ENVOY_SRCDIR}"/.bazelrc "${ENVOY_FILTER_EXAMPLE_SRCDIR}"/ cp -f "$(bazel info workspace)"/*.bazelrc "${ENVOY_FILTER_EXAMPLE_SRCDIR}"/ export FILTER_WORKSPACE_SET=1 ================================================ FILE: ci/flaky_test/process_xml.py ================================================ #!/usr/bin/env python3 import subprocess import os import xml.etree.ElementTree as ET import slack import sys # Check if a test suite reports failure. def checkTestStatus(file): tree = ET.parse(file) root = tree.getroot() for testsuite in root: if (testsuite.attrib['failures'] != '0'): return False return True def parseXML(file, visited): log_file = file.split('.') log_file_path = "" # This is dependent on the fact that log files reside in the same directory # as their corresponding xml files. for token in log_file[:-1]: log_file_path += token log_file_path += ".log" tree = ET.parse(file) root = tree.getroot() ret = "" # This loop is dependent on the structure of xml file emitted for test runs. # Should this change in the future, appropriate adjustments need to made. for testsuite in root: if (testsuite.attrib['failures'] != '0'): for testcase in testsuite: for failure_msg in testcase: if (testcase.attrib['name'], testsuite.attrib['name']) not in visited: ret += "-----------------------Flaky Testcase: {} in TestSuite: {} -----------------------\n".format( testcase.attrib['name'], testsuite.attrib['name']) ret += log_file_path + "\n" + failure_msg.text + "\n" visited.add((testcase.attrib['name'], testsuite.attrib['name'])) return ret # The following function links the filepath of 'test.xml' (the result for the last attempt) with # that of its 'attmpt_n.xml' file and stores it in a dictionary for easy lookup. def processFindOutput(f, problematic_tests): for line in f: lineList = line.split('/') filepath = "" for i in range(len(lineList)): if i >= len(lineList) - 2: break filepath += lineList[i] + "/" filepath += "test.xml" problematic_tests[filepath] = line.strip('\n') # Prints out helpful information on the run using Git. # Should Git changes the output of the used commands in the future, # this will likely need adjustments as well. def getGitInfo(CI_TARGET): ret = "" os.system("git remote -v > ${TMP_OUTPUT_PROCESS_XML}") os.system("git describe --all >> ${TMP_OUTPUT_PROCESS_XML}") os.system("git show >> ${TMP_OUTPUT_PROCESS_XML}") f = open(os.environ['TMP_OUTPUT_PROCESS_XML'], 'r+', encoding='utf-8') # Fetching the URL from predefined env variable envoy_link = os.environ["REPO_URI"] for line in [next(f) for x in range(6)]: if line.split('/')[0] == 'remotes': for token in line.split('/')[1:-1]: envoy_link += '/' + token ret += line ret += "link for additional content: " + envoy_link + " \n" ret += "azure build URI: " + os.environ["BUILD_URI"] + " \n" if CI_TARGET != "": ret += "In " + CI_TARGET + " build\n" return ret if __name__ == "__main__": CI_TARGET = "" if len(sys.argv) == 2: CI_TARGET = sys.argv[1] output_msg = "``` \n" has_flaky_test = False if os.getenv("TEST_TMPDIR") and os.getenv("REPO_URI") and os.getenv("BUILD_URI"): os.environ["TMP_OUTPUT_PROCESS_XML"] = os.getenv("TEST_TMPDIR") + "/tmp_output_process_xml.txt" else: print("set the env variables first") sys.exit(0) output_msg += getGitInfo(CI_TARGET) if CI_TARGET == "MacOS": os.system('find ${TEST_TMPDIR}/ -name "attempt_*.xml" > ${TMP_OUTPUT_PROCESS_XML}') else: os.system( 'find ${TEST_TMPDIR}/**/**/**/**/bazel-testlogs/ -name "attempt_*.xml" > ${TMP_OUTPUT_PROCESS_XML}' ) f = open(os.environ['TMP_OUTPUT_PROCESS_XML'], 'r+') if f.closed: print("cannot open {}".format(os.environ['TMP_OUTPUT_PROCESS_XML'])) # All output of find command should be either failed or flaky tests, as only then will # a test be rerun and have an 'attempt_n.xml' file. problematic_tests holds a lookup # table between the last_attempt xml filepath and the failed previous attempt filepath. problematic_tests = {} processFindOutput(f, problematic_tests) # Needed to make sure no duplicate flaky tests are going to be reported. visited = set() # The logic here goes as follows: If there is a test suite that has run multiple times, # which produces attempt_*.xml files, it means that the end result of that test # is either flaky or failed. So if we find that the last run of the test succeeds # we know for sure that this is a flaky test. for k in problematic_tests.keys(): if checkTestStatus(k): has_flaky_test = True output_msg += parseXML(problematic_tests[k], visited) output_msg += "``` \n" if has_flaky_test: if os.getenv("SLACK_TOKEN"): SLACKTOKEN = os.environ["SLACK_TOKEN"] client = slack.WebClient(SLACKTOKEN) client.chat_postMessage(channel='test-flaky', text=output_msg, as_user="true") else: print(output_msg) os.remove(os.environ["TMP_OUTPUT_PROCESS_XML"]) ================================================ FILE: ci/flaky_test/requirements.txt ================================================ aiohttp==3.6.2 \ --hash=sha256:1e984191d1ec186881ffaed4581092ba04f7c61582a177b187d3a2f07ed9719e \ --hash=sha256:259ab809ff0727d0e834ac5e8a283dc5e3e0ecc30c4d80b3cd17a4139ce1f326 \ --hash=sha256:2f4d1a4fdce595c947162333353d4a44952a724fba9ca3205a3df99a33d1307a \ --hash=sha256:32e5f3b7e511aa850829fbe5aa32eb455e5534eaa4b1ce93231d00e2f76e5654 \ --hash=sha256:344c780466b73095a72c616fac5ea9c4665add7fc129f285fbdbca3cccf4612a \ --hash=sha256:460bd4237d2dbecc3b5ed57e122992f60188afe46e7319116da5eb8a9dfedba4 \ --hash=sha256:4c6efd824d44ae697814a2a85604d8e992b875462c6655da161ff18fd4f29f17 \ --hash=sha256:50aaad128e6ac62e7bf7bd1f0c0a24bc968a0c0590a726d5a955af193544bcec \ --hash=sha256:6206a135d072f88da3e71cc501c59d5abffa9d0bb43269a6dcd28d66bfafdbdd \ --hash=sha256:65f31b622af739a802ca6fd1a3076fd0ae523f8485c52924a89561ba10c49b48 \ --hash=sha256:ae55bac364c405caa23a4f2d6cfecc6a0daada500274ffca4a9230e7129eac59 \ --hash=sha256:b778ce0c909a2653741cb4b1ac7015b5c130ab9c897611df43ae6a58523cb965 async-timeout==3.0.1 \ --hash=sha256:0c3c816a028d47f659d6ff5c745cb2acf1f966da1fe5c19c77a70282b25f4c5f \ --hash=sha256:4291ca197d287d274d0b6cb5d6f8f8f82d434ed288f962539ff18cc9012f9ea3 attrs==20.2.0 \ --hash=sha256:26b54ddbbb9ee1d34d5d3668dd37d6cf74990ab23c828c2888dccdceee395594 \ --hash=sha256:fce7fc47dfc976152e82d53ff92fa0407700c21acd20886a13777a0d20e655dc chardet==3.0.4 \ --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \ --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 idna==2.10 \ --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 idna_ssl==1.1.0 \ --hash=sha256:a933e3bb13da54383f9e8f35dc4f9cb9eb9b3b78c6b36f311254d6d0d92c6c7c multidict==4.7.6 \ --hash=sha256:1ece5a3369835c20ed57adadc663400b5525904e53bae59ec854a5d36b39b21a \ --hash=sha256:275ca32383bc5d1894b6975bb4ca6a7ff16ab76fa622967625baeebcf8079000 \ --hash=sha256:3750f2205b800aac4bb03b5ae48025a64e474d2c6cc79547988ba1d4122a09e2 \ --hash=sha256:4538273208e7294b2659b1602490f4ed3ab1c8cf9dbdd817e0e9db8e64be2507 \ --hash=sha256:5141c13374e6b25fe6bf092052ab55c0c03d21bd66c94a0e3ae371d3e4d865a5 \ --hash=sha256:51a4d210404ac61d32dada00a50ea7ba412e6ea945bbe992e4d7a595276d2ec7 \ --hash=sha256:5cf311a0f5ef80fe73e4f4c0f0998ec08f954a6ec72b746f3c179e37de1d210d \ --hash=sha256:6513728873f4326999429a8b00fc7ceddb2509b01d5fd3f3be7881a257b8d463 \ --hash=sha256:7388d2ef3c55a8ba80da62ecfafa06a1c097c18032a501ffd4cabbc52d7f2b19 \ --hash=sha256:9456e90649005ad40558f4cf51dbb842e32807df75146c6d940b6f5abb4a78f3 \ --hash=sha256:c026fe9a05130e44157b98fea3ab12969e5b60691a276150db9eda71710cd10b \ --hash=sha256:d14842362ed4cf63751648e7672f7174c9818459d169231d03c56e84daf90b7c \ --hash=sha256:e0d072ae0f2a179c375f67e3da300b47e1a83293c554450b29c900e50afaae87 \ --hash=sha256:f07acae137b71af3bb548bd8da720956a3bc9f9a0b87733e0899226a2317aeb7 \ --hash=sha256:fbb77a75e529021e7c4a8d4e823d88ef4d23674a202be4f5addffc72cbb91430 \ --hash=sha256:fcfbb44c59af3f8ea984de67ec7c306f618a3ec771c2843804069917a8f2e255 \ --hash=sha256:feed85993dbdb1dbc29102f50bca65bdc68f2c0c8d352468c25b54874f23c39d slackclient==2.9.1 \ --hash=sha256:214edd4a494cc74353c8084ec184ff97a116d4b12cde287f805a9af948ef39ae \ --hash=sha256:3a3e84fd4f13d9715740c13ce6c3c25b970147aeeeec22ef137d796124dfcf08 typing-extensions==3.7.4.3 \ --hash=sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918 \ --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f wheel==0.35.1 \ --hash=sha256:497add53525d16c173c2c1c733b8f655510e909ea78cc0e29d374243544b77a2 \ --hash=sha256:99a22d87add3f634ff917310a3d87e499f19e663413a52eb9232c447aa646c9f yarl==1.6.0 \ --hash=sha256:04a54f126a0732af75e5edc9addeaa2113e2ca7c6fce8974a63549a70a25e50e \ --hash=sha256:3cc860d72ed989f3b1f3abbd6ecf38e412de722fb38b8f1b1a086315cf0d69c5 \ --hash=sha256:5d84cc36981eb5a8533be79d6c43454c8e6a39ee3118ceaadbd3c029ab2ee580 \ --hash=sha256:5e447e7f3780f44f890360ea973418025e8c0cdcd7d6a1b221d952600fd945dc \ --hash=sha256:61d3ea3c175fe45f1498af868879c6ffeb989d4143ac542163c45538ba5ec21b \ --hash=sha256:67c5ea0970da882eaf9efcf65b66792557c526f8e55f752194eff8ec722c75c2 \ --hash=sha256:6f6898429ec3c4cfbef12907047136fd7b9e81a6ee9f105b45505e633427330a \ --hash=sha256:7ce35944e8e61927a8f4eb78f5bc5d1e6da6d40eadd77e3f79d4e9399e263921 \ --hash=sha256:b7c199d2cbaf892ba0f91ed36d12ff41ecd0dde46cbf64ff4bfe997a3ebc925e \ --hash=sha256:c15d71a640fb1f8e98a1423f9c64d7f1f6a3a168f803042eaf3a5b5022fde0c1 \ --hash=sha256:c22607421f49c0cb6ff3ed593a49b6a99c6ffdeaaa6c944cdda83c2393c8864d \ --hash=sha256:c604998ab8115db802cc55cb1b91619b2831a6128a62ca7eea577fc8ea4d3131 \ --hash=sha256:d088ea9319e49273f25b1c96a3763bf19a882cff774d1792ae6fba34bd40550a \ --hash=sha256:db9eb8307219d7e09b33bcb43287222ef35cbcf1586ba9472b0a4b833666ada1 \ --hash=sha256:e31fef4e7b68184545c3d68baec7074532e077bd1906b040ecfba659737df188 \ --hash=sha256:e32f0fb443afcfe7f01f95172b66f279938fbc6bdaebe294b0ff6747fb6db020 \ --hash=sha256:fcbe419805c9b20db9a51d33b942feddbf6e7fb468cb20686fd7089d4164c12a ================================================ FILE: ci/flaky_test/run_process_xml.sh ================================================ #!/bin/bash # shellcheck source=tools/shell_utils.sh . "${ENVOY_SRCDIR}"/tools/shell_utils.sh if [[ "${ENVOY_BUILD_ARCH}" == "aarch64" ]]; then export MULTIDICT_NO_EXTENSIONS=1 export YARL_NO_EXTENSIONS=1 fi python_venv process_xml "$1" ================================================ FILE: ci/flaky_test/run_process_xml_mac.sh ================================================ #!/bin/bash pip3 install slackclient ./ci/flaky_test/process_xml.py ================================================ FILE: ci/go_mirror.sh ================================================ #!/bin/bash set -e if [ -z "$CIRCLE_PULL_REQUEST" ] && [ "$CIRCLE_BRANCH" == "master" ] then tools/api/generate_go_protobuf.py fi ================================================ FILE: ci/mac_ci_setup.sh ================================================ #!/bin/bash # Installs the dependencies required for a macOS build via homebrew. # Tools are not upgraded to new versions. # See: # https://github.com/actions/virtual-environments/blob/master/images/macos/macos-10.15-Readme.md for # a list of pre-installed tools in the macOS image. export HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_RETRY_ATTEMPTS=10 HOMEBREW_RETRY_INTERVAL=1 function is_installed { brew ls --versions "$1" >/dev/null } function install { echo "Installing $1" if ! brew install "$1"; then echo "Failed to install $1" exit 1 fi } function retry () { local returns=1 i=1 while ((i<=HOMEBREW_RETRY_ATTEMPTS)); do if "$@"; then returns=0 break else sleep "$HOMEBREW_RETRY_INTERVAL"; ((i++)) fi done return "$returns" } if ! retry brew update; then echo "Failed to update homebrew" exit 1 fi DEPS="automake cmake coreutils go libtool wget ninja" for DEP in ${DEPS} do is_installed "${DEP}" || install "${DEP}" done if [ -n "$CIRCLECI" ]; then # bazel uses jgit internally and the default circle-ci .gitconfig says to # convert https://github.com to ssh://git@github.com, which jgit does not support. mv ~/.gitconfig ~/.gitconfig_save fi # Required as bazel and a foreign bazelisk are installed in the latest macos vm image, we have # to unlink/overwrite them to install bazelisk echo "Installing bazelisk" brew reinstall --force bazelisk if ! brew link --overwrite bazelisk; then echo "Failed to install and link bazelisk" exit 1 fi bazel version pip3 install slackclient ================================================ FILE: ci/mac_ci_steps.sh ================================================ #!/bin/bash set -e function finish { echo "disk space at end of build:" df -h } trap finish EXIT echo "disk space at beginning of build:" df -h # shellcheck source=ci/setup_cache.sh . "$(dirname "$0")"/setup_cache.sh read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS:-}" read -ra BAZEL_EXTRA_TEST_OPTIONS <<< "${BAZEL_EXTRA_TEST_OPTIONS:-}" # TODO(zuercher): remove --flaky_test_attempts when https://github.com/envoyproxy/envoy/issues/2428 # is resolved. BAZEL_BUILD_OPTIONS=( "--curses=no" --show_task_finish --verbose_failures "--action_env=PATH=/usr/local/bin:/opt/local/bin:/usr/bin:/bin" "--test_output=all" "--flaky_test_attempts=integration@2" "${BAZEL_BUILD_EXTRA_OPTIONS[@]}" "${BAZEL_EXTRA_TEST_OPTIONS[@]}") # Build envoy and run tests as separate steps so that failure output # is somewhat more deterministic (rather than interleaving the build # and test steps). if [[ $# -gt 0 ]]; then TEST_TARGETS=$* else TEST_TARGETS='//test/integration/...' fi if [[ "$TEST_TARGETS" == "//test/..." || "$TEST_TARGETS" == "//test/integration/..." ]]; then bazel build "${BAZEL_BUILD_OPTIONS[@]}" //source/exe:envoy-static fi bazel test "${BAZEL_BUILD_OPTIONS[@]}" "${TEST_TARGETS}" # Additionally run macOS specific test suites bazel test "${BAZEL_BUILD_OPTIONS[@]}" //test/common/network:apple_dns_impl_test ================================================ FILE: ci/repokitteh/modules/azure_pipelines.star ================================================ load("github.com/repokitteh/modules/lib/utils.star", "react") _azp_context_prefix = "ci/azp: " def _retry_azp(organization, project, build_id, token): """Makes an Azure Pipelines Build API request with retry""" url = "https://dev.azure.com/{organization}/{project}/_apis/build/builds/{buildId}?retry=true&api-version=5.1".format(organization = organization, project = project, buildId = build_id) return http(url = url, method = "PATCH", headers = { "authorization": "Basic " + token, "content-type": "application/json;odata=verbose", }) def _get_azp_checks(): github_checks = github.check_list_runs()["check_runs"] check_ids = [] checks = [] for check in github_checks: # Filter out job level GitHub check, which is not individually retriable. if check["app"]["slug"] == "azure-pipelines" and "jobId" not in check["details_url"] and check["external_id"] not in check_ids: check_ids.append(check["external_id"]) checks.append(check) return checks def _retry(config, comment_id, command): msgs = "Retrying Azure Pipelines, to retry CircleCI checks, use `/retest-circle`.\n" checks = _get_azp_checks() retried_checks = [] for check in checks: name_with_link = "[{}]({})".format(check["name"], check["details_url"]) if check["status"] != "completed": msgs += "Cannot retry non-completed check: {}, please wait.\n".format(name_with_link) elif check["conclusion"] != "failure": msgs += "Check {} didn't fail.\n".format(name_with_link) else: _, build_id, project = check["external_id"].split("|") _retry_azp("cncf", project, build_id, config["token"]) retried_checks.append(name_with_link) if len(retried_checks) == 0: react(comment_id, msgs) else: react(comment_id, None) msgs += "Retried failed jobs in: {}".format(", ".join(retried_checks)) github.issue_create_comment(msgs) handlers.command(name = "retry-azp", func = _retry) ================================================ FILE: ci/repokitteh/modules/ownerscheck.star ================================================ # Ownership specified by list of specs, like so: # # use( # "github.com/repokitteh/modules/ownerscheck.star", # paths=[ # { # "owner": "envoyproxy/api-shepherds!", # "path": "api/", # "label": "api", # "allow_global_approval": True, # "github_status_label" = "any API change", # }, # ], # ) # # This module will maintain a commit status per specified path regex (also aka as spec). # # Two types of approvals: # 1. Global approvals, done by approving the PR using Github's review approval feature. # 2. Partial approval, done by commenting "/lgtm [label]" where label is the label # associated with the path. This does not affect GitHub's PR approve status, only # this module's maintained commit status. This approval is automatically revoked # if any further changes are done to the relevant files in this spec. # # By default, 'allow_global_approval' is true and either (1) or (2) above can unblock # merges. If 'allow_global_approval' is set false, then only (2) will unblock a merge. # # 'label' refers to a GitHub label applied to any matching PR. The GitHub check status # can be customized with `github_status_label`. load("text", "match") load("github.com/repokitteh/modules/lib/utils.star", "react") def _store_partial_approval(who, files): for f in files: store_put('ownerscheck/partial/%s:%s' % (who, f['filename']), f['sha']) def _is_partially_approved(who, files): for f in files: sha = store_get('ownerscheck/partial/%s:%s' % (who, f['filename'])) if sha != f['sha']: return False return True def _get_relevant_specs(specs, changed_files): if not specs: print("no specs") return [] relevant = [] for spec in specs: path_match = spec["path"] files = [f for f in changed_files if match(path_match, f['filename'])] allow_global_approval = spec.get("allow_global_approval", True) status_label = spec.get("github_status_label", "") if files: relevant.append(struct(files=files, owner=spec["owner"], label=spec.get("label", None), path_match=path_match, allow_global_approval=allow_global_approval, status_label=status_label)) print("specs: %s" % relevant) return relevant def _get_global_approvers(): # -> List[str] (owners) reviews = [{'login': r['user']['login'], 'state': r['state']} for r in github.pr_list_reviews()] print("reviews=%s" % reviews) return [r['login'] for r in reviews if r['state'] == 'APPROVED'] def _is_approved(spec, approvers): owner = spec.owner if owner[-1] == '!': owner = owner[:-1] required = [owner] if '/' in owner: team_name = owner.split('/')[1] # this is a team, parse it. team_id = github.team_get_by_name(team_name)['id'] required = [m['login'] for m in github.team_list_members(team_id)] print("team %s(%d) = %s" % (team_name, team_id, required)) for r in required: if spec.allow_global_approval and any([a for a in approvers if a == r]): print("global approver: %s" % r) return True if _is_partially_approved(r, spec.files): print("partial approval: %s" % r) return True return False def _update_status(owner, status_label, path_match, approved): changes_to = path_match or '/' github.create_status( state=approved and 'success' or 'pending', context='%s must approve for %s' % (owner, status_label), description='changes to %s' % changes_to, ) def _get_specs(config): return _get_relevant_specs(config.get('paths', []), github.pr_list_files()) def _reconcile(config, specs=None): specs = specs or _get_specs(config) if not specs: return [] approvers = _get_global_approvers() print("approvers: %s" % approvers) results = [] for spec in specs: approved = _is_approved(spec, approvers) print("%s -> %s" % (spec, approved)) results.append((spec, approved)) if spec.owner[-1] == '!': _update_status(spec.owner[:-1], spec.status_label, spec.path_match, approved) if spec.label: if approved: github.issue_unlabel(spec.label) else: github.issue_label(spec.label) elif spec.label: # fyis github.issue_label(spec.label) return results def _comment(config, results, force=False): lines = [] for spec, approved in results: if approved: continue mention = spec.owner if mention[0] != '@': mention = '@' + mention if mention[-1] == '!': mention = mention[:-1] match_description = spec.path_match if match_description: match_description = ' for changes made to `' + match_description + '`' mode = spec.owner[-1] == '!' and 'approval' or 'fyi' key = "ownerscheck/%s/%s" % (spec.owner, spec.path_match) if (not force) and (store_get(key) == mode): mode = 'skip' else: store_put(key, mode) if mode == 'approval': lines.append('CC %s: Your approval is needed%s.' % (mention, match_description)) elif mode == 'fyi': lines.append('CC %s: FYI only%s.' % (mention, match_description)) if lines: github.issue_create_comment('\n'.join(lines)) def _reconcile_and_comment(config): _comment(config, _reconcile(config)) def _force_reconcile_and_comment(config): _comment(config, _reconcile(config), force=True) def _pr(action, config): if action in ['synchronize', 'opened']: _reconcile_and_comment(config) def _pr_review(action, review_state, config): if action != 'submitted' or not review_state: return _reconcile(config) # Partial approvals are done by commenting "/lgtm [label]". def _lgtm_by_comment(config, comment_id, command, sender, sha): labels = command.args if len(labels) != 1: react(comment_id, 'please specify a single label can be specified') return label = labels[0] specs = [s for s in _get_specs(config) if s.label and s.label == label] if len(specs) == 0: react(comment_id, 'no relevant owners for "%s"' % label) return for spec in specs: _store_partial_approval(sender, spec.files) react(comment_id, None) _reconcile(config, specs) handlers.pull_request(func=_pr) handlers.pull_request_review(func=_pr_review) handlers.command(name='checkowners', func=_reconcile) handlers.command(name='checkowners!', func=_force_reconcile_and_comment) handlers.command(name='lgtm', func=_lgtm_by_comment) ================================================ FILE: ci/run_clang_tidy.sh ================================================ #!/bin/bash set -eo pipefail # ENVOY_SRCDIR should point to where Envoy source lives, while SRCDIR could be a downstream build # (for example envoy-filter-example). [[ -z "${ENVOY_SRCDIR}" ]] && ENVOY_SRCDIR="${PWD}" [[ -z "${SRCDIR}" ]] && SRCDIR="${ENVOY_SRCDIR}" export LLVM_CONFIG=${LLVM_CONFIG:-llvm-config} LLVM_PREFIX=${LLVM_PREFIX:-$(${LLVM_CONFIG} --prefix)} CLANG_TIDY=${CLANG_TIDY:-$(${LLVM_CONFIG} --bindir)/clang-tidy} CLANG_APPLY_REPLACEMENTS=${CLANG_APPLY_REPLACEMENTS:-$(${LLVM_CONFIG} --bindir)/clang-apply-replacements} FIX_YAML=clang-tidy-fixes.yaml # Quick syntax check of .clang-tidy. ${CLANG_TIDY} -dump-config > /dev/null 2> clang-tidy-config-errors.txt if [[ -s clang-tidy-config-errors.txt ]]; then cat clang-tidy-config-errors.txt rm clang-tidy-config-errors.txt exit 1 fi rm clang-tidy-config-errors.txt echo "Generating compilation database..." # bazel build need to be run to setup virtual includes, generating files which are consumed # by clang-tidy "${ENVOY_SRCDIR}/tools/gen_compilation_database.py" --include_headers # Do not run clang-tidy against win32 impl # TODO(scw00): We should run clang-tidy against win32 impl once we have clang-cl support for Windows function exclude_win32_impl() { grep -v source/common/filesystem/win32/ | grep -v source/common/common/win32 | grep -v source/exe/win32 | grep -v source/common/api/win32 } # Do not run clang-tidy against macOS impl # TODO: We should run clang-tidy against macOS impl for completeness function exclude_macos_impl() { grep -v source/common/filesystem/kqueue/ | grep -v source/common/network/apple_dns_impl | grep -v test/common/network/apple_dns_impl_test } # Do not run incremental clang-tidy on check_format testdata files. function exclude_check_format_testdata() { grep -v tools/testdata/check_format/ } # Do not run clang-tidy on envoy_headersplit testdata files. function exclude_headersplit_testdata() { grep -v tools/envoy_headersplit/ } # Do not run clang-tidy against Chromium URL import, this needs to largely # reflect the upstream structure. function exclude_chromium_url() { grep -v source/common/chromium_url/ } # Exclude files in third_party which are temporary forks from other OSS projects. function exclude_third_party() { grep -v third_party/ } # Exclude files which are part of the Wasm emscripten environment function exclude_wasm_emscripten() { grep -v source/extensions/common/wasm/ext } # Exclude files which are part of the Wasm SDK function exclude_wasm_sdk() { grep -v proxy_wasm_cpp_sdk } # Exclude files which are part of the Wasm Host environment function exclude_wasm_host() { grep -v proxy_wasm_cpp_host } # Exclude proxy-wasm test_data. function exclude_wasm_test_data() { grep -v wasm/test_data } function filter_excludes() { exclude_check_format_testdata | exclude_headersplit_testdata | exclude_chromium_url | exclude_win32_impl | exclude_macos_impl | exclude_third_party | exclude_wasm_emscripten | exclude_wasm_sdk | exclude_wasm_host | exclude_wasm_test_data } function run_clang_tidy() { python3 "${LLVM_PREFIX}/share/clang/run-clang-tidy.py" \ -clang-tidy-binary="${CLANG_TIDY}" \ -clang-apply-replacements-binary="${CLANG_APPLY_REPLACEMENTS}" \ -export-fixes=${FIX_YAML} -j "${NUM_CPUS:-0}" -p "${SRCDIR}" -quiet \ ${APPLY_CLANG_TIDY_FIXES:+-fix} "$@" } function run_clang_tidy_diff() { git diff "$1" | filter_excludes | \ python3 "${LLVM_PREFIX}/share/clang/clang-tidy-diff.py" \ -clang-tidy-binary="${CLANG_TIDY}" \ -export-fixes="${FIX_YAML}" -j "${NUM_CPUS:-0}" -p 1 -quiet } if [[ $# -gt 0 ]]; then echo "Running clang-tidy on: $*" run_clang_tidy "$@" elif [[ "${RUN_FULL_CLANG_TIDY}" == 1 ]]; then echo "Running a full clang-tidy" run_clang_tidy else if [[ -z "${DIFF_REF}" ]]; then if [[ "${BUILD_REASON}" == "PullRequest" ]]; then DIFF_REF="remotes/origin/${SYSTEM_PULLREQUEST_TARGETBRANCH}" elif [[ "${BUILD_REASON}" == *CI ]]; then DIFF_REF="HEAD^" else DIFF_REF=$("${ENVOY_SRCDIR}"/tools/git/last_github_commit.sh) fi fi echo "Running clang-tidy-diff against ${DIFF_REF} ($(git rev-parse "${DIFF_REF}")), current HEAD ($(git rev-parse HEAD))" run_clang_tidy_diff "${DIFF_REF}" fi if [[ -s "${FIX_YAML}" ]]; then echo "clang-tidy check failed, potentially fixed by clang-apply-replacements:" cat "${FIX_YAML}" exit 1 fi ================================================ FILE: ci/run_envoy_docker.sh ================================================ #!/bin/bash set -e # shellcheck source=ci/envoy_build_sha.sh . "$(dirname "$0")"/envoy_build_sha.sh function is_windows() { [[ "$(uname -s)" == *NT* ]] } read -ra ENVOY_DOCKER_OPTIONS <<< "${ENVOY_DOCKER_OPTIONS:-}" # TODO(phlax): uppercase these env vars export HTTP_PROXY="${http_proxy:-}" export HTTPS_PROXY="${https_proxy:-}" export NO_PROXY="${no_proxy:-}" if is_windows; then [[ -z "${IMAGE_NAME}" ]] && IMAGE_NAME="envoyproxy/envoy-build-windows2019" # TODO(sunjayBhatia): Currently ENVOY_DOCKER_OPTIONS is ignored on Windows because # CI sets it to a Linux-specific value. Undo this once https://github.com/envoyproxy/envoy/issues/13272 # is resolved. ENVOY_DOCKER_OPTIONS=() DEFAULT_ENVOY_DOCKER_BUILD_DIR=C:/Windows/Temp/envoy-docker-build BUILD_DIR_MOUNT_DEST=C:/build # Replace MSYS style drive letter (/c/) with driver letter designation (C:/) SOURCE_DIR=$(echo "${PWD}" | sed -E "s#/([a-zA-Z])/#\1:/#") SOURCE_DIR_MOUNT_DEST=C:/source START_COMMAND=("bash" "-c" "cd source && $*") else [[ -z "${IMAGE_NAME}" ]] && IMAGE_NAME="envoyproxy/envoy-build-ubuntu" # We run as root and later drop permissions. This is required to setup the USER # in useradd below, which is need for correct Python execution in the Docker # environment. ENVOY_DOCKER_OPTIONS+=(-u root:root) ENVOY_DOCKER_OPTIONS+=(-v /var/run/docker.sock:/var/run/docker.sock) ENVOY_DOCKER_OPTIONS+=(--cap-add SYS_PTRACE --cap-add NET_RAW --cap-add NET_ADMIN) DEFAULT_ENVOY_DOCKER_BUILD_DIR=/tmp/envoy-docker-build BUILD_DIR_MOUNT_DEST=/build SOURCE_DIR="${PWD}" SOURCE_DIR_MOUNT_DEST=/source START_COMMAND=("/bin/bash" "-lc" "groupadd --gid $(id -g) -f envoygroup \ && useradd -o --uid $(id -u) --gid $(id -g) --no-create-home --home-dir /build envoybuild \ && usermod -a -G pcap envoybuild \ && sudo -EHs -u envoybuild bash -c 'cd /source && $*'") fi # The IMAGE_ID defaults to the CI hash but can be set to an arbitrary image ID (found with 'docker # images'). [[ -z "${IMAGE_ID}" ]] && IMAGE_ID="${ENVOY_BUILD_SHA}" [[ -z "${ENVOY_DOCKER_BUILD_DIR}" ]] && ENVOY_DOCKER_BUILD_DIR="${DEFAULT_ENVOY_DOCKER_BUILD_DIR}" # Replace backslash with forward slash for Windows style paths ENVOY_DOCKER_BUILD_DIR="${ENVOY_DOCKER_BUILD_DIR//\\//}" mkdir -p "${ENVOY_DOCKER_BUILD_DIR}" [[ -t 1 ]] && ENVOY_DOCKER_OPTIONS+=("-it") [[ -f .git ]] && [[ ! -d .git ]] && ENVOY_DOCKER_OPTIONS+=(-v "$(git rev-parse --git-common-dir):$(git rev-parse --git-common-dir)") export ENVOY_BUILD_IMAGE="${IMAGE_NAME}:${IMAGE_ID}" # Since we specify an explicit hash, docker-run will pull from the remote repo if missing. docker run --rm \ "${ENVOY_DOCKER_OPTIONS[@]}" \ -v "${ENVOY_DOCKER_BUILD_DIR}":"${BUILD_DIR_MOUNT_DEST}" \ -v "${SOURCE_DIR}":"${SOURCE_DIR_MOUNT_DEST}" \ -e HTTP_PROXY \ -e HTTPS_PROXY \ -e NO_PROXY \ -e BAZEL_STARTUP_OPTIONS \ -e BAZEL_BUILD_EXTRA_OPTIONS \ -e BAZEL_EXTRA_TEST_OPTIONS \ -e BAZEL_REMOTE_CACHE \ -e ENVOY_STDLIB \ -e BUILD_REASON \ -e BAZEL_REMOTE_INSTANCE \ -e GCP_SERVICE_ACCOUNT_KEY \ -e NUM_CPUS \ -e ENVOY_RBE \ -e FUZZIT_API_KEY \ -e ENVOY_BUILD_IMAGE \ -e ENVOY_SRCDIR \ -e ENVOY_BUILD_TARGET \ -e SYSTEM_PULLREQUEST_TARGETBRANCH \ -e SYSTEM_PULLREQUEST_PULLREQUESTNUMBER \ -e GCS_ARTIFACT_BUCKET \ -e BUILD_SOURCEBRANCHNAME \ -e BAZELISK_BASE_URL \ -e ENVOY_BUILD_ARCH \ -e SLACK_TOKEN \ -e BUILD_URI\ -e REPO_URI \ "${ENVOY_BUILD_IMAGE}" \ "${START_COMMAND[@]}" ================================================ FILE: ci/setup_cache.sh ================================================ #!/bin/bash set -e if [[ -n "${GCP_SERVICE_ACCOUNT_KEY:0:1}" ]]; then # mktemp will create a tempfile with u+rw permission minus umask, it will not be readable by all # users by default. GCP_SERVICE_ACCOUNT_KEY_FILE=$(mktemp -t gcp_service_account.XXXXXX.json) gcp_service_account_cleanup() { echo "Deleting service account key file..." rm -rf "${GCP_SERVICE_ACCOUNT_KEY_FILE}" } trap gcp_service_account_cleanup EXIT bash -c 'echo "${GCP_SERVICE_ACCOUNT_KEY}"' | base64 --decode > "${GCP_SERVICE_ACCOUNT_KEY_FILE}" export BAZEL_BUILD_EXTRA_OPTIONS+=" --google_credentials=${GCP_SERVICE_ACCOUNT_KEY_FILE}" fi if [[ -n "${BAZEL_REMOTE_CACHE}" ]]; then export BAZEL_BUILD_EXTRA_OPTIONS+=" --remote_cache=${BAZEL_REMOTE_CACHE}" echo "Set up bazel remote read/write cache at ${BAZEL_REMOTE_CACHE}." if [[ -n "${BAZEL_REMOTE_INSTANCE}" ]]; then export BAZEL_BUILD_EXTRA_OPTIONS+=" --remote_instance_name=${BAZEL_REMOTE_INSTANCE}" echo "instance_name: ${BAZEL_REMOTE_INSTANCE}." elif [[ -z "${ENVOY_RBE}" ]]; then export BAZEL_BUILD_EXTRA_OPTIONS+=" --jobs=HOST_CPUS*.9 --remote_timeout=600" echo "using local build cache." fi else echo "No remote cache is set, skipping setup remote cache." fi ================================================ FILE: ci/upload_gcs_artifact.sh ================================================ #!/bin/bash set -e -o pipefail if [[ -z "${GCS_ARTIFACT_BUCKET}" ]]; then echo "Artifact bucket is not set, not uploading artifacts." exit 0 fi # Fail when service account key is not specified bash -c 'echo ${GCP_SERVICE_ACCOUNT_KEY}' | base64 --decode | gcloud auth activate-service-account --key-file=- SOURCE_DIRECTORY="$1" TARGET_SUFFIX="$2" if [ ! -d "${SOURCE_DIRECTORY}" ]; then echo "ERROR: ${SOURCE_DIRECTORY} is not found." exit 1 fi BRANCH=${SYSTEM_PULLREQUEST_PULLREQUESTNUMBER:-${BUILD_SOURCEBRANCHNAME}} GCS_LOCATION="${GCS_ARTIFACT_BUCKET}/${BRANCH}/${TARGET_SUFFIX}" echo "Uploading to gs://${GCS_LOCATION} ..." gsutil -mq rsync -dr "${SOURCE_DIRECTORY}" "gs://${GCS_LOCATION}" echo "Artifacts uploaded to: https://storage.googleapis.com/${GCS_LOCATION}/index.html" ================================================ FILE: ci/verify_examples.sh ================================================ #!/bin/bash -E TESTFILTER="${1:-*}" FAILED=() SRCDIR="${SRCDIR:-$(pwd)}" EXCLUDE_EXAMPLES=${EXCLUDED_EXAMPLES:-"wasm"} trap_errors () { local frame=0 command line sub file if [[ -n "$example" ]]; then command=" (${example})" fi set +v while read -r line sub file < <(caller "$frame"); do if [[ "$frame" -ne "0" ]]; then FAILED+=(" > ${sub}@ ${file} :${line}") else FAILED+=("${sub}@ ${file} :${line}${command}") fi ((frame++)) done set -v } trap trap_errors ERR trap exit 1 INT run_examples () { local examples example cd "${SRCDIR}/examples" || exit 1 examples=$(find . -mindepth 1 -maxdepth 1 -type d -name "$TESTFILTER" | grep -vE "${EXCLUDE_EXAMPLES}" | sort) for example in $examples; do pushd "$example" > /dev/null || return 1 ./verify.sh popd > /dev/null || return 1 done } run_examples if [[ "${#FAILED[@]}" -ne "0" ]]; then echo "TESTS FAILED:" for failed in "${FAILED[@]}"; do echo "$failed" >&2 done exit 1 fi ================================================ FILE: ci/windows_ci_steps.sh ================================================ #!/usr/bin/bash.exe set -e function finish { echo "disk space at end of build:" df -h } trap finish EXIT echo "disk space at beginning of build:" df -h # shellcheck source=ci/setup_cache.sh . "$(dirname "$0")"/setup_cache.sh read -ra BAZEL_STARTUP_OPTIONS <<< "${BAZEL_STARTUP_OPTIONS:-}" # Default to msvc-cl if not overridden read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS:---config=msvc-cl}" read -ra BAZEL_EXTRA_TEST_OPTIONS <<< "${BAZEL_EXTRA_TEST_OPTIONS:-}" # Set up TMPDIR so bash and non-bash can access # e.g. TMPDIR=/d/tmp, make a link from /d/d to /d so both bash and Windows programs resolve the # same path # This is due to this issue: https://github.com/bazelbuild/rules_foreign_cc/issues/334 # rules_foreign_cc does not currently use bazel output/temp directories by default, it uses mktemp # which respects the value of the TMPDIR environment variable drive="$(readlink -f "$TMPDIR" | cut -d '/' -f2)" if [ ! -e "/$drive/$drive" ]; then /c/windows/system32/cmd.exe /c "mklink /d $drive:\\$drive $drive:\\" fi BUILD_DIR=${BUILD_DIR:-/c/build} if [[ ! -d "${BUILD_DIR}" ]] then echo "${BUILD_DIR} mount missing - did you forget -v :${BUILD_DIR}? Creating." mkdir -p "${BUILD_DIR}" fi # Environment setup. export TEST_TMPDIR=${BUILD_DIR}/tmp [[ "${BUILD_REASON}" != "PullRequest" ]] && BAZEL_EXTRA_TEST_OPTIONS+=(--nocache_test_results) BAZEL_STARTUP_OPTIONS+=("--output_base=c:/_eb") BAZEL_BUILD_OPTIONS=( -c opt --show_task_finish --verbose_failures --define "wasm=disabled" "--test_output=errors" "${BAZEL_BUILD_EXTRA_OPTIONS[@]}" "${BAZEL_EXTRA_TEST_OPTIONS[@]}") # Also setup some space for building Envoy standalone. ENVOY_BUILD_DIR="${BUILD_DIR}"/envoy mkdir -p "${ENVOY_BUILD_DIR}" # This is where we copy build deliverables to. ENVOY_DELIVERY_DIR="${ENVOY_BUILD_DIR}"/source/exe mkdir -p "${ENVOY_DELIVERY_DIR}" # Test to validate updates of all dependency libraries in bazel/external and bazel/foreign_cc # bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //bazel/... --build_tag_filters=-skip_on_windows # Complete envoy-static build (nothing needs to be skipped, build failure indicates broken dependencies) bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //source/exe:envoy-static # Copy binary to delivery directory cp -f bazel-bin/source/exe/envoy-static.exe "${ENVOY_DELIVERY_DIR}/envoy.exe" # Copy for azp, creating a tar archive tar czf "${ENVOY_BUILD_DIR}"/envoy_binary.tar.gz -C "${ENVOY_DELIVERY_DIR}" envoy.exe # Test invocations of known-working tests on Windows bazel "${BAZEL_STARTUP_OPTIONS[@]}" test "${BAZEL_BUILD_OPTIONS[@]}" //test/... --test_tag_filters=-skip_on_windows,-fails_on_windows,-flaky_on_windows --build_tests_only # Build tests that are known-flaky or known-failing to ensure no compilation regressions bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //test/... --test_tag_filters=-skip_on_windows,fails_on_windows,flaky_on_windows --build_tests_only # Summarize tests bypasssed to monitor the progress of porting to Windows echo "Tests bypassed as skip_on_windows: $(bazel query 'kind(".*test rule", attr("tags", "skip_on_windows", //test/...))' 2>/dev/null | sort | wc -l) known unbuildable or inapplicable tests" echo "Tests bypassed as fails_on_windows: $(bazel query 'kind(".*test rule", attr("tags", "fails_on_windows", //test/...))' 2>/dev/null | sort | wc -l) known incompatible tests" echo "Tests bypassed as flaky_on_windows: $(bazel query 'kind(".*test rule", attr("tags", "flaky_on_windows", //test/...))' 2>/dev/null | sort | wc -l) known unstable tests" ================================================ FILE: configs/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", ) load("@rules_python//python:defs.bzl", "py_binary") load("@configs_pip3//:requirements.bzl", "requirement") licenses(["notice"]) # Apache 2 envoy_package() py_binary( name = "configgen", srcs = ["configgen.py"], data = glob([ "*.yaml", ]), deps = [ requirement("Jinja2"), requirement("MarkupSafe"), ], ) filegroup( name = "configs", srcs = [ "google-vrp/envoy-edge.yaml", "google-vrp/envoy-origin.yaml", "original-dst-cluster/proxy_config.yaml", ] + select({ "//bazel:apple": [], "//bazel:windows_x86_64": [], "//conditions:default": ["freebind/freebind.yaml"], }), ) genrule( name = "example_configs", srcs = [ ":configs", "//examples:configs", "//docs:configs", "//test/config/integration/certs", ], outs = ["example_configs.tar"], cmd = ( "$(location configgen.sh) $(location configgen) $(@D) " + "$(locations :configs) " + "$(locations //examples:configs) " + "$(locations //docs:configs) " + "$(locations //test/config/integration/certs)" ), tools = [ "configgen.sh", ":configgen", ], ) ================================================ FILE: configs/Dockerfile ================================================ # This configuration will build a Docker container containing # an Envoy proxy that routes to Google. FROM envoyproxy/envoy-dev:latest RUN apt-get update COPY google_com_proxy.v2.yaml /etc/envoy.yaml CMD /usr/local/bin/envoy -c /etc/envoy.yaml ================================================ FILE: configs/access_log_format_helper_v2.template.yaml ================================================ {% macro ingress_sampled_log() -%} format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH):256% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\"\n" {% endmacro %} {% macro ingress_full() -%} format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\"\n" {% endmacro %} {% macro egress_error_log() -%} format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH):256% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\"\n" {% endmacro %} {% macro egress_error_amazon_service() -%} format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH):256% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" \"%RESP(X-AMZN-RequestId)%\"\n" {% endmacro %} ================================================ FILE: configs/configgen.py ================================================ import jinja2 import json from collections import OrderedDict import os import shutil import sys SCRIPT_DIR = os.path.dirname(__file__) OUT_DIR = sys.argv[1] # # About this script: Envoy configurations needed for a complete infrastructure are complicated. # This script demonstrates how to programatically build Envoy configurations using jinja templates. # This is roughly how we build our configurations at Lyft. The three configurations demonstrated # here (front proxy, double proxy, and service to service) are also very close approximations to # what we use at Lyft in production. They give a demonstration of how to configure most Envoy # features. Along with the configuration guide it should be possible to modify them for different # use cases. # # This is the set of internal services that front Envoy will route to. Each cluster referenced # in envoy_router.template.json must be specified here. It is a dictionary of dictionaries. # Options can be specified for each cluster if needed. See make_route_internal() in # routing_helper.template.json for the types of options supported. front_envoy_clusters = {'service1': {}, 'service2': {}, 'service3': {}, 'ratelimit': {}} # This is the set of internal services that local Envoys will route to. All services that will be # accessed via the 9001 egress port need to be listed here. It is a dictionary of dictionaries. # Options can be specified for each cluster if needed. See make_route_internal() in # routing_helper.template.json for the types of options supported. service_to_service_envoy_clusters = { 'ratelimit': {}, 'service1': { 'service_to_service_rate_limit': True }, 'service3': {} } # This is a list of external hosts that can be accessed from local Envoys. Each external service has # its own port. This is because some SDKs don't make it easy to use host based routing. Below # we demonstrate setting up proxying for DynamoDB. In the config, this ends up using the HTTP # DynamoDB statistics filter, as well as generating a special access log which includes the # X-AMZN-RequestId response header. external_virtual_hosts = [{ 'name': 'dynamodb_iad', 'address': "127.0.0.1", 'protocol': "TCP", 'port_value': "9204", 'hosts': [{ 'name': 'dynamodb_iad', 'domain': '*', 'remote_address': 'dynamodb.us-east-1.amazonaws.com', 'protocol': 'TCP', 'port_value': '443', 'verify_subject_alt_name': ['dynamodb.us-east-1.amazonaws.com'], 'ssl': True }], 'is_amzn_service': True, 'cluster_type': 'logical_dns' }] # This is the set of mongo clusters that local Envoys can talk to. Each database defines a set of # mongos routers to talk to, and whether the global rate limit service should be called for new # connections. Many organizations will not be interested in the mongo feature. Setting this to # an empty dictionary will remove all mongo configuration. The configuration is a useful example # as it demonstrates how to setup TCP proxy and the network rate limit filter. mongos_servers = { 'somedb': { 'address': "127.0.0.1", 'protocol': "TCP", 'port_value': 27019, 'hosts': [ { 'port_value': 27817, 'address': 'router1.yourcompany.net', 'protocol': 'TCP' }, { 'port_value': 27817, 'address': 'router2.yourcompany.net', 'protocol': 'TCP' }, { 'port_value': 27817, 'address': 'router3.yourcompany.net', 'protocol': 'TCP' }, { 'port_value': 27817, 'address': 'router4.yourcompany.net', 'protocol': 'TCP' }, ], 'ratelimit': True } } def generate_config(template_path, template, output_file, **context): """ Generate a final config file based on a template and some context. """ env = jinja2.Environment(loader=jinja2.FileSystemLoader(template_path, followlinks=True), undefined=jinja2.StrictUndefined) raw_output = env.get_template(template).render(**context) with open(output_file, 'w') as fh: fh.write(raw_output) # TODO(sunjayBhatia, wrowe): Avoiding tracing extensions until they build on Windows tracing_enabled = os.name != 'nt' # Generate a demo config for the main front proxy. This sets up both HTTP and HTTPS listeners, # as well as a listener for the double proxy to connect to via SSL client authentication. generate_config(SCRIPT_DIR, 'envoy_front_proxy_v2.template.yaml', '{}/envoy_front_proxy.v2.yaml'.format(OUT_DIR), clusters=front_envoy_clusters, tracing=tracing_enabled) # Generate a demo config for the double proxy. This sets up both an HTTP and HTTPS listeners, # and backhauls the traffic to the main front proxy. generate_config(SCRIPT_DIR, 'envoy_double_proxy_v2.template.yaml', '{}/envoy_double_proxy.v2.yaml'.format(OUT_DIR), tracing=tracing_enabled) # Generate a demo config for the service to service (local) proxy. This sets up several different # listeners: # 9211: Main ingress listener for service to service traffic. # 9001: Main egress listener for service to service traffic. Applications use this port to send # requests to other services. # optional external service ports: built from external_virtual_hosts above. Each external host # that Envoy proxies to listens on its own port. # optional mongo ports: built from mongos_servers above. generate_config(SCRIPT_DIR, 'envoy_service_to_service_v2.template.yaml', '{}/envoy_service_to_service.yaml'.format(OUT_DIR), internal_virtual_hosts=service_to_service_envoy_clusters, external_virtual_hosts=external_virtual_hosts, mongos_servers=mongos_servers) for google_ext in ['v2.yaml']: shutil.copy(os.path.join(SCRIPT_DIR, 'google_com_proxy.%s' % google_ext), OUT_DIR) shutil.copy(os.path.join(SCRIPT_DIR, 'encapsulate_in_connect.v3.yaml'), OUT_DIR) shutil.copy(os.path.join(SCRIPT_DIR, 'terminate_connect.v3.yaml'), OUT_DIR) ================================================ FILE: configs/configgen.sh ================================================ #!/bin/bash set -e CONFIGGEN="$1" shift OUT_DIR="$1" shift mkdir -p "$OUT_DIR/certs" mkdir -p "$OUT_DIR/lib" "$CONFIGGEN" "$OUT_DIR" for FILE in "$@"; do case "$FILE" in *.pem) cp "$FILE" "$OUT_DIR/certs" ;; *.lua) cp "$FILE" "$OUT_DIR/lib" ;; *) FILENAME="$(echo "$FILE" | sed -e 's/.*examples\///g')" # Configuration filenames may conflict. To avoid this we use the full path. cp -v "$FILE" "$OUT_DIR/${FILENAME//\//_}" ;; esac done # tar is having issues with -C for some reason so just cd into OUT_DIR. (cd "$OUT_DIR"; tar -hcvf example_configs.tar -- *.yaml certs/*.pem lib/*.lua) ================================================ FILE: configs/encapsulate_in_connect.v3.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9903 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 10000 filter_chains: - filters: - name: tcp typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp_stats cluster: "cluster_0" tunneling_config: hostname: host.com clusters: - name: cluster_0 connect_timeout: 5s http2_protocol_options: {} load_assignment: cluster_name: cluster_0 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10001 ================================================ FILE: configs/envoy_double_proxy_v2.template.yaml ================================================ {%- macro listener(protocol, address, port_value, tls, proxy_proto, tracing) -%} - name: listener_created_from_configgen address: socket_address: protocol: {{protocol}} address: {{address}} port_value: {{port_value}} filter_chains: - filter_chain_match: {} {% if tls %} transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: certs/servercert.pem private_key: filename: certs/serverkey.pem validation_context: {} alpn_protocols: - h2 - http/1.1 {% endif %} {% if proxy_proto %} use_proxy_proto: true {%endif -%} filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/" route: cluster: backhaul #Generally allow front proxy to control timeout and use this as a backstop timeout: 20s http_filters: - name: envoy.filters.http.health_check typed_config: "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false headers: - exact_match: /healthcheck name: :path - name: envoy.filters.http.buffer typed_config: "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.filters.http.router typed_config: {} {% if tracing %} tracing: operation_name: INGRESS provider: name: envoy.tracers.lightstep typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.LightstepConfig access_token_file: "/etc/envoy/lightstep_access_token" collector_cluster: lightstep_saas {% endif %} common_http_protocol_options: idle_timeout: 840s access_log: - name: envoy.access_loggers.file filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: access_log.access_error.status - duration_filter: comparison: op: GE value: default_value: 1000 runtime_key: access_log.access_error.duration - traceable_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /var/log/envoy/access_error.log format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%REQ(X-LYFT-USER-ID)%\" \"%RESP(GRPC-STATUS)%\"\n" {% if proxy_proto %} use_remote_address: true {%endif -%} {% endmacro -%} static_resources: listeners: # TCP listener for external port 443 (TLS). Assumes a TCP LB in front such as ELB which # supports proxy proto {{ listener("TCP", "0.0.0.0",9300,True, True, tracing)|indent(2) }} # TCP listener for external port 80 (non-TLS). Assumes a TCP LB in front such as ELB which # supports proxy proto. {{ listener("TCP", "0.0.0.0",9301,False, True, tracing)|indent(2) }} clusters: - name: statsd type: STATIC connect_timeout: 0.25s lb_policy: ROUND_ROBIN load_assignment: cluster_name: statsd endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8125 protocol: TCP - name: backhaul type: STRICT_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN load_assignment: cluster_name: backhaul endpoints: - lb_endpoints: - endpoint: address: socket_address: address: front-proxy.yourcompany.net port_value: 9400 protocol: TCP # There are so few connections going back # that we can get some imbalance. Until we come up # with a better solution just limit the requests # so we can cycle and get better spread. max_requests_per_connection: 25000 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: certs/clientcert.pem private_key: filename: certs/clientkey.pem validation_context: trusted_ca: filename: certs/cacert.pem match_subject_alt_names: exact: "front-proxy.yourcompany.net" http2_protocol_options: {} - name: lightstep_saas type: LOGICAL_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN load_assignment: cluster_name: lightstep_saas endpoints: - lb_endpoints: - endpoint: address: socket_address: address: collector-grpc.lightstep.com port_value: 443 protocol: TCP http2_protocol_options: {} transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext common_tls_context: validation_context: trusted_ca: filename: certs/cacert.pem match_subject_alt_names: exact: "collector-grpc.lightstep.com" flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.stat_sinks.statsd typed_config: "@type": type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd layered_runtime: layers: - name: root disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy - name: override disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy_override append_service_cluster: true - name: admin admin_layer: {} admin: access_log_path: "/var/log/envoy/admin_access.log" address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 ================================================ FILE: configs/envoy_front_proxy_v2.template.yaml ================================================ {% import 'routing_helper_v2.template.yaml' as helper -%} {% macro router_file_content() -%}{% include kwargs['router_file'] -%}{% endmacro -%} {% macro listener(protocol, address, port_value, proxy_proto, tls, tracing) -%} name: not_required_for_static_listeners address: socket_address: protocol: {{protocol}} address: {{address}} port_value: {{port_value}} filter_chains: {% if tls %} - transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: alpn_protocols: h2,http/1.1 tls_certificates: - certificate_chain: filename: certs/servercert.pem private_key: filename: certs/serverkey.pem {% if kwargs.get('pin_double_proxy_client', False) %} validation_context: trusted_ca: filename: certs/cacert.pm #This should be the hash of the /etc/envoy/envoy-double-proxy.pem cert used in the #double proxy configuration. verify_certificate_hash: "0000000000000000000000000000000000000000000000000000000000000000" {% endif %} {%if proxy_proto%} use_proxy_proto: true {%endif%} {%endif %} filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router {% if proxy_proto -%} use_remote_address: true {%endif-%} stat_prefix: ingress_http route_config: {{ router_file_content(router_file='envoy_router_v2.template.yaml')|indent(10) }} http_filters: - name: envoy.filters.http.health_check typed_config: "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false headers: - name: ":path" exact_match: "/healthcheck" - name: envoy.filters.http.buffer typed_config: "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.filters.http.ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit domain: envoy_front request_type: external rate_limit_service: grpc_service: envoy_grpc: cluster_name: ratelimit - name: envoy.filters.http.router typed_config: {} add_user_agent: true {% if tracing %} tracing: operation_name: INGRESS provider: name: envoy.tracers.lightstep typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.LightstepConfig collector_cluster: lightstep_saas access_token_file: "/etc/envoy/lightstep_access_token" {% endif %} common_http_protocol_options: idle_timeout: 840s access_log: - name: envoy.access_loggers.file filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: access_log.access_error.status - duration_filter: comparison: op: GE value: default_value: 1000 runtime_key: access_log.access_error.duration - traceable_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/access_error.log" format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%REQ(X-LYFT-USER-ID)%\" \"%RESP(GRPC-STATUS)%\"\n" {% endmacro -%} static_resources: listeners: # TCP listeners for public HTTP/HTTPS endpoints. Assumes a TCP LB in front such as ELB which # supports proxy proto. - {{ listener("TCP", "0.0.0.0", "9300", True, True, tracing)|indent(2) }} - {{ listener("TCP", "0.0.0.0", "9301", True, True, tracing)|indent(2) }} # TCP listener for backhaul traffic from the double proxy. # See envoy_double_proxy.template.json - {{ listener("TCP", "0.0.0.0", "9400", True, True, tracing, pin_double_proxy_client=True)|indent(2) }} clusters: - name: sds type: STRICT_DNS connect_timeout: 0.25s lb_policy: ROUND_ROBIN load_assignment: cluster_name: sds endpoints: - lb_endpoints: - endpoint: address: socket_address: address: discovery.yourcompany.net port_value: 80 protocol: TCP - name: statsd type: STATIC connect_timeout: 0.25s lb_policy: ROUND_ROBIN load_assignment: cluster_name: statsd endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8125 protocol: TCP - name: lightstep_saas type: LOGICAL_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN load_assignment: cluster_name: lightstep_saas endpoints: - lb_endpoints: - endpoint: address: socket_address: address: collector-grpc.lightstep.com port_value: 443 protocol: TCP http2_protocol_options: {} {% for service, options in clusters.items() -%} - {{ helper.internal_cluster_definition(service, options)|indent(2) }} {% endfor %} cluster_manager: outlier_detection: event_log_path: /var/log/envoy/outlier_events.log flags_path: /etc/envoy/flags layered_runtime: layers: - name: root disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy - name: override disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy_override append_service_cluster: true - name: admin admin_layer: {} admin: access_log_path: /var/log/envoy/admin_access.log address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 9901 ================================================ FILE: configs/envoy_router_v2.template.yaml ================================================ {% import 'routing_helper_v2.template.yaml' as helper with context -%} name: local_route virtual_hosts: - name: www domains: - www.yourcompany.com routes: - match: prefix: "/foo/bar" runtime_fraction: default_value: numerator: 0 denominator: HUNDRED runtime_key: routing.www.use_service_2 route: {{ helper.make_route('service2')|indent(4) }} - match: prefix: "/" route: {{ helper.make_route('service1')|indent(4) }} require_tls: ALL rate_limits: actions: remote_address: {} - name: www_redirect domains: - wwww.yourcompany.net routes: - match: prefix: "/" redirect: host_redirect: www.yourcompany.net require_tls: ALL rate_limits: - actions: remote_address: {} - name: api domains: - api.yourcompany.net routes: - match: path: "/foo/bar" route: {{ helper.make_route('service3')|indent(4) }} - match: prefix: "/" route: {{ helper.make_route('service1')|indent(4) }} require_tls: EXTERNAL_ONLY rate_limits: - actions: remote_address: {} ================================================ FILE: configs/envoy_service_to_service_v2.template.yaml ================================================ {% import 'routing_helper_v2.template.yaml' as helper -%} {% import 'access_log_format_helper_v2.template.yaml' as access_log_helper -%} {% macro ingress_listener(protocol, address, port_value) -%} - address: socket_address: protocol: {{protocol}} address: {{address}} port_value: {{port_value}} traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: - "*" routes: - match: prefix: "/" headers: - name: content-type exact_match: application/grpc route: cluster: local_service_grpc - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.filters.http.health_check typed_config: "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: true headers: - name: ":path" exact_match: "/healthcheck" cache_time: 2.5s - name: envoy.filters.http.buffer typed_config: "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.filters.http.router typed_config: {} access_log: - name: envoy.access_loggers.file filter: not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http.log" {{ access_log_helper.ingress_full()|indent(10)}} - name: envoy.access_loggers.file filter: and_filter: filters: - or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 400 runtime_key: access_log.access_error.status - status_code_filter: comparison: op: EQ value: default_value: 0 runtime_key: access_log.access_error.status - duration_filter: comparison: op: GE value: default_value: 2000 runtime_key: access_log.access_error.duration - not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http_error.log" {{ access_log_helper.ingress_sampled_log()|indent(10)}} - name: envoy.access_loggers.file filter: and_filter: filters: - not_health_check_filter: {} - runtime_filter: runtime_key: access_log.ingress_http typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http_sampled.log" {{ access_log_helper.ingress_sampled_log()|indent(10)}} common_http_protocol_options: idle_timeout: 840s {% endmacro -%} static_resources: listeners: {{ ingress_listener("tcp", "0.0.0.0", 9211) | indent(2)}} - address: socket_address: protocol: TCP port_value: 9001 address: 127.0.0.1 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http route_config: name: local_route virtual_hosts: {% for service, options in internal_virtual_hosts.items() %} - name: {{ service }} domains: - {{ service }} routes: - match: prefix: "/" route: {{ helper.make_route_internal(service, options)|indent(16) }} {% endfor %} add_user_agent: true common_http_protocol_options: idle_timeout: 840s access_log: - name: envoy.access_loggers.file filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 400 runtime_key: access_log.access_error.status - duration_filter: comparison: op: GE value: default_value: 2000 runtime_key: access_log.access_error.duration - traceable_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_http_error.log" {{ access_log_helper.egress_error_log()|indent(10) }} use_remote_address: true http_filters: - name: envoy.filters.http.ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit domain: envoy_service_to_service rate_limit_service: grpc_service: envoy_grpc: cluster_name: ratelimit - name: envoy.filters.http.grpc_http1_bridge typed_config: {} - name: envoy.filters.http.router typed_config: {} - address: socket_address: protocol: TCP port_value: 9002 address: 127.0.0.1 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http rds: config_source: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: "rds" route_config_name: rds_config_for_listener_1 add_user_agent: true common_http_protocol_options: idle_timeout: 840s access_log: - name: envoy.access_loggers.file filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 400 runtime_key: access_log.access_error.status - duration_filter: comparison: op: GE value: default_value: 2000 runtime_key: access_log.access_error.duration - traceable_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_http_error.log" {{ access_log_helper.egress_error_log()|indent(10) }} use_remote_address: true http_filters: - name: envoy.filters.http.ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit domain: envoy_service_to_service rate_limit_service: grpc_service: envoy_grpc: cluster_name: ratelimit - name: envoy.filters.http.grpc_http1_bridge typed_config: {} - name: envoy.filters.http.router typed_config: {} {% if external_virtual_hosts|length > 0 or mongos_servers|length > 0 %}{% endif -%} {% for mapping in external_virtual_hosts -%} - name: "{{ mapping['address']}}" address: socket_address: address: "{{ mapping['address'] }}" protocol: TCP port_value: 9901 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO common_http_protocol_options: idle_timeout: 840s stat_prefix: egress_{{ mapping['name'] }} #update access_logs here route_config: virtual_hosts: {% for host in mapping['hosts'] %} - name: egress_{{ host['name'] }} domains: - "{{ host['domain'] }}" routes: - match: prefix: "/" route: cluster: egress_{{ host['name'] }} retry_policy: retry_on: connect-failure {% if host.get('host_rewrite', False) %} host_rewrite: "{{host['host_rewrite']}}" {% endif %} {% endfor %} http_filters: {% if mapping['name'] in ['dynamodb_iad', 'dynamodb_legacy'] -%} - name: envoy.filters.http.dynamo typed_config: {} {% endif -%} - name: envoy.filters.http.router typed_config: {} access_log: - name: envoy.access_loggers.file filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 400 runtime_key: access_log.access_error.status - status_code_filter: comparison: op: EQ value: default_value: 0 runtime_key: access_log.access_error.status {% if mapping.get('log_high_latency_requests', True) %} - duration_filter: comparison: op: GE value: default_value: 2000 runtime_key: access_log.access_error.duration {% endif %} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_{{ mapping['name'] }}_http_error.log" {% if mapping.get('is_amzn_service', False) -%} {{ access_log_helper.egress_error_amazon_service()|indent(10) }} {% else -%} {{ access_log_helper.egress_error_log()|indent(10) }} {% endif %} {% if (mongos_servers|length > 0) or (mongos_servers|length == 0 and not loop.last ) %}{% endif -%} {% endfor -%} {% for key, value in mongos_servers.items() -%} - name : "{{ value['address'] }}" address: socket_address: address: "{{ value['address'] }}" protocol: TCP port_value: 9003 filter_chains: - filters: - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy stat_prefix: mongo_{{ key }} cluster: mongo_{{ key }} - name: envoy.filters.network.mongo_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.network.mongo_proxy.v2.MongoProxy stat_prefix: "{{ key }}" access_log: "/var/log/envoy/mongo_{{ key }}.log" {% if value.get('ratelimit', False) %} - name: envoy.filters.network.ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.ratelimit.v3.RateLimit stat_prefix: "{{ key }}" domain: envoy_mongo_cps descriptors: entries: - key: database value: "{{ key }}" {% endif %} {% endfor -%} clusters: {% for service, options in internal_virtual_hosts.items() -%} - {{ helper.internal_cluster_definition(service, options)|indent(2)}} {% endfor -%} {% for mapping in external_virtual_hosts -%} {% for host in mapping['hosts'] -%} - name: egress_{{ host['name'] }} {% if host.get('ssl', False) %} transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext common_tls_context: validation_context: trusted_ca: filename: certs/cacert.pem {% if host.get('verify_subject_alt_name', False) %} match_subject_alt_names: exact: "{{host['verify_subject_alt_name'] }}" {% endif %} {% if host.get('sni', False) %} sni: "{{ host['sni'] }}" {% endif %} connect_timeout: 1s {% else %} connect_timeout: 0.25s {% endif %} type: LOGICAL_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: egress_{{ host['name'] }} endpoints: - lb_endpoints: - endpoint: address: socket_address: address: {{ host['remote_address'] }} port_value: {{ host['port_value'] }} protocol: {{ host['protocol'] }} {% endfor -%} {% endfor -%} {% for key, value in mongos_servers.items() -%} - name: mongo_{{ key }} connect_timeout: 0.25s type: STRICT_DNS lb_policy: RANDOM load_assignment: cluster_name: mongo_{{ key }} endpoints: - lb_endpoints: {% for server in value['hosts'] -%} - endpoint: address: socket_address: address: {{ server['address'] }} port_value: {{ server['port_value'] }} protocol: {{ server['protocol'] }} {% endfor -%} {% endfor %} - name: main_website connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: main_website endpoints: - lb_endpoints: - endpoint: address: socket_address: address: main_website.com port_value: 443 protocol: TCP transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext sni: www.main_website.com - name: local_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: main_website endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 protocol: TCP circuit_breakers: thresholds: max_pending_requests: 30 max_connections: 100 - name: local_service_grpc connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN http2_protocol_options: {} load_assignment: cluster_name: local_service_grpc endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8081 protocol: TCP circuit_breakers: thresholds: max_requests: 200 dns_lookup_family: V4_ONLY - name: rds connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN http2_protocol_options: connection_keepalive: interval: 30s timeout: 5s load_assignment: cluster_name: rds endpoints: - lb_endpoints: - endpoint: address: socket_address: address: rds.yourcompany.net port_value: 80 protocol: TCP dns_lookup_family: V4_ONLY - name: statsd connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: statsd endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8125 protocol: TCP dns_lookup_family: V4_ONLY - name: lightstep_saas connect_timeout: 1s type: LOGICAL_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: lightstep_saas endpoints: - lb_endpoints: - endpoint: address: socket_address: address: collector-grpc.lightstep.com port_value: 443 protocol: TCP http2_protocol_options: max_concurrent_streams: 100 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext common_tls_context: validation_context: trusted_ca: filename: certs/cacert.pem match_subject_alt_names: exact: "collector-grpc.lightstep.com" - name: cds_cluster connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: cds_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: cds.yourcompany.net port_value: 80 protocol: TCP - name: sds connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: sds endpoints: - lb_endpoints: - endpoint: address: socket_address: address: discovery.yourcompany.net port_value: 80 protocol: TCP dynamic_resources: cds_config: api_config_source: api_type: REST cluster_names: - cds_cluster refresh_delay: 30s cluster_manager: {} flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.stat_sinks.statsd typed_config: "@type": type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd layered_runtime: layers: - name: root disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy - name: override disk_layer: symlink_root: /srv/configset/envoydata/current subdirectory: envoy_override append_service_cluster: true - name: admin admin_layer: {} admin: access_log_path: /var/log/envoy/admin_access.log address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 9901 ================================================ FILE: configs/freebind/README.md ================================================ # Freebind testing To manually validate the `IP_FREEBIND` behavior in Envoy, you can launch Envoy with [freebind.yaml](freebind.yaml). The listener free bind behavior can be verified with: 1. `envoy -c ./configs/freebind/freebind.yaml -l trace` 2. `sudo ifconfig lo:1 192.168.42.1/30 up` 3. `nc -v -l 0.0.0.0 10001` To cleanup run `sudo ifconfig lo:1 down`. TODO(htuch): Steps to verify upstream behavior. ================================================ FILE: configs/freebind/freebind.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: address: 192.168.42.1 port_value: 10000 freebind: true filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/" } route: { cluster: service_local } http_filters: - name: envoy.filters.http.router clusters: - name: service_local connect_timeout: 30s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_local endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10001 # TODO(htuch): Figure out how to do end-to-end testing with # outgoing connections and free bind. # upstream_bind_config: # source_address: # address: 192.168.43.1 # freebind: true ================================================ FILE: configs/google-vrp/envoy-edge.yaml ================================================ overload_manager: refresh_interval: 0.25s resource_monitors: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig # TODO: Tune for your system. max_heap_size_bytes: 1073741824 # 1 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.90 - name: "envoy.overload_actions.stop_accepting_requests" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.95 static_resources: listeners: - name: listener_https address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 per_connection_buffer_limit_bytes: 32768 # 32 KiB filter_chains: - transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "certs/servercert.pem" } private_key: { filename: "certs/serverkey.pem" } # Uncomment if Envoy is behind a load balancer that exposes client IP address using the PROXY protocol. # use_proxy_proto: true filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http use_remote_address: true common_http_protocol_options: idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] # The exact route table is not super important in this example (this is the model # for the Google VRP scenario). routes: - match: prefix: "/content" route: cluster: service_foo idle_timeout: 15s # must be disabled for long-lived and streaming requests - match: prefix: "/" direct_response: status: 403 body: inline_string: "denied\n" http_filters: - name: envoy.filters.http.router clusters: name: service_foo connect_timeout: 5s per_connection_buffer_limit_bytes: 32768 # 32 KiB load_assignment: cluster_name: service_foo endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10002 http2_protocol_options: initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB ================================================ FILE: configs/google-vrp/envoy-origin.yaml ================================================ overload_manager: refresh_interval: 0.25s resource_monitors: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig max_heap_size_bytes: 1073741824 # 1 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.95 - name: "envoy.overload_actions.stop_accepting_requests" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.98 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10002 per_connection_buffer_limit_bytes: 32768 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http use_remote_address: true common_http_protocol_options: idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: path: "/blockedz" direct_response: status: 200 body: inline_string: "hidden treasure\n" - match: prefix: "/" direct_response: status: 200 body: inline_string: "normal\n" http_filters: - name: envoy.filters.http.router ================================================ FILE: configs/google-vrp/launch_envoy.sh ================================================ #!/bin/bash cd /etc/envoy || exit envoy "$@" ================================================ FILE: configs/google-vrp/supervisor.conf ================================================ [supervisord] nodaemon=true [program:envoy-edge] command=launch_envoy.sh -c /etc/envoy/envoy-edge.yaml %(ENV_ENVOY_EDGE_EXTRA_ARGS)s --log-format "(edge)[%%Y-%%m-%%d %%T.%%e][%%t][%%l][%%n] %%v" --base-id 0 redirect_stderr=true stdout_logfile_maxbytes=0 stdout_logfile=/dev/stdout [program:envoy-origin] command=launch_envoy.sh -c /etc/envoy/envoy-origin.yaml %(ENV_ENVOY_ORIGIN_EXTRA_ARGS)s --log-format "(origin)[%%Y-%%m-%%d %%T.%%e][%%t][%%l][%%n] %%v" --base-id 1 redirect_stderr=true stdout_logfile_maxbytes=0 stdout_logfile=/dev/stdout ================================================ FILE: configs/google_com_proxy.v2.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/" route: host_rewrite: www.google.com cluster: service_google http_filters: - name: envoy.filters.http.router clusters: - name: service_google connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_google endpoints: - lb_endpoints: - endpoint: address: socket_address: address: www.google.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext sni: www.google.com ================================================ FILE: configs/original-dst-cluster/README.md ================================================ # Original destination cluster configuration and testing An original destination cluster forwards requests to the same destination the request was going to before being redirected to Envoy using an iptables REDIRECT rule. `proxy_config.json` contains an example Envoy configuration demonstrating the use of an original destination cluster. `netns_setup.sh` and `netns_cleanup.sh` are provided as examples for setting up and cleaning up, respectively, a network namespace and the required iptables rule to redirect traffic to Envoy. # Setting up `netns_setup.sh` takes two arguments: the name of the new network namespace and the prefix that is to be redirected. Envoy listener port is set to 10000, which matches the configuration in `proxy_config.json`. This creates a network namespace `ns1` and redirects traffic from there to Envoy listening on port 10000 if the destination address of the traffic matches `173.194.222.0/24` : ``` sudo ./configs/original-dst-cluster/netns_setup.sh ns1 173.194.222.0/24 ``` # Building and running Envoy Build Envoy with debug options, so that the behavior can be better observed from the logs: ``` bazel build //source/exe:envoy-static -c dbg ``` Then you should run Envoy with the provided example configuration: ``` bazel-out/local-dbg/bin/source/exe/envoy-static -c configs/original-dst-cluster/proxy_config.json -l debug ``` When running you should see periodical messages like `Cleaning up stale original dst hosts.` # Generating traffic Next we generate traffic from the new network namespace hitting the redirect rule. Run this from another terminal: ``` sudo ip netns exec ns1 curl -v 173.194.222.106:80 ``` Most likely you'll see `301 Moved` in the curl response. In the rare case of upstream connection timeout you'll see `503 Service Unavailable` instead. The connection timeout setting on the proxy_config.json is set to 6 seconds to make this less likely, but if no host with the destination address exist then you will get this response no matter how long the timeout setting. You should see lines with `Adding host 173.194.222.106:80` being logged by each Envoy thread, followed by `Keeping active host 173.194.222.106:80` and eventually `Removing stale host 173.194.222.106:80`, again multiple times, once from each Envoy thread. # Cleaning up To properly remove the added network namespace and the iptables configuration run `netns_cleanup.sh` with the same arguments as the setup before: ``` sudo ./configs/original-dst-cluster/netns_cleanup.sh ns1 173.194.222.0/24 ``` Finally, stop Envoy with `^C`. ================================================ FILE: configs/original-dst-cluster/netns_cleanup.sh ================================================ #!/usr/bin/env bash # # Cleanup network namespace after testing Envoy original_dst cluster # NETNS=$1 TARGET_IP=$2 ENVOY_PORT=10000 # remove iptables rule iptables -t nat -D PREROUTING --src 0/0 --dst "$TARGET_IP" -p tcp --dport 80 -j REDIRECT --to-ports "$ENVOY_PORT" # delete network namespace ip netns delete "$NETNS" # delete veth pair ip link del "$NETNS-veth0" type veth peer name "$NETNS-veth1" ================================================ FILE: configs/original-dst-cluster/netns_setup.sh ================================================ #!/usr/bin/env bash # # Example setup network namespace for testing Envoy original_dst cluster # Clean up with the cleanup script with the same arguments. # # Test with: # $sudo ip netns exec ${NETNS} curl -v ${TARGET_IP}:80 # set -e # name of the network namespace NETNS=$1 # IP address or prefix that will be redirected TARGET_IP=$2 # Local Envoy Listener port number ENVOY_PORT=10000 # Create veth pair ip link add "$NETNS-veth0" type veth peer name "$NETNS-veth1" ifconfig "$NETNS-veth0" 10.0.200.2/24 up # Create network namespace ip netns add "$NETNS" # Move veth peer to the namespace ip link set "$NETNS-veth1" netns "$NETNS" # Configure network namespace ip netns exec "$NETNS" ifconfig lo 127.0.0.1 up ip netns exec "$NETNS" ifconfig "$NETNS-veth1" 10.0.200.1/24 up ip netns exec "$NETNS" ip route add default via 10.0.200.2 #configure iptables REDIRECT in the PREROUTING hook of the root name space nat table. iptables -t nat -I PREROUTING --src 0/0 --dst "$TARGET_IP" -p tcp --dport 80 -j REDIRECT --to-ports "$ENVOY_PORT" ================================================ FILE: configs/original-dst-cluster/proxy_config.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_service virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/" route: cluster: cluster1 http_filters: - name: envoy.filters.http.router typed_config: {} codec_type: auto listener_filters: - name: envoy.filters.listener.original_dst typed_config: {} clusters: - name: cluster1 type: ORIGINAL_DST connect_timeout: 6s lb_policy: CLUSTER_PROVIDED dns_lookup_family: V4_ONLY cluster_manager: {} admin: access_log_path: /tmp/admin_access.log address: socket_address: address: 127.0.0.1 port_value: 9901 ================================================ FILE: configs/requirements.txt ================================================ Jinja2==2.11.2 \ --hash=sha256:89aab215427ef59c34ad58735269eb58b1a5808103067f7bb9d5836c651b3bb0 \ --hash=sha256:f0a4641d3cf955324a89c04f3d94663aa4d638abe8f733ecd3582848e1c37035 MarkupSafe==1.1.1 \ --hash=sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473 \ --hash=sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161 \ --hash=sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235 \ --hash=sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5 \ --hash=sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42 \ --hash=sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff \ --hash=sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b \ --hash=sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1 \ --hash=sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e \ --hash=sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183 \ --hash=sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66 \ --hash=sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b \ --hash=sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1 \ --hash=sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15 \ --hash=sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1 \ --hash=sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e \ --hash=sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b \ --hash=sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905 \ --hash=sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735 \ --hash=sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d \ --hash=sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e \ --hash=sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d \ --hash=sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c \ --hash=sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21 \ --hash=sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2 \ --hash=sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5 \ --hash=sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b \ --hash=sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6 \ --hash=sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f \ --hash=sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f \ --hash=sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2 \ --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \ --hash=sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be ================================================ FILE: configs/routing_helper_v2.template.yaml ================================================ {%- macro make_route_internal(cluster, options) %} cluster: {{ cluster }} {%- if 'timeout' in options -%} timeout: {{ options['timeout'] }}, {% endif %} retry_policy: retry_on: 5xx {%- endmacro %} {%- macro make_route(cluster) -%} {{ make_route_internal(cluster, clusters.get(cluster, {})) }} {%- endmacro -%} {%- macro internal_cluster_definition(service, options) -%} name: {{ service }} connect_timeout: 0.250s type: EDS eds_cluster_config: eds_config: api_config_source: api_type: REST cluster_names: - sds refresh_delay: 30s service_name: {{ service }} lb_policy: LEAST_REQUEST {% if 'max_requests' in options -%} circuit_breakers: thresholds: - priority: DEFAULT max_requests: {{ options['max_requests'] }} {% endif -%} health_checks: - http_health_check: path: /healthcheck service_name_matcher: prefix: accidents timeout: 2s interval: 5s interval_jitter: 5s unhealthy_threshold: 2 healthy_threshold: 2 outlier_detection: success_rate_stdev_factor: 1900 http2_protocol_options: {} {% endmacro -%} ================================================ FILE: configs/terminate_connect.v3.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9902 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 10001 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: - "*" routes: - match: connect_matcher: {} route: cluster: service_google upgrade_configs: - upgrade_type: CONNECT connect_config: {} http_filters: - name: envoy.filters.http.router http2_protocol_options: allow_connect: true upgrade_configs: - upgrade_type: CONNECT clusters: - name: service_google connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_google endpoints: - lb_endpoints: - endpoint: address: socket_address: address: www.google.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: www.google.com ================================================ FILE: configs/using_deprecated_config.v2.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/" route: host_rewrite: www.google.com cluster: service_google cors: allow_origin: - "test-origin-1" http_filters: - name: envoy.filters.http.router clusters: - name: service_google connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_google endpoints: - lb_endpoints: - endpoint: address: socket_address: address: www.google.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext sni: www.google.com tracing: http: name: envoy.tracers.zipkin config: collector_cluster: service_google collector_endpoint: /api/v1/spans collector_endpoint_version: HTTP_JSON_V1 layered_runtime: layers: - name: static_layer static_layer: envoy.deprecated_features:envoy.config.trace.v2.ZipkinConfig.HTTP_JSON_V1: true envoy.deprecated_features:envoy.api.v2.route.CorsPolicy.allow_origin: true ================================================ FILE: docs/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", ) licenses(["notice"]) # Apache 2 exports_files(["protodoc_manifest.yaml"]) envoy_package() # TODO(phlax): fix failing/excluded configs # the following config only fails on windows: # dns-cache-circuit-breaker: "Error: unable to read file: /etc/ssl/certs/ca-certificates.crt" filegroup( name = "configs", srcs = glob( ["root/**/*.yaml"], exclude = [ "root/intro/_include/life-of-a-request.yaml", "root/intro/arch_overview/security/_include/ssl.yaml", "root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml", "root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml", "root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml", ], ), ) ================================================ FILE: docs/README.md ================================================ # Building documentation locally There are two methods to build the documentation, described below. In both cases, the generated output can be found in `generated/docs`. ## Building in an existing Envoy development environment If you have an [existing Envoy development environment](https://github.com/envoyproxy/envoy/tree/master/bazel#quick-start-bazel-build-for-developers), you should have the necessary dependencies and requirements and be able to build the documentation directly. ```bash ./docs/build.sh ``` By default configuration examples are going to be validated during build. To disable validation, set `SPHINX_SKIP_CONFIG_VALIDATION` environment variable to `true`: ```bash SPHINX_SKIP_CONFIG_VALIDATION=true docs/build.sh ``` ## Using the Docker build container to build the documentation If you *do not* have an existing development environment, you may wish to use the Docker build image that is used in continuous integration. This can be done as follows: ``` ./ci/run_envoy_docker.sh 'docs/build.sh' ``` To use this method you will need a minimum of 4-5GB of disk space available to accommodate the build image. # Creating a Pull Request with documentation changes When you create a Pull Request the documentation is rendered by CircleCI. If you are logged in to CircleCI (it is possible to authenticate using your Github account), you can view the rendered changes. To do this: - click `Details` in the `ci/circleci: docs` check at the bottom of the Pull Request. - click `ARTIFACTS` in the CircleCI dashboard - browse to the documentation root at `generated/docs/index.html`. # How the Envoy website and docs are updated 1. The docs are published to [docs/envoy/latest](https://github.com/envoyproxy/envoyproxy.github.io/tree/master/docs/envoy/latest) on every commit to master. This process is handled by CircleCI with the [`publish.sh`](https://github.com/envoyproxy/envoy/blob/master/docs/publish.sh) script. 2. The docs are published to [docs/envoy](https://github.com/envoyproxy/envoyproxy.github.io/tree/master/docs/envoy) in a directory named after every tagged commit in this repo. Thus, on every tagged release there are snapped docs. ================================================ FILE: docs/_ext/validating_code_block.py ================================================ from typing import List from docutils import nodes from docutils.parsers.rst import Directive from docutils.parsers.rst import directives from sphinx.application import Sphinx from sphinx.util.docutils import SphinxDirective from sphinx.directives.code import CodeBlock from sphinx.errors import ExtensionError import os import subprocess class ValidatingCodeBlock(CodeBlock): """A directive that provides protobuf yaml formatting and validation. 'type-name' option is required and expected to conain full Envoy API type. An ExtensionError is raised on validation failure. Validation will be skipped if SPHINX_SKIP_CONFIG_VALIDATION environment variable is set. """ has_content = True required_arguments = CodeBlock.required_arguments optional_arguments = CodeBlock.optional_arguments final_argument_whitespace = CodeBlock.final_argument_whitespace option_spec = { 'type-name': directives.unchanged, } option_spec.update(CodeBlock.option_spec) skip_validation = (os.getenv('SPHINX_SKIP_CONFIG_VALIDATION') or 'false').lower() == 'true' def run(self): source, line = self.state_machine.get_source_and_line(self.lineno) # built-in directives.unchanged_required option validator produces a confusing error message if self.options.get('type-name') == None: raise ExtensionError("Expected type name in: {0} line: {1}".format(source, line)) if not ValidatingCodeBlock.skip_validation: args = [ 'bazel-bin/tools/config_validation/validate_fragment', self.options.get('type-name'), '-s', '\n'.join(self.content) ] completed = subprocess.run(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, encoding='utf-8') if completed.returncode != 0: raise ExtensionError( "Failed config validation for type: '{0}' in: {1} line: {2}:\n {3}".format( self.options.get('type-name'), source, line, completed.stderr)) self.options.pop('type-name', None) return list(CodeBlock.run(self)) def setup(app): app.add_directive("validated-code-block", ValidatingCodeBlock) return { 'version': '0.1', 'parallel_read_safe': True, 'parallel_write_safe': True, } ================================================ FILE: docs/build.sh ================================================ #!/usr/bin/env bash # set SPHINX_SKIP_CONFIG_VALIDATION environment variable to true to skip # validation of configuration examples . tools/shell_utils.sh set -e # We need to set ENVOY_DOCS_VERSION_STRING and ENVOY_DOCS_RELEASE_LEVEL for Sphinx. # We also validate that the tag and version match at this point if needed. if [ -n "$CIRCLE_TAG" ] then # Check the git tag matches the version number in the VERSION file. VERSION_NUMBER=$(cat VERSION) if [ "v${VERSION_NUMBER}" != "${CIRCLE_TAG}" ]; then echo "Given git tag does not match the VERSION file content:" echo "${CIRCLE_TAG} vs $(cat VERSION)" exit 1 fi # Check the version_history.rst contains current release version. grep --fixed-strings "$VERSION_NUMBER" docs/root/version_history/current.rst \ || (echo "Git tag not found in version_history/current.rst" && exit 1) # Now that we know there is a match, we can use the tag. export ENVOY_DOCS_VERSION_STRING="tag-$CIRCLE_TAG" export ENVOY_DOCS_RELEASE_LEVEL=tagged export ENVOY_BLOB_SHA="$CIRCLE_TAG" else BUILD_SHA=$(git rev-parse HEAD) VERSION_NUM=$(cat VERSION) export ENVOY_DOCS_VERSION_STRING="${VERSION_NUM}"-"${BUILD_SHA:0:6}" export ENVOY_DOCS_RELEASE_LEVEL=pre-release export ENVOY_BLOB_SHA="$BUILD_SHA" fi SCRIPT_DIR="$(dirname "$0")" SRC_DIR="$(dirname "$SCRIPT_DIR")" API_DIR="${SRC_DIR}"/api CONFIGS_DIR="${SRC_DIR}"/configs BUILD_DIR=build_docs [[ -z "${DOCS_OUTPUT_DIR}" ]] && DOCS_OUTPUT_DIR=generated/docs [[ -z "${GENERATED_RST_DIR}" ]] && GENERATED_RST_DIR=generated/rst rm -rf "${DOCS_OUTPUT_DIR}" mkdir -p "${DOCS_OUTPUT_DIR}" rm -rf "${GENERATED_RST_DIR}" mkdir -p "${GENERATED_RST_DIR}" source_venv "$BUILD_DIR" pip3 install --require-hashes -r "${SCRIPT_DIR}"/requirements.txt # Clean up any stale files in the API tree output. Bazel remembers valid cached # files still. rm -rf bazel-bin/external/envoy_api_canonical EXTENSION_DB_PATH="$(realpath "${BUILD_DIR}/extension_db.json")" export EXTENSION_DB_PATH # This is for local RBE setup, should be no-op for builds without RBE setting in bazelrc files. IFS=" " read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" BAZEL_BUILD_OPTIONS+=( "--remote_download_outputs=all" "--strategy=protodoc=sandboxed,local" "--action_env=ENVOY_BLOB_SHA" "--action_env=EXTENSION_DB_PATH") # Generate extension database. This maps from extension name to extension # metadata, based on the envoy_cc_extension() Bazel target attributes. ./docs/generate_extension_db.py "${EXTENSION_DB_PATH}" # Generate RST for the lists of trusted/untrusted extensions in # intro/arch_overview/security docs. mkdir -p "${GENERATED_RST_DIR}"/intro/arch_overview/security ./docs/generate_extension_rst.py "${EXTENSION_DB_PATH}" "${GENERATED_RST_DIR}"/intro/arch_overview/security # Generate RST for external dependency docs in intro/arch_overview/security. ./docs/generate_external_dep_rst.py "${GENERATED_RST_DIR}"/intro/arch_overview/security function generate_api_rst() { local proto_target declare -r API_VERSION=$1 echo "Generating ${API_VERSION} API RST..." # Generate the extensions docs bazel build "${BAZEL_BUILD_OPTIONS[@]}" @envoy_api_canonical//:"${API_VERSION}"_protos --aspects \ tools/protodoc/protodoc.bzl%protodoc_aspect --output_groups=rst # Fill in boiler plate for extensions that have google.protobuf.Empty as their # config. bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/protodoc:generate_empty \ "${PWD}"/docs/empty_extensions.json "${PWD}/${GENERATED_RST_DIR}/api-${API_VERSION}"/config # We do ** matching below to deal with Bazel cache blah (source proto artifacts # are nested inside source package targets). shopt -s globstar # Find all source protos. proto_target=$(bazel query "labels(srcs, labels(deps, @envoy_api_canonical//:${API_VERSION}_protos))") declare -r proto_target # Only copy in the protos we care about and know how to deal with in protodoc. for p in ${proto_target} do declare PROTO_FILE_WITHOUT_PREFIX="${p#@envoy_api_canonical//}" declare PROTO_FILE_CANONICAL="${PROTO_FILE_WITHOUT_PREFIX/://}" # We use ** glob matching here to deal with the fact that we have something # like # bazel-bin/external/envoy_api_canonical/envoy/admin/v2alpha/pkg/envoy/admin/v2alpha/certs.proto.proto # and we don't want to have to do a nested loop and slow bazel query to # recover the canonical package part of the path. declare SRCS=(bazel-bin/external/envoy_api_canonical/**/"${PROTO_FILE_CANONICAL}.rst") # While we may have reformatted the file multiple times due to the transitive # dependencies in the aspect above, they all look the same. So, just pick an # arbitrary match and we're done. declare SRC="${SRCS[0]}" declare DST="${GENERATED_RST_DIR}/api-${API_VERSION}/${PROTO_FILE_CANONICAL#envoy/}".rst mkdir -p "$(dirname "${DST}")" cp -f "${SRC}" "$(dirname "${DST}")" done } generate_api_rst v2 generate_api_rst v3 # Fixup anchors and references in v3 so they form a distinct namespace. # TODO(htuch): Do this in protodoc generation in the future. find "${GENERATED_RST_DIR}"/api-v3 -name "*.rst" -print0 | xargs -0 sed -i -e "s#envoy_api_#envoy_v3_api_#g" find "${GENERATED_RST_DIR}"/api-v3 -name "*.rst" -print0 | xargs -0 sed -i -e "s#config_resource_monitors#v3_config_resource_monitors#g" # xDS protocol spec. mkdir -p ${GENERATED_RST_DIR}/api-docs cp -f "${API_DIR}"/xds_protocol.rst "${GENERATED_RST_DIR}/api-docs/xds_protocol.rst" # Edge hardening example YAML. mkdir -p "${GENERATED_RST_DIR}"/configuration/best_practices cp -f "${CONFIGS_DIR}"/google-vrp/envoy-edge.yaml "${GENERATED_RST_DIR}"/configuration/best_practices rsync -rav "${API_DIR}/diagrams" "${GENERATED_RST_DIR}/api-docs" rsync -av "${SCRIPT_DIR}"/root/ "${SCRIPT_DIR}"/conf.py "${SCRIPT_DIR}"/_ext "${GENERATED_RST_DIR}" # To speed up validate_fragment invocations in validating_code_block bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/config_validation:validate_fragment sphinx-build -W --keep-going -b html "${GENERATED_RST_DIR}" "${DOCS_OUTPUT_DIR}" ================================================ FILE: docs/conf.py ================================================ # -*- coding: utf-8 -*- # # envoy documentation build configuration file, created by # sphinx-quickstart on Sat May 28 10:51:27 2016. # # This file is execfile()d with the current directory set to its # containing dir. # # Note that not all possible configuration values are present in this # autogenerated file. # # All configuration values have a default; values that are commented out # serve to show the default. from datetime import datetime import os from sphinx.directives.code import CodeBlock import sphinx_rtd_theme import sys # https://stackoverflow.com/questions/44761197/how-to-use-substitution-definitions-with-code-blocks class SubstitutionCodeBlock(CodeBlock): """ Similar to CodeBlock but replaces placeholders with variables. See "substitutions" below. """ def run(self): """ Replace placeholders with given variables. """ app = self.state.document.settings.env.app new_content = [] existing_content = self.content for item in existing_content: for pair in app.config.substitutions: original, replacement = pair item = item.replace(original, replacement) new_content.append(item) self.content = new_content return list(CodeBlock.run(self)) def setup(app): app.add_config_value('release_level', '', 'env') app.add_config_value('substitutions', [], 'html') app.add_directive('substitution-code-block', SubstitutionCodeBlock) if not os.environ.get('ENVOY_DOCS_RELEASE_LEVEL'): raise Exception("ENVOY_DOCS_RELEASE_LEVEL env var must be defined") release_level = os.environ['ENVOY_DOCS_RELEASE_LEVEL'] blob_sha = os.environ['ENVOY_BLOB_SHA'] # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. #sys.path.insert(0, os.path.abspath('.')) # -- General configuration ------------------------------------------------ # If your documentation needs a minimal Sphinx version, state it here. #needs_sphinx = '1.0' # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. sys.path.append(os.path.abspath("./_ext")) extensions = [ 'sphinxcontrib.httpdomain', 'sphinx.ext.extlinks', 'sphinx.ext.ifconfig', 'sphinx_tabs.tabs', 'sphinx_copybutton', 'validating_code_block' ] extlinks = { 'repo': ('https://github.com/envoyproxy/envoy/blob/{}/%s'.format(blob_sha), ''), 'api': ('https://github.com/envoyproxy/envoy/blob/{}/api/%s'.format(blob_sha), ''), } # Setup global substitutions if 'pre-release' in release_level: substitutions = [('|envoy_docker_image|', 'envoy-dev:{}'.format(blob_sha))] else: substitutions = [('|envoy_docker_image|', 'envoy:{}'.format(blob_sha))] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] copybutton_prompt_text = r"\$ |PS>" copybutton_prompt_is_regexp = True # The suffix(es) of source filenames. # You can specify multiple suffix as a list of string: # source_suffix = ['.rst', '.md'] source_suffix = '.rst' # The encoding of source files. #source_encoding = 'utf-8-sig' # The master toctree document. master_doc = 'index' # General information about the project. project = u'envoy' copyright = u'2016-{}, Envoy Project Authors'.format(datetime.now().year) author = u'Envoy Project Authors' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. if not os.environ.get('ENVOY_DOCS_VERSION_STRING'): raise Exception("ENVOY_DOCS_VERSION_STRING env var must be defined") # The short X.Y version. version = os.environ['ENVOY_DOCS_VERSION_STRING'] # The full version, including alpha/beta/rc tags. release = os.environ['ENVOY_DOCS_VERSION_STRING'] # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: #today = '' # Else, today_fmt is used as the format for a strftime call. #today_fmt = '%B %d, %Y' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. # This patterns also effect to html_static_path and html_extra_path exclude_patterns = [ '_build', '_venv', 'Thumbs.db', '.DS_Store', 'api-v2/api/v2/endpoint/load_report.proto.rst', 'api-v2/service/discovery/v2/hds.proto.rst', ] # The reST default role (used for this markup: `text`) to use for all # documents. #default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. #add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). #add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. #show_authors = False # The name of the Pygments (syntax highlighting) style to use. #pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. #modindex_common_prefix = [] # If true, keep warnings as "system message" paragraphs in the built documents. #keep_warnings = False # If true, `todo` and `todoList` produce output, else they produce nothing. todo_include_todos = False # -- Options for HTML output ---------------------------------------------- # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. html_theme = 'sphinx_rtd_theme' # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. html_theme_options = { 'logo_only': True, 'includehidden': False, } # Add any paths that contain custom themes here, relative to this directory. html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] # The name for this set of Sphinx documents. # " v documentation" by default. #html_title = u'envoy v1.0.0' # A shorter title for the navigation bar. Default is the same as html_title. #html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. html_logo = '_static/img/envoy-logo.png' # The name of an image file (relative to this directory) to use as a favicon of # the docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. html_favicon = 'favicon.ico' # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". html_static_path = ['_static'] html_style = 'css/envoy.css' # Add any extra paths that contain custom files (such as robots.txt or # .htaccess) here, relative to this directory. These files are copied # directly to the root of the documentation. #html_extra_path = [] # If not None, a 'Last updated on:' timestamp is inserted at every page # bottom, using the given strftime format. # The empty string is equivalent to '%b %d, %Y'. #html_last_updated_fmt = None # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. #html_use_smartypants = True # Custom sidebar templates, maps document names to template names. #html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. #html_additional_pages = {} # If false, no module index is generated. #html_domain_indices = True # If false, no index is generated. #html_use_index = True # If true, the index is split into individual pages for each letter. #html_split_index = False # If true, links to the reST sources are added to the pages. #html_show_sourcelink = True # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. #html_show_sphinx = True # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. #html_show_copyright = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. #html_use_opensearch = '' # This is the file name suffix for HTML files (e.g. ".xhtml"). #html_file_suffix = None # Language to be used for generating the HTML full-text search index. # Sphinx supports the following languages: # 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' # 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr', 'zh' #html_search_language = 'en' # A dictionary with options for the search language support, empty by default. # 'ja' uses this config value. # 'zh' user can custom change `jieba` dictionary path. #html_search_options = {'type': 'default'} # The name of a javascript file (relative to the configuration directory) that # implements a search results scorer. If empty, the default will be used. #html_search_scorer = 'scorer.js' # Output file base name for HTML help builder. htmlhelp_basename = 'envoydoc' ================================================ FILE: docs/empty_extensions.json ================================================ { "envoy.filters.http.cors": { "title": "CORS processing", "path": "filter/http/cors", "description": "https://en.wikipedia.org/wiki/Cross-origin_resource_sharing", "ref": "config_http_filters_cors" }, "envoy.filters.http.dynamo": { "title": "AWS DynamoDB", "path": "filter/http/dynamo", "description": "https://aws.amazon.com/dynamodb/", "ref": "config_http_filters_dynamo" }, "envoy.filters.http.grpc_http1_bridge": { "title": "gRPC HTTP/1 bridge", "path": "filter/http/grpc_http1_bridge", "description": "HTTP filter that bridges HTTP/1.1 unary gRPC to compliant HTTP/2 gRPC", "ref": "config_http_filters_grpc_bridge" }, "envoy.filters.http.grpc_web": { "title": "gRPC Web", "path": "filter/http/grpc_web", "description": "https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-WEB.md", "ref": "config_http_filters_grpc_web" }, "envoy.filters.listener.http_inspector": { "title": "HTTP Inspector", "path": "filter/listener/http_inspector", "ref": "config_listener_filters_http_inspector" }, "envoy.filters.listener.original_dst": { "title": "Original Destination", "path": "filter/listener/original_dst", "ref": "config_listener_filters_original_dst" }, "envoy.filters.listener.proxy_protocol": { "title": "Proxy Protocol", "path": "filter/listener/proxy_protocol", "ref": "config_listener_filters_proxy_protocol" }, "envoy.filters.listener.tls_inspector": { "title": "TLS Inspector", "path": "filter/listener/tls_inspector", "ref": "config_listener_filters_tls_inspector" }, "envoy.filters.network.echo": { "title": "Echo", "path": "filter/network/echo", "ref": "config_network_filters_echo" }, "envoy.filters.network.sni_cluster": { "title": "SNI Cluster", "path": "filter/network/sni_cluster", "ref": "config_network_filters_sni_cluster" }, "envoy.retry_host_predicates.previous_hosts": { "title": "Previous Hosts", "path": "retry/previous_hosts", "ref": "arch_overview_http_retry_plugins" }, "envoy.retry_host_predicates.omit_canary_hosts": { "title": "Omit Canary Hosts", "path": "retry/omit_canary_hosts", "ref": "arch_overview_http_retry_plugins" } } ================================================ FILE: docs/generate_extension_db.py ================================================ #!/usr/bin/env python3 # Generate an extension database, a JSON file mapping from qualified well known # extension name to metadata derived from the envoy_cc_extension target. import json import os import pathlib import shutil import subprocess import sys from importlib.util import spec_from_loader, module_from_spec from importlib.machinery import SourceFileLoader BUILDOZER_PATH = os.getenv("BUILDOZER_BIN") or (os.path.expandvars("$GOPATH/bin/buildozer") if os.getenv("GOPATH") else shutil.which("buildozer")) # source/extensions/extensions_build_config.bzl must have a .bzl suffix for Starlark # import, so we are forced to do this workaround. _extensions_build_config_spec = spec_from_loader( 'extensions_build_config', SourceFileLoader('extensions_build_config', 'source/extensions/extensions_build_config.bzl')) extensions_build_config = module_from_spec(_extensions_build_config_spec) _extensions_build_config_spec.loader.exec_module(extensions_build_config) class ExtensionDbError(Exception): pass def IsMissing(value): return value == '(missing)' def GetExtensionMetadata(target): r = subprocess.run( [BUILDOZER_PATH, '-stdout', 'print security_posture status undocumented', target], stdout=subprocess.PIPE, stderr=subprocess.PIPE) security_posture, status, undocumented = r.stdout.decode('utf-8').strip().split(' ') if IsMissing(security_posture): raise ExtensionDbError( 'Missing security posture for %s. Please make sure the target is an envoy_cc_extension and security_posture is set' % target) return { 'security_posture': security_posture, 'undocumented': False if IsMissing(undocumented) else bool(undocumented), 'status': 'stable' if IsMissing(status) else status, } if __name__ == '__main__': output_path = sys.argv[1] extension_db = {} for extension, target in extensions_build_config.EXTENSIONS.items(): extension_db[extension] = GetExtensionMetadata(target) # The TLS and generic upstream extensions are hard-coded into the build, so # not in source/extensions/extensions_build_config.bzl extension_db['envoy.transport_sockets.tls'] = GetExtensionMetadata( '//source/extensions/transport_sockets/tls:config') extension_db['envoy.upstreams.http.generic'] = GetExtensionMetadata( '//source/extensions/upstreams/http/generic:config') pathlib.Path(output_path).write_text(json.dumps(extension_db)) ================================================ FILE: docs/generate_extension_rst.py ================================================ #!/usr/bin/env python3 # Generate RST lists of extensions grouped by their security posture. from collections import defaultdict import json import pathlib import sys def FormatItem(extension, metadata): if metadata['undocumented']: item = '* %s' % extension else: item = '* :ref:`%s `' % (extension, extension) if metadata['status'] == 'alpha': item += ' (alpha)' return item if __name__ == '__main__': extension_db_path = sys.argv[1] security_rst_root = sys.argv[2] extension_db = json.loads(pathlib.Path(extension_db_path).read_text()) security_postures = defaultdict(list) for extension, metadata in extension_db.items(): security_postures[metadata['security_posture']].append(extension) for sp, extensions in security_postures.items(): output_path = pathlib.Path(security_rst_root, 'secpos_%s.rst' % sp) content = '\n'.join( FormatItem(extension, extension_db[extension]) for extension in sorted(extensions) if extension_db[extension]['status'] != 'wip') output_path.write_text(content) ================================================ FILE: docs/generate_external_dep_rst.py ================================================ #!/usr/bin/env python3 # Generate RST lists of external dependencies. from collections import defaultdict, namedtuple import pathlib import sys import urllib.parse from importlib.util import spec_from_loader, module_from_spec from importlib.machinery import SourceFileLoader # bazel/repository_locations.bzl must have a .bzl suffix for Starlark import, so # we are forced to do this workaround. _repository_locations_spec = spec_from_loader( 'repository_locations', SourceFileLoader('repository_locations', 'bazel/repository_locations.bzl')) repository_locations = module_from_spec(_repository_locations_spec) _repository_locations_spec.loader.exec_module(repository_locations) # Render a CSV table given a list of table headers, widths and list of rows # (each a list of strings). def CsvTable(headers, widths, rows): csv_rows = '\n '.join(', '.join(row) for row in rows) return f'''.. csv-table:: :header: {', '.join(headers)} :widths: {', '.join(str(w) for w in widths) } {csv_rows} ''' # Anonymous external RST link for a given URL. def RstLink(text, url): return f'`{text} <{url}>`__' # NIST CPE database search URL for a given CPE. def NistCpeUrl(cpe): encoded_cpe = urllib.parse.quote(cpe) return 'https://nvd.nist.gov/products/cpe/search/results?keyword=%s&status=FINAL&orderBy=CPEURI&namingFormat=2.3' % encoded_cpe # Render version strings human readable. def RenderVersion(version): # Heuristic, almost certainly a git SHA if len(version) == 40: # Abbreviate git SHA return version[:7] return version def RenderTitle(title): underline = '~' * len(title) return f'\n{title}\n{underline}\n\n' if __name__ == '__main__': security_rst_root = sys.argv[1] Dep = namedtuple('Dep', ['name', 'sort_name', 'version', 'cpe', 'last_updated']) use_categories = defaultdict(lambda: defaultdict(list)) # Bin rendered dependencies into per-use category lists. for k, v in repository_locations.DEPENDENCY_REPOSITORIES.items(): cpe = v.get('cpe', '') if cpe == 'N/A': cpe = '' if cpe: cpe = RstLink(cpe, NistCpeUrl(cpe)) project_name = v['project_name'] project_url = v['project_url'] name = RstLink(project_name, project_url) version = RstLink(RenderVersion(v['version']), v['urls'][0]) last_updated = v['last_updated'] dep = Dep(name, project_name.lower(), version, cpe, last_updated) for category in v['use_category']: for ext in v.get('extensions', ['core']): use_categories[category][ext].append(dep) def CsvRow(dep): return [dep.name, dep.version, dep.last_updated, dep.cpe] # Generate per-use category RST with CSV tables. for category, exts in use_categories.items(): content = '' for ext_name, deps in sorted(exts.items()): if ext_name != 'core': content += RenderTitle(ext_name) output_path = pathlib.Path(security_rst_root, f'external_dep_{category}.rst') content += CsvTable(['Name', 'Version', 'Last updated', 'CPE'], [2, 1, 1, 2], [CsvRow(dep) for dep in sorted(deps, key=lambda d: d.sort_name)]) output_path.write_text(content) ================================================ FILE: docs/protodoc_manifest.yaml ================================================ fields: envoy.config.bootstrap.v3.Bootstrap.overload_manager: edge_config: example: refresh_interval: 0.25s resource_monitors: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig max_heap_size_bytes: 1073741824 actions: - name: "envoy.overload_actions.shrink_heap" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.90 - name: "envoy.overload_actions.stop_accepting_requests" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.95 envoy.config.cluster.v3.Cluster.per_connection_buffer_limit_bytes: edge_config: { example: 32768 } envoy.config.cluster.v3.Cluster.http2_protocol_options: edge_config: example: initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB envoy.config.listener.v3.Listener.per_connection_buffer_limit_bytes: edge_config: { example: 32768 } envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.common_http_protocol_options: edge_config: example: idle_timeout: 900s # 15 mins headers_with_underscores_action: REJECT_REQUEST envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http2_protocol_options: edge_config: example: max_concurrent_streams: 100 initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout: edge_config: example: 300s # 5 mins envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_timeout: edge_config: note: > This timeout is not compatible with streaming requests. example: 300s # 5 mins envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address: edge_config: { example: true } ================================================ FILE: docs/publish.sh ================================================ #!/bin/bash # This is run on every commit that CircleCI picks up. It assumes that docs have already been built # via docs/build.sh. The push behavior differs depending on the nature of the commit: # * Tag commit (e.g. v1.6.0): pushes docs to versioned location, e.g. # https://www.envoyproxy.io/docs/envoy/v1.6.0/. # * Master commit: pushes docs to https://www.envoyproxy.io/docs/envoy/latest/. # * Otherwise: noop. set -e DOCS_DIR=generated/docs CHECKOUT_DIR=../envoy-docs BUILD_SHA=$(git rev-parse HEAD) if [ -n "$CIRCLE_TAG" ] then PUBLISH_DIR="$CHECKOUT_DIR"/docs/envoy/"$CIRCLE_TAG" elif [ -z "$CIRCLE_PULL_REQUEST" ] && [ "$CIRCLE_BRANCH" == "master" ] then PUBLISH_DIR="$CHECKOUT_DIR"/docs/envoy/latest else echo "Ignoring docs push" exit 0 fi echo 'cloning' git clone git@github.com:envoyproxy/envoyproxy.github.io "$CHECKOUT_DIR" git -C "$CHECKOUT_DIR" fetch git -C "$CHECKOUT_DIR" checkout -B master origin/master rm -fr "$PUBLISH_DIR" mkdir -p "$PUBLISH_DIR" cp -r "$DOCS_DIR"/* "$PUBLISH_DIR" cd "$CHECKOUT_DIR" git config user.name "envoy-docs(travis)" git config user.email envoy-docs@users.noreply.github.com echo 'add' git add . echo 'commit' git commit -m "docs envoy@$BUILD_SHA" echo 'push' git push origin master ================================================ FILE: docs/requirements.txt ================================================ alabaster==0.7.12 \ --hash=sha256:446438bdcca0e05bd45ea2de1668c1d9b032e1a9154c2c259092d77031ddd359 \ --hash=sha256:a661d72d58e6ea8a57f7a86e37d86716863ee5e92788398526d58b26a4e4dc02 Babel==2.8.0 \ --hash=sha256:1aac2ae2d0d8ea368fa90906567f5c08463d98ade155c0c4bfedd6a0f7160e38 \ --hash=sha256:d670ea0b10f8b723672d3a6abeb87b565b244da220d76b4dba1b66269ec152d4 certifi==2020.6.20 \ --hash=sha256:5930595817496dd21bb8dc35dad090f1c2cd0adfaf21204bf6732ca5d8ee34d3 \ --hash=sha256:8fc0819f1f30ba15bdb34cceffb9ef04d99f420f68eb75d901e9560b8749fc41 chardet==3.0.4 \ --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \ --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 docutils==0.16 \ --hash=sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af \ --hash=sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc gitdb==4.0.5 \ --hash=sha256:91f36bfb1ab7949b3b40e23736db18231bf7593edada2ba5c3a174a7b23657ac \ --hash=sha256:c9e1f2d0db7ddb9a704c2a0217be31214e91a4fe1dea1efad19ae42ba0c285c9 GitPython==3.1.8 \ --hash=sha256:080bf8e2cf1a2b907634761c2eaefbe83b69930c94c66ad11b65a8252959f912 \ --hash=sha256:1858f4fd089abe92ae465f01d5aaaf55e937eca565fb2c1fce35a51b5f85c910 idna==2.10 \ --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 imagesize==1.2.0 \ --hash=sha256:6965f19a6a2039c7d48bca7dba2473069ff854c36ae6f19d2cde309d998228a1 \ --hash=sha256:b1f6b5a4eab1f73479a50fb79fcf729514a900c341d8503d62a62dbc4127a2b1 Jinja2==2.11.2 \ --hash=sha256:89aab215427ef59c34ad58735269eb58b1a5808103067f7bb9d5836c651b3bb0 \ --hash=sha256:f0a4641d3cf955324a89c04f3d94663aa4d638abe8f733ecd3582848e1c37035 MarkupSafe==1.1.1 \ --hash=sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473 \ --hash=sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161 \ --hash=sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235 \ --hash=sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5 \ --hash=sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42 \ --hash=sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff \ --hash=sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b \ --hash=sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1 \ --hash=sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e \ --hash=sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183 \ --hash=sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66 \ --hash=sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b \ --hash=sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1 \ --hash=sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15 \ --hash=sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1 \ --hash=sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e \ --hash=sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b \ --hash=sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905 \ --hash=sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735 \ --hash=sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d \ --hash=sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e \ --hash=sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d \ --hash=sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c \ --hash=sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21 \ --hash=sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2 \ --hash=sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5 \ --hash=sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b \ --hash=sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6 \ --hash=sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f \ --hash=sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f \ --hash=sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2 \ --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \ --hash=sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be packaging==20.4 \ --hash=sha256:4357f74f47b9c12db93624a82154e9b120fa8293699949152b22065d556079f8 \ --hash=sha256:998416ba6962ae7fbd6596850b80e17859a5753ba17c32284f67bfff33784181 Pygments==2.7.1 \ --hash=sha256:307543fe65c0947b126e83dd5a61bd8acbd84abec11f43caebaf5534cbc17998 \ --hash=sha256:926c3f319eda178d1bd90851e4317e6d8cdb5e292a3386aac9bd75eca29cf9c7 pyparsing==2.4.7 \ --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b pytz==2020.1 \ --hash=sha256:a494d53b6d39c3c6e44c3bec237336e14305e4f29bbf800b599253057fbb79ed \ --hash=sha256:c35965d010ce31b23eeb663ed3cc8c906275d6be1a34393a1d73a41febf4a048 requests==2.24.0 \ --hash=sha256:b3559a131db72c33ee969480840fff4bb6dd111de7dd27c8ee1f820f4f00231b \ --hash=sha256:fe75cc94a9443b9246fc7049224f75604b113c36acb93f87b80ed42c44cbb898 six==1.15.0 \ --hash=sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259 \ --hash=sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced smmap==3.0.4 \ --hash=sha256:54c44c197c819d5ef1991799a7e30b662d1e520f2ac75c9efbeb54a742214cf4 \ --hash=sha256:9c98bbd1f9786d22f14b3d4126894d56befb835ec90cef151af566c7e19b5d24 snowballstemmer==2.0.0 \ --hash=sha256:209f257d7533fdb3cb73bdbd24f436239ca3b2fa67d56f6ff88e86be08cc5ef0 \ --hash=sha256:df3bac3df4c2c01363f3dd2cfa78cce2840a79b9f1c2d2de9ce8d31683992f52 Sphinx==3.2.1 \ --hash=sha256:321d6d9b16fa381a5306e5a0b76cd48ffbc588e6340059a729c6fdd66087e0e8 \ --hash=sha256:ce6fd7ff5b215af39e2fcd44d4a321f6694b4530b6f2b2109b64d120773faea0 sphinx-copybutton==0.3.0 \ --hash=sha256:4becad3a1e7c50211f1477e34fd4b6d027680e1612f497cb5b88cf85bccddaaa \ --hash=sha256:4cd06afd0588aa43eba968bfc6105e1ec6546c50a51f880af1d89afaebc6fb58 sphinx-rtd-theme==0.5.0 \ --hash=sha256:22c795ba2832a169ca301cd0a083f7a434e09c538c70beb42782c073651b707d \ --hash=sha256:373413d0f82425aaa28fb288009bf0d0964711d347763af2f1b65cafcb028c82 sphinx-tabs==1.3.0 \ --hash=sha256:537857f91f1b371f7b45eb8ac83001618b3e3178c78df073d2cc4558a8e66ef5 \ --hash=sha256:54132c8a57aa19bba6e17fe26eb94ea9df531708ff3f509b119313b32d0d5aff sphinxcontrib-applehelp==1.0.2 \ --hash=sha256:806111e5e962be97c29ec4c1e7fe277bfd19e9652fb1a4392105b43e01af885a \ --hash=sha256:a072735ec80e7675e3f432fcae8610ecf509c5f1869d17e2eecff44389cdbc58 sphinxcontrib-devhelp==1.0.2 \ --hash=sha256:8165223f9a335cc1af7ffe1ed31d2871f325254c0423bc0c4c7cd1c1e4734a2e \ --hash=sha256:ff7f1afa7b9642e7060379360a67e9c41e8f3121f2ce9164266f61b9f4b338e4 sphinxcontrib-htmlhelp==1.0.3 \ --hash=sha256:3c0bc24a2c41e340ac37c85ced6dafc879ab485c095b1d65d2461ac2f7cca86f \ --hash=sha256:e8f5bb7e31b2dbb25b9cc435c8ab7a79787ebf7f906155729338f3156d93659b sphinxcontrib-httpdomain==1.7.0 \ --hash=sha256:1fb5375007d70bf180cdd1c79e741082be7aa2d37ba99efe561e1c2e3f38191e \ --hash=sha256:ac40b4fba58c76b073b03931c7b8ead611066a6aebccafb34dc19694f4eb6335 sphinxcontrib-jsmath==1.0.1 \ --hash=sha256:2ec2eaebfb78f3f2078e73666b1415417a116cc848b72e5172e596c871103178 \ --hash=sha256:a9925e4a4587247ed2191a22df5f6970656cb8ca2bd6284309578f2153e0c4b8 sphinxcontrib-qthelp==1.0.3 \ --hash=sha256:4c33767ee058b70dba89a6fc5c1892c0d57a54be67ddd3e7875a18d14cba5a72 \ --hash=sha256:bd9fc24bcb748a8d51fd4ecaade681350aa63009a347a8c14e637895444dfab6 sphinxcontrib-serializinghtml==1.1.4 \ --hash=sha256:eaa0eccc86e982a9b939b2b82d12cc5d013385ba5eadcc7e4fed23f4405f77bc \ --hash=sha256:f242a81d423f59617a8e5cf16f5d4d74e28ee9a66f9e5b637a18082991db5a9a urllib3==1.25.10 \ --hash=sha256:91056c15fa70756691db97756772bb1eb9678fa585d9184f24534b100dc60f4a \ --hash=sha256:e7983572181f5e1522d9c98453462384ee92a0be7fac5f1413a1e35c56cc0461 ================================================ FILE: docs/root/_static/css/envoy.css ================================================ @import url("theme.css"); /* Splits a long line descriptions in tables in to multiple lines */ .wy-table-responsive table td, .wy-table-responsive table th { white-space: normal !important; } /* align multi line csv table columns */ table.docutils div.line-block { margin-left: 0; } /* Breaking long words */ .wy-nav-content { overflow-wrap: break-word; max-width: 1000px; } /* To style the API version label of a search result item */ .api-version-label { border-radius: 20%; background-color: #c0c0c0; color: #ffffff; margin-left: 4px; padding: 4px; } ================================================ FILE: docs/root/_static/placeholder ================================================ ================================================ FILE: docs/root/_static/searchtools.js ================================================ /* * searchtools.js * ~~~~~~~~~~~~~~~~ * * Sphinx JavaScript utilities for the full-text search. * * :copyright: Copyright 2007-2020 by the Sphinx team, see AUTHORS. * :license: BSD, see LICENSE for details. * */ // Modified from https://raw.githubusercontent.com/sphinx-doc/sphinx/3.x/sphinx/themes/basic/static/searchtools.js // to have renderApiVersionLabel to render the API version for each search result item. if (!Scorer) { /** * Simple result scoring code. */ var Scorer = { // Implement the following function to further tweak the score for each result // The function takes a result array [filename, title, anchor, descr, score] // and returns the new score. /* score: function(result) { return result[4]; }, */ // query matches the full name of an object objNameMatch: 11, // or matches in the last dotted part of the object name objPartialMatch: 6, // Additive scores depending on the priority of the object objPrio: { 0: 15, // used to be importantResults 1: 5, // used to be objectResults 2: -5, }, // used to be unimportantResults // Used when the priority is not in the mapping. objPrioDefault: 0, // query found in title title: 15, partialTitle: 7, // query found in terms term: 5, partialTerm: 2, }; } if (!splitQuery) { function splitQuery(query) { return query.split(/\s+/); } } /** * Search Module */ var Search = { _index: null, _queued_query: null, _pulse_status: -1, htmlToText: function (htmlString) { var htmlElement = document.createElement("span"); htmlElement.innerHTML = htmlString; $(htmlElement).find(".headerlink").remove(); docContent = $(htmlElement).find("[role=main]")[0]; if (docContent === undefined) { console.warn( "Content block not found. Sphinx search tries to obtain it " + "via '[role=main]'. Could you check your theme or template." ); return ""; } return docContent.textContent || docContent.innerText; }, init: function () { var params = $.getQueryParameters(); if (params.q) { var query = params.q[0]; $('input[name="q"]')[0].value = query; this.performSearch(query); } }, loadIndex: function (url) { $.ajax({ type: "GET", url: url, data: null, dataType: "script", cache: true, complete: function (jqxhr, textstatus) { if (textstatus != "success") { document.getElementById("searchindexloader").src = url; } }, }); }, setIndex: function (index) { var q; this._index = index; if ((q = this._queued_query) !== null) { this._queued_query = null; Search.query(q); } }, hasIndex: function () { return this._index !== null; }, deferQuery: function (query) { this._queued_query = query; }, stopPulse: function () { this._pulse_status = 0; }, startPulse: function () { if (this._pulse_status >= 0) return; function pulse() { var i; Search._pulse_status = (Search._pulse_status + 1) % 4; var dotString = ""; for (i = 0; i < Search._pulse_status; i++) dotString += "."; Search.dots.text(dotString); if (Search._pulse_status > -1) window.setTimeout(pulse, 500); } pulse(); }, /** * perform a search for something (or wait until index is loaded) */ performSearch: function (query) { // create the required interface elements this.out = $("#search-results"); this.title = $("

" + _("Searching") + "

").appendTo(this.out); this.dots = $("").appendTo(this.title); this.status = $('

 

').appendTo(this.out); this.output = $('
    ').appendTo(this.out); $("#search-progress").text(_("Preparing search...")); this.startPulse(); // index already loaded, the browser was quick! if (this.hasIndex()) this.query(query); else this.deferQuery(query); }, /** * execute search (requires search index to be loaded) */ query: function (query) { var i; // stem the searchterms and add them to the correct list var stemmer = new Stemmer(); var searchterms = []; var excluded = []; var hlterms = []; var tmp = splitQuery(query); var objectterms = []; for (i = 0; i < tmp.length; i++) { if (tmp[i] !== "") { objectterms.push(tmp[i].toLowerCase()); } if ($u.indexOf(stopwords, tmp[i].toLowerCase()) != -1 || tmp[i] === "") { // skip this "word" continue; } // stem the word var word = stemmer.stemWord(tmp[i].toLowerCase()); // prevent stemmer from cutting word smaller than two chars if (word.length < 3 && tmp[i].length >= 3) { word = tmp[i]; } var toAppend; // select the correct list if (word[0] == "-") { toAppend = excluded; word = word.substr(1); } else { toAppend = searchterms; hlterms.push(tmp[i].toLowerCase()); } // only add if not already in the list if (!$u.contains(toAppend, word)) toAppend.push(word); } var highlightstring = "?highlight=" + $.urlencode(hlterms.join(" ")); // console.debug('SEARCH: searching for:'); // console.info('required: ', searchterms); // console.info('excluded: ', excluded); // prepare search var terms = this._index.terms; var titleterms = this._index.titleterms; // array of [filename, title, anchor, descr, score] var results = []; $("#search-progress").empty(); // lookup as object for (i = 0; i < objectterms.length; i++) { var others = [].concat( objectterms.slice(0, i), objectterms.slice(i + 1, objectterms.length) ); results = results.concat( this.performObjectSearch(objectterms[i], others) ); } // lookup as search terms in fulltext results = results.concat( this.performTermsSearch(searchterms, excluded, terms, titleterms) ); // let the scorer override scores with a custom scoring function if (Scorer.score) { for (i = 0; i < results.length; i++) results[i][4] = Scorer.score(results[i]); } // now sort the results by score (in opposite order of appearance, since the // display function below uses pop() to retrieve items) and then // alphabetically results.sort(function (a, b) { var left = a[4]; var right = b[4]; if (left > right) { return 1; } else if (left < right) { return -1; } else { // same score: sort alphabetically left = a[1].toLowerCase(); right = b[1].toLowerCase(); return left > right ? -1 : left < right ? 1 : 0; } }); // for debugging //Search.lastresults = results.slice(); // a copy //console.info('search results:', Search.lastresults); // renderApiVersionLabel renders API version for each search result item. function renderApiVersionLabel(linkUrl) { const filtered = linkUrl .split("/") .filter((part) => part.startsWith("api-v")); return filtered.length === 1 ? ' ' + filtered.pop() + "" : ""; } // print the results var resultCount = results.length; function displayNextItem() { // results left, load the summary and display it if (results.length) { var item = results.pop(); var listItem = $('
  • '); var requestUrl = ""; var linkUrl = ""; if (DOCUMENTATION_OPTIONS.BUILDER === "dirhtml") { // dirhtml builder var dirname = item[0] + "/"; if (dirname.match(/\/index\/$/)) { dirname = dirname.substring(0, dirname.length - 6); } else if (dirname == "index/") { dirname = ""; } requestUrl = DOCUMENTATION_OPTIONS.URL_ROOT + dirname; linkUrl = requestUrl; } else { // normal html builders requestUrl = DOCUMENTATION_OPTIONS.URL_ROOT + item[0] + DOCUMENTATION_OPTIONS.FILE_SUFFIX; linkUrl = item[0] + DOCUMENTATION_OPTIONS.LINK_SUFFIX; } listItem.append( $("") .attr("href", linkUrl + highlightstring + item[2]) .html(item[1]) ); var apiVersion = renderApiVersionLabel(linkUrl); if (apiVersion !== "") { listItem.append(apiVersion); } if (item[3]) { listItem.append($(" (" + item[3] + ")")); Search.output.append(listItem); listItem.slideDown(5, function () { displayNextItem(); }); } else if (DOCUMENTATION_OPTIONS.HAS_SOURCE) { $.ajax({ url: requestUrl, dataType: "text", complete: function (jqxhr, textstatus) { var data = jqxhr.responseText; if (data !== "" && data !== undefined) { listItem.append( Search.makeSearchSummary(data, searchterms, hlterms) ); } Search.output.append(listItem); listItem.slideDown(5, function () { displayNextItem(); }); }, }); } else { // no source available, just display title Search.output.append(listItem); listItem.slideDown(5, function () { displayNextItem(); }); } } // search finished, update title and status message else { Search.stopPulse(); Search.title.text(_("Search Results")); if (!resultCount) Search.status.text( _( "Your search did not match any documents. Please make sure that all words are spelled correctly and that you've selected enough categories." ) ); else Search.status.text( _( "Search finished, found %s page(s) matching the search query." ).replace("%s", resultCount) ); Search.status.fadeIn(500); } } displayNextItem(); }, /** * search for object names */ performObjectSearch: function (object, otherterms) { var filenames = this._index.filenames; var docnames = this._index.docnames; var objects = this._index.objects; var objnames = this._index.objnames; var titles = this._index.titles; var i; var results = []; for (var prefix in objects) { for (var name in objects[prefix]) { var fullname = (prefix ? prefix + "." : "") + name; var fullnameLower = fullname.toLowerCase(); if (fullnameLower.indexOf(object) > -1) { var score = 0; var parts = fullnameLower.split("."); // check for different match types: exact matches of full name or // "last name" (i.e. last dotted part) if (fullnameLower == object || parts[parts.length - 1] == object) { score += Scorer.objNameMatch; // matches in last name } else if (parts[parts.length - 1].indexOf(object) > -1) { score += Scorer.objPartialMatch; } var match = objects[prefix][name]; var objname = objnames[match[1]][2]; var title = titles[match[0]]; // If more than one term searched for, we require other words to be // found in the name/title/description if (otherterms.length > 0) { var haystack = ( prefix + " " + name + " " + objname + " " + title ).toLowerCase(); var allfound = true; for (i = 0; i < otherterms.length; i++) { if (haystack.indexOf(otherterms[i]) == -1) { allfound = false; break; } } if (!allfound) { continue; } } var descr = objname + _(", in ") + title; var anchor = match[3]; if (anchor === "") anchor = fullname; else if (anchor == "-") anchor = objnames[match[1]][1] + "-" + fullname; // add custom score for some objects according to scorer if (Scorer.objPrio.hasOwnProperty(match[2])) { score += Scorer.objPrio[match[2]]; } else { score += Scorer.objPrioDefault; } results.push([ docnames[match[0]], fullname, "#" + anchor, descr, score, filenames[match[0]], ]); } } } return results; }, /** * search for full-text terms in the index */ performTermsSearch: function (searchterms, excluded, terms, titleterms) { var docnames = this._index.docnames; var filenames = this._index.filenames; var titles = this._index.titles; var i, j, file; var fileMap = {}; var scoreMap = {}; var results = []; // perform the search on the required terms for (i = 0; i < searchterms.length; i++) { var word = searchterms[i]; var files = []; var _o = [ { files: terms[word], score: Scorer.term }, { files: titleterms[word], score: Scorer.title }, ]; // add support for partial matches if (word.length > 2) { for (var w in terms) { if (w.match(word) && !terms[word]) { _o.push({ files: terms[w], score: Scorer.partialTerm }); } } for (var w in titleterms) { if (w.match(word) && !titleterms[word]) { _o.push({ files: titleterms[w], score: Scorer.partialTitle }); } } } // no match but word was a required one if ( $u.every(_o, function (o) { return o.files === undefined; }) ) { break; } // found search word in contents $u.each(_o, function (o) { var _files = o.files; if (_files === undefined) return; if (_files.length === undefined) _files = [_files]; files = files.concat(_files); // set score for the word in each file to Scorer.term for (j = 0; j < _files.length; j++) { file = _files[j]; if (!(file in scoreMap)) scoreMap[file] = {}; scoreMap[file][word] = o.score; } }); // create the mapping for (j = 0; j < files.length; j++) { file = files[j]; if (file in fileMap && fileMap[file].indexOf(word) === -1) fileMap[file].push(word); else fileMap[file] = [word]; } } // now check if the files don't contain excluded terms for (file in fileMap) { var valid = true; // check if all requirements are matched var filteredTermCount = searchterms.filter(function (term) { // as search terms with length < 3 are discarded: ignore return term.length > 2; }).length; if ( fileMap[file].length != searchterms.length && fileMap[file].length != filteredTermCount ) continue; // ensure that none of the excluded terms is in the search result for (i = 0; i < excluded.length; i++) { if ( terms[excluded[i]] == file || titleterms[excluded[i]] == file || $u.contains(terms[excluded[i]] || [], file) || $u.contains(titleterms[excluded[i]] || [], file) ) { valid = false; break; } } // if we have still a valid result we can add it to the result list if (valid) { // select one (max) score for the file. // for better ranking, we should calculate ranking by using words statistics like basic tf-idf... var score = $u.max( $u.map(fileMap[file], function (w) { return scoreMap[file][w]; }) ); results.push([ docnames[file], titles[file], "", null, score, filenames[file], ]); } } return results; }, /** * helper function to return a node containing the * search summary for a given text. keywords is a list * of stemmed words, hlwords is the list of normal, unstemmed * words. the first one is used to find the occurrence, the * latter for highlighting it. */ makeSearchSummary: function (htmlText, keywords, hlwords) { var text = Search.htmlToText(htmlText); var textLower = text.toLowerCase(); var start = 0; $.each(keywords, function () { var i = textLower.indexOf(this.toLowerCase()); if (i > -1) start = i; }); start = Math.max(start - 120, 0); var excerpt = (start > 0 ? "..." : "") + $.trim(text.substr(start, 240)) + (start + 240 - text.length ? "..." : ""); var rv = $('
    ').text(excerpt); $.each(hlwords, function () { rv = rv.highlightText(this, "highlighted"); }); return rv; }, }; $(document).ready(function () { Search.init(); }); ================================================ FILE: docs/root/about_docs.rst ================================================ About the documentation ======================= The Envoy documentation is composed of a few major sections: * :ref:`Introduction `: This section covers a general overview of what Envoy is, an architecture overview, how it is typically deployed, etc. * :ref:`Getting Started `: Quickly get started with Envoy using Docker. * :ref:`Installation `: How to build/install Envoy using Docker. * :ref:`Version history `: Per-version release notes. * :ref:`Configuration `: Detailed configuration instructions for Envoy. Where relevant, the configuration guide also contains information on statistics, runtime configuration, and APIs. * :ref:`Operations `: General information on how to operate Envoy including the command line interface, hot restart wrapper, administration interface, a general statistics overview, etc. * :ref:`Extending Envoy `: Information on how to write custom filters for Envoy. * :ref:`API reference `: Envoy API detailed reference. * :ref:`Envoy FAQ `: Have questions? We have answers. Hopefully. ================================================ FILE: docs/root/api/api.rst ================================================ .. _api: API === .. toctree:: :glob: :maxdepth: 2 api_supported_versions ../api-v2/api ../api-v3/api ../api-docs/xds_protocol client_features ================================================ FILE: docs/root/api/api_supported_versions.rst ================================================ .. _api_supported_versions: Supported API versions ====================== Envoy's APIs follow a :repo:`versioning scheme ` in which Envoy supports multiple major API versions at any point in time. The following versions are currently supported: * :ref:`v2 xDS API ` (*deprecated*, end-of-life EOY 2020). This API will not accept new features after the end of Q1 2020. * :ref:`v3 xDS API ` (*active*, end-of-life unknown). Envoy developers and operators are encouraged to be actively adopting and working with v3 xDS. The following API versions are no longer supported by Envoy: * v1 xDS API. This was the legacy REST-JSON API that preceded the current Protobuf and dual REST/gRPC xDS APIs. ================================================ FILE: docs/root/api/client_features.rst ================================================ .. _client_features: Well Known Client Features ========================== Authoritative list of features that an xDS client may support. An xDS client supplies the list of features it supports in the :ref:`client_features ` field. Client features use reverse DNS naming scheme, for example `com.acme.feature`. Currently Defined Client Features --------------------------------- .. It would be nice to use an RST ref here for service.load_stats.v2.LoadStatsResponse.send_all_clusters, but we can't due to https://github.com/envoyproxy/envoy/issues/3091. - **envoy.config.require-any-fields-contain-struct**: This feature indicates that xDS client requires that the configuration entries of type *google.protobuf.Any* contain messages of type *udpa.type.v1.TypedStruct* only. - **envoy.lb.does_not_support_overprovisioning**: This feature indicates that the client does not support overprovisioning for priority failover and locality weighting as configured by the :ref:`overprovisioning_factor` field. If graceful failover functionality is required, it must be supplied by the management server. - **envoy.lrs.supports_send_all_clusters**: This feature indicates that the client supports the *envoy_api_field_service.load_stats.v2.LoadStatsResponse.send_all_clusters* field in the LRS response. ================================================ FILE: docs/root/api-v2/admin/admin.rst ================================================ Admin ======== .. toctree:: :glob: :maxdepth: 2 ../admin/v2alpha/* ================================================ FILE: docs/root/api-v2/api.rst ================================================ .. _envoy_api_reference: v2 API reference ================ .. toctree:: :glob: :maxdepth: 2 bootstrap/bootstrap listeners/listeners clusters/clusters http_routes/http_routes config/config admin/admin data/data service/service common_messages/common_messages types/types ================================================ FILE: docs/root/api-v2/bootstrap/bootstrap.rst ================================================ Bootstrap ========= .. toctree:: :glob: :maxdepth: 2 ../config/bootstrap/v2/bootstrap.proto ../config/metrics/v2/stats.proto ../config/metrics/v2/metrics_service.proto ../config/overload/v2alpha/overload.proto ../config/ratelimit/v2/rls.proto ================================================ FILE: docs/root/api-v2/clusters/clusters.rst ================================================ Clusters ======== .. toctree:: :glob: :maxdepth: 2 ../api/v2/cluster.proto ../api/v2/cluster/outlier_detection.proto ../api/v2/cluster/circuit_breaker.proto ../api/v2/cluster/filter.proto ../api/v2/endpoint.proto ../api/v2/endpoint/endpoint_components.proto ../api/v2/core/health_check.proto ================================================ FILE: docs/root/api-v2/common_messages/common_messages.rst ================================================ Common messages =============== .. toctree:: :glob: :maxdepth: 2 ../api/v2/core/base.proto ../api/v2/core/address.proto ../api/v2/core/backoff.proto ../api/v2/core/protocol.proto ../api/v2/discovery.proto ../api/v2/core/config_source.proto ../api/v2/core/grpc_service.proto ../api/v2/core/grpc_method_list.proto ../api/v2/core/http_uri.proto ../api/v2/core/socket_option.proto ../api/v2/auth/common.proto ../api/v2/auth/secret.proto ../api/v2/ratelimit/ratelimit.proto ================================================ FILE: docs/root/api-v2/config/accesslog/accesslog.rst ================================================ Access loggers ============== .. toctree:: :glob: :maxdepth: 2 v2/* ================================================ FILE: docs/root/api-v2/config/cluster/cluster.rst ================================================ Cluster ======= .. toctree:: :glob: :maxdepth: 2 aggregate/v2alpha/* dynamic_forward_proxy/v2alpha/* redis/* ================================================ FILE: docs/root/api-v2/config/common/common.rst ================================================ Common ====== .. toctree:: :glob: :maxdepth: 2 dynamic_forward_proxy/v2alpha/* tap/v2alpha/* ================================================ FILE: docs/root/api-v2/config/config.rst ================================================ Extensions ========== .. toctree:: :glob: :maxdepth: 2 filter/filter accesslog/accesslog rbac/rbac health_checker/health_checker transport_socket/transport_socket resource_monitor/resource_monitor common/common cluster/cluster listener/listener grpc_credential/grpc_credential retry/retry trace/trace ================================================ FILE: docs/root/api-v2/config/filter/dubbo/dubbo.rst ================================================ Dubbo filters ============== .. toctree:: :glob: :maxdepth: 2 */v2alpha1/* ================================================ FILE: docs/root/api-v2/config/filter/filter.rst ================================================ Filters ======= .. toctree:: :glob: :maxdepth: 2 listener/listener network/network udp/udp http/http accesslog/v2/accesslog.proto fault/v2/fault.proto dubbo/dubbo thrift/thrift ================================================ FILE: docs/root/api-v2/config/filter/http/http.rst ================================================ HTTP filters ============ .. toctree:: :glob: :maxdepth: 2 */empty/* */v2/* */v2alpha/* */v2alpha1/* ================================================ FILE: docs/root/api-v2/config/filter/listener/listener.rst ================================================ Listener filters ================ .. toctree:: :glob: :maxdepth: 2 */empty/* */v2alpha1/* */v2/* ================================================ FILE: docs/root/api-v2/config/filter/network/network.rst ================================================ Network filters =============== .. toctree:: :glob: :maxdepth: 2 */empty/* */v1alpha1/* */v2/* */v2alpha/* */v2alpha1/* ================================================ FILE: docs/root/api-v2/config/filter/thrift/thrift.rst ================================================ Thrift filters ============== .. toctree:: :glob: :maxdepth: 2 */v2alpha1/* ================================================ FILE: docs/root/api-v2/config/filter/udp/udp.rst ================================================ UDP listener filters ==================== .. toctree:: :glob: :maxdepth: 2 */v2alpha/* ================================================ FILE: docs/root/api-v2/config/grpc_credential/grpc_credential.rst ================================================ Grpc Credentials ================ .. toctree:: :glob: :maxdepth: 2 v2alpha/* ================================================ FILE: docs/root/api-v2/config/health_checker/health_checker.rst ================================================ Health checkers =============== .. toctree:: :glob: :maxdepth: 2 */v2/* ================================================ FILE: docs/root/api-v2/config/listener/listener.rst ================================================ Listener ======== .. toctree:: :glob: :maxdepth: 2 v2/* ================================================ FILE: docs/root/api-v2/config/rbac/rbac.rst ================================================ RBAC ==== .. toctree:: :glob: :maxdepth: 2 v2/* ================================================ FILE: docs/root/api-v2/config/resource_monitor/resource_monitor.rst ================================================ .. _config_resource_monitors: Resource monitors ================= .. toctree:: :glob: :maxdepth: 2 */v2alpha/* ================================================ FILE: docs/root/api-v2/config/retry/retry.rst ================================================ Retry Predicates ================ .. toctree:: :glob: :maxdepth: 2 */empty/* omit_host_metadata/v2/* */* */v2/* ================================================ FILE: docs/root/api-v2/config/trace/trace.rst ================================================ HTTP Tracers ============== .. toctree:: :glob: :maxdepth: 2 v2/* v2alpha/* ================================================ FILE: docs/root/api-v2/config/transport_socket/transport_socket.rst ================================================ Transport sockets ================= .. toctree:: :glob: :maxdepth: 2 */v2alpha/* */v2/* ../../api/v2/auth/tls.proto ================================================ FILE: docs/root/api-v2/data/accesslog/accesslog.rst ================================================ Access logs =========== .. toctree:: :glob: :maxdepth: 2 v2/* ================================================ FILE: docs/root/api-v2/data/cluster/cluster.rst ================================================ Cluster data ============ .. toctree:: :glob: :maxdepth: 2 v2alpha/outlier_detection_event.proto ================================================ FILE: docs/root/api-v2/data/core/core.rst ================================================ Core data ========= .. toctree:: :glob: :maxdepth: 2 v2alpha/health_check_event.proto ================================================ FILE: docs/root/api-v2/data/data.rst ================================================ Envoy data ========== .. toctree:: :glob: :maxdepth: 2 accesslog/accesslog cluster/cluster core/core dns/dns tap/tap ================================================ FILE: docs/root/api-v2/data/dns/dns.rst ================================================ Extensions objects ================== .. toctree:: :glob: :maxdepth: 2 v2alpha/* ================================================ FILE: docs/root/api-v2/data/tap/tap.rst ================================================ Tap === .. toctree:: :glob: :maxdepth: 2 v2alpha/* ================================================ FILE: docs/root/api-v2/http_routes/http_routes.rst ================================================ HTTP route management ===================== .. toctree:: :glob: :maxdepth: 2 ../api/v2/route.proto ../api/v2/scoped_route.proto ../api/v2/route/route_components.proto ================================================ FILE: docs/root/api-v2/listeners/listeners.rst ================================================ Listeners ========= .. toctree:: :glob: :maxdepth: 2 ../api/v2/listener.proto ../api/v2/listener/listener_components.proto ../api/v2/listener/udp_listener_config.proto ../api/v2/listener/quic_config.proto ================================================ FILE: docs/root/api-v2/service/service.rst ================================================ Services ======== .. toctree:: :glob: :maxdepth: 2 accesslog/v2/* load_stats/v2/* auth/v2/* discovery/v2/* metrics/v2/* ratelimit/v2/* status/v2/* tap/v2alpha/* trace/v2/* ================================================ FILE: docs/root/api-v2/types/types.rst ================================================ Types ===== .. toctree:: :glob: :maxdepth: 2 ../type/hash_policy.proto ../type/http.proto ../type/http_status.proto ../type/percent.proto ../type/range.proto ../type/semantic_version.proto ../type/token_bucket.proto ../type/matcher/metadata.proto ../type/matcher/node.proto ../type/matcher/number.proto ../type/matcher/path.proto ../type/matcher/regex.proto ../type/matcher/string.proto ../type/matcher/struct.proto ../type/matcher/value.proto ../type/metadata/v2/metadata.proto ../type/tracing/v2/custom_tag.proto ================================================ FILE: docs/root/api-v3/admin/admin.rst ================================================ Admin ======== .. toctree:: :glob: :maxdepth: 2 ../admin/v3/* ================================================ FILE: docs/root/api-v3/api.rst ================================================ .. _envoy_v3_api_reference: v3 API reference ================ .. toctree:: :glob: :maxdepth: 2 bootstrap/bootstrap listeners/listeners clusters/clusters http_routes/http_routes config/config admin/admin data/data service/service common_messages/common_messages types/types ================================================ FILE: docs/root/api-v3/bootstrap/bootstrap.rst ================================================ Bootstrap ========= .. toctree:: :glob: :maxdepth: 2 ../config/bootstrap/v3/bootstrap.proto ../config/metrics/v3/stats.proto ../config/metrics/v3/metrics_service.proto ../config/overload/v3/overload.proto ../config/ratelimit/v3/rls.proto ../extensions/wasm/v3/wasm.proto ================================================ FILE: docs/root/api-v3/clusters/clusters.rst ================================================ Clusters ======== .. toctree:: :glob: :maxdepth: 2 ../config/cluster/v3/cluster.proto ../config/cluster/v3/outlier_detection.proto ../config/cluster/v3/circuit_breaker.proto ../config/cluster/v3/filter.proto ../config/endpoint/v3/endpoint.proto ../config/endpoint/v3/endpoint_components.proto ../config/core/v3/health_check.proto ================================================ FILE: docs/root/api-v3/common_messages/common_messages.rst ================================================ Common messages =============== .. toctree:: :glob: :maxdepth: 2 ../config/core/v3/base.proto ../config/core/v3/extension.proto ../config/core/v3/address.proto ../config/core/v3/backoff.proto ../config/core/v3/protocol.proto ../config/core/v3/proxy_protocol.proto ../service/discovery/v3/discovery.proto ../config/core/v3/config_source.proto ../config/core/v3/grpc_service.proto ../config/core/v3/grpc_method_list.proto ../config/core/v3/http_uri.proto ../config/core/v3/socket_option.proto ../config/core/v3/substitution_format_string.proto ../extensions/common/ratelimit/v3/ratelimit.proto ../extensions/filters/common/fault/v3/fault.proto ../extensions/network/socket_interface/v3/default_socket_interface.proto ================================================ FILE: docs/root/api-v3/config/accesslog/accesslog.rst ================================================ Access loggers ============== .. toctree:: :glob: :maxdepth: 2 v3/* ../../extensions/access_loggers/*/v3/* ================================================ FILE: docs/root/api-v3/config/cluster/cluster.rst ================================================ Cluster ======= .. toctree:: :glob: :maxdepth: 2 ../../extensions/clusters/*/v3/* ================================================ FILE: docs/root/api-v3/config/common/common.rst ================================================ Common ====== .. toctree:: :glob: :maxdepth: 2 matcher/v3/* ../../extensions/common/dynamic_forward_proxy/v3/* ../../extensions/common/tap/v3/* ================================================ FILE: docs/root/api-v3/config/compression/compression.rst ================================================ Compression =========== .. toctree:: :glob: :maxdepth: 2 ../../extensions/compression/gzip/*/v3/* ================================================ FILE: docs/root/api-v3/config/config.rst ================================================ Extensions ========== .. toctree:: :glob: :maxdepth: 2 filter/filter accesslog/accesslog rbac/rbac health_checker/health_checker transport_socket/transport_socket resource_monitor/resource_monitor common/common compression/compression cluster/cluster grpc_credential/grpc_credential retry/retry trace/trace internal_redirect/internal_redirect endpoint/endpoint upstream/upstream wasm/wasm watchdog/watchdog ================================================ FILE: docs/root/api-v3/config/endpoint/endpoint.rst ================================================ Endpoint ======== .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/config/filter/dubbo/dubbo.rst ================================================ Dubbo filters ============== .. toctree:: :glob: :maxdepth: 2 ../../../extensions/filters/network/dubbo_proxy/*/v3/* ================================================ FILE: docs/root/api-v3/config/filter/filter.rst ================================================ Filters ======= .. toctree:: :glob: :maxdepth: 2 listener/listener network/network udp/udp http/http dubbo/dubbo thrift/thrift ================================================ FILE: docs/root/api-v3/config/filter/http/http.rst ================================================ HTTP filters ============ .. toctree:: :glob: :maxdepth: 2 */empty/* ../../../extensions/filters/http/*/v3/* ================================================ FILE: docs/root/api-v3/config/filter/listener/listener.rst ================================================ Listener filters ================ .. toctree:: :glob: :maxdepth: 2 */empty/* ../../../extensions/filters/listener/*/v3/* ================================================ FILE: docs/root/api-v3/config/filter/network/network.rst ================================================ Network filters =============== .. toctree:: :glob: :maxdepth: 2 */empty/* ../../../extensions/filters/network/*/v3*/* ================================================ FILE: docs/root/api-v3/config/filter/thrift/thrift.rst ================================================ Thrift filters ============== .. toctree:: :glob: :maxdepth: 2 router/v2alpha1/* ../../../extensions/filters/network/thrift_proxy/**/v3/* ================================================ FILE: docs/root/api-v3/config/filter/udp/udp.rst ================================================ UDP listener filters ==================== .. toctree:: :glob: :maxdepth: 2 ../../../extensions/filters/udp/*/v3/* ../../../extensions/filters/udp/*/v3alpha/* ================================================ FILE: docs/root/api-v3/config/grpc_credential/grpc_credential.rst ================================================ Grpc Credentials ================ .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/config/health_checker/health_checker.rst ================================================ Health checkers =============== .. toctree:: :glob: :maxdepth: 2 */v2/* ================================================ FILE: docs/root/api-v3/config/internal_redirect/internal_redirect.rst ================================================ Internal Redirect Predicates ============================ .. toctree:: :glob: :maxdepth: 2 ../../extensions/internal_redirect/** ================================================ FILE: docs/root/api-v3/config/rbac/rbac.rst ================================================ RBAC ==== .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/config/resource_monitor/resource_monitor.rst ================================================ .. _v3_config_resource_monitors: Resource monitors ================= .. toctree:: :glob: :maxdepth: 2 */v2alpha/* ================================================ FILE: docs/root/api-v3/config/retry/retry.rst ================================================ Retry Predicates ================ .. toctree:: :glob: :maxdepth: 2 */empty/* */v2/* ../../extensions/retry/**/v3/* ================================================ FILE: docs/root/api-v3/config/trace/trace.rst ================================================ HTTP Tracers ============== .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/config/transport_socket/transport_socket.rst ================================================ Transport sockets ================= .. toctree:: :glob: :maxdepth: 2 ../../extensions/transport_sockets/*/v3/* ================================================ FILE: docs/root/api-v3/config/upstream/upstream.rst ================================================ Upstream Configuration ====================== .. toctree:: :glob: :maxdepth: 3 ../../extensions/upstreams/http/*/v3/** ================================================ FILE: docs/root/api-v3/config/wasm/wasm.rst ================================================ WASM ==== .. toctree:: :glob: :maxdepth: 2 ../../extensions/wasm/v3/* ../../extensions/stat_sinks/wasm/v3/* ================================================ FILE: docs/root/api-v3/config/watchdog/watchdog.rst ================================================ Watchdog ======== .. toctree:: :glob: :maxdepth: 2 ../../extensions/watchdog/profile_action/v3alpha/* ../../extensions/watchdog/abort_action/v3alpha/* ================================================ FILE: docs/root/api-v3/data/accesslog/accesslog.rst ================================================ Access logs =========== .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/data/cluster/cluster.rst ================================================ Cluster data ============ .. toctree:: :glob: :maxdepth: 2 v3/outlier_detection_event.proto ================================================ FILE: docs/root/api-v3/data/core/core.rst ================================================ Core data ========= .. toctree:: :glob: :maxdepth: 2 v3/health_check_event.proto ================================================ FILE: docs/root/api-v3/data/data.rst ================================================ Envoy data ========== .. toctree:: :glob: :maxdepth: 2 accesslog/accesslog cluster/cluster core/core dns/dns tap/tap ================================================ FILE: docs/root/api-v3/data/dns/dns.rst ================================================ Extensions objects ================== .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/data/tap/tap.rst ================================================ Tap === .. toctree:: :glob: :maxdepth: 2 v3/* ================================================ FILE: docs/root/api-v3/http_routes/http_routes.rst ================================================ HTTP route management ===================== .. toctree:: :glob: :maxdepth: 2 ../config/route/v3/route.proto ../config/route/v3/scoped_route.proto ../config/route/v3/route_components.proto ================================================ FILE: docs/root/api-v3/listeners/listeners.rst ================================================ Listeners ========= .. toctree:: :glob: :maxdepth: 2 ../config/listener/v3/listener.proto ../config/listener/v3/listener_components.proto ../config/listener/v3/api_listener.proto ../config/listener/v3/udp_listener_config.proto ../config/listener/v3/quic_config.proto ================================================ FILE: docs/root/api-v3/service/service.rst ================================================ Services ======== .. toctree:: :glob: :maxdepth: 2 accesslog/v3/* load_stats/v3/* auth/v3/* health/v3/* metrics/v3/* ratelimit/v3/* runtime/v3/* status/v3/* tap/v3/* ../config/tap/v3/* trace/v3/* extension/v3/* ================================================ FILE: docs/root/api-v3/types/types.rst ================================================ Types ===== .. toctree:: :glob: :maxdepth: 2 ../type/v3/hash_policy.proto ../type/v3/http.proto ../type/v3/http_status.proto ../type/v3/percent.proto ../type/v3/range.proto ../type/v3/ratelimit_unit.proto ../type/v3/semantic_version.proto ../type/v3/token_bucket.proto ../type/matcher/v3/metadata.proto ../type/matcher/v3/node.proto ../type/matcher/v3/number.proto ../type/matcher/v3/path.proto ../type/matcher/v3/regex.proto ../type/matcher/v3/string.proto ../type/matcher/v3/struct.proto ../type/matcher/v3/value.proto ../type/metadata/v3/metadata.proto ../type/tracing/v3/custom_tag.proto ================================================ FILE: docs/root/configuration/advanced/advanced.rst ================================================ Advanced ======== .. toctree:: :maxdepth: 2 well_known_dynamic_metadata ================================================ FILE: docs/root/configuration/advanced/well_known_dynamic_metadata.rst ================================================ .. _well_known_dynamic_metadata: Well Known Dynamic Metadata =========================== Filters can emit dynamic metadata via the *setDynamicMetadata* routine in the :repo:`StreamInfo ` interface on a :repo:`Connection `. This metadata emitted by a filter can be consumed by other filters and useful features can be built by stacking such filters. For example, a logging filter can consume dynamic metadata from an RBAC filter to log details about runtime shadow rule behavior. Another example is where an RBAC filter permits/restricts MySQL/MongoDB operations by looking at the operational metadata emitted by the MongoDB filter. The following Envoy filters emit dynamic metadata that other filters can leverage. * :ref:`External Authorization Filter ` * :ref:`External Authorization Network Filter ` * :ref:`Mongo Proxy Filter ` * :ref:`MySQL Proxy Filter ` * :ref:`Postgres Proxy Filter ` * :ref:`Role Based Access Control (RBAC) Filter ` * :ref:`Role Based Access Control (RBAC) Network Filter ` * :ref:`ZooKeeper Proxy Filter ` The following Envoy filters can be configured to consume dynamic metadata emitted by other filters. * :ref:`External Authorization Filter via the metadata context namespaces ` * :ref:`RateLimit Filter limit override ` .. _shared_dynamic_metadata: Shared Dynamic Metadata ----------------------- Dynamic metadata that is set by multiple filters is placed in the common key namespace `envoy.common`. Refer to the corresponding rules when setting this metadata. .. csv-table:: :header: Name, Type, Description, Rules :widths: 1, 1, 3, 3 access_log_hint, boolean, Whether access loggers should log the request., "When this metadata is already set: A `true` value should not be overwritten by a `false` value, while a `false` value can be overwritten by a `true` value." The following Envoy filters emit shared dynamic metadata. * :ref:`Role Based Access Control (RBAC) Filter ` * :ref:`Role Based Access Control (RBAC) Network Filter ` The following filters consume shared dynamic metadata. * :ref:`Metadata Access Log Filter` ================================================ FILE: docs/root/configuration/best_practices/_include/edge.yaml ================================================ overload_manager: refresh_interval: 0.25s resource_monitors: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig # TODO: Tune for your system. max_heap_size_bytes: 2147483648 # 2 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.95 - name: "envoy.overload_actions.stop_accepting_requests" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.98 admin: access_log_path: "/var/log/envoy_admin.log" address: socket_address: address: 127.0.0.1 port_value: 9090 static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 443 listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} per_connection_buffer_limit_bytes: 32768 # 32 KiB filter_chains: - filter_chain_match: server_names: ["example.com", "www.example.com"] transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "certs/servercert.pem" } private_key: { filename: "certs/serverkey.pem" } # Uncomment if Envoy is behind a load balancer that exposes client IP address using the PROXY protocol. # use_proxy_proto: true filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http use_remote_address: true common_http_protocol_options: idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: virtual_hosts: - name: default domains: "*" routes: - match: { prefix: "/" } route: cluster: service_foo idle_timeout: 15s # must be disabled for long-lived and streaming requests clusters: name: service_foo connect_timeout: 15s per_connection_buffer_limit_bytes: 32768 # 32 KiB load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 http2_protocol_options: initial_stream_window_size: 65536 # 64 KiB initial_connection_window_size: 1048576 # 1 MiB layered_runtime: layers: - name: static_layer_0 static_layer: envoy: resource_limits: listener: example_listener_name: connection_limit: 10000 overload: global_downstream_max_connections: 50000 ================================================ FILE: docs/root/configuration/best_practices/best_practices.rst ================================================ Configuration best practices ============================ .. toctree:: :maxdepth: 2 edge level_two ================================================ FILE: docs/root/configuration/best_practices/edge.rst ================================================ .. _best_practices_edge: Configuring Envoy as an edge proxy ================================== Envoy is a production-ready edge proxy, however, the default settings are tailored for the service mesh use case, and some values need to be adjusted when using Envoy as an edge proxy. TCP proxies should configure: * restrict access to the admin endpoint, * :ref:`overload_manager `, * :ref:`listener buffer limits ` to 32 KiB, * :ref:`cluster buffer limits ` to 32 KiB. HTTP proxies should additionally configure: * :ref:`use_remote_address ` to true (to avoid consuming HTTP headers from external clients, see :ref:`HTTP header sanitizing ` for details), * :ref:`connection and stream timeouts `, * :ref:`HTTP/2 maximum concurrent streams limit ` to 100, * :ref:`HTTP/2 initial stream window size limit ` to 64 KiB, * :ref:`HTTP/2 initial connection window size limit ` to 1 MiB. * :ref:`headers_with_underscores_action setting ` to REJECT_REQUEST, to protect upstream services that treat '_' and '-' as interchangeable. * :ref:`Listener connection limits. ` * :ref:`Global downstream connection limits `. The following is a YAML example of the above recommendation (taken from the :ref:`Google VRP ` edge server configuration): .. literalinclude:: _include/edge.yaml :language: yaml ================================================ FILE: docs/root/configuration/best_practices/level_two.rst ================================================ .. _best_practices_level2: Configuring Envoy as a level two proxy ====================================== Envoy is a production-ready proxy, however, the default settings that are tailored for the edge use case may need to be adjusted when using Envoy in a multi-level deployment as a "level two" proxy. .. image:: /_static/multilevel_deployment.svg **In summary, if you run level two Envoy version 1.11.1 or greater which terminates HTTP/2, we strongly advise you to change the HttpConnectionManager configuration of your level two Envoy, by setting its downstream** :ref:`validation of HTTP messaging option ` **to true.** If there is an invalid HTTP/2 request and this option is not set, the Envoy in question will reset the entire connection. This behavior was changed as part of the 1.11.1 security release, to increase the security of Edge Envoys. Unfortunately, because there are no guarantees that edge proxies will enforce HTTP/1 or HTTP/2 standards compliance as rigorously as Envoy’s HTTP/2 stack does, this can result in a problem as follows. If one client sends a request that for example passes level one proxy's validation checks, and it is forwarded over an upstream multiplexed HTTP/2 connection (potentially shared with other clients) the strict enforcement on the level two Envoy HTTP/2 will reset all the streams on that connection, causing a service disruption to the clients sharing that L1-L2 connection. If a malicious user has insight into what traffic will bypass level one checks, they could spray “bad” traffic across the level one fleet, causing serious disruption to other users’ traffic. This configuration option also has implications for invalid HTTP/1.1 though slightly less severe ones. For Envoy L1s, invalid HTTP/1 requests will also result in connection reset. If the option is set to true, and the request is completely read, the connection will persist and can be reused for a subsequent request. ================================================ FILE: docs/root/configuration/configuration.rst ================================================ .. _config: Configuration reference ======================= .. toctree:: :maxdepth: 2 overview/overview listeners/listeners http/http upstream/upstream observability/observability security/security operations/operations other_features/other_features other_protocols/other_protocols advanced/advanced best_practices/best_practices ================================================ FILE: docs/root/configuration/http/http.rst ================================================ HTTP ==== .. toctree:: :maxdepth: 2 http_conn_man/http_conn_man http_filters/http_filters ================================================ FILE: docs/root/configuration/http/http_conn_man/header_casing.rst ================================================ HTTP/1.1 Header Casing ====================== When handling HTTP/1.1, Envoy will normalize the header keys to be all lowercase. While this is compliant with the HTTP/1.1 spec, in practice this can result in issues when migrating existing systems that might rely on specific header casing. To support these use cases, Envoy allows configuring a formatting scheme for the headers, which will have Envoy transform the header keys during serialization. To configure this formatting on response headers, specify the format in the :ref:`http_protocol_options `. To configure this for upstream request headers, specify the formatting on the :ref:`Cluster `. ================================================ FILE: docs/root/configuration/http/http_conn_man/header_sanitizing.rst ================================================ .. _config_http_conn_man_header_sanitizing: HTTP header sanitizing ====================== For security reasons, Envoy will "sanitize" various incoming HTTP headers depending on whether the request is an internal or external request. The sanitizing action depends on the header and may result in addition, removal, or modification. Ultimately, whether the request is considered internal or external is governed by the :ref:`x-forwarded-for ` header (please read the linked section carefully as how Envoy populates the header is complex and depends on the :ref:`use_remote_address ` setting). In addition, the :ref:`internal_address_config ` setting can be used to configure the internal/external determination. Envoy will potentially sanitize the following headers: * :ref:`x-envoy-decorator-operation ` * :ref:`x-envoy-downstream-service-cluster ` * :ref:`x-envoy-downstream-service-node ` * :ref:`x-envoy-expected-rq-timeout-ms ` * :ref:`x-envoy-external-address ` * :ref:`x-envoy-force-trace ` * :ref:`x-envoy-internal ` * :ref:`x-envoy-ip-tags ` * :ref:`x-envoy-max-retries ` * :ref:`x-envoy-retry-grpc-on ` * :ref:`x-envoy-retry-on ` * :ref:`x-envoy-upstream-alt-stat-name ` * :ref:`x-envoy-upstream-rq-per-try-timeout-ms ` * :ref:`x-envoy-upstream-rq-timeout-alt-response ` * :ref:`x-envoy-upstream-rq-timeout-ms ` * :ref:`x-forwarded-client-cert ` * :ref:`x-forwarded-for ` * :ref:`x-forwarded-proto ` * :ref:`x-request-id ` ================================================ FILE: docs/root/configuration/http/http_conn_man/headers.rst ================================================ .. _config_http_conn_man_headers: HTTP header manipulation ======================== The HTTP connection manager manipulates several HTTP headers both during decoding (when the request is being received) as well as during encoding (when the response is being sent). .. contents:: :local: .. _config_http_conn_man_headers_user-agent: user-agent ---------- The *user-agent* header may be set by the connection manager during decoding if the :ref:`add_user_agent ` option is enabled. The header is only modified if it is not already set. If the connection manager does set the header, the value is determined by the :option:`--service-cluster` command line option. .. _config_http_conn_man_headers_server: server ------ The *server* header will be set during encoding to the value in the :ref:`server_name ` option. .. _config_http_conn_man_headers_x-client-trace-id: x-client-trace-id ----------------- If an external client sets this header, Envoy will join the provided trace ID with the internally generated :ref:`config_http_conn_man_headers_x-request-id`. x-client-trace-id needs to be globally unique and generating a uuid4 is recommended. If this header is set, it has similar effect to :ref:`config_http_conn_man_headers_x-envoy-force-trace`. See the :ref:`tracing.client_enabled ` runtime configuration setting. .. _config_http_conn_man_headers_downstream-service-cluster: x-envoy-downstream-service-cluster ---------------------------------- Internal services often want to know which service is calling them. This header is cleaned from external requests, but for internal requests will contain the service cluster of the caller. Note that in the current implementation, this should be considered a hint as it is set by the caller and could be easily spoofed by any internal entity. In the future Envoy will support a mutual authentication TLS mesh which will make this header fully secure. Like *user-agent*, the value is determined by the :option:`--service-cluster` command line option. In order to enable this feature you need to set the :ref:`user_agent ` option to true. .. _config_http_conn_man_headers_downstream-service-node: x-envoy-downstream-service-node ------------------------------- Internal services may want to know the downstream node request comes from. This header is quite similar to :ref:`config_http_conn_man_headers_downstream-service-cluster`, except the value is taken from the :option:`--service-node` option. .. _config_http_conn_man_headers_x-envoy-external-address: x-envoy-external-address ------------------------ It is a common case where a service wants to perform analytics based on the origin client's IP address. Per the lengthy discussion on :ref:`XFF `, this can get quite complicated, so Envoy simplifies this by setting *x-envoy-external-address* to the :ref:`trusted client address ` if the request is from an external client. *x-envoy-external-address* is not set or overwritten for internal requests. This header can be safely forwarded between internal services for analytics purposes without having to deal with the complexities of XFF. .. _config_http_conn_man_headers_x-envoy-force-trace: x-envoy-force-trace ------------------- If an internal request sets this header, Envoy will modify the generated :ref:`config_http_conn_man_headers_x-request-id` such that it forces traces to be collected. This also forces :ref:`config_http_conn_man_headers_x-request-id` to be returned in the response headers. If this request ID is then propagated to other hosts, traces will also be collected on those hosts which will provide a consistent trace for an entire request flow. See the :ref:`tracing.global_enabled ` and :ref:`tracing.random_sampling ` runtime configuration settings. .. _config_http_conn_man_headers_x-envoy-internal: x-envoy-internal ---------------- It is a common case where a service wants to know whether a request is internal origin or not. Envoy uses :ref:`XFF ` to determine this and then will set the header value to *true*. This is a convenience to avoid having to parse and understand XFF. .. _config_http_conn_man_headers_x-envoy-original-dst-host: x-envoy-original-dst-host ------------------------- The header used to override destination address when using the :ref:`Original Destination ` load balancing policy. It is ignored, unless the use of it is enabled via :ref:`use_http_header `. .. _config_http_conn_man_headers_x-forwarded-client-cert: x-forwarded-client-cert ----------------------- *x-forwarded-client-cert* (XFCC) is a proxy header which indicates certificate information of part or all of the clients or proxies that a request has flowed through, on its way from the client to the server. A proxy may choose to sanitize/append/forward the XFCC header before proxying the request. The XFCC header value is a comma (",") separated string. Each substring is an XFCC element, which holds information added by a single proxy. A proxy can append the current client certificate information as an XFCC element, to the end of the request's XFCC header after a comma. Each XFCC element is a semicolon ";" separated string. Each substring is a key-value pair, grouped together by an equals ("=") sign. The keys are case-insensitive, the values are case-sensitive. If ",", ";" or "=" appear in a value, the value should be double-quoted. Double-quotes in the value should be replaced by backslash-double-quote (\"). The following keys are supported: 1. ``By`` The Subject Alternative Name (URI type) of the current proxy's certificate. 2. ``Hash`` The SHA 256 digest of the current client certificate. 3. ``Cert`` The entire client certificate in URL encoded PEM format. 4. ``Chain`` The entire client certificate chain (including the leaf certificate) in URL encoded PEM format. 5. ``Subject`` The Subject field of the current client certificate. The value is always double-quoted. 6. ``URI`` The URI type Subject Alternative Name field of the current client certificate. 7. ``DNS`` The DNS type Subject Alternative Name field of the current client certificate. A client certificate may contain multiple DNS type Subject Alternative Names, each will be a separate key-value pair. A client certificate may contain multiple Subject Alternative Name types. For details on different Subject Alternative Name types, please refer `RFC 2459`_. .. _RFC 2459: https://tools.ietf.org/html/rfc2459#section-4.2.1.7 Some examples of the XFCC header are: 1. For one client certificate with only URI type Subject Alternative Name: ``x-forwarded-client-cert: By=http://frontend.lyft.com;Hash=468ed33be74eee6556d90c0149c1309e9ba61d6425303443c0748a02dd8de688;Subject="/C=US/ST=CA/L=San Francisco/OU=Lyft/CN=Test Client";URI=http://testclient.lyft.com`` 2. For two client certificates with only URI type Subject Alternative Name: ``x-forwarded-client-cert: By=http://frontend.lyft.com;Hash=468ed33be74eee6556d90c0149c1309e9ba61d6425303443c0748a02dd8de688;URI=http://testclient.lyft.com,By=http://backend.lyft.com;Hash=9ba61d6425303443c0748a02dd8de688468ed33be74eee6556d90c0149c1309e;URI=http://frontend.lyft.com`` 3. For one client certificate with both URI type and DNS type Subject Alternative Name: ``x-forwarded-client-cert: By=http://frontend.lyft.com;Hash=468ed33be74eee6556d90c0149c1309e9ba61d6425303443c0748a02dd8de688;Subject="/C=US/ST=CA/L=San Francisco/OU=Lyft/CN=Test Client";URI=http://testclient.lyft.com;DNS=lyft.com;DNS=www.lyft.com`` How Envoy processes XFCC is specified by the :ref:`forward_client_cert_details` and the :ref:`set_current_client_cert_details` HTTP connection manager options. If *forward_client_cert_details* is unset, the XFCC header will be sanitized by default. .. _config_http_conn_man_headers_x-forwarded-for: x-forwarded-for --------------- *x-forwarded-for* (XFF) is a standard proxy header which indicates the IP addresses that a request has flowed through on its way from the client to the server. A compliant proxy will *append* the IP address of the nearest client to the XFF list before proxying the request. Some examples of XFF are: 1. ``x-forwarded-for: 50.0.0.1`` (single client) 2. ``x-forwarded-for: 50.0.0.1, 40.0.0.1`` (external proxy hop) 3. ``x-forwarded-for: 50.0.0.1, 10.0.0.1`` (internal proxy hop) Envoy will only append to XFF if the :ref:`use_remote_address ` HTTP connection manager option is set to true and the :ref:`skip_xff_append ` is set false. This means that if *use_remote_address* is false (which is the default) or *skip_xff_append* is true, the connection manager operates in a transparent mode where it does not modify XFF. .. attention:: In general, *use_remote_address* should be set to true when Envoy is deployed as an edge node (aka a front proxy), whereas it may need to be set to false when Envoy is used as an internal service node in a mesh deployment. .. _config_http_conn_man_headers_x-forwarded-for_trusted_client_address: The value of *use_remote_address* controls how Envoy determines the *trusted client address*. Given an HTTP request that has traveled through a series of zero or more proxies to reach Envoy, the trusted client address is the earliest source IP address that is known to be accurate. The source IP address of the immediate downstream node's connection to Envoy is trusted. XFF *sometimes* can be trusted. Malicious clients can forge XFF, but the last address in XFF can be trusted if it was put there by a trusted proxy. Envoy's default rules for determining the trusted client address (*before* appending anything to XFF) are: * If *use_remote_address* is false and an XFF containing at least one IP address is present in the request, the trusted client address is the *last* (rightmost) IP address in XFF. * Otherwise, the trusted client address is the source IP address of the immediate downstream node's connection to Envoy. In an environment where there are one or more trusted proxies in front of an edge Envoy instance, the *xff_num_trusted_hops* configuration option can be used to trust additional addresses from XFF: * If *use_remote_address* is false and *xff_num_trusted_hops* is set to a value *N* that is greater than zero, the trusted client address is the (N+1)th address from the right end of XFF. (If the XFF contains fewer than N+1 addresses, Envoy falls back to using the immediate downstream connection's source address as trusted client address.) * If *use_remote_address* is true and *xff_num_trusted_hops* is set to a value *N* that is greater than zero, the trusted client address is the Nth address from the right end of XFF. (If the XFF contains fewer than N addresses, Envoy falls back to using the immediate downstream connection's source address as trusted client address.) Envoy uses the trusted client address contents to determine whether a request originated externally or internally. This influences whether the :ref:`config_http_conn_man_headers_x-envoy-internal` header is set. Example 1: Envoy as edge proxy, without a trusted proxy in front of it Settings: | use_remote_address = true | xff_num_trusted_hops = 0 Request details: | Downstream IP address = 192.0.2.5 | XFF = "203.0.113.128, 203.0.113.10, 203.0.113.1" Result: | Trusted client address = 192.0.2.5 (XFF is ignored) | X-Envoy-External-Address is set to 192.0.2.5 | XFF is changed to "203.0.113.128, 203.0.113.10, 203.0.113.1, 192.0.2.5" | X-Envoy-Internal is removed (if it was present in the incoming request) Example 2: Envoy as internal proxy, with the Envoy edge proxy from Example 1 in front of it Settings: | use_remote_address = false | xff_num_trusted_hops = 0 Request details: | Downstream IP address = 10.11.12.13 (address of the Envoy edge proxy) | XFF = "203.0.113.128, 203.0.113.10, 203.0.113.1, 192.0.2.5" Result: | Trusted client address = 192.0.2.5 (last address in XFF is trusted) | X-Envoy-External-Address is not modified | X-Envoy-Internal is removed (if it was present in the incoming request) Example 3: Envoy as edge proxy, with two trusted external proxies in front of it Settings: | use_remote_address = true | xff_num_trusted_hops = 2 Request details: | Downstream IP address = 192.0.2.5 | XFF = "203.0.113.128, 203.0.113.10, 203.0.113.1" Result: | Trusted client address = 203.0.113.10 (2nd to last address in XFF is trusted) | X-Envoy-External-Address is set to 203.0.113.10 | XFF is changed to "203.0.113.128, 203.0.113.10, 203.0.113.1, 192.0.2.5" | X-Envoy-Internal is removed (if it was present in the incoming request) Example 4: Envoy as internal proxy, with the edge proxy from Example 3 in front of it Settings: | use_remote_address = false | xff_num_trusted_hops = 2 Request details: | Downstream IP address = 10.11.12.13 (address of the Envoy edge proxy) | XFF = "203.0.113.128, 203.0.113.10, 203.0.113.1, 192.0.2.5" Result: | Trusted client address = 203.0.113.10 | X-Envoy-External-Address is not modified | X-Envoy-Internal is removed (if it was present in the incoming request) Example 5: Envoy as an internal proxy, receiving a request from an internal client Settings: | use_remote_address = false | xff_num_trusted_hops = 0 Request details: | Downstream IP address = 10.20.30.40 (address of the internal client) | XFF is not present Result: | Trusted client address = 10.20.30.40 | X-Envoy-External-Address remains unset | X-Envoy-Internal is set to "false" Example 6: The internal Envoy from Example 5, receiving a request proxied by another Envoy Settings: | use_remote_address = false | xff_num_trusted_hops = 0 Request details: | Downstream IP address = 10.20.30.50 (address of the Envoy instance proxying to this one) | XFF = "10.20.30.40" Result: | Trusted client address = 10.20.30.40 | X-Envoy-External-Address remains unset | X-Envoy-Internal is set to "true" A few very important notes about XFF: 1. If *use_remote_address* is set to true, Envoy sets the :ref:`config_http_conn_man_headers_x-envoy-external-address` header to the trusted client address. .. _config_http_conn_man_headers_x-forwarded-for_internal_origin: 2. XFF is what Envoy uses to determine whether a request is internal origin or external origin. If *use_remote_address* is set to true, the request is internal if and only if the request contains no XFF and the immediate downstream node's connection to Envoy has an internal (RFC1918 or RFC4193) source address. If *use_remote_address* is false, the request is internal if and only if XFF contains a single RFC1918 or RFC4193 address. * **NOTE**: If an internal service proxies an external request to another internal service, and includes the original XFF header, Envoy will append to it on egress if :ref:`use_remote_address ` is set. This will cause the other side to think the request is external. Generally, this is what is intended if XFF is being forwarded. If it is not intended, do not forward XFF, and forward :ref:`config_http_conn_man_headers_x-envoy-internal` instead. * **NOTE**: If an internal service call is forwarded to another internal service (preserving XFF), Envoy will not consider it internal. This is a known "bug" due to the simplification of how XFF is parsed to determine if a request is internal. In this scenario, do not forward XFF and allow Envoy to generate a new one with a single internal origin IP. .. _config_http_conn_man_headers_x-forwarded-proto: x-forwarded-proto ----------------- It is a common case where a service wants to know what the originating protocol (HTTP or HTTPS) was of the connection terminated by front/edge Envoy. *x-forwarded-proto* contains this information. It will be set to either *http* or *https*. .. _config_http_conn_man_headers_x-request-id: x-request-id ------------ The *x-request-id* header is used by Envoy to uniquely identify a request as well as perform stable access logging and tracing. Envoy will generate an *x-request-id* header for all external origin requests (the header is sanitized). It will also generate an *x-request-id* header for internal requests that do not already have one. This means that *x-request-id* can and should be propagated between client applications in order to have stable IDs across the entire mesh. Due to the out of process architecture of Envoy, the header can not be automatically forwarded by Envoy itself. This is one of the few areas where a thin client library is needed to perform this duty. How that is done is out of scope for this documentation. If *x-request-id* is propagated across all hosts, the following features are available: * Stable :ref:`access logging ` via the :ref:`v3 API runtime filter`. * Stable tracing when performing random sampling via the :ref:`tracing.random_sampling ` runtime setting or via forced tracing using the :ref:`config_http_conn_man_headers_x-envoy-force-trace` and :ref:`config_http_conn_man_headers_x-client-trace-id` headers. .. _config_http_conn_man_headers_x-ot-span-context: x-ot-span-context ----------------- The *x-ot-span-context* HTTP header is used by Envoy to establish proper parent-child relationships between tracing spans when used with the LightStep tracer. For example, an egress span is a child of an ingress span (if the ingress span was present). Envoy injects the *x-ot-span-context* header on ingress requests and forwards it to the local service. Envoy relies on the application to propagate *x-ot-span-context* on the egress call to an upstream. See more on tracing :ref:`here `. .. _config_http_conn_man_headers_x-b3-traceid: x-b3-traceid ------------ The *x-b3-traceid* HTTP header is used by the Zipkin tracer in Envoy. The TraceId is 64-bit in length and indicates the overall ID of the trace. Every span in a trace shares this ID. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_x-b3-spanid: x-b3-spanid ----------- The *x-b3-spanid* HTTP header is used by the Zipkin tracer in Envoy. The SpanId is 64-bit in length and indicates the position of the current operation in the trace tree. The value should not be interpreted: it may or may not be derived from the value of the TraceId. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_x-b3-parentspanid: x-b3-parentspanid ----------------- The *x-b3-parentspanid* HTTP header is used by the Zipkin tracer in Envoy. The ParentSpanId is 64-bit in length and indicates the position of the parent operation in the trace tree. When the span is the root of the trace tree, the ParentSpanId is absent. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_x-b3-sampled: x-b3-sampled ------------ The *x-b3-sampled* HTTP header is used by the Zipkin tracer in Envoy. When the Sampled flag is either not specified or set to 1, the span will be reported to the tracing system. Once Sampled is set to 0 or 1, the same value should be consistently sent downstream. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_x-b3-flags: x-b3-flags ---------- The *x-b3-flags* HTTP header is used by the Zipkin tracer in Envoy. The encode one or more options. For example, Debug is encoded as ``X-B3-Flags: 1``. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_b3: b3 ---------- The *b3* HTTP header is used by the Zipkin tracer in Envoy. Is a more compressed header format. See more on zipkin tracing `here `__. .. _config_http_conn_man_headers_x-datadog-trace-id: x-datadog-trace-id ------------------ The *x-datadog-trace-id* HTTP header is used by the Datadog tracer in Envoy. The 64-bit value represents the ID of the overall trace, and is used to correlate the spans. .. _config_http_conn_man_headers_x-datadog-parent-id: x-datadog-parent-id ------------------- The *x-datadog-parent-id* HTTP header is used by the Datadog tracer in Envoy. The 64-bit value uniquely identifies the span within the trace, and is used to create parent-child relationships between spans. .. _config_http_conn_man_headers_x-datadog-sampling-priority: x-datadog-sampling-priority --------------------------- The *x-datadog-sampling-priority* HTTP header is used by the Datadog tracer in Envoy. The integer value indicates the sampling decision that has been made for this trace. A value of 0 indicates that the trace should not be collected, and a value of 1 requests that spans are sampled and reported. .. _config_http_conn_man_headers_custom_request_headers: Custom request/response headers ------------------------------- Custom request/response headers can be added to a request/response at the weighted cluster, route, virtual host, and/or global route configuration level. See the :ref:`v3 ` API documentation. No *:-prefixed* pseudo-header may be modified via this mechanism. The *:path* and *:authority* headers may instead be modified via mechanisms such as :ref:`prefix_rewrite `, :ref:`regex_rewrite `, and :ref:`host_rewrite `. Headers are appended to requests/responses in the following order: weighted cluster level headers, route level headers, virtual host level headers and finally global level headers. Envoy supports adding dynamic values to request and response headers. The percent symbol (%) is used to delimit variable names. .. attention:: If a literal percent symbol (%) is desired in a request/response header, it must be escaped by doubling it. For example, to emit a header with the value ``100%``, the custom header value in the Envoy configuration must be ``100%%``. Supported variable names are: %DOWNSTREAM_REMOTE_ADDRESS% Remote address of the downstream connection. If the address is an IP address it includes both address and port. .. note:: This may not be the physical remote address of the peer if the address has been inferred from :ref:`proxy proto ` or :ref:`x-forwarded-for `. %DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT% Same as **%DOWNSTREAM_REMOTE_ADDRESS%** excluding port if the address is an IP address. %DOWNSTREAM_LOCAL_ADDRESS% Local address of the downstream connection. If the address is an IP address it includes both address and port. If the original connection was redirected by iptables REDIRECT, this represents the original destination address restored by the :ref:`Original Destination Filter ` using SO_ORIGINAL_DST socket option. If the original connection was redirected by iptables TPROXY, and the listener's transparent option was set to true, this represents the original destination address and port. %DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT% Same as **%DOWNSTREAM_LOCAL_ADDRESS%** excluding port if the address is an IP address. %DOWNSTREAM_LOCAL_PORT% Similar to **%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%**, but only extracts the port portion of the **%DOWNSTREAM_LOCAL_ADDRESS%** %DOWNSTREAM_LOCAL_URI_SAN% HTTP The URIs present in the SAN of the local certificate used to establish the downstream TLS connection. TCP The URIs present in the SAN of the local certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_URI_SAN% HTTP The URIs present in the SAN of the peer certificate used to establish the downstream TLS connection. TCP The URIs present in the SAN of the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_LOCAL_SUBJECT% HTTP The subject present in the local certificate used to establish the downstream TLS connection. TCP The subject present in the local certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_SUBJECT% HTTP The subject present in the peer certificate used to establish the downstream TLS connection. TCP The subject present in the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_ISSUER% HTTP The issuer present in the peer certificate used to establish the downstream TLS connection. TCP The issuer present in the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_TLS_SESSION_ID% HTTP The session ID for the established downstream TLS connection. TCP The session ID for the established downstream TLS connection. %DOWNSTREAM_TLS_CIPHER% HTTP The OpenSSL name for the set of ciphers used to establish the downstream TLS connection. TCP The OpenSSL name for the set of ciphers used to establish the downstream TLS connection. %DOWNSTREAM_TLS_VERSION% HTTP The TLS version (e.g., ``TLSv1.2``, ``TLSv1.3``) used to establish the downstream TLS connection. TCP The TLS version (e.g., ``TLSv1.2``, ``TLSv1.3``) used to establish the downstream TLS connection. %DOWNSTREAM_PEER_FINGERPRINT_256% HTTP The hex-encoded SHA256 fingerprint of the client certificate used to establish the downstream TLS connection. TCP The hex-encoded SHA256 fingerprint of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_FINGERPRINT_1% HTTP The hex-encoded SHA1 fingerprint of the client certificate used to establish the downstream TLS connection. TCP The hex-encoded SHA1 fingerprint of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_SERIAL% HTTP The serial number of the client certificate used to establish the downstream TLS connection. TCP The serial number of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT% HTTP The client certificate in the URL-encoded PEM format used to establish the downstream TLS connection. TCP The client certificate in the URL-encoded PEM format used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT_V_START% HTTP The validity start date of the client certificate used to establish the downstream TLS connection. TCP The validity start date of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT_V_END% HTTP The validity end date of the client certificate used to establish the downstream TLS connection. TCP The validity end date of the client certificate used to establish the downstream TLS connection. %HOSTNAME% The system hostname. %PROTOCOL% The original protocol which is already added by Envoy as a :ref:`x-forwarded-proto ` request header. %UPSTREAM_METADATA(["namespace", "key", ...])% Populates the header with :ref:`EDS endpoint metadata ` from the upstream host selected by the router. Metadata may be selected from any namespace. In general, metadata values may be strings, numbers, booleans, lists, nested structures, or null. Upstream metadata values may be selected from nested structs by specifying multiple keys. Otherwise, only string, boolean, and numeric values are supported. If the namespace or key(s) are not found, or if the selected value is not a supported type, then no header is emitted. The namespace and key(s) are specified as a JSON array of strings. Finally, percent symbols in the parameters **do not** need to be escaped by doubling them. Upstream metadata cannot be added to request headers as the upstream host has not been selected when custom request headers are generated. %DYNAMIC_METADATA(["namespace", "key", ...])% Similar to UPSTREAM_METADATA, populates the header with dynamic metadata available in a request (e.g.: added by filters like the header-to-metadata filter). This works both on request and response headers. %UPSTREAM_REMOTE_ADDRESS% Remote address of the upstream host. If the address is an IP address it includes both address and port. The upstream remote address cannot be added to request headers as the upstream host has not been selected when custom request headers are generated. %PER_REQUEST_STATE(reverse.dns.data.name)% Populates the header with values set on the stream info filterState() object. To be usable in custom request/response headers, these values must be of type Envoy::Router::StringAccessor. These values should be named in standard reverse DNS style, identifying the organization that created the value and ending in a unique name for the data. %REQ(header-name)% Populates the header with a value of the request header. %START_TIME% Request start time. START_TIME can be customized with specifiers as specified in :ref:`access log format rules`. An example of setting a custom header with current time in seconds with the milliseconds resolution: .. code-block:: none route: cluster: www request_headers_to_add: - header: key: "x-request-start" value: "%START_TIME(%s.%3f)%" append: true %RESPONSE_FLAGS% Additional details about the response or connection, if any. Possible values and their meanings are listed in the access log formatter :ref:`documentation`. %RESPONSE_CODE_DETAILS% Response code details provides additional information about the HTTP response code, such as who set it (the upstream or envoy) and why. ================================================ FILE: docs/root/configuration/http/http_conn_man/http_conn_man.rst ================================================ .. _config_http_conn_man: HTTP connection manager ======================= .. toctree:: :maxdepth: 2 overview route_matching traffic_splitting header_casing headers header_sanitizing local_reply response_code_details stats runtime rds vhds ================================================ FILE: docs/root/configuration/http/http_conn_man/local_reply.rst ================================================ .. _config_http_conn_man_local_reply: Local reply modification ======================== The :ref:`HTTP connection manager ` supports modification of local reply which is response returned by Envoy itself. Features: * :ref:`Local reply content modification`. * :ref:`Local reply format modification`. .. _config_http_conn_man_local_reply_modification: Local reply content modification -------------------------------- The local response content returned by Envoy can be customized. A list of :ref:`mappers ` can be specified. Each mapper must have a :ref:`filter `. It may have following rewrite rules; a :ref:`status_code ` rule to rewrite response code, a :ref:`headers_to_add ` rule to add/override/append response HTTP headers, a :ref:`body ` rule to rewrite the local reply body and a :ref:`body_format_override ` to specify the response body format. Envoy checks each `mapper` according to the specified order until the first one is matched. If a `mapper` is matched, all its rewrite rules will apply. Example of a LocalReplyConfig .. code-block:: mappers: - filter: status_code_filter: comparison: op: EQ value: default_value: 400 runtime_key: key_b headers_to_add: - header: key: "foo" value: "bar" append: false status_code: 401 body: inline_string: "not allowed" In above example, if the status_code is 400, it will be rewritten to 401, the response body will be rewritten to as "not allowed". .. _config_http_conn_man_local_reply_format: Local reply format modification ------------------------------- The response body content type can be customized. If not specified, the content type is plain/text. There are two `body_format` fields; one is the :ref:`body_format ` field in the :ref:`LocalReplyConfig ` message and the other :ref:`body_format_override ` field in the `mapper`. The latter is only used when its mapper is matched. The former is used if there is no any matched mappers, or the matched mapper doesn't have the `body_format` specified. Local reply format can be specified as :ref:`SubstitutionFormatString `. It supports :ref:`text_format ` and :ref:`json_format `. Optionally, content-type can be modified further via :ref:`content_type ` field. If not specified, default content-type is `text/plain` for :ref:`text_format ` and `application/json` for :ref:`json_format `. Example of a LocalReplyConfig with `body_format` field. .. code-block:: mappers: - filter: status_code_filter: comparison: op: EQ value: default_value: 400 runtime_key: key_b status_code: 401 body_format_override: text_format: "

    %LOCAL_REPLY_BODY% %REQ(:path)%

    " content_type: "text/html; charset=UTF-8" - filter: status_code_filter: comparison: op: EQ value: default_value: 500 runtime_key: key_b status_code: 501 body_format: text_format: "%LOCAL_REPLY_BODY% %RESPONSE_CODE%" In above example, there is a `body_format_override` inside the first `mapper` with a filter matching `status_code == 400`. It generates the response body in plain text format by concatenating %LOCAL_REPLY_BODY% with the `:path` request header. It is only used when the first mapper is matched. There is a `body_format` at the bottom of the config and at the same level as field `mappers`. It is used when non of the mappers is matched or the matched mapper doesn't have its own `body_format_override` specified. ================================================ FILE: docs/root/configuration/http/http_conn_man/overview.rst ================================================ Overview ======== * HTTP connection manager :ref:`architecture overview ` * HTTP protocols :ref:`architecture overview ` * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/http/http_conn_man/rds.rst ================================================ .. _config_http_conn_man_rds: Route discovery service (RDS) ============================= The route discovery service (RDS) API is an optional API that Envoy will call to dynamically fetch :ref:`route configurations `. A route configuration includes both HTTP header modifications, virtual hosts, and the individual route entries contained within each virtual host. Each :ref:`HTTP connection manager filter ` can independently fetch its own route configuration via the API. Optionally, the :ref:`virtual host discovery service ` can be used to fetch virtual hosts separately from the route configuration. * :ref:`v2 API reference ` Statistics ---------- RDS has a :ref:`statistics ` tree rooted at *http..rds..*. Any ``:`` character in the ``route_config_name`` name gets replaced with ``_`` in the stats tree. ================================================ FILE: docs/root/configuration/http/http_conn_man/response_code_details.rst ================================================ .. _config_http_conn_man_details: Response Code Details ===================== If _%RESPONSE_CODE_DETAILS%_ is configured on via :ref:`access logging`, or :ref:`custom headers` Envoy will communicate the detailed reason a given stream ended. This page lists the details sent by the HttpConnectionManager, Router filter, and codecs. It is not comprehensive as any other filters may send their own local replies with custom details. Below are the list of reasons the HttpConnectionManager or Router filter may send responses or reset streams. .. warning:: The following list is not guaranteed to be stable, since the details are subject to change. .. csv-table:: :header: Name, Description :widths: 1, 2 absolute_path_rejected, The request was rejected due to using an absolute path on a route not supporting them. admin_filter_response, The response was generated by the admin filter. cluster_not_found, The request was rejected by the router filter because there was no cluster found for the selected route. downstream_local_disconnect, The client connection was locally closed for an unspecified reason. downstream_remote_disconnect, The client disconnected unexpectedly. duration_timeout, The max connection duration was exceeded. direct_response, A direct response was generated by the router filter. filter_chain_not_found, The request was rejected due to no matching filter chain. internal_redirect, The original stream was replaced with an internal redirect. low_version, The HTTP/1.0 or HTTP/0.9 request was rejected due to HTTP/1.0 support not being configured. maintenance_mode, The request was rejected by the router filter because the cluster was in maintenance mode. max_duration_timeout, The per-stream max duration timeout was exceeded. missing_host_header, The request was rejected due to a missing Host: or :authority field. missing_path_rejected, The request was rejected due to a missing Path or :path header field. no_healthy_upstream, The request was rejected by the router filter because there was no healthy upstream found. overload, The request was rejected due to the Overload Manager reaching configured resource limits. path_normalization_failed, "The request was rejected because path normalization was configured on and failed, probably due to an invalid path." request_headers_failed_strict_check, The request was rejected due to x-envoy-* headers failing strict header validation. request_overall_timeout, The per-stream total request timeout was exceeded. request_payload_exceeded_retry_buffer_limit, Envoy is doing streaming proxying but too much data arrived while waiting to attempt a retry. request_payload_too_large, Envoy is doing non-streaming proxying and the request payload exceeded configured limits. response_payload_too_large, Envoy is doing non-streaming proxying and the response payload exceeded configured limits. response_payload_too_large, Envoy is doing non-streaming proxying and the response payload exceeded configured limits. route_configuration_not_found, The request was rejected because there was no route configuration found. route_not_found, The request was rejected because there was no route found. stream_idle_timeout, The per-stream keepalive timeout was exceeded. upgrade_failed, The request was rejected because it attempted an unsupported upgrade. upstream_max_stream_duration_reached, The request was destroyed because of it exceeded the configured max stream duration. upstream_per_try_timeout, The final upstream try timed out. upstream_reset_after_response_started{details}, The upstream connection was reset after a response was started. This may include further details about the cause of the disconnect. upstream_reset_before_response_started{details}, The upstream connection was reset before a response was started This may include further details about the cause of the disconnect. upstream_response_timeout, The upstream response timed out. via_upstream, The response code was set by the upstream. .. _config_http_conn_man_details_per_codec: Per codec details ----------------- Each codec may send codec-specific details when encountering errors. Http1 details ~~~~~~~~~~~~~ All http1 details are rooted at *http1.* .. csv-table:: :header: Name, Description :widths: 1, 2 http1.body_disallowed, A body was sent on a request where bodies are not allowed. http1.codec_error, Some error was encountered in the http_parser internals. http1.connection_header_rejected, The Connection header was malformed or overly long. http1.content_length_and_chunked_not_allowed, A request was sent with both Transfer-Encoding: chunked and a Content-Length header when disallowed by configuration. http1.content_length_not_allowed, A content length was sent on a response it was disallowed on. http1.headers_too_large, The overall byte size of rquest headers was larger than the configured limits. http1.invalid_characters, The headers contained illegal characters. http1.invalid_transfer_encoding, The Transfer-Encoding header was not valid. http1.invalid_url, The request URL was not valid. http1.too_many_headers, Too many headers were sent with this request. http1.transfer_encoding_not_allowed, A transfer encoding was sent on a response it was disallowed on. http1.unexpected_underscore, An underscore was sent in a header key when disallowed by configuration. Http2 details ~~~~~~~~~~~~~ All http2 details are rooted at *http2.* .. csv-table:: :header: Name, Description :widths: 1, 2 http2.inbound_empty_frames_flood, Envoy detected an inbound HTTP/2 frame flood. http2.invalid.header.field, One of the HTTP/2 headers was invalid http2.outbound_frames_flood, Envoy detected an HTTP/2 frame flood from the server. http2.too_many_headers, The number of headers (or trailers) exceeded the configured limits http2.unexpected_underscore, Envoy was configured to drop requests with header keys beginning with underscores. http2.unknown.nghttp2.error, An unknown error was encountered by nghttp2 http2.violation.of.messaging.rule, The stream was in violation of a HTTP/2 messaging rule. ================================================ FILE: docs/root/configuration/http/http_conn_man/route_matching.rst ================================================ .. _config_http_conn_man_route_table_route_matching: Route matching ============== When Envoy matches a route, it uses the following procedure: #. The HTTP request's *host* or *:authority* header is matched to a :ref:`virtual host `. #. Each :ref:`route entry ` in the virtual host is checked, *in order*. If there is a match, the route is used and no further route checks are made. #. Independently, each :ref:`virtual cluster ` in the virtual host is checked, *in order*. If there is a match, the virtual cluster is used and no further virtual cluster checks are made. ================================================ FILE: docs/root/configuration/http/http_conn_man/runtime.rst ================================================ .. _config_http_conn_man_runtime: Runtime ======= The HTTP connection manager supports the following runtime settings: .. _config_http_conn_man_runtime_normalize_path: http_connection_manager.normalize_path % of requests that will have path normalization applied if not already configured in :ref:`normalize_path `. This is evaluated at configuration load time and will apply to all requests for a given configuration. .. _config_http_conn_man_runtime_client_enabled: tracing.client_enabled % of requests that will be force traced if the :ref:`config_http_conn_man_headers_x-client-trace-id` header is set. Defaults to 100. .. _config_http_conn_man_runtime_global_enabled: tracing.global_enabled % of requests that will be traced after all other checks have been applied (force tracing, sampling, etc.). Defaults to 100. .. _config_http_conn_man_runtime_random_sampling: tracing.random_sampling % of requests that will be randomly traced. See :ref:`here ` for more information. This runtime control is specified in the range 0-10000 and defaults to 10000. Thus, trace sampling can be specified in 0.01% increments. ================================================ FILE: docs/root/configuration/http/http_conn_man/stats.rst ================================================ .. _config_http_conn_man_stats: Statistics ========== Every connection manager has a statistics tree rooted at *http..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_total, Counter, Total connections downstream_cx_ssl_total, Counter, Total TLS connections downstream_cx_http1_total, Counter, Total HTTP/1.1 connections downstream_cx_upgrades_total, Counter, Total successfully upgraded connections. These are also counted as total http1/http2 connections. downstream_cx_http2_total, Counter, Total HTTP/2 connections downstream_cx_destroy, Counter, Total connections destroyed downstream_cx_destroy_remote, Counter, Total connections destroyed due to remote close downstream_cx_destroy_local, Counter, Total connections destroyed due to local close downstream_cx_destroy_active_rq, Counter, Total connections destroyed with 1+ active request downstream_cx_destroy_local_active_rq, Counter, Total connections destroyed locally with 1+ active request downstream_cx_destroy_remote_active_rq, Counter, Total connections destroyed remotely with 1+ active request downstream_cx_active, Gauge, Total active connections downstream_cx_ssl_active, Gauge, Total active TLS connections downstream_cx_http1_active, Gauge, Total active HTTP/1.1 connections downstream_cx_upgrades_active, Gauge, Total active upgraded connections. These are also counted as active http1/http2 connections. downstream_cx_http2_active, Gauge, Total active HTTP/2 connections downstream_cx_protocol_error, Counter, Total protocol errors downstream_cx_length_ms, Histogram, Connection length milliseconds downstream_cx_rx_bytes_total, Counter, Total bytes received downstream_cx_rx_bytes_buffered, Gauge, Total received bytes currently buffered downstream_cx_tx_bytes_total, Counter, Total bytes sent downstream_cx_tx_bytes_buffered, Gauge, Total sent bytes currently buffered downstream_cx_drain_close, Counter, Total connections closed due to draining downstream_cx_idle_timeout, Counter, Total connections closed due to idle timeout downstream_cx_max_duration_reached, Counter, Total connections closed due to max connection duration downstream_cx_overload_disable_keepalive, Counter, Total connections for which HTTP 1.x keepalive has been disabled due to Envoy overload downstream_flow_control_paused_reading_total, Counter, Total number of times reads were disabled due to flow control downstream_flow_control_resumed_reading_total, Counter, Total number of times reads were enabled on the connection due to flow control downstream_rq_total, Counter, Total requests downstream_rq_http1_total, Counter, Total HTTP/1.1 requests downstream_rq_http2_total, Counter, Total HTTP/2 requests downstream_rq_active, Gauge, Total active requests downstream_rq_response_before_rq_complete, Counter, Total responses sent before the request was complete downstream_rq_rx_reset, Counter, Total request resets received downstream_rq_tx_reset, Counter, Total request resets sent downstream_rq_non_relative_path, Counter, Total requests with a non-relative HTTP path downstream_rq_too_large, Counter, Total requests resulting in a 413 due to buffering an overly large body downstream_rq_completed, Counter, Total requests that resulted in a response (e.g. does not include aborted requests) downstream_rq_1xx, Counter, Total 1xx responses downstream_rq_2xx, Counter, Total 2xx responses downstream_rq_3xx, Counter, Total 3xx responses downstream_rq_4xx, Counter, Total 4xx responses downstream_rq_5xx, Counter, Total 5xx responses downstream_rq_ws_on_non_ws_route, Counter, Total upgrade requests rejected by non upgrade routes. This now applies both to WebSocket and non-WebSocket upgrades downstream_rq_time, Histogram, Total time for request and response (milliseconds) downstream_rq_idle_timeout, Counter, Total requests closed due to idle timeout downstream_rq_max_duration_reached, Counter, Total requests closed due to max duration reached downstream_rq_timeout, Counter, Total requests closed due to a timeout on the request path downstream_rq_overload_close, Counter, Total requests closed due to Envoy overload rs_too_large, Counter, Total response errors due to buffering an overly large body Per user agent statistics ------------------------- Additional per user agent statistics are rooted at *http..user_agent..* Currently Envoy matches user agent for both iOS (*ios*) and Android (*android*) and produces the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_total, Counter, Total connections downstream_cx_destroy_remote_active_rq, Counter, Total connections destroyed remotely with 1+ active requests downstream_rq_total, Counter, Total requests .. _config_http_conn_man_stats_per_listener: Per listener statistics ----------------------- Additional per listener statistics are rooted at *listener.
    .http..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_rq_completed, Counter, Total responses downstream_rq_1xx, Counter, Total 1xx responses downstream_rq_2xx, Counter, Total 2xx responses downstream_rq_3xx, Counter, Total 3xx responses downstream_rq_4xx, Counter, Total 4xx responses downstream_rq_5xx, Counter, Total 5xx responses .. _config_http_conn_man_stats_per_codec: Per codec statistics ----------------------- Each codec has the option of adding per-codec statistics. Both http1 and http2 have codec stats. Http1 codec statistics ~~~~~~~~~~~~~~~~~~~~~~ All http1 statistics are rooted at *http1.* .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 dropped_headers_with_underscores, Counter, Total number of dropped headers with names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. metadata_not_supported_error, Counter, Total number of metadata dropped during HTTP/1 encoding response_flood, Counter, Total number of connections closed due to response flooding requests_rejected_with_underscores_in_headers, Counter, Total numbers of rejected requests due to header names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. Http2 codec statistics ~~~~~~~~~~~~~~~~~~~~~~ All http2 statistics are rooted at *http2.* .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 dropped_headers_with_underscores, Counter, Total number of dropped headers with names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. header_overflow, Counter, Total number of connections reset due to the headers being larger than the :ref:`configured value `. headers_cb_no_stream, Counter, Total number of errors where a header callback is called without an associated stream. This tracks an unexpected occurrence due to an as yet undiagnosed bug inbound_empty_frames_flood, Counter, Total number of connections terminated for exceeding the limit on consecutive inbound frames with an empty payload and no end stream flag. The limit is configured by setting the :ref:`max_consecutive_inbound_frames_with_empty_payload config setting `. inbound_priority_frames_flood, Counter, Total number of connections terminated for exceeding the limit on inbound frames of type PRIORITY. The limit is configured by setting the :ref:`max_inbound_priority_frames_per_stream config setting `. inbound_window_update_frames_flood, Counter, Total number of connections terminated for exceeding the limit on inbound frames of type WINDOW_UPDATE. The limit is configured by setting the :ref:`max_inbound_window_updateframes_per_data_frame_sent config setting `. outbound_flood, Counter, Total number of connections terminated for exceeding the limit on outbound frames of all types. The limit is configured by setting the :ref:`max_outbound_frames config setting `. outbound_control_flood, Counter, "Total number of connections terminated for exceeding the limit on outbound frames of types PING, SETTINGS and RST_STREAM. The limit is configured by setting the :ref:`max_outbound_control_frames config setting `." requests_rejected_with_underscores_in_headers, Counter, Total numbers of rejected requests due to header names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. rx_messaging_error, Counter, Total number of invalid received frames that violated `section 8 `_ of the HTTP/2 spec. This will result in a *tx_reset* rx_reset, Counter, Total number of reset stream frames received by Envoy trailers, Counter, Total number of trailers seen on requests coming from downstream tx_flush_timeout, Counter, Total number of :ref:`stream idle timeouts ` waiting for open stream window to flush the remainder of a stream tx_reset, Counter, Total number of reset stream frames transmitted by Envoy keepalive_timeout, Counter, Total number of connections closed due to :ref:`keepalive timeout ` streams_active, Gauge, Active streams as observed by the codec pending_send_bytes, Gauge, Currently buffered body data in bytes waiting to be written when stream/connection window is opened. .. attention:: The HTTP/2 `streams_active` gauge may be greater than the HTTP connection manager `downstream_rq_active` gauge due to differences in stream accounting between the codec and the HTTP connection manager. Tracing statistics ------------------ Tracing statistics are emitted when tracing decisions are made. All tracing statistics are rooted at *http..tracing.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 random_sampling, Counter, Total number of traceable decisions by random sampling service_forced, Counter, Total number of traceable decisions by server runtime flag *tracing.global_enabled* client_enabled, Counter, Total number of traceable decisions by request header *x-envoy-force-trace* not_traceable, Counter, Total number of non-traceable decisions by request id health_check, Counter, Total number of non-traceable decisions by health check ================================================ FILE: docs/root/configuration/http/http_conn_man/traffic_splitting.rst ================================================ .. _config_http_conn_man_route_table_traffic_splitting: Traffic Shifting/Splitting =========================================== .. contents:: :local: Envoy's router can split traffic to a route in a virtual host across two or more upstream clusters. There are two common use cases. 1. Version upgrades: traffic to a route is shifted gradually from one cluster to another. The :ref:`traffic shifting ` section describes this scenario in more detail. 2. A/B testing or multivariate testing: ``two or more versions`` of the same service are tested simultaneously. The traffic to the route has to be *split* between clusters running different versions of the same service. The :ref:`traffic splitting ` section describes this scenario in more detail. .. _config_http_conn_man_route_table_traffic_splitting_shift: Traffic shifting between two upstreams -------------------------------------- The :ref:`runtime ` object in the route configuration determines the probability of selecting a particular route (and hence its cluster). By using the *runtime_fraction* configuration, traffic to a particular route in a virtual host can be gradually shifted from one cluster to another. Consider the following example configuration, where two versions ``helloworld_v1`` and ``helloworld_v2`` of a service named ``helloworld`` are declared in the envoy configuration file. .. code-block:: yaml virtual_hosts: - name: www2 domains: - '*' routes: - match: prefix: / runtime_fraction: default_value: numerator: 50 denominator: HUNDRED runtime_key: routing.traffic_shift.helloworld route: cluster: helloworld_v1 - match: prefix: / route: cluster: helloworld_v2 Envoy matches routes with a :ref:`first match ` policy. If the route has a runtime_fraction object, the request will be additionally matched based on the runtime_fraction :ref:`value ` (or the default, if no value is specified). Thus, by placing routes back-to-back in the above example and specifying a runtime_fraction object in the first route, traffic shifting can be accomplished by changing the runtime_fraction value. The following are the approximate sequence of actions required to accomplish the task. 1. In the beginning, set ``routing.traffic_shift.helloworld`` to ``100``, so that all requests to the ``helloworld`` virtual host would match with the v1 route and be served by the ``helloworld_v1`` cluster. 2. To start shifting traffic to ``helloworld_v2`` cluster, set ``routing.traffic_shift.helloworld`` to values ``0 < x < 100``. For instance at ``90``, 1 out of every 10 requests to the ``helloworld`` virtual host will not match the v1 route and will fall through to the v2 route. 3. Gradually decrease the value set in ``routing.traffic_shift.helloworld`` so that a larger percentage of requests match the v2 route. 4. When ``routing.traffic_shift.helloworld`` is set to ``0``, no requests to the ``helloworld`` virtual host will match to the v1 route. All traffic would now fall through to the v2 route and be served by the ``helloworld_v2`` cluster. .. _config_http_conn_man_route_table_traffic_splitting_split: Traffic splitting across multiple upstreams ------------------------------------------- Consider the ``helloworld`` example again, now with three versions (v1, v2 and v3) instead of two. To split traffic evenly across the three versions (i.e., ``33%, 33%, 34%``), the ``weighted_clusters`` option can be used to specify the weight for each upstream cluster. Unlike the previous example, a **single** :ref:`route ` entry is sufficient. The :ref:`weighted_clusters ` configuration block in a route can be used to specify multiple upstream clusters along with weights that indicate the **percentage** of traffic to be sent to each upstream cluster. .. code-block:: yaml virtual_hosts: - name: www2 domains: - '*' routes: - match: { prefix: / } route: weighted_clusters: runtime_key_prefix: routing.traffic_split.helloworld clusters: - name: helloworld_v1 weight: 33 - name: helloworld_v2 weight: 33 - name: helloworld_v3 weight: 34 By default, the weights must sum to exactly 100. In the V2 API, the :ref:`total weight ` defaults to 100, but can be modified to allow finer granularity. The weights assigned to each cluster can be dynamically adjusted using the following runtime variables: ``routing.traffic_split.helloworld.helloworld_v1``, ``routing.traffic_split.helloworld.helloworld_v2`` and ``routing.traffic_split.helloworld.helloworld_v3``. ================================================ FILE: docs/root/configuration/http/http_conn_man/vhds.rst ================================================ .. _config_http_conn_man_vhds: Virtual Host Discovery Service (VHDS) ===================================== The virtual host discovery service (VHDS) API is an optional API that Envoy will call to dynamically fetch :ref:`virtual hosts `. A virtual host includes a name and set of domains that get routed to it based on the incoming request's host header. By default in RDS, all routes for a cluster are sent to every Envoy instance in the mesh. This causes scaling issues as the size of the cluster grows. The majority of this complexity can be found in the virtual host configurations, of which most are not needed by any individual proxy. In order to fix this issue, the Virtual Host Discovery Service (VHDS) protocol uses the delta xDS protocol to allow a route configuration to be subscribed to and the necessary virtual hosts to be requested as needed. Instead of sending all virtual hosts with a route config, using VHDS will allow an Envoy instance to subscribe and unsubscribe from a list of virtual hosts stored internally in the xDS management server. The xDS management server will monitor this list and use it to filter the configuration sent to an individual Envoy instance to only contain the subscribed virtual hosts. Virtual Host Resource Naming Convention ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Virtual hosts in VHDS are identified by a combination of the name of the route configuration to which the virtual host belongs as well as the HTTP *host* header (*:authority* for HTTP2) entry. Resources should be named as follows:: / Note that matching should be done from right to left since a host entry cannot contain slashes while a route configuration name can. Subscribing to Resources ^^^^^^^^^^^^^^^^^^^^^^^^ VHDS allows resources to be :ref:`subscribed ` to using a :ref:`DeltaDiscoveryRequest ` with the :ref:`type_url ` set to `type.googleapis.com/envoy.config.route.v3.VirtualHost` and :ref:`resource_names_subscribe ` set to a list of virtual host resource names for which it would like configuration. If a route for the contents of a host/authority header cannot be resolved, the active stream is paused while a :ref:`DeltaDiscoveryRequest ` is sent. When a :ref:`DeltaDiscoveryResponse ` is received where one of the :ref:`aliases ` or the :ref:`name ` in the response exactly matches the :ref:`resource_names_subscribe ` entry from the :ref:`DeltaDiscoveryRequest `, the route configuration is updated, the stream is resumed, and processing of the filter chain continues. Updates to virtual hosts occur in two ways. If a virtual host was originally sent over RDS, then the virtual host should be updated over RDS. If a virtual host was subscribed to over VHDS, then updates will take place over VHDS. When a route configuration entry is updated, if the :ref:`vhds field ` has changed, the virtual host table for that route configuration is cleared, which will require that all virtual hosts be sent again. Compatibility with Scoped RDS ----------------------------- VHDS shouldn't present any compatibility issues with :ref:`scoped RDS `. Route configuration names can still be used for virtual host matching, but with scoped RDS configured it would point to a scoped route configuration. However, it is important to note that using on-demand :ref:`scoped RDS ` and VHDS together will require two on-demand subscriptions per routing scope. * :ref:`v2 API reference ` Statistics ---------- VHDS has a statistics tree rooted at *http..vhds..*. Any ``:`` character in the ``virtual_host_name`` name gets replaced with ``_`` in the stats tree. The stats tree contains the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 config_reload, Counter, Total API fetches that resulted in a config reload due to a different config empty_update, Counter, Total count of empty updates received ================================================ FILE: docs/root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/force-host-rewrite" route: cluster: dynamic_forward_proxy_cluster typed_per_filter_config: envoy.filters.http.dynamic_forward_proxy: "@type": type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.PerRouteConfig host_rewrite_literal: www.example.org - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster http_filters: - name: envoy.filters.http.dynamic_forward_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.http.dynamic_forward_proxy.v2alpha.FilterConfig dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - name: dynamic_forward_proxy_cluster connect_timeout: 1s lb_policy: CLUSTER_PROVIDED cluster_type: name: envoy.clusters.dynamic_forward_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: validation_context: trusted_ca: {filename: /etc/ssl/certs/ca-certificates.crt} ================================================ FILE: docs/root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml ================================================ admin: access_log_path: /dev/stdout address: socket_address: address: 0.0.0.0 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: address: 0.0.0.0 port_value: 80 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: /dev/stdout stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/route-with-filter-disabled" route: host_rewrite: localhost cluster: grpc timeout: 5.00s # per_filter_config disables the filter for this route typed_per_filter_config: envoy.filters.http.grpc_http1_reverse_bridge: "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3.FilterConfigPerRoute disabled: true - match: prefix: "/route-with-filter-enabled" route: host_rewrite: localhost cluster: other timeout: 5.00s http_filters: - name: envoy.filters.http.grpc_http1_reverse_bridge typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3.FilterConfig content_type: application/grpc+proto withhold_grpc_frames: true - name: envoy.filters.http.router typed_config: {} clusters: - name: other connect_timeout: 5.00s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: localhost port_value: 4630 - name: grpc connect_timeout: 5.00s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: grpc endpoints: - lb_endpoints: - endpoint: address: socket_address: address: localhost port_value: 10005 ================================================ FILE: docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 0.0.0.0, port_value: 9901 } static_resources: listeners: - name: listener1 address: socket_address: { address: 0.0.0.0, port_value: 51051 } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: grpc_json codec_type: AUTO route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path. # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests - match: { prefix: "/helloworld.Greeter" } route: { cluster: grpc, timeout: { seconds: 60 } } http_filters: - name: envoy.filters.http.grpc_json_transcoder typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder proto_descriptor: "/tmp/envoy/proto.pb" services: ["helloworld.Greeter"] print_options: add_whitespace: true always_print_primitive_fields: true always_print_enums_as_ints: false preserve_proto_field_names: false - name: envoy.filters.http.router clusters: - name: grpc connect_timeout: 1.25s type: logical_dns lb_policy: round_robin dns_lookup_family: V4_ONLY http2_protocol_options: {} load_assignment: cluster_name: grpc endpoints: - lb_endpoints: - endpoint: address: socket_address: # WARNING: "docker.for.mac.localhost" has been deprecated from Docker v18.03.0. # If you're running an older version of Docker, please use "docker.for.mac.localhost" instead. # Reference: https://docs.docker.com/docker-for-mac/release-notes/#docker-community-edition-18030-ce-mac59-2018-03-26 address: host.docker.internal port_value: 50051 ================================================ FILE: docs/root/configuration/http/http_filters/adaptive_concurrency_filter.rst ================================================ .. _config_http_filters_adaptive_concurrency: Adaptive Concurrency ==================== .. attention:: The adaptive concurrency filter is experimental and is currently under active development. This filter should be configured with the name `envoy.filters.http.adaptive_concurrency`. See the :ref:`v3 API reference ` for details on each configuration parameter. Overview -------- The adaptive concurrency filter dynamically adjusts the allowed number of requests that can be outstanding (concurrency) to all hosts in a given cluster at any time. Concurrency values are calculated using latency sampling of completed requests and comparing the measured samples in a time window against the expected latency for hosts in the cluster. Concurrency Controllers ----------------------- Concurrency controllers implement the algorithm responsible for making forwarding decisions for each request and recording latency samples to use in the calculation of the concurrency limit. Gradient Controller ~~~~~~~~~~~~~~~~~~~ The gradient controller makes forwarding decisions based on a periodically measured ideal round-trip time (minRTT) for an upstream. :ref:`v3 API reference ` Calculating the minRTT ^^^^^^^^^^^^^^^^^^^^^^ The minRTT is periodically measured by only allowing a very low outstanding request count to an upstream cluster and measuring the latency under these ideal conditions. The calculation is also triggered in scenarios where the concurrency limit is determined to be the minimum possible value for 5 consecutive sampling windows. The length of this minRTT calculation window is variable depending on the number of requests the filter is configured to aggregate to represent the expected latency of an upstream. A configurable *jitter* value is used to randomly delay the start of the minRTT calculation window by some amount of time. This is not necessary and can be disabled; however, it is recommended to prevent all hosts in a cluster from being in a minRTT calculation window (and having a concurrency limit of 3 by default) at the same time. The jitter helps negate the effect of the minRTT calculation on the downstream success rate if retries are enabled. It is possible that there is a noticeable increase in request 503s during the minRTT measurement window because of the potentially significant drop in the concurrency limit. This is expected and it is recommended to enable retries for resets/503s. .. note:: It is recommended to use :ref:`the previous_hosts retry predicate `. Due to the minRTT recalculation jitter, it's unlikely that all hosts in the cluster will be in a minRTT calculation window, so retrying on a different host in the cluster will have a higher likelihood of success in this scenario. Once calculated, the minRTT is then used in the calculation of a value referred to as the *gradient*. The Gradient ^^^^^^^^^^^^ The gradient is calculated using summarized sampled request latencies (sampleRTT): .. math:: gradient = \frac{minRTT + B}{sampleRTT} This gradient value has a useful property, such that it decreases as the sampled latencies increase. Notice that *B*, the buffer value added to the minRTT, allows for normal variance in the sampled latencies by requiring the sampled latencies the exceed the minRTT by some configurable threshold before decreasing the gradient value. The buffer will be a percentage of the measured minRTT value whose value is modified via the buffer field in the :ref:`minRTT calculation parameters `. The buffer is calculated as follows: .. math:: B = minRTT * buffer_{pct} The gradient value is then used to update the concurrency limit via: .. math:: limit_{new} = gradient * limit_{old} + headroom Concurrency Limit Headroom ^^^^^^^^^^^^^^^^^^^^^^^^^^ The headroom value is necessary as a driving factor to increase the concurrency limit when the sampleRTT is in the same ballpark as the minRTT. This value must be present in the limit calculation, since it forces the concurrency limit to increase until there is a deviation from the minRTT latency. In the absence of a headroom value, the concurrency limit could potentially stagnate at an unnecessary small value if the sampleRTT and minRTT are close to each other. Because the headroom value is so necessary to the proper function for the gradient controller, the headroom value is unconfigurable and pinned to the square-root of the concurrency limit. Limitations ----------- The adaptive concurrency filter's control loop relies on latency measurements and adjustments to the concurrency limit based on those measurements. Because of this, the filter must operate in conditions where it has full control over request concurrency. This means that: 1. The filter works as intended in the filter chain for a local cluster. 2. The filter must be able to limit the concurrency for a cluster. This means there must not be requests destined for a cluster that are not decoded by the adaptive concurrency filter. Example Configuration --------------------- An example filter configuration can be found below. Not all fields are required and many of the fields can be overridden via runtime settings. .. code-block:: yaml name: envoy.filters.http.adaptive_concurrency typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.adaptive_concurrency.v3.AdaptiveConcurrency gradient_controller_config: sample_aggregate_percentile: value: 90 concurrency_limit_params: concurrency_update_interval: 0.1s min_rtt_calc_params: jitter: value: 10 interval: 60s request_count: 50 enabled: default_value: true runtime_key: "adaptive_concurrency.enabled" The above configuration can be understood as follows: * Gather latency samples for a time window of 100ms. When entering a new window, summarize the requests (sampleRTT) and and update the concurrency limit using this sampleRTT. * When calculating the sampleRTT, use the p90 of all sampled latencies for that window. * Recalculate the minRTT every 60s and add a jitter (random delay) of 0s-6s to the start of the minRTT recalculation. The delay is dictated by the jitter value. * Collect 50 request samples to calculate the minRTT and use the p90 to summarize them. * The filter is enabled by default. .. note:: It is recommended that the adaptive concurrency filter come after the healthcheck filter in the filter chain to prevent latency sampling of health checks. If health check traffic is sampled, it could potentially affect the accuracy of the minRTT measurements. Runtime ------- The adaptive concurrency filter supports the following runtime settings: adaptive_concurrency.enabled Overrides whether the adaptive concurrency filter will use the concurrency controller for forwarding decisions. If set to `false`, the filter will be a no-op. Defaults to what is specified for `enabled` in the filter configuration. adaptive_concurrency.gradient_controller.min_rtt_calc_interval_ms Overrides the interval in which the ideal round-trip time (minRTT) will be recalculated. adaptive_concurrency.gradient_controller.min_rtt_aggregate_request_count Overrides the number of requests sampled for calculation of the minRTT. adaptive_concurrency.gradient_controller.jitter Overrides the random delay introduced to the minRTT calculation start time. A value of `10` indicates a random delay of 10% of the configured interval. The runtime value specified is clamped to the range [0,100]. adaptive_concurrency.gradient_controller.sample_rtt_calc_interval_ms Overrides the interval in which the concurrency limit is recalculated based on sampled latencies. adaptive_concurrency.gradient_controller.max_concurrency_limit Overrides the maximum allowed concurrency limit. adaptive_concurrency.gradient_controller.min_rtt_buffer Overrides the padding added to the minRTT when calculating the concurrency limit. adaptive_concurrency.gradient_controller.sample_aggregate_percentile Overrides the percentile value used to represent the collection of latency samples in calculations. A value of `95` indicates the 95th percentile. The runtime value specified is clamped to the range [0,100]. adaptive_concurrency.gradient_controller.min_concurrency Overrides the concurrency that is pinned while measuring the minRTT. Statistics ---------- The adaptive concurrency filter outputs statistics in the *http..adaptive_concurrency.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. Statistics are specific to the concurrency controllers. Gradient Controller Statistics ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The gradient controller uses the namespace *http..adaptive_concurrency.gradient_controller*. .. csv-table:: :header: Name, Type, Description :widths: auto rq_blocked, Counter, Total requests that were blocked by the filter. min_rtt_calculation_active, Gauge, Set to 1 if the controller is in the process of a minRTT calculation. 0 otherwise. concurrency_limit, Gauge, The current concurrency limit. gradient, Gauge, The current gradient value. burst_queue_size, Gauge, The current headroom value in the concurrency limit calculation. min_rtt_msecs, Gauge, The current measured minRTT value. sample_rtt_msecs, Gauge, The current measured sampleRTT aggregate. ================================================ FILE: docs/root/configuration/http/http_filters/admission_control_filter.rst ================================================ .. _config_http_filters_admission_control: Admission Control ================= .. attention:: The admission control filter is experimental and is currently under active development. See the :ref:`v3 API reference ` for details on each configuration parameter. Overview -------- The admission control filter probabilistically rejects requests based on the success rate of previous requests in a configurable sliding time window. It is based on `client-side throttling `_ from the `Google SRE handbook `_. The only notable difference between the admission control filter's load shedding and load shedding defined in client-side throttling is that users may configure how aggressively load shedding starts at a target request success rate. Users may also configure the definition of a successful request for the purposes of the rejection probability calculation. The probability that the filter will reject a request is as follows: .. math:: P_{reject} = {(\frac{n_{total} - s}{n_{total} + 1})}^\frac{1}{aggression} where, .. math:: s = \frac{n_{success}}{threshold} - *n* refers to a request count gathered in the sliding window. - *threshold* is a configurable value that dictates the lowest request success rate at which the filter will **not reject** requests. The value is normalized to [0,1] for the calculation. - *aggression* controls the rejection probability curve such that 1.0 is a linear increase in rejection probability as the success rate decreases. As the **aggression** increases, the rejection probability will be higher for higher success rates. See `Aggression`_ for a more detailed explanation. .. note:: The success rate calculations are performed on a per-thread basis for increased performance. In addition, the per-thread isolation prevents decreases the blast radius of a single bad connection with an anomalous success rate. Therefore, the rejection probability may vary between worker threads. .. note:: Health check traffic does not count towards any of the filter's measurements. See the :ref:`v3 API reference ` for more details on this parameter. The definition of a successful request is a :ref:`configurable parameter ` for both HTTP and gRPC requests. Aggression ~~~~~~~~~~ The aggression value affects the rejection probabilities as shown in the following figures: .. image:: images/aggression_graph.png Since the success rate threshold in the first figure is set to 95%, the rejection probability remains 0 until then. In the second figure, there rejection probability remains 0 until the success rate reaches 50%. In both cases, as success rate drops to 0%, the rejection probability approaches a value just under 100%. The aggression values dictate how high the rejection probability will be at a given request success rate, so it will shed load more *aggressively*. Example Configuration --------------------- An example filter configuration can be found below. Not all fields are required and many of the fields can be overridden via runtime settings. .. code-block:: yaml name: envoy.filters.http.admission_control typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.admission_control.v3alpha.AdmissionControl enabled: default_value: true runtime_key: "admission_control.enabled" sampling_window: 120s sr_threshold: default_value: 95.0 runtime_key: "admission_control.sr_threshold" aggression: default_value: 1.5 runtime_key: "admission_control.aggression" success_criteria: http_criteria: http_success_status: - start: 100 end: 400 - start: 404 end: 404 grpc_criteria: grpc_success_status: - 0 - 1 The above configuration can be understood as follows: * Calculate the request success-rate over a 120s sliding window. * Do not begin shedding any load until the request success-rate drops below 95% in the sliding window. * HTTP requests are considered successful if they are 1xx, 2xx, 3xx, or a 404. * gRPC requests are considered successful if they are OK or CANCELLED. Statistics ---------- The admission control filter outputs statistics in the *http..admission_control.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: auto rq_rejected, Counter, Total requests that were not admitted by the filter. rq_success, Counter, Total requests that were considered a success. rq_failure, Counter, Total requests that were considered a failure. ================================================ FILE: docs/root/configuration/http/http_filters/aws_lambda_filter.rst ================================================ .. _config_http_filters_aws_lambda: AWS Lambda ========== * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.aws_lambda*. .. attention:: The AWS Lambda filter is currently under active development. The HTTP AWS Lambda filter is used to trigger an AWS Lambda function from a standard HTTP/1.x or HTTP/2 request. It supports a few options to control whether to pass through the HTTP request payload as is or to wrap it in a JSON schema. If :ref:`payload_passthrough ` is set to ``true``, then the payload is sent to Lambda without any transformations. *Note*: This means you lose access to all the HTTP headers in the Lambda function. However, if :ref:`payload_passthrough ` is set to ``false``, then the HTTP request is transformed to a JSON payload with the following schema: .. code-block:: { "rawPath": "/path/to/resource", "method": "GET|POST|HEAD|...", "headers": {"header-key": "header-value", ... }, "queryStringParameters": {"key": "value", ...}, "body": "...", "isBase64Encoded": true|false } - ``rawPath`` is the HTTP request resource path (including the query string) - ``method`` is the HTTP request method. For example ``GET``, ``PUT``, etc. - ``headers`` are the HTTP request headers. If multiple headers share the same name, their values are coalesced into a single comma-separated value. - ``queryStringParameters`` are the HTTP request query string parameters. If multiple parameters share the same name, the last one wins. That is, parameters are _not_ coalesced into a single value if they share the same key name. - ``body`` the body of the HTTP request is base64-encoded by the filter if the ``content-type`` header exists and is _not_ one of the following: - text/* - application/json - application/xml - application/javascript Otherwise, the body of HTTP request is added to the JSON payload as is. On the other end, the response of the Lambda function must conform to the following schema: .. code-block:: { "statusCode": ... "headers": {"header-key": "header-value", ... }, "cookies": ["key1=value1; HttpOnly; ...", "key2=value2; Secure; ...", ...], "body": "...", "isBase64Encoded": true|false } - The ``statusCode`` field is an integer used as the HTTP response code. If this key is missing, Envoy returns a ``200 OK``. - The ``headers`` are used as the HTTP response headers. - The ``cookies`` are used as ``Set-Cookie`` response headers. Unlike the request headers, cookies are _not_ part of the response headers because the ``Set-Cookie`` header cannot contain more than one value per the `RFC`_. Therefore, Each key/value pair in this JSON array will translate to a single ``Set-Cookie`` header. - The ``body`` is base64-decoded if it is marked as base64-encoded and sent as the body of the HTTP response. .. _RFC: https://tools.ietf.org/html/rfc6265#section-4.1 .. note:: The target cluster must have its endpoint set to the `regional Lambda endpoint`_. Use the same region as the Lambda function. AWS IAM credentials must be defined in either environment variables, EC2 metadata or ECS task metadata. .. _regional Lambda endpoint: https://docs.aws.amazon.com/general/latest/gr/lambda-service.html The filter supports :ref:`per-filter configuration `. If you use the per-filter configuration, the target cluster _must_ have the following metadata: .. code-block:: yaml metadata: filter_metadata: com.amazonaws.lambda: egress_gateway: true Below are some examples that show how the filter can be used in different deployment scenarios. Example configuration --------------------- In this configuration, the filter applies to all routes in the filter chain of the http connection manager: .. code-block:: yaml http_filters: - name: envoy.filters.http.aws_lambda typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.aws_lambda.v3.Config arn: "arn:aws:lambda:us-west-2:987654321:function:hello_envoy" payload_passthrough: true The corresponding regional endpoint must be specified in the target cluster. So, for example if the Lambda function is in us-west-2: .. code-block:: yaml clusters: - name: lambda_egress_gateway connect_timeout: 0.25s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: lambda_egress_gateway endpoints: - lb_endpoints: - endpoint: address: socket_address: address: lambda.us-west-2.amazonaws.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: "*.amazonaws.com" The filter can also be configured per virtual-host, route or weighted-cluster. In that case, the target cluster *must* have specific Lambda metadata. .. code-block:: yaml weighted_clusters: clusters: - name: lambda_egress_gateway weight: 42 typed_per_filter_config: envoy.filters.http.aws_lambda: "@type": type.googleapis.com/envoy.extensions.filters.http.aws_lambda.v3.PerRouteConfig invoke_config: arn: "arn:aws:lambda:us-west-2:987654321:function:hello_envoy" payload_passthrough: false An example with the Lambda metadata applied to a weighted-cluster: .. code-block:: yaml clusters: - name: lambda_egress_gateway connect_timeout: 0.25s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN metadata: filter_metadata: com.amazonaws.lambda: egress_gateway: true load_assignment: cluster_name: lambda_egress_gateway # does this have to match? seems redundant endpoints: - lb_endpoints: - endpoint: address: socket_address: address: lambda.us-west-2.amazonaws.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: "*.amazonaws.com" Statistics ---------- The AWS Lambda filter outputs statistics in the *http..aws_lambda.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 server_error, Counter, Total requests that returned invalid JSON response (see :ref:`payload_passthrough `) upstream_rq_payload_size, Histogram, Size in bytes of the request after JSON-tranformation (if any). ================================================ FILE: docs/root/configuration/http/http_filters/aws_request_signing_filter.rst ================================================ .. _config_http_filters_aws_request_signing: AWS Request Signing =================== * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.aws_request_signing*. .. attention:: The AWS request signing filter is experimental and is currently under active development. The HTTP AWS request signing filter is used to access authenticated AWS services. It uses the existing AWS Credential Provider to get the secrets used for generating the required headers. Example configuration --------------------- Example filter configuration: .. code-block:: yaml name: envoy.filters.http.aws_request_signing typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.aws_request_signing.v3.AwsRequestSigning service_name: s3 region: us-west-2 Statistics ---------- The AWS request signing filter outputs statistics in the *http..aws_request_signing.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 signing_added, Counter, Total authentication headers added to requests signing_failed, Counter, Total requests for which a signature was not added ================================================ FILE: docs/root/configuration/http/http_filters/buffer_filter.rst ================================================ .. _config_http_filters_buffer: Buffer ====== The buffer filter is used to stop filter iteration and wait for a fully buffered complete request. This is useful in different situations including protecting some applications from having to deal with partial requests and high network latency. If enabled the buffer filter populates content-length header if it is not present in the request already. The behavior can be disabled using the runtime feature `envoy.reloadable_features.buffer_filter_populate_content_length`. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.buffer*. Per-Route Configuration ----------------------- The buffer filter configuration can be overridden or disabled on a per-route basis by providing a :ref:`BufferPerRoute ` configuration on the virtual host, route, or weighted cluster. ================================================ FILE: docs/root/configuration/http/http_filters/cdn_loop_filter.rst ================================================ .. _config_http_filters_cdn_loop: CDN-Loop header =============== The CDN-Loop header filter participates in the cross-CDN loop detection protocol specified by `RFC 8586 `_. The CDN-Loop header filter performs two actions. First, the filter checks to see how many times a particular CDN identifier has appeared in the CDN-Loop header. Next, if the check passes, the filter then appends the CDN identifier to the CDN-Loop header and passes the request to the next upstream filter. If the check fails, the filter stops processing on the request and returns an error response. RFC 8586 is particular in how the CDN-Loop header should be modified. As such: * other filters in the filter chain should not modify the CDN-Loop header and * the HTTP route configuration's :ref:`request_headers_to_add ` or :ref:`request_headers_to_remove ` fields should not contain the CDN-Loop header. The filter will coalesce multiple CDN-Loop headers into a single, comma-separated header. Configuration ------------- The filter is configured with the name *envoy.filters.http.cdn_loop*. The `filter config `_ has two fields. * The *cdn_id* field sets the identifier that the filter will look for within and append to the CDN-Loop header. RFC 8586 calls this field the "cdn-id"; "cdn-id" can either be a pseudonym or a hostname the CDN provider has control of. The *cdn_id* field must not be empty. * The *max_allowed_occurrences* field controls how many times *cdn_id* can appear in the CDN-Loop header on downstream requests (before the filter appends *cdn_id* to the header). If the *cdn_id* appears more than *max_allowed_occurrences* times in the header, the filter will reject the downstream's request. Most users should configure *max_allowed_occurrences* to be 0 (the default). Response Code Details --------------------- .. list-table:: :header-rows: 1 * - Name - HTTP Status - Description * - invalid_cdn_loop_header - 400 (Bad Request) - The CDN-Loop header in the downstream is invalid or unparseable. * - cdn_loop_detected - 502 (Bad Gateway) - The *cdn_id* value appears more than *max_allowed_occurrences* in the CDN-Loop header, indicating a loop between CDNs. ================================================ FILE: docs/root/configuration/http/http_filters/compressor_filter.rst ================================================ .. _config_http_filters_compressor: Compressor ========== Compressor is an HTTP filter which enables Envoy to compress dispatched data from an upstream service upon client request. Compression is useful in situations when bandwidth is scarce and large payloads can be effectively compressed at the expense of higher CPU load or offloading it to a compression accelerator. .. note:: This filter deprecates the :ref:`HTTP Gzip filter `. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.compressor*. How it works ------------ When compressor filter is enabled, request and response headers are inspected to determine whether or not the content should be compressed. The content is compressed and then sent to the client with the appropriate headers, if response and request allow. Currently the filter supports :ref:`gzip compression ` only. Other compression libraries can be supported as extensions. An example configuration of the filter may look like the following: .. code-block:: yaml http_filters: - name: envoy.filters.http.compressor typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor disable_on_etag_header: true content_length: 100 content_type: - text/html - application/json compressor_library: name: text_optimized typed_config: "@type": type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip memory_level: 3 window_bits: 10 compression_level: best_compression compression_strategy: default_strategy By *default* compression will be *skipped* when: - A request does NOT contain *accept-encoding* header. - A request includes *accept-encoding* header, but it does not contain "gzip" or "\*". - A request includes *accept-encoding* with "gzip" or "\*" with the weight "q=0". Note that the "gzip" will have a higher weight then "\*". For example, if *accept-encoding* is "gzip;q=0,\*;q=1", the filter will not compress. But if the header is set to "\*;q=0,gzip;q=1", the filter will compress. - A request whose *accept-encoding* header includes any encoding type with a higher weight than "gzip"'s given the corresponding compression filter is present in the chain. - A response contains a *content-encoding* header. - A response contains a *cache-control* header whose value includes "no-transform". - A response contains a *transfer-encoding* header whose value includes "gzip". - A response does not contain a *content-type* value that matches one of the selected mime-types, which default to *application/javascript*, *application/json*, *application/xhtml+xml*, *image/svg+xml*, *text/css*, *text/html*, *text/plain*, *text/xml*. - Neither *content-length* nor *transfer-encoding* headers are present in the response. - Response size is smaller than 30 bytes (only applicable when *transfer-encoding* is not chunked). Please note that in case the filter is configured to use a compression library extension other than gzip it looks for content encoding in the *accept-encoding* header provided by the extension. When compression is *applied*: - The *content-length* is removed from response headers. - Response headers contain "*transfer-encoding: chunked*" and do not contain "*content-encoding*" header. - The "*vary: accept-encoding*" header is inserted on every response. Also the "*vary: accept-encoding*" header may be inserted even if compression is *not* applied due to incompatible "*accept-encoding*" header in a request. This happens when the requested resource still can be compressed given compatible "*accept-encoding*". Otherwise, if an uncompressed response is cached by a caching proxy in front of Envoy, the proxy won't know to fetch a new incoming request with compatible "*accept-encoding*" from upstream. .. _compressor-statistics: Statistics ---------- Every configured Compressor filter has statistics rooted at .compressor...* with the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 compressed, Counter, Number of requests compressed. not_compressed, Counter, Number of requests not compressed. no_accept_header, Counter, Number of requests with no accept header sent. header_identity, Counter, Number of requests sent with "identity" set as the *accept-encoding*. header_compressor_used, Counter, Number of requests sent with "gzip" set as the *accept-encoding*. header_compressor_overshadowed, Counter, Number of requests skipped by this filter instance because they were handled by another filter in the same filter chain. header_wildcard, Counter, Number of requests sent with "\*" set as the *accept-encoding*. header_not_valid, Counter, Number of requests sent with a not valid *accept-encoding* header (aka "q=0" or an unsupported encoding type). total_uncompressed_bytes, Counter, The total uncompressed bytes of all the requests that were marked for compression. total_compressed_bytes, Counter, The total compressed bytes of all the requests that were marked for compression. content_length_too_small, Counter, Number of requests that accepted gzip encoding but did not compress because the payload was too small. not_compressed_etag, Counter, Number of requests that were not compressed due to the etag header. *disable_on_etag_header* must be turned on for this to happen. ================================================ FILE: docs/root/configuration/http/http_filters/cors_filter.rst ================================================ .. _config_http_filters_cors: CORS ==== This is a filter which handles Cross-Origin Resource Sharing requests based on route or virtual host settings. For the meaning of the headers please refer to the pages below. * https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS * https://www.w3.org/TR/cors/ * :ref:`v2 API reference ` * This filter should be configured with the name *envoy.filters.http.cors*. .. _cors-runtime: Runtime ------- The fraction of requests for which the filter is enabled can be configured via the :ref:`runtime_key ` value of the :ref:`filter_enabled ` field. The fraction of requests for which the filter is enabled in shadow-only mode can be configured via the :ref:`runtime_key ` value of the :ref:`shadow_enabled ` field. When enabled in shadow-only mode, the filter will evaluate the request's *Origin* to determine if it's valid but will not enforce any policies. .. note:: If both ``filter_enabled`` and ``shadow_enabled`` are on, the ``filter_enabled`` flag will take precedence. .. _cors-statistics: Statistics ---------- The CORS filter outputs statistics in the .cors.* namespace. .. note:: Requests that do not have an Origin header will be omitted from statistics. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 origin_valid, Counter, Number of requests that have a valid Origin header. origin_invalid, Counter, Number of requests that have an invalid Origin header. ================================================ FILE: docs/root/configuration/http/http_filters/csrf_filter.rst ================================================ .. _config_http_filters_csrf: CSRF ==== This is a filter which prevents Cross-Site Request Forgery based on a route or virtual host settings. At it's simplest, CSRF is an attack that occurs when a malicious third-party exploits a vulnerability that allows them to submit an undesired request on the user's behalf. A real-life example is cited in section 1 of `Robust Defenses for Cross-Site Request Forgery `_: "For example, in late 2007 [42], Gmail had a CSRF vulnerability. When a Gmail user visited a malicious site, the malicious site could generate a request to Gmail that Gmail treated as part of its ongoing session with the victim. In November 2007, a web attacker exploited this CSRF vulnerability to inject an email filter into David Airey’s Gmail account [1]." There are many ways to mitigate CSRF, some of which have been outlined in the `OWASP Prevention Cheat Sheet `_. This filter employs a stateless mitigation pattern known as origin verification. This pattern relies on two pieces of information used in determining if a request originated from the same host. * The origin that caused the user agent to issue the request (source origin). * The origin that the request is going to (target origin). When the filter is evaluating a request, it ensures both pieces of information are present and compares their values. If the source origin is missing or the origins do not match the request is rejected. The exception to this being if the source origin has been added to the policy as valid. Because CSRF attacks specifically target state-changing requests, the filter only acts on HTTP requests that have a state-changing method (POST, PUT, etc.). .. note:: Due to differing functionality between browsers this filter will determine a request's source origin from the Origin header. If that is not present it will fall back to the host and port value from the requests Referer header. For more information on CSRF please refer to the pages below. * https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29 * https://seclab.stanford.edu/websec/csrf/csrf.pdf * :ref:`v3 API reference ` .. note:: This filter should be configured with the name *envoy.filters.http.csrf*. .. _csrf-configuration: Configuration ------------- The CSRF filter supports the ability to extend the source origins it will consider valid. The reason it is able to do this while still mitigating cross-site request forgery attempts is because the target origin has already been reached by the time front-envoy is applying the filter. This means that while endpoints may support cross-origin requests they are still protected from malicious third-parties who have not been allowlisted. It's important to note that requests should generally originate from the same origin as the target but there are use cases where that may not be possible. For example, if you are hosting a static site on a third-party vendor but need to make requests for tracking purposes. .. warning:: Additional origins can be either an exact string, regex pattern, prefix string, or suffix string. It's advised to be cautious when adding regex, prefix, or suffix origins since an ambiguous origin can pose a security vulnerability. .. _csrf-runtime: Runtime ------- The fraction of requests for which the filter is enabled can be configured via the :ref:`runtime_key ` value of the :ref:`filter_enabled ` field. The fraction of requests for which the filter is enabled in shadow-only mode can be configured via the :ref:`runtime_key ` value of the :ref:`shadow_enabled ` field. When enabled in shadow-only mode, the filter will evaluate the request's *Origin* and *Destination* to determine if it's valid but will not enforce any policies. .. note:: If both ``filter_enabled`` and ``shadow_enabled`` are on, the ``filter_enabled`` flag will take precedence. .. _csrf-statistics: Statistics ---------- The CSRF filter outputs statistics in the .csrf.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 missing_source_origin, Counter, Number of requests that are missing a source origin header. request_invalid, Counter, Number of requests whose source and target origins do not match. request_valid, Counter, Number of requests whose source and target origins match. ================================================ FILE: docs/root/configuration/http/http_filters/decompressor_filter.rst ================================================ .. _config_http_filters_decompressor: Decompressor ============ Decompressor is an HTTP filter which enables Envoy to bidirectionally decompress data. Configuration ------------- * :ref:`v3 API reference ` How it works ------------ When the decompressor filter is enabled, headers are inspected to determine whether or not the content should be decompressed. The content is decompressed and passed on to the rest of the filter chain. Note that decompression happens independently for request and responses based on the rules described below. Currently the filter supports :ref:`gzip compression ` only. Other compression libraries can be supported as extensions. An example configuration of the filter may look like the following: .. code-block:: yaml http_filters: - name: decompressor typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.decompressor.v3.Decompressor decompressor_library: name: basic typed_config: "@type": type.googleapis.com/envoy.extensions.compression.gzip.decompressor.v3.Gzip window_bits: 10 By *default* decompression will be *skipped* when: - A request/response does NOT contain *content-encoding* header. - A request/response includes *content-encoding* header, but it does not contain the configured decompressor's content-encoding. - A request/response contains a *cache-control* header whose value includes "no-transform". When decompression is *applied*: - The *content-length* is removed from headers. .. note:: If an updated *content-length* header is desired, the buffer filter can be installed as part of the filter chain to buffer decompressed frames, and ultimately update the header. Due to :ref:`filter ordering ` a buffer filter needs to be installed after the decompressor for requests and prior to the decompressor for responses. - The *content-encoding* header is modified to remove the decompression that was applied. - *x-envoy-decompressor---bytes* trailers are added to the request/response to relay information about decompression. .. _decompressor-statistics: Using different decompressors for requests and responses -------------------------------------------------------- If different compression libraries are desired for requests and responses, it is possible to install multiple decompressor filters enabled only for requests or responses. For instance: .. code-block:: yaml http_filters: # This filter is only enabled for requests. - name: envoy.filters.http.decompressor typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.decompressor.v3.Decompressor decompressor_library: name: small typed_config: "@type": "type.googleapis.com/envoy.extensions.compression.gzip.decompressor.v3.Gzip" window_bits: 9 chunk_size: 8192 response_direction_config: common_config: enabled: default_value: false runtime_key: response_decompressor_enabled # This filter is only enabled for responses. - name: envoy.filters.http.decompressor typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.decompressor.v3.Decompressor decompressor_library: name: large typed_config: "@type": "type.googleapis.com/envoy.extensions.compression.gzip.decompressor.v3.Gzip" window_bits: 12 chunk_size: 16384 request_direction_config: common_config: enabled: default_value: false runtime_key: request_decompressor_enabled Statistics ---------- Every configured Deompressor filter has statistics rooted at .decompressor...* with the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 decompressed, Counter, Number of request/responses compressed. not_decompressed, Counter, Number of request/responses not compressed. total_uncompressed_bytes, Counter, The total uncompressed bytes of all the request/responses that were marked for decompression. total_compressed_bytes, Counter, The total compressed bytes of all the request/responses that were marked for decompression. Additional stats for the decompressor library are rooted at .decompressor...decompressor_library. ================================================ FILE: docs/root/configuration/http/http_filters/dynamic_forward_proxy_filter.rst ================================================ .. _config_http_filters_dynamic_forward_proxy: Dynamic forward proxy ===================== * HTTP dynamic forward proxy :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.dynamic_forward_proxy* The following is a complete configuration that configures both the :ref:`dynamic forward proxy HTTP filter ` as well as the :ref:`dynamic forward proxy cluster `. Both filter and cluster must be configured together and point to the same DNS cache parameters for Envoy to operate as an HTTP dynamic forward proxy. This filter supports :ref:`host rewrite ` via the :ref:`virtual host's typed_per_filter_config ` or the :ref:`route's typed_per_filter_config `. This can be used to rewrite the host header with the provided value before DNS lookup, thus allowing to route traffic to the rewritten host when forwarding. See the example below within the configured routes. .. note:: Configuring a :ref:`transport_socket with name envoy.transport_sockets.tls ` on the cluster with *trusted_ca* certificates instructs Envoy to use TLS when connecting to upstream hosts and verify the certificate chain. Additionally, Envoy will automatically perform SAN verification for the resolved host name as well as specify the host name via SNI. .. _dns_cache_circuit_breakers: Dynamic forward proxy uses circuit breakers built in to the DNS cache with the configuration of :ref:`DNS cache circuit breakers `. By default, this behavior is enabled by the runtime feature `envoy.reloadable_features.enable_dns_cache_circuit_breakers`. If this runtime feature is disabled, cluster circuit breakers will be used even when setting the configuration of :ref:`DNS cache circuit breakers `. .. literalinclude:: _include/dns-cache-circuit-breaker.yaml :language: yaml Statistics ---------- The dynamic forward proxy DNS cache outputs statistics in the dns_cache..* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 dns_query_attempt, Counter, Number of DNS query attempts. dns_query_success, Counter, Number of DNS query successes. dns_query_failure, Counter, Number of DNS query failures. host_address_changed, Counter, Number of DNS queries that resulted in a host address change. host_added, Counter, Number of hosts that have been added to the cache. host_removed, Counter, Number of hosts that have been removed from the cache. num_hosts, Gauge, Number of hosts that are currently in the cache. dns_rq_pending_overflow, Counter, Number of dns pending request overflow. The dynamic forward proxy DNS cache circuit breakers outputs statistics in the dns_cache..circuit_breakers* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 rq_pending_open, Gauge, Whether the requests circuit breaker is closed (0) or open (1) rq_pending_remaining, Gauge, Number of remaining requests until the circuit breaker opens ================================================ FILE: docs/root/configuration/http/http_filters/dynamodb_filter.rst ================================================ .. _config_http_filters_dynamo: DynamoDB ======== * DynamoDB :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.dynamo*. Statistics ---------- The DynamoDB filter outputs statistics in the *http..dynamodb.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. Per operation stats can be found in the *http..dynamodb.operation..* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_total, Counter, Total number of requests with upstream_rq_time, Histogram, Time spent on upstream_rq_total_xxx, Counter, Total number of requests with per response code (503/2xx/etc) upstream_rq_time_xxx, Histogram, Time spent on per response code (400/3xx/etc) Per table stats can be found in the *http..dynamodb.table..* namespace. Most of the operations to DynamoDB involve a single table, but BatchGetItem and BatchWriteItem can include several tables, Envoy tracks per table stats in this case only if it is the same table used in all operations from the batch. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_total, Counter, Total number of requests on table upstream_rq_time, Histogram, Time spent on table upstream_rq_total_xxx, Counter, Total number of requests on table per response code (503/2xx/etc) upstream_rq_time_xxx, Histogram, Time spent on table per response code (400/3xx/etc) *Disclaimer: Please note that this is a pre-release Amazon DynamoDB feature that is not yet widely available.* Per partition and operation stats can be found in the *http..dynamodb.table..* namespace. For batch operations, Envoy tracks per partition and operation stats only if it is the same table used in all operations. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 capacity..__partition_id=, Counter, Total number of capacity for on table for a given Additional detailed stats: * For 4xx responses and partial batch operation failures, the total number of failures for a given table and failure are tracked in the *http..dynamodb.error..* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 , Counter, Total number of specific for a given BatchFailureUnprocessedKeys, Counter, Total number of partial batch failures for a given Runtime ------- The DynamoDB filter supports the following runtime settings: dynamodb.filter_enabled The % of requests for which the filter is enabled. Default is 100%. ================================================ FILE: docs/root/configuration/http/http_filters/ext_authz_filter.rst ================================================ .. _config_http_filters_ext_authz: External Authorization ====================== * External authorization :ref:`architecture overview ` * :ref:`HTTP filter v3 API reference ` * This filter should be configured with the name *envoy.filters.http.ext_authz*. The external authorization filter calls an external gRPC or HTTP service to check whether an incoming HTTP request is authorized or not. If the request is deemed unauthorized, then the request will be denied normally with 403 (Forbidden) response. Note that sending additional custom metadata from the authorization service to the upstream, to the downstream or to the authorization service is also possible. This is explained in more details at :ref:`HTTP filter `. The content of the requests that are passed to an authorization service is specified by :ref:`CheckRequest `. .. _config_http_filters_ext_authz_http_configuration: The HTTP filter, using a gRPC/HTTP service, can be configured as follows. You can see all the configuration options at :ref:`HTTP filter `. Configuration Examples ---------------------- A sample filter configuration for a gRPC authorization server: .. code-block:: yaml http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz grpc_service: envoy_grpc: cluster_name: ext-authz # Default is 200ms; override if your server needs e.g. warmup time. timeout: 0.5s include_peer_certificate: true .. code-block:: yaml clusters: - name: ext-authz type: static http2_protocol_options: {} load_assignment: cluster_name: ext-authz endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10003 # This timeout controls the initial TCP handshake timeout - not the timeout for the # entire request. connect_timeout: 0.25s .. note:: One of the features of this filter is to send HTTP request body to the configured gRPC authorization server as part of the :ref:`check request `. A sample configuration is as follows: .. code:: yaml http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz grpc_service: envoy_grpc: cluster_name: ext-authz with_request_body: max_request_bytes: 1024 allow_partial_message: true pack_as_bytes: true Please note that by default :ref:`check request` carries the HTTP request body as UTF-8 string and it fills the :ref:`body ` field. To pack the request body as raw bytes, it is needed to set :ref:`pack_as_bytes ` field to true. In effect to that, the :ref:`raw_body ` field will be set and :ref:`body ` field will be empty. A sample filter configuration for a raw HTTP authorization server: .. code-block:: yaml http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz http_service: server_uri: uri: 127.0.0.1:10003 cluster: ext-authz timeout: 0.25s failure_mode_allow: false include_peer_certificate: true .. code-block:: yaml clusters: - name: ext-authz connect_timeout: 0.25s type: logical_dns lb_policy: round_robin load_assignment: cluster_name: ext-authz endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10003 Per-Route Configuration ----------------------- A sample virtual host and route filter configuration. In this example we add additional context on the virtual host, and disabled the filter for `/static` prefixed routes. .. code-block:: yaml route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] typed_per_filter_config: envoy.filters.http.ext_authz: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute check_settings: context_extensions: virtual_host: local_service routes: - match: { prefix: "/static" } route: { cluster: some_service } typed_per_filter_config: envoy.filters.http.ext_authz: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute disabled: true - match: { prefix: "/" } route: { cluster: some_service } Statistics ---------- .. _config_http_filters_ext_authz_stats: The HTTP filter outputs statistics in the *cluster..ext_authz.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ok, Counter, Total responses from the filter. error, Counter, Total errors (including timeouts) contacting the external service. timeout, Counter, Total timeouts contacting the external service (only counted when timeout is measured when check request is created). denied, Counter, Total responses from the authorizations service that were to deny the traffic. disabled, Counter, Total requests that are allowed without calling external services due to the filter is disabled. failure_mode_allowed, Counter, "Total requests that were error(s) but were allowed through because of failure_mode_allow set to true." Dynamic Metadata ---------------- .. _config_http_filters_ext_authz_dynamic_metadata: .. note:: The External Authorization filter emits dynamic metadata only when it is configured to use gRPC service as the authorization server. The External Authorization filter emits dynamic metadata as an opaque ``google.protobuf.Struct`` *only* when the gRPC authorization server returns a :ref:`CheckResponse ` with a filled :ref:`dynamic_metadata ` field. Runtime ------- The fraction of requests for which the filter is enabled can be configured via the :ref:`runtime_key ` value of the :ref:`filter_enabled ` field. ================================================ FILE: docs/root/configuration/http/http_filters/fault_filter.rst ================================================ .. _config_http_filters_fault_injection: Fault Injection =============== The fault injection filter can be used to test the resiliency of microservices to different forms of failures. The filter can be used to inject delays and abort requests with user-specified error codes, thereby providing the ability to stage different failure scenarios such as service failures, service overloads, high network latency, network partitions, etc. Faults injection can be limited to a specific set of requests based on the (destination) upstream cluster of a request and/or a set of pre-defined request headers. The scope of failures is restricted to those that are observable by an application communicating over the network. CPU and disk failures on the local host cannot be emulated. Configuration ------------- .. note:: The fault injection filter must be inserted before any other filter, including the router filter. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.fault*. .. _config_http_filters_fault_injection_http_header: Controlling fault injection via HTTP headers -------------------------------------------- The fault filter has the capability to allow fault configuration to be specified by the caller. This is useful in certain scenarios in which it is desired to allow the client to specify its own fault configuration. The currently supported header controls are: x-envoy-fault-abort-request HTTP status code to abort a request with. The header value should be an integer that specifies the HTTP status code to return in response to a request and must be in the range [200, 600). In order for the header to work, :ref:`header_abort ` needs to be set. x-envoy-fault-abort-grpc-request gRPC status code to abort a request with. The header value should be a non-negative integer that specifies the gRPC status code to return in response to a request. Its value range is [0, UInt32.Max] instead of [0, 16] to allow testing even not well-defined gRPC status codes. When this header is set, the HTTP response status code will be set to 200. In order for the header to work, :ref:`header_abort ` needs to be set. If both *x-envoy-fault-abort-request* and *x-envoy-fault-abort-grpc-request* headers are set then *x-envoy-fault-abort-grpc-request* header will be **ignored** and fault response http status code will be set to *x-envoy-fault-abort-request* header value. x-envoy-fault-abort-request-percentage The percentage of requests that should be failed with a status code that's defined by the value of *x-envoy-fault-abort-request* or *x-envoy-fault-abort-grpc-request* HTTP headers. The header value should be an integer that specifies the numerator of the percentage of request to apply aborts to and must be greater or equal to 0 and its maximum value is capped by the value of the numerator of :ref:`percentage ` field. Percentage's denominator is equal to default percentage's denominator :ref:`percentage ` field. In order for the header to work, :ref:`header_abort ` needs to be set and either *x-envoy-fault-abort-request* or *x-envoy-fault-abort-grpc-request* HTTP header needs to be a part of the request. x-envoy-fault-delay-request The duration to delay a request by. The header value should be an integer that specifies the number of milliseconds to throttle the latency for. In order for the header to work, :ref:`header_delay ` needs to be set. x-envoy-fault-delay-request-percentage The percentage of requests that should be delayed by a duration that's defined by the value of *x-envoy-fault-delay-request* HTTP header. The header value should be an integer that specifies the percentage of request to apply delays to and must be greater or equal to 0 and its maximum value is capped by the value of the numerator of :ref:`percentage ` field. Percentage's denominator is equal to default percentage's denominator :ref:`percentage ` field. In order for the header to work, :ref:`header_delay ` needs to be set and *x-envoy-fault-delay-request* HTTP header needs to be a part of a request. x-envoy-fault-throughput-response The rate limit to use when a response to a caller is sent. The header value should be an integer that specifies the limit in KiB/s and must be > 0. In order for the header to work, :ref:`header_limit ` needs to be set. x-envoy-fault-throughput-response-percentage The percentage of requests whose response rate should be limited to the value of *x-envoy-fault-throughput-response* HTTP header. The header value should be an integer that specifies the percentage of request to apply delays to and must be greater or equal to 0 and its maximum value is capped by the value of the numerator of :ref:`percentage ` field. Percentage's denominator is equal to default percentage's denominator :ref:`percentage ` field. In order for the header to work, :ref:`header_limit ` needs to be set and *x-envoy-fault-delay-request* HTTP header needs to be a part of a request. .. attention:: Allowing header control is inherently dangerous if exposed to untrusted clients. In this case, it is suggested to use the :ref:`max_active_faults ` setting to limit the maximum concurrent faults that can be active at any given time. The following is an example configuration that enables header control for both of the above options: .. code-block:: yaml name: envoy.filters.http.fault typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault max_active_faults: 100 abort: header_abort: {} percentage: numerator: 100 delay: header_delay: {} percentage: numerator: 100 response_rate_limit: header_limit: {} percentage: numerator: 100 .. _config_http_filters_fault_injection_runtime: Runtime ------- The HTTP fault injection filter supports the following global runtime settings: .. attention:: Some of the following runtime keys require the filter to be configured for the specific fault type and some do not. Please consult the documentation for each key for more information. fault.http.abort.abort_percent % of requests that will be aborted if the headers match. Defaults to the *abort_percent* specified in config. If the config does not contain an *abort* block, then *abort_percent* defaults to 0. For historic reasons, this runtime key is available regardless of whether the filter is :ref:`configured for abort `. fault.http.abort.http_status HTTP status code that will be used as the response status code of requests that will be aborted if the headers match. Defaults to the HTTP status code specified in the config. If the config does not contain an *abort* block, then *http_status* defaults to 0. For historic reasons, this runtime key is available regardless of whether the filter is :ref:`configured for abort `. fault.http.abort.grpc_status gRPC status code that will be used as the response status code of requests that will be aborted if the headers match. Defaults to the gRPC status code specified in the config. If this field is missing from both the runtime and the config, gRPC status code in the response will be derived from *fault.http.abort.http_status* field. This runtime key is only available when the filter is :ref:`configured for abort `. fault.http.delay.fixed_delay_percent % of requests that will be delayed if the headers match. Defaults to the *delay_percent* specified in the config or 0 otherwise. This runtime key is only available when the filter is :ref:`configured for delay `. fault.http.delay.fixed_duration_ms The delay duration in milliseconds. If not specified, the *fixed_duration_ms* specified in the config will be used. If this field is missing from both the runtime and the config, no delays will be injected. This runtime key is only available when the filter is :ref:`configured for delay `. fault.http.max_active_faults The maximum number of active faults (of all types) that Envoy will will inject via the fault filter. This can be used in cases where it is desired that faults are 100% injected, but the user wants to avoid a situation in which too many unexpected concurrent faulting requests cause resource constraint issues. If not specified, the :ref:`max_active_faults ` setting will be used. fault.http.rate_limit.response_percent % of requests which will have a response rate limit fault injected. Defaults to the value set in the :ref:`percentage ` field. This runtime key is only available when the filter is :ref:`configured for response rate limiting `. *Note*, fault filter runtime settings for the specific downstream cluster override the default ones if present. The following are downstream specific runtime keys: * fault.http..abort.abort_percent * fault.http..abort.http_status * fault.http..delay.fixed_delay_percent * fault.http..delay.fixed_duration_ms Downstream cluster name is taken from :ref:`the HTTP x-envoy-downstream-service-cluster ` header. If the following settings are not found in the runtime it defaults to the global runtime settings which defaults to the config settings. .. _config_http_filters_fault_injection_stats: Statistics ---------- The fault filter outputs statistics in the *http..fault.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 delays_injected, Counter, Total requests that were delayed aborts_injected, Counter, Total requests that were aborted response_rl_injected, Counter, "Total requests that had a response rate limit selected for injection (actually injection may not occur due to disconnect, reset, no body, etc.)" faults_overflow, Counter, Total number of faults that were not injected due to overflowing the :ref:`max_active_faults ` setting active_faults, Gauge, Total number of faults active at the current time .delays_injected, Counter, Total delayed requests for the given downstream cluster .aborts_injected, Counter, Total aborted requests for the given downstream cluster ================================================ FILE: docs/root/configuration/http/http_filters/grpc_http1_bridge_filter.rst ================================================ .. _config_http_filters_grpc_bridge: gRPC HTTP/1.1 bridge ==================== * gRPC :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.grpc_http1_bridge*. This is a simple filter which enables the bridging of an HTTP/1.1 client which does not support response trailers to a compliant gRPC server. It works by doing the following: * When a request is sent, the filter sees if the connection is HTTP/1.1 and the request content type is *application/grpc*. * If so, when the response is received, the filter buffers it and waits for trailers and then checks the *grpc-status* code. If it is not zero, the filter switches the HTTP response code to 503. It also copies the *grpc-status* and *grpc-message* trailers into the response headers so that the client can look at them if it wishes. * The client should send HTTP/1.1 requests that translate to the following pseudo headers: * *\:method*: POST * *\:path*: * *content-type*: application/grpc * The body should be the serialized grpc body which is: * 1 byte of zero (not compressed). * network order 4 bytes of proto message length. * serialized proto message. * Because this scheme must buffer the response to look for the *grpc-status* trailer it will only work with unary gRPC APIs. This filter also collects stats for all gRPC requests that transit, even if those requests are normal gRPC requests over HTTP/2. More info: wire format in `gRPC over HTTP/2 `_. .. attention:: Note that statistics are also collected by the dedicated :ref:`gRPC stats filter `. The use of this filter for gRPC telemetry has been deprecated. Statistics ---------- The filter emits statistics in the *cluster..grpc.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ..success, Counter, Total successful service/method calls ..failure, Counter, Total failed service/method calls ..total, Counter, Total service/method calls ================================================ FILE: docs/root/configuration/http/http_filters/grpc_http1_reverse_bridge_filter.rst ================================================ .. _config_http_filters_grpc_http1_reverse_bridge: gRPC HTTP/1.1 reverse bridge ============================ * gRPC :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.grpc_http1_reverse_bridge*. This is a filter that enables converting an incoming gRPC request into a HTTP/1.1 request to allow a server that does not understand HTTP/2 or gRPC semantics to handle the request. The filter works by: * Checking the content type of the incoming request. If it's a gRPC request, the filter is enabled. * The content type is modified to a configurable value. This can be a noop by configuring ``application/grpc``. * The gRPC frame header is optionally stripped from the request body. The content length header will be adjusted if so. * On receiving a response, the content type of the response is validated and the status code is mapped to a grpc-status which is inserted into the response trailers. * The response body is optionally prefixed by the gRPC frame header, again adjusting the content length header if necessary. Due to being mapped to HTTP/1.1, this filter will only work with unary gRPC calls. gRPC frame header management ---------------------------- By setting the withhold_grpc_frame option, the filter will assume that the upstream does not understand any gRPC semantics and will convert the request body into a simple binary encoding of the request body and perform the reverse conversion on the response body. This ends up simplifying the server side handling of these requests, as they no longer need to be concerned with parsing and generating gRPC formatted data. This works by stripping the gRPC frame header from the request body, while injecting a gRPC frame header in the response. If this feature is not used, the upstream must be ready to receive HTTP/1.1 requests prefixed with the gRPC frame header and respond with gRPC formatted responses. How to disable HTTP/1.1 reverse bridge filter per route ------------------------------------------------------- .. literalinclude:: _include/grpc-reverse-bridge-filter.yaml :language: yaml ================================================ FILE: docs/root/configuration/http/http_filters/grpc_json_transcoder_filter.rst ================================================ .. _config_http_filters_grpc_json_transcoder: gRPC-JSON transcoder ==================== * gRPC :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.grpc_json_transcoder*. This is a filter which allows a RESTful JSON API client to send requests to Envoy over HTTP and get proxied to a gRPC service. The HTTP mapping for the gRPC service has to be defined by `custom options `_. JSON mapping ------------ The protobuf to JSON mapping is defined `here `_. For gRPC stream request parameters, Envoy expects an array of messages, and it returns an array of messages for stream response parameters. .. _config_grpc_json_generate_proto_descriptor_set: How to generate proto descriptor set ------------------------------------ Envoy has to know the proto descriptor of your gRPC service in order to do the transcoding. To generate a protobuf descriptor set for the gRPC service, you'll also need to clone the googleapis repository from GitHub before running protoc, as you'll need annotations.proto in your include path, to define the HTTP mapping. .. code-block:: bash git clone https://github.com/googleapis/googleapis GOOGLEAPIS_DIR= Then run protoc to generate the descriptor set from bookstore.proto: .. code-block:: bash protoc -I$(GOOGLEAPIS_DIR) -I. --include_imports --include_source_info \ --descriptor_set_out=proto.pb test/proto/bookstore.proto If you have more than one proto source files, you can pass all of them in one command. Route configs for transcoded requests ------------------------------------- The route configs to be used with the gRPC-JSON transcoder should be identical to the gRPC route. The requests processed by the transcoder filter will have `/./` path and `POST` method. The route configs for those requests should match on `/./`, not the incoming request path. This allows the routes to be used for both gRPC requests and gRPC-JSON transcoded requests. For example, with the following proto example, the router will process `/helloworld.Greeter/SayHello` as the path, so the route config prefix `/say` won't match requests to `SayHello`. If you want to match the incoming request path, set `match_incoming_request_route` to true. .. code-block:: proto package helloworld; // The greeting service definition. service Greeter { // Sends a greeting rpc SayHello (HelloRequest) returns (HelloReply) { option (google.api.http) = { get: "/say" }; } } Sending arbitrary content ------------------------- By default, when transcoding occurs, gRPC-JSON encodes the message output of a gRPC service method into JSON and sets the HTTP response `Content-Type` header to `application/json`. To send arbitrary content, a gRPC service method can use `google.api.HttpBody `_ as its output message type. The implementation needs to set `content_type `_ (which sets the value of the HTTP response `Content-Type` header) and `data `_ (which sets the HTTP response body) accordingly. Multiple `google.api.HttpBody `_ can be send by the gRPC server in the server streaming case. In this case, HTTP response header `Content-Type` will use the `content-type` from the first `google.api.HttpBody `_. Headers -------- gRPC-JSON forwards the following headers to the gRPC server: * `x-envoy-original-path`, containing the value of the original path of HTTP request * `x-envoy-original-method`, containing the value of the original method of HTTP request Sample Envoy configuration -------------------------- Here's a sample Envoy configuration that proxies to a gRPC server running on localhost:50051. Port 51051 proxies gRPC requests and uses the gRPC-JSON transcoder filter to provide the RESTful JSON mapping. I.e., you can make either gRPC or RESTful JSON requests to localhost:51051. .. literalinclude:: _include/grpc-transcoder-filter.yaml :language: yaml ================================================ FILE: docs/root/configuration/http/http_filters/grpc_stats_filter.rst ================================================ .. _config_http_filters_grpc_stats: gRPC Statistics =============== * gRPC :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.grpc_stats*. * This filter can be enabled to emit a :ref:`filter state object ` This is a filter which enables telemetry of gRPC calls. Additionally, the filter detects message boundaries in streaming gRPC calls and emits the message counts for both the request and the response. More info: wire format in `gRPC over HTTP/2 `_. The filter emits statistics in the *cluster..grpc.* namespace. Depending on the configuration, the stats may be prefixed with `..`; the stats in the table below are shown in this form. See the documentation for :ref:`individual_method_stats_allowlist ` and :ref:`stats_for_all_methods `. To enable *upstream_rq_time* (v3 API only) see :ref:`enable_upstream_stats `. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ..success, Counter, Total successful service/method calls ..failure, Counter, Total failed service/method calls ..total, Counter, Total service/method calls ..request_message_count, Counter, Total request message count for service/method calls ..response_message_count, Counter, Total response message count for service/method calls ..upstream_rq_time, Histogram, Request time milliseconds ================================================ FILE: docs/root/configuration/http/http_filters/grpc_web_filter.rst ================================================ .. _config_http_filters_grpc_web: gRPC-Web ======== * gRPC :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.grpc_web*. This is a filter which enables the bridging of a gRPC-Web client to a compliant gRPC server by following https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-WEB.md. ================================================ FILE: docs/root/configuration/http/http_filters/gzip_filter.rst ================================================ .. _config_http_filters_gzip: .. warning:: This filter has been deprecated in favor the :ref:`HTTP Compressor filter `. Gzip ==== Gzip is an HTTP filter which enables Envoy to compress dispatched data from an upstream service upon client request. Compression is useful in situations where large payloads need to be transmitted without compromising the response time. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.gzip*. .. attention:: The *window bits* is a number that tells the compressor how far ahead in the text the algorithm should be looking for repeated sequence of characters. Due to a known bug in the underlying zlib library, *window bits* with value eight does not work as expected. Therefore any number below that will be automatically set to 9. This issue might be solved in future releases of the library. Runtime ------- The Gzip filter can be runtime feature flagged via the :ref:`runtime_enabled ` configuration field within the compressor field. How it works ------------ When gzip filter is enabled, request and response headers are inspected to determine whether or not the content should be compressed. The content is compressed and then sent to the client with the appropriate headers, if response and request allow. By *default* compression will be *skipped* when: - A request does NOT contain *accept-encoding* header. - A request includes *accept-encoding* header, but it does not contain "gzip" or "\*". - A request includes *accept-encoding* with "gzip" or "\*" with the weight "q=0". Note that the "gzip" will have a higher weight then "\*". For example, if *accept-encoding* is "gzip;q=0,\*;q=1", the filter will not compress. But if the header is set to "\*;q=0,gzip;q=1", the filter will compress. - A request whose *accept-encoding* header includes any encoding type with a higher weight than "gzip"'s given the corresponding compression filter is present in the chain. - A response contains a *content-encoding* header. - A response contains a *cache-control* header whose value includes "no-transform". - A response contains a *transfer-encoding* header whose value includes "gzip". - A response does not contain a *content-type* value that matches one of the selected mime-types, which default to *application/javascript*, *application/json*, *application/xhtml+xml*, *image/svg+xml*, *text/css*, *text/html*, *text/plain*, *text/xml*. - Neither *content-length* nor *transfer-encoding* headers are present in the response. - Response size is smaller than 30 bytes (only applicable when *transfer-encoding* is not chunked). When compression is *applied*: - The *content-length* is removed from response headers. - Response headers contain "*transfer-encoding: chunked*" and do not contain "*content-encoding*" header. - The "*vary: accept-encoding*" header is inserted on every response. .. _gzip-statistics: Statistics ---------- Every configured Gzip filter has statistics rooted at .gzip.* with the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 compressed, Counter, Number of requests compressed. not_compressed, Counter, Number of requests not compressed. no_accept_header, Counter, Number of requests with no accept header sent. header_identity, Counter, Number of requests sent with "identity" set as the *accept-encoding*. header_gzip, Counter, Number of requests sent with "gzip" set as the *accept-encoding*. This counter is deprecated in favour of *header_compressor_used*. header_compressor_used, Counter, Number of requests sent with "gzip" set as the *accept-encoding*. header_compressor_overshadowed, Counter, Number of requests skipped by this filter instance because they were handled by another filter in the same filter chain. header_wildcard, Counter, Number of requests sent with "\*" set as the *accept-encoding*. header_not_valid, Counter, Number of requests sent with a not valid *accept-encoding* header (aka "q=0" or an unsupported encoding type). total_uncompressed_bytes, Counter, The total uncompressed bytes of all the requests that were marked for compression. total_compressed_bytes, Counter, The total compressed bytes of all the requests that were marked for compression. content_length_too_small, Counter, Number of requests that accepted gzip encoding but did not compress because the payload was too small. not_compressed_etag, Counter, Number of requests that were not compressed due to the etag header. *disable_on_etag_header* must be turned on for this to happen. ================================================ FILE: docs/root/configuration/http/http_filters/header_to_metadata_filter.rst ================================================ .. _config_http_filters_header_to_metadata: Envoy Header-To-Metadata Filter =============================== * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.header_to_metadata*. This filter is configured with rules that will be matched against requests and responses. Each rule has either a cookie or a header and can be triggered either when the header or cookie is present or missing. When a rule is triggered, dynamic metadata will be added based on the configuration of the rule. If the header or cookie is present, it's value is extracted and used along with the specified key as metadata. If the header or cookie is missing, on missing case is triggered and the value specified is used for adding metadata. The metadata can then be used for load balancing decisions, consumed from logs, etc. A typical use case for this filter is to dynamically match requests with load balancer subsets. For this, a given header's value would be extracted and attached to the request as dynamic metadata which would then be used to match a subset of endpoints. Example ------- A sample filter configuration to route traffic to endpoints based on the presence or absence of a version header could be: .. code-block:: yaml http_filters: - name: envoy.filters.http.header_to_metadata typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.header_to_metadata.v3.Config request_rules: - header: x-version on_header_present: metadata_namespace: envoy.lb key: version type: STRING on_header_missing: metadata_namespace: envoy.lb key: default value: 'true' type: STRING remove: false As with headers, the value of the specified cookie will be extracted from the request and added as metadata with the key specified. Removing a cookie when a rule matches is unsupported. .. code-block:: yaml http_filters: - name: envoy.filters.http.header_to_metadata typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.header_to_metadata.v3.Config request_rules: - cookie: cookie on_header_present: metadata_namespace: envoy.lb key: version type: STRING on_header_missing: metadata_namespace: envoy.lb key: default value: 'true' type: STRING remove: false A corresponding upstream cluster configuration could be: .. code-block:: yaml clusters: - name: versioned-cluster type: EDS lb_policy: ROUND_ROBIN lb_subset_config: fallback_policy: ANY_ENDPOINT subset_selectors: - keys: - default - keys: - version This would then allow requests with the `x-version` header set to be matched against endpoints with the corresponding version. Whereas requests with that header missing would be matched with the default endpoints. If the header's value needs to be transformed before it's added to the request as dynamic metadata, this filter supports regex matching and substitution: .. code-block:: yaml http_filters: - name: envoy.filters.http.header_to_metadata typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.header_to_metadata.v3.Config request_rules: - header: ":path" on_header_present: metadata_namespace: envoy.lb key: cluster regex_value_rewrite: pattern: google_re2: {} regex: "^/(cluster[\\d\\w-]+)/?.*$" substitution: "\\1" Note that this filter also supports per route configuration: .. code-block:: yaml route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/version-to-metadata" } route: { cluster: service } typed_per_filter_config: envoy.filters.http.header_to_metadata: "@type": type.googleapis.com/envoy.extensions.filters.http.header_to_metadata.v3.Config request_rules: - header: x-version on_header_present: metadata_namespace: envoy.lb key: version type: STRING remove: false - match: { prefix: "/" } route: { cluster: some_service } This can be used to either override the global configuration or if the global configuration is empty (no rules), it can be used to only enable the filter at a per route level. Statistics ---------- Currently, this filter generates no statistics. ================================================ FILE: docs/root/configuration/http/http_filters/health_check_filter.rst ================================================ .. _config_http_filters_health_check: Health check ============ * Health check filter :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.health_check*. .. note:: Note that the filter will automatically fail health checks and set the :ref:`x-envoy-immediate-health-check-fail ` header if the :ref:`/healthcheck/fail ` admin endpoint has been called. (The :ref:`/healthcheck/ok ` admin endpoint reverses this behavior). ================================================ FILE: docs/root/configuration/http/http_filters/http_filters.rst ================================================ .. _config_http_filters: HTTP filters ============ .. toctree:: :maxdepth: 2 adaptive_concurrency_filter admission_control_filter aws_lambda_filter aws_request_signing_filter buffer_filter cdn_loop_filter compressor_filter cors_filter csrf_filter decompressor_filter dynamic_forward_proxy_filter dynamodb_filter ext_authz_filter fault_filter grpc_http1_bridge_filter grpc_http1_reverse_bridge_filter grpc_json_transcoder_filter grpc_stats_filter grpc_web_filter gzip_filter health_check_filter header_to_metadata_filter ip_tagging_filter jwt_authn_filter local_rate_limit_filter lua_filter oauth2_filter on_demand_updates_filter original_src_filter rate_limit_filter rbac_filter router_filter squash_filter tap_filter wasm_filter .. TODO(toddmgreer): Remove this hack and add user-visible CacheFilter docs when CacheFilter is production-ready. .. toctree:: :hidden: ../../../api-v3/extensions/filters/http/admission_control/v3alpha/admission_control.proto ../../../api-v3/extensions/filters/http/oauth2/v3alpha/oauth.proto ../../../api-v3/extensions/filters/http/cache/v3alpha/cache.proto ../../../api-v3/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.proto ================================================ FILE: docs/root/configuration/http/http_filters/ip_tagging_filter.rst ================================================ .. _config_http_filters_ip_tagging: IP Tagging ========== The HTTP IP Tagging filter sets the header *x-envoy-ip-tags* with the string tags for the trusted address from :ref:`x-forwarded-for `. If there are no tags for an address, the header is not set. The implementation for IP Tagging provides a scalable way to compare an IP address to a large list of CIDR ranges efficiently. The underlying algorithm for storing tags and IP address subnets is a Level-Compressed trie described in the paper `IP-address lookup using LC-tries `_ by S. Nilsson and G. Karlsson. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.ip_tagging*. Statistics ---------- The IP Tagging filter outputs statistics in the *http..ip_tagging.* namespace. The stat prefix comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 .hit, Counter, Total number of requests that have the applied to it no_hit, Counter, Total number of requests with no applicable IP tags total, Counter, Total number of requests the IP Tagging Filter operated on Runtime ------- The IP Tagging filter supports the following runtime settings: ip_tagging.http_filter_enabled The % of requests for which the filter is enabled. Default is 100. ================================================ FILE: docs/root/configuration/http/http_filters/jwt_authn_filter.rst ================================================ .. _config_http_filters_jwt_authn: JWT Authentication ================== This HTTP filter can be used to verify JSON Web Token (JWT). It will verify its signature, audiences and issuer. It will also check its time restrictions, such as expiration and nbf (not before) time. If the JWT verification fails, its request will be rejected. If the JWT verification succeeds, its payload can be forwarded to the upstream for further authorization if desired. JWKS is needed to verify JWT signatures. They can be specified in the filter config or can be fetched remotely from a JWKS server. Following are supported JWT alg: .. code-block:: ES256, ES384, ES512, HS256, HS384, HS512, RS256, RS384, RS512, PS256, PS384, PS512, EdDSA Configuration ------------- This filter should be configured with the name *envoy.filters.http.jwt_authn*. This HTTP :ref:`filter config ` has two fields: * Field *providers* specifies how a JWT should be verified, such as where to extract the token, where to fetch the public key (JWKS) and where to output its payload. * Field *rules* specifies matching rules and their requirements. If a request matches a rule, its requirement applies. The requirement specifies which JWT providers should be used. JwtProvider ~~~~~~~~~~~ :ref:`JwtProvider ` specifies how a JWT should be verified. It has the following fields: * *issuer*: the principal that issued the JWT, usually a URL or an email address. * *audiences*: a list of JWT audiences allowed to access. A JWT containing any of these audiences will be accepted. If not specified, the audiences in JWT will not be checked. * *local_jwks*: fetch JWKS in local data source, either in a local file or embedded in the inline string. * *remote_jwks*: fetch JWKS from a remote HTTP server, also specify cache duration. * *forward*: if true, JWT will be forwarded to the upstream. * *from_headers*: extract JWT from HTTP headers. * *from_params*: extract JWT from query parameters. * *forward_payload_header*: forward the JWT payload in the specified HTTP header. Default Extract Location ~~~~~~~~~~~~~~~~~~~~~~~~ If *from_headers* and *from_params* is empty, the default location to extract JWT is from HTTP header:: Authorization: Bearer and query parameter key *access_token* as:: /path?access_token= If a request has two tokens, one from the header and the other from the query parameter, all of them must be valid. In the :ref:`filter config `, *providers* is a map, to map *provider_name* to a :ref:`JwtProvider `. The *provider_name* must be unique, it is referred in the `JwtRequirement ` in its *provider_name* field. .. important:: For *remote_jwks*, a **jwks_cluster** cluster is required. Due to above requirement, `OpenID Connect Discovery `_ is not supported since the URL to fetch JWKS is in the response of the discovery. It is not easy to setup a cluster config for a dynamic URL. Remote JWKS config example ~~~~~~~~~~~~~~~~~~~~~~~~~~ .. code-block:: yaml providers: provider_name1: issuer: https://example.com audiences: - bookstore_android.apps.googleusercontent.com - bookstore_web.apps.googleusercontent.com remote_jwks: http_uri: uri: https://example.com/jwks.json cluster: example_jwks_cluster cache_duration: seconds: 300 Above example fetches JWSK from a remote server with URL https://example.com/jwks.json. The token will be extracted from the default extract locations. The token will not be forwarded to upstream. JWT payload will not be added to the request header. Following cluster **example_jwks_cluster** is needed to fetch JWKS. .. code-block:: yaml cluster: name: example_jwks_cluster type: STRICT_DNS load_assignment: cluster_name: example_jwks_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: example.com port_value: 80 Inline JWKS config example ~~~~~~~~~~~~~~~~~~~~~~~~~~ Another config example using inline JWKS: .. code-block:: yaml providers: provider_name2: issuer: https://example2.com local_jwks: inline_string: PUBLIC-KEY from_headers: - name: jwt-assertion forward: true forward_payload_header: x-jwt-payload Above example uses config inline string to specify JWKS. The JWT token will be extracted from HTTP headers as:: jwt-assertion: . JWT payload will be added to the request header as following format:: x-jwt-payload: base64url_encoded(jwt_payload_in_JSON) RequirementRule ~~~~~~~~~~~~~~~ :ref:`RequirementRule ` has two fields: * Field *match* specifies how a request can be matched; e.g. by HTTP headers, or by query parameters, or by path prefixes. * Field *requires* specifies the JWT requirement, e.g. which provider is required. .. important:: - **If a request matches multiple rules, the first matched rule will apply**. - If the matched rule has empty *requires* field, **JWT verification is not required**. - If a request doesn't match any rules, **JWT verification is not required**. Single requirement config example ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. code-block:: yaml providers: jwt_provider1: issuer: https://example.com audiences: audience1 local_jwks: inline_string: PUBLIC-KEY rules: - match: prefix: /health - match: prefix: /api requires: provider_and_audiences: provider_name: jwt_provider1 audiences: api_audience - match: prefix: / requires: provider_name: jwt_provider1 Above config uses single requirement rule, each rule may have either an empty requirement or a single requirement with one provider name. Group requirement config example ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. code-block:: yaml providers: provider1: issuer: https://provider1.com local_jwks: inline_string: PUBLIC-KEY provider2: issuer: https://provider2.com local_jwks: inline_string: PUBLIC-KEY rules: - match: prefix: /any requires: requires_any: requirements: - provider_name: provider1 - provider_name: provider2 - match: prefix: /all requires: requires_all: requirements: - provider_name: provider1 - provider_name: provider2 Above config uses more complex *group* requirements: * The first *rule* specifies *requires_any*; if any of **provider1** or **provider2** requirement is satisfied, the request is OK to proceed. * The second *rule* specifies *requires_all*; only if both **provider1** and **provider2** requirements are satisfied, the request is OK to proceed. ================================================ FILE: docs/root/configuration/http/http_filters/local_rate_limit_filter.rst ================================================ .. _config_http_filters_local_rate_limit: Local rate limit ================ * Local rate limiting :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.local_ratelimit*. The HTTP local rate limit filter applies a :ref:`token bucket ` rate limit when the request's route or virtual host has a per filter :ref:`local rate limit configuration `. If the local rate limit token bucket is checked, and there are no token availables, a 429 response is returned (the response is configurable). The local rate limit filter also sets the :ref:`x-envoy-ratelimited` header. Additional response headers may be configured. Example configuration --------------------- Example filter configuration for a globally set rate limiter (e.g.: all vhosts/routes share the same token bucket): .. code-block:: yaml name: envoy.filters.http.local_ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit stat_prefix: http_local_rate_limiter token_bucket: max_tokens: 10000 tokens_per_fill: 1000 fill_interval: 1s filter_enabled: runtime_key: local_rate_limit_enabled default_value: numerator: 100 denominator: HUNDRED filter_enforced: runtime_key: local_rate_limit_enforced default_value: numerator: 100 denominator: HUNDRED response_headers_to_add: - append: false header: key: x-local-rate-limit value: 'true' Example filter configuration for a globally disabled rate limiter but enabled for a specific route: .. code-block:: yaml name: envoy.filters.http.local_ratelimit typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit stat_prefix: http_local_rate_limiter The route specific configuration: .. code-block:: yaml route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/path/with/rate/limit" } route: { cluster: service_protected_by_rate_limit } typed_per_filter_config: envoy.filters.http.local_ratelimit: "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit token_bucket: max_tokens: 10000 tokens_per_fill: 1000 fill_interval: 1s filter_enabled: runtime_key: local_rate_limit_enabled default_value: numerator: 100 denominator: HUNDRED filter_enforced: runtime_key: local_rate_limit_enforced default_value: numerator: 100 denominator: HUNDRED response_headers_to_add: - append: false header: key: x-local-rate-limit value: 'true' - match: { prefix: "/" } route: { cluster: default_service } Note that if this filter is configured as globally disabled and there are no virtual host or route level token buckets, no rate limiting will be applied. Statistics ---------- The local rate limit filter outputs statistics in the *.http_local_rate_limit.* namespace. 429 responses -- or the configured status code -- are emitted to the normal cluster :ref:`dynamic HTTP statistics `. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 enabled, Counter, Total number of requests for which the rate limiter was consulted ok, Counter, Total under limit responses from the token bucket rate_limited, Counter, Total responses without an available token (but not necessarily enforced) enforced, Counter, Total number of requests for which rate limiting was applied (e.g.: 429 returned) .. _config_http_filters_local_rate_limit_runtime: Runtime ------- The HTTP rate limit filter supports the following runtime fractional settings: http_filter_enabled % of requests that will check the local rate limit decision, but not enforce, for a given *route_key* specified in the :ref:`local rate limit configuration `. Defaults to 0. http_filter_enforcing % of requests that will enforce the local rate limit decision for a given *route_key* specified in the :ref:`local rate limit configuration `. Defaults to 0. This can be used to test what would happen before fully enforcing the outcome. ================================================ FILE: docs/root/configuration/http/http_filters/lua_filter.rst ================================================ .. _config_http_filters_lua: Lua === .. attention:: By default Envoy is built without exporting symbols that you may need when interacting with Lua modules installed as shared objects. Envoy may need to be built with support for exported symbols. Please see the :repo:`Bazel docs ` for more information. Overview -------- The HTTP Lua filter allows `Lua `_ scripts to be run during both the request and response flows. `LuaJIT `_ is used as the runtime. Because of this, the supported Lua version is mostly 5.1 with some 5.2 features. See the `LuaJIT documentation `_ for more details. .. note:: `moonjit `_ is a continuation of LuaJIT development, which supports more 5.2 features and additional architectures. Envoy can be built with moonjit support by using the following bazel option: ``--//source/extensions/filters/common/lua:moonjit=1``. The design of the filter and Lua support at a high level is as follows: * All Lua environments are :ref:`per worker thread `. This means that there is no truly global data. Any globals created and populated at load time will be visible from each worker thread in isolation. True global support may be added via an API in the future. * All scripts are run as coroutines. This means that they are written in a synchronous style even though they may perform complex asynchronous tasks. This makes the scripts substantially easier to write. All network/async processing is performed by Envoy via a set of APIs. Envoy will suspend execution of the script as appropriate and resume it when async tasks are complete. * **Do not perform blocking operations from scripts.** It is critical for performance that Envoy APIs are used for all IO. Currently supported high level features --------------------------------------- **NOTE:** It is expected that this list will expand over time as the filter is used in production. The API surface has been kept small on purpose. The goal is to make scripts extremely simple and safe to write. Very complex or high performance use cases are assumed to use the native C++ filter API. * Inspection of headers, body, and trailers while streaming in either the request flow, response flow, or both. * Modification of headers and trailers. * Blocking and buffering the full request/response body for inspection. * Performing an outbound async HTTP call to an upstream host. Such a call can be performed while buffering body data so that when the call completes upstream headers can be modified. * Performing a direct response and skipping further filter iteration. For example, a script could make an upstream HTTP call for authentication, and then directly respond with a 403 response code. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.lua*. A simple example of configuring Lua HTTP filter that contains only :ref:`inline_code ` is as follow: .. code-block:: yaml name: envoy.filters.http.lua typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua inline_code: | -- Called on the request path. function envoy_on_request(request_handle) -- Do something. end -- Called on the response path. function envoy_on_response(response_handle) -- Do something. end By default, Lua script defined in ``inline_code`` will be treated as a ``GLOBAL`` script. Envoy will execute it for every HTTP request. Per-Route Configuration ----------------------- The Lua HTTP filter also can be disabled or overridden on a per-route basis by providing a :ref:`LuaPerRoute ` configuration on the virtual host, route, or weighted cluster. LuaPerRoute provides two ways of overriding the `GLOBAL` Lua script: * By providing a name reference to the defined :ref:`named Lua source codes map `. * By providing inline :ref:`source code ` (This allows the code to be sent through RDS). As a concrete example, given the following Lua filter configuration: .. code-block:: yaml name: envoy.filters.http.lua typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua inline_code: | function envoy_on_request(request_handle) -- do something end source_codes: hello.lua: inline_string: | function envoy_on_request(request_handle) request_handle:logInfo("Hello World.") end bye.lua: inline_string: | function envoy_on_response(response_handle) response_handle:logInfo("Bye Bye.") end The HTTP Lua filter can be disabled on some virtual host, route, or weighted cluster by the :ref:`LuaPerRoute ` configuration as follow: .. code-block:: yaml per_filter_config: envoy.filters.http.lua: disabled: true We can also refer to a Lua script in the filter configuration by specifying a name in LuaPerRoute. The ``GLOBAL`` Lua script will be overridden by the referenced script: .. code-block:: yaml per_filter_config: envoy.filters.http.lua: name: hello.lua .. attention:: The name ``GLOBAL`` is reserved for :ref:`Lua.inline_code `. Therefore, do not use ``GLOBAL`` as name for other Lua scripts. Or we can define a new Lua script in the LuaPerRoute configuration directly to override the `GLOBAL` Lua script as follows: .. code-block:: yaml per_filter_config: envoy.filters.http.lua: source_code: inline_string: | function envoy_on_response(response_handle) response_handle:logInfo("Goodbye.") end Script examples --------------- This section provides some concrete examples of Lua scripts as a more gentle introduction and quick start. Please refer to the :ref:`stream handle API ` for more details on the supported API. .. code-block:: lua -- Called on the request path. function envoy_on_request(request_handle) -- Wait for the entire request body and add a request header with the body size. request_handle:headers():add("request_body_size", request_handle:body():length()) end -- Called on the response path. function envoy_on_response(response_handle) -- Wait for the entire response body and add a response header with the body size. response_handle:headers():add("response_body_size", response_handle:body():length()) -- Remove a response header named 'foo' response_handle:headers():remove("foo") end .. code-block:: lua function envoy_on_request(request_handle) -- Make an HTTP call to an upstream host with the following headers, body, and timeout. local headers, body = request_handle:httpCall( "lua_cluster", { [":method"] = "POST", [":path"] = "/", [":authority"] = "lua_cluster" }, "hello world", 5000) -- Add information from the HTTP call into the headers that are about to be sent to the next -- filter in the filter chain. request_handle:headers():add("upstream_foo", headers["foo"]) request_handle:headers():add("upstream_body_size", #body) end .. code-block:: lua function envoy_on_request(request_handle) -- Make an HTTP call. local headers, body = request_handle:httpCall( "lua_cluster", { [":method"] = "POST", [":path"] = "/", [":authority"] = "lua_cluster", ["set-cookie"] = { "lang=lua; Path=/", "type=binding; Path=/" } }, "hello world", 5000) -- Response directly and set a header from the HTTP call. No further filter iteration -- occurs. request_handle:respond( {[":status"] = "403", ["upstream_foo"] = headers["foo"]}, "nope") end .. code-block:: lua function envoy_on_request(request_handle) -- Log information about the request request_handle:logInfo("Authority: "..request_handle:headers():get(":authority")) request_handle:logInfo("Method: "..request_handle:headers():get(":method")) request_handle:logInfo("Path: "..request_handle:headers():get(":path")) end function envoy_on_response(response_handle) -- Log response status code response_handle:logInfo("Status: "..response_handle:headers():get(":status")) end A common use-case is to rewrite upstream response body, for example: an upstream sends non-2xx response with JSON data, but the application requires HTML page to be sent to browsers. There are two ways of doing this, the first one is via the `body()` API. .. code-block:: lua function envoy_on_response(response_handle) local content_length = response_handle:body():setBytes("Not Found") response_handle:headers():replace("content-length", content_length) response_handle:headers():replace("content-type", "text/html") end Or, through `bodyChunks()` API, which let Envoy to skip buffering the upstream response data. .. code-block:: lua function envoy_on_response(response_handle) -- Sets the content-length. response_handle:headers():replace("content-length", 28) response_handle:headers():replace("content-type", "text/html") local last for chunk in response_handle:bodyChunks() do -- Clears each received chunk. chunk:setBytes("") last = chunk end last:setBytes("Not Found") end .. _config_http_filters_lua_stream_handle_api: Complete example ---------------- A complete example using Docker is available in :repo:`/examples/lua`. Stream handle API ----------------- When Envoy loads the script in the configuration, it looks for two global functions that the script defines: .. code-block:: lua function envoy_on_request(request_handle) end function envoy_on_response(response_handle) end A script can define either or both of these functions. During the request path, Envoy will run *envoy_on_request* as a coroutine, passing a handle to the request API. During the response path, Envoy will run *envoy_on_response* as a coroutine, passing handle to the response API. .. attention:: It is critical that all interaction with Envoy occur through the passed stream handle. The stream handle should not be assigned to any global variable and should not be used outside of the coroutine. Envoy will fail your script if the handle is used incorrectly. The following methods on the stream handle are supported: headers() ^^^^^^^^^ .. code-block:: lua local headers = handle:headers() Returns the stream's headers. The headers can be modified as long as they have not been sent to the next filter in the header chain. For example, they can be modified after an *httpCall()* or after a *body()* call returns. The script will fail if the headers are modified in any other situation. Returns a :ref:`header object `. body() ^^^^^^ .. code-block:: lua local body = handle:body() Returns the stream's body. This call will cause Envoy to suspend execution of the script until the entire body has been received in a buffer. Note that all buffering must adhere to the flow-control policies in place. Envoy will not buffer more data than is allowed by the connection manager. Returns a :ref:`buffer object `. bodyChunks() ^^^^^^^^^^^^ .. code-block:: lua local iterator = handle:bodyChunks() Returns an iterator that can be used to iterate through all received body chunks as they arrive. Envoy will suspend executing the script in between chunks, but *will not buffer* them. This can be used by a script to inspect data as it is streaming by. .. code-block:: lua for chunk in request_handle:bodyChunks() do request_handle:log(0, chunk:length()) end Each chunk the iterator returns is a :ref:`buffer object `. trailers() ^^^^^^^^^^ .. code-block:: lua local trailers = handle:trailers() Returns the stream's trailers. May return nil if there are no trailers. The trailers may be modified before they are sent to the next filter. Returns a :ref:`header object `. log*() ^^^^^^ .. code-block:: lua handle:logTrace(message) handle:logDebug(message) handle:logInfo(message) handle:logWarn(message) handle:logErr(message) handle:logCritical(message) Logs a message using Envoy's application logging. *message* is a string to log. httpCall() ^^^^^^^^^^ .. code-block:: lua local headers, body = handle:httpCall(cluster, headers, body, timeout, asynchronous) Makes an HTTP call to an upstream host. *cluster* is a string which maps to a configured cluster manager cluster. *headers* is a table of key/value pairs to send (the value can be a string or table of strings). Note that the *:method*, *:path*, and *:authority* headers must be set. *body* is an optional string of body data to send. *timeout* is an integer that specifies the call timeout in milliseconds. *asynchronous* is a boolean flag. If asynchronous is set to true, Envoy will make the HTTP request and continue, regardless of the response success or failure. If this is set to false, or not set, Envoy will suspend executing the script until the call completes or has an error. Returns *headers* which is a table of response headers. Returns *body* which is the string response body. May be nil if there is no body. respond() ^^^^^^^^^^ .. code-block:: lua handle:respond(headers, body) Respond immediately and do not continue further filter iteration. This call is *only valid in the request flow*. Additionally, a response is only possible if the request headers have not yet been passed to subsequent filters. Meaning, the following Lua code is invalid: .. code-block:: lua function envoy_on_request(request_handle) for chunk in request_handle:bodyChunks() do request_handle:respond( {[":status"] = "100"}, "nope") end end *headers* is a table of key/value pairs to send (the value can be a string or table of strings). Note that the *:status* header must be set. *body* is a string and supplies the optional response body. May be nil. metadata() ^^^^^^^^^^ .. code-block:: lua local metadata = handle:metadata() Returns the current route entry metadata. Note that the metadata should be specified under the filter name i.e. *envoy.filters.http.lua*. Below is an example of a *metadata* in a :ref:`route entry `. .. code-block:: yaml metadata: filter_metadata: envoy.filters.http.lua: foo: bar baz: - bad - baz Returns a :ref:`metadata object `. streamInfo() ^^^^^^^^^^^^^ .. code-block:: lua local streamInfo = handle:streamInfo() Returns :repo:`information ` related to the current request. Returns a :ref:`stream info object `. connection() ^^^^^^^^^^^^ .. code-block:: lua local connection = handle:connection() Returns the current request's underlying :repo:`connection `. Returns a :ref:`connection object `. importPublicKey() ^^^^^^^^^^^^^^^^^ .. code-block:: lua local pubkey = handle:importPublicKey(keyder, keyderLength) Returns public key which is used by :ref:`verifySignature ` to verify digital signature. .. _verify_signature: verifySignature() ^^^^^^^^^^^^^^^^^ .. code-block:: lua local ok, error = verifySignature(hashFunction, pubkey, signature, signatureLength, data, dataLength) Verify signature using provided parameters. *hashFunction* is the variable for the hash function which be used for verifying signature. *SHA1*, *SHA224*, *SHA256*, *SHA384* and *SHA512* are supported. *pubkey* is the public key. *signature* is the signature to be verified. *signatureLength* is the length of the signature. *data* is the content which will be hashed. *dataLength* is the length of data. The function returns a pair. If the first element is *true*, the second element will be empty which means signature is verified; otherwise, the second element will store the error message. .. _config_http_filters_lua_stream_handle_api_base64_escape: base64Escape() ^^^^^^^^^^^^^^ .. code-block:: lua local base64_encoded = handle:base64Escape("input string") Encodes the input string as base64. This can be useful for escaping binary data. .. _config_http_filters_lua_header_wrapper: Header object API ----------------- add() ^^^^^ .. code-block:: lua headers:add(key, value) Adds a header. *key* is a string that supplies the header key. *value* is a string that supplies the header value. get() ^^^^^ .. code-block:: lua headers:get(key) Gets a header. *key* is a string that supplies the header key. Returns a string that is the header value or nil if there is no such header. __pairs() ^^^^^^^^^ .. code-block:: lua for key, value in pairs(headers) do end Iterates through every header. *key* is a string that supplies the header key. *value* is a string that supplies the header value. .. attention:: In the current implementation, headers cannot be modified during iteration. Additionally, if it is necessary to modify headers after an iteration, the iteration must first be completed. This means that `break` or any other way to exit the loop early must not be used. This may be more flexible in the future. remove() ^^^^^^^^ .. code-block:: lua headers:remove(key) Removes a header. *key* supplies the header key to remove. replace() ^^^^^^^^^ .. code-block:: lua headers:replace(key, value) Replaces a header. *key* is a string that supplies the header key. *value* is a string that supplies the header value. If the header does not exist, it is added as per the *add()* function. .. _config_http_filters_lua_buffer_wrapper: Buffer API ---------- length() ^^^^^^^^^^ .. code-block:: lua local size = buffer:length() Gets the size of the buffer in bytes. Returns an integer. getBytes() ^^^^^^^^^^ .. code-block:: lua buffer:getBytes(index, length) Get bytes from the buffer. By default Envoy will not copy all buffer bytes to Lua. This will cause a buffer segment to be copied. *index* is an integer and supplies the buffer start index to copy. *length* is an integer and supplies the buffer length to copy. *index* + *length* must be less than the buffer length. .. _config_http_filters_lua_buffer_wrapper_api_set_bytes: setBytes() ^^^^^^^^^^ .. code-block:: lua buffer:setBytes(string) Set the content of wrapped buffer with the input string. .. _config_http_filters_lua_metadata_wrapper: Metadata object API ------------------- get() ^^^^^ .. code-block:: lua metadata:get(key) Gets a metadata. *key* is a string that supplies the metadata key. Returns the corresponding value of the given metadata key. The type of the value can be: *nil*, *boolean*, *number*, *string* and *table*. __pairs() ^^^^^^^^^ .. code-block:: lua for key, value in pairs(metadata) do end Iterates through every *metadata* entry. *key* is a string that supplies a *metadata* key. *value* is a *metadata* entry value. .. _config_http_filters_lua_stream_info_wrapper: Stream info object API ----------------------- protocol() ^^^^^^^^^^ .. code-block:: lua streamInfo:protocol() Returns the string representation of :repo:`HTTP protocol ` used by the current request. The possible values are: *HTTP/1.0*, *HTTP/1.1*, and *HTTP/2*. dynamicMetadata() ^^^^^^^^^^^^^^^^^ .. code-block:: lua streamInfo:dynamicMetadata() Returns a :ref:`dynamic metadata object `. downstreamSslConnection() ^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua streamInfo:downstreamSslConnection() Returns :repo:`information ` related to the current SSL connection. Returns a downstream :ref:`SSL connection info object `. .. _config_http_filters_lua_stream_info_dynamic_metadata_wrapper: Dynamic metadata object API --------------------------- get() ^^^^^ .. code-block:: lua dynamicMetadata:get(filterName) -- to get a value from a returned table. dynamicMetadata:get(filterName)[key] Gets an entry in dynamic metadata struct. *filterName* is a string that supplies the filter name, e.g. *envoy.lb*. Returns the corresponding *table* of a given *filterName*. set() ^^^^^ .. code-block:: lua dynamicMetadata:set(filterName, key, value) Sets key-value pair of a *filterName*'s metadata. *filterName* is a key specifying the target filter name, e.g. *envoy.lb*. The type of *key* is *string*. The type of *value* is any Lua type that can be mapped to a metadata value: *table*, *numeric*, *boolean*, *string* or *nil*. When using a *table* as an argument, its keys can only be *string* or *numeric*. .. code-block:: lua function envoy_on_request(request_handle) local headers = request_handle:headers() request_handle:streamInfo():dynamicMetadata():set("envoy.filters.http.lua", "request.info", { auth: headers:get("authorization"), token: headers:get("x-request-token"), }) end function envoy_on_response(response_handle) local meta = response_handle:streamInfo():dynamicMetadata():get("envoy.filters.http.lua")["request.info"] response_handle:logInfo("Auth: "..meta.auth..", token: "..meta.token) end __pairs() ^^^^^^^^^ .. code-block:: lua for key, value in pairs(dynamicMetadata) do end Iterates through every *dynamicMetadata* entry. *key* is a string that supplies a *dynamicMetadata* key. *value* is a *dynamicMetadata* entry value. .. _config_http_filters_lua_connection_wrapper: Connection object API --------------------- ssl() ^^^^^ .. code-block:: lua if connection:ssl() == nil then print("plain") else print("secure") end Returns :repo:`SSL connection ` object when the connection is secured and *nil* when it is not. Returns an :ref:`SSL connection info object `. .. _config_http_filters_lua_ssl_socket_info: SSL connection object API ------------------------- peerCertificatePresented() ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua if downstreamSslConnection:peerCertificatePresented() then print("peer certificate is presented") end Returns a bool representing whether the peer certificate is presented. peerCertificateValidated() ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua if downstreamSslConnection:peerCertificateVaidated() then print("peer certificate is valiedated") end Returns bool whether the peer certificate was validated. uriSanLocalCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua -- For example, uriSanLocalCertificate contains {"san1", "san2"} local certs = downstreamSslConnection:uriSanLocalCertificate() -- The following prints san1,san2 handle:logTrace(table.concat(certs, ",")) Returns the URIs (as a table) in the SAN field of the local certificate. Returns an empty table if there is no local certificate, or no SAN field, or no URI SAN entries. sha256PeerCertificateDigest() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:sha256PeerCertificateDigest() Returns the SHA256 digest of the peer certificate. Returns ``""`` if there is no peer certificate which can happen in TLS (non-mTLS) connections. serialNumberPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:serialNumberPeerCertificate() Returns the serial number field of the peer certificate. Returns ``""`` if there is no peer certificate, or no serial number. issuerPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:issuerPeerCertificate() Returns the issuer field of the peer certificate in RFC 2253 format. Returns ``""`` if there is no peer certificate, or no issuer. subjectPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:subjectPeerCertificate() Return the subject field of the peer certificate in RFC 2253 format. Returns ``""`` if there is no peer certificate, or no subject. uriSanPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:uriSanPeerCertificate() Returns the URIs (as a table) in the SAN field of the peer certificate. Returns an empty table if there is no peer certificate, or no SAN field, or no URI SAN entries. subjectLocalCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:subjectLocalCertificate() Returns the subject field of the local certificate in RFC 2253 format. Returns ``""`` if there is no local certificate, or no subject. urlEncodedPemEncodedPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:urlEncodedPemEncodedPeerCertificate() Returns the URL-encoded PEM-encoded representation of the peer certificate. Returns ``""`` if there is no peer certificate or encoding fails. urlEncodedPemEncodedPeerCertificateChain() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:urlEncodedPemEncodedPeerCertificateChain() Returnns the URL-encoded PEM-encoded representation of the full peer certificate chain including the leaf certificate. Returns ``""`` if there is no peer certificate or encoding fails. dnsSansPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:dnsSansPeerCertificate() Returns the DNS entries (as a table) in the SAN field of the peer certificate. Returns an empty table if there is no peer certificate, or no SAN field, or no DNS SAN entries. dnsSansLocalCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:dnsSansLocalCertificate() Returns the DNS entries (as a table) in the SAN field of the local certificate. Returns an empty table if there is no local certificate, or no SAN field, or no DNS SAN entries. validFromPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:validFromPeerCertificate() Returns the time (timestamp-since-epoch in seconds) that the peer certificate was issued and should be considered valid from. Returns ``0`` if there is no peer certificate. In Lua, we usually use ``os.time(os.date("!*t"))`` to get current timestamp-since-epoch in seconds. expirationPeerCertificate() ^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:validFromPeerCertificate() Returns the time (timestamp-since-epoch in seconds) that the peer certificate expires and should not be considered valid after. Returns ``0`` if there is no peer certificate. In Lua, we usually use ``os.time(os.date("!*t"))`` to get current timestamp-since-epoch in seconds. sessionId() ^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:sessionId() Returns the hex-encoded TLS session ID as defined in RFC 5246. ciphersuiteId() ^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:ciphersuiteId() Returns the standard ID (hex-encoded) for the ciphers used in the established TLS connection. Returns ``"0xffff"`` if there is no current negotiated ciphersuite. ciphersuiteString() ^^^^^^^^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:ciphersuiteString() Returns the OpenSSL name for the set of ciphers used in the established TLS connection. Returns ``""`` if there is no current negotiated ciphersuite. tlsVersion() ^^^^^^^^^^^^ .. code-block:: lua downstreamSslConnection:urlEncodedPemEncodedPeerCertificateChain() Returns the TLS version (e.g., TLSv1.2, TLSv1.3) used in the established TLS connection. ================================================ FILE: docs/root/configuration/http/http_filters/oauth2_filter.rst ================================================ .. _config_http_filters_oauth: OAuth2 ====== * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.oauth2*. .. attention:: The OAuth2 filter is currently under active development. Example configuration --------------------- .. code-block:: http_filters: - name: oauth2 typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.oauth2.v3alpha.OAuth2 token_endpoint: cluster: oauth uri: oauth.com/token timeout: 3s authorization_endpoint: https://oauth.com/oauth/authorize/ redirect_uri: "%REQ(:x-forwarded-proto)%://%REQ(:authority)%/callback" redirect_path_matcher: path: exact: /callback signout_path: path: exact: /signout credentials: client_id: foo token_secret: name: token hmac_secret: name: hmac timeout: 3s - name: envoy.router clusters: - name: service ... - name: auth connect_timeout: 5s type: LOGICAL_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: auth endpoints: - lb_endpoints: - endpoint: address: { socket_address: { address: auth.example.com, port_value: 443 }} tls_context: { sni: auth.example.com } Notes ----- This module does not currently provide much Cross-Site-Request-Forgery protection for the redirect loop to the OAuth server and back. The service must be served over HTTPS for this filter to work, as the cookies use `;secure`. Statistics ---------- The OAuth filter outputs statistics in the *.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 oauth_failure, Counter, Total requests that were denied. oauth_success, Counter, Total requests that were allowed. oauth_unauthorization_rq, Counter, Total unauthorized requests. ================================================ FILE: docs/root/configuration/http/http_filters/on_demand_updates_filter.rst ================================================ .. _config_http_filters_on_demand: On-demand VHDS and S/RDS Updates ================================ The on demand filter can be used to support either on demand VHDS or S/RDS update if configured in the filter chain. The on-demand update filter can be used to request a :ref:`virtual host ` data if it's not already present in the :ref:`Route Configuration `. The contents of the *Host* or *:authority* header is used to create the on-demand request. For an on-demand request to be created, :ref:`VHDS ` must be enabled and either *Host* or *:authority* header be present. The on-demand update filter can also be used to request a *Route Configuration* data if RouteConfiguration is specified to be loaded on demand in the :ref:`Scoped RouteConfiguration `. The contents of the HTTP header is used to find the scope and create the on-demand request. On-demand VHDS and on-demand S/RDS can not be used at the same time at this point. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.on_demand*. * The filter should be placed before *envoy.filters.http.router* filter in the HttpConnectionManager's filter chain. ================================================ FILE: docs/root/configuration/http/http_filters/original_src_filter.rst ================================================ .. _config_http_filters_original_src: Original Source =============== * :ref:`HTTP filter v3 API reference ` * This filter should be configured with the name *envoy.filters.http.original_src*. The original source http filter replicates the downstream remote address of the connection on the upstream side of Envoy. For example, if a downstream connection connects to Envoy with IP address ``10.1.2.3``, then Envoy will connect to the upstream with source IP ``10.1.2.3``. The downstream remote address is determined based on the logic for the "trusted client address" outlined in :ref:`XFF `. Note that the filter is intended to be used in conjunction with the :ref:`Router ` filter. In particular, it must run prior to the router filter so that it may add the desired source IP to the state of the filter chain. IP Version Support ------------------ The filter supports both IPv4 and IPv6 as addresses. Note that the upstream connection must support the version used. Extra Setup ----------- The downstream remote address used will likely be globally routable. By default, packets returning from the upstream host to that address will not route through Envoy. The network must be configured to forcefully route any traffic whose IP was replicated by Envoy back through the Envoy host. If Envoy and the upstream are on the same host -- e.g. in an sidecar deployment --, then iptables and routing rules can be used to ensure correct behaviour. The filter has an unsigned integer configuration, :ref:`mark `. Setting this to *X* causes Envoy to *mark* all upstream packets originating from this http with value *X*. Note that if :ref:`mark ` is set to 0, Envoy will not mark upstream packets. We can use the following set of commands to ensure that all ipv4 and ipv6 traffic marked with *X* (assumed to be 123 in the example) routes correctly. Note that this example assumes that *eth0* is the default outbound interface. .. code-block:: text iptables -t mangle -I PREROUTING -m mark --mark 123 -j CONNMARK --save-mark iptables -t mangle -I OUTPUT -m connmark --mark 123 -j CONNMARK --restore-mark ip6tables -t mangle -I PREROUTING -m mark --mark 123 -j CONNMARK --save-mark ip6tables -t mangle -I OUTPUT -m connmark --mark 123 -j CONNMARK --restore-mark ip rule add fwmark 123 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 ip -6 rule add fwmark 123 lookup 100 ip -6 route add local ::/0 dev lo table 100 echo 1 > /proc/sys/net/ipv4/conf/eth0/route_localnet Example HTTP configuration ------------------------------ The following example configures Envoy to use the original source for all connections made on port 8888. All upstream packets are marked with 123. .. code-block:: yaml http_filters: - name: envoy.filters.http.original_src typed_config: "@type": type.googleapis.com/envoy.extensions.filters.listener.original_src.v3.OriginalSrc mark: 123 - name: envoy.filters.http.router typed_config: {} ================================================ FILE: docs/root/configuration/http/http_filters/rate_limit_filter.rst ================================================ .. _config_http_filters_rate_limit: Rate limit ========== * Global rate limiting :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.ratelimit*. The HTTP rate limit filter will call the rate limit service when the request's route or virtual host has one or more :ref:`rate limit configurations` that match the filter stage setting. The :ref:`route` can optionally include the virtual host rate limit configurations. More than one configuration can apply to a request. Each configuration results in a descriptor being sent to the rate limit service. If the rate limit service is called, and the response for any of the descriptors is over limit, a 429 response is returned. The rate limit filter also sets the :ref:`x-envoy-ratelimited` header. If there is an error in calling rate limit service or rate limit service returns an error and :ref:`failure_mode_deny ` is set to true, a 500 response is returned. .. _config_http_filters_rate_limit_composing_actions: Composing Actions ----------------- Each :ref:`rate limit action ` on the route or virtual host populates a descriptor entry. A vector of descriptor entries compose a descriptor. To create more complex rate limit descriptors, actions can be composed in any order. The descriptor will be populated in the order the actions are specified in the configuration. Example 1 ^^^^^^^^^ For example, to generate the following descriptor: .. code-block:: cpp ("generic_key", "some_value") ("source_cluster", "from_cluster") The configuration would be: .. code-block:: yaml actions: - {source_cluster: {}} - {generic_key: {descriptor_value: some_value}} Example 2 ^^^^^^^^^ If an action doesn't append a descriptor entry, no descriptor is generated for the configuration. For the following configuration: .. code-block:: yaml actions: - {source_cluster: {}} - {remote_address: {}} - {generic_key: {descriptor_value: some_value}} If a request did not set :ref:`x-forwarded-for`, no descriptor is generated. If a request sets :ref:`x-forwarded-for`, the the following descriptor is generated: .. code-block:: cpp ("generic_key", "some_value") ("remote_address", "") ("source_cluster", "from_cluster") .. _config_http_filters_rate_limit_rate_limit_override: Rate Limit Override ------------------- A :ref:`rate limit action ` can optionally contain a :ref:`limit override `. The limit value will be appended to the descriptor produced by the action and sent to the ratelimit service, overriding the static service configuration. The override can be configured to be taken from the :ref:`Dynamic Metadata ` under a specified :ref: `key `. If the value is misconfigured or key does not exist, the override configuration is ignored. Example 3 ^^^^^^^^^ The following configuration .. code-block:: yaml actions: - {generic_key: {descriptor_value: some_value}} limit: metadata_key: key: test.filter.key path: - key: test .. _config_http_filters_rate_limit_override_dynamic_metadata: Will lookup the value of the dynamic metadata. The value must be a structure with integer field "requests_per_unit" and a string field "unit" which is parseable to :ref:`RateLimitUnit enum `. For example, with the following dynamic metadata the rate limit override of 42 requests per hour will be appended to the rate limit descriptor. .. code-block:: yaml test.filter.key: test: requests_per_unit: 42 unit: HOUR Statistics ---------- The rate limit filter outputs statistics in the *cluster..ratelimit.* namespace. 429 responses are emitted to the normal cluster :ref:`dynamic HTTP statistics `. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ok, Counter, Total under limit responses from the rate limit service error, Counter, Total errors contacting the rate limit service over_limit, Counter, total over limit responses from the rate limit service failure_mode_allowed, Counter, "Total requests that were error(s) but were allowed through because of :ref:`failure_mode_deny ` set to false." Runtime ------- The HTTP rate limit filter supports the following runtime settings: ratelimit.http_filter_enabled % of requests that will call the rate limit service. Defaults to 100. ratelimit.http_filter_enforcing % of requests that that will have the rate limit service decision enforced. Defaults to 100. This can be used to test what would happen before fully enforcing the outcome. ratelimit..http_filter_enabled % of requests that will call the rate limit service for a given *route_key* specified in the :ref:`rate limit configuration `. Defaults to 100. ================================================ FILE: docs/root/configuration/http/http_filters/rbac_filter.rst ================================================ .. _config_http_filters_rbac: Role Based Access Control (RBAC) Filter ======================================= The RBAC filter is used to authorize actions (permissions) by identified downstream clients (principals). This is useful to explicitly manage callers to an application and protect it from unexpected or forbidden agents. The filter supports configuration with either a safe-list (ALLOW) or block-list (DENY) set of policies based off properties of the connection (IPs, ports, SSL subject) as well as the incoming request's HTTP headers. This filter also supports policy in both enforcement and shadow mode, shadow mode won't effect real users, it is used to test that a new set of policies work before rolling out to production. When a request is denied, the :ref:`RESPONSE_CODE_DETAILS` will include the name of the matched policy that caused the deny in the format of `rbac_access_denied_matched_policy[policy_name]` (policy_name will be `none` if no policy matched), this helps to distinguish the deny from Envoy RBAC filter and the upstream backend. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.rbac*. Per-Route Configuration ----------------------- The RBAC filter configuration can be overridden or disabled on a per-route basis by providing a :ref:`RBACPerRoute ` configuration on the virtual host, route, or weighted cluster. Statistics ---------- The RBAC filter outputs statistics in the *http..rbac.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 allowed, Counter, Total requests that were allowed access denied, Counter, Total requests that were denied access shadow_allowed, Counter, Total requests that would be allowed access by the filter's shadow rules shadow_denied, Counter, Total requests that would be denied access by the filter's shadow rules logged, Counter, Total requests that should be logged not_logged, Counter, Total requests that should not be logged .. _config_http_filters_rbac_dynamic_metadata: Dynamic Metadata ---------------- The RBAC filter emits the following dynamic metadata. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 shadow_effective_policy_id, string, The effective shadow policy ID matching the action (if any). shadow_engine_result, string, The engine result for the shadow rules (i.e. either `allowed` or `denied`). access_log_hint, boolean, Whether the request should be logged. This metadata is shared and set under the key namespace 'envoy.common' (See :ref:`Shared Dynamic Metadata`). ================================================ FILE: docs/root/configuration/http/http_filters/router_filter.rst ================================================ .. _config_http_filters_router: Router ====== The router filter implements HTTP forwarding. It will be used in almost all HTTP proxy scenarios that Envoy is deployed for. The filter's main job is to follow the instructions specified in the configured :ref:`route table `. In addition to forwarding and redirection, the filter also handles retry, statistics, etc. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.router*. .. _config_http_filters_router_headers_consumed: HTTP headers (consumed from downstreams) ---------------------------------------- The router consumes and sets various HTTP headers both on the egress/request path as well as on the ingress/response path. They are documented in this section. .. contents:: :local: .. _config_http_filters_router_x-envoy-max-retries: x-envoy-max-retries ^^^^^^^^^^^^^^^^^^^ If a :ref:`route config retry policy ` or a :ref:`virtual host retry policy ` is in place, Envoy will default to retrying one time unless explicitly specified. The number of retries can be explicitly set in the virtual host retry config, the route retry config, or by using this header. If this header is used, its value takes precedence over the number of retries set in either retry policy. If a retry policy is not configured and :ref:`config_http_filters_router_x-envoy-retry-on` or :ref:`config_http_filters_router_x-envoy-retry-grpc-on` headers are not specified, Envoy will not retry a failed request. A few notes on how Envoy does retries: * The route timeout (set via :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` or the :ref:`timeout ` in route configuration or set via `grpc-timeout header `_ by specifying :ref:`max_grpc_timeout ` in route configuration) **includes** all retries. Thus if the request timeout is set to 3s, and the first request attempt takes 2.7s, the retry (including back-off) has .3s to complete. This is by design to avoid an exponential retry/timeout explosion. * By default, Envoy uses a fully jittered exponential back-off algorithm for retries with a default base interval of 25ms. Given a base interval B and retry number N, the back-off for the retry is in the range :math:`\big[0, (2^N-1)B\big)`. For example, given the default interval, the first retry will be delayed randomly by 0-24ms, the 2nd by 0-74ms, the 3rd by 0-174ms, and so on. The interval is capped at a maximum interval, which defaults to 10 times the base interval (250ms). The default base interval (and therefore the maximum interval) can be manipulated by setting the upstream.base_retry_backoff_ms runtime parameter. The back-off intervals can also be modified by configuring the retry policy's :ref:`retry back-off `. * Envoy can also be configured to use feedback from the upstream server to decide the interval between retries. Response headers like ``Retry-After`` or ``X-RateLimit-Reset`` instruct the client how long to wait before re-trying. The retry policy's :ref:`rate limited retry back off ` strategy can be configured to expect a particular header, and if that header is present in the response Envoy will use its value to decide the back-off. If the header is not present, or if it cannot be parsed successfully, Envoy will use the default exponential back-off algorithm instead. .. _config_http_filters_router_x-envoy-retry-on: x-envoy-retry-on ^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to attempt to retry failed requests (number of retries defaults to 1 and can be controlled by :ref:`x-envoy-max-retries ` header or the :ref:`route config retry policy ` or the :ref:`virtual host retry policy `). The value to which the x-envoy-retry-on header is set indicates the retry policy. One or more policies can be specified using a ',' delimited list. The supported policies are: 5xx Envoy will attempt a retry if the upstream server responds with any 5xx response code, or does not respond at all (disconnect/reset/read timeout). (Includes *connect-failure* and *refused-stream*) * **NOTE:** Envoy will not retry when a request exceeds :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` (resulting in a 504 error code). Use :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` if you want to retry when individual attempts take too long. :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` is an outer time limit for a request, including any retries that take place. gateway-error This policy is similar to the *5xx* policy but will only retry requests that result in a 502, 503, or 504. reset Envoy will attempt a retry if the upstream server does not respond at all (disconnect/reset/read timeout.) connect-failure Envoy will attempt a retry if a request is failed because of a connection failure to the upstream server (connect timeout, etc.). (Included in *5xx*) * **NOTE:** A connection failure/timeout is a the TCP level, not the request level. This does not include upstream request timeouts specified via :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` or via :ref:`route configuration ` or via :ref:`virtual host retry policy `. .. _config_http_filters_router_retry_policy-envoy-ratelimited: envoy-ratelimited Envoy will retry if the header :ref:`x-envoy-ratelimited` is present. retriable-4xx Envoy will attempt a retry if the upstream server responds with a retriable 4xx response code. Currently, the only response code in this category is 409. * **NOTE:** Be careful turning on this retry type. There are certain cases where a 409 can indicate that an optimistic locking revision needs to be updated. Thus, the caller should not retry and needs to read then attempt another write. If a retry happens in this type of case it will always fail with another 409. refused-stream Envoy will attempt a retry if the upstream server resets the stream with a REFUSED_STREAM error code. This reset type indicates that a request is safe to retry. (Included in *5xx*) retriable-status-codes Envoy will attempt a retry if the upstream server responds with any response code matching one defined in either :ref:`the retry policy ` or in the :ref:`config_http_filters_router_x-envoy-retriable-status-codes` header. retriable-headers Envoy will attempt a retry if the upstream server response includes any headers matching in either :ref:`the retry policy ` or in the :ref:`config_http_filters_router_x-envoy-retriable-header-names` header. The number of retries can be controlled via the :ref:`config_http_filters_router_x-envoy-max-retries` header or via the :ref:`route configuration ` or via the :ref:`virtual host retry policy `. Note that retry policies can also be applied at the :ref:`route level ` or the :ref:`virtual host level `. By default, Envoy will *not* perform retries unless you've configured them per above. .. _config_http_filters_router_x-envoy-retry-grpc-on: x-envoy-retry-grpc-on ^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to attempt to retry failed requests (number of retries defaults to 1, and can be controlled by :ref:`x-envoy-max-retries ` header or the :ref:`route config retry policy `) or the :ref:`virtual host retry policy `. gRPC retries are currently only supported for gRPC status codes in response headers. gRPC status codes in trailers will not trigger retry logic. One or more policies can be specified using a ',' delimited list. The supported policies are: cancelled Envoy will attempt a retry if the gRPC status code in the response headers is "cancelled" (1) deadline-exceeded Envoy will attempt a retry if the gRPC status code in the response headers is "deadline-exceeded" (4) internal Envoy will attempt to retry if the gRPC status code in the response headers is "internal" (13) resource-exhausted Envoy will attempt a retry if the gRPC status code in the response headers is "resource-exhausted" (8) unavailable Envoy will attempt a retry if the gRPC status code in the response headers is "unavailable" (14) As with the x-envoy-retry-grpc-on header, the number of retries can be controlled via the :ref:`config_http_filters_router_x-envoy-max-retries` header Note that retry policies can also be applied at the :ref:`route level ` or the :ref:`virtual host level `. By default, Envoy will *not* perform retries unless you've configured them per above. .. _config_http_filters_router_x-envoy-retriable-header-names: x-envoy-retriable-header-names ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header informs Envoy about what response headers should be considered retriable. It is used in conjunction with the :ref:`retriable-headers ` retry policy. When the corresponding retry policy is set, the response headers provided by this list header value will be considered retriable in addition to the response headers enabled for retry through other retry policies. The list is a comma-separated list of header names: "X-Upstream-Retry,X-Try-Again" would cause any upstream responses containing either one of the specified headers to be retriable if 'retriable-headers' retry policy is enabled. Header names are case-insensitive. Only the names of retriable response headers can be specified via the request header. A more sophisticated retry policy based on the response headers can be specified by using arbitrary header matching rules via :ref:`retry policy configuration `. This header will only be honored for requests from internal clients. .. _config_http_filters_router_x-envoy-retriable-status-codes: x-envoy-retriable-status-codes ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header informs Envoy about what status codes should be considered retriable when used in conjunction with the :ref:`retriable-status-code ` retry policy. When the corresponding retry policy is set, the list of retriable status codes will be considered retriable in addition to the status codes enabled for retry through other retry policies. The list is a comma delimited list of integers: "409" would cause 409 to be considered retriable, while "504,409" would consider both 504 and 409 retriable. This header will only be honored for requests from internal clients. .. _config_http_filters_router_x-envoy-upstream-alt-stat-name: x-envoy-upstream-alt-stat-name ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to emit upstream response code/timing statistics to a dual stat tree. This can be useful for application level categories that Envoy doesn't know about. The output tree is documented :ref:`here `. This should not be confused with :ref:`alt_stat_name ` which is specified while defining the cluster and when provided specifies an alternative name for the cluster at the root of the statistic tree. .. _config_http_filters_router_x-envoy-upstream-rq-timeout-alt-response: x-envoy-upstream-rq-timeout-alt-response ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to set a 204 response code (instead of 504) in the event of a request timeout. The actual value of the header is ignored; only its presence is considered. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`. .. _config_http_filters_router_x-envoy-upstream-rq-timeout-ms: x-envoy-upstream-rq-timeout-ms ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to override the :ref:`route configuration timeout ` or gRPC client timeout set via `grpc-timeout header `_ by specifying :ref:`max_grpc_timeout `. The timeout must be specified in millisecond units. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`. .. _config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms: x-envoy-upstream-rq-per-try-timeout-ms ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to set a *per try* timeout on routed requests. If a global route timeout is configured, this timeout must be less than the global route timeout (see :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`) or it is ignored. This allows a caller to set a tight per try timeout to allow for retries while maintaining a reasonable overall timeout. This timeout only applies before any part of the response is sent to the downstream, which normally happens after the upstream has sent response headers. x-envoy-hedge-on-per-try-timeout ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Setting this header will cause Envoy to use a request hedging strategy in the case of a per try timeout. This overrides the value set in the :ref:`route configuration `. This means that a retry will be issued without resetting the original request, leaving multiple upstream requests in flight. The value of the header should be "true" or "false", and is ignored if invalid. .. _config_http_filters_router_x-envoy-decorator-operation: x-envoy-decorator-operation ^^^^^^^^^^^^^^^^^^^^^^^^^^^ The value of this header will override any locally defined operation (span) name on the server span generated by the tracing mechanism. HTTP response headers consumed from upstream -------------------------------------------- x-envoy-decorator-operation ^^^^^^^^^^^^^^^^^^^^^^^^^^^ The value of this header will override any locally defined operation (span) name on the client span generated by the tracing mechanism. x-envoy-upstream-canary ^^^^^^^^^^^^^^^^^^^^^^^ If an upstream host sets this header, the router will use it to generate canary specific statistics. The output tree is documented :ref:`here `. .. _config_http_filters_router_x-envoy-immediate-health-check-fail: x-envoy-immediate-health-check-fail ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If the upstream host returns this header (set to any value), Envoy will immediately assume the upstream host has failed :ref:`active health checking ` (if the cluster has been :ref:`configured ` for active health checking). This can be used to fast fail an upstream host via standard data plane processing without waiting for the next health check interval. The host can become healthy again via standard active health checks. See the :ref:`health checking overview ` for more information. .. _config_http_filters_router_x-envoy-ratelimited: x-envoy-ratelimited ^^^^^^^^^^^^^^^^^^^ If this header is set by upstream, Envoy will not retry unless the retry policy :ref:`envoy-ratelimited` is enabled. Currently, the value of the header is not looked at, only its presence. This header is set by :ref:`rate limit filter` when the request is rate limited. .. _config_http_filters_router_headers_set: HTTP request headers set on upstream calls ------------------------------------------ The router sets various HTTP headers both on the egress/request path as well as on the ingress/response path. They are documented in this section. .. contents:: :local: .. _config_http_filters_router_x-envoy-attempt-count: x-envoy-attempt-count ^^^^^^^^^^^^^^^^^^^^^ Sent to the upstream to indicate which attempt the current request is in a series of retries. The value will be "1" on the initial request, incrementing by one for each retry. Only set if the :ref:`include_request_attempt_count ` flag is set to true. Sent to the downstream to indicate how many upstream requests took place. The header will be absent if the router did not send any upstream requests. The value will be "1" if only the original upstream request was sent, incrementing by one for each retry. Only set if the :ref:`include_attempt_count_in_response ` flag is set to true. .. _config_http_filters_router_x-envoy-expected-rq-timeout-ms: x-envoy-expected-rq-timeout-ms ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This is the time in milliseconds the router expects the request to be completed. Envoy sets this header so that the upstream host receiving the request can make decisions based on the request timeout, e.g., early exit. This is set on internal requests and is either taken from the :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` header or the :ref:`route timeout `, in that order. .. _config_http_filters_router_x-envoy-original-path: x-envoy-original-path ^^^^^^^^^^^^^^^^^^^^^ If the route utilizes :ref:`prefix_rewrite ` or :ref:`regex_rewrite `, Envoy will put the original path header in this header. This can be useful for logging and debugging. HTTP response headers set on downstream responses ------------------------------------------------- .. _config_http_filters_router_x-envoy-upstream-service-time: x-envoy-upstream-service-time ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Contains the time in milliseconds spent by the upstream host processing the request and the network latency between Envoy and upstream host. This is useful if the client wants to determine service time compared to network latency between client and Envoy. This header is set on responses. .. _config_http_filters_router_x-envoy-overloaded_set: x-envoy-overloaded ^^^^^^^^^^^^^^^^^^ Envoy will set this header on the downstream response if a request was dropped due to either :ref:`maintenance mode ` or upstream :ref:`circuit breaking `. .. _config_http_filters_router_stats: Statistics ---------- The router outputs many statistics in the cluster namespace (depending on the cluster specified in the chosen route). See :ref:`here ` for more information. The router filter outputs statistics in the *http..* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 no_route, Counter, Total requests that had no route and resulted in a 404 no_cluster, Counter, Total requests in which the target cluster did not exist and which by default result in a 503 rq_redirect, Counter, Total requests that resulted in a redirect response rq_direct_response, Counter, Total requests that resulted in a direct response rq_total, Counter, Total routed requests rq_reset_after_downstream_response_started, Counter, Total requests that were reset after downstream response had started .. _config_http_filters_router_vcluster_stats: Virtual Clusters ^^^^^^^^^^^^^^^^ Virtual cluster statistics are output in the *vhost..vcluster..* namespace and include the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_<\*xx>, Counter, "Aggregate HTTP response codes (e.g., 2xx, 3xx, etc.)" upstream_rq_<\*>, Counter, "Specific HTTP response codes (e.g., 201, 302, etc.)" upstream_rq_retry, Counter, Total request retries upstream_rq_retry_limit_exceeded, Counter, Total requests not retried due to exceeding :ref:`the configured number of maximum retries ` upstream_rq_retry_overflow, Counter, Total requests not retried due to circuit breaking or exceeding the :ref:`retry budgets ` upstream_rq_retry_success, Counter, Total request retry successes upstream_rq_time, Histogram, Request time milliseconds upstream_rq_timeout, Counter, Total requests that timed out waiting for a response upstream_rq_total, Counter, Total requests initiated by the router to the upstream Runtime ------- The router filter supports the following runtime settings: upstream.base_retry_backoff_ms Base exponential retry back-off time. See :ref:`here ` and :ref:`config_http_filters_router_x-envoy-max-retries` for more information. Defaults to 25ms. The default maximum retry back-off time is 10 times this value. .. _config_http_filters_router_runtime_maintenance_mode: upstream.maintenance_mode. % of requests that will result in an immediate 503 response. This overrides any routing behavior for requests that would have been destined for . This can be used for load shedding, failure injection, etc. Defaults to disabled. upstream.use_retry % of requests that are eligible for retry. This configuration is checked before any other retry configuration and can be used to fully disable retries across all Envoys if needed. ================================================ FILE: docs/root/configuration/http/http_filters/squash_filter.rst ================================================ .. _config_http_filters_squash: Squash ====== Squash is an HTTP filter which enables Envoy to integrate with Squash microservices debugger. Code: https://github.com/solo-io/squash, API Docs: https://squash.solo.io/ Overview -------- The main use case for this filter is in a service mesh, where Envoy is deployed as a sidecar. Once a request marked for debugging enters the mesh, the Squash Envoy filter reports its 'location' in the cluster to the Squash server - as there is a 1-1 mapping between Envoy sidecars and application containers, the Squash server can find and attach a debugger to the application container. The Squash filter also holds the request until a debugger is attached (or a timeout occurs). This enables developers (via Squash) to attach a native debugger to the container that will handle the request, before the request arrive to the application code, without any changes to the cluster. Configuration ------------- * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.squash*. How it works ------------ When the Squash filter encounters a request containing the header 'x-squash-debug' it will: 1. Delay the incoming request. 2. Contact the Squash server and request the creation of a DebugAttachment - On the Squash server side, Squash will attempt to attach a debugger to the application Envoy proxies to. On success, it changes the state of the DebugAttachment to attached. 3. Wait until the Squash server updates the DebugAttachment object's state to attached (or error state) 4. Resume the incoming request ================================================ FILE: docs/root/configuration/http/http_filters/tap_filter.rst ================================================ .. _config_http_filters_tap: Tap === * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.http.tap*. .. attention:: The tap filter is experimental and is currently under active development. There is currently a very limited set of match conditions, output configuration, output sinks, etc. Capabilities will be expanded over time and the configuration structures are likely to change. The HTTP tap filter is used to interpose on and record HTTP traffic. At a high level, the configuration is composed of two pieces: 1. :ref:`Match configuration `: a list of conditions under which the filter will match an HTTP request and begin a tap session. 2. :ref:`Output configuration `: a list of output sinks that the filter will write the matched and tapped data to. Each of these concepts will be covered incrementally over the course of several example configurations in the following section. Example configuration --------------------- Example filter configuration: .. code-block:: yaml name: envoy.filters.http.tap typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.tap.v3.Tap common_config: admin_config: config_id: test_config_id The previous snippet configures the filter for control via the :http:post:`/tap` admin handler. See the following section for more details. .. _config_http_filters_tap_admin_handler: Admin handler ------------- When the HTTP filter specifies an :ref:`admin_config `, it is configured for admin control and the :http:post:`/tap` admin handler will be installed. The admin handler can be used for live tapping and debugging of HTTP traffic. It works as follows: 1. A POST request is used to provide a valid tap configuration. The POST request body can be either the JSON or YAML representation of the :ref:`TapConfig ` message. 2. If the POST request is accepted, Envoy will stream :ref:`HttpBufferedTrace ` messages (serialized to JSON) until the admin request is terminated. An example POST body: .. code-block:: yaml config_id: test_config_id tap_config: match_config: and_match: rules: - http_request_headers_match: headers: - name: foo exact_match: bar - http_response_headers_match: headers: - name: bar exact_match: baz output_config: sinks: - streaming_admin: {} The preceding configuration instructs the tap filter to match any HTTP requests in which a request header ``foo: bar`` is present AND a response header ``bar: baz`` is present. If both of these conditions are met, the request will be tapped and streamed out the admin endpoint. Another example POST body: .. code-block:: yaml config_id: test_config_id tap_config: match_config: or_match: rules: - http_request_headers_match: headers: - name: foo exact_match: bar - http_response_headers_match: headers: - name: bar exact_match: baz output_config: sinks: - streaming_admin: {} The preceding configuration instructs the tap filter to match any HTTP requests in which a request header ``foo: bar`` is present OR a response header ``bar: baz`` is present. If either of these conditions are met, the request will be tapped and streamed out the admin endpoint. Another example POST body: .. code-block:: yaml config_id: test_config_id tap_config: match_config: any_match: true output_config: sinks: - streaming_admin: {} The preceding configuration instructs the tap filter to match any HTTP requests. All requests will be tapped and streamed out the admin endpoint. Another example POST body: .. code-block:: yaml config_id: test_config_id tap_config: match_config: and_match: rules: - http_request_headers_match: headers: - name: foo exact_match: bar - http_request_generic_body_match: patterns: - string_match: test - binary_match: 3q2+7w== bytes_limit: 128 - http_response_generic_body_match: patterns: - binary_match: vu8= bytes_limit: 64 output_config: sinks: - streaming_admin: {} The preceding configuration instructs the tap filter to match any HTTP requests in which a request header ``foo: bar`` is present AND request body contains string ``test`` and hex bytes ``deadbeef`` (``3q2+7w==`` in base64 format) in the first 128 bytes AND response body contains hex bytes ``beef`` (``vu8=`` in base64 format) in the first 64 bytes. If all of these conditions are met, the request will be tapped and streamed out to the admin endpoint. .. attention:: Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified to scan only part of the http body. Output format ------------- Each output sink has an associated :ref:`format `. The default format is :ref:`JSON_BODY_AS_BYTES `. This format is easy to read JSON, but has the downside that body data is base64 encoded. In the case that the tap is known to be on human readable data, the :ref:`JSON_BODY_AS_STRING ` format may be more user friendly. See the reference documentation for more information on other available formats. An example of a streaming admin tap configuration that uses the :ref:`JSON_BODY_AS_STRING ` format: .. code-block:: yaml config_id: test_config_id tap_config: match_config: any_match: true output_config: sinks: - format: JSON_BODY_AS_STRING streaming_admin: {} Buffered body limits -------------------- For buffered taps, Envoy will limit the amount of body data that is tapped to avoid OOM situations. The default limit is 1KiB for both received (request) and transmitted (response) data. This is configurable via the :ref:`max_buffered_rx_bytes ` and :ref:`max_buffered_tx_bytes ` settings. .. _config_http_filters_tap_streaming: Streaming matching ------------------ The tap filter supports "streaming matching." This means that instead of waiting until the end of the request/response sequence, the filter will match incrementally as the request proceeds. I.e., first the request headers will be matched, then the request body if present, then the request trailers if present, then the response headers if present, etc. The filter additionally supports optional streamed output which is governed by the :ref:`streaming ` setting. If this setting is false (the default), Envoy will emit :ref:`fully buffered traces `. Users are likely to find this format easier to interact with for simple cases. In cases where fully buffered traces are not practical (e.g., very large request and responses, long lived streaming APIs, etc.), the streaming setting can be set to true, and Envoy will emit multiple :ref:`streamed trace segments ` for each tap. In this case, it is required that post-processing is performed to stitch all of the trace segments back together into a usable form. Also note that binary protobuf is not a self-delimiting format. If binary protobuf output is desired, the :ref:`PROTO_BINARY_LENGTH_DELIMITED ` output format should be used. An static filter configuration to enable streaming output looks like: .. code-block:: yaml name: envoy.filters.http.tap typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.tap.v3.Tap common_config: static_config: match_config: http_response_headers_match: headers: - name: bar exact_match: baz output_config: streaming: true sinks: - format: PROTO_BINARY_LENGTH_DELIMITED file_per_tap: path_prefix: /tmp/ The previous configuration will match response headers, and as such will buffer request headers, body, and trailers until a match can be determined (buffered data limits still apply as described in the previous section). If a match is determined, buffered data will be flushed in individual trace segments and then the rest of the tap will be streamed as data arrives. The messages output might look like this: .. code-block:: yaml http_streamed_trace_segment: trace_id: 1 request_headers: headers: - key: a value: b .. code-block:: yaml http_streamed_trace_segment: trace_id: 1 request_body_chunk: as_bytes: aGVsbG8= Etc. Statistics ---------- The tap filter outputs statistics in the *http..tap.* namespace. The :ref:`stat prefix ` comes from the owning HTTP connection manager. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 rq_tapped, Counter, Total requests that matched and were tapped ================================================ FILE: docs/root/configuration/http/http_filters/wasm_filter.rst ================================================ .. _config_http_filters_wasm: Wasm ==== * :ref:`v3 API reference ` .. attention:: The Wasm filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. The HTTP Wasm filter is used implement an HTTP filter with a Wasm plugin. Example configuration --------------------- Example filter configuration: .. code-block:: yaml name: envoy.filters.http.wasm typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.wasm.v3.Wasm config: config: name: "my_plugin" vm_config: runtime: "envoy.wasm.runtime.v8" code: local: filename: "/etc/envoy_filter_http_wasm_example.wasm" allow_precompiled: true The preceding snippet configures a filter from a Wasm binary on local disk. ================================================ FILE: docs/root/configuration/listeners/lds.rst ================================================ .. _config_listeners_lds: Listener discovery service (LDS) ================================ The listener discovery service (LDS) is an optional API that Envoy will call to dynamically fetch listeners. Envoy will reconcile the API response and add, modify, or remove known listeners depending on what is required. The semantics of listener updates are as follows: * Every listener must have a unique :ref:`name `. If a name is not provided, Envoy will create a UUID. Listeners that are to be dynamically updated should have a unique name supplied by the management server. * When a listener is added, it will be "warmed" before taking traffic. For example, if the listener references an :ref:`RDS ` configuration, that configuration will be resolved and fetched before the listener is moved to "active." * Listeners are effectively constant once created. Thus, when a listener is updated, an entirely new listener is created (with the same listen socket). This listener goes through the same warming process described above for a newly added listener. * When a listener is updated or removed, the old listener will be placed into a "draining" state much like when the entire server is drained for restart. Connections owned by the listener will be gracefully closed (if possible) for some period of time before the listener is removed and any remaining connections are closed. The drain time is set via the :option:`--drain-time-s` option. .. note:: Any listeners that are statically defined within the Envoy configuration cannot be modified or removed via the LDS API. Configuration ------------- * :ref:`v3 LDS API ` Statistics ---------- LDS has a :ref:`statistics ` tree rooted at *listener_manager.lds.* ================================================ FILE: docs/root/configuration/listeners/listener_filters/http_inspector.rst ================================================ .. _config_listener_filters_http_inspector: HTTP Inspector ============== HTTP Inspector listener filter allows detecting whether the application protocol appears to be HTTP, and if it is HTTP, it detects the HTTP protocol (HTTP/1.x or HTTP/2) further. This can be used to select a :ref:`FilterChain ` via the :ref:`application_protocols ` of a :ref:`FilterChainMatch `. * :ref:`Listener filter v3 API reference ` * This filter should be configured with the name *envoy.filters.listener.http_inspector*. Example ------- A sample filter configuration could be: .. code-block:: yaml listener_filters: - name: "envoy.filters.listener.http_inspector" typed_config: {} Statistics ---------- This filter has a statistics tree rooted at *http_inspector* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 read_error, Counter, Total read errors http10_found, Counter, Total number of times HTTP/1.0 was found http11_found, Counter, Total number of times HTTP/1.1 was found http2_found, Counter, Total number of times HTTP/2 was found http_not_found, Counter, Total number of times HTTP protocol was not found ================================================ FILE: docs/root/configuration/listeners/listener_filters/listener_filters.rst ================================================ .. _config_listener_filters: Listener filters ================ Envoy has the following builtin listener filters. .. toctree:: :maxdepth: 2 http_inspector original_dst_filter original_src_filter proxy_protocol tls_inspector ================================================ FILE: docs/root/configuration/listeners/listener_filters/original_dst_filter.rst ================================================ .. _config_listener_filters_original_dst: Original Destination ==================== Original destination listener filter reads the SO_ORIGINAL_DST socket option set when a connection has been redirected by an iptables REDIRECT target, or by an iptables TPROXY target in combination with setting the listener's :ref:`transparent ` option. Later processing in Envoy sees the restored destination address as the connection's local address, rather than the address at which the listener is listening at. Furthermore, :ref:`an original destination cluster ` may be used to forward HTTP requests or TCP connections to the restored destination address. * :ref:`v2 API reference ` * This filter should be configured with the name *envoy.filters.listener.original_dst*. ================================================ FILE: docs/root/configuration/listeners/listener_filters/original_src_filter.rst ================================================ .. _config_listener_filters_original_src: Original Source =============== * :ref:`Listener filter v3 API reference ` * This filter should be configured with the name *envoy.filters.listener.original_src*. The original source listener filter replicates the downstream remote address of the connection on the upstream side of Envoy. For example, if a downstream connection connects to Envoy with IP address ``10.1.2.3``, then Envoy will connect to the upstream with source IP ``10.1.2.3``. Interaction with Proxy Protocol -------------------------------- If the connection has not had its source address translated or proxied, then Envoy can simply use the existing connection information to build the correct downstream remote address. However, if this is not true, a :ref:`Proxy Protocol filter ` may be used to extract the downstream remote address. IP Version Support ------------------ The filter supports both IPv4 and IPv6 as addresses. Note that the upstream connection must support the version used. Extra Setup ----------- The downstream remote address used will likely be globally routable. By default, packets returning from the upstream host to that address will not route through Envoy. The network must be configured to forcefully route any traffic whose IP was replicated by Envoy back through the Envoy host. If Envoy and the upstream are on the same host -- e.g. in an sidecar deployment --, then iptables and routing rules can be used to ensure correct behaviour. The filter has an unsigned integer configuration, :ref:`mark `. Setting this to *X* causes Envoy to *mark* all upstream packets originating from this listener with value *X*. Note that if :ref:`mark ` is set to 0, Envoy will not mark upstream packets. We can use the following set of commands to ensure that all ipv4 and ipv6 traffic marked with *X* (assumed to be 123 in the example) routes correctly. Note that this example assumes that *eth0* is the default outbound interface. .. code-block:: text iptables -t mangle -I PREROUTING -m mark --mark 123 -j CONNMARK --save-mark iptables -t mangle -I OUTPUT -m connmark --mark 123 -j CONNMARK --restore-mark ip6tables -t mangle -I PREROUTING -m mark --mark 123 -j CONNMARK --save-mark ip6tables -t mangle -I OUTPUT -m connmark --mark 123 -j CONNMARK --restore-mark ip rule add fwmark 123 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 ip -6 rule add fwmark 123 lookup 100 ip -6 route add local ::/0 dev lo table 100 echo 1 > /proc/sys/net/ipv4/conf/eth0/route_localnet Example Listener configuration ------------------------------ The following example configures Envoy to use the original source for all connections made on port 8888. It uses Proxy Protocol to determine the downstream remote address. All upstream packets are marked with 123. .. code-block:: yaml listeners: - address: socket_address: address: 0.0.0.0 port_value: 8888 listener_filters: - name: envoy.filters.listener.proxy_protocol typed_config: "@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol - name: envoy.filters.listener.original_src typed_config: "@type": type.googleapis.com/envoy.extensions.filters.listener.original_src.v3.OriginalSrc mark: 123 ================================================ FILE: docs/root/configuration/listeners/listener_filters/proxy_protocol.rst ================================================ .. _config_listener_filters_proxy_protocol: Proxy Protocol ============== This listener filter adds support for `HAProxy Proxy Protocol `_. In this mode, the downstream connection is assumed to come from a proxy which places the original coordinates (IP, PORT) into a connection-string. Envoy then extracts these and uses them as the remote address. In Proxy Protocol v2 there exists the concept of extensions (TLV) tags that are optional. If the type of the TLV is added to the filter's configuration, the TLV will be emitted as dynamic metadata with user-specified key. This implementation supports both version 1 and version 2, it automatically determines on a per-connection basis which of the two versions is present. Note: if the filter is enabled, the Proxy Protocol must be present on the connection (either version 1 or version 2), the standard does not allow parsing to determine if it is present or not. If there is a protocol error or an unsupported address family (e.g. AF_UNIX) the connection will be closed and an error thrown. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.listener.proxy_protocol*. Statistics ---------- This filter emits the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_proxy_proto_error, Counter, Total proxy protocol errors ================================================ FILE: docs/root/configuration/listeners/listener_filters/tls_inspector.rst ================================================ .. _config_listener_filters_tls_inspector: TLS Inspector ============= TLS Inspector listener filter allows detecting whether the transport appears to be TLS or plaintext, and if it is TLS, it detects the `Server Name Indication `_ and/or `Application-Layer Protocol Negotiation `_ from the client. This can be used to select a :ref:`FilterChain ` via the :ref:`server_names ` and/or :ref:`application_protocols ` of a :ref:`FilterChainMatch `. * :ref:`SNI ` * :ref:`v2 API reference ` * This filter should be configured with the name *envoy.filters.listener.tls_inspector*. Example ------- A sample filter configuration could be: .. code-block:: yaml listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} Statistics ---------- This filter has a statistics tree rooted at *tls_inspector* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 connection_closed, Counter, Total connections closed client_hello_too_large, Counter, Total unreasonably large Client Hello received read_error, Counter, Total read errors tls_found, Counter, Total number of times TLS was found tls_not_found, Counter, Total number of times TLS was not found alpn_found, Counter, Total number of times `Application-Layer Protocol Negotiation `_ was successful alpn_not_found, Counter, Total number of times `Application-Layer Protocol Negotiation `_ has failed sni_found, Counter, Total number of times `Server Name Indication `_ was found sni_not_found, Counter, Total number of times `Server Name Indication `_ was not found ================================================ FILE: docs/root/configuration/listeners/listeners.rst ================================================ .. _config_listeners: Listeners ========= .. toctree:: :maxdepth: 2 overview stats runtime listener_filters/listener_filters network_filters/network_filters udp_filters/udp_filters lds ================================================ FILE: docs/root/configuration/listeners/network_filters/_include/sni-dynamic-forward-proxy-filter.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 listener_filters: - name: envoy.filters.listener.tls_inspector filter_chains: - filters: - name: envoy.filters.network.sni_dynamic_forward_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha.FilterConfig port_value: 443 dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY - name: envoy.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: dynamic_forward_proxy_cluster clusters: - name: dynamic_forward_proxy_cluster connect_timeout: 1s lb_policy: CLUSTER_PROVIDED cluster_type: name: envoy.clusters.dynamic_forward_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY ================================================ FILE: docs/root/configuration/listeners/network_filters/client_ssl_auth_filter.rst ================================================ .. _config_network_filters_client_ssl_auth: Client TLS authentication ========================= * Client TLS authentication filter :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.client_ssl_auth*. .. _config_network_filters_client_ssl_auth_stats: Statistics ---------- Every configured client TLS authentication filter has statistics rooted at *auth.clientssl..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 update_success, Counter, Total principal update successes update_failure, Counter, Total principal update failures auth_no_ssl, Counter, Total connections ignored due to no TLS auth_ip_allowlist, Counter, Total connections allowed due to the IP allowlist auth_digest_match, Counter, Total connections allowed due to certificate match auth_digest_no_match, Counter, Total connections denied due to no certificate match total_principals, Gauge, Total loaded principals .. _config_network_filters_client_ssl_auth_rest_api: REST API -------- .. http:get:: /v1/certs/list/approved The authentication filter will call this API every refresh interval to fetch the current list of approved certificates/principals. The expected JSON response looks like: .. code-block:: json { "certificates": [] } certificates *(required, array)* list of approved certificates/principals. Each certificate object is defined as: .. code-block:: json { "fingerprint_sha256": "...", } fingerprint_sha256 *(required, string)* The SHA256 hash of the approved client certificate. Envoy will match this hash to the presented client certificate to determine whether there is a digest match. ================================================ FILE: docs/root/configuration/listeners/network_filters/direct_response_filter.rst ================================================ .. _config_network_filters_direct_response: Direct response =============== The direct response filter is a trivial network filter used to respond immediately to new downstream connections with an optional canned response. It can be used, for example, as a terminal filter in filter chains to collect telemetry for blocked traffic. This filter should be configured with the name *envoy.filters.network.direct_response*. * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/listeners/network_filters/dubbo_proxy_filter.rst ================================================ .. _config_network_filters_dubbo_proxy: Dubbo proxy ============ The dubbo proxy filter decodes the RPC protocol between dubbo clients and servers. the decoded RPC information is converted to metadata. the metadata includes the basic request ID, request type, serialization type, and the required service name, method name, parameter name, and parameter value for routing. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.dubbo_proxy*. .. _config_network_filters_dubbo_proxy_stats: Statistics ---------- Every configured dubbo proxy filter has statistics rooted at *dubbo..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 request, Counter, Total requests request_twoway, Counter, Total twoway requests request_oneway, Counter, Total oneway requests request_event, Counter, Total event requests request_decoding_error, Counter, Total decoding error requests request_decoding_success, Counter, Total decoding success requests request_active, Gauge, Total active requests response, Counter, Total responses response_success, Counter, Total success responses response_error, Counter, Total responses that protocol parse error response_error_caused_connection_close, Counter, Total responses that caused by the downstream connection close response_business_exception, Counter, Total responses that the protocol contains exception information returned by the business layer response_decoding_error, Counter, Total decoding error responses response_decoding_success, Counter, Total decoding success responses response_error, Counter, Total responses that protocol parse error local_response_success, Counter, Total local responses local_response_error, Counter, Total local responses that encoding error local_response_business_exception, Counter, Total local responses that the protocol contains business exception cx_destroy_local_with_active_rq, Counter, Connections destroyed locally with an active query cx_destroy_remote_with_active_rq, Counter, Connections destroyed remotely with an active query Implement custom filter based on the dubbo proxy filter -------------------------------------------------------- If you want to implement a custom filter based on the dubbo protocol, the dubbo proxy filter like HTTP also provides a very convenient way to expand, the first step is to implement the DecoderFilter interface, and give the filter named, such as testFilter, the second step is to add your configuration, configuration method refer to the following sample .. code-block:: yaml filter_chains: - filters: - name: envoy.filters.network.dubbo_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.dubbo_proxy.v3.DubboProxy stat_prefix: dubbo_incomming_stats protocol_type: Dubbo serialization_type: Hessian2 route_config: name: local_route interface: org.apache.dubbo.demo.DemoService routes: - match: method: name: exact: sayHello route: cluster: user_service_dubbo_server dubbo_filters: - name: envoy.filters.dubbo.testFilter typed_config: "@type": type.googleapis.com/google.protobuf.Struct value: name: test_service - name: envoy.filters.dubbo.router ================================================ FILE: docs/root/configuration/listeners/network_filters/echo_filter.rst ================================================ .. _config_network_filters_echo: Echo ==== The echo is a trivial network filter mainly meant to demonstrate the network filter API. If installed it will echo (write) all received data back to the connected downstream client. This filter should be configured with the name *envoy.filters.network.echo*. * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/listeners/network_filters/ext_authz_filter.rst ================================================ .. _config_network_filters_ext_authz: External Authorization ====================== * External authorization :ref:`architecture overview ` * :ref:`Network filter v3 API reference ` * This filter should be configured with the name *envoy.filters.network.ext_authz*. The external authorization network filter calls an external authorization service to check if the incoming request is authorized or not. If the request is deemed unauthorized by the network filter then the connection will be closed. .. tip:: It is recommended that this filter is configured first in the filter chain so that requests are authorized prior to rest of the filters processing the request. The content of the request that are passed to an authorization service is specified by :ref:`CheckRequest `. .. _config_network_filters_ext_authz_network_configuration: The network filter, gRPC service, can be configured as follows. You can see all the configuration options at :ref:`Network filter `. Example ------- A sample filter configuration could be: .. code-block:: yaml filters: - name: envoy.filters.network.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.ext_authz.v3.ExtAuthz stat_prefix: ext_authz grpc_service: envoy_grpc: cluster_name: ext-authz include_peer_certificate: true clusters: - name: ext-authz type: static http2_protocol_options: {} load_assignment: cluster_name: ext-authz endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 10003 Statistics ---------- The network filter outputs statistics in the *config.ext_authz.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 total, Counter, Total responses from the filter. error, Counter, Total errors contacting the external service. denied, Counter, Total responses from the authorizations service that were to deny the traffic. disabled, Counter, Total requests that are allowed without calling external services due to the filter is disabled. failure_mode_allowed, Counter, "Total requests that were error(s) but were allowed through because of failure_mode_allow set to true." ok, Counter, Total responses from the authorization service that were to allow the traffic. cx_closed, Counter, Total connections that were closed. active, Gauge, Total currently active requests in transit to the authorization service. Dynamic Metadata ---------------- .. _config_network_filters_ext_authz_dynamic_metadata: The External Authorization filter emits dynamic metadata as an opaque ``google.protobuf.Struct`` *only* when the gRPC authorization server returns a :ref:`CheckResponse ` with a filled :ref:`dynamic_metadata ` field. ================================================ FILE: docs/root/configuration/listeners/network_filters/kafka_broker_filter.rst ================================================ .. _config_network_filters_kafka_broker: Kafka Broker filter =================== The Apache Kafka broker filter decodes the client protocol for `Apache Kafka `_, both the requests and responses in the payload. The message versions in `Kafka 2.4.0 `_ are supported. The filter attempts not to influence the communication between client and brokers, so the messages that could not be decoded (due to Kafka client or broker running a newer version than supported by this filter) are forwarded as-is. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.kafka_broker*. .. attention:: The kafka_broker filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. .. _config_network_filters_kafka_broker_config: Configuration ------------- The Kafka Broker filter should be chained with the TCP proxy filter as shown in the configuration snippet below: .. code-block:: yaml listeners: - address: socket_address: address: 127.0.0.1 # Host that Kafka clients should connect to. port_value: 19092 # Port that Kafka clients should connect to. filter_chains: - filters: - name: envoy.filters.network.kafka_broker typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.kafka_broker.v3.KafkaBroker stat_prefix: exampleprefix - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: localkafka clusters: - name: localkafka connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 # Kafka broker's host port_value: 9092 # Kafka broker's port. The Kafka broker needs to advertise the Envoy listener port instead of its own. .. code-block:: text # Listener value needs to be equal to cluster value in Envoy config # (will receive payloads from Envoy). listeners=PLAINTEXT://127.0.0.1:9092 # Advertised listener value needs to be equal to Envoy's listener # (will make clients discovering this broker talk to it through Envoy). advertised.listeners=PLAINTEXT://127.0.0.1:19092 .. _config_network_filters_kafka_broker_stats: Statistics ---------- Every configured Kafka Broker filter has statistics rooted at *kafka..*, with multiple statistics per message type. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 request.TYPE, Counter, Number of times a request of particular type was received from Kafka client request.unknown, Counter, Number of times a request with format not recognized by this filter was received request.failure, Counter, Number of times a request with invalid format was received or other processing exception occurred response.TYPE, Counter, Number of times a response of particular type was received from Kafka broker response.TYPE_duration, Histogram, Response generation time in milliseconds response.unknown, Counter, Number of times a response with format not recognized by this filter was received response.failure, Counter, Number of times a response with invalid format was received or other processing exception occurred ================================================ FILE: docs/root/configuration/listeners/network_filters/local_rate_limit_filter.rst ================================================ .. _config_network_filters_local_rate_limit: Local rate limit ================ * Local rate limiting :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.local_ratelimit*. .. note:: Global rate limiting is also supported via the :ref:`global rate limit filter `. Overview -------- The local rate limit filter applies a :ref:`token bucket ` rate limit to incoming connections that are processed by the filter's filter chain. Each connection processed by the filter utilizes a single token, and if no tokens are available, the connection will be immediately closed without further filter iteration. .. note:: In the current implementation each filter and filter chain has an independent rate limit. .. _config_network_filters_local_rate_limit_stats: Statistics ---------- Every configured local rate limit filter has statistics rooted at *local_ratelimit..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 rate_limited, Counter, Total connections that have been closed due to rate limit exceeded Runtime ------- The local rate limit filter can be runtime feature flagged via the :ref:`enabled ` configuration field. ================================================ FILE: docs/root/configuration/listeners/network_filters/mongo_proxy_filter.rst ================================================ .. _config_network_filters_mongo_proxy: Mongo proxy =========== * MongoDB :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.mongo_proxy*. .. _config_network_filters_mongo_proxy_fault_injection: Fault injection --------------- The Mongo proxy filter supports fault injection. See the v3 API reference for how to configure. .. _config_network_filters_mongo_proxy_stats: Statistics ---------- Every configured MongoDB proxy filter has statistics rooted at *mongo..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 decoding_error, Counter, Number of MongoDB protocol decoding errors delay_injected, Counter, Number of times the delay is injected op_get_more, Counter, Number of OP_GET_MORE messages op_insert, Counter, Number of OP_INSERT messages op_kill_cursors, Counter, Number of OP_KILL_CURSORS messages op_query, Counter, Number of OP_QUERY messages op_query_tailable_cursor, Counter, Number of OP_QUERY with tailable cursor flag set op_query_no_cursor_timeout, Counter, Number of OP_QUERY with no cursor timeout flag set op_query_await_data, Counter, Number of OP_QUERY with await data flag set op_query_exhaust, Counter, Number of OP_QUERY with exhaust flag set op_query_no_max_time, Counter, Number of queries without maxTimeMS set op_query_scatter_get, Counter, Number of scatter get queries op_query_multi_get, Counter, Number of multi get queries op_query_active, Gauge, Number of active queries op_reply, Counter, Number of OP_REPLY messages op_reply_cursor_not_found, Counter, Number of OP_REPLY with cursor not found flag set op_reply_query_failure, Counter, Number of OP_REPLY with query failure flag set op_reply_valid_cursor, Counter, Number of OP_REPLY with a valid cursor cx_destroy_local_with_active_rq, Counter, Connections destroyed locally with an active query cx_destroy_remote_with_active_rq, Counter, Connections destroyed remotely with an active query cx_drain_close, Counter, Connections gracefully closed on reply boundaries during server drain Scatter gets ^^^^^^^^^^^^ Envoy defines a *scatter get* as any query that does not use an *_id* field as a query parameter. Envoy looks in both the top level document as well as within a *$query* field for *_id*. Multi gets ^^^^^^^^^^ Envoy defines a *multi get* as any query that does use an *_id* field as a query parameter, but where *_id* is not a scalar value (i.e., a document or an array). Envoy looks in both the top level document as well as within a *$query* field for *_id*. .. _config_network_filters_mongo_proxy_comment_parsing: $comment parsing ^^^^^^^^^^^^^^^^ If a query has a top level *$comment* field (typically in addition to a *$query* field), Envoy will parse it as JSON and look for the following structure: .. code-block:: json { "callingFunction": "..." } callingFunction *(required, string)* the function that made the query. If available, the function will be used in :ref:`callsite ` query statistics. Per command statistics ^^^^^^^^^^^^^^^^^^^^^^ The MongoDB filter will gather statistics for commands in the *mongo..cmd..* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 total, Counter, Number of commands reply_num_docs, Histogram, Number of documents in reply reply_size, Histogram, Size of the reply in bytes reply_time_ms, Histogram, Command time in milliseconds .. _config_network_filters_mongo_proxy_collection_stats: Per collection query statistics ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The MongoDB filter will gather statistics for queries in the *mongo..collection..query.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 total, Counter, Number of queries scatter_get, Counter, Number of scatter gets multi_get, Counter, Number of multi gets reply_num_docs, Histogram, Number of documents in reply reply_size, Histogram, Size of the reply in bytes reply_time_ms, Histogram, Query time in milliseconds .. _config_network_filters_mongo_proxy_callsite_stats: Per collection and callsite query statistics ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If the application provides the :ref:`calling function ` in the *$comment* field, Envoy will generate per callsite statistics. These statistics match the :ref:`per collection statistics ` but are found in the *mongo..collection..callsite..query.* namespace. .. _config_network_filters_mongo_proxy_runtime: Runtime ------- The Mongo proxy filter supports the following runtime settings: mongo.connection_logging_enabled % of connections that will have logging enabled. Defaults to 100. This allows only a % of connections to have logging, but for all messages on those connections to be logged. mongo.proxy_enabled % of connections that will have the proxy enabled at all. Defaults to 100. mongo.logging_enabled % of messages that will be logged. Defaults to 100. If less than 100, queries may be logged without replies, etc. mongo.mongo.drain_close_enabled % of connections that will be drain closed if the server is draining and would otherwise attempt a drain close. Defaults to 100. mongo.fault.fixed_delay.percent Probability of an eligible MongoDB operation to be affected by the injected fault when there is no active fault. Defaults to the *percentage* specified in the config. mongo.fault.fixed_delay.duration_ms The delay duration in milliseconds. Defaults to the *duration_ms* specified in the config. Access log format ----------------- The access log format is not customizable and has the following layout: .. code-block:: json {"time": "...", "message": "...", "upstream_host": "..."} time System time that complete message was parsed, including milliseconds. message Textual expansion of the message. Whether the message is fully expanded depends on the context. Sometimes summary data is presented to avoid extremely large log sizes. upstream_host The upstream host that the connection is proxying to, if available. This is populated if the filter is used along with the :ref:`TCP proxy filter `. .. _config_network_filters_mongo_proxy_dynamic_metadata: Dynamic Metadata ---------------- The Mongo filter emits the following dynamic metadata when enabled via the :ref:`configuration `. This dynamic metadata is available as key-value pairs where the key represents the database and the collection being accessed, and the value is a list of operations performed on the collection. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 key, string, The resource name in *db.collection* format. value, array, A list of strings representing the operations executed on the resource (insert/update/query/delete). ================================================ FILE: docs/root/configuration/listeners/network_filters/mysql_proxy_filter.rst ================================================ .. _config_network_filters_mysql_proxy: MySQL proxy =========== The MySQL proxy filter decodes the wire protocol between the MySQL client and server. It decodes the SQL queries in the payload (SQL99 format only). The decoded info is emitted as dynamic metadata that can be combined with access log filters to get detailed information on tables accessed as well as operations performed on each table. .. attention:: The mysql_proxy filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. .. warning:: The mysql_proxy filter was tested with MySQL v5.5. The filter may not work with other versions of MySQL due to differences in the protocol implementation. .. _config_network_filters_mysql_proxy_config: Configuration ------------- The MySQL proxy filter should be chained with the TCP proxy filter as shown in the configuration snippet below: .. code-block:: yaml filter_chains: - filters: - name: envoy.filters.network.mysql_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.mysql_proxy.v3.MySQLProxy stat_prefix: mysql - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: ... .. _config_network_filters_mysql_proxy_stats: Statistics ---------- Every configured MySQL proxy filter has statistics rooted at *mysql..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 auth_switch_request, Counter, Number of times the upstream server requested clients to switch to a different authentication method decoder_errors, Counter, Number of MySQL protocol decoding errors login_attempts, Counter, Number of login attempts login_failures, Counter, Number of login failures protocol_errors, Counter, Number of out of sequence protocol messages encountered in a session queries_parse_error, Counter, Number of MySQL queries parsed with errors queries_parsed, Counter, Number of MySQL queries successfully parsed sessions, Counter, Number of MySQL sessions since start upgraded_to_ssl, Counter, Number of sessions/connections that were upgraded to SSL .. _config_network_filters_mysql_proxy_dynamic_metadata: Dynamic Metadata ---------------- The MySQL filter emits the following dynamic metadata for each SQL query parsed: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 , string, The resource name in *table.db* format. The resource name defaults to the table being accessed if the database cannot be inferred. [], list, A list of strings representing the operations executed on the resource. Operations can be one of insert/update/select/drop/delete/create/alter/show. .. _config_network_filters_mysql_proxy_rbac: RBAC Enforcement on Table Accesses ---------------------------------- The dynamic metadata emitted by the MySQL filter can be used in conjunction with the RBAC filter to control accesses to individual tables in a database. The following configuration snippet shows an example RBAC filter configuration that denies SQL queries with _update_ statements to the _catalog_ table in the _productdb_ database. .. code-block:: yaml filter_chains: - filters: - name: envoy.filters.network.mysql_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.mysql_proxy.v3.MySQLProxy stat_prefix: mysql - name: envoy.filters.network.rbac typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.rbac.v3.RBAC stat_prefix: rbac rules: action: DENY policies: "product-viewer": permissions: - metadata: filter: envoy.filters.network.mysql_proxy path: - key: catalog.productdb value: list_match: one_of: string_match: exact: update principals: - any: true - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: mysql ================================================ FILE: docs/root/configuration/listeners/network_filters/network_filters.rst ================================================ .. _config_network_filters: Network filters =============== In addition to the :ref:`HTTP connection manager ` which is large enough to have its own section in the configuration guide, Envoy has the follow builtin network filters. .. toctree:: :maxdepth: 2 dubbo_proxy_filter client_ssl_auth_filter echo_filter direct_response_filter ext_authz_filter kafka_broker_filter local_rate_limit_filter mongo_proxy_filter mysql_proxy_filter postgres_proxy_filter rate_limit_filter rbac_filter redis_proxy_filter rocketmq_proxy_filter tcp_proxy_filter thrift_proxy_filter sni_cluster_filter sni_dynamic_forward_proxy_filter wasm_filter zookeeper_proxy_filter ================================================ FILE: docs/root/configuration/listeners/network_filters/postgres_proxy_filter.rst ================================================ .. _config_network_filters_postgres_proxy: Postgres proxy ================ The Postgres proxy filter decodes the wire protocol between a Postgres client (downstream) and a Postgres server (upstream). The decoded information is used to produce Postgres level statistics like sessions, statements or transactions executed, among others. The Postgres proxy filter parses SQL queries carried in ``Query`` and ``Parse`` messages. When SQL query has been parsed successfully, the :ref:`metadata ` is created, which may be used by other filters like :ref:`RBAC `. When the Postgres filter detects that a session is encrypted, the messages are ignored and no decoding takes place. More information: * Postgres :ref:`architecture overview ` .. attention:: The `postgres_proxy` filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. .. warning:: The `postgreql_proxy` filter was tested only with `Postgres frontend/backend protocol version 3.0`_, which was introduced in Postgres 7.4. Earlier versions are thus not supported. Testing is limited anyway to not EOL-ed versions. .. _Postgres frontend/backend protocol version 3.0: https://www.postgresql.org/docs/current/protocol.html Configuration ------------- The Postgres proxy filter should be chained with the TCP proxy as shown in the configuration example below: .. code-block:: yaml filter_chains: - filters: - name: envoy.filters.network.postgres_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy stat_prefix: postgres - name: envoy.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: postgres_cluster .. _config_network_filters_postgres_proxy_stats: Statistics ---------- Every configured Postgres proxy filter has statistics rooted at postgres. with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 2, 1, 2 errors, Counter, Number of times the server replied with ERROR message errors_error, Counter, Number of times the server replied with ERROR message with ERROR severity errors_fatal, Counter, Number of times the server replied with ERROR message with FATAL severity errors_panic, Counter, Number of times the server replied with ERROR message with PANIC severity errors_unknown, Counter, Number of times the server replied with ERROR message but the decoder could not parse it messages, Counter, Total number of messages processed by the filter messages_backend, Counter, Total number of backend messages detected by the filter messages_frontend, Counter, Number of frontend messages detected by the filter messages_unknown, Counter, Number of times the filter successfully decoded a message but did not know what to do with it sessions, Counter, Total number of successful logins sessions_encrypted, Counter, Number of times the filter detected encrypted sessions sessions_unencrypted, Counter, Number of messages indicating unencrypted successful login statements, Counter, Total number of SQL statements statements_delete, Counter, Number of DELETE statements statements_insert, Counter, Number of INSERT statements statements_select, Counter, Number of SELECT statements statements_update, Counter, Number of UPDATE statements statements_other, Counter, "Number of statements other than DELETE, INSERT, SELECT or UPDATE" statements_parsed, Counter, Number of SQL queries parsed successfully statements_parse_error, Counter, Number of SQL queries not parsed successfully transactions, Counter, Total number of SQL transactions transactions_commit, Counter, Number of COMMIT transactions transactions_rollback, Counter, Number of ROLLBACK transactions notices, Counter, Total number of NOTICE messages notices_notice, Counter, Number of NOTICE messages with NOTICE subtype notices_log, Counter, Number of NOTICE messages with LOG subtype notices_warning, Counter, Number ofr NOTICE messags with WARNING severity notices_debug, Counter, Number of NOTICE messages with DEBUG severity notices_info, Counter, Number of NOTICE messages with INFO severity notices_unknown, Counter, Number of NOTICE messages which could not be recognized .. _config_network_filters_postgres_proxy_dynamic_metadata: Dynamic Metadata ---------------- The Postgres filter emits Dynamic Metadata based on SQL statements carried in ``Query`` and ``Parse`` messages. ``statements_parsed`` statistics Counter tracks how many times SQL statement was parsed successfully and metadata was created. The metadata is emitted in the following format: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 , string, The resource name in *table.db* format. [], list, A list of strings representing the operations executed on the resource. Operations can be one of insert/update/select/drop/delete/create/alter/show. .. attention:: Currently used parser does not successfully parse all SQL statements and it cannot be assumed that all SQL queries will successfully produce Dynamic Metadata. Creating Dynamic Metadata from SQL queries is on best-effort basis at the moment. If parsing of an SQL query fails, ``statements_parse_error`` counter is increased, log message is created, Dynamic Metadata is not produced, but the Postgres message is still forwarded to upstream Postgres server. Parsing SQL statements and emitting Dynamic Metadata can be disabled by setting :ref:`enable_sql_parsing` to false. ================================================ FILE: docs/root/configuration/listeners/network_filters/rate_limit_filter.rst ================================================ .. _config_network_filters_rate_limit: Rate limit ========== * Global rate limiting :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.ratelimit*. .. note:: Local rate limiting is also supported via the :ref:`local rate limit filter `. .. _config_network_filters_rate_limit_stats: Statistics ---------- Every configured rate limit filter has statistics rooted at *ratelimit..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 total, Counter, Total requests to the rate limit service error, Counter, Total errors contacting the rate limit service over_limit, Counter, Total over limit responses from the rate limit service ok, Counter, Total under limit responses from the rate limit service cx_closed, Counter, Total connections closed due to an over limit response from the rate limit service active, Gauge, Total active requests to the rate limit service failure_mode_allowed, Counter, "Total requests that were error(s) but were allowed through because of :ref:`failure_mode_deny ` set to false." Runtime ------- The network rate limit filter supports the following runtime settings: ratelimit.tcp_filter_enabled % of connections that will call the rate limit service. Defaults to 100. ratelimit.tcp_filter_enforcing % of connections that will call the rate limit service and enforce the decision. Defaults to 100. This can be used to test what would happen before fully enforcing the outcome. ================================================ FILE: docs/root/configuration/listeners/network_filters/rbac_filter.rst ================================================ .. _config_network_filters_rbac: Role Based Access Control (RBAC) Network Filter =============================================== The RBAC network filter is used to authorize actions (permissions) by identified downstream clients (principals). This is useful to explicitly manage callers to an application and protect it from unexpected or forbidden agents. The filter supports configuration with either a safe-list (ALLOW) or block-list (DENY) set of policies based on properties of the connection (IPs, ports, SSL subject). This filter also supports policy in both enforcement and shadow modes. Shadow mode won't effect real users, it is used to test that a new set of policies work before rolling out to production. When a request is denied, the :ref:`CONNECTION_TERMINATION_DETAILS` will include the name of the matched policy that caused the deny in the format of `rbac_access_denied_matched_policy[policy_name]` (policy_name will be `none` if no policy matched), this helps to distinguish the deny from Envoy RBAC filter and the upstream backend. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.rbac*. Statistics ---------- The RBAC network filter outputs statistics in the *.rbac.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 allowed, Counter, Total requests that were allowed access denied, Counter, Total requests that were denied access shadow_allowed, Counter, Total requests that would be allowed access by the filter's shadow rules shadow_denied, Counter, Total requests that would be denied access by the filter's shadow rules logged, Counter, Total requests that should be logged not_logged, Counter, Total requests that should not be logged .. _config_network_filters_rbac_dynamic_metadata: Dynamic Metadata ---------------- The RBAC filter emits the following dynamic metadata. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 shadow_effective_policy_id, string, The effective shadow policy ID matching the action (if any). shadow_engine_result, string, The engine result for the shadow rules (i.e. either `allowed` or `denied`). access_log_hint, boolean, Whether the request should be logged. This metadata is shared and set under the key namespace 'envoy.common' (See :ref:`Shared Dynamic Metadata`). ================================================ FILE: docs/root/configuration/listeners/network_filters/redis_proxy_filter.rst ================================================ .. _config_network_filters_redis_proxy: Redis proxy =========== * Redis :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.redis_proxy*. .. _config_network_filters_redis_proxy_stats: Statistics ---------- Every configured Redis proxy filter has statistics rooted at *redis..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_active, Gauge, Total active connections downstream_cx_protocol_error, Counter, Total protocol errors downstream_cx_rx_bytes_buffered, Gauge, Total received bytes currently buffered downstream_cx_rx_bytes_total, Counter, Total bytes received downstream_cx_total, Counter, Total connections downstream_cx_tx_bytes_buffered, Gauge, Total sent bytes currently buffered downstream_cx_tx_bytes_total, Counter, Total bytes sent downstream_cx_drain_close, Counter, Number of connections closed due to draining downstream_rq_active, Gauge, Total active requests downstream_rq_total, Counter, Total requests Splitter statistics ------------------- The Redis filter will gather statistics for the command splitter in the *redis..splitter.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 invalid_request, Counter, Number of requests with an incorrect number of arguments unsupported_command, Counter, Number of commands issued which are not recognized by the command splitter Per command statistics ---------------------- The Redis filter will gather statistics for commands in the *redis..command..* namespace. By default latency stats are in milliseconds and can be changed to microseconds by setting the configuration parameter :ref:`latency_in_micros ` to true. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 total, Counter, Number of commands success, Counter, Number of commands that were successful error, Counter, Number of commands that returned a partial or complete error response latency, Histogram, Command execution time in milliseconds (including delay faults) error_fault, Counter, Number of commands that had an error fault injected delay_fault, Counter, Number of commands that had a delay fault injected .. _config_network_filters_redis_proxy_per_command_stats: Runtime ------- The Redis proxy filter supports the following runtime settings: redis.drain_close_enabled % of connections that will be drain closed if the server is draining and would otherwise attempt a drain close. Defaults to 100. .. _config_network_filters_redis_proxy_fault_injection: Fault Injection --------------- The Redis filter can perform fault injection. Currently, Delay and Error faults are supported. Delay faults delay a request, and Error faults respond with an error. Moreover, errors can be delayed. Note that the Redis filter does not check for correctness in your configuration - it is the user's responsibility to make sure both the default and runtime percentages are correct! This is because percentages can be changed during runtime, and validating correctness at request time is expensive. If multiple faults are specified, the fault injection percentage should not exceed 100% for a given fault and Redis command combination. For example, if two faults are specified; one applying to GET at 60 %, and one applying to all commands at 50%, that is a bad configuration as GET now has 110% chance of applying a fault. This means that every request will have a fault. If a delay is injected, the delay is additive - if the request took 400ms and a delay of 100ms is injected, then the total request latency is 500ms. Also, due to implementation of the redis protocol, a delayed request will delay everything that comes in after it, due to the proxy's need to respect the order of commands it receives. Note that faults must have a `fault_enabled` field, and are not enabled by default (if no default value or runtime key are set). Example configuration: .. code-block:: yaml faults: - fault_type: ERROR fault_enabled: default_value: numerator: 10 denominator: HUNDRED runtime_key: "bogus_key" commands: - GET - fault_type: DELAY fault_enabled: default_value: numerator: 10 denominator: HUNDRED runtime_key: "bogus_key" delay: 2s This creates two faults- an error, applying only to GET commands at 10%, and a delay, applying to all commands at 10%. This means that 20% of GET commands will have a fault applied, as discussed earlier. ================================================ FILE: docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst ================================================ .. _config_network_filters_rocketmq_proxy: RocketMQ proxy ============== Apache RocketMQ is a distributed messaging system, which is composed of four types of roles: producer, consumer, name server and broker server. The former two are embedded into user application in form of SDK; whilst the latter are standalone servers. A message in RocketMQ carries a topic as its destination and optionally one or more tags as application specific labels. Producers are used to send messages to brokers according to their topics. Similar to many distributed systems, producers need to know how to connect to these serving brokers. To achieve this goal, RocketMQ provides name server clusters for producers to lookup. Namely, when producers attempts to send messages with a new topic, it first tries to lookup the addresses(called route info) of brokers that serve the topic from name servers. Once producers get the route info of the topic, they actively cache them in memory and renew them periodically thereafter. This mechanism, though simple, effectively keeps service availability high without demanding availability of name server service. Brokers provides messaging service to end users. In addition to various messaging services, they also periodically report health status and route info of topics currently served to name servers. Major role of the name server is to serve querying of route info for a topic. Additionally, it also purges route info entries once the belonging brokers fail to report their health info for a configured period of time. This ensures clients almost always connect to brokers that are online and ready to serve. Consumers are used by application to pull message from brokers. They perform similar heartbeats to maintain alive status. RocketMQ brokers support two message-fetch approaches: long-pulling and pop. Using the first approach, consumers have to implement load-balancing algorithm. The pop approach, in the perspective of consumers, is stateless. Envoy RocketMQ filter proxies requests and responses between producers/consumer and brokers. Various statistical items are collected to enhance observability. At present, pop-based message fetching is implemented. Long-pulling will be implemented in the next pull request. .. _config_network_filters_rocketmq_proxy_stats: Statistics ---------- Every configured rocketmq proxy filter has statistics rooted at *rocketmq..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 request, Counter, Total requests request_decoding_error, Counter, Total decoding error requests request_decoding_success, Counter, Total decoding success requests response, Counter, Total responses response_decoding_error, Counter, Total decoding error responses response_decoding_success, Counter, Total decoding success responses response_error, Counter, Total error responses response_success, Counter, Total success responses heartbeat, Counter, Total heartbeat requests unregister, Counter, Total unregister requests get_topic_route, Counter, Total getting topic route requests send_message_v1, Counter, Total sending message v1 requests send_message_v2, Counter, Total sending message v2 requests pop_message, Counter, Total poping message requests ack_message, Counter, Total acking message requests get_consumer_list, Counter, Total getting consumer list requests maintenance_failure, Counter, Total maintenance failure request_active, Gauge, Total active requests send_message_v1_active, Gauge, Total active sending message v1 requests send_message_v2_active, Gauge, Total active sending message v2 requests pop_message_active, Gauge, Total active poping message active requests get_topic_route_active, Gauge, Total active geting topic route requests send_message_pending, Gauge, Total pending sending message requests pop_message_pending, Gauge, Total pending poping message requests get_topic_route_pending, Gauge, Total pending geting topic route requests total_pending, Gauge, Total pending requests request_time_ms, Histogram, Request time in milliseconds ================================================ FILE: docs/root/configuration/listeners/network_filters/sni_cluster_filter.rst ================================================ .. _config_network_filters_sni_cluster: Upstream Cluster from SNI ========================= The `sni_cluster` is a network filter that uses the SNI value in a TLS connection as the upstream cluster name. The filter will not modify the upstream cluster for non-TLS connections. This filter should be configured with the name *envoy.filters.network.sni_cluster*. This filter has no configuration. It must be installed before the :ref:`tcp_proxy ` filter. * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/listeners/network_filters/sni_dynamic_forward_proxy_filter.rst ================================================ .. _config_network_filters_sni_dynamic_forward_proxy: SNI dynamic forward proxy ========================= .. attention:: SNI dynamic forward proxy support should be considered alpha and not production ready. Through the combination of :ref:`TLS inspector ` listener filter, this network filter and the :ref:`dynamic forward proxy cluster `, Envoy supports SNI based dynamic forward proxy. The implementation works just like the :ref:`HTTP dynamic forward proxy `, but using the value in SNI as target host instead. The following is a complete configuration that configures both this filter as well as the :ref:`dynamic forward proxy cluster `. Both filter and cluster must be configured together and point to the same DNS cache parameters for Envoy to operate as an SNI dynamic forward proxy. .. note:: The following config doesn't terminate TLS in listener, so there is no need to configure TLS context in cluster. The TLS handshake is passed through by Envoy. .. literalinclude:: _include/sni-dynamic-forward-proxy-filter.yaml :language: yaml ================================================ FILE: docs/root/configuration/listeners/network_filters/tcp_proxy_filter.rst ================================================ .. _config_network_filters_tcp_proxy: TCP proxy ========= * TCP proxy :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.tcp_proxy*. .. _config_network_filters_tcp_proxy_dynamic_cluster: Dynamic cluster selection ------------------------- The upstream cluster used by the TCP proxy filter can be dynamically set by other network filters on a per-connection basis by setting a per-connection state object under the key `envoy.tcp_proxy.cluster`. See the implementation for the details. .. _config_network_filters_tcp_proxy_subset_lb: Routing to a subset of hosts ---------------------------- TCP proxy can be configured to route to a subset of hosts within an upstream cluster. To define metadata that a suitable upstream host must match, use one of the following fields: #. Use :ref:`TcpProxy.metadata_match` to define required metadata for a single upstream cluster. #. Use :ref:`ClusterWeight.metadata_match` to define required metadata for a weighted upstream cluster. #. Use combination of :ref:`TcpProxy.metadata_match` and :ref:`ClusterWeight.metadata_match` to define required metadata for a weighted upstream cluster (metadata from the latter will be merged on top of the former). In addition, dynamic metadata can be set by earlier network filters on the `StreamInfo`. Setting the dynamic metadata must happen before `onNewConnection()` is called on the `TcpProxy` filter to affect load balancing. .. _config_network_filters_tcp_proxy_stats: Statistics ---------- The TCP proxy filter emits both its own downstream statistics as well as many of the :ref:`cluster upstream statistics ` where applicable. The downstream statistics are rooted at *tcp..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_total, Counter, Total number of connections handled by the filter downstream_cx_no_route, Counter, Number of connections for which no matching route was found or the cluster for the route was not found downstream_cx_tx_bytes_total, Counter, Total bytes written to the downstream connection downstream_cx_tx_bytes_buffered, Gauge, Total bytes currently buffered to the downstream connection downstream_cx_rx_bytes_total, Counter, Total bytes read from the downstream connection downstream_cx_rx_bytes_buffered, Gauge, Total bytes currently buffered from the downstream connection downstream_flow_control_paused_reading_total, Counter, Total number of times flow control paused reading from downstream downstream_flow_control_resumed_reading_total, Counter, Total number of times flow control resumed reading from downstream idle_timeout, Counter, Total number of connections closed due to idle timeout max_downstream_connection_duration, Counter, Total number of connections closed due to max_downstream_connection_duration timeout upstream_flush_total, Counter, Total number of connections that continued to flush upstream data after the downstream connection was closed upstream_flush_active, Gauge, Total connections currently continuing to flush upstream data after the downstream connection was closed ================================================ FILE: docs/root/configuration/listeners/network_filters/thrift_proxy_filter.rst ================================================ .. _config_network_filters_thrift_proxy: Thrift proxy ============ * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.network.thrift_proxy*. Cluster Protocol Options ------------------------ Thrift connections to upstream hosts can be configured by adding an entry to the appropriate Cluster's :ref:`extension_protocol_options` keyed by `envoy.filters.network.thrift_proxy`. The :ref:`ThriftProtocolOptions` message describes the available options. Thrift Request Metadata ----------------------- The :ref:`HEADER transport` and :ref:`TWITTER protocol` support metadata. In particular, the `Header transport `_ supports informational key/value pairs and the Twitter protocol transmits `tracing and request context data `_. Header Transport Metadata ~~~~~~~~~~~~~~~~~~~~~~~~~ Header transport key/value pairs are available for routing as :ref:`headers `. Twitter Protocol Metadata ~~~~~~~~~~~~~~~~~~~~~~~~~ Twitter protocol request contexts are converted into headers which are available for routing as :ref:`headers `. In addition, the following fields are presented as headers: Client Identifier The ClientId's `name` field (nested in the RequestHeader `client_id` field) becomes the `:client-id` header. Destination The RequestHeader `dest` field becomes the `:dest` header. Delegations Each Delegation from the RequestHeader `delegations` field is added as a header. The header name is the prefix `:d:` followed by the Delegation's `src`. The value is the Delegation's `dst` field. Metadata Interoperability ~~~~~~~~~~~~~~~~~~~~~~~~~ Request metadata that is available for routing (see above) is automatically converted between wire formats when translation between downstream and upstream connections occurs. Twitter protocol request contexts, client id, destination, and delegations are therefore presented as Header transport key/value pairs, named as above. Similarly, Header transport key/value pairs are presented as Twitter protocol RequestContext values, unless they match the special names described above. For instance, a downstream Header transport request with the info key ":client-id" is translated to an upstream Twitter protocol request with a ClientId value. ================================================ FILE: docs/root/configuration/listeners/network_filters/wasm_filter.rst ================================================ .. _config_network_filters_wasm: Wasm Network Filter =============================================== * :ref:`v3 API reference ` .. attention:: The Wasm filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. The Wasm network filter is used to implement a network filter with a Wasm plugin. Example configuration --------------------- Example filter configuration: .. code-block:: yaml name: envoy.filters.network.wasm typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.wasm.v3.Wasm config: config: name: "my_plugin" vm_config: runtime: "envoy.wasm.runtime.v8" code: local: filename: "/etc/envoy_filter_http_wasm_example.wasm" allow_precompiled: true The preceding snippet configures a filter from a Wasm binary on local disk. ================================================ FILE: docs/root/configuration/listeners/network_filters/zookeeper_proxy_filter.rst ================================================ .. _config_network_filters_zookeeper_proxy: ZooKeeper proxy =============== The ZooKeeper proxy filter decodes the client protocol for `Apache ZooKeeper `_. It decodes the requests, responses and events in the payload. Most opcodes known in `ZooKeeper 3.5 `_ are supported. The unsupported ones are related to SASL authentication. .. attention:: The zookeeper_proxy filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. .. _config_network_filters_zookeeper_proxy_config: Configuration ------------- The ZooKeeper proxy filter should be chained with the TCP proxy filter as shown in the configuration snippet below: .. code-block:: yaml filter_chains: - filters: - name: envoy.filters.network.zookeeper_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.zookeeper_proxy.v3.ZooKeeperProxy stat_prefix: zookeeper - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy stat_prefix: tcp cluster: ... .. _config_network_filters_zookeeper_proxy_stats: Statistics ---------- Every configured ZooKeeper proxy filter has statistics rooted at *.zookeeper.*. The following counters are available: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 decoder_error, Counter, Number of times a message wasn't decoded request_bytes, Counter, Number of bytes in decoded request messages connect_rq, Counter, Number of regular connect (non-readonly) requests connect_readonly_rq, Counter, Number of connect requests with the readonly flag set ping_rq, Counter, Number of ping requests auth._rq, Counter, Number of auth requests for a given type getdata_rq, Counter, Number of getdata requests create_rq, Counter, Number of create requests create2_rq, Counter, Number of create2 requests setdata_rq, Counter, Number of setdata requests getchildren_rq, Counter, Number of getchildren requests getchildren2_rq, Counter, Number of getchildren2 requests remove_rq, Counter, Number of delete requests exists_rq, Counter, Number of stat requests getacl_rq, Counter, Number of getacl requests setacl_rq, Counter, Number of setacl requests sync_rq, Counter, Number of sync requests multi_rq, Counter, Number of multi transaction requests reconfig_rq, Counter, Number of reconfig requests close_rq, Counter, Number of close requests setwatches_rq, Counter, Number of setwatches requests checkwatches_rq, Counter, Number of checkwatches requests removewatches_rq, Counter, Number of removewatches requests check_rq, Counter, Number of check requests response_bytes, Counter, Number of bytes in decoded response messages connect_resp, Counter, Number of connect responses ping_resp, Counter, Number of ping responses auth_resp, Counter, Number of auth responses watch_event, Counter, Number of watch events fired by the server getdata_resp, Counter, Number of getdata responses create_resp, Counter, Number of create responses create2_resp, Counter, Number of create2 responses createcontainer_resp, Counter, Number of createcontainer responses createttl_resp, Counter, Number of createttl responses setdata_resp, Counter, Number of setdata responses getchildren_resp, Counter, Number of getchildren responses getchildren2_resp, Counter, Number of getchildren2 responses getephemerals_resp, Counter, Number of getephemerals responses getallchildrennumber_resp, Counter, Number of getallchildrennumber responses remove_resp, Counter, Number of remove responses exists_resp, Counter, Number of exists responses getacl_resp, Counter, Number of getacl responses setacl_resp, Counter, Number of setacl responses sync_resp, Counter, Number of sync responses multi_resp, Counter, Number of multi responses reconfig_resp, Counter, Number of reconfig responses close_resp, Counter, Number of close responses setauth_resp, Counter, Number of setauth responses setwatches_resp, Counter, Number of setwatches responses checkwatches_resp, Counter, Number of checkwatches responses removewatches_resp, Counter, Number of removewatches responses check_resp, Counter, Number of check responses .. _config_network_filters_zookeeper_proxy_latency_stats: Per opcode latency statistics ----------------------------- The filter will gather latency statistics in the *.zookeeper._response_latency* namespace. Latency stats are in milliseconds: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 connect_response_latency, Histogram, Opcode execution time in milliseconds ping_response_latency, Histogram, Opcode execution time in milliseconds auth_response_latency, Histogram, Opcode execution time in milliseconds watch_event, Histogram, Opcode execution time in milliseconds getdata_response_latency, Histogram, Opcode execution time in milliseconds create_response_latency, Histogram, Opcode execution time in milliseconds create2_response_latency, Histogram, Opcode execution time in milliseconds createcontainer_response_latency, Histogram, Opcode execution time in milliseconds createttl_response_latency, Histogram, Opcode execution time in milliseconds setdata_response_latency, Histogram, Opcode execution time in milliseconds getchildren_response_latency, Histogram, Opcode execution time in milliseconds getchildren2_response_latency, Histogram, Opcode execution time in milliseconds getephemerals_response_latency, Histogram, Opcode execution time in milliseconds getallchildrennumber_response_latency, Histogram, Opcode execution time in milliseconds remove_response_latency, Histogram, Opcode execution time in milliseconds exists_response_latency, Histogram, Opcode execution time in milliseconds getacl_response_latency, Histogram, Opcode execution time in milliseconds setacl_response_latency, Histogram, Opcode execution time in milliseconds sync_response_latency, Histogram, Opcode execution time in milliseconds multi_response_latency, Histogram, Opcode execution time in milliseconds reconfig_response_latency, Histogram, Opcode execution time in milliseconds close_response_latency, Histogram, Opcode execution time in milliseconds setauth_response_latency, Histogram, Opcode execution time in milliseconds setwatches_response_latency, Histogram, Opcode execution time in milliseconds checkwatches_response_latency, Histogram, Opcode execution time in milliseconds removewatches_response_latency, Histogram, Opcode execution time in milliseconds check_response_latency, Histogram, Opcode execution time in milliseconds .. _config_network_filters_zookeeper_proxy_dynamic_metadata: Dynamic Metadata ---------------- The ZooKeeper filter emits the following dynamic metadata for each message parsed: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 , string, "The path associated with the request, response or event" , string, "The opname for the request, response or event" , string, "The string representation of the flags applied to the znode" , string, "The size of the request message in bytes" , string, "True if a watch is being set, false otherwise" , string, "The version parameter, if any, given with the request" , string, "The timeout parameter in a connect response" , string, "The protocol version in a connect response" , string, "The readonly flag in a connect response" , string, "The zxid field in a response header" , string, "The error field in a response header" , string, "The state field in a watch event" , string, "The event type in a a watch event" ================================================ FILE: docs/root/configuration/listeners/overview.rst ================================================ Overview ======== The top level Envoy configuration contains a list of :ref:`listeners `. Each individual listener configuration has the following format: * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/listeners/runtime.rst ================================================ .. _config_listeners_runtime: Runtime ------- The following runtime settings are supported: envoy.resource_limits.listener..connection_limit Sets a limit on the number of active connections to the specified listener. ================================================ FILE: docs/root/configuration/listeners/stats.rst ================================================ .. _config_listener_stats: Statistics ========== Listener -------- Every listener has a statistics tree rooted at *listener.
    .* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_total, Counter, Total connections downstream_cx_destroy, Counter, Total destroyed connections downstream_cx_active, Gauge, Total active connections downstream_cx_length_ms, Histogram, Connection length milliseconds downstream_cx_overflow, Counter, Total connections rejected due to enforcement of listener connection limit downstream_pre_cx_timeout, Counter, Sockets that timed out during listener filter processing downstream_pre_cx_active, Gauge, Sockets currently undergoing listener filter processing global_cx_overflow, Counter, Total connections rejected due to enforecement of the global connection limit no_filter_chain_match, Counter, Total connections that didn't match any filter chain ssl.connection_error, Counter, Total TLS connection errors not including failed certificate verifications ssl.handshake, Counter, Total successful TLS connection handshakes ssl.session_reused, Counter, Total successful TLS session resumptions ssl.no_certificate, Counter, Total successful TLS connections with no client certificate ssl.fail_verify_no_cert, Counter, Total TLS connections that failed because of missing client certificate ssl.fail_verify_error, Counter, Total TLS connections that failed CA verification ssl.fail_verify_san, Counter, Total TLS connections that failed SAN verification ssl.fail_verify_cert_hash, Counter, Total TLS connections that failed certificate pinning verification ssl.ocsp_staple_failed, Counter, Total TLS connections that failed compliance with the OCSP policy ssl.ocsp_staple_omitted, Counter, Total TLS connections that succeeded without stapling an OCSP response ssl.ocsp_staple_responses, Counter, Total TLS connections where a valid OCSP response was available (irrespective of whether the client requested stapling) ssl.ocsp_staple_requests, Counter, Total TLS connections where the client requested an OCSP staple ssl.ciphers., Counter, Total successful TLS connections that used cipher ssl.curves., Counter, Total successful TLS connections that used ECDHE curve ssl.sigalgs., Counter, Total successful TLS connections that used signature algorithm ssl.versions., Counter, Total successful TLS connections that used protocol version .. _config_listener_stats_per_handler: Per-handler Listener Stats -------------------------- Every listener additionally has a statistics tree rooted at *listener.
    ..* which contains *per-handler* statistics. As described in the :ref:`threading model ` documentation, Envoy has a threading model which includes the *main thread* as well as a number of *worker threads* which are controlled by the :option:`--concurrency` option. Along these lines, ** is equal to *main_thread*, *worker_0*, *worker_1*, etc. These statistics can be used to look for per-handler/worker imbalance on either accepted or active connections. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_cx_total, Counter, Total connections on this handler. downstream_cx_active, Gauge, Total active connections on this handler. .. _config_listener_manager_stats: Listener manager ---------------- The listener manager has a statistics tree rooted at *listener_manager.* with the following statistics. Any ``:`` character in the stats name is replaced with ``_``. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 listener_added, Counter, Total listeners added (either via static config or LDS). listener_modified, Counter, Total listeners modified (via LDS). listener_removed, Counter, Total listeners removed (via LDS). listener_stopped, Counter, Total listeners stopped. listener_create_success, Counter, Total listener objects successfully added to workers. listener_create_failure, Counter, Total failed listener object additions to workers. listener_in_place_updated, Counter, Total listener objects created to execute filter chain update path. total_filter_chains_draining, Gauge, Number of currently draining filter chains. total_listeners_warming, Gauge, Number of currently warming listeners. total_listeners_active, Gauge, Number of currently active listeners. total_listeners_draining, Gauge, Number of currently draining listeners. workers_started, Gauge, A boolean (1 if started and 0 otherwise) that indicates whether listeners have been initialized on workers. ================================================ FILE: docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml ================================================ admin: access_log_path: /tmp/admin_access.log address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: UDP address: 127.0.0.1 port_value: 1234 listener_filters: name: envoy.filters.udp_listener.udp_proxy typed_config: '@type': type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig stat_prefix: service cluster: service_udp clusters: - name: service_udp connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_udp endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 1235 ================================================ FILE: docs/root/configuration/listeners/udp_filters/dns_filter.rst ================================================ .. _config_udp_listener_filters_dns_filter: DNS Filter ========== .. attention:: DNS Filter is under active development and should be considered alpha and not production ready. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.udp_listener.dns_filter* Overview -------- The DNS filter allows Envoy to resolve forward DNS queries as an authoritative server for any configured domains. The filter's configuration specifies the names and addresses for which Envoy will answer as well as the configuration needed to send queries externally for unknown domains. The filter supports local and external DNS resolution. If a lookup for a name does not match a statically configured domain, or a provisioned cluster name, Envoy can refer the query to an external resolver for an answer. Users have the option of specifying the DNS servers that Envoy will use for external resolution. Users can disable external DNS resolution by omitting the client configuration object. The filter supports :ref:`per-filter configuration `. An Example configuration follows that illustrates how the filter can be used. Example Configuration --------------------- .. code-block:: yaml listener_filters: name: envoy.filters.udp.dns_filter typed_config: "@type": "type.googleapis.com/envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig" stat_prefix: "dns_filter_prefix" client_config: resolution_timeout: 5s upstream_resolvers: - socket_address: address: "8.8.8.8" port_value: 53 - socket_address: address: "8.8.4.4" port_value: 53 max_pending_lookups: 256 server_config: inline_dns_table: known_suffixes: - suffix: "domain1.com" - suffix: "domain2.com" - suffix: "domain3.com" - suffix: "domain4.com" - suffix: "domain5.com" virtual_domains: - name: "www.domain1.com" endpoint: address_list: address: - 10.0.0.1 - 10.0.0.2 - name: "www.domain2.com" endpoint: address_list: address: - 2001:8a:c1::2800:7 - name: "www.domain3.com" endpoint: address_list: address: - 10.0.3.1 - name: "www.domain4.com" endpoint: cluster_name: cluster_0 - name: "voip.domain5.com" endpoint: service_list: services: - service_name: "sip" protocol: { number: 6 } ttl: 86400s targets: - host_name: "primary.voip.domain5.com" priority: 10 weight: 30 port: 5060 - host_name: "secondary.voip.domain5.com" priority: 10 weight: 20 port: 5060 - host_name: "backup.voip.domain5.com" priority: 10 weight: 10 port: 5060 In this example, Envoy is configured to respond to client queries for four domains. For any other query, it will forward upstream to external resolvers. The filter will return an address matching the input query type. If the query is for type A records and no A records are configured, Envoy will return no addresses and set the response code appropriately. Conversely, if there are matching records for the query type, each configured address is returned. This is also true for AAAA records. Only A, AAAA, and SRV records are supported. If the filter parses queries for other record types, the filter immediately responds indicating that the type is not supported. The filter can also redirect a query for a DNS name to the enpoints of a cluster. "www.domain4.com" in the configuration demonstrates this. Along with an address list, a cluster name is a valid endpoint for a DNS name. The DNS filter also supports responding to queries for service records. The records for "domain5.com" illustrate the configuration necessary to support responding to SRV records. The target name populated in the configuration must be fully qualified domain names, unless the target is a cluster. For non-cluster targets, each referenced target name must be defined in the DNS Filter table so that Envoy can resolve the target hosts' IP addresses. For a cluster, Envoy will return an address for each cluster endpoint. Each service record's protocol can be defined by a name or number. As configured in the example, the filter will successfully respond to SRV record requests for "_sip._tcp.voip.domain5.com". If a numerical value is specified, Envoy will attempt to resolve the number to a name. String values for protocols are used as they appear. An underscore is prepended to both the service and protocol to adhere to the convention outlined in the RFC. The filter can also consume its domain configuration from an external DNS table. The same entities appearing in the static configuration can be stored as JSON or YAML in a separate file and referenced using the :ref:`external_dns_table DataSource ` directive: Example External DnsTable Configuration --------------------------------------- .. code-block:: yaml listener_filters: name: "envoy.filters.udp.dns_filter" typed_config: '@type': 'type.googleapis.com/envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig' stat_prefix: "my_prefix" server_config: external_dns_table: filename: "/home/ubuntu/configs/dns_table.json" In the file, the table can be defined as follows: DnsTable JSON Configuration --------------------------- .. code-block:: json { "known_suffixes": [ { "suffix": "suffix1.com" }, { "suffix": "suffix2.com" } ], "virtual_domains": [ { "name": "www.suffix1.com", "endpoint": { "address_list": { "address": [ "10.0.0.1", "10.0.0.2" ] } } }, { "name": "www.suffix2.com", "endpoint": { "address_list": { "address": [ "2001:8a:c1::2800:7" ] } } } ] } By utilizing this configuration, the DNS responses can be configured separately from the Envoy configuration. ================================================ FILE: docs/root/configuration/listeners/udp_filters/udp_filters.rst ================================================ .. _config_udp_listener_filters: UDP listener filters ==================== Envoy has the following builtin UDP listener filters. .. toctree:: :maxdepth: 2 udp_proxy dns_filter ================================================ FILE: docs/root/configuration/listeners/udp_filters/udp_proxy.rst ================================================ .. _config_udp_listener_filters_udp_proxy: UDP proxy ========= * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.udp_listener.udp_proxy* Overview -------- The UDP proxy listener filter allows Envoy to operate as a *non-transparent* proxy between a UDP client and server. The lack of transparency means that the upstream server will see the source IP and port of the Envoy instance versus the client. All datagrams flow from the client, to Envoy, to the upstream server, back to Envoy, and back to the client. Because UDP is not a connection oriented protocol, Envoy must keep track of a client's *session* such that the response datagrams from an upstream server can be routed back to the correct client. Each session is index by the 4-tuple consisting of source IP/port and local IP/port that the datagram is received on. Sessions last until the :ref:`idle timeout ` is reached. The UDP proxy listener filter also can operate as a *transparent* proxy if the :ref:`use_original_src_ip ` field is set. But please keep in mind that it does not forward the port to upstreams. It forwards only the IP address to upstreams. Load balancing and unhealthy host handling ------------------------------------------ Envoy will fully utilize the configured load balancer for the configured upstream cluster when load balancing UDP datagrams. When a new session is created, Envoy will associate the session with an upstream host selected using the configured load balancer. All future datagrams that belong to the session will be routed to the same upstream host. When an upstream host becomes unhealthy (due to :ref:`active health checking `), Envoy will attempt to create a new session to a healthy host when the next datagram is received. Circuit breaking ---------------- The number of sessions that can be created per upstream cluster is limited by the cluster's :ref:`maximum connection circuit breaker `. By default this is 1024. Example configuration --------------------- The following example configuration will cause Envoy to listen on UDP port 1234 and proxy to a UDP server listening on port 1235. .. literalinclude:: _include/udp-proxy.yaml :language: yaml Statistics ---------- The UDP proxy filter emits both its own downstream statistics as well as many of the :ref:`cluster upstream statistics ` where applicable. The downstream statistics are rooted at *udp..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 downstream_sess_no_route, Counter, Number of datagrams not routed due to no cluster downstream_sess_rx_bytes, Counter, Number of bytes received downstream_sess_rx_datagrams, Counter, Number of datagrams received downstream_sess_rx_errors, Counter, Number of datagram receive errors downstream_sess_total, Counter, Number sessions created in total downstream_sess_tx_bytes, Counter, Number of bytes transmitted downstream_sess_tx_datagrams, Counter, Number of datagrams transmitted downstream_sess_tx_errors, counter, Number of datagram transmission errors idle_timeout, Counter, Number of sessions destroyed due to idle timeout downstream_sess_active, Gauge, Number of sessions currently active The following standard :ref:`upstream cluster stats ` are used by the UDP proxy: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_cx_none_healthy, Counter, Number of datagrams dropped due to no healthy hosts upstream_cx_overflow, Counter, Number of datagrams dropped due to hitting the session circuit breaker upstream_cx_rx_bytes_total, Counter, Number of bytes received upstream_cx_tx_bytes_total, Counter, Number of bytes transmitted The UDP proxy filter also emits custom upstream cluster stats prefixed with *cluster..udp.*: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 sess_rx_datagrams, Counter, Number of datagrams received sess_rx_errors, Counter, Number of datagram receive errors sess_tx_datagrams, Counter, Number of datagrams transmitted sess_tx_errors, Counter, Number of datagrams tramsitted ================================================ FILE: docs/root/configuration/observability/access_log/access_log.rst ================================================ Access Logs =========== .. toctree:: :maxdepth: 2 overview stats usage ================================================ FILE: docs/root/configuration/observability/access_log/overview.rst ================================================ Overview ======== * Access logging :ref:`architecture overview ` * :ref:`Configuration overview ` * :ref:`v2 API reference ` ================================================ FILE: docs/root/configuration/observability/access_log/stats.rst ================================================ .. _config_access_log_stats: Statistics ========== Currently only the gRPC and file based access logs have statistics. gRPC access log statistics -------------------------- The gRPC access log has statistics rooted at *access_logs.grpc_access_log.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 logs_written, Counter, Total log entries sent to the logger which were not dropped. This does not imply the logs have been flushed to the gRPC endpoint yet. logs_dropped, Counter, Total log entries dropped due to network or HTTP/2 back up. File access log statistics -------------------------- The file access log has statistics rooted at the *filesystem.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 write_buffered, Counter, Total number of times file data is moved to Envoy's internal flush buffer write_completed, Counter, Total number of times a file was successfully written write_failed, Counter, Total number of times an error occurred during a file write operation flushed_by_timer, Counter, Total number of times internal flush buffers are written to a file due to flush timeout reopen_failed, Counter, Total number of times a file was failed to be opened write_total_buffered, Gauge, Current total size of internal flush buffer in bytes ================================================ FILE: docs/root/configuration/observability/access_log/usage.rst ================================================ .. _config_access_log: Access logging ============== Configuration ------------------------- Access logs are configured as part of the :ref:`HTTP connection manager config ` or :ref:`TCP Proxy `. * :ref:`v3 API reference ` .. _config_access_log_format: Format Rules ------------ Access log formats contain command operators that extract the relevant data and insert it. They support two formats: :ref:`"format strings" ` and :ref:`"format dictionaries" `. In both cases, the command operators are used to extract the relevant data, which is then inserted into the specified log format. Only one access log format may be specified at a time. .. _config_access_log_format_strings: Format Strings -------------- Format strings are plain strings, specified using the ``format`` key. They may contain either command operators or other characters interpreted as a plain string. The access log formatter does not make any assumptions about a new line separator, so one has to specified as part of the format string. See the :ref:`default format ` for an example. .. _config_access_log_default_format: Default Format String --------------------- If custom format string is not specified, Envoy uses the following default format: .. code-block:: none [%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%"\n Example of the default Envoy access log format: .. code-block:: none [2016-04-15T20:17:00.310Z] "POST /api/v1/locations HTTP/2" 204 - 154 0 226 100 "10.0.35.28" "nsq2http" "cc21d9b0-cf5c-432b-8c7e-98aeb7988cd2" "locations" "tcp://10.0.2.1:80" .. _config_access_log_format_dictionaries: Format Dictionaries ------------------- Format dictionaries are dictionaries that specify a structured access log output format, specified using the ``json_format`` or ``typed_json_format`` keys. This allows logs to be output in a structured format such as JSON. Similar to format strings, command operators are evaluated and their values inserted into the format dictionary to construct the log output. For example, with the following format provided in the configuration as ``json_format``: .. code-block:: json { "config": { "json_format": { "protocol": "%PROTOCOL%", "duration": "%DURATION%", "my_custom_header": "%REQ(MY_CUSTOM_HEADER)%" } } } The following JSON object would be written to the log file: .. code-block:: json {"protocol": "HTTP/1.1", "duration": "123", "my_custom_header": "value_of_MY_CUSTOM_HEADER"} This allows you to specify a custom key for each command operator. The ``typed_json_format`` differs from ``json_format`` in that values are rendered as JSON numbers, booleans, and nested objects or lists where applicable. In the example, the request duration would be rendered as the number ``123``. Format dictionaries have the following restrictions: * The dictionary must map strings to strings (specifically, strings to command operators). Nesting is supported. * When using the ``typed_json_format`` command operators will only produce typed output if the command operator is the only string that appears in the dictionary value. For example, ``"%DURATION%"`` will log a numeric duration value, but ``"%DURATION%.0"`` will log a string value. .. note:: When using the ``typed_json_format``, integer values that exceed :math:`2^{53}` will be represented with reduced precision as they must be converted to floating point numbers. .. _config_access_log_command_operators: Command Operators ----------------- Command operators are used to extract values that will be inserted into the access logs. The same operators are used by different types of access logs (such as HTTP and TCP). Some fields may have slightly different meanings, depending on what type of log it is. Differences are noted. Note that if a value is not set/empty, the logs will contain a ``-`` character or, for JSON logs, the string ``"-"``. For typed JSON logs unset values are represented as ``null`` values and empty strings are rendered as ``""``. :ref:`omit_empty_values ` option could be used to omit empty values entirely. Unless otherwise noted, command operators produce string outputs for typed JSON logs. The following command operators are supported: .. _config_access_log_format_start_time: %START_TIME% HTTP Request start time including milliseconds. TCP Downstream connection start time including milliseconds. START_TIME can be customized using a `format string `_. In addition to that, START_TIME also accepts following specifiers: +------------------------+-------------------------------------------------------------+ | Specifier | Explanation | +========================+=============================================================+ | ``%s`` | The number of seconds since the Epoch | +------------------------+-------------------------------------------------------------+ | ``%f``, ``%[1-9]f`` | Fractional seconds digits, default is 9 digits (nanosecond) | | +-------------------------------------------------------------+ | | - ``%3f`` millisecond (3 digits) | | | - ``%6f`` microsecond (6 digits) | | | - ``%9f`` nanosecond (9 digits) | +------------------------+-------------------------------------------------------------+ Examples of formatting START_TIME is as follows: .. code-block:: none %START_TIME(%Y/%m/%dT%H:%M:%S%z %s)% # To include millisecond fraction of the second (.000 ... .999). E.g. 1527590590.528. %START_TIME(%s.%3f)% %START_TIME(%s.%6f)% %START_TIME(%s.%9f)% In typed JSON logs, START_TIME is always rendered as a string. %BYTES_RECEIVED% HTTP Body bytes received. TCP Downstream bytes received on connection. Renders a numeric value in typed JSON logs. %PROTOCOL% HTTP Protocol. Currently either *HTTP/1.1* or *HTTP/2*. TCP Not implemented ("-"). In typed JSON logs, PROTOCOL will render the string ``"-"`` if the protocol is not available (e.g. in TCP logs). %RESPONSE_CODE% HTTP HTTP response code. Note that a response code of '0' means that the server never sent the beginning of a response. This generally means that the (downstream) client disconnected. TCP Not implemented ("-"). Renders a numeric value in typed JSON logs. .. _config_access_log_format_response_code_details: %RESPONSE_CODE_DETAILS% HTTP HTTP response code details provides additional information about the response code, such as who set it (the upstream or envoy) and why. TCP Not implemented ("-") .. _config_access_log_format_connection_termination_details: %CONNECTION_TERMINATION_DETAILS% HTTP and TCP Connection termination details may provide additional information about why the connection was terminated by Envoy for L4 reasons. %BYTES_SENT% HTTP Body bytes sent. For WebSocket connection it will also include response header bytes. TCP Downstream bytes sent on connection. Renders a numeric value in typed JSON logs. %DURATION% HTTP Total duration in milliseconds of the request from the start time to the last byte out. TCP Total duration in milliseconds of the downstream connection. Renders a numeric value in typed JSON logs. %REQUEST_DURATION% HTTP Total duration in milliseconds of the request from the start time to the last byte of the request received from the downstream. TCP Not implemented ("-"). Renders a numeric value in typed JSON logs. %RESPONSE_DURATION% HTTP Total duration in milliseconds of the request from the start time to the first byte read from the upstream host. TCP Not implemented ("-"). Renders a numeric value in typed JSON logs. %RESPONSE_TX_DURATION% HTTP Total duration in milliseconds of the request from the first byte read from the upstream host to the last byte sent downstream. TCP Not implemented ("-"). Renders a numeric value in typed JSON logs. .. _config_access_log_format_response_flags: %RESPONSE_FLAGS% Additional details about the response or connection, if any. For TCP connections, the response codes mentioned in the descriptions do not apply. Possible values are: HTTP and TCP * **UH**: No healthy upstream hosts in upstream cluster in addition to 503 response code. * **UF**: Upstream connection failure in addition to 503 response code. * **UO**: Upstream overflow (:ref:`circuit breaking `) in addition to 503 response code. * **NR**: No :ref:`route configured ` for a given request in addition to 404 response code, or no matching filter chain for a downstream connection. * **URX**: The request was rejected because the :ref:`upstream retry limit (HTTP) ` or :ref:`maximum connect attempts (TCP) ` was reached. HTTP only * **DC**: Downstream connection termination. * **LH**: Local service failed :ref:`health check request ` in addition to 503 response code. * **UT**: Upstream request timeout in addition to 504 response code. * **LR**: Connection local reset in addition to 503 response code. * **UR**: Upstream remote reset in addition to 503 response code. * **UC**: Upstream connection termination in addition to 503 response code. * **DI**: The request processing was delayed for a period specified via :ref:`fault injection `. * **FI**: The request was aborted with a response code specified via :ref:`fault injection `. * **RL**: The request was ratelimited locally by the :ref:`HTTP rate limit filter ` in addition to 429 response code. * **UAEX**: The request was denied by the external authorization service. * **RLSE**: The request was rejected because there was an error in rate limit service. * **IH**: The request was rejected because it set an invalid value for a :ref:`strictly-checked header ` in addition to 400 response code. * **SI**: Stream idle timeout in addition to 408 response code. * **DPE**: The downstream request had an HTTP protocol error. * **UMSDR**: The upstream request reached to max stream duration. %ROUTE_NAME% Name of the route. %UPSTREAM_HOST% Upstream host URL (e.g., tcp://ip:port for TCP connections). %UPSTREAM_CLUSTER% Upstream cluster to which the upstream host belongs to. %UPSTREAM_LOCAL_ADDRESS% Local address of the upstream connection. If the address is an IP address it includes both address and port. .. _config_access_log_format_upstream_transport_failure_reason: %UPSTREAM_TRANSPORT_FAILURE_REASON% HTTP If upstream connection failed due to transport socket (e.g. TLS handshake), provides the failure reason from the transport socket. The format of this field depends on the configured upstream transport socket. Common TLS failures are in :ref:`TLS trouble shooting `. TCP Not implemented ("-") %DOWNSTREAM_REMOTE_ADDRESS% Remote address of the downstream connection. If the address is an IP address it includes both address and port. .. note:: This may not be the physical remote address of the peer if the address has been inferred from :ref:`proxy proto ` or :ref:`x-forwarded-for `. %DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT% Remote address of the downstream connection. If the address is an IP address the output does *not* include port. .. note:: This may not be the physical remote address of the peer if the address has been inferred from :ref:`proxy proto ` or :ref:`x-forwarded-for `. %DOWNSTREAM_DIRECT_REMOTE_ADDRESS% Direct remote address of the downstream connection. If the address is an IP address it includes both address and port. .. note:: This is always the physical remote address of the peer even if the downstream remote address has been inferred from :ref:`proxy proto ` or :ref:`x-forwarded-for `. %DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT% The direct remote address of the downstream connection. If the address is an IP address the output does *not* include port. .. note:: This is always the physical remote address of the peer even if the downstream remote address has been inferred from :ref:`proxy proto ` or :ref:`x-forwarded-for `. %DOWNSTREAM_LOCAL_ADDRESS% Local address of the downstream connection. If the address is an IP address it includes both address and port. If the original connection was redirected by iptables REDIRECT, this represents the original destination address restored by the :ref:`Original Destination Filter ` using SO_ORIGINAL_DST socket option. If the original connection was redirected by iptables TPROXY, and the listener's transparent option was set to true, this represents the original destination address and port. %DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT% Same as **%DOWNSTREAM_LOCAL_ADDRESS%** excluding port if the address is an IP address. .. _config_access_log_format_connection_id: %CONNECTION_ID% An identifier for the downstream connection. It can be used to cross-reference TCP access logs across multiple log sinks, or to cross-reference timer-based reports for the same connection. The identifier is unique with high likelihood within an execution, but can duplicate across multiple instances or between restarts. %GRPC_STATUS% gRPC status code which is easy to interpret with text message corresponding with number. %DOWNSTREAM_LOCAL_PORT% Similar to **%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%**, but only extracts the port portion of the **%DOWNSTREAM_LOCAL_ADDRESS%** %REQ(X?Y):Z% HTTP An HTTP request header where X is the main HTTP header, Y is the alternative one, and Z is an optional parameter denoting string truncation up to Z characters long. The value is taken from the HTTP request header named X first and if it's not set, then request header Y is used. If none of the headers are present '-' symbol will be in the log. TCP Not implemented ("-"). %RESP(X?Y):Z% HTTP Same as **%REQ(X?Y):Z%** but taken from HTTP response headers. TCP Not implemented ("-"). %TRAILER(X?Y):Z% HTTP Same as **%REQ(X?Y):Z%** but taken from HTTP response trailers. TCP Not implemented ("-"). %DYNAMIC_METADATA(NAMESPACE:KEY*):Z% HTTP :ref:`Dynamic Metadata ` info, where NAMESPACE is the filter namespace used when setting the metadata, KEY is an optional lookup up key in the namespace with the option of specifying nested keys separated by ':', and Z is an optional parameter denoting string truncation up to Z characters long. Dynamic Metadata can be set by filters using the :repo:`StreamInfo ` API: *setDynamicMetadata*. The data will be logged as a JSON string. For example, for the following dynamic metadata: ``com.test.my_filter: {"test_key": "foo", "test_object": {"inner_key": "bar"}}`` * %DYNAMIC_METADATA(com.test.my_filter)% will log: ``{"test_key": "foo", "test_object": {"inner_key": "bar"}}`` * %DYNAMIC_METADATA(com.test.my_filter:test_key)% will log: ``"foo"`` * %DYNAMIC_METADATA(com.test.my_filter:test_object)% will log: ``{"inner_key": "bar"}`` * %DYNAMIC_METADATA(com.test.my_filter:test_object:inner_key)% will log: ``"bar"`` * %DYNAMIC_METADATA(com.unknown_filter)% will log: ``-`` * %DYNAMIC_METADATA(com.test.my_filter:unknown_key)% will log: ``-`` * %DYNAMIC_METADATA(com.test.my_filter):25% will log (truncation at 25 characters): ``{"test_key": "foo", "test`` TCP Not implemented ("-"). .. note:: For typed JSON logs, this operator renders a single value with string, numeric, or boolean type when the referenced key is a simple value. If the referenced key is a struct or list value, a JSON struct or list is rendered. Structs and lists may be nested. In any event, the maximum length is ignored .. _config_access_log_format_filter_state: %FILTER_STATE(KEY:F):Z% HTTP :ref:`Filter State ` info, where the KEY is required to look up the filter state object. The serialized proto will be logged as JSON string if possible. If the serialized proto is unknown to Envoy it will be logged as protobuf debug string. Z is an optional parameter denoting string truncation up to Z characters long. F is an optional parameter used to indicate which method FilterState uses for serialization. If 'PLAIN' is set, the filter state object will be serialized as an unstructured string. If 'TYPED' is set or no F provided, the filter state object will be serialized as an JSON string. TCP Same as HTTP, the filter state is from connection instead of a L7 request. .. note:: For typed JSON logs, this operator renders a single value with string, numeric, or boolean type when the referenced key is a simple value. If the referenced key is a struct or list value, a JSON struct or list is rendered. Structs and lists may be nested. In any event, the maximum length is ignored %REQUESTED_SERVER_NAME% HTTP String value set on ssl connection socket for Server Name Indication (SNI) TCP String value set on ssl connection socket for Server Name Indication (SNI) %DOWNSTREAM_LOCAL_URI_SAN% HTTP The URIs present in the SAN of the local certificate used to establish the downstream TLS connection. TCP The URIs present in the SAN of the local certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_URI_SAN% HTTP The URIs present in the SAN of the peer certificate used to establish the downstream TLS connection. TCP The URIs present in the SAN of the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_LOCAL_SUBJECT% HTTP The subject present in the local certificate used to establish the downstream TLS connection. TCP The subject present in the local certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_SUBJECT% HTTP The subject present in the peer certificate used to establish the downstream TLS connection. TCP The subject present in the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_ISSUER% HTTP The issuer present in the peer certificate used to establish the downstream TLS connection. TCP The issuer present in the peer certificate used to establish the downstream TLS connection. %DOWNSTREAM_TLS_SESSION_ID% HTTP The session ID for the established downstream TLS connection. TCP The session ID for the established downstream TLS connection. %DOWNSTREAM_TLS_CIPHER% HTTP The OpenSSL name for the set of ciphers used to establish the downstream TLS connection. TCP The OpenSSL name for the set of ciphers used to establish the downstream TLS connection. %DOWNSTREAM_TLS_VERSION% HTTP The TLS version (e.g., ``TLSv1.2``, ``TLSv1.3``) used to establish the downstream TLS connection. TCP The TLS version (e.g., ``TLSv1.2``, ``TLSv1.3``) used to establish the downstream TLS connection. %DOWNSTREAM_PEER_FINGERPRINT_256% HTTP The hex-encoded SHA256 fingerprint of the client certificate used to establish the downstream TLS connection. TCP The hex-encoded SHA256 fingerprint of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_FINGERPRINT_1% HTTP The hex-encoded SHA1 fingerprint of the client certificate used to establish the downstream TLS connection. TCP The hex-encoded SHA1 fingerprint of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_SERIAL% HTTP The serial number of the client certificate used to establish the downstream TLS connection. TCP The serial number of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT% HTTP The client certificate in the URL-encoded PEM format used to establish the downstream TLS connection. TCP The client certificate in the URL-encoded PEM format used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT_V_START% HTTP The validity start date of the client certificate used to establish the downstream TLS connection. TCP The validity start date of the client certificate used to establish the downstream TLS connection. %DOWNSTREAM_PEER_CERT_V_END% HTTP The validity end date of the client certificate used to establish the downstream TLS connection. TCP The validity end date of the client certificate used to establish the downstream TLS connection. %HOSTNAME% The system hostname. %LOCAL_REPLY_BODY% The body text for the requests rejected by the Envoy. ================================================ FILE: docs/root/configuration/observability/application_logging.rst ================================================ .. _config_application_logs: Application logging =================== Envoy and its filters write application logs for debuggability. Envoy can be configured to output application logs in a format that is compatible with common log viewers. This section documents how Envoy can be configured to enable integration with each log viewer. Stackdriver Logging with GKE ---------------------------- `Stackdriver Logging `_ can read logs from containers running on `Google Kubernetes Engine `_. Envoy should be configured with the following :ref:`command line options `: * ``--log-format '%L%m%d %T.%e %t envoy] [%t][%n]%v'``: Logs are formatted in `glog `_ format, allowing Stackdriver to parse the log severity and timestamp. * ``--log-format-escaped``: Each string that is logged will be printed in a single line. C-style escape sequences (such as ``\n``) will be escaped and prevent a single string from spanning multiple lines. This ensures each log line is structured with the glog prefix. * The ``--log-path`` flag **does not** need to be set, since Stackdriver can read logs from STDERR. * The ``--log-level`` flag can be set to control the log severity logged to Stackdriver. `Reference documentation `_ for Stackdriver on GKE. ================================================ FILE: docs/root/configuration/observability/observability.rst ================================================ Observability ============= .. toctree:: :maxdepth: 2 statistics application_logging access_log/access_log.rst ================================================ FILE: docs/root/configuration/observability/statistics.rst ================================================ .. _statistics: Statistics ========== .. _server_statistics: Server ------ Server related statistics are rooted at *server.* with following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 uptime, Gauge, Current server uptime in seconds concurrency, Gauge, Number of worker threads memory_allocated, Gauge, Current amount of allocated memory in bytes. Total of both new and old Envoy processes on hot restart. memory_heap_size, Gauge, Current reserved heap size in bytes. New Envoy process heap size on hot restart. memory_physical_size, Gauge, Current estimate of total bytes of the physical memory. New Envoy process physical memory size on hot restart. live, Gauge, "1 if the server is not currently draining, 0 otherwise" state, Gauge, Current :ref:`State ` of the Server. parent_connections, Gauge, Total connections of the old Envoy process on hot restart total_connections, Gauge, Total connections of both new and old Envoy processes version, Gauge, Integer represented version number based on SCM revision or :ref:`stats_server_version_override ` if set. days_until_first_cert_expiring, Gauge, Number of days until the next certificate being managed will expire seconds_until_first_ocsp_response_expiring, Gauge, Number of seconds until the next OCSP response being managed will expire hot_restart_epoch, Gauge, Current hot restart epoch -- an integer passed via command line flag `--restart-epoch` usually indicating generation. hot_restart_generation, Gauge, Current hot restart generation -- like hot_restart_epoch but computed automatically by incrementing from parent. initialization_time_ms, Histogram, Total time taken for Envoy initialization in milliseconds. This is the time from server start-up until the worker threads are ready to accept new connections debug_assertion_failures, Counter, Number of debug assertion failures detected in a release build if compiled with `--define log_debug_assert_in_release=enabled` or zero otherwise envoy_bug_failures, Counter, Number of envoy bug failures detected in a release build. File or report the issue if this increments as this may be serious. static_unknown_fields, Counter, Number of messages in static configuration with unknown fields dynamic_unknown_fields, Counter, Number of messages in dynamic configuration with unknown fields ================================================ FILE: docs/root/configuration/operations/operations.rst ================================================ Operations ========== .. toctree:: :maxdepth: 2 runtime overload_manager/overload_manager tools/router_check ================================================ FILE: docs/root/configuration/operations/overload_manager/overload_manager.rst ================================================ .. _config_overload_manager: Overload manager ================ The :ref:`overload manager ` is configured in the Bootstrap :ref:`overload_manager ` field. An example configuration of the overload manager is shown below. It shows a configuration to disable HTTP/1.x keepalive when heap memory usage reaches 95% and to stop accepting requests when heap memory usage reaches 99%. .. code-block:: yaml refresh_interval: seconds: 0 nanos: 250000000 resource_monitors: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig max_heap_size_bytes: 2147483648 actions: - name: "envoy.overload_actions.disable_http_keepalive" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.95 - name: "envoy.overload_actions.stop_accepting_requests" triggers: - name: "envoy.resource_monitors.fixed_heap" threshold: value: 0.99 Resource monitors ----------------- The overload manager uses Envoy's :ref:`extension ` framework for defining resource monitors. Envoy's builtin resource monitors are listed :ref:`here `. Triggers -------- Triggers connect resource monitors to actions. There are two types of triggers supported: .. list-table:: :header-rows: 1 :widths: 1, 2 * - Type - Description * - :ref:`threshold ` - Sets the action state to 1 (= *saturated*) when the resource pressure is above a threshold, and to 0 otherwise. * - :ref:`scaled ` - Sets the action state to 0 when the resource pressure is below the :ref:`scaling_threshold `, `(pressure - scaling_threshold)/(saturation_threshold - scaling_threshold)` when `scaling_threshold < pressure < saturation_threshold`, and to 1 (*saturated*) when the pressure is above the :ref:`saturation_threshold `." .. _config_overload_manager_overload_actions: Overload actions ---------------- The following overload actions are supported: .. csv-table:: :header: Name, Description :widths: 1, 2 envoy.overload_actions.stop_accepting_requests, Envoy will immediately respond with a 503 response code to new requests envoy.overload_actions.disable_http_keepalive, Envoy will stop accepting streams on incoming HTTP connections envoy.overload_actions.stop_accepting_connections, Envoy will stop accepting new network connections on its configured listeners envoy.overload_actions.shrink_heap, Envoy will periodically try to shrink the heap by releasing free memory to the system Limiting Active Connections --------------------------- Currently, the only supported way to limit the total number of active connections allowed across all listeners is via specifying an integer through the runtime key ``overload.global_downstream_max_connections``. The connection limit is recommended to be less than half of the system's file descriptor limit, to account for upstream connections, files, and other usage of file descriptors. If the value is unspecified, there is no global limit on the number of active downstream connections and Envoy will emit a warning indicating this at startup. To disable the warning without setting a limit on the number of active downstream connections, the runtime value may be set to a very large limit (~2e9). If it is desired to only limit the number of downstream connections for a particular listener, per-listener limits can be set via the :ref:`listener configuration `. One may simultaneously specify both per-listener and global downstream connection limits and the conditions will be enforced independently. For instance, if it is known that a particular listener should have a smaller number of open connections than others, one may specify a smaller connection limit for that specific listener and allow the global limit to enforce resource utilization among all listeners. An example configuration can be found in the :ref:`edge best practices document `. Statistics ---------- Each configured resource monitor has a statistics tree rooted at *overload..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 pressure, Gauge, Resource pressure as a percent failed_updates, Counter, Total failed attempts to update the resource pressure skipped_updates, Counter, Total skipped attempts to update the resource pressure due to a pending update Each configured overload action has a statistics tree rooted at *overload..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 active, Gauge, "Active state of the action (0=scaling, 1=saturated)" scale_percent, Gauge, "Scaled value of the action as a percent (0-99=scaling, 100=saturated)" ================================================ FILE: docs/root/configuration/operations/runtime.rst ================================================ .. _config_runtime: Runtime ======= The :ref:`runtime configuration ` specifies a virtual file system tree that contains re-loadable configuration elements. This virtual file system can be realized via a series of local file system, static bootstrap configuration, RTDS and admin console derived overlays. * :ref:`v3 API reference ` .. _config_virtual_filesystem: Virtual file system ------------------- .. _config_runtime_layering: Layering ++++++++ The runtime can be viewed as a virtual file system consisting of multiple layers. The :ref:`layered runtime ` bootstrap configuration specifies this layering. Runtime settings in later layers override earlier layers. A typical configuration might be: .. validated-code-block:: yaml :type-name: envoy.config.bootstrap.v3.LayeredRuntime layers: - name: static_layer_0 static_layer: health_check: min_interval: 5 - name: disk_layer_0 disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy } - name: disk_layer_1 disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy_override, append_service_cluster: true } - name: admin_layer_0 admin_layer: {} In the deprecated :ref:`runtime ` bootstrap configuration, the layering was implicit and fixed: 1. :ref:`Static bootstrap configuration ` 2. :ref:`Local disk file system ` 3. :ref:`Local disk file system *override_subdirectory* ` 4. :ref:`Admin console overrides ` with values in higher layers overriding corresponding values in lower layers. .. _config_runtime_file_system: File system layout ++++++++++++++++++ Various sections of the configuration guide describe the runtime settings that are available. For example, :ref:`here ` are the runtime settings for upstream clusters. Each '.' in a runtime key indicates a new directory in the hierarchy, The terminal portion of a path is the file. The contents of the file constitute the runtime value. When reading numeric values from a file, spaces and new lines will be ignored. *numerator* or *denominator* are reserved keywords and may not appear in any directory. .. _config_runtime_bootstrap: Static bootstrap ++++++++++++++++ A static base runtime may be specified in the :ref:`bootstrap configuration ` via a :ref:`protobuf JSON representation `. .. _config_runtime_local_disk: Local disk file system ++++++++++++++++++++++ When the :ref:`runtime virtual file system ` is realized on a local disk, it is rooted at *symlink_root* + *subdirectory*. For example, the *health_check.min_interval* key would have the following full file system path (using the symbolic link): ``/srv/runtime/current/envoy/health_check/min_interval`` .. _config_runtime_local_disk_overrides: Overrides ~~~~~~~~~ An arbitrary number of disk file system layers can be overlaid in the :ref:`layered runtime ` bootstrap configuration. In the deprecated :ref:`runtime ` bootstrap configuration, there was a distinguished file system override. Assume that the folder ``/srv/runtime/v1`` points to the actual file system path where global runtime configurations are stored. The following would be a typical configuration setting for runtime: * *symlink_root*: ``/srv/runtime/current`` * *subdirectory*: ``envoy`` * *override_subdirectory*: ``envoy_override`` Where ``/srv/runtime/current`` is a symbolic link to ``/srv/runtime/v1``. .. _config_runtime_local_disk_service_cluster_subdirs: Cluster-specific subdirectories ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In the deprecated :ref:`runtime ` bootstrap configuration, the *override_subdirectory* is used along with the :option:`--service-cluster` CLI option. Assume that :option:`--service-cluster` has been set to ``my-cluster``. Envoy will first look for the *health_check.min_interval* key in the following full file system path: ``/srv/runtime/current/envoy_override/my-cluster/health_check/min_interval`` If found, the value will override any value found in the primary lookup path. This allows the user to customize the runtime values for individual clusters on top of global defaults. With the :ref:`layered runtime ` bootstrap configuration, it is possible to specialize on service cluster via the :ref:`append_service_cluster ` option at any disk layer. .. _config_runtime_symbolic_link_swap: Updating runtime values via symbolic link swap ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ There are two steps to update any runtime value. First, create a hard copy of the entire runtime tree and update the desired runtime values. Second, atomically swap the symbolic link root from the old tree to the new runtime tree, using the equivalent of the following command: .. code-block:: console /srv/runtime:~$ ln -s /srv/runtime/v2 new && mv -Tf new current It's beyond the scope of this document how the file system data is deployed, garbage collected, etc. .. _config_runtime_rtds: Runtime Discovery Service (RTDS) ++++++++++++++++++++++++++++++++ One or more runtime layers may be specified and delivered by specifying a :ref:`rtds_layer `. This points the runtime layer at a regular :ref:`xDS ` endpoint, subscribing to a single xDS resource for the given layer. The resource type for these layers is a :ref:`Runtime message `. .. _config_runtime_admin: Admin console +++++++++++++ Values can be viewed at the :ref:`/runtime admin endpoint `. Values can be modified and added at the :ref:`/runtime_modify admin endpoint `. If runtime is not configured, an empty provider is used which has the effect of using all defaults built into the code, except for any values added via `/runtime_modify`. .. attention:: Use the :ref:`/runtime_modify` endpoint with care. Changes are effectively immediately. It is **critical** that the admin interface is :ref:`properly secured `. At most one admin layer may be specified. If a non-empty :ref:`layered runtime ` bootstrap configuration is specified with an absent admin layer, any mutating admin console actions will elicit a 503 response. .. _config_runtime_atomicity: Atomicity --------- The runtime will reload and a new snapshot will be generated in a variety of situations, i.e.: * When a file move operation is detected under the symlink root or the symlink root changes. * When an admin console override is added or modified. All runtime layers are evaluated during a snapshot. Layers with errors are ignored and excluded from the effective layers, see :ref:`num_layers `. Walking the symlink root will take a non-zero amount of time, so if true atomicity is desired, the runtime directory should be immutable and symlink changes should be used to orchestrate updates. Disk layers with the same symlink root will only trigger a single refresh when a file movement is detected. Disk layers with overlapping symlink root paths that are not identical may trigger multiple reloads when a file movement is detected. .. _config_runtime_proto_json: Protobuf and JSON representation -------------------------------- The runtime :ref:`file system ` can be represented inside a proto3 message as a `google.protobuf.Struct `_ modeling a JSON object with the following rules: * Dot separators map to tree edges. * Scalar leaves (integer, strings, booleans, doubles) are represented with their respective JSON type. * :ref:`FractionalPercent ` is represented with via its `canonical JSON encoding `_. An example representation of a setting for the *health_check.min_interval* key in YAML is: .. code-block:: yaml health_check: min_interval: 5 .. note:: Integer values that are parsed from doubles are rounded down to the nearest whole number. .. _config_runtime_comments: Comments -------- Lines starting with ``#`` as the first character are treated as comments. Comments can be used to provide context on an existing value. Comments are also useful in an otherwise empty file to keep a placeholder for deployment in a time of need. .. _config_runtime_deprecation: Using runtime overrides for deprecated features ----------------------------------------------- The Envoy runtime is also a part of the Envoy feature deprecation process. As described in the Envoy :repo:`breaking change policy `, feature deprecation in Envoy is in 3 phases: warn-by-default, fail-by-default, and code removal. In the first phase, Envoy logs a warning to the warning log that the feature is deprecated and increments the :ref:`deprecated_feature_use ` runtime stat. Users are encouraged to go to :ref:`deprecated ` to see how to migrate to the new code path and make sure it is suitable for their use case. In the second phase the field will be tagged as disallowed_by_default and use of that configuration field will cause the config to be rejected by default. This disallowed mode can be overridden in runtime configuration by setting envoy.deprecated_features:full_fieldname or envoy.deprecated_features:full_enum_value to true. For example, for a deprecated field ``Foo.Bar.Eep`` set ``envoy.deprecated_features:Foo.bar.Eep`` to ``true``. There is a production example using static runtime to allow both fail-by-default fields here: :repo:`configs/using_deprecated_config.v2.yaml` Use of these override is **strongly discouraged** so please use with caution and switch to the new fields as soon as possible. Fatal-by-default configuration indicates that the removal of the old code paths is imminent. It is far better for both Envoy users and for Envoy contributors if any bugs or feature gaps with the new code paths are flushed out ahead of time, rather than after the code is removed! .. _runtime_stats: .. attention:: Versions of Envoy prior to 1.14.1 cannot parse runtime booleans from integer values and require an explicit "true" or "false". Mistakenly placing an integer such as "0" to represent "false" will lead to usage of the default value. This is especially important to keep in mind for case of runtime overrides for :ref:`deprecated features`, as it will can potentially result in unexpected Envoy behaviors. Statistics ---------- The file system runtime provider emits some statistics in the *runtime.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 admin_overrides_active, Gauge, 1 if any admin overrides are active otherwise 0 deprecated_feature_use, Counter, Total number of times deprecated features were used. Detailed information about the feature used will be logged to warning logs in the form "Using deprecated option 'X' from file Y". deprecated_feature_seen_since_process_start, Gauge, Number of times deprecated features were used. This is not carried over during hot restarts. load_error, Counter, Total number of load attempts that resulted in an error in any layer load_success, Counter, Total number of load attempts that were successful at all layers num_keys, Gauge, Number of keys currently loaded num_layers, Gauge, Number of layers currently active (without loading errors) override_dir_exists, Counter, Total number of loads that did use an override directory override_dir_not_exists, Counter, Total number of loads that did not use an override directory ================================================ FILE: docs/root/configuration/operations/tools/router_check.rst ================================================ .. _config_tools_router_check_tool: Route table check tool ====================== .. note:: The following configuration is for the route table check tool only and is not part of the Envoy binary. The route table check tool is a standalone binary that can be used to verify Envoy's routing for a given configuration file. The following specifies input to the route table check tool. The route table check tool checks if the route returned by a :ref:`router ` matches what is expected. The tool can be used to check cluster name, virtual cluster name, virtual host name, manual path rewrite, manual host rewrite, path redirect, and header field matches. Extensions for other test cases can be added. Details about installing the tool and sample tool input/output can be found at :ref:`installation `. The route table check tool config is composed of an array of json test objects. Each test object is composed of three parts. Test name This field specifies the name of each test object. Input values The input value fields specify the parameters to be passed to the router. Example input fields include the :authority, :path, and :method header fields. The :authority and :path fields specify the url sent to the router and are required. All other input fields are optional. Validate The validate fields specify the expected values and test cases to check. At least one test case is required. A simple tool configuration json has one test case and is written as follows. The test expects a cluster name match of "instant-server".:: tests - test_name: Cluster_name_test, input: authority: api.lyft.com, path: /api/locations validate: cluster_name: instant-server .. code-block:: yaml tests - test_name: ..., input: authority: ..., path: ..., method: ..., internal: ..., random_value: ..., ssl: ..., runtime: ..., additional_request_headers: - key: ..., value: ... additional_response_headers: - key: ..., value: ... validate: cluster_name: ..., virtual_cluster_name: ..., virtual_host_name: ..., host_rewrite: ..., path_rewrite: ..., path_redirect: ..., request_header_matches: - name: ..., exact_match: ... response_header_matches: - name: ..., exact_match: ... - name: ..., presence_match: ... test_name *(required, string)* The name of a test object. input *(required, object)* Input values sent to the router that determine the returned route. authority *(required, string)* The url authority. This value along with the path parameter define the url to be matched. An example authority value is "api.lyft.com". path *(required, string)* The url path. An example path value is "/foo". method *(required, string)* The request method. If not specified, the default method is GET. The options are GET, PUT, or POST. internal *(optional, boolean)* A flag that determines whether to set x-envoy-internal to "true". If not specified, or if internal is equal to false, x-envoy-internal is not set. random_value *(optional, integer)* An integer used to identify the target for weighted cluster selection and as a factor for the routing engine to decide whether a runtime based route takes effect. The default value of random_value is 0. For routes with runtime fraction numerators of 0, the route checker tool changes the numerators to 1 so they can be tested with random_value set to 0 to simulate the route being enabled and random_value set to any int >= 1 to simulate the route being disabled. ssl *(optional, boolean)* A flag that determines whether to set x-forwarded-proto to https or http. By setting x-forwarded-proto to a given protocol, the tool is able to simulate the behavior of a client issuing a request via http or https. By default ssl is false which corresponds to x-forwarded-proto set to http. runtime *(optional, string)* A string representing the runtime setting to enable for the test. The runtime setting along with the random_value is used by the router to decide if the route should be enabled. Only a random_value lesser than the fractional percentage defined on the route entry enables the route. additional_request_headers, additional_response_headers *(optional, array)* Additional headers to be added as input for route determination. The "authority", "path", "method", "x-forwarded-proto", and "x-envoy-internal" fields are specified by the other config options and should not be set here. key *(required, string)* The name of the header field to add. value *(required, string)* The value of the header field to add. validate *(required, object)* The validate object specifies the returned route parameters to match. At least one test parameter must be specified. Use "" (empty string) to indicate that no return value is expected. For example, to test that no cluster match is expected use {"cluster_name": ""}. cluster_name *(optional, string)* Match the cluster name. virtual_cluster_name *(optional, string)* Match the virtual cluster name. virtual_host_name *(optional, string)* Match the virtual host name. host_rewrite *(optional, string)* Match the host header field after rewrite. path_rewrite *(optional, string)* Match the path header field after rewrite. path_redirect *(optional, string)* Match the returned redirect path. request_header_fields, response_header_fields *(optional, array, deprecated)* Match the listed header fields. Example header fields include the "path", "cookie", and "date" fields. The header fields are checked after all other test cases. Thus, the header fields checked will be those of the redirected or rewritten routes when applicable. These fields are deprecated. Use request_header_matches, response_header_matches instead. key *(required, string)* The name of the header field to match. value *(required, string)* The value of the header field to match. request_header_matches, response_header_matches *(optional, array)* Matchers for the listed headers. Example header fields include the "path", "cookie", and "date" fields, as well as custom headers set in the input or by the route. The header fields are checked after all other test cases. Thus, the header fields checked will be those of the redirected or rewritten routes when applicable. - Matchers are specified as :ref:`HeaderMatchers `, and behave the same way. Coverage -------- The router check tool will report route coverage at the end of a successful test run. .. code:: bash > bazel-bin/test/tools/router_check/router_check_tool --config-path ... --test-path ... Current route coverage: 0.0744863 This reporting can be leveraged to enforce a minimum coverage percentage by using the `-f` or `--fail-under` flag. If coverage falls below this percentage the test run will fail. .. code:: bash > bazel-bin/test/tools/router_check/router_check_tool --config-path ... --test-path ... --fail-under 8 Current route coverage: 7.44863% Failed to meet coverage requirement: 8% By default the coverage report measures test coverage by checking that at least one field is verified for every route. However, this can leave holes in the tests where fields aren't validated and later changed. For more comprehensive coverage you can add a flag, `--covall`, which will calculate coverage taking into account all of the possible fields that could be tested. .. code:: bash > bazel-bin/test/tools/router_check/router_check_tool --config-path ... --test-path ... --f 7 --covall Current route coverage: 6.2948% Failed to meet coverage requirement: 7% ================================================ FILE: docs/root/configuration/other_features/other_features.rst ================================================ Other features ============== .. toctree:: :maxdepth: 2 rate_limit wasm wasm_stat_sink ================================================ FILE: docs/root/configuration/other_features/rate_limit.rst ================================================ .. _config_rate_limit_service: Rate limit service ================== The :ref:`rate limit service ` configuration specifies the global rate limit service Envoy should talk to when it needs to make global rate limit decisions. If no rate limit service is configured, a "null" service will be used which will always return OK if called. * :ref:`v3 API reference ` gRPC service IDL ---------------- Envoy expects the rate limit service to support the gRPC IDL specified in :ref:`rls.proto `. See the IDL documentation for more information on how the API works. See Lyft's reference implementation `here `_. ================================================ FILE: docs/root/configuration/other_features/wasm.rst ================================================ .. _config_wasm_service: Wasm service ============ The :ref:`WasmService ` configuration specifies a singleton or per-worker Wasm service for background or on-demand activities. Example plugin configuration: .. code-block:: yaml wasm: config: config: name: "my_plugin" vm_config: runtime: "envoy.wasm.runtime.v8" code: local: filename: "/etc/envoy_filter_http_wasm_example.wasm" singleton: true The preceding snippet configures a plugin singleton service from a Wasm binary on local disk. ================================================ FILE: docs/root/configuration/other_features/wasm_stat_sink.rst ================================================ .. _config_stat_sinks_wasm: Wasm Stat Sink ============== The :ref:`WasmService ` configuration specifies a singleton or per-worker Wasm stat sink service. ================================================ FILE: docs/root/configuration/other_protocols/dubbo_filters/dubbo_filters.rst ================================================ .. _config_dubbo_filters: Dubbo filters =============== Envoy has the following builtin Dubbo filters. .. toctree:: :maxdepth: 2 router_filter ================================================ FILE: docs/root/configuration/other_protocols/dubbo_filters/router_filter.rst ================================================ .. _config_dubbo_filters_router: Router ====== The router filter implements Dubbo forwarding. It will be used in almost all Dubbo proxying scenarios. The filter's main job is to follow the instructions specified in the configured :ref:`route table `. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.dubbo.router*. ================================================ FILE: docs/root/configuration/other_protocols/other_protocols.rst ================================================ Other protocols =============== .. toctree:: :maxdepth: 2 thrift_filters/thrift_filters dubbo_filters/dubbo_filters ================================================ FILE: docs/root/configuration/other_protocols/thrift_filters/rate_limit_filter.rst ================================================ .. _config_thrift_filters_rate_limit: Rate limit ========== * Global rate limiting :ref:`architecture overview ` * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.thrift.rate_limit*. The Thrift rate limit filter will call the rate limit service when the request's route has one or more :ref:`rate limit configurations ` that match the filter's stage setting. More than one configuration can apply to a request. Each configuration results in a descriptor being sent to the rate limit service. If the rate limit service is called, and the response for any of the descriptors is over limit, an application exception indicating an internal error is returned. If there is an error in calling the rate limit service or it returns an error and :ref:`failure_mode_deny ` is set to true, an application exception indicating an internal error is returned. .. _config_thrift_filters_rate_limit_stats: Statistics ---------- The filter outputs statistics in the *cluster..ratelimit.* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ok, Counter, Total under limit responses from the rate limit service. error, Counter, Total errors contacting the rate limit service. over_limit, Counter, Total over limit responses from the rate limit service. failure_mode_allowed, Counter, "Total requests that were error(s) but were allowed through because of :ref:`failure_mode_deny ` set to false." ================================================ FILE: docs/root/configuration/other_protocols/thrift_filters/router_filter.rst ================================================ .. _config_thrift_filters_router: Router ====== The router filter implements Thrift forwarding. It will be used in almost all Thrift proxying scenarios. The filter's main job is to follow the instructions specified in the configured :ref:`route table `. * :ref:`v3 API reference ` * This filter should be configured with the name *envoy.filters.thrift.router*. Statistics ---------- The filter outputs statistics in the *thrift..* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 route_missing, Counter, Total requests with no route found. unknown_cluster, Counter, Total requests with a route that has an unknown cluster. upstream_rq_maintenance_mode, Counter, Total requests with a destination cluster in maintenance mode. no_healthy_upstream, Counter, Total requests with no healthy upstream endpoints available. ================================================ FILE: docs/root/configuration/other_protocols/thrift_filters/thrift_filters.rst ================================================ .. _config_thrift_filters: Thrift filters =============== Envoy has the following builtin Thrift filters. .. toctree:: :maxdepth: 2 rate_limit_filter router_filter ================================================ FILE: docs/root/configuration/overview/bootstrap.rst ================================================ .. _config_overview_bootstrap: Bootstrap configuration ----------------------- To use the xDS API, it's necessary to supply a bootstrap configuration file. This provides static server configuration and configures Envoy to access :ref:`dynamic configuration if needed `. This is supplied on the command-line via the :option:`-c` flag, i.e.: .. code-block:: console ./envoy -c .{json,yaml,pb,pb_text} where the extension reflects the underlying config representation. The :ref:`Bootstrap ` message is the root of the configuration. A key concept in the :ref:`Bootstrap ` message is the distinction between static and dynamic resources. Resources such as a :ref:`Listener ` or :ref:`Cluster ` may be supplied either statically in :ref:`static_resources ` or have an xDS service such as :ref:`LDS ` or :ref:`CDS ` configured in :ref:`dynamic_resources `. ================================================ FILE: docs/root/configuration/overview/examples.rst ================================================ Examples -------- Below we will use YAML representation of the config protos and a running example of a service proxying HTTP from 127.0.0.1:10000 to 127.0.0.2:1234. Static ^^^^^^ A minimal fully static bootstrap config is provided below: .. validated-code-block:: yaml :type-name: envoy.config.bootstrap.v3.Bootstrap admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 127.0.0.1, port_value: 9901 } static_resources: listeners: - name: listener_0 address: socket_address: { address: 127.0.0.1, port_value: 10000 } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/" } route: { cluster: some_service } http_filters: - name: envoy.filters.http.router clusters: - name: some_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 1234 Mostly static with dynamic EDS ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ A bootstrap config that continues from the above example with :ref:`dynamic endpoint discovery ` via an :ref:`EDS` gRPC management server listening on 127.0.0.1:5678 is provided below: .. validated-code-block:: yaml :type-name: envoy.config.bootstrap.v3.Bootstrap admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 127.0.0.1, port_value: 9901 } static_resources: listeners: - name: listener_0 address: socket_address: { address: 127.0.0.1, port_value: 10000 } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/" } route: { cluster: some_service } http_filters: - name: envoy.filters.http.router clusters: - name: some_service connect_timeout: 0.25s lb_policy: ROUND_ROBIN type: EDS eds_cluster_config: eds_config: api_config_source: api_type: GRPC grpc_services: - envoy_grpc: cluster_name: xds_cluster - name: xds_cluster connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN http2_protocol_options: connection_keepalive: interval: 30s timeout: 5s upstream_connection_options: # configure a TCP keep-alive to detect and reconnect to the admin # server in the event of a TCP socket half open connection tcp_keepalive: {} load_assignment: cluster_name: xds_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 5678 Notice above that *xds_cluster* is defined to point Envoy at the management server. Even in an otherwise completely dynamic configurations, some static resources need to be defined to point Envoy at its xDS management server(s). It's important to set appropriate :ref:`TCP Keep-Alive options ` in the `tcp_keepalive` block. This will help detect TCP half open connections to the xDS management server and re-establish a full connection. In the above example, the EDS management server could then return a proto encoding of a :ref:`DiscoveryResponse `: .. code-block:: yaml version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.2 port_value: 1234 The versioning and type URL scheme that appear above are explained in more detail in the :ref:`streaming gRPC subscription protocol ` documentation. Dynamic ^^^^^^^ A fully dynamic bootstrap configuration, in which all resources other than those belonging to the management server are discovered via xDS is provided below: .. validated-code-block:: yaml :type-name: envoy.config.bootstrap.v3.Bootstrap admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 127.0.0.1, port_value: 9901 } dynamic_resources: lds_config: api_config_source: api_type: GRPC grpc_services: - envoy_grpc: cluster_name: xds_cluster cds_config: api_config_source: api_type: GRPC grpc_services: - envoy_grpc: cluster_name: xds_cluster static_resources: clusters: - name: xds_cluster connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN http2_protocol_options: # Configure an HTTP/2 keep-alive to detect connection issues and reconnect # to the admin server if the connection is no longer responsive. connection_keepalive: interval: 30s timeout: 5s load_assignment: cluster_name: xds_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 5678 The management server could respond to LDS requests with: .. code-block:: yaml version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: listener_0 address: socket_address: address: 127.0.0.1 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO rds: route_config_name: local_route config_source: api_config_source: api_type: GRPC grpc_services: - envoy_grpc: cluster_name: xds_cluster http_filters: - name: envoy.filters.http.router The management server could respond to RDS requests with: .. code-block:: yaml version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.route.v3.RouteConfiguration name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/" } route: { cluster: some_service } The management server could respond to CDS requests with: .. code-block:: yaml version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster name: some_service connect_timeout: 0.25s lb_policy: ROUND_ROBIN type: EDS eds_cluster_config: eds_config: api_config_source: api_type: GRPC grpc_services: - envoy_grpc: cluster_name: xds_cluster The management server could respond to EDS requests with: .. code-block:: yaml version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.2 port_value: 1234 ================================================ FILE: docs/root/configuration/overview/extension.rst ================================================ .. _config_overview_extension_configuration: Extension configuration ----------------------- Each configuration resource in Envoy has a type URL in the `typed_config`. This type corresponds to a versioned schema. If the type URL uniquely identifies an extension capable of interpreting the configuration, then the extension is selected regardless of the `name` field. In this case the `name` field becomes optional and can be used as an identifier or as an annotation for the particular instance of the extension configuration. For example, the following filter configuration snippet is permitted: .. code-block:: yaml name: front-http-proxy typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO rds: route_config_name: local_route config_source: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: xds_cluster http_filters: - name: front-router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router dynamic_stats: true In case the control plane lacks the schema definitions for an extension, `udpa.type.v1.TypedStruct` should be used as a generic container. The type URL inside it is then used by a client to convert the contents to a typed configuration resource. For example, the above example could be written as follows: .. code-block:: yaml name: front-http-proxy typed_config: "@type": type.googleapis.com/udpa.type.v1.TypedStruct type_url: type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager value: stat_prefix: ingress_http codec_type: AUTO rds: route_config_name: local_route config_source: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: xds_cluster http_filters: - name: front-router typed_config: "@type": type.googleapis.com/udpa.type.v1.TypedStruct type_url: type.googleapis.com/envoy.extensions.filters.http.router.v3Router .. _config_overview_extension_discovery: Discovery service ^^^^^^^^^^^^^^^^^ Extension configuration can be supplied dynamically from an :ref:`xDS management server` using :ref:`ExtensionConfiguration discovery service`. The name field in the extension configuration acts as the resource identifier. For example, HTTP connection manager supports :ref:`dynamic filter re-configuration` for HTTP filters. Extension config discovery service has a :ref:`statistics ` tree rooted at *.extension_config_discovery.*. In addition to the common subscription statistics, it also provides the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 config_reload, Counter, Total number of successful configuration updates config_fail, Counter, Total number of failed configuration updates ================================================ FILE: docs/root/configuration/overview/introduction.rst ================================================ Introduction ============ The Envoy xDS APIs are defined as `proto3 `_ `Protocol Buffers `_ in the :repo:`api tree `. They support: * Streaming delivery of :ref:`xDS ` API updates via gRPC. This reduces resource requirements and can lower the update latency. * A new REST-JSON API in which the JSON/YAML formats are derived mechanically via the `proto3 canonical JSON mapping `_. * Delivery of updates via the filesystem, REST-JSON or gRPC endpoints. * Advanced load balancing through an extended endpoint assignment API and load and resource utilization reporting to management servers. * :ref:`Stronger consistency and ordering properties ` when needed. The APIs still maintain a baseline eventual consistency model. See the :ref:`xDS protocol description ` for further details on aspects of xDS message exchange between Envoy and the management server. ================================================ FILE: docs/root/configuration/overview/mgmt_server.rst ================================================ Management Server ----------------- .. _config_overview_mgmt_con_issues: Management Server Unreachability ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When an Envoy instance loses connectivity with the management server, Envoy will latch on to the previous configuration while actively retrying in the background to reestablish the connection with the management server. It is important that Envoy detects when a connection to a management server is unhealthy so that it can try to establish a new connection. Configuring either :ref:`TCP keep-alives ` or :ref:`HTTP/2 keepalives ` in the cluster that connects to the management server is recommended. Envoy debug logs the fact that it is not able to establish a connection with the management server every time it attempts a connection. :ref:`connected_state ` statistic provides a signal for monitoring this behavior. .. _management_server_stats: Statistics ^^^^^^^^^^ Management Server has a statistics tree rooted at *control_plane.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 connected_state, Gauge, A boolean (1 for connected and 0 for disconnected) that indicates the current connection state with management server rate_limit_enforced, Counter, Total number of times rate limit was enforced for management server requests pending_requests, Gauge, Total number of pending requests when the rate limit was enforced identifier, TextReadout, The identifier of the control plane instance that sent the last discovery response .. _subscription_statistics: xDS subscription statistics ^^^^^^^^^^^^^^^^^^^^^^^^^^^ Envoy discovers its various dynamic resources via discovery services referred to as *xDS*. Resources are requested via :ref:`subscriptions `, by specifying a filesystem path to watch, initiating gRPC streams or polling a REST-JSON URL. The following statistics are generated for all subscriptions. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 config_reload, Counter, Total API fetches that resulted in a config reload due to a different config init_fetch_timeout, Counter, Total :ref:`initial fetch timeouts ` update_attempt, Counter, Total API fetches attempted update_success, Counter, Total API fetches completed successfully update_failure, Counter, Total API fetches that failed because of network errors update_rejected, Counter, Total API fetches that failed because of schema/validation errors update_time, Gauge, Timestamp of the last successful API fetch attempt as milliseconds since the epoch. Refreshed even after a trivial configuration reload that contained no configuration changes. version, Gauge, Hash of the contents from the last successful API fetch version_text, TextReadout, The version text from the last successful API fetch control_plane.connected_state, Gauge, A boolean (1 for connected and 0 for disconnected) that indicates the current connection state with management server ================================================ FILE: docs/root/configuration/overview/overview.rst ================================================ .. _config_overview: Overview ======== .. toctree:: :maxdepth: 2 introduction versioning bootstrap examples extension xds_api mgmt_server ================================================ FILE: docs/root/configuration/overview/versioning.rst ================================================ Versioning ---------- The Envoy xDS APIs follow a well defined :repo:`versioning scheme `. Envoy supports :ref:`multiple major versions ` at any point in time. The examples in this section are taken from the v2 xDS API. Envoy has API versions for both the xDS transport, i.e. the wire protocol for moving resources between a management server and Envoy, and for resources. These are known as the transport and resource API version respectively. The transport and resource version may be mixed. For example, v3 resources may be transferred over the v2 transport protocol. In addition, an Envoy may consume mixed resource versions for distinct resource types. For example, :ref:`v3 Clusters ` may be used alongside :ref:`v2 Listeners `. Both the transport and resource API versions follow the API versioning support and deprecation :repo:`policy `. .. note:: Envoy will internally operate at the latest xDS resource version and all supported versioned resources will be transparently upgrading to this latest version on configuration ingestion. For example, v2 and v3 resources, delivered over either a v2 or v3 transport, or any mix thereof, will be internally converted into v3 resources. ================================================ FILE: docs/root/configuration/overview/xds_api.rst ================================================ .. _config_overview_management_server: xDS API endpoints ----------------- An xDS management server will implement the below endpoints as required for gRPC and/or REST serving. In both streaming gRPC and REST-JSON cases, a :ref:`DiscoveryRequest ` is sent and a :ref:`DiscoveryResponse ` received following the :ref:`xDS protocol `. Below we describe endpoints for the v2 and v3 transport API versions. .. _v2_grpc_streaming_endpoints: gRPC streaming endpoints ^^^^^^^^^^^^^^^^^^^^^^^^ .. http:post:: /envoy.api.v2.ClusterDiscoveryService/StreamClusters .. http:post:: /envoy.service.cluster.v3.ClusterDiscoveryService/StreamClusters See :repo:`cds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml cds_config: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set in the :ref:`dynamic_resources ` of the :ref:`Bootstrap ` config. .. http:post:: /envoy.api.v2.EndpointDiscoveryService/StreamEndpoints .. http:post:: /envoy.service.endpoint.v3.EndpointDiscoveryService/StreamEndpoints See :repo:`eds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml eds_config: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set in the :ref:`eds_cluster_config ` field of the :ref:`Cluster ` config. .. http:post:: /envoy.api.v2.ListenerDiscoveryService/StreamListeners .. http:post:: /envoy.service.listener.v3.ListenerDiscoveryService/StreamListeners See :repo:`lds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml lds_config: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set in the :ref:`dynamic_resources ` of the :ref:`Bootstrap ` config. .. http:post:: /envoy.api.v2.RouteDiscoveryService/StreamRoutes .. http:post:: /envoy.service.route.v3.RouteDiscoveryService/StreamRoutes See :repo:`rds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml route_config_name: some_route_name config_source: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set in the :ref:`rds ` field of the :ref:`HttpConnectionManager ` config. .. http:post:: /envoy.api.v2.ScopedRoutesDiscoveryService/StreamScopedRoutes .. http:post:: /envoy.service.route.v3.ScopedRoutesDiscoveryService/StreamScopedRoutes See :repo:`srds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml name: some_scoped_route_name scoped_rds: config_source: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set in the :ref:`scoped_routes ` field of the :ref:`HttpConnectionManager ` config. .. http:post:: /envoy.service.discovery.v2.SecretDiscoveryService/StreamSecrets .. http:post:: /envoy.service.secret.v3.SecretDiscoveryService/StreamSecrets See :repo:`sds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml name: some_secret_name config_source: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set inside a :ref:`SdsSecretConfig ` message. This message is used in various places such as the :ref:`CommonTlsContext `. .. http:post:: /envoy.service.discovery.v2.RuntimeDiscoveryService/StreamRuntime .. http:post:: /envoy.service.runtime.v3.RuntimeDiscoveryService/StreamRuntime See :repo:`rtds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml name: some_runtime_layer_name config_source: api_config_source: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_xds_cluster is set inside the :ref:`rtds_layer ` field. REST endpoints ^^^^^^^^^^^^^^ .. http:post:: /v2/discovery:clusters .. http:post:: /v3/discovery:clusters See :repo:`cds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml cds_config: api_config_source: api_type: REST transport_api_version: cluster_names: [some_xds_cluster] is set in the :ref:`dynamic_resources ` of the :ref:`Bootstrap ` config. .. http:post:: /v2/discovery:endpoints .. http:post:: /v3/discovery:endpoints See :repo:`eds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml eds_config: api_config_source: api_type: REST transport_api_version: cluster_names: [some_xds_cluster] is set in the :ref:`eds_cluster_config ` field of the :ref:`Cluster ` config. .. http:post:: /v2/discovery:listeners .. http:post:: /v3/discovery:listeners See :repo:`lds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml lds_config: api_config_source: api_type: REST transport_api_version: cluster_names: [some_xds_cluster] is set in the :ref:`dynamic_resources ` of the :ref:`Bootstrap ` config. .. http:post:: /v2/discovery:routes .. http:post:: /v3/discovery:routes See :repo:`rds.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml route_config_name: some_route_name config_source: api_config_source: api_type: REST transport_api_version: cluster_names: [some_xds_cluster] is set in the :ref:`rds ` field of the :ref:`HttpConnectionManager ` config. .. note:: The management server responding to these endpoints must respond with a :ref:`DiscoveryResponse ` along with a HTTP status of 200. Additionally, if the configuration that would be supplied has not changed (as indicated by the version supplied by the Envoy client) then the management server can respond with an empty body and a HTTP status of 304. .. _config_overview_ads: Aggregated Discovery Service ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ While Envoy fundamentally employs an eventual consistency model, ADS provides an opportunity to sequence API update pushes and ensure affinity of a single management server for an Envoy node for API updates. ADS allows one or more APIs and their resources to be delivered on a single, bidirectional gRPC stream by the management server. Without this, some APIs such as RDS and EDS may require the management of multiple streams and connections to distinct management servers. ADS will allow for hitless updates of configuration by appropriate sequencing. For example, suppose *foo.com* was mapped to cluster *X*. We wish to change the mapping in the route table to point *foo.com* at cluster *Y*. In order to do this, a CDS/EDS update must first be delivered containing both clusters *X* and *Y*. Without ADS, the CDS/EDS/RDS streams may point at distinct management servers, or when on the same management server at distinct gRPC streams/connections that require coordination. The EDS resource requests may be split across two distinct streams, one for *X* and one for *Y*. ADS allows these to be coalesced to a single stream to a single management server, avoiding the need for distributed synchronization to correctly sequence the update. With ADS, the management server would deliver the CDS, EDS and then RDS updates on a single stream. ADS is only available for gRPC streaming (not REST) and is described more fully in :ref:`xDS ` document. The gRPC endpoint is: .. http:post:: /envoy.service.discovery.v2.AggregatedDiscoveryService/StreamAggregatedResources .. http:post:: /envoy.service.discovery.v3.AggregatedDiscoveryService/StreamAggregatedResources See :repo:`discovery.proto ` for the service definition. This is used by Envoy as a client when .. code-block:: yaml ads_config: api_type: GRPC transport_api_version: grpc_services: envoy_grpc: cluster_name: some_ads_cluster is set in the :ref:`dynamic_resources ` of the :ref:`Bootstrap ` config. When this is set, any of the configuration sources :ref:`above ` can be set to use the ADS channel. For example, a LDS config could be changed from .. code-block:: yaml lds_config: api_config_source: api_type: REST cluster_names: [some_xds_cluster] to .. code-block:: yaml lds_config: {ads: {}} with the effect that the LDS stream will be directed to *some_ads_cluster* over the shared ADS channel. .. _config_overview_delta: Delta endpoints ^^^^^^^^^^^^^^^ The REST, filesystem, and original gRPC xDS implementations all deliver "state of the world" updates: every CDS update must contain every cluster, with the absence of a cluster from an update implying that the cluster is gone. For Envoy deployments with huge amounts of resources and even a trickle of churn, these state-of-the-world updates can be cumbersome. As of 1.12.0, Envoy supports a "delta" variant of xDS (including ADS), where updates only contain resources added/changed/removed. Delta xDS is a gRPC (only) protocol. Delta uses different request/response protos than SotW (DeltaDiscovery{Request,Response}); see :repo:`discovery.proto `. Conceptually, delta should be viewed as a new xDS transport type: there is static, filesystem, REST, gRPC-SotW, and now gRPC-delta. (Envoy's implementation of the gRPC-SotW/delta client happens to share most of its code between the two, and something similar is likely possible on the server side. However, they are in fact incompatible protocols. :ref:`The specification of the delta xDS protocol's behavior is here `.) To use delta, simply set the api_type field of your :ref:`ApiConfigSource ` proto(s) to DELTA_GRPC. That works for both xDS and ADS; for ADS, it's the api_type field of :ref:`DynamicResources.ads_config `, as described in the previous section. ================================================ FILE: docs/root/configuration/security/secret.rst ================================================ .. _config_secret_discovery_service: Secret discovery service (SDS) ============================== TLS certificates, the secrets, can be specified in the bootstrap.static_resource :ref:`secrets `. But they can also be fetched remotely by secret discovery service (SDS). The most important benefit of SDS is to simplify the certificate management. Without this feature, in k8s deployment, certificates must be created as secrets and mounted into the proxy containers. If certificates are expired, the secrets need to be updated and the proxy containers need to be re-deployed. With SDS, a central SDS server will push certificates to all Envoy instances. If certificates are expired, the server just pushes new certificates to Envoy instances, Envoy will use the new ones right away without re-deployment. If a listener server certificate needs to be fetched by SDS remotely, it will NOT be marked as active, its port will not be opened before the certificates are fetched. If Envoy fails to fetch the certificates due to connection failures, or bad response data, the listener will be marked as active, and the port will be open, but the connection to the port will be reset. Upstream clusters are handled in a similar way, if a cluster client certificate needs to be fetched by SDS remotely, it will NOT be marked as active and it will not be used before the certificates are fetched. If Envoy fails to fetch the certificates due to connection failures, or bad response data, the cluster will be marked as active, it can be used to handle the requests, but the requests routed to that cluster will be rejected. If a static cluster is using SDS, and it needs to define a SDS cluster (unless Google gRPC is used which doesn't need a cluster), the SDS cluster has to be defined before the static clusters using it. The connection between Envoy proxy and SDS server has to be secure. One option is to run the SDS server on the same host and use Unix Domain Socket for the connection. Otherwise the connection requires TLS with authentication between the proxy and SDS server. Credential types in use today for authentication are: * mTLS -- In this case, the client certificates for the SDS connection must be statically configured. * AWS IAM SigV4 SDS server ---------- A SDS server needs to implement the gRPC service :repo:`SecretDiscoveryService `. It follows the same protocol as other :ref:`xDS `. SDS Configuration ----------------- :ref:`SdsSecretConfig ` is used to specify the secret. Its field *name* is a required field. If its *sds_config* field is empty, the *name* field specifies the secret in the bootstrap static_resource :ref:`secrets `. Otherwise, it specifies the SDS server as :ref:`ConfigSource `. Only gRPC is supported for the SDS service so its *api_config_source* must specify a **grpc_service**. *SdsSecretConfig* is used in two fields in :ref:`CommonTlsContext `. The first field is *tls_certificate_sds_secret_configs* to use SDS to get :ref:`TlsCertificate `. The second field is *validation_context_sds_secret_config* to use SDS to get :ref:`CertificateValidationContext `. Example one: static_resource ----------------------------- This example show how to configure secrets in the static_resource: .. code-block:: yaml static_resources: secrets: - name: server_cert tls_certificate: certificate_chain: filename: certs/servercert.pem private_key: filename: certs/serverkey.pem - name: client_cert tls_certificate: certificate_chain: filename: certs/clientcert.pem private_key: filename: certs/clientkey.pem - name: validation_context validation_context: trusted_ca: filename: certs/cacert.pem verify_certificate_hash: E0:F3:C8:CE:5E:2E:A3:05:F0:70:1F:F5:12:E3:6E:2E:97:92:82:84:A2:28:BC:F7:73:32:D3:39:30:A1:B6:FD clusters: - connect_timeout: 0.25s load_assignment: cluster_name: local_service_tls ... transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: tls_certificate_sds_secret_configs: - name: client_cert listeners: .... filter_chains: transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificate_sds_secret_configs: - name: server_cert validation_context_sds_secret_config: name: validation_context In this example, certificates are specified in the bootstrap static_resource, they are not fetched remotely. In the config, *secrets* static resource has 3 secrets: **client_cert**, **server_cert** and **validation_context**. In the cluster config, one of hosts uses **client_cert** in its *tls_certificate_sds_secret_configs*. In the listeners section, one of them uses **server_cert** in its *tls_certificate_sds_secret_configs* and **validation_context** for its *validation_context_sds_secret_config*. .. _sds_server_example: Example two: SDS server ------------------------ This example shows how to configure secrets fetched from remote SDS servers: .. code-block:: yaml clusters: - name: sds_server_mtls http2_protocol_options: connection_keepalive: interval: 30s timeout: 5s load_assignment: cluster_name: sds_server_mtls endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8234 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: - tls_certificate: certificate_chain: filename: certs/sds_cert.pem private_key: filename: certs/sds_key.pem - name: sds_server_uds http2_protocol_options: {} load_assignment: cluster_name: sds_server_uds endpoints: - lb_endpoints: - endpoint: address: pipe: path: /tmp/uds_path - name: example_cluster connect_timeout: 0.25s load_assignment: cluster_name: local_service_tls ... transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: tls_certificate_sds_secret_configs: - name: client_cert sds_config: api_config_source: api_type: GRPC grpc_services: google_grpc: target_uri: unix:/tmp/uds_path listeners: .... filter_chains: - transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificate_sds_secret_configs: - name: server_cert sds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: sds_server_mtls validation_context_sds_secret_config: name: validation_context sds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: sds_server_uds For illustration, above example uses three methods to access the SDS server. A gRPC SDS server can be reached by Unix Domain Socket path **/tmp/uds_path** and **127.0.0.1:8234** by mTLS. It provides three secrets, **client_cert**, **server_cert** and **validation_context**. In the config, cluster **example_cluster** certificate **client_cert** is configured to use Google gRPC with UDS to talk to the SDS server. The Listener needs to fetch **server_cert** and **validation_context** from the SDS server. The **server_cert** is using Envoy gRPC with cluster **sds_server_mtls** configured with client certificate to use mTLS to talk to SDS server. The **validate_context** is using Envoy gRPC with cluster **sds_server_uds** configured with UDS path to talk to the SDS server. .. _xds_certificate_rotation: Example three: certificate rotation for xDS gRPC connection ------------------------------------------------------------ Managing certificates for xDS gRPC connection between Envoy and xDS server introduces a bootstrapping problem: SDS server cannot manage certificates that are required to connect to the server. This example shows how to set up xDS connection by sourcing SDS configuration from the filesystem. The certificate and key files are watched with inotify and reloaded automatically without restart. In contrast, :ref:`sds_server_example` requires a restart to reload xDS certificates and key after update. .. code-block:: yaml clusters: - name: control_plane type: LOGICAL_DNS connect_timeout: 1s load_assignment: cluster_name: control_plane endpoints: - lb_endpoints: - endpoint: address: socket_address: address: controlplane port_value: 8443 http2_protocol_options: {} transport_socket: name: "envoy.transport_sockets.tls" typed_config: "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext" common_tls_context: tls_certificate_sds_secret_configs: sds_config: path: /etc/envoy/tls_certificate_sds_secret.yaml validation_context_sds_secret_config: sds_config: path: /etc/envoy/validation_context_sds_secret.yaml Paths to client certificate, including client's certificate chain and private key are given in SDS config file ``/etc/envoy/tls_certificate_sds_secret.yaml``: .. code-block:: yaml resources: - "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret" tls_certificate: certificate_chain: filename: /certs/sds_cert.pem private_key: filename: /certs/sds_key.pem Path to CA certificate bundle for validating the xDS server certificate is given in SDS config file ``/etc/envoy/validation_context_sds_secret.yaml``: .. code-block:: yaml resources: - "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret" validation_context: trusted_ca: filename: /certs/cacert.pem Statistics ---------- SSL socket factory outputs following SDS related statistics. They are all counter type. For downstream listeners, they are in the *listener..server_ssl_socket_factory.* namespace. .. csv-table:: :header: Name, Description :widths: 1, 2 ssl_context_update_by_sds, Total number of ssl context has been updated. downstream_context_secrets_not_ready, Total number of downstream connections reset due to empty ssl certificate. For upstream clusters, they are in the *cluster..client_ssl_socket_factory.* namespace. .. csv-table:: :header: Name, Description :widths: 1, 2 ssl_context_update_by_sds, Total number of ssl context has been updated. upstream_context_secrets_not_ready, Total number of upstream connections reset due to empty ssl certificate. ================================================ FILE: docs/root/configuration/security/security.rst ================================================ Security ======== .. toctree:: :maxdepth: 2 secret ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cds.rst ================================================ .. _config_cluster_manager_cds: Cluster discovery service ========================= The cluster discovery service (CDS) is an optional API that Envoy will call to dynamically fetch cluster manager members. Envoy will reconcile the API response and add, modify, or remove known clusters depending on what is required. .. note:: Any clusters that are statically defined within the Envoy configuration cannot be modified or removed via the CDS API. * :ref:`v3 CDS API ` Statistics ---------- CDS has a :ref:`statistics ` tree rooted at *cluster_manager.cds.* ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cluster_circuit_breakers.rst ================================================ .. _config_cluster_manager_cluster_circuit_breakers: Circuit breaking ================ * Circuit Breaking :ref:`architecture overview `. * :ref:`v3 API documentation `. The following is an example circuit breaker configuration: .. code-block:: yaml circuit_breakers: thresholds: - priority: "DEFAULT" max_requests: 75 max_pending_requests: 35 retry_budget: budget_percent: value: 25.0 min_retry_concurrency: 10 Runtime ------- All circuit breaking settings are runtime configurable for all defined priorities based on cluster name. They follow the following naming scheme ``circuit_breakers...``. ``cluster_name`` is the name field in each cluster's configuration, which is set in the Envoy :ref:`config file `. Available runtime settings will override settings set in the Envoy config file. ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cluster_hc.rst ================================================ .. _config_cluster_manager_cluster_hc: Health checking =============== * Health checking :ref:`architecture overview `. * If health checking is configured for a cluster, additional statistics are emitted. They are documented :ref:`here `. * :ref:`v3 API documentation `. .. _config_cluster_manager_cluster_hc_tcp_health_checking: TCP health checking ------------------- The type of matching performed is the following: .. code-block:: yaml tcp_health_check: send: {text: '0101'} receive: [{text: '02'}, {text: '03'}] During each health check cycle, all of the "send" bytes are sent to the target server. When checking the response, "fuzzy" matching is performed such that each block must be found, and in the order specified, but not necessarily contiguous. Thus, in the example above, "04" could be inserted in the response between "02" and "03" and the check would still pass. This is done to support protocols that insert non-deterministic data, such as time, into the response. Health checks that require a more complex pattern such as send/receive/send/receive are not currently possible. If "receive" is an empty array, Envoy will perform "connect only" TCP health checking. During each cycle, Envoy will attempt to connect to the upstream host, and consider it a success if the connection succeeds. A new connection is created for each health check cycle. ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cluster_manager.rst ================================================ .. _config_cluster_manager: Cluster manager =============== .. toctree:: :maxdepth: 2 overview cluster_stats cluster_runtime cds cluster_hc cluster_circuit_breakers ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cluster_runtime.rst ================================================ .. _config_cluster_manager_cluster_runtime: Runtime ======= Upstream clusters support the following runtime settings: Active health checking ---------------------- health_check.min_interval Min value for the health checking :ref:`interval `. Default value is 1 ms. The effective health check interval will be no less than 1ms. The health checking interval will be between *min_interval* and *max_interval*. health_check.max_interval Max value for the health checking :ref:`interval `. Default value is MAX_INT. The effective health check interval will be no less than 1ms. The health checking interval will be between *min_interval* and *max_interval*. health_check.verify_cluster What % of health check requests will be verified against the :ref:`expected upstream service ` as the :ref:`health check filter ` will write the remote service cluster into the response. .. _config_cluster_manager_cluster_runtime_outlier_detection: Outlier detection ----------------- See the outlier detection :ref:`architecture overview ` for more information on outlier detection. The runtime parameters supported by outlier detection are the same as the :ref:`static configuration parameters `, namely: outlier_detection.consecutive_5xx :ref:`consecutive_5XX ` setting in outlier detection outlier_detection.consecutive_gateway_failure :ref:`consecutive_gateway_failure ` setting in outlier detection outlier_detection.consecutive_local_origin_failure :ref:`consecutive_local_origin_failure ` setting in outlier detection outlier_detection.interval_ms :ref:`interval_ms ` setting in outlier detection outlier_detection.base_ejection_time_ms :ref:`base_ejection_time_ms ` setting in outlier detection outlier_detection.max_ejection_percent :ref:`max_ejection_percent ` setting in outlier detection outlier_detection.enforcing_consecutive_5xx :ref:`enforcing_consecutive_5xx ` setting in outlier detection outlier_detection.enforcing_consecutive_gateway_failure :ref:`enforcing_consecutive_gateway_failure ` setting in outlier detection outlier_detection.enforcing_consecutive_local_origin_failure :ref:`enforcing_consecutive_local_origin_failure ` setting in outlier detection outlier_detection.enforcing_success_rate :ref:`enforcing_success_rate ` setting in outlier detection outlier_detection.enforcing_local_origin_success_rate :ref:`enforcing_local_origin_success_rate ` setting in outlier detection outlier_detection.success_rate_minimum_hosts :ref:`success_rate_minimum_hosts ` setting in outlier detection outlier_detection.success_rate_request_volume :ref:`success_rate_request_volume ` setting in outlier detection outlier_detection.success_rate_stdev_factor :ref:`success_rate_stdev_factor ` setting in outlier detection outlier_detection.enforcing_failure_percentage :ref:`enforcing_failure_percentage ` setting in outlier detection outlier_detection.enforcing_failure_percentage_local_origin :ref:`enforcing_failure_percentage_local_origin ` setting in outlier detection outlier_detection.failure_percentage_request_volume :ref:`failure_percentage_request_volume ` setting in outlier detection outlier_detection.failure_percentage_minimum_hosts :ref:`failure_percentage_minimum_hosts ` setting in outlier detection outlier_detection.failure_percentage_threshold :ref:`failure_percentage_threshold ` setting in outlier detection Core ---- upstream.healthy_panic_threshold Sets the :ref:`panic threshold ` percentage. Defaults to 50%. upstream.use_http2 Whether the cluster utilizes the *http2* :ref:`protocol options ` if configured. Set to 0 to disable HTTP/2 even if the feature is configured. Defaults to enabled. .. _config_cluster_manager_cluster_runtime_zone_routing: Zone aware load balancing ------------------------- upstream.zone_routing.enabled % of requests that will be routed to the same upstream zone. Defaults to 100% of requests. upstream.zone_routing.min_cluster_size Minimal size of the upstream cluster for which zone aware routing can be attempted. Default value is 6. If the upstream cluster size is smaller than *min_cluster_size* zone aware routing will not be performed. Circuit breaking ---------------- circuit_breakers...max_connections :ref:`Max connections circuit breaker setting ` circuit_breakers...max_pending_requests :ref:`Max pending requests circuit breaker setting ` circuit_breakers...max_requests :ref:`Max requests circuit breaker setting ` circuit_breakers...max_retries :ref:`Max retries circuit breaker setting ` circuit_breakers...retry_budget.budget_percent :ref:`Max retries circuit breaker setting ` circuit_breakers...retry_budget.min_retry_concurrency :ref:`Max retries circuit breaker setting ` ================================================ FILE: docs/root/configuration/upstream/cluster_manager/cluster_stats.rst ================================================ .. _config_cluster_manager_cluster_stats: Statistics ========== .. contents:: :local: General ------- The cluster manager has a statistics tree rooted at *cluster_manager.* with the following statistics. Any ``:`` character in the stats name is replaced with ``_``. Stats include all clusters managed by the cluster manager, including both clusters used for data plane upstreams and control plane xDS clusters. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 cluster_added, Counter, Total clusters added (either via static config or CDS) cluster_modified, Counter, Total clusters modified (via CDS) cluster_removed, Counter, Total clusters removed (via CDS) cluster_updated, Counter, Total cluster updates cluster_updated_via_merge, Counter, Total cluster updates applied as merged updates update_merge_cancelled, Counter, Total merged updates that got cancelled and delivered early update_out_of_merge_window, Counter, Total updates which arrived out of a merge window active_clusters, Gauge, Number of currently active (warmed) clusters warming_clusters, Gauge, Number of currently warming (not active) clusters Every cluster has a statistics tree rooted at *cluster..* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_cx_total, Counter, Total connections upstream_cx_active, Gauge, Total active connections upstream_cx_http1_total, Counter, Total HTTP/1.1 connections upstream_cx_http2_total, Counter, Total HTTP/2 connections upstream_cx_connect_fail, Counter, Total connection failures upstream_cx_connect_timeout, Counter, Total connection connect timeouts upstream_cx_idle_timeout, Counter, Total connection idle timeouts upstream_cx_connect_attempts_exceeded, Counter, Total consecutive connection failures exceeding configured connection attempts upstream_cx_overflow, Counter, Total times that the cluster's connection circuit breaker overflowed upstream_cx_connect_ms, Histogram, Connection establishment milliseconds upstream_cx_length_ms, Histogram, Connection length milliseconds upstream_cx_destroy, Counter, Total destroyed connections upstream_cx_destroy_local, Counter, Total connections destroyed locally upstream_cx_destroy_remote, Counter, Total connections destroyed remotely upstream_cx_destroy_with_active_rq, Counter, Total connections destroyed with 1+ active request upstream_cx_destroy_local_with_active_rq, Counter, Total connections destroyed locally with 1+ active request upstream_cx_destroy_remote_with_active_rq, Counter, Total connections destroyed remotely with 1+ active request upstream_cx_close_notify, Counter, Total connections closed via HTTP/1.1 connection close header or HTTP/2 GOAWAY upstream_cx_rx_bytes_total, Counter, Total received connection bytes upstream_cx_rx_bytes_buffered, Gauge, Received connection bytes currently buffered upstream_cx_tx_bytes_total, Counter, Total sent connection bytes upstream_cx_tx_bytes_buffered, Gauge, Send connection bytes currently buffered upstream_cx_pool_overflow, Counter, Total times that the cluster's connection pool circuit breaker overflowed upstream_cx_protocol_error, Counter, Total connection protocol errors upstream_cx_max_requests, Counter, Total connections closed due to maximum requests upstream_cx_none_healthy, Counter, Total times connection not established due to no healthy hosts upstream_rq_total, Counter, Total requests upstream_rq_active, Gauge, Total active requests upstream_rq_pending_total, Counter, Total requests pending a connection pool connection upstream_rq_pending_overflow, Counter, Total requests that overflowed connection pool or requests (mainly for HTTP/2) circuit breaking and were failed upstream_rq_pending_failure_eject, Counter, Total requests that were failed due to a connection pool connection failure or remote connection termination upstream_rq_pending_active, Gauge, Total active requests pending a connection pool connection upstream_rq_cancelled, Counter, Total requests cancelled before obtaining a connection pool connection upstream_rq_maintenance_mode, Counter, Total requests that resulted in an immediate 503 due to :ref:`maintenance mode` upstream_rq_timeout, Counter, Total requests that timed out waiting for a response upstream_rq_max_duration_reached, Counter, Total requests closed due to max duration reached upstream_rq_per_try_timeout, Counter, Total requests that hit the per try timeout (except when request hedging is enabled) upstream_rq_rx_reset, Counter, Total requests that were reset remotely upstream_rq_tx_reset, Counter, Total requests that were reset locally upstream_rq_retry, Counter, Total request retries upstream_rq_retry_backoff_exponential, Counter, Total retries using the exponential backoff strategy upstream_rq_retry_backoff_ratelimited, Counter, Total retries using the ratelimited backoff strategy upstream_rq_retry_limit_exceeded, Counter, Total requests not retried due to exceeding :ref:`the configured number of maximum retries ` upstream_rq_retry_success, Counter, Total request retry successes upstream_rq_retry_overflow, Counter, Total requests not retried due to circuit breaking or exceeding the :ref:`retry budget ` upstream_flow_control_paused_reading_total, Counter, Total number of times flow control paused reading from upstream upstream_flow_control_resumed_reading_total, Counter, Total number of times flow control resumed reading from upstream upstream_flow_control_backed_up_total, Counter, Total number of times the upstream connection backed up and paused reads from downstream upstream_flow_control_drained_total, Counter, Total number of times the upstream connection drained and resumed reads from downstream upstream_internal_redirect_failed_total, Counter, Total number of times failed internal redirects resulted in redirects being passed downstream. upstream_internal_redirect_succeed_total, Counter, Total number of times internal redirects resulted in a second upstream request. membership_change, Counter, Total cluster membership changes membership_healthy, Gauge, Current cluster healthy total (inclusive of both health checking and outlier detection) membership_degraded, Gauge, Current cluster degraded total membership_total, Gauge, Current cluster membership total retry_or_shadow_abandoned, Counter, Total number of times shadowing or retry buffering was canceled due to buffer limits config_reload, Counter, Total API fetches that resulted in a config reload due to a different config update_attempt, Counter, Total attempted cluster membership updates by service discovery update_success, Counter, Total successful cluster membership updates by service discovery update_failure, Counter, Total failed cluster membership updates by service discovery update_empty, Counter, Total cluster membership updates ending with empty cluster load assignment and continuing with previous config update_no_rebuild, Counter, Total successful cluster membership updates that didn't result in any cluster load balancing structure rebuilds version, Gauge, Hash of the contents from the last successful API fetch max_host_weight, Gauge, Maximum weight of any host in the cluster bind_errors, Counter, Total errors binding the socket to the configured source address assignment_timeout_received, Counter, Total assignments received with endpoint lease information. assignment_stale, Counter, Number of times the received assignments went stale before new assignments arrived. Health check statistics ----------------------- If health check is configured, the cluster has an additional statistics tree rooted at *cluster..health_check.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 attempt, Counter, Number of health checks success, Counter, Number of successful health checks failure, Counter, Number of immediately failed health checks (e.g. HTTP 503) as well as network failures passive_failure, Counter, Number of health check failures due to passive events (e.g. x-envoy-immediate-health-check-fail) network_failure, Counter, Number of health check failures due to network error verify_cluster, Counter, Number of health checks that attempted cluster name verification healthy, Gauge, Number of healthy members .. _config_cluster_manager_cluster_stats_outlier_detection: Outlier detection statistics ---------------------------- If :ref:`outlier detection ` is configured for a cluster, statistics will be rooted at *cluster..outlier_detection.* and contain the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 ejections_enforced_total, Counter, Number of enforced ejections due to any outlier type ejections_active, Gauge, Number of currently ejected hosts ejections_overflow, Counter, Number of ejections aborted due to the max ejection % ejections_enforced_consecutive_5xx, Counter, Number of enforced consecutive 5xx ejections ejections_detected_consecutive_5xx, Counter, Number of detected consecutive 5xx ejections (even if unenforced) ejections_enforced_success_rate, Counter, Number of enforced success rate outlier ejections. Exact meaning of this counter depends on :ref:`outlier_detection.split_external_local_origin_errors` config item. Refer to :ref:`Outlier Detection documentation` for details. ejections_detected_success_rate, Counter, Number of detected success rate outlier ejections (even if unenforced). Exact meaning of this counter depends on :ref:`outlier_detection.split_external_local_origin_errors` config item. Refer to :ref:`Outlier Detection documentation` for details. ejections_enforced_consecutive_gateway_failure, Counter, Number of enforced consecutive gateway failure ejections ejections_detected_consecutive_gateway_failure, Counter, Number of detected consecutive gateway failure ejections (even if unenforced) ejections_enforced_consecutive_local_origin_failure, Counter, Number of enforced consecutive local origin failure ejections ejections_detected_consecutive_local_origin_failure, Counter, Number of detected consecutive local origin failure ejections (even if unenforced) ejections_enforced_local_origin_success_rate, Counter, Number of enforced success rate outlier ejections for locally originated failures ejections_detected_local_origin_success_rate, Counter, Number of detected success rate outlier ejections for locally originated failures (even if unenforced) ejections_enforced_failure_percentage, Counter, Number of enforced failure percentage outlier ejections. Exact meaning of this counter depends on :ref:`outlier_detection.split_external_local_origin_errors` config item. Refer to :ref:`Outlier Detection documentation` for details. ejections_detected_failure_percentage, Counter, Number of detected failure percentage outlier ejections (even if unenforced). Exact meaning of this counter depends on :ref:`outlier_detection.split_external_local_origin_errors` config item. Refer to :ref:`Outlier Detection documentation` for details. ejections_enforced_failure_percentage_local_origin, Counter, Number of enforced failure percentage outlier ejections for locally originated failures ejections_detected_failure_percentage_local_origin, Counter, Number of detected failure percentage outlier ejections for locally originated failures (even if unenforced) ejections_total, Counter, Deprecated. Number of ejections due to any outlier type (even if unenforced) ejections_consecutive_5xx, Counter, Deprecated. Number of consecutive 5xx ejections (even if unenforced) .. _config_cluster_manager_cluster_stats_circuit_breakers: Circuit breakers statistics --------------------------- Circuit breakers statistics will be rooted at *cluster..circuit_breakers..* and contain the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 cx_open, Gauge, Whether the connection circuit breaker is closed (0) or open (1) cx_pool_open, Gauge, Whether the connection pool circuit breaker is closed (0) or open (1) rq_pending_open, Gauge, Whether the pending requests circuit breaker is closed (0) or open (1) rq_open, Gauge, Whether the requests circuit breaker is closed (0) or open (1) rq_retry_open, Gauge, Whether the retry circuit breaker is closed (0) or open (1) remaining_cx, Gauge, Number of remaining connections until the circuit breaker opens remaining_pending, Gauge, Number of remaining pending requests until the circuit breaker opens remaining_rq, Gauge, Number of remaining requests until the circuit breaker opens remaining_retries, Gauge, Number of remaining retries until the circuit breaker opens .. _config_cluster_manager_cluster_stats_timeout_budgets: Timeout budget statistics ------------------------- If :ref:`timeout budget statistic tracking ` is turned on, statistics will be added to *cluster.* and contain the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_timeout_budget_percent_used, Histogram, What percentage of the global timeout was used waiting for a response upstream_rq_timeout_budget_per_try_percent_used, Histogram, What percentage of the per try timeout was used waiting for a response .. _config_cluster_manager_cluster_stats_dynamic_http: Dynamic HTTP statistics ----------------------- If HTTP is used, dynamic HTTP response code statistics are also available. These are emitted by various internal systems as well as some filters such as the :ref:`router filter ` and :ref:`rate limit filter `. They are rooted at *cluster..* and contain the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_completed, Counter, "Total upstream requests completed" upstream_rq_<\*xx>, Counter, "Aggregate HTTP response codes (e.g., 2xx, 3xx, etc.)" upstream_rq_<\*>, Counter, "Specific HTTP response codes (e.g., 201, 302, etc.)" upstream_rq_time, Histogram, Request time milliseconds canary.upstream_rq_completed, Counter, "Total upstream canary requests completed" canary.upstream_rq_<\*xx>, Counter, Upstream canary aggregate HTTP response codes canary.upstream_rq_<\*>, Counter, Upstream canary specific HTTP response codes canary.upstream_rq_time, Histogram, Upstream canary request time milliseconds internal.upstream_rq_completed, Counter, "Total internal origin requests completed" internal.upstream_rq_<\*xx>, Counter, Internal origin aggregate HTTP response codes internal.upstream_rq_<\*>, Counter, Internal origin specific HTTP response codes internal.upstream_rq_time, Histogram, Internal origin request time milliseconds external.upstream_rq_completed, Counter, "Total external origin requests completed" external.upstream_rq_<\*xx>, Counter, External origin aggregate HTTP response codes external.upstream_rq_<\*>, Counter, External origin specific HTTP response codes external.upstream_rq_time, Histogram, External origin request time milliseconds .. _config_cluster_manager_cluster_stats_alt_tree: Alternate tree dynamic HTTP statistics -------------------------------------- If alternate tree statistics are configured, they will be present in the *cluster...* namespace. The statistics produced are the same as documented in the dynamic HTTP statistics section :ref:`above `. .. _config_cluster_manager_cluster_per_az_stats: Per service zone dynamic HTTP statistics ---------------------------------------- If the service zone is available for the local service (via :option:`--service-zone`) and the :ref:`upstream cluster `, Envoy will track the following statistics in *cluster..zone...* namespace. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_<\*xx>, Counter, "Aggregate HTTP response codes (e.g., 2xx, 3xx, etc.)" upstream_rq_<\*>, Counter, "Specific HTTP response codes (e.g., 201, 302, etc.)" upstream_rq_time, Histogram, Request time milliseconds Load balancer statistics ------------------------ Statistics for monitoring load balancer decisions. Stats are rooted at *cluster..* and contain the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 lb_recalculate_zone_structures, Counter, The number of times locality aware routing structures are regenerated for fast decisions on upstream locality selection lb_healthy_panic, Counter, Total requests load balanced with the load balancer in panic mode lb_zone_cluster_too_small, Counter, No zone aware routing because of small upstream cluster size lb_zone_routing_all_directly, Counter, Sending all requests directly to the same zone lb_zone_routing_sampled, Counter, Sending some requests to the same zone lb_zone_routing_cross_zone, Counter, Zone aware routing mode but have to send cross zone lb_local_cluster_not_ok, Counter, Local host set is not set or it is panic mode for local cluster lb_zone_number_differs, Counter, Number of zones in local and upstream cluster different lb_zone_no_capacity_left, Counter, Total number of times ended with random zone selection due to rounding error original_dst_host_invalid, Counter, Total number of invalid hosts passed to original destination load balancer .. _config_cluster_manager_cluster_stats_subset_lb: Load balancer subset statistics ------------------------------- Statistics for monitoring :ref:`load balancer subset ` decisions. Stats are rooted at *cluster..* and contain the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 lb_subsets_active, Gauge, Number of currently available subsets lb_subsets_created, Counter, Number of subsets created lb_subsets_removed, Counter, Number of subsets removed due to no hosts lb_subsets_selected, Counter, Number of times any subset was selected for load balancing lb_subsets_fallback, Counter, Number of times the fallback policy was invoked lb_subsets_fallback_panic, Counter, Number of times the subset panic mode triggered lb_subsets_single_host_per_subset_duplicate, Gauge, Number of duplicate (unused) hosts when using :ref:`single_host_per_subset ` .. _config_cluster_manager_cluster_stats_ring_hash_lb: Ring hash load balancer statistics ---------------------------------- Statistics for monitoring the size and effective distribution of hashes when using the :ref:`ring hash load balancer `. Stats are rooted at *cluster..ring_hash_lb.* and contain the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 size, Gauge, Total number of host hashes on the ring min_hashes_per_host, Gauge, Minimum number of hashes for a single host max_hashes_per_host, Gauge, Maximum number of hashes for a single host .. _config_cluster_manager_cluster_stats_maglev_lb: Maglev load balancer statistics ------------------------------- Statistics for monitoring effective host weights when using the :ref:`Maglev load balancer `. Stats are rooted at *cluster..maglev_lb.* and contain the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 min_entries_per_host, Gauge, Minimum number of entries for a single host max_entries_per_host, Gauge, Maximum number of entries for a single host .. _config_cluster_manager_cluster_stats_request_response_sizes: Request Response Size statistics -------------------------------- If :ref:`request response size statistics ` are tracked, statistics will be added to *cluster.* and contain the following: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_rq_headers_size, Histogram, Request headers size in bytes per upstream upstream_rq_body_size, Histogram, Request body size in bytes per upstream upstream_rs_headers_size, Histogram, Response headers size in bytes per upstream upstream_rs_body_size, Histogram, Response body size in bytes per upstream ================================================ FILE: docs/root/configuration/upstream/cluster_manager/overview.rst ================================================ Overview ======== * Cluster manager :ref:`architecture overview ` * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/upstream/health_checkers/health_checkers.rst ================================================ .. _config_health_checkers: Health checkers =============== .. toctree:: :maxdepth: 2 redis ================================================ FILE: docs/root/configuration/upstream/health_checkers/redis.rst ================================================ .. _config_health_checkers_redis: Redis ===== The Redis health checker is a custom health checker (with :code:`envoy.health_checkers.redis` as name) which checks Redis upstream hosts. It sends a Redis PING command and expect a PONG response. The upstream Redis server can respond with anything other than PONG to cause an immediate active health check failure. Optionally, Envoy can perform EXISTS on a user-specified key. If the key does not exist it is considered a passing health check. This allows the user to mark a Redis instance for maintenance by setting the specified :ref:`key ` to any value and waiting for traffic to drain. An example setting for :ref:`custom_health_check ` as a Redis health checker is shown below: .. code-block:: yaml custom_health_check: name: envoy.health_checkers.redis typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.redis_proxy.v3.RedisProxy key: foo * :ref:`v3 API reference ` ================================================ FILE: docs/root/configuration/upstream/upstream.rst ================================================ Upstream clusters ================= .. toctree:: :maxdepth: 2 cluster_manager/cluster_manager health_checkers/health_checkers ================================================ FILE: docs/root/extending/extending.rst ================================================ .. _extending: Extending Envoy for custom use cases ==================================== The Envoy architecture makes it fairly easily extensible via a variety of different extension types including: * :ref:`Access loggers ` * :ref:`Access log filters ` * :ref:`Clusters ` * :ref:`Listener filters ` * :ref:`Network filters ` * :ref:`HTTP filters ` * :ref:`gRPC credential providers ` * :ref:`Health checkers ` * :ref:`Resource monitors ` * :ref:`Retry implementations ` * :ref:`Stat sinks ` * :ref:`Tracers ` * :ref:`Request ID ` * :ref:`Transport sockets ` * BoringSSL private key methods * :ref:`Watchdog action ` * :ref:`Internal redirect policy ` * :ref:`Compression libraries ` As of this writing there is no high level extension developer documentation. The :repo:`existing extensions ` are a good way to learn what is possible. An example of how to add a network filter and structure the repository and build dependencies can be found at `envoy-filter-example `_. ================================================ FILE: docs/root/faq/api/control_plane.rst ================================================ .. _control_plane: How do I support multiple xDS API major versions in my control plane? ===================================================================== Where possible, it is highly recommended that control planes support a single major version at a given point in time for simplicity. This works in situations where control planes need to only support a window of Envoy versions which spans less than a year. Temporary support for multiple versions during rollout in this scenario is described :ref:`here `. For control planes that need to support a wider range of versions, there are a few approaches: 1. Independent vN/v(N+1) configuration generation pipelines. This is simple to understand but involves significant duplication of code and can be expensive engineering wise. This may work well if the API surface in use is small. 2. Have the control plane use vN canonically and mechanically transform vN messages to their v(N+1) equivalents. This does not allow for the use of any new v(N+1) features. It is necessary to avoid the use of any deprecated vN fields. With these caveats aside, a simple transformation is possible where the vN proto message is serialized and then deserialized as a v(N+1) proto message (this binary compatibility is guaranteed). An optimization when serving *google.protobuf.Any* resources in a *DiscoveryResponse* is to simply rewrite the type URL. 3. Have the control plane use v(N+1) canonically and mechanically transform v(N+1) messages to their vN equivalents when serving vN-only Envoys. This works provided it is safe to ignore v(N+1)-only fields from the perspective of the operator's intent when providing input to the config pipeline (e.g. if a new regex type is requested and silently ignored in a *RouteMatch* for vN Envoys, this is problematic). Similar to (2), the v(N+1) message may be transformed to a vN equivalent by a serialization round-trip. If the goal is to support the widest range of vN clients, it's necessary to transform, using hand-written code, fields that are present in both vN/v(N+1) to their vN deprecated counterparts, since some earlier vN Envoy clients will not have the newer fields common to vN and v(N+1). ================================================ FILE: docs/root/faq/api/control_plane_version_support.rst ================================================ .. _control_plane_version_support: Which xDS transport and resource versions does my control plane need to support? ================================================================================ If a control plane is serving a well known set of clients at a given API major version, it only needs to support that version (both transport and resource version). However, even in this relatively basic scenario, if the set of clients straddles a major version drop or the control plane wishes to move from v2/v3, there are considerations around rollout of client and server binaries. One approach to this problem is to add temporary support to the management server for both v2 and v3 transport versions (see https://github.com/envoyproxy/go-control-plane). For resources, messages are binary compatible modulo deprecated or new fields between API major versions. If the control plane no longer emits resources with deprecated fields, this allows for a trivial replacement of type URL based on the requested resource from the client to serve the same resource for v2 and v3. A typical rollout sequence might look like: 1. Clients with a mix of v2 and v3 support are in operation, with a v2 management server. The client bootstraps will reference v2 API transport endpoints. 2. A management server with dual v2/v3 API support is rolled out. Both v2 and v3 transport endpoints are supported, while a trivial type URL replacement in the returned resource is sufficient for matching the requested v2 or v3 resource type URL with the existing v2 resource in the control plane. When returning resources with embedded `ConfigSource` messages pointing at xDS resources for a v3 request, it will be necessary to set the `transport_api_version` and `resource_api_version` to v3. No deprecated v2 fields or new v3 fields can be used at this point. 3. Client bootstraps are upgraded to v3 API transport endpoints and v3 API resource versions. 4. Support for v2 is removed in the management server. The management server moves to v3 exclusively internally and can support newer fields. Another approach for type url version migration will be to enable the support of mixed type url protected by a runtime guard *envoy.reloadable_features.enable_type_url_downgrade_and_upgrade*. Client can send discovery request with v2 resource type url and process discovery response with v3 resource type url. Client can also send discovery request with v3 resource type url and process discovery response with v2 resource type url. The upgrade and downgrade of type url is performed automatically. If your management server does not support both v2/v3 at the same time, you can have clients with type url upgrade and downgrade feature enabled. These clients can talk to a mix of management servers that support either v2 or v3 exclusively. Just like the first approach, no deprecated v2 fields or new v3 fields can be used at this point. If you are operating a managed control plane as-a-service, you will likely need to support a wide range of client versions. In this scenario, you will require long term support for multiple major API transport and resource versions. Strategies for managing this support are described :ref:`here `. ================================================ FILE: docs/root/faq/api/envoy_upgrade_v3.rst ================================================ If I upgrade to Envoy 1.13+, do I need to use the v3 API? ========================================================= The v2 API is deprecated in the 1.13.0 release (January 2020). It will be fully supported for the duration of 2020 and then all support for v2 will be removed from Envoy at EOY 2020. All existing v2 boostrap and xDS configuration should continue to work seamlessly in 1.13.0 and for the duration of 2020. Envoy internally operates at v3+, but does so by transparently upgrading configuration from v2 at ingestion time. Since EOQ1 2020, we have frozen the v2 API and no new features will be added. To consume these newer features, you will need to migrate to the v3 API. It is highly recommend that operators with self-managed and/or self-developed control planes migrate to v3 well before Q4 2020 in order to avoid hitting the hard deadline for v3 support at EOY. ================================================ FILE: docs/root/faq/api/envoy_v2_support.rst ================================================ How long will the v2 APIs be supported? ======================================= The v2 xDS APIs are deprecated and will be removed form Envoy at the end of 2020, as per the :repo:`API versioning policy `. ================================================ FILE: docs/root/faq/api/envoy_v3.rst ================================================ How do I configure Envoy to use the v3 API? =========================================== By default, Envoy will attempt to parse any YAML, JSON or text proto as v2, and if it fails to do so, will consider it as v3. So, if you have a simple static Envoy consuming a text-based bootstrap, you just need to start using the new configuration. For binary proto bootstrap configuration, please use a :ref:`v3 Bootstrap ` proto. For dynamic configuration, we have introduced two new fields to :ref:`config sources `, transport API version and resource API version. The distinction is as follows: * The :ref:`transport API version ` indicates the API endpoint and version of *DiscoveryRequest*/*DiscoveryResponse* messages used. * The :ref:`resource API version ` indicates whether a v2 or v3 resource, e.g. v2 *RouteConfiguration* or v3 *RouteConfiguration*, is delivered. It is possible to use a mixture of transport API and resource API versions, e.g. to deliver v2 *Listener* resources and v3 *RouteConfiguration* resources over a v2 ADS transport. This is an intentional feature designed to provide for gradual migration of Envoy deployments from v2 to v3. There may be some operational advantage in having vM resources delivered over vN endpoints, so we provide the flexibility to make this call by appropriate configuration of :ref:`config sources `. ================================================ FILE: docs/root/faq/api/extensions.rst ================================================ How does API versioning interact with a new extension? ====================================================== For extension configuration API, please follow the :repo:`new extension configuration steps ` in the style guide. Extension implementations should operate with v3 messages internally, for both their own configuration and other Envoy configuration messages. Unit tests should be written against v3 configuration. ================================================ FILE: docs/root/faq/api/incremental.rst ================================================ What is the status of incremental xDS support? ============================================== The :ref:`incremental xDS ` protocol is designed to improve efficiency, scalability and functional use of xDS updates via two mechanisms: * Delta xDS. Resource deltas are delivered rather than state-of-the-world. * On-demand xDS. Resource can be lazy loaded depending on request contents. Currently, all xDS protocols (including ADS) support delta xDS. On-demand xDS is supported for :ref:`VHDS ` only. ================================================ FILE: docs/root/faq/api/package_naming.rst ================================================ What do the v2, v3, vN etc. mean in API package names? ====================================================== See the :repo:`API versioning guidelines `. ================================================ FILE: docs/root/faq/api/why_versioning.rst ================================================ Why are the Envoy xDS APIs versioned? What is the benefit? ========================================================== Envoy is a platform and needs to allow its APIs to grow and evolve to encompass new features, improve ergonomics and address new use cases. At the same time, we need a disciplined approach to turning down stale functionality and removing APIs and their supporting code that are no longer maintained. If we don't do this, we lose the ability in the long term to provide a reliable, maintainable, scalable code base and set of APIs for our users. We had previously put in place policies around :repo:`breaking changes ` across releases, the :repo:`API versioning policy ` takes this a step further, articulating a guaranteed multi-year support window for APIs that provides control plane authors a predictable clock when considering support for a range of Envoy versions. For the v3 xDS APIs, a brief list of the key improvements that were made with a clean break from v2: * Packages organization was improved to reflect a more logical grouping of related APIs: - The legacy `envoy.api.v2` tree was eliminated, with protos moved to their logical groupings, e.g. `envoy.config.core.v3`, `envoy.server.listener.v3`. - All packages are now versioned with a `vN` at the end. This allows for type-level identification of major version. - xDS service endpoints/transport and configuration are split between `envoy.service` and `envoy.config`. - Extensions now reflect the Envoy source tree layout under `envoy.extensions`. * `std::regex` regular expressions were dropped from the API, in favor of RE2. The former have dangerous security implications. * `google.protobuf.Struct` configuration of extensions was dropped from the API, in favor of typed configuration. This provides for better support for multiple instances of extensions, e.g. in filter chains, and more flexible naming of extension instances. * Over 60 deprecated fields were removed from the API. * Tooling and processes were established for API versioning support. This has now been reflected in the bootstrap `Node`, providing a long term notion of API support that control planes can depend upon for client negotiation. ================================================ FILE: docs/root/faq/build/binaries.rst ================================================ Where do I get binaries? ======================== Please see :ref:`here `. ================================================ FILE: docs/root/faq/build/boringssl.rst ================================================ Why does Envoy use BoringSSL? ============================= `BoringSSL `_ is a slimmed down TLS implementation maintained by Google. Getting TLS right is very, very hard. Envoy has chosen to align with BoringSSL so as to obtain access to the world class experts that Google employs to work on this code base. In short: if BoringSSL is good enough for Google's production systems it is good enough for Envoy and the project will not offer first class support for any other TLS implementation. ================================================ FILE: docs/root/faq/configuration/deprecation.rst ================================================ .. _faq_deprecation: How are configuration deprecations handled? =========================================== As documented in the "Breaking change policy" in :repo:`CONTRIBUTING.md`, features can be marked as deprecated at any point as long as there is a replacement available. Each deprecation is annotated in the API proto itself and explained in detail in the :ref:`Envoy documentation `. For the first 3 months following deprecation, use of deprecated fields will result in a logged warning and incrementing the :ref:`deprecated_feature_use ` counter. After that point, the field will be annotated as fatal-by-default and further use of the field will be treated as invalid configuration unless :ref:`runtime overrides ` are employed to re-enable use. ================================================ FILE: docs/root/faq/configuration/edge.rst ================================================ .. _faq_edge: How do I configure Envoy as an edge proxy? ========================================== Refer to :ref:`configuring Envoy as an edge proxy ` for an example of the edge proxy configuration. ================================================ FILE: docs/root/faq/configuration/flow_control.rst ================================================ .. _faq_flow_control: How do I configure flow control? ================================ Flow control may cause problems where Envoy is using non-streaming L7 filters, and request or response bodies exceed the L7 buffer limits. For requests where the body must be buffered and exceeds the configured limits, Envoy will serve a 413 to the user and increment the :ref:`downstream_rq_too_large ` metric. On the response path if the response body must be buffered and exceeds the limit, Envoy will increment the :ref:`rs_too_large ` metric and either disconnect mid-response (if headers have already been sent downstream) or send a 500 response. There are three knobs for configuring Envoy flow control: :ref:`listener limits `, :ref:`cluster limits ` and :ref:`http2 stream limits ` The listener limits apply to how much raw data will be read per read() call from downstream, as well as how much data may be buffered in userspace between Envoy and downstream. The listener limits are also propogated to the HttpConnectionManager, and applied on a per-stream basis to HTTP/1.1 L7 buffers described below. As such they limit the size of HTTP/1 requests and response bodies that can be buffered. For HTTP/2, as many streams can be multiplexed over one TCP connection, the L7 and L4 buffer limits can be tuned separately, and the configuration option :ref:`http2 stream limits ` is applied to all of the L7 buffers. Note that for both HTTP/1 and HTTP/2 Envoy can and will proxy arbitrarily large bodies on routes where all L7 filters are streaming, but many filters such as the transcoder or buffer filters require the full HTTP body to be buffered, so limit the request and response size based on the listener limit. The cluster limits affect how much raw data will be read per read() call from upstream, as well as how much data may be buffered in userspace between Envoy and upstream. The following code block shows how to adjust all three fields mentioned above, though generally the only one which needs to be amended is the listener :ref:`per_connection_buffer_limit_bytes ` .. code-block:: yaml static_resources: listeners: name: http address: socket_address: address: '::1' portValue: 0 filter_chains: filters: name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager http2_protocol_options: initial_stream_window_size: 65535 route_config: {} codec_type: HTTP2 http_filters: [] stat_prefix: config_test per_connection_buffer_limit_bytes: 1024 clusters: name: cluster_0 connect_timeout: 5s per_connection_buffer_limit_bytes: 1024 load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: ::1 port_value: 46685 ================================================ FILE: docs/root/faq/configuration/level_two.rst ================================================ .. _faq_level2: How do I configure Envoy as a level two proxy? ============================================== Refer to :ref:`configuring Envoy as a level two proxy ` for an example of the level 2 proxy configuration. ================================================ FILE: docs/root/faq/configuration/resource_limits.rst ================================================ .. _faq_resource_limits: How does Envoy prevent file descriptor exhaustion? ================================================== :ref:`Per-listener connection limits ` may be configured as an upper bound on the number of active connections a particular listener will accept. The listener may accept more connections than the configured value on the order of the number of worker threads. In addition, one may configure a :ref:`global limit ` on the number of connections that will apply across all listeners. On Unix-based systems, it is recommended to keep the sum of all connection limits less than half of the system's file descriptor limit to account for upstream connections, files, and other usage of file descriptors. .. note:: This per-listener connection limiting will eventually be handled by the :ref:`overload manager `. ================================================ FILE: docs/root/faq/configuration/sni.rst ================================================ .. _faq_how_to_setup_sni: How do I configure SNI for listeners? ===================================== `SNI `_ is only supported in the :ref:`v3 configuration/API `. .. attention:: :ref:`TLS Inspector ` listener filter must be configured in order to detect requested SNI. The following is a YAML example of the above requirement. .. code-block:: yaml address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: ["example.com", "www.example.com"] transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "example_com_cert.pem" } private_key: { filename: "example_com_key.pem" } filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http route_config: virtual_hosts: - name: default domains: "*" routes: - match: { prefix: "/" } route: { cluster: service_foo } - filter_chain_match: server_names: "api.example.com" transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "api_example_com_cert.pem" } private_key: { filename: "api_example_com_key.pem" } filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http route_config: virtual_hosts: - name: default domains: "*" routes: - match: { prefix: "/" } route: { cluster: service_foo } How do I configure SNI for clusters? ==================================== For clusters, a fixed SNI can be set in :ref:`UpstreamTlsContext `. To derive SNI from HTTP `host` or `:authority` header, turn on :ref:`auto_sni ` to override the fixed SNI in `UpstreamTlsContext`. If upstream will present certificates with the hostname in SAN, turn on :ref:`auto_san_validation ` too. It still needs a trust CA in validation context in `UpstreamTlsContext` for trust anchor. ================================================ FILE: docs/root/faq/configuration/timeouts.rst ================================================ .. _faq_configuration_timeouts: How do I configure timeouts? ============================ Envoy supports a wide range of timeouts that may need to be configured depending on the deployment. This page summarizes the most important timeouts used in various scenarios. .. attention:: This is not an exhaustive list of all of the configurable timeouts that Envoy supports. Depending on the deployment additional configuration may be required. HTTP/gRPC --------- Connection timeouts ^^^^^^^^^^^^^^^^^^^ Connection timeouts apply to the entire HTTP connection and all streams the connection carries. * The HTTP protocol :ref:`idle timeout ` is defined in a generic message used by both the HTTP connection manager as well as upstream cluster HTTP connections. The idle timeout is the time at which a downstream or upstream connection will be terminated if there are no active streams. The default idle timeout if not otherwise specified is *1 hour*. To modify the idle timeout for downstream connections use the :ref:`common_http_protocol_options ` field in the HTTP connection manager configuration. To modify the idle timeout for upstream connections use the :ref:`common_http_protocol_options ` field in the cluster configuration. Stream timeouts ^^^^^^^^^^^^^^^ Stream timeouts apply to individual streams carried by an HTTP connection. Note that a stream is an HTTP/2 and HTTP/3 concept, however internally Envoy maps HTTP/1 requests to streams so in this context request/stream is interchangeable. * The HTTP connection manager :ref:`request_timeout ` is the amount of time the connection manager will allow for the *entire request stream* to be received from the client. .. attention:: This timeout is not enforced by default as it is not compatible with streaming requests (requests that never end). See the stream idle timeout that follows. However, if using the :ref:`buffer filter `, it is recommended to configure this timeout. * The HTTP connection manager :ref:`stream_idle_timeout ` is the amount of time that the connection manager will allow a stream to exist with no upstream or downstream activity. The default stream idle timeout is *5 minutes*. This timeout is strongly recommended for all requests (not just streaming requests/responses) as it additionally defends against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * The HTTP protocol :ref:`max_stream_duration ` is defined in a generic message used by the HTTP connection manager. The max stream duration is the maximum time that a stream's lifetime will span. You can use this functionality when you want to reset HTTP request/response streams periodically. You can't use :ref:`request_timeout ` in this situation because this timer will be disarmed if a response header is received on the request/response streams. This timeout is available on both upstream and downstream connections. Route timeouts ^^^^^^^^^^^^^^ Envoy supports additional stream timeouts at the route level, as well as overriding some of the stream timeouts already introduced above. * A route :ref:`timeout ` is the amount of time that Envoy will wait for the upstream to respond with a complete response. *This timeout does not start until the entire downstream request stream has been received*. .. attention:: This timeout defaults to *15 seconds*, however, it is not compatible with streaming responses (responses that never end), and will need to be disabled. Stream idle timeouts should be used in the case of streaming APIs as described elsewhere on this page. * The route :ref:`idle_timeout ` allows overriding of the HTTP connection manager :ref:`stream_idle_timeout ` and does the same thing. * The route :ref:`per_try_timeout ` can be configured when using retries so that individual tries using a shorter timeout than the overall request timeout described above. This timeout only applies before any part of the response is sent to the downstream, which normally happens after the upstream has sent response headers. This timeout can be used with streaming endpoints to retry if the upstream fails to begin a response within the timeout. * The route :ref:`MaxStreamDuration proto ` can be used to override the HttpConnectionManager's :ref:`max_stream_duration ` for individual routes as well as setting both limits and a fixed time offset on grpc-timeout headers. TCP --- * The cluster :ref:`connect_timeout ` specifies the amount of time Envoy will wait for an upstream TCP connection to be established. This timeout has no default, but is required in the configuration. .. attention:: For TLS connections, the connect timeout includes the TLS handshake. * The TCP proxy :ref:`idle_timeout ` is the amount of time that the TCP proxy will allow a connection to exist with no upstream or downstream activity. The default idle timeout if not otherwise specified is *1 hour*. ================================================ FILE: docs/root/faq/configuration/zipkin_tracing.rst ================================================ .. _common_configuration_zipkin_tracing: How do I configure Zipkin tracing? ================================== Refer to the :ref:`zipkin sandbox setup ` for an example of zipkin tracing configuration. ================================================ FILE: docs/root/faq/configuration/zone_aware_routing.rst ================================================ .. _common_configuration_zone_aware_routing: How do I configure zone aware routing? ====================================== There are several steps required for enabling :ref:`zone aware routing ` between source service ("cluster_a") and destination service ("cluster_b"). Envoy configuration on the source service ----------------------------------------- This section describes the specific configuration for the Envoy running side by side with the source service. These are the requirements: * Envoy must be launched with :option:`--service-zone` option which defines the zone for the current host. * Both definitions of the source and the destination clusters must have :ref:`EDS ` type. * :ref:`local_cluster_name ` must be set to the source cluster. Only essential parts are listed in the configuration below for the cluster manager. .. code-block:: yaml cluster_manager: local_cluster_name: cluster_a static_resources: clusters: - name: cluster_a type: EDS eds_cluster_config: ... - name: cluster_b type: EDS eds_cluster_config: ... Envoy configuration on the destination service ---------------------------------------------- It's not necessary to run Envoy side by side with the destination service, but it's important that each host in the destination cluster registers with the discovery service :ref:`queried by the source service Envoy `. :ref:`Zone ` information must be available as part of that response. Only zone related data is listed in the response below. .. code-block:: yaml locality: zone: us-east-1d Infrastructure setup -------------------- The above configuration is necessary for zone aware routing, but there are certain conditions when zone aware routing is :ref:`not performed `. Verification steps ------------------ * Use :ref:`per zone ` Envoy stats to monitor cross zone traffic. ================================================ FILE: docs/root/faq/debugging/why_is_envoy_404ing_connect_requests.rst ================================================ .. _faq_why_is_envoy_404ing_connect_requests: Why is Envoy sending 404s to CONNECT requests? ============================================== Envoy's default matchers match based on host and path. Because CONNECT requests (generally) do not have a path, most matchers will fail to match CONNECT requests, and Envoy will send a 404 because the route is not found. The solution for HTTP/1.1 CONNECT requests, is to use a :ref:`connect_matcher ` as described in the CONNECT section of the :ref:`upgrade documentation`. ================================================ FILE: docs/root/faq/debugging/why_is_envoy_sending_413s.rst ================================================ .. _faq_why_is_envoy_sending_413: Why is Envoy sending 413s? ========================== Envoy by default imposes limits to how much it will buffer for a given request. Generally, Envoy filters are designed to be streaming, and will pass data from downstream to upstream, or will simply pause processing while waiting for an external event (e.g. doing auth checks). Some filters, for example the buffer filter, require buffering the full request or response. If a request body is too large to buffer, but buffering is required by the filter, Envoy will send a 413. The buffer limits can be increased at the risk of making OOMs more possible. Please see the ref:`flow control docs ` for details. ================================================ FILE: docs/root/faq/debugging/why_is_envoy_sending_http2_resets.rst ================================================ .. _why_is_envoy_sending_http2_resets: Why is Envoy sending HTTP/2 resets? =================================== The HTTP/2 reset path is mostly governed by the codec Envoy uses to frame HTTP/2, nghttp2. nghttp2 has extremely good adherence to the HTTP/2 spec, but as many clients are not exactly as compliant, this mismatch can cause unexpected resets. Unfortunately, unlike the debugging the :ref:`internal response path `, Envoy has limited visibility into the specific reason nghttp2 reset a given stream. If you have a reproducible failure case, you can run it against a debug Envoy with "-l trace" to get detailed nghttp2 error logs, which often indicate which header failed compliance checks. Alternately, if you can afford to run with "-l trace" on a machine encountering the errors, you can look for logs from the file "source/common/http/http2/codec_impl.cc" of the form `invalid http2: [nghttp2 error detail]` for example: `invalid http2: Invalid HTTP header field was received: frame type: 1, stream: 1, name: [content-length], value: [3]` You can also check :ref:`HTTP/2 stats``: in many cases where Envoy resets streams, for example if there are more headers than allowed by configuration or flood detection kicks in, http2 counters will be incremented as the streams are reset. ================================================ FILE: docs/root/faq/debugging/why_is_envoy_sending_internal_responses.rst ================================================ .. _why_is_envoy_sending_internal_responses: Why is Envoy sending internal responses? ======================================== One of the easiest ways to get an understanding of why Envoy sends a given local response, is to turn on trace logging. If you can run your instance with “-l trace” you will slow Envoy down significantly, but get detailed information on various events in the lifetime of each stream and connection. Any time Envoy sends an internally generated response it will log to the _debug_ level “Sending local reply with details [unique reason]” which gives you information about why the local response was sent. Each individual response detail is used at one point in the code base, be it a codec validation check or a failed route match. If turning on debug logging is not plausible, the response details can be added to the access logs using _%RESPONSE_CODE_DETAILS%_, and again it will let you pinpoint the exact reason a given response was generated. Documentation on response code details can be found :ref:`here` ================================================ FILE: docs/root/faq/debugging/why_is_my_route_not_found.rst ================================================ .. _why_is_my_route_not_found: Why is my route not found? ========================== Once you've drilled down into Envoy responses and discovered Envoy generating local responses with the message "Sending local reply with details route_not_found" the next question is _why_? Often you can look at your route configuration and the headers sent, and see what is missing. One often overlooked problem is host:port matching. If your route configuration matches the domain www.host.com but the client is sending requests to www.host.com:443, it will not match. If this is the problem you are encountering you can solve it one of two ways. First by changing your configuration to match host:port pairs, going from .. code-block:: yaml domains: - "www.host.com" to .. code-block:: yaml domains: - "www.host.com" - "www.host.com:80" - "www.host.com:443" The other is to strip ports entirely using :ref:`stripping port from host header `. Not that this will only stip port 80 from insecure requests and 443 from secure request. It does not just stop ports when routes are matched, but changes the host sent downstream to also not include the port. ================================================ FILE: docs/root/faq/extensions/contract.rst ================================================ .. _faq_filter_contract: Is there a contract my HTTP filter must adhere to? -------------------------------------------------- * Headers encoding/decoding * During encoding/decoding of headers if a filter returns ``FilterHeadersStatus::StopIteration``, the processing can be resumed if ``encodeData()``/``decodeData()`` return ``FilterDataStatus::Continue`` or by explicitly calling ``continueEncoding()``/``continueDecoding()``. * During encoding/decoding of headers if a filter returns ``FilterHeadersStatus::StopAllIterationAndBuffer`` or ``FilterHeadersStatus::StopAllIterationAndWatermark``, the processing can be resumed by calling ``continueEncoding()``/``continueDecoding()``. * A filter's ``decodeHeaders()`` implementation must not return ``FilterHeadersStatus::ContinueAndEndStream`` when called with ``end_stream`` set to *true*. In this case ``FilterHeadersStatus::Continue`` should be returned. * A filter's ``encode100ContinueHeaders()`` must return ``FilterHeadersStatus::Continue`` or ``FilterHeadersStatus::StopIteration``. * Data encoding/decoding * During encoding/decoding of data if a filter returns ``FilterDataStatus::StopIterationAndBuffer``, ``FilterDataStatus::StopIterationAndWatermark``, or ``FilterDataStatus::StopIterationNoBuffer``, the processing can be resumed if ``encodeData()``/``decodeData()`` return ``FilterDataStatus::Continue`` or by explicitly calling ``continueEncoding()``/``continueDecoding()``. * Trailers encoding/decoding * During encoding/decoding of trailers if a filter returns ``FilterTrailersStatus::StopIteration``, the processing can be resumed by explicitly calling ``continueEncoding()``/``continueDecoding()``. Are there well-known headers that will appear in the given headers map of ``decodeHeaders()``? ---------------------------------------------------------------------------------------------- The first filter of the decoding filter chain will have the following headers in the map: * ``Host`` * ``Path`` (this might be omitted for CONNECT requests). Although these headers may be omitted by one of the filters on the decoding filter chain, they should be reinserted before the terminal filter is triggered. ================================================ FILE: docs/root/faq/load_balancing/concurrency_lb.rst ================================================ Why doesn't RR load balancing appear to be even? ================================================ Envoy utilizes a siloed :ref:`threading model `. This means that worker threads and the load balancers that run on them do not coordinate with each other. When utilizing load balancing policies such as :ref:`round robin `, it may thus appear that load balancing is not working properly when using multiple workers. The :option:`--concurrency` option can be used to adjust the number of workers if desired. The siloed execution model is also the reason why multiple HTTP/2 connections may be established to each upstream; :ref:`connection pools ` are not shared between workers. ================================================ FILE: docs/root/faq/load_balancing/disable_circuit_breaking.rst ================================================ .. _faq_disable_circuit_breaking: Is there a way to disable circuit breaking? =========================================== Envoy comes with :ref:`certain defaults ` for each kind of circuit breaking. Currently, there isn't a switch to turn circuit breaking off completely; however, you could achieve a similar behavior by setting these thresholds very high, for example, to `std::numeric_limits::max()`. Following is a sample configuration that tries to effectively disable all kinds of circuit breaking by setting the thresholds to a value of `1000000000`. .. code-block:: yaml circuit_breakers: thresholds: - priority: DEFAULT max_connections: 1000000000 max_pending_requests: 1000000000 max_requests: 1000000000 max_retries: 1000000000 - priority: HIGH max_connections: 1000000000 max_pending_requests: 1000000000 max_requests: 1000000000 max_retries: 1000000000 Envoy supports priority routing at the route level. You may adjust the thresholds accordingly. ================================================ FILE: docs/root/faq/load_balancing/lb_panic_threshold.rst ================================================ I setup health checking. When I fail some hosts, Envoy starts routing to all of them again. Why? ================================================================================================ This feature is known as the load balancer :ref:`panic threshold `. It is used to prevent cascading failure when upstream hosts start failing health checks in large numbers. ================================================ FILE: docs/root/faq/load_balancing/region_failover.rst ================================================ How do I make Envoy fail over to another region during service degradation? =========================================================================== Envoy uses the concept of `priorities ` to express the idea that a certain set of endpoints should be preferred over others. By putting the preferred endpoints into the lower priority, Envoy will always select one of these endpoints as long as that priority is sufficiently available. This means that common failover scenarios can be expressed by putting the fallback endpoints in a different priority. See the `priority ` for more information about this. ================================================ FILE: docs/root/faq/load_balancing/transient_failures.rst ================================================ .. _common_configuration_transient_failures: How do I handle transient failures? =================================== One of the biggest advantages of using Envoy in a service mesh is that it frees up services from implementing complex resiliency features like circuit breaking, outlier detection and retries that enable services to be resilient to realities such as rolling upgrades, dynamic infrastructure, and network failures. Having these features implemented at Envoy not only improves the availability and resiliency of services but also brings in consistency in terms of the behaviour and observability. This section explains at a high level the configuration supported by Envoy and how these features can be used together to handle these scenarios. Circuit Breaking ---------------- :ref:`Circuit Breaking ` is a critical component of distributed systems. Circuit breaking lets applications configure failure thresholds that ensure safe maximums, allowing components to fail quickly and apply back pressure as soon as possible. Applying correct circuit breaking thresholds helps to save resources which otherwise are wasted in waiting for requests (timeouts) or retrying requests unnecessarily. One of the main advantages of the circuit breaking implementation in Envoy is that the circuit breaking limits are applied at the network level. .. _common_configuration_transient_failures_retries: Retries ------- Automatic :ref:`request retries ` is another method of ensuring service resilience. Request retries should typically be used to guard against transient failures. Envoy supports very rich set of configurable parameters that dictate what type of requests are retried, how many times the request should be retried, timeouts for retries, etc. Retries in gRPC services ------------------------ For gRPC services, Envoy looks at the gRPC status in the response and attempts a retry based on the statuses configured in :ref:`x-envoy-retry-grpc-on `. The following application status codes in gRPC are considered safe for automatic retry. * *CANCELLED* - Return this code if there is an error that can be retried in the service. * *RESOURCE_EXHAUSTED* - Return this code if some of the resources that service depends on are exhausted in that instance so that retrying to another instance would help. Please note that for shared resource exhaustion, returning this will not help. Instead :ref:`rate limiting ` should be used to handle such cases. The HTTP Status codes *502 (Bad Gateway)*, *503 (Service Unavailable)* and *504 (Gateway Timeout)* are all mapped to gRPC status code *UNAVAILABLE*. This can also be considered safe for automatic retry. The idempotency of a request is an important consideration when configuring retries. Envoy also supports extensions to its retry policies. The :ref:`retry plugins ` allow you to customize the Envoy retry implementation to your application. Outlier Detection ----------------- :ref:`Outlier detection ` is a way of dynamically detecting misbehaving hosts in the upstream cluster. By detecting such hosts and ejecting them for a temporary period of time from the healthy load balancing set, Envoy can increase the success rate of a cluster. Envoy supports configuring outlier detection based on continuous *5xx*, continuous gateway failures and success rate. Envoy also allows you to configure the ejection period. **Configuration** The following settings help to optimize some combination of: * Maximum request success for common scenarios (i.e. rolling upgrade) * Speed * Avoid cascading failures *Circuit Breaker* .. code-block:: json { "thresholds": [ { "max_retries": 10, } ] } For the purpose of this specific use case, the retry budget for upstream cluster should be configured to enable and control concurrent retries. If the value configured is too low, some requests will not be retried, which can be measured via :ref:`upstream_rq_retry_overflow `. If the value configured is too high, the service can be overwhelmed with retry requests. *Outlier Detection* .. code-block:: json { "consecutive_5xx": 5, "base_ejection_time": "30s", "max_ejection_percent": 50, "consecutive_gateway_failure": 5, } This setting enables outlier detection if there are 5 consecutive *5xx* or *gateway failures* and limits the number of hosts that are ejected to 50% of the upstream cluster size. This configuration places a safe limit on the number of hosts removed. Please note that once a host a ejected, it will be returned to the pool after an ejection time is elapsed (which is equal to the *base_ejection_time* multiplied by the number of times the host has been ejected). *Request Retry* .. code-block:: json { "retry_on": "cancelled,connect-failure,gateway-error,refused-stream,reset,resource-exhausted,unavailable", "num_retries": 1, "retry_host_predicate": [ { "name": "envoy.retry_host_predicates.previous_hosts" } ], "host_selection_retry_max_attempts": "5" } The request will be retried based on the conditions documented in *retry_on*. This setting also configures Envoy to use :ref:`Previous Host Retry Predicate ` that allows it to choose a different host than the host where previous request has failed, because typically failures on that same host are likely to continue for some time and immediate retry would have less chance of success. ================================================ FILE: docs/root/faq/overview.rst ================================================ .. _faq_overview: FAQ === Build ----- .. toctree:: :maxdepth: 2 build/binaries build/boringssl API --- .. toctree:: :maxdepth: 2 api/envoy_v2_support api/envoy_v3 api/envoy_upgrade_v3 api/extensions api/control_plane_version_support api/control_plane api/package_naming api/why_versioning api/incremental .. _faq_overview_debug: Debugging --------- .. toctree:: :maxdepth: 2 debugging/why_is_envoy_sending_internal_responses debugging/why_is_envoy_sending_http2_resets debugging/why_is_envoy_404ing_connect_requests debugging/why_is_envoy_sending_413s debugging/why_is_my_route_not_found Performance ----------- .. toctree:: :maxdepth: 2 performance/how_fast_is_envoy performance/how_to_benchmark_envoy Configuration ------------- .. toctree:: :maxdepth: 2 configuration/edge configuration/level_two configuration/sni configuration/zone_aware_routing configuration/zipkin_tracing configuration/flow_control configuration/timeouts configuration/deprecation configuration/resource_limits Load balancing -------------- .. toctree:: :maxdepth: 2 load_balancing/lb_panic_threshold load_balancing/concurrency_lb load_balancing/disable_circuit_breaking load_balancing/transient_failures load_balancing/region_failover Extensions ---------- .. toctree:: :maxdepth: 2 extensions/contract ================================================ FILE: docs/root/faq/performance/how_fast_is_envoy.rst ================================================ .. _faq_how_fast_is_envoy: How fast is Envoy? ================== We are frequently asked *how fast is Envoy?* or *how much latency will Envoy add to my requests?* The answer is: *it depends*. Performance depends a great deal on which Envoy features are being used and the environment in which Envoy is run. In addition, doing accurate performance testing is an incredibly difficult task that the project does not currently have resources for. Although we have done quite a bit of performance tuning of Envoy in the critical path and we believe it performs extremely well, because of the previous points we do not currently publish any official benchmarks. We encourage users to benchmark Envoy in their own environments with a configuration similar to what they plan on using in production. ================================================ FILE: docs/root/faq/performance/how_to_benchmark_envoy.rst ================================================ What are best practices for benchmarking Envoy? =============================================== There is :ref:`no single QPS, latency or throughput overhead ` that can characterize a network proxy such as Envoy. Instead, any measurements need to be contextually aware, ensuring an apples-to-apples comparison with other systems by configuring and load testing Envoy appropriately. As a result, we can't provide a canonical benchmark configuration, but instead offer the following guidance: * A release Envoy binary should be used. If building, please ensure that `-c opt` is used on the Bazel command line. When consuming Envoy point releases, make sure you are using the latest point release; given the pace of Envoy development it's not reasonable to pick older versions when making a statement about Envoy performance. Similarly, if working on a master build, please perform due diligence and ensure no regressions or performance improvements have landed proximal to your benchmark work and that your are close to HEAD. * The :option:`--concurrency` Envoy CLI flag should be unset (providing one worker thread per logical core on your machine) or set to match the number of cores/threads made available to other network proxies in your comparison. * Disable :ref:`circuit breaking `. A common issue during benchmarking is that Envoy's default circuit breaker limits are low, leading to connection and request queuing. * Disable :ref:`generate_request_id `. * Disable :ref:`dynamic_stats `. If you are measuring the overhead vs. a direct connection, you might want to consider disabling all stats via :ref:`reject_all `. * Ensure that the networking and HTTP filter chains are reflective of comparable features in the systems that Envoy is being compared with. * Ensure that TLS settings (if any) are realistic and that consistent cyphers are used in any comparison. Session reuse may have a significant impact on results and should be tracked via :ref:`listener SSL stats `. * Ensure that :ref:`HTTP/2 settings `, in particular those that affect flow control and stream concurrency, are consistent in any comparison. Ideally taking into account BDP and network link latencies when optimizing any HTTP/2 settings. * Verify in the listener and cluster stats that the number of streams, connections and errors matches what is expected in any given experiment. * Make sure you are aware of how connections created by your load generator are distributed across Envoy worker threads. This is especially important for benchmarks that use low connection counts and perfect keep-alive. You should be aware that Envoy will allocate all streams for a given connection to a single worker thread. This means, for example, that if you have 72 logical cores and worker threads, but only a single HTTP/2 connection from your load generator, then only 1 worker thread will be active. * Make sure request-release timing expectations line up with what is intended. Some load generators produce naturally jittery and/or batchy timings. This might end up being an unintended dominant factor in certain tests. * The specifics of how your load generator reuses connections is an important factor (e.g. MRU, random, LRU, etc.) as this impacts work distribution. * If you're trying to measure small (say < 1ms) latencies, make sure the measurement tool and environment have the required sensitivity and the noise floor is sufficiently low. * Be critical of your bootstrap or xDS configuration. Ideally every line has a motivation and is necessary for the benchmark under consideration. * Consider using `Nighthawk `_ as your load generator and measurement tool. We are committed to building out benchmarking and latency measurement best practices in this tool. * Examine `perf` profiles of Envoy during the benchmark run, e.g. with `flame graphs `_. Verify that Envoy is spending its time doing the expected essential work under test, rather than some unrelated or tangential work. * Familiarize yourself with `latency measurement best practices `_. In particular, never measure latency at max load, this is not generally meaningful or reflecting of real system performance; aim to measure below the knee of the QPS-latency curve. Prefer open vs. closed loop load generators. * Avoid `benchmarking crimes `_. ================================================ FILE: docs/root/index.rst ================================================ Envoy documentation ================================= .. ifconfig:: release_level in ('pre-release') .. attention:: This is pre-release documentation. There is risk of it not being consistent with what is currently implemented in Envoy, though we try to make things consistent as quickly as possible. .. toctree:: :maxdepth: 2 about_docs intro/intro start/start install/install version_history/version_history configuration/configuration operations/operations extending/extending api/api faq/overview ================================================ FILE: docs/root/install/building.rst ================================================ .. _building: Building ======== The Envoy build system uses Bazel. In order to ease initial building and for a quick start, we provide an Ubuntu 16 based docker container that has everything needed inside of it to build and *statically link* Envoy, see :repo:`ci/README.md`. In order to build manually, follow the instructions at :repo:`bazel/README.md`. .. _install_requirements: Requirements ------------ Envoy was initially developed and deployed on Ubuntu 14.04 LTS. It should work on any reasonably recent Linux including Ubuntu 18.04 LTS. Building Envoy has the following requirements: * GCC 7+ or Clang/LLVM 7+ (for C++14 support). Clang/LLVM 9+ preferred where Clang is used (see below). * These :repo:`Bazel native ` dependencies. Please see the linked :repo:`CI ` and :repo:`Bazel ` documentation for more information on performing manual builds. Please note that for Clang/LLVM 8 and lower, Envoy may need to be built with `--define tcmalloc=gperftools` as the new tcmalloc code is not guaranteed to compile with lower versions of Clang. .. _install_binaries: Pre-built binaries ------------------ We build and tag Docker images with release versions when we do official releases. These images can be found in the following repositories: * `envoyproxy/envoy `_: Release binary with symbols stripped on top of an Ubuntu Bionic base. * `envoyproxy/envoy-debug `_: Release binary with debug symbols on top of an Ubuntu Bionic base. * `envoyproxy/envoy-alpine `_: Release binary with symbols stripped on top of a **glibc** alpine base. * `envoyproxy/envoy-alpine-debug `_: *Deprecated in favor of envoyproxy/envoy-debug.* Release binary with debug symbols on top of a Release binary with debug symbols on top of a **glibc** alpine base. .. note:: In the above repositories, we tag a *vX.Y-latest* image for each security/stable release line. On every master commit we additionally create a set of development Docker images. These images can be found in the following repositories: * `envoyproxy/envoy-dev `_: Release binary with symbols stripped on top of an Ubuntu Bionic base. * `envoyproxy/envoy-debug-dev `_: Release binary with debug symbols on top of an Ubuntu Bionic base. * `envoyproxy/envoy-alpine-dev `_: Release binary with symbols stripped on top of a **glibc** alpine base. * `envoyproxy/envoy-alpine-debug-dev `_: *Deprecated in favor of envoyproxy/envoy-debug-dev.* Release binary with debug symbols on top of a **glibc** alpine base. In the above *dev* repositories, the *latest* tag points to the last Envoy SHA in master that passed tests. .. note:: The Envoy project considers master to be release candidate quality at all times, and many organizations track and deploy master in production. We encourage you to do the same so that issues can be reported as early as possible in the development process. Packaged Envoy pre-built binaries for a variety of platforms are available via `GetEnvoy.io `_. We will consider producing additional binary types depending on community interest in helping with CI, packaging, etc. Please open an `issue in GetEnvoy `_ for pre-built binaries for different platforms. .. _arm_binaries: ARM64 binaries ^^^^^^^^^^^^^^ `envoyproxy/envoy `_, `envoyproxy/envoy-debug `_, `envoyproxy/envoy-dev `_ and `envoyproxy/envoy-debug-dev `_ are Docker `multi-arch `_ images and should run transparently on compatible ARM64 hosts. Modifying Envoy --------------- If you're interested in modifying Envoy and testing your changes, one approach is to use Docker. This guide will walk through the process of building your own Envoy binary, and putting the binary in an Ubuntu container. .. toctree:: :maxdepth: 2 sandboxes/local_docker_build ================================================ FILE: docs/root/install/install.rst ================================================ .. _install: Building and installation ========================= .. toctree:: :maxdepth: 2 building ref_configs tools/tools ================================================ FILE: docs/root/install/ref_configs.rst ================================================ .. _install_ref_configs: Reference configurations ======================== The source distribution includes a set of example configuration templates for each of the three major Envoy deployment types: * :ref:`Service to service ` * :ref:`Front proxy ` * :ref:`Double proxy ` The goal of this set of example configurations is to demonstrate the full capabilities of Envoy in a complex deployment. All features will not be applicable to all use cases. For full documentation see the :ref:`configuration reference `. Configuration generator ----------------------- Envoy configurations can become relatively complicated. At Lyft we use `jinja `_ templating to make the configurations easier to create and manage. The source distribution includes a version of the configuration generator that loosely approximates what we use at Lyft. We have also included three example configuration templates for each of the above three scenarios. * Generator script: :repo:`configs/configgen.py` * Service to service template: :repo:`configs/envoy_service_to_service_v2.template.yaml` * Front proxy template: :repo:`configs/envoy_front_proxy_v2.template.yaml` * Double proxy template: :repo:`configs/envoy_double_proxy_v2.template.yaml` To generate the example configurations run the following from the root of the repo: .. code-block:: console mkdir -p generated/configs bazel build //configs:example_configs tar xvf $PWD/bazel-out/k8-fastbuild/bin/configs/example_configs.tar -C generated/configs The previous command will produce three fully expanded configurations using some variables defined inside of `configgen.py`. See the comments inside of `configgen.py` for detailed information on how the different expansions work. A few notes about the example configurations: * An instance of :ref:`endpoint discovery service ` is assumed to be running at `discovery.yourcompany.net`. * DNS for `yourcompany.net` is assumed to be setup for various things. Search the configuration templates for different instances of this. * Tracing is configured for `LightStep `_. To disable this or enable `Zipkin `_ or `Datadog `_ tracing, delete or change the :ref:`tracing configuration ` accordingly. * The configuration demonstrates the use of a :ref:`global rate limiting service `. To disable this delete the :ref:`rate limit configuration `. * :ref:`Route discovery service ` is configured for the service to service reference configuration and it is assumed to be running at `rds.yourcompany.net`. * :ref:`Cluster discovery service ` is configured for the service to service reference configuration and it is assumed that be running at `cds.yourcompany.net`. ================================================ FILE: docs/root/install/sandboxes/local_docker_build.rst ================================================ .. _install_sandboxes_local_docker_build: Building an Envoy Docker image ============================== The following steps guide you through building your own Envoy binary, and putting that in a clean Ubuntu container. **Step 1: Build Envoy** Using ``envoyproxy/envoy-build`` you will compile Envoy. This image has all software needed to build Envoy. From your Envoy directory:: $ pwd src/envoy $ ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.release' That command will take some time to run because it is compiling an Envoy binary and running tests. For more information on building and different build targets, please refer to :repo:`ci/README.md`. **Step 2: Build image with only Envoy binary** In this step we'll build an image that only has the Envoy binary, and none of the software used to build it.:: $ pwd src/envoy/ $ docker build -f ci/Dockerfile-envoy -t envoy . Now you can use this ``envoy`` image to build the any of the sandboxes if you change the ``FROM`` line in any Dockerfile. This will be particularly useful if you are interested in modifying Envoy, and testing your changes. ================================================ FILE: docs/root/install/tools/config_load_check_tool.rst ================================================ .. _install_tools_config_load_check_tool: Config load check tool ====================== The config load check tool checks that a configuration file in JSON format is written using valid JSON and conforms to the Envoy JSON schema. This tool leverages the configuration test in ``test/config_test/config_test.cc``. The test loads the JSON configuration file and runs server configuration initialization with it. Input The tool expects a PATH to the root of a directory that holds JSON Envoy configuration files. The tool will recursively go through the file system tree and run a configuration test for each file found. Keep in mind that the tool will try to load all files found in the path. Output The tool will output Envoy logs as it initializes the server configuration with the config it is currently testing. If there are configuration files where the JSON file is malformed or is does not conform to the Envoy JSON schema, the tool will exit with status EXIT_FAILURE. If the tool successfully loads all configuration files found it will exit with status EXIT_SUCCESS. Building The tool can be built locally using Bazel. :: bazel build //test/tools/config_load_check:config_load_check_tool Running The tool takes a path as described above. :: bazel-bin/test/tools/config_load_check/config_load_check_tool PATH ================================================ FILE: docs/root/install/tools/route_table_check_tool.rst ================================================ .. _install_tools_route_table_check_tool: Route table check tool ======================= The route table check tool checks whether the route parameters returned by a router match what is expected. The tool can also be used to check whether a path redirect, path rewrite, or host rewrite match what is expected. Usage router_check_tool [-t ] [-c ] [-d] [-p] [--] [--version] [-h] -t , --test-path Path to a tool config JSON file. The tool config JSON file schema is found in :ref:`config `. The tool config input file specifies urls (composed of authorities and paths) and expected route parameter values. Additional parameters such as additional headers are optional. Schema: All internal schemas in the tool are based on :repo:`proto3 `. -c , --config-path Path to a v2 router config file (YAML or JSON). The router config file schema is found in :ref:`config ` and the config file extension must reflect its file type (for instance, .json for JSON and .yaml for YAML). -d, --details Show detailed test execution results. The first line indicates the test name. --only-show-failures Displays test results for failed tests. Omits test names for passing tests if the details flag is set. -f, --fail-under Represents a percent value for route test coverage under which the run should fail. --covall Enables comprehensive code coverage percent calculation taking into account all the possible asserts. Displays missing tests. --disable-deprecation-check Disables the deprecation check for RouteConfiguration proto. -h, --help Displays usage information and exits. Output The program exits with status EXIT_FAILURE if any test case does not match the expected route parameter value. If a test fails, details of the failed test cases are printed if ``--details`` flag is provided. The first field is the expected route parameter value. The second field is the actual route parameter value. The third field indicates the parameter that is compared. In the following example, Test_2 and Test_5 failed while the other tests passed. In the failed test cases, conflict details are printed. :: Test_1 Test_2 default other virtual_host_name Test_3 Test_4 Test_5 locations ats cluster_name Test_6 Building The tool can be built locally using Bazel. :: bazel build //test/tools/router_check:router_check_tool Running Example :: bazel-bin/test/tools/router_check/router_check_tool -c router_config.(yaml|json) -t tool_config.json --details Testing A bash shell script test can be run with bazel. The test compares routes using different router and tool configuration files. The configuration files can be found in test/tools/router_check/test/config/... . :: bazel test //test/tools/router_check/... ================================================ FILE: docs/root/install/tools/schema_validator_check_tool.rst ================================================ .. _install_tools_schema_validator_check_tool: Schema Validator check tool =========================== The schema validator tool validates that the passed in configuration conforms to a given schema. The configuration may be JSON or YAML. To validate the entire config, please refer to the :ref:`config load check tool`. Input The tool expects two inputs: 1. The schema type to check the passed in configuration against. The supported types are: * `route` - for :ref:`route configuration` validation. * `discovery_response` for :ref:`discovery response` validation. 2. The path to the configuration file. Output If the configuration conforms to the schema, the tool will exit with status EXIT_SUCCESS. If the configuration does not conform to the schema, an error message is outputted detailing what doesn't conform to the schema. The tool will exit with status EXIT_FAILURE. Building The tool can be built locally using Bazel. :: bazel build //test/tools/schema_validator:schema_validator_tool Running The tool takes a path as described above. :: bazel-bin/test/tools/schema_validator/schema_validator_tool --schema-type SCHEMA_TYPE --config-path PATH ================================================ FILE: docs/root/install/tools/tools.rst ================================================ Tools ===== .. toctree:: :maxdepth: 2 config_load_check_tool route_table_check_tool schema_validator_check_tool ================================================ FILE: docs/root/intro/_include/life-of-a-request.yaml ================================================ static_resources: listeners: # There is a single listener bound to port 443. - name: listener_https address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 443 # A single listener filter exists for TLS inspector. listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} # On the listener, there is a single filter chain that matches SNI for acme.com. filter_chains: - filter_chain_match: # This will match the SNI extracted by the TLS Inspector filter. server_names: ["acme.com"] # Downstream TLS configuration. transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "certs/servercert.pem" } private_key: { filename: "certs/serverkey.pem" } filters: # The HTTP connection manager is the only network filter. - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http use_remote_address: true http2_protocol_options: max_concurrent_streams: 100 # File system based access logging. access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: "/var/log/envoy/access.log" # The route table, mapping /foo to some_service. route_config: name: local_route virtual_hosts: - name: local_service domains: ["acme.com"] routes: - match: path: "/foo" route: cluster: some_service # CustomFilter and the HTTP router filter are the HTTP filter chain. http_filters: - name: some.customer.filter - name: envoy.filters.http.router clusters: - name: some_service connect_timeout: 5s # Upstream TLS configuration. transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext load_assignment: cluster_name: some_service # Static endpoint assignment. endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 10.1.2.10 port_value: 10002 - endpoint: address: socket_address: address: 10.1.2.11 port_value: 10002 http2_protocol_options: max_concurrent_streams: 100 - name: some_statsd_sink connect_timeout: 5s # The rest of the configuration for statsd sink cluster. # statsd sink. stats_sinks: - name: envoy.stat_sinks.statsd typed_config: "@type": type.googleapis.com/envoy.config.metrics.v3.StatsdSink tcp_cluster_name: some_statsd_cluster ================================================ FILE: docs/root/intro/arch_overview/advanced/advanced.rst ================================================ Advanced ======== .. toctree:: :maxdepth: 2 data_sharing_between_filters ================================================ FILE: docs/root/intro/arch_overview/advanced/data_sharing_between_filters.rst ================================================ .. _arch_overview_data_sharing_between_filters: Sharing data between filters ============================ Envoy provides the following mechanisms for the transfer of configuration, metadata and per-request/connection state to, from and between filters, as well as to other core subsystems (e.g., access logging). Static State ^^^^^^^^^^^^ Static state is any immutable state specified at configuration load time (e.g., through xDS). There are three categories of static state: Metadata -------- Several parts of Envoy configuration (e.g. listeners, routes, clusters) contain a :ref:`metadata ` where arbitrary key-value pairs can be encoded. The typical pattern is to use the filter names in reverse DNS format as the key and encode filter specific configuration metadata in the value. This metadata is immutable and shared across all requests/connections. Such config metadata is usually provided during bootstrap time or as part of xDS. For example, weighted clusters in HTTP routes use the metadata to indicate the labels on the endpoints corresponding to the weighted cluster. Another example, the subset load balancer uses the metadata from the route entry corresponding to the weighted cluster to select appropriate endpoints in a cluster Typed Metadata -------------- :ref:`Metadata ` as such is untyped. Before acting on the metadata, callers typically convert it to a typed class object. The cost of conversion becomes non-negligible when performed repeatedly (e.g., for each request stream or connection). Typed Metadata solves this problem by allowing filters to register a one time conversion logic for a specific key. Incoming config metadata (via xDS) is converted to class objects at config load time. Filters can then obtain a typed variant of the metadata at runtime (per request or connection), thereby eliminating the need for filters to repeatedly convert from `ProtobufWkt::Struct` to some internal object during request/connection processing. For example, a filter that desires to have a convenience wrapper class over an opaque metadata with key `xxx.service.policy` in `ClusterInfo` could register a factory `ServicePolicyFactory` that inherits from `ClusterTypedMetadataFactory`. The factory translates the `ProtobufWkt::Struct` into an instance of `ServicePolicy` class (inherited from `FilterState::Object`). When a `Cluster` is created, the associated `ServicePolicy` instance will be created and cached. Note that typed metadata is not a new source of metadata. It is obtained from metadata that is specified as part of the configuration. A `FilterState::Object` implements `serializeAsProto` method can be configured in access loggers to log it. HTTP Per-Route Filter Configuration ----------------------------------- In HTTP routes, :ref:`typed_per_filter_config ` allows HTTP filters to have virtualhost/route-specific configuration in addition to a global filter config common to all virtual hosts. This configuration is converted and embedded into the route table. It is up to the HTTP filter implementation to treat the route-specific filter config as a replacement to global config or an enhancement. For example, the HTTP fault filter uses this technique to provide per-route fault configuration. `typed_per_filter_config` is a `map`. The Connection manager iterates over this map and invokes the filter factory interface `createRouteSpecificFilterConfigTyped` to parse/validate the struct value and convert it into a typed class object that’s stored with the route itself. HTTP filters can then query the route-specific filter config during request processing. Dynamic State ^^^^^^^^^^^^^ Dynamic state is generated per network connection or per HTTP stream. Dynamic state can be mutable if desired by the filter generating the state. `Envoy::Network::Connection` and `Envoy::Http::Filter` provide a `StreamInfo` object that contains information about the current TCP connection and HTTP stream (i.e., HTTP request/response pair) respectively. `StreamInfo` contains a set of fixed attributes as part of the class definition (e.g., HTTP protocol, requested server name, etc.). In addition, it provides a facility to store typed objects in a map (`map`). The state stored per filter can be either write-once (immutable), or write-many (mutable). ================================================ FILE: docs/root/intro/arch_overview/arch_overview.rst ================================================ Architecture overview ===================== .. toctree:: :maxdepth: 2 intro/intro listeners/listeners_toc http/http upstream/upstream observability/observability security/security operations/operations other_features/other_features other_protocols/other_protocols advanced/advanced ================================================ FILE: docs/root/intro/arch_overview/http/http.rst ================================================ HTTP ==== .. toctree:: :maxdepth: 2 http_connection_management http_filters http_routing upgrades http_proxy ================================================ FILE: docs/root/intro/arch_overview/http/http_connection_management.rst ================================================ .. _arch_overview_http_conn_man: HTTP connection management ========================== HTTP is such a critical component of modern service oriented architectures that Envoy implements a large amount of HTTP specific functionality. Envoy has a built in network level filter called the :ref:`HTTP connection manager `. This filter translates raw bytes into HTTP level messages and events (e.g., headers received, body data received, trailers received, etc.). It also handles functionality common to all HTTP connections and requests such as :ref:`access logging `, :ref:`request ID generation and tracing `, :ref:`request/response header manipulation `, :ref:`route table ` management, and :ref:`statistics `. HTTP connection manager :ref:`configuration `. .. _arch_overview_http_protocols: HTTP protocols -------------- Envoy’s HTTP connection manager has native support for HTTP/1.1, WebSockets, and HTTP/2. It does not support SPDY. Envoy’s HTTP support was designed to first and foremost be an HTTP/2 multiplexing proxy. Internally, HTTP/2 terminology is used to describe system components. For example, an HTTP request and response take place on a *stream*. A codec API is used to translate from different wire protocols into a protocol agnostic form for streams, requests, responses, etc. In the case of HTTP/1.1, the codec translates the serial/pipelining capabilities of the protocol into something that looks like HTTP/2 to higher layers. This means that the majority of the code does not need to understand whether a stream originated on an HTTP/1.1 or HTTP/2 connection. HTTP header sanitizing ---------------------- The HTTP connection manager performs various :ref:`header sanitizing ` actions for security reasons. Route table configuration ------------------------- Each :ref:`HTTP connection manager filter ` has an associated :ref:`route table `. The route table can be specified in one of two ways: * Statically. * Dynamically via the :ref:`RDS API `. .. _arch_overview_http_retry_plugins: Retry plugin configuration -------------------------- Normally during retries, host selection follows the same process as the original request. Retry plugins can be used to modify this behavior, and they fall into two categories: * :ref:`Host Predicates `: These predicates can be used to "reject" a host, which will cause host selection to be reattempted. Any number of these predicates can be specified, and the host will be rejected if any of the predicates reject the host. Envoy supports the following built-in host predicates * *envoy.retry_host_predicates.previous_hosts*: This will keep track of previously attempted hosts, and rejects hosts that have already been attempted. * *envoy.retry_host_predicates.omit_canary_hosts*: This will reject any host that is a marked as canary host. Hosts are marked by setting ``canary: true`` for the ``envoy.lb`` filter in the endpoint's filter metadata. See :ref:`LbEndpoint ` for more details. * *envoy.retry_host_predicates.omit_host_metadata*: This will reject any host based on predefined metadata match criteria. See the configuration example below for more details. * :ref:`Priority Predicates`: These predicates can be used to adjust the priority load used when selecting a priority for a retry attempt. Only one such predicate may be specified. Envoy supports the following built-in priority predicates * *envoy.retry_priorities.previous_priorities*: This will keep track of previously attempted priorities, and adjust the priority load such that other priorities will be targeted in subsequent retry attempts. Host selection will continue until either the configured predicates accept the host or a configurable :ref:`max attempts ` has been reached. These plugins can be combined to affect both host selection and priority load. Envoy can also be extended with custom retry plugins similar to how custom filters can be added. **Configuration Example** For example, to configure retries to prefer hosts that haven't been attempted already, the built-in ``envoy.retry_host_predicates.previous_hosts`` predicate can be used: .. code-block:: yaml retry_policy: retry_host_predicate: - name: envoy.retry_host_predicates.previous_hosts host_selection_retry_max_attempts: 3 This will reject hosts previously attempted, retrying host selection a maximum of 3 times. The bound on attempts is necessary in order to deal with scenarios in which finding an acceptable host is either impossible (no hosts satisfy the predicate) or very unlikely (the only suitable host has a very low relative weight). To reject a host based on its metadata, ``envoy.retry_host_predicates.omit_host_metadata`` can be used: .. code-block:: yaml retry_policy: retry_host_predicate: - name: envoy.retry_host_predicates.omit_host_metadata typed_config: "@type": type.googleapis.com/envoy.extensions.retry.host.omit_host_metadata.v3.OmitHostMetadataConfig metadata_match: filter_metadata: envoy.lb: key: value This will reject any host with matching (key, value) in its metadata. To configure retries to attempt other priorities during retries, the built-in ``envoy.retry_priorities.previous_priorities`` can be used. .. code-block:: yaml retry_policy: retry_priority: name: envoy.retry_priorities.previous_priorities typed_config: "@type": type.googleapis.com/envoy.extensions.retry.priority.previous_priorities.v3.PreviousPrioritiesConfig update_frequency: 2 This will target priorities in subsequent retry attempts that haven't been already used. The ``update_frequency`` parameter decides how often the priority load should be recalculated. These plugins can be combined, which will exclude both previously attempted hosts as well as previously attempted priorities. .. code-block:: yaml retry_policy: retry_host_predicate: - name: envoy.retry_host_predicates.previous_hosts host_selection_retry_max_attempts: 3 retry_priority: name: envoy.retry_priorities.previous_priorities typed_config: "@type": type.googleapis.com/envoy.extensions.retry.priority.previous_priorities.v3.PreviousPrioritiesConfig update_frequency: 2 .. _arch_overview_internal_redirects: Internal redirects -------------------------- Envoy supports handling 3xx redirects internally, that is capturing a configurable 3xx redirect response, synthesizing a new request, sending it to the upstream specified by the new route match, and returning the redirected response as the response to the original request. Internal redirects are configured via the :ref:`internal redirect policy ` field in route configuration. When redirect handling is on, any 3xx response from upstream, that matches :ref:`redirect_response_codes ` is subject to the redirect being handled by Envoy. For a redirect to be handled successfully it must pass the following checks: 1. Have a response code matching one of :ref:`redirect_response_codes `, which is either 302 (by default), or a set of 3xx codes (301, 302, 303, 307, 308). 2. Have a *location* header with a valid, fully qualified URL. 3. The request must have been fully processed by Envoy. 4. The request must not have a body. 5. :ref:`allow_cross_scheme_redirect ` is true (default to false), or the scheme of the downstream request and the *location* header are the same. 6. The number of previously handled internal redirect within a given downstream request does not exceed :ref:`max internal redirects ` of the route that the request or redirected request is hitting. 7. All :ref:`predicates ` accept the target route. Any failure will result in redirect being passed downstream instead. Since a redirected request may be bounced between different routes, any route in the chain of redirects that 1. does not have internal redirect enabled 2. or has a :ref:`max internal redirects ` smaller or equal to the redirect chain length when the redirect chain hits it 3. or is disallowed by any of the :ref:`predicates ` will cause the redirect to be passed downstream. Two predicates can be used to create a DAG that defines the redirect chain, the :ref:`previous routes ` predicate, and the :ref:`allow_listed_routes `. Specifically, the *allow listed routes* predicate defines edges of individual node in the DAG and the *previous routes* predicate defines "visited" state of the edges, so that loop can be avoided if so desired. A third predicate :ref:`safe_cross_scheme ` can be used to prevent HTTP -> HTTPS redirect. Once the redirect has passed these checks, the request headers which were shipped to the original upstream will be modified by: 1. Putting the fully qualified original request URL in the x-envoy-original-url header. 2. Replacing the Authority/Host, Scheme, and Path headers with the values from the Location header. The altered request headers will then have a new route selected, be sent through a new filter chain, and then shipped upstream with all of the normal Envoy request sanitization taking place. .. warning:: Note that HTTP connection manager sanitization such as clearing untrusted headers will only be applied once. Per-route header modifications will be applied on both the original route and the second route, even if they are the same, so be careful configuring header modification rules to avoid duplicating undesired header values. A sample redirect flow might look like this: 1. Client sends a GET request for *\http://foo.com/bar* 2. Upstream 1 sends a 302 with *"location: \http://baz.com/eep"* 3. Envoy is configured to allow redirects on the original route, and sends a new GET request to Upstream 2, to fetch *\http://baz.com/eep* with the additional request header *"x-envoy-original-url: \http://foo.com/bar"* 4. Envoy proxies the response data for *\http://baz.com/eep* to the client as the response to the original request. Timeouts -------- Various configurable timeouts apply to an HTTP connection and its constituent streams. Please see :ref:`this FAQ entry ` for an overview of important timeout configuration. ================================================ FILE: docs/root/intro/arch_overview/http/http_filters.rst ================================================ .. _arch_overview_http_filters: HTTP filters ============ Much like the :ref:`network level filter ` stack, Envoy supports an HTTP level filter stack within the connection manager. Filters can be written that operate on HTTP level messages without knowledge of the underlying physical protocol (HTTP/1.1, HTTP/2, etc.) or multiplexing capabilities. There are three types of HTTP level filters: * **Decoder**: Decoder filters are invoked when the connection manager is decoding parts of the request stream (headers, body, and trailers). * **Encoder**: Encoder filters are invoked when the connection manager is about to encode parts of the response stream (headers, body, and trailers). * **Decoder/Encoder**: Decoder/Encoder filters are invoked both when the connection manager is decoding parts of the request stream and when the connection manager is about to encode parts of the response stream. The API for HTTP level filters allows the filters to operate without knowledge of the underlying protocol. Like network level filters, HTTP filters can stop and continue iteration to subsequent filters. This allows for more complex scenarios such as health check handling, calling a rate limiting service, buffering, routing, generating statistics for application traffic such as DynamoDB, etc. HTTP level filters can also share state (static and dynamic) among themselves within the context of a single request stream. Refer to :ref:`data sharing between filters ` for more details. Envoy already includes several HTTP level filters that are documented in this architecture overview as well as the :ref:`configuration reference `. .. _arch_overview_http_filters_ordering: Filter ordering --------------- Filter ordering in the :ref:`http_filters field ` matters. If filters are configured in the following order (and assuming all three filters are decoder/encoder filters): .. code-block:: yaml http_filters: - A - B # The last configured filter has to be a terminal filter, as determined by the # NamedHttpFilterConfigFactory::isTerminalFilter() function. This is most likely the router # filter. - C The connection manager will invoke decoder filters in the order: ``A``, ``B``, ``C``. On the other hand, the connection manager will invoke encoder filters in the **reverse** order: ``C``, ``B``, ``A``. ================================================ FILE: docs/root/intro/arch_overview/http/http_proxy.rst ================================================ .. _arch_overview_http_dynamic_forward_proxy: HTTP dynamic forward proxy ========================== Through the combination of both an :ref:`HTTP filter ` and :ref:`custom cluster `, Envoy supports HTTP dynamic forward proxy. This means that Envoy can perform the role of an HTTP proxy without prior knowledge of all configured DNS addresses, while still retaining the vast majority of Envoy's benefits including asynchronous DNS resolution. The implementation works as follows: * The dynamic forward proxy HTTP filter is used to pause requests if the target DNS host is not already in cache. * Envoy will begin asynchronously resolving the DNS address, unblocking any requests waiting on the response when the resolution completes. * Any future requests will not be blocked as the DNS address is already in cache. The resolution process works similarly to the :ref:`logical DNS ` service discovery type with a single target address being remembered at any given time. * All known hosts are stored in the dynamic forward proxy cluster such that they can be displayed in :ref:`admin output `. * A special load balancer will select the right host to use based on the HTTP host/authority header during forwarding. * Hosts that have not been used for a period of time are subject to a TTL that will purge them. * When the upstream cluster has been configured with a TLS context, Envoy will automatically perform SAN verification for the resolved host name as well as specify the host name via SNI. The above implementation details mean that at steady state Envoy can forward a large volume of HTTP proxy traffic while all DNS resolution happens asynchronously in the background. Additionally, all other Envoy filters and extensions can be used in conjunction with dynamic forward proxy support including authentication, RBAC, rate limiting, etc. For further configuration information see the :ref:`HTTP filter configuration documentation `. Memory usage details -------------------- Memory usage detail's for Envoy's dynamic forward proxy support are as follows: * Each resolved host/port pair uses a fixed amount of memory global to the server and shared amongst all workers. * Address changes are performed inline using read/write locks and require no host reallocations. * Hosts removed via TTL are purged once all active connections stop referring to them and all used memory is regained. * The :ref:`max_hosts ` field can be used to limit the number of hosts that the DNS cache will store at any given time. * The cluster's :ref:`max_pending_requests ` circuit breaker can be used to limit the number of requests that are pending waiting for the DNS cache to load a host. * Long lived upstream connections can have the underlying logical host expire via TTL while the connection is still open. Upstream requests and connections are still bound by other cluster circuit breakers such as :ref:`max_requests `. The current assumption is that host data shared between connections uses a marginal amount of memory compared to the connections and requests themselves, making it not worth controlling independently. ================================================ FILE: docs/root/intro/arch_overview/http/http_routing.rst ================================================ .. _arch_overview_http_routing: HTTP routing ============ Envoy includes an HTTP :ref:`router filter ` which can be installed to perform advanced routing tasks. This is useful both for handling edge traffic (traditional reverse proxy request handling) as well as for building a service to service Envoy mesh (typically via routing on the host/authority HTTP header to reach a particular upstream service cluster). Envoy also has the ability to be configured as forward proxy. In the forward proxy configuration, mesh clients can participate by appropriately configuring their http proxy to be an Envoy. At a high level the router takes an incoming HTTP request, matches it to an upstream cluster, acquires a :ref:`connection pool ` to a host in the upstream cluster, and forwards the request. The router filter supports the following features: * Virtual hosts that map domains/authorities to a set of routing rules. * Prefix and exact path matching rules (both :ref:`case sensitive ` and case insensitive). Regex/slug matching is not currently supported, mainly because it makes it difficult/impossible to programmatically determine whether routing rules conflict with each other. For this reason we don’t recommend regex/slug routing at the reverse proxy level, however we may add support in the future depending on demand. * :ref:`TLS redirection ` at the virtual host level. * :ref:`Path `/:ref:`host ` redirection at the route level. * :ref:`Direct (non-proxied) HTTP responses ` at the route level. * :ref:`Explicit host rewriting `. * :ref:`Automatic host rewriting ` based on the DNS name of the selected upstream host. * :ref:`Prefix rewriting `. * :ref:`Path rewriting using a regular expression and capture groups `. * :ref:`Request retries ` specified either via HTTP header or via route configuration. * Request timeout specified either via :ref:`HTTP header ` or via :ref:`route configuration `. * :ref:`Request hedging ` for retries in response to a request (per try) timeout. * Traffic shifting from one upstream cluster to another via :ref:`runtime values ` (see :ref:`traffic shifting/splitting `). * Traffic splitting across multiple upstream clusters using :ref:`weight/percentage-based routing ` (see :ref:`traffic shifting/splitting `). * Arbitrary header matching :ref:`routing rules `. * Virtual cluster specifications. A virtual cluster is specified at the virtual host level and is used by Envoy to generate additional statistics on top of the standard cluster level ones. Virtual clusters can use regex matching. * :ref:`Priority ` based routing. * :ref:`Hash policy ` based routing. * :ref:`Absolute urls ` are supported for non-tls forward proxies. .. _arch_overview_http_routing_route_scope: Route Scope ----------- Scoped routing enables Envoy to put constraints on search space of domains and route rules. A :ref:`Route Scope` associates a key with a :ref:`route table `. For each request, a scope key is computed dynamically by the HTTP connection manager to pick the :ref:`route table`. RouteConfiguration associated with scope can be loaded on demand with :ref:`v3 API reference ` configured and on demand filed in protobuf set to true. The Scoped RDS (SRDS) API contains a set of :ref:`Scopes ` resources, each defining independent routing configuration, along with a :ref:`ScopeKeyBuilder ` defining the key construction algorithm used by Envoy to look up the scope corresponding to each request. For example, for the following scoped route configuration, Envoy will look into the "addr" header value, split the header value by ";" first, and use the first value for key 'x-foo-key' as the scope key. If the "addr" header value is "foo=1;x-foo-key=127.0.0.1;x-bar-key=1.1.1.1", then "127.0.0.1" will be computed as the scope key to look up for corresponding route configuration. .. code-block:: yaml name: scope_by_addr fragments: - header_value_extractor: name: Addr element_separator: ; element: key: x-foo-key separator: = .. _arch_overview_http_routing_route_table: For a key to match a :ref:`ScopedRouteConfiguration`, the number of fragments in the computed key has to match that of the :ref:`ScopedRouteConfiguration`. Then fragments are matched in order. A missing fragment(treated as NULL) in the built key makes the request unable to match any scope, i.e. no route entry can be found for the request. Route table ----------- The :ref:`configuration ` for the HTTP connection manager owns the :ref:`route table ` that is used by all configured HTTP filters. Although the router filter is the primary consumer of the route table, other filters also have access in case they want to make decisions based on the ultimate destination of the request. For example, the built in rate limit filter consults the route table to determine whether the global rate limit service should be called based on the route. The connection manager makes sure that all calls to acquire a route are stable for a particular request, even if the decision involves randomness (e.g. in the case of a runtime configuration route rule). .. _arch_overview_http_routing_retry: Retry semantics --------------- Envoy allows retries to be configured both in the :ref:`route configuration ` as well as for specific requests via :ref:`request headers `. The following configurations are possible: * **Maximum number of retries**: Envoy will continue to retry any number of times. The intervals between retries are decided either by an exponential backoff algorithm (the default), or based on feedback from the upstream server via headers (if present). Additionally, *all retries are contained within the overall request timeout*. This avoids long request times due to a large number of retries. * **Retry conditions**: Envoy can retry on different types of conditions depending on application requirements. For example, network failure, all 5xx response codes, idempotent 4xx response codes, etc. * **Retry budgets**: Envoy can limit the proportion of active requests via :ref:`retry budgets ` that can be retries to prevent their contribution to large increases in traffic volume. * **Host selection retry plugins**: Envoy can be configured to apply additional logic to the host selection logic when selecting hosts for retries. Specifying a :ref:`retry host predicate ` allows for reattempting host selection when certain hosts are selected (e.g. when an already attempted host is selected), while a :ref:`retry priority ` can be configured to adjust the priority load used when selecting a priority for retries. Note that Envoy retries requests when :ref:`x-envoy-overloaded ` is present. It is recommended to either configure :ref:`retry budgets (preferred) ` or set :ref:`maximum active retries circuit breaker ` to an appropriate value to avoid retry storms. .. _arch_overview_http_routing_hedging: Request Hedging --------------- Envoy supports request hedging which can be enabled by specifying a :ref:`hedge policy `. This means that Envoy will race multiple simultaneous upstream requests and return the response associated with the first acceptable response headers to the downstream. The retry policy is used to determine whether a response should be returned or whether more responses should be awaited. Currently hedging can only be performed in response to a request timeout. This means that a retry request will be issued without canceling the initial timed-out request and a late response will be awaited. The first "good" response according to retry policy will be returned downstream. The implementation ensures that the same upstream request is not retried twice. This might otherwise occur if a request times out and then results in a 5xx response, creating two retriable events. .. _arch_overview_http_routing_priority: Priority routing ---------------- Envoy supports priority routing at the :ref:`route ` level. The current priority implementation uses different :ref:`connection pool ` and :ref:`circuit breaking ` settings for each priority level. This means that even for HTTP/2 requests, two physical connections will be used to an upstream host. In the future Envoy will likely support true HTTP/2 priority over a single connection. The currently supported priorities are *default* and *high*. .. _arch_overview_http_routing_direct_response: Direct responses ---------------- Envoy supports the sending of "direct" responses. These are preconfigured HTTP responses that do not require proxying to an upstream server. There are two ways to specify a direct response in a Route: * Set the :ref:`direct_response ` field. This works for all HTTP response statuses. * Set the :ref:`redirect ` field. This works for redirect response statuses only, but it simplifies the setting of the *Location* header. A direct response has an HTTP status code and an optional body. The Route configuration can specify the response body inline or specify the pathname of a file containing the body. If the Route configuration specifies a file pathname, Envoy will read the file upon configuration load and cache the contents. .. attention:: If a response body is specified, it must be no more than 4KB in size, regardless of whether it is provided inline or in a file. Envoy currently holds the entirety of the body in memory, so the 4KB limit is intended to keep the proxy's memory footprint from growing too large. If **response_headers_to_add** has been set for the Route or the enclosing Virtual Host, Envoy will include the specified headers in the direct HTTP response. ================================================ FILE: docs/root/intro/arch_overview/http/upgrades.rst ================================================ .. _arch_overview_upgrades: HTTP upgrades =========================== Envoy Upgrade support is intended mainly for WebSocket and CONNECT support, but may be used for arbitrary upgrades as well. Upgrades pass both the HTTP headers and the upgrade payload through an HTTP filter chain. One may configure the :ref:`upgrade_configs ` with or without custom filter chains. If only the :ref:`upgrade_type ` is specified, both the upgrade headers, any request and response body, and HTTP data payload will pass through the default HTTP filter chain. To avoid the use of HTTP-only filters for upgrade payload, one can set up custom :ref:`filters ` for the given upgrade type, up to and including only using the router filter to send the HTTP data upstream. Upgrades can be enabled or disabled on a :ref:`per-route ` basis. Any per-route enabling/disabling automatically overrides HttpConnectionManager configuration as laid out below, but custom filter chains can only be configured on a per-HttpConnectionManager basis. +-----------------------+-------------------------+-------------------+ | *HCM Upgrade Enabled* | *Route Upgrade Enabled* | *Upgrade Enabled* | +=======================+=========================+===================+ | T (Default) | T (Default) | T | +-----------------------+-------------------------+-------------------+ | T (Default) | F | F | +-----------------------+-------------------------+-------------------+ | F | T (Default) | T | +-----------------------+-------------------------+-------------------+ | F | F | F | +-----------------------+-------------------------+-------------------+ Note that the statistics for upgrades are all bundled together so WebSocket and other upgrades :ref:`statistics ` are tracked by stats such as downstream_cx_upgrades_total and downstream_cx_upgrades_active Websocket over HTTP/2 hops ^^^^^^^^^^^^^^^^^^^^^^^^^^ While HTTP/2 support for WebSockets is off by default, Envoy does support tunneling WebSockets over HTTP/2 streams for deployments that prefer a uniform HTTP/2 mesh throughout; this enables, for example, a deployment of the form: [Client] ---- HTTP/1.1 ---- [Front Envoy] ---- HTTP/2 ---- [Sidecar Envoy ---- H1 ---- App] In this case, if a client is for example using WebSocket, we want the Websocket to arrive at the upstream server functionally intact, which means it needs to traverse the HTTP/2 hop. This is accomplished via `Extended CONNECT (RFC8441) `_ support, turned on by setting :ref:`allow_connect ` true at the second layer Envoy. The WebSocket request will be transformed into an HTTP/2 CONNECT stream, with :protocol header indicating the original upgrade, traverse the HTTP/2 hop, and be downgraded back into an HTTP/1 WebSocket Upgrade. This same Upgrade-CONNECT-Upgrade transformation will be performed on any HTTP/2 hop, with the documented flaw that the HTTP/1.1 method is always assumed to be GET. Non-WebSocket upgrades are allowed to use any valid HTTP method (i.e. POST) and the current upgrade/downgrade mechanism will drop the original method and transform the Upgrade request to a GET method on the final Envoy-Upstream hop. Note that the HTTP/2 upgrade path has very strict HTTP/1.1 compliance, so will not proxy WebSocket upgrade requests or responses with bodies. CONNECT support ^^^^^^^^^^^^^^^ Envoy CONNECT support is off by default (Envoy will send an internally generated 403 in response to CONNECT requests). CONNECT support can be enabled via the upgrade options described above, setting the upgrade value to the special keyword "CONNECT". While for HTTP/2, CONNECT request may have a path, in general and for HTTP/1.1 CONNECT requests do not have a path, and can only be matched using a :ref:`connect_matcher ` Envoy can handle CONNECT in one of two ways, either proxying the CONNECT headers through as if they were any other request, and letting the upstream terminate the CONNECT request, or by terminating the CONNECT request, and forwarding the payload as raw TCP data. When CONNECT upgrade configuration is set up, the default behavior is to proxy the CONNECT request, treating it like any other request using the upgrade path. If termination is desired, this can be accomplished by setting :ref:`connect_config ` If it that message is present for CONNECT requests, the router filter will strip the request headers, and forward the HTTP payload upstream. On receipt of initial TCP data from upstream, the router will synthesize 200 response headers, and then forward the TCP data as the HTTP response body. .. warning:: This mode of CONNECT support can create major security holes if not configured correctly, as the upstream will be forwarded *unsanitized* headers if they are in the body payload. Please use with caution Tunneling TCP over HTTP/2 ^^^^^^^^^^^^^^^^^^^^^^^^^ Envoy also has support for transforming raw TCP into HTTP/2 CONNECT requests. This can be used to proxy multiplexed TCP over pre-warmed secure connections and amortize the cost of any TLS handshake. An example set up proxying SMTP would look something like this [SMTP Upstream] --- raw SMTP --- [L2 Envoy] --- SMTP tunneled over HTTP/2 --- [L1 Envoy] --- raw SMTP --- [Client] Examples of such a set up can be found in the Envoy example config :repo:`directory ` If you run `bazel-bin/source/exe/envoy-static --config-path configs/encapsulate_in_connect.v3.yaml --base-id 1` and `bazel-bin/source/exe/envoy-static --config-path configs/terminate_connect.v3.yaml` you will be running two Envoys, the first listening for TCP traffic on port 10000 and encapsulating it in an HTTP/2 CONNECT request, and the second listening for HTTP/2 on 10001, stripping the CONNECT headers, and forwarding the original TCP upstream, in this case to google.com. ================================================ FILE: docs/root/intro/arch_overview/intro/intro.rst ================================================ Introduction ============ .. toctree:: :maxdepth: 2 terminology threading_model ================================================ FILE: docs/root/intro/arch_overview/intro/terminology.rst ================================================ Terminology =========== A few definitions before we dive into the main architecture documentation. Some of the definitions are slightly contentious within the industry, however they are how Envoy uses them throughout the documentation and codebase, so *c'est la vie*. **Host**: An entity capable of network communication (application on a mobile phone, server, etc.). In this documentation a host is a logical network application. A physical piece of hardware could possibly have multiple hosts running on it as long as each of them can be independently addressed. **Downstream**: A downstream host connects to Envoy, sends requests, and receives responses. **Upstream**: An upstream host receives connections and requests from Envoy and returns responses. **Listener**: A listener is a named network location (e.g., port, unix domain socket, etc.) that can be connected to by downstream clients. Envoy exposes one or more listeners that downstream hosts connect to. **Cluster**: A cluster is a group of logically similar upstream hosts that Envoy connects to. Envoy discovers the members of a cluster via :ref:`service discovery `. It optionally determines the health of cluster members via :ref:`active health checking `. The cluster member that Envoy routes a request to is determined by the :ref:`load balancing policy `. **Mesh**: A group of hosts that coordinate to provide a consistent network topology. In this documentation, an “Envoy mesh” is a group of Envoy proxies that form a message passing substrate for a distributed system comprised of many different services and application platforms. **Runtime configuration**: Out of band realtime configuration system deployed alongside Envoy. Configuration settings can be altered that will affect operation without needing to restart Envoy or change the primary configuration. ================================================ FILE: docs/root/intro/arch_overview/intro/threading_model.rst ================================================ .. _arch_overview_threading: Threading model =============== Envoy uses a single process with multiple threads architecture. A single *primary* thread controls various sporadic coordination tasks while some number of *worker* threads perform listening, filtering, and forwarding. Once a connection is accepted by a listener, the connection spends the rest of its lifetime bound to a single worker thread. This allows the majority of Envoy to be largely single threaded (embarrassingly parallel) with a small amount of more complex code handling coordination between the worker threads. Generally Envoy is written to be 100% non-blocking and for most workloads we recommend configuring the number of worker threads to be equal to the number of hardware threads on the machine. Listener connection balancing ----------------------------- By default, there is no coordination between worker threads. This means that all worker threads independently attempt to accept connections on each listener and rely on the kernel to perform adequate balancing between threads. For most workloads, the kernel does a very good job of balancing incoming connections. However, for some workloads, particularly those that have a small number of very long lived connections (e.g., service mesh HTTP2/gRPC egress), it may be desirable to have Envoy forcibly balance connections between worker threads. To support this behavior, Envoy allows for different types of :ref:`connection balancing ` to be configured on each :ref:`listener `. ================================================ FILE: docs/root/intro/arch_overview/listeners/dns_filter.rst ================================================ DNS Filter ========== Envoy supports responding to DNS requests by configuring a :ref:`UDP listener DNS Filter `. The DNS filter supports responding to forward queries for A and AAAA records. The answers are discovered from statically configured resources, clusters, or external DNS servers. The filter will return DNS responses up to to 512 bytes. If domains are configured with multiple addresses, or clusters with multiple endpoints, Envoy will return each discovered address up to the aforementioned size limit. ================================================ FILE: docs/root/intro/arch_overview/listeners/listener_filters.rst ================================================ .. _arch_overview_listener_filters: Listener filters ================ As discussed in the :ref:`listener ` section, listener filters may be used to manipulate connection metadata. The main purpose of listener filters is to make adding further system integration functions easier by not requiring changes to Envoy core functionality, and also make interaction between multiple such features more explicit. The API for listener filters is relatively simple since ultimately these filters operate on newly accepted sockets. Filters in the chain can stop and subsequently continue iteration to further filters. This allows for more complex scenarios such as calling a :ref:`rate limiting service `, etc. Envoy already includes several listener filters that are documented in this architecture overview as well as the :ref:`configuration reference `. ================================================ FILE: docs/root/intro/arch_overview/listeners/listeners.rst ================================================ .. _arch_overview_listeners: Listeners ========= The Envoy configuration supports any number of listeners within a single process. Generally we recommend running a single Envoy per machine regardless of the number of configured listeners. This allows for easier operation and a single source of statistics. Envoy supports both TCP and UDP listeners. TCP --- Each listener is independently configured with some number :ref:`filter chains `, where an individual chain is selected based on its :ref:`match criteria `. An individual filter chain is composed of one or more network level (L3/L4) :ref:`filters `. When a new connection is received on a listener, the appropriate filter chain is selected, and the configured connection local filter stack is instantiated and begins processing subsequent events. The generic listener architecture is used to perform the vast majority of different proxy tasks that Envoy is used for (e.g., :ref:`rate limiting `, :ref:`TLS client authentication `, :ref:`HTTP connection management `, MongoDB :ref:`sniffing `, raw :ref:`TCP proxy `, etc.). Listeners are optionally also configured with some number of :ref:`listener filters `. These filters are processed before the network level filters, and have the opportunity to manipulate the connection metadata, usually to influence how the connection is processed by later filters or clusters. Listeners can also be fetched dynamically via the :ref:`listener discovery service (LDS) `. Listener :ref:`configuration `. .. _arch_overview_listeners_udp: UDP --- Envoy also supports UDP listeners and specifically :ref:`UDP listener filters `. UDP listener filters are instantiated once per worker and are global to that worker. Each listener filter processes each UDP datagram that is received by the worker listening on the port. In practice, UDP listeners are configured with the SO_REUSEPORT kernel option which will cause the kernel to consistently hash each UDP 4-tuple to the same worker. This allows a UDP listener filter to be "session" oriented if it so desires. A built-in example of this functionality is the :ref:`UDP proxy ` listener filter. ================================================ FILE: docs/root/intro/arch_overview/listeners/listeners_toc.rst ================================================ Listeners ========= .. toctree:: :maxdepth: 2 listeners listener_filters network_filters tcp_proxy udp_proxy dns_filter ================================================ FILE: docs/root/intro/arch_overview/listeners/network_filters.rst ================================================ .. _arch_overview_network_filters: Network (L3/L4) filters ======================= As discussed in the :ref:`listener ` section, network level (L3/L4) filters form the core of Envoy connection handling. The filter API allows for different sets of filters to be mixed and matched and attached to a given listener. There are three different types of network filters: * **Read**: Read filters are invoked when Envoy receives data from a downstream connection. * **Write**: Write filters are invoked when Envoy is about to send data to a downstream connection. * **Read/Write**: Read/Write filters are invoked both when Envoy receives data from a downstream connection and when it is about to send data to a downstream connection. The API for network level filters is relatively simple since ultimately the filters operate on raw bytes and a small number of connection events (e.g., TLS handshake complete, connection disconnected locally or remotely, etc.). Filters in the chain can stop and subsequently continue iteration to further filters. This allows for more complex scenarios such as calling a :ref:`rate limiting service `, etc. Network level filters can also share state (static and dynamic) among themselves within the context of a single downstream connection. Refer to :ref:`data sharing between filters ` for more details. Envoy already includes several network level filters that are documented in this architecture overview as well as the :ref:`configuration reference `. ================================================ FILE: docs/root/intro/arch_overview/listeners/tcp_proxy.rst ================================================ .. _arch_overview_tcp_proxy: TCP proxy ========= Since Envoy is fundamentally written as a L3/L4 server, basic L3/L4 proxy is easily implemented. The TCP proxy filter performs basic 1:1 network connection proxy between downstream clients and upstream clusters. It can be used by itself as an stunnel replacement, or in conjunction with other filters such as the :ref:`MongoDB filter ` or the :ref:`rate limit ` filter. The TCP proxy filter will respect the :ref:`connection limits ` imposed by each upstream cluster's global resource manager. The TCP proxy filter checks with the upstream cluster's resource manager if it can create a connection without going over that cluster's maximum number of connections, if it can't the TCP proxy will not make the connection. TCP proxy filter :ref:`configuration reference `. ================================================ FILE: docs/root/intro/arch_overview/listeners/udp_proxy.rst ================================================ .. _arch_overview_udp_proxy: UDP proxy ========= Envoy supports UDP proxy via the :ref:`UDP proxy listener filter `. ================================================ FILE: docs/root/intro/arch_overview/observability/access_logging.rst ================================================ .. _arch_overview_access_logs: Access logging ============== The :ref:`HTTP connection manager ` and :ref:`tcp proxy ` support extensible access logging with the following features: * Any number of access logs per a connection stream. * Customizable access log filters that allow different types of requests and responses to be written to different access logs. Downstream connection access logging can be enabled using :ref:`listener access logs`. The listener access logs complement HTTP request access logging and can be enabled separately and independently from filter access logs. .. _arch_overview_access_log_filters: Access log filters ------------------ Envoy supports several built-in :ref:`access log filters` and :ref:`extension filters` that are registered at runtime. .. _arch_overview_access_logs_sinks: Access logging sinks -------------------- Envoy supports pluggable access logging sinks. The currently supported sinks are: File **** * Asynchronous IO flushing architecture. Access logging will never block the main network processing threads. * Customizable access log formats using predefined fields as well as arbitrary HTTP request and response headers. gRPC **** * Envoy can send access log messages to a gRPC access logging service. Further reading --------------- * Access log :ref:`configuration `. * File :ref:`access log sink `. * gRPC :ref:`Access Log Service (ALS) ` sink. ================================================ FILE: docs/root/intro/arch_overview/observability/observability.rst ================================================ Observability ============= .. toctree:: :maxdepth: 2 statistics access_logging tracing ================================================ FILE: docs/root/intro/arch_overview/observability/statistics.rst ================================================ .. _arch_overview_statistics: Statistics ========== One of the primary goals of Envoy is to make the network understandable. Envoy emits a large number of statistics depending on how it is configured. Generally the statistics fall into three categories: * **Downstream**: Downstream statistics relate to incoming connections/requests. They are emitted by listeners, the HTTP connection manager, the TCP proxy filter, etc. * **Upstream**: Upstream statistics relate to outgoing connections/requests. They are emitted by connection pools, the router filter, the TCP proxy filter, etc. * **Server**: Server statistics describe how the Envoy server instance is working. Statistics like server uptime or amount of allocated memory are categorized here. A single proxy scenario typically involves both downstream and upstream statistics. The two types can be used to get a detailed picture of that particular network hop. Statistics from the entire mesh give a very detailed picture of each hop and overall network health. The statistics emitted are documented in detail in the operations guide. As of the v2 API, Envoy has the ability to support custom, pluggable sinks. :ref:`A few standard sink implementations` are included in Envoy. Some sinks also support emitting statistics with tags/dimensions. Within Envoy and throughout the documentation, statistics are identified by a canonical string representation. The dynamic portions of these strings are stripped to become tags. Users can configure this behavior via :ref:`the Tag Specifier configuration `. Envoy emits three types of values as statistics: * **Counters**: Unsigned integers that only increase and never decrease. E.g., total requests. * **Gauges**: Unsigned integers that both increase and decrease. E.g., currently active requests. * **Histograms**: Unsigned integers that are part of a stream of values that are then aggregated by the collector to ultimately yield summarized percentile values. E.g., upstream request time. Internally, counters and gauges are batched and periodically flushed to improve performance. Histograms are written as they are received. Note: what were previously referred to as timers have become histograms as the only difference between the two representations was the units. * :ref:`v3 API reference `. ================================================ FILE: docs/root/intro/arch_overview/observability/tracing.rst ================================================ .. _arch_overview_tracing: Tracing ======= Overview -------- Distributed tracing allows developers to obtain visualizations of call flows in large service oriented architectures. It can be invaluable in understanding serialization, parallelism, and sources of latency. Envoy supports three features related to system wide tracing: * **Request ID generation**: Envoy will generate UUIDs when needed and populate the :ref:`config_http_conn_man_headers_x-request-id` HTTP header. Applications can forward the x-request-id header for unified logging as well as tracing. The behavior can be configured on per :ref:`HTTP connection manager` basis using an extension. * **Client trace ID joining**: The :ref:`config_http_conn_man_headers_x-client-trace-id` header can be used to join untrusted request IDs to the trusted internal :ref:`config_http_conn_man_headers_x-request-id`. * **External trace service integration**: Envoy supports pluggable external trace visualization providers, that are divided into two subgroups: - External tracers which are part of the Envoy code base, like `LightStep `_, `Zipkin `_ or any Zipkin compatible backends (e.g. `Jaeger `_), and `Datadog `_. - External tracers which come as a third party plugin, like `Instana `_. Support for other tracing providers would not be difficult to add. How to initiate a trace ----------------------- The HTTP connection manager that handles the request must have the :ref:`tracing ` object set. There are several ways tracing can be initiated: * By an external client via the :ref:`config_http_conn_man_headers_x-client-trace-id` header. * By an internal service via the :ref:`config_http_conn_man_headers_x-envoy-force-trace` header. * Randomly sampled via the :ref:`random_sampling ` runtime setting. The router filter is also capable of creating a child span for egress calls via the :ref:`start_child_span ` option. Trace context propagation ------------------------- Envoy provides the capability for reporting tracing information regarding communications between services in the mesh. However, to be able to correlate the pieces of tracing information generated by the various proxies within a call flow, the services must propagate certain trace context between the inbound and outbound requests. Whichever tracing provider is being used, the service should propagate the :ref:`config_http_conn_man_headers_x-request-id` to enable logging across the invoked services to be correlated. The tracing providers also require additional context, to enable the parent/child relationships between the spans (logical units of work) to be understood. This can be achieved by using the LightStep (via OpenTracing API) or Zipkin tracer directly within the service itself, to extract the trace context from the inbound request and inject it into any subsequent outbound requests. This approach would also enable the service to create additional spans, describing work being done internally within the service, that may be useful when examining the end-to-end trace. Alternatively the trace context can be manually propagated by the service: * When using the LightStep tracer, Envoy relies on the service to propagate the :ref:`config_http_conn_man_headers_x-ot-span-context` HTTP header while sending HTTP requests to other services. * When using the Zipkin tracer, Envoy relies on the service to propagate the B3 HTTP headers ( :ref:`config_http_conn_man_headers_x-b3-traceid`, :ref:`config_http_conn_man_headers_x-b3-spanid`, :ref:`config_http_conn_man_headers_x-b3-parentspanid`, :ref:`config_http_conn_man_headers_x-b3-sampled`, and :ref:`config_http_conn_man_headers_x-b3-flags`). The :ref:`config_http_conn_man_headers_x-b3-sampled` header can also be supplied by an external client to either enable or disable tracing for a particular request. In addition, the single :ref:`config_http_conn_man_headers_b3` header propagation format is supported, which is a more compressed format. * When using the Datadog tracer, Envoy relies on the service to propagate the Datadog-specific HTTP headers ( :ref:`config_http_conn_man_headers_x-datadog-trace-id`, :ref:`config_http_conn_man_headers_x-datadog-parent-id`, :ref:`config_http_conn_man_headers_x-datadog-sampling-priority`). What data each trace contains ----------------------------- An end-to-end trace is comprised of one or more spans. A span represents a logical unit of work that has a start time and duration and can contain metadata associated with it. Each span generated by Envoy contains the following data: * Originating service cluster set via :option:`--service-cluster`. * Start time and duration of the request. * Originating host set via :option:`--service-node`. * Downstream cluster set via the :ref:`config_http_conn_man_headers_downstream-service-cluster` header. * HTTP request URL, method, protocol and user-agent. * Additional custom tags set via :ref:`custom_tags `. * Upstream cluster name and address. * HTTP response status code. * GRPC response status and message (if available). * An error tag when HTTP status is 5xx or GRPC status is not "OK". * Tracing system-specific metadata. The span also includes a name (or operation) which by default is defined as the host of the invoked service. However this can be customized using a :ref:`envoy_v3_api_msg_config.route.v3.Decorator` on the route. The name can also be overridden using the :ref:`config_http_filters_router_x-envoy-decorator-operation` header. Envoy automatically sends spans to tracing collectors. Depending on the tracing collector, multiple spans are stitched together using common information such as the globally unique request ID :ref:`config_http_conn_man_headers_x-request-id` (LightStep) or the trace ID configuration (Zipkin and Datadog). See :ref:`v3 API reference ` for more information on how to setup tracing in Envoy. Baggage ----------------------------- Baggage provides a mechanism for data to be available throughout the entirety of a trace. While metadata such as tags are usually communicated to collectors out-of-band, baggage data is injected into the actual request context and available to applications during the duration of the request. This enables metadata to transparently travel from the beginning of the request throughout your entire mesh without relying on application-specific modifications for propagation. See `OpenTracing's documentation `_ for more information about baggage. Tracing providers have varying level of support for getting and setting baggage: * Lightstep (and any OpenTracing-compliant tracer) can read/write baggage * Zipkin support is not yet implemented * X-Ray and OpenCensus don't support baggage ================================================ FILE: docs/root/intro/arch_overview/operations/draining.rst ================================================ .. _arch_overview_draining: Draining ======== In a few different scenarios, Envoy will attempt to gracefully shed connections. For instance, during server shutdown, existing requests can be discouraged and listeners set to stop accepting, to reduce the number of open connections when the server shuts down. Draining behaviour is defined by the server options in addition to individual listener configs. Draining occurs at the following times: * The server is being :ref:`hot restarted `. * The server begins the graceful drain sequence via the :ref:`drain_listeners?graceful ` admin endpoint. * The server has been manually health check failed via the :ref:`healthcheck/fail ` admin endpoint. See the :ref:`health check filter ` architecture overview for more information. * Individual listeners are being modified or removed via :ref:`LDS `. By default, the Envoy server will close listeners immediately on server shutdown. To drain listeners for some duration of time prior to server shutdown, use :ref:`drain_listeners ` before shutting down the server. The listeners will be directly stopped without any graceful draining behaviour, and cease accepting new connections immediately. To add a graceful drain period prior to listeners being closed, use the query parameter :ref:`drain_listeners?graceful `. By default, Envoy will discourage requests for some period of time (as determined by :option:`--drain-time-s`). The behaviour of request discouraging is determined by the drain manager. Note that although draining is a per-listener concept, it must be supported at the network filter level. Currently the only filters that support graceful draining are :ref:`Redis `, :ref:`Mongo `, and :ref:`HTTP connection manager `. By default, the :ref:`HTTP connection manager ` filter will add "Connection: close" to HTTP1 requests, send HTTP2 GOAWAY, and terminate connections on request completion (after the delayed close period). Each :ref:`configured listener ` has a :ref:`drain_type ` setting which controls when draining takes place. The currently supported values are: default Envoy will drain listeners in response to all three cases above (admin health fail, hot restart, and LDS update/remove). This is the default setting. modify_only Envoy will drain listeners only in response to the 2nd and 3rd cases above (hot restart and LDS update/remove). This setting is useful if Envoy is hosting both ingress and egress listeners. It may be desirable to set *modify_only* on egress listeners so they only drain during modifications while relying on ingress listener draining to perform full server draining when attempting to do a controlled shutdown. ================================================ FILE: docs/root/intro/arch_overview/operations/dynamic_configuration.rst ================================================ .. _arch_overview_dynamic_config: xDS configuration API overview ============================== Envoy is architected such that different types of configuration management approaches are possible. The approach taken in a deployment will be dependent on the needs of the implementor. Simple deployments are possible with a fully static configuration. More complicated deployments can incrementally add more complex dynamic configuration, the downside being that the implementor must provide one or more external gRPC/REST based configuration provider APIs. These APIs are collectively known as :ref:`"xDS" ` (* discovery service). This document gives an overview of the options currently available. * Top level configuration :ref:`reference `. * :ref:`Reference configurations `. * Envoy :ref:`v3 API overview `. * :ref:`xDS API endpoints `. Fully static ------------ In a fully static configuration, the implementor provides a set of :ref:`listeners ` (and :ref:`filter chains `), :ref:`clusters `, etc. Dynamic host discovery is only possible via DNS based :ref:`service discovery `. Configuration reloads must take place via the built in :ref:`hot restart ` mechanism. Though simplistic, fairly complicated deployments can be created using static configurations and graceful hot restarts. .. _arch_overview_dynamic_config_eds: EDS --- The :ref:`Endpoint Discovery Service (EDS) API ` provides a more advanced mechanism by which Envoy can discover members of an upstream cluster. Layered on top of a static configuration, EDS allows an Envoy deployment to circumvent the limitations of DNS (maximum records in a response, etc.) as well as consume more information used in load balancing and routing (e.g., canary status, zone, etc.). .. _arch_overview_dynamic_config_cds: CDS --- The :ref:`Cluster Discovery Service (CDS) API ` layers on a mechanism by which Envoy can discover upstream clusters used during routing. Envoy will gracefully add, update, and remove clusters as specified by the API. This API allows implementors to build a topology in which Envoy does not need to be aware of all upstream clusters at initial configuration time. Typically, when doing HTTP routing along with CDS (but without route discovery service), implementors will make use of the router's ability to forward requests to a cluster specified in an :ref:`HTTP request header `. Although it is possible to use CDS without EDS by specifying fully static clusters, we recommend still using the EDS API for clusters specified via CDS. Internally, when a cluster definition is updated, the operation is graceful. However, all existing connection pools will be drained and reconnected. EDS does not suffer from this limitation. When hosts are added and removed via EDS, the existing hosts in the cluster are unaffected. .. _arch_overview_dynamic_config_rds: RDS --- The :ref:`Route Discovery Service (RDS) API ` layers on a mechanism by which Envoy can discover the entire route configuration for an HTTP connection manager filter at runtime. The route configuration will be gracefully swapped in without affecting existing requests. This API, when used alongside EDS and CDS, allows implementors to build a complex routing topology (:ref:`traffic shifting `, blue/green deployment, etc). VHDS ---- The :ref:`Virtual Host Discovery Service ` allows the virtual hosts belonging to a route configuration to be requested as needed separately from the route configuration itself. This API is typically used in deployments in which there are a large number of virtual hosts in a route configuration. SRDS ---- The :ref:`Scoped Route Discovery Service (SRDS) API ` allows a route table to be broken up into multiple pieces. This API is typically used in deployments of HTTP routing with massive route tables in which simple linear searches are not feasible. .. _arch_overview_dynamic_config_lds: LDS --- The :ref:`Listener Discovery Service (LDS) API ` layers on a mechanism by which Envoy can discover entire listeners at runtime. This includes all filter stacks, up to and including HTTP filters with embedded references to :ref:`RDS `. Adding LDS into the mix allows almost every aspect of Envoy to be dynamically configured. Hot restart should only be required for very rare configuration changes (admin, tracing driver, etc.), certificate rotation, or binary updates. SDS --- The :ref:`Secret Discovery Service (SDS) API ` layers on a mechanism by which Envoy can discover cryptographic secrets (certificate plus private key, TLS session ticket keys) for its listeners, as well as configuration of peer certificate validation logic (trusted root certs, revocations, etc). RTDS ---- The :ref:`RunTime Discovery Service (RTDS) API ` allows :ref:`runtime ` layers to be fetched via an xDS API. This may be favorable to, or augmented by, file system layers. ECDS ---- The :ref:`Extension Config Discovery Service (ECDS) API ` allows extension configurations (e.g. HTTP filter configuration) to be served independently from the listener. This is useful when building systems that are more appropriately split from the primary control plane such as WAF, fault testing, etc. Aggregated xDS ("ADS") ---------------------- EDS, CDS, etc. are each separate services, with different REST/gRPC service names, e.g. StreamListeners, StreamSecrets. For users looking to enforce the order in which resources of different types reach Envoy, there is aggregated xDS, a single gRPC service that carries all resource types in a single gRPC stream. (ADS is only supported by gRPC). :ref:`More details about ADS `. .. _arch_overview_dynamic_config_delta: Delta gRPC xDS -------------- Standard xDS is "state-of-the-world": every update must contain every resource, with the absence of a resource from an update implying that the resource is gone. Envoy supports a "delta" variant of xDS (including ADS), where updates only contain resources added/changed/removed. Delta xDS is a new protocol, with request/response APIs different from SotW. :ref:`More details about delta `. ================================================ FILE: docs/root/intro/arch_overview/operations/hot_restart.rst ================================================ .. _arch_overview_hot_restart: Hot restart =========== Ease of operation is one of the primary goals of Envoy. In addition to robust statistics and a local administration interface, Envoy has the ability to “hot” or “live” restart itself. This means that Envoy can fully reload itself (both code and configuration) without dropping any connections. The hot restart functionality has the following general architecture: * Statistics and some locks are kept in a shared memory region. This means that gauges will be consistent across both processes as restart is taking place. * The two active processes communicate with each other over unix domain sockets using a basic RPC protocol. * The new process fully initializes itself (loads the configuration, does an initial service discovery and health checking phase, etc.) before it asks for copies of the listen sockets from the old process. The new process starts listening and then tells the old process to start draining. * During the draining phase, the old process attempts to gracefully close existing connections. How this is done depends on the configured filters. The drain time is configurable via the :option:`--drain-time-s` option and as more time passes draining becomes more aggressive. * After drain sequence, the new Envoy process tells the old Envoy process to shut itself down. This time is configurable via the :option:`--parent-shutdown-time-s` option. * Envoy’s hot restart support was designed so that it will work correctly even if the new Envoy process and the old Envoy process are running inside different containers. Communication between the processes takes place only using unix domain sockets. * An example restarter/parent process written in Python is included in the source distribution. This parent process is usable with standard process control utilities such as monit/runit/etc. Envoy's default command line options assume that only a single set of Envoy processes is running on a given host: an active Envoy server process and, potentially, a draining Envoy server process that will exit as described above. The :option:`--base-id` or :option:`--use-dynamic-base-id` options may be used to allow multiple, distinctly configured Envoys to run on the same host and hot restart independently. ================================================ FILE: docs/root/intro/arch_overview/operations/init.rst ================================================ .. _arch_overview_initialization: Initialization ============== How Envoy initializes itself when it starts up is complex. This section explains at a high level how the process works. All of the following happens before any listeners start listening and accepting new connections. * During startup, the :ref:`cluster manager ` goes through a multi-phase initialization where it first initializes static/DNS clusters, then predefined :ref:`EDS ` clusters. Then it initializes :ref:`CDS ` if applicable, waits for one response (or failure) for a :ref:`bounded period of time `, and does the same primary/secondary initialization of CDS provided clusters. * If clusters use :ref:`active health checking `, Envoy also does a single active health check round. * Once cluster manager initialization is done, :ref:`RDS ` and :ref:`LDS ` initialize (if applicable). The server waits for a :ref:`bounded period of time ` for at least one response (or failure) for LDS/RDS requests. After which, it starts accepting connections. * If LDS itself returns a listener that needs an RDS response, Envoy further waits for a :ref:`bounded period of time ` until an RDS response (or failure) is received. Note that this process takes place on every future listener addition via LDS and is known as :ref:`listener warming `. * After all of the previous steps have taken place, the listeners start accepting new connections. This flow ensures that during hot restart the new process is fully capable of accepting and processing new connections before the draining of the old process begins. A key design principle of initialization is that an Envoy is always guaranteed to initialize within :ref:`initial_fetch_timeout `, with a best effort made to obtain the complete set of xDS configuration within that subject to the management server availability. ================================================ FILE: docs/root/intro/arch_overview/operations/operations.rst ================================================ Operations & configuration ========================== .. toctree:: :maxdepth: 2 dynamic_configuration init draining runtime hot_restart overload_manager ================================================ FILE: docs/root/intro/arch_overview/operations/overload_manager.rst ================================================ .. _arch_overview_overload_manager: Overload manager ================ The overload manager is an extensible component for protecting the Envoy server from overload with respect to various system resources (such as memory, cpu or file descriptors) due to too many client connections or requests. This is distinct from :ref:`circuit breaking ` which is primarily aimed at protecting upstream services. The overload manager is :ref:`configured ` by specifying a set of resources to monitor and a set of overload actions that will be taken when some of those resources exceed certain pressure thresholds. Architecture ------------ The overload manager works by periodically polling the *pressure* of a set of **resources**, feeding those through **triggers**, and taking **actions** based on the triggers. The set of resource monitors, triggers, and actions are specified at startup. Resources ~~~~~~~~~ A resource is a thing that can be monitored by the overload manager, and whose *pressure* is represented by a real value in the range [0, 1]. The pressure of a resource is evaluated by a *resource monitor*. See the :ref:`configuration page ` for setting up resource monitors. Triggers ~~~~~~~~ Triggers are evaluated on each resource pressure update, and convert a resource pressure value into an action state. An action state has a value in the range [0, 1], and is categorized into one of two groups: .. _arch_overview_overload_manager-triggers-state: .. csv-table:: :header: action state, value, description :widths: 1, 1, 2 scaling, "[0, 1)", the resource pressure is below the configured saturation point; action may be taken saturated, 1, the resource pressure is at or above the configured saturation point; drastic action should be taken When a resource pressure value is updated, the relevant triggers are reevaluated. For each action with at least one trigger, the resulting action state is the maximum value over the configured triggers. What effect the action state has depends on the action's configuration and implementation. Actions ~~~~~~~ When a trigger changes state, the value is sent to registered actions, which can then affect how connections and requests are processed. Each action interprets the input states differently, and some may ignore the *scaling* state altogether, taking effect only when *saturated*. ================================================ FILE: docs/root/intro/arch_overview/operations/runtime.rst ================================================ .. _arch_overview_runtime: Runtime configuration ===================== Envoy supports “runtime” configuration (also known as "feature flags" and "decider"). Configuration settings can be altered that will affect operation without needing to restart Envoy or change the primary configuration. The currently supported implementation uses a tree of file system files. Envoy watches for a symbolic link swap in a configured directory and reloads the tree when that happens. This type of system is very commonly deployed in large distributed systems. Other implementations would not be difficult to implement. Supported runtime configuration settings are documented in the relevant sections of the operations guide. Envoy will operate correctly with default runtime values and a “null” provider so it is not required that such a system exists to run Envoy. Runtime :ref:`configuration `. ================================================ FILE: docs/root/intro/arch_overview/other_features/compression/libraries.rst ================================================ .. _arch_overview_compression_libraries: Compression Libraries ===================== Underlying implementation ------------------------- Currently Envoy uses `zlib `_ as a compression library. .. note:: `zlib-ng `_ is a fork that hosts several 3rd-party contributions containing new optimizations. Those optimizations are considered useful for `improving compression performance `_. Envoy can be built to use `zlib-ng `_ instead of regular `zlib `_ by using ``--define zlib=ng`` Bazel option. The relevant build options used to build `zlib-ng `_ can be evaluated in :repo:`here `. Currently, this option is only available on Linux. ================================================ FILE: docs/root/intro/arch_overview/other_features/global_rate_limiting.rst ================================================ .. _arch_overview_global_rate_limit: Global rate limiting ==================== Although distributed :ref:`circuit breaking ` is generally extremely effective in controlling throughput in distributed systems, there are times when it is not very effective and global rate limiting is desired. The most common case is when a large number of hosts are forwarding to a small number of hosts and the average request latency is low (e.g., connections/requests to a database server). If the target hosts become backed up, the downstream hosts will overwhelm the upstream cluster. In this scenario it is extremely difficult to configure a tight enough circuit breaking limit on each downstream host such that the system will operate normally during typical request patterns but still prevent cascading failure when the system starts to fail. Global rate limiting is a good solution for this case. Envoy integrates directly with a global gRPC rate limiting service. Although any service that implements the defined RPC/IDL protocol can be used, Lyft provides a `reference implementation `_ written in Go which uses a Redis backend. Envoy’s rate limit integration has the following features: * **Network level rate limit filter**: Envoy will call the rate limit service for every new connection on the listener where the filter is installed. The configuration specifies a specific domain and descriptor set to rate limit on. This has the ultimate effect of rate limiting the connections per second that transit the listener. :ref:`Configuration reference `. * **HTTP level rate limit filter**: Envoy will call the rate limit service for every new request on the listener where the filter is installed and where the route table specifies that the global rate limit service should be called. All requests to the target upstream cluster as well as all requests from the originating cluster to the target cluster can be rate limited. :ref:`Configuration reference ` Rate limit service :ref:`configuration `. Note that Envoy also supports :ref:`local rate limiting `. Local rate limiting can be used in conjunction with global rate limiting to reduce load on the global rate limit service. For example, a local token bucket rate limit can absorb very large bursts in load that might otherwise overwhelm a global rate limit service. Thus, the rate limit is applied in two stages. The initial coarse grained limiting is performed by the token bucket limit before a fine grained global limit finishes the job. ================================================ FILE: docs/root/intro/arch_overview/other_features/ip_transparency.rst ================================================ .. _arch_overview_ip_transparency: IP Transparency =============== What is IP Transparency ----------------------- As a proxy, Envoy is an IP endpoint: it has its own IP address, distinct from that of any downstream requests. Consequently, when Envoy establishes connections to upstream hosts, the IP address of that connection will be different from that of any proxied connections. Sometimes the upstream server or network may need to know the original IP address of the connection, called the *downstream remote address*, for many reasons. Some examples include: * the IP address being used to form part of an identity, * the IP address being used to enforce network policy, or * the IP address being included in an audit. Envoy supports multiple methods for providing the downstream remote address to the upstream host. These techniques vary in complexity and applicability. HTTP Headers ------------ HTTP headers may carry the original IP address of the request in the :ref:`x-forwarded-for ` header. The upstream server can use this header to determine the downstream remote address. Envoy may also use this header to choose the IP address used by the :ref:`Original Src HTTP Filter `. The HTTP header approach has a few downsides: * It is only applicable to HTTP. * It may not be supported by the upstream host. * It requires careful configuration. Proxy Protocol -------------- `HAProxy Proxy Protocol `_ defines a protocol for communicating metadata about a connection over TCP, prior to the main TCP stream. This metadata includes the source IP. Envoy supports consuming this information using :ref:`Proxy Protocol filter `, which may be used to recover the downstream remote address for propagation into an :ref:`x-forwarded-for ` header. It can also be used in conjunction with the :ref:`Original Src Listener Filter `. Finally, Envoy supports generating this header using the :ref:`Proxy Protocol Transport Socket `. Here is an example config for setting up the socket: .. code-block:: yaml clusters: - name: service1 connect_timeout: 0.25s type: strict_dns lb_policy: round_robin transport_socket: name: envoy.transport_sockets.upstream_proxy_protocol typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.proxy_protocol.v3.ProxyProtocolUpstreamTransport config: version: V1 transport_socket: name: envoy.transport_sockets.raw_buffer ... Note: If you are wrapping a TLS socket, the header will be sent before the TLS handshake occurs. Some drawbacks to Proxy Protocol: * It only supports TCP protocols. * It requires upstream host support. .. _arch_overview_ip_transparency_original_src_listener: Original Source Listener Filter ------------------------------- In controlled deployments, it may be possible to replicate the downstream remote address on the upstream connection by using a :ref:`Original Source listener filter `. No metadata is added to the upstream request or stream. Rather, the upstream connection itself will be established with the downstream remote address as its source address. This filter will work with any upstream protocol or host. However, it requires fairly complex configuration, and it may not be supported in all deployments due to routing constraints. Some drawbacks to the Original Source filter: * It requires that Envoy have access to the downstream remote address. * Its configuration is relatively complex. * It may introduce a slight performance hit due to restrictions on connection pooling. .. _arch_overview_ip_transparency_original_src_http: Original Source HTTP Filter --------------------------- In controlled deployments, it may be possible to replicate the downstream remote address on the upstream connection by using a :ref:`Original Source HTTP filter `. This filter operates much like the :ref:`Original Src Listener Filter `. The main difference is that it can infer the original source address from HTTP headers, which is important for cases where a single downstream connection carries multiple HTTP requests from different original source addresses. Deployments with a front proxy forwarding to sidecar proxies are examples where case applies. This filter will work with any upstream HTTP host. However, it requires fairly complex configuration, and it may not be supported in all deployments due to routing constraints. Some drawbacks to the Original Source filter: * It requires that Envoy be properly configured to extract the downstream remote address from the :ref:`x-forwarded-for ` header. * Its configuration is relatively complex. * It may introduce a slight performance hit due to restrictions on connection pooling. ================================================ FILE: docs/root/intro/arch_overview/other_features/local_rate_limiting.rst ================================================ .. _arch_overview_local_rate_limit: Local rate limiting =================== Envoy supports local (non-distributed) rate limiting of L4 connections via the :ref:`local rate limit filter `. Envoy additionally supports local rate limiting of HTTP requests via the :ref:`HTTP local rate limit filter `. This can be activated globally at the listener level or at a more specific level (e.g.: the virtual host or route level). Finally, Envoy also supports :ref:`global rate limiting `. Local rate limiting can be used in conjunction with global rate limiting to reduce load on the global rate limit service. ================================================ FILE: docs/root/intro/arch_overview/other_features/other_features.rst ================================================ Other features ============== .. toctree:: :maxdepth: 2 local_rate_limiting global_rate_limiting scripting ip_transparency compression/libraries ================================================ FILE: docs/root/intro/arch_overview/other_features/scripting.rst ================================================ Scripting ========= Envoy supports `Lua `_ scripting as part of a dedicated :ref:`HTTP filter `. ================================================ FILE: docs/root/intro/arch_overview/other_protocols/dynamo.rst ================================================ .. _arch_overview_dynamo: DynamoDB ======== Envoy supports an HTTP level DynamoDB sniffing filter with the following features: * DynamoDB API request/response parser. * DynamoDB per operation/per table/per partition and operation statistics. * Failure type statistics for 4xx responses, parsed from response JSON, e.g., ProvisionedThroughputExceededException. * Batch operation partial failure statistics. The DynamoDB filter is a good example of Envoy’s extensibility and core abstractions at the HTTP layer. At Lyft we use this filter for all application communication with DynamoDB. It provides an invaluable source of data agnostic to the application platform and specific AWS SDK in use. DynamoDB filter :ref:`configuration `. ================================================ FILE: docs/root/intro/arch_overview/other_protocols/grpc.rst ================================================ .. _arch_overview_grpc: gRPC ==== `gRPC `_ is an RPC framework from Google. It uses protocol buffers as the underlying serialization/IDL format. At the transport layer it uses HTTP/2 for request/response multiplexing. Envoy has first class support for gRPC both at the transport layer as well as at the application layer: * gRPC makes use of HTTP/2 trailers to convey request status. Envoy is one of very few HTTP proxies that correctly supports HTTP/2 trailers and is thus one of the few proxies that can transport gRPC requests and responses. * The gRPC runtime for some languages is relatively immature. See :ref:`below ` for an overview of filters that can help bring gRPC to more languages. * gRPC-Web is supported by a :ref:`filter ` that allows a gRPC-Web client to send requests to Envoy over HTTP/1.1 and get proxied to a gRPC server. It's under active development and is expected to be the successor to the gRPC :ref:`bridge filter `. * gRPC-JSON transcoder is supported by a :ref:`filter ` that allows a RESTful JSON API client to send requests to Envoy over HTTP and get proxied to a gRPC service. .. _arch_overview_grpc_bridging: gRPC bridging ------------- Envoy supports two gRPC bridges: * :ref:`grpc_http1_bridge filter ` which allows gRPC requests to be sent to Envoy over HTTP/1.1. Envoy then translates the requests to HTTP/2 for transport to the target server. The response is translated back to HTTP/1.1. When installed, the bridge filter gathers per RPC statistics in addition to the standard array of global HTTP statistics. * :ref:`grpc_http1_reverse_bridge filter ` which allows gRPC requests to be sent to Envoy and then translated to HTTP/1.1 when sent to the upstream. The response is then converted back into gRPC when sent to the downstream. This filter can also optionally manage the gRPC frame header, allowing the upstream to not have to be gRPC aware at all. .. _arch_overview_grpc_services: gRPC services ------------- In addition to proxying gRPC on the data plane, Envoy makes use of gRPC for its control plane, where it :ref:`fetches configuration from management server(s) ` and in filters, such as for :ref:`rate limiting ` or authorization checks. We refer to these as *gRPC services*. When specifying gRPC services, it's necessary to specify the use of either the :ref:`Envoy gRPC client ` or the :ref:`Google C++ gRPC client `. We discuss the tradeoffs in this choice below. The Envoy gRPC client is a minimal custom implementation of gRPC that makes use of Envoy's HTTP/2 upstream connection management. Services are specified as regular Envoy :ref:`clusters `, with regular treatment of :ref:`timeouts, retries `, endpoint :ref:`discovery `/:ref:`load balancing/failover `/load reporting, :ref:`circuit breaking `, :ref:`health checks `, :ref:`outlier detection `. They share the same :ref:`connection pooling ` mechanism as the Envoy data plane. Similarly, cluster :ref:`statistics ` are available for gRPC services. Since the client is minimal, it does not include advanced gRPC features such as `OAuth2 `_ or `gRPC-LB `_ lookaside. The Google C++ gRPC client is based on the reference implementation of gRPC provided by Google at https://github.com/grpc/grpc. It provides advanced gRPC features that are missing in the Envoy gRPC client. The Google C++ gRPC client performs its own load balancing, retries, timeouts, endpoint management, etc, independent of Envoy's cluster management. The Google C++ gRPC client also supports `custom authentication plugins `_. It is recommended to use the Envoy gRPC client in most cases, where the advanced features in the Google C++ gRPC client are not required. This provides configuration and monitoring simplicity. Where necessary features are missing in the Envoy gRPC client, the Google C++ gRPC client should be used instead. ================================================ FILE: docs/root/intro/arch_overview/other_protocols/mongo.rst ================================================ .. _arch_overview_mongo: MongoDB ======= Envoy supports a network level MongoDB sniffing filter with the following features: * MongoDB wire format BSON parser. * Detailed MongoDB query/operation statistics including timings and scatter/multi-get counts for routed clusters. * Query logging. * Per callsite statistics via the $comment query parameter. * Fault injection. The MongoDB filter is a good example of Envoy’s extensibility and core abstractions. At Lyft we use this filter between all applications and our databases. It provides an invaluable source of data that is agnostic to the application platform and specific MongoDB driver in use. MongoDB proxy filter :ref:`configuration reference `. ================================================ FILE: docs/root/intro/arch_overview/other_protocols/other_protocols.rst ================================================ Other protocols =============== .. toctree:: :maxdepth: 2 grpc mongo dynamo redis postgres ================================================ FILE: docs/root/intro/arch_overview/other_protocols/postgres.rst ================================================ .. _arch_overview_postgres: Postgres ======== Envoy supports a network level Postgres sniffing filter to add network observability. By using the Postgres proxy, Envoy is able to decode `Postgres frontend/backend protocol`_ and gather statistics from the decoded information. The main goal of the Postgres filter is to capture runtime statistics without impacting or generating any load on the Postgres upstream server, it is transparent to it. The filter currently offers the following features: * Decode non SSL traffic, ignore SSL traffic. * Decode session information. * Capture transaction information, including commits and rollbacks. * Expose counters for different types of statements (INSERTs, DELETEs, UPDATEs, etc). The counters are updated based on decoding backend CommandComplete messages not by decoding SQL statements sent by a client. * Count frontend, backend and unknown messages. * Identify errors and notices backend responses. The Postgres filter solves a notable problem for Postgres deployments: gathering this information either imposes additional load to the server; or requires pull-based querying for metadata from the server, sometimes requiring external components or extensions. This filter provides valuable observability information, without impacting the performance of the upstream Postgres server or requiring the installation of any software. Postgres proxy filter :ref:`configuration reference `. .. _Postgres frontend/backend protocol: https://www.postgresql.org/docs/current/protocol.html ================================================ FILE: docs/root/intro/arch_overview/other_protocols/redis.rst ================================================ .. _arch_overview_redis: Redis ======= Envoy can act as a Redis proxy, partitioning commands among instances in a cluster. In this mode, the goals of Envoy are to maintain availability and partition tolerance over consistency. This is the key point when comparing Envoy to `Redis Cluster `_. Envoy is designed as a best-effort cache, meaning that it will not try to reconcile inconsistent data or keep a globally consistent view of cluster membership. It also supports routing commands from different workload to different to different upstream clusters based on their access patterns, eviction, or isolation requirements. The Redis project offers a thorough reference on partitioning as it relates to Redis. See "`Partitioning: how to split data among multiple Redis instances `_". **Features of Envoy Redis**: * `Redis protocol `_ codec. * Hash-based partitioning. * Ketama distribution. * Detailed command statistics. * Active and passive healthchecking. * Hash tagging. * Prefix routing. * Separate downstream client and upstream server authentication. * Request mirroring for all requests or write requests only. * Control :ref:`read requests routing`. This only works with Redis Cluster. **Planned future enhancements**: * Additional timing stats. * Circuit breaking. * Request collapsing for fragmented commands. * Replication. * Built-in retry. * Tracing. .. _arch_overview_redis_configuration: Configuration ------------- For filter configuration details, see the Redis proxy filter :ref:`configuration reference `. The corresponding cluster definition should be configured with :ref:`ring hash load balancing `. If :ref:`active health checking ` is desired, the cluster should be configured with a :ref:`custom health check ` which configured as a :ref:`Redis health checker `. If passive healthchecking is desired, also configure :ref:`outlier detection `. For the purposes of passive healthchecking, connect timeouts, command timeouts, and connection close map to 5xx. All other responses from Redis are counted as a success. .. _arch_overview_redis_cluster_support: Redis Cluster Support (Experimental) ---------------------------------------- Envoy currently offers experimental support for `Redis Cluster `_. When using Envoy as a sidecar proxy for a Redis Cluster, the service can use a non-cluster Redis client implemented in any language to connect to the proxy as if it's a single node Redis instance. The Envoy proxy will keep track of the cluster topology and send commands to the correct Redis node in the cluster according to the `spec `_. Advance features such as reading from replicas can also be added to the Envoy proxy instead of updating redis clients in each language. Envoy proxy tracks the topology of the cluster by sending periodic `cluster slots `_ commands to a random node in the cluster, and maintains the following information: * List of known nodes. * The primaries for each shard. * Nodes entering or leaving the cluster. For topology configuration details, see the Redis Cluster :ref:`v2 API reference `. Every Redis cluster has its own extra statistics tree rooted at *cluster..redis_cluster.* with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 max_upstream_unknown_connections_reached, Counter, Total number of times that an upstream connection to an unknown host is not created after redirection having reached the connection pool's max_upstream_unknown_connections limit upstream_cx_drained, Counter, Total number of upstream connections drained of active requests before being closed upstream_commands.upstream_rq_time, Histogram, Histogram of upstream request times for all types of requests .. _arch_overview_redis_cluster_command_stats: Per-cluster command statistics can be enabled via the setting :ref:`enable_command_stats `.: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 upstream_commands.[command].success, Counter, Total number of successful requests for a specific Redis command upstream_commands.[command].failure, Counter, Total number of failed or cancelled requests for a specific Redis command upstream_commands.[command].total, Counter, Total number of requests for a specific Redis command (sum of success and failure) upstream_commands.[command].latency, Histogram, Latency of requests for a specific Redis command Supported commands ------------------ At the protocol level, pipelines are supported. MULTI (transaction block) is not. Use pipelining wherever possible for the best performance. At the command level, Envoy only supports commands that can be reliably hashed to a server. AUTH and PING are the only exceptions. AUTH is processed locally by Envoy if a downstream password has been configured, and no other commands will be processed until authentication is successful when a password has been configured. Envoy will transparently issue AUTH commands upon connecting to upstream servers, if upstream authentication passwords are configured for the cluster. Envoy responds to PING immediately with PONG. Arguments to PING are not allowed. All other supported commands must contain a key. Supported commands are functionally identical to the original Redis command except possibly in failure scenarios. For details on each command's usage see the official `Redis command reference `_. .. csv-table:: :header: Command, Group :widths: 1, 1 AUTH, Authentication PING, Connection DEL, Generic DUMP, Generic EXISTS, Generic EXPIRE, Generic EXPIREAT, Generic PERSIST, Generic PEXPIRE, Generic PEXPIREAT, Generic PTTL, Generic RESTORE, Generic TOUCH, Generic TTL, Generic TYPE, Generic UNLINK, Generic GEOADD, Geo GEODIST, Geo GEOHASH, Geo GEOPOS, Geo GEORADIUS_RO, Geo GEORADIUSBYMEMBER_RO, Geo HDEL, Hash HEXISTS, Hash HGET, Hash HGETALL, Hash HINCRBY, Hash HINCRBYFLOAT, Hash HKEYS, Hash HLEN, Hash HMGET, Hash HMSET, Hash HSCAN, Hash HSET, Hash HSETNX, Hash HSTRLEN, Hash HVALS, Hash LINDEX, List LINSERT, List LLEN, List LPOP, List LPUSH, List LPUSHX, List LRANGE, List LREM, List LSET, List LTRIM, List RPOP, List RPUSH, List RPUSHX, List EVAL, Scripting EVALSHA, Scripting SADD, Set SCARD, Set SISMEMBER, Set SMEMBERS, Set SPOP, Set SRANDMEMBER, Set SREM, Set SSCAN, Set ZADD, Sorted Set ZCARD, Sorted Set ZCOUNT, Sorted Set ZINCRBY, Sorted Set ZLEXCOUNT, Sorted Set ZRANGE, Sorted Set ZRANGEBYLEX, Sorted Set ZRANGEBYSCORE, Sorted Set ZRANK, Sorted Set ZREM, Sorted Set ZREMRANGEBYLEX, Sorted Set ZREMRANGEBYRANK, Sorted Set ZREMRANGEBYSCORE, Sorted Set ZREVRANGE, Sorted Set ZREVRANGEBYLEX, Sorted Set ZREVRANGEBYSCORE, Sorted Set ZREVRANK, Sorted Set ZPOPMIN, Sorted Set ZPOPMAX, Sorted Set ZSCAN, Sorted Set ZSCORE, Sorted Set APPEND, String BITCOUNT, String BITFIELD, String BITPOS, String DECR, String DECRBY, String GET, String GETBIT, String GETRANGE, String GETSET, String INCR, String INCRBY, String INCRBYFLOAT, String MGET, String MSET, String PSETEX, String SET, String SETBIT, String SETEX, String SETNX, String SETRANGE, String STRLEN, String Failure modes ------------- If Redis throws an error, we pass that error along as the response to the command. Envoy treats a response from Redis with the error datatype as a normal response and passes it through to the caller. Envoy can also generate its own errors in response to the client. .. csv-table:: :header: Error, Meaning :widths: 1, 1 no upstream host, "The ring hash load balancer did not have a healthy host available at the ring position chosen for the key." upstream failure, "The backend did not respond within the timeout period or closed the connection." invalid request, "Command was rejected by the first stage of the command splitter due to datatype or length." unsupported command, "The command was not recognized by Envoy and therefore cannot be serviced because it cannot be hashed to a backend server." finished with n errors, "Fragmented commands which sum the response (e.g. DEL) will return the total number of errors received if any were received." upstream protocol error, "A fragmented command received an unexpected datatype or a backend responded with a response that not conform to the Redis protocol." wrong number of arguments for command, "Certain commands check in Envoy that the number of arguments is correct." "NOAUTH Authentication required.", "The command was rejected because a downstream authentication password has been set and the client has not successfully authenticated." ERR invalid password, "The authentication command failed due to an invalid password." "ERR Client sent AUTH, but no password is set", "An authentication command was received, but no downstream authentication password has been configured." In the case of MGET, each individual key that cannot be fetched will generate an error response. For example, if we fetch five keys and two of the keys' backends time out, we would get an error response for each in place of the value. .. code-block:: none $ redis-cli MGET a b c d e 1) "alpha" 2) "bravo" 3) (error) upstream failure 4) (error) upstream failure 5) "echo" ================================================ FILE: docs/root/intro/arch_overview/security/_include/ssl.yaml ================================================ static_resources: listeners: - name: listener_0 address: { socket_address: { address: 127.0.0.1, port_value: 10000 } } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager # ... transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: validation_context: trusted_ca: filename: /usr/local/my-client-ca.crt clusters: - name: some_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.2 port_value: 1234 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: tls_certificates: certificate_chain: { "filename": "/cert.crt" } private_key: { "filename": "/cert.key" } ocsp_response: { "filename": "/ocsp_response.der" } validation_context: match_subject_alt_names: exact: "foo" trusted_ca: filename: /etc/ssl/certs/ca-certificates.crt ================================================ FILE: docs/root/intro/arch_overview/security/ext_authz_filter.rst ================================================ .. _arch_overview_ext_authz: External Authorization ====================== * :ref:`Network filter configuration `. * :ref:`HTTP filter configuration `. The External authorization filter calls an authorization service to check if the incoming request is authorized or not. The filter can be either configured as a :ref:`network filter `, or as a :ref:`HTTP filter ` or both. If the request is deemed unauthorized by the network filter then the connection will be closed. If the request is deemed unauthorized at the HTTP filter the request will be denied with 403 (Forbidden) response. .. tip:: It is recommended that these filters are configured as the first filter in the filter chain so that requests are authorized prior to rest of the filters processing the request. The external authorization service cluster may be either statically configured or configured via the :ref:`Cluster Discovery Service `. If the external service is not available when a request comes in then whether the request is authorized or not is defined by the configuration setting of *failure_mode_allow* configuration in the applicable :ref:`network filter ` or :ref:`HTTP filter `. If it is set to true then the request will be permitted (fail open) otherwise it will be denied. The default setting is *false*. Service Definition ------------------ The context of the traffic is passed on to an external authorization service using the service definition listed here. The content of the request that are passed to an authorization service is specified by :ref:`CheckRequest `. .. toctree:: :glob: :maxdepth: 2 ../../../api-v3/service/auth/v3/* ================================================ FILE: docs/root/intro/arch_overview/security/external_deps.rst ================================================ .. _arch_overview_external_deps: External dependencies ===================== Below we enumerate the external dependencies that may be linked into the Envoy binary. We exclude dependencies that only are used in CI or developer tooling above. Data plane (core) ----------------- .. include:: external_dep_dataplane_core.rst Data plane (extensions) ----------------------- .. include:: external_dep_dataplane_ext.rst Control plane ------------- .. include:: external_dep_controlplane.rst Observability (core) -------------------- .. include:: external_dep_observability_core.rst Observability (extensions) -------------------------- .. include:: external_dep_observability_ext.rst Test only --------- .. include:: external_dep_test_only.rst Build ----- .. include:: external_dep_build.rst Miscellaneous ------------- .. include:: external_dep_other.rst ================================================ FILE: docs/root/intro/arch_overview/security/google_vrp.rst ================================================ .. _arch_overview_google_vrp: Google Vulnerability Reward Program (VRP) ========================================= Envoy is a participant in `Google's Vulnerability Reward Program (VRP) `_. This is open to all security researchers and will provide rewards for vulnerabilities discovered and reported according to the rules below. .. _arch_overview_google_vrp_rules: Rules ----- The goal of the VRP is to provide a formal process to honor contributions from external security researchers to Envoy's security. Vulnerabilities should meet the following conditions to be eligible for the program: 1. Vulnerabilities must meet one of the below :ref:`objectives `, demonstrated with the supplied Docker-based :ref:`execution environment ` and be consistent with the program's :ref:`threat model `. 2. Vulnerabilities must be reported to envoy-security@googlegroups.com and be kept under embargo while triage and potential security releases occur. Please follow the :repo:`disclosure guidance ` when submitting reports. Disclosure SLOs are documented :repo:`here `. In general, security disclosures are subject to the `Linux Foundation's privacy policy `_ with the added proviso that VRP reports (including reporter e-mail address and name) may be freely shared with Google for VRP purposes. 3. Vulnerabilities must not be previously known in a public forum, e.g. GitHub issues trackers, CVE databases (when previously associated with Envoy), etc. Existing CVEs that have not been previously associated with an Envoy vulnerability are fair game. 4. Vulnerabilities must not be also submitted to a parallel reward program run by Google or `Lyft `_. Rewards are at the discretion of the Envoy OSS security team and Google. They will be conditioned on the above criteria. If multiple instances of the same vulnerability are reported at the same time by independent researchers or the vulnerability is already tracked under embargo by the OSS Envoy security team, we will aim to fairly divide the reward amongst reporters. .. _arch_overview_google_vrp_threat_model: Threat model ------------ The base threat model matches that of Envoy's :ref:`OSS security posture `. We add a number of temporary restrictions to provide a constrained attack surface for the initial stages of this program. We exclude any threat from: * Untrusted control planes. * Runtime services such as access logging, external authorization, etc. * Untrusted upstreams. * DoS attacks except as stipulated below. * Any filters apart from the HTTP connection manager network filter and HTTP router filter. * Admin console; this is disabled in the execution environment. We also explicitly exclude any local attacks (e.g. via local processes, shells, etc.) against the Envoy process. All attacks must occur via the network data plane on port 10000. Similarly, kernel and Docker vulnerabilities are outside the threat model. In the future we may relax some of these restrictions as we increase the sophistication of the program's execution environment. .. _arch_overview_google_vrp_ee: Execution environment --------------------- We supply Docker images that act as the reference environment for this program: * `envoyproxy/envoy-google-vrp `_ images are based on Envoy point releases. Only the latest point release at the time of vulnerability submission is eligible for the program. The first point release available for VRP will be the 1.15.0 Envoy release. * `envoyproxy/envoy-google-vrp-dev `_ images are based on Envoy master builds. Only builds within the last 5 days at the time of vulnerability submission are eligible for the program. They must not be subject to any publicly disclosed vulnerability at that point in time. Two Envoy processes are available when these images are launched via `docker run`: * The *edge* Envoy is listening on ports 10000 (HTTPS). It has a :repo:`static configuration ` that is configured according to Envoy's :ref:`edge hardening principles `. It has sinkhole, direct response and request forwarding routing rules (in order): 1. `/content/*`: route to the origin Envoy server. 2. `/*`: return 403 (denied). * The *origin* Envoy is an upstream of the edge Envoy. It has a :repo:`static configuration ` that features only direct responses, effectively acting as an HTTP origin server. There are two route rules (in order): 1. `/blockedz`: return 200 `hidden treasure`. It should never be possible to have traffic on the Envoy edge server's 10000 port receive this response unless a qualifying vulnerability is present. 2. `/*`: return 200 `normal`. When running the Docker images, the following command line options should be supplied: * `-m 3g` to ensure that memory is bounded to 3GB. At least this much memory should be available to the execution environment. Each Envoy process has an overload manager configured to limit at 1GB. * `-e ENVOY_EDGE_EXTRA_ARGS="<...>"` supplies additional CLI args for the edge Envoy. This needs to be set but can be empty. * `-e ENVOY_ORIGIN_EXTRA_ARGS="<...>"` supplies additional CLI args for the origin Envoy. This needs to be set but can be empty. .. _arch_overview_google_vrp_objectives: Objectives ---------- Vulnerabilities will be evidenced by requests on 10000 that trigger a failure mode that falls into one of these categories: * Query-of-death: requests that cause the Envoy process to segfault or abort in some immediate way. * OOM: requests that cause the edge Envoy process to OOM. There should be no more than 100 connections and streams in total involved to cause this to happen (i.e. brute force connection/stream DoS is excluded). * Routing rule bypass: requests that are able to access `hidden treasure`. * TLS certificate exfiltration: requests that are able to obtain the edge Envoy's `serverkey.pem`. * Remote code exploits: any root shell obtained via the network data plane. * At the discretion of the OSS Envoy security team, sufficiently interesting vulnerabilities that don't fit the above categories but are likely to fall into the category of high or critical vulnerabilities. Working with the Docker images ------------------------------ A basic invocation of the execution environment that will bring up the edge Envoy on local port 10000 looks like: .. code-block:: bash docker run -m 3g -p 10000:10000 --name envoy-google-vrp \ -e ENVOY_EDGE_EXTRA_ARGS="" \ -e ENVOY_ORIGIN_EXTRA_ARGS="" \ envoyproxy/envoy-google-vrp-dev:latest When debugging, additional args may prove useful, e.g. in order to obtain trace logs, make use of `wireshark` and `gdb`: .. code-block:: bash docker run -m 3g -p 10000:10000 --name envoy-google-vrp \ -e ENVOY_EDGE_EXTRA_ARGS="-l trace" \ -e ENVOY_ORIGIN_EXTRA_ARGS="-l trace" \ --cap-add SYS_PTRACE --cap-add NET_RAW --cap-add NET_ADMIN \ envoyproxy/envoy-google-vrp-dev:latest You can obtain a shell in the Docker container with: .. code-block:: bash docker exec -it envoy-google-vrp /bin/bash The Docker images include `gdb`, `strace`, `tshark` (feel free to contribute other suggestions via PRs updating the :repo:`Docker build file `). Rebuilding the Docker image --------------------------- It's helpful to be able to regenerate your own Docker base image for research purposes. To do this without relying on CI, follow the instructions at the top of :repo:`ci/docker_rebuild_google-vrp.sh`. An example of this flow looks like: .. code-block:: bash bazel build //source/exe:envoy-static ./ci/docker_rebuild_google-vrp.sh bazel-bin/source/exe/envoy-static docker run -m 3g -p 10000:10000 --name envoy-google-vrp \ -e ENVOY_EDGE_EXTRA_ARGS="" \ -e ENVOY_ORIGIN_EXTRA_ARGS="" \ envoy-google-vrp:local ================================================ FILE: docs/root/intro/arch_overview/security/jwt_authn_filter.rst ================================================ .. _arch_overview_jwt_authn: JSON Web Token (JWT) Authentication =================================== * :ref:`HTTP filter configuration `. The JSON Web Token (JWT) Authentication filter checks if the incoming request has a valid `JSON Web Token (JWT) `_. It checks the validity of the JWT by verifying the JWT signature, audiences and issuer based on the :ref:`HTTP filter configuration `. The JWT Authentication filter could be configured to either reject the request with invalid JWT immediately or defer the decision to later filters by passing the JWT payload to other filters. The JWT Authentication filter supports to check the JWT under various conditions of the request, it could be configured to check JWT only on specific paths so that you could allowlist some paths from the JWT authentication, which is useful if a path is accessible publicly and doesn't require any JWT authentication. The JWT Authentication filter supports to extract the JWT from various locations of the request and could combine multiple JWT requirements for the same request. The `JSON Web Key Set (JWKS) `_ needed for the JWT signature verification could be either specified inline in the filter config or fetched from remote server via HTTP/HTTPS. The JWT Authentication filter also supports to write the payloads of the successfully verified JWT to :ref:`Dynamic State ` so that later filters could use it to make their own decisions based on the JWT payloads. ================================================ FILE: docs/root/intro/arch_overview/security/rbac_filter.rst ================================================ .. _arch_overview_rbac: Role Based Access Control ========================= * :ref:`Network filter configuration `. * :ref:`HTTP filter configuration `. The Role Based Access Control (RBAC) filter checks if the incoming request is authorized or not. Unlike external authorization, the check of RBAC filter happens in the Envoy process and is based on a list of policies from the filter config. The RBAC filter can be either configured as a :ref:`network filter `, or as a :ref:`HTTP filter ` or both. If the request is deemed unauthorized by the network filter then the connection will be closed. If the request is deemed unauthorized by the HTTP filter the request will be denied with 403 (Forbidden) response. Policy ------ The RBAC filter checks the request based on a list of :ref:`policies `. A policy consists of a list of :ref:`permissions ` and :ref:`principals `. The permission specifies the actions of the request, for example, the method and path of a HTTP request. The principal specifies the downstream client identities of the request, for example, the URI SAN of the downstream client certificate. A policy is matched if its permissions and principals are matched at the same time. Shadow Policy ------------- The filter can be configured with a :ref:`shadow policy ` that doesn't have any effect (i.e. not deny the request) but only emit stats and log the result. This is useful for testing a rule before applying in production. .. _arch_overview_condition: Condition --------- In addition to the pre-defined permissions and principals, a policy may optionally provide an authorization condition written in the `Common Expression Language `_. The condition specifies an extra clause that must be satisfied for the policy to match. For example, the following condition checks whether the request path starts with `/v1/`: .. code-block:: yaml call_expr: function: startsWith args: - select_expr: operand: ident_expr: name: request field: path - const_expr: string_value: /v1/ The following attributes are exposed to the language runtime: .. csv-table:: :header: Attribute, Type, Description :widths: 1, 1, 2 request.path, string, The path portion of the URL request.url_path, string, The path portion of the URL without the query string request.host, string, The host portion of the URL request.scheme, string, The scheme portion of the URL request.method, string, Request method request.headers, string map, All request headers request.referer, string, Referer request header request.useragent, string, User agent request header request.time, timestamp, Time of the first byte received request.duration, duration, Total duration of the request request.id, string, Request ID request.size, int, Size of the request body request.total_size, int, Total size of the request including the headers request.protocol, string, Request protocol e.g. "HTTP/2" response.code, int, Response HTTP status code response.code_details, string, Internal response code details (subject to change) response.grpc_status, int, Response gRPC status code response.headers, string map, All response headers response.trailers, string map, All response trailers response.size, int, Size of the response body response.total_size, int, Total size of the response including the approximate uncompressed size of the headers and the trailers response.flags, int, Additional details about the response beyond the standard response code source.address, string, Downstream connection remote address source.port, int, Downstream connection remote port destination.address, string, Downstream connection local address destination.port, int, Downstream connection local port metadata, :ref:`Metadata`, Dynamic metadata filter_state, map string to bytes, Filter state mapping data names to their serialized string value connection.mtls, bool, Indicates whether TLS is applied to the downstream connection and the peer ceritificate is presented connection.requested_server_name, string, Requested server name in the downstream TLS connection connection.tls_version, string, TLS version of the downstream TLS connection connection.subject_local_certificate, string, The subject field of the local certificate in the downstream TLS connection connection.subject_peer_certificate, string, The subject field of the peer certificate in the downstream TLS connection connection.dns_san_local_certificate, string, The first DNS entry in the SAN field of the local certificate in the downstream TLS connection connection.dns_san_peer_certificate, string, The first DNS entry in the SAN field of the peer certificate in the downstream TLS connection connection.uri_san_local_certificate, string, The first URI entry in the SAN field of the local certificate in the downstream TLS connection connection.uri_san_peer_certificate, string, The first URI entry in the SAN field of the peer certificate in the downstream TLS connection connection.id, uint, Downstream connection ID upstream.address, string, Upstream connection remote address upstream.port, int, Upstream connection remote port upstream.tls_version, string, TLS version of the upstream TLS connection upstream.subject_local_certificate, string, The subject field of the local certificate in the upstream TLS connection upstream.subject_peer_certificate, string, The subject field of the peer certificate in the upstream TLS connection upstream.dns_san_local_certificate, string, The first DNS entry in the SAN field of the local certificate in the upstream TLS connection upstream.dns_san_peer_certificate, string, The first DNS entry in the SAN field of the peer certificate in the upstream TLS connection upstream.uri_san_local_certificate, string, The first URI entry in the SAN field of the local certificate in the upstream TLS connection upstream.uri_san_peer_certificate, string, The first URI entry in the SAN field of the peer certificate in the upstream TLS connection upstream.local_address, string, The local address of the upstream connection upstream.transport_failure_reason, string, The upstream transport failure reason e.g. certificate validation failed Most attributes are optional and provide the default value based on the type of the attribute. CEL supports presence checks for attributes and maps using `has()` syntax, e.g. `has(request.referer)`. ================================================ FILE: docs/root/intro/arch_overview/security/security.rst ================================================ Security ======== .. toctree:: :maxdepth: 2 ssl jwt_authn_filter ext_authz_filter rbac_filter threat_model external_deps google_vrp ================================================ FILE: docs/root/intro/arch_overview/security/ssl.rst ================================================ .. _arch_overview_ssl: TLS === Envoy supports both :ref:`TLS termination ` in listeners as well as :ref:`TLS origination ` when making connections to upstream clusters. Support is sufficient for Envoy to perform standard edge proxy duties for modern web services as well as to initiate connections with external services that have advanced TLS requirements (TLS1.2, SNI, etc.). Envoy supports the following TLS features: * **Configurable ciphers**: Each TLS listener and client can specify the ciphers that it supports. * **Client certificates**: Upstream/client connections can present a client certificate in addition to server certificate verification. * **Certificate verification and pinning**: Certificate verification options include basic chain verification, subject name verification, and hash pinning. * **Certificate revocation**: Envoy can check peer certificates against a certificate revocation list (CRL) if one is :ref:`provided `. * **ALPN**: TLS listeners support ALPN. The HTTP connection manager uses this information (in addition to protocol inference) to determine whether a client is speaking HTTP/1.1 or HTTP/2. * **SNI**: SNI is supported for both server (listener) and client (upstream) connections. * **Session resumption**: Server connections support resuming previous sessions via TLS session tickets (see `RFC 5077 `_). Resumption can be performed across hot restarts and between parallel Envoy instances (typically useful in a front proxy configuration). * **BoringSSL private key methods**: TLS private key operations (signing and decrypting) can be performed asynchronously from :ref:`an extension `. This allows extending Envoy to support various key management schemes (such as TPM) and TLS acceleration. This mechanism uses `BoringSSL private key method interface `_. * **OCSP Stapling**: Online Certificate Stapling Protocol responses may be stapled to certificates. Underlying implementation ------------------------- Currently Envoy is written to use `BoringSSL `_ as the TLS provider. .. _arch_overview_ssl_fips: FIPS 140-2 ---------- BoringSSL can be built in a `FIPS-compliant mode `_, following the build instructions from the `Security Policy for BoringCrypto module `_, using ``--define boringssl=fips`` Bazel option. Currently, this option is only available on Linux-x86_64. The correctness of the FIPS build can be verified by checking the presence of ``BoringSSL-FIPS`` in the :option:`--version` output. It's important to note that while using FIPS-compliant module is necessary for FIPS compliance, it's not sufficient by itself, and depending on the context, additional steps might be necessary. The extra requirements may include using only approved algorithms and/or using only private keys generated by a module operating in FIPS-approved mode. For more information, please refer to the `Security Policy for BoringCrypto module `_ and/or an `accredited CMVP laboratory `_. Please note that the FIPS-compliant build is based on an older version of BoringSSL than the non-FIPS build, and it doesn't support the most recent QUIC APIs. .. _arch_overview_ssl_enabling_verification: Enabling certificate verification --------------------------------- Certificate verification of both upstream and downstream connections is not enabled unless the validation context specifies one or more trusted authority certificates. Example configuration ^^^^^^^^^^^^^^^^^^^^^ .. literalinclude:: _include/ssl.yaml :language: yaml */etc/ssl/certs/ca-certificates.crt* is the default path for the system CA bundle on Debian systems. :ref:`trusted_ca ` along with :ref:`match_subject_alt_names ` makes Envoy verify the server identity of *127.0.0.2:1234* as "foo" in the same way as e.g. cURL does on standard Debian installations. Common paths for system CA bundles on Linux and BSD are: * /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.) * /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7) * /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6) * /etc/ssl/ca-bundle.pem (OpenSUSE) * /usr/local/etc/ssl/cert.pem (FreeBSD) * /etc/ssl/cert.pem (OpenBSD) See the reference for :ref:`UpstreamTlsContexts ` and :ref:`DownstreamTlsContexts ` for other TLS options. .. attention:: If only :ref:`trusted_ca ` is specified, Envoy will verify the certificate chain of the presented certificate, but not its subject name, hash, etc. Other validation context configuration is typically required depending on the deployment. .. _arch_overview_ssl_cert_select: Certificate selection --------------------- :ref:`DownstreamTlsContexts ` support multiple TLS certificates. These may be a mix of RSA and P-256 ECDSA certificates. The following rules apply: * Only one certificate of a particular type (RSA or ECDSA) may be specified. * Non-P-256 server ECDSA certificates are rejected. * If the client supports P-256 ECDSA, a P-256 ECDSA certificate will be selected if one is present in the :ref:`DownstreamTlsContext ` and it is in compliance with the OCSP policy. * If the client only supports RSA certificates, a RSA certificate will be selected if present in the :ref:`DownstreamTlsContext `. * Otherwise, the first certificate listed is used. This will result in a failed handshake if the client only supports RSA certificates and the server only has ECDSA certificates. * Static and SDS certificates may not be mixed in a given :ref:`DownstreamTlsContext `. * The selected certificate must adhere to the OCSP policy. If no such certificate is found, the connection is refused. Only a single TLS certificate is supported today for :ref:`UpstreamTlsContexts `. Secret discovery service (SDS) ------------------------------ TLS certificates can be specified in the static resource or can be fetched remotely. Certificate rotation is supported for static resources by sourcing :ref:`SDS configuration from the filesystem ` or by pushing updates from the SDS server. Please see :ref:`SDS ` for details. .. _arch_overview_ssl_ocsp_stapling: OCSP Stapling ------------- :ref:`DownstreamTlsContexts ` support stapling an Online Certificate Status Protocol (OCSP) response to a TLS certificate during the handshake. The ``ocsp_staple`` field allows the operator to supply a pre-computed OCSP response per-certificate in the context. A single response may not pertain to multiple certificates. If provided, OCSP responses must be valid and affirm the certificate has not been revoked. Expired OCSP responses are accepted, but may cause downstream connection errors depending on the OCSP staple policy. :ref:`DownstreamTlsContexts ` support an ``ocsp_staple_policy`` field to control whether Envoy should stop using a certificate or continue without stapling when its associated OCSP response is missing or expired. Certificates marked as `must-staple `_ require a valid OCSP response regardless of the OCSP staple policy. In practice, a must-staple certificate causes cEnvoy to behave as if the OCSP staple policy is :ref:`MUST_STAPLE`. Envoy will not use a must-staple certificate for new connections after its OCSP response expires. OCSP responses are never stapled to TLS requests that do not indicate support for OCSP stapling via the ``status_request`` extension. The following runtime flags are provided to adjust the requirements of OCSP responses and override the OCSP policy. These flags default to ``true``. * ``envoy.reloadable_features.require_ocsp_response_for_must_staple_certs``: Disabling this allows the operator to omit an OCSP response for must-staple certs in the config. * ``envoy.reloadable_features.check_ocsp_policy``: Disabling this will disable OCSP policy checking. OCSP responses are stapled when available if the client supports it, even if the response is expired. Stapling is skipped if no response is present. OCSP responses are ignored for :ref:`UpstreamTlsContexts `. .. _arch_overview_ssl_auth_filter: Authentication filter --------------------- Envoy provides a network filter that performs TLS client authentication via principals fetched from a REST VPN service. This filter matches the presented client certificate hash against the principal list to determine whether the connection should be allowed or not. Optional IP allowlisting can also be configured. This functionality can be used to build edge proxy VPN support for web infrastructure. Client TLS authentication filter :ref:`configuration reference `. .. _arch_overview_ssl_custom_handshaker: Custom handshaker extension --------------------------- The :ref:`CommonTlsContext ` has a ``custom_handshaker`` extension which can be used to override SSL handshake behavior entirely. This is useful for implementing any TLS behavior which is difficult to express with callbacks. It is not necessary to write a custom handshaker to use private key methods, see the :ref:`private key method interface ` described above. To avoid reimplementing all of the `Ssl::ConnectionInfo `_ interface, a custom implementation might choose to extend `Envoy::Extensions::TransportSockets::Tls::SslHandshakerImpl `_. Custom handshakers need to explicitly declare via `HandshakerCapabilities `_ which TLS features they are responsible for. The default Envoy handshaker will manage the remainder. A useful example handshaker, named ``SslHandshakerImplForTest``, lives in `this test `_ and demonstrates special-case ``SSL_ERROR`` handling and callbacks. .. _arch_overview_ssl_trouble_shooting: Trouble shooting ---------------- When Envoy originates TLS when making connections to upstream clusters, any errors will be logged into :ref:`UPSTREAM_TRANSPORT_FAILURE_REASON` field or :ref:`AccessLogCommon.upstream_transport_failure_reason` field. Common errors are: * ``Secret is not supplied by SDS``: Envoy is still waiting SDS to deliver key/cert or root CA. * ``SSLV3_ALERT_CERTIFICATE_EXPIRED``: Peer certificate is expired and not allowed in config. * ``SSLV3_ALERT_CERTIFICATE_UNKNOWN``: Peer certificate is not in config specified SPKI. * ``SSLV3_ALERT_HANDSHAKE_FAILURE``: Handshake failed, usually due to upstream requires client certificate but not presented. * ``TLSV1_ALERT_PROTOCOL_VERSION``: TLS protocol version mismatch. * ``TLSV1_ALERT_UNKNOWN_CA``: Peer certificate CA is not in trusted CA. More detailed list of error that can be raised by BoringSSL can be found `here `_ ================================================ FILE: docs/root/intro/arch_overview/security/threat_model.rst ================================================ .. _arch_overview_threat_model: Threat model ============ Below we articulate the Envoy threat model, which is of relevance to Envoy operators, developers and security researchers. We detail our security release process at https://github.com/envoyproxy/envoy/security/policy. Confidentiality, integrity and availability ------------------------------------------- We consider vulnerabilities leading to the compromise of data confidentiality or integrity to be our highest priority concerns. Availability, in particular in areas relating to DoS and resource exhaustion, is also a serious security concern for Envoy operators, in particular those utilizing Envoy in edge deployments. We will activate the security release process for disclosures that meet the following criteria: * All issues that lead to loss of data confidentiality or integrity trigger the security release process. * An availability issue, such as Query-of-Death (QoD) or resource exhaustion needs to meet all of the following criteria to trigger the security release process: - A component tagged as hardened is affected (see `Core and extensions`_ for the list of hardened components). - The type of traffic (upstream or downstream) that exhibits the issue matches the component's hardening tag. I.e. component tagged as “hardened to untrusted downstream” is affected by downstream request. - A resource exhaustion issue needs to meet these additional criteria: + Not covered by an existing timeout or where applying short timeout values is impractical and either + Memory exhaustion, including out of memory conditions, where per-request memory use 100x or more above the configured header or high watermark limit. I.e. 10 KiB client request leading to 1 MiB bytes of memory consumed by Envoy; + Highly asymmetric CPU utilization where Envoy uses 100x or more CPU compared to client. The Envoy availability stance around CPU and memory DoS is still evolving, especially for brute force attacks. We acknowledge that brute force (i.e. these with amplification factor less than 100) attacks are likely for Envoy deployments as part of cloud infrastructure or with the use of botnets. We will continue to iterate and fix well known resource issues in the open, e.g. overload manager and watermark improvements. We will activate the security process for brute force disclosures that appear to present a risk to existing Envoy deployments. Note that we do not currently consider the default settings for Envoy to be safe from an availability perspective. It is necessary for operators to explicitly :ref:`configure ` watermarks, the overload manager, circuit breakers and other resource related features in Envoy to provide a robust availability story. We will not act on any security disclosure that relates to a lack of safe defaults. Over time, we will work towards improved safe-by-default configuration, but due to backwards compatibility and performance concerns, this will require following the breaking change deprecation policy. Data and control plane ---------------------- We divide our threat model into data and control plane, reflecting the internal division in Envoy of these concepts from an architectural perspective. Our highest priority in risk assessment is the threat posed by untrusted downstream client traffic on the data plane. This reflects the use of Envoy in an edge serving capacity and also the use of Envoy as an inbound destination in a service mesh deployment. In addition, we have an evolving position towards any vulnerability that might be exploitable by untrusted upstreams. We recognize that these constitute a serious security consideration, given the use of Envoy as an egress proxy. We will activate the security release process for disclosures that appear to present a risk profile that is significantly greater than the current Envoy upstream hardening status quo. The control plane management server is generally trusted. We do not consider wire-level exploits against the xDS transport protocol to be a concern as a result. However, the configuration delivered to Envoy over xDS may originate from untrusted sources and may not be fully sanitized. An example of this might be a service operator that hosts multiple tenants on an Envoy, where tenants may specify a regular expression on a header match in `RouteConfiguration`. In this case, we expect that Envoy is resilient against the risks posed by malicious configuration from a confidentiality, integrity and availability perspective, as described above. We generally assume that services utilized for side calls during the request processing, e.g. external authorization, credential suppliers, rate limit services, are trusted. When this is not the case, an extension will explicitly state this in its documentation. Core and extensions ------------------- Anything in the Envoy core may be used in both untrusted and trusted deployments. As a consequence, it should be hardened with this model in mind. Security issues related to core code will usually trigger the security release process as described in this document. The following extensions are intended to be hardened against untrusted downstream and upstreams: .. include:: secpos_robust_to_untrusted_downstream_and_upstream.rst The following extensions should not be exposed to data plane attack vectors and hence are intended to be robust to untrusted downstreams and upstreams: .. include:: secpos_data_plane_agnostic.rst The following extensions are intended to be hardened against untrusted downstreams but assume trusted upstreams: .. include:: secpos_robust_to_untrusted_downstream.rst The following extensions should only be used when both the downstream and upstream are trusted: .. include:: secpos_requires_trusted_downstream_and_upstream.rst The following extensions have an unknown security posture: .. include:: secpos_unknown.rst Envoy currently has two dynamic filter extensions that support loadable code; WASM and Lua. In both cases, we assume that the dynamically loaded code is trusted. We expect the runtime for Lua to be robust to untrusted data plane traffic with the assumption of a trusted script. WASM is still in development, but will eventually have a similar security stance. ================================================ FILE: docs/root/intro/arch_overview/upstream/aggregate_cluster.rst ================================================ .. _arch_overview_aggregate_cluster: Aggregate Cluster ================= Aggregate cluster is used for failover between clusters with different configuration, e.g., from EDS upstream cluster to STRICT_DNS upstream cluster, from cluster using ROUND_ROBIN load balancing policy to cluster using MAGLEV, from cluster with 0.1s connection timeout to cluster with 1s connection timeout, etc. Aggregate cluster loosely couples multiple clusters by referencing their name in the :ref:`configuration `. The fallback priority is defined implicitly by the ordering in the :ref:`clusters list `. Aggregate cluster uses tiered load balancing. The load balancer chooses cluster and priority first and then delegates the load balancing to the load balancer of the selected cluster. The top level load balancer reuses the existing load balancing algorithm by linearizing the priority set of multiple clusters into one. Linearize Priority Set ---------------------- Upstream hosts are divided into multiple :ref:`priority levels ` and each priority level contains a list of healthy, degraded and unhealthy hosts. Linearization is used to simplify the host selection during load balancing by merging priority levels from multiple clusters. For example, primary cluster has 3 priority levels, secondary has 2 and tertiary has 2 and the failover ordering is primary, secondary, tertiary. +-----------+----------------+-------------------------------------+ | Cluster | Priority Level | Priority Level after Linearization | +===========+================+=====================================+ | Primary | 0 | 0 | +-----------+----------------+-------------------------------------+ | Primary | 1 | 1 | +-----------+----------------+-------------------------------------+ | Primary | 2 | 2 | +-----------+----------------+-------------------------------------+ | Secondary | 0 | 3 | +-----------+----------------+-------------------------------------+ | Secondary | 1 | 4 | +-----------+----------------+-------------------------------------+ | Tertiary | 0 | 5 | +-----------+----------------+-------------------------------------+ | Tertiary | 1 | 6 | +-----------+----------------+-------------------------------------+ Example ------- A sample aggregate cluster configuration could be: .. code-block:: yaml name: aggregate_cluster connect_timeout: 0.25s lb_policy: CLUSTER_PROVIDED cluster_type: name: envoy.clusters.aggregate typed_config: "@type": type.googleapis.com/envoy.extensions.clusters.aggregate.v3.ClusterConfig clusters: # cluster primary, secondary and tertiary should be defined outside. - primary - secondary - tertiary Note: :ref:`PriorityLoad retry plugins ` won't work for aggregate cluster because the aggregate load balancer will override the *PriorityLoad* during load balancing. Load Balancing Example ---------------------- Aggregate cluster uses tiered load balancing algorithm and the top tier is distributing traffic to different clusters according to the health score across all :ref:`priorities ` in each cluster. The aggregate cluster in this section includes two clusters which is different from what the above configuration describes. +-----------------------------------------------------------------------------------------------------------------------+--------------------+----------------------+ | Cluster | Traffic to Primary | Traffic to Secondary | +=======================================================================+===============================================+====================+======================+ | Primary | Secondary | | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+ + | P=0 Healthy Endpoints | P=1 Healthy Endpoints | P=2 Healthy Endpoints | P=0 Healthy Endpoints | P=1 Healthy Endpoints | | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 100% | 100% | 100% | 100% | 100% | 100% | 0% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 72% | 100% | 100% | 100% | 100% | 100% | 0% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 71% | 1% | 0% | 100% | 100% | 100% | 0% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 71% | 0% | 0% | 100% | 100% | 99% | 1% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 50% | 0% | 0% | 50% | 0% | 70% | 30% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 20% | 20% | 10% | 25% | 25% | 70% | 30% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 20% | 0% | 0% | 20% | 0% | 50% | 50% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 0% | 0% | 0% | 100% | 0% | 0% | 100% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ | 0% | 0% | 0% | 72% | 0% | 0% | 100% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ Note: The above load balancing uses default :ref:`overprovisioning factor ` which is 1.4 which means if 80% of the endpoints in a priority level are healthy, that level is still considered fully healthy because 80 * 1.4 > 100. The example shows how the aggregate cluster level load balancer selects the cluster. E.g., healths of {{20, 20, 10}, {25, 25}} would result in a priority load of {{28%, 28%, 14%}, {30%, 0%}} of traffic. When normalized total health drops below 100, traffic is distributed after normalizing the levels' health scores to that sub-100 total. E.g. healths of {{20, 0, 0}, {20, 0}} (yielding a normalized total health of 56) would be normalized and each cluster will receive 20 * 1.4 / 56 = 50% of the traffic which results in a priority load of {{50%, 0%, 0%}, {50%, 0%, 0%}} of traffic. The load balancer reuses priority level logic to help with the cluster selection. The priority level logic works with integer health scores. The health score of a level is (percent of healthy hosts in the level) * (overprovisioning factor), capped at 100%. P=0 endpoints receive level 0's health score percent of the traffic, with the rest flowing to P=1 (assuming P=1 is 100% healthy - more on that later). The integer percents of traffic that each cluster receives are collectively called the system's "cluster priority load". For instance, for primary cluster, when 20% of P=0 endpoints are healthy, 20% of P=1 endpoints are healthy, and 10% of P=2 endpoints are healthy; for secondary, when 25% of P=0 endpoints are healthy and 25% of P=1 endpoints are healthy. The primary cluster will receive 20% * 1.4 + 20% * 1.4 + 10% * 1.4 = 70% of the traffic. The secondary cluster will receive min(100 - 70, 25% * 1.4 + 25% * 1.4) = 30% of the traffic. The traffic to all clusters sum up to 100. The normalized health score and priority load are pre-computed before selecting the cluster and priority. To sum this up in pseudo algorithms: :: health(P_X) = min(100, 1.4 * 100 * healthy_P_X_backends / total_P_X_backends), where total_P_X_backends is the number of backends for priority P_X after linearization normalized_total_health = min(100, Σ(health(P_0)...health(P_X))) cluster_priority_load(C_0) = min(100, Σ(health(P_0)...health(P_k)) * 100 / normalized_total_health), where P_0...P_k belong to C_0 cluster_priority_load(C_X) = min(100 - Σ(priority_load(C_0)..priority_load(C_X-1)), Σ(health(P_x)...health(P_X)) * 100 / normalized_total_health), where P_x...P_X belong to C_X map from priorities to clusters: P_0 ... P_k ... ...P_x ... P_X ^ ^ ^ ^ cluster C_0 cluster C_X The second tier is delegating the load balancing to the cluster selected in the first step and the cluster could use any load balancing algorithms specified by :ref:`load balancer type `. ================================================ FILE: docs/root/intro/arch_overview/upstream/circuit_breaking.rst ================================================ .. _arch_overview_circuit_break: Circuit breaking ================ Circuit breaking is a critical component of distributed systems. It’s nearly always better to fail quickly and apply back pressure downstream as soon as possible. One of the main benefits of an Envoy mesh is that Envoy enforces circuit breaking limits at the network level as opposed to having to configure and code each application independently. Envoy supports various types of fully distributed (not coordinated) circuit breaking: .. _arch_overview_circuit_break_cluster_maximum_connections: * **Cluster maximum connections**: The maximum number of connections that Envoy will establish to all hosts in an upstream cluster. If this circuit breaker overflows the :ref:`upstream_cx_overflow ` counter for the cluster will increment. All connections, whether active or draining, count against this limit. Even if this circuit breaker has overflowed, Envoy will ensure that a host selected by cluster load balancing has at least one connection allocated. This has the implication that the :ref:`upstream_cx_active ` count for a cluster may be higher than the cluster maximum connection circuit breaker, with an upper bound of `cluster maximum connections + (number of endpoints in a cluster) * (connection pools for the cluster)`. This bound applies to the sum of connections across all workers threads. See :ref:`connection pooling ` for details on how many connection pools a cluster may have. * **Cluster maximum pending requests**: The maximum number of requests that will be queued while waiting for a ready connection pool connection. Requests are added to the list of pending requests whenever there aren't enough upstream connections available to immediately dispatch the request. For HTTP/2 connections, if :ref:`max concurrent streams ` and :ref:`max requests per connection ` are not configured, all requests will be multiplexed over the same connection so this circuit breaker will only be hit when no connection is already established. If this circuit breaker overflows the :ref:`upstream_rq_pending_overflow ` counter for the cluster will increment. * **Cluster maximum requests**: The maximum number of requests that can be outstanding to all hosts in a cluster at any given time. If this circuit breaker overflows the :ref:`upstream_rq_pending_overflow ` counter for the cluster will increment. * **Cluster maximum active retries**: The maximum number of retries that can be outstanding to all hosts in a cluster at any given time. In general we recommend using :ref:`retry budgets `; however, if static circuit breaking is preferred it should aggressively circuit break retries. This is so that retries for sporadic failures are allowed, but the overall retry volume cannot explode and cause large scale cascading failure. If this circuit breaker overflows the :ref:`upstream_rq_retry_overflow ` counter for the cluster will increment. .. _arch_overview_circuit_break_cluster_maximum_connection_pools: * **Cluster maximum concurrent connection pools**: The maximum number of connection pools that can be concurrently instantiated. Some features, such as the :ref:`Original Src Listener Filter `, can create an unbounded number of connection pools. When a cluster has exhausted its concurrent connection pools, it will attempt to reclaim an idle one. If it cannot, then the circuit breaker will overflow. This differs from :ref:`Cluster maximum connections ` in that connection pools never time out, whereas connections typically will. Connections automatically clean up; connection pools do not. Note that in order for a connection pool to function it needs at least one upstream connection, so this value should likely be no greater than :ref:`Cluster maximum connections `. If this circuit breaker overflows the :ref:`upstream_cx_pool_overflow ` counter for the cluster will increment. Each circuit breaking limit is :ref:`configurable ` and tracked on a per upstream cluster and per priority basis. This allows different components of the distributed system to be tuned independently and have different limits. The live state of these circuit breakers, including the number of resources remaining until a circuit breaker opens, can be observed via :ref:`statistics `. Workers threads share circuit breaker limits, i.e. if the active connection threshold is 500, worker thread 1 has 498 connections active, then worker thread 2 can only allocate 2 more connections. Since the implementation is eventually consistent, races between threads may allow limits to be potentially exceeded. Circuit breakers are enabled by default and have modest default values, e.g. 1024 connections per cluster. To disable circuit breakers, set the :ref:`thresholds ` to the highest allowed values. Note that circuit breaking will cause the :ref:`x-envoy-overloaded ` header to be set by the router filter in the case of HTTP requests. ================================================ FILE: docs/root/intro/arch_overview/upstream/cluster_manager.rst ================================================ .. _arch_overview_cluster_manager: Cluster manager =============== Envoy’s cluster manager manages all configured upstream clusters. Just as the Envoy configuration can contain any number of listeners, the configuration can also contain any number of independently configured upstream clusters. Upstream clusters and hosts are abstracted from the network/HTTP filter stack given that upstream clusters and hosts may be used for any number of different proxy tasks. The cluster manager exposes APIs to the filter stack that allow filters to obtain a L3/L4 connection to an upstream cluster, or a handle to an abstract HTTP connection pool to an upstream cluster (whether the upstream host supports HTTP/1.1 or HTTP/2 is hidden). A filter stage determines whether it needs an L3/L4 connection or a new HTTP stream and the cluster manager handles all of the complexity of knowing which hosts are available and healthy, load balancing, thread local storage of upstream connection data (since most Envoy code is written to be single threaded), upstream connection type (TCP/IP, UDS), upstream protocol where applicable (HTTP/1.1, HTTP/2), etc. Clusters known to the cluster manager can be configured either statically, or fetched dynamically via the cluster discovery service (CDS) API. Dynamic cluster fetches allow more configuration to be stored in a central configuration server and thus requires fewer Envoy restarts and configuration distribution. * Cluster manager :ref:`configuration `. * CDS :ref:`configuration `. .. _arch_overview_cluster_warming: Cluster warming --------------- When clusters are initialized both at server boot as well as via CDS, they are "warmed." This means that clusters do not become available until the following operations have taken place. * Initial service discovery load (e.g., DNS resolution, EDS update, etc.). * Initial active :ref:`health check ` pass if active health checking is configured. Envoy will send a health check request to each discovered host to determine its initial health status. The previous items ensure that Envoy has an accurate view of a cluster before it begins using it for traffic serving. When discussing cluster warming, the cluster "becoming available" means: * For newly added clusters, the cluster will not appear to exist to the rest of Envoy until it has been warmed. I.e., HTTP routes that reference the cluster will result in either a 404 or 503 (depending on configuration). * For updated clusters, the old cluster will continue to exist and serve traffic. When the new cluster has been warmed, it will be atomically swapped with the old cluster such that no traffic interruptions take place. ================================================ FILE: docs/root/intro/arch_overview/upstream/connection_pooling.rst ================================================ .. _arch_overview_conn_pool: Connection pooling ================== For HTTP traffic, Envoy supports abstract connection pools that are layered on top of the underlying wire protocol (HTTP/1.1 or HTTP/2). The utilizing filter code does not need to be aware of whether the underlying protocol supports true multiplexing or not. In practice the underlying implementations have the following high level properties: HTTP/1.1 -------- The HTTP/1.1 connection pool acquires connections as needed to an upstream host (up to the circuit breaking limit). Requests are bound to connections as they become available, either because a connection is done processing a previous request or because a new connection is ready to receive its first request. The HTTP/1.1 connection pool does not make use of pipelining so that only a single downstream request must be reset if the upstream connection is severed. HTTP/2 ------ The HTTP/2 connection pool multiplexes multiple requests over a single connection, up to the limits imposed by :ref:`max concurrent streams ` and :ref:`max requests per connection `. The HTTP/2 connection pool establishes as many connections as are needed to serve requests. With no limits, this will be only a single connection. If a GOAWAY frame is received or if the connection reaches the :ref:`maximum requests per connection ` limit, the connection pool will drain the affected connection. Once a connection reaches its :ref:`maximum concurrent stream limit `, it will be marked as busy until a stream is available. New connections are established anytime there is a pending request without a connection that can be dispatched to (up to circuit breaker limits for connections). HTTP/2 is the preferred communication protocol, as connections rarely, if ever, get severed. .. _arch_overview_conn_pool_how_many: Number of connection pools -------------------------- Each host in each cluster will have one or more connection pools. If the cluster is HTTP/1 or HTTP/2 only, then the host may have only a single connection pool. However, if the cluster supports multiple upstream protocols, then at least one connection pool per protocol will be allocated. Separate connection pools are also allocated for each of the following features: * :ref:`Routing priority ` * :ref:`Socket options ` * :ref:`Transport socket (e.g. TLS) options ` Each worker thread maintains its own connection pools for each cluster, so if an Envoy has two threads and a cluster with both HTTP/1 and HTTP/2 support, there will be at least 4 connection pools. .. _arch_overview_conn_pool_health_checking: Health checking interactions ---------------------------- If Envoy is configured for either active or passive :ref:`health checking `, all connection pool connections will be closed on behalf of a host that transitions from a available state to an unavailable state. If the host reenters the load balancing rotation it will create fresh connections which will maximize the chance of working around a bad flow (due to ECMP route or something else). ================================================ FILE: docs/root/intro/arch_overview/upstream/health_checking.rst ================================================ .. _arch_overview_health_checking: Health checking =============== Active health checking can be :ref:`configured ` on a per upstream cluster basis. As described in the :ref:`service discovery ` section, active health checking and the EDS service discovery type go hand in hand. However, there are other scenarios where active health checking is desired even when using the other service discovery types. Envoy supports three different types of health checking along with various settings (check interval, failures required before marking a host unhealthy, successes required before marking a host healthy, etc.): * **HTTP**: During HTTP health checking Envoy will send an HTTP request to the upstream host. By default, it expects a 200 response if the host is healthy. Expected response codes are :ref:`configurable `. The upstream host can return 503 if it wants to immediately notify downstream hosts to no longer forward traffic to it. * **L3/L4**: During L3/L4 health checking, Envoy will send a configurable byte buffer to the upstream host. It expects the byte buffer to be echoed in the response if the host is to be considered healthy. Envoy also supports connect only L3/L4 health checking. * **Redis**: Envoy will send a Redis PING command and expect a PONG response. The upstream Redis server can respond with anything other than PONG to cause an immediate active health check failure. Optionally, Envoy can perform EXISTS on a user-specified key. If the key does not exist it is considered a passing healthcheck. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. See :ref:`redis_key `. Health checks occur over the transport socket specified for the cluster. This implies that if a cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. The :ref:`TLS options ` used for health check connections can be specified, which is useful if the corresponding upstream is using ALPN-based :ref:`FilterChainMatch ` with different protocols for health checks versus data connections. .. _arch_overview_per_cluster_health_check_config: Per cluster member health check config -------------------------------------- If active health checking is configured for an upstream cluster, a specific additional configuration for each registered member can be specified by setting the :ref:`HealthCheckConfig` in the :ref:`Endpoint` of an :ref:`LbEndpoint` of each defined :ref:`LocalityLbEndpoints` in a :ref:`ClusterLoadAssignment`. An example of setting up :ref:`health check config` to set a :ref:`cluster member`'s alternative health check :ref:`port` is: .. code-block:: yaml load_assignment: endpoints: - lb_endpoints: - endpoint: health_check_config: port_value: 8080 address: socket_address: address: localhost port_value: 80 .. _arch_overview_health_check_logging: Health check event logging -------------------------- A per-healthchecker log of ejection and addition events can optionally be produced by Envoy by specifying a log file path in :ref:`the HealthCheck config `. The log is structured as JSON dumps of :ref:`HealthCheckEvent messages `. Envoy can be configured to log all health check failure events by setting the :ref:`always_log_health_check_failures flag ` to true. Passive health checking ----------------------- Envoy also supports passive health checking via :ref:`outlier detection `. Connection pool interactions ---------------------------- See :ref:`here ` for more information. .. _arch_overview_health_checking_filter: HTTP health checking filter --------------------------- When an Envoy mesh is deployed with active health checking between clusters, a large amount of health checking traffic can be generated. Envoy includes an HTTP health checking filter that can be installed in a configured HTTP listener. This filter is capable of a few different modes of operation: * **No pass through**: In this mode, the health check request is never passed to the local service. Envoy will respond with a 200 or a 503 depending on the current draining state of the server. * **No pass through, computed from upstream cluster health**: In this mode, the health checking filter will return a 200 or a 503 depending on whether at least a :ref:`specified percentage ` of the servers are available (healthy + degraded) in one or more upstream clusters. (If the Envoy server is in a draining state, though, it will respond with a 503 regardless of the upstream cluster health.) * **Pass through**: In this mode, Envoy will pass every health check request to the local service. The service is expected to return a 200 or a 503 depending on its health state. * **Pass through with caching**: In this mode, Envoy will pass health check requests to the local service, but then cache the result for some period of time. Subsequent health check requests will return the cached value up to the cache time. When the cache time is reached, the next health check request will be passed to the local service. This is the recommended mode of operation when operating a large mesh. Envoy uses persistent connections for health checking traffic and health check requests have very little cost to Envoy itself. Thus, this mode of operation yields an eventually consistent view of the health state of each upstream host without overwhelming the local service with a large number of health check requests. Further reading: * Health check filter :ref:`configuration `. * :ref:`/healthcheck/fail ` admin endpoint. * :ref:`/healthcheck/ok ` admin endpoint. Active health checking fast failure ----------------------------------- When using active health checking along with passive health checking (:ref:`outlier detection `), it is common to use a long health checking interval to avoid a large amount of active health checking traffic. In this case, it is still useful to be able to quickly drain an upstream host when using the :ref:`/healthcheck/fail ` admin endpoint. To support this, the :ref:`router filter ` will respond to the :ref:`x-envoy-immediate-health-check-fail ` header. If this header is set by an upstream host, Envoy will immediately mark the host as being failed for active health check. Note that this only occurs if the host's cluster has active health checking :ref:`configured `. The :ref:`health checking filter ` will automatically set this header if Envoy has been marked as failed via the :ref:`/healthcheck/fail ` admin endpoint. .. _arch_overview_health_checking_identity: Health check identity --------------------- Just verifying that an upstream host responds to a particular health check URL does not necessarily mean that the upstream host is valid. For example, when using eventually consistent service discovery in a cloud auto scaling or container environment, it's possible for a host to go away and then come back with the same IP address, but as a different host type. One solution to this problem is having a different HTTP health checking URL for every service type. The downside of that approach is that overall configuration becomes more complicated as every health check URL is fully custom. The Envoy HTTP health checker supports the :ref:`service_name_matcher ` option. If this option is set, the health checker additionally compares the value of the *x-envoy-upstream-healthchecked-cluster* response header to *service_name_matcher*. If the values do not match, the health check does not pass. The upstream health check filter appends *x-envoy-upstream-healthchecked-cluster* to the response headers. The appended value is determined by the :option:`--service-cluster` command line option. .. _arch_overview_health_checking_degraded: Degraded health --------------- When using the HTTP health checker, an upstream host can return ``x-envoy-degraded`` to inform the health checker that the host is degraded. See :ref:`here ` for how this affects load balancing. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/degraded.rst ================================================ .. _arch_overview_load_balancing_degraded: Degraded endpoints ------------------ Envoy supports marking certain endpoints as degraded, meaning that they are able to receive traffic, but should only receive traffic once there are not sufficient healthy hosts available. Routing to degraded hosts can be thought of as similar to routing to hosts in a lower :ref:`priority `, although degraded hosts will count against their original priority's health percentage for the purposes of computing traffic spillover. As the amount of healthy hosts available is no longer sufficient to handle 100% of the load, traffic will spill over to degraded hosts using the same mechanism as priority spillover for healthy hosts. This ensures that traffic is gradually shifted to degraded hosts as it becomes necessary. +--------------------------------+------------------------------+-------------------------------+ | P=0 healthy/degraded/unhealthy | Traffic to P=0 healthy hosts | Traffic to P=0 degraded hosts | +================================+==============================+===============================+ | 100%/0%/0% | 100% | 0% | +--------------------------------+------------------------------+-------------------------------+ | 71%/0%/29% | 100% | 0% | +--------------------------------+------------------------------+-------------------------------+ | 71%/29%/0% | 99% | 1% | +--------------------------------+------------------------------+-------------------------------+ | 25%/65%/10% | 35% | 65% | +--------------------------------+------------------------------+-------------------------------+ | 5%/0%/95% | 100% | 0% | +--------------------------------+------------------------------+-------------------------------+ Endpoints can be marked as degraded by using active health checking and having the upstream host return a :ref:`special header `. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/load_balancers.rst ================================================ .. _arch_overview_load_balancing_types: Supported load balancers ------------------------ When a filter needs to acquire a connection to a host in an upstream cluster, the cluster manager uses a load balancing policy to determine which host is selected. The load balancing policies are pluggable and are specified on a per upstream cluster basis in the :ref:`configuration `. Note that if no active health checking policy is :ref:`configured ` for a cluster, all upstream cluster members are considered healthy, unless otherwise specified through :ref:`health_status `. .. _arch_overview_load_balancing_types_round_robin: Weighted round robin ^^^^^^^^^^^^^^^^^^^^ This is a simple policy in which each available upstream host is selected in round robin order. If :ref:`weights ` are assigned to endpoints in a locality, then a weighted round robin schedule is used, where higher weighted endpoints will appear more often in the rotation to achieve the effective weighting. .. _arch_overview_load_balancing_types_least_request: Weighted least request ^^^^^^^^^^^^^^^^^^^^^^ The least request load balancer uses different algorithms depending on whether hosts have the same or different weights. * *all weights equal*: An O(1) algorithm which selects N random available hosts as specified in the :ref:`configuration ` (2 by default) and picks the host which has the fewest active requests (`Mitzenmacher et al. `_ has shown that this approach is nearly as good as an O(N) full scan). This is also known as P2C (power of two choices). The P2C load balancer has the property that a host with the highest number of active requests in the cluster will never receive new requests. It will be allowed to drain until it is less than or equal to all of the other hosts. * *all weights not equal*: If two or more hosts in the cluster have different load balancing weights, the load balancer shifts into a mode where it uses a weighted round robin schedule in which weights are dynamically adjusted based on the host's request load at the time of selection. In this case the weights are calculated at the time a host is picked using the following formula: `weight = load_balancing_weight / (active_requests + 1)^active_request_bias`. :ref:`active_request_bias` can be configured via runtime and defaults to 1.0. It must be greater than or equal to 0.0. The larger the active request bias is, the more aggressively active requests will lower the effective weight. If `active_request_bias` is set to 0.0, the least request load balancer behaves like the round robin load balancer and ignores the active request count at the time of picking. For example, if active_request_bias is 1.0, a host with weight 2 and an active request count of 4 will have an effective weight of 2 / (4 + 1)^1 = 0.4. This algorithm provides good balance at steady state but may not adapt to load imbalance as quickly. Additionally, unlike P2C, a host will never truly drain, though it will receive fewer requests over time. .. _arch_overview_load_balancing_types_ring_hash: Ring hash ^^^^^^^^^ The ring/modulo hash load balancer implements consistent hashing to upstream hosts. Each host is mapped onto a circle (the "ring") by hashing its address; each request is then routed to a host by hashing some property of the request, and finding the nearest corresponding host clockwise around the ring. This technique is also commonly known as `"Ketama" `_ hashing, and like all hash-based load balancers, it is only effective when protocol routing is used that specifies a value to hash on. Each host is hashed and placed on the ring some number of times proportional to its weight. For example, if host A has a weight of 1 and host B has a weight of 2, then there might be three entries on the ring: one for host A and two for host B. This doesn't actually provide the desired 2:1 partitioning of the circle, however, since the computed hashes could be coincidentally very close to one another; so it is necessary to multiply the number of hashes per host---for example inserting 100 entries on the ring for host A and 200 entries for host B---to better approximate the desired distribution. Best practice is to explicitly set :ref:`minimum_ring_size` and :ref:`maximum_ring_size`, and monitor the :ref:`min_hashes_per_host and max_hashes_per_host gauges` to ensure good distribution. With the ring partitioned appropriately, the addition or removal of one host from a set of N hosts will affect only 1/N requests. When priority based load balancing is in use, the priority level is also chosen by hash, so the endpoint selected will still be consistent when the set of backends is stable. .. _arch_overview_load_balancing_types_maglev: Maglev ^^^^^^ The Maglev load balancer implements consistent hashing to upstream hosts. It uses the algorithm described in section 3.4 of `this paper `_ with a fixed table size of 65537 (see section 5.3 of the same paper). Maglev can be used as a drop in replacement for the :ref:`ring hash load balancer ` any place in which consistent hashing is desired. Like the ring hash load balancer, a consistent hashing load balancer is only effective when protocol routing is used that specifies a value to hash on. The table construction algorithm places each host in the table some number of times proportional to its weight, until the table is completely filled. For example, if host A has a weight of 1 and host B has a weight of 2, then host A will have 21,846 entries and host B will have 43,691 entries (totaling 65,537 entries). The algorithm attempts to place each host in the table at least once, regardless of the configured host and locality weights, so in some extreme cases the actual proportions may differ from the configured weights. For example, if the total number of hosts is larger than the fixed table size, then some hosts will get 1 entry each and the rest will get 0, regardless of weight. Best practice is to monitor the :ref:`min_entries_per_host and max_entries_per_host gauges ` to ensure no hosts are underrepresented or missing. In general, when compared to the ring hash ("ketama") algorithm, Maglev has substantially faster table lookup build times as well as host selection times (approximately 10x and 5x respectively when using a large ring size of 256K entries). The downside of Maglev is that it is not as stable as ring hash. More keys will move position when hosts are removed (simulations show approximately double the keys will move). With that said, for many applications including Redis, Maglev is very likely a superior drop in replacement for ring hash. The advanced reader can use :repo:`this benchmark ` to compare ring hash versus Maglev with different parameters. .. _arch_overview_load_balancing_types_random: Random ^^^^^^ The random load balancer selects a random available host. The random load balancer generally performs better than round robin if no health checking policy is configured. Random selection avoids bias towards the host in the set that comes after a failed host. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/load_balancing.rst ================================================ Load Balancing ============== .. toctree:: :maxdepth: 2 overview load_balancers priority degraded locality_weight overprovisioning panic_threshold original_dst zone_aware subsets ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/locality_weight.rst ================================================ .. _arch_overview_load_balancing_locality_weighted_lb: Locality weighted load balancing -------------------------------- One approach to determining how to weight assignments across different zones and geographical locations is by using explicit weights supplied via EDS in the :ref:`LocalityLbEndpoints ` message. This approach is mutually exclusive with :ref:`zone aware routing `, since in the case of locality aware LB, we rely on the management server to provide the locality weighting, rather than the Envoy-side heuristics used in zone aware routing. When all endpoints are available, the locality is picked using a weighted round-robin schedule, where the locality weight is used for weighting. When some endpoints in a locality are unavailable, we adjust the locality weight to reflect this. As with :ref:`priority levels `, we assume an :ref:`over-provision factor ` (default value 1.4), which means we do not perform any weight adjustment when only a small number of endpoints in a locality are unavailable. Assume a simple set-up with 2 localities X and Y, where X has a locality weight of 1 and Y has a locality weight of 2, L=Y 100% available, with default overprovisioning factor 1.4. +----------------------------+---------------------------+----------------------------+ | L=X healthy endpoints | Percent of traffic to L=X | Percent of traffic to L=Y | +============================+===========================+============================+ | 100% | 33% | 67% | +----------------------------+---------------------------+----------------------------+ | 70% | 33% | 67% | +----------------------------+---------------------------+----------------------------+ | 69% | 32% | 68% | +----------------------------+---------------------------+----------------------------+ | 50% | 26% | 74% | +----------------------------+---------------------------+----------------------------+ | 25% | 15% | 85% | +----------------------------+---------------------------+----------------------------+ | 0% | 0% | 100% | +----------------------------+---------------------------+----------------------------+ To sum this up in pseudo algorithms: :: availability(L_X) = 140 * available_X_upstreams / total_X_upstreams effective_weight(L_X) = locality_weight_X * min(100, availability(L_X)) load to L_X = effective_weight(L_X) / Σ_c(effective_weight(L_c)) Note that the locality weighted pick takes place after the priority level is picked. The load balancer follows these steps: 1. Pick :ref:`priority level `. 2. Pick locality (as described in this section) within priority level from (1). 3. Pick endpoint using cluster specified load balancer within locality from (2). Locality weighted load balancing is configured by setting :ref:`locality_weighted_lb_config ` in the cluster configuration and by providing weights via :ref:`load_balancing_weight ` and identifying the location of the upstream hosts via :ref:`locality ` in :ref:`LocalityLbEndpoints `. This feature is not compatible with :ref:`load balancer subsetting `, since it is not straightforward to reconcile locality level weighting with sensible weights for individual subsets. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/original_dst.rst ================================================ .. _arch_overview_load_balancing_types_original_destination: Original destination -------------------- This is a special purpose load balancer that can only be used with :ref:`an original destination cluster `. Upstream host is selected based on the downstream connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection was before the connection was redirected to Envoy. New destinations are added to the cluster by the load balancer on-demand, and the cluster :ref:`periodically ` cleans out unused hosts from the cluster. No other :ref:`load balancing policy ` can be used with original destination clusters. .. _arch_overview_load_balancing_types_original_destination_request_header: Original destination host request header ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Envoy can also pick up the original destination from a HTTP header called :ref:`x-envoy-original-dst-host `. Please note that fully resolved IP address should be passed in this header. For example if a request has to be routed to a host with IP address 10.195.16.237 at port 8888, the request header value should be set as ``10.195.16.237:8888``. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/overprovisioning.rst ================================================ .. _arch_overview_load_balancing_overprovisioning_factor: Overprovisioning Factor ----------------------- Priority levels and localities are considered overprovisioned with :ref:`this percentage `. Envoy doesn't consider a priority level or locality unavailable until the fraction of available hosts multiplied by the overprovisioning factor drops below 100. The default value is 140 (in percentage, which means 140%), so a priority level or locality will not be considered unavailable until the percentage of available endpoints goes below 72%. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/overview.rst ================================================ .. _arch_overview_load_balancing: Overview ======== What is Load Balancing? ----------------------- Load balancing is a way of distributing traffic between multiple hosts within a single upstream cluster in order to effectively make use of available resources. There are many different ways of accomplishing this, so Envoy provides several different load balancing strategies. At a high level, we can break these strategies into two categories: global load balancing and distributed load balancing. .. _arch_overview_load_balancing_distributed_lb: Distributed Load Balancing -------------------------- Distributed load balancing refers to having Envoy itself determine how load should be distributed to the endpoints based on knowing the location of the upstream hosts. Examples ^^^^^^^^ * :ref:`Active health checking `: by health checking upstream hosts, Envoy can adjust the weights of priorities and localities to account for unavailable hosts. * :ref:`Zone aware routing `: this can be used to make Envoy prefer closer endpoints without having to explicitly configure priorities in the control plane. * :ref:`Load balancing algorithms `: Envoy can use several different algorithms to use the provided weights to determine which host to select. .. _arch_overview_load_balancing_global_lb: Global Load Balancing --------------------- Global load balancing refers to having a single, global authority that decides how load should be distributed between hosts. For Envoy, this would be done by the control plane, which is able to adjust the load applied to individual endpoints by specifying various parameters, such as priority, locality weight, endpoint weight and endpoint health. A simple example would be to have the control plane assign hosts to different :ref:`priorities ` based on network topology to ensure that hosts that require fewer network hops are preferred. This is similar to zone-aware routing, but is handled by the control plane instead of by Envoy. A benefit of doing it in the control plane is that it gets around some of the :ref:`limitations ` of zone aware routing. A more complicated setup could have resource usage being reported to the control plane, allowing it to adjust the weight of endpoints or :ref:`localities ` to account for the current resource usage, attempting to route new requests to idle hosts over busy ones. Both Distributed and Global --------------------------- Most sophisticated deployments will make use of features from both categories. For instance, global load balancing could be used to define the high level routing priorities and weights, while distributed load balancing could be used to react to changes in the system (e.g. using active health checking). By combining these you can get the best of both worlds: a globally aware authority that can control the flow of traffic on the macro level while still having the individual proxies be able to react to changes on the micro level. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/panic_threshold.rst ================================================ .. _arch_overview_load_balancing_panic_threshold: Panic threshold --------------- During load balancing, Envoy will generally only consider available (healthy or degraded) hosts in an upstream cluster. However, if the percentage of available hosts in the cluster becomes too low, Envoy will disregard health status and balance either amongst all hosts or no hosts. This is known as the *panic threshold*. The default panic threshold is 50%. This is :ref:`configurable ` via runtime as well as in the :ref:`cluster configuration `. The panic threshold is used to avoid a situation in which host failures cascade throughout the cluster as load increases. There are two modes Envoy can choose from when in a panic state: traffic will either be sent to all hosts, or will be sent to no hosts (and therefore will always fail). This is configured in the :ref:`cluster configuration `. Choosing to fail traffic during panic scenarios can help avoid overwhelming potentially failing upstream services, as it will reduce the load on the upstream service before all hosts have been determined to be unhealthy. However, it eliminates the possibility of _some_ requests succeeding even when many or all hosts in a cluster are unhealthy. This may be a good tradeoff to make if a given service is observed to fail in an all-or-nothing pattern, as it will more quickly cut off requests to the cluster. Conversely, if a cluster typically continues to successfully service _some_ requests even when degraded, enabling this option is probably unhelpful. Panic thresholds work in conjunction with priorities. If the number of available hosts in a given priority goes down, Envoy will try to shift some traffic to lower priorities. If it succeeds in finding enough available hosts in lower priorities, Envoy will disregard panic thresholds. In mathematical terms, if normalized total availability across all priority levels is 100%, Envoy disregards panic thresholds and continues to distribute traffic load across priorities according to the algorithm described :ref:`here `. However, when normalized total availability drops below 100%, Envoy assumes that there are not enough available hosts across all priority levels. It continues to distribute traffic load across priorities, but if a given priority level's availability is below the panic threshold, traffic will go to all (or no) hosts in that priority level regardless of their availability. The following examples explain the relationship between normalized total availability and panic threshold. It is assumed that the default value of 50% is used for the panic threshold. Assume a simple set-up with 2 priority levels, P=1 100% healthy. In this scenario normalized total health is always 100%, P=0 never enters panic mode, and Envoy is able to shift as much traffic as necessary to P=1. +-------------+------------+--------------+------------+--------------+--------------+ | P=0 healthy | Traffic | P=0 in panic | Traffic | P=1 in panic | normalized | | endpoints | to P=0 | | to P=1 | | total health | +=============+============+==============+============+==============+==============+ | 72% | 100% | NO | 0% | NO | 100% | +-------------+------------+--------------+------------+--------------+--------------+ | 71% | 99% | NO | 1% | NO | 100% | +-------------+------------+--------------+------------+--------------+--------------+ | 50% | 70% | NO | 30% | NO | 100% | +-------------+------------+--------------+------------+--------------+--------------+ | 25% | 35% | NO | 65% | NO | 100% | +-------------+------------+--------------+------------+--------------+--------------+ | 0% | 0% | NO | 100% | NO | 100% | +-------------+------------+--------------+------------+--------------+--------------+ If P=1 becomes unhealthy, panic threshold continues to be disregarded until the sum of the health P=0 + P=1 goes below 100%. At this point Envoy starts checking panic threshold value for each priority. +-------------+-------------+----------+--------------+----------+--------------+-------------+ | P=0 healthy | P=1 healthy | Traffic | P=0 in panic | Traffic | P=1 in panic | normalized | | endpoints | endpoints | to P=0 | | to P=1 | | total health| +=============+=============+==========+==============+==========+==============+=============+ | 72% | 72% | 100% | NO | 0% | NO | 100% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ | 71% | 71% | 99% | NO | 1% | NO | 100% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ | 50% | 60% | 70% | NO | 30% | NO | 100% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ | 25% | 100% | 35% | NO | 65% | NO | 100% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ | 25% | 25% | 50% | YES | 50% | YES | 70% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ | 5% | 65% | 7% | YES | 93% | NO | 98% | +-------------+-------------+----------+--------------+----------+--------------+-------------+ Panic mode can be disabled by setting the panic threshold to 0%. Load distribution is calculated as described above as long as there are priority levels not in panic mode. When all priority levels enter the panic mode, load calculation algorithm changes. In this case each priority level receives traffic relative to the number of hosts in that priority level in relation to the number of hosts in all priority levels. For example, if there are 2 priorities P=0 and P=1 and each of them consists of 5 hosts, each level will receive 50% of the traffic. If there are 2 hosts in priority P=0 and 8 hosts in priority P=1, priority P=0 will receive 20% of the traffic and priority P=1 will receive 80% of the traffic. However, if the panic threshold is 0% for any priority, that priority will never enter panic mode. In this case if all hosts are unhealthy, Envoy will fail to select a host and will instead immediately return error responses with "503 - no healthy upstream". Note that panic thresholds can be configured *per-priority*. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/priority.rst ================================================ .. _arch_overview_load_balancing_priority_levels: Priority levels ------------------ During load balancing, Envoy will generally only consider hosts configured at the highest priority level. For each EDS :ref:`LocalityLbEndpoints` an optional priority may also be specified. When endpoints at the highest priority level (P=0) are healthy, all traffic will land on endpoints in that priority level. As endpoints for the highest priority level become unhealthy, traffic will begin to trickle to lower priority levels. The system can be overprovisioned with a configurable :ref:`overprovisioning factor `, which currently defaults to 1.4 (this document will assume this value). If 80% of the endpoints in a priority level are healthy, that level is still considered fully healthy because 80*1.4 > 100. So, level 0 endpoints will continue to receive all traffic until less than ~71.4% of them are healthy. The priority level logic works with integer health scores. The health score of a level is (percent of healthy hosts in the level) * (overprovisioning factor), capped at 100%. P=0 endpoints receive (level 0's health score) percent of the traffic, with the rest flowing to P=1 (assuming P=1 is 100% healthy - more on that later). For instance, when 50% of P=0 endpoints are healthy, they will receive 50 * 1.4 = 70% of the traffic. The integer percents of traffic that each priority level receives are collectively called the system's "priority load". More examples (with 2 priority levels, P=1 100% healthy): +----------------------------+----------------+-----------------+ | P=0 healthy endpoints | Traffic to P=0 | Traffic to P=1 | +============================+================+=================+ | 100% | 100% | 0% | +----------------------------+----------------+-----------------+ | 72% | 100% | 0% | +----------------------------+----------------+-----------------+ | 71% | 99% | 1% | +----------------------------+----------------+-----------------+ | 50% | 70% | 30% | +----------------------------+----------------+-----------------+ | 25% | 35% | 65% | +----------------------------+----------------+-----------------+ | 0% | 0% | 100% | +----------------------------+----------------+-----------------+ .. attention:: In order for the load distribution algorithm and normalized total health calculation to work properly, each priority level must be able to handle (100% * overprovision factor) of the traffic: Envoy assumes a 100% healthy P=1 can take over entirely for an unhealthy P=0, etc. If P=0 has 10 hosts but P=1 only has 2 hosts, that assumption probably will not hold. The health score represents a level's current ability to handle traffic, after factoring in how overprovisioned the level originally was, and how many endpoints are currently unhealthy. Therefore, if the sum across all levels' health scores is < 100, then Envoy believes there are not enough healthy endpoints to fully handle the traffic. This sum is called the "normalized total health." When normalized total health drops below 100, traffic is distributed after normalizing the levels' health scores to that sub-100 total. E.g. healths of {20, 30} (yielding a normalized total health of 50) would be normalized, and result in a priority load of {40%, 60%} of traffic. +------------------------+-------------------------+-----------------+----------------+ | P=0 healthy endpoints | P=1 healthy endpoints | Traffic to P=0 | Traffic to P=1 | +========================+=========================+=================+================+ | 100% | 100% | 100% | 0% | +------------------------+-------------------------+-----------------+----------------+ | 72% | 72% | 100% | 0% | +------------------------+-------------------------+-----------------+----------------+ | 71% | 71% | 99% | 1% | +------------------------+-------------------------+-----------------+----------------+ | 50% | 50% | 70% | 30% | +------------------------+-------------------------+-----------------+----------------+ | 25% | 100% | 35% | 65% | +------------------------+-------------------------+-----------------+----------------+ | 25% | 25% | 50% | 50% | +------------------------+-------------------------+-----------------+----------------+ As more priorities are added, each level consumes load equal to its normalized effective health, unless the healths of the levels above it sum to 100%, in which case it receives no load. +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | P=0 healthy endpoints | P=1 healthy endpoints | P=2 healthy endpoints | Traffic to P=0 | Traffic to P=1 | Traffic to P=2 | +=======================+=======================+=======================+================+================+================+ | 100% | 100% | 100% | 100% | 0% | 0% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 72% | 72% | 100% | 100% | 0% | 0% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 71% | 71% | 100% | 99% | 1% | 0% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 50% | 50% | 100% | 70% | 30% | 0% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 25% | 100% | 100% | 35% | 65% | 0% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 25% | 25% | 100% | 35% | 35% | 30% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ | 25% | 25% | 20% | 36% | 36% | 28% | +-----------------------+-----------------------+-----------------------+----------------+----------------+----------------+ To sum this up in pseudo algorithms: :: health(P_X) = min(100, 1.4 * 100 * healthy_P_X_backends / total_P_X_backends) normalized_total_health = min(100, Σ(health(P_0)...health(P_X))) priority_load(P_0) = min(100, health(P_0) * 100 / normalized_total_health) priority_load(P_X) = min(100 - Σ(priority_load(P_0)..priority_load(P_X-1)), health(P_X) * 100 / normalized_total_health) Note: This sectioned talked about healthy priorities, but this also extends to :ref:`degraded priorities `. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/subsets.rst ================================================ .. _arch_overview_load_balancer_subsets: Load Balancer Subsets --------------------- Envoy may be configured to divide hosts within an upstream cluster into subsets based on metadata attached to the hosts. Routes may then specify the metadata that a host must match in order to be selected by the load balancer, with the option of falling back to a predefined set of hosts, including any host. Subsets use the load balancer policy specified by the cluster. The original destination policy may not be used with subsets because the upstream hosts are not known in advance. Subsets are compatible with zone aware routing, but be aware that the use of subsets may easily violate the minimum hosts condition described above. If subsets are :ref:`configured ` and a route specifies no metadata or no subset matching the metadata exists, the subset load balancer initiates its fallback policy. The default policy is ``NO_FALLBACK``, in which case the request fails as if the cluster had no hosts. Conversely, the ``ANY_ENDPOINT`` fallback policy load balances across all hosts in the cluster, without regard to host metadata. Finally, the ``DEFAULT_SUBSET`` causes fallback to load balance among hosts that match a specific set of metadata. It is possible to override fallback policy for specific subset selector. Subsets must be predefined to allow the subset load balancer to efficiently select the correct subset of hosts. Each definition is a set of keys, which translates to zero or more subsets. Conceptually, each host that has a metadata value for all of the keys in a definition is added to a subset specific to its key-value pairs. If no host has all the keys, no subsets result from the definition. Multiple definitions may be provided, and a single host may appear in multiple subsets if it matches multiple definitions. During routing, the route's metadata match configuration is used to find a specific subset. If there is a subset with the exact keys and values specified by the route, the subset is used for load balancing. Otherwise, the fallback policy is used. The cluster's subset configuration must, therefore, contain a definition that has the same keys as a given route in order for subset load balancing to occur. Subsets can be configured with only a single host in each subset, which can be used in use cases similar to :ref:`Maglev ` or :ref:`ring hash `, such as load balancing based on a cookie, but when it is important to select the same host even after new hosts are added to the cluster. Endpoint configuration changes may use less CPU if :ref:`single_host_per_subset ` is enabled. Host metadata is only supported when hosts are defined using :ref:`ClusterLoadAssignments `. ClusterLoadAssignments are available via EDS or the Cluster :ref:`load_assignment ` field. Host metadata for subset load balancing must be placed under the filter name ``"envoy.lb"``. Similarly, route metadata match criteria use ``"envoy.lb"`` filter name. Host metadata may be hierarchical (e.g., the value for a top-level key may be a structured value or list), but the subset load balancer only compares top-level keys and values. Therefore when using structured values, a route's match criteria will only match if an identical structured value appears in the host's metadata. Finally, note that subset load balancing is not available for the :ref:`CLUSTER_PROVIDED ` load balancer policies. Examples ^^^^^^^^ We'll use simple metadata where all values are strings. Assume the following hosts are defined and associated with a cluster: ====== ====================== Host Metadata ====== ====================== host1 v: 1.0, stage: prod host2 v: 1.0, stage: prod host3 v: 1.1, stage: canary host4 v: 1.2-pre, stage: dev ====== ====================== The cluster may enable subset load balancing like this: :: --- name: cluster-name type: EDS eds_cluster_config: eds_config: path: '.../eds.conf' connect_timeout: seconds: 10 lb_policy: LEAST_REQUEST lb_subset_config: fallback_policy: DEFAULT_SUBSET default_subset: stage: prod subset_selectors: - keys: - v - stage - keys: - stage fallback_policy: NO_FALLBACK The following table describes some routes and the result of their application to the cluster. Typically the match criteria would be used with routes matching specific aspects of the request, such as the path or header information. ====================== ============= ====================================================================== Match Criteria Balances Over Reason ====================== ============= ====================================================================== stage: canary host3 Subset of hosts selected v: 1.2-pre, stage: dev host4 Subset of hosts selected v: 1.0 host1, host2 Fallback: No subset selector for "v" alone other: x host1, host2 Fallback: No subset selector for "other" (none) host1, host2 Fallback: No subset requested stage: test empty cluster As fallback policy is overridden per selector with "NO_FALLBACK" value ====================== ============= ====================================================================== Metadata match criteria may also be specified on a route's weighted clusters. Metadata match criteria from the selected weighted cluster are merged with and override the criteria from the route: ==================== =============================== ==================== Route Match Criteria Weighted Cluster Match Criteria Final Match Criteria ==================== =============================== ==================== stage: canary stage: prod stage: prod v: 1.0 stage: prod v: 1.0, stage: prod v: 1.0, stage: prod stage: canary v: 1.0, stage: canary v: 1.0, stage: prod v: 1.1, stage: canary v: 1.1, stage: canary (none) v: 1.0 v: 1.0 v: 1.0 (none) v: 1.0 ==================== =============================== ==================== Example Host With Metadata ************************** An EDS ``LbEndpoint`` with host metadata: :: --- endpoint: address: socket_address: protocol: TCP address: 127.0.0.1 port_value: 8888 metadata: filter_metadata: envoy.lb: version: '1.0' stage: 'prod' Example Route With Metadata Criteria ************************************ An RDS ``Route`` with metadata match criteria: :: --- match: prefix: / route: cluster: cluster-name metadata_match: filter_metadata: envoy.lb: version: '1.0' stage: 'prod' ================================================ FILE: docs/root/intro/arch_overview/upstream/load_balancing/zone_aware.rst ================================================ .. _arch_overview_load_balancing_zone_aware_routing: Zone aware routing ------------------ We use the following terminology: * **Originating/Upstream cluster**: Envoy routes requests from an originating cluster to an upstream cluster. * **Local zone**: The same zone that contains a subset of hosts in both the originating and upstream clusters. * **Zone aware routing**: Best effort routing of requests to an upstream cluster host in the local zone. In deployments where hosts in originating and upstream clusters belong to different zones Envoy performs zone aware routing. There are several preconditions before zone aware routing can be performed: .. _arch_overview_load_balancing_zone_aware_routing_preconditions: * Both originating and upstream cluster are not in :ref:`panic mode `. * Zone aware :ref:`routing is enabled `. * The originating cluster has the same number of zones as the upstream cluster. * The upstream cluster has enough hosts. See :ref:`here ` for more information. The purpose of zone aware routing is to send as much traffic to the local zone in the upstream cluster as possible while roughly maintaining the same number of requests per second across all upstream hosts (depending on load balancing policy). Envoy tries to push as much traffic as possible to the local upstream zone as long as roughly the same number of requests per host in the upstream cluster are maintained. The decision of whether Envoy routes to the local zone or performs cross zone routing depends on the percentage of healthy hosts in the originating cluster and upstream cluster in the local zone. There are two cases with regard to percentage relations in the local zone between originating and upstream clusters: * The originating cluster local zone percentage is greater than the one in the upstream cluster. In this case we cannot route all requests from the local zone of the originating cluster to the local zone of the upstream cluster because that will lead to request imbalance across all upstream hosts. Instead, Envoy calculates the percentage of requests that can be routed directly to the local zone of the upstream cluster. The rest of the requests are routed cross zone. The specific zone is selected based on the residual capacity of the zone (that zone will get some local zone traffic and may have additional capacity Envoy can use for cross zone traffic). * The originating cluster local zone percentage is smaller than the one in upstream cluster. In this case the local zone of the upstream cluster can get all of the requests from the local zone of the originating cluster and also have some space to allow traffic from other zones in the originating cluster (if needed). Note that when using multiple priorities, zone aware routing is currently only supported for P=0. ================================================ FILE: docs/root/intro/arch_overview/upstream/load_reporting_service.rst ================================================ .. _arch_overview_load_reporting_service: Load Reporting Service (LRS) ============================ The Load Reporting Service provides a mechanism by which Envoy can emit Load Reports to a management server at a regular cadence. This will initiate a bi-directional stream with a management server. Upon connecting, the management server can send a :ref:`LoadStatsResponse ` to a node it is interested in getting the load reports for. Envoy in this node will start sending :ref:`LoadStatsRequest `. This is done periodically based on the :ref:`load reporting interval ` Envoy config with LRS can be found at :repo:`/examples/load-reporting-service/service-envoy-w-lrs.yaml`. ================================================ FILE: docs/root/intro/arch_overview/upstream/outlier.rst ================================================ .. _arch_overview_outlier_detection: Outlier detection ================= Outlier detection and ejection is the process of dynamically determining whether some number of hosts in an upstream cluster are performing unlike the others and removing them from the healthy :ref:`load balancing ` set. Performance might be along different axes such as consecutive failures, temporal success rate, temporal latency, etc. Outlier detection is a form of *passive* health checking. Envoy also supports :ref:`active health checking `. *Passive* and *active* health checking can be enabled together or independently, and form the basis for an overall upstream health checking solution. Outlier detection is part of the :ref:`cluster configuration ` and it needs filters to report errors, timeouts, and resets. Currently, the following filters support outlier detection: :ref:`http router `, :ref:`tcp proxy ` and :ref:`redis proxy `. Detected errors fall into two categories: externally and locally originated errors. Externally generated errors are transaction specific and occur on the upstream server in response to the received request. For example, an HTTP server returning error code 500 or a redis server returning a payload which cannot be decoded. Those errors are generated on the upstream host after Envoy has connected to it successfully. Locally originated errors are generated by Envoy in response to an event which interrupted or prevented communication with the upstream host. Examples of locally originated errors are timeout, TCP reset, inability to connect to a specified port, etc. The type of detected errors depends on the filter type. The :ref:`http router ` filter, for example, detects locally originated errors (timeouts, resets - errors related to connection to upstream host) and because it also understands the HTTP protocol it reports errors returned by the HTTP server (externally generated errors). In such a scenario, even when the connection to the upstream HTTP server is successful, the transaction with the server may fail. By contrast, the :ref:`tcp proxy ` filter does not understand any protocol above the TCP layer and reports only locally originated errors. Under the default configuration (:ref:`outlier_detection.split_external_local_origin_errors` is *false*) locally originated errors are not distinguished from externally generated (transaction) errors, all end up in the same bucket, and are compared against the :ref:`outlier_detection.consecutive_5xx`, :ref:`outlier_detection.consecutive_gateway_failure` and :ref:`outlier_detection.success_rate_stdev_factor` configuration items. For example, if connection to an upstream HTTP server fails twice because of timeout and then, after successful connection establishment, the server returns error code 500 then the total error count will be 3. Outlier detection may also be configured to distinguish locally originated errors from externally originated (transaction) errors. It is done via the :ref:`outlier_detection.split_external_local_origin_errors` configuration item. In that mode locally originated errors are tracked by separate counters than externally originated (transaction) errors and the outlier detector may be configured to react to locally originated errors and ignore externally originated errors or vice-versa. It is important to understand that a cluster may be shared among several filter chains. If one filter chain ejects a host based on its outlier detection type, other filter chains will be also affected even though their outlier detection type would not have ejected that host. Ejection algorithm ------------------ Depending on the type of outlier detection, ejection either runs inline (for example in the case of consecutive 5xx) or at a specified interval (for example in the case of periodic success rate). The ejection algorithm works as follows: #. A host is determined to be an outlier. #. If no hosts have been ejected, Envoy will eject the host immediately. Otherwise, it checks to make sure the number of ejected hosts is below the allowed threshold (specified via the :ref:`outlier_detection.max_ejection_percent` setting). If the number of ejected hosts is above the threshold, the host is not ejected. #. The host is ejected for some number of milliseconds. Ejection means that the host is marked unhealthy and will not be used during load balancing unless the load balancer is in a :ref:`panic ` scenario. The number of milliseconds is equal to the :ref:`outlier_detection.base_ejection_time_ms ` value multiplied by the number of times the host has been ejected. This causes hosts to get ejected for longer and longer periods if they continue to fail. #. An ejected host will automatically be brought back into service after the ejection time has been satisfied. Generally, outlier detection is used alongside :ref:`active health checking ` for a comprehensive health checking solution. Detection types --------------- Envoy supports the following outlier detection types: Consecutive 5xx ^^^^^^^^^^^^^^^ In the default mode (:ref:`outlier_detection.split_external_local_origin_errors` is *false*) this detection type takes into account all generated errors: locally originated and externally originated (transaction) errors. Errors generated by non-HTTP filters, like :ref:`tcp proxy ` or :ref:`redis proxy ` are internally mapped to HTTP 5xx codes and treated as such. In split mode (:ref:`outlier_detection.split_external_local_origin_errors` is *true*) this detection type takes into account only externally originated (transaction) errors, ignoring locally originated errors. If an upstream host is an HTTP-server, only 5xx types of error are taken into account (see :ref:`Consecutive Gateway Failure` for exceptions). For redis servers, served via :ref:`redis proxy ` only malformed responses from the server are taken into account. Properly formatted responses, even when they carry an operational error (like index not found, access denied) are not taken into account. If an upstream host returns some number of errors which are treated as consecutive 5xx type errors, it will be ejected. The number of consecutive 5xx required for ejection is controlled by the :ref:`outlier_detection.consecutive_5xx` value. .. _consecutive_gateway_failure: Consecutive Gateway Failure ^^^^^^^^^^^^^^^^^^^^^^^^^^^ This detection type takes into account a subset of 5xx errors, called "gateway errors" (502, 503 or 504 status code) and is supported only by the :ref:`http router `. If an upstream host returns some number of consecutive "gateway errors" (502, 503 or 504 status code), it will be ejected. The number of consecutive gateway failures required for ejection is controlled by the :ref:`outlier_detection.consecutive_gateway_failure ` value. Consecutive Local Origin Failure ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This detection type is enabled only when :ref:`outlier_detection.split_external_local_origin_errors` is *true* and takes into account only locally originated errors (timeout, reset, etc). If Envoy repeatedly cannot connect to an upstream host or communication with the upstream host is repeatedly interrupted, it will be ejected. Various locally originated problems are detected: timeout, TCP reset, ICMP errors, etc. The number of consecutive locally originated failures required for ejection is controlled by the :ref:`outlier_detection.consecutive_local_origin_failure ` value. This detection type is supported by :ref:`http router `, :ref:`tcp proxy ` and :ref:`redis proxy `. Success Rate ^^^^^^^^^^^^ Success Rate based outlier detection aggregates success rate data from every host in a cluster. Then at given intervals ejects hosts based on statistical outlier detection. Success Rate outlier detection will not be calculated for a host if its request volume over the aggregation interval is less than the :ref:`outlier_detection.success_rate_request_volume` value. Moreover, detection will not be performed for a cluster if the number of hosts with the minimum required request volume in an interval is less than the :ref:`outlier_detection.success_rate_minimum_hosts` value. In the default configuration mode (:ref:`outlier_detection.split_external_local_origin_errors` is *false*) this detection type takes into account all types of errors: locally and externally originated. The :ref:`outlier_detection.enforcing_local_origin_success` config item is ignored. In split mode (:ref:`outlier_detection.split_external_local_origin_errors` is *true*), locally originated errors and externally originated (transaction) errors are counted and treated separately. Most configuration items, namely :ref:`outlier_detection.success_rate_minimum_hosts`, :ref:`outlier_detection.success_rate_request_volume`, :ref:`outlier_detection.success_rate_stdev_factor` apply to both types of errors, but :ref:`outlier_detection.enforcing_success_rate` applies to externally originated errors only and :ref:`outlier_detection.enforcing_local_origin_success_rate` applies to locally originated errors only. .. _arch_overview_outlier_detection_failure_percentage: Failure Percentage ^^^^^^^^^^^^^^^^^^ Failure Percentage based outlier detection functions similarly to success rate detection, in that it relies on success rate data from each host in a cluster. However, rather than compare those values to the mean success rate of the cluster as a whole, they are compared to a flat user-configured threshold. This threshold is configured via the :ref:`outlier_detection.failure_percentage_threshold` field. The other configuration fields for failure percentage based detection are similar to the fields for success rate detection. Failure percentage based detection also obeys :ref:`outlier_detection.split_external_local_origin_errors`; the enforcement percentages for externally- and locally-originated errors are controlled by :ref:`outlier_detection.enforcing_failure_percentage` and :ref:`outlier_detection.enforcing_failure_percentage_local_origin`, respectively. As with success rate detection, detection will not be performed for a host if its request volume over the aggregation interval is less than the :ref:`outlier_detection.failure_percentage_request_volume` value. Detection also will not be performed for a cluster if the number of hosts with the minimum required request volume in an interval is less than the :ref:`outlier_detection.failure_percentage_minimum_hosts` value. .. _arch_overview_outlier_detection_grpc: gRPC ---------------------- For gRPC requests, the outlier detection will use the HTTP status mapped from the `grpc-status `_ response header. .. _arch_overview_outlier_detection_logging: Ejection event logging ---------------------- A log of outlier ejection events can optionally be produced by Envoy. This is extremely useful during daily operations since global stats do not provide enough information on which hosts are being ejected and for what reasons. The log is structured as protobuf-based dumps of :ref:`OutlierDetectionEvent messages `. Ejection event logging is configured in the Cluster manager :ref:`outlier detection configuration `. Configuration reference ----------------------- * Cluster manager :ref:`global configuration ` * Per cluster :ref:`configuration ` * Runtime :ref:`settings ` * Statistics :ref:`reference ` ================================================ FILE: docs/root/intro/arch_overview/upstream/service_discovery.rst ================================================ .. _arch_overview_service_discovery: Service discovery ================= When an upstream cluster is defined in the :ref:`configuration `, Envoy needs to know how to resolve the members of the cluster. This is known as *service discovery*. .. _arch_overview_service_discovery_types: Supported service discovery types --------------------------------- .. _arch_overview_service_discovery_types_static: Static ^^^^^^ Static is the simplest service discovery type. The configuration explicitly specifies the resolved network name (IP address/port, unix domain socket, etc.) of each upstream host. .. _arch_overview_service_discovery_types_strict_dns: Strict DNS ^^^^^^^^^^ When using strict DNS service discovery, Envoy will continuously and asynchronously resolve the specified DNS targets. Each returned IP address in the DNS result will be considered an explicit host in the upstream cluster. This means that if the query returns three IP addresses, Envoy will assume the cluster has three hosts, and all three should be load balanced to. If a host is removed from the result Envoy assumes it no longer exists and will drain traffic from any existing connection pools. Consequently, if a successful DNS resolution returns 0 hosts, Envoy will assume that the cluster does not have any hosts. Note that Envoy never synchronously resolves DNS in the forwarding path. At the expense of eventual consistency, there is never a worry of blocking on a long running DNS query. If a single DNS name resolves to the same IP multiple times, these IPs will be de-duplicated. If multiple DNS names resolve to the same IP, health checking will *not* be shared. This means that care should be taken if active health checking is used with DNS names that resolve to the same IPs: if an IP is repeated many times between DNS names it might cause undue load on the upstream host. If :ref:`respect_dns_ttl ` is enabled, DNS record TTLs and :ref:`dns_refresh_rate ` are used to control DNS refresh rate. For strict DNS cluster, if the minimum of all record TTLs is 0, :ref:`dns_refresh_rate ` will be used as the cluster's DNS refresh rate. :ref:`dns_refresh_rate ` defaults to 5000ms if not specified. The :ref:`dns_failure_refresh_rate ` controls the refresh frequency during failures, and, if not configured, the DNS refresh rate will be used. DNS resolving emits :ref:`cluster statistics ` fields *update_attempt*, *update_success* and *update_failure*. .. _arch_overview_service_discovery_types_logical_dns: Logical DNS ^^^^^^^^^^^ Logical DNS uses a similar asynchronous resolution mechanism to strict DNS. However, instead of strictly taking the results of the DNS query and assuming that they comprise the entire upstream cluster, a logical DNS cluster only uses the first IP address returned *when a new connection needs to be initiated*. Thus, a single logical connection pool may contain physical connections to a variety of different upstream hosts. Connections are never drained, including on a successful DNS resolution that returns 0 hosts. This service discovery type is optimal for large scale web services that must be accessed via DNS. Such services typically use round robin DNS to return many different IP addresses. Typically a different result is returned for each query. If strict DNS were used in this scenario, Envoy would assume that the cluster’s members were changing during every resolution interval which would lead to draining connection pools, connection cycling, etc. Instead, with logical DNS, connections stay alive until they get cycled. When interacting with large scale web services, this is the best of all possible worlds: asynchronous/eventually consistent DNS resolution, long lived connections, and zero blocking in the forwarding path. If :ref:`respect_dns_ttl ` is enabled, DNS record TTLs and :ref:`dns_refresh_rate ` are used to control DNS refresh rate. For logical DNS cluster, if the TTL of first record is 0, :ref:`dns_refresh_rate ` will be used as the cluster's DNS refresh rate. :ref:`dns_refresh_rate ` defaults to 5000ms if not specified. The :ref:`dns_failure_refresh_rate ` controls the refresh frequency during failures, and, if not configured, the DNS refresh rate will be used. DNS resolving emits :ref:`cluster statistics ` fields *update_attempt*, *update_success* and *update_failure*. .. _arch_overview_service_discovery_types_original_destination: Original destination ^^^^^^^^^^^^^^^^^^^^ Original destination cluster can be used when incoming connections are redirected to Envoy either via an iptables REDIRECT or TPROXY target or with Proxy Protocol. In these cases requests routed to an original destination cluster are forwarded to upstream hosts as addressed by the redirection metadata, without any explicit host configuration or upstream host discovery. Connections to upstream hosts are pooled and unused hosts are flushed out when they have been idle longer than :ref:`cleanup_interval `, which defaults to 5000ms. If the original destination address is not available, no upstream connection is opened. Envoy can also pickup the original destination from a :ref:`HTTP header `. Original destination service discovery must be used with the original destination :ref:`load balancer `. .. _arch_overview_service_discovery_types_eds: Endpoint discovery service (EDS) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The *endpoint discovery service* is a :ref:`xDS management server based on gRPC or REST-JSON API server ` used by Envoy to fetch cluster members. The cluster members are called "endpoint" in Envoy terminology. For each cluster, Envoy fetch the endpoints from the discovery service. EDS is the preferred service discovery mechanism for a few reasons: * Envoy has explicit knowledge of each upstream host (vs. routing through a DNS resolved load balancer) and can make more intelligent load balancing decisions. * Extra attributes carried in the discovery API response for each host inform Envoy of the host’s load balancing weight, canary status, zone, etc. These additional attributes are used globally by the Envoy mesh during load balancing, statistic gathering, etc. The Envoy project provides reference gRPC implementations of EDS and :ref:`other discovery services ` in both `Java `_ and `Go `_. .. _arch_overview_service_discovery_types_custom: Custom cluster ^^^^^^^^^^^^^^ Envoy also supports custom cluster discovery mechanism. Custom clusters are specified using :ref:`cluster_type field ` on the cluster configuration. Generally active health checking is used in conjunction with the eventually consistent service discovery service data to making load balancing and routing decisions. This is discussed further in the following section. .. _arch_overview_service_discovery_eventually_consistent: On eventually consistent service discovery ------------------------------------------ Many existing RPC systems treat service discovery as a fully consistent process. To this end, they use fully consistent leader election backing stores such as Zookeeper, etcd, Consul, etc. Our experience has been that operating these backing stores at scale is painful. Envoy was designed from the beginning with the idea that service discovery does not require full consistency. Instead, Envoy assumes that hosts come and go from the mesh in an eventually consistent way. Our recommended way of deploying a service to service Envoy mesh configuration uses eventually consistent service discovery along with :ref:`active health checking ` (Envoy explicitly health checking upstream cluster members) to determine cluster health. This paradigm has a number of benefits: * All health decisions are fully distributed. Thus, network partitions are gracefully handled (whether the application gracefully handles the partition is a different story). * When health checking is configured for an upstream cluster, Envoy uses a 2x2 matrix to determine whether to route to a host: .. csv-table:: :header: Discovery Status, Health Check OK, Health Check Failed :widths: 1, 1, 2 Discovered, Route, Don't Route Absent, Route, Don't Route / Delete Host discovered / health check OK Envoy **will route** to the target host. Host absent / health check OK: Envoy **will route** to the target host. This is very important since the design assumes that the discovery service can fail at any time. If a host continues to pass health check even after becoming absent from the discovery data, Envoy will still route. Although it would be impossible to add new hosts in this scenario, existing hosts will continue to operate normally. When the discovery service is operating normally again the data will eventually re-converge. Host discovered / health check FAIL Envoy **will not route** to the target host. Health check data is assumed to be more accurate than discovery data. Host absent / health check FAIL Envoy **will not route and will delete** the target host. This is the only state in which Envoy will purge host data. ================================================ FILE: docs/root/intro/arch_overview/upstream/upstream.rst ================================================ Upstream clusters ================= .. toctree:: :maxdepth: 2 cluster_manager service_discovery health_checking connection_pooling load_balancing/load_balancing aggregate_cluster outlier circuit_breaking upstream_filters load_reporting_service ================================================ FILE: docs/root/intro/arch_overview/upstream/upstream_filters.rst ================================================ .. _arch_overview_upstream_filters: Upstream network filters ======================== Upstream clusters provide an ability to inject network level (L3/L4) filters. It should be noted that a network filter needs to be registered in code as an upstream filter before usage. Currently, there are no upstream filters available in Envoy out of the box. The filters apply to the connection to the upstream hosts, using the same API presented by listeners for the downstream connections. The write-callbacks are invoked for any chunk of data sent to the upstream host, and the read-callbacks are invoked for data received from the upstream host. ================================================ FILE: docs/root/intro/deployment_types/deployment_types.rst ================================================ Deployment types ================ Envoy is usable in a variety of different scenarios, however it's most useful when deployed as a *mesh* across all hosts in an infrastructure. This section describes three recommended deployment types in increasing order of complexity. .. toctree:: service_to_service front_proxy double_proxy ================================================ FILE: docs/root/intro/deployment_types/double_proxy.rst ================================================ .. _deployment_type_double_proxy: Service to service, front proxy, and double proxy ------------------------------------------------- .. image:: /_static/double_proxy.svg :width: 70% The above diagram shows the :ref:`front proxy ` configuration alongside another Envoy cluster running as a *double proxy*. The idea behind the double proxy is that it is more efficient to terminate TLS and client connections as close as possible to the user (shorter round trip times for the TLS handshake, faster TCP CWND expansion, less chance for packet loss, etc.). Connections that terminate in the double proxy are then multiplexed onto long lived HTTP/2 connections running in the main data center. In the above diagram, the front Envoy proxy running in region 1 authenticates itself with the front Envoy proxy running in region 2 via TLS mutual authentication and pinned certificates. This allows the front Envoy instances running in region 2 to trust elements of the incoming requests that ordinarily would not be trustable (such as the x-forwarded-for HTTP header). Configuration template ^^^^^^^^^^^^^^^^^^^^^^ The source distribution includes an example double proxy configuration that is very similar to the version that Lyft runs in production. See :ref:`here ` for more information. ================================================ FILE: docs/root/intro/deployment_types/front_proxy.rst ================================================ .. _deployment_type_front_proxy: Service to service plus front proxy ----------------------------------- .. image:: /_static/front_proxy.svg The above diagram shows the :ref:`service to service ` configuration sitting behind an Envoy cluster used as an HTTP L7 edge reverse proxy. The reverse proxy provides the following features: * Terminates TLS. * Supports both HTTP/1.1 and HTTP/2. * Full HTTP L7 routing support. * Talks to the service to service Envoy clusters via the standard :ref:`ingress port ` and using the discovery service for host lookup. Thus, the front Envoy hosts work identically to any other Envoy host, other than the fact that they do not run collocated with another service. This means that are operated in the same way and emit the same statistics. Configuration template ^^^^^^^^^^^^^^^^^^^^^^ The source distribution includes an example front proxy configuration that is very similar to the version that Lyft runs in production. See :ref:`here ` for more information. ================================================ FILE: docs/root/intro/deployment_types/service_to_service.rst ================================================ .. _deployment_type_service_to_service: Service to service only ----------------------- .. image:: /_static/service_to_service.svg :width: 60% The above diagram shows the simplest Envoy deployment which uses Envoy as a communication bus for all traffic internal to a service oriented architecture (SOA). In this scenario, Envoy exposes several listeners that are used for local origin traffic as well as service-to-service traffic. Service to service egress listener ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This is the port used by applications to talk to other services in the infrastructure. For example, *http://localhost:9001*. HTTP and gRPC requests use the HTTP/1.1 *host* header or the HTTP/2 *:authority* header to indicate which remote cluster the request is destined for. Envoy handles service discovery, load balancing, rate limiting, etc. depending on the details in the configuration. Services only need to know about the local Envoy and do not need to concern themselves with network topology, whether they are running in development or production, etc. This listener supports both HTTP/1.1 or HTTP/2 depending on the capabilities of the application. .. image:: /_static/service_to_service_egress_listener.svg :width: 40% .. _deployment_type_service_to_service_ingress: Service to service ingress listener ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This is the port used by remote Envoys when they want to talk to the local Envoy. For example, *http://servicename:9211*. Envoy routes incoming requests to the local service on the configured port(s). Multiple application ports may be involved depending on application or load balancing needs (for example if the service needs both an HTTP port and a gRPC port). The local Envoy performs buffering, circuit breaking, etc. as needed. Our default configurations use HTTP/2 for all Envoy to Envoy communication, regardless of whether the application uses HTTP/1.1 or HTTP/2 when egressing out of a local Envoy. HTTP/2 provides better performance via long lived connections and explicit reset notifications. .. image:: /_static/service_to_service_ingress_listener.svg :width: 55% Optional external service egress listeners ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Generally, an explicit egress port is used for each external service that a local service wants to talk to. This is done because some external service SDKs do not easily support overriding the *host* header to allow for standard HTTP reverse proxy behavior. For example, *http://localhost:9250* might be allocated for connections destined for DynamoDB. Instead of using *host* routing for some external services and dedicated local port routing for others, we recommend being consistent and using local port routing for all external services. Discovery service integration ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The recommended service-to-service configuration uses an external discovery service for all cluster lookups. This provides Envoy with the most detailed information possible for use when performing load balancing, statistics gathering, etc. Configuration template ^^^^^^^^^^^^^^^^^^^^^^ The source distribution includes :ref:`an example service-to-service configuration` that is very similar to the version that Lyft runs in production. ================================================ FILE: docs/root/intro/deprecated.rst ================================================ Deprecated ========== The deprecations for each version have moved :ref:`here `. .. This page only exists because previous versions of Envoy link here. ================================================ FILE: docs/root/intro/getting_help.rst ================================================ .. _getting_help: Getting help ============ We are very interested in building a community around Envoy. Please reach out to us if you are interested in using it and need help or want to contribute. Please see `contact info `_. Reporting security vulnerabilities ---------------------------------- Please see `security contact info `_. ================================================ FILE: docs/root/intro/intro.rst ================================================ .. _intro: Introduction ============ .. toctree:: :maxdepth: 2 what_is_envoy arch_overview/arch_overview life_of_a_request deployment_types/deployment_types getting_help .. These pages are only here for redirects from log lines from shipping versions of Envoy, so hide them. .. toctree:: :hidden: version_history deprecated ================================================ FILE: docs/root/intro/life_of_a_request.rst ================================================ .. _life_of_a_request: Life of a Request ================= Below we describe the events in the life of a request passing through an Envoy proxy. We first describe how Envoy fits into the request path for a request and then the internal events that take place following the arrival of a request at the Envoy proxy from downstream. We follow the request until the corresponding dispatch upstream and the response path. Terminology ----------- Envoy uses the following terms through its codebase and documentation: * *Cluster*: a logical service with a set of endpoints that Envoy forwards requests to. * *Downstream*: an entity connecting to Envoy. This may be a local application (in a sidecar model) or a network node. In non-sidecar models, this is a remote client. * *Endpoints*: network nodes that implement a logical service. They are grouped into clusters. Endpoints in a cluster are *upstream* of an Envoy proxy. * *Filter*: a module in the connection or request processing pipeline providing some aspect of request handling. An analogy from Unix is the composition of small utilities (filters) with Unix pipes (filter chains). * *Filter chain*: a series of filters. * *Listeners*: Envoy module responsible for binding to an IP/port, accepting new TCP connections (or UDP datagrams) and orchestrating the downstream facing aspects of request processing. * *Upstream*: an endpoint (network node) that Envoy connects to when forwarding requests for a service. This may be a local application (in a sidecar model) or a network node. In non-sidecar models, this corresponds with a remote backend. Network topology ---------------- How a request flows through the components in a network (including Envoy) depends on the network’s topology. Envoy can be used in a wide variety of networking topologies. We focus on the inner operation of Envoy below, but briefly we address how Envoy relates to the rest of the network in this section. Envoy originated as a `service mesh `_ sidecar proxy, factoring out load balancing, routing, observability, security and discovery services from applications. In the service mesh model, requests flow through Envoys as a gateway to the network. Requests arrive at an Envoy via either ingress or egress listeners: * Ingress listeners take requests from other nodes in the service mesh and forward them to the local application. Responses from the local application flow back through Envoy to the downstream. * Egress listeners take requests from the local application and forward them to other nodes in the network. These receiving nodes will also be typically running Envoy and accepting the request via their ingress listeners. .. image:: /_static/lor-topology-service-mesh.svg :width: 80% :align: center .. image:: /_static/lor-topology-service-mesh-node.svg :width: 40% :align: center Envoy is used in a variety of configurations beyond the service mesh. For example, it can also act as an internal load balancer: .. image:: /_static/lor-topology-ilb.svg :width: 65% :align: center Or as an ingress/egress proxy on the network edge: .. image:: /_static/lor-topology-edge.svg :width: 90% :align: center In practice, a hybrid of these is often used, where Envoy features in a service mesh, on the edge and as an internal load balancer. A request path may traverse multiple Envoys. .. image:: /_static/lor-topology-hybrid.svg :width: 90% :align: center Envoy may be configured in multi-tier topologies for scalability and reliability, with a request first passing through an edge Envoy prior to passing through a second Envoy tier: .. image:: /_static/lor-topology-tiered.svg :width: 80% :align: center In all the above cases, a request will arrive at a specific Envoy via TCP, UDP or Unix domain sockets from downstream. Envoy will forward requests upstream via TCP, UDP or Unix domain sockets. We focus on a single Envoy proxy below. Configuration ------------- Envoy is a very extensible platform. This results in a combinatorial explosion of possible request paths, depending on: * L3/4 protocol, e.g. TCP, UDP, Unix domain sockets. * L7 protocol, e.g. HTTP/1, HTTP/2, HTTP/3, gRPC, Thrift, Dubbo, Kafka, Redis and various databases. * Transport socket, e.g. plain text, TLS, ALTS. * Connection routing, e.g. PROXY protocol, original destination, dynamic forwarding. * Authentication and authorization. * Circuit breakers and outlier detection configuration and activation state. * Many other configurations for networking, HTTP, listener, access logging, health checking, tracing and stats extensions. It's helpful to focus on one at a time, so this example covers the following: * An HTTP/2 request with :ref:`TLS ` over a TCP connection for both downstream and upstream. * The :ref:`HTTP connection manager ` as the only :ref:`network filter `. * A hypothetical CustomFilter and the `router ` filter as the :ref:`HTTP filter ` chain. * :ref:`Filesystem access logging `. * :ref:`Statsd sink `. * A single :ref:`cluster ` with static endpoints. We assume a static bootstrap configuration file for simplicity: .. literalinclude:: _include/life-of-a-request.yaml :language: yaml High level architecture ----------------------- The request processing path in Envoy has two main parts: * :ref:`Listener subsystem ` which handles **downstream** request processing. It is also responsible for managing the downstream request lifecycle and for the response path to the client. The downstream HTTP/2 codec lives here. * :ref:`Cluster subsystem ` which is responsible for selecting and configuring the **upstream** connection to an endpoint. This is where knowledge of cluster and endpoint health, load balancing and connection pooling exists. The upstream HTTP/2 codec lives here. The two subsystems are bridged with the HTTP router filter, which forwards the HTTP request from downstream to upstream. .. image:: /_static/lor-architecture.svg :width: 80% :align: center We use the terms :ref:`listener subsystem ` and :ref:`cluster subsystem ` above to refer to the group of modules and instance classes that are created by the top level `ListenerManager` and `ClusterManager` classes. There are many components that we discuss below that are instantiated before and during the course of a request by these management systems, for example listeners, filter chains, codecs, connection pools and load balancing data structures. Envoy has an `event-based thread model `_. A main thread is responsible for the server lifecycle, configuration processing, stats, etc. and some number of :ref:`worker threads ` process requests. All threads operate around an event loop (`libevent `_) and any given downstream TCP connection (including all the multiplexed streams on it) will be handled by exactly one worker thread for its lifetime. Each worker thread maintains its own pool of TCP connections to upstream endpoints. :ref:`UDP ` handling makes use of SO_REUSEPORT to have the kernel consistently hash the source/destination IP:port tuples to the same worker thread. UDP filter state is shared for a given worker thread, with the filter responsible for providing session semantics as needed. This is in contrast to the connection oriented TCP filters we discuss below, where filter state exists on a per connection and, in the case of HTTP filters, per-request basis. Worker threads rarely share state and operate in a trivially parallel fashion. This threading model enables scaling to very high core count CPUs. Request flow ------------ Overview ^^^^^^^^ A brief outline of the life cycle of a request and response using the example configuration above: 1. A TCP connection from downstream is accepted by an Envoy :ref:`listener ` running on a :ref:`worker thread `. 2. The :ref:`listener filter ` chain is created and runs. It can provide SNI and other pre-TLS info. Once completed, the listener will match a network filter chain. Each listener may have multiple filter chains which match on some combination of destination IP CIDR range, SNI, ALPN, source ports, etc. A transport socket, in our case the TLS transport socket, is associated with this filter chain. 3. On network reads, the :ref:`TLS ` transport socket decrypts the data read from the TCP connection to a decrypted data stream for further processing. 4. The :ref:`network filter ` chain is created and runs. The most important filter for HTTP is the HTTP connection manager, which is the last network filter in the chain. 5. The HTTP/2 codec in :ref:`HTTP connection manager ` deframes and demultiplexes the decrypted data stream from the TLS connection to a number of independent streams. Each stream handles a single request and response. 6. For each HTTP stream, an :ref:`HTTP filter ` chain is created and runs. The request first passes through CustomFilter which may read and modify the request. The most important HTTP filter is the router filter which sits at the end of the HTTP filter chain. When `decodeHeaders` is invoked on the router filter, the route is selected and a cluster is picked. The request headers on the stream are forwarded to an upstream endpoint in that cluster. The :ref:`router ` filter obtains an HTTP :ref:`connection pool ` from the cluster manager for the matched cluster to do this. 7. Cluster specific :ref:`load balancing ` is performed to find an endpoint. The cluster’s circuit breakers are checked to determine if a new stream is allowed. A new connection to the endpoint is created if the endpoint's connection pool is empty or lacks capacity. 8. The upstream endpoint connection's HTTP/2 codec multiplexes and frames the request’s stream with any other streams going to that upstream over a single TCP connection. 9. The upstream endpoint connection's TLS transport socket encrypts these bytes and writes them to a TCP socket for the upstream connection. 10. The request, consisting of headers, and optional body and trailers, is proxied upstream, and the response is proxied downstream. The response passes through the HTTP filters in the :ref:`opposite order ` from the request, starting at the router filter and passing through CustomFilter, before being sent downstream. 11. When the response is complete, the stream is destroyed. Post-request processing will update stats, write to the access log and finalize trace spans. We elaborate on each of these steps in the sections below. 1. Listener TCP accept ^^^^^^^^^^^^^^^^^^^^^^ .. image:: /_static/lor-listeners.svg :width: 90% :align: center The *ListenerManager* is responsible for taking configuration representing :ref:`listeners ` and instantiating a number of *Listener* instances bound to their respective IP/ports. Listeners may be in one of three states: * *Warming*: the listener is waiting for configuration dependencies (e.g. route configuration, dynamic secrets). The listener is not yet ready to accept TCP connections. * *Active*: the listener is bound to its IP/port and accepts TCP connections. * *Draining*: the listener no longer accepts new TCP connections while its existing TCP connections are allowed to continue for a drain period. Each :ref:`worker thread ` maintains its own *Listener* instance for each of the configured listeners. Each listener may bind to the same port via SO_REUSEPORT or share a single socket bound to this port. When a new TCP connection arrives, the kernel decides which worker thread will accept the connection and the *Listener* for this worker thread will have its ``Server::ConnectionHandlerImpl::ActiveTcpListener::onAccept()`` callback invoked. 2. Listener filter chains and network filter chain matching ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The worker thread’s *Listener* then creates and runs the :ref:`listener filter ` chain. Filter chains are created by applying each filter’s *filter factory*. The factory is aware of the filter’s configuration and creates a new instance of the filter for each connection or stream. In the case of our TLS listener configuration, the listener filter chain consists of the :ref:`TLS inspector ` filter (``envoy.filters.listener.tls_inspector``). This filter examines the initial TLS handshake and extracts the server name (SNI). The SNI is then made available for filter chain matching. While the TLS inspector appears explicitly in the listener filter chain configuration, Envoy is also capable of inserting this automatically whenever there is a need for SNI (or ALPN) in a listener’s filter chain. .. image:: /_static/lor-listener-filters.svg :width: 80% :align: center The TLS inspector filter implements the :repo:`ListenerFilter ` interface. All filter interfaces, whether listener or network/HTTP, require that filters implement callbacks for specific connection or stream events. In the case of `ListenerFilter`, this is: .. code-block:: cpp virtual FilterStatus onAccept(ListenerFilterCallbacks& cb) PURE; ``onAccept()`` allows a filter to run during the TCP accept processing. The ``FilterStatus`` returned by the callback controls how the listener filter chain will continue. Listener filters may pause the filter chain and then later resume, e.g. in response to an RPC made to another service. Information extracted from the listener filters and connection properties is then used to match a filter chain, giving the network filter chain and transport socket that will be used to handle the connection. .. image:: /_static/lor-filter-chain-match.svg :width: 50% :align: center .. _life_of_a_request_tls_decryption: 3. TLS transport socket decryption ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Envoy offers pluggable transport sockets via the :repo:`TransportSocket ` extension interface. Transport sockets follow the lifecycle events of a TCP connection and read/write into network buffers. Some key methods that transport sockets must implement are: .. code-block:: cpp virtual void onConnected() PURE; virtual IoResult doRead(Buffer::Instance& buffer) PURE; virtual IoResult doWrite(Buffer::Instance& buffer, bool end_stream) PURE; virtual void closeSocket(Network::ConnectionEvent event) PURE; When data is available on a TCP connection, ``Network::ConnectionImpl::onReadReady()`` invokes the :ref:`TLS ` transport socket via ``SslSocket::doRead()``. The transport socket then performs a TLS handshake on the TCP connection. When the handshake completes, ``SslSocket::doRead()`` provides a decrypted byte stream to an instance of ``Network::FilterManagerImpl``, responsible for managing the network filter chain. .. image:: /_static/lor-transport-socket.svg :width: 80% :align: center It’s important to note that no operation, whether it’s a TLS handshake or a pause of a filter pipeline is truly blocking. Since Envoy is event-based, any situation in which processing requires additional data will lead to early event completion and yielding of the CPU to another event. When the network makes more data available to read, a read event will trigger the resumption of a TLS handshake. 4. Network filter chain processing ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ As with the listener filter chain, Envoy, via `Network::FilterManagerImpl`, will instantiate a series of :ref:`network filters ` from their filter factories. The instance is fresh for each new connection. Network filters, like transport sockets, follow TCP lifecycle events and are invoked as data becomes available from the transport socket. .. image:: /_static/lor-network-filters.svg :width: 80% :align: center Network filters are composed as a pipeline, unlike transport sockets which are one-per-connection. Network filters come in three varieties: * :repo:`ReadFilter ` implementing ``onData()``, called when data is available from the connection (due to some request). * :repo:`WriteFilter ` implementing ``onWrite()``, called when data is about to be written to the connection (due to some response). * :repo:`Filter ` implementing both *ReadFilter* and *WriteFilter*. The method signatures for the key filter methods are: .. code-block:: cpp virtual FilterStatus onNewConnection() PURE; virtual FilterStatus onData(Buffer::Instance& data, bool end_stream) PURE; virtual FilterStatus onWrite(Buffer::Instance& data, bool end_stream) PURE; As with the listener filter, the ``FilterStatus`` allows filters to pause execution of the filter chain. For example, if a rate limiting service needs to be queried, a rate limiting network filter would return ``Network::FilterStatus::StopIteration`` from ``onData()`` and later invoke ``continueReading()`` when the query completes. The last network filter for a listener dealing with HTTP is :ref:`HTTP connection manager ` (HCM). This is responsible for creating the HTTP/2 codec and managing the HTTP filter chain. In our example, this is the only network filter. An example network filter chain making use of multiple network filters would look like: .. image:: /_static/lor-network-read.svg :width: 80% :align: center On the response path, the network filter chain is executed in the reverse order to the request path. .. image:: /_static/lor-network-write.svg :width: 80% :align: center .. _life_of_a_request_http2_decoding: 5. HTTP/2 codec decoding ^^^^^^^^^^^^^^^^^^^^^^^^ The HTTP/2 codec in Envoy is based on `nghttp2 `_. It is invoked by the HCM with plaintext bytes from the TCP connection (after network filter chain transformation). The codec decodes the byte stream as a series of HTTP/2 frames and demultiplexes the connection into a number of independent HTTP streams. Stream multiplexing is a key feature in HTTP/2, providing significant performance advantages over HTTP/1. Each HTTP stream handles a single request and response. The codec is also responsible for handling HTTP/2 setting frames and both stream and connection level :repo:`flow control `. The codecs are responsible for abstracting the specifics of the HTTP connection, presenting a standard view to the HTTP connection manager and HTTP filter chain of a connection split into streams, each with request/response headers/body/trailers. This is true regardless of whether the protocol is HTTP/1, HTTP/2 or HTTP/3. 6. HTTP filter chain processing ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ For each HTTP stream, the HCM instantiates an :ref:`HTTP filter ` chain, following the pattern established above for listener and network filter chains. .. image:: /_static/lor-http-filters.svg :width: 80% :align: center There are three kinds of HTTP filter interfaces: * :repo:`StreamDecoderFilter ` with callbacks for request processing. * :repo:`StreamEncoderFilter ` with callbacks for response processing. * :repo:`StreamFilter ` implementing both `StreamDecoderFilter` and `StreamEncoderFilter`. Looking at the decoder filter interface: .. code-block:: cpp virtual FilterHeadersStatus decodeHeaders(RequestHeaderMap& headers, bool end_stream) PURE; virtual FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) PURE; virtual FilterTrailersStatus decodeTrailers(RequestTrailerMap& trailers) PURE; Rather than operating on connection buffers and events, HTTP filters follow the lifecycle of an HTTP request, e.g. ``decodeHeaders()`` takes HTTP headers as an argument rather than a byte buffer. The returned ``FilterStatus`` provides, as with network and listener filters, the ability to manage filter chain control flow. When the HTTP/2 codec makes available the HTTP requests headers, these are first passed to ``decodeHeaders()`` in CustomFilter. If the returned ``FilterHeadersStatus`` is ``Continue``, HCM then passes the headers (possibly mutated by CustomFilter) to the router filter. Decoder and encoder-decoder filters are executed on the request path. Encoder and encoder-decoder filters are executed on the response path, in :ref:`reverse direction `. Consider the following example filter chain: .. image:: /_static/lor-http.svg :width: 80% :align: center The request path will look like: .. image:: /_static/lor-http-decode.svg :width: 80% :align: center While the response path will look like: .. image:: /_static/lor-http-encode.svg :width: 80% :align: center When ``decodeHeaders()`` is invoked on the :ref:`router ` filter, the route selection is finalized and a cluster is picked. The HCM selects a route from its ``RouteConfiguration`` at the start of HTTP filter chain execution. This is referred to as the *cached route*. Filters may modify headers and cause a new route to be selected, by asking HCM to clear the route cache and requesting HCM to reevaluate the route selection. When the router filter is invoked, the route is finalized. The selected route’s configuration will point at an upstream cluster name. The router filter then asks the `ClusterManager` for an HTTP :ref:`connection pool ` for the cluster. This involves load balancing and the connection pool, discussed in the next section. .. image:: /_static/lor-route-config.svg :width: 70% :align: center The resulting HTTP connection pool is used to build an `UpstreamRequest` object in the router, which encapsulates the HTTP encoding and decoding callback methods for the upstream HTTP request. Once a stream is allocated on a connection in the HTTP connection pool, the request headers are forwarded to the upstream endpoint by the invocation of ``UpstreamRequest::encoderHeaders()``. The router filter is responsible for all aspects of upstream request lifecycle management on the stream allocated from the HTTP connection pool. It also is responsible for request timeouts, retries and affinity. 7. Load balancing ^^^^^^^^^^^^^^^^^ Each cluster has a :ref:`load balancer ` which picks an endpoint when a new request arrives. Envoy supports a variety of load balancing algorithms, e.g. weighted round-robin, Maglev, least-loaded, random. Load balancers obtain their effective assignments from a combination of static bootstrap configuration, DNS, dynamic xDS (the CDS and EDS discovery services) and active/passive health checks. Further details on how load balancing works in Envoy are provided in the :ref:`load balancing documentation `. Once an endpoint is selected, the :ref:`connection pool ` for this endpoint is used to find a connection to forward the request on. If no connection to the host exists, or all connections are at their maximum concurrent stream limit, a new connection is established and placed in the connection pool, unless the circuit breaker for maximum connections for the cluster has tripped. If a maximum lifetime stream limit for a connection is configured and reached, a new connection is allocated in the pool and the affected HTTP/2 connection is drained. Other circuit breakers, e.g. maximum concurrent requests to a cluster are also checked. See :repo:`circuit breakers ` and :ref:`connection pools ` for further details. .. image:: /_static/lor-lb.svg :width: 80% :align: center 8. HTTP/2 codec encoding ^^^^^^^^^^^^^^^^^^^^^^^^ The selected connection's HTTP/2 codec multiplexes the request stream with any other streams going to the same upstream over a single TCP connection. This is the reverse of :ref:`HTTP/2 codec decoding `. As with the downstream HTTP/2 codec, the upstream codec is responsible for taking Envoy’s standard abstraction of HTTP, i.e. multiple streams multiplexed on a single connection with request/response headers/body/trailers, and mapping this to the specifics of HTTP/2 by generating a series of HTTP/2 frames. 9. TLS transport socket encryption ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The upstream endpoint connection's TLS transport socket encrypts the bytes from the HTTP/2 codec output and writes them to a TCP socket for the upstream connection. As with :ref:`TLS transport socket decryption `, in our example the cluster has a transport socket configured that provides TLS transport security. The same interfaces exist for upstream and downstream transport socket extensions. .. image:: /_static/lor-client.svg :width: 70% :align: center 10. Response path and HTTP lifecycle ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The request, consisting of headers, and optional body and trailers, is proxied upstream, and the response is proxied downstream. The response passes through the HTTP and network filters in the :ref:`opposite order `. from the request. Various callbacks for decoder/encoder request lifecycle events will be invoked in HTTP filters, e.g. when response trailers are being forwarded or the request body is streamed. Similarly, read/write network filters will also have their respective callbacks invoked as data continues to flow in both directions during a request. :ref:`Outlier detection ` status for the endpoint is revised as the request progresses. A request completes when the upstream response reaches its end-of-stream, i.e. when trailers or the response header/body with end-stream set are received. This is handled in ``Router::Filter::onUpstreamComplete()``. It is possible for a request to terminate early. This may be due to (but not limited to): * Request timeout. * Upstream endpoint steam reset. * HTTP filter stream reset. * Circuit breaking. * Unavailability of upstream resources, e.g. missing a cluster for a route. * No healthy endpoints. * DoS protection. * HTTP protocol violations. * Local reply from either the HCM or an HTTP filter. E.g. a rate limit HTTP filter returning a 429 response. If any of these occur, Envoy may either send an internally generated response, if upstream response headers have not yet been sent, or will reset the stream, if response headers have already been forwarded downstream. The Envoy :ref:`debugging FAQ ` has further information on interpreting these early stream terminations. 11. Post-request processing ^^^^^^^^^^^^^^^^^^^^^^^^^^^ Once a request completes, the stream is destroyed. The following also takes places: * The post-request :ref:`statistics ` are updated (e.g. timing, active requests, upgrades, health checks). Some statistics are updated earlier however, during request processing. Stats are not written to the stats :ref:`sink ` at this point, they are batched and written by the main thread periodically. In our example this is a statsd sink. * :ref:`Access logs ` are written to the access log :ref:`sinks `. In our example this is a file access log. * :ref:`Trace ` spans are finalized. If our example request was traced, a trace span, describing the duration and details of the request would be created by the HCM when processing request headers and then finalized by the HCM during post-request processing. ================================================ FILE: docs/root/intro/version_history.rst ================================================ Version History =============== The changes for each version have moved :ref:`here `. .. This page only exists because previous versions of Envoy link here. ================================================ FILE: docs/root/intro/what_is_envoy.rst ================================================ What is Envoy -------------- Envoy is an L7 proxy and communication bus designed for large modern service oriented architectures. The project was born out of the belief that: *The network should be transparent to applications. When network and application problems do occur it should be easy to determine the source of the problem.* In practice, achieving the previously stated goal is incredibly difficult. Envoy attempts to do so by providing the following high level features: **Out of process architecture:** Envoy is a self contained process that is designed to run alongside every application server. All of the Envoys form a transparent communication mesh in which each application sends and receives messages to and from localhost and is unaware of the network topology. The out of process architecture has two substantial benefits over the traditional library approach to service to service communication: * Envoy works with any application language. A single Envoy deployment can form a mesh between Java, C++, Go, PHP, Python, etc. It is becoming increasingly common for service oriented architectures to use multiple application frameworks and languages. Envoy transparently bridges the gap. * As anyone that has worked with a large service oriented architecture knows, deploying library upgrades can be incredibly painful. Envoy can be deployed and upgraded quickly across an entire infrastructure transparently. **L3/L4 filter architecture:** At its core, Envoy is an L3/L4 network proxy. A pluggable :ref:`filter ` chain mechanism allows filters to be written to perform different TCP/UDP proxy tasks and inserted into the main server. Filters have already been written to support various tasks such as raw :ref:`TCP proxy `, :ref:`UDP proxy `, :ref:`HTTP proxy `, :ref:`TLS client certificate authentication `, :ref:`Redis `, :ref:`MongoDB `, :ref:`Postgres `, etc. **HTTP L7 filter architecture:** HTTP is such a critical component of modern application architectures that Envoy :ref:`supports ` an additional HTTP L7 filter layer. HTTP filters can be plugged into the HTTP connection management subsystem that perform different tasks such as :ref:`buffering `, :ref:`rate limiting `, :ref:`routing/forwarding `, sniffing Amazon's :ref:`DynamoDB `, etc. **First class HTTP/2 support:** When operating in HTTP mode, Envoy :ref:`supports ` both HTTP/1.1 and HTTP/2. Envoy can operate as a transparent HTTP/1.1 to HTTP/2 proxy in both directions. This means that any combination of HTTP/1.1 and HTTP/2 clients and target servers can be bridged. The recommended service to service configuration uses HTTP/2 between all Envoys to create a mesh of persistent connections that requests and responses can be multiplexed over. **HTTP L7 routing:** When operating in HTTP mode, Envoy supports a :ref:`routing ` subsystem that is capable of routing and redirecting requests based on path, authority, content type, :ref:`runtime ` values, etc. This functionality is most useful when using Envoy as a front/edge proxy but is also leveraged when building a service to service mesh. **gRPC support:** `gRPC `_ is an RPC framework from Google that uses HTTP/2 as the underlying multiplexed transport. Envoy :ref:`supports ` all of the HTTP/2 features required to be used as the routing and load balancing substrate for gRPC requests and responses. The two systems are very complementary. **Service discovery and dynamic configuration:** Envoy optionally consumes a layered set of :ref:`dynamic configuration APIs ` for centralized management. The layers provide an Envoy with dynamic updates about: hosts within a backend cluster, the backend clusters themselves, HTTP routing, listening sockets, and cryptographic material. For a simpler deployment, backend host discovery can be :ref:`done through DNS resolution ` (or even :ref:`skipped entirely `), with the further layers replaced by static config files. **Health checking:** The :ref:`recommended ` way of building an Envoy mesh is to treat service discovery as an eventually consistent process. Envoy includes a :ref:`health checking ` subsystem which can optionally perform active health checking of upstream service clusters. Envoy then uses the union of service discovery and health checking information to determine healthy load balancing targets. Envoy also supports passive health checking via an :ref:`outlier detection ` subsystem. **Advanced load balancing:** :ref:`Load balancing ` among different components in a distributed system is a complex problem. Because Envoy is a self contained proxy instead of a library, it is able to implement advanced load balancing techniques in a single place and have them be accessible to any application. Currently Envoy includes support for :ref:`automatic retries `, :ref:`circuit breaking `, :ref:`global rate limiting ` via an external rate limiting service, :ref:`request shadowing `, and :ref:`outlier detection `. Future support is planned for request racing. **Front/edge proxy support:** There is substantial benefit in using the same software at the edge (observability, management, identical service discovery and load balancing algorithms, etc.). Envoy has a feature set that makes it well suited as an edge proxy for most modern web application use cases. This includes :ref:`TLS ` termination, HTTP/1.1 and HTTP/2 :ref:`support `, as well as HTTP L7 :ref:`routing `. **Best in class observability:** As stated above, the primary goal of Envoy is to make the network transparent. However, problems occur both at the network level and at the application level. Envoy includes robust :ref:`statistics ` support for all subsystems. `statsd `_ (and compatible providers) is the currently supported statistics sink, though plugging in a different one would not be difficult. Statistics are also viewable via the :ref:`administration ` port. Envoy also supports distributed :ref:`tracing ` via thirdparty providers. ================================================ FILE: docs/root/operations/admin.rst ================================================ .. _operations_admin_interface: Administration interface ======================== Envoy exposes a local administration interface that can be used to query and modify different aspects of the server: * :ref:`v3 API reference ` .. _operations_admin_interface_security: .. attention:: The administration interface in its current form both allows destructive operations to be performed (e.g., shutting down the server) as well as potentially exposes private information (e.g., stats, cluster names, cert info, etc.). It is **critical** that access to the administration interface is only allowed via a secure network. It is also **critical** that hosts that access the administration interface are **only** attached to the secure network (i.e., to avoid CSRF attacks). This involves setting up an appropriate firewall or optimally only allowing access to the administration listener via localhost. This can be accomplished with a v2 configuration like the following: .. code-block:: yaml admin: access_log_path: /tmp/admin_access.log profile_path: /tmp/envoy.prof address: socket_address: { address: 127.0.0.1, port_value: 9901 } In the future additional security options will be added to the administration interface. This work is tracked in `this `_ issue. All mutations must be sent as HTTP POST operations. When a mutation is requested via GET, the request has no effect, and an HTTP 400 (Invalid Request) response is returned. .. note:: For an endpoint with *?format=json*, it dumps data as a JSON-serialized proto. Fields with default values are not rendered. For example for */clusters?format=json*, the circuit breakers thresholds priority field is omitted when its value is :ref:`DEFAULT priority ` as shown below: .. code-block:: json { "thresholds": [ { "max_connections": 1, "max_pending_requests": 1024, "max_requests": 1024, "max_retries": 1 }, { "priority": "HIGH", "max_connections": 1, "max_pending_requests": 1024, "max_requests": 1024, "max_retries": 1 } ] } .. http:get:: / Render an HTML home page with a table of links to all available options. .. http:get:: /help Print a textual table of all available options. .. _operations_admin_interface_certs: .. http:get:: /certs List out all loaded TLS certificates, including file name, serial number, subject alternate names and days until expiration in JSON format conforming to the :ref:`certificate proto definition `. .. _operations_admin_interface_clusters: .. http:get:: /clusters List out all configured :ref:`cluster manager ` clusters. This information includes all discovered upstream hosts in each cluster along with per host statistics. This is useful for debugging service discovery issues. Cluster manager information - ``version_info`` string -- the version info string of the last loaded :ref:`CDS` update. If Envoy does not have :ref:`CDS` setup, the output will read ``version_info::static``. Cluster wide information - :ref:`circuit breakers` settings for all priority settings. - Information about :ref:`outlier detection` if a detector is installed. Currently :ref:`average success rate `, and :ref:`ejection threshold` are presented. Both of these values could be ``-1`` if there was not enough data to calculate them in the last :ref/`interval`. - ``added_via_api`` flag -- ``false`` if the cluster was added via static configuration, ``true`` if it was added via the :ref:`CDS` api. Per host statistics .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 cx_total, Counter, Total connections cx_active, Gauge, Total active connections cx_connect_fail, Counter, Total connection failures rq_total, Counter, Total requests rq_timeout, Counter, Total timed out requests rq_success, Counter, Total requests with non-5xx responses rq_error, Counter, Total requests with 5xx responses rq_active, Gauge, Total active requests healthy, String, The health status of the host. See below weight, Integer, Load balancing weight (1-100) zone, String, Service zone canary, Boolean, Whether the host is a canary success_rate, Double, "Request success rate (0-100). -1 if there was not enough :ref:`request volume` in the :ref:`interval` to calculate it" Host health status A host is either healthy or unhealthy because of one or more different failing health states. If the host is healthy the ``healthy`` output will be equal to *healthy*. If the host is not healthy, the ``healthy`` output will be composed of one or more of the following strings: */failed_active_hc*: The host has failed an :ref:`active health check `. */failed_eds_health*: The host was marked unhealthy by EDS. */failed_outlier_check*: The host has failed an outlier detection check. .. http:get:: /clusters?format=json Dump the */clusters* output in a JSON-serialized proto. See the :ref:`definition ` for more information. .. _operations_admin_interface_config_dump: .. http:get:: /config_dump Dump currently loaded configuration from various Envoy components as JSON-serialized proto messages. See the :ref:`response definition ` for more information. .. warning:: Configuration may include :ref:`TLS certificates `. Before dumping the configuration, Envoy will attempt to redact the ``private_key`` and ``password`` fields from any certificates it finds. This relies on the configuration being a strongly-typed protobuf message. If your Envoy configuration uses deprecated ``config`` fields (of type ``google.protobuf.Struct``), please update to the recommended ``typed_config`` fields (of type ``google.protobuf.Any``) to ensure sensitive data is redacted properly. .. warning:: The underlying proto is marked v2alpha and hence its contents, including the JSON representation, are not guaranteed to be stable. .. _operations_admin_interface_config_dump_include_eds: .. http:get:: /config_dump?include_eds Dump currently loaded configuration including EDS. See the :ref:`response definition ` for more information. .. _operations_admin_interface_config_dump_by_mask: .. http:get:: /config_dump?mask={} Specify a subset of fields that you would like to be returned. The mask is parsed as a ``ProtobufWkt::FieldMask`` and applied to each top level dump such as :ref:`BootstrapConfigDump ` and :ref:`ClustersConfigDump `. This behavior changes if both resource and mask query parameters are specified. See below for details. .. _operations_admin_interface_config_dump_by_resource: .. http:get:: /config_dump?resource={} Dump only the currently loaded configuration that matches the specified resource. The resource must be a repeated field in one of the top level config dumps such as :ref:`static_listeners ` from :ref:`ListenersConfigDump ` or :ref:`dynamic_active_clusters ` from :ref:`ClustersConfigDump `. If you need a non-repeated field, use the mask query parameter documented above. If you want only a subset of fields from the repeated resource, use both as documented below. .. _operations_admin_interface_config_dump_by_resource_and_mask: .. http:get:: /config_dump?resource={}&mask={} When both resource and mask query parameters are specified, the mask is applied to every element in the desired repeated field so that only a subset of fields are returned. The mask is parsed as a ``ProtobufWkt::FieldMask``. For example, get the names of all active dynamic clusters with ``/config_dump?resource=dynamic_active_clusters&mask=cluster.name`` .. http:get:: /contention Dump current Envoy mutex contention stats (:ref:`MutexStats `) in JSON format, if mutex tracing is enabled. See :option:`--enable-mutex-tracing`. .. http:post:: /cpuprofiler Enable or disable the CPU profiler. Requires compiling with gperftools. The output file can be configured by admin.profile_path. .. http:post:: /heapprofiler Enable or disable the Heap profiler. Requires compiling with gperftools. The output file can be configured by admin.profile_path. .. _operations_admin_interface_healthcheck_fail: .. http:post:: /healthcheck/fail Fail inbound health checks. This requires the use of the HTTP :ref:`health check filter `. This is useful for draining a server prior to shutting it down or doing a full restart. Invoking this command will universally fail health check requests regardless of how the filter is configured (pass through, etc.). .. _operations_admin_interface_healthcheck_ok: .. http:post:: /healthcheck/ok Negate the effect of :http:post:`/healthcheck/fail`. This requires the use of the HTTP :ref:`health check filter `. .. http:get:: /hot_restart_version See :option:`--hot-restart-version`. .. _operations_admin_interface_init_dump: .. http:get:: /init_dump Dump currently information of unready targets of various Envoy components as JSON-serialized proto messages. See the :ref:`response definition ` for more information. .. _operations_admin_interface_init_dump_by_mask: .. http:get:: /init_dump?mask={} When mask query parameters is specified, the mask value is the desired component to dump unready targets. The mask is parsed as a ``ProtobufWkt::FieldMask``. For example, get the unready targets of all listeners with ``/init_dump?mask=listener`` .. _operations_admin_interface_listeners: .. http:get:: /listeners List out all configured :ref:`listeners `. This information includes the names of listeners as well as the addresses that they are listening on. If a listener is configured to listen on port 0, then the output will contain the actual port that was allocated by the OS. .. http:get:: /listeners?format=json Dump the */listeners* output in a JSON-serialized proto. See the :ref:`definition ` for more information. .. _operations_admin_interface_logging: .. http:post:: /logging Enable/disable different logging levels on a particular logger or all loggers. - To change the logging level across all loggers, set the query parameter as level=. - To change a particular logger's level, set the query parameter like so, =. - To list the loggers, send a POST request to the /logging endpoint without a query parameter. .. note:: Generally only used during development. With `--enable-fine-grain-logging` being set, the logger is represented by the path of the file it belongs to (to be specific, the path determined by `__FILE__`), so the logger list will show a list of file paths, and the specific path should be used as to change the log level. .. http:get:: /memory Prints current memory allocation / heap usage, in bytes. Useful in lieu of printing all `/stats` and filtering to get the memory-related statistics. .. http:post:: /quitquitquit Cleanly exit the server. .. http:post:: /reset_counters Reset all counters to zero. This is useful along with :http:get:`/stats` during debugging. Note that this does not drop any data sent to statsd. It just affects local output of the :http:get:`/stats` command. .. _operations_admin_interface_drain: .. http:post:: /drain_listeners :ref:`Drains ` all listeners. .. http:post:: /drain_listeners?inboundonly :ref:`Drains ` all inbound listeners. `traffic_direction` field in :ref:`Listener ` is used to determine whether a listener is inbound or outbound. .. http:post:: /drain_listeners?graceful When draining listeners, enter a graceful drain period prior to closing listeners. This behaviour and duration is configurable via server options or CLI (:option:`--drain-time-s` and :option:`--drain-strategy`). .. attention:: This operation directly stops the matched listeners on workers. Once listeners in a given traffic direction are stopped, listener additions and modifications in that direction are not allowed. .. http:get:: /server_info Outputs a JSON message containing information about the running server. Sample output looks like: .. code-block:: json { "version": "b050513e840aa939a01f89b07c162f00ab3150eb/1.9.0-dev/Modified/DEBUG", "state": "LIVE", "command_line_options": { "base_id": "0", "concurrency": 8, "config_path": "config.yaml", "config_yaml": "", "allow_unknown_static_fields": false, "admin_address_path": "", "local_address_ip_version": "v4", "log_level": "info", "component_log_level": "", "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] %v", "log_path": "", "hot_restart_version": false, "service_cluster": "", "service_node": "", "service_zone": "", "mode": "Serve", "disable_hot_restart": false, "enable_mutex_tracing": false, "restart_epoch": 0, "file_flush_interval": "10s", "drain_time": "600s", "parent_shutdown_time": "900s", "cpuset_threads": false }, "uptime_current_epoch": "6s", "uptime_all_epochs": "6s", "node": { "id": "node1", "cluster": "cluster1", "user_agent_name": "envoy", "user_agent_build_version": { "version": { "major_number": 1, "minor_number": 15, "patch": 0 } }, "metadata": {}, "extensions": [], "client_features": [], "listening_addresses": [] } } See the :ref:`ServerInfo proto ` for an explanation of the output. .. http:get:: /ready Outputs a string and error code reflecting the state of the server. 200 is returned for the LIVE state, and 503 otherwise. This can be used as a readiness check. Example output: .. code-block:: none LIVE See the `state` field of the :ref:`ServerInfo proto ` for an explanation of the output. .. _operations_admin_interface_stats: .. http:get:: /stats Outputs all statistics on demand. This command is very useful for local debugging. Histograms will output the computed quantiles i.e P0,P25,P50,P75,P90,P99,P99.9 and P100. The output for each quantile will be in the form of (interval,cumulative) where interval value represents the summary since last flush interval and cumulative value represents the summary since the start of Envoy instance. "No recorded values" in the histogram output indicates that it has not been updated with a value. See :ref:`here ` for more information. .. http:get:: /stats?usedonly Outputs statistics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once). .. http:get:: /stats?filter=regex Filters the returned stats to those with names matching the regular expression `regex`. Compatible with `usedonly`. Performs partial matching by default, so `/stats?filter=server` will return all stats containing the word `server`. Full-string matching can be specified with begin- and end-line anchors. (i.e. `/stats?filter=^server.concurrency$`) .. http:get:: /stats?format=json Outputs /stats in JSON format. This can be used for programmatic access of stats. Counters and Gauges will be in the form of a set of (name,value) pairs. Histograms will be under the element "histograms", that contains "supported_quantiles" which lists the quantiles supported and an array of computed_quantiles that has the computed quantile for each histogram. If a histogram is not updated during an interval, the output will have null for all the quantiles. Example histogram output: .. code-block:: json { "histograms": { "supported_quantiles": [ 0, 25, 50, 75, 90, 95, 99, 99.9, 100 ], "computed_quantiles": [ { "name": "cluster.external_auth_cluster.upstream_cx_length_ms", "values": [ {"interval": 0, "cumulative": 0}, {"interval": 0, "cumulative": 0}, {"interval": 1.0435787, "cumulative": 1.0435787}, {"interval": 1.0941565, "cumulative": 1.0941565}, {"interval": 2.0860023, "cumulative": 2.0860023}, {"interval": 3.0665233, "cumulative": 3.0665233}, {"interval": 6.046609, "cumulative": 6.046609}, {"interval": 229.57333,"cumulative": 229.57333}, {"interval": 260,"cumulative": 260} ] }, { "name": "http.admin.downstream_rq_time", "values": [ {"interval": null, "cumulative": 0}, {"interval": null, "cumulative": 0}, {"interval": null, "cumulative": 1.0435787}, {"interval": null, "cumulative": 1.0941565}, {"interval": null, "cumulative": 2.0860023}, {"interval": null, "cumulative": 3.0665233}, {"interval": null, "cumulative": 6.046609}, {"interval": null, "cumulative": 229.57333}, {"interval": null, "cumulative": 260} ] } ] } } .. http:get:: /stats?format=json&usedonly Outputs statistics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once) in JSON format. .. http:get:: /stats?format=prometheus or alternatively, .. http:get:: /stats/prometheus Outputs /stats in `Prometheus `_ v0.0.4 format. This can be used to integrate with a Prometheus server. You can optionally pass the `usedonly` URL query argument to only get statistics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once) .. http:get:: /stats/recentlookups This endpoint helps Envoy developers debug potential contention issues in the stats system. Initially, only the count of StatName lookups is acumulated, not the specific names that are being looked up. In order to see specific recent requests, you must enable the feature by POSTing to `/stats/recentlookups/enable`. There may be approximately 40-100 nanoseconds of added overhead per lookup. When enabled, this endpoint emits a table of stat names that were recently accessed as strings by Envoy. Ideally, strings should be converted into StatNames, counters, gauges, and histograms by Envoy code only during startup or when receiving a new configuration via xDS. This is because when stats are looked up as strings they must take a global symbol table lock. During startup this is acceptable, but in response to user requests on high core-count machines, this can cause performance issues due to mutex contention. This admin endpoint requires Envoy to be started with option `--use-fake-symbol-table 0`. See :repo:`source/docs/stats.md` for more details. Note also that actual mutex contention can be tracked via :http:get:`/contention`. .. http:post:: /stats/recentlookups/enable Turns on collection of recent lookup of stat-names, thus enabling `/stats/recentlookups`. See :repo:`source/docs/stats.md` for more details. .. http:post:: /stats/recentlookups/disable Turns off collection of recent lookup of stat-names, thus disabling `/stats/recentlookups`. It also clears the list of lookups. However, the total count, visible as stat `server.stats_recent_lookups`, is not cleared, and continues to accumulate. See :repo:`source/docs/stats.md` for more details. .. http:post:: /stats/recentlookups/clear Clears all outstanding lookups and counts. This clears all recent lookups data as well as the count, but collection continues if it is enabled. See :repo:`source/docs/stats.md` for more details. .. _operations_admin_interface_runtime: .. http:get:: /runtime Outputs all runtime values on demand in JSON format. See :ref:`here ` for more information on how these values are configured and utilized. The output include the list of the active runtime override layers and the stack of layer values for each key. Empty strings indicate no value, and the final active value from the stack also is included in a separate key. Example output: .. code-block:: json { "layers": [ "disk", "override", "admin", ], "entries": { "my_key": { "layer_values": [ "my_disk_value", "", "" ], "final_value": "my_disk_value" }, "my_second_key": { "layer_values": [ "my_second_disk_value", "my_disk_override_value", "my_admin_override_value" ], "final_value": "my_admin_override_value" } } } .. _operations_admin_interface_runtime_modify: .. http:post:: /runtime_modify?key1=value1&key2=value2&keyN=valueN Adds or modifies runtime values as passed in query parameters. To delete a previously added key, use an empty string as the value. Note that deletion only applies to overrides added via this endpoint; values loaded from disk can be modified via override but not deleted. .. attention:: Use the /runtime_modify endpoint with care. Changes are effectively immediately. It is **critical** that the admin interface is :ref:`properly secured `. .. _operations_admin_interface_hystrix_event_stream: .. http:get:: /hystrix_event_stream This endpoint is intended to be used as the stream source for `Hystrix dashboard `_. a GET to this endpoint will trigger a stream of statistics from Envoy in `text/event-stream `_ format, as expected by the Hystrix dashboard. If invoked from a browser or a terminal, the response will be shown as a continuous stream, sent in intervals defined by the :ref:`Bootstrap ` :ref:`stats_flush_interval ` This handler is enabled only when a Hystrix sink is enabled in the config file as documented :ref:`here `. As Envoy's and Hystrix resiliency mechanisms differ, some of the statistics shown in the dashboard had to be adapted: * **Thread pool rejections** - Generally similar to what's called short circuited in Envoy, and counted by *upstream_rq_pending_overflow*, although the term thread pool is not accurate for Envoy. Both in Hystrix and Envoy, the result is rejected requests which are not passed upstream. * **circuit breaker status (closed or open)** - Since in Envoy, a circuit is opened based on the current number of connections/requests in queue, there is no sleeping window for circuit breaker, circuit open/closed is momentary. Hence, we set the circuit breaker status to "forced closed". * **Short-circuited (rejected)** - The term exists in Envoy but refers to requests not sent because of passing a limit (queue or connections), while in Hystrix it refers to requests not sent because of high percentage of service unavailable responses during some time frame. In Envoy, service unavailable response will cause **outlier detection** - removing a node off the load balancer pool, but requests are not rejected as a result. Therefore, this counter is always set to '0'. * Latency information represents data since last flush. Mean latency is currently not available. .. http:post:: /tap This endpoint is used for configuring an active tap session. It is only available if a valid tap extension has been configured, and that extension has been configured to accept admin configuration. See: * :ref:`HTTP tap filter configuration ` .. http:post:: /reopen_logs Triggers reopen of all access logs. Behavior is similar to SIGUSR1 handling. ================================================ FILE: docs/root/operations/certificates.rst ================================================ .. _operations_certificates: Certificate Management ====================== Envoy provides several mechanisms for cert management. At a high level they can be broken into 1. Static :ref:`CommonTlsContext ` referenced certificates. These will *not* reload automatically, and requires either a restart of the proxy or reloading the clusters/listeners that reference them. :ref:`Hot restarting ` can be used here to pick up the new certificates without dropping traffic. 2. :ref:`Secret Discovery Service ` referenced certificates. By using SDS, certificates can either be referenced as files (reloading the certs when the parent directory is moved) or through an external SDS server that can push new certificates. ================================================ FILE: docs/root/operations/cli.rst ================================================ .. _operations_cli: Command line options ==================== Envoy is driven both by a JSON configuration file as well as a set of command line options. The following are the command line options that Envoy supports. .. option:: -c , --config-path *(optional)* The path to the v2 :ref:`JSON/YAML/proto3 configuration file `. If this flag is missing, :option:`--config-yaml` is required. This will be parsed as a :ref:`v2 bootstrap configuration file `. Valid extensions are ``.json``, ``.yaml``, ``.pb`` and ``.pb_text``, which indicate JSON, YAML, `binary proto3 `_ and `text proto3 `_ formats respectively. .. option:: --config-yaml *(optional)* The YAML string for a bootstrap configuration. If :option:`--config-path` is also set, the values in this YAML string will override and merge with the bootstrap loaded from :option:`--config-path`. Because YAML is a superset of JSON, a JSON string may also be passed to :option:`--config-yaml`. Example overriding the node id on the command line: .. code-block:: console ./envoy -c bootstrap.yaml --config-yaml "node: {id: 'node1'}" .. option:: --bootstrap-version *(optional)* The API version to load the bootstrap as. The value should be a single integer, e.g. to parse the bootstrap configuration as V3, specify ``--bootstrap-version 3``. If unset, Envoy will attempt to load the bootstrap as the previous API version and upgrade it to the latest. If that fails, Envoy will attempt to load the configuration as the latest version. .. option:: --mode *(optional)* One of the operating modes for Envoy: * ``serve``: *(default)* Validate the JSON configuration and then serve traffic normally. * ``validate``: Validate the JSON configuration and then exit, printing either an "OK" message (in which case the exit code is 0) or any errors generated by the configuration file (exit code 1). No network traffic is generated, and the hot restart process is not performed, so no other Envoy process on the machine will be disturbed. .. option:: --admin-address-path *(optional)* The output file path where the admin address and port will be written. .. option:: --local-address-ip-version *(optional)* The IP address version that is used to populate the server local IP address. This parameter affects various headers including what is appended to the X-Forwarded-For (XFF) header. The options are ``v4`` or ``v6``. The default is ``v4``. .. option:: --base-id *(optional)* The base ID to use when allocating shared memory regions. Envoy uses shared memory regions during :ref:`hot restart `. Most users will never have to set this option. However, if Envoy needs to be run multiple times on the same machine, each running Envoy will need a unique base ID so that the shared memory regions do not conflict. .. option:: --use-dynamic-base-id *(optional)* Selects an unused base ID to use when allocating shared memory regions. Using preselected values with :option:`--base-id` is preferred, however. If this option is enabled, it supersedes the :option:`--base-id` value. This flag may not be used when the value of :option:`--restart-epoch` is non-zero. Instead, for subsequent hot restarts, set :option:`--base-id` option with the selected base ID. See :option:`--base-id-path`. .. option:: --base-id-path *(optional)* Writes the base ID to the given path. While this option is compatible with :option:`--base-id`, its intended use is to provide access to the dynamic base ID selected by :option:`--use-dynamic-base-id`. .. option:: --concurrency *(optional)* The number of :ref:`worker threads ` to run. If not specified defaults to the number of hardware threads on the machine. If set to zero, Envoy will still run one worker thread. .. option:: -l , --log-level *(optional)* The logging level. Non developers should generally never set this option. See the help text for the available log levels and the default. .. option:: --component-log-level *(optional)* The comma separated list of logging level per component. Non developers should generally never set this option. For example, if you want `upstream` component to run at `debug` level and `connection` component to run at `trace` level, you should pass ``upstream:debug,connection:trace`` to this flag. See ``ALL_LOGGER_IDS`` in :repo:`/source/common/common/logger.h` for a list of components. .. option:: --cpuset-threads *(optional)* This flag is used to control the number of worker threads if :option:`--concurrency` is not set. If enabled, the assigned cpuset size is used to determine the number of worker threads on Linux-based systems. Otherwise the number of worker threads is set to the number of hardware threads on the machine. You can read more about cpusets in the `kernel documentation `_. .. option:: --log-path *(optional)* The output file path where logs should be written. This file will be re-opened when SIGUSR1 is handled. If this is not set, log to stderr. .. option:: --log-format *(optional)* The format string to use for laying out the log message metadata. If this is not set, a default format string ``"[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"`` is used. When used in conjunction with :option:`--log-format-prefix-with-location` set to 1, the logger can be configured to prefix ``%v`` by a file path and a line number. When used in conjunction with :option:`--log-format-escaped`, the logger can be configured to log in a format that is parsable by log viewers. Known integrations are documented in the :ref:`application logging configuration ` section. The supported format flags are (with example output): :%v: The actual message to log ("some user text") :%t: Thread id ("1232") :%P: Process id ("3456") :%n: Logger's name ("filter") :%l: The log level of the message ("debug", "info", etc.) :%L: Short log level of the message ("D", "I", etc.) :%a: Abbreviated weekday name ("Tue") :%A: Full weekday name ("Tuesday") :%b: Abbreviated month name ("Mar") :%B: Full month name ("March") :%c: Date and time representation ("Tue Mar 27 15:25:06 2018") :%C: Year in 2 digits ("18") :%Y: Year in 4 digits ("2018") :%D, %x: Short MM/DD/YY date ("03/27/18") :%m: Month 01-12 ("03") :%d: Day of month 01-31 ("27") :%H: Hours in 24 format 00-23 ("15") :%I: Hours in 12 format 01-12 ("03") :%M: Minutes 00-59 ("25") :%S: Seconds 00-59 ("06") :%e: Millisecond part of the current second 000-999 ("008") :%f: Microsecond part of the current second 000000-999999 ("008789") :%F: Nanosecond part of the current second 000000000-999999999 ("008789123") :%p: AM/PM ("AM") :%r: 12-hour clock ("03:25:06 PM") :%R: 24-hour HH:MM time, equivalent to %H:%M ("15:25") :%T, %X: ISO 8601 time format (HH:MM:SS), equivalent to %H:%M:%S ("13:25:06") :%z: ISO 8601 offset from UTC in timezone ([+/-]HH:MM) ("-07:00") :%%: The % sign ("%") :%@: Source file and line ("my_file.cc:123") :%s: Basename of the source file ("my_file.cc") :%g: Full relative path of the source file ("/some/dir/my_file.cc") :%#: Source line ("123") :%!: Source function ("myFunc") .. option:: --log-format-prefix-with-location <1|0> *(optional)* This temporary flag allows replacing all entries of ``"%v"`` in the log format by ``"[%g:%#] %v"``. This flag is provided for migration purposes only. If this is not set, a default value 0 is used. **NOTE**: The flag will be removed at 1.17.0 release. .. option:: --log-format-escaped *(optional)* This flag enables application log sanitization to escape C-style escape sequences. This can be used to prevent a single log line from spanning multiple lines in the underlying log. This sanitizes all escape sequences in `this list `_. Note that each line's trailing whitespace characters (such as EOL characters) will not be escaped. .. option:: --restart-epoch *(optional)* The :ref:`hot restart ` epoch. (The number of times Envoy has been hot restarted instead of a fresh start). Defaults to 0 for the first start. This option tells Envoy whether to attempt to create the shared memory region needed for hot restart, or whether to open an existing one. It should be incremented every time a hot restart takes place. The :ref:`hot restart wrapper ` sets the *RESTART_EPOCH* environment variable which should be passed to this option in most cases. .. option:: --enable-fine-grain-logging *(optional)* Enables fine-grain logger with file level log control and runtime update at administration interface. If enabled, main log macros including `ENVOY_LOG`, `ENVOY_CONN_LOG`, `ENVOY_STREAM_LOG` and `ENVOY_FLUSH_LOG` will use a per-file logger, and the usage doesn't need `Envoy::Logger::Loggable` any more. The administration interface usage is similar. Please see `Administration interface `_ for more detail. .. option:: --socket-path *(optional)* The output file path to the socket address for :ref:`hot restart `. Default to "@envoy_domain_socket" which will be created in the abstract namespace. Suffix _{role}_{id} is appended to provide name. All envoy processes wanting to participate in hot-restart together must use the same value for this option. **NOTE**: The path started with "@" will be created in the abstract namespace. .. option:: --socket-mode *(optional)* The socket file permission for :ref:`hot restart `. This must be a valid octal file permission, such as 644. The default value is 600. This flag may not be used when :option:`--socket-path` is start with "@" or not set. .. option:: --hot-restart-version *(optional)* Outputs an opaque hot restart compatibility version for the binary. This can be matched against the output of the :http:get:`/hot_restart_version` admin endpoint to determine whether the new binary and the running binary are hot restart compatible. .. option:: --service-cluster *(optional)* Defines the local service cluster name where Envoy is running. The local service cluster name is first sourced from the :ref:`Bootstrap node ` message's :ref:`cluster ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if any of the following features are used: :ref:`statsd `, :ref:`health check cluster verification `, :ref:`runtime override directory `, :ref:`user agent addition `, :ref:`HTTP global rate limiting `, :ref:`CDS `, and :ref:`HTTP tracing `, either via this CLI option or in the bootstrap configuration. .. option:: --service-node *(optional)* Defines the local service node name where Envoy is running. The local service node name is first sourced from the :ref:`Bootstrap node ` message's :ref:`id ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if any of the following features are used: :ref:`statsd `, :ref:`CDS `, and :ref:`HTTP tracing `, either via this CLI option or in the bootstrap configuration. .. option:: --service-zone *(optional)* Defines the local service zone where Envoy is running. The local service zone is first sourced from the :ref:`Bootstrap node ` message's :ref:`locality.zone ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if discovery service routing is used and the discovery service exposes :ref:`zone data `, either via this CLI option or in the bootstrap configuration. The meaning of zone is context dependent, e.g. `Availability Zone (AZ) `_ on AWS, `Zone `_ on GCP, etc. .. option:: --file-flush-interval-msec *(optional)* The file flushing interval in milliseconds. Defaults to 10 seconds. This setting is used during file creation to determine the duration between flushes of buffers to files. The buffer will flush every time it gets full, or every time the interval has elapsed, whichever comes first. Adjusting this setting is useful when tailing :ref:`access logs ` in order to get more (or less) immediate flushing. .. option:: --drain-time-s *(optional)* The time in seconds that Envoy will drain connections during a :ref:`hot restart ` or when individual listeners are being modified or removed via :ref:`LDS `. Defaults to 600 seconds (10 minutes). Generally the drain time should be less than the parent shutdown time set via the :option:`--parent-shutdown-time-s` option. How the two settings are configured depends on the specific deployment. In edge scenarios, it might be desirable to have a very long drain time. In service to service scenarios, it might be possible to make the drain and shutdown time much shorter (e.g., 60s/90s). .. option:: --drain-strategy *(optional)* Determine behaviour of Envoy during the hot restart drain sequence. During the drain sequence, the drain manager encourages draining through terminating connections on request completion, sending "Connection: CLOSE" on HTTP1, and sending GOAWAY on HTTP2. * ``gradual``: *(default)* The percentage of requests encouraged to drain increases to 100% as the drain time elapses. * ``immediate``: All requests are encouraged to drain as soon as the drain sequence begins. .. option:: --parent-shutdown-time-s *(optional)* The time in seconds that Envoy will wait before shutting down the parent process during a hot restart. See the :ref:`hot restart overview ` for more information. Defaults to 900 seconds (15 minutes). .. option:: --disable-hot-restart *(optional)* This flag disables Envoy hot restart for builds that have it enabled. By default, hot restart is enabled. .. option:: --enable-mutex-tracing *(optional)* This flag enables the collection of mutex contention statistics (:ref:`MutexStats `) as well as a contention endpoint (:http:get:`/contention`). Mutex tracing is not enabled by default, since it incurs a slight performance penalty for those Envoys which already experience mutex contention. .. option:: --allow-unknown-fields *(optional)* Deprecated alias for :option:`--allow-unknown-static-fields`. .. option:: --allow-unknown-static-fields *(optional)* This flag disables validation of protobuf configurations for unknown fields. By default, the validation is enabled. For most deployments, the default should be used which ensures configuration errors are caught upfront and Envoy is configured as intended. Warnings are logged for the first use of any unknown field and these occurrences are counted in the :ref:`server.static_unknown_fields ` statistic. .. option:: --reject-unknown-dynamic-fields *(optional)* This flag disables validation of protobuf configuration for unknown fields in dynamic configuration. By default, this flag is set false, disabling validation for fields beyond bootstrap. This allows newer xDS configurations to be delivered to older Envoys. This can be set true for strict dynamic checking when this behavior is not wanted but the default should be desirable for most Envoy deployments. Warnings are logged for the first use of any unknown field and these occurrences are counted in the :ref:`server.dynamic_unknown_fields ` statistic. .. option:: --ignore-unknown-dynamic-fields *(optional)* This flag disables validation of protobuf configuration for unknown fields in dynamic configuration. Unlike setting :option:`--reject-unknown-dynamic-fields` to false, it does not log warnings or count occurrences of unknown fields, in the interest of configuration processing speed. If :option:`--reject-unknown-dynamic-fields` is set to true, this flag has no effect. .. option:: --disable-extensions *(optional)* This flag disabled the provided list of comma-separated extension names. Disabled extensions cannot be used by static or dynamic configuration, though they are still linked into Envoy and may run start-up code or have other runtime effects. Extension names are created by joining the extension category and name with a forward slash, e.g. ``grpc_credentials/envoy.grpc_credentials.file_based_metadata``. .. option:: --version *(optional)* This flag is used to display Envoy version and build information, e.g. ``c93f9f6c1e5adddd10a3e3646c7e049c649ae177/1.9.0-dev/Clean/RELEASE/BoringSSL-FIPS``. It consists of five slash-separated fields: * source revision - git commit from which Envoy was built, * release number - either release (e.g. ``1.9.0``) or a development build (e.g. ``1.9.0-dev``), * status of the source tree at the build time - either ``Clean`` or ``Modified``, * build mode - either ``RELEASE`` or ``DEBUG``, * TLS library - either ``BoringSSL`` or ``BoringSSL-FIPS``. ================================================ FILE: docs/root/operations/fs_flags.rst ================================================ .. _operations_file_system_flags: File system flags ================= Envoy supports file system "flags" that alter state at startup. This is used to persist changes between restarts if necessary. The flag files should be placed in the directory specified in the :ref:`flags_path ` configuration option. The currently supported flag files are: drain If this file exists, Envoy will start in health check failing mode, similar to after the :http:post:`/healthcheck/fail` command has been executed. ================================================ FILE: docs/root/operations/hot_restarter.rst ================================================ .. _operations_hot_restarter: Hot restart Python wrapper ========================== Typically, Envoy will be :ref:`hot restarted ` for config changes and binary updates. However, in many cases, users will wish to use a standard process manager such as monit, runit, etc. We provide :repo:`/restarter/hot-restarter.py` to make this straightforward. The restarter is invoked like so: .. code-block:: console hot-restarter.py start_envoy.sh `start_envoy.sh` might be defined like so (using salt/jinja like syntax): .. code-block:: jinja #!/bin/bash ulimit -n {{ pillar.get('envoy_max_open_files', '102400') }} sysctl fs.inotify.max_user_watches={{ pillar.get('envoy_max_inotify_watches', '524288') }} exec /usr/sbin/envoy -c /etc/envoy/envoy.cfg --restart-epoch $RESTART_EPOCH --service-cluster {{ grains['cluster_name'] }} --service-node {{ grains['service_node'] }} --service-zone {{ grains.get('ec2_availability-zone', 'unknown') }} Note on `inotify.max_user_watches`: If Envoy is being configured to watch many files for configuration in a directory on a Linux machine, increase this value as Linux enforces limits on the maximum number of files that can be watched. The *RESTART_EPOCH* environment variable is set by the restarter on each restart and must be passed to the :option:`--restart-epoch` option. .. warning:: Special care must be taken if you wish to use the :option:`--use-dynamic-base-id` option. That flag may only be set when the *RESTART_EPOCH* is 0 and your *start_envoy.sh* must obtain the chosen base ID (via :option:`--base-id-path`), store it, and use it as the :option:`--base-id` value on subsequent invocations (when *RESTART_EPOCH* is greater than 0). The restarter handles the following signals: * **SIGTERM** or **SIGINT** (Ctrl-C): Will cleanly terminate all child processes and exit. * **SIGHUP**: Will hot restart by re-invoking whatever is passed as the first argument to the hot restart script. * **SIGCHLD**: If any of the child processes shut down unexpectedly, the restart script will shut everything down and exit to avoid being in an unexpected state. The controlling process manager should then restart the restarter script to start Envoy again. * **SIGUSR1**: Will be forwarded to Envoy as a signal to reopen all access logs. This is used for atomic move and reopen log rotation. ================================================ FILE: docs/root/operations/operations.rst ================================================ .. _operations: Operations and administration ============================= .. toctree:: :maxdepth: 2 cli hot_restarter admin stats_overview runtime fs_flags traffic_tapping certificates performance ================================================ FILE: docs/root/operations/performance.rst ================================================ .. _operations_performance: Performance =========== Envoy is architected to optimize scalability and resource utilization by running an event loop on a :ref:`small number of threads `. The "main" thread is responsible for control plane processing, and each "worker" thread handles a portion of the data plane processing. Envoy exposes two statistics to monitor performance of the event loops on all these threads. * **Loop duration:** Some amount of processing is done on each iteration of the event loop. This amount will naturally vary with changes in load. However, if one or more threads have an unusually long-tailed loop duration, it may indicate a performance issue. For example, work might not be distributed fairly across the worker threads, or there may be a long blocking operation in an extension that's impeding progress. * **Poll delay:** On each iteration of the event loop, the event dispatcher polls for I/O events and "wakes up" either when some I/O events are ready to be processed or when a timeout fires, whichever occurs first. In the case of a timeout, we can measure the difference between the expected wakeup time and the actual wakeup time after polling; this difference is called the "poll delay." It's normal to see some small poll delay, usually equal to the kernel scheduler's "time slice" or "quantum"---this depends on the specific operating system on which Envoy is running---but if this number elevates substantially above its normal observed baseline, it likely indicates kernel scheduler delays. These statistics can be enabled by setting :ref:`enable_dispatcher_stats ` to true. .. warning:: Note that enabling dispatcher stats records a value for each iteration of the event loop on every thread. This should normally be minimal overhead, but when using :ref:`statsd `, it will send each observed value over the wire individually because the statsd protocol doesn't have any way to represent a histogram summary. Be aware that this can be a very large volume of data. Event loop statistics --------------------- The event dispatcher for the main thread has a statistics tree rooted at *server.dispatcher.*, and the event dispatcher for each worker thread has a statistics tree rooted at *listener_manager.worker_.dispatcher.*, each with the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 loop_duration_us, Histogram, Event loop durations in microseconds poll_delay_us, Histogram, Polling delays in microseconds Note that any auxiliary threads are not included here. .. _operations_performance_watchdog: Watchdog -------- In addition to event loop statistics, Envoy also include a configurable :ref:`watchdog ` system that can increment statistics when Envoy is not responsive and optionally kill the server. The system has two separate watchdog configs, one for the main thread and one for worker threads; this is helpful as the different threads have different workloads. The system also has an extension point allowing for custom actions to be taken based on watchdog events. The statistics are useful for understanding at a high level whether Envoy's event loop is not responsive either because it is doing too much work, blocking, or not being scheduled by the OS. The watchdog emits aggregated statistics in both *main_thread* and *workers*. In addition, it emits individual statistics under *server..* trees. ** is equal to *main_thread*, *worker_0*, *worker_1*, etc. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 watchdog_miss, Counter, Number of standard misses watchdog_mega_miss, Counter, Number of mega misses ================================================ FILE: docs/root/operations/runtime.rst ================================================ .. _operations_runtime: Runtime ======= :ref:`Runtime configuration ` can be used to modify various server settings without restarting Envoy. The runtime settings that are available depend on how the server is configured. They are documented in the relevant sections of the :ref:`configuration guide `. Runtime guards are also used as a mechanism to disable new behavior or risky changes not otherwise guarded by configuration. Such changes will tend to introduce a runtime guard that can be used to disable the new behavior/code path. The names of these runtime guards will be included in the release notes alongside an explanation of the change that warrented the runtime guard. Due to this usage of runtime guards, some deployments might find it useful to set up dynamic runtime configuration as a safety measure to be able to quickly disable the new behavior without having to revert to an older version of Envoy or redeploy it with a new set of static runtime flags. ================================================ FILE: docs/root/operations/stats_overview.rst ================================================ .. _operations_stats: Statistics overview =================== Envoy outputs numerous statistics which depend on how the server is configured. They can be seen locally via the :http:get:`/stats` command and are typically sent to a :ref:`statsd cluster `. The statistics that are output are documented in the relevant sections of the :ref:`configuration guide `. Some of the more important statistics that will almost always be used can be found in the following sections: * :ref:`HTTP connection manager ` * :ref:`Upstream cluster ` ================================================ FILE: docs/root/operations/traffic_tapping.rst ================================================ .. _operations_traffic_tapping: Traffic tapping =============== Envoy currently provides two experimental extensions that can tap traffic: * :ref:`HTTP tap filter `. See the linked filter documentation for more information. * :ref:`Tap transport socket extension ` that can intercept traffic and write to a :ref:`protobuf trace file `. The remainder of this document describes the configuration of the tap transport socket. Tap transport socket configuration ---------------------------------- .. attention:: The tap transport socket is experimental and is currently under active development. There is currently a very limited set of match conditions, output configuration, output sinks, etc. Capabilities will be expanded over time and the configuration structures are likely to change. Tapping can be configured on :ref:`Listener ` and :ref:`Cluster ` transport sockets, providing the ability to interpose on downstream and upstream L4 connections respectively. To configure traffic tapping, add an `envoy.transport_sockets.tap` transport socket :ref:`configuration ` to the listener or cluster. For a plain text socket this might look like: .. code-block:: yaml transport_socket: name: envoy.transport_sockets.tap typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tap.v3.Tap common_config: static_config: match_config: any_match: true output_config: sinks: - format: PROTO_BINARY file_per_tap: path_prefix: /some/tap/path transport_socket: name: envoy.transport_sockets.raw_buffer For a TLS socket, this will be: .. code-block:: yaml transport_socket: name: envoy.transport_sockets.tap typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tap.v3.Tap common_config: static_config: match_config: any_match: true output_config: sinks: - format: PROTO_BINARY file_per_tap: path_prefix: /some/tap/path transport_socket: name: envoy.transport_sockets.tls typed_config: where the TLS context configuration replaces any existing :ref:`downstream ` or :ref:`upstream ` TLS configuration on the listener or cluster, respectively. Each unique socket instance will generate a trace file prefixed with `path_prefix`. E.g. `/some/tap/path_0.pb`. Buffered data limits -------------------- For buffered socket taps, Envoy will limit the amount of body data that is tapped to avoid OOM situations. The default limit is 1KiB for both received and transmitted data. This is configurable via the :ref:`max_buffered_rx_bytes ` and :ref:`max_buffered_tx_bytes ` settings. When a buffered socket tap is truncated, the trace will indicate truncation via the :ref:`read_truncated ` and :ref:`write_truncated ` fields as well as the body :ref:`truncated ` field. Streaming --------- The tap transport socket supports both buffered and streaming, controlled by the :ref:`streaming ` setting. When buffering, :ref:`SocketBufferedTrace ` messages are emitted. When streaming, a series of :ref:`SocketStreamedTraceSegment ` are emitted. See the :ref:`HTTP tap filter streaming ` documentation for more information. Most of the concepts overlap between the HTTP filter and the transport socket. PCAP generation --------------- The generated trace file can be converted to `libpcap format `_, suitable for analysis with tools such as `Wireshark `_ with the `tap2pcap` utility, e.g.: .. code-block:: bash bazel run @envoy_api_canonical//tools:tap2pcap /some/tap/path_0.pb path_0.pcap tshark -r path_0.pcap -d "tcp.port==10000,http2" -P 1 0.000000 127.0.0.1 → 127.0.0.1 HTTP2 157 Magic, SETTINGS, WINDOW_UPDATE, HEADERS 2 0.013713 127.0.0.1 → 127.0.0.1 HTTP2 91 SETTINGS, SETTINGS, WINDOW_UPDATE 3 0.013820 127.0.0.1 → 127.0.0.1 HTTP2 63 SETTINGS 4 0.128649 127.0.0.1 → 127.0.0.1 HTTP2 5586 HEADERS 5 0.130006 127.0.0.1 → 127.0.0.1 HTTP2 7573 DATA 6 0.131044 127.0.0.1 → 127.0.0.1 HTTP2 3152 DATA, DATA ================================================ FILE: docs/root/start/sandboxes/_include/docker-env-setup.rst ================================================ The following documentation runs through the setup of Envoy described above. Step 1: Install Docker ********************** Ensure that you have a recent versions of ``docker`` and ``docker-compose`` installed. A simple way to achieve this is via the `Docker Desktop `_. Step 2: Clone the Envoy repo **************************** If you have not cloned the Envoy repo, clone it with: .. tabs:: .. code-tab:: console SSH git clone git@github.com:envoyproxy/envoy .. code-tab:: console HTTPS git clone https://github.com/envoyproxy/envoy.git ================================================ FILE: docs/root/start/sandboxes/cache.rst ================================================ .. _install_sandboxes_cache_filter: Cache Filter ============ .. TODO(yosrym93): When a documentation is written for a production-ready Cache Filter, link to it through this doc. In this example, we demonstrate how HTTP caching can be utilized in Envoy by using the Cache Filter. The setup of this sandbox is based on the setup of the :ref:`Front Proxy sandbox `. All incoming requests are routed via the front Envoy, which acts as a reverse proxy sitting on the edge of the ``envoymesh`` network. Ports ``8000`` and ``8001`` are exposed by docker compose (see :repo:`/examples/cache/docker-compose.yaml`) to handle ``HTTP`` calls to the services, and requests to ``/admin`` respectively. Two backend services are deployed behind the front Envoy, each with a sidecar Envoy. The front Envoy is configured to run the Cache Filter, which stores cacheable responses in an in-memory cache, and serves it to subsequent requests. In this demo, the responses that are served by the deployed services are stored in :repo:`/examples/cache/responses.yaml`. This file is mounted to both services' containers, so any changes made to the stored responses while the services are running should be instantly effective (no need to rebuild or rerun). For the purposes of the demo, a response's date of creation is appended to its body before being served. An Etag is computed for every response for validation purposes, which only depends on the response body in the yaml file (i.e. the appended date is not taken into account). Cached responses can be identified by having an ``age`` header. Validated responses can be identified by having a generation date older than the ``date`` header; as when a response is validated the ``date`` header is updated, while the body stays the same. Validated responses do not have an ``age`` header. Responses served from the backend service have no ``age`` header, and their ``date`` header is the same as their generation date. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** .. code-block:: console $ pwd envoy/examples/cache $ docker-compose build --pull $ docker-compose up -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------ cache_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp cache_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp cache_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp Step 4: Test Envoy's HTTP caching capabilities ********************************************** You can now send a request to both services via the ``front-envoy``. Note that since the two services have different routes, identical requests to different services have different cache entries (i.e. a request sent to service 2 will not be served by a cached response produced by service 1). To send a request: ``curl -i localhost:8000/service//`` ``service_no``: The service to send the request to, 1 or 2. ``response``: The response that is being requested. The responses are found in :repo:`/examples/cache/responses.yaml`. The provided example responses are: - ``valid-for-minute`` This response remains fresh in the cache for a minute. After which, the response gets validated by the backend service before being served from the cache. If found to be updated, the new response is served (and cached). Otherwise, the cached response is served and refreshed. - ``private`` This response is private; it cannot be stored by shared caches (such as proxies). It will always be served from the backend service. - ``no-cache`` This response has to be validated every time before being served. You can change the responses' headers and bodies (or add new ones) while the sandbox is running to experiment. Example responses ----------------- 1. valid-for-minute ^^^^^^^^^^^^^^^^^^^ .. code-block:: console $ curl -i localhost:8000/service/1/valid-for-minute HTTP/1.1 200 OK content-type: text/html; charset=utf-8 content-length: 103 cache-control: max-age=60 custom-header: any value etag: "172ae25df822c3299cf2248694b4ce23" date: Fri, 11 Sep 2020 03:20:40 GMT server: envoy x-envoy-upstream-service-time: 11 This response will stay fresh for one minute Response body generated at: Fri, 11 Sep 2020 03:20:40 GMT Naturally, response ``date`` header is the same time as the generated time. Sending the same request after 30 seconds gives the same exact response with the same generation date, but with an ``age`` header as it was served from cache: .. code-block:: console $ curl -i localhost:8000/service/1/valid-for-minute HTTP/1.1 200 OK content-type: text/html; charset=utf-8 content-length: 103 cache-control: max-age=60 custom-header: any value etag: "172ae25df822c3299cf2248694b4ce23" date: Fri, 11 Sep 2020 03:20:40 GMT server: envoy x-envoy-upstream-service-time: 11 age: 30 This response will stay fresh for one minute Response body generated at: Fri, 11 Sep 2020 03:20:40 GMT After 1 minute and 1 second: .. code-block:: console $ curl -i localhost:8000/service/1/valid-for-minute HTTP/1.1 200 OK cache-control: max-age=60 custom-header: any value etag: "172ae25df822c3299cf2248694b4ce23" date: Fri, 11 Sep 2020 03:21:41 GMT server: envoy x-envoy-upstream-service-time: 8 content-length: 103 content-type: text/html; charset=utf-8 This response will stay fresh for one minute Response body generated at: Fri, 11 Sep 2020 03:20:40 GMT The same response was served after being validated with the backend service. You can verify this as the response generation time is the same, but the response ``date`` header was updated with the validation response date. Also, no ``age`` header. Every time the response is validated, it stays fresh for another minute. If the response body changes while the cached response is still fresh, the cached response will still be served. The cached response will only be updated when it is no longer fresh. 2. private ^^^^^^^^^^ .. code-block:: console $ curl -i localhost:8000/service/1/private HTTP/1.1 200 OK content-type: text/html; charset=utf-8 content-length: 117 cache-control: private etag: "6bd80b59b2722606abf2b8d83ed2126d" date: Fri, 11 Sep 2020 03:22:28 GMT server: envoy x-envoy-upstream-service-time: 7 This is a private response, it will not be cached by Envoy Response body generated at: Fri, 11 Sep 2020 03:22:28 GMT No matter how many times you make this request, you will always receive a new response; new date of generation, new ``date`` header, and no ``age`` header. 3. no-cache ^^^^^^^^^^^ .. code-block:: console $ curl -i localhost:8000/service/1/no-cache HTTP/1.1 200 OK content-type: text/html; charset=utf-8 content-length: 130 cache-control: max-age=0, no-cache etag: "ce39a53bd6bb8abdb2488a5a375397e4" date: Fri, 11 Sep 2020 03:23:07 GMT server: envoy x-envoy-upstream-service-time: 7 This response can be cached, but it has to be validated on each request Response body generated at: Fri, 11 Sep 2020 03:23:07 GMT After a few seconds: .. code-block:: console $ curl -i localhost:8000/service/1/no-cache HTTP/1.1 200 OK cache-control: max-age=0, no-cache etag: "ce39a53bd6bb8abdb2488a5a375397e4" date: Fri, 11 Sep 2020 03:23:12 GMT server: envoy x-envoy-upstream-service-time: 7 content-length: 130 content-type: text/html; charset=utf-8 This response can be cached, but it has to be validated on each request Response body generated at: Fri, 11 Sep 2020 03:23:07 GMT You will receive a cached response that has the same generation time. However, the ``date`` header will always be updated as this response will always be validated first. Also, no ``age`` header. If you change the response body in the yaml file: .. code-block:: console $ curl -i localhost:8000/service/1/no-cache HTTP/1.1 200 OK content-type: text/html; charset=utf-8 content-length: 133 cache-control: max-age=0, no-cache etag: "f4768af0ac9f6f54f88169a1f3ecc9f3" date: Fri, 11 Sep 2020 03:24:10 GMT server: envoy x-envoy-upstream-service-time: 7 This response can be cached, but it has to be validated on each request!!! Response body generated at: Fri, 11 Sep 2020 03:24:10 GMT You will receive a new response that's served from the backend service. The new response will be cached for subsequent requests. You can also add new responses to the yaml file with different ``cache-control`` headers and start experimenting! To learn more about caching and ``cache-control`` headers visit the `MDN Web Docs `_. ================================================ FILE: docs/root/start/sandboxes/cors.rst ================================================ .. _install_sandboxes_cors: CORS Filter =========== Cross-Origin Resource Sharing (CORS) is a method of enforcing client-side access controls on resources by specifying external domains that are able to access certain or all routes of your domain. Browsers use the presence of HTTP headers to determine if a response from a different origin is allowed. To help demonstrate how front-envoy can enforce CORS policies, we are releasing a set of `docker compose `_ sandboxes that deploy a frontend and backend service on different origins, both behind front-envoy. The frontend service has a field to input the remote domain of your backend service along with radio buttons to select the remote domain's CORS enforcement. The CORS enforcement choices are: * Disabled: CORS is disabled on the route requested. This will result in a client-side CORS error since the required headers to be considered a valid CORS request are not present. * Open: CORS is enabled on the route requested but the allowed origin is set to ``*``. This is a very permissive policy and means that origin can request data from this endpoint. * Restricted: CORS is enabled on the route requested and the only allowed origin is ``envoyproxy.io``. This will result in a client-side CORS error. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** Switch to the ``frontend`` directory in the ``cors`` example, and start the containers: .. code-block:: console $ pwd envoy/examples/cors/frontend $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------ frontend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp frontend_frontend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp Now, switch to the ``backend`` directory in the ``cors`` example, and start the containers: .. code-block:: console $ pwd envoy/examples/cors/backend $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ---------------------------------------------------------------------------------------------------------------------------- backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->8000/tcp, 0.0.0.0:8003->8001/tcp Step 4: Test Envoy's CORS capabilities ************************************** You can now open a browser to view your frontend service at http://localhost:8000. Results of the cross-origin request will be shown on the page under *Request Results*. Your browser's ``CORS`` enforcement logs can be found in the browser console. For example: .. code-block:: console Access to XMLHttpRequest at 'http://192.168.99.100:8002/cors/disabled' from origin 'http://192.168.99.101:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Step 5: Check stats of backend via admin **************************************** When Envoy runs, it can listen to ``admin`` requests if a port is configured. In the example configs, the backend admin is bound to port ``8003``. If you browse to http://localhost:8003/stats you will be able to view all of the Envoy stats for the backend. You should see the ``CORS`` stats for invalid and valid origins increment as you make requests from the frontend cluster. .. code-block:: none http.ingress_http.cors.origin_invalid: 2 http.ingress_http.cors.origin_valid: 7 ================================================ FILE: docs/root/start/sandboxes/csrf.rst ================================================ .. _install_sandboxes_csrf: CSRF Filter =========== Cross-Site Request Forgery (CSRF) is an attack that occurs when a malicious third-party website exploits a vulnerability that allows them to submit an undesired request on a user's behalf. To mitigate this attack this filter checks where a request is coming from to determine if the request's origin is the same as it's destination. To help demonstrate how front-envoy can enforce CSRF policies, we are releasing a `docker compose `_ sandbox that deploys a service with both a frontend and backed. This service will be started on two different virtual machines with different origins. The frontend has a field to input the remote domain of where you would like to send POST requests along with radio buttons to select the remote domain's CSRF enforcement. The CSRF enforcement choices are: * Disabled: CSRF is disabled on the requested route. This will result in a successful request since there is no CSRF enforcement. * Shadow Mode: CSRF is not enforced on the requested route but will record if the request contains a valid source origin. * Enabled: CSRF is enabled and will return a 403 (Forbidden) status code when a request is made from a different origin. * Ignored: CSRF is enabled but the request type is a GET. This should bypass the CSRF filter and return successfully. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** Switch to the ``samesite`` directory in the ``csrf`` example, and start the containers: .. code-block:: console $ pwd envoy/examples/csrf/samesite $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ---------------------------------------------------------------------------------------------------------------------- samesite_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp samesite_service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp Now, switch to the ``crosssite`` directory in the ``csrf`` example, and start the containers: .. code-block:: console $ pwd envoy/examples/csrf/crosssite $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ---------------------------------------------------------------------------------------------------------------------- crosssite_front-envoy_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 0.0.0.0:8002->8000/tcp, 0.0.0.0:8003->8001/tcp crosssite_service_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 8000/tcp Step 4: Test Envoy's CSRF capabilities ************************************** You can now open a browser at http://localhost:8002 to view your ``crosssite`` frontend service. Enter the IP of the ``samesite`` machine to demonstrate cross-site requests. Requests with the enabled enforcement will fail. By default this field will be populated with ``localhost``. To demonstrate same-site requests open the frontend service for ``samesite`` at http://localhost:8000 and enter the IP address of the ``samesite`` machine as the destination. Results of the cross-site request will be shown on the page under *Request Results*. Your browser's ``CSRF`` enforcement logs can be found in the browser console and in the network tab. For example: .. code-block:: console Failed to load resource: the server responded with a status of 403 (Forbidden) If you change the destination to be the same as one displaying the website and set the ``CSRF`` enforcement to enabled the request will go through successfully. Step 5: Check stats of backend via admin **************************************** When Envoy runs, it can listen to ``admin`` requests if a port is configured. In the example configs, the backend admin is bound to port ``8001``. If you browse to http://localhost:8001/stats you will be able to view all of the Envoy stats for the backend. You should see the CORS stats for invalid and valid origins increment as you make requests from the frontend cluster. .. code-block:: none http.ingress_http.csrf.missing_source_origin: 0 http.ingress_http.csrf.request_invalid: 1 http.ingress_http.csrf.request_valid: 0 ================================================ FILE: docs/root/start/sandboxes/ext_authz.rst ================================================ .. _install_sandboxes_ext_authz: External Authorization Filter ============================= The External Authorization sandbox demonstrates Envoy's :ref:`ext_authz filter ` capability to delegate authorization of incoming requests through Envoy to an external services. While ext_authz can also be employed as a network filter, this sandbox is limited to exhibit ext_authz HTTP Filter, which supports to call HTTP or gRPC service. The setup of this sandbox is very similar to front-proxy deployment, however calls to upstream service behind the proxy will be checked by an external HTTP or gRPC service. In this sandbox, for every authorized call, the external authorization service adds additional ``x-current-user`` header entry to the original request headers to be forwarded to the upstream service. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** To build this sandbox example and start the example services, run the following commands: .. code-block:: console $ pwd envoy/examples/ext_authz $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports --------------------------------------------------------------------------------------------------------------------------------------- ext_authz_ext_authz-grpc-service_1 /app/server -users /etc/us Up ext_authz_ext_authz-http-service_1 docker-entrypoint.sh node Up ext_authz_front-envoy_1 /docker-entrypoint.sh /bin Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp ext_authz_upstream-service_1 python3 /app/service/server.py Up .. note:: This sandbox has multiple setup controlled by ``FRONT_ENVOY_YAML`` environment variable which points to the effective Envoy configuration to be used. The default value of ``FRONT_ENVOY_YAML`` can be defined in the ``.env`` file or provided inline when running the ``docker-compose up`` command. For more information, pease take a look at `environment variables in Compose documentation `_. By default, ``FRONT_ENVOY_YAML`` points to ``config/grpc-service/v3.yaml`` file which bootstraps front-envoy with ext_authz HTTP filter with gRPC service ``V3`` (this is specified by :ref:`transport_api_version field`). The possible values of ``FRONT_ENVOY_YAML`` can be found inside the ``envoy/examples/ext_authz/config`` directory. For example, to run Envoy with ext_authz HTTP filter with HTTP service will be: .. code-block:: console $ pwd envoy/examples/ext_authz $ docker-compose pull $ # Tearing down the currently running setup $ docker-compose down $ FRONT_ENVOY_YAML=config/http-service.yaml docker-compose up --build -d $ # Or you can update the .env file with the above FRONT_ENVOY_YAML value, so you don't have to specify it when running the "up" command. Step 4: Access the upstream-service behind the Front Envoy ********************************************************** You can now try to send a request to upstream-service via the front-envoy as follows: .. code-block:: console $ curl -v localhost:8000/service * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 8000 (#0) > GET /service HTTP/1.1 > Host: localhost:8000 > User-Agent: curl/7.58.0 > Accept: */* > < HTTP/1.1 403 Forbidden < date: Fri, 19 Jun 2020 15:02:24 GMT < server: envoy < content-length: 0 As observed, the request failed with ``403 Forbidden`` status code. This happened since the ext_authz filter employed by Envoy rejected the call. To let the request reach the upstream service, you need to provide a ``Bearer`` token via the ``Authorization`` header. .. note:: A complete list of users is defined in ``envoy/examples/ext_authz/auth/users.json`` file. For example, the ``token1`` used in the below example is corresponding to ``user1``. An example of successful requests can be observed as follows: .. code-block:: console $ curl -v -H "Authorization: Bearer token1" localhost:8000/service * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 8000 (#0) > GET /service HTTP/1.1 > Host: localhost:8000 > User-Agent: curl/7.58.0 > Accept: */* > Authorization: Bearer token1 > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 24 < server: envoy < date: Fri, 19 Jun 2020 15:04:29 GMT < x-envoy-upstream-service-time: 2 < * Connection #0 to host localhost left intact Hello user1 from behind Envoy! We can also employ `Open Policy Agent `_ server (with `envoy_ext_authz_grpc `_ plugin enabled) as the authorization server. To run this example: .. code-block:: console $ pwd envoy/examples/ext_authz $ docker-compose pull $ # Tearing down the currently running setup $ docker-compose down $ FRONT_ENVOY_YAML=config/opa-service/v2.yaml docker-compose up --build -d And sending a request to the upstream service (via the Front Envoy) gives: .. code-block:: console $ curl localhost:8000/service --verbose * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8000 (#0) > GET /service HTTP/1.1 > Host: localhost:8000 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 28 < server: envoy < date: Thu, 02 Jul 2020 06:29:58 GMT < x-envoy-upstream-service-time: 2 < * Connection #0 to host localhost left intact Hello OPA from behind Envoy! From the logs, we can observe the policy decision message from the Open Policy Agent server (for the above request against the defined policy in ``config/opa-service/policy.rego``): .. code-block:: console $ docker-compose logs ext_authz-opa-service | grep decision_id -A 30 ext_authz-opa-service_1 | "decision_id": "8143ca68-42d8-43e6-ade6-d1169bf69110", ext_authz-opa-service_1 | "input": { ext_authz-opa-service_1 | "attributes": { ext_authz-opa-service_1 | "destination": { ext_authz-opa-service_1 | "address": { ext_authz-opa-service_1 | "Address": { ext_authz-opa-service_1 | "SocketAddress": { ext_authz-opa-service_1 | "PortSpecifier": { ext_authz-opa-service_1 | "PortValue": 8000 ext_authz-opa-service_1 | }, ext_authz-opa-service_1 | "address": "172.28.0.6" ext_authz-opa-service_1 | } ext_authz-opa-service_1 | } ext_authz-opa-service_1 | } ext_authz-opa-service_1 | }, ext_authz-opa-service_1 | "metadata_context": {}, ext_authz-opa-service_1 | "request": { ext_authz-opa-service_1 | "http": { ext_authz-opa-service_1 | "headers": { ext_authz-opa-service_1 | ":authority": "localhost:8000", ext_authz-opa-service_1 | ":method": "GET", ext_authz-opa-service_1 | ":path": "/service", ext_authz-opa-service_1 | "accept": "*/*", ext_authz-opa-service_1 | "user-agent": "curl/7.64.1", ext_authz-opa-service_1 | "x-forwarded-proto": "http", ext_authz-opa-service_1 | "x-request-id": "b77919c0-f1d4-4b06-b444-5a8b32d5daf4" ext_authz-opa-service_1 | }, ext_authz-opa-service_1 | "host": "localhost:8000", ext_authz-opa-service_1 | "id": "16617514055874272263", ext_authz-opa-service_1 | "method": "GET", ext_authz-opa-service_1 | "path": "/service", Trying to send a request with method other than ``GET`` gives a rejection: .. code-block:: console $ curl -X POST localhost:8000/service --verbose * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8000 (#0) > PUT /service HTTP/1.1 > Host: localhost:8000 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 403 Forbidden < date: Thu, 02 Jul 2020 06:46:13 GMT < server: envoy < content-length: 0 ================================================ FILE: docs/root/start/sandboxes/fault_injection.rst ================================================ .. _install_sandboxes_fault_injection: Fault Injection Filter ====================== This simple example demonstrates Envoy's :ref:`fault injection ` capability using Envoy's :ref:`runtime support ` to control the feature. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** Terminal 1 .. code-block:: console $ pwd envoy/examples/fault-injection $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------ fault-injection_backend_1 gunicorn -b 0.0.0.0:80 htt Up 0.0.0.0:8080->80/tcp fault-injection_envoy_1 /docker-entrypoint.sh /usr Up 10000/tcp, 0.0.0.0:9211->9211/tcp, 0.0.0.0:9901->9901/tcp Step 4: Start sending continuous stream of HTTP requests ******************************************************** Terminal 2 .. code-block:: console $ pwd envoy/examples/fault-injection $ docker-compose exec envoy bash $ bash send_request.sh The script above (``send_request.sh``) sends a continuous stream of HTTP requests to Envoy, which in turn forwards the requests to the backend container. Fauilt injection is configured in Envoy but turned off (i.e. affects 0% of requests). Consequently, you should see a continuous sequence of HTTP 200 response codes. Step 5: Test Envoy's abort fault injection ****************************************** Turn on *abort* fault injection via the runtime using the commands below. Terminal 3 .. code-block:: console $ docker-compose exec envoy bash $ bash enable_abort_fault_injection.sh The script above enables HTTP aborts for 100% of requests. So, you should now see a continuous sequence of HTTP 503 responses for all requests. To disable the abort injection: Terminal 3 .. code-block:: console $ bash disable_abort_fault_injection.sh Step 6: Test Envoy's delay fault injection ****************************************** Turn on *delay* fault injection via the runtime using the commands below. Terminal 3 .. code-block:: console $ docker-compose exec envoy bash $ bash enable_delay_fault_injection.sh The script above will add a 3-second delay to 50% of HTTP requests. You should now see a continuous sequence of HTTP 200 responses for all requests, but half of the requests will take 3 seconds to complete. To disable the delay injection: Terminal 3 .. code-block:: console $ bash disable_delay_fault_injection.sh Step 7: Check the current runtime filesystem ******************************************** To see the current runtime filesystem overview: Terminal 3 .. code-block:: console $ tree /srv/runtime ================================================ FILE: docs/root/start/sandboxes/front_proxy.rst ================================================ .. _install_sandboxes_front_proxy: Front Proxy =========== To get a flavor of what Envoy has to offer as a front proxy, we are releasing a `docker compose `_ sandbox that deploys a front Envoy and a couple of services (simple Flask apps) colocated with a running service Envoy. The three containers will be deployed inside a virtual network called ``envoymesh``. Below you can see a graphic showing the docker compose deployment: .. image:: /_static/docker_compose_front_proxy.svg :width: 100% All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the ``envoymesh`` network. Port ``8080``, ``8443``, and ``8001`` are exposed by docker compose (see :repo:`/examples/front-proxy/docker-compose.yaml`) to handle ``HTTP``, ``HTTPS`` calls to the services and requests to ``/admin`` respectively. Moreover, notice that all traffic routed by the front Envoy to the service containers is actually routed to the service Envoys (routes setup in :repo:`/examples/front-proxy/front-envoy.yaml`). In turn the service Envoys route the request to the Flask app via the loopback address (routes setup in :repo:`/examples/front-proxy/service-envoy.yaml`). This setup illustrates the advantage of running service Envoys collocated with your services: all requests are handled by the service Envoy, and efficiently routed to your services. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Start all of our containers *********************************** .. code-block:: console $ pwd envoy/examples/front-proxy $ docker-compose build --pull $ docker-compose up -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------------------------------ front-proxy_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:8001->8001/tcp, 0.0.0.0:8443->8443/tcp front-proxy_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp front-proxy_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp Step 4: Test Envoy's routing capabilities ***************************************** You can now send a request to both services via the ``front-envoy``. For ``service1``: .. code-block:: console $ curl -v localhost:8080/service/1 * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8080 (#0) > GET /service/1 HTTP/1.1 > Host: localhost:8080 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 92 < server: envoy < date: Mon, 06 Jul 2020 06:20:00 GMT < x-envoy-upstream-service-time: 2 < Hello from behind Envoy (service 1)! hostname: 36418bc3c824 resolvedhostname: 192.168.160.4 For ``service2``: .. code-block:: console $ curl -v localhost:8080/service/2 * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8080 (#0) > GET /service/2 HTTP/1.1 > Host: localhost:8080 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 92 < server: envoy < date: Mon, 06 Jul 2020 06:23:13 GMT < x-envoy-upstream-service-time: 2 < Hello from behind Envoy (service 2)! hostname: ea6165ee4fee resolvedhostname: 192.168.160.2 Notice that each request, while sent to the front Envoy, was correctly routed to the respective application. We can also use ``HTTPS`` to call services behind the front Envoy. For example, calling ``service1``: .. code-block:: console $ curl https://localhost:8443/service/1 -k -v * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305 * ALPN, server did not agree to a protocol * Server certificate: * subject: CN=front-envoy * start date: Jul 5 15:18:44 2020 GMT * expire date: Jul 5 15:18:44 2021 GMT * issuer: CN=front-envoy * SSL certificate verify result: self signed certificate (18), continuing anyway. > GET /service/1 HTTP/1.1 > Host: localhost:8443 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 92 < server: envoy < date: Mon, 06 Jul 2020 06:17:14 GMT < x-envoy-upstream-service-time: 3 < Hello from behind Envoy (service 1)! hostname: 36418bc3c824 resolvedhostname: 192.168.160.4 Step 5: Test Envoy's load balancing capabilities ************************************************ Now let's scale up our ``service1`` nodes to demonstrate the load balancing abilities of Envoy: .. code-block:: console $ docker-compose scale service1=3 Creating and starting example_service1_2 ... done Creating and starting example_service1_3 ... done Now if we send a request to ``service1`` multiple times, the front Envoy will load balance the requests by doing a round robin of the three ``service1`` machines: .. code-block:: console $ curl -v localhost:8080/service/1 * Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8080 (#0) > GET /service/1 HTTP/1.1 > Host: localhost:8080 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 92 < server: envoy < date: Mon, 06 Jul 2020 06:21:47 GMT < x-envoy-upstream-service-time: 6 < Hello from behind Envoy (service 1)! hostname: 3dc787578c23 resolvedhostname: 192.168.160.6 $ curl -v localhost:8080/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8080 (#0) > GET /service/1 HTTP/1.1 > Host: 192.168.99.100:8080 > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy < date: Fri, 26 Aug 2018 19:40:22 GMT < Hello from behind Envoy (service 1)! hostname: 3a93ece62129 resolvedhostname: 192.168.160.5 $ curl -v localhost:8080/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8080 (#0) > GET /service/1 HTTP/1.1 > Host: 192.168.99.100:8080 > User-Agent: curl/7.43.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy < date: Fri, 26 Aug 2018 19:40:24 GMT < x-envoy-protocol-version: HTTP/1.1 < Hello from behind Envoy (service 1)! hostname: 36418bc3c824 resolvedhostname: 192.168.160.4 Step 6: enter containers and curl services ****************************************** In addition of using ``curl`` from your host machine, you can also enter the containers themselves and ``curl`` from inside them. To enter a container you can use ``docker-compose exec /bin/bash``. For example we can enter the ``front-envoy`` container, and ``curl`` for services locally: .. code-block:: console $ docker-compose exec front-envoy /bin/bash root@81288499f9d7:/# curl localhost:8080/service/1 Hello from behind Envoy (service 1)! hostname: 85ac151715c6 resolvedhostname: 172.19.0.3 root@81288499f9d7:/# curl localhost:8080/service/1 Hello from behind Envoy (service 1)! hostname: 20da22cfc955 resolvedhostname: 172.19.0.5 root@81288499f9d7:/# curl localhost:8080/service/1 Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 root@81288499f9d7:/# curl localhost:8080/service/2 Hello from behind Envoy (service 2)! hostname: 92f4a3737bbc resolvedhostname: 172.19.0.2 Step 7: enter container and curl admin ************************************** When Envoy runs it also attaches an ``admin`` to your desired port. In the example configs the admin is bound to port ``8001``. We can ``curl`` it to gain useful information: - ``/server_info`` provides information about the Envoy version you are running. - ``/stats`` provides statistics about the Envoy server. In the example we can we can enter the ``front-envoy`` container to query admin: .. code-block:: console $ docker-compose exec front-envoy /bin/bash root@e654c2c83277:/# curl localhost:8001/server_info .. code-block:: json { "version": "093e2ffe046313242144d0431f1bb5cf18d82544/1.15.0-dev/Clean/RELEASE/BoringSSL", "state": "LIVE", "hot_restart_version": "11.104", "command_line_options": { "base_id": "0", "use_dynamic_base_id": false, "base_id_path": "", "concurrency": 8, "config_path": "/etc/front-envoy.yaml", "config_yaml": "", "allow_unknown_static_fields": false, "reject_unknown_dynamic_fields": false, "ignore_unknown_dynamic_fields": false, "admin_address_path": "", "local_address_ip_version": "v4", "log_level": "info", "component_log_level": "", "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v", "log_format_escaped": false, "log_path": "", "service_cluster": "front-proxy", "service_node": "", "service_zone": "", "drain_strategy": "Gradual", "mode": "Serve", "disable_hot_restart": false, "enable_mutex_tracing": false, "restart_epoch": 0, "cpuset_threads": false, "disabled_extensions": [], "bootstrap_version": 0, "hidden_envoy_deprecated_max_stats": "0", "hidden_envoy_deprecated_max_obj_name_len": "0", "file_flush_interval": "10s", "drain_time": "600s", "parent_shutdown_time": "900s" }, "uptime_current_epoch": "188s", "uptime_all_epochs": "188s" } .. code-block:: console root@e654c2c83277:/# curl localhost:8001/stats cluster.service1.external.upstream_rq_200: 7 ... cluster.service1.membership_change: 2 cluster.service1.membership_total: 3 ... cluster.service1.upstream_cx_http2_total: 3 ... cluster.service1.upstream_rq_total: 7 ... cluster.service2.external.upstream_rq_200: 2 ... cluster.service2.membership_change: 1 cluster.service2.membership_total: 1 ... cluster.service2.upstream_cx_http2_total: 1 ... cluster.service2.upstream_rq_total: 2 ... Notice that we can get the number of members of upstream clusters, number of requests fulfilled by them, information about http ingress, and a plethora of other useful stats. ================================================ FILE: docs/root/start/sandboxes/grpc_bridge.rst ================================================ .. _install_sandboxes_grpc_bridge: gRPC Bridge =========== Envoy gRPC ~~~~~~~~~~ The gRPC bridge sandbox is an example usage of Envoy's :ref:`gRPC bridge filter `. This is an example of a key-value store where an ``http``-based client CLI, written in ``Python``, updates a remote store, written in ``Go``, using the stubs generated for both languages. The client send messages through a proxy that upgrades the HTTP requests from ``http/1.1`` to ``http/2``. ``[client](http/1.1) -> [client-egress-proxy](http/2) -> [server-ingress-proxy](http/2) -> [server]`` Another Envoy feature demonstrated in this example is Envoy's ability to do authority base routing via its route configuration. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Generate the protocol stubs *********************************** A docker-compose file is provided that generates the stubs for both ``client`` and ``server`` from the specification in the ``protos`` directory. Inspecting the ``docker-compose-protos.yaml`` file, you will see that it contains both the ``python`` and ``go`` gRPC protoc commands necessary for generating the protocol stubs. Generate the stubs as follows: .. code-block:: console $ pwd envoy/examples/grpc-bridge $ docker-compose -f docker-compose-protos.yaml up Starting grpc-bridge_stubs_python_1 ... done Starting grpc-bridge_stubs_go_1 ... done Attaching to grpc-bridge_stubs_go_1, grpc-bridge_stubs_python_1 grpc-bridge_stubs_go_1 exited with code 0 grpc-bridge_stubs_python_1 exited with code 0 You may wish to clean up left over containers with the following command: .. code-block:: console $ docker container prune You can view the generated ``kv`` modules for both the client and server in their respective directories: .. code-block:: console $ ls -la client/kv/kv_pb2.py -rw-r--r-- 1 mdesales CORP\Domain Users 9527 Nov 6 21:59 client/kv/kv_pb2.py $ ls -la server/kv/kv.pb.go -rw-r--r-- 1 mdesales CORP\Domain Users 9994 Nov 6 21:59 server/kv/kv.pb.go These generated ``python`` and ``go`` stubs can be included as external modules. Step 4: Start all of our containers *********************************** To build this sandbox example and start the example services, run the following commands: .. code-block:: console $ pwd envoy/examples/grpc-bridge $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports --------------------------------------------------------------------------------------------------------------------------------------- grpc-bridge_grpc-client-proxy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:9911->9911/tcp, 0.0.0.0:9991->9991/tcp grpc-bridge_grpc-client_1 /bin/sh -c tail -f /dev/null Up grpc-bridge_grpc-server-proxy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8811->8811/tcp, 0.0.0.0:8881->8881/tcp grpc-bridge_grpc-server_1 /bin/sh -c /bin/server Up 0.0.0.0:8081->8081/tcp Sending requests to the Key/Value store ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To use the Python service and send gRPC requests: .. code-block:: console $ pwd envoy/examples/grpc-bridge Set a key: .. code-block:: console $ docker-compose exec python /client/client.py set foo bar setf foo to bar Get a key: .. code-block:: console $ docker-compose exec python /client/client.py get foo bar Modify an existing key: .. code-block:: console $ docker-compose exec python /client/client.py set foo baz setf foo to baz Get the modified key: .. code-block:: console $ docker-compose exec python /client/client.py get foo baz In the running docker-compose container, you should see the gRPC service printing a record of its activity: .. code-block:: console $ docker-compose logs grpc-server grpc_1 | 2017/05/30 12:05:09 set: foo = bar grpc_1 | 2017/05/30 12:05:12 get: foo grpc_1 | 2017/05/30 12:05:18 set: foo = baz ================================================ FILE: docs/root/start/sandboxes/jaeger_native_tracing.rst ================================================ .. _install_sandboxes_jaeger_native_tracing: Jaeger Native Tracing ===================== The Jaeger tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `Jaeger `_ as the tracing provider and Jaeger's native `C++ client `_ as a plugin. Using Jaeger with its native client instead of with Envoy's builtin Zipkin client has the following advantages: - Trace propagation will work with the other services using Jaeger without needing to make configuration `changes `_. - A variety of different `sampling strategies `_ can be used, including probabilistic or remote where sampling can be centrally controlled from Jaeger's backend. - Spans are sent to the collector in a more efficient binary encoding. This sandbox is very similar to the front proxy architecture described above, with one difference: service1 makes an API call to service2 before returning a response. The three containers will be deployed inside a virtual network called ``envoymesh``. .. note:: The jaeger native tracing sandbox only works on x86-64. All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the ``envoymesh`` network. Port ``8000`` is exposed by docker compose (see :repo:`/examples/jaeger-native-tracing/docker-compose.yaml`). Notice that all Envoys are configured to collect request traces (e.g., http_connection_manager/config/tracing setup in :repo:`/examples/jaeger-native-tracing/front-envoy-jaeger.yaml`) and setup to propagate the spans generated by the Jaeger tracer to a Jaeger cluster (trace driver setup in :repo:`/examples/jaeger-native-tracing/front-envoy-jaeger.yaml`). Before routing a request to the appropriate service Envoy or the application, Envoy will take care of generating the appropriate spans for tracing (parent/child context spans). At a high-level, each span records the latency of upstream API calls as well as information needed to correlate the span with other related spans (e.g., the trace ID). One of the most important benefits of tracing from Envoy is that it will take care of propagating the traces to the Jaeger service cluster. However, in order to fully take advantage of tracing, the application has to propagate trace headers that Envoy generates, while making calls to other services. In the sandbox we have provided, the simple flask app (see trace function in :repo:`/examples/front-proxy/service.py`) acting as service1 propagates the trace headers while making an outbound call to service2. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* To build this sandbox example, and start the example apps run the following commands: .. code-block:: console $ pwd envoy/examples/jaeger-native-tracing $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- jaeger-native-tracing_front-envoy_1 /start-front.sh Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp jaeger-native-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp jaeger-native-tracing_service1_1 /start-service.sh Up 10000/tcp, 8000/tcp jaeger-native-tracing_service2_1 /start-service.sh Up 10000/tcp, 8000/tcp Step 4: Generate some load ************************** You can now send a request to service1 via the front-envoy as follows: .. code-block:: console $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 > Host: 192.168.99.100:8000 > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 < x-envoy-upstream-service-time: 9 < server: envoy < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact Step 5: View the traces in Jaeger UI ************************************ Point your browser to http://localhost:16686 . You should see the Jaeger dashboard. Set the service to "front-proxy" and hit 'Find Traces'. You should see traces from the front-proxy. Click on a trace to explore the path taken by the request from front-proxy to service1 to service2, as well as the latency incurred at each hop. ================================================ FILE: docs/root/start/sandboxes/jaeger_tracing.rst ================================================ .. _install_sandboxes_jaeger_tracing: Jaeger Tracing ============== The Jaeger tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `Jaeger `_ as the tracing provider. This sandbox is very similar to the front proxy architecture described above, with one difference: service1 makes an API call to service2 before returning a response. The three containers will be deployed inside a virtual network called ``envoymesh``. All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the ``envoymesh`` network. Port ``8000`` is exposed by docker compose (see :repo:`/examples/jaeger-tracing/docker-compose.yaml`). Notice that all Envoys are configured to collect request traces (e.g., http_connection_manager/config/tracing setup in :repo:`/examples/jaeger-tracing/front-envoy-jaeger.yaml`) and setup to propagate the spans generated by the Jaeger tracer to a Jaeger cluster (trace driver setup in :repo:`/examples/jaeger-tracing/front-envoy-jaeger.yaml`). Before routing a request to the appropriate service Envoy or the application, Envoy will take care of generating the appropriate spans for tracing (parent/child context spans). At a high-level, each span records the latency of upstream API calls as well as information needed to correlate the span with other related spans (e.g., the trace ID). One of the most important benefits of tracing from Envoy is that it will take care of propagating the traces to the Jaeger service cluster. However, in order to fully take advantage of tracing, the application has to propagate trace headers that Envoy generates, while making calls to other services. In the sandbox we have provided, the simple flask app (see trace function in :repo:`/examples/front-proxy/service.py`) acting as service1 propagates the trace headers while making an outbound call to service2. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* To build this sandbox example, and start the example apps run the following commands: .. code-block:: console $ pwd envoy/examples/jaeger-tracing $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ jaeger-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp jaeger-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp jaeger-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp jaeger-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp Step 4: Generate some load ************************** You can now send a request to service1 via the front-envoy as follows: .. code-block:: console $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 > Host: 192.168.99.100:8000 > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 < x-envoy-upstream-service-time: 9 < server: envoy < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact Step 5: View the traces in Jaeger UI ************************************ Point your browser to http://localhost:16686 . You should see the Jaeger dashboard. Set the service to "front-proxy" and hit 'Find Traces'. You should see traces from the front-proxy. Click on a trace to explore the path taken by the request from front-proxy to service1 to service2, as well as the latency incurred at each hop. ================================================ FILE: docs/root/start/sandboxes/load_reporting_service.rst ================================================ .. _install_sandboxes_load_reporting_service: Load Reporting Service (LRS) ============================ This simple example demonstrates Envoy's Load Reporting Service (LRS) capability and how to use it. Lets say Cluster A (downstream) talks to Cluster B (Upstream) and Cluster C (Upstream). When enabling Load Report for Cluster A, LRS server should be sending LoadStatsResponse to Cluster A with LoadStatsResponse.Clusters to be B and C. LRS server will then receive LoadStatsRequests (with total requests, successful requests etc) from Cluster A to Cluster B and from Cluster A to Cluster C. In this example, all incoming requests are routed via Envoy to a simple goLang web server aka http_server. We scale up two containers and randomly send requests to each. Envoy is configured to initiate the connection with LRS Server. LRS Server enables the stats by sending LoadStatsResponse. Sending requests to http_server will be counted towards successful requests and will be visible in LRS Server logs. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* Terminal 1 :: $ pwd envoy/examples/load_reporting_service $ docker-compose pull $ docker-compose up --scale http_service=2 Terminal 2 :: $ pwd envoy/examples/load_reporting_service $ docker-compose ps Name Command State Ports -------------------------------------------------------------------------------------------------------------------------------------- load-reporting-service_http_service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 0.0.0.0:80->80/tcp, 0.0.0.0:8081->8081/tcp load-reporting-service_http_service_2 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 0.0.0.0:81->80/tcp, 0.0.0.0:8082->8081/tcp load-reporting-service_lrs_server_1 go run main.go Up 0.0.0.0:18000->18000/tcp Step 4: Start sending stream of HTTP requests ********************************************* Terminal 2 :: $ pwd envoy/examples/load_reporting_service $ bash send_requests.sh The script above (``send_requests.sh``) sends requests randomly to each Envoy, which in turn forwards the requests to the backend service. Step 5: See Envoy Stats *********************** You should see Terminal 1 :: ............................ lrs_server_1 | 2020/02/12 17:08:20 LRS Server is up and running on :18000 lrs_server_1 | 2020/02/12 17:08:23 Adding new cluster to cache `http_service` with node `0022a319e1e2` lrs_server_1 | 2020/02/12 17:08:24 Adding new node `2417806c9d9a` to existing cluster `http_service` lrs_server_1 | 2020/02/12 17:08:25 Creating LRS response for cluster http_service, node 2417806c9d9a with frequency 2 secs lrs_server_1 | 2020/02/12 17:08:25 Creating LRS response for cluster http_service, node 0022a319e1e2 with frequency 2 secs http_service_2 | 127.0.0.1 - - [12/Feb/2020 17:09:06] "GET /service HTTP/1.1" 200 - http_service_1 | 127.0.0.1 - - [12/Feb/2020 17:09:06] "GET /service HTTP/1.1" 200 - ............................ lrs_server_1 | 2020/02/12 17:09:07 Got stats from cluster `http_service` node `0022a319e1e2` - cluster_name:"local_service" upstream_locality_stats: total_successful_requests:21 total_issued_requests:21 > load_report_interval: lrs_server_1 | 2020/02/12 17:09:07 Got stats from cluster `http_service` node `2417806c9d9a` - cluster_name:"local_service" upstream_locality_stats: total_successful_requests:17 total_issued_requests:17 > load_report_interval: http_service_2 | 127.0.0.1 - - [12/Feb/2020 17:09:07] "GET /service HTTP/1.1" 200 - http_service_1 | 127.0.0.1 - - [12/Feb/2020 17:09:07] "GET /service HTTP/1.1" 200 - ............................ lrs_server_1 | 2020/02/12 17:09:09 Got stats from cluster `http_service` node `0022a319e1e2` - cluster_name:"local_service" upstream_locality_stats: total_successful_requests:3 total_issued_requests:3 > load_report_interval: lrs_server_1 | 2020/02/12 17:09:09 Got stats from cluster `http_service` node `2417806c9d9a` - cluster_name:"local_service" upstream_locality_stats: total_successful_requests:9 total_issued_requests:9 > load_report_interval: ================================================ FILE: docs/root/start/sandboxes/lua.rst ================================================ .. _install_sandboxes_lua: Lua Filter ========== In this example, we show how a Lua filter can be used with the Envoy proxy. The Envoy proxy configuration includes a Lua filter that contains two functions namely ``envoy_on_request(request_handle)`` and ``envoy_on_response(response_handle)`` as documented :ref:`here `. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* .. code-block:: console $ pwd envoy/examples/lua $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports -------------------------------------------------------------------------------------------------------------------- lua_proxy_1 /docker-entrypoint.sh /bin Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp lua_web_service_1 node ./index.js Up 0.0.0.0:8080->80/tcp Step 4: Send a request to the service ************************************* The output from the ``curl`` command below should include the headers ``foo``. Terminal 1 .. code-block:: console $ curl -v localhost:8000 Trying ::1... * TCP_NODELAY set * Connected to localhost (::1) port 8000 (#0) > GET / HTTP/1.1 > Host: localhost:8000 > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 200 OK < x-powered-by: Express < content-type: application/json; charset=utf-8 < content-length: 544 < etag: W/"220-IhsqVTh4HjcpuJQ3C+rEL1Cw1jA" < date: Thu, 31 Oct 2019 03:13:24 GMT < x-envoy-upstream-service-time: 1 < response-body-size: 544 <-- This is added to the response header by our Lua script. --< < server: envoy < { "path": "/", "headers": { "host": "localhost:8000", "user-agent": "curl/7.64.1", "accept": "*/*", "x-forwarded-proto": "http", "x-request-id": "a78fcce7-2d67-4eeb-890a-73eebb942a17", "foo": "bar", <-- This is added to the request header by our Lua script. --< "x-envoy-expected-rq-timeout-ms": "15000", "content-length": "0" }, "method": "GET", "body": "", "fresh": false, "hostname": "localhost", "ip": "::ffff:172.20.0.2", "ips": [], "protocol": "http", "query": {}, "subdomains": [], "xhr": false, "os": { "hostname": "7ca39ead805a" } * Connection #0 to host localhost left intact }* Closing connection 0 ================================================ FILE: docs/root/start/sandboxes/mysql.rst ================================================ .. _install_sandboxes_mysql: MySQL Filter ============ In this example, we show how the :ref:`MySQL filter ` can be used with the Envoy proxy. The Envoy proxy configuration includes a MySQL filter that parses queries and collects MySQL-specific metrics. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* Terminal 1 .. code-block:: console $ pwd envoy/examples/mysql $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------ mysql_mysql_1 docker-entrypoint.sh mysqld Up 0.0.0.0:3306->3306/tcp mysql_proxy_1 /docker-entrypoint.sh /bin Up 10000/tcp, 0.0.0.0:1999->1999/tcp, 0.0.0.0:8001->8001/tcp Step 4: Issue commands using mysql ********************************** Use ``mysql`` to issue some commands and verify they are routed via Envoy. Note that the current implementation of the protocol filter was tested with MySQL v5.5. It may, however, not work with other versions of MySQL due to differences in the protocol implementation. Terminal 1 .. code-block:: console $ docker run --rm -it --network envoymesh mysql:5.5 mysql -h envoy -P 1999 -u root ... snip ... mysql> CREATE DATABASE test; Query OK, 1 row affected (0.00 sec) mysql> USE test; Database changed mysql> CREATE TABLE test ( text VARCHAR(255) ); Query OK, 0 rows affected (0.01 sec) mysql> SELECT COUNT(*) FROM test; +----------+ | COUNT(*) | +----------+ | 0 | +----------+ 1 row in set (0.01 sec) mysql> INSERT INTO test VALUES ('hello, world!'); Query OK, 1 row affected (0.00 sec) mysql> SELECT COUNT(*) FROM test; +----------+ | COUNT(*) | +----------+ | 1 | +----------+ 1 row in set (0.00 sec) mysql> exit Bye Step 5: Check egress stats ************************** Check egress stats were updated. Terminal 1 .. code-block:: console $ curl -s http://localhost:8001/stats?filter=egress_mysql mysql.egress_mysql.auth_switch_request: 0 mysql.egress_mysql.decoder_errors: 0 mysql.egress_mysql.login_attempts: 1 mysql.egress_mysql.login_failures: 0 mysql.egress_mysql.protocol_errors: 0 mysql.egress_mysql.queries_parse_error: 0 mysql.egress_mysql.queries_parsed: 7 mysql.egress_mysql.sessions: 1 mysql.egress_mysql.upgraded_to_ssl: 0 Step 6: Check TCP stats *********************** Check TCP stats were updated. Terminal 1 .. code-block:: console $ curl -s http://localhost:8001/stats?filter=mysql_tcp tcp.mysql_tcp.downstream_cx_no_route: 0 tcp.mysql_tcp.downstream_cx_rx_bytes_buffered: 0 tcp.mysql_tcp.downstream_cx_rx_bytes_total: 347 tcp.mysql_tcp.downstream_cx_total: 1 tcp.mysql_tcp.downstream_cx_tx_bytes_buffered: 0 tcp.mysql_tcp.downstream_cx_tx_bytes_total: 702 tcp.mysql_tcp.downstream_flow_control_paused_reading_total: 0 tcp.mysql_tcp.downstream_flow_control_resumed_reading_total: 0 tcp.mysql_tcp.idle_timeout: 0 tcp.mysql_tcp.upstream_flush_active: 0 tcp.mysql_tcp.upstream_flush_total: 0 ================================================ FILE: docs/root/start/sandboxes/redis.rst ================================================ .. _install_sandboxes_redis_filter: Redis Filter ============ In this example, we show how a :ref:`Redis filter ` can be used with the Envoy proxy. The Envoy proxy configuration includes a Redis filter that routes egress requests to redis server. Running the Sandboxes ~~~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* Terminal 1 .. code-block:: console $ pwd envoy/examples/redis $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------ redis_proxy_1 /docker-entrypoint.sh /bin Up 10000/tcp, 0.0.0.0:1999->1999/tcp, 0.0.0.0:8001->8001/tcp redis_redis_1 docker-entrypoint.sh redis Up 0.0.0.0:6379->6379/tcp Step 4: Issue Redis commands **************************** Issue Redis commands using your favourite Redis client, such as ``redis-cli``, and verify they are routed via Envoy. Terminal 1 .. code-block:: console $ redis-cli -h localhost -p 1999 set foo foo OK $ redis-cli -h localhost -p 1999 set bar bar OK $ redis-cli -h localhost -p 1999 get foo "foo" $ redis-cli -h localhost -p 1999 get bar "bar" Step 5: Verify egress stats *************************** Go to ``http://localhost:8001/stats?usedonly&filter=redis.egress_redis.command`` and verify the following stats: .. code-block:: none redis.egress_redis.command.get.total: 2 redis.egress_redis.command.set.total: 2 ================================================ FILE: docs/root/start/sandboxes/zipkin_tracing.rst ================================================ .. _install_sandboxes_zipkin_tracing: Zipkin Tracing ============== The Zipkin tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `Zipkin `_ as the tracing provider. This sandbox is very similar to the front proxy architecture described above, with one difference: service1 makes an API call to service2 before returning a response. The three containers will be deployed inside a virtual network called ``envoymesh``. All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the ``envoymesh`` network. Port ``8000`` is exposed by docker compose (see :repo:`/examples/zipkin-tracing/docker-compose.yaml`). Notice that all Envoys are configured to collect request traces (e.g., http_connection_manager/config/tracing setup in :repo:`/examples/zipkin-tracing/front-envoy-zipkin.yaml`) and setup to propagate the spans generated by the Zipkin tracer to a Zipkin cluster (trace driver setup in :repo:`/examples/zipkin-tracing/front-envoy-zipkin.yaml`). Before routing a request to the appropriate service Envoy or the application, Envoy will take care of generating the appropriate spans for tracing (parent/child/shared context spans). At a high-level, each span records the latency of upstream API calls as well as information needed to correlate the span with other related spans (e.g., the trace ID). One of the most important benefits of tracing from Envoy is that it will take care of propagating the traces to the Zipkin service cluster. However, in order to fully take advantage of tracing, the application has to propagate trace headers that Envoy generates, while making calls to other services. In the sandbox we have provided, the simple flask app (see trace function in :repo:`/examples/front-proxy/service.py`) acting as service1 propagates the trace headers while making an outbound call to service2. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ .. include:: _include/docker-env-setup.rst Step 3: Build the sandbox ************************* To build this sandbox example, and start the example apps run the following commands: .. code-block:: console $ pwd envoy/examples/zipkin-tracing $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps Name Command State Ports ----------------------------------------------------------------------------------------------------------------------------- zipkin-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp, 0.0.0.0:8001->8001/tcp zipkin-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp zipkin-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 8000/tcp zipkin-tracing_zipkin_1 /busybox/sh run.sh Up 9410/tcp, 0.0.0.0:9411->9411/tcp Step 4: Generate some load ************************** You can now send a request to service1 via the front-envoy as follows: .. code-block:: console $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 > Host: 192.168.99.100:8000 > User-Agent: curl/7.43.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact Step 5: View the traces in Zipkin UI ************************************ Point your browser to http://localhost:9411 . You should see the Zipkin dashboard. Set the service to "front-proxy" and set the start time to a few minutes before the start of the test (step 2) and hit enter. You should see traces from the front-proxy. Click on a trace to explore the path taken by the request from front-proxy to service1 to service2, as well as the latency incurred at each hop. ================================================ FILE: docs/root/start/start.rst ================================================ .. _start: Getting Started =============== This section gets you started with a very simple configuration and provides some example configurations. The fastest way to get started using Envoy is :ref:`installing pre-built binaries `. You can also :ref:`build it ` from source. These examples use the :ref:`v3 Envoy API `, but use only the static configuration feature of the API, which is most useful for simple requirements. For more complex requirements :ref:`Dynamic Configuration ` is supported. Quick Start to Run Simple Example --------------------------------- These instructions run from files in the Envoy repo. The sections below give a more detailed explanation of the configuration file and execution steps for the same configuration. A very minimal Envoy configuration that can be used to validate basic plain HTTP proxying is available in :repo:`configs/google_com_proxy.v2.yaml`. This is not intended to represent a realistic Envoy deployment: .. substitution-code-block:: none $ docker pull envoyproxy/|envoy_docker_image| $ docker run --rm -d -p 10000:10000 envoyproxy/|envoy_docker_image| $ curl -v localhost:10000 The Docker image used will contain the latest version of Envoy and a basic Envoy configuration. This basic configuration tells Envoy to route incoming requests to \*.google.com. Simple Configuration -------------------- Envoy can be configured using a single YAML file passed in as an argument on the command line. The :ref:`admin message ` is required to configure the administration server. The `address` key specifies the listening :ref:`address ` which in this case is simply `0.0.0.0:9901`. .. code-block:: yaml admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 0.0.0.0, port_value: 9901 } The :ref:`static_resources ` contains everything that is configured statically when Envoy starts, as opposed to the means of configuring resources dynamically when Envoy is running. The :ref:`v2 API Overview ` describes this. .. code-block:: yaml static_resources: The specification of the :ref:`listeners `. .. code-block:: yaml listeners: - name: listener_0 address: socket_address: { address: 0.0.0.0, port_value: 10000 } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/" } route: { host_rewrite_literal: www.google.com, cluster: service_google } http_filters: - name: envoy.filters.http.router The specification of the :ref:`clusters `. .. code-block:: yaml clusters: - name: service_google connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_google endpoints: - lb_endpoints: - endpoint: address: socket_address: address: www.google.com port_value: 443 transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: www.google.com Using the Envoy Docker Image ---------------------------- Create a simple Dockerfile to execute Envoy, which assumes that envoy.yaml (described above) is in your local directory. You can refer to the :ref:`Command line options `. .. substitution-code-block:: none FROM envoyproxy/|envoy_docker_image| COPY envoy.yaml /etc/envoy/envoy.yaml Build the Docker image that runs your configuration using:: $ docker build -t envoy:v1 . And now you can execute it with:: $ docker run -d --name envoy -p 9901:9901 -p 10000:10000 envoy:v1 And finally, test it using:: $ curl -v localhost:10000 If you would like to use Envoy with docker-compose you can overwrite the provided configuration file by using a volume. .. substitution-code-block: yaml version: '3' services: envoy: image: envoyproxy/|envoy_docker_image| ports: - "10000:10000" volumes: - ./envoy.yaml:/etc/envoy/envoy.yaml By default the Docker image will run as the ``envoy`` user created at build time. The ``uid`` and ``gid`` of this user can be set at runtime using the ``ENVOY_UID`` and ``ENVOY_GID`` environment variables. This can be done, for example, on the Docker command line:: $ docker run -d --name envoy -e ENVOY_UID=777 -e ENVOY_GID=777 -p 9901:9901 -p 10000:10000 envoy:v1 This can be useful if you wish to restrict or provide access to ``unix`` sockets inside the container, or for controlling access to an ``envoy`` socket from outside of the container. If you wish to run the container as the ``root`` user you can set ``ENVOY_UID`` to ``0``. The ``envoy`` image sends application logs to ``/dev/stdout`` and ``/dev/stderr`` by default, and these can be viewed in the container log. If you send application, admin or access logs to a file output, the ``envoy`` user will require the necessary permissions to write to this file. This can be achieved by setting the ``ENVOY_UID`` and/or by making the file writeable by the envoy user. For example, to mount a log folder from the host and make it writable, you can: .. substitution-code-block:: none $ mkdir logs $ chown 777 logs $ docker run -d -v `pwd`/logs:/var/log --name envoy -e ENVOY_UID=777 -p 9901:9901 -p 10000:10000 envoy:v1 You can then configure ``envoy`` to log to files in ``/var/log`` The default ``envoy`` ``uid`` and ``gid`` are ``101``. The ``envoy`` user also needs to have permission to access any required configuration files mounted into the container. If you are running in an environment with a strict ``umask`` setting, you may need to provide envoy with access either by setting the ``uid`` or ``gid`` of the file, or by making the configuration file readable by the envoy user. One method of doing this without changing any file permissions or running as root inside the container is to start the container with the host user's ``uid``, for example: .. substitution-code-block:: none $ docker run -d --name envoy -e ENVOY_UID=`id -u` -p 9901:9901 -p 10000:10000 envoy:v1 Sandboxes --------- We've created a number of sandboxes using Docker Compose that set up different environments to test out Envoy's features and show sample configurations. As we gauge peoples' interests we will add more sandboxes demonstrating different features. The following sandboxes are available: .. toctree:: :maxdepth: 2 sandboxes/cache sandboxes/cors sandboxes/csrf sandboxes/ext_authz sandboxes/fault_injection sandboxes/front_proxy sandboxes/grpc_bridge sandboxes/jaeger_native_tracing sandboxes/jaeger_tracing sandboxes/load_reporting_service sandboxes/lua sandboxes/mysql sandboxes/redis sandboxes/zipkin_tracing ================================================ FILE: docs/root/version_history/current.rst ================================================ 1.16.0 (October 8, 2020) ======================== Incompatible Behavior Changes ----------------------------- *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* * build: added visibility rules for upstream. If these cause visibility related breakage, see notes in :repo:`BUILD `. * build: tcmalloc changes require Clang 9. This requirement change can be avoided by building with `--define tcmalloc=gperftools` to use the older tcmalloc code. * config: additional warnings have been added for the use of v2 APIs. These appear as log messages and are also captured in the :ref:`deprecated_feature_use ` counter after server initialization. * dns: `envoy.restart_features.use_apple_api_for_dns_lookups` is on by default. This flag only affects Apple platforms (macOS, iOS). It is incompatible to have the runtime flag set to true at the same time as specifying the ``use_tcp_for_dns_lookups`` option or custom dns resolvers. Doing so will cause failure. * watchdog: added two guarddogs, breaking the aggregated stats for the single guarddog system. The aggregated stats for the guarddogs will have the following prefixes: `main_thread` and `workers`. Concretely, anything monitoring `server.watchdog_miss` and `server.watchdog_mega_miss` will need to be updated. Minor Behavior Changes ---------------------- *Changes that may cause incompatibilities for some users, but should not for most* * adaptive concurrency: added a response body / grpc-message header for rejected requests. * async_client: minor change to handling header only responses more similar to header-with-empty-body responses. * build: an :ref:`Ubuntu based debug image ` is built and published in DockerHub. * build: the debug information will be generated separately to reduce target size and reduce compilation time when build in compilation mode `dbg` and `opt`. Users will need to build dwp file to debug with gdb. * compressor: always insert `Vary` headers for compressible resources even if it's decided not to compress a response due to incompatible `Accept-Encoding` value. The `Vary` header needs to be inserted to let a caching proxy in front of Envoy know that the requested resource still can be served with compression applied. * decompressor: headers-only requests were incorrectly not advertising accept-encoding when configured to do so. This is now fixed. * ext_authz filter: request timeout will now count from the time the check request is created, instead of when it becomes active. This makes sure that the timeout is enforced even if the ext_authz cluster's circuit breaker is engaged. This behavior can be reverted by setting runtime feature `envoy.reloadable_features.ext_authz_measure_timeout_on_check_created` to false. When enabled, a new `ext_authz.timeout` stat is counted when timeout occurs. See :ref:`stats `. * grpc reverse bridge: upstream headers will no longer be propagated when the response is missing or contains an unexpected content-type. * http: added :ref:`contains `, a new string matcher type which matches if the value of the string has the substring mentioned in contains matcher. * http: added :ref:`contains `, a new header matcher type which matches if the value of the header has the substring mentioned in contains matcher. * http: added :ref:`headers_to_add ` to :ref:`local reply mapper ` to allow its users to add/append/override response HTTP headers to local replies. * http: added HCM level configuration of :ref:`error handling on invalid messaging ` which substantially changes Envoy's behavior when encountering invalid HTTP/1.1 defaulting to closing the connection instead of allowing reuse. This can temporarily be reverted by setting `envoy.reloadable_features.hcm_stream_error_on_invalid_message` to false, or permanently reverted by setting the HTTP/1 configuration :ref:`override_stream_error_on_invalid_http_message ` to true to restore prior HTTP/1.1 behavior (i.e. connection isn't terminated) and to retain prior HTTP/2 behavior (i.e. connection is terminated). * http: added HCM level configuration of :ref:`error handling on invalid messaging ` which substantially changes Envoy's behavior when encountering invalid HTTP/1.1 defaulting to closing the connection instead of allowing reuse. This can temporarily be reverted by setting `envoy.reloadable_features.hcm_stream_error_on_invalid_message` to false, or permanently reverted by setting the :ref:`HCM option ` to true to restore prior HTTP/1.1 beavior and setting the *new* HTTP/2 configuration :ref:`override_stream_error_on_invalid_http_message ` to false to retain prior HTTP/2 behavior. * http: applying route level header modifications to local replies sent on that route. This behavior may be temporarily reverted by setting `envoy.reloadable_features.always_apply_route_header_rules` to false. * http: changed Envoy to send GOAWAY to HTTP2 downstreams when the :ref:`disable_keepalive ` overload action is active. This behavior may be temporarily reverted by setting `envoy.reloadable_features.overload_manager_disable_keepalive_drain_http2` to false. * http: changed Envoy to send error headers and body when possible. This behavior may be temporarily reverted by setting `envoy.reloadable_features.allow_response_for_timeout` to false. * http: changed empty trailers encoding behavior by sending empty data with ``end_stream`` true (instead of sending empty trailers) for HTTP/2. This behavior can be reverted temporarily by setting runtime feature `envoy.reloadable_features.http2_skip_encoding_empty_trailers` to false. * http: changed how local replies are processed for requests which transform from grpc to not-grpc, or not-grpc to grpc. Previously the initial generated reply depended on which filter sent the reply, but now the reply is consistently generated the way the downstream expects. This behavior can be temporarily reverted by setting `envoy.reloadable_features.unify_grpc_handling` to false. * http: clarified and enforced 1xx handling. Multiple 100-continue headers are coalesced when proxying. 1xx headers other than {100, 101} are dropped. * http: fixed a bug in access logs where early stream termination could be incorrectly tagged as a downstream disconnect, and disconnects after partial response were not flagged. * http: fixed the 100-continue response path to properly handle upstream failure by sending 5xx responses. This behavior can be temporarily reverted by setting `envoy.reloadable_features.allow_500_after_100` to false. * http: the per-stream FilterState maintained by the HTTP connection manager will now provide read/write access to the downstream connection FilterState. As such, code that relies on interacting with this might see a change in behavior. * logging: added fine-grain logging for file level log control with logger management at administration interface. It can be enabled by option :option:`--enable-fine-grain-logging`. * logging: changed default log format to `"[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"` and default value of :option:`--log-format-prefix-with-location` to `0`. * logging: nghttp2 log messages no longer appear at trace level unless `ENVOY_NGHTTP2_TRACE` is set in the environment. * lua: changed the response body returned by `httpCall()` API to raw data. Previously, the returned data was string. * memory: switched to the `new tcmalloc `_ for linux_x86_64 builds. The `old tcmalloc `_ can still be enabled with the `--define tcmalloc=gperftools` option. * postgres: changed log format to tokenize fields of Postgres messages. * router: added transport failure reason to response body when upstream reset happens. After this change, the response body will be of the form `upstream connect error or disconnect/reset before headers. reset reason:{}, transport failure reason:{}`.This behavior may be reverted by setting runtime feature `envoy.reloadable_features.http_transport_failure_reason_in_body` to false. * router: now consumes all retry related headers to prevent them from being propagated to the upstream. This behavior may be reverted by setting runtime feature `envoy.reloadable_features.consume_all_retry_headers` to false. * stats: the fake symbol table implemention has been removed from the binary, and the option `--use-fake-symbol-table` is now a no-op with a warning. * thrift_proxy: special characters {'\0', '\r', '\n'} will be stripped from thrift headers. * watchdog: replaced single watchdog with separate watchdog configuration for worker threads and for the main thread configured via :ref:`Watchdogs`. It works with :ref:`watchdog` by having the worker thread and main thread watchdogs have same config. Bug Fixes --------- *Changes expected to improve the state of the world and are unlikely to have negative effects* * csrf: fixed issues with regards to origin and host header parsing. * dynamic_forward_proxy: only perform DNS lookups for routes to Dynamic Forward Proxy clusters since other cluster types handle DNS lookup themselves. * fault: fixed an issue with `active_faults` gauge not being decremented for when abort faults were injected. * fault: made the HeaderNameValues::prefix() method const. * grpc-web: fixed an issue with failing HTTP/2 requests on some browsers. Notably, WebKit-based browsers (https://bugs.webkit.org/show_bug.cgi?id=210108), Internet Explorer 11, and Edge (pre-Chromium). * http: fixed CVE-2020-25018 by rolling back the ``GURL`` dependency to previous state (reverted: ``2d69e30``, ``d828958``, and ``c9c4709`` commits) due to potential of crashing when Unicode URIs are present in requests. * http: fixed bugs in datadog and squash filter's handling of responses with no bodies. * http: made the HeaderValues::prefix() method const. * jwt_authn: supports jwt payload without "iss" field. * listener: fixed crash at listener inplace update when connetion load balancer is set. * rocketmq_proxy: fixed an issue involving incorrect header lengths. In debug mode it causes crash and in release mode it causes underflow. * thrift_proxy: fixed crashing bug on request overflow. * udp_proxy: fixed a crash due to UDP packets being processed after listener removal. Removed Config or Runtime ------------------------- *Normally occurs at the end of the* :ref:`deprecation period ` * http: removed legacy header sanitization and the runtime guard `envoy.reloadable_features.strict_header_validation`. * http: removed legacy transfer-encoding enforcement and runtime guard `envoy.reloadable_features.reject_unsupported_transfer_encodings`. * http: removed configurable strict host validation and runtime guard `envoy.reloadable_features.strict_authority_validation`. * http: removed the connection header sanitization runtime guard `envoy.reloadable_features.connection_header_sanitization`. New Features ------------ * access log: added a :ref:`dynamic metadata filter` for access logs, which filters whether to log based on matching dynamic metadata. * access log: added support for :ref:`%DOWNSTREAM_PEER_FINGERPRINT_1% ` as a response flag. * access log: added support for :ref:`%CONNECTION_TERMINATION_DETAILS% ` as a log command operator about why the connection is terminated by Envoy. * access log: added support for nested objects in :ref:`JSON logging mode `. * access log: added :ref:`omit_empty_values` option to omit unset value from formatted log. * access log: added support for :ref:`%CONNECTION_ID% ` for the downstream connection identifier. * admin: added :ref:`circuit breakers settings ` information to GET /clusters?format=json :ref:`cluster status `. * admin: added :ref:`node ` information to GET /server_info :ref:`response object `. * admin: added the ability to dump init manager unready targets information :ref:`/init_dump ` and :ref:`/init_dump?mask={} `. * admission control: added the :ref:`admission control ` filter for client-side request throttling. * build: enable building envoy :ref:`arm64 images ` by buildx tool in x86 CI platform. * cluster: added new :ref:`connection_pool_per_downstream_connection ` flag, which enable creation of a new connection pool for each downstream connection. * decompressor filter: reports compressed and uncompressed bytes in trailers. * dns: added support for doing DNS resolution using Apple's DnsService APIs in Apple platforms (macOS, iOS). This feature is ON by default, and is only configurable via the `envoy.restart_features.use_apple_api_for_dns_lookups` runtime key. Note that this value is latched during server startup and changing the runtime key is a no-op during the lifetime of the process. * dns_filter: added support for answering :ref:`service record` queries. * dynamic_forward_proxy: added :ref:`use_tcp_for_dns_lookups` option to use TCP for DNS lookups in order to match the DNS options for :ref:`Clusters`. * ext_authz filter: added support for emitting dynamic metadata for both :ref:`HTTP ` and :ref:`network ` filters. The emitted dynamic metadata is set by :ref:`dynamic metadata ` field in a returned :ref:`CheckResponse `. * ext_authz filter: added :ref:`stat_prefix ` as an optional additional prefix for the statistics emitted from `ext_authz` HTTP filter. * ext_authz filter: added support for enabling the filter based on :ref:`dynamic metadata `. * ext_authz filter: added support for letting the authorization server instruct Envoy to remove headers from the original request by setting the new field :ref:`headers_to_remove ` before forwarding it to the upstream. * ext_authz filter: added support for sending :ref:`raw bytes as request body ` of a gRPC check request by setting :ref:`pack_as_bytes ` to true. * ext_authz_filter: added :ref:`disable_request_body_buffering ` to disable request data buffering per-route. * grpc-json: support specifying `response_body` field in for `google.api.HttpBody` message. * hds: added :ref:`cluster_endpoints_health ` to HDS responses, keeping endpoints in the same groupings as they were configured in the HDS specifier by cluster and locality instead of as a flat list. * hds: added :ref:`transport_socket_matches ` to HDS cluster health check specifier, so the existing match filter :ref:`transport_socket_match_criteria ` in the repeated field :ref:`health_checks ` has context to match against. This unblocks support for health checks over HTTPS and HTTP/2. * hot restart: added :option:`--socket-path` and :option:`--socket-mode` to configure UDS path in the filesystem and set permission to it. * http: added HTTP/2 support for :ref:`connection keepalive ` via PING. * http: added support for :ref:`%DOWNSTREAM_PEER_FINGERPRINT_1% ` as custom header. * http: added :ref:`allow_chunked_length ` configuration option for HTTP/1 codec to allow processing requests/responses with both Content-Length and Transfer-Encoding: chunked headers. If such message is served and option is enabled - per RFC Content-Length is ignored and removed. * http: added :ref:`CDN Loop filter ` and :ref:`documentation `. * http: added :ref:`MaxStreamDuration proto ` for configuring per-route downstream duration timeouts. * http: introduced new HTTP/1 and HTTP/2 codec implementations that will remove the use of exceptions for control flow due to high risk factors and instead use error statuses. The old behavior is used by default for HTTP/1.1 and HTTP/2 server connections. The new codecs can be enabled for testing by setting the runtime feature `envoy.reloadable_features.new_codec_behavior` to true. The new codecs will be in development for one month, and then enabled by default while the old codecs are deprecated. * http: modified the HTTP header-map data-structure to use an underlying dictionary and a list (no change to the header-map API). To conform with previous versions, the use of a dictionary is currently disabled. It can be enabled by setting the `envoy.http.headermap.lazy_map_min_size` runtime feature to a non-negative number which defines the minimal number of headers in a request/response/trailers required for using a dictionary in addition to the list. Our current benchmarks suggest that the value 3 is a good threshold for most workloads. * load balancer: added :ref:`RingHashLbConfig` to configure the table size of Maglev consistent hash. * load balancer: added a :ref:`configuration` option to specify the active request bias used by the least request load balancer. * load balancer: added an :ref:`option ` to optimize subset load balancing when there is only one host per subset. * load balancer: added support for bounded load per host for consistent hash load balancers via :ref:`hash_balance_factor `. * local_ratelimit: added new :ref:`HTTP local ratelimit filter `. * local_reply config: added :ref:`content_type` field to set content-type. * lua: added Lua APIs to access :ref:`SSL connection info ` object. * lua: added Lua API for :ref:`base64 escaping a string `. * lua: added Lua API for :ref:`setting the current buffer content `. * lua: added new :ref:`source_code ` field to support the dispatching of inline Lua code in per route configuration of Lua filter. * overload management: add :ref:`scaling ` trigger for OverloadManager actions. * postgres network filter: :ref:`metadata ` is produced based on SQL query. * proxy protocol: added support for generating the header upstream using :ref:`Proxy Protocol Transport Socket `. * ratelimit: added :ref:`enable_x_ratelimit_headers ` option to enable `X-RateLimit-*` headers as defined in `draft RFC `_. * ratelimit: added :ref:`per route config ` for rate limit filter. * ratelimit: added support for optional :ref:`descriptor_key ` to Generic Key action. * rbac filter: added the name of the matched policy to the response code detail when a request is rejected by the RBAC filter. * rbac filter: added a log action to the :ref:`RBAC filter ` which sets dynamic metadata to inform access loggers whether to log. * redis: added fault injection support :ref:`fault injection for redis proxy `, described further in :ref:`configuration documentation `. * router: added a new :ref:`rate limited retry back off ` strategy that uses headers like `Retry-After` or `X-RateLimit-Reset` to decide the back off interval. * router: added new :ref:`envoy-ratelimited` retry policy, which allows retrying envoy's own rate limited responses. * router: added new :ref:`host_rewrite_path_regex ` option, which allows rewriting Host header based on path. * router: added support for DYNAMIC_METADATA :ref:`header formatter `. * router_check_tool: added support for `request_header_matches`, `response_header_matches` to :ref:`router check tool `. * signal: added support for calling fatal error handlers without envoy's signal handler, via FatalErrorHandler::callFatalErrorHandlers(). * stats: added optional histograms to :ref:`cluster stats ` that track headers and body sizes of requests and responses. * stats: allow configuring histogram buckets for stats sinks and admin endpoints that support it. * tap: added :ref:`generic body matcher` to scan http requests and responses for text or hex patterns. * tcp_proxy: added :ref:`max_downstream_connection_duration` for downstream connection. When max duration is reached the connection will be closed. * tcp_proxy: allow earlier network filters to set metadataMatchCriteria on the connection StreamInfo to influence load balancing. * tls: added OCSP stapling support through the :ref:`ocsp_staple ` and :ref:`ocsp_staple_policy ` configuration options. See :ref:`OCSP Stapling ` for usage and runtime flags. * tls: introduce new :ref:`extension point` for overriding :ref:`TLS handshaker ` behavior. * tls: switched from using socket BIOs to using custom BIOs that know how to interact with IoHandles. The feature can be disabled by setting runtime feature `envoy.reloadable_features.tls_use_io_handle_bio` to false. * tracing: added ability to set some :ref:`optional segment fields` in the AWS X-Ray tracer. * udp_proxy: added :ref:`hash_policies ` to support hash based routing. * udp_proxy: added :ref:`use_original_src_ip ` option to replicate the downstream remote address of the packets on the upstream side of Envoy. It is similar to :ref:`original source filter `. * watchdog: support randomizing the watchdog's kill timeout to prevent synchronized kills via a maximium jitter parameter :ref:`max_kill_timeout_jitter`. * watchdog: supports an extension point where actions can be registered to fire on watchdog events such as miss, megamiss, kill and multikill. See :ref:`watchdog actions`. * watchdog: watchdog action extension that does cpu profiling. See :ref:`Profile Action `. * watchdog: watchdog action extension that sends SIGABRT to the stuck thread to terminate the process. See :ref:`Abort Action `. * xds: added :ref:`extension config discovery` support for HTTP filters. * xds: added support for mixed v2/v3 discovery response, which enable type url downgrade and upgrade. This feature is disabled by default and is controlled by runtime guard `envoy.reloadable_features.enable_type_url_downgrade_and_upgrade`. * zlib: added option to use `zlib-ng `_ as zlib library. Deprecated ---------- * build: alpine based debug image is deprecated in favor of :ref:`Ubuntu based debug image `. * cluster: the :ref:`track_timeout_budgets ` field has been deprecated in favor of `timeout_budgets` part of an :ref:`Optional Configuration `. * ext_authz: the :ref:`dynamic metadata ` field in :ref:`OkHttpResponse ` has been deprecated in favor of :ref:`dynamic metadata ` field in :ref:`CheckResponse `. * hds: the :ref:`endpoints_health ` field has been deprecated in favor of :ref:`cluster_endpoints_health ` to maintain grouping by cluster and locality. * router: the :ref:`include_vh_rate_limits ` field has been deprecated in favor of :ref:`vh_rate_limits `. * router: the :ref:`max_grpc_timeout ` field has been deprecated in favor of :ref:`grpc_timeout_header_max `. * router: the :ref:`grpc_timeout_offset ` field has been deprecated in favor of :ref:`grpc_timeout_header_offset `. * tap: the :ref:`match_config ` field has been deprecated in favor of :ref:`match ` field. * router_check_tool: `request_header_fields`, `response_header_fields` config deprecated in favor of `request_header_matches`, `response_header_matches`. * watchdog: :ref:`watchdog ` deprecated in favor of :ref:`watchdogs `. ================================================ FILE: docs/root/version_history/v1.0.0.rst ================================================ 1.0.0 (September 12, 2016) ========================== Changes ------- Initial open source release. ================================================ FILE: docs/root/version_history/v1.1.0.rst ================================================ 1.1.0 (November 30, 2016) ========================= Changes ------- * Switch from Jannson to RapidJSON for our JSON library (allowing for a configuration schema in 1.2.0). * Upgrade :ref:`recommended version ` of various other libraries. * Configurable DNS refresh rate for DNS service discovery types. * Upstream circuit breaker configuration can be :ref:`overridden via runtime `. * :ref:`Zone aware routing support `. * Generic header matching routing rule. * HTTP/2 graceful connection draining (double GOAWAY). * DynamoDB filter :ref:`per shard statistics ` (pre-release AWS feature). * Initial release of the :ref:`fault injection HTTP filter `. * HTTP :ref:`rate limit filter ` enhancements (note that the configuration for HTTP rate limiting is going to be overhauled in 1.2.0). * Added :ref:`refused-stream retry policy `. * Multiple :ref:`priority queues ` for upstream clusters (configurable on a per route basis, with separate connection pools, circuit breakers, etc.). * Added max connection circuit breaking to the :ref:`TCP proxy filter `. * Added :ref:`CLI ` options for setting the logging file flush interval as well as the drain/shutdown time during hot restart. * A very large number of performance enhancements for core HTTP/TCP proxy flows as well as a few new configuration flags to allow disabling expensive features if they are not needed (specifically request ID generation and dynamic response code stats). * Support Mongo 3.2 in the :ref:`Mongo sniffing filter `. * Lots of other small fixes and enhancements not listed. ================================================ FILE: docs/root/version_history/v1.10.0.rst ================================================ 1.10.0 (Apr 5, 2019) ==================== Changes ------- * access log: added a new flag for upstream retry count exceeded. * access log: added a :ref:`gRPC filter ` to allow filtering on gRPC status. * access log: added a new flag for stream idle timeout. * access log: added a new field for upstream transport failure reason in :ref:`file access logger` and :ref:`gRPC access logger` for HTTP access logs. * access log: added new fields for downstream x509 information (URI sans and subject) to file and gRPC access logger. * admin: the admin server can now be accessed via HTTP/2 (prior knowledge). * admin: changed HTTP response status code from 400 to 405 when attempting to GET a POST-only route (such as /quitquitquit). * buffer: fix vulnerabilities when allocation fails. * build: releases are built with GCC-7 and linked with LLD. * build: dev docker images :ref:`have been split ` from tagged images for easier discoverability in Docker Hub. Additionally, we now build images for point releases. * config: added support of using google.protobuf.Any in opaque configs for extensions. * config: logging warnings when deprecated fields are in use. * config: removed deprecated --v2-config-only from command line config. * config: removed deprecated_v1 sds_config from :ref:`Bootstrap config `. * config: removed the deprecated_v1 config option from :ref:`ring hash `. * config: removed REST_LEGACY as a valid :ref:`ApiType `. * config: finish cluster warming only when a named response i.e. ClusterLoadAssignment associated to the cluster being warmed comes in the EDS response. This is a behavioural change from the current implementation where warming of cluster completes on missing load assignments also. * config: use Envoy cpuset size to set the default number or worker threads if :option:`--cpuset-threads` is enabled. * config: added support for :ref:`initial_fetch_timeout `. The timeout is disabled by default. * cors: added :ref:`filter_enabled & shadow_enabled RuntimeFractionalPercent flags ` to filter. * csrf: added :ref:`CSRF filter `. * ext_authz: added support for buffering request body. * ext_authz: migrated from v2alpha to v2 and improved docs. * ext_authz: added a configurable option to make the gRPC service cross-compatible with V2Alpha. Note that this feature is already deprecated. It should be used for a short time, and only when transitioning from alpha to V2 release version. * ext_authz: migrated from v2alpha to v2 and improved the documentation. * ext_authz: authorization request and response configuration has been separated into two distinct objects: :ref:`authorization request ` and :ref:`authorization response `. In addition, :ref:`client headers ` and :ref:`upstream headers ` replaces the previous *allowed_authorization_headers* object. All the control header lists now support :ref:`string matcher ` instead of standard string. * fault: added the :ref:`max_active_faults ` setting, as well as :ref:`statistics ` for the number of active faults and the number of faults the overflowed. * fault: added :ref:`response rate limit ` fault injection. * fault: added :ref:`HTTP header fault configuration ` to the HTTP fault filter. * governance: extending Envoy deprecation policy from 1 release (0-3 months) to 2 releases (3-6 months). * health check: expected response codes in http health checks are now :ref:`configurable `. * http: added new grpc_http1_reverse_bridge filter for converting gRPC requests into HTTP/1.1 requests. * http: fixed a bug where Content-Length:0 was added to HTTP/1 204 responses. * http: added :ref:`max request headers size `. The default behaviour is unchanged. * http: added modifyDecodingBuffer/modifyEncodingBuffer to allow modifying the buffered request/response data. * http: added encodeComplete/decodeComplete. These are invoked at the end of the stream, after all data has been encoded/decoded respectively. Default implementation is a no-op. * outlier_detection: added support for :ref:`outlier detection event protobuf-based logging `. * mysql: added a MySQL proxy filter that is capable of parsing SQL queries over MySQL wire protocol. Refer to :ref:`MySQL proxy` for more details. * performance: new buffer implementation (disabled by default; to test it, add "--use-libevent-buffers 0" to the command-line arguments when starting Envoy). * jwt_authn: added :ref:`filter_state_rules ` to allow specifying requirements from filterState by other filters. * ratelimit: removed deprecated rate limit configuration from bootstrap. * redis: added :ref:`hashtagging ` to guarantee a given key's upstream. * redis: added :ref:`latency stats ` for commands. * redis: added :ref:`success and error stats ` for commands. * redis: migrate hash function for host selection to `MurmurHash2 `_ from std::hash. MurmurHash2 is compatible with std::hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled on Linux and not macOS. * redis: added :ref:`latency_in_micros ` to specify the redis commands stats time unit in microseconds. * router: added ability to configure a :ref:`retry policy ` at the virtual host level. * router: added reset reason to response body when upstream reset happens. After this change, the response body will be of the form `upstream connect error or disconnect/reset before headers. reset reason:` * router: added :ref:`rq_reset_after_downstream_response_started ` counter stat to router stats. * router: added per-route configuration of :ref:`internal redirects `. * router: removed deprecated route-action level headers_to_add/remove. * router: made :ref:`max retries header ` take precedence over the number of retries in route and virtual host retry policies. * router: added support for prefix wildcards in :ref:`virtual host domains` * stats: added support for histograms in prometheus * stats: added usedonly flag to prometheus stats to only output metrics which have been updated at least once. * stats: added gauges tracking remaining resources before circuit breakers open. * tap: added new alpha :ref:`HTTP tap filter `. * tls: enabled TLS 1.3 on the server-side (non-FIPS builds). * upstream: add hash_function to specify the hash function for :ref:`ring hash` as either xxHash or `murmurHash2 `_. MurmurHash2 is compatible with std::hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled on Linux and not macOS. * upstream: added :ref:`degraded health value` which allows routing to certain hosts only when there are insufficient healthy hosts available. * upstream: add cluster factory to allow creating and registering :ref:`custom cluster type`. * upstream: added a :ref:`circuit breaker ` to limit the number of concurrent connection pools in use. * tracing: added :ref:`verbose ` to support logging annotations on spans. * upstream: added support for host weighting and :ref:`locality weighting ` in the :ref:`ring hash load balancer `, and added a :ref:`maximum_ring_size` config parameter to strictly bound the ring size. * zookeeper: added a ZooKeeper proxy filter that parses ZooKeeper messages (requests/responses/events). Refer to :ref:`ZooKeeper proxy` for more details. * upstream: added configuration option to select any host when the fallback policy fails. * upstream: stopped incrementing upstream_rq_total for HTTP/1 conn pool when request is circuit broken. Deprecated ---------- * Use of `use_alpha` in :ref:`Ext-Authz Authorization Service ` is deprecated. It should be used for a short time, and only when transitioning from alpha to V2 release version. * Use of `enabled` in `CorsPolicy`, found in :ref:`route.proto `. Set the `filter_enabled` field instead. * Use of the `type` field in the `FaultDelay` message (found in :ref:`fault.proto `) has been deprecated. It was never used and setting it has no effect. It will be removed in the following release. ================================================ FILE: docs/root/version_history/v1.11.0.rst ================================================ 1.11.0 (July 11, 2019) ====================== Changes ------- * access log: added a new field for downstream TLS session ID to file and gRPC access logger. * access log: added a new field for route name to file and gRPC access logger. * access log: added a new field for response code details in :ref:`file access logger` and :ref:`gRPC access logger`. * access log: added several new variables for exposing information about the downstream TLS connection to :ref:`file access logger` and :ref:`gRPC access logger`. * access log: added a new flag for request rejected due to failed strict header check. * admin: the administration interface now includes a :ref:`/ready endpoint ` for easier readiness checks. * admin: extend :ref:`/runtime_modify endpoint ` to support parameters within the request body. * admin: the :ref:`/listener endpoint ` now returns :ref:`listeners.proto` which includes listener names and ports. * admin: added host priority to :http:get:`/clusters` and :http:get:`/clusters?format=json` endpoint response * admin: the :ref:`/clusters endpoint ` now shows hostname for each host, useful for DNS based clusters. * api: track and report requests issued since last load report. * build: releases are built with Clang and linked with LLD. * config: added :ref:stats_server_version_override` ` in bootstrap, that can be used to override :ref:`server.version statistic `. * control-plane: management servers can respond with HTTP 304 to indicate that config is up to date for Envoy proxies polling a :ref:`REST API Config Type ` * csrf: added support for allowlisting additional source origins. * dns: added support for getting DNS record TTL which is used by STRICT_DNS/LOGICAL_DNS cluster as DNS refresh rate. * dubbo_proxy: support the :ref:`dubbo proxy filter `. * dynamo_request_parser: adding support for transactions. Adds check for new types of dynamodb operations (TransactWriteItems, TransactGetItems) and awareness for new types of dynamodb errors (IdempotentParameterMismatchException, TransactionCanceledException, TransactionInProgressException). * eds: added support to specify max time for which endpoints can be used :ref:`gRPC filter `. * eds: removed max limit for `load_balancing_weight`. * event: added :ref:`loop duration and poll delay statistics `. * ext_authz: added a `x-envoy-auth-partial-body` metadata header set to `false|true` indicating if there is a partial body sent in the authorization request message. * ext_authz: added configurable status code that allows customizing HTTP responses on filter check status errors. * ext_authz: added option to `ext_authz` that allows the filter clearing route cache. * grpc-json: added support for :ref:`auto mapping `. * health check: added :ref:`initial jitter ` to add jitter to the first health check in order to prevent thundering herd on Envoy startup. * hot restart: stats are no longer shared between hot restart parent/child via shared memory, but rather by RPC. Hot restart version incremented to 11. * http: added the ability to pass a URL encoded PEM encoded peer certificate chain in the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header. * http: fixed a bug where large unbufferable responses were not tracked in stats and logs correctly. * http: fixed a crashing bug where gRPC local replies would cause segfaults when upstream access logging was on. * http: mitigated a race condition with the :ref:`delayed_close_timeout` where it could trigger while actively flushing a pending write buffer for a downstream connection. * http: added support for :ref:`preserve_external_request_id` that represents whether the x-request-id should not be reset on edge entry inside mesh * http: changed `sendLocalReply` to send percent-encoded `GrpcMessage`. * http: added a :ref:header_prefix` ` configuration option to allow Envoy to send and process x-custom- prefixed headers rather than x-envoy. * http: added :ref:`dynamic forward proxy ` support. * http: tracking the active stream and dumping state in Envoy crash handlers. This can be disabled by building with `--define disable_object_dump_on_signal_trace=disabled` * jwt_authn: make filter's parsing of JWT more flexible, allowing syntax like ``jwt=eyJhbGciOiJS...ZFnFIw,extra=7,realm=123`` * listener: added :ref:`source IP ` and :ref:`source port ` filter chain matching. * lua: exposed functions to Lua to verify digital signature. * original_src filter: added the :ref:`filter`. * outlier_detector: added configuration :ref:`outlier_detection.split_external_local_origin_errors` to distinguish locally and externally generated errors. See :ref:`arch_overview_outlier_detection` for full details. * rbac: migrated from v2alpha to v2. * redis: add support for Redis cluster custom cluster type. * redis: automatically route commands using cluster slots for Redis cluster. * redis: added :ref:`prefix routing ` to enable routing commands based on their key's prefix to different upstream. * redis: added :ref:`request mirror policy ` to enable shadow traffic and/or dual writes. * redis: add support for zpopmax and zpopmin commands. * redis: added :ref:`max_buffer_size_before_flush ` to batch commands together until the encoder buffer hits a certain size, and :ref:`buffer_flush_timeout ` to control how quickly the buffer is flushed if it is not full. * redis: added auth support :ref:`downstream_auth_password ` for downstream client authentication, and :ref:`auth_password ` to configure authentication passwords for upstream server clusters. * retry: added a retry predicate that :ref:`rejects canary hosts. ` * router: add support for configuring a :ref:`gRPC timeout offset ` on incoming requests. * router: added ability to control retry back-off intervals via :ref:`retry policy `. * router: added ability to issue a hedged retry in response to a per try timeout via a :ref:`hedge policy `. * router: added a route name field to each http route in route.Route list * router: added several new variables for exposing information about the downstream TLS connection via :ref:`header formatters `. * router: per try timeouts will no longer start before the downstream request has been received in full by the router.This ensures that the per try timeout does not account for slow downstreams and that will not start before the global timeout. * router: added :ref:`RouteAction's auto_host_rewrite_header ` to allow upstream host header substitution with some other header's value * router: added support for UPSTREAM_REMOTE_ADDRESS :ref:`header formatter `. * router: add ability to reject a request that includes invalid values for headers configured in :ref:`strict_check_headers ` * runtime: added support for :ref:`flexible layering configuration `. * runtime: added support for statically :ref:`specifying the runtime in the bootstrap configuration `. * runtime: :ref:`Runtime Discovery Service (RTDS) ` support added to layered runtime configuration. * sandbox: added :ref:`CSRF sandbox `. * server: ``--define manual_stamp=manual_stamp`` was added to allow server stamping outside of binary rules. more info in the `bazel docs `_. * server: added :ref:`server state ` statistic. * server: added :ref:`initialization_time_ms` statistic. * subset: added :ref:`list_as_any` option to the subset lb which allows matching metadata against any of the values in a list value on the endpoints. * tools: added :repo:`proto ` support for :ref:`router check tool ` tests. * tracing: add trace sampling configuration to the route, to override the route level. * upstream: added :ref:`upstream_cx_pool_overflow ` for the connection pool circuit breaker. * upstream: an EDS management server can now force removal of a host that is still passing active health checking by first marking the host as failed via EDS health check and subsequently removing it in a future update. This is a mechanism to work around a race condition in which an EDS implementation may remove a host before it has stopped passing active HC, thus causing the host to become stranded until a future update. * upstream: added :ref:`an option ` that allows ignoring new hosts for the purpose of load balancing calculations until they have been health checked for the first time. * upstream: added runtime error checking to prevent setting dns type to STRICT_DNS or LOGICAL_DNS when custom resolver name is specified. * upstream: added possibility to override fallback_policy per specific selector in :ref:`subset load balancer `. * upstream: the :ref:`logical DNS cluster ` now displays the current resolved IP address in admin output instead of 0.0.0.0. Deprecated ---------- * The --max-stats and --max-obj-name-len flags no longer has any effect. * Use of :ref:`cluster ` in :ref:`redis_proxy.proto ` is deprecated. Set a :ref:`catch_all_route ` instead. * Use of :ref:`catch_all_cluster ` in :ref:`redis_proxy.proto ` is deprecated. Set a :ref:`catch_all_route ` instead. * Use of json based schema in router check tool tests. The tests should follow validation :repo:`schema`. * Use of the v1 style route configuration for the :ref:`TCP proxy filter ` is now fully replaced with listener :ref:`filter chain matching `. Use this instead. * Use of :ref:`runtime ` in :ref:`Bootstrap `. Use :ref:`layered_runtime ` instead. * Specifying "deprecated_v1: true" in HTTP and network filter configuration to allow loading JSON configuration is now deprecated and will be removed in a following release. Update any custom filters to use protobuf configuration. A struct can be used for a mostly 1:1 conversion if needed. The `envoy.deprecated_features.v1_filter_json_config` runtime key can be used to temporarily enable this feature once the deprecation becomes fail by default. ================================================ FILE: docs/root/version_history/v1.11.1.rst ================================================ 1.11.1 (August 13, 2019) ======================== Changes ------- * http: added mitigation of client initiated attacks that result in flooding of the downstream HTTP/2 connections. Those attacks can be logged at the "warning" level when the runtime feature `http.connection_manager.log_flood_exception` is enabled. The runtime setting defaults to disabled to avoid log spam when under attack. * http: added :ref:`inbound_empty_frames_flood ` counter stat to the HTTP/2 codec stats, for tracking number of connections terminated for exceeding the limit on consecutive inbound frames with an empty payload and no end stream flag. The limit is configured by setting the :ref:`max_consecutive_inbound_frames_with_empty_payload config setting `. Runtime feature `envoy.reloadable_features.http2_protocol_options.max_consecutive_inbound_frames_with_empty_payload` overrides :ref:`max_consecutive_inbound_frames_with_empty_payload setting `. Large override value (i.e. 2147483647) effectively disables mitigation of inbound frames with empty payload. * http: added :ref:`inbound_priority_frames_flood ` counter stat to the HTTP/2 codec stats, for tracking number of connections terminated for exceeding the limit on inbound PRIORITY frames. The limit is configured by setting the :ref:`max_inbound_priority_frames_per_stream config setting `. Runtime feature `envoy.reloadable_features.http2_protocol_options.max_inbound_priority_frames_per_stream` overrides :ref:`max_inbound_priority_frames_per_stream setting `. Large override value effectively disables flood mitigation of inbound PRIORITY frames. * http: added :ref:`inbound_window_update_frames_flood ` counter stat to the HTTP/2 codec stats, for tracking number of connections terminated for exceeding the limit on inbound WINDOW_UPDATE frames. The limit is configured by setting the :ref:`max_inbound_window_update_frames_per_data_frame_sent config setting `. Runtime feature `envoy.reloadable_features.http2_protocol_options.max_inbound_window_update_frames_per_data_frame_sent` overrides :ref:`max_inbound_window_update_frames_per_data_frame_sent setting `. Large override value effectively disables flood mitigation of inbound WINDOW_UPDATE frames. * http: added :ref:`outbound_flood ` counter stat to the HTTP/2 codec stats, for tracking number of connections terminated for exceeding the outbound queue limit. The limit is configured by setting the :ref:`max_outbound_frames config setting ` Runtime feature `envoy.reloadable_features.http2_protocol_options.max_outbound_frames` overrides :ref:`max_outbound_frames config setting `. Large override value effectively disables flood mitigation of outbound frames of all types. * http: added :ref:`outbound_control_flood ` counter stat to the HTTP/2 codec stats, for tracking number of connections terminated for exceeding the outbound queue limit for PING, SETTINGS and RST_STREAM frames. The limit is configured by setting the :ref:`max_outbound_control_frames config setting `. Runtime feature `envoy.reloadable_features.http2_protocol_options.max_outbound_control_frames` overrides :ref:`max_outbound_control_frames config setting `. Large override value effectively disables flood mitigation of outbound frames of types PING, SETTINGS and RST_STREAM. * http: enabled strict validation of HTTP/2 messaging. Previous behavior can be restored using :ref:`stream_error_on_invalid_http_messaging config setting `. Runtime feature `envoy.reloadable_features.http2_protocol_options.stream_error_on_invalid_http_messaging` overrides :ref:`stream_error_on_invalid_http_messaging config setting `. ================================================ FILE: docs/root/version_history/v1.11.2.rst ================================================ 1.11.2 (October 8, 2019) ======================== Changes ------- * http: fixed CVE-2019-15226 by adding a cached byte size in HeaderMap. * http: added :ref:`max headers count ` for http connections. The default limit is 100. * upstream: runtime feature `envoy.reloadable_features.max_response_headers_count` overrides the default limit for upstream :ref:`max headers count ` * http: added :ref:`common_http_protocol_options ` Runtime feature `envoy.reloadable_features.max_request_headers_count` overrides the default limit for downstream :ref:`max headers count ` * regex: backported safe regex matcher fix for CVE-2019-15225. Deprecated ---------- * Use of :ref:`idle_timeout ` is deprecated. Use :ref:`common_http_protocol_options ` instead. ================================================ FILE: docs/root/version_history/v1.12.0.rst ================================================ 1.12.0 (October 31, 2019) ========================= Changes ------- * access log: added a new flag for :ref:`downstream protocol error `. * access log: added :ref:`buffering ` and :ref:`periodical flushing ` support to gRPC access logger. Defaults to 16KB buffer and flushing every 1 second. * access log: added DOWNSTREAM_DIRECT_REMOTE_ADDRESS and DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT :ref:`access log formatters ` and gRPC access logger. * access log: gRPC Access Log Service (ALS) support added for :ref:`TCP access logs `. * access log: reintroduced :ref:`filesystem ` stats and added the `write_failed` counter to track failed log writes. * admin: added ability to configure listener :ref:`socket options `. * admin: added config dump support for Secret Discovery Service :ref:`SecretConfigDump `. * admin: added support for :ref:`draining ` listeners via admin interface. * admin: added :http:get:`/stats/recentlookups`, :http:post:`/stats/recentlookups/clear`, :http:post:`/stats/recentlookups/disable`, and :http:post:`/stats/recentlookups/enable` endpoints. * api: added :ref:`set_node_on_first_message_only ` option to omit the node identifier from the subsequent discovery requests on the same stream. * buffer filter: now populates content-length header if not present. This behavior can be temporarily disabled using the runtime feature `envoy.reloadable_features.buffer_filter_populate_content_length`. * build: official released binary is now PIE so it can be run with ASLR. * config: added support for :ref:`delta xDS ` (including ADS) delivery. * config: enforcing that terminal filters (e.g. HttpConnectionManager for L4, router for L7) be the last in their respective filter chains. * config: added access log :ref:`extension filter`. * config: added support for :option:`--reject-unknown-dynamic-fields`, providing independent control over whether unknown fields are rejected in static and dynamic configuration. By default, unknown fields in static configuration are rejected and are allowed in dynamic configuration. Warnings are logged for the first use of any unknown field and these occurrences are counted in the :ref:`server.static_unknown_fields ` and :ref:`server.dynamic_unknown_fields ` statistics. * config: added async data access for local and remote data sources. * config: changed the default value of :ref:`initial_fetch_timeout ` from 0s to 15s. This is a change in behaviour in the sense that Envoy will move to the next initialization phase, even if the first config is not delivered in 15s. Refer to :ref:`initialization process ` for more details. * config: added stat :ref:`init_fetch_timeout `. * config: tls_context in Cluster and FilterChain are deprecated in favor of transport socket. See :ref:`deprecated documentation` for more information. * csrf: added PATCH to supported methods. * dns: added support for configuring :ref:`dns_failure_refresh_rate ` to set the DNS refresh rate during failures. * ext_authz: added :ref:`configurable ability ` to send dynamic metadata to the `ext_authz` service. * ext_authz: added :ref:`filter_enabled RuntimeFractionalPercent flag ` to filter. * ext_authz: added tracing to the HTTP client. * ext_authz: deprecated :ref:`cluster scope stats ` in favour of filter scope stats. * fault: added overrides for default runtime keys in :ref:`HTTPFault ` filter. * grpc: added :ref:`AWS IAM grpc credentials extension ` for AWS-managed xDS. * grpc: added :ref:`gRPC stats filter ` for collecting stats about gRPC calls and streaming message counts. * grpc-json: added support for :ref:`ignoring unknown query parameters`. * grpc-json: added support for :ref:`the grpc-status-details-bin header`. * header to metadata: added :ref:`PROTOBUF_VALUE ` and :ref:`ValueEncode ` to support protobuf Value and Base64 encoding. * http: added a default one hour idle timeout to upstream and downstream connections. HTTP connections with no streams and no activity will be closed after one hour unless the default idle_timeout is overridden. To disable upstream idle timeouts, set the :ref:`idle_timeout ` to zero in Cluster :ref:`http_protocol_options`. To disable downstream idle timeouts, either set :ref:`idle_timeout ` to zero in the HttpConnectionManager :ref:`common_http_protocol_options ` or set the deprecated :ref:`connection manager ` field to zero. * http: added the ability to format HTTP/1.1 header keys using :ref:`header_key_format `. * http: added the ability to reject HTTP/1.1 requests with invalid HTTP header values, using the runtime feature `envoy.reloadable_features.strict_header_validation`. * http: changed Envoy to forward existing x-forwarded-proto from upstream trusted proxies. Guarded by `envoy.reloadable_features.trusted_forwarded_proto` which defaults true. * http: added the ability to configure the behavior of the server response header, via the :ref:`server_header_transformation` field. * http: added the ability to :ref:`merge adjacent slashes` in the path. * http: :ref:`AUTO ` codec protocol inference now requires the H2 magic bytes to be the first bytes transmitted by a downstream client. * http: remove h2c upgrade headers for HTTP/1 as h2c upgrades are currently not supported. * http: absolute URL support is now on by default. The prior behavior can be reinstated by setting :ref:`allow_absolute_url ` to false. * http: support :ref:`host rewrite ` in the dynamic forward proxy. * http: support :ref:`disabling the filter per route ` in the grpc http1 reverse bridge filter. * http: added the ability to :ref:`configure max connection duration ` for downstream connections. * listeners: added :ref:`continue_on_listener_filters_timeout ` to configure whether a listener will still create a connection when listener filters time out. * listeners: added :ref:`HTTP inspector listener filter `. * listeners: added :ref:`connection balancer ` configuration for TCP listeners. * listeners: listeners now close the listening socket as part of the draining stage as soon as workers stop accepting their connections. * lua: extended `httpCall()` and `respond()` APIs to accept headers with entry values that can be a string or table of strings. * lua: extended `dynamicMetadata:set()` to allow setting complex values. * metrics_service: added support for flushing histogram buckets. * outlier_detector: added :ref:`support for the grpc-status response header ` by mapping it to HTTP status. Guarded by envoy.reloadable_features.outlier_detection_support_for_grpc_status which defaults to true. * performance: new buffer implementation enabled by default (to disable add "--use-libevent-buffers 1" to the command-line arguments when starting Envoy). * performance: stats symbol table implementation (disabled by default; to test it, add "--use-fake-symbol-table 0" to the command-line arguments when starting Envoy). * rbac: added support for DNS SAN as :ref:`principal_name `. * redis: added :ref:`enable_command_stats ` to enable :ref:`per command statistics ` for upstream clusters. * redis: added :ref:`read_policy ` to allow reading from redis replicas for Redis Cluster deployments. * redis: fixed a bug where the redis health checker ignored the upstream auth password. * redis: enable_hashtaging is always enabled when the upstream uses open source Redis cluster protocol. * regex: introduced new :ref:`RegexMatcher ` type that provides a safe regex implementation for untrusted user input. This type is now used in all configuration that processes user provided input. See :ref:`deprecated configuration details ` for more information. * rbac: added conditions to the policy, see :ref:`condition `. * router: added :ref:`rq_retry_skipped_request_not_complete ` counter stat to router stats. * router: :ref:`scoped routing ` is supported. * router: added new :ref:`retriable-headers ` retry policy. Retries can now be configured to trigger by arbitrary response header matching. * router: added ability for most specific header mutations to take precedence, see :ref:`route configuration's most specific header mutations wins flag `. * router: added :ref:`respect_expected_rq_timeout ` that instructs ingress Envoy to respect :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress Envoy, when deriving timeout for upstream cluster. * router: added new :ref:`retriable request headers ` to route configuration, to allow limiting buffering for retries and shadowing. * router: added new :ref:`retriable request headers ` to retry policies. Retries can now be configured to only trigger on request header match. * router: added the ability to match a route based on whether a TLS certificate has been :ref:`presented ` by the downstream connection. * router check tool: added coverage reporting & enforcement. * router check tool: added comprehensive coverage reporting. * router check tool: added deprecated field check. * router check tool: added flag for only printing results of failed tests. * router check tool: added support for outputting missing tests in the detailed coverage report. * router check tool: added coverage reporting for direct response routes. * runtime: allows for the ability to parse boolean values. * runtime: allows for the ability to parse integers as double values and vice-versa. * sds: added :ref:`session_ticket_keys_sds_secret_config ` for loading TLS Session Ticket Encryption Keys using SDS API. * server: added a post initialization lifecycle event, in addition to the existing startup and shutdown events. * server: added :ref:`per-handler listener stats ` and :ref:`per-worker watchdog stats ` to help diagnosing event loop imbalance and general performance issues. * stats: added unit support to histogram. * tcp_proxy: the default :ref:`idle_timeout ` is now 1 hour. * thrift_proxy: fixed crashing bug on invalid transport/protocol framing. * thrift_proxy: added support for stripping service name from method when using the multiplexed protocol. * tls: added verification of IP address SAN fields in certificates against configured SANs in the certificate validation context. * tracing: added support to the Zipkin reporter for sending list of spans as Zipkin JSON v2 and protobuf message over HTTP. certificate validation context. * tracing: added tags for gRPC response status and message. * tracing: added :ref:`max_path_tag_length ` to support customizing the length of the request path included in the extracted `http.url `_ tag. * upstream: added :ref:`an option ` that allows draining HTTP, TCP connection pools on cluster membership change. * upstream: added :ref:`transport_socket_matches `, support using different transport socket config when connecting to different upstream endpoints within a cluster. * upstream: added network filter chains to upstream connections, see :ref:`filters`. * upstream: added new :ref:`failure-percentage based outlier detection` mode. * upstream: uses p2c to select hosts for least-requests load balancers if all host weights are the same, even in cases where weights are not equal to 1. * upstream: added :ref:`fail_traffic_on_panic ` to allow failing all requests to a cluster during panic state. * zookeeper: parses responses and emits latency stats. Deprecated ---------- * The ORIGINAL_DST_LB :ref:`load balancing policy ` is deprecated, use CLUSTER_PROVIDED policy instead when configuring an :ref:`original destination cluster `. * The `regex` field in :ref:`StringMatcher ` has been deprecated in favor of the `safe_regex` field. * The `regex` field in :ref:`RouteMatch ` has been deprecated in favor of the `safe_regex` field. * The `allow_origin` and `allow_origin_regex` fields in :ref:`CorsPolicy ` have been deprecated in favor of the `allow_origin_string_match` field. * The `pattern` and `method` fields in :ref:`VirtualCluster ` have been deprecated in favor of the `headers` field. * The `regex_match` field in :ref:`HeaderMatcher ` has been deprecated in favor of the `safe_regex_match` field. * The `value` and `regex` fields in :ref:`QueryParameterMatcher ` has been deprecated in favor of the `string_match` and `present_match` fields. * The :option:`--allow-unknown-fields` command-line option, use :option:`--allow-unknown-static-fields` instead. * The use of HTTP_JSON_V1 :ref:`Zipkin collector endpoint version ` or not explicitly specifying it is deprecated, use HTTP_JSON or HTTP_PROTO instead. * The `operation_name` field in :ref:`HTTP connection manager ` has been deprecated in favor of the `traffic_direction` field in :ref:`Listener `. The latter takes priority if specified. * The `tls_context` field in :ref:`Filter chain ` message and :ref:`Cluster ` message have been deprecated in favor of `transport_socket` with name `envoy.transport_sockets.tls`. The latter takes priority if specified. * The `use_http2` field in :ref:`HTTP health checker ` has been deprecated in favor of the `codec_client_type` field. * The use of :ref:`gRPC bridge filter ` for gRPC stats has been deprecated in favor of the dedicated :ref:`gRPC stats filter ` * Ext_authz filter stats `ok`, `error`, `denied`, `failure_mode_allowed` in *cluster..ext_authz.* namespace is deprecated. Use *http..ext_authz.* namespace to access same counters instead. * Use of google.protobuf.Struct for extension opaque configs is deprecated. Use google.protobuf.Any instead or pack udpa.type.v1.TypedStruct in google.protobuf.Any. ================================================ FILE: docs/root/version_history/v1.12.1.rst ================================================ 1.12.1 (November 8, 2019) ========================= Changes ------- * listener: fixed CVE-2019-18836 by clearing accept filters before connection creation. ================================================ FILE: docs/root/version_history/v1.12.2.rst ================================================ 1.12.2 (December 10, 2019) ========================== Changes ------- * http: fixed CVE-2019-18801 by allocating sufficient memory for request headers. * http: fixed CVE-2019-18802 by implementing stricter validation of HTTP/1 headers. * http: trim LWS at the end of header keys, for correct HTTP/1.1 header parsing. * http: added strict authority checking. This can be reversed temporarily by setting the runtime feature `envoy.reloadable_features.strict_authority_validation` to false. * route config: fixed CVE-2019-18838 by checking for presence of host/path headers. ================================================ FILE: docs/root/version_history/v1.12.3.rst ================================================ 1.12.3 (March 3, 2020) ====================== Changes ------- * buffer: force copy when appending small slices to OwnedImpl buffer to avoid fragmentation. * http: added HTTP/1.1 flood protection. Can be temporarily disabled using the runtime feature `envoy.reloadable_features.http1_flood_protection`. * listeners: fixed issue where :ref:`TLS inspector listener filter ` could have been bypassed by a client using only TLS 1.3. * rbac: added :ref:`url_path ` for matching URL path without the query and fragment string. * sds: fixed the SDS vulnerability that TLS validation context (e.g., subject alt name or hash) cannot be effectively validated in some cases. ================================================ FILE: docs/root/version_history/v1.12.4.rst ================================================ 1.12.4 (June 8, 2020) ===================== Changes ------- * http: added :ref:`headers_with_underscores_action setting ` to control how client requests with header names containing underscore characters are handled. The options are to allow such headers, reject request or drop headers. The default is to allow headers, preserving existing behavior. * http: fixed CVE-2020-11080 by rejecting HTTP/2 SETTINGS frames with too many parameters. ================================================ FILE: docs/root/version_history/v1.12.5.rst ================================================ 1.12.5 (June 30, 2020) ====================== Changes ------- * buffer: fixed CVE-2020-12603 by avoiding fragmentation, and tracking of HTTP/2 data and control frames in the output buffer. * http: fixed CVE-2020-12604 by changing :ref:`stream_idle_timeout ` to also defend against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * http: fixed CVE-2020-12605 by including request URL in request header size computation, and rejecting partial headers that exceed configured limits. * listener: fixed CVE-2020-8663 by adding runtime support for :ref:`per-listener limits ` on active/accepted connections. * overload management: fixed CVE-2020-8663 by adding runtime support for :ref:`global limits ` on active/accepted connections. ================================================ FILE: docs/root/version_history/v1.12.6.rst ================================================ 1.12.6 (July 7, 2020) ===================== * tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. ================================================ FILE: docs/root/version_history/v1.12.7.rst ================================================ 1.12.7 (September 29, 2020) =========================== Changes ------- * http: fixed CVE-2020-25017. Previously header matching did not match on all headers for non-inline headers. This patch changes the default behavior to always logically match on all headers. Multiple individual headers will be logically concatenated with ',' similar to what is done with inline headers. This makes the behavior effectively consistent. This behavior can be temporary reverted by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to "false". Targeted fixes have been additionally performed on the following extensions which make them consider all duplicate headers by default as a comma concatenated list: 1. Any extension using CEL matching on headers. 2. The header to metadata filter. 3. The JWT filter. 4. The Lua filter. Like primary header matching used in routing, RBAC, etc. this behavior can be disabled by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to false. ================================================ FILE: docs/root/version_history/v1.13.0.rst ================================================ 1.13.0 (January 20, 2020) ========================= Changes ------- * access log: added FILTER_STATE :ref:`access log formatters ` and gRPC access logger. * admin: added the ability to filter :ref:`/config_dump `. * access log: added a :ref:`typed JSON logging mode ` to output access logs in JSON format with non-string values * access log: fixed UPSTREAM_LOCAL_ADDRESS :ref:`access log formatters ` to work for http requests * access log: added HOSTNAME. * api: remove all support for v1 * api: added ability to specify `mode` for :ref:`Pipe `. * api: support for the v3 xDS API added. See :ref:`api_supported_versions`. * aws_request_signing: added new alpha :ref:`HTTP AWS request signing filter `. * buffer: remove old implementation * build: official released binary is now built against libc++. * cluster: added :ref:`aggregate cluster ` that allows load balancing between clusters. * config: all category names of internal envoy extensions are prefixed with the 'envoy.' prefix to follow the reverse DNS naming notation. * decompressor: remove decompressor hard assert failure and replace with an error flag. * ext_authz: added :ref:`configurable ability` to send the :ref:`certificate` to the `ext_authz` service. * fault: fixed an issue where the http fault filter would repeatedly check the percentage of abort/delay when the `x-envoy-downstream-service-cluster` header was included in the request to ensure that the actual percentage of abort/delay matches the configuration of the filter. * health check: gRPC health checker sets the gRPC deadline to the configured timeout duration. * health check: added :ref:`TlsOptions ` to allow TLS configuration overrides. * health check: added :ref:`service_name_matcher ` to better compare the service name patterns for health check identity. * http: added strict validation that CONNECT is refused as it is not yet implemented. This can be reversed temporarily by setting the runtime feature `envoy.reloadable_features.strict_method_validation` to false. * http: added support for http1 trailers. To enable use :ref:`enable_trailers `. * http: added the ability to sanitize headers nominated by the Connection header. This new behavior is guarded by envoy.reloadable_features.connection_header_sanitization which defaults to true. * http: blocks unsupported transfer-encodings. Can be reverted temporarily by setting runtime feature `envoy.reloadable_features.reject_unsupported_transfer_encodings` to false. * http: support :ref:`auto_host_rewrite_header` in the dynamic forward proxy. * jwt_authn: added :ref:`allow_missing` option that accepts request without token but rejects bad request with bad tokens. * jwt_authn: added :ref:`bypass_cors_preflight` to allow bypassing the CORS preflight request. * lb_subset_config: new fallback policy for selectors: :ref:`KEYS_SUBSET` * listeners: added :ref:`reuse_port` option. * logger: added :ref:`--log-format-escaped ` command line option to escape newline characters in application logs. * ratelimit: added :ref:`local rate limit ` network filter. * rbac: added support for matching all subject alt names instead of first in :ref:`principal_name `. * redis: performance improvement for larger split commands by avoiding string copies. * redis: correctly follow MOVE/ASK redirection for mirrored clusters. * redis: add :ref:`host_degraded_refresh_threshold ` and :ref:`failure_refresh_threshold ` to refresh topology when nodes are degraded or when requests fails. * router: added histograms to show timeout budget usage to the :ref:`cluster stats `. * router check tool: added support for testing and marking coverage for routes of runtime fraction 0. * router: added :ref:`request_mirror_policies` to support sending multiple mirrored requests in one route. * router: added support for REQ(header-name) :ref:`header formatter `. * router: added support for percentage-based :ref:`retry budgets ` * router: allow using a :ref:`query parameter ` for HTTP consistent hashing. * router: exposed DOWNSTREAM_REMOTE_ADDRESS as custom HTTP request/response headers. * router: added support for :ref:`max_internal_redirects ` for configurable maximum internal redirect hops. * router: skip the Location header when the response code is not a 201 or a 3xx. * router: added :ref:`auto_sni ` to support setting SNI to transport socket for new upstream connections based on the downstream HTTP host/authority header. * router: added support for HOSTNAME :ref:`header formatter `. * server: added the :option:`--disable-extensions` CLI option, to disable extensions at startup. * server: fixed a bug in config validation for configs with runtime layers. * server: added :ref:`workers_started ` that indicates whether listeners have been fully initialized on workers. * tcp_proxy: added :ref:`ClusterWeight.metadata_match`. * tcp_proxy: added :ref:`hash_policy`. * thrift_proxy: added support for cluster header based routing. * thrift_proxy: added stats to the router filter. * tls: remove TLS 1.0 and 1.1 from client defaults * tls: added support for :ref:`generic string matcher ` for subject alternative names. * tracing: added the ability to set custom tags on both the :ref:`HTTP connection manager` and the :ref:`HTTP route `. * tracing: added upstream_address tag. * tracing: added initial support for AWS X-Ray (local sampling rules only) :ref:`X-Ray Tracing `. * tracing: added tags for gRPC request path, authority, content-type and timeout. * udp: added initial support for :ref:`UDP proxy ` Deprecated ---------- * The `request_headers_for_tags` field in :ref:`HTTP connection manager ` has been deprecated in favor of the :ref:`custom_tags ` field. * The `verify_subject_alt_name` field in :ref:`Certificate Validation Context ` has been deprecated in favor of the :ref:`match_subject_alt_names ` field. * The `request_mirror_policy` field in :ref:`RouteMatch ` has been deprecated in favor of the `request_mirror_policies` field. * The `service_name` field in :ref:`HTTP health checker ` has been deprecated in favor of the `service_name_matcher` field. * The v2 xDS API is deprecated. It will be supported by Envoy until EOY 2020. See :ref:`api_supported_versions`. ================================================ FILE: docs/root/version_history/v1.13.1.rst ================================================ 1.13.1 (March 3, 2020) ====================== Changes ------- * buffer: force copy when appending small slices to OwnedImpl buffer to avoid fragmentation. * http: added HTTP/1.1 flood protection. Can be temporarily disabled using the runtime feature `envoy.reloadable_features.http1_flood_protection`. * listeners: fixed issue where :ref:`TLS inspector listener filter ` could have been bypassed by a client using only TLS 1.3. * rbac: added :ref:`url_path ` for matching URL path without the query and fragment string. * sds: fixed the SDS vulnerability that TLS validation context (e.g., subject alt name or hash) cannot be effectively validated in some cases. ================================================ FILE: docs/root/version_history/v1.13.2.rst ================================================ 1.13.2 (June 8, 2020) ===================== Changes ------- * http: added :ref:`headers_with_underscores_action setting ` to control how client requests with header names containing underscore characters are handled. The options are to allow such headers, reject request or drop headers. The default is to allow headers, preserving existing behavior. * http: fixed CVE-2020-11080 by rejecting HTTP/2 SETTINGS frames with too many parameters. ================================================ FILE: docs/root/version_history/v1.13.3.rst ================================================ 1.13.3 (June 30, 2020) ====================== Changes ------- * buffer: fixed CVE-2020-12603 by avoiding fragmentation, and tracking of HTTP/2 data and control frames in the output buffer. * http: fixed CVE-2020-12604 by changing :ref:`stream_idle_timeout ` to also defend against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * http: fixed CVE-2020-12605 by including request URL in request header size computation, and rejecting partial headers that exceed configured limits. * listener: fixed CVE-2020-8663 by adding runtime support for :ref:`per-listener limits ` on active/accepted connections. * overload management: fixed CVE-2020-8663 by adding runtime support for :ref:`global limits ` on active/accepted connections. ================================================ FILE: docs/root/version_history/v1.13.4.rst ================================================ 1.13.4 (July 7, 2020) ===================== * tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. ================================================ FILE: docs/root/version_history/v1.13.5.rst ================================================ 1.13.5 (September 29, 2020) =========================== Changes ------- * http: fixed CVE-2020-25017. Previously header matching did not match on all headers for non-inline headers. This patch changes the default behavior to always logically match on all headers. Multiple individual headers will be logically concatenated with ',' similar to what is done with inline headers. This makes the behavior effectively consistent. This behavior can be temporary reverted by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to "false". Targeted fixes have been additionally performed on the following extensions which make them consider all duplicate headers by default as a comma concatenated list: 1. Any extension using CEL matching on headers. 2. The header to metadata filter. 3. The JWT filter. 4. The Lua filter. Like primary header matching used in routing, RBAC, etc. this behavior can be disabled by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to false. * http: fixed CVE-2020-25017. The setCopy() header map API previously only set the first header in the case of duplicate non-inline headers. setCopy() now behaves similarly to the other set*() APIs and replaces all found headers with a single value. This may have had security implications in the extauth filter which uses this API. This behavior can be disabled by setting the runtime value "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. ================================================ FILE: docs/root/version_history/v1.13.6.rst ================================================ 1.13.6 (September 29, 2020) =========================== Changes ------- * test: fix flaky test. ================================================ FILE: docs/root/version_history/v1.14.0.rst ================================================ 1.14.0 (April 8, 2020) ====================== Changes ------- * access log: access logger extensions use the "envoy.access_loggers" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * access log: added support for `%DOWNSTREAM_LOCAL_PORT%` :ref:`access log formatters `. * access log: fixed `%DOWSTREAM_DIRECT_REMOTE_ADDRESS%` when used with PROXY protocol listener filter. * access log: introduced :ref:`connection-level access loggers`. * adaptive concurrency: fixed bug that allowed concurrency limits to drop below the configured minimum. * adaptive concurrency: minRTT is now triggered when the minimum concurrency is maintained for 5 consecutive sampling intervals. * admin: added support for displaying ip address subject alternate names in :ref:`certs` end point. * admin: added :http:post:`/reopen_logs` endpoint to control log rotation. * api: froze v2 xDS API. New feature development in the API should occur in v3 xDS. While the v2 xDS API has been deprecated since 1.13.0, it will continue to be supported by Envoy until EOY 2020. See :ref:`api_supported_versions`. * aws_lambda: added :ref:`AWS Lambda filter ` that converts HTTP requests to Lambda invokes. This effectively makes Envoy act as an egress gateway to AWS Lambda. * aws_request_signing: a few fixes so that it works with S3. * config: added stat :ref:`update_time `. * config: use type URL to select an extension whenever the config type URL (or its previous versions) uniquely identify a typed extension, see :ref:`extension configuration `. * datasource: added retry policy for remote async data source. * dns: added support for :ref:`dns_failure_refresh_rate ` for the :ref:`dns cache ` to set the DNS refresh rate during failures. * dns: the STRICT_DNS cluster now only resolves to 0 hosts if DNS resolution successfully returns 0 hosts. * eds: added :ref:`hostname ` field for endpoints and :ref:`hostname ` field for endpoint's health check config. This enables auto host rewrite and customizing the host header during health checks for eds endpoints. * ext_authz: disabled the use of lowercase string matcher for headers matching in HTTP-based `ext_authz`. Can be reverted temporarily by setting runtime feature `envoy.reloadable_features.ext_authz_http_service_enable_case_sensitive_string_matcher` to false. * fault: added support for controlling abort faults with :ref:`HTTP header fault configuration ` to the HTTP fault filter. * grpc-json: added support for building HTTP request into `google.api.HttpBody `_. * grpc-stats: added option to limit which messages stats are created for. * http: added HTTP/1.1 flood protection. Can be temporarily disabled using the runtime feature `envoy.reloadable_features.http1_flood_protection`. * http: added :ref:`headers_with_underscores_action setting ` to control how client requests with header names containing underscore characters are handled. The options are to allow such headers, reject request or drop headers. The default is to allow headers, preserving existing behavior. * http: added :ref:`max_stream_duration ` to specify the duration of existing streams. See :ref:`connection and stream timeouts `. * http: connection header sanitizing has been modified to always sanitize if there is no upgrade, including when an h2c upgrade attempt has been removed. * http: fixed a bug that could send extra METADATA frames and underflow memory when encoding METADATA frames on a connection that was dispatching data. * http: fixing a bug in HTTP/1.0 responses where Connection: keep-alive was not appended for connections which were kept alive. * http: http filter extensions use the "envoy.filters.http" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * http: the runtime feature `http.connection_manager.log_flood_exception` is removed and replaced with a connection access log response code. * http: upgrade parser library, which removes support for "identity" transfer-encoding value. * listener filters: listener filter extensions use the "envoy.filters.listener" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * listeners: added :ref:`listener filter matcher api ` to disable individual listener filter on matching downstream connections. * loadbalancing: added support for using hostname for consistent hash loadbalancing via :ref:`consistent_hash_lb_config `. * loadbalancing: added support for :ref:`retry host predicates ` in conjunction with consistent hashing load balancers (ring hash and maglev). * lua: added a parameter to `httpCall` that makes it possible to have the call be asynchronous. * lua: added moonjit support. * mongo: the stat emitted for queries without a max time set in the :ref:`MongoDB filter` was modified to emit correctly for Mongo v3.2+. * network filters: added a :ref:`direct response filter `. * network filters: network filter extensions use the "envoy.filters.network" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * rbac: added :ref:`remote_ip ` and :ref:`direct_remote_ip ` for matching downstream remote IP address. * rbac: deprecated :ref:`source_ip ` with :ref:`direct_remote_ip ` and :ref:`remote_ip `. * request_id_extension: added an ability to extend request ID handling at :ref:`HTTP connection manager`. * retry: added a retry predicate that :ref:`rejects hosts based on metadata. `. * router: added ability to set attempt count in downstream response, see :ref:`virtual host's include response attempt count config `. * router: added additional stats for :ref:`virtual clusters `. * router: added :ref:`auto_san_validation ` to support overrriding SAN validation to transport socket for new upstream connections based on the downstream HTTP host/authority header. * router: added the ability to match a route based on whether a downstream TLS connection certificate has been :ref:`validated `. * router: added support for :ref:`regex_rewrite ` for path rewriting using regular expressions and capture groups. * router: added support for `%DOWNSTREAM_LOCAL_PORT%` :ref:`header formatter `. * router: don't ignore :ref:`per_try_timeout ` when the :ref:`global route timeout ` is disabled. * router: strip whitespace for :ref:`retry_on `, :ref:`grpc-retry-on header ` and :ref:`retry-on header `. * runtime: enabling the runtime feature `envoy.deprecated_features.allow_deprecated_extension_names` disables the use of deprecated extension names. * runtime: integer values may now be parsed as booleans. * sds: added :ref:`GenericSecret ` to support secret of generic type. * sds: added :ref:`certificate rotation ` support for certificates in static resources. * server: the SIGUSR1 access log reopen warning now is logged at info level. * stat sinks: stat sink extensions use the "envoy.stat_sinks" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * thrift_proxy: added router filter stats to docs. * tls: added configuration to disable stateless TLS session resumption :ref:`disable_stateless_session_resumption `. * tracing: added gRPC service configuration to the OpenCensus Stackdriver and OpenCensus Agent tracers. * tracing: tracer extensions use the "envoy.tracers" name space. A mapping of extension names is available in the :ref:`deprecated ` documentation. * upstream: added ``upstream_rq_retry_limit_exceeded`` to :ref:`cluster `, and :ref:`virtual cluster ` stats. * upstream: changed load distribution algorithm when all priorities enter :ref:`panic mode`. * upstream: combined HTTP/1 and HTTP/2 connection pool code. This means that circuit breaker limits for both requests and connections apply to both pool types. Also, HTTP/2 now has the option to limit concurrent requests on a connection, and allow multiple draining connections. The old behavior is deprecated, but can be used during the deprecation period by disabling runtime feature `envoy.reloadable_features.new_http1_connection_pool_behavior` or `envoy.reloadable_features.new_http2_connection_pool_behavior` and then re-configure your clusters or restart Envoy. The behavior will not switch until the connection pools are recreated. The new circuit breaker behavior is described :ref:`here `. * zlib: by default zlib is initialized to use its default strategy (Z_DEFAULT_STRATEGY) instead of the fixed one (Z_FIXED). The difference is that the use of dynamic Huffman codes is enabled now resulting in better compression ratio for normal data. Deprecated ---------- * The previous behavior for upstream connection pool circuit breaking described `here `_ has been deprecated in favor of the new behavior described :ref:`here `. * Access Logger, Listener Filter, HTTP Filter, Network Filter, Stats Sink, and Tracer names have been deprecated in favor of the extension name from the envoy build system. Disable the runtime feature "envoy.deprecated_features.allow_deprecated_extension_names" to disallow the deprecated names. Use of these extension names generates a log message and increments the "deprecated_feature_use" metric in stats. .. csv-table:: :header: Canonical Names, Deprecated Names :widths: 1, 1 envoy.access_loggers.file, envoy.file_access_log envoy.access_loggers.http_grpc, envoy.http_grpc_access_log envoy.access_loggers.tcp_grpc, envoy.tcp_grpc_access_log envoy.filters.http.buffer, envoy.buffer envoy.filters.http.cors, envoy.cors envoy.filters.http.csrf, envoy.csrf envoy.filters.http.dynamo, envoy.http_dynamo_filter envoy.filters.http.ext_authz, envoy.ext_authz envoy.filters.http.fault, envoy.fault envoy.filters.http.grpc_http1_bridge, envoy.grpc_http1_bridge envoy.filters.http.grpc_json_transcoder, envoy.grpc_json_transcoder envoy.filters.http.grpc_web, envoy.grpc_web envoy.filters.http.gzip, envoy.gzip envoy.filters.http.health_check, envoy.health_check envoy.filters.http.ip_tagging, envoy.ip_tagging envoy.filters.http.lua, envoy.lua envoy.filters.http.ratelimit, envoy.rate_limit envoy.filters.http.router, envoy.router envoy.filters.http.squash, envoy.squash envoy.filters.listener.http_inspector, envoy.listener.http_inspector envoy.filters.listener.original_dst, envoy.listener.original_dst envoy.filters.listener.original_src, envoy.listener.original_src envoy.filters.listener.proxy_protocol, envoy.listener.proxy_protocol envoy.filters.listener.tls_inspector, envoy.listener.tls_inspector envoy.filters.network.client_ssl_auth, envoy.client_ssl_auth envoy.filters.network.echo, envoy.echo envoy.filters.network.ext_authz, envoy.ext_authz envoy.filters.network.http_connection_manager, envoy.http_connection_manager envoy.filters.network.mongo_proxy, envoy.mongo_proxy envoy.filters.network.ratelimit, envoy.ratelimit envoy.filters.network.redis_proxy, envoy.redis_proxy envoy.filters.network.tcp_proxy, envoy.tcp_proxy envoy.stat_sinks.dog_statsd, envoy.dog_statsd envoy.stat_sinks.metrics_service, envoy.metrics_service envoy.stat_sinks.statsd, envoy.statsd envoy.tracers.dynamic_ot, envoy.dynamic.ot envoy.tracers.lightstep, envoy.lightstep envoy.tracers.zipkin, envoy.zipkin .. note:: Some renamed filters produce metadata using their filter name as the metadata namespace: * Mongo Proxy Filter * Zookeeper Filter The metadata generated by these filters may be consumed by the following extensions, whose configurations may need to be adjusted to use the new names. * Access Loggers * HTTP and Network Ext Authz filters * HTTP and Network RBAC filters * Tracers * The previous behavior of auto ignoring case in headers matching: :ref:`allowed_headers `, :ref:`allowed_upstream_headers `, and :ref:`allowed_client_headers ` of HTTP-based `ext_authz` has been deprecated in favor of explicitly setting the :ref:`ignore_case ` field. * The `header_fields`, `custom_header_fields`, and `additional_headers` fields for the route checker tool have been deprecated in favor of `request_header_fields`, `response_header_fields`, `additional_request_headers`, and `additional_response_headers`. * The `content_length`, `content_type`, `disable_on_etag_header` and `remove_accept_encoding_header` fields in :ref:`HTTP Gzip filter config ` have been deprecated in favor of `compressor`. * The statistics counter `header_gzip` in :ref:`HTTP Gzip filter ` has been deprecated in favor of `header_compressor_used`. * Support for the undocumented HTTP/1.1 `:no-chunks` pseudo-header has been removed. If an extension was using this it can achieve the same behavior via the new `http1StreamEncoderOptions()` API. * The grpc_stats filter behavior of by default creating a new stat for every message type seen is deprecated. The default will switch to only creating a fixed set of stats. The previous behavior can be enabled by enabling :ref:`stats_for_all_methods `, and the previous default can be enabled until the end of the deprecation period by enabling runtime feature `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. * The :ref:`source_ip ` field in `RBAC `_ has been deprecated in favor of :ref:`direct_remote_ip ` and :ref:`remote_ip `. ================================================ FILE: docs/root/version_history/v1.14.1.rst ================================================ 1.14.1 (April 8, 2020) ====================== Changes ------- * request_id_extension: fixed static initialization for noop request id extension. ================================================ FILE: docs/root/version_history/v1.14.2.rst ================================================ 1.14.2 (June 8, 2020) ===================== Changes ------- * http: fixed CVE-2020-11080 by rejecting HTTP/2 SETTINGS frames with too many parameters. * http: the :ref:`stream_idle_timeout ` now also defends against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * listener: Add runtime support for `per-listener limits ` on active/accepted connections. * overload management: Add runtime support for :ref:`global limits ` on active/accepted connections. ================================================ FILE: docs/root/version_history/v1.14.3.rst ================================================ 1.14.3 (June 30, 2020) ====================== Changes ------- * buffer: fixed CVE-2020-12603 by avoiding fragmentation, and tracking of HTTP/2 data and control frames in the output buffer. * http: fixed CVE-2020-12604 by changing :ref:`stream_idle_timeout ` to also defend against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * http: fixed CVE-2020-12605 by including request URL in request header size computation, and rejecting partial headers that exceed configured limits. * listener: fixed CVE-2020-8663 by adding runtime support for :ref:`per-listener limits ` on active/accepted connections. * overload management: fixed CVE-2020-8663 by adding runtime support for :ref:`global limits ` on active/accepted connections. ================================================ FILE: docs/root/version_history/v1.14.4.rst ================================================ 1.14.4 (July 7, 2020) ===================== * tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. ================================================ FILE: docs/root/version_history/v1.14.5.rst ================================================ 1.14.5 (September 29, 2020) =========================== Changes ------- * http: fixed CVE-2020-25017. Previously header matching did not match on all headers for non-inline headers. This patch changes the default behavior to always logically match on all headers. Multiple individual headers will be logically concatenated with ',' similar to what is done with inline headers. This makes the behavior effectively consistent. This behavior can be temporary reverted by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to "false". Targeted fixes have been additionally performed on the following extensions which make them consider all duplicate headers by default as a comma concatenated list: 1. Any extension using CEL matching on headers. 2. The header to metadata filter. 3. The JWT filter. 4. The Lua filter. Like primary header matching used in routing, RBAC, etc. this behavior can be disabled by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to false. * http: fixed CVE-2020-25017. The setCopy() header map API previously only set the first header in the case of duplicate non-inline headers. setCopy() now behaves similarly to the other set*() APIs and replaces all found headers with a single value. This may have had security implications in the extauth filter which uses this API. This behavior can be disabled by setting the runtime value "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. ================================================ FILE: docs/root/version_history/v1.15.0.rst ================================================ 1.15.0 (July 7, 2020) ===================== Incompatible Behavior Changes ----------------------------- *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* * build: official released binary is now built on Ubuntu 18.04, requires glibc >= 2.27. * client_ssl_auth: the `auth_ip_white_list` stat has been renamed to :ref:`auth_ip_allowlist `. * header to metadata: on_header_missing rules with empty values are now rejected (they were skipped before). * router: path_redirect now keeps query string by default. This behavior may be reverted by setting runtime feature `envoy.reloadable_features.preserve_query_string_in_path_redirects` to false. * tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. Minor Behavior Changes ---------------------- *Changes that may cause incompatibilities for some users, but should not for most* * access loggers: applied existing buffer limits to access logs, as well as :ref:`stats ` for logged / dropped logs. This can be reverted temporarily by setting runtime feature `envoy.reloadable_features.disallow_unbounded_access_logs` to false. * build: runs as non-root inside Docker containers. Existing behaviour can be restored by setting the environment variable `ENVOY_UID` to `0`. `ENVOY_UID` and `ENVOY_GID` can be used to set the envoy user's `uid` and `gid` respectively. * health check: in the health check filter the :ref:`percentage of healthy servers in upstream clusters ` is now interpreted as an integer. * hot restart: added the option :option:`--use-dynamic-base-id` to select an unused base ID at startup and the option :option:`--base-id-path` to write the base id to a file (for reuse with later hot restarts). * http: changed early error path for HTTP/1.1 so that responses consistently flow through the http connection manager, and the http filter chains. This behavior may be temporarily reverted by setting runtime feature `envoy.reloadable_features.early_errors_via_hcm` to false. * http: fixed several bugs with applying correct connection close behavior across the http connection manager, health checker, and connection pool. This behavior may be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_connection_close` to false. * http: fixed a bug where the upgrade header was not cleared on responses to non-upgrade requests. Can be reverted temporarily by setting runtime feature `envoy.reloadable_features.fix_upgrade_response` to false. * http: stopped overwriting `date` response headers. Responses without a `date` header will still have the header properly set. This behavior can be temporarily reverted by setting `envoy.reloadable_features.preserve_upstream_date` to false. * http: stopped adding a synthetic path to CONNECT requests, meaning unconfigured CONNECT requests will now return 404 instead of 403. This behavior can be temporarily reverted by setting `envoy.reloadable_features.stop_faking_paths` to false. * http: stopped allowing upstream 1xx or 204 responses with Transfer-Encoding or non-zero Content-Length headers. Content-Length of 0 is allowed, but stripped. This behavior can be temporarily reverted by setting `envoy.reloadable_features.strict_1xx_and_204_response_headers` to false. * http: upstream connections will now automatically set ALPN when this value is not explicitly set elsewhere (e.g. on the upstream TLS config). This behavior may be temporarily reverted by setting runtime feature `envoy.reloadable_features.http_default_alpn` to false. * listener: fixed a bug where when a static listener fails to be added to a worker, the listener was not removed from the active listener list. * router: extended to allow retries of streaming or incomplete requests. This removes stat `rq_retry_skipped_request_not_complete`. * router: extended to allow retries by default when upstream responds with :ref:`x-envoy-overloaded `. Bug Fixes --------- *Changes expected to improve the state of the world and are unlikely to have negative effects* * adaptive concurrency: fixed a minRTT calculation bug where requests started before the concurrency limit was pinned to the minimum would skew the new minRTT value if the replies arrived after the start of the new minRTT window. * buffer: fixed CVE-2020-12603 by avoiding fragmentation, and tracking of HTTP/2 data and control frames in the output buffer. * grpc-json: fixed a bug when in trailers only gRPC response (e.g. error) HTTP status code is not being re-written. * http: fixed a bug in the grpc_http1_reverse_bridge filter where header-only requests were forwarded with a non-zero content length. * http: fixed a bug where in some cases slash was moved from path to query string when :ref:`merging of adjacent slashes` is enabled. * http: fixed CVE-2020-12604 by changing :ref:`stream_idle_timeout ` to also defend against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. * http: fixed CVE-2020-12605 by including request URL in request header size computation, and rejecting partial headers that exceed configured limits. * http: fixed several bugs with applying correct connection close behavior across the http connection manager, health checker, and connection pool. This behavior may be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_connection_close` to false. * listener: fixed CVE-2020-8663 by adding runtime support for :ref:`per-listener limits ` on active/accepted connections. * overload management: fixed CVE-2020-8663 by adding runtime support for :ref:`global limits ` on active/accepted connections. * prometheus stats: fixed the sort order of output lines to comply with the standard. * udp: the :ref:`reuse_port ` listener option must now be specified for UDP listeners if concurrency is > 1. This previously crashed so is considered a bug fix. * upstream: fixed a bug where Envoy would panic when receiving a GRPC SERVICE_UNKNOWN status on the health check. Removed Config or Runtime ------------------------- *Normally occurs at the end of the* :ref:`deprecation period ` * http: removed legacy connection pool code and their runtime features: `envoy.reloadable_features.new_http1_connection_pool_behavior` and `envoy.reloadable_features.new_http2_connection_pool_behavior`. New Features ------------ * access loggers: added file access logger config :ref:`log_format `. * access loggers: added GRPC_STATUS operator on logging format. * access loggers: added gRPC access logger config added :ref:`API version ` to explicitly set the version of gRPC service endpoint and message to be used. * access loggers: extended specifier for FilterStateFormatter to output :ref:`unstructured log string `. * admin: added support for dumping EDS config at :ref:`/config_dump?include_eds `. * aggregate cluster: made route :ref:`retry_priority ` predicates work with :ref:`this cluster type `. * build: official released binary is now built on Ubuntu 18.04, requires glibc >= 2.27. * build: official released binary is now built with Clang 10.0.0. * cluster: added an extension point for configurable :ref:`upstreams `. * compressor: exposed generic :ref:`compressor ` filter to users. * config: added :ref:`identifier ` stat that reflects control plane identifier. * config: added :ref:`version_text ` stat that reflects xDS version. * decompressor: exposed generic :ref:`decompressor ` filter to users. * dynamic forward proxy: added :ref:`SNI based dynamic forward proxy ` support. * dynamic forward proxy: added configurable :ref:`circuit breakers ` for resolver on DNS cache. This behavior can be temporarily disabled by the runtime feature `envoy.reloadable_features.enable_dns_cache_circuit_breakers`. If this runtime feature is disabled, the upstream circuit breakers for the cluster will be used even if the :ref:`DNS Cache circuit breakers ` are configured. * dynamic forward proxy: added :ref:`allow_insecure_cluster_options` to allow disabling of auto_san_validation and auto_sni. * ext_authz filter: added :ref:`v2 deny_at_disable `, :ref:`v3 deny_at_disable `. This allows force denying protected paths while filter gets disabled, by setting this key to true. * ext_authz filter: added API version field for both :ref:`HTTP ` and :ref:`Network ` filters to explicitly set the version of gRPC service endpoint and message to be used. * ext_authz filter: added :ref:`v3 allowed_upstream_headers_to_append ` to allow appending multiple header entries (returned by the authorization server) with the same key to the original request headers. * fault: added support for controlling the percentage of requests that abort, delay and response rate limits faults are applied to using :ref:`HTTP headers ` to the HTTP fault filter. * fault: added support for specifying grpc_status code in abort faults using :ref:`HTTP header ` or abort fault configuration in HTTP fault filter. * filter: added `upstream_rq_time` stats to the GPRC stats filter. Disabled by default and can be enabled via :ref:`enable_upstream_stats `. * grpc: added support for Google gRPC :ref:`custom channel arguments `. * grpc-json: added support for streaming response using `google.api.HttpBody `_. * grpc-json: send a `x-envoy-original-method` header to grpc services. * gzip filter: added option to set zlib's next output buffer size. * hds: updated to allow to explicitly set the API version of gRPC service endpoint and message to be used. * header to metadata: added support for regex substitutions on header values. * health checks: allowed configuring health check transport sockets by specifying :ref:`transport socket match criteria `. * http: added :ref:`local_reply config ` to http_connection_manager to customize :ref:`local reply `. * http: added :ref:`stripping port from host header ` support. * http: added support for proxying CONNECT requests, terminating CONNECT requests, and converting raw TCP streams into HTTP/2 CONNECT requests. See :ref:`upgrade documentation` for details. * listener: added in place filter chain update flow for tcp listener update which doesn't close connections if the corresponding network filter chain is equivalent during the listener update. Can be disabled by setting runtime feature `envoy.reloadable_features.listener_in_place_filterchain_update` to false. Also added additional draining filter chain stat for :ref:`listener manager ` to track the number of draining filter chains and the number of in place update attempts. * logger: added :option:`--log-format-prefix-with-location` command line option to prefix '%v' with file path and line number. * lrs: added new *envoy_api_field_service.load_stats.v2.LoadStatsResponse.send_all_clusters* field in LRS response, which allows management servers to avoid explicitly listing all clusters it is interested in; behavior is allowed based on new "envoy.lrs.supports_send_all_clusters" capability in :ref:`client_features` field. * lrs: updated to allow to explicitly set the API version of gRPC service endpoint and message to be used. * lua: added :ref:`per route config ` for Lua filter. * lua: added tracing to the ``httpCall()`` API. * metrics service: added :ref:`API version ` to explicitly set the version of gRPC service endpoint and message to be used. * network filters: added a :ref:`postgres proxy filter `. * network filters: added a :ref:`rocketmq proxy filter `. * performance: enabled stats symbol table implementation by default. To disable it, add `--use-fake-symbol-table 1` to the command-line arguments when starting Envoy. * ratelimit: added support for use of dynamic metadata :ref:`dynamic_metadata ` as a ratelimit action. * ratelimit: added :ref:`API version ` to explicitly set the version of gRPC service endpoint and message to be used. * ratelimit: support specifying dynamic overrides in rate limit descriptors using :ref:`limit override ` config. * redis: added acl support :ref:`downstream_auth_username ` for downstream client ACL authentication, and :ref:`auth_username ` to configure authentication usernames for upstream Redis 6+ server clusters with ACL enabled. * regex: added support for enforcing max program size via runtime and stats to monitor program size for :ref:`Google RE2 `. * request_id: added to :ref:`always_set_request_id_in_response setting ` to set :ref:`x-request-id ` header in response even if tracing is not forced. * router: added more fine grained internal redirect configs to the :ref:`internal_redirect_policy ` field. * router: added regex substitution support for header based hashing. * router: added support for RESPONSE_FLAGS and RESPONSE_CODE_DETAILS :ref:`header formatters `. * router: allow Rate Limiting Service to be called in case of missing request header for a descriptor if the :ref:`skip_if_absent ` field is set to true. * runtime: added new gauge :ref:`deprecated_feature_seen_since_process_start ` that gets reset across hot restarts. * server: added the option :option:`--drain-strategy` to enable different drain strategies for DrainManager::drainClose(). * server: added :ref:`server.envoy_bug_failures ` statistic to count ENVOY_BUG failures. * stats: added the option to :ref:`report counters as deltas ` to the metrics service stats sink. * tracing: made tracing configuration fully dynamic and every HTTP connection manager can now have a separate :ref:`tracing provider `. * udp: upgraded :ref:`udp_proxy ` filter to v3 and promoted it out of alpha. Deprecated ---------- * Tracing provider configuration as part of :ref:`bootstrap config ` has been deprecated in favor of configuration as part of :ref:`HTTP connection manager `. * The :ref:`HTTP Gzip filter ` has been deprecated in favor of :ref:`Compressor `. * The * :ref:`GoogleRE2.max_program_size` field is now deprecated. Management servers are expected to validate regexp program sizes instead of expecting the client to do it. Alternatively, the max program size can be enforced by Envoy via runtime. * The :ref:`internal_redirect_action ` field and :ref:`max_internal_redirects ` field are now deprecated. This changes the implemented default cross scheme redirect behavior. All cross scheme redirects are disallowed by default. To restore the previous behavior, set allow_cross_scheme_redirect=true and use :ref:`safe_cross_scheme`, in :ref:`predicates `. * File access logger fields :ref:`format `, :ref:`json_format ` and :ref:`typed_json_format ` are deprecated in favor of :ref:`log_format `. * A warning is now logged when v2 xDS api is used. This behavior can be temporarily disabled by setting `envoy.reloadable_features.enable_deprecated_v2_api_warning` to `false`. * Using cluster circuit breakers for DNS Cache is now deprecated in favor of :ref:`DNS cache circuit breakers `. This behavior can be temporarily disabled by setting `envoy.reloadable_features.enable_dns_cache_circuit_breakers` to `false`. ================================================ FILE: docs/root/version_history/v1.15.1.rst ================================================ 1.15.1 (September 29, 2020) =========================== Changes ------- * http: fixed CVE-2020-25017. Previously header matching did not match on all headers for non-inline headers. This patch changes the default behavior to always logically match on all headers. Multiple individual headers will be logically concatenated with ',' similar to what is done with inline headers. This makes the behavior effectively consistent. This behavior can be temporary reverted by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to "false". Targeted fixes have been additionally performed on the following extensions which make them consider all duplicate headers by default as a comma concatenated list: 1. Any extension using CEL matching on headers. 2. The header to metadata filter. 3. The JWT filter. 4. The Lua filter. Like primary header matching used in routing, RBAC, etc. this behavior can be disabled by setting the runtime value "envoy.reloadable_features.header_match_on_all_headers" to false. * http: The setCopy() header map API previously only set the first header in the case of duplicate non-inline headers. setCopy() now behaves similarly to the other set*() APIs and replaces all found headers with a single value. This may have had security implications in the extauth filter which uses this API. This behavior can be disabled by setting the runtime value "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. ================================================ FILE: docs/root/version_history/v1.15.2.rst ================================================ 1.15.2 (September 29, 2020) =========================== Changes ------- * docs: fix docs for v1.15.1. ================================================ FILE: docs/root/version_history/v1.2.0.rst ================================================ 1.2.0 (March 7, 2017) ===================== Changes ------- * :ref:`Cluster discovery service (CDS) API `. * :ref:`Outlier detection ` (passive health checking). * Envoy configuration is now checked against a JSON schema. * :ref:`Ring hash ` consistent load balancer, as well as HTTP consistent hash routing based on a policy. * Vastly :ref:`enhanced global rate limit configuration ` via the HTTP rate limiting filter. * HTTP routing to a cluster retrieved from a header. * Weighted cluster HTTP routing. * Auto host rewrite during HTTP routing. * Regex header matching during HTTP routing. * HTTP access log runtime filter. * LightStep tracer :ref:`parent/child span association `. * :ref:`Route discovery service (RDS) API `. * HTTP router :ref:`x-envoy-upstream-rq-timeout-alt-response header ` support. * *use_original_dst* and *bind_to_port* :ref:`listener options ` (useful for iptables based transparent proxy support). * TCP proxy filter :ref:`route table support `. * Configurable stats flush interval. * Various :ref:`third party library upgrades `, including using BoringSSL as the default SSL provider. * No longer maintain closed HTTP/2 streams for priority calculations. Leads to substantial memory savings for large meshes. * Numerous small changes and fixes not listed here. ================================================ FILE: docs/root/version_history/v1.3.0.rst ================================================ 1.3.0 (May 17, 2017) ==================== Changes ------- * As of this release, we now have an official :repo:`breaking change policy `. Note that there are numerous breaking configuration changes in this release. They are not listed here. Future releases will adhere to the policy and have clear documentation on deprecations and changes. * Bazel is now the canonical build system (replacing CMake). There have been a huge number of changes to the development/build/test flow. See :repo:`/bazel/README.md` and :repo:`/ci/README.md` for more information. * :ref:`Outlier detection ` has been expanded to include success rate variance, and all parameters are now configurable in both runtime and in the JSON configuration. * TCP level listener and cluster connections now have configurable receive buffer limits at which point connection level back pressure is applied. Full end to end flow control will be available in a future release. * :ref:`Redis health checking ` has been added as an active health check type. Full Redis support will be documented/supported in 1.4.0. * :ref:`TCP health checking ` now supports a "connect only" mode that only checks if the remote server can be connected to without writing/reading any data. * `BoringSSL `_ is now the only supported TLS provider. The default cipher suites and ECDH curves have been updated with more modern defaults for both listener and cluster connections. * The `header value match` rate limit action has been expanded to include an `expect match` parameter. * Route level HTTP rate limit configurations now do not inherit the virtual host level configurations by default. Use `include_vh_rate_limits` to inherit the virtual host level options if desired. * HTTP routes can now add request headers on a per route and per virtual host basis via the :ref:`request_headers_to_add ` option. * The :ref:`example configurations ` have been refreshed to demonstrate the latest features. * `per_try_timeout_ms` can now be configured in a route's retry policy in addition to via the :ref:`x-envoy-upstream-rq-per-try-timeout-ms ` HTTP header. * HTTP virtual host matching now includes support for prefix wildcard domains (e.g., `*.lyft.com`). * The default for tracing random sampling has been changed to 100% and is still configurable in :ref:`runtime `. * HTTP tracing configuration has been extended to allow tags to be populated from arbitrary HTTP headers. * The :ref:`HTTP rate limit filter ` can now be applied to internal, external, or all requests via the `request_type` option. * :ref:`Listener binding ` now requires specifying an `address` field. This can be used to bind a listener to both a specific address as well as a port. * The :ref:`MongoDB filter ` now emits a stat for queries that do not have `$maxTimeMS` set. * The :ref:`MongoDB filter ` now emits logs that are fully valid JSON. * The CPU profiler output path is now configurable. * A watchdog system has been added that can kill the server if a deadlock is detected. * A :ref:`route table checking tool ` has been added that can be used to test route tables before use. * We have added an :ref:`example repo ` that shows how to compile/link a custom filter. * Added additional cluster wide information related to outlier detection to the :ref:`/clusters admin endpoint `. * Multiple SANs can now be verified via the `verify_subject_alt_name` setting. Additionally, URI type SANs can be verified. * HTTP filters can now be passed opaque configuration specified on a per route basis. * By default Envoy now has a built in crash handler that will print a back trace. This behavior can be disabled if desired via the ``--define=signal_trace=disabled`` Bazel option. * Zipkin has been added as a supported :ref:`tracing provider `. * Numerous small changes and fixes not listed here. ================================================ FILE: docs/root/version_history/v1.4.0.rst ================================================ 1.4.0 (August 24, 2017) ======================= Changes ------- * macOS is :repo:`now supported `. (A few features are missing such as hot restart and original destination routing). * YAML is now directly supported for config files. * Added /routes admin endpoint. * End-to-end flow control is now supported for TCP proxy, HTTP/1, and HTTP/2. HTTP flow control that includes filter buffering is incomplete and will be implemented in 1.5.0. * Log verbosity :repo:`compile time flag ` added. * Hot restart :repo:`compile time flag ` added. * Original destination :ref:`cluster ` and :ref:`load balancer ` added. * :ref:`WebSocket ` is now supported. * Virtual cluster priorities have been hard removed without deprecation as we are reasonably sure no one is using this feature. * Route `validate_clusters` option added. * :ref:`x-envoy-downstream-service-node ` header added. * :ref:`x-forwarded-client-cert ` header added. * Initial HTTP/1 forward proxy support for absolute URLs has been added. * HTTP/2 codec settings are now configurable. * gRPC/JSON transcoder :ref:`filter ` added. * gRPC web :ref:`filter ` added. * Configurable timeout for the rate limit service call in the :ref:`network ` and :ref:`HTTP ` rate limit filters. * :ref:`x-envoy-retry-grpc-on ` header added. * :ref:`LDS API ` added. * TLS :`require_client_certificate` option added. * :ref:`Configuration check tool ` added. * :ref:`JSON schema check tool ` added. * Config validation mode added via the :option:`--mode` option. * :option:`--local-address-ip-version` option added. * IPv6 support is now complete. * UDP `statsd_ip_address` option added. * Per-cluster DNS resolvers added. * :ref:`Fault filter ` enhancements and fixes. * Several features are :ref:`deprecated as of the 1.4.0 release `. They will be removed at the beginning of the 1.5.0 release cycle. We explicitly call out that the `HttpFilterConfigFactory` filter API has been deprecated in favor of `NamedHttpFilterConfigFactory`. * Many small bug fixes and performance improvements not listed. Deprecated ---------- * Config option `statsd_local_udp_port` has been deprecated and has been replaced with `statsd_udp_ip_address`. * `HttpFilterConfigFactory` filter API has been deprecated in favor of `NamedHttpFilterConfigFactory`. * Config option `http_codec_options` has been deprecated and has been replaced with `http2_settings`. * The following log macros have been deprecated: `log_trace`, `log_debug`, `conn_log`, `conn_log_info`, `conn_log_debug`, `conn_log_trace`, `stream_log`, `stream_log_info`, `stream_log_debug`, `stream_log_trace`. For replacements, please see `logger.h `_. * The connectionId() and ssl() callbacks of StreamFilterCallbacks have been deprecated and replaced with a more general connection() callback, which, when not returning a nullptr, can be used to get the connection id and SSL connection from the returned Connection object pointer. * The protobuf stub gRPC support via `Grpc::RpcChannelImpl` is now replaced with `Grpc::AsyncClientImpl`. This no longer uses `protoc` generated stubs but instead utilizes C++ template generation of the RPC stubs. `Grpc::AsyncClientImpl` supports streaming, in addition to the previous unary, RPCs. * The direction of network and HTTP filters in the configuration will be ignored from 1.4.0 and later removed from the configuration in the v2 APIs. Filter direction is now implied at the C++ type level. The `type()` methods on the `NamedNetworkFilterConfigFactory` and `NamedHttpFilterConfigFactory` interfaces have been removed to reflect this. ================================================ FILE: docs/root/version_history/v1.5.0.rst ================================================ 1.5.0 (December 4, 2017) ======================== Changes ------- * access log: added fields for :ref:`UPSTREAM_LOCAL_ADDRESS and DOWNSTREAM_ADDRESS `. * admin: added :ref:`JSON output ` for stats admin endpoint. * admin: added basic :ref:`Prometheus output ` for stats admin endpoint. Histograms are not currently output. * admin: added ``version_info`` to the :ref:`/clusters admin endpoint`. * config: the :ref:`v2 API ` is now considered production ready. * config: added --v2-config-only CLI flag. * cors: added :ref:`CORS filter `. * health check: added :ref:`x-envoy-immediate-health-check-fail ` header support. * health check: added :ref:`reuse_connection ` option. * http: added :ref:`per-listener stats `. * http: end-to-end HTTP flow control is now complete across both connections, streams, and filters. * load balancer: added :ref:`subset load balancer `. * load balancer: added ring size and hash :ref:`configuration options `. This used to be configurable via runtime. The runtime configuration was deleted without deprecation as we are fairly certain no one is using it. * log: added the ability to optionally log to a file instead of stderr via the :option:`--log-path` option. * listeners: added :ref:`drain_type ` option. * lua: added experimental :ref:`Lua filter `. * mongo filter: added :ref:`fault injection `. * mongo filter: added :ref:`"drain close" ` support. * outlier detection: added :ref:`HTTP gateway failure type `. See :ref:`deprecated log ` for outlier detection stats deprecations in this release. * redis: the :ref:`redis proxy filter ` is now considered production ready. * redis: added :ref:`"drain close" ` functionality. * router: added :ref:`x-envoy-overloaded ` support. * router: added :ref:`regex ` route matching. * router: added :ref:`custom request headers ` for upstream requests. * router: added :ref:`downstream IP hashing ` for HTTP ketama routing. * router: added :ref:`cookie hashing `. * router: added :ref:`start_child_span ` option to create child span for egress calls. * router: added optional :ref:`upstream logs `. * router: added complete :ref:`custom append/override/remove support ` of request/response headers. * router: added support to :ref:`specify response code during redirect `. * router: added :ref:`configuration ` to return either a 404 or 503 if the upstream cluster does not exist. * runtime: added :ref:`comment capability `. * server: change default log level (:option:`-l`) to `info`. * stats: maximum stat/name sizes and maximum number of stats are now variable via the `--max-obj-name-len` and `--max-stats` options. * tcp proxy: added :ref:`access logging `. * tcp proxy: added :ref:`configurable connect retries `. * tcp proxy: enable use of :ref:`outlier detector `. * tls: added :ref:`SNI support `. * tls: added support for specifying :ref:`TLS session ticket keys `. * tls: allow configuration of the :ref:`min ` and :ref:`max ` TLS protocol versions. * tracing: added :ref:`custom trace span decorators `. * Many small bug fixes and performance improvements not listed. Deprecated ---------- * The outlier detection `ejections_total` stats counter has been deprecated and not replaced. Monitor the individual `ejections_detected_*` counters for the detectors of interest, or `ejections_enforced_total` for the total number of ejections that actually occurred. * The outlier detection `ejections_consecutive_5xx` stats counter has been deprecated in favour of `ejections_detected_consecutive_5xx` and `ejections_enforced_consecutive_5xx`. * The outlier detection `ejections_success_rate` stats counter has been deprecated in favour of `ejections_detected_success_rate` and `ejections_enforced_success_rate`. ================================================ FILE: docs/root/version_history/v1.6.0.rst ================================================ 1.6.0 (March 20, 2018) ====================== Changes ------- * access log: added DOWNSTREAM_REMOTE_ADDRESS, DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT, and DOWNSTREAM_LOCAL_ADDRESS :ref:`access log formatters `. DOWNSTREAM_ADDRESS access log formatter has been deprecated. * access log: added less than or equal (LE) :ref:`comparison filter `. * access log: added configuration to :ref:`runtime filter ` to set default sampling rate, divisor, and whether to use independent randomness or not. * admin: added :ref:`/runtime ` admin endpoint to read the current runtime values. * build: added support for :repo:`building Envoy with exported symbols `. This change allows scripts loaded with the Lua filter to load shared object libraries such as those installed via `LuaRocks `_. * config: added support for sending error details as `grpc.rpc.Status `_ in :ref:`DiscoveryRequest `. * config: added support for :ref:`inline delivery ` of TLS certificates and private keys. * config: added restrictions for the backing :ref:`config sources ` of xDS resources. For filesystem based xDS the file must exist at configuration time. For cluster based xDS the backing cluster must be statically defined and be of non-EDS type. * grpc: the Google gRPC C++ library client is now supported as specified in the :ref:`gRPC services overview ` and :ref:`GrpcService `. * grpc-json: added support for :ref:`inline descriptors `. * health check: added :ref:`gRPC health check ` based on `grpc.health.v1.Health `_ service. * health check: added ability to set :ref:`host header value ` for http health check. * health check: extended the health check filter to support computation of the health check response based on the :ref:`percentage of healthy servers in upstream clusters `. * health check: added setting for :ref:`no-traffic interval`. * http: added idle timeout for :ref:`upstream http connections `. * http: added support for :ref:`proxying 100-Continue responses `. * http: added the ability to pass a URL encoded PEM encoded peer certificate in the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header. * http: added support for trusting additional hops in the :ref:`config_http_conn_man_headers_x-forwarded-for` request header. * http: added support for :ref:`incoming HTTP/1.0 `. * hot restart: added SIGTERM propagation to children to :ref:`hot-restarter.py `, which enables using it as a parent of containers. * ip tagging: added :ref:`HTTP IP Tagging filter`. * listeners: added support for :ref:`listening for both IPv4 and IPv6 ` when binding to ::. * listeners: added support for listening on :ref:`UNIX domain sockets `. * listeners: added support for :ref:`abstract unix domain sockets ` on Linux. The abstract namespace can be used by prepending '@' to a socket path. * load balancer: added cluster configuration for :ref:`healthy panic threshold ` percentage. * load balancer: added :ref:`Maglev ` consistent hash load balancer. * load balancer: added support for :ref:`LocalityLbEndpoints` priorities. * lua: added headers :ref:`replace() ` API. * lua: extended to support :ref:`metadata object ` API. * redis: added local `PING` support to the :ref:`Redis filter `. * redis: added `GEORADIUS_RO` and `GEORADIUSBYMEMBER_RO` to the :ref:`Redis command splitter ` allowlist. * router: added DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT, DOWNSTREAM_LOCAL_ADDRESS, DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT, PROTOCOL, and UPSTREAM_METADATA :ref:`header formatters `. The CLIENT_IP header formatter has been deprecated. * router: added gateway-error :ref:`retry-on ` policy. * router: added support for route matching based on :ref:`URL query string parameters `. * router: added support for more granular weighted cluster routing by allowing the :ref:`total_weight ` to be specified in configuration. * router: added support for :ref:`custom request/response headers ` with mixed static and dynamic values. * router: added support for :ref:`direct responses `. I.e., sending a preconfigured HTTP response without proxying anywhere. * router: added support for :ref:`HTTPS redirects ` on specific routes. * router: added support for :ref:`prefix_rewrite ` for redirects. * router: added support for :ref:`stripping the query string ` for redirects. * router: added support for downstream request/upstream response :ref:`header manipulation ` in :ref:`weighted cluster `. * router: added support for :ref:`range based header matching ` for request routing. * squash: added support for the :ref:`Squash microservices debugger `. Allows debugging an incoming request to a microservice in the mesh. * stats: added metrics service API implementation. * stats: added native :ref:`DogStatsd ` support. * stats: added support for :ref:`fixed stats tag values ` which will be added to all metrics. * tcp proxy: added support for specifying a :ref:`metadata matcher ` for upstream clusters in the tcp filter. * tcp proxy: improved TCP proxy to correctly proxy TCP half-close. * tcp proxy: added :ref:`idle timeout `. * tcp proxy: access logs now bring an IP address without a port when using DOWNSTREAM_ADDRESS. Use :ref:`DOWNSTREAM_REMOTE_ADDRESS ` instead. * tracing: added support for dynamically loading an :ref:`OpenTracing tracer `. * tracing: when using the Zipkin tracer, it is now possible for clients to specify the sampling decision (using the :ref:`x-b3-sampled ` header) and have the decision propagated through to subsequently invoked services. * tracing: when using the Zipkin tracer, it is no longer necessary to propagate the :ref:`x-ot-span-context ` header. See more on trace context propagation :ref:`here `. * transport sockets: added transport socket interface to allow custom implementations of transport sockets. A transport socket provides read and write logic with buffer encryption and decryption (if applicable). The existing TLS implementation has been refactored with the interface. * upstream: added support for specifying an :ref:`alternate stats name ` while emitting stats for clusters. * Many small bug fixes and performance improvements not listed. Deprecated ---------- * DOWNSTREAM_ADDRESS log formatter is deprecated. Use DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT instead. * CLIENT_IP header formatter is deprecated. Use DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT instead. * 'use_original_dst' field in the v2 LDS API is deprecated. Use listener filters and filter chain matching instead. * `value` and `regex` fields in the `HeaderMatcher` message is deprecated. Use the `exact_match` or `regex_match` oneof instead. ================================================ FILE: docs/root/version_history/v1.7.0.rst ================================================ 1.7.0 (Jun 21, 2018) ==================== Changes ------- * access log: added ability to log response trailers. * access log: added ability to format START_TIME. * access log: added DYNAMIC_METADATA :ref:`access log formatter `. * access log: added :ref:`HeaderFilter ` to filter logs based on request headers. * access log: added `%([1-9])?f` as one of START_TIME specifiers to render subseconds. * access log: gRPC Access Log Service (ALS) support added for :ref:`HTTP access logs `. * access log: improved WebSocket logging. * admin: added :http:get:`/config_dump` for dumping the current configuration and associated xDS version information (if applicable). * admin: added :http:get:`/clusters?format=json` for outputing a JSON-serialized proto detailing the current status of all clusters. * admin: added :http:get:`/stats/prometheus` as an alternative endpoint for getting stats in prometheus format. * admin: added :ref:`/runtime_modify endpoint ` to add or change runtime values. * admin: mutations must be sent as POSTs, rather than GETs. Mutations include: :http:post:`/cpuprofiler`, :http:post:`/healthcheck/fail`, :http:post:`/healthcheck/ok`, :http:post:`/logging`, :http:post:`/quitquitquit`, :http:post:`/reset_counters`, :http:post:`/runtime_modify?key1=value1&key2=value2&keyN=valueN`. * admin: removed `/routes` endpoint; route configs can now be found at the :ref:`/config_dump endpoint `. * buffer filter: the buffer filter can be optionally :ref:`disabled ` or :ref:`overridden ` with route-local configuration. * cli: added --config-yaml flag to the Envoy binary. When set its value is interpreted as a yaml representation of the bootstrap config and overrides --config-path. * cluster: added :ref:`option ` to close tcp_proxy upstream connections when health checks fail. * cluster: added :ref:`option ` to drain connections from hosts after they are removed from service discovery, regardless of health status. * cluster: fixed bug preventing the deletion of all endpoints in a priority * debug: added symbolized stack traces (where supported) * ext-authz filter: added support to raw HTTP authorization. * ext-authz filter: added support to gRPC responses to carry HTTP attributes. * grpc: support added for the full set of :ref:`Google gRPC call credentials `. * gzip filter: added :ref:`stats ` to the filter. * gzip filter: sending *accept-encoding* header as *identity* no longer compresses the payload. * health check: added ability to set :ref:`additional HTTP headers ` for HTTP health check. * health check: added support for EDS delivered :ref:`endpoint health status `. * health check: added interval overrides for health state transitions from :ref:`healthy to unhealthy `, :ref:`unhealthy to healthy ` and for subsequent checks on :ref:`unhealthy hosts `. * health check: added support for :ref:`custom health check `. * health check: health check connections can now be configured to use http/2. * health check http filter: added :ref:`generic header matching ` to trigger health check response. Deprecated the endpoint option. * http: filters can now optionally support :ref:`virtual host `, :ref:`route `, and :ref:`weighted cluster ` local configuration. * http: added the ability to pass DNS type Subject Alternative Names of the client certificate in the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header. * http: local responses to gRPC requests are now sent as trailers-only gRPC responses instead of plain HTTP responses. Notably the HTTP response code is always "200" in this case, and the gRPC error code is carried in "grpc-status" header, optionally accompanied with a text message in "grpc-message" header. * http: added support for :ref:`via header ` append. * http: added a :ref:`configuration option ` to elide *x-forwarded-for* header modifications. * http: fixed a bug in inline headers where addCopy and addViaMove didn't add header values when encountering inline headers with multiple instances. * listeners: added :ref:`tcp_fast_open_queue_length ` option. * listeners: added the ability to match :ref:`FilterChain ` using :ref:`application_protocols ` (e.g. ALPN for TLS protocol). * listeners: `sni_domains` has been deprecated/renamed to :ref:`server_names `. * listeners: removed restriction on all filter chains having identical filters. * load balancer: added :ref:`weighted round robin ` support. The round robin scheduler now respects endpoint weights and also has improved fidelity across picks. * load balancer: :ref:`locality weighted load balancing ` is now supported. * load balancer: ability to configure zone aware load balancer settings :ref:`through the API `. * load balancer: the :ref:`weighted least request ` load balancing algorithm has been improved to have better balance when operating in weighted mode. * logger: added the ability to optionally set the log format via the :option:`--log-format` option. * logger: all :ref:`logging levels ` can be configured at run-time: trace debug info warning error critical. * rbac http filter: a :ref:`role-based access control http filter ` has been added. * router: the behavior of per-try timeouts have changed in the case where a portion of the response has already been proxied downstream when the timeout occurs. Previously, the response would be reset leading to either an HTTP/2 reset or an HTTP/1 closed connection and a partial response. Now, the timeout will be ignored and the response will continue to proxy up to the global request timeout. * router: changed the behavior of :ref:`source IP routing ` to ignore the source port. * router: added an :ref:`prefix_match ` match type to explicitly match based on the prefix of a header value. * router: added an :ref:`suffix_match ` match type to explicitly match based on the suffix of a header value. * router: added an :ref:`present_match ` match type to explicitly match based on a header's presence. * router: added an :ref:`invert_match ` config option which supports inverting all other match types to match based on headers which are not a desired value. * router: allow :ref:`cookie routing ` to generate session cookies. * router: added START_TIME as one of supported variables in :ref:`header formatters `. * router: added a :ref:`max_grpc_timeout ` config option to specify the maximum allowable value for timeouts decoded from gRPC header field `grpc-timeout`. * router: added a :ref:`configuration option ` to disable *x-envoy-* header generation. * router: added 'unavailable' to the retriable gRPC status codes that can be specified through :ref:`x-envoy-retry-grpc-on `. * sockets: added :ref:`tap transport socket extension ` to support recording plain text traffic and PCAP generation. * sockets: added `IP_FREEBIND` socket option support for :ref:`listeners ` and upstream connections via :ref:`cluster manager wide ` and :ref:`cluster specific ` options. * sockets: added `IP_TRANSPARENT` socket option support for :ref:`listeners `. * sockets: added `SO_KEEPALIVE` socket option for upstream connections :ref:`per cluster `. * stats: added support for histograms. * stats: added :ref:`option to configure the statsd prefix`. * stats: updated stats sink interface to flush through a single call. * tls: added support for :ref:`verify_certificate_spki `. * tls: added support for multiple :ref:`verify_certificate_hash ` values. * tls: added support for using :ref:`verify_certificate_spki ` and :ref:`verify_certificate_hash ` without :ref:`trusted_ca `. * tls: added support for allowing expired certificates with :ref:`allow_expired_certificate `. * tls: added support for :ref:`renegotiation ` when acting as a client. * tls: removed support for legacy SHA-2 CBC cipher suites. * tracing: the sampling decision is now delegated to the tracers, allowing the tracer to decide when and if to use it. For example, if the :ref:`x-b3-sampled ` header is supplied with the client request, its value will override any sampling decision made by the Envoy proxy. * websocket: support configuring idle_timeout and max_connect_attempts. * upstream: added support for host override for a request in :ref:`Original destination host request header `. * header to metadata: added :ref:`HTTP Header to Metadata filter`. Deprecated ---------- * Admin mutations should be sent as POSTs rather than GETs. HTTP GETs will result in an error status code and will not have their intended effect. Prior to 1.7, GETs can be used for admin mutations, but a warning is logged. * Rate limit service configuration via the `cluster_name` field is deprecated. Use `grpc_service` instead. * gRPC service configuration via the `cluster_names` field in `ApiConfigSource` is deprecated. Use `grpc_services` instead. Prior to 1.7, a warning is logged. * Redis health checker configuration via the `redis_health_check` field in `HealthCheck` is deprecated. Use `custom_health_check` with name `envoy.health_checkers.redis` instead. Prior to 1.7, `redis_health_check` can be used, but warning is logged. * `SAN` is replaced by `URI` in the `x-forwarded-client-cert` header. * The `endpoint` field in the http health check filter is deprecated in favor of the `headers` field where one can specify HeaderMatch objects to match on. * The `sni_domains` field in the filter chain match was deprecated/renamed to `server_names`. ================================================ FILE: docs/root/version_history/v1.8.0.rst ================================================ 1.8.0 (Oct 4, 2018) =================== Changes ------- * access log: added :ref:`response flag filter ` to filter based on the presence of Envoy response flags. * access log: added RESPONSE_DURATION and RESPONSE_TX_DURATION. * access log: added REQUESTED_SERVER_NAME for SNI to tcp_proxy and http * admin: added :http:get:`/hystrix_event_stream` as an endpoint for monitoring envoy's statistics through `Hystrix dashboard `_. * cli: added support for :ref:`component log level ` command line option for configuring log levels of individual components. * cluster: added :ref:`option ` to merge health check/weight/metadata updates within the given duration. * config: regex validation added to limit to a maximum of 1024 characters. * config: v1 disabled by default. v1 support remains available until October via flipping --v2-config-only=false. * config: v1 disabled by default. v1 support remains available until October via deprecated flag --allow-deprecated-v1-api. * config: fixed stat inconsistency between xDS and ADS implementation. :ref:`update_failure ` stat is incremented in case of network failure and :ref:`update_rejected ` stat is incremented in case of schema/validation error. * config: added a stat :ref:`connected_state ` that indicates current connected state of Envoy with management server. * ext_authz: added support for configuring additional :ref:`authorization headers ` to be sent from Envoy to the authorization service. * fault: added support for fractional percentages in :ref:`FaultDelay ` and in :ref:`FaultAbort `. * grpc-json: added support for building HTTP response from `google.api.HttpBody `_. * health check: added support for :ref:`custom health check `. * health check: added support for :ref:`specifying jitter as a percentage `. * health_check: added support for :ref:`health check event logging `. * health_check: added :ref:`timestamp ` to the :ref:`health check event ` definition. * health_check: added support for specifying :ref:`custom request headers ` to HTTP health checker requests. * http: added support for a :ref:`per-stream idle timeout `. This applies at both :ref:`connection manager ` and :ref:`per-route granularity `. The timeout defaults to 5 minutes; if you have other timeouts (e.g. connection idle timeout, upstream response per-retry) that are longer than this in duration, you may want to consider setting a non-default per-stream idle timeout. * http: added upstream_rq_completed counter for :ref:`total requests completed ` to dynamic HTTP counters. * http: added downstream_rq_completed counter for :ref:`total requests completed `, including on a :ref:`per-listener basis `. * http: added generic :ref:`Upgrade support `. * http: better handling of HEAD requests. Now sending transfer-encoding: chunked rather than content-length: 0. * http: fixed missing support for appending to predefined inline headers, e.g. *authorization*, in features that interact with request and response headers, e.g. :ref:`request_headers_to_add `. For example, a request header *authorization: token1* will appear as *authorization: token1,token2*, after having :ref:`request_headers_to_add ` with *authorization: token2* applied. * http: response filters not applied to early error paths such as http_parser generated 400s. * http: restrictions added to reject *:*-prefixed pseudo-headers in :ref:`custom request headers `. * http: :ref:`hpack_table_size ` now controls dynamic table size of both: encoder and decoder. * http: added support for removing request headers using :ref:`request_headers_to_remove `. * http: added support for a :ref:`delayed close timeout` to mitigate race conditions when closing connections to downstream HTTP clients. The timeout defaults to 1 second. * jwt-authn filter: add support for per route JWT requirements. * listeners: added the ability to match :ref:`FilterChain ` using :ref:`destination_port ` and :ref:`prefix_ranges `. * lua: added :ref:`connection() ` wrapper and *ssl()* API. * lua: added :ref:`streamInfo() ` wrapper and *protocol()* API. * lua: added :ref:`streamInfo():dynamicMetadata() ` API. * network: introduced :ref:`sni_cluster ` network filter that forwards connections to the upstream cluster specified by the SNI value presented by the client during a TLS handshake. * proxy_protocol: added support for HAProxy Proxy Protocol v2 (AF_INET/AF_INET6 only). * ratelimit: added support for :repo:`api/envoy/service/ratelimit/v2/rls.proto`. Lyft's reference implementation of the `ratelimit `_ service also supports the data-plane-api proto as of v1.1.0. Envoy can use either proto to send client requests to a ratelimit server with the use of the `use_data_plane_proto` boolean flag in the ratelimit configuration. Support for the legacy proto `source/common/ratelimit/ratelimit.proto` is deprecated and will be removed at the start of the 1.9.0 release cycle. * ratelimit: added :ref:`failure_mode_deny ` option to control traffic flow in case of rate limit service error. * rbac config: added a :ref:`principal_name ` field and removed the old `name` field to give more flexibility for matching certificate identity. * rbac network filter: a :ref:`role-based access control network filter ` has been added. * rest-api: added ability to set the :ref:`request timeout ` for REST API requests. * route checker: added v2 config support and removed support for v1 configs. * router: added ability to set request/response headers at the :ref:`envoy_api_msg_route.Route` level. * stats: added :ref:`option to configure the DogStatsD metric name prefix` to DogStatsdSink. * tcp_proxy: added support for :ref:`weighted clusters `. * thrift_proxy: introduced thrift routing, moved configuration to correct location * thrift_proxy: introduced thrift configurable decoder filters * tls: implemented :ref:`Secret Discovery Service `. * tracing: added support for configuration of :ref:`tracing sampling `. * upstream: added configuration option to the subset load balancer to take locality weights into account when selecting a host from a subset. * upstream: require opt-in to use the :ref:`x-envoy-original-dst-host ` header for overriding destination address when using the :ref:`Original Destination ` load balancing policy. Deprecated ---------- * Use of the v1 API (including `*.deprecated_v1` fields in the v2 API) is deprecated. See envoy-announce `email `_. * Use of the legacy `ratelimit.proto `_ is deprecated, in favor of the proto defined in `date-plane-api `_ Prior to 1.8.0, Envoy can use either proto to send client requests to a ratelimit server with the use of the `use_data_plane_proto` boolean flag in the `ratelimit configuration `_. However, when using the deprecated client a warning is logged. * Use of the --v2-config-only flag. * Use of both `use_websocket` and `websocket_config` in `route.proto `_ is deprecated. Please use the new `upgrade_configs` in the `HttpConnectionManager `_ instead. * Use of the integer `percent` field in `FaultDelay `_ and in `FaultAbort `_ is deprecated in favor of the new `FractionalPercent` based `percentage` field. * Setting hosts via `hosts` field in `Cluster` is deprecated. Use `load_assignment` instead. * Use of `response_headers_to_*` and `request_headers_to_add` are deprecated at the `RouteAction` level. Please use the configuration options at the `Route` level. * Use of `runtime` in `RouteMatch`, found in `route.proto `_. Set the `runtime_fraction` field instead. * Use of the string `user` field in `Authenticated` in `rbac.proto `_ is deprecated in favor of the new `StringMatcher` based `principal_name` field. ================================================ FILE: docs/root/version_history/v1.9.0.rst ================================================ 1.9.0 (Dec 20, 2018) ==================== Changes ------- * access log: added a :ref:`JSON logging mode ` to output access logs in JSON format. * access log: added dynamic metadata to access log messages streamed over gRPC. * access log: added DOWNSTREAM_CONNECTION_TERMINATION. * admin: :http:post:`/logging` now responds with 200 while there are no params. * admin: added support for displaying subject alternate names in :ref:`certs` end point. * admin: added host weight to the :http:get:`/clusters?format=json` end point response. * admin: :http:get:`/server_info` now responds with a JSON object instead of a single string. * admin: :http:get:`/server_info` now exposes what stage of initialization the server is currently in. * admin: added support for displaying command line options in :http:get:`/server_info` end point. * circuit-breaker: added cx_open, rq_pending_open, rq_open and rq_retry_open gauges to expose live state via :ref:`circuit breakers statistics `. * cluster: set a default of 1s for :ref:`option `. * config: removed support for the v1 API. * config: added support for :ref:`rate limiting` discovery request calls. * cors: added :ref:`invalid/valid stats ` to filter. * ext-authz: added support for providing per route config - optionally disable the filter and provide context extensions. * fault: removed integer percentage support. * grpc-json: added support for :ref:`ignoring query parameters `. * health check: added :ref:`logging health check failure events `. * health check: added ability to set :ref:`authority header value ` for gRPC health check. * http: added HTTP/2 WebSocket proxying via :ref:`extended CONNECT `. * http: added limits to the number and length of header modifications in all fields request_headers_to_add and response_headers_to_add. These limits are very high and should only be used as a last-resort safeguard. * http: added support for a :ref:`request timeout `. The timeout is disabled by default. * http: no longer adding whitespace when appending X-Forwarded-For headers. **Warning**: this is not compatible with 1.7.0 builds prior to `9d3a4eb4ac44be9f0651fcc7f87ad98c538b01ee `_. See `#3611 `_ for details. * http: augmented the `sendLocalReply` filter API to accept an optional `GrpcStatus` value to override the default HTTP to gRPC status mapping. * http: no longer close the TCP connection when a HTTP/1 request is retried due to a response with empty body. * http: added support for more gRPC content-type headers in :ref:`gRPC bridge filter `, like application/grpc+proto. * listeners: all listener filters are now governed by the :ref:`listener_filters_timeout ` setting. The hard coded 15s timeout in the :ref:`TLS inspector listener filter ` is superseded by this setting. * listeners: added the ability to match :ref:`FilterChain ` using :ref:`source_type `. * load balancer: added a `configuration ` option to specify the number of choices made in P2C. * logging: added missing [ in log prefix. * mongo_proxy: added :ref:`dynamic metadata `. * network: removed the reference to `FilterState` in `Connection` in favor of `StreamInfo`. * rate-limit: added :ref:`configuration ` to specify whether the `GrpcStatus` status returned should be `RESOURCE_EXHAUSTED` or `UNAVAILABLE` when a gRPC call is rate limited. * rate-limit: removed support for the legacy ratelimit service and made the data-plane-api :ref:`rls.proto ` based implementation default. * rate-limit: removed the deprecated cluster_name attribute in :ref:`rate limit service configuration `. * rate-limit: added :ref:`rate_limit_service ` configuration to filters. * rbac: added dynamic metadata to the network level filter. * rbac: added support for permission matching by :ref:`requested server name `. * redis: static cluster configuration is no longer required. Redis proxy will work with clusters delivered via CDS. * router: added ability to configure arbitrary :ref:`retriable status codes. ` * router: added ability to set attempt count in upstream requests, see :ref:`virtual host's include request attempt count flag `. * router: added internal :ref:`grpc-retry-on ` policy. * router: added :ref:`scheme_redirect ` and :ref:`port_redirect ` to define the respective scheme and port rewriting RedirectAction. * router: when :ref:`max_grpc_timeout ` is set, Envoy will now add or update the grpc-timeout header to reflect Envoy's expected timeout. * router: per try timeouts now starts when an upstream stream is ready instead of when the request has been fully decoded by Envoy. * router: added support for not retrying :ref:`rate limited requests`. Rate limit filter now sets the :ref:`x-envoy-ratelimited` header so the rate limited requests that may have been retried earlier will not be retried with this change. * router: added support for enabling upgrades on a :ref:`per-route ` basis. * router: support configuring a default fraction of mirror traffic via :ref:`runtime_fraction `. * sandbox: added :ref:`cors sandbox `. * server: added `SIGINT` (Ctrl-C) handler to gracefully shutdown Envoy like `SIGTERM`. * stats: added :ref:`stats_matcher ` to the bootstrap config for granular control of stat instantiation. * stream: renamed the `RequestInfo` namespace to `StreamInfo` to better match its behaviour within TCP and HTTP implementations. * stream: renamed `perRequestState` to `filterState` in `StreamInfo`. * stream: added `downstreamDirectRemoteAddress` to `StreamInfo`. * thrift_proxy: introduced thrift rate limiter filter. * tls: added ssl.curves., ssl.sigalgs. and ssl.versions. to :ref:`listener metrics ` to track TLS algorithms and versions in use. * tls: added support for :ref:`client-side session resumption `. * tls: added support for CRLs in :ref:`trusted_ca `. * tls: added support for :ref:`multiple server TLS certificates `. * tls: added support for :ref:`password encrypted private keys `. * tls: added the ability to build :ref:`BoringSSL FIPS ` using ``--define boringssl=fips`` Bazel option. * tls: removed support for ECDSA certificates with curves other than P-256. * tls: removed support for RSA certificates with keys smaller than 2048-bits. * tracing: added support to the Zipkin tracer for the :ref:`b3 ` single header format. * tracing: added support for :ref:`Datadog ` tracer. * upstream: added :ref:`scale_locality_weight` to enable scaling locality weights by number of hosts removed by subset lb predicates. * upstream: changed how load calculation for :ref:`priority levels` and :ref:`panic thresholds` interact. As long as normalized total health is 100% panic thresholds are disregarded. * upstream: changed the default hash for :ref:`ring hash ` from std::hash to `xxHash `_. * upstream: when using active health checking and STRICT_DNS with several addresses that resolve to the same hosts, Envoy will now health check each host independently. Deprecated ---------- * Order of execution of the network write filter chain has been reversed. Prior to this release cycle it was incorrect, see `#4599 `_. In the 1.9.0 release cycle we introduced `bugfix_reverse_write_filter_order` in `lds.proto `_ to temporarily support both old and new behaviors. Note this boolean field is deprecated. * Order of execution of the HTTP encoder filter chain has been reversed. Prior to this release cycle it was incorrect, see `#4599 `_. In the 1.9.0 release cycle we introduced `bugfix_reverse_encode_order` in `http_connection_manager.proto `_ to temporarily support both old and new behaviors. Note this boolean field is deprecated. * Use of the v1 REST_LEGACY ApiConfigSource is deprecated. * Use of std::hash in the ring hash load balancer is deprecated. * Use of `rate_limit_service` configuration in the `bootstrap configuration `_ is deprecated. * Use of `runtime_key` in `RequestMirrorPolicy`, found in `route.proto `_ is deprecated. Set the `runtime_fraction` field instead. * Use of buffer filter `max_request_time` is deprecated in favor of the request timeout found in `HttpConnectionManager `_ ================================================ FILE: docs/root/version_history/v1.9.1.rst ================================================ 1.9.1 (Apr 2, 2019) =================== Changes ------- * http: fixed CVE-2019-9900 by rejecting HTTP/1.x headers with embedded NUL characters. * http: fixed CVE-2019-9901 by normalizing HTTP paths prior to routing or L7 data plane processing. This defaults off and is configurable via either HTTP connection manager :ref:`normalize_path ` or the :ref:`runtime `. ================================================ FILE: docs/root/version_history/version_history.rst ================================================ .. _version_history: Version history --------------- .. toctree:: :titlesonly: current v1.15.2 v1.15.1 v1.15.0 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0 v1.11.2 v1.11.1 v1.11.0 v1.10.0 v1.9.1 v1.9.0 v1.8.0 v1.7.0 v1.6.0 v1.5.0 v1.4.0 v1.3.0 v1.2.0 v1.1.0 v1.0.0 .. _deprecated: Deprecation Policy ^^^^^^^^^^^^^^^^^^ As of release 1.3.0, Envoy will follow a `Breaking Change Policy `_. Features in the deprecated list for each version have been DEPRECATED and will be removed in the specified release cycle. A logged warning is expected for each deprecated item that is in deprecation window. ================================================ FILE: examples/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() filegroup( name = "configs", srcs = glob( [ "**/*.yaml", "**/*.lua", ], exclude = [ "cache/responses.yaml", "jaeger-native-tracing/*", "**/*docker-compose*.yaml", ], ), ) ================================================ FILE: examples/DEVELOPER.md ================================================ # Adding a sandbox example ## Add a `verify.sh` test to your sandbox Sandboxes are tested as part of the continuous integration process, which expects each sandbox to have a `verify.sh` script containing tests for the example. ### Basic layout of the `verify.sh` script At a minimum the `verify.sh` script should include the necessary parts to start and stop your sandbox. Given a sandbox with a single `docker` composition, adding the following to `verify.sh` will test that the sandbox can be started and stopped. ```bash #!/bin/bash -e export NAME=example-sandbox # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" # add example tests here... ``` The `$NAME` variable is used for logging when testing the example, and will often be the same as the directory name. ### Log before running each test There is a utility function `run_log` that can be used to indicate in test logs what is being executed and why, for example: ```bash run_log "Checking foo.txt was created" ls foo.txt run_log "Checking bar.txt was created" ls bar.txt ``` ### Add tests reflecting the documented examples The tests should follow the steps laid out in the documentation. For example, if the documentation provides a series of `bash` commands to execute, add these in order to `verify.sh`. You may wish to grep the responses, or check return codes to ensure the commands respond as expected. Likewise, if the documentation asks the user to browse to a page - for example http://localhost:8000 - then you should add a test to ensure that the given URL responds as expected. If an example web page is also expected to make further JavaScript `HTTP` requests in order to function, then add tests for requests that mimick this interaction. A number of utility functions have been added to simplify browser testing. #### Utility functions: `responds_with` The `responds_with` function can be used to ensure a request to a given URL responds with expected `HTTP` content. It follows the form `responds_with []` For example, a simple `GET` request: ```bash responds_with \ "Hello, world" \ http://localhost:8000 ``` This is a more complicated example that uses an `HTTPS` `POST` request and sends some additional headers: ```bash responds_with \ "Hello, postie" \ https://localhost:8000/some-endpoint \ -k \ -X POST \ -d 'data=hello,rcpt=service' \ -H 'Origin: https://example-service.com' ``` #### Utility functions: `responds_with_header` You can check that a request responds with an expected header as follows: ```bash responds_with_header \ "HTTP/1.1 403 Forbidden" \ "http://localhost:8000/?name=notdown" ``` `responds_with_header` can accept additional curl arguments like `responds_with` #### Utility functions: `responds_without_header` You can also check that a request *does not* respond with a given header: ```bash responds_without_header \ "X-Secret: treasure" \ "http://localhost:8000" ``` `responds_without_header` can accept additional curl arguments like `responds_with` ### Slow starting `docker` compositions Unless your example provides a way for ensuring that all containers are healthy by the time `docker-compose up -d` returns, you may need to add a `DELAY` before running the steps in your `verify.sh` For example, to wait 10 seconds after `docker-compose up -d` has been called, set the following: ```bash #!/bin/bash -e export NAME=example-sandbox export DELAY=10 # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" # add example tests here... ``` ### Examples with multiple `docker` compositions For your example to work it may need more than one `docker` composition to be run. You can set where to find the `docker-compose.yaml` files with the `PATHS` argument. By default `PATHS=.`, but you can change this to a comma-separated list of paths. For example a sandbox containing `frontend/docker-compose.yaml` and `backend/docker-compose.yaml`, might use a `verify.sh` with: ```bash #!/bin/bash -e export NAME=example-sandbox export PATHS=frontend,backend # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" # add example tests here... ``` ### Bringing stacks up manually You may need to bring up the stack manually, in order to run some steps beforehand. Sourcing `verify-common.sh` will always leave you in the sandbox directory, and from there you can use the `bring_up_example` function. For example: ```bash #!/bin/bash -e export NAME=example-sandbox export MANUAL=true # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Creating bar.txt before starting containers" echo foo > bar.txt bring_up_example # add example tests here... ``` If your sandbox has multiple compositions, and uses the `$PATHS` env var described above, `bring_up_example` will bring all of your compositions up. ### Additional arguments to `docker-compose up -d` If you need to pass additional arguments to compose you can set the `UPARGS` env var. For example, to scale a composition with a service named `http_service`, you should add the following: ```bash #!/bin/bash -e export NAME=example-sandbox export UPARGS="--scale http_service=2" # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" # add example tests here... ``` ### Running commands inside `docker` containers If your example asks the user to run commands inside containers, you can mimick this using `docker-compose exec -T`. The `-T` flag is necessary as the tests do not have access to a `tty` in the CI pipeline. ### Note on permissions and configuration The sandbox tests are run with a `umask` setting of `027` to ensure they will run in environments where this is the case. As the Envoy containers run as non-root, it is essential that any configurations required by the daemon are included in the relevant example `Dockerfile` rather than mounted in any `docker-compose.yaml` files. The Docker recipe should also ensure that added configurations are world-readable. For example, with an added configuration file named `front-envoy.yaml`, you should add the following in the Docker recipe: ``` RUN chmod go+r /etc/front-envoy.yaml ``` ## Sandbox configuration tests Example configuration files are tested to ensure they are valid and well-formed, and do not contain deprecated features. ### Exclude configs from example configuration tests The CI script searches for all files in the examples folders with a `yaml` or `lua` extension. These files are bundled into a test and the `yaml` files are used to try to start an Envoy server. If your example includes `yaml` files that are either not Envoy configuration, or for some reason cannot be tested in this way, you should add the files to the `exclude` list in the `filegroup.srcs` section of the `examples/BUILD` file. The `exclude` patterns are evaluated as `globs` in the context of the `examples` folder. ## Verifying your sandbox Once you have built your sandbox, and added the `verify.sh` script you can run it directly in the sandbox folder. For example: ``` cd examples/example-sandbox ./verify.sh ``` You should see the docker composition brought up, your tests run, and the composition brought down again. The script should exit with `0` for the tests to pass. ## Verifying multiple/all sandboxes In continuous integration, all of the sandboxes are checked using the `ci/verify-examples.sh`. This can also be called with a filter argument, which is a `glob` evaluated in the context of the `examples` folder. For example, to run all sandboxes with names beginning `jaeger`: ``` ./ci/verify-examples.sh jaeger* ``` --- **NOTE** You can use this script locally to test the sandboxes on your platform, but you should be aware that it requires a lot of resources as it downloads and builds many Docker images, and then runs them in turn. --- One way to run the tests in an isolated environment is to mount the `envoy` source into a `docker-in-docker` container or similar, and then run the script from inside that container. ================================================ FILE: examples/cache/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD /usr/local/bin/envoy -c /etc/front-envoy.yaml --service-cluster front-proxy ================================================ FILE: examples/cache/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash curl RUN pip3 install -q Flask==0.11.1 requests==2.18.4 pyyaml RUN mkdir /code COPY ./start_service.sh /usr/local/bin/start_service.sh COPY ./service-envoy.yaml /etc/service-envoy.yaml COPY ./service.py /code RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT /usr/local/bin/start_service.sh ================================================ FILE: examples/cache/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/http_cache.html) ================================================ FILE: examples/cache/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" environment: - ENVOY_UID=0 service1: build: context: . dockerfile: Dockerfile-service volumes: - ./responses.yaml:/etc/responses.yaml networks: envoymesh: aliases: - service1 environment: - SERVICE_NAME=1 expose: - "8000" service2: build: context: . dockerfile: Dockerfile-service volumes: - ./responses.yaml:/etc/responses.yaml networks: envoymesh: aliases: - service2 environment: - SERVICE_NAME=2 expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/cache/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/service/1" route: cluster: service1 - match: prefix: "/service/2" route: cluster: service2 http_filters: - name: "envoy.filters.http.cache" typed_config: "@type": "type.googleapis.com/envoy.extensions.filters.http.cache.v3alpha.CacheConfig" typed_config: "@type": "type.googleapis.com/envoy.source.extensions.filters.http.cache.SimpleHttpCacheConfig" - name: envoy.filters.http.router typed_config: {} clusters: - name: service1 connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 8000 - name: service2 connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/cache/responses.yaml ================================================ valid-for-minute: body: This response will stay fresh for one minute headers: cache-control: max-age=60 custom-header: any value private: body: This is a private response, it will not be cached by Envoy headers: cache-control: private no-cache: body: This response can be cached, but it has to be validated on each request headers: cache-control: max-age=0, no-cache ================================================ FILE: examples/cache/service-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/service" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/cache/service.py ================================================ from flask import Flask from flask import request from flask import make_response, abort import yaml import os import requests import socket import sys import datetime app = Flask(__name__) @app.route('/service//') def get(service_number, response_id): stored_response = yaml.load(open('/etc/responses.yaml', 'r')).get(response_id) if stored_response is None: abort(404, 'No response found with the given id') response = make_response(stored_response.get('body') + '\n') if stored_response.get('headers'): response.headers.update(stored_response.get('headers')) # Generate etag header response.add_etag() # Append the date of response generation body_with_date = "{}\nResponse generated at: {}\n".format( response.get_data(as_text=True), datetime.datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S GMT")) response.set_data(body_with_date) # response.make_conditional() will change the response to a 304 response # if a 'if-none-match' header exists in the request and matches the etag return response.make_conditional(request) if __name__ == "__main__": if not os.path.isfile('/etc/responses.yaml'): print('Responses file not found at /etc/responses.yaml') exit(1) app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/cache/start_service.sh ================================================ #!/bin/sh python3 /code/service.py & envoy -c /etc/service-envoy.yaml --service-cluster "service${SERVICE_NAME}" ================================================ FILE: examples/cache/verify.sh ================================================ #!/bin/bash -e export NAME=cache # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" check_validated() { # Get the date header and the response generation timestamp local _dates dates _dates=$(grep -oP '\d\d:\d\d:\d\d' <<< "$1") while read -r line; do dates+=("$line"); done \ <<< "$_dates" # Make sure they are different if [[ ${dates[0]} == "${dates[1]}" ]]; then echo "ERROR: validated responses should have a date AFTER the generation timestamp" >&2 return 1 fi # Make sure there is no age header if grep -q "age:" <<< "$1"; then echo "ERROR: validated responses should not have an age header" >&2 return 1 fi } check_cached() { # Make sure there is an age header if ! grep -q "age:" <<< "$1"; then echo "ERROR: cached responses should have an age header" >&2 return 1 fi } check_from_origin() { # Get the date header and the response generation timestamp local _dates dates _dates=$(grep -oP '\d\d:\d\d:\d\d' <<< "$1") while read -r line; do dates+=("$line"); done \ <<< "$_dates" # Make sure they are equal if [[ ${dates[0]} != "${dates[1]}" ]]; then echo "ERROR: responses from origin should have a date equal to the generation timestamp" >&2 return 1 fi # Make sure there is no age header if grep -q "age:" <<< "$1" ; then echo "ERROR: responses from origin should not have an age header" >&2 return 1 fi } run_log "Valid-for-minute: First request should be served by the origin" response=$(curl -si localhost:8000/service/1/valid-for-minute) check_from_origin "$response" run_log "Snooze for 30 seconds" sleep 30 run_log "Valid-for-minute: Second request should be served from cache" response=$(curl -si localhost:8000/service/1/valid-for-minute) check_cached "$response" run_log "Snooze for 31 more seconds" sleep 31 run_log "Valid-for-minute: More than a minute has passed, this request should get a validated response" response=$(curl -si localhost:8000/service/1/valid-for-minute) check_validated "$response" run_log "Private: Make 4 requests make sure they are all served by the origin" for _ in {0..3} do response=$(curl -si localhost:8000/service/1/private) check_from_origin "$response" done run_log "No-cache: First request should be served by the origin" response=$(curl -si localhost:8000/service/1/no-cache) check_from_origin "$response" run_log "No-cache: Make 4 more requests and make sure they are all validated before being served from cache" for _ in {0..3} do sleep 1 response=$(curl -si localhost:8000/service/1/no-cache) check_validated "$response" done ================================================ FILE: examples/cors/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/cors.html). ================================================ FILE: examples/cors/backend/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/cors/backend/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./service.py /code/ ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/cors/backend/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8002:8000" - "8003:8001" backend-service: build: context: . dockerfile: Dockerfile-service volumes: - ./service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - backendservice expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/cors/backend/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/stdout route_config: name: local_route virtual_hosts: - name: www domains: - "*" cors: allow_origin_string_match: - safe_regex: google_re2: {} regex: \* allow_methods: "GET" filter_enabled: default_value: numerator: 100 denominator: HUNDRED runtime_key: cors.www.enabled shadow_enabled: default_value: numerator: 0 denominator: HUNDRED runtime_key: cors.www.shadow_enabled routes: - match: prefix: "/cors/open" route: cluster: backend_service - match: prefix: "/cors/disabled" route: cluster: backend_service cors: filter_enabled: default_value: numerator: 0 denominator: HUNDRED - match: prefix: "/cors/restricted" route: cluster: backend_service cors: allow_origin_string_match: - safe_regex: google_re2: {} regex: .*\.envoyproxy\.io allow_methods: "GET" - match: prefix: "/" route: cluster: backend_service http_filters: - name: envoy.filters.http.cors typed_config: {} - name: envoy.filters.http.router typed_config: {} clusters: - name: backend_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: backend_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: backendservice port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/cors/backend/service-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/cors/backend/service.py ================================================ from flask import Flask, request, send_from_directory import os app = Flask(__name__) @app.route('/cors/') def cors_enabled(status): return 'Success!' if __name__ == "__main__": app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/cors/backend/start_service.sh ================================================ #!/bin/sh python3 /code/service.py & envoy -c /etc/service-envoy.yaml --service-cluster backend-service ================================================ FILE: examples/cors/frontend/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/cors/frontend/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./service.py ./index.html /code/ ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/cors/frontend/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" frontend-service: build: context: . dockerfile: Dockerfile-service volumes: - ./service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - frontendservice expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/cors/frontend/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/stdout route_config: name: local_route virtual_hosts: - name: services domains: - "*" routes: - match: prefix: "/" route: cluster: frontend_service http_filters: - name: envoy.filters.http.cors typed_config: {} - name: envoy.filters.http.router typed_config: {} clusters: - name: frontend_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: frontend_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: frontendservice port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/cors/frontend/index.html ================================================ Envoy CORS Webpage

    Envoy CORS Demo

    This page requests an asset from another domain via cross-site XMLHttpRequest mitigated by Access Control.
    This scenario demonstrates a     simple method.
    It does NOT dispatch a preflight request.

    Enter the IP address of backend Docker container. As we are running Docker Compose this should just be localhost.


    CORS Enforcement
    Disabled
    Open
    Restricted

    Request Results

    ================================================ FILE: examples/cors/frontend/service-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/cors/frontend/service.py ================================================ from flask import Flask, send_from_directory import os app = Flask(__name__) @app.route('/') def index(): file_dir = os.path.dirname(os.path.realpath(__file__)) return send_from_directory(file_dir, 'index.html') if __name__ == "__main__": app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/cors/frontend/start_service.sh ================================================ #!/bin/sh python3 /code/service.py & envoy -c /etc/service-envoy.yaml --service-cluster frontend-service ================================================ FILE: examples/cors/verify.sh ================================================ #!/bin/bash -e export NAME=cors export PATHS=frontend,backend # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test service" responds_with \ "Envoy CORS Webpage" \ http://localhost:8000 run_log "Test cors server: disabled" responds_with \ Success \ -H "Origin: http://example.com" \ http://localhost:8002/cors/disabled responds_without_header \ access-control-allow-origin \ -H "Origin: http://example.com" \ http://localhost:8002/cors/disabled run_log "Test cors server: open" responds_with \ Success \ -H 'Origin: http://example.com' \ http://localhost:8002/cors/open responds_with_header \ "access-control-allow-origin: http://example.com" \ -H "Origin: http://example.com" \ http://localhost:8002/cors/open run_log "Test cors server: restricted" responds_with \ Success \ -H "Origin: http://example.com" \ http://localhost:8002/cors/restricted responds_without_header \ access-control-allow-origin \ -H "Origin: http://example.com" \ http://localhost:8002/cors/restricted responds_with_header \ "access-control-allow-origin: http://foo.envoyproxy.io" \ -H "Origin: http://foo.envoyproxy.io" \ http://localhost:8002/cors/restricted ================================================ FILE: examples/csrf/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/csrf.html). ================================================ FILE: examples/csrf/crosssite/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/csrf/crosssite/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./crosssite/service.py ./index.html /code/ ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/csrf/crosssite/docker-compose.yml ================================================ version: '3.7' services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8002:8000" - "8003:8001" service: build: context: .. dockerfile: crosssite/Dockerfile-service volumes: - ../service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/csrf/crosssite/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/dev/stdout" route_config: name: local_route virtual_hosts: - name: www domains: - "*" routes: - match: prefix: "/" route: cluster: generic_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: generic_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: generic_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/csrf/crosssite/service.py ================================================ import os from flask import Flask, send_from_directory app = Flask(__name__) app.url_map.strict_slashes = False @app.route('/', methods=['GET']) def index(): file_dir = os.path.dirname(os.path.realpath(__file__)) return send_from_directory(file_dir, 'index.html') if __name__ == "__main__": app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/csrf/index.html ================================================ Envoy CSRF Wepage

    Envoy CSRF Demo

    This page demonstrates a few scenarios for CSRF.

    Enter the IP address of the destination Docker container.


    CSRF Enforcement
    Disabled
    Shadow Mode
    Enabled
    Ignored
    Additional Origin

    Request Results

    ================================================ FILE: examples/csrf/samesite/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/csrf/samesite/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./samesite/service.py ./index.html /code/ ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/csrf/samesite/docker-compose.yml ================================================ version: '3.7' services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" service: build: context: .. dockerfile: samesite/Dockerfile-service volumes: - ../service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/csrf/samesite/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/dev/stdout" route_config: name: local_route virtual_hosts: - name: www domains: - "*" cors: allow_origin_string_match: - safe_regex: google_re2: {} regex: \* filter_enabled: default_value: numerator: 100 denominator: HUNDRED typed_per_filter_config: envoy.filters.http.csrf: "@type": type.googleapis.com/envoy.extensions.filters.http.csrf.v3.CsrfPolicy filter_enabled: default_value: numerator: 100 denominator: HUNDRED runtime_key: csrf.www.enabled shadow_enabled: default_value: numerator: 0 denominator: HUNDRED runtime_key: csrf.www.shadow_enabled routes: - match: prefix: "/csrf/disabled" route: cluster: generic_service typed_per_filter_config: envoy.filters.http.csrf: "@type": type.googleapis.com/envoy.extensions.filters.http.csrf.v3.CsrfPolicy filter_enabled: default_value: numerator: 0 denominator: HUNDRED - match: prefix: "/csrf/shadow" route: cluster: generic_service typed_per_filter_config: envoy.filters.http.csrf: "@type": type.googleapis.com/envoy.extensions.filters.http.csrf.v3.CsrfPolicy filter_enabled: default_value: numerator: 0 denominator: HUNDRED shadow_enabled: default_value: numerator: 100 denominator: HUNDRED - match: prefix: "/csrf/additional_origin" route: cluster: generic_service typed_per_filter_config: envoy.filters.http.csrf: "@type": type.googleapis.com/envoy.extensions.filters.http.csrf.v3.CsrfPolicy filter_enabled: default_value: numerator: 100 denominator: HUNDRED additional_origins: - safe_regex: google_re2: {} regex: .* - match: prefix: "/" route: cluster: generic_service http_filters: - name: envoy.filters.http.cors typed_config: {} - name: envoy.filters.http.csrf typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.csrf.v3.CsrfPolicy filter_enabled: default_value: numerator: 0 denominator: HUNDRED - name: envoy.filters.http.router typed_config: {} clusters: - name: generic_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: generic_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/csrf/samesite/service.py ================================================ import os from flask import Flask, send_from_directory app = Flask(__name__) app.url_map.strict_slashes = False @app.route('/csrf/ignored', methods=['GET']) def csrf_ignored(): return 'Success!' @app.route('/csrf/', methods=['POST']) def csrf_with_status(status): return 'Success!' @app.route('/', methods=['GET']) def index(): file_dir = os.path.dirname(os.path.realpath(__file__)) return send_from_directory(file_dir, 'index.html') if __name__ == "__main__": app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/csrf/service-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/csrf/start_service.sh ================================================ #!/bin/sh python3 /code/service.py & envoy -c /etc/service-envoy.yaml --service-cluster service ================================================ FILE: examples/csrf/verify.sh ================================================ #!/bin/bash -e export NAME=csrf export PATHS=samesite,crosssite # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test services" responds_with \ "Envoy CSRF Demo" \ http://localhost:8002 responds_with \ "Envoy CSRF Demo" \ http://localhost:8000 run_log "Test stats server" responds_with \ ":" \ http://localhost:8001/stats run_log "Test csrf server: disabled" responds_with \ Success \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/disabled responds_with_header \ "access-control-allow-origin: http://example.com" \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/disabled run_log "Test csrf server: shadow" responds_with \ Success \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/shadow responds_with_header \ "access-control-allow-origin: http://example.com" \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/shadow run_log "Test csrf server: enabled" responds_with \ "Invalid origin" \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/enabled responds_with_header \ "HTTP/1.1 403 Forbidden" \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/enabled run_log "Test csrf server: additional_origin" responds_with \ Success \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/additional_origin responds_with_header \ "access-control-allow-origin: http://example.com" \ -X POST \ -H "Origin: http://example.com" \ http://localhost:8000/csrf/additional_origin ================================================ FILE: examples/ext_authz/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./config /etc/envoy-config COPY ./run_envoy.sh /run_envoy.sh RUN chmod go+r -R /etc/envoy-config \ && chmod go+rx /run_envoy.sh /etc/envoy-config /etc/envoy-config/* CMD ["/bin/sh", "/run_envoy.sh"] ================================================ FILE: examples/ext_authz/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/ext_authz) ================================================ FILE: examples/ext_authz/auth/grpc-service/Dockerfile ================================================ FROM golang:alpine AS builder RUN apk --no-cache add make COPY . /app RUN make -C /app/grpc-service FROM alpine COPY --from=builder /app/grpc-service/server /app/server CMD ["/app/server", "-users", "/etc/users.json"] ================================================ FILE: examples/ext_authz/auth/grpc-service/Makefile ================================================ all: server server: @CGO_ENABLED=0 GOOS=linux go build -a --ldflags '-extldflags "-static"' \ -tags "netgo" -installsuffix netgo \ -o server clean: @rm -fr server ================================================ FILE: examples/ext_authz/auth/grpc-service/go.mod ================================================ module github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service go 1.14 require ( github.com/envoyproxy/go-control-plane v0.9.5 github.com/golang/protobuf v1.3.2 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 google.golang.org/grpc v1.25.1 ) ================================================ FILE: examples/ext_authz/auth/grpc-service/go.sum ================================================ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20200313221541-5f7e5dd04533 h1:8wZizuKuZVu5COB7EsBYxBQz8nRcXXn5d4Gt91eJLvU= github.com/cncf/udpa/go v0.0.0-20200313221541-5f7e5dd04533/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/envoyproxy/go-control-plane v0.9.0 h1:67WMNTvGrl7V1dWdKCeTwxDr7nio9clKoTlLhwIPnT4= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.5 h1:lRJIqDD8yjV1YyPRqecMdytjDLs2fTXq363aCib5xPU= github.com/envoyproxy/go-control-plane v0.9.5/go.mod h1:OXl5to++W0ctG+EHWTFUjiypVxC/Y4VLc/KFU+al13s= github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a h1:oWX7TPOiFAMXLq8o0ikBYfCJVlRHBcsciT5bXOrH628= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1 h1:wdKvqQk7IttEw92GoRyKG2IDrUIpgpj6H6m81yfeMW0= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= ================================================ FILE: examples/ext_authz/auth/grpc-service/main.go ================================================ package main import ( "flag" "fmt" "log" "net" envoy_service_auth_v2 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v2" envoy_service_auth_v3 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3" "google.golang.org/grpc" "github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service/pkg/auth" auth_v2 "github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service/pkg/auth/v2" auth_v3 "github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service/pkg/auth/v3" ) func main() { port := flag.Int("port", 9001, "gRPC port") data := flag.String("users", "../../users.json", "users file") flag.Parse() lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) if err != nil { log.Fatalf("failed to listen to %d: %v", *port, err) } users, err := auth.LoadUsers(*data) if err != nil { log.Fatalf("failed to load user data:%s %v", *data, err) } gs := grpc.NewServer() // Serve v3 and v2. envoy_service_auth_v3.RegisterAuthorizationServer(gs, auth_v3.New(users)) envoy_service_auth_v2.RegisterAuthorizationServer(gs, auth_v2.New(users)) log.Printf("starting gRPC server on: %d\n", *port) gs.Serve(lis) } ================================================ FILE: examples/ext_authz/auth/grpc-service/pkg/auth/users.go ================================================ package auth import ( "encoding/json" "io/ioutil" ) // Users holds a list of users. type Users map[string]string // Check checks if a key could retrieve a user from a list of users. func (u Users) Check(key string) (bool, string) { value, ok := u[key] if !ok { return false, "" } return ok, value } // LoadUsers load users data from a JSON file. func LoadUsers(jsonFile string) (Users, error) { var users Users data, err := ioutil.ReadFile(jsonFile) if err != nil { return nil, err } if err := json.Unmarshal(data, &users); err != nil { return nil, err } return users, nil } ================================================ FILE: examples/ext_authz/auth/grpc-service/pkg/auth/v2/auth.go ================================================ package v2 import ( "context" "log" "strings" envoy_api_v2_core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core" envoy_service_auth_v2 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v2" "github.com/golang/protobuf/ptypes/wrappers" "google.golang.org/genproto/googleapis/rpc/code" "google.golang.org/genproto/googleapis/rpc/status" "github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service/pkg/auth" ) type server struct { users auth.Users } var _ envoy_service_auth_v2.AuthorizationServer = &server{} // New creates a new authorization server. func New(users auth.Users) envoy_service_auth_v2.AuthorizationServer { return &server{users} } // Check implements authorization's Check interface which performs authorization check based on the // attributes associated with the incoming request. func (s *server) Check( ctx context.Context, req *envoy_service_auth_v2.CheckRequest) (*envoy_service_auth_v2.CheckResponse, error) { authorization := req.Attributes.Request.Http.Headers["authorization"] log.Println(authorization) extracted := strings.Fields(authorization) if len(extracted) == 2 && extracted[0] == "Bearer" { valid, user := s.users.Check(extracted[1]) if valid { return &envoy_service_auth_v2.CheckResponse{ HttpResponse: &envoy_service_auth_v2.CheckResponse_OkResponse{ OkResponse: &envoy_service_auth_v2.OkHttpResponse{ Headers: []*envoy_api_v2_core.HeaderValueOption{ { Append: &wrappers.BoolValue{Value: false}, Header: &envoy_api_v2_core.HeaderValue{ // For a successful request, the authorization server sets the // x-current-user value. Key: "x-current-user", Value: user, }, }, }, }, }, Status: &status.Status{ Code: int32(code.Code_OK), }, }, nil } } return &envoy_service_auth_v2.CheckResponse{ Status: &status.Status{ Code: int32(code.Code_PERMISSION_DENIED), }, }, nil } ================================================ FILE: examples/ext_authz/auth/grpc-service/pkg/auth/v3/auth.go ================================================ package v3 import ( "context" "log" "strings" envoy_api_v3_core "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" envoy_service_auth_v3 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3" "github.com/golang/protobuf/ptypes/wrappers" "google.golang.org/genproto/googleapis/rpc/code" "google.golang.org/genproto/googleapis/rpc/status" "github.com/envoyproxy/envoy/examples/ext_authz/auth/grpc-service/pkg/auth" ) type server struct { users auth.Users } var _ envoy_service_auth_v3.AuthorizationServer = &server{} // New creates a new authorization server. func New(users auth.Users) envoy_service_auth_v3.AuthorizationServer { return &server{users} } // Check implements authorization's Check interface which performs authorization check based on the // attributes associated with the incoming request. func (s *server) Check( ctx context.Context, req *envoy_service_auth_v3.CheckRequest) (*envoy_service_auth_v3.CheckResponse, error) { authorization := req.Attributes.Request.Http.Headers["authorization"] log.Println(authorization) extracted := strings.Fields(authorization) if len(extracted) == 2 && extracted[0] == "Bearer" { valid, user := s.users.Check(extracted[1]) if valid { return &envoy_service_auth_v3.CheckResponse{ HttpResponse: &envoy_service_auth_v3.CheckResponse_OkResponse{ OkResponse: &envoy_service_auth_v3.OkHttpResponse{ Headers: []*envoy_api_v3_core.HeaderValueOption{ { Append: &wrappers.BoolValue{Value: false}, Header: &envoy_api_v3_core.HeaderValue{ // For a successful request, the authorization server sets the // x-current-user value. Key: "x-current-user", Value: user, }, }, }, }, }, Status: &status.Status{ Code: int32(code.Code_OK), }, }, nil } } return &envoy_service_auth_v3.CheckResponse{ Status: &status.Status{ Code: int32(code.Code_PERMISSION_DENIED), }, }, nil } ================================================ FILE: examples/ext_authz/auth/http-service/Dockerfile ================================================ FROM node:alpine COPY . /app CMD ["node", "/app/http-service/server"] ================================================ FILE: examples/ext_authz/auth/http-service/server.js ================================================ const Http = require("http"); const path = require("path"); const tokens = require(process.env.USERS || path.join(__dirname, "..", "users.json")); const server = new Http.Server((req, res) => { const authorization = req.headers["authorization"] || ""; const extracted = authorization.split(" "); if (extracted.length === 2 && extracted[0] === "Bearer") { const user = checkToken(extracted[1]); if (user !== undefined) { // The authorization server returns a response with "x-current-user" header for a successful // request. res.writeHead(200, { "x-current-user": user }); return res.end(); } } res.writeHead(403); res.end(); }); const port = process.env.PORT || 9002; server.listen(port); console.log(`starting HTTP server on: ${port}`); function checkToken(token) { return tokens[token]; } ================================================ FILE: examples/ext_authz/auth/users.json ================================================ { "token1": "user1", "token2": "user2", "token3": "user3" } ================================================ FILE: examples/ext_authz/config/grpc-service/v2.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: upstream domains: - "*" routes: - match: prefix: "/" route: cluster: upstream-service http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz grpc_service: envoy_grpc: cluster_name: ext_authz-grpc-service timeout: 0.250s transport_api_version: V2 - name: envoy.filters.http.router typed_config: {} clusters: - name: upstream-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: upstream-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: upstream-service port_value: 8080 - name: ext_authz-grpc-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN http2_protocol_options: {} load_assignment: cluster_name: ext_authz-grpc-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: ext_authz-grpc-service port_value: 9001 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/ext_authz/config/grpc-service/v3.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: upstream domains: - "*" routes: - match: prefix: "/" route: cluster: upstream-service http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz grpc_service: envoy_grpc: cluster_name: ext_authz-grpc-service timeout: 0.250s transport_api_version: V3 - name: envoy.filters.http.router typed_config: {} clusters: - name: upstream-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: upstream-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: upstream-service port_value: 8080 - name: ext_authz-grpc-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN http2_protocol_options: {} load_assignment: cluster_name: ext_authz-grpc-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: ext_authz-grpc-service port_value: 9001 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/ext_authz/config/http-service.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: upstream domains: - "*" routes: - match: prefix: "/" route: cluster: upstream-service http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz http_service: server_uri: uri: ext_authz cluster: ext_authz-http-service timeout: 0.250s authorization_response: allowed_upstream_headers: patterns: - exact: x-current-user - name: envoy.filters.http.router typed_config: {} clusters: - name: upstream-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: upstream-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: upstream-service port_value: 8080 - name: ext_authz-http-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: ext_authz-http-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: ext_authz-http-service port_value: 9002 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/ext_authz/config/opa-service/policy.rego ================================================ package istio.authz default allow = false allow = response { input.attributes.request.http.method == "GET" response := { "allowed": true, "headers": {"x-current-user": "OPA"} } } ================================================ FILE: examples/ext_authz/config/opa-service/v2.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: upstream domains: - "*" routes: - match: prefix: "/" route: cluster: upstream-service http_filters: - name: envoy.filters.http.ext_authz typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz grpc_service: envoy_grpc: cluster_name: ext_authz-opa-service timeout: 0.250s transport_api_version: V2 - name: envoy.filters.http.router typed_config: {} clusters: - name: upstream-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: upstream-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: upstream-service port_value: 8080 - name: ext_authz-opa-service connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN http2_protocol_options: {} load_assignment: cluster_name: ext_authz-opa-service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: ext_authz-opa-service port_value: 9002 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/ext_authz/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy environment: - FRONT_ENVOY_YAML networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" ext_authz-http-service: build: context: ./auth dockerfile: http-service/Dockerfile volumes: - ./users.json:/etc/users.json environment: - USERS=/etc/users.json networks: envoymesh: aliases: - ext_authz-http-service ext_authz-grpc-service: build: context: ./auth dockerfile: grpc-service/Dockerfile volumes: - ./users.json:/etc/users.json networks: envoymesh: aliases: - ext_authz-grpc-service ext_authz-opa-service: image: openpolicyagent/opa:0.21.0-istio volumes: - ./config/opa-service/policy.rego:/etc/policy.rego command: - run - --log-level=debug - --server - --log-format=json-pretty - --set=plugins.envoy_ext_authz_grpc.addr=:9002 - --set=decision_logs.console=true - /etc/policy.rego networks: envoymesh: aliases: - ext_authz-opa-service upstream-service: build: context: ./upstream dockerfile: service/Dockerfile networks: envoymesh: aliases: - upstream-service networks: envoymesh: {} ================================================ FILE: examples/ext_authz/run_envoy.sh ================================================ #!/bin/sh /usr/local/bin/envoy -c "/etc/envoy-${FRONT_ENVOY_YAML}" --service-cluster front-proxy ================================================ FILE: examples/ext_authz/upstream/service/Dockerfile ================================================ FROM python:3-alpine RUN pip3 install -q Flask==0.11.1 COPY . ./app CMD ["python3", "/app/service/server.py"] ================================================ FILE: examples/ext_authz/upstream/service/server.py ================================================ from flask import Flask, request app = Flask(__name__) @app.route('/service') def hello(): return 'Hello ' + request.headers.get('x-current-user') + ' from behind Envoy!' if __name__ == "__main__": app.run(host='0.0.0.0', port=8080, debug=False) ================================================ FILE: examples/ext_authz/users.json ================================================ { "token1": "user1", "token2": "user2", "token3": "user3" } ================================================ FILE: examples/ext_authz/verify.sh ================================================ #!/bin/bash -e export NAME=ext_authz # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test services responds with 403" responds_with_header \ "HTTP/1.1 403 Forbidden"\ http://localhost:8000/service run_log "Restart front-envoy with FRONT_ENVOY_YAML=config/http-service.yaml" docker-compose down FRONT_ENVOY_YAML=config/http-service.yaml docker-compose up -d sleep 10 run_log "Test service responds with 403" responds_with_header \ "HTTP/1.1 403 Forbidden"\ http://localhost:8000/service run_log "Test authenticated service responds with 200" responds_with_header \ "HTTP/1.1 200 OK" \ -H "Authorization: Bearer token1" \ http://localhost:8000/service run_log "Restart front-envoy with FRONT_ENVOY_YAML=config/opa-service/v2.yaml" docker-compose down FRONT_ENVOY_YAML=config/opa-service/v2.yaml docker-compose up -d sleep 10 run_log "Test OPA service responds with 200" responds_with_header \ "HTTP/1.1 200 OK" \ http://localhost:8000/service run_log "Check OPA logs" docker-compose logs ext_authz-opa-service | grep decision_id -A 30 run_log "Check OPA service rejects POST" responds_with_header \ "HTTP/1.1 403 Forbidden" \ -X POST \ http://localhost:8000/service ================================================ FILE: examples/fault-injection/.gitignore ================================================ /runtime/ ================================================ FILE: examples/fault-injection/Dockerfile-envoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get install -y curl tree COPY ./envoy.yaml /etc/envoy.yaml RUN chmod go+r /etc/envoy.yaml COPY enable_delay_fault_injection.sh disable_delay_fault_injection.sh enable_abort_fault_injection.sh disable_abort_fault_injection.sh send_request.sh / ================================================ FILE: examples/fault-injection/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/fault_injection.html). ================================================ FILE: examples/fault-injection/disable_abort_fault_injection.sh ================================================ #!/usr/bin/env bash set -ex rm /srv/runtime/v1/envoy/fault/http/abort/abort_percent rm /srv/runtime/v1/envoy/fault/http/abort/http_status pushd /srv/runtime ln -s /srv/runtime/v1 new && mv -Tf new current popd ================================================ FILE: examples/fault-injection/disable_delay_fault_injection.sh ================================================ #!/usr/bin/env bash set -ex rm /srv/runtime/v1/envoy/fault/http/delay/fixed_delay_percent rm /srv/runtime/v1/envoy/fault/http/delay/fixed_duration_ms pushd /srv/runtime ln -s /srv/runtime/v1 new && mv -Tf new current popd ================================================ FILE: examples/fault-injection/docker-compose.yaml ================================================ version: "3.7" services: envoy: build: context: . dockerfile: Dockerfile-envoy command: /usr/local/bin/envoy -c /etc/envoy.yaml volumes: - ./runtime:/srv/runtime networks: - envoymesh ports: - 9211:9211 - 9901:9901 backend: image: kennethreitz/httpbin@sha256:2c7abc4803080c22928265744410173b6fea3b898872c01c5fd0f0f9df4a59fb networks: - envoymesh ports: - 8080:80 networks: envoymesh: {} ================================================ FILE: examples/fault-injection/enable_abort_fault_injection.sh ================================================ #!/usr/bin/env bash set -ex mkdir -p /srv/runtime/v1/envoy/fault/http/abort echo '100' > /srv/runtime/v1/envoy/fault/http/abort/abort_percent echo '503' > /srv/runtime/v1/envoy/fault/http/abort/http_status pushd /srv/runtime ln -s /srv/runtime/v1 new && mv -Tf new current popd ================================================ FILE: examples/fault-injection/enable_delay_fault_injection.sh ================================================ #!/usr/bin/env bash set -ex mkdir -p /srv/runtime/v1/envoy/fault/http/delay echo '50' > /srv/runtime/v1/envoy/fault/http/delay/fixed_delay_percent echo '3000' > /srv/runtime/v1/envoy/fault/http/delay/fixed_duration_ms pushd /srv/runtime ln -s /srv/runtime/v1 new && mv -Tf new current popd ================================================ FILE: examples/fault-injection/envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 9211 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/stdout route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: / route: cluster: local_service http_filters: - name: envoy.filters.http.fault typed_config: "@type": type.googleapis.com/envoy.config.filter.http.fault.v2.HTTPFault abort: http_status: 503 percentage: numerator: 0 denominator: HUNDRED delay: fixed_delay: 3s percentage: numerator: 0 denominator: HUNDRED - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: endpoint: address: socket_address: address: backend port_value: 80 admin: access_log_path: /dev/stdout address: socket_address: address: 0.0.0.0 port_value: 9901 layered_runtime: layers: - name: disk_layer_0 disk_layer: symlink_root: /srv/runtime/current subdirectory: envoy ================================================ FILE: examples/fault-injection/send_request.sh ================================================ #!/usr/bin/env bash set -ex while :; do curl -v localhost:9211/status/200 sleep 1 done ================================================ FILE: examples/fault-injection/verify.sh ================================================ #!/bin/bash -e export NAME=fault-injection # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Send requests for 20 seconds" docker-compose exec -T envoy bash -c \ "bash send_request.sh & export pid=\$! && sleep 20 && kill \$pid" \ &> /dev/null run_log "Check logs" docker-compose logs | grep "HTTP/1.1\" 200" _fault_injection_test () { local action code existing_200s existing_codes action="$1" code="$2" existing_codes=0 # enable fault injection and check for http hits of type $code existing_codes=$(docker-compose logs | grep -c "HTTP/1.1\" ${code}" || :) run_log "Enable ${action} fault injection" docker-compose exec -T envoy bash "enable_${action}_fault_injection.sh" run_log "Send requests for 20 seconds" docker-compose exec -T envoy bash -c \ "bash send_request.sh & export pid=\$! && sleep 20 && kill \$pid" \ &> /dev/null run_log "Check logs again" new_codes=$(docker-compose logs | grep -c "HTTP/1.1\" ${code}") if [[ "$new_codes" -le "$existing_codes" ]]; then echo "ERROR: expected to find new logs with response code $code" >&2 return 1 fi # disable fault injection and check for http hits of type 200 existing_200s=$(docker-compose logs | grep -c "HTTP/1.1\" 200") run_log "Disable ${action} fault injection" docker-compose exec -T envoy bash "disable_${action}_fault_injection.sh" run_log "Send requests for 20 seconds" docker-compose exec -T envoy bash -c \ "bash send_request.sh & export pid=\$! && sleep 20 && kill \$pid" \ &> /dev/null run_log "Check logs again" new_200s=$(docker-compose logs | grep -c "HTTP/1.1\" 200") if [[ "$new_200s" -le "$existing_200s" ]]; then echo "ERROR: expected to find new logs with response code 200" >&2 return 1 fi } _fault_injection_test abort 503 _fault_injection_test delay 200 run_log "Check tree" docker-compose exec -T envoy tree /srv/runtime ================================================ FILE: examples/front-proxy/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/front-proxy/Dockerfile-jaeger-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash curl RUN pip3 install -q Flask==0.11.1 requests==2.18.4 RUN mkdir /code ADD ./service.py /code ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh # # for discussion on jaeger binary compatibility, and the source of the file, see here: # https://github.com/envoyproxy/envoy/issues/11382#issuecomment-638012072 # RUN echo "4a7d17d4724ee890490bcd6cfdedb12a02316a3d33214348d30979abd201f1ca /usr/local/lib/libjaegertracing_plugin.so" > /tmp/checksum \ && curl -Ls https://github.com/tetratelabs/getenvoy-package/files/3518103/getenvoy-centos-jaegertracing-plugin.tar.gz \ | tar zxf - -C /usr/local/lib \ && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ && sha256sum -c /tmp/checksum \ && rm /tmp/checksum ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/front-proxy/Dockerfile-service ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash curl RUN pip3 install -q Flask==0.11.1 requests==2.18.4 RUN mkdir /code ADD ./service.py /code ADD ./start_service.sh /usr/local/bin/start_service.sh RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/front-proxy/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/front_proxy.html) ================================================ FILE: examples/front-proxy/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8080" - "8443" - "8001" ports: - "8080:8080" - "8443:8443" - "8001:8001" service1: build: context: . dockerfile: Dockerfile-service volumes: - ./service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service1 environment: - SERVICE_NAME=1 expose: - "8000" service2: build: context: . dockerfile: Dockerfile-service volumes: - ./service-envoy.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service2 environment: - SERVICE_NAME=2 expose: - "8000" networks: envoymesh: {} ================================================ FILE: examples/front-proxy/front-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8080 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/service/1" route: cluster: service1 - match: prefix: "/service/2" route: cluster: service2 http_filters: - name: envoy.filters.http.router typed_config: {} - address: socket_address: address: 0.0.0.0 port_value: 8443 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/service/1" route: cluster: service1 - match: prefix: "/service/2" route: cluster: service2 http_filters: - name: envoy.filters.http.router typed_config: {} transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: # The following self-signed certificate pair is generated using: # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' # # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. # # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret. certificate_chain: inline_string: | -----BEGIN CERTIFICATE----- MIICqDCCAZACCQCquzpHNpqBcDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtm cm9udC1lbnZveTAeFw0yMDA3MDgwMTMxNDZaFw0zMDA3MDYwMTMxNDZaMBYxFDAS BgNVBAMMC2Zyb250LWVudm95MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthnYkqVQBX+Wg7aQWyCCb87hBce1hAFhbRM8Y9dQTqxoMXZiA2n8G089hUou oQpEdJgitXVS6YMFPFUUWfwcqxYAynLK4X5im26Yfa1eO8La8sZUS+4Bjao1gF5/ VJxSEo2yZ7fFBo8M4E44ZehIIocipCRS+YZehFs6dmHoq/MGvh2eAHIa+O9xssPt ofFcQMR8rwBHVbKy484O10tNCouX4yUkyQXqCRy6HRu7kSjOjNKSGtjfG+h5M8bh 10W7ZrsJ1hWhzBulSaMZaUY3vh5ngpws1JATQVSK1Jm/dmMRciwlTK7KfzgxHlSX 58ENpS7yPTISkEICcLbXkkKGEQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCmj6Hg vwOxWz0xu+6fSfRL6PGJUGq6wghCfUvjfwZ7zppDUqU47fk+yqPIOzuGZMdAqi7N v1DXkeO4A3hnMD22Rlqt25vfogAaZVToBeQxCPd/ALBLFrvLUFYuSlS3zXSBpQqQ Ny2IKFYsMllz5RSROONHBjaJOn5OwqenJ91MPmTAG7ujXKN6INSBM0PjX9Jy4Xb9 zT+I85jRDQHnTFce1WICBDCYidTIvJtdSSokGSuy4/xyxAAc/BpZAfOjBQ4G1QRe 9XwOi790LyNUYFJVyeOvNJwveloWuPLHb9idmY5YABwikUY6QNcXwyHTbRCkPB2I m+/R4XnmL4cKQ+5Z -----END CERTIFICATE----- private_key: inline_string: | -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2GdiSpVAFf5aD tpBbIIJvzuEFx7WEAWFtEzxj11BOrGgxdmIDafwbTz2FSi6hCkR0mCK1dVLpgwU8 VRRZ/ByrFgDKcsrhfmKbbph9rV47wtryxlRL7gGNqjWAXn9UnFISjbJnt8UGjwzg Tjhl6EgihyKkJFL5hl6EWzp2Yeir8wa+HZ4Achr473Gyw+2h8VxAxHyvAEdVsrLj zg7XS00Ki5fjJSTJBeoJHLodG7uRKM6M0pIa2N8b6HkzxuHXRbtmuwnWFaHMG6VJ oxlpRje+HmeCnCzUkBNBVIrUmb92YxFyLCVMrsp/ODEeVJfnwQ2lLvI9MhKQQgJw tteSQoYRAgMBAAECggEAeDGdEkYNCGQLe8pvg8Z0ccoSGpeTxpqGrNEKhjfi6NrB NwyVav10iq4FxEmPd3nobzDPkAftfvWc6hKaCT7vyTkPspCMOsQJ39/ixOk+jqFx lNa1YxyoZ9IV2DIHR1iaj2Z5gB367PZUoGTgstrbafbaNY9IOSyojCIO935ubbcx DWwL24XAf51ez6sXnI8V5tXmrFlNXhbhJdH8iIxNyM45HrnlUlOk0lCK4gmLJjy9 10IS2H2Wh3M5zsTpihH1JvM56oAH1ahrhMXs/rVFXXkg50yD1KV+HQiEbglYKUxO eMYtfaY9i2CuLwhDnWp3oxP3HfgQQhD09OEN3e0IlQKBgQDZ/3poG9TiMZSjfKqL xnCABMXGVQsfFWNC8THoW6RRx5Rqi8q08yJrmhCu32YKvccsOljDQJQQJdQO1g09 e/adJmCnTrqxNtjPkX9txV23Lp6Ak7emjiQ5ICu7iWxrcO3zf7hmKtj7z+av8sjO mDI7NkX5vnlE74nztBEjp3eC0wKBgQDV2GeJV028RW3b/QyP3Gwmax2+cKLR9PKR nJnmO5bxAT0nQ3xuJEAqMIss/Rfb/macWc2N/6CWJCRT6a2vgy6xBW+bqG6RdQMB xEZXFZl+sSKhXPkc5Wjb4lQ14YWyRPrTjMlwez3k4UolIJhJmwl+D7OkMRrOUERO EtUvc7odCwKBgBi+nhdZKWXveM7B5N3uzXBKmmRz3MpPdC/yDtcwJ8u8msUpTv4R JxQNrd0bsIqBli0YBmFLYEMg+BwjAee7vXeDFq+HCTv6XMva2RsNryCO4yD3I359 XfE6DJzB8ZOUgv4Dvluie3TB2Y6ZQV/p+LGt7G13yG4hvofyJYvlg3RPAoGAcjDg +OH5zLN2eqah8qBN0CYa9/rFt0AJ19+7/smLTJ7QvQq4g0gwS1couplcCEnNGWiK 72y1n/ckvvplmPeAE19HveMvR9UoCeV5ej86fACy8V/oVpnaaLBvL2aCMjPLjPP9 DWeCIZp8MV86cvOrGfngf6kJG2qZTueXl4NAuwkCgYEArKkhlZVXjwBoVvtHYmN2 o+F6cGMlRJTLhNc391WApsgDZfTZSdeJsBsvvzS/Nc0burrufJg0wYioTlpReSy4 ohhtprnQQAddfjHP7rh2LGt+irFzhdXXQ1ybGaGM9D764KUNCXLuwdly0vzXU4HU q5sGxGrC1RECGB5Zwx2S2ZY= -----END PRIVATE KEY----- clusters: - name: service1 connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 8000 - name: service2 connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 layered_runtime: layers: - name: static_layer_0 static_layer: envoy: resource_limits: listener: example_listener_name: connection_limit: 10000 ================================================ FILE: examples/front-proxy/service-envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/service" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/front-proxy/service.py ================================================ from flask import Flask from flask import request import os import requests import socket import sys app = Flask(__name__) TRACE_HEADERS_TO_PROPAGATE = [ 'X-Ot-Span-Context', 'X-Request-Id', # Zipkin headers 'X-B3-TraceId', 'X-B3-SpanId', 'X-B3-ParentSpanId', 'X-B3-Sampled', 'X-B3-Flags', # Jaeger header (for native client) "uber-trace-id" ] @app.route('/service/') def hello(service_number): return ('Hello from behind Envoy (service {})! hostname: {} resolved' 'hostname: {}\n'.format(os.environ['SERVICE_NAME'], socket.gethostname(), socket.gethostbyname(socket.gethostname()))) @app.route('/trace/') def trace(service_number): headers = {} # call service 2 from service 1 if int(os.environ['SERVICE_NAME']) == 1: for header in TRACE_HEADERS_TO_PROPAGATE: if header in request.headers: headers[header] = request.headers[header] requests.get("http://localhost:9000/trace/2", headers=headers) return ('Hello from behind Envoy (service {})! hostname: {} resolved' 'hostname: {}\n'.format(os.environ['SERVICE_NAME'], socket.gethostname(), socket.gethostbyname(socket.gethostname()))) if __name__ == "__main__": app.run(host='127.0.0.1', port=8080, debug=True) ================================================ FILE: examples/front-proxy/start_service.sh ================================================ #!/bin/sh python3 /code/service.py & envoy -c /etc/service-envoy.yaml --service-cluster "service${SERVICE_NAME}" ================================================ FILE: examples/front-proxy/verify.sh ================================================ #!/bin/bash -e export NAME=front-proxy # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test service: localhost:8080/service/1" responds_with \ "Hello from behind Envoy (service 1)!" \ http://localhost:8080/service/1 run_log "Test service: localhost:8080/service/2" responds_with \ "Hello from behind Envoy (service 2)!" \ http://localhost:8080/service/2 run_log "Test service: https://localhost:8443/service/1" responds_with \ "Hello from behind Envoy (service 1)!" \ -k https://localhost:8443/service/1 run_log "Scale up docker service1=3" docker-compose scale service1=3 run_log "Snooze for 5 while docker-compose scales..." sleep 5 run_log "Test round-robin localhost:8080/service/1" docker-compose exec -T front-envoy bash -c "\ curl -s http://localhost:8080/service/1 \ && curl -s http://localhost:8080/service/1 \ && curl -s http://localhost:8080/service/1" \ | grep Hello | grep "service 1" run_log "Test service inside front-envoy: localhost:8080/service/2" docker-compose exec -T front-envoy curl -s http://localhost:8080/service/2 | grep Hello | grep "service 2" run_log "Test service info: localhost:8080/server_info" docker-compose exec -T front-envoy curl -s http://localhost:8001/server_info | jq '.' run_log "Test service stats: localhost:8080/stats" docker-compose exec -T front-envoy curl -s http://localhost:8001/stats | grep ":" ================================================ FILE: examples/grpc-bridge/.gitignore ================================================ .idea server/kv/kv.pb.go client/kv/kv_pb2.py ================================================ FILE: examples/grpc-bridge/Dockerfile-client ================================================ FROM envoyproxy/envoy-dev:latest COPY ./client/envoy-proxy.yaml /etc/client-envoy-proxy.yaml RUN chmod go+r /etc/client-envoy-proxy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/client-envoy-proxy.yaml"] ================================================ FILE: examples/grpc-bridge/Dockerfile-server ================================================ FROM envoyproxy/envoy-dev:latest COPY ./server/envoy-proxy.yaml /etc/server-envoy-proxy.yaml RUN chmod go+r /etc/server-envoy-proxy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/server-envoy-proxy.yaml", "--service-cluster", "backend-proxy"] ================================================ FILE: examples/grpc-bridge/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/grpc_bridge) # gRPC HTTP/1.1 to HTTP/2 bridge This is an example of a key-value store where a client CLI, written in Python, updates a remote store, written in Go, using the stubs generated for both languages. Running clients that uses gRPC stubs and sends messages through a proxy that upgrades the HTTP requests from http/1.1 to http/2. This is a more detailed implementation of the Envoy documentation at https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/grpc_bridge * Client: talks in python and sends HTTP/1.1 requests (gRPC stubs) * Client-Proxy: Envoy setup that acts as an egress and converts the HTTP/1.1 call to HTTP/2. * Server: talks in golang and receives HTTP/2 requests (gRPC stubs) * Server-Proxy: Envoy setup that acts as an ingress and receives the HTTP/2 calls `[client](http/1.1) -> [client-egress-proxy](http/2) -> [server-ingress-proxy](http/2) -> [server]` # Running in 3 Steps * Generate Stubs: both the `client` and `server` stubs in `python` and `go` respectively to be used by each server. * Start Both Client and Server Servers and Proxies: ` * Use the Client CLI to make calls to the kv server. ## Generate Stubs * Uses the `protos` dir and generates the stubs for both `client` and `server` * Inspect the file `docker-compose-protos.yaml` with the gRPC protoc commands to generate the stubs. ```console $ docker-compose -f docker-compose-protos.yaml up --remove-orphans Starting grpc-bridge_stubs_python_1 ... done Starting grpc-bridge_stubs_go_1 ... done Attaching to grpc-bridge_stubs_go_1, grpc-bridge_stubs_python_1 grpc-bridge_stubs_go_1 exited with code 0 grpc-bridge_stubs_python_1 exited with code 0 ``` * The files created were the `kv` modules for both the client and server respective dir. * Note that both stubs are their respective languages. * For each language, use its ways to include the stubs as an external module. ```console $ ls -la client/kv/kv_pb2.py -rw-r--r-- 1 mdesales CORP\Domain Users 9527 Nov 6 21:59 client/kv/kv_pb2.py $ ls -la server/kv/kv.pb.go -rw-r--r-- 1 mdesales CORP\Domain Users 9994 Nov 6 21:59 server/kv/kv.pb.go ``` ## Start Both Client and Server and Proxies * After the stubs are in place, start the containers described in `docker-compose.yaml`. ```console $ docker-compose up --build ``` * Inspect the files `client/envoy-proxy.yaml` and `server/envoy-proxy.yaml`, as they define configs for their respective container, comparing port numbers and other specific settings. Notice that you will be interacting with the client container, which hosts the client python CLI. The port numbers for the proxies and the containers are displayed by the `docker-compose ps`, so it's easier to compare with the `\*/envoy-proxy.yaml` config files for each of the containers how they match. Note that the client container to use is `grpc-bridge_grpc-client_1` and binds to no port as it will use the `python` CLI. ```console $ docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------------ grpc-bridge_grpc-client-proxy_1 /docker-entrypoint.sh /usr ... Up 10000/tcp, 0.0.0.0:9911->9911/tcp, 0.0.0.0:9991->9991/tcp grpc-bridge_grpc-client_1 /bin/sh -c tail -f /dev/null Up grpc-bridge_grpc-server-proxy_1 /docker-entrypoint.sh /usr ... Up 10000/tcp, 0.0.0.0:8811->8811/tcp, 0.0.0.0:8881->8881/tcp grpc-bridge_grpc-server_1 /bin/sh -c /bin/server Up 0.0.0.0:8081->8081/tcp ``` ## Use the Client CLI * Since the containers are running, you can use the client container to interact with the gRPC server through the proxies * The client has the methods `set key value` and `get key` to use the in-memory key-value store. ```console $ docker-compose exec grpc-client /client/grpc-kv-client.py set foo bar setf foo to bar ``` > NOTE: You could also run docker instead of docker-compose `docker exec -ti grpc-bridge_grpc-client_1 /client/grpc-kv-client.py set foo bar` * The server will display the gRPC call received by the server, and then the access logs from the proxy for the SET method. * Note that the proxy is propagating the headers of the request ```console grpc-server_1 | 2019/11/07 16:33:58 set: foo = bar grpc-server-proxy_1 | [2019-11-07T16:33:58.856Z] "POST /kv.KV/Set HTTP/1.1" 200 - 15 7 3 1 "172.24.0.3" "python-requests/2.22.0" "c11cf735-0647-4e67-965c-5b1e362a5532" "grpc" "172.24.0.2:8081" grpc-client-proxy_1 | [2019-11-07T16:33:58.855Z] "POST /kv.KV/Set HTTP/1.1" 200 - 15 7 5 3 "172.24.0.3" "python-requests/2.22.0" "c11cf735-0647-4e67-965c-5b1e362a5532" "grpc" "172.24.0.5:8811" ``` * Getting the value is no different ```console $ docker-compose exec grpc-client /client/grpc-kv-client.py get foo bar ``` > NOTE: You could also run docker instead of docker-compose `docker exec -ti grpc-bridge_grpc-client_1 /client/grpc-kv-client.py get foo` * The logs in the server will show the same for the GET method. * Note that again the request ID is proxied through ```console grpc-server_1 | 2019/11/07 16:34:50 get: foo grpc-server-proxy_1 | [2019-11-07T16:34:50.456Z] "POST /kv.KV/Get HTTP/1.1" 200 - 10 10 2 1 "172.24.0.3" "python-requests/2.22.0" "727d4dcd-a276-4bb2-b4cc-494ae7119c24" "grpc" "172.24.0.2:8081" grpc-client-proxy_1 | [2019-11-07T16:34:50.455Z] "POST /kv.KV/Get HTTP/1.1" 200 - 10 10 3 2 "172.24.0.3" "python-requests/2.22.0" "727d4dcd-a276-4bb2-b4cc-494ae7119c24" "grpc" "172.24.0.5:8811" ``` # Troubleshooting * Errors building the `client` or `server` are related to the missing gRPC stubs. * Make sure to produce the stubs before building * The error below is when the server is missing the stubs in the kv dir. ```console $ go build -o server go: finding github.com/envoyproxy/envoy/examples/grpc-bridge latest go: finding github.com/envoyproxy/envoy/examples latest go: finding github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv latest go: finding github.com/envoyproxy/envoy/examples/grpc-bridge/server latest build github.com/envoyproxy/envoy: cannot load github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv: no matching versions for query "latest" ``` ================================================ FILE: examples/grpc-bridge/client/Dockerfile ================================================ FROM grpc/python WORKDIR /client COPY requirements.txt /client/requirements.txt # Cache the dependencies RUN pip install -r /client/requirements.txt # Copy the sources, including the stubs COPY client.py /client/grpc-kv-client.py COPY kv /client/kv RUN chmod a+x /client/grpc-kv-client.py # http://bigdatums.net/2017/11/07/how-to-keep-docker-containers-running/ # Call docker exec /client/grpc.py set | get CMD tail -f /dev/null ================================================ FILE: examples/grpc-bridge/client/client.py ================================================ #!/usr/bin/env python import requests, sys import os # Stubs generated by protoc from kv import kv_pb2 as kv from struct import pack HOST = os.getenv('CLIENT_PROXY', "http://localhost:9001") HEADERS = {'content-type': 'application/grpc', 'Host': 'grpc'} USAGE = """ grpc-client usage [{host}]: ./client.py set - sets the and ./client.py get - gets the value for Set env var CLIENT_PROXY to change to a different host """.format(host=HOST) class KVClient(): def get(self, key): r = kv.GetRequest(key=key) # Build the gRPC frame data = r.SerializeToString() data = pack('!cI', b'\0', len(data)) + data resp = requests.post(HOST + "/kv.KV/Get", data=data, headers=HEADERS) return kv.GetResponse().FromString(resp.content[5:]) def set(self, key, value): r = kv.SetRequest(key=key, value=value) data = r.SerializeToString() data = pack('!cI', b'\0', len(data)) + data return requests.post(HOST + "/kv.KV/Set", data=data, headers=HEADERS) def run(): if len(sys.argv) == 1: print(USAGE) sys.exit(0) cmd = sys.argv[1] client = KVClient() if cmd == "get": # ensure a key was provided if len(sys.argv) != 3: print(USAGE) sys.exit(1) # get the key to fetch key = sys.argv[2] # send the request to the server response = client.get(key) print(response.value) sys.exit(0) elif cmd == "set": # ensure a key and value were provided if len(sys.argv) < 4: print(USAGE) sys.exit(1) # get the key and the full text of value key = sys.argv[2] value = " ".join(sys.argv[3:]) # send the request to the server response = client.set(key, value) print("setf %s to %s" % (key, value)) if __name__ == '__main__': run() ================================================ FILE: examples/grpc-bridge/client/envoy-proxy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 9911 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto add_user_agent: true access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/dev/stdout" stat_prefix: egress_http common_http_protocol_options: idle_timeout: 0.840s use_remote_address: true route_config: name: local_route virtual_hosts: - name: backend domains: - grpc routes: - match: prefix: "/" route: cluster: backend-proxy http_filters: - name: envoy.filters.http.grpc_http1_bridge typed_config: {} - name: envoy.filters.http.router typed_config: {} clusters: - name: backend-proxy type: logical_dns dns_lookup_family: V4_ONLY lb_policy: round_robin connect_timeout: 0.250s http_protocol_options: {} load_assignment: cluster_name: backend-proxy endpoints: - lb_endpoints: - endpoint: address: socket_address: address: kv-backend-proxy port_value: 8811 admin: access_log_path: "/tmp/admin_access.log" address: socket_address: address: 0.0.0.0 port_value: 9991 ================================================ FILE: examples/grpc-bridge/client/kv/__init__.py ================================================ ================================================ FILE: examples/grpc-bridge/client/requirements.txt ================================================ requests>=2.22.0 grpcio grpcio-tools protobuf==3.10.0 ================================================ FILE: examples/grpc-bridge/docker-compose-protos.yaml ================================================ version: "3.7" # This is the conversion from a script to a dockerized version of the script # https://github.com/envoyproxy/envoy/blob/master/examples/grpc-bridge/service/script/gen services: # $ docker run -ti -v $(pwd):/protos -v $(pwd)/stubs:/stubs grpc/go protoc --go_out=plugins=grpc:/stubs -I/protos /protos/kv.proto stubs_go: image: grpc/go command: protoc --go_out=plugins=grpc:/stubs -I/protos /protos/kv.proto volumes: - ./protos:/protos - ./server/kv:/stubs # $ docker run -ti -v $(pwd):/protos -v $(pwd)/stubs:/stubs grpc/python python -m grpc.tools.protoc --python_out=/stubs --grpc_python_out=/stubs -I/protos /protos/kv.proto stubs_python: image: grpc/python command: python -m grpc.tools.protoc --python_out=/stubs --grpc_python_out=/stubs -I/protos /protos/kv.proto volumes: - ./protos:/protos - ./client/kv:/stubs ================================================ FILE: examples/grpc-bridge/docker-compose.yaml ================================================ version: "3.7" services: # Requires the build of the stubs first grpc-server: image: envoyproxy/example-kv-server build: context: server expose: - "8081" ports: - "8081:8081" networks: envoymesh: aliases: - kv-backend-service grpc-server-proxy: build: context: . dockerfile: Dockerfile-server networks: envoymesh: aliases: - kv-backend-proxy expose: - "8811" - "8881" ports: - "8811:8811" - "8881:8881" # Requires the build of the stubs first grpc-client: image: envoyproxy/example-kv-client build: context: client environment: - CLIENT_PROXY=http://kv-client-proxy:9911 networks: envoymesh: aliases: - grpc-client grpc-client-proxy: build: context: . dockerfile: Dockerfile-client networks: envoymesh: aliases: - kv-client-proxy expose: - "9911" - "9991" ports: - "9911:9911" - "9991:9991" networks: envoymesh: {} ================================================ FILE: examples/grpc-bridge/protos/kv.proto ================================================ syntax = "proto3"; package kv; message GetRequest { string key = 1; } message GetResponse { string value = 1; } message SetRequest { string key = 1; string value = 2; } message SetResponse { bool ok = 1; } service KV { rpc Get(GetRequest) returns (GetResponse); rpc Set(SetRequest) returns (SetResponse); } ================================================ FILE: examples/grpc-bridge/server/Dockerfile ================================================ FROM golang:1.13.0-stretch as builder WORKDIR /build # Resolve and build Go dependencies as Docker cache COPY go.mod /build/go.mod COPY go.sum /build/go.sum COPY kv/go.mod /build/kv/go.mod ENV GO111MODULE=on RUN go mod download COPY service.go /build/main.go COPY kv/ /build/kv # Build for linux ENV GOOS=linux ENV GOARCH=amd64 ENV CGO_ENABLED=0 RUN go build -o server # Build the main container (Linux Runtime) FROM alpine:latest WORKDIR /root/ # Copy the linux amd64 binary COPY --from=builder /build/server /bin/ ENTRYPOINT /bin/server ================================================ FILE: examples/grpc-bridge/server/envoy-proxy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8811 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http access_log: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/dev/stdout" route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/" grpc: {} route: cluster: backend_grpc_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: backend_grpc_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: backend_grpc_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: kv-backend-service port_value: 8081 admin: access_log_path: "/tmp/admin_access.log" address: socket_address: address: 0.0.0.0 port_value: 8881 ================================================ FILE: examples/grpc-bridge/server/go.mod ================================================ module github.com/envoyproxy/envoy go 1.13 require ( github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv v0.0.0-00010101000000-000000000000 golang.org/x/net v0.0.0-20191105084925-a882066a44e0 google.golang.org/grpc v1.25.0 ) replace github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv => ./kv ================================================ FILE: examples/grpc-bridge/server/go.sum ================================================ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20191105084925-a882066a44e0 h1:QPlSTtPE2k6PZPasQUbzuK3p9JbS+vMXYVto8g/yrsg= golang.org/x/net v0.0.0-20191105084925-a882066a44e0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.0 h1:ItERT+UbGdX+s4u+nQNlVM/Q7cbmf7icKfvzbWqVtq0= google.golang.org/grpc v1.25.0/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= ================================================ FILE: examples/grpc-bridge/server/kv/go.mod ================================================ ================================================ FILE: examples/grpc-bridge/server/service.go ================================================ package main import ( "flag" "fmt" "log" "net" "sync" "github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv" "golang.org/x/net/context" "google.golang.org/grpc" ) type KV struct { sync.Mutex store map[string]string } func (k *KV) Get(ctx context.Context, in *kv.GetRequest) (*kv.GetResponse, error) { log.Printf("get: %s", in.Key) resp := new(kv.GetResponse) if val, ok := k.store[in.Key]; ok { resp.Value = val } return resp, nil } func (k *KV) Set(ctx context.Context, in *kv.SetRequest) (*kv.SetResponse, error) { log.Printf("set: %s = %s", in.Key, in.Value) k.Lock() defer k.Unlock() k.store[in.Key] = in.Value return &kv.SetResponse{Ok: true}, nil } func NewKVStore() (kv *KV) { kv = &KV{ store: make(map[string]string), } return } func main() { port := flag.Int("port", 8081, "grpc port") flag.Parse() lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) if err != nil { log.Fatalf("failed to listen: %v", err) } gs := grpc.NewServer() kv.RegisterKVServer(gs, NewKVStore()) log.Printf("starting grpc on :%d\n", *port) gs.Serve(lis) } ================================================ FILE: examples/grpc-bridge/verify.sh ================================================ #!/bin/bash -e export NAME=grpc-bridge # this allows us to bring up the stack manually after generating stubs export MANUAL=true # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Generate protocol stubs" docker-compose -f docker-compose-protos.yaml up docker rm grpc-bridge_stubs_go_1 grpc-bridge_stubs_python_1 ls client/kv/kv_pb2.py ls server/kv/kv.pb.go bring_up_example run_log "Set key value foo=bar" docker-compose exec -T grpc-client /client/grpc-kv-client.py set foo bar | grep setf run_log "Get key foo" docker-compose exec -T grpc-client /client/grpc-kv-client.py get foo | grep bar ================================================ FILE: examples/jaeger-native-tracing/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy-jaeger.yaml /etc/front-envoy.yaml # # for discussion on jaeger binary compatibility, and the source of the file, see here: # https://github.com/envoyproxy/envoy/issues/11382#issuecomment-638012072 # RUN echo "4a7d17d4724ee890490bcd6cfdedb12a02316a3d33214348d30979abd201f1ca /usr/local/lib/libjaegertracing_plugin.so" > /tmp/checksum \ && curl -Ls https://github.com/tetratelabs/getenvoy-package/files/3518103/getenvoy-centos-jaegertracing-plugin.tar.gz \ | tar zxf - -C /usr/local/lib \ && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ && sha256sum -c /tmp/checksum \ && rm /tmp/checksum \ && chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/jaeger-native-tracing/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/jaeger_native_tracing) ================================================ FILE: examples/jaeger-native-tracing/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" dns: - 8.8.8.8 - 8.8.4.4 service1: build: context: ../front-proxy dockerfile: Dockerfile-jaeger-service volumes: - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service1 environment: - SERVICE_NAME=1 expose: - "8000" dns: - 8.8.8.8 - 8.8.4.4 service2: build: context: ../front-proxy dockerfile: Dockerfile-jaeger-service volumes: - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service2 environment: - SERVICE_NAME=2 expose: - "8000" dns: - 8.8.8.8 - 8.8.4.4 jaeger: image: jaegertracing/all-in-one environment: - COLLECTOR_ZIPKIN_HTTP_PORT=9411 networks: envoymesh: aliases: - jaeger expose: - "9411" - "16686" ports: - "9411:9411" - "16686:16686" networks: envoymesh: {} ================================================ FILE: examples/jaeger-native-tracing/front-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager generate_request_id: true tracing: provider: name: envoy.tracers.dynamic_ot typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.DynamicOtConfig library: /usr/local/lib/libjaegertracing_plugin.so config: service_name: front-proxy sampler: type: const param: 1 reporter: localAgentHostPort: jaeger:6831 headers: jaegerDebugHeader: jaeger-debug-id jaegerBaggageHeader: jaeger-baggage traceBaggageHeaderPrefix: uberctx- baggage_restrictions: denyBaggageOnInitializationFailure: false hostPort: "" codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/" route: cluster: service1 decorator: operation: checkAvailability http_filters: - name: envoy.filters.http.router typed_config: {} use_remote_address: true clusters: - name: service1 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-native-tracing/install-jaeger-plugin.sh ================================================ #!/usr/bin/env bash JAEGER_VERSION=v0.4.2 curl -Lo /usr/local/lib/libjaegertracing_plugin.so https://github.com/jaegertracing/jaeger-client-cpp/releases/download/$JAEGER_VERSION/libjaegertracing_plugin.linux_amd64.so ================================================ FILE: examples/jaeger-native-tracing/service1-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: service1_route virtual_hosts: - name: service1 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkAvailability http_filters: - name: envoy.filters.http.router typed_config: {} - address: socket_address: address: 0.0.0.0 port_value: 9000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.dynamic_ot typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.DynamicOtConfig library: /usr/local/lib/libjaegertracing_plugin.so config: service_name: service1 sampler: type: const param: 1 reporter: localAgentHostPort: jaeger:6831 headers: jaegerDebugHeader: jaeger-debug-id jaegerBaggageHeader: jaeger-baggage traceBaggageHeaderPrefix: uberctx- baggage_restrictions: denyBaggageOnInitializationFailure: false hostPort: "" codec_type: auto stat_prefix: egress_http route_config: name: service2_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/trace/2" route: cluster: service2 decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: service2 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 8000 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-native-tracing/service2-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.dynamic_ot typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.DynamicOtConfig library: /usr/local/lib/libjaegertracing_plugin.so config: service_name: service2 sampler: type: const param: 1 reporter: localAgentHostPort: jaeger:6831 headers: jaegerDebugHeader: jaeger-debug-id jaegerBaggageHeader: jaeger-baggage traceBaggageHeaderPrefix: uberctx- baggage_restrictions: denyBaggageOnInitializationFailure: false hostPort: "" codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-native-tracing/verify.sh ================================================ #!/bin/bash -e export NAME=jaeger-native export DELAY=10 # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test services" responds_with \ Hello \ http://localhost:8000/trace/1 run_log "Test Jaeger UI" responds_with \ "" \ http://localhost:16686 ================================================ FILE: examples/jaeger-tracing/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy-jaeger.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/jaeger-tracing/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/jaeger_tracing) ================================================ FILE: examples/jaeger-tracing/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" service1: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service1 environment: - SERVICE_NAME=1 expose: - "8000" service2: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service2 environment: - SERVICE_NAME=2 expose: - "8000" jaeger: image: jaegertracing/all-in-one environment: - COLLECTOR_ZIPKIN_HTTP_PORT=9411 networks: envoymesh: aliases: - jaeger expose: - "9411" - "16686" ports: - "9411:9411" - "16686:16686" networks: envoymesh: {} ================================================ FILE: examples/jaeger-tracing/front-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager generate_request_id: true tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: jaeger collector_endpoint: "/api/v2/spans" shared_span_context: false collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/" route: cluster: service1 decorator: operation: checkAvailability http_filters: - name: envoy.filters.http.router typed_config: {} use_remote_address: true clusters: - name: service1 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 8000 - name: jaeger connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: jaeger endpoints: - lb_endpoints: - endpoint: address: socket_address: address: jaeger port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-tracing/service1-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: jaeger collector_endpoint: "/api/v2/spans" shared_span_context: false collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: service1_route virtual_hosts: - name: service1 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkAvailability http_filters: - name: envoy.filters.http.router typed_config: {} - address: socket_address: address: 0.0.0.0 port_value: 9000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: jaeger collector_endpoint: "/api/v2/spans" shared_span_context: false collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: egress_http route_config: name: service2_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/trace/2" route: cluster: service2 decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: service2 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 8000 - name: jaeger connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: jaeger endpoints: - lb_endpoints: - endpoint: address: socket_address: address: jaeger port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-tracing/service2-envoy-jaeger.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: jaeger collector_endpoint: "/api/v2/spans" shared_span_context: false collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: jaeger connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: jaeger endpoints: - lb_endpoints: - endpoint: address: socket_address: address: jaeger port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/jaeger-tracing/verify.sh ================================================ #!/bin/bash -e export NAME=jaeger-tracing # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test services" responds_with \ Hello \ http://localhost:8000/trace/1 run_log "Test Jaeger UI" responds_with \ "" \ http://localhost:16686 ================================================ FILE: examples/load-reporting-service/Dockerfile-http-server ================================================ FROM envoyproxy/envoy-alpine-dev:latest RUN apk update && apk add py3-pip bash curl RUN mkdir /code ADD ./start_service.sh /usr/local/bin/start_service.sh COPY . ./code RUN pip3 install -q Flask==0.11.1 RUN chmod u+x /usr/local/bin/start_service.sh ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] ================================================ FILE: examples/load-reporting-service/Dockerfile-lrs ================================================ FROM golang COPY ./server /go/src/github.com/envoyproxy/envoy/example/load-reporting-service/server COPY *.go /go/src/github.com/envoyproxy/envoy/example/load-reporting-service/ COPY go.sum /go/src/github.com/envoyproxy/envoy/example/load-reporting-service COPY go.mod /go/src/github.com/envoyproxy/envoy/example/load-reporting-service WORKDIR /go/src/github.com/envoyproxy/envoy/example/load-reporting-service RUN go mod download RUN go install /go/src/github.com/envoyproxy/envoy/example/load-reporting-service CMD ["go","run","main.go"] ================================================ FILE: examples/load-reporting-service/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/load_reporting_service.html) ================================================ FILE: examples/load-reporting-service/docker-compose.yaml ================================================ version: '3.7' services: http_service: build: context: . dockerfile: Dockerfile-http-server volumes: - ./service-envoy-w-lrs.yaml:/etc/service-envoy-w-lrs.yaml environment: ENVOY_UID: 0 networks: envoymesh: aliases: - http_service expose: - "80" - "8081" ports: - "80-81:80" - "8081-8082:8081" lrs_server: build: context: . dockerfile: Dockerfile-lrs networks: envoymesh: aliases: - lrs_server volumes: - /go/src/github.com/envoyproxy/envoy/examples/load-reporting-service expose: - "18000" ports: - "18000:18000" networks: envoymesh: {} ================================================ FILE: examples/load-reporting-service/go.mod ================================================ module github.com/envoyproxy/envoy/examples/load-reporting-service go 1.13 require ( github.com/envoyproxy/go-control-plane v0.9.0 github.com/golang/protobuf v1.3.2 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b // indirect golang.org/x/sys v0.0.0-20190412213103-97732733099d // indirect google.golang.org/grpc v1.25.1 ) ================================================ FILE: examples/load-reporting-service/go.sum ================================================ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/envoyproxy/go-control-plane v0.9.0 h1:67WMNTvGrl7V1dWdKCeTwxDr7nio9clKoTlLhwIPnT4= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3 h1:XQyxROzUlZH+WIQwySDgnISgOivlhjIEwaQaJEJrrN0= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a h1:oWX7TPOiFAMXLq8o0ikBYfCJVlRHBcsciT5bXOrH628= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b h1:0mm1VjtFUOIlE1SbDlwjYaDxZVDP2S5ou6y0gSgXHu8= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135 h1:5Beo0mZN8dRzgrMMkDp0jc8YXQKx9DiJ2k1dkvGsn5A= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1 h1:wdKvqQk7IttEw92GoRyKG2IDrUIpgpj6H6m81yfeMW0= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= ================================================ FILE: examples/load-reporting-service/http_server.py ================================================ from flask import Flask app = Flask(__name__) @app.route('/service') def hello(): return 'Hello from behind Envoy!' if __name__ == "__main__": app.run(host='0.0.0.0', port=8082, debug=False) ================================================ FILE: examples/load-reporting-service/main.go ================================================ package main import ( "log" "net" "github.com/envoyproxy/envoy/examples/load-reporting-service/server" gcpLoadStats "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2" "google.golang.org/grpc" ) func main() { // Listening on port 18000 address := ":18000" lis, err := net.Listen("tcp", address) if err != nil { panic(err) } grpcServer := grpc.NewServer() xdsServer := server.NewServer() gcpLoadStats.RegisterLoadReportingServiceServer(grpcServer, xdsServer) log.Printf("LRS Server is up and running on %s", address) err = grpcServer.Serve(lis) if err != nil { panic(err) } } ================================================ FILE: examples/load-reporting-service/send_requests.sh ================================================ #!/usr/bin/env bash counter=1 while [ $counter -le 50 ] do # generate random Port number to send requests ports=("80" "81") port=${ports[$RANDOM % ${#ports[@]} ]} curl -v "localhost:${port}/service" ((counter++)) done ================================================ FILE: examples/load-reporting-service/server/lrs_server.go ================================================ package server import ( "log" "sync" gcpLoadStats "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2" "github.com/golang/protobuf/ptypes/duration" ) // This is how often Envoy will send the load report const StatsFrequencyInSeconds = 2 // Server handling Load Stats communication type Server interface { gcpLoadStats.LoadReportingServiceServer HandleRequest(stream gcpLoadStats.LoadReportingService_StreamLoadStatsServer, request *gcpLoadStats.LoadStatsRequest) } func NewServer() Server { return &server{nodesConnected: make(map[string]bool)} } type server struct { // protects nodesConnected mu sync.Mutex // This cache stores nodes connected to the LRS server nodesConnected map[string]bool } // Handles incoming stream connections and LoadStatsRequests func (s *server) StreamLoadStats(stream gcpLoadStats.LoadReportingService_StreamLoadStatsServer) error { for { req, err := stream.Recv() // input stream ended or errored out if err != nil { return err } s.HandleRequest(stream, req) } } func (s *server) HandleRequest(stream gcpLoadStats.LoadReportingService_StreamLoadStatsServer, request *gcpLoadStats.LoadStatsRequest) { nodeID := request.GetNode().GetId() s.mu.Lock() defer s.mu.Unlock() // Check whether any Node has already connected or not. // If not, add the NodeID to nodesConnected and enable Load Report with given frequency // If yes, log stats if _, exist := s.nodesConnected[nodeID]; !exist { // Add NodeID to the nodesConnected log.Printf("Adding new new node to cache `%s`", nodeID) s.nodesConnected[nodeID] = true // Initialize Load Reporting err := stream.Send(&gcpLoadStats.LoadStatsResponse{ Clusters: []string{"local_service"}, LoadReportingInterval: &duration.Duration{Seconds: StatsFrequencyInSeconds}, ReportEndpointGranularity: true, }) if err != nil { log.Panicf("Unable to send response to node %s due to err: %s", nodeID, err) } return } // After Load Report is enabled, log the Load Report stats received for _, clusterStats := range request.ClusterStats { if len(clusterStats.UpstreamLocalityStats) > 0 { log.Printf("Got stats from cluster `%s` node `%s` - %s", request.Node.Cluster, request.Node.Id, clusterStats) } } } ================================================ FILE: examples/load-reporting-service/service-envoy-w-lrs.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 80 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/service" route: cluster: local_service http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8082 - name: load_reporting_cluster connect_timeout: 0.25s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: load_reporting_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: lrs_server port_value: 18000 cluster_manager: load_stats_config: api_type: GRPC grpc_services: envoy_grpc: cluster_name: load_reporting_cluster admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8081 ================================================ FILE: examples/load-reporting-service/start_service.sh ================================================ #!/bin/bash python3 /code/http_server.py & /usr/local/bin/envoy -c /etc/service-envoy-w-lrs.yaml --service-node "${HOSTNAME}" --service-cluster http_service ================================================ FILE: examples/load-reporting-service/verify.sh ================================================ #!/bin/bash -e export NAME=load-reporting export UPARGS="--scale http_service=2" # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Send requests" bash send_requests.sh 2> /dev/null run_log "Check logs: http 1" docker-compose logs http_service | grep http_service_1 | grep HTTP | grep 200 run_log "Check logs: http 2" docker-compose logs http_service | grep http_service_2 | grep HTTP | grep 200 run_log "Check logs: lrs_server" docker-compose logs lrs_server | grep "up and running" ================================================ FILE: examples/lua/Dockerfile-proxy ================================================ FROM envoyproxy/envoy-dev:latest ADD ./lib/mylibrary.lua /lib/mylibrary.lua COPY ./envoy.yaml /etc/envoy.yaml RUN chmod go+r /etc/envoy.yaml /lib/mylibrary.lua CMD ["/usr/local/bin/envoy", "-c", "/etc/envoy.yaml", "-l", "debug", "--service-cluster", "proxy"] ================================================ FILE: examples/lua/Dockerfile-web-service ================================================ FROM solsson/http-echo ================================================ FILE: examples/lua/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/lua.html). ================================================ FILE: examples/lua/docker-compose.yaml ================================================ version: "3.7" services: proxy: build: context: . dockerfile: Dockerfile-proxy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" web_service: build: context: . dockerfile: Dockerfile-web-service networks: envoymesh: aliases: - web_service expose: - "80" ports: - "8080:80" networks: envoymesh: {} ================================================ FILE: examples/lua/envoy.yaml ================================================ static_resources: listeners: - name: main address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http codec_type: auto route_config: name: local_route virtual_hosts: - name: local_service domains: - "*" routes: - match: prefix: "/" route: cluster: web_service http_filters: - name: envoy.filters.http.lua typed_config: "@type": type.googleapis.com/envoy.config.filter.http.lua.v2.Lua inline_code: | local mylibrary = require("lib.mylibrary") function envoy_on_request(request_handle) request_handle:headers():add("foo", mylibrary.foobar()) end function envoy_on_response(response_handle) body_size = response_handle:body():length() response_handle:headers():add("response-body-size", tostring(body_size)) end - name: envoy.filters.http.router typed_config: {} clusters: - name: web_service connect_timeout: 0.25s type: strict_dns # static lb_policy: round_robin load_assignment: cluster_name: web_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: web_service port_value: 80 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/lua/lib/mylibrary.lua ================================================ M = {} function M.foobar() return "bar" end return M ================================================ FILE: examples/lua/verify.sh ================================================ #!/bin/bash -e export NAME=lua # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test connection" responds_with \ foo \ http://localhost:8000 ================================================ FILE: examples/mysql/Dockerfile-mysql ================================================ FROM mysql:5.5 ================================================ FILE: examples/mysql/Dockerfile-proxy ================================================ FROM envoyproxy/envoy-dev:latest COPY ./envoy.yaml /etc/envoy.yaml RUN chmod go+r /etc/envoy.yaml CMD ["/usr/local/bin/envoy", "-c /etc/envoy.yaml", "-l", "debug"] ================================================ FILE: examples/mysql/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/mysql.html). ================================================ FILE: examples/mysql/docker-compose.yaml ================================================ version: "3.7" services: proxy: build: context: . dockerfile: Dockerfile-proxy networks: envoymesh: aliases: - envoy expose: - "1999" - "8001" ports: - "1999:1999" - "8001:8001" mysql: build: context: . dockerfile: Dockerfile-mysql networks: envoymesh: aliases: - mysql environment: - MYSQL_ALLOW_EMPTY_PASSWORD=yes expose: - "3306" ports: - "3306:3306" networks: envoymesh: name: envoymesh ================================================ FILE: examples/mysql/envoy.yaml ================================================ static_resources: listeners: - name: mysql_listener address: socket_address: address: 0.0.0.0 port_value: 1999 filter_chains: - filters: - name: envoy.filters.network.mysql_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.network.mysql_proxy.v1alpha1.MySQLProxy stat_prefix: egress_mysql - name: envoy.filters.network.tcp_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy stat_prefix: mysql_tcp cluster: mysql_cluster clusters: - name: mysql_cluster connect_timeout: 1s type: strict_dns load_assignment: cluster_name: mysql_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: mysql port_value: 3306 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/mysql/verify.sh ================================================ #!/bin/bash -e export NAME=mysql export DELAY=10 # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" _mysql () { local mysql_client mysql_client=(docker run --network envoymesh mysql:5.5 mysql -h envoy -P 1999 -u root) "${mysql_client[@]}" "${@}" } run_log "Create a mysql database" _mysql -e "CREATE DATABASE test;" _mysql -e "show databases;" | grep test run_log "Create a mysql table" _mysql -e "USE test; CREATE TABLE test ( text VARCHAR(255) ); INSERT INTO test VALUES ('hello, world!');" _mysql -e "SELECT COUNT(*) from test.test;" | grep 1 run_log "Check mysql egress stats" responds_with \ egress_mysql \ "http://localhost:8001/stats?filter=egress_mysql" run_log "Check mysql TCP stats" responds_with \ mysql_tcp \ "http://localhost:8001/stats?filter=mysql_tcp" ================================================ FILE: examples/redis/Dockerfile-proxy ================================================ FROM envoyproxy/envoy-dev:latest COPY ./envoy.yaml /etc/envoy.yaml RUN chmod go+r /etc/envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/envoy.yaml", "-l", "debug", "--service-cluster", "proxy"] ================================================ FILE: examples/redis/Dockerfile-redis ================================================ FROM redis ================================================ FILE: examples/redis/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/redis.html). ================================================ FILE: examples/redis/docker-compose.yaml ================================================ version: "3.7" services: proxy: build: context: . dockerfile: Dockerfile-proxy networks: - envoymesh expose: - "1999" - "8001" ports: - "1999:1999" - "8001:8001" redis: build: context: . dockerfile: Dockerfile-redis networks: envoymesh: aliases: - redis_server expose: - "6379" ports: - "6379:6379" networks: envoymesh: {} ================================================ FILE: examples/redis/envoy.yaml ================================================ static_resources: listeners: - name: redis_listener address: socket_address: address: 0.0.0.0 port_value: 1999 filter_chains: - filters: - name: envoy.filters.network.redis_proxy typed_config: "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy stat_prefix: egress_redis settings: op_timeout: 5s prefix_routes: catch_all_route: cluster: redis_cluster clusters: - name: redis_cluster connect_timeout: 1s type: strict_dns # static lb_policy: MAGLEV load_assignment: cluster_name: redis_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: redis_server port_value: 6379 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/redis/verify.sh ================================================ #!/bin/bash -e export NAME=redis # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test set" redis-cli -h localhost -p 1999 set foo FOO | grep OK redis-cli -h localhost -p 1999 set bar BAR | grep OK run_log "Test get" redis-cli -h localhost -p 1999 get foo | grep FOO redis-cli -h localhost -p 1999 get bar | grep BAR run_log "Test redis stats" responds_with \ egress_redis \ "http://localhost:8001/stats?usedonly&filter=redis.egress_redis.command" ================================================ FILE: examples/verify-common.sh ================================================ #!/bin/bash -e DELAY="${DELAY:-0}" DOCKER_NO_PULL="${DOCKER_NO_PULL:-}" MANUAL="${MANUAL:-}" NAME="${NAME:-}" PATHS="${PATHS:-.}" UPARGS="${UPARGS:-}" run_log () { echo -e "\n> [${NAME}] ${*}" } bring_up_example_stack () { local args path up_args args=("${UPARGS[@]}") path="$1" read -ra up_args <<< "up --build -d ${args[*]}" if [[ -z "$DOCKER_NO_PULL" ]]; then run_log "Pull the images ($path)" docker-compose pull echo fi run_log "Bring up services ($path)" docker-compose "${up_args[@]}" || return 1 echo } bring_up_example () { local path paths read -ra paths <<< "$(echo "$PATHS" | tr ',' ' ')" for path in "${paths[@]}"; do pushd "$path" > /dev/null || return 1 bring_up_example_stack "$path" || { echo "ERROR: starting ${NAME} ${path}" >&2 return 1 } popd > /dev/null || return 1 done if [[ "$DELAY" -ne "0" ]]; then run_log "Snooze for ${DELAY} while ${NAME} gets started" sleep "$DELAY" fi for path in "${paths[@]}"; do pushd "$path" > /dev/null || return 1 docker-compose ps docker-compose logs popd > /dev/null || return 1 done } cleanup_stack () { local path path="$1" run_log "Cleanup ($path)" docker-compose down } cleanup () { local path paths read -ra paths <<< "$(echo "$PATHS" | tr ',' ' ')" for path in "${paths[@]}"; do pushd "$path" > /dev/null || return 1 cleanup_stack "$path" || { echo "ERROR: cleanup ${NAME} ${path}" >&2 return 1 } popd > /dev/null done } _curl () { local arg curl_command curl_command=(curl -s) if [[ ! "$*" =~ "-X" ]]; then curl_command+=(-X GET) fi for arg in "${@}"; do curl_command+=("$arg") done "${curl_command[@]}" || { echo "ERROR: curl (${curl_command[*]})" >&2 return 1 } } responds_with () { local expected expected="$1" shift _curl "${@}" | grep "$expected" || { echo "ERROR: curl expected (${*}): $expected" >&2 return 1 } } responds_with_header () { local expected expected="$1" shift _curl --head "${@}" | grep "$expected" || { echo "ERROR: curl header (${*}): $expected" >&2 return 1 } } responds_without_header () { local expected expected="$1" shift _curl --head "${@}" | grep "$expected" | [[ "$(wc -l)" -eq 0 ]] || { echo "ERROR: curl without header (${*}): $expected" >&2 return 1 } } trap 'cleanup' EXIT if [[ -z "$NAME" ]]; then echo "ERROR: You must set the '$NAME' variable before sourcing this script" >&2 exit 1 fi if [[ -z "$MANUAL" ]]; then bring_up_example fi ================================================ FILE: examples/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", ) load("//bazel/wasm:wasm.bzl", "wasm_cc_binary") licenses(["notice"]) # Apache 2 envoy_package() wasm_cc_binary( name = "envoy_filter_http_wasm_example.wasm", srcs = ["envoy_filter_http_wasm_example.cc"], deps = [ "@proxy_wasm_cpp_sdk//:proxy_wasm_intrinsics", ], ) ================================================ FILE: examples/wasm/Dockerfile-proxy ================================================ FROM envoyproxy/envoy-dev:latest COPY ./envoy.yaml /etc/envoy.yaml COPY ./envoy_filter_http_wasm_example.wasm /etc/envoy_filter_http_wasm_example.wasm RUN chmod go+r /etc/envoy.yaml CMD /usr/local/bin/envoy -c /etc/envoy.yaml -l debug --service-cluster proxy ================================================ FILE: examples/wasm/Dockerfile-web-service ================================================ FROM solsson/http-echo ================================================ FILE: examples/wasm/README.md ================================================ # Envoy WebAssembly Filter In this example, we show how a WebAssembly(WASM) filter can be used with the Envoy proxy. The Envoy proxy [configuration](./envoy.yaml) includes a Webassembly filter as documented [here](https://www.envoyproxy.io/docs/envoy/latest/). ## Quick Start 1. `docker-compose build` 2. `docker-compose up` 3. `curl -v localhost:18000` Curl output should include our headers: ``` # curl -v localhost:8000 * Rebuilt URL to: localhost:18000/ * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 18000 (#0) > GET / HTTP/1.1 > Host: localhost:18000 > User-Agent: curl/7.58.0 > Accept: */* > < HTTP/1.1 200 OK < content-length: 13 < content-type: text/plain < location: envoy-wasm < date: Tue, 09 Jul 2019 00:47:14 GMT < server: envoy < x-envoy-upstream-service-time: 0 < newheader: newheadervalue < example body * Connection #0 to host localhost left intact ``` ## Build WASM Module Now you want to make changes to the C++ filter ([envoy_filter_http_wasm_example.cc](envoy_filter_http_wasm_example.cc)) and build the WASM module ([envoy_filter_http_wasm_example.wasm](envoy_filter_http_wasm_example.wasm)). 1. Build WASM module ```shell bazel build //examples/wasm:envoy_filter_http_wasm_example.wasm ``` ## Build the Envoy WASM Image For Envoy WASM runtime developers, if you want to make changes, please 1. Follow [instructions](https://github.com/envoyproxy/envoy-wasm/blob/master/WASM.md). 2. Modify `docker-compose.yaml` to mount your own Envoy. ================================================ FILE: examples/wasm/docker-compose.yaml ================================================ version: '3.7' services: proxy: build: context: . dockerfile: Dockerfile-proxy volumes: - ./envoy.yaml:/etc/envoy.yaml - ./envoy_wasm_example.wasm:/etc/envoy_wasm_example.wasm - ./envoy_filter_http_wasm_example.wasm:/etc/envoy_filter_http_wasm_example.wasm # Uncomment this line if you want to use your own Envoy with WASM enabled. #- /tmp/envoy-docker-build/envoy/source/exe/envoy:/usr/local/bin/envoy networks: - envoymesh expose: - "80" - "8001" ports: - "18000:80" - "18001:8001" web_service: build: context: . dockerfile: Dockerfile-web-service networks: envoymesh: aliases: - web_service expose: - "80" ports: - "18080:80" networks: envoymesh: {} ================================================ FILE: examples/wasm/envoy.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: - "*" routes: - match: prefix: "/" route: cluster: web_service http_filters: - name: envoy.filters.http.wasm typed_config: "@type": type.googleapis.com/udpa.type.v1.TypedStruct type_url: type.googleapis.com/envoy.extensions.filters.http.wasm.v3.Wasm value: config: name: "my_plugin" root_id: "my_root_id" configuration: "@type": "type.googleapis.com/google.protobuf.StringValue" value: | {} vm_config: runtime: "envoy.wasm.runtime.v8" vm_id: "my_vm_id" code: local: filename: "/etc/envoy_filter_http_wasm_example.wasm" configuration: {} - name: envoy.filters.http.router typed_config: {} - name: staticreply address: socket_address: address: 127.0.0.1 port_value: 8099 filter_chains: - filters: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http codec_type: auto route_config: name: local_route virtual_hosts: - name: local_service domains: - "*" routes: - match: prefix: "/" direct_response: status: 200 body: inline_string: "foo\n" http_filters: - name: envoy.router config: {} clusters: - name: web_service connect_timeout: 0.25s type: static lb_policy: round_robin load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8099 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/wasm/envoy_filter_http_wasm_example.cc ================================================ // NOLINT(namespace-envoy) #include #include #include #include "proxy_wasm_intrinsics.h" class ExampleRootContext : public RootContext { public: explicit ExampleRootContext(uint32_t id, std::string_view root_id) : RootContext(id, root_id) {} bool onStart(size_t) override; bool onConfigure(size_t) override; void onTick() override; }; class ExampleContext : public Context { public: explicit ExampleContext(uint32_t id, RootContext* root) : Context(id, root) {} void onCreate() override; FilterHeadersStatus onRequestHeaders(uint32_t headers, bool end_of_stream) override; FilterDataStatus onRequestBody(size_t body_buffer_length, bool end_of_stream) override; FilterHeadersStatus onResponseHeaders(uint32_t headers, bool end_of_stream) override; FilterDataStatus onResponseBody(size_t body_buffer_length, bool end_of_stream) override; void onDone() override; void onLog() override; void onDelete() override; }; static RegisterContextFactory register_ExampleContext(CONTEXT_FACTORY(ExampleContext), ROOT_FACTORY(ExampleRootContext), "my_root_id"); bool ExampleRootContext::onStart(size_t) { LOG_TRACE("onStart"); return true; } bool ExampleRootContext::onConfigure(size_t) { LOG_TRACE("onConfigure"); proxy_set_tick_period_milliseconds(1000); // 1 sec return true; } void ExampleRootContext::onTick() { LOG_TRACE("onTick"); } void ExampleContext::onCreate() { LOG_WARN(std::string("onCreate " + std::to_string(id()))); } FilterHeadersStatus ExampleContext::onRequestHeaders(uint32_t, bool) { LOG_DEBUG(std::string("onRequestHeaders ") + std::to_string(id())); auto result = getRequestHeaderPairs(); auto pairs = result->pairs(); LOG_INFO(std::string("headers: ") + std::to_string(pairs.size())); for (auto& p : pairs) { LOG_INFO(std::string(p.first) + std::string(" -> ") + std::string(p.second)); } return FilterHeadersStatus::Continue; } FilterHeadersStatus ExampleContext::onResponseHeaders(uint32_t, bool) { LOG_DEBUG(std::string("onResponseHeaders ") + std::to_string(id())); auto result = getResponseHeaderPairs(); auto pairs = result->pairs(); LOG_INFO(std::string("headers: ") + std::to_string(pairs.size())); for (auto& p : pairs) { LOG_INFO(std::string(p.first) + std::string(" -> ") + std::string(p.second)); } addResponseHeader("newheader", "newheadervalue"); replaceResponseHeader("location", "envoy-wasm"); return FilterHeadersStatus::Continue; } FilterDataStatus ExampleContext::onRequestBody(size_t body_buffer_length, bool /* end_of_stream */) { auto body = getBufferBytes(WasmBufferType::HttpRequestBody, 0, body_buffer_length); LOG_ERROR(std::string("onRequestBody ") + std::string(body->view())); return FilterDataStatus::Continue; } FilterDataStatus ExampleContext::onResponseBody(size_t /* body_buffer_length */, bool /* end_of_stream */) { setBuffer(WasmBufferType::HttpResponseBody, 0, 3, "foo"); return FilterDataStatus::Continue; } void ExampleContext::onDone() { LOG_WARN(std::string("onDone " + std::to_string(id()))); } void ExampleContext::onLog() { LOG_WARN(std::string("onLog " + std::to_string(id()))); } void ExampleContext::onDelete() { LOG_WARN(std::string("onDelete " + std::to_string(id()))); } ================================================ FILE: examples/wasm/verify.sh ================================================ #!/bin/bash -e export NAME=wasm # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test connection" responds_with \ foo \ http://localhost:8000 run_log "Test header" responds_with_header \ "newheader: newheadervalue" \ http://localhost:8000 ================================================ FILE: examples/zipkin-tracing/Dockerfile-frontenvoy ================================================ FROM envoyproxy/envoy-dev:latest RUN apt-get update && apt-get -q install -y \ curl COPY ./front-envoy-zipkin.yaml /etc/front-envoy.yaml RUN chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] ================================================ FILE: examples/zipkin-tracing/README.md ================================================ To learn about this sandbox and for instructions on how to run it please head over to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/zipkin_tracing) ================================================ FILE: examples/zipkin-tracing/docker-compose.yaml ================================================ version: "3.7" services: front-envoy: build: context: . dockerfile: Dockerfile-frontenvoy networks: - envoymesh expose: - "8000" - "8001" ports: - "8000:8000" - "8001:8001" service1: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - ./service1-envoy-zipkin.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service1 environment: - SERVICE_NAME=1 expose: - "8000" service2: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - ./service2-envoy-zipkin.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - service2 environment: - SERVICE_NAME=2 expose: - "8000" zipkin: image: openzipkin/zipkin networks: envoymesh: aliases: - zipkin expose: - "9411" ports: - "9411:9411" networks: envoymesh: {} ================================================ FILE: examples/zipkin-tracing/front-envoy-zipkin.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager generate_request_id: true tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v2/spans" collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/" route: cluster: service1 decorator: operation: checkAvailability response_headers_to_add: - header: key: "x-b3-traceid" value: "%REQ(x-b3-traceid)%" - header: key: "x-request-id" value: "%REQ(x-request-id)%" http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: service1 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 8000 - name: zipkin connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: zipkin endpoints: - lb_endpoints: - endpoint: address: socket_address: address: zipkin port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/zipkin-tracing/service1-envoy-zipkin.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v2/spans" collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: service1_route virtual_hosts: - name: service1 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkAvailability http_filters: - name: envoy.filters.http.router typed_config: {} - address: socket_address: address: 0.0.0.0 port_value: 9000 traffic_direction: OUTBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v2/spans" collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: egress_http route_config: name: service2_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/trace/2" route: cluster: service2 decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: service2 connect_timeout: 0.250s type: strict_dns lb_policy: round_robin http2_protocol_options: {} load_assignment: cluster_name: service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 8000 - name: zipkin connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: zipkin endpoints: - lb_endpoints: - endpoint: address: socket_address: address: zipkin port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/zipkin-tracing/service2-envoy-zipkin.yaml ================================================ static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 traffic_direction: INBOUND filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager tracing: provider: name: envoy.tracers.zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v2/spans" collector_endpoint_version: HTTP_JSON codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service2 domains: - "*" routes: - match: prefix: "/" route: cluster: local_service decorator: operation: checkStock http_filters: - name: envoy.filters.http.router typed_config: {} clusters: - name: local_service connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: zipkin connect_timeout: 1s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: zipkin endpoints: - lb_endpoints: - endpoint: address: socket_address: address: zipkin port_value: 9411 admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 8001 ================================================ FILE: examples/zipkin-tracing/verify.sh ================================================ #!/bin/bash -e export NAME=zipkin # shellcheck source=examples/verify-common.sh . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" run_log "Test connection" responds_with \ "Hello from behind Envoy (service 1)!" \ http://localhost:8000/trace/1 run_log "Test dashboard" # this could do with using the healthcheck and waiting sleep 20 responds_with \ "" \ http://localhost:9411/zipkin/ ================================================ FILE: generated_api_shadow/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "protos", visibility = ["//visibility:public"], deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/admin/v3:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/api/v2/listener:pkg", "//envoy/api/v2/ratelimit:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/accesslog/v2:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/aggregate/v2alpha:pkg", "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/cluster/redis:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/config/filter/http/admission_control/v2alpha:pkg", "//envoy/config/filter/http/buffer/v2:pkg", "//envoy/config/filter/http/compressor/v2:pkg", "//envoy/config/filter/http/cors/v2:pkg", "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/config/filter/http/dynamo/v2:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "//envoy/config/filter/http/grpc_web/v2:pkg", "//envoy/config/filter/http/gzip/v2:pkg", "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/filter/http/lua/v2:pkg", "//envoy/config/filter/http/on_demand/v2:pkg", "//envoy/config/filter/http/original_src/v2alpha1:pkg", "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/filter/http/router/v2:pkg", "//envoy/config/filter/http/squash/v2:pkg", "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/config/filter/http/transcoder/v2:pkg", "//envoy/config/filter/listener/http_inspector/v2:pkg", "//envoy/config/filter/listener/original_dst/v2:pkg", "//envoy/config/filter/listener/original_src/v2alpha1:pkg", "//envoy/config/filter/listener/proxy_protocol/v2:pkg", "//envoy/config/filter/listener/tls_inspector/v2:pkg", "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/filter/network/echo/v2:pkg", "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", "//envoy/config/filter/network/rocketmq_proxy/v3:pkg", "//envoy/config/filter/network/sni_cluster/v2:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "//envoy/config/grpc_credential/v2alpha:pkg", "//envoy/config/grpc_credential/v3:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/config/listener/v3:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/config/overload/v2alpha:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/ratelimit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/config/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", "//envoy/config/retry/omit_host_metadata/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", "//envoy/config/retry/previous_priorities:pkg", "//envoy/config/route/v3:pkg", "//envoy/config/tap/v3:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "//envoy/config/trace/v3:pkg", "//envoy/config/transport_socket/alts/v2alpha:pkg", "//envoy/config/transport_socket/raw_buffer/v2:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/data/cluster/v2alpha:pkg", "//envoy/data/core/v2alpha:pkg", "//envoy/data/core/v3:pkg", "//envoy/data/tap/v2alpha:pkg", "//envoy/data/tap/v3:pkg", "//envoy/extensions/access_loggers/file/v3:pkg", "//envoy/extensions/access_loggers/grpc/v3:pkg", "//envoy/extensions/clusters/aggregate/v3:pkg", "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/clusters/redis/v3:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "//envoy/extensions/common/tap/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/compressor/v3:pkg", "//envoy/extensions/filters/http/cors/v3:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/filters/http/dynamo/v3:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", "//envoy/extensions/filters/http/fault/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg", "//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg", "//envoy/extensions/filters/http/grpc_stats/v3:pkg", "//envoy/extensions/filters/http/grpc_web/v3:pkg", "//envoy/extensions/filters/http/gzip/v3:pkg", "//envoy/extensions/filters/http/header_to_metadata/v3:pkg", "//envoy/extensions/filters/http/health_check/v3:pkg", "//envoy/extensions/filters/http/ip_tagging/v3:pkg", "//envoy/extensions/filters/http/jwt_authn/v3:pkg", "//envoy/extensions/filters/http/lua/v3:pkg", "//envoy/extensions/filters/http/on_demand/v3:pkg", "//envoy/extensions/filters/http/original_src/v3:pkg", "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/listener/http_inspector/v3:pkg", "//envoy/extensions/filters/listener/original_dst/v3:pkg", "//envoy/extensions/filters/listener/original_src/v3:pkg", "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", "//envoy/extensions/filters/network/echo/v3:pkg", "//envoy/extensions/filters/network/ext_authz/v3:pkg", "//envoy/extensions/filters/network/http_connection_manager/v3:pkg", "//envoy/extensions/filters/network/kafka_broker/v3:pkg", "//envoy/extensions/filters/network/local_ratelimit/v3:pkg", "//envoy/extensions/filters/network/mongo_proxy/v3:pkg", "//envoy/extensions/filters/network/mysql_proxy/v3:pkg", "//envoy/extensions/filters/network/ratelimit/v3:pkg", "//envoy/extensions/filters/network/rbac/v3:pkg", "//envoy/extensions/filters/network/redis_proxy/v3:pkg", "//envoy/extensions/filters/network/sni_cluster/v3:pkg", "//envoy/extensions/filters/network/tcp_proxy/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg", "//envoy/extensions/filters/network/thrift_proxy/v3:pkg", "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/raw_buffer/v3:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/extensions/wasm/v3:pkg", "//envoy/service/accesslog/v2:pkg", "//envoy/service/accesslog/v3:pkg", "//envoy/service/auth/v2:pkg", "//envoy/service/auth/v3:pkg", "//envoy/service/cluster/v3:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/discovery/v3:pkg", "//envoy/service/endpoint/v3:pkg", "//envoy/service/health/v3:pkg", "//envoy/service/listener/v3:pkg", "//envoy/service/load_stats/v2:pkg", "//envoy/service/load_stats/v3:pkg", "//envoy/service/metrics/v2:pkg", "//envoy/service/metrics/v3:pkg", "//envoy/service/ratelimit/v2:pkg", "//envoy/service/ratelimit/v3:pkg", "//envoy/service/route/v3:pkg", "//envoy/service/runtime/v3:pkg", "//envoy/service/secret/v3:pkg", "//envoy/service/status/v2:pkg", "//envoy/service/status/v3:pkg", "//envoy/service/tap/v2alpha:pkg", "//envoy/service/tap/v3:pkg", "//envoy/service/trace/v2:pkg", "//envoy/service/trace/v3:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/metadata/v2:pkg", "//envoy/type/tracing/v2:pkg", "//envoy/type/v3:pkg", ], ) ================================================ FILE: generated_api_shadow/README.md ================================================ This directory is for generated Envoy internal artifacts (via `proto_format`). Do not hand edit any file under `envoy/`. This shadow API may only be used in the Envoy source tree. The `bazel/` tree is a symlink back to the official API Bazel rules. ================================================ FILE: generated_api_shadow/bazel/BUILD ================================================ load("@io_bazel_rules_go//proto:compiler.bzl", "go_proto_compiler") licenses(["notice"]) # Apache 2 go_proto_compiler( name = "pgv_plugin_go", options = ["lang=go"], plugin = "@com_envoyproxy_protoc_gen_validate//:protoc-gen-validate", suffix = ".pb.validate.go", valid_archive = False, visibility = ["//visibility:public"], ) ================================================ FILE: generated_api_shadow/bazel/api_build_system.bzl ================================================ load("@rules_cc//cc:defs.bzl", "cc_test") load("@com_envoyproxy_protoc_gen_validate//bazel:pgv_proto_library.bzl", "pgv_cc_proto_library") load("@com_github_grpc_grpc//bazel:cc_grpc_library.bzl", "cc_grpc_library") load("@com_google_protobuf//:protobuf.bzl", _py_proto_library = "py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") load("@io_bazel_rules_go//go:def.bzl", "go_test") load("@rules_proto//proto:defs.bzl", "proto_library") load( "//bazel:external_proto_deps.bzl", "EXTERNAL_PROTO_CC_BAZEL_DEP_MAP", "EXTERNAL_PROTO_GO_BAZEL_DEP_MAP", "EXTERNAL_PROTO_PY_BAZEL_DEP_MAP", ) _PY_PROTO_SUFFIX = "_py_proto" _CC_PROTO_SUFFIX = "_cc_proto" _CC_GRPC_SUFFIX = "_cc_grpc" _GO_PROTO_SUFFIX = "_go_proto" _GO_IMPORTPATH_PREFIX = "github.com/envoyproxy/go-control-plane/" _COMMON_PROTO_DEPS = [ "@com_google_protobuf//:any_proto", "@com_google_protobuf//:descriptor_proto", "@com_google_protobuf//:duration_proto", "@com_google_protobuf//:empty_proto", "@com_google_protobuf//:struct_proto", "@com_google_protobuf//:timestamp_proto", "@com_google_protobuf//:wrappers_proto", "@com_google_googleapis//google/api:http_proto", "@com_google_googleapis//google/api:httpbody_proto", "@com_google_googleapis//google/api:annotations_proto", "@com_google_googleapis//google/rpc:status_proto", "@com_envoyproxy_protoc_gen_validate//validate:validate_proto", ] def _proto_mapping(dep, proto_dep_map, proto_suffix): mapped = proto_dep_map.get(dep) if mapped == None: prefix = "@" + Label(dep).workspace_name if not dep.startswith("//") else "" return prefix + "//" + Label(dep).package + ":" + Label(dep).name + proto_suffix return mapped def _go_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_GO_BAZEL_DEP_MAP, _GO_PROTO_SUFFIX) def _cc_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_CC_BAZEL_DEP_MAP, _CC_PROTO_SUFFIX) def _py_proto_mapping(dep): return _proto_mapping(dep, EXTERNAL_PROTO_PY_BAZEL_DEP_MAP, _PY_PROTO_SUFFIX) # TODO(htuch): Convert this to native py_proto_library once # https://github.com/bazelbuild/bazel/issues/3935 and/or # https://github.com/bazelbuild/bazel/issues/2626 are resolved. def _api_py_proto_library(name, srcs = [], deps = []): _py_proto_library( name = name + _PY_PROTO_SUFFIX, srcs = srcs, default_runtime = "@com_google_protobuf//:protobuf_python", protoc = "@com_google_protobuf//:protoc", deps = [_py_proto_mapping(dep) for dep in deps] + [ "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_google_googleapis//google/rpc:status_py_proto", "@com_google_googleapis//google/api:annotations_py_proto", "@com_google_googleapis//google/api:http_py_proto", "@com_google_googleapis//google/api:httpbody_py_proto", ], visibility = ["//visibility:public"], ) # This defines googleapis py_proto_library. The repository does not provide its definition and requires # overriding it in the consuming project (see https://github.com/grpc/grpc/issues/19255 for more details). def py_proto_library(name, deps = [], plugin = None): srcs = [dep[:-6] + ".proto" if dep.endswith("_proto") else dep for dep in deps] proto_deps = [] # py_proto_library in googleapis specifies *_proto rules in dependencies. # By rewriting *_proto to *.proto above, the dependencies in *_proto rules are not preserved. # As a workaround, manually specify the proto dependencies for the imported python rules. if name == "annotations_py_proto": proto_deps = proto_deps + [":http_py_proto"] # checked.proto depends on syntax.proto, we have to add this dependency manually as well. if name == "checked_py_proto": proto_deps = proto_deps + [":syntax_py_proto"] # py_proto_library does not support plugin as an argument yet at gRPC v1.25.0: # https://github.com/grpc/grpc/blob/v1.25.0/bazel/python_rules.bzl#L72. # plugin should also be passed in here when gRPC version is greater than v1.25.x. _py_proto_library( name = name, srcs = srcs, default_runtime = "@com_google_protobuf//:protobuf_python", protoc = "@com_google_protobuf//:protoc", deps = proto_deps + ["@com_google_protobuf//:protobuf_python"], visibility = ["//visibility:public"], ) def _api_cc_grpc_library(name, proto, deps = []): cc_grpc_library( name = name, srcs = [proto], deps = deps, proto_only = False, grpc_only = True, visibility = ["//visibility:public"], ) def api_cc_py_proto_library( name, visibility = ["//visibility:private"], srcs = [], deps = [], linkstatic = 0, has_services = 0): relative_name = ":" + name proto_library( name = name, srcs = srcs, deps = deps + _COMMON_PROTO_DEPS, visibility = visibility, ) cc_proto_library_name = name + _CC_PROTO_SUFFIX pgv_cc_proto_library( name = cc_proto_library_name, linkstatic = linkstatic, cc_deps = [_cc_proto_mapping(dep) for dep in deps] + [ "@com_google_googleapis//google/api:http_cc_proto", "@com_google_googleapis//google/api:httpbody_cc_proto", "@com_google_googleapis//google/api:annotations_cc_proto", "@com_google_googleapis//google/rpc:status_cc_proto", ], deps = [relative_name], visibility = ["//visibility:public"], ) _api_py_proto_library(name, srcs, deps) # Optionally define gRPC services if has_services: # TODO: when Python services are required, add to the below stub generations. cc_grpc_name = name + _CC_GRPC_SUFFIX cc_proto_deps = [cc_proto_library_name] + [_cc_proto_mapping(dep) for dep in deps] _api_cc_grpc_library(name = cc_grpc_name, proto = relative_name, deps = cc_proto_deps) def api_cc_test(name, **kwargs): cc_test( name = name, **kwargs ) def api_go_test(name, **kwargs): go_test( name = name, **kwargs ) def api_proto_package( name = "pkg", srcs = [], deps = [], has_services = False, visibility = ["//visibility:public"]): if srcs == []: srcs = native.glob(["*.proto"]) name = "pkg" api_cc_py_proto_library( name = name, visibility = visibility, srcs = srcs, deps = deps, has_services = has_services, ) compilers = ["@io_bazel_rules_go//proto:go_proto", "@envoy_api//bazel:pgv_plugin_go"] if has_services: compilers = ["@io_bazel_rules_go//proto:go_grpc", "@envoy_api//bazel:pgv_plugin_go"] # Because RBAC proro depends on googleapis syntax.proto and checked.proto, # which share the same go proto library, it causes duplicative dependencies. # Thus, we use depset().to_list() to remove duplicated depenencies. go_proto_library( name = name + _GO_PROTO_SUFFIX, compilers = compilers, importpath = _GO_IMPORTPATH_PREFIX + native.package_name(), proto = name, visibility = ["//visibility:public"], deps = depset([_go_proto_mapping(dep) for dep in deps] + [ "@com_github_golang_protobuf//ptypes:go_default_library", "@com_github_golang_protobuf//ptypes/any:go_default_library", "@com_github_golang_protobuf//ptypes/duration:go_default_library", "@com_github_golang_protobuf//ptypes/struct:go_default_library", "@com_github_golang_protobuf//ptypes/timestamp:go_default_library", "@com_github_golang_protobuf//ptypes/wrappers:go_default_library", "@com_envoyproxy_protoc_gen_validate//validate:go_default_library", "@com_google_googleapis//google/api:annotations_go_proto", "@com_google_googleapis//google/rpc:status_go_proto", ]).to_list(), ) ================================================ FILE: generated_api_shadow/bazel/envoy_http_archive.bzl ================================================ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") def envoy_http_archive(name, locations, **kwargs): # `existing_rule_keys` contains the names of repositories that have already # been defined in the Bazel workspace. By skipping repos with existing keys, # users can override dependency versions by using standard Bazel repository # rules in their WORKSPACE files. existing_rule_keys = native.existing_rules().keys() if name in existing_rule_keys: # This repository has already been defined, probably because the user # wants to override the version. Do nothing. return loc_key = kwargs.pop("repository_key", name) location = locations[loc_key] # HTTP tarball at a given URL. Add a BUILD file if requested. http_archive( name = name, urls = location["urls"], sha256 = location["sha256"], strip_prefix = location.get("strip_prefix", ""), **kwargs ) ================================================ FILE: generated_api_shadow/bazel/external_proto_deps.bzl ================================================ # Any external dependency imported in the api/ .protos requires entries in # the maps below, to allow the Bazel proto and language specific bindings to be # inferred from the import directives. # # This file needs to be interpreted as both Python 3 and Starlark, so only the # common subset of Python should be used. # This maps from .proto import directive path to the Bazel dependency path for # external dependencies. Since BUILD files are generated, this is the canonical # place to define this mapping. EXTERNAL_PROTO_IMPORT_BAZEL_DEP_MAP = { "google/api/expr/v1alpha1/checked.proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "google/api/expr/v1alpha1/syntax.proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", "metrics.proto": "@prometheus_metrics_model//:client_model", "opencensus/proto/trace/v1/trace.proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", "opencensus/proto/trace/v1/trace_config.proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", } # This maps from the Bazel proto_library target to the Go language binding target for external dependencies. EXTERNAL_PROTO_GO_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:expr_go_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:expr_go_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_go", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_and_config_proto_go", } # This maps from the Bazel proto_library target to the C++ language binding target for external dependencies. EXTERNAL_PROTO_CC_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_cc_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_cc_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_cc", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto_cc", } # This maps from the Bazel proto_library target to the Python language binding target for external dependencies. EXTERNAL_PROTO_PY_BAZEL_DEP_MAP = { "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto": "@com_google_googleapis//google/api/expr/v1alpha1:checked_py_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto": "@com_google_googleapis//google/api/expr/v1alpha1:syntax_py_proto", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_proto_py", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto": "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto_py", } ================================================ FILE: generated_api_shadow/bazel/repositories.bzl ================================================ load(":envoy_http_archive.bzl", "envoy_http_archive") load(":repository_locations.bzl", "REPOSITORY_LOCATIONS") def api_dependencies(): envoy_http_archive( "bazel_skylib", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( "com_envoyproxy_protoc_gen_validate", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_google_googleapis", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_github_cncf_udpa", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "prometheus_metrics_model", locations = REPOSITORY_LOCATIONS, build_file_content = PROMETHEUSMETRICS_BUILD_CONTENT, ) envoy_http_archive( name = "opencensus_proto", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "rules_proto", locations = REPOSITORY_LOCATIONS, ) envoy_http_archive( name = "com_github_openzipkin_zipkinapi", locations = REPOSITORY_LOCATIONS, build_file_content = ZIPKINAPI_BUILD_CONTENT, ) PROMETHEUSMETRICS_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "client_model", srcs = [ "metrics.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "client_model_go_proto", importpath = "github.com/prometheus/client_model/go", proto = ":client_model", visibility = ["//visibility:public"], ) """ OPENCENSUSTRACE_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "trace_model", srcs = [ "trace.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "trace_model_go_proto", importpath = "trace_model", proto = ":trace_model", visibility = ["//visibility:public"], ) """ ZIPKINAPI_BUILD_CONTENT = """ load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") api_cc_py_proto_library( name = "zipkin", srcs = [ "zipkin-jsonv2.proto", "zipkin.proto", ], visibility = ["//visibility:public"], ) go_proto_library( name = "zipkin_go_proto", proto = ":zipkin", visibility = ["//visibility:public"], ) """ ================================================ FILE: generated_api_shadow/bazel/repository_locations.bzl ================================================ DEPENDENCY_REPOSITORIES_SPEC = dict( bazel_skylib = dict( project_name = "bazel-skylib", project_desc = "Common useful functions and rules for Bazel", project_url = "https://github.com/bazelbuild/bazel-skylib", version = "1.0.3", sha256 = "1c531376ac7e5a180e0237938a2536de0c54d93f5c278634818e0efc952dd56c", urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], last_updated = "2020-08-27", use_category = ["api"], ), com_envoyproxy_protoc_gen_validate = dict( project_name = "protoc-gen-validate (PGV)", project_desc = "protoc plugin to generate polyglot message validators", project_url = "https://github.com/envoyproxy/protoc-gen-validate", version = "278964a8052f96a2f514add0298098f63fb7f47f", sha256 = "e368733c9fb7f8489591ffaf269170d7658cc0cd1ee322b601512b769446d3c8", strip_prefix = "protoc-gen-validate-{version}", urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/{version}.tar.gz"], last_updated = "2020-06-09", use_category = ["api"], ), com_github_cncf_udpa = dict( project_name = "Universal Data Plane API", project_desc = "Universal Data Plane API Working Group (UDPA-WG)", project_url = "https://github.com/cncf/udpa", version = "0.0.1", sha256 = "83a7dcc316d741031f34c0409021432b74a39c4811845a177133f02f948fe2d8", strip_prefix = "udpa-{version}", urls = ["https://github.com/cncf/udpa/archive/v{version}.tar.gz"], last_updated = "2020-09-23", use_category = ["api"], ), com_github_openzipkin_zipkinapi = dict( project_name = "Zipkin API", project_desc = "Zipkin's language independent model and HTTP Api Definitions", project_url = "https://github.com/openzipkin/zipkin-api", version = "0.2.2", sha256 = "688c4fe170821dd589f36ec45aaadc03a618a40283bc1f97da8fa11686fc816b", strip_prefix = "zipkin-api-{version}", urls = ["https://github.com/openzipkin/zipkin-api/archive/{version}.tar.gz"], last_updated = "2020-09-23", use_category = ["api"], ), com_google_googleapis = dict( # TODO(dio): Consider writing a Starlark macro for importing Google API proto. project_name = "Google APIs", project_desc = "Public interface definitions of Google APIs", project_url = "https://github.com/googleapis/googleapis", version = "82944da21578a53b74e547774cf62ed31a05b841", sha256 = "a45019af4d3290f02eaeb1ce10990166978c807cb33a9692141a076ba46d1405", strip_prefix = "googleapis-{version}", urls = ["https://github.com/googleapis/googleapis/archive/{version}.tar.gz"], last_updated = "2019-12-02", use_category = ["api"], ), opencensus_proto = dict( project_name = "OpenCensus Proto", project_desc = "Language Independent Interface Types For OpenCensus", project_url = "https://github.com/census-instrumentation/opencensus-proto", version = "0.3.0", sha256 = "b7e13f0b4259e80c3070b583c2f39e53153085a6918718b1c710caf7037572b0", strip_prefix = "opencensus-proto-{version}/src", urls = ["https://github.com/census-instrumentation/opencensus-proto/archive/v{version}.tar.gz"], last_updated = "2020-06-20", use_category = ["api"], ), prometheus_metrics_model = dict( project_name = "Prometheus client model", project_desc = "Data model artifacts for Prometheus", project_url = "https://github.com/prometheus/client_model", version = "60555c9708c786597e6b07bf846d0dc5c2a46f54", sha256 = "6748b42f6879ad4d045c71019d2512c94be3dd86f60965e9e31e44a3f464323e", strip_prefix = "client_model-{version}", urls = ["https://github.com/prometheus/client_model/archive/{version}.tar.gz"], last_updated = "2020-06-23", use_category = ["api"], ), rules_proto = dict( project_name = "Protobuf Rules for Bazel", project_desc = "Protocol buffer rules for Bazel", project_url = "https://github.com/bazelbuild/rules_proto", version = "40298556293ae502c66579620a7ce867d5f57311", sha256 = "aa1ee19226f707d44bee44c720915199c20c84a23318bb0597ed4e5c873ccbd5", strip_prefix = "rules_proto-{version}", urls = ["https://github.com/bazelbuild/rules_proto/archive/{version}.tar.gz"], last_updated = "2020-08-17", use_category = ["api"], ), ) def _format_version(s, version): return s.format(version = version, dash_version = version.replace(".", "-"), underscore_version = version.replace(".", "_")) # Interpolate {version} in the above dependency specs. This code should be capable of running in both Python # and Starlark. def _dependency_repositories(): locations = {} for key, location in DEPENDENCY_REPOSITORIES_SPEC.items(): mutable_location = dict(location) locations[key] = mutable_location # Fixup with version information. if "version" in location: if "strip_prefix" in location: mutable_location["strip_prefix"] = _format_version(location["strip_prefix"], location["version"]) mutable_location["urls"] = [_format_version(url, location["version"]) for url in location["urls"]] return locations REPOSITORY_LOCATIONS = _dependency_repositories() ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/service/tap/v2alpha:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 7] message CertificateDetails { // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; } message SubjectAlternateName { // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/admin/v2alpha/metrics.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/type/percent.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 6] message ClusterStatus { // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.Percent local_origin_success_rate_ejection_threshold = 5; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { // Address of this host. api.v2.core.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.Percent local_origin_success_rate = 8; // locality of the host. api.v2.core.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] api.v2.core.HealthStatus eds_health_status = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/config/bootstrap/v2/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { config.bootstrap.v2.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { // Describes a statically loaded listener. message StaticListener { // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { // Describes a statically loaded cluster. message StaticCluster { // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { message StaticRouteConfig { // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { message InlineScopedRouteConfigs { // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/api/v2/core/address.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. api.v2.core.Address local_address = 2; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 7] message ServerInfo { enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; } // [#next-free-field: 29] message CommandLineOptions { enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } reserved 12; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // max_stats and max_obj_name_len are now unused and have no effect. uint64 max_stats = 20 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; uint64 max_obj_name_len = 21 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; } ================================================ FILE: generated_api_shadow/envoy/admin/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v2alpha; import "envoy/service/tap/v2alpha/common.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_bytes: 1}]; // The tap configuration to load. service.tap.v2alpha.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/annotations:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/tap/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/admin/v3/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificates"; // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificate"; // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 8] message CertificateDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.CertificateDetails"; message OcspDetails { // Indicates the time from which the OCSP response is valid. google.protobuf.Timestamp valid_from = 1; // Indicates the time at which the OCSP response expires. google.protobuf.Timestamp expiration = 2; } // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; // Details related to the OCSP response associated with this certificate, if any. OcspDetails ocsp_details = 7; } message SubjectAlternateName { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SubjectAlternateName"; // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: generated_api_shadow/envoy/admin/v3/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/admin/v3/metrics.proto"; import "envoy/config/cluster/v3/circuit_breaker.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/type/v3/percent.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Clusters"; // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 7] message ClusterStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClusterStatus"; // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent local_origin_success_rate_ejection_threshold = 5; // :ref:`Circuit breaking ` settings of the cluster. config.cluster.v3.CircuitBreakers circuit_breakers = 6; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.HostStatus"; // Address of this host. config.core.v3.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent local_origin_success_rate = 8; // locality of the host. config.core.v3.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.HostHealthStatus"; // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] config.core.v3.HealthStatus eds_health_status = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/bootstrap/v3/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ConfigDump"; // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *endpoints*: :ref:`EndpointsConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // EDS Configuration will only be dumped by using parameter `?include_eds` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.UpdateFailureState"; // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.BootstrapConfigDump"; config.bootstrap.v3.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump"; // Describes a statically loaded listener. message StaticListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.StaticListener"; // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.DynamicListenerState"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenersConfigDump.DynamicListener"; // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump"; // Describes a statically loaded cluster. message StaticCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump.StaticCluster"; // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ClustersConfigDump.DynamicCluster"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump"; message StaticRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump.StaticRouteConfig"; // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.RoutesConfigDump.DynamicRouteConfig"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump"; message InlineScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump.InlineScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ScopedRoutesConfigDump.DynamicScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump"; // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump.DynamicSecret"; // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SecretsConfigDump.StaticSecret"; // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } // Envoy's admin fill this message with all currently known endpoints. Endpoint // configuration information can be used to recreate an Envoy configuration by populating all // endpoints as static endpoints or by returning them in an EDS response. message EndpointsConfigDump { message StaticEndpointConfig { // The endpoint config. google.protobuf.Any endpoint_config = 1; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicEndpointConfig { // [#not-implemented-hide:] This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the endpoint configuration was loaded. string version_info = 1; // The endpoint config. google.protobuf.Any endpoint_config = 2; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded endpoint configs. repeated StaticEndpointConfig static_endpoint_configs = 2; // The dynamically loaded endpoint configs. repeated DynamicEndpointConfig dynamic_endpoint_configs = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/init_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "InitDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: InitDump] // Dumps of unready targets of envoy init managers. Envoy's admin fills this message with init managers, // which provides the information of their unready targets. // The :ref:`/init_dump ` will dump all unready targets information. message UnreadyTargetsDumps { // Message of unready targets information of an init manager. message UnreadyTargetsDump { // Name of the init manager. Example: "init_manager_xxx". string name = 1; // Names of unready targets of the init manager. Example: "target_xxx". repeated string target_names = 2; } // You can choose specific component to dump unready targets with mask query parameter. // See :ref:`/init_dump?mask={} ` for more information. // The dumps of unready targets of all init managers. repeated UnreadyTargetsDump unready_targets_dumps = 1; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/core/v3/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Listeners"; // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ListenerStatus"; // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. config.core.v3.Address local_address = 2; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Memory"; // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SimpleMetric"; enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.MutexStats"; // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 8] message ServerInfo { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.ServerInfo"; enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; // Populated node identity of this server. config.core.v3.Node node = 7; } // [#next-free-field: 37] message CommandLineOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.CommandLineOptions"; enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } enum DrainStrategy { // Gradually discourage connections over the course of the drain period. Gradual = 0; // Discourage all connections for the duration of the drain sequence. Immediate = 1; } reserved 12; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--use-dynamic-base-id` for details. bool use_dynamic_base_id = 31; // See :option:`--base-id-path` for details. string base_id_path = 32; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--ignore-unknown-dynamic-fields` for details. bool ignore_unknown_dynamic_fields = 30; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--drain-strategy` for details. DrainStrategy drain_strategy = 33; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; // See :option:`--bootstrap-version` for details. uint32 bootstrap_version = 29; // See :option:`--enable-fine-grain-logging` for details. bool enable_fine_grain_logging = 34; // See :option:`--socket-path` for details. string socket_path = 35; // See :option:`--socket-mode` for details. uint32 socket_mode = 36; uint64 hidden_envoy_deprecated_max_stats = 20 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; uint64 hidden_envoy_deprecated_max_obj_name_len = 21 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } ================================================ FILE: generated_api_shadow/envoy/admin/v3/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v3; import "envoy/config/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.TapRequest"; // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_len: 1}]; // The tap configuration to load. config.tap.v3.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/admin/v3:pkg", "//envoy/annotations:pkg", "//envoy/config/bootstrap/v4alpha:pkg", "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/tap/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/certs.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Certificates"; // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Certificate"; // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 8] message CertificateDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CertificateDetails"; message OcspDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CertificateDetails.OcspDetails"; // Indicates the time from which the OCSP response is valid. google.protobuf.Timestamp valid_from = 1; // Indicates the time at which the OCSP response expires. google.protobuf.Timestamp expiration = 2; } // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; // Details related to the OCSP response associated with this certificate, if any. OcspDetails ocsp_details = 7; } message SubjectAlternateName { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SubjectAlternateName"; // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/clusters.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/admin/v4alpha/metrics.proto"; import "envoy/config/cluster/v4alpha/circuit_breaker.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/type/v3/percent.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ClustersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Clusters] // Admin endpoint uses this wrapper for `/clusters` to display cluster status information. // See :ref:`/clusters ` for more information. message Clusters { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Clusters"; // Mapping from cluster name to each cluster's status. repeated ClusterStatus cluster_statuses = 1; } // Details an individual cluster's current status. // [#next-free-field: 7] message ClusterStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClusterStatus"; // Name of the cluster. string name = 1; // Denotes whether this cluster was added via API or configured statically. bool added_via_api = 2; // The success rate threshold used in the last interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used to calculate the threshold. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used to calculate the threshold. // The threshold is used to eject hosts based on their success rate. See // :ref:`Cluster outlier detection ` documentation for details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent success_rate_ejection_threshold = 3; // Mapping from host address to the host's current status. repeated HostStatus host_statuses = 4; // The success rate threshold used in the last interval when only locally originated failures were // taken into account and externally originated errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. The threshold is used to eject hosts based on their success rate. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: this field may be omitted in any of the three following cases: // // 1. There were not enough hosts with enough request volume to proceed with success rate based // outlier ejection. // 2. The threshold is computed to be < 0 because a negative value implies that there was no // threshold for that interval. // 3. Outlier detection is not enabled for this cluster. type.v3.Percent local_origin_success_rate_ejection_threshold = 5; // :ref:`Circuit breaking ` settings of the cluster. config.cluster.v4alpha.CircuitBreakers circuit_breakers = 6; } // Current state of a particular host. // [#next-free-field: 10] message HostStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.HostStatus"; // Address of this host. config.core.v4alpha.Address address = 1; // List of stats specific to this host. repeated SimpleMetric stats = 2; // The host's current health status. HostHealthStatus health_status = 3; // Request success rate for this host over the last calculated interval. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors: externally and locally generated were used in success rate // calculation. If // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*, only externally generated errors were used in success rate calculation. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent success_rate = 4; // The host's weight. If not configured, the value defaults to 1. uint32 weight = 5; // The hostname of the host, if applicable. string hostname = 6; // The host's priority. If not configured, the value defaults to 0 (highest priority). uint32 priority = 7; // Request success rate for this host over the last calculated // interval when only locally originated errors are taken into account and externally originated // errors were treated as success. // This field should be interpreted only when // :ref:`outlier_detection.split_external_local_origin_errors` // is *true*. // See :ref:`Cluster outlier detection ` documentation for // details. // // Note: the message will not be present if host did not have enough request volume to calculate // success rate or the cluster did not have enough hosts to run through success rate outlier // ejection. type.v3.Percent local_origin_success_rate = 8; // locality of the host. config.core.v4alpha.Locality locality = 9; } // Health status for a host. // [#next-free-field: 7] message HostHealthStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.HostHealthStatus"; // The host is currently failing active health checks. bool failed_active_health_check = 1; // The host is currently considered an outlier and has been ejected. bool failed_outlier_check = 2; // The host is currently being marked as degraded through active health checking. bool failed_active_degraded_check = 4; // The host has been removed from service discovery, but is being stabilized due to active // health checking. bool pending_dynamic_removal = 5; // The host has not yet been health checked. bool pending_active_hc = 6; // Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported // here. // [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.] config.core.v4alpha.HealthStatus eds_health_status = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/config_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/bootstrap/v4alpha/bootstrap.proto"; import "google/protobuf/any.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ConfigDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: ConfigDump] // The :ref:`/config_dump ` admin endpoint uses this wrapper // message to maintain and serve arbitrary configuration information from any component in Envoy. message ConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ConfigDump"; // This list is serialized and dumped in its entirety at the // :ref:`/config_dump ` endpoint. // // The following configurations are currently supported and will be dumped in the order given // below: // // * *bootstrap*: :ref:`BootstrapConfigDump ` // * *clusters*: :ref:`ClustersConfigDump ` // * *endpoints*: :ref:`EndpointsConfigDump ` // * *listeners*: :ref:`ListenersConfigDump ` // * *routes*: :ref:`RoutesConfigDump ` // // EDS Configuration will only be dumped by using parameter `?include_eds` // // You can filter output with the resource and mask query parameters. // See :ref:`/config_dump?resource={} `, // :ref:`/config_dump?mask={} `, // or :ref:`/config_dump?resource={},mask={} // ` for more information. repeated google.protobuf.Any configs = 1; } message UpdateFailureState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UpdateFailureState"; // What the component configuration would have been if the update had succeeded. google.protobuf.Any failed_configuration = 1; // Time of the latest failed update attempt. google.protobuf.Timestamp last_update_attempt = 2; // Details about the last failed update attempt. string details = 3; } // This message describes the bootstrap configuration that Envoy was started with. This includes // any CLI overrides that were merged. Bootstrap configuration information can be used to recreate // the static portions of an Envoy configuration by reusing the output as the bootstrap // configuration for another Envoy. message BootstrapConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.BootstrapConfigDump"; config.bootstrap.v4alpha.Bootstrap bootstrap = 1; // The timestamp when the BootstrapConfig was last updated. google.protobuf.Timestamp last_updated = 2; } // Envoy's listener manager fills this message with all currently known listeners. Listener // configuration information can be used to recreate an Envoy configuration by populating all // listeners as static listeners or by returning them in a LDS response. message ListenersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump"; // Describes a statically loaded listener. message StaticListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.StaticListener"; // The listener config. google.protobuf.Any listener = 1; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 2; } message DynamicListenerState { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.DynamicListenerState"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the listener was loaded. In the future, discrete per-listener versions may be supported // by the API. string version_info = 1; // The listener config. google.protobuf.Any listener = 2; // The timestamp when the Listener was last successfully updated. google.protobuf.Timestamp last_updated = 3; } // Describes a dynamically loaded listener via the LDS API. // [#next-free-field: 6] message DynamicListener { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenersConfigDump.DynamicListener"; // The name or unique id of this listener, pulled from the DynamicListenerState config. string name = 1; // The listener state for any active listener by this name. // These are listeners that are available to service data plane traffic. DynamicListenerState active_state = 2; // The listener state for any warming listener by this name. // These are listeners that are currently undergoing warming in preparation to service data // plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the warming listeners should generally be discarded. DynamicListenerState warming_state = 3; // The listener state for any draining listener by this name. // These are listeners that are currently undergoing draining in preparation to stop servicing // data plane traffic. Note that if attempting to recreate an Envoy configuration from a // configuration dump, the draining listeners should generally be discarded. DynamicListenerState draining_state = 4; // Set if the last update failed, cleared after the next successful update. UpdateFailureState error_state = 5; } // This is the :ref:`version_info ` in the // last processed LDS discovery response. If there are only static bootstrap listeners, this field // will be "". string version_info = 1; // The statically loaded listener configs. repeated StaticListener static_listeners = 2; // State for any warming, active, or draining listeners. repeated DynamicListener dynamic_listeners = 3; } // Envoy's cluster manager fills this message with all currently known clusters. Cluster // configuration information can be used to recreate an Envoy configuration by populating all // clusters as static clusters or by returning them in a CDS response. message ClustersConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump"; // Describes a statically loaded cluster. message StaticCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump.StaticCluster"; // The cluster config. google.protobuf.Any cluster = 1; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 2; } // Describes a dynamically loaded cluster via the CDS API. message DynamicCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ClustersConfigDump.DynamicCluster"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time // that the cluster was loaded. In the future, discrete per-cluster versions may be supported by // the API. string version_info = 1; // The cluster config. google.protobuf.Any cluster = 2; // The timestamp when the Cluster was last updated. google.protobuf.Timestamp last_updated = 3; } // This is the :ref:`version_info ` in the // last processed CDS discovery response. If there are only static bootstrap clusters, this field // will be "". string version_info = 1; // The statically loaded cluster configs. repeated StaticCluster static_clusters = 2; // The dynamically loaded active clusters. These are clusters that are available to service // data plane traffic. repeated DynamicCluster dynamic_active_clusters = 3; // The dynamically loaded warming clusters. These are clusters that are currently undergoing // warming in preparation to service data plane traffic. Note that if attempting to recreate an // Envoy configuration from a configuration dump, the warming clusters should generally be // discarded. repeated DynamicCluster dynamic_warming_clusters = 4; } // Envoy's RDS implementation fills this message with all currently loaded routes, as described by // their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration // or defined inline while configuring listeners are separated from those configured dynamically via RDS. // Route configuration information can be used to recreate an Envoy configuration by populating all routes // as static routes or by returning them in RDS responses. message RoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump"; message StaticRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump.StaticRouteConfig"; // The route config. google.protobuf.Any route_config = 1; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig"; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the route configuration was loaded. string version_info = 1; // The route config. google.protobuf.Any route_config = 2; // The timestamp when the Route was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded route configs. repeated StaticRouteConfig static_route_configs = 2; // The dynamically loaded route configs. repeated DynamicRouteConfig dynamic_route_configs = 3; } // Envoy's scoped RDS implementation fills this message with all currently loaded route // configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both // the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the // dynamically obtained scopes via the SRDS API. message ScopedRoutesConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump"; message InlineScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 2; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 3; } message DynamicScopedRouteConfigs { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs"; // The name assigned to the scoped route configurations. string name = 1; // This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the scoped routes configuration was loaded. string version_info = 2; // The scoped route configurations. repeated google.protobuf.Any scoped_route_configs = 3; // The timestamp when the scoped route config set was last updated. google.protobuf.Timestamp last_updated = 4; } // The statically loaded scoped route configs. repeated InlineScopedRouteConfigs inline_scoped_route_configs = 1; // The dynamically loaded scoped route configs. repeated DynamicScopedRouteConfigs dynamic_scoped_route_configs = 2; } // Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS. message SecretsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump"; // DynamicSecret contains secret information fetched via SDS. message DynamicSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump.DynamicSecret"; // The name assigned to the secret. string name = 1; // This is the per-resource version information. string version_info = 2; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 3; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 4; } // StaticSecret specifies statically loaded secret in bootstrap. message StaticSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SecretsConfigDump.StaticSecret"; // The name assigned to the secret. string name = 1; // The timestamp when the secret was last updated. google.protobuf.Timestamp last_updated = 2; // The actual secret information. // Security sensitive information is redacted (replaced with "[redacted]") for // private keys and passwords in TLS certificates. google.protobuf.Any secret = 3; } // The statically loaded secrets. repeated StaticSecret static_secrets = 1; // The dynamically loaded active secrets. These are secrets that are available to service // clusters or listeners. repeated DynamicSecret dynamic_active_secrets = 2; // The dynamically loaded warming secrets. These are secrets that are currently undergoing // warming in preparation to service clusters or listeners. repeated DynamicSecret dynamic_warming_secrets = 3; } // Envoy's admin fill this message with all currently known endpoints. Endpoint // configuration information can be used to recreate an Envoy configuration by populating all // endpoints as static endpoints or by returning them in an EDS response. message EndpointsConfigDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump"; message StaticEndpointConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig"; // The endpoint config. google.protobuf.Any endpoint_config = 1; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 2; } message DynamicEndpointConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig"; // [#not-implemented-hide:] This is the per-resource version information. This version is currently taken from the // :ref:`version_info ` field at the time that // the endpoint configuration was loaded. string version_info = 1; // The endpoint config. google.protobuf.Any endpoint_config = 2; // [#not-implemented-hide:] The timestamp when the Endpoint was last updated. google.protobuf.Timestamp last_updated = 3; } // The statically loaded endpoint configs. repeated StaticEndpointConfig static_endpoint_configs = 2; // The dynamically loaded endpoint configs. repeated DynamicEndpointConfig dynamic_endpoint_configs = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/init_dump.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "InitDumpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: InitDump] // Dumps of unready targets of envoy init managers. Envoy's admin fills this message with init managers, // which provides the information of their unready targets. // The :ref:`/init_dump ` will dump all unready targets information. message UnreadyTargetsDumps { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UnreadyTargetsDumps"; // Message of unready targets information of an init manager. message UnreadyTargetsDump { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.UnreadyTargetsDumps.UnreadyTargetsDump"; // Name of the init manager. Example: "init_manager_xxx". string name = 1; // Names of unready targets of the init manager. Example: "target_xxx". repeated string target_names = 2; } // You can choose specific component to dump unready targets with mask query parameter. // See :ref:`/init_dump?mask={} ` for more information. // The dumps of unready targets of all init managers. repeated UnreadyTargetsDump unready_targets_dumps = 1; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/listeners.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ListenersProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listeners] // Admin endpoint uses this wrapper for `/listeners` to display listener status information. // See :ref:`/listeners ` for more information. message Listeners { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Listeners"; // List of listener statuses. repeated ListenerStatus listener_statuses = 1; } // Details an individual listener's current status. message ListenerStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ListenerStatus"; // Name of the listener string name = 1; // The actual local address that the listener is listening on. If a listener was configured // to listen on port 0, then this address has the port that was allocated by the OS. config.core.v4alpha.Address local_address = 2; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/memory.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MemoryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Memory] // Proto representation of the internal memory consumption of an Envoy instance. These represent // values extracted from an internal TCMalloc instance. For more information, see the section of the // docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html). // [#next-free-field: 7] message Memory { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.Memory"; // The number of bytes allocated by the heap for Envoy. This is an alias for // `generic.current_allocated_bytes`. uint64 allocated = 1; // The number of bytes reserved by the heap but not necessarily allocated. This is an alias for // `generic.heap_size`. uint64 heap_size = 2; // The number of bytes in free, unmapped pages in the page heap. These bytes always count towards // virtual memory usage, and depending on the OS, typically do not count towards physical memory // usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`. uint64 pageheap_unmapped = 3; // The number of bytes in free, mapped pages in the page heap. These bytes always count towards // virtual memory usage, and unless the underlying memory is swapped out by the OS, they also // count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`. uint64 pageheap_free = 4; // The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias // for `tcmalloc.current_total_thread_cache_bytes`. uint64 total_thread_cache = 5; // The number of bytes of the physical memory usage by the allocator. This is an alias for // `generic.total_physical_bytes`. uint64 total_physical_bytes = 6; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/metrics.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MetricsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics] // Proto representation of an Envoy Counter or Gauge value. message SimpleMetric { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.SimpleMetric"; enum Type { COUNTER = 0; GAUGE = 1; } // Type of the metric represented. Type type = 1; // Current metric value. uint64 value = 2; // Name of the metric. string name = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/mutex_stats.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "MutexStatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: MutexStats] // Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run // under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex` // [docs](https://abseil.io/about/design/mutex#extra-features). // // *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not // correspond to core clock frequency. For more information, see the `CycleClock` // [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h). message MutexStats { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.MutexStats"; // The number of individual mutex contentions which have occurred since startup. uint64 num_contentions = 1; // The length of the current contention wait cycle. uint64 current_wait_cycles = 2; // The lifetime total of all contention wait cycles. uint64 lifetime_wait_cycles = 3; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/server_info.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "ServerInfoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Server State] // Proto representation of the value returned by /server_info, containing // server version/server status information. // [#next-free-field: 8] message ServerInfo { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.ServerInfo"; enum State { // Server is live and serving traffic. LIVE = 0; // Server is draining listeners in response to external health checks failing. DRAINING = 1; // Server has not yet completed cluster manager initialization. PRE_INITIALIZING = 2; // Server is running the cluster manager initialization callbacks (e.g., RDS). INITIALIZING = 3; } // Server version. string version = 1; // State of the server. State state = 2; // Uptime since current epoch was started. google.protobuf.Duration uptime_current_epoch = 3; // Uptime since the start of the first epoch. google.protobuf.Duration uptime_all_epochs = 4; // Hot restart version. string hot_restart_version = 5; // Command line options the server is currently running with. CommandLineOptions command_line_options = 6; // Populated node identity of this server. config.core.v4alpha.Node node = 7; } // [#next-free-field: 37] message CommandLineOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.CommandLineOptions"; enum IpVersion { v4 = 0; v6 = 1; } enum Mode { // Validate configs and then serve traffic normally. Serve = 0; // Validate configs and exit. Validate = 1; // Completely load and initialize the config, and then exit without running the listener loop. InitOnly = 2; } enum DrainStrategy { // Gradually discourage connections over the course of the drain period. Gradual = 0; // Discourage all connections for the duration of the drain sequence. Immediate = 1; } reserved 12, 20, 21; reserved "max_stats", "max_obj_name_len"; // See :option:`--base-id` for details. uint64 base_id = 1; // See :option:`--use-dynamic-base-id` for details. bool use_dynamic_base_id = 31; // See :option:`--base-id-path` for details. string base_id_path = 32; // See :option:`--concurrency` for details. uint32 concurrency = 2; // See :option:`--config-path` for details. string config_path = 3; // See :option:`--config-yaml` for details. string config_yaml = 4; // See :option:`--allow-unknown-static-fields` for details. bool allow_unknown_static_fields = 5; // See :option:`--reject-unknown-dynamic-fields` for details. bool reject_unknown_dynamic_fields = 26; // See :option:`--ignore-unknown-dynamic-fields` for details. bool ignore_unknown_dynamic_fields = 30; // See :option:`--admin-address-path` for details. string admin_address_path = 6; // See :option:`--local-address-ip-version` for details. IpVersion local_address_ip_version = 7; // See :option:`--log-level` for details. string log_level = 8; // See :option:`--component-log-level` for details. string component_log_level = 9; // See :option:`--log-format` for details. string log_format = 10; // See :option:`--log-format-escaped` for details. bool log_format_escaped = 27; // See :option:`--log-path` for details. string log_path = 11; // See :option:`--service-cluster` for details. string service_cluster = 13; // See :option:`--service-node` for details. string service_node = 14; // See :option:`--service-zone` for details. string service_zone = 15; // See :option:`--file-flush-interval-msec` for details. google.protobuf.Duration file_flush_interval = 16; // See :option:`--drain-time-s` for details. google.protobuf.Duration drain_time = 17; // See :option:`--drain-strategy` for details. DrainStrategy drain_strategy = 33; // See :option:`--parent-shutdown-time-s` for details. google.protobuf.Duration parent_shutdown_time = 18; // See :option:`--mode` for details. Mode mode = 19; // See :option:`--disable-hot-restart` for details. bool disable_hot_restart = 22; // See :option:`--enable-mutex-tracing` for details. bool enable_mutex_tracing = 23; // See :option:`--restart-epoch` for details. uint32 restart_epoch = 24; // See :option:`--cpuset-threads` for details. bool cpuset_threads = 25; // See :option:`--disable-extensions` for details. repeated string disabled_extensions = 28; // See :option:`--bootstrap-version` for details. uint32 bootstrap_version = 29; // See :option:`--enable-fine-grain-logging` for details. bool enable_fine_grain_logging = 34; // See :option:`--socket-path` for details. string socket_path = 35; // See :option:`--socket-mode` for details. uint32 socket_mode = 36; } ================================================ FILE: generated_api_shadow/envoy/admin/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.admin.v4alpha; import "envoy/config/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.admin.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // The /tap admin request body that is used to configure an active tap session. message TapRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v3.TapRequest"; // The opaque configuration ID used to match the configuration to a loaded extension. // A tap extension configures a similar opaque ID that is used to match. string config_id = 1 [(validate.rules).string = {min_len: 1}]; // The tap configuration to load. config.tap.v4alpha.TapConfig tap_config = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/annotations/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package() ================================================ FILE: generated_api_shadow/envoy/annotations/deprecation.proto ================================================ syntax = "proto3"; package envoy.annotations; import "google/protobuf/descriptor.proto"; // Allows tagging proto fields as fatal by default. One Envoy release after // deprecation, deprecated fields will be disallowed by default, a state which // is reversible with :ref:`runtime overrides `. // Magic number in this file derived from top 28bit of SHA256 digest of // "envoy.annotation.disallowed_by_default" extend google.protobuf.FieldOptions { bool disallowed_by_default = 189503207; } // Magic number in this file derived from top 28bit of SHA256 digest of // "envoy.annotation.disallowed_by_default_enum" extend google.protobuf.EnumValueOptions { bool disallowed_by_default_enum = 70100853; } ================================================ FILE: generated_api_shadow/envoy/annotations/resource.proto ================================================ syntax = "proto3"; package envoy.annotations; import "google/protobuf/descriptor.proto"; // Magic number in this file derived from top 28bit of SHA256 digest of "envoy.annotation.resource". extend google.protobuf.ServiceOptions { ResourceAnnotation resource = 265073217; } message ResourceAnnotation { // Annotation for xDS services that indicates the fully-qualified Protobuf type for the resource // type. string type = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/api/v2/listener:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/README.md ================================================ Protocol buffer definitions for xDS and top-level resource API messages. Package group `//envoy/api/v2:friends` enumerates all consumers of the shared API messages. That includes package envoy.api.v2 itself, which contains several xDS definitions. Default visibility for all shared definitions should be set to `//envoy/api/v2:friends`. Additionally, packages envoy.api.v2.core and envoy.api.v2.auth are also consumed throughout the subpackages of `//envoy/api/v2`. ================================================ FILE: generated_api_shadow/envoy/api/v2/auth/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/auth/cert.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/auth/common.proto"; import public "envoy/api/v2/auth/secret.proto"; import public "envoy/api/v2/auth/tls.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "CertProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; ================================================ FILE: generated_api_shadow/envoy/api/v2/auth/common.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common TLS configuration] message TlsParameters { enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_bytes: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true, (udpa.annotations.sensitive) = true]; google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { // The TLS certificate chain. core.DataSource certificate_chain = 1; // The TLS private key. core.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. core.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // [#not-implemented-hide:] core.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated core.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated core.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. // // See :ref:`the TLS overview ` for a list of common // system CA locations. core.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_bytes: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_bytes: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative Names. If specified, Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified values. // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated string verify_subject_alt_name = 4 [deprecated = true]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present a signed time-stamped OCSP response. google.protobuf.BoolValue require_ocsp_staple = 5; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. core.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/auth/secret.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/auth/common.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Secrets configuration] message GenericSecret { // Secret of generic type and is available to filters. core.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1; core.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: generated_api_shadow/envoy/api/v2/auth/tls.proto ================================================ syntax = "proto3"; package envoy.api.v2.auth; import "envoy/api/v2/auth/common.proto"; import "envoy/api/v2/auth/secret.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.auth"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tls.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 8] message DownstreamTlsContext { // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 9] message CommonTlsContext { message CombinedCertificateValidationContext { // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; // Config for fetching validation context via SDS API. SdsSecretConfig validation_context_sds_secret_config = 2 [(validate.rules).message = {required: true}]; } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; } ================================================ FILE: generated_api_shadow/envoy/api/v2/cds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/cluster.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "CdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: CDS] // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.Cluster"; rpc StreamClusters(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaClusters(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchClusters(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:clusters"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message CdsDummy { } ================================================ FILE: generated_api_shadow/envoy/api/v2/cluster/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/cluster/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "envoy/api/v2/core/base.proto"; import "envoy/type/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { message RetryBudget { // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/cluster/filter.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: generated_api_shadow/envoy/api/v2/cluster/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.api.v2.cluster; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.cluster"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ClusterNS"; option ruby_package = "Envoy.Api.V2.ClusterNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: generated_api_shadow/envoy/api/v2/cluster.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/auth/tls.proto"; import "envoy/api/v2/cluster/circuit_breaker.proto"; import "envoy/api/v2/cluster/filter.proto"; import "envoy/api/v2/cluster/outlier_detection.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/api/v2/core/protocol.proto"; import "envoy/api/v2/endpoint.proto"; import "envoy/type/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Cluster configuration] // Configuration for a single upstream cluster. // [#next-free-field: 48] message Cluster { // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`original destination load balancing // policy` // for an explanation. // // .. attention:: // // **This load balancing policy is deprecated**. Use CLUSTER_PROVIDED instead. // ORIGINAL_DST_LB = 4 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { // Configuration for the source of EDS updates for this Cluster. core.ConfigSource eds_config = 1; // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2; } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } reserved 12, 15; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; // The :ref:`load balancer type ` to use // when picking a host in the cluster. LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true}]; // If the service discovery type is // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS`, // then hosts is required. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`load_assignment` field instead. // repeated core.Address hosts = 7 [deprecated = true]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. cluster.CircuitBreakers circuit_breakers = 10; // The TLS configuration for connections to the upstream cluster. // // .. attention:: // // **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are // set, `transport_socket` takes priority. auth.UpstreamTlsContext tls_context = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.Http2ProtocolOptions http2_protocol_options = 14; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map extension_protocol_options = 35 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. cluster.OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool drain_connections_on_host_removal = 32 [(udpa.annotations.field_migrate).rename = "ignore_health_on_host_removal"]; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated cluster.Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.ConfigSource lrs_server = 42; // If track_timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool track_timeout_budgets = 47; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { message Policy { // Required. The name of the LB policy. string name = 1; // Optional config for the LB policy. // No more than one of these two fields may be populated. google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { // The address Envoy should bind to when establishing upstream connections. core.Address source_address = 1; } message UpstreamConnectionOptions { // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.TcpKeepalive tcp_keepalive = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/core/address.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Network addresses] message Pipe { // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_bytes: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#next-free-field: 7] message SocketAddress { enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_bytes: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/backoff.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/base.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/backoff.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/type/percent.proto"; import "envoy/type/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/core/socket_option.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { // SemVer version of extension. type.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // This is motivated by informing a management server during canary which // version of Envoy is being tested in a heterogeneous fleet. This will be set // by Envoy in management server RPCs. // This field is deprecated in favor of the user_agent_name and user_agent_version values. string build_version = 5 [deprecated = true]; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server // for filtering :ref:`listeners ` to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address listening_addresses = 11; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_bytes: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // Header name/value pair. message HeaderValue { // Header name. string key = 1 [(validate.rules).string = {min_bytes: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_bytes: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_bytes: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value num_retries = 2; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_bytes: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { // Default value if the runtime value's for the numerator/denominator keys are not available. type.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/config_source.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Configuration sources] // xDS API version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. UNSUPPORTED_REST_LEGACY = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // gRPC v2 API. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 7] message ConfigSource { oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/event_service_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { message Service { // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/grpc_service.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { message EnvoyGrpc { // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; } // [#next-free-field: 7] message GoogleGrpc { // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { message ServiceAccountJWTAccessCredentials { string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { string name = 1; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_bytes: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_bytes: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_bytes: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_bytes: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/health_check.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/event_service_config.proto"; import "envoy/type/http.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 23] message HealthCheck { // Describes the encoding of the payload bytes in the payload. message Payload { oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // An optional service name parameter which is used to validate the identity of // the health checked cluster. See the :ref:`architecture overview // ` for more information. // // .. attention:: // // This field has been deprecated in favor of `service_name_matcher` for better flexibility // over matching with service-cluster name. string service_name = 5 [deprecated = true]; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8; // If set, health checks will be made using http/2. // Deprecated, use :ref:`codec_client_type // ` instead. bool use_http2 = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.StringMatcher service_name_matcher = 11; } message TcpHealthCheck { // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2; } // Custom health check. message CustomHealthCheck { // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/http_uri.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_bytes: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_bytes: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/protocol.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { } message UpstreamHttpProtocolOptions { // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 6] message Http1ProtocolOptions { message HeaderKeyFormat { message ProperCaseWords { } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; } // [#next-free-field: 14] message Http2ProtocolOptions { // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65536 gte: 1}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // See `RFC7540, sec. 8.1 `_ for details. bool stream_error_on_invalid_http_messaging = 12; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; } // [#not-implemented-hide:] message GrpcProtocolOptions { Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: generated_api_shadow/envoy/api/v2/core/socket_option.proto ================================================ syntax = "proto3"; package envoy.api.v2.core; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.core"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/discovery.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.discovery.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. core.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. core.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 8] message DeltaDiscoveryRequest { // The node making the request. core.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 7] message DeltaDiscoveryResponse { // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } message Resource { // The resource's name, to distinguish it from others of the same type of resource. string name = 3; // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: generated_api_shadow/envoy/api/v2/eds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/endpoint.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "EdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: EDS] // Endpoint discovery :ref:`architecture overview ` service EndpointDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.ClusterLoadAssignment"; // The resource_names field in DiscoveryRequest specifies a list of clusters // to subscribe to updates for. rpc StreamEndpoints(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaEndpoints(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchEndpoints(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:endpoints"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message EdsDummy { } ================================================ FILE: generated_api_shadow/envoy/api/v2/endpoint/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/endpoint/endpoint.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "udpa/annotations/status.proto"; import public "envoy/api/v2/endpoint/endpoint_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; ================================================ FILE: generated_api_shadow/envoy/api/v2/endpoint/endpoint_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "EndpointComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Endpoints] // Upstream host identifier. message Endpoint { // The optional health check configuration. message HealthCheckConfig { // Optional alternative health check port value. // // By default the health check address port of an upstream host is the same // as the host's serving address port. This provides an alternative health // check port. Setting this with a non-zero value allows an upstream host // to have different health check address port. uint32 port_value = 1 [(validate.rules).uint32 = {lte: 65535}]; // By default, the host header for L7 health checks is controlled by cluster level configuration // (see: :ref:`host ` and // :ref:`authority `). Setting this // to a non-empty value allows overriding the cluster level configuration for a specific // endpoint. string hostname = 2; } // The upstream host address. // // .. attention:: // // The form of host address depends on the given cluster type. For STATIC or EDS, // it is expected to be a direct IP address (or something resolvable by the // specified :ref:`resolver ` // in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname, // and will be resolved via DNS. core.Address address = 1; // The optional health check configuration is used as configuration for the // health checker to contact the health checked host. // // .. attention:: // // This takes into effect only for upstream clusters with // :ref:`active health checking ` enabled. HealthCheckConfig health_check_config = 2; // The hostname associated with this endpoint. This hostname is not used for routing or address // resolution. If provided, it will be associated with the endpoint, and can be used for features // that require a hostname, like // :ref:`auto_host_rewrite `. string hostname = 3; } // An Endpoint that Envoy can route traffic to. // [#next-free-field: 6] message LbEndpoint { // Upstream host identifier or a named reference. oneof host_identifier { Endpoint endpoint = 1; // [#not-implemented-hide:] string endpoint_name = 5; } // Optional health status when known and supplied by EDS server. core.HealthStatus health_status = 2; // The endpoint metadata specifies values that may be used by the load // balancer to select endpoints in a cluster for a given request. The filter // name should be specified as *envoy.lb*. An example boolean key-value pair // is *canary*, providing the optional canary status of the upstream host. // This may be matched against in a route's // :ref:`RouteAction ` metadata_match field // to subset the endpoints considered in cluster load balancing. core.Metadata metadata = 3; // The optional load balancing weight of the upstream host; at least 1. // Envoy uses the load balancing weight in some of the built in load // balancers. The load balancing weight for an endpoint is divided by the sum // of the weights of all endpoints in the endpoint's locality to produce a // percentage of traffic for the endpoint. This percentage is then further // weighted by the endpoint's locality's load balancing weight from // LocalityLbEndpoints. If unspecified, each host is presumed to have equal // weight in a locality. The sum of the weights of all endpoints in the // endpoint's locality must not exceed uint32_t maximal value (4294967295). google.protobuf.UInt32Value load_balancing_weight = 4 [(validate.rules).uint32 = {gte: 1}]; } // A group of endpoints belonging to a Locality. // One can have multiple LocalityLbEndpoints for a locality, but this is // generally only done if the different groups need to have different load // balancing weights or different priorities. // [#next-free-field: 7] message LocalityLbEndpoints { // Identifies location of where the upstream hosts run. core.Locality locality = 1; // The group of endpoints belonging to the locality specified. repeated LbEndpoint lb_endpoints = 2; // Optional: Per priority/region/zone/sub_zone weight; at least 1. The load // balancing weight for a locality is divided by the sum of the weights of all // localities at the same priority level to produce the effective percentage // of traffic for the locality. The sum of the weights of all localities at // the same priority level must not exceed uint32_t maximal value (4294967295). // // Locality weights are only considered when :ref:`locality weighted load // balancing ` is // configured. These weights are ignored otherwise. If no weights are // specified when locality weighted load balancing is enabled, the locality is // assigned no load. google.protobuf.UInt32Value load_balancing_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Optional: the priority for this LocalityLbEndpoints. If unspecified this will // default to the highest priority (0). // // Under usual circumstances, Envoy will only select endpoints for the highest // priority (0). In the event all endpoints for a particular priority are // unavailable/unhealthy, Envoy will fail over to selecting endpoints for the // next highest priority group. // // Priorities should range from 0 (highest) to N (lowest) without skipping. uint32 priority = 5 [(validate.rules).uint32 = {lte: 128}]; // Optional: Per locality proximity value which indicates how close this // locality is from the source locality. This value only provides ordering // information (lower the value, closer it is to the source locality). // This will be consumed by load balancing schemes that need proximity order // to determine where to route the requests. // [#not-implemented-hide:] google.protobuf.UInt32Value proximity = 6; } ================================================ FILE: generated_api_shadow/envoy/api/v2/endpoint/load_report.proto ================================================ syntax = "proto3"; package envoy.api.v2.endpoint; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.endpoint"; option java_outer_classname = "LoadReportProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // These are stats Envoy reports to GLB every so often. Report frequency is // defined by // :ref:`LoadStatsResponse.load_reporting_interval`. // Stats per upstream region/zone and optionally per subzone. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // [#next-free-field: 9] message UpstreamLocalityStats { // Name of zone, region and optionally endpoint group these metrics were // collected from. Zone and region names could be empty if unknown. core.Locality locality = 1; // The total number of requests successfully completed by the endpoints in the // locality. uint64 total_successful_requests = 2; // The total number of unfinished requests uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint, // aggregated over all endpoints in the locality. uint64 total_error_requests = 4; // The total number of requests that were issued by this Envoy since // the last report. This information is aggregated over all the // upstream endpoints in the locality. uint64 total_issued_requests = 8; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; // Endpoint granularity stats information for this locality. This information // is populated if the Server requests it by setting // :ref:`LoadStatsResponse.report_endpoint_granularity`. repeated UpstreamEndpointStats upstream_endpoint_stats = 7; // [#not-implemented-hide:] The priority of the endpoint group these metrics // were collected from. uint32 priority = 6; } // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // [#next-free-field: 8] message UpstreamEndpointStats { // Upstream host address. core.Address address = 1; // Opaque and implementation dependent metadata of the // endpoint. Envoy will pass this directly to the management server. google.protobuf.Struct metadata = 6; // The total number of requests successfully completed by the endpoints in the // locality. These include non-5xx responses for HTTP, where errors // originate at the client and the endpoint responded successfully. For gRPC, // the grpc-status values are those not covered by total_error_requests below. uint64 total_successful_requests = 2; // The total number of unfinished requests for this endpoint. uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint. // For HTTP these are responses with 5xx status codes and for gRPC the // grpc-status values: // // - DeadlineExceeded // - Unimplemented // - Internal // - Unavailable // - Unknown // - DataLoss uint64 total_error_requests = 4; // The total number of requests that were issued to this endpoint // since the last report. A single TCP connection, HTTP or gRPC // request or stream is counted as one request. uint64 total_issued_requests = 7; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; } // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message EndpointLoadMetricStats { // Name of the metric; may be empty. string metric_name = 1; // Number of calls that finished and included this metric. uint64 num_requests_finished_with_metric = 2; // Sum of metric values across all calls that finished with this metric for // load_reporting_interval. double total_metric_value = 3; } // Per cluster load stats. Envoy reports these stats a management server in a // :ref:`LoadStatsRequest` // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. // Next ID: 7 // [#next-free-field: 7] message ClusterStats { message DroppedRequests { // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_bytes: 1}]; // Total number of deliberately dropped requests for the category. uint64 dropped_count = 2; } // The name of the cluster. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The eds_cluster_config service_name of the cluster. // It's possible that two clusters send the same service_name to EDS, // in that case, the management server is supposed to do aggregation on the load reports. string cluster_service_name = 6; // Need at least one. repeated UpstreamLocalityStats upstream_locality_stats = 2 [(validate.rules).repeated = {min_items: 1}]; // Cluster-level stats such as total_successful_requests may be computed by // summing upstream_locality_stats. In addition, below there are additional // cluster-wide stats. // // The total number of dropped requests. This covers requests // deliberately dropped by the drop_overload policy and circuit breaking. uint64 total_dropped_requests = 3; // Information about deliberately dropped requests for each category specified // in the DropOverload policy. repeated DroppedRequests dropped_requests = 5; // Period over which the actual load report occurred. This will be guaranteed to include every // request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy // and the *LoadStatsResponse* message sent from the management server, this may be longer than // the requested load reporting interval in the *LoadStatsResponse*. google.protobuf.Duration load_report_interval = 4; } ================================================ FILE: generated_api_shadow/envoy/api/v2/endpoint.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/endpoint/endpoint_components.proto"; import "envoy/type/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.endpoint.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Endpoint configuration] // Endpoint discovery :ref:`architecture overview ` // Each route from RDS will map to a single cluster or traffic split across // clusters using weights expressed in the RDS WeightedCluster. // // With EDS, each cluster is treated independently from a LB perspective, with // LB taking place between the Localities within a cluster and at a finer // granularity between the hosts within a locality. The percentage of traffic // for each endpoint is determined by both its load_balancing_weight, and the // load_balancing_weight of its locality. First, a locality will be selected, // then an endpoint within that locality will be chose based on its weight. // [#next-free-field: 6] message ClusterLoadAssignment { // Load balancing policy settings. // [#next-free-field: 6] message Policy { // [#not-implemented-hide:] message DropOverload { // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_bytes: 1}]; // Percentage of traffic that should be dropped for the category. type.FractionalPercent drop_percentage = 2; } reserved 1; // Action to trim the overall incoming traffic to protect the upstream // hosts. This action allows protection in case the hosts are unable to // recover from an outage, or unable to autoscale or unable to handle // incoming traffic volume for any reason. // // At the client each category is applied one after the other to generate // the 'actual' drop percentage on all outgoing traffic. For example: // // .. code-block:: json // // { "drop_overloads": [ // { "category": "throttle", "drop_percentage": 60 } // { "category": "lb", "drop_percentage": 50 } // ]} // // The actual drop percentages applied to the traffic at the clients will be // "throttle"_drop = 60% // "lb"_drop = 20% // 50% of the remaining 'actual' load, which is 40%. // actual_outgoing_load = 20% // remaining after applying all categories. // [#not-implemented-hide:] repeated DropOverload drop_overloads = 2; // Priority levels and localities are considered overprovisioned with this // factor (in percentage). This means that we don't consider a priority // level or locality unhealthy until the percentage of healthy hosts // multiplied by the overprovisioning factor drops below 100. // With the default value 140(1.4), Envoy doesn't consider a priority level // or a locality unhealthy until their percentage of healthy hosts drops // below 72%. For example: // // .. code-block:: json // // { "overprovisioning_factor": 100 } // // Read more at :ref:`priority levels ` and // :ref:`localities `. google.protobuf.UInt32Value overprovisioning_factor = 3 [(validate.rules).uint32 = {gt: 0}]; // The max time until which the endpoints from this assignment can be used. // If no new assignments are received before this time expires the endpoints // are considered stale and should be marked unhealthy. // Defaults to 0 which means endpoints never go stale. google.protobuf.Duration endpoint_stale_after = 4 [(validate.rules).duration = {gt {}}]; // The flag to disable overprovisioning. If it is set to true, // :ref:`overprovisioning factor // ` will be ignored // and Envoy will not perform graceful failover between priority levels or // localities as endpoints become unhealthy. Otherwise Envoy will perform // graceful failover as :ref:`overprovisioning factor // ` suggests. // [#not-implemented-hide:] bool disable_overprovisioning = 5 [deprecated = true]; } // Name of the cluster. This will be the :ref:`service_name // ` value if specified // in the cluster :ref:`EdsClusterConfig // `. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; // List of endpoints to load balance to. repeated endpoint.LocalityLbEndpoints endpoints = 2; // Map of named endpoints that can be referenced in LocalityLbEndpoints. // [#not-implemented-hide:] map named_endpoints = 5; // Load balancing policy settings. Policy policy = 4; } ================================================ FILE: generated_api_shadow/envoy/api/v2/lds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/listener.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "LdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener] // Listener :ref:`configuration overview ` // The Envoy instance initiates an RPC at startup to discover a list of // listeners. Updates are delivered via streaming from the LDS server and // consist of a complete update of all listeners. Existing connections will be // allowed to drain from listeners that are no longer present. service ListenerDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.Listener"; rpc DeltaListeners(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc StreamListeners(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc FetchListeners(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:listeners"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message LdsDummy { } ================================================ FILE: generated_api_shadow/envoy/api/v2/listener/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/auth:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/listener/listener.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "udpa/annotations/status.proto"; import public "envoy/api/v2/listener/listener_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; ================================================ FILE: generated_api_shadow/envoy/api/v2/listener/listener_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "envoy/api/v2/auth/tls.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/type/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { reserved 3; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 4; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. LOCAL = 1 [(udpa.annotations.enum_value_migrate).rename = "SAME_IP_OR_LOOPBACK"]; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 8] message FilterChain { // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // The TLS context for this filter chain. // // .. attention:: // // **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are // set, `transport_socket` takes priority. auth.DownstreamTlsContext tls_context = 2 [deprecated = true]; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.Int32Range destination_port_range = 5; } } message ListenerFilter { // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: generated_api_shadow/envoy/api/v2/listener/quic_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 4 message QuicProtocolOptions { // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; } ================================================ FILE: generated_api_shadow/envoy/api/v2/listener/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.api.v2.listener; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.api.v2.listener"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option csharp_namespace = "Envoy.Api.V2.ListenerNS"; option ruby_package = "Envoy.Api.V2.ListenerNS"; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message ActiveRawUdpListenerConfig { } ================================================ FILE: generated_api_shadow/envoy/api/v2/listener.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/socket_option.proto"; import "envoy/api/v2/listener/listener_components.proto"; import "envoy/api/v2/listener/udp_listener_config.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/config/listener/v2/api_listener.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // [#next-free-field: 23] message Listener { enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated listener.FilterChain filter_chains = 3; // If a connection is redirected using *iptables*, the port on which the proxy // receives it might be different from the original destination address. When this flag is set to // true, the listener hands off redirected connections to the listener associated with the // original destination address. If there is no listener associated with the original destination // address, the connection is handled by the listener that receives it. Defaults to false. // // .. attention:: // // This field is deprecated. Use :ref:`an original_dst ` // :ref:`listener filter ` instead. // // Note that hand off to another listener is *NOT* performed without this flag. Once // :ref:`FilterChainMatch ` is implemented this flag // will be removed, as filter chain matching can be used to select a filter chain based on the // restored destination address. google.protobuf.BoolValue use_original_dst = 4 [deprecated = true]; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; // Listener metadata. core.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated listener.ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". listener.UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] config.listener.v2.ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated config.filter.accesslog.v2.AccessLog access_log = 22; } ================================================ FILE: generated_api_shadow/envoy/api/v2/ratelimit/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/ratelimit/ratelimit.proto ================================================ syntax = "proto3"; package envoy.api.v2.ratelimit; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.ratelimit"; option java_outer_classname = "RatelimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common rate limit components] // A RateLimitDescriptor is a list of hierarchical entries that are used by the service to // determine the final rate limit key and overall allowed limit. Here are some examples of how // they might be used for the domain "envoy". // // .. code-block:: cpp // // ["authenticated": "false"], ["remote_address": "10.0.0.1"] // // What it does: Limits all unauthenticated traffic for the IP address 10.0.0.1. The // configuration supplies a default limit for the *remote_address* key. If there is a desire to // raise the limit for 10.0.0.1 or block it entirely it can be specified directly in the // configuration. // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"] // // What it does: Limits all unauthenticated traffic globally for a specific path (or prefix if // configured that way in the service). // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"], ["remote_address": "10.0.0.1"] // // What it does: Limits unauthenticated traffic to a specific path for a specific IP address. // Like (1) we can raise/block specific IP addresses if we want with an override configuration. // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"] // // What it does: Limits all traffic for an authenticated client "foo" // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"], ["path": "/foo/bar"] // // What it does: Limits traffic to a specific path for an authenticated client "foo" // // The idea behind the API is that (1)/(2)/(3) and (4)/(5) can be sent in 1 request if desired. // This enables building complex application scenarios with a generic backend. message RateLimitDescriptor { message Entry { // Descriptor key. string key = 1 [(validate.rules).string = {min_bytes: 1}]; // Descriptor value. string value = 2 [(validate.rules).string = {min_bytes: 1}]; } // Descriptor entries. repeated Entry entries = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/rds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; import public "envoy/api/v2/route.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "RdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. // This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. Each listener will bind its HTTP connection manager filter to // a route table via this identifier. service RouteDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.RouteConfiguration"; rpc StreamRoutes(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaRoutes(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchRoutes(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:routes"; option (google.api.http).body = "*"; } } // Virtual Host Discovery Service (VHDS) is used to dynamically update the list of virtual hosts for // a given RouteConfiguration. If VHDS is configured a virtual host list update will be triggered // during the processing of an HTTP request if a route for the request cannot be resolved. The // :ref:`resource_names_subscribe ` // field contains a list of virtual host names or aliases to track. The contents of an alias would // be the contents of a *host* or *authority* header used to make an http request. An xDS server // will match an alias to a virtual host based on the content of :ref:`domains' // ` field. The *resource_names_unsubscribe* field // contains a list of virtual host names that have been :ref:`unsubscribed // ` from the routing table associated with the RouteConfiguration. service VirtualHostDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.route.VirtualHost"; rpc DeltaVirtualHosts(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message RdsDummy { } ================================================ FILE: generated_api_shadow/envoy/api/v2/route/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/api/v2/route/route.proto ================================================ syntax = "proto3"; package envoy.api.v2.route; import "udpa/annotations/status.proto"; import public "envoy/api/v2/route/route_components.proto"; option java_package = "io.envoyproxy.envoy.api.v2.route"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; ================================================ FILE: generated_api_shadow/envoy/api/v2/route/route_components.proto ================================================ syntax = "proto3"; package envoy.api.v2.route; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/regex.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/percent.proto"; import "envoy/type/range.proto"; import "envoy/type/tracing/v2/custom_tag.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2.route"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map per_filter_config = 12 [deprecated = true]; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; } // A filter-defined action type. message FilterAction { google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { reserved 6; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map per_filter_config = 8 [deprecated = true]; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_route.VirtualHost` and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_route.VirtualHost` and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { // [#next-free-field: 11] message ClusterWeight { reserved 7; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_route.RouteAction`. repeated string request_headers_to_remove = 9; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_route.RouteAction`. repeated string response_headers_to_remove = 6; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map per_filter_config = 8 [deprecated = true]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 12] message RouteMatch { message GrpcRouteMatchOptions { } message TlsContextMatchOptions { // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } reserved 5; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. The regex grammar is defined `here // `_. // // Examples: // // * The regex ``/b[io]t`` matches the path */bit* // * The regex ``/b[io]t`` matches the path */bot* // * The regex ``/b[io]t`` does not match the path */bite* // * The regex ``/b[io]t`` does not match the path */bit/bot* // // .. attention:: // This field has been deprecated in favor of `safe_regex` as it is not safe for use with // untrusted input in all cases. string regex = 3 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { // Specifies the origins that will be allowed to do CORS requests. // // An origin is allowed if either allow_origin or allow_origin_regex match. // // .. attention:: // This field has been deprecated in favor of `allow_origin_string_match`. repeated string allow_origin = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies regex patterns that match allowed origins. // // An origin is allowed if either allow_origin or allow_origin_regex match. // // .. attention:: // This field has been deprecated in favor of `allow_origin_string_match` as it is not safe for // use with untrusted input in all cases. repeated string allow_origin_regex = 8 [deprecated = true, (validate.rules).repeated = {items {string {max_bytes: 1024}}}]; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies if the CORS filter is enabled. Defaults to true. Only effective on route. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`filter_enabled` field instead. google.protobuf.BoolValue enabled = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.RuntimeFractionalPercent filter_enabled = 9; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.RuntimeFractionalPercent shadow_enabled = 10; } // [#next-free-field: 34] message RouteAction { enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // Configures :ref:`internal redirect ` behavior. enum InternalRedirectAction { PASS_THROUGH_INTERNAL_REDIRECT = 0; HANDLE_INTERNAL_REDIRECT = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // If not specified, all requests to the target cluster will be mirrored. If // specified, Envoy will lookup the runtime key to get the % of requests to // mirror. Valid values are from 0 to 10000, allowing for increments of // 0.01% of requests to be mirrored. If the runtime key is specified in the // configuration but not present in runtime, 0 is the default and thus 0% of // requests will be mirrored. // // .. attention:: // // **This field is deprecated**. Set the // :ref:`runtime_fraction // ` // field instead. Mirroring occurs if both this and // ` // are not set. string runtime_key = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { message Header { // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [ (validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false} ]; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { // Hash on source IP address. bool source_ip = 1; } message QueryParameter { // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_bytes: 1}]; } message FilterState { // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_bytes: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; } reserved 12, 18, 19, 16, 22, 21; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite = 6 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}, (udpa.annotations.field_migrate).rename = "host_rewrite_literal" ]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string auto_host_rewrite_header = 29 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).rename = "host_rewrite_header" ]; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has a request mirroring policy. // // .. attention:: // This field has been deprecated in favor of `request_mirror_policies` which supports one or // more mirroring policies. RequestMirrorPolicy request_mirror_policy = 10 [deprecated = true]; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host // :ref:`rate_limits ` are not applied to the // request. google.protobuf.BoolValue include_vh_rate_limits = 14; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; // If present, and the request is a gRPC request, use the // `grpc-timeout header `_, // or its default value (infinity) instead of // :ref:`timeout `, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using // :ref:`timeout ` or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // // .. note:: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes // precedence over `grpc-timeout header `_, when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration max_grpc_timeout = 23; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global // timeout to be less than that of the deadline imposed by the calling client, which makes it more // likely that Envoy will handle the timeout instead of having the call canceled by the client. // The offset will only be applied if the provided grpc_timeout is greater than the offset. This // ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning // infinity). google.protobuf.Duration grpc_timeout_offset = 28; repeated UpgradeConfig upgrade_configs = 25; InternalRedirectAction internal_redirect_action = 26; // An internal redirect is handled, iff the number of previous internal redirects that a // downstream request has encountered is lower than this value, and // :ref:`internal_redirect_action ` // is set to :ref:`HANDLE_INTERNAL_REDIRECT // ` // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or has // :ref:`internal_redirect_action ` // set to // :ref:`PASS_THROUGH_INTERNAL_REDIRECT // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 31; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 11] message RetryPolicy { message RetryPriority { string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message RetryHostPredicate { string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message RetryBackOff { // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value num_retries = 2; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_RouteConfiguration` or // :ref:`envoy_api_msg_route.VirtualHost`. core.DataSource body = 2; } message Decorator { // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_bytes: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v2.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { // Specifies a regex pattern to use for matching requests. The entire path of the request // must match the regex. The regex grammar used is defined `here // `_. // // Examples: // // * The regex ``/rides/\d+`` matches the path */rides/0* // * The regex ``/rides/\d+`` matches the path */rides/123* // * The regex ``/rides/\d+`` does not match the path */rides/123/456* // // .. attention:: // This field has been deprecated in favor of `headers` as it is not safe for use with // untrusted input in all cases. string pattern = 1 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_bytes: 1}]; // Optionally specifies the HTTP method to match on. For example GET, PUT, // etc. // // .. attention:: // This field has been deprecated in favor of `headers`. core.RequestMethod method = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { // [#next-free-field: 7] message Action { // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [ (validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false} ]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_bytes: 1}]; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_bytes: 1}]; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_bytes: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 12] message HeaderMatcher { reserved 2, 3; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. The regex grammar used in the value field is defined // `here `_. // // Examples: // // * The regex ``\d{3}`` matches the value *123* // * The regex ``\d{3}`` does not match the value *1234* // * The regex ``\d{3}`` does not match the value *123.456* // // .. attention:: // This field has been deprecated in favor of `safe_regex_match` as it is not safe for use // with untrusted input in all cases. string regex_match = 5 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_bytes: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_bytes: 1}]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_bytes: 1 max_bytes: 1024}]; // Specifies the value of the key. If the value is absent, a request // that contains the key in its query string will match, whether the // key appears with a value (e.g., "?debug=true") or not (e.g., "?debug") // // ..attention:: // This field is deprecated. Use an `exact` match inside the `string_match` field. string value = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Specifies whether the query parameter value is a regular expression. // Defaults to false. The entire query parameter value (i.e., the part to // the right of the equals sign in "key=value") must match the regex. // E.g., the regex ``\d+$`` will match *123* but not *a123* or *123a*. // // ..attention:: // This field is deprecated. Use a `safe_regex` match inside the `string_match` field. google.protobuf.BoolValue regex = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } } ================================================ FILE: generated_api_shadow/envoy/api/v2/route.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_config.filter.network.http_connection_manager.v2.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated route.VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { // Configuration source specifier for VHDS. core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/scoped_route.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { message Fragment { oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The resource name to use for a :ref:`envoy_api_msg_DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_bytes: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/api/v2/srds.proto ================================================ syntax = "proto3"; package envoy.api.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import public "envoy/api/v2/scoped_route.proto"; option java_package = "io.envoyproxy.envoy.api.v2"; option java_outer_classname = "SrdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.route.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: SRDS] // * Routing :ref:`architecture overview ` // The Scoped Routes Discovery Service (SRDS) API distributes // :ref:`ScopedRouteConfiguration` // resources. Each ScopedRouteConfiguration resource represents a "routing // scope" containing a mapping that allows the HTTP connection manager to // dynamically assign a routing table (specified via a // :ref:`RouteConfiguration` message) to each // HTTP request. service ScopedRoutesDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.ScopedRouteConfiguration"; rpc StreamScopedRoutes(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaScopedRoutes(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } rpc FetchScopedRoutes(DiscoveryRequest) returns (DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:scoped-routes"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message SrdsDummy { } ================================================ FILE: generated_api_shadow/envoy/config/README.md ================================================ Protocol buffer definitions for Envoy's bootstrap, filter, and service configuration. Visibility should be constrained to none or `//envoy/config/bootstrap/v2` by default. ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v2/als.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v2; import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.grpc.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Access Log Service (ALS)] // Configuration for the built-in *envoy.access_loggers.http_grpc* // :ref:`AccessLog `. This configuration will // populate :ref:`StreamAccessLogsMessage.http_logs // `. // [#extension: envoy.access_loggers.http_grpc] message HttpGrpcAccessLogConfig { CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; // Additional request headers to log in :ref:`HTTPRequestProperties.request_headers // `. repeated string additional_request_headers_to_log = 2; // Additional response headers to log in :ref:`HTTPResponseProperties.response_headers // `. repeated string additional_response_headers_to_log = 3; // Additional response trailers to log in :ref:`HTTPResponseProperties.response_trailers // `. repeated string additional_response_trailers_to_log = 4; } // Configuration for the built-in *envoy.access_loggers.tcp_grpc* type. This configuration will // populate *StreamAccessLogsMessage.tcp_logs*. // [#extension: envoy.access_loggers.tcp_grpc] message TcpGrpcAccessLogConfig { CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; } // Common configuration for gRPC access logs. // [#next-free-field: 6] message CommonGrpcAccessLogConfig { // The friendly name of the access log to be returned in :ref:`StreamAccessLogsMessage.Identifier // `. This allows the // access log server to differentiate between different access logs coming from the same Envoy. string log_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The gRPC service for the access log service. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // Interval for flushing access logs to the gRPC stream. Logger will flush requests every time // this interval is elapsed, or when batch size limit is hit, whichever comes first. Defaults to // 1 second. google.protobuf.Duration buffer_flush_interval = 3 [(validate.rules).duration = {gt {}}]; // Soft size limit in bytes for access log entries buffer. Logger will buffer requests until // this limit it hit, or every time flush interval is elapsed, whichever comes first. Setting it // to zero effectively disables the batching. Defaults to 16384. google.protobuf.UInt32Value buffer_size_bytes = 4; // Additional filter state objects to log in :ref:`filter_state_objects // `. // Logger will call `FilterState::Object::serializeAsProto` to serialize the filter state object. repeated string filter_state_objects_to_log = 5; } ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v2/file.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v2; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.file.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. message FileAccessLog { // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_bytes: 1}]; oneof access_log_format { // Access log :ref:`format string`. // Envoy supports :ref:`custom access log formats ` as well as a // :ref:`default format `. string format = 2; // Access log :ref:`format dictionary`. All values // are rendered as strings. google.protobuf.Struct json_format = 3; // Access log :ref:`format dictionary`. Values are // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the // documentation for a specific command operator for details. google.protobuf.Struct typed_json_format = 4; } } ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v3/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v3"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common access log types] message AccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AccessLog"; // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. // Built-in configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Any typed_config = 4; google.protobuf.Struct hidden_envoy_deprecated_config = 3 [deprecated = true]; } } // [#next-free-field: 13] message AccessLogFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AccessLogFilter"; oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; // Metadata Filter MetadataFilter metadata_filter = 12; } } // Filter on an integer comparison. message ComparisonFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ComparisonFilter"; enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. core.v3.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.StatusCodeFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.DurationFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.NotHealthCheckFilter"; } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.TraceableFilter"; } // Filters for random sampling of requests. message RuntimeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.RuntimeFilter"; // Runtime key to get an optional overridden numerator for use in the // *percent_sampled* field. If found in runtime, this value will replace the // default numerator. string runtime_key = 1 [(validate.rules).string = {min_len: 1}]; // The default sampling percentage. If not specified, defaults to 0% with // denominator of 100. type.v3.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being // present. If :ref:`x-request-id` // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will // randomly sample based on the runtime key value alone. // *use_independent_randomness* can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to // reason about from a probability perspective (i.e., setting to true will // cause the filter to behave like an independent random variable when // composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.AndFilter"; repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.OrFilter"; repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.HeaderFilter"; // Only requests with a header which matches the specified HeaderMatcher will // pass the filter check. route.v3.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter // :ref:`documentation`. message ResponseFlagFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ResponseFlagFilter"; // Only responses with the any of the flags listed in this field will be // logged. This field is optional. If it is not specified, then any response // flag will pass the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" in: "UMSDR" in: "RFCF" in: "NFCF" in: "DT" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not // provided, the filter will infer the status from the HTTP status code. message GrpcStatusFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.GrpcStatusFilter"; enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses // with a gRPC status or inferred gRPC status enumerated in statuses, and // allow all other responses. bool exclude = 2; } // Filters based on matching dynamic metadata. // If the matcher path and key correspond to an existing key in dynamic // metadata, the request is logged only if the matcher value is equal to the // metadata value. If the matcher path and key *do not* correspond to an // existing key in dynamic metadata, the request is logged only if // match_if_key_not_found is "true" or unset. message MetadataFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.MetadataFilter"; // Matcher to check metadata for specified value. For example, to match on the // access_log_hint metadata, set the filter to "envoy.common" and the path to // "access_log_hint", and the value to "true". type.matcher.v3.MetadataMatcher matcher = 1; // Default result if the key does not exist in dynamic metadata: if unset or // true, then log; if false, then don't log. google.protobuf.BoolValue match_if_key_not_found = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.accesslog.v2.ExtensionFilter"; // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/accesslog/v4alpha/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.accesslog.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.accesslog.v4alpha"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common access log types] message AccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AccessLog"; reserved 3; reserved "config"; // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. // Built-in configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Any typed_config = 4; } } // [#next-free-field: 13] message AccessLogFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AccessLogFilter"; oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; // Metadata Filter MetadataFilter metadata_filter = 12; } } // Filter on an integer comparison. message ComparisonFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ComparisonFilter"; enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. core.v4alpha.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.StatusCodeFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.DurationFilter"; // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.NotHealthCheckFilter"; } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.TraceableFilter"; } // Filters for random sampling of requests. message RuntimeFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.RuntimeFilter"; // Runtime key to get an optional overridden numerator for use in the // *percent_sampled* field. If found in runtime, this value will replace the // default numerator. string runtime_key = 1 [(validate.rules).string = {min_len: 1}]; // The default sampling percentage. If not specified, defaults to 0% with // denominator of 100. type.v3.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being // present. If :ref:`x-request-id` // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will // randomly sample based on the runtime key value alone. // *use_independent_randomness* can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to // reason about from a probability perspective (i.e., setting to true will // cause the filter to behave like an independent random variable when // composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.AndFilter"; repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.OrFilter"; repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.HeaderFilter"; // Only requests with a header which matches the specified HeaderMatcher will // pass the filter check. route.v4alpha.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter // :ref:`documentation`. message ResponseFlagFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ResponseFlagFilter"; // Only responses with the any of the flags listed in this field will be // logged. This field is optional. If it is not specified, then any response // flag will pass the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" in: "UMSDR" in: "RFCF" in: "NFCF" in: "DT" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not // provided, the filter will infer the status from the HTTP status code. message GrpcStatusFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.GrpcStatusFilter"; enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses // with a gRPC status or inferred gRPC status enumerated in statuses, and // allow all other responses. bool exclude = 2; } // Filters based on matching dynamic metadata. // If the matcher path and key correspond to an existing key in dynamic // metadata, the request is logged only if the matcher value is equal to the // metadata value. If the matcher path and key *do not* correspond to an // existing key in dynamic metadata, the request is logged only if // match_if_key_not_found is "true" or unset. message MetadataFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.MetadataFilter"; // Matcher to check metadata for specified value. For example, to match on the // access_log_hint metadata, set the filter to "envoy.common" and the path to // "access_log_hint", and the value to "true". type.matcher.v4alpha.MetadataMatcher matcher = 1; // Default result if the key does not exist in dynamic metadata: if unset or // true, then log; if false, then don't log. google.protobuf.BoolValue match_if_key_not_found = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v3.ExtensionFilter"; reserved 2; reserved "config"; // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; } } ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/auth:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", "//envoy/config/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v2/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v2; import "envoy/api/v2/auth/secret.proto"; import "envoy/api/v2/cluster.proto"; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/event_service_config.proto"; import "envoy/api/v2/core/socket_option.proto"; import "envoy/api/v2/listener.proto"; import "envoy/config/metrics/v2/stats.proto"; import "envoy/config/overload/v2alpha/overload.proto"; import "envoy/config/trace/v2/http_tracer.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v2"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 21] message Bootstrap { message StaticResources { // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated api.v2.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated api.v2.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated api.v2.auth.Secret secrets = 3; } message DynamicResources { reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. api.v2.core.ConfigSource lds_config = 1; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. api.v2.core.ConfigSource cds_config = 2; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. api.v2.core.ApiConfigSource ads_config = 3; } reserved 10; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). api.v2.core.Node node = 1; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) api.v2.core.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v2.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v2.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdog configuration. Watchdog watchdog = 8; // Configuration for an external tracing provider. // // .. attention:: // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider // `. trace.v2.Tracing tracing = 9; // Configuration for the runtime configuration provider (deprecated). If not // specified, a “null” provider will be used which will result in all defaults // being used. Runtime runtime = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v2alpha.OverloadManager overload_manager = 15; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; } // Administration interface :ref:`operations documentation // `. message Admin { // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. api.v2.core.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated api.v2.core.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { message OutlierDetection { // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. api.v2.core.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. api.v2.core.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. api.v2.core.ApiConfigSource load_stats_config = 4; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. message Watchdog { // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // If at least two watched threads have been nonresponsive for at least this // duration assume a true deadlock and kill the entire Envoy process. Set to 0 // to disable this behavior. If not specified the default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { // :ref:`Disk runtime ` layer. message DiskLayer { // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1; // RTDS configuration source. api.v2.core.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/bootstrap/v2:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/listener/v3:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v3/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v3; import "envoy/config/cluster/v3/cluster.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/listener.proto"; import "envoy/config/metrics/v3/stats.proto"; import "envoy/config/overload/v3/overload.proto"; import "envoy/config/trace/v3/http_tracer.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v3"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 28] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap"; message StaticResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap.StaticResources"; // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated listener.v3.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated cluster.v3.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated envoy.extensions.transport_sockets.tls.v3.Secret secrets = 3; } // [#next-free-field: 7] message DynamicResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap.DynamicResources"; reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. core.v3.ConfigSource lds_config = 1; // Resource locator for listener collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator lds_resources_locator = 5; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. core.v3.ConfigSource cds_config = 2; // Resource locator for cluster collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator cds_resources_locator = 6; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. core.v3.ApiConfigSource ads_config = 3; } reserved 10; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). core.v3.Node node = 1; // A list of :ref:`Node ` field names // that will be included in the context parameters of the effective // *UdpaResourceLocator* that is sent in a discovery request when resource // locators are used for LDS/CDS. Any non-string field will have its JSON // encoding set as the context parameter value, with the exception of // metadata, which will be flattened (see example below). The supported field // names are: // - "cluster" // - "id" // - "locality.region" // - "locality.sub_zone" // - "locality.zone" // - "metadata" // - "user_agent_build_version.metadata" // - "user_agent_build_version.version" // - "user_agent_name" // - "user_agent_version" // // The node context parameters act as a base layer dictionary for the context // parameters (i.e. more specific resource specific context parameters will // override). Field names will be prefixed with “udpa.node.” when included in // context parameters. // // For example, if node_context_params is ``["user_agent_name", "metadata"]``, // the implied context parameters might be:: // // node.user_agent_name: "envoy" // node.metadata.foo: "{\"bar\": \"baz\"}" // node.metadata.some: "42" // node.metadata.thing: "\"thing\"" // // [#not-implemented-hide:] repeated string node_context_params = 26; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) core.v3.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v3.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v3.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdog configuration. // This is for a single watchdog configuration for the entire system. // Deprecated in favor of *watchdogs* which has finer granularity. Watchdog watchdog = 8 [deprecated = true]; // Optional watchdogs configuration. // This is used for specifying different watchdogs for the different subsystems. Watchdogs watchdogs = 27; // Configuration for an external tracing provider. // // .. attention:: // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider // `. trace.v3.Tracing tracing = 9 [deprecated = true]; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v3.OverloadManager overload_manager = 15 [ (udpa.annotations.security).configure_for_untrusted_downstream = true, (udpa.annotations.security).configure_for_untrusted_upstream = true ]; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. repeated core.v3.TypedExtensionConfig bootstrap_extensions = 21; // Configuration sources that will participate in // *udpa.core.v1.ResourceLocator* authority resolution. The algorithm is as // follows: // 1. The authority field is taken from the *udpa.core.v1.ResourceLocator*, call // this *resource_authority*. // 2. *resource_authority* is compared against the authorities in any peer // *ConfigSource*. The peer *ConfigSource* is the configuration source // message which would have been used unconditionally for resolution // with opaque resource names. If there is a match with an authority, the // peer *ConfigSource* message is used. // 3. *resource_authority* is compared sequentially with the authorities in // each configuration source in *config_sources*. The first *ConfigSource* // to match wins. // 4. As a fallback, if no configuration source matches, then // *default_config_source* is used. // 5. If *default_config_source* is not specified, resolution fails. // [#not-implemented-hide:] repeated core.v3.ConfigSource config_sources = 22; // Default configuration source for *udpa.core.v1.ResourceLocator* if all // other resolution fails. // [#not-implemented-hide:] core.v3.ConfigSource default_config_source = 23; // Optional overriding of default socket interface. The value must be the name of one of the // socket interface factories initialized through a bootstrap extension string default_socket_interface = 24; // Global map of CertificateProvider instances. These instances are referred to by name in the // :ref:`CommonTlsContext.CertificateProviderInstance.instance_name // ` // field. // [#not-implemented-hide:] map certificate_provider_instances = 25; Runtime hidden_envoy_deprecated_runtime = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Administration interface :ref:`operations documentation // `. message Admin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Admin"; // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. core.v3.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v3.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.ClusterManager"; message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.ClusterManager.OutlierDetection"; // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. core.v3.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. core.v3.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. core.v3.ApiConfigSource load_stats_config = 4; } // Allows you to specify different watchdog configs for different subsystems. // This allows finer tuned policies for the watchdog. If a subsystem is omitted // the default values for that system will be used. message Watchdogs { // Watchdog for the main thread. Watchdog main_thread_watchdog = 1; // Watchdog for the worker threads. Watchdog worker_watchdog = 2; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. // [#next-free-field: 8] message Watchdog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Watchdog"; message WatchdogAction { // The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS. // Within an event type, actions execute in the order they are configured. // For KILL/MULTIKILL there is a default PANIC that will run after the // registered actions and kills the process if it wasn't already killed. // It might be useful to specify several debug actions, and possibly an // alternate FATAL action. enum WatchdogEvent { UNKNOWN = 0; KILL = 1; MULTIKILL = 2; MEGAMISS = 3; MISS = 4; } // Extension specific configuration for the action. core.v3.TypedExtensionConfig config = 1; WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}]; } // Register actions that will fire on given WatchDog events. // See *WatchDogAction* for priority of events. repeated WatchdogAction actions = 7; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // Defines the maximum jitter used to adjust the *kill_timeout* if *kill_timeout* is // enabled. Enabling this feature would help to reduce risk of synchronized // watchdog kill events across proxies due to external triggers. Set to 0 to // disable. If not specified the default is 0 (disabled). google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}]; // If max(2, ceil(registered_threads * Fraction(*multikill_threshold*))) // threads have been nonresponsive for at least this duration kill the entire // Envoy process. Set to 0 to disable this behavior. If not specified the // default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; // Sets the threshold for *multikill_timeout* in terms of the percentage of // nonresponsive threads required for the *multikill_timeout*. // If not specified the default is 0. type.v3.Percent multikill_threshold = 5; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Runtime"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer"; // :ref:`Disk runtime ` layer. message DiskLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.DiskLayer"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.AdminLayer"; } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.RuntimeLayer.RtdsLayer"; // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for RTDS layer. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rtds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // RTDS configuration source. core.v3.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.LayeredRuntime"; // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/bootstrap/v3:pkg", "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/listener/v4alpha:pkg", "//envoy/config/metrics/v4alpha:pkg", "//envoy/config/overload/v3:pkg", "//envoy/config/trace/v4alpha:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/bootstrap/v4alpha/bootstrap.proto ================================================ syntax = "proto3"; package envoy.config.bootstrap.v4alpha; import "envoy/config/cluster/v4alpha/cluster.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/listener.proto"; import "envoy/config/metrics/v4alpha/stats.proto"; import "envoy/config/overload/v3/overload.proto"; import "envoy/config/trace/v4alpha/http_tracer.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.bootstrap.v4alpha"; option java_outer_classname = "BootstrapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Bootstrap] // This proto is supplied via the :option:`-c` CLI flag and acts as the root // of the Envoy v2 configuration. See the :ref:`v2 configuration overview // ` for more detail. // Bootstrap :ref:`configuration overview `. // [#next-free-field: 28] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap"; message StaticResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap.StaticResources"; // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. repeated listener.v4alpha.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary // to have some initial cluster definitions available to allow Envoy to know // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). repeated cluster.v4alpha.Cluster clusters = 2; // These static secrets can be used by :ref:`SdsSecretConfig // ` repeated envoy.extensions.transport_sockets.tls.v4alpha.Secret secrets = 3; } // [#next-free-field: 7] message DynamicResources { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap.DynamicResources"; reserved 4; // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. core.v4alpha.ConfigSource lds_config = 1; // Resource locator for listener collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator lds_resources_locator = 5; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. core.v4alpha.ConfigSource cds_config = 2; // Resource locator for cluster collection. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator cds_resources_locator = 6; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type // ` :ref:`GRPC // `. Only // :ref:`ConfigSources ` that have // the :ref:`ads ` field set will be // streamed on the ADS channel. core.v4alpha.ApiConfigSource ads_config = 3; } reserved 10, 11; reserved "runtime"; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). core.v4alpha.Node node = 1; // A list of :ref:`Node ` field names // that will be included in the context parameters of the effective // *UdpaResourceLocator* that is sent in a discovery request when resource // locators are used for LDS/CDS. Any non-string field will have its JSON // encoding set as the context parameter value, with the exception of // metadata, which will be flattened (see example below). The supported field // names are: // - "cluster" // - "id" // - "locality.region" // - "locality.sub_zone" // - "locality.zone" // - "metadata" // - "user_agent_build_version.metadata" // - "user_agent_build_version.version" // - "user_agent_name" // - "user_agent_version" // // The node context parameters act as a base layer dictionary for the context // parameters (i.e. more specific resource specific context parameters will // override). Field names will be prefixed with “udpa.node.” when included in // context parameters. // // For example, if node_context_params is ``["user_agent_name", "metadata"]``, // the implied context parameters might be:: // // node.user_agent_name: "envoy" // node.metadata.foo: "{\"bar\": \"baz\"}" // node.metadata.some: "42" // node.metadata.thing: "\"thing\"" // // [#not-implemented-hide:] repeated string node_context_params = 26; // Statically specified resources. StaticResources static_resources = 2; // xDS configuration sources. DynamicResources dynamic_resources = 3; // Configuration for the cluster manager which owns all upstream clusters // within the server. ClusterManager cluster_manager = 4; // Health discovery service config option. // (:ref:`core.ApiConfigSource `) core.v4alpha.ApiConfigSource hds_config = 14; // Optional file system path to search for startup flag files. string flags_path = 5; // Optional set of stats sinks. repeated metrics.v4alpha.StatsSink stats_sinks = 6; // Configuration for internal processing of stats. metrics.v4alpha.StatsConfig stats_config = 13; // Optional duration between flushes to configured stats sinks. For // performance reasons Envoy latches counters and only flushes counters and // gauges at a periodic interval. If not specified the default is 5000ms (5 // seconds). // Duration must be at least 1ms and at most 5 min. google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = { lt {seconds: 300} gte {nanos: 1000000} }]; // Optional watchdog configuration. // This is for a single watchdog configuration for the entire system. // Deprecated in favor of *watchdogs* which has finer granularity. Watchdog hidden_envoy_deprecated_watchdog = 8 [deprecated = true]; // Optional watchdogs configuration. // This is used for specifying different watchdogs for the different subsystems. Watchdogs watchdogs = 27; // Configuration for an external tracing provider. // // .. attention:: // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider // `. trace.v4alpha.Tracing hidden_envoy_deprecated_tracing = 9 [deprecated = true]; // Configuration for the runtime configuration provider. If not // specified, a “null” provider will be used which will result in all defaults // being used. LayeredRuntime layered_runtime = 17; // Configuration for the local administration HTTP server. Admin admin = 12; // Optional overload manager configuration. overload.v3.OverloadManager overload_manager = 15 [ (udpa.annotations.security).configure_for_untrusted_downstream = true, (udpa.annotations.security).configure_for_untrusted_upstream = true ]; // Enable :ref:`stats for event dispatcher `, defaults to false. // Note that this records a value for each iteration of the event loop on every thread. This // should normally be minimal overhead, but when using // :ref:`statsd `, it will send each observed value // over the wire individually because the statsd protocol doesn't have any way to represent a // histogram summary. Be aware that this can be a very large volume of data. bool enable_dispatcher_stats = 16; // Optional string which will be used in lieu of x-envoy in prefixing headers. // // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be // transformed into x-foo-retry-on etc. // // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the // headers Envoy will trust for core code and core extensions only. Be VERY careful making // changes to this string, especially in multi-layer Envoy deployments or deployments using // extensions which are not upstream. string header_prefix = 18; // Optional proxy version which will be used to set the value of :ref:`server.version statistic // ` if specified. Envoy will not process this value, it will be sent as is to // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; // Always use TCP queries instead of UDP queries for DNS lookups. // This may be overridden on a per-cluster basis in cds_config, // when :ref:`dns_resolvers ` and // :ref:`use_tcp_for_dns_lookups ` are // specified. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 20; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. repeated core.v4alpha.TypedExtensionConfig bootstrap_extensions = 21; // Configuration sources that will participate in // *udpa.core.v1.ResourceLocator* authority resolution. The algorithm is as // follows: // 1. The authority field is taken from the *udpa.core.v1.ResourceLocator*, call // this *resource_authority*. // 2. *resource_authority* is compared against the authorities in any peer // *ConfigSource*. The peer *ConfigSource* is the configuration source // message which would have been used unconditionally for resolution // with opaque resource names. If there is a match with an authority, the // peer *ConfigSource* message is used. // 3. *resource_authority* is compared sequentially with the authorities in // each configuration source in *config_sources*. The first *ConfigSource* // to match wins. // 4. As a fallback, if no configuration source matches, then // *default_config_source* is used. // 5. If *default_config_source* is not specified, resolution fails. // [#not-implemented-hide:] repeated core.v4alpha.ConfigSource config_sources = 22; // Default configuration source for *udpa.core.v1.ResourceLocator* if all // other resolution fails. // [#not-implemented-hide:] core.v4alpha.ConfigSource default_config_source = 23; // Optional overriding of default socket interface. The value must be the name of one of the // socket interface factories initialized through a bootstrap extension string default_socket_interface = 24; // Global map of CertificateProvider instances. These instances are referred to by name in the // :ref:`CommonTlsContext.CertificateProviderInstance.instance_name // ` // field. // [#not-implemented-hide:] map certificate_provider_instances = 25; } // Administration interface :ref:`operations documentation // `. message Admin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Admin"; // The path to write the access log for the administration server. If no // access log is desired specify ‘/dev/null’. This is only required if // :ref:`address ` is set. string access_log_path = 1; // The cpu profiler output path for the administration server. If no profile // path is specified, the default is ‘/var/log/envoy/envoy.prof’. string profile_path = 2; // The TCP address that the administration server will listen on. // If not specified, Envoy will not start an administration server. core.v4alpha.Address address = 3; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v4alpha.SocketOption socket_options = 4; } // Cluster manager :ref:`architecture overview `. message ClusterManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.ClusterManager"; message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.ClusterManager.OutlierDetection"; // Specifies the path to the outlier event log. string event_log_path = 1; // [#not-implemented-hide:] // The gRPC service for the outlier detection event service. // If empty, outlier detection events won't be sent to a remote endpoint. core.v4alpha.EventServiceConfig event_service = 2; } // Name of the local cluster (i.e., the cluster that owns the Envoy running // this configuration). In order to enable :ref:`zone aware routing // ` this option must be set. // If *local_cluster_name* is defined then :ref:`clusters // ` must be defined in the :ref:`Bootstrap // static cluster resources // `. This is unrelated to // the :option:`--service-cluster` option which does not `affect zone aware // routing `_. string local_cluster_name = 1; // Optional global configuration for outlier detection. OutlierDetection outlier_detection = 2; // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. core.v4alpha.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via // *StreamLoadStats*. This must have :ref:`api_type // ` :ref:`GRPC // `. core.v4alpha.ApiConfigSource load_stats_config = 4; } // Allows you to specify different watchdog configs for different subsystems. // This allows finer tuned policies for the watchdog. If a subsystem is omitted // the default values for that system will be used. message Watchdogs { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdogs"; // Watchdog for the main thread. Watchdog main_thread_watchdog = 1; // Watchdog for the worker threads. Watchdog worker_watchdog = 2; } // Envoy process watchdog configuration. When configured, this monitors for // nonresponsive threads and kills the process after the configured thresholds. // See the :ref:`watchdog documentation ` for more information. // [#next-free-field: 8] message Watchdog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdog"; message WatchdogAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Watchdog.WatchdogAction"; // The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS. // Within an event type, actions execute in the order they are configured. // For KILL/MULTIKILL there is a default PANIC that will run after the // registered actions and kills the process if it wasn't already killed. // It might be useful to specify several debug actions, and possibly an // alternate FATAL action. enum WatchdogEvent { UNKNOWN = 0; KILL = 1; MULTIKILL = 2; MEGAMISS = 3; MISS = 4; } // Extension specific configuration for the action. core.v4alpha.TypedExtensionConfig config = 1; WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}]; } // Register actions that will fire on given WatchDog events. // See *WatchDogAction* for priority of events. repeated WatchdogAction actions = 7; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_miss* statistic. If not specified the default is 200ms. google.protobuf.Duration miss_timeout = 1; // The duration after which Envoy counts a nonresponsive thread in the // *watchdog_mega_miss* statistic. If not specified the default is // 1000ms. google.protobuf.Duration megamiss_timeout = 2; // If a watched thread has been nonresponsive for this duration, assume a // programming error and kill the entire Envoy process. Set to 0 to disable // kill behavior. If not specified the default is 0 (disabled). google.protobuf.Duration kill_timeout = 3; // Defines the maximum jitter used to adjust the *kill_timeout* if *kill_timeout* is // enabled. Enabling this feature would help to reduce risk of synchronized // watchdog kill events across proxies due to external triggers. Set to 0 to // disable. If not specified the default is 0 (disabled). google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}]; // If max(2, ceil(registered_threads * Fraction(*multikill_threshold*))) // threads have been nonresponsive for at least this duration kill the entire // Envoy process. Set to 0 to disable this behavior. If not specified the // default is 0 (disabled). google.protobuf.Duration multikill_timeout = 4; // Sets the threshold for *multikill_timeout* in terms of the percentage of // nonresponsive threads required for the *multikill_timeout*. // If not specified the default is 0. type.v3.Percent multikill_threshold = 5; } // Runtime :ref:`configuration overview ` (deprecated). message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Runtime"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. Envoy // will watch the location for changes and reload the file system tree when // they happen. If this parameter is not set, there will be no disk based // runtime. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 2; // Specifies an optional subdirectory to load within the root directory. If // specified and the directory exists, configuration values within this // directory will override those found in the primary subdirectory. This is // useful when Envoy is deployed across many different types of servers. // Sometimes it is useful to have a per service cluster directory for runtime // configuration. See below for exactly how the override directory is used. string override_subdirectory = 3; // Static base runtime. This will be :ref:`overridden // ` by other runtime layers, e.g. // disk or admin. This follows the :ref:`runtime protobuf JSON representation // encoding `. google.protobuf.Struct base = 4; } // [#next-free-field: 6] message RuntimeLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer"; // :ref:`Disk runtime ` layer. message DiskLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.DiskLayer"; // The implementation assumes that the file system tree is accessed via a // symbolic link. An atomic link swap is used when a new tree should be // switched to. This parameter specifies the path to the symbolic link. // Envoy will watch the location for changes and reload the file system tree // when they happen. See documentation on runtime :ref:`atomicity // ` for further details on how reloads are // treated. string symlink_root = 1; // Specifies the subdirectory to load within the root directory. This is // useful if multiple systems share the same delivery mechanism. Envoy // configuration elements can be contained in a dedicated subdirectory. string subdirectory = 3; // :ref:`Append ` the // service cluster to the path under symlink root. bool append_service_cluster = 2; } // :ref:`Admin console runtime ` layer. message AdminLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.AdminLayer"; } // :ref:`Runtime Discovery Service (RTDS) ` layer. message RtdsLayer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.RuntimeLayer.RtdsLayer"; oneof name_specifier { // Resource to subscribe to at *rtds_config* for the RTDS layer. string name = 1; // Resource locator for RTDS layer. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rtds_resource_locator = 3; } // RTDS configuration source. core.v4alpha.ConfigSource rtds_config = 2; } // Descriptive name for the runtime layer. This is only used for the runtime // :http:get:`/runtime` output. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof layer_specifier { option (validate.required) = true; // :ref:`Static runtime ` layer. // This follows the :ref:`runtime protobuf JSON representation encoding // `. Unlike static xDS resources, this static // layer is overridable by later layers in the runtime virtual filesystem. google.protobuf.Struct static_layer = 2; DiskLayer disk_layer = 3; AdminLayer admin_layer = 4; RtdsLayer rtds_layer = 5; } } // Runtime :ref:`configuration overview `. message LayeredRuntime { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.LayeredRuntime"; // The :ref:`layers ` of the runtime. This is ordered // such that later layers in the list overlay earlier entries. repeated RuntimeLayer layers = 1; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/aggregate/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/cluster/aggregate/v2alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.aggregate.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.aggregate.v2alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.clusters.aggregate.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Aggregate cluster configuration] // Configuration for the aggregate cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.aggregate] message ClusterConfig { // Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they // appear in this list. repeated string clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/cluster/dynamic_forward_proxy/v2alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.dynamic_forward_proxy.v2alpha; import "envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.clusters.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy cluster configuration] // Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.dynamic_forward_proxy] message ClusterConfig { // The DNS cache configuration that the cluster will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy HTTP filter configuration // `. common.dynamic_forward_proxy.v2alpha.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/redis/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/cluster/redis/redis_cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.redis; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.redis"; option java_outer_classname = "RedisClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Redis Cluster Configuration] // This cluster adds support for `Redis Cluster `_, as part // of :ref:`Envoy's support for Redis Cluster `. // // Redis Cluster is an extension of Redis which supports sharding and high availability (where a // shard that loses its primary fails over to a replica, and designates it as the new primary). // However, as there is no unified frontend or proxy service in front of Redis Cluster, the client // (in this case Envoy) must locally maintain the state of the Redis Cluster, specifically the // topology. A random node in the cluster is queried for the topology using the `CLUSTER SLOTS // command `_. This result is then stored locally, and // updated at user-configured intervals. // // Additionally, if // :ref:`enable_redirection` // is true, then moved and ask redirection errors from upstream servers will trigger a topology // refresh when they exceed a user-configured error threshold. // // Example: // // .. code-block:: yaml // // name: name // connect_timeout: 0.25s // dns_lookup_family: V4_ONLY // hosts: // - socket_address: // address: foo.bar.com // port_value: 22120 // cluster_type: // name: envoy.clusters.redis // typed_config: // "@type": type.googleapis.com/google.protobuf.Struct // value: // cluster_refresh_rate: 30s // cluster_refresh_timeout: 0.5s // redirect_refresh_interval: 10s // redirect_refresh_threshold: 10 // [#extension: envoy.clusters.redis] // [#next-free-field: 7] message RedisClusterConfig { // Interval between successive topology refresh requests. If not set, this defaults to 5s. google.protobuf.Duration cluster_refresh_rate = 1 [(validate.rules).duration = {gt {}}]; // Timeout for topology refresh request. If not set, this defaults to 3s. google.protobuf.Duration cluster_refresh_timeout = 2 [(validate.rules).duration = {gt {}}]; // The minimum interval that must pass after triggering a topology refresh request before a new // request can possibly be triggered again. Any errors received during one of these // time intervals are ignored. If not set, this defaults to 5s. google.protobuf.Duration redirect_refresh_interval = 3; // The number of redirection errors that must be received before // triggering a topology refresh request. If not set, this defaults to 5. // If this is set to 0, topology refresh after redirect is disabled. google.protobuf.UInt32Value redirect_refresh_threshold = 4; // The number of failures that must be received before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to failure. uint32 failure_refresh_threshold = 5; // The number of hosts became degraded or unhealthy before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to degraded or // unhealthy host. uint32 host_degraded_refresh_threshold = 6; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/cluster:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/cluster/v3/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers"; // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers.Thresholds"; message RetryBudget { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget"; // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.v3.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.v3.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "envoy/config/cluster/v3/circuit_breaker.proto"; import "envoy/config/cluster/v3/filter.proto"; import "envoy/config/cluster/v3/outlier_detection.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/core/v3/protocol.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/extensions/transport_sockets/tls/v3/tls.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Cluster configuration] // Cluster list collections. Entries are *Cluster* resources or references. // [#not-implemented-hide:] message ClusterCollection { udpa.core.v1.CollectionEntry entries = 1; } // Configuration for a single upstream cluster. // [#next-free-field: 53] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster"; // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; hidden_envoy_deprecated_ORIGINAL_DST_LB = 4 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.TransportSocketMatch"; // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.v3.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CustomClusterType"; // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_len: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.EdsClusterConfig"; // Configuration for the source of EDS updates for this Cluster. core.v3.ConfigSource eds_config = 1; // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for EDS. This is mutually exclusive to *service_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator eds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LbSubsetConfig"; // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector"; // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // Selects a mode of operation in which each subset has only one host. This mode uses the same rules for // choosing a host, but updating hosts is faster, especially for large numbers of hosts. // // If a match is found to a host, that host will be used regardless of priority levels, unless the host is unhealthy. // // Currently, this mode is only supported if `subset_selectors` has only one entry, and `keys` contains // only one entry. // // When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in `keys` // will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge // :ref:`lb_subsets_single_host_per_subset_duplicate` indicates how many duplicates are // present in the current configuration. bool single_host_per_subset = 4; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.LeastRequestLbConfig"; // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; // The following formula is used to calculate the dynamic weights when hosts have different load // balancing weights: // // `weight = load_balancing_weight / (active_requests + 1)^active_request_bias` // // The larger the active request bias is, the more aggressively active requests will lower the // effective weight when all host weights are not equal. // // `active_request_bias` must be greater than or equal to 0.0. // // When `active_request_bias == 0.0` the Least Request Load Balancer doesn't consider the number // of active requests at the time it picks a host and behaves like the Round Robin Load // Balancer. // // When `active_request_bias > 0.0` the Least Request Load Balancer scales the load balancing // weight by the number of active requests at the time it does a pick. // // The value is cached for performance reasons and refreshed whenever one of the Load Balancer's // host sets changes, e.g., whenever there is a host membership update or a host load balancing // weight change. // // .. note:: // This setting only takes effect if all host weights are not equal. core.v3.RuntimeDouble active_request_bias = 2; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RingHashLbConfig"; // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the :ref:`Maglev` // load balancing policy. message MaglevLbConfig { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. // The table size must be prime number. If it is not specified, the default is 65537. google.protobuf.UInt64Value table_size = 1; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.OriginalDstLbConfig"; // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig"; // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig"; // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.v3.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.LocalityWeightedLbConfig"; } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.CommonLbConfig.ConsistentHashingLbConfig"; // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; // Configures percentage of average cluster load to bound per upstream host. For example, with a value of 150 // no upstream host will get a load more than 1.5 times the average load of all the hosts in the cluster. // If not specified, the load is not bounded for any upstream host. Typical value for this parameter is between 120 and 200. // Minimum is 100. // // Applies to both Ring Hash and Maglev load balancers. // // This is implemented based on the method described in the paper https://arxiv.org/abs/1608.01350. For the specified // `hash_balance_factor`, requests to any upstream host are capped at `hash_balance_factor/100` times the average number of requests // across the cluster. When a request arrives for an upstream host that is currently serving at its max capacity, linear probing // is used to identify an eligible host. Further, the linear probe is implemented using a random jump in hosts ring/table to identify // the eligible host (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump avoids the // cascading overflow effect when choosing the next host in the ring/table). // // If weights are specified on the hosts, they are respected. // // This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` results in more hosts // being probed, so use a higher value if you require better performance. google.protobuf.UInt32Value hash_balance_factor = 2 [(validate.rules).uint32 = {gte: 100}]; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.v3.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate"; // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } // [#not-implemented-hide:] message PrefetchPolicy { // Indicates how many streams (rounded up) can be anticipated per-upstream for each // incoming stream. This is useful for high-QPS or latency-sensitive services. Prefetching // will only be done if the upstream is healthy. // // For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be // established, one for the new incoming stream, and one for a presumed follow-up stream. For // HTTP/2, only one connection would be established by default as one connection can // serve both the original and presumed follow-up stream. // // In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100 // active streams, there would be 100 connections in use, and 50 connections prefetched. // This might be a useful value for something like short lived single-use connections, // for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection // termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP // or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more // reasonable, where for every 100 connections, 5 prefetched connections would be in the queue // in case of unexpected disconnects where the connection could not be reused. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight. This means in steady state if a connection is torn down, // a subsequent streams will pay an upstream-rtt latency penalty waiting for streams to be // prefetched. // // This is limited somewhat arbitrarily to 3 because prefetching connections too aggressively can // harm latency more than the prefetching helps. google.protobuf.DoubleValue per_upstream_prefetch_ratio = 1 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; // Indicates how many many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). // Unlike per_upstream_prefetch_ratio this prefetches across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. // // For example if prefetching is set to 2 for a round robin HTTP/2 cluster, on the first // incoming stream, 2 connections will be prefetched - one to the first upstream for this // cluster, one to the second on the assumption there will be a follow-up stream. // // Prefetching will be limited to one prefetch per configured upstream in the cluster. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight, so during warm up and in steady state if a connection // is closed (and per_upstream_prefetch_ratio is not set), there will be a latency hit for // connection establishment. // // If both this and prefetch_ratio are set, Envoy will make sure both predicted needs are met, // basically prefetching max(predictive-prefetch, per-upstream-prefetch), for each upstream. // TODO(alyssawilk) per LB docs and LB overview docs when unhiding. google.protobuf.DoubleValue predictive_prefetch_ratio = 2 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } reserved 12, 15; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // This field can be used to specify custom transport socket configurations for health // checks by adding matching key/value pairs in a health check's // :ref:`transport socket match criteria ` field. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_len: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The :ref:`load balancer type ` to use // when picking a host in the cluster. // [#comment:TODO: Remove enum constraint :ref:`LOAD_BALANCING_POLICY_CONFIG` when implemented.] LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true not_in: 7}]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // endpoint.v3.ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.v3.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. CircuitBreakers circuit_breakers = 10; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.v3.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.v3.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.v3.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.v3.Http2ProtocolOptions http2_protocol_options = 14 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.v3.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.v3.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH`, // :ref:`MAGLEV` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or maglev_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Maglev load balancing policy. MaglevLbConfig maglev_lb_config = 52; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v3.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.v3.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool ignore_health_on_host_removal = 32; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.v3.ConfigSource lrs_server = 42; // If track_timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. // // .. attention:: // // This field has been deprecated in favor of `timeout_budgets`, part of // :ref:`track_cluster_stats `. bool track_timeout_budgets = 47 [deprecated = true]; // Optional customization and configuration of upstream connection pool, and upstream type. // // Currently this field only applies for HTTP traffic but is designed for eventual use for custom // TCP upstreams. // // For HTTP traffic, Envoy will generally take downstream HTTP and send it upstream as upstream // HTTP, using the http connection pool and the codec from `http2_protocol_options` // // For routes where CONNECT termination is configured, Envoy will take downstream CONNECT // requests and forward the CONNECT payload upstream over raw TCP using the tcp connection pool. // // The default pool used is the generic connection pool which creates the HTTP upstream for most // HTTP requests, and the TCP upstream if CONNECT termination is configured. // // If users desire custom connection pool or upstream behavior, for example terminating // CONNECT only if a custom filter indicates it is appropriate, the custom factories // can be registered and configured here. core.v3.TypedExtensionConfig upstream_config = 48; // Configuration to track optional cluster stats. TrackClusterStats track_cluster_stats = 49; // [#not-implemented-hide:] // Prefetch configuration for this cluster. PrefetchPolicy prefetch_policy = 50; // If `connection_pool_per_downstream_connection` is true, the cluster will use a separate // connection pool for every downstream connection bool connection_pool_per_downstream_connection = 51; repeated core.v3.Address hidden_envoy_deprecated_hosts = 7 [deprecated = true]; envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext hidden_envoy_deprecated_tls_context = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; map hidden_envoy_deprecated_extension_protocol_options = 35 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LoadBalancingPolicy"; message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LoadBalancingPolicy.Policy"; // Required. The name of the LB policy. string name = 1; google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.UpstreamBindConfig"; // The address Envoy should bind to when establishing upstream connections. core.v3.Address source_address = 1; } message UpstreamConnectionOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.UpstreamConnectionOptions"; // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.v3.TcpKeepalive tcp_keepalive = 1; } message TrackClusterStats { // If timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool timeout_budgets = 1; // If request_response_sizes is true, then the :ref:`histograms // ` tracking header and body sizes // of requests and responses will be published. bool request_response_sizes = 2; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v3/filter.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.Filter"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v3/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v3"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.OutlierDetection"; // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/cluster/v4alpha/circuit_breaker.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "CircuitBreakerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be // specified individually for each defined priority. message CircuitBreakers { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers"; // A Thresholds defines CircuitBreaker settings for a // :ref:`RoutingPriority`. // [#next-free-field: 9] message Thresholds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers.Thresholds"; message RetryBudget { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget"; // Specifies the limit on concurrent retries as a percentage of the sum of active requests and // active pending requests. For example, if there are 100 active requests and the // budget_percent is set to 25, there may be 25 active retries. // // This parameter is optional. Defaults to 20%. type.v3.Percent budget_percent = 1; // Specifies the minimum retry concurrency allowed for the retry budget. The limit on the // number of active retries may never go below this number. // // This parameter is optional. Defaults to 3. google.protobuf.UInt32Value min_retry_concurrency = 2; } // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. core.v4alpha.RoutingPriority priority = 1 [(validate.rules).enum = {defined_only: true}]; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_connections = 2; // The maximum number of pending requests that Envoy will allow to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 3; // The maximum number of parallel requests that Envoy will make to the // upstream cluster. If not specified, the default is 1024. google.protobuf.UInt32Value max_requests = 4; // The maximum number of parallel retries that Envoy will allow to the // upstream cluster. If not specified, the default is 3. google.protobuf.UInt32Value max_retries = 5; // Specifies a limit on concurrent retries in relation to the number of active requests. This // parameter is optional. // // .. note:: // // If this field is set, the retry budget will override any configured retry circuit // breaker. RetryBudget retry_budget = 8; // If track_remaining is true, then stats will be published that expose // the number of resources remaining until the circuit breakers open. If // not specified, the default is false. // // .. note:: // // If a retry budget is used in lieu of the max_retries circuit breaker, // the remaining retry resources remaining will not be tracked. bool track_remaining = 6; // The maximum number of connection pools per cluster that Envoy will concurrently support at // once. If not specified, the default is unlimited. Set this for clusters which create a // large number of connection pools. See // :ref:`Circuit Breaking ` for // more details. google.protobuf.UInt32Value max_connection_pools = 7; } // If multiple :ref:`Thresholds` // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v4alpha/cluster.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "envoy/config/cluster/v4alpha/circuit_breaker.proto"; import "envoy/config/cluster/v4alpha/filter.proto"; import "envoy/config/cluster/v4alpha/outlier_detection.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Cluster configuration] // Cluster list collections. Entries are *Cluster* resources or references. // [#not-implemented-hide:] message ClusterCollection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.ClusterCollection"; udpa.core.v1.CollectionEntry entries = 1; } // Configuration for a single upstream cluster. // [#next-free-field: 53] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster"; // Refer to :ref:`service discovery type ` // for an explanation on each type. enum DiscoveryType { // Refer to the :ref:`static discovery type` // for an explanation. STATIC = 0; // Refer to the :ref:`strict DNS discovery // type` // for an explanation. STRICT_DNS = 1; // Refer to the :ref:`logical DNS discovery // type` // for an explanation. LOGICAL_DNS = 2; // Refer to the :ref:`service discovery type` // for an explanation. EDS = 3; // Refer to the :ref:`original destination discovery // type` // for an explanation. ORIGINAL_DST = 4; } // Refer to :ref:`load balancer type ` architecture // overview section for information on each type. enum LbPolicy { reserved 4; reserved "ORIGINAL_DST_LB"; // Refer to the :ref:`round robin load balancing // policy` // for an explanation. ROUND_ROBIN = 0; // Refer to the :ref:`least request load balancing // policy` // for an explanation. LEAST_REQUEST = 1; // Refer to the :ref:`ring hash load balancing // policy` // for an explanation. RING_HASH = 2; // Refer to the :ref:`random load balancing // policy` // for an explanation. RANDOM = 3; // Refer to the :ref:`Maglev load balancing policy` // for an explanation. MAGLEV = 5; // This load balancer type must be specified if the configured cluster provides a cluster // specific load balancer. Consult the configured cluster's documentation for whether to set // this option or not. CLUSTER_PROVIDED = 6; // [#not-implemented-hide:] Use the new :ref:`load_balancing_policy // ` field to determine the LB policy. // [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field // and instead using the new load_balancing_policy field as the one and only mechanism for // configuring this.] LOAD_BALANCING_POLICY_CONFIG = 7; } // When V4_ONLY is selected, the DNS resolver will only perform a lookup for // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will // only perform a lookup for addresses in the IPv6 family. If AUTO is // specified, the DNS resolver will first perform a lookup for addresses in // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. // For cluster types other than // :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS`, // this setting is // ignored. enum DnsLookupFamily { AUTO = 0; V4_ONLY = 1; V6_ONLY = 2; } enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). // If :ref:`http2_protocol_options ` are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. USE_DOWNSTREAM_PROTOCOL = 1; } // TransportSocketMatch specifies what transport socket config will be used // when the match conditions are satisfied. message TransportSocketMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.TransportSocketMatch"; // The name of the match, used in stats generation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria. // The connection to the endpoint with metadata matching what is set in this field // will use the transport socket configuration specified here. // The endpoint's metadata entry in *envoy.transport_socket_match* is used to match // against the values specified in this field. google.protobuf.Struct match = 2; // The configuration of the transport socket. core.v4alpha.TransportSocket transport_socket = 3; } // Extended cluster type. message CustomClusterType { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CustomClusterType"; // The type of the cluster to instantiate. The name must match a supported cluster type. string name = 1 [(validate.rules).string = {min_len: 1}]; // Cluster specific configuration which depends on the cluster being instantiated. // See the supported cluster for further documentation. google.protobuf.Any typed_config = 2; } // Only valid when discovery type is EDS. message EdsClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.EdsClusterConfig"; // Configuration for the source of EDS updates for this Cluster. core.v4alpha.ConfigSource eds_config = 1; oneof name_specifier { // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary // length. string service_name = 2; // Resource locator for EDS. This is mutually exclusive to *service_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator eds_resource_locator = 3; } } // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. // [#next-free-field: 8] message LbSubsetConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LbSubsetConfig"; // If NO_FALLBACK is selected, a result // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, // any cluster endpoint may be returned (subject to policy, health checks, // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. enum LbSubsetFallbackPolicy { NO_FALLBACK = 0; ANY_ENDPOINT = 1; DEFAULT_SUBSET = 2; } // Specifications for subsets. message LbSubsetSelector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector"; // Allows to override top level fallback policy per selector. enum LbSubsetSelectorFallbackPolicy { // If NOT_DEFINED top level config fallback policy is used instead. NOT_DEFINED = 0; // If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported. NO_FALLBACK = 1; // If ANY_ENDPOINT is selected, any cluster endpoint may be returned // (subject to policy, health checks, etc). ANY_ENDPOINT = 2; // If DEFAULT_SUBSET is selected, load balancing is performed over the // endpoints matching the values from the default_subset field. DEFAULT_SUBSET = 3; // If KEYS_SUBSET is selected, subset selector matching is performed again with metadata // keys reduced to // :ref:`fallback_keys_subset`. // It allows for a fallback to a different, less specific selector if some of the keys of // the selector are considered optional. KEYS_SUBSET = 4; } // List of keys to match with the weighted cluster metadata. repeated string keys = 1; // Selects a mode of operation in which each subset has only one host. This mode uses the same rules for // choosing a host, but updating hosts is faster, especially for large numbers of hosts. // // If a match is found to a host, that host will be used regardless of priority levels, unless the host is unhealthy. // // Currently, this mode is only supported if `subset_selectors` has only one entry, and `keys` contains // only one entry. // // When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in `keys` // will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge // :ref:`lb_subsets_single_host_per_subset_duplicate` indicates how many duplicates are // present in the current configuration. bool single_host_per_subset = 4; // The behavior used when no endpoint subset matches the selected route's // metadata. LbSubsetSelectorFallbackPolicy fallback_policy = 2 [(validate.rules).enum = {defined_only: true}]; // Subset of // :ref:`keys` used by // :ref:`KEYS_SUBSET` // fallback policy. // It has to be a non empty list if KEYS_SUBSET fallback policy is selected. // For any other fallback policy the parameter is not used and should not be set. // Only values also present in // :ref:`keys` are allowed, but // `fallback_keys_subset` cannot be equal to `keys`. repeated string fallback_keys_subset = 3; } // The behavior used when no endpoint subset matches the selected route's // metadata. The value defaults to // :ref:`NO_FALLBACK`. LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum = {defined_only: true}]; // Specifies the default subset of endpoints used during fallback if // fallback_policy is // :ref:`DEFAULT_SUBSET`. // Each field in default_subset is // compared to the matching LbEndpoint.Metadata under the *envoy.lb* // namespace. It is valid for no hosts to match, in which case the behavior // is the same as a fallback_policy of // :ref:`NO_FALLBACK`. google.protobuf.Struct default_subset = 2; // For each entry, LbEndpoint.Metadata's // *envoy.lb* namespace is traversed and a subset is created for each unique // combination of key and value. For example: // // .. code-block:: json // // { "subset_selectors": [ // { "keys": [ "version" ] }, // { "keys": [ "stage", "hardware_type" ] } // ]} // // A subset is matched when the metadata from the selected route and // weighted cluster contains the same keys and values as the subset's // metadata. The same host may appear in multiple subsets. repeated LbSubsetSelector subset_selectors = 3; // If true, routing to subsets will take into account the localities and locality weights of the // endpoints when making the routing decision. // // There are some potential pitfalls associated with enabling this feature, as the resulting // traffic split after applying both a subset match and locality weights might be undesirable. // // Consider for example a situation in which you have 50/50 split across two localities X/Y // which have 100 hosts each without subsetting. If the subset LB results in X having only 1 // host selected but Y having 100, then a lot more load is being dumped on the single host in X // than originally anticipated in the load balancing assignment delivered via EDS. bool locality_weight_aware = 4; // When used with locality_weight_aware, scales the weight of each locality by the ratio // of hosts in the subset vs hosts in the original subset. This aims to even out the load // going to an individual locality if said locality is disproportionately affected by the // subset predicate. bool scale_locality_weight = 5; // If true, when a fallback policy is configured and its corresponding subset fails to find // a host this will cause any host to be selected instead. // // This is useful when using the default subset as the fallback policy, given the default // subset might become empty. With this option enabled, if that happens the LB will attempt // to select a host from the entire cluster. bool panic_mode_any = 6; // If true, metadata specified for a metadata key will be matched against the corresponding // endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value // and any of the elements in the list matches the criteria. bool list_as_any = 7; } // Specific configuration for the LeastRequest load balancing policy. message LeastRequestLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.LeastRequestLbConfig"; // The number of random healthy hosts from which the host with the fewest active requests will // be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set. google.protobuf.UInt32Value choice_count = 1 [(validate.rules).uint32 = {gte: 2}]; // The following formula is used to calculate the dynamic weights when hosts have different load // balancing weights: // // `weight = load_balancing_weight / (active_requests + 1)^active_request_bias` // // The larger the active request bias is, the more aggressively active requests will lower the // effective weight when all host weights are not equal. // // `active_request_bias` must be greater than or equal to 0.0. // // When `active_request_bias == 0.0` the Least Request Load Balancer doesn't consider the number // of active requests at the time it picks a host and behaves like the Round Robin Load // Balancer. // // When `active_request_bias > 0.0` the Least Request Load Balancer scales the load balancing // weight by the number of active requests at the time it does a pick. // // The value is cached for performance reasons and refreshed whenever one of the Load Balancer's // host sets changes, e.g., whenever there is a host membership update or a host load balancing // weight change. // // .. note:: // This setting only takes effect if all host weights are not equal. core.v4alpha.RuntimeDouble active_request_bias = 2; } // Specific configuration for the :ref:`RingHash` // load balancing policy. message RingHashLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.RingHashLbConfig"; // The hash function used to hash hosts onto the ketama ring. enum HashFunction { // Use `xxHash `_, this is the default hash function. XX_HASH = 0; // Use `MurmurHash2 `_, this is compatible with // std:hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled // on Linux and not macOS. MURMUR_HASH_2 = 1; } reserved 2; // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // provided host) the better the request distribution will reflect the desired weights. Defaults // to 1024 entries, and limited to 8M entries. See also // :ref:`maximum_ring_size`. google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64 = {lte: 8388608}]; // The hash function used to hash hosts onto the ketama ring. The value defaults to // :ref:`XX_HASH`. HashFunction hash_function = 3 [(validate.rules).enum = {defined_only: true}]; // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered // to further constrain resource use. See also // :ref:`minimum_ring_size`. google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64 = {lte: 8388608}]; } // Specific configuration for the :ref:`Maglev` // load balancing policy. message MaglevLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.MaglevLbConfig"; // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. // The table size must be prime number. If it is not specified, the default is 65537. google.protobuf.UInt64Value table_size = 1; } // Specific configuration for the // :ref:`Original Destination ` // load balancing policy. message OriginalDstLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.OriginalDstLbConfig"; // When true, :ref:`x-envoy-original-dst-host // ` can be used to override destination // address. // // .. attention:: // // This header isn't sanitized by default, so enabling this feature allows HTTP clients to // route traffic to arbitrary hosts and/or ports, which may have serious security // consequences. bool use_http_header = 1; } // Common configuration for all load balancer implementations. // [#next-free-field: 8] message CommonLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig"; // Configuration for :ref:`zone aware routing // `. message ZoneAwareLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig"; // Configures percentage of requests that will be considered for zone aware routing // if zone aware routing is configured. If not specified, the default is 100%. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. type.v3.Percent routing_enabled = 1; // Configures minimum upstream cluster size required for zone aware routing // If upstream cluster size is less than specified, zone aware routing is not performed // even if zone aware routing is configured. If not specified, the default is 6. // * :ref:`runtime values `. // * :ref:`Zone aware routing support `. google.protobuf.UInt64Value min_cluster_size = 2; // If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic // mode`. Instead, the cluster will fail all // requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a // failing service. bool fail_traffic_on_panic = 3; } // Configuration for :ref:`locality weighted load balancing // ` message LocalityWeightedLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.LocalityWeightedLbConfig"; } // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) message ConsistentHashingLbConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfig"; // If set to `true`, the cluster will use hostname instead of the resolved // address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address. bool use_hostname_for_hashing = 1; // Configures percentage of average cluster load to bound per upstream host. For example, with a value of 150 // no upstream host will get a load more than 1.5 times the average load of all the hosts in the cluster. // If not specified, the load is not bounded for any upstream host. Typical value for this parameter is between 120 and 200. // Minimum is 100. // // Applies to both Ring Hash and Maglev load balancers. // // This is implemented based on the method described in the paper https://arxiv.org/abs/1608.01350. For the specified // `hash_balance_factor`, requests to any upstream host are capped at `hash_balance_factor/100` times the average number of requests // across the cluster. When a request arrives for an upstream host that is currently serving at its max capacity, linear probing // is used to identify an eligible host. Further, the linear probe is implemented using a random jump in hosts ring/table to identify // the eligible host (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump avoids the // cascading overflow effect when choosing the next host in the ring/table). // // If weights are specified on the hosts, they are respected. // // This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` results in more hosts // being probed, so use a higher value if you require better performance. google.protobuf.UInt32Value hash_balance_factor = 2 [(validate.rules).uint32 = {gte: 100}]; } // Configures the :ref:`healthy panic threshold `. // If not specified, the default is 50%. // To disable panic mode, set to 0%. // // .. note:: // The specified percent will be truncated to the nearest 1%. type.v3.Percent healthy_panic_threshold = 1; oneof locality_config_specifier { ZoneAwareLbConfig zone_aware_lb_config = 2; LocalityWeightedLbConfig locality_weighted_lb_config = 3; } // If set, all health check/weight/metadata updates that happen within this duration will be // merged and delivered in one shot when the duration expires. The start of the duration is when // the first update happens. This is useful for big clusters, with potentially noisy deploys // that might trigger excessive CPU usage due to a constant stream of healthcheck state changes // or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new // cluster). Please always keep in mind that the use of sandbox technologies may change this // behavior. // // If this is not set, we default to a merge window of 1000ms. To disable it, set the merge // window to 0. // // Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is // because merging those updates isn't currently safe. See // https://github.com/envoyproxy/envoy/pull/3941. google.protobuf.Duration update_merge_window = 4; // If set to true, Envoy will not consider new hosts when computing load balancing weights until // they have been health checked for the first time. This will have no effect unless // active health checking is also configured. // // Ignoring a host means that for any load balancing calculations that adjust weights based // on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and // panic mode) Envoy will exclude these hosts in the denominator. // // For example, with hosts in two priorities P0 and P1, where P0 looks like // {healthy, unhealthy (new), unhealthy (new)} // and where P1 looks like // {healthy, healthy} // all traffic will still hit P0, as 1 / (3 - 2) = 1. // // Enabling this will allow scaling up the number of hosts for a given cluster without entering // panic mode or triggering priority spillover, assuming the hosts pass the first health check. // // If panic mode is triggered, new hosts are still eligible for traffic; they simply do not // contribute to the calculation when deciding whether panic mode is enabled or not. bool ignore_new_hosts_until_first_hc = 5; // If set to `true`, the cluster manager will drain all existing // connections to upstream hosts whenever hosts are added or removed from the cluster. bool close_connections_on_host_set_change = 6; // Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.) ConsistentHashingLbConfig consistent_hashing_lb_config = 7; } message RefreshRate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.RefreshRate"; // Specifies the base interval between refreshes. This parameter is required and must be greater // than zero and less than // :ref:`max_interval `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} }]; // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the // :ref:`base_interval ` if set. The default // is 10 times the :ref:`base_interval `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } // [#not-implemented-hide:] message PrefetchPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster.PrefetchPolicy"; // Indicates how many streams (rounded up) can be anticipated per-upstream for each // incoming stream. This is useful for high-QPS or latency-sensitive services. Prefetching // will only be done if the upstream is healthy. // // For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be // established, one for the new incoming stream, and one for a presumed follow-up stream. For // HTTP/2, only one connection would be established by default as one connection can // serve both the original and presumed follow-up stream. // // In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100 // active streams, there would be 100 connections in use, and 50 connections prefetched. // This might be a useful value for something like short lived single-use connections, // for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection // termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP // or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more // reasonable, where for every 100 connections, 5 prefetched connections would be in the queue // in case of unexpected disconnects where the connection could not be reused. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight. This means in steady state if a connection is torn down, // a subsequent streams will pay an upstream-rtt latency penalty waiting for streams to be // prefetched. // // This is limited somewhat arbitrarily to 3 because prefetching connections too aggressively can // harm latency more than the prefetching helps. google.protobuf.DoubleValue per_upstream_prefetch_ratio = 1 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; // Indicates how many many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). // Unlike per_upstream_prefetch_ratio this prefetches across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. // // For example if prefetching is set to 2 for a round robin HTTP/2 cluster, on the first // incoming stream, 2 connections will be prefetched - one to the first upstream for this // cluster, one to the second on the assumption there will be a follow-up stream. // // Prefetching will be limited to one prefetch per configured upstream in the cluster. // // If this value is not set, or set explicitly to one, Envoy will fetch as many connections // as needed to serve streams in flight, so during warm up and in steady state if a connection // is closed (and per_upstream_prefetch_ratio is not set), there will be a latency hit for // connection establishment. // // If both this and prefetch_ratio are set, Envoy will make sure both predicted needs are met, // basically prefetching max(predictive-prefetch, per-upstream-prefetch), for each upstream. // TODO(alyssawilk) per LB docs and LB overview docs when unhiding. google.protobuf.DoubleValue predictive_prefetch_ratio = 2 [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } reserved 12, 15, 7, 11, 35; reserved "hosts", "tls_context", "extension_protocol_options"; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the // :ref:`LbEndpoint.Metadata ` // is used to match against the transport sockets as they appear in the list. The first // :ref:`match ` is used. // For example, with the following match // // .. code-block:: yaml // // transport_socket_matches: // - name: "enableMTLS" // match: // acceptMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // - name: "defaultToPlaintext" // match: {} // transport_socket: // name: envoy.transport_sockets.raw_buffer // // Connections to the endpoints whose metadata value under *envoy.transport_socket_match* // having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration. // // If a :ref:`socket match ` with empty match // criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext" // socket match in case above. // // If an endpoint metadata's value under *envoy.transport_socket_match* does not match any // *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or // *transport_socket* specified in this cluster. // // This field allows gradual and flexible transport socket configuration changes. // // The metadata of endpoints in EDS can indicate transport socket capabilities. For example, // an endpoint's metadata can have two key value pairs as "acceptMTLS": "true", // "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic // has "acceptPlaintext": "true" metadata information. // // Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS // traffic for endpoints with "acceptMTLS": "true", by adding a corresponding // *TransportSocketMatch* in this field. Other client Envoys receive CDS without // *transport_socket_match* set, and still send plain text traffic to the same cluster. // // This field can be used to specify custom transport socket configurations for health // checks by adding matching key/value pairs in a health check's // :ref:`transport socket match criteria ` field. // // [#comment:TODO(incfly): add a detailed architecture doc on intended usage.] repeated TransportSocketMatch transport_socket_matches = 43; // Supplies the name of the cluster which must be unique across all clusters. // The cluster name is used when emitting // :ref:`statistics ` if :ref:`alt_stat_name // ` is not provided. // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. string name = 1 [(validate.rules).string = {min_len: 1}]; // An optional alternative to the cluster name to be used while emitting stats. // Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be // confused with :ref:`Router Filter Header // `. string alt_stat_name = 28; oneof cluster_discovery_type { // The :ref:`service discovery type ` // to use for resolving the cluster. DiscoveryType type = 2 [(validate.rules).enum = {defined_only: true}]; // The custom cluster type. CustomClusterType cluster_type = 38; } // Configuration to use for EDS updates for the Cluster. EdsClusterConfig eds_cluster_config = 3; // The timeout for new network connections to hosts in the cluster. google.protobuf.Duration connect_timeout = 4 [(validate.rules).duration = {gt {}}]; // Soft limit on size of the cluster’s connections read and write buffers. If // unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The :ref:`load balancer type ` to use // when picking a host in the cluster. // [#comment:TODO: Remove enum constraint :ref:`LOAD_BALANCING_POLICY_CONFIG` when implemented.] LbPolicy lb_policy = 6 [(validate.rules).enum = {defined_only: true not_in: 7}]; // Setting this is required for specifying members of // :ref:`STATIC`, // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS` clusters. // This field supersedes the *hosts* field in the v2 API. // // .. attention:: // // Setting this allows non-EDS cluster types to contain embedded EDS equivalent // :ref:`endpoint assignments`. // endpoint.v3.ClusterLoadAssignment load_assignment = 33; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. repeated core.v4alpha.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool // implementations. If not specified, there is no limit. Setting this // parameter to 1 will effectively disable keep alive. google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. CircuitBreakers circuit_breakers = 10; // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. core.v4alpha.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. core.v4alpha.HttpProtocolOptions common_http_protocol_options = 29; // Additional options when handling HTTP1 requests. core.v4alpha.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when // making new HTTP connection pool connections. Currently, Envoy only // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. core.v4alpha.Http2ProtocolOptions http2_protocol_options = 14 [(udpa.annotations.security).configure_for_untrusted_upstream = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used as the cluster’s DNS refresh // rate. The value configured must be at least 1ms. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. google.protobuf.Duration dns_refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}]; // If the DNS failure refresh rate is specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types // other than :ref:`STRICT_DNS` and // :ref:`LOGICAL_DNS` this setting is // ignored. RefreshRate dns_failure_refresh_rate = 44; // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true, // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS // resolution. bool respect_dns_ttl = 39; // The DNS IP address resolution policy. If this setting is not specified, the // value defaults to // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; // If DNS resolvers are specified and the cluster type is either // :ref:`STRICT_DNS`, // or :ref:`LOGICAL_DNS`, // this value is used to specify the cluster’s dns resolvers. // If this setting is not specified, the value defaults to the default // resolver, which uses /etc/resolv.conf for configuration. For cluster types // other than // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. repeated core.v4alpha.Address dns_resolvers = 18; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 45; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. // Hosts are considered stale if they have not been used // as upstream destinations during this interval. New hosts are added // to original destination clusters on demand as new connections are // redirected to Envoy, causing the number of hosts in the cluster to // grow over time. Hosts that are not stale (they are actively used as // destinations) are kept in the cluster, which allows connections to // them remain open, saving the latency that would otherwise be spent // on opening new connections. If this setting is not specified, the // value defaults to 5000ms. For cluster types other than // :ref:`ORIGINAL_DST` // this setting is ignored. google.protobuf.Duration cleanup_interval = 20 [(validate.rules).duration = {gt {}}]; // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the address and port are empty, no bind will be performed. core.v4alpha.BindConfig upstream_bind_config = 21; // Configuration for load balancing subsetting. LbSubsetConfig lb_subset_config = 22; // Optional configuration for the load balancing algorithm selected by // LbPolicy. Currently only // :ref:`RING_HASH`, // :ref:`MAGLEV` and // :ref:`LEAST_REQUEST` // has additional configuration options. // Specifying ring_hash_lb_config or maglev_lb_config or least_request_lb_config without setting the corresponding // LbPolicy will generate an error at runtime. oneof lb_config { // Optional configuration for the Ring Hash load balancing policy. RingHashLbConfig ring_hash_lb_config = 23; // Optional configuration for the Maglev load balancing policy. MaglevLbConfig maglev_lb_config = 52; // Optional configuration for the Original Destination load balancing policy. OriginalDstLbConfig original_dst_lb_config = 34; // Optional configuration for the LeastRequest load balancing policy. LeastRequestLbConfig least_request_lb_config = 37; } // Common configuration for all load balancer implementations. CommonLbConfig common_lb_config = 27; // Optional custom transport socket implementation to use for upstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`UpstreamTlsContexts ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v4alpha.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.v4alpha.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. ClusterProtocolSelection protocol_selection = 26; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; // If an upstream host becomes unhealthy (as determined by the configured health checks // or outlier detection), immediately close all connections to the failed host. // // .. note:: // // This is currently only supported for connections created by tcp_proxy. // // .. note:: // // The current implementation of this feature closes all connections immediately when // the unhealthy status is detected. If there are a large number of connections open // to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of // time exclusively closing these connections, and not processing any other traffic. bool close_connections_on_host_health_failure = 31; // If set to true, Envoy will ignore the health value of a host when processing its removal // from service discovery. This means that if active health checking is used, Envoy will *not* // wait for the endpoint to go unhealthy before removing it. bool ignore_health_on_host_removal = 32; // An (optional) network filter chain, listed in the order the filters should be applied. // The chain will be applied to all outgoing connections that Envoy makes to the upstream // servers of this cluster. repeated Filter filters = 40; // [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the // :ref:`lb_policy` field has the value // :ref:`LOAD_BALANCING_POLICY_CONFIG`. LoadBalancingPolicy load_balancing_policy = 41; // [#not-implemented-hide:] // If present, tells the client where to send load reports via LRS. If not present, the // client will fall back to a client-side default, which may be either (a) don't send any // load reports or (b) send load reports for all clusters to a single default server // (which may be configured in the bootstrap file). // // Note that if multiple clusters point to the same LRS server, the client may choose to // create a separate stream for each cluster or it may choose to coalesce the data for // multiple clusters onto a single stream. Either way, the client must make sure to send // the data for any given cluster on no more than one stream. // // [#next-major-version: In the v3 API, we should consider restructuring this somehow, // maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation // from the LRS stream here.] core.v4alpha.ConfigSource lrs_server = 42; // If track_timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. // // .. attention:: // // This field has been deprecated in favor of `timeout_budgets`, part of // :ref:`track_cluster_stats `. bool hidden_envoy_deprecated_track_timeout_budgets = 47 [deprecated = true]; // Optional customization and configuration of upstream connection pool, and upstream type. // // Currently this field only applies for HTTP traffic but is designed for eventual use for custom // TCP upstreams. // // For HTTP traffic, Envoy will generally take downstream HTTP and send it upstream as upstream // HTTP, using the http connection pool and the codec from `http2_protocol_options` // // For routes where CONNECT termination is configured, Envoy will take downstream CONNECT // requests and forward the CONNECT payload upstream over raw TCP using the tcp connection pool. // // The default pool used is the generic connection pool which creates the HTTP upstream for most // HTTP requests, and the TCP upstream if CONNECT termination is configured. // // If users desire custom connection pool or upstream behavior, for example terminating // CONNECT only if a custom filter indicates it is appropriate, the custom factories // can be registered and configured here. core.v4alpha.TypedExtensionConfig upstream_config = 48; // Configuration to track optional cluster stats. TrackClusterStats track_cluster_stats = 49; // [#not-implemented-hide:] // Prefetch configuration for this cluster. PrefetchPolicy prefetch_policy = 50; // If `connection_pool_per_downstream_connection` is true, the cluster will use a separate // connection pool for every downstream connection bool connection_pool_per_downstream_connection = 51; } // [#not-implemented-hide:] Extensible load balancing policy configuration. // // Every LB policy defined via this mechanism will be identified via a unique name using reverse // DNS notation. If the policy needs configuration parameters, it must define a message for its // own configuration, which will be stored in the config field. The name of the policy will tell // clients which type of message they should expect to see in the config field. // // Note that there are cases where it is useful to be able to independently select LB policies // for choosing a locality and for choosing an endpoint within that locality. For example, a // given deployment may always use the same policy to choose the locality, but for choosing the // endpoint within the locality, some clusters may use weighted-round-robin, while others may // use some sort of session-based balancing. // // This can be accomplished via hierarchical LB policies, where the parent LB policy creates a // child LB policy for each locality. For each request, the parent chooses the locality and then // delegates to the child policy for that locality to choose the endpoint within the locality. // // To facilitate this, the config message for the top-level LB policy may include a field of // type LoadBalancingPolicy that specifies the child policy. message LoadBalancingPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.LoadBalancingPolicy"; message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.LoadBalancingPolicy.Policy"; reserved 2; reserved "config"; // Required. The name of the LB policy. string name = 1; google.protobuf.Any typed_config = 3; } // Each client will iterate over the list in order and stop at the first policy that it // supports. This provides a mechanism for starting to use new LB policies that are not yet // supported by all clients. repeated Policy policies = 1; } // An extensible structure containing the address Envoy should bind to when // establishing upstream connections. message UpstreamBindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.UpstreamBindConfig"; // The address Envoy should bind to when establishing upstream connections. core.v4alpha.Address source_address = 1; } message UpstreamConnectionOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.UpstreamConnectionOptions"; // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. core.v4alpha.TcpKeepalive tcp_keepalive = 1; } message TrackClusterStats { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.TrackClusterStats"; // If timeout_budgets is true, the :ref:`timeout budget histograms // ` will be published for each // request. These show what percentage of a request's per try and global timeout was used. A value // of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value // of 100 would indicate that the request took the entirety of the timeout given to it. bool timeout_budgets = 1; // If request_response_sizes is true, then the :ref:`histograms // ` tracking header and body sizes // of requests and responses will be published. bool request_response_sizes = 2; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v4alpha/filter.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "FilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Upstream filters] // Upstream filters apply to the connections to the upstream cluster hosts. message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Filter"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any typed_config = 2; } ================================================ FILE: generated_api_shadow/envoy/config/cluster/v4alpha/outlier_detection.proto ================================================ syntax = "proto3"; package envoy.config.cluster.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.cluster.v4alpha"; option java_outer_classname = "OutlierDetectionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Outlier detection] // See the :ref:`architecture overview ` for // more information on outlier detection. // [#next-free-field: 21] message OutlierDetection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.OutlierDetection"; // The number of consecutive 5xx responses or local origin errors that are mapped // to 5xx error codes before a consecutive 5xx ejection // occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_5xx = 1; // The time interval between ejection analysis sweeps. This can result in // both new ejections as well as hosts being returned to service. Defaults // to 10000ms or 10s. google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}]; // The base time that a host is ejected for. The real time is equal to the // base time multiplied by the number of times the host has been ejected. // Defaults to 30000ms or 30s. google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}]; // The maximum % of an upstream cluster that can be ejected due to outlier // detection. Defaults to 10% but will eject at least one host regardless of the value. google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive 5xx. This setting can be used to disable // ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics. This setting can be used to // disable ejection or to ramp it up slowly. Defaults to 100. google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}]; // The number of hosts in a cluster that must have enough request volume to // detect success rate outliers. If the number of hosts is less than this // setting, outlier detection via success rate statistics is not performed // for any host in the cluster. Defaults to 5. google.protobuf.UInt32Value success_rate_minimum_hosts = 7; // The minimum number of total requests that must be collected in one // interval (as defined by the interval duration above) to include this host // in success rate based outlier detection. If the volume is lower than this // setting, outlier detection via success rate statistics is not performed // for that host. Defaults to 100. google.protobuf.UInt32Value success_rate_request_volume = 8; // This factor is used to determine the ejection threshold for success rate // outlier ejection. The ejection threshold is the difference between the // mean success rate, and the product of this factor and the standard // deviation of the mean success rate: mean - (stdev * // success_rate_stdev_factor). This factor is divided by a thousand to get a // double. That is, if the desired factor is 1.9, the runtime value should // be 1900. Defaults to 1900. google.protobuf.UInt32Value success_rate_stdev_factor = 9; // The number of consecutive gateway failures (502, 503, 504 status codes) // before a consecutive gateway failure ejection occurs. Defaults to 5. google.protobuf.UInt32Value consecutive_gateway_failure = 10; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive gateway failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11 [(validate.rules).uint32 = {lte: 100}]; // Determines whether to distinguish local origin failures from external errors. If set to true // the following configuration parameters are taken into account: // :ref:`consecutive_local_origin_failure`, // :ref:`enforcing_consecutive_local_origin_failure` // and // :ref:`enforcing_local_origin_success_rate`. // Defaults to false. bool split_external_local_origin_errors = 12; // The number of consecutive locally originated failures before ejection // occurs. Defaults to 5. Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value consecutive_local_origin_failure = 13; // The % chance that a host will be actually ejected when an outlier status // is detected through consecutive locally originated failures. This setting can be // used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status // is detected through success rate statistics for locally originated errors. // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. // Parameter takes effect only when // :ref:`split_external_local_origin_errors` // is set to true. google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15 [(validate.rules).uint32 = {lte: 100}]; // The failure percentage to use when determining failure percentage-based outlier detection. If // the failure percentage of a given host is greater than or equal to this value, it will be // ejected. Defaults to 85. google.protobuf.UInt32Value failure_percentage_threshold = 16 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // failure percentage statistics. This setting can be used to disable ejection or to ramp it up // slowly. Defaults to 0. // // [#next-major-version: setting this without setting failure_percentage_threshold should be // invalid in v4.] google.protobuf.UInt32Value enforcing_failure_percentage = 17 [(validate.rules).uint32 = {lte: 100}]; // The % chance that a host will be actually ejected when an outlier status is detected through // local-origin failure percentage statistics. This setting can be used to disable ejection or to // ramp it up slowly. Defaults to 0. google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18 [(validate.rules).uint32 = {lte: 100}]; // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection. // If the total number of hosts in the cluster is less than this value, failure percentage-based // ejection will not be performed. Defaults to 5. google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19; // The minimum number of total requests that must be collected in one interval (as defined by the // interval duration above) to perform failure percentage-based ejection for this host. If the // volume is lower than this setting, failure percentage-based ejection will not be performed for // this host. Defaults to 50. google.protobuf.UInt32Value failure_percentage_request_volume = 20; } ================================================ FILE: generated_api_shadow/envoy/config/common/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto ================================================ syntax = "proto3"; package envoy.config.common.dynamic_forward_proxy.v2alpha; import "envoy/api/v2/cluster.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "DnsCacheProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy common configuration] // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. // [#next-free-field: 7] message DnsCacheConfig { // The name of the cache. Multiple named caches allow independent dynamic forward proxy // configurations to operate within a single Envoy process using different configurations. All // configurations with the same name *must* otherwise have the same settings when referenced // from different configuration components. Configuration will fail to load if this is not // the case. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The DNS lookup family to use during resolution. // // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and // then configures a host to have a primary and fall back address. With this, we could very // likely build a "happy eyeballs" connection pool which would race the primary / fall back // address and return the one that wins. This same method could potentially also be used for // QUIC to TCP fall back.] api.v2.Cluster.DnsLookupFamily dns_lookup_family = 2 [(validate.rules).enum = {defined_only: true}]; // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. // // .. note: // // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be // added in a future change. // // .. note: // // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gte {nanos: 1000000}}]; // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // // .. note: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // // .. note: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // // .. note: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured // value depending on timing. This is similar to how other circuit breakers work. google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; // If the DNS failure refresh rate is specified, // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is // not specified, the failure refresh rate defaults to the dns_refresh_rate. api.v2.Cluster.RefreshRate dns_failure_refresh_rate = 6; } ================================================ FILE: generated_api_shadow/envoy/config/common/matcher/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/common/matcher/v3/matcher.proto ================================================ syntax = "proto3"; package envoy.config.common.matcher.v3; import "envoy/config/route/v3/route_components.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.matcher.v3"; option java_outer_classname = "MatcherProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Unified Matcher API] // Match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { // HTTP headers to match. repeated route.v3.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { message GenericTextMatch { oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/common/matcher/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v3:pkg", "//envoy/config/route/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/common/matcher/v4alpha/matcher.proto ================================================ syntax = "proto3"; package envoy.config.common.matcher.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.matcher.v4alpha"; option java_outer_classname = "MatcherProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Unified Matcher API] // Match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpHeadersMatch"; // HTTP headers to match. repeated route.v4alpha.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpGenericBodyMatch"; message GenericTextMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.matcher.v3.HttpGenericBodyMatch.GenericTextMatch"; oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/common/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/common/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.config.common.tap.v2alpha; import "envoy/api/v2/core/config_source.proto"; import "envoy/service/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.common.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { // [#not-implemented-hide:] message TapDSConfig { // Configuration for the source of TapDS updates for this Cluster. api.v2.core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // Tap config to request from XDS server. string name = 2 [(validate.rules).string = {min_bytes: 1}]; } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. service.tap.v2alpha.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/core/v3/address.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Network addresses] message Pipe { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Pipe"; // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_len: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#not-implemented-hide:] The address represents an envoy internal listener. // TODO(lambdai): Make this address available for listener and endpoint. // TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30. message EnvoyInternalAddress { oneof address_name_specifier { option (validate.required) = true; // [#not-implemented-hide:] The :ref:`listener name ` of the destination internal listener. string server_listener_name = 1; } } // [#next-free-field: 7] message SocketAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketAddress"; enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_len: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpKeepalive"; // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BindConfig"; // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Address"; oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; // [#not-implemented-hide:] EnvoyInternalAddress envoy_internal_address = 3; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.CidrRange"; // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/backoff.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BackoffStrategy"; // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/base.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/backoff.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Locality"; // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BuildVersion"; // SemVer version of extension. type.v3.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Extension"; // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Node"; // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server // for filtering :ref:`listeners ` to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address listening_addresses = 11 [deprecated = true]; string hidden_envoy_deprecated_build_version = 5 [deprecated = true]; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Metadata"; // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeUInt32"; // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_len: 1}]; } // Runtime derived percentage with a default when not specified. message RuntimePercent { // Default value if runtime value is not available. type.v3.Percent default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeDouble"; // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeFeatureFlag"; // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Header name/value pair. message HeaderValue { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderValue"; // Header name. string key = 1 [(validate.rules).string = {min_len: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderValueOption"; // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. Otherwise it replaces any existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderMap"; repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.DataSource"; oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_len: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_len: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RetryPolicy"; // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value num_retries = 2 [(udpa.annotations.field_migrate).rename = "max_retries"]; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RemoteDataSource"; // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_len: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.AsyncDataSource"; oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TransportSocket"; // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeFractionalPercent"; // Default value if the runtime value's for the numerator/denominator keys are not available. type.v3.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ControlPlane"; // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/config_source.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/authority.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Configuration sources] // xDS API and non-xDS services version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ApiConfigSource"; // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. hidden_envoy_deprecated_UNSUPPORTED_REST_LEGACY = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // SotW gRPC service. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; // SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_GRPC = 5; // Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_DELTA_GRPC = 6; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.AggregatedConfigSource"; } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SelfConfigSource"; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RateLimitSettings"; // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 8] message ConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ConfigSource"; // Authorities that this config source may be used for. An authority specified // in a *udpa.core.v1.ResourceLocator* is resolved to a *ConfigSource* prior // to configuration fetch. This field provides the association between // authority name and configuration source. // [#not-implemented-hide:] repeated udpa.core.v1.Authority authorities = 7; oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/event_service_config.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.EventServiceConfig"; oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/extension.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/config_source.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ExtensionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Extension configuration] // Message type for extension configuration. // [#next-major-version: revisit all existing typed_config that doesn't use this wrapper.]. message TypedExtensionConfig { // The name of an extension. This is not used to select the extension, instead // it serves the role of an opaque identifier. string name = 1 [(validate.rules).string = {min_len: 1}]; // The typed config for the extension. The type URL will be used to identify // the extension. In the case that the type URL is *udpa.type.v1.TypedStruct*, // the inner type URL of *TypedStruct* will be utilized. See the // :ref:`extension configuration overview // ` for further details. google.protobuf.Any typed_config = 2 [(validate.rules).any = {required: true}]; } // Configuration source specifier for a late-bound extension configuration. The // parent resource is warmed until all the initial extension configurations are // received, unless the flag to apply the default configuration is set. // Subsequent extension updates are atomic on a per-worker basis. Once an // extension configuration is applied to a request or a connection, it remains // constant for the duration of processing. If the initial delivery of the // extension configuration fails, due to a timeout for example, the optional // default configuration is applied. Without a default configuration, the // extension is disabled, until an extension configuration is received. The // behavior of a disabled extension depends on the context. For example, a // filter chain with a disabled extension filter rejects all incoming streams. message ExtensionConfigSource { ConfigSource config_source = 1 [(validate.rules).any = {required: true}]; // Optional default configuration to use as the initial configuration if // there is a failure to receive the initial extension configuration or if // `apply_default_config_without_warming` flag is set. google.protobuf.Any default_config = 2; // Use the default config as the initial configuration without warming and // waiting for the first discovery response. Requires the default configuration // to be supplied. bool apply_default_config_without_warming = 3; // A set of permitted extension type URLs. Extension configuration updates are rejected // if they do not match any type URL in the set. repeated string type_urls = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcMethodList"; message Service { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcMethodList.Service"; // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_len: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/grpc_service.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService"; message EnvoyGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.EnvoyGrpc"; // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. string authority = 2 [(validate.rules).string = {min_len: 0 max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // [#next-free-field: 9] message GoogleGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc"; // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials"; // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.GoogleLocalCredentials"; } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials"; oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials"; message ServiceAccountJWTAccessCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials." "ServiceAccountJWTAccessCredentials"; string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials"; string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials." "MetadataCredentialsFromPlugin"; string name = 1; oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService"; // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_len: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_len: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // Channel arguments. message ChannelArgs { message Value { // Pointer values are not supported, since they don't make any sense when // delivered via the API. oneof value_specifier { option (validate.required) = true; string string_value = 1; int64 int_value = 2; } } // See grpc_types.h GRPC_ARG #defines for keys that work here. map args = 1; } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_len: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_len: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; // How many bytes each stream can buffer internally. // If not set an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7; // Custom channels args. ChannelArgs channel_args = 8; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/health_check.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/http.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 24] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck"; // Describes the encoding of the payload bytes in the payload. message Payload { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.Payload"; oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.HttpHealthCheck"; // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.v3.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.v3.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.v3.StringMatcher service_name_matcher = 11; string hidden_envoy_deprecated_service_name = 5 [deprecated = true]; bool hidden_envoy_deprecated_use_http2 = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } message TcpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.TcpHealthCheck"; // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.RedisHealthCheck"; // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.GrpcHealthCheck"; // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Custom health check. message CustomHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.CustomHealthCheck"; // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_len: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HealthCheck.TlsOptions"; // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's // :ref:`tranport socket matches `. // For example, the following match criteria // // .. code-block:: yaml // // transport_socket_match_criteria: // useMTLS: true // // Will match the following :ref:`cluster socket match ` // // .. code-block:: yaml // // transport_socket_matches: // - name: "useMTLS" // match: // useMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the // :ref:`LbEndpoint.Metadata `. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any // :ref:`transport socket matches `, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. google.protobuf.Struct transport_socket_match_criteria = 23; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/http_uri.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HttpUri"; // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_len: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpProtocolOptions"; } message UpstreamHttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.UpstreamHttpProtocolOptions"; // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HttpProtocolOptions"; // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 8] message Http1ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions"; message HeaderKeyFormat { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat"; message ProperCaseWords { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords"; } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; // Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding` // headers set. By default such messages are rejected, but if option is enabled - Envoy will // remove Content-Length header and process message. // See `RFC7230, sec. 3.3.3 ` for details. // // .. attention:: // Enabling this option might lead to request smuggling vulnerability, especially if traffic // is proxied via multiple layers of proxies. bool allow_chunked_length = 6; // Allows invalid HTTP messaging. When this option is false, then Envoy will terminate // HTTP/1.1 connections upon receiving an invalid HTTP message. However, // when this option is true, then Envoy will leave the HTTP/1.1 connection // open where possible. // If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging // `. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 7; } message KeepaliveSettings { // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. google.protobuf.Duration timeout = 2 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // A random jitter amount as a percentage of interval that will be added to each interval. // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; } // [#next-free-field: 16] message Http2ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http2ProtocolOptions"; // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter"; // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65535 gte: 0}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This is overridden by HCM :ref:`stream_error_on_invalid_http_messaging // ` // iff present. // // This is deprecated in favor of :ref:`override_stream_error_on_invalid_http_message // ` // // See `RFC7540, sec. 8.1 `_ for details. bool stream_error_on_invalid_http_messaging = 12 [deprecated = true]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // // See `RFC7540, sec. 8.1 `_ for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 14; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; // Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer // does not respond within the configured timeout, the connection will be aborted. KeepaliveSettings connection_keepalive = 15; } // [#not-implemented-hide:] message GrpcProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.GrpcProtocolOptions"; Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Proxy Protocol] message ProxyProtocolConfig { enum Version { // PROXY protocol version 1. Human readable format. V1 = 0; // PROXY protocol version 2. Binary format. V2 = 1; } // The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details Version version = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/socket_option.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketOption"; enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v3/substitution_format_string.proto ================================================ syntax = "proto3"; package envoy.config.core.v3; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v3"; option java_outer_classname = "SubstitutionFormatStringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Substitution format string] // Configuration to use multiple :ref:`command operators ` // to generate a new string in either plain text or JSON format. message SubstitutionFormatString { oneof format { option (validate.required) = true; // Specify a format with command operators to form a text string. // Its details is described in :ref:`format string`. // // For example, setting ``text_format`` like below, // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // generates plain text similar to: // // .. code-block:: text // // upstream connect error:503:path=/foo // string text_format = 1 [(validate.rules).string = {min_len: 1}]; // Specify a format with command operators to form a JSON string. // Its details is described in :ref:`format dictionary`. // Values are rendered as strings, numbers, or boolean values as appropriate. // Nested JSON objects may be produced by some command operators (e.g. FILTER_STATE or DYNAMIC_METADATA). // See the documentation for a specific command operator for details. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // // The following JSON object would be created: // // .. code-block:: json // // { // "status": 500, // "message": "My error message" // } // google.protobuf.Struct json_format = 2 [(validate.rules).message = {required: true}]; } // If set to true, when command operators are evaluated to null, // // * for ``text_format``, the output of the empty operator is changed from ``-`` to an // empty string, so that empty values are omitted entirely. // * for ``json_format`` the keys with null values are omitted in the output structure. bool omit_empty_values = 3; // Specify a *content_type* field. // If this field is not set then ``text/plain`` is used for *text_format* and // ``application/json`` is used for *json_format*. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // content_type: "text/html; charset=UTF-8" // string content_type = 4; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/address.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/socket_option.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "AddressProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Network addresses] message Pipe { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Pipe"; // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. string path = 1 [(validate.rules).string = {min_len: 1}]; // The mode for the Pipe. Not applicable for abstract sockets. uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } // [#not-implemented-hide:] The address represents an envoy internal listener. // TODO(lambdai): Make this address available for listener and endpoint. // TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30. message EnvoyInternalAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.EnvoyInternalAddress"; oneof address_name_specifier { option (validate.required) = true; // [#not-implemented-hide:] The :ref:`listener name ` of the destination internal listener. string server_listener_name = 1; } } // [#next-free-field: 7] message SocketAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SocketAddress"; enum Protocol { TCP = 0; UDP = 1; } Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching // in :ref:`FilterChainMatch `.] When used // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized // via :ref:`resolver_name `. string address = 2 [(validate.rules).string = {min_len: 1}]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; // This is only valid if :ref:`resolver_name // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } // The name of the custom resolver. This must have been registered with Envoy. If // this is empty, a context dependent default applies. If the address is a concrete // IP address, no resolution will occur. If address is a hostname this // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility // `_. Binding to ``::`` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into // IPv6 space as ``::FFFF:``. bool ipv4_compat = 6; } message TcpKeepalive { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TcpKeepalive"; // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BindConfig"; // The address to bind to when creating a socket. SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is // neither enabled nor disabled. google.protobuf.BoolValue freebind = 2; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated SocketOption socket_options = 3; } // Addresses specify either a logical or physical address and port, which are // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Address"; oneof address { option (validate.required) = true; SocketAddress socket_address = 1; Pipe pipe = 2; // [#not-implemented-hide:] EnvoyInternalAddress envoy_internal_address = 3; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.CidrRange"; // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Length of prefix, e.g. 0, 32. google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/backoff.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "BackoffProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Backoff Strategy] // Configuration defining a jittered exponential back off strategy. message BackoffStrategy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BackoffStrategy"; // The base interval to be used for the next back off computation. It should // be greater than zero and less than or equal to :ref:`max_interval // `. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // Specifies the maximum interval between retries. This parameter is optional, // but must be greater than or equal to the :ref:`base_interval // ` if set. The default // is 10 times the :ref:`base_interval // `. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/base.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/backoff.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/semantic_version.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "BaseProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common types] // Envoy supports :ref:`upstream priority routing // ` both at the route and the virtual // cluster level. The current priority implementation uses different connection // pool and circuit breaking settings for each priority level. This means that // even for HTTP/2 requests, two physical connections will be used to an // upstream host. In the future Envoy will likely support true HTTP/2 priority // over a single upstream connection. enum RoutingPriority { DEFAULT = 0; HIGH = 1; } // HTTP request method. enum RequestMethod { METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; POST = 3; PUT = 4; DELETE = 5; CONNECT = 6; OPTIONS = 7; TRACE = 8; PATCH = 9; } // Identifies the direction of the traffic relative to the local Envoy. enum TrafficDirection { // Default option is unspecified. UNSPECIFIED = 0; // The transport is used for incoming traffic. INBOUND = 1; // The transport is used for outgoing traffic. OUTBOUND = 2; } // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Locality"; // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery // service exposes :ref:`zone data `, // either in this message or via :option:`--service-zone`. The meaning of zone // is context dependent, e.g. `Availability Zone (AZ) // `_ // on AWS, `Zone `_ on // GCP, etc. string zone = 2; // When used for locality of upstream hosts, this field further splits zone // into smaller chunks of sub-zones so they can be load balanced // independently. string sub_zone = 3; } // BuildVersion combines SemVer version of extension with free-form build information // (i.e. 'alpha', 'private-build') as a set of strings. message BuildVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.BuildVersion"; // SemVer version of extension. type.v3.SemanticVersion version = 1; // Free-form build information. // Envoy defines several well known keys in the source/common/version/version.h file google.protobuf.Struct metadata = 2; } // Version and identification for an Envoy extension. // [#next-free-field: 6] message Extension { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Extension"; // This is the name of the Envoy filter as specified in the Envoy // configuration, e.g. envoy.filters.http.router, com.acme.widget. string name = 1; // Category of the extension. // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from // acme.com vendor. // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] string category = 2; // [#not-implemented-hide:] Type descriptor of extension configuration proto. // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] string type_descriptor = 3; // The version is a property of the extension and maintained independently // of other extensions and the Envoy API. // This field is not set when extension did not provide version information. BuildVersion version = 4; // Indicates that the extension is present but was disabled via dynamic configuration. bool disabled = 5; } // Identifies a specific Envoy instance. The node identifier is presented to the // management server, which may use this identifier to distinguish per Envoy // configuration for serving. // [#next-free-field: 12] message Node { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Node"; reserved 5; reserved "build_version"; // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are // used: :ref:`statsd `, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: // :ref:`statsd `, :ref:`health check cluster // verification // `, // :ref:`runtime override directory `, // :ref:`user agent addition // `, // :ref:`HTTP global rate limiting `, // :ref:`CDS `, and :ref:`HTTP tracing // `, either in this message or via // :option:`--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. google.protobuf.Struct metadata = 3; // Locality specifying where the Envoy instance is running. Locality locality = 4; // Free-form string that identifies the entity requesting config. // E.g. "envoy" or "grpc" string user_agent_name = 6; oneof user_agent_version_type { // Free-form string that identifies the version of the entity requesting config. // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" string user_agent_version = 7; // Structured version of the entity requesting config. BuildVersion user_agent_build_version = 8; } // List of extensions and their versions supported by the node. repeated Extension extensions = 9; // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. // See :ref:`the list of features ` that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server // for filtering :ref:`listeners ` to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address hidden_envoy_deprecated_listening_addresses = 11 [deprecated = true]; } // Metadata provides additional inputs to filters based on matched listeners, // filter chains, routes and endpoints. It is structured as a map, usually from // filter name (in reverse DNS format) to metadata specific to the filter. Metadata // key-values for a filter are merged as connection and request handling occurs, // with later values for the same key overriding earlier values. // // An example use of metadata is providing additional values to // http_connection_manager in the envoy.http_connection_manager.access_log // namespace. // // Another example use of metadata is to per service config info in cluster metadata, which may get // consumed by multiple filters. // // For load balancing, Metadata provides a means to subset cluster endpoints. // Endpoints have a Metadata object associated and routes contain a Metadata // object to match against. There are some well defined metadata used today for // this purpose: // // * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Metadata"; // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* // namespace is reserved for Envoy's built-in filters. map filter_metadata = 1; } // Runtime derived uint32 with a default when not specified. message RuntimeUInt32 { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeUInt32"; // Default value if runtime value is not available. uint32 default_value = 2; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 3 [(validate.rules).string = {min_len: 1}]; } // Runtime derived percentage with a default when not specified. message RuntimePercent { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimePercent"; // Default value if runtime value is not available. type.v3.Percent default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived double with a default when not specified. message RuntimeDouble { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeDouble"; // Default value if runtime value is not available. double default_value = 1; // Runtime key to get value for comparison. This value is used if defined. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Runtime derived bool with a default when not specified. message RuntimeFeatureFlag { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeFeatureFlag"; // Default value if runtime value is not available. google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its // `canonical JSON encoding `_. string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; } // Header name/value pair. message HeaderValue { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderValue"; // Header name. string key = 1 [(validate.rules).string = {min_len: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Header value. // // The same :ref:`format specifier ` as used for // :ref:`HTTP access logging ` applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} ]; } // Header name/value pair plus option to control append behavior. message HeaderValueOption { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderValueOption"; // Header name/value pair that this option applies to. HeaderValue header = 1 [(validate.rules).message = {required: true}]; // Should the value be appended? If true (default), the value is appended to // existing values. Otherwise it replaces any existing values. google.protobuf.BoolValue append = 2; } // Wrapper for a set of headers. message HeaderMap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HeaderMap"; repeated HeaderValue headers = 1; } // Data source consisting of either a file or an inline value. message DataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.DataSource"; oneof specifier { option (validate.required) = true; // Local filesystem data source. string filename = 1 [(validate.rules).string = {min_len: 1}]; // Bytes inlined in the configuration. bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; // String inlined in the configuration. string inline_string = 3 [(validate.rules).string = {min_len: 1}]; } } // The message specifies the retry policy of remote data source when fetching fails. message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RetryPolicy"; // Specifies parameters that control :ref:`retry backoff strategy `. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. google.protobuf.UInt32Value max_retries = 2; } // The message specifies how to fetch data from remote and how to verify it. message RemoteDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RemoteDataSource"; // The HTTP URI to fetch the remote data. HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; // SHA256 string for verifying data. string sha256 = 2 [(validate.rules).string = {min_len: 1}]; // Retry policy for fetching remote data. RetryPolicy retry_policy = 3; } // Async data source which support async data fetch. message AsyncDataSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.AsyncDataSource"; oneof specifier { option (validate.required) = true; // Local async data source. DataSource local = 1; // Remote async data source. RemoteDataSource remote = 2; } } // Configuration for transport socket in :ref:`listeners ` and // :ref:`clusters `. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TransportSocket"; reserved 2; reserved "config"; // The name of the transport socket to instantiate. The name must match a supported transport // socket implementation. string name = 1 [(validate.rules).string = {min_len: 1}]; // Implementation specific configuration which depends on the implementation being instantiated. // See the supported transport socket implementations for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // // .. note:: // // Parsing of the runtime key's data is implemented such that it may be represented as a // :ref:`FractionalPercent ` proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. message RuntimeFractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RuntimeFractionalPercent"; // Default value if the runtime value's for the numerator/denominator keys are not available. type.v3.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; // Runtime key for a YAML representation of a FractionalPercent. string runtime_key = 2; } // Identifies a specific ControlPlane instance that Envoy is connected to. message ControlPlane { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ControlPlane"; // An opaque control plane identifier that uniquely identifies an instance // of control plane. This can be used to identify which control plane instance, // the Envoy is connected to. string identifier = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/config_source.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/authority.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ConfigSourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Configuration sources] // xDS API and non-xDS services version. This is used to describe both resource and transport // protocol versions (in distinct configuration fields). enum ApiVersion { // When not specified, we assume v2, to ease migration to Envoy's stable API // versioning. If a client does not support v2 (e.g. due to deprecation), this // is an invalid value. AUTO = 0; // Use xDS v2 API. V2 = 1; // Use xDS v3 API. V3 = 2; } // API configuration source. This identifies the API type and cluster that Envoy // will use to fetch an xDS API. // [#next-free-field: 9] message ApiConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ApiConfigSource"; // APIs may be fetched via either REST or gRPC. enum ApiType { // Ideally this would be 'reserved 0' but one can't reserve the default // value. Instead we throw an exception if this is ever used. hidden_envoy_deprecated_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // REST-JSON v2 API. The `canonical JSON encoding // `_ for // the v2 protos is used. REST = 1; // SotW gRPC service. GRPC = 2; // Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response} // rather than Discovery{Request,Response}. Rather than sending Envoy the entire state // with every update, the xDS server only sends what has changed since the last update. DELTA_GRPC = 3; // SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_GRPC = 5; // Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be // multiplexed on a single connection to an ADS endpoint. // [#not-implemented-hide:] AGGREGATED_DELTA_GRPC = 6; } // API type (gRPC, REST, delta gRPC) ApiType api_type = 1 [(validate.rules).enum = {defined_only: true}]; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 8 [(validate.rules).enum = {defined_only: true}]; // Cluster names should be used only with REST. If > 1 // cluster is defined, clusters will be cycled through if any kind of failure // occurs. // // .. note:: // // The cluster with name ``cluster_name`` must be statically defined and its // type must not be ``EDS``. repeated string cluster_names = 2; // Multiple gRPC services be provided for GRPC. If > 1 cluster is defined, // services will be cycled through if any kind of failure occurs. repeated GrpcService grpc_services = 4; // For REST APIs, the delay between successive polls. google.protobuf.Duration refresh_delay = 3; // For REST APIs, the request timeout. If not set, a default value of 1s will be used. google.protobuf.Duration request_timeout = 5 [(validate.rules).duration = {gt {}}]; // For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be // rate limited. RateLimitSettings rate_limit_settings = 6; // Skip the node identifier in subsequent discovery requests for streaming gRPC config types. bool set_node_on_first_message_only = 7; } // Aggregated Discovery Service (ADS) options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.AggregatedConfigSource"; } // [#not-implemented-hide:] // Self-referencing config source options. This is currently empty, but when // set in :ref:`ConfigSource ` can be used to // specify that other data can be obtained from the same server. message SelfConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SelfConfigSource"; // API version for xDS transport protocol. This describes the xDS gRPC/REST // endpoint and version of [Delta]DiscoveryRequest/Response used on the wire. ApiVersion transport_api_version = 1 [(validate.rules).enum = {defined_only: true}]; } // Rate Limit settings to be applied for discovery requests made by Envoy. message RateLimitSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.RateLimitSettings"; // Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a // default value of 100 will be used. google.protobuf.UInt32Value max_tokens = 1; // Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens // per second will be used. google.protobuf.DoubleValue fill_rate = 2 [(validate.rules).double = {gt: 0.0}]; } // Configuration for :ref:`listeners `, :ref:`clusters // `, :ref:`routes // `, :ref:`endpoints // ` etc. may either be sourced from the // filesystem or from an xDS API source. Filesystem configs are watched with // inotify for updates. // [#next-free-field: 8] message ConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ConfigSource"; // Authorities that this config source may be used for. An authority specified // in a *udpa.core.v1.ResourceLocator* is resolved to a *ConfigSource* prior // to configuration fetch. This field provides the association between // authority name and configuration source. // [#not-implemented-hide:] repeated udpa.core.v1.Authority authorities = 7; oneof config_source_specifier { option (validate.required) = true; // Path on the filesystem to source and watch for configuration updates. // When sourcing configuration for :ref:`secret `, // the certificate and key files are also watched for updates. // // .. note:: // // The path to the source must exist at config load time. // // .. note:: // // Envoy will only watch the file path for *moves.* This is because in general only moves // are atomic. The same method of swapping files as is demonstrated in the // :ref:`runtime documentation ` can be used here also. string path = 1; // API configuration source. ApiConfigSource api_config_source = 2; // When set, ADS will be used to fetch resources. The ADS API configuration // source in the bootstrap configuration is used. AggregatedConfigSource ads = 3; // [#not-implemented-hide:] // When set, the client will access the resources from the same server it got the // ConfigSource from, although not necessarily from the same stream. This is similar to the // :ref:`ads` field, except that the client may use a // different stream to the same server. As a result, this field can be used for things // like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.) // LDS to RDS on the same server without requiring the management server to know its name // or required credentials. // [#next-major-version: In xDS v3, consider replacing the ads field with this one, since // this field can implicitly mean to use the same stream in the case where the ConfigSource // is provided via ADS and the specified data can also be obtained via ADS.] SelfConfigSource self = 5; } // When this timeout is specified, Envoy will wait no longer than the specified time for first // config response on this xDS subscription during the :ref:`initialization process // `. After reaching the timeout, Envoy will move to the next // initialization phase, even if the first config is not delivered yet. The timer is activated // when the xDS API subscription starts, and is disarmed on first config update or on error. 0 // means no timeout - Envoy will wait indefinitely for the first xDS config (unless another // timeout applies). The default is 15s. google.protobuf.Duration initial_fetch_timeout = 4; // API version for xDS resources. This implies the type URLs that the client // will request for resources and the resource type that the client will in // turn expect to be delivered. ApiVersion resource_api_version = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/event_service_config.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "EventServiceConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#not-implemented-hide:] // Configuration of the event reporting service endpoint. message EventServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.EventServiceConfig"; oneof config_source_specifier { option (validate.required) = true; // Specifies the gRPC service that hosts the event reporting service. GrpcService grpc_service = 1; } } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/extension.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ExtensionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Extension configuration] // Message type for extension configuration. // [#next-major-version: revisit all existing typed_config that doesn't use this wrapper.]. message TypedExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TypedExtensionConfig"; // The name of an extension. This is not used to select the extension, instead // it serves the role of an opaque identifier. string name = 1 [(validate.rules).string = {min_len: 1}]; // The typed config for the extension. The type URL will be used to identify // the extension. In the case that the type URL is *udpa.type.v1.TypedStruct*, // the inner type URL of *TypedStruct* will be utilized. See the // :ref:`extension configuration overview // ` for further details. google.protobuf.Any typed_config = 2 [(validate.rules).any = {required: true}]; } // Configuration source specifier for a late-bound extension configuration. The // parent resource is warmed until all the initial extension configurations are // received, unless the flag to apply the default configuration is set. // Subsequent extension updates are atomic on a per-worker basis. Once an // extension configuration is applied to a request or a connection, it remains // constant for the duration of processing. If the initial delivery of the // extension configuration fails, due to a timeout for example, the optional // default configuration is applied. Without a default configuration, the // extension is disabled, until an extension configuration is received. The // behavior of a disabled extension depends on the context. For example, a // filter chain with a disabled extension filter rejects all incoming streams. message ExtensionConfigSource { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ExtensionConfigSource"; ConfigSource config_source = 1 [(validate.rules).any = {required: true}]; // Optional default configuration to use as the initial configuration if // there is a failure to receive the initial extension configuration or if // `apply_default_config_without_warming` flag is set. google.protobuf.Any default_config = 2; // Use the default config as the initial configuration without warming and // waiting for the first discovery response. Requires the default configuration // to be supplied. bool apply_default_config_without_warming = 3; // A set of permitted extension type URLs. Extension configuration updates are rejected // if they do not match any type URL in the set. repeated string type_urls = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/grpc_method_list.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "GrpcMethodListProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC method list] // A list of gRPC methods which can be used as an allowlist, for example. message GrpcMethodList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcMethodList"; message Service { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcMethodList.Service"; // The name of the gRPC service. string name = 1 [(validate.rules).string = {min_len: 1}]; // The names of the gRPC methods in this service. repeated string method_names = 2 [(validate.rules).repeated = {min_items: 1}]; } repeated Service services = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/grpc_service.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "GrpcServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC services] // gRPC service configuration. This is used by :ref:`ApiConfigSource // ` and filter configurations. // [#next-free-field: 6] message GrpcService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService"; message EnvoyGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.EnvoyGrpc"; // The name of the upstream gRPC cluster. SSL credentials will be supplied // in the :ref:`Cluster ` :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. string authority = 2 [(validate.rules).string = {min_len: 0 max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // [#next-free-field: 9] message GoogleGrpc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc"; // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. message SslCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials"; // PEM encoded server root certificates. DataSource root_certs = 1; // PEM encoded client private key. DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // PEM encoded client certificate chain. DataSource cert_chain = 3; } // Local channel credentials. Only UDS is supported for now. // See https://github.com/grpc/grpc/pull/15909. message GoogleLocalCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials"; } // See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call // credential types. message ChannelCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials"; oneof credential_specifier { option (validate.required) = true; SslCredentials ssl_credentials = 1; // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_default = 2; GoogleLocalCredentials local_credentials = 3; } } // [#next-free-field: 8] message CallCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials"; message ServiceAccountJWTAccessCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials." "ServiceAccountJWTAccessCredentials"; string json_key = 1; uint64 token_lifetime_seconds = 2; } message GoogleIAMCredentials { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials"; string authorization_token = 1; string authority_selector = 2; } message MetadataCredentialsFromPlugin { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials." "MetadataCredentialsFromPlugin"; reserved 2; reserved "config"; string name = 1; oneof config_type { google.protobuf.Any typed_config = 3; } } // Security token service configuration that allows Google gRPC to // fetch security token from an OAuth 2.0 authorization server. // See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and // https://github.com/grpc/grpc/pull/19587. // [#next-free-field: 10] message StsService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService"; // URI of the token exchange service that handles token exchange requests. // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by // https://github.com/envoyproxy/protoc-gen-validate/issues/303] string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. string resource = 2; // Logical name of the target service where the client intends to // use the requested security token. string audience = 3; // The desired scope of the requested security token in the // context of the service or resource where the token will be used. string scope = 4; // Type of the requested security token. string requested_token_type = 5; // The path of subject token, a security token that represents the // identity of the party on behalf of whom the request is being made. string subject_token_path = 6 [(validate.rules).string = {min_len: 1}]; // Type of the subject token. string subject_token_type = 7 [(validate.rules).string = {min_len: 1}]; // The path of actor token, a security token that represents the identity // of the acting party. The acting party is authorized to use the // requested security token and act on behalf of the subject. string actor_token_path = 8; // Type of the actor token. string actor_token_type = 9; } oneof credential_specifier { option (validate.required) = true; // Access token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. string access_token = 1; // Google Compute Engine credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61 google.protobuf.Empty google_compute_engine = 2; // Google refresh token credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. string google_refresh_token = 3; // Service Account JWT Access credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. ServiceAccountJWTAccessCredentials service_account_jwt_access = 4; // Google IAM credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. GoogleIAMCredentials google_iam = 5; // Custom authenticator credentials. // https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. // https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. MetadataCredentialsFromPlugin from_plugin = 6; // Custom security token service which implements OAuth 2.0 token exchange. // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 // See https://github.com/grpc/grpc/pull/19587. StsService sts_service = 7; } } // Channel arguments. message ChannelArgs { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs"; message Value { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.Value"; // Pointer values are not supported, since they don't make any sense when // delivered via the API. oneof value_specifier { option (validate.required) = true; string string_value = 1; int64 int_value = 2; } } // See grpc_types.h GRPC_ARG #defines for keys that work here. map args = 1; } // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in // :ref:`channel_credentials `. string target_uri = 1 [(validate.rules).string = {min_len: 1}]; ChannelCredentials channel_credentials = 2; // A set of call credentials that can be composed with `channel credentials // `_. repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC // service. // // .. csv-table:: // :header: Name, Type, Description // :widths: 1, 1, 2 // // streams_total, Counter, Total number of streams opened // streams_closed_, Counter, Total streams closed with string stat_prefix = 4 [(validate.rules).string = {min_len: 1}]; // The name of the Google gRPC credentials factory to use. This must have been registered with // Envoy. If this is empty, a default credentials factory will be used that sets up channel // credentials based on other configuration parameters. string credentials_factory_name = 5; // Additional configuration for site-specific customizations of the Google // gRPC library. google.protobuf.Struct config = 6; // How many bytes each stream can buffer internally. // If not set an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7; // Custom channels args. ChannelArgs channel_args = 8; } reserved 4; oneof target_specifier { option (validate.required) = true; // Envoy's in-built gRPC client. // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; // `Google C++ gRPC client `_ // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; } // The timeout for the gRPC request. This is the timeout for a specific // request. google.protobuf.Duration timeout = 3; // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. repeated HeaderValue initial_metadata = 5; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/health_check.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/http.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. // * If health checking is configured for a cluster, additional statistics are emitted. They are // documented :ref:`here `. // Endpoint health status. enum HealthStatus { // The health status is not known. This is interpreted by Envoy as *HEALTHY*. UNKNOWN = 0; // Healthy. HEALTHY = 1; // Unhealthy. UNHEALTHY = 2; // Connection draining in progress. E.g., // ``_ // or // ``_. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; // Health check timed out. This is part of HDS and is interpreted by Envoy as // *UNHEALTHY*. TIMEOUT = 4; // Degraded. DEGRADED = 5; } // [#next-free-field: 24] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck"; // Describes the encoding of the payload bytes in the payload. message Payload { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.Payload"; oneof payload { option (validate.required) = true; // Hex encoded payload. E.g., "000000FF". string text = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] Binary payload. bytes binary = 2; } } // [#next-free-field: 12] message HttpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.HttpHealthCheck"; reserved 5, 7; reserved "service_name", "use_http2"; // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the // :ref:`hostname ` field. string host = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. string path = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // [#not-implemented-hide:] HTTP specific payload. Payload send = 3; // [#not-implemented-hide:] HTTP specific response. Payload receive = 4; // Specifies a list of HTTP headers that should be added to each request that is sent to the // health checked cluster. For more information, including details on header value syntax, see // the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request that is sent to the // health checked cluster. repeated string request_headers_to_remove = 8 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open // semantics of :ref:`Int64Range `. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.v3.Int64Range expected_statuses = 9; // Use specified application protocol for health checks. type.v3.CodecClientType codec_client_type = 10 [(validate.rules).enum = {defined_only: true}]; // An optional service name parameter which is used to validate the identity of // the health checked cluster using a :ref:`StringMatcher // `. See the :ref:`architecture overview // ` for more information. type.matcher.v4alpha.StringMatcher service_name_matcher = 11; } message TcpHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.TcpHealthCheck"; // Empty payloads imply a connect-only health check. Payload send = 1; // When checking the response, “fuzzy” matching is performed such that each // binary block must be found, and in the order specified, but not // necessarily contiguous. repeated Payload receive = 2; } message RedisHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.RedisHealthCheck"; // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } // `grpc.health.v1.Health // `_-based // healthcheck. See `gRPC doc `_ // for details. message GrpcHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.GrpcHealthCheck"; // An optional service name parameter which will be sent to gRPC service in // `grpc.health.v1.HealthCheckRequest // `_. // message. See `gRPC health-checking overview // `_ for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting // the :ref:`hostname ` field. string authority = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Custom health check. message CustomHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.CustomHealthCheck"; reserved 2; reserved "config"; // The registered name of the custom health checker. string name = 1 [(validate.rules).string = {min_len: 1}]; // A custom health checker specific configuration which depends on the custom health checker // being instantiated. See :api:`envoy/config/health_checker` for reference. oneof config_type { google.protobuf.Any typed_config = 3; } } // Health checks occur over the transport socket specified for the cluster. This implies that if a // cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. // // This allows overriding the cluster TLS settings, just for health check connections. message TlsOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HealthCheck.TlsOptions"; // Specifies the ALPN protocols for health check connections. This is useful if the // corresponding upstream is using ALPN-based :ref:`FilterChainMatch // ` along with different protocols for health checks // versus data connections. If empty, no ALPN protocols will be set on health check connections. repeated string alpn_protocols = 1; } reserved 10; // The time to wait for a health check response. If the timeout is reached the // health check attempt will be considered a failure. google.protobuf.Duration timeout = 1 [(validate.rules).duration = { required: true gt {} }]; // The interval between health checks. google.protobuf.Duration interval = 2 [(validate.rules).duration = { required: true gt {} }]; // An optional jitter amount in milliseconds. If specified, Envoy will start health // checking after for a random time in ms between 0 and initial_jitter. This only // applies to the first health check. google.protobuf.Duration initial_jitter = 20; // An optional jitter amount in milliseconds. If specified, during every // interval Envoy will add interval_jitter to the wait time. google.protobuf.Duration interval_jitter = 3; // An optional jitter amount as a percentage of interval_ms. If specified, // during every interval Envoy will add interval_ms * // interval_jitter_percent / 100 to the wait time. // // If interval_jitter_ms and interval_jitter_percent are both set, both of // them will be used to increase the wait time. uint32 interval_jitter_percent = 18; // The number of unhealthy health checks required before a host is marked // unhealthy. Note that for *http* health checking if a host responds with 503 // this threshold is ignored and the host is considered unhealthy immediately. google.protobuf.UInt32Value unhealthy_threshold = 4 [(validate.rules).message = {required: true}]; // The number of healthy health checks required before a host is marked // healthy. Note that during startup, only a single successful health check is // required to mark a host healthy. google.protobuf.UInt32Value healthy_threshold = 5 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Non-serving port for health checking. google.protobuf.UInt32Value alt_port = 6; // Reuse health check connection between health checks. Default is true. google.protobuf.BoolValue reuse_connection = 7; oneof health_checker { option (validate.required) = true; // HTTP health check. HttpHealthCheck http_health_check = 8; // TCP health check. TcpHealthCheck tcp_health_check = 9; // gRPC health check. GrpcHealthCheck grpc_health_check = 11; // Custom health check. CustomHealthCheck custom_health_check = 13; } // The "no traffic interval" is a special health check interval that is used when a cluster has // never had traffic routed to it. This lower interval allows cluster information to be kept up to // date, without sending a potentially large amount of active health checking traffic for no // reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the // standard health check interval that is defined. Note that this interval takes precedence over // any other. // // The default value for "no traffic interval" is 60 seconds. google.protobuf.Duration no_traffic_interval = 12 [(validate.rules).duration = {gt {}}]; // The "unhealthy interval" is a health check interval that is used for hosts that are marked as // unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the // standard health check interval that is defined. // // The default value for "unhealthy interval" is the same as "interval". google.protobuf.Duration unhealthy_interval = 14 [(validate.rules).duration = {gt {}}]; // The "unhealthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as unhealthy. For subsequent health checks // Envoy will shift back to using either "unhealthy interval" if present or the standard health // check interval that is defined. // // The default value for "unhealthy edge interval" is the same as "unhealthy interval". google.protobuf.Duration unhealthy_edge_interval = 15 [(validate.rules).duration = {gt {}}]; // The "healthy edge interval" is a special health check interval that is used for the first // health check right after a host is marked as healthy. For subsequent health checks // Envoy will shift back to using the standard health check interval that is defined. // // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; // Specifies the path to the :ref:`health check event log `. // If empty, no event log will be written. string event_log_path = 17; // [#not-implemented-hide:] // The gRPC service for the health check event service. // If empty, health check events won't be sent to a remote endpoint. EventServiceConfig event_service = 22; // If set to true, health check failure events will always be logged. If set to false, only the // initial health check failure event will be logged. // The default value is false. bool always_log_health_check_failures = 19; // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions tls_options = 21; // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's // :ref:`tranport socket matches `. // For example, the following match criteria // // .. code-block:: yaml // // transport_socket_match_criteria: // useMTLS: true // // Will match the following :ref:`cluster socket match ` // // .. code-block:: yaml // // transport_socket_matches: // - name: "useMTLS" // match: // useMTLS: true // transport_socket: // name: envoy.transport_sockets.tls // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the // :ref:`LbEndpoint.Metadata `. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any // :ref:`transport socket matches `, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. google.protobuf.Struct transport_socket_match_criteria = 23; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/http_uri.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "HttpUriProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP Service URI ] // Envoy external URI descriptor message HttpUri { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HttpUri"; // The HTTP server URI. It should be a full FQDN with protocol, host and path. // // Example: // // .. code-block:: yaml // // uri: https://www.googleapis.com/oauth2/v1/certs // string uri = 1 [(validate.rules).string = {min_len: 1}]; // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or // inline DNS resolution. See `issue // `_. oneof http_upstream_type { option (validate.required) = true; // A cluster is created in the Envoy "cluster_manager" config // section. This field specifies the cluster name. // // Example: // // .. code-block:: yaml // // cluster: jwks_cluster // string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // Sets the maximum duration in milliseconds that a response can take to arrive upon request. google.protobuf.Duration timeout = 3 [(validate.rules).duration = { required: true gte {} }]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Protocol options] // [#not-implemented-hide:] message TcpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.TcpProtocolOptions"; } message UpstreamHttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.UpstreamHttpProtocolOptions"; // Set transport socket `SNI `_ for new // upstream connections based on the downstream HTTP host/authority header, as seen by the // :ref:`router filter `. bool auto_sni = 1; // Automatic validate upstream presented certificate for new upstream connections based on the // downstream HTTP host/authority header, as seen by the // :ref:`router filter `. // This field is intended to set with `auto_sni` field. bool auto_san_validation = 2; } // [#next-free-field: 6] message HttpProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.HttpProtocolOptions"; // Action to take when Envoy receives client request with header names containing underscore // characters. // Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented // as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore // characters. enum HeadersWithUnderscoresAction { // Allow headers with underscores. This is the default behavior. ALLOW = 0; // Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests // end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter // is incremented for each rejected request. REJECT_REQUEST = 1; // Drop the header with name containing underscores. The header is dropped before the filter chain is // invoked and as such filters will not see dropped headers. The // "httpN.dropped_headers_with_underscores" is incremented for each dropped header. DROP_HEADER = 2; } // The idle timeout for connections. The idle timeout is defined as the // period in which there are no active requests. When the // idle timeout is reached the connection will be closed. If the connection is an HTTP/2 // downstream connection a drain sequence will occur prior to closing the connection, see // :ref:`drain_timeout // `. // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; // The maximum duration of a connection. The duration is defined as a period since a connection // was established. If not set, there is no max duration. When max_connection_duration is reached // the connection will be closed. Drain sequence will occur prior to closing the connection if // if's applicable. See :ref:`drain_timeout // `. // Note: not implemented for upstream connections. google.protobuf.Duration max_connection_duration = 3; // The maximum number of headers. If unconfigured, the default // maximum number of request headers allowed is 100. Requests that exceed this limit will receive // a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. google.protobuf.UInt32Value max_headers_count = 2 [(validate.rules).uint32 = {gte: 1}]; // Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be // reset independent of any other timeouts. If not specified, this value is not set. google.protobuf.Duration max_stream_duration = 4; // Action to take when a client request with a header name containing underscore characters is received. // If this setting is not specified, the value defaults to ALLOW. // Note: upstream responses are not affected by this setting. HeadersWithUnderscoresAction headers_with_underscores_action = 5; } // [#next-free-field: 8] message Http1ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions"; message HeaderKeyFormat { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat"; message ProperCaseWords { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords"; } oneof header_format { option (validate.required) = true; // Formats the header by proper casing words: the first character and any character following // a special character will be capitalized if it's an alpha character. For example, // "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are". // Note that while this results in most headers following conventional casing, certain headers // are not covered. For example, the "TE" header will be formatted as "Te". ProperCaseWords proper_case_words = 1; } } // Handle HTTP requests with absolute URLs in the requests. These requests // are generally sent by clients to forward/explicit proxies. This allows clients to configure // envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the // *http_proxy* environment variable. google.protobuf.BoolValue allow_absolute_url = 1; // Handle incoming HTTP/1.0 and HTTP 0.9 requests. // This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1 // style connect logic, dechunking, and handling lack of client host iff // *default_host_for_http_10* is configured. bool accept_http_10 = 2; // A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as // Envoy does not otherwise support HTTP/1.0 without a Host header. // This is a no-op if *accept_http_10* is not true. string default_host_for_http_10 = 3; // Describes how the keys for response headers should be formatted. By default, all header keys // are lower cased. HeaderKeyFormat header_key_format = 4; // Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers. // // .. attention:: // // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1. // - Is neither a HEAD only request nor a HTTP Upgrade. // - Not a response to a HEAD request. // - The content length header is not present. bool enable_trailers = 5; // Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding` // headers set. By default such messages are rejected, but if option is enabled - Envoy will // remove Content-Length header and process message. // See `RFC7230, sec. 3.3.3 ` for details. // // .. attention:: // Enabling this option might lead to request smuggling vulnerability, especially if traffic // is proxied via multiple layers of proxies. bool allow_chunked_length = 6; // Allows invalid HTTP messaging. When this option is false, then Envoy will terminate // HTTP/1.1 connections upon receiving an invalid HTTP message. However, // when this option is true, then Envoy will leave the HTTP/1.1 connection // open where possible. // If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging // `. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 7; } message KeepaliveSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.KeepaliveSettings"; // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. google.protobuf.Duration timeout = 2 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // A random jitter amount as a percentage of interval that will be added to each interval. // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; } // [#next-free-field: 16] message Http2ProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http2ProtocolOptions"; // Defines a parameter to be sent in the SETTINGS frame. // See `RFC7540, sec. 6.5.1 `_ for details. message SettingsParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter"; // The 16 bit parameter identifier. google.protobuf.UInt32Value identifier = 1 [ (validate.rules).uint32 = {lte: 65535 gte: 0}, (validate.rules).message = {required: true} ]; // The 32 bit parameter value. google.protobuf.UInt32Value value = 2 [(validate.rules).message = {required: true}]; } // `Maximum table size `_ // (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values // range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header // compression. google.protobuf.UInt32Value hpack_table_size = 1; // `Maximum concurrent streams `_ // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // // For upstream connections, this also limits how many streams Envoy will initiate concurrently // on a single connection. If the limit is reached, Envoy may queue requests or establish // additional connections (as allowed per circuit breaker limits). google.protobuf.UInt32Value max_concurrent_streams = 2 [(validate.rules).uint32 = {lte: 2147483647 gte: 1}]; // `Initial stream-level flow-control window // `_ size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // // NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default // window size now, so it's also the minimum. // // This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the // HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to // stop the flow of data to the codec buffers. google.protobuf.UInt32Value initial_stream_window_size = 3 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Similar to *initial_stream_window_size*, but for connection-level flow-control // window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. google.protobuf.UInt32Value initial_connection_window_size = 4 [(validate.rules).uint32 = {lte: 2147483647 gte: 65535}]; // Allows proxying Websocket and other upgrades over H2 connect. bool allow_connect = 5; // [#not-implemented-hide:] Hiding until envoy has full metadata support. // Still under implementation. DO NOT USE. // // Allows metadata. See [metadata // docs](https://github.com/envoyproxy/envoy/blob/master/source/docs/h2_metadata.md) for more // information. bool allow_metadata = 6; // Limit the number of pending outbound downstream frames of all types (frames that are waiting to // be written into the socket). Exceeding this limit triggers flood mitigation and connection is // terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due // to flood mitigation. The default limit is 10000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_frames = 7 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM, // preventing high memory utilization when receiving continuous stream of these frames. Exceeding // this limit triggers flood mitigation and connection is terminated. The // ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood // mitigation. The default limit is 1000. // [#comment:TODO: implement same limits for upstream outbound frames as well.] google.protobuf.UInt32Value max_outbound_control_frames = 8 [(validate.rules).uint32 = {gte: 1}]; // Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an // empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but // might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood`` // stat tracks the number of connections terminated due to flood mitigation. // Setting this to 0 will terminate connection upon receiving first frame with an empty payload // and no end stream flag. The default limit is 1. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_consecutive_inbound_frames_with_empty_payload = 9; // Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number // of PRIORITY frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // max_inbound_priority_frames_per_stream * (1 + inbound_streams) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 100. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_priority_frames_per_stream = 10; // Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number // of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated // using this formula:: // // 1 + 2 * (inbound_streams + // max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames) // // the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks // the number of connections terminated due to flood mitigation. The default limit is 10. // Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control, // but more complex implementations that try to estimate available bandwidth require at least 2. // [#comment:TODO: implement same limits for upstream inbound frames as well.] google.protobuf.UInt32Value max_inbound_window_update_frames_per_data_frame_sent = 11 [(validate.rules).uint32 = {gte: 1}]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This is overridden by HCM :ref:`stream_error_on_invalid_http_messaging // ` // iff present. // // This is deprecated in favor of :ref:`override_stream_error_on_invalid_http_message // ` // // See `RFC7540, sec. 8.1 `_ for details. bool hidden_envoy_deprecated_stream_error_on_invalid_http_messaging = 12 [deprecated = true]; // Allows invalid HTTP messaging and headers. When this option is disabled (default), then // the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, // when this option is enabled, only the offending stream is terminated. // // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // // See `RFC7540, sec. 8.1 `_ for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 14; // [#not-implemented-hide:] // Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions: // // 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by // Envoy. // // 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field // 'allow_connect'. // // Note that custom parameters specified through this field can not also be set in the // corresponding named parameters: // // .. code-block:: text // // ID Field Name // ---------------- // 0x1 hpack_table_size // 0x3 max_concurrent_streams // 0x4 initial_stream_window_size // // Collisions will trigger config validation failure on load/update. Likewise, inconsistencies // between custom parameters with the same identifier will trigger a failure. // // See `IANA HTTP/2 Settings // `_ for // standardized identifiers. repeated SettingsParameter custom_settings_parameters = 13; // Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer // does not respond within the configured timeout, the connection will be aborted. KeepaliveSettings connection_keepalive = 15; } // [#not-implemented-hide:] message GrpcProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.GrpcProtocolOptions"; Http2ProtocolOptions http2_protocol_options = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Proxy Protocol] message ProxyProtocolConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.ProxyProtocolConfig"; enum Version { // PROXY protocol version 1. Human readable format. V1 = 0; // PROXY protocol version 2. Binary format. V2 = 1; } // The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details Version version = 1; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/socket_option.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "SocketOptionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Socket Option ] // Generic socket option message. This would be used to set socket options that // might not exist in upstream kernels or precompiled Envoy binaries. // [#next-free-field: 7] message SocketOption { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SocketOption"; enum SocketState { // Socket options are applied after socket creation but before binding the socket to a port STATE_PREBIND = 0; // Socket options are applied after binding the socket to a port but before calling listen() STATE_BOUND = 1; // Socket options are applied after calling listen() STATE_LISTENING = 2; } // An optional name to give this socket option for debugging, etc. // Uniqueness is not required and no special meaning is assumed. string description = 1; // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP int64 level = 2; // The numeric name as passed to setsockopt int64 name = 3; oneof value { option (validate.required) = true; // Because many sockopts take an int value. int64 int_value = 4; // Otherwise it's a byte buffer. bytes buf_value = 5; } // The state in which the option will be applied. When used in BindConfig // STATE_PREBIND is currently the only valid value. SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/core/v4alpha/substitution_format_string.proto ================================================ syntax = "proto3"; package envoy.config.core.v4alpha; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; option java_outer_classname = "SubstitutionFormatStringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Substitution format string] // Configuration to use multiple :ref:`command operators ` // to generate a new string in either plain text or JSON format. message SubstitutionFormatString { option (udpa.annotations.versioning).previous_message_type = "envoy.config.core.v3.SubstitutionFormatString"; oneof format { option (validate.required) = true; // Specify a format with command operators to form a text string. // Its details is described in :ref:`format string`. // // For example, setting ``text_format`` like below, // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // generates plain text similar to: // // .. code-block:: text // // upstream connect error:503:path=/foo // string text_format = 1 [(validate.rules).string = {min_len: 1}]; // Specify a format with command operators to form a JSON string. // Its details is described in :ref:`format dictionary`. // Values are rendered as strings, numbers, or boolean values as appropriate. // Nested JSON objects may be produced by some command operators (e.g. FILTER_STATE or DYNAMIC_METADATA). // See the documentation for a specific command operator for details. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // // The following JSON object would be created: // // .. code-block:: json // // { // "status": 500, // "message": "My error message" // } // google.protobuf.Struct json_format = 2 [(validate.rules).message = {required: true}]; } // If set to true, when command operators are evaluated to null, // // * for ``text_format``, the output of the empty operator is changed from ``-`` to an // empty string, so that empty values are omitted entirely. // * for ``json_format`` the keys with null values are omitted in the output structure. bool omit_empty_values = 3; // Specify a *content_type* field. // If this field is not set then ``text/plain`` is used for *text_format* and // ``application/json`` is used for *json_format*. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // content_type: "text/html; charset=UTF-8" // string content_type = 4; } ================================================ FILE: generated_api_shadow/envoy/config/endpoint/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "//envoy/api/v2/endpoint:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/endpoint/v3/endpoint.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "envoy/type/v3/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "EndpointProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Endpoint configuration] // Endpoint discovery :ref:`architecture overview ` // Each route from RDS will map to a single cluster or traffic split across // clusters using weights expressed in the RDS WeightedCluster. // // With EDS, each cluster is treated independently from a LB perspective, with // LB taking place between the Localities within a cluster and at a finer // granularity between the hosts within a locality. The percentage of traffic // for each endpoint is determined by both its load_balancing_weight, and the // load_balancing_weight of its locality. First, a locality will be selected, // then an endpoint within that locality will be chose based on its weight. // [#next-free-field: 6] message ClusterLoadAssignment { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment"; // Load balancing policy settings. // [#next-free-field: 6] message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment.Policy"; // [#not-implemented-hide:] message DropOverload { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload"; // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_len: 1}]; // Percentage of traffic that should be dropped for the category. type.v3.FractionalPercent drop_percentage = 2; } reserved 1; // Action to trim the overall incoming traffic to protect the upstream // hosts. This action allows protection in case the hosts are unable to // recover from an outage, or unable to autoscale or unable to handle // incoming traffic volume for any reason. // // At the client each category is applied one after the other to generate // the 'actual' drop percentage on all outgoing traffic. For example: // // .. code-block:: json // // { "drop_overloads": [ // { "category": "throttle", "drop_percentage": 60 } // { "category": "lb", "drop_percentage": 50 } // ]} // // The actual drop percentages applied to the traffic at the clients will be // "throttle"_drop = 60% // "lb"_drop = 20% // 50% of the remaining 'actual' load, which is 40%. // actual_outgoing_load = 20% // remaining after applying all categories. // [#not-implemented-hide:] repeated DropOverload drop_overloads = 2; // Priority levels and localities are considered overprovisioned with this // factor (in percentage). This means that we don't consider a priority // level or locality unhealthy until the fraction of healthy hosts // multiplied by the overprovisioning factor drops below 100. // With the default value 140(1.4), Envoy doesn't consider a priority level // or a locality unhealthy until their percentage of healthy hosts drops // below 72%. For example: // // .. code-block:: json // // { "overprovisioning_factor": 100 } // // Read more at :ref:`priority levels ` and // :ref:`localities `. google.protobuf.UInt32Value overprovisioning_factor = 3 [(validate.rules).uint32 = {gt: 0}]; // The max time until which the endpoints from this assignment can be used. // If no new assignments are received before this time expires the endpoints // are considered stale and should be marked unhealthy. // Defaults to 0 which means endpoints never go stale. google.protobuf.Duration endpoint_stale_after = 4 [(validate.rules).duration = {gt {}}]; bool hidden_envoy_deprecated_disable_overprovisioning = 5 [deprecated = true]; } // Name of the cluster. This will be the :ref:`service_name // ` value if specified // in the cluster :ref:`EdsClusterConfig // `. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // List of endpoints to load balance to. repeated LocalityLbEndpoints endpoints = 2; // Map of named endpoints that can be referenced in LocalityLbEndpoints. // [#not-implemented-hide:] map named_endpoints = 5; // Load balancing policy settings. Policy policy = 4; } ================================================ FILE: generated_api_shadow/envoy/config/endpoint/v3/endpoint_components.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "EndpointComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Endpoints] // Upstream host identifier. message Endpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.Endpoint"; // The optional health check configuration. message HealthCheckConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.Endpoint.HealthCheckConfig"; // Optional alternative health check port value. // // By default the health check address port of an upstream host is the same // as the host's serving address port. This provides an alternative health // check port. Setting this with a non-zero value allows an upstream host // to have different health check address port. uint32 port_value = 1 [(validate.rules).uint32 = {lte: 65535}]; // By default, the host header for L7 health checks is controlled by cluster level configuration // (see: :ref:`host ` and // :ref:`authority `). Setting this // to a non-empty value allows overriding the cluster level configuration for a specific // endpoint. string hostname = 2; } // The upstream host address. // // .. attention:: // // The form of host address depends on the given cluster type. For STATIC or EDS, // it is expected to be a direct IP address (or something resolvable by the // specified :ref:`resolver ` // in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname, // and will be resolved via DNS. core.v3.Address address = 1; // The optional health check configuration is used as configuration for the // health checker to contact the health checked host. // // .. attention:: // // This takes into effect only for upstream clusters with // :ref:`active health checking ` enabled. HealthCheckConfig health_check_config = 2; // The hostname associated with this endpoint. This hostname is not used for routing or address // resolution. If provided, it will be associated with the endpoint, and can be used for features // that require a hostname, like // :ref:`auto_host_rewrite `. string hostname = 3; } // An Endpoint that Envoy can route traffic to. // [#next-free-field: 6] message LbEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.LbEndpoint"; // Upstream host identifier or a named reference. oneof host_identifier { Endpoint endpoint = 1; // [#not-implemented-hide:] string endpoint_name = 5; } // Optional health status when known and supplied by EDS server. core.v3.HealthStatus health_status = 2; // The endpoint metadata specifies values that may be used by the load // balancer to select endpoints in a cluster for a given request. The filter // name should be specified as *envoy.lb*. An example boolean key-value pair // is *canary*, providing the optional canary status of the upstream host. // This may be matched against in a route's // :ref:`RouteAction ` metadata_match field // to subset the endpoints considered in cluster load balancing. core.v3.Metadata metadata = 3; // The optional load balancing weight of the upstream host; at least 1. // Envoy uses the load balancing weight in some of the built in load // balancers. The load balancing weight for an endpoint is divided by the sum // of the weights of all endpoints in the endpoint's locality to produce a // percentage of traffic for the endpoint. This percentage is then further // weighted by the endpoint's locality's load balancing weight from // LocalityLbEndpoints. If unspecified, each host is presumed to have equal // weight in a locality. The sum of the weights of all endpoints in the // endpoint's locality must not exceed uint32_t maximal value (4294967295). google.protobuf.UInt32Value load_balancing_weight = 4 [(validate.rules).uint32 = {gte: 1}]; } // A group of endpoints belonging to a Locality. // One can have multiple LocalityLbEndpoints for a locality, but this is // generally only done if the different groups need to have different load // balancing weights or different priorities. // [#next-free-field: 7] message LocalityLbEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.LocalityLbEndpoints"; // Identifies location of where the upstream hosts run. core.v3.Locality locality = 1; // The group of endpoints belonging to the locality specified. repeated LbEndpoint lb_endpoints = 2; // Optional: Per priority/region/zone/sub_zone weight; at least 1. The load // balancing weight for a locality is divided by the sum of the weights of all // localities at the same priority level to produce the effective percentage // of traffic for the locality. The sum of the weights of all localities at // the same priority level must not exceed uint32_t maximal value (4294967295). // // Locality weights are only considered when :ref:`locality weighted load // balancing ` is // configured. These weights are ignored otherwise. If no weights are // specified when locality weighted load balancing is enabled, the locality is // assigned no load. google.protobuf.UInt32Value load_balancing_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Optional: the priority for this LocalityLbEndpoints. If unspecified this will // default to the highest priority (0). // // Under usual circumstances, Envoy will only select endpoints for the highest // priority (0). In the event all endpoints for a particular priority are // unavailable/unhealthy, Envoy will fail over to selecting endpoints for the // next highest priority group. // // Priorities should range from 0 (highest) to N (lowest) without skipping. uint32 priority = 5 [(validate.rules).uint32 = {lte: 128}]; // Optional: Per locality proximity value which indicates how close this // locality is from the source locality. This value only provides ordering // information (lower the value, closer it is to the source locality). // This will be consumed by load balancing schemes that need proximity order // to determine where to route the requests. // [#not-implemented-hide:] google.protobuf.UInt32Value proximity = 6; } ================================================ FILE: generated_api_shadow/envoy/config/endpoint/v3/load_report.proto ================================================ syntax = "proto3"; package envoy.config.endpoint.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.endpoint.v3"; option java_outer_classname = "LoadReportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Load Report] // These are stats Envoy reports to the management server at a frequency defined by // :ref:`LoadStatsResponse.load_reporting_interval`. // Stats per upstream region/zone and optionally per subzone. // [#next-free-field: 9] message UpstreamLocalityStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.UpstreamLocalityStats"; // Name of zone, region and optionally endpoint group these metrics were // collected from. Zone and region names could be empty if unknown. core.v3.Locality locality = 1; // The total number of requests successfully completed by the endpoints in the // locality. uint64 total_successful_requests = 2; // The total number of unfinished requests uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint, // aggregated over all endpoints in the locality. uint64 total_error_requests = 4; // The total number of requests that were issued by this Envoy since // the last report. This information is aggregated over all the // upstream endpoints in the locality. uint64 total_issued_requests = 8; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; // Endpoint granularity stats information for this locality. This information // is populated if the Server requests it by setting // :ref:`LoadStatsResponse.report_endpoint_granularity`. repeated UpstreamEndpointStats upstream_endpoint_stats = 7; // [#not-implemented-hide:] The priority of the endpoint group these metrics // were collected from. uint32 priority = 6; } // [#next-free-field: 8] message UpstreamEndpointStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.UpstreamEndpointStats"; // Upstream host address. core.v3.Address address = 1; // Opaque and implementation dependent metadata of the // endpoint. Envoy will pass this directly to the management server. google.protobuf.Struct metadata = 6; // The total number of requests successfully completed by the endpoints in the // locality. These include non-5xx responses for HTTP, where errors // originate at the client and the endpoint responded successfully. For gRPC, // the grpc-status values are those not covered by total_error_requests below. uint64 total_successful_requests = 2; // The total number of unfinished requests for this endpoint. uint64 total_requests_in_progress = 3; // The total number of requests that failed due to errors at the endpoint. // For HTTP these are responses with 5xx status codes and for gRPC the // grpc-status values: // // - DeadlineExceeded // - Unimplemented // - Internal // - Unavailable // - Unknown // - DataLoss uint64 total_error_requests = 4; // The total number of requests that were issued to this endpoint // since the last report. A single TCP connection, HTTP or gRPC // request or stream is counted as one request. uint64 total_issued_requests = 7; // Stats for multi-dimensional load balancing. repeated EndpointLoadMetricStats load_metric_stats = 5; } message EndpointLoadMetricStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.EndpointLoadMetricStats"; // Name of the metric; may be empty. string metric_name = 1; // Number of calls that finished and included this metric. uint64 num_requests_finished_with_metric = 2; // Sum of metric values across all calls that finished with this metric for // load_reporting_interval. double total_metric_value = 3; } // Per cluster load stats. Envoy reports these stats a management server in a // :ref:`LoadStatsRequest` // Next ID: 7 // [#next-free-field: 7] message ClusterStats { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.ClusterStats"; message DroppedRequests { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.endpoint.ClusterStats.DroppedRequests"; // Identifier for the policy specifying the drop. string category = 1 [(validate.rules).string = {min_len: 1}]; // Total number of deliberately dropped requests for the category. uint64 dropped_count = 2; } // The name of the cluster. string cluster_name = 1 [(validate.rules).string = {min_len: 1}]; // The eds_cluster_config service_name of the cluster. // It's possible that two clusters send the same service_name to EDS, // in that case, the management server is supposed to do aggregation on the load reports. string cluster_service_name = 6; // Need at least one. repeated UpstreamLocalityStats upstream_locality_stats = 2 [(validate.rules).repeated = {min_items: 1}]; // Cluster-level stats such as total_successful_requests may be computed by // summing upstream_locality_stats. In addition, below there are additional // cluster-wide stats. // // The total number of dropped requests. This covers requests // deliberately dropped by the drop_overload policy and circuit breaking. uint64 total_dropped_requests = 3; // Information about deliberately dropped requests for each category specified // in the DropOverload policy. repeated DroppedRequests dropped_requests = 5; // Period over which the actual load report occurred. This will be guaranteed to include every // request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy // and the *LoadStatsResponse* message sent from the management server, this may be longer than // the requested load reporting interval in the *LoadStatsResponse*. google.protobuf.Duration load_report_interval = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/README.md ================================================ Protocol buffer definitions for filters. Visibility of the definitions should be constrained to none except for shared definitions between explicitly enumerated filters (e.g. accesslog and fault definitions). ================================================ FILE: generated_api_shadow/envoy/config/filter/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/accesslog/v2/accesslog.proto ================================================ syntax = "proto3"; package envoy.config.filter.accesslog.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.accesslog.v2"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.accesslog.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common access log types] message AccessLog { // The name of the access log implementation to instantiate. The name must // match a statically registered access log. Current built-in loggers include: // // #. "envoy.access_loggers.file" // #. "envoy.access_loggers.http_grpc" // #. "envoy.access_loggers.tcp_grpc" string name = 1; // Filter which is used to determine if the access log needs to be written. AccessLogFilter filter = 2; // Custom configuration that depends on the access log being instantiated. Built-in // configurations include: // // #. "envoy.access_loggers.file": :ref:`FileAccessLog // ` // #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig // ` // #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig // ` oneof config_type { google.protobuf.Struct config = 3 [deprecated = true]; google.protobuf.Any typed_config = 4; } } // [#next-free-field: 12] message AccessLogFilter { oneof filter_specifier { option (validate.required) = true; // Status code filter. StatusCodeFilter status_code_filter = 1; // Duration filter. DurationFilter duration_filter = 2; // Not health check filter. NotHealthCheckFilter not_health_check_filter = 3; // Traceable filter. TraceableFilter traceable_filter = 4; // Runtime filter. RuntimeFilter runtime_filter = 5; // And filter. AndFilter and_filter = 6; // Or filter. OrFilter or_filter = 7; // Header filter. HeaderFilter header_filter = 8; // Response flag filter. ResponseFlagFilter response_flag_filter = 9; // gRPC status filter. GrpcStatusFilter grpc_status_filter = 10; // Extension filter. ExtensionFilter extension_filter = 11; } } // Filter on an integer comparison. message ComparisonFilter { enum Op { // = EQ = 0; // >= GE = 1; // <= LE = 2; } // Comparison operator. Op op = 1 [(validate.rules).enum = {defined_only: true}]; // Value to compare against. api.v2.core.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. message StatusCodeFilter { // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters on total request duration in milliseconds. message DurationFilter { // Comparison. ComparisonFilter comparison = 1 [(validate.rules).message = {required: true}]; } // Filters for requests that are not health check requests. A health check // request is marked by the health check filter. message NotHealthCheckFilter { } // Filters for requests that are traceable. See the tracing overview for more // information on how a request becomes traceable. message TraceableFilter { } // Filters for random sampling of requests. message RuntimeFilter { // Runtime key to get an optional overridden numerator for use in the *percent_sampled* field. // If found in runtime, this value will replace the default numerator. string runtime_key = 1 [(validate.rules).string = {min_bytes: 1}]; // The default sampling percentage. If not specified, defaults to 0% with denominator of 100. type.FractionalPercent percent_sampled = 2; // By default, sampling pivots on the header // :ref:`x-request-id` being present. If // :ref:`x-request-id` is present, the filter will // consistently sample across multiple hosts based on the runtime key value and the value // extracted from :ref:`x-request-id`. If it is // missing, or *use_independent_randomness* is set to true, the filter will randomly sample based // on the runtime key value alone. *use_independent_randomness* can be used for logging kill // switches within complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to reason about // from a probability perspective (i.e., setting to true will cause the filter to behave like // an independent random variable when composed within logical operator filters). bool use_independent_randomness = 3; } // Performs a logical “and” operation on the result of each filter in filters. // Filters are evaluated sequentially and if one of them returns false, the // filter returns false immediately. message AndFilter { repeated AccessLogFilter filters = 1 [(validate.rules).repeated = {min_items: 2}]; } // Performs a logical “or” operation on the result of each individual filter. // Filters are evaluated sequentially and if one of them returns true, the // filter returns true immediately. message OrFilter { repeated AccessLogFilter filters = 2 [(validate.rules).repeated = {min_items: 2}]; } // Filters requests based on the presence or value of a request header. message HeaderFilter { // Only requests with a header which matches the specified HeaderMatcher will pass the filter // check. api.v2.route.HeaderMatcher header = 1 [(validate.rules).message = {required: true}]; } // Filters requests that received responses with an Envoy response flag set. // A list of the response flags can be found // in the access log formatter :ref:`documentation`. message ResponseFlagFilter { // Only responses with the any of the flags listed in this field will be logged. // This field is optional. If it is not specified, then any response flag will pass // the filter check. repeated string flags = 1 [(validate.rules).repeated = { items { string { in: "LH" in: "UH" in: "UT" in: "LR" in: "UR" in: "UF" in: "UC" in: "UO" in: "NR" in: "DI" in: "FI" in: "RL" in: "UAEX" in: "RLSE" in: "DC" in: "URX" in: "SI" in: "IH" in: "DPE" } } }]; } // Filters gRPC requests based on their response status. If a gRPC status is not provided, the // filter will infer the status from the HTTP status code. message GrpcStatusFilter { enum Status { OK = 0; CANCELED = 1; UNKNOWN = 2; INVALID_ARGUMENT = 3; DEADLINE_EXCEEDED = 4; NOT_FOUND = 5; ALREADY_EXISTS = 6; PERMISSION_DENIED = 7; RESOURCE_EXHAUSTED = 8; FAILED_PRECONDITION = 9; ABORTED = 10; OUT_OF_RANGE = 11; UNIMPLEMENTED = 12; INTERNAL = 13; UNAVAILABLE = 14; DATA_LOSS = 15; UNAUTHENTICATED = 16; } // Logs only responses that have any one of the gRPC statuses in this field. repeated Status statuses = 1 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; // If included and set to true, the filter will instead block all responses with a gRPC status or // inferred gRPC status enumerated in statuses, and allow all other responses. bool exclude = 2; } // Extension filter is statically registered at runtime. message ExtensionFilter { // The name of the filter implementation to instantiate. The name must // match a statically registered filter. string name = 1; // Custom configuration that depends on the filter being instantiated. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } ================================================ FILE: generated_api_shadow/envoy/config/filter/dubbo/router/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/dubbo/router/v2alpha1/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.dubbo.router.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.dubbo.router.v2alpha1"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.router.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Router] // Dubbo router :ref:`configuration overview `. message Router { } ================================================ FILE: generated_api_shadow/envoy/config/filter/fault/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/fault/v2/fault.proto ================================================ syntax = "proto3"; package envoy.config.filter.fault.v2; import "envoy/type/percent.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.fault.v2"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.common.fault.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common fault injection types] // Delay specification is used to inject latency into the // HTTP/gRPC/Mongo/Redis operation or delay proxying of TCP connections. // [#next-free-field: 6] message FaultDelay { enum FaultDelayType { // Unused and deprecated. FIXED = 0; } // Fault delays are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderDelay { } reserved 2; // Unused and deprecated. Will be removed in the next release. FaultDelayType type = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; oneof fault_delay_secifier { option (validate.required) = true; // Add a fixed delay before forwarding the operation upstream. See // https://developers.google.com/protocol-buffers/docs/proto3#json for // the JSON/YAML Duration mapping. For HTTP/Mongo/Redis, the specified // delay will be injected before a new request/operation. For TCP // connections, the proxying of the connection upstream will be delayed // for the specified period. This is required if type is FIXED. google.protobuf.Duration fixed_delay = 3 [(validate.rules).duration = {gt {}}]; // Fault delays are controlled via an HTTP header (if applicable). HeaderDelay header_delay = 5; } // The percentage of operations/connections/requests on which the delay will be injected. type.FractionalPercent percentage = 4; } // Describes a rate limit to be applied. message FaultRateLimit { // Describes a fixed/constant rate limit. message FixedLimit { // The limit supplied in KiB/s. uint64 limit_kbps = 1 [(validate.rules).uint64 = {gte: 1}]; } // Rate limits are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderLimit { } oneof limit_type { option (validate.required) = true; // A fixed rate limit. FixedLimit fixed_limit = 1; // Rate limits are controlled via an HTTP header (if applicable). HeaderLimit header_limit = 3; } // The percentage of operations/connections/requests on which the rate limit will be injected. type.FractionalPercent percentage = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/adaptive_concurrency/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/adaptive_concurrency/v2alpha/adaptive_concurrency.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.adaptive_concurrency.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/type/percent.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.adaptive_concurrency.v2alpha"; option java_outer_classname = "AdaptiveConcurrencyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.adaptive_concurrency.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Adaptive Concurrency] // Adaptive Concurrency Control :ref:`configuration overview // `. // [#extension: envoy.filters.http.adaptive_concurrency] // Configuration parameters for the gradient controller. message GradientControllerConfig { // Parameters controlling the periodic recalculation of the concurrency limit from sampled request // latencies. message ConcurrencyLimitCalculationParams { // The allowed upper-bound on the calculated concurrency limit. Defaults to 1000. google.protobuf.UInt32Value max_concurrency_limit = 2 [(validate.rules).uint32 = {gt: 0}]; // The period of time samples are taken to recalculate the concurrency limit. google.protobuf.Duration concurrency_update_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } // Parameters controlling the periodic minRTT recalculation. // [#next-free-field: 6] message MinimumRTTCalculationParams { // The time interval between recalculating the minimum request round-trip time. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gt {} }]; // The number of requests to aggregate/sample during the minRTT recalculation window before // updating. Defaults to 50. google.protobuf.UInt32Value request_count = 2 [(validate.rules).uint32 = {gt: 0}]; // Randomized time delta that will be introduced to the start of the minRTT calculation window. // This is represented as a percentage of the interval duration. Defaults to 15%. // // Example: If the interval is 10s and the jitter is 15%, the next window will begin // somewhere in the range (10s - 11.5s). type.Percent jitter = 3; // The concurrency limit set while measuring the minRTT. Defaults to 3. google.protobuf.UInt32Value min_concurrency = 4 [(validate.rules).uint32 = {gt: 0}]; // Amount added to the measured minRTT to add stability to the concurrency limit during natural // variability in latency. This is expressed as a percentage of the measured value and can be // adjusted to allow more or less tolerance to the sampled latency values. // // Defaults to 25%. type.Percent buffer = 5; } // The percentile to use when summarizing aggregated samples. Defaults to p50. type.Percent sample_aggregate_percentile = 1; ConcurrencyLimitCalculationParams concurrency_limit_params = 2 [(validate.rules).message = {required: true}]; MinimumRTTCalculationParams min_rtt_calc_params = 3 [(validate.rules).message = {required: true}]; } message AdaptiveConcurrency { oneof concurrency_controller_config { option (validate.required) = true; // Gradient concurrency control will be used. GradientControllerConfig gradient_controller_config = 1 [(validate.rules).message = {required: true}]; } // If set to false, the adaptive concurrency filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. api.v2.core.RuntimeFeatureFlag enabled = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/aws_lambda/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/aws_lambda/v2alpha/aws_lambda.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.aws_lambda.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.aws_lambda.v2alpha"; option java_outer_classname = "AwsLambdaProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.aws_lambda.v3"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AWS Lambda] // AWS Lambda :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_lambda] // AWS Lambda filter config message Config { enum InvocationMode { // This is the more common mode of invocation, in which Lambda responds after it has completed the function. In // this mode the output of the Lambda function becomes the response of the HTTP request. SYNCHRONOUS = 0; // In this mode Lambda responds immediately but continues to process the function asynchronously. This mode can be // used to signal events for example. In this mode, Lambda responds with an acknowledgment that it received the // call which is translated to an HTTP 200 OK by the filter. ASYNCHRONOUS = 1; } // The ARN of the AWS Lambda to invoke when the filter is engaged // Must be in the following format: // arn::lambda:::function: string arn = 1 [(validate.rules).string = {min_len: 1}]; // Whether to transform the request (headers and body) to a JSON payload or pass it as is. bool payload_passthrough = 2; // Determines the way to invoke the Lambda function. InvocationMode invocation_mode = 3 [(validate.rules).enum = {defined_only: true}]; } // Per-route configuration for AWS Lambda. This can be useful when invoking a different Lambda function or a different // version of the same Lambda depending on the route. message PerRouteConfig { Config invoke_config = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/aws_request_signing/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/aws_request_signing/v2alpha/aws_request_signing.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.aws_request_signing.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.aws_request_signing.v2alpha"; option java_outer_classname = "AwsRequestSigningProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.aws_request_signing.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AwsRequestSigning] // AwsRequestSigning :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_request_signing] // Top level configuration for the AWS request signing filter. message AwsRequestSigning { // The `service namespace // `_ // of the HTTP endpoint. // // Example: s3 string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The `region `_ hosting the HTTP // endpoint. // // Example: us-west-2 string region = 2 [(validate.rules).string = {min_bytes: 1}]; // Indicates that before signing headers, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both signing and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for signing whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 3; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/buffer/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/buffer/v2/buffer.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.buffer.v2; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.buffer.v2"; option java_outer_classname = "BufferProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.buffer.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Buffer] // Buffer :ref:`configuration overview `. // [#extension: envoy.filters.http.buffer] message Buffer { reserved 2; // The maximum request size that the filter will buffer before the connection // manager will stop buffering and return a 413 response. google.protobuf.UInt32Value max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}, (validate.rules).message = {required: true}]; } message BufferPerRoute { oneof override { option (validate.required) = true; // Disable the buffer filter for this particular vhost or route. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Override the global configuration of the filter with this new config. Buffer buffer = 2 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/cache/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/cache/v2alpha/cache.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.cache.v2alpha; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.cache.v2alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.cache.v3alpha"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated api.v2.route.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated api.v2.route.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/compressor/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/compressor/v2/compressor.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.compressor.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.compressor.v2"; option java_outer_classname = "CompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.compressor.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Compressor] // [#next-free-field: 6] message Compressor { // Minimum response length, in bytes, which will trigger compression. The default value is 30. google.protobuf.UInt32Value content_length = 1; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml" // and their synonyms. repeated string content_type = 2; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. bool disable_on_etag_header = 3; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // To avoid interfering with other compression filters in the same chain use this option in // the filter closest to the upstream. bool remove_accept_encoding_header = 4; // Runtime flag that controls whether the filter is enabled or not. If set to false, the // filter will operate as a pass-through filter. If not specified, defaults to enabled. api.v2.core.RuntimeFeatureFlag runtime_enabled = 5; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/cors/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/cors/v2/cors.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.cors.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.cors.v2"; option java_outer_classname = "CorsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.cors.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Cors] // CORS Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.cors] // Cors filter config. message Cors { } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/csrf/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/csrf/v2/csrf.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.csrf.v2; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/string.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.csrf.v2"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.csrf.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. api.v2.core.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. api.v2.core.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.StringMatcher additional_origins = 3; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.dynamic_forward_proxy.v2alpha; import "envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.dynamic_forward_proxy.v2alpha"; option java_outer_classname = "DynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.dynamic_forward_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamic forward proxy] // Configuration for the dynamic forward proxy HTTP filter. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.filters.http.dynamic_forward_proxy] message FilterConfig { // The DNS cache configuration that the filter will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy cluster configuration // `. common.dynamic_forward_proxy.v2alpha.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } // Per route Configuration for the dynamic forward proxy HTTP filter. message PerRouteConfig { oneof host_rewrite_specifier { // Indicates that before DNS lookup, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 1 [(udpa.annotations.field_migrate).rename = "host_rewrite_literal"]; // Indicates that before DNS lookup, the host header will be swapped with // the value of this header. If not set or empty, the original host header // value will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite header ` // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. string auto_host_rewrite_header = 2 [(udpa.annotations.field_migrate).rename = "host_rewrite_header"]; } } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/dynamo/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/dynamo/v2/dynamo.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.dynamo.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.dynamo.v2"; option java_outer_classname = "DynamoProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.dynamo.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamo] // Dynamo :ref:`configuration overview `. // [#extension: envoy.filters.http.dynamo] // Dynamo filter config. message Dynamo { } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/ext_authz/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/ext_authz/v2/ext_authz.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.ext_authz.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/grpc_service.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/type/http_status.proto"; import "envoy/type/matcher/string.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.ext_authz.v2"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ext_authz.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 12] message ExtAuthz { // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). api.v2.core.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Sets the package version the gRPC service should use. This is particularly // useful when transitioning from alpha to release versions assuming that both definitions are // semantically compatible. Deprecation note: This field is deprecated and should only be used for // version upgrade. See release notes for more details. bool use_alpha = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. api.v2.core.RuntimeFractionalPercent filter_enabled = 9; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. api.v2.core.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; } // Configuration for buffering the request data. message BufferSettings { // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. api.v2.core.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated api.v2.core.HeaderValue headers_to_add = 2; } message AuthorizationResponse { // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. You can use this to provide extra context for the // external authorization server on specific virtual hosts \ routes. For example, adding a context // extension on the virtual host level can give the ext-authz server information on what virtual // host is used without needing to parse the host header. If CheckSettings is specified in multiple // per-filter-configs, they will be merged in order, and the result will be used. message CheckSettings { // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/fault/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/fault/v2/fault.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.fault.v2; import "envoy/api/v2/route/route_components.proto"; import "envoy/config/filter/fault/v2/fault.proto"; import "envoy/type/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.fault.v2"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.fault.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] message FaultAbort { // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.FractionalPercent percentage = 3; } // [#next-free-field: 14] message HTTPFault { // If specified, the filter will inject delays based on the values in the // object. filter.fault.v2.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated api.v2.route.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. filter.fault.v2.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_http1_bridge/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_http1_bridge/v2/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_http1_bridge.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_bridge.v2"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_http1_bridge.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC HTTP/1.1 Bridge] // gRPC HTTP/1.1 Bridge Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_http1_bridge] // gRPC HTTP/1.1 Bridge filter config. message Config { } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC HTTP/1.1 Reverse Bridge] // gRPC HTTP/1.1 Reverse Bridge :ref:`configuration overview // `. // [#extension: envoy.filters.http.grpc_http1_reverse_bridge] // gRPC reverse bridge filter configuration message FilterConfig { // The content-type to pass to the upstream when the gRPC bridge filter is applied. // The filter will also validate that the upstream responds with the same content type. string content_type = 1 [(validate.rules).string = {min_bytes: 1}]; // If true, Envoy will assume that the upstream doesn't understand gRPC frames and // strip the gRPC frame from the request, and add it back in to the response. This will // hide the gRPC semantics from the upstream, allowing it to receive and respond with a // simple binary encoded protobuf. bool withhold_grpc_frames = 2; } // gRPC reverse bridge filter configuration per virtualhost/route/weighted-cluster level. message FilterConfigPerRoute { // If true, disables gRPC reverse bridge filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_stats/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_stats/v2alpha/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_stats.v2alpha; import "envoy/api/v2/core/grpc_method_list.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_stats.v2alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_stats.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC statistics] gRPC statistics filter // :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_stats] // gRPC statistics filter configuration message FilterConfig { // If true, the filter maintains a filter state object with the request and response message // counts. bool emit_filter_state = 1; oneof per_method_stat_specifier { // If set, specifies an allowlist of service/methods that will have individual stats // emitted for them. Any call that does not match the allowlist will be counted // in a stat with no method specifier: `cluster..grpc.*`. api.v2.core.GrpcMethodList individual_method_stats_allowlist = 2; // If set to true, emit stats for all service/method names. // // If set to false, emit stats for all service/message types to the same stats without including // the service/method in the name, with prefix `cluster..grpc`. This can be useful if // service/method granularity is not needed, or if each cluster only receives a single method. // // .. attention:: // This option is only safe if all clients are trusted. If this option is enabled // with untrusted clients, the clients could cause unbounded growth in the number of stats in // Envoy, using unbounded memory and potentially slowing down stats pipelines. // // .. attention:: // If neither `individual_method_stats_allowlist` nor `stats_for_all_methods` is set, the // behavior will default to `stats_for_all_methods=true`. This default value is deprecated, // and in a future release, if neither field is set, it will default to // `stats_for_all_methods=false` in order to be safe by default. This behavior can be // controlled with runtime override // `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. google.protobuf.BoolValue stats_for_all_methods = 3; } } // gRPC statistics filter state object in protobuf form. message FilterObject { // Count of request messages in the request stream. uint64 request_message_count = 1; // Count of response messages in the response stream. uint64 response_message_count = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_web/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/grpc_web/v2/grpc_web.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.grpc_web.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_web.v2"; option java_outer_classname = "GrpcWebProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_web.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Web] // gRPC Web :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_web] // gRPC Web filter config. message GrpcWeb { } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/gzip/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/compressor/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/gzip/v2/gzip.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.gzip.v2; import "envoy/config/filter/http/compressor/v2/compressor.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.gzip.v2"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.gzip.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Gzip] // Gzip :ref:`configuration overview `. // [#extension: envoy.filters.http.gzip] // [#next-free-field: 11] message Gzip { enum CompressionStrategy { DEFAULT = 0; FILTERED = 1; HUFFMAN = 2; RLE = 3; } message CompressionLevel { enum Enum { DEFAULT = 0; BEST = 1; SPEED = 2; } } // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // Minimum response length, in bytes, which will trigger compression. The default value is 30. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. google.protobuf.UInt32Value content_length = 2 [deprecated = true]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST" provides higher compression at the cost of // higher latency, "SPEED" provides lower compression with minimum impact on response time. // "DEFAULT" provides an optimal result between speed and compression. This field will be set to // "DEFAULT" if not specified. CompressionLevel.Enum compression_level = 3 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT" will be the best choice, though // there are situations which changing this parameter might produce better results. For example, // run-length encoding (RLE) is typically used when the content is known for having sequences // which same data occurs many consecutive times. For more information about each strategy, please // refer to zlib manual. CompressionStrategy compression_strategy = 4 [(validate.rules).enum = {defined_only: true}]; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml". // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. repeated string content_type = 6 [deprecated = true]; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. bool disable_on_etag_header = 7 [deprecated = true]; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // **This field is deprecated**. Set the `compressor` field instead. bool remove_accept_encoding_header = 8 [deprecated = true]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 9 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Set of configuration parameters common for all compression filters. If this field is set then // the fields `content_length`, `content_type`, `disable_on_etag_header` and // `remove_accept_encoding_header` are ignored. compressor.v2.Compressor compressor = 10; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/header_to_metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.header_to_metadata.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.header_to_metadata.v2"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.header_to_metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 6] message KeyValuePair { // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_bytes: 1}]; // The value to pair with the given key. // // When used for a `on_header_present` case, if value is non-empty it'll be used // instead of the header value. If both are empty, no metadata is added. // // When used for a `on_header_missing` case, a non-empty value must be provided // otherwise no metadata is added. string value = 3; // The value's type — defaults to string. ValueType type = 4; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. message Rule { // The header that triggers this rule — required. string header = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If the header is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header value. KeyValuePair on_header_present = 2; // If the header is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header value. KeyValuePair on_header_missing = 3; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/health_check/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/health_check/v2/health_check.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.health_check.v2; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.health_check.v2"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.health_check.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated api.v2.route.HeaderMatcher headers = 5; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/ip_tagging/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/ip_tagging/v2/ip_tagging.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.ip_tagging.v2; import "envoy/api/v2/core/address.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.ip_tagging.v2"; option java_outer_classname = "IpTaggingProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ip_tagging.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: IP tagging] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.ip_tagging] message IPTagging { // The type of requests the filter should apply to. The supported types // are internal, external or both. The // :ref:`x-forwarded-for` header is // used to determine if a request is internal and will result in // :ref:`x-envoy-internal` // being set. The filter defaults to both, and it will apply to all request types. enum RequestType { // Both external and internal requests will be tagged. This is the default value. BOTH = 0; // Only internal requests will be tagged. INTERNAL = 1; // Only external requests will be tagged. EXTERNAL = 2; } // Supplies the IP tag name and the IP address subnets. message IPTag { // Specifies the IP tag name to apply. string ip_tag_name = 1; // A list of IP address subnets that will be tagged with // ip_tag_name. Both IPv4 and IPv6 are supported. repeated api.v2.core.CidrRange ip_list = 2; } // The type of request the filter should apply to. RequestType request_type = 1 [(validate.rules).enum = {defined_only: true}]; // [#comment:TODO(ccaraman): Extend functionality to load IP tags from file system. // Tracked by issue https://github.com/envoyproxy/envoy/issues/2695] // The set of IP tags for the filter. repeated IPTag ip_tags = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/jwt_authn/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/jwt_authn/v2alpha/README.md ================================================ # JWT Authentication HTTP filter config ## Overview 1. The proto file in this folder defines an HTTP filter config for "jwt_authn" filter. 2. This filter will verify the JWT in the HTTP request as: - The signature should be valid - JWT should not be expired - Issuer and audiences are valid and specified in the filter config. 3. [JWK](https://tools.ietf.org/html/rfc7517#appendix-A) is needed to verify JWT signature. It can be fetched from a remote server or read from a local file. If the JWKS is fetched remotely, it will be cached by the filter. 3. If a JWT is valid, the user is authenticated and the request will be forwarded to the backend server. If a JWT is not valid, the request will be rejected with an error message. ## The locations to extract JWT JWT will be extracted from the HTTP headers or query parameters. The default location is the HTTP header: ``` Authorization: Bearer ``` The next default location is in the query parameter as: ``` ?access_token= ``` If a custom location is desired, `from_headers` or `from_params` can be used to specify custom locations to extract JWT. ## HTTP header to pass successfully verified JWT If a JWT is valid, its payload will be passed to the backend in a new HTTP header specified in `forward_payload_header` field. Its value is base64url-encoded JWT payload in JSON. ## Further header options In addition to the `name` field, which specifies the HTTP header name, the `from_headers` section can specify an optional `value_prefix` value, as in: ```yaml from_headers: - name: bespoke value_prefix: jwt_value ``` The above will cause the jwt_authn filter to look for the JWT in the `bespoke` header, following the tag `jwt_value`. Any non-JWT characters (i.e., anything _other than_ alphanumerics, `_`, `-`, and `.`) will be skipped, and all following, contiguous, JWT-legal chars will be taken as the JWT. This means all of the following will return a JWT of `eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk`: ```text bespoke: jwt_value=eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk bespoke: {"jwt_value": "eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk"} bespoke: beta:true,jwt_value:"eyJFbnZveSI6ICJyb2NrcyJ9.e30.c2lnbmVk",trace=1234 ``` The header `name` may be `Authorization`. The `value_prefix` must match exactly, i.e., case-sensitively. If the `value_prefix` is not found, the header is skipped: not considered as a source for a JWT token. If there are no JWT-legal characters after the `value_prefix`, the entire string after it is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. ================================================ FILE: generated_api_shadow/envoy/config/filter/http/jwt_authn/v2alpha/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.jwt_authn.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/http_uri.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.jwt_authn.v2alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.jwt_authn.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_bytes: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // api.v2.core.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // api.v2.core.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { // The HTTP header name. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2; } // Specify a required provider with audiences. message ProviderWithAudiences { // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // api.v2.route.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/lua/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/lua/v2/lua.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.lua.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.lua.v2"; option java_outer_classname = "LuaProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.lua.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Lua] // Lua :ref:`configuration overview `. // [#extension: envoy.filters.http.lua] message Lua { // The Lua code that Envoy will execute. This can be a very small script that // further loads code from disk if desired. Note that if JSON configuration is used, the code must // be properly escaped. YAML configuration may be easier to read since YAML supports multi-line // strings so complex scripts can be easily expressed inline in the configuration. string inline_code = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/on_demand/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/on_demand/v2/on_demand.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.on_demand.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.on_demand.v2"; option java_outer_classname = "OnDemandProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.on_demand.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: OnDemand] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.on_demand] message OnDemand { } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/original_src/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/original_src/v2alpha1/original_src.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.original_src.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.original_src.v2alpha1"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.original_src.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // The Original Src filter binds upstream connections to the original source address determined // for the request. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. // [#extension: envoy.filters.http.original_src] message OriginalSrc { // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/rate_limit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/rate_limit/v2/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.rate_limit.v2; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.rate_limit.v2"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.ratelimit] // [#next-free-field: 8] message RateLimit { // The rate limit domain to use when calling the rate limit service. string domain = 1 [(validate.rules).string = {min_bytes: 1}]; // Specifies the rate limit configurations to be applied with the same // stage number. If not set, the default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The type of requests the filter should apply to. The supported // types are *internal*, *external* or *both*. A request is considered internal if // :ref:`x-envoy-internal` is set to true. If // :ref:`x-envoy-internal` is not set or false, a // request is considered external. The filter defaults to *both*, and it will apply to all request // types. string request_type = 3 [(validate.rules).string = {in: "internal" in: "external" in: "both" in: ""}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Specifies whether a `RESOURCE_EXHAUSTED` gRPC code must be returned instead // of the default `UNAVAILABLE` gRPC code for a rate limited gRPC call. The // HTTP code will be 200 for a gRPC response. bool rate_limited_as_resource_exhausted = 6; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 7 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.rbac.v2; import "envoy/config/rbac/v2/rbac.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.rbac.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v2.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v2.RBAC shadow_rules = 2; } message RBACPerRoute { reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/router/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/router/v2/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.router.v2; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.router.v2"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.router.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated accesslog.v2.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/squash/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/squash/v2/squash.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.squash.v2; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.squash.v2"; option java_outer_classname = "SquashProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.squash.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Squash] // Squash :ref:`configuration overview `. // [#extension: envoy.filters.http.squash] // [#next-free-field: 6] message Squash { // The name of the cluster that hosts the Squash server. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // When the filter requests the Squash server to create a DebugAttachment, it will use this // structure as template for the body of the request. It can contain reference to environment // variables in the form of '{{ ENV_VAR_NAME }}'. These can be used to provide the Squash server // with more information to find the process to attach the debugger to. For example, in a // Istio/k8s environment, this will contain information on the pod: // // .. code-block:: json // // { // "spec": { // "attachment": { // "pod": "{{ POD_NAME }}", // "namespace": "{{ POD_NAMESPACE }}" // }, // "match_request": true // } // } // // (where POD_NAME, POD_NAMESPACE are configured in the pod via the Downward API) google.protobuf.Struct attachment_template = 2; // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. google.protobuf.Duration request_timeout = 3; // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 // seconds. google.protobuf.Duration attachment_timeout = 4; // Amount of time to poll for the status of the attachment object in the Squash server // (to check if has been attached). Defaults to 1 second. google.protobuf.Duration attachment_poll_period = 5; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.tap.v2alpha; import "envoy/config/common/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { // Common configuration for the HTTP tap filter. common.tap.v2alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/http/transcoder/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/http/transcoder/v2/transcoder.proto ================================================ syntax = "proto3"; package envoy.config.filter.http.transcoder.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.http.transcoder.v2"; option java_outer_classname = "TranscoderProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.grpc_json_transcoder.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC-JSON transcoder] // gRPC-JSON transcoder :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_json_transcoder] // [#next-free-field: 10] message GrpcJsonTranscoder { message PrintOptions { // Whether to add spaces, line breaks and indentation to make the JSON // output easy to read. Defaults to false. bool add_whitespace = 1; // Whether to always print primitive fields. By default primitive // fields with default values will be omitted in JSON output. For // example, an int32 field set to 0 will be omitted. Setting this flag to // true will override the default behavior and print primitive fields // regardless of their values. Defaults to false. bool always_print_primitive_fields = 2; // Whether to always print enums as ints. By default they are rendered // as strings. Defaults to false. bool always_print_enums_as_ints = 3; // Whether to preserve proto field names. By default protobuf will // generate JSON field names using the ``json_name`` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. bool preserve_proto_field_names = 4; } oneof descriptor_set { option (validate.required) = true; // Supplies the filename of // :ref:`the proto descriptor set ` for the gRPC // services. string proto_descriptor = 1; // Supplies the binary content of // :ref:`the proto descriptor set ` for the gRPC // services. bytes proto_descriptor_bin = 4; } // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than // the service names specified here, but they won't be translated. repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; // Control options for response JSON. These options are passed directly to // `JsonPrintOptions `_. PrintOptions print_options = 3; // Whether to keep the incoming request route after the outgoing headers have been transformed to // the match the upstream gRPC service. Note: This means that routes for gRPC services that are // not transcoded cannot be used in combination with *match_incoming_request_route*. bool match_incoming_request_route = 5; // A list of query parameters to be ignored for transcoding method mapping. // By default, the transcoder filter will not transcode a request if there are any // unknown/invalid query parameters. // // Example : // // .. code-block:: proto // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) { // option (google.api.http) = { // get: "/shelves/{shelf}" // }; // } // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow // the same request to be mapped to ``GetShelf``. repeated string ignored_query_parameters = 6; // Whether to route methods without the ``google.api.http`` option. // // Example : // // .. code-block:: proto // // package bookstore; // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) {} // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. bool auto_mapping = 7; // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do // not know them beforehand. Otherwise use ``ignored_query_parameters``. // Defaults to false. bool ignore_unknown_query_parameters = 8; // Whether to convert gRPC status headers to JSON. // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` // from the ``grpc-status-details-bin`` header and use it as JSON body. // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and // ``grpc-message`` headers. // The error details types must be present in the ``proto_descriptor``. // // For example, if an upstream server replies with headers: // // .. code-block:: none // // grpc-status: 5 // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message // ``google.rpc.Status``. It will be transcoded into: // // .. code-block:: none // // HTTP/1.1 404 Not Found // content-type: application/json // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // // In order to transcode the message, the ``google.rpc.RequestInfo`` type from // the ``google/rpc/error_details.proto`` should be included in the configured // :ref:`proto descriptor set `. bool convert_grpc_status = 9; } ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/http_inspector/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/http_inspector/v2/http_inspector.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.http_inspector.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.http_inspector.v2"; option java_outer_classname = "HttpInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.http_inspector.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP Inspector Filter] // Detect whether the application protocol is HTTP. // [#extension: envoy.filters.listener.http_inspector] message HttpInspector { } ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/original_dst/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/original_dst/v2/original_dst.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.original_dst.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.original_dst.v2"; option java_outer_classname = "OriginalDstProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.original_dst.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Dst Filter] // Use the Original destination address on downstream connections. // [#extension: envoy.filters.listener.original_dst] message OriginalDst { } ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/original_src/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/original_src/v2alpha1/original_src.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.original_src.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.original_src.v2alpha1"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.original_src.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // [#extension: envoy.filters.listener.original_src] // The Original Src filter binds upstream connections to the original source address determined // for the connection. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. message OriginalSrc { // Whether to bind the port to the one used in the original downstream connection. // [#not-implemented-hide:] bool bind_port = 1; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/proxy_protocol/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/proxy_protocol/v2/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.proxy_protocol.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.proxy_protocol.v2"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.proxy_protocol.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Proxy Protocol Filter] // PROXY protocol listener filter. // [#extension: envoy.filters.listener.proxy_protocol] message ProxyProtocol { } ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/tls_inspector/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/listener/tls_inspector/v2/tls_inspector.proto ================================================ syntax = "proto3"; package envoy.config.filter.listener.tls_inspector.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.listener.tls_inspector.v2"; option java_outer_classname = "TlsInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.listener.tls_inspector.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TLS Inspector Filter] // Allows detecting whether the transport appears to be TLS or plaintext. // [#extension: envoy.filters.listener.tls_inspector] message TlsInspector { } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/client_ssl_auth/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.client_ssl_auth.v2; import "envoy/api/v2/core/address.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.client_ssl_auth.v2"; option java_outer_classname = "ClientSslAuthProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.client_ssl_auth.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Client TLS authentication] // Client TLS authentication // :ref:`configuration overview `. // [#extension: envoy.filters.network.client_ssl_auth] message ClientSSLAuth { // The :ref:`cluster manager ` cluster that runs // the authentication service. The filter will connect to the service every 60s to fetch the list // of principals. The service must support the expected :ref:`REST API // `. string auth_api_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 2 [(validate.rules).string = {min_bytes: 1}]; // Time in milliseconds between principal refreshes from the // authentication service. Default is 60000 (60s). The actual fetch time // will be this value plus a random jittered value between // 0-refresh_delay_ms milliseconds. google.protobuf.Duration refresh_delay = 3; // An optional list of IP address and subnet masks that should be white // listed for access by the filter. If no list is provided, there is no // IP allowlist. repeated api.v2.core.CidrRange ip_white_list = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/direct_response/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/direct_response/v2/config.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.direct_response.v2; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.direct_response.v2"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.direct_response.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Direct response] // Direct response :ref:`configuration overview `. // [#extension: envoy.filters.network.direct_response] message Config { // Response data as a data source. api.v2.core.DataSource response = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/dubbo_proxy/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/route:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/dubbo_proxy/v2alpha1/README.md ================================================ Protocol buffer definitions for the Dubbo proxy. ================================================ FILE: generated_api_shadow/envoy/config/filter/network/dubbo_proxy/v2alpha1/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.dubbo_proxy.v2alpha1; import "envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.dubbo_proxy.v2alpha1"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.dubbo_proxy.v2alpha1; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/string.proto"; import "envoy/type/range.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.dubbo_proxy.v2alpha1"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.dubbo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated api.v2.route.HeaderMatcher headers = 2; } message RouteAction { oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. api.v2.route.WeightedCluster weighted_clusters = 2; } } message MethodMatch { // The parameter matching type. message ParameterMatchSpecifier { oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.Int64Range range_match = 4; } } // The name of the method. type.matcher.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/echo/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/echo/v2/echo.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.echo.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.echo.v2"; option java_outer_classname = "EchoProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.echo.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Echo] // Echo :ref:`configuration overview `. // [#extension: envoy.filters.network.echo] message Echo { } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/ext_authz/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/ext_authz/v2/ext_authz.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.ext_authz.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.ext_authz.v2"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.ext_authz.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. message ExtAuthz { // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. api.v2.core.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/http_connection_manager/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/core:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/config/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.http_connection_manager.v2; import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/core/protocol.proto"; import "envoy/api/v2/route.proto"; import "envoy/api/v2/scoped_route.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/config/trace/v2/http_tracer.proto"; import "envoy/type/percent.proto"; import "envoy/type/tracing/v2/custom_tag.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.http_connection_manager.v2"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.http_connection_manager.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 37] message HttpConnectionManager { enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } // The span name will be derived from this field. If // :ref:`traffic_direction ` is // specified on the parent listener, then it is used instead of this field. // // .. attention:: // This field has been deprecated in favor of `traffic_direction`. OperationName operation_name = 1 [ deprecated = true, (validate.rules).enum = {defined_only: true}, (envoy.annotations.disallowed_by_default) = true ]; // A list of header names used to create tags for the active span. The header name is used to // populate the tag name, and the header value is used to populate the tag value. The tag is // created if the specified header name is present in the request's headers. // // .. attention:: // This field has been deprecated in favor of :ref:`custom_tags // `. repeated string request_headers_for_tags = 2 [deprecated = true]; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v2.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. trace.v2.Tracing.Http provider = 9; } message InternalAddressConfig { // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_bytes: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. api.v2.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. api.v2.core.HttpProtocolOptions common_http_protocol_options = 35; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. api.v2.core.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. api.v2.core.Http2ProtocolOptions http2_protocol_options = 9; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The idle timeout for connections managed by the connection manager. The // idle timeout is defined as the period in which there are no active // requests. If not set, there is no idle timeout. When the idle timeout is // reached the connection will be closed. If the connection is an HTTP/2 // connection a drain sequence will occur prior to closing the connection. // This field is deprecated. Use :ref:`idle_timeout // ` // instead. google.protobuf.Duration idle_timeout = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to this corner // case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated accesslog.v2.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; } message Rds { // Configuration source specifier for RDS. api.v2.core.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2 [(validate.rules).string = {min_bytes: 1}]; } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { repeated api.v2.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { // Specifies a header field's key value pair to match on. message KvElement { // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_bytes: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_bytes: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. api.v2.core.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { // Configuration source specifier for scoped RDS. api.v2.core.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } message HttpFilter { reserved 3; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 4; } } message RequestIDExtension { // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/kafka_broker/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/kafka_broker/v2alpha1/kafka_broker.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.kafka_broker.v2alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.kafka_broker.v2alpha1"; option java_outer_classname = "KafkaBrokerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.kafka_broker.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Kafka Broker] // Kafka Broker :ref:`configuration overview `. // [#extension: envoy.filters.network.kafka_broker] message KafkaBroker { // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/local_rate_limit/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/local_rate_limit/v2alpha/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.local_rate_limit.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/type/token_bucket.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.local_rate_limit.v2alpha"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.local_ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Local rate limit] // Local rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.local_ratelimit] message LocalRateLimit { // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The token bucket configuration to use for rate limiting connections that are processed by the // filter's filter chain. Each incoming connection processed by the filter consumes a single // token. If the token is available, the connection will be allowed. If no tokens are available, // the connection will be immediately closed. // // .. note:: // In the current implementation each filter and filter chain has an independent rate limit. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults // to enabled. api.v2.core.RuntimeFeatureFlag runtime_enabled = 3; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/mongo_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/fault/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.mongo_proxy.v2; import "envoy/config/filter/fault/v2/fault.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.mongo_proxy.v2"; option java_outer_classname = "MongoProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.mongo_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Mongo proxy] // MongoDB :ref:`configuration overview `. // [#extension: envoy.filters.network.mongo_proxy] message MongoProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The optional path to use for writing Mongo access logs. If not access log // path is specified no access logs will be written. Note that access log is // also gated :ref:`runtime `. string access_log = 2; // Inject a fixed delay before proxying a Mongo operation. Delays are // applied to the following MongoDB operations: Query, Insert, GetMore, // and KillCursors. Once an active delay is in progress, all incoming // data up until the timer event fires will be a part of the delay. fault.v2.FaultDelay delay = 3; // Flag to specify whether :ref:`dynamic metadata // ` should be emitted. Defaults to false. bool emit_dynamic_metadata = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/mysql_proxy/v1alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/mysql_proxy/v1alpha1/mysql_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.mysql_proxy.v1alpha1; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.mysql_proxy.v1alpha1"; option java_outer_classname = "MysqlProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.mysql_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: MySQL proxy] // MySQL Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.mysql_proxy] message MySQLProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] The optional path to use for writing MySQL access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/rate_limit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/ratelimit:pkg", "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/rate_limit/v2/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.rate_limit.v2; import "envoy/api/v2/ratelimit/ratelimit.proto"; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.rate_limit.v2"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.ratelimit] // [#next-free-field: 7] message RateLimit { // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The rate limit domain to use in the rate limit service request. string domain = 2 [(validate.rules).string = {min_bytes: 1}]; // The rate limit descriptor list to use in the rate limit service request. repeated api.v2.ratelimit.RateLimitDescriptor descriptors = 3 [(validate.rules).repeated = {min_items: 1}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 6 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.rbac.v2; import "envoy/config/rbac/v2/rbac.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.rbac.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v2.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v2.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_bytes: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/redis_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.redis_proxy.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.redis_proxy.v2"; option java_outer_classname = "RedisProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.redis_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Redis Proxy] // Redis Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.redis_proxy] // [#next-free-field: 7] message RedisProxy { // Redis connection pool settings. // [#next-free-field: 9] message ConnPoolSettings { // ReadPolicy controls how Envoy routes read commands to Redis nodes. This is currently // supported for Redis Cluster. All ReadPolicy settings except MASTER may return stale data // because replication is asynchronous and requires some delay. You need to ensure that your // application can tolerate stale data. enum ReadPolicy { // Default mode. Read from the current primary node. MASTER = 0; // Read from the primary, but if it is unavailable, read from replica nodes. PREFER_MASTER = 1; // Read from replica nodes. If multiple replica nodes are present within a shard, a random // node is selected. Healthy nodes have precedent over unhealthy nodes. REPLICA = 2; // Read from the replica nodes (similar to REPLICA), but if all replicas are unavailable (not // present or unhealthy), read from the primary. PREFER_REPLICA = 3; // Read from any node of the cluster. A random node is selected among the primary and // replicas, healthy nodes have precedent over unhealthy nodes. ANY = 4; } // Per-operation timeout in milliseconds. The timer starts when the first // command of a pipeline is written to the backend connection. Each response received from Redis // resets the timer since it signifies that the next command is being processed by the backend. // The only exception to this behavior is when a connection to a backend is not yet established. // In that case, the connect timeout on the cluster will govern the timeout until the connection // is ready. google.protobuf.Duration op_timeout = 1 [(validate.rules).duration = {required: true}]; // Use hash tagging on every redis key to guarantee that keys with the same hash tag will be // forwarded to the same upstream. The hash key used for determining the upstream in a // consistent hash ring configuration will be computed from the hash tagged key instead of the // whole key. The algorithm used to compute the hash tag is identical to the `redis-cluster // implementation `_. // // Examples: // // * '{user1000}.following' and '{user1000}.followers' **will** be sent to the same upstream // * '{user1000}.following' and '{user1001}.following' **might** be sent to the same upstream bool enable_hashtagging = 2; // Accept `moved and ask redirection // `_ errors from upstream // redis servers, and retry commands to the specified target server. The target server does not // need to be known to the cluster manager. If the command cannot be redirected, then the // original error is passed downstream unchanged. By default, this support is not enabled. bool enable_redirection = 3; // Maximum size of encoded request buffer before flush is triggered and encoded requests // are sent upstream. If this is unset, the buffer flushes whenever it receives data // and performs no batching. // This feature makes it possible for multiple clients to send requests to Envoy and have // them batched- for example if one is running several worker processes, each with its own // Redis connection. There is no benefit to using this with a single downstream process. // Recommended size (if enabled) is 1024 bytes. uint32 max_buffer_size_before_flush = 4; // The encoded request buffer is flushed N milliseconds after the first request has been // encoded, unless the buffer size has already exceeded `max_buffer_size_before_flush`. // If `max_buffer_size_before_flush` is not set, this flush timer is not used. Otherwise, // the timer should be set according to the number of clients, overall request rate and // desired maximum latency for a single command. For example, if there are many requests // being batched together at a high rate, the buffer will likely be filled before the timer // fires. Alternatively, if the request rate is lower the buffer will not be filled as often // before the timer fires. // If `max_buffer_size_before_flush` is set, but `buffer_flush_timeout` is not, the latter // defaults to 3ms. google.protobuf.Duration buffer_flush_timeout = 5; // `max_upstream_unknown_connections` controls how many upstream connections to unknown hosts // can be created at any given time by any given worker thread (see `enable_redirection` for // more details). If the host is unknown and a connection cannot be created due to enforcing // this limit, then redirection will fail and the original redirection error will be passed // downstream unchanged. This limit defaults to 100. google.protobuf.UInt32Value max_upstream_unknown_connections = 6; // Enable per-command statistics per upstream cluster, in addition to the filter level aggregate // count. bool enable_command_stats = 8; // Read policy. The default is to read from the primary. ReadPolicy read_policy = 7 [(validate.rules).enum = {defined_only: true}]; } message PrefixRoutes { message Route { // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. message RequestMirrorPolicy { // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // If not specified or the runtime key is not present, all requests to the target cluster // will be mirrored. // // If specified, Envoy will lookup the runtime key to get the percentage of requests to the // mirror. api.v2.core.RuntimeFractionalPercent runtime_fraction = 2; // Set this to TRUE to only mirror write commands, this is effectively replicating the // writes in a "fire and forget" manner. bool exclude_read_commands = 3; } // String prefix that must match the beginning of the keys. Envoy will always favor the // longest match. string prefix = 1; // Indicates if the prefix needs to be removed from the key when forwarded. bool remove_prefix = 2; // Upstream cluster to forward the command to. string cluster = 3 [(validate.rules).string = {min_bytes: 1}]; // Indicates that the route has a request mirroring policy. repeated RequestMirrorPolicy request_mirror_policy = 4; } // List of prefix routes. repeated Route routes = 1; // Indicates that prefix matching should be case insensitive. bool case_insensitive = 2; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. // .. attention:: // // This field is deprecated. Use a :ref:`catch_all // route` // instead. string catch_all_cluster = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. Route catch_all_route = 4; } // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Name of cluster from cluster manager. See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing cluster. // // .. attention:: // // This field is deprecated. Use a :ref:`catch_all // route` // instead. string cluster = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; // Network settings for the connection pool to the upstream clusters. ConnPoolSettings settings = 3 [(validate.rules).message = {required: true}]; // Indicates that latency stat should be computed in microseconds. By default it is computed in // milliseconds. bool latency_in_micros = 4; // List of **unique** prefixes used to separate keys from different workloads to different // clusters. Envoy will always favor the longest match first in case of overlap. A catch-all // cluster can be used to forward commands when there is no match. Time complexity of the // lookups are in O(min(longest key prefix, key length)). // // Example: // // .. code-block:: yaml // // prefix_routes: // routes: // - prefix: "ab" // cluster: "cluster_a" // - prefix: "abc" // cluster: "cluster_b" // // When using the above routes, the following prefixes would be sent to: // // * ``get abc:users`` would retrieve the key 'abc:users' from cluster_b. // * ``get ab:users`` would retrieve the key 'ab:users' from cluster_a. // * ``get z:users`` would return a NoUpstreamHost error. A :ref:`catch-all // route` // would have retrieved the key from that cluster instead. // // See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing clusters. PrefixRoutes prefix_routes = 5; // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this password before enabling any other // command. If an AUTH command's password matches this password, an "OK" response will be returned // to the client. If the AUTH command password does not match this password, then an "ERR invalid // password" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no password is set" error will be returned. api.v2.core.DataSource downstream_auth_password = 6 [(udpa.annotations.sensitive) = true]; } // RedisProtocolOptions specifies Redis upstream protocol options. This object is used in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.redis_proxy`. message RedisProtocolOptions { // Upstream server password as defined by the `requirepass` directive // `_ in the server's configuration file. api.v2.core.DataSource auth_password = 1 [(udpa.annotations.sensitive) = true]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/sni_cluster/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/sni_cluster/v2/sni_cluster.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.sni_cluster.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.sni_cluster.v2"; option java_outer_classname = "SniClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.sni_cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: SNI Cluster Filter] // Set the upstream cluster name from the SNI field in the TLS connection. // [#extension: envoy.filters.network.sni_cluster] message SniCluster { } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/tcp_proxy/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/config/filter/accesslog/v2:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.tcp_proxy.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/type/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.tcp_proxy.v2"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.tcp_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 13] message TcpProxy { // [#not-implemented-hide:] Deprecated. // TCP Proxy filter configuration using V1 format. message DeprecatedV1 { option deprecated = true; // A TCP proxy route consists of a set of optional L4 criteria and the // name of a cluster. If a downstream connection matches all the // specified criteria, the cluster in the route is used for the // corresponding upstream connection. Routes are tried in the order // specified until a match is found. If no match is found, the connection // is closed. A route with no criteria is valid and always produces a // match. // [#next-free-field: 6] message TCPRoute { // The cluster to connect to when a the downstream network connection // matches the specified criteria. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // An optional list of IP address subnets in the form // “ip_address/xx”. The criteria is satisfied if the destination IP // address of the downstream connection is contained in at least one of // the specified subnets. If the parameter is not specified or the list // is empty, the destination IP address is ignored. The destination IP // address of the downstream connection might be different from the // addresses on which the proxy is listening if the connection has been // redirected. repeated api.v2.core.CidrRange destination_ip_list = 2; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the destination port of the // downstream connection is contained in at least one of the specified // ranges. If the parameter is not specified, the destination port is // ignored. The destination port address of the downstream connection // might be different from the port on which the proxy is listening if // the connection has been redirected. string destination_ports = 3; // An optional list of IP address subnets in the form // “ip_address/xx”. The criteria is satisfied if the source IP address // of the downstream connection is contained in at least one of the // specified subnets. If the parameter is not specified or the list is // empty, the source IP address is ignored. repeated api.v2.core.CidrRange source_ip_list = 4; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the source port of the // downstream connection is contained in at least one of the specified // ranges. If the parameter is not specified, the source port is // ignored. string source_ports = 5; } // The route table for the filter. All filter instances must have a route // table, even if it is empty. repeated TCPRoute routes = 1 [(validate.rules).repeated = {min_items: 1}]; } // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { message ClusterWeight { // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. api.v2.core.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_bytes: 1}]; } // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. api.v2.core.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated accesslog.v2.AccessLog access_log = 5; // [#not-implemented-hide:] Deprecated. DeprecatedV1 deprecated_v1 = 6 [deprecated = true]; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/thrift_proxy/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/thrift_proxy/v2alpha1/README.md ================================================ Protocol buffer definitions for the Thrift proxy. ================================================ FILE: generated_api_shadow/envoy/config/filter/network/thrift_proxy/v2alpha1/route.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.thrift_proxy.v2alpha1; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.thrift_proxy.v2alpha1"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated api.v2.route.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_bytes: 1}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. api.v2.core.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated api.v2.route.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { message ClusterWeight { // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. api.v2.core.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/thrift_proxy/v2alpha1/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.thrift_proxy.v2alpha1; import "envoy/config/filter/network/thrift_proxy/v2alpha1/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.thrift_proxy.v2alpha1"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/network/zookeeper_proxy/v1alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/network/zookeeper_proxy/v1alpha1/zookeeper_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.network.zookeeper_proxy.v1alpha1; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.network.zookeeper_proxy.v1alpha1"; option java_outer_classname = "ZookeeperProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.zookeeper_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ZooKeeper proxy] // ZooKeeper Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.zookeeper_proxy] message ZooKeeperProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // [#not-implemented-hide:] The optional path to use for writing ZooKeeper access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; // Messages — requests, responses and events — that are bigger than this value will // be ignored. If it is not set, the default value is 1Mb. // // The value here should match the jute.maxbuffer property in your cluster configuration: // // https://zookeeper.apache.org/doc/r3.4.10/zookeeperAdmin.html#Unsafe+Options // // if that is set. If it isn't, ZooKeeper's default is also 1Mb. google.protobuf.UInt32Value max_packet_bytes = 3; } ================================================ FILE: generated_api_shadow/envoy/config/filter/thrift/rate_limit/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/thrift/rate_limit/v2alpha1/rate_limit.proto ================================================ syntax = "proto3"; package envoy.config.filter.thrift.rate_limit.v2alpha1; import "envoy/config/ratelimit/v2/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.thrift.rate_limit.v2alpha1"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.thrift.ratelimit] // [#next-free-field: 6] message RateLimit { // The rate limit domain to use in the rate limit service request. string domain = 1 [(validate.rules).string = {min_bytes: 1}]; // Specifies the rate limit configuration stage. Each configured rate limit filter performs a // rate limit check using descriptors configured in the // :ref:`envoy_api_msg_config.filter.network.thrift_proxy.v2alpha1.RouteAction` for the request. // Only those entries with a matching stage number are used for a given filter. If not set, the // default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 3; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 4; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. ratelimit.v2.RateLimitServiceConfig rate_limit_service = 5 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/filter/thrift/router/v2alpha1/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/thrift/router/v2alpha1/router.proto ================================================ syntax = "proto3"; package envoy.config.filter.thrift.router.v2alpha1; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.filter.thrift.router.v2alpha1"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Thrift router :ref:`configuration overview `. // [#extension: envoy.filters.thrift.router] message Router { } ================================================ FILE: generated_api_shadow/envoy/config/filter/udp/udp_proxy/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/filter/udp/udp_proxy/v2alpha/udp_proxy.proto ================================================ syntax = "proto3"; package envoy.config.filter.udp.udp_proxy.v2alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.filter.udp.udp_proxy.v2alpha"; option java_outer_classname = "UdpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.udp.udp_proxy.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: UDP proxy] // UDP proxy :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.udp_proxy] // Configuration for the UDP proxy filter. message UdpProxyConfig { // The stat prefix used when emitting UDP proxy filter stats. string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; oneof route_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2 [(validate.rules).string = {min_bytes: 1}]; } // The idle timeout for sessions. Idle is defined as no datagrams between received or sent by // the session. The default if not specified is 1 minute. google.protobuf.Duration idle_timeout = 3; } ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v2alpha/aws_iam.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; option java_outer_classname = "AwsIamProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Grpc Credentials AWS IAM] // Configuration for AWS IAM Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.aws_iam] message AwsIamConfig { // The `service namespace // `_ // of the Grpc endpoint. // // Example: appmesh string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; // The `region `_ hosting the Grpc // endpoint. If unspecified, the extension will use the value in the ``AWS_REGION`` environment // variable. // // Example: us-west-2 string region = 2; } ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v2alpha/file_based_metadata.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v2alpha; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; option java_outer_classname = "FileBasedMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Grpc Credentials File Based Metadata] // Configuration for File Based Metadata Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.file_based_metadata] message FileBasedMetadataConfig { // Location or inline data of secret to use for authentication of the Google gRPC connection // this secret will be attached to a header of the gRPC connection api.v2.core.DataSource secret_data = 1 [(udpa.annotations.sensitive) = true]; // Metadata header key to use for sending the secret data // if no header key is set, "authorization" header will be used string header_key = 2; // Prefix to prepend to the secret in the metadata header // if no prefix is set, the default is to use no prefix string header_prefix = 3; } ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/grpc_credential/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v3/aws_iam.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v3"; option java_outer_classname = "AwsIamProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Grpc Credentials AWS IAM] // Configuration for AWS IAM Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.aws_iam] message AwsIamConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.grpc_credential.v2alpha.AwsIamConfig"; // The `service namespace // `_ // of the Grpc endpoint. // // Example: appmesh string service_name = 1 [(validate.rules).string = {min_len: 1}]; // The `region `_ hosting the Grpc // endpoint. If unspecified, the extension will use the value in the ``AWS_REGION`` environment // variable. // // Example: us-west-2 string region = 2; } ================================================ FILE: generated_api_shadow/envoy/config/grpc_credential/v3/file_based_metadata.proto ================================================ syntax = "proto3"; package envoy.config.grpc_credential.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.grpc_credential.v3"; option java_outer_classname = "FileBasedMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Grpc Credentials File Based Metadata] // Configuration for File Based Metadata Grpc Credentials Plugin // [#extension: envoy.grpc_credentials.file_based_metadata] message FileBasedMetadataConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.grpc_credential.v2alpha.FileBasedMetadataConfig"; // Location or inline data of secret to use for authentication of the Google gRPC connection // this secret will be attached to a header of the gRPC connection core.v3.DataSource secret_data = 1 [(udpa.annotations.sensitive) = true]; // Metadata header key to use for sending the secret data // if no header key is set, "authorization" header will be used string header_key = 2; // Prefix to prepend to the secret in the metadata header // if no prefix is set, the default is to use no prefix string header_prefix = 3; } ================================================ FILE: generated_api_shadow/envoy/config/health_checker/redis/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/health_checker/redis/v2/redis.proto ================================================ syntax = "proto3"; package envoy.config.health_checker.redis.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.health_checker.redis.v2"; option java_outer_classname = "RedisProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis] // Redis health checker :ref:`configuration overview `. // [#extension: envoy.health_checkers.redis] message Redis { // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/listener/v2/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v2; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v2"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.listener.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2:pkg", "//envoy/api/v2/listener:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/listener/v2:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v2.ApiListener"; // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/api_listener.proto"; import "envoy/config/listener/v3/listener_components.proto"; import "envoy/config/listener/v3/udp_listener_config.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // Listener list collections. Entries are *Listener* resources or references. // [#not-implemented-hide:] message ListenerCollection { repeated udpa.core.v1.CollectionEntry entries = 1; } // [#next-free-field: 25] message Listener { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener"; enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.DeprecatedV1"; // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.ConnectionBalanceConfig"; // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Listener.ConnectionBalanceConfig.ExactBalance"; } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.v3.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated FilterChain filter_chains = 3; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Listener metadata. core.v3.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v3.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.v3.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated accesslog.v3.AccessLog access_log = 22; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // writer to create, i.e. :ref:`name ` // = "udp_default_writer" for creating a udp writer with writing in passthrough mode, // = "udp_gso_batch_writer" for creating a udp writer with writing in batch mode. // If not present, treat it as "udp_default_writer". // [#not-implemented-hide:] core.v3.TypedExtensionConfig udp_writer_config = 23; // The maximum length a tcp listener's pending connections queue can grow to. If no value is // provided net.core.somaxconn will be used on Linux and 128 otherwise. google.protobuf.UInt32Value tcp_backlog_size = 24; google.protobuf.BoolValue hidden_envoy_deprecated_use_original_dst = 4 [deprecated = true]; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/listener_components.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/extensions/transport_sockets/tls/v3/tls.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.Filter"; reserved 3; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 4; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.FilterChainMatch"; enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. SAME_IP_OR_LOOPBACK = 1; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.v3.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.v3.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 9] message FilterChain { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.FilterChain"; // The configuration for on-demand filter chain. If this field is not empty in FilterChain message, // a filter chain will be built on-demand. // On-demand filter chains help speedup the warming up of listeners since the building and initialization of // an on-demand filter chain will be postponed to the arrival of new connection requests that require this filter chain. // Filter chains that are not often used can be set as on-demand. message OnDemandConfiguration { // The timeout to wait for filter chain placeholders to complete rebuilding. // 1. If this field is set to 0, timeout is disabled. // 2. If not specified, a default timeout of 15s is used. // Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached. // Upon failure or timeout, all connections related to this filter chain will be closed. // Rebuilding will start again on the next new connection. google.protobuf.Duration rebuild_timeout = 1; } // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.v3.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v3.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; // [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand. // If this field is not empty, the filter chain will be built on-demand. // Otherwise, the filter chain will be built normally and block listener warming. OnDemandConfiguration on_demand_configuration = 8; envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext hidden_envoy_deprecated_tls_context = 2 [deprecated = true]; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilterChainMatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet"; // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.v3.Int32Range destination_port_range = 5; } } message ListenerFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ListenerFilter"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/quic_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 5 message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.QuicProtocolOptions"; // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v3.RuntimeFeatureFlag enabled = 4; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/udp_default_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpDefaultWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Udp Default Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Default Writer. message UdpDefaultWriterOptions { } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/udp_gso_batch_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpGsoBatchWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Udp Gso Batch Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Gso Batch Writer. message UdpGsoBatchWriterOptions { } ================================================ FILE: generated_api_shadow/envoy/config/listener/v3/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v3; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.UdpListenerConfig"; // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } message ActiveRawUdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.ActiveRawUdpListenerConfig"; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/listener/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/api_listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ApiListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: API listener] // Describes a type of API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. message ApiListener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ApiListener"; // The type in this field determines the type of API listener. At present, the following // types are supported: // envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP) // [#next-major-version: In the v3 API, replace this Any field with a oneof containing the // specific config message for each type of API listener. We could not do this in v2 because // it would have caused circular dependencies for go protos: lds.proto depends on this file, // and http_connection_manager.proto depends on rds.proto, which is in the same directory as // lds.proto, so lds.proto cannot depend on this file.] google.protobuf.Any api_listener = 1; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/listener.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/api_listener.proto"; import "envoy/config/listener/v4alpha/listener_components.proto"; import "envoy/config/listener/v4alpha/udp_listener_config.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/collection_entry.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ListenerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listener configuration] // Listener :ref:`configuration overview ` // Listener list collections. Entries are *Listener* resources or references. // [#not-implemented-hide:] message ListenerCollection { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerCollection"; repeated udpa.core.v1.CollectionEntry entries = 1; } // [#next-free-field: 25] message Listener { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener"; enum DrainType { // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check // filter), listener removal/modification, and hot restart. DEFAULT = 0; // Drain in response to listener removal/modification and hot restart. This setting does not // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress // and egress listeners. MODIFY_ONLY = 1; } // [#not-implemented-hide:] message DeprecatedV1 { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.DeprecatedV1"; // Whether the listener should bind to the port. A listener that doesn't // bind can only receive connections redirected from other listeners that // set use_original_dst parameter to true. Default is true. // // This is deprecated in v2, all Listeners will bind to their port. An // additional filter chain must be created for every original destination // port this listener may redirect to in v2, with the original port // specified in the FilterChainMatch destination_port field. // // [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.] google.protobuf.BoolValue bind_to_port = 1; } // Configuration for listener connection balancing. message ConnectionBalanceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.ConnectionBalanceConfig"; // A connection balancer implementation that does exact balancing. This means that a lock is // held during balancing so that connection counts are nearly exactly balanced between worker // threads. This is "nearly" exact in the sense that a connection might close in parallel thus // making the counts incorrect, but this should be rectified on the next accept. This balancer // sacrifices accept throughput for accuracy and should be used when there are a small number of // connections that rarely cycle (e.g., service mesh gRPC egress). message ExactBalance { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Listener.ConnectionBalanceConfig.ExactBalance"; } oneof balance_type { option (validate.required) = true; // If specified, the listener will use the exact connection balancer. ExactBalance exact_balance = 1; } } reserved 14, 4; reserved "use_original_dst"; // The unique name by which this listener is known. If no name is provided, // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically // updated or removed via :ref:`LDS ` a unique name must be provided. string name = 1; // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. core.v4alpha.Address address = 2 [(validate.rules).message = {required: true}]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific // :ref:`FilterChainMatch ` criteria is used on a // connection. // // Example using SNI for filter chain selection can be found in the // :ref:`FAQ entry `. repeated FilterChain filter_chains = 3; // Soft limit on size of the listener’s new connection read and write buffers. // If unspecified, an implementation defined default is applied (1MiB). google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Listener metadata. core.v4alpha.Metadata metadata = 6; // [#not-implemented-hide:] DeprecatedV1 deprecated_v1 = 7; // The type of draining to perform at a listener-wide level. DrainType drain_type = 8; // Listener filters have the opportunity to manipulate and augment the connection metadata that // is used in connection filter chain matching, for example. These filters are run before any in // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. // UDP Listener filters can be specified when the protocol in the listener socket address in // :ref:`protocol ` is :ref:`UDP // `. // UDP listeners currently support a single filter. repeated ListenerFilter listener_filters = 9; // The timeout to wait for all listener filters to complete operation. If the timeout is reached, // the accepted socket is closed without a connection being created unless // `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the // timeout. If not specified, a default timeout of 15s is used. google.protobuf.Duration listener_filters_timeout = 15; // Whether a connection should be created when listener filters timeout. Default is false. // // .. attention:: // // Some listener filters, such as :ref:`Proxy Protocol filter // `, should not be used with this option. It will cause // unexpected behavior when a connection is created. bool continue_on_listener_filters_timeout = 17; // Whether the listener should be set as a transparent socket. // When this flag is set to true, connections can be redirected to the listener using an // *iptables* *TPROXY* target, in which case the original source and destination addresses and // ports are preserved on accepted connections. This flag should be used in combination with // :ref:`an original_dst ` :ref:`listener filter // ` to mark the connections' local addresses as // "restored." This can be used to hand off each redirected connection to another listener // associated with the connection's destination address. Direct connections to the socket without // using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are // therefore treated as if they were redirected. // When this flag is set to false, the listener's socket is explicitly reset as non-transparent. // Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability. // When this flag is not set (default), the socket is not modified, i.e. the transparent option // is neither set nor reset. google.protobuf.BoolValue transparent = 10; // Whether the listener should set the *IP_FREEBIND* socket option. When this // flag is set to true, listeners can be bound to an IP address that is not // configured on the system running Envoy. When this flag is set to false, the // option *IP_FREEBIND* is disabled on the socket. When this flag is not set // (default), the socket is not modified, i.e. the option is neither enabled // nor disabled. google.protobuf.BoolValue freebind = 11; // Additional socket options that may not be present in Envoy source code or // precompiled binaries. repeated core.v4alpha.SocketOption socket_options = 13; // Whether the listener should accept TCP Fast Open (TFO) connections. // When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on // the socket, with a queue length of the specified size // (see `details in RFC7413 `_). // When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket. // When this flag is not set (default), the socket is not modified, // i.e. the option is neither enabled nor disabled. // // On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable // TCP_FASTOPEN. // See `ip-sysctl.txt `_. // // On macOS, only values of 0, 1, and unset are valid; other values may result in an error. // To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter. google.protobuf.UInt32Value tcp_fast_open_queue_length = 12; // Specifies the intended direction of the traffic relative to the local Envoy. core.v4alpha.TrafficDirection traffic_direction = 16; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // listener to create, i.e. :ref:`udp_listener_name // ` = "raw_udp_listener" for // creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener". UdpListenerConfig udp_listener_config = 18; // Used to represent an API listener, which is used in non-proxy clients. The type of API // exposed to the non-proxy application depends on the type of API listener. // When this field is set, no other field except for :ref:`name` // should be set. // // .. note:: // // Currently only one ApiListener can be installed; and it can only be done via bootstrap config, // not LDS. // // [#next-major-version: In the v3 API, instead of this messy approach where the socket // listener fields are directly in the top-level Listener message and the API listener types // are in the ApiListener message, the socket listener messages should be in their own message, // and the top-level Listener should essentially be a oneof that selects between the // socket listener and the various types of API listener. That way, a given Listener message // can structurally only contain the fields of the relevant type.] ApiListener api_listener = 19; // The listener's connection balancer configuration, currently only applicable to TCP listeners. // If no configuration is specified, Envoy will not attempt to balance active connections between // worker threads. ConnectionBalanceConfig connection_balance_config = 20; // When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and // create one socket for each worker thread. This makes inbound connections // distribute among worker threads roughly evenly in cases where there are a high number // of connections. When this flag is set to false, all worker threads share one socket. // // Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart // (see `3rd paragraph in 'soreuseport' commit message // `_). // This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket // `_. bool reuse_port = 21; // Configuration for :ref:`access logs ` // emitted by this listener. repeated accesslog.v4alpha.AccessLog access_log = 22; // If the protocol in the listener socket address in :ref:`protocol // ` is :ref:`UDP // `, this field specifies the actual udp // writer to create, i.e. :ref:`name ` // = "udp_default_writer" for creating a udp writer with writing in passthrough mode, // = "udp_gso_batch_writer" for creating a udp writer with writing in batch mode. // If not present, treat it as "udp_default_writer". // [#not-implemented-hide:] core.v4alpha.TypedExtensionConfig udp_writer_config = 23; // The maximum length a tcp listener's pending connections queue can grow to. If no value is // provided net.core.somaxconn will be used on Linux and 128 otherwise. google.protobuf.UInt32Value tcp_backlog_size = 24; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/listener_components.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "ListenerComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Listener components] // Listener :ref:`configuration overview ` message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.Filter"; reserved 3, 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 4; } } // Specifies the match criteria for selecting a specific filter chain for a // listener. // // In order for a filter chain to be selected, *ALL* of its criteria must be // fulfilled by the incoming connection, properties of which are set by the // networking stack and/or listener filters. // // The following order applies: // // 1. Destination port. // 2. Destination IP address. // 3. Server name (e.g. SNI for TLS protocol), // 4. Transport protocol. // 5. Application protocols (e.g. ALPN for TLS protocol). // 6. Source type (e.g. any, local or external network). // 7. Source IP address. // 8. Source port. // // For criteria that allow ranges or wildcards, the most specific value in any // of the configured filter chains that matches the incoming connection is going // to be used (e.g. for SNI ``www.example.com`` the most specific match would be // ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter // chain without ``server_names`` requirements). // // [#comment: Implemented rules are kept in the preference order, with deprecated fields // listed at the end, because that's how we want to list them in the docs. // // [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules] // [#next-free-field: 13] message FilterChainMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChainMatch"; enum ConnectionSourceType { // Any connection source matches. ANY = 0; // Match a connection originating from the same host. SAME_IP_OR_LOOPBACK = 1; // Match a connection originating from a different host. EXTERNAL = 2; } reserved 1; // Optional destination port to consider when use_original_dst is set on the // listener in determining a filter chain match. google.protobuf.UInt32Value destination_port = 8 [(validate.rules).uint32 = {lte: 65535 gte: 1}]; // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. repeated core.v4alpha.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] string address_suffix = 4; // [#not-implemented-hide:] google.protobuf.UInt32Value suffix_len = 5; // Specifies the connection source IP match type. Can be any, local or external network. ConnectionSourceType source_type = 12 [(validate.rules).enum = {defined_only: true}]; // The criteria is satisfied if the source IP address of the downstream // connection is contained in at least one of the specified subnets. If the // parameter is not specified or the list is empty, the source IP address is // ignored. repeated core.v4alpha.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is // not specified, the source port is ignored. repeated uint32 source_ports = 7 [(validate.rules).repeated = {items {uint32 {lte: 65535 gte: 1}}}]; // If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining // a filter chain match. Those values will be compared against the server names of a new // connection, when detected by one of the listener filters. // // The server name will be matched against all wildcard domains, i.e. ``www.example.com`` // will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``. // // Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid. // // .. attention:: // // See the :ref:`FAQ entry ` on how to configure SNI for more // information. repeated string server_names = 11; // If non-empty, a transport protocol to consider when determining a filter chain match. // This value will be compared against the transport protocol of a new connection, when // it's detected by one of the listener filters. // // Suggested values include: // // * ``raw_buffer`` - default, used when no transport protocol is detected, // * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector ` // when TLS protocol is detected. string transport_protocol = 9; // If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when // determining a filter chain match. Those values will be compared against the application // protocols of a new connection, when detected by one of the listener filters. // // Suggested values include: // // * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector // `, // * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector ` // // .. attention:: // // Currently, only :ref:`TLS Inspector ` provides // application protocol detection based on the requested // `ALPN `_ values. // // However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet, // and matching on values other than ``h2`` is going to lead to a lot of false negatives, // unless all connecting clients are known to use ALPN. repeated string application_protocols = 10; } // A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and // various other parameters. // [#next-free-field: 9] message FilterChain { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChain"; // The configuration for on-demand filter chain. If this field is not empty in FilterChain message, // a filter chain will be built on-demand. // On-demand filter chains help speedup the warming up of listeners since the building and initialization of // an on-demand filter chain will be postponed to the arrival of new connection requests that require this filter chain. // Filter chains that are not often used can be set as on-demand. message OnDemandConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.FilterChain.OnDemandConfiguration"; // The timeout to wait for filter chain placeholders to complete rebuilding. // 1. If this field is set to 0, timeout is disabled. // 2. If not specified, a default timeout of 15s is used. // Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached. // Upon failure or timeout, all connections related to this filter chain will be closed. // Rebuilding will start again on the next new connection. google.protobuf.Duration rebuild_timeout = 1; } reserved 2; reserved "tls_context"; // The criteria to use when matching a connection to this filter chain. FilterChainMatch filter_chain_match = 1; // A list of individual network filters that make up the filter chain for // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. repeated Filter filters = 3; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that // remote address of the connection is the one specified in the header. Some // load balancers including the AWS ELB support this option. If the option is // absent or set to false, Envoy will use the physical peer address of the // connection as the remote address. google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. core.v4alpha.Metadata metadata = 5; // Optional custom transport socket implementation to use for downstream connections. // To setup TLS, set a transport socket with name `tls` and // :ref:`DownstreamTlsContext ` in the `typed_config`. // If no transport socket configuration is specified, new connections // will be set up with plaintext. core.v4alpha.TransportSocket transport_socket = 6; // [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no // name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter // chain is to be dynamically updated or removed via FCDS a unique name must be provided. string name = 7; // [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand. // If this field is not empty, the filter chain will be built on-demand. // Otherwise, the filter chain will be built normally and block listener warming. OnDemandConfiguration on_demand_configuration = 8; } // Listener filter chain match configuration. This is a recursive structure which allows complex // nested match configurations to be built using various logical operators. // // Examples: // // * Matches if the destination port is 3306. // // .. code-block:: yaml // // destination_port_range: // start: 3306 // end: 3307 // // * Matches if the destination port is 3306 or 15000. // // .. code-block:: yaml // // or_match: // rules: // - destination_port_range: // start: 3306 // end: 3306 // - destination_port_range: // start: 15000 // end: 15001 // // [#next-free-field: 6] message ListenerFilterChainMatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilterChainMatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet"; // The list of rules that make up the set. repeated ListenerFilterChainMatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. ListenerFilterChainMatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // Match destination port. Particularly, the match evaluation must use the recovered local port if // the owning listener filter is after :ref:`an original_dst listener filter `. type.v3.Int32Range destination_port_range = 5; } } message ListenerFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ListenerFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a // :ref:`supported filter `. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. // See the supported filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } // Optional match predicate used to disable the filter. The filter is enabled when this field is empty. // See :ref:`ListenerFilterChainMatchPredicate ` // for further examples. ListenerFilterChainMatchPredicate filter_disabled = 4; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/quic_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "QuicConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: QUIC listener Config] // Configuration specific to the QUIC protocol. // Next id: 5 message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.QuicProtocolOptions"; // Maximum number of streams that the client can negotiate per connection. 100 // if not specified. google.protobuf.UInt32Value max_concurrent_streams = 1; // Maximum number of milliseconds that connection will be alive when there is // no network activity. 300000ms if not specified. google.protobuf.Duration idle_timeout = 2; // Connection timeout in milliseconds before the crypto handshake is finished. // 20000ms if not specified. google.protobuf.Duration crypto_handshake_timeout = 3; // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v4alpha.RuntimeFeatureFlag enabled = 4; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/udp_default_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpDefaultWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Udp Default Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Default Writer. message UdpDefaultWriterOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpDefaultWriterOptions"; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/udp_gso_batch_writer_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpGsoBatchWriterConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Udp Gso Batch Writer Config] // [#not-implemented-hide:] // Configuration specific to the Udp Gso Batch Writer. message UdpGsoBatchWriterOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpGsoBatchWriterOptions"; } ================================================ FILE: generated_api_shadow/envoy/config/listener/v4alpha/udp_listener_config.proto ================================================ syntax = "proto3"; package envoy.config.listener.v4alpha; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "UdpListenerConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: UDP Listener Config] // Listener :ref:`configuration overview ` message UdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.UdpListenerConfig"; reserved 2; reserved "config"; // Used to look up UDP listener factory, matches "raw_udp_listener" or // "quic_listener" to create a specific udp listener. // If not specified, treat as "raw_udp_listener". string udp_listener_name = 1; // Used to create a specific listener factory. To some factory, e.g. // "raw_udp_listener", config is not needed. oneof config_type { google.protobuf.Any typed_config = 3; } } message ActiveRawUdpListenerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.ActiveRawUdpListenerConfig"; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/metrics/v2/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v2"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { // The upstream gRPC cluster that hosts the metrics service. api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v2/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v2; import "envoy/api/v2/core/address.proto"; import "envoy/type/matcher/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v2"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Statistics configuration such as tagging. message StatsConfig { // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. api.v2.core.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. api.v2.core.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/metrics/v3/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v3"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.MetricsServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v3.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; // API version for metric service transport protocol. This describes the metric service gRPC // endpoint and version of messages used on the wire. core.v3.ApiVersion transport_api_version = 3 [(validate.rules).enum = {defined_only: true}]; // If true, counters are reported as the delta between flushing intervals. Otherwise, the current // counter value is reported. Defaults to false. // Eventually (https://github.com/envoyproxy/envoy/issues/10968) if this value is not set, the // sink will take updates from the :ref:`MetricsResponse `. google.protobuf.BoolValue report_counters_as_deltas = 2; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v3/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v3; import "envoy/config/core/v3/address.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v3"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsSink"; // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Statistics configuration such as tagging. message StatsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsConfig"; // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; // Defines rules for setting the histogram buckets. Rules are evaluated in order, and the first // match is applied. If no match is found (or if no rules are set), the following default buckets // are used: // // .. code-block:: json // // [ // 0.5, // 1, // 5, // 10, // 25, // 50, // 100, // 250, // 500, // 1000, // 2500, // 5000, // 10000, // 30000, // 60000, // 300000, // 600000, // 1800000, // 3600000 // ] repeated HistogramBucketSettings histogram_bucket_settings = 4; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsMatcher"; oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v3.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v3.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.TagSpecifier"; // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Specifies a matcher for stats and the buckets that matching stats should use. message HistogramBucketSettings { // The stats that this rule applies to. The match is applied to the original stat name // before tag-extraction, for example `cluster.exampleclustername.upstream_cx_length_ms`. type.matcher.v3.StringMatcher match = 1 [(validate.rules).message = {required: true}]; // Each value is the upper bound of a bucket. Each bucket must be greater than 0 and unique. // The order of the buckets does not matter. repeated double buckets = 2 [(validate.rules).repeated = { min_items: 1 unique: true items {double {gt: 0.0}} }]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.StatsdSink"; oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. core.v3.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.DogStatsdSink"; reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. core.v3.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; // Optional max datagram size to use when sending UDP messages. By default Envoy // will emit one metric per datagram. By specifying a max-size larger than a single // metric, Envoy will emit multiple, new-line separated metrics. The max datagram // size should not exceed your network's MTU. // // Note that this value may not be respected if smaller than a single metric. google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v2.HystrixSink"; // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/metrics/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/metrics/v4alpha/metrics_service.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v4alpha"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics service] // Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink // `. This opaque configuration will be used to create // Metrics Service. // [#extension: envoy.stat_sinks.metrics_service] message MetricsServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.MetricsServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v4alpha.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; // API version for metric service transport protocol. This describes the metric service gRPC // endpoint and version of messages used on the wire. core.v4alpha.ApiVersion transport_api_version = 3 [(validate.rules).enum = {defined_only: true}]; // If true, counters are reported as the delta between flushing intervals. Otherwise, the current // counter value is reported. Defaults to false. // Eventually (https://github.com/envoyproxy/envoy/issues/10968) if this value is not set, the // sink will take updates from the :ref:`MetricsResponse `. google.protobuf.BoolValue report_counters_as_deltas = 2; } ================================================ FILE: generated_api_shadow/envoy/config/metrics/v4alpha/stats.proto ================================================ syntax = "proto3"; package envoy.config.metrics.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.metrics.v4alpha"; option java_outer_classname = "StatsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Stats] // Statistics :ref:`architecture overview `. // Configuration for pluggable stats sinks. message StatsSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsSink"; reserved 2; reserved "config"; // The name of the stats sink to instantiate. The name must match a supported // stats sink. The built-in stats sinks are: // // * :ref:`envoy.stat_sinks.statsd ` // * :ref:`envoy.stat_sinks.dog_statsd ` // * :ref:`envoy.stat_sinks.metrics_service ` // * :ref:`envoy.stat_sinks.hystrix ` // // Sinks optionally support tagged/multiple dimensional metrics. string name = 1; // Stats sink specific configuration which depends on the sink being instantiated. See // :ref:`StatsdSink ` for an example. oneof config_type { google.protobuf.Any typed_config = 3; } } // Statistics configuration such as tagging. message StatsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsConfig"; // Each stat name is iteratively processed through these tag specifiers. // When a tag is matched, the first capture group is removed from the name so // later :ref:`TagSpecifiers ` cannot match that // same portion of the match. repeated TagSpecifier stats_tags = 1; // Use all default tag regexes specified in Envoy. These can be combined with // custom tags specified in :ref:`stats_tags // `. They will be processed before // the custom tags. // // .. note:: // // If any default tags are specified twice, the config will be considered // invalid. // // See :repo:`well_known_names.h ` for a list of the // default tags in Envoy. // // If not provided, the value is assumed to be true. google.protobuf.BoolValue use_all_default_tags = 2; // Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated // as normal. Preventing the instantiation of certain families of stats can improve memory // performance for Envoys running especially large configs. // // .. warning:: // Excluding stats may affect Envoy's behavior in undocumented ways. See // `issue #8771 `_ for more information. // If any unexpected behavior changes are observed, please open a new issue immediately. StatsMatcher stats_matcher = 3; // Defines rules for setting the histogram buckets. Rules are evaluated in order, and the first // match is applied. If no match is found (or if no rules are set), the following default buckets // are used: // // .. code-block:: json // // [ // 0.5, // 1, // 5, // 10, // 25, // 50, // 100, // 250, // 500, // 1000, // 2500, // 5000, // 10000, // 30000, // 60000, // 300000, // 600000, // 1800000, // 3600000 // ] repeated HistogramBucketSettings histogram_bucket_settings = 4; } // Configuration for disabling stat instantiation. message StatsMatcher { // The instantiation of stats is unrestricted by default. If the goal is to configure Envoy to // instantiate all stats, there is no need to construct a StatsMatcher. // // However, StatsMatcher can be used to limit the creation of families of stats in order to // conserve memory. Stats can either be disabled entirely, or they can be // limited by either an exclusion or an inclusion list of :ref:`StringMatcher // ` protos: // // * If `reject_all` is set to `true`, no stats will be instantiated. If `reject_all` is set to // `false`, all stats will be instantiated. // // * If an exclusion list is supplied, any stat name matching *any* of the StringMatchers in the // list will not instantiate. // // * If an inclusion list is supplied, no stats will instantiate, except those matching *any* of // the StringMatchers in the list. // // // A StringMatcher can be used to match against an exact string, a suffix / prefix, or a regex. // **NB:** For performance reasons, it is highly recommended to use a prefix- or suffix-based // matcher rather than a regex-based matcher. // // Example 1. Excluding all stats. // // .. code-block:: json // // { // "statsMatcher": { // "rejectAll": "true" // } // } // // Example 2. Excluding all cluster-specific stats, but not cluster-manager stats: // // .. code-block:: json // // { // "statsMatcher": { // "exclusionList": { // "patterns": [ // { // "prefix": "cluster." // } // ] // } // } // } // // Example 3. Including only manager-related stats: // // .. code-block:: json // // { // "statsMatcher": { // "inclusionList": { // "patterns": [ // { // "prefix": "cluster_manager." // }, // { // "prefix": "listener_manager." // } // ] // } // } // } // option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsMatcher"; oneof stats_matcher { option (validate.required) = true; // If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all // stats are enabled. bool reject_all = 1; // Exclusive match. All stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v4alpha.ListStringMatcher exclusion_list = 2; // Inclusive match. No stats are enabled except for those matching one of the supplied // StringMatcher protos. type.matcher.v4alpha.ListStringMatcher inclusion_list = 3; } } // Designates a tag name and value pair. The value may be either a fixed value // or a regex providing the value via capture groups. The specified tag will be // unconditionally set if a fixed value, otherwise it will only be set if one // or more capture groups in the regex match. message TagSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.TagSpecifier"; // Attaches an identifier to the tag values to identify the tag being in the // sink. Envoy has a set of default names and regexes to extract dynamic // portions of existing stats, which can be found in :repo:`well_known_names.h // ` in the Envoy repository. If a :ref:`tag_name // ` is provided in the config and // neither :ref:`regex ` or // :ref:`fixed_value ` were specified, // Envoy will attempt to find that name in its set of defaults and use the accompanying regex. // // .. note:: // // It is invalid to specify the same tag name twice in a config. string tag_name = 1; oneof tag_value { // Designates a tag to strip from the tag extracted name and provide as a named // tag value for all statistics. This will only occur if any part of the name // matches the regex provided with one or more capture groups. // // The first capture group identifies the portion of the name to remove. The // second capture group (which will normally be nested inside the first) will // designate the value of the tag for the statistic. If no second capture // group is provided, the first will also be used to set the value of the tag. // All other capture groups will be ignored. // // Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and // one tag specifier: // // .. code-block:: json // // { // "tag_name": "envoy.cluster_name", // "regex": "^cluster\\.((.+?)\\.)" // } // // Note that the regex will remove ``foo_cluster.`` making the tag extracted // name ``cluster.upstream_rq_timeout`` and the tag value for // ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no // ``.`` character because of the second capture group). // // Example 2. a stat name // ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two // tag specifiers: // // .. code-block:: json // // [ // { // "tag_name": "envoy.http_user_agent", // "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$" // }, // { // "tag_name": "envoy.http_conn_manager_prefix", // "regex": "^http\\.((.*?)\\.)" // } // ] // // The two regexes of the specifiers will be processed in the definition order. // // The first regex will remove ``ios.``, leaving the tag extracted name // ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag // ``envoy.http_user_agent`` will be added with tag value ``ios``. // // The second regex will remove ``connection_manager_1.`` from the tag // extracted name produced by the first regex // ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving // ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag // ``envoy.http_conn_manager_prefix`` will be added with the tag value // ``connection_manager_1``. string regex = 2 [(validate.rules).string = {max_bytes: 1024}]; // Specifies a fixed tag value for the ``tag_name``. string fixed_value = 3; } } // Specifies a matcher for stats and the buckets that matching stats should use. message HistogramBucketSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.HistogramBucketSettings"; // The stats that this rule applies to. The match is applied to the original stat name // before tag-extraction, for example `cluster.exampleclustername.upstream_cx_length_ms`. type.matcher.v4alpha.StringMatcher match = 1 [(validate.rules).message = {required: true}]; // Each value is the upper bound of a bucket. Each bucket must be greater than 0 and unique. // The order of the buckets does not matter. repeated double buckets = 2 [(validate.rules).repeated = { min_items: 1 unique: true items {double {gt: 0.0}} }]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support // tagged metrics. // [#extension: envoy.stat_sinks.statsd] message StatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.StatsdSink"; oneof statsd_specifier { option (validate.required) = true; // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. core.v4alpha.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, // Envoy will connect to this cluster to flush statistics. string tcp_cluster_name = 2; } // Optional custom prefix for StatsdSink. If // specified, this will override the default prefix. // For example: // // .. code-block:: json // // { // "prefix" : "envoy-prod" // } // // will change emitted stats to // // .. code-block:: cpp // // envoy-prod.test_counter:1|c // envoy-prod.test_timer:5|ms // // Note that the default prefix, "envoy", will be used if a prefix is not // specified. // // Stats with default prefix: // // .. code-block:: cpp // // envoy.test_counter:1|c // envoy.test_timer:5|ms string prefix = 3; } // Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink. // The sink emits stats with `DogStatsD `_ // compatible tags. Tags are configurable via :ref:`StatsConfig // `. // [#extension: envoy.stat_sinks.dog_statsd] message DogStatsdSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.DogStatsdSink"; reserved 2; oneof dog_statsd_specifier { option (validate.required) = true; // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. core.v4alpha.Address address = 1; } // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field // ` for more details. string prefix = 3; // Optional max datagram size to use when sending UDP messages. By default Envoy // will emit one metric per datagram. By specifying a max-size larger than a single // metric, Envoy will emit multiple, new-line separated metrics. The max datagram // size should not exceed your network's MTU. // // Note that this value may not be respected if smaller than a single metric. google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; } // Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink. // The sink emits stats in `text/event-stream // `_ // formatted stream for use by `Hystrix dashboard // `_. // // Note that only a single HystrixSink should be configured. // // Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`. // [#extension: envoy.stat_sinks.hystrix] message HystrixSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.metrics.v3.HystrixSink"; // The number of buckets the rolling statistical window is divided into. // // Each time the sink is flushed, all relevant Envoy statistics are sampled and // added to the rolling window (removing the oldest samples in the window // in the process). The sink then outputs the aggregate statistics across the // current rolling window to the event stream(s). // // rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets // // More detailed explanation can be found in `Hystrix wiki // `_. int64 num_buckets = 1; } ================================================ FILE: generated_api_shadow/envoy/config/overload/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/overload/v2alpha/overload.proto ================================================ syntax = "proto3"; package envoy.config.overload.v2alpha; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.overload.v2alpha"; option java_outer_classname = "OverloadProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Overload Manager] // The Overload Manager provides an extensible framework to protect Envoy instances // from overload of various resources (memory, cpu, file descriptors, etc). // It monitors a configurable set of resources and notifies registered listeners // when triggers related to those resources fire. message ResourceMonitor { // The name of the resource monitor to instantiate. Must match a registered // resource monitor type. The built-in resource monitors are: // // * :ref:`envoy.resource_monitors.fixed_heap // ` // * :ref:`envoy.resource_monitors.injected_resource // ` string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Configuration for the resource monitor being instantiated. oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } message ThresholdTrigger { // If the resource pressure is greater than or equal to this value, the trigger // will fire. double value = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message Trigger { // The name of the resource this is a trigger for. string name = 1 [(validate.rules).string = {min_bytes: 1}]; oneof trigger_oneof { option (validate.required) = true; ThresholdTrigger threshold = 2; } } message OverloadAction { // The name of the overload action. This is just a well-known string that listeners can // use for registering callbacks. Custom overload actions should be named using reverse // DNS to ensure uniqueness. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // A set of triggers for this action. If any of these triggers fire the overload action // is activated. Listeners are notified when the overload action transitions from // inactivated to activated, or vice versa. repeated Trigger triggers = 2 [(validate.rules).repeated = {min_items: 1}]; } message OverloadManager { // The interval for refreshing resource usage. google.protobuf.Duration refresh_interval = 1; // The set of resources to monitor. repeated ResourceMonitor resource_monitors = 2 [(validate.rules).repeated = {min_items: 1}]; // The set of overload actions. repeated OverloadAction actions = 3; } ================================================ FILE: generated_api_shadow/envoy/config/overload/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/overload/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/overload/v3/overload.proto ================================================ syntax = "proto3"; package envoy.config.overload.v3; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.overload.v3"; option java_outer_classname = "OverloadProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Overload Manager] // The Overload Manager provides an extensible framework to protect Envoy instances // from overload of various resources (memory, cpu, file descriptors, etc). // It monitors a configurable set of resources and notifies registered listeners // when triggers related to those resources fire. message ResourceMonitor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.ResourceMonitor"; // The name of the resource monitor to instantiate. Must match a registered // resource monitor type. The built-in resource monitors are: // // * :ref:`envoy.resource_monitors.fixed_heap // ` // * :ref:`envoy.resource_monitors.injected_resource // ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Configuration for the resource monitor being instantiated. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } message ThresholdTrigger { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.ThresholdTrigger"; // If the resource pressure is greater than or equal to this value, the trigger // will enter saturation. double value = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message ScaledTrigger { // If the resource pressure is greater than this value, the trigger will be in the // :ref:`scaling ` state with value // `(pressure - scaling_threshold) / (saturation_threshold - scaling_threshold)`. double scaling_threshold = 1 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; // If the resource pressure is greater than this value, the trigger will enter saturation. double saturation_threshold = 2 [(validate.rules).double = {lte: 1.0 gte: 0.0}]; } message Trigger { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.Trigger"; // The name of the resource this is a trigger for. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof trigger_oneof { option (validate.required) = true; ThresholdTrigger threshold = 2; ScaledTrigger scaled = 3; } } message OverloadAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.OverloadAction"; // The name of the overload action. This is just a well-known string that listeners can // use for registering callbacks. Custom overload actions should be named using reverse // DNS to ensure uniqueness. string name = 1 [(validate.rules).string = {min_len: 1}]; // A set of triggers for this action. The state of the action is the maximum // state of all triggers, which can be scaling between 0 and 1 or saturated. Listeners // are notified when the overload action changes state. repeated Trigger triggers = 2 [(validate.rules).repeated = {min_items: 1}]; } message OverloadManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.overload.v2alpha.OverloadManager"; // The interval for refreshing resource usage. google.protobuf.Duration refresh_interval = 1; // The set of resources to monitor. repeated ResourceMonitor resource_monitors = 2 [(validate.rules).repeated = {min_items: 1}]; // The set of overload actions. repeated OverloadAction actions = 3; } ================================================ FILE: generated_api_shadow/envoy/config/ratelimit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/ratelimit/v2/rls.proto ================================================ syntax = "proto3"; package envoy.config.ratelimit.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.ratelimit.v2"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate limit service] // Rate limit :ref:`configuration overview `. message RateLimitServiceConfig { reserved 1, 3; // Specifies the gRPC service that hosts the rate limit service. The client // will connect to this cluster when it needs to make rate limit service // requests. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/ratelimit/v3/rls.proto ================================================ syntax = "proto3"; package envoy.config.ratelimit.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.ratelimit.v3"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit service] // Rate limit :ref:`configuration overview `. message RateLimitServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.ratelimit.v2.RateLimitServiceConfig"; reserved 1, 3; // Specifies the gRPC service that hosts the rate limit service. The client // will connect to this cluster when it needs to make rate limit service // requests. core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // API version for rate limit transport protocol. This describes the rate limit gRPC endpoint and // version of messages used on the wire. core.v3.ApiVersion transport_api_version = 4 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/rbac/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/config/rbac/v2/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/route/route_components.proto"; import "envoy/type/matcher/metadata.proto"; import "envoy/type/matcher/path.proto"; import "envoy/type/matcher/string.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v2"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. A request is allowed // once a matching policy is found (suppose the `action` is ALLOW). // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest is denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest is allowed. This is block-list style // access control. DENY = 1; } // The action to take if a policy matches. The request is allowed if and only if: // // * `action` is "ALLOWED" and at least one policy matches // * `action` is "DENY" and none of the policies match Action action = 1; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. A policy matches if // and only if at least one of its permissions match the action taking place AND at least one of its // principals match the downstream AND the condition is true if specified. message Policy { // Required. The set of permissions that define a role. Each permission is matched with OR // semantics. To match all actions for this policy, a single Permission with the `any` field set // to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on “action”. Each // principal is matched with OR semantics. To match all downstreams for this policy, a single // Principal with the `any` field set to true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. google.api.expr.v1alpha1.Expr condition = 3; } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. api.v2.route.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. api.v2.core.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of `not_rule` would // match, this permission would not match. Conversely, if the value of `not_rule` would not // match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream subject. // [#next-free-field: 12] message Principal { // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. Depending on the context, // each are applied with the associated behavior. message Set { repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order is used from the // certificate, otherwise the subject field is used. If unset, it applies to any user that is // authenticated. type.matcher.StringMatcher principal_name = 2; } oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream IP. // This address will honor proxy protocol, but will not honor XFF. api.v2.core.CidrRange source_ip = 5 [deprecated = true]; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is inferred // from for example the x-forwarder-for header, proxy protocol, etc. api.v2.core.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip `. // E.g, if the remote ip is inferred from for example the x-forwarder-for header, // proxy protocol, etc. api.v2.core.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. api.v2.route.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of `not_id` would match, // this principal would not match. Conversely, if the value of `not_id` would not match, this // principal would match. Principal not_id = 8; } } ================================================ FILE: generated_api_shadow/envoy/config/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/rbac/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/config/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/matcher/v3/path.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/api/expr/v1alpha1/checked.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. Requests are allowed // or denied based on the `action` and whether a matching policy is found. For instance, if the // action is ALLOW and a matching policy is found the request should be allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the // `access_log_hint` value in the shared key namespace 'envoy.common' is set to `true` indicating // the request should be logged. // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.RBAC"; // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest are denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest are allowed. This is block-list style // access control. DENY = 1; // The policies set the `access_log_hint` dynamic metadata key based on if requests match. // All requests are allowed. LOG = 2; } // The action to take if a policy matches. Every action either allows or denies a request, // and can also carry out action-specific operations. // // Actions: // // * ALLOW: Allows the request if and only if there is a policy that matches // the request. // * DENY: Allows the request if and only if there are no policies that // match the request. // * LOG: Allows all requests. If at least one policy matches, the dynamic // metadata key `access_log_hint` is set to the value `true` under the shared // key namespace 'envoy.common'. If no policies match, it is set to `false`. // Other actions do not modify this key. // Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. // A policy matches if and only if at least one of its permissions match the // action taking place AND at least one of its principals match the downstream // AND the condition is true if specified. message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Policy"; // Required. The set of permissions that define a role. Each permission is // matched with OR semantics. To match all actions for this policy, a single // Permission with the `any` field set to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on // “action”. Each principal is matched with OR semantics. To match all // downstreams for this policy, a single Principal with the `any` field set to // true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. // Only be used when checked_condition is not used. google.api.expr.v1alpha1.Expr condition = 3 [(udpa.annotations.field_migrate).oneof_promotion = "expression_specifier"]; // [#not-implemented-hide:] // An optional symbolic expression that has been successfully type checked. // Only be used when condition is not used. google.api.expr.v1alpha1.CheckedExpr checked_condition = 4 [(udpa.annotations.field_migrate).oneof_promotion = "expression_specifier"]; } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Permission"; // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Permission.Set"; repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. route.v3.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v3.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. core.v3.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.v3.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of // `not_rule` would match, this permission would not match. Conversely, if // the value of `not_rule` would not match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name // `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.v3.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream // subject. // [#next-free-field: 12] message Principal { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal"; // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. // Depending on the context, each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal.Set"; repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v2.Principal.Authenticated"; reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order // is used from the certificate, otherwise the subject field is used. If // unset, it applies to any user that is authenticated. type.matcher.v3.StringMatcher principal_name = 2; } oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the // downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the // downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream IP. // This address will honor proxy protocol, but will not honor XFF. core.v3.CidrRange source_ip = 5 [deprecated = true]; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is // inferred from for example the x-forwarder-for header, proxy protocol, // etc. core.v3.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip // `. E.g, if the // remote ip is inferred from for example the x-forwarder-for header, proxy // protocol, etc. core.v3.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP // request. Only available for HTTP request. Note: the pseudo-header :path // includes the query and fragment string. Use the `url_path` field if you // want to match the URL path without the query and fragment string. route.v3.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v3.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.v3.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of // `not_id` would match, this principal would not match. Conversely, if the // value of `not_id` would not match, this principal would match. Principal not_id = 8; } } ================================================ FILE: generated_api_shadow/envoy/config/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/rbac/v3:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_google_googleapis//google/api/expr/v1alpha1:checked_proto", "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/config/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.config.rbac.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/matcher/v4alpha/path.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/api/expr/v1alpha1/checked.proto"; import "google/api/expr/v1alpha1/syntax.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a // service. RBAC policies are additive. The policies are examined in order. Requests are allowed // or denied based on the `action` and whether a matching policy is found. For instance, if the // action is ALLOW and a matching policy is found the request should be allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the // `access_log_hint` value in the shared key namespace 'envoy.common' is set to `true` indicating // the request should be logged. // // Here is an example of RBAC configuration. It has two policies: // // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so // does "cluster.local/ns/default/sa/superuser". // // * Any user can read ("GET") the service at paths with prefix "/products", so long as the // destination port is either 80 or 443. // // .. code-block:: yaml // // action: ALLOW // policies: // "service-admin": // permissions: // - any: true // principals: // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/admin" // - authenticated: // principal_name: // exact: "cluster.local/ns/default/sa/superuser" // "product-viewer": // permissions: // - and_rules: // rules: // - header: { name: ":method", exact_match: "GET" } // - url_path: // path: { prefix: "/products" } // - or_rules: // rules: // - destination_port: 80 // - destination_port: 443 // principals: // - any: true // message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.RBAC"; // Should we do safe-list or block-list style access control? enum Action { // The policies grant access to principals. The rest are denied. This is safe-list style // access control. This is the default type. ALLOW = 0; // The policies deny access to principals. The rest are allowed. This is block-list style // access control. DENY = 1; // The policies set the `access_log_hint` dynamic metadata key based on if requests match. // All requests are allowed. LOG = 2; } // The action to take if a policy matches. Every action either allows or denies a request, // and can also carry out action-specific operations. // // Actions: // // * ALLOW: Allows the request if and only if there is a policy that matches // the request. // * DENY: Allows the request if and only if there are no policies that // match the request. // * LOG: Allows all requests. If at least one policy matches, the dynamic // metadata key `access_log_hint` is set to the value `true` under the shared // key namespace 'envoy.common'. If no policies match, it is set to `false`. // Other actions do not modify this key. // Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. map policies = 2; } // Policy specifies a role and the principals that are assigned/denied the role. // A policy matches if and only if at least one of its permissions match the // action taking place AND at least one of its principals match the downstream // AND the condition is true if specified. message Policy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Policy"; // Required. The set of permissions that define a role. Each permission is // matched with OR semantics. To match all actions for this policy, a single // Permission with the `any` field set to true should be used. repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; // Required. The set of principals that are assigned/denied the role based on // “action”. Each principal is matched with OR semantics. To match all // downstreams for this policy, a single Principal with the `any` field set to // true should be used. repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; oneof expression_specifier { // An optional symbolic expression specifying an access control // :ref:`condition `. The condition is combined // with the permissions and the principals as a clause with AND semantics. // Only be used when checked_condition is not used. google.api.expr.v1alpha1.Expr condition = 3; // [#not-implemented-hide:] // An optional symbolic expression that has been successfully type checked. // Only be used when condition is not used. google.api.expr.v1alpha1.CheckedExpr checked_condition = 4; } } // Permission defines an action (or actions) that a principal can take. // [#next-free-field: 11] message Permission { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Permission"; // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, // each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Permission.Set"; repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; } oneof rule { option (validate.required) = true; // A set of rules that all must match in order to define the action. Set and_rules = 1; // A set of rules where at least one must match in order to define the action. Set or_rules = 2; // When any is set, it matches any action. bool any = 3 [(validate.rules).bool = {const: true}]; // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only // available for HTTP request. // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` // field if you want to match the URL path without the query and fragment string. route.v4alpha.HeaderMatcher header = 4; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v4alpha.PathMatcher url_path = 10; // A CIDR block that describes the destination IP. core.v4alpha.CidrRange destination_ip = 5; // A port number that describes the destination port connecting to. uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; // Metadata that describes additional information about the action. type.matcher.v4alpha.MetadataMatcher metadata = 7; // Negates matching the provided permission. For instance, if the value of // `not_rule` would match, this permission would not match. Conversely, if // the value of `not_rule` would not match, this permission would match. Permission not_rule = 8; // The request server from the client's connection request. This is // typically TLS SNI. // // .. attention:: // // The behavior of this field may be affected by how Envoy is configured // as explained below. // // * If the :ref:`TLS Inspector ` // filter is not added, and if a `FilterChainMatch` is not defined for // the :ref:`server name // `, // a TLS connection's requested SNI server name will be treated as if it // wasn't present. // // * A :ref:`listener filter ` may // overwrite a connection's requested server name within Envoy. // // Please refer to :ref:`this FAQ entry ` to learn to // setup SNI. type.matcher.v4alpha.StringMatcher requested_server_name = 9; } } // Principal defines an identity or a group of identities for a downstream // subject. // [#next-free-field: 12] message Principal { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal"; // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. // Depending on the context, each are applied with the associated behavior. message Set { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal.Set"; repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; } // Authentication attributes for a downstream. message Authenticated { option (udpa.annotations.versioning).previous_message_type = "envoy.config.rbac.v3.Principal.Authenticated"; reserved 1; // The name of the principal. If set, The URI SAN or DNS SAN in that order // is used from the certificate, otherwise the subject field is used. If // unset, it applies to any user that is authenticated. type.matcher.v4alpha.StringMatcher principal_name = 2; } oneof identifier { option (validate.required) = true; // A set of identifiers that all must match in order to define the // downstream. Set and_ids = 1; // A set of identifiers at least one must match in order to define the // downstream. Set or_ids = 2; // When any is set, it matches any downstream. bool any = 3 [(validate.rules).bool = {const: true}]; // Authenticated attributes that identify the downstream. Authenticated authenticated = 4; // A CIDR block that describes the downstream IP. // This address will honor proxy protocol, but will not honor XFF. core.v4alpha.CidrRange hidden_envoy_deprecated_source_ip = 5 [deprecated = true]; // A CIDR block that describes the downstream remote/origin address. // Note: This is always the physical peer even if the // :ref:`remote_ip ` is // inferred from for example the x-forwarder-for header, proxy protocol, // etc. core.v4alpha.CidrRange direct_remote_ip = 10; // A CIDR block that describes the downstream remote/origin address. // Note: This may not be the physical peer and could be different from the // :ref:`direct_remote_ip // `. E.g, if the // remote ip is inferred from for example the x-forwarder-for header, proxy // protocol, etc. core.v4alpha.CidrRange remote_ip = 11; // A header (or pseudo-header such as :path or :method) on the incoming HTTP // request. Only available for HTTP request. Note: the pseudo-header :path // includes the query and fragment string. Use the `url_path` field if you // want to match the URL path without the query and fragment string. route.v4alpha.HeaderMatcher header = 6; // A URL path on the incoming HTTP request. Only available for HTTP. type.matcher.v4alpha.PathMatcher url_path = 9; // Metadata that describes additional information about the principal. type.matcher.v4alpha.MetadataMatcher metadata = 7; // Negates matching the provided principal. For instance, if the value of // `not_id` would match, this principal would not match. Conversely, if the // value of `not_id` would not match, this principal would match. Principal not_id = 8; } } ================================================ FILE: generated_api_shadow/envoy/config/resource_monitor/fixed_heap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.proto ================================================ syntax = "proto3"; package envoy.config.resource_monitor.fixed_heap.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.resource_monitor.fixed_heap.v2alpha"; option java_outer_classname = "FixedHeapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Fixed heap] // [#extension: envoy.resource_monitors.fixed_heap] // The fixed heap resource monitor reports the Envoy process memory pressure, computed as a // fraction of currently reserved heap memory divided by a statically configured maximum // specified in the FixedHeapConfig. message FixedHeapConfig { uint64 max_heap_size_bytes = 1 [(validate.rules).uint64 = {gt: 0}]; } ================================================ FILE: generated_api_shadow/envoy/config/resource_monitor/injected_resource/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.proto ================================================ syntax = "proto3"; package envoy.config.resource_monitor.injected_resource.v2alpha; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.resource_monitor.injected_resource.v2alpha"; option java_outer_classname = "InjectedResourceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Injected resource] // [#extension: envoy.resource_monitors.injected_resource] // The injected resource monitor allows injecting a synthetic resource pressure into Envoy // via a text file, which must contain a floating-point number in the range [0..1] representing // the resource pressure and be updated atomically by a symbolic link swap. // This is intended primarily for integration tests to force Envoy into an overloaded state. message InjectedResourceConfig { string filename = 1 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/retry/omit_canary_hosts/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/retry/omit_canary_hosts/v2/omit_canary_hosts.proto ================================================ syntax = "proto3"; package envoy.config.retry.omit_canary_hosts.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.omit_canary_hosts.v2"; option java_outer_classname = "OmitCanaryHostsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Omit Canary Hosts Predicate] // [#extension: envoy.retry_host_predicates.omit_canary_hosts] message OmitCanaryHostsPredicate { } ================================================ FILE: generated_api_shadow/envoy/config/retry/omit_host_metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/retry/omit_host_metadata/v2/omit_host_metadata_config.proto ================================================ syntax = "proto3"; package envoy.config.retry.omit_host_metadata.v2; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.omit_host_metadata.v2"; option java_outer_classname = "OmitHostMetadataConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.retry.host.omit_host_metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Omit host metadata retry predicate] // A retry host predicate that can be used to reject a host based on // predefined metadata match criteria. // [#extension: envoy.retry_host_predicates.omit_host_metadata] message OmitHostMetadataConfig { // Retry host predicate metadata match criteria. The hosts in // the upstream cluster with matching metadata will be omitted while // attempting a retry of a failed request. The metadata should be specified // under the *envoy.lb* key. api.v2.core.Metadata metadata_match = 1; } ================================================ FILE: generated_api_shadow/envoy/config/retry/previous_hosts/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/retry/previous_hosts/v2/previous_hosts.proto ================================================ syntax = "proto3"; package envoy.config.retry.previous_hosts.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.retry.previous_hosts.v2"; option java_outer_classname = "PreviousHostsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous Hosts Predicate] // [#extension: envoy.retry_host_predicates.previous_hosts] message PreviousHostsPredicate { } ================================================ FILE: generated_api_shadow/envoy/config/retry/previous_priorities/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/retry/previous_priorities/previous_priorities_config.proto ================================================ syntax = "proto3"; package envoy.config.retry.previous_priorities; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.retry.previous_priorities"; option java_outer_classname = "PreviousPrioritiesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Previous priorities retry selector] // A retry host selector that attempts to spread retries between priorities, even if certain // priorities would not normally be attempted due to higher priorities being available. // // As priorities get excluded, load will be distributed amongst the remaining healthy priorities // based on the relative health of the priorities, matching how load is distributed during regular // host selection. For example, given priority healths of {100, 50, 50}, the original load will be // {100, 0, 0} (since P0 has capacity to handle 100% of the traffic). If P0 is excluded, the load // changes to {0, 50, 50}, because P1 is only able to handle 50% of the traffic, causing the // remaining to spill over to P2. // // Each priority attempted will be excluded until there are no healthy priorities left, at which // point the list of attempted priorities will be reset, essentially starting from the beginning. // For example, given three priorities P0, P1, P2 with healthy % of 100, 0 and 50 respectively, the // following sequence of priorities would be selected (assuming update_frequency = 1): // Attempt 1: P0 (P0 is 100% healthy) // Attempt 2: P2 (P0 already attempted, P2 only healthy priority) // Attempt 3: P0 (no healthy priorities, reset) // Attempt 4: P2 // // In the case of all upstream hosts being unhealthy, no adjustments will be made to the original // priority load, so behavior should be identical to not using this plugin. // // Using this PriorityFilter requires rebuilding the priority load, which runs in O(# of // priorities), which might incur significant overhead for clusters with many priorities. // [#extension: envoy.retry_priorities.previous_priorities] message PreviousPrioritiesConfig { // How often the priority load should be updated based on previously attempted priorities. Useful // to allow each priorities to receive more than one request before being excluded or to reduce // the number of times that the priority load has to be recomputed. // // For example, by setting this to 2, then the first two attempts (initial attempt and first // retry) will use the unmodified priority load. The third and fourth attempt will use priority // load which excludes the priorities routed to with the first two attempts, and the fifth and // sixth attempt will use the priority load excluding the priorities used for the first four // attempts. // // Must be greater than 0. int32 update_frequency = 1 [(validate.rules).int32 = {gt: 0}]; } ================================================ FILE: generated_api_shadow/envoy/config/route/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/route:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/route/v3/route.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.RouteConfiguration"; // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_extensions.filters.network.http_connection_manager.v3.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_config.route.v3.VirtualHost` or // :ref:`envoy_api_msg_config.route.v3.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_config.route.v3.VirtualHost` or // :ref:`envoy_api_msg_config.route.v3.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Vhds"; // Configuration source specifier for VHDS. core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/route/v3/route_components.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/proxy_protocol.proto"; import "envoy/type/matcher/v3/regex.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/metadata/v3/metadata.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.VirtualHost"; enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_len: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; map hidden_envoy_deprecated_per_filter_config = 12 [deprecated = true]; } // A filter-defined action type. message FilterAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.FilterAction"; google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Route"; reserved 6; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). // [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when // implemented] FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.v3.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.v3.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; map hidden_envoy_deprecated_per_filter_config = 8 [deprecated = true]; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.WeightedCluster"; // [#next-free-field: 11] message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.WeightedCluster.ClusterWeight"; reserved 7; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_len: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.v3.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. repeated string request_headers_to_remove = 9 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v3.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. repeated string response_headers_to_remove = 6 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; map hidden_envoy_deprecated_per_filter_config = 8 [deprecated = true]; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 13] message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch"; message GrpcRouteMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch.GrpcRouteMatchOptions"; } message TlsContextMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteMatch.TlsContextMatchOptions"; // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } // An extensible message for matching CONNECT requests. message ConnectMatcher { } reserved 5; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.v3.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; // If this is used as the matcher, the matcher will only match CONNECT requests. // Note that this will not match HTTP/2 upgrade-style CONNECT requests // (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style // upgrades. // This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, // where Extended CONNECT requests may have a path, the path matchers will work if // there is a path present. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectMatcher connect_matcher = 12; string hidden_envoy_deprecated_regex = 3 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.v3.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.CorsPolicy"; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.v3.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.v3.RuntimeFractionalPercent filter_enabled = 9; google.protobuf.BoolValue hidden_envoy_deprecated_enabled = 7 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.v3.RuntimeFractionalPercent shadow_enabled = 10; repeated string hidden_envoy_deprecated_allow_origin = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; repeated string hidden_envoy_deprecated_allow_origin_regex = 8 [deprecated = true, (validate.rules).repeated = {items {string {max_bytes: 1024}}}]; } // [#next-free-field: 37] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction"; enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // Configures :ref:`internal redirect ` behavior. // [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] enum InternalRedirectAction { option deprecated = true; PASS_THROUGH_INTERNAL_REDIRECT = 0; HANDLE_INTERNAL_REDIRECT = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.RequestMirrorPolicy"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.v3.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; string hidden_envoy_deprecated_runtime_key = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy"; message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.Header"; // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If specified, the request header value will be rewritten and used // to produce the hash key. type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 2; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.Cookie"; // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_len: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.ConnectionProperties"; // Hash on source IP address. bool source_ip = 1; } message QueryParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.QueryParameter"; // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_len: 1}]; } message FilterState { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.HashPolicy.FilterState"; // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_len: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RouteAction.UpgradeConfig"; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. message ConnectConfig { // If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream. core.v3.ProxyProtocolConfig proxy_protocol_config = 1; } // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectConfig connect_config = 3; } message MaxStreamDuration { // Specifies the maximum duration allowed for streams on the route. If not specified, the value // from the :ref:`max_stream_duration // ` field in // :ref:`HttpConnectionManager.common_http_protocol_options // ` // is used. If this field is set explicitly to zero, any // HttpConnectionManager max_stream_duration timeout will be disabled for // this route. google.protobuf.Duration max_stream_duration = 1; // If present, and the request contains a `grpc-timeout header // `_, use that value as the // *max_stream_duration*, but limit the applied timeout to the maximum value specified here. // If set to 0, the `grpc-timeout` header is used without modification. google.protobuf.Duration grpc_timeout_header_max = 2; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by // subtracting the provided duration from the header. This is useful for allowing Envoy to set // its global timeout to be less than that of the deadline imposed by the calling client, which // makes it more likely that Envoy will handle the timeout instead of having the call canceled // by the client. If, after applying the offset, the resulting timeout is zero or negative, // the stream will timeout immediately. google.protobuf.Duration grpc_timeout_header_offset = 3; } reserved 12, 18, 19, 16, 22, 21; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.v3.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite_literal = 6 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string host_rewrite_header = 29 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the result of the regex substitution executed on path value with query and fragment removed. // This is useful for transitioning variable content between path segment and subdomain. // // For example with the following config: // // .. code-block:: yaml // // host_rewrite_path_regex: // pattern: // google_re2: {} // regex: "^/(.+)/.+$" // substitution: \1 // // Would rewrite the host header to `envoyproxy.io` given the path `/envoyproxy.io/some/path`. type.matcher.v3.RegexMatchAndSubstitute host_rewrite_path_regex = 35; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.v3.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host // :ref:`rate_limits ` are not applied to the // request. // // This field is deprecated. Please use :ref:`vh_rate_limits ` google.protobuf.BoolValue include_vh_rate_limits = 14 [deprecated = true]; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; // Deprecated by :ref:`grpc_timeout_header_max ` // If present, and the request is a gRPC request, use the // `grpc-timeout header `_, // or its default value (infinity) instead of // :ref:`timeout `, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using // :ref:`timeout ` or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // // .. note:: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes // precedence over `grpc-timeout header `_, when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration max_grpc_timeout = 23 [deprecated = true]; // Deprecated by :ref:`grpc_timeout_header_offset `. // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global // timeout to be less than that of the deadline imposed by the calling client, which makes it more // likely that Envoy will handle the timeout instead of having the call canceled by the client. // The offset will only be applied if the provided grpc_timeout is greater than the offset. This // ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning // infinity). google.protobuf.Duration grpc_timeout_offset = 28 [deprecated = true]; repeated UpgradeConfig upgrade_configs = 25; // If present, Envoy will try to follow an upstream redirect response instead of proxying the // response back to the downstream. An upstream redirect response is defined // by :ref:`redirect_response_codes // `. InternalRedirectPolicy internal_redirect_policy = 34; InternalRedirectAction internal_redirect_action = 26 [deprecated = true]; // An internal redirect is handled, iff the number of previous internal redirects that a // downstream request has encountered is lower than this value, and // :ref:`internal_redirect_action ` // is set to :ref:`HANDLE_INTERNAL_REDIRECT // ` // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or has // :ref:`internal_redirect_action ` // set to // :ref:`PASS_THROUGH_INTERNAL_REDIRECT // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 31 [deprecated = true]; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; // Specifies the maximum stream duration for this route. MaxStreamDuration max_stream_duration = 36; RequestMirrorPolicy hidden_envoy_deprecated_request_mirror_policy = 10 [deprecated = true]; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 12] message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy"; enum ResetHeaderFormat { SECONDS = 0; UNIX_TIMESTAMP = 1; } message RetryPriority { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryPriority"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } message RetryHostPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryHostPredicate"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } message RetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RetryPolicy.RetryBackOff"; // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } message ResetHeader { string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; ResetHeaderFormat format = 2 [(validate.rules).enum = {defined_only: true}]; } // A retry back-off strategy that applies when the upstream server rate limits // the request. // // Given this configuration: // // .. code-block:: yaml // // rate_limited_retry_back_off: // reset_headers: // - name: Retry-After // format: SECONDS // - name: X-RateLimit-Reset // format: UNIX_TIMESTAMP // max_interval: "300s" // // The following algorithm will apply: // // 1. If the response contains the header ``Retry-After`` its value must be on // the form ``120`` (an integer that represents the number of seconds to // wait before retrying). If so, this value is used as the back-off interval. // 2. Otherwise, if the response contains the header ``X-RateLimit-Reset`` its // value must be on the form ``1595320702`` (an integer that represents the // point in time at which to retry, as a Unix timestamp in seconds). If so, // the current time is subtracted from this value and the result is used as // the back-off interval. // 3. Otherwise, Envoy will use the default // :ref:`exponential back-off ` // strategy. // // No matter which format is used, if the resulting back-off interval exceeds // ``max_interval`` it is discarded and the next header in ``reset_headers`` // is tried. If a request timeout is configured for the route it will further // limit how long the request will be allowed to run. // // To prevent many clients retrying at the same point in time jitter is added // to the back-off interval, so the resulting interval is decided by taking: // ``random(interval, interval * 1.5)``. // // .. attention:: // // Configuring ``rate_limited_retry_back_off`` will not by itself cause a request // to be retried. You will still need to configure the right retry policy to match // the responses from the upstream server. message RateLimitedRetryBackOff { // Specifies the reset headers (like ``Retry-After`` or ``X-RateLimit-Reset``) // to match against the response. Headers are tried in order, and matched case // insensitive. The first header to be parsed successfully is used. If no headers // match the default exponential back-off is used instead. repeated ResetHeader reset_headers = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the maximum back off interval that Envoy will allow. If a reset // header contains an interval longer than this then it will be discarded and // the next header will be tried. Defaults to 300 seconds. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value num_retries = 2 [(udpa.annotations.field_migrate).rename = "max_retries"]; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control exponential retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // Specifies parameters that control a retry back-off strategy that is used // when the request is rate limited by the upstream server. The server may // return a response header like ``Retry-After`` or ``X-RateLimit-Reset`` to // provide feedback to the client on how long to wait before retrying. If // configured, this back-off strategy will be used instead of the // default exponential back off strategy (configured using `retry_back_off`) // whenever a response includes the matching headers. RateLimitedRetryBackOff rate_limited_retry_back_off = 11; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.HedgePolicy"; // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.v3.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RedirectAction"; enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.DirectResponseAction"; // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` or // :ref:`envoy_api_msg_config.route.v3.VirtualHost`. core.v3.DataSource body = 2; } message Decorator { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Decorator"; // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_len: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.Tracing"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v3.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.VirtualCluster"; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_len: 1}]; string hidden_envoy_deprecated_pattern = 1 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; core.v3.RequestMethod hidden_envoy_deprecated_method = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit"; // [#next-free-field: 8] message Action { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action"; // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.SourceCluster"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.DestinationCluster"; } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.RequestHeaders"; // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_len: 1}]; // If set to true, Envoy skips the descriptor while calling rate limiting service // when header is not present in the request. By default it skips calling the // rate limiting service if this header is not present in the request. bool skip_if_absent = 3; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.RemoteAddress"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.GenericKey"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // An optional key to use in the descriptor entry. If not set it defaults // to 'generic_key' as the descriptor key. string descriptor_key = 2; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.RateLimit.Action.HeaderValueMatch"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } // The following descriptor entry is appended when the dynamic metadata contains a key value: // // .. code-block:: cpp // // ("", "") message DynamicMetaData { // The key to use in the descriptor entry. string descriptor_key = 1 [(validate.rules).string = {min_len: 1}]; // Metadata struct that defines the key and path to retrieve the string value. A match will // only happen if the value in the dynamic metadata is of type string. type.metadata.v3.MetadataKey metadata_key = 2 [(validate.rules).message = {required: true}]; // An optional value to use if *metadata_key* is empty. If not set and // no value is present under the metadata_key then no descriptor is generated. string default_value = 3; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; // Rate limit on dynamic metadata. DynamicMetaData dynamic_metadata = 7; } } message Override { // Fetches the override from the dynamic metadata. message DynamicMetadata { // Metadata struct that defines the key and path to retrieve the struct value. // The value must be a struct containing an integer "requests_per_unit" property // and a "unit" property with a value parseable to :ref:`RateLimitUnit // enum ` type.metadata.v3.MetadataKey metadata_key = 1 [(validate.rules).message = {required: true}]; } oneof override_specifier { option (validate.required) = true; // Limit override from dynamic metadata. DynamicMetadata dynamic_metadata = 1; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; // An optional limit override to be appended to the descriptor produced by this // rate limit configuration. If the override value is invalid or cannot be resolved // from metadata, no override is provided. See :ref:`rate limit override // ` for more information. Override limit = 4; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 13] message HeaderMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.HeaderMatcher"; reserved 2, 3; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.v3.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.v3.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on whether the header value contains // the given value or not. // Note: empty contains match is not allowed, please use present_match instead. // // Examples: // // * The value *abcd* matches the value *xyzabcdpqr*, but not for *xyzbcdpqr*. string contains_match = 12 [(validate.rules).string = {min_len: 1}]; string hidden_envoy_deprecated_regex_match = 5 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.route.QueryParameterMatcher"; // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_len: 1 max_bytes: 1024}]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.v3.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } string hidden_envoy_deprecated_value = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; google.protobuf.BoolValue hidden_envoy_deprecated_regex = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // HTTP Internal Redirect :ref:`architecture overview `. message InternalRedirectPolicy { // An internal redirect is not handled, unless the number of previous internal redirects that a // downstream request has encountered is lower than this value. // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or does not set :ref:`internal_redirect_policy // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 1; // Defines what upstream response codes are allowed to trigger internal redirect. If unspecified, // only 302 will be treated as internal redirect. // Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored. repeated uint32 redirect_response_codes = 2 [(validate.rules).repeated = {max_items: 5}]; // Specifies a list of predicates that are queried when an upstream response is deemed // to trigger an internal redirect by all other criteria. Any predicate in the list can reject // the redirect, causing the response to be proxied to downstream. repeated core.v3.TypedExtensionConfig predicates = 3; // Allow internal redirect to follow a target URI with a different scheme than the value of // x-forwarded-proto. The default is false. bool allow_cross_scheme_redirect = 4; } ================================================ FILE: generated_api_shadow/envoy/config/route/v3/scoped_route.proto ================================================ syntax = "proto3"; package envoy.config.route.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v3"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration"; // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration.Key"; message Fragment { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ScopedRouteConfiguration.Key.Fragment"; oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // Whether the RouteConfiguration should be loaded on demand. bool on_demand = 4; // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_len: 1}]; // The resource name to use for a :ref:`envoy_api_msg_service.discovery.v3.DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_len: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/route/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/route/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP route configuration] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // [#next-free-field: 11] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteConfiguration"; // The name of the route configuration. For example, it might match // :ref:`route_config_name // ` in // :ref:`envoy_api_msg_extensions.filters.network.http_connection_manager.v4alpha.Rds`. string name = 1; // An array of virtual hosts that make up the route table. repeated VirtualHost virtual_hosts = 2; // An array of virtual hosts will be dynamically loaded via the VHDS API. // Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used // for a base routing table or for infrequently changing virtual hosts. *vhds* is used for // on-demand discovery of virtual hosts. The contents of these two fields will be merged to // generate a routing table for a given RouteConfiguration, with *vhds* derived configuration // taking precedence. Vhds vhds = 9; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information. repeated string internal_only_headers = 3 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each response that // the connection manager encodes. Headers specified at this level are applied // after headers from any enclosed :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` or // :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. repeated string response_headers_to_remove = 5 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // Specifies a list of HTTP headers that should be added to each request // routed by the HTTP connection manager. Headers specified at this level are // applied after headers from any enclosed :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` or // :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 6 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // routed by the HTTP connection manager. repeated string request_headers_to_remove = 8 [ (validate.rules).repeated = {items {string {well_known_regex: HTTP_HEADER_NAME strict: false}}} ]; // By default, headers that should be added/removed are evaluated from most to least specific: // // * route level // * virtual host level // * connection manager level // // To allow setting overrides at the route or virtual host level, this order can be reversed // by setting this option to true. Defaults to false. // // [#next-major-version: In the v3 API, this will default to true.] bool most_specific_header_mutations_wins = 10; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true // and a route refers to a non-existent cluster, the route table will not // load. If set to false and a route refers to a non-existent cluster, the // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config // ` // option. This setting default to false if the route table is loaded dynamically via the // :ref:`rds // ` // option. Users may wish to override the default behavior in certain cases (for example when // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } message Vhds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Vhds"; // Configuration source specifier for VHDS. core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/route/v4alpha/route_components.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/proxy_protocol.proto"; import "envoy/type/matcher/v4alpha/regex.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/metadata/v3/metadata.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "envoy/type/v3/range.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "RouteComponentsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP route components] // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's // host header. This allows a single listener to service multiple top level domain path trees. Once // a virtual host is selected based on the domain, the routes are processed in order to see which // upstream cluster to route to or whether to perform a redirect. // [#next-free-field: 21] message VirtualHost { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.VirtualHost"; enum TlsRequirementType { // No TLS requirement for the virtual host. NONE = 0; // External requests must use TLS. If a request is external and it is not // using TLS, a 301 redirect will be sent telling the client to use HTTPS. EXTERNAL_ONLY = 1; // All requests must use TLS. If a request is not using TLS, a 301 redirect // will be sent telling the client to use HTTPS. ALL = 2; } reserved 9, 12; reserved "per_filter_config"; // The logical name of the virtual host. This is used when emitting certain // statistics but is not relevant for routing. string name = 1 [(validate.rules).string = {min_len: 1}]; // A list of domains (host/authority header) that will be matched to this // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: // 1. Exact domain names: ``www.foo.com``. // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. // 4. Special wildcard ``*`` matching any domain. // // .. note:: // // The wildcard will not match the empty string. // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. // The longest wildcards match first. // Only a single virtual host in the entire route configuration can match on ``*``. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. repeated string domains = 2 [(validate.rules).repeated = { min_items: 1 items {string {well_known_regex: HTTP_HEADER_VALUE strict: false}} }]; // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. repeated Route routes = 3; // Specifies the type of TLS enforcement the virtual host expects. If this option is not // specified, there is no TLS requirement for the virtual host. TlsRequirementType require_tls = 4 [(validate.rules).enum = {defined_only: true}]; // A list of virtual clusters defined for this virtual host. Virtual clusters // are used for additional statistics gathering. repeated VirtualCluster virtual_clusters = 5; // Specifies a set of rate limit configurations that will be applied to the // virtual host. repeated RateLimit rate_limits = 6; // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v4alpha.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 7 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // handled by this virtual host. repeated string request_headers_to_remove = 13 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_config.route.v4alpha.Route` and before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // handled by this virtual host. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Indicates that the virtual host has a CORS policy. CorsPolicy cors = 8; // The per_filter_config field can be used to provide virtual host-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 15; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the upstream request. Setting this option will cause it to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the upstream // will see the attempt count as perceived by the second Envoy. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. // // [#next-major-version: rename to include_attempt_count_in_request.] bool include_request_attempt_count = 14; // Decides whether the :ref:`x-envoy-attempt-count // ` header should be included // in the downstream response. Setting this option will cause the router to override any existing header // value, so in the case of two Envoys on the request path with this option enabled, the downstream // will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. // This header is unaffected by the // :ref:`suppress_envoy_headers // ` flag. bool include_attempt_count_in_response = 19; // Indicates the retry policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). RetryPolicy retry_policy = 16; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not // inherited). :ref:`Retry policy ` should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; // Indicates the hedge policy for all routes in this virtual host. Note that setting a // route level entry will take precedence over this config and it'll be treated // independently (e.g.: values are not inherited). HedgePolicy hedge_policy = 17; // The maximum bytes which will be buffered for retries and shadowing. // If set and a route-specific limit is not set, the bytes actually buffered will be the minimum // value of this and the listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 18; } // A filter-defined action type. message FilterAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.FilterAction"; google.protobuf.Any action = 1; } // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // // .. attention:: // // Envoy supports routing on HTTP method via :ref:`header matching // `. // [#next-free-field: 18] message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Route"; reserved 6, 8; reserved "per_filter_config"; // Name for the route. string name = 14; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; oneof action { option (validate.required) = true; // Route request to some upstream cluster. RouteAction route = 2; // Return a redirect. RedirectAction redirect = 3; // Return an arbitrary HTTP response directly, without proxying. DirectResponseAction direct_response = 7; // [#not-implemented-hide:] // If true, a filter will define the action (e.g., it could dynamically generate the // RouteAction). // [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when // implemented] FilterAction filter_action = 17; } // The Metadata field can be used to provide additional information // about the route. It can be used for configuration, stats, and logging. // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.filters.http.router*. core.v4alpha.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` for // if and how it is utilized. map typed_per_filter_config = 13; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 9 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request // matching this route. repeated string request_headers_to_remove = 12 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost` and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. repeated string response_headers_to_remove = 11 [(validate.rules).repeated = { items {string {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Presence of the object defines whether the connection manager's tracing configuration // is overridden by this route specific instance. Tracing tracing = 15; // The maximum bytes which will be buffered for retries and shadowing. // If set, the bytes actually buffered will be the minimum value of this and the // listener per_connection_buffer_limit_bytes. google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } // Compared to the :ref:`cluster ` field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of // traffic to be forwarded to each cluster. The router selects an upstream cluster based on the // weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.WeightedCluster"; // [#next-free-field: 11] message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.WeightedCluster.ClusterWeight"; reserved 7, 8; reserved "per_filter_config"; // Name of the upstream cluster. The cluster must exist in the // :ref:`cluster manager configuration `. string name = 1 [(validate.rules).string = {min_len: 1}]; // An integer between 0 and :ref:`total_weight // `. When a request matches the route, // the choice of an upstream cluster is determined by its weight. The sum of weights across all // entries in the clusters array must add up to the total_weight, which defaults to 100. google.protobuf.UInt32Value weight = 2; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in // :ref:`RouteAction.metadata_match `, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.v4alpha.Metadata metadata_match = 3; // Specifies a list of headers to be added to requests when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption request_headers_to_add = 4 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of HTTP headers that should be removed from each request when // this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. repeated string request_headers_to_remove = 9 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // Specifies a list of headers to be added to responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. // Headers specified at this level are applied before headers from the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`, and // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated core.v4alpha.HeaderValueOption response_headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; // Specifies a list of headers to be removed from responses when this cluster is selected // through the enclosing :ref:`envoy_api_msg_config.route.v4alpha.RouteAction`. repeated string response_headers_to_remove = 6 [(validate.rules).repeated = { items {string {well_known_regex: HTTP_HEADER_NAME strict: false}} }]; // The per_filter_config field can be used to provide weighted cluster-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter // specific; see the :ref:`HTTP filter documentation ` // for if and how it is utilized. map typed_per_filter_config = 10; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the total weight across all clusters. The sum of all cluster weights must equal this // value, which must be greater than 0. Defaults to 100. google.protobuf.UInt32Value total_weight = 3 [(validate.rules).uint32 = {gte: 1}]; // Specifies the runtime key prefix that should be used to construct the // runtime keys associated with each cluster. When the *runtime_key_prefix* is // specified, the router will look for weights associated with each upstream // cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where // *cluster[i]* denotes an entry in the clusters array field. If the runtime // key for the cluster does not exist, the value specified in the // configuration file will be used as the default weight. See the :ref:`runtime documentation // ` for how key names map to the underlying implementation. string runtime_key_prefix = 2; } // [#next-free-field: 13] message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch"; message GrpcRouteMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions"; } message TlsContextMatchOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.TlsContextMatchOptions"; // If specified, the route will match against whether or not a certificate is presented. // If not specified, certificate presentation status (true or false) will not be considered when route matching. google.protobuf.BoolValue presented = 1; // If specified, the route will match against whether or not a certificate is validated. // If not specified, certificate validation status (true or false) will not be considered when route matching. google.protobuf.BoolValue validated = 2; } // An extensible message for matching CONNECT requests. message ConnectMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteMatch.ConnectMatcher"; } reserved 5, 3; reserved "regex"; oneof path_specifier { option (validate.required) = true; // If specified, the route is a prefix rule meaning that the prefix must // match the beginning of the *:path* header. string prefix = 1; // If specified, the route is an exact path rule meaning that the path must // exactly match the *:path* header once the query string is removed. string path = 2; // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a // subsequence of the *:path* header matches the regex. // // [#next-major-version: In the v3 API we should redo how path specification works such // that we utilize StringMatcher, and additionally have consistent options around whether we // strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive // to deprecate the existing options. We should even consider whether we want to do away with // path_specifier entirely and just rely on a set of header matchers which can already match // on :path, etc. The issue with that is it is unclear how to generically deal with query string // stripping. This needs more thought.] type.matcher.v4alpha.RegexMatcher safe_regex = 10 [(validate.rules).message = {required: true}]; // If this is used as the matcher, the matcher will only match CONNECT requests. // Note that this will not match HTTP/2 upgrade-style CONNECT requests // (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style // upgrades. // This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, // where Extended CONNECT requests may have a path, the path matchers will work if // there is a path present. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectMatcher connect_matcher = 12; } // Indicates that prefix/path matching should be case sensitive. The default // is true. google.protobuf.BoolValue case_sensitive = 4; // Indicates that the route should additionally match on a runtime key. Every time the route // is considered for a match, it must also fall under the percentage of matches indicated by // this field. For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the router continues to evaluate the remaining match criteria. A runtime_fraction // route configuration can be used to roll out route changes in a gradual manner without full // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // // .. note:: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an // integer with the assumption that the value is an integral percentage out of 100. For // instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent // whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. core.v4alpha.RuntimeFractionalPercent runtime_fraction = 9; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route // config. A match will happen if all the headers in the route are present in // the request with the same values (or based on presence if the value field // is not in the config). repeated HeaderMatcher headers = 6; // Specifies a set of URL query parameters on which the route should // match. The router will check the query string from the *path* header // against all the specified query parameters. If the number of specified // query parameters is nonzero, they all must match the *path* header's // query string for a match to occur. repeated QueryParameterMatcher query_parameters = 7; // If specified, only gRPC requests will be matched. The router will check // that the content-type header has a application/grpc or one of the various // application/grpc+ values. GrpcRouteMatchOptions grpc = 8; // If specified, the client tls context will be matched against the defined // match options. // // [#next-major-version: unify with RBAC] TlsContextMatchOptions tls_context = 11; } // [#next-free-field: 12] message CorsPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.CorsPolicy"; reserved 1, 8, 7; reserved "allow_origin", "allow_origin_regex", "enabled"; // Specifies string patterns that match allowed origins. An origin is allowed if any of the // string matchers match. repeated type.matcher.v4alpha.StringMatcher allow_origin_string_match = 11; // Specifies the content for the *access-control-allow-methods* header. string allow_methods = 2; // Specifies the content for the *access-control-allow-headers* header. string allow_headers = 3; // Specifies the content for the *access-control-expose-headers* header. string expose_headers = 4; // Specifies the content for the *access-control-max-age* header. string max_age = 5; // Specifies whether the resource allows credentials. google.protobuf.BoolValue allow_credentials = 6; oneof enabled_specifier { // Specifies the % of requests for which the CORS filter is enabled. // // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS // filter will be enabled for 100% of the requests. // // If :ref:`runtime_key ` is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.v4alpha.RuntimeFractionalPercent filter_enabled = 9; } // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.v4alpha.RuntimeFractionalPercent shadow_enabled = 10; } // [#next-free-field: 37] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction"; enum ClusterNotFoundResponseCode { // HTTP status code - 503 Service Unavailable. SERVICE_UNAVAILABLE = 0; // HTTP status code - 404 Not Found. NOT_FOUND = 1; } // Configures :ref:`internal redirect ` behavior. // [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] enum InternalRedirectAction { option deprecated = true; PASS_THROUGH_INTERNAL_REDIRECT = 0; HANDLE_INTERNAL_REDIRECT = 1; } // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. // // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // // .. note:: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.RequestMirrorPolicy"; reserved 2; reserved "runtime_key"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified, all requests to the target cluster will be mirrored. // // If specified, this field takes precedence over the `runtime_key` field and requests must also // fall under the percentage of matches indicated by this field. // // For some fraction N/D, a random number in the range [0,D) is selected. If the // number is <= the value of the numerator N, or if the key is not present, the default // value, the request will be mirrored. core.v4alpha.RuntimeFractionalPercent runtime_fraction = 3; // Determines if the trace span should be sampled. Defaults to true. google.protobuf.BoolValue trace_sampled = 4; } // Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer // `. // [#next-free-field: 7] message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy"; message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.Header"; // The name of the request header that will be used to obtain the hash // key. If the request header is not present, no hash will be produced. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // If specified, the request header value will be rewritten and used // to produce the hash key. type.matcher.v4alpha.RegexMatchAndSubstitute regex_rewrite = 2; } // Envoy supports two types of cookie affinity: // // 1. Passive. Envoy takes a cookie that's present in the cookies header and // hashes on its value. // // 2. Generated. Envoy generates and sets a cookie with an expiration (TTL) // on the first request from the client in its response to the client, // based on the endpoint the request gets sent to. The client then // presents this on the next and all subsequent requests. The hash of // this is sufficient to ensure these requests get sent to the same // endpoint. The cookie is generated by hashing the source and // destination ports and addresses so that multiple independent HTTP2 // streams on the same connection will independently receive the same // cookie, even if they arrive at the Envoy simultaneously. message Cookie { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.Cookie"; // The name of the cookie that will be used to obtain the hash key. If the // cookie is not present and ttl below is not set, no hash will be // produced. string name = 1 [(validate.rules).string = {min_len: 1}]; // If specified, a cookie with the TTL will be generated if the cookie is // not present. If the TTL is present and zero, the generated cookie will // be a session cookie. google.protobuf.Duration ttl = 2; // The name of the path for the cookie. If no path is specified here, no path // will be set for the cookie. string path = 3; } message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties"; // Hash on source IP address. bool source_ip = 1; } message QueryParameter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter"; // The name of the URL query parameter that will be used to obtain the hash // key. If the parameter is not present, no hash will be produced. Query // parameter names are case-sensitive. string name = 1 [(validate.rules).string = {min_len: 1}]; } message FilterState { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.HashPolicy.FilterState"; // The name of the Object in the per-request filterState, which is an // Envoy::Http::Hashable object. If there is no data associated with the key, // or the stored object is not Envoy::Http::Hashable, no hash will be produced. string key = 1 [(validate.rules).string = {min_len: 1}]; } oneof policy_specifier { option (validate.required) = true; // Header hash policy. Header header = 1; // Cookie hash policy. Cookie cookie = 2; // Connection properties hash policy. ConnectionProperties connection_properties = 3; // Query parameter hash policy. QueryParameter query_parameter = 5; // Filter state hash policy. FilterState filter_state = 6; } // The flag that short-circuits the hash computing. This field provides a // 'fallback' style of configuration: "if a terminal policy doesn't work, // fallback to rest of the policy list", it saves time when the terminal // policy works. // // If true, and there is already a hash computed, ignore rest of the // list of hash polices. // For example, if the following hash methods are configured: // // ========= ======== // specifier terminal // ========= ======== // Header A true // Header B false // Header C false // ========= ======== // // The generateHash process ends if policy "header A" generates a hash, as // it's a terminal policy. bool terminal = 4; } // Allows enabling and disabling upgrades on a per-route basis. // This overrides any enabled/disabled upgrade filter chain specified in the // HttpConnectionManager // :ref:`upgrade_configs // ` // but does not affect any custom filter chain specified there. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.UpgradeConfig"; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. message ConnectConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig"; // If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream. core.v4alpha.ProxyProtocolConfig proxy_protocol_config = 1; } // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] will be proxied upstream. string upgrade_type = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Determines if upgrades are available on this route. Defaults to true. google.protobuf.BoolValue enabled = 2; // Configuration for sending data upstream as a raw data payload. This is used for // CONNECT requests, when forwarding CONNECT payload as raw TCP. // Note that CONNECT support is currently considered alpha in Envoy. // [#comment:TODO(htuch): Replace the above comment with an alpha tag. ConnectConfig connect_config = 3; } message MaxStreamDuration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RouteAction.MaxStreamDuration"; // Specifies the maximum duration allowed for streams on the route. If not specified, the value // from the :ref:`max_stream_duration // ` field in // :ref:`HttpConnectionManager.common_http_protocol_options // ` // is used. If this field is set explicitly to zero, any // HttpConnectionManager max_stream_duration timeout will be disabled for // this route. google.protobuf.Duration max_stream_duration = 1; // If present, and the request contains a `grpc-timeout header // `_, use that value as the // *max_stream_duration*, but limit the applied timeout to the maximum value specified here. // If set to 0, the `grpc-timeout` header is used without modification. google.protobuf.Duration grpc_timeout_header_max = 2; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by // subtracting the provided duration from the header. This is useful for allowing Envoy to set // its global timeout to be less than that of the deadline imposed by the calling client, which // makes it more likely that Envoy will handle the timeout instead of having the call canceled // by the client. If, after applying the offset, the resulting timeout is zero or negative, // the stream will timeout immediately. google.protobuf.Duration grpc_timeout_header_offset = 3; } reserved 12, 18, 19, 16, 22, 21, 10; reserved "request_mirror_policy"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Envoy will determine the cluster to route to by reading the value of the // HTTP header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. string cluster_header = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. See // :ref:`traffic splitting ` // for additional documentation. WeightedCluster weighted_clusters = 3; } // The HTTP status code to use when configured cluster is not found. // The default response code is 503 Service Unavailable. ClusterNotFoundResponseCode cluster_not_found_response_code = 20 [(validate.rules).enum = {defined_only: true}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what's set in this field will be considered // for load balancing. If using :ref:`weighted_clusters // `, metadata will be merged, with values // provided there taking precedence. The filter name should be specified as *envoy.lb*. core.v4alpha.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted // at a different path from those exposed at the reverse proxy layer. The router filter will // place the original path before rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of *prefix_rewrite* or // :ref:`regex_rewrite ` // may be specified. // // .. attention:: // // Pay careful attention to the use of trailing slashes in the // :ref:`route's match ` prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single // :ref:`Route `, as shown by the below config entries: // // .. code-block:: yaml // // - match: // prefix: "/prefix/" // route: // prefix_rewrite: "/" // - match: // prefix: "/prefix" // route: // prefix_rewrite: "/" // // Having above entries in the config, requests to */prefix* will be stripped to */*, while // requests to */prefix/etc* will be stripped to */etc*. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, portions of the path that match the // pattern should be rewritten, even allowing the substitution of capture // groups from the pattern into the new path as specified by the rewrite // substitution string. This is useful to allow application paths to be // rewritten in a way that is aware of segments with variable content like // identifiers. The router filter will place the original path as it was // before the rewrite into the :ref:`x-envoy-original-path // ` header. // // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // // Examples using Google's `RE2 `_ engine: // // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` // into ``/v1/api/instance/foo``. // // * The pattern ``one`` paired with a substitution string of ``two`` would // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. // // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of // ``\1two\2`` would replace only the first occurrence of ``one``, // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. // // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to // ``/aaa/yyy/bbb``. type.matcher.v4alpha.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { // Indicates that during forwarding, the host header will be swapped with // this value. string host_rewrite_literal = 6 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the hostname of the upstream host chosen by the cluster manager. This // option is applicable only when the destination cluster for a route is of // type *strict_dns* or *logical_dns*. Setting this to true with other cluster // types has no effect. google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given // downstream or :ref:`custom ` header. // If header value is empty, host header is left intact. // // .. attention:: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. string host_rewrite_header = 29 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // Indicates that during forwarding, the host header will be swapped with // the result of the regex substitution executed on path value with query and fragment removed. // This is useful for transitioning variable content between path segment and subdomain. // // For example with the following config: // // .. code-block:: yaml // // host_rewrite_path_regex: // pattern: // google_re2: {} // regex: "^/(.+)/.+$" // substitution: \1 // // Would rewrite the host header to `envoyproxy.io` given the path `/envoyproxy.io/some/path`. type.matcher.v4alpha.RegexMatchAndSubstitute host_rewrite_path_regex = 35; } // Specifies the upstream timeout for the route. If not specified, the default is 15s. This // spans between the point at which the entire downstream request (i.e. end-of-stream) has been // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // // .. note:: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout // ` // will still apply. A value of 0 will completely disable the route's idle timeout, even if a // connection manager stream idle timeout is configured. // // The idle timeout is distinct to :ref:`timeout // `, which provides an upper bound // on the upstream response time; :ref:`idle_timeout // ` instead bounds the amount // of time the request's stream may be idle. // // After header decoding, the idle timeout will apply on downstream and // upstream request events. Each time an encode/decode event for headers or // data is processed for the stream, the timer will be reset. If the timeout // fires, the stream is terminated with a 408 Request Timeout error code if no // upstream response header has been received, otherwise a stream reset // occurs. google.protobuf.Duration idle_timeout = 24; // Indicates that the route has a retry policy. Note that if this is set, // it'll take precedence over the virtual host level retry policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). RetryPolicy retry_policy = 9; // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that if this is set, it'll take // precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, // most internal one becomes the enforced policy). :ref:`Retry policy ` // should not be set if this field is used. google.protobuf.Any retry_policy_typed_config = 33; // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; // Optionally specifies the :ref:`routing priority `. core.v4alpha.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the // route. repeated RateLimit rate_limits = 13; // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host // :ref:`rate_limits ` are not applied to the // request. // // This field is deprecated. Please use :ref:`vh_rate_limits ` google.protobuf.BoolValue hidden_envoy_deprecated_include_vh_rate_limits = 14 [deprecated = true]; // Specifies a list of hash policies to use for ring hash load balancing. Each // hash policy is evaluated individually and the combined result is used to // route the request. The method of combination is deterministic such that // identical lists of hash policies will produce the same hash. Since a hash // policy examines specific parts of a request, it can fail to produce a hash // (i.e. if the hashed header is not present). If (and only if) all configured // hash policies fail to generate a hash, no hash will be produced for // the route. In this case, the behavior is the same as if no hash policies // were specified (i.e. the ring hash load balancer will choose a random // backend). If a hash policy has the "terminal" attribute set to true, and // there is already a hash generated, the hash is returned immediately, // ignoring the rest of the hash policy list. repeated HashPolicy hash_policy = 15; // Indicates that the route has a CORS policy. CorsPolicy cors = 17; // Deprecated by :ref:`grpc_timeout_header_max ` // If present, and the request is a gRPC request, use the // `grpc-timeout header `_, // or its default value (infinity) instead of // :ref:`timeout `, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using // :ref:`timeout ` or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // // .. note:: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes // precedence over `grpc-timeout header `_, when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the // :ref:`retry overview `. google.protobuf.Duration hidden_envoy_deprecated_max_grpc_timeout = 23 [deprecated = true]; // Deprecated by :ref:`grpc_timeout_header_offset `. // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global // timeout to be less than that of the deadline imposed by the calling client, which makes it more // likely that Envoy will handle the timeout instead of having the call canceled by the client. // The offset will only be applied if the provided grpc_timeout is greater than the offset. This // ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning // infinity). google.protobuf.Duration hidden_envoy_deprecated_grpc_timeout_offset = 28 [deprecated = true]; repeated UpgradeConfig upgrade_configs = 25; // If present, Envoy will try to follow an upstream redirect response instead of proxying the // response back to the downstream. An upstream redirect response is defined // by :ref:`redirect_response_codes // `. InternalRedirectPolicy internal_redirect_policy = 34; InternalRedirectAction hidden_envoy_deprecated_internal_redirect_action = 26 [deprecated = true]; // An internal redirect is handled, iff the number of previous internal redirects that a // downstream request has encountered is lower than this value, and // :ref:`internal_redirect_action ` // is set to :ref:`HANDLE_INTERNAL_REDIRECT // ` // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or has // :ref:`internal_redirect_action ` // set to // :ref:`PASS_THROUGH_INTERNAL_REDIRECT // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value hidden_envoy_deprecated_max_internal_redirects = 31 [deprecated = true]; // Indicates that the route has a hedge policy. Note that if this is set, // it'll take precedence over the virtual host level hedge policy entirely // (e.g.: policies are not merged, most internal one becomes the enforced policy). HedgePolicy hedge_policy = 27; // Specifies the maximum stream duration for this route. MaxStreamDuration max_stream_duration = 36; } // HTTP retry :ref:`architecture overview `. // [#next-free-field: 12] message RetryPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy"; enum ResetHeaderFormat { SECONDS = 0; UNIX_TIMESTAMP = 1; } message RetryPriority { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryPriority"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryHostPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryHostPredicate"; reserved 2; reserved "config"; string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { google.protobuf.Any typed_config = 3; } } message RetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RetryBackOff"; // Specifies the base interval between retries. This parameter is required and must be greater // than zero. Values less than 1 ms are rounded up to 1 ms. // See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's // back-off algorithm. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {} }]; // Specifies the maximum interval between retries. This parameter is optional, but must be // greater than or equal to the `base_interval` if set. The default is 10 times the // `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion // of Envoy's back-off algorithm. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } message ResetHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.ResetHeader"; string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; ResetHeaderFormat format = 2 [(validate.rules).enum = {defined_only: true}]; } // A retry back-off strategy that applies when the upstream server rate limits // the request. // // Given this configuration: // // .. code-block:: yaml // // rate_limited_retry_back_off: // reset_headers: // - name: Retry-After // format: SECONDS // - name: X-RateLimit-Reset // format: UNIX_TIMESTAMP // max_interval: "300s" // // The following algorithm will apply: // // 1. If the response contains the header ``Retry-After`` its value must be on // the form ``120`` (an integer that represents the number of seconds to // wait before retrying). If so, this value is used as the back-off interval. // 2. Otherwise, if the response contains the header ``X-RateLimit-Reset`` its // value must be on the form ``1595320702`` (an integer that represents the // point in time at which to retry, as a Unix timestamp in seconds). If so, // the current time is subtracted from this value and the result is used as // the back-off interval. // 3. Otherwise, Envoy will use the default // :ref:`exponential back-off ` // strategy. // // No matter which format is used, if the resulting back-off interval exceeds // ``max_interval`` it is discarded and the next header in ``reset_headers`` // is tried. If a request timeout is configured for the route it will further // limit how long the request will be allowed to run. // // To prevent many clients retrying at the same point in time jitter is added // to the back-off interval, so the resulting interval is decided by taking: // ``random(interval, interval * 1.5)``. // // .. attention:: // // Configuring ``rate_limited_retry_back_off`` will not by itself cause a request // to be retried. You will still need to configure the right retry policy to match // the responses from the upstream server. message RateLimitedRetryBackOff { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff"; // Specifies the reset headers (like ``Retry-After`` or ``X-RateLimit-Reset``) // to match against the response. Headers are tried in order, and matched case // insensitive. The first header to be parsed successfully is used. If no headers // match the default exponential back-off is used instead. repeated ResetHeader reset_headers = 1 [(validate.rules).repeated = {min_items: 1}]; // Specifies the maximum back off interval that Envoy will allow. If a reset // header contains an interval longer than this then it will be discarded and // the next header will be tried. Defaults to 300 seconds. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; } // Specifies the conditions under which retry takes place. These are the same // conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and // :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. string retry_on = 1; // Specifies the allowed number of retries. This parameter is optional and // defaults to 1. These are the same conditions documented for // :ref:`config_http_filters_router_x-envoy-max-retries`. google.protobuf.UInt32Value max_retries = 2; // Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // // .. note:: // // If left unspecified, Envoy will use the global // :ref:`route timeout ` for the request. // Consequently, when using a :ref:`5xx ` based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to // :ref:`retry plugin configuration ` for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. // Refer to :ref:`retry plugin configuration ` for more // details. repeated RetryHostPredicate retry_host_predicate = 5; // The maximum number of times host selection will be reattempted before giving up, at which // point the host that was last selected will be routed to. If unspecified, this will default to // retrying once. int64 host_selection_retry_max_attempts = 6; // HTTP status codes that should trigger a retry in addition to those specified by retry_on. repeated uint32 retriable_status_codes = 7; // Specifies parameters that control exponential retry back off. This parameter is optional, in which case the // default base interval is 25 milliseconds or, if set, the current value of the // `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times // the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` // describes Envoy's back-off algorithm. RetryBackOff retry_back_off = 8; // Specifies parameters that control a retry back-off strategy that is used // when the request is rate limited by the upstream server. The server may // return a response header like ``Retry-After`` or ``X-RateLimit-Reset`` to // provide feedback to the client on how long to wait before retrying. If // configured, this back-off strategy will be used instead of the // default exponential back off strategy (configured using `retry_back_off`) // whenever a response includes the matching headers. RateLimitedRetryBackOff rate_limited_retry_back_off = 11; // HTTP response headers that trigger a retry if present in the response. A retry will be // triggered if any of the header matches match the upstream response headers. // The field is only consulted if 'retriable-headers' retry policy is active. repeated HeaderMatcher retriable_headers = 9; // HTTP headers which must be present in the request for retries to be attempted. repeated HeaderMatcher retriable_request_headers = 10; } // HTTP request hedging :ref:`architecture overview `. message HedgePolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.HedgePolicy"; // Specifies the number of initial requests that should be sent upstream. // Must be at least 1. // Defaults to 1. // [#not-implemented-hide:] google.protobuf.UInt32Value initial_requests = 1 [(validate.rules).uint32 = {gte: 1}]; // Specifies a probability that an additional upstream request should be sent // on top of what is specified by initial_requests. // Defaults to 0. // [#not-implemented-hide:] type.v3.FractionalPercent additional_request_chance = 2; // Indicates that a hedged request should be sent when the per-try timeout // is hit. This will only occur if the retry policy also indicates that a // timed out request should be retried. // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified // :ref:`RetryPolicy `. // Defaults to false. bool hedge_on_per_try_timeout = 3; } // [#next-free-field: 9] message RedirectAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RedirectAction"; enum RedirectResponseCode { // Moved Permanently HTTP Status Code - 301. MOVED_PERMANENTLY = 0; // Found HTTP Status Code - 302. FOUND = 1; // See Other HTTP Status Code - 303. SEE_OTHER = 2; // Temporary Redirect HTTP Status Code - 307. TEMPORARY_REDIRECT = 3; // Permanent Redirect HTTP Status Code - 308. PERMANENT_REDIRECT = 4; } // When the scheme redirection take place, the following rules apply: // 1. If the source URI scheme is `http` and the port is explicitly // set to `:80`, the port will be removed after the redirection // 2. If the source URI scheme is `https` and the port is explicitly // set to `:443`, the port will be removed after the redirection oneof scheme_rewrite_specifier { // The scheme portion of the URL will be swapped with "https". bool https_redirect = 4; // The scheme portion of the URL will be swapped with this value. string scheme_redirect = 7; } // The host portion of the URL will be swapped with this value. string host_redirect = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The port value of the URL will be swapped with this value. uint32 port_redirect = 8; oneof path_rewrite_specifier { // The path portion of the URL will be swapped with this value. // Please note that query string in path_redirect will override the // request's query string and will not be stripped. // // For example, let's say we have the following routes: // // - match: { path: "/old-path-1" } // redirect: { path_redirect: "/new-path-1" } // - match: { path: "/old-path-2" } // redirect: { path_redirect: "/new-path-2", strip-query: "true" } // - match: { path: "/old-path-3" } // redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } // // 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" // 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" // 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1" string path_redirect = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Indicates that during redirection, the matched prefix (or path) // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // // .. attention:: // // Pay attention to the use of trailing slashes as mentioned in // :ref:`RouteAction's prefix_rewrite `. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // The HTTP status code to use in the redirect response. The default response // code is MOVED_PERMANENTLY (301). RedirectResponseCode response_code = 3 [(validate.rules).enum = {defined_only: true}]; // Indicates that during redirection, the query portion of the URL will // be removed. Default value is false. bool strip_query = 6; } message DirectResponseAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.DirectResponseAction"; // Specifies the HTTP response status to be returned. uint32 status = 1 [(validate.rules).uint32 = {lt: 600 gte: 100}]; // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // // .. note:: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v4alpha.Route`, :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` or // :ref:`envoy_api_msg_config.route.v4alpha.VirtualHost`. core.v4alpha.DataSource body = 2; } message Decorator { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Decorator"; // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // // .. note:: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation // ` header. string operation = 1 [(validate.rules).string = {min_len: 1}]; // Whether the decorated details should be propagated to the other party. The default is true. google.protobuf.BoolValue propagate = 2; } message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.Tracing"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.FractionalPercent client_sampling = 1; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent random_sampling = 2; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.FractionalPercent overall_sampling = 3; // A list of custom tags with unique tag name to create tags for the active span. // It will take effect after merging with the :ref:`corresponding configuration // ` // configured in the HTTP connection manager. If two tags with the same name are configured // each in the HTTP connection manager and the route level, the one configured here takes // priority. repeated type.tracing.v3.CustomTag custom_tags = 4; } // A virtual cluster is a way of specifying a regex matching rule against // certain important endpoints such that statistics are generated explicitly for // the matched requests. The reason this is useful is that when doing // prefix/path matching Envoy does not always know what the application // considers to be an endpoint. Thus, it’s impossible for Envoy to generically // emit per endpoint statistics. However, often systems have highly critical // endpoints that they wish to get “perfect” statistics on. Virtual cluster // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // // Documentation for :ref:`virtual cluster statistics `. // // .. note:: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and // statistics output are not free. message VirtualCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.VirtualCluster"; reserved 1, 3; reserved "pattern", "method"; // Specifies a list of header matchers to use for matching requests. Each specified header must // match. The pseudo-headers `:path` and `:method` can be used to match the request path and // method, respectively. repeated HeaderMatcher headers = 4; // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the // router filter and are documented :ref:`here `. string name = 2 [(validate.rules).string = {min_len: 1}]; } // Global rate limiting :ref:`architecture overview `. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit"; // [#next-free-field: 8] message Action { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action"; // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("source_cluster", "") // // is derived from the :option:`--service-cluster` option. message SourceCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.SourceCluster"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. // * :ref:`cluster_header ` indicates which // header in the request contains the target cluster. message DestinationCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.DestinationCluster"; } // The following descriptor entry is appended when a header contains a key that matches the // *header_name*: // // .. code-block:: cpp // // ("", "") message RequestHeaders { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.RequestHeaders"; // The header name to be queried from the request headers. The header’s // value is used to populate the value of the descriptor entry for the // descriptor_key. string header_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The key to use in the descriptor entry. string descriptor_key = 2 [(validate.rules).string = {min_len: 1}]; // If set to true, Envoy skips the descriptor while calling rate limiting service // when header is not present in the request. By default it skips calling the // rate limiting service if this header is not present in the request. bool skip_if_absent = 3; } // The following descriptor entry is appended to the descriptor and is populated using the // trusted address from :ref:`x-forwarded-for `: // // .. code-block:: cpp // // ("remote_address", "") message RemoteAddress { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.RemoteAddress"; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("generic_key", "") message GenericKey { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.GenericKey"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // An optional key to use in the descriptor entry. If not set it defaults // to 'generic_key' as the descriptor key. string descriptor_key = 2; } // The following descriptor entry is appended to the descriptor: // // .. code-block:: cpp // // ("header_match", "") message HeaderValueMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.HeaderValueMatch"; // The value to use in the descriptor entry. string descriptor_value = 1 [(validate.rules).string = {min_len: 1}]; // If set to true, the action will append a descriptor entry when the // request matches the headers. If set to false, the action will append a // descriptor entry when the request does not match the headers. The // default value is true. google.protobuf.BoolValue expect_match = 2; // Specifies a set of headers that the rate limit action should match // on. The action will check the request’s headers against all the // specified headers in the config. A match will happen if all the // headers in the config are present in the request with the same values // (or based on presence if the value field is not in the config). repeated HeaderMatcher headers = 3 [(validate.rules).repeated = {min_items: 1}]; } // The following descriptor entry is appended when the dynamic metadata contains a key value: // // .. code-block:: cpp // // ("", "") message DynamicMetaData { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Action.DynamicMetaData"; // The key to use in the descriptor entry. string descriptor_key = 1 [(validate.rules).string = {min_len: 1}]; // Metadata struct that defines the key and path to retrieve the string value. A match will // only happen if the value in the dynamic metadata is of type string. type.metadata.v3.MetadataKey metadata_key = 2 [(validate.rules).message = {required: true}]; // An optional value to use if *metadata_key* is empty. If not set and // no value is present under the metadata_key then no descriptor is generated. string default_value = 3; } oneof action_specifier { option (validate.required) = true; // Rate limit on source cluster. SourceCluster source_cluster = 1; // Rate limit on destination cluster. DestinationCluster destination_cluster = 2; // Rate limit on request headers. RequestHeaders request_headers = 3; // Rate limit on remote address. RemoteAddress remote_address = 4; // Rate limit on a generic key. GenericKey generic_key = 5; // Rate limit on the existence of request headers. HeaderValueMatch header_value_match = 6; // Rate limit on dynamic metadata. DynamicMetaData dynamic_metadata = 7; } } message Override { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Override"; // Fetches the override from the dynamic metadata. message DynamicMetadata { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.RateLimit.Override.DynamicMetadata"; // Metadata struct that defines the key and path to retrieve the struct value. // The value must be a struct containing an integer "requests_per_unit" property // and a "unit" property with a value parseable to :ref:`RateLimitUnit // enum ` type.metadata.v3.MetadataKey metadata_key = 1 [(validate.rules).message = {required: true}]; } oneof override_specifier { option (validate.required) = true; // Limit override from dynamic metadata. DynamicMetadata dynamic_metadata = 1; } } // Refers to the stage set in the filter. The rate limit configuration only // applies to filters with the same stage number. The default stage number is // 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; // The key to be set in runtime to disable this rate limit configuration. string disable_key = 2; // A list of actions that are to be applied for this rate limit configuration. // Order matters as the actions are processed sequentially and the descriptor // is composed by appending descriptor entries in that sequence. If an action // cannot append a descriptor entry, no descriptor is generated for the // configuration. See :ref:`composing actions // ` for additional documentation. repeated Action actions = 3 [(validate.rules).repeated = {min_items: 1}]; // An optional limit override to be appended to the descriptor produced by this // rate limit configuration. If the override value is invalid or cannot be resolved // from metadata, no override is provided. See :ref:`rate limit override // ` for more information. Override limit = 4; } // .. attention:: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // // .. attention:: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., // // .. code-block:: json // // { // "name": ":method", // "exact_match": "POST" // } // // .. attention:: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's // value. // // [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] // [#next-free-field: 13] message HeaderMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.HeaderMatcher"; reserved 2, 3, 5; reserved "regex_match"; // Specifies the name of the header in the request. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // Specifies how the header match will be performed to route the request. oneof header_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 4; // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. type.matcher.v4alpha.RegexMatcher safe_regex_match = 11; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting of // an optional plus or minus sign followed by a sequence of digits. The rule will not match if // the header value does not represent an integer. Match will fail for empty values, floating // point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, // "-1somestring" type.v3.Int64Range range_match = 6; // If specified, header match will be performed based on whether the header is in the // request. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. // Note: empty prefix is not allowed, please use present_match instead. // // Examples: // // * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. string prefix_match = 9 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on the suffix of the header value. // Note: empty suffix is not allowed, please use present_match instead. // // Examples: // // * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. string suffix_match = 10 [(validate.rules).string = {min_len: 1}]; // If specified, header match will be performed based on whether the header value contains // the given value or not. // Note: empty contains match is not allowed, please use present_match instead. // // Examples: // // * The value *abcd* matches the value *xyzabcdpqr*, but not for *xyzbcdpqr*. string contains_match = 12 [(validate.rules).string = {min_len: 1}]; } // If specified, the match result will be inverted before checking. Defaults to false. // // Examples: // // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } // Query parameter matching treats the query string of a request's :path header // as an ampersand-separated list of keys and/or key=value elements. // [#next-free-field: 7] message QueryParameterMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.QueryParameterMatcher"; reserved 3, 4; reserved "value", "regex"; // Specifies the name of a key that must be present in the requested // *path*'s query string. string name = 1 [(validate.rules).string = {min_len: 1 max_bytes: 1024}]; oneof query_parameter_match_specifier { // Specifies whether a query parameter value should match against a string. type.matcher.v4alpha.StringMatcher string_match = 5 [(validate.rules).message = {required: true}]; // Specifies whether a query parameter should be present. bool present_match = 6; } } // HTTP Internal Redirect :ref:`architecture overview `. message InternalRedirectPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.InternalRedirectPolicy"; // An internal redirect is not handled, unless the number of previous internal redirects that a // downstream request has encountered is lower than this value. // In the case where a downstream request is bounced among multiple routes by internal redirect, // the first route that hits this threshold, or does not set :ref:`internal_redirect_policy // ` // will pass the redirect back to downstream. // // If not specified, at most one redirect will be followed. google.protobuf.UInt32Value max_internal_redirects = 1; // Defines what upstream response codes are allowed to trigger internal redirect. If unspecified, // only 302 will be treated as internal redirect. // Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored. repeated uint32 redirect_response_codes = 2 [(validate.rules).repeated = {max_items: 5}]; // Specifies a list of predicates that are queried when an upstream response is deemed // to trigger an internal redirect by all other criteria. Any predicate in the list can reject // the redirect, causing the response to be proxied to downstream. repeated core.v4alpha.TypedExtensionConfig predicates = 3; // Allow internal redirect to follow a target URI with a different scheme than the value of // x-forwarded-proto. The default is false. bool allow_cross_scheme_redirect = 4; } ================================================ FILE: generated_api_shadow/envoy/config/route/v4alpha/scoped_route.proto ================================================ syntax = "proto3"; package envoy.config.route.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.route.v4alpha"; option java_outer_classname = "ScopedRouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP scoped routing configuration] // * Routing :ref:`architecture overview ` // Specifies a routing scope, which associates a // :ref:`Key` to a // :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` (identified by its resource name). // // The HTTP connection manager builds up a table consisting of these Key to // RouteConfiguration mappings, and looks up the RouteConfiguration to use per // request according to the algorithm specified in the // :ref:`scope_key_builder` // assigned to the HttpConnectionManager. // // For example, with the following configurations (in YAML): // // HttpConnectionManager config: // // .. code:: // // ... // scoped_routes: // name: foo-scoped-routes // scope_key_builder: // fragments: // - header_value_extractor: // name: X-Route-Selector // element_separator: , // element: // separator: = // key: vip // // ScopedRouteConfiguration resources (specified statically via // :ref:`scoped_route_configurations_list` // or obtained dynamically via SRDS): // // .. code:: // // (1) // name: route-scope1 // route_configuration_name: route-config1 // key: // fragments: // - string_key: 172.10.10.20 // // (2) // name: route-scope2 // route_configuration_name: route-config2 // key: // fragments: // - string_key: 172.20.20.30 // // A request from a client such as: // // .. code:: // // GET / HTTP/1.1 // Host: foo.com // X-Route-Selector: vip=172.10.10.20 // // would result in the routing table defined by the `route-config1` // RouteConfiguration being assigned to the HTTP request/stream. // message ScopedRouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration"; // Specifies a key which is matched against the output of the // :ref:`scope_key_builder` // specified in the HttpConnectionManager. The matching is done per HTTP // request and is dependent on the order of the fragments contained in the // Key. message Key { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration.Key"; message Fragment { option (udpa.annotations.versioning).previous_message_type = "envoy.config.route.v3.ScopedRouteConfiguration.Key.Fragment"; oneof type { option (validate.required) = true; // A string to match against. string string_key = 1; } } // The ordered set of fragments to match against. The order must match the // fragments in the corresponding // :ref:`scope_key_builder`. repeated Fragment fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // Whether the RouteConfiguration should be loaded on demand. bool on_demand = 4; // The name assigned to the routing scope. string name = 1 [(validate.rules).string = {min_len: 1}]; // The resource name to use for a :ref:`envoy_api_msg_service.discovery.v4alpha.DiscoveryRequest` to an // RDS server to fetch the :ref:`envoy_api_msg_config.route.v4alpha.RouteConfiguration` associated // with this scope. string route_configuration_name = 2 [(validate.rules).string = {min_len: 1}]; // The key to match against. Key key = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.config.tap.v3; import "envoy/config/common/matcher/v3/matcher.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.TapConfig"; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. MatchPredicate match_config = 1 [deprecated = true]; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. common.matcher.v3.MatchPredicate match = 4; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. core.v3.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.HttpHeadersMatch"; // HTTP headers to match. repeated route.v3.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { message GenericTextMatch { oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } // Tap output configuration. message OutputConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.OutputConfig"; // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.OutputSink"; // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. // [#comment: TODO(samflattery): remove cleanup in uber_per_filter.cc once implemented] StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamingAdminSink"; } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.FilePerTapSink"; // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_len: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamingGrpcSink"; // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/matcher/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/tap/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.config.tap.v4alpha; import "envoy/config/common/matcher/v4alpha/matcher.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.tap.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.TapConfig"; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. MatchPredicate hidden_envoy_deprecated_match_config = 1 [deprecated = true]; // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. // Exactly one of :ref:`match ` and // :ref:`match_config ` must be set. If both // are set, the :ref:`match ` will be used. common.matcher.v4alpha.MatchPredicate match = 4; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. core.v4alpha.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 11] message MatchPredicate { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.MatchPredicate"; // A set of match configurations used for logical operations. message MatchSet { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.MatchPredicate.MatchSet"; // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; // HTTP request generic body match configuration. HttpGenericBodyMatch http_request_generic_body_match = 9; // HTTP response generic body match configuration. HttpGenericBodyMatch http_response_generic_body_match = 10; } } // HTTP headers match configuration. message HttpHeadersMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpHeadersMatch"; // HTTP headers to match. repeated route.v4alpha.HeaderMatcher headers = 1; } // HTTP generic body match configuration. // List of text strings and hex strings to be located in HTTP body. // All specified strings must be found in the HTTP body for positive match. // The search may be limited to specified number of bytes from the body start. // // .. attention:: // // Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match. // If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified // to scan only part of the http body. message HttpGenericBodyMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpGenericBodyMatch"; message GenericTextMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.HttpGenericBodyMatch.GenericTextMatch"; oneof rule { option (validate.required) = true; // Text string to be located in HTTP body. string string_match = 1 [(validate.rules).string = {min_len: 1}]; // Sequence of bytes to be located in HTTP body. bytes binary_match = 2 [(validate.rules).bytes = {min_len: 1}]; } } // Limits search to specified number of bytes - default zero (no limit - match entire captured buffer). uint32 bytes_limit = 1; // List of patterns to match. repeated GenericTextMatch patterns = 2 [(validate.rules).repeated = {min_items: 1}]; } // Tap output configuration. message OutputConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.OutputConfig"; // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.OutputSink"; // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. // [#comment: TODO(samflattery): remove cleanup in uber_per_filter.cc once implemented] StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.StreamingAdminSink"; } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.FilePerTapSink"; // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_len: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { option (udpa.annotations.versioning).previous_message_type = "envoy.config.tap.v3.StreamingGrpcSink"; // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. core.v4alpha.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/datadog.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_bytes: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_bytes: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_bytes: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Struct config = 2 [deprecated = true]; google.protobuf.Any typed_config = 3; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/lightstep.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_bytes: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/opencensus.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "envoy/api/v2/core/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. api.v2.core.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. api.v2.core.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "envoy/api/v2/core/grpc_service.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { // The upstream gRPC cluster that hosts the metrics service. api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/trace.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "udpa/annotations/status.proto"; import public "envoy/config/trace/v2/datadog.proto"; import public "envoy/config/trace/v2/dynamic_ot.proto"; import public "envoy/config/trace/v2/http_tracer.proto"; import public "envoy/config/trace/v2/lightstep.proto"; import public "envoy/config/trace/v2/opencensus.proto"; import public "envoy/config/trace/v2/service.proto"; import public "envoy/config/trace/v2/zipkin.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "TraceProto"; option java_multiple_files = true; ================================================ FILE: generated_api_shadow/envoy/config/trace/v2/zipkin.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] HTTP_JSON_V1 = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_bytes: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/trace/v2alpha/xray.proto ================================================ syntax = "proto3"; package envoy.config.trace.v2alpha; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v2alpha"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. api.v2.core.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ api.v2.core.DataSource sampling_rule_manifest = 3; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/datadog.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.datadog.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.DatadogConfig"; // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.dynamic_ot.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.DynamicOtConfig"; // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_len: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.Tracing"; // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.Tracing.Http"; // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_len: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/lightstep.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.lightstep.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.LightstepConfig"; // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_len: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/opencensus.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.opencensus.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.OpenCensusConfig"; enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. core.v3.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. core.v3.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.TraceServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v3.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/trace.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "udpa/annotations/status.proto"; import public "envoy/config/trace/v3/datadog.proto"; import public "envoy/config/trace/v3/dynamic_ot.proto"; import public "envoy/config/trace/v3/http_tracer.proto"; import public "envoy/config/trace/v3/lightstep.proto"; import public "envoy/config/trace/v3/opencensus.proto"; import public "envoy/config/trace/v3/service.proto"; import public "envoy/config/trace/v3/zipkin.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "TraceProto"; option java_multiple_files = true; ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/xray.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.xray.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2alpha.XRayConfig"; message SegmentFields { // The type of AWS resource, e.g. "AWS::AppMesh::Proxy". string origin = 1; // AWS resource metadata dictionary. // See: `X-Ray Segment Document documentation `__ google.protobuf.Struct aws = 2; } // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. core.v3.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ core.v3.DataSource sampling_rule_manifest = 3; // Optional custom fields to be added to each trace segment. // see: `X-Ray Segment Document documentation // `__ SegmentFields segment_fields = 4; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v3/zipkin.proto ================================================ syntax = "proto3"; package envoy.config.trace.v3; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v3"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.tracers.zipkin.v4alpha"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v2.ZipkinConfig"; // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] hidden_envoy_deprecated_HTTP_JSON_V1 = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/trace/v4alpha/http_tracer.proto ================================================ syntax = "proto3"; package envoy.config.trace.v4alpha; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v4alpha"; option java_outer_classname = "HttpTracerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tracing] // Tracing :ref:`architecture overview `. // The tracing configuration specifies settings for an HTTP tracer provider used by Envoy. // // Envoy may support other tracers in the future, but right now the HTTP tracer is the only one // supported. // // .. attention:: // // Use of this message type has been deprecated in favor of direct use of // :ref:`Tracing.Http `. message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.Tracing"; // Configuration for an HTTP tracer provider used by Envoy. // // The configuration is defined by the // :ref:`HttpConnectionManager.Tracing ` // :ref:`provider ` // field. message Http { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.Tracing.Http"; reserved 2; reserved "config"; // The name of the HTTP trace driver to instantiate. The name must match a // supported HTTP trace driver. Built-in trace drivers: // // - *envoy.tracers.lightstep* // - *envoy.tracers.zipkin* // - *envoy.tracers.dynamic_ot* // - *envoy.tracers.datadog* // - *envoy.tracers.opencensus* // - *envoy.tracers.xray* string name = 1 [(validate.rules).string = {min_len: 1}]; // Trace driver specific configuration which depends on the driver being instantiated. // See the trace drivers for examples: // // - :ref:`LightstepConfig ` // - :ref:`ZipkinConfig ` // - :ref:`DynamicOtConfig ` // - :ref:`DatadogConfig ` // - :ref:`OpenCensusConfig ` // - :ref:`AWS X-Ray ` oneof config_type { google.protobuf.Any typed_config = 3; } } // Provides configuration for the HTTP tracer. Http http = 1; } ================================================ FILE: generated_api_shadow/envoy/config/trace/v4alpha/service.proto ================================================ syntax = "proto3"; package envoy.config.trace.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.trace.v4alpha"; option java_outer_classname = "ServiceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Trace Service] // Configuration structure. message TraceServiceConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.TraceServiceConfig"; // The upstream gRPC cluster that hosts the metrics service. core.v4alpha.GrpcService grpc_service = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/alts/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/alts/v2alpha/alts.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.alts.v2alpha; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.alts.v2alpha"; option java_outer_classname = "AltsProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.alts.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: ALTS] // [#extension: envoy.transport_sockets.alts] // Configuration for ALTS transport socket. This provides Google's ALTS protocol to Envoy. // https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/ message Alts { // The location of a handshaker service, this is usually 169.254.169.254:8080 // on GCE. string handshaker_service = 1 [(validate.rules).string = {min_bytes: 1}]; // The acceptable service accounts from peer, peers not in the list will be rejected in the // handshake validation step. If empty, no validation will be performed. repeated string peer_service_accounts = 2; } ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/raw_buffer/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/raw_buffer/v2/raw_buffer.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.raw_buffer.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.raw_buffer.v2"; option java_outer_classname = "RawBufferProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.raw_buffer.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Raw Buffer] // [#extension: envoy.transport_sockets.raw_buffer] // Configuration for raw buffer transport socket. message RawBuffer { } ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "//envoy/config/common/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/config/transport_socket/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.config.transport_socket.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/config/common/tap/v2alpha/common.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.transport_socket.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.transport_sockets.tap.v3"; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { // Common configuration for the tap transport socket. common.tap.v2alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. api.v2.core.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/data/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/accesslog/v2/accesslog.proto ================================================ syntax = "proto3"; package envoy.data.accesslog.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.accesslog.v2"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC access logs] // Envoy access logs describe incoming interaction with Envoy over a fixed // period of time, and typically cover a single request/response exchange, // (e.g. HTTP), stream (e.g. over HTTP/gRPC), or proxied connection (e.g. TCP). // Access logs contain fields defined in protocol-specific protobuf messages. // // Except where explicitly declared otherwise, all fields describe // *downstream* interaction between Envoy and a connected client. // Fields describing *upstream* interaction will explicitly include ``upstream`` // in their name. message TCPAccessLogEntry { // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; // Properties of the TCP connection. ConnectionProperties connection_properties = 2; } message HTTPAccessLogEntry { // HTTP version enum HTTPVersion { PROTOCOL_UNSPECIFIED = 0; HTTP10 = 1; HTTP11 = 2; HTTP2 = 3; HTTP3 = 4; } // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; HTTPVersion protocol_version = 2; // Description of the incoming HTTP request. HTTPRequestProperties request = 3; // Description of the outgoing HTTP response. HTTPResponseProperties response = 4; } // Defines fields for a connection message ConnectionProperties { // Number of bytes received from downstream. uint64 received_bytes = 1; // Number of bytes sent to downstream. uint64 sent_bytes = 2; } // Defines fields that are shared by all Envoy access logs. // [#next-free-field: 22] message AccessLogCommon { // [#not-implemented-hide:] // This field indicates the rate at which this log entry was sampled. // Valid range is (0.0, 1.0]. double sample_rate = 1 [(validate.rules).double = {lte: 1.0 gt: 0.0}]; // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. api.v2.core.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. api.v2.core.Address downstream_local_address = 3; // If the connection is secure,S this field will contain TLS properties. TLSProperties tls_properties = 4; // The time that Envoy started servicing this request. This is effectively the time that the first // downstream byte is received. google.protobuf.Timestamp start_time = 5; // Interval between the first downstream byte received and the last // downstream byte received (i.e. time it takes to receive a request). google.protobuf.Duration time_to_last_rx_byte = 6; // Interval between the first downstream byte received and the first upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_upstream_tx_byte = 7; // Interval between the first downstream byte received and the last upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_last_upstream_tx_byte = 8; // Interval between the first downstream byte received and the first upstream // byte received (i.e. time it takes to start receiving a response). google.protobuf.Duration time_to_first_upstream_rx_byte = 9; // Interval between the first downstream byte received and the last upstream // byte received (i.e. time it takes to receive a complete response). google.protobuf.Duration time_to_last_upstream_rx_byte = 10; // Interval between the first downstream byte received and the first downstream byte sent. // There may be a considerable delta between the *time_to_first_upstream_rx_byte* and this field // due to filters. Additionally, the same caveats apply as documented in // *time_to_last_downstream_tx_byte* about not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_downstream_tx_byte = 11; // Interval between the first downstream byte received and the last downstream byte sent. // Depending on protocol, buffering, windowing, filters, etc. there may be a considerable delta // between *time_to_last_upstream_rx_byte* and this field. Note also that this is an approximate // time. In the current implementation it does not include kernel socket buffer time. In the // current implementation it also does not include send window buffering inside the HTTP/2 codec. // In the future it is likely that work will be done to make this duration more accurate. google.protobuf.Duration time_to_last_downstream_tx_byte = 12; // The upstream remote/destination address that handles this exchange. This does not include // retries. api.v2.core.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. api.v2.core.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; // Flags indicating occurrences during request/response processing. ResponseFlags response_flags = 16; // All metadata encountered during request processing, including endpoint // selection. // // This can be used to associate IDs attached to the various configurations // used to process this request with the access log entry. For example, a // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. api.v2.core.Metadata metadata = 17; // If upstream connection failed due to transport socket (e.g. TLS handshake), provides the // failure reason from the transport socket. The format of this field depends on the configured // upstream transport socket. Common TLS failures are in // :ref:`TLS trouble shooting `. string upstream_transport_failure_reason = 18; // The name of the route string route_name = 19; // This field is the downstream direct remote address on which the request from the user was // received. Note: This is always the physical peer, even if the remote address is inferred from // for example the x-forwarder-for header, proxy protocol, etc. api.v2.core.Address downstream_direct_remote_address = 20; // Map of filter state in stream info that have been configured to be logged. If the filter // state serialized to any message other than `google.protobuf.Any` it will be packed into // `google.protobuf.Any`. map filter_state_objects = 21; } // Flags indicating occurrences during request/response processing. // [#next-free-field: 20] message ResponseFlags { message Unauthorized { // Reasons why the request was unauthorized enum Reason { REASON_UNSPECIFIED = 0; // The request was denied by the external authorization service. EXTERNAL_SERVICE = 1; } Reason reason = 1; } // Indicates local server healthcheck failed. bool failed_local_healthcheck = 1; // Indicates there was no healthy upstream. bool no_healthy_upstream = 2; // Indicates an there was an upstream request timeout. bool upstream_request_timeout = 3; // Indicates local codec level reset was sent on the stream. bool local_reset = 4; // Indicates remote codec level reset was received on the stream. bool upstream_remote_reset = 5; // Indicates there was a local reset by a connection pool due to an initial connection failure. bool upstream_connection_failure = 6; // Indicates the stream was reset due to an upstream connection termination. bool upstream_connection_termination = 7; // Indicates the stream was reset because of a resource overflow. bool upstream_overflow = 8; // Indicates no route was found for the request. bool no_route_found = 9; // Indicates that the request was delayed before proxying. bool delay_injected = 10; // Indicates that the request was aborted with an injected error code. bool fault_injected = 11; // Indicates that the request was rate-limited locally. bool rate_limited = 12; // Indicates if the request was deemed unauthorized and the reason for it. Unauthorized unauthorized_details = 13; // Indicates that the request was rejected because there was an error in rate limit service. bool rate_limit_service_error = 14; // Indicates the stream was reset due to a downstream connection termination. bool downstream_connection_termination = 15; // Indicates that the upstream retry limit was exceeded, resulting in a downstream error. bool upstream_retry_limit_exceeded = 16; // Indicates that the stream idle timeout was hit, resulting in a downstream 408. bool stream_idle_timeout = 17; // Indicates that the request was rejected because an envoy request header failed strict // validation. bool invalid_envoy_request_headers = 18; // Indicates there was an HTTP protocol error on the downstream request. bool downstream_protocol_error = 19; } // Properties of a negotiated TLS connection. // [#next-free-field: 7] message TLSProperties { enum TLSVersion { VERSION_UNSPECIFIED = 0; TLSv1 = 1; TLSv1_1 = 2; TLSv1_2 = 3; TLSv1_3 = 4; } message CertificateProperties { message SubjectAltName { oneof san { string uri = 1; // [#not-implemented-hide:] string dns = 2; } } // SANs present in the certificate. repeated SubjectAltName subject_alt_name = 1; // The subject field of the certificate. string subject = 2; } // Version of TLS that was negotiated. TLSVersion tls_version = 1; // TLS cipher suite negotiated during handshake. The value is a // four-digit hex code defined by the IANA TLS Cipher Suite Registry // (e.g. ``009C`` for ``TLS_RSA_WITH_AES_128_GCM_SHA256``). // // Here it is expressed as an integer. google.protobuf.UInt32Value tls_cipher_suite = 2; // SNI hostname from handshake. string tls_sni_hostname = 3; // Properties of the local certificate used to negotiate TLS. CertificateProperties local_certificate_properties = 4; // Properties of the peer certificate used to negotiate TLS. CertificateProperties peer_certificate_properties = 5; // The TLS session ID. string tls_session_id = 6; } // [#next-free-field: 14] message HTTPRequestProperties { // The request method (RFC 7231/2616). api.v2.core.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; // The scheme portion of the incoming request URI. string scheme = 2; // HTTP/2 ``:authority`` or HTTP/1.1 ``Host`` header value. string authority = 3; // The port of the incoming request URI // (unused currently, as port is composed onto authority). google.protobuf.UInt32Value port = 4; // The path portion from the incoming request URI. string path = 5; // Value of the ``User-Agent`` request header. string user_agent = 6; // Value of the ``Referer`` request header. string referer = 7; // Value of the ``X-Forwarded-For`` request header. string forwarded_for = 8; // Value of the ``X-Request-Id`` request header // // This header is used by Envoy to uniquely identify a request. // It will be generated for all external requests and internal requests that // do not already have a request ID. string request_id = 9; // Value of the ``X-Envoy-Original-Path`` request header. string original_path = 10; // Size of the HTTP request headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_headers_bytes = 11; // Size of the HTTP request body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_body_bytes = 12; // Map of additional headers that have been configured to be logged. map request_headers = 13; } // [#next-free-field: 7] message HTTPResponseProperties { // The HTTP response code returned by Envoy. google.protobuf.UInt32Value response_code = 1; // Size of the HTTP response headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_headers_bytes = 2; // Size of the HTTP response body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_body_bytes = 3; // Map of additional headers configured to be logged. map response_headers = 4; // Map of trailers configured to be logged. map response_trailers = 5; // The HTTP response code details. string response_code_details = 6; } ================================================ FILE: generated_api_shadow/envoy/data/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/accesslog/v3/accesslog.proto ================================================ syntax = "proto3"; package envoy.data.accesslog.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.accesslog.v3"; option java_outer_classname = "AccesslogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC access logs] // Envoy access logs describe incoming interaction with Envoy over a fixed // period of time, and typically cover a single request/response exchange, // (e.g. HTTP), stream (e.g. over HTTP/gRPC), or proxied connection (e.g. TCP). // Access logs contain fields defined in protocol-specific protobuf messages. // // Except where explicitly declared otherwise, all fields describe // *downstream* interaction between Envoy and a connected client. // Fields describing *upstream* interaction will explicitly include ``upstream`` // in their name. message TCPAccessLogEntry { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TCPAccessLogEntry"; // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; // Properties of the TCP connection. ConnectionProperties connection_properties = 2; } message HTTPAccessLogEntry { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPAccessLogEntry"; // HTTP version enum HTTPVersion { PROTOCOL_UNSPECIFIED = 0; HTTP10 = 1; HTTP11 = 2; HTTP2 = 3; HTTP3 = 4; } // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; HTTPVersion protocol_version = 2; // Description of the incoming HTTP request. HTTPRequestProperties request = 3; // Description of the outgoing HTTP response. HTTPResponseProperties response = 4; } // Defines fields for a connection message ConnectionProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ConnectionProperties"; // Number of bytes received from downstream. uint64 received_bytes = 1; // Number of bytes sent to downstream. uint64 sent_bytes = 2; } // Defines fields that are shared by all Envoy access logs. // [#next-free-field: 22] message AccessLogCommon { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.AccessLogCommon"; // [#not-implemented-hide:] // This field indicates the rate at which this log entry was sampled. // Valid range is (0.0, 1.0]. double sample_rate = 1 [(validate.rules).double = {lte: 1.0 gt: 0.0}]; // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. config.core.v3.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. config.core.v3.Address downstream_local_address = 3; // If the connection is secure,S this field will contain TLS properties. TLSProperties tls_properties = 4; // The time that Envoy started servicing this request. This is effectively the time that the first // downstream byte is received. google.protobuf.Timestamp start_time = 5; // Interval between the first downstream byte received and the last // downstream byte received (i.e. time it takes to receive a request). google.protobuf.Duration time_to_last_rx_byte = 6; // Interval between the first downstream byte received and the first upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_upstream_tx_byte = 7; // Interval between the first downstream byte received and the last upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_last_upstream_tx_byte = 8; // Interval between the first downstream byte received and the first upstream // byte received (i.e. time it takes to start receiving a response). google.protobuf.Duration time_to_first_upstream_rx_byte = 9; // Interval between the first downstream byte received and the last upstream // byte received (i.e. time it takes to receive a complete response). google.protobuf.Duration time_to_last_upstream_rx_byte = 10; // Interval between the first downstream byte received and the first downstream byte sent. // There may be a considerable delta between the *time_to_first_upstream_rx_byte* and this field // due to filters. Additionally, the same caveats apply as documented in // *time_to_last_downstream_tx_byte* about not accounting for kernel socket buffer time, etc. google.protobuf.Duration time_to_first_downstream_tx_byte = 11; // Interval between the first downstream byte received and the last downstream byte sent. // Depending on protocol, buffering, windowing, filters, etc. there may be a considerable delta // between *time_to_last_upstream_rx_byte* and this field. Note also that this is an approximate // time. In the current implementation it does not include kernel socket buffer time. In the // current implementation it also does not include send window buffering inside the HTTP/2 codec. // In the future it is likely that work will be done to make this duration more accurate. google.protobuf.Duration time_to_last_downstream_tx_byte = 12; // The upstream remote/destination address that handles this exchange. This does not include // retries. config.core.v3.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. config.core.v3.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; // Flags indicating occurrences during request/response processing. ResponseFlags response_flags = 16; // All metadata encountered during request processing, including endpoint // selection. // // This can be used to associate IDs attached to the various configurations // used to process this request with the access log entry. For example, a // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. config.core.v3.Metadata metadata = 17; // If upstream connection failed due to transport socket (e.g. TLS handshake), provides the // failure reason from the transport socket. The format of this field depends on the configured // upstream transport socket. Common TLS failures are in // :ref:`TLS trouble shooting `. string upstream_transport_failure_reason = 18; // The name of the route string route_name = 19; // This field is the downstream direct remote address on which the request from the user was // received. Note: This is always the physical peer, even if the remote address is inferred from // for example the x-forwarder-for header, proxy protocol, etc. config.core.v3.Address downstream_direct_remote_address = 20; // Map of filter state in stream info that have been configured to be logged. If the filter // state serialized to any message other than `google.protobuf.Any` it will be packed into // `google.protobuf.Any`. map filter_state_objects = 21; } // Flags indicating occurrences during request/response processing. // [#next-free-field: 24] message ResponseFlags { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags"; message Unauthorized { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags.Unauthorized"; // Reasons why the request was unauthorized enum Reason { REASON_UNSPECIFIED = 0; // The request was denied by the external authorization service. EXTERNAL_SERVICE = 1; } Reason reason = 1; } // Indicates local server healthcheck failed. bool failed_local_healthcheck = 1; // Indicates there was no healthy upstream. bool no_healthy_upstream = 2; // Indicates an there was an upstream request timeout. bool upstream_request_timeout = 3; // Indicates local codec level reset was sent on the stream. bool local_reset = 4; // Indicates remote codec level reset was received on the stream. bool upstream_remote_reset = 5; // Indicates there was a local reset by a connection pool due to an initial connection failure. bool upstream_connection_failure = 6; // Indicates the stream was reset due to an upstream connection termination. bool upstream_connection_termination = 7; // Indicates the stream was reset because of a resource overflow. bool upstream_overflow = 8; // Indicates no route was found for the request. bool no_route_found = 9; // Indicates that the request was delayed before proxying. bool delay_injected = 10; // Indicates that the request was aborted with an injected error code. bool fault_injected = 11; // Indicates that the request was rate-limited locally. bool rate_limited = 12; // Indicates if the request was deemed unauthorized and the reason for it. Unauthorized unauthorized_details = 13; // Indicates that the request was rejected because there was an error in rate limit service. bool rate_limit_service_error = 14; // Indicates the stream was reset due to a downstream connection termination. bool downstream_connection_termination = 15; // Indicates that the upstream retry limit was exceeded, resulting in a downstream error. bool upstream_retry_limit_exceeded = 16; // Indicates that the stream idle timeout was hit, resulting in a downstream 408. bool stream_idle_timeout = 17; // Indicates that the request was rejected because an envoy request header failed strict // validation. bool invalid_envoy_request_headers = 18; // Indicates there was an HTTP protocol error on the downstream request. bool downstream_protocol_error = 19; // Indicates there was a max stream duration reached on the upstream request. bool upstream_max_stream_duration_reached = 20; // Indicates the response was served from a cache filter. bool response_from_cache_filter = 21; // Indicates that a filter configuration is not available. bool no_filter_config_found = 22; // Indicates that request or connection exceeded the downstream connection duration. bool duration_timeout = 23; } // Properties of a negotiated TLS connection. // [#next-free-field: 7] message TLSProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties"; enum TLSVersion { VERSION_UNSPECIFIED = 0; TLSv1 = 1; TLSv1_1 = 2; TLSv1_2 = 3; TLSv1_3 = 4; } message CertificateProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties.CertificateProperties"; message SubjectAltName { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.TLSProperties.CertificateProperties.SubjectAltName"; oneof san { string uri = 1; // [#not-implemented-hide:] string dns = 2; } } // SANs present in the certificate. repeated SubjectAltName subject_alt_name = 1; // The subject field of the certificate. string subject = 2; } // Version of TLS that was negotiated. TLSVersion tls_version = 1; // TLS cipher suite negotiated during handshake. The value is a // four-digit hex code defined by the IANA TLS Cipher Suite Registry // (e.g. ``009C`` for ``TLS_RSA_WITH_AES_128_GCM_SHA256``). // // Here it is expressed as an integer. google.protobuf.UInt32Value tls_cipher_suite = 2; // SNI hostname from handshake. string tls_sni_hostname = 3; // Properties of the local certificate used to negotiate TLS. CertificateProperties local_certificate_properties = 4; // Properties of the peer certificate used to negotiate TLS. CertificateProperties peer_certificate_properties = 5; // The TLS session ID. string tls_session_id = 6; } // [#next-free-field: 14] message HTTPRequestProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPRequestProperties"; // The request method (RFC 7231/2616). config.core.v3.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; // The scheme portion of the incoming request URI. string scheme = 2; // HTTP/2 ``:authority`` or HTTP/1.1 ``Host`` header value. string authority = 3; // The port of the incoming request URI // (unused currently, as port is composed onto authority). google.protobuf.UInt32Value port = 4; // The path portion from the incoming request URI. string path = 5; // Value of the ``User-Agent`` request header. string user_agent = 6; // Value of the ``Referer`` request header. string referer = 7; // Value of the ``X-Forwarded-For`` request header. string forwarded_for = 8; // Value of the ``X-Request-Id`` request header // // This header is used by Envoy to uniquely identify a request. // It will be generated for all external requests and internal requests that // do not already have a request ID. string request_id = 9; // Value of the ``X-Envoy-Original-Path`` request header. string original_path = 10; // Size of the HTTP request headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_headers_bytes = 11; // Size of the HTTP request body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 request_body_bytes = 12; // Map of additional headers that have been configured to be logged. map request_headers = 13; } // [#next-free-field: 7] message HTTPResponseProperties { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.HTTPResponseProperties"; // The HTTP response code returned by Envoy. google.protobuf.UInt32Value response_code = 1; // Size of the HTTP response headers in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_headers_bytes = 2; // Size of the HTTP response body in bytes. // // This value is captured from the OSI layer 7 perspective, i.e. it does not // include overhead from framing or encoding at other networking layers. uint64 response_body_bytes = 3; // Map of additional headers configured to be logged. map response_headers = 4; // Map of trailers configured to be logged. map response_trailers = 5; // The HTTP response code details. string response_code_details = 6; } ================================================ FILE: generated_api_shadow/envoy/data/cluster/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/data/cluster/v2alpha/outlier_detection_event.proto ================================================ syntax = "proto3"; package envoy.data.cluster.v2alpha; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.cluster.v2alpha"; option java_outer_classname = "OutlierDetectionEventProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.data.cluster.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Outlier detection logging events] // :ref:`Outlier detection logging `. // Type of ejection that took place enum OutlierEjectionType { // In case upstream host returns certain number of consecutive 5xx. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all type of errors are treated as HTTP 5xx errors. // See :ref:`Cluster outlier detection ` documentation for // details. CONSECUTIVE_5XX = 0; // In case upstream host returns certain number of consecutive gateway errors CONSECUTIVE_GATEWAY_FAILURE = 1; // Runs over aggregated success rate statistics from every host in cluster // and selects hosts for which ratio of successful replies deviates from other hosts // in the cluster. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors (externally and locally generated) are used to calculate success rate // statistics. See :ref:`Cluster outlier detection ` // documentation for details. SUCCESS_RATE = 2; // Consecutive local origin failures: Connection failures, resets, timeouts, etc // This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 3; // Runs over aggregated success rate statistics for local origin failures // for all hosts in the cluster and selects hosts for which success rate deviates from other // hosts in the cluster. This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for SUCCESS_RATE_LOCAL_ORIGIN = 4; // Runs over aggregated success rate statistics from every host in cluster and selects hosts for // which ratio of failed replies is above configured value. FAILURE_PERCENTAGE = 5; // Runs over aggregated success rate statistics for local origin failures from every host in // cluster and selects hosts for which ratio of failed replies is above configured value. FAILURE_PERCENTAGE_LOCAL_ORIGIN = 6; } // Represents possible action applied to upstream host enum Action { // In case host was excluded from service EJECT = 0; // In case host was brought back into service UNEJECT = 1; } // [#next-free-field: 12] message OutlierDetectionEvent { // In case of eject represents type of ejection that took place. OutlierEjectionType type = 1 [(validate.rules).enum = {defined_only: true}]; // Timestamp for event. google.protobuf.Timestamp timestamp = 2; // The time in seconds since the last action (either an ejection or unejection) took place. google.protobuf.UInt64Value secs_since_last_action = 3; // The :ref:`cluster ` that owns the ejected host. string cluster_name = 4 [(validate.rules).string = {min_bytes: 1}]; // The URL of the ejected host. E.g., ``tcp://1.2.3.4:80``. string upstream_url = 5 [(validate.rules).string = {min_bytes: 1}]; // The action that took place. Action action = 6 [(validate.rules).enum = {defined_only: true}]; // If ``action`` is ``eject``, specifies the number of times the host has been ejected (local to // that Envoy and gets reset if the host gets removed from the upstream cluster for any reason and // then re-added). uint32 num_ejections = 7; // If ``action`` is ``eject``, specifies if the ejection was enforced. ``true`` means the host was // ejected. ``false`` means the event was logged but the host was not actually ejected. bool enforced = 8; oneof event { option (validate.required) = true; OutlierEjectSuccessRate eject_success_rate_event = 9; OutlierEjectConsecutive eject_consecutive_event = 10; OutlierEjectFailurePercentage eject_failure_percentage_event = 11; } } message OutlierEjectSuccessRate { // Host’s success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; // Average success rate of the hosts in the cluster at the time of the ejection event on a 0-100 // range. uint32 cluster_average_success_rate = 2 [(validate.rules).uint32 = {lte: 100}]; // Success rate ejection threshold at the time of the ejection event. uint32 cluster_success_rate_ejection_threshold = 3 [(validate.rules).uint32 = {lte: 100}]; } message OutlierEjectConsecutive { } message OutlierEjectFailurePercentage { // Host's success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; } ================================================ FILE: generated_api_shadow/envoy/data/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/cluster/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/cluster/v3/outlier_detection_event.proto ================================================ syntax = "proto3"; package envoy.data.cluster.v3; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.cluster.v3"; option java_outer_classname = "OutlierDetectionEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Outlier detection logging events] // :ref:`Outlier detection logging `. // Type of ejection that took place enum OutlierEjectionType { // In case upstream host returns certain number of consecutive 5xx. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all type of errors are treated as HTTP 5xx errors. // See :ref:`Cluster outlier detection ` documentation for // details. CONSECUTIVE_5XX = 0; // In case upstream host returns certain number of consecutive gateway errors CONSECUTIVE_GATEWAY_FAILURE = 1; // Runs over aggregated success rate statistics from every host in cluster // and selects hosts for which ratio of successful replies deviates from other hosts // in the cluster. // If // :ref:`outlier_detection.split_external_local_origin_errors` // is *false*, all errors (externally and locally generated) are used to calculate success rate // statistics. See :ref:`Cluster outlier detection ` // documentation for details. SUCCESS_RATE = 2; // Consecutive local origin failures: Connection failures, resets, timeouts, etc // This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 3; // Runs over aggregated success rate statistics for local origin failures // for all hosts in the cluster and selects hosts for which success rate deviates from other // hosts in the cluster. This type of ejection happens only when // :ref:`outlier_detection.split_external_local_origin_errors` // is set to *true*. // See :ref:`Cluster outlier detection ` documentation for SUCCESS_RATE_LOCAL_ORIGIN = 4; // Runs over aggregated success rate statistics from every host in cluster and selects hosts for // which ratio of failed replies is above configured value. FAILURE_PERCENTAGE = 5; // Runs over aggregated success rate statistics for local origin failures from every host in // cluster and selects hosts for which ratio of failed replies is above configured value. FAILURE_PERCENTAGE_LOCAL_ORIGIN = 6; } // Represents possible action applied to upstream host enum Action { // In case host was excluded from service EJECT = 0; // In case host was brought back into service UNEJECT = 1; } // [#next-free-field: 12] message OutlierDetectionEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierDetectionEvent"; // In case of eject represents type of ejection that took place. OutlierEjectionType type = 1 [(validate.rules).enum = {defined_only: true}]; // Timestamp for event. google.protobuf.Timestamp timestamp = 2; // The time in seconds since the last action (either an ejection or unejection) took place. google.protobuf.UInt64Value secs_since_last_action = 3; // The :ref:`cluster ` that owns the ejected host. string cluster_name = 4 [(validate.rules).string = {min_len: 1}]; // The URL of the ejected host. E.g., ``tcp://1.2.3.4:80``. string upstream_url = 5 [(validate.rules).string = {min_len: 1}]; // The action that took place. Action action = 6 [(validate.rules).enum = {defined_only: true}]; // If ``action`` is ``eject``, specifies the number of times the host has been ejected (local to // that Envoy and gets reset if the host gets removed from the upstream cluster for any reason and // then re-added). uint32 num_ejections = 7; // If ``action`` is ``eject``, specifies if the ejection was enforced. ``true`` means the host was // ejected. ``false`` means the event was logged but the host was not actually ejected. bool enforced = 8; oneof event { option (validate.required) = true; OutlierEjectSuccessRate eject_success_rate_event = 9; OutlierEjectConsecutive eject_consecutive_event = 10; OutlierEjectFailurePercentage eject_failure_percentage_event = 11; } } message OutlierEjectSuccessRate { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectSuccessRate"; // Host’s success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; // Average success rate of the hosts in the cluster at the time of the ejection event on a 0-100 // range. uint32 cluster_average_success_rate = 2 [(validate.rules).uint32 = {lte: 100}]; // Success rate ejection threshold at the time of the ejection event. uint32 cluster_success_rate_ejection_threshold = 3 [(validate.rules).uint32 = {lte: 100}]; } message OutlierEjectConsecutive { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectConsecutive"; } message OutlierEjectFailurePercentage { option (udpa.annotations.versioning).previous_message_type = "envoy.data.cluster.v2alpha.OutlierEjectFailurePercentage"; // Host's success rate at the time of the ejection event on a 0-100 range. uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; } ================================================ FILE: generated_api_shadow/envoy/data/core/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/core/v2alpha/health_check_event.proto ================================================ syntax = "proto3"; package envoy.data.core.v2alpha; import "envoy/api/v2/core/address.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.core.v2alpha"; option java_outer_classname = "HealthCheckEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health check logging events] // :ref:`Health check logging `. enum HealthCheckFailureType { ACTIVE = 0; PASSIVE = 1; NETWORK = 2; } enum HealthCheckerType { HTTP = 0; TCP = 1; GRPC = 2; REDIS = 3; } // [#next-free-field: 10] message HealthCheckEvent { HealthCheckerType health_checker_type = 1 [(validate.rules).enum = {defined_only: true}]; api.v2.core.Address host = 2; string cluster_name = 3 [(validate.rules).string = {min_bytes: 1}]; oneof event { option (validate.required) = true; // Host ejection. HealthCheckEjectUnhealthy eject_unhealthy_event = 4; // Host addition. HealthCheckAddHealthy add_healthy_event = 5; // Host failure. HealthCheckFailure health_check_failure_event = 7; // Healthy host became degraded. DegradedHealthyHost degraded_healthy_host = 8; // A degraded host returned to being healthy. NoLongerDegradedHost no_longer_degraded_host = 9; } // Timestamp for event. google.protobuf.Timestamp timestamp = 6; } message HealthCheckEjectUnhealthy { // The type of failure that caused this ejection. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; } message HealthCheckAddHealthy { // Whether this addition is the result of the first ever health check on a host, in which case // the configured :ref:`healthy threshold ` // is bypassed and the host is immediately added. bool first_check = 1; } message HealthCheckFailure { // The type of failure that caused this event. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; // Whether this event is the result of the first ever health check on a host. bool first_check = 2; } message DegradedHealthyHost { } message NoLongerDegradedHost { } ================================================ FILE: generated_api_shadow/envoy/data/core/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/core/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/core/v3/health_check_event.proto ================================================ syntax = "proto3"; package envoy.data.core.v3; import "envoy/config/core/v3/address.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.core.v3"; option java_outer_classname = "HealthCheckEventProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check logging events] // :ref:`Health check logging `. enum HealthCheckFailureType { ACTIVE = 0; PASSIVE = 1; NETWORK = 2; } enum HealthCheckerType { HTTP = 0; TCP = 1; GRPC = 2; REDIS = 3; } // [#next-free-field: 10] message HealthCheckEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckEvent"; HealthCheckerType health_checker_type = 1 [(validate.rules).enum = {defined_only: true}]; config.core.v3.Address host = 2; string cluster_name = 3 [(validate.rules).string = {min_len: 1}]; oneof event { option (validate.required) = true; // Host ejection. HealthCheckEjectUnhealthy eject_unhealthy_event = 4; // Host addition. HealthCheckAddHealthy add_healthy_event = 5; // Host failure. HealthCheckFailure health_check_failure_event = 7; // Healthy host became degraded. DegradedHealthyHost degraded_healthy_host = 8; // A degraded host returned to being healthy. NoLongerDegradedHost no_longer_degraded_host = 9; } // Timestamp for event. google.protobuf.Timestamp timestamp = 6; } message HealthCheckEjectUnhealthy { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckEjectUnhealthy"; // The type of failure that caused this ejection. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; } message HealthCheckAddHealthy { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckAddHealthy"; // Whether this addition is the result of the first ever health check on a host, in which case // the configured :ref:`healthy threshold ` // is bypassed and the host is immediately added. bool first_check = 1; } message HealthCheckFailure { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.HealthCheckFailure"; // The type of failure that caused this event. HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; // Whether this event is the result of the first ever health check on a host. bool first_check = 2; } message DegradedHealthyHost { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.DegradedHealthyHost"; } message NoLongerDegradedHost { option (udpa.annotations.versioning).previous_message_type = "envoy.data.core.v2alpha.NoLongerDegradedHost"; } ================================================ FILE: generated_api_shadow/envoy/data/dns/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/dns/v2alpha/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v2alpha; import "envoy/type/matcher/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v2alpha"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { // This message contains a list of IP addresses returned for a query for a known name message AddressList { // This field contains a well formed IP address that is returned // in the answer for a name query. The address field can be an // IPv4 or IPv6 address. Address family detection is done automatically // when Envoy parses the string. Since this field is repeated, // Envoy will return one randomly chosen entry from this list in the // DNS response. The random index will vary per query so that we prevent // clients pinning on a single address for a configured domain repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // This message type is extensible and can contain a list of addresses // or dictate some other method for resolving the addresses for an // endpoint message DnsEndpoint { oneof endpoint_config { option (validate.required) = true; AddressList address_list = 1; } } message DnsVirtualDomain { // The domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 2 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address // of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in dns answers from Envoy returned to the client google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gt {}}]; } // Control how many times envoy makes an attempt to forward a query to // an external server uint32 external_retry_count = 1; // Fully qualified domain names for which Envoy will respond to queries repeated DnsVirtualDomain virtual_domains = 2 [(validate.rules).repeated = {min_items: 1}]; // This field serves to help Envoy determine whether it can authoritatively // answer a query for a name matching a suffix in this list. If the query // name does not match a suffix in this list, Envoy will forward // the query to an upstream DNS server repeated type.matcher.StringMatcher known_suffixes = 3; } ================================================ FILE: generated_api_shadow/envoy/data/dns/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/dns/v2alpha:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/dns/v3/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v3; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v3"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable"; // This message contains a list of IP addresses returned for a query for a known name message AddressList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.AddressList"; // This field contains a well formed IP address that is returned in the answer for a // name query. The address field can be an IPv4 or IPv6 address. Address family // detection is done automatically when Envoy parses the string. Since this field is // repeated, Envoy will return as many entries from this list in the DNS response while // keeping the response under 512 bytes repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // Specify the service protocol using a numeric or string value message DnsServiceProtocol { oneof protocol_config { option (validate.required) = true; // Specify the protocol number for the service. Envoy will try to resolve the number to // the protocol name. For example, 6 will resolve to "tcp". Refer to: // https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml // for protocol names and numbers uint32 number = 1 [(validate.rules).uint32 = {lt: 255}]; // Specify the protocol name for the service. string name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } } // Specify the target for a given DNS service // [#next-free-field: 6] message DnsServiceTarget { // Specify the name of the endpoint for the Service. The name is a hostname or a cluster oneof endpoint_type { option (validate.required) = true; // Use a resolvable hostname as the endpoint for a service. string host_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // Use a cluster name as the endpoint for a service. string cluster_name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } // The priority of the service record target uint32 priority = 3 [(validate.rules).uint32 = {lt: 65536}]; // The weight of the service record target uint32 weight = 4 [(validate.rules).uint32 = {lt: 65536}]; // The port to which the service is bound. This value is optional if the target is a // cluster. Setting port to zero in this case makes the filter use the port value // from the cluster host uint32 port = 5 [(validate.rules).uint32 = {lt: 65536}]; } // This message defines a service selection record returned for a service query in a domain message DnsService { // The name of the service without the protocol or domain name string service_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The service protocol. This can be specified as a string or the numeric value of the protocol DnsServiceProtocol protocol = 2; // The service entry time to live. This is independent from the DNS Answer record TTL google.protobuf.Duration ttl = 3 [(validate.rules).duration = {gte {seconds: 1}}]; // The list of targets hosting the service repeated DnsServiceTarget targets = 4 [(validate.rules).repeated = {min_items: 1}]; } // Define a list of service records for a given service message DnsServiceList { repeated DnsService services = 1 [(validate.rules).repeated = {min_items: 1}]; } message DnsEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.DnsEndpoint"; oneof endpoint_config { option (validate.required) = true; // Define a list of addresses to return for the specified endpoint AddressList address_list = 1; // Define a cluster whose addresses are returned for the specified endpoint string cluster_name = 2; // Define a DNS Service List for the specified endpoint DnsServiceList service_list = 3; } } message DnsVirtualDomain { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v2alpha.DnsTable.DnsVirtualDomain"; // A domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in DNS answers from Envoy returned to the client. The default TTL is 300s google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gte {seconds: 30}}]; } // Control how many times Envoy makes an attempt to forward a query to an external DNS server uint32 external_retry_count = 1 [(validate.rules).uint32 = {lte: 3}]; // Fully qualified domain names for which Envoy will respond to DNS queries. By leaving this // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server repeated type.matcher.v3.StringMatcher known_suffixes = 3; } ================================================ FILE: generated_api_shadow/envoy/data/dns/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/dns/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/dns/v4alpha/dns_table.proto ================================================ syntax = "proto3"; package envoy.data.dns.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.dns.v4alpha"; option java_outer_classname = "DnsTableProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: DNS Filter Table Data] // :ref:`DNS Filter config overview `. // This message contains the configuration for the DNS Filter if populated // from the control plane message DnsTable { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable"; // This message contains a list of IP addresses returned for a query for a known name message AddressList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.AddressList"; // This field contains a well formed IP address that is returned in the answer for a // name query. The address field can be an IPv4 or IPv6 address. Address family // detection is done automatically when Envoy parses the string. Since this field is // repeated, Envoy will return as many entries from this list in the DNS response while // keeping the response under 512 bytes repeated string address = 1 [(validate.rules).repeated = { min_items: 1 items {string {min_len: 3}} }]; } // Specify the service protocol using a numeric or string value message DnsServiceProtocol { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceProtocol"; oneof protocol_config { option (validate.required) = true; // Specify the protocol number for the service. Envoy will try to resolve the number to // the protocol name. For example, 6 will resolve to "tcp". Refer to: // https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml // for protocol names and numbers uint32 number = 1 [(validate.rules).uint32 = {lt: 255}]; // Specify the protocol name for the service. string name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } } // Specify the target for a given DNS service // [#next-free-field: 6] message DnsServiceTarget { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceTarget"; // Specify the name of the endpoint for the Service. The name is a hostname or a cluster oneof endpoint_type { option (validate.required) = true; // Use a resolvable hostname as the endpoint for a service. string host_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // Use a cluster name as the endpoint for a service. string cluster_name = 2 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; } // The priority of the service record target uint32 priority = 3 [(validate.rules).uint32 = {lt: 65536}]; // The weight of the service record target uint32 weight = 4 [(validate.rules).uint32 = {lt: 65536}]; // The port to which the service is bound. This value is optional if the target is a // cluster. Setting port to zero in this case makes the filter use the port value // from the cluster host uint32 port = 5 [(validate.rules).uint32 = {lt: 65536}]; } // This message defines a service selection record returned for a service query in a domain message DnsService { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsService"; // The name of the service without the protocol or domain name string service_name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The service protocol. This can be specified as a string or the numeric value of the protocol DnsServiceProtocol protocol = 2; // The service entry time to live. This is independent from the DNS Answer record TTL google.protobuf.Duration ttl = 3 [(validate.rules).duration = {gte {seconds: 1}}]; // The list of targets hosting the service repeated DnsServiceTarget targets = 4 [(validate.rules).repeated = {min_items: 1}]; } // Define a list of service records for a given service message DnsServiceList { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsServiceList"; repeated DnsService services = 1 [(validate.rules).repeated = {min_items: 1}]; } message DnsEndpoint { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsEndpoint"; oneof endpoint_config { option (validate.required) = true; // Define a list of addresses to return for the specified endpoint AddressList address_list = 1; // Define a cluster whose addresses are returned for the specified endpoint string cluster_name = 2; // Define a DNS Service List for the specified endpoint DnsServiceList service_list = 3; } } message DnsVirtualDomain { option (udpa.annotations.versioning).previous_message_type = "envoy.data.dns.v3.DnsTable.DnsVirtualDomain"; // A domain name for which Envoy will respond to query requests string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME}]; // The configuration containing the method to determine the address of this endpoint DnsEndpoint endpoint = 2; // Sets the TTL in DNS answers from Envoy returned to the client. The default TTL is 300s google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gte {seconds: 30}}]; } // Control how many times Envoy makes an attempt to forward a query to an external DNS server uint32 external_retry_count = 1 [(validate.rules).uint32 = {lte: 3}]; // Fully qualified domain names for which Envoy will respond to DNS queries. By leaving this // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server repeated type.matcher.v4alpha.StringMatcher known_suffixes = 3; } ================================================ FILE: generated_api_shadow/envoy/data/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap common data] // Wrapper for tapped body data. This includes HTTP request/response body, transport socket received // and transmitted data, etc. message Body { oneof body_type { // Body data as bytes. By default, tap body data will be present in this field, as the proto // `bytes` type can contain any valid byte. bytes as_bytes = 1; // Body data as string. This field is only used when the :ref:`JSON_BODY_AS_STRING // ` sink // format type is selected. See the documentation for that option for why this is useful. string as_string = 2; } // Specifies whether body data has been truncated to fit within the specified // :ref:`max_buffered_rx_bytes // ` and // :ref:`max_buffered_tx_bytes // ` settings. bool truncated = 3; } ================================================ FILE: generated_api_shadow/envoy/data/tap/v2alpha/http.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/data/tap/v2alpha/common.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP tap data] // A fully buffered HTTP trace message. message HttpBufferedTrace { // HTTP message wrapper. message Message { // Message headers. repeated api.v2.core.HeaderValue headers = 1; // Message body. Body body = 2; // Message trailers. repeated api.v2.core.HeaderValue trailers = 3; } // Request message. Message request = 1; // Response message. Message response = 2; } // A streamed HTTP trace segment. Multiple segments make up a full trace. // [#next-free-field: 8] message HttpStreamedTraceSegment { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. uint64 trace_id = 1; oneof message_piece { // Request headers. api.v2.core.HeaderMap request_headers = 2; // Request body chunk. Body request_body_chunk = 3; // Request trailers. api.v2.core.HeaderMap request_trailers = 4; // Response headers. api.v2.core.HeaderMap response_headers = 5; // Response body chunk. Body response_body_chunk = 6; // Response trailers. api.v2.core.HeaderMap response_trailers = 7; } } ================================================ FILE: generated_api_shadow/envoy/data/tap/v2alpha/transport.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/api/v2/core/address.proto"; import "envoy/data/tap/v2alpha/common.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "TransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Transport tap data] // Trace format for the tap transport socket extension. This dumps plain text read/write // sequences on a socket. // Connection properties. message Connection { // Local address. api.v2.core.Address local_address = 2; // Remote address. api.v2.core.Address remote_address = 3; } // Event in a socket trace. message SocketEvent { // Data read by Envoy from the transport socket. message Read { // TODO(htuch): Half-close for reads. // Binary data read. Body data = 1; } // Data written by Envoy to the transport socket. message Write { // Binary data written. Body data = 1; // Stream was half closed after this write. bool end_stream = 2; } // The connection was closed. message Closed { // TODO(mattklein123): Close event type. } // Timestamp for event. google.protobuf.Timestamp timestamp = 1; // Read or write with content as bytes string. oneof event_selector { Read read = 2; Write write = 3; Closed closed = 4; } } // Sequence of read/write events that constitute a buffered trace on a socket. // [#next-free-field: 6] message SocketBufferedTrace { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; // Connection properties. Connection connection = 2; // Sequence of observed events. repeated SocketEvent events = 3; // Set to true if read events were truncated due to the :ref:`max_buffered_rx_bytes // ` setting. bool read_truncated = 4; // Set to true if write events were truncated due to the :ref:`max_buffered_tx_bytes // ` setting. bool write_truncated = 5; } // A streamed socket trace segment. Multiple segments make up a full trace. message SocketStreamedTraceSegment { // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; oneof message_piece { // Connection properties. Connection connection = 2; // Socket event. SocketEvent event = 3; } } ================================================ FILE: generated_api_shadow/envoy/data/tap/v2alpha/wrapper.proto ================================================ syntax = "proto3"; package envoy.data.tap.v2alpha; import "envoy/data/tap/v2alpha/http.proto"; import "envoy/data/tap/v2alpha/transport.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v2alpha"; option java_outer_classname = "WrapperProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap data wrappers] // Wrapper for all fully buffered and streamed tap traces that Envoy emits. This is required for // sending traces over gRPC APIs or more easily persisting binary messages to files. message TraceWrapper { oneof trace { option (validate.required) = true; // An HTTP buffered tap trace. HttpBufferedTrace http_buffered_trace = 1; // An HTTP streamed tap trace segment. HttpStreamedTraceSegment http_streamed_trace_segment = 2; // A socket buffered tap trace. SocketBufferedTrace socket_buffered_trace = 3; // A socket streamed tap trace segment. SocketStreamedTraceSegment socket_streamed_trace_segment = 4; } } ================================================ FILE: generated_api_shadow/envoy/data/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/data/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap common data] // Wrapper for tapped body data. This includes HTTP request/response body, transport socket received // and transmitted data, etc. message Body { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.Body"; oneof body_type { // Body data as bytes. By default, tap body data will be present in this field, as the proto // `bytes` type can contain any valid byte. bytes as_bytes = 1; // Body data as string. This field is only used when the :ref:`JSON_BODY_AS_STRING // ` sink // format type is selected. See the documentation for that option for why this is useful. string as_string = 2; } // Specifies whether body data has been truncated to fit within the specified // :ref:`max_buffered_rx_bytes // ` and // :ref:`max_buffered_tx_bytes // ` settings. bool truncated = 3; } ================================================ FILE: generated_api_shadow/envoy/data/tap/v3/http.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP tap data] // A fully buffered HTTP trace message. message HttpBufferedTrace { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpBufferedTrace"; // HTTP message wrapper. message Message { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpBufferedTrace.Message"; // Message headers. repeated config.core.v3.HeaderValue headers = 1; // Message body. Body body = 2; // Message trailers. repeated config.core.v3.HeaderValue trailers = 3; } // Request message. Message request = 1; // Response message. Message response = 2; } // A streamed HTTP trace segment. Multiple segments make up a full trace. // [#next-free-field: 8] message HttpStreamedTraceSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.HttpStreamedTraceSegment"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. uint64 trace_id = 1; oneof message_piece { // Request headers. config.core.v3.HeaderMap request_headers = 2; // Request body chunk. Body request_body_chunk = 3; // Request trailers. config.core.v3.HeaderMap request_trailers = 4; // Response headers. config.core.v3.HeaderMap response_headers = 5; // Response body chunk. Body response_body_chunk = 6; // Response trailers. config.core.v3.HeaderMap response_trailers = 7; } } ================================================ FILE: generated_api_shadow/envoy/data/tap/v3/transport.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/config/core/v3/address.proto"; import "envoy/data/tap/v3/common.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "TransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Transport tap data] // Trace format for the tap transport socket extension. This dumps plain text read/write // sequences on a socket. // Connection properties. message Connection { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.Connection"; // Local address. config.core.v3.Address local_address = 2; // Remote address. config.core.v3.Address remote_address = 3; } // Event in a socket trace. message SocketEvent { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent"; // Data read by Envoy from the transport socket. message Read { // TODO(htuch): Half-close for reads. option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Read"; // Binary data read. Body data = 1; } // Data written by Envoy to the transport socket. message Write { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Write"; // Binary data written. Body data = 1; // Stream was half closed after this write. bool end_stream = 2; } // The connection was closed. message Closed { // TODO(mattklein123): Close event type. option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketEvent.Closed"; } // Timestamp for event. google.protobuf.Timestamp timestamp = 1; // Read or write with content as bytes string. oneof event_selector { Read read = 2; Write write = 3; Closed closed = 4; } } // Sequence of read/write events that constitute a buffered trace on a socket. // [#next-free-field: 6] message SocketBufferedTrace { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketBufferedTrace"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; // Connection properties. Connection connection = 2; // Sequence of observed events. repeated SocketEvent events = 3; // Set to true if read events were truncated due to the :ref:`max_buffered_rx_bytes // ` setting. bool read_truncated = 4; // Set to true if write events were truncated due to the :ref:`max_buffered_tx_bytes // ` setting. bool write_truncated = 5; } // A streamed socket trace segment. Multiple segments make up a full trace. message SocketStreamedTraceSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.SocketStreamedTraceSegment"; // Trace ID unique to the originating Envoy only. Trace IDs can repeat and should not be used // for long term stable uniqueness. Matches connection IDs used in Envoy logs. uint64 trace_id = 1; oneof message_piece { // Connection properties. Connection connection = 2; // Socket event. SocketEvent event = 3; } } ================================================ FILE: generated_api_shadow/envoy/data/tap/v3/wrapper.proto ================================================ syntax = "proto3"; package envoy.data.tap.v3; import "envoy/data/tap/v3/http.proto"; import "envoy/data/tap/v3/transport.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.data.tap.v3"; option java_outer_classname = "WrapperProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap data wrappers] // Wrapper for all fully buffered and streamed tap traces that Envoy emits. This is required for // sending traces over gRPC APIs or more easily persisting binary messages to files. message TraceWrapper { option (udpa.annotations.versioning).previous_message_type = "envoy.data.tap.v2alpha.TraceWrapper"; oneof trace { option (validate.required) = true; // An HTTP buffered tap trace. HttpBufferedTrace http_buffered_trace = 1; // An HTTP streamed tap trace segment. HttpStreamedTraceSegment http_streamed_trace_segment = 2; // A socket buffered tap trace. SocketBufferedTrace socket_buffered_trace = 3; // A socket streamed tap trace segment. SocketStreamedTraceSegment socket_streamed_trace_segment = 4; } } ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/file/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/file/v3/file.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.file.v3; import "envoy/config/core/v3/substitution_format_string.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.file.v3"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. // [#next-free-field: 6] message FileAccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.FileAccessLog"; // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_len: 1}]; oneof access_log_format { // Access log :ref:`format string`. // Envoy supports :ref:`custom access log formats ` as well as a // :ref:`default format `. // This field is deprecated. // Please use :ref:`log_format `. string format = 2 [deprecated = true]; // Access log :ref:`format dictionary`. All values // are rendered as strings. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct json_format = 3 [deprecated = true]; // Access log :ref:`format dictionary`. Values are // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the // documentation for a specific command operator for details. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct typed_json_format = 4 [deprecated = true]; // Configuration to form access log data and format. // If not specified, use :ref:`default format `. config.core.v3.SubstitutionFormatString log_format = 5 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/file/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/access_loggers/file/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/file/v4alpha/file.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.file.v4alpha; import "envoy/config/core/v4alpha/substitution_format_string.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.file.v4alpha"; option java_outer_classname = "FileProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: File access log] // [#extension: envoy.access_loggers.file] // Custom configuration for an :ref:`AccessLog ` // that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* // AccessLog. // [#next-free-field: 6] message FileAccessLog { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.access_loggers.file.v3.FileAccessLog"; // A path to a local file to which to write the access log entries. string path = 1 [(validate.rules).string = {min_len: 1}]; oneof access_log_format { // Access log :ref:`format string`. // Envoy supports :ref:`custom access log formats ` as well as a // :ref:`default format `. // This field is deprecated. // Please use :ref:`log_format `. string hidden_envoy_deprecated_format = 2 [deprecated = true]; // Access log :ref:`format dictionary`. All values // are rendered as strings. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct hidden_envoy_deprecated_json_format = 3 [deprecated = true]; // Access log :ref:`format dictionary`. Values are // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the // documentation for a specific command operator for details. // This field is deprecated. // Please use :ref:`log_format `. google.protobuf.Struct hidden_envoy_deprecated_typed_json_format = 4 [deprecated = true]; // Configuration to form access log data and format. // If not specified, use :ref:`default format `. config.core.v4alpha.SubstitutionFormatString log_format = 5 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/als.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.grpc.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.grpc.v3"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Configuration for the built-in *envoy.access_loggers.http_grpc* // :ref:`AccessLog `. This configuration will // populate :ref:`StreamAccessLogsMessage.http_logs // `. // [#extension: envoy.access_loggers.http_grpc] message HttpGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.HttpGrpcAccessLogConfig"; CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; // Additional request headers to log in :ref:`HTTPRequestProperties.request_headers // `. repeated string additional_request_headers_to_log = 2; // Additional response headers to log in :ref:`HTTPResponseProperties.response_headers // `. repeated string additional_response_headers_to_log = 3; // Additional response trailers to log in :ref:`HTTPResponseProperties.response_trailers // `. repeated string additional_response_trailers_to_log = 4; } // Configuration for the built-in *envoy.access_loggers.tcp_grpc* type. This configuration will // populate *StreamAccessLogsMessage.tcp_logs*. // [#extension: envoy.access_loggers.tcp_grpc] message TcpGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.TcpGrpcAccessLogConfig"; CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; } // Common configuration for gRPC access logs. // [#next-free-field: 7] message CommonGrpcAccessLogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.accesslog.v2.CommonGrpcAccessLogConfig"; // The friendly name of the access log to be returned in :ref:`StreamAccessLogsMessage.Identifier // `. This allows the // access log server to differentiate between different access logs coming from the same Envoy. string log_name = 1 [(validate.rules).string = {min_len: 1}]; // The gRPC service for the access log service. config.core.v3.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; // API version for access logs service transport protocol. This describes the access logs service // gRPC endpoint and version of messages used on the wire. config.core.v3.ApiVersion transport_api_version = 6 [(validate.rules).enum = {defined_only: true}]; // Interval for flushing access logs to the gRPC stream. Logger will flush requests every time // this interval is elapsed, or when batch size limit is hit, whichever comes first. Defaults to // 1 second. google.protobuf.Duration buffer_flush_interval = 3 [(validate.rules).duration = {gt {}}]; // Soft size limit in bytes for access log entries buffer. Logger will buffer requests until // this limit it hit, or every time flush interval is elapsed, whichever comes first. Setting it // to zero effectively disables the batching. Defaults to 16384. google.protobuf.UInt32Value buffer_size_bytes = 4; // Additional filter state objects to log in :ref:`filter_state_objects // `. // Logger will call `FilterState::Object::serializeAsProto` to serialize the filter state object. repeated string filter_state_objects_to_log = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/access_loggers/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.access_loggers.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.access_loggers.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm access log] // [#extension: envoy.access_loggers.wasm] // Custom configuration for an :ref:`AccessLog ` // that calls into a WASM VM. Configures the built-in *envoy.access_loggers.wasm* // AccessLog. message WasmAccessLog { envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/aggregate/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/aggregate/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/aggregate/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.aggregate.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.aggregate.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Aggregate cluster configuration] // Configuration for the aggregate cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.aggregate] message ClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.aggregate.v2alpha.ClusterConfig"; // Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they // appear in this list. repeated string clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.dynamic_forward_proxy.v3; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.dynamic_forward_proxy.v3"; option java_outer_classname = "ClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy cluster configuration] // Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.clusters.dynamic_forward_proxy] message ClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig"; // The DNS cache configuration that the cluster will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy HTTP filter configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; // If true allow the cluster configuration to disable the auto_sni and auto_san_validation options // in the :ref:`cluster's upstream_http_protocol_options // ` bool allow_insecure_cluster_options = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/redis/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/redis:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/clusters/redis/v3/redis_cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.clusters.redis.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.clusters.redis.v3"; option java_outer_classname = "RedisClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis Cluster Configuration] // This cluster adds support for `Redis Cluster `_, as part // of :ref:`Envoy's support for Redis Cluster `. // // Redis Cluster is an extension of Redis which supports sharding and high availability (where a // shard that loses its primary fails over to a replica, and designates it as the new primary). // However, as there is no unified frontend or proxy service in front of Redis Cluster, the client // (in this case Envoy) must locally maintain the state of the Redis Cluster, specifically the // topology. A random node in the cluster is queried for the topology using the `CLUSTER SLOTS // command `_. This result is then stored locally, and // updated at user-configured intervals. // // Additionally, if // :ref:`enable_redirection` // is true, then moved and ask redirection errors from upstream servers will trigger a topology // refresh when they exceed a user-configured error threshold. // // Example: // // .. code-block:: yaml // // name: name // connect_timeout: 0.25s // dns_lookup_family: V4_ONLY // hosts: // - socket_address: // address: foo.bar.com // port_value: 22120 // cluster_type: // name: envoy.clusters.redis // typed_config: // "@type": type.googleapis.com/google.protobuf.Struct // value: // cluster_refresh_rate: 30s // cluster_refresh_timeout: 0.5s // redirect_refresh_interval: 10s // redirect_refresh_threshold: 10 // [#extension: envoy.clusters.redis] // [#next-free-field: 7] message RedisClusterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.redis.RedisClusterConfig"; // Interval between successive topology refresh requests. If not set, this defaults to 5s. google.protobuf.Duration cluster_refresh_rate = 1 [(validate.rules).duration = {gt {}}]; // Timeout for topology refresh request. If not set, this defaults to 3s. google.protobuf.Duration cluster_refresh_timeout = 2 [(validate.rules).duration = {gt {}}]; // The minimum interval that must pass after triggering a topology refresh request before a new // request can possibly be triggered again. Any errors received during one of these // time intervals are ignored. If not set, this defaults to 5s. google.protobuf.Duration redirect_refresh_interval = 3; // The number of redirection errors that must be received before // triggering a topology refresh request. If not set, this defaults to 5. // If this is set to 0, topology refresh after redirect is disabled. google.protobuf.UInt32Value redirect_refresh_threshold = 4; // The number of failures that must be received before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to failure. uint32 failure_refresh_threshold = 5; // The number of hosts became degraded or unhealthy before triggering a topology refresh request. // If not set, this defaults to 0, which disables the topology refresh due to degraded or // unhealthy host. uint32 host_degraded_refresh_threshold = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/cluster/v3:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto ================================================ syntax = "proto3"; package envoy.extensions.common.dynamic_forward_proxy.v3; import "envoy/config/cluster/v3/cluster.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.dynamic_forward_proxy.v3"; option java_outer_classname = "DnsCacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy common configuration] // Configuration of circuit breakers for resolver. message DnsCacheCircuitBreakers { // The maximum number of pending requests that Envoy will allow to the // resolver. If not specified, the default is 1024. google.protobuf.UInt32Value max_pending_requests = 1; } // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. // [#next-free-field: 9] message DnsCacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.dynamic_forward_proxy.v2alpha.DnsCacheConfig"; // The name of the cache. Multiple named caches allow independent dynamic forward proxy // configurations to operate within a single Envoy process using different configurations. All // configurations with the same name *must* otherwise have the same settings when referenced // from different configuration components. Configuration will fail to load if this is not // the case. string name = 1 [(validate.rules).string = {min_len: 1}]; // The DNS lookup family to use during resolution. // // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and // then configures a host to have a primary and fall back address. With this, we could very // likely build a "happy eyeballs" connection pool which would race the primary / fall back // address and return the one that wins. This same method could potentially also be used for // QUIC to TCP fall back.] config.cluster.v3.Cluster.DnsLookupFamily dns_lookup_family = 2 [(validate.rules).enum = {defined_only: true}]; // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. // // .. note: // // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be // added in a future change. // // .. note: // // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gte {nanos: 1000000}}]; // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // // .. note: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // // .. note: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // // .. note: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured // value depending on timing. This is similar to how other circuit breakers work. google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; // If the DNS failure refresh rate is specified, // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is // not specified, the failure refresh rate defaults to the dns_refresh_rate. config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6; // The config of circuit breakers for resolver. It provides a configurable threshold. // If `envoy.reloadable_features.enable_dns_cache_circuit_breakers` is enabled, // envoy will use dns cache circuit breakers with default settings even if this value is not set. DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. bool use_tcp_for_dns_lookups = 8; } ================================================ FILE: generated_api_shadow/envoy/extensions/common/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/ratelimit:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/common/ratelimit/v3/ratelimit.proto ================================================ syntax = "proto3"; package envoy.extensions.common.ratelimit.v3; import "envoy/type/v3/ratelimit_unit.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.ratelimit.v3"; option java_outer_classname = "RatelimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common rate limit components] // A RateLimitDescriptor is a list of hierarchical entries that are used by the service to // determine the final rate limit key and overall allowed limit. Here are some examples of how // they might be used for the domain "envoy". // // .. code-block:: cpp // // ["authenticated": "false"], ["remote_address": "10.0.0.1"] // // What it does: Limits all unauthenticated traffic for the IP address 10.0.0.1. The // configuration supplies a default limit for the *remote_address* key. If there is a desire to // raise the limit for 10.0.0.1 or block it entirely it can be specified directly in the // configuration. // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"] // // What it does: Limits all unauthenticated traffic globally for a specific path (or prefix if // configured that way in the service). // // .. code-block:: cpp // // ["authenticated": "false"], ["path": "/foo/bar"], ["remote_address": "10.0.0.1"] // // What it does: Limits unauthenticated traffic to a specific path for a specific IP address. // Like (1) we can raise/block specific IP addresses if we want with an override configuration. // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"] // // What it does: Limits all traffic for an authenticated client "foo" // // .. code-block:: cpp // // ["authenticated": "true"], ["client_id": "foo"], ["path": "/foo/bar"] // // What it does: Limits traffic to a specific path for an authenticated client "foo" // // The idea behind the API is that (1)/(2)/(3) and (4)/(5) can be sent in 1 request if desired. // This enables building complex application scenarios with a generic backend. // // Optionally the descriptor can contain a limit override under a "limit" key, that specifies // the number of requests per unit to use instead of the number configured in the // rate limiting service. message RateLimitDescriptor { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ratelimit.RateLimitDescriptor"; message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.ratelimit.RateLimitDescriptor.Entry"; // Descriptor key. string key = 1 [(validate.rules).string = {min_len: 1}]; // Descriptor value. string value = 2 [(validate.rules).string = {min_len: 1}]; } // Override rate limit to apply to this descriptor instead of the limit // configured in the rate limit service. See :ref:`rate limit override // ` for more information. message RateLimitOverride { // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. type.v3.RateLimitUnit unit = 2 [(validate.rules).enum = {defined_only: true}]; } // Descriptor entries. repeated Entry entries = 1 [(validate.rules).repeated = {min_items: 1}]; // Optional rate limit override to supply to the ratelimit service. RateLimitOverride limit = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/common/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/common/tap/v3/common.proto ================================================ syntax = "proto3"; package envoy.extensions.common.tap.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/tap/v3/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.tap.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.CommonExtensionConfig"; // [#not-implemented-hide:] message TapDSConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.CommonExtensionConfig.TapDSConfig"; // Configuration for the source of TapDS updates for this Cluster. config.core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // Tap config to request from XDS server. string name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for TAP. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator tap_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. config.tap.v3.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.tap.v2alpha.AdminConfig"; // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/common/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/tap/v4alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/common/tap/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.extensions.common.tap.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/tap/v4alpha/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.common.tap.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common tap extension configuration] // Common configuration for all tap extensions. message CommonExtensionConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.CommonExtensionConfig"; // [#not-implemented-hide:] message TapDSConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.CommonExtensionConfig.TapDSConfig"; // Configuration for the source of TapDS updates for this Cluster. config.core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; oneof name_specifier { // Tap config to request from XDS server. string name = 2; // Resource locator for TAP. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator tap_resource_locator = 3; } } oneof config_type { option (validate.required) = true; // If specified, the tap filter will be configured via an admin handler. AdminConfig admin_config = 1; // If specified, the tap filter will be configured via a static configuration that cannot be // changed. config.tap.v4alpha.TapConfig static_config = 2; // [#not-implemented-hide:] Configuration to use for TapDS updates for the filter. TapDSConfig tapds_config = 3; } } // Configuration for the admin handler. See :ref:`here ` for // more information. message AdminConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.common.tap.v3.AdminConfig"; // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is // matched to the configured filter opaque ID to determine which filter to configure. string config_id = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/compression/gzip/compressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/compression/gzip/compressor/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.compression.gzip.compressor.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.compression.gzip.compressor.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip Compressor] // [#extension: envoy.compression.gzip.compressor] // [#next-free-field: 6] message Gzip { // All the values of this enumeration translate directly to zlib's compression strategies. // For more information about each strategy, please refer to zlib manual. enum CompressionStrategy { DEFAULT_STRATEGY = 0; FILTERED = 1; HUFFMAN_ONLY = 2; RLE = 3; FIXED = 4; } enum CompressionLevel { option allow_alias = true; DEFAULT_COMPRESSION = 0; BEST_SPEED = 1; COMPRESSION_LEVEL_1 = 1; COMPRESSION_LEVEL_2 = 2; COMPRESSION_LEVEL_3 = 3; COMPRESSION_LEVEL_4 = 4; COMPRESSION_LEVEL_5 = 5; COMPRESSION_LEVEL_6 = 6; COMPRESSION_LEVEL_7 = 7; COMPRESSION_LEVEL_8 = 8; COMPRESSION_LEVEL_9 = 9; BEST_COMPRESSION = 9; } // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST_COMPRESSION" provides higher compression // at the cost of higher latency and is equal to "COMPRESSION_LEVEL_9". "BEST_SPEED" provides // lower compression with minimum impact on response time, the same as "COMPRESSION_LEVEL_1". // "DEFAULT_COMPRESSION" provides an optimal result between speed and compression. According // to zlib's manual this level gives the same result as "COMPRESSION_LEVEL_6". // This field will be set to "DEFAULT_COMPRESSION" if not specified. CompressionLevel compression_level = 2 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT_STRATEGY" will be the best choice, // which is also the default value for the parameter, though there are situations when // changing this parameter might produce better results. For example, run-length encoding (RLE) // is typically used when the content is known for having sequences which same data occurs many // consecutive times. For more information about each strategy, please refer to zlib manual. CompressionStrategy compression_strategy = 3 [(validate.rules).enum = {defined_only: true}]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 4 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Value for Zlib's next output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. Also see // https://github.com/envoyproxy/envoy/issues/8448 for context on this filter's performance. google.protobuf.UInt32Value chunk_size = 5 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/compression/gzip/decompressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.compression.gzip.decompressor.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.compression.gzip.decompressor.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip Decompressor] // [#extension: envoy.compression.gzip.decompressor] message Gzip { // Value from 9 to 15 that represents the base two logarithmic of the decompressor's window size. // The decompression window size needs to be equal or larger than the compression window size. // The default is 12 to match the default in the // :ref:`gzip compressor `. // For more details about this parameter, please refer to `zlib manual `_ > inflateInit2. google.protobuf.UInt32Value window_bits = 1 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Value for zlib's decompressor output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. google.protobuf.UInt32Value chunk_size = 2 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/common/fault/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/filter/fault/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/common/fault/v3/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.common.fault.v3; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.common.fault.v3"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common fault injection types] // Delay specification is used to inject latency into the // HTTP/gRPC/Mongo/Redis operation or delay proxying of TCP connections. // [#next-free-field: 6] message FaultDelay { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultDelay"; enum FaultDelayType { // Unused and deprecated. FIXED = 0; } // Fault delays are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderDelay { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultDelay.HeaderDelay"; } reserved 2; oneof fault_delay_secifier { option (validate.required) = true; // Add a fixed delay before forwarding the operation upstream. See // https://developers.google.com/protocol-buffers/docs/proto3#json for // the JSON/YAML Duration mapping. For HTTP/Mongo/Redis, the specified // delay will be injected before a new request/operation. For TCP // connections, the proxying of the connection upstream will be delayed // for the specified period. This is required if type is FIXED. google.protobuf.Duration fixed_delay = 3 [(validate.rules).duration = {gt {}}]; // Fault delays are controlled via an HTTP header (if applicable). HeaderDelay header_delay = 5; } // The percentage of operations/connections/requests on which the delay will be injected. type.v3.FractionalPercent percentage = 4; FaultDelayType hidden_envoy_deprecated_type = 1 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Describes a rate limit to be applied. message FaultRateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit"; // Describes a fixed/constant rate limit. message FixedLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit.FixedLimit"; // The limit supplied in KiB/s. uint64 limit_kbps = 1 [(validate.rules).uint64 = {gte: 1}]; } // Rate limits are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.fault.v2.FaultRateLimit.HeaderLimit"; } oneof limit_type { option (validate.required) = true; // A fixed rate limit. FixedLimit fixed_limit = 1; // Rate limits are controlled via an HTTP header (if applicable). HeaderLimit header_limit = 3; } // The percentage of operations/connections/requests on which the rate limit will be injected. type.v3.FractionalPercent percentage = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.adaptive_concurrency.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.adaptive_concurrency.v3"; option java_outer_classname = "AdaptiveConcurrencyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Adaptive Concurrency] // Adaptive Concurrency Control :ref:`configuration overview // `. // [#extension: envoy.filters.http.adaptive_concurrency] // Configuration parameters for the gradient controller. message GradientControllerConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig"; // Parameters controlling the periodic recalculation of the concurrency limit from sampled request // latencies. message ConcurrencyLimitCalculationParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig." "ConcurrencyLimitCalculationParams"; // The allowed upper-bound on the calculated concurrency limit. Defaults to 1000. google.protobuf.UInt32Value max_concurrency_limit = 2 [(validate.rules).uint32 = {gt: 0}]; // The period of time samples are taken to recalculate the concurrency limit. google.protobuf.Duration concurrency_update_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } // Parameters controlling the periodic minRTT recalculation. // [#next-free-field: 6] message MinimumRTTCalculationParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.GradientControllerConfig." "MinimumRTTCalculationParams"; // The time interval between recalculating the minimum request round-trip time. Has to be // positive. google.protobuf.Duration interval = 1 [(validate.rules).duration = { required: true gte {nanos: 1000000} }]; // The number of requests to aggregate/sample during the minRTT recalculation window before // updating. Defaults to 50. google.protobuf.UInt32Value request_count = 2 [(validate.rules).uint32 = {gt: 0}]; // Randomized time delta that will be introduced to the start of the minRTT calculation window. // This is represented as a percentage of the interval duration. Defaults to 15%. // // Example: If the interval is 10s and the jitter is 15%, the next window will begin // somewhere in the range (10s - 11.5s). type.v3.Percent jitter = 3; // The concurrency limit set while measuring the minRTT. Defaults to 3. google.protobuf.UInt32Value min_concurrency = 4 [(validate.rules).uint32 = {gt: 0}]; // Amount added to the measured minRTT to add stability to the concurrency limit during natural // variability in latency. This is expressed as a percentage of the measured value and can be // adjusted to allow more or less tolerance to the sampled latency values. // // Defaults to 25%. type.v3.Percent buffer = 5; } // The percentile to use when summarizing aggregated samples. Defaults to p50. type.v3.Percent sample_aggregate_percentile = 1; ConcurrencyLimitCalculationParams concurrency_limit_params = 2 [(validate.rules).message = {required: true}]; MinimumRTTCalculationParams min_rtt_calc_params = 3 [(validate.rules).message = {required: true}]; } message AdaptiveConcurrency { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.adaptive_concurrency.v2alpha.AdaptiveConcurrency"; oneof concurrency_controller_config { option (validate.required) = true; // Gradient concurrency control will be used. GradientControllerConfig gradient_controller_config = 1 [(validate.rules).message = {required: true}]; } // If set to false, the adaptive concurrency filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.admission_control.v3alpha; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/range.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "google/rpc/status.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.admission_control.v3alpha"; option java_outer_classname = "AdmissionControlProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Admission Control] // [#extension: envoy.filters.http.admission_control] // [#next-free-field: 6] message AdmissionControl { // Default method of specifying what constitutes a successful request. All status codes that // indicate a successful request must be explicitly specified if not relying on the default // values. message SuccessCriteria { message HttpCriteria { // Status code ranges that constitute a successful request. Configurable codes are in the // range [100, 600). repeated type.v3.Int32Range http_success_status = 1 [(validate.rules).repeated = {min_items: 1}]; } message GrpcCriteria { // Status codes that constitute a successful request. // Mappings can be found at: https://github.com/grpc/grpc/blob/master/doc/statuscodes.md. repeated uint32 grpc_success_status = 1 [(validate.rules).repeated = {min_items: 1}]; } // If HTTP criteria are unspecified, all HTTP status codes below 500 are treated as successful // responses. // // .. note:: // // The default HTTP codes considered successful by the admission controller are done so due // to the unlikelihood that sending fewer requests would change their behavior (for example: // redirects, unauthorized access, or bad requests won't be alleviated by sending less // traffic). HttpCriteria http_criteria = 1; // GRPC status codes to consider as request successes. If unspecified, defaults to: Ok, // Cancelled, Unknown, InvalidArgument, NotFound, AlreadyExists, Unauthenticated, // FailedPrecondition, OutOfRange, PermissionDenied, and Unimplemented. // // .. note:: // // The default gRPC codes that are considered successful by the admission controller are // chosen because of the unlikelihood that sending fewer requests will change the behavior. GrpcCriteria grpc_criteria = 2; } // If set to false, the admission control filter will operate as a pass-through filter. If the // message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 1; // Defines how a request is considered a success/failure. oneof evaluation_criteria { option (validate.required) = true; SuccessCriteria success_criteria = 2; } // The sliding time window over which the success rate is calculated. The window is rounded to the // nearest second. Defaults to 30s. google.protobuf.Duration sampling_window = 3; // Rejection probability is defined by the formula:: // // max(0, (rq_count - rq_success_count / sr_threshold) / (rq_count + 1)) ^ (1 / aggression) // // The aggression dictates how heavily the admission controller will throttle requests upon SR // dropping at or below the threshold. A value of 1 will result in a linear increase in // rejection probability as SR drops. Any values less than 1.0, will be set to 1.0. If the // message is unspecified, the aggression is 1.0. See `the admission control documentation // `_ // for a diagram illustrating this. config.core.v3.RuntimeDouble aggression = 4; // Dictates the success rate at which the rejection probability is non-zero. As success rate drops // below this threshold, rejection probability will increase. Any success rate above the threshold // results in a rejection probability of 0. Defaults to 95%. config.core.v3.RuntimePercent sr_threshold = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.aws_lambda.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.aws_lambda.v3"; option java_outer_classname = "AwsLambdaProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AWS Lambda] // AWS Lambda :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_lambda] // AWS Lambda filter config message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_lambda.v2alpha.Config"; enum InvocationMode { // This is the more common mode of invocation, in which Lambda responds after it has completed the function. In // this mode the output of the Lambda function becomes the response of the HTTP request. SYNCHRONOUS = 0; // In this mode Lambda responds immediately but continues to process the function asynchronously. This mode can be // used to signal events for example. In this mode, Lambda responds with an acknowledgment that it received the // call which is translated to an HTTP 200 OK by the filter. ASYNCHRONOUS = 1; } // The ARN of the AWS Lambda to invoke when the filter is engaged // Must be in the following format: // arn::lambda:::function: string arn = 1 [(validate.rules).string = {min_len: 1}]; // Whether to transform the request (headers and body) to a JSON payload or pass it as is. bool payload_passthrough = 2; // Determines the way to invoke the Lambda function. InvocationMode invocation_mode = 3 [(validate.rules).enum = {defined_only: true}]; } // Per-route configuration for AWS Lambda. This can be useful when invoking a different Lambda function or a different // version of the same Lambda depending on the route. message PerRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_lambda.v2alpha.PerRouteConfig"; Config invoke_config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.aws_request_signing.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.aws_request_signing.v3"; option java_outer_classname = "AwsRequestSigningProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: AwsRequestSigning] // AwsRequestSigning :ref:`configuration overview `. // [#extension: envoy.filters.http.aws_request_signing] // Top level configuration for the AWS request signing filter. message AwsRequestSigning { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.aws_request_signing.v2alpha.AwsRequestSigning"; // The `service namespace // `_ // of the HTTP endpoint. // // Example: s3 string service_name = 1 [(validate.rules).string = {min_len: 1}]; // The `region `_ hosting the HTTP // endpoint. // // Example: us-west-2 string region = 2 [(validate.rules).string = {min_len: 1}]; // Indicates that before signing headers, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both signing and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for signing whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/buffer/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/buffer/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/buffer/v3/buffer.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.buffer.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.buffer.v3"; option java_outer_classname = "BufferProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Buffer] // Buffer :ref:`configuration overview `. // [#extension: envoy.filters.http.buffer] message Buffer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.buffer.v2.Buffer"; reserved 2; // The maximum request size that the filter will buffer before the connection // manager will stop buffering and return a 413 response. google.protobuf.UInt32Value max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}, (validate.rules).message = {required: true}]; } message BufferPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.buffer.v2.BufferPerRoute"; oneof override { option (validate.required) = true; // Disable the buffer filter for this particular vhost or route. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Override the global configuration of the filter with this new config. Buffer buffer = 2 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/cache.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cache.v3alpha; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cache.v3alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cache.v2alpha.CacheConfig"; // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cache.v2alpha.CacheConfig.KeyCreatorParams"; // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated config.route.v3.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated config.route.v3.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.v3.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cache/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cache/v4alpha/cache.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cache.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cache.v4alpha"; option java_outer_classname = "CacheProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP Cache Filter] // [#extension: envoy.filters.http.cache] message CacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.cache.v3alpha.CacheConfig"; // [#not-implemented-hide:] // Modifies cache key creation by restricting which parts of the URL are included. message KeyCreatorParams { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.cache.v3alpha.CacheConfig.KeyCreatorParams"; // If true, exclude the URL scheme from the cache key. Set to true if your origins always // produce the same response for http and https requests. bool exclude_scheme = 1; // If true, exclude the host from the cache key. Set to true if your origins' responses don't // ever depend on host. bool exclude_host = 2; // If *query_parameters_included* is nonempty, only query parameters matched // by one or more of its matchers are included in the cache key. Any other // query params will not affect cache lookup. repeated config.route.v4alpha.QueryParameterMatcher query_parameters_included = 3; // If *query_parameters_excluded* is nonempty, query parameters matched by one // or more of its matchers are excluded from the cache key (even if also // matched by *query_parameters_included*), and will not affect cache lookup. repeated config.route.v4alpha.QueryParameterMatcher query_parameters_excluded = 4; } // Config specific to the cache storage implementation. google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; // List of matching rules that defines allowed *Vary* headers. // // The *vary* response header holds a list of header names that affect the // contents of a response, as described by // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. // // During insertion, *allowed_vary_headers* acts as a allowlist: if a // response's *vary* header mentions any header names that aren't matched by any rules in // *allowed_vary_headers*, that response will not be cached. // // During lookup, *allowed_vary_headers* controls what request headers will be // sent to the cache storage implementation. repeated type.matcher.v4alpha.StringMatcher allowed_vary_headers = 2; // [#not-implemented-hide:] // // // Modifies cache key creation by restricting which parts of the URL are included. KeyCreatorParams key_creator_params = 3; // [#not-implemented-hide:] // // // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache // storage implementation may have its own limit beyond which it will reject insertions). uint32 max_body_bytes = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cdn_loop/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cdn_loop.v3alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cdn_loop.v3alpha"; option java_outer_classname = "CdnLoopProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP CDN-Loop Filter] // [#extension: envoy.filters.http.cdn_loop] // CDN-Loop Header filter config. See the :ref:`configuration overview // ` for more information. message CdnLoopConfig { // The CDN identifier to use for loop checks and to append to the // CDN-Loop header. // // RFC 8586 calls this the cdn-id. The cdn-id can either be a // pseudonym or hostname the CDN is in control of. // // cdn_id must not be empty. string cdn_id = 1 [(validate.rules).string = {min_len: 1}]; // The maximum allowed count of cdn_id in the downstream CDN-Loop // request header. // // The default of 0 means a request can transit the CdnLoopFilter // once. A value of 1 means that a request can transit the // CdnLoopFilter twice and so on. uint32 max_allowed_occurrences = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/compressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/compressor/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/compressor/v3/compressor.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.compressor.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "google/protobuf/any.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v3"; option java_outer_classname = "CompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Compressor] // Compressor :ref:`configuration overview `. // [#extension: envoy.filters.http.compressor] // [#next-free-field: 7] message Compressor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.compressor.v2.Compressor"; // Minimum response length, in bytes, which will trigger compression. The default value is 30. google.protobuf.UInt32Value content_length = 1; // Set of strings that allows specifying which mime-types yield compression; e.g., // application/json, text/html, etc. When this field is not defined, compression will be applied // to the following mime-types: "application/javascript", "application/json", // "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml" // and their synonyms. repeated string content_type = 2; // If true, disables compression when the response contains an etag header. When it is false, the // filter will preserve weak etags and remove the ones that require strong validation. bool disable_on_etag_header = 3; // If true, removes accept-encoding from the request headers before dispatching it to the upstream // so that responses do not get compressed before reaching the filter. // .. attention: // // To avoid interfering with other compression filters in the same chain use this option in // the filter closest to the upstream. bool remove_accept_encoding_header = 4; // Runtime flag that controls whether the filter is enabled or not. If set to false, the // filter will operate as a pass-through filter. If not specified, defaults to enabled. config.core.v3.RuntimeFeatureFlag runtime_enabled = 5; // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. config.core.v3.TypedExtensionConfig compressor_library = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cors/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/cors/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/cors/v3/cors.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.cors.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.cors.v3"; option java_outer_classname = "CorsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Cors] // CORS Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.cors] // Cors filter config. message Cors { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.cors.v2.Cors"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/csrf/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/csrf/v3/csrf.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.csrf.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.csrf.v3"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.csrf.v2.CsrfPolicy"; // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. config.core.v3.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. config.core.v3.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.v3.StringMatcher additional_origins = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/csrf/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/csrf/v4alpha/csrf.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.csrf.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.csrf.v4alpha"; option java_outer_classname = "CsrfProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: CSRF] // Cross-Site Request Forgery :ref:`configuration overview `. // [#extension: envoy.filters.http.csrf] // CSRF filter config. message CsrfPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.csrf.v3.CsrfPolicy"; // Specifies the % of requests for which the CSRF filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. config.core.v4alpha.RuntimeFractionalPercent filter_enabled = 1 [(validate.rules).message = {required: true}]; // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. config.core.v4alpha.RuntimeFractionalPercent shadow_enabled = 2; // Specifies additional source origins that will be allowed in addition to // the destination origin. // // More information on how this can be configured via runtime can be found // :ref:`here `. repeated type.matcher.v4alpha.StringMatcher additional_origins = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/decompressor/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/decompressor/v3/decompressor.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.decompressor.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/extension.proto"; import "google/protobuf/any.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.decompressor.v3"; option java_outer_classname = "DecompressorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Decompressor] // [#extension: envoy.filters.http.decompressor] message Decompressor { // Common configuration for filter behavior on both the request and response direction. message CommonDirectionConfig { // Runtime flag that controls whether the filter is enabled for decompression or not. If set to false, the // filter will operate as a pass-through filter. If the message is unspecified, the filter will be enabled. config.core.v3.RuntimeFeatureFlag enabled = 1; } // Configuration for filter behavior on the request direction. message RequestDirectionConfig { CommonDirectionConfig common_config = 1; // If set to true, and response decompression is enabled, the filter modifies the Accept-Encoding // request header by appending the decompressor_library's encoding. Defaults to true. google.protobuf.BoolValue advertise_accept_encoding = 2; } // Configuration for filter behavior on the response direction. message ResponseDirectionConfig { CommonDirectionConfig common_config = 1; } // A decompressor library to use for both request and response decompression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. config.core.v3.TypedExtensionConfig decompressor_library = 1 [(validate.rules).message = {required: true}]; // Configuration for request decompression. Decompression is enabled by default if left empty. RequestDirectionConfig request_direction_config = 2; // Configuration for response decompression. Decompression is enabled by default if left empty. ResponseDirectionConfig response_direction_config = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.dynamic_forward_proxy.v3; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamic_forward_proxy.v3"; option java_outer_classname = "DynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamic forward proxy] // Configuration for the dynamic forward proxy HTTP filter. See the :ref:`architecture overview // ` for more information. // [#extension: envoy.filters.http.dynamic_forward_proxy] message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamic_forward_proxy.v2alpha.FilterConfig"; // The DNS cache configuration that the filter will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy cluster configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } // Per route Configuration for the dynamic forward proxy HTTP filter. message PerRouteConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamic_forward_proxy.v2alpha.PerRouteConfig"; oneof host_rewrite_specifier { // Indicates that before DNS lookup, the host header will be swapped with // this value. If not set or empty, the original host header value // will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite ` given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite_literal = 1; // Indicates that before DNS lookup, the host header will be swapped with // the value of this header. If not set or empty, the original host header // value will be used and no rewrite will happen. // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with // :ref:`HCM host rewrite header ` // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. string host_rewrite_header = 2; } } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/dynamo/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/dynamo.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.dynamo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamo.v3"; option java_outer_classname = "DynamoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dynamo] // Dynamo :ref:`configuration overview `. // [#extension: envoy.filters.http.dynamo] // Dynamo filter config. message Dynamo { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.dynamo.v2.Dynamo"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ext_authz/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ext_authz/v3/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ext_authz.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 15] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.ExtAuthz"; // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). config.core.v3.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of messages used on the wire. config.core.v3.ApiVersion transport_api_version = 12 [(validate.rules).enum = {defined_only: true}]; // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.v3.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. config.core.v3.RuntimeFractionalPercent filter_enabled = 9; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v3.MetadataMatcher filter_enabled_metadata = 14; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. config.core.v3.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; // Optional additional prefix to use when emitting statistics. This allows to distinguish // emitted statistics between configured *ext_authz* filters in an HTTP filter chain. For example: // // .. code-block:: yaml // // http_filters: // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: waf # This emits ext_authz.waf.ok, ext_authz.waf.denied, etc. // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: blocker # This emits ext_authz.blocker.ok, ext_authz.blocker.denied, etc. // string stat_prefix = 13; bool hidden_envoy_deprecated_use_alpha = 4 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // Configuration for buffering the request data. message BufferSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.BufferSettings"; // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; // If true, the body sent to the external authorization service is set with raw bytes, it sets // the :ref:`raw_body` // field of HTTP request attribute context. Otherwise, :ref:` // body` will be filled // with UTF-8 string request body. bool pack_as_bytes = 3; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.HttpService"; reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. config.core.v3.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.AuthorizationRequest"; // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.v3.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated config.core.v3.HeaderValue headers_to_add = 2; } message AuthorizationResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.AuthorizationResponse"; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.v3.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that coexistent headers will be appended. type.matcher.v3.ListStringMatcher allowed_upstream_headers_to_append = 3; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.v3.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.ExtAuthzPerRoute"; oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. message CheckSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ext_authz.v2.CheckSettings"; // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // You can use this to provide extra context for the external authorization server on specific // virtual hosts/routes. For example, adding a context extension on the virtual host level can // give the ext-authz server information on what virtual host is used without needing to parse the // host header. If CheckSettings is specified in multiple per-filter-configs, they will be merged // in order, and the result will be used. // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; // When set to true, disable the configured :ref:`with_request_body // ` for a route. bool disable_request_body_buffering = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ext_authz/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ext_authz/v4alpha/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ext_authz.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ext_authz.v4alpha"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: External Authorization] // External Authorization :ref:`configuration overview `. // [#extension: envoy.filters.http.ext_authz] // [#next-free-field: 15] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.ExtAuthz"; reserved 4; reserved "use_alpha"; // External authorization service configuration. oneof services { // gRPC service configuration (default timeout: 200ms). config.core.v4alpha.GrpcService grpc_service = 1; // HTTP service configuration (default timeout: 200ms). HttpService http_service = 3; } // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of messages used on the wire. config.core.v4alpha.ApiVersion transport_api_version = 12 [(validate.rules).enum = {defined_only: true}]; // Changes filter's behaviour on errors: // // 1. When set to true, the filter will *accept* client request even if the communication with // the authorization service has failed, or if the authorization service has returned a HTTP 5xx // error. // // 2. When set to false, ext-authz will *reject* client requests and return a *Forbidden* // response if the communication with the authorization service has failed, or if the // authorization service has returned a HTTP 5xx error. // // Note that errors can be *always* tracked in the :ref:`stats // `. bool failure_mode_allow = 2; // Enables filter to buffer the client request body and send it within the authorization request. // A ``x-envoy-auth-partial-body: false|true`` metadata header will be added to the authorization // request message indicating if the body data is partial. BufferSettings with_request_body = 5; // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // bool clear_route_cache = 6; // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. type.v3.HttpStatus status_on_error = 7; // Specifies a list of metadata namespaces whose values, if present, will be passed to the // ext_authz service as an opaque *protobuf::Struct*. // // For example, if the *jwt_authn* filter is used and :ref:`payload_in_metadata // ` is set, // then the following will pass the jwt payload to the authorization server. // // .. code-block:: yaml // // metadata_context_namespaces: // - envoy.filters.http.jwt_authn // repeated string metadata_context_namespaces = 8; // Specifies if the filter is enabled. // // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // // If this field is not specified, the filter will be enabled for all requests. config.core.v4alpha.RuntimeFractionalPercent filter_enabled = 9; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v4alpha.MetadataMatcher filter_enabled_metadata = 14; // Specifies whether to deny the requests, when the filter is disabled. // If :ref:`runtime_key ` is specified, // Envoy will lookup the runtime key to determine whether to deny request for // filter protected path at filter disabling. If filter is disabled in // typed_per_filter_config for the path, requests will not be denied. // // If this field is not specified, all requests will be allowed when disabled. config.core.v4alpha.RuntimeFeatureFlag deny_at_disable = 11; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 10; // Optional additional prefix to use when emitting statistics. This allows to distinguish // emitted statistics between configured *ext_authz* filters in an HTTP filter chain. For example: // // .. code-block:: yaml // // http_filters: // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: waf # This emits ext_authz.waf.ok, ext_authz.waf.denied, etc. // - name: envoy.filters.http.ext_authz // typed_config: // "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz // stat_prefix: blocker # This emits ext_authz.blocker.ok, ext_authz.blocker.denied, etc. // string stat_prefix = 13; } // Configuration for buffering the request data. message BufferSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.BufferSettings"; // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow // `. uint32 max_request_bytes = 1 [(validate.rules).uint32 = {gt: 0}]; // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. bool allow_partial_message = 2; // If true, the body sent to the external authorization service is set with raw bytes, it sets // the :ref:`raw_body` // field of HTTP request attribute context. Otherwise, :ref:` // body` will be filled // with UTF-8 string request body. bool pack_as_bytes = 3; } // HttpService is used for raw HTTP communication between the filter and the authorization service. // When configured, the filter will parse the client request and use these attributes to call the // authorization server. Depending on the response, the filter may reject or accept the client // request. Note that in any of these events, metadata can be added, removed or overridden by the // filter: // // *On authorization request*, a list of allowed request headers may be supplied. See // :ref:`allowed_headers // ` // for details. Additional headers metadata may be added to the authorization request. See // :ref:`headers_to_add // ` for // details. // // On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and // additional headers metadata may be added to the original client request. See // :ref:`allowed_upstream_headers // ` // for details. // // On other authorization response statuses, the filter will not allow traffic. Additional headers // metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers // ` // for details. // [#next-free-field: 9] message HttpService { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.HttpService"; reserved 3, 4, 5, 6; // Sets the HTTP server URI which the authorization requests must be sent to. config.core.v4alpha.HttpUri server_uri = 1; // Sets a prefix to the value of authorization request header *Path*. string path_prefix = 2; // Settings used for controlling authorization request metadata. AuthorizationRequest authorization_request = 7; // Settings used for controlling authorization response metadata. AuthorizationResponse authorization_response = 8; } message AuthorizationRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.AuthorizationRequest"; // Authorization request will include the client request headers that have a correspondent match // in the :ref:`list `. Note that in addition to the // user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. However, the authorization request can include the buffered client request body // (controlled by :ref:`with_request_body // ` setting), // consequently the value of *Content-Length* of the authorization request reflects the size of // its payload size. // type.matcher.v4alpha.ListStringMatcher allowed_headers = 1; // Sets a list of headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. repeated config.core.v4alpha.HeaderValue headers_to_add = 2; } message AuthorizationResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.AuthorizationResponse"; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the original client request. // Note that coexistent headers will be overridden. type.matcher.v4alpha.ListStringMatcher allowed_upstream_headers = 1; // When this :ref:`list ` is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that coexistent headers will be appended. type.matcher.v4alpha.ListStringMatcher allowed_upstream_headers_to_append = 3; // When this :ref:`list `. is set, authorization // response headers that have a correspondent match will be added to the client's response. Note // that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added. type.matcher.v4alpha.ListStringMatcher allowed_client_headers = 2; } // Extra settings on a per virtualhost/route/weighted-cluster level. message ExtAuthzPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute"; oneof override { option (validate.required) = true; // Disable the ext auth filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // Check request settings for this route. CheckSettings check_settings = 2 [(validate.rules).message = {required: true}]; } } // Extra settings for the check request. message CheckSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.ext_authz.v3.CheckSettings"; // Context extensions to set on the CheckRequest's // :ref:`AttributeContext.context_extensions` // // You can use this to provide extra context for the external authorization server on specific // virtual hosts/routes. For example, adding a context extension on the virtual host level can // give the ext-authz server information on what virtual host is used without needing to parse the // host header. If CheckSettings is specified in multiple per-filter-configs, they will be merged // in order, and the result will be used. // // Merge semantics for this field are such that keys from more specific configs override. // // .. note:: // // These settings are only applied to a filter configured with a // :ref:`grpc_service`. map context_extensions = 1; // When set to true, disable the configured :ref:`with_request_body // ` for a route. bool disable_request_body_buffering = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/fault/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/fault/v3/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.fault.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.fault.v3"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] // [#next-free-field: 6] message FaultAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.FaultAbort"; // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.FaultAbort.HeaderAbort"; } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // gRPC status code to use to abort the gRPC request. uint32 grpc_status = 5; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.v3.FractionalPercent percentage = 3; } // [#next-free-field: 15] message HTTPFault { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.fault.v2.HTTPFault"; // If specified, the filter will inject delays based on the values in the // object. common.fault.v3.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated config.route.v3.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. common.fault.v3.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.grpc_status string abort_grpc_status_runtime = 14; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/fault/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/extensions/filters/http/fault/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/fault/v4alpha/fault.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.fault.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.fault.v4alpha"; option java_outer_classname = "FaultProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Fault Injection] // Fault Injection :ref:`configuration overview `. // [#extension: envoy.filters.http.fault] // [#next-free-field: 6] message FaultAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.FaultAbort"; // Fault aborts are controlled via an HTTP header (if applicable). See the // :ref:`HTTP fault filter ` documentation for // more information. message HeaderAbort { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.FaultAbort.HeaderAbort"; } reserved 1; oneof error_type { option (validate.required) = true; // HTTP status code to use to abort the HTTP request. uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // gRPC status code to use to abort the gRPC request. uint32 grpc_status = 5; // Fault aborts are controlled via an HTTP header (if applicable). HeaderAbort header_abort = 4; } // The percentage of requests/operations/connections that will be aborted with the error code // provided. type.v3.FractionalPercent percentage = 3; } // [#next-free-field: 15] message HTTPFault { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.fault.v3.HTTPFault"; // If specified, the filter will inject delays based on the values in the // object. common.fault.v3.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. FaultAbort abort = 2; // Specifies the name of the (destination) upstream cluster that the // filter should match on. Fault injection will be restricted to requests // bound to the specific upstream cluster. string upstream_cluster = 3; // Specifies a set of headers that the filter should match on. The fault // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percentage // ` field. // The filter will check the request's headers against all the specified // headers in the filter config. A match will happen if all the headers in the // config are present in the request with the same values (or based on // presence if the *value* field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. // Downstream node name is taken from :ref:`the HTTP // x-envoy-downstream-service-node // ` header and compared // against downstream_nodes list. repeated string downstream_nodes = 5; // The maximum number of faults that can be active at a single time via the configured fault // filter. Note that because this setting can be overridden at the route level, it's possible // for the number of active faults to be greater than this value (if injected via a different // route). If not specified, defaults to unlimited. This setting can be overridden via // `runtime ` and any faults that are not injected // due to overflow will be indicated via the `faults_overflow // ` stat. // // .. attention:: // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy // limit. It's possible for the number of active faults to rise slightly above the configured // amount due to the implementation details. google.protobuf.UInt32Value max_active_faults = 6; // The response rate limit to be applied to the response body of the stream. When configured, // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent // ` runtime key. // // .. attention:: // This is a per-stream limit versus a connection level limit. This means that concurrent streams // will each get an independent limit. common.fault.v3.FaultRateLimit response_rate_limit = 7; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_delay_percent string delay_percent_runtime = 8; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.abort_percent string abort_percent_runtime = 9; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.delay.fixed_duration_ms string delay_duration_runtime = 10; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.http_status string abort_http_status_runtime = 11; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.max_active_faults string max_active_faults_runtime = 12; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.rate_limit.response_percent string response_rate_limit_percent_runtime = 13; // The runtime key to override the :ref:`default ` // runtime. The default is: fault.http.abort.grpc_status string abort_grpc_status_runtime = 14; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_http1_bridge.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_http1_bridge.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC HTTP/1.1 Bridge] // gRPC HTTP/1.1 Bridge Filter :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_http1_bridge] // gRPC HTTP/1.1 Bridge filter config. message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_bridge.v2.Config"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC HTTP/1.1 Reverse Bridge] // gRPC HTTP/1.1 Reverse Bridge :ref:`configuration overview // `. // [#extension: envoy.filters.http.grpc_http1_reverse_bridge] // gRPC reverse bridge filter configuration message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1.FilterConfig"; // The content-type to pass to the upstream when the gRPC bridge filter is applied. // The filter will also validate that the upstream responds with the same content type. string content_type = 1 [(validate.rules).string = {min_len: 1}]; // If true, Envoy will assume that the upstream doesn't understand gRPC frames and // strip the gRPC frame from the request, and add it back in to the response. This will // hide the gRPC semantics from the upstream, allowing it to receive and respond with a // simple binary encoded protobuf. bool withhold_grpc_frames = 2; } // gRPC reverse bridge filter configuration per virtualhost/route/weighted-cluster level. message FilterConfigPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1.FilterConfigPerRoute"; // If true, disables gRPC reverse bridge filter for this particular vhost or route. // If disabled is specified in multiple per-filter-configs, the most specific one will be used. bool disabled = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/transcoder/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_json_transcoder.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_json_transcoder.v3"; option java_outer_classname = "TranscoderProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC-JSON transcoder] // gRPC-JSON transcoder :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_json_transcoder] // [#next-free-field: 10] message GrpcJsonTranscoder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.transcoder.v2.GrpcJsonTranscoder"; message PrintOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.transcoder.v2.GrpcJsonTranscoder.PrintOptions"; // Whether to add spaces, line breaks and indentation to make the JSON // output easy to read. Defaults to false. bool add_whitespace = 1; // Whether to always print primitive fields. By default primitive // fields with default values will be omitted in JSON output. For // example, an int32 field set to 0 will be omitted. Setting this flag to // true will override the default behavior and print primitive fields // regardless of their values. Defaults to false. bool always_print_primitive_fields = 2; // Whether to always print enums as ints. By default they are rendered // as strings. Defaults to false. bool always_print_enums_as_ints = 3; // Whether to preserve proto field names. By default protobuf will // generate JSON field names using the ``json_name`` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. bool preserve_proto_field_names = 4; } oneof descriptor_set { option (validate.required) = true; // Supplies the filename of // :ref:`the proto descriptor set ` for the gRPC // services. string proto_descriptor = 1; // Supplies the binary content of // :ref:`the proto descriptor set ` for the gRPC // services. bytes proto_descriptor_bin = 4; } // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than // the service names specified here, but they won't be translated. repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; // Control options for response JSON. These options are passed directly to // `JsonPrintOptions `_. PrintOptions print_options = 3; // Whether to keep the incoming request route after the outgoing headers have been transformed to // the match the upstream gRPC service. Note: This means that routes for gRPC services that are // not transcoded cannot be used in combination with *match_incoming_request_route*. bool match_incoming_request_route = 5; // A list of query parameters to be ignored for transcoding method mapping. // By default, the transcoder filter will not transcode a request if there are any // unknown/invalid query parameters. // // Example : // // .. code-block:: proto // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) { // option (google.api.http) = { // get: "/shelves/{shelf}" // }; // } // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow // the same request to be mapped to ``GetShelf``. repeated string ignored_query_parameters = 6; // Whether to route methods without the ``google.api.http`` option. // // Example : // // .. code-block:: proto // // package bookstore; // // service Bookstore { // rpc GetShelf(GetShelfRequest) returns (Shelf) {} // } // // message GetShelfRequest { // int64 shelf = 1; // } // // message Shelf {} // // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. bool auto_mapping = 7; // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do // not know them beforehand. Otherwise use ``ignored_query_parameters``. // Defaults to false. bool ignore_unknown_query_parameters = 8; // Whether to convert gRPC status headers to JSON. // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` // from the ``grpc-status-details-bin`` header and use it as JSON body. // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and // ``grpc-message`` headers. // The error details types must be present in the ``proto_descriptor``. // // For example, if an upstream server replies with headers: // // .. code-block:: none // // grpc-status: 5 // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message // ``google.rpc.Status``. It will be transcoded into: // // .. code-block:: none // // HTTP/1.1 404 Not Found // content-type: application/json // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // // In order to transcode the message, the ``google.rpc.RequestInfo`` type from // the ``google/rpc/error_details.proto`` should be included in the configured // :ref:`proto descriptor set `. bool convert_grpc_status = 9; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_stats.v3; import "envoy/config/core/v3/grpc_method_list.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_stats.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC statistics] gRPC statistics filter // :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_stats] // gRPC statistics filter configuration message FilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_stats.v2alpha.FilterConfig"; // If true, the filter maintains a filter state object with the request and response message // counts. bool emit_filter_state = 1; oneof per_method_stat_specifier { // If set, specifies an allowlist of service/methods that will have individual stats // emitted for them. Any call that does not match the allowlist will be counted // in a stat with no method specifier: `cluster..grpc.*`. config.core.v3.GrpcMethodList individual_method_stats_allowlist = 2; // If set to true, emit stats for all service/method names. // // If set to false, emit stats for all service/message types to the same stats without including // the service/method in the name, with prefix `cluster..grpc`. This can be useful if // service/method granularity is not needed, or if each cluster only receives a single method. // // .. attention:: // This option is only safe if all clients are trusted. If this option is enabled // with untrusted clients, the clients could cause unbounded growth in the number of stats in // Envoy, using unbounded memory and potentially slowing down stats pipelines. // // .. attention:: // If neither `individual_method_stats_allowlist` nor `stats_for_all_methods` is set, the // behavior will default to `stats_for_all_methods=true`. This default value is deprecated, // and in a future release, if neither field is set, it will default to // `stats_for_all_methods=false` in order to be safe by default. This behavior can be // controlled with runtime override // `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. google.protobuf.BoolValue stats_for_all_methods = 3; } // If true, the filter will gather a histogram for the request time of the upstream. // It works with :ref:`stats_for_all_methods // ` // and :ref:`individual_method_stats_allowlist // ` the same way // request_message_count and response_message_count works. bool enable_upstream_stats = 4; } // gRPC statistics filter state object in protobuf form. message FilterObject { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_stats.v2alpha.FilterObject"; // Count of request messages in the request stream. uint64 request_message_count = 1; // Count of response messages in the response stream. uint64 response_message_count = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/grpc_web/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/grpc_web.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.grpc_web.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.grpc_web.v3"; option java_outer_classname = "GrpcWebProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Web] // gRPC Web :ref:`configuration overview `. // [#extension: envoy.filters.http.grpc_web] // gRPC Web filter config. message GrpcWeb { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.grpc_web.v2.GrpcWeb"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/gzip/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/gzip/v2:pkg", "//envoy/extensions/filters/http/compressor/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/gzip/v3/gzip.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.gzip.v3; import "envoy/extensions/filters/http/compressor/v3/compressor.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.gzip.v3"; option java_outer_classname = "GzipProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip] // Gzip :ref:`configuration overview `. // [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.gzip.v2.Gzip"; enum CompressionStrategy { DEFAULT = 0; FILTERED = 1; HUFFMAN = 2; RLE = 3; } message CompressionLevel { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.gzip.v2.Gzip.CompressionLevel"; enum Enum { DEFAULT = 0; BEST = 1; SPEED = 2; } } // Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values // use more memory, but are faster and produce better compression results. The default value is 5. google.protobuf.UInt32Value memory_level = 1 [(validate.rules).uint32 = {lte: 9 gte: 1}]; // A value used for selecting the zlib compression level. This setting will affect speed and // amount of compression applied to the content. "BEST" provides higher compression at the cost of // higher latency, "SPEED" provides lower compression with minimum impact on response time. // "DEFAULT" provides an optimal result between speed and compression. This field will be set to // "DEFAULT" if not specified. CompressionLevel.Enum compression_level = 3 [(validate.rules).enum = {defined_only: true}]; // A value used for selecting the zlib compression strategy which is directly related to the // characteristics of the content. Most of the time "DEFAULT" will be the best choice, though // there are situations which changing this parameter might produce better results. For example, // run-length encoding (RLE) is typically used when the content is known for having sequences // which same data occurs many consecutive times. For more information about each strategy, please // refer to zlib manual. CompressionStrategy compression_strategy = 4 [(validate.rules).enum = {defined_only: true}]; // Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. // Larger window results in better compression at the expense of memory usage. The default is 12 // which will produce a 4096 bytes window. For more details about this parameter, please refer to // zlib manual > deflateInit2. google.protobuf.UInt32Value window_bits = 9 [(validate.rules).uint32 = {lte: 15 gte: 9}]; // Set of configuration parameters common for all compression filters. If this field is set then // the fields `content_length`, `content_type`, `disable_on_etag_header` and // `remove_accept_encoding_header` are ignored. compressor.v3.Compressor compressor = 10; // Value for Zlib's next output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. Also see // https://github.com/envoyproxy/envoy/issues/8448 for context on this filter's performance. google.protobuf.UInt32Value chunk_size = 11 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; google.protobuf.UInt32Value hidden_envoy_deprecated_content_length = 2 [deprecated = true]; repeated string hidden_envoy_deprecated_content_type = 6 [deprecated = true]; bool hidden_envoy_deprecated_disable_on_etag_header = 7 [deprecated = true]; bool hidden_envoy_deprecated_remove_accept_encoding_header = 8 [deprecated = true]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.header_to_metadata.v3; import "envoy/type/matcher/v3/regex.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.header_to_metadata.v3"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config"; enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 7] message KeyValuePair { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config.KeyValuePair"; // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; // The value to pair with the given key. // // When used for a // :ref:`on_header_present ` // case, if value is non-empty it'll be used instead of the header value. If both are empty, no metadata is added. // // When used for a :ref:`on_header_missing ` // case, a non-empty value must be provided otherwise no metadata is added. string value = 3 [(udpa.annotations.field_migrate).oneof_promotion = "value_type"]; // If present, the header's value will be matched and substituted with this. If there is no match or substitution, the header value // is used as-is. // // This is only used for :ref:`on_header_present `. // // Note: if the `value` field is non-empty this field should be empty. type.matcher.v3.RegexMatchAndSubstitute regex_value_rewrite = 6 [(udpa.annotations.field_migrate).oneof_promotion = "value_type"]; // The value's type — defaults to string. ValueType type = 4 [(validate.rules).enum = {defined_only: true}]; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. // [#next-free-field: 6] message Rule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.header_to_metadata.v2.Config.Rule"; // Specifies that a match will be performed on the value of a header or a cookie. // // The header to be extracted. string header = 1 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).oneof_promotion = "header_cookie_specifier" ]; // The cookie to be extracted. string cookie = 5 [ (validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}, (udpa.annotations.field_migrate).oneof_promotion = "header_cookie_specifier" ]; // If the header or cookie is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header or cookie value. KeyValuePair on_header_present = 2 [(udpa.annotations.field_migrate).rename = "on_present"]; // If the header or cookie is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header or cookie value. KeyValuePair on_header_missing = 3 [(udpa.annotations.field_migrate).rename = "on_missing"]; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. // This field is not supported in case of a cookie. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/filters/http/header_to_metadata/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v4alpha/header_to_metadata.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.header_to_metadata.v4alpha; import "envoy/type/matcher/v4alpha/regex.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.header_to_metadata.v4alpha"; option java_outer_classname = "HeaderToMetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Header-To-Metadata Filter] // // The configuration for transforming headers into metadata. This is useful // for matching load balancer subsets, logging, etc. // // Header to Metadata :ref:`configuration overview `. // [#extension: envoy.filters.http.header_to_metadata] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config"; enum ValueType { STRING = 0; NUMBER = 1; // The value is a serialized `protobuf.Value // `_. PROTOBUF_VALUE = 2; } // ValueEncode defines the encoding algorithm. enum ValueEncode { // The value is not encoded. NONE = 0; // The value is encoded in `Base64 `_. // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the // non-ASCII characters in the header. BASE64 = 1; } // [#next-free-field: 7] message KeyValuePair { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config.KeyValuePair"; // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; oneof value_type { // The value to pair with the given key. // // When used for a // :ref:`on_header_present ` // case, if value is non-empty it'll be used instead of the header value. If both are empty, no metadata is added. // // When used for a :ref:`on_header_missing ` // case, a non-empty value must be provided otherwise no metadata is added. string value = 3; // If present, the header's value will be matched and substituted with this. If there is no match or substitution, the header value // is used as-is. // // This is only used for :ref:`on_header_present `. // // Note: if the `value` field is non-empty this field should be empty. type.matcher.v4alpha.RegexMatchAndSubstitute regex_value_rewrite = 6; } // The value's type — defaults to string. ValueType type = 4 [(validate.rules).enum = {defined_only: true}]; // How is the value encoded, default is NONE (not encoded). // The value will be decoded accordingly before storing to metadata. ValueEncode encode = 5; } // A Rule defines what metadata to apply when a header is present or missing. // [#next-free-field: 6] message Rule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.header_to_metadata.v3.Config.Rule"; oneof header_cookie_specifier { // Specifies that a match will be performed on the value of a header or a cookie. // // The header to be extracted. string header = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // The cookie to be extracted. string cookie = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; } // If the header or cookie is present, apply this metadata KeyValuePair. // // If the value in the KeyValuePair is non-empty, it'll be used instead // of the header or cookie value. KeyValuePair on_present = 2; // If the header or cookie is not present, apply this metadata KeyValuePair. // // The value in the KeyValuePair must be set, since it'll be used in lieu // of the missing header or cookie value. KeyValuePair on_missing = 3; // Whether or not to remove the header after a rule is applied. // // This prevents headers from leaking. // This field is not supported in case of a cookie. bool remove = 4; } // The list of rules to apply to requests. repeated Rule request_rules = 1; // The list of rules to apply to responses. repeated Rule response_rules = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/health_check/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/health_check/v3/health_check.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.health_check.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.health_check.v3"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.health_check.v2.HealthCheck"; reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated config.route.v3.HeaderMatcher headers = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/health_check/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/health_check/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/health_check/v4alpha/health_check.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.health_check.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.health_check.v4alpha"; option java_outer_classname = "HealthCheckProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. // [#extension: envoy.filters.http.health_check] // [#next-free-field: 6] message HealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.health_check.v3.HealthCheck"; reserved 2; // Specifies whether the filter operates in pass through mode or not. google.protobuf.BoolValue pass_through_mode = 1 [(validate.rules).message = {required: true}]; // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. google.protobuf.Duration cache_time = 3; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy or degraded in order for the filter to return a 200. // // .. note:: // // This value is interpreted as an integer by truncating, so 12.50% will be calculated // as if it were 12%. map cluster_min_healthy_percentages = 4; // Specifies a set of health check request headers to match on. The health check filter will // check a request’s headers against all the specified headers. To specify the health check // endpoint, set the ``:path`` header to match on. repeated config.route.v4alpha.HeaderMatcher headers = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ip_tagging/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ip_tagging.v3; import "envoy/config/core/v3/address.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ip_tagging.v3"; option java_outer_classname = "IpTaggingProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: IP tagging] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.ip_tagging] message IPTagging { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ip_tagging.v2.IPTagging"; // The type of requests the filter should apply to. The supported types // are internal, external or both. The // :ref:`x-forwarded-for` header is // used to determine if a request is internal and will result in // :ref:`x-envoy-internal` // being set. The filter defaults to both, and it will apply to all request types. enum RequestType { // Both external and internal requests will be tagged. This is the default value. BOTH = 0; // Only internal requests will be tagged. INTERNAL = 1; // Only external requests will be tagged. EXTERNAL = 2; } // Supplies the IP tag name and the IP address subnets. message IPTag { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.ip_tagging.v2.IPTagging.IPTag"; // Specifies the IP tag name to apply. string ip_tag_name = 1; // A list of IP address subnets that will be tagged with // ip_tag_name. Both IPv4 and IPv6 are supported. repeated config.core.v3.CidrRange ip_list = 2; } // The type of request the filter should apply to. RequestType request_type = 1 [(validate.rules).enum = {defined_only: true}]; // [#comment:TODO(ccaraman): Extend functionality to load IP tags from file system. // Tracked by issue https://github.com/envoyproxy/envoy/issues/2695] // The set of IP tags for the filter. repeated IPTag ip_tags = 4 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.jwt_authn.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/http_uri.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtProvider"; // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_len: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // config.core.v3.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.RemoteJwks"; // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // config.core.v3.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtHeader"; // The HTTP header name. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Specify a required provider with audiences. message ProviderWithAudiences { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.ProviderWithAudiences"; // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirement"; oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirementOrList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtRequirementAndList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.RequirementRule"; // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // config.route.v3.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.FilterStateRule"; // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_len: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtAuthentication"; // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/jwt_authn/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.jwt_authn.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.jwt_authn.v4alpha"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: JWT Authentication] // JWT Authentication :ref:`configuration overview `. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // // * `JSON Web Token (JWT) `_ // * `The OAuth 2.0 Authorization Framework `_ // * `OpenID Connect `_ // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // // * issuer: the principal that issues the JWT. It has to match the one from the token. // * allowed audiences: the ones in the token have to be listed here. // * how to fetch public key JWKS to verify the token signature. // * how to extract JWT token in the request. // * how to pass successfully verified token payload. // // Example: // // .. code-block:: yaml // // issuer: https://example.com // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // cache_duration: // seconds: 300 // // [#next-free-field: 10] message JwtProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtProvider"; // Specify the `principal `_ that issued // the JWT, usually a URL or an email address. // // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com // string issuer = 1 [(validate.rules).string = {min_len: 1}]; // The list of JWT `audiences `_ are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // // Example: // // .. code-block:: yaml // // audiences: // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com // repeated string audiences = 2; // `JSON Web Key Set (JWKS) `_ is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP // URI and how the fetched JWKS should be cached. // // Example: // // .. code-block:: yaml // // remote_jwks: // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // cache_duration: // seconds: 300 // RemoteJwks remote_jwks = 3; // JWKS is in local data source. It could be either in a local file or embedded in the // inline_string. // // Example: local file // // .. code-block:: yaml // // local_jwks: // filename: /etc/envoy/jwks/jwks1.txt // // Example: inline_string // // .. code-block:: yaml // // local_jwks: // inline_string: ACADADADADA // config.core.v4alpha.DataSource local_jwks = 4; } // If false, the JWT is removed in the request after a success verification. If true, the JWT is // not removed in the request. Default value is false. bool forward = 5; // Two fields below define where to extract the JWT from an HTTP request. // // If no explicit location is specified, the following default locations are tried in order: // // 1. The Authorization header using the `Bearer schema // `_. Example:: // // Authorization: Bearer . // // 2. `access_token `_ query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. // // Specify the HTTP headers to extract JWT token. For examples, following config: // // .. code-block:: yaml // // from_headers: // - name: x-goog-iap-jwt-assertion // // can be used to extract token from header:: // // ``x-goog-iap-jwt-assertion: ``. // repeated JwtHeader from_headers = 6; // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // // For example, if config is: // // .. code-block:: yaml // // from_params: // - jwt_token // // The JWT format in query parameter is:: // // /path?jwt_token= // repeated string from_params = 7; // This field specifies the header name to forward a successfully verified JWT payload to the // backend. The forwarded data is:: // // base64url_encoded(jwt_payload_in_JSON) // // If it is not specified, the payload will not be forwarded. string forward_payload_header = 8 [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME strict: false}]; // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* // and the value is the *protobuf::Struct* converted from JWT JSON payload. // // For example, if payload_in_metadata is *my_payload*: // // .. code-block:: yaml // // envoy.filters.http.jwt_authn: // my_payload: // iss: https://example.com // sub: test@example.com // aud: https://example.com // exp: 1501281058 // string payload_in_metadata = 9; } // This message specifies how to fetch JWKS from remote and how to cache it. message RemoteJwks { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks"; // The HTTP URI to fetch the JWKS. For example: // // .. code-block:: yaml // // http_uri: // uri: https://www.googleapis.com/oauth2/v1/certs // cluster: jwt.www.googleapis.com|443 // config.core.v4alpha.HttpUri http_uri = 1; // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; } // This message specifies a header location to extract JWT token. message JwtHeader { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtHeader"; // The HTTP header name. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // The value prefix. The value format is "value_prefix" // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the // end. string value_prefix = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Specify a required provider with audiences. message ProviderWithAudiences { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.ProviderWithAudiences"; // Specify a required provider name. string provider_name = 1; // This field overrides the one specified in the JwtProvider. repeated string audiences = 2; } // This message specifies a Jwt requirement. An empty message means JWT verification is not // required. Here are some config examples: // // .. code-block:: yaml // // # Example 1: not required with an empty message // // # Example 2: require A // provider_name: provider-A // // # Example 3: require A or B // requires_any: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 4: require A and B // requires_all: // requirements: // - provider_name: provider-A // - provider_name: provider-B // // # Example 5: require A and (B or C) // requires_all: // requirements: // - provider_name: provider-A // - requires_any: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 6: require A or (B and C) // requires_any: // requirements: // - provider_name: provider-A // - requires_all: // requirements: // - provider_name: provider-B // - provider_name: provider-C // // # Example 7: A is optional (if token from A is provided, it must be valid, but also allows // missing token.) // requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // // # Example 8: A is optional and B is required. // requires_all: // requirements: // - requires_any: // requirements: // - provider_name: provider-A // - allow_missing: {} // - provider_name: provider-B // // [#next-free-field: 7] message JwtRequirement { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement"; oneof requires_type { // Specify a required provider name. string provider_name = 1; // Specify a required provider with audiences. ProviderWithAudiences provider_and_audiences = 2; // Specify list of JwtRequirement. Their results are OR-ed. // If any one of them passes, the result is passed. JwtRequirementOrList requires_any = 3; // Specify list of JwtRequirement. Their results are AND-ed. // All of them must pass, if one of them fails or missing, it fails. JwtRequirementAndList requires_all = 4; // The requirement is always satisfied even if JWT is missing or the JWT // verification fails. A typical usage is: this filter is used to only verify // JWTs and pass the verified JWT payloads to another filter, the other filter // will make decision. In this mode, all JWT tokens will be verified. google.protobuf.Empty allow_missing_or_failed = 5; // The requirement is satisfied if JWT is missing, but failed if JWT is // presented but invalid. Similar to allow_missing_or_failed, this is used // to only verify JWTs and pass the verified payload to another filter. The // different is this mode will reject requests with invalid tokens. google.protobuf.Empty allow_missing = 6; } } // This message specifies a list of RequiredProvider. // Their results are OR-ed; if any one of them passes, the result is passed message JwtRequirementOrList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementOrList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a list of RequiredProvider. // Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. message JwtRequirementAndList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementAndList"; // Specify a list of JwtRequirement. repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; } // This message specifies a Jwt requirement for a specific Route condition. // Example 1: // // .. code-block:: yaml // // - match: // prefix: /healthz // // In above example, "requires" field is empty for /healthz prefix match, // it means that requests matching the path prefix don't require JWT authentication. // // Example 2: // // .. code-block:: yaml // // - match: // prefix: / // requires: { provider_name: provider-A } // // In above example, all requests matched the path prefix require jwt authentication // from "provider-A". message RequirementRule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.RequirementRule"; // The route matching parameter. Only when the match is satisfied, the "requires" field will // apply. // // For example: following match will match all requests. // // .. code-block:: yaml // // match: // prefix: / // config.route.v4alpha.RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. JwtRequirement requires = 2; } // This message specifies Jwt requirements based on stream_info.filterState. // This FilterState should use `Router::StringAccessor` object to set a string value. // Other HTTP filters can use it to specify Jwt requirements dynamically. // // Example: // // .. code-block:: yaml // // name: jwt_selector // requires: // issuer_1: // provider_name: issuer1 // issuer_2: // provider_name: issuer2 // // If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, // jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. message FilterStateRule { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.FilterStateRule"; // The filter state name to retrieve the `Router::StringAccessor` object. string name = 1 [(validate.rules).string = {min_len: 1}]; // A map of string keys to requirements. The string key is the string value // in the FilterState with the name specified in the *name* field above. map requires = 3; } // This is the Envoy HTTP filter config for JWT authentication. // // For example: // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: issuer2 // local_jwks: // inline_string: jwks_string // // rules: // # Not jwt verification is required for /health path // - match: // prefix: /health // // # Jwt verification for provider1 is required for path prefixed with "prefix" // - match: // prefix: /prefix // requires: // provider_name: provider1 // // # Jwt verification for either provider1 or provider2 is required for all other requests. // - match: // prefix: / // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // message JwtAuthentication { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication"; // Map of provider names to JwtProviders. // // .. code-block:: yaml // // providers: // provider1: // issuer: issuer1 // audiences: // - audience1 // - audience2 // remote_jwks: // http_uri: // uri: https://example.com/.well-known/jwks.json // cluster: example_jwks_cluster // provider2: // issuer: provider2 // local_jwks: // inline_string: jwks_string // map providers = 1; // Specifies requirements based on the route matches. The first matched requirement will be // applied. If there are overlapped match conditions, please put the most specific match first. // // Examples // // .. code-block:: yaml // // rules: // - match: // prefix: /healthz // - match: // prefix: /baz // requires: // provider_name: provider1 // - match: // prefix: /foo // requires: // requires_any: // requirements: // - provider_name: provider1 // - provider_name: provider2 // - match: // prefix: /bar // requires: // requires_all: // requirements: // - provider_name: provider1 // - provider_name: provider2 // repeated RequirementRule rules = 2; // This message specifies Jwt requirements based on stream_info.filterState. // Other HTTP filters can use it to specify Jwt requirements dynamically. // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; // When set to true, bypass the `CORS preflight request // `_ regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.local_ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/http_status.proto"; import "envoy/type/v3/token_bucket.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.local_ratelimit.v3"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Local Rate limit] // Local Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.local_ratelimit] // [#next-free-field: 7] message LocalRateLimit { // The human readable prefix to use when emitting stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // This field allows for a custom HTTP response status code to the downstream client when // the request has been rate limited. // Defaults to 429 (TooManyRequests). // // .. note:: // If this is set to < 400, 429 will be used instead. type.v3.HttpStatus status = 2; // The token bucket configuration to use for rate limiting requests that are processed by this // filter. Each request processed by the filter consumes a single token. If the token is available, // the request will be allowed. If no tokens are available, the request will receive the configured // rate limit status. // // .. note:: // It's fine for the token bucket to be unset for the global configuration since the rate limit // can be applied at a the virtual host or route level. Thus, the token bucket must be set // for the per route configuration otherwise the config will be rejected. // // .. note:: // When using per route configuration, the bucket becomes unique to that route. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.v3.TokenBucket token_bucket = 3; // If set, this will enable -- but not necessarily enforce -- the rate limit for the given // fraction of requests. // Defaults to 0% of requests for safety. config.core.v3.RuntimeFractionalPercent filter_enabled = 4; // If set, this will enforce the rate limit decisions for the given fraction of requests. // // Note: this only applies to the fraction of enabled requests. // // Defaults to 0% of requests for safety. config.core.v3.RuntimeFractionalPercent filter_enforced = 5; // Specifies a list of HTTP headers that should be added to each response for requests that // have been rate limited. repeated config.core.v3.HeaderValueOption response_headers_to_add = 6 [(validate.rules).repeated = {max_items: 10}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/lua/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/http/lua/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/lua/v3/lua.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.lua.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.lua.v3"; option java_outer_classname = "LuaProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Lua] // Lua :ref:`configuration overview `. // [#extension: envoy.filters.http.lua] message Lua { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.lua.v2.Lua"; // The Lua code that Envoy will execute. This can be a very small script that // further loads code from disk if desired. Note that if JSON configuration is used, the code must // be properly escaped. YAML configuration may be easier to read since YAML supports multi-line // strings so complex scripts can be easily expressed inline in the configuration. string inline_code = 1 [(validate.rules).string = {min_len: 1}]; // Map of named Lua source codes that can be referenced in :ref:`LuaPerRoute // `. The Lua source codes can be // loaded from inline string or local files. // // Example: // // .. code-block:: yaml // // source_codes: // hello.lua: // inline_string: | // function envoy_on_response(response_handle) // -- Do something. // end // world.lua: // filename: /etc/lua/world.lua // map source_codes = 2; } message LuaPerRoute { oneof override { option (validate.required) = true; // Disable the Lua filter for this particular vhost or route. If disabled is specified in // multiple per-filter-configs, the most specific one will be used. bool disabled = 1 [(validate.rules).bool = {const: true}]; // A name of a Lua source code stored in // :ref:`Lua.source_codes `. string name = 2 [(validate.rules).string = {min_len: 1}]; // A configured per-route Lua source code that can be served by RDS or provided inline. config.core.v3.DataSource source_code = 3; } } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/oauth2/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/oauth2/v3alpha/oauth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.oauth2.v3alpha; import "envoy/config/core/v3/http_uri.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "envoy/type/matcher/v3/path.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.oauth2.v3alpha"; option java_outer_classname = "OauthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OAuth] // OAuth :ref:`configuration overview `. // [#extension: envoy.filters.http.oauth2] // message OAuth2Credentials { // The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server. string client_id = 1 [(validate.rules).string = {min_len: 1}]; // The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server. transport_sockets.tls.v3.SdsSecretConfig token_secret = 2 [(validate.rules).message = {required: true}]; // Configures how the secret token should be created. oneof token_formation { option (validate.required) = true; // If present, the secret token will be a HMAC using the provided secret. transport_sockets.tls.v3.SdsSecretConfig hmac_secret = 3 [(validate.rules).message = {required: true}]; } } // OAuth config // // [#next-free-field: 9] message OAuth2Config { // Endpoint on the authorization server to retrieve the access token from. config.core.v3.HttpUri token_endpoint = 1; // The endpoint redirect to for authorization in response to unauthorized requests. string authorization_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Credentials used for OAuth. OAuth2Credentials credentials = 3 [(validate.rules).message = {required: true}]; // The redirect URI passed to the authorization endpoint. Supports header formatting // tokens. For more information, including details on header value syntax, see the // documentation on :ref:`custom request headers `. // // This URI should not contain any query parameters. string redirect_uri = 4 [(validate.rules).string = {min_len: 1}]; // Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server. type.matcher.v3.PathMatcher redirect_path_matcher = 5 [(validate.rules).message = {required: true}]; // The path to sign a user out, clearing their credential cookies. type.matcher.v3.PathMatcher signout_path = 6 [(validate.rules).message = {required: true}]; // Forward the OAuth token as a Bearer to upstream web service. bool forward_bearer_token = 7; // Any request that matches any of the provided matchers will be passed through without OAuth validation. repeated config.route.v3.HeaderMatcher pass_through_matcher = 8; } // Filter config. message OAuth2 { // Leave this empty to disable OAuth2 for a specific route, using per filter config. OAuth2Config config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/oauth2/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/http/oauth2/v3alpha:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/oauth2/v4alpha/oauth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.oauth2.v4alpha; import "envoy/config/core/v4alpha/http_uri.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "envoy/type/matcher/v4alpha/path.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.oauth2.v4alpha"; option java_outer_classname = "OauthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: OAuth] // OAuth :ref:`configuration overview `. // [#extension: envoy.filters.http.oauth2] // message OAuth2Credentials { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2Credentials"; // The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server. string client_id = 1 [(validate.rules).string = {min_len: 1}]; // The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server. transport_sockets.tls.v4alpha.SdsSecretConfig token_secret = 2 [(validate.rules).message = {required: true}]; // Configures how the secret token should be created. oneof token_formation { option (validate.required) = true; // If present, the secret token will be a HMAC using the provided secret. transport_sockets.tls.v4alpha.SdsSecretConfig hmac_secret = 3 [(validate.rules).message = {required: true}]; } } // OAuth config // // [#next-free-field: 9] message OAuth2Config { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2Config"; // Endpoint on the authorization server to retrieve the access token from. config.core.v4alpha.HttpUri token_endpoint = 1; // The endpoint redirect to for authorization in response to unauthorized requests. string authorization_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Credentials used for OAuth. OAuth2Credentials credentials = 3 [(validate.rules).message = {required: true}]; // The redirect URI passed to the authorization endpoint. Supports header formatting // tokens. For more information, including details on header value syntax, see the // documentation on :ref:`custom request headers `. // // This URI should not contain any query parameters. string redirect_uri = 4 [(validate.rules).string = {min_len: 1}]; // Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server. type.matcher.v4alpha.PathMatcher redirect_path_matcher = 5 [(validate.rules).message = {required: true}]; // The path to sign a user out, clearing their credential cookies. type.matcher.v4alpha.PathMatcher signout_path = 6 [(validate.rules).message = {required: true}]; // Forward the OAuth token as a Bearer to upstream web service. bool forward_bearer_token = 7; // Any request that matches any of the provided matchers will be passed through without OAuth validation. repeated config.route.v4alpha.HeaderMatcher pass_through_matcher = 8; } // Filter config. message OAuth2 { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.oauth2.v3alpha.OAuth2"; // Leave this empty to disable OAuth2 for a specific route, using per filter config. OAuth2Config config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/on_demand/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/on_demand.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.on_demand.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.on_demand.v3"; option java_outer_classname = "OnDemandProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: OnDemand] // IP tagging :ref:`configuration overview `. // [#extension: envoy.filters.http.on_demand] message OnDemand { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.on_demand.v2.OnDemand"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/original_src/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/original_src/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/original_src/v3/original_src.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.original_src.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.original_src.v3"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // The Original Src filter binds upstream connections to the original source address determined // for the request. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. // [#extension: envoy.filters.http.original_src] message OriginalSrc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.original_src.v2alpha1.OriginalSrc"; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.ratelimit] // [#next-free-field: 9] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rate_limit.v2.RateLimit"; // Defines the version of the standard to use for X-RateLimit headers. enum XRateLimitHeadersRFCVersion { // X-RateLimit headers disabled. OFF = 0; // Use `draft RFC Version 03 `_. DRAFT_VERSION_03 = 1; } // The rate limit domain to use when calling the rate limit service. string domain = 1 [(validate.rules).string = {min_len: 1}]; // Specifies the rate limit configurations to be applied with the same // stage number. If not set, the default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The type of requests the filter should apply to. The supported // types are *internal*, *external* or *both*. A request is considered internal if // :ref:`x-envoy-internal` is set to true. If // :ref:`x-envoy-internal` is not set or false, a // request is considered external. The filter defaults to *both*, and it will apply to all request // types. string request_type = 3 [(validate.rules).string = {in: "internal" in: "external" in: "both" in: ""}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Specifies whether a `RESOURCE_EXHAUSTED` gRPC code must be returned instead // of the default `UNAVAILABLE` gRPC code for a rate limited gRPC call. The // HTTP code will be 200 for a gRPC response. bool rate_limited_as_resource_exhausted = 6; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 7 [(validate.rules).message = {required: true}]; // Defines the standard version to use for X-RateLimit headers emitted by the filter: // // * ``X-RateLimit-Limit`` - indicates the request-quota associated to the // client in the current time-window followed by the description of the // quota policy. The values are returned by the rate limiting service in // :ref:`current_limit` // field. Example: `10, 10;w=1;name="per-ip", 1000;w=3600`. // * ``X-RateLimit-Remaining`` - indicates the remaining requests in the // current time-window. The values are returned by the rate limiting service // in :ref:`limit_remaining` // field. // * ``X-RateLimit-Reset`` - indicates the number of seconds until reset of // the current time-window. The values are returned by the rate limiting service // in :ref:`duration_until_reset` // field. // // In case rate limiting policy specifies more then one time window, the values // above represent the window that is closest to reaching its limit. // // For more information about the headers specification see selected version of // the `draft RFC `_. // // Disabled by default. XRateLimitHeadersRFCVersion enable_x_ratelimit_headers = 8 [(validate.rules).enum = {defined_only: true}]; } message RateLimitPerRoute { enum VhRateLimitsOptions { // Use the virtual host rate limits unless the route has a rate limit policy. OVERRIDE = 0; // Use the virtual host rate limits even if the route has a rate limit policy. INCLUDE = 1; // Ignore the virtual host rate limits even if the route does not have a rate limit policy. IGNORE = 2; } // Specifies if the rate limit filter should include the virtual host rate limits. VhRateLimitsOptions vh_rate_limits = 1 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.rbac.v3; import "envoy/config/rbac/v3/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rbac.v2.RBAC"; // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v3.RBAC shadow_rules = 2; } message RBACPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.rbac.v2.RBACPerRoute"; reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v4alpha:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.rbac.v4alpha; import "envoy/config/rbac/v4alpha/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.http.rbac] // RBAC filter config. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.rbac.v3.RBAC"; // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) // but will emit stats and logs and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v4alpha.RBAC shadow_rules = 2; } message RBACPerRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.rbac.v3.RBACPerRoute"; reserved 1; // Override the global configuration of the filter with this new config. // If absent, the global RBAC policy will be disabled for this route. RBAC rbac = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/router/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/filter/http/router/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/router/v3/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.router.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.router.v3"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.router.v2.Router"; // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated config.accesslog.v3.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/extensions/filters/http/router/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.router.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.router.v4alpha"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Router] // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] // [#next-free-field: 7] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.router.v3.Router"; // Whether the router generates dynamic cluster statistics. Defaults to // true. Can be disabled in high performance scenarios. google.protobuf.BoolValue dynamic_stats = 1; // Whether to start a child span for egress routed calls. This can be // useful in scenarios where other filters (auth, ratelimit, etc.) make // outbound calls and have child spans rooted at the same ingress // parent. Defaults to false. bool start_child_span = 2; // Configuration for HTTP upstream logs emitted by the router. Upstream logs // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. repeated config.accesslog.v4alpha.AccessLog upstream_log = 3; // Do not add any additional *x-envoy-* headers to requests or responses. This // only affects the :ref:`router filter generated *x-envoy-* headers // `, other Envoy filters and the HTTP // connection manager may continue to set *x-envoy-* headers. bool suppress_envoy_headers = 4; // Specifies a list of HTTP headers to strictly validate. Envoy will reject a // request and respond with HTTP status 400 if the request contains an invalid // value for any of the headers listed in this field. Strict header checking // is only supported for the following headers: // // Value must be a ','-delimited list (i.e. no spaces) of supported retry // policy values: // // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` // * :ref:`config_http_filters_router_x-envoy-retry-on` // // Value must be an integer: // // * :ref:`config_http_filters_router_x-envoy-max-retries` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` repeated string strict_check_headers = 5 [(validate.rules).repeated = { items { string { in: "x-envoy-upstream-rq-timeout-ms" in: "x-envoy-upstream-rq-per-try-timeout-ms" in: "x-envoy-max-retries" in: "x-envoy-retry-grpc-on" in: "x-envoy-retry-on" } } }]; // If not set, ingress Envoy will ignore // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/squash/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/squash/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/squash/v3/squash.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.squash.v3; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.squash.v3"; option java_outer_classname = "SquashProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Squash] // Squash :ref:`configuration overview `. // [#extension: envoy.filters.http.squash] // [#next-free-field: 6] message Squash { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.squash.v2.Squash"; // The name of the cluster that hosts the Squash server. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // When the filter requests the Squash server to create a DebugAttachment, it will use this // structure as template for the body of the request. It can contain reference to environment // variables in the form of '{{ ENV_VAR_NAME }}'. These can be used to provide the Squash server // with more information to find the process to attach the debugger to. For example, in a // Istio/k8s environment, this will contain information on the pod: // // .. code-block:: json // // { // "spec": { // "attachment": { // "pod": "{{ POD_NAME }}", // "namespace": "{{ POD_NAMESPACE }}" // }, // "match_request": true // } // } // // (where POD_NAME, POD_NAMESPACE are configured in the pod via the Downward API) google.protobuf.Struct attachment_template = 2; // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. google.protobuf.Duration request_timeout = 3; // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 // seconds. google.protobuf.Duration attachment_timeout = 4; // Amount of time to poll for the status of the attachment object in the Squash server // (to check if has been attached). Defaults to 1 second. google.protobuf.Duration attachment_poll_period = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.tap.v3; import "envoy/extensions/common/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.tap.v2alpha.Tap"; // Common configuration for the HTTP tap filter. common.tap.v3.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/common/tap/v4alpha:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.tap.v4alpha; import "envoy/extensions/common/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // Tap :ref:`configuration overview `. // [#extension: envoy.filters.http.tap] // Top level configuration for the tap filter. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.tap.v3.Tap"; // Common configuration for the HTTP tap filter. common.tap.v4alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/http/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.http.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.filters.http.wasm] // Wasm :ref:`configuration overview `. message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/http_inspector/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/http_inspector.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.http_inspector.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.http_inspector.v3"; option java_outer_classname = "HttpInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP Inspector Filter] // Detect whether the application protocol is HTTP. // [#extension: envoy.filters.listener.http_inspector] message HttpInspector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.http_inspector.v2.HttpInspector"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/original_dst/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/original_dst.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.original_dst.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.original_dst.v3"; option java_outer_classname = "OriginalDstProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Dst Filter] // Use the Original destination address on downstream connections. // [#extension: envoy.filters.listener.original_dst] message OriginalDst { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.original_dst.v2.OriginalDst"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/original_src/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/original_src.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.original_src.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.original_src.v3"; option java_outer_classname = "OriginalSrcProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Original Src Filter] // Use the Original source address on upstream connections. // [#extension: envoy.filters.listener.original_src] // The Original Src filter binds upstream connections to the original source address determined // for the connection. This address could come from something like the Proxy Protocol filter, or it // could come from trusted http headers. message OriginalSrc { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.original_src.v2alpha1.OriginalSrc"; // Whether to bind the port to the one used in the original downstream connection. // [#not-implemented-hide:] bool bind_port = 1; // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to // ensure that non-local addresses may be routed back through envoy when binding to the original // source address. The option will not be applied if the mark is 0. uint32 mark = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/proxy_protocol/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.proxy_protocol.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.proxy_protocol.v3"; option java_outer_classname = "ProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Proxy Protocol Filter] // PROXY protocol listener filter. // [#extension: envoy.filters.listener.proxy_protocol] message ProxyProtocol { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.proxy_protocol.v2.ProxyProtocol"; message KeyValuePair { // The namespace — if this is empty, the filter's namespace will be used. string metadata_namespace = 1; // The key to use within the namespace. string key = 2 [(validate.rules).string = {min_len: 1}]; } // A Rule defines what metadata to apply when a header is present or missing. message Rule { // The type that triggers the rule - required // TLV type is defined as uint8_t in proxy protocol. See `the spec // `_ for details. uint32 tlv_type = 1 [(validate.rules).uint32 = {lt: 256}]; // If the TLV type is present, apply this metadata KeyValuePair. KeyValuePair on_tlv_present = 2; } // The list of rules to apply to requests. repeated Rule rules = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/listener/tls_inspector/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.listener.tls_inspector.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.listener.tls_inspector.v3"; option java_outer_classname = "TlsInspectorProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TLS Inspector Filter] // Allows detecting whether the transport appears to be TLS or plaintext. // [#extension: envoy.filters.listener.tls_inspector] message TlsInspector { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.listener.tls_inspector.v2.TlsInspector"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.client_ssl_auth.v3; import "envoy/config/core/v3/address.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.client_ssl_auth.v3"; option java_outer_classname = "ClientSslAuthProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Client TLS authentication] // Client TLS authentication // :ref:`configuration overview `. // [#extension: envoy.filters.network.client_ssl_auth] message ClientSSLAuth { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.client_ssl_auth.v2.ClientSSLAuth"; // The :ref:`cluster manager ` cluster that runs // the authentication service. The filter will connect to the service every 60s to fetch the list // of principals. The service must support the expected :ref:`REST API // `. string auth_api_cluster = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; // Time in milliseconds between principal refreshes from the // authentication service. Default is 60000 (60s). The actual fetch time // will be this value plus a random jittered value between // 0-refresh_delay_ms milliseconds. google.protobuf.Duration refresh_delay = 3; // An optional list of IP address and subnet masks that should be white // listed for access by the filter. If no list is provided, there is no // IP allowlist. repeated config.core.v3.CidrRange ip_white_list = 4 [(udpa.annotations.field_migrate).rename = "ip_allowlist"]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/direct_response/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/config.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.direct_response.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.direct_response.v3"; option java_outer_classname = "ConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Direct response] // Direct response :ref:`configuration overview `. // [#extension: envoy.filters.network.direct_response] message Config { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.direct_response.v2.Config"; // Response data as a data source. config.core.v3.DataSource response = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/router.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.router.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.router.v3"; option java_outer_classname = "RouterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Router] // Dubbo router :ref:`configuration overview `. message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.dubbo.router.v2alpha1.Router"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v3; import "envoy/extensions/filters/network/dubbo_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v3"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.DubboProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.DubboFilter"; // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v3; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteMatch"; // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v3.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. config.route.v3.WeightedCluster weighted_clusters = 2; } } message MethodMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.MethodMatch"; // The parameter matching type. message ParameterMatchSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.dubbo_proxy.v2alpha1.MethodMatch.ParameterMatchSpecifier"; oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.v3.Int64Range range_match = 4; } } // The name of the method. type.matcher.v3.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v4alpha/dubbo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v4alpha; import "envoy/extensions/filters/network/dubbo_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v4alpha"; option java_outer_classname = "DubboProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dubbo Proxy] // Dubbo Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.dubbo_proxy] // Dubbo Protocol types supported by Envoy. enum ProtocolType { // the default protocol. Dubbo = 0; } // Dubbo Serialization types supported by Envoy. enum SerializationType { // the default serialization protocol. Hessian2 = 0; } // [#next-free-field: 6] message DubboProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.DubboProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Configure the protocol used. ProtocolType protocol_type = 2 [(validate.rules).enum = {defined_only: true}]; // Configure the serialization protocol used. SerializationType serialization_type = 3 [(validate.rules).enum = {defined_only: true}]; // The route table for the connection manager is static and is specified in this property. repeated RouteConfiguration route_config = 4; // A list of individual Dubbo filters that make up the filter chain for requests made to the // Dubbo proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no dubbo_filters are specified, a default Dubbo router filter // (`envoy.filters.dubbo.router`) is used. repeated DubboFilter dubbo_filters = 5; } // DubboFilter configures a Dubbo filter. message DubboFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.DubboFilter"; // The name of the filter to instantiate. The name must match a supported // filter. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being // instantiated. See the supported filters for further documentation. google.protobuf.Any config = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.dubbo_proxy.v4alpha; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.dubbo_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dubbo Proxy Route Configuration] // Dubbo Proxy :ref:`configuration overview `. // [#next-free-field: 6] message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The interface name of the service. string interface = 2; // Which group does the interface belong to. string group = 3; // The version number of the interface. string version = 4; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 5; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteMatch"; // Method level routing matching. MethodMatch method = 1; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates the upstream cluster to which the request should be routed. string cluster = 1; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. // Currently ClusterWeight only supports the name and weight fields. config.route.v4alpha.WeightedCluster weighted_clusters = 2; } } message MethodMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.MethodMatch"; // The parameter matching type. message ParameterMatchSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.dubbo_proxy.v3.MethodMatch.ParameterMatchSpecifier"; oneof parameter_match_specifier { // If specified, header match will be performed based on the value of the header. string exact_match = 3; // If specified, header match will be performed based on range. // The rule will match if the request header value is within this range. // The entire request header value must represent an integer in base 10 notation: consisting // of an optional plus or minus sign followed by a sequence of digits. The rule will not match // if the header value does not represent an integer. Match will fail for empty values, // floating point numbers or if only a subsequence of the header value is an integer. // // Examples: // // * For range [-10,0), route will match for header value -1, but not for 0, // "somestring", 10.9, "-1somestring" type.v3.Int64Range range_match = 4; } } // The name of the method. type.matcher.v4alpha.StringMatcher name = 1; // Method parameter definition. // The key is the parameter index, starting from 0. // The value is the parameter matching type. map params_match = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/echo/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/echo/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/echo/v3/echo.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.echo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.echo.v3"; option java_outer_classname = "EchoProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Echo] // Echo :ref:`configuration overview `. // [#extension: envoy.filters.network.echo] message Echo { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.echo.v2.Echo"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ext_authz.v3; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/type/matcher/v3/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ext_authz.v3"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. // [#next-free-field: 7] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.ext_authz.v2.ExtAuthz"; // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. config.core.v3.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of Check{Request,Response} used on the wire. config.core.v3.ApiVersion transport_api_version = 5 [(validate.rules).enum = {defined_only: true}]; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ext_authz/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/network/ext_authz/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ext_authz/v4alpha/ext_authz.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ext_authz.v4alpha; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/grpc_service.proto"; import "envoy/type/matcher/v4alpha/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ext_authz.v4alpha"; option java_outer_classname = "ExtAuthzProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Network External Authorization ] // The network layer external authorization service configuration // :ref:`configuration overview `. // [#extension: envoy.filters.network.ext_authz] // External Authorization filter calls out to an external service over the // gRPC Authorization API defined by // :ref:`CheckRequest `. // A failed check will cause this filter to close the TCP connection. // [#next-free-field: 7] message ExtAuthz { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.ext_authz.v3.ExtAuthz"; // The prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The external authorization gRPC service configuration. // The default timeout is set to 200ms by this filter. config.core.v4alpha.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. When it is set to true, Envoy will also allow traffic in case of // communication failure between authorization service and the proxy. // Defaults to false. bool failure_mode_allow = 3; // Specifies if the peer certificate is sent to the external service. // // When this field is true, Envoy will include the peer X.509 certificate, if available, in the // :ref:`certificate`. bool include_peer_certificate = 4; // API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and // version of Check{Request,Response} used on the wire. config.core.v4alpha.ApiVersion transport_api_version = 5 [(validate.rules).enum = {defined_only: true}]; // Specifies if the filter is enabled with metadata matcher. // If this field is not specified, the filter will be enabled for all requests. type.matcher.v4alpha.MetadataMatcher filter_enabled_metadata = 6; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/config/trace/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.http_connection_manager.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/protocol.proto"; import "envoy/config/core/v3/substitution_format_string.proto"; import "envoy/config/route/v3/route.proto"; import "envoy/config/route/v3/scoped_route.proto"; import "envoy/config/trace/v3/http_tracer.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v3"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 41] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager"; enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager.Tracing"; enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v3.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. config.trace.v3.Tracing.Http provider = 9; OperationName hidden_envoy_deprecated_operation_name = 1 [ deprecated = true, (validate.rules).enum = {defined_only: true}, (envoy.annotations.disallowed_by_default) = true ]; repeated string hidden_envoy_deprecated_request_headers_for_tags = 2 [deprecated = true]; } message InternalAddressConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "InternalAddressConfig"; // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "SetCurrentClientCertDetails"; reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager." "UpgradeConfig"; // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. config.route.v3.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. config.core.v3.HttpProtocolOptions common_http_protocol_options = 35 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. config.core.v3.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. config.core.v3.Http2ProtocolOptions http2_protocol_options = 9 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to // this corner case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated config.accesslog.v3.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // If set, Envoy will always set :ref:`x-request-id ` header in response. // If this is false or not set, the request ID is returned in responses only if tracing is forced using // :ref:`x-envoy-force-trace ` header. bool always_set_request_id_in_response = 37; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; // The configuration to customize local reply returned by Envoy. It can customize status code, // body text and response content type. If not specified, status code and text body are hard // coded in Envoy, the response content type is plain text. LocalReplyConfig local_reply_config = 38; // Determines if the port part should be removed from host/authority header before any processing // of request by HTTP filters or routing. The port would be removed only if it is equal to the :ref:`listener's` // local port and request method is not CONNECT. This affects the upstream host header as well. // Without setting this option, incoming requests with host `example:443` will not match against // route with :ref:`domains` match set to `example`. Defaults to `false`. Note that port removal is not part // of `HTTP spec `_ and is provided for convenience. bool strip_matching_host_port = 39; // Governs Envoy's behavior when receiving invalid HTTP from downstream. // If this option is false (default), Envoy will err on the conservative side handling HTTP // errors, terminating both HTTP/1.1 and HTTP/2 connections when receiving an invalid request. // If this option is set to true, Envoy will be more permissive, only resetting the invalid // stream in the case of HTTP/2 and leaving the connection open where possible (if the entire // request is read for HTTP/1.1) // In general this should be true for deployments receiving trusted traffic (L2 Envoys, // company-internal mesh) and false when receiving untrusted traffic (edge deployments). // // If different behaviors for invalid_http_message for HTTP/1 and HTTP/2 are // desired, one should use the new HTTP/1 option :ref:`override_stream_error_on_invalid_http_message // ` or the new HTTP/2 option // :ref:`override_stream_error_on_invalid_http_message // ` // *not* the deprecated but similarly named :ref:`stream_error_on_invalid_http_messaging // ` google.protobuf.BoolValue stream_error_on_invalid_http_message = 40; google.protobuf.Duration hidden_envoy_deprecated_idle_timeout = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // The configuration to customize local reply returned by Envoy. message LocalReplyConfig { // Configuration of list of mappers which allows to filter and change local response. // The mappers will be checked by the specified order until one is matched. repeated ResponseMapper mappers = 1; // The configuration to form response body from the :ref:`command operators ` // and to specify response content type as one of: plain/text or application/json. // // Example one: "plain/text" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // The following response body in "plain/text" format will be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: text // // upstream connect error:503:path=/foo // // Example two: "application/json" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // path: "%REQ(:path)%" // // The following response body in "application/json" format would be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: json // // { // "status": 503, // "message": "upstream connection error", // "path": "/foo" // } // config.core.v3.SubstitutionFormatString body_format = 2; } // The configuration to filter and change local response. // [#next-free-field: 6] message ResponseMapper { // Filter to determine if this mapper should apply. config.accesslog.v3.AccessLogFilter filter = 1 [(validate.rules).message = {required: true}]; // The new response status code if specified. google.protobuf.UInt32Value status_code = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // The new local reply body text if specified. It will be used in the `%LOCAL_REPLY_BODY%` // command operator in the `body_format`. config.core.v3.DataSource body = 3; // A per mapper `body_format` to override the :ref:`body_format `. // It will be used when this mapper is matched. config.core.v3.SubstitutionFormatString body_format_override = 4; // HTTP headers to add to a local reply. This allows the response mapper to append, to add // or to override headers of any local reply before it is sent to a downstream client. repeated config.core.v3.HeaderValueOption headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; } message Rds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.Rds"; // Configuration source specifier for RDS. config.core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for RDS. This is mutually exclusive to *route_config_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRouteConfigurationsList"; repeated config.route.v3.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes"; // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder"; // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder"; // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder.HeaderValueExtractor"; // Specifies a header field's key value pair to match on. message KvElement { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRoutes.ScopeKeyBuilder." "FragmentBuilder.HeaderValueExtractor.KvElement"; // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_len: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_len: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_len: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_len: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. config.core.v3.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.ScopedRds"; // Configuration source specifier for scoped RDS. config.core.v3.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } // [#next-free-field: 6] message HttpFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpFilter"; reserved 3; // The name of the filter configuration. The name is used as a fallback to // select an extension if the type of the configuration proto is not // sufficient. It also serves as a resource name in ExtensionConfigDS. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. google.protobuf.Any typed_config = 4; // Configuration source specifier for an extension configuration discovery service. // In case of a failure and without the default configuration, the HTTP listener responds with code 500. // Extension configs delivered through this mechanism are not expected to require warming (see https://github.com/envoyproxy/envoy/issues/12061). config.core.v3.ExtensionConfigSource config_discovery = 5; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } message RequestIDExtension { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.RequestIDExtension"; // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/config/trace/v4alpha:pkg", "//envoy/extensions/filters/network/http_connection_manager/v3:pkg", "//envoy/type/tracing/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.http_connection_manager.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "envoy/config/core/v4alpha/substitution_format_string.proto"; import "envoy/config/route/v4alpha/route.proto"; import "envoy/config/route/v4alpha/scoped_route.proto"; import "envoy/config/trace/v4alpha/http_tracer.proto"; import "envoy/type/tracing/v3/custom_tag.proto"; import "envoy/type/v3/percent.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/core/v1/resource_locator.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/security.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v4alpha"; option java_outer_classname = "HttpConnectionManagerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: HTTP connection manager] // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] // [#next-free-field: 41] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"; enum CodecType { // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it // is preferred, otherwise protocol inference is used. In almost all cases, // this is the right option to choose for this setting. AUTO = 0; // The connection manager will assume that the client is speaking HTTP/1.1. HTTP1 = 1; // The connection manager will assume that the client is speaking HTTP/2 // (Envoy does not require HTTP/2 to take place over TLS or to use ALPN. // Prior knowledge is allowed). HTTP2 = 2; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 3; } enum ServerHeaderTransformation { // Overwrite any Server header with the contents of server_name. OVERWRITE = 0; // If no Server header is present, append Server server_name // If a Server header is present, pass it through. APPEND_IF_ABSENT = 1; // Pass through the value of the server header, and do not append a header // if none is present. PASS_THROUGH = 2; } // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; // When the client connection is mTLS (Mutual TLS), forward the XFCC header // in the request. FORWARD_ONLY = 1; // When the client connection is mTLS, append the client certificate // information to the request’s XFCC header and forward it. APPEND_FORWARD = 2; // When the client connection is mTLS, reset the XFCC header with the client // certificate information and send it to the next hop. SANITIZE_SET = 3; // Always forward the XFCC header in the request, regardless of whether the // client connection is mTLS. ALWAYS_FORWARD_ONLY = 4; } // [#next-free-field: 10] message Tracing { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing"; enum OperationName { // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; // The HTTP listener is used for egress/outgoing requests. EGRESS = 1; } reserved 1, 2; reserved "operation_name", "request_headers_for_tags"; // Target percentage of requests managed by this HTTP connection manager that will be force // traced if the :ref:`x-client-trace-id ` // header is set. This field is a direct analog for the runtime variable // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% type.v3.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random // sampling). This field functions as an upper limit on the total configured sampling rate. For // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% type.v3.Percent overall_sampling = 5; // Whether to annotate spans with additional data. If true, spans will include logs for stream // events. bool verbose = 6; // Maximum length of the request path to extract and include in the HttpUrl tag. Used to // truncate lengthy request paths to meet the needs of a tracing backend. // Default: 256 google.protobuf.UInt32Value max_path_tag_length = 7; // A list of custom tags with unique tag name to create tags for the active span. repeated type.tracing.v3.CustomTag custom_tags = 8; // Configuration for an external tracing provider. // If not specified, no tracing will be performed. // // .. attention:: // Please be aware that *envoy.tracers.opencensus* provider can only be configured once // in Envoy lifetime. // Any attempts to reconfigure it or to use different configurations for different HCM filters // will be rejected. // Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes // on OpenCensus side. config.trace.v4alpha.Tracing.Http provider = 9; } message InternalAddressConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "InternalAddressConfig"; // Whether unix socket addresses should be considered internal. bool unix_sockets = 1; } // [#next-free-field: 7] message SetCurrentClientCertDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "SetCurrentClientCertDetails"; reserved 2; // Whether to forward the subject of the client cert. Defaults to false. google.protobuf.BoolValue subject = 1; // Whether to forward the entire client cert in URL encoded PEM format. This will appear in the // XFCC header comma separated from other values with the value Cert="PEM". // Defaults to false. bool cert = 3; // Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM // format. This will appear in the XFCC header comma separated from other values with the value // Chain="PEM". // Defaults to false. bool chain = 6; // Whether to forward the DNS type Subject Alternative Names of the client cert. // Defaults to false. bool dns = 4; // Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to // false. bool uri = 5; } // The configuration for HTTP upgrades. // For each upgrade type desired, an UpgradeConfig must be added. // // .. warning:: // // The current implementation of upgrade headers does not handle // multi-valued upgrade headers. Support for multi-valued headers may be // added in the future if needed. // // .. warning:: // The current implementation of upgrade headers does not work with HTTP/2 // upstreams. message UpgradeConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager." "UpgradeConfig"; // The case-insensitive name of this upgrade, e.g. "websocket". // For each upgrade type present in upgrade_configs, requests with // Upgrade: [upgrade_type] // will be proxied upstream. string upgrade_type = 1; // If present, this represents the filter chain which will be created for // this type of upgrade. If no filters are present, the filter chain for // HTTP connections will be used for this upgrade type. repeated HttpFilter filters = 2; // Determines if upgrades are enabled or disabled by default. Defaults to true. // This can be overridden on a per-route basis with :ref:`cluster // ` as documented in the // :ref:`upgrade documentation `. google.protobuf.BoolValue enabled = 3; } reserved 27, 11; reserved "idle_timeout"; // Supplies the type of codec that the connection manager should use. CodecType codec_type = 1 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics for the // connection manager. See the :ref:`statistics documentation ` for // more information. string stat_prefix = 2 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The connection manager’s route table will be dynamically loaded via the RDS API. Rds rds = 3; // The route table for the connection manager is static and is specified in this property. config.route.v4alpha.RouteConfiguration route_config = 4; // A route table will be dynamically assigned to each request based on request attributes // (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are // specified in this message. ScopedRoutes scoped_routes = 31; } // A list of individual HTTP filters that make up the filter chain for // requests made to the connection manager. :ref:`Order matters ` // as the filters are processed sequentially as request events happen. repeated HttpFilter http_filters = 5; // Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent` // and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked // documentation for more information. Defaults to false. google.protobuf.BoolValue add_user_agent = 6; // Presence of the object defines whether the connection manager // emits :ref:`tracing ` data to the :ref:`configured tracing provider // `. Tracing tracing = 7; // Additional settings for HTTP requests handled by the connection manager. These will be // applicable to both HTTP1 and HTTP2 requests. config.core.v4alpha.HttpProtocolOptions common_http_protocol_options = 35 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. config.core.v4alpha.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. config.core.v4alpha.Http2ProtocolOptions http2_protocol_options = 9 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. string server_name = 10 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Defines the action to be applied to the Server header on the response path. // By default, Envoy will overwrite the header with the value specified in // server_name. ServerHeaderTransformation server_header_transformation = 34 [(validate.rules).enum = {defined_only: true}]; // The maximum request headers size for incoming connections. // If unconfigured, the default max request headers allowed is 60 KiB. // Requests that exceed this limit will receive a 431 response. // The max configurable limit is 96 KiB, based on current implementation // constraints. google.protobuf.UInt32Value max_request_headers_kb = 29 [(validate.rules).uint32 = {lte: 96 gt: 0}]; // The stream idle timeout for connections managed by the connection manager. // If not specified, this defaults to 5 minutes. The default value was selected // so as not to interfere with any smaller configured timeouts that may have // existed in configurations prior to the introduction of this feature, while // introducing robustness to TCP connections that terminate without a FIN. // // This idle timeout applies to new streams and is overridable by the // :ref:`route-level idle_timeout // `. Even on a stream in // which the override applies, prior to receipt of the initial request // headers, the :ref:`stream_idle_timeout // ` // applies. Each time an encode/decode event for headers or data is processed // for the stream, the timer will be reset. If the timeout fires, the stream // is terminated with a 408 Request Timeout error code if no upstream response // header has been received, otherwise a stream reset occurs. // // This timeout also specifies the amount of time that Envoy will wait for the peer to open enough // window to write any remaining stream data once the entirety of stream data (local end stream is // true) has been buffered pending available window. In other words, this timeout defends against // a peer that does not release enough window to completely write the stream, even though all // data has been proxied within available flow control windows. If the timeout is hit in this // case, the :ref:`tx_flush_timeout ` counter will be // incremented. Note that :ref:`max_stream_duration // ` does not apply to // this corner case. // // Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due // to the granularity of events presented to the connection manager. For example, while receiving // very large request headers, it may be the case that there is traffic regularly arriving on the // wire while the connection manage is only able to observe the end-of-headers event, hence the // stream may still idle timeout. // // A value of 0 will completely disable the connection manager stream idle // timeout, although per-route idle timeout overrides will continue to apply. google.protobuf.Duration stream_idle_timeout = 24 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The amount of time that Envoy will wait for the entire request to be received. // The timer is activated when the request is initiated, and is disarmed when the last byte of the // request is sent upstream (i.e. all decoding filters have processed the request), OR when the // response is initiated. If not specified or set to 0, this timeout is disabled. google.protobuf.Duration request_timeout = 28 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The time that Envoy will wait between sending an HTTP/2 “shutdown // notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame. // This is used so that Envoy provides a grace period for new streams that // race with the final GOAWAY frame. During this grace period, Envoy will // continue to accept new streams. After the grace period, a final GOAWAY // frame is sent and Envoy will start refusing new streams. Draining occurs // both when a connection hits the idle timeout or during general server // draining. The default grace period is 5000 milliseconds (5 seconds) if this // option is not specified. google.protobuf.Duration drain_timeout = 12; // The delayed close timeout is for downstream connections managed by the HTTP connection manager. // It is defined as a grace period after connection close processing has been locally initiated // during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy // from the downstream connection) prior to Envoy closing the socket associated with that // connection. // NOTE: This timeout is enforced even when the socket associated with the downstream connection // is pending a flush of the write buffer. However, any progress made writing data to the socket // will restart the timer associated with this timeout. This means that the total grace period for // a socket in this state will be // +. // // Delaying Envoy's connection close and giving the peer the opportunity to initiate the close // sequence mitigates a race condition that exists when downstream clients do not drain/process // data in a connection's receive buffer after a remote close has been detected via a socket // write(). This race leads to such clients failing to process the response code sent by Envoy, // which could result in erroneous downstream processing. // // If the timeout triggers, Envoy will close the connection's socket. // // The default timeout is 1000 ms if this option is not specified. // // .. NOTE:: // To be useful in avoiding the race condition described above, this timeout must be set // to *at least* +<100ms to account for // a reasonable "worst" case processing time for a full iteration of Envoy's event loop>. // // .. WARNING:: // A value of 0 will completely disable delayed close processing. When disabled, the downstream // connection's socket will be closed immediately after the write flush is completed or will // never close if the write flush does not complete. google.protobuf.Duration delayed_close_timeout = 26; // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. repeated config.accesslog.v4alpha.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating // various headers. If set to false or absent, the connection manager will use the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for`, // :ref:`config_http_conn_man_headers_x-envoy-internal`, and // :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information. google.protobuf.BoolValue use_remote_address = 14 [(udpa.annotations.security).configure_for_untrusted_downstream = true]; // The number of additional ingress proxy hops from the right side of the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when // determining the origin client's IP address. The default is zero if this option // is not specified. See the documentation for // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; // Configures what network addresses are considered internal for stats and header sanitation // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more // information about internal/external addresses. InternalAddressConfig internal_address_config = 25; // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager // has mutated the request headers. While :ref:`use_remote_address // ` // will also suppress XFF addition, it has consequences for logging and other // Envoy uses of the remote address, so *skip_xff_append* should be used // when only an elision of XFF addition is intended. bool skip_xff_append = 21; // Via header value to append to request and response headers. If this is // empty, no via header will be appended. string via = 22; // Whether the connection manager will generate the :ref:`x-request-id // ` header if it does not exist. This defaults to // true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature // is not desired it can be disabled. google.protobuf.BoolValue generate_request_id = 15; // Whether the connection manager will keep the :ref:`x-request-id // ` header if passed for a request that is edge // (Edge request is the request from external clients to front Envoy) and not reset it, which // is the current Envoy behaviour. This defaults to false. bool preserve_external_request_id = 32; // If set, Envoy will always set :ref:`x-request-id ` header in response. // If this is false or not set, the request ID is returned in responses only if tracing is forced using // :ref:`x-envoy-force-trace ` header. bool always_set_request_id_in_response = 37; // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. ForwardClientCertDetails forward_client_cert_details = 16 [(validate.rules).enum = {defined_only: true}]; // This field is valid only when :ref:`forward_client_cert_details // ` // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the URI type Subject Alternative Name // value. SetCurrentClientCertDetails set_current_client_cert_details = 17; // If proxy_100_continue is true, Envoy will proxy incoming "Expect: // 100-continue" headers upstream, and forward "100 Continue" responses // downstream. If this is false or not set, Envoy will instead strip the // "Expect: 100-continue" header, and send a "100 Continue" response itself. bool proxy_100_continue = 18; // If // :ref:`use_remote_address // ` // is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is // an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*. // This is useful for testing compatibility of upstream services that parse the header value. For // example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses // `_ for details. This will also affect the // :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See // :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6 // ` for runtime // control. // [#not-implemented-hide:] bool represent_ipv4_remote_address_as_ipv4_mapped_ipv6 = 20; repeated UpgradeConfig upgrade_configs = 23; // Should paths be normalized according to RFC 3986 before any processing of // requests by HTTP filters or routing? This affects the upstream *:path* header // as well. For paths that fail this check, Envoy will respond with 400 to // paths that are malformed. This defaults to false currently but will default // true in the future. When not specified, this value may be overridden by the // runtime variable // :ref:`http_connection_manager.normalize_path`. // See `Normalization and Comparison `_ // for details of normalization. // Note that Envoy does not perform // `case normalization `_ google.protobuf.BoolValue normalize_path = 30; // Determines if adjacent slashes in the path are merged into one before any processing of // requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without // setting this option, incoming requests with path `//dir///file` will not match against route // with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of // `HTTP spec `_ and is provided for convenience. bool merge_slashes = 33; // The configuration of the request ID extension. This includes operations such as // generation, validation, and associated tracing operations. // // If not set, Envoy uses the default UUID-based behavior: // // 1. Request ID is propagated using *x-request-id* header. // // 2. Request ID is a universally unique identifier (UUID). // // 3. Tracing decision (sampled, forced, etc) is set in 14th byte of the UUID. RequestIDExtension request_id_extension = 36; // The configuration to customize local reply returned by Envoy. It can customize status code, // body text and response content type. If not specified, status code and text body are hard // coded in Envoy, the response content type is plain text. LocalReplyConfig local_reply_config = 38; // Determines if the port part should be removed from host/authority header before any processing // of request by HTTP filters or routing. The port would be removed only if it is equal to the :ref:`listener's` // local port and request method is not CONNECT. This affects the upstream host header as well. // Without setting this option, incoming requests with host `example:443` will not match against // route with :ref:`domains` match set to `example`. Defaults to `false`. Note that port removal is not part // of `HTTP spec `_ and is provided for convenience. bool strip_matching_host_port = 39; // Governs Envoy's behavior when receiving invalid HTTP from downstream. // If this option is false (default), Envoy will err on the conservative side handling HTTP // errors, terminating both HTTP/1.1 and HTTP/2 connections when receiving an invalid request. // If this option is set to true, Envoy will be more permissive, only resetting the invalid // stream in the case of HTTP/2 and leaving the connection open where possible (if the entire // request is read for HTTP/1.1) // In general this should be true for deployments receiving trusted traffic (L2 Envoys, // company-internal mesh) and false when receiving untrusted traffic (edge deployments). // // If different behaviors for invalid_http_message for HTTP/1 and HTTP/2 are // desired, one should use the new HTTP/1 option :ref:`override_stream_error_on_invalid_http_message // ` or the new HTTP/2 option // :ref:`override_stream_error_on_invalid_http_message // ` // *not* the deprecated but similarly named :ref:`stream_error_on_invalid_http_messaging // ` google.protobuf.BoolValue stream_error_on_invalid_http_message = 40; } // The configuration to customize local reply returned by Envoy. message LocalReplyConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig"; // Configuration of list of mappers which allows to filter and change local response. // The mappers will be checked by the specified order until one is matched. repeated ResponseMapper mappers = 1; // The configuration to form response body from the :ref:`command operators ` // and to specify response content type as one of: plain/text or application/json. // // Example one: "plain/text" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n" // // The following response body in "plain/text" format will be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: text // // upstream connect error:503:path=/foo // // Example two: "application/json" ``body_format``. // // .. validated-code-block:: yaml // :type-name: envoy.config.core.v3.SubstitutionFormatString // // json_format: // status: "%RESPONSE_CODE%" // message: "%LOCAL_REPLY_BODY%" // path: "%REQ(:path)%" // // The following response body in "application/json" format would be generated for a request with // local reply body of "upstream connection error", response_code=503 and path=/foo. // // .. code-block:: json // // { // "status": 503, // "message": "upstream connection error", // "path": "/foo" // } // config.core.v4alpha.SubstitutionFormatString body_format = 2; } // The configuration to filter and change local response. // [#next-free-field: 6] message ResponseMapper { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper"; // Filter to determine if this mapper should apply. config.accesslog.v4alpha.AccessLogFilter filter = 1 [(validate.rules).message = {required: true}]; // The new response status code if specified. google.protobuf.UInt32Value status_code = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; // The new local reply body text if specified. It will be used in the `%LOCAL_REPLY_BODY%` // command operator in the `body_format`. config.core.v4alpha.DataSource body = 3; // A per mapper `body_format` to override the :ref:`body_format `. // It will be used when this mapper is matched. config.core.v4alpha.SubstitutionFormatString body_format_override = 4; // HTTP headers to add to a local reply. This allows the response mapper to append, to add // or to override headers of any local reply before it is sent to a downstream client. repeated config.core.v4alpha.HeaderValueOption headers_to_add = 5 [(validate.rules).repeated = {max_items: 1000}]; } message Rds { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.Rds"; // Configuration source specifier for RDS. config.core.v4alpha.ConfigSource config_source = 1 [(validate.rules).message = {required: true}]; oneof name_specifier { // The name of the route configuration. This name will be passed to the RDS // API. This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. string route_config_name = 2; // Resource locator for RDS. This is mutually exclusive to *route_config_name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator rds_resource_locator = 3; } } // This message is used to work around the limitations with 'oneof' and repeated fields. message ScopedRouteConfigurationsList { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRouteConfigurationsList"; repeated config.route.v4alpha.ScopedRouteConfiguration scoped_route_configurations = 1 [(validate.rules).repeated = {min_items: 1}]; } // [#next-free-field: 6] message ScopedRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes"; // Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These // keys are matched against a set of :ref:`Key` // objects assembled from :ref:`ScopedRouteConfiguration` // messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via // :ref:`scoped_route_configurations_list`. // // Upon receiving a request's headers, the Router will build a key using the algorithm specified // by this message. This key will be used to look up the routing table (i.e., the // :ref:`RouteConfiguration`) to use for the request. message ScopeKeyBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder"; // Specifies the mechanism for constructing key fragments which are composed into scope keys. message FragmentBuilder { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder"; // Specifies how the value of a header should be extracted. // The following example maps the structure of a header to the fields in this message. // // .. code:: // // <0> <1> <-- index // X-Header: a=b;c=d // | || | // | || \----> // | || // | |\----> // | | // | \----> // | // \----> // // Each 'a=b' key-value pair constitutes an 'element' of the header field. message HeaderValueExtractor { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor"; // Specifies a header field's key value pair to match on. message KvElement { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes." "ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor.KvElement"; // The separator between key and value (e.g., '=' separates 'k=v;...'). // If an element is an empty string, the element is ignored. // If an element contains no separator, the whole element is parsed as key and the // fragment value is an empty string. // If there are multiple values for a matched key, the first value is returned. string separator = 1 [(validate.rules).string = {min_len: 1}]; // The key to match on. string key = 2 [(validate.rules).string = {min_len: 1}]; } // The name of the header field to extract the value from. string name = 1 [(validate.rules).string = {min_len: 1}]; // The element separator (e.g., ';' separates 'a;b;c;d'). // Default: empty string. This causes the entirety of the header field to be extracted. // If this field is set to an empty string and 'index' is used in the oneof below, 'index' // must be set to 0. string element_separator = 2; oneof extract_type { // Specifies the zero based index of the element to extract. // Note Envoy concatenates multiple values of the same header key into a comma separated // string, the splitting always happens after the concatenation. uint32 index = 3; // Specifies the key value pair to extract the value from. KvElement element = 4; } } oneof type { option (validate.required) = true; // Specifies how a header field's value should be extracted. HeaderValueExtractor header_value_extractor = 1; } } // The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the // fragments of a :ref:`ScopedRouteConfiguration`. // A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key. repeated FragmentBuilder fragments = 1 [(validate.rules).repeated = {min_items: 1}]; } // The name assigned to the scoped routing configuration. string name = 1 [(validate.rules).string = {min_len: 1}]; // The algorithm to use for constructing a scope key for each request. ScopeKeyBuilder scope_key_builder = 2 [(validate.rules).message = {required: true}]; // Configuration source specifier for RDS. // This config source is used to subscribe to RouteConfiguration resources specified in // ScopedRouteConfiguration messages. config.core.v4alpha.ConfigSource rds_config_source = 3 [(validate.rules).message = {required: true}]; oneof config_specifier { option (validate.required) = true; // The set of routing scopes corresponding to the HCM. A scope is assigned to a request by // matching a key constructed from the request's attributes according to the algorithm specified // by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRouteConfigurationsList scoped_route_configurations_list = 4; // The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS // API. A scope is assigned to a request by matching a key constructed from the request's // attributes according to the algorithm specified by the // :ref:`ScopeKeyBuilder` // in this message. ScopedRds scoped_rds = 5; } } message ScopedRds { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.ScopedRds"; // Configuration source specifier for scoped RDS. config.core.v4alpha.ConfigSource scoped_rds_config_source = 1 [(validate.rules).message = {required: true}]; } // [#next-free-field: 6] message HttpFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter"; reserved 3, 2; reserved "config"; // The name of the filter configuration. The name is used as a fallback to // select an extension if the type of the configuration proto is not // sufficient. It also serves as a resource name in ExtensionConfigDS. string name = 1 [(validate.rules).string = {min_len: 1}]; oneof config_type { // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. google.protobuf.Any typed_config = 4; // Configuration source specifier for an extension configuration discovery service. // In case of a failure and without the default configuration, the HTTP listener responds with code 500. // Extension configs delivered through this mechanism are not expected to require warming (see https://github.com/envoyproxy/envoy/issues/12061). config.core.v4alpha.ExtensionConfigSource config_discovery = 5; } } message RequestIDExtension { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension"; // Request ID extension specific configuration. google.protobuf.Any typed_config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.kafka_broker.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.kafka_broker.v3"; option java_outer_classname = "KafkaBrokerProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Kafka Broker] // Kafka Broker :ref:`configuration overview `. // [#extension: envoy.filters.network.kafka_broker] message KafkaBroker { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.kafka_broker.v2alpha1.KafkaBroker"; // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.local_ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/token_bucket.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.local_ratelimit.v3"; option java_outer_classname = "LocalRateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Local rate limit] // Local rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.local_ratelimit] message LocalRateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.local_rate_limit.v2alpha.LocalRateLimit"; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The token bucket configuration to use for rate limiting connections that are processed by the // filter's filter chain. Each incoming connection processed by the filter consumes a single // token. If the token is available, the connection will be allowed. If no tokens are available, // the connection will be immediately closed. // // .. note:: // In the current implementation each filter and filter chain has an independent rate limit. // // .. note:: // In the current implementation the token bucket's :ref:`fill_interval // ` must be >= 50ms to avoid too aggressive // refills. type.v3.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults // to enabled. config.core.v3.RuntimeFeatureFlag runtime_enabled = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.mongo_proxy.v3; import "envoy/extensions/filters/common/fault/v3/fault.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.mongo_proxy.v3"; option java_outer_classname = "MongoProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Mongo proxy] // MongoDB :ref:`configuration overview `. // [#extension: envoy.filters.network.mongo_proxy] message MongoProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.mongo_proxy.v2.MongoProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The optional path to use for writing Mongo access logs. If not access log // path is specified no access logs will be written. Note that access log is // also gated :ref:`runtime `. string access_log = 2; // Inject a fixed delay before proxying a Mongo operation. Delays are // applied to the following MongoDB operations: Query, Insert, GetMore, // and KillCursors. Once an active delay is in progress, all incoming // data up until the timer event fires will be a part of the delay. common.fault.v3.FaultDelay delay = 3; // Flag to specify whether :ref:`dynamic metadata // ` should be emitted. Defaults to false. bool emit_dynamic_metadata = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.mysql_proxy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.mysql_proxy.v3"; option java_outer_classname = "MysqlProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: MySQL proxy] // MySQL Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.mysql_proxy] message MySQLProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.mysql_proxy.v1alpha1.MySQLProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] The optional path to use for writing MySQL access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/postgres_proxy/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.postgres_proxy.v3alpha; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.postgres_proxy.v3alpha"; option java_outer_classname = "PostgresProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Postgres proxy] // Postgres Proxy :ref:`configuration overview // `. // [#extension: envoy.filters.network.postgres_proxy] message PostgresProxy { // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Controls whether SQL statements received in Frontend Query messages // are parsed. Parsing is required to produce Postgres proxy filter // metadata. Defaults to true. google.protobuf.BoolValue enable_sql_parsing = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.network.ratelimit] // [#next-free-field: 7] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.rate_limit.v2.RateLimit"; // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The rate limit domain to use in the rate limit service request. string domain = 2 [(validate.rules).string = {min_len: 1}]; // The rate limit descriptor list to use in the rate limit service request. repeated common.ratelimit.v3.RateLimitDescriptor descriptors = 3 [(validate.rules).repeated = {min_items: 1}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 4; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 5; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 6 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rbac/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rbac/v3/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rbac.v3; import "envoy/config/rbac/v3/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rbac.v3"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.rbac.v2.RBAC"; enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v3.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_len: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/rbac/v4alpha:pkg", "//envoy/extensions/filters/network/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rbac.v4alpha; import "envoy/config/rbac/v4alpha/rbac.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rbac.v4alpha"; option java_outer_classname = "RbacProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RBAC] // Role-Based Access Control :ref:`configuration overview `. // [#extension: envoy.filters.network.rbac] // RBAC network filter config. // // Header should not be used in rules/shadow_rules in RBAC network filter as // this information is only available in :ref:`RBAC http filter `. message RBAC { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rbac.v3.RBAC"; enum EnforcementType { // Apply RBAC policies when the first byte of data arrives on the connection. ONE_TIME_ON_FIRST_BYTE = 0; // Continuously apply RBAC policies as data arrives. Use this mode when // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka, // etc. when the protocol decoders emit dynamic metadata such as the // resources being accessed and the operations on the resources. CONTINUOUS = 1; } // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs // and can be used for rule testing. // If absent, no shadow RBAC policy will be applied. config.rbac.v4alpha.RBAC shadow_rules = 2; // The prefix to use when emitting statistics. string stat_prefix = 3 [(validate.rules).string = {min_len: 1}]; // RBAC enforcement strategy. By default RBAC will be enforced only once // when the first byte of data arrives from the downstream. When used in // conjunction with filters that emit dynamic metadata after decoding // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to // CONTINUOUS to enforce RBAC policies on every message boundary. EnforcementType enforcement_type = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/redis_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.redis_proxy.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.redis_proxy.v3"; option java_outer_classname = "RedisProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Redis Proxy] // Redis Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.redis_proxy] // [#next-free-field: 9] message RedisProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy"; // Redis connection pool settings. // [#next-free-field: 9] message ConnPoolSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.ConnPoolSettings"; // ReadPolicy controls how Envoy routes read commands to Redis nodes. This is currently // supported for Redis Cluster. All ReadPolicy settings except MASTER may return stale data // because replication is asynchronous and requires some delay. You need to ensure that your // application can tolerate stale data. enum ReadPolicy { // Default mode. Read from the current primary node. MASTER = 0 [(udpa.annotations.enum_value_migrate).rename = "PRIMARY"]; // Read from the primary, but if it is unavailable, read from replica nodes. PREFER_MASTER = 1 [(udpa.annotations.enum_value_migrate).rename = "PREFER_PRIMARY"]; // Read from replica nodes. If multiple replica nodes are present within a shard, a random // node is selected. Healthy nodes have precedent over unhealthy nodes. REPLICA = 2; // Read from the replica nodes (similar to REPLICA), but if all replicas are unavailable (not // present or unhealthy), read from the primary. PREFER_REPLICA = 3; // Read from any node of the cluster. A random node is selected among the primary and // replicas, healthy nodes have precedent over unhealthy nodes. ANY = 4; } // Per-operation timeout in milliseconds. The timer starts when the first // command of a pipeline is written to the backend connection. Each response received from Redis // resets the timer since it signifies that the next command is being processed by the backend. // The only exception to this behavior is when a connection to a backend is not yet established. // In that case, the connect timeout on the cluster will govern the timeout until the connection // is ready. google.protobuf.Duration op_timeout = 1 [(validate.rules).duration = {required: true}]; // Use hash tagging on every redis key to guarantee that keys with the same hash tag will be // forwarded to the same upstream. The hash key used for determining the upstream in a // consistent hash ring configuration will be computed from the hash tagged key instead of the // whole key. The algorithm used to compute the hash tag is identical to the `redis-cluster // implementation `_. // // Examples: // // * '{user1000}.following' and '{user1000}.followers' **will** be sent to the same upstream // * '{user1000}.following' and '{user1001}.following' **might** be sent to the same upstream bool enable_hashtagging = 2; // Accept `moved and ask redirection // `_ errors from upstream // redis servers, and retry commands to the specified target server. The target server does not // need to be known to the cluster manager. If the command cannot be redirected, then the // original error is passed downstream unchanged. By default, this support is not enabled. bool enable_redirection = 3; // Maximum size of encoded request buffer before flush is triggered and encoded requests // are sent upstream. If this is unset, the buffer flushes whenever it receives data // and performs no batching. // This feature makes it possible for multiple clients to send requests to Envoy and have // them batched- for example if one is running several worker processes, each with its own // Redis connection. There is no benefit to using this with a single downstream process. // Recommended size (if enabled) is 1024 bytes. uint32 max_buffer_size_before_flush = 4; // The encoded request buffer is flushed N milliseconds after the first request has been // encoded, unless the buffer size has already exceeded `max_buffer_size_before_flush`. // If `max_buffer_size_before_flush` is not set, this flush timer is not used. Otherwise, // the timer should be set according to the number of clients, overall request rate and // desired maximum latency for a single command. For example, if there are many requests // being batched together at a high rate, the buffer will likely be filled before the timer // fires. Alternatively, if the request rate is lower the buffer will not be filled as often // before the timer fires. // If `max_buffer_size_before_flush` is set, but `buffer_flush_timeout` is not, the latter // defaults to 3ms. google.protobuf.Duration buffer_flush_timeout = 5; // `max_upstream_unknown_connections` controls how many upstream connections to unknown hosts // can be created at any given time by any given worker thread (see `enable_redirection` for // more details). If the host is unknown and a connection cannot be created due to enforcing // this limit, then redirection will fail and the original redirection error will be passed // downstream unchanged. This limit defaults to 100. google.protobuf.UInt32Value max_upstream_unknown_connections = 6; // Enable per-command statistics per upstream cluster, in addition to the filter level aggregate // count. These commands are measured in microseconds. bool enable_command_stats = 8; // Read policy. The default is to read from the primary. ReadPolicy read_policy = 7 [(validate.rules).enum = {defined_only: true}]; } message PrefixRoutes { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes"; message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes.Route"; // The router is capable of shadowing traffic from one cluster to another. The current // implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to // respond before returning the response from the primary cluster. All normal statistics are // collected for the shadow cluster making this feature useful for testing. message RequestMirrorPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes.Route." "RequestMirrorPolicy"; // Specifies the cluster that requests will be mirrored to. The cluster must // exist in the cluster manager configuration. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // If not specified or the runtime key is not present, all requests to the target cluster // will be mirrored. // // If specified, Envoy will lookup the runtime key to get the percentage of requests to the // mirror. config.core.v3.RuntimeFractionalPercent runtime_fraction = 2; // Set this to TRUE to only mirror write commands, this is effectively replicating the // writes in a "fire and forget" manner. bool exclude_read_commands = 3; } // String prefix that must match the beginning of the keys. Envoy will always favor the // longest match. string prefix = 1 [(validate.rules).string = {max_bytes: 1000}]; // Indicates if the prefix needs to be removed from the key when forwarded. bool remove_prefix = 2; // Upstream cluster to forward the command to. string cluster = 3 [(validate.rules).string = {min_len: 1}]; // Indicates that the route has a request mirroring policy. repeated RequestMirrorPolicy request_mirror_policy = 4; } // List of prefix routes. repeated Route routes = 1; // Indicates that prefix matching should be case insensitive. bool case_insensitive = 2; // Optional catch-all route to forward commands that doesn't match any of the routes. The // catch-all route becomes required when no routes are specified. Route catch_all_route = 4; string hidden_envoy_deprecated_catch_all_cluster = 3 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // RedisFault defines faults used for fault injection. message RedisFault { enum RedisFaultType { // Delays requests. This is the base fault; other faults can have delays added. DELAY = 0; // Returns errors on requests. ERROR = 1; } // Fault type. RedisFaultType fault_type = 1 [(validate.rules).enum = {defined_only: true}]; // Percentage of requests fault applies to. config.core.v3.RuntimeFractionalPercent fault_enabled = 2 [(validate.rules).message = {required: true}]; // Delay for all faults. If not set, defaults to zero google.protobuf.Duration delay = 3; // Commands fault is restricted to, if any. If not set, fault applies to all commands // other than auth and ping (due to special handling of those commands in Envoy). repeated string commands = 4; } // The prefix to use when emitting :ref:`statistics `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Network settings for the connection pool to the upstream clusters. ConnPoolSettings settings = 3 [(validate.rules).message = {required: true}]; // Indicates that latency stat should be computed in microseconds. By default it is computed in // milliseconds. This does not apply to upstream command stats currently. bool latency_in_micros = 4; // List of **unique** prefixes used to separate keys from different workloads to different // clusters. Envoy will always favor the longest match first in case of overlap. A catch-all // cluster can be used to forward commands when there is no match. Time complexity of the // lookups are in O(min(longest key prefix, key length)). // // Example: // // .. code-block:: yaml // // prefix_routes: // routes: // - prefix: "ab" // cluster: "cluster_a" // - prefix: "abc" // cluster: "cluster_b" // // When using the above routes, the following prefixes would be sent to: // // * ``get abc:users`` would retrieve the key 'abc:users' from cluster_b. // * ``get ab:users`` would retrieve the key 'ab:users' from cluster_a. // * ``get z:users`` would return a NoUpstreamHost error. A :ref:`catch-all // route` // would have retrieved the key from that cluster instead. // // See the :ref:`configuration section // ` of the architecture overview for recommendations on // configuring the backing clusters. PrefixRoutes prefix_routes = 5; // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this password before enabling any other // command. If an AUTH command's password matches this password, an "OK" response will be returned // to the client. If the AUTH command password does not match this password, then an "ERR invalid // password" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no password is set" error will be returned. config.core.v3.DataSource downstream_auth_password = 6 [(udpa.annotations.sensitive) = true]; // List of faults to inject. Faults currently come in two flavors: // - Delay, which delays a request. // - Error, which responds to a request with an error. Errors can also have delays attached. // // Example: // // .. code-block:: yaml // // faults: // - fault_type: ERROR // fault_enabled: // default_value: // numerator: 10 // denominator: HUNDRED // runtime_key: "bogus_key" // commands: // - GET // - fault_type: DELAY // fault_enabled: // default_value: // numerator: 10 // denominator: HUNDRED // runtime_key: "bogus_key" // delay: 2s // // See the :ref:`fault injection section // ` for more information on how to configure this. repeated RedisFault faults = 8; // If a username is provided an ACL style AUTH command will be required with a username and password. // Authenticate Redis client connections locally by forcing downstream clients to issue a `Redis // AUTH command `_ with this username and the *downstream_auth_password* // before enabling any other command. If an AUTH command's username and password matches this username // and the *downstream_auth_password* , an "OK" response will be returned to the client. If the AUTH // command username or password does not match this username or the *downstream_auth_password*, then an // "WRONGPASS invalid username-password pair" error will be returned. If any other command is received before AUTH when this // password is set, then a "NOAUTH Authentication required." error response will be sent to the // client. If an AUTH command is received when the password is not set, then an "ERR Client sent // AUTH, but no ACL is set" error will be returned. config.core.v3.DataSource downstream_auth_username = 7 [(udpa.annotations.sensitive) = true]; string hidden_envoy_deprecated_cluster = 2 [deprecated = true, (envoy.annotations.disallowed_by_default) = true]; } // RedisProtocolOptions specifies Redis upstream protocol options. This object is used in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.redis_proxy`. message RedisProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProtocolOptions"; // Upstream server password as defined by the `requirepass` directive // `_ in the server's configuration file. config.core.v3.DataSource auth_password = 1 [(udpa.annotations.sensitive) = true]; // Upstream server username as defined by the `user` directive // `_ in the server's configuration file. config.core.v3.DataSource auth_username = 2 [(udpa.annotations.sensitive) = true]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v3; import "envoy/extensions/filters/network/rocketmq_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v3"; option java_outer_classname = "RocketmqProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RocketMQ Proxy] // RocketMQ Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.rocketmq_proxy] message RocketmqProxy { // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is specified in this property. RouteConfiguration route_config = 2; // The largest duration transient object expected to live, more than 10s is recommended. google.protobuf.Duration transient_object_life_span = 3; // If develop_mode is enabled, this proxy plugin may work without dedicated traffic intercepting // facility without considering backward compatibility of exiting RocketMQ client SDK. bool develop_mode = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rocketmq Proxy Route Configuration] // Rocketmq Proxy :ref:`configuration overview `. message RouteConfiguration { // The name of the route configuration. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { // The name of the topic. type.matcher.v3.StringMatcher topic = 1 [(validate.rules).message = {required: true}]; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v3.HeaderMatcher headers = 2; } message RouteAction { // Indicates the upstream cluster to which the request should be routed. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. config.core.v3.Metadata metadata_match = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/rocketmq_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v4alpha; import "envoy/extensions/filters/network/rocketmq_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v4alpha"; option java_outer_classname = "RocketmqProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: RocketMQ Proxy] // RocketMQ Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.rocketmq_proxy] message RocketmqProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RocketmqProxy"; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is specified in this property. RouteConfiguration route_config = 2; // The largest duration transient object expected to live, more than 10s is recommended. google.protobuf.Duration transient_object_life_span = 3; // If develop_mode is enabled, this proxy plugin may work without dedicated traffic intercepting // facility without considering backward compatibility of exiting RocketMQ client SDK. bool develop_mode = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/rocketmq_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.rocketmq_proxy.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.rocketmq_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Rocketmq Proxy Route Configuration] // Rocketmq Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteConfiguration"; // The name of the route configuration. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteMatch"; // The name of the topic. type.matcher.v4alpha.StringMatcher topic = 1 [(validate.rules).message = {required: true}]; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). repeated config.route.v4alpha.HeaderMatcher headers = 2; } message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.rocketmq_proxy.v3.RouteAction"; // Indicates the upstream cluster to which the request should be routed. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. config.core.v4alpha.Metadata metadata_match = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/sni_cluster/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.sni_cluster.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_cluster.v3"; option java_outer_classname = "SniClusterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SNI Cluster Filter] // Set the upstream cluster name from the SNI field in the TLS connection. // [#extension: envoy.filters.network.sni_cluster] message SniCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.sni_cluster.v2.SniCluster"; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha; import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha"; option java_outer_classname = "SniDynamicForwardProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SNI dynamic forward proxy] // Configuration for the SNI-based dynamic forward proxy filter. See the // :ref:`architecture overview ` for // more information. Note this filter must be configured along with // :ref:`TLS inspector listener filter ` // to work. // [#extension: envoy.filters.network.sni_dynamic_forward_proxy] message FilterConfig { // The DNS cache configuration that the filter will attach to. Note this // configuration must match that of associated :ref:`dynamic forward proxy // cluster configuration // `. common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; oneof port_specifier { // The port number to connect to the upstream. uint32 port_value = 2 [(validate.rules).uint32 = {lte: 65535 gt: 0}]; } } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/tcp_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.tcp_proxy.v3; import "envoy/config/accesslog/v3/accesslog.proto"; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/type/v3/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.tcp_proxy.v3"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 14] message TcpProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy"; // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. config.core.v3.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.TunnelingConfig"; // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_len: 1}]; } message DeprecatedV1 { option deprecated = true; option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.DeprecatedV1"; // [#next-free-field: 6] message TCPRoute { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.tcp_proxy.v2.TcpProxy.DeprecatedV1.TCPRoute"; string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; repeated config.core.v3.CidrRange destination_ip_list = 2; string destination_ports = 3; repeated config.core.v3.CidrRange source_ip_list = 4; string source_ports = 5; } repeated TCPRoute routes = 1 [(validate.rules).repeated = {min_items: 1}]; } // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. config.core.v3.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated config.accesslog.v3.AccessLog access_log = 5; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.v3.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; // The maximum duration of a connection. The duration is defined as the period since a connection // was established. If not set, there is no max duration. When max_downstream_connection_duration // is reached the connection will be closed. Duration must be at least 1ms. google.protobuf.Duration max_downstream_connection_duration = 13 [(validate.rules).duration = {gte {nanos: 1000000}}]; DeprecatedV1 hidden_envoy_deprecated_deprecated_v1 = 6 [deprecated = true]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/tcp_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/filters/network/tcp_proxy/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/tcp_proxy/v4alpha/tcp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.tcp_proxy.v4alpha; import "envoy/config/accesslog/v4alpha/accesslog.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/v3/hash_policy.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.tcp_proxy.v4alpha"; option java_outer_classname = "TcpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.tcp_proxy] // [#next-free-field: 14] message TcpProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy"; // Allows for specification of multiple upstream clusters along with weights // that indicate the percentage of traffic to be forwarded to each cluster. // The router selects an upstream cluster based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is // determined by its weight. The sum of weights across all entries in the // clusters array determines the total weight. uint32 weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints // in the upstream cluster with metadata matching what is set in this field will be considered // for load balancing. Note that this will be merged with what's provided in // :ref:`TcpProxy.metadata_match // `, with values // here taking precedence. The filter name should be specified as *envoy.lb*. config.core.v4alpha.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } // Configuration for tunneling TCP over other transports or application layers. // Currently, only HTTP/2 is supported. When other options exist, HTTP/2 will // remain the default. message TunnelingConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy.TunnelingConfig"; // The hostname to send in the synthesized CONNECT headers to the upstream proxy. string hostname = 1 [(validate.rules).string = {min_len: 1}]; } reserved 6; reserved "deprecated_v1"; // The prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof cluster_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 10; } // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. config.core.v4alpha.Metadata metadata_match = 9; // The idle timeout for connections managed by the TCP proxy filter. The idle timeout // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set // to 0s, the timeout will be disabled. // // .. warning:: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 8; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no // active traffic. If not set, there is no idle timeout. When the idle timeout // is reached the connection will be closed. The distinction between // downstream_idle_timeout/upstream_idle_timeout provides a means to set // timeout based on the last byte sent on the downstream/upstream connection. google.protobuf.Duration downstream_idle_timeout = 3; // [#not-implemented-hide:] google.protobuf.Duration upstream_idle_timeout = 4; // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. repeated config.accesslog.v4alpha.AccessLog access_log = 5; // The maximum number of unsuccessful connection attempts that will be made before // giving up. If the parameter is not specified, 1 connection attempt will be made. google.protobuf.UInt32Value max_connect_attempts = 7 [(validate.rules).uint32 = {gte: 1}]; // Optional configuration for TCP proxy hash policy. If hash_policy is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated type.v3.HashPolicy hash_policy = 11 [(validate.rules).repeated = {max_items: 1}]; // [#not-implemented-hide:] feature in progress // If set, this configures tunneling, e.g. configuration options to tunnel multiple TCP // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload // will be proxied upstream as per usual. TunnelingConfig tunneling_config = 12; // The maximum duration of a connection. The duration is defined as the period since a connection // was established. If not set, there is no max duration. When max_downstream_connection_duration // is reached the connection will be closed. Duration must be at least 1ms. google.protobuf.Duration max_downstream_connection_duration = 13 [(validate.rules).duration = {gte {nanos: 1000000}}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3; import "envoy/config/ratelimit/v3/rls.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3"; option java_outer_classname = "RateLimitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.thrift.ratelimit] // [#next-free-field: 6] message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.thrift.rate_limit.v2alpha1.RateLimit"; // The rate limit domain to use in the rate limit service request. string domain = 1 [(validate.rules).string = {min_len: 1}]; // Specifies the rate limit configuration stage. Each configured rate limit filter performs a // rate limit check using descriptors configured in the // :ref:`envoy_api_msg_extensions.filters.network.thrift_proxy.v3.RouteAction` for the request. // Only those entries with a matching stage number are used for a given filter. If not set, the // default stage number is 0. // // .. note:: // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 2 [(validate.rules).uint32 = {lte: 10}]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. google.protobuf.Duration timeout = 3; // The filter's behaviour in case the rate limiting service does // not respond back. When it is set to true, Envoy will not allow traffic in case of // communication failure between rate limiting service and the proxy. // Defaults to false. bool failure_mode_deny = 4; // Configuration for an external rate limit service provider. If not // specified, any calls to the rate limit service will immediately return // success. config.ratelimit.v3.RateLimitServiceConfig rate_limit_service = 5 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v3/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v3"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteMatch"; oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated config.route.v3.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. config.core.v3.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated config.route.v3.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. config.core.v3.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v3; import "envoy/extensions/filters/network/thrift_proxy/v3/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v3"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftProxy"; // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftFilter"; // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true]; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.thrift_proxy.v2alpha1.ThriftProtocolOptions"; // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/route/v4alpha:pkg", "//envoy/extensions/filters/network/thrift_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v4alpha/route.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/route/v4alpha/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v4alpha"; option java_outer_classname = "RouteProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Thrift Proxy Route Configuration] // Thrift Proxy :ref:`configuration overview `. message RouteConfiguration { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteConfiguration"; // The name of the route configuration. Reserved for future use in asynchronous route discovery. string name = 1; // The list of routes that will be matched, in order, against incoming requests. The first route // that matches will be used. repeated Route routes = 2; } message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.Route"; // Route matching parameters. RouteMatch match = 1 [(validate.rules).message = {required: true}]; // Route request to some upstream cluster. RouteAction route = 2 [(validate.rules).message = {required: true}]; } message RouteMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteMatch"; oneof match_specifier { option (validate.required) = true; // If specified, the route must exactly match the request method name. As a special case, an // empty string matches any request method name. string method_name = 1; // If specified, the route must have the service name as the request method name prefix. As a // special case, an empty string matches any service name. Only relevant when service // multiplexing. string service_name = 2; } // Inverts whatever matching is done in the :ref:`method_name // ` or // :ref:`service_name // ` fields. // Cannot be combined with wildcard matching as that would result in routes never being matched. // // .. note:: // // This does not invert matching done as part of the :ref:`headers field // ` field. To // invert header matching, see :ref:`invert_match // `. bool invert = 3; // Specifies a set of headers that the route should match on. The router will check the request’s // headers against all the specified headers in the route config. A match will happen if all the // headers in the route are present in the request with the same values (or based on presence if // the value field is not in the config). Note that this only applies for Thrift transports and/or // protocols that support headers. repeated config.route.v4alpha.HeaderMatcher headers = 4; } // [#next-free-field: 7] message RouteAction { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.RouteAction"; oneof cluster_specifier { option (validate.required) = true; // Indicates a single upstream cluster to which the request should be routed // to. string cluster = 1 [(validate.rules).string = {min_len: 1}]; // Multiple upstream clusters can be specified for a given route. The // request is routed to one of the upstream clusters based on weights // assigned to each cluster. WeightedCluster weighted_clusters = 2; // Envoy will determine the cluster to route to by reading the value of the // Thrift header named by cluster_header from the request headers. If the // header is not found or the referenced cluster does not exist Envoy will // respond with an unknown method exception or an internal error exception, // respectively. string cluster_header = 6 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_VALUE strict: false}]; } // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered. // Note that this will be merged with what's provided in :ref:`WeightedCluster.metadata_match // `, // with values there taking precedence. Keys and values should be provided under the "envoy.lb" // metadata key. config.core.v4alpha.Metadata metadata_match = 3; // Specifies a set of rate limit configurations that could be applied to the route. // N.B. Thrift service or method name matching can be achieved by specifying a RequestHeaders // action with the header name ":method-name". repeated config.route.v4alpha.RateLimit rate_limits = 4; // Strip the service prefix from the method name, if there's a prefix. For // example, the method call Service:method would end up being just method. bool strip_service_name = 5; } // Allows for specification of multiple upstream clusters along with weights that indicate the // percentage of traffic to be forwarded to each cluster. The router selects an upstream cluster // based on these weights. message WeightedCluster { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.WeightedCluster"; message ClusterWeight { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.WeightedCluster.ClusterWeight"; // Name of the upstream cluster. string name = 1 [(validate.rules).string = {min_len: 1}]; // When a request matches the route, the choice of an upstream cluster is determined by its // weight. The sum of weights across all entries in the clusters array determines the total // weight. google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32 = {gte: 1}]; // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field, combined with what's // provided in :ref:`RouteAction's metadata_match // `, // will be considered. Values here will take precedence. Keys and values should be provided // under the "envoy.lb" metadata key. config.core.v4alpha.Metadata metadata_match = 3; } // Specifies one or more upstream clusters associated with the route. repeated ClusterWeight clusters = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/v4alpha/thrift_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.thrift_proxy.v4alpha; import "envoy/extensions/filters/network/thrift_proxy/v4alpha/route.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.thrift_proxy.v4alpha"; option java_outer_classname = "ThriftProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Thrift Proxy] // Thrift Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.thrift_proxy] // Thrift transport types supported by Envoy. enum TransportType { // For downstream connections, the Thrift proxy will attempt to determine which transport to use. // For upstream connections, the Thrift proxy will use same transport as the downstream // connection. AUTO_TRANSPORT = 0; // The Thrift proxy will use the Thrift framed transport. FRAMED = 1; // The Thrift proxy will use the Thrift unframed transport. UNFRAMED = 2; // The Thrift proxy will assume the client is using the Thrift header transport. HEADER = 3; } // Thrift Protocol types supported by Envoy. enum ProtocolType { // For downstream connections, the Thrift proxy will attempt to determine which protocol to use. // Note that the older, non-strict (or lax) binary protocol is not included in automatic protocol // detection. For upstream connections, the Thrift proxy will use the same protocol as the // downstream connection. AUTO_PROTOCOL = 0; // The Thrift proxy will use the Thrift binary protocol. BINARY = 1; // The Thrift proxy will use Thrift non-strict binary protocol. LAX_BINARY = 2; // The Thrift proxy will use the Thrift compact protocol. COMPACT = 3; // The Thrift proxy will use the Thrift "Twitter" protocol implemented by the finagle library. TWITTER = 4; } // [#next-free-field: 6] message ThriftProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftProxy"; // Supplies the type of transport that the Thrift proxy should use. Defaults to // :ref:`AUTO_TRANSPORT`. TransportType transport = 2 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use. Defaults to // :ref:`AUTO_PROTOCOL`. ProtocolType protocol = 3 [(validate.rules).enum = {defined_only: true}]; // The human readable prefix to use when emitting statistics. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // The route table for the connection manager is static and is specified in this property. RouteConfiguration route_config = 4; // A list of individual Thrift filters that make up the filter chain for requests made to the // Thrift proxy. Order matters as the filters are processed sequentially. For backwards // compatibility, if no thrift_filters are specified, a default Thrift router filter // (`envoy.filters.thrift.router`) is used. repeated ThriftFilter thrift_filters = 5; } // ThriftFilter configures a Thrift filter. message ThriftFilter { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftFilter"; reserved 2; reserved "config"; // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: // // [#comment:TODO(zuercher): Auto generate the following list] // * :ref:`envoy.filters.thrift.router ` // * :ref:`envoy.filters.thrift.rate_limit ` string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being instantiated. See the supported // filters for further documentation. oneof config_type { google.protobuf.Any typed_config = 3; } } // ThriftProtocolOptions specifies Thrift upstream protocol options. This object is used in // in // :ref:`typed_extension_protocol_options`, // keyed by the name `envoy.filters.network.thrift_proxy`. message ThriftProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.thrift_proxy.v3.ThriftProtocolOptions"; // Supplies the type of transport that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_TRANSPORT`, // which is the default, causes the proxy to use the same transport as the downstream connection. TransportType transport = 1 [(validate.rules).enum = {defined_only: true}]; // Supplies the type of protocol that the Thrift proxy should use for upstream connections. // Selecting // :ref:`AUTO_PROTOCOL`, // which is the default, causes the proxy to use the same protocol as the downstream connection. ProtocolType protocol = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.filters.network.wasm] // Wasm :ref:`configuration overview `. message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.network.zookeeper_proxy.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.network.zookeeper_proxy.v3"; option java_outer_classname = "ZookeeperProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ZooKeeper proxy] // ZooKeeper Proxy :ref:`configuration overview `. // [#extension: envoy.filters.network.zookeeper_proxy] message ZooKeeperProxy { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.zookeeper_proxy.v1alpha1.ZooKeeperProxy"; // The human readable prefix to use when emitting :ref:`statistics // `. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // [#not-implemented-hide:] The optional path to use for writing ZooKeeper access logs. // If the access log field is empty, access logs will not be written. string access_log = 2; // Messages — requests, responses and events — that are bigger than this value will // be ignored. If it is not set, the default value is 1Mb. // // The value here should match the jute.maxbuffer property in your cluster configuration: // // https://zookeeper.apache.org/doc/r3.4.10/zookeeperAdmin.html#Unsafe+Options // // if that is set. If it isn't, ZooKeeper's default is also 1Mb. google.protobuf.UInt32Value max_packet_bytes = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/dns/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v3alpha; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/data/dns/v3/dns_table.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.dns_filter.v3alpha"; option java_outer_classname = "DnsFilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: DNS Filter] // DNS Filter :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.dns_filter] // Configuration for the DNS filter. message DnsFilterConfig { // This message contains the configuration for the DNS Filter operating // in a server context. This message will contain the virtual hosts and // associated addresses with which Envoy will respond to queries message ServerContextConfig { oneof config_source { option (validate.required) = true; // Load the configuration specified from the control plane data.dns.v3.DnsTable inline_dns_table = 1; // Seed the filter configuration from an external path. This source // is a yaml formatted file that contains the DnsTable driving Envoy's // responses to DNS queries config.core.v3.DataSource external_dns_table = 2; } } // This message contains the configuration for the DNS Filter operating // in a client context. This message will contain the timeouts, retry, // and forwarding configuration for Envoy to make DNS requests to other // resolvers message ClientContextConfig { // Sets the maximum time we will wait for the upstream query to complete // We allow 5s for the upstream resolution to complete, so the minimum // value here is 1. Note that the total latency for a failed query is the // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; // A list of DNS servers to which we can forward queries. If not // specified, Envoy will use the ambient DNS resolvers in the // system. repeated config.core.v3.Address upstream_resolvers = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external // resolution times out or is otherwise unsuccessful uint64 max_pending_lookups = 3 [(validate.rules).uint64 = {gte: 1}]; } // The stat prefix used when emitting DNS filter statistics string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Server context configuration contains the data that the filter uses to respond // to DNS requests. ServerContextConfig server_config = 2; // Client context configuration controls Envoy's behavior when it must use external // resolvers to answer a query. This object is optional and if omitted instructs // the filter to resolve queries from the data in the server_config ClientContextConfig client_config = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/dns/v4alpha:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/dns/v4alpha/dns_table.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.dns_filter.v4alpha"; option java_outer_classname = "DnsFilterProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: DNS Filter] // DNS Filter :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.dns_filter] // Configuration for the DNS filter. message DnsFilterConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig"; // This message contains the configuration for the DNS Filter operating // in a server context. This message will contain the virtual hosts and // associated addresses with which Envoy will respond to queries message ServerContextConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig.ServerContextConfig"; oneof config_source { option (validate.required) = true; // Load the configuration specified from the control plane data.dns.v4alpha.DnsTable inline_dns_table = 1; // Seed the filter configuration from an external path. This source // is a yaml formatted file that contains the DnsTable driving Envoy's // responses to DNS queries config.core.v4alpha.DataSource external_dns_table = 2; } } // This message contains the configuration for the DNS Filter operating // in a client context. This message will contain the timeouts, retry, // and forwarding configuration for Envoy to make DNS requests to other // resolvers message ClientContextConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.udp.dns_filter.v3alpha.DnsFilterConfig.ClientContextConfig"; // Sets the maximum time we will wait for the upstream query to complete // We allow 5s for the upstream resolution to complete, so the minimum // value here is 1. Note that the total latency for a failed query is the // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; // A list of DNS servers to which we can forward queries. If not // specified, Envoy will use the ambient DNS resolvers in the // system. repeated config.core.v4alpha.Address upstream_resolvers = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external // resolution times out or is otherwise unsuccessful uint64 max_pending_lookups = 3 [(validate.rules).uint64 = {gte: 1}]; } // The stat prefix used when emitting DNS filter statistics string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Server context configuration contains the data that the filter uses to respond // to DNS requests. ServerContextConfig server_config = 2; // Client context configuration controls Envoy's behavior when it must use external // resolvers to answer a query. This object is optional and if omitted instructs // the filter to resolve queries from the data in the server_config ClientContextConfig client_config = 3; } ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.proto ================================================ syntax = "proto3"; package envoy.extensions.filters.udp.udp_proxy.v3; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.udp.udp_proxy.v3"; option java_outer_classname = "UdpProxyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: UDP proxy] // UDP proxy :ref:`configuration overview `. // [#extension: envoy.filters.udp_listener.udp_proxy] // Configuration for the UDP proxy filter. // [#next-free-field: 6] message UdpProxyConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.udp.udp_proxy.v2alpha.UdpProxyConfig"; // Specifies the UDP hash policy. // The packets can be routed by hash policy. message HashPolicy { oneof policy_specifier { option (validate.required) = true; // The source IP will be used to compute the hash used by hash-based load balancing algorithms. bool source_ip = 1 [(validate.rules).bool = {const: true}]; } } // The stat prefix used when emitting UDP proxy filter stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; oneof route_specifier { option (validate.required) = true; // The upstream cluster to connect to. string cluster = 2 [(validate.rules).string = {min_len: 1}]; } // The idle timeout for sessions. Idle is defined as no datagrams between received or sent by // the session. The default if not specified is 1 minute. google.protobuf.Duration idle_timeout = 3; // Use the remote downstream IP address as the sender IP address when sending packets to upstream hosts. // This option requires Envoy to be run with the *CAP_NET_ADMIN* capability on Linux. // And the IPv6 stack must be enabled on Linux kernel. // This option does not preserve the remote downstream port. // If this option is enabled, the IP address of sent datagrams will be changed to the remote downstream IP address. // This means that Envoy will not receive packets that are sent by upstream hosts because the upstream hosts // will send the packets with the remote downstream IP address as the destination. All packets will be routed // to the remote downstream directly if there are route rules on the upstream host side. // There are two options to return the packets back to the remote downstream. // The first one is to use DSR (Direct Server Return). // The other one is to configure routing rules on the upstream hosts to forward // all packets back to Envoy and configure iptables rules on the host running Envoy to // forward all packets from upstream hosts to the Envoy process so that Envoy can forward the packets to the downstream. // If the platform does not support this option, Envoy will raise a configuration error. bool use_original_src_ip = 4; // Optional configuration for UDP proxy hash policies. If hash_policies is not set, the hash-based // load balancing algorithms will select a host randomly. Currently the number of hash policies is // limited to 1. repeated HashPolicy hash_policies = 5 [(validate.rules).repeated = {max_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/allow_listed_routes/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.allow_listed_routes.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.allow_listed_routes.v3"; option java_outer_classname = "AllowListedRoutesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Allow listed routes internal redirect predicate] // An internal redirect predicate that accepts only explicitly allowed target routes. // [#extension: envoy.internal_redirect_predicates.allow_listed_routes] message AllowListedRoutesConfig { // The list of routes that's allowed as redirect target by this predicate, // identified by the route's :ref:`name `. // Empty route names are not allowed. repeated string allowed_route_names = 1 [(validate.rules).repeated = {items {string {min_len: 1}}}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/previous_routes/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/previous_routes/v3/previous_routes_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.previous_routes.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.previous_routes.v3"; option java_outer_classname = "PreviousRoutesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous routes internal redirect predicate] // An internal redirect predicate that rejects redirect targets that are pointing // to a route that has been followed by a previous redirect from the current route. // [#extension: envoy.internal_redirect_predicates.previous_routes] message PreviousRoutesConfig { } ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/safe_cross_scheme/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/internal_redirect/safe_cross_scheme/v3/safe_cross_scheme_config.proto ================================================ syntax = "proto3"; package envoy.extensions.internal_redirect.safe_cross_scheme.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.internal_redirect.safe_cross_scheme.v3"; option java_outer_classname = "SafeCrossSchemeConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SafeCrossScheme internal redirect predicate] // An internal redirect predicate that checks the scheme between the // downstream url and the redirect target url and allows a) same scheme // redirect and b) safe cross scheme redirect, which means if the downstream // scheme is HTTPS, both HTTPS and HTTP redirect targets are allowed, but if the // downstream scheme is HTTP, only HTTP redirect targets are allowed. // [#extension: // envoy.internal_redirect_predicates.safe_cross_scheme] message SafeCrossSchemeConfig { } ================================================ FILE: generated_api_shadow/envoy/extensions/network/socket_interface/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/network/socket_interface/v3/default_socket_interface.proto ================================================ syntax = "proto3"; package envoy.extensions.network.socket_interface.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.network.socket_interface.v3"; option java_outer_classname = "DefaultSocketInterfaceProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Default Socket Interface configuration] // Configuration for default socket interface that relies on OS dependent syscall to create // sockets. message DefaultSocketInterface { } ================================================ FILE: generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/retry/omit_host_metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.proto ================================================ syntax = "proto3"; package envoy.extensions.retry.host.omit_host_metadata.v3; import "envoy/config/core/v3/base.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.retry.host.omit_host_metadata.v3"; option java_outer_classname = "OmitHostMetadataConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Omit host metadata retry predicate] // A retry host predicate that can be used to reject a host based on // predefined metadata match criteria. // [#extension: envoy.retry_host_predicates.omit_host_metadata] message OmitHostMetadataConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.retry.omit_host_metadata.v2.OmitHostMetadataConfig"; // Retry host predicate metadata match criteria. The hosts in // the upstream cluster with matching metadata will be omitted while // attempting a retry of a failed request. The metadata should be specified // under the *envoy.lb* key. config.core.v3.Metadata metadata_match = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/retry/previous_priorities:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/previous_priorities_config.proto ================================================ syntax = "proto3"; package envoy.extensions.retry.priority.previous_priorities.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.retry.priority.previous_priorities.v3"; option java_outer_classname = "PreviousPrioritiesConfigProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Previous priorities retry selector] // A retry host selector that attempts to spread retries between priorities, even if certain // priorities would not normally be attempted due to higher priorities being available. // // As priorities get excluded, load will be distributed amongst the remaining healthy priorities // based on the relative health of the priorities, matching how load is distributed during regular // host selection. For example, given priority healths of {100, 50, 50}, the original load will be // {100, 0, 0} (since P0 has capacity to handle 100% of the traffic). If P0 is excluded, the load // changes to {0, 50, 50}, because P1 is only able to handle 50% of the traffic, causing the // remaining to spill over to P2. // // Each priority attempted will be excluded until there are no healthy priorities left, at which // point the list of attempted priorities will be reset, essentially starting from the beginning. // For example, given three priorities P0, P1, P2 with healthy % of 100, 0 and 50 respectively, the // following sequence of priorities would be selected (assuming update_frequency = 1): // Attempt 1: P0 (P0 is 100% healthy) // Attempt 2: P2 (P0 already attempted, P2 only healthy priority) // Attempt 3: P0 (no healthy priorities, reset) // Attempt 4: P2 // // In the case of all upstream hosts being unhealthy, no adjustments will be made to the original // priority load, so behavior should be identical to not using this plugin. // // Using this PriorityFilter requires rebuilding the priority load, which runs in O(# of // priorities), which might incur significant overhead for clusters with many priorities. // [#extension: envoy.retry_priorities.previous_priorities] message PreviousPrioritiesConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.retry.previous_priorities.PreviousPrioritiesConfig"; // How often the priority load should be updated based on previously attempted priorities. Useful // to allow each priorities to receive more than one request before being excluded or to reduce // the number of times that the priority load has to be recomputed. // // For example, by setting this to 2, then the first two attempts (initial attempt and first // retry) will use the unmodified priority load. The third and fourth attempt will use priority // load which excludes the priorities routed to with the first two attempts, and the fifth and // sixth attempt will use the priority load excluding the priorities used for the first four // attempts. // // Must be greater than 0. int32 update_frequency = 1 [(validate.rules).int32 = {gt: 0}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/stat_sinks/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/wasm/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/stat_sinks/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.stat_sinks.wasm.v3; import "envoy/extensions/wasm/v3/wasm.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.stat_sinks.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // Wasm :ref:`configuration overview `. // [#extension: envoy.stat_sinks.wasm] message Wasm { // General Plugin configuration. envoy.extensions.wasm.v3.PluginConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/datadog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/datadog/v4alpha/datadog.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.datadog.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.datadog.v4alpha"; option java_outer_classname = "DatadogProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Datadog tracer] // Configuration for the Datadog tracer. // [#extension: envoy.tracers.datadog] message DatadogConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.DatadogConfig"; // The cluster to use for submitting traces to the Datadog agent. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The name used for the service when traces are generated by envoy. string service_name = 2 [(validate.rules).string = {min_len: 1}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/dynamic_ot/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/dynamic_ot/v4alpha/dynamic_ot.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.dynamic_ot.v4alpha; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.dynamic_ot.v4alpha"; option java_outer_classname = "DynamicOtProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dynamically loadable OpenTracing tracer] // DynamicOtConfig is used to dynamically load a tracer from a shared library // that implements the `OpenTracing dynamic loading API // `_. // [#extension: envoy.tracers.dynamic_ot] message DynamicOtConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.DynamicOtConfig"; // Dynamic library implementing the `OpenTracing API // `_. string library = 1 [(validate.rules).string = {min_len: 1}]; // The configuration to use when creating a tracer from the given dynamic // library. google.protobuf.Struct config = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/lightstep/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/lightstep/v4alpha/lightstep.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.lightstep.v4alpha; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.lightstep.v4alpha"; option java_outer_classname = "LightstepProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: LightStep tracer] // Configuration for the LightStep tracer. // [#extension: envoy.tracers.lightstep] message LightstepConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.LightstepConfig"; // Available propagation modes enum PropagationMode { // Propagate trace context in the single header x-ot-span-context. ENVOY = 0; // Propagate trace context using LightStep's native format. LIGHTSTEP = 1; // Propagate trace context using the b3 format. B3 = 2; // Propagation trace context using the w3 trace-context standard. TRACE_CONTEXT = 3; } // The cluster manager cluster that hosts the LightStep collectors. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // File containing the access token to the `LightStep // `_ API. string access_token_file = 2 [(validate.rules).string = {min_len: 1}]; // Propagation modes to use by LightStep's tracer. repeated PropagationMode propagation_modes = 3 [(validate.rules).repeated = {items {enum {defined_only: true}}}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/opencensus/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_config_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/opencensus/v4alpha/opencensus.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.opencensus.v4alpha; import "envoy/config/core/v4alpha/grpc_service.proto"; import "opencensus/proto/trace/v1/trace_config.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.opencensus.v4alpha"; option java_outer_classname = "OpencensusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: OpenCensus tracer] // Configuration for the OpenCensus tracer. // [#next-free-field: 15] // [#extension: envoy.tracers.opencensus] message OpenCensusConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.OpenCensusConfig"; enum TraceContext { // No-op default, no trace context is utilized. NONE = 0; // W3C Trace-Context format "traceparent:" header. TRACE_CONTEXT = 1; // Binary "grpc-trace-bin:" header. GRPC_TRACE_BIN = 2; // "X-Cloud-Trace-Context:" header. CLOUD_TRACE_CONTEXT = 3; // X-B3-* headers. B3 = 4; } reserved 7; // Configures tracing, e.g. the sampler, max number of annotations, etc. .opencensus.proto.trace.v1.TraceConfig trace_config = 1; // Enables the stdout exporter if set to true. This is intended for debugging // purposes. bool stdout_exporter_enabled = 2; // Enables the Stackdriver exporter if set to true. The project_id must also // be set. bool stackdriver_exporter_enabled = 3; // The Cloud project_id to use for Stackdriver tracing. string stackdriver_project_id = 4; // (optional) By default, the Stackdriver exporter will connect to production // Stackdriver. If stackdriver_address is non-empty, it will instead connect // to this address, which is in the gRPC format: // https://github.com/grpc/grpc/blob/master/doc/naming.md string stackdriver_address = 10; // (optional) The gRPC server that hosts Stackdriver tracing service. Only // Google gRPC is supported. If :ref:`target_uri ` // is not provided, the default production Stackdriver address will be used. config.core.v4alpha.GrpcService stackdriver_grpc_service = 13; // Enables the Zipkin exporter if set to true. The url and service name must // also be set. bool zipkin_exporter_enabled = 5; // The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans" string zipkin_url = 6; // Enables the OpenCensus Agent exporter if set to true. The ocagent_address or // ocagent_grpc_service must also be set. bool ocagent_exporter_enabled = 11; // The address of the OpenCensus Agent, if its exporter is enabled, in gRPC // format: https://github.com/grpc/grpc/blob/master/doc/naming.md // [#comment:TODO: deprecate this field] string ocagent_address = 12; // (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported. // This is only used if the ocagent_address is left empty. config.core.v4alpha.GrpcService ocagent_grpc_service = 14; // List of incoming trace context headers we will accept. First one found // wins. repeated TraceContext incoming_trace_context = 8; // List of outgoing trace context headers we will produce. repeated TraceContext outgoing_trace_context = 9; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/xray/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/xray/v4alpha/xray.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.xray.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.xray.v4alpha"; option java_outer_classname = "XrayProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: AWS X-Ray Tracer Configuration] // Configuration for AWS X-Ray tracer message XRayConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.XRayConfig"; message SegmentFields { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.XRayConfig.SegmentFields"; // The type of AWS resource, e.g. "AWS::AppMesh::Proxy". string origin = 1; // AWS resource metadata dictionary. // See: `X-Ray Segment Document documentation `__ google.protobuf.Struct aws = 2; } // The UDP endpoint of the X-Ray Daemon where the spans will be sent. // If this value is not set, the default value of 127.0.0.1:2000 will be used. config.core.v4alpha.SocketAddress daemon_endpoint = 1; // The name of the X-Ray segment. string segment_name = 2 [(validate.rules).string = {min_len: 1}]; // The location of a local custom sampling rules JSON file. // For an example of the sampling rules see: // `X-Ray SDK documentation // `_ config.core.v4alpha.DataSource sampling_rule_manifest = 3; // Optional custom fields to be added to each trace segment. // see: `X-Ray Segment Document documentation // `__ SegmentFields segment_fields = 4; } ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/zipkin/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/tracers/zipkin/v4alpha/zipkin.proto ================================================ syntax = "proto3"; package envoy.extensions.tracers.zipkin.v4alpha; import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.tracers.zipkin.v4alpha"; option java_outer_classname = "ZipkinProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Zipkin tracer] // Configuration for the Zipkin tracer. // [#extension: envoy.tracers.zipkin] // [#next-free-field: 6] message ZipkinConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.trace.v3.ZipkinConfig"; // Available Zipkin collector endpoint versions. enum CollectorEndpointVersion { // Zipkin API v1, JSON over HTTP. // [#comment: The default implementation of Zipkin client before this field is added was only v1 // and the way user configure this was by not explicitly specifying the version. Consequently, // before this is added, the corresponding Zipkin collector expected to receive v1 payload. // Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when // user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, // since in Zipkin realm this v1 version is considered to be not preferable anymore.] hidden_envoy_deprecated_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true, (envoy.annotations.disallowed_by_default_enum) = true]; // Zipkin API v2, JSON over HTTP. HTTP_JSON = 1; // Zipkin API v2, protobuf over HTTP. HTTP_PROTO = 2; // [#not-implemented-hide:] GRPC = 3; } // The cluster manager cluster that hosts the Zipkin collectors. Note that the // Zipkin cluster must be defined in the :ref:`Bootstrap static cluster // resources `. string collector_cluster = 1 [(validate.rules).string = {min_len: 1}]; // The API endpoint of the Zipkin service where the spans will be sent. When // using a standard Zipkin installation, the API endpoint is typically // /api/v1/spans, which is the default value. string collector_endpoint = 2 [(validate.rules).string = {min_len: 1}]; // Determines whether a 128bit trace id will be used when creating a new // trace instance. The default value is false, which will result in a 64 bit trace id being used. bool trace_id_128bit = 3; // Determines whether client and server spans will share the same span context. // The default value is true. google.protobuf.BoolValue shared_span_context = 4; // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/alts/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/transport_socket/alts/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/alts/v3/alts.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.alts.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.alts.v3"; option java_outer_classname = "AltsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: ALTS] // [#extension: envoy.transport_sockets.alts] // Configuration for ALTS transport socket. This provides Google's ALTS protocol to Envoy. // https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/ message Alts { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.alts.v2alpha.Alts"; // The location of a handshaker service, this is usually 169.254.169.254:8080 // on GCE. string handshaker_service = 1 [(validate.rules).string = {min_len: 1}]; // The acceptable service accounts from peer, peers not in the list will be rejected in the // handshake validation step. If empty, no validation will be performed. repeated string peer_service_accounts = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/proxy_protocol/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.proxy_protocol.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/proxy_protocol.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.proxy_protocol.v3"; option java_outer_classname = "UpstreamProxyProtocolProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Upstream Proxy Protocol] // [#extension: envoy.transport_sockets.upstream_proxy_protocol] // Configuration for PROXY protocol socket message ProxyProtocolUpstreamTransport { // The PROXY protocol settings config.core.v3.ProxyProtocolConfig config = 1; // The underlying transport socket being wrapped. config.core.v3.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/quic/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/transport_sockets/tls/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/quic/v3/quic_transport.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.quic.v3; import "envoy/extensions/transport_sockets/tls/v3/tls.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.quic.v3"; option java_outer_classname = "QuicTransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: quic transport] // [#extension: envoy.transport_sockets.quic] // Configuration for Downstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicDownstreamTransport { tls.v3.DownstreamTlsContext downstream_tls_context = 1 [(validate.rules).message = {required: true}]; } // Configuration for Upstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicUpstreamTransport { tls.v3.UpstreamTlsContext upstream_tls_context = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/quic/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/extensions/transport_sockets/quic/v3:pkg", "//envoy/extensions/transport_sockets/tls/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/quic/v4alpha/quic_transport.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.quic.v4alpha; import "envoy/extensions/transport_sockets/tls/v4alpha/tls.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.quic.v4alpha"; option java_outer_classname = "QuicTransportProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: quic transport] // [#extension: envoy.transport_sockets.quic] // Configuration for Downstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicDownstreamTransport { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport"; tls.v4alpha.DownstreamTlsContext downstream_tls_context = 1 [(validate.rules).message = {required: true}]; } // Configuration for Upstream QUIC transport socket. This provides Google's implementation of Google QUIC and IETF QUIC to Envoy. message QuicUpstreamTransport { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.quic.v3.QuicUpstreamTransport"; tls.v4alpha.UpstreamTlsContext upstream_tls_context = 1 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/transport_socket/raw_buffer/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/raw_buffer.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.raw_buffer.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.raw_buffer.v3"; option java_outer_classname = "RawBufferProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Raw Buffer] // [#extension: envoy.transport_sockets.raw_buffer] // Configuration for raw buffer transport socket. message RawBuffer { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.raw_buffer.v2.RawBuffer"; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/extensions/common/tap/v3/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.transport_socket.tap.v2alpha.Tap"; // Common configuration for the tap transport socket. common.tap.v3.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. config.core.v3.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/common/tap/v4alpha:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tap.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/extensions/common/tap/v4alpha/common.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap] // [#extension: envoy.transport_sockets.tap] // Configuration for tap transport socket. This wraps another transport socket, providing the // ability to interpose and record in plain text any traffic that is surfaced to Envoy. message Tap { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tap.v3.Tap"; // Common configuration for the tap transport socket. common.tap.v4alpha.CommonExtensionConfig common_config = 1 [(validate.rules).message = {required: true}]; // The underlying transport socket being wrapped. config.core.v4alpha.TransportSocket transport_socket = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/api/v2/auth:pkg", "//envoy/config/core/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/cert.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "udpa/annotations/status.proto"; import public "envoy/extensions/transport_sockets/tls/v3/common.proto"; import public "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import public "envoy/extensions/transport_sockets/tls/v3/tls.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "CertProto"; option java_multiple_files = true; ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/common.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common TLS configuration] message TlsParameters { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsParameters"; enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.PrivateKeyProvider"; // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_len: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; google.protobuf.Struct hidden_envoy_deprecated_config = 2 [deprecated = true, (udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsCertificate"; // The TLS certificate chain. config.core.v3.DataSource certificate_chain = 1; // The TLS private key. config.core.v3.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. config.core.v3.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // The OCSP response to be stapled with this certificate during the handshake. // The response must be DER-encoded and may only be provided via ``filename`` or // ``inline_bytes``. The response may pertain to only one certificate. config.core.v3.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated config.core.v3.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.TlsSessionTicketKeys"; // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated config.core.v3.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CertificateValidationContext"; // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } reserved 5; // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. Note // that if a CRL is provided for any certificate authority in a trust chain, a CRL must be // provided for all certificate authorities in that chain. Failure to do so will result in // verification failure for both revoked and unrevoked certificates from that chain. // // See :ref:`the TLS overview ` for a list of common // system CA locations. config.core.v3.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_len: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_len: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.v3.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. Note that if a CRL is provided // for any certificate authority in a trust chain, a CRL must be provided // for all certificate authorities in that chain. Failure to do so will // result in verification failure for both revoked and unrevoked certificates // from that chain. config.core.v3.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; repeated string hidden_envoy_deprecated_verify_subject_alt_name = 4 [deprecated = true]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/secret.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/extensions/transport_sockets/tls/v3/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Secrets configuration] message GenericSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.GenericSecret"; // Secret of generic type and is available to filters. config.core.v3.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.SdsSecretConfig"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Resource locator for SDS. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator sds_resource_locator = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; config.core.v3.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.Secret"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/tls.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v3; import "envoy/config/core/v3/extension.proto"; import "envoy/extensions/transport_sockets/tls/v3/common.proto"; import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v3"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.UpstreamTlsContext"; // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 9] message DownstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.DownstreamTlsContext"; enum OcspStaplePolicy { // OCSP responses are optional. If an OCSP response is absent // or expired, the associated certificate will be used for // connections without an OCSP staple. LENIENT_STAPLING = 0; // OCSP responses are optional. If an OCSP response is absent, // the associated certificate will be used without an // OCSP staple. If a response is provided but is expired, // the associated certificate will not be used for // subsequent connections. If no suitable certificate is found, // the connection is rejected. STRICT_STAPLING = 1; // OCSP responses are required. Configuration will fail if // a certificate is provided without an OCSP response. If a // response expires, the associated certificate will not be // used connections. If no suitable certificate is found, the // connection is rejected. MUST_STAPLE = 2; } // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; // Config for whether to use certificates if they do not have // an accompanying OCSP response or if the response expires at runtime. // Defaults to LENIENT_STAPLING OcspStaplePolicy ocsp_staple_policy = 8 [(validate.rules).enum = {defined_only: true}]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 14] message CommonTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CommonTlsContext"; // Config for Certificate provider to get certificates. This provider should allow certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. message CertificateProvider { // opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "TLS" to specify a new tls-certificate. string name = 1 [(validate.rules).string = {min_len: 1}]; // Provider specific config. // Note: an implementation is expected to dedup multiple instances of the same config // to maintain a single certificate-provider instance. The sharing can happen, for // example, among multiple clusters or between the tls_certificate and validation_context // certificate providers of a cluster. // This config could be supplied inline or (in future) a named xDS resource. oneof config { option (validate.required) = true; config.core.v3.TypedExtensionConfig typed_config = 2; } } // Similar to CertificateProvider above, but allows the provider instances to be configured on // the client side instead of being sent from the control plane. message CertificateProviderInstance { // Provider instance name. This name must be defined in the client's configuration (e.g., a // bootstrap file) to correspond to a provider instance (i.e., the same data in the typed_config // field that would be sent in the CertificateProvider message if the config was sent by the // control plane). If not present, defaults to "default". // // Instance names should generally be defined not in terms of the underlying provider // implementation (e.g., "file_watcher") but rather in terms of the function of the // certificates (e.g., "foo_deployment_identity"). string instance_name = 1; // Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "example.com" to specify a certificate for a // particular domain. Not all provider instances will actually use this field, so the value // defaults to the empty string. string certificate_name = 2; } message CombinedCertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext"; // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. SdsSecretConfig validation_context_sds_secret_config = 2 [ (validate.rules).message = {required: true}, (udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context" ]; // Certificate provider for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 3 [(udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context"]; // Certificate provider instance for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 4 [(udpa.annotations.field_migrate).oneof_promotion = "dynamic_validation_context"]; } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] CertificateProvider tls_certificate_certificate_provider = 9; // Certificate provider instance for fetching TLS certificates. // [#not-implemented-hide:] CertificateProviderInstance tls_certificate_certificate_provider_instance = 11; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; // Certificate provider for fetching validation context. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 10; // Certificate provider instance for fetching validation context. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 12; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; // Custom TLS handshaker. If empty, defaults to native TLS handshaking // behavior. config.core.v3.TypedExtensionConfig custom_handshaker = 13; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/common.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/any.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common TLS configuration] message TlsParameters { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsParameters"; enum TlsProtocol { // Envoy will choose the optimal TLS version. TLS_AUTO = 0; // TLS 1.0 TLSv1_0 = 1; // TLS 1.1 TLSv1_1 = 2; // TLS 1.2 TLSv1_2 = 3; // TLS 1.3 TLSv1_3 = 4; } // Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for // servers. TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}]; // Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for // servers. TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}]; // If specified, the TLS listener will only support the specified `cipher list // `_ // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not // specified, the default list will be used. // // In non-FIPS builds, the default cipher list is: // // .. code-block:: none // // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA // // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: // // .. code-block:: none // // ECDHE-ECDSA-AES128-GCM-SHA256 // ECDHE-RSA-AES128-GCM-SHA256 // ECDHE-ECDSA-AES128-SHA // ECDHE-RSA-AES128-SHA // AES128-GCM-SHA256 // AES128-SHA // ECDHE-ECDSA-AES256-GCM-SHA384 // ECDHE-RSA-AES256-GCM-SHA384 // ECDHE-ECDSA-AES256-SHA // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH // curves. If not specified, the default curves will be used. // // In non-FIPS builds, the default curves are: // // .. code-block:: none // // X25519 // P-256 // // In builds using :ref:`BoringSSL FIPS `, the default curve is: // // .. code-block:: none // // P-256 repeated string ecdh_curves = 4; } // BoringSSL private key method configuration. The private key methods are used for external // (potentially asynchronous) signing and decryption operations. Some use cases for private key // methods would be TPM support and TLS acceleration. message PrivateKeyProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.PrivateKeyProvider"; reserved 2; reserved "config"; // Private key method provider name. The name must match a // supported private key method provider type. string provider_name = 1 [(validate.rules).string = {min_len: 1}]; // Private key method provider specific configuration. oneof config_type { google.protobuf.Any typed_config = 3 [(udpa.annotations.sensitive) = true]; } } // [#next-free-field: 7] message TlsCertificate { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsCertificate"; // The TLS certificate chain. config.core.v4alpha.DataSource certificate_chain = 1; // The TLS private key. config.core.v4alpha.DataSource private_key = 2 [(udpa.annotations.sensitive) = true]; // BoringSSL private key method provider. This is an alternative to :ref:`private_key // ` field. This can't be // marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key // ` and // :ref:`private_key_provider // ` fields will result in an // error. PrivateKeyProvider private_key_provider = 6; // The password to decrypt the TLS private key. If this field is not set, it is assumed that the // TLS private key is not password encrypted. config.core.v4alpha.DataSource password = 3 [(udpa.annotations.sensitive) = true]; // The OCSP response to be stapled with this certificate during the handshake. // The response must be DER-encoded and may only be provided via ``filename`` or // ``inline_bytes``. The response may pertain to only one certificate. config.core.v4alpha.DataSource ocsp_staple = 4; // [#not-implemented-hide:] repeated config.core.v4alpha.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys"; // Keys for encrypting and decrypting TLS session tickets. The // first key in the array contains the key to encrypt all new sessions created by this context. // All keys are candidates for decrypting received tickets. This allows for easy rotation of keys // by, for example, putting the new key first, and the previous key second. // // If :ref:`session_ticket_keys ` // is not specified, the TLS library will still support resuming sessions via tickets, but it will // use an internally-generated and managed key, so sessions cannot be resumed across hot restarts // or on different hosts. // // Each key must contain exactly 80 bytes of cryptographically-secure random data. For // example, the output of ``openssl rand 80``. // // .. attention:: // // Using this feature has serious security considerations and risks. Improper handling of keys // may result in loss of secrecy in connections, even if ciphers supporting perfect forward // secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some // discussion. To minimize the risk, you must: // // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source repeated config.core.v4alpha.DataSource keys = 1 [(validate.rules).repeated = {min_items: 1}, (udpa.annotations.sensitive) = true]; } // [#next-free-field: 11] message CertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext"; // Peer certificate verification mode. enum TrustChainVerification { // Perform default certificate verification (e.g., against CA / verification lists) VERIFY_TRUST_CHAIN = 0; // Connections where the certificate fails verification will be permitted. // For HTTP connections, the result of certificate verification can be used in route matching. ( // see :ref:`validated ` ). ACCEPT_UNTRUSTED = 1; } reserved 4, 5; reserved "verify_subject_alt_name"; // TLS certificate data containing certificate authority certificates to use in verifying // a presented peer certificate (e.g. server certificate for clusters or client certificate // for listeners). If not specified and a peer certificate is presented it will not be // verified. By default, a client certificate is optional, unless one of the additional // options (:ref:`require_client_certificate // `, // :ref:`verify_certificate_spki // `, // :ref:`verify_certificate_hash // `, or // :ref:`match_subject_alt_names // `) is also // specified. // // It can optionally contain certificate revocation lists, in which case Envoy will verify // that the presented peer certificate has not been revoked by one of the included CRLs. Note // that if a CRL is provided for any certificate authority in a trust chain, a CRL must be // provided for all certificate authorities in that chain. Failure to do so will result in // verification failure for both revoked and unrevoked certificates from that chain. // // See :ref:`the TLS overview ` for a list of common // system CA locations. config.core.v4alpha.DataSource trusted_ca = 1; // An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the // SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate // matches one of the specified values. // // A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -pubkey // | openssl pkey -pubin -outform DER // | openssl dgst -sha256 -binary // | openssl enc -base64 // NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A= // // This is the format used in HTTP Public Key Pinning. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. // // .. attention:: // // This option is preferred over :ref:`verify_certificate_hash // `, // because SPKI is tied to a private key, so it doesn't change when the certificate // is renewed using the same private key. repeated string verify_certificate_spki = 3 [(validate.rules).repeated = {items {string {min_len: 44 max_bytes: 44}}}]; // An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that // the SHA-256 of the DER-encoded presented certificate matches one of the specified values. // // A hex-encoded SHA-256 of the certificate can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2 // df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a // // A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate // can be generated with the following command: // // .. code-block:: bash // // $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2 // DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A // // Both of those formats are acceptable. // // When both: // :ref:`verify_certificate_hash // ` and // :ref:`verify_certificate_spki // ` are specified, // a hash matching value from either of the lists will result in the certificate being accepted. repeated string verify_certificate_hash = 2 [(validate.rules).repeated = {items {string {min_len: 64 max_bytes: 95}}}]; // An optional list of Subject Alternative name matchers. Envoy will verify that the // Subject Alternative Name of the presented certificate matches one of the specified matches. // // When a certificate has wildcard DNS SAN entries, to match a specific client, it should be // configured with exact match type in the :ref:`string matcher `. // For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com", // it should be configured as shown below. // // .. code-block:: yaml // // match_subject_alt_names: // exact: "api.example.com" // // .. attention:: // // Subject Alternative Names are easily spoofable and verifying only them is insecure, // therefore this option must be used together with :ref:`trusted_ca // `. repeated type.matcher.v4alpha.StringMatcher match_subject_alt_names = 9; // [#not-implemented-hide:] Must present signed certificate time-stamp. google.protobuf.BoolValue require_signed_certificate_timestamp = 6; // An optional `certificate revocation list // `_ // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. Note that if a CRL is provided // for any certificate authority in a trust chain, a CRL must be provided // for all certificate authorities in that chain. Failure to do so will // result in verification failure for both revoked and unrevoked certificates // from that chain. config.core.v4alpha.DataSource crl = 7; // If specified, Envoy will not reject expired certificates. bool allow_expired_certificate = 8; // Certificate trust chain verification mode. TrustChainVerification trust_chain_verification = 10 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/secret.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/common.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/annotations/sensitive.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "SecretProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Secrets configuration] message GenericSecret { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.GenericSecret"; // Secret of generic type and is available to filters. config.core.v4alpha.DataSource secret = 1 [(udpa.annotations.sensitive) = true]; } message SdsSecretConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig"; oneof name_specifier { // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. // When both name and config are specified, then secret can be fetched and/or reloaded via // SDS. When only name is specified, then secret will be loaded from static resources. string name = 1; // Resource locator for SDS. This is mutually exclusive to *name*. // [#not-implemented-hide:] udpa.core.v1.ResourceLocator sds_resource_locator = 3; } config.core.v4alpha.ConfigSource sds_config = 2; } // [#next-free-field: 6] message Secret { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.Secret"; // Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. string name = 1; oneof type { TlsCertificate tls_certificate = 2; TlsSessionTicketKeys session_ticket_keys = 3; CertificateValidationContext validation_context = 4; GenericSecret generic_secret = 5; } } ================================================ FILE: generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto ================================================ syntax = "proto3"; package envoy.extensions.transport_sockets.tls.v4alpha; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/common.proto"; import "envoy/extensions/transport_sockets/tls/v4alpha/secret.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha"; option java_outer_classname = "TlsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: TLS transport socket] // [#extension: envoy.transport_sockets.tls] // The TLS contexts below provide the transport socket configuration for upstream/downstream TLS. message UpstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext"; // Common TLS context settings. // // .. attention:: // // Server certificate verification is not enabled by default. Configure // :ref:`trusted_ca` to enable // verification. CommonTlsContext common_tls_context = 1; // SNI string to use when creating TLS backend connections. string sni = 2 [(validate.rules).string = {max_bytes: 255}]; // If true, server-initiated TLS renegotiation will be allowed. // // .. attention:: // // TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary. bool allow_renegotiation = 3; // Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets // for TLSv1.2 and older) to store for the purpose of session resumption. // // Defaults to 1, setting this to 0 disables session resumption. google.protobuf.UInt32Value max_session_keys = 4; } // [#next-free-field: 9] message DownstreamTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext"; enum OcspStaplePolicy { // OCSP responses are optional. If an OCSP response is absent // or expired, the associated certificate will be used for // connections without an OCSP staple. LENIENT_STAPLING = 0; // OCSP responses are optional. If an OCSP response is absent, // the associated certificate will be used without an // OCSP staple. If a response is provided but is expired, // the associated certificate will not be used for // subsequent connections. If no suitable certificate is found, // the connection is rejected. STRICT_STAPLING = 1; // OCSP responses are required. Configuration will fail if // a certificate is provided without an OCSP response. If a // response expires, the associated certificate will not be // used connections. If no suitable certificate is found, the // connection is rejected. MUST_STAPLE = 2; } // Common TLS context settings. CommonTlsContext common_tls_context = 1; // If specified, Envoy will reject connections without a valid client // certificate. google.protobuf.BoolValue require_client_certificate = 2; // If specified, Envoy will reject connections without a valid and matching SNI. // [#not-implemented-hide:] google.protobuf.BoolValue require_sni = 3; oneof session_ticket_keys_type { // TLS session ticket key settings. TlsSessionTicketKeys session_ticket_keys = 4; // Config for fetching TLS session ticket keys via SDS API. SdsSecretConfig session_ticket_keys_sds_secret_config = 5; // Config for controlling stateless TLS session resumption: setting this to true will cause the TLS // server to not issue TLS session tickets for the purposes of stateless TLS session resumption. // If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using // the keys specified through either :ref:`session_ticket_keys ` // or :ref:`session_ticket_keys_sds_secret_config `. // If this config is set to false and no keys are explicitly configured, the TLS server will issue // TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the // implication that sessions cannot be resumed across hot restarts or on different hosts. bool disable_stateless_session_resumption = 7; } // If specified, session_timeout will change maximum lifetime (in seconds) of TLS session // Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) // ` // only seconds could be specified (fractional seconds are going to be ignored). google.protobuf.Duration session_timeout = 6 [(validate.rules).duration = { lt {seconds: 4294967296} gte {} }]; // Config for whether to use certificates if they do not have // an accompanying OCSP response or if the response expires at runtime. // Defaults to LENIENT_STAPLING OcspStaplePolicy ocsp_staple_policy = 8 [(validate.rules).enum = {defined_only: true}]; } // TLS context shared by both client and server TLS contexts. // [#next-free-field: 14] message CommonTlsContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext"; // Config for Certificate provider to get certificates. This provider should allow certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. message CertificateProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider"; // opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "TLS" to specify a new tls-certificate. string name = 1 [(validate.rules).string = {min_len: 1}]; // Provider specific config. // Note: an implementation is expected to dedup multiple instances of the same config // to maintain a single certificate-provider instance. The sharing can happen, for // example, among multiple clusters or between the tls_certificate and validation_context // certificate providers of a cluster. // This config could be supplied inline or (in future) a named xDS resource. oneof config { option (validate.required) = true; config.core.v4alpha.TypedExtensionConfig typed_config = 2; } } // Similar to CertificateProvider above, but allows the provider instances to be configured on // the client side instead of being sent from the control plane. message CertificateProviderInstance { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance"; // Provider instance name. This name must be defined in the client's configuration (e.g., a // bootstrap file) to correspond to a provider instance (i.e., the same data in the typed_config // field that would be sent in the CertificateProvider message if the config was sent by the // control plane). If not present, defaults to "default". // // Instance names should generally be defined not in terms of the underlying provider // implementation (e.g., "file_watcher") but rather in terms of the function of the // certificates (e.g., "foo_deployment_identity"). string instance_name = 1; // Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify // a root-certificate (validation context) or "example.com" to specify a certificate for a // particular domain. Not all provider instances will actually use this field, so the value // defaults to the empty string. string certificate_name = 2; } message CombinedCertificateValidationContext { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.transport_sockets.tls.v3.CommonTlsContext." "CombinedCertificateValidationContext"; // How to validate peer certificates. CertificateValidationContext default_validation_context = 1 [(validate.rules).message = {required: true}]; oneof dynamic_validation_context { // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. SdsSecretConfig validation_context_sds_secret_config = 2 [(validate.rules).message = {required: true}]; // Certificate provider for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 3; // Certificate provider instance for fetching validation context. // Only one of validation_context_sds_secret_config, validation_context_certificate_provider, // or validation_context_certificate_provider_instance may be used. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 4; } } reserved 5; // TLS protocol versions, cipher suites etc. TlsParameters tls_params = 1; // :ref:`Multiple TLS certificates ` can be associated with the // same context to allow both RSA and ECDSA certificates. // // Only a single TLS certificate is supported in client contexts. In server contexts, the first // RSA certificate is used for clients that only support RSA and the first ECDSA certificate is // used for clients that support ECDSA. repeated TlsCertificate tls_certificates = 2; // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(validate.rules).repeated = {max_items: 1}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] CertificateProvider tls_certificate_certificate_provider = 9; // Certificate provider instance for fetching TLS certificates. // [#not-implemented-hide:] CertificateProviderInstance tls_certificate_certificate_provider_instance = 11; oneof validation_context_type { // How to validate peer certificates. CertificateValidationContext validation_context = 3; // Config for fetching validation context via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. SdsSecretConfig validation_context_sds_secret_config = 7; // Combined certificate validation context holds a default CertificateValidationContext // and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic // and default CertificateValidationContext are merged into a new CertificateValidationContext // for validation. This merge is done by Message::MergeFrom(), so dynamic // CertificateValidationContext overwrites singular fields in default // CertificateValidationContext, and concatenates repeated fields to default // CertificateValidationContext, and logical OR is applied to boolean fields. CombinedCertificateValidationContext combined_validation_context = 8; // Certificate provider for fetching validation context. // [#not-implemented-hide:] CertificateProvider validation_context_certificate_provider = 10; // Certificate provider instance for fetching validation context. // [#not-implemented-hide:] CertificateProviderInstance validation_context_certificate_provider_instance = 12; } // Supplies the list of ALPN protocols that the listener should expose. In // practice this is likely to be set to one of two values (see the // :ref:`codec_type // ` // parameter in the HTTP connection manager for more information): // // * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1. // * "http/1.1" If the listener is only going to support HTTP/1.1. // // There is no default for this parameter. If empty, Envoy will not expose ALPN. repeated string alpn_protocols = 4; // Custom TLS handshaker. If empty, defaults to native TLS handshaking // behavior. config.core.v4alpha.TypedExtensionConfig custom_handshaker = 13; } ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/generic/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/generic/v3/generic_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.generic.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.generic.v3"; option java_outer_classname = "GenericConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Generic Connection Pool] // A connection pool which forwards downstream HTTP as TCP or HTTP to upstream, // based on CONNECT configuration. // [#extension: envoy.upstreams.http.generic] message GenericConnectionPoolProto { } ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/http/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/http/v3/http_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.http.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.http.v3"; option java_outer_classname = "HttpConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Http Connection Pool] // A connection pool which forwards downstream HTTP as HTTP to upstream. // [#extension: envoy.upstreams.http.http] message HttpConnectionPoolProto { } ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/tcp/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/upstreams/http/tcp/v3/tcp_connection_pool.proto ================================================ syntax = "proto3"; package envoy.extensions.upstreams.http.tcp.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.tcp.v3"; option java_outer_classname = "TcpConnectionPoolProtoOuterClass"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tcp Connection Pool] // A connection pool which forwards downstream HTTP as TCP to upstream, // [#extension: envoy.upstreams.http.tcp] message TcpConnectionPoolProto { } ================================================ FILE: generated_api_shadow/envoy/extensions/wasm/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/extensions/wasm/v3/wasm.proto ================================================ syntax = "proto3"; package envoy.extensions.wasm.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.wasm.v3"; option java_outer_classname = "WasmProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Wasm] // [#extension: envoy.bootstrap.wasm] // Configuration for a Wasm VM. // [#next-free-field: 7] message VmConfig { // An ID which will be used along with a hash of the wasm code (or the name of the registered Null // VM plugin) to determine which VM will be used for the plugin. All plugins which use the same // *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can // reduce memory utilization and make sharing of data easier which may have security implications. // See ref: "TODO: add ref" for details. string vm_id = 1; // The Wasm runtime type (either "v8" or "null" for code compiled into Envoy). string runtime = 2 [(validate.rules).string = {min_len: 1}]; // The Wasm code that Envoy will execute. config.core.v3.AsyncDataSource code = 3; // The Wasm configuration used in initialization of a new VM // (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. google.protobuf.Any configuration = 4; // Allow the wasm file to include pre-compiled code on VMs which support it. // Warning: this should only be enable for trusted sources as the precompiled code is not // verified. bool allow_precompiled = 5; // If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration // update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter // warming state. bool nack_on_code_cache_miss = 6; } // Base Configuration for Wasm Plugins e.g. filters and services. // [#next-free-field: 6] message PluginConfig { // A unique name for a filters/services in a VM for use in identifying the filter/service if // multiple filters/services are handled by the same *vm_id* and *root_id* and for // logging/debugging. string name = 1; // A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts // if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all // filters/services with a blank root_id with the same *vm_id* will share Context(s). string root_id = 2; // Configuration for finding or starting VM. oneof vm { VmConfig vm_config = 3; // TODO: add referential VM configurations. } // Filter/service configuration used to configure or reconfigure a plugin // (proxy_on_configuration). // `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. google.protobuf.Any configuration = 4; // If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false), // then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error, // or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false // during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial // startup the proxy will not start. bool fail_open = 5; } // WasmService is configured as a built-in *envoy.wasm_service* :ref:`WasmService // ` This opaque configuration will be used to create a Wasm Service. message WasmService { // General plugin configuration. PluginConfig config = 1; // If true, create a single VM rather than creating one VM per worker. Such a singleton can // not be used with filters. bool singleton = 2; } ================================================ FILE: generated_api_shadow/envoy/extensions/watchdog/abort_action/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/watchdog/abort_action/v3alpha/abort_action.proto ================================================ syntax = "proto3"; package envoy.extensions.watchdog.abort_action.v3alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.watchdog.abort_action.v3alpha"; option java_outer_classname = "AbortActionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Watchdog Action that sends a SIGABRT to kill the process.] // [#extension: envoy.watchdog.abort_action] // A GuardDogAction that will terminate the process by sending SIGABRT to the // stuck thread. This would allow easier access to the call stack of the stuck // thread since we would run signal handlers on that thread. This would be // more useful than the default watchdog kill behaviors since those PANIC // from the watchdog's thread. // This is currently only implemented for systems that support kill to send // signals. message AbortActionConfig { // How long to wait for the thread to respond to the SIGABRT before killing the // process from this action. This is a blocking action. google.protobuf.Duration wait_duration = 1; } ================================================ FILE: generated_api_shadow/envoy/extensions/watchdog/profile_action/v3alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/extensions/watchdog/profile_action/v3alpha/profile_action.proto ================================================ syntax = "proto3"; package envoy.extensions.watchdog.profile_action.v3alpha; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.watchdog.profile_action.v3alpha"; option java_outer_classname = "ProfileActionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).work_in_progress = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Watchdog Action that does CPU profiling.] // [#extension: envoy.watchdog.profile_action] // Configuration for the profile watchdog action. message ProfileActionConfig { // How long the profile should last. If not set defaults to 5 seconds. google.protobuf.Duration profile_duration = 1; // File path to the directory to output profiles. string profile_path = 2 [(validate.rules).string = {min_len: 1}]; // Limits the max number of profiles that can be generated by this action // over its lifetime to avoid filling the disk. // If not set (i.e. it's 0), a default of 10 will be used. uint64 max_profiles = 3; } ================================================ FILE: generated_api_shadow/envoy/service/README.md ================================================ Protocol buffer definitions for gRPC and REST services. Visibility should be constrained to none (default). ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/data/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v2/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v2; import "envoy/api/v2/core/base.proto"; import "envoy/data/accesslog/v2/accesslog.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v2"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { message Identifier { // The node sending the access log messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_bytes: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { repeated data.accesslog.v2.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { repeated data.accesslog.v2.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/service/accesslog/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v3/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/accesslog/v3/accesslog.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v3"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsResponse"; } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_len: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.HTTPAccessLogEntries"; repeated data.accesslog.v3.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v2.StreamAccessLogsMessage.TCPAccessLogEntries"; repeated data.accesslog.v3.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/accesslog/v3:pkg", "//envoy/service/accesslog/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/accesslog/v4alpha/als.proto ================================================ syntax = "proto3"; package envoy.service.accesslog.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/accesslog/v3/accesslog.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.accesslog.v4alpha"; option java_outer_classname = "AlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different // API for "critical" access logs in which Envoy will buffer access logs for some period of time // until it gets an ACK so it could then retry. This API is designed for high throughput with the // expectation that it might be lossy. rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { } } // Empty response for the StreamAccessLogs API. Will never be sent. See below. message StreamAccessLogsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsResponse"; } // Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream // access logs without ever expecting a response. message StreamAccessLogsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig // `. string log_name = 2 [(validate.rules).string = {min_len: 1}]; } // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.HTTPAccessLogEntries"; repeated data.accesslog.v3.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { option (udpa.annotations.versioning).previous_message_type = "envoy.service.accesslog.v3.StreamAccessLogsMessage.TCPAccessLogEntries"; repeated data.accesslog.v3.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated = {min_items: 1}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batches of log entries of a single type. Generally speaking, a given stream should only // ever include one type of log entry. oneof log_entries { option (validate.required) = true; HTTPAccessLogEntries http_logs = 2; TCPAccessLogEntries tcp_logs = 3; } } ================================================ FILE: generated_api_shadow/envoy/service/auth/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/auth/v2/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2; import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/core/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v2"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. api.v2.core.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 12] message HttpRequest { // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. api.v2.core.Metadata metadata_context = 11; } ================================================ FILE: generated_api_shadow/envoy/service/auth/v2/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2; import "envoy/api/v2/core/base.proto"; import "envoy/service/auth/v2/attribute_context.proto"; import "envoy/type/http_status.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v2"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated api.v2.core.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an ok response. message OkHttpResponse { // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated api.v2.core.HeaderValueOption headers = 2; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } } ================================================ FILE: generated_api_shadow/envoy/service/auth/v2alpha/BUILD ================================================ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. api_proto_package( has_services = True, deps = ["//envoy/service/auth/v2:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/service/auth/v2alpha/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v2alpha; option java_multiple_files = true; option java_generic_services = true; option java_outer_classname = "CertsProto"; option java_package = "io.envoyproxy.envoy.service.auth.v2alpha"; import "envoy/service/auth/v2/external_auth.proto"; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(v2.CheckRequest) returns (v2.CheckResponse); } ================================================ FILE: generated_api_shadow/envoy/service/auth/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/auth/v2:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/auth/v3/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v3; import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v3"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext"; // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.Peer"; // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. config.core.v3.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.Request"; // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 13] message HttpRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.AttributeContext.HttpRequest"; // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; // The HTTP request body in bytes. This is used instead of // :ref:`body ` when // :ref:`pack_as_bytes ` // is set to true. bytes raw_body = 12; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. config.core.v3.Metadata metadata_context = 11; } ================================================ FILE: generated_api_shadow/envoy/service/auth/v3/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v3; import "envoy/config/core/v3/base.proto"; import "envoy/service/auth/v3/attribute_context.proto"; import "envoy/type/v3/http_status.proto"; import "google/protobuf/struct.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v3"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.CheckRequest"; // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.DeniedHttpResponse"; // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.v3.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated config.core.v3.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an OK response. // [#next-free-field: 6] message OkHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.OkHttpResponse"; // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated config.core.v3.HeaderValueOption headers = 2; // HTTP entity headers to remove from the original request before dispatching // it to the upstream. This allows the authorization service to act on auth // related headers (like `Authorization`), process them, and consume them. // Under this model, the upstream will either receive the request (if it's // authorized) or not receive it (if it's not), but will not see headers // containing authorization credentials. // // Pseudo headers (such as `:authority`, `:method`, `:path` etc), as well as // the header `Host`, may not be removed as that would make the request // malformed. If mentioned in `headers_to_remove` these special headers will // be ignored. // // When using the HTTP service this must instead be set by the HTTP // authorization service as a comma separated list like so: // ``x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header``. repeated string headers_to_remove = 5; // This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata // `. Until it is removed, // setting this field overrides :ref:`CheckResponse.dynamic_metadata // `. google.protobuf.Struct dynamic_metadata = 3 [deprecated = true]; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v2.CheckResponse"; // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next // filter. This metadata lives in a namespace specified by the canonical name of extension filter // that requires it: // // - :ref:`envoy.filters.http.ext_authz ` for HTTP filter. // - :ref:`envoy.filters.network.ext_authz ` for network filter. google.protobuf.Struct dynamic_metadata = 4; } ================================================ FILE: generated_api_shadow/envoy/service/auth/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/auth/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/auth/v4alpha/attribute_context.proto ================================================ syntax = "proto3"; package envoy.service.auth.v4alpha; import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v4alpha"; option java_outer_classname = "AttributeContextProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Attribute Context ] // See :ref:`network filter configuration overview ` // and :ref:`HTTP filter configuration overview `. // An attribute is a piece of metadata that describes an activity on a network. // For example, the size of an HTTP request, or the status code of an HTTP response. // // Each attribute has a type and a name, which is logically defined as a proto message field // of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes // supported by Envoy authorization system. // [#comment: The following items are left out of this proto // Request.Auth field for jwt tokens // Request.Api for api management // Origin peer that originated the request // Caching Protocol // request_context return values to inject back into the filter chain // peer.claims -- from X.509 extensions // Configuration // - field mask to send // - which return values from request_context are copied back // - which return values are copied into request_headers] // [#next-free-field: 12] message AttributeContext { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext"; // This message defines attributes for a node that handles a network request. // The node can be either a service or an application that sends, forwards, // or receives the request. Service peers should fill in the `service`, // `principal`, and `labels` as appropriate. // [#next-free-field: 6] message Peer { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.Peer"; // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. config.core.v4alpha.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // ` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. string service = 2; // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. map labels = 3; // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` string principal = 4; // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. string certificate = 5; } // Represents a network request, such as an HTTP request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.Request"; // The timestamp when the proxy receives the first byte of the request. google.protobuf.Timestamp time = 1; // Represents an HTTP request or an HTTP-like request. HttpRequest http = 2; } // This message defines attributes for an HTTP request. // HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. // [#next-free-field: 13] message HttpRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.AttributeContext.HttpRequest"; // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. string id = 1; // The HTTP request method, such as `GET`, `POST`. string method = 2; // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. map headers = 3; // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. string path = 4; // The HTTP request `Host` or 'Authority` header value. string host = 5; // The HTTP URL scheme, such as `http` and `https`. string scheme = 6; // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in `path` field. string query = 7; // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. string fragment = 8; // The HTTP request size in bytes. If unknown, it must be -1. int64 size = 9; // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings ` for a list of all // possible values. string protocol = 10; // The HTTP request body. string body = 11; // The HTTP request body in bytes. This is used instead of // :ref:`body ` when // :ref:`pack_as_bytes ` // is set to true. bytes raw_body = 12; } // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Peer source = 1; // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Peer destination = 2; // Represents a network request, such as an HTTP request. Request request = 4; // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. map context_extensions = 10; // Dynamic metadata associated with the request. config.core.v4alpha.Metadata metadata_context = 11; } ================================================ FILE: generated_api_shadow/envoy/service/auth/v4alpha/external_auth.proto ================================================ syntax = "proto3"; package envoy.service.auth.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/service/auth/v4alpha/attribute_context.proto"; import "envoy/type/v3/http_status.proto"; import "google/protobuf/struct.proto"; import "google/rpc/status.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.auth.v4alpha"; option java_outer_classname = "ExternalAuthProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Authorization Service ] // The authorization service request messages used by external authorization :ref:`network filter // ` and :ref:`HTTP filter `. // A generic interface for performing authorization check on incoming // requests to a networked service. service Authorization { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. rpc Check(CheckRequest) returns (CheckResponse) { } } message CheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.CheckRequest"; // The request attributes. AttributeContext attributes = 1; } // HTTP attributes for a denied response. message DeniedHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.DeniedHttpResponse"; // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). type.v3.HttpStatus status = 1 [(validate.rules).message = {required: true}]; // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. repeated config.core.v4alpha.HeaderValueOption headers = 2; // This field allows the authorization service to send a response body data // to the downstream client. string body = 3; } // HTTP attributes for an OK response. // [#next-free-field: 6] message OkHttpResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.OkHttpResponse"; // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to // false when used in this message. By setting the `append` field to `true`, // the filter will append the correspondent header value to the matched request header. // By leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. repeated config.core.v4alpha.HeaderValueOption headers = 2; // HTTP entity headers to remove from the original request before dispatching // it to the upstream. This allows the authorization service to act on auth // related headers (like `Authorization`), process them, and consume them. // Under this model, the upstream will either receive the request (if it's // authorized) or not receive it (if it's not), but will not see headers // containing authorization credentials. // // Pseudo headers (such as `:authority`, `:method`, `:path` etc), as well as // the header `Host`, may not be removed as that would make the request // malformed. If mentioned in `headers_to_remove` these special headers will // be ignored. // // When using the HTTP service this must instead be set by the HTTP // authorization service as a comma separated list like so: // ``x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header``. repeated string headers_to_remove = 5; // This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata // `. Until it is removed, // setting this field overrides :ref:`CheckResponse.dynamic_metadata // `. google.protobuf.Struct hidden_envoy_deprecated_dynamic_metadata = 3 [deprecated = true]; } // Intended for gRPC and Network Authorization servers `only`. message CheckResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.auth.v3.CheckResponse"; // Status `OK` allows the request. Any other status indicates the request should be denied. google.rpc.Status status = 1; // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. oneof http_response { // Supplies http attributes for a denied response. DeniedHttpResponse denied_response = 2; // Supplies http attributes for an ok response. OkHttpResponse ok_response = 3; } // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next // filter. This metadata lives in a namespace specified by the canonical name of extension filter // that requires it: // // - :ref:`envoy.filters.http.ext_authz ` for HTTP filter. // - :ref:`envoy.filters.network.ext_authz ` for network filter. google.protobuf.Struct dynamic_metadata = 4; } ================================================ FILE: generated_api_shadow/envoy/service/cluster/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/cluster/v3/cds.proto ================================================ syntax = "proto3"; package envoy.service.cluster.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.cluster.v3"; option java_outer_classname = "CdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: CDS] // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.cluster.v3.Cluster"; rpc StreamClusters(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaClusters(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchClusters(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:clusters"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message CdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.CdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/discovery/v2/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaAggregatedResources(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v2/hds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/health_check.proto"; import "envoy/api/v2/endpoint/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.health.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v2/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { api.v2.core.Node node = 1; Capability capability = 2; } message EndpointHealth { api.v2.endpoint.Endpoint endpoint = 1; api.v2.core.HealthStatus health_status = 2; } message EndpointHealthResponse { repeated EndpointHealth endpoints_health = 1; } message HealthCheckRequestOrEndpointHealthResponse { oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { api.v2.core.Locality locality = 1; repeated api.v2.endpoint.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { string cluster_name = 1; repeated api.v2.core.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; } message HealthCheckSpecifier { repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v2/rtds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "RtdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.runtime.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Runtime Discovery Service (RTDS)] // RTDS :ref:`configuration overview ` // Discovery service for Runtime resources. service RuntimeDiscoveryService { option (envoy.annotations.resource).type = "envoy.service.discovery.v2.Runtime"; rpc StreamRuntime(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaRuntime(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchRuntime(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:runtime"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message RtdsDummy { } // RTDS resource type. This describes a layer in the runtime virtual filesystem. message Runtime { // Runtime resource name. This makes the Runtime a self-describing xDS // resource. string name = 1 [(validate.rules).string = {min_bytes: 1}]; google.protobuf.Struct layer = 2; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v2/sds.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v2"; option java_outer_classname = "SdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.secret.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Secret Discovery Service (SDS)] service SecretDiscoveryService { option (envoy.annotations.resource).type = "envoy.api.v2.auth.Secret"; rpc DeltaSecrets(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc StreamSecrets(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc FetchSecrets(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:secrets"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message SdsDummy { } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2:pkg", "//envoy/config/core/v3:pkg", "//envoy/service/discovery/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/discovery/v3/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v3; import "envoy/service/discovery/v3/discovery.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v3"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaAggregatedResources(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.AdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v3/discovery.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/core/v1/resource_name.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v3"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryRequest"; // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. config.core.v3.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryResponse"; // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. config.core.v3.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 10] message DeltaDiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryRequest"; // The node making the request. config.core.v3.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This does not need to be set if // resources are only referenced via *udpa_resource_subscribe* and // *udpa_resources_unsubscribe*. string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // As with *resource_names_subscribe* but used when subscribing to resources indicated // by a *udpa.core.v1.ResourceLocator*. The directives in the resource locator // are ignored and the context parameters are matched with // *context_param_specifier* specific semantics. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_subscribe = 8; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // As with *resource_names_unsubscribe* but used when unsubscribing to resources indicated by a // *udpa.core.v1.ResourceLocator*. This must match a previously subscribed // resource locator provided in *udpa_resources_subscribe*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_unsubscribe = 9; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 8] message DeltaDiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryResponse"; // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. // This does not need to be set if *udpa_removed_resources* is used instead of // *removed_resources*. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // As with *removed_resources* but used when a removed resource was named in // its *Resource*s with a *udpa.core.v1.ResourceName*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceName udpa_removed_resources = 7; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } // [#next-free-field: 6] message Resource { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Resource"; // The resource's name, to distinguish it from others of the same type of resource. string name = 3 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // Used instead of *name* when a resource with a *udpa.core.v1.ResourceName* is delivered. udpa.core.v1.ResourceName udpa_resource_name = 5 [(udpa.annotations.field_migrate).oneof_promotion = "name_specifier"]; // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//udpa/core/v1:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/discovery/v4alpha/ads.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v4alpha; import "envoy/service/discovery/v4alpha/discovery.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v4alpha"; option java_outer_classname = "AdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Aggregated Discovery Service (ADS)] // [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, // and listeners are retained in the package `envoy.api.v2` for backwards // compatibility with existing management servers. New development in discovery // services should proceed in the package `envoy.service.discovery.v2`. // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can // multiplex many resource types on a single stream. The type_url in the // DiscoveryRequest/DiscoveryResponse provides sufficient information to recover // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. rpc StreamAggregatedResources(stream DiscoveryRequest) returns (stream DiscoveryResponse) { } rpc DeltaAggregatedResources(stream DeltaDiscoveryRequest) returns (stream DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message AdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.AdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/discovery/v4alpha/discovery.proto ================================================ syntax = "proto3"; package envoy.service.discovery.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "google/rpc/status.proto"; import "udpa/core/v1/resource_locator.proto"; import "udpa/core/v1/resource_name.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.discovery.v4alpha"; option java_outer_classname = "DiscoveryProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Common discovery API components] // A DiscoveryRequest requests a set of versioned resources of the same type for // a given Envoy node on some API. // [#next-free-field: 7] message DiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DiscoveryRequest"; // The version_info provided in the request messages will be the version_info // received with the most recent successfully processed response or empty on // the first request. It is expected that no new request is sent after a // response is received until the Envoy instance is ready to ACK/NACK the new // configuration. ACK/NACK takes place by returning the new API config version // as applied or the previous API config version respectively. Each type_url // (see below) has an independent version associated with it. string version_info = 1; // The node making the request. config.core.v4alpha.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are // returned. LDS/CDS may have empty resource_names, which will cause all // resources for the Envoy instance to be returned. The LDS and CDS responses // will then imply a number of resources that need to be fetched via EDS/RDS, // which will be explicitly enumerated in resource_names. repeated string resource_names = 3; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is // required for ADS. string type_url = 4; // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above // discussion on version_info and the DiscoveryResponse nonce comment. This // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, // or 2) the client has not yet accepted an update in this xDS stream (unlike // delta, where it is populated only for new explicit ACKs). string response_nonce = 5; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* provides the Envoy // internal exception related to the failure. It is only intended for consumption during manual // debugging, the string provided is not guaranteed to be stable across Envoy versions. google.rpc.Status error_detail = 6; } // [#next-free-field: 7] message DiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DiscoveryResponse"; // The version of the response data. string version_info = 1; // The response resources. These resources are typed and depend on the API being called. repeated google.protobuf.Any resources = 2; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: // // * --terminate-on-canary-transition-failure. When set, Envoy is able to // terminate if it detects that configuration is stuck at canary. Consider // this example sequence of updates: // - Management server applies a canary config successfully. // - Management server rolls back to a production config. // - Envoy rejects the new production config. // Since there is no sensible way to continue receiving configuration // updates, Envoy will then terminate and apply production config from a // clean slate. // * --dry-run-canary. When set, a canary response will never be applied, only // validated via a dry run. bool canary = 3; // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty). string type_url = 4; // For gRPC based subscriptions, the nonce provides a way to explicitly ack a // specific DiscoveryResponse in a following DiscoveryRequest. Additional // messages may have been sent by Envoy to the management server for the // previous version on the stream prior to this DiscoveryResponse, that were // unprocessed at response send time. The nonce allows the management server // to ignore any further DiscoveryRequests for the previous version until a // DiscoveryRequest bearing the nonce. The nonce is optional and is not // required for non-stream based xDS implementations. string nonce = 5; // [#not-implemented-hide:] // The control plane instance that sent the response. config.core.v4alpha.ControlPlane control_plane = 6; } // DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC // endpoint for Delta xDS. // // With Delta xDS, the DeltaDiscoveryResponses do not need to include a full // snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a // diff to the state of a xDS client. // In Delta XDS there are per-resource versions, which allow tracking state at // the resource granularity. // An xDS Delta session is always in the context of a gRPC bidirectional // stream. This allows the xDS server to keep track of the state of xDS clients // connected to it. // // In Delta xDS the nonce field is required and used to pair // DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK. // Optionally, a response message level system_version_info is present for // debugging purposes only. // // DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest // can be either or both of: [1] informing the server of what resources the // client has gained/lost interest in (using resource_names_subscribe and // resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from // the server (using response_nonce, with presence of error_detail making it a NACK). // Additionally, the first message (for a given type_url) of a reconnected gRPC stream // has a third role: informing the server of the resources (and their versions) // that the client already possesses, using the initial_resource_versions field. // // As with state-of-the-world, when multiple resource types are multiplexed (ADS), // all requests/acknowledgments/updates are logically walled off by type_url: // a Cluster ACK exists in a completely separate world from a prior Route NACK. // In particular, initial_resource_versions being sent at the "start" of every // gRPC stream actually entails a message for each type_url, each with its own // initial_resource_versions. // [#next-free-field: 10] message DeltaDiscoveryRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DeltaDiscoveryRequest"; // The node making the request. config.core.v4alpha.Node node = 1; // Type of the resource that is being requested, e.g. // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This does not need to be set if // resources are only referenced via *udpa_resource_subscribe* and // *udpa_resources_unsubscribe*. string type_url = 2; // DeltaDiscoveryRequests allow the client to add or remove individual // resources to the set of tracked resources in the context of a stream. // All resource names in the resource_names_subscribe list are added to the // set of tracked resources and all resource names in the resource_names_unsubscribe // list are removed from the set of tracked resources. // // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or // resource_names_unsubscribe list simply means that no resources are to be // added or removed to the resource list. // *Like* state-of-the-world xDS, the server must send updates for all tracked // resources, but can also send updates for resources the client has not subscribed to. // // NOTE: the server must respond with all resources listed in resource_names_subscribe, // even if it believes the client has the most recent version of them. The reason: // the client may have dropped them, but then regained interest before it had a chance // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd. // // These two fields can be set in any DeltaDiscoveryRequest, including ACKs // and initial_resource_versions. // // A list of Resource names to add to the list of tracked resources. repeated string resource_names_subscribe = 3; // As with *resource_names_subscribe* but used when subscribing to resources indicated // by a *udpa.core.v1.ResourceLocator*. The directives in the resource locator // are ignored and the context parameters are matched with // *context_param_specifier* specific semantics. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_subscribe = 8; // A list of Resource names to remove from the list of tracked resources. repeated string resource_names_unsubscribe = 4; // As with *resource_names_unsubscribe* but used when unsubscribing to resources indicated by a // *udpa.core.v1.ResourceLocator*. This must match a previously subscribed // resource locator provided in *udpa_resources_subscribe*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceLocator udpa_resources_unsubscribe = 9; // Informs the server of the versions of the resources the xDS client knows of, to enable the // client to continue the same logical xDS session even in the face of gRPC stream reconnection. // It will not be populated: [1] in the very first stream of a session, since the client will // not yet have any resources, [2] in any message after the first in a stream (for a given // type_url), since the server will already be correctly tracking the client's state. // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.) // The map's keys are names of xDS resources known to the xDS client. // The map's values are opaque resource versions. map initial_resource_versions = 5; // When the DeltaDiscoveryRequest is a ACK or NACK message in response // to a previous DeltaDiscoveryResponse, the response_nonce must be the // nonce in the DeltaDiscoveryResponse. // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted. string response_nonce = 6; // This is populated when the previous :ref:`DiscoveryResponse ` // failed to update configuration. The *message* field in *error_details* // provides the Envoy internal exception related to the failure. google.rpc.Status error_detail = 7; } // [#next-free-field: 8] message DeltaDiscoveryResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.DeltaDiscoveryResponse"; // The version of the response data (used for debugging). string system_version_info = 1; // The response resources. These are typed resources, whose types must match // the type_url field. repeated Resource resources = 2; // field id 3 IS available! // Type URL for resources. Identifies the xDS API when muxing over ADS. // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty. // This does not need to be set if *udpa_removed_resources* is used instead of // *removed_resources*. string type_url = 4; // Resources names of resources that have be deleted and to be removed from the xDS Client. // Removed resources for missing resources can be ignored. repeated string removed_resources = 6; // As with *removed_resources* but used when a removed resource was named in // its *Resource*s with a *udpa.core.v1.ResourceName*. // [#not-implemented-hide:] repeated udpa.core.v1.ResourceName udpa_removed_resources = 7; // The nonce provides a way for DeltaDiscoveryRequests to uniquely // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required. string nonce = 5; } // [#next-free-field: 6] message Resource { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v3.Resource"; oneof name_specifier { // The resource's name, to distinguish it from others of the same type of resource. string name = 3; // Used instead of *name* when a resource with a *udpa.core.v1.ResourceName* is delivered. udpa.core.v1.ResourceName udpa_resource_name = 5; } // The aliases are a list of other names that this resource can go by. repeated string aliases = 4; // The resource level version. It allows xDS to track the state of individual // resources. string version = 1; // The resource being tracked. google.protobuf.Any resource = 2; } ================================================ FILE: generated_api_shadow/envoy/service/endpoint/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/endpoint/v3/eds.proto ================================================ syntax = "proto3"; package envoy.service.endpoint.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.endpoint.v3"; option java_outer_classname = "EdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: EDS] // Endpoint discovery :ref:`architecture overview ` service EndpointDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.endpoint.v3.ClusterLoadAssignment"; // The resource_names field in DiscoveryRequest specifies a list of clusters // to subscribe to updates for. rpc StreamEndpoints(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaEndpoints(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchEndpoints(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:endpoints"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message EdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.EdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v2alpha/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v2alpha; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v2alpha"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.service.event_reporting.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { message Identifier { // The node sending the event messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { } ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/event_reporting/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v3/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v3; import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v3"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsRequest.Identifier"; // The node sending the event messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v2alpha.StreamEventsResponse"; } ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/event_reporting/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/event_reporting/v4alpha/event_reporting_service.proto ================================================ syntax = "proto3"; package envoy.service.event_reporting.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.event_reporting.v4alpha"; option java_outer_classname = "EventReportingServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: gRPC Event Reporting Service] // [#not-implemented-hide:] // Service for streaming different types of events from Envoy to a server. The examples of // such events may be health check or outlier detection events. service EventReportingService { // Envoy will connect and send StreamEventsRequest messages forever. // The management server may send StreamEventsResponse to configure event stream. See below. // This API is designed for high throughput with the expectation that it might be lossy. rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { } } // [#not-implemented-hide:] // An events envoy sends to the management server. message StreamEventsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsRequest.Identifier"; // The node sending the event messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data that will only be sent in the first message on the stream. This is effectively // structured metadata and is a performance optimization. Identifier identifier = 1; // Batch of events. When the stream is already active, it will be the events occurred // since the last message had been sent. If the server receives unknown event type, it should // silently ignore it. // // The following events are supported: // // * :ref:`HealthCheckEvent ` // * :ref:`OutlierDetectionEvent ` repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; } // [#not-implemented-hide:] // The management server may send envoy a StreamEventsResponse to tell which events the server // is interested in. In future, with aggregated event reporting service, this message will // contain, for example, clusters the envoy should send events for, or event types the server // wants to process. message StreamEventsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.event_reporting.v3.StreamEventsResponse"; } ================================================ FILE: generated_api_shadow/envoy/service/extension/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/extension/v3/config_discovery.proto ================================================ syntax = "proto3"; package envoy.service.extension.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.extension.v3"; option java_outer_classname = "ConfigDiscoveryProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Extension Config Discovery Service (ECDS)] // Return extension configurations. service ExtensionConfigDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.core.v3.TypedExtensionConfig"; rpc StreamExtensionConfigs(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaExtensionConfigs(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchExtensionConfigs(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:extension_configs"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue // with importing services: https://github.com/google/protobuf/issues/4221 and // protoxform to upgrade the file. message EcdsDummy { } ================================================ FILE: generated_api_shadow/envoy/service/health/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/cluster/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/discovery/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/health/v3/hds.proto ================================================ syntax = "proto3"; package envoy.service.health.v3; import "envoy/config/cluster/v3/cluster.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.health.v3"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v3/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.Capability"; // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckRequest"; config.core.v3.Node node = 1; Capability capability = 2; } message EndpointHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.EndpointHealth"; config.endpoint.v3.Endpoint endpoint = 1; config.core.v3.HealthStatus health_status = 2; } // Group endpoint health by locality under each cluster. message LocalityEndpointsHealth { config.core.v3.Locality locality = 1; repeated EndpointHealth endpoints_health = 2; } // The health status of endpoints in a cluster. The cluster name and locality // should match the corresponding fields in ClusterHealthCheck message. message ClusterEndpointsHealth { string cluster_name = 1; repeated LocalityEndpointsHealth locality_endpoints_health = 2; } message EndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.EndpointHealthResponse"; // Deprecated - Flat list of endpoint health information. repeated EndpointHealth endpoints_health = 1 [deprecated = true]; // Organize Endpoint health information by cluster. repeated ClusterEndpointsHealth cluster_endpoints_health = 2; } message HealthCheckRequestOrEndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse"; oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.LocalityEndpoints"; config.core.v3.Locality locality = 1; repeated config.endpoint.v3.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.ClusterHealthCheck"; string cluster_name = 1; repeated config.core.v3.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; // Optional map that gets filtered by :ref:`health_checks.transport_socket_match_criteria ` // on connection when health checking. For more details, see // :ref:`config.cluster.v3.Cluster.transport_socket_matches `. repeated config.cluster.v3.Cluster.TransportSocketMatch transport_socket_matches = 4; } message HealthCheckSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.HealthCheckSpecifier"; repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: generated_api_shadow/envoy/service/health/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/cluster/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/health/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/health/v4alpha/hds.proto ================================================ syntax = "proto3"; package envoy.service.health.v4alpha; import "envoy/config/cluster/v4alpha/cluster.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/config/endpoint/v3/endpoint_components.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.health.v4alpha"; option java_outer_classname = "HdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Health Discovery Service (HDS)] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts // in the cluster. The status of these health checks will be reported to the // management server, where it can be aggregated etc and redistributed back to // Envoy through EDS. service HealthDiscoveryService { // 1. Envoy starts up and if its can_healthcheck option in the static // bootstrap config is enabled, sends HealthCheckRequest to the management // server. It supplies its capabilities (which protocol it can health check // with, what zone it resides in, etc.). // 2. In response to (1), the management server designates this Envoy as a // healthchecker to health check a subset of all upstream hosts for a given // cluster (for example upstream Host 1 and Host 2). It streams // HealthCheckSpecifier messages with cluster related configuration for all // clusters this Envoy is designated to health check. Subsequent // HealthCheckSpecifier message will be sent on changes to: // a. Endpoints to health checks // b. Per cluster configuration change // 3. Envoy creates a health probe based on the HealthCheck config and sends // it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck // configuration Envoy waits upon the arrival of the probe response and // looks at the content of the response to decide whether the endpoint is // healthy or not. If a response hasn't been received within the timeout // interval, the endpoint health status is considered TIMEOUT. // 4. Envoy reports results back in an EndpointHealthResponse message. // Envoy streams responses as often as the interval configured by the // management server in HealthCheckSpecifier. // 5. The management Server collects health statuses for all endpoints in the // cluster (for all clusters) and uses this information to construct // EndpointDiscoveryResponse messages. // 6. Once Envoy has a list of upstream endpoints to send traffic to, it load // balances traffic to them without additional health checking. It may // use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection // failed to a particular endpoint to account for health status propagation // delay between HDS and EDS). // By default, can_healthcheck is true. If can_healthcheck is false, Cluster // configuration may not contain HealthCheck message. // TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above // invariant? // TODO(htuch): Add @amb67's diagram. rpc StreamHealthCheck(stream HealthCheckRequestOrEndpointHealthResponse) returns (stream HealthCheckSpecifier) { } // TODO(htuch): Unlike the gRPC version, there is no stream-based binding of // request/response. Should we add an identifier to the HealthCheckSpecifier // to bind with the response? rpc FetchHealthCheck(HealthCheckRequestOrEndpointHealthResponse) returns (HealthCheckSpecifier) { option (google.api.http).post = "/v3/discovery:health_check"; option (google.api.http).body = "*"; } } // Defines supported protocols etc, so the management server can assign proper // endpoints to healthcheck. message Capability { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.Capability"; // Different Envoy instances may have different capabilities (e.g. Redis) // and/or have ports enabled for different protocols. enum Protocol { HTTP = 0; TCP = 1; REDIS = 2; } repeated Protocol health_check_protocols = 1; } message HealthCheckRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckRequest"; config.core.v4alpha.Node node = 1; Capability capability = 2; } message EndpointHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.EndpointHealth"; config.endpoint.v3.Endpoint endpoint = 1; config.core.v4alpha.HealthStatus health_status = 2; } // Group endpoint health by locality under each cluster. message LocalityEndpointsHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.LocalityEndpointsHealth"; config.core.v4alpha.Locality locality = 1; repeated EndpointHealth endpoints_health = 2; } // The health status of endpoints in a cluster. The cluster name and locality // should match the corresponding fields in ClusterHealthCheck message. message ClusterEndpointsHealth { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.ClusterEndpointsHealth"; string cluster_name = 1; repeated LocalityEndpointsHealth locality_endpoints_health = 2; } message EndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.EndpointHealthResponse"; // Deprecated - Flat list of endpoint health information. repeated EndpointHealth hidden_envoy_deprecated_endpoints_health = 1 [deprecated = true]; // Organize Endpoint health information by cluster. repeated ClusterEndpointsHealth cluster_endpoints_health = 2; } message HealthCheckRequestOrEndpointHealthResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckRequestOrEndpointHealthResponse"; oneof request_type { HealthCheckRequest health_check_request = 1; EndpointHealthResponse endpoint_health_response = 2; } } message LocalityEndpoints { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.LocalityEndpoints"; config.core.v4alpha.Locality locality = 1; repeated config.endpoint.v3.Endpoint endpoints = 2; } // The cluster name and locality is provided to Envoy for the endpoints that it // health checks to support statistics reporting, logging and debugging by the // Envoy instance (outside of HDS). For maximum usefulness, it should match the // same cluster structure as that provided by EDS. message ClusterHealthCheck { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.ClusterHealthCheck"; string cluster_name = 1; repeated config.core.v4alpha.HealthCheck health_checks = 2; repeated LocalityEndpoints locality_endpoints = 3; // Optional map that gets filtered by :ref:`health_checks.transport_socket_match_criteria ` // on connection when health checking. For more details, see // :ref:`config.cluster.v3.Cluster.transport_socket_matches `. repeated config.cluster.v4alpha.Cluster.TransportSocketMatch transport_socket_matches = 4; } message HealthCheckSpecifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.health.v3.HealthCheckSpecifier"; repeated ClusterHealthCheck cluster_health_checks = 1; // The default is 1 second. google.protobuf.Duration interval = 2; } ================================================ FILE: generated_api_shadow/envoy/service/listener/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/listener/v3/lds.proto ================================================ syntax = "proto3"; package envoy.service.listener.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.listener.v3"; option java_outer_classname = "LdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Listener] // Listener :ref:`configuration overview ` // The Envoy instance initiates an RPC at startup to discover a list of // listeners. Updates are delivered via streaming from the LDS server and // consist of a complete update of all listeners. Existing connections will be // allowed to drain from listeners that are no longer present. service ListenerDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.listener.v3.Listener"; rpc DeltaListeners(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc StreamListeners(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc FetchListeners(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:listeners"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message LdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.LdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/endpoint:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v2/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/endpoint/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v2"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Load reporting service] service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message LoadStatsRequest { // Node identifier for Envoy instance. api.v2.core.Node node = 1; // A list of load stats to report. repeated api.v2.endpoint.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message LoadStatsResponse { // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/load_stats/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v3/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v3; import "envoy/config/core/v3/base.proto"; import "envoy/config/endpoint/v3/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v3"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Load Reporting service (LRS)] // Load Reporting Service is an Envoy API to emit load reports. Envoy will initiate a bi-directional // stream with a management server. Upon connecting, the management server can send a // :ref:`LoadStatsResponse ` to a node it is // interested in getting the load reports for. Envoy in this node will start sending // :ref:`LoadStatsRequest `. This is done periodically // based on the :ref:`load reporting interval ` // For details, take a look at the :ref:`Load Reporting Service sandbox example `. service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. message LoadStatsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v2.LoadStatsRequest"; // Node identifier for Envoy instance. config.core.v3.Node node = 1; // A list of load stats to report. repeated config.endpoint.v3.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. message LoadStatsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v2.LoadStatsResponse"; // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/service/load_stats/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/load_stats/v4alpha/lrs.proto ================================================ syntax = "proto3"; package envoy.service.load_stats.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/endpoint/v3/load_report.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.load_stats.v4alpha"; option java_outer_classname = "LrsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Load Reporting service (LRS)] // Load Reporting Service is an Envoy API to emit load reports. Envoy will initiate a bi-directional // stream with a management server. Upon connecting, the management server can send a // :ref:`LoadStatsResponse ` to a node it is // interested in getting the load reports for. Envoy in this node will start sending // :ref:`LoadStatsRequest `. This is done periodically // based on the :ref:`load reporting interval ` // For details, take a look at the :ref:`Load Reporting Service sandbox example `. service LoadReportingService { // Advanced API to allow for multi-dimensional load balancing by remote // server. For receiving LB assignments, the steps are: // 1, The management server is configured with per cluster/zone/load metric // capacity configuration. The capacity configuration definition is // outside of the scope of this document. // 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters // to balance. // // Independently, Envoy will initiate a StreamLoadStats bidi stream with a // management server: // 1. Once a connection establishes, the management server publishes a // LoadStatsResponse for all clusters it is interested in learning load // stats about. // 2. For each cluster, Envoy load balances incoming traffic to upstream hosts // based on per-zone weights and/or per-instance weights (if specified) // based on intra-zone LbPolicy. This information comes from the above // {Stream,Fetch}Endpoints. // 3. When upstream hosts reply, they optionally add header with ASCII representation of EndpointLoadMetricStats. // 4. Envoy aggregates load reports over the period of time given to it in // LoadStatsResponse.load_reporting_interval. This includes aggregation // stats Envoy maintains by itself (total_requests, rpc_errors etc.) as // well as load metrics from upstream hosts. // 5. When the timer of load_reporting_interval expires, Envoy sends new // LoadStatsRequest filled with load reports for each cluster. // 6. The management server uses the load reports from all reported Envoys // from around the world, computes global assignment and prepares traffic // assignment destined for each zone Envoys are located in. Goto 2. rpc StreamLoadStats(stream LoadStatsRequest) returns (stream LoadStatsResponse) { } } // A load report Envoy sends to the management server. message LoadStatsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v3.LoadStatsRequest"; // Node identifier for Envoy instance. config.core.v4alpha.Node node = 1; // A list of load stats to report. repeated config.endpoint.v3.ClusterStats cluster_stats = 2; } // The management server sends envoy a LoadStatsResponse with all clusters it // is interested in learning load stats about. message LoadStatsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.load_stats.v3.LoadStatsResponse"; // Clusters to report stats for. // Not populated if *send_all_clusters* is true. repeated string clusters = 1; // If true, the client should send all clusters it knows about. // Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their // :ref:`client_features` field will honor this field. bool send_all_clusters = 4; // The minimum interval of time to collect stats over. This is only a minimum for two reasons: // // 1. There may be some delay from when the timer fires until stats sampling occurs. // 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic // that is observed in between the corresponding previous *LoadStatsRequest* and this // *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period // of inobservability that might otherwise exists between the messages. New clusters are not // subject to this consideration. google.protobuf.Duration load_reporting_interval = 2; // Set to *true* if the management server supports endpoint granularity // report. bool report_endpoint_granularity = 3; } ================================================ FILE: generated_api_shadow/envoy/service/metrics/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: generated_api_shadow/envoy/service/metrics/v2/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v2; import "envoy/api/v2/core/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v2"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { } message StreamMetricsMessage { message Identifier { // The node sending metrics over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: generated_api_shadow/envoy/service/metrics/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/metrics/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: generated_api_shadow/envoy/service/metrics/v3/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v3; import "envoy/config/core/v3/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v3"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsResponse"; } message StreamMetricsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v2.StreamMetricsMessage.Identifier"; // The node sending metrics over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: generated_api_shadow/envoy/service/metrics/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/metrics/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@prometheus_metrics_model//:client_model", ], ) ================================================ FILE: generated_api_shadow/envoy/service/metrics/v4alpha/metrics_service.proto ================================================ syntax = "proto3"; package envoy.service.metrics.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "metrics.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.metrics.v4alpha"; option java_outer_classname = "MetricsServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metrics service] // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { } } message StreamMetricsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsResponse"; } message StreamMetricsMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.metrics.v3.StreamMetricsMessage.Identifier"; // The node sending metrics over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // A list of metric entries repeated io.prometheus.client.MetricFamily envoy_metrics = 2; } ================================================ FILE: generated_api_shadow/envoy/service/ratelimit/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/ratelimit:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/ratelimit/v2/rls.proto ================================================ syntax = "proto3"; package envoy.service.ratelimit.v2; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/ratelimit/ratelimit.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v2"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Rate Limit Service (RLS)] service RateLimitService { // Determine whether rate limiting should take place. rpc ShouldRateLimit(RateLimitRequest) returns (RateLimitResponse) { } } // Main message for a rate limit request. The rate limit service is designed to be fully generic // in the sense that it can operate on arbitrary hierarchical key/value pairs. The loaded // configuration will parse the request and find the most specific limit to apply. In addition, // a RateLimitRequest can contain multiple "descriptors" to limit on. When multiple descriptors // are provided, the server will limit on *ALL* of them and return an OVER_LIMIT response if any // of them are over limit. This enables more complex application level rate limiting scenarios // if desired. message RateLimitRequest { // All rate limit requests must specify a domain. This enables the configuration to be per // application without fear of overlap. E.g., "envoy". string domain = 1; // All rate limit requests must specify at least one RateLimitDescriptor. Each descriptor is // processed by the service (see below). If any of the descriptors are over limit, the entire // request is considered to be over limit. repeated api.v2.ratelimit.RateLimitDescriptor descriptors = 2; // Rate limit requests can optionally specify the number of hits a request adds to the matched // limit. If the value is not set in the message, a request increases the matched limit by 1. uint32 hits_addend = 3; } // A response from a ShouldRateLimit call. message RateLimitResponse { enum Code { // The response code is not known. UNKNOWN = 0; // The response code to notify that the number of requests are under limit. OK = 1; // The response code to notify that the number of requests are over limit. OVER_LIMIT = 2; } // Defines an actual rate limit in terms of requests per unit of time and the unit itself. message RateLimit { enum Unit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } // A name or description of this limit. string name = 3; // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. Unit unit = 2; } message DescriptorStatus { // The response code for an individual descriptor. Code code = 1; // The current limit as configured by the server. Useful for debugging, etc. RateLimit current_limit = 2; // The limit remaining in the current time unit. uint32 limit_remaining = 3; } // The overall response code which takes into account all of the descriptors that were passed // in the RateLimitRequest message. Code overall_code = 1; // A list of DescriptorStatus messages which matches the length of the descriptor list passed // in the RateLimitRequest. This can be used by the caller to determine which individual // descriptors failed and/or what the currently configured limits are for all of them. repeated DescriptorStatus statuses = 2; // A list of headers to add to the response repeated api.v2.core.HeaderValue headers = 3 [(udpa.annotations.field_migrate).rename = "response_headers_to_add"]; // A list of headers to add to the request when forwarded repeated api.v2.core.HeaderValue request_headers_to_add = 4; } ================================================ FILE: generated_api_shadow/envoy/service/ratelimit/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "//envoy/service/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/ratelimit/v3/rls.proto ================================================ syntax = "proto3"; package envoy.service.ratelimit.v3; import "envoy/config/core/v3/base.proto"; import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v3"; option java_outer_classname = "RlsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Rate Limit Service (RLS)] service RateLimitService { // Determine whether rate limiting should take place. rpc ShouldRateLimit(RateLimitRequest) returns (RateLimitResponse) { } } // Main message for a rate limit request. The rate limit service is designed to be fully generic // in the sense that it can operate on arbitrary hierarchical key/value pairs. The loaded // configuration will parse the request and find the most specific limit to apply. In addition, // a RateLimitRequest can contain multiple "descriptors" to limit on. When multiple descriptors // are provided, the server will limit on *ALL* of them and return an OVER_LIMIT response if any // of them are over limit. This enables more complex application level rate limiting scenarios // if desired. message RateLimitRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitRequest"; // All rate limit requests must specify a domain. This enables the configuration to be per // application without fear of overlap. E.g., "envoy". string domain = 1; // All rate limit requests must specify at least one RateLimitDescriptor. Each descriptor is // processed by the service (see below). If any of the descriptors are over limit, the entire // request is considered to be over limit. repeated envoy.extensions.common.ratelimit.v3.RateLimitDescriptor descriptors = 2; // Rate limit requests can optionally specify the number of hits a request adds to the matched // limit. If the value is not set in the message, a request increases the matched limit by 1. uint32 hits_addend = 3; } // A response from a ShouldRateLimit call. message RateLimitResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse"; enum Code { // The response code is not known. UNKNOWN = 0; // The response code to notify that the number of requests are under limit. OK = 1; // The response code to notify that the number of requests are over limit. OVER_LIMIT = 2; } // Defines an actual rate limit in terms of requests per unit of time and the unit itself. message RateLimit { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.RateLimit"; // Identifies the unit of of time for rate limit. // [#comment: replace by envoy/type/v3/ratelimit_unit.proto in v4] enum Unit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } // A name or description of this limit. string name = 3; // The number of requests per unit of time. uint32 requests_per_unit = 1; // The unit of time. Unit unit = 2; } message DescriptorStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.DescriptorStatus"; // The response code for an individual descriptor. Code code = 1; // The current limit as configured by the server. Useful for debugging, etc. RateLimit current_limit = 2; // The limit remaining in the current time unit. uint32 limit_remaining = 3; // Duration until reset of the current limit window. google.protobuf.Duration duration_until_reset = 4; } // The overall response code which takes into account all of the descriptors that were passed // in the RateLimitRequest message. Code overall_code = 1; // A list of DescriptorStatus messages which matches the length of the descriptor list passed // in the RateLimitRequest. This can be used by the caller to determine which individual // descriptors failed and/or what the currently configured limits are for all of them. repeated DescriptorStatus statuses = 2; // A list of headers to add to the response repeated config.core.v3.HeaderValue response_headers_to_add = 3; // A list of headers to add to the request when forwarded repeated config.core.v3.HeaderValue request_headers_to_add = 4; } ================================================ FILE: generated_api_shadow/envoy/service/route/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/api/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/route/v3/rds.proto ================================================ syntax = "proto3"; package envoy.service.route.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.route.v3"; option java_outer_classname = "RdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. // This allows an Envoy configuration with multiple HTTP listeners (and // associated HTTP connection manager filters) to use different route // configurations. Each listener will bind its HTTP connection manager filter to // a route table via this identifier. service RouteDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.RouteConfiguration"; rpc StreamRoutes(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaRoutes(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchRoutes(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:routes"; option (google.api.http).body = "*"; } } // Virtual Host Discovery Service (VHDS) is used to dynamically update the list of virtual hosts for // a given RouteConfiguration. If VHDS is configured a virtual host list update will be triggered // during the processing of an HTTP request if a route for the request cannot be resolved. The // :ref:`resource_names_subscribe ` // field contains a list of virtual host names or aliases to track. The contents of an alias would // be the contents of a *host* or *authority* header used to make an http request. An xDS server // will match an alias to a virtual host based on the content of :ref:`domains' // ` field. The *resource_names_unsubscribe* field // contains a list of virtual host names that have been :ref:`unsubscribed // ` from the routing table associated with the RouteConfiguration. service VirtualHostDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.VirtualHost"; rpc DeltaVirtualHosts(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message RdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.RdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/route/v3/srds.proto ================================================ syntax = "proto3"; package envoy.service.route.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.route.v3"; option java_outer_classname = "SrdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: SRDS] // * Routing :ref:`architecture overview ` // The Scoped Routes Discovery Service (SRDS) API distributes // :ref:`ScopedRouteConfiguration` // resources. Each ScopedRouteConfiguration resource represents a "routing // scope" containing a mapping that allows the HTTP connection manager to // dynamically assign a routing table (specified via a // :ref:`RouteConfiguration` message) to each // HTTP request. service ScopedRoutesDiscoveryService { option (envoy.annotations.resource).type = "envoy.config.route.v3.ScopedRouteConfiguration"; rpc StreamScopedRoutes(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaScopedRoutes(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchScopedRoutes(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:scoped-routes"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file. message SrdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.SrdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/runtime/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/runtime/v3/rtds.proto ================================================ syntax = "proto3"; package envoy.service.runtime.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.runtime.v3"; option java_outer_classname = "RtdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Runtime Discovery Service (RTDS)] // RTDS :ref:`configuration overview ` // Discovery service for Runtime resources. service RuntimeDiscoveryService { option (envoy.annotations.resource).type = "envoy.service.runtime.v3.Runtime"; rpc StreamRuntime(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc DeltaRuntime(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc FetchRuntime(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:runtime"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message RtdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.RtdsDummy"; } // RTDS resource type. This describes a layer in the runtime virtual filesystem. message Runtime { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.Runtime"; // Runtime resource name. This makes the Runtime a self-describing xDS // resource. string name = 1 [(validate.rules).string = {min_len: 1}]; google.protobuf.Struct layer = 2; } ================================================ FILE: generated_api_shadow/envoy/service/secret/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/annotations:pkg", "//envoy/service/discovery/v2:pkg", "//envoy/service/discovery/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/secret/v3/sds.proto ================================================ syntax = "proto3"; package envoy.service.secret.v3; import "envoy/service/discovery/v3/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.secret.v3"; option java_outer_classname = "SdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Secret Discovery Service (SDS)] service SecretDiscoveryService { option (envoy.annotations.resource).type = "envoy.extensions.transport_sockets.tls.v3.Secret"; rpc DeltaSecrets(stream discovery.v3.DeltaDiscoveryRequest) returns (stream discovery.v3.DeltaDiscoveryResponse) { } rpc StreamSecrets(stream discovery.v3.DiscoveryRequest) returns (stream discovery.v3.DiscoveryResponse) { } rpc FetchSecrets(discovery.v3.DiscoveryRequest) returns (discovery.v3.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:secrets"; option (google.api.http).body = "*"; } } // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 message SdsDummy { option (udpa.annotations.versioning).previous_message_type = "envoy.service.discovery.v2.SdsDummy"; } ================================================ FILE: generated_api_shadow/envoy/service/status/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v2alpha:pkg", "//envoy/api/v2/core:pkg", "//envoy/type/matcher:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/status/v2/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v2; import "envoy/admin/v2alpha/config_dump.proto"; import "envoy/api/v2/core/base.proto"; import "envoy/type/matcher/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.service.status.v2"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. In the // future, it can potentially be used as an interface to get the current // state directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v2/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. ERROR = 4; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.NodeMatcher node_matchers = 1; } // Detailed config (per xDS) with status. // [#next-free-field: 6] message PerXdsConfig { ConfigStatus status = 1; oneof per_xds_config { admin.v2alpha.ListenersConfigDump listener_config = 2; admin.v2alpha.ClustersConfigDump cluster_config = 3; admin.v2alpha.RoutesConfigDump route_config = 4; admin.v2alpha.ScopedRoutesConfigDump scoped_route_config = 5; } } // All xds configs for a particular client. message ClientConfig { // Node for a particular client. api.v2.core.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/service/status/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/service/status/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/status/v3/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v3; import "envoy/admin/v3/config_dump.proto"; import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.status.v3"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. It can // also be used to get the current xDS states directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v3/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config from a management server view. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. The // attached config dump will be the latest config (the rejected one), since // it is the persisted version in the management server. ERROR = 4; } // Config status from a client-side view. enum ClientConfigStatus { // Config status is not available/unknown. CLIENT_UNKNOWN = 0; // Client requested the config but hasn't received any config from management // server yet. CLIENT_REQUESTED = 1; // Client received the config and replied with ACK. CLIENT_ACKED = 2; // Client received the config and replied with NACK. Notably, the attached // config dump is not the NACKed version, but the most recent accepted one. If // no config is accepted yet, the attached config dump will be empty. CLIENT_NACKED = 3; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientStatusRequest"; // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.v3.NodeMatcher node_matchers = 1; // The node making the csds request. config.core.v3.Node node = 2; } // Detailed config (per xDS) with status. // [#next-free-field: 8] message PerXdsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.PerXdsConfig"; // Config status generated by management servers. Will not be present if the // CSDS server is an xDS client. ConfigStatus status = 1 [(udpa.annotations.field_migrate).oneof_promotion = "status_config"]; // Client config status is populated by xDS clients. Will not be present if // the CSDS server is an xDS server. No matter what the client config status // is, xDS clients should always dump the most recent accepted xDS config. ClientConfigStatus client_status = 7 [(udpa.annotations.field_migrate).oneof_promotion = "status_config"]; oneof per_xds_config { admin.v3.ListenersConfigDump listener_config = 2; admin.v3.ClustersConfigDump cluster_config = 3; admin.v3.RoutesConfigDump route_config = 4; admin.v3.ScopedRoutesConfigDump scoped_route_config = 5; admin.v3.EndpointsConfigDump endpoint_config = 6; } } // All xds configs for a particular client. message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientConfig"; // Node for a particular client. config.core.v3.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientStatusResponse"; // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/service/status/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/admin/v4alpha:pkg", "//envoy/config/core/v4alpha:pkg", "//envoy/service/status/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/status/v4alpha/csds.proto ================================================ syntax = "proto3"; package envoy.service.status.v4alpha; import "envoy/admin/v4alpha/config_dump.proto"; import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/node.proto"; import "google/api/annotations.proto"; import "google/protobuf/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.service.status.v4alpha"; option java_outer_classname = "CsdsProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Client Status Discovery Service (CSDS)] // CSDS is Client Status Discovery Service. It can be used to get the status of // an xDS-compliant client from the management server's point of view. It can // also be used to get the current xDS states directly from the client. service ClientStatusDiscoveryService { rpc StreamClientStatus(stream ClientStatusRequest) returns (stream ClientStatusResponse) { } rpc FetchClientStatus(ClientStatusRequest) returns (ClientStatusResponse) { option (google.api.http).post = "/v3/discovery:client_status"; option (google.api.http).body = "*"; } } // Status of a config from a management server view. enum ConfigStatus { // Status info is not available/unknown. UNKNOWN = 0; // Management server has sent the config to client and received ACK. SYNCED = 1; // Config is not sent. NOT_SENT = 2; // Management server has sent the config to client but hasn’t received // ACK/NACK. STALE = 3; // Management server has sent the config to client but received NACK. The // attached config dump will be the latest config (the rejected one), since // it is the persisted version in the management server. ERROR = 4; } // Config status from a client-side view. enum ClientConfigStatus { // Config status is not available/unknown. CLIENT_UNKNOWN = 0; // Client requested the config but hasn't received any config from management // server yet. CLIENT_REQUESTED = 1; // Client received the config and replied with ACK. CLIENT_ACKED = 2; // Client received the config and replied with NACK. Notably, the attached // config dump is not the NACKed version, but the most recent accepted one. If // no config is accepted yet, the attached config dump will be empty. CLIENT_NACKED = 3; } // Request for client status of clients identified by a list of NodeMatchers. message ClientStatusRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientStatusRequest"; // Management server can use these match criteria to identify clients. // The match follows OR semantics. repeated type.matcher.v4alpha.NodeMatcher node_matchers = 1; // The node making the csds request. config.core.v4alpha.Node node = 2; } // Detailed config (per xDS) with status. // [#next-free-field: 8] message PerXdsConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.PerXdsConfig"; oneof status_config { // Config status generated by management servers. Will not be present if the // CSDS server is an xDS client. ConfigStatus status = 1; // Client config status is populated by xDS clients. Will not be present if // the CSDS server is an xDS server. No matter what the client config status // is, xDS clients should always dump the most recent accepted xDS config. ClientConfigStatus client_status = 7; } oneof per_xds_config { admin.v4alpha.ListenersConfigDump listener_config = 2; admin.v4alpha.ClustersConfigDump cluster_config = 3; admin.v4alpha.RoutesConfigDump route_config = 4; admin.v4alpha.ScopedRoutesConfigDump scoped_route_config = 5; admin.v4alpha.EndpointsConfigDump endpoint_config = 6; } } // All xds configs for a particular client. message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientConfig"; // Node for a particular client. config.core.v4alpha.Node node = 1; repeated PerXdsConfig xds_config = 2; } message ClientStatusResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientStatusResponse"; // Client configs for the clients specified in the ClientStatusRequest. repeated ClientConfig config = 1; } ================================================ FILE: generated_api_shadow/envoy/service/tap/v2alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "//envoy/api/v2/route:pkg", "//envoy/data/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/tap/v2alpha/common.proto ================================================ syntax = "proto3"; package envoy.service.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/core/grpc_service.proto"; import "envoy/api/v2/route/route_components.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v2alpha"; option java_outer_classname = "CommonProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.config.tap.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Common tap configuration] // Tap configuration. message TapConfig { // [#comment:TODO(mattklein123): Rate limiting] // The match configuration. If the configuration matches the data source being tapped, a tap will // occur, with the result written to the configured output. MatchPredicate match_config = 1 [(validate.rules).message = {required: true}]; // The tap output configuration. If a match configuration matches a data source being tapped, // a tap will occur and the data will be written to the configured output. OutputConfig output_config = 2 [(validate.rules).message = {required: true}]; // [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for // which the tap matching is enabled. When not enabled, the request\connection will not be // recorded. // // .. note:: // // This field defaults to 100/:ref:`HUNDRED // `. api.v2.core.RuntimeFractionalPercent tap_enabled = 3; } // Tap match configuration. This is a recursive structure which allows complex nested match // configurations to be built using various logical operators. // [#next-free-field: 9] message MatchPredicate { // A set of match configurations used for logical operations. message MatchSet { // The list of rules that make up the set. repeated MatchPredicate rules = 1 [(validate.rules).repeated = {min_items: 2}]; } oneof rule { option (validate.required) = true; // A set that describes a logical OR. If any member of the set matches, the match configuration // matches. MatchSet or_match = 1; // A set that describes a logical AND. If all members of the set match, the match configuration // matches. MatchSet and_match = 2; // A negation match. The match configuration will match if the negated match condition matches. MatchPredicate not_match = 3; // The match configuration will always match. bool any_match = 4 [(validate.rules).bool = {const: true}]; // HTTP request headers match configuration. HttpHeadersMatch http_request_headers_match = 5; // HTTP request trailers match configuration. HttpHeadersMatch http_request_trailers_match = 6; // HTTP response headers match configuration. HttpHeadersMatch http_response_headers_match = 7; // HTTP response trailers match configuration. HttpHeadersMatch http_response_trailers_match = 8; } } // HTTP headers match configuration. message HttpHeadersMatch { // HTTP headers to match. repeated api.v2.route.HeaderMatcher headers = 1; } // Tap output configuration. message OutputConfig { // Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple // sink types are supported this constraint will be relaxed. repeated OutputSink sinks = 1 [(validate.rules).repeated = {min_items: 1 max_items: 1}]; // For buffered tapping, the maximum amount of received body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_rx_bytes = 2; // For buffered tapping, the maximum amount of transmitted body that will be buffered prior to // truncation. If truncation occurs, the :ref:`truncated // ` field will be set. If not specified, the // default is 1KiB. google.protobuf.UInt32Value max_buffered_tx_bytes = 3; // Indicates whether taps produce a single buffered message per tap, or multiple streamed // messages per tap in the emitted :ref:`TraceWrapper // ` messages. Note that streamed tapping does not // mean that no buffering takes place. Buffering may be required if data is processed before a // match can be determined. See the HTTP tap filter :ref:`streaming // ` documentation for more information. bool streaming = 4; } // Tap output sink configuration. message OutputSink { // Output format. All output is in the form of one or more :ref:`TraceWrapper // ` messages. This enumeration indicates // how those messages are written. Note that not all sinks support all output formats. See // individual sink documentation for more information. enum Format { // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_bytes // ` field. This means that body data will be // base64 encoded as per the `proto3 JSON mappings // `_. JSON_BODY_AS_BYTES = 0; // Each message will be written as JSON. Any :ref:`body ` // data will be present in the :ref:`as_string // ` field. This means that body data will be // string encoded as per the `proto3 JSON mappings // `_. This format type is // useful when it is known that that body is human readable (e.g., JSON over HTTP) and the // user wishes to view it directly without being forced to base64 decode the body. JSON_BODY_AS_STRING = 1; // Binary proto format. Note that binary proto is not self-delimiting. If a sink writes // multiple binary messages without any length information the data stream will not be // useful. However, for certain sinks that are self-delimiting (e.g., one message per file) // this output format makes consumption simpler. PROTO_BINARY = 2; // Messages are written as a sequence tuples, where each tuple is the message length encoded // as a `protobuf 32-bit varint // `_ // followed by the binary message. The messages can be read back using the language specific // protobuf coded stream implementation to obtain the message length and the message. PROTO_BINARY_LENGTH_DELIMITED = 3; // Text proto format. PROTO_TEXT = 4; } // Sink output format. Format format = 1 [(validate.rules).enum = {defined_only: true}]; oneof output_sink_type { option (validate.required) = true; // Tap output will be streamed out the :http:post:`/tap` admin endpoint. // // .. attention:: // // It is only allowed to specify the streaming admin output sink if the tap is being // configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has // been configured to receive tap configuration from some other source (e.g., static // file, XDS, etc.) configuring the streaming admin output type will fail. StreamingAdminSink streaming_admin = 2; // Tap output will be written to a file per tap sink. FilePerTapSink file_per_tap = 3; // [#not-implemented-hide:] // GrpcService to stream data to. The format argument must be PROTO_BINARY. StreamingGrpcSink streaming_grpc = 4; } } // Streaming admin sink configuration. message StreamingAdminSink { } // The file per tap sink outputs a discrete file for every tapped stream. message FilePerTapSink { // Path prefix. The output file will be of the form _.pb, where is an // identifier distinguishing the recorded trace for stream instances (the Envoy // connection ID, HTTP stream ID, etc.). string path_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; } // [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC // server. message StreamingGrpcSink { // Opaque identifier, that will be sent back to the streaming grpc server. string tap_id = 1; // The gRPC server that hosts the Tap Sink Service. api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/service/tap/v2alpha/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v2alpha; import "envoy/api/v2/core/base.proto"; import "envoy/data/tap/v2alpha/wrapper.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v2alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { message Identifier { // The node sending taps over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v2alpha.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { } ================================================ FILE: generated_api_shadow/envoy/service/tap/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/data/tap/v3:pkg", "//envoy/service/tap/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/tap/v3/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v3; import "envoy/config/core/v3/base.proto"; import "envoy/data/tap/v3/wrapper.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v3"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsRequest.Identifier"; // The node sending taps over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v3.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v2alpha.StreamTapsResponse"; } ================================================ FILE: generated_api_shadow/envoy/service/tap/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/data/tap/v3:pkg", "//envoy/service/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/service/tap/v4alpha/tap.proto ================================================ syntax = "proto3"; package envoy.service.tap.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "envoy/data/tap/v3/wrapper.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.tap.v4alpha"; option java_outer_classname = "TapProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Tap Sink Service] // [#not-implemented-hide:] A tap service to receive incoming taps. Envoy will call // StreamTaps to deliver captured taps to the server service TapSinkService { // Envoy will connect and send StreamTapsRequest messages forever. It does not expect any // response to be sent as nothing would be done in the case of failure. The server should // disconnect if it expects Envoy to reconnect. rpc StreamTaps(stream StreamTapsRequest) returns (StreamTapsResponse) { } } // [#not-implemented-hide:] Stream message for the Tap API. Envoy will open a stream to the server // and stream taps without ever expecting a response. message StreamTapsRequest { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsRequest"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsRequest.Identifier"; // The node sending taps over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; // The opaque identifier that was set in the :ref:`output config // `. string tap_id = 2; } // Identifier data effectively is a structured metadata. As a performance optimization this will // only be sent in the first message on the stream. Identifier identifier = 1; // The trace id. this can be used to merge together a streaming trace. Note that the trace_id // is not guaranteed to be spatially or temporally unique. uint64 trace_id = 2; // The trace data. data.tap.v3.TraceWrapper trace = 3; } // [#not-implemented-hide:] message StreamTapsResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.tap.v3.StreamTapsResponse"; } ================================================ FILE: generated_api_shadow/envoy/service/trace/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/api/v2/core:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/service/trace/v2/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v2; import "envoy/api/v2/core/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v2"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { } message StreamTracesMessage { message Identifier { // The node sending the access log messages over the stream. api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: generated_api_shadow/envoy/service/trace/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", "//envoy/service/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/service/trace/v3/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v3; import "envoy/config/core/v3/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v3"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesResponse"; } message StreamTracesMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v2.StreamTracesMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: generated_api_shadow/envoy/service/trace/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( has_services = True, deps = [ "//envoy/config/core/v4alpha:pkg", "//envoy/service/trace/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], ) ================================================ FILE: generated_api_shadow/envoy/service/trace/v4alpha/trace_service.proto ================================================ syntax = "proto3"; package envoy.service.trace.v4alpha; import "envoy/config/core/v4alpha/base.proto"; import "google/api/annotations.proto"; import "opencensus/proto/trace/v1/trace.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.trace.v4alpha"; option java_outer_classname = "TraceServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Trace service] // Service for streaming traces to server that consumes the trace data. It // uses OpenCensus data model as a standard to represent trace information. service TraceService { // Envoy will connect and send StreamTracesMessage messages forever. It does // not expect any response to be sent as nothing would be done in the case // of failure. rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { } } message StreamTracesResponse { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesResponse"; } message StreamTracesMessage { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesMessage"; message Identifier { option (udpa.annotations.versioning).previous_message_type = "envoy.service.trace.v3.StreamTracesMessage.Identifier"; // The node sending the access log messages over the stream. config.core.v4alpha.Node node = 1 [(validate.rules).message = {required: true}]; } // Identifier data effectively is a structured metadata. // As a performance optimization this will only be sent in the first message // on the stream. Identifier identifier = 1; // A list of Span entries repeated opencensus.proto.trace.v1.Span spans = 2; } ================================================ FILE: generated_api_shadow/envoy/type/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/type/hash_policy.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HashPolicyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Hash Policy] // Specifies the hash policy message HashPolicy { // The source IP will be used to compute the hash used by hash-based load balancing // algorithms. message SourceIp { } oneof policy_specifier { option (validate.required) = true; SourceIp source_ip = 1; } } ================================================ FILE: generated_api_shadow/envoy/type/http.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP] enum CodecClientType { HTTP1 = 0; HTTP2 = 1; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 2; } ================================================ FILE: generated_api_shadow/envoy/type/http_status.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "HttpStatusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: HTTP status codes] // HTTP response codes supported in Envoy. // For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml enum StatusCode { // Empty - This code not part of the HTTP status code specification, but it is needed for proto // `enum` type. Empty = 0; Continue = 100; OK = 200; Created = 201; Accepted = 202; NonAuthoritativeInformation = 203; NoContent = 204; ResetContent = 205; PartialContent = 206; MultiStatus = 207; AlreadyReported = 208; IMUsed = 226; MultipleChoices = 300; MovedPermanently = 301; Found = 302; SeeOther = 303; NotModified = 304; UseProxy = 305; TemporaryRedirect = 307; PermanentRedirect = 308; BadRequest = 400; Unauthorized = 401; PaymentRequired = 402; Forbidden = 403; NotFound = 404; MethodNotAllowed = 405; NotAcceptable = 406; ProxyAuthenticationRequired = 407; RequestTimeout = 408; Conflict = 409; Gone = 410; LengthRequired = 411; PreconditionFailed = 412; PayloadTooLarge = 413; URITooLong = 414; UnsupportedMediaType = 415; RangeNotSatisfiable = 416; ExpectationFailed = 417; MisdirectedRequest = 421; UnprocessableEntity = 422; Locked = 423; FailedDependency = 424; UpgradeRequired = 426; PreconditionRequired = 428; TooManyRequests = 429; RequestHeaderFieldsTooLarge = 431; InternalServerError = 500; NotImplemented = 501; BadGateway = 502; ServiceUnavailable = 503; GatewayTimeout = 504; HTTPVersionNotSupported = 505; VariantAlsoNegotiates = 506; InsufficientStorage = 507; LoopDetected = 508; NotExtended = 510; NetworkAuthenticationRequired = 511; } // HTTP status. message HttpStatus { // Supplies HTTP response code. StatusCode code = 1 [(validate.rules).enum = {defined_only: true not_in: 0}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/matcher/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/value.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/string.proto"; import "envoy/type/matcher/struct.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/range.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/string.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { // This field controls the RE2 "program size" which is a rough estimate of how complex a // compiled regex is to evaluate. A regex that has a program size greater than the configured // value will fail to compile. In this case, the configured max program size can be increased // or the regex can be simplified. If not specified, the default is 100. // // This field is deprecated; regexp validation should be performed on the management server // instead of being done by each individual client. google.protobuf.UInt32Value max_program_size = 1 [deprecated = true]; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 7] message StringMatcher { oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. // The regex grammar is defined `here // `_. // // Examples: // // * The regex ``\d{3}`` matches the value *123* // * The regex ``\d{3}`` does not match the value *1234* // * The regex ``\d{3}`` does not match the value *123.456* // // .. attention:: // This field has been deprecated in favor of `safe_regex` as it is not safe for use with // untrusted input in all cases. string regex = 4 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/value.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { // Specifies the segment in a path to retrieve value from Struct. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type/matcher:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.MetadataMatcher"; // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.MetadataMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/string.proto"; import "envoy/type/matcher/v3/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.NodeMatcher"; // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.DoubleMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). type.v3.DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.PathMatcher"; oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatcher"; // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatcher.GoogleRE2"; // This field controls the RE2 "program size" which is a rough estimate of how complex a // compiled regex is to evaluate. A regex that has a program size greater than the configured // value will fail to compile. In this case, the configured max program size can be increased // or the regex can be simplified. If not specified, the default is 100. // // This field is deprecated; regexp validation should be performed on the management server // instead of being done by each individual client. google.protobuf.UInt32Value max_program_size = 1 [deprecated = true]; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatchAndSubstitute"; // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1 [(validate.rules).message = {required: true}]; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 8] message StringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StringMatcher"; oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; // The input string must have the substring specified here. // Note: empty contains match is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc.def* string contains = 7 [(validate.rules).string = {min_len: 1}]; string hidden_envoy_deprecated_regex = 4 [ deprecated = true, (validate.rules).string = {max_bytes: 1024}, (envoy.annotations.disallowed_by_default) = true ]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ListStringMatcher"; repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StructMatcher"; // Specifies the segment in a path to retrieve value from Struct. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.StructMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v3/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v3; import "envoy/type/matcher/v3/number.proto"; import "envoy/type/matcher/v3/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v3"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ValueMatcher"; // NullMatch is an empty message to specify a null value. message NullMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ValueMatcher.NullMatch"; } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.ListMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/metadata.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Metadata matcher] // MetadataMatcher provides a general interface to check if a given value is matched in // :ref:`Metadata `. It uses `filter` and `path` to retrieve the value // from the Metadata and then check if it's matched to the specified value. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.filters.http.rbac: // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following MetadataMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // filter: envoy.filters.http.rbac // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of MetadataMatcher is specifying additional metadata in envoy.filters.http.rbac to // enforce access control based on dynamic metadata in a request. See :ref:`Permission // ` and :ref:`Principal // `. // [#next-major-version: MetadataMatcher should use StructMatcher] message MetadataMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.MetadataMatcher"; // Specifies the segment in a path to retrieve value from Metadata. // Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that // if the segment key refers to a list, it has to be the last segment in a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.MetadataMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The filter name to retrieve the Struct from the Metadata. string filter = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The MetadataMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/node.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "envoy/type/matcher/v4alpha/struct.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "NodeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Node matcher] // Specifies the way to match a Node. // The match follows AND semantics. message NodeMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.NodeMatcher"; // Specifies match criteria on the node id. StringMatcher node_id = 1; // Specifies match criteria on the node metadata. repeated StructMatcher node_metadatas = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/number.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/v3/range.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "NumberProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Number matcher] // Specifies the way to match a double value. message DoubleMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.DoubleMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, the input double value must be in the range specified here. // Note: The range is using half-open interval semantics [start, end). v3.DoubleRange range = 1; // If specified, the input double value must be equal to the value specified here. double exact = 2; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/path.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "PathProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Path matcher] // Specifies the way to match a path on HTTP request. message PathMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.PathMatcher"; oneof rule { option (validate.required) = true; // The `path` must match the URL path portion of the :path header. The query and fragment // string (if present) are removed in the URL path portion. // For example, the path */data* will match the *:path* header */data#fragment?param=value*. StringMatcher path = 1 [(validate.rules).message = {required: true}]; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/regex.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "RegexProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Regex matcher] // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatcher"; // Google's `RE2 `_ regex engine. The regex string must adhere to // the documented `syntax `_. The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` // and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or // complexity that a compiled regex can have before an exception is thrown or a warning is // logged, respectively. `re2.max_program_size.error_level` defaults to 100, and // `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). // // Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, // which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented // each time the program size exceeds the warn level threshold. message GoogleRE2 { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatcher.GoogleRE2"; // This field controls the RE2 "program size" which is a rough estimate of how complex a // compiled regex is to evaluate. A regex that has a program size greater than the configured // value will fail to compile. In this case, the configured max program size can be increased // or the regex can be simplified. If not specified, the default is 100. // // This field is deprecated; regexp validation should be performed on the management server // instead of being done by each individual client. google.protobuf.UInt32Value hidden_envoy_deprecated_max_program_size = 1 [deprecated = true]; } oneof engine_type { option (validate.required) = true; // Google's RE2 regex engine. GoogleRE2 google_re2 = 1 [(validate.rules).message = {required: true}]; } // The regex match string. The string must be supported by the configured engine. string regex = 2 [(validate.rules).string = {min_len: 1}]; } // Describes how to match a string and then produce a new string using a regular // expression and a substitution string. message RegexMatchAndSubstitute { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.RegexMatchAndSubstitute"; // The regular expression used to find portions of a string (hereafter called // the "subject string") that should be replaced. When a new string is // produced during the substitution operation, the new string is initially // the same as the subject string, but then all matches in the subject string // are replaced by the substitution string. If replacing all matches isn't // desired, regular expression anchors can be used to ensure a single match, // so as to replace just one occurrence of a pattern. Capture groups can be // used in the pattern to extract portions of the subject string, and then // referenced in the substitution string. RegexMatcher pattern = 1 [(validate.rules).message = {required: true}]; // The string that should be substituted into matching portions of the // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is // defined by the chosen regular expression engine. Google's `RE2 // `_ regular expression engine uses a // backslash followed by the capture group number to denote a numbered // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers // to capture group 2. string substitution = 2; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/string.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/regex.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "StringProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: String matcher] // Specifies the way to match a string. // [#next-free-field: 8] message StringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StringMatcher"; reserved 4; reserved "regex"; oneof match_pattern { option (validate.required) = true; // The input string must match exactly the string specified here. // // Examples: // // * *abc* only matches the value *abc*. string exact = 1; // The input string must have the prefix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *abc.xyz* string prefix = 2 [(validate.rules).string = {min_len: 1}]; // The input string must have the suffix specified here. // Note: empty prefix is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc* string suffix = 3 [(validate.rules).string = {min_len: 1}]; // The input string must match the regular expression specified here. RegexMatcher safe_regex = 5 [(validate.rules).message = {required: true}]; // The input string must have the substring specified here. // Note: empty contains match is not allowed, please use regex instead. // // Examples: // // * *abc* matches the value *xyz.abc.def* string contains = 7 [(validate.rules).string = {min_len: 1}]; } // If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no // effect for the safe_regex match. // For example, the matcher *data* will match both input string *Data* and *data* if set to true. bool ignore_case = 6; } // Specifies a list of ways to match a string. message ListStringMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ListStringMatcher"; repeated StringMatcher patterns = 1 [(validate.rules).repeated = {min_items: 1}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/struct.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/value.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "StructProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Struct matcher] // StructMatcher provides a general interface to check if a given value is matched in // google.protobuf.Struct. It uses `path` to retrieve the value // from the struct and then check if it's matched to the specified value. // // For example, for the following Struct: // // .. code-block:: yaml // // fields: // a: // struct_value: // fields: // b: // struct_value: // fields: // c: // string_value: pro // t: // list_value: // values: // - string_value: m // - string_value: n // // The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro" // from the Metadata which is matched to the specified prefix match. // // .. code-block:: yaml // // path: // - key: a // - key: b // - key: c // value: // string_match: // prefix: pr // // The following StructMatcher is matched as the code will match one of the string values in the // list at the path [a, t]. // // .. code-block:: yaml // // path: // - key: a // - key: t // value: // list_match: // one_of: // string_match: // exact: m // // An example use of StructMatcher is to match metadata in envoy.v*.core.Node. message StructMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StructMatcher"; // Specifies the segment in a path to retrieve value from Struct. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.StructMatcher.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The path to retrieve the Value from the Struct. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; // The StructMatcher is matched if the value retrieved by path is matched to this value. ValueMatcher value = 3 [(validate.rules).message = {required: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/matcher/v4alpha/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher.v4alpha; import "envoy/type/matcher/v4alpha/number.proto"; import "envoy/type/matcher/v4alpha/string.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher.v4alpha"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ValueMatcher"; // NullMatch is an empty message to specify a null value. message NullMatch { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ValueMatcher.NullMatch"; } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { option (udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.v3.ListMatcher"; oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: generated_api_shadow/envoy/type/matcher/value.proto ================================================ syntax = "proto3"; package envoy.type.matcher; import "envoy/type/matcher/number.proto"; import "envoy/type/matcher/string.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.matcher"; option java_outer_classname = "ValueProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Value matcher] // Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. // StructValue is not supported and is always not matched. // [#next-free-field: 7] message ValueMatcher { // NullMatch is an empty message to specify a null value. message NullMatch { } // Specifies how to match a value. oneof match_pattern { option (validate.required) = true; // If specified, a match occurs if and only if the target value is a NullValue. NullMatch null_match = 1; // If specified, a match occurs if and only if the target value is a double value and is // matched to this field. DoubleMatcher double_match = 2; // If specified, a match occurs if and only if the target value is a string value and is // matched to this field. StringMatcher string_match = 3; // If specified, a match occurs if and only if the target value is a bool value and is equal // to this field. bool bool_match = 4; // If specified, value match will be performed based on whether the path is referring to a // valid primitive value in the metadata. If the path is referring to a non-primitive value, // the result is always not matched. bool present_match = 5; // If specified, a match occurs if and only if the target value is a list value and // is matched to this field. ListMatcher list_match = 6; } } // Specifies the way to match a list value. message ListMatcher { oneof match_pattern { option (validate.required) = true; // If specified, at least one of the values in the list must match the value specified. ValueMatcher one_of = 1; } } ================================================ FILE: generated_api_shadow/envoy/type/metadata/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: generated_api_shadow/envoy/type/metadata/v2/metadata.proto ================================================ syntax = "proto3"; package envoy.type.metadata.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.metadata.v2"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.type.metadata.v3"; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Metadata] // MetadataKey provides a general interface using `key` and `path` to retrieve value from // :ref:`Metadata `. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.xxx: // prop: // foo: bar // xyz: // hello: envoy // // The following MetadataKey will retrieve a string value "bar" from the Metadata. // // .. code-block:: yaml // // key: envoy.xxx // path: // - key: prop // - key: foo // message MetadataKey { // Specifies the segment in a path to retrieve value from Metadata. // Currently it is only supported to specify the key, i.e. field name, as one segment of a path. message PathSegment { oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_bytes: 1}]; } } // The key name of Metadata to retrieve the Struct from the metadata. // Typically, it represents a builtin subsystem or custom extension. string key = 1 [(validate.rules).string = {min_bytes: 1}]; // The path to retrieve the Value from the Struct. It can be a prefix or a full path, // e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list // unless the list is the last segment. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; } // Describes what kind of metadata. message MetadataKind { // Represents dynamic metadata associated with the request. message Request { } // Represents metadata from :ref:`the route`. message Route { } // Represents metadata from :ref:`the upstream cluster`. message Cluster { } // Represents metadata from :ref:`the upstream // host`. message Host { } oneof kind { option (validate.required) = true; // Request kind of metadata. Request request = 1; // Route kind of metadata. Route route = 2; // Cluster kind of metadata. Cluster cluster = 3; // Host kind of metadata. Host host = 4; } } ================================================ FILE: generated_api_shadow/envoy/type/metadata/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/metadata/v3/metadata.proto ================================================ syntax = "proto3"; package envoy.type.metadata.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.metadata.v3"; option java_outer_classname = "MetadataProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metadata] // MetadataKey provides a general interface using `key` and `path` to retrieve value from // :ref:`Metadata `. // // For example, for the following Metadata: // // .. code-block:: yaml // // filter_metadata: // envoy.xxx: // prop: // foo: bar // xyz: // hello: envoy // // The following MetadataKey will retrieve a string value "bar" from the Metadata. // // .. code-block:: yaml // // key: envoy.xxx // path: // - key: prop // - key: foo // message MetadataKey { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKey"; // Specifies the segment in a path to retrieve value from Metadata. // Currently it is only supported to specify the key, i.e. field name, as one segment of a path. message PathSegment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKey.PathSegment"; oneof segment { option (validate.required) = true; // If specified, use the key to retrieve the value in a Struct. string key = 1 [(validate.rules).string = {min_len: 1}]; } } // The key name of Metadata to retrieve the Struct from the metadata. // Typically, it represents a builtin subsystem or custom extension. string key = 1 [(validate.rules).string = {min_len: 1}]; // The path to retrieve the Value from the Struct. It can be a prefix or a full path, // e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list // unless the list is the last segment. repeated PathSegment path = 2 [(validate.rules).repeated = {min_items: 1}]; } // Describes what kind of metadata. message MetadataKind { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind"; // Represents dynamic metadata associated with the request. message Request { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Request"; } // Represents metadata from :ref:`the route`. message Route { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Route"; } // Represents metadata from :ref:`the upstream cluster`. message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Cluster"; } // Represents metadata from :ref:`the upstream // host`. message Host { option (udpa.annotations.versioning).previous_message_type = "envoy.type.metadata.v2.MetadataKind.Host"; } oneof kind { option (validate.required) = true; // Request kind of metadata. Request request = 1; // Route kind of metadata. Route route = 2; // Cluster kind of metadata. Cluster cluster = 3; // Host kind of metadata. Host host = 4; } } ================================================ FILE: generated_api_shadow/envoy/type/percent.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "PercentProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Percent] // Identifies a percentage, in the range [0.0, 100.0]. message Percent { double value = 1 [(validate.rules).double = {lte: 100.0 gte: 0.0}]; } // A fractional percentage is used in cases in which for performance reasons performing floating // point to integer conversions during randomness calculations is undesirable. The message includes // both a numerator and denominator that together determine the final fractional value. // // * **Example**: 1/100 = 1%. // * **Example**: 3/10000 = 0.03%. message FractionalPercent { // Fraction percentages support several fixed denominator values. enum DenominatorType { // 100. // // **Example**: 1/100 = 1%. HUNDRED = 0; // 10,000. // // **Example**: 1/10000 = 0.01%. TEN_THOUSAND = 1; // 1,000,000. // // **Example**: 1/1000000 = 0.0001%. MILLION = 2; } // Specifies the numerator. Defaults to 0. uint32 numerator = 1; // Specifies the denominator. If the denominator specified is less than the numerator, the final // fractional percentage is capped at 1 (100%). DenominatorType denominator = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/range.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "RangeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Range] // Specifies the int64 start and end of the range using half-open interval semantics [start, // end). message Int64Range { // start of the range (inclusive) int64 start = 1; // end of the range (exclusive) int64 end = 2; } // Specifies the int32 start and end of the range using half-open interval semantics [start, // end). message Int32Range { // start of the range (inclusive) int32 start = 1; // end of the range (exclusive) int32 end = 2; } // Specifies the double start and end of the range using half-open interval semantics [start, // end). message DoubleRange { // start of the range (inclusive) double start = 1; // end of the range (exclusive) double end = 2; } ================================================ FILE: generated_api_shadow/envoy/type/semantic_version.proto ================================================ syntax = "proto3"; package envoy.type; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "SemanticVersionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Semantic Version] // Envoy uses SemVer (https://semver.org/). Major/minor versions indicate // expected behaviors and APIs, the patch version field is used only // for security fixes and can be generally ignored. message SemanticVersion { uint32 major_number = 1; uint32 minor_number = 2; uint32 patch = 3; } ================================================ FILE: generated_api_shadow/envoy/type/token_bucket.proto ================================================ syntax = "proto3"; package envoy.type; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type"; option java_outer_classname = "TokenBucketProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Token bucket] // Configures a token bucket, typically used for rate limiting. message TokenBucket { // The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket // initially contains. uint32 max_tokens = 1 [(validate.rules).uint32 = {gt: 0}]; // The number of tokens added to the bucket during each fill interval. If not specified, defaults // to a single token. google.protobuf.UInt32Value tokens_per_fill = 2 [(validate.rules).uint32 = {gt: 0}]; // The fill interval that tokens are added to the bucket. During each fill interval // `tokens_per_fill` are added to the bucket. The bucket will never contain more than // `max_tokens` tokens. google.protobuf.Duration fill_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } ================================================ FILE: generated_api_shadow/envoy/type/tracing/v2/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/tracing/v2/custom_tag.proto ================================================ syntax = "proto3"; package envoy.type.tracing.v2; import "envoy/type/metadata/v2/metadata.proto"; import "udpa/annotations/status.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.tracing.v2"; option java_outer_classname = "CustomTagProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Custom Tag] // Describes custom tags for the active span. // [#next-free-field: 6] message CustomTag { // Literal type custom tag with static value for the tag value. message Literal { // Static literal value to populate the tag value. string value = 1 [(validate.rules).string = {min_bytes: 1}]; } // Environment type custom tag with environment name and default value. message Environment { // Environment variable name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // When the environment variable is not found, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Header type custom tag with header name and default value. message Header { // Header name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // When the header does not exist, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Metadata type custom tag using // :ref:`MetadataKey ` to retrieve the protobuf value // from :ref:`Metadata `, and populate the tag value with // `the canonical JSON `_ // representation of it. message Metadata { // Specify what kind of metadata to obtain tag value from. metadata.v2.MetadataKind kind = 1; // Metadata key to define the path to retrieve the tag value. metadata.v2.MetadataKey metadata_key = 2; // When no valid metadata is found, // the tag value would be populated with this default value if specified, // otherwise no tag would be populated. string default_value = 3; } // Used to populate the tag name. string tag = 1 [(validate.rules).string = {min_bytes: 1}]; // Used to specify what kind of custom tag. oneof type { option (validate.required) = true; // A literal custom tag. Literal literal = 2; // An environment custom tag. Environment environment = 3; // A request header custom tag. Header request_header = 4; // A custom tag to obtain tag value from the metadata. Metadata metadata = 5; } } ================================================ FILE: generated_api_shadow/envoy/type/tracing/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type/metadata/v3:pkg", "//envoy/type/tracing/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/tracing/v3/custom_tag.proto ================================================ syntax = "proto3"; package envoy.type.tracing.v3; import "envoy/type/metadata/v3/metadata.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.tracing.v3"; option java_outer_classname = "CustomTagProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Custom Tag] // Describes custom tags for the active span. // [#next-free-field: 6] message CustomTag { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag"; // Literal type custom tag with static value for the tag value. message Literal { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Literal"; // Static literal value to populate the tag value. string value = 1 [(validate.rules).string = {min_len: 1}]; } // Environment type custom tag with environment name and default value. message Environment { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Environment"; // Environment variable name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_len: 1}]; // When the environment variable is not found, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Header type custom tag with header name and default value. message Header { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Header"; // Header name to obtain the value to populate the tag value. string name = 1 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; // When the header does not exist, // the tag value will be populated with this default value if specified, // otherwise no tag will be populated. string default_value = 2; } // Metadata type custom tag using // :ref:`MetadataKey ` to retrieve the protobuf value // from :ref:`Metadata `, and populate the tag value with // `the canonical JSON `_ // representation of it. message Metadata { option (udpa.annotations.versioning).previous_message_type = "envoy.type.tracing.v2.CustomTag.Metadata"; // Specify what kind of metadata to obtain tag value from. metadata.v3.MetadataKind kind = 1; // Metadata key to define the path to retrieve the tag value. metadata.v3.MetadataKey metadata_key = 2; // When no valid metadata is found, // the tag value would be populated with this default value if specified, // otherwise no tag would be populated. string default_value = 3; } // Used to populate the tag name. string tag = 1 [(validate.rules).string = {min_len: 1}]; // Used to specify what kind of custom tag. oneof type { option (validate.required) = true; // A literal custom tag. Literal literal = 2; // An environment custom tag. Environment environment = 3; // A request header custom tag. Header request_header = 4; // A custom tag to obtain tag value from the metadata. Metadata metadata = 5; } } ================================================ FILE: generated_api_shadow/envoy/type/v3/BUILD ================================================ # DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/type:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) ================================================ FILE: generated_api_shadow/envoy/type/v3/hash_policy.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HashPolicyProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Hash Policy] // Specifies the hash policy message HashPolicy { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HashPolicy"; // The source IP will be used to compute the hash used by hash-based load balancing // algorithms. message SourceIp { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HashPolicy.SourceIp"; } oneof policy_specifier { option (validate.required) = true; SourceIp source_ip = 1; } } ================================================ FILE: generated_api_shadow/envoy/type/v3/http.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HttpProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP] enum CodecClientType { HTTP1 = 0; HTTP2 = 1; // [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with // caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient // to distinguish HTTP1 and HTTP2 traffic. HTTP3 = 2; } ================================================ FILE: generated_api_shadow/envoy/type/v3/http_status.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "HttpStatusProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: HTTP status codes] // HTTP response codes supported in Envoy. // For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml enum StatusCode { // Empty - This code not part of the HTTP status code specification, but it is needed for proto // `enum` type. Empty = 0; Continue = 100; OK = 200; Created = 201; Accepted = 202; NonAuthoritativeInformation = 203; NoContent = 204; ResetContent = 205; PartialContent = 206; MultiStatus = 207; AlreadyReported = 208; IMUsed = 226; MultipleChoices = 300; MovedPermanently = 301; Found = 302; SeeOther = 303; NotModified = 304; UseProxy = 305; TemporaryRedirect = 307; PermanentRedirect = 308; BadRequest = 400; Unauthorized = 401; PaymentRequired = 402; Forbidden = 403; NotFound = 404; MethodNotAllowed = 405; NotAcceptable = 406; ProxyAuthenticationRequired = 407; RequestTimeout = 408; Conflict = 409; Gone = 410; LengthRequired = 411; PreconditionFailed = 412; PayloadTooLarge = 413; URITooLong = 414; UnsupportedMediaType = 415; RangeNotSatisfiable = 416; ExpectationFailed = 417; MisdirectedRequest = 421; UnprocessableEntity = 422; Locked = 423; FailedDependency = 424; UpgradeRequired = 426; PreconditionRequired = 428; TooManyRequests = 429; RequestHeaderFieldsTooLarge = 431; InternalServerError = 500; NotImplemented = 501; BadGateway = 502; ServiceUnavailable = 503; GatewayTimeout = 504; HTTPVersionNotSupported = 505; VariantAlsoNegotiates = 506; InsufficientStorage = 507; LoopDetected = 508; NotExtended = 510; NetworkAuthenticationRequired = 511; } // HTTP status. message HttpStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.type.HttpStatus"; // Supplies HTTP response code. StatusCode code = 1 [(validate.rules).enum = {defined_only: true not_in: 0}]; } ================================================ FILE: generated_api_shadow/envoy/type/v3/percent.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "PercentProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Percent] // Identifies a percentage, in the range [0.0, 100.0]. message Percent { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Percent"; double value = 1 [(validate.rules).double = {lte: 100.0 gte: 0.0}]; } // A fractional percentage is used in cases in which for performance reasons performing floating // point to integer conversions during randomness calculations is undesirable. The message includes // both a numerator and denominator that together determine the final fractional value. // // * **Example**: 1/100 = 1%. // * **Example**: 3/10000 = 0.03%. message FractionalPercent { option (udpa.annotations.versioning).previous_message_type = "envoy.type.FractionalPercent"; // Fraction percentages support several fixed denominator values. enum DenominatorType { // 100. // // **Example**: 1/100 = 1%. HUNDRED = 0; // 10,000. // // **Example**: 1/10000 = 0.01%. TEN_THOUSAND = 1; // 1,000,000. // // **Example**: 1/1000000 = 0.0001%. MILLION = 2; } // Specifies the numerator. Defaults to 0. uint32 numerator = 1; // Specifies the denominator. If the denominator specified is less than the numerator, the final // fractional percentage is capped at 1 (100%). DenominatorType denominator = 2 [(validate.rules).enum = {defined_only: true}]; } ================================================ FILE: generated_api_shadow/envoy/type/v3/range.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "RangeProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Range] // Specifies the int64 start and end of the range using half-open interval semantics [start, // end). message Int64Range { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Int64Range"; // start of the range (inclusive) int64 start = 1; // end of the range (exclusive) int64 end = 2; } // Specifies the int32 start and end of the range using half-open interval semantics [start, // end). message Int32Range { option (udpa.annotations.versioning).previous_message_type = "envoy.type.Int32Range"; // start of the range (inclusive) int32 start = 1; // end of the range (exclusive) int32 end = 2; } // Specifies the double start and end of the range using half-open interval semantics [start, // end). message DoubleRange { option (udpa.annotations.versioning).previous_message_type = "envoy.type.DoubleRange"; // start of the range (inclusive) double start = 1; // end of the range (exclusive) double end = 2; } ================================================ FILE: generated_api_shadow/envoy/type/v3/ratelimit_unit.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "RatelimitUnitProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Ratelimit Time Unit] // Identifies the unit of of time for rate limit. enum RateLimitUnit { // The time unit is not known. UNKNOWN = 0; // The time unit representing a second. SECOND = 1; // The time unit representing a minute. MINUTE = 2; // The time unit representing an hour. HOUR = 3; // The time unit representing a day. DAY = 4; } ================================================ FILE: generated_api_shadow/envoy/type/v3/semantic_version.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "SemanticVersionProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Semantic Version] // Envoy uses SemVer (https://semver.org/). Major/minor versions indicate // expected behaviors and APIs, the patch version field is used only // for security fixes and can be generally ignored. message SemanticVersion { option (udpa.annotations.versioning).previous_message_type = "envoy.type.SemanticVersion"; uint32 major_number = 1; uint32 minor_number = 2; uint32 patch = 3; } ================================================ FILE: generated_api_shadow/envoy/type/v3/token_bucket.proto ================================================ syntax = "proto3"; package envoy.type.v3; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.type.v3"; option java_outer_classname = "TokenBucketProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Token bucket] // Configures a token bucket, typically used for rate limiting. message TokenBucket { option (udpa.annotations.versioning).previous_message_type = "envoy.type.TokenBucket"; // The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket // initially contains. uint32 max_tokens = 1 [(validate.rules).uint32 = {gt: 0}]; // The number of tokens added to the bucket during each fill interval. If not specified, defaults // to a single token. google.protobuf.UInt32Value tokens_per_fill = 2 [(validate.rules).uint32 = {gt: 0}]; // The fill interval that tokens are added to the bucket. During each fill interval // `tokens_per_fill` are added to the bucket. The bucket will never contain more than // `max_tokens` tokens. google.protobuf.Duration fill_interval = 3 [(validate.rules).duration = { required: true gt {} }]; } ================================================ FILE: include/envoy/access_log/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "access_log_interface", hdrs = ["access_log.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/http:header_map_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/protobuf", ], ) ================================================ FILE: include/envoy/access_log/access_log.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/http/header_map.h" #include "envoy/stream_info/stream_info.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace AccessLog { class AccessLogFile { public: virtual ~AccessLogFile() = default; /** * Write data to the file. */ virtual void write(absl::string_view) PURE; /** * Reopen the file. */ virtual void reopen() PURE; /** * Synchronously flush all pending data to disk. */ virtual void flush() PURE; }; using AccessLogFileSharedPtr = std::shared_ptr; class AccessLogManager { public: virtual ~AccessLogManager() = default; /** * Reopen all of the access log files. */ virtual void reopen() PURE; /** * Create a new access log file managed by the access log manager. * @param file_name specifies the file to create/open. * @return the opened file. */ virtual AccessLogFileSharedPtr createAccessLog(const std::string& file_name) PURE; }; using AccessLogManagerPtr = std::unique_ptr; /** * Interface for access log filters. */ class Filter { public: virtual ~Filter() = default; /** * Evaluate whether an access log should be written based on request and response data. * @return TRUE if the log should be written. */ virtual bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const PURE; }; using FilterPtr = std::unique_ptr; /** * Abstract access logger for requests and connections. */ class Instance { public: virtual ~Instance() = default; /** * Log a completed request. * @param request_headers supplies the incoming request headers after filtering. * @param response_headers supplies response headers. * @param response_trailers supplies response trailers. * @param stream_info supplies additional information about the request not * contained in the request headers. */ virtual void log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) PURE; }; using InstanceSharedPtr = std::shared_ptr; } // namespace AccessLog } // namespace Envoy ================================================ FILE: include/envoy/api/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "api_interface", hdrs = ["api.h"], deps = [ "//include/envoy/common:random_generator_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/server:process_context_interface", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "io_error_interface", hdrs = ["io_error.h"], ) envoy_cc_library( name = "os_sys_calls_interface", hdrs = [ "os_sys_calls.h", "os_sys_calls_common.h", "os_sys_calls_hot_restart.h", "os_sys_calls_linux.h", ], ) ================================================ FILE: include/envoy/api/api.h ================================================ #pragma once #include #include #include "envoy/common/random_generator.h" #include "envoy/common/time.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/filesystem.h" #include "envoy/server/process_context.h" #include "envoy/stats/store.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Api { /** * "Public" API that different components use to interact with the various system abstractions. */ class Api { public: virtual ~Api() = default; /** * Allocate a dispatcher. * @param name the identity name for a dispatcher, e.g. "worker_2" or "main_thread". * This name will appear in per-handler/worker statistics, such as * "server.worker_2.watchdog_miss". * @return Event::DispatcherPtr which is owned by the caller. */ virtual Event::DispatcherPtr allocateDispatcher(const std::string& name) PURE; /** * Allocate a dispatcher. * @param name the identity name for a dispatcher, e.g. "worker_2" or "main_thread". * This name will appear in per-handler/worker statistics, such as * "server.worker_2.watchdog_miss". * @param watermark_factory the watermark factory, ownership is transferred to the dispatcher. * @return Event::DispatcherPtr which is owned by the caller. */ virtual Event::DispatcherPtr allocateDispatcher(const std::string& name, Buffer::WatermarkFactoryPtr&& watermark_factory) PURE; /** * @return a reference to the ThreadFactory */ virtual Thread::ThreadFactory& threadFactory() PURE; /** * @return a reference to the Filesystem::Instance */ virtual Filesystem::Instance& fileSystem() PURE; /** * @return a reference to the TimeSource */ virtual TimeSource& timeSource() PURE; /** * @return a constant reference to the root Stats::Scope */ virtual const Stats::Scope& rootScope() PURE; /** * @return a reference to the RandomGenerator. */ virtual Random::RandomGenerator& randomGenerator() PURE; /** * @return an optional reference to the ProcessContext */ virtual ProcessContextOptRef processContext() PURE; }; using ApiPtr = std::unique_ptr; } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/api/io_error.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" #include "envoy/common/pure.h" namespace Envoy { namespace Api { /** * Base class for any I/O error. */ class IoError { public: enum class IoErrorCode { // No data available right now, try again later. Again, // Not supported. NoSupport, // Address family not supported. AddressFamilyNoSupport, // During non-blocking connect, the connection cannot be completed immediately. InProgress, // Permission denied. Permission, // Message too big to send. MessageTooBig, // Kernel interrupt. Interrupt, // Requested a nonexistent interface or a non-local source address. AddressNotAvailable, // Bad file descriptor. BadFd, // Other error codes cannot be mapped to any one above in getErrorCode(). UnknownError }; virtual ~IoError() = default; virtual IoErrorCode getErrorCode() const PURE; virtual std::string getErrorDetails() const PURE; }; using IoErrorDeleterType = void (*)(IoError*); using IoErrorPtr = std::unique_ptr; /** * Basic type for return result which has a return code and error code defined * according to different implementations. * If the call succeeds, ok() should return true and |rc_| is valid. Otherwise |err_| * can be passed into IoError::getErrorCode() to extract the error. In this * case, |rc_| is invalid. */ template struct IoCallResult { IoCallResult(ReturnValue rc, IoErrorPtr err) : rc_(rc), err_(std::move(err)) {} IoCallResult(IoCallResult&& result) noexcept : rc_(result.rc_), err_(std::move(result.err_)) {} virtual ~IoCallResult() = default; IoCallResult& operator=(IoCallResult&& result) noexcept { rc_ = result.rc_; err_ = std::move(result.err_); return *this; } /** * @return true if the call succeeds. */ bool ok() const { return err_ == nullptr; } // TODO(danzh): rename it to be more meaningful, i.e. return_value_. ReturnValue rc_; IoErrorPtr err_; }; using IoCallBoolResult = IoCallResult; using IoCallSizeResult = IoCallResult; using IoCallUint64Result = IoCallResult; inline Api::IoCallUint64Result ioCallUint64ResultNoError() { return IoCallUint64Result(0, IoErrorPtr(nullptr, [](IoError*) {})); } } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/api/os_sys_calls.h ================================================ #pragma once #include #include #include #include "envoy/api/os_sys_calls_common.h" #include "envoy/common/platform.h" #include "envoy/common/pure.h" namespace Envoy { namespace Api { class OsSysCalls { public: virtual ~OsSysCalls() = default; /** * @see bind (man 2 bind) */ virtual SysCallIntResult bind(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) PURE; /** * @see chmod (man 2 chmod) */ virtual SysCallIntResult chmod(const std::string& path, mode_t mode) PURE; /** * @see ioctl (man 2 ioctl) */ virtual SysCallIntResult ioctl(os_fd_t sockfd, unsigned long int request, void* argp) PURE; /** * @see writev (man 2 writev) */ virtual SysCallSizeResult writev(os_fd_t fd, const iovec* iov, int num_iov) PURE; /** * @see readv (man 2 readv) */ virtual SysCallSizeResult readv(os_fd_t fd, const iovec* iov, int num_iov) PURE; /** * @see recv (man 2 recv) */ virtual SysCallSizeResult recv(os_fd_t socket, void* buffer, size_t length, int flags) PURE; /** * @see recvmsg (man 2 recvmsg) */ virtual SysCallSizeResult recvmsg(os_fd_t sockfd, msghdr* msg, int flags) PURE; /** * @see recvmmsg (man 2 recvmmsg) */ virtual SysCallIntResult recvmmsg(os_fd_t sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags, struct timespec* timeout) PURE; /** * return true if the OS supports recvmmsg() and sendmmsg(). */ virtual bool supportsMmsg() const PURE; /** * return true if the OS supports UDP GRO. */ virtual bool supportsUdpGro() const PURE; /** * return true if the OS supports UDP GSO */ virtual bool supportsUdpGso() const PURE; /** * return true if the OS support both IP_TRANSPARENT and IPV6_TRANSPARENT options */ virtual bool supportsIpTransparent() const PURE; /** * Release all resources allocated for fd. * @return zero on success, -1 returned otherwise. */ virtual SysCallIntResult close(os_fd_t fd) PURE; /** * @see man 2 ftruncate */ virtual SysCallIntResult ftruncate(int fd, off_t length) PURE; /** * @see man 2 mmap */ virtual SysCallPtrResult mmap(void* addr, size_t length, int prot, int flags, int fd, off_t offset) PURE; /** * @see man 2 stat */ virtual SysCallIntResult stat(const char* pathname, struct stat* buf) PURE; /** * @see man 2 setsockopt */ virtual SysCallIntResult setsockopt(os_fd_t sockfd, int level, int optname, const void* optval, socklen_t optlen) PURE; /** * @see man 2 getsockopt */ virtual SysCallIntResult getsockopt(os_fd_t sockfd, int level, int optname, void* optval, socklen_t* optlen) PURE; /** * @see man 2 socket */ virtual SysCallSocketResult socket(int domain, int type, int protocol) PURE; /** * @see man 2 sendmsg */ virtual SysCallSizeResult sendmsg(os_fd_t sockfd, const msghdr* message, int flags) PURE; /** * @see man 2 getsockname */ virtual SysCallIntResult getsockname(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) PURE; /** * @see man 2 gethostname */ virtual SysCallIntResult gethostname(char* name, size_t length) PURE; /** * @see man 2 getpeername */ virtual SysCallIntResult getpeername(os_fd_t sockfd, sockaddr* name, socklen_t* namelen) PURE; /** * Toggle the blocking state bit using fcntl */ virtual SysCallIntResult setsocketblocking(os_fd_t sockfd, bool blocking) PURE; /** * @see man 2 connect */ virtual SysCallIntResult connect(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) PURE; /** * @see man 2 shutdown */ virtual SysCallIntResult shutdown(os_fd_t sockfd, int how) PURE; /** * @see man 2 socketpair */ virtual SysCallIntResult socketpair(int domain, int type, int protocol, os_fd_t sv[2]) PURE; /** * @see man 2 listen */ virtual SysCallIntResult listen(os_fd_t sockfd, int backlog) PURE; /** * @see man 2 write */ virtual SysCallSizeResult write(os_fd_t socket, const void* buffer, size_t length) PURE; /** * @see man 2 accept. The fds returned are configured to be non-blocking. */ virtual SysCallSocketResult accept(os_fd_t socket, sockaddr* addr, socklen_t* addrlen) PURE; }; using OsSysCallsPtr = std::unique_ptr; } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/api/os_sys_calls_common.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" namespace Envoy { namespace Api { /** * SysCallResult holds the rc and errno values resulting from a system call. */ template struct SysCallResult { /** * The return code from the system call. */ T rc_; /** * The errno value as captured after the system call. */ int errno_; }; using SysCallIntResult = SysCallResult; using SysCallSizeResult = SysCallResult; using SysCallPtrResult = SysCallResult; using SysCallStringResult = SysCallResult; using SysCallBoolResult = SysCallResult; using SysCallSocketResult = SysCallResult; } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/api/os_sys_calls_hot_restart.h ================================================ #pragma once #ifndef WIN32 #include // for mode_t #endif #include "envoy/api/os_sys_calls_common.h" #include "envoy/common/pure.h" namespace Envoy { namespace Api { class HotRestartOsSysCalls { public: virtual ~HotRestartOsSysCalls() = default; /** * @see shm_open (man 3 shm_open) */ virtual SysCallIntResult shmOpen(const char* name, int oflag, mode_t mode) PURE; /** * @see shm_unlink (man 3 shm_unlink) */ virtual SysCallIntResult shmUnlink(const char* name) PURE; }; using HotRestartOsSysCallsPtr = std::unique_ptr; } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/api/os_sys_calls_linux.h ================================================ #pragma once #if !defined(__linux__) #error "Linux platform file is part of non-Linux build." #endif #include #include "envoy/api/os_sys_calls_common.h" #include "envoy/common/pure.h" namespace Envoy { namespace Api { class LinuxOsSysCalls { public: virtual ~LinuxOsSysCalls() = default; /** * @see sched_getaffinity (man 2 sched_getaffinity) */ virtual SysCallIntResult sched_getaffinity(pid_t pid, size_t cpusetsize, cpu_set_t* mask) PURE; }; using LinuxOsSysCallsPtr = std::unique_ptr; } // namespace Api } // namespace Envoy ================================================ FILE: include/envoy/buffer/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "buffer_interface", hdrs = ["buffer.h"], external_deps = [ "abseil_inlined_vector", ], deps = [ "//include/envoy/api:os_sys_calls_interface", "//source/common/common:byte_order_lib", "//source/common/common:utility_lib", ], ) ================================================ FILE: include/envoy/buffer/buffer.h ================================================ #pragma once #include #include #include #include #include "envoy/api/os_sys_calls.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "common/common/byte_order.h" #include "common/common/utility.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "absl/types/span.h" namespace Envoy { namespace Buffer { /** * A raw memory data slice including location and length. */ struct RawSlice { void* mem_ = nullptr; size_t len_ = 0; bool operator==(const RawSlice& rhs) const { return mem_ == rhs.mem_ && len_ == rhs.len_; } }; using RawSliceVector = absl::InlinedVector; /** * A wrapper class to facilitate passing in externally owned data to a buffer via addBufferFragment. * When the buffer no longer needs the data passed in through a fragment, it calls done() on it. */ class BufferFragment { public: virtual ~BufferFragment() = default; /** * @return const void* a pointer to the referenced data. */ virtual const void* data() const PURE; /** * @return size_t the size of the referenced data. */ virtual size_t size() const PURE; /** * Called by a buffer when the referenced data is no longer needed. */ virtual void done() PURE; }; /** * A class to facilitate extracting buffer slices from a buffer instance. */ class SliceData { public: virtual ~SliceData() = default; /** * @return a mutable view of the slice data. */ virtual absl::Span getMutableData() PURE; }; using SliceDataPtr = std::unique_ptr; /** * A basic buffer abstraction. */ class Instance { public: virtual ~Instance() = default; /** * Register function to call when the last byte in the last slice of this * buffer has fully drained. Note that slices may be transferred to * downstream buffers, drain trackers are transferred along with the bytes * they track so the function is called only after the last byte is drained * from all buffers. */ virtual void addDrainTracker(std::function drain_tracker) PURE; /** * Copy data into the buffer (deprecated, use absl::string_view variant * instead). * TODO(htuch): Cleanup deprecated call sites. * @param data supplies the data address. * @param size supplies the data size. */ virtual void add(const void* data, uint64_t size) PURE; /** * Add externally owned data into the buffer. No copying is done. fragment is not owned. When * the fragment->data() is no longer needed, fragment->done() is called. * @param fragment the externally owned data to add to the buffer. */ virtual void addBufferFragment(BufferFragment& fragment) PURE; /** * Copy a string into the buffer. * @param data supplies the string to copy. */ virtual void add(absl::string_view data) PURE; /** * Copy another buffer into this buffer. * @param data supplies the buffer to copy. */ virtual void add(const Instance& data) PURE; /** * Prepend a string_view to the buffer. * @param data supplies the string_view to copy. */ virtual void prepend(absl::string_view data) PURE; /** * Prepend data from another buffer to this buffer. * The supplied buffer is drained after this operation. * @param data supplies the buffer to copy. */ virtual void prepend(Instance& data) PURE; /** * Commit a set of slices originally obtained from reserve(). The number of slices should match * the number obtained from reserve(). The size of each slice can also be altered. Commit must * occur once following a reserve() without any mutating operations in between other than to the * iovecs len_ fields. * @param iovecs supplies the array of slices to commit. * @param num_iovecs supplies the size of the slices array. */ virtual void commit(RawSlice* iovecs, uint64_t num_iovecs) PURE; /** * Copy out a section of the buffer. * @param start supplies the buffer index to start copying from. * @param size supplies the size of the output buffer. * @param data supplies the output buffer to fill. */ virtual void copyOut(size_t start, uint64_t size, void* data) const PURE; /** * Drain data from the buffer. * @param size supplies the length of data to drain. */ virtual void drain(uint64_t size) PURE; /** * Fetch the raw buffer slices. * @param max_slices supplies an optional limit on the number of slices to fetch, for performance. * @return RawSliceVector with non-empty slices in the buffer. */ virtual RawSliceVector getRawSlices(absl::optional max_slices = absl::nullopt) const PURE; /** * Transfer ownership of the front slice to the caller. Must only be called if the * buffer is not empty otherwise the implementation will have undefined behavior. * If the underlying slice is immutable then the implementation must create and return * a mutable slice that has a copy of the immutable data. * @return pointer to SliceData object that wraps the front slice */ virtual SliceDataPtr extractMutableFrontSlice() PURE; /** * @return uint64_t the total length of the buffer (not necessarily contiguous in memory). */ virtual uint64_t length() const PURE; /** * @return a pointer to the first byte of data that has been linearized out to size bytes. */ virtual void* linearize(uint32_t size) PURE; /** * Move a buffer into this buffer. As little copying is done as possible. * @param rhs supplies the buffer to move. */ virtual void move(Instance& rhs) PURE; /** * Move a portion of a buffer into this buffer. As little copying is done as possible. * @param rhs supplies the buffer to move. * @param length supplies the amount of data to move. */ virtual void move(Instance& rhs, uint64_t length) PURE; /** * Reserve space in the buffer. * @param length supplies the amount of space to reserve. * @param iovecs supplies the slices to fill with reserved memory. * @param num_iovecs supplies the size of the slices array. * @return the number of iovecs used to reserve the space. */ virtual uint64_t reserve(uint64_t length, RawSlice* iovecs, uint64_t num_iovecs) PURE; /** * Search for an occurrence of data within the buffer. * @param data supplies the data to search for. * @param size supplies the length of the data to search for. * @param start supplies the starting index to search from. * @param length limits the search to specified number of bytes starting from start index. * When length value is zero, entire length of data from starting index to the end is searched. * @return the index where the match starts or -1 if there is no match. */ virtual ssize_t search(const void* data, uint64_t size, size_t start, size_t length) const PURE; /** * Search for an occurrence of data within entire buffer. * @param data supplies the data to search for. * @param size supplies the length of the data to search for. * @param start supplies the starting index to search from. * @return the index where the match starts or -1 if there is no match. */ ssize_t search(const void* data, uint64_t size, size_t start) const { return search(data, size, start, 0); } /** * Search for an occurrence of data at the start of a buffer. * @param data supplies the data to search for. * @return true if this buffer starts with data, false otherwise. */ virtual bool startsWith(absl::string_view data) const PURE; /** * Constructs a flattened string from a buffer. * @return the flattened string. */ virtual std::string toString() const PURE; /** * Copy an integer out of the buffer. * @param start supplies the buffer index to start copying from. * @param Size how many bytes to read out of the buffer. * @param Endianness specifies the byte order to use when decoding the integer. * @details Size parameter: Some protocols have integer fields whose size in bytes won't match the * size in bytes of C++'s integer types. Take a 3-byte integer field for example, which we want to * represent as a 32-bit (4 bytes) integer. One option to deal with that situation is to read 4 * bytes from the buffer and ignore 1. There are a few problems with that solution, though. * * The first problem is buffer underflow: there may not be more than Size bytes available * (say, last field in the payload), so that's an edge case to take into consideration. * * The second problem is draining the buffer after reading. With the above solution we cannot * read and discard in one go. We'd need to peek 4 bytes, ignore 1 and then drain 3. That not * only looks hacky since the sizes don't match, but also produces less terse code and * requires the caller to propagate that logic to all call sites. Things complicate even further * when endianness is taken into consideration: should the most or least-significant bytes be * padded? Dealing with this situation requires a high level of care and attention to detail. * Properly calculating which bytes to discard and how to displace the data is not only error * prone, but also shifts to the caller a burden that could be solved in a much more generic, * transparent and well tested manner. * * The last problem in the list is sign extension, which should be properly handled when * reading signed types with negative values. To make matters easier, the optional Size parameter * can be specified in those situations where there's a need to read less bytes than a C++'s * integer size in bytes. For the most common case when one needs to read exactly as many bytes as * the size of C++'s integer, this parameter can simply be omitted and it will be automatically * deduced from the size of the type T */ template T peekInt(uint64_t start = 0) const { static_assert(Size <= sizeof(T), "requested size is bigger than integer being read"); if (length() < start + Size) { ExceptionUtil::throwEnvoyException("buffer underflow"); } constexpr const auto displacement = Endianness == ByteOrder::BigEndian ? sizeof(T) - Size : 0; auto result = static_cast(0); constexpr const auto all_bits_enabled = static_cast(~static_cast(0)); int8_t* bytes = reinterpret_cast(std::addressof(result)); copyOut(start, Size, &bytes[displacement]); constexpr const auto most_significant_read_byte = Endianness == ByteOrder::BigEndian ? displacement : Size - 1; // If Size == sizeof(T), we need to make sure we don't generate an invalid left shift // (e.g. int32 << 32), even though we know that that branch of the conditional will. // not be taken. Size % sizeof(T) gives us the correct left shift when Size < sizeof(T), // and generates a left shift of 0 bits when Size == sizeof(T) const auto sign_extension_bits = std::is_signed::value && Size < sizeof(T) && bytes[most_significant_read_byte] < 0 ? static_cast(static_cast::type>(all_bits_enabled) << ((Size % sizeof(T)) * CHAR_BIT)) : static_cast(0); return fromEndianness(static_cast(result)) | sign_extension_bits; } /** * Copy a little endian integer out of the buffer. * @param start supplies the buffer index to start copying from. * @param Size how many bytes to read out of the buffer. */ template T peekLEInt(uint64_t start = 0) const { return peekInt(start); } /** * Copy a big endian integer out of the buffer. * @param start supplies the buffer index to start copying from. * @param Size how many bytes to read out of the buffer. */ template T peekBEInt(uint64_t start = 0) const { return peekInt(start); } /** * Copy an integer out of the buffer and drain the read data. * @param Size how many bytes to read out of the buffer. * @param Endianness specifies the byte order to use when decoding the integer. */ template T drainInt() { const auto result = peekInt(); drain(Size); return result; } /** * Copy a little endian integer out of the buffer and drain the read data. * @param Size how many bytes to read out of the buffer. */ template T drainLEInt() { return drainInt(); } /** * Copy a big endian integer out of the buffer and drain the read data. * @param Size how many bytes to read out of the buffer. */ template T drainBEInt() { return drainInt(); } /** * Copy a byte into the buffer. * @param value supplies the byte to copy into the buffer. */ void writeByte(uint8_t value) { add(std::addressof(value), 1); } /** * Copy value as a byte into the buffer. * @param value supplies the byte to copy into the buffer. */ template void writeByte(T value) { writeByte(static_cast(value)); } /** * Copy an integer into the buffer. * @param value supplies the integer to copy into the buffer. * @param Size how many bytes to write from the requested integer. * @param Endianness specifies the byte order to use when encoding the integer. */ template void writeInt(T value) { static_assert(Size <= sizeof(T), "requested size is bigger than integer being written"); const auto data = toEndianness(value); constexpr const auto displacement = Endianness == ByteOrder::BigEndian ? sizeof(T) - Size : 0; add(reinterpret_cast(std::addressof(data)) + displacement, Size); } /** * Copy an integer into the buffer in little endian byte order. * @param value supplies the integer to copy into the buffer. * @param Size how many bytes to write from the requested integer. */ template void writeLEInt(T value) { writeInt(value); } /** * Copy an integer into the buffer in big endian byte order. * @param value supplies the integer to copy into the buffer. * @param Size how many bytes to write from the requested integer. */ template void writeBEInt(T value) { writeInt(value); } }; using InstancePtr = std::unique_ptr; /** * A factory for creating buffers which call callbacks when reaching high and low watermarks. */ class WatermarkFactory { public: virtual ~WatermarkFactory() = default; /** * Creates and returns a unique pointer to a new buffer. * @param below_low_watermark supplies a function to call if the buffer goes under a configured * low watermark. * @param above_high_watermark supplies a function to call if the buffer goes over a configured * high watermark. * @return a newly created InstancePtr. */ virtual InstancePtr create(std::function below_low_watermark, std::function above_high_watermark, std::function above_overflow_watermark) PURE; }; using WatermarkFactoryPtr = std::unique_ptr; } // namespace Buffer } // namespace Envoy ================================================ FILE: include/envoy/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_basic_cc_library", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_basic_cc_library( name = "base_includes", hdrs = [ "exception.h", "platform.h", "pure.h", ], external_deps = ["abseil_optional"], include_prefix = "envoy/common", ) envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ "//include/envoy/event:deferred_deletable", "//include/envoy/upstream:upstream_interface", ], ) envoy_cc_library( name = "mutex_tracer", hdrs = ["mutex_tracer.h"], ) envoy_cc_library( name = "random_generator_interface", hdrs = ["random_generator.h"], ) envoy_cc_library( name = "resource_interface", hdrs = ["resource.h"], ) envoy_cc_library( name = "time_interface", hdrs = ["time.h"], ) envoy_cc_library( name = "matchers_interface", hdrs = ["matchers.h"], ) envoy_cc_library( name = "regex_interface", hdrs = ["regex.h"], deps = [ ":matchers_interface", ], ) envoy_cc_library( name = "token_bucket_interface", hdrs = ["token_bucket.h"], deps = [ ":time_interface", ], ) envoy_cc_library( name = "interval_set_interface", hdrs = ["interval_set.h"], ) envoy_cc_library( name = "callback", hdrs = ["callback.h"], ) envoy_cc_library( name = "backoff_strategy_interface", hdrs = ["backoff_strategy.h"], ) envoy_cc_library( name = "scope_tracker_interface", hdrs = ["scope_tracker.h"], ) ================================================ FILE: include/envoy/common/backoff_strategy.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { /** * Generic interface for all backoff strategy implementations. */ class BackOffStrategy { public: virtual ~BackOffStrategy() = default; /** * @return the next backoff interval in milli seconds. */ virtual uint64_t nextBackOffMs() PURE; /** * Resets the intervals so that the back off intervals can start again. */ virtual void reset() PURE; }; using BackOffStrategyPtr = std::unique_ptr; } // namespace Envoy ================================================ FILE: include/envoy/common/callback.h ================================================ #pragma once #include "envoy/common/pure.h" namespace Envoy { namespace Common { /** * Handle for a callback that can be removed. Destruction of the handle does NOT remove the * callback. */ class CallbackHandle { public: virtual ~CallbackHandle() = default; /** * Remove the callback. After this routine returns the callback will no longer be called. */ virtual void remove() PURE; }; } // namespace Common } // namespace Envoy ================================================ FILE: include/envoy/common/conn_pool.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/event/deferred_deletable.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace ConnectionPool { /** * Controls the behavior of a canceled stream. */ enum class CancelPolicy { // By default, canceled streams allow a pending connection to complete and become // available for a future stream. Default, // When a stream is canceled, closes a pending connection if there will still be sufficient // connections to serve pending streams. CloseExcess is largely useful for callers that never // re-use connections (e.g. by closing rather than releasing connections). Using CloseExcess in // this situation guarantees that no idle connections will be held open by the conn pool awaiting // a connection stream. CloseExcess, }; /** * Handle that allows a pending connection or stream to be canceled before it is completed. */ class Cancellable { public: virtual ~Cancellable() = default; /** * Cancel the pending connection or stream. * @param cancel_policy a CancelPolicy that controls the behavior of this cancellation. */ virtual void cancel(CancelPolicy cancel_policy) PURE; }; /** * An instance of a generic connection pool. */ class Instance { public: virtual ~Instance() = default; /** * Called when a connection pool has been drained of pending streams, busy connections, and * ready connections. */ using DrainedCb = std::function; /** * Register a callback that gets called when the connection pool is fully drained. No actual * draining is done. The owner of the connection pool is responsible for not creating any * new streams. */ virtual void addDrainedCallback(DrainedCb cb) PURE; /** * Actively drain all existing connection pool connections. This method can be used in cases * where the connection pool is not being destroyed, but the caller wishes to make sure that * all new streams take place on a new connection. For example, when a health check failure * occurs. */ virtual void drainConnections() PURE; /** * @return Upstream::HostDescriptionConstSharedPtr the host for which connections are pooled. */ virtual Upstream::HostDescriptionConstSharedPtr host() const PURE; /** * Prefetches an upstream connection, if existing connections do not meet both current and * anticipated load. * * @return true if a connection was prefetched, false otherwise. */ virtual bool maybePrefetch(float prefetch_ratio) PURE; }; enum class PoolFailureReason { // A resource overflowed and policy prevented a new connection from being created. Overflow, // A local connection failure took place while creating a new connection. LocalConnectionFailure, // A remote connection failure took place while creating a new connection. RemoteConnectionFailure, // A timeout occurred while creating a new connection. Timeout, }; } // namespace ConnectionPool } // namespace Envoy ================================================ FILE: include/envoy/common/crypto/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "crypto_interface", hdrs = ["crypto.h"], ) ================================================ FILE: include/envoy/common/crypto/crypto.h ================================================ #pragma once #include namespace Envoy { namespace Common { namespace Crypto { class CryptoObject { public: virtual ~CryptoObject() = default; }; using CryptoObjectPtr = std::unique_ptr; namespace Access { template T* getTyped(CryptoObject& crypto) { return dynamic_cast(&crypto); } } // namespace Access } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: include/envoy/common/exception.h ================================================ #pragma once #include #include namespace Envoy { /** * Base class for all envoy exceptions. */ class EnvoyException : public std::runtime_error { public: EnvoyException(const std::string& message) : std::runtime_error(message) {} }; } // namespace Envoy ================================================ FILE: include/envoy/common/interval_set.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { /** * Maintains sets of numeric intervals. As new intervals are added, existing ones in the * set are combined so that no overlapping intervals remain in the representation. * * Value can be any type that is comparable with <, ==, and >. */ template class IntervalSet { public: virtual ~IntervalSet() = default; using Interval = std::pair; /** * Inserts a new interval into the set, merging any overlaps. The intervals are in * the form [left_inclusive, right_exclusive). E.g. an interval [3, 5) includes the * numbers 3 and 4, but not 5. * @param left_inclusive Value the left-bound, inclusive. * @param right_exclusive Value the right-bound, which is exclusive. */ virtual void insert(Value left_inclusive, Value right_exclusive) PURE; /** * @return std::vector the interval-set as a vector. */ virtual std::vector toVector() const PURE; /** * Clears the contents of the interval set. */ virtual void clear() PURE; }; } // namespace Envoy ================================================ FILE: include/envoy/common/matchers.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Matchers { /** * Generic string matching interface. */ class StringMatcher { public: virtual ~StringMatcher() = default; /** * Return whether a passed string value matches. */ virtual bool match(const absl::string_view value) const PURE; }; using StringMatcherPtr = std::unique_ptr; } // namespace Matchers } // namespace Envoy ================================================ FILE: include/envoy/common/mutex_tracer.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { /** * Generic interface for all MutexTracer implementations. Any MutexTracer should initialize itself * with absl::RegisterMutexTracer() at initialization, record statistics, and deliver those * statistics in a thread-safe manner. */ class MutexTracer { public: virtual ~MutexTracer() = default; /** * @return resets the captured statistics. */ virtual void reset() PURE; /** * @return the number of experienced mutex contentions. */ virtual int64_t numContentions() const PURE; /** * @return the length of the ongoing wait cycle. Note that the wait cycles are not * guaranteed to correspond to core clock frequency, as per absl::base_internal::CycleClock. */ virtual int64_t currentWaitCycles() const PURE; /** * @return the cumulative length of all experienced wait cycles. See the above note on wait cycles * v. core clock frequency. */ virtual int64_t lifetimeWaitCycles() const PURE; }; } // namespace Envoy ================================================ FILE: include/envoy/common/platform.h ================================================ #pragma once // NOLINT(namespace-envoy) // This common "platform.h" header exists to simplify the most common references // to non-ANSI C/C++ headers, required on Windows, Posix, Linux, BSD etc, // and to provide substitute definitions when absolutely required. // // The goal is to eventually not require this file of envoy header declarations, // but limit the use of these architecture-specific types and declarations // to the corresponding .cc implementation files. #include "absl/strings/string_view.h" #ifdef _MSC_VER #include #include // These must follow afterwards #include #include // This is introduced in Windows SDK 10.0.17063.0 which is required // to build Envoy on Windows (we will reevaluate whether earlier builds // of Windows can be detected and PipeInstance marked unsupported at runtime.) #include // defines some frequently used symbols, so we need to undef these // interfering symbols. #undef DELETE #undef ERROR #undef GetMessage #undef interface #undef TRUE #undef IGNORE #include #include #include #define htole16(x) (x) #define htole32(x) (x) #define htole64(x) (x) #define le16toh(x) (x) #define le32toh(x) (x) #define le64toh(x) (x) #define htobe16(x) htons((x)) #define htobe32(x) htonl((x)) #define htobe64(x) htonll((x)) #define be16toh(x) ntohs((x)) #define be32toh(x) ntohl((x)) #define be64toh(x) ntohll((x)) #define PACKED_STRUCT(definition, ...) \ __pragma(pack(push, 1)) definition, ##__VA_ARGS__; \ __pragma(pack(pop)) typedef ptrdiff_t ssize_t; // This is needed so the OsSysCalls interface compiles on Windows, // shmOpen takes mode_t as an argument. typedef uint32_t mode_t; typedef SOCKET os_fd_t; typedef HANDLE filesystem_os_id_t; // NOLINT(modernize-use-using) typedef unsigned int sa_family_t; // Posix structure for scatter/gather I/O, not present on Windows. struct iovec { void* iov_base; size_t iov_len; }; // Posix structure for describing messages sent by 'sendmsg` and received by // 'recvmsg' struct msghdr { void* msg_name; socklen_t msg_namelen; iovec* msg_iov; size_t msg_iovlen; void* msg_control; size_t msg_controllen; int msg_flags; }; // Windows cmsghdr elements are just slightly different than Posix, // they are defined with the cmsg_len as a 32 bit uint, not size_t // We express our sendmsg and recvmsg in terms of Posix structures // and semantics, but won't adjust the cmsghdr elements. // The default Windows macros dereference the Windows style msghdr // member Control, which is an indirection that doesn't exist on posix. #undef CMSG_FIRSTHDR #define CMSG_FIRSTHDR(msg) \ (((msg)->msg_controllen >= sizeof(WSACMSGHDR)) ? (LPWSACMSGHDR)(msg)->msg_control \ : (LPWSACMSGHDR)NULL) #undef CMSG_NXTHDR #define CMSG_NXTHDR(msg, cmsg) \ (((cmsg) == NULL) \ ? CMSG_FIRSTHDR(msg) \ : ((((PUCHAR)(cmsg) + WSA_CMSGHDR_ALIGN((cmsg)->cmsg_len) + sizeof(WSACMSGHDR)) > \ (PUCHAR)((msg)->msg_control) + (msg)->msg_controllen) \ ? (LPWSACMSGHDR)NULL \ : (LPWSACMSGHDR)((PUCHAR)(cmsg) + WSA_CMSGHDR_ALIGN((cmsg)->cmsg_len)))) #ifdef CMSG_DATA #undef CMSG_DATA #endif #define CMSG_DATA(msg) WSA_CMSG_DATA(msg) // Following Cygwin's porting example (may not be comprehensive) #define SO_REUSEPORT SO_REUSEADDR // Solve for rfc2292 (need to address rfc3542?) #ifndef IPV6_RECVPKTINFO #define IPV6_RECVPKTINFO IPV6_PKTINFO #endif #define INVALID_HANDLE INVALID_HANDLE_VALUE #define SOCKET_VALID(sock) ((sock) != INVALID_SOCKET) #define SOCKET_INVALID(sock) ((sock) == INVALID_SOCKET) #define SOCKET_FAILURE(rc) ((rc) == SOCKET_ERROR) #define SET_SOCKET_INVALID(sock) (sock) = INVALID_SOCKET // arguments to shutdown #define ENVOY_SHUT_RD SD_RECEIVE #define ENVOY_SHUT_WR SD_SEND #define ENVOY_SHUT_RDWR SD_BOTH // winsock2 functions return distinct set of error codes, disjoint from POSIX errors (that are // also available on Windows and set by POSIX function invocations). Here we map winsock2 error // codes with platform agnostic macros that correspond to the same or roughly similar errors on // POSIX systems for use in cross-platform socket error handling. #define SOCKET_ERROR_AGAIN WSAEWOULDBLOCK #define SOCKET_ERROR_NOT_SUP WSAEOPNOTSUPP #define SOCKET_ERROR_AF_NO_SUP WSAEAFNOSUPPORT #define SOCKET_ERROR_IN_PROGRESS WSAEINPROGRESS // winsock2 does not differentiate between PERM and ACCESS violations #define SOCKET_ERROR_PERM WSAEACCES #define SOCKET_ERROR_ACCESS WSAEACCES #define SOCKET_ERROR_MSG_SIZE WSAEMSGSIZE #define SOCKET_ERROR_INTR WSAEINTR #define SOCKET_ERROR_ADDR_NOT_AVAIL WSAEADDRNOTAVAIL #define SOCKET_ERROR_INVAL WSAEINVAL #define SOCKET_ERROR_ADDR_IN_USE WSAEADDRINUSE #define HANDLE_ERROR_PERM ERROR_ACCESS_DENIED #define HANDLE_ERROR_INVALID ERROR_INVALID_HANDLE namespace Platform { constexpr absl::string_view null_device_path{"NUL"}; } #else // POSIX #include #include #include #include #include #include #include // for UDP_GRO #include #include // for mode_t #include #include #include // for iovec #include #include #include #ifdef __APPLE__ #include #define htole16(x) OSSwapHostToLittleInt16((x)) #define htole32(x) OSSwapHostToLittleInt32((x)) #define htole64(x) OSSwapHostToLittleInt64((x)) #define le16toh(x) OSSwapLittleToHostInt16((x)) #define le32toh(x) OSSwapLittleToHostInt32((x)) #define le64toh(x) OSSwapLittleToHostInt64((x)) #define htobe16(x) OSSwapHostToBigInt16((x)) #define htobe32(x) OSSwapHostToBigInt32((x)) #define htobe64(x) OSSwapHostToBigInt64((x)) #define be16toh(x) OSSwapBigToHostInt16((x)) #define be32toh(x) OSSwapBigToHostInt32((x)) #define be64toh(x) OSSwapBigToHostInt64((x)) #else #include #endif #if defined(__linux__) #include #endif #define PACKED_STRUCT(definition, ...) definition, ##__VA_ARGS__ __attribute__((packed)) #ifndef IP6T_SO_ORIGINAL_DST // From linux/netfilter_ipv6/ip6_tables.h #define IP6T_SO_ORIGINAL_DST 80 #endif #ifndef SOL_UDP #define SOL_UDP 17 #endif #ifndef UDP_GRO #define UDP_GRO 104 #endif #ifndef UDP_SEGMENT #define UDP_SEGMENT 103 #endif typedef int os_fd_t; typedef int filesystem_os_id_t; // NOLINT(modernize-use-using) #define INVALID_HANDLE -1 #define INVALID_SOCKET -1 #define SOCKET_VALID(sock) ((sock) >= 0) #define SOCKET_INVALID(sock) ((sock) == -1) #define SOCKET_FAILURE(rc) ((rc) == -1) #define SET_SOCKET_INVALID(sock) (sock) = -1 // arguments to shutdown #define ENVOY_SHUT_RD SHUT_RD #define ENVOY_SHUT_WR SHUT_WR #define ENVOY_SHUT_RDWR SHUT_RDWR // Mapping POSIX socket errors to common error names #define SOCKET_ERROR_AGAIN EAGAIN #define SOCKET_ERROR_NOT_SUP ENOTSUP #define SOCKET_ERROR_AF_NO_SUP EAFNOSUPPORT #define SOCKET_ERROR_IN_PROGRESS EINPROGRESS #define SOCKET_ERROR_PERM EPERM #define SOCKET_ERROR_ACCESS EACCES #define SOCKET_ERROR_MSG_SIZE EMSGSIZE #define SOCKET_ERROR_INTR EINTR #define SOCKET_ERROR_ADDR_NOT_AVAIL EADDRNOTAVAIL #define SOCKET_ERROR_INVAL EINVAL #define SOCKET_ERROR_ADDR_IN_USE EADDRINUSE // Mapping POSIX file errors to common error names #define HANDLE_ERROR_PERM EACCES #define HANDLE_ERROR_INVALID EBADF namespace Platform { constexpr absl::string_view null_device_path{"/dev/null"}; } #endif // Note: chromium disabled recvmmsg regardless of ndk version. However, the only Android target // currently actively using Envoy is Envoy Mobile, where recvmmsg is not actively disabled. In fact, // defining mmsghdr here caused a conflicting definition with the ndk's definition of the struct // (https://github.com/lyft/envoy-mobile/pull/772/checks?check_run_id=534152886#step:4:64). // Therefore, we decided to remove the Android check introduced here in // https://github.com/envoyproxy/envoy/pull/10120. If someone out there encounters problems with // this please bring up in Envoy's slack channel #envoy-udp-quic-dev. #if defined(__linux__) || defined(__EMSCRIPTEN__) #define ENVOY_MMSG_MORE 1 #else #define ENVOY_MMSG_MORE 0 #define MSG_WAITFORONE 0x10000 // recvmmsg(): block until 1+ packets avail. // Posix structure for describing messages sent by 'sendmmsg` and received by // 'recvmmsg' struct mmsghdr { struct msghdr msg_hdr; unsigned int msg_len; }; #endif #define SUPPORTS_GETIFADDRS #ifdef WIN32 #undef SUPPORTS_GETIFADDRS #endif // https://android.googlesource.com/platform/prebuilts/ndk/+/dev/platform/sysroot/usr/include/ifaddrs.h #ifdef __ANDROID_API__ #if __ANDROID_API__ < 24 #undef SUPPORTS_GETIFADDRS #endif // __ANDROID_API__ < 24 #endif // ifdef __ANDROID_API__ // https://android.googlesource.com/platform/bionic/+/master/docs/status.md // ``pthread_getname_np`` is introduced in API 26 #define SUPPORTS_PTHREAD_NAMING 0 #if defined(__ANDROID_API__) #if __ANDROID_API__ >= 26 #undef SUPPORTS_PTHREAD_NAMING #define SUPPORTS_PTHREAD_NAMING 1 #endif // __ANDROID_API__ >= 26 #elif defined(__linux__) #undef SUPPORTS_PTHREAD_NAMING #define SUPPORTS_PTHREAD_NAMING 1 #endif // defined(__ANDROID_API__) #if defined(__linux__) // On Linux, default listen backlog size to net.core.somaxconn which is runtime configurable #define ENVOY_TCP_BACKLOG_SIZE -1 #else // On non-Linux platforms use 128 which is libevent listener default #define ENVOY_TCP_BACKLOG_SIZE 128 #endif ================================================ FILE: include/envoy/common/pure.h ================================================ #pragma once // NOLINT(namespace-envoy) /** * Friendly name for a pure virtual routine. */ #define PURE = 0 ================================================ FILE: include/envoy/common/random_generator.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Random { /** * Random number generator. Implementations should be thread safe. */ class RandomGenerator { public: virtual ~RandomGenerator() = default; using result_type = uint64_t; // NOLINT(readability-identifier-naming) /** * @return uint64_t a new random number. */ virtual result_type random() PURE; /* * @return the smallest value that `operator()` may return. The value is * strictly less than `max()`. */ constexpr static result_type min() noexcept { return std::numeric_limits::min(); }; /* * @return the largest value that `operator()` may return. The value is * strictly greater than `min()`. */ constexpr static result_type max() noexcept { return std::numeric_limits::max(); }; /* * @return a value in the closed interval `[min(), max()]`. Has amortized * constant complexity. */ result_type operator()() { return result_type(random()); }; /** * @return std::string containing uuid4 of 36 char length. * for example, 7c25513b-0466-4558-a64c-12c6704f37ed */ virtual std::string uuid() PURE; /** * @return a random boolean value, with probability `p` equaling true. */ bool bernoulli(float p) { if (p <= 0) { return false; } else if (p >= 1) { return true; } return random() < static_cast(p * static_cast(max())); } }; using RandomGeneratorPtr = std::unique_ptr; } // namespace Random } // namespace Envoy ================================================ FILE: include/envoy/common/regex.h ================================================ #pragma once #include #include "envoy/common/matchers.h" namespace Envoy { namespace Regex { /** * A compiled regex expression matcher which uses an abstract regex engine. */ class CompiledMatcher : public Matchers::StringMatcher { public: /** * Replaces all non-overlapping occurrences of the pattern in "value" with * "substitution". The "substitution" string can make references to * capture groups in the pattern, using the syntax specific to that * regular expression engine. */ virtual std::string replaceAll(absl::string_view value, absl::string_view substitution) const PURE; }; using CompiledMatcherPtr = std::unique_ptr; } // namespace Regex } // namespace Envoy ================================================ FILE: include/envoy/common/resource.h ================================================ #include #include "envoy/common/pure.h" #include "absl/types/optional.h" #pragma once namespace Envoy { /** * A handle for use by any resource managers. */ class ResourceLimit { public: virtual ~ResourceLimit() = default; /** * @return true if the resource can be created. */ virtual bool canCreate() PURE; /** * Increment the resource count. */ virtual void inc() PURE; /** * Decrement the resource count. */ virtual void dec() PURE; /** * Decrement the resource count by a specific amount. */ virtual void decBy(uint64_t amount) PURE; /** * @return the current maximum allowed number of this resource. */ virtual uint64_t max() PURE; /** * @return the current resource count. */ virtual uint64_t count() const PURE; }; using ResourceLimitOptRef = absl::optional>; } // namespace Envoy ================================================ FILE: include/envoy/common/scope_tracker.h ================================================ #pragma once #include #include "envoy/common/pure.h" namespace Envoy { /* * A class for tracking the scope of work. * Currently this is only used for best-effort tracking the L7 stream doing * work if a fatal error occurs. */ class ScopeTrackedObject { public: virtual ~ScopeTrackedObject() = default; /** * Dump debug state of the object in question to the provided ostream * * This is called on Envoy fatal errors, so should do minimal memory allocation. * * @param os the ostream to output to. * @param indent_level how far to indent, for pretty-printed classes and subclasses. */ virtual void dumpState(std::ostream& os, int indent_level = 0) const PURE; }; } // namespace Envoy ================================================ FILE: include/envoy/common/time.h ================================================ #pragma once #include #include "envoy/common/pure.h" namespace Envoy { /** * Less typing for common system time and steady time type. * * SystemTime should be used when getting a time to present to the user, e.g. for logging. * MonotonicTime should be used when tracking time for computing an interval. */ using Seconds = std::chrono::seconds; using SystemTime = std::chrono::time_point; using MonotonicTime = std::chrono::time_point; /** * Captures a system-time source, capable of computing both monotonically increasing * and real time. */ class TimeSource { public: virtual ~TimeSource() = default; /** * @return the current system time; not guaranteed to be monotonically increasing. */ virtual SystemTime systemTime() PURE; /** * @return the current monotonic time. */ virtual MonotonicTime monotonicTime() PURE; }; } // namespace Envoy ================================================ FILE: include/envoy/common/token_bucket.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" namespace Envoy { /** * This class defines an interface for the token bucket algorithm. * * https://en.wikipedia.org/wiki/Token_bucket */ class TokenBucket { public: virtual ~TokenBucket() = default; /** * @param tokens supplies the number of tokens to be consumed. * @param allow_partial supplies whether the token bucket will allow consumption of less tokens * than asked for. If allow_partial is true, the bucket contains 3 tokens, * and the caller asks for 5, the bucket will return 3 tokens and now be * empty. * @return the number of tokens actually consumed. */ virtual uint64_t consume(uint64_t tokens, bool allow_partial) PURE; /** * @return returns the approximate time until a next token is available. Currently it * returns the upper bound on the amount of time until a next token is available. */ virtual std::chrono::milliseconds nextTokenAvailable() PURE; /** * Reset the bucket with a specific number of tokens. Refill will begin again from the time that * this routine is called. */ virtual void reset(uint64_t num_tokens) PURE; }; using TokenBucketPtr = std::unique_ptr; }; // namespace Envoy ================================================ FILE: include/envoy/compression/compressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "compressor_interface", hdrs = ["compressor.h"], deps = [ "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "compressor_factory_interface", hdrs = ["factory.h"], deps = [ ":compressor_interface", ], ) envoy_cc_library( name = "compressor_config_interface", hdrs = ["config.h"], deps = [ ":compressor_factory_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", ], ) ================================================ FILE: include/envoy/compression/compressor/compressor.h ================================================ #pragma once #include "envoy/buffer/buffer.h" namespace Envoy { namespace Compression { namespace Compressor { /** * Compressor state whether to flush the compressor or to finish the compression stream. */ enum class State { Flush, Finish }; /** * Allows compressing data. */ class Compressor { public: virtual ~Compressor() = default; /** * Compresses data buffer. * @param buffer supplies the reference to data to be compressed. The content of the buffer will * be replaced inline with the compressed data. * @param state supplies the compressor state. */ virtual void compress(Buffer::Instance& buffer, State state) PURE; }; using CompressorPtr = std::unique_ptr; } // namespace Compressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/compression/compressor/config.h ================================================ #pragma once #include "envoy/compression/compressor/factory.h" #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" namespace Envoy { namespace Compression { namespace Compressor { class NamedCompressorLibraryConfigFactory : public Config::TypedFactory { public: ~NamedCompressorLibraryConfigFactory() override = default; virtual CompressorFactoryPtr createCompressorFactoryFromProto(const Protobuf::Message& config, Server::Configuration::FactoryContext& context) PURE; std::string category() const override { return "envoy.compression.compressor"; } }; } // namespace Compressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/compression/compressor/factory.h ================================================ #pragma once #include "envoy/compression/compressor/compressor.h" namespace Envoy { namespace Compression { namespace Compressor { class CompressorFactory { public: virtual ~CompressorFactory() = default; virtual CompressorPtr createCompressor() PURE; virtual const std::string& statsPrefix() const PURE; virtual const std::string& contentEncoding() const PURE; }; using CompressorFactoryPtr = std::unique_ptr; } // namespace Compressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/compression/decompressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "decompressor_config_interface", hdrs = ["config.h"], deps = [ ":decompressor_factory_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", ], ) envoy_cc_library( name = "decompressor_factory_interface", hdrs = ["factory.h"], deps = [ ":decompressor_interface", ], ) envoy_cc_library( name = "decompressor_interface", hdrs = ["decompressor.h"], deps = [ "//include/envoy/buffer:buffer_interface", ], ) ================================================ FILE: include/envoy/compression/decompressor/config.h ================================================ #pragma once #include "envoy/compression/decompressor/factory.h" #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" namespace Envoy { namespace Compression { namespace Decompressor { class NamedDecompressorLibraryConfigFactory : public Config::TypedFactory { public: ~NamedDecompressorLibraryConfigFactory() override = default; virtual DecompressorFactoryPtr createDecompressorFactoryFromProto(const Protobuf::Message& config, Server::Configuration::FactoryContext& context) PURE; std::string category() const override { return "envoy.compression.decompressor"; } }; } // namespace Decompressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/compression/decompressor/decompressor.h ================================================ #pragma once #include "envoy/buffer/buffer.h" namespace Envoy { namespace Compression { namespace Decompressor { /** * Allows decompressing data. */ class Decompressor { public: virtual ~Decompressor() = default; /** * Decompresses data from one buffer into another buffer. * @param input_buffer supplies the buffer with compressed data. * @param output_buffer supplies the buffer to output decompressed data. */ virtual void decompress(const Buffer::Instance& input_buffer, Buffer::Instance& output_buffer) PURE; }; using DecompressorPtr = std::unique_ptr; } // namespace Decompressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/compression/decompressor/factory.h ================================================ #pragma once #include "envoy/compression/decompressor/decompressor.h" namespace Envoy { namespace Compression { namespace Decompressor { class DecompressorFactory { public: virtual ~DecompressorFactory() = default; virtual DecompressorPtr createDecompressor(const std::string& stats_prefix) PURE; virtual const std::string& statsPrefix() const PURE; // TODO(junr03): this method assumes that decompressors are used on http messages. // A more generic method might be `hint()` which gives the user of the decompressor a hint about // the type of decompression that it can perform. virtual const std::string& contentEncoding() const PURE; }; using DecompressorFactoryPtr = std::unique_ptr; } // namespace Decompressor } // namespace Compression } // namespace Envoy ================================================ FILE: include/envoy/config/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "config_provider_interface", hdrs = ["config_provider.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/common:time_interface", "//source/common/common:assert_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "config_provider_manager_interface", hdrs = ["config_provider_manager.h"], deps = [ ":config_provider_interface", "//include/envoy/server:filter_config_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "extension_config_provider_interface", hdrs = ["extension_config_provider.h"], deps = ["//source/common/protobuf"], ) envoy_cc_library( name = "grpc_mux_interface", hdrs = ["grpc_mux.h"], deps = [ ":subscription_interface", "//include/envoy/stats:stats_macros", "//source/common/common:cleanup_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "subscription_factory_interface", hdrs = ["subscription_factory.h"], deps = [ ":subscription_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "subscription_interface", hdrs = ["subscription.h"], deps = [ "//include/envoy/stats:stats_macros", "//source/common/config:api_type_oracle_lib", "//source/common/protobuf", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "typed_config_interface", hdrs = ["typed_config.h"], deps = [ "//source/common/common:assert_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "typed_metadata_interface", hdrs = ["typed_metadata.h"], deps = [ ":typed_config_interface", "//source/common/protobuf", ], ) ================================================ FILE: include/envoy/config/config_provider.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "common/common/assert.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Config { /** * A provider for configuration obtained statically (via static resources in the bootstrap config), * inline with a higher level resource or dynamically via xDS APIs. * * The ConfigProvider is an abstraction layer which higher level components such as the * HttpConnectionManager, Listener, etc can leverage to interface with Envoy's configuration * mechanisms. Implementations of this interface build upon lower level abstractions such as * Envoy::Config::Subscription and Envoy::Config::SubscriptionCallbacks. * * The interface exposed below allows xDS providers to share the underlying config protos and * resulting config implementations (i.e., the ConfigProvider::Config); this enables linear memory * scaling based on the size of the configuration set, regardless of the number of threads/workers. * * Use config() to obtain a shared_ptr to the implementation of the config, and configProtoInfo() to * obtain a reference to the underlying config proto and version (applicable only to dynamic config * providers). */ class ConfigProvider { public: /** * The "implementation" of the configuration. * Use config() to obtain a typed object that corresponds to the specific configuration * represented by this abstract type. */ class Config { public: virtual ~Config() = default; }; using ConfigConstSharedPtr = std::shared_ptr; /** * The type of API represented by a ConfigProvider. */ enum class ApiType { /** * A "Full" API delivers a complete configuration as part of each resource (top level * config proto); i.e., each resource contains the whole representation of the config intent. An * example of this type of API is RDS. */ Full, /** * A "Delta" API delivers a subset of the config intent as part of each resource (top level * config proto). Examples of this type of API are CDS, LDS and SRDS. */ Delta }; /** * Stores the config proto as well as the associated version. */ template struct ConfigProtoInfo { const P& config_proto_; // Only populated by dynamic config providers. std::string version_; }; using ConfigProtoVector = std::vector; /** * Stores the config protos associated with a "Delta" API. */ template struct ConfigProtoInfoVector { const std::vector config_protos_; // Only populated by dynamic config providers. std::string version_; }; virtual ~ConfigProvider() = default; /** * The type of API. */ virtual ApiType apiType() const PURE; /** * Returns a ConfigProtoInfo associated with a ApiType::Full provider. * @return absl::optional> an optional ConfigProtoInfo; the value is set when a * config is available. */ template absl::optional> configProtoInfo() const { static_assert(std::is_base_of::value, "Proto type must derive from Protobuf::Message"); const auto* config_proto = dynamic_cast(getConfigProto()); if (config_proto == nullptr) { return absl::nullopt; } return ConfigProtoInfo

    {*config_proto, getConfigVersion()}; } /** * Returns a ConfigProtoInfoVector associated with a ApiType::Delta provider. * @return absl::optional an optional ConfigProtoInfoVector; the value is * set when a config is available. */ template absl::optional> configProtoInfoVector() const { static_assert(std::is_base_of::value, "Proto type must derive from Protobuf::Message"); const ConfigProtoVector config_protos = getConfigProtos(); if (config_protos.empty()) { return absl::nullopt; } std::vector ret_protos; ret_protos.reserve(config_protos.size()); for (const auto* elem : config_protos) { ret_protos.push_back(static_cast(elem)); } return ConfigProtoInfoVector

    {std::move(ret_protos), getConfigVersion()}; } /** * Returns the Config corresponding to the provider. * @return std::shared_ptr a shared pointer to the Config. */ template std::shared_ptr config() const { static_assert(std::is_base_of::value, "Config type must derive from ConfigProvider::Config"); return std::dynamic_pointer_cast(getConfig()); } /** * Returns the timestamp associated with the last update to the Config. * @return SystemTime the timestamp corresponding to the last config update. */ virtual SystemTime lastUpdated() const PURE; protected: /** * Returns the config proto associated with the provider. * @return Protobuf::Message* the config proto corresponding to the Config instantiated by the * provider. */ virtual const Protobuf::Message* getConfigProto() const { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Returns the config protos associated with the provider. * @return const ConfigProtoVector the config protos corresponding to the Config instantiated by * the provider. */ virtual ConfigProtoVector getConfigProtos() const { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Returns the config version associated with the provider. * @return std::string the config version. */ virtual std::string getConfigVersion() const { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Returns the config implementation associated with the provider. * @return ConfigConstSharedPtr the config as the base type. */ virtual ConfigConstSharedPtr getConfig() const PURE; }; using ConfigProviderPtr = std::unique_ptr; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/config_provider_manager.h ================================================ #pragma once #include #include "envoy/config/config_provider.h" #include "envoy/server/filter_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { /** * A ConfigProvider manager which instantiates static and dynamic (xDS) providers. * * ConfigProvider objects are owned by the caller of the * createXdsConfigProvider()/createStaticConfigProvider() functions. The ConfigProviderManager holds * raw pointers to those objects. * * Configuration implementations returned by ConfigProvider::config() are immutable, which allows * them to share the underlying objects such as config protos and subscriptions (for dynamic * providers) without synchronization related performance penalties. This enables linear memory * growth based on the size of the configuration set, regardless of the number of threads/objects * that must hold a reference/pointer to them. */ class ConfigProviderManager { public: class OptionalArg { public: virtual ~OptionalArg() = default; }; class NullOptionalArg : public OptionalArg { public: NullOptionalArg() = default; ~NullOptionalArg() override = default; }; virtual ~ConfigProviderManager() = default; /** * Returns a dynamic ConfigProvider which receives configuration via an xDS API. * A shared ownership model is used, such that the underlying subscription, config proto * and Config are shared amongst all providers relying on the same config source. * @param config_source_proto supplies the proto containing the xDS API configuration. * @param factory_context is the context to use for the provider. * @param init_manager is the Init::Manager to use for the provider. * @param stat_prefix supplies the prefix to use for statistics. * @param optarg supplies an optional argument with data specific to the concrete class. * @return ConfigProviderPtr a newly allocated dynamic config provider which shares underlying * data structures with other dynamic providers configured with the same * API source. */ virtual ConfigProviderPtr createXdsConfigProvider(const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string& stat_prefix, const OptionalArg& optarg) PURE; /** * Returns a ConfigProvider associated with a statically specified configuration. * @param config_proto supplies the configuration proto. * @param factory_context is the context to use for the provider. * @param optarg supplies an optional argument with data specific to the concrete class. * @return ConfigProviderPtr a newly allocated static config provider. */ virtual ConfigProviderPtr createStaticConfigProvider(const Protobuf::Message& config_proto, Server::Configuration::ServerFactoryContext& factory_context, const OptionalArg& optarg) { UNREFERENCED_PARAMETER(config_proto); UNREFERENCED_PARAMETER(factory_context); UNREFERENCED_PARAMETER(optarg); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Returns a ConfigProvider associated with a statically specified configuration. This is intended * to be used when a set of configuration protos is required to build the full configuration. * @param config_protos supplies a vector of configuration protos. * @param factory_context is the context to use for the provider. * @param optarg supplies an optional argument with data specific to the concrete class. * @return ConfigProviderPtr a newly allocated static config provider. */ virtual ConfigProviderPtr createStaticConfigProvider(ProtobufTypes::ConstMessagePtrVector&& config_protos, Server::Configuration::ServerFactoryContext& factory_context, const OptionalArg& optarg) { UNREFERENCED_PARAMETER(config_protos); UNREFERENCED_PARAMETER(factory_context); UNREFERENCED_PARAMETER(optarg); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/extension_config_provider.h ================================================ #pragma once #include "envoy/common/pure.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Config { using ConfigAppliedCb = std::function; /** * A provider for extension configurations obtained either statically or via * the extension configuration discovery service. Dynamically updated extension * configurations may share subscriptions across extension config providers. */ template class ExtensionConfigProvider { public: virtual ~ExtensionConfigProvider() = default; /** * Get the extension configuration resource name. **/ virtual const std::string& name() PURE; /** * @return FactoryCallback an extension factory callback. Note that if the * provider has not yet performed an initial configuration load and no * default is provided, an empty optional will be returned. The factory * callback is the latest version of the extension configuration, and should * generally apply only to new requests and connections. */ virtual absl::optional config() PURE; /** * Validate that the configuration is applicable in the context of the provider. If an exception * is thrown by any of the config providers for an update, the extension configuration update is * rejected. * @param proto_config is the candidate configuration update. * @param factory used to instantiate an extension config. */ virtual void validateConfig(const ProtobufWkt::Any& proto_config, Factory& factory) PURE; /** * Update the provider with a new configuration. * @param config is an extension factory callback to replace the existing configuration. * @param version_info is the version of the new extension configuration. * @param cb the continuation callback for a completed configuration application. */ virtual void onConfigUpdate(FactoryCallback config, const std::string& version_info, ConfigAppliedCb cb) PURE; }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/grpc_mux.h ================================================ #pragma once #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "envoy/config/subscription.h" #include "envoy/stats/stats_macros.h" #include "common/common/cleanup.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { using ScopedResume = std::unique_ptr; /** * All control plane related stats. @see stats_macros.h */ #define ALL_CONTROL_PLANE_STATS(COUNTER, GAUGE, TEXT_READOUT) \ COUNTER(rate_limit_enforced) \ GAUGE(connected_state, NeverImport) \ GAUGE(pending_requests, Accumulate) \ TEXT_READOUT(identifier) /** * Struct definition for all control plane stats. @see stats_macros.h */ struct ControlPlaneStats { ALL_CONTROL_PLANE_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_TEXT_READOUT_STRUCT) }; /** * Handle on a muxed gRPC subscription. The subscription is canceled on destruction. */ class GrpcMuxWatch { public: virtual ~GrpcMuxWatch() = default; /** * Updates the set of resources that the watch is interested in. * @param resources set of resource names to watch for */ virtual void update(const std::set& resources) PURE; }; using GrpcMuxWatchPtr = std::unique_ptr; /** * Manage one or more gRPC subscriptions on a single stream to management server. This can be used * for a single xDS API, e.g. EDS, or to combined multiple xDS APIs for ADS. */ class GrpcMux { public: virtual ~GrpcMux() = default; /** * Initiate stream with management server. */ virtual void start() PURE; /** * Pause discovery requests for a given API type. This is useful when we're processing an update * for LDS or CDS and don't want a flood of updates for RDS or EDS respectively. Discovery * requests may later be resumed with resume(). * @param type_url type URL corresponding to xDS API, e.g. * type.googleapis.com/envoy.api.v2.Cluster. * * @return a ScopedResume object, which when destructed, resumes the paused discovery requests. * A discovery request will be sent if one would have been sent during the pause. */ ABSL_MUST_USE_RESULT virtual ScopedResume pause(const std::string& type_url) PURE; /** * Pause discovery requests for given API types. This is useful when we're processing an update * for LDS or CDS and don't want a flood of updates for RDS or EDS respectively. Discovery * requests may later be resumed with resume(). * @param type_urls type URLs corresponding to xDS API, e.g. * type.googleapis.com/envoy.api.v2.Cluster. * * @return a ScopedResume object, which when destructed, resumes the paused discovery requests. * A discovery request will be sent if one would have been sent during the pause. */ ABSL_MUST_USE_RESULT virtual ScopedResume pause(const std::vector type_urls) PURE; /** * Start a configuration subscription asynchronously for some API type and resources. * @param type_url type URL corresponding to xDS API, e.g. * type.googleapis.com/envoy.api.v2.Cluster. * @param resources set of resource names to watch for. If this is empty, then all * resources for type_url will result in callbacks. * @param callbacks the callbacks to be notified of configuration updates. These must be valid * until GrpcMuxWatch is destroyed. * @param resource_decoder how incoming opaque resource objects are to be decoded. * @param use_namespace_matching if namespace watch should be created. This is used for creating * watches on collections of resources; individual members of a collection are identified by the * namespace in resource name. * @return GrpcMuxWatchPtr a handle to cancel the subscription with. E.g. when a cluster goes * away, its EDS updates should be cancelled by destroying the GrpcMuxWatchPtr. */ virtual GrpcMuxWatchPtr addWatch(const std::string& type_url, const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const bool use_namespace_matching) PURE; virtual void requestOnDemandUpdate(const std::string& type_url, const std::set& for_update) PURE; using TypeUrlMap = absl::flat_hash_map; static TypeUrlMap& typeUrlMap() { MUTABLE_CONSTRUCT_ON_FIRST_USE(TypeUrlMap, {}); } }; using GrpcMuxPtr = std::unique_ptr; using GrpcMuxSharedPtr = std::shared_ptr; template using ResponseProtoPtr = std::unique_ptr; /** * A grouping of callbacks that a GrpcMux should provide to its GrpcStream. */ template class GrpcStreamCallbacks { public: virtual ~GrpcStreamCallbacks() = default; /** * For the GrpcStream to prompt the context to take appropriate action in response to the * gRPC stream having been successfully established. */ virtual void onStreamEstablished() PURE; /** * For the GrpcStream to prompt the context to take appropriate action in response to * failure to establish the gRPC stream. */ virtual void onEstablishmentFailure() PURE; /** * For the GrpcStream to pass received protos to the context. */ virtual void onDiscoveryResponse(ResponseProtoPtr&& message, ControlPlaneStats& control_plane_stats) PURE; /** * For the GrpcStream to call when its rate limiting logic allows more requests to be sent. */ virtual void onWriteable() PURE; }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/subscription.h ================================================ #pragma once #include #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/stats_macros.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { /** * Reason that a config update is failed. */ enum class ConfigUpdateFailureReason { // A connection failure took place and the update could not be fetched. ConnectionFailure, // Config fetch timed out. FetchTimedout, // Update rejected because there is a problem in applying the update. UpdateRejected }; /** * A wrapper for xDS resources that have been deserialized from the wire. */ class DecodedResource { public: virtual ~DecodedResource() = default; /** * @return const std::string& resource name. */ virtual const std::string& name() const PURE; /** * @return const std::vector& aliases() const PURE; /** * @return const std::string& resource version. */ virtual const std::string& version() const PURE; /** * @return const Protobuf::Message& resource message reference. If hasResource() is false, this * will be the empty message. */ virtual const Protobuf::Message& resource() const PURE; /** * @return bool does the xDS discovery response have a set resource payload? */ virtual bool hasResource() const PURE; }; using DecodedResourcePtr = std::unique_ptr; using DecodedResourceRef = std::reference_wrapper; class OpaqueResourceDecoder { public: virtual ~OpaqueResourceDecoder() = default; /** * @param resource some opaque resource (ProtobufWkt::Any). * @return ProtobufTypes::MessagePtr decoded protobuf message in the opaque resource, e.g. the * RouteConfiguration for an Any containing envoy.config.route.v3.RouteConfiguration. */ virtual ProtobufTypes::MessagePtr decodeResource(const ProtobufWkt::Any& resource) PURE; /** * @param resource some opaque resource (Protobuf::Message). * @return std::String the resource name in a Protobuf::Message returned by decodeResource(), e.g. * the route config name for a envoy.config.route.v3.RouteConfiguration message. */ virtual std::string resourceName(const Protobuf::Message& resource) PURE; }; /** * Subscription to DecodedResources. */ class SubscriptionCallbacks { public: virtual ~SubscriptionCallbacks() = default; /** * Called when a state-of-the-world configuration update is received. (State-of-the-world is * everything other than delta gRPC - filesystem, HTTP, non-delta gRPC). * @param resources vector of fetched resources corresponding to the configuration update. * @param version_info supplies the version information as supplied by the xDS discovery response. * @throw EnvoyException with reason if the configuration is rejected. Otherwise the configuration * is accepted. Accepted configurations have their version_info reflected in subsequent * requests. */ virtual void onConfigUpdate(const std::vector& resources, const std::string& version_info) PURE; /** * Called when a delta configuration update is received. * @param added_resources resources newly added since the previous fetch. * @param removed_resources names of resources that this fetch instructed to be removed. * @param system_version_info aggregate response data "version", for debugging. * @throw EnvoyException with reason if the config changes are rejected. Otherwise the changes * are accepted. Accepted changes have their version_info reflected in subsequent requests. */ virtual void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) PURE; /** * Called when either the Subscription is unable to fetch a config update or when onConfigUpdate * invokes an exception. * @param reason supplies the update failure reason. * @param e supplies any exception data on why the fetch failed. May be nullptr. */ virtual void onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) PURE; }; /** * Invoked when raw config received from xDS wire. */ class UntypedConfigUpdateCallbacks { public: virtual ~UntypedConfigUpdateCallbacks() = default; /** * Called when a state-of-the-world configuration update is received. (State-of-the-world is * everything other than delta gRPC - filesystem, HTTP, non-delta gRPC). * @param resources vector of fetched resources corresponding to the configuration update. * @param version_info supplies the version information as supplied by the xDS discovery response. * @throw EnvoyException with reason if the configuration is rejected. Otherwise the configuration * is accepted. Accepted configurations have their version_info reflected in subsequent * requests. */ virtual void onConfigUpdate(const Protobuf::RepeatedPtrField& resources, const std::string& version_info) PURE; /** * Called when a delta configuration update is received. * @param added_resources resources newly added since the previous fetch. * @param removed_resources names of resources that this fetch instructed to be removed. * @param system_version_info aggregate response data "version", for debugging. * @throw EnvoyException with reason if the config changes are rejected. Otherwise the changes * @param use_namespace_matching if the resources should me matched on their namespaces, rather * than unique names. This is used when a collection of resources (e.g. virtual hosts in VHDS) is * being updated. Accepted changes have their version_info reflected in subsequent * requests. */ virtual void onConfigUpdate( const Protobuf::RepeatedPtrField& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) PURE; /** * Called when either the Subscription is unable to fetch a config update or when onConfigUpdate * invokes an exception. * @param reason supplies the update failure reason. * @param e supplies any exception data on why the fetch failed. May be nullptr. */ virtual void onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) PURE; }; /** * Common abstraction for subscribing to versioned config updates. This may be implemented via bidi * gRPC streams, periodic/long polling REST or inotify filesystem updates. */ class Subscription { public: virtual ~Subscription() = default; /** * Start a configuration subscription asynchronously. This should be called once and will continue * to fetch throughout the lifetime of the Subscription object. * @param resources set of resource names to fetch. * @param use_namespace_matching if the subscription is for a collection of resources. In such a * case a namespace watch will be created. */ virtual void start(const std::set& resource_names, const bool use_namespace_matching = false) PURE; /** * Update the resources to fetch. * @param resources vector of resource names to fetch. It's a (not unordered_)set so that it can * be passed to std::set_difference, which must be given sorted collections. */ virtual void updateResourceInterest(const std::set& update_to_these_names) PURE; /** * Creates a discovery request for resources. * @param add_these_names resource ids for inclusion in the discovery request. */ virtual void requestOnDemandUpdate(const std::set& add_these_names) PURE; }; using SubscriptionPtr = std::unique_ptr; /** * Per subscription stats. @see stats_macros.h */ #define ALL_SUBSCRIPTION_STATS(COUNTER, GAUGE, TEXT_READOUT) \ COUNTER(init_fetch_timeout) \ COUNTER(update_attempt) \ COUNTER(update_failure) \ COUNTER(update_rejected) \ COUNTER(update_success) \ GAUGE(update_time, NeverImport) \ GAUGE(version, NeverImport) \ TEXT_READOUT(version_text) /** * Struct definition for per subscription stats. @see stats_macros.h */ struct SubscriptionStats { ALL_SUBSCRIPTION_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_TEXT_READOUT_STRUCT) }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/subscription_factory.h ================================================ #pragma once #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/subscription.h" #include "envoy/stats/scope.h" namespace Envoy { namespace Config { class SubscriptionFactory { public: virtual ~SubscriptionFactory() = default; /** * Subscription factory interface. * * @param config envoy::config::core::v3::ConfigSource to construct from. * @param type_url type URL for the resource being subscribed to. * @param scope stats scope for any stats tracked by the subscription. * @param callbacks the callbacks needed by all Subscription objects, to deliver config updates. * The callbacks must not result in the deletion of the Subscription object. * @param resource_decoder how incoming opaque resource objects are to be decoded. * * @return SubscriptionPtr subscription object corresponding for config and type_url. */ virtual SubscriptionPtr subscriptionFromConfigSource(const envoy::config::core::v3::ConfigSource& config, absl::string_view type_url, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) PURE; /** * Collection subscription factory interface for UDPA URLs. * * @param collection_locator collection resource locator. * @param config envoy::config::core::v3::ConfigSource for authority resolution. * @param type_url type URL for the resources inside the collection. * @param scope stats scope for any stats tracked by the subscription. * @param callbacks the callbacks needed by all [Collection]Subscription objects, to deliver * config updates. The callbacks must not result in the deletion of the * CollectionSubscription object. * @param resource_decoder how incoming opaque resource objects are to be decoded. * * @return SubscriptionPtr subscription object corresponding for collection_locator. */ virtual SubscriptionPtr collectionSubscriptionFromUrl(const udpa::core::v1::ResourceLocator& collection_locator, const envoy::config::core::v3::ConfigSource& config, absl::string_view type_url, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) PURE; }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/typed_config.h ================================================ #pragma once #include "envoy/common/pure.h" #include "common/common/assert.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { /** * Base class for an extension factory. */ class UntypedFactory { public: virtual ~UntypedFactory() = default; /** * Name of the factory, a reversed DNS name is encouraged to avoid cross-org conflict. * It's used as key in the metadata map, as well as key in the factory registry. */ virtual std::string name() const PURE; /** * @return std::string the identifying category name for objects * created by this factory. Used for automatic registration with * FactoryCategoryRegistry. */ virtual std::string category() const PURE; /** * @return configuration proto full name, or empty for untyped factories. */ virtual std::string configType() { return ""; } }; /** * Base class for an extension factory configured by a typed proto message. */ class TypedFactory : public UntypedFactory { public: ~TypedFactory() override = default; /** * @return ProtobufTypes::MessagePtr create empty config proto message for v2. The config, which * arrives in an opaque google.protobuf.Struct message, will be converted to JSON and then parsed * into this empty proto. */ virtual ProtobufTypes::MessagePtr createEmptyConfigProto() PURE; std::string configType() override { auto ptr = createEmptyConfigProto(); ASSERT(ptr != nullptr); return ptr->GetDescriptor()->full_name(); } }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/config/typed_metadata.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { /** * TypedMetadata interface. */ class TypedMetadata { public: class Object { public: virtual ~Object() = default; }; virtual ~TypedMetadata() = default; /** * @return a T instance by key. If the conversion is not able to complete, or * if the data is not in the store, returns a nullptr. */ template const T* get(const std::string& key) const { static_assert(std::is_base_of::value, "Data type must be subclass of TypedMetadata::Object"); const Object* p = getData(key); if (p != nullptr) { return dynamic_cast(p); } return nullptr; } protected: /** * Returns data associated with given 'key'. * If there is no data associated with this key, a nullptr is returned. * @param key the key (usually a reversed DNS) associated with the typed metadata. * @return A TypedMetadata::Object pointer, nullptr if no data is associated with the key. */ virtual const Object* getData(const std::string& key) const PURE; }; /** * Typed metadata should implement this factory and register via Registry::registerFactory or the * convenience class RegisterFactory. */ class TypedMetadataFactory : public UntypedFactory { public: ~TypedMetadataFactory() override = default; /** * Convert the google.protobuf.Struct into an instance of TypedMetadata::Object. * It should throw an EnvoyException in case the conversion can't be completed. * @param data config data stored as a protobuf struct. * @return a derived class object pointer of TypedMetadata. * @throw EnvoyException if the parsing can't be done. */ virtual std::unique_ptr parse(const ProtobufWkt::Struct& data) const PURE; std::string category() const override { return "envoy.typed_metadata"; } }; } // namespace Config } // namespace Envoy ================================================ FILE: include/envoy/event/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "deferred_deletable", hdrs = ["deferred_deletable.h"], ) envoy_cc_library( name = "dispatcher_interface", hdrs = ["dispatcher.h"], deps = [ ":deferred_deletable", ":file_event_interface", ":schedulable_cb_interface", ":signal_interface", "//include/envoy/common:scope_tracker_interface", "//include/envoy/common:time_interface", "//include/envoy/event:timer_interface", "//include/envoy/filesystem:watcher_interface", "//include/envoy/network:connection_handler_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:dns_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/network:listener_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "file_event_interface", hdrs = ["file_event.h"], ) envoy_cc_library( name = "range_timer_interface", hdrs = ["range_timer.h"], deps = [ ":timer_interface", "//include/envoy/common:time_interface", ], ) envoy_cc_library( name = "schedulable_cb_interface", hdrs = ["schedulable_cb.h"], ) envoy_cc_library( name = "signal_interface", hdrs = ["signal.h"], ) envoy_cc_library( name = "timer_interface", hdrs = ["timer.h"], deps = [ ":schedulable_cb_interface", "//include/envoy/common:time_interface", ], ) ================================================ FILE: include/envoy/event/deferred_deletable.h ================================================ #pragma once #include namespace Envoy { namespace Event { /** * If an object derives from this class, it can be passed to the dispatcher who guarantees to delete * it in a future event loop cycle. This allows clear ownership with unique_ptr while not having * to worry about stack unwind issues during event processing. */ class DeferredDeletable { public: virtual ~DeferredDeletable() = default; }; using DeferredDeletablePtr = std::unique_ptr; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/dispatcher.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/scope_tracker.h" #include "envoy/common/time.h" #include "envoy/event/file_event.h" #include "envoy/event/schedulable_cb.h" #include "envoy/event/signal.h" #include "envoy/event/timer.h" #include "envoy/filesystem/watcher.h" #include "envoy/network/connection.h" #include "envoy/network/connection_handler.h" #include "envoy/network/dns.h" #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" #include "envoy/network/transport_socket.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stream_info/stream_info.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Event { /** * All dispatcher stats. @see stats_macros.h */ #define ALL_DISPATCHER_STATS(HISTOGRAM) \ HISTOGRAM(loop_duration_us, Microseconds) \ HISTOGRAM(poll_delay_us, Microseconds) /** * Struct definition for all dispatcher stats. @see stats_macros.h */ struct DispatcherStats { ALL_DISPATCHER_STATS(GENERATE_HISTOGRAM_STRUCT) }; using DispatcherStatsPtr = std::unique_ptr; /** * Callback invoked when a dispatcher post() runs. */ using PostCb = std::function; using PostCbSharedPtr = std::shared_ptr; /** * Abstract event dispatching loop. */ class Dispatcher { public: virtual ~Dispatcher() = default; /** * Returns the name that identifies this dispatcher, such as "worker_2" or "main_thread". * @return const std::string& the name that identifies this dispatcher. */ virtual const std::string& name() PURE; /** * Returns a time-source to use with this dispatcher. */ virtual TimeSource& timeSource() PURE; /** * Initializes stats for this dispatcher. Note that this can't generally be done at construction * time, since the main and worker thread dispatchers are constructed before * ThreadLocalStoreImpl::initializeThreading. * @param scope the scope to contain the new per-dispatcher stats created here. * @param prefix the stats prefix to identify this dispatcher. If empty, the dispatcher will be * identified by its name. */ virtual void initializeStats(Stats::Scope& scope, const absl::optional& prefix = absl::nullopt) PURE; /** * Clears any items in the deferred deletion queue. */ virtual void clearDeferredDeleteList() PURE; /** * Wraps an already-accepted socket in an instance of Envoy's server Network::Connection. * @param socket supplies an open file descriptor and connection metadata to use for the * connection. Takes ownership of the socket. * @param transport_socket supplies a transport socket to be used by the connection. * @param stream_info info object for the server connection * @return Network::ConnectionPtr a server connection that is owned by the caller. */ virtual Network::ConnectionPtr createServerConnection(Network::ConnectionSocketPtr&& socket, Network::TransportSocketPtr&& transport_socket, StreamInfo::StreamInfo& stream_info) PURE; /** * Creates an instance of Envoy's Network::ClientConnection. Does NOT initiate the connection; * the caller must then call connect() on the returned Network::ClientConnection. * @param address supplies the address to connect to. * @param source_address supplies an address to bind to or nullptr if no bind is necessary. * @param transport_socket supplies a transport socket to be used by the connection. * @param options the socket options to be set on the underlying socket before anything is sent * on the socket. * @return Network::ClientConnectionPtr a client connection that is owned by the caller. */ virtual Network::ClientConnectionPtr createClientConnection(Network::Address::InstanceConstSharedPtr address, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) PURE; /** * Creates an async DNS resolver. The resolver should only be used on the thread that runs this * dispatcher. * @param resolvers supplies the addresses of DNS resolvers that this resolver should use. If left * empty, it will not use any specific resolvers, but use defaults (/etc/resolv.conf) * @param use_tcp_for_dns_lookups if set to true, tcp will be used to perform dns lookups. * Otherwise, udp is used. * @return Network::DnsResolverSharedPtr that is owned by the caller. */ virtual Network::DnsResolverSharedPtr createDnsResolver(const std::vector& resolvers, bool use_tcp_for_dns_lookups) PURE; /** * Creates a file event that will signal when a file is readable or writable. On UNIX systems this * can be used for any file like interface (files, sockets, etc.). * @param fd supplies the fd to watch. * @param cb supplies the callback to fire when the file is ready. * @param trigger specifies whether to edge or level trigger. * @param events supplies a logical OR of FileReadyType events that the file event should * initially listen on. */ virtual FileEventPtr createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events) PURE; /** * @return Filesystem::WatcherPtr a filesystem watcher owned by the caller. */ virtual Filesystem::WatcherPtr createFilesystemWatcher() PURE; /** * Creates a listener on a specific port. * @param socket supplies the socket to listen on. * @param cb supplies the callbacks to invoke for listener events. * @param bind_to_port controls whether the listener binds to a transport port or not. * @param backlog_size controls listener pending connections backlog * @return Network::ListenerPtr a new listener that is owned by the caller. */ virtual Network::ListenerPtr createListener(Network::SocketSharedPtr&& socket, Network::TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size) PURE; /** * Creates a logical udp listener on a specific port. * @param socket supplies the socket to listen on. * @param cb supplies the udp listener callbacks to invoke for listener events. * @return Network::ListenerPtr a new listener that is owned by the caller. */ virtual Network::UdpListenerPtr createUdpListener(Network::SocketSharedPtr socket, Network::UdpListenerCallbacks& cb) PURE; /** * Allocates a timer. @see Timer for docs on how to use the timer. * @param cb supplies the callback to invoke when the timer fires. */ virtual Event::TimerPtr createTimer(TimerCb cb) PURE; /** * Allocates a schedulable callback. @see SchedulableCallback for docs on how to use the wrapped * callback. * @param cb supplies the callback to invoke when the SchedulableCallback is triggered on the * event loop. */ virtual Event::SchedulableCallbackPtr createSchedulableCallback(std::function cb) PURE; /** * Submits an item for deferred delete. @see DeferredDeletable. */ virtual void deferredDelete(DeferredDeletablePtr&& to_delete) PURE; /** * Exits the event loop. */ virtual void exit() PURE; /** * Listens for a signal event. Only a single dispatcher in the process can listen for signals. * If more than one dispatcher calls this routine in the process the behavior is undefined. * * @param signal_num supplies the signal to listen on. * @param cb supplies the callback to invoke when the signal fires. * @return SignalEventPtr a signal event that is owned by the caller. */ virtual SignalEventPtr listenForSignal(int signal_num, SignalCb cb) PURE; /** * Posts a functor to the dispatcher. This is safe cross thread. The functor runs in the context * of the dispatcher event loop which may be on a different thread than the caller. */ virtual void post(PostCb callback) PURE; /** * Runs the event loop. This will not return until exit() is called either from within a callback * or from a different thread. * @param type specifies whether to run in blocking mode (run() will not return until exit() is * called) or non-blocking mode where only active events will be executed and then * run() will return. */ enum class RunType { Block, // Runs the event-loop until there are no pending events. NonBlock, // Checks for any pending events to activate, executes them, // then exits. Exits immediately if there are no pending or // active events. RunUntilExit // Runs the event-loop until loopExit() is called, blocking // until there are pending or active events. }; virtual void run(RunType type) PURE; /** * Returns a factory which connections may use for watermark buffer creation. * @return the watermark buffer factory for this dispatcher. */ virtual Buffer::WatermarkFactory& getWatermarkFactory() PURE; /** * Sets a tracked object, which is currently operating in this Dispatcher. * This should be cleared with another call to setTrackedObject() when the object is done doing * work. Calling setTrackedObject(nullptr) results in no object being tracked. * * This is optimized for performance, to avoid allocation where we do scoped object tracking. * * @return The previously tracked object or nullptr if there was none. */ virtual const ScopeTrackedObject* setTrackedObject(const ScopeTrackedObject* object) PURE; /** * Validates that an operation is thread-safe with respect to this dispatcher; i.e. that the * current thread of execution is on the same thread upon which the dispatcher loop is running. */ virtual bool isThreadSafe() const PURE; /** * Returns a recently cached MonotonicTime value. */ virtual MonotonicTime approximateMonotonicTime() const PURE; /** * Updates approximate monotonic time to current value. */ virtual void updateApproximateMonotonicTime() PURE; }; using DispatcherPtr = std::unique_ptr; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/file_event.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Event { struct FileReadyType { // File is ready for reading. static const uint32_t Read = 0x1; // File is ready for writing. static const uint32_t Write = 0x2; // File has been remote closed. static const uint32_t Closed = 0x4; }; enum class FileTriggerType { Level, Edge }; static constexpr FileTriggerType PlatformDefaultTriggerType #ifdef WIN32 // Libevent only supports Level trigger on Windows. {FileTriggerType::Level}; #else {FileTriggerType::Edge}; #endif /** * Callback invoked when a FileEvent is ready for reading or writing. */ using FileReadyCb = std::function; /** * Wrapper for file based (read/write) event notifications. */ class FileEvent { public: virtual ~FileEvent() = default; /** * Activate the file event explicitly for a set of events. Should be a logical OR of FileReadyType * events. This method "injects" the event (and fires callbacks) regardless of whether the event * is actually ready on the underlying file. */ virtual void activate(uint32_t events) PURE; /** * Enable the file event explicitly for a set of events. Should be a logical OR of FileReadyType * events. As opposed to activate(), this routine causes the file event to listen for the * registered events and fire callbacks when they are active. */ virtual void setEnabled(uint32_t events) PURE; }; using FileEventPtr = std::unique_ptr; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/range_timer.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/event/timer.h" namespace Envoy { namespace Event { /** * An abstract event timer that can be scheduled for a timeout within a range. The actual timeout * used is left up to individual implementations. */ class RangeTimer { public: virtual ~RangeTimer() = default; /** * Disable a pending timeout without destroying the underlying timer. */ virtual void disableTimer() PURE; /** * Enable a pending timeout within the given range. If a timeout is already pending, it will be * reset to the new timeout. * * @param min_ms supplies the minimum duration of the alarm in milliseconds. * @param max_ms supplies the maximum duration of the alarm in milliseconds. * @param object supplies an optional scope for the duration of the alarm. */ virtual void enableTimer(std::chrono::milliseconds min_ms, std::chrono::milliseconds max_ms, const ScopeTrackedObject* object = nullptr) PURE; /** * Return whether the timer is currently armed. */ virtual bool enabled() PURE; }; using RangeTimerPtr = std::unique_ptr; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/schedulable_cb.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Event { /** * Callback wrapper that allows direct scheduling of callbacks in the event loop. */ class SchedulableCallback { public: virtual ~SchedulableCallback() = default; /** * Schedule the callback so it runs in the current iteration of the event loop after all events * scheduled in the current event loop have had a chance to execute. */ virtual void scheduleCallbackCurrentIteration() PURE; /** * Schedule the callback so it runs in the next iteration of the event loop. There are no * ordering guarantees for callbacks scheduled for the next iteration, not even among * next-iteration callbacks. */ virtual void scheduleCallbackNextIteration() PURE; /** * Cancel pending execution of the callback. */ virtual void cancel() PURE; /** * Return true whether the SchedulableCallback is scheduled for execution. */ virtual bool enabled() PURE; }; using SchedulableCallbackPtr = std::unique_ptr; /** * SchedulableCallback factory. */ class CallbackScheduler { public: virtual ~CallbackScheduler() = default; /** * Create a schedulable callback. */ virtual SchedulableCallbackPtr createSchedulableCallback(const std::function& cb) PURE; }; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/signal.h ================================================ #pragma once #include #include namespace Envoy { namespace Event { /** * Callback invoked when a signal event fires. */ using SignalCb = std::function; /** * An abstract signal event. Free the event to stop listening on the signal. */ class SignalEvent { public: virtual ~SignalEvent() = default; }; using SignalEventPtr = std::unique_ptr; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/event/timer.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/event/schedulable_cb.h" namespace Envoy { class ScopeTrackedObject; namespace Event { class Dispatcher; /** * Callback invoked when a timer event fires. */ using TimerCb = std::function; /** * An abstract timer event. Free the timer to unregister any pending timeouts. Must be freed before * the dispatcher is torn down. */ class Timer { public: virtual ~Timer() = default; /** * Disable a pending timeout without destroying the underlying timer. */ virtual void disableTimer() PURE; /** * Enable a pending timeout. If a timeout is already pending, it will be reset to the new timeout. * * @param ms supplies the duration of the alarm in milliseconds. * @param object supplies an optional scope for the duration of the alarm. */ virtual void enableTimer(std::chrono::milliseconds ms, const ScopeTrackedObject* object = nullptr) PURE; /** * Enable a pending high resolution timeout. If a timeout is already pending, it will be reset to * the new timeout. * * @param us supplies the duration of the alarm in microseconds. * @param object supplies an optional scope for the duration of the alarm. */ virtual void enableHRTimer(std::chrono::microseconds us, const ScopeTrackedObject* object = nullptr) PURE; /** * Return whether the timer is currently armed. */ virtual bool enabled() PURE; }; using TimerPtr = std::unique_ptr; class Scheduler { public: virtual ~Scheduler() = default; /** * Creates a timer. */ virtual TimerPtr createTimer(const TimerCb& cb, Dispatcher& dispatcher) PURE; }; using SchedulerPtr = std::unique_ptr; /** * Interface providing a mechanism to measure time and set timers that run callbacks * when the timer fires. */ class TimeSystem : public TimeSource { public: ~TimeSystem() override = default; using Duration = MonotonicTime::duration; using Nanoseconds = std::chrono::nanoseconds; using Microseconds = std::chrono::microseconds; using Milliseconds = std::chrono::milliseconds; using Seconds = std::chrono::seconds; /** * Creates a timer factory. This indirection enables thread-local timer-queue management, * so servers can have a separate timer-factory in each thread. */ virtual SchedulerPtr createScheduler(Scheduler& base_scheduler, CallbackScheduler& cb_scheduler) PURE; }; } // namespace Event } // namespace Envoy ================================================ FILE: include/envoy/filesystem/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "filesystem_interface", hdrs = ["filesystem.h"], deps = [ "//include/envoy/api:io_error_interface", "//include/envoy/api:os_sys_calls_interface", "//include/envoy/event:dispatcher_interface", ], ) envoy_cc_library( name = "watcher_interface", hdrs = ["watcher.h"], ) ================================================ FILE: include/envoy/filesystem/filesystem.h ================================================ #pragma once #include #include #include #include #include "envoy/api/io_error.h" #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Filesystem { using FlagSet = std::bitset<4>; /** * Abstraction for a basic file on disk. */ class File { public: virtual ~File() = default; enum Operation { Read, Write, Create, Append, }; /** * Open the file with Flag * The file will be closed when this object is destructed * * @return bool whether the open succeeded */ virtual Api::IoCallBoolResult open(FlagSet flags) PURE; /** * Write the buffer to the file. The file must be explicitly opened before writing. * * @return ssize_t number of bytes written, or -1 for failure */ virtual Api::IoCallSizeResult write(absl::string_view buffer) PURE; /** * Close the file. * * @return bool whether the close succeeded */ virtual Api::IoCallBoolResult close() PURE; /** * @return bool is the file open */ virtual bool isOpen() const PURE; /** * @return string the file path */ virtual std::string path() const PURE; }; using FilePtr = std::unique_ptr; /** * Contains the result of splitting the file name and its parent directory from * a given file path. */ struct PathSplitResult { absl::string_view directory_; absl::string_view file_; }; /** * Abstraction for some basic filesystem operations */ class Instance { public: virtual ~Instance() = default; /** * @param path The path of the File * @return a FilePtr. The file is not opened. */ virtual FilePtr createFile(const std::string& path) PURE; /** * @return bool whether a file exists on disk and can be opened for read. */ virtual bool fileExists(const std::string& path) PURE; /** * @return bool whether a directory exists on disk and can be opened for read. */ virtual bool directoryExists(const std::string& path) PURE; /** * @return ssize_t the size in bytes of the specified file, or -1 if the file size * cannot be determined for any reason, including without limitation * the non-existence of the file. */ virtual ssize_t fileSize(const std::string& path) PURE; /** * @return full file content as a string. * @throw EnvoyException if the file cannot be read. * Be aware, this is not most highly performing file reading method. */ virtual std::string fileReadToEnd(const std::string& path) PURE; /** * @path file path to split * @return PathSplitResult containing the parent directory of the input path and the file name * @note will throw an exception if path does not contain any path separator character */ virtual PathSplitResult splitPathFromFilename(absl::string_view path) PURE; /** * Determine if the path is on a list of paths Envoy will refuse to access. This * is a basic sanity check for users, denying some clearly bad paths. Paths * may still be problematic (e.g. indirectly leading to /dev/mem) even if this * returns false, it is up to the user to validate that supplied paths are * valid. * @param path some filesystem path. * @return is the path on the deny list? */ virtual bool illegalPath(const std::string& path) PURE; }; using InstancePtr = std::unique_ptr; enum class FileType { Regular, Directory, Other }; struct DirectoryEntry { // name_ is the name of the file in the directory, not including the directory path itself // For example, if we have directory a/b containing file c, name_ will be c std::string name_; // Note that if the file represented by name_ is a symlink, type_ will be the file type of the // target. For example, if name_ is a symlink to a directory, its file type will be Directory. FileType type_; bool operator==(const DirectoryEntry& rhs) const { return name_ == rhs.name_ && type_ == rhs.type_; } }; class DirectoryIteratorImpl; class DirectoryIterator { public: DirectoryIterator() : entry_({"", FileType::Other}) {} virtual ~DirectoryIterator() = default; const DirectoryEntry& operator*() const { return entry_; } bool operator!=(const DirectoryIterator& rhs) const { return !(entry_ == *rhs); } virtual DirectoryIteratorImpl& operator++() PURE; protected: DirectoryEntry entry_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: include/envoy/filesystem/watcher.h ================================================ #pragma once #include #include #include #include #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Filesystem { /** * Abstraction for a file watcher. */ class Watcher { public: using OnChangedCb = std::function; struct Events { static const uint32_t MovedTo = 0x1; static const uint32_t Modified = 0x2; }; virtual ~Watcher() = default; /** * Add a file watch. * @param path supplies the path to watch. * If path is a file, callback is called on events for the given file. * If path is a directory (ends with "/"), callback is called on events * for the given directory. * @param events supplies the events to watch. * @param cb supplies the callback to invoke when a change occurs. */ virtual void addWatch(absl::string_view path, uint32_t events, OnChangedCb cb) PURE; }; using WatcherPtr = std::unique_ptr; } // namespace Filesystem } // namespace Envoy ================================================ FILE: include/envoy/filter/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "filter_config_provider_interface", hdrs = ["filter_config_provider.h"], deps = [ "//include/envoy/config:extension_config_provider_interface", "//include/envoy/http:filter_interface", "//include/envoy/init:manager_interface", "//include/envoy/server:filter_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/filter/http/filter_config_provider.h ================================================ #pragma once #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/extension_config_provider.h" #include "envoy/http/filter.h" #include "envoy/init/manager.h" #include "envoy/server/filter_config.h" #include "absl/types/optional.h" namespace Envoy { namespace Filter { namespace Http { using FilterConfigProvider = Envoy::Config::ExtensionConfigProvider; using FilterConfigProviderPtr = std::unique_ptr; /** * The FilterConfigProviderManager exposes the ability to get an FilterConfigProvider * for both static and dynamic filter config providers. */ class FilterConfigProviderManager { public: virtual ~FilterConfigProviderManager() = default; /** * Get an FilterConfigProviderPtr for a filter config. The config providers may share * the underlying subscriptions to the filter config discovery service. * @param config_source supplies the configuration source for the filter configs. * @param filter_config_name the filter config resource name. * @param require_type_urls enforces that the typed filter config must have a certain type URL. * @param factory_context is the context to use for the filter config provider. * @param stat_prefix supplies the stat_prefix to use for the provider stats. * @param apply_without_warming initializes immediately with the default config and starts the * subscription. */ virtual FilterConfigProviderPtr createDynamicFilterConfigProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& filter_config_name, const std::set& require_type_urls, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix, bool apply_without_warming) PURE; /** * Get an FilterConfigProviderPtr for a statically inlined filter config. * @param config is a fully resolved filter instantiation factory. * @param filter_config_name is the name of the filter configuration resource. */ virtual FilterConfigProviderPtr createStaticFilterConfigProvider(const Envoy::Http::FilterFactoryCb& config, const std::string& filter_config_name) PURE; }; } // namespace Http } // namespace Filter } // namespace Envoy ================================================ FILE: include/envoy/formatter/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "substitution_formatter_interface", hdrs = ["substitution_formatter.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/http:header_map_interface", "//include/envoy/stream_info:stream_info_interface", ], ) ================================================ FILE: include/envoy/formatter/substitution_formatter.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/http/header_map.h" #include "envoy/stream_info/stream_info.h" namespace Envoy { namespace Formatter { /** * Interface for substitution formatter. * Formatters provide a complete substitution output line for the given headers/trailers/stream. */ class Formatter { public: virtual ~Formatter() = default; /** * Return a formatted substitution line. * @param request_headers supplies the request headers. * @param response_headers supplies the response headers. * @param response_trailers supplies the response trailers. * @param stream_info supplies the stream info. * @param local_reply_body supplies the local reply body. * @return std::string string containing the complete formatted substitution line. */ virtual std::string format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const PURE; }; using FormatterPtr = std::unique_ptr; /** * Interface for substitution provider. * FormatterProviders extract information from the given headers/trailers/stream. */ class FormatterProvider { public: virtual ~FormatterProvider() = default; /** * Extract a value from the provided headers/trailers/stream. * @param request_headers supplies the request headers. * @param response_headers supplies the response headers. * @param response_trailers supplies the response trailers. * @param stream_info supplies the stream info. * @param local_reply_body supplies the local reply body. * @return absl::optional optional string containing a single value extracted from * the given headers/trailers/stream. */ virtual absl::optional format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const PURE; /** * Extract a value from the provided headers/trailers/stream, preserving the value's type. * @param request_headers supplies the request headers. * @param response_headers supplies the response headers. * @param response_trailers supplies the response trailers. * @param stream_info supplies the stream info. * @param local_reply_body supplies the local reply body. * @return ProtobufWkt::Value containing a single value extracted from the given * headers/trailers/stream. */ virtual ProtobufWkt::Value formatValue(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const PURE; }; using FormatterProviderPtr = std::unique_ptr; } // namespace Formatter } // namespace Envoy ================================================ FILE: include/envoy/grpc/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "async_client_interface", hdrs = ["async_client.h"], external_deps = ["abseil_optional"], deps = [ ":status", "//include/envoy/buffer:buffer_interface", "//include/envoy/http:async_client_interface", "//include/envoy/http:header_map_interface", "//include/envoy/tracing:http_tracer_interface", "//source/common/common:assert_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "async_client_manager_interface", hdrs = ["async_client_manager.h"], deps = [ ":async_client_interface", "//include/envoy/stats:stats_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "context_interface", hdrs = ["context.h"], deps = [ "//include/envoy/http:context_interface", "//include/envoy/upstream:upstream_interface", ], ) envoy_cc_library( name = "google_grpc_creds_interface", hdrs = ["google_grpc_creds.h"], external_deps = [ "grpc", ], deps = [ "//include/envoy/api:api_interface", "//include/envoy/config:typed_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "status", hdrs = ["status.h"], ) ================================================ FILE: include/envoy/grpc/async_client.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/grpc/status.h" #include "envoy/http/async_client.h" #include "envoy/http/header_map.h" #include "envoy/tracing/http_tracer.h" #include "common/common/assert.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Grpc { /** * An in-flight gRPC unary RPC. */ class AsyncRequest { public: virtual ~AsyncRequest() = default; /** * Signals that the request should be cancelled. No further callbacks will be invoked. */ virtual void cancel() PURE; }; /** * An in-flight gRPC stream. */ class RawAsyncStream { public: virtual ~RawAsyncStream() = default; /** * Send request message to the stream. * @param request serialized message. * @param end_stream close the stream locally. No further methods may be invoked on the stream * object, but callbacks may still be received until the stream is closed * remotely. */ virtual void sendMessageRaw(Buffer::InstancePtr&& request, bool end_stream) PURE; /** * Close the stream locally and send an empty DATA frame to the remote. No further methods may be * invoked on the stream object, but callbacks may still be received until the stream is closed * remotely. */ virtual void closeStream() PURE; /** * Close the stream locally and remotely (as needed). No further methods may be invoked on the * stream object and no further callbacks will be invoked. */ virtual void resetStream() PURE; /*** * @returns if the stream has enough buffered outbound data to be over the configured buffer * limits */ virtual bool isAboveWriteBufferHighWatermark() const PURE; }; class RawAsyncRequestCallbacks { public: virtual ~RawAsyncRequestCallbacks() = default; /** * Called when populating the headers to send with initial metadata. * @param metadata initial metadata reference. */ virtual void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) PURE; /** * Called when the async gRPC request succeeds. No further callbacks will be invoked. * @param response the gRPC response bytes. * @param span a tracing span to fill with extra tags. */ virtual void onSuccessRaw(Buffer::InstancePtr&& response, Tracing::Span& span) PURE; /** * Called when the async gRPC request fails. No further callbacks will be invoked. * @param status the gRPC status. * @param message the gRPC status message or empty string if not present. * @param span a tracing span to fill with extra tags. */ virtual void onFailure(Status::GrpcStatus status, const std::string& message, Tracing::Span& span) PURE; }; /** * Notifies caller of async gRPC stream status. * Note the gRPC stream is full-duplex, even if the local to remote stream has been ended by * AsyncStream.close(), AsyncStreamCallbacks can continue to receive events until the remote * to local stream is closed (onRemoteClose), and vice versa. Once the stream is closed remotely, no * further callbacks will be invoked. */ class RawAsyncStreamCallbacks { public: virtual ~RawAsyncStreamCallbacks() = default; /** * Called when populating the headers to send with initial metadata. * @param metadata initial metadata reference. */ virtual void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) PURE; /** * Called when initial metadata is received. This will be called with empty metadata on a * trailers-only response, followed by onReceiveTrailingMetadata() with the trailing metadata. * @param metadata initial metadata reference. */ virtual void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) PURE; /** * Called when an async gRPC message is received. * @param response the gRPC message. * @return bool which is true if the message well formed and false otherwise which will cause the stream to shutdown with an INTERNAL error. */ virtual bool onReceiveMessageRaw(Buffer::InstancePtr&& response) PURE; /** * Called when trailing metadata is received. This will also be called on non-Ok grpc-status * stream termination. * @param metadata trailing metadata reference. */ virtual void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) PURE; /** * Called when the remote closes or an error occurs on the gRPC stream. The stream is * considered remotely closed after this invocation and no further callbacks will be * invoked. In addition, no further stream operations are permitted. * @param status the gRPC status. * @param message the gRPC status message or empty string if not present. */ virtual void onRemoteClose(Status::GrpcStatus status, const std::string& message) PURE; }; /** * Supports sending gRPC requests and receiving responses asynchronously. This can be used to * implement either plain gRPC or streaming gRPC calls. */ class RawAsyncClient { public: virtual ~RawAsyncClient() = default; /** * Start a gRPC unary RPC asynchronously. * @param service_full_name full name of the service (i.e. service_method.service()->full_name()). * @param method_name name of the method (i.e. service_method.name()). * @param request serialized message. * @param callbacks the callbacks to be notified of RPC status. * @param parent_span the current parent tracing context. * @param options the data struct to control the request sending. * @return a request handle or nullptr if no request could be started. NOTE: In this case * onFailure() has already been called inline. The client owns the request and the * handle should just be used to cancel. */ virtual AsyncRequest* sendRaw(absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) PURE; /** * Start a gRPC stream asynchronously. * TODO(mattklein123): Determine if tracing should be added to streaming requests. * @param service_full_name full name of the service (i.e. service_method.service()->full_name()). * @param method_name name of the method (i.e. service_method.name()). * @param callbacks the callbacks to be notified of stream status. * @param options the data struct to control the stream. * @return a stream handle or nullptr if no stream could be started. NOTE: In this case * onRemoteClose() has already been called inline. The client owns the stream and * the handle can be used to send more messages or finish the stream. It is expected that * closeStream() is invoked by the caller to notify the client that the stream resources * may be reclaimed. */ virtual RawAsyncStream* startRaw(absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) PURE; }; using RawAsyncClientPtr = std::unique_ptr; using RawAsyncClientSharedPtr = std::shared_ptr; } // namespace Grpc } // namespace Envoy ================================================ FILE: include/envoy/grpc/async_client_manager.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/stats/scope.h" namespace Envoy { namespace Grpc { // Per-service factory for Grpc::RawAsyncClients. This factory is thread aware and will instantiate // with thread local state. Clients will use ThreadLocal::Instance::dispatcher() for event handling. class AsyncClientFactory { public: virtual ~AsyncClientFactory() = default; /** * Create a gRPC::RawAsyncClient. * @return RawAsyncClientPtr async client. */ virtual RawAsyncClientPtr create() PURE; }; using AsyncClientFactoryPtr = std::unique_ptr; // Singleton gRPC client manager. Grpc::AsyncClientManager can be used to create per-service // Grpc::AsyncClientFactory instances. All manufactured Grpc::AsyncClients must // be destroyed before the AsyncClientManager can be safely destructed. class AsyncClientManager { public: virtual ~AsyncClientManager() = default; /** * Create a Grpc::AsyncClients factory for a service. Validation of the service is performed and * will raise an exception on failure. * @param grpc_service envoy::config::core::v3::GrpcService configuration. * @param scope stats scope. * @param skip_cluster_check if set to true skips checks for cluster presence and being statically * configured. * @return AsyncClientFactoryPtr factory for grpc_service. * @throws EnvoyException when grpc_service validation fails. */ virtual AsyncClientFactoryPtr factoryForGrpcService(const envoy::config::core::v3::GrpcService& grpc_service, Stats::Scope& scope, bool skip_cluster_check) PURE; }; using AsyncClientManagerPtr = std::unique_ptr; } // namespace Grpc } // namespace Envoy ================================================ FILE: include/envoy/grpc/context.h ================================================ #pragma once #include #include "envoy/http/header_map.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Grpc { struct StatNames; /** * Captures grpc-related structures with cardinality of one per server. */ class Context { public: virtual ~Context() = default; enum class Protocol { Grpc, GrpcWeb }; struct RequestStatNames; /** * Parses out request grpc service-name and method from the path, returning a * populated RequestStatNames if successful. See the implementation * (source/common/grpc/common.h) for the definition of RequestStatNames. It is * hidden in the implementation since it references StatName, which is defined * only in the stats implementation. * * @param path the request path. * @return the request names, expressed as StatName. */ virtual absl::optional resolveDynamicServiceAndMethod(const Http::HeaderEntry* path) PURE; /** * Charge a success/failure stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param protocol supplies the downstream protocol in use. * @param request_names supplies the request names. * @param grpc_status supplies the gRPC status. */ virtual void chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, const Http::HeaderEntry* grpc_status) PURE; /** * Charge a success/failure stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param protocol supplies the downstream protocol in use. * @param request_names supplies the request names. * @param success supplies whether the call succeeded. */ virtual void chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, bool success) PURE; /** * Charge a success/failure stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param request_names supplies the request names. * @param success supplies whether the call succeeded. */ virtual void chargeStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, bool success) PURE; /** * Charge a request message stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param request_names supplies the request names. * @param amount supplies the number of the request messages. */ virtual void chargeRequestMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) PURE; /** * Charge a response message stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param request_names supplies the request names. * @param amount supplies the number of the response messages. */ virtual void chargeResponseMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) PURE; /** * Charge upstream stat to a cluster/service/method. * @param cluster supplies the target cluster. * @param request_names supplies the request names. * @param duration supplies the duration of the upstream request. */ virtual void chargeUpstreamStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, std::chrono::milliseconds duration) PURE; /** * @return a struct containing StatNames for gRPC stat tokens. */ virtual StatNames& statNames() PURE; }; using ContextPtr = std::unique_ptr; } // namespace Grpc } // namespace Envoy ================================================ FILE: include/envoy/grpc/google_grpc_creds.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/common/pure.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/typed_config.h" #include "grpcpp/grpcpp.h" namespace Envoy { namespace Grpc { /** * Interface for all Google gRPC credentials factories. */ class GoogleGrpcCredentialsFactory : public Config::UntypedFactory { public: ~GoogleGrpcCredentialsFactory() override = default; /** * Get a ChannelCredentials to be used for authentication of a gRPC channel. * * GoogleGrpcCredentialsFactory should always return a ChannelCredentials. To use CallCredentials, * the ChannelCredentials can be created by using a combination of CompositeChannelCredentials and * CompositeCallCredentials to combine multiple credentials. * * @param grpc_service_config contains configuration options * @param api reference to the Api object * @return std::shared_ptr to be used to authenticate a Google gRPC * channel. */ virtual std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) PURE; std::string category() const override { return "envoy.grpc_credentials"; } }; } // namespace Grpc } // namespace Envoy ================================================ FILE: include/envoy/grpc/status.h ================================================ #pragma once #include namespace Envoy { namespace Grpc { class Status { public: using GrpcStatus = int64_t; enum WellKnownGrpcStatus { // The RPC completed successfully. Ok = 0, // The RPC was canceled. Canceled = 1, // Some unknown error occurred. Unknown = 2, // An argument to the RPC was invalid. InvalidArgument = 3, // The deadline for the RPC expired before the RPC completed. DeadlineExceeded = 4, // Some resource for the RPC was not found. NotFound = 5, // A resource the RPC attempted to create already exists. AlreadyExists = 6, // Permission was denied for the RPC. PermissionDenied = 7, // Some resource is exhausted, resulting in RPC failure. ResourceExhausted = 8, // Some precondition for the RPC failed. FailedPrecondition = 9, // The RPC was aborted. Aborted = 10, // Some operation was requested outside of a legal range. OutOfRange = 11, // The RPC requested was not implemented. Unimplemented = 12, // Some internal error occurred. Internal = 13, // The RPC endpoint is current unavailable. Unavailable = 14, // There was some data loss resulting in RPC failure. DataLoss = 15, // The RPC does not have required credentials for the RPC to succeed. Unauthenticated = 16, // Maximum value of valid status codes. MaximumKnown = Unauthenticated, // This is a non-GRPC error code, indicating the status code in gRPC headers // was invalid. InvalidCode = -1, }; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: include/envoy/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "api_listener_interface", hdrs = ["api_listener.h"], deps = [":codec_interface"], ) envoy_cc_library( name = "async_client_interface", hdrs = ["async_client.h"], external_deps = ["abseil_optional"], deps = [ ":message_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/tracing:http_tracer_interface", "//source/common/protobuf", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "codec_interface", hdrs = ["codec.h"], deps = [ ":header_map_interface", ":metadata_interface", ":protocol_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/grpc:status", "//include/envoy/network:address_interface", "//source/common/http:status_lib", ], ) envoy_cc_library( name = "codes_interface", hdrs = ["codes.h"], deps = ["//include/envoy/stats:stats_interface"], ) envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ ":codec_interface", "//include/envoy/common:conn_pool_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/upstream:upstream_interface", ], ) envoy_cc_library( name = "context_interface", hdrs = ["context.h"], deps = [ ":codes_interface", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], external_deps = ["abseil_optional"], deps = [ ":codec_interface", ":header_map_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/common:scope_tracker_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/grpc:status", "//include/envoy/router:router_interface", "//include/envoy/ssl:connection_interface", "//include/envoy/stream_info:stream_info_interface", "//include/envoy/tracing:http_tracer_interface", ], ) envoy_cc_library( name = "hash_policy_interface", hdrs = ["hash_policy.h"], deps = [ ":header_map_interface", "//include/envoy/network:address_interface", "//include/envoy/stream_info:filter_state_interface", ], ) envoy_cc_library( name = "header_map_interface", hdrs = ["header_map.h"], external_deps = [ "abseil_inlined_vector", ], deps = [ "//source/common/common:assert_lib", "//source/common/common:hash_lib", ], ) envoy_cc_library( name = "message_interface", hdrs = ["message.h"], deps = [ ":header_map_interface", "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "protocol_interface", hdrs = ["protocol.h"], ) envoy_cc_library( name = "query_params_interface", hdrs = ["query_params.h"], ) envoy_cc_library( name = "metadata_interface", hdrs = ["metadata_interface.h"], external_deps = ["abseil_node_hash_map"], ) envoy_cc_library( name = "request_id_extension_interface", hdrs = ["request_id_extension.h"], deps = [ ":header_map_interface", ], ) ================================================ FILE: include/envoy/http/api_listener.h ================================================ #pragma once #include "envoy/http/codec.h" namespace Envoy { namespace Http { /** * ApiListener that allows consumers to interact with HTTP streams via API calls. */ // TODO(junr03): this is a replica of the functions in ServerConnectionCallbacks. It would be nice // to not duplicate this interface layout. class ApiListener { public: virtual ~ApiListener() = default; /** * Invoked when a new request stream is initiated by the remote. * @param response_encoder supplies the encoder to use for creating the response. The request and * response are backed by the same Stream object. * @param is_internally_created indicates if this stream was originated by a * client, or was created by Envoy, by example as part of an internal redirect. * @return RequestDecoder& supplies the decoder callbacks to fire into for stream * decoding events. */ virtual RequestDecoder& newStream(ResponseEncoder& response_encoder, bool is_internally_created = false) PURE; }; using ApiListenerPtr = std::unique_ptr; using ApiListenerOptRef = absl::optional>; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/async_client.h ================================================ #pragma once #include #include #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/http/message.h" #include "envoy/tracing/http_tracer.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Http { /** * Supports sending an HTTP request message and receiving a response asynchronously. */ class AsyncClient { public: /** * An in-flight HTTP request. */ class Request { public: virtual ~Request() = default; /** * Signals that the request should be cancelled. */ virtual void cancel() PURE; }; /** * Async Client failure reasons. */ enum class FailureReason { // The stream has been reset. Reset }; /** * Notifies caller of async HTTP request status. * * To support a use case where a caller makes multiple requests in parallel, * individual callback methods provide request context corresponding to that response. */ class Callbacks { public: virtual ~Callbacks() = default; /** * Called when the async HTTP request succeeds. * @param request request handle. * NOTE: request handle is passed for correlation purposes only, e.g. * for client code to be able to exclude that handle from a list of * requests in progress. * @param response the HTTP response */ virtual void onSuccess(const Request& request, ResponseMessagePtr&& response) PURE; /** * Called when the async HTTP request fails. * @param request request handle. * NOTE: request handle is passed for correlation purposes only, e.g. * for client code to be able to exclude that handle from a list of * requests in progress. * @param reason failure reason */ virtual void onFailure(const Request& request, FailureReason reason) PURE; /** * Called before finalizing upstream span when the request is complete or reset. * @param span a tracing span to fill with extra tags. * @param response_headers the response headers. */ virtual void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span& span, const Http::ResponseHeaderMap* response_headers) PURE; }; /** * Notifies caller of async HTTP stream status. * Note the HTTP stream is full-duplex, even if the local to remote stream has been ended * by Stream.sendHeaders/sendData with end_stream=true or sendTrailers, * StreamCallbacks can continue to receive events until the remote to local stream is closed, * and vice versa. */ class StreamCallbacks { public: virtual ~StreamCallbacks() = default; /** * Called when all headers get received on the async HTTP stream. * @param headers the headers received * @param end_stream whether the response is header only */ virtual void onHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) PURE; /** * Called when a data frame get received on the async HTTP stream. * This can be invoked multiple times if the data get streamed. * @param data the data received * @param end_stream whether the data is the last data frame */ virtual void onData(Buffer::Instance& data, bool end_stream) PURE; /** * Called when all trailers get received on the async HTTP stream. * @param trailers the trailers received. */ virtual void onTrailers(ResponseTrailerMapPtr&& trailers) PURE; /** * Called when both the local and remote have gracefully closed the stream. * Useful for asymmetric cases where end_stream may not be bidirectionally observable. * Note this is NOT called on stream reset. */ virtual void onComplete() PURE; /** * Called when the async HTTP stream is reset. */ virtual void onReset() PURE; }; /** * An in-flight HTTP stream. */ class Stream { public: virtual ~Stream() = default; /*** * Send headers to the stream. This method cannot be invoked more than once and * need to be called before sendData. * @param headers supplies the headers to send. * @param end_stream supplies whether this is a header only request. */ virtual void sendHeaders(RequestHeaderMap& headers, bool end_stream) PURE; /*** * Send data to the stream. This method can be invoked multiple times if it get streamed. * To end the stream without data, call this method with empty buffer. * @param data supplies the data to send. * @param end_stream supplies whether this is the last data. */ virtual void sendData(Buffer::Instance& data, bool end_stream) PURE; /*** * Send trailers. This method cannot be invoked more than once, and implicitly ends the stream. * @param trailers supplies the trailers to send. */ virtual void sendTrailers(RequestTrailerMap& trailers) PURE; /*** * Reset the stream. */ virtual void reset() PURE; /*** * @returns if the stream has enough buffered outbound data to be over the configured buffer * limits */ virtual bool isAboveWriteBufferHighWatermark() const PURE; }; virtual ~AsyncClient() = default; /** * A structure to hold the options for AsyncStream object. */ struct StreamOptions { StreamOptions& setTimeout(const absl::optional& v) { timeout = v; return *this; } StreamOptions& setTimeout(const std::chrono::milliseconds& v) { timeout = v; return *this; } StreamOptions& setBufferBodyForRetry(bool v) { buffer_body_for_retry = v; return *this; } StreamOptions& setSendXff(bool v) { send_xff = v; return *this; } StreamOptions& setHashPolicy( const Protobuf::RepeatedPtrField& v) { hash_policy = v; return *this; } // For gmock test bool operator==(const StreamOptions& src) const { return timeout == src.timeout && buffer_body_for_retry == src.buffer_body_for_retry && send_xff == src.send_xff; } // The timeout supplies the stream timeout, measured since when the frame with // end_stream flag is sent until when the first frame is received. absl::optional timeout; // The buffer_body_for_retry specifies whether the streamed body will be buffered so that // it can be retried. In general, this should be set to false for a true stream. However, // streaming is also used in certain cases such as gRPC unary calls, where retry can // still be useful. bool buffer_body_for_retry{false}; // If true, x-forwarded-for header will be added. bool send_xff{true}; // Provides the hash policy for hashing load balancing strategies. Protobuf::RepeatedPtrField hash_policy; }; /** * A structure to hold the options for AsyncRequest object. */ struct RequestOptions : public StreamOptions { RequestOptions& setTimeout(const absl::optional& v) { StreamOptions::setTimeout(v); return *this; } RequestOptions& setTimeout(const std::chrono::milliseconds& v) { StreamOptions::setTimeout(v); return *this; } RequestOptions& setBufferBodyForRetry(bool v) { StreamOptions::setBufferBodyForRetry(v); return *this; } RequestOptions& setSendXff(bool v) { StreamOptions::setSendXff(v); return *this; } RequestOptions& setHashPolicy( const Protobuf::RepeatedPtrField& v) { StreamOptions::setHashPolicy(v); return *this; } RequestOptions& setParentSpan(Tracing::Span& parent_span) { parent_span_ = &parent_span; return *this; } RequestOptions& setChildSpanName(const std::string& child_span_name) { child_span_name_ = child_span_name; return *this; } RequestOptions& setSampled(bool sampled) { sampled_ = sampled; return *this; } // For gmock test bool operator==(const RequestOptions& src) const { return StreamOptions::operator==(src) && parent_span_ == src.parent_span_ && child_span_name_ == src.child_span_name_ && sampled_ == src.sampled_; } // The parent span that child spans are created under to trace egress requests/responses. // If not set, requests will not be traced. Tracing::Span* parent_span_{nullptr}; // The name to give to the child span that represents the async http request. // If left empty and parent_span_ is set, then the default name will have the cluster name. // Only used if parent_span_ is set. std::string child_span_name_{""}; // Sampling decision for the tracing span. The span is sampled by default. bool sampled_{true}; }; /** * Send an HTTP request asynchronously * @param request the request to send. * @param callbacks the callbacks to be notified of request status. * @param options the data struct to control the request sending. * @return a request handle or nullptr if no request could be created. NOTE: In this case * onFailure() has already been called inline. The client owns the request and the * handle should just be used to cancel. */ virtual Request* send(RequestMessagePtr&& request, Callbacks& callbacks, const RequestOptions& options) PURE; /** * Start an HTTP stream asynchronously. * @param callbacks the callbacks to be notified of stream status. * @param options the data struct to control the stream. * @return a stream handle or nullptr if no stream could be started. NOTE: In this case * onResetStream() has already been called inline. The client owns the stream and * the handle can be used to send more messages or close the stream. */ virtual Stream* start(StreamCallbacks& callbacks, const StreamOptions& options) PURE; /** * @return Event::Dispatcher& the dispatcher backing this client. */ virtual Event::Dispatcher& dispatcher() PURE; }; using AsyncClientPtr = std::unique_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/codec.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/grpc/status.h" #include "envoy/http/header_map.h" #include "envoy/http/metadata_interface.h" #include "envoy/http/protocol.h" #include "envoy/network/address.h" #include "common/http/status.h" namespace Envoy { namespace Http { namespace Http1 { struct CodecStats; } namespace Http2 { struct CodecStats; } // Legacy default value of 60K is safely under both codec default limits. static const uint32_t DEFAULT_MAX_REQUEST_HEADERS_KB = 60; // Default maximum number of headers. static const uint32_t DEFAULT_MAX_HEADERS_COUNT = 100; const char MaxRequestHeadersCountOverrideKey[] = "envoy.reloadable_features.max_request_headers_count"; const char MaxResponseHeadersCountOverrideKey[] = "envoy.reloadable_features.max_response_headers_count"; class Stream; /** * Error codes used to convey the reason for a GOAWAY. */ enum class GoAwayErrorCode { NoError, Other, }; /** * Stream encoder options specific to HTTP/1. */ class Http1StreamEncoderOptions { public: virtual ~Http1StreamEncoderOptions() = default; /** * Force disable chunk encoding, even if there is no known content length. This effectively forces * HTTP/1.0 behavior in which the connection will need to be closed to indicate end of stream. */ virtual void disableChunkEncoding() PURE; }; using Http1StreamEncoderOptionsOptRef = absl::optional>; /** * Encodes an HTTP stream. This interface contains methods common to both the request and response * path. * TODO(mattklein123): Consider removing the StreamEncoder interface entirely and just duplicating * the methods in both the request/response path for simplicity. */ class StreamEncoder { public: virtual ~StreamEncoder() = default; /** * Encode a data frame. * @param data supplies the data to encode. The data may be moved by the encoder. * @param end_stream supplies whether this is the last data frame. */ virtual void encodeData(Buffer::Instance& data, bool end_stream) PURE; /** * @return Stream& the backing stream. */ virtual Stream& getStream() PURE; /** * Encode metadata. * @param metadata_map_vector is the vector of metadata maps to encode. */ virtual void encodeMetadata(const MetadataMapVector& metadata_map_vector) PURE; /** * Return the HTTP/1 stream encoder options if applicable. If the stream is not HTTP/1 returns * absl::nullopt. */ virtual Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() PURE; }; /** * Stream encoder used for sending a request (client to server). Virtual inheritance is required * due to a parallel implementation split between the shared base class and the derived class. */ class RequestEncoder : public virtual StreamEncoder { public: /** * Encode headers, optionally indicating end of stream. * @param headers supplies the header map to encode. * @param end_stream supplies whether this is a header only request. */ virtual void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) PURE; /** * Encode trailers. This implicitly ends the stream. * @param trailers supplies the trailers to encode. */ virtual void encodeTrailers(const RequestTrailerMap& trailers) PURE; }; /** * Stream encoder used for sending a response (server to client). Virtual inheritance is required * due to a parallel implementation split between the shared base class and the derived class. */ class ResponseEncoder : public virtual StreamEncoder { public: /** * Encode 100-Continue headers. * @param headers supplies the 100-Continue header map to encode. */ virtual void encode100ContinueHeaders(const ResponseHeaderMap& headers) PURE; /** * Encode headers, optionally indicating end of stream. Response headers must * have a valid :status set. * @param headers supplies the header map to encode. * @param end_stream supplies whether this is a header only response. */ virtual void encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) PURE; /** * Encode trailers. This implicitly ends the stream. * @param trailers supplies the trailers to encode. */ virtual void encodeTrailers(const ResponseTrailerMap& trailers) PURE; /** * Indicates whether invalid HTTP messaging should be handled with a stream error or a connection * error. */ virtual bool streamErrorOnInvalidHttpMessage() const PURE; }; /** * Decodes an HTTP stream. These are callbacks fired into a sink. This interface contains methods * common to both the request and response path. * TODO(mattklein123): Consider removing the StreamDecoder interface entirely and just duplicating * the methods in both the request/response path for simplicity. */ class StreamDecoder { public: virtual ~StreamDecoder() = default; /** * Called with a decoded data frame. * @param data supplies the decoded data. * @param end_stream supplies whether this is the last data frame. */ virtual void decodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Called with decoded METADATA. * @param decoded METADATA. */ virtual void decodeMetadata(MetadataMapPtr&& metadata_map) PURE; }; /** * Stream decoder used for receiving a request (client to server). Virtual inheritance is required * due to a parallel implementation split between the shared base class and the derived class. */ class RequestDecoder : public virtual StreamDecoder { public: /** * Called with decoded headers, optionally indicating end of stream. * @param headers supplies the decoded headers map. * @param end_stream supplies whether this is a header only request. */ virtual void decodeHeaders(RequestHeaderMapPtr&& headers, bool end_stream) PURE; /** * Called with a decoded trailers frame. This implicitly ends the stream. * @param trailers supplies the decoded trailers. */ virtual void decodeTrailers(RequestTrailerMapPtr&& trailers) PURE; /** * Called if the codec needs to send a protocol error. * @param is_grpc_request indicates if the request is a gRPC request * @param code supplies the HTTP error code to send. * @param body supplies an optional body to send with the local reply. * @param modify_headers supplies a way to edit headers before they are sent downstream. * @param grpc_status an optional gRPC status for gRPC requests * @param details details about the source of the error, for debug purposes */ virtual void sendLocalReply(bool is_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, const absl::optional grpc_status, absl::string_view details) PURE; }; /** * Stream decoder used for receiving a response (server to client). Virtual inheritance is required * due to a parallel implementation split between the shared base class and the derived class. */ class ResponseDecoder : public virtual StreamDecoder { public: /** * Called with decoded 100-Continue headers. * @param headers supplies the decoded 100-Continue headers map. */ virtual void decode100ContinueHeaders(ResponseHeaderMapPtr&& headers) PURE; /** * Called with decoded headers, optionally indicating end of stream. * @param headers supplies the decoded headers map. * @param end_stream supplies whether this is a header only response. */ virtual void decodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) PURE; /** * Called with a decoded trailers frame. This implicitly ends the stream. * @param trailers supplies the decoded trailers. */ virtual void decodeTrailers(ResponseTrailerMapPtr&& trailers) PURE; }; /** * Stream reset reasons. */ enum class StreamResetReason { // If a local codec level reset was sent on the stream. LocalReset, // If a local codec level refused stream reset was sent on the stream (allowing for retry). LocalRefusedStreamReset, // If a remote codec level reset was received on the stream. RemoteReset, // If a remote codec level refused stream reset was received on the stream (allowing for retry). RemoteRefusedStreamReset, // If the stream was locally reset by a connection pool due to an initial connection failure. ConnectionFailure, // If the stream was locally reset due to connection termination. ConnectionTermination, // The stream was reset because of a resource overflow. Overflow }; /** * Callbacks that fire against a stream. */ class StreamCallbacks { public: virtual ~StreamCallbacks() = default; /** * Fires when a stream has been remote reset. * @param reason supplies the reset reason. * @param transport_failure_reason supplies underlying transport failure reason. */ virtual void onResetStream(StreamResetReason reason, absl::string_view transport_failure_reason) PURE; /** * Fires when a stream, or the connection the stream is sending to, goes over its high watermark. */ virtual void onAboveWriteBufferHighWatermark() PURE; /** * Fires when a stream, or the connection the stream is sending to, goes from over its high * watermark to under its low watermark. */ virtual void onBelowWriteBufferLowWatermark() PURE; }; /** * An HTTP stream (request, response, and push). */ class Stream { public: virtual ~Stream() = default; /** * Add stream callbacks. * @param callbacks supplies the callbacks to fire on stream events. */ virtual void addCallbacks(StreamCallbacks& callbacks) PURE; /** * Remove stream callbacks. * @param callbacks supplies the callbacks to remove. */ virtual void removeCallbacks(StreamCallbacks& callbacks) PURE; /** * Reset the stream. No events will fire beyond this point. * @param reason supplies the reset reason. */ virtual void resetStream(StreamResetReason reason) PURE; /** * Enable/disable further data from this stream. * Cessation of data may not be immediate. For example, for HTTP/2 this may stop further flow * control window updates which will result in the peer eventually stopping sending data. * @param disable informs if reads should be disabled (true) or re-enabled (false). * * Note that this function reference counts calls. For example * readDisable(true); // Disables data * readDisable(true); // Notes the stream is blocked by two sources * readDisable(false); // Notes the stream is blocked by one source * readDisable(false); // Marks the stream as unblocked, so resumes reading. */ virtual void readDisable(bool disable) PURE; /** * Return the number of bytes this stream is allowed to buffer, or 0 if there is no limit * configured. * @return uint32_t the stream's configured buffer limits. */ virtual uint32_t bufferLimit() PURE; /** * @return string_view optionally return the reason behind codec level errors. * * This information is communicated via direct accessor rather than passed with the * CodecProtocolException so that the error can be associated only with the problematic stream and * not associated with every stream on the connection. */ virtual absl::string_view responseDetails() { return ""; } /** * @return const Address::InstanceConstSharedPtr& the local address of the connection associated * with the stream. */ virtual const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() PURE; /** * Set the flush timeout for the stream. At the codec level this is used to bound the amount of * time the codec will wait to flush body data pending open stream window. It does *not* count * small window updates as satisfying the idle timeout as this is a potential DoS vector. */ virtual void setFlushTimeout(std::chrono::milliseconds timeout) PURE; }; /** * Connection level callbacks. */ class ConnectionCallbacks { public: virtual ~ConnectionCallbacks() = default; /** * Fires when the remote indicates "go away." No new streams should be created. */ virtual void onGoAway(GoAwayErrorCode error_code) PURE; }; /** * HTTP/1.* Codec settings */ struct Http1Settings { // Enable codec to parse absolute URIs. This enables forward/explicit proxy support for non TLS // traffic bool allow_absolute_url_{false}; // Allow HTTP/1.0 from downstream. bool accept_http_10_{false}; // Set a default host if no Host: header is present for HTTP/1.0 requests.` std::string default_host_for_http_10_; // Encode trailers in Http. By default the HTTP/1 codec drops proxied trailers. // Note that this only happens when Envoy is chunk encoding which occurs when: // - The request is HTTP/1.1 // - Is neither a HEAD only request nor a HTTP Upgrade // - Not a HEAD request bool enable_trailers_{false}; // Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding` // headers set. By default such messages are rejected, but if option is enabled - Envoy will // remove Content-Length header and process message. bool allow_chunked_length_{false}; enum class HeaderKeyFormat { // By default no formatting is performed, presenting all headers in lowercase (as Envoy // internals normalize everything to lowercase.) Default, // Performs proper casing of header keys: the first and all alpha characters following a // non-alphanumeric character is capitalized. ProperCase, }; // How header keys should be formatted when serializing HTTP/1.1 headers. HeaderKeyFormat header_key_format_{HeaderKeyFormat::Default}; // Behaviour on invalid HTTP messaging: // - if true, the HTTP/1.1 connection is left open (where possible) // - if false, the HTTP/1.1 connection is terminated bool stream_error_on_invalid_http_message_{false}; }; /** * A connection (client or server) that owns multiple streams. */ class Connection { public: virtual ~Connection() = default; /** * Dispatch incoming connection data. * @param data supplies the data to dispatch. The codec will drain as many bytes as it processes. * @return Status indicating the status of the codec. Holds any errors encountered while * processing the incoming data. */ virtual Status dispatch(Buffer::Instance& data) PURE; /** * Indicate "go away" to the remote. No new streams can be created beyond this point. */ virtual void goAway() PURE; /** * @return the protocol backing the connection. This can change if for example an HTTP/1.1 * connection gets an HTTP/1.0 request on it. */ virtual Protocol protocol() PURE; /** * Indicate a "shutdown notice" to the remote. This is a hint that the remote should not send * any new streams, but if streams do arrive that will not be reset. */ virtual void shutdownNotice() PURE; /** * @return bool whether the codec has data that it wants to write but cannot due to protocol * reasons (e.g, needing window updates). */ virtual bool wantsToWrite() PURE; /** * Called when the underlying Network::Connection goes over its high watermark. */ virtual void onUnderlyingConnectionAboveWriteBufferHighWatermark() PURE; /** * Called when the underlying Network::Connection goes from over its high watermark to under its * low watermark. */ virtual void onUnderlyingConnectionBelowWriteBufferLowWatermark() PURE; }; /** * Callbacks for downstream connection watermark limits. */ class DownstreamWatermarkCallbacks { public: virtual ~DownstreamWatermarkCallbacks() = default; /** * Called when the downstream connection or stream goes over its high watermark. Note that this * may be called separately for both the stream going over and the connection going over. It * is the responsibility of the DownstreamWatermarkCallbacks implementation to handle unwinding * multiple high and low watermark calls. */ virtual void onAboveWriteBufferHighWatermark() PURE; /** * Called when the downstream connection or stream goes from over its high watermark to under its * low watermark. As with onAboveWriteBufferHighWatermark above, this may be called independently * when both the stream and the connection go under the low watermark limit, and the callee must * ensure that the flow of data does not resume until all callers which were above their high * watermarks have gone below. */ virtual void onBelowWriteBufferLowWatermark() PURE; }; /** * Callbacks for server connections. */ class ServerConnectionCallbacks : public virtual ConnectionCallbacks { public: /** * Invoked when a new request stream is initiated by the remote. * @param response_encoder supplies the encoder to use for creating the response. The request and * response are backed by the same Stream object. * @param is_internally_created indicates if this stream was originated by a * client, or was created by Envoy, by example as part of an internal redirect. * @return RequestDecoder& supplies the decoder callbacks to fire into for stream decoding * events. */ virtual RequestDecoder& newStream(ResponseEncoder& response_encoder, bool is_internally_created = false) PURE; }; /** * A server side HTTP connection. */ class ServerConnection : public virtual Connection {}; using ServerConnectionPtr = std::unique_ptr; /** * A client side HTTP connection. */ class ClientConnection : public virtual Connection { public: /** * Create a new outgoing request stream. * @param response_decoder supplies the decoder callbacks to fire response events into. * @return RequestEncoder& supplies the encoder to write the request into. */ virtual RequestEncoder& newStream(ResponseDecoder& response_decoder) PURE; }; using ClientConnectionPtr = std::unique_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/codes.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/stats/symbol_table.h" namespace Envoy { namespace Http { /** * HTTP response codes. * http://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml */ enum class Code { // clang-format off Continue = 100, SwitchingProtocols = 101, OK = 200, Created = 201, Accepted = 202, NonAuthoritativeInformation = 203, NoContent = 204, ResetContent = 205, PartialContent = 206, MultiStatus = 207, AlreadyReported = 208, IMUsed = 226, MultipleChoices = 300, MovedPermanently = 301, Found = 302, SeeOther = 303, NotModified = 304, UseProxy = 305, TemporaryRedirect = 307, PermanentRedirect = 308, BadRequest = 400, Unauthorized = 401, PaymentRequired = 402, Forbidden = 403, NotFound = 404, MethodNotAllowed = 405, NotAcceptable = 406, ProxyAuthenticationRequired = 407, RequestTimeout = 408, Conflict = 409, Gone = 410, LengthRequired = 411, PreconditionFailed = 412, PayloadTooLarge = 413, URITooLong = 414, UnsupportedMediaType = 415, RangeNotSatisfiable = 416, ExpectationFailed = 417, MisdirectedRequest = 421, UnprocessableEntity = 422, Locked = 423, FailedDependency = 424, UpgradeRequired = 426, PreconditionRequired = 428, TooManyRequests = 429, RequestHeaderFieldsTooLarge = 431, InternalServerError = 500, NotImplemented = 501, BadGateway = 502, ServiceUnavailable = 503, GatewayTimeout = 504, HTTPVersionNotSupported = 505, VariantAlsoNegotiates = 506, InsufficientStorage = 507, LoopDetected = 508, NotExtended = 510, NetworkAuthenticationRequired = 511 // clang-format on }; /** * Manages updating of statistics for HTTP Status Codes. Sets up string-tokens * for fast combining of tokens based on scope, status-code buckets (2xx, * 4xx...), and exact status code. */ class CodeStats { public: virtual ~CodeStats() = default; struct ResponseStatInfo; struct ResponseTimingInfo; /** * Charge a simple response stat to an upstream. */ virtual void chargeBasicResponseStat(Stats::Scope& scope, Stats::StatName prefix, Code response_code) const PURE; /** * Charge a response stat to both agg counters (*xx) as well as code specific counters. This * routine also looks for the x-envoy-upstream-canary header and if it is set, also charges * canary stats. */ virtual void chargeResponseStat(const ResponseStatInfo& info) const PURE; /** * Charge a response timing to the various dynamic stat postfixes. */ virtual void chargeResponseTiming(const ResponseTimingInfo& info) const PURE; }; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/conn_pool.h ================================================ #pragma once #include #include #include "envoy/common/conn_pool.h" #include "envoy/common/pure.h" #include "envoy/event/deferred_deletable.h" #include "envoy/http/codec.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Http { namespace ConnectionPool { using PoolFailureReason = ::Envoy::ConnectionPool::PoolFailureReason; using Cancellable = ::Envoy::ConnectionPool::Cancellable; /** * Pool callbacks invoked in the context of a newStream() call, either synchronously or * asynchronously. */ class Callbacks { public: virtual ~Callbacks() = default; /** * Called when a pool error occurred and no connection could be acquired for making the request. * @param reason supplies the failure reason. * @param transport_failure_reason supplies the details of the transport failure reason. * @param host supplies the description of the host that caused the failure. This may be nullptr * if no host was involved in the failure (for example overflow). */ virtual void onPoolFailure(PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) PURE; /** * Called when a connection is available to process a request/response. * @param encoder supplies the request encoder to use. * @param host supplies the description of the host that will carry the request. For logical * connection pools the description may be different each time this is called. * @param info supplies the stream info object associated with the upstream connection. */ virtual void onPoolReady(RequestEncoder& encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info) PURE; }; /** * An instance of a generic connection pool. */ class Instance : public Envoy::ConnectionPool::Instance, public Event::DeferredDeletable { public: ~Instance() override = default; /** * @return Http::Protocol Reports the protocol in use by this connection pool. */ virtual Http::Protocol protocol() const PURE; /** * Determines whether the connection pool is actively processing any requests. * @return true if the connection pool has any pending requests or any active requests. */ virtual bool hasActiveConnections() const PURE; /** * Create a new stream on the pool. * @param response_decoder supplies the decoder events to fire when the response is * available. * @param cb supplies the callbacks to invoke when the connection is ready or has failed. The * callbacks may be invoked immediately within the context of this call if there is a * ready connection or an immediate failure. In this case, the routine returns nullptr. * @return Cancellable* If no connection is ready, the callback is not invoked, and a handle * is returned that can be used to cancel the request. Otherwise, one of the * callbacks is called and the routine returns nullptr. NOTE: Once a callback * is called, the handle is no longer valid and any further cancellation * should be done by resetting the stream. * @warning Do not call cancel() from the callbacks, as the request is implicitly canceled when * the callbacks are called. */ virtual Cancellable* newStream(Http::ResponseDecoder& response_decoder, Callbacks& callbacks) PURE; }; using InstancePtr = std::unique_ptr; } // namespace ConnectionPool } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/context.h ================================================ #pragma once #include #include "envoy/config/trace/v3/http_tracer.pb.h" #include "envoy/http/codes.h" namespace Envoy { namespace Http { struct UserAgentContext; /** * Captures http-related structures with cardinality of one per server. */ class Context { public: virtual ~Context() = default; /** * Get the default tracing configuration, i.e. one from the bootstrap config. * * Once deprecation window for the tracer provider configuration in the bootstrap config is over, * this method will no longer be necessary. * * @return Tracing. */ virtual const envoy::config::trace::v3::Tracing& defaultTracingConfig() PURE; virtual CodeStats& codeStats() PURE; virtual const UserAgentContext& userAgentContext() const PURE; }; using ContextPtr = std::unique_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/filter.h ================================================ #pragma once #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/scope_tracker.h" #include "envoy/event/dispatcher.h" #include "envoy/grpc/status.h" #include "envoy/http/codec.h" #include "envoy/http/header_map.h" #include "envoy/router/router.h" #include "envoy/ssl/connection.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/upstream.h" #include "absl/types/optional.h" namespace Envoy { namespace Http { /** * Return codes for encode/decode headers filter invocations. The connection manager bases further * filter invocations on the return code of the previous filter. */ enum class FilterHeadersStatus { // Continue filter chain iteration. Continue, // Do not iterate to any of the remaining filters in the chain. Returning // FilterDataStatus::Continue from decodeData()/encodeData() or calling // continueDecoding()/continueEncoding() MUST be called if continued filter iteration is desired. StopIteration, // Continue headers iteration to remaining filters, but ignore any subsequent data or trailers. // This results in creating a header only request/response. // This status MUST NOT be returned by decodeHeaders() when end_stream is set to true. ContinueAndEndStream, // Continue headers iteration to remaining filters, but delay ending the stream. This status MUST // NOT be returned when end_stream is already set to false. // // Used when a filter wants to add a body to a headers-only request/response, but this body is not // readily available. Delaying end_stream allows the filter to add the body once it's available // without stopping headers iteration. // // The filter is responsible to continue the stream by providing a body through calling // injectDecodedDataToFilterChain()/injectEncodedDataToFilterChain(), possibly multiple times // if the body needs to be divided into several chunks. The filter may need to handle // watermark events when injecting a body, see: // https://github.com/envoyproxy/envoy/blob/master/source/docs/flow_control.md. // // The last call to inject data MUST have end_stream set to true to conclude the stream. // If the filter cannot provide a body the stream should be reset. // // Adding a body through calling addDecodedData()/addEncodedData() then // continueDecoding()/continueEncoding() is currently NOT supported and causes an assert failure. // // Adding trailers in this scenario is currently NOT supported. // // The filter MUST NOT attempt to continue the stream without providing a body using // continueDecoding()/continueEncoding(). // // TODO(yosrym93): Support adding a body in this case by calling addDecodedData()/addEncodedData() // then continueDecoding()/continueEncoding(). To support this a new FilterManager::IterationState // needs to be added and set when a filter returns this status in // FilterManager::decodeHeaders/FilterManager::encodeHeaders() // Currently, when a filter returns this, the IterationState is Continue. This causes ASSERTs in // FilterManager::commonContinue() to fail when continueDecoding()/continueEncoding() is called; // due to trying to continue iteration when the IterationState is already Continue. // In this case, a different ASSERT will be needed to make sure the filter does not try to // continue without adding a body first. // // TODO(yosrym93): Support adding trailers in this case by implementing new functions to inject // trailers, similar to the inject data functions. ContinueAndDontEndStream, // Do not iterate for headers as well as data and trailers for the current filter and the filters // following, and buffer body data for later dispatching. ContinueDecoding() MUST // be called if continued filter iteration is desired. // // Used when a filter wants to stop iteration on data and trailers while waiting for headers' // iteration to resume. // // If buffering the request causes buffered data to exceed the configured buffer limit, a 413 will // be sent to the user. On the response path exceeding buffer limits will result in a 500. // // TODO(soya3129): stop metadata parsing when StopAllIterationAndBuffer is set. StopAllIterationAndBuffer, // Do not iterate for headers as well as data and trailers for the current filter and the filters // following, and buffer body data for later dispatching. continueDecoding() MUST // be called if continued filter iteration is desired. // // Used when a filter wants to stop iteration on data and trailers while waiting for headers' // iteration to resume. // // This will cause the flow of incoming data to cease until continueDecoding() function is called. // // TODO(soya3129): stop metadata parsing when StopAllIterationAndWatermark is set. StopAllIterationAndWatermark, }; /** * Return codes for encode/decode data filter invocations. The connection manager bases further * filter invocations on the return code of the previous filter. */ enum class FilterDataStatus { // Continue filter chain iteration. If headers have not yet been sent to the next filter, they // will be sent first via decodeHeaders()/encodeHeaders(). If data has previously been buffered, // the data in this callback will be added to the buffer before the entirety is sent to the next // filter. Continue, // Do not iterate to any of the remaining filters in the chain, and buffer body data for later // dispatching. Returning FilterDataStatus::Continue from decodeData()/encodeData() or calling // continueDecoding()/continueEncoding() MUST be called if continued filter iteration is desired. // // This should be called by filters which must parse a larger block of the incoming data before // continuing processing and so can not push back on streaming data via watermarks. // // If buffering the request causes buffered data to exceed the configured buffer limit, a 413 will // be sent to the user. On the response path exceeding buffer limits will result in a 500. StopIterationAndBuffer, // Do not iterate to any of the remaining filters in the chain, and buffer body data for later // dispatching. Returning FilterDataStatus::Continue from decodeData()/encodeData() or calling // continueDecoding()/continueEncoding() MUST be called if continued filter iteration is desired. // // This will cause the flow of incoming data to cease until one of the continue.*() functions is // called. // // This should be returned by filters which can nominally stream data but have a transient back-up // such as the configured delay of the fault filter, or if the router filter is still fetching an // upstream connection. StopIterationAndWatermark, // Do not iterate to any of the remaining filters in the chain, but do not buffer any of the // body data for later dispatching. Returning FilterDataStatus::Continue from // decodeData()/encodeData() or calling continueDecoding()/continueEncoding() MUST be called if // continued filter iteration is desired. StopIterationNoBuffer }; /** * Return codes for encode/decode trailers filter invocations. The connection manager bases further * filter invocations on the return code of the previous filter. */ enum class FilterTrailersStatus { // Continue filter chain iteration. Continue, // Do not iterate to any of the remaining filters in the chain. Calling // continueDecoding()/continueEncoding() MUST be called if continued filter iteration is desired. StopIteration }; /** * Return codes for encode metadata filter invocations. Metadata currently can not stop filter * iteration. */ enum class FilterMetadataStatus { // Continue filter chain iteration. Continue, }; /** * The stream filter callbacks are passed to all filters to use for writing response data and * interacting with the underlying stream in general. */ class StreamFilterCallbacks { public: virtual ~StreamFilterCallbacks() = default; /** * @return const Network::Connection* the originating connection, or nullptr if there is none. */ virtual const Network::Connection* connection() PURE; /** * @return Event::Dispatcher& the thread local dispatcher for allocating timers, etc. */ virtual Event::Dispatcher& dispatcher() PURE; /** * Reset the underlying stream. */ virtual void resetStream() PURE; /** * Returns the route for the current request. The assumption is that the implementation can do * caching where applicable to avoid multiple lookups. If a filter has modified the headers in * a way that affects routing, clearRouteCache() must be called to clear the cache. * * NOTE: In the future we want to split route() into 2 methods, one that just * returns current route and another that actually resolve the route. */ virtual Router::RouteConstSharedPtr route() PURE; /** * Invokes callback with a matched route, callback can choose to accept this route by returning * Router::RouteMatchStatus::Accept or continue route match from last matched route by returning * Router::RouteMatchStatus::Continue, if there are more routes available. * * Returns route accepted by the callback or nullptr if no match found or none of route is * accepted by the callback. * * NOTE: clearRouteCache() must be called before invoking this method otherwise cached route will * be returned directly to the caller and the callback will not be invoked. * * Currently a route callback's decision is overridden by clearRouteCache() / route() call in the * subsequent filters. We may want to persist callbacks so they always participate in later route * resolution or make it an independent entity like filters that gets called on route resolution. */ virtual Router::RouteConstSharedPtr route(const Router::RouteCallback& cb) PURE; /** * Returns the clusterInfo for the cached route. * This method is to avoid multiple look ups in the filter chain, it also provides a consistent * view of clusterInfo after a route is picked/repicked. * NOTE: Cached clusterInfo and route will be updated the same time. */ virtual Upstream::ClusterInfoConstSharedPtr clusterInfo() PURE; /** * Clears the route cache for the current request. This must be called when a filter has modified * the headers in a way that would affect routing. */ virtual void clearRouteCache() PURE; /** * @return uint64_t the ID of the originating stream for logging purposes. */ virtual uint64_t streamId() const PURE; /** * @return streamInfo for logging purposes. Individual filter may add specific information to be * put into the access log. */ virtual StreamInfo::StreamInfo& streamInfo() PURE; /** * @return span context used for tracing purposes. Individual filters may add or modify * information in the span context. */ virtual Tracing::Span& activeSpan() PURE; /** * @return tracing configuration. */ virtual const Tracing::Config& tracingConfig() PURE; /** * @return the ScopeTrackedObject for this stream. */ virtual const ScopeTrackedObject& scope() PURE; }; /** * RouteConfigUpdatedCallback is used to notify an OnDemandRouteUpdate filter about completion of a * RouteConfig update. The filter (and the associated ActiveStream) where the original on-demand * request was originated can be destroyed before a response to an on-demand update request is * received and updates are propagated. To handle this: * * OnDemandRouteUpdate filter instance holds a RouteConfigUpdatedCallbackSharedPtr to a callback. * Envoy::Router::RdsRouteConfigProviderImpl holds a weak pointer to the RouteConfigUpdatedCallback * above in an Envoy::Router::UpdateOnDemandCallback struct * * In RdsRouteConfigProviderImpl::onConfigUpdate(), before invoking the callback, a check is made to * verify if the callback is still available. */ using RouteConfigUpdatedCallback = std::function; using RouteConfigUpdatedCallbackSharedPtr = std::shared_ptr; /** * Stream decoder filter callbacks add additional callbacks that allow a decoding filter to restart * decoding if they decide to hold data (e.g. for buffering or rate limiting). */ class StreamDecoderFilterCallbacks : public virtual StreamFilterCallbacks { public: /** * Continue iterating through the filter chain with buffered headers and body data. This routine * can only be called if the filter has previously returned StopIteration from decodeHeaders() * AND one of StopIterationAndBuffer, StopIterationAndWatermark, or StopIterationNoBuffer * from each previous call to decodeData(). * * The connection manager will dispatch headers and any buffered body data to the * next filter in the chain. Further note that if the request is not complete, this filter will * still receive decodeData() calls and must return an appropriate status code depending on what * the filter needs to do. */ virtual void continueDecoding() PURE; /** * @return const Buffer::Instance* the currently buffered data as buffered by this filter or * previous ones in the filter chain. May be nullptr if nothing has been buffered yet. */ virtual const Buffer::Instance* decodingBuffer() PURE; /** * Allows modifying the decoding buffer. May only be called before any data has been continued * past the calling filter. */ virtual void modifyDecodingBuffer(std::function callback) PURE; /** * Add buffered body data. This method is used in advanced cases where returning * StopIterationAndBuffer from decodeData() is not sufficient. * * 1) If a headers only request needs to be turned into a request with a body, this method can * be called to add body in the decodeHeaders() callback. Subsequent filters will receive * decodeHeaders(..., false) followed by decodeData(..., true). This works both in the direct * iteration as well as the continuation case. * * 2) If a filter is going to look at all buffered data from within a data callback with end * stream set, this method can be called to immediately buffer the data. This avoids having * to deal with the existing buffered data and the data from the current callback. * * 3) If additional buffered body data needs to be added by a filter before continuation of data * to further filters (outside of callback context). * * 4) If additional data needs to be added in the decodeTrailers() callback, this method can be * called in the context of the callback. All further filters will receive decodeData(..., false) * followed by decodeTrailers(). However if the iteration is stopped, the added data will * buffered, so that the further filters will not receive decodeData() before decodeHeaders(). * * It is an error to call this method in any other case. * * See also injectDecodedDataToFilterChain() for a different way of passing data to further * filters and also how the two methods are different. * * @param data Buffer::Instance supplies the data to be decoded. * @param streaming_filter boolean supplies if this filter streams data or buffers the full body. */ virtual void addDecodedData(Buffer::Instance& data, bool streaming_filter) PURE; /** * Decode data directly to subsequent filters in the filter chain. This method is used in * advanced cases in which a filter needs full control over how subsequent filters view data, * and does not want to make use of HTTP connection manager buffering. Using this method allows * a filter to buffer data (or not) and then periodically inject data to subsequent filters, * indicating end_stream at an appropriate time. This can be used to implement rate limiting, * periodic data emission, etc. * * This method should only be called outside of callback context. I.e., do not call this method * from within a filter's decodeData() call. * * When using this callback, filters should generally only return * FilterDataStatus::StopIterationNoBuffer from their decodeData() call, since use of this method * indicates that a filter does not wish to participate in standard HTTP connection manager * buffering and continuation and will perform any necessary buffering and continuation on its * own. * * This callback is different from addDecodedData() in that the specified data and end_stream * status will be propagated directly to further filters in the filter chain. This is different * from addDecodedData() where data is added to the HTTP connection manager's buffered data with * the assumption that standard HTTP connection manager buffering and continuation are being used. */ virtual void injectDecodedDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE; /** * Adds decoded trailers. May only be called in decodeData when end_stream is set to true. * If called in any other context, an assertion will be triggered. * * When called in decodeData, the trailers map will be initialized to an empty map and returned by * reference. Calling this function more than once is invalid. * * @return a reference to the newly created trailers map. */ virtual RequestTrailerMap& addDecodedTrailers() PURE; /** * Attempts to create a locally generated response using the provided response_code and body_text * parameters. If the request was a gRPC request the local reply will be encoded as a gRPC * response with a 200 HTTP response code and grpc-status and grpc-message headers mapped from the * provided parameters. * * If a response has already started (e.g. if the router calls sendSendLocalReply after encoding * headers) this will either ship the reply directly to the downstream codec, or reset the stream. * * @param response_code supplies the HTTP response code. * @param body_text supplies the optional body text which is sent using the text/plain content * type, or encoded in the grpc-message header. * @param modify_headers supplies an optional callback function that can modify the * response headers. * @param grpc_status the gRPC status code to override the httpToGrpcStatus mapping with. * @param details a string detailing why this local reply was sent. */ virtual void sendLocalReply(Code response_code, absl::string_view body_text, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) PURE; /** * Adds decoded metadata. This function can only be called in * StreamDecoderFilter::decodeHeaders/Data/Trailers(). Do not call in * StreamDecoderFilter::decodeMetadata(). * * @return a reference to metadata map vector, where new metadata map can be added. */ virtual MetadataMapVector& addDecodedMetadata() PURE; /** * Called with 100-Continue headers to be encoded. * * This is not folded into encodeHeaders because most Envoy users and filters will not be proxying * 100-continue and with it split out, can ignore the complexity of multiple encodeHeaders calls. * * This must not be invoked more than once per request. * * @param headers supplies the headers to be encoded. */ virtual void encode100ContinueHeaders(ResponseHeaderMapPtr&& headers) PURE; /** * Called with headers to be encoded, optionally indicating end of stream. * * The connection manager inspects certain pseudo headers that are not actually sent downstream. * - See source/common/http/headers.h * * The only 1xx that may be provided to encodeHeaders() is a 101 upgrade, which will be the final * encodeHeaders() for a response. * * @param headers supplies the headers to be encoded. * @param end_stream supplies whether this is a header only request/response. * @param details supplies the details of why this response was sent. */ virtual void encodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream, absl::string_view details) PURE; /** * Called with data to be encoded, optionally indicating end of stream. * @param data supplies the data to be encoded. * @param end_stream supplies whether this is the last data frame. */ virtual void encodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Called with trailers to be encoded. This implicitly ends the stream. * @param trailers supplies the trailers to encode. */ virtual void encodeTrailers(ResponseTrailerMapPtr&& trailers) PURE; /** * Called with metadata to be encoded. * * @param metadata_map supplies the unique_ptr of the metadata to be encoded. */ virtual void encodeMetadata(MetadataMapPtr&& metadata_map) PURE; /** * Called when the buffer for a decoder filter or any buffers the filter sends data to go over * their high watermark. * * In the case of a filter such as the router filter, which spills into multiple buffers (codec, * connection etc.) this may be called multiple times. Any such filter is responsible for calling * the low watermark callbacks an equal number of times as the respective buffers are drained. */ virtual void onDecoderFilterAboveWriteBufferHighWatermark() PURE; /** * Called when a decoder filter or any buffers the filter sends data to go from over its high * watermark to under its low watermark. */ virtual void onDecoderFilterBelowWriteBufferLowWatermark() PURE; /** * This routine can be called by a filter to subscribe to watermark events on the downstream * stream and downstream connection. * * Immediately after subscribing, the filter will get a high watermark callback for each * outstanding backed up buffer. */ virtual void addDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks& callbacks) PURE; /** * This routine can be called by a filter to stop subscribing to watermark events on the * downstream stream and downstream connection. * * It is not safe to call this from under the stack of a DownstreamWatermarkCallbacks callback. */ virtual void removeDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks& callbacks) PURE; /** * This routine may be called to change the buffer limit for decoder filters. * * @param limit supplies the desired buffer limit. */ virtual void setDecoderBufferLimit(uint32_t limit) PURE; /** * This routine returns the current buffer limit for decoder filters. Filters should abide by * this limit or change it via setDecoderBufferLimit. * A buffer limit of 0 bytes indicates no limits are applied. * * @return the buffer limit the filter should apply. */ virtual uint32_t decoderBufferLimit() PURE; // Takes a stream, and acts as if the headers are newly arrived. // On success, this will result in a creating a new filter chain and likely upstream request // associated with the original downstream stream. // On failure, if the preconditions outlined below are not met, the caller is // responsible for handling or terminating the original stream. // // This is currently limited to // - streams which are completely read // - streams which do not have a request body. // // Note that HttpConnectionManager sanitization will *not* be performed on the // recreated stream, as it is assumed that sanitization has already been done. virtual bool recreateStream() PURE; /** * Adds socket options to be applied to any connections used for upstream requests. Note that * unique values for the options will likely lead to many connection pools being created. The * added options are appended to any previously added. * * @param options The options to be added. */ virtual void addUpstreamSocketOptions(const Network::Socket::OptionsSharedPtr& options) PURE; /** * @return The socket options to be applied to the upstream request. */ virtual Network::Socket::OptionsSharedPtr getUpstreamSocketOptions() const PURE; /** * Schedules a request for a RouteConfiguration update from the management server. * @param route_config_updated_cb callback to be called when the configuration update has been * propagated to the worker thread. */ virtual void requestRouteConfigUpdate(RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) PURE; }; /** * Common base class for both decoder and encoder filters. Functions here are related to the * lifecycle of a filter. Currently the life cycle is as follows: * - All filters receive onStreamComplete() * - All log handlers receive log() * - All filters receive onDestroy() * * This means: * - onStreamComplete can be used to make state changes that are intended to appear in the access * logs (like streamInfo().dynamicMetadata() or streamInfo().filterState()). * - onDestroy is used to cleanup all pending filter resources like pending http requests and * timers. */ class StreamFilterBase { public: virtual ~StreamFilterBase() = default; /** * This routine is called before the access log handlers' log() is called. Filters can use this * callback to enrich the data passed in to the log handlers. */ virtual void onStreamComplete() {} /** * This routine is called prior to a filter being destroyed. This may happen after normal stream * finish (both downstream and upstream) or due to reset. Every filter is responsible for making * sure that any async events are cleaned up in the context of this routine. This includes timers, * network calls, etc. The reason there is an onDestroy() method vs. doing this type of cleanup * in the destructor is due to the deferred deletion model that Envoy uses to avoid stack unwind * complications. Filters must not invoke either encoder or decoder filter callbacks after having * onDestroy() invoked. Filters that cross-register as access log handlers receive log() before * onDestroy(). */ virtual void onDestroy() PURE; }; /** * Stream decoder filter interface. */ class StreamDecoderFilter : public StreamFilterBase { public: /** * Called with decoded headers, optionally indicating end of stream. * @param headers supplies the decoded headers map. * @param end_stream supplies whether this is a header only request/response. * @return FilterHeadersStatus determines how filter chain iteration proceeds. */ virtual FilterHeadersStatus decodeHeaders(RequestHeaderMap& headers, bool end_stream) PURE; /** * Called with a decoded data frame. * @param data supplies the decoded data. * @param end_stream supplies whether this is the last data frame. * @return FilterDataStatus determines how filter chain iteration proceeds. */ virtual FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Called with decoded trailers, implicitly ending the stream. * @param trailers supplies the decoded trailers. */ virtual FilterTrailersStatus decodeTrailers(RequestTrailerMap& trailers) PURE; /** * Called with decoded metadata. Add new metadata to metadata_map directly. Do not call * StreamDecoderFilterCallbacks::addDecodedMetadata() to add new metadata. * * Note: decodeMetadata() currently cannot stop the filter iteration, and always returns Continue. * That means metadata will go through the complete filter chain at once, even if the other frame * types return StopIteration. If metadata should not pass through all filters at once, users * should consider using StopAllIterationAndBuffer or StopAllIterationAndWatermark in * decodeHeaders() to prevent metadata passing to the following filters. * * @param metadata_map supplies the decoded metadata. */ virtual FilterMetadataStatus decodeMetadata(MetadataMap& /* metadata_map */) { return Http::FilterMetadataStatus::Continue; } /** * Called by the filter manager once to initialize the filter decoder callbacks that the * filter should use. Callbacks will not be invoked by the filter after onDestroy() is called. */ virtual void setDecoderFilterCallbacks(StreamDecoderFilterCallbacks& callbacks) PURE; /** * Called at the end of the stream, when all data has been decoded. */ virtual void decodeComplete() {} }; using StreamDecoderFilterSharedPtr = std::shared_ptr; /** * Stream encoder filter callbacks add additional callbacks that allow a encoding filter to restart * encoding if they decide to hold data (e.g. for buffering or rate limiting). */ class StreamEncoderFilterCallbacks : public virtual StreamFilterCallbacks { public: /** * Continue iterating through the filter chain with buffered headers and body data. This routine * can only be called if the filter has previously returned StopIteration from encodeHeaders() AND * one of StopIterationAndBuffer, StopIterationAndWatermark, or StopIterationNoBuffer * from each previous call to encodeData(). * * The connection manager will dispatch headers and any buffered body data to the next filter in * the chain. Further note that if the response is not complete, this filter will still receive * encodeData() calls and must return an appropriate status code depending on what the filter * needs to do. */ virtual void continueEncoding() PURE; /** * @return const Buffer::Instance* the currently buffered data as buffered by this filter or * previous ones in the filter chain. May be nullptr if nothing has been buffered yet. */ virtual const Buffer::Instance* encodingBuffer() PURE; /** * Allows modifying the encoding buffer. May only be called before any data has been continued * past the calling filter. */ virtual void modifyEncodingBuffer(std::function callback) PURE; /** * Add buffered body data. This method is used in advanced cases where returning * StopIterationAndBuffer from encodeData() is not sufficient. * * 1) If a headers only response needs to be turned into a response with a body, this method can * be called to add body in the encodeHeaders() callback. Subsequent filters will receive * encodeHeaders(..., false) followed by encodeData(..., true). This works both in the direct * iteration as well as the continuation case. * * 2) If a filter is going to look at all buffered data from within a data callback with end * stream set, this method can be called to immediately buffer the data. This avoids having * to deal with the existing buffered data and the data from the current callback. * * 3) If additional buffered body data needs to be added by a filter before continuation of data * to further filters (outside of callback context). * * 4) If additional data needs to be added in the encodeTrailers() callback, this method can be * called in the context of the callback. All further filters will receive encodeData(..., false) * followed by encodeTrailers(). However if the iteration is stopped, the added data will * buffered, so that the further filters will not receive encodeData() before encodeHeaders(). * * It is an error to call this method in any other case. * * See also injectEncodedDataToFilterChain() for a different way of passing data to further * filters and also how the two methods are different. * * @param data Buffer::Instance supplies the data to be encoded. * @param streaming_filter boolean supplies if this filter streams data or buffers the full body. */ virtual void addEncodedData(Buffer::Instance& data, bool streaming_filter) PURE; /** * Encode data directly to subsequent filters in the filter chain. This method is used in * advanced cases in which a filter needs full control over how subsequent filters view data, * and does not want to make use of HTTP connection manager buffering. Using this method allows * a filter to buffer data (or not) and then periodically inject data to subsequent filters, * indicating end_stream at an appropriate time. This can be used to implement rate limiting, * periodic data emission, etc. * * This method should only be called outside of callback context. I.e., do not call this method * from within a filter's encodeData() call. * * When using this callback, filters should generally only return * FilterDataStatus::StopIterationNoBuffer from their encodeData() call, since use of this method * indicates that a filter does not wish to participate in standard HTTP connection manager * buffering and continuation and will perform any necessary buffering and continuation on its * own. * * This callback is different from addEncodedData() in that the specified data and end_stream * status will be propagated directly to further filters in the filter chain. This is different * from addEncodedData() where data is added to the HTTP connection manager's buffered data with * the assumption that standard HTTP connection manager buffering and continuation are being used. */ virtual void injectEncodedDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE; /** * Adds encoded trailers. May only be called in encodeData when end_stream is set to true. * If called in any other context, an assertion will be triggered. * * When called in encodeData, the trailers map will be initialized to an empty map and returned by * reference. Calling this function more than once is invalid. * * @return a reference to the newly created trailers map. */ virtual ResponseTrailerMap& addEncodedTrailers() PURE; /** * Attempts to create a locally generated response using the provided response_code and body_text * parameters. If the request was a gRPC request the local reply will be encoded as a gRPC * response with a 200 HTTP response code and grpc-status and grpc-message headers mapped from the * provided parameters. * * If a response has already started (e.g. if the router calls sendSendLocalReply after encoding * headers) this will either ship the reply directly to the downstream codec, or reset the stream. * * @param response_code supplies the HTTP response code. * @param body_text supplies the optional body text which is sent using the text/plain content * type, or encoded in the grpc-message header. * @param modify_headers supplies an optional callback function that can modify the * response headers. * @param grpc_status the gRPC status code to override the httpToGrpcStatus mapping with. * @param details a string detailing why this local reply was sent. */ virtual void sendLocalReply(Code response_code, absl::string_view body_text, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) PURE; /** * Adds new metadata to be encoded. * * @param metadata_map supplies the unique_ptr of the metadata to be encoded. */ virtual void addEncodedMetadata(MetadataMapPtr&& metadata_map) PURE; /** * Called when an encoder filter goes over its high watermark. */ virtual void onEncoderFilterAboveWriteBufferHighWatermark() PURE; /** * Called when a encoder filter goes from over its high watermark to under its low watermark. */ virtual void onEncoderFilterBelowWriteBufferLowWatermark() PURE; /** * This routine may be called to change the buffer limit for encoder filters. * * @param limit supplies the desired buffer limit. */ virtual void setEncoderBufferLimit(uint32_t limit) PURE; /** * This routine returns the current buffer limit for encoder filters. Filters should abide by * this limit or change it via setEncoderBufferLimit. * A buffer limit of 0 bytes indicates no limits are applied. * * @return the buffer limit the filter should apply. */ virtual uint32_t encoderBufferLimit() PURE; /** * Return the HTTP/1 stream encoder options if applicable. If the stream is not HTTP/1 returns * absl::nullopt. */ virtual Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() PURE; }; /** * Stream encoder filter interface. */ class StreamEncoderFilter : public StreamFilterBase { public: /** * Called with 100-continue headers. * * This is not folded into encodeHeaders because most Envoy users and filters * will not be proxying 100-continue and with it split out, can ignore the * complexity of multiple encodeHeaders calls. * * This will only be invoked once per request. * * @param headers supplies the 100-continue response headers to be encoded. * @return FilterHeadersStatus determines how filter chain iteration proceeds. * */ virtual FilterHeadersStatus encode100ContinueHeaders(ResponseHeaderMap& headers) PURE; /** * Called with headers to be encoded, optionally indicating end of stream. * * The only 1xx that may be provided to encodeHeaders() is a 101 upgrade, which will be the final * encodeHeaders() for a response. * * @param headers supplies the headers to be encoded. * @param end_stream supplies whether this is a header only request/response. * @return FilterHeadersStatus determines how filter chain iteration proceeds. */ virtual FilterHeadersStatus encodeHeaders(ResponseHeaderMap& headers, bool end_stream) PURE; /** * Called with data to be encoded, optionally indicating end of stream. * @param data supplies the data to be encoded. * @param end_stream supplies whether this is the last data frame. * @return FilterDataStatus determines how filter chain iteration proceeds. */ virtual FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Called with trailers to be encoded, implicitly ending the stream. * @param trailers supplies the trailers to be encoded. */ virtual FilterTrailersStatus encodeTrailers(ResponseTrailerMap& trailers) PURE; /** * Called with metadata to be encoded. New metadata should be added directly to metadata_map. DO * NOT call StreamDecoderFilterCallbacks::encodeMetadata() interface to add new metadata. * * @param metadata_map supplies the metadata to be encoded. * @return FilterMetadataStatus, which currently is always FilterMetadataStatus::Continue; */ virtual FilterMetadataStatus encodeMetadata(MetadataMap& metadata_map) PURE; /** * Called by the filter manager once to initialize the filter callbacks that the filter should * use. Callbacks will not be invoked by the filter after onDestroy() is called. */ virtual void setEncoderFilterCallbacks(StreamEncoderFilterCallbacks& callbacks) PURE; /** * Called at the end of the stream, when all data has been encoded. */ virtual void encodeComplete() {} }; using StreamEncoderFilterSharedPtr = std::shared_ptr; /** * A filter that handles both encoding and decoding. */ class StreamFilter : public virtual StreamDecoderFilter, public virtual StreamEncoderFilter {}; using StreamFilterSharedPtr = std::shared_ptr; /** * These callbacks are provided by the connection manager to the factory so that the factory can * build the filter chain in an application specific way. */ class FilterChainFactoryCallbacks { public: virtual ~FilterChainFactoryCallbacks() = default; /** * Add a decoder filter that is used when reading stream data. * @param filter supplies the filter to add. */ virtual void addStreamDecoderFilter(Http::StreamDecoderFilterSharedPtr filter) PURE; /** * Add an encoder filter that is used when writing stream data. * @param filter supplies the filter to add. */ virtual void addStreamEncoderFilter(Http::StreamEncoderFilterSharedPtr filter) PURE; /** * Add a decoder/encoder filter that is used both when reading and writing stream data. * @param filter supplies the filter to add. */ virtual void addStreamFilter(Http::StreamFilterSharedPtr filter) PURE; /** * Add an access log handler that is called when the stream is destroyed. * @param handler supplies the handler to add. */ virtual void addAccessLogHandler(AccessLog::InstanceSharedPtr handler) PURE; }; /** * This function is used to wrap the creation of an HTTP filter chain for new streams as they * come in. Filter factories create the function at configuration initialization time, and then * they are used at runtime. * @param callbacks supplies the callbacks for the stream to install filters to. Typically the * function will install a single filter, but it's technically possibly to install more than one * if desired. */ using FilterFactoryCb = std::function; /** * A FilterChainFactory is used by a connection manager to create an HTTP level filter chain when a * new stream is created on the connection (either locally or remotely). Typically it would be * implemented by a configuration engine that would install a set of filters that are able to * process an application scenario on top of a stream. */ class FilterChainFactory { public: virtual ~FilterChainFactory() = default; /** * Called when a new HTTP stream is created on the connection. * @param callbacks supplies the "sink" that is used for actually creating the filter chain. @see * FilterChainFactoryCallbacks. */ virtual void createFilterChain(FilterChainFactoryCallbacks& callbacks) PURE; /** * Called when a new upgrade stream is created on the connection. * @param upgrade supplies the upgrade header from downstream * @param per_route_upgrade_map supplies the upgrade map, if any, for this route. * @param callbacks supplies the "sink" that is used for actually creating the filter chain. @see * FilterChainFactoryCallbacks. * @return true if upgrades of this type are allowed and the filter chain has been created. * returns false if this upgrade type is not configured, and no filter chain is created. */ using UpgradeMap = std::map; virtual bool createUpgradeFilterChain(absl::string_view upgrade, const UpgradeMap* per_route_upgrade_map, FilterChainFactoryCallbacks& callbacks) PURE; }; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/hash_policy.h ================================================ #pragma once #include "envoy/http/header_map.h" #include "envoy/network/address.h" #include "envoy/stream_info/filter_state.h" #include "absl/types/optional.h" namespace Envoy { namespace Http { class Hashable { public: virtual absl::optional hash() const PURE; virtual ~Hashable() = default; }; /** * Request hash policy. I.e., if using a hashing load balancer, how a request should be hashed onto * an upstream host. */ class HashPolicy { public: virtual ~HashPolicy() = default; /** * A callback used for requesting that a cookie be set with the given lifetime. * @param key the name of the cookie to be set * @param path the path of the cookie, or the empty string if no path should be set. * @param ttl the lifetime of the cookie * @return std::string the opaque value of the cookie that will be set */ using AddCookieCallback = std::function; /** * @param downstream_address is the address of the connected client host, or nullptr if the * request is initiated from within this host * @param headers stores the HTTP headers for the stream * @param add_cookie is called to add a set-cookie header on the reply sent to the downstream * host * @return absl::optional an optional hash value to route on. A hash value might not be * returned if for example the specified HTTP header does not exist. */ virtual absl::optional generateHash(const Network::Address::Instance* downstream_address, const RequestHeaderMap& headers, AddCookieCallback add_cookie, const StreamInfo::FilterStateSharedPtr filter_state) const PURE; }; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/header_map.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/common/pure.h" #include "common/common/assert.h" #include "common/common/hash.h" #include "common/common/macros.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Http { // Used by ASSERTs to validate internal consistency. E.g. valid HTTP header keys/values should // never contain embedded NULLs. static inline bool validHeaderString(absl::string_view s) { // If you modify this list of illegal embedded characters you will probably // want to change header_map_fuzz_impl_test at the same time. for (const char c : s) { switch (c) { case '\0': FALLTHRU; case '\r': FALLTHRU; case '\n': return false; default: continue; } } return true; } /** * Wrapper for a lower case string used in header operations to generally avoid needless case * insensitive compares. */ class LowerCaseString { public: LowerCaseString(LowerCaseString&& rhs) noexcept : string_(std::move(rhs.string_)) { ASSERT(valid()); } LowerCaseString(const LowerCaseString& rhs) : string_(rhs.string_) { ASSERT(valid()); } explicit LowerCaseString(const std::string& new_string) : string_(new_string) { ASSERT(valid()); lower(); } const std::string& get() const { return string_; } bool operator==(const LowerCaseString& rhs) const { return string_ == rhs.string_; } bool operator!=(const LowerCaseString& rhs) const { return string_ != rhs.string_; } bool operator<(const LowerCaseString& rhs) const { return string_.compare(rhs.string_) < 0; } private: void lower() { std::transform(string_.begin(), string_.end(), string_.begin(), absl::ascii_tolower); } bool valid() const { return validHeaderString(string_); } std::string string_; }; /** * Convenient type for a vector of lower case string and string pair. */ using LowerCaseStrPairVector = std::vector>; /** * Convenient type for an inline vector that will be used by HeaderString. */ using InlineHeaderVector = absl::InlinedVector; /** * Convenient type for the underlying type of HeaderString that allows a variant * between string_view and the InlinedVector. */ using VariantHeader = absl::variant; /** * This is a string implementation for use in header processing. It is heavily optimized for * performance. It supports 2 different types of storage and can switch between them: * 1) A reference. * 2) An InlinedVector (an optimized interned string for small strings, but allows heap * allocation if needed). */ class HeaderString { public: /** * Default constructor. Sets up for inline storage. */ HeaderString(); /** * Constructor for a string reference. * @param ref_value MUST point to data that will live beyond the lifetime of any request/response * using the string (since a codec may optimize for zero copy). */ explicit HeaderString(const LowerCaseString& ref_value); /** * Constructor for a string reference. * @param ref_value MUST point to data that will live beyond the lifetime of any request/response * using the string (since a codec may optimize for zero copy). */ explicit HeaderString(absl::string_view ref_value); HeaderString(HeaderString&& move_value) noexcept; ~HeaderString() = default; /** * Append data to an existing string. If the string is a reference string the reference data is * not copied. */ void append(const char* data, uint32_t size); /** * Transforms the inlined vector data using the given UnaryOperation (conforms * to std::transform). * @param unary_op the operations to be performed on each of the elements. */ template void inlineTransform(UnaryOperation&& unary_op) { ASSERT(type() == Type::Inline); std::transform(absl::get(buffer_).begin(), absl::get(buffer_).end(), absl::get(buffer_).begin(), unary_op); } /** * Trim trailing whitespaces from the HeaderString. Only supported by the "Inline" HeaderString * representation. */ void rtrim(); /** * Get an absl::string_view. It will NOT be NUL terminated! * * @return an absl::string_view. */ absl::string_view getStringView() const; /** * Return the string to a default state. Reference strings are not touched. Both inline/dynamic * strings are reset to zero size. */ void clear(); /** * @return whether the string is empty or not. */ bool empty() const { return size() == 0; } // Looking for find? Use getStringView().find() /** * Set the value of the string by copying data into it. This overwrites any existing string. */ void setCopy(const char* data, uint32_t size); /** * Set the value of the string by copying data into it. This overwrites any existing string. */ void setCopy(absl::string_view view); /** * Set the value of the string to an integer. This overwrites any existing string. */ void setInteger(uint64_t value); /** * Set the value of the string to a string reference. * @param ref_value MUST point to data that will live beyond the lifetime of any request/response * using the string (since a codec may optimize for zero copy). */ void setReference(absl::string_view ref_value); /** * @return whether the string is a reference or an InlinedVector. */ bool isReference() const { return type() == Type::Reference; } /** * @return the size of the string, not including the null terminator. */ uint32_t size() const; bool operator==(const char* rhs) const { return getStringView() == absl::NullSafeStringView(rhs); } bool operator==(absl::string_view rhs) const { return getStringView() == rhs; } bool operator!=(const char* rhs) const { return getStringView() != absl::NullSafeStringView(rhs); } bool operator!=(absl::string_view rhs) const { return getStringView() != rhs; } private: enum class Type { Reference, Inline }; VariantHeader buffer_; bool valid() const; /** * @return the type of backing storage for the string. */ Type type() const; }; /** * Encapsulates an individual header entry (including both key and value). */ class HeaderEntry { public: virtual ~HeaderEntry() = default; /** * @return the header key. */ virtual const HeaderString& key() const PURE; /** * Set the header value by copying data into it. */ virtual void value(absl::string_view value) PURE; /** * Set the header value by copying an integer into it. */ virtual void value(uint64_t value) PURE; /** * Set the header value by copying the value in another header entry. */ virtual void value(const HeaderEntry& header) PURE; /** * @return the header value. */ virtual const HeaderString& value() const PURE; /** * @return the header value. */ virtual HeaderString& value() PURE; private: void value(const char*); // Do not allow auto conversion to std::string }; /** * The following defines all default request headers that Envoy allows direct access to inside of * the header map. In practice, these are all headers used during normal Envoy request flow * processing. This allows O(1) access to these headers without even a hash lookup. */ #define INLINE_REQ_HEADERS(HEADER_FUNC) \ HEADER_FUNC(ClientTraceId) \ HEADER_FUNC(EnvoyDownstreamServiceCluster) \ HEADER_FUNC(EnvoyDownstreamServiceNode) \ HEADER_FUNC(EnvoyExpectedRequestTimeoutMs) \ HEADER_FUNC(EnvoyExternalAddress) \ HEADER_FUNC(EnvoyForceTrace) \ HEADER_FUNC(EnvoyHedgeOnPerTryTimeout) \ HEADER_FUNC(EnvoyInternalRequest) \ HEADER_FUNC(EnvoyIpTags) \ HEADER_FUNC(EnvoyMaxRetries) \ HEADER_FUNC(EnvoyRetryOn) \ HEADER_FUNC(EnvoyRetryGrpcOn) \ HEADER_FUNC(EnvoyRetriableStatusCodes) \ HEADER_FUNC(EnvoyRetriableHeaderNames) \ HEADER_FUNC(EnvoyOriginalPath) \ HEADER_FUNC(EnvoyOriginalUrl) \ HEADER_FUNC(EnvoyUpstreamAltStatName) \ HEADER_FUNC(EnvoyUpstreamRequestPerTryTimeoutMs) \ HEADER_FUNC(EnvoyUpstreamRequestTimeoutAltResponse) \ HEADER_FUNC(EnvoyUpstreamRequestTimeoutMs) \ HEADER_FUNC(Expect) \ HEADER_FUNC(ForwardedClientCert) \ HEADER_FUNC(ForwardedFor) \ HEADER_FUNC(ForwardedProto) \ HEADER_FUNC(GrpcTimeout) \ HEADER_FUNC(Host) \ HEADER_FUNC(Method) \ HEADER_FUNC(Path) \ HEADER_FUNC(Protocol) \ HEADER_FUNC(Scheme) \ HEADER_FUNC(TE) \ HEADER_FUNC(UserAgent) /** * Default O(1) response headers. */ #define INLINE_RESP_HEADERS(HEADER_FUNC) \ HEADER_FUNC(Date) \ HEADER_FUNC(EnvoyDegraded) \ HEADER_FUNC(EnvoyImmediateHealthCheckFail) \ HEADER_FUNC(EnvoyRateLimited) \ HEADER_FUNC(EnvoyUpstreamCanary) \ HEADER_FUNC(EnvoyUpstreamHealthCheckedCluster) \ HEADER_FUNC(EnvoyUpstreamServiceTime) \ HEADER_FUNC(Location) \ HEADER_FUNC(Server) \ HEADER_FUNC(Status) /** * Default O(1) request and response headers. */ #define INLINE_REQ_RESP_HEADERS(HEADER_FUNC) \ HEADER_FUNC(Connection) \ HEADER_FUNC(ContentLength) \ HEADER_FUNC(ContentType) \ HEADER_FUNC(EnvoyAttemptCount) \ HEADER_FUNC(EnvoyDecoratorOperation) \ HEADER_FUNC(KeepAlive) \ HEADER_FUNC(ProxyConnection) \ HEADER_FUNC(RequestId) \ HEADER_FUNC(TransferEncoding) \ HEADER_FUNC(Upgrade) \ HEADER_FUNC(Via) /** * Default O(1) response headers and trailers. */ #define INLINE_RESP_HEADERS_TRAILERS(HEADER_FUNC) \ HEADER_FUNC(GrpcMessage) \ HEADER_FUNC(GrpcStatus) /** * The following functions are defined for each inline header above. * E.g., for path we have: * Path() -> returns the header entry if it exists or nullptr. * appendPath(path, "/") -> appends the string path with delimiter "/" to the header value. * setReferencePath(PATH) -> sets header value to reference string PATH. * setPath(path_string) -> sets the header value to the string path_string by copying the data. * removePath() -> removes the header if it exists. * * For inline headers that use integers, we have: * setContentLength(5) -> sets the header value to the integer 5. * * TODO(asraa): Remove the integer set for inline headers that do not take integer values. */ #define DEFINE_INLINE_HEADER(name) \ virtual const HeaderEntry* name() const PURE; \ virtual void append##name(absl::string_view data, absl::string_view delimiter) PURE; \ virtual void setReference##name(absl::string_view value) PURE; \ virtual void set##name(absl::string_view value) PURE; \ virtual void set##name(uint64_t value) PURE; \ virtual size_t remove##name() PURE; \ virtual absl::string_view get##name##Value() const PURE; /** * Wraps a set of HTTP headers. */ class HeaderMap { public: virtual ~HeaderMap() = default; /** * For testing. This is an exact match comparison (order matters). */ virtual bool operator==(const HeaderMap& rhs) const PURE; virtual bool operator!=(const HeaderMap& rhs) const PURE; /** * Add a header via full move. This is the expected high performance paths for codecs populating * a map when receiving. * @param key supplies the header key. * @param value supplies the header value. */ virtual void addViaMove(HeaderString&& key, HeaderString&& value) PURE; /** * Add a reference header to the map. Both key and value MUST point to data that will live beyond * the lifetime of any request/response using the string (since a codec may optimize for zero * copy). The key will not be copied and a best effort will be made not to * copy the value (but this may happen when comma concatenating, see below). * * Calling addReference multiple times for the same header will result in: * - Comma concatenation for predefined inline headers. * - Multiple headers being present in the HeaderMap for other headers. * * @param key specifies the name of the header to add; it WILL NOT be copied. * @param value specifies the value of the header to add; it WILL NOT be copied. */ virtual void addReference(const LowerCaseString& key, absl::string_view value) PURE; /** * Add a header with a reference key to the map. The key MUST point to data that will live beyond * the lifetime of any request/response using the string (since a codec may optimize for zero * copy). The value will be copied. * * Calling addReference multiple times for the same header will result in: * - Comma concatenation for predefined inline headers. * - Multiple headers being present in the HeaderMap for other headers. * * @param key specifies the name of the header to add; it WILL NOT be copied. * @param value specifies the value of the header to add; it WILL be copied. */ virtual void addReferenceKey(const LowerCaseString& key, uint64_t value) PURE; /** * Add a header with a reference key to the map. The key MUST point to point to data that will * live beyond the lifetime of any request/response using the string (since a codec may optimize * for zero copy). The value will be copied. * * Calling addReference multiple times for the same header will result in: * - Comma concatenation for predefined inline headers. * - Multiple headers being present in the HeaderMap for other headers. * * @param key specifies the name of the header to add; it WILL NOT be copied. * @param value specifies the value of the header to add; it WILL be copied. */ virtual void addReferenceKey(const LowerCaseString& key, absl::string_view value) PURE; /** * Add a header by copying both the header key and the value. * * Calling addCopy multiple times for the same header will result in: * - Comma concatenation for predefined inline headers. * - Multiple headers being present in the HeaderMap for other headers. * * @param key specifies the name of the header to add; it WILL be copied. * @param value specifies the value of the header to add; it WILL be copied. */ virtual void addCopy(const LowerCaseString& key, uint64_t value) PURE; /** * Add a header by copying both the header key and the value. * * Calling addCopy multiple times for the same header will result in: * - Comma concatenation for predefined inline headers. * - Multiple headers being present in the HeaderMap for other headers. * * @param key specifies the name of the header to add; it WILL be copied. * @param value specifies the value of the header to add; it WILL be copied. */ virtual void addCopy(const LowerCaseString& key, absl::string_view value) PURE; /** * Appends data to header. If header already has a value, the string "," is added between the * existing value and data. * * @param key specifies the name of the header to append; it WILL be copied. * @param value specifies the value of the header to add; it WILL be copied. * * Caution: This iterates over the HeaderMap to find the header to append. This will modify only * the first occurrence of the header. * TODO(asraa): Investigate whether necessary to append to all headers with the key. */ virtual void appendCopy(const LowerCaseString& key, absl::string_view value) PURE; /** * Set a reference header in the map. Both key and value MUST point to data that will live beyond * the lifetime of any request/response using the string (since a codec may optimize for zero * copy). Nothing will be copied. * * Calling setReference multiple times for the same header will result in only the last header * being present in the HeaderMap. * * @param key specifies the name of the header to set; it WILL NOT be copied. * @param value specifies the value of the header to set; it WILL NOT be copied. */ virtual void setReference(const LowerCaseString& key, absl::string_view value) PURE; /** * Set a header with a reference key in the map. The key MUST point to point to data that will * live beyond the lifetime of any request/response using the string (since a codec may optimize * for zero copy). The value will be copied. * * Calling setReferenceKey multiple times for the same header will result in only the last header * being present in the HeaderMap. * * @param key specifies the name of the header to set; it WILL NOT be copied. * @param value specifies the value of the header to set; it WILL be copied. */ virtual void setReferenceKey(const LowerCaseString& key, absl::string_view value) PURE; /** * Replaces a header value by copying the value. Copies the key if the key does not exist. * * Calling setCopy multiple times for the same header will result in only the last header * being present in the HeaderMap. * * @param key specifies the name of the header to set; it WILL be copied. * @param value specifies the value of the header to set; it WILL be copied. * * Caution: This iterates over the HeaderMap to find the header to set. This will modify only the * first occurrence of the header. * TODO(asraa): Investigate whether necessary to set all headers with the key. */ virtual void setCopy(const LowerCaseString& key, absl::string_view value) PURE; /** * @return uint64_t the size of the header map in bytes. This is the sum of the header keys and * values and does not account for data structure overhead. */ virtual uint64_t byteSize() const PURE; /** * Get a header by key. * @param key supplies the header key. * @return the header entry if it exists otherwise nullptr. */ virtual const HeaderEntry* get(const LowerCaseString& key) const PURE; /** * This is a wrapper for the return result from getAll(). It avoids a copy when translating from * non-const HeaderEntry to const HeaderEntry and only provides const access to the result. */ using NonConstGetResult = absl::InlinedVector; class GetResult { public: GetResult() = default; explicit GetResult(NonConstGetResult&& result) : result_(std::move(result)) {} void operator=(GetResult&& rhs) noexcept { result_ = std::move(rhs.result_); } bool empty() const { return result_.empty(); } size_t size() const { return result_.size(); } const HeaderEntry* operator[](size_t i) const { return result_[i]; } private: NonConstGetResult result_; }; /** * Get a header by key. * @param key supplies the header key. * @return all header entries matching the key. */ virtual GetResult getAll(const LowerCaseString& key) const PURE; // aliases to make iterate() and iterateReverse() callbacks easier to read enum class Iterate { Continue, Break }; /** * Callback when calling iterate() over a const header map. * @param header supplies the header entry. * @return Iterate::Continue to continue iteration, or Iterate::Break to stop; */ using ConstIterateCb = std::function; /** * Iterate over a constant header map. * @param cb supplies the iteration callback. */ virtual void iterate(ConstIterateCb cb) const PURE; /** * Iterate over a constant header map in reverse order. * @param cb supplies the iteration callback. */ virtual void iterateReverse(ConstIterateCb cb) const PURE; /** * Clears the headers in the map. */ virtual void clear() PURE; /** * Remove all instances of a header by key. * @param key supplies the header key to remove. * @return the number of headers removed. */ virtual size_t remove(const LowerCaseString& key) PURE; /** * Remove all instances of headers where the header matches the predicate. * @param predicate supplies the predicate to match headers against. * @return the number of headers removed. */ using HeaderMatchPredicate = std::function; virtual size_t removeIf(const HeaderMatchPredicate& predicate) PURE; /** * Remove all instances of headers where the key begins with the supplied prefix. * @param prefix supplies the prefix to match header keys against. * @return the number of headers removed. */ virtual size_t removePrefix(const LowerCaseString& prefix) PURE; /** * @return the number of headers in the map. */ virtual size_t size() const PURE; /** * @return true if the map is empty, false otherwise. */ virtual bool empty() const PURE; /** * Dump the header map to the ostream specified * * @param os the stream to dump state to * @param indent_level the depth, for pretty-printing. * * This function is called on Envoy fatal errors so should avoid memory allocation where possible. */ virtual void dumpState(std::ostream& os, int indent_level = 0) const PURE; /** * Allow easy pretty-printing of the key/value pairs in HeaderMap * @param os supplies the ostream to print to. * @param headers the headers to print. */ friend std::ostream& operator<<(std::ostream& os, const HeaderMap& headers) { headers.dumpState(os); return os; } }; using HeaderMapPtr = std::unique_ptr; /** * Registry for custom headers. Headers can be registered multiple times in independent * compilation units and will still point to the same slot. Headers are registered independently * for each concrete header map type and do not overlap. Handles are strongly typed and do not * allow mixing. */ class CustomInlineHeaderRegistry { public: enum class Type { RequestHeaders, RequestTrailers, ResponseHeaders, ResponseTrailers }; using RegistrationMap = std::map; // A "phantom" type is used here to force the compiler to verify that handles are not mixed // between concrete header map types. template struct Handle { Handle(RegistrationMap::const_iterator it) : it_(it) {} bool operator==(const Handle& rhs) const { return it_ == rhs.it_; } RegistrationMap::const_iterator it_; }; /** * Register an inline header and return a handle for use in inline header calls. Must be called * prior to finalize(). */ template static Handle registerInlineHeader(const LowerCaseString& header_name) { static size_t inline_header_index = 0; ASSERT(!mutableFinalized()); auto& map = mutableRegistrationMap(); auto entry = map.find(header_name); if (entry == map.end()) { map[header_name] = inline_header_index++; } return Handle(map.find(header_name)); } /** * Fetch the handle for a registered inline header. May only be called after finalized(). */ template static absl::optional> getInlineHeader(const LowerCaseString& header_name) { ASSERT(mutableFinalized()); auto& map = mutableRegistrationMap(); auto entry = map.find(header_name); if (entry != map.end()) { return Handle(entry); } return absl::nullopt; } /** * Fetch all registered headers. May only be called after finalized(). */ template static const RegistrationMap& headers() { ASSERT(mutableFinalized()); return mutableRegistrationMap(); } /** * Finalize the custom header registrations. No further changes are allowed after this point. * This guaranteed that all header maps created by the process have the same variable size and * custom registrations. */ template static void finalize() { ASSERT(!mutableFinalized()); mutableFinalized() = true; } private: template static RegistrationMap& mutableRegistrationMap() { MUTABLE_CONSTRUCT_ON_FIRST_USE(RegistrationMap); } template static bool& mutableFinalized() { MUTABLE_CONSTRUCT_ON_FIRST_USE(bool); } }; /** * Static initializer to register a custom header in a compilation unit. This can be used by * extensions to register custom headers. */ template class RegisterCustomInlineHeader { public: RegisterCustomInlineHeader(const LowerCaseString& header) : handle_(CustomInlineHeaderRegistry::registerInlineHeader(header)) {} typename CustomInlineHeaderRegistry::Handle handle() { return handle_; } private: const typename CustomInlineHeaderRegistry::Handle handle_; }; /** * The following functions allow O(1) access for custom inline headers. */ template class CustomInlineHeaderBase { public: virtual ~CustomInlineHeaderBase() = default; static constexpr CustomInlineHeaderRegistry::Type header_map_type = type; using Handle = CustomInlineHeaderRegistry::Handle; virtual const HeaderEntry* getInline(Handle handle) const PURE; virtual void appendInline(Handle handle, absl::string_view data, absl::string_view delimiter) PURE; virtual void setReferenceInline(Handle, absl::string_view value) PURE; virtual void setInline(Handle, absl::string_view value) PURE; virtual void setInline(Handle, uint64_t value) PURE; virtual size_t removeInline(Handle handle) PURE; absl::string_view getInlineValue(Handle handle) const { const auto header = getInline(handle); if (header != nullptr) { return header->value().getStringView(); } return {}; } }; /** * Typed derived classes for all header map types. */ // Base class for both request and response headers. class RequestOrResponseHeaderMap : public HeaderMap { public: INLINE_REQ_RESP_HEADERS(DEFINE_INLINE_HEADER) }; // Request headers. class RequestHeaderMap : public RequestOrResponseHeaderMap, public CustomInlineHeaderBase { public: INLINE_REQ_HEADERS(DEFINE_INLINE_HEADER) }; using RequestHeaderMapPtr = std::unique_ptr; using RequestHeaderMapOptRef = absl::optional>; // Request trailers. class RequestTrailerMap : public HeaderMap, public CustomInlineHeaderBase {}; using RequestTrailerMapPtr = std::unique_ptr; using RequestTrailerMapOptRef = absl::optional>; // Base class for both response headers and trailers. class ResponseHeaderOrTrailerMap { public: virtual ~ResponseHeaderOrTrailerMap() = default; INLINE_RESP_HEADERS_TRAILERS(DEFINE_INLINE_HEADER) }; // Response headers. class ResponseHeaderMap : public RequestOrResponseHeaderMap, public ResponseHeaderOrTrailerMap, public CustomInlineHeaderBase { public: INLINE_RESP_HEADERS(DEFINE_INLINE_HEADER) }; using ResponseHeaderMapPtr = std::unique_ptr; using ResponseHeaderMapOptRef = absl::optional>; // Response trailers. class ResponseTrailerMap : public ResponseHeaderOrTrailerMap, public HeaderMap, public CustomInlineHeaderBase {}; using ResponseTrailerMapPtr = std::unique_ptr; using ResponseTrailerMapOptRef = absl::optional>; /** * Convenient container type for storing Http::LowerCaseString and std::string key/value pairs. */ using HeaderVector = std::vector>; /** * An interface to be implemented by header matchers. */ class HeaderMatcher { public: virtual ~HeaderMatcher() = default; /** * Check whether header matcher matches any headers in a given HeaderMap. */ virtual bool matchesHeaders(const HeaderMap& headers) const PURE; }; using HeaderMatcherSharedPtr = std::shared_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/message.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Http { /** * Wraps an HTTP message including its headers, body, and any trailers. */ template class Message { public: virtual ~Message() = default; /** * @return HeaderType& the message headers. */ virtual HeaderType& headers() PURE; /** * @return Buffer::Instance the message body, if any. Callers are free to modify the body. */ virtual Buffer::Instance& body() PURE; /** * @return TrailerType* the message trailers, if any. */ virtual TrailerType* trailers() PURE; /** * Set the trailers. * @param trailers supplies the new trailers. */ virtual void trailers(std::unique_ptr&& trailers) PURE; /** * @return std::string the message body as a std::string. */ virtual std::string bodyAsString() const PURE; }; using RequestMessage = Message; using RequestMessagePtr = std::unique_ptr; using ResponseMessage = Message; using ResponseMessagePtr = std::unique_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/metadata_interface.h ================================================ #pragma once #include #include #include #include #include "absl/container/node_hash_map.h" namespace Envoy { namespace Http { /** * Please refer to #2394 for more info about Envoy METADATA. * Envoy metadata docs can be found at source/docs/h2_metadata.md. */ constexpr uint8_t METADATA_FRAME_TYPE = 0x4d; constexpr uint8_t END_METADATA_FLAG = 0x4; // NGHTTP2_MAX_PAYLOADLEN in nghttp2. // TODO(soya3129): Respect max_frame_size after nghttp2 #1250 is resolved. constexpr uint64_t METADATA_MAX_PAYLOAD_SIZE = 16384; using UnorderedStringMap = absl::node_hash_map; class MetadataMap : public UnorderedStringMap { public: using UnorderedStringMap::UnorderedStringMap; friend std::ostream& operator<<(std::ostream& out, const MetadataMap& metadata_map) { out << "metadata map:"; for (const auto& metadata : metadata_map) { out << "\nkey: " << metadata.first << ", value: " << metadata.second << std::endl; } return out; } }; using MetadataMapPtr = std::unique_ptr; using VectorMetadataMapPtr = std::vector; class MetadataMapVector : public VectorMetadataMapPtr { public: using VectorMetadataMapPtr::VectorMetadataMapPtr; friend std::ostream& operator<<(std::ostream& out, const MetadataMapVector& metadata_map_vector) { out << "metadata_map_vector:\n"; for (const auto& metadata_map : metadata_map_vector) { out << *metadata_map; } return out; } }; using MetadataCallback = std::function; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/protocol.h ================================================ #pragma once #include namespace Envoy { namespace Http { /** * Possible HTTP connection/request protocols. The parallel NumProtocols constant allows defining * fixed arrays for each protocol, but does not pollute the enum. */ enum class Protocol { Http10, Http11, Http2, Http3 }; const size_t NumProtocols = 4; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/query_params.h ================================================ #pragma once #include #include namespace Envoy { namespace Http { namespace Utility { // TODO(jmarantz): this should probably be a proper class, with methods to serialize // using proper formatting. Perhaps similar to // https://github.com/apache/incubator-pagespeed-mod/blob/master/pagespeed/kernel/http/query_params.h using QueryParams = std::map; } // namespace Utility } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/http/request_id_extension.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Http { enum class TraceStatus { NoTrace, Sampled, Client, Forced }; /** * Abstract request id utilities for getting/setting the request IDs and tracing status of requests */ class RequestIDExtension { public: virtual ~RequestIDExtension() = default; /** * Directly set a request ID into the provided request headers. Override any previous request ID * if any. * @param request_headers supplies the incoming request headers for setting a request ID. * @param force specifies if a new request ID should be forcefully set if one is already present. */ virtual void set(Http::RequestHeaderMap& request_headers, bool force) PURE; /** * Preserve request ID in response headers if any is set in the request headers. * @param response_headers supplies the downstream response headers for setting the request ID. * @param request_headers supplies the incoming request headers for retrieving the request ID. */ virtual void setInResponse(Http::ResponseHeaderMap& response_headers, const Http::RequestHeaderMap& request_headers) PURE; /** * Perform a mod operation across the request id within a request and store the result in the * provided output variable. This is used to perform sampling and validate the request ID. * @param request_headers supplies the incoming request headers for retrieving the request ID. * @param out reference to a variable where we store the result of the mod operation. * @param mod integer to mod the request ID by. * @return true if request ID is valid and out is populated by the result. */ virtual bool modBy(const Http::RequestHeaderMap& request_headers, uint64_t& out, uint64_t mod) PURE; /** * Get the current tracing status of a request given its headers. * @param request_headers supplies the incoming request headers for retrieving the request ID. * @return trace status of the request based on the given headers. */ virtual TraceStatus getTraceStatus(const Http::RequestHeaderMap& request_headers) PURE; /** * Set the tracing status of a request. * @param request_headers supplies the incoming request headers for setting the trace status. * @param status the trace status that should be set for this request. */ virtual void setTraceStatus(Http::RequestHeaderMap& request_headers, TraceStatus status) PURE; }; using RequestIDExtensionSharedPtr = std::shared_ptr; } // namespace Http } // namespace Envoy ================================================ FILE: include/envoy/init/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "watcher_interface", hdrs = ["watcher.h"], ) envoy_cc_library( name = "target_interface", hdrs = ["target.h"], deps = [ ":watcher_interface", ], ) envoy_cc_library( name = "manager_interface", hdrs = ["manager.h"], deps = [ ":target_interface", ":watcher_interface", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/init/manager.h ================================================ #pragma once #include "envoy/admin/v3/init_dump.pb.h" #include "envoy/common/pure.h" #include "envoy/init/target.h" #include "envoy/init/watcher.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Init { /** * Init::Manager coordinates initialization of one or more "targets." A typical flow would be: * * - One or more initialization targets are registered with a manager using `add`. * - The manager is told to `initialize` all its targets, given a Watcher to notify when all * registered targets are initialized. * - Each target will initialize, either immediately or asynchronously, and will signal * `ready` to the manager when initialized. * - When all targets are initialized, the manager signals `ready` to the watcher it was given * previously. * * Since there are several entities involved in this flow -- the owner of the manager, the targets * registered with the manager, and the manager itself -- it may be difficult or impossible in some * cases to guarantee that their lifetimes line up correctly to avoid use-after-free errors. The * interface design here in Init allows implementations to avoid the issue: * * - A Target can only be initialized via a TargetHandle, which acts as a weak reference. * Attempting to initialize a destroyed Target via its handle has no ill effects. * - Likewise, a Watcher can only be notified that initialization was complete via a * WatcherHandle, which acts as a weak reference as well. * * See target.h and watcher.h, as well as implementation in source/common/init for details. */ struct Manager { virtual ~Manager() = default; /** * The manager's state, used e.g. for reporting in the admin server. */ enum class State { /** * Targets have not been initialized. */ Uninitialized, /** * Targets are currently being initialized. */ Initializing, /** * All targets have been initialized. */ Initialized }; /** * @return the current state of the manager. */ virtual State state() const PURE; /** * Register an initialization target. If the manager's current state is uninitialized, the target * will be saved for invocation later, when `initialize` is called. If the current state is * initializing, the target will be invoked immediately. It is an error to register a target with * a manager that is already in initialized state. * @param target the target to be invoked when initialization begins. */ virtual void add(const Target& target) PURE; /** * Start initialization of all previously registered targets, and notify the given Watcher when * initialization is complete. It is an error to call initialize on a manager that is already in * initializing or initialized state. If the manager contains no targets, initialization completes * immediately. * @param watcher the watcher to notify when initialization is complete. */ virtual void initialize(const Watcher& watcher) PURE; /** * @return the unready targets of the manager. */ virtual const absl::flat_hash_map& unreadyTargets() const PURE; /** * Add unready targets information into the config dump. */ virtual void dumpUnreadyTargets(envoy::admin::v3::UnreadyTargetsDumps& dumps) PURE; }; } // namespace Init } // namespace Envoy ================================================ FILE: include/envoy/init/target.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/init/watcher.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Init { /** * A TargetHandle functions as a weak reference to a Target. It is how an implementation of * Init::Manager would safely tell a target to `initialize` with no guarantees about the * target's lifetime. Typical usage (outside of Init::ManagerImpl) does not require touching * TargetHandles at all. */ struct TargetHandle { virtual ~TargetHandle() = default; /** * Tell the target to begin initialization, if it is still available. * @param watcher A Watcher for the target to notify when it has initialized. * @return true if the target received this call, false if the target was already destroyed. */ virtual bool initialize(const Watcher& watcher) const PURE; /** * @return a human-readable target name, for logging / debugging / tracking target names. * The target name has to be unique. */ virtual absl::string_view name() const PURE; }; using TargetHandlePtr = std::unique_ptr; /** * An initialization Target is an entity that can be registered with a Manager for initialization. * It can only be invoked through a TargetHandle. */ struct Target { virtual ~Target() = default; /** * @return a human-readable target name, for logging / debugging. */ virtual absl::string_view name() const PURE; /** * Create a new handle that can initialize this target. * @param name a human readable handle name, for logging / debugging. * @return a new handle that can initialize this target. */ virtual TargetHandlePtr createHandle(absl::string_view name) const PURE; }; } // namespace Init } // namespace Envoy ================================================ FILE: include/envoy/init/watcher.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Init { /** * A WatcherHandle functions as a weak reference to a Watcher. It is how an implementation of * Init::Target would safely notify a Manager that it has initialized, and likewise it's how * an implementation of Init::Manager would safely tell its client that all registered targets * have initialized, with no guarantees about the lifetimes of the manager or client. Typical usage * (outside of Init::TargetImpl and ManagerImpl) does not require touching WatcherHandles at * all. */ struct WatcherHandle { virtual ~WatcherHandle() = default; /** * Tell the watcher that initialization has completed, if it is still available. * @return true if the watcher received this call, false if the watcher was already destroyed. */ virtual bool ready() const PURE; }; using WatcherHandlePtr = std::unique_ptr; /** * A Watcher is an entity that listens for notifications that either an initialization target or * all targets registered with a manager have initialized. It can only be invoked through a * WatcherHandle. */ struct Watcher { virtual ~Watcher() = default; /** * @return a human-readable target name, for logging / debugging. */ virtual absl::string_view name() const PURE; /** * Create a new handle that can notify this watcher. * @param name a human readable handle name, for logging / debugging. * @return a new handle that can notify this watcher. */ virtual WatcherHandlePtr createHandle(absl::string_view name) const PURE; }; } // namespace Init } // namespace Envoy ================================================ FILE: include/envoy/json/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "json_object_interface", hdrs = ["json_object.h"], ) ================================================ FILE: include/envoy/json/json_object.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" namespace Envoy { namespace Json { class Object; using ObjectSharedPtr = std::shared_ptr; // @return false if immediate exit from iteration required. using ObjectCallback = std::function; /** * Exception thrown when a JSON error occurs. */ class Exception : public EnvoyException { public: Exception(const std::string& message) : EnvoyException(message) {} }; /** * Wraps an individual JSON node. */ class Object { public: virtual ~Object() = default; /** * Convert a generic object into an array of objects. This is useful for dealing * with arrays of arrays. * @return std::vector the converted object. */ virtual std::vector asObjectArray() const PURE; /** * Get a boolean value by name. * @param name supplies the key name. * @return bool the value. */ virtual bool getBoolean(const std::string& name) const PURE; /** * Get a boolean value by name. * @param name supplies the key name. * @param default_value supplies the value to return if the name does not exist. * @return bool the value. */ virtual bool getBoolean(const std::string& name, bool default_value) const PURE; /** * Get an integer value by name. * @param name supplies the key name. * @return int64_t the value. */ virtual int64_t getInteger(const std::string& name) const PURE; /** * Get an integer value by name or return a default if name does not exist. * @param name supplies the key name. * @param default_value supplies the value to return if name does not exist. * @return int64_t the value. */ virtual int64_t getInteger(const std::string& name, int64_t default_value) const PURE; /** * Get a sub-object by name. * @param name supplies the key name. * @param allow_empty supplies whether to return an empty object if the key does not * exist. * @return ObjectObjectSharedPtr the sub-object. */ virtual ObjectSharedPtr getObject(const std::string& name, bool allow_empty = false) const PURE; /** * Determine if an object is null. * @return bool is the object null? */ virtual bool isNull() const PURE; /** * Determine if an object has type Object. * @return bool is the object an Object? */ virtual bool isObject() const PURE; /** * Determine if an object has type Array. * @return bool is the object an Array? */ virtual bool isArray() const PURE; /** * Get an array by name. * @param name supplies the key name. * @param allow_empty specifies whether to return an empty array if the key does not exist. * @return std::vector the array of JSON objects. */ virtual std::vector getObjectArray(const std::string& name, bool allow_empty = false) const PURE; /** * Get a string value by name. * @param name supplies the key name. * @return std::string the value. */ virtual std::string getString(const std::string& name) const PURE; /** * Get a string value by name or return a default if name does not exist. * @param name supplies the key name. * @param default_value supplies the value to return if name does not exist. * @return std::string the value. */ virtual std::string getString(const std::string& name, const std::string& default_value) const PURE; /** * Get a string array by name. * @param name supplies the key name. * @param allow_empty specifies whether to return an empty array if the key does not exist. * @return std::vector the array of strings. */ virtual std::vector getStringArray(const std::string& name, bool allow_empty = false) const PURE; /** * Get a double value by name. * @param name supplies the key name. * @return double the value. */ virtual double getDouble(const std::string& name) const PURE; /** * Get a double value by name. * @param name supplies the key name. * @param default_value supplies the value to return if name does not exist. * @return double the value. */ virtual double getDouble(const std::string& name, double default_value) const PURE; /** * @return a hash of the JSON object. * Per RFC 7159: * An object is an unordered collection of zero or more name/value * pairs, where a name is a string and a value is a string, number, * boolean, null, object, or array. * Objects with fields in different orders are equivalent and produce the same hash. * It does not consider white space that was originally in the parsed JSON. */ virtual uint64_t hash() const PURE; /** * Iterate over key-value pairs in an Object and call callback on each pair. */ virtual void iterate(const ObjectCallback& callback) const PURE; /** * @return TRUE if the Object contains the key. * @param name supplies the key name to lookup. */ virtual bool hasObject(const std::string& name) const PURE; /** * Validates JSON object against passed in schema. * @param schema supplies the schema in string format. A Json::Exception will be thrown if * the JSON object doesn't conform to the supplied schema or the schema itself is not * valid. */ virtual void validateSchema(const std::string& schema) const PURE; /** * @return the value of the object as a string (where the object is a string). */ virtual std::string asString() const PURE; /** * @return the value of the object as a boolean (where the object is a boolean). */ virtual bool asBoolean() const PURE; /** * @return the value of the object as a double (where the object is a double). */ virtual double asDouble() const PURE; /** * @return the value of the object as an integer (where the object is an integer). */ virtual int64_t asInteger() const PURE; /** * @return the JSON string representation of the object. */ virtual std::string asJsonString() const PURE; /** * @return true if the JSON object is empty; */ virtual bool empty() const PURE; }; } // namespace Json } // namespace Envoy ================================================ FILE: include/envoy/local_info/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "local_info_interface", hdrs = ["local_info.h"], deps = [ "//include/envoy/network:address_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/local_info/local_info.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" namespace Envoy { namespace LocalInfo { /** * Information about the local environment. */ class LocalInfo { public: virtual ~LocalInfo() = default; /** * @return the local (non-loopback) address of the server. */ virtual Network::Address::InstanceConstSharedPtr address() const PURE; /** * @return the human readable zone name. E.g., "us-east-1a". */ virtual const std::string& zoneName() const PURE; /** * @return the human readable cluster name. E.g., "eta". */ virtual const std::string& clusterName() const PURE; /** * @return the human readable individual node name. E.g., "i-123456". */ virtual const std::string& nodeName() const PURE; /** * @return the full node identity presented to management servers. */ virtual const envoy::config::core::v3::Node& node() const PURE; }; using LocalInfoPtr = std::unique_ptr; } // namespace LocalInfo } // namespace Envoy ================================================ FILE: include/envoy/network/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "address_interface", hdrs = ["address.h"], deps = [ "//include/envoy/api:os_sys_calls_interface", ], ) envoy_cc_library( name = "connection_interface", hdrs = ["connection.h"], external_deps = ["abseil_int128"], deps = [ ":address_interface", ":filter_interface", ":listen_socket_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/ssl:connection_interface", "//include/envoy/stream_info:stream_info_interface", ], ) envoy_cc_library( name = "connection_handler_interface", hdrs = ["connection_handler.h"], deps = [ ":listen_socket_interface", ":listener_interface", "//include/envoy/ssl:context_interface", ], ) envoy_cc_library( name = "udp_packet_writer_handler_interface", hdrs = ["udp_packet_writer_handler.h"], deps = [ ":address_interface", ":io_handle_interface", ":socket_interface", "//include/envoy/api:io_error_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", ], ) envoy_cc_library( name = "dns_interface", hdrs = ["dns.h"], deps = ["//include/envoy/network:address_interface"], ) envoy_cc_library( name = "drain_decision_interface", hdrs = ["drain_decision.h"], ) envoy_cc_library( name = "exception_interface", hdrs = ["exception.h"], ) envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], deps = [ ":listen_socket_interface", ":transport_socket_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/upstream:host_description_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "hash_policy_interface", hdrs = ["hash_policy.h"], external_deps = ["abseil_optional"], deps = [ ":address_interface", ], ) envoy_cc_library( name = "io_handle_interface", hdrs = ["io_handle.h"], external_deps = ["abseil_optional"], deps = [ ":address_interface", "//include/envoy/api:io_error_interface", "//include/envoy/api:os_sys_calls_interface", "//include/envoy/event:file_event_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "socket_interface", hdrs = ["socket.h"], deps = [ ":address_interface", ":io_handle_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "socket_interface_interface", hdrs = ["socket_interface.h"], deps = [ ":socket_interface", "//include/envoy/config:typed_config_interface", ], ) envoy_cc_library( name = "listen_socket_interface", hdrs = ["listen_socket.h"], deps = [ ":io_handle_interface", ":socket_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "transport_socket_interface", hdrs = ["transport_socket.h"], deps = [ ":io_handle_interface", ":post_io_action_interface", ":proxy_protocol_options_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/ssl:connection_interface", ], ) envoy_cc_library( name = "post_io_action_interface", hdrs = ["post_io_action.h"], deps = [], ) envoy_cc_library( name = "connection_balancer_interface", hdrs = ["connection_balancer.h"], deps = [ ":listen_socket_interface", ], ) envoy_cc_library( name = "listener_interface", hdrs = ["listener.h"], deps = [ ":connection_balancer_interface", ":connection_interface", ":listen_socket_interface", ":udp_packet_writer_handler_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/common:resource_interface", "//include/envoy/init:manager_interface", "//include/envoy/stats:stats_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "resolver_interface", hdrs = ["resolver.h"], deps = [ ":address_interface", "//include/envoy/config:typed_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "udp_packet_writer_config_interface", hdrs = ["udp_packet_writer_config.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/network:udp_packet_writer_handler_interface", ], ) envoy_cc_library( name = "proxy_protocol_options_lib", hdrs = ["proxy_protocol.h"], deps = [ ":address_interface", ], ) ================================================ FILE: include/envoy/network/address.h ================================================ #pragma once #include #include #include #include #include #include "envoy/api/os_sys_calls.h" #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "absl/numeric/int128.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Network { /* Forward declaration */ class SocketInterface; namespace Address { /** * Interface for an Ipv4 address. */ class Ipv4 { public: virtual ~Ipv4() = default; /** * @return the 32-bit IPv4 address in network byte order. */ virtual uint32_t address() const PURE; }; /** * Interface for an Ipv6 address. */ class Ipv6 { public: virtual ~Ipv6() = default; /** * @return the absl::uint128 IPv6 address in network byte order. */ virtual absl::uint128 address() const PURE; /** * @return true if address is Ipv6 and Ipv4 compatibility is disabled, false otherwise */ virtual bool v6only() const PURE; }; enum class IpVersion { v4, v6 }; // NOLINT(readability-identifier-naming) /** * Interface for a generic IP address. */ class Ip { public: virtual ~Ip() = default; /** * @return the address as a string. E.g., "1.2.3.4" for an IPv4 address. */ virtual const std::string& addressAsString() const PURE; /** * @return whether this address is wild card, i.e., '0.0.0.0'. */ virtual bool isAnyAddress() const PURE; /** * @return whether this address is a valid unicast address, i.e., not an wild card, broadcast, or * multicast address. */ virtual bool isUnicastAddress() const PURE; /** * @return Ipv4 address data IFF version() == IpVersion::v4, otherwise nullptr. */ virtual const Ipv4* ipv4() const PURE; /** * @return Ipv6 address data IFF version() == IpVersion::v6, otherwise nullptr. */ virtual const Ipv6* ipv6() const PURE; /** * @return the port associated with the address. Port may be zero if not specified, not * determinable before socket creation, or not applicable. * The port is in host byte order. */ virtual uint32_t port() const PURE; /** * @return the version of IP address. */ virtual IpVersion version() const PURE; }; /** * Interface for a generic Pipe address. */ class Pipe { public: virtual ~Pipe() = default; /** * @return abstract namespace flag. */ virtual bool abstractNamespace() const PURE; /** * @return pipe mode. */ virtual mode_t mode() const PURE; }; /** * Interface for a generic internal address. */ class EnvoyInternalAddress { public: virtual ~EnvoyInternalAddress() = default; /** * @return The unique id of the internal address. If the address represents the destination * internal listener, the address id is that listener name. */ virtual const std::string& addressId() const PURE; }; enum class Type { Ip, Pipe, EnvoyInternal }; /** * Interface for all network addresses. */ class Instance { public: virtual ~Instance() = default; virtual bool operator==(const Instance& rhs) const PURE; bool operator!=(const Instance& rhs) const { return !operator==(rhs); } /** * @return a human readable string for the address that represents the * physical/resolved address. (This will not necessarily include port * information, if applicable, since that may not be resolved until bind()). * * This string will be compatible with the following example formats: * For IPv4 addresses: "1.2.3.4:80" * For IPv6 addresses: "[1234:5678::9]:443" * For pipe addresses: "/foo" */ virtual const std::string& asString() const PURE; /** * @return Similar to asString but returns a string view. */ virtual absl::string_view asStringView() const PURE; /** * @return a human readable string for the address that represents the * logical/unresolved name. * * This string has a source-dependent format and should preserve the original * name for Address::Instances resolved by a Network::Address::Resolver. */ virtual const std::string& logicalName() const PURE; /** * @return the IP address information IFF type() == Type::Ip, otherwise nullptr. */ virtual const Ip* ip() const PURE; /** * @return the pipe address information IFF type() == Type::Pipe, otherwise nullptr. */ virtual const Pipe* pipe() const PURE; /** * @return the envoy internal address information IFF type() == * Type::EnvoyInternal, otherwise nullptr. */ virtual const EnvoyInternalAddress* envoyInternalAddress() const PURE; /** * @return the underlying structure wherein the address is stored. Return nullptr if the address * type is internal address. */ virtual const sockaddr* sockAddr() const PURE; /** * @return length of the address container. */ virtual socklen_t sockAddrLen() const PURE; /** * @return the type of address. */ virtual Type type() const PURE; /** * @return SocketInterface to be used with the address. */ virtual const Network::SocketInterface& socketInterface() const PURE; }; using InstanceConstSharedPtr = std::shared_ptr; } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/connection.h ================================================ #pragma once #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/event/deferred_deletable.h" #include "envoy/network/address.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/ssl/connection.h" #include "envoy/stream_info/stream_info.h" namespace Envoy { namespace Event { class Dispatcher; } namespace Network { /** * Events that occur on a connection. */ enum class ConnectionEvent { RemoteClose, LocalClose, Connected, }; /** * Connections have both a read and write buffer. */ enum class ConnectionBufferType { Read, Write }; /** * Network level callbacks that happen on a connection. */ class ConnectionCallbacks { public: virtual ~ConnectionCallbacks() = default; /** * Callback for connection events. * @param events supplies the ConnectionEvent that occurred. */ virtual void onEvent(ConnectionEvent event) PURE; /** * Called when the write buffer for a connection goes over its high watermark. */ virtual void onAboveWriteBufferHighWatermark() PURE; /** * Called when the write buffer for a connection goes from over its high * watermark to under its low watermark. */ virtual void onBelowWriteBufferLowWatermark() PURE; }; /** * Type of connection close to perform. */ enum class ConnectionCloseType { FlushWrite, // Flush pending write data before raising ConnectionEvent::LocalClose NoFlush, // Do not flush any pending data and immediately raise ConnectionEvent::LocalClose FlushWriteAndDelay // Flush pending write data and delay raising a ConnectionEvent::LocalClose // until the delayed_close_timeout expires }; /** * An abstract raw connection. Free the connection or call close() to disconnect. */ class Connection : public Event::DeferredDeletable, public FilterManager { public: enum class State { Open, Closing, Closed }; /** * Callback function for when bytes have been sent by a connection. * @param bytes_sent supplies the number of bytes written to the connection. */ using BytesSentCb = std::function; struct ConnectionStats { Stats::Counter& read_total_; Stats::Gauge& read_current_; Stats::Counter& write_total_; Stats::Gauge& write_current_; // Counter* as this is an optional counter. Bind errors will not be tracked if this is nullptr. Stats::Counter* bind_errors_; // Optional counter. Delayed close timeouts will not be tracked if this is nullptr. Stats::Counter* delayed_close_timeouts_; }; ~Connection() override = default; /** * Register callbacks that fire when connection events occur. */ virtual void addConnectionCallbacks(ConnectionCallbacks& cb) PURE; /** * Register for callback every time bytes are written to the underlying TransportSocket. */ virtual void addBytesSentCallback(BytesSentCb cb) PURE; /** * Enable half-close semantics on this connection. Reading a remote half-close * will not fully close the connection. This is off by default. * @param enabled Whether to set half-close semantics as enabled or disabled. */ virtual void enableHalfClose(bool enabled) PURE; /** * Close the connection. */ virtual void close(ConnectionCloseType type) PURE; /** * @return Event::Dispatcher& the dispatcher backing this connection. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return uint64_t the unique local ID of this connection. */ virtual uint64_t id() const PURE; /** * @param vector of bytes to which the connection should append hash key data. Any data already in * the key vector must not be modified. */ virtual void hashKey(std::vector& hash) const PURE; /** * @return std::string the next protocol to use as selected by network level negotiation. (E.g., * ALPN). If network level negotiation is not supported by the connection or no protocol * has been negotiated the empty string is returned. */ virtual std::string nextProtocol() const PURE; /** * Enable/Disable TCP NO_DELAY on the connection. */ virtual void noDelay(bool enable) PURE; /** * Disable socket reads on the connection, applying external back pressure. When reads are * enabled again if there is data still in the input buffer it will be re-dispatched through * the filter chain. * @param disable supplies TRUE is reads should be disabled, FALSE if they should be enabled. * * Note that this function reference counts calls. For example * readDisable(true); // Disables data * readDisable(true); // Notes the connection is blocked by two sources * readDisable(false); // Notes the connection is blocked by one source * readDisable(false); // Marks the connection as unblocked, so resumes reading. */ virtual void readDisable(bool disable) PURE; /** * Set if Envoy should detect TCP connection close when readDisable(true) is called. * By default, this is true on newly created connections. * * @param should_detect supplies if disconnects should be detected when the connection has been * read disabled */ virtual void detectEarlyCloseWhenReadDisabled(bool should_detect) PURE; /** * @return bool whether reading is enabled on the connection. */ virtual bool readEnabled() const PURE; /** * @return The address of the remote client. Note that this method will never return nullptr. */ virtual const Network::Address::InstanceConstSharedPtr& remoteAddress() const PURE; /** * @return The address of the remote directly connected peer. Note that this method * will never return nullptr. This address is not affected or modified by PROXY protocol * or any other listener filter. */ virtual const Network::Address::InstanceConstSharedPtr& directRemoteAddress() const PURE; /** * Credentials of the peer of a socket as decided by SO_PEERCRED. */ struct UnixDomainSocketPeerCredentials { /** * The process id of the peer. */ int32_t pid; /** * The user id of the peer. */ uint32_t uid; /** * The group id of the peer. */ uint32_t gid; }; /** * @return The unix socket peer credentials of the remote client. Note that this is only * supported for unix socket connections. */ virtual absl::optional unixSocketPeerCredentials() const PURE; /** * @return the local address of the connection. For client connections, this is the origin * address. For server connections, this is the local destination address. For server connections * it can be different from the proxy address if the downstream connection has been redirected or * the proxy is operating in transparent mode. Note that this method will never return nullptr. */ virtual const Network::Address::InstanceConstSharedPtr& localAddress() const PURE; /** * Set the stats to update for various connection state changes. Note that for performance reasons * these stats are eventually consistent and may not always accurately represent the connection * state at any given point in time. */ virtual void setConnectionStats(const ConnectionStats& stats) PURE; /** * @return the const SSL connection data if this is an SSL connection, or nullptr if it is not. */ // TODO(snowp): Remove this in favor of StreamInfo::downstreamSslConnection. virtual Ssl::ConnectionInfoConstSharedPtr ssl() const PURE; /** * @return requested server name (e.g. SNI in TLS), if any. */ virtual absl::string_view requestedServerName() const PURE; /** * @return State the current state of the connection. */ virtual State state() const PURE; /** * Write data to the connection. Will iterate through downstream filters with the buffer if any * are installed. * @param data Supplies the data to write to the connection. * @param end_stream If true, this indicates that this is the last write to the connection. If * end_stream is true, the connection is half-closed. This may only be set to true if * enableHalfClose(true) has been set on this connection. */ virtual void write(Buffer::Instance& data, bool end_stream) PURE; /** * Set a soft limit on the size of buffers for the connection. * For the read buffer, this limits the bytes read prior to flushing to further stages in the * processing pipeline. * For the write buffer, it sets watermarks. When enough data is buffered it triggers a call to * onAboveWriteBufferHighWatermark, which allows subscribers to enforce flow control by disabling * reads on the socket funneling data to the write buffer. When enough data is drained from the * write buffer, onBelowWriteBufferHighWatermark is called which similarly allows subscribers * resuming reading. */ virtual void setBufferLimits(uint32_t limit) PURE; /** * Get the value set with setBufferLimits. */ virtual uint32_t bufferLimit() const PURE; /** * @return boolean telling if the connection's local address has been restored to an original * destination address, rather than the address the connection was accepted at. */ virtual bool localAddressRestored() const PURE; /** * @return boolean telling if the connection is currently above the high watermark. */ virtual bool aboveHighWatermark() const PURE; /** * Get the socket options set on this connection. */ virtual const ConnectionSocket::OptionsSharedPtr& socketOptions() const PURE; /** * The StreamInfo object associated with this connection. This is typically * used for logging purposes. Individual filters may add specific information * via the FilterState object within the StreamInfo object. The StreamInfo * object in this context is one per connection i.e. different than the one in * the http ConnectionManager implementation which is one per request. * * @return StreamInfo object associated with this connection. */ virtual StreamInfo::StreamInfo& streamInfo() PURE; virtual const StreamInfo::StreamInfo& streamInfo() const PURE; /** * Set the timeout for delayed connection close()s. * This can only be called prior to issuing a close() on the connection. * @param timeout The timeout value in milliseconds */ virtual void setDelayedCloseTimeout(std::chrono::milliseconds timeout) PURE; /** * @return std::string the failure reason of the underlying transport socket, if no failure * occurred an empty string is returned. */ virtual absl::string_view transportFailureReason() const PURE; /** * @return absl::optional An optional of the most recent round-trip * time of the connection. If the platform does not support this, then an empty optional is * returned. */ virtual absl::optional lastRoundTripTime() const PURE; }; using ConnectionPtr = std::unique_ptr; /** * Connections capable of outbound connects. */ class ClientConnection : public virtual Connection { public: /** * Connect to a remote host. Errors or connection events are reported via the event callback * registered via addConnectionCallbacks(). */ virtual void connect() PURE; }; using ClientConnectionPtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/connection_balancer.h ================================================ #pragma once #include "envoy/network/listen_socket.h" namespace Envoy { namespace Network { /** * A connection handler that is balanced. Typically implemented by individual listeners depending * on their balancing configuration. */ class BalancedConnectionHandler { public: virtual ~BalancedConnectionHandler() = default; /** * @return the number of active connections within the handler. */ virtual uint64_t numConnections() const PURE; /** * Increment the number of connections within the handler. This must be called by a connection * balancer implementation prior to a connection being picked via pickTargetHandler(). This makes * sure that connection counts are accurate during connection transfer (i.e., that the target * balancer accounts for the incoming connection). This is done by the balancer vs. the * connection handler to account for different locking needs inside the balancer. */ virtual void incNumConnections() PURE; /** * Post a connected socket to this connection handler. This is used for cross-thread connection * transfer during the balancing process. */ virtual void post(Network::ConnectionSocketPtr&& socket) PURE; }; /** * An implementation of a connection balancer. This abstracts the underlying policy (e.g., exact, * fuzzy, etc.). */ class ConnectionBalancer { public: virtual ~ConnectionBalancer() = default; /** * Register a new handler with the balancer that is available for balancing. */ virtual void registerHandler(BalancedConnectionHandler& handler) PURE; /** * Unregister a handler with the balancer that is no longer available for balancing. */ virtual void unregisterHandler(BalancedConnectionHandler& handler) PURE; /** * Pick a target handler to send a connection to. * @param current_handler supplies the currently executing connection handler. * @return current_handler if the connection should stay bound to the current handler, or a * different handler if the connection should be rebalanced. * * NOTE: It is the responsibility of the balancer to call incNumConnections() on the returned * balancer. See the comments above for more explanation. */ virtual BalancedConnectionHandler& pickTargetHandler(BalancedConnectionHandler& current_handler) PURE; }; using ConnectionBalancerSharedPtr = std::shared_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/connection_handler.h ================================================ #pragma once #include #include #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" #include "envoy/ssl/context.h" namespace Envoy { namespace Network { /** * Abstract connection handler. */ class ConnectionHandler { public: virtual ~ConnectionHandler() = default; /** * @return uint64_t the number of active connections owned by the handler. */ virtual uint64_t numConnections() const PURE; /** * Increment the return value of numConnections() by one. * TODO(mattklein123): re-visit the connection accounting interface. Make TCP * listener to do accounting through these interfaces instead of directly * access the counter. */ virtual void incNumConnections() PURE; /** * Decrement the return value of numConnections() by one. */ virtual void decNumConnections() PURE; /** * Adds a listener to the handler, optionally replacing the existing listener. * @param overridden_listener tag of the existing listener. nullopt if no previous listener. * @param config listener configuration options. */ virtual void addListener(absl::optional overridden_listener, ListenerConfig& config) PURE; /** * Remove listeners using the listener tag as a key. All connections owned by the removed * listeners will be closed. * @param listener_tag supplies the tag passed to addListener(). */ virtual void removeListeners(uint64_t listener_tag) PURE; /** * Get the ``UdpListenerCallbacks`` associated with ``listener_tag``. This will be * absl::nullopt for non-UDP listeners and for ``listener_tag`` values that have already been * removed. */ virtual UdpListenerCallbacksOptRef getUdpListenerCallbacks(uint64_t listener_tag) PURE; /** * Remove the filter chains and the connections in the listener. All connections owned * by the filter chains will be closed. Once all the connections are destroyed(connections * could be deferred deleted!), invoke the completion. * @param listener_tag supplies the tag passed to addListener(). * @param filter_chains supplies the filter chains to be removed. */ virtual void removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) PURE; /** * Stop listeners using the listener tag as a key. This will not close any connections and is used * for draining. * @param listener_tag supplies the tag passed to addListener(). */ virtual void stopListeners(uint64_t listener_tag) PURE; /** * Stop all listeners. This will not close any connections and is used for draining. */ virtual void stopListeners() PURE; /** * Disable all listeners. This will not close any connections and is used to temporarily * stop accepting connections on all listeners. */ virtual void disableListeners() PURE; /** * Enable all listeners. This is used to re-enable accepting connections on all listeners * after they have been temporarily disabled. */ virtual void enableListeners() PURE; /** * @return the stat prefix used for per-handler stats. */ virtual const std::string& statPrefix() const PURE; /** * Used by ConnectionHandler to manage listeners. */ class ActiveListener { public: virtual ~ActiveListener() = default; /** * @return the tag value as configured. */ virtual uint64_t listenerTag() PURE; /** * @return the actual Listener object. */ virtual Listener* listener() PURE; /** * Temporarily stop listening according to implementation's own definition. */ virtual void pauseListening() PURE; /** * Resume listening according to implementation's own definition. */ virtual void resumeListening() PURE; /** * Stop listening according to implementation's own definition. */ virtual void shutdownListener() PURE; }; using ActiveListenerPtr = std::unique_ptr; /** * Used by ConnectionHandler to manage UDP listeners. */ class ActiveUdpListener : public virtual ActiveListener, public Network::UdpListenerCallbacks { public: ~ActiveUdpListener() override = default; /** * Returns the worker index that ``data`` should be delivered to. The return value must be in * the range [0, concurrency). */ virtual uint32_t destination(const Network::UdpRecvData& data) const PURE; }; using ActiveUdpListenerPtr = std::unique_ptr; }; using ConnectionHandlerPtr = std::unique_ptr; /** * A registered factory interface to create different kinds of ActiveUdpListener. */ class ActiveUdpListenerFactory { public: virtual ~ActiveUdpListenerFactory() = default; /** * Creates an ActiveUdpListener object and a corresponding UdpListener * according to given config. * @param worker_index The index of the worker this listener is being created on. * @param parent is the owner of the created ActiveListener objects. * @param dispatcher is used to create actual UDP listener. * @param config provides information needed to create ActiveUdpListener and * UdpListener objects. * @return the ActiveUdpListener created. */ virtual ConnectionHandler::ActiveUdpListenerPtr createActiveUdpListener(uint32_t worker_index, ConnectionHandler& parent, Event::Dispatcher& dispatcher, Network::ListenerConfig& config) PURE; /** * @return true if the UDP passing through listener doesn't form stateful connections. */ virtual bool isTransportConnectionless() const PURE; }; using ActiveUdpListenerFactoryPtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/dns.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/pure.h" #include "envoy/network/address.h" namespace Envoy { namespace Network { /** * An active async DNS query. */ class ActiveDnsQuery { public: virtual ~ActiveDnsQuery() = default; /** * Cancel an outstanding DNS request. */ virtual void cancel() PURE; }; /** * DNS response. */ struct DnsResponse { DnsResponse(const Address::InstanceConstSharedPtr& address, const std::chrono::seconds ttl) : address_(address), ttl_(ttl) {} const Address::InstanceConstSharedPtr address_; const std::chrono::seconds ttl_; }; enum class DnsLookupFamily { V4Only, V6Only, Auto }; /** * An asynchronous DNS resolver. */ class DnsResolver { public: virtual ~DnsResolver() = default; /** * Final status for a DNS resolution. */ enum class ResolutionStatus { Success, Failure }; /** * Called when a resolution attempt is complete. * @param status supplies the final status of the resolution. * @param response supplies the list of resolved IP addresses and TTLs. */ using ResolveCb = std::function&& response)>; /** * Initiate an async DNS resolution. * @param dns_name supplies the DNS name to lookup. * @param dns_lookup_family the DNS IP version lookup policy. * @param callback supplies the callback to invoke when the resolution is complete. * @return if non-null, a handle that can be used to cancel the resolution. * This is only valid until the invocation of callback or ~DnsResolver(). */ virtual ActiveDnsQuery* resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) PURE; }; using DnsResolverSharedPtr = std::shared_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/drain_decision.h ================================================ #pragma once #include "envoy/common/pure.h" namespace Envoy { namespace Network { class DrainDecision { public: virtual ~DrainDecision() = default; /** * @return TRUE if a connection should be drained and closed. It is up to individual network * filters to determine when this should be called for the least impact possible. */ virtual bool drainClose() const PURE; }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/exception.h ================================================ #pragma once #include "envoy/common/exception.h" namespace Envoy { namespace Network { /** * Thrown when there is a runtime error creating/binding a listener. */ class CreateListenerException : public EnvoyException { public: CreateListenerException(const std::string& what) : EnvoyException(what) {} }; /** * Thrown when there is a runtime error binding a socket. */ class SocketBindException : public CreateListenerException { public: SocketBindException(const std::string& what, int error_number) : CreateListenerException(what), error_number_(error_number) {} // This can't be called errno because otherwise the standard errno macro expansion replaces it. int errorNumber() const { return error_number_; } private: const int error_number_; }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/filter.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/network/listen_socket.h" #include "envoy/network/transport_socket.h" #include "envoy/upstream/host_description.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Event { class Dispatcher; } namespace Network { class Connection; class ConnectionSocket; class UdpListener; struct UdpRecvData; /** * Status codes returned by filters that can cause future filters to not get iterated to. */ enum class FilterStatus { // Continue to further filters. Continue, // Stop executing further filters. StopIteration }; /** * Callbacks used by individual filter instances to communicate with the filter manager. */ class NetworkFilterCallbacks { public: virtual ~NetworkFilterCallbacks() = default; /** * @return the connection that owns this filter. */ virtual Connection& connection() PURE; }; /** * Callbacks used by individual write filter instances to communicate with the filter manager. */ class WriteFilterCallbacks : public virtual NetworkFilterCallbacks { public: ~WriteFilterCallbacks() override = default; /** * Pass data directly to subsequent filters in the filter chain. This method is used in * advanced cases in which a filter needs full control over how subsequent filters view data. * Using this method allows a filter to buffer data (or not) and then periodically inject data * to subsequent filters, indicating end_stream at an appropriate time. * This can be used to implement rate limiting, periodic data emission, etc. * * When using this callback, filters should generally move passed in buffer and return * FilterStatus::StopIteration from their onWrite() call, since use of this method * indicates that a filter does not wish to participate in a standard write flow * and will perform any necessary buffering and continuation on its own. * * @param data supplies the write data to be propagated directly to further filters in the filter * chain. * @param end_stream supplies the end_stream status to be propagated directly to further filters * in the filter chain. */ virtual void injectWriteDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE; }; /** * A write path binary connection filter. */ class WriteFilter { public: virtual ~WriteFilter() = default; /** * Called when data is to be written on the connection. * @param data supplies the buffer to be written which may be modified. * @param end_stream supplies whether this is the last byte to write on the connection. * @return status used by the filter manager to manage further filter iteration. */ virtual FilterStatus onWrite(Buffer::Instance& data, bool end_stream) PURE; /** * Initializes the write filter callbacks used to interact with the filter manager. It will be * called by the filter manager a single time when the filter is first registered. Thus, any * construction that requires the backing connection should take place in the context of this * function. * * IMPORTANT: No outbound networking or complex processing should be done in this function. * That should be done in the context of ReadFilter::onNewConnection() if needed. * * @param callbacks supplies the callbacks. */ virtual void initializeWriteFilterCallbacks(WriteFilterCallbacks&) {} }; using WriteFilterSharedPtr = std::shared_ptr; /** * Callbacks used by individual read filter instances to communicate with the filter manager. */ class ReadFilterCallbacks : public virtual NetworkFilterCallbacks { public: ~ReadFilterCallbacks() override = default; /** * If a read filter stopped filter iteration, continueReading() can be called to continue the * filter chain. The next filter will be called with all currently available data in the read * buffer (it will also have onNewConnection() called on it if it was not previously called). */ virtual void continueReading() PURE; /** * Pass data directly to subsequent filters in the filter chain. This method is used in * advanced cases in which a filter needs full control over how subsequent filters view data, * and does not want to make use of connection-level buffering. Using this method allows * a filter to buffer data (or not) and then periodically inject data to subsequent filters, * indicating end_stream at an appropriate time. This can be used to implement rate limiting, * periodic data emission, etc. * * When using this callback, filters should generally move passed in buffer and return * FilterStatus::StopIteration from their onData() call, since use of this method * indicates that a filter does not wish to participate in standard connection-level * buffering and continuation and will perform any necessary buffering and continuation on its * own. * * This callback is different from continueReading() in that the specified data and end_stream * status will be propagated verbatim to further filters in the filter chain * (while continueReading() propagates connection-level read buffer and end_stream status). * * @param data supplies the read data to be propagated directly to further filters in the filter * chain. * @param end_stream supplies the end_stream status to be propagated directly to further filters * in the filter chain. */ virtual void injectReadDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE; /** * Return the currently selected upstream host, if any. This can be used for communication * between multiple network level filters, for example the TCP proxy filter communicating its * selection to another filter for logging. */ virtual Upstream::HostDescriptionConstSharedPtr upstreamHost() PURE; /** * Set the currently selected upstream host for the connection. */ virtual void upstreamHost(Upstream::HostDescriptionConstSharedPtr host) PURE; }; /** * A read path binary connection filter. */ class ReadFilter { public: virtual ~ReadFilter() = default; /** * Called when data is read on the connection. * @param data supplies the read data which may be modified. * @param end_stream supplies whether this is the last byte on the connection. This will only * be set if the connection has half-close semantics enabled. * @return status used by the filter manager to manage further filter iteration. */ virtual FilterStatus onData(Buffer::Instance& data, bool end_stream) PURE; /** * Called when a connection is first established. Filters should do one time long term processing * that needs to be done when a connection is established. Filter chain iteration can be stopped * if needed. * @return status used by the filter manager to manage further filter iteration. */ virtual FilterStatus onNewConnection() PURE; /** * Initializes the read filter callbacks used to interact with the filter manager. It will be * called by the filter manager a single time when the filter is first registered. Thus, any * construction that requires the backing connection should take place in the context of this * function. * * IMPORTANT: No outbound networking or complex processing should be done in this function. * That should be done in the context of onNewConnection() if needed. * * @param callbacks supplies the callbacks. */ virtual void initializeReadFilterCallbacks(ReadFilterCallbacks& callbacks) PURE; }; using ReadFilterSharedPtr = std::shared_ptr; /** * A combination read and write filter. This allows a single filter instance to cover * both the read and write paths. */ class Filter : public WriteFilter, public ReadFilter {}; using FilterSharedPtr = std::shared_ptr; /** * Interface for adding individual network filters to a manager. */ class FilterManager { public: virtual ~FilterManager() = default; /** * Add a write filter to the connection. Filters are invoked in LIFO order (the last added * filter is called first). */ virtual void addWriteFilter(WriteFilterSharedPtr filter) PURE; /** * Add a combination filter to the connection. Equivalent to calling both addWriteFilter() * and addReadFilter() with the same filter instance. */ virtual void addFilter(FilterSharedPtr filter) PURE; /** * Add a read filter to the connection. Filters are invoked in FIFO order (the filter added * first is called first). */ virtual void addReadFilter(ReadFilterSharedPtr filter) PURE; /** * Initialize all of the installed read filters. This effectively calls onNewConnection() on * each of them. * @return true if read filters were initialized successfully, otherwise false. */ virtual bool initializeReadFilters() PURE; }; /** * This function is used to wrap the creation of a network filter chain for new connections as * they come in. Filter factories create the lambda at configuration initialization time, and then * they are used at runtime. * @param filter_manager supplies the filter manager for the connection to install filters * to. Typically the function will install a single filter, but it's technically possibly to * install more than one if desired. */ using FilterFactoryCb = std::function; /** * Callbacks used by individual listener filter instances to communicate with the listener filter * manager. */ class ListenerFilterCallbacks { public: virtual ~ListenerFilterCallbacks() = default; /** * @return ConnectionSocket the socket the filter is operating on. */ virtual ConnectionSocket& socket() PURE; /** * @return the Dispatcher for issuing events. */ virtual Event::Dispatcher& dispatcher() PURE; /** * If a filter stopped filter iteration by returning FilterStatus::StopIteration, * the filter should call continueFilterChain(true) when complete to continue the filter chain, * or continueFilterChain(false) if the filter execution failed and the connection must be * closed. * @param success boolean telling whether the filter execution was successful or not. */ virtual void continueFilterChain(bool success) PURE; /** * @param name the namespace used in the metadata in reverse DNS format, for example: * envoy.test.my_filter. * @param value the struct to set on the namespace. A merge will be performed with new values for * the same key overriding existing. */ virtual void setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) PURE; /** * @return const envoy::config::core::v3::Metadata& the dynamic metadata associated with this * connection. */ virtual envoy::config::core::v3::Metadata& dynamicMetadata() PURE; virtual const envoy::config::core::v3::Metadata& dynamicMetadata() const PURE; }; /** * Interface for a listener filter matching with incoming traffic. */ class ListenerFilterMatcher { public: virtual ~ListenerFilterMatcher() = default; virtual bool matches(Network::ListenerFilterCallbacks& cb) const PURE; }; using ListenerFilterMatcherPtr = std::unique_ptr; using ListenerFilterMatcherSharedPtr = std::shared_ptr; /** * Listener Filter */ class ListenerFilter { public: virtual ~ListenerFilter() = default; /** * Called when a new connection is accepted, but before a Connection is created. * Filter chain iteration can be stopped if needed. * @param cb the callbacks the filter instance can use to communicate with the filter chain. * @return status used by the filter manager to manage further filter iteration. */ virtual FilterStatus onAccept(ListenerFilterCallbacks& cb) PURE; }; using ListenerFilterPtr = std::unique_ptr; /** * Interface for filter callbacks and adding listener filters to a manager. */ class ListenerFilterManager { public: virtual ~ListenerFilterManager() = default; /** * Add a filter to the listener. Filters are invoked in FIFO order (the filter added * first is called first). * @param listener_filter_matcher supplies the matcher to decide when filter is enabled. * @param filter supplies the filter being added. */ virtual void addAcceptFilter(const ListenerFilterMatcherSharedPtr& listener_filter_matcher, ListenerFilterPtr&& filter) PURE; }; /** * This function is used to wrap the creation of a listener filter chain for new sockets as they are * created. Filter factories create the lambda at configuration initialization time, and then they * are used at runtime. * @param filter_manager supplies the filter manager for the listener to install filters to. * Typically the function will install a single filter, but it's technically possibly to install * more than one if desired. */ using ListenerFilterFactoryCb = std::function; /** * Interface representing a single filter chain. */ class FilterChain { public: virtual ~FilterChain() = default; /** * @return const TransportSocketFactory& a transport socket factory to be used by the new * connection. */ virtual const TransportSocketFactory& transportSocketFactory() const PURE; /** * const std::vector& a list of filters to be used by the new connection. */ virtual const std::vector& networkFilterFactories() const PURE; }; using FilterChainSharedPtr = std::shared_ptr; /** * A filter chain that can be drained. */ class DrainableFilterChain : public FilterChain { public: virtual void startDraining() PURE; }; using DrainableFilterChainSharedPtr = std::shared_ptr; /** * Interface for searching through configured filter chains. */ class FilterChainManager { public: virtual ~FilterChainManager() = default; /** * Find filter chain that's matching metadata from the new connection. * @param socket supplies connection metadata that's going to be used for the filter chain lookup. * @return const FilterChain* filter chain to be used by the new connection, * nullptr if no matching filter chain was found. */ virtual const FilterChain* findFilterChain(const ConnectionSocket& socket) const PURE; }; /** * Callbacks used by individual UDP listener read filter instances to communicate with the filter * manager. */ class UdpReadFilterCallbacks { public: virtual ~UdpReadFilterCallbacks() = default; /** * @return the udp listener that owns this read filter. */ virtual UdpListener& udpListener() PURE; }; /** * UDP Listener Read Filter */ class UdpListenerReadFilter { public: virtual ~UdpListenerReadFilter() = default; /** * Called when a new data packet is received on a UDP listener. * @param data supplies the read data which may be modified. */ virtual void onData(UdpRecvData& data) PURE; /** * Called when there is an error event in the receive data path. * * @param error_code supplies the received error on the listener. */ virtual void onReceiveError(Api::IoError::IoErrorCode error_code) PURE; protected: /** * @param callbacks supplies the read filter callbacks used to interact with the filter manager. */ UdpListenerReadFilter(UdpReadFilterCallbacks& callbacks) : read_callbacks_(&callbacks) {} UdpReadFilterCallbacks* read_callbacks_{}; }; using UdpListenerReadFilterPtr = std::unique_ptr; /** * Interface for adding UDP listener filters to a manager. */ class UdpListenerFilterManager { public: virtual ~UdpListenerFilterManager() = default; /** * Add a read filter to the udp listener. Filters are invoked in FIFO order (the * filter added first is called first). * @param filter supplies the filter being added. */ virtual void addReadFilter(UdpListenerReadFilterPtr&& filter) PURE; }; using UdpListenerFilterFactoryCb = std::function; /** * Creates a chain of network filters for a new connection. */ class FilterChainFactory { public: virtual ~FilterChainFactory() = default; /** * Called to create the network filter chain. * @param connection supplies the connection to create the chain on. * @param filter_factories supplies a list of filter factories to create the chain from. * @return true if filter chain was created successfully. Otherwise * false, e.g. filter chain is empty. */ virtual bool createNetworkFilterChain(Connection& connection, const std::vector& filter_factories) PURE; /** * Called to create the listener filter chain. * @param listener supplies the listener to create the chain on. * @return true if filter chain was created successfully. Otherwise false. */ virtual bool createListenerFilterChain(ListenerFilterManager& listener) PURE; /** * Called to create a Udp Listener Filter Chain object * * @param udp_listener supplies the listener to create the chain on. * @param callbacks supplies the callbacks needed to create a filter. */ virtual void createUdpListenerFilterChain(UdpListenerFilterManager& udp_listener, UdpReadFilterCallbacks& callbacks) PURE; }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/hash_policy.h ================================================ #pragma once #include "envoy/network/address.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { /** * Hash policy for transport layer protocol. */ class HashPolicy { public: virtual ~HashPolicy() = default; /** * @param downstream_address is the address of the connected client. * @param upstream_address is the address of the connected server. * @return absl::optional an optional hash value to route on. A hash value might not be * returned if for example the downstream address is nullptr. */ virtual absl::optional generateHash(const Network::Address::Instance* downstream_address, const Network::Address::Instance* upstream_address) const PURE; }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/io_handle.h ================================================ #pragma once #include #include #include "envoy/api/io_error.h" #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "envoy/event/file_event.h" #include "envoy/network/address.h" #include "absl/container/fixed_array.h" #include "absl/types/optional.h" namespace Envoy { namespace Buffer { struct RawSlice; class Instance; } // namespace Buffer namespace Event { class Dispatcher; } // namespace Event using RawSliceArrays = absl::FixedArray>; namespace Network { /** * IoHandle: an abstract interface for all I/O operations */ class IoHandle { public: virtual ~IoHandle() = default; /** * NOTE: Must NOT be used for new use cases! * * This is most probably not the function you are looking for. IoHandle has wrappers for most of * the POSIX socket api functions so there should be no need to interact with the internal fd by * means of syscalls. Moreover, depending on the IoHandle implementation, the fd might not be an * underlying OS file descriptor. If any api function is missing, a wrapper for it should be added * to the IoHandle interface. * * Return data associated with IoHandle. It is not necessarily a file descriptor. */ virtual os_fd_t fdDoNotUse() const PURE; /** * Clean up IoHandle resources */ virtual Api::IoCallUint64Result close() PURE; /** * Return true if close() hasn't been called. */ virtual bool isOpen() const PURE; /** * Read data into given slices. * @param max_length supplies the maximum length to read. * @param slices points to the output location. * @param num_slice indicates the number of slices |slices| contains. * @return a Api::IoCallUint64Result with err_ = an Api::IoError instance or * err_ = nullptr and rc_ = the bytes read for success. */ virtual Api::IoCallUint64Result readv(uint64_t max_length, Buffer::RawSlice* slices, uint64_t num_slice) PURE; /** * Read from a io handle directly into buffer. * @param buffer supplies the buffer to read into. * @param max_length supplies the maximum length to read. * @return a IoCallUint64Result with err_ = nullptr and rc_ = the number of bytes * read if successful, or err_ = some IoError for failure. If call failed, rc_ shouldn't be used. */ virtual Api::IoCallUint64Result read(Buffer::Instance& buffer, uint64_t max_length) PURE; /** * Write the data in slices out. * @param slices points to the location of data to be written. * @param num_slice indicates number of slices |slices| contains. * @return a Api::IoCallUint64Result with err_ = an Api::IoError instance or * err_ = nullptr and rc_ = the bytes written for success. */ virtual Api::IoCallUint64Result writev(const Buffer::RawSlice* slices, uint64_t num_slice) PURE; /** * Write the buffer out to a file descriptor. * @param buffer supplies the buffer to write to. * @return a IoCallUint64Result with err_ = nullptr and rc_ = the number of bytes * written if successful, or err_ = some IoError for failure. If call failed, rc_ shouldn't be * used. */ virtual Api::IoCallUint64Result write(Buffer::Instance& buffer) PURE; /** * Send a message to the address. * @param slices points to the location of data to be sent. * @param num_slice indicates number of slices |slices| contains. * @param self_ip is the source address whose port should be ignored. Nullptr * if caller wants kernel to select source address. * @param peer_address is the destination address. * @return a Api::IoCallUint64Result with err_ = an Api::IoError instance or * err_ = nullptr and rc_ = the bytes written for success. */ virtual Api::IoCallUint64Result sendmsg(const Buffer::RawSlice* slices, uint64_t num_slice, int flags, const Address::Ip* self_ip, const Address::Instance& peer_address) PURE; struct RecvMsgPerPacketInfo { // The destination address from transport header. Address::InstanceConstSharedPtr local_address_; // The source address from transport header. Address::InstanceConstSharedPtr peer_address_; // The payload length of this packet. unsigned int msg_len_{0}; // The gso_size, if specified in the transport header unsigned int gso_size_{0}; }; /** * The output parameter type for recvmsg and recvmmsg. */ struct RecvMsgOutput { /* * @param num_packets_per_call is the max number of packets allowed per * recvmmsg call. For recvmsg call, any value larger than 0 is allowed, but * only one packet will be returned. * @param dropped_packets points to a variable to store how many packets are * dropped so far. If nullptr, recvmsg() won't try to get this information * from transport header. */ RecvMsgOutput(size_t num_packets_per_call, uint32_t* dropped_packets) : dropped_packets_(dropped_packets), msg_(num_packets_per_call) {} // If not nullptr, its value is the total number of packets dropped. recvmsg() will update it // when more packets are dropped. uint32_t* dropped_packets_; // Packet headers for each received packet. It's populated according to packet receive order. // Only the first entry is used to return per packet information by recvmsg. absl::FixedArray msg_; }; /** * Receive a message into given slices, output overflow, source/destination * addresses via passed-in parameters upon success. * @param slices points to the location of receiving buffer. * @param num_slice indicates number of slices |slices| contains. * @param self_port the port this handle is assigned to. This is used to populate * local_address because local port can't be retrieved from control message. * @param output modified upon each call to return fields requested in it. * @return a Api::IoCallUint64Result with err_ = an Api::IoError instance or * err_ = nullptr and rc_ = the bytes received for success. */ virtual Api::IoCallUint64Result recvmsg(Buffer::RawSlice* slices, const uint64_t num_slice, uint32_t self_port, RecvMsgOutput& output) PURE; /** * If the platform supports, receive multiple messages into given slices, output overflow, * source/destination addresses per message via passed-in parameters upon success. * @param slices are the receive buffers for the messages. Each message * received are stored in an individual entry of |slices|. * @param self_port is the same as the one in recvmsg(). * @param output is modified upon each call and each message received. */ virtual Api::IoCallUint64Result recvmmsg(RawSliceArrays& slices, uint32_t self_port, RecvMsgOutput& output) PURE; /** * Read data into given buffer for connected handles * @param buffer buffer to read the data into * @param length buffer length * @param flags flags to pass to the underlying recv function (see man 2 recv) */ virtual Api::IoCallUint64Result recv(void* buffer, size_t length, int flags) PURE; /** * return true if the platform supports recvmmsg() and sendmmsg(). */ virtual bool supportsMmsg() const PURE; /** * return true if the platform supports udp_gro */ virtual bool supportsUdpGro() const PURE; /** * Bind to address. The handle should have been created with a call to socket() * @param address address to bind to. * @param addrlen address length * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult bind(Address::InstanceConstSharedPtr address) PURE; /** * Listen on bound handle. * @param backlog maximum number of pending connections for listener * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult listen(int backlog) PURE; /** * Accept on listening handle * @param addr remote address to be returned * @param addrlen remote address length * @param flags flags to be applied to accepted session * @return accepted IoHandlePtr */ virtual std::unique_ptr accept(struct sockaddr* addr, socklen_t* addrlen) PURE; /** * Connect to address. The handle should have been created with a call to socket() * on this object. * @param address remote address to connect to. * @param addrlen remote address length * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult connect(Address::InstanceConstSharedPtr address) PURE; /** * Set option (see man 2 setsockopt) */ virtual Api::SysCallIntResult setOption(int level, int optname, const void* optval, socklen_t optlen) PURE; /** * Get option (see man 2 getsockopt) */ virtual Api::SysCallIntResult getOption(int level, int optname, void* optval, socklen_t* optlen) PURE; /** * Toggle blocking behavior * @param blocking flag to set/unset blocking state * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult setBlocking(bool blocking) PURE; /** * @return the domain used by underlying socket (see man 2 socket) */ virtual absl::optional domain() PURE; /** * Get local address (ip:port pair) * @return local address as @ref Address::InstanceConstSharedPtr */ virtual Address::InstanceConstSharedPtr localAddress() PURE; /** * Get peer's address (ip:port pair) * @return peer's address as @ref Address::InstanceConstSharedPtr */ virtual Address::InstanceConstSharedPtr peerAddress() PURE; /** * Creates a file event that will signal when the io handle is readable, writable or closed. * @param dispatcher dispatcher to be used to allocate the file event. * @param cb supplies the callback to fire when the handle is ready. * @param trigger specifies whether to edge or level trigger. * @param events supplies a logical OR of @ref Event::FileReadyType events that the file event * should initially listen on. * @return @ref Event::FileEventPtr */ virtual Event::FileEventPtr createFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, Event::FileTriggerType trigger, uint32_t events) PURE; /** * Shut down part of a full-duplex connection (see man 2 shutdown) */ virtual Api::SysCallIntResult shutdown(int how) PURE; /** * @return absl::optional An optional of the most recent round-trip * time of the connection. If the platform does not support this, then an empty optional is * returned. */ virtual absl::optional lastRoundTripTime() PURE; }; using IoHandlePtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/listen_socket.h ================================================ #pragma once #include #include #include #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" #include "envoy/network/io_handle.h" #include "envoy/network/socket.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { /** * A socket passed to a connection. For server connections this represents the accepted socket, and * for client connections this represents the socket being connected to a remote address. * * TODO(jrajahalme): Hide internals (e.g., fd) from listener filters by providing callbacks filters * may need (set/getsockopt(), peek(), recv(), etc.) */ class ConnectionSocket : public virtual Socket { public: ~ConnectionSocket() override = default; /** * @return the remote address of the socket. */ virtual const Address::InstanceConstSharedPtr& remoteAddress() const PURE; /** * @return the direct remote address of the socket. This is the address of the directly * connected peer, and cannot be modified by listener filters. */ virtual const Address::InstanceConstSharedPtr& directRemoteAddress() const PURE; /** * Restores the local address of the socket. On accepted sockets the local address defaults to the * one at which the connection was received at, which is the same as the listener's address, if * the listener is bound to a specific address. Call this to restore the address to a value * different from the one the socket was initially accepted at. This should only be called when * restoring the original destination address of a connection redirected by iptables REDIRECT. The * caller is responsible for making sure the new address is actually different. * * @param local_address the new local address. */ virtual void restoreLocalAddress(const Address::InstanceConstSharedPtr& local_address) PURE; /** * Set the remote address of the socket. */ virtual void setRemoteAddress(const Address::InstanceConstSharedPtr& remote_address) PURE; /** * @return true if the local address has been restored to a value that is different from the * address the socket was initially accepted at. */ virtual bool localAddressRestored() const PURE; /** * Set detected transport protocol (e.g. RAW_BUFFER, TLS). */ virtual void setDetectedTransportProtocol(absl::string_view protocol) PURE; /** * @return detected transport protocol (e.g. RAW_BUFFER, TLS), if any. */ virtual absl::string_view detectedTransportProtocol() const PURE; /** * Set requested application protocol(s) (e.g. ALPN in TLS). */ virtual void setRequestedApplicationProtocols(const std::vector& protocol) PURE; /** * @return requested application protocol(s) (e.g. ALPN in TLS), if any. */ virtual const std::vector& requestedApplicationProtocols() const PURE; /** * Set requested server name (e.g. SNI in TLS). */ virtual void setRequestedServerName(absl::string_view server_name) PURE; /** * @return requested server name (e.g. SNI in TLS), if any. */ virtual absl::string_view requestedServerName() const PURE; /** * @return absl::optional An optional of the most recent round-trip * time of the connection. If the platform does not support this, then an empty optional is * returned. */ virtual absl::optional lastRoundTripTime() PURE; }; using ConnectionSocketPtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/listener.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/api/io_error.h" #include "envoy/common/exception.h" #include "envoy/common/resource.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/init/manager.h" #include "envoy/network/connection.h" #include "envoy/network/connection_balancer.h" #include "envoy/network/listen_socket.h" #include "envoy/network/udp_packet_writer_handler.h" #include "envoy/stats/scope.h" namespace Envoy { namespace Network { class ActiveUdpListenerFactory; class UdpListenerWorkerRouter; using UdpListenerWorkerRouterOptRef = absl::optional>; /** * ListenSocketFactory is a member of ListenConfig to provide listen socket. * Listeners created from the same ListenConfig instance have listening sockets * provided by the same ListenSocketFactory instance. */ class ListenSocketFactory { public: virtual ~ListenSocketFactory() = default; /** * Called during actual listener creation. * @return the socket to be used for a certain listener, which might be shared * with other listeners of the same config on other worker threads. */ virtual SocketSharedPtr getListenSocket() PURE; /** * @return the type of the socket getListenSocket() returns. */ virtual Socket::Type socketType() const PURE; /** * @return the listening address of the socket getListenSocket() returns. Before getListenSocket() * is called, the return value might has 0 as port number if the config doesn't specify it. */ virtual const Address::InstanceConstSharedPtr& localAddress() const PURE; /** * @return the socket shared by worker threads if any; otherwise return null. */ virtual SocketOptRef sharedSocket() const PURE; }; using ListenSocketFactorySharedPtr = std::shared_ptr; /** * A configuration for an individual listener. */ class ListenerConfig { public: virtual ~ListenerConfig() = default; /** * @return FilterChainManager& the factory for adding and searching through configured * filter chains. */ virtual FilterChainManager& filterChainManager() PURE; /** * @return FilterChainFactory& the factory for setting up the filter chain on a new * connection. */ virtual FilterChainFactory& filterChainFactory() PURE; /** * @return ListenSocketFactory& the factory to create listen socket. */ virtual ListenSocketFactory& listenSocketFactory() PURE; /** * @return bool specifies whether the listener should actually listen on the port. * A listener that doesn't listen on a port can only receive connections * redirected from other listeners. */ virtual bool bindToPort() PURE; /** * @return bool if a connection should be handed off to another Listener after the original * destination address has been restored. 'true' when 'use_original_dst' flag in listener * configuration is set, false otherwise. Note that this flag is deprecated and will be * removed from the v2 API. */ virtual bool handOffRestoredDestinationConnections() const PURE; /** * @return uint32_t providing a soft limit on size of the listener's new connection read and * write buffers. */ virtual uint32_t perConnectionBufferLimitBytes() const PURE; /** * @return std::chrono::milliseconds the time to wait for all listener filters to complete * operation. If the timeout is reached, the accepted socket is closed without a * connection being created unless continueOnListenerFiltersTimeout() returns true. * 0 specifies a disabled timeout. */ virtual std::chrono::milliseconds listenerFiltersTimeout() const PURE; /** * @return bool whether the listener should try to create a connection when listener filters * time out. */ virtual bool continueOnListenerFiltersTimeout() const PURE; /** * @return Stats::Scope& the stats scope to use for all listener specific stats. */ virtual Stats::Scope& listenerScope() PURE; /** * @return uint64_t the tag the listener should use for connection handler tracking. */ virtual uint64_t listenerTag() const PURE; /** * @return const std::string& the listener's name. */ virtual const std::string& name() const PURE; /** * @return factory pointer if listening on UDP socket, otherwise return * nullptr. */ virtual ActiveUdpListenerFactory* udpListenerFactory() PURE; /** * @return factory if writing on UDP socket, otherwise return * nullopt. */ virtual UdpPacketWriterFactoryOptRef udpPacketWriterFactory() PURE; /** * @return the ``UdpListenerWorkerRouter`` for this listener. This will * be non-empty iff this is a UDP listener. */ virtual UdpListenerWorkerRouterOptRef udpListenerWorkerRouter() PURE; /** * @return traffic direction of the listener. */ virtual envoy::config::core::v3::TrafficDirection direction() const PURE; /** * @return the connection balancer for this listener. All listeners have a connection balancer, * though the implementation may be a NOP balancer. */ virtual ConnectionBalancer& connectionBalancer() PURE; /** * Open connection resources for this listener. */ virtual ResourceLimit& openConnections() PURE; /** * @return std::vector access logs emitted by the listener. */ virtual const std::vector& accessLogs() const PURE; /** * @return pending connection backlog for TCP listeners. */ virtual uint32_t tcpBacklogSize() const PURE; /** * @return init manager of the listener. */ virtual Init::Manager& initManager() PURE; }; /** * Callbacks invoked by a listener. */ class TcpListenerCallbacks { public: virtual ~TcpListenerCallbacks() = default; /** * Called when a new connection is accepted. * @param socket supplies the socket that is moved into the callee. */ virtual void onAccept(ConnectionSocketPtr&& socket) PURE; /** * Called when a new connection is rejected. */ virtual void onReject() PURE; }; /** * Utility struct that encapsulates the information from a udp socket's recvmmsg call. */ struct UdpRecvData { struct LocalPeerAddresses { bool operator==(const LocalPeerAddresses& rhs) const { // TODO(mattklein123): Implement a hash directly on Address that does not use strings. return local_->asStringView() == rhs.local_->asStringView() && peer_->asStringView() == rhs.peer_->asStringView(); } template friend H AbslHashValue(H h, const LocalPeerAddresses& addresses) { // TODO(mattklein123): Implement a hash directly on Address that does not use strings. return H::combine(std::move(h), addresses.local_->asStringView(), addresses.peer_->asStringView()); } Address::InstanceConstSharedPtr local_; Address::InstanceConstSharedPtr peer_; }; LocalPeerAddresses addresses_; Buffer::InstancePtr buffer_; MonotonicTime receive_time_; }; /** * Encapsulates the information needed to send a udp packet to a target */ struct UdpSendData { const Address::Ip* local_ip_; const Address::Instance& peer_address_; // The buffer is a reference so that it can be reused by the sender to send different // messages Buffer::Instance& buffer_; }; /** * UDP listener callbacks. */ class UdpListenerCallbacks { public: virtual ~UdpListenerCallbacks() = default; /** * Called whenever data is received by the underlying udp socket. * TODO(danzh2010): Consider returning a value to indicate if more work is to * be done in the next event loop due to a limit on how much processing is * allowed in each event loop. * * @param data UdpRecvData from the underlying socket. */ virtual void onData(UdpRecvData&& data) PURE; /** * Called when the underlying socket is ready for read, before onData() is * called. Called only once per event loop, even if followed by multiple * onData() calls. * */ virtual void onReadReady() PURE; /** * Called when the underlying socket is ready for write. * * @param socket Underlying server socket for the listener. * * TODO(conqerAtapple): Maybe we need a UdpWriter here instead of Socket. */ virtual void onWriteReady(const Socket& socket) PURE; /** * Called when there is an error event in the receive data path. * The send side error is a return type on the send method. * * @param error_code supplies the received error on the listener. */ virtual void onReceiveError(Api::IoError::IoErrorCode error_code) PURE; /** * Returns the pointer to the udp_packet_writer associated with the * UdpListenerCallback */ virtual UdpPacketWriter& udpPacketWriter() PURE; /** * Returns the index of this worker, in the range of [0, concurrency). */ virtual uint32_t workerIndex() const PURE; /** * Called whenever data is received on the underlying udp socket, on * the destination worker for the datagram according to ``destination()``. */ virtual void onDataWorker(Network::UdpRecvData&& data) PURE; /** * Posts ``data`` to be delivered on this worker. */ virtual void post(Network::UdpRecvData&& data) PURE; }; using UdpListenerCallbacksOptRef = absl::optional>; /** * An abstract socket listener. Free the listener to stop listening on the socket. */ class Listener { public: virtual ~Listener() = default; /** * Temporarily disable accepting new connections. */ virtual void disable() PURE; /** * Enable accepting new connections. */ virtual void enable() PURE; }; using ListenerPtr = std::unique_ptr; /** * A UDP listener interface. */ class UdpListener : public virtual Listener { public: ~UdpListener() override = default; /** * @return Event::Dispatcher& the dispatcher backing this listener. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return the local address of the socket. */ virtual const Network::Address::InstanceConstSharedPtr& localAddress() const PURE; /** * Send data through the underlying udp socket. If the send buffer of the socket FD is full, an * error code is returned. * TODO(sumukhs): We do not currently handle max MTU size of the datagram. Determine if we could * expose the path MTU information to the caller. * * @param data Supplies the data to send to a target using udp. * @return the error code of the underlying send api. On successfully sending 'n' bytes, the * underlying buffers in the data are drained by 'n' bytes. The remaining can be retried by the * sender. */ virtual Api::IoCallUint64Result send(const UdpSendData& data) PURE; /** * Flushes out remaining buffered data since last call of send(). * This is a no-op if the implementation doesn't buffer data while sending. * * @return the error code of the underlying flush api. */ virtual Api::IoCallUint64Result flush() PURE; /** * Make this listener readable at the beginning of the next event loop. * * @note: it may become readable during the current loop if feature * ``envoy.reloadable_features.activate_fds_next_event_loop`` is disabled. */ virtual void activateRead() PURE; }; using UdpListenerPtr = std::unique_ptr; /** * Handles delivering datagrams to the correct worker. */ class UdpListenerWorkerRouter { public: virtual ~UdpListenerWorkerRouter() = default; /** * Registers a worker's callbacks for this listener. This worker must accept * packets until it calls ``unregisterWorker``. */ virtual void registerWorkerForListener(UdpListenerCallbacks& listener) PURE; /** * Unregisters a worker's callbacks for this listener. */ virtual void unregisterWorkerForListener(UdpListenerCallbacks& listener) PURE; /** * Deliver ``data`` to the correct worker by calling ``onDataWorker()`` * or ``post()`` on one of the registered workers. */ virtual void deliver(uint32_t dest_worker_index, UdpRecvData&& data) PURE; }; using UdpListenerWorkerRouterPtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/post_io_action.h ================================================ #pragma once namespace Envoy { namespace Network { /** * Action that should occur on a connection after I/O. */ enum class PostIoAction { // Close the connection. Close, // Keep the connection open. KeepOpen }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/proxy_protocol.h ================================================ #pragma once #include "envoy/network/address.h" namespace Envoy { namespace Network { struct ProxyProtocolData { const Network::Address::InstanceConstSharedPtr src_addr_; const Network::Address::InstanceConstSharedPtr dst_addr_; }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/resolver.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/typed_config.h" #include "envoy/network/address.h" namespace Envoy { namespace Network { namespace Address { /** * Interface for all network address resolvers. */ class Resolver : public Config::UntypedFactory { public: ~Resolver() override = default; /** * Resolve a custom address string and port to an Address::Instance. * @param socket_address supplies the socket address to resolve. * @return InstanceConstSharedPtr appropriate Address::Instance. */ virtual InstanceConstSharedPtr resolve(const envoy::config::core::v3::SocketAddress& socket_address) PURE; std::string category() const override { return "envoy.resolvers"; } }; } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/socket.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" #include "envoy/network/io_handle.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { // SocketOptionName is an optional value that captures the setsockopt(2) // arguments. The idea here is that if a socket option is not supported // on a platform, we can make this the empty value, which allows us to // avoid #ifdef proliferation. struct SocketOptionName { SocketOptionName() = default; SocketOptionName(const SocketOptionName&) = default; SocketOptionName(int level, int option, const std::string& name) : value_(std::make_tuple(level, option, name)) {} int level() const { return std::get<0>(value_.value()); } int option() const { return std::get<1>(value_.value()); } const std::string& name() const { return std::get<2>(value_.value()); } bool hasValue() const { return value_.has_value(); } bool operator==(const SocketOptionName& rhs) const { return value_ == rhs.value_; } private: absl::optional> value_; }; // ENVOY_MAKE_SOCKET_OPTION_NAME is a helper macro to generate a // SocketOptionName with a descriptive string name. #define ENVOY_MAKE_SOCKET_OPTION_NAME(level, option) \ Network::SocketOptionName(level, option, #level "/" #option) /** * Base class for Sockets */ class Socket { public: virtual ~Socket() = default; /** * Type of sockets supported. See man 2 socket for more details */ enum class Type { Stream, Datagram }; /** * @return the local address of the socket. */ virtual const Address::InstanceConstSharedPtr& localAddress() const PURE; /** * Set the local address of the socket. On accepted sockets the local address defaults to the * one at which the connection was received at, which is the same as the listener's address, if * the listener is bound to a specific address. * * @param local_address the new local address. */ virtual void setLocalAddress(const Address::InstanceConstSharedPtr& local_address) PURE; /** * @return IoHandle for the underlying connection */ virtual IoHandle& ioHandle() PURE; /** * @return const IoHandle for the underlying connection */ virtual const IoHandle& ioHandle() const PURE; /** * @return the type (stream or datagram) of the socket. */ virtual Socket::Type socketType() const PURE; /** * @return the type (IP or pipe) of addresses used by the socket (subset of socket domain) */ virtual Address::Type addressType() const PURE; /** * @return the IP version used by the socket if address type is IP, absl::nullopt otherwise */ virtual absl::optional ipVersion() const PURE; /** * Close the underlying socket. */ virtual void close() PURE; /** * Return true if close() hasn't been called. */ virtual bool isOpen() const PURE; /** * Bind a socket to this address. The socket should have been created with a call to socket() * @param address address to bind the socket to. * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult bind(const Address::InstanceConstSharedPtr address) PURE; /** * Listen on bound socket. * @param backlog maximum number of pending connections for listener * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult listen(int backlog) PURE; /** * Connect a socket to this address. The socket should have been created with a call to socket() * on this object. * @param address remote address to connect to. * @return a Api::SysCallIntResult with rc_ = 0 for success and rc_ = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ virtual Api::SysCallIntResult connect(const Address::InstanceConstSharedPtr address) PURE; /** * Propagates option to underlying socket (@see man 2 setsockopt) */ virtual Api::SysCallIntResult setSocketOption(int level, int optname, const void* optval, socklen_t optlen) PURE; /** * Retrieves option from underlying socket (@see man 2 getsockopt) */ virtual Api::SysCallIntResult getSocketOption(int level, int optname, void* optval, socklen_t* optlen) const PURE; /** * Toggle socket blocking state */ virtual Api::SysCallIntResult setBlockingForTest(bool blocking) PURE; /** * Visitor class for setting socket options. */ class Option { public: virtual ~Option() = default; /** * @param socket the socket on which to apply options. * @param state the current state of the socket. Significant for options that can only be * set for some particular state of the socket. * @return true if succeeded, false otherwise. */ virtual bool setOption(Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const PURE; /** * @param vector of bytes to which the option should append hash key data that will be used * to separate connections based on the option. Any data already in the key vector must * not be modified. */ virtual void hashKey(std::vector& key) const PURE; /** * Contains details about what this option applies to a socket. */ struct Details { SocketOptionName name_; std::string value_; ///< Binary string representation of an option's value. bool operator==(const Details& other) const { return name_ == other.name_ && value_ == other.value_; } }; /** * @param socket The socket for which we want to know the options that would be applied. * @param state The state at which we would apply the options. * @return What we would apply to the socket at the provided state. Empty if we'd apply nothing. */ virtual absl::optional
    getOptionDetails(const Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const PURE; }; using OptionConstSharedPtr = std::shared_ptr; using Options = std::vector; using OptionsSharedPtr = std::shared_ptr; static OptionsSharedPtr& appendOptions(OptionsSharedPtr& to, const OptionsSharedPtr& from) { to->insert(to->end(), from->begin(), from->end()); return to; } static bool applyOptions(const OptionsSharedPtr& options, Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) { if (options == nullptr) { return true; } for (const auto& option : *options) { if (!option->setOption(socket, state)) { return false; } } return true; } /** * Add a socket option visitor for later retrieval with options(). */ virtual void addOption(const OptionConstSharedPtr&) PURE; /** * Add socket option visitors for later retrieval with options(). */ virtual void addOptions(const OptionsSharedPtr&) PURE; /** * @return the socket options stored earlier with addOption() and addOptions() calls, if any. */ virtual const OptionsSharedPtr& options() const PURE; }; using SocketPtr = std::unique_ptr; using SocketSharedPtr = std::shared_ptr; using SocketOptRef = absl::optional>; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/socket_interface.h ================================================ #pragma once #include "envoy/common/platform.h" #include "envoy/common/pure.h" #include "envoy/network/socket.h" namespace Envoy { namespace Network { class SocketInterface { public: virtual ~SocketInterface() = default; /** * Low level api to create a socket in the underlying host stack. Does not create a * @ref Network::SocketImpl * @param type type of socket requested * @param addr_type type of address used with the socket * @param version IP version if address type is IP * @param socket_v6only if the socket is ipv6 version only * @return @ref Network::IoHandlePtr that wraps the underlying socket file descriptor */ virtual IoHandlePtr socket(Socket::Type type, Address::Type addr_type, Address::IpVersion version, bool socket_v6only) const PURE; /** * Low level api to create a socket in the underlying host stack. Does not create an * @ref Network::SocketImpl * @param socket_type type of socket requested * @param addr address that is gleaned for address type and version if needed * @return @ref Network::IoHandlePtr that wraps the underlying socket file descriptor */ virtual IoHandlePtr socket(Socket::Type socket_type, const Address::InstanceConstSharedPtr addr) const PURE; /** * Wrap socket file descriptor in IoHandle * @param fd socket file descriptor to be wrapped * @return @ref Network::IoHandlePtr that wraps the socket file descriptor */ virtual IoHandlePtr socket(os_fd_t fd) PURE; /** * Returns true if the given family is supported on this machine. * @param domain the IP family. */ virtual bool ipFamilySupported(int domain) PURE; }; using SocketInterfacePtr = std::unique_ptr; /** * Create IoHandle for given address. * @param type type of socket to be requested * @param addr address that is gleaned for address type, version and socket interface name * @return @ref Network::IoHandlePtr that wraps the underlying socket file descriptor */ static inline IoHandlePtr ioHandleForAddr(Socket::Type type, const Address::InstanceConstSharedPtr addr) { return addr->socketInterface().socket(type, addr); } } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/transport_socket.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/network/io_handle.h" #include "envoy/network/post_io_action.h" #include "envoy/network/proxy_protocol.h" #include "envoy/ssl/connection.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { class Connection; enum class ConnectionEvent; /** * Result of each I/O event. */ struct IoResult { PostIoAction action_; /** * Number of bytes processed by the I/O event. */ uint64_t bytes_processed_; /** * True if an end-of-stream was read from a connection. This * can only be true for read operations. */ bool end_stream_read_; }; /** * Callbacks used by transport socket instances to communicate with connection. */ class TransportSocketCallbacks { public: virtual ~TransportSocketCallbacks() = default; /** * @return reference to the IoHandle associated with the connection. */ virtual IoHandle& ioHandle() PURE; /** * @return const reference to the IoHandle associated with the connection. */ virtual const IoHandle& ioHandle() const PURE; /** * @return Network::Connection& the connection interface. */ virtual Network::Connection& connection() PURE; /** * @return bool whether the read buffer should be drained. This is used to enforce yielding for * configured read limits. */ virtual bool shouldDrainReadBuffer() PURE; /** * Mark read buffer ready to read in the event loop. This is used when yielding following * shouldDrainReadBuffer(). */ virtual void setReadBufferReady() PURE; /** * Raise a connection event to the connection. This can be used by a secure socket (e.g. TLS) * to raise a connected event when handshake is done. * @param event supplies the connection event */ virtual void raiseEvent(ConnectionEvent event) PURE; /** * If the callbacks' write buffer is not empty, try to drain the buffer. * As of 2/20, used by Google. */ virtual void flushWriteBuffer() PURE; }; /** * A transport socket that does actual read / write. It can also do some transformations on * the data (e.g. TLS). */ class TransportSocket { public: virtual ~TransportSocket() = default; /** * Called by connection once to initialize the transport socket callbacks that the transport * socket should use. * @param callbacks supplies the callbacks instance. */ virtual void setTransportSocketCallbacks(TransportSocketCallbacks& callbacks) PURE; /** * @return std::string the protocol to use as selected by network level negotiation. (E.g., ALPN). * If network level negotiation is not supported by the connection or no protocol * has been negotiated the empty string is returned. */ virtual std::string protocol() const PURE; /** * @return std::string the last failure reason occurred on the transport socket. If no failure * has been occurred the empty string is returned. */ virtual absl::string_view failureReason() const PURE; /** * @return bool whether the socket can be flushed and closed. */ virtual bool canFlushClose() PURE; /** * Closes the transport socket. * @param event supplies the connection event that is closing the socket. */ virtual void closeSocket(Network::ConnectionEvent event) PURE; /** * @param buffer supplies the buffer to read to. * @return IoResult the result of the read action. */ virtual IoResult doRead(Buffer::Instance& buffer) PURE; /** * @param buffer supplies the buffer to write from * @param end_stream supplies whether this is the end of the stream. If true and all * data in buffer is written, the connection will be half-closed. * @return IoResult the result of the write action. */ virtual IoResult doWrite(Buffer::Instance& buffer, bool end_stream) PURE; /** * Called when underlying transport is established. */ virtual void onConnected() PURE; /** * @return the const SSL connection data if this is an SSL connection, or nullptr if it is not. */ virtual Ssl::ConnectionInfoConstSharedPtr ssl() const PURE; }; using TransportSocketPtr = std::unique_ptr; /** * Options for creating transport sockets. */ class TransportSocketOptions { public: virtual ~TransportSocketOptions() = default; /** * @return the const optional server name to set in the transport socket, for example SNI for * SSL, regardless of the upstream cluster configuration. Filters that influence * upstream connection selection, such as tcp_proxy, should take this option into account * and should pass it through to the connection pool to ensure the correct endpoints are * selected and the upstream connection is set up accordingly. */ virtual const absl::optional& serverNameOverride() const PURE; /** * @return the optional overridden SAN names to verify, if the transport socket supports SAN * verification. */ virtual const std::vector& verifySubjectAltNameListOverride() const PURE; /** * The application protocols to use when negotiating an upstream connection. When an application * protocol override is provided, it will *always* be used. * @return the optional overridden application protocols. */ virtual const std::vector& applicationProtocolListOverride() const PURE; /** * The application protocol to use when negotiating an upstream connection and no other * application protocol has been configured. Both * TransportSocketOptions::applicationProtocolListOverride and application protocols configured * in the CommonTlsContext on the Cluster will take precedence. * * Note that this option is intended for intermediate code (e.g. the HTTP connection pools) to * specify a default ALPN when no specific values are specified elsewhere. As such, providing a * value here might not make sense prior to load balancing. * @return the optional fallback for application protocols, for when they are not specified in the * TLS configuration. */ virtual const absl::optional& applicationProtocolFallback() const PURE; /** * @return optional PROXY protocol address information. */ virtual absl::optional proxyProtocolOptions() const PURE; /** * @param vector of bytes to which the option should append hash key data that will be used * to separate connections based on the option. Any data already in the key vector must * not be modified. */ virtual void hashKey(std::vector& key) const PURE; }; // TODO(mattklein123): Rename to TransportSocketOptionsConstSharedPtr in a dedicated follow up. using TransportSocketOptionsSharedPtr = std::shared_ptr; /** * A factory for creating transport socket. It will be associated to filter chains and clusters. */ class TransportSocketFactory { public: virtual ~TransportSocketFactory() = default; /** * @return bool whether the transport socket implements secure transport. */ virtual bool implementsSecureTransport() const PURE; /** * @param options for creating the transport socket * @return Network::TransportSocketPtr a transport socket to be passed to connection. */ virtual TransportSocketPtr createTransportSocket(TransportSocketOptionsSharedPtr options) const PURE; }; using TransportSocketFactoryPtr = std::unique_ptr; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/udp_packet_writer_config.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/network/udp_packet_writer_handler.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Network { class UdpPacketWriterConfigFactory : public Config::TypedFactory { public: ~UdpPacketWriterConfigFactory() override = default; /** * Create an UdpPacketWriterFactory object according to given message. * @param message specifies Udp Packet Writer options in a protobuf. */ virtual Network::UdpPacketWriterFactoryPtr createUdpPacketWriterFactory(const Protobuf::Message& message) PURE; std::string category() const override { return "envoy.udp_packet_writers"; } }; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/network/udp_packet_writer_handler.h ================================================ #pragma once #include #include #include "envoy/api/io_error.h" #include "envoy/buffer/buffer.h" #include "envoy/network/address.h" #include "envoy/network/socket.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Network { /** * Max v6 packet size, excluding IP and UDP headers. */ constexpr uint64_t UdpMaxOutgoingPacketSize = 1452; /** * UdpPacketWriterBuffer bundles a buffer and a function that * releases it. */ struct UdpPacketWriterBuffer { UdpPacketWriterBuffer() = default; UdpPacketWriterBuffer(uint8_t* buffer, size_t length, std::function release_buffer) : buffer_(buffer), length_(length), release_buffer_(std::move(release_buffer)) {} uint8_t* buffer_ = nullptr; size_t length_ = 0; std::function release_buffer_; }; class UdpPacketWriter { public: virtual ~UdpPacketWriter() = default; /** * @brief Sends a packet via given UDP socket with specific source address. * * @param buffer points to the buffer containing the packet * @param local_ip is the source address to be used to send. If it is null, * picks up the default network interface ip address. * @param peer_address is the destination address to send to. * @return result with number of bytes written, and write status */ virtual Api::IoCallUint64Result writePacket(const Buffer::Instance& buffer, const Address::Ip* local_ip, const Address::Instance& peer_address) PURE; /** * @returns true if the network socket is not writable. */ virtual bool isWriteBlocked() const PURE; /** * @brief mark the socket as writable when the socket is unblocked. */ virtual void setWritable() PURE; /** * @brief Get the maximum size of the packet which can be written using this * writer for the supplied peer address. * * @param peer_address is the destination address to send to. * @return the max packet size */ virtual uint64_t getMaxPacketSize(const Address::Instance& peer_address) const PURE; /** * @return true if Batch Mode * @return false if PassThroughMode */ virtual bool isBatchMode() const PURE; /** * @brief Get pointer to the next write location in internal buffer, * it should be called iff the caller does not call writePacket * for the returned buffer. The caller is expected to call writePacket * with the buffer returned from this function to save a memcpy. * * @param local_ip is the source address to be used to send. * @param peer_address is the destination address to send to. * @return { char* to the next write location, * func to release buffer } */ virtual UdpPacketWriterBuffer getNextWriteLocation(const Address::Ip* local_ip, const Address::Instance& peer_address) PURE; /** * @brief Batch Mode: Try to send all buffered packets * PassThrough Mode: NULL operation * * @return Api::IoCallUint64Result */ virtual Api::IoCallUint64Result flush() PURE; }; using UdpPacketWriterPtr = std::unique_ptr; class UdpPacketWriterFactory { public: virtual ~UdpPacketWriterFactory() = default; /** * Creates an UdpPacketWriter object for the given Udp Socket * @param socket UDP socket used to send packets. * @return the UdpPacketWriter created. */ virtual UdpPacketWriterPtr createUdpPacketWriter(Network::IoHandle& io_handle, Stats::Scope& scope) PURE; }; using UdpPacketWriterFactoryPtr = std::unique_ptr; using UdpPacketWriterFactoryOptRef = absl::optional>; } // namespace Network } // namespace Envoy ================================================ FILE: include/envoy/protobuf/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "message_validator_interface", hdrs = ["message_validator.h"], deps = [ "//source/common/protobuf", ], ) ================================================ FILE: include/envoy/protobuf/message_validator.h ================================================ #pragma once #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "common/protobuf/protobuf.h" #include "absl/strings/string_view.h" namespace Envoy { namespace ProtobufMessage { /** * Exception class for reporting validation errors due to the presence of unknown * fields in a protobuf. */ class UnknownProtoFieldException : public EnvoyException { public: UnknownProtoFieldException(const std::string& message) : EnvoyException(message) {} }; /** * Exception class for reporting validation errors due to the presence of deprecated * fields in a protobuf. */ class DeprecatedProtoFieldException : public EnvoyException { public: DeprecatedProtoFieldException(const std::string& message) : EnvoyException(message) {} }; /** * Visitor interface for a Protobuf::Message. The methods of ValidationVisitor are invoked to * perform validation based on events encountered during or after the parsing of proto binary * or JSON/YAML. */ class ValidationVisitor { public: virtual ~ValidationVisitor() = default; /** * Invoked when an unknown field is encountered. * @param description human readable description of the field. */ virtual void onUnknownField(absl::string_view description) PURE; /** * If true, skip this validation visitor in the interest of speed when * possible. **/ virtual bool skipValidation() PURE; /** * Invoked when deprecated field is encountered. * @param description human readable description of the field. * @param soft_deprecation is set to true, visitor would log a warning message, otherwise would * throw an exception. */ virtual void onDeprecatedField(absl::string_view description, bool soft_deprecation) PURE; }; class ValidationContext { public: virtual ~ValidationContext() = default; /** * @return ValidationVisitor& the validation visitor for static configuration. */ virtual ValidationVisitor& staticValidationVisitor() PURE; /** * @return ValidationVisitor& the validation visitor for dynamic configuration. */ virtual ValidationVisitor& dynamicValidationVisitor() PURE; }; } // namespace ProtobufMessage } // namespace Envoy ================================================ FILE: include/envoy/ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "ratelimit_interface", hdrs = ["ratelimit.h"], deps = [ "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/ratelimit/ratelimit.h ================================================ #pragma once #include #include #include "envoy/type/v3/ratelimit_unit.pb.h" #include "absl/types/optional.h" namespace Envoy { namespace RateLimit { /** * An optional dynamic override for the rate limit. See ratelimit.proto */ struct RateLimitOverride { uint32_t requests_per_unit_; envoy::type::v3::RateLimitUnit unit_; }; /** * A single rate limit request descriptor entry. See ratelimit.proto. */ struct DescriptorEntry { std::string key_; std::string value_; }; /** * A single rate limit request descriptor. See ratelimit.proto. */ struct Descriptor { std::vector entries_; absl::optional limit_ = absl::nullopt; }; } // namespace RateLimit } // namespace Envoy ================================================ FILE: include/envoy/registry/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "registry", hdrs = ["registry.h"], deps = [ "//source/common/common:assert_lib", "//source/common/config:api_type_oracle_lib", "//source/common/protobuf:utility_lib", "//source/extensions/common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/registry/registry.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/config/api_type_oracle.h" #include "common/protobuf/utility.h" #include "extensions/common/utility.h" #include "absl/base/attributes.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Registry { template class FactoryRegistry; template class RegisterFactory; /** * FactoryRegistryProxy is a proxy object that provides access to the * static methods of a strongly-typed factory registry. */ class FactoryRegistryProxy { public: virtual ~FactoryRegistryProxy() = default; virtual std::vector registeredNames() const PURE; // Return all registered factory names, including disabled factories. virtual std::vector allRegisteredNames() const PURE; virtual absl::optional getFactoryVersion(absl::string_view name) const PURE; virtual bool disableFactory(absl::string_view) PURE; virtual bool isFactoryDisabled(absl::string_view) const PURE; }; template class FactoryRegistryProxyImpl : public FactoryRegistryProxy { public: using FactoryRegistry = Envoy::Registry::FactoryRegistry; std::vector registeredNames() const override { return FactoryRegistry::registeredNames(); } std::vector allRegisteredNames() const override { return FactoryRegistry::registeredNames(true); } absl::optional getFactoryVersion(absl::string_view name) const override { return FactoryRegistry::getFactoryVersion(name); } bool disableFactory(absl::string_view name) override { return FactoryRegistry::disableFactory(name); } bool isFactoryDisabled(absl::string_view name) const override { return FactoryRegistry::isFactoryDisabled(name); } }; /** * BaseFactoryCategoryRegistry holds the static factory map for * FactoryCategoryRegistry, ensuring that friends of that class * cannot get non-const access to it. */ class BaseFactoryCategoryRegistry { protected: using MapType = absl::flat_hash_map; static MapType& factories() { static auto* factories = new MapType(); return *factories; } }; /** * FactoryCategoryRegistry registers factory registries by their * declared category. The category is exposed by a static category() * method on the factory base type. * * Only RegisterFactory instances are able to register factory registries. */ class FactoryCategoryRegistry : public BaseFactoryCategoryRegistry { public: /** * @return a read-only reference to the map of registered factory * registries. */ static const MapType& registeredFactories() { return factories(); } /** * @return whether the given category name is already registered. */ static bool isRegistered(absl::string_view category) { return factories().find(category) != factories().end(); } static bool disableFactory(absl::string_view category, absl::string_view name) { auto registry = factories().find(category); if (registry != factories().end()) { return registry->second->disableFactory(name); } return false; } private: // Allow RegisterFactory and the test helper InjectFactoryCategory to register a category, but // no-one else. This enforces correct use of the registration machinery. template friend class RegisterFactory; template friend class InjectFactoryCategory; static void registerCategory(const std::string& category, FactoryRegistryProxy* factory_names) { auto result = factories().emplace(std::make_pair(category, factory_names)); RELEASE_ASSERT(result.second == true, fmt::format("Double registration for category: '{}'", category)); } static void deregisterCategoryForTest(const std::string& category) { factories().erase(category); RELEASE_ASSERT(factories().find(category) == factories().end(), fmt::format("Deregistration for category '{}' failed", category)); } }; // Forward declaration of test class for friend declaration below. template class InjectFactory; /** * General registry for implementation factories. The registry is templated by the Base class that a * set of factories conforms to. * * Classes are found by name, so a single name cannot be registered twice for the same Base class. * Factories are registered by reference and this reference is expected to be valid through the life * of the program. Factories cannot be deregistered. * Factories should generally be registered by statically instantiating the RegisterFactory class. * * Note: This class is not thread safe, so registration should only occur in a single threaded * environment, which is guaranteed by the static instantiation mentioned above. * * Example lookup: BaseFactoryType *factory = * FactoryRegistry::getFactory("example_factory_name"); */ template class FactoryRegistry : public Logger::Loggable { public: /** * Return a sorted vector of registered factory names. */ static std::vector registeredNames(bool include_disabled = false) { std::vector ret; ret.reserve(factories().size()); for (const auto& [factory_name, factory] : factories()) { if (factory || include_disabled) { ret.push_back(factory_name); } } std::sort(ret.begin(), ret.end()); return ret; } /** * Gets the current map of factory implementations. */ static absl::flat_hash_map& factories() { static auto* factories = new absl::flat_hash_map; return *factories; } /** * Gets the current map of vendor specific factory versions. */ static absl::flat_hash_map& versionedFactories() { using VersionedFactoryMap = absl::flat_hash_map; MUTABLE_CONSTRUCT_ON_FIRST_USE(VersionedFactoryMap); } static absl::flat_hash_map& deprecatedFactoryNames() { static auto* deprecated_factory_names = new absl::flat_hash_map; return *deprecated_factory_names; } /** * Lazily constructs a mapping from the configuration message type to a factory, * including the deprecated configuration message types. * Must be invoked after factory registration is completed. */ static absl::flat_hash_map& factoriesByType() { static absl::flat_hash_map* factories_by_type = buildFactoriesByType().release(); return *factories_by_type; } /** * instead_value are used when passed name was deprecated. */ static void registerFactory(Base& factory, absl::string_view name, absl::string_view instead_value = "") { auto result = factories().emplace(std::make_pair(name, &factory)); if (!result.second) { ExceptionUtil::throwEnvoyException( fmt::format("Double registration for name: '{}'", factory.name())); } if (!instead_value.empty()) { deprecatedFactoryNames().emplace(std::make_pair(name, instead_value)); } } /** * version is used for registering vendor specific factories that are versioned * independently of Envoy. */ static void registerFactory(Base& factory, absl::string_view name, const envoy::config::core::v3::BuildVersion& version, absl::string_view instead_value = "") { auto result = factories().emplace(std::make_pair(name, &factory)); if (!result.second) { ExceptionUtil::throwEnvoyException( fmt::format("Double registration for name: '{}'", factory.name())); } versionedFactories().emplace(std::make_pair(name, version)); if (!instead_value.empty()) { deprecatedFactoryNames().emplace(std::make_pair(name, instead_value)); } } /** * Permanently disables the named factory by setting the corresponding * factory pointer to null. If the factory is registered under multiple * (deprecated) names, all the possible names are disabled. */ static bool disableFactory(absl::string_view name) { const auto disable = [](absl::string_view name) -> bool { auto it = factories().find(name); if (it != factories().end()) { it->second = nullptr; return true; } return false; }; // First, find the canonical name for this factory. absl::string_view canonicalName = canonicalFactoryName(name); // Next, disable the factory by all its deprecated names. for (const auto& [deprecated_name, mapped_canonical_name] : deprecatedFactoryNames()) { if (mapped_canonical_name == canonicalName) { disable(deprecated_name); } } // Finally, disable the factory by its canonical name. return disable(canonicalName); } /** * Gets a factory by name. If the name isn't found in the registry, returns nullptr. */ static Base* getFactory(absl::string_view name) { auto it = factories().find(name); if (it == factories().end()) { return nullptr; } if (!checkDeprecated(name)) { return nullptr; } return it->second; } static Base* getFactoryByType(absl::string_view type) { auto it = factoriesByType().find(type); if (it == factoriesByType().end()) { return nullptr; } return it->second; } /** * @return the canonical name of the factory. If the given name is a * deprecated factory name, the canonical name is returned instead. */ static absl::string_view canonicalFactoryName(absl::string_view name) { const auto it = deprecatedFactoryNames().find(name); return (it == deprecatedFactoryNames().end()) ? name : it->second; } static bool checkDeprecated(absl::string_view name) { auto it = deprecatedFactoryNames().find(name); const bool deprecated = it != deprecatedFactoryNames().end(); if (deprecated) { return Extensions::Common::Utility::ExtensionNameUtil::allowDeprecatedExtensionName( "", it->first, it->second); } return true; } /** * @return true if the named factory was disabled. */ static bool isFactoryDisabled(absl::string_view name) { auto it = factories().find(name); ASSERT(it != factories().end()); return it->second == nullptr; } /** * @return vendor specific version of a factory. */ static absl::optional getFactoryVersion(absl::string_view name) { auto it = versionedFactories().find(name); if (it == versionedFactories().end()) { return absl::nullopt; } return it->second; } private: // Allow factory injection only in tests. friend class InjectFactory; static std::unique_ptr> buildFactoriesByType() { auto mapping = std::make_unique>(); for (const auto& [factory_name, factory] : factories()) { if (factory == nullptr) { continue; } // Skip untyped factories. std::string config_type = factory->configType(); if (config_type.empty()) { continue; } // Register config types in the mapping and traverse the deprecated message type chain. while (true) { auto it = mapping->find(config_type); if (it != mapping->end() && it->second != factory) { // Mark double-registered types with a nullptr. // See issue https://github.com/envoyproxy/envoy/issues/9643. ENVOY_LOG(warn, "Double registration for type: '{}' by '{}' and '{}'", config_type, factory->name(), it->second ? it->second->name() : ""); it->second = nullptr; } else { mapping->emplace(std::make_pair(config_type, factory)); } const Protobuf::Descriptor* previous = Config::ApiTypeOracle::getEarlierVersionDescriptor(config_type); if (previous == nullptr) { break; } config_type = previous->full_name(); } } return mapping; } // Rebuild the factories-by-type map based on the current factories. static void rebuildFactoriesByTypeForTest() { auto& mapping = factoriesByType(); auto updated_mapping = buildFactoriesByType(); // Copy the updated mapping over the old one. mapping = *updated_mapping; } /** * Replaces a factory by name. This method should only be used for testing purposes. * @param factory is the factory to inject. * @param deprecated_names install the given deprecated names for this factory. * @return std::function a function that will restore the previously registered factories * (by name or type). */ static std::function replaceFactoryForTest(Base& factory, std::initializer_list deprecated_names = {}) { using DeprecatedNamesVector = std::vector>; // If an existing factory is registered with this name, track it for later restoration. Base* prev_by_name = nullptr; auto it = factories().find(factory.name()); if (it != factories().end()) { prev_by_name = it->second; factories().erase(it); ENVOY_LOG( info, "Factory '{}' (type '{}') displaced-by-name with test factory '{}' (type '{}')", prev_by_name->name(), prev_by_name->configType(), factory.name(), factory.configType()); } else { ENVOY_LOG(info, "Factory '{}' (type '{}') registered for tests", factory.name(), factory.configType()); } factories().emplace(factory.name(), &factory); RELEASE_ASSERT(getFactory(factory.name()) == &factory, "test factory by-name registration failed"); DeprecatedNamesVector prev_deprecated_names; if (deprecated_names.size() > 0) { for (auto deprecated_name : deprecated_names) { auto it = deprecatedFactoryNames().find(deprecated_name); if (it != deprecatedFactoryNames().end()) { prev_deprecated_names.emplace_back(std::make_pair(it->first, it->second)); deprecatedFactoryNames().erase(it); ENVOY_LOG( info, "Deprecated name '{}' (mapped to '{}') displaced with test factory '{}' (type '{}')", it->first, it->second, factory.name(), factory.configType()); } else { // Name not previously mapped, remember to remove it. prev_deprecated_names.emplace_back(std::make_pair(deprecated_name, "")); ENVOY_LOG(info, "Deprecated name '{}' (mapped to '{}')", deprecated_name, factory.name()); } // Register the replacement factory with a deprecated name. factories().emplace(deprecated_name, &factory); RELEASE_ASSERT(getFactory(deprecated_name) == &factory, "test factory registration by deprecated name failed"); // Register the replacement factory's deprecated name. deprecatedFactoryNames().emplace(std::make_pair(deprecated_name, factory.name())); } } rebuildFactoriesByTypeForTest(); return [replacement = &factory, prev_by_name, prev_deprecated_names]() { // Unregister the replacement factory by name. factories().erase(replacement->name()); ENVOY_LOG(info, "Removed test factory '{}' (type '{}')", replacement->name(), replacement->configType()); if (prev_by_name) { // Restore any factory displaced by name, but only register the type if it's non-empty. factories().emplace(prev_by_name->name(), prev_by_name); ENVOY_LOG(info, "Restored factory '{}' (type '{}'), formerly displaced-by-name", prev_by_name->name(), prev_by_name->configType()); } for (auto [prev_deprecated_name, mapped_canonical_name] : prev_deprecated_names) { deprecatedFactoryNames().erase(prev_deprecated_name); ENVOY_LOG(info, "Removed deprecated name '{}'", prev_deprecated_name); if (!mapped_canonical_name.empty()) { deprecatedFactoryNames().emplace( std::make_pair(prev_deprecated_name, mapped_canonical_name)); auto* deprecated_factory = getFactory(mapped_canonical_name); RELEASE_ASSERT(deprecated_factory != nullptr, "failed to restore deprecated factory name"); factories().emplace(mapped_canonical_name, deprecated_factory); ENVOY_LOG(info, "Restored deprecated name '{}' (mapped to '{}'", prev_deprecated_name, mapped_canonical_name); } } rebuildFactoriesByTypeForTest(); }; } }; /** * Factory registration template. Enables users to register a particular implementation factory with * the FactoryRegistry by instantiating this templated class with the specific factory class and the * general Base class to which that factory conforms. * * Because factories are generally registered once and live for the length of the program, the * standard use of this class is static instantiation within a linked implementation's translation * unit. For an example of a typical use case, @see NamedNetworkFilterConfigFactory. * * Example registration: REGISTER_FACTORY(SpecificFactory, BaseFactory); * REGISTER_FACTORY(SpecificFactory, BaseFactory){"deprecated_name"}; */ template class RegisterFactory { public: /** * Constructor that registers an instance of the factory with the FactoryRegistry. */ RegisterFactory() { ASSERT(!instance_.name().empty()); FactoryRegistry::registerFactory(instance_, instance_.name()); // Also register this factory with its category. // // Each time a factory registers, the registry will attempt to // register its category here. This means that we have to ignore // multiple attempts to register the same category and can't detect // duplicate categories. if (!FactoryCategoryRegistry::isRegistered(instance_.category())) { FactoryCategoryRegistry::registerCategory(instance_.category(), new FactoryRegistryProxyImpl()); } } /** * Constructor that registers an instance of the factory with the FactoryRegistry along with * deprecated names. */ explicit RegisterFactory(std::initializer_list deprecated_names) { if (!instance_.name().empty()) { FactoryRegistry::registerFactory(instance_, instance_.name()); } else { ASSERT(deprecated_names.size() != 0, "Attempted to register a factory without a name or deprecated name"); } for (auto deprecated_name : deprecated_names) { ASSERT(!deprecated_name.empty()); FactoryRegistry::registerFactory(instance_, deprecated_name, instance_.name()); } if (!FactoryCategoryRegistry::isRegistered(instance_.category())) { FactoryCategoryRegistry::registerCategory(instance_.category(), new FactoryRegistryProxyImpl()); } } /** * Constructor that registers an instance of the factory with the FactoryRegistry along with * vendor specific version. */ RegisterFactory(uint32_t major, uint32_t minor, uint32_t patch, const std::map& version_metadata) : RegisterFactory(major, minor, patch, version_metadata, {}) {} /** * Constructor that registers an instance of the factory with the FactoryRegistry along with * vendor specific version and deprecated names. */ RegisterFactory(uint32_t major, uint32_t minor, uint32_t patch, const std::map& version_metadata, std::initializer_list deprecated_names) { auto version = makeBuildVersion(major, minor, patch, version_metadata); if (instance_.name().empty()) { ASSERT(deprecated_names.size() != 0); } else { FactoryRegistry::registerFactory(instance_, instance_.name(), version); } for (auto deprecated_name : deprecated_names) { ASSERT(!deprecated_name.empty()); FactoryRegistry::registerFactory(instance_, deprecated_name, version, instance_.name()); } if (!FactoryCategoryRegistry::isRegistered(instance_.category())) { FactoryCategoryRegistry::registerCategory(instance_.category(), new FactoryRegistryProxyImpl()); } } private: static envoy::config::core::v3::BuildVersion makeBuildVersion(uint32_t major, uint32_t minor, uint32_t patch, const std::map& metadata) { envoy::config::core::v3::BuildVersion version; version.mutable_version()->set_major_number(major); version.mutable_version()->set_minor_number(minor); version.mutable_version()->set_patch(patch); *version.mutable_metadata() = MessageUtil::keyValueStruct(metadata); return version; } T instance_{}; }; /** * RegisterInternalFactory is a special case for registering factories * that are considered internal implementation details that should * not be exposed to operators via the factory categories. * * There is no corresponding REGISTER_INTERNAL_FACTORY because * this should be used sparingly and only in special cases. */ template class RegisterInternalFactory { public: RegisterInternalFactory() { ASSERT(!instance_.name().empty()); FactoryRegistry::registerFactory(instance_, instance_.name()); } private: T instance_{}; }; /** * Macro used for static registration. */ #define REGISTER_FACTORY(FACTORY, BASE) \ ABSL_ATTRIBUTE_UNUSED void forceRegister##FACTORY() {} \ static Envoy::Registry::RegisterFactory \ FACTORY##_registered #define FACTORY_VERSION(major, minor, patch, ...) major, minor, patch, __VA_ARGS__ /** * Macro used for static registration declaration. * Calling forceRegister...(); can be used to force the static factory initializer to run in a * setting in which Envoy is bundled as a static archive. In this case, the static initializer is * not run until a function in the compilation unit is invoked. The force function can be invoked * from a static library wrapper. */ #define DECLARE_FACTORY(FACTORY) ABSL_ATTRIBUTE_UNUSED void forceRegister##FACTORY() } // namespace Registry } // namespace Envoy ================================================ FILE: include/envoy/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "rds_interface", hdrs = ["rds.h"], deps = [ ":router_interface", "//include/envoy/http:filter_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "route_config_provider_manager_interface", hdrs = ["route_config_provider_manager.h"], deps = [ ":rds_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/json:json_object_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "route_config_update_info_interface", hdrs = ["route_config_update_receiver.h"], external_deps = ["abseil_optional"], deps = [ ":rds_interface", "//include/envoy/common:time_interface", "//source/common/protobuf", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_interface", hdrs = ["router.h"], external_deps = ["abseil_optional"], deps = [ ":internal_redirect_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/common:conn_pool_interface", "//include/envoy/common:matchers_interface", "//include/envoy/common:time_interface", "//include/envoy/config:typed_metadata_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:conn_pool_interface", "//include/envoy/http:hash_policy_interface", "//include/envoy/http:header_map_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:resource_manager_interface", "//include/envoy/upstream:retry_interface", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "scopes_interface", hdrs = ["scopes.h"], deps = [ ":router_interface", "//include/envoy/config:config_provider_interface", "//include/envoy/http:header_map_interface", ], ) envoy_cc_library( name = "router_ratelimit_interface", hdrs = ["router_ratelimit.h"], deps = [ "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/ratelimit:ratelimit_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "shadow_writer_interface", hdrs = ["shadow_writer.h"], deps = [ "//include/envoy/http:async_client_interface", "//include/envoy/http:message_interface", ], ) envoy_cc_library( name = "string_accessor_interface", hdrs = ["string_accessor.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/stream_info:filter_state_interface", ], ) envoy_cc_library( name = "internal_redirect_interface", hdrs = ["internal_redirect.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/stream_info:filter_state_interface", "//source/common/common:minimal_logger_lib", ], ) ================================================ FILE: include/envoy/router/internal_redirect.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/stream_info/filter_state.h" #include "common/common/logger.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Router { /** * Used to decide if an internal redirect is allowed to be followed based on the target route. * Subclassing Logger::Loggable so that implementations can log details. */ class InternalRedirectPredicate : Logger::Loggable { public: virtual ~InternalRedirectPredicate() = default; /** * A FilterState is provided so that predicate implementation can use it to preserve state across * internal redirects. * @param filter_state supplies the filter state associated with the current request so that the * predicates can use it to persist states across filter chains. * @param target_route_name indicates the route that an internal redirect is targeting. * @param downstream_is_https indicates the downstream request is using https. * @param target_is_https indicates the internal redirect target url has https in the url. * @return whether the route specified by target_route_name is allowed to be followed. Any * predicate returning false will prevent the redirect from being followed, causing the * response to be proxied downstream. */ virtual bool acceptTargetRoute(StreamInfo::FilterState& filter_state, absl::string_view target_route_name, bool downstream_is_https, bool target_is_https) PURE; /** * @return the name of the current predicate. */ virtual absl::string_view name() const PURE; }; using InternalRedirectPredicateSharedPtr = std::shared_ptr; /** * Factory for InternalRedirectPredicate. */ class InternalRedirectPredicateFactory : public Config::TypedFactory { public: ~InternalRedirectPredicateFactory() override = default; /** * @param config contains the proto stored in TypedExtensionConfig.typed_config for the predicate. * @param current_route_name stores the route name of the route where the predicate is installed. * @return an InternalRedirectPredicate. The given current_route_name is useful for predicates * that need to create per-route FilterState. */ virtual InternalRedirectPredicateSharedPtr createInternalRedirectPredicate(const Protobuf::Message& config, absl::string_view current_route_name) PURE; std::string category() const override { return "envoy.internal_redirect_predicates"; } }; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/rds.h ================================================ #pragma once #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/http/filter.h" #include "envoy/router/router.h" namespace Envoy { namespace Router { /** * A provider for constant route configurations. */ class RouteConfigProvider { public: struct ConfigInfo { // A reference to the currently loaded route configuration. Do not hold this reference beyond // the caller of configInfo()'s scope. const envoy::config::route::v3::RouteConfiguration& config_; // The discovery version that supplied this route. This will be set to "" in the case of // static clusters. std::string version_; }; virtual ~RouteConfigProvider() = default; /** * @return Router::ConfigConstSharedPtr a route configuration for use during a single request. The * returned config may be different on a subsequent call, so a new config should be acquired for * each request flow. */ virtual Router::ConfigConstSharedPtr config() PURE; /** * @return the configuration information for the currently loaded route configuration. Note that * if the provider has not yet performed an initial configuration load, no information will be * returned. */ virtual absl::optional configInfo() const PURE; /** * @return the last time this RouteConfigProvider was updated. Used for config dumps. */ virtual SystemTime lastUpdated() const PURE; /** * Callback used to notify RouteConfigProvider about configuration changes. */ virtual void onConfigUpdate() PURE; /** * Validate if the route configuration can be applied to the context of the route config provider. */ virtual void validateConfig(const envoy::config::route::v3::RouteConfiguration& config) const PURE; /** * Callback used to request an update to the route configuration from the management server. * @param for_domain supplies the domain name that virtual hosts must match on * @param thread_local_dispatcher thread-local dispatcher * @param route_config_updated_cb callback to be called when the configuration update has been * propagated to worker threads */ virtual void requestVirtualHostsUpdate( const std::string& for_domain, Event::Dispatcher& thread_local_dispatcher, std::weak_ptr route_config_updated_cb) PURE; }; using RouteConfigProviderPtr = std::unique_ptr; using RouteConfigProviderSharedPtr = std::shared_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/route_config_provider_manager.h ================================================ #pragma once #include #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/json/json_object.h" #include "envoy/local_info/local_info.h" #include "envoy/router/rds.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Router { /** * The RouteConfigProviderManager exposes the ability to get a RouteConfigProvider. This interface * is exposed to the Server's FactoryContext in order to allow HttpConnectionManagers to get * RouteConfigProviders. */ class RouteConfigProviderManager { public: virtual ~RouteConfigProviderManager() = default; /** * Get a RouteConfigProviderPtr for a route from RDS. Ownership of the RouteConfigProvider is the * HttpConnectionManagers who calls this function. The RouteConfigProviderManager holds raw * pointers to the RouteConfigProviders. Clean up of the pointers happen from the destructor of * the RouteConfigProvider. This method creates a RouteConfigProvider which may share the * underlying RDS subscription with the same (route_config_name, cluster). * @param rds supplies the proto configuration of an RDS-configured RouteConfigProvider. * @param factory_context is the context to use for the route config provider. * @param stat_prefix supplies the stat_prefix to use for the provider stats. * @param init_manager the Init::Manager used to coordinate initialization of a the underlying RDS * subscription. */ virtual RouteConfigProviderSharedPtr createRdsRouteConfigProvider( const envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, Init::Manager& init_manager) PURE; /** * Get a RouteConfigSharedPtr for a statically defined route. Ownership is as described for * getRdsRouteConfigProvider above. This method always create a new RouteConfigProvider. * @param route_config supplies the RouteConfiguration for this route * @param factory_context is the context to use for the route config provider. * @param validator is the message validator for route config. */ virtual RouteConfigProviderPtr createStaticRouteConfigProvider(const envoy::config::route::v3::RouteConfiguration& route_config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) PURE; }; using RouteConfigProviderManagerPtr = std::unique_ptr; using RouteConfigProviderManagerSharedPtr = std::shared_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/route_config_update_receiver.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/router/rds.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * A primitive that keeps track of updates to a RouteConfiguration. */ class RouteConfigUpdateReceiver { public: virtual ~RouteConfigUpdateReceiver() = default; /** * Called on updates via RDS. * @param rc supplies the RouteConfiguration. * @param version_info supplies RouteConfiguration version. * @return bool whether RouteConfiguration has been updated. */ virtual bool onRdsUpdate(const envoy::config::route::v3::RouteConfiguration& rc, const std::string& version_info) PURE; using VirtualHostRefVector = std::vector>; /** * Called on updates via VHDS. * @param added_vhosts supplies VirtualHosts that have been added. * @param added_resource_ids set of resources IDs (names + aliases) added. * @param removed_resources supplies names of VirtualHosts that have been removed. * @param version_info supplies RouteConfiguration version. * @return bool whether RouteConfiguration has been updated. */ virtual bool onVhdsUpdate(const VirtualHostRefVector& added_vhosts, const std::set& added_resource_ids, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info) PURE; /** * @return std::string& the name of RouteConfiguration. */ virtual const std::string& routeConfigName() const PURE; /** * @return std::string& the version of RouteConfiguration. */ virtual const std::string& configVersion() const PURE; /** * @return bool return whether VHDS configuration has been changed in the last RDS update. */ // TODO(dmitri-d): Consider splitting RouteConfigUpdateReceiver into a RouteConfig state and a // last update state. The latter could be passed to callbacks as a parameter, which would make the // intent and the lifecycle of the "last update state" less muddled. virtual bool vhdsConfigurationChanged() const PURE; /** * @return uint64_t the hash value of RouteConfiguration. */ virtual uint64_t configHash() const PURE; /** * @return absl::optional containing an instance of * RouteConfigProvider::ConfigInfo if RouteConfiguration has been updated at least once. Otherwise * returns an empty absl::optional. */ virtual absl::optional configInfo() const PURE; /** * @return envoy::config::route::v3::RouteConfiguration& current RouteConfiguration. */ virtual const envoy::config::route::v3::RouteConfiguration& routeConfiguration() PURE; /** * @return SystemTime the time of the last update. */ virtual SystemTime lastUpdated() const PURE; /** * @return the union of all resource names and aliases (if any) received with the last VHDS * update. */ virtual const std::set& resourceIdsInLastVhdsUpdate() PURE; }; using RouteConfigUpdatePtr = std::unique_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/router.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/conn_pool.h" #include "envoy/common/matchers.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/http/codec.h" #include "envoy/http/codes.h" #include "envoy/http/conn_pool.h" #include "envoy/http/hash_policy.h" #include "envoy/http/header_map.h" #include "envoy/router/internal_redirect.h" #include "envoy/tcp/conn_pool.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/retry.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { class ClusterManager; class LoadBalancerContext; } // namespace Upstream namespace Router { /** * Functionality common among routing primitives, such as DirectResponseEntry and RouteEntry. */ class ResponseEntry { public: virtual ~ResponseEntry() = default; /** * Do potentially destructive header transforms on response headers prior to forwarding. For * example, adding or removing headers. This should only be called ONCE immediately after * obtaining the initial response headers. * @param headers supplies the response headers, which may be modified during this call. * @param stream_info holds additional information about the request. */ virtual void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const PURE; }; /** * A routing primitive that specifies a direct (non-proxied) HTTP response. */ class DirectResponseEntry : public ResponseEntry { public: ~DirectResponseEntry() override = default; /** * Returns the HTTP status code to return. * @return Http::Code the response Code. */ virtual Http::Code responseCode() const PURE; /** * Returns the redirect path based on the request headers. * @param headers supplies the request headers. * @return std::string the redirect URL if this DirectResponseEntry is a redirect, * or an empty string otherwise. */ virtual std::string newPath(const Http::RequestHeaderMap& headers) const PURE; /** * Returns the response body to send with direct responses. * @return std::string& the response body specified in the route configuration, * or an empty string if no response body is specified. */ virtual const std::string& responseBody() const PURE; /** * Do potentially destructive header transforms on Path header prior to redirection. For * example prefix rewriting for redirects etc. This should only be called ONCE * immediately prior to redirecting. * @param headers supplies the request headers, which may be modified during this call. * @param insert_envoy_original_path insert x-envoy-original-path header? */ virtual void rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const PURE; /** * @return std::string& the name of the route. */ virtual const std::string& routeName() const PURE; }; /** * CorsPolicy for Route and VirtualHost. */ class CorsPolicy { public: virtual ~CorsPolicy() = default; /** * @return std::vector& access-control-allow-origin matchers. */ virtual const std::vector& allowOrigins() const PURE; /** * @return std::string access-control-allow-methods value. */ virtual const std::string& allowMethods() const PURE; /** * @return std::string access-control-allow-headers value. */ virtual const std::string& allowHeaders() const PURE; /** * @return std::string access-control-expose-headers value. */ virtual const std::string& exposeHeaders() const PURE; /** * @return std::string access-control-max-age value. */ virtual const std::string& maxAge() const PURE; /** * @return const absl::optional& Whether access-control-allow-credentials should be true. */ virtual const absl::optional& allowCredentials() const PURE; /** * @return bool Whether CORS is enabled for the route or virtual host. */ virtual bool enabled() const PURE; /** * @return bool Whether CORS policies are evaluated when filter is off. */ virtual bool shadowEnabled() const PURE; }; /** * An interface to be implemented by rate limited reset header parsers. */ class ResetHeaderParser { public: virtual ~ResetHeaderParser() = default; /** * Iterate over the headers, choose the first one that matches by name, and try to parse its * value. */ virtual absl::optional parseInterval(TimeSource& time_source, const Http::HeaderMap& headers) const PURE; }; using ResetHeaderParserSharedPtr = std::shared_ptr; /** * Route level retry policy. */ class RetryPolicy { public: // clang-format off static const uint32_t RETRY_ON_5XX = 0x1; static const uint32_t RETRY_ON_GATEWAY_ERROR = 0x2; static const uint32_t RETRY_ON_CONNECT_FAILURE = 0x4; static const uint32_t RETRY_ON_RETRIABLE_4XX = 0x8; static const uint32_t RETRY_ON_REFUSED_STREAM = 0x10; static const uint32_t RETRY_ON_GRPC_CANCELLED = 0x20; static const uint32_t RETRY_ON_GRPC_DEADLINE_EXCEEDED = 0x40; static const uint32_t RETRY_ON_GRPC_RESOURCE_EXHAUSTED = 0x80; static const uint32_t RETRY_ON_GRPC_UNAVAILABLE = 0x100; static const uint32_t RETRY_ON_GRPC_INTERNAL = 0x200; static const uint32_t RETRY_ON_RETRIABLE_STATUS_CODES = 0x400; static const uint32_t RETRY_ON_RESET = 0x800; static const uint32_t RETRY_ON_RETRIABLE_HEADERS = 0x1000; static const uint32_t RETRY_ON_ENVOY_RATE_LIMITED = 0x2000; // clang-format on virtual ~RetryPolicy() = default; /** * @return std::chrono::milliseconds timeout per retry attempt. */ virtual std::chrono::milliseconds perTryTimeout() const PURE; /** * @return uint32_t the number of retries to allow against the route. */ virtual uint32_t numRetries() const PURE; /** * @return uint32_t a local OR of RETRY_ON values above. */ virtual uint32_t retryOn() const PURE; /** * Initializes a new set of RetryHostPredicates to be used when retrying with this retry policy. * @return list of RetryHostPredicates to use */ virtual std::vector retryHostPredicates() const PURE; /** * Initializes a RetryPriority to be used when retrying with this retry policy. * @return the RetryPriority to use when determining priority load for retries, or nullptr * if none should be used. */ virtual Upstream::RetryPrioritySharedPtr retryPriority() const PURE; /** * Number of times host selection should be reattempted when selecting a host * for a retry attempt. */ virtual uint32_t hostSelectionMaxAttempts() const PURE; /** * List of status codes that should trigger a retry when the retriable-status-codes retry * policy is enabled. */ virtual const std::vector& retriableStatusCodes() const PURE; /** * @return std::vector& list of response header matchers that * will be checked when the 'retriable-headers' retry policy is enabled. */ virtual const std::vector& retriableHeaders() const PURE; /** * @return std::vector& list of request header * matchers that will be checked before enabling retries. */ virtual const std::vector& retriableRequestHeaders() const PURE; /** * @return absl::optional base retry interval */ virtual absl::optional baseInterval() const PURE; /** * @return absl::optional maximum retry interval */ virtual absl::optional maxInterval() const PURE; /** * @return std::vector& list of reset header * parsers that will be used to extract a retry back-off interval from response headers. */ virtual const std::vector& resetHeaders() const PURE; /** * @return std::chrono::milliseconds upper limit placed on a retry * back-off interval parsed from response headers. */ virtual std::chrono::milliseconds resetMaxInterval() const PURE; }; /** * RetryStatus whether request should be retried or not. */ enum class RetryStatus { No, NoOverflow, NoRetryLimitExceeded, Yes }; /** * InternalRedirectPolicy from the route configuration. */ class InternalRedirectPolicy { public: virtual ~InternalRedirectPolicy() = default; /** * @return whether internal redirect is enabled on this route. */ virtual bool enabled() const PURE; /** * @param response_code the response code from the upstream. * @return whether the given response_code should trigger an internal redirect on this route. */ virtual bool shouldRedirectForResponseCode(const Http::Code& response_code) const PURE; /** * Creates the target route predicates. This should really be called only once for each upstream * redirect response. Creating the predicates lazily to avoid wasting CPU cycles on non-redirect * responses, which should be the most common case. * @return a vector of newly constructed InternalRedirectPredicate instances. */ virtual std::vector predicates() const PURE; /** * @return the maximum number of allowed internal redirects on this route. */ virtual uint32_t maxInternalRedirects() const PURE; /** * @return if it is allowed to follow the redirect with a different scheme in * the target URI than the downstream request. */ virtual bool isCrossSchemeRedirectAllowed() const PURE; }; /** * Wraps retry state for an active routed request. */ class RetryState { public: using DoRetryCallback = std::function; virtual ~RetryState() = default; /** * @return true if a policy is in place for the active request that allows retries. */ virtual bool enabled() PURE; /** * Attempts to parse any matching rate limited reset headers (RFC 7231), either in the form of an * interval directly, or in the form of a unix timestamp relative to the current system time. * @return the interval if parsing was successful. */ virtual absl::optional parseResetInterval(const Http::ResponseHeaderMap& response_headers) const PURE; /** * Determine whether a request should be retried based on the response headers. * @param response_headers supplies the response headers. * @param callback supplies the callback that will be invoked when the retry should take place. * This is used to add timed backoff, etc. The callback will never be called * inline. * @return RetryStatus if a retry should take place. @param callback will be called at some point * in the future. Otherwise a retry should not take place and the callback will never be * called. Calling code should proceed with error handling. */ virtual RetryStatus shouldRetryHeaders(const Http::ResponseHeaderMap& response_headers, DoRetryCallback callback) PURE; /** * Determines whether given response headers would be retried by the retry policy, assuming * sufficient retry budget and circuit breaker headroom. This is useful in cases where * the information about whether a response is "good" or not is useful, but a retry should * not be attempted for other reasons. * @param response_headers supplies the response headers. * @return bool true if a retry would be warranted based on the retry policy. */ virtual bool wouldRetryFromHeaders(const Http::ResponseHeaderMap& response_headers) PURE; /** * Determine whether a request should be retried after a reset based on the reason for the reset. * @param reset_reason supplies the reset reason. * @param callback supplies the callback that will be invoked when the retry should take place. * This is used to add timed backoff, etc. The callback will never be called * inline. * @return RetryStatus if a retry should take place. @param callback will be called at some point * in the future. Otherwise a retry should not take place and the callback will never be * called. Calling code should proceed with error handling. */ virtual RetryStatus shouldRetryReset(const Http::StreamResetReason reset_reason, DoRetryCallback callback) PURE; /** * Determine whether a "hedged" retry should be sent after the per try * timeout expires. This means the original request is not canceled, but a * new one is sent to hedge against the original request taking even longer. * @param callback supplies the callback that will be invoked when the retry should take place. * This is used to add timed backoff, etc. The callback will never be called * inline. * @return RetryStatus if a retry should take place. @param callback will be called at some point * in the future. Otherwise a retry should not take place and the callback will never be * called. Calling code should proceed with error handling. */ virtual RetryStatus shouldHedgeRetryPerTryTimeout(DoRetryCallback callback) PURE; /** * Called when a host was attempted but the request failed and is eligible for another retry. * Should be used to update whatever internal state depends on previously attempted hosts. * @param host the previously attempted host. */ virtual void onHostAttempted(Upstream::HostDescriptionConstSharedPtr host) PURE; /** * Determine whether host selection should be reattempted. Applies to host selection during * retries, and is used to provide configurable host selection for retries. * @param host the host under consideration * @return whether host selection should be reattempted */ virtual bool shouldSelectAnotherHost(const Upstream::Host& host) PURE; /** * Returns a reference to the PriorityLoad that should be used for the next retry. * @param priority_set current priority set. * @param original_priority_load original priority load. * @param priority_mapping_func see @Upstream::RetryPriority::PriorityMappingFunc. * @return HealthyAndDegradedLoad that should be used to select a priority for the next retry. */ virtual const Upstream::HealthyAndDegradedLoad& priorityLoadForRetry( const Upstream::PrioritySet& priority_set, const Upstream::HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc& priority_mapping_func) PURE; /** * return how many times host selection should be reattempted during host selection. */ virtual uint32_t hostSelectionMaxAttempts() const PURE; }; using RetryStatePtr = std::unique_ptr; /** * Per route policy for request shadowing. */ class ShadowPolicy { public: virtual ~ShadowPolicy() = default; /** * @return the name of the cluster that a matching request should be shadowed to. Returns empty * string if no shadowing should take place. */ virtual const std::string& cluster() const PURE; /** * @return the runtime key that will be used to determine whether an individual request should * be shadowed. The lack of a key means that all requests will be shadowed. If a key is * present it will be used to drive random selection in the range 0-10000 for 0.01% * increments. */ virtual const std::string& runtimeKey() const PURE; /** * @return the default fraction of traffic the should be shadowed, if the runtime key is not * present. */ virtual const envoy::type::v3::FractionalPercent& defaultValue() const PURE; /** * @return true if the trace span should be sampled. */ virtual bool traceSampled() const PURE; }; using ShadowPolicyPtr = std::unique_ptr; /** * All virtual cluster stats. @see stats_macro.h */ #define ALL_VIRTUAL_CLUSTER_STATS(COUNTER) \ COUNTER(upstream_rq_retry) \ COUNTER(upstream_rq_retry_limit_exceeded) \ COUNTER(upstream_rq_retry_overflow) \ COUNTER(upstream_rq_retry_success) \ COUNTER(upstream_rq_timeout) \ COUNTER(upstream_rq_total) /** * Struct definition for all virtual cluster stats. @see stats_macro.h */ struct VirtualClusterStats { ALL_VIRTUAL_CLUSTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Virtual cluster definition (allows splitting a virtual host into virtual clusters orthogonal to * routes for stat tracking and priority purposes). */ class VirtualCluster { public: virtual ~VirtualCluster() = default; /** * @return the stat-name of the virtual cluster. */ virtual Stats::StatName statName() const PURE; /** * @return VirtualClusterStats& strongly named stats for this virtual cluster. */ virtual VirtualClusterStats& stats() const PURE; static VirtualClusterStats generateStats(Stats::Scope& scope) { return {ALL_VIRTUAL_CLUSTER_STATS(POOL_COUNTER(scope))}; } }; class RateLimitPolicy; class Config; /** * All route specific config returned by the method at * NamedHttpFilterConfigFactory::createRouteSpecificFilterConfig * should be derived from this class. */ class RouteSpecificFilterConfig { public: virtual ~RouteSpecificFilterConfig() = default; }; using RouteSpecificFilterConfigConstSharedPtr = std::shared_ptr; /** * Virtual host definition. */ class VirtualHost { public: virtual ~VirtualHost() = default; /** * @return const CorsPolicy* the CORS policy for this virtual host. */ virtual const CorsPolicy* corsPolicy() const PURE; /** * @return the stat-name of the virtual host. */ virtual Stats::StatName statName() const PURE; /** * @return const RateLimitPolicy& the rate limit policy for the virtual host. */ virtual const RateLimitPolicy& rateLimitPolicy() const PURE; /** * @return const Config& the RouteConfiguration that owns this virtual host. */ virtual const Config& routeConfig() const PURE; /** * @return const RouteSpecificFilterConfig* the per-filter config pre-processed object for * the given filter name. If there is not per-filter config, or the filter factory returns * nullptr, nullptr is returned. */ virtual const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const PURE; /** * This is a helper on top of perFilterConfig() that casts the return object to the specified * type. */ template const Derived* perFilterConfigTyped(const std::string& name) const { return dynamic_cast(perFilterConfig(name)); } /** * @return bool whether to include the request count header in upstream requests. */ virtual bool includeAttemptCountInRequest() const PURE; /** * @return bool whether to include the request count header in the downstream response. */ virtual bool includeAttemptCountInResponse() const PURE; /** * @return uint32_t any route cap on bytes which should be buffered for shadowing or retries. * This is an upper bound so does not necessarily reflect the bytes which will be buffered * as other limits may apply. * If a per route limit exists, it takes precedence over this configuration. * Unlike some other buffer limits, 0 here indicates buffering should not be performed * rather than no limit applies. */ virtual uint32_t retryShadowBufferLimit() const PURE; }; /** * Route level hedging policy. */ class HedgePolicy { public: virtual ~HedgePolicy() = default; /** * @return number of upstream requests that should be sent initially. */ virtual uint32_t initialRequests() const PURE; /** * @return percent chance that an additional upstream request should be sent * on top of the value from initialRequests(). */ virtual const envoy::type::v3::FractionalPercent& additionalRequestChance() const PURE; /** * @return bool indicating whether request hedging should occur when a request * is retried due to a per try timeout. The alternative is the original request * will be canceled immediately. */ virtual bool hedgeOnPerTryTimeout() const PURE; }; class MetadataMatchCriterion { public: virtual ~MetadataMatchCriterion() = default; /* * @return const std::string& the name of the metadata key */ virtual const std::string& name() const PURE; /* * @return const Envoy::HashedValue& the value for the metadata key */ virtual const HashedValue& value() const PURE; }; using MetadataMatchCriterionConstSharedPtr = std::shared_ptr; class MetadataMatchCriteria; using MetadataMatchCriteriaConstPtr = std::unique_ptr; class MetadataMatchCriteria { public: virtual ~MetadataMatchCriteria() = default; /* * @return std::vector& a vector of * metadata to be matched against upstream endpoints when load * balancing, sorted lexically by name. */ virtual const std::vector& metadataMatchCriteria() const PURE; /** * Creates a new MetadataMatchCriteria, merging existing * metadata criteria with the provided criteria. The result criteria is the * combination of both sets of criteria, with those from the metadata_matches * ProtobufWkt::Struct taking precedence. * @param metadata_matches supplies the new criteria. * @return MetadataMatchCriteriaConstPtr the result criteria. */ virtual MetadataMatchCriteriaConstPtr mergeMatchCriteria(const ProtobufWkt::Struct& metadata_matches) const PURE; /** * Creates a new MetadataMatchCriteria with criteria vector reduced to given names * @param names names of metadata keys to preserve * @return MetadataMatchCriteriaConstPtr the result criteria. Returns nullptr if the result * criteria are empty. */ virtual MetadataMatchCriteriaConstPtr filterMatchCriteria(const std::set& names) const PURE; }; /** * Criterion that a route entry uses for matching TLS connection context. */ class TlsContextMatchCriteria { public: virtual ~TlsContextMatchCriteria() = default; /** * @return bool indicating whether the client presented credentials. */ virtual const absl::optional& presented() const PURE; /** * @return bool indicating whether the client credentials successfully validated against the TLS * context validation context. */ virtual const absl::optional& validated() const PURE; }; using TlsContextMatchCriteriaConstPtr = std::unique_ptr; /** * Type of path matching that a route entry uses. */ enum class PathMatchType { None, Prefix, Exact, Regex, }; /** * Criterion that a route entry uses for matching a particular path. */ class PathMatchCriterion { public: virtual ~PathMatchCriterion() = default; /** * @return PathMatchType type of path match. */ virtual PathMatchType matchType() const PURE; /** * @return const std::string& the string with which to compare paths. */ virtual const std::string& matcher() const PURE; }; /** * Base class for all route typed metadata factories. */ class HttpRouteTypedMetadataFactory : public Envoy::Config::TypedMetadataFactory {}; /** * An individual resolved route entry. */ class RouteEntry : public ResponseEntry { public: ~RouteEntry() override = default; /** * @return const std::string& the upstream cluster that owns the route. */ virtual const std::string& clusterName() const PURE; /** * Returns the HTTP status code to use when configured cluster is not found. * @return Http::Code to use when configured cluster is not found. */ virtual Http::Code clusterNotFoundResponseCode() const PURE; /** * @return const CorsPolicy* the CORS policy for this virtual host. */ virtual const CorsPolicy* corsPolicy() const PURE; /** * Do potentially destructive header transforms on request headers prior to forwarding. For * example URL prefix rewriting, adding headers, etc. This should only be called ONCE * immediately prior to forwarding. It is done this way vs. copying for performance reasons. * @param headers supplies the request headers, which may be modified during this call. * @param stream_info holds additional information about the request. * @param insert_envoy_original_path insert x-envoy-original-path header if path rewritten? */ virtual void finalizeRequestHeaders(Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, bool insert_envoy_original_path) const PURE; /** * @return const HashPolicy* the optional hash policy for the route. */ virtual const Http::HashPolicy* hashPolicy() const PURE; /** * @return const HedgePolicy& the hedge policy for the route. All routes have a hedge policy even * if it is empty and does not allow for hedged requests. */ virtual const HedgePolicy& hedgePolicy() const PURE; /** * @return the priority of the route. */ virtual Upstream::ResourcePriority priority() const PURE; /** * @return const RateLimitPolicy& the rate limit policy for the route. */ virtual const RateLimitPolicy& rateLimitPolicy() const PURE; /** * @return const RetryPolicy& the retry policy for the route. All routes have a retry policy even * if it is empty and does not allow retries. */ virtual const RetryPolicy& retryPolicy() const PURE; /** * @return const InternalRedirectPolicy& the internal redirect policy for the route. All routes * have a internal redirect policy even if it is not enabled, which means redirects are * simply proxied as normal responses. */ virtual const InternalRedirectPolicy& internalRedirectPolicy() const PURE; /** * @return uint32_t any route cap on bytes which should be buffered for shadowing or retries. * This is an upper bound so does not necessarily reflect the bytes which will be buffered * as other limits may apply. * Unlike some other buffer limits, 0 here indicates buffering should not be performed * rather than no limit applies. */ virtual uint32_t retryShadowBufferLimit() const PURE; /** * @return const std::vector& the shadow policies for the route. The vector is empty * if no shadowing takes place. */ virtual const std::vector& shadowPolicies() const PURE; /** * @return std::chrono::milliseconds the route's timeout. */ virtual std::chrono::milliseconds timeout() const PURE; /** * @return optional the route's idle timeout. Zero indicates a * disabled idle timeout, while nullopt indicates deference to the global timeout. */ virtual absl::optional idleTimeout() const PURE; /** * @return optional the route's maximum stream duration. */ virtual absl::optional maxStreamDuration() const PURE; /** * @return optional the max grpc-timeout this route will allow. */ virtual absl::optional grpcTimeoutHeaderMax() const PURE; /** * @return optional the delta between grpc-timeout and enforced grpc * timeout. */ virtual absl::optional grpcTimeoutHeaderOffset() const PURE; /** * @return absl::optional the maximum allowed timeout value derived * from 'grpc-timeout' header of a gRPC request. Non-present value disables use of 'grpc-timeout' * header, while 0 represents infinity. */ virtual absl::optional maxGrpcTimeout() const PURE; /** * @return absl::optional the timeout offset to apply to the timeout * provided by the 'grpc-timeout' header of a gRPC request. This value will be positive and should * be subtracted from the value provided by the header. */ virtual absl::optional grpcTimeoutOffset() const PURE; /** * Determine whether a specific request path belongs to a virtual cluster for use in stats, etc. * @param headers supplies the request headers. * @return the virtual cluster or nullptr if there is no match. */ virtual const VirtualCluster* virtualCluster(const Http::HeaderMap& headers) const PURE; /** * @return const VirtualHost& the virtual host that owns the route. */ virtual const VirtualHost& virtualHost() const PURE; /** * @return bool true if the :authority header should be overwritten with the upstream hostname. */ virtual bool autoHostRewrite() const PURE; /** * @return MetadataMatchCriteria* the metadata that a subset load balancer should match when * selecting an upstream host */ virtual const MetadataMatchCriteria* metadataMatchCriteria() const PURE; /** * @return const std::multimap the opaque configuration associated * with the route */ virtual const std::multimap& opaqueConfig() const PURE; /** * @return bool true if the virtual host rate limits should be included. */ virtual bool includeVirtualHostRateLimits() const PURE; /** * @return const Envoy::Config::TypedMetadata& return the typed metadata provided in the config * for this route. */ virtual const Envoy::Config::TypedMetadata& typedMetadata() const PURE; /** * @return const envoy::config::core::v3::Metadata& return the metadata provided in the config for * this route. */ virtual const envoy::config::core::v3::Metadata& metadata() const PURE; /** * @return TlsContextMatchCriteria* the tls context match criterion for this route. If there is no * tls context match criteria, nullptr is returned. */ virtual const TlsContextMatchCriteria* tlsContextMatchCriteria() const PURE; /** * @return const PathMatchCriterion& the match criterion for this route. */ virtual const PathMatchCriterion& pathMatchCriterion() const PURE; /** * @return const RouteSpecificFilterConfig* the per-filter config pre-processed object for * the given filter name. If there is not per-filter config, or the filter factory returns * nullptr, nullptr is returned. */ virtual const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const PURE; /** * This is a helper on top of perFilterConfig() that casts the return object to the specified * type. */ template const Derived* perFilterConfigTyped(const std::string& name) const { return dynamic_cast(perFilterConfig(name)); }; /** * This is a helper to get the route's per-filter config if it exists, otherwise the virtual * host's. Or nullptr if none of them exist. */ template const Derived* mostSpecificPerFilterConfigTyped(const std::string& name) const { const Derived* config = perFilterConfigTyped(name); return config ? config : virtualHost().perFilterConfigTyped(name); } /** * True if the virtual host this RouteEntry belongs to is configured to include the attempt * count header. * @return bool whether x-envoy-attempt-count should be included on the upstream request. */ virtual bool includeAttemptCountInRequest() const PURE; /** * True if the virtual host this RouteEntry belongs to is configured to include the attempt * count header. * @return bool whether x-envoy-attempt-count should be included on the downstream response. */ virtual bool includeAttemptCountInResponse() const PURE; using UpgradeMap = std::map; /** * @return a map of route-specific upgrades to their enabled/disabled status. */ virtual const UpgradeMap& upgradeMap() const PURE; using ConnectConfig = envoy::config::route::v3::RouteAction::UpgradeConfig::ConnectConfig; /** * If present, informs how to handle proxying CONNECT requests on this route. */ virtual const absl::optional& connectConfig() const PURE; /** * @return std::string& the name of the route. */ virtual const std::string& routeName() const PURE; }; /** * An interface representing the Decorator. */ class Decorator { public: virtual ~Decorator() = default; /** * This method decorates the supplied span. * @param Tracing::Span& the span. */ virtual void apply(Tracing::Span& span) const PURE; /** * This method returns the operation name. * @return the operation name */ virtual const std::string& getOperation() const PURE; /** * This method returns whether the decorator information * should be propagated to other services. * @return whether to propagate */ virtual bool propagate() const PURE; }; using DecoratorConstPtr = std::unique_ptr; /** * An interface representing the Tracing for the route configuration. */ class RouteTracing { public: virtual ~RouteTracing() = default; /** * This method returns the client sampling percentage. * @return the client sampling percentage */ virtual const envoy::type::v3::FractionalPercent& getClientSampling() const PURE; /** * This method returns the random sampling percentage. * @return the random sampling percentage */ virtual const envoy::type::v3::FractionalPercent& getRandomSampling() const PURE; /** * This method returns the overall sampling percentage. * @return the overall sampling percentage */ virtual const envoy::type::v3::FractionalPercent& getOverallSampling() const PURE; /** * This method returns the route level tracing custom tags. * @return the tracing custom tags. */ virtual const Tracing::CustomTagMap& getCustomTags() const PURE; }; using RouteTracingConstPtr = std::unique_ptr; /** * An interface that holds a DirectResponseEntry or RouteEntry for a request. */ class Route { public: virtual ~Route() = default; /** * @return the direct response entry or nullptr if there is no direct response for the request. */ virtual const DirectResponseEntry* directResponseEntry() const PURE; /** * @return the route entry or nullptr if there is no matching route for the request. */ virtual const RouteEntry* routeEntry() const PURE; /** * @return the decorator or nullptr if not defined for the request. */ virtual const Decorator* decorator() const PURE; /** * @return the tracing config or nullptr if not defined for the request. */ virtual const RouteTracing* tracingConfig() const PURE; /** * @return const RouteSpecificFilterConfig* the per-filter config pre-processed object for * the given filter name. If there is not per-filter config, or the filter factory returns * nullptr, nullptr is returned. */ virtual const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const PURE; /** * This is a helper on top of perFilterConfig() that casts the return object to the specified * type. */ template const Derived* perFilterConfigTyped(const std::string& name) const { return dynamic_cast(perFilterConfig(name)); } }; using RouteConstSharedPtr = std::shared_ptr; /** * RouteCallback, returns one of these enums to the route matcher to indicate * if the matched route has been accepted or it wants the route matching to * continue. */ enum class RouteMatchStatus { // Continue matching route Continue, // Accept matched route Accept }; /** * RouteCallback is passed this enum to indicate if more routes are available for evaluation. */ enum class RouteEvalStatus { // Has more routes that can be evaluated for match. HasMoreRoutes, // All routes have been evaluated for match. NoMoreRoutes }; /** * RouteCallback can be used to override routing decision made by the Route::Config::route, * this callback is passed the RouteConstSharedPtr, when a matching route is found, and * RouteEvalStatus indicating whether there are more routes available for evaluation. * * RouteCallback will be called back only when at least one matching route is found, if no matching * routes are found RouteCallback will not be invoked. RouteCallback can return one of the * RouteMatchStatus enum to indicate if the match has been accepted or should the route match * evaluation continue. * * Returning RouteMatchStatus::Continue, when no more routes available for evaluation will result in * no further callbacks and no route is deemed to be accepted and nullptr is returned to the caller * of Route::Config::route. */ using RouteCallback = std::function; /** * The router configuration. */ class Config { public: virtual ~Config() = default; /** * Based on the incoming HTTP request headers, determine the target route (containing either a * route entry or a direct response entry) for the request. * @param headers supplies the request headers. * @param random_value supplies the random seed to use if a runtime choice is required. This * allows stable choices between calls if desired. * @return the route or nullptr if there is no matching route for the request. */ virtual RouteConstSharedPtr route(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const PURE; /** * Based on the incoming HTTP request headers, determine the target route (containing either a * route entry or a direct response entry) for the request. * * Invokes callback with matched route, callback can choose to accept the route by returning * RouteStatus::Stop or continue route match from last matched route by returning * RouteMatchStatus::Continue, when more routes are available. * * @param cb supplies callback to be invoked upon route match. * @param headers supplies the request headers. * @param random_value supplies the random seed to use if a runtime choice is required. This * allows stable choices between calls if desired. * @return the route accepted by the callback or nullptr if no match found or none of route is * accepted by the callback. */ virtual RouteConstSharedPtr route(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const PURE; /** * Return a list of headers that will be cleaned from any requests that are not from an internal * (RFC1918) source. */ virtual const std::list& internalOnlyHeaders() const PURE; /** * @return const std::string the RouteConfiguration name. */ virtual const std::string& name() const PURE; /** * @return whether router configuration uses VHDS. */ virtual bool usesVhds() const PURE; /** * @return bool whether most specific header mutations should take precedence. The default * evaluation order is route level, then virtual host level and finally global connection * manager level. */ virtual bool mostSpecificHeaderMutationsWins() const PURE; }; using ConfigConstSharedPtr = std::shared_ptr; class GenericConnectionPoolCallbacks; class GenericUpstream; /** * An API for wrapping either an HTTP or a TCP connection pool. * * The GenericConnPool exists to create a GenericUpstream handle via a call to * newStream resulting in an eventual call to onPoolReady */ class GenericConnPool { public: virtual ~GenericConnPool() = default; /** * Called to create a new HTTP stream or TCP connection for "CONNECT streams". * * The implementation of the GenericConnPool will either call * GenericConnectionPoolCallbacks::onPoolReady * when a stream is available or GenericConnectionPoolCallbacks::onPoolFailure * if stream creation fails. * * The caller is responsible for calling cancelAnyPendingStream() if stream * creation is no longer desired. newStream may only be called once per * GenericConnPool. * * @param callbacks callbacks to communicate stream failure or creation on. */ virtual void newStream(GenericConnectionPoolCallbacks* callbacks) PURE; /** * Called to cancel any pending newStream request, */ virtual bool cancelAnyPendingStream() PURE; /** * @return optionally returns the protocol for the connection pool. */ virtual absl::optional protocol() const PURE; /** * @return optionally returns the host for the connection pool. */ virtual Upstream::HostDescriptionConstSharedPtr host() const PURE; }; /** * An API for the interactions the upstream stream needs to have with the downstream stream * and/or router components */ class UpstreamToDownstream : public Http::ResponseDecoder, public Http::StreamCallbacks { public: /** * @return return the routeEntry for the downstream stream. */ virtual const RouteEntry& routeEntry() const PURE; /** * @return return the connection for the downstream stream. */ virtual const Network::Connection& connection() const PURE; }; /** * An API for wrapping callbacks from either an HTTP or a TCP connection pool. * * Just like the connection pool callbacks, the GenericConnectionPoolCallbacks * will either call onPoolReady when a GenericUpstream is ready, or * onPoolFailure if a connection/stream can not be established. */ class GenericConnectionPoolCallbacks { public: virtual ~GenericConnectionPoolCallbacks() = default; /** * Called to indicate a failure for GenericConnPool::newStream to establish a stream. * * @param reason supplies the failure reason. * @param transport_failure_reason supplies the details of the transport failure reason. * @param host supplies the description of the host that caused the failure. This may be nullptr * if no host was involved in the failure (for example overflow). */ virtual void onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) PURE; /** * Called when GenericConnPool::newStream has established a new stream. * * @param upstream supplies the generic upstream for the stream. * @param host supplies the description of the host that will carry the request. For logical * connection pools the description may be different each time this is called. * @param upstream_local_address supplies the local address of the upstream connection. * @param info supplies the stream info object associated with the upstream connection. */ virtual void onPoolReady(std::unique_ptr&& upstream, Upstream::HostDescriptionConstSharedPtr host, const Network::Address::InstanceConstSharedPtr& upstream_local_address, const StreamInfo::StreamInfo& info) PURE; // @return the UpstreamToDownstream interface for this stream. // // This is the interface for all interactions the upstream stream needs to have with the // downstream stream. It is in the GenericConnectionPoolCallbacks as the GenericConnectionPool // creates the GenericUpstream, and the GenericUpstream will need this interface. virtual UpstreamToDownstream& upstreamToDownstream() PURE; }; /** * An API for sending information to either a TCP or HTTP upstream. * * It is similar logically to RequestEncoder, only without the getStream interface. */ class GenericUpstream { public: virtual ~GenericUpstream() = default; /** * Encode a data frame. * @param data supplies the data to encode. The data may be moved by the encoder. * @param end_stream supplies whether this is the last data frame. */ virtual void encodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Encode metadata. * @param metadata_map_vector is the vector of metadata maps to encode. */ virtual void encodeMetadata(const Http::MetadataMapVector& metadata_map_vector) PURE; /** * Encode headers, optionally indicating end of stream. * @param headers supplies the header map to encode. * @param end_stream supplies whether this is a header only request. */ virtual void encodeHeaders(const Http::RequestHeaderMap& headers, bool end_stream) PURE; /** * Encode trailers. This implicitly ends the stream. * @param trailers supplies the trailers to encode. */ virtual void encodeTrailers(const Http::RequestTrailerMap& trailers) PURE; /** * Enable/disable further data from this stream. */ virtual void readDisable(bool disable) PURE; /** * Reset the stream. No events will fire beyond this point. * @param reason supplies the reset reason. */ virtual void resetStream() PURE; }; using GenericConnPoolPtr = std::unique_ptr; /* * A factory for creating generic connection pools. */ class GenericConnPoolFactory : public Envoy::Config::TypedFactory { public: ~GenericConnPoolFactory() override = default; /* * @param options for creating the transport socket * @return may be null */ virtual GenericConnPoolPtr createGenericConnPool(Upstream::ClusterManager& cm, bool is_connect, const RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const PURE; }; using GenericConnPoolFactoryPtr = std::unique_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/router_ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/ratelimit/ratelimit.h" namespace Envoy { namespace Router { /** * Base interface for generic rate limit override action. */ class RateLimitOverrideAction { public: virtual ~RateLimitOverrideAction() = default; /** * Potentially populate the descriptors 'limit' property with a RateLimitOverride instance * @param descriptor supplies the descriptor to optionally fill. * @param metadata supplies the dynamic metadata for the request. * @return true if RateLimitOverride was set in the descriptor. */ virtual bool populateOverride(RateLimit::Descriptor& descriptor, const envoy::config::core::v3::Metadata* metadata) const PURE; }; using RateLimitOverrideActionPtr = std::unique_ptr; /** * Base interface for generic rate limit action. */ class RateLimitAction { public: virtual ~RateLimitAction() = default; /** * Potentially append a descriptor entry to the end of descriptor. * @param route supplies the target route for the request. * @param descriptor supplies the descriptor to optionally fill. * @param local_service_cluster supplies the name of the local service cluster. * @param headers supplies the header for the request. * @param remote_address supplies the trusted downstream address for the connection. * @param dynamic_metadata supplies the dynamic metadata for the request * @return true if the RateLimitAction populated the descriptor. */ virtual bool populateDescriptor(const RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const PURE; }; using RateLimitActionPtr = std::unique_ptr; /** * Rate limit configuration. */ class RateLimitPolicyEntry { public: virtual ~RateLimitPolicyEntry() = default; /** * @return the stage value that the configuration is applicable to. */ virtual uint64_t stage() const PURE; /** * @return runtime key to be set to disable the configuration. */ virtual const std::string& disableKey() const PURE; /** * Potentially populate the descriptor array with new descriptors to query. * @param route supplies the target route for the request. * @param descriptors supplies the descriptor array to optionally fill. * @param local_service_cluster supplies the name of the local service cluster. * @param headers supplies the header for the request. * @param remote_address supplies the trusted downstream address for the connection. * @param dynamic_metadata supplies the dynamic metadata for the request. */ virtual void populateDescriptors(const RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const PURE; }; /** * Rate limiting policy. */ class RateLimitPolicy { public: virtual ~RateLimitPolicy() = default; /** * @return true if there is no rate limit policy for all stage settings. */ virtual bool empty() const PURE; /** * @param stage the value for finding applicable rate limit configurations. * @return set of RateLimitPolicyEntry that are applicable for a stage. */ virtual const std::vector>& getApplicableRateLimit(uint64_t stage) const PURE; }; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/scopes.h ================================================ #pragma once #include #include "envoy/config/config_provider.h" #include "envoy/router/router.h" namespace Envoy { namespace Router { /** * Scope key fragment base class. */ class ScopeKeyFragmentBase { public: bool operator!=(const ScopeKeyFragmentBase& other) const { return !(*this == other); } bool operator==(const ScopeKeyFragmentBase& other) const { if (typeid(*this) == typeid(other)) { return hash() == other.hash(); } return false; } virtual ~ScopeKeyFragmentBase() = default; // Hash of the fragment. virtual uint64_t hash() const PURE; }; /** * Scope Key is composed of non-null fragments. **/ class ScopeKey { public: ScopeKey() = default; ScopeKey(ScopeKey&& other) = default; // Scopekey is not copy-assignable and copy-constructible as it contains unique_ptr inside itself. ScopeKey(const ScopeKey&) = delete; ScopeKey operator=(const ScopeKey&) = delete; // Caller should guarantee the fragment is not nullptr. void addFragment(std::unique_ptr&& fragment) { ASSERT(fragment != nullptr, "null fragment not allowed in ScopeKey."); updateHash(*fragment); fragments_.emplace_back(std::move(fragment)); } uint64_t hash() const { return hash_; } bool operator!=(const ScopeKey& other) const; bool operator==(const ScopeKey& other) const; private: // Update the key's hash with the new fragment hash. void updateHash(const ScopeKeyFragmentBase& fragment) { std::stringbuf buffer; buffer.sputn(reinterpret_cast(&hash_), sizeof(hash_)); const auto& fragment_hash = fragment.hash(); buffer.sputn(reinterpret_cast(&fragment_hash), sizeof(fragment_hash)); hash_ = HashUtil::xxHash64(buffer.str()); } uint64_t hash_{0}; std::vector> fragments_; }; using ScopeKeyPtr = std::unique_ptr; // String fragment. class StringKeyFragment : public ScopeKeyFragmentBase { public: explicit StringKeyFragment(absl::string_view value) : value_(value), hash_(HashUtil::xxHash64(value_)) {} uint64_t hash() const override { return hash_; } private: const std::string value_; const uint64_t hash_; }; /** * The scoped routing configuration. */ class ScopedConfig : public Envoy::Config::ConfigProvider::Config { public: ~ScopedConfig() override = default; /** * Based on the incoming HTTP request headers, returns the configuration to use for selecting a * target route. * @param headers the request headers to match the scoped routing configuration against. * @return ConfigConstSharedPtr the router's Config matching the request headers. */ virtual ConfigConstSharedPtr getRouteConfig(const Http::HeaderMap& headers) const PURE; /** * Based on the incoming HTTP request headers, returns the hash value of its scope key. * @param headers the request headers to match the scoped routing configuration against. * @return unique_ptr of the scope key computed from header. */ virtual ScopeKeyPtr computeScopeKey(const Http::HeaderMap&) const { return {}; } }; using ScopedConfigConstSharedPtr = std::shared_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/shadow_writer.h ================================================ #pragma once #include #include #include #include "envoy/http/async_client.h" #include "envoy/http/message.h" namespace Envoy { namespace Router { /** * Interface used to shadow complete requests to an alternate upstream cluster in a "fire and * forget" fashion. Right now this interface takes a fully buffered request and cannot be used for * streaming. This is sufficient for current use cases. */ class ShadowWriter { public: virtual ~ShadowWriter() = default; /** * Shadow a request. * @param cluster supplies the cluster name to shadow to. * @param message supplies the complete request to shadow. * @param timeout supplies the shadowed request timeout. */ virtual void shadow(const std::string& cluster, Http::RequestMessagePtr&& request, const Http::AsyncClient::RequestOptions& options) PURE; }; using ShadowWriterPtr = std::unique_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/router/string_accessor.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/stream_info/filter_state.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Router { /** * Contains a string in a form which is usable with FilterState and * allows lazy evaluation if needed. All values meant to be accessible to the * custom request/response header mechanism must use this type. */ class StringAccessor : public StreamInfo::FilterState::Object { public: /** * @return the string the accessor represents. */ virtual absl::string_view asString() const PURE; }; } // namespace Router } // namespace Envoy ================================================ FILE: include/envoy/runtime/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "runtime_interface", hdrs = ["runtime.h"], external_deps = [ "abseil_node_hash_map", "abseil_optional", ], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/singleton:threadsafe_singleton", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/runtime/runtime.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/store.h" #include "envoy/thread_local/thread_local.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/assert.h" #include "common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { class ClusterManager; } namespace Runtime { /** * A snapshot of runtime data. */ class Snapshot : public ThreadLocal::ThreadLocalObject { public: struct Entry { std::string raw_string_value_; absl::optional uint_value_; absl::optional double_value_; absl::optional fractional_percent_value_; absl::optional bool_value_; }; using EntryMap = absl::flat_hash_map; /** * A provider of runtime values. One or more of these compose the snapshot's source of values, * where successive layers override the previous ones. */ class OverrideLayer { public: virtual ~OverrideLayer() = default; /** * @return const absl::flat_hash_map& the values in this layer. */ virtual const EntryMap& values() const PURE; /** * @return const std::string& a user-friendly alias for this layer, e.g. "admin" or "disk". */ virtual const std::string& name() const PURE; }; using OverrideLayerConstPtr = std::unique_ptr; /** * Returns true if a deprecated feature is allowed. * * Fundamentally, deprecated features are boolean values. * They are allowed by default or with explicit configuration to "true" via runtime configuration. * They can be disallowed either by inclusion in the hard-coded disallowed_features[] list, or by * configuration of "false" in runtime config. * @param key supplies the key to lookup. * @param default_value supplies the default value that will be used if either the key * does not exist or it is not a boolean. */ virtual bool deprecatedFeatureEnabled(absl::string_view key, bool default_enabled) const PURE; // Returns true if a runtime feature is enabled. // // Runtime features are used to easily allow switching between old and new code paths for high // risk changes. The intent is for the old code path to be short lived - the old code path is // deprecated as the feature is defaulted true, and removed with the following Envoy release. virtual bool runtimeFeatureEnabled(absl::string_view key) const PURE; /** * Test if a feature is enabled using the built in random generator. This is done by generating * a random number in the range 0-99 and seeing if this number is < the value stored in the * runtime key, or the default_value if the runtime key is invalid. * NOTE: In the current implementation, this routine may return different results each time it is * called because a new random number is used each time. Callers should understand this * behavior and not assume that subsequent calls using the same snapshot will be consistent. * @param key supplies the feature key to lookup. * @param default_value supplies the default value that will be used if either the feature key * does not exist or it is not an integer. * @return true if the feature is enabled. */ virtual bool featureEnabled(absl::string_view key, uint64_t default_value) const PURE; /** * Test if a feature is enabled using a supplied stable random value. This variant is used if * the caller wants a stable result over multiple calls. * @param key supplies the feature key to lookup. * @param default_value supplies the default value that will be used if either the feature key * does not exist or it is not an integer. * @param random_value supplies the stable random value to use for determining whether the feature * is enabled. * @return true if the feature is enabled. */ virtual bool featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value) const PURE; /** * Test if a feature is enabled using a supplied stable random value and total number of buckets * for sampling. * This variant is used if the caller wants a stable result over multiple calls * and have more granularity for samples. * @param key supplies the feature key to lookup. * @param default_value supplies the default value that will be used if either the feature key * does not exist or it is not an integer. * @param random_value supplies the stable random value to use for determining whether the feature * is enabled. * @param num_buckets control max number of buckets for sampling. Sampled value will be in a range * of [0, num_buckets). * @return true if the feature is enabled. */ virtual bool featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value, uint64_t num_buckets) const PURE; /** * Test if a feature is enabled using the built in random generator. This is done by generating a * random number between 0 and the fractional percent denominator and seeing if this number is < * the numerator value stored in the runtime key. The default_value's numerator/denominator is * used if the runtime key is invalid. * * If the runtime value for the provided runtime key is provided as an integer, it is assumed that * the value is the numerator and the denominator is 100. * * NOTE: In the current implementation, this routine may return different results each time it is * called because a new random number is used each time. Callers should understand this * behavior and not assume that subsequent calls using the same snapshot will be consistent. * @param key supplies the feature key to lookup. * @param default_value supplies the default value that will be used if either the feature key * does not exist or it is not a fractional percent. * @return true if the feature is enabled. */ virtual bool featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value) const PURE; /** * Test if a feature is enabled using a supplied stable random value. This variant is used if * the caller wants a stable result over multiple calls. * * If the runtime value for the provided runtime key is provided as an integer, it is assumed that * the value is the numerator and the denominator is 100. * * @param key supplies the feature key to lookup. * @param default_value supplies the default value that will be used if either the feature key * does not exist or it is not a fractional percent. * @param random_value supplies the stable random value to use for determining whether the feature * is enabled. * @return true if the feature is enabled. */ virtual bool featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value, uint64_t random_value) const PURE; using ConstStringOptRef = absl::optional>; /** * Fetch raw runtime data based on key. * @param key supplies the key to fetch. * @return absl::nullopt if the key does not exist or reference to the value std::string. */ virtual ConstStringOptRef get(absl::string_view key) const PURE; /** * Fetch an integer runtime key. Runtime keys larger than ~2^53 may not be accurately converted * into integers and will return default_value. * @param key supplies the key to fetch. * @param default_value supplies the value to return if the key does not exist or it does not * contain an integer. * @return uint64_t the runtime value or the default value. */ virtual uint64_t getInteger(absl::string_view key, uint64_t default_value) const PURE; /** * Fetch a double runtime key. * @param key supplies the key to fetch. * @param default_value supplies the value to return if the key does not exist or it does not * contain a double. * @return double the runtime value or the default value. */ virtual double getDouble(absl::string_view key, double default_value) const PURE; /** * Fetch a boolean runtime key. * @param key supplies the key to fetch. * @param default_value supplies the value to return if the key does not exist or it does not * contain a boolean. * @return bool the runtime value or the default value. */ virtual bool getBoolean(absl::string_view key, bool default_value) const PURE; /** * Fetch the OverrideLayers that provide values in this snapshot. Layers are ordered from bottom * to top; for instance, the second layer's entries override the first layer's entries, and so on. * Any layer can add a key in addition to overriding keys in layers below. The layer vector is * safe only for the lifetime of the Snapshot. * @return const std::vector& the raw map of loaded values. */ virtual const std::vector& getLayers() const PURE; }; using SnapshotConstSharedPtr = std::shared_ptr; /** * Loads runtime snapshots from storage (local disk, etc.). */ class Loader { public: virtual ~Loader() = default; using ReadyCallback = std::function; /** * Post-construction initialization. Runtime will be generally available after * the constructor is finished, with the exception of dynamic RTDS layers, * which require ClusterManager. * @param cm cluster manager reference. */ virtual void initialize(Upstream::ClusterManager& cm) PURE; /** * @return const Snapshot& the current snapshot. This reference is safe to use for the duration of * the calling routine, but may be overwritten on a future event loop cycle so should be * fetched again when needed. This may only be called from worker threads. */ virtual const Snapshot& snapshot() PURE; /** * @return shared_ptr the current snapshot. This function may safely be called * from non-worker threads. */ virtual SnapshotConstSharedPtr threadsafeSnapshot() PURE; /** * Merge the given map of key-value pairs into the runtime's state. To remove a previous merge for * a key, use an empty string as the value. * @param values the values to merge */ virtual void mergeValues(const absl::node_hash_map& values) PURE; /** * Initiate all RTDS subscriptions. The `on_done` callback is invoked when all RTDS requests * have either received and applied their responses or timed out. */ virtual void startRtdsSubscriptions(ReadyCallback on_done) PURE; /** * @return Stats::Scope& the root scope. */ virtual Stats::Scope& getRootScope() PURE; /** * Updates deprecated feature use stats. */ virtual void countDeprecatedFeatureUse() const PURE; }; using LoaderPtr = std::unique_ptr; // To make the runtime generally accessible, we make use of the dreaded // singleton class. For Envoy, the runtime will be created and cleaned up by the // Server::InstanceImpl initialize() and destructor, respectively. // // This makes it possible for call sites to easily make use of runtime values to // determine if a given feature is on or off, as well as various deprecated configuration // protos being enabled or disabled by default. using LoaderSingleton = InjectableSingleton; using ScopedLoaderSingleton = ScopedInjectableLoader; } // namespace Runtime } // namespace Envoy ================================================ FILE: include/envoy/secret/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "secret_callbacks_interface", hdrs = ["secret_callbacks.h"], ) envoy_cc_library( name = "secret_provider_interface", hdrs = ["secret_provider.h"], deps = [ ":secret_callbacks_interface", "//include/envoy/common:callback", "//include/envoy/ssl:certificate_validation_context_config_interface", "//include/envoy/ssl:tls_certificate_config_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "secret_manager_interface", hdrs = ["secret_manager.h"], deps = [ ":secret_provider_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/secret/secret_callbacks.h ================================================ #pragma once #include "envoy/common/pure.h" namespace Envoy { namespace Secret { /** * Callbacks invoked by a dynamic secret provider. */ class SecretCallbacks { public: virtual ~SecretCallbacks() = default; virtual void onAddOrUpdateSecret() PURE; }; } // namespace Secret } // namespace Envoy ================================================ FILE: include/envoy/secret/secret_manager.h ================================================ #pragma once #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/secret/secret_provider.h" namespace Envoy { namespace Server { namespace Configuration { class TransportSocketFactoryContext; } // namespace Configuration } // namespace Server namespace Secret { /** * A manager for static and dynamic secrets. */ class SecretManager { public: virtual ~SecretManager() = default; /** * @param add a static secret from envoy::extensions::transport_sockets::tls::v3::Secret. * @throw an EnvoyException if the secret is invalid or not supported, or there is duplicate. */ virtual void addStaticSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) PURE; /** * @param name a name of the static TlsCertificateConfigProvider. * @return the TlsCertificateConfigProviderSharedPtr. Returns nullptr if the static secret is not * found. */ virtual TlsCertificateConfigProviderSharedPtr findStaticTlsCertificateProvider(const std::string& name) const PURE; /** * @param name a name of the static CertificateValidationContextConfigProviderSharedPtr. * @return the CertificateValidationContextConfigProviderSharedPtr. Returns nullptr * if the static certificate validation context is not found. */ virtual CertificateValidationContextConfigProviderSharedPtr findStaticCertificateValidationContextProvider(const std::string& name) const PURE; /** * @param name a name of the static TlsSessionTicketKeysConfigProviderSharedPtr. * @return the TlsSessionTicketKeysConfigProviderSharedPtr. Returns nullptr * if the static tls session ticket keys are not found. */ virtual TlsSessionTicketKeysConfigProviderSharedPtr findStaticTlsSessionTicketKeysContextProvider(const std::string& name) const PURE; /** * @param name a name of the static GenericSecretConfigProvider. * @return the GenericSecretConfigProviderSharedPtr. Returns nullptr if the static secret is not * found. */ virtual GenericSecretConfigProviderSharedPtr findStaticGenericSecretProvider(const std::string& name) const PURE; /** * @param tls_certificate the protobuf config of the TLS certificate. * @return a TlsCertificateConfigProviderSharedPtr created from tls_certificate. */ virtual TlsCertificateConfigProviderSharedPtr createInlineTlsCertificateProvider( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate) PURE; /** * @param certificate_validation_context the protobuf config of the certificate validation * context. * @return a CertificateValidationContextConfigProviderSharedPtr created from * certificate_validation_context. */ virtual CertificateValidationContextConfigProviderSharedPtr createInlineCertificateValidationContextProvider( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& certificate_validation_context) PURE; /** * @param tls_certificate the protobuf config of the TLS session ticket keys. * @return a TlsSessionTicketKeysConfigProviderSharedPtr created from session_ticket_keys. */ virtual TlsSessionTicketKeysConfigProviderSharedPtr createInlineTlsSessionTicketKeysProvider( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_certificate) PURE; /** * @param generic_secret the protobuf config of the generic secret. * @return a GenericSecretConfigProviderSharedPtr created from tls_certificate. */ virtual GenericSecretConfigProviderSharedPtr createInlineGenericSecretProvider( const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret) PURE; /** * Finds and returns a dynamic secret provider associated to SDS config. Create * a new one if such provider does not exist. * * @param config_source a protobuf message object containing a SDS config source. * @param config_name a name that uniquely refers to the SDS config source. * @param secret_provider_context context that provides components for creating and initializing * secret provider. * @return TlsCertificateConfigProviderSharedPtr the dynamic TLS secret provider. */ virtual TlsCertificateConfigProviderSharedPtr findOrCreateTlsCertificateProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) PURE; /** * Finds and returns a dynamic secret provider associated to SDS config. Create * a new one if such provider does not exist. * * @param config_source a protobuf message object containing a SDS config source. * @param config_name a name that uniquely refers to the SDS config source. * @param secret_provider_context context that provides components for creating and initializing * secret provider. * @return CertificateValidationContextConfigProviderSharedPtr the dynamic certificate validation * context secret provider. */ virtual CertificateValidationContextConfigProviderSharedPtr findOrCreateCertificateValidationContextProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) PURE; /** * Finds and returns a dynamic secret provider associated to SDS config. Create * a new one if such provider does not exist. * * @param config_source a protobuf message object containing a SDS config source. * @param config_name a name that uniquely refers to the SDS config source. * @param secret_provider_context context that provides components for creating and initializing * secret provider. * @return TlsSessionTicketKeysConfigProviderSharedPtr the dynamic tls session ticket keys secret * provider. */ virtual TlsSessionTicketKeysConfigProviderSharedPtr findOrCreateTlsSessionTicketKeysContextProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) PURE; /** * Finds and returns a dynamic secret provider associated to SDS config. Create a new one if such * provider does not exist. * * @param config_source a protobuf message object containing a SDS config source. * @param config_name a name that uniquely refers to the SDS config source. * @param secret_provider_context context that provides components for creating and initializing * secret provider. * @return GenericSecretConfigProviderSharedPtr the dynamic generic secret provider. */ virtual GenericSecretConfigProviderSharedPtr findOrCreateGenericSecretProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) PURE; }; } // namespace Secret } // namespace Envoy ================================================ FILE: include/envoy/secret/secret_provider.h ================================================ #pragma once #include #include "envoy/common/callback.h" #include "envoy/common/pure.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/ssl/tls_certificate_config.h" namespace Envoy { namespace Secret { /** * A secret provider for each kind of secret. */ template class SecretProvider { public: virtual ~SecretProvider() = default; /** * @return the secret. Returns nullptr if the secret is not ready. */ virtual const SecretType* secret() const PURE; /** * Add secret validation callback into secret provider. * It is safe to call this method by main thread and callback is safe to be invoked * on main thread. * @param callback callback that is executed by secret provider. * @return CallbackHandle the handle which can remove that validation callback. */ virtual Common::CallbackHandle* addValidationCallback(std::function callback) PURE; /** * Add secret update callback into secret provider. * It is safe to call this method by main thread and callback is safe to be invoked * on main thread. * @param callback callback that is executed by secret provider. * @return CallbackHandle the handle which can remove that update callback. */ virtual Common::CallbackHandle* addUpdateCallback(std::function callback) PURE; }; using TlsCertificatePtr = std::unique_ptr; using CertificateValidationContextPtr = std::unique_ptr; using TlsSessionTicketKeysPtr = std::unique_ptr; using GenericSecretPtr = std::unique_ptr; using TlsCertificateConfigProvider = SecretProvider; using TlsCertificateConfigProviderSharedPtr = std::shared_ptr; using CertificateValidationContextConfigProvider = SecretProvider; using CertificateValidationContextConfigProviderSharedPtr = std::shared_ptr; using TlsSessionTicketKeysConfigProvider = SecretProvider; using TlsSessionTicketKeysConfigProviderSharedPtr = std::shared_ptr; using GenericSecretConfigProvider = SecretProvider; using GenericSecretConfigProviderSharedPtr = std::shared_ptr; } // namespace Secret } // namespace Envoy ================================================ FILE: include/envoy/server/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "access_log_config_interface", hdrs = ["access_log_config.h"], deps = [ ":filter_config_interface", "//include/envoy/access_log:access_log_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "admin_interface", hdrs = ["admin.h"], deps = [ ":config_tracker_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/http:query_params_interface", "//include/envoy/network:listen_socket_interface", ], ) envoy_cc_library( name = "api_listener_interface", hdrs = ["api_listener.h"], deps = ["//include/envoy/http:api_listener_interface"], ) envoy_cc_library( name = "configuration_interface", hdrs = ["configuration.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/http:context_interface", "//include/envoy/ratelimit:ratelimit_interface", "//include/envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config_tracker_interface", hdrs = ["config_tracker.h"], deps = [ "//source/common/common:non_copyable", "//source/common/protobuf", ], ) envoy_cc_library( name = "drain_manager_interface", hdrs = ["drain_manager.h"], deps = ["//include/envoy/network:drain_decision_interface"], ) envoy_cc_library( name = "guarddog_interface", hdrs = ["guarddog.h"], deps = [ "//include/envoy/server:watchdog_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "guarddog_config_interface", hdrs = ["guarddog_config.h"], deps = [ ":guarddog_interface", "//include/envoy/api:api_interface", "//include/envoy/protobuf:message_validator_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "health_checker_config_interface", hdrs = ["health_checker_config.h"], deps = [ "//include/envoy/common:random_generator_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/upstream:health_checker_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "hot_restart_interface", hdrs = ["hot_restart.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/thread:thread_interface", "//source/server:hot_restart_cc_proto", ], ) envoy_cc_library( name = "instance_interface", hdrs = ["instance.h"], deps = [ ":admin_interface", ":drain_manager_interface", ":hot_restart_interface", ":lifecycle_notifier_interface", ":listener_manager_interface", ":options_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/api:api_interface", "//include/envoy/common:mutex_tracer", "//include/envoy/event:timer_interface", "//include/envoy/http:context_interface", "//include/envoy/http:query_params_interface", "//include/envoy/init:manager_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/secret:secret_manager_interface", "//include/envoy/server:overload_manager_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "options_interface", hdrs = ["options.h"], deps = [ "//include/envoy/network:address_interface", "//include/envoy/stats:stats_interface", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "worker_interface", hdrs = ["worker.h"], deps = [ ":overload_manager_interface", "//include/envoy/server:guarddog_interface", ], ) envoy_cc_library( name = "watchdog_interface", hdrs = ["watchdog.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/network:address_interface", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "factory_context_interface", hdrs = ["factory_context.h"], deps = [ ":admin_interface", ":drain_manager_interface", ":lifecycle_notifier_interface", ":process_context_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/api:api_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/grpc:context_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:context_interface", "//include/envoy/http:filter_interface", "//include/envoy/init:manager_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:drain_decision_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:overload_manager_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:macros", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_config_interface", hdrs = ["filter_config.h"], deps = [ ":drain_manager_interface", ":factory_context_interface", ":lifecycle_notifier_interface", ":process_context_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/server:overload_manager_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:macros", "//source/common/protobuf", ], ) envoy_cc_library( name = "lifecycle_notifier_interface", hdrs = ["lifecycle_notifier.h"], deps = [ "//include/envoy/event:dispatcher_interface", ], ) envoy_cc_library( name = "listener_manager_interface", hdrs = ["listener_manager.h"], deps = [ ":api_listener_interface", ":drain_manager_interface", ":filter_config_interface", ":guarddog_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/ssl:context_interface", "//source/common/protobuf", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "process_context_interface", hdrs = ["process_context.h"], ) envoy_cc_library( name = "transport_socket_config_interface", hdrs = ["transport_socket_config.h"], deps = [ ":factory_context_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/init:manager_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/secret:secret_manager_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "resource_monitor_interface", hdrs = ["resource_monitor.h"], deps = [ "//include/envoy/config:typed_config_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "request_id_extension_config_interface", hdrs = ["request_id_extension_config.h"], deps = [ ":filter_config_interface", "//include/envoy/http:request_id_extension_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "resource_monitor_config_interface", hdrs = ["resource_monitor_config.h"], deps = [ ":resource_monitor_interface", "//include/envoy/api:api_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/protobuf:message_validator_interface", ], ) envoy_cc_library( name = "overload_manager_interface", hdrs = ["overload_manager.h"], deps = [ "//include/envoy/thread_local:thread_local_interface", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "tracer_config_interface", hdrs = ["tracer_config.h"], deps = [ ":filter_config_interface", "//include/envoy/config:typed_config_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "active_udp_listener_config_interface", hdrs = ["active_udp_listener_config.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/network:connection_handler_interface", ], ) envoy_cc_library( name = "bootstrap_extension_config_interface", hdrs = ["bootstrap_extension_config.h"], deps = [ ":factory_context_interface", "//include/envoy/config:typed_config_interface", ], ) ================================================ FILE: include/envoy/server/access_log_config.h ================================================ #pragma once #include #include "envoy/access_log/access_log.h" #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Implemented for each AccessLog::Instance and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class AccessLogInstanceFactory : public Config::TypedFactory { public: ~AccessLogInstanceFactory() override = default; /** * Create a particular AccessLog::Instance implementation from a config proto. If the * implementation is unable to produce a factory with the provided parameters, it should throw an * EnvoyException. The returned pointer should never be nullptr. * @param config the custom configuration for this access log type. * @param filter filter to determine whether a particular request should be logged. If no filter * was specified in the configuration, argument will be nullptr. * @param context general filter context through which persistent resources can be accessed. */ virtual AccessLog::InstanceSharedPtr createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, FactoryContext& context) PURE; std::string category() const override { return "envoy.access_loggers"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/active_udp_listener_config.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/network/connection_handler.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { /** * Interface to create udp listener according to * envoy::config::listener::v3::UdpListenerConfig.udp_listener_name. */ class ActiveUdpListenerConfigFactory : public Config::UntypedFactory { public: ~ActiveUdpListenerConfigFactory() override = default; virtual ProtobufTypes::MessagePtr createEmptyConfigProto() PURE; /** * Create an ActiveUdpListenerFactory object according to given message. * @param message specifies QUIC protocol options in a protobuf. * @param concurrency is the number of listeners instances to be created. */ virtual Network::ActiveUdpListenerFactoryPtr createActiveUdpListenerFactory(const Protobuf::Message& message, uint32_t concurrency) PURE; std::string category() const override { return "envoy.udp_listeners"; } }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/admin.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/http/query_params.h" #include "envoy/network/listen_socket.h" #include "envoy/server/config_tracker.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class AdminStream { public: virtual ~AdminStream() = default; /** * @param end_stream set to false for streaming response. Default is true, which will * end the response when the initial handler completes. */ virtual void setEndStreamOnComplete(bool end_stream) PURE; /** * @param cb callback to be added to the list of callbacks invoked by onDestroy() when stream * is closed. */ virtual void addOnDestroyCallback(std::function cb) PURE; /** * @return Http::StreamDecoderFilterCallbacks& to be used by the handler to get HTTP request data * for streaming. */ virtual Http::StreamDecoderFilterCallbacks& getDecoderFilterCallbacks() const PURE; /** * @return const Buffer::Instance* the fully buffered admin request if applicable. */ virtual const Buffer::Instance* getRequestBody() const PURE; /** * @return Http::HeaderMap& to be used by handler to parse header information sent with the * request. */ virtual const Http::RequestHeaderMap& getRequestHeaders() const PURE; /** * Return the HTTP/1 stream encoder options if applicable. If the stream is not HTTP/1 returns * absl::nullopt. */ virtual Http::Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() PURE; }; /** * This macro is used to add handlers to the Admin HTTP Endpoint. It builds * a callback that executes X when the specified admin handler is hit. This macro can be * used to add static handlers as in source/server/admin/admin.cc and also dynamic handlers as * done in the RouteConfigProviderManagerImpl constructor in source/common/router/rds_impl.cc. */ #define MAKE_ADMIN_HANDLER(X) \ [this](absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, \ Buffer::Instance& data, Server::AdminStream& admin_stream) -> Http::Code { \ return X(path_and_query, response_headers, data, admin_stream); \ } /** * Global admin HTTP endpoint for the server. */ class Admin { public: virtual ~Admin() = default; /** * Callback for admin URL handlers. * @param path_and_query supplies the path and query of the request URL. * @param response_headers enables setting of http headers (e.g., content-type, cache-control) in * the handler. * @param response supplies the buffer to fill in with the response body. * @param admin_stream supplies the filter which invoked the handler, enables the handler to use * its data. * @return Http::Code the response code. */ using HandlerCb = std::function; /** * Add an admin handler. * @param prefix supplies the URL prefix to handle. * @param help_text supplies the help text for the handler. * @param callback supplies the callback to invoke when the prefix matches. * @param removable if true allows the handler to be removed via removeHandler. * @param mutates_server_state indicates whether callback will mutate server state. * @return bool true if the handler was added, false if it was not added. */ virtual bool addHandler(const std::string& prefix, const std::string& help_text, HandlerCb callback, bool removable, bool mutates_server_state) PURE; /** * Remove an admin handler if it is removable. * @param prefix supplies the URL prefix of the handler to delete. * @return bool true if the handler was removed, false if it was not removed. */ virtual bool removeHandler(const std::string& prefix) PURE; /** * Obtain socket the admin endpoint is bound to. * @return Network::Socket& socket reference. */ virtual const Network::Socket& socket() PURE; /** * @return ConfigTracker& tracker for /config_dump endpoint. */ virtual ConfigTracker& getConfigTracker() PURE; /** * Expose this Admin console as an HTTP server. * @param access_log_path file path to write the HTTP request log to. * @param address_out_path file path to write the listening socket's address to. * @param address network address to bind and listen on. * @param listener_scope stats scope for the listener being started, */ virtual void startHttpListener(const std::string& access_log_path, const std::string& address_out_path, Network::Address::InstanceConstSharedPtr address, const Network::Socket::OptionsSharedPtr& socket_options, Stats::ScopePtr&& listener_scope) PURE; /** * Executes an admin request with the specified query params. Note: this must * be called from Envoy's main thread. * * @param path_and_query the path and query of the admin URL. * @param method the HTTP method (POST or GET). * @param response_headers populated the response headers from executing the request, * most notably content-type. * @param body populated with the response-body from the admin request. * @return Http::Code The HTTP response code from the admin request. */ virtual Http::Code request(absl::string_view path_and_query, absl::string_view method, Http::ResponseHeaderMap& response_headers, std::string& body) PURE; /** * Add this Admin's listener to the provided handler, if the listener exists. * Throws an exception if the listener does not exist. * @param handler the handler that will receive this Admin's listener. */ virtual void addListenerToHandler(Network::ConnectionHandler* handler) PURE; /** * @return the number of worker threads to run in the server. */ virtual uint32_t concurrency() const PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/api_listener.h ================================================ #pragma once #include "envoy/http/api_listener.h" namespace Envoy { namespace Server { /** * Listener that allows consumer to interact with Envoy via a designated API. */ class ApiListener { public: enum class Type { HttpApiListener }; virtual ~ApiListener() = default; /** * An ApiListener is uniquely identified by its name. * * @return the name of the ApiListener. */ virtual absl::string_view name() const PURE; /** * Shutdown the ApiListener. This is an interrupt, not a drain. In other words, calling this * function results in termination of all active streams vs. draining where no new streams are * allowed, but already existing streams are allowed to finish. */ virtual void shutdown() PURE; /** * @return the Type of the ApiListener. */ virtual Type type() const PURE; /** * @return valid ref IFF type() == Type::HttpApiListener, otherwise nullopt. */ virtual Http::ApiListenerOptRef http() PURE; }; using ApiListenerPtr = std::unique_ptr; using ApiListenerOptRef = absl::optional>; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/bootstrap_extension_config.h ================================================ #pragma once #include #include "envoy/server/factory_context.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { /** * Parent class for bootstrap extensions. */ class BootstrapExtension { public: virtual ~BootstrapExtension() = default; }; using BootstrapExtensionPtr = std::unique_ptr; namespace Configuration { /** * Implemented for each bootstrap extension and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class BootstrapExtensionFactory : public Config::TypedFactory { public: ~BootstrapExtensionFactory() override = default; /** * Create a particular bootstrap extension implementation from a config proto. If the * implementation is unable to produce a factory with the provided parameters, it should throw an * EnvoyException. The returned pointer should never be nullptr. * @param config the custom configuration for this bootstrap extension type. * @param context general filter context through which persistent resources can be accessed. */ virtual BootstrapExtensionPtr createBootstrapExtension(const Protobuf::Message& config, ServerFactoryContext& context) PURE; std::string category() const override { return "envoy.bootstrap"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/config_tracker.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "common/common/non_copyable.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { /** * ConfigTracker is used by the `/config_dump` admin endpoint to manage storage of config-providing * callbacks with weak ownership semantics. Callbacks added to ConfigTracker only live as long as * the returned EntryOwner object (or ConfigTracker itself, if shorter). Keys should be descriptors * of the configs provided by the corresponding callback. They must be unique. * ConfigTracker is *not* threadsafe. */ class ConfigTracker { public: using Cb = std::function; using CbsMap = std::map; /** * EntryOwner supplies RAII semantics for entries in the map. * The entry is not removed until the EntryOwner or the ConfigTracker itself is destroyed, * whichever happens first. When you add() an entry, you must hold onto the returned * owner object for as long as you want the entry to stay in the map. */ class EntryOwner { public: virtual ~EntryOwner() = default; protected: EntryOwner() = default; // A sly way to make this class "abstract." }; using EntryOwnerPtr = std::unique_ptr; virtual ~ConfigTracker() = default; /** * @return const CbsMap& The map of string keys to tracked callbacks. */ virtual const CbsMap& getCallbacksMap() const PURE; /** * Add a new callback to the map under the given key * @param key the map key for the new callback. * @param cb the callback to add. *must not* return nullptr. * @return EntryOwnerPtr the new entry's owner object. nullptr if the key is already present. */ virtual EntryOwnerPtr add(const std::string& key, Cb cb) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/configuration.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/stats/sink.h" #include "envoy/upstream/cluster_manager.h" #include "absl/types/optional.h" namespace Envoy { namespace Server { namespace Configuration { /* * Watchdog configuration. */ class Watchdog { public: virtual ~Watchdog() = default; /** * @return std::chrono::milliseconds the time interval after which we count a nonresponsive thread * event as a "miss" statistic. */ virtual std::chrono::milliseconds missTimeout() const PURE; /** * @return std::chrono::milliseconds the time interval after which we count a nonresponsive thread * event as a "mega miss" statistic. */ virtual std::chrono::milliseconds megaMissTimeout() const PURE; /** * @return std::chrono::milliseconds the time interval after which we kill the process due to a * single nonresponsive thread. */ virtual std::chrono::milliseconds killTimeout() const PURE; /** * @return std::chrono::milliseconds the time interval after which we kill the process due to * multiple nonresponsive threads. */ virtual std::chrono::milliseconds multiKillTimeout() const PURE; /** * @return double the percentage of threads that need to meet the MultiKillTimeout before we * kill the process. This is used in the calculation below * Max(2, ceil(registered_threads * Fraction(MultiKillThreshold))) * which computes the number of threads that need to be be nonresponsive * for at least MultiKillTimeout before we kill the process. */ virtual double multiKillThreshold() const PURE; /** * @return Protobuf::RepeatedPtrField * the WatchDog Actions that trigger on WatchDog Events. */ virtual Protobuf::RepeatedPtrField actions() const PURE; }; /** * The main server configuration. */ class Main { public: virtual ~Main() = default; /** * @return Upstream::ClusterManager* singleton for use by the entire server. * This will be nullptr if the cluster manager has not initialized yet. */ virtual Upstream::ClusterManager* clusterManager() PURE; /** * @return std::list& the list of stats sinks initialized from the configuration. */ virtual std::list& statsSinks() PURE; /** * @return std::chrono::milliseconds the time interval between flushing to configured stat sinks. * The server latches counters. */ virtual std::chrono::milliseconds statsFlushInterval() const PURE; /** * @return const Watchdog& the configuration of the main thread watchdog. */ virtual const Watchdog& mainThreadWatchdogConfig() const PURE; /** * @return const Watchdog& the configuration of the worker watchdog. */ virtual const Watchdog& workerWatchdogConfig() const PURE; }; /** * Admin configuration. */ class Admin { public: virtual ~Admin() = default; /** * @return const std::string& the admin access log path. */ virtual const std::string& accessLogPath() const PURE; /** * @return const std::string& profiler output path. */ virtual const std::string& profilePath() const PURE; /** * @return Network::Address::InstanceConstSharedPtr the server address. */ virtual Network::Address::InstanceConstSharedPtr address() PURE; /** * @return Network::Address::OptionsSharedPtr the list of listener socket options. */ virtual Network::Socket::OptionsSharedPtr socketOptions() PURE; }; /** * Initial configuration values that are needed before the main configuration load. */ class Initial { public: virtual ~Initial() = default; /** * @return Admin& the admin config. */ virtual Admin& admin() PURE; /** * @return absl::optional the path to look for flag files. */ virtual absl::optional flagsPath() const PURE; /** * @return const envoy::config::bootstrap::v2::LayeredRuntime& runtime * configuration. */ virtual const envoy::config::bootstrap::v3::LayeredRuntime& runtime() PURE; }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/drain_manager.h ================================================ #pragma once #include #include #include "envoy/network/drain_decision.h" namespace Envoy { namespace Server { /** * Handles connection draining. This concept is used globally during hot restart / server draining * as well as on individual listeners when they are being dynamically removed. */ class DrainManager : public Network::DrainDecision { public: /** * Invoked to begin the drain procedure. (Making drain close operations more likely). * @param drain_complete_cb will be invoked once the drain sequence is finished. The parameter is * optional and can be an unassigned function. */ virtual void startDrainSequence(std::function drain_complete_cb) PURE; /** * @return whether the drain sequence has started. */ virtual bool draining() const PURE; /** * Invoked in the newly launched primary process to begin the parent shutdown sequence. At the end * of the sequence the previous primary process will be terminated. */ virtual void startParentShutdownSequence() PURE; }; using DrainManagerPtr = std::unique_ptr; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/factory_context.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/typed_config.h" #include "envoy/grpc/context.h" #include "envoy/http/codes.h" #include "envoy/http/context.h" #include "envoy/http/filter.h" #include "envoy/init/manager.h" #include "envoy/network/drain_decision.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/server/admin.h" #include "envoy/server/drain_manager.h" #include "envoy/server/lifecycle_notifier.h" #include "envoy/server/overload_manager.h" #include "envoy/server/process_context.h" #include "envoy/singleton/manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Common interface for downstream and upstream network filters. */ class CommonFactoryContext { public: virtual ~CommonFactoryContext() = default; /** * @return Upstream::ClusterManager& singleton for use by the entire server. */ virtual Upstream::ClusterManager& clusterManager() PURE; /** * @return Event::Dispatcher& the main thread's dispatcher. This dispatcher should be used * for all singleton processing. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return information about the local environment the server is running in. */ virtual const LocalInfo::LocalInfo& localInfo() const PURE; /** * @return ProtobufMessage::ValidationContext& validation visitor for xDS and static configuration * messages. */ virtual ProtobufMessage::ValidationContext& messageValidationContext() PURE; /** * @return Runtime::Loader& the singleton runtime loader for the server. */ virtual Envoy::Runtime::Loader& runtime() PURE; /** * @return Stats::Scope& the filter's stats scope. */ virtual Stats::Scope& scope() PURE; /** * @return Singleton::Manager& the server-wide singleton manager. */ virtual Singleton::Manager& singletonManager() PURE; /** * @return ThreadLocal::SlotAllocator& the thread local storage engine for the server. This is * used to allow runtime lockless updates to configuration, etc. across multiple threads. */ virtual ThreadLocal::SlotAllocator& threadLocal() PURE; /** * @return Server::Admin& the server's global admin HTTP endpoint. */ virtual Server::Admin& admin() PURE; /** * @return TimeSource& a reference to the time source. */ virtual TimeSource& timeSource() PURE; /** * @return Api::Api& a reference to the api object. */ virtual Api::Api& api() PURE; }; /** * ServerFactoryContext is an specialization of common interface for downstream and upstream network * filters. The implementation guarantees the lifetime is no shorter than server. It could be used * across listeners. */ class ServerFactoryContext : public virtual CommonFactoryContext { public: ~ServerFactoryContext() override = default; /** * @return the server-wide grpc context. */ virtual Grpc::Context& grpcContext() PURE; /** * @return DrainManager& the server-wide drain manager. */ virtual Envoy::Server::DrainManager& drainManager() PURE; /** * @return the server's init manager. This can be used for extensions that need to initialize * after cluster manager init but before the server starts listening. All extensions * should register themselves during configuration load. initialize() will be called on * each registered target after cluster manager init but before the server starts * listening. Once all targets have initialized and invoked their callbacks, the server * will start listening. */ virtual Init::Manager& initManager() PURE; /** * @return ServerLifecycleNotifier& the lifecycle notifier for the server. */ virtual ServerLifecycleNotifier& lifecycleNotifier() PURE; /** * @return std::chrono::milliseconds the flush interval of stats sinks. */ virtual std::chrono::milliseconds statsFlushInterval() const PURE; }; /** * Context passed to network and HTTP filters to access server resources. * TODO(mattklein123): When we lock down visibility of the rest of the code, filters should only * access the rest of the server via interfaces exposed here. */ class FactoryContext : public virtual CommonFactoryContext { public: ~FactoryContext() override = default; /** * @return ServerFactoryContext which lifetime is no shorter than the server. */ virtual ServerFactoryContext& getServerFactoryContext() const PURE; /** * @return TransportSocketFactoryContext which lifetime is no shorter than the server. */ virtual TransportSocketFactoryContext& getTransportSocketFactoryContext() const PURE; /** * @return AccessLogManager for use by the entire server. */ virtual AccessLog::AccessLogManager& accessLogManager() PURE; /** * @return envoy::config::core::v3::TrafficDirection the direction of the traffic relative to * the local proxy. */ virtual envoy::config::core::v3::TrafficDirection direction() const PURE; /** * @return const Network::DrainDecision& a drain decision that filters can use to determine if * they should be doing graceful closes on connections when possible. */ virtual const Network::DrainDecision& drainDecision() PURE; /** * @return whether external healthchecks are currently failed or not. */ virtual bool healthCheckFailed() PURE; /** * @return the server's init manager. This can be used for extensions that need to initialize * after cluster manager init but before the server starts listening. All extensions * should register themselves during configuration load. initialize() will be called on * each registered target after cluster manager init but before the server starts * listening. Once all targets have initialized and invoked their callbacks, the server * will start listening. */ virtual Init::Manager& initManager() PURE; /** * @return ServerLifecycleNotifier& the lifecycle notifier for the server. */ virtual ServerLifecycleNotifier& lifecycleNotifier() PURE; /** * @return Stats::Scope& the listener's stats scope. */ virtual Stats::Scope& listenerScope() PURE; /** * @return const envoy::config::core::v3::Metadata& the config metadata associated with this * listener. */ virtual const envoy::config::core::v3::Metadata& listenerMetadata() const PURE; /** * @return OverloadManager& the overload manager for the server. */ virtual OverloadManager& overloadManager() PURE; /** * @return Http::Context& a reference to the http context. */ virtual Http::Context& httpContext() PURE; /** * @return Grpc::Context& a reference to the grpc context. */ virtual Grpc::Context& grpcContext() PURE; /** * @return ProcessContextOptRef an optional reference to the * process context. Will be unset when running in validation mode. */ virtual ProcessContextOptRef processContext() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for filter configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; }; /** * An implementation of FactoryContext. The life time is no shorter than the created filter chains. * The life time is no longer than the owning listener. It should be used to create * NetworkFilterChain. */ class FilterChainFactoryContext : public virtual FactoryContext { public: /** * Set the flag that all attached filter chains will be destroyed. */ virtual void startDraining() PURE; }; using FilterChainFactoryContextPtr = std::unique_ptr; /** * An implementation of FactoryContext. The life time should cover the lifetime of the filter chains * and connections. It can be used to create ListenerFilterChain. */ class ListenerFactoryContext : public virtual FactoryContext { public: /** * Give access to the listener configuration */ virtual const Network::ListenerConfig& listenerConfig() const PURE; }; /** * FactoryContext for ProtocolOptionsFactory. */ using ProtocolOptionsFactoryContext = Server::Configuration::TransportSocketFactoryContext; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/filter_config.h ================================================ #pragma once #include #include "envoy/config/typed_config.h" #include "envoy/http/filter.h" #include "envoy/init/manager.h" #include "envoy/network/filter.h" #include "envoy/server/drain_manager.h" #include "envoy/server/factory_context.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Common interface for listener filters and UDP listener filters */ class ListenerFilterConfigFactoryBase : public Config::TypedFactory { public: ~ListenerFilterConfigFactoryBase() override = default; }; /** * Implemented by each listener filter and registered via Registry::registerFactory() * or the convenience class RegisterFactory. */ class NamedListenerFilterConfigFactory : public ListenerFilterConfigFactoryBase { public: ~NamedListenerFilterConfigFactory() override = default; /** * Create a particular listener filter factory implementation. If the implementation is unable to * produce a factory with the provided parameters, it should throw an EnvoyException in the case * of general error or a Json::Exception if the json configuration is erroneous. The returned * callback should always be initialized. * @param config supplies the general protobuf configuration for the filter. * @param listener_filter_matcher supplies the matcher to decide when filter is enabled. * @param context supplies the filter's context. * @return Network::ListenerFilterFactoryCb the factory creation function. */ virtual Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message& config, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, ListenerFactoryContext& context) PURE; std::string category() const override { return "envoy.filters.listener"; } }; /** * Implemented by each UDP listener filter and registered via Registry::registerFactory() * or the convenience class RegisterFactory. */ class NamedUdpListenerFilterConfigFactory : public ListenerFilterConfigFactoryBase { public: ~NamedUdpListenerFilterConfigFactory() override = default; /** * Create a particular UDP listener filter factory implementation. If the implementation is unable * to produce a factory with the provided parameters, it should throw an EnvoyException. * The returned callback should always be initialized. * @param config supplies the general protobuf configuration for the filter * @param context supplies the filter's context. * @return Network::UdpListenerFilterFactoryCb the factory creation function. */ virtual Network::UdpListenerFilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, ListenerFactoryContext& context) PURE; std::string category() const override { return "envoy.filters.udp_listener"; } }; /** * Implemented by filter factories that require more options to process the protocol used by the * upstream cluster. */ class ProtocolOptionsFactory : public Config::TypedFactory { public: ~ProtocolOptionsFactory() override = default; /** * Create a particular filter's protocol specific options implementation. If the factory * implementation is unable to produce a factory with the provided parameters, it should throw an * EnvoyException. * @param config supplies the protobuf configuration for the filter * @param validation_visitor message validation visitor instance. * @return Upstream::ProtocolOptionsConfigConstSharedPtr the protocol options */ virtual Upstream::ProtocolOptionsConfigConstSharedPtr createProtocolOptionsConfig(const Protobuf::Message& config, ProtocolOptionsFactoryContext& factory_context) { UNREFERENCED_PARAMETER(config); UNREFERENCED_PARAMETER(factory_context); return nullptr; } /** * @return ProtobufTypes::MessagePtr a newly created empty protocol specific options message or * nullptr if protocol specific options are not available. */ virtual ProtobufTypes::MessagePtr createEmptyProtocolOptionsProto() { return nullptr; } }; /** * Implemented by each network filter and registered via Registry::registerFactory() * or the convenience class RegisterFactory. */ class NamedNetworkFilterConfigFactory : public ProtocolOptionsFactory { public: ~NamedNetworkFilterConfigFactory() override = default; /** * Create a particular network filter factory implementation. If the implementation is unable to * produce a factory with the provided parameters, it should throw an EnvoyException. The returned * callback should always be initialized. * @param config supplies the general json configuration for the filter * @param filter_chain_factory_context supplies the filter's context. * @return Network::FilterFactoryCb the factory creation function. */ virtual Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, FactoryContext& filter_chain_factory_context) PURE; std::string category() const override { return "envoy.filters.network"; } /** * @return bool true if this filter must be the last filter in a filter chain, false otherwise. */ virtual bool isTerminalFilter() { return false; } }; /** * Implemented by each upstream cluster network filter and registered via * Registry::registerFactory() or the convenience class RegisterFactory. */ class NamedUpstreamNetworkFilterConfigFactory : public ProtocolOptionsFactory { public: ~NamedUpstreamNetworkFilterConfigFactory() override = default; /** * Create a particular upstream network filter factory implementation. If the implementation is * unable to produce a factory with the provided parameters, it should throw an EnvoyException in * the case of general error. The returned callback should always be initialized. */ virtual Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, CommonFactoryContext& context) PURE; std::string category() const override { return "envoy.filters.upstream_network"; } }; /** * Implemented by each HTTP filter and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedHttpFilterConfigFactory : public ProtocolOptionsFactory { public: ~NamedHttpFilterConfigFactory() override = default; /** * Create a particular http filter factory implementation. If the implementation is unable to * produce a factory with the provided parameters, it should throw an EnvoyException. The returned * callback should always be initialized. * @param config supplies the general Protobuf message to be marshaled into a filter-specific * configuration. * @param stat_prefix prefix for stat logging * @param context supplies the filter's context. * @return Http::FilterFactoryCb the factory creation function. */ virtual Http::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, const std::string& stat_prefix, FactoryContext& context) PURE; /** * @return ProtobufTypes::MessagePtr create an empty virtual host, route, or weighted * cluster-local config proto message for v2. The filter config, which arrives in an * opaque message, will be parsed into this empty proto. By default, this method * returns the same value as createEmptyConfigProto, and can be optionally overridden * in implementations. */ virtual ProtobufTypes::MessagePtr createEmptyRouteConfigProto() { return createEmptyConfigProto(); } /** * @return RouteSpecificFilterConfigConstSharedPtr allow the filter to pre-process per route * config. Returned object will be stored in the loaded route configuration. */ virtual Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfig(const Protobuf::Message&, ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return nullptr; } std::string category() const override { return "envoy.filters.http"; } /** * @return bool true if this filter must be the last filter in a filter chain, false otherwise. */ virtual bool isTerminalFilter() { return false; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/guarddog.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/server/watchdog.h" namespace Envoy { namespace Server { /** * The GuardDog runs a background thread which scans a number of shared WatchDog * objects periodically to verify that they have been recently touched. If some * of the watched items have not responded the GuardDog will take action ranging * from stats counter increments to killing the entire process (if a deadlock is * suspected). * * The lifespan of the GuardDog thread is tied to the lifespan of this object. */ class GuardDog { public: virtual ~GuardDog() = default; /** * Get a WatchDog object pointer to a new WatchDog. * * After this method returns the WatchDog object must be touched periodically * to avoid triggering the GuardDog. If no longer needed use the * stopWatching() method to remove it from the list of watched objects. * * @param thread_id a Thread::ThreadId containing the system thread id * @param thread_name supplies the name of the thread which is used for per-thread miss stats. */ virtual WatchDogSharedPtr createWatchDog(Thread::ThreadId thread_id, const std::string& thread_name) PURE; /** * Tell the GuardDog to forget about this WatchDog. * After calling this method it is no longer necessary to touch the WatchDog * object. * * @param wd A WatchDogSharedPtr obtained from createWatchDog. */ virtual void stopWatching(WatchDogSharedPtr wd) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/guarddog_config.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/common/pure.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/typed_config.h" #include "envoy/event/dispatcher.h" #include "envoy/protobuf/message_validator.h" #include "envoy/server/guarddog.h" #include "envoy/stats/scope.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { struct GuardDogActionFactoryContext { Api::Api& api_; Event::Dispatcher& dispatcher_; // not owned (this is the guard dog's dispatcher) Stats::Scope& stats_; // not owned (this is the server's stats scope) absl::string_view guarddog_name_; }; class GuardDogAction { public: virtual ~GuardDogAction() = default; /** * Callback function for when the GuardDog observes an event. * @param event the event the GuardDog observes. * @param thread_last_checkin_pairs pair of the relevant thread to the event, and the * last check in time of those threads with their watchdog. * @param now the current time. */ virtual void run(envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent event, const std::vector>& thread_last_checkin_pairs, MonotonicTime now) PURE; }; using GuardDogActionPtr = std::unique_ptr; /** * Implemented by each custom GuardDogAction and registered via Registry::registerFactory() * or the convenience class RegisterFactory. */ class GuardDogActionFactory : public Config::TypedFactory { public: ~GuardDogActionFactory() override = default; /** * Creates a particular GuardDog Action factory implementation. * * @param config supplies the configuration for the action. * @param context supplies the GuardDog Action's context. * @return GuardDogActionPtr the GuardDogAction object. */ virtual GuardDogActionPtr createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& config, GuardDogActionFactoryContext& context) PURE; std::string category() const override { return "envoy.guarddog_actions"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/health_checker_config.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/typed_config.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/health_checker.h" namespace Envoy { namespace Server { namespace Configuration { class HealthCheckerFactoryContext { public: virtual ~HealthCheckerFactoryContext() = default; /** * @return Upstream::Cluster& the owning cluster. */ virtual Upstream::Cluster& cluster() PURE; /** * @return Runtime::Loader& the singleton runtime loader for the server. */ virtual Envoy::Runtime::Loader& runtime() PURE; /** * @return Event::Dispatcher& the main thread's dispatcher. This dispatcher should be used * for all singleton processing. */ virtual Event::Dispatcher& dispatcher() PURE; /* * @return Upstream::HealthCheckEventLoggerPtr the health check event logger for the * created health checkers. This function may not be idempotent. */ virtual Upstream::HealthCheckEventLoggerPtr eventLogger() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for health checker configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; /** * @return Api::Api& the API used by the server. */ virtual Api::Api& api() PURE; }; /** * Implemented by each custom health checker and registered via Registry::registerFactory() * or the convenience class RegisterFactory. */ class CustomHealthCheckerFactory : public Config::TypedFactory { public: ~CustomHealthCheckerFactory() override = default; /** * Creates a particular custom health checker factory implementation. * * @param config supplies the configuration as a full envoy::config::core::v3::HealthCheck * config. The implementation of this method can get the specific configuration for a custom * health check from custom_health_check().config(). * @param context supplies the custom health checker's context. * @return HealthCheckerSharedPtr the pointer of a health checker instance. */ virtual Upstream::HealthCheckerSharedPtr createCustomHealthChecker(const envoy::config::core::v3::HealthCheck& config, HealthCheckerFactoryContext& context) PURE; std::string category() const override { return "envoy.health_checkers"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/hot_restart.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" #include "envoy/stats/allocator.h" #include "envoy/stats/store.h" #include "envoy/thread/thread.h" #include "source/server/hot_restart.pb.h" namespace Envoy { namespace Server { class Instance; /** * Abstracts functionality required to "hot" (live) restart the server including code and * configuration. Right now this interface assumes a UNIX like socket interface for fd passing * but it could be relatively easily swapped with something else if necessary. */ class HotRestart { public: struct ServerStatsFromParent { uint64_t parent_memory_allocated_ = 0; uint64_t parent_connections_ = 0; }; virtual ~HotRestart() = default; /** * Shutdown listeners in the parent process if applicable. Listeners will begin draining to * clear out old connections. */ virtual void drainParentListeners() PURE; /** * Retrieve a listening socket on the specified address from the parent process. The socket will * be duplicated across process boundaries. * @param address supplies the address of the socket to duplicate, e.g. tcp://127.0.0.1:5000. * @return int the fd or -1 if there is no bound listen port in the parent. */ virtual int duplicateParentListenSocket(const std::string& address) PURE; /** * Initialize the parent logic of our restarter. Meant to be called after initialization of a * new child has begun. The hot restart implementation needs to be created early to deal with * shared memory, logging, etc. so late initialization of needed interfaces is done here. */ virtual void initialize(Event::Dispatcher& dispatcher, Server::Instance& server) PURE; /** * Shutdown admin processing in the parent process if applicable. This allows admin processing * to start up in the new process. * @param original_start_time will be filled with information from our parent, if retrieved. */ virtual void sendParentAdminShutdownRequest(time_t& original_start_time) PURE; /** * Tell our parent process to gracefully terminate itself. */ virtual void sendParentTerminateRequest() PURE; /** * Retrieve stats from our parent process and merges them into stats_store, taking into account * the stats values we've already seen transferred. * Skips all of the above and returns 0s if there is not currently a parent. * @param stats_store the store whose stats will be updated. * @param stats_proto the stats values we are updating with. * @return special values relating to the "server" stats scope, whose * merging has to be handled by Server::InstanceImpl. */ virtual ServerStatsFromParent mergeParentStatsIfAny(Stats::StoreRoot& stats_store) PURE; /** * Shutdown the half of our hot restarter that acts as a parent. */ virtual void shutdown() PURE; /** * Return the base id used to generate a domain socket name. */ virtual uint32_t baseId() PURE; /** * Return the hot restart compatibility version so that operations code can decide whether to * perform a full or hot restart. */ virtual std::string version() PURE; /** * @return Thread::BasicLockable& a lock for logging. */ virtual Thread::BasicLockable& logLock() PURE; /** * @return Thread::BasicLockable& a lock for access logs. */ virtual Thread::BasicLockable& accessLogLock() PURE; }; /** * HotRestartDomainSocketInUseException is thrown during HotRestart construction only when the * underlying domain socket is in use. */ class HotRestartDomainSocketInUseException : public EnvoyException { public: HotRestartDomainSocketInUseException(const std::string& what) : EnvoyException(what) {} }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/instance.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/api/api.h" #include "envoy/common/mutex_tracer.h" #include "envoy/common/random_generator.h" #include "envoy/config/trace/v3/http_tracer.pb.h" #include "envoy/event/timer.h" #include "envoy/grpc/context.h" #include "envoy/http/context.h" #include "envoy/init/manager.h" #include "envoy/local_info/local_info.h" #include "envoy/network/listen_socket.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/admin.h" #include "envoy/server/drain_manager.h" #include "envoy/server/hot_restart.h" #include "envoy/server/lifecycle_notifier.h" #include "envoy/server/listener_manager.h" #include "envoy/server/options.h" #include "envoy/server/overload_manager.h" #include "envoy/ssl/context_manager.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Server { /** * An instance of the running server. */ class Instance { public: virtual ~Instance() = default; /** * @return Admin& the global HTTP admin endpoint for the server. */ virtual Admin& admin() PURE; /** * @return Api::Api& the API used by the server. */ virtual Api::Api& api() PURE; /** * @return Upstream::ClusterManager& singleton for use by the entire server. */ virtual Upstream::ClusterManager& clusterManager() PURE; /** * @return Ssl::ContextManager& singleton for use by the entire server. */ virtual Ssl::ContextManager& sslContextManager() PURE; /** * @return Event::Dispatcher& the main thread's dispatcher. This dispatcher should be used * for all singleton processing. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return Network::DnsResolverSharedPtr the singleton DNS resolver for the server. */ virtual Network::DnsResolverSharedPtr dnsResolver() PURE; /** * Close the server's listening sockets and begin draining the listeners. */ virtual void drainListeners() PURE; /** * @return DrainManager& singleton for use by the entire server. */ virtual DrainManager& drainManager() PURE; /** * @return AccessLogManager for use by the entire server. */ virtual AccessLog::AccessLogManager& accessLogManager() PURE; /** * Toggle whether the server fails or passes external healthchecks. */ virtual void failHealthcheck(bool fail) PURE; /** * @return whether external healthchecks are currently failed or not. */ virtual bool healthCheckFailed() PURE; /** * @return the server's hot restarter. */ virtual HotRestart& hotRestart() PURE; /** * @return the server's init manager. This can be used for extensions that need to initialize * after cluster manager init but before the server starts listening. All extensions * should register themselves during configuration load. initialize() will be called on * each registered target after cluster manager init but before the server starts * listening. Once all targets have initialized and invoked their callbacks, the server * will start listening. */ virtual Init::Manager& initManager() PURE; /** * @return the server's listener manager. */ virtual ListenerManager& listenerManager() PURE; /** * @return the server's global mutex tracer, if it was instantiated. Nullptr otherwise. */ virtual Envoy::MutexTracer* mutexTracer() PURE; /** * @return the server's overload manager. */ virtual OverloadManager& overloadManager() PURE; /** * @return the server's secret manager */ virtual Secret::SecretManager& secretManager() PURE; /** * @return the server's CLI options. */ virtual const Options& options() PURE; /** * @return Runtime::Loader& the singleton runtime loader for the server. */ virtual Runtime::Loader& runtime() PURE; /** * @return ServerLifecycleNotifier& the singleton lifecycle notifier for the server. */ virtual ServerLifecycleNotifier& lifecycleNotifier() PURE; /** * Shutdown the server gracefully. */ virtual void shutdown() PURE; /** * @return whether the shutdown method has been called. */ virtual bool isShutdown() PURE; /** * Shutdown the server's admin processing. This includes the admin API, stat flushing, etc. */ virtual void shutdownAdmin() PURE; /** * @return Singleton::Manager& the server-wide singleton manager. */ virtual Singleton::Manager& singletonManager() PURE; /** * @return the time that the server started during the current hot restart epoch. */ virtual time_t startTimeCurrentEpoch() PURE; /** * @return the time that the server started the first hot restart epoch. */ virtual time_t startTimeFirstEpoch() PURE; /** * @return the server-wide stats store. */ virtual Stats::Store& stats() PURE; /** * @return the server-wide grpc context. */ virtual Grpc::Context& grpcContext() PURE; /** * @return the server-wide http context. */ virtual Http::Context& httpContext() PURE; /** * @return the server-wide process context. */ virtual ProcessContextOptRef processContext() PURE; /** * @return ThreadLocal::Instance& the thread local storage engine for the server. This is used to * allow runtime lockless updates to configuration, etc. across multiple threads. */ virtual ThreadLocal::Instance& threadLocal() PURE; /** * @return information about the local environment the server is running in. */ virtual const LocalInfo::LocalInfo& localInfo() const PURE; /** * @return the time source used for the server. */ virtual TimeSource& timeSource() PURE; /** * @return the flush interval of stats sinks. */ virtual std::chrono::milliseconds statsFlushInterval() const PURE; /** * Flush the stats sinks outside of a flushing interval. * Note: stats flushing may not be synchronous. * Therefore, this function may return prior to flushing taking place. */ virtual void flushStats() PURE; /** * @return ProtobufMessage::ValidationContext& validation context for configuration * messages. */ virtual ProtobufMessage::ValidationContext& messageValidationContext() PURE; /** * @return Configuration::ServerFactoryContext& factory context for filters. */ virtual Configuration::ServerFactoryContext& serverFactoryContext() PURE; /** * @return Configuration::TransportSocketFactoryContext& factory context for transport sockets. */ virtual Configuration::TransportSocketFactoryContext& transportSocketFactoryContext() PURE; /** * Set the default server-wide tracer provider configuration that will be used as a fallback * if an "envoy.filters.network.http_connection_manager" filter that has tracing enabled doesn't * define a tracer provider in-place. * * Once deprecation window for the tracer provider configuration in the bootstrap config is over, * this method will no longer be necessary. */ virtual void setDefaultTracingConfig(const envoy::config::trace::v3::Tracing& tracing_config) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/lifecycle_notifier.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" namespace Envoy { namespace Server { class ServerLifecycleNotifier { public: virtual ~ServerLifecycleNotifier() = default; /** * Stages of the envoy server instance lifecycle. */ enum class Stage { /** * The server instance main thread is about to enter the dispatcher loop. */ Startup, /** * The server instance init manager has finished initialization. */ PostInit, /** * The server instance is being shutdown and the dispatcher is about to exit. * This provides listeners a last chance to run a callback on the main dispatcher. * Note: the server will wait for callbacks that registered to take a completion * before exiting the dispatcher loop. * Note: callbacks that registered with a completion will only be notified for this * stage if the server did not prematurely shutdown before fully starting up (specifically * if the server shutdown before worker threads were started). */ ShutdownExit }; // A handle to a callback registration. Deleting this handle will unregister the callback. class Handle { public: virtual ~Handle() = default; }; using HandlePtr = std::unique_ptr; /** * Callback invoked when the server reaches a certain lifecycle stage. * * Instances of the second type which take an Event::PostCb parameter must post * that callback to the main dispatcher when they have finished processing of * the new lifecycle state. This is useful when the main dispatcher needs to * wait for registered callbacks to finish their work before continuing, e.g., * during server shutdown. */ using StageCallback = std::function; using StageCallbackWithCompletion = std::function; /** * Register a callback function that will be invoked on the main thread when * the specified stage is reached. * * The second version which takes a completion back is currently only supported * for the ShutdownExit stage. */ virtual HandlePtr registerCallback(Stage stage, StageCallback callback) PURE; virtual HandlePtr registerCallback(Stage stage, StageCallbackWithCompletion callback) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/listener_manager.h ================================================ #pragma once #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" #include "envoy/server/api_listener.h" #include "envoy/server/drain_manager.h" #include "envoy/server/filter_config.h" #include "envoy/server/guarddog.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { /** * Interface for an LDS API provider. */ class LdsApi { public: virtual ~LdsApi() = default; /** * @return std::string the last received version by the xDS API for LDS. */ virtual std::string versionInfo() const PURE; }; using LdsApiPtr = std::unique_ptr; struct ListenSocketCreationParams { ListenSocketCreationParams(bool bind_to_port, bool duplicate_parent_socket = true) : bind_to_port(bind_to_port), duplicate_parent_socket(duplicate_parent_socket) {} // For testing. bool operator==(const ListenSocketCreationParams& rhs) const; bool operator!=(const ListenSocketCreationParams& rhs) const; // whether to actually bind the socket. bool bind_to_port; // whether to duplicate socket from hot restart parent. bool duplicate_parent_socket; }; /** * Factory for creating listener components. */ class ListenerComponentFactory { public: virtual ~ListenerComponentFactory() = default; /** * @return an LDS API provider. * @param lds_config supplies the management server configuration. * @param lds_resources_locator udpa::core::v1::ResourceLocator for listener collection. */ virtual LdsApiPtr createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator) PURE; /** * Creates a socket. * @param address supplies the socket's address. * @param socket_type the type of socket (stream or datagram) to create. * @param options to be set on the created socket just before calling 'bind()'. * @param params used to control how a socket being created. * @return Network::SocketSharedPtr an initialized and potentially bound socket. */ virtual Network::SocketSharedPtr createListenSocket(Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params) PURE; /** * Creates a list of filter factories. * @param filters supplies the proto configuration. * @param context supplies the factory creation context. * @return std::vector the list of filter factories. */ virtual std::vector createNetworkFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) PURE; /** * Creates a list of listener filter factories. * @param filters supplies the JSON configuration. * @param context supplies the factory creation context. * @return std::vector the list of filter factories. */ virtual std::vector createListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) PURE; /** * Creates a list of UDP listener filter factories. * @param filters supplies the configuration. * @param context supplies the factory creation context. * @return std::vector the list of filter factories. */ virtual std::vector createUdpListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) PURE; /** * @return DrainManagerPtr a new drain manager. * @param drain_type supplies the type of draining to do for the owning listener. */ virtual DrainManagerPtr createDrainManager(envoy::config::listener::v3::Listener::DrainType drain_type) PURE; /** * @return uint64_t a listener tag usable for connection handler tracking. */ virtual uint64_t nextListenerTag() PURE; }; /** * A manager for all listeners and all threaded connection handling workers. */ class ListenerManager { public: // Indicates listeners to stop. enum class StopListenersType { // Listeners in the inbound direction are only stopped. InboundOnly, // All listeners are stopped. All, }; // The types of listeners to be returned from listeners(ListenerState). // An enum instead of enum class so the underlying type is an int and bitwise operations can be // used without casting. enum ListenerState : uint8_t { ACTIVE = 1 << 0, WARMING = 1 << 1, DRAINING = 1 << 2, ALL = ACTIVE | WARMING | DRAINING }; virtual ~ListenerManager() = default; /** * Add or update a listener. Listeners are referenced by a unique name. If no name is provided, * the manager will allocate a UUID. Listeners that expect to be dynamically updated should * provide a unique name. The manager will search by name to find the existing listener that * should be updated. The new listener must have the same configured address. The old listener * will be gracefully drained once the new listener is ready to take traffic (e.g. when RDS has * been initialized). * @param config supplies the configuration proto. * @param version_info supplies the xDS version of the listener. * @param modifiable supplies whether the added listener can be updated or removed. If the * listener is not modifiable, future calls to this function or removeListener() on behalf * of this listener will return false. * @return TRUE if a listener was added or FALSE if the listener was not updated because it is * a duplicate of the existing listener. This routine will throw an EnvoyException if * there is a fundamental error preventing the listener from being added or updated. */ virtual bool addOrUpdateListener(const envoy::config::listener::v3::Listener& config, const std::string& version_info, bool modifiable) PURE; /** * Instruct the listener manager to create an LDS API provider. This is a separate operation * during server initialization because the listener manager is created prior to several core * pieces of the server existing. * @param lds_config supplies the management server configuration. * @param lds_resources_locator udpa::core::v1::ResourceLocator for listener collection. */ virtual void createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator) PURE; /** * @param state the type of listener to be returned (defaults to ACTIVE), states can be OR'd * together to return multiple different types * @return std::vector> a list of currently known * listeners in the requested state. Note that this routine returns references to the existing * listeners. The references are only valid in the context of the current call stack and should * not be stored. */ virtual std::vector> listeners(ListenerState state = ListenerState::ACTIVE) PURE; /** * @return uint64_t the total number of connections owned by all listeners across all workers. */ virtual uint64_t numConnections() const PURE; /** * Remove a listener by name. * @param name supplies the listener name to remove. * @return TRUE if the listener was found and removed. Note that when this routine returns TRUE, * the listener has not necessarily been actually deleted right away. The listener will be * drained and fully removed at some later time. */ virtual bool removeListener(const std::string& name) PURE; /** * Start all workers accepting new connections on all added listeners. * @param guard_dog supplies the guard dog to use for thread watching. */ virtual void startWorkers(GuardDog& guard_dog) PURE; /** * Stop all listeners from accepting new connections without actually removing any of them. This * is used for server draining and /drain_listeners admin endpoint. This method directly stops the * listeners on workers. Once a listener is stopped, any listener modifications are not allowed. * @param stop_listeners_type indicates listeners to stop. */ virtual void stopListeners(StopListenersType stop_listeners_type) PURE; /** * Stop all threaded workers from running. When this routine returns all worker threads will * have exited. */ virtual void stopWorkers() PURE; /* * Warn the listener manager of an impending update. This allows the listener to clear per-update * state. */ virtual void beginListenerUpdate() PURE; /* * Inform the listener manager that the update has completed, and informs the listener of any * errors handled by the reload source. */ using FailureStates = std::vector>; virtual void endListenerUpdate(FailureStates&& failure_states) PURE; // TODO(junr03): once ApiListeners support warming and draining, this function should return a // weak_ptr to its caller. This would allow the caller to verify if the // ApiListener is available to receive API calls on it. /** * @return the server's API Listener if it exists, nullopt if it does not. */ virtual ApiListenerOptRef apiListener() PURE; /* * @return TRUE if the worker has started or FALSE if not. */ virtual bool isWorkerStarted() PURE; }; // overload operator| to allow ListenerManager::listeners(ListenerState) to be called using a // combination of flags, such as listeners(ListenerState::WARMING|ListenerState::ACTIVE) constexpr ListenerManager::ListenerState operator|(const ListenerManager::ListenerState lhs, const ListenerManager::ListenerState rhs) { return static_cast(static_cast(lhs) | static_cast(rhs)); } } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/options.h ================================================ #pragma once #include #include #include #include "envoy/admin/v3/server_info.pb.h" #include "envoy/common/pure.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/network/address.h" #include "absl/types/optional.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Server { /** * Whether to run Envoy in serving mode, or in config validation mode at one of two levels (in which * case we'll verify the configuration file is valid, print any errors, and exit without serving.) */ enum class Mode { /** * Default mode: Regular Envoy serving process. Configs are validated in the normal course of * initialization, but if all is well we proceed to serve traffic. */ Serve, /** * Validate as much as possible without opening network connections upstream or downstream. */ Validate, /** * Completely load and initialize the config, and then exit without running the listener loop. */ InitOnly, // TODO(rlazarus): Add a fourth option for "light validation": Mock out access to the filesystem. // Perform no validation of files referenced in the config, such as runtime configs, SSL certs, // etc. Validation will pass even if those files are malformed or don't exist, allowing the config // to be validated in a non-prod environment. }; /** * During the drain sequence, different components ask the DrainManager * whether to drain via drainClose(). This enum dictates the behaviour of * drainClose() calls. */ enum class DrainStrategy { /** * The probability of drainClose() returning true increases from 0 to 100% * over the duration of the drain period. */ Gradual, /** * drainClose() will return true as soon as the drain sequence is initiated. */ Immediate, }; using CommandLineOptionsPtr = std::unique_ptr; /** * General options for the server. */ class Options { public: virtual ~Options() = default; /** * @return uint64_t the base ID for the server. This is required for system-wide things like * shared memory, domain sockets, etc. that are used during hot restart. Setting the * base ID to a different value will allow the server to run multiple times on the same * host if desired. */ virtual uint64_t baseId() const PURE; /** * @return bool choose an unused base ID dynamically. The chosen base id can be written to a * a file using the baseIdPath option. */ virtual bool useDynamicBaseId() const PURE; /** * @return const std::string& the dynamic base id output file. */ virtual const std::string& baseIdPath() const PURE; /** * @return the number of worker threads to run in the server. */ virtual uint32_t concurrency() const PURE; /** * @return the duration of the drain period in seconds. */ virtual std::chrono::seconds drainTime() const PURE; /** * @return the strategy that defines behaviour of DrainManager::drainClose(); */ virtual DrainStrategy drainStrategy() const PURE; /** * @return the delay before shutting down the parent envoy in a hot restart, * generally longer than drainTime(). */ virtual std::chrono::seconds parentShutdownTime() const PURE; /** * @return const std::string& the path to the configuration file. */ virtual const std::string& configPath() const PURE; /** * @return const std::string& an inline YAML bootstrap config that merges * into the config loaded in configPath(). */ virtual const std::string& configYaml() const PURE; /** * @return const envoy::config::bootstrap::v2::Bootstrap& a bootstrap proto object * that merges into the config last, after configYaml and configPath. */ virtual const envoy::config::bootstrap::v3::Bootstrap& configProto() const PURE; /** * @return const absl::optional& the bootstrap version to use, if specified. */ virtual const absl::optional& bootstrapVersion() const PURE; /** * @return bool allow unknown fields in the static configuration? */ virtual bool allowUnknownStaticFields() const PURE; /** * @return bool allow unknown fields in the dynamic configuration? */ virtual bool rejectUnknownDynamicFields() const PURE; /** * @return bool ignore unknown fields in the dynamic configuration? **/ virtual bool ignoreUnknownDynamicFields() const PURE; /** * @return const std::string& the admin address output file. */ virtual const std::string& adminAddressPath() const PURE; /** * @return Network::Address::IpVersion the local address IP version. */ virtual Network::Address::IpVersion localAddressIpVersion() const PURE; /** * @return spdlog::level::level_enum the default log level for the server. */ virtual spdlog::level::level_enum logLevel() const PURE; /** * @return const std::vector>& pair of * component,log level for all configured components. */ virtual const std::vector>& componentLogLevels() const PURE; /** * @return const std::string& the log format string. */ virtual const std::string& logFormat() const PURE; /** * @return const bool indicating whether to escape c-style escape sequences in logs. */ virtual bool logFormatEscaped() const PURE; /** * @return const bool logger mode: whether to use Fancy Logger. */ virtual bool enableFineGrainLogging() const PURE; /** * @return const std::string& the log file path. */ virtual const std::string& logPath() const PURE; /** * @return the restart epoch. 0 indicates the first server start, 1 the second, and so on. */ virtual uint64_t restartEpoch() const PURE; /** * @return whether to verify the configuration file is valid, print any errors, and exit * without serving. */ virtual Mode mode() const PURE; /** * @return std::chrono::milliseconds the duration in msec between log flushes. */ virtual std::chrono::milliseconds fileFlushIntervalMsec() const PURE; /** * @return const std::string& the server's cluster. */ virtual const std::string& serviceClusterName() const PURE; /** * @return const std::string& the server's node identification. */ virtual const std::string& serviceNodeName() const PURE; /** * @return const std::string& the server's zone. */ virtual const std::string& serviceZone() const PURE; /** * @return bool indicating whether the hot restart functionality has been disabled via cli flags. */ virtual bool hotRestartDisabled() const PURE; /** * @return bool indicating whether system signal listeners are enabled. */ virtual bool signalHandlingEnabled() const PURE; /** * @return bool indicating whether mutex tracing functionality has been enabled. */ virtual bool mutexTracingEnabled() const PURE; /** * @return whether to use the fake symbol table implementation. */ virtual bool fakeSymbolTableEnabled() const PURE; /** * @return bool indicating whether cpuset size should determine the number of worker threads. */ virtual bool cpusetThreadsEnabled() const PURE; /** * @return the names of extensions to disable. */ virtual const std::vector& disabledExtensions() const PURE; /** * Converts the Options in to CommandLineOptions proto message defined in server_info.proto. * @return CommandLineOptionsPtr the protobuf representation of the options. */ virtual CommandLineOptionsPtr toCommandLineOptions() const PURE; /** * @return the path of socket file. */ virtual const std::string& socketPath() const PURE; /** * @return the mode of socket file. */ virtual mode_t socketMode() const PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/overload_manager.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/thread_local/thread_local.h" #include "common/common/macros.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Server { /** * Tracks the state of an overload action. The state is a number between 0 and 1 that represents the * level of saturation. The values are categorized in two groups: * - Saturated (value = 1): indicates that an overload action is active because at least one of its * triggers has reached saturation. * - Scaling (0 <= value < 1): indicates that an overload action is not saturated. */ class OverloadActionState { public: static constexpr OverloadActionState inactive() { return OverloadActionState(0); } static constexpr OverloadActionState saturated() { return OverloadActionState(1.0); } explicit constexpr OverloadActionState(float value) : action_value_(std::min(1.0f, std::max(0.0f, value))) {} float value() const { return action_value_; } bool isSaturated() const { return action_value_ == 1; } private: float action_value_; }; /** * Callback invoked when an overload action changes state. */ using OverloadActionCb = std::function; /** * Thread-local copy of the state of each configured overload action. */ class ThreadLocalOverloadState : public ThreadLocal::ThreadLocalObject { public: // Get a thread-local reference to the value for the given action key. virtual const OverloadActionState& getState(const std::string& action) PURE; }; /** * Well-known overload action names. */ class OverloadActionNameValues { public: // Overload action to stop accepting new HTTP requests. const std::string StopAcceptingRequests = "envoy.overload_actions.stop_accepting_requests"; // Overload action to disable http keepalive (for HTTP1.x). const std::string DisableHttpKeepAlive = "envoy.overload_actions.disable_http_keepalive"; // Overload action to stop accepting new connections. const std::string StopAcceptingConnections = "envoy.overload_actions.stop_accepting_connections"; // Overload action to try to shrink the heap by releasing free memory. const std::string ShrinkHeap = "envoy.overload_actions.shrink_heap"; }; using OverloadActionNames = ConstSingleton; /** * The OverloadManager protects the Envoy instance from being overwhelmed by client * requests. It monitors a set of resources and notifies registered listeners if * configured thresholds for those resources have been exceeded. */ class OverloadManager { public: virtual ~OverloadManager() = default; /** * Start a recurring timer to monitor resources and notify listeners when overload actions * change state. */ virtual void start() PURE; /** * Register a callback to be invoked when the specified overload action changes state * (i.e., becomes activated or inactivated). Must be called before the start method is called. * @param action const std::string& the name of the overload action to register for * @param dispatcher Event::Dispatcher& the dispatcher on which callbacks will be posted * @param callback OverloadActionCb the callback to post when the overload action * changes state * @returns true if action was registered and false if no such action has been configured */ virtual bool registerForAction(const std::string& action, Event::Dispatcher& dispatcher, OverloadActionCb callback) PURE; /** * Get the thread-local overload action states. Lookups in this object can be used as * an alternative to registering a callback for overload action state changes. */ virtual ThreadLocalOverloadState& getThreadLocalOverloadState() PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/process_context.h ================================================ #pragma once #include "envoy/common/pure.h" #include "absl/types/optional.h" namespace Envoy { /** * Represents some other part of the process. */ class ProcessObject { public: virtual ~ProcessObject() = default; }; using ProcessObjectOptRef = absl::optional>; /** * Context passed to filters to access resources from non-Envoy parts of the * process. */ class ProcessContext { public: virtual ~ProcessContext() = default; /** * @return the ProcessObject for this context. */ virtual ProcessObject& get() const PURE; }; using ProcessContextOptRef = absl::optional>; } // namespace Envoy ================================================ FILE: include/envoy/server/request_id_extension_config.h ================================================ #pragma once #include #include "envoy/http/request_id_extension.h" #include "envoy/server/filter_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Implemented for each RequestIDExtension and registered via Registry::registerFactory * or the convenience class RegisterFactory. */ class RequestIDExtensionFactory : public Envoy::Config::TypedFactory { public: ~RequestIDExtensionFactory() override = default; /** * Create a Request ID Extension instance from the provided config proto. * @param config the custom configuration for this request id extension type. * @param context general filter context through which persistent resources can be accessed. */ virtual Http::RequestIDExtensionSharedPtr createExtensionInstance(const Protobuf::Message& config, FactoryContext& context) PURE; std::string category() const override { return "envoy.request_id_extension"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/resource_monitor.h ================================================ #pragma once #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" namespace Envoy { namespace Server { // Struct for reporting usage for a particular resource. struct ResourceUsage { bool operator==(const ResourceUsage& rhs) const { return resource_pressure_ == rhs.resource_pressure_; } // Fraction of (resource usage)/(resource limit). double resource_pressure_; }; class ResourceMonitor { public: virtual ~ResourceMonitor() = default; /** * Notifies caller of updated resource usage. */ class Callbacks { public: virtual ~Callbacks() = default; /** * Called when the request for updated resource usage succeeds. * @param usage the updated resource usage */ virtual void onSuccess(const ResourceUsage& usage) PURE; /** * Called when the request for updated resource usage fails. * @param error the exception caught when trying to get updated resource usage */ virtual void onFailure(const EnvoyException& error) PURE; }; /** * Recalculate resource usage. * This must be non-blocking so if RPCs need to be made they should be * done asynchronously and invoke the callback when finished. */ virtual void updateResourceUsage(Callbacks& callbacks) PURE; }; using ResourceMonitorPtr = std::unique_ptr; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/resource_monitor_config.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "envoy/event/dispatcher.h" #include "envoy/protobuf/message_validator.h" #include "envoy/server/resource_monitor.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { class ResourceMonitorFactoryContext { public: virtual ~ResourceMonitorFactoryContext() = default; /** * @return Event::Dispatcher& the main thread's dispatcher. This dispatcher should be used * for all singleton processing. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return reference to the Api object */ virtual Api::Api& api() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for filter configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; }; /** * Implemented by each resource monitor and registered via Registry::registerFactory() * or the convenience class RegistryFactory. */ class ResourceMonitorFactory : public Config::TypedFactory { public: ~ResourceMonitorFactory() override = default; /** * Create a particular resource monitor implementation. * @param config const ProtoBuf::Message& supplies the config for the resource monitor * implementation. * @param context ResourceMonitorFactoryContext& supplies the resource monitor's context. * @return ResourceMonitorPtr the resource monitor instance. Should not be nullptr. * @throw EnvoyException if the implementation is unable to produce an instance with * the provided parameters. */ virtual ResourceMonitorPtr createResourceMonitor(const Protobuf::Message& config, ResourceMonitorFactoryContext& context) PURE; std::string category() const override { return "envoy.resource_monitors"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/tracer_config.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" #include "envoy/tracing/http_tracer.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Context passed to HTTP tracers to access server resources. */ class TracerFactoryContext { public: virtual ~TracerFactoryContext() = default; /** * @return ServerFactoryContext which lifetime is no shorter than the server. */ virtual ServerFactoryContext& serverFactoryContext() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for tracer configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; }; using TracerFactoryContextPtr = std::unique_ptr; /** * Implemented by each Tracer and registered via Registry::registerFactory() or the convenience * class RegisterFactory. */ class TracerFactory : public Config::TypedFactory { public: ~TracerFactory() override = default; /** * Create a particular HttpTracer implementation. If the implementation is unable to produce an * HttpTracer with the provided parameters, it should throw an EnvoyException in the case of * general error or a Json::Exception if the json configuration is erroneous. The returned * pointer should always be valid. * * NOTE: Due to the corner case of OpenCensus, who can only support a single tracing * configuration per entire process, the returned HttpTracer instance is not guaranteed * to be unique. * That is why the return type has been changed to std::shared_ptr<> instead of a more * idiomatic std::unique_ptr<>. * * @param config supplies the proto configuration for the HttpTracer * @param context supplies the factory context */ virtual Tracing::HttpTracerSharedPtr createHttpTracer(const Protobuf::Message& config, TracerFactoryContext& context) PURE; std::string category() const override { return "envoy.tracers"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/transport_socket_config.h ================================================ #pragma once #include #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/typed_config.h" #include "envoy/event/dispatcher.h" #include "envoy/init/manager.h" #include "envoy/local_info/local_info.h" #include "envoy/network/transport_socket.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/factory_context.h" #include "envoy/singleton/manager.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Server { namespace Configuration { /** * Context passed to transport socket factory to access server resources. */ class TransportSocketFactoryContext { public: virtual ~TransportSocketFactoryContext() = default; /** * @return Server::Admin& the server's admin interface. */ virtual Server::Admin& admin() PURE; /** * @return Ssl::ContextManager& the SSL context manager. */ virtual Ssl::ContextManager& sslContextManager() PURE; /** * @return Stats::Scope& the transport socket's stats scope. */ virtual Stats::Scope& scope() PURE; /** * Return the instance of secret manager. */ virtual Secret::SecretManager& secretManager() PURE; /** * @return the instance of ClusterManager. */ virtual Upstream::ClusterManager& clusterManager() PURE; /** * @return information about the local environment the server is running in. */ virtual const LocalInfo::LocalInfo& localInfo() const PURE; /** * @return Event::Dispatcher& the main thread's dispatcher. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return the server-wide stats store. */ virtual Stats::Store& stats() PURE; /** * @return a reference to the instance of an init manager. */ virtual Init::Manager& initManager() PURE; /** * @return the server's singleton manager. */ virtual Singleton::Manager& singletonManager() PURE; /** * @return the server's TLS slot allocator. */ virtual ThreadLocal::SlotAllocator& threadLocal() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for filter configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; /** * @return reference to the Api object */ virtual Api::Api& api() PURE; }; class TransportSocketConfigFactory : public Config::TypedFactory { public: ~TransportSocketConfigFactory() override = default; }; /** * Implemented by each transport socket used for upstream connections. Registered via class * RegisterFactory. */ class UpstreamTransportSocketConfigFactory : public virtual TransportSocketConfigFactory { public: /** * Create a particular transport socket factory implementation. * @param config const Protobuf::Message& supplies the config message for the transport socket * implementation. * @param context TransportSocketFactoryContext& supplies the transport socket's context. * @return Network::TransportSocketFactoryPtr the transport socket factory instance. The returned * TransportSocketFactoryPtr should not be nullptr. * * @throw EnvoyException if the implementation is unable to produce a factory with the provided * parameters. */ virtual Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, TransportSocketFactoryContext& context) PURE; std::string category() const override { return "envoy.transport_sockets.upstream"; } }; /** * Implemented by each transport socket used for downstream connections. Registered via class * RegisterFactory. */ class DownstreamTransportSocketConfigFactory : public virtual TransportSocketConfigFactory { public: /** * Create a particular downstream transport socket factory implementation. * @param server_names const std::vector& the names of the server. This parameter is * currently used by SNI implementation to know the expected server names. * @param config const Protobuf::Message& supplies the config message for the transport socket * implementation. * @param context TransportSocketFactoryContext& supplies the transport socket's context. * @return Network::TransportSocketFactoryPtr the transport socket factory instance. The returned * TransportSocketFactoryPtr should not be nullptr. * * @throw EnvoyException if the implementation is unable to produce a factory with the provided * parameters. */ virtual Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, TransportSocketFactoryContext& context, const std::vector& server_names) PURE; std::string category() const override { return "envoy.transport_sockets.downstream"; } }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/watchdog.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Server { /** * WatchDog objects are an individual thread's interface with the deadlock * GuardDog. A shared pointer to a WatchDog is obtained from the GuardDog at * thread startup. After this point the "touch" method must be called * periodically to avoid triggering the deadlock detector. */ class WatchDog { public: virtual ~WatchDog() = default; /** * Start a recurring touch timer in the dispatcher passed as argument. * * This will automatically call the touch() method at the interval specified * during construction. * * The timer object is stored within the WatchDog object. It will go away if * the object goes out of scope and stop the timer. */ virtual void startWatchdog(Event::Dispatcher& dispatcher) PURE; /** * Manually indicate that you are still alive by calling this. * * This can be used if this is later used on a thread where there is no dispatcher. */ virtual void touch() PURE; virtual Thread::ThreadId threadId() const PURE; virtual MonotonicTime lastTouchTime() const PURE; }; using WatchDogSharedPtr = std::shared_ptr; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/server/worker.h ================================================ #pragma once #include #include "envoy/server/guarddog.h" #include "envoy/server/overload_manager.h" namespace Envoy { namespace Server { /** * Interface for a threaded connection handling worker. All routines are thread safe. */ class Worker { public: virtual ~Worker() = default; /** * Completion called when a listener has been added on a worker and is listening for new * connections. * @param success supplies whether the addition was successful or not. FALSE can be returned * when there is a race condition between bind() and listen(). */ using AddListenerCompletion = std::function; /** * Add a listener to the worker and replace the previous listener if any. If the previous listener * doesn't exist, the behavior should be equivalent to add a new listener. * @param overridden_listener The previous listener tag to be replaced. nullopt if it's a new * listener. * @param listener supplies the listener to add. * @param completion supplies the completion to call when the listener has been added (or not) on * the worker. */ virtual void addListener(absl::optional overridden_listener, Network::ListenerConfig& listener, AddListenerCompletion completion) PURE; /** * @return uint64_t the number of connections across all listeners that the worker owns. */ virtual uint64_t numConnections() const PURE; /** * Start the worker thread. * @param guard_dog supplies the guard dog to use for thread watching. */ virtual void start(GuardDog& guard_dog) PURE; /** * Initialize stats for this worker's dispatcher, if available. The worker will output * thread-specific stats under the given scope. * @param scope the scope to contain the new per-dispatcher stats created here. */ virtual void initializeStats(Stats::Scope& scope) PURE; /** * Stop the worker thread. */ virtual void stop() PURE; /** * Remove a listener from the worker. * @param listener supplies the listener to remove. * @param completion supplies the completion to be called when the listener has been removed. * This completion is called on the worker thread. No locking is performed by the worker. */ virtual void removeListener(Network::ListenerConfig& listener, std::function completion) PURE; /** * Remove the stale filter chains of the given listener but leave the listener running. * @param listener_tag supplies the tag passed to addListener(). * @param filter_chains supplies the filter chains to be removed. * @param completion supplies the completion to be called when the listener removed all the * untracked connections. This completion is called on the worker thread. No locking is performed * by the worker. */ virtual void removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) PURE; /** * Stop a listener from accepting new connections. This is used for server draining. * @param listener supplies the listener to stop. * @param completion supplies the completion to be called when the listener has stopped * accepting new connections. This completion is called on the worker thread. No locking is * performed by the worker. */ virtual void stopListener(Network::ListenerConfig& listener, std::function completion) PURE; }; using WorkerPtr = std::unique_ptr; /** * Factory for creating workers. */ class WorkerFactory { public: virtual ~WorkerFactory() = default; /** * @param index supplies the index of the worker, in the range of [0, concurrency). * @param overload_manager supplies the server's overload manager. * @param worker_name supplies the name of the worker, used for per-worker stats. * @return WorkerPtr a new worker. */ virtual WorkerPtr createWorker(uint32_t index, OverloadManager& overload_manager, const std::string& worker_name) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: include/envoy/singleton/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "instance_interface", hdrs = ["instance.h"], ) envoy_cc_library( name = "manager_interface", hdrs = ["manager.h"], deps = [ ":instance_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/registry", ], ) ================================================ FILE: include/envoy/singleton/instance.h ================================================ #pragma once #include namespace Envoy { namespace Singleton { /** * All singletons must derive from this type. */ class Instance { public: virtual ~Instance() = default; }; using InstanceSharedPtr = std::shared_ptr; } // namespace Singleton } // namespace Envoy ================================================ FILE: include/envoy/singleton/manager.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" #include "envoy/singleton/instance.h" namespace Envoy { namespace Singleton { /** * An abstract registration for a singleton entry. */ class Registration : public Config::UntypedFactory { public: ~Registration() override = default; std::string category() const override { return "envoy.singleton"; } }; /** * A concrete implementation of a singleton registration. All singletons are referenced by name * and must be statically registered ahead of time. This can be done like so: * * static constexpr char foo_singleton_name[] = "foo_singleton"; * static Registry::RegisterFactory, * Singleton::Registration> * date_provider_singleton_registered_; * * Once this is done, the singleton can be get/set via the manager. See the Manager interface * for more information. */ template class RegistrationImpl : public Registration { public: std::string name() const override { return name_param; } }; /** * Macro used to statically register singletons managed by the singleton manager * defined in envoy/singleton/manager.h. After the NAME has been registered use the * SINGLETON_MANAGER_REGISTERED_NAME macro to access the name registered with the * singleton manager. */ #define SINGLETON_MANAGER_REGISTRATION(NAME) \ static constexpr char NAME##_singleton_name[] = #NAME "_singleton"; \ static Envoy::Registry::RegisterInternalFactory< \ Envoy::Singleton::RegistrationImpl, Envoy::Singleton::Registration> \ NAME##_singleton_registered_; #define SINGLETON_MANAGER_REGISTERED_NAME(NAME) NAME##_singleton_name /** * Callback function used to create a singleton. */ using SingletonFactoryCb = std::function; /** * A manager for all server-side singletons. */ class Manager { public: virtual ~Manager() = default; /** * This is a helper on top of get() that casts the object stored to the specified type. Since the * manager only stores pointers to the base interface, dynamic_cast provides some level of * protection via RTTI. */ template std::shared_ptr getTyped(const std::string& name, SingletonFactoryCb cb) { return std::dynamic_pointer_cast(get(name, cb)); } /** * Get a singleton and create it if it does not exist. * @param name supplies the singleton name. Must be registered via RegistrationImpl. * @param singleton supplies the singleton creation callback. This will only be called if the * singleton does not already exist. NOTE: The manager only stores a weak pointer. This * allows a singleton to be cleaned up if it is not needed any more. All code that uses * singletons must store the shared_ptr for as long as the singleton is needed. * @return InstancePtr the singleton. */ virtual InstanceSharedPtr get(const std::string& name, SingletonFactoryCb) PURE; }; using ManagerPtr = std::unique_ptr; } // namespace Singleton } // namespace Envoy ================================================ FILE: include/envoy/ssl/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "connection_interface", hdrs = ["connection.h"], external_deps = ["abseil_optional"], deps = [ ":ssl_socket_state", "//include/envoy/common:time_interface", ], ) envoy_cc_library( name = "context_interface", hdrs = ["context.h"], deps = ["@envoy_api//envoy/admin/v3:pkg_cc_proto"], ) envoy_cc_library( name = "context_config_interface", hdrs = ["context_config.h"], deps = [ ":certificate_validation_context_config_interface", ":handshaker_interface", ":tls_certificate_config_interface", ], ) envoy_cc_library( name = "context_manager_interface", hdrs = ["context_manager.h"], deps = [ ":context_config_interface", ":context_interface", "//include/envoy/common:time_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "tls_certificate_config_interface", hdrs = ["tls_certificate_config.h"], deps = [ "//include/envoy/ssl/private_key:private_key_interface", ], ) envoy_cc_library( name = "certificate_validation_context_config_interface", hdrs = ["certificate_validation_context_config.h"], deps = [ "//source/common/common:matchers_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ssl_socket_extended_info_interface", hdrs = ["ssl_socket_extended_info.h"], deps = [ ], ) envoy_cc_library( name = "ssl_socket_state", hdrs = ["ssl_socket_state.h"], deps = [], ) envoy_cc_library( name = "handshaker_interface", hdrs = ["handshaker.h"], external_deps = ["ssl"], deps = [ "//include/envoy/api:api_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:post_io_action_interface", "//include/envoy/protobuf:message_validator_interface", ], ) ================================================ FILE: include/envoy/ssl/certificate_validation_context_config.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/type/matcher/v3/string.pb.h" namespace Envoy { namespace Ssl { class CertificateValidationContextConfig { public: virtual ~CertificateValidationContextConfig() = default; /** * @return The CA certificate to use for peer validation. */ virtual const std::string& caCert() const PURE; /** * @return Path of the CA certificate to use for peer validation or "" * if the CA certificate was inlined. */ virtual const std::string& caCertPath() const PURE; /** * @return The CRL to check if a cert is revoked. */ virtual const std::string& certificateRevocationList() const PURE; /** * @return Path of the certificate revocation list, or "" if the CRL * was inlined. */ virtual const std::string& certificateRevocationListPath() const PURE; /** * @return The subject alt names to be verified, if enabled. */ virtual const std::vector& verifySubjectAltNameList() const PURE; /** * @return The subject alt name matchers to be verified, if enabled. */ virtual const std::vector& subjectAltNameMatchers() const PURE; /** * @return A list of a hex-encoded SHA-256 certificate hashes to be verified. */ virtual const std::vector& verifyCertificateHashList() const PURE; /** * @return A list of a hex-encoded SHA-256 SPKI hashes to be verified. */ virtual const std::vector& verifyCertificateSpkiList() const PURE; /** * @return whether to ignore expired certificates (both too new and too old). */ virtual bool allowExpiredCertificate() const PURE; /** * @return client certificate validation configuration. */ virtual envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext:: TrustChainVerification trustChainVerification() const PURE; }; using CertificateValidationContextConfigPtr = std::unique_ptr; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/connection.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "absl/types/span.h" namespace Envoy { namespace Ssl { /** * Base connection interface for all SSL connections. */ class ConnectionInfo { public: virtual ~ConnectionInfo() = default; /** * @return bool whether the peer certificate is presented. **/ virtual bool peerCertificatePresented() const PURE; /** * @return bool whether the peer certificate was validated. **/ virtual bool peerCertificateValidated() const PURE; /** * @return absl::Spanthe URIs in the SAN field of the local certificate. * Returns {} if there is no local certificate, or no SAN field, or no URI. **/ virtual absl::Span uriSanLocalCertificate() const PURE; /** * @return std::string the subject field of the local certificate in RFC 2253 format. Returns "" * if there is no local certificate, or no subject. **/ virtual const std::string& subjectLocalCertificate() const PURE; /** * @return std::string the SHA256 digest of the peer certificate. Returns "" if there is no peer * certificate which can happen in TLS (non mTLS) connections. */ virtual const std::string& sha256PeerCertificateDigest() const PURE; /** * @return std::string the SHA1 digest of the peer certificate. Returns "" if there is no peer * certificate which can happen in TLS (non mTLS) connections. */ virtual const std::string& sha1PeerCertificateDigest() const PURE; /** * @return std::string the serial number field of the peer certificate. Returns "" if * there is no peer certificate, or no serial number. **/ virtual const std::string& serialNumberPeerCertificate() const PURE; /** * @return std::string the issuer field of the peer certificate in RFC 2253 format. Returns "" if * there is no peer certificate, or no issuer. **/ virtual const std::string& issuerPeerCertificate() const PURE; /** * @return std::string the subject field of the peer certificate in RFC 2253 format. Returns "" if * there is no peer certificate, or no subject. **/ virtual const std::string& subjectPeerCertificate() const PURE; /** * @return absl::Span the URIs in the SAN field of the peer certificate. * Returns {} if there is no peer certificate, or no SAN field, or no URI. **/ virtual absl::Span uriSanPeerCertificate() const PURE; /** * @return std::string the URL-encoded PEM-encoded representation of the peer certificate. Returns * "" if there is no peer certificate or encoding fails. **/ virtual const std::string& urlEncodedPemEncodedPeerCertificate() const PURE; /** * @return std::string the URL-encoded PEM-encoded representation of the full peer certificate * chain including the leaf certificate. Returns "" if there is no peer certificate or * encoding fails. **/ virtual const std::string& urlEncodedPemEncodedPeerCertificateChain() const PURE; /** * @return absl::Span the DNS entries in the SAN field of the peer certificate. * Returns {} if there is no peer certificate, or no SAN field, or no DNS. **/ virtual absl::Span dnsSansPeerCertificate() const PURE; /** * @return absl::Span the DNS entries in the SAN field of the local *certificate. Returns {} if there is no local certificate, or no SAN field, or no DNS. **/ virtual absl::Span dnsSansLocalCertificate() const PURE; /** * @return absl::optional the time that the peer certificate was issued and should be * considered valid from. Returns empty absl::optional if there is no peer certificate. **/ virtual absl::optional validFromPeerCertificate() const PURE; /** * @return absl::optional the time that the peer certificate expires and should not be * considered valid after. Returns empty absl::optional if there is no peer certificate. **/ virtual absl::optional expirationPeerCertificate() const PURE; /** * @return std::string the hex-encoded TLS session ID as defined in rfc5246. **/ virtual const std::string& sessionId() const PURE; /** * @return uint16_t the standard ID for the ciphers used in the established TLS connection. * Returns 0xffff if there is no current negotiated ciphersuite. **/ virtual uint16_t ciphersuiteId() const PURE; /** * @return std::string the OpenSSL name for the set of ciphers used in the established TLS * connection. Returns "" if there is no current negotiated ciphersuite. **/ virtual std::string ciphersuiteString() const PURE; /** * @return std::string the TLS version (e.g., TLSv1.2, TLSv1.3) used in the established TLS * connection. **/ virtual const std::string& tlsVersion() const PURE; }; using ConnectionInfoConstSharedPtr = std::shared_ptr; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/context.h ================================================ #pragma once #include #include #include "envoy/admin/v3/certs.pb.h" #include "envoy/common/pure.h" #include "absl/types/optional.h" namespace Envoy { namespace Ssl { using CertificateDetailsPtr = std::unique_ptr; /** * SSL Context is used as a template for SSL connection configuration. */ class Context { public: virtual ~Context() = default; /** * @return the number of days in this context until the next certificate will expire */ virtual size_t daysUntilFirstCertExpires() const PURE; /** * @return certificate details conforming to proto admin.v2alpha.certs. */ virtual CertificateDetailsPtr getCaCertInformation() const PURE; /** * @return certificate details conforming to proto admin.v2alpha.certs. */ virtual std::vector getCertChainInformation() const PURE; /** * @return the number of seconds in this context until the next OCSP response will * expire, or `absl::nullopt` if no OCSP responses exist. */ virtual absl::optional secondsUntilFirstOcspResponseExpires() const PURE; }; using ContextSharedPtr = std::shared_ptr; class ClientContext : public virtual Context {}; using ClientContextSharedPtr = std::shared_ptr; class ServerContext : public virtual Context {}; using ServerContextSharedPtr = std::shared_ptr; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/context_config.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/pure.h" #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/ssl/handshaker.h" #include "envoy/ssl/tls_certificate_config.h" #include "absl/types/optional.h" namespace Envoy { namespace Ssl { /** * Supplies the configuration for an SSL context. */ class ContextConfig { public: virtual ~ContextConfig() = default; /** * The list of supported protocols exposed via ALPN. Client connections will send these * protocols to the server. Server connections will use these protocols to select the next * protocol if the client supports ALPN. */ virtual const std::string& alpnProtocols() const PURE; /** * The ':' delimited list of supported cipher suites */ virtual const std::string& cipherSuites() const PURE; /** * The ':' delimited list of supported ECDH curves. */ virtual const std::string& ecdhCurves() const PURE; /** * @return std::vector> TLS * certificate configs. */ virtual std::vector> tlsCertificates() const PURE; /** * @return CertificateValidationContextConfig the certificate validation context config. */ virtual const CertificateValidationContextConfig* certificateValidationContext() const PURE; /** * @return The minimum TLS protocol version to negotiate. */ virtual unsigned minProtocolVersion() const PURE; /** * @return The maximum TLS protocol version to negotiate. */ virtual unsigned maxProtocolVersion() const PURE; /** * @return true if the ContextConfig is able to provide secrets to create SSL context, * and false if dynamic secrets are expected but are not downloaded from SDS server yet. */ virtual bool isReady() const PURE; /** * Add secret callback into context config. When dynamic secrets are in use and new secrets * are downloaded from SDS server, this callback is invoked to update SSL context. * @param callback callback that is executed by context config. */ virtual void setSecretUpdateCallback(std::function callback) PURE; /** * @return a callback which can be used to create Handshaker instances. */ virtual HandshakerFactoryCb createHandshaker() const PURE; /** * @return the set of capabilities for handshaker instances created by this context. */ virtual HandshakerCapabilities capabilities() const PURE; }; class ClientContextConfig : public virtual ContextConfig { public: /** * @return The server name indication if it's set and ssl enabled * Otherwise, "" */ virtual const std::string& serverNameIndication() const PURE; /** * @return true if server-initiated TLS renegotiation will be allowed. */ virtual bool allowRenegotiation() const PURE; /** * @return The maximum number of session keys to store. */ virtual size_t maxSessionKeys() const PURE; /** * @return const std::string& with the signature algorithms for the context. * This is a :-delimited list of algorithms, see * https://tools.ietf.org/id/draft-ietf-tls-tls13-21.html#rfc.section.4.2.3 * for names. */ virtual const std::string& signingAlgorithmsForTest() const PURE; }; using ClientContextConfigPtr = std::unique_ptr; class ServerContextConfig : public virtual ContextConfig { public: struct SessionTicketKey { std::array name_; // 16 == SSL_TICKET_KEY_NAME_LEN std::array hmac_key_; // 32 == SHA256_DIGEST_LENGTH std::array aes_key_; // AES256 key size, in bytes }; enum class OcspStaplePolicy { LenientStapling, StrictStapling, MustStaple, }; /** * @return True if client certificate is required, false otherwise. */ virtual bool requireClientCertificate() const PURE; /** * @return OcspStaplePolicy The rule for determining whether to staple OCSP * responses on new connections. */ virtual OcspStaplePolicy ocspStaplePolicy() const PURE; /** * @return The keys to use for encrypting and decrypting session tickets. * The first element is used for encrypting new tickets, and all elements * are candidates for decrypting received tickets. */ virtual const std::vector& sessionTicketKeys() const PURE; /** * @return timeout in seconds for the session. * Session timeout is used to specify lifetime hint of tls tickets. */ virtual absl::optional sessionTimeout() const PURE; /** * @return True if stateless TLS session resumption is disabled, false otherwise. */ virtual bool disableStatelessSessionResumption() const PURE; }; using ServerContextConfigPtr = std::unique_ptr; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/context_manager.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "envoy/config/typed_config.h" #include "envoy/ssl/context.h" #include "envoy/ssl/context_config.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/stats/scope.h" namespace Envoy { namespace Ssl { /** * Manages all of the SSL contexts in the process */ class ContextManager { public: virtual ~ContextManager() = default; /** * Builds a ClientContext from a ClientContextConfig. */ virtual ClientContextSharedPtr createSslClientContext(Stats::Scope& scope, const ClientContextConfig& config) PURE; /** * Builds a ServerContext from a ServerContextConfig. */ virtual ServerContextSharedPtr createSslServerContext(Stats::Scope& scope, const ServerContextConfig& config, const std::vector& server_names) PURE; /** * @return the number of days until the next certificate being managed will expire. */ virtual size_t daysUntilFirstCertExpires() const PURE; /** * Iterate through all currently allocated contexts. */ virtual void iterateContexts(std::function callback) PURE; /** * Access the private key operations manager, which is part of SSL * context manager. */ virtual PrivateKeyMethodManager& privateKeyMethodManager() PURE; /** * @return the number of seconds until the next OCSP response being managed will * expire, or `absl::nullopt` if no OCSP responses exist. */ virtual absl::optional secondsUntilFirstOcspResponseExpires() const PURE; }; using ContextManagerPtr = std::unique_ptr; class ContextManagerFactory : public Config::UntypedFactory { public: ~ContextManagerFactory() override = default; virtual ContextManagerPtr createContextManager(TimeSource& time_source) PURE; // There could be only one factory thus the name is static. std::string name() const override { return "ssl_context_manager"; } std::string category() const override { return "envoy.ssl_context_manager"; } }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/handshaker.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/config/typed_config.h" #include "envoy/network/connection.h" #include "envoy/network/post_io_action.h" #include "envoy/protobuf/message_validator.h" #include "openssl/ssl.h" namespace Envoy { namespace Ssl { class HandshakeCallbacks { public: virtual ~HandshakeCallbacks() = default; /** * @return the connection. */ virtual Network::Connection& connection() const PURE; /** * A callback which will be executed at most once upon successful completion * of a handshake. */ virtual void onSuccess(SSL* ssl) PURE; /** * A callback which will be executed at most once upon handshake failure. */ virtual void onFailure() PURE; /** * Returns a pointer to the transportSocketCallbacks struct, or nullptr if * unset. */ virtual Network::TransportSocketCallbacks* transportSocketCallbacks() PURE; }; /** * Base interface for performing TLS handshakes. */ class Handshaker { public: virtual ~Handshaker() = default; /** * Performs a TLS handshake and returns an action indicating * whether the callsite should close the connection or keep it open. */ virtual Network::PostIoAction doHandshake() PURE; }; using HandshakerSharedPtr = std::shared_ptr; using HandshakerFactoryCb = std::function, int, HandshakeCallbacks*)>; class HandshakerFactoryContext { public: virtual ~HandshakerFactoryContext() = default; /** * @return reference to the Api object */ virtual Api::Api& api() PURE; /** * The list of supported protocols exposed via ALPN, from ContextConfig. */ virtual absl::string_view alpnProtocols() const PURE; }; struct HandshakerCapabilities { // Whether or not a handshaker implementation provides certificates itself. bool provides_certificates = false; // Whether or not a handshaker implementation verifies certificates itself. bool verifies_peer_certificates = false; // Whether or not a handshaker implementation handles session resumption // itself. bool handles_session_resumption = false; // Whether or not a handshaker implementation provides its own list of ciphers // and curves. bool provides_ciphers_and_curves = false; // Whether or not a handshaker implementation handles ALPN selection. bool handles_alpn_selection = false; // Should return true if this handshaker is FIPS-compliant. // Envoy will fail to compile if this returns true and `--define=boringssl=fips`. bool is_fips_compliant = true; }; class HandshakerFactory : public Config::TypedFactory { public: /** * @returns a callback to create a Handshaker. Accepts the |config| and * |validation_visitor| for early validation. This virtual base doesn't * perform MessageUtil::downcastAndValidate, but an implementation should. */ virtual HandshakerFactoryCb createHandshakerCb(const Protobuf::Message& message, HandshakerFactoryContext& handshaker_factory_context, ProtobufMessage::ValidationVisitor& validation_visitor) PURE; std::string category() const override { return "envoy.tls_handshakers"; } /** * Implementations should return a struct with their capabilities. See * HandshakerCapabilities above. For any capability a Handshaker * implementation explicitly declares, Envoy will not also configure that SSL * capability. */ virtual HandshakerCapabilities capabilities() const PURE; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/private_key/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "private_key_interface", hdrs = ["private_key.h"], external_deps = ["ssl"], deps = [ ":private_key_callbacks_interface", "//include/envoy/event:dispatcher_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "private_key_config_interface", hdrs = ["private_key_config.h"], deps = [ ":private_key_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/registry", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "private_key_callbacks_interface", hdrs = ["private_key_callbacks.h"], external_deps = ["ssl"], ) ================================================ FILE: include/envoy/ssl/private_key/private_key.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/ssl/private_key/private_key_callbacks.h" #include "openssl/ssl.h" namespace Envoy { namespace Server { namespace Configuration { // Prevent a dependency loop with the forward declaration. class TransportSocketFactoryContext; } // namespace Configuration } // namespace Server namespace Ssl { #ifdef OPENSSL_IS_BORINGSSL using BoringSslPrivateKeyMethodSharedPtr = std::shared_ptr; #endif class PrivateKeyMethodProvider { public: virtual ~PrivateKeyMethodProvider() = default; /** * Register an SSL connection to private key operations by the provider. * @param ssl a SSL connection object. * @param cb a callbacks object, whose "complete" method will be invoked * when the asynchronous processing is complete. * @param dispatcher supplies the owning thread's dispatcher. */ virtual void registerPrivateKeyMethod(SSL* ssl, PrivateKeyConnectionCallbacks& cb, Event::Dispatcher& dispatcher) PURE; /** * Unregister an SSL connection from private key operations by the provider. * @param ssl a SSL connection object. * @throw EnvoyException if registration fails. */ virtual void unregisterPrivateKeyMethod(SSL* ssl) PURE; /** * Check whether the private key method satisfies FIPS requirements. * @return true if FIPS key requirements are satisfied, false if not. */ virtual bool checkFips() PURE; #ifdef OPENSSL_IS_BORINGSSL /** * Get the private key methods from the provider. * @return the private key methods associated with this provider and * configuration. */ virtual BoringSslPrivateKeyMethodSharedPtr getBoringSslPrivateKeyMethod() PURE; #endif }; using PrivateKeyMethodProviderSharedPtr = std::shared_ptr; /** * A manager for finding correct user-provided functions for handling BoringSSL private key * operations. */ class PrivateKeyMethodManager { public: virtual ~PrivateKeyMethodManager() = default; /** * Finds and returns a private key operations provider for BoringSSL. * * @param config a protobuf message object containing a PrivateKeyProvider message. * @param factory_context context that provides components for creating and * initializing connections using asynchronous private key operations. * @return PrivateKeyMethodProvider the private key operations provider, or nullptr if * no provider can be used with the context configuration. */ virtual PrivateKeyMethodProviderSharedPtr createPrivateKeyMethodProvider( const envoy::extensions::transport_sockets::tls::v3::PrivateKeyProvider& config, Envoy::Server::Configuration::TransportSocketFactoryContext& factory_context) PURE; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/private_key/private_key_callbacks.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Ssl { class PrivateKeyConnectionCallbacks { public: virtual ~PrivateKeyConnectionCallbacks() = default; /** * Callback function which is called when the asynchronous private key * operation has been completed (with either success or failure). The * provider will communicate the success status when SSL_do_handshake() * is called the next time. */ virtual void onPrivateKeyMethodComplete() PURE; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/private_key/private_key_config.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/registry/registry.h" #include "envoy/ssl/private_key/private_key.h" namespace Envoy { namespace Ssl { // Base class which the private key operation provider implementations can register. class PrivateKeyMethodProviderInstanceFactory : public Config::UntypedFactory { public: ~PrivateKeyMethodProviderInstanceFactory() override = default; /** * Create a particular PrivateKeyMethodProvider implementation. If the implementation is * unable to produce a PrivateKeyMethodProvider with the provided parameters, it should throw * an EnvoyException. The returned pointer should always be valid. * @param config supplies the custom proto configuration for the PrivateKeyMethodProvider * @param context supplies the factory context */ virtual PrivateKeyMethodProviderSharedPtr createPrivateKeyMethodProviderInstance( const envoy::extensions::transport_sockets::tls::v3::PrivateKeyProvider& config, Server::Configuration::TransportSocketFactoryContext& factory_context) PURE; std::string category() const override { return "envoy.tls.key_providers"; }; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/ssl_socket_extended_info.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Ssl { enum class ClientValidationStatus { NotValidated, NoClientCertificate, Validated, Failed }; class SslExtendedSocketInfo { public: virtual ~SslExtendedSocketInfo() = default; /** * Set the peer certificate validation status. **/ virtual void setCertificateValidationStatus(ClientValidationStatus validated) PURE; /** * @return ClientValidationStatus The peer certificate validation status. **/ virtual ClientValidationStatus certificateValidationStatus() const PURE; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/ssl_socket_state.h ================================================ #pragma once namespace Envoy { namespace Ssl { enum class SocketState { PreHandshake, HandshakeInProgress, HandshakeComplete, ShutdownSent }; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/ssl/tls_certificate_config.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/ssl/private_key/private_key.h" namespace Envoy { namespace Ssl { class TlsCertificateConfig { public: virtual ~TlsCertificateConfig() = default; /** * @return a string of certificate chain. */ virtual const std::string& certificateChain() const PURE; /** * @return path of the certificate chain used to identify the local side or "" if the * certificate chain was inlined. */ virtual const std::string& certificateChainPath() const PURE; /** * @return a string of private key. */ virtual const std::string& privateKey() const PURE; /** * @return path of the private key used to identify the local side or "" if the private * key was inlined. */ virtual const std::string& privateKeyPath() const PURE; /** * @return private key method provider. */ virtual Envoy::Ssl::PrivateKeyMethodProviderSharedPtr privateKeyMethod() const PURE; /** * @return a string of password. */ virtual const std::string& password() const PURE; /** * @return path of the password file to be used to decrypt the private key or "" if the * password was inlined. */ virtual const std::string& passwordPath() const PURE; /** * @return a byte vector of ocsp response. */ virtual const std::vector& ocspStaple() const PURE; /** * @return path of the ocsp response file for this certificate or "" if the * ocsp response was inlined. */ virtual const std::string& ocspStaplePath() const PURE; }; using TlsCertificateConfigPtr = std::unique_ptr; } // namespace Ssl } // namespace Envoy ================================================ FILE: include/envoy/stats/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "refcount_ptr_interface", hdrs = ["refcount_ptr.h"], deps = ["//source/common/common:assert_lib"], ) # TODO(jmarantz): atomize the build rules to match the include files. envoy_cc_library( name = "stats_interface", hdrs = [ "allocator.h", "histogram.h", "scope.h", "sink.h", "stats.h", "stats_matcher.h", "store.h", "tag.h", "tag_extractor.h", "tag_producer.h", ], external_deps = ["abseil_inlined_vector"], deps = [ ":refcount_ptr_interface", ":symbol_table_interface", "//include/envoy/common:interval_set_interface", ], ) envoy_cc_library( name = "primitive_stats_interface", hdrs = [ "primitive_stats.h", ], deps = [ "//source/common/common:assert_lib", "//source/common/common:non_copyable", ], ) envoy_cc_library( name = "symbol_table_interface", hdrs = ["symbol_table.h"], external_deps = ["abseil_inlined_vector"], deps = [ "//source/common/common:hash_lib", ], ) envoy_cc_library( name = "timespan_interface", hdrs = ["timespan.h"], ) envoy_cc_library( name = "stats_macros", hdrs = ["stats_macros.h"], deps = [":stats_interface"], ) envoy_cc_library( name = "primitive_stats_macros", hdrs = ["primitive_stats_macros.h"], deps = [":primitive_stats_interface"], ) ================================================ FILE: include/envoy/stats/allocator.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/stats.h" #include "envoy/stats/symbol_table.h" #include "envoy/stats/tag.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Abstract interface for allocating statistics. Implementations can * be created utilizing a single fixed-size block suitable for * shared-memory, or in the heap, allowing for pointers and sharing of * substrings, with an opportunity for reduced memory consumption. */ class Allocator { public: virtual ~Allocator() = default; /** * @param name the full name of the stat. * @param tag_extracted_name the name of the stat with tag-values stripped out. * @param tags the tag values. * @return CounterSharedPtr a counter. */ virtual CounterSharedPtr makeCounter(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) PURE; /** * @param name the full name of the stat. * @param tag_extracted_name the name of the stat with tag-values stripped out. * @param stat_name_tags the tag values. * @return GaugeSharedPtr a gauge. */ virtual GaugeSharedPtr makeGauge(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, Gauge::ImportMode import_mode) PURE; /** * @param name the full name of the stat. * @param tag_extracted_name the name of the stat with tag-values stripped out. * @param tags the tag values. * @return TextReadoutSharedPtr a text readout. */ virtual TextReadoutSharedPtr makeTextReadout(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) PURE; virtual const SymbolTable& constSymbolTable() const PURE; virtual SymbolTable& symbolTable() PURE; // TODO(jmarantz): create a parallel mechanism to instantiate histograms. At // the moment, histograms don't fit the same pattern of counters and gauges // as they are not actually created in the context of a stats allocator. }; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/histogram.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/refcount_ptr.h" #include "envoy/stats/stats.h" namespace Envoy { namespace Stats { using ConstSupportedBuckets = const std::vector; class HistogramSettings { public: virtual ~HistogramSettings() = default; /** * For formats like Prometheus where the entire histogram is published (but not * like statsd where each value to include in the histogram is emitted separately), * get the limits for each histogram bucket. * @return The buckets for the histogram. Each value is an upper bound of a bucket. */ virtual ConstSupportedBuckets& buckets(absl::string_view stat_name) const PURE; }; using HistogramSettingsConstPtr = std::unique_ptr; /** * Holds the computed statistics for a histogram. */ class HistogramStatistics { public: virtual ~HistogramStatistics() = default; /** * Returns quantile summary representation of the histogram. */ virtual std::string quantileSummary() const PURE; /** * Returns bucket summary representation of the histogram. */ virtual std::string bucketSummary() const PURE; /** * Returns supported quantiles. */ virtual const std::vector& supportedQuantiles() const PURE; /** * Returns computed quantile values during the period. */ virtual const std::vector& computedQuantiles() const PURE; /** * Returns supported buckets. Each value is the upper bound of the bucket * with 0 as the implicit lower bound. For timers, these bucket thresholds * are in milliseconds but the thresholds are applicable to all types of data. */ virtual ConstSupportedBuckets& supportedBuckets() const PURE; /** * Returns computed bucket values during the period. The vector contains an approximation * of samples below each quantile bucket defined in supportedBuckets(). This vector is * guaranteed to be the same length as supportedBuckets(). */ virtual const std::vector& computedBuckets() const PURE; /** * Returns number of values during the period. This number may be an approximation * of the number of samples in the histogram, it is not guaranteed that this will be * 100% the number of samples observed. */ virtual uint64_t sampleCount() const PURE; /** * Returns sum of all values during the period. */ virtual double sampleSum() const PURE; }; /** * A histogram that records values one at a time. * Note: Histograms now incorporate what used to be timers because the only * difference between the two stat types was the units being represented. */ class Histogram : public Metric { public: /** * Histogram values represent scalar quantity like time, length, mass, * distance, or in general anything which has only magnitude and no other * characteristics. These are often accompanied by a unit of measurement. * This enum defines units for commonly measured quantities. Base units * are preferred unless they are not granular enough to be useful as an * integer. */ enum class Unit { Null, // The histogram has been rejected, i.e. it's a null histogram and is not recording // anything. Unspecified, // Measured quantity does not require a unit, e.g. "items". Bytes, Microseconds, Milliseconds, }; ~Histogram() override = default; /** * @return the unit of measurement for values recorded by the histogram. */ virtual Unit unit() const PURE; /** * Records an unsigned value in the unit specified during the construction. */ virtual void recordValue(uint64_t value) PURE; }; using HistogramSharedPtr = RefcountPtr; /** * A histogram that is stored in main thread and provides summary view of the histogram. */ class ParentHistogram : public Histogram { public: ~ParentHistogram() override = default; /** * This method is called during the main stats flush process for each of the histograms and used * to merge the histogram values. */ virtual void merge() PURE; /** * Returns the interval histogram summary statistics for the flush interval. */ virtual const HistogramStatistics& intervalStatistics() const PURE; /** * Returns the cumulative histogram summary statistics. */ virtual const HistogramStatistics& cumulativeStatistics() const PURE; /** * Returns the quantile summary representation. */ virtual const std::string quantileSummary() const PURE; /** * Returns the bucket summary representation. */ virtual const std::string bucketSummary() const PURE; }; using ParentHistogramSharedPtr = RefcountPtr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/primitive_stats.h ================================================ #pragma once #include #include "common/common/assert.h" #include "common/common/non_copyable.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Primitive, low-memory-overhead counter with incrementing and latching capabilities. Each * increment is added both to a global counter as well as periodic counter. Calling latch() * returns the periodic counter and clears it. */ class PrimitiveCounter : NonCopyable { public: PrimitiveCounter() = default; uint64_t value() const { return value_; } void add(uint64_t amount) { value_ += amount; pending_increment_ += amount; } void inc() { add(1); } void reset() { value_ = 0; } uint64_t latch() { return pending_increment_.exchange(0); } private: std::atomic value_{0}; std::atomic pending_increment_{0}; }; using PrimitiveCounterReference = std::reference_wrapper; /** * Primitive, low-memory-overhead gauge with increment and decrement capabilities. */ class PrimitiveGauge : NonCopyable { public: PrimitiveGauge() = default; uint64_t value() const { return value_; } void add(uint64_t amount) { value_ += amount; } void dec() { sub(1); } void inc() { add(1); } void set(uint64_t value) { value_ = value; } void sub(uint64_t amount) { ASSERT(value_ >= amount); value_ -= amount; } private: std::atomic value_{0}; }; using PrimitiveGaugeReference = std::reference_wrapper; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/primitive_stats_macros.h ================================================ #pragma once #include "envoy/stats/primitive_stats.h" #include "absl/strings/string_view.h" namespace Envoy { /** * These are helper macros for allocating "fixed" stats throughout the code base in a way that * is also easy to mock and test. The general flow looks like this: * * Define a block of stats like this: * #define MY_COOL_STATS(COUNTER, GAUGE) \ * COUNTER(counter1) \ * GAUGE(gauge1) \ * ... * * By convention, starting with #7083, we sort the lines of this macro block, so * all the counters are grouped together, then all the gauges, etc. We do not * use clang-format-on/off etc. "./tools/code_format/check_format.py fix" will take care of * lining up the backslashes. * * Now actually put these stats somewhere, usually as a member of a struct: * struct MyCoolStats { * MY_COOL_STATS(GENERATE_PRIMITIVE_COUNTER_STRUCT, GENERATE_PRIMITIVE_GAUGE_STRUCT); * * // Optional: Provide access to counters as a map. * std::vector> counters() const { * return {MY_COOL_STATS(PRIMITIVE_COUNTER_NAME_AND_REFERENCE, IGNORE_PRIMITIVE_GAUGE)}; * } * * // Optional: Provide access to gauges as a map. * std::vector> gauges() const { * return {MY_COOL_STATS(IGNORE_PRIMITIVE_COUNTER, PRIMITIVE_GAUGE_NAME_AND_REFERENCE)}; * } * }; * * Finally, when you want to actually instantiate the above struct you do: * MyCoolStats stats; */ // Fully-qualified for use in external callsites. #define GENERATE_PRIMITIVE_COUNTER_STRUCT(NAME) Envoy::Stats::PrimitiveCounter NAME##_; #define GENERATE_PRIMITIVE_GAUGE_STRUCT(NAME) Envoy::Stats::PrimitiveGauge NAME##_; // Name and counter/gauge reference pair used to construct map of counters/gauges. #define PRIMITIVE_COUNTER_NAME_AND_REFERENCE(X) {absl::string_view(#X), std::ref(X##_)}, #define PRIMITIVE_GAUGE_NAME_AND_REFERENCE(X) {absl::string_view(#X), std::ref(X##_)}, // Ignore a counter or gauge. #define IGNORE_PRIMITIVE_COUNTER(X) #define IGNORE_PRIMITIVE_GAUGE(X) } // namespace Envoy ================================================ FILE: include/envoy/stats/refcount_ptr.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "common/common/assert.h" namespace Envoy { namespace Stats { // Implements a reference-counted pointer to a class, so that its external usage // model is identical to std::shared_ptr, but the reference count itself is held // in the class. The class is expected to implement three methods: // void incRefCount() // bool decRefCount() -- returns true if the reference count goes to zero. // uint32_t use_count() // It may implement them by delegating to RefcountHelper (see below), or by // inheriting from RefcountInterface (see below). // // TODO(jmarantz): replace this with an absl or std implementation when // available. See https://github.com/abseil/abseil-cpp/issues/344, issued June // 26, 2019, and http://wg21.link/p0406, issued 2017. Note that the turnaround // time for getting an absl API added is measurable in months, and for a std // API in years. template class RefcountPtr { public: RefcountPtr() : ptr_(nullptr) {} // Constructing a reference-counted object from a pointer; this is safe to // do when the reference-count is held in the object. For example, this code // crashes: // { // std::shared_ptr a = std::make_shared("x"); // std::shared_ptr b(a.get()); // } // whereas the analogous code for RefcountPtr works fine. RefcountPtr(T* ptr) : ptr_(ptr) { if (ptr_ != nullptr) { ptr_->incRefCount(); } } RefcountPtr(const RefcountPtr& src) : RefcountPtr(src.get()) {} // Constructor for up-casting reference-counted pointers. This doesn't change // the underlying object; it just upcasts the DerivedClass* in src.ptr_ to a // BaseClass* for assignment to this->ptr_. For usage of this to compile, // DerivedClass* must be assignable to BaseClass* without explicit casts. template RefcountPtr(const RefcountPtr& src) : RefcountPtr(src.get()) {} // Move-construction is used by absl::flat_hash_map during resizes. RefcountPtr(RefcountPtr&& src) noexcept : ptr_(src.ptr_) { src.ptr_ = nullptr; } RefcountPtr& operator=(const RefcountPtr& src) { if (&src != this && src.ptr_ != ptr_) { resetInternal(); ptr_ = src.get(); if (ptr_ != nullptr) { ptr_->incRefCount(); } } return *this; } // Move-assignment is used during std::vector resizes. RefcountPtr& operator=(RefcountPtr&& src) noexcept { if (&src != this && src.ptr_ != ptr_) { resetInternal(); ptr_ = src.ptr_; src.ptr_ = nullptr; } return *this; } ~RefcountPtr() { resetInternal(); } // Implements required subset of the shared_ptr API; // see https://en.cppreference.com/w/cpp/memory/shared_ptr for details. T* operator->() const { return ptr_; } T* get() const { return ptr_; } T& operator*() const { return *ptr_; } operator bool() const { return ptr_ != nullptr; } bool operator==(const T* ptr) const { return ptr_ == ptr; } bool operator!=(const T* ptr) const { return ptr_ != ptr; } bool operator==(const RefcountPtr& a) const { return ptr_ == a.ptr_; } bool operator!=(const RefcountPtr& a) const { return ptr_ != a.ptr_; } uint32_t use_count() const { return ptr_->use_count(); } void reset() { resetInternal(); ptr_ = nullptr; } private: // Like reset() but does not bother to clear ptr_, as it is about to be // overwritten or destroyed. void resetInternal() { if (ptr_ != nullptr && ptr_->decRefCount()) { delete ptr_; } } T* ptr_; }; template static bool operator==(std::nullptr_t, const RefcountPtr& a) { return a == nullptr; } template static bool operator!=(std::nullptr_t, const RefcountPtr& a) { return a != nullptr; } // Helper interface for classes to derive from, enabling implementation of the // three methods as part of derived classes. It is not necessary to inherit from // this interface to wrap a class in RefcountPtr; instead the class can just // implement the same method. class RefcountInterface { public: virtual ~RefcountInterface() = default; /** * Increments the reference count. */ virtual void incRefCount() PURE; /** * Decrements the reference count. * @return true if the reference count has gone to zero, so the object should be freed. */ virtual bool decRefCount() PURE; /** * @return the number of references to the object. */ virtual uint32_t use_count() const PURE; }; // Delegation helper for RefcountPtr. This can be instantiated in a class, but // explicit delegation will be needed for each of the three methods. struct RefcountHelper { // Implements the RefcountInterface API. void incRefCount() { // Note: The ++ref_count_ here and --ref_count_ below have implicit memory // orderings of sequentially consistent. Relaxed on addition and // acquire/release on subtraction is the typical use for reference // counting. On x86, the difference in instruction count is minimal, but the // savings are greater on other platforms. // // https://www.boost.org/doc/libs/1_69_0/doc/html/atomic/usage_examples.html#boost_atomic.usage_examples.example_reference_counters ++ref_count_; } bool decRefCount() { ASSERT(ref_count_ >= 1); return --ref_count_ == 0; } uint32_t use_count() const { return ref_count_; } std::atomic ref_count_{0}; }; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/scope.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/histogram.h" #include "envoy/stats/symbol_table.h" #include "envoy/stats/tag.h" #include "absl/types/optional.h" namespace Envoy { namespace Stats { class Counter; class Gauge; class Histogram; class NullGaugeImpl; class Scope; class TextReadout; using CounterOptConstRef = absl::optional>; using GaugeOptConstRef = absl::optional>; using HistogramOptConstRef = absl::optional>; using TextReadoutOptConstRef = absl::optional>; using ScopePtr = std::unique_ptr; using ScopeSharedPtr = std::shared_ptr; template using IterateFn = std::function&)>; /** * A named scope for stats. Scopes are a grouping of stats that can be acted on as a unit if needed * (for example to free/delete all of them). */ class Scope { public: virtual ~Scope() = default; /** * Allocate a new scope. NOTE: The implementation should correctly handle overlapping scopes * that point to the same reference counted backing stats. This allows a new scope to be * gracefully swapped in while an old scope with the same name is being destroyed. * @param name supplies the scope's namespace prefix. */ virtual ScopePtr createScope(const std::string& name) PURE; /** * Deliver an individual histogram value to all registered sinks. */ virtual void deliverHistogramToSinks(const Histogram& histogram, uint64_t value) PURE; /** * Creates a Counter from the stat name. Tag extraction will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @return a counter within the scope's namespace. */ Counter& counterFromStatName(const StatName& name) { return counterFromStatNameWithTags(name, absl::nullopt); } /** * Creates a Counter from the stat name and tags. If tags are not provided, tag extraction * will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param tags optionally specified tags. * @return a counter within the scope's namespace. */ virtual Counter& counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) PURE; /** * TODO(#6667): this variant is deprecated: use counterFromStatName. * @param name The name, expressed as a string. * @return a counter within the scope's namespace. */ virtual Counter& counterFromString(const std::string& name) PURE; /** * Creates a Gauge from the stat name. Tag extraction will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param import_mode Whether hot-restart should accumulate this value. * @return a gauge within the scope's namespace. */ Gauge& gaugeFromStatName(const StatName& name, Gauge::ImportMode import_mode) { return gaugeFromStatNameWithTags(name, absl::nullopt, import_mode); } /** * Creates a Gauge from the stat name and tags. If tags are not provided, tag extraction * will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param tags optionally specified tags. * @param import_mode Whether hot-restart should accumulate this value. * @return a gauge within the scope's namespace. */ virtual Gauge& gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) PURE; /** * TODO(#6667): this variant is deprecated: use gaugeFromStatName. * @param name The name, expressed as a string. * @param import_mode Whether hot-restart should accumulate this value. * @return a gauge within the scope's namespace. */ virtual Gauge& gaugeFromString(const std::string& name, Gauge::ImportMode import_mode) PURE; /** * @return a null gauge within the scope's namespace. */ virtual NullGaugeImpl& nullGauge(const std::string& name) PURE; /** * Creates a Histogram from the stat name. Tag extraction will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param unit The unit of measurement. * @return a histogram within the scope's namespace with a particular value type. */ Histogram& histogramFromStatName(const StatName& name, Histogram::Unit unit) { return histogramFromStatNameWithTags(name, absl::nullopt, unit); } /** * Creates a Histogram from the stat name and tags. If tags are not provided, tag extraction * will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param tags optionally specified tags. * @param unit The unit of measurement. * @return a histogram within the scope's namespace with a particular value type. */ virtual Histogram& histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) PURE; /** * TODO(#6667): this variant is deprecated: use histogramFromStatName. * @param name The name, expressed as a string. * @param unit The unit of measurement. * @return a histogram within the scope's namespace with a particular value type. */ virtual Histogram& histogramFromString(const std::string& name, Histogram::Unit unit) PURE; /** * Creates a TextReadout from the stat name. Tag extraction will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @return a text readout within the scope's namespace. */ TextReadout& textReadoutFromStatName(const StatName& name) { return textReadoutFromStatNameWithTags(name, absl::nullopt); } /** * Creates a TextReadout from the stat name and tags. If tags are not provided, tag extraction * will be performed on the name. * @param name The name of the stat, obtained from the SymbolTable. * @param tags optionally specified tags. * @return a text readout within the scope's namespace. */ virtual TextReadout& textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) PURE; /** * TODO(#6667): this variant is deprecated: use textReadoutFromStatName. * @param name The name, expressed as a string. * @return a text readout within the scope's namespace. */ virtual TextReadout& textReadoutFromString(const std::string& name) PURE; /** * @param The name of the stat, obtained from the SymbolTable. * @return a reference to a counter within the scope's namespace, if it exists. */ virtual CounterOptConstRef findCounter(StatName name) const PURE; /** * @param The name of the stat, obtained from the SymbolTable. * @return a reference to a gauge within the scope's namespace, if it exists. */ virtual GaugeOptConstRef findGauge(StatName name) const PURE; /** * @param The name of the stat, obtained from the SymbolTable. * @return a reference to a histogram within the scope's namespace, if it * exists. */ virtual HistogramOptConstRef findHistogram(StatName name) const PURE; /** * @param The name of the stat, obtained from the SymbolTable. * @return a reference to a text readout within the scope's namespace, if it exists. */ virtual TextReadoutOptConstRef findTextReadout(StatName name) const PURE; /** * @return a reference to the symbol table. */ virtual const SymbolTable& constSymbolTable() const PURE; virtual SymbolTable& symbolTable() PURE; /** * Calls 'fn' for every counter. Note that in the case of overlapping scopes, * the implementation may call fn more than one time for each counter. Iteration * stops if `fn` returns false; * * @param fn Function to be run for every counter, or until fn return false. * @return false if fn(counter) return false during iteration, true if every counter was hit. */ virtual bool iterate(const IterateFn& fn) const PURE; /** * Calls 'fn' for every gauge. Note that in the case of overlapping scopes, * the implementation may call fn more than one time for each gauge. Iteration * stops if `fn` returns false; * * @param fn Function to be run for every gauge, or until fn return false. * @return false if fn(gauge) return false during iteration, true if every gauge was hit. */ virtual bool iterate(const IterateFn& fn) const PURE; /** * Calls 'fn' for every histogram. Note that in the case of overlapping * scopes, the implementation may call fn more than one time for each * histogram. Iteration stops if `fn` returns false; * * @param fn Function to be run for every histogram, or until fn return false. * @return false if fn(histogram) return false during iteration, true if every histogram was hit. */ virtual bool iterate(const IterateFn& fn) const PURE; /** * Calls 'fn' for every text readout. Note that in the case of overlapping * scopes, the implementation may call fn more than one time for each * text readout. Iteration stops if `fn` returns false; * * @param fn Function to be run for every text readout, or until fn return false. * @return false if fn(text_readout) return false during iteration, true if every text readout * was hit. */ virtual bool iterate(const IterateFn& fn) const PURE; }; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/sink.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" namespace Envoy { namespace Stats { class Histogram; class MetricSnapshot { public: struct CounterSnapshot { uint64_t delta_; std::reference_wrapper counter_; }; virtual ~MetricSnapshot() = default; /** * @return a snapshot of all counters with pre-latched deltas. */ virtual const std::vector& counters() PURE; /** * @return a snapshot of all gauges. */ virtual const std::vector>& gauges() PURE; /** * @return a snapshot of all histograms. */ virtual const std::vector>& histograms() PURE; /** * @return a snapshot of all text readouts. */ virtual const std::vector>& textReadouts() PURE; }; /** * A sink for stats. Each sink is responsible for writing stats to a backing store. */ class Sink { public: virtual ~Sink() = default; /** * Periodic metric flush to the sink. * @param snapshot interface through which the sink can access all metrics being flushed. */ virtual void flush(MetricSnapshot& snapshot) PURE; /** * Flush a single histogram sample. Note: this call is called synchronously as a part of recording * the metric, so implementations must be thread-safe. * @param histogram the histogram that this sample applies to. * @param value the value of the sample. */ virtual void onHistogramComplete(const Histogram& histogram, uint64_t value) PURE; }; using SinkPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/stats.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/refcount_ptr.h" #include "envoy/stats/symbol_table.h" #include "envoy/stats/tag.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * General interface for all stats objects. */ class Metric : public RefcountInterface { public: ~Metric() override = default; /** * Returns the full name of the Metric. This is intended for most uses, such * as streaming out the name to a stats sink or admin request, or comparing * against it in a test. Independent of the evolution of the data * representation for the name, this method will be available. For storing the * name as a map key, however, nameCStr() is a better choice, albeit one that * might change in the future to return a symbolized representation of the * elaborated string. */ virtual std::string name() const PURE; /** * Returns the full name of the Metric as an encoded array of symbols. */ virtual StatName statName() const PURE; /** * Returns a vector of configurable tags to identify this Metric. */ virtual TagVector tags() const PURE; /** * See a more detailed description in tagExtractedStatName(), which is the * preferred API to use when feasible. This API needs to compose the * std::string on the fly, and return it by value. * * @return The stat name with all tag values extracted, as a std::string. */ virtual std::string tagExtractedName() const PURE; /** * Returns the name of the Metric with the portions designated as tags removed * as a string. For example, The stat name "vhost.foo.vcluster.bar.c1" would * have "foo" extracted as the value of tag "vhost" and "bar" extracted as the * value of tag "vcluster". Thus the tagExtractedName is simply * "vhost.vcluster.c1". * * @return the name of the Metric with the portions designated as tags * removed. */ virtual StatName tagExtractedStatName() const PURE; // Function to be called from iterateTagStatNames passing name and value as StatNames. using TagStatNameIterFn = std::function; /** * Iterates over all tags, calling a functor for each name/value pair. The * functor can return 'true' to continue or 'false' to stop the * iteration. * * @param fn The functor to call for StatName pair. */ virtual void iterateTagStatNames(const TagStatNameIterFn& fn) const PURE; // Function to be called from iterateTags passing name and value as const Tag&. using TagIterFn = std::function; /** * Indicates whether this metric has been updated since the server was started. */ virtual bool used() const PURE; /** * Flags: * Used: used by all stats types to figure out whether they have been used. * Logic...: used by gauges to cache how they should be combined with a parent's value. */ struct Flags { static const uint8_t Used = 0x01; static const uint8_t LogicAccumulate = 0x02; static const uint8_t NeverImport = 0x04; }; virtual SymbolTable& symbolTable() PURE; virtual const SymbolTable& constSymbolTable() const PURE; }; /** * An always incrementing counter with latching capability. Each increment is added both to a * global counter as well as periodic counter. Calling latch() returns the periodic counter and * clears it. */ class Counter : public Metric { public: ~Counter() override = default; virtual void add(uint64_t amount) PURE; virtual void inc() PURE; virtual uint64_t latch() PURE; virtual void reset() PURE; virtual uint64_t value() const PURE; }; using CounterSharedPtr = RefcountPtr; /** * A gauge that can both increment and decrement. */ class Gauge : public Metric { public: enum class ImportMode { Uninitialized, // Gauge was discovered during hot-restart transfer. NeverImport, // On hot-restart, each process starts with gauge at 0. Accumulate, // Transfers gauge state on hot-restart. }; ~Gauge() override = default; virtual void add(uint64_t amount) PURE; virtual void dec() PURE; virtual void inc() PURE; virtual void set(uint64_t value) PURE; virtual void sub(uint64_t amount) PURE; virtual uint64_t value() const PURE; /** * Sets a value from a hot-restart parent. This parent contribution must be * kept distinct from the child value, so that when we erase the value it * is not commingled with the child value, which may have been set() directly. * * @param parent_value the value from the hot-restart parent. */ virtual void setParentValue(uint64_t parent_value) PURE; /** * @return the import mode, dictating behavior of the gauge across hot restarts. */ virtual ImportMode importMode() const PURE; /** * Gauges can be created with ImportMode::Uninitialized during hot-restart * merges, if they haven't yet been instantiated by the child process. When * they finally get instantiated, mergeImportMode should be called to * initialize the gauge's import mode. It is only valid to call * mergeImportMode when the current mode is ImportMode::Uninitialized. * * @param import_mode the new import mode. */ virtual void mergeImportMode(ImportMode import_mode) PURE; }; using GaugeSharedPtr = RefcountPtr; /** * A string, possibly non-ASCII. */ class TextReadout : public virtual Metric { public: // Text readout type is used internally to disambiguate isolated store // constructors. In the future we can extend it to specify text encoding or // some such. enum class Type { Default, // No particular meaning. }; ~TextReadout() override = default; /** * Sets the value of this TextReadout by moving the input |value| to minimize * buffer copies under the lock. */ virtual void set(absl::string_view value) PURE; /** * @return the copy of this TextReadout value. */ virtual std::string value() const PURE; }; using TextReadoutSharedPtr = RefcountPtr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/stats_macros.h ================================================ #pragma once #include #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" namespace Envoy { /** * These are helper macros for allocating "fixed" stats throughout the code base in a way that * is also easy to mock and test. The general flow looks like this: * * Define a block of stats like this: * #define MY_COOL_STATS(COUNTER, GAUGE, HISTOGRAM) \ * COUNTER(counter1) \ * GAUGE(gauge1, mode) \ * HISTOGRAM(histogram1, unit) * ... * * By convention, starting with #7083, we sort the lines of this macro block, so * all the counters are grouped together, then all the gauges, etc. We do not * use clang-format-on/off etc. "./tools/code_format/check_format.py fix" will take care of * lining up the backslashes. * * Now actually put these stats somewhere, usually as a member of a struct: * struct MyCoolStats { * MY_COOL_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) * }; * * Finally, when you want to actually instantiate the above struct using a Stats::Pool, you do: * MyCoolStats stats{ * MY_COOL_STATS(POOL_COUNTER(...), POOL_GAUGE(...), POOL_HISTOGRAM(...))}; */ // Fully-qualified for use in external callsites. #define GENERATE_COUNTER_STRUCT(NAME) Envoy::Stats::Counter& NAME##_; #define GENERATE_GAUGE_STRUCT(NAME, MODE) Envoy::Stats::Gauge& NAME##_; #define GENERATE_HISTOGRAM_STRUCT(NAME, UNIT) Envoy::Stats::Histogram& NAME##_; #define GENERATE_TEXT_READOUT_STRUCT(NAME) Envoy::Stats::TextReadout& NAME##_; #define FINISH_STAT_DECL_(X) #X)), #define FINISH_STAT_DECL_MODE_(X, MODE) #X), Envoy::Stats::Gauge::ImportMode::MODE), #define FINISH_STAT_DECL_UNIT_(X, UNIT) #X), Envoy::Stats::Histogram::Unit::UNIT), static inline std::string statPrefixJoin(absl::string_view prefix, absl::string_view token) { if (prefix.empty()) { return std::string(token); } else if (absl::EndsWith(prefix, ".")) { // TODO(jmarantz): eliminate this case -- remove all the trailing dots from prefixes. return absl::StrCat(prefix, token); } return absl::StrCat(prefix, ".", token); } #define POOL_COUNTER_PREFIX(POOL, PREFIX) (POOL).counterFromString(Envoy::statPrefixJoin(PREFIX, FINISH_STAT_DECL_ #define POOL_GAUGE_PREFIX(POOL, PREFIX) (POOL).gaugeFromString(Envoy::statPrefixJoin(PREFIX, FINISH_STAT_DECL_MODE_ #define POOL_HISTOGRAM_PREFIX(POOL, PREFIX) (POOL).histogramFromString(Envoy::statPrefixJoin(PREFIX, FINISH_STAT_DECL_UNIT_ #define POOL_TEXT_READOUT_PREFIX(POOL, PREFIX) (POOL).textReadoutFromString(Envoy::statPrefixJoin(PREFIX, FINISH_STAT_DECL_ #define POOL_COUNTER(POOL) POOL_COUNTER_PREFIX(POOL, "") #define POOL_GAUGE(POOL) POOL_GAUGE_PREFIX(POOL, "") #define POOL_HISTOGRAM(POOL) POOL_HISTOGRAM_PREFIX(POOL, "") #define POOL_TEXT_READOUT(POOL) POOL_TEXT_READOUT_PREFIX(POOL, "") #define NULL_STAT_DECL_(X) std::string(#X)), #define NULL_STAT_DECL_IGNORE_MODE_(X, MODE) std::string(#X)), #define NULL_POOL_GAUGE(POOL) (POOL).nullGauge(NULL_STAT_DECL_IGNORE_MODE_ } // namespace Envoy ================================================ FILE: include/envoy/stats/stats_matcher.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Stats { class StatsMatcher { public: virtual ~StatsMatcher() = default; /** * Take a metric name and report whether or not it should be instantiated. * @param the name of a Stats::Metric. * @return bool true if that stat should not be instantiated. */ virtual bool rejects(const std::string& name) const PURE; /** * Helps determine whether the matcher needs to be called. This can be used * to short-circuit elaboration of stats names. * * @return bool whether StatsMatcher can be statically determined to accept * all stats. It's possible to construct a matcher where * acceptsAll() returns false, but rejects() is always false. */ virtual bool acceptsAll() const PURE; /** * Helps determine whether the matcher needs to be called. This can be used * to short-circuit elaboration of stats names. * * @return bool whether StatsMatcher can be statically determined to reject * all stats. It's possible to construct a matcher where * rejectsAll() returns false, but rejects() is always true. */ virtual bool rejectsAll() const PURE; }; using StatsMatcherPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/store.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/histogram.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_matcher.h" #include "envoy/stats/tag_producer.h" namespace Envoy { namespace Event { class Dispatcher; } namespace ThreadLocal { class Instance; } namespace Stats { class Sink; /** * A store for all known counters, gauges, and timers. */ class Store : public Scope { public: /** * @return a list of all known counters. */ virtual std::vector counters() const PURE; /** * @return a list of all known gauges. */ virtual std::vector gauges() const PURE; /** * @return a list of all known text readouts. */ virtual std::vector textReadouts() const PURE; /** * @return a list of all known histograms. */ virtual std::vector histograms() const PURE; }; using StorePtr = std::unique_ptr; /** * Callback invoked when a store's mergeHistogram() runs. */ using PostMergeCb = std::function; /** * The root of the stat store. */ class StoreRoot : public Store { public: /** * Add a sink that is used for stat flushing. */ virtual void addSink(Sink& sink) PURE; /** * Set the given tag producer to control tags. */ virtual void setTagProducer(TagProducerPtr&& tag_producer) PURE; /** * Attach a StatsMatcher to this StoreRoot to prevent the initialization of stats according to * some ruleset. * @param stats_matcher a StatsMatcher to attach to this StoreRoot. */ virtual void setStatsMatcher(StatsMatcherPtr&& stats_matcher) PURE; /** * Attach a HistogramSettings to this StoreRoot to generate histogram configurations * according to some ruleset. */ virtual void setHistogramSettings(HistogramSettingsConstPtr&& histogram_settings) PURE; /** * Initialize the store for threading. This will be called once after all worker threads have * been initialized. At this point the store can initialize itself for multi-threaded operation. */ virtual void initializeThreading(Event::Dispatcher& main_thread_dispatcher, ThreadLocal::Instance& tls) PURE; /** * Shutdown threading support in the store. This is called once when the server is about to shut * down. */ virtual void shutdownThreading() PURE; /** * Called during the flush process to merge all the thread local histograms. The passed in * callback will be called on the main thread, but it will happen after the method returns * which means that the actual flush process will happen on the main thread after this method * returns. It is expected that only one merge runs at any time and concurrent calls to this * method would be asserted. */ virtual void mergeHistograms(PostMergeCb merge_complete_cb) PURE; }; using StoreRootPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/symbol_table.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Runtime representation of an encoded stat name. This is predeclared only in * the interface without abstract methods, because (a) the underlying class * representation is common to both implementations of SymbolTable, and (b) * we do not want or need the overhead of a vptr per StatName. The common * declaration for StatName is in source/common/stats/symbol_table_impl.h */ class StatName; using StatNameVec = absl::InlinedVector; class StatNameList; class StatNameSet; using StatNameSetPtr = std::unique_ptr; /** * Holds a range of indexes indicating which parts of a stat-name are * dynamic. This is used to transfer stats from hot-restart parent to child, * retaining the same name structure. */ using DynamicSpan = std::pair; using DynamicSpans = std::vector; /** * SymbolTable manages a namespace optimized for stat names, exploiting their * typical composition from "."-separated tokens, with a significant overlap * between the tokens. The interface is designed to balance optimal storage * at scale with hiding details from users. We seek to provide the most abstract * interface possible that avoids adding per-stat overhead or taking locks in * the hot path. */ class SymbolTable { public: /** * Efficient byte-encoded storage of an array of tokens. The most common * tokens are typically < 127, and are represented directly. tokens >= 128 * spill into the next byte, allowing for tokens of arbitrary numeric value to * be stored. As long as the most common tokens are low-valued, the * representation is space-efficient. This scheme is similar to UTF-8. The * token ordering is dependent on the order in which stat-names are encoded * into the SymbolTable, which will not be optimal, but in practice appears * to be pretty good. * * This is exposed in the interface for the benefit of join(), which which is * used in the hot-path to append two stat-names into a temp without taking * locks. This is used then in thread-local cache lookup, so that once warm, * no locks are taken when looking up stats. */ using Storage = uint8_t[]; using StoragePtr = std::unique_ptr; virtual ~SymbolTable() = default; /** * @return uint64_t the number of symbols in the symbol table. */ virtual uint64_t numSymbols() const PURE; /** * Decodes a vector of symbols back into its period-delimited stat name. If * decoding fails on any part of the symbol_vec, we release_assert and crash, * since this should never happen, and we don't want to continue running * with a corrupt stats set. * * @param stat_name the stat name. * @return std::string stringified stat_name. */ virtual std::string toString(const StatName& stat_name) const PURE; /** * Determines whether one StatName lexically precedes another. Note that * the lexical order may not exactly match the lexical order of the * elaborated strings. For example, stat-name of "-.-" would lexically * sort after "---" but when encoded as a StatName would come lexically * earlier. In practice this is unlikely to matter as those are not * reasonable names for Envoy stats. * * Note that this operation has to be performed with the context of the * SymbolTable so that the individual Symbol objects can be converted * into strings for lexical comparison. * * @param a the first stat name * @param b the second stat name * @return bool true if a lexically precedes b. */ virtual bool lessThan(const StatName& a, const StatName& b) const PURE; /** * Joins two or more StatNames. For example if we have StatNames for {"a.b", * "c.d", "e.f"} then the joined stat-name matches "a.b.c.d.e.f". The * advantage of using this representation is that it avoids having to * decode/encode into the elaborated form, and does not require locking the * SymbolTable. * * Note that this method does not bump reference counts on the referenced * Symbols in the SymbolTable, so it's only valid as long for the lifetime of * the joined StatNames. * * This is intended for use doing cached name lookups of scoped stats, where * the scope prefix and the names to combine it with are already in StatName * form. Using this class, they can be combined without accessing the * SymbolTable or, in particular, taking its lock. * * @param stat_names the names to join. * @return Storage allocated for the joined name. */ virtual StoragePtr join(const StatNameVec& stat_names) const PURE; /** * Populates a StatNameList from a list of encodings. This is not done at * construction time to enable StatNameList to be instantiated directly in * a class that doesn't have a live SymbolTable when it is constructed. * * @param names A pointer to the first name in an array, allocated by the caller. * @param num_names The number of names. * @param symbol_table The symbol table in which to encode the names. */ virtual void populateList(const StatName* names, uint32_t num_names, StatNameList& list) PURE; #ifndef ENVOY_CONFIG_COVERAGE virtual void debugPrint() const PURE; #endif /** * Calls the provided function with a string-view representation of the * elaborated name. This is useful during the interim period when we * are using FakeSymbolTableImpl, to avoid an extra allocation. Once * we migrate to using SymbolTableImpl, this interface will no longer * be helpful and can be removed. The reason it's useful now is that * it makes up, in part, for some extra runtime overhead that is spent * on the SymbolTable abstraction and API, without getting full benefit * from the improved representation. * * TODO(#6307): Remove this when the transition from FakeSymbolTableImpl to * SymbolTableImpl is complete. * * @param stat_name The stat name. * @param fn The function to call with the elaborated stat name as a string_view. */ virtual void callWithStringView(StatName stat_name, const std::function& fn) const PURE; using RecentLookupsFn = std::function; /** * Calls the provided function with the name of the most recently looked-up * symbols, including lookups on any StatNameSets, and with a count of * the recent lookups on that symbol. * * @param iter the function to call for every recent item. */ virtual uint64_t getRecentLookups(const RecentLookupsFn& iter) const PURE; /** * Clears the recent-lookups structures. */ virtual void clearRecentLookups() PURE; /** * Sets the recent-lookup capacity. */ virtual void setRecentLookupCapacity(uint64_t capacity) PURE; /** * @return The configured recent-lookup tracking capacity. */ virtual uint64_t recentLookupCapacity() const PURE; /** * Creates a StatNameSet. * * @param name the name of the set. * @return the set. */ virtual StatNameSetPtr makeSet(absl::string_view name) PURE; /** * Identifies the dynamic components of a stat_name into an array of integer * pairs, indicating the begin/end of spans of tokens in the stat-name that * are created from StatNameDynamicStore or StatNameDynamicPool. * * This can be used to reconstruct the same exact StatNames in * StatNames::mergeStats(), to enable stat continuity across hot-restart. * * @param stat_name the input stat name. * @return the array of pairs indicating the bounds. */ virtual DynamicSpans getDynamicSpans(StatName stat_name) const PURE; private: friend struct HeapStatData; friend class StatNameDynamicStorage; friend class StatNameStorage; friend class StatNameList; friend class StatNameSet; // The following methods are private, but are called by friend classes // StatNameStorage and StatNameList, which must be friendly with SymbolTable // in order to manage the reference-counted symbols they own. /** * Since SymbolTable does manual reference counting, a client of SymbolTable * must manually call free(symbol_vec) when it is freeing the backing store * for a StatName. This way, the symbol table will grow and shrink * dynamically, instead of being write-only. * * @param stat_name the stat name. */ virtual void free(const StatName& stat_name) PURE; /** * StatName backing-store can be managed by callers in a variety of ways * to minimize overhead. But any persistent reference to a StatName needs * to hold onto its own reference-counts for all symbols. This method * helps callers ensure the symbol-storage is maintained for the lifetime * of a reference. * * @param stat_name the stat name. */ virtual void incRefCount(const StatName& stat_name) PURE; /** * Encodes 'name' into the symbol table. Bumps reference counts for referenced * symbols. The caller must manage the storage, and is responsible for calling * SymbolTable::free() to release the reference counts. * * @param name The name to encode. * @return The encoded name, transferring ownership to the caller. * */ virtual StoragePtr encode(absl::string_view name) PURE; virtual StoragePtr makeDynamicStorage(absl::string_view name) PURE; }; using SymbolTablePtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/tag.h ================================================ #pragma once #include #include "envoy/stats/symbol_table.h" #include "absl/types/optional.h" namespace Envoy { namespace Stats { /** * General representation of a tag. */ struct Tag { std::string name_; std::string value_; bool operator==(const Tag& other) const { return other.name_ == name_ && other.value_ == value_; }; }; using TagVector = std::vector; using StatNameTag = std::pair; using StatNameTagVector = std::vector; using StatNameTagVectorOptConstRef = absl::optional>; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/tag_extractor.h ================================================ #pragma once #include #include #include #include "envoy/common/interval_set.h" #include "envoy/common/pure.h" #include "envoy/stats/tag.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Class to extract tags from the stat names. */ class TagExtractor { public: virtual ~TagExtractor() = default; /** * Identifier for the tag extracted by this object. */ virtual std::string name() const PURE; /** * Finds tags for stat_name and adds them to the tags vector. If the tag is not * represented in the name, the tags vector will remain unmodified. Also finds the * character indexes for the tags in stat_name and adds them to remove_characters (an * in/out arg). Returns true if a tag-match was found. The characters removed from the * name may be different from the values put into the tag vector for readability * purposes. Note: The extraction process is expected to be run iteratively, aggregating * the character intervals to be removed from the name after all the tag extractions are * complete. This approach simplifies the tag searching process because without mutations, * the tag extraction will be order independent, apart from the order of the tag array. * @param stat_name name from which the tag will be extracted if found to exist. * @param tags list of tags updated with the tag name and value if found in the name. * @param remove_characters set of intervals of character-indices to be removed from name. * @return bool indicates whether a tag was found in the name. */ virtual bool extractTag(absl::string_view stat_name, TagVector& tags, IntervalSet& remove_characters) const PURE; /** * Finds a prefix string associated with the matching criteria owned by the * extractor. This is used to reduce the number of extractors required for * processing each stat, by pulling the first "."-separated token on the tag. * * If a prefix cannot be extracted, an empty string_view is returned, and the * matcher must be applied on all inputs. * * The storage for the prefix is owned by the TagExtractor. * * @return absl::string_view the prefix, or an empty string_view if none was found. */ virtual absl::string_view prefixToken() const PURE; }; using TagExtractorPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/tag_producer.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/stats/tag.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { class TagProducer { public: virtual ~TagProducer() = default; /** * Take a metric name and a vector then add proper tags into the vector and * return an extracted metric name. The tags array will be populated with * name/value pairs extracted from the full metric name, using the regular * expressions in source/common/config/well_known_names.cc. For example, the * stat name "vhost.foo.vcluster.bar.c1" would have "foo" extracted as the * value of tag "vhost" and "bar" extracted as the value of tag * "vcluster", so this will populate tags with {"vhost", "foo"} and * {"vcluster", "bar"}, and return "vhost.vcluster.c1". * * @param metric_name std::string a name of Stats::Metric (Counter, Gauge, Histogram). * @param tags TagVector a set of Stats::Tag. */ virtual std::string produceTags(absl::string_view metric_name, TagVector& tags) const PURE; }; using TagProducerPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stats/timespan.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Stats { /** * An abstraction of timespan which can be completed. */ class CompletableTimespan { public: virtual ~CompletableTimespan() = default; /** * Time elapsed since the creation of the timespan. */ virtual std::chrono::milliseconds elapsed() const PURE; /** * Complete the timespan. */ virtual void complete() PURE; }; using Timespan = CompletableTimespan; using TimespanPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: include/envoy/stream_info/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "stream_info_interface", hdrs = ["stream_info.h"], external_deps = ["abseil_optional"], deps = [ ":filter_state_interface", "//include/envoy/common:time_interface", "//include/envoy/http:header_map_interface", "//include/envoy/http:protocol_interface", "//include/envoy/http:request_id_extension_interface", "//include/envoy/ssl:connection_interface", "//include/envoy/upstream:host_description_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/common/singleton:const_singleton", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_state_interface", hdrs = ["filter_state.h"], external_deps = ["abseil_optional"], deps = [ "//source/common/common:utility_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "uint32_accessor_interface", hdrs = ["uint32_accessor.h"], deps = [ ":filter_state_interface", ], ) ================================================ FILE: include/envoy/stream_info/filter_state.h ================================================ #pragma once #include #include #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/protobuf/protobuf.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace StreamInfo { class FilterState; using FilterStateSharedPtr = std::shared_ptr; /** * FilterState represents dynamically generated information regarding a stream (TCP or HTTP level) * or a connection by various filters in Envoy. FilterState can be write-once or write-many. */ class FilterState { public: enum class StateType { ReadOnly, Mutable }; // Objects stored in the FilterState may have different life span. Life span is what controls // how long an object stored in FilterState lives. Implementation of this interface actually // stores objects in a (reverse) tree manner - multiple FilterStateImpl with shorter life span may // share the same FilterStateImpl as parent, which may recursively share parent with other // FilterStateImpl at the same life span. This interface is supposed to be accessed at the leaf // level (FilterChain) for objects with any desired longer life span. // // - FilterChain has the shortest life span, which is as long as the filter chain lives. // // - Request is longer than FilterChain. When internal redirect is enabled, one // downstream request may create multiple filter chains. Request allows an object to // survive across filter chains for bookkeeping needs. This is not used for the upstream case. // // - Connection makes an object survive the entire duration of a connection. // Any stream within this connection can see the same object. // // Note that order matters in this enum because it's assumed that life span grows as enum number // grows. enum LifeSpan { FilterChain, Request, Connection, TopSpan = Connection }; class Object { public: virtual ~Object() = default; /** * @return Protobuf::MessagePtr an unique pointer to the proto serialization of the filter * state. If returned message type is ProtobufWkt::Any it will be directly used in protobuf * logging. nullptr if the filter state cannot be serialized or serialization is not supported. */ virtual ProtobufTypes::MessagePtr serializeAsProto() const { return nullptr; } /** * @return absl::optional a optional string to the serialization of the filter * state. No value if the filter state cannot be serialized or serialization is not supported. * This method can be used to get an unstructured serialization result. */ virtual absl::optional serializeAsString() const { return absl::nullopt; } }; virtual ~FilterState() = default; /** * @param data_name the name of the data being set. * @param data an owning pointer to the data to be stored. * @param state_type indicates whether the object is mutable or not. * @param life_span indicates the life span of the object: bound to the filter chain, a * request, or a connection. * * Note that it is an error to call setData() twice with the same * data_name, if the existing object is immutable. Similarly, it is an * error to call setData() with same data_name but different state_types * (mutable and readOnly, or readOnly and mutable) or different life_span. * This is to enforce a single authoritative source for each piece of * data stored in FilterState. */ virtual void setData(absl::string_view data_name, std::shared_ptr data, StateType state_type, LifeSpan life_span = LifeSpan::FilterChain) PURE; /** * @param data_name the name of the data being looked up (mutable/readonly). * @return a const reference to the stored data. * An exception will be thrown if the data does not exist. This function * will fail if the data stored under |data_name| cannot be dynamically * cast to the type specified. */ template const T& getDataReadOnly(absl::string_view data_name) const { const T* result = dynamic_cast(getDataReadOnlyGeneric(data_name)); if (!result) { ExceptionUtil::throwEnvoyException( fmt::format("Data stored under {} cannot be coerced to specified type", data_name)); } return *result; } /** * @param data_name the name of the data being looked up (mutable/readonly). * @return a const reference to the stored data. * An exception will be thrown if the data does not exist. */ virtual const Object* getDataReadOnlyGeneric(absl::string_view data_name) const PURE; /** * @param data_name the name of the data being looked up (mutable only). * @return a non-const reference to the stored data if and only if the * underlying data is mutable. * An exception will be thrown if the data does not exist or if it is * immutable. This function will fail if the data stored under * |data_name| cannot be dynamically cast to the type specified. */ template T& getDataMutable(absl::string_view data_name) { T* result = dynamic_cast(getDataMutableGeneric(data_name)); if (!result) { ExceptionUtil::throwEnvoyException( fmt::format("Data stored under {} cannot be coerced to specified type", data_name)); } return *result; } /** * @param data_name the name of the data being probed. * @return Whether data of the type and name specified exists in the * data store. */ template bool hasData(absl::string_view data_name) const { return (hasDataWithName(data_name) && (dynamic_cast(getDataReadOnlyGeneric(data_name)) != nullptr)); } /** * @param data_name the name of the data being probed. * @return Whether data of any type and the name specified exists in the * data store. */ virtual bool hasDataWithName(absl::string_view data_name) const PURE; /** * @param life_span the LifeSpan above which data existence is checked. * @return whether data of any type exist with LifeSpan greater than life_span. */ virtual bool hasDataAtOrAboveLifeSpan(LifeSpan life_span) const PURE; /** * @return the LifeSpan of objects stored by this instance. Objects with * LifeSpan longer than this are handled recursively. */ virtual LifeSpan lifeSpan() const PURE; /** * @return the pointer of the parent FilterState that has longer life span. nullptr means this is * either the top LifeSpan or the parent is not yet created. */ virtual FilterStateSharedPtr parent() const PURE; protected: virtual Object* getDataMutableGeneric(absl::string_view data_name) PURE; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: include/envoy/stream_info/stream_info.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/header_map.h" #include "envoy/http/protocol.h" #include "envoy/http/request_id_extension.h" #include "envoy/ssl/connection.h" #include "envoy/stream_info/filter_state.h" #include "envoy/upstream/host_description.h" #include "common/common/assert.h" #include "common/protobuf/protobuf.h" #include "common/singleton/const_singleton.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { class RouteEntry; } // namespace Router namespace Upstream { class ClusterInfo; using ClusterInfoConstSharedPtr = std::shared_ptr; } // namespace Upstream namespace StreamInfo { enum ResponseFlag { // Local server healthcheck failed. FailedLocalHealthCheck = 0x1, // No healthy upstream. NoHealthyUpstream = 0x2, // Request timeout on upstream. UpstreamRequestTimeout = 0x4, // Local codec level reset was sent on the stream. LocalReset = 0x8, // Remote codec level reset was received on the stream. UpstreamRemoteReset = 0x10, // Local reset by a connection pool due to an initial connection failure. UpstreamConnectionFailure = 0x20, // If the stream was locally reset due to connection termination. UpstreamConnectionTermination = 0x40, // The stream was reset because of a resource overflow. UpstreamOverflow = 0x80, // No route found for a given request. NoRouteFound = 0x100, // Request was delayed before proxying. DelayInjected = 0x200, // Abort with error code was injected. FaultInjected = 0x400, // Request was ratelimited locally by rate limit filter. RateLimited = 0x800, // Request was unauthorized by external authorization service. UnauthorizedExternalService = 0x1000, // Unable to call Ratelimit service. RateLimitServiceError = 0x2000, // If the stream was reset due to a downstream connection termination. DownstreamConnectionTermination = 0x4000, // Exceeded upstream retry limit. UpstreamRetryLimitExceeded = 0x8000, // Request hit the stream idle timeout, triggering a 408. StreamIdleTimeout = 0x10000, // Request specified x-envoy-* header values that failed strict header checks. InvalidEnvoyRequestHeaders = 0x20000, // Downstream request had an HTTP protocol error DownstreamProtocolError = 0x40000, // Upstream request reached to user defined max stream duration. UpstreamMaxStreamDurationReached = 0x80000, // True if the response was served from an Envoy cache filter. ResponseFromCacheFilter = 0x100000, // Filter config was not received within the permitted warming deadline. NoFilterConfigFound = 0x200000, // Request or connection exceeded the downstream connection duration. DurationTimeout = 0x400000, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST FLAG. LastFlag = DurationTimeout }; /** * Constants for the response code details field of StreamInfo for details sent * by core (non-extension) code. * * These provide details about the stream state such as whether the * response is from the upstream or from envoy (in case of a local reply). * Custom extensions can define additional values provided they are appropriately * scoped to avoid collisions. */ struct ResponseCodeDetailValues { // Response code was set by the upstream. const std::string ViaUpstream = "via_upstream"; // Envoy is doing non-streaming proxying, and the request payload exceeded // configured limits. const std::string RequestPayloadTooLarge = "request_payload_too_large"; // Envoy is doing non-streaming proxying, and the response payload exceeded // configured limits. const std::string ResponsePayloadTooLarge = "response_payload_too_large"; // Envoy is doing streaming proxying, but too much data arrived while waiting // to attempt a retry. const std::string RequestPayloadExceededRetryBufferLimit = "request_payload_exceeded_retry_buffer_limit"; // Envoy is doing non-streaming proxying, and the response payload exceeded // configured limits. const std::string ResponsePayloadTooLArge = "response_payload_too_large"; // The per-stream keepalive timeout was exceeded. const std::string StreamIdleTimeout = "stream_idle_timeout"; // The per-stream max duration timeout was exceeded. const std::string MaxDurationTimeout = "max_duration_timeout"; // The per-stream total request timeout was exceeded. const std::string RequestOverallTimeout = "request_overall_timeout"; // The request was rejected due to the Overload Manager reaching configured resource limits. const std::string Overload = "overload"; // The HTTP/1.0 or HTTP/0.9 request was rejected due to HTTP/1.0 support not being configured. const std::string LowVersion = "low_version"; // The request was rejected due to a missing Host: or :authority field. const std::string MissingHost = "missing_host_header"; // The request was rejected due to x-envoy-* headers failing strict header validation. const std::string InvalidEnvoyRequestHeaders = "request_headers_failed_strict_check"; // The request was rejected due to a missing Path or :path header field. const std::string MissingPath = "missing_path_rejected"; // The request was rejected due to using an absolute path on a route not supporting them. const std::string AbsolutePath = "absolute_path_rejected"; // The request was rejected because path normalization was configured on and failed, probably due // to an invalid path. const std::string PathNormalizationFailed = "path_normalization_failed"; // The request was rejected because it attempted an unsupported upgrade. const std::string UpgradeFailed = "upgrade_failed"; // The request was rejected by the HCM because there was no route configuration found. const std::string RouteConfigurationNotFound = "route_configuration_not_found"; // The request was rejected by the router filter because there was no route found. const std::string RouteNotFound = "route_not_found"; // A direct response was generated by the router filter. const std::string DirectResponse = "direct_response"; // The request was rejected by the router filter because there was no cluster found for the // selected route. const std::string ClusterNotFound = "cluster_not_found"; // The request was rejected by the router filter because the cluster was in maintenance mode. const std::string MaintenanceMode = "maintenance_mode"; // The request was rejected by the router filter because there was no healthy upstream found. const std::string NoHealthyUpstream = "no_healthy_upstream"; // The upstream response timed out. const std::string UpstreamTimeout = "upstream_response_timeout"; // The final upstream try timed out. const std::string UpstreamPerTryTimeout = "upstream_per_try_timeout"; // The request was destroyed because of user defined max stream duration. const std::string UpstreamMaxStreamDurationReached = "upstream_max_stream_duration_reached"; // The upstream connection was reset before a response was started. This // will generally be accompanied by details about why the reset occurred. const std::string EarlyUpstreamReset = "upstream_reset_before_response_started"; // The upstream connection was reset after a response was started. This // will generally be accompanied by details about why the reset occurred but // indicates that original "success" headers may have been sent downstream // despite the subsequent failure. const std::string LateUpstreamReset = "upstream_reset_after_response_started"; // The request was rejected due to no matching filter chain. const std::string FilterChainNotFound = "filter_chain_not_found"; // The client disconnected unexpectedly. const std::string DownstreamRemoteDisconnect = "downstream_remote_disconnect"; // The client connection was locally closed for an unspecified reason. const std::string DownstreamLocalDisconnect = "downstream_local_disconnect"; // The max connection duration was exceeded. const std::string DurationTimeout = "duration_timeout"; // The response was generated by the admin filter. const std::string AdminFilterResponse = "admin_filter_response"; // The original stream was replaced with an internal redirect. const std::string InternalRedirect = "internal_redirect"; // Changes or additions to details should be reflected in // docs/root/configuration/http/http_conn_man/response_code_details_details.rst }; using ResponseCodeDetails = ConstSingleton; struct UpstreamTiming { /** * Sets the time when the first byte of the request was sent upstream. */ void onFirstUpstreamTxByteSent(TimeSource& time_source) { ASSERT(!first_upstream_tx_byte_sent_); first_upstream_tx_byte_sent_ = time_source.monotonicTime(); } /** * Sets the time when the first byte of the response is received from upstream. */ void onLastUpstreamTxByteSent(TimeSource& time_source) { ASSERT(!last_upstream_tx_byte_sent_); last_upstream_tx_byte_sent_ = time_source.monotonicTime(); } /** * Sets the time when the last byte of the response is received from upstream. */ void onFirstUpstreamRxByteReceived(TimeSource& time_source) { ASSERT(!first_upstream_rx_byte_received_); first_upstream_rx_byte_received_ = time_source.monotonicTime(); } /** * Sets the time when the last byte of the request was sent upstream. */ void onLastUpstreamRxByteReceived(TimeSource& time_source) { ASSERT(!last_upstream_rx_byte_received_); last_upstream_rx_byte_received_ = time_source.monotonicTime(); } absl::optional first_upstream_tx_byte_sent_; absl::optional last_upstream_tx_byte_sent_; absl::optional first_upstream_rx_byte_received_; absl::optional last_upstream_rx_byte_received_; }; /** * Additional information about a completed request for logging. */ class StreamInfo { public: virtual ~StreamInfo() = default; /** * @param response_flag the response flag. Each filter can set independent response flags. The * flags are accumulated. */ virtual void setResponseFlag(ResponseFlag response_flag) PURE; /** * @param rc_details the response code details string to set for this request. * See ResponseCodeDetailValues above for well-known constants. */ virtual void setResponseCodeDetails(absl::string_view rc_details) PURE; /** * @param connection_termination_details the termination details string to set for this * connection. */ virtual void setConnectionTerminationDetails(absl::string_view connection_termination_details) PURE; /** * @param response_flags the response_flags to intersect with. * @return true if the intersection of the response_flags argument and the currently set response * flags is non-empty. */ virtual bool intersectResponseFlags(uint64_t response_flags) const PURE; /** * @param host the selected upstream host for the request. */ virtual void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) PURE; /** * @param std::string name denotes the name of the route. */ virtual void setRouteName(absl::string_view name) PURE; /** * @return std::string& the name of the route. */ virtual const std::string& getRouteName() const PURE; /** * @param bytes_received denotes number of bytes to add to total received bytes. */ virtual void addBytesReceived(uint64_t bytes_received) PURE; /** * @return the number of body bytes received in the request. */ virtual uint64_t bytesReceived() const PURE; /** * @return the protocol of the request. */ virtual absl::optional protocol() const PURE; /** * @param protocol the request's protocol. */ virtual void protocol(Http::Protocol protocol) PURE; /** * @return the response code. */ virtual absl::optional responseCode() const PURE; /** * @return the response code details. */ virtual const absl::optional& responseCodeDetails() const PURE; /** * @return the termination details of the connection. */ virtual const absl::optional& connectionTerminationDetails() const PURE; /** * @return the time that the first byte of the request was received. */ virtual SystemTime startTime() const PURE; /** * @return the monotonic time that the first byte of the request was received. Duration * calculations should be made relative to this value. */ virtual MonotonicTime startTimeMonotonic() const PURE; /** * @return the duration between the last byte of the request was received and the start of the * request. */ virtual absl::optional lastDownstreamRxByteReceived() const PURE; /** * Sets the time when the last byte of the request was received. */ virtual void onLastDownstreamRxByteReceived() PURE; /** * Sets the upstream timing information for this stream. This is useful for * when multiple upstream requests are issued and we want to save timing * information for the one that "wins". */ virtual void setUpstreamTiming(const UpstreamTiming& upstream_timing) PURE; /** * @return the duration between the first byte of the request was sent upstream and the start of * the request. There may be a considerable delta between lastDownstreamByteReceived and this * value due to filters. */ virtual absl::optional firstUpstreamTxByteSent() const PURE; /** * @return the duration between the last byte of the request was sent upstream and the start of * the request. */ virtual absl::optional lastUpstreamTxByteSent() const PURE; /** * @return the duration between the first byte of the response is received from upstream and the * start of the request. */ virtual absl::optional firstUpstreamRxByteReceived() const PURE; /** * @return the duration between the last byte of the response is received from upstream and the * start of the request. */ virtual absl::optional lastUpstreamRxByteReceived() const PURE; /** * @return the duration between the first byte of the response is sent downstream and the start of * the request. There may be a considerable delta between lastUpstreamByteReceived and this value * due to filters. */ virtual absl::optional firstDownstreamTxByteSent() const PURE; /** * Sets the time when the first byte of the response is sent downstream. */ virtual void onFirstDownstreamTxByteSent() PURE; /** * @return the duration between the last byte of the response is sent downstream and the start of * the request. */ virtual absl::optional lastDownstreamTxByteSent() const PURE; /** * Sets the time when the last byte of the response is sent downstream. */ virtual void onLastDownstreamTxByteSent() PURE; /** * @return the total duration of the request (i.e., when the request's ActiveStream is destroyed) * and may be longer than lastDownstreamTxByteSent. */ virtual absl::optional requestComplete() const PURE; /** * Sets the end time for the request. This method is called once the request has been fully * completed (i.e., when the request's ActiveStream is destroyed). */ virtual void onRequestComplete() PURE; /** * @param bytes_sent denotes the number of bytes to add to total sent bytes. */ virtual void addBytesSent(uint64_t bytes_sent) PURE; /** * @return the number of body bytes sent in the response. */ virtual uint64_t bytesSent() const PURE; /** * @return whether response flag is set or not. */ virtual bool hasResponseFlag(ResponseFlag response_flag) const PURE; /** * @return whether any response flag is set or not. */ virtual bool hasAnyResponseFlag() const PURE; /** * @return response flags encoded as an integer. */ virtual uint64_t responseFlags() const PURE; /** * @return upstream host description. */ virtual Upstream::HostDescriptionConstSharedPtr upstreamHost() const PURE; /** * @param upstream_local_address sets the local address of the upstream connection. Note that it * can be different than the local address of the downstream connection. */ virtual void setUpstreamLocalAddress( const Network::Address::InstanceConstSharedPtr& upstream_local_address) PURE; /** * @return the upstream local address. */ virtual const Network::Address::InstanceConstSharedPtr& upstreamLocalAddress() const PURE; /** * @return whether the request is a health check request or not. */ virtual bool healthCheck() const PURE; /** * @param is_health_check whether the request is a health check request or not. */ virtual void healthCheck(bool is_health_check) PURE; /** * @param downstream_local_address sets the local address of the downstream connection. Note that * it can be different than the local address of the upstream connection. */ virtual void setDownstreamLocalAddress( const Network::Address::InstanceConstSharedPtr& downstream_local_address) PURE; /** * @return the downstream local address. Note that this will never be nullptr. */ virtual const Network::Address::InstanceConstSharedPtr& downstreamLocalAddress() const PURE; /** * @param downstream_direct_remote_address sets the direct physical address of downstream * connection. */ virtual void setDownstreamDirectRemoteAddress( const Network::Address::InstanceConstSharedPtr& downstream_direct_remote_address) PURE; /** * @return the downstream directly connected address. This will never be nullptr. This is * equivalent to the address of the physical connection. */ virtual const Network::Address::InstanceConstSharedPtr& downstreamDirectRemoteAddress() const PURE; /** * @param downstream_remote_address sets the remote address of downstream connection. */ virtual void setDownstreamRemoteAddress( const Network::Address::InstanceConstSharedPtr& downstream_remote_address) PURE; /** * @return the downstream remote address. Note that this will never be nullptr. This may be * equivalent to downstreamDirectRemoteAddress, unless the remote address is inferred from a * proxy proto, x-forwarded-for, etc. */ virtual const Network::Address::InstanceConstSharedPtr& downstreamRemoteAddress() const PURE; /** * @param connection_info sets the downstream ssl connection. */ virtual void setDownstreamSslConnection(const Ssl::ConnectionInfoConstSharedPtr& ssl_connection_info) PURE; /** * @return the downstream SSL connection. This will be nullptr if the downstream * connection does not use SSL. */ virtual Ssl::ConnectionInfoConstSharedPtr downstreamSslConnection() const PURE; /** * @param connection_info sets the upstream ssl connection. */ virtual void setUpstreamSslConnection(const Ssl::ConnectionInfoConstSharedPtr& ssl_connection_info) PURE; /** * @return the upstream SSL connection. This will be nullptr if the upstream * connection does not use SSL. */ virtual Ssl::ConnectionInfoConstSharedPtr upstreamSslConnection() const PURE; /** * @return const Router::RouteEntry* Get the route entry selected for this request. Note: this * will be nullptr if no route was selected. */ virtual const Router::RouteEntry* routeEntry() const PURE; /** * @return const envoy::config::core::v3::Metadata& the dynamic metadata associated with this * request */ virtual envoy::config::core::v3::Metadata& dynamicMetadata() PURE; virtual const envoy::config::core::v3::Metadata& dynamicMetadata() const PURE; /** * @param name the namespace used in the metadata in reverse DNS format, for example: * envoy.test.my_filter. * @param value the struct to set on the namespace. A merge will be performed with new values for * the same key overriding existing. */ virtual void setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) PURE; /** * Object on which filters can share data on a per-request basis. For singleton data objects, only * one filter can produce a named data object. List data objects can be updated by multiple * filters (append only). Both object types can be consumed by multiple filters. * @return the filter state associated with this request. */ virtual const FilterStateSharedPtr& filterState() PURE; virtual const FilterState& filterState() const PURE; /** * Filter State object to be shared between upstream and downstream filters. * @param pointer to upstream connections filter state. * @return pointer to filter state to be used by upstream connections. */ virtual const FilterStateSharedPtr& upstreamFilterState() const PURE; virtual void setUpstreamFilterState(const FilterStateSharedPtr& filter_state) PURE; /** * @param SNI value requested. */ virtual void setRequestedServerName(const absl::string_view requested_server_name) PURE; /** * @return SNI value for downstream host. */ virtual const std::string& requestedServerName() const PURE; /** * @param failure_reason the upstream transport failure reason. */ virtual void setUpstreamTransportFailureReason(absl::string_view failure_reason) PURE; /** * @return const std::string& the upstream transport failure reason, e.g. certificate validation * failed. */ virtual const std::string& upstreamTransportFailureReason() const PURE; /** * @param headers request headers. */ virtual void setRequestHeaders(const Http::RequestHeaderMap& headers) PURE; /** * @return request headers. */ virtual const Http::RequestHeaderMap* getRequestHeaders() const PURE; /** * @param Upstream Connection's ClusterInfo. */ virtual void setUpstreamClusterInfo(const Upstream::ClusterInfoConstSharedPtr& upstream_cluster_info) PURE; /** * @return Upstream Connection's ClusterInfo. * This returns an optional to differentiate between unset(absl::nullopt), * no route or cluster does not exist(nullptr), and set to a valid cluster(not nullptr). */ virtual absl::optional upstreamClusterInfo() const PURE; /** * @param utils The requestID utils implementation this stream uses */ virtual void setRequestIDExtension(Http::RequestIDExtensionSharedPtr utils) PURE; /** * @return A shared pointer to the request ID utils for this stream */ virtual Http::RequestIDExtensionSharedPtr getRequestIDExtension() const PURE; /** * @return Connection ID of the downstream connection, or unset if not available. **/ virtual absl::optional connectionID() const PURE; /** * @param id Connection ID of the downstream connection. **/ virtual void setConnectionID(uint64_t id) PURE; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: include/envoy/stream_info/uint32_accessor.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace StreamInfo { /** * A FilterState object that tracks a single uint32_t value. */ class UInt32Accessor : public FilterState::Object { public: /** * Increments the tracked value by 1. */ virtual void increment() PURE; /** * @return the tracked value. */ virtual uint32_t value() const PURE; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: include/envoy/tcp/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/common:conn_pool_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/upstream:upstream_interface", ], ) ================================================ FILE: include/envoy/tcp/conn_pool.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/conn_pool.h" #include "envoy/common/pure.h" #include "envoy/event/deferred_deletable.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Tcp { namespace ConnectionPool { /* * UpstreamCallbacks for connection pool upstream connection callbacks and data. Note that * onEvent(Connected) is never triggered since the event always occurs before a ConnectionPool * caller is assigned a connection. */ class UpstreamCallbacks : public Network::ConnectionCallbacks { public: ~UpstreamCallbacks() override = default; /* * Invoked when data is delivered from the upstream connection while the connection is owned by a * ConnectionPool::Instance caller. * @param data supplies data from the upstream * @param end_stream whether the data is the last data frame */ virtual void onUpstreamData(Buffer::Instance& data, bool end_stream) PURE; }; /** * ConnectionState is a base class for connection state maintained across requests. For example, a * protocol may maintain a connection-specific request sequence number or negotiate options that * affect the behavior of requests for the duration of the connection. A ConnectionState subclass * is assigned to the ConnectionData to track this state when the connection is returned to the * pool so that the state is available when the connection is re-used for a subsequent request. * The ConnectionState assigned to a connection is automatically destroyed when the connection is * closed. */ class ConnectionState { public: virtual ~ConnectionState() = default; }; using ConnectionStatePtr = std::unique_ptr; /* * ConnectionData wraps a ClientConnection allocated to a caller. Open ClientConnections are * released back to the pool for re-use when their containing ConnectionData is destroyed. */ class ConnectionData { public: virtual ~ConnectionData() = default; /** * @return the ClientConnection for the connection. */ virtual Network::ClientConnection& connection() PURE; /** * Sets the ConnectionState for this connection. Any existing ConnectionState is destroyed. * @param ConnectionStatePtr&& new ConnectionState for this connection. */ virtual void setConnectionState(ConnectionStatePtr&& state) PURE; /** * @return T* the current ConnectionState or nullptr if no state is set or if the state's type * is not T. */ template T* connectionStateTyped() { return dynamic_cast(connectionState()); } /** * Sets the ConnectionPool::UpstreamCallbacks for the connection. If no callback is attached, * data from the upstream will cause the connection to be closed. Callbacks cease when the * connection is released. * @param callback the UpstreamCallbacks to invoke for upstream data */ virtual void addUpstreamCallbacks(ConnectionPool::UpstreamCallbacks& callback) PURE; protected: /** * @return ConnectionState* pointer to the current ConnectionState or nullptr if not set */ virtual ConnectionState* connectionState() PURE; }; using ConnectionDataPtr = std::unique_ptr; using PoolFailureReason = ::Envoy::ConnectionPool::PoolFailureReason; using Cancellable = ::Envoy::ConnectionPool::Cancellable; using CancelPolicy = ::Envoy::ConnectionPool::CancelPolicy; /** * Pool callbacks invoked in the context of a newConnection() call, either synchronously or * asynchronously. */ class Callbacks { public: virtual ~Callbacks() = default; /** * Called when a pool error occurred and no connection could be acquired for making the request. * @param reason supplies the failure reason. * @param host supplies the description of the host that caused the failure. This may be nullptr * if no host was involved in the failure (for example overflow). */ virtual void onPoolFailure(PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) PURE; /** * Called when a connection is available to process a request/response. Connections may be * released back to the pool for re-use by resetting the ConnectionDataPtr. If the connection is * no longer viable for reuse (e.g. due to some kind of protocol error), the underlying * ClientConnection should be closed to prevent its reuse. * * @param conn supplies the connection data to use. * @param host supplies the description of the host that will carry the request. For logical * connection pools the description may be different each time this is called. */ virtual void onPoolReady(ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) PURE; }; /** * An instance of a generic connection pool. */ class Instance : public Envoy::ConnectionPool::Instance, public Event::DeferredDeletable { public: /** * Immediately close all existing connection pool connections. This method can be used in cases * where the connection pool is not being destroyed, but the caller wishes to terminate all * existing connections. For example, when a health check failure occurs. */ virtual void closeConnections() PURE; /** * Create a new connection on the pool. * @param cb supplies the callbacks to invoke when the connection is ready or has failed. The * callbacks may be invoked immediately within the context of this call if there is a * ready connection or an immediate failure. In this case, the routine returns nullptr. * @return Cancellable* If no connection is ready, the callback is not invoked, and a handle * is returned that can be used to cancel the request. Otherwise, one of the * callbacks is called and the routine returns nullptr. NOTE: Once a callback * is called, the handle is no longer valid and any further cancellation * should be done by resetting the connection. */ virtual Cancellable* newConnection(Callbacks& callbacks) PURE; }; using InstancePtr = std::unique_ptr; } // namespace ConnectionPool } // namespace Tcp } // namespace Envoy ================================================ FILE: include/envoy/thread/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "thread_interface", hdrs = ["thread.h"], deps = ["//source/common/common:thread_annotations"], ) ================================================ FILE: include/envoy/thread/thread.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "common/common/thread_annotations.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Thread { /** * An id for a thread. */ class ThreadId { public: ThreadId() : id_(std::numeric_limits::min()) {} explicit ThreadId(int64_t id) : id_(id) {} int64_t getId() const { return id_; } std::string debugString() const { return std::to_string(id_); } bool isEmpty() const { return *this == ThreadId(); } friend bool operator==(ThreadId lhs, ThreadId rhs) { return lhs.id_ == rhs.id_; } friend bool operator!=(ThreadId lhs, ThreadId rhs) { return lhs.id_ != rhs.id_; } template friend H AbslHashValue(H h, ThreadId id) { return H::combine(std::move(h), id.id_); } private: int64_t id_; }; class Thread { public: virtual ~Thread() = default; /** * @return the name of the thread. */ virtual std::string name() const PURE; /** * Blocks until the thread exits. */ virtual void join() PURE; }; using ThreadPtr = std::unique_ptr; // Options specified during thread creation. struct Options { std::string name_; // A name supplied for the thread. On Linux this is limited to 15 chars. }; using OptionsOptConstRef = const absl::optional&; /** * Interface providing a mechanism for creating threads. */ class ThreadFactory { public: virtual ~ThreadFactory() = default; /** * Creates a thread, immediately starting the thread_routine. * * @param thread_routine supplies the function to invoke in the thread. * @param options supplies options specified on thread creation. */ virtual ThreadPtr createThread(std::function thread_routine, OptionsOptConstRef options = absl::nullopt) PURE; /** * Return the current system thread ID */ virtual ThreadId currentThreadId() PURE; }; using ThreadFactoryPtr = std::unique_ptr; /** * Like the C++11 "basic lockable concept" but a pure virtual interface vs. a template, and * with thread annotations. */ class ABSL_LOCKABLE BasicLockable { public: virtual ~BasicLockable() = default; virtual void lock() ABSL_EXCLUSIVE_LOCK_FUNCTION() PURE; virtual bool tryLock() ABSL_EXCLUSIVE_TRYLOCK_FUNCTION(true) PURE; virtual void unlock() ABSL_UNLOCK_FUNCTION() PURE; }; } // namespace Thread } // namespace Envoy ================================================ FILE: include/envoy/thread_local/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "thread_local_interface", hdrs = ["thread_local.h"], deps = ["//include/envoy/event:dispatcher_interface"], ) ================================================ FILE: include/envoy/thread_local/thread_local.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" namespace Envoy { namespace ThreadLocal { /** * All objects that are stored via the ThreadLocal interface must derive from this type. */ class ThreadLocalObject { public: virtual ~ThreadLocalObject() = default; /** * Return the object casted to a concrete type. See getTyped() below for comments on the casts. */ template T& asType() { ASSERT(dynamic_cast(this) != nullptr); return *static_cast(this); } }; using ThreadLocalObjectSharedPtr = std::shared_ptr; /** * An individual allocated TLS slot. When the slot is destroyed the stored thread local will * be freed on each thread. */ class Slot { public: virtual ~Slot() = default; /** * Returns if there is thread local data for this thread. * * This should return true for Envoy worker threads and false for threads which do not have thread * local storage allocated. * * @return true if registerThread has been called for this thread, false otherwise. */ virtual bool currentThreadRegistered() PURE; /** * @return ThreadLocalObjectSharedPtr a thread local object stored in the slot. */ virtual ThreadLocalObjectSharedPtr get() PURE; /** * This is a helper on top of get() that casts the object stored in the slot to the specified * type. Since the slot only stores pointers to the base interface, the static_cast operates * in production for performance, and the dynamic_cast validates correctness in tests and debug * builds. */ template T& getTyped() { ASSERT(std::dynamic_pointer_cast(get()) != nullptr); return *static_cast(get().get()); } /** * Set thread local data on all threads previously registered via registerThread(). * @param initializeCb supplies the functor that will be called *on each thread*. The functor * returns the thread local object which is then stored. The storage is via * a shared_ptr. Thus, this is a flexible mechanism that can be used to share * the same data across all threads or to share different data on each thread. * * NOTE: The initialize callback is not supposed to capture the Slot, or its owner. As the owner * may be destructed in main thread before the update_cb gets called in a worker thread. */ using InitializeCb = std::function; virtual void set(InitializeCb cb) PURE; /** * UpdateCb takes the current stored data, and returns an updated/new version data. * TLS will run the callback and replace the stored data with the returned value *in each thread*. * * NOTE: The update callback is not supposed to capture the Slot, or its owner. As the owner may * be destructed in main thread before the update_cb gets called in a worker thread. **/ using UpdateCb = std::function; virtual void runOnAllThreads(const UpdateCb& update_cb) PURE; virtual void runOnAllThreads(const UpdateCb& update_cb, Event::PostCb complete_cb) PURE; }; using SlotPtr = std::unique_ptr; /** * Interface used to allocate thread local slots. */ class SlotAllocator { public: virtual ~SlotAllocator() = default; /** * @return SlotPtr a dedicated slot for use in further calls to get(), set(), etc. */ virtual SlotPtr allocateSlot() PURE; }; /** * Interface for getting and setting thread local data as well as registering a thread */ class Instance : public SlotAllocator { public: /** * A thread (via its dispatcher) must be registered before set() is called on any allocated slots * to receive thread local data updates. * @param dispatcher supplies the thread's dispatcher. * @param main_thread supplies whether this is the main program thread or not. (The only * difference is that callbacks fire immediately on the main thread when posted * from the main thread). */ virtual void registerThread(Event::Dispatcher& dispatcher, bool main_thread) PURE; /** * This should be called by the main thread before any worker threads start to exit. This will * block TLS removal during slot destruction, given that worker threads are about to call * shutdownThread(). This avoids having to implement de-registration of threads. */ virtual void shutdownGlobalThreading() PURE; /** * The owning thread is about to exit. This will free all thread local variables. It must be * called on the thread that is shutting down. */ virtual void shutdownThread() PURE; /** * @return Event::Dispatcher& the thread local dispatcher. */ virtual Event::Dispatcher& dispatcher() PURE; }; } // namespace ThreadLocal } // namespace Envoy ================================================ FILE: include/envoy/tracing/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "http_tracer_interface", hdrs = ["http_tracer.h"], deps = [ "//include/envoy/access_log:access_log_interface", "//include/envoy/http:header_map_interface", ], ) envoy_cc_library( name = "http_tracer_manager_interface", hdrs = ["http_tracer_manager.h"], deps = [ ":http_tracer_interface", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/tracing/http_tracer.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/pure.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Tracing { class Span; using SpanPtr = std::unique_ptr; constexpr uint32_t DefaultMaxPathTagLength = 256; enum class OperationName { Ingress, Egress }; /** * The reasons why trace sampling may or may not be performed. */ enum class Reason { // Not sampled based on supplied request id. NotTraceableRequestId, // Not sampled due to being a health check. HealthCheck, // Sampling enabled. Sampling, // Sampling forced by the service. ServiceForced, // Sampling forced by the client. ClientForced, }; /** * The decision regarding whether traces should be sampled, and the reason for it. */ struct Decision { Reason reason; bool traced; }; /** * The context for the custom tag to obtain the tag value. */ struct CustomTagContext { const Http::RequestHeaderMap* request_headers; const StreamInfo::StreamInfo& stream_info; }; /** * Tracing custom tag, with tag name and how it would be applied to the span. */ class CustomTag { public: virtual ~CustomTag() = default; /** * @return the tag name view. */ virtual absl::string_view tag() const PURE; /** * The way how to apply the custom tag to the span, * generally obtain the tag value from the context and attached it to the span. * @param span the active span. * @param ctx the custom tag context. */ virtual void apply(Span& span, const CustomTagContext& ctx) const PURE; }; using CustomTagConstSharedPtr = std::shared_ptr; using CustomTagMap = absl::flat_hash_map; /** * Tracing configuration, it carries additional data needed to populate the span. */ class Config { public: virtual ~Config() = default; /** * @return operation name for tracing, e.g., ingress. */ virtual OperationName operationName() const PURE; /** * @return custom tags to be attached to the active span. */ virtual const CustomTagMap* customTags() const PURE; /** * @return true if spans should be annotated with more detailed information. */ virtual bool verbose() const PURE; /** * @return the maximum length allowed for paths in the extracted HttpUrl tag. */ virtual uint32_t maxPathTagLength() const PURE; }; /** * Basic abstraction for span. */ class Span { public: virtual ~Span() = default; /** * Set the operation name. * @param operation the operation name */ virtual void setOperation(absl::string_view operation) PURE; /** * Attach metadata to a Span, to be handled in an implementation-dependent fashion. * @param name the name of the tag * @param value the value to associate with the tag */ virtual void setTag(absl::string_view name, absl::string_view value) PURE; /** * Record an event associated with a span, to be handled in an implementation-dependent fashion. * @param timestamp the time of the event. * @param event the name of the event. */ virtual void log(SystemTime timestamp, const std::string& event) PURE; /** * Capture the final duration for this Span and carry out any work necessary to complete it. * Once this method is called, the Span may be safely discarded. */ virtual void finishSpan() PURE; /** * Mutate the provided headers with the context necessary to propagate this * (implementation-specific) trace. * @param request_headers the headers to which propagation context will be added */ virtual void injectContext(Http::RequestHeaderMap& request_headers) PURE; /** * Create and start a child Span, with this Span as its parent in the trace. * @param config the tracing configuration * @param name operation name captured by the spawned child * @param start_time initial start time for the operation captured by the child */ virtual SpanPtr spawnChild(const Config& config, const std::string& name, SystemTime start_time) PURE; /** * This method overrides any previous sampling decision associated with the trace instance. * If the sampled parameter is false, this span and any subsequent child spans * are not reported to the tracing system. * @param sampled whether the span and any subsequent child spans should be sampled */ virtual void setSampled(bool sampled) PURE; /** * Retrieve a key's value from the span's baggage. * This baggage data could've been set by this span or any parent spans. * @param key baggage key * @return the baggage's value for the given input key */ virtual std::string getBaggage(absl::string_view key) PURE; /** * Set a key/value pair in the current span's baggage. * All subsequent child spans will have access to this baggage. * @param key baggage key * @param key baggage value */ virtual void setBaggage(absl::string_view key, absl::string_view value) PURE; }; /** * Tracing driver is responsible for span creation. */ class Driver { public: virtual ~Driver() = default; /** * Start driver specific span. */ virtual SpanPtr startSpan(const Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision) PURE; }; using DriverPtr = std::unique_ptr; /** * HttpTracer is responsible for handling traces and delegate actions to the * corresponding drivers. */ class HttpTracer { public: virtual ~HttpTracer() = default; virtual SpanPtr startSpan(const Config& config, Http::RequestHeaderMap& request_headers, const StreamInfo::StreamInfo& stream_info, const Tracing::Decision tracing_decision) PURE; }; using HttpTracerSharedPtr = std::shared_ptr; } // namespace Tracing } // namespace Envoy ================================================ FILE: include/envoy/tracing/http_tracer_manager.h ================================================ #pragma once #include "envoy/config/trace/v3/http_tracer.pb.h" #include "envoy/tracing/http_tracer.h" namespace Envoy { namespace Tracing { /** * An HttpTracer manager which ensures existence of at most one * HttpTracer instance for a given configuration. */ class HttpTracerManager { public: virtual ~HttpTracerManager() = default; /** * Get an existing HttpTracer or create a new one for a given configuration. * @param config supplies the configuration for the tracing provider. * @return HttpTracerSharedPtr. */ virtual HttpTracerSharedPtr getOrCreateHttpTracer(const envoy::config::trace::v3::Tracing_Http* config) PURE; }; using HttpTracerManagerSharedPtr = std::shared_ptr; } // namespace Tracing } // namespace Envoy ================================================ FILE: include/envoy/udp/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "hash_policy_interface", hdrs = ["hash_policy.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/network:address_interface", ], ) ================================================ FILE: include/envoy/udp/hash_policy.h ================================================ #pragma once #include "envoy/network/address.h" #include "absl/types/optional.h" namespace Envoy { namespace Udp { /** * Hash policy for UDP transport layer protocol. */ class HashPolicy { public: virtual ~HashPolicy() = default; /** * @param downstream_address is the address of the peer client. * @return absl::optional an optional hash value to route on. A hash value might not be * returned if for example the downstream address has a unix domain socket type. */ virtual absl::optional generateHash(const Network::Address::Instance& downstream_address) const PURE; }; } // namespace Udp } // namespace Envoy ================================================ FILE: include/envoy/upstream/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "cluster_manager_interface", hdrs = ["cluster_manager.h"], external_deps = [ "abseil_node_hash_map", ], deps = [ ":health_checker_interface", ":load_balancer_interface", ":thread_local_cluster_interface", ":upstream_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/common:random_generator_interface", "//include/envoy/config:grpc_mux_interface", "//include/envoy/config:subscription_factory_interface", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/http:async_client_interface", "//include/envoy/http:conn_pool_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/secret:secret_manager_interface", "//include/envoy/server:admin_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/thread_local:thread_local_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "health_checker_interface", hdrs = ["health_checker.h"], deps = [ ":upstream_interface", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "health_check_host_monitor_interface", hdrs = ["health_check_host_monitor.h"], ) envoy_cc_library( name = "host_description_interface", hdrs = ["host_description.h"], deps = [ ":health_check_host_monitor_interface", ":outlier_detection_interface", "//include/envoy/network:address_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/stats:primitive_stats_macros", "//include/envoy/stats:stats_macros", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "load_balancer_interface", hdrs = ["load_balancer.h"], deps = [ ":upstream_interface", "//include/envoy/router:router_interface", "//include/envoy/upstream:types_interface", ], ) envoy_cc_library( name = "load_balancer_type_interface", hdrs = ["load_balancer_type.h"], deps = [ "//source/common/protobuf", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "locality_lib", hdrs = ["locality.h"], deps = [ "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "outlier_detection_interface", hdrs = ["outlier_detection.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/common:time_interface", "@envoy_api//envoy/data/cluster/v2alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "retry_interface", hdrs = ["retry.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/upstream:types_interface", "//include/envoy/upstream:upstream_interface", ], ) envoy_cc_library( name = "resource_manager_interface", hdrs = ["resource_manager.h"], deps = ["//include/envoy/common:resource_interface"], ) envoy_cc_library( name = "thread_local_cluster_interface", hdrs = ["thread_local_cluster.h"], deps = [ ":load_balancer_interface", ":upstream_interface", ], ) envoy_cc_library( name = "types_interface", hdrs = ["types.h"], deps = [ "//source/common/common:phantom", ], ) envoy_cc_library( name = "upstream_interface", hdrs = ["upstream.h"], external_deps = ["abseil_optional"], deps = [ ":health_check_host_monitor_interface", ":load_balancer_type_interface", ":locality_lib", ":resource_manager_interface", "//include/envoy/common:callback", "//include/envoy/config:subscription_interface", "//include/envoy/config:typed_metadata_interface", "//include/envoy/http:codec_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/ssl:context_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/upstream:types_interface", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "cluster_factory_interface", hdrs = ["cluster_factory.h"], deps = [ ":cluster_manager_interface", ":health_check_host_monitor_interface", ":load_balancer_type_interface", ":locality_lib", ":resource_manager_interface", ":upstream_interface", "//include/envoy/common:callback", "//include/envoy/config:typed_config_interface", "//include/envoy/config:typed_metadata_interface", "//include/envoy/http:codec_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/ssl:context_interface", "//include/envoy/ssl:context_manager_interface", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) ================================================ FILE: include/envoy/upstream/cluster_factory.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/typed_config.h" #include "envoy/event/dispatcher.h" #include "envoy/local_info/local_info.h" #include "envoy/network/dns.h" #include "envoy/runtime/runtime.h" #include "envoy/server/admin.h" #include "envoy/singleton/manager.h" #include "envoy/ssl/context.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/stats.h" #include "envoy/stats/store.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/outlier_detection.h" namespace Envoy { namespace Upstream { /** * Context passed to cluster factory to access envoy resources. Cluster factory should only access * the rest of the server through this context object. */ class ClusterFactoryContext { public: virtual ~ClusterFactoryContext() = default; /** * @return bool flag indicating whether the cluster is added via api. */ virtual bool addedViaApi() PURE; /** * @return Server::Admin& the server's admin interface. */ virtual Server::Admin& admin() PURE; /** * @return Api::Api& a reference to the api object. */ virtual Api::Api& api() PURE; /** * @return Upstream::ClusterManager& singleton for use by the entire server. */ virtual ClusterManager& clusterManager() PURE; /** * @return Event::Dispatcher& the main thread's dispatcher. This dispatcher should be used * for all singleton processing. */ virtual Event::Dispatcher& dispatcher() PURE; /** * @return Network::DnsResolverSharedPtr the dns resolver for the server. */ virtual Network::DnsResolverSharedPtr dnsResolver() PURE; /** * @return information about the local environment the server is running in. */ virtual const LocalInfo::LocalInfo& localInfo() PURE; /** * @return AccessLogManager for use by the entire server. */ virtual AccessLog::AccessLogManager& logManager() PURE; /** * @return Runtime::Loader& the singleton runtime loader for the server. */ virtual Runtime::Loader& runtime() PURE; /** * @return Singleton::Manager& the server-wide singleton manager. */ virtual Singleton::Manager& singletonManager() PURE; /** * @return Ssl::ContextManager& the SSL context manager. */ virtual Ssl::ContextManager& sslContextManager() PURE; /** * @return the server-wide stats store. */ virtual Stats::Store& stats() PURE; /** * @return the server's TLS slot allocator. */ virtual ThreadLocal::SlotAllocator& tls() PURE; /** * @return Outlier::EventLoggerSharedPtr sink for outlier detection event logs. */ virtual Outlier::EventLoggerSharedPtr outlierEventLogger() PURE; /** * @return ProtobufMessage::ValidationVisitor& validation visitor for filter configuration * messages. */ virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE; }; /** * Implemented by cluster and registered via Registry::registerFactory() or the convenience class * RegisterFactory. */ class ClusterFactory : public Config::UntypedFactory { public: ~ClusterFactory() override = default; /** * Create a new instance of cluster. If the implementation is unable to produce a cluster instance * with the provided parameters, it should throw an EnvoyException in the case of general error. * @param cluster supplies the general protobuf configuration for the cluster. * @param context supplies the cluster's context. * @return a pair containing the cluster instance as well as an option thread aware load * balancer if this cluster has an integrated load balancer. */ virtual std::pair create(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context) PURE; std::string category() const override { return "envoy.clusters"; } }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/cluster_manager.h ================================================ #pragma once #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/grpc_mux.h" #include "envoy/config/subscription_factory.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/http/async_client.h" #include "envoy/http/conn_pool.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/admin.h" #include "envoy/singleton/manager.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/store.h" #include "envoy/tcp/conn_pool.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/health_checker.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/thread_local_cluster.h" #include "envoy/upstream/upstream.h" #include "absl/container/flat_hash_set.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Upstream { /** * ClusterUpdateCallbacks provide a way to exposes Cluster lifecycle events in the * ClusterManager. */ class ClusterUpdateCallbacks { public: virtual ~ClusterUpdateCallbacks() = default; /** * onClusterAddOrUpdate is called when a new cluster is added or an existing cluster * is updated in the ClusterManager. * @param cluster is the ThreadLocalCluster that represents the updated * cluster. */ virtual void onClusterAddOrUpdate(ThreadLocalCluster& cluster) PURE; /** * onClusterRemoval is called when a cluster is removed; the argument is the cluster name. * @param cluster_name is the name of the removed cluster. */ virtual void onClusterRemoval(const std::string& cluster_name) PURE; }; /** * ClusterUpdateCallbacksHandle is a RAII wrapper for a ClusterUpdateCallbacks. Deleting * the ClusterUpdateCallbacksHandle will remove the callbacks from ClusterManager in O(1). */ class ClusterUpdateCallbacksHandle { public: virtual ~ClusterUpdateCallbacksHandle() = default; }; using ClusterUpdateCallbacksHandlePtr = std::unique_ptr; class ClusterManagerFactory; /** * Manages connection pools and load balancing for upstream clusters. The cluster manager is * persistent and shared among multiple ongoing requests/connections. * Cluster manager is initialized in two phases. In the first phase which begins at the construction * all primary clusters (i.e. with endpoint assignments provisioned statically in bootstrap, * discovered through DNS or file based CDS) are initialized. This phase may complete synchronously * with cluster manager construction iff all clusters are STATIC and without health checks * configured. At the completion of the first phase cluster manager invokes callback set through the * `setPrimaryClustersInitializedCb` method. * After the first phase has completed the server instance initializes services (i.e. RTDS) needed * to successfully deploy the rest of dynamic configuration. * In the second phase all secondary clusters (with endpoint assignments provisioned by xDS servers) * are initialized and then the rest of the configuration provisioned through xDS. */ class ClusterManager { public: using PrimaryClustersReadyCallback = std::function; using InitializationCompleteCallback = std::function; virtual ~ClusterManager() = default; /** * Add or update a cluster via API. The semantics of this API are: * 1) The hash of the config is used to determine if an already existing cluster has changed. * Nothing is done if the hash matches the previously running configuration. * 2) Statically defined clusters (those present when Envoy starts) can not be updated via API. * * @param cluster supplies the cluster configuration. * @param version_info supplies the xDS version of the cluster. * @return true if the action results in an add/update of a cluster. */ virtual bool addOrUpdateCluster(const envoy::config::cluster::v3::Cluster& cluster, const std::string& version_info) PURE; /** * Set a callback that will be invoked when all primary clusters have been initialized. */ virtual void setPrimaryClustersInitializedCb(PrimaryClustersReadyCallback callback) PURE; /** * Set a callback that will be invoked when all owned clusters have been initialized. */ virtual void setInitializedCb(InitializationCompleteCallback callback) PURE; /** * Start initialization of secondary clusters and then dynamically configured clusters. * The "initialized callback" set in the method above is invoked when secondary and * dynamically provisioned clusters have finished initializing. */ virtual void initializeSecondaryClusters(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) PURE; using ClusterInfoMap = absl::node_hash_map>; /** * @return ClusterInfoMap all current clusters. These are the primary (not thread local) * clusters which should only be used for stats/admin. */ virtual ClusterInfoMap clusters() PURE; using ClusterSet = absl::flat_hash_set; /** * @return const ClusterSet& providing the cluster names that are eligible as * xDS API config sources. These must be static (i.e. in the * bootstrap) and non-EDS. */ virtual const ClusterSet& primaryClusters() PURE; /** * @return ThreadLocalCluster* the thread local cluster with the given name or nullptr if it * does not exist. This is thread safe. * * NOTE: The pointer returned by this function is ONLY safe to use in the context of the owning * call (or if the caller knows that the cluster is fully static and will never be deleted). In * the case of dynamic clusters, subsequent event loop iterations may invalidate this pointer. * If information about the cluster needs to be kept, use the ThreadLocalCluster::info() method to * obtain cluster information that is safe to store. */ virtual ThreadLocalCluster* get(absl::string_view cluster) PURE; /** * Allocate a load balanced HTTP connection pool for a cluster. This is *per-thread* so that * callers do not need to worry about per thread synchronization. The load balancing policy that * is used is the one defined on the cluster when it was created. * * Can return nullptr if there is no host available in the cluster or if the cluster does not * exist. * * To resolve the protocol to use, we provide the downstream protocol (if one exists). */ virtual Http::ConnectionPool::Instance* httpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context) PURE; /** * Allocate a load balanced TCP connection pool for a cluster. This is *per-thread* so that * callers do not need to worry about per thread synchronization. The load balancing policy that * is used is the one defined on the cluster when it was created. * * Can return nullptr if there is no host available in the cluster or if the cluster does not * exist. */ virtual Tcp::ConnectionPool::Instance* tcpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, LoadBalancerContext* context) PURE; /** * Allocate a load balanced TCP connection for a cluster. The created connection is already * bound to the correct *per-thread* dispatcher, so no further synchronization is needed. The * load balancing policy that is used is the one defined on the cluster when it was created. * * Returns both a connection and the host that backs the connection. Both can be nullptr if there * is no host available in the cluster. */ virtual Host::CreateConnectionData tcpConnForCluster(const std::string& cluster, LoadBalancerContext* context) PURE; /** * Returns a client that can be used to make async HTTP calls against the given cluster. The * client may be backed by a connection pool or by a multiplexed connection. The cluster manager * owns the client. */ virtual Http::AsyncClient& httpAsyncClientForCluster(const std::string& cluster) PURE; /** * Remove a cluster via API. Only clusters added via addOrUpdateCluster() can * be removed in this manner. Statically defined clusters present when Envoy starts cannot be * removed. * * @return true if the action results in the removal of a cluster. */ virtual bool removeCluster(const std::string& cluster) PURE; /** * Shutdown the cluster manager prior to destroying connection pools and other thread local data. */ virtual void shutdown() PURE; /** * @return const envoy::config::core::v3::BindConfig& cluster manager wide bind configuration for * new upstream connections. */ virtual const envoy::config::core::v3::BindConfig& bindConfig() const PURE; /** * Returns a shared_ptr to the singleton xDS-over-gRPC provider for upstream control plane muxing * of xDS. This is treated somewhat as a special case in ClusterManager, since it does not relate * logically to the management of clusters but instead is required early in ClusterManager/server * initialization and in various sites that need ClusterManager for xDS API interfacing. * * @return GrpcMux& ADS API provider referencee. */ virtual Config::GrpcMuxSharedPtr adsMux() PURE; /** * @return Grpc::AsyncClientManager& the cluster manager's gRPC client manager. */ virtual Grpc::AsyncClientManager& grpcAsyncClientManager() PURE; /** * Return the local cluster name, if it was configured. * * @return absl::optional the local cluster name, or empty if no local cluster was * configured. */ virtual const absl::optional& localClusterName() const PURE; /** * This method allows to register callbacks for cluster lifecycle events in the ClusterManager. * The callbacks will be registered in a thread local slot and the callbacks will be executed * on the thread that registered them. * To be executed on all threads, Callbacks need to be registered on all threads. * * @param callbacks are the ClusterUpdateCallbacks to add or remove to the cluster manager. * @return ClusterUpdateCallbacksHandlePtr a RAII that needs to be deleted to * unregister the callback. */ virtual ClusterUpdateCallbacksHandlePtr addThreadLocalClusterUpdateCallbacks(ClusterUpdateCallbacks& callbacks) PURE; /** * Return the factory to use for creating cluster manager related objects. */ virtual ClusterManagerFactory& clusterManagerFactory() PURE; /** * Obtain the subscription factory for the cluster manager. Since subscriptions may have an * upstream component, the factory is a facet of the cluster manager. * * @return Config::SubscriptionFactory& the subscription factory. */ virtual Config::SubscriptionFactory& subscriptionFactory() PURE; }; using ClusterManagerPtr = std::unique_ptr; /** * Abstract interface for a CDS API provider. */ class CdsApi { public: virtual ~CdsApi() = default; /** * Start the first fetch of CDS data. */ virtual void initialize() PURE; /** * Set a callback that will be called when the CDS API has done an initial load from the remote * server. If the initial load fails, the callback will also be called. */ virtual void setInitializedCb(std::function callback) PURE; /** * @return std::string last accepted version from fetch. */ virtual const std::string versionInfo() const PURE; }; using CdsApiPtr = std::unique_ptr; /** * Factory for objects needed during cluster manager operation. */ class ClusterManagerFactory { public: virtual ~ClusterManagerFactory() = default; /** * Allocate a cluster manager from configuration proto. */ virtual ClusterManagerPtr clusterManagerFromProto(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) PURE; /** * Allocate an HTTP connection pool for the host. Pools are separated by 'priority', * 'protocol', and 'options->hashKey()', if any. */ virtual Http::ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, Http::Protocol protocol, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) PURE; /** * Allocate a TCP connection pool for the host. Pools are separated by 'priority' and * 'options->hashKey()', if any. */ virtual Tcp::ConnectionPool::InstancePtr allocateTcpConnPool(Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) PURE; /** * Allocate a cluster from configuration proto. */ virtual std::pair clusterFromProto(const envoy::config::cluster::v3::Cluster& cluster, ClusterManager& cm, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api) PURE; /** * Create a CDS API provider from configuration proto. */ virtual CdsApiPtr createCds(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm) PURE; /** * Returns the secret manager. */ virtual Secret::SecretManager& secretManager() PURE; }; /** * Factory for creating ClusterInfo */ class ClusterInfoFactory { public: virtual ~ClusterInfoFactory() = default; /** * Parameters for createClusterInfo(). */ struct CreateClusterInfoParams { Server::Admin& admin_; Runtime::Loader& runtime_; const envoy::config::cluster::v3::Cluster& cluster_; const envoy::config::core::v3::BindConfig& bind_config_; Stats::Store& stats_; Ssl::ContextManager& ssl_context_manager_; const bool added_via_api_; ClusterManager& cm_; const LocalInfo::LocalInfo& local_info_; Event::Dispatcher& dispatcher_; Singleton::Manager& singleton_manager_; ThreadLocal::SlotAllocator& tls_; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; }; /** * This method returns a Upstream::ClusterInfoConstSharedPtr given construction parameters. */ virtual Upstream::ClusterInfoConstSharedPtr createClusterInfo(const CreateClusterInfoParams& params) PURE; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/health_check_host_monitor.h ================================================ #pragma once #include #include "envoy/common/pure.h" namespace Envoy { namespace Upstream { /** * A monitor for "passive" health check events that might happen on every thread. For example, if a * special HTTP header is received, the data plane may decide to fast fail a host to avoid waiting * for the full Health Check interval to elapse before determining the host is active health check * failed. */ class HealthCheckHostMonitor { public: virtual ~HealthCheckHostMonitor() = default; /** * Mark the host as unhealthy. Note that this may not be immediate as events may need to be * propagated between multiple threads. */ virtual void setUnhealthy() PURE; }; using HealthCheckHostMonitorPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/health_checker.h ================================================ #pragma once #include #include #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Upstream { enum class HealthState { Unhealthy, Healthy }; enum class HealthTransition { /** * Used when the health state of a host hasn't changed. */ Unchanged, /** * Used when the health state of a host has changed. */ Changed, /** * Used when the health check result differs from the health state of a host, but a change to the * latter is delayed due to healthy/unhealthy threshold settings. */ ChangePending }; /** * Wraps active health checking of an upstream cluster. */ class HealthChecker { public: virtual ~HealthChecker() = default; /** * Called when a host has been health checked. * @param host supplies the host that was just health checked. * @param changed_state supplies whether the health check resulted in a host moving from healthy * to not healthy or vice versa. */ using HostStatusCb = std::function; /** * Install a callback that will be invoked every time a health check round is completed for * a host. The host's health check state may not have changed. * @param callback supplies the callback to invoke. */ virtual void addHostCheckCompleteCb(HostStatusCb callback) PURE; /** * Start cyclic health checking based on the provided settings and the type of health checker. */ virtual void start() PURE; }; using HealthCheckerSharedPtr = std::shared_ptr; std::ostream& operator<<(std::ostream& out, HealthState state); std::ostream& operator<<(std::ostream& out, HealthTransition changed_state); /** * Sink for health check event logs. */ class HealthCheckEventLogger { public: virtual ~HealthCheckEventLogger() = default; /** * Log an unhealthy host ejection event. * @param health_checker_type supplies the type of health checker that generated the event. * @param host supplies the host that generated the event. * @param failure_type supplies the type of health check failure. */ virtual void logEjectUnhealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type) PURE; /** * Log an unhealthy host event. * @param health_checker_type supplies the type of health checker that generated the event. * @param host supplies the host that generated the event. * @param failure_type supplies the type of health check failure. * @param first_check whether this is a failure on the first health check for this host. */ virtual void logUnhealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type, bool first_check) PURE; /** * Log a healthy host addition event. * @param health_checker_type supplies the type of health checker that generated the event. * @param host supplies the host that generated the event. * @param healthy_threshold supplied the configured healthy threshold for this health check. * @param first_check whether this is a fast path success on the first health check for this host. */ virtual void logAddHealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, bool first_check) PURE; /** * Log a degraded healthy host event. * @param health_checker_type supplies the type of health checker that generated the event. * @param host supplies the host that generated the event. */ virtual void logDegraded(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) PURE; /** * Log a no degraded healthy host event. * @param health_checker_type supplies the type of health checker that generated the event. * @param host supplies the host that generated the event. */ virtual void logNoLongerDegraded(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) PURE; }; using HealthCheckEventLoggerPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/host_description.h ================================================ #pragma once #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" #include "envoy/network/transport_socket.h" #include "envoy/stats/primitive_stats_macros.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/health_check_host_monitor.h" #include "envoy/upstream/outlier_detection.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Upstream { using MetadataConstSharedPtr = std::shared_ptr; /** * All per host stats. @see stats_macros.h * * {rq_success, rq_error} have specific semantics driven by the needs of EDS load reporting. See * envoy.api.v2.endpoint.UpstreamLocalityStats for the definitions of success/error. These are * latched by LoadStatsReporter, independent of the normal stats sink flushing. */ #define ALL_HOST_STATS(COUNTER, GAUGE) \ COUNTER(cx_connect_fail) \ COUNTER(cx_total) \ COUNTER(rq_error) \ COUNTER(rq_success) \ COUNTER(rq_timeout) \ COUNTER(rq_total) \ GAUGE(cx_active) \ GAUGE(rq_active) /** * All per host stats defined. @see stats_macros.h */ struct HostStats { ALL_HOST_STATS(GENERATE_PRIMITIVE_COUNTER_STRUCT, GENERATE_PRIMITIVE_GAUGE_STRUCT); // Provide access to name,counter pairs. std::vector> counters() const { return {ALL_HOST_STATS(PRIMITIVE_COUNTER_NAME_AND_REFERENCE, IGNORE_PRIMITIVE_GAUGE)}; } // Provide access to name,gauge pairs. std::vector> gauges() const { return {ALL_HOST_STATS(IGNORE_PRIMITIVE_COUNTER, PRIMITIVE_GAUGE_NAME_AND_REFERENCE)}; } }; class ClusterInfo; /** * A description of an upstream host. */ class HostDescription { public: virtual ~HostDescription() = default; /** * @return whether the host is a canary. */ virtual bool canary() const PURE; /** * Update the canary status of the host. */ virtual void canary(bool is_canary) PURE; /** * @return the metadata associated with this host */ virtual MetadataConstSharedPtr metadata() const PURE; /** * Set the current metadata. */ virtual void metadata(MetadataConstSharedPtr new_metadata) PURE; /** * @return the cluster the host is a member of. */ virtual const ClusterInfo& cluster() const PURE; /** * @return the host's outlier detection monitor. */ virtual Outlier::DetectorHostMonitor& outlierDetector() const PURE; /** * @return the host's health checker monitor. */ virtual HealthCheckHostMonitor& healthChecker() const PURE; /** * @return The hostname used as the host header for health checking. */ virtual const std::string& hostnameForHealthChecks() const PURE; /** * @return the hostname associated with the host if any. * Empty string "" indicates that hostname is not a DNS name. */ virtual const std::string& hostname() const PURE; /** * @return the transport socket factory responsible for this host. */ virtual Network::TransportSocketFactory& transportSocketFactory() const PURE; /** * @return the address used to connect to the host. */ virtual Network::Address::InstanceConstSharedPtr address() const PURE; /** * @return host specific stats. */ virtual HostStats& stats() const PURE; /** * @return the locality of the host (deployment specific). This will be the default instance if * unknown. */ virtual const envoy::config::core::v3::Locality& locality() const PURE; /** * @return the human readable name of the host's locality zone as a StatName. */ virtual Stats::StatName localityZoneStatName() const PURE; /** * @return the address used to health check the host. */ virtual Network::Address::InstanceConstSharedPtr healthCheckAddress() const PURE; /** * @return the priority of the host. */ virtual uint32_t priority() const PURE; /** * Set the current priority. */ virtual void priority(uint32_t) PURE; }; using HostDescriptionConstSharedPtr = std::shared_ptr; #define ALL_TRANSPORT_SOCKET_MATCH_STATS(COUNTER) COUNTER(total_match_count) /** * The stats for transport socket match. */ struct TransportSocketMatchStats { ALL_TRANSPORT_SOCKET_MATCH_STATS(GENERATE_COUNTER_STRUCT) }; /** * Library to determine what transport socket configuration to use for a given host. */ class TransportSocketMatcher { public: struct MatchData { MatchData(Network::TransportSocketFactory& factory, TransportSocketMatchStats& stats, std::string name) : factory_(factory), stats_(stats), name_(std::move(name)) {} Network::TransportSocketFactory& factory_; TransportSocketMatchStats& stats_; std::string name_; }; virtual ~TransportSocketMatcher() = default; /** * Resolve the transport socket configuration for a particular host. * @param metadata the metadata of the given host. * @return the match information of the transport socket selected. */ virtual MatchData resolve(const envoy::config::core::v3::Metadata* metadata) const PURE; }; using TransportSocketMatcherPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/load_balancer.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/network/transport_socket.h" #include "envoy/router/router.h" #include "envoy/upstream/types.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Upstream { /** * Context information passed to a load balancer to use when choosing a host. Not all load * balancers make use of all context information. */ class LoadBalancerContext { public: virtual ~LoadBalancerContext() = default; /** * Compute and return an optional hash key to use during load balancing. This * method may modify internal state so it should only be called once per * routing attempt. * @return absl::optional the optional hash key to use. */ virtual absl::optional computeHashKey() PURE; /** * @return Router::MetadataMatchCriteria* metadata for use in selecting a subset of hosts * during load balancing. */ virtual const Router::MetadataMatchCriteria* metadataMatchCriteria() PURE; /** * @return const Network::Connection* the incoming connection or nullptr to use during load * balancing. */ virtual const Network::Connection* downstreamConnection() const PURE; /** * @return const Http::HeaderMap* the incoming headers or nullptr to use during load * balancing. */ virtual const Http::RequestHeaderMap* downstreamHeaders() const PURE; /** * Called to retrieve a reference to the priority load data that should be used when selecting a * priority. Implementations may return the provided original reference to make no changes, or * return a reference to alternative PriorityLoad held internally. * * @param priority_state current priority state of the cluster being being load balanced. * @param original_priority_load the cached priority load for the cluster being load balanced. * @param priority_mapping_func see @Upstream::RetryPriority::PriorityMappingFunc. * @return a reference to the priority load data that should be used to select a priority. * */ virtual const HealthyAndDegradedLoad& determinePriorityLoad( const PrioritySet& priority_set, const HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc& priority_mapping_func) PURE; /** * Called to determine whether we should reperform host selection. The load balancer * will retry host selection until either this function returns true or hostSelectionRetryCount is * reached. */ virtual bool shouldSelectAnotherHost(const Host& host) PURE; /** * Called to determine how many times host selection should be retried until the filter is * ignored. */ virtual uint32_t hostSelectionRetryCount() const PURE; /** * Returns the set of socket options which should be applied on upstream connections */ virtual Network::Socket::OptionsSharedPtr upstreamSocketOptions() const PURE; /** * Returns the transport socket options which should be applied on upstream connections */ virtual Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const PURE; }; /** * Abstract load balancing interface. */ class LoadBalancer { public: virtual ~LoadBalancer() = default; /** * Ask the load balancer for the next host to use depending on the underlying LB algorithm. * @param context supplies the load balancer context. Not all load balancers make use of all * context information. Load balancers should be written to assume that context information * is missing and use sensible defaults. */ virtual HostConstSharedPtr chooseHost(LoadBalancerContext* context) PURE; /** * Returns a best effort prediction of the next host to be picked, or nullptr if not predictable. * Advances with subsequent calls, so while the first call will return the next host to be picked, * a subsequent call will return the second host to be picked. * @param context supplies the context which is used in host selection. */ virtual HostConstSharedPtr peekAnotherHost(LoadBalancerContext* context) PURE; }; using LoadBalancerPtr = std::unique_ptr; /** * Factory for load balancers. */ class LoadBalancerFactory { public: virtual ~LoadBalancerFactory() = default; /** * @return LoadBalancerPtr a new load balancer. */ virtual LoadBalancerPtr create() PURE; }; using LoadBalancerFactorySharedPtr = std::shared_ptr; /** * A thread aware load balancer is a load balancer that is global to all workers on behalf of a * cluster. These load balancers are harder to write so not every load balancer has to be one. * If a load balancer is a thread aware load balancer, the following semantics are used: * 1) A single instance is created on the main thread. * 2) The shared factory is passed to all workers. * 3) Every time there is a host set update on the main thread, all workers will create a new * worker local load balancer via the factory. * * The above semantics mean that any global state in the factory must be protected by appropriate * locks. Additionally, the factory *must not* refer back to the owning thread aware load * balancer. If a cluster is removed via CDS, the thread aware load balancer can be destroyed * before cluster destruction reaches each worker. See the ring hash load balancer for one * example of how this pattern is used in practice. The common expected pattern is that the * factory will be consuming shared immutable state from the main thread * * TODO(mattklein123): The reason that locking is used in the above threading model vs. pure TLS * has to do with the lack of a TLS function that does the following: * 1) Create a per-worker data structure on the main thread. E.g., allocate 4 objects for 4 * workers. * 2) Then fan those objects out to each worker. * With the existence of a function like that, the callback locking from the worker to the main * thread could be removed. We can look at this in a follow up. The reality though is that the * locking is currently only used to protect some small bits of data on host set update and will * never be contended. */ class ThreadAwareLoadBalancer { public: virtual ~ThreadAwareLoadBalancer() = default; /** * @return LoadBalancerFactorySharedPtr the shared factory to use for creating new worker local * load balancers. */ virtual LoadBalancerFactorySharedPtr factory() PURE; /** * When a thread aware load balancer is constructed, it should return nullptr for any created * load balancer chooseHost() calls. Once initialize is called, the load balancer should * instantiate any needed structured and prepare for further updates. The cluster manager * will do this at the appropriate time. */ virtual void initialize() PURE; }; using ThreadAwareLoadBalancerPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/load_balancer_type.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { /** * Type of load balancing to perform. */ enum class LoadBalancerType { RoundRobin, LeastRequest, Random, RingHash, OriginalDst, Maglev, ClusterProvided }; /** * Subset selector configuration */ class SubsetSelector { public: virtual ~SubsetSelector() = default; /** * @return keys defined for this selector */ virtual const std::set& selectorKeys() const PURE; /** * @return fallback policy defined for this selector, or NOT_DEFINED */ virtual envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallbackPolicy() const PURE; /** * @return fallback keys subset defined for this selector, or empty set */ virtual const std::set& fallbackKeysSubset() const PURE; virtual bool singleHostPerSubset() const PURE; }; using SubsetSelectorPtr = std::shared_ptr; /** * Load Balancer subset configuration. */ class LoadBalancerSubsetInfo { public: virtual ~LoadBalancerSubsetInfo() = default; /** * @return bool true if load balancer subsets are configured. */ virtual bool isEnabled() const PURE; /** * @return LbSubsetFallbackPolicy the fallback policy used when * route metadata does not match any subset. */ virtual envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetFallbackPolicy fallbackPolicy() const PURE; /** * @return ProtobufWkt::Struct the struct describing the metadata for a * host to be included in the default subset. */ virtual const ProtobufWkt::Struct& defaultSubset() const PURE; /* * @return const std:vector>& a vector of * sorted keys used to define load balancer subsets. */ virtual const std::vector& subsetSelectors() const PURE; /* * @return bool whether routing to subsets should take locality weights into account. */ virtual bool localityWeightAware() const PURE; /* * @return bool whether the locality weights should be scaled to compensate for the * fraction of hosts removed from the original host set. */ virtual bool scaleLocalityWeight() const PURE; /* * @return bool whether to attempt to select a host from the entire cluster if host * selection from the fallback subset fails. */ virtual bool panicModeAny() const PURE; /* * @return bool whether matching metadata should attempt to match against any of the * elements in a list value defined in endpoint metadata. */ virtual bool listAsAny() const PURE; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/locality.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Upstream { // We use a tuple representation for hashing/equality/comparison, since this // ensures we are not subject to proto nuances like unknown fields (e.g. from // original type information annotations). using LocalityTuple = std::tuple; struct LocalityHash { size_t operator()(const envoy::config::core::v3::Locality& locality) const { return absl::Hash()({locality.region(), locality.zone(), locality.sub_zone()}); } }; struct LocalityEqualTo { bool operator()(const envoy::config::core::v3::Locality& lhs, const envoy::config::core::v3::Locality& rhs) const { const LocalityTuple lhs_tuple = LocalityTuple(lhs.region(), lhs.zone(), lhs.sub_zone()); const LocalityTuple rhs_tuple = LocalityTuple(rhs.region(), rhs.zone(), rhs.sub_zone()); return lhs_tuple == rhs_tuple; } }; struct LocalityLess { bool operator()(const envoy::config::core::v3::Locality& lhs, const envoy::config::core::v3::Locality& rhs) const { const LocalityTuple lhs_tuple = LocalityTuple(lhs.region(), lhs.zone(), lhs.sub_zone()); const LocalityTuple rhs_tuple = LocalityTuple(rhs.region(), rhs.zone(), rhs.sub_zone()); return lhs_tuple < rhs_tuple; } }; // For tests etc. where this is convenient. static inline envoy::config::core::v3::Locality Locality(const std::string& region, const std::string& zone, const std::string sub_zone) { envoy::config::core::v3::Locality locality; locality.set_region(region); locality.set_zone(zone); locality.set_sub_zone(sub_zone); return locality; } } // namespace Upstream } // namespace Envoy // Something heinous this way comes. Required to allow == for LocalityWeightsMap.h in eds.h. namespace envoy { namespace config { namespace core { namespace v3 { inline bool operator==(const envoy::config::core::v3::Locality& x, const envoy::config::core::v3::Locality& y) { return Envoy::Upstream::LocalityEqualTo()(x, y); } } // namespace v3 } // namespace core } // namespace config } // namespace envoy ================================================ FILE: include/envoy/upstream/outlier_detection.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/data/cluster/v2alpha/outlier_detection_event.pb.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { class Host; using HostSharedPtr = std::shared_ptr; class HostDescription; using HostDescriptionConstSharedPtr = std::shared_ptr; namespace Outlier { /** * Non-HTTP result of requests/operations. */ enum class Result { // Local origin errors detected by Envoy. LocalOriginTimeout, // Timed out while connecting or executing a request. LocalOriginConnectFailed, // Remote host rejected the connection. LocalOriginConnectSuccess, // Successfully established a connection to upstream host. // Use this code when there is another protocol on top of // transport protocol. For example HTTP runs on top of tcp. // The same for redis. It first establishes TCP and then runs // a transaction. LocalOriginConnectSuccessFinal, // Successfully established a connection to upstream host // Use this code when there is no other protocol on top of the // protocol used by a filter. For example tcp_proxy filter // serves only tcp level. There is no other protocol on top of // tcp which the tcp_proxy filter is aware of. // The entries below only make sense when Envoy understands requests/responses for the // protocol being proxied. They do not make sense for TcpProxy, for example. // External origin errors. ExtOriginRequestFailed, // The server indicated it cannot process a request ExtOriginRequestSuccess // Request was completed successfully. }; /** * Monitor for per host data. Proxy filters should send pertinent data when available. */ class DetectorHostMonitor { public: // Types of Success Rate monitors. enum class SuccessRateMonitorType { ExternalOrigin, LocalOrigin }; virtual ~DetectorHostMonitor() = default; /** * @return the number of times this host has been ejected. */ virtual uint32_t numEjections() PURE; /** * Add an HTTP response code for a host. */ virtual void putHttpResponseCode(uint64_t code) PURE; /** * Add a non-HTTP result for a host. * Some non-HTTP codes like TIMEOUT may require special mapping to HTTP code * and such code may be passed as optional parameter. */ virtual void putResult(Result result, absl::optional code) PURE; /** * Wrapper around putResult with 2 params when mapping to HTTP code is not * required. */ void putResult(Result result) { putResult(result, absl::nullopt); } /** * Add a response time for a host (in this case response time is generic and might be used for * different operations including HTTP, Mongo, Redis, etc.). */ virtual void putResponseTime(std::chrono::milliseconds time) PURE; /** * Get the time of last ejection. * @return the last time this host was ejected, if the host has been ejected previously. */ virtual const absl::optional& lastEjectionTime() PURE; /** * Get the time of last unejection. * @return the last time this host was unejected, if the host has been unejected previously. */ virtual const absl::optional& lastUnejectionTime() PURE; /** * @return the success rate of the host in the last calculated interval, in the range 0-100. * -1 means that the host did not have enough request volume to calculate success rate * or the cluster did not have enough hosts to run through success rate outlier ejection. * @param type specifies for which Success Rate Monitor the success rate value should be returned. * If the outlier detector is configured not to split external and local origin errors, * ExternalOrigin type returns success rate for all types of errors: external and local * origin and LocalOrigin type returns -1. If the outlier detector is configured to split external * and local origin errors, ExternalOrigin type returns success rate for external origin errors * and LocalOrigin type returns success rate for local origin errors. */ virtual double successRate(SuccessRateMonitorType type) const PURE; }; using DetectorHostMonitorPtr = std::unique_ptr; /** * Interface for an outlier detection engine. Uses per host data to determine which hosts in a * cluster are outliers and should be ejected. */ class Detector { public: virtual ~Detector() = default; /** * Outlier detection change state callback. */ using ChangeStateCb = std::function; /** * Add a changed state callback to the detector. The callback will be called whenever any host * changes state (either ejected or brought back in) due to outlier status. */ virtual void addChangedStateCb(ChangeStateCb cb) PURE; /** * Returns the average success rate of the hosts in the Detector for the last aggregation * interval. * @return the average success rate, or -1 if there were not enough hosts with enough request * volume to proceed with success rate based outlier ejection. * @param type - see DetectorHostMonitor::successRate. */ virtual double successRateAverage(DetectorHostMonitor::SuccessRateMonitorType) const PURE; /** * Returns the success rate threshold used in the last interval. The threshold is used to eject * hosts based on their success rate. * @return the threshold, or -1 if there were not enough hosts with enough request volume to * proceed with success rate based outlier ejection. */ virtual double successRateEjectionThreshold(DetectorHostMonitor::SuccessRateMonitorType) const PURE; }; using DetectorSharedPtr = std::shared_ptr; /** * Sink for outlier detection event logs. */ class EventLogger { public: virtual ~EventLogger() = default; /** * Log an ejection event. * @param host supplies the host that generated the event. * @param detector supplies the detector that is doing the ejection. * @param type supplies the type of the event. * @param enforced is true if the ejection took place; false, if only logging took place. */ virtual void logEject(const HostDescriptionConstSharedPtr& host, Detector& detector, envoy::data::cluster::v2alpha::OutlierEjectionType type, bool enforced) PURE; /** * Log an unejection event. * @param host supplies the host that generated the event. */ virtual void logUneject(const HostDescriptionConstSharedPtr& host) PURE; }; using EventLoggerSharedPtr = std::shared_ptr; } // namespace Outlier } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/resource_manager.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "envoy/common/resource.h" namespace Envoy { namespace Upstream { /** * Resource priority classes. The parallel NumResourcePriorities constant allows defining fixed * arrays for each priority, but does not pollute the enum. */ enum class ResourcePriority { Default, High }; const size_t NumResourcePriorities = 2; /** * RAII wrapper that increments a resource on construction and decrements it on destruction. */ class ResourceAutoIncDec { public: ResourceAutoIncDec(ResourceLimit& resource) : resource_(resource) { resource_.inc(); } ~ResourceAutoIncDec() { resource_.dec(); } private: ResourceLimit& resource_; }; using ResourceAutoIncDecPtr = std::unique_ptr; /** * Global resource manager that loosely synchronizes maximum connections, pending requests, etc. * NOTE: Currently this is used on a per cluster basis. In the future we may consider also chaining * this with a global resource manager. */ class ResourceManager { public: virtual ~ResourceManager() = default; /** * @return ResourceLimit& active TCP connections and UDP sessions. */ virtual ResourceLimit& connections() PURE; /** * @return ResourceLimit& active pending requests (requests that have not yet been attached to a * connection pool connection). */ virtual ResourceLimit& pendingRequests() PURE; /** * @return ResourceLimit& active requests (requests that are currently bound to a connection pool * connection and are awaiting response). */ virtual ResourceLimit& requests() PURE; /** * @return ResourceLimit& active retries. */ virtual ResourceLimit& retries() PURE; /** * @return ResourceLimit& active connection pools. */ virtual ResourceLimit& connectionPools() PURE; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/retry.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/upstream/types.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Upstream { /** * Used to optionally modify the PriorityLoad when selecting a priority for * a retry attempt. * * Each RetryPriority will live throughout the lifetime of a request and updated * with attempted hosts through onHostAttempted. */ class RetryPriority { public: virtual ~RetryPriority() = default; /** * Function that maps a HostDescription to it's effective priority level in a cluster. * For most cluster types, the mapping is simply `return host.priority()`, but some * cluster types require more complex mapping. * @return either the effective priority, or absl::nullopt if the mapping cannot be determined, * which can happen if the host has been removed from the configurations since it was * used. */ using PriorityMappingFunc = std::function(const Upstream::HostDescription&)>; static absl::optional defaultPriorityMapping(const Upstream::HostDescription& host) { return host.priority(); } /** * Determines what PriorityLoad to use. * * @param priority_set current priority set of cluster. * @param original_priority_load the unmodified HealthAndDegradedLoad. * @param priority_mapping_func a callback to get the priority of a host that has * been attempted. This function may only be called on hosts that were * passed to calls to `onHostAttempted()` on this object. * @return HealthAndDegradedLoad load that should be used for the next retry. Return * original_priority_load if the original load should be used. a pointer to original_priority, * original_degraded_priority if no changes should be made. */ virtual const HealthyAndDegradedLoad& determinePriorityLoad(const PrioritySet& priority_set, const HealthyAndDegradedLoad& original_priority_load, const PriorityMappingFunc& priority_mapping_func) PURE; /** * Called after a host has been attempted but before host selection for the next attempt has * begun. * * @param attempted_host the host that was previously attempted. */ virtual void onHostAttempted(HostDescriptionConstSharedPtr attempted_host) PURE; }; using RetryPrioritySharedPtr = std::shared_ptr; /** * Used to decide whether a selected host should be rejected during retries. Host selection will be * reattempted until either the host predicate accepts the host or a configured max number of * attempts is reached. * * Each RetryHostPredicate will live throughout the lifetime of a request and updated * with attempted hosts through onHostAttempted. */ class RetryHostPredicate { public: virtual ~RetryHostPredicate() = default; /** * Determines whether a host should be rejected during host selection. * * @param candidate_host the host to either reject or accept. * @return whether the host should be rejected and host selection reattempted. */ virtual bool shouldSelectAnotherHost(const Host& candidate_host) PURE; /** * Called after a host has been attempted but before host selection for the next attempt has * begun. * * @param attempted_host the host that was previously attempted. */ virtual void onHostAttempted(HostDescriptionConstSharedPtr attempted_host) PURE; }; using RetryHostPredicateSharedPtr = std::shared_ptr; /** * Factory for RetryPriority. */ class RetryPriorityFactory : public Config::TypedFactory { public: ~RetryPriorityFactory() override = default; virtual RetryPrioritySharedPtr createRetryPriority(const Protobuf::Message& config, ProtobufMessage::ValidationVisitor& validation_visitor, uint32_t retry_count) PURE; std::string category() const override { return "envoy.retry_priorities"; } }; /** * Factory for RetryHostPredicate. */ class RetryHostPredicateFactory : public Config::TypedFactory { public: ~RetryHostPredicateFactory() override = default; virtual RetryHostPredicateSharedPtr createHostPredicate(const Protobuf::Message& config, uint32_t retry_count) PURE; std::string category() const override { return "envoy.retry_host_predicates"; } }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/thread_local_cluster.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace Upstream { /** * A thread local cluster instance that can be used for direct load balancing and host set * interactions. In general, an instance of ThreadLocalCluster can only be safely used in the * direct call context after it is retrieved from the cluster manager. See ClusterManager::get() * for more information. */ class ThreadLocalCluster { public: virtual ~ThreadLocalCluster() = default; /** * @return const PrioritySet& the backing priority set. */ virtual const PrioritySet& prioritySet() PURE; /** * @return ClusterInfoConstSharedPtr the info for this cluster. The info is safe to store beyond * the lifetime of the ThreadLocalCluster instance itself. */ virtual ClusterInfoConstSharedPtr info() PURE; /** * @return LoadBalancer& the backing load balancer. */ virtual LoadBalancer& loadBalancer() PURE; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/types.h ================================================ #pragma once #include #include #include "common/common/phantom.h" namespace Envoy { namespace Upstream { // Phantom type indicating that the type is related to load. struct Load {}; // Mapping from a priority to how much of the total traffic load should be directed to this // priority. For example, {50, 30, 20} means that 50% of traffic should go to P0, 30% to P1 // and 20% to P2. // // This should either sum to 100 or consist of all zeros. using PriorityLoad = Phantom, Load>; // PriorityLoad specific to degraded hosts. struct DegradedLoad : PriorityLoad { using PriorityLoad::PriorityLoad; }; // PriorityLoad specific to healthy hosts. struct HealthyLoad : PriorityLoad { using PriorityLoad::PriorityLoad; }; struct HealthyAndDegradedLoad { HealthyLoad healthy_priority_load_; DegradedLoad degraded_priority_load_; }; // Phantom type indicating that the type is related to host availability. struct Availability {}; // Mapping from a priority how available the given priority is, e.g., the ratio of healthy host to // total hosts. using PriorityAvailability = Phantom, Availability>; // Availability specific to degraded hosts. struct DegradedAvailability : PriorityAvailability { using PriorityAvailability::PriorityAvailability; }; // Availability specific to healthy hosts. struct HealthyAvailability : PriorityAvailability { using PriorityAvailability::PriorityAvailability; }; // Phantom type indicating that the type is related to healthy hosts. struct Healthy {}; // Phantom type indicating that the type is related to degraded hosts. struct Degraded {}; // Phantom type indicating that the type is related to excluded hosts. struct Excluded {}; } // namespace Upstream } // namespace Envoy ================================================ FILE: include/envoy/upstream/upstream.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/common/callback.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "envoy/ssl/context.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/upstream/health_check_host_monitor.h" #include "envoy/upstream/load_balancer_type.h" #include "envoy/upstream/locality.h" #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/types.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { /** * An upstream host. */ class Host : virtual public HostDescription { public: struct CreateConnectionData { Network::ClientConnectionPtr connection_; HostDescriptionConstSharedPtr host_description_; }; // We use an X-macro here to make it easier to verify that all the enum values are accounted for. // clang-format off #define HEALTH_FLAG_ENUM_VALUES(m) \ /* The host is currently failing active health checks. */ \ m(FAILED_ACTIVE_HC, 0x1) \ /* The host is currently considered an outlier and has been ejected. */ \ m(FAILED_OUTLIER_CHECK, 0x02) \ /* The host is currently marked as unhealthy by EDS. */ \ m(FAILED_EDS_HEALTH, 0x04) \ /* The host is currently marked as degraded through active health checking. */ \ m(DEGRADED_ACTIVE_HC, 0x08) \ /* The host is currently marked as degraded by EDS. */ \ m(DEGRADED_EDS_HEALTH, 0x10) \ /* The host is pending removal from discovery but is stabilized due to */ \ /* active HC. */ \ m(PENDING_DYNAMIC_REMOVAL, 0x20) \ /* The host is pending its initial active health check. */ \ m(PENDING_ACTIVE_HC, 0x40) // clang-format on #define DECLARE_ENUM(name, value) name = value, enum class HealthFlag { HEALTH_FLAG_ENUM_VALUES(DECLARE_ENUM) }; #undef DECLARE_ENUM enum class ActiveHealthFailureType { // The failure type is unknown, all hosts' failure types are initialized as UNKNOWN UNKNOWN, // The host is actively responding it's unhealthy UNHEALTHY, // The host is timing out TIMEOUT, }; /** * @return host specific counters. */ virtual std::vector> counters() const PURE; /** * Create a connection for this host. * @param dispatcher supplies the owning dispatcher. * @param options supplies the socket options that will be set on the new connection. * @param transport_socket_options supplies the transport options that will be set on the new * connection. * @return the connection data which includes the raw network connection as well as the *real* * host that backs it. The reason why a 2nd host is returned is that some hosts are * logical and wrap multiple real network destinations. In this case, a different host * will be returned along with the connection vs. the host the method was called on. * If it matters, callers should not assume that the returned host will be the same. */ virtual CreateConnectionData createConnection(Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) const PURE; /** * Create a health check connection for this host. * @param dispatcher supplies the owning dispatcher. * @param transport_socket_options supplies the transport options that will be set on the new * connection. * @return the connection data. */ virtual CreateConnectionData createHealthCheckConnection(Event::Dispatcher& dispatcher, Network::TransportSocketOptionsSharedPtr transport_socket_options, const envoy::config::core::v3::Metadata* metadata) const PURE; /** * @return host specific gauges. */ virtual std::vector> gauges() const PURE; /** * Atomically clear a health flag for a host. Flags are specified in HealthFlags. */ virtual void healthFlagClear(HealthFlag flag) PURE; /** * Atomically get whether a health flag is set for a host. Flags are specified in HealthFlags. */ virtual bool healthFlagGet(HealthFlag flag) const PURE; /** * Atomically set a health flag for a host. Flags are specified in HealthFlags. */ virtual void healthFlagSet(HealthFlag flag) PURE; enum class Health { /** * Host is unhealthy and is not able to serve traffic. A host may be marked as unhealthy either * through EDS or through active health checking. */ Unhealthy, /** * Host is healthy, but degraded. It is able to serve traffic, but hosts that aren't degraded * should be preferred. A host may be marked as degraded either through EDS or through active * health checking. */ Degraded, /** * Host is healthy and is able to serve traffic. */ Healthy, }; /** * @return the health of the host. */ virtual Health health() const PURE; /** * Returns the host's ActiveHealthFailureType. Types are specified in ActiveHealthFailureType. */ virtual ActiveHealthFailureType getActiveHealthFailureType() const PURE; /** * Set the most recent health failure type for a host. Types are specified in * ActiveHealthFailureType. */ virtual void setActiveHealthFailureType(ActiveHealthFailureType flag) PURE; /** * Set the host's health checker monitor. Monitors are assumed to be thread safe, however * a new monitor must be installed before the host is used across threads. Thus, * this routine should only be called on the main thread before the host is used across threads. */ virtual void setHealthChecker(HealthCheckHostMonitorPtr&& health_checker) PURE; /** * Set the host's outlier detector monitor. Outlier detector monitors are assumed to be thread * safe, however a new outlier detector monitor must be installed before the host is used across * threads. Thus, this routine should only be called on the main thread before the host is used * across threads. */ virtual void setOutlierDetector(Outlier::DetectorHostMonitorPtr&& outlier_detector) PURE; /** * @return the current load balancing weight of the host, in the range 1-128 (see * envoy.api.v2.endpoint.Endpoint.load_balancing_weight). */ virtual uint32_t weight() const PURE; /** * Set the current load balancing weight of the host, in the range 1-128 (see * envoy.api.v2.endpoint.Endpoint.load_balancing_weight). */ virtual void weight(uint32_t new_weight) PURE; /** * @return the current boolean value of host being in use. */ virtual bool used() const PURE; /** * @param new_used supplies the new value of host being in use to be stored. */ virtual void used(bool new_used) PURE; }; using HostConstSharedPtr = std::shared_ptr; using HostVector = std::vector; using HealthyHostVector = Phantom; using DegradedHostVector = Phantom; using ExcludedHostVector = Phantom; using HostMap = absl::node_hash_map; using HostVectorSharedPtr = std::shared_ptr; using HostVectorConstSharedPtr = std::shared_ptr; using HealthyHostVectorConstSharedPtr = std::shared_ptr; using DegradedHostVectorConstSharedPtr = std::shared_ptr; using ExcludedHostVectorConstSharedPtr = std::shared_ptr; using HostListPtr = std::unique_ptr; using LocalityWeightsMap = absl::node_hash_map; using PriorityState = std::vector>; /** * Bucket hosts by locality. */ class HostsPerLocality { public: virtual ~HostsPerLocality() = default; /** * @return bool is local locality one of the locality buckets? If so, the * local locality will be the first in the get() vector. */ virtual bool hasLocalLocality() const PURE; /** * @return const std::vector& list of hosts organized per * locality. The local locality is the first entry if * hasLocalLocality() is true. */ virtual const std::vector& get() const PURE; /** * Clone object with multiple filter predicates. Returns a vector of clones, each with host that * match the provided predicates. * @param predicates vector of predicates on Host entries. * @return vector of HostsPerLocalityConstSharedPtr clones of the HostsPerLocality that match * hosts according to predicates. */ virtual std::vector> filter(const std::vector>& predicates) const PURE; /** * Clone object. * @return HostsPerLocalityConstSharedPtr clone of the HostsPerLocality. */ std::shared_ptr clone() const { return filter({[](const Host&) { return true; }})[0]; } }; using HostsPerLocalitySharedPtr = std::shared_ptr; using HostsPerLocalityConstSharedPtr = std::shared_ptr; // Weight for each locality index in HostsPerLocality. using LocalityWeights = std::vector; using LocalityWeightsSharedPtr = std::shared_ptr; using LocalityWeightsConstSharedPtr = std::shared_ptr; /** * Base host set interface. This contains all of the endpoints for a given LocalityLbEndpoints * priority level. */ // TODO(snowp): Remove the const ref accessors in favor of the shared_ptr ones. class HostSet { public: virtual ~HostSet() = default; /** * @return all hosts that make up the set at the current time. */ virtual const HostVector& hosts() const PURE; /** * @return a shared ptr to the vector returned by hosts(). */ virtual HostVectorConstSharedPtr hostsPtr() const PURE; /** * @return all healthy hosts contained in the set at the current time. NOTE: This set is * eventually consistent. There is a time window where a host in this set may become * unhealthy and calling healthy() on it will return false. Code should be written to * deal with this case if it matters. */ virtual const HostVector& healthyHosts() const PURE; /** * @return a shared ptr to the vector returned by healthyHosts(). */ virtual HealthyHostVectorConstSharedPtr healthyHostsPtr() const PURE; /** * @return all degraded hosts contained in the set at the current time. NOTE: This set is * eventually consistent. There is a time window where a host in this set may become * undegraded and calling degraded() on it will return false. Code should be written to * deal with this case if it matters. */ virtual const HostVector& degradedHosts() const PURE; /** * @return a shared ptr to the vector returned by degradedHosts(). */ virtual DegradedHostVectorConstSharedPtr degradedHostsPtr() const PURE; /* * @return all excluded hosts contained in the set at the current time. Excluded hosts should be * ignored when computing load balancing weights, but may overlap with hosts in hosts(). */ virtual const HostVector& excludedHosts() const PURE; /** * @return a shared ptr to the vector returned by excludedHosts(). */ virtual ExcludedHostVectorConstSharedPtr excludedHostsPtr() const PURE; /** * @return hosts per locality. */ virtual const HostsPerLocality& hostsPerLocality() const PURE; /** * @return a shared ptr to the HostsPerLocality returned by hostsPerLocality(). */ virtual HostsPerLocalityConstSharedPtr hostsPerLocalityPtr() const PURE; /** * @return same as hostsPerLocality but only contains healthy hosts. */ virtual const HostsPerLocality& healthyHostsPerLocality() const PURE; /** * @return a shared ptr to the HostsPerLocality returned by healthyHostsPerLocality(). */ virtual HostsPerLocalityConstSharedPtr healthyHostsPerLocalityPtr() const PURE; /** * @return same as hostsPerLocality but only contains degraded hosts. */ virtual const HostsPerLocality& degradedHostsPerLocality() const PURE; /** * @return a shared ptr to the HostsPerLocality returned by degradedHostsPerLocality(). */ virtual HostsPerLocalityConstSharedPtr degradedHostsPerLocalityPtr() const PURE; /** * @return same as hostsPerLocality but only contains excluded hosts. */ virtual const HostsPerLocality& excludedHostsPerLocality() const PURE; /** * @return a shared ptr to the HostsPerLocality returned by excludedHostsPerLocality(). */ virtual HostsPerLocalityConstSharedPtr excludedHostsPerLocalityPtr() const PURE; /** * @return weights for each locality in the host set. */ virtual LocalityWeightsConstSharedPtr localityWeights() const PURE; /** * @return next locality index to route to if performing locality weighted balancing * against healthy hosts. */ virtual absl::optional chooseHealthyLocality() PURE; /** * @return next locality index to route to if performing locality weighted balancing * against degraded hosts. */ virtual absl::optional chooseDegradedLocality() PURE; /** * @return uint32_t the priority of this host set. */ virtual uint32_t priority() const PURE; /** * @return uint32_t the overprovisioning factor of this host set. */ virtual uint32_t overprovisioningFactor() const PURE; }; using HostSetPtr = std::unique_ptr; /** * This class contains all of the HostSets for a given cluster grouped by priority, for * ease of load balancing. */ class PrioritySet { public: using MemberUpdateCb = std::function; using PriorityUpdateCb = std::function; virtual ~PrioritySet() = default; /** * Install a callback that will be invoked when any of the HostSets in the PrioritySet changes. * hosts_added and hosts_removed will only be populated when a host is added or completely removed * from the PrioritySet. * This includes when a new HostSet is created. * * @param callback supplies the callback to invoke. * @return Common::CallbackHandle* a handle which can be used to unregister the callback. */ virtual Common::CallbackHandle* addMemberUpdateCb(MemberUpdateCb callback) const PURE; /** * Install a callback that will be invoked when a host set changes. Triggers when any change * happens to the hosts within the host set. If hosts are added/removed from the host set, the * added/removed hosts will be passed to the callback. * * @param callback supplies the callback to invoke. * @return Common::CallbackHandle* a handle which can be used to unregister the callback. */ virtual Common::CallbackHandle* addPriorityUpdateCb(PriorityUpdateCb callback) const PURE; /** * @return const std::vector& the host sets, ordered by priority. */ virtual const std::vector& hostSetsPerPriority() const PURE; /** * Parameter class for updateHosts. */ struct UpdateHostsParams { HostVectorConstSharedPtr hosts; HealthyHostVectorConstSharedPtr healthy_hosts; DegradedHostVectorConstSharedPtr degraded_hosts; ExcludedHostVectorConstSharedPtr excluded_hosts; HostsPerLocalityConstSharedPtr hosts_per_locality; HostsPerLocalityConstSharedPtr healthy_hosts_per_locality; HostsPerLocalityConstSharedPtr degraded_hosts_per_locality; HostsPerLocalityConstSharedPtr excluded_hosts_per_locality; }; /** * Updates the hosts in a given host set. * * @param priority the priority of the host set to update. * @param update_hosts_param supplies the list of hosts and hosts per locality. * @param locality_weights supplies a map from locality to associated weight. * @param hosts_added supplies the hosts added since the last update. * @param hosts_removed supplies the hosts removed since the last update. * @param overprovisioning_factor if presents, overwrites the current overprovisioning_factor. */ virtual void updateHosts(uint32_t priority, UpdateHostsParams&& update_host_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) PURE; /** * Callback provided during batch updates that can be used to update hosts. */ class HostUpdateCb { public: virtual ~HostUpdateCb() = default; /** * Updates the hosts in a given host set. * * @param priority the priority of the host set to update. * @param update_hosts_param supplies the list of hosts and hosts per locality. * @param locality_weights supplies a map from locality to associated weight. * @param hosts_added supplies the hosts added since the last update. * @param hosts_removed supplies the hosts removed since the last update. * @param overprovisioning_factor if presents, overwrites the current overprovisioning_factor. */ virtual void updateHosts(uint32_t priority, UpdateHostsParams&& update_host_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) PURE; }; /** * Callback that provides the mechanism for performing batch host updates for a PrioritySet. */ class BatchUpdateCb { public: virtual ~BatchUpdateCb() = default; /** * Performs a batch host update. Implementors should use the provided callback to update hosts * in the PrioritySet. */ virtual void batchUpdate(HostUpdateCb& host_update_cb) PURE; }; /** * Allows updating hosts for multiple priorities at once, deferring the MemberUpdateCb from * triggering until all priorities have been updated. The resulting callback will take into * account hosts moved from one priority to another. * * @param callback callback to use to add hosts. */ virtual void batchHostUpdate(BatchUpdateCb& callback) PURE; }; /** * All cluster stats. @see stats_macros.h */ #define ALL_CLUSTER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(assignment_stale) \ COUNTER(assignment_timeout_received) \ COUNTER(bind_errors) \ COUNTER(lb_healthy_panic) \ COUNTER(lb_local_cluster_not_ok) \ COUNTER(lb_recalculate_zone_structures) \ COUNTER(lb_subsets_created) \ COUNTER(lb_subsets_fallback) \ COUNTER(lb_subsets_fallback_panic) \ COUNTER(lb_subsets_removed) \ COUNTER(lb_subsets_selected) \ COUNTER(lb_zone_cluster_too_small) \ COUNTER(lb_zone_no_capacity_left) \ COUNTER(lb_zone_number_differs) \ COUNTER(lb_zone_routing_all_directly) \ COUNTER(lb_zone_routing_cross_zone) \ COUNTER(lb_zone_routing_sampled) \ COUNTER(membership_change) \ COUNTER(original_dst_host_invalid) \ COUNTER(retry_or_shadow_abandoned) \ COUNTER(update_attempt) \ COUNTER(update_empty) \ COUNTER(update_failure) \ COUNTER(update_no_rebuild) \ COUNTER(update_success) \ COUNTER(upstream_cx_close_notify) \ COUNTER(upstream_cx_connect_attempts_exceeded) \ COUNTER(upstream_cx_connect_fail) \ COUNTER(upstream_cx_connect_timeout) \ COUNTER(upstream_cx_destroy) \ COUNTER(upstream_cx_destroy_local) \ COUNTER(upstream_cx_destroy_local_with_active_rq) \ COUNTER(upstream_cx_destroy_remote) \ COUNTER(upstream_cx_destroy_remote_with_active_rq) \ COUNTER(upstream_cx_destroy_with_active_rq) \ COUNTER(upstream_cx_http1_total) \ COUNTER(upstream_cx_http2_total) \ COUNTER(upstream_cx_idle_timeout) \ COUNTER(upstream_cx_max_requests) \ COUNTER(upstream_cx_none_healthy) \ COUNTER(upstream_cx_overflow) \ COUNTER(upstream_cx_pool_overflow) \ COUNTER(upstream_cx_protocol_error) \ COUNTER(upstream_cx_rx_bytes_total) \ COUNTER(upstream_cx_total) \ COUNTER(upstream_cx_tx_bytes_total) \ COUNTER(upstream_flow_control_backed_up_total) \ COUNTER(upstream_flow_control_drained_total) \ COUNTER(upstream_flow_control_paused_reading_total) \ COUNTER(upstream_flow_control_resumed_reading_total) \ COUNTER(upstream_internal_redirect_failed_total) \ COUNTER(upstream_internal_redirect_succeeded_total) \ COUNTER(upstream_rq_cancelled) \ COUNTER(upstream_rq_completed) \ COUNTER(upstream_rq_maintenance_mode) \ COUNTER(upstream_rq_max_duration_reached) \ COUNTER(upstream_rq_pending_failure_eject) \ COUNTER(upstream_rq_pending_overflow) \ COUNTER(upstream_rq_pending_total) \ COUNTER(upstream_rq_per_try_timeout) \ COUNTER(upstream_rq_retry) \ COUNTER(upstream_rq_retry_backoff_exponential) \ COUNTER(upstream_rq_retry_backoff_ratelimited) \ COUNTER(upstream_rq_retry_limit_exceeded) \ COUNTER(upstream_rq_retry_overflow) \ COUNTER(upstream_rq_retry_success) \ COUNTER(upstream_rq_rx_reset) \ COUNTER(upstream_rq_timeout) \ COUNTER(upstream_rq_total) \ COUNTER(upstream_rq_tx_reset) \ GAUGE(lb_subsets_active, Accumulate) \ GAUGE(max_host_weight, NeverImport) \ GAUGE(membership_degraded, NeverImport) \ GAUGE(membership_excluded, NeverImport) \ GAUGE(membership_healthy, NeverImport) \ GAUGE(membership_total, NeverImport) \ GAUGE(upstream_cx_active, Accumulate) \ GAUGE(upstream_cx_rx_bytes_buffered, Accumulate) \ GAUGE(upstream_cx_tx_bytes_buffered, Accumulate) \ GAUGE(upstream_rq_active, Accumulate) \ GAUGE(upstream_rq_pending_active, Accumulate) \ GAUGE(version, NeverImport) \ HISTOGRAM(upstream_cx_connect_ms, Milliseconds) \ HISTOGRAM(upstream_cx_length_ms, Milliseconds) /** * All cluster load report stats. These are only use for EDS load reporting and not sent to the * stats sink. See envoy.api.v2.endpoint.ClusterStats for the definition of upstream_rq_dropped. * These are latched by LoadStatsReporter, independent of the normal stats sink flushing. */ #define ALL_CLUSTER_LOAD_REPORT_STATS(COUNTER) COUNTER(upstream_rq_dropped) /** * Cluster circuit breakers stats. Open circuit breaker stats and remaining resource stats * can be handled differently by passing in different macros. */ #define ALL_CLUSTER_CIRCUIT_BREAKERS_STATS(OPEN_GAUGE, REMAINING_GAUGE) \ OPEN_GAUGE(cx_open, Accumulate) \ OPEN_GAUGE(cx_pool_open, Accumulate) \ OPEN_GAUGE(rq_open, Accumulate) \ OPEN_GAUGE(rq_pending_open, Accumulate) \ OPEN_GAUGE(rq_retry_open, Accumulate) \ REMAINING_GAUGE(remaining_cx, Accumulate) \ REMAINING_GAUGE(remaining_cx_pools, Accumulate) \ REMAINING_GAUGE(remaining_pending, Accumulate) \ REMAINING_GAUGE(remaining_retries, Accumulate) \ REMAINING_GAUGE(remaining_rq, Accumulate) /** * All stats tracking request/response headers and body sizes. Not used by default. */ #define ALL_CLUSTER_REQUEST_RESPONSE_SIZE_STATS(HISTOGRAM) \ HISTOGRAM(upstream_rq_headers_size, Bytes) \ HISTOGRAM(upstream_rq_body_size, Bytes) \ HISTOGRAM(upstream_rs_headers_size, Bytes) \ HISTOGRAM(upstream_rs_body_size, Bytes) /** * All stats around timeout budgets. Not used by default. */ #define ALL_CLUSTER_TIMEOUT_BUDGET_STATS(HISTOGRAM) \ HISTOGRAM(upstream_rq_timeout_budget_percent_used, Unspecified) \ HISTOGRAM(upstream_rq_timeout_budget_per_try_percent_used, Unspecified) /** * Struct definition for all cluster stats. @see stats_macros.h */ struct ClusterStats { ALL_CLUSTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; /** * Struct definition for all cluster load report stats. @see stats_macros.h */ struct ClusterLoadReportStats { ALL_CLUSTER_LOAD_REPORT_STATS(GENERATE_COUNTER_STRUCT) }; /** * Struct definition for cluster circuit breakers stats. @see stats_macros.h */ struct ClusterCircuitBreakersStats { ALL_CLUSTER_CIRCUIT_BREAKERS_STATS(GENERATE_GAUGE_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Struct definition for cluster timeout budget stats. @see stats_macros.h */ struct ClusterRequestResponseSizeStats { ALL_CLUSTER_REQUEST_RESPONSE_SIZE_STATS(GENERATE_HISTOGRAM_STRUCT) }; using ClusterRequestResponseSizeStatsPtr = std::unique_ptr; using ClusterRequestResponseSizeStatsOptRef = absl::optional>; /** * Struct definition for cluster timeout budget stats. @see stats_macros.h */ struct ClusterTimeoutBudgetStats { ALL_CLUSTER_TIMEOUT_BUDGET_STATS(GENERATE_HISTOGRAM_STRUCT) }; using ClusterTimeoutBudgetStatsPtr = std::unique_ptr; using ClusterTimeoutBudgetStatsOptRef = absl::optional>; /** * All extension protocol specific options returned by the method at * NamedNetworkFilterConfigFactory::createProtocolOptions * must be derived from this class. */ class ProtocolOptionsConfig { public: virtual ~ProtocolOptionsConfig() = default; }; using ProtocolOptionsConfigConstSharedPtr = std::shared_ptr; /** * Base class for all cluster typed metadata factory. */ class ClusterTypedMetadataFactory : public Envoy::Config::TypedMetadataFactory {}; /** * Information about a given upstream cluster. */ class ClusterInfo { public: struct Features { // Whether the upstream supports HTTP2. This is used when creating connection pools. static const uint64_t HTTP2 = 0x1; // Use the downstream protocol (HTTP1.1, HTTP2) for upstream connections as well, if available. // This is used when creating connection pools. static const uint64_t USE_DOWNSTREAM_PROTOCOL = 0x2; // Whether connections should be immediately closed upon health failure. static const uint64_t CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE = 0x4; }; virtual ~ClusterInfo() = default; /** * @return bool whether the cluster was added via API (if false the cluster was present in the * initial configuration and cannot be removed or updated). */ virtual bool addedViaApi() const PURE; /** * @return the connect timeout for upstream hosts that belong to this cluster. */ virtual std::chrono::milliseconds connectTimeout() const PURE; /** * @return the idle timeout for upstream connection pool connections. */ virtual const absl::optional idleTimeout() const PURE; /** * @return how many streams should be anticipated per each current stream. */ virtual float perUpstreamPrefetchRatio() const PURE; /** * @return how many streams should be anticipated per each current stream. */ virtual float peekaheadRatio() const PURE; /** * @return soft limit on size of the cluster's connections read and write buffers. */ virtual uint32_t perConnectionBufferLimitBytes() const PURE; /** * @return uint64_t features supported by the cluster. @see Features. */ virtual uint64_t features() const PURE; /** * @return const Http::Http1Settings& for HTTP/1.1 connections created on behalf of this cluster. * @see Http::Http1Settings. */ virtual const Http::Http1Settings& http1Settings() const PURE; /** * @return const envoy::config::core::v3::Http2ProtocolOptions& for HTTP/2 connections * created on behalf of this cluster. * @see envoy::config::core::v3::Http2ProtocolOptions. */ virtual const envoy::config::core::v3::Http2ProtocolOptions& http2Options() const PURE; /** * @return const envoy::config::core::v3::HttpProtocolOptions for all of HTTP versions. */ virtual const envoy::config::core::v3::HttpProtocolOptions& commonHttpProtocolOptions() const PURE; /** * @param name std::string containing the well-known name of the extension for which protocol * options are desired * @return std::shared_ptr where Derived is a subclass of ProtocolOptionsConfig * and contains extension-specific protocol options for upstream connections. */ template const std::shared_ptr extensionProtocolOptionsTyped(const std::string& name) const { return std::dynamic_pointer_cast(extensionProtocolOptions(name)); } /** * @return const envoy::config::cluster::v3::Cluster::CommonLbConfig& the common configuration for * all load balancers for this cluster. */ virtual const envoy::config::cluster::v3::Cluster::CommonLbConfig& lbConfig() const PURE; /** * @return the type of load balancing that the cluster should use. */ virtual LoadBalancerType lbType() const PURE; /** * @return the service discovery type to use for resolving the cluster. */ virtual envoy::config::cluster::v3::Cluster::DiscoveryType type() const PURE; /** * @return the type of cluster, only used for custom discovery types. */ virtual const absl::optional& clusterType() const PURE; /** * @return configuration for least request load balancing, only used if LB type is least request. */ virtual const absl::optional& lbLeastRequestConfig() const PURE; /** * @return configuration for ring hash load balancing, only used if type is set to ring_hash_lb. */ virtual const absl::optional& lbRingHashConfig() const PURE; /** * @return configuration for maglev load balancing, only used if type is set to maglev_lb. */ virtual const absl::optional& lbMaglevConfig() const PURE; /** * @return const absl::optional& the * configuration for the Original Destination load balancing policy, only used if type is set to * ORIGINAL_DST_LB. */ virtual const absl::optional& lbOriginalDstConfig() const PURE; /** * @return const absl::optional& the configuration * for the upstream, if a custom upstream is configured. */ virtual const absl::optional& upstreamConfig() const PURE; /** * @return Whether the cluster is currently in maintenance mode and should not be routed to. * Different filters may handle this situation in different ways. The implementation * of this routine is typically based on randomness and may not return the same answer * on each call. */ virtual bool maintenanceMode() const PURE; /** * @return uint64_t the maximum number of outbound requests that a connection pool will make on * each upstream connection. This can be used to increase spread if the backends cannot * tolerate imbalance. 0 indicates no maximum. */ virtual uint64_t maxRequestsPerConnection() const PURE; /** * @return uint32_t the maximum number of response headers. The default value is 100. Results in a * reset if the number of headers exceeds this value. */ virtual uint32_t maxResponseHeadersCount() const PURE; /** * @return the human readable name of the cluster. */ virtual const std::string& name() const PURE; /** * @return ResourceManager& the resource manager to use by proxy agents for this cluster (at * a particular priority). */ virtual ResourceManager& resourceManager(ResourcePriority priority) const PURE; /** * @return TransportSocketMatcher& the transport socket matcher associated * factory. */ virtual TransportSocketMatcher& transportSocketMatcher() const PURE; /** * @return ClusterStats& strongly named stats for this cluster. */ virtual ClusterStats& stats() const PURE; /** * @return the stats scope that contains all cluster stats. This can be used to produce dynamic * stats that will be freed when the cluster is removed. */ virtual Stats::Scope& statsScope() const PURE; /** * @return ClusterLoadReportStats& strongly named load report stats for this cluster. */ virtual ClusterLoadReportStats& loadReportStats() const PURE; /** * @return absl::optional> stats to track * headers/body sizes of request/response for this cluster. */ virtual ClusterRequestResponseSizeStatsOptRef requestResponseSizeStats() const PURE; /** * @return absl::optional> stats on timeout * budgets for this cluster. */ virtual ClusterTimeoutBudgetStatsOptRef timeoutBudgetStats() const PURE; /** * Returns an optional source address for upstream connections to bind to. * * @return a source address to bind to or nullptr if no bind need occur. */ virtual const Network::Address::InstanceConstSharedPtr& sourceAddress() const PURE; /** * @return the configuration for load balancer subsets. */ virtual const LoadBalancerSubsetInfo& lbSubsetInfo() const PURE; /** * @return const envoy::config::core::v3::Metadata& the configuration metadata for this cluster. */ virtual const envoy::config::core::v3::Metadata& metadata() const PURE; /** * @return const Envoy::Config::TypedMetadata&& the typed metadata for this cluster. */ virtual const Envoy::Config::TypedMetadata& typedMetadata() const PURE; /** * * @return const Network::ConnectionSocket::OptionsSharedPtr& socket options for all * connections for this cluster. */ virtual const Network::ConnectionSocket::OptionsSharedPtr& clusterSocketOptions() const PURE; /** * @return whether to skip waiting for health checking before draining connections * after a host is removed from service discovery. */ virtual bool drainConnectionsOnHostRemoval() const PURE; /** * @return whether to create a new connection pool for each downstream connection routed to * the cluster */ virtual bool connectionPoolPerDownstreamConnection() const PURE; /** * @return true if this cluster is configured to ignore hosts for the purpose of load balancing * computations until they have been health checked for the first time. */ virtual bool warmHosts() const PURE; /** * @return eds cluster service_name of the cluster. */ virtual absl::optional edsServiceName() const PURE; /** * Create network filters on a new upstream connection. */ virtual void createNetworkFilterChain(Network::Connection& connection) const PURE; /** * Calculate upstream protocol based on features. */ virtual Http::Protocol upstreamHttpProtocol(absl::optional downstream_protocol) const PURE; /** * @return http protocol options for upstream connection */ virtual const absl::optional& upstreamHttpProtocolOptions() const PURE; /** * @return the Http1 Codec Stats. */ virtual Http::Http1::CodecStats& http1CodecStats() const PURE; /** * @return the Http2 Codec Stats. */ virtual Http::Http2::CodecStats& http2CodecStats() const PURE; protected: /** * Invoked by extensionProtocolOptionsTyped. * @param name std::string containing the well-known name of the extension for which protocol * options are desired * @return ProtocolOptionsConfigConstSharedPtr with extension-specific protocol options for * upstream connections. */ virtual ProtocolOptionsConfigConstSharedPtr extensionProtocolOptions(const std::string& name) const PURE; }; using ClusterInfoConstSharedPtr = std::shared_ptr; class HealthChecker; /** * An upstream cluster (group of hosts). This class is the "primary" singleton cluster used amongst * all forwarding threads/workers. Individual HostSets are used on the workers themselves. */ class Cluster { public: virtual ~Cluster() = default; enum class InitializePhase { Primary, Secondary }; /** * @return a pointer to the cluster's health checker. If a health checker has not been installed, * returns nullptr. */ virtual HealthChecker* healthChecker() PURE; /** * @return the information about this upstream cluster. */ virtual ClusterInfoConstSharedPtr info() const PURE; /** * @return a pointer to the cluster's outlier detector. If an outlier detector has not been * installed, returns nullptr. */ virtual Outlier::Detector* outlierDetector() PURE; virtual const Outlier::Detector* outlierDetector() const PURE; /** * Initialize the cluster. This will be called either immediately at creation or after all primary * clusters have been initialized (determined via initializePhase()). * @param callback supplies a callback that will be invoked after the cluster has undergone first * time initialization. E.g., for a dynamic DNS cluster the initialize callback will be * called when initial DNS resolution is complete. */ virtual void initialize(std::function callback) PURE; /** * @return the phase in which the cluster is initialized at boot. This mechanism is used such that * clusters that depend on other clusters can correctly initialize. (E.g., an EDS cluster * that depends on resolution of the EDS server itself). */ virtual InitializePhase initializePhase() const PURE; /** * @return the PrioritySet for the cluster. */ virtual PrioritySet& prioritySet() PURE; /** * @return the const PrioritySet for the cluster. */ virtual const PrioritySet& prioritySet() const PURE; }; using ClusterSharedPtr = std::shared_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: repokitteh.star ================================================ pin("github.com/repokitteh/modules", "4ee2ed0c3622aad7fcddc04cb5dc866e44a541e6") use("github.com/repokitteh/modules/assign.star") use("github.com/repokitteh/modules/review.star") use("github.com/repokitteh/modules/wait.star") use("github.com/repokitteh/modules/circleci.star", secret_token=get_secret('circle_token')) use("github.com/envoyproxy/envoy/ci/repokitteh/modules/azure_pipelines.star", secret_token=get_secret('azp_token')) use( "github.com/envoyproxy/envoy/ci/repokitteh/modules/ownerscheck.star", paths=[ { "owner": "envoyproxy/api-shepherds!", "path": "(api/envoy[\w/]*/(v1alpha\d?|v1|v2alpha\d?|v2))|(api/envoy/type/(matcher/)?\w+.proto)", "label": "v2-freeze", "allow_global_approval": False, "github_status_label": "v2 freeze violations", }, { "owner": "envoyproxy/api-shepherds!", "path": "api/envoy/", "label": "api", "github_status_label": "any API change", }, { "owner": "envoyproxy/api-watchers", "path": "api/envoy/", }, { "owner": "envoyproxy/dependency-watchers", "path": "(bazel/repository_locations\.bzl)|(api/bazel/repository_locations\.bzl)|(.*/requirements\.txt)", }, ], ) alias('retest-circle', 'retry-circle') alias('retest', 'retry-azp') def _backport(): github.issue_label('backport/review') handlers.command(name='backport', func=_backport) ================================================ FILE: restarter/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() exports_files([ "hot-restarter.py", ]) ================================================ FILE: restarter/hot-restarter.py ================================================ #!/usr/bin/env python from __future__ import print_function import os import signal import sys import time # The number of seconds to wait for children to gracefully exit after # propagating SIGTERM before force killing children. # NOTE: If using a shutdown mechanism such as runit's `force-stop` which sends # a KILL after a specified timeout period, it's important to ensure that this # constant is smaller than the KILL timeout TERM_WAIT_SECONDS = 30 restart_epoch = 0 pid_list = [] def term_all_children(): """ Iterate through all known child processes, send a TERM signal to each of them, and then wait up to TERM_WAIT_SECONDS for them to exit gracefully, exiting early if all children go away. If one or more children have not exited after TERM_WAIT_SECONDS, they will be forcibly killed """ # First uninstall the SIGCHLD handler so that we don't get called again. signal.signal(signal.SIGCHLD, signal.SIG_DFL) global pid_list for pid in pid_list: print("sending TERM to PID={}".format(pid)) try: os.kill(pid, signal.SIGTERM) except OSError: print("error sending TERM to PID={} continuing".format(pid)) all_exited = False # wait for TERM_WAIT_SECONDS seconds for children to exit cleanly retries = 0 while not all_exited and retries < TERM_WAIT_SECONDS: for pid in list(pid_list): ret_pid, exit_status = os.waitpid(pid, os.WNOHANG) if ret_pid == 0 and exit_status == 0: # the child is still running continue pid_list.remove(pid) if len(pid_list) == 0: all_exited = True else: retries += 1 time.sleep(1) if all_exited: print("all children exited cleanly") else: for pid in pid_list: print("child PID={} did not exit cleanly, killing".format(pid)) force_kill_all_children() sys.exit(1) # error status because a child did not exit cleanly def force_kill_all_children(): """ Iterate through all known child processes and force kill them. Typically term_all_children() should be attempted first to give child processes an opportunity to clean up state before exiting """ global pid_list for pid in pid_list: print("force killing PID={}".format(pid)) try: os.kill(pid, signal.SIGKILL) except OSError: print("error force killing PID={} continuing".format(pid)) pid_list = [] def shutdown(): """ Attempt to gracefully shutdown all child Envoy processes and then exit. See term_all_children() for further discussion. """ term_all_children() sys.exit(0) def sigterm_handler(signum, frame): """ Handler for SIGTERM. """ print("got SIGTERM") shutdown() def sigint_handler(signum, frame): """ Handler for SIGINT (ctrl-c). The same as the SIGTERM handler. """ print("got SIGINT") shutdown() def sighup_handler(signum, frame): """ Handler for SIGHUP. This signal is used to cause the restarter to fork and exec a new child. """ print("got SIGHUP") fork_and_exec() def sigusr1_handler(signum, frame): """ Handler for SIGUSR1. Propagate SIGUSR1 to all of the child processes """ global pid_list for pid in pid_list: print("sending SIGUSR1 to PID={}".format(pid)) try: os.kill(pid, signal.SIGUSR1) except OSError: print("error in SIGUSR1 to PID={} continuing".format(pid)) def sigchld_handler(signum, frame): """ Handler for SIGCHLD. Iterates through all of our known child processes and figures out whether the signal/exit was expected or not. Python doesn't have any of the native signal handlers ability to get the child process info directly from the signal handler so we need to iterate through all child processes and see what happened.""" print("got SIGCHLD") kill_all_and_exit = False global pid_list pid_list_copy = list(pid_list) for pid in pid_list_copy: ret_pid, exit_status = os.waitpid(pid, os.WNOHANG) if ret_pid == 0 and exit_status == 0: # This child is still running. continue pid_list.remove(pid) # Now we see how the child exited. if os.WIFEXITED(exit_status): exit_code = os.WEXITSTATUS(exit_status) print("PID={} exited with code={}".format(ret_pid, exit_code)) if exit_code == 0: # Normal exit. We assume this was on purpose. pass else: # Something bad happened. We need to tear everything down so that whoever started the # restarter can know about this situation and restart the whole thing. kill_all_and_exit = True elif os.WIFSIGNALED(exit_status): print("PID={} was killed with signal={}".format(ret_pid, os.WTERMSIG(exit_status))) kill_all_and_exit = True else: kill_all_and_exit = True if kill_all_and_exit: print("Due to abnormal exit, force killing all child processes and exiting") # First uninstall the SIGCHLD handler so that we don't get called again. signal.signal(signal.SIGCHLD, signal.SIG_DFL) force_kill_all_children() # Our last child died, so we have no purpose. Exit. if not pid_list: print("exiting due to lack of child processes") sys.exit(1 if kill_all_and_exit else 0) def fork_and_exec(): """ This routine forks and execs a new child process and keeps track of its PID. Before we fork, set the current restart epoch in an env variable that processes can read if they care. """ global restart_epoch os.environ['RESTART_EPOCH'] = str(restart_epoch) print("forking and execing new child process at epoch {}".format(restart_epoch)) restart_epoch += 1 child_pid = os.fork() if child_pid == 0: # Child process os.execl(sys.argv[1], sys.argv[1]) else: # Parent process print("forked new child process with PID={}".format(child_pid)) pid_list.append(child_pid) def main(): """ Script main. This script is designed so that a process watcher like runit or monit can watch this process and take corrective action if it ever goes away. """ print("starting hot-restarter with target: {}".format(sys.argv[1])) signal.signal(signal.SIGTERM, sigterm_handler) signal.signal(signal.SIGINT, sigint_handler) signal.signal(signal.SIGHUP, sighup_handler) signal.signal(signal.SIGCHLD, sigchld_handler) signal.signal(signal.SIGUSR1, sigusr1_handler) # Start the first child process and then go into an endless loop since everything else happens via # signals. fork_and_exec() while True: time.sleep(60) if __name__ == '__main__': main() ================================================ FILE: security/email-templates.md ================================================ # Envoy Security Process Email Templates This is a collection of email templates to handle various situations the security team encounters. ## Upcoming security release to envoy-security-announce@googlegroups.com ``` Subject: Upcoming security release of Envoy $VERSION To: envoy-security-announce@googlegroups.com Cc: envoy-announce@googlegroups.com, envoy-security@googlegroups.com, envoy-maintainers@googlegroups.com Hello Envoy Community, The Envoy security team would like to announce the forthcoming release of Envoy $VERSION. This release will be made available on the $ORDINALDAY of $MONTH $YEAR at $PDTHOUR PDT ($GMTHOUR GMT). This release will fix $NUMDEFECTS security defect(s). The highest rated security defect is considered $SEVERITY severity. No further details or patches will be made available in advance of the release. Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` ## Upcoming security release to cncf-envoy-distributors-announce@lists.cncf.io ``` Subject: [CONFIDENTIAL] Upcoming security release of Envoy $VERSION To: cncf-envoy-distributors-announce@lists.cncf.io Cc: envoy-security@googlegroups.com Hello Envoy Distributors, The Envoy security team would like to provide advanced notice to the Envoy Private Distributors List of some details on the pending Envoy $VERSION security release, following the process described at https://github.com/envoyproxy/envoy/blob/master/SECURITY.md. This release will be made available on the $ORDINALDAY of $MONTH $YEAR at $PDTHOUR PDT ($GMTHOUR GMT). This release will fix $NUMDEFECTS security defect(s). The highest rated security defect is considered $SEVERITY severity. Below we provide details of these vulnerabilities under our embargo policy (https://github.com/envoyproxy/envoy/blob/master/SECURITY.md#embargo-policy). This information should be treated as confidential until public release by the Envoy maintainers on the Envoy GitHub. We will address the following CVE(s): * CVE-YEAR-ABCDEF (CVSS score $CVSS, $SEVERITY): $CVESUMMARY - Link to the appropriate section of the CVE writeup document with gh-cve-template.md content. ... We intend to make candidates release patches available under embargo on the $ORDINALDAY of $MONTH $YEAR, which you may use for testing and preparing your distributions. Please direct further communication amongst private distributors to this list or to envoy-security@googlegroups.com for direct communication with the Envoy security team. Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` ## Candidate release patches to cncf-envoy-distributors-announce@lists.cncf.io ``` Subject: [CONFIDENTIAL] Further details on security release of Envoy $VERSION To: cncf-envoy-distributors-announce@lists.cncf.io Cc: envoy-security@googlegroups.com Hello Envoy Distributors, Please find attached candidate patches for CVE-YEAR-ABCDEF. You may use the attached patches for testing and preparing your distributions. The patches can be applied with "git am". Patches starting with "$VERSION" should be applied against the $OLDVERSION release. Patches starting with "master-" should be applied against commit $COMMIT. As a reminder, these patches are under embargo until $ORDINALDAY of $MONTH $YEAR at $PDTHOUR PDT ($GMTHOUR GMT). The information below should be treated as confidential and shared only on a need-to-know basis. The rules outline in our embargo policy (https://github.com/envoyproxy/envoy/blob/master/SECURITY.md#embargo-policy) still apply, and it is extremely important that any communication related to these CVEs are not forwarded further. No fixes should be made publicly available, either in binary or source form, before the aforementioned disclosure date. We would appreciate any feedback on these patches. Please direct further communication amongst private distributors to this list or to envoy-security@googlegroups.com for direct communication with the Envoy security team. Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` ## Security Fix Announcement ``` Subject: Security release of Envoy $VERSION is now available To: envoy-security-announce@googlegroups.com Cc: envoy-announce@googlegroups.com, envoy-security@googlegroups.com, envoy-maintainers@googlegroups.com Hello Envoy Community, The Envoy security team would like to announce the availability of Envoy $VERSION. This addresses the following CVE(s): * CVE-YEAR-ABCDEF (CVSS score $CVSS): $CVESUMMARY ... Upgrading to $VERSION is encouraged to fix these issues. GitHub tag: https://github.com/envoyproxy/envoy/releases/tag/v$VERSION Docker images: https://hub.docker.com/r/envoyproxy/envoy/tags Release notes: https://www.envoyproxy.io/docs/envoy/v$VERSION/version_history/current.rst Docs: https://www.envoyproxy.io/docs/envoy/v$VERSION/ **Am I vulnerable?** Run `envoy --version` and if it indicates a base version of $OLDVERSION or older you are running a vulnerable version. **How do I mitigate the vulnerability?** Avoid the use of feature XYZ in Envoy configuration. **How do I upgrade?** Update to $VERSION via your Envoy distribution or rebuild from the Envoy GitHub source at the $VERSION tag or HEAD @ master. **Vulnerability Details** ***CVE-YEAR-ABCDEF*** $CVESUMMARY This issue is filed as $CVE. We have rated it as [$CVSSSTRING]($CVSSURL) ($CVSS, $SEVERITY) [See the GitHub issue for more details]($GITHUBISSUEURL) **Thank you** Thank you to $REPORTER, $DEVELOPERS, and the $RELEASEMANAGERS for the coordination in making this release. Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` ## Security Fix of Main Branch Announcement ``` Subject: Security fix of Envoy main branch (that includes $GITSHORTCOMMITHASH) is now available To: envoy-security-announce@googlegroups.com Cc: envoy-announce@googlegroups.com, envoy-security@googlegroups.com, envoy-maintainers@googlegroups.com Hello Envoy Community, The Envoy security team would like to announce the availability of the fix for security defect(s) introduced in the main branch by [$GITSHORTCOMMITHASH]($GITHUBCOMMITURL) commit. The defect(s) caused by the [$GITSHORTCOMMITHASH]($GITHUBCOMMITURL) were not part of any Envoy stable releases. $DEFECTSSUMMARY The CVSS score for this is [$CVSSSTRING]($CVSSURL). Including the [$FIXGITSHORTCOMMITHASH]($FIXGITHUBCOMMITURL) commit is encouraged to fix this issue. **Security fix timeline** 1. The defect(s) introduced in [$GITSHORTCOMMITHASH]($GITHUBCOMMITURL) were landed in the main branch on $ORDINALDAY of $MONTH $YEAR at $PDTHOUR PDT ($GMTHOUR GMT). 2. The fix [$FIXGITSHORTCOMMITHASH]($FIXGITHUBCOMMITURL) was merged into the main branch on $ORDINALDAY of $MONTH $YEAR at $PDTHOUR PDT ($GMTHOUR GMT). **Thank you** Thank you to $REPORTER, $DEVELOPERS, and the $RELEASEMANAGERS for the coordination in making this release. Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` ================================================ FILE: security/gh-cve-template.md ================================================ >This template is for public disclosure of CVE details on Envoy's GitHub. It should be filed with the public release of a security patch version, and will be linked to in the announcement sent to envoy-security-announce@googlegroups.com. The title of this issue should be the CVE identifier and it should have the `security` label applied. # CVE-YEAR-ABCDEF ## Brief description >Brief description used when filing CVE. ## CVSS >[$CVSSSTRING]($CVSSURL)($CVSSSCORE, $SEVERITY) ## Affected version(s) >Envoy x.y.z and before. ## Affected component(s) >List affected internal components and features. ## Attack vector(s) >How would an attacker use this? ## Discover(s)/Credits >Individual and optional organization. ## Example exploit or proof-of-concept >If there is proof-of-concept or example, provide a concrete example. ## Details >Deep dive into the defect. This should be detailed enough to maintain a record for posterity while being clear and concise. ## Mitigations >Are there configuration or CLI options that can be used to mitigate? ## Detection >How can exploitation of this bug be detected in existing and future Envoy versions? E.g. access logs. ## References * CVE: $CVEURL >Any other public information. ================================================ FILE: security/postmortem-template.md ================================================ > Slimmed down template from: Betsy Beyer, Chris Jones, Jennifer Petoff, and Niall Richard > Murphy. [“Site Reliability > Engineering.”](https://landing.google.com/sre/book/chapters/postmortem.html), > modified from > https://raw.githubusercontent.com/dastergon/postmortem-templates/master/templates/postmortem-template-srebook.md. > Follow the SRE link for examples of how to populate. > A PR should be opened with postmortem placed in security/postmortems/cve-year-abcdef.md. If there > are multiple CVEs in the postmortem, populate each alias with the string "See cve-year-abcdef.md". # Security postmortem for CVE-YEAR-ABCDEF, CVE-YEAR-ABCDEG ## Incident date(s) > YYYY-MM-DD (as a date range if over a period of time) ## Authors > @foo, @bar, ... ## Status > Draft | Final ## Summary > A few sentence summary. ## CVE issue(s) > https://github.com/envoyproxy/envoy/issues/${CVE_ISSUED_ID} ## Root Causes > What defect in Envoy led to the CVEs? How did this defect arise? ## Resolution > How was the security release process followed? How were the fix patches > structured and authored? ## Detection > How was this discovered? Reported by XYZ, found by fuzzing? Private or public > disclosure? ## Action Items > Create action item issues and include in their body "Action item for > CVE-YEAR-ABCDEF". Modify the search string below to include in the PR: https://github.com/envoyproxy/envoy/issues?utf8=%E2%9C%93&q=is%3Aissue+%22Action+item+for+CVE-YEAR-ABCDEF%22 ## Lessons Learned ### What went well ### What went wrong ### Where we got lucky ## Timeline All times US/Pacific YYYY-MM-DD * HH:MM Cake was made available * HH:MM People ate the cake YYYY-MM-DD * HH:MM More cake was available * HH:MM People ate more cake ## Supporting information ================================================ FILE: security/postmortems/cve-2019-15225.md ================================================ # Security postmortem for CVE-2019-15225, CVE-2019-15226 ## Incident date(s) 2019-07-25 - 2019-10-10 ## Authors @asraa ## Status Final ## Summary After an Envoy user publicly reported a crash in Envoy about regular expression matching in route resolution (https://github.com/envoyproxy/envoy/issues/7728), the Envoy security team found that issue could be leveraged for a DoS attack and would go through the public security release process. The fix landed in master with a public PR (https://github.com/envoyproxy/envoy/pull/7878) and was targeted to be included in a 1.11.2 security release. CVE-2019-15226 was detected via fuzzers just after the 1.11.1 security release. With the fix of CVE-2019-15225 in progress, the Envoy security team decided to lump the two fixes into a 1.11.2 security release. This was the first time in which the Envoy security release included a publicly disclosed vulnerability with a fix that was merged into master. The security release included a backported patch of the fix as well as the patches for CVE-2019-15226. ## CVE issue(s) * https://github.com/envoyproxy/envoy/issues/8519 * https://github.com/envoyproxy/envoy/issues/8520 ## Root Causes CVE-2019-15225 was caused by the use of a recursive algorithm for matching regular expressions. Envoy’s HTTP router can be configured with regular expressions for routing incoming HTTP requests that matched header values. Envoy used the libstdc++ `std::regex` implementation for these regular expressions. As a result, an HTTP request with sufficiently large header values may consume large amounts of stack memory and cause abnormal process termination. Regular expressions with the `*` or `+` quantifiers are particularly vulnerable and may cause abnormal process termination. This appeared when matching header values of 16Kb or more. CVE-2019-15226 resulted from excessive iteration of the `HeaderMap` from a time-consuming header size validation that occurred for each header added. Both codec libraries http_parser and nghttp2 have internal limits for the maximum request header size. Envoy’s HTTP/2 codec originally checked against a hard-coded max header size of 63K, which was just under the default max headers length in nghttp2. The check occurred every time a header was added, resulting in O(n^2) performance. Work on making this limit configurable (https://github.com/envoyproxy/envoy/issues/5626) also introduced the issue in Envoy’s HTTP/1 codec, where the check was added per header field mimicking the same problematic pattern as the original HTTP/2 codec. ## Resolution To resolve the memory consumption caused by excessive memory consumption from regex matching, Envoy 1.11.2 deprecates the use of `std::regex` in user facing paths. A new safe regex matcher introduces an explicitly configurable regex engine. Currently, the regex engine is limited to Google’s RE2 regex engine that implements a safe subset of the std::regex language features. The existing regex engine is in a deprecation period to allow users to switch to safe regex engines. Google’s RE2 regex engine is designed to complete execution in linear time (https://github.com/google/re2/wiki/WhyRE2) and limit the amount of memory used. Envoy 1.11.2 also includes an option to configure a “program size” when using Google RE2, a rough estimate of how complex a compiled regex is to evaluate. A regex that has a program size greater than this value will fail to compile. CVE-2019-15226 was first noticed via fuzzers when a timeout was reported by `h1_capture_direct_fuzz_test`: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16325 on 08-09-2019. Once a reproducer was made in an Envoy deployment to confirm the issue, and some profiling work was done by the Envoy security team, we moved to a private fix process targeting the 1.11.2 release along with CVE-2019-15225. Other calls to `byteSize()` and iterations over `HeaderMap` were used were also analyzed for potential DoS vulnerabilities and performance issues. The fix re-implemented the `HeaderMapImpl::byteSize()` method to have O(1) performance by returning a `cached_byte_size_` member to `HeaderMapImpl` that was updated as header entries are added, rather than iterate over the `HeaderMap` to calculate the byte size. To resolve excessive iterations over the `HeaderMap` that can appear in access logging with many header formatters and many headers, the fix also included configurable limits for the maximum number of headers. The following patches were produced: * https://github.com/envoyproxy/envoy/commit/afc39bea36fd436e54262f150c009e8d72db5014 * https://github.com/envoyproxy/envoy/commit/5c122a35ebd7d3f7678b0f1c9846c1e282bba079 A 1.11.2 security release was announced on 09-18-2019. An e-mail was sent to the Envoy private distributor list sharing the details of CVE-2019-15226. A week later, the candidate fix patches for CVE-2019-15226 were shared with distributors on 2019-09-24. This provided two weeks for distributors to test and prepare their software for the security release date, as per the guidelines set in place after security release 1.9.1. ## Detection CVE-2019-15225 was reported by Seikun Kambashi in a public GitHub Issue describing a crash caused by a request with a very large URI for routes configured with a regex matcher: https://github.com/envoyproxy/envoy/issues/7728. Envoy’s `route_fuzz_test`, which fuzzes route resolution and header finalization, ideally should have caught this crash. The test takes a `RouteConfiguration` and a set of headers as inputs, and routes a request with the input headers with the `RouteConfiguration` given. It should have been fairly easy for the fuzzers to produce a wildcard matcher and a long header string. However, the fuzz test itself had a logical error that resulted in ignoring input path headers and setting them to a default value of “/”. As a result, the fuzz test would never have tested a large URI and an OOM or crash would never have been detected. The fuzz test was fixed in https://github.com/envoyproxy/envoy/pull/8653, and a reproducer for the CVE was added. The underlying issue behind CVE-2019-15226 was first noticed via fuzzers when a timeout was reported by `h1_capture_direct_fuzz_test`: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16325. Some profiling work revealed that `HeaderMapImpl::byteSize()`, which is O(n) in the number of headers, is called for every single header in both HTTP/1.1 and HTTP/2 codecs. Although Envoy’s stateless HTTP/2 header fuzzers (`request_header_fuzz_test` and `response_header_fuzz_test`) perform 10x more executions per second than this fuzzer, these tested one header frame per testcase and used nghttp2’s default max header frame size (16 KB). Because of this, the frame size was too small to amplify the effect of the O(n^2) process enough to produce a timeout. ## Action Items * https://github.com/envoyproxy/envoy/issues/8567 * https://github.com/envoyproxy/envoy/issues/8875 * https://github.com/envoyproxy/envoy/issues/8898 * https://github.com/envoyproxy/envoy/issues/8901 ## Lessons Learned ### What went well * CVE-2019-15226 was detected quickly after the fuzzer reported the timeout. * The fixes for CVE-2019-15226 were straightforward and localized. * The security release occurred on time and followed the guidelines established in https://github.com/envoyproxy/envoy/blob/master/SECURITY.md ### What went wrong * It took nearly a week to set up a branch for fix patches. This was due to some confusion over whether to use the new GitHub Security advisories, which didn’t support the required permission model and CI integrations. In the process, the envoy-setec branch was temporarily made readable to all Envoy contributors. * While resolving the above permission issue, we hit an issue with Github permissions on envoyproxy: people could no longer assign issues to members in the Envoy repository. This was fixed with some restructuring of GitHub team’s to support the limited GitHub IAM model. * It was possible to push to envoy-setec branches by fix team, e.g. the 1.11.2 could be directly pushed to (master as well). We need branch protection to ensure that CI gates merges; this will provide confidence that the staged release branches are likely to work on the main Envoy repository. * We had manual patch sets the day before release, but no envoy-setec branches reflecting them passing end-to-end. We should not consider a release ready to go until it passes a full CI pass. * It wasn’t possible to get a full CI pass due to docs/image/etc push issues. We should have a set of presubmits that provide a simple yes/no in the GH UX. * Our route resolution fuzzer would not have picked up the regex vulnerability due to a logical error in the fuzzer. * Our more efficient request and response fuzzers would not have picked up this vulnerability earlier. They only fuzz a single HEADER frame, and the maximum frame size for HTTP/2 is by default 16 KB. * From a distributor: “We didn't realize about safe_regex until the note this morning. So we're patching ... to switch to safe_regex -- would it be possible in future notes to distributors to note if usage changes are required?” * We coupled the CVE-2019-15225 and CVE-2019-15226 releases. This made sense initially, due to release overhead, but as the release date for the header map fixes was extended, it meant that a somewhat known vulnerability was fixed on master but not on any released version of Envoy. ### Where we got lucky * Release branches (master and v1.12.2) passed had only minor CI failures (bazel.compile_time_options) despite no complete pass of either assembled branch on private fix branch ## Timeline All times US/Pacific 2019-07-25: * [CVE-2019-15225] https://github.com/envoyproxy/envoy/issues/7728 was opened reporting crashes from route regex matches with very long request URIs 2019-08-09: * [CVE-2019-15226] ClusterFuzz reports https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16325 under embargo. 2019-08-13: * [CVE-2019-15226] Email thread to envoy-security@googlegroups.com regarding the HeaderMap DoS. Analysis began to determine similar O(n^2) performance in code that uses HeaderMap. 2019-08-19: * CVE ID Request for CVE-2019-15225 and CVE-2019-15226 2019-08-20: * Branch permissions / CI permissions for envoy-setec branch set up. 2019-08-21: * [CVE-2019-15226] Draft fix PRs for CVE-2019-15226 were shared on private Envoy security repository. Reviews and further development occurred over the next three weeks. 2019-08-23: * [CVE-2019-15225] Fix for CVE-2019-15225 is opened at https://github.com/envoyproxy/envoy/pull/7878 2019-09-18: * [CVE-2019-15226] CVE summary details shared with cncf-envoy-distributors-announce@lists.cncf.io. 2019-09-19: * [CVE-2019-15226] Vulnerability exists in all Envoy distributions for HTTP/2 traffic, CVE updated 2019-09-24: * [CVE-2019-15226] Candidate fix patches was shared with cncf-envoy-distributors-announce@lists.cncf.io. 2019-10-07: * [CVE-2019-15226] Patch sets assembled based on previous reviewed work as manual patches. 2019-10-08: * [CVE-2019-15226] Some last minute patch fixup to have staged branches pass on CI. Patches scheduled for public release. * 11:20 AM v1.11.2 pushed * [CVE-2019-15226] CVE updated on publication 2019-10-10 * [CVE-2019-15226] Filed follow-up GitHub issue https://github.com/envoyproxy/envoy/issues/8567 ================================================ FILE: security/postmortems/cve-2019-15226.md ================================================ See [cve-2019-15225.md](cve-2019-15225.md) ================================================ FILE: security/postmortems/cve-2019-9900.md ================================================ # Security postmortem for CVE-2019-9900, CVE-2019-9901 ## Incident date(s) 2019-02-18 - 2019-04-05 ## Authors @htuch ## Status Final ## Summary Two independent vulnerabilities related to a mismatch between the information used for request matching and routing were discovered in February/March 2019, leading to the potential ability for an attacker to bypass access control checks and route table intent. Since these issues had similar attack vectors and were discovered within the same embargo window, the issues were grouped and resolved (mostly) privately by Envoy and Istio fix teams, resulting in the Envoy 1.9.1 security release issued on 2019-04-05. This was the first time in which the Envoy security release process was followed and provided a learning opportunity to refine the process, originally borrowed from the Kubernetes project, to Envoy's requirements. While the issues were upgraded from medium to high criticality during the fix process, they were limited in impact to a subset of users and specific configuration patterns. This postmortem captures the issues encountered during the fix process and provides actionable next steps. ## CVE issue(s) * https://github.com/envoyproxy/envoy/issues/6434 * https://github.com/envoyproxy/envoy/issues/6435 ## Root Causes CVE-2019-9900 resulted from Envoy assuming that its codec libraries (http-parser, nghttp2) followed RFC 7230 and would reject any header value with an embedded NUL character. Unfortunately, http-parser did not do this due to an optimization in header value processing (https://github.com/nodejs/http-parser/issues/468, https://github.com/nodejs/http-parser/pull/469). In addition, Envoy viewed header strings with a mixture of `c_str()` and `string_view`, allowing the possibility of inconsistent views between checks and resulting action. A combination of a buggy external dependency and problematic use of C string views led to this vulnerability. CVE-2019-9901 resulted from two distinct views of the role of a proxy in path handling. On the one hand, Envoy was considered a data forwarding engine for HTTP requests that did not need to perform path normalization, with this concern left to client and backend. However, at the same time, Envoy was being used in applications where it intermediated on requests for access control purposes (e.g. RBAC, `ext_authz`) and performed path matching against policy. Especially in the presence of a backend that itself normalizes, this access control role required that path normalization be applied in the proxy. ## Resolution CVE-2019-9900 was reported by Envoy maintainer @htuch on 2019-03-10 to envoy-security@googlegroups.com. After some discussion, it was agreed that this warranted invoking the security release process. The issue was mitigated in the Envoy private security repository by @htuch and the Envoy security fix team. A single patch (https://github.com/envoyproxy/envoy/commit/b155af75fad7861e941b5939dc001abf581c9203) was required to workaround the http-parser behavior. In addition, both tests and fuzzers were created to validate the behavior when NULs were introduced anywhere in an HTTP/1 or HTTP/2 request (https://github.com/envoyproxy/envoy/commit/1e61a3f95f2c4d9ac1e54feae8693cee7906e2eb). Manual code inspection was also performed in nghttp2 to verify the absence of vulnerability. While doing so, a non-security related bug was discovered (https://github.com/nghttp2/nghttp2/issues/1331). Shortly after discovery of CVE-2019-9900, the http-parser issue was reported to the Node.js security working group at security@nodejs.org, since http-parser lives under the umbrella of the Node.js project. The full vulnerability was described and the Envoy security team proposed working with Node.js PST. As there was no reply, we proceeded independently. Unfortunately, it appears that the Node.js security WG never received the e-mail, due to the reliance of Node.js on HackerOne to gate incoming issues and a problematic e-mail forwarding chain (https://github.com/nodejs/security-wg/issues/454#issuecomment-481919759). We have since filed a HackerOne issue with the original report e-mail. CVE-2019-9901 was privately disclosed to the Istio security team by an external researcher on 2019-02-18 and accidentally publicly disclosed in part in https://github.com/envoyproxy/envoy/issues/6008 on 2019-03-13. Once the severity of this was realized via offline discussion between the Envoy security team and the PR authors, we moved to a private fix process in conjunction with CVE-2019-9900, targeting the 1.9.1 release. The Google Istio security and networking teams led the efforts to fix this vulnerability in Envoy's private security repository. The workaround implementation of path normalization borrowed from Chromium's URL library, adapted and minified for the Envoy context. The follow patches were produced: * https://github.com/envoyproxy/envoy/commit/c22cfd2c483fc26534382a0b6835f45264bb137a * https://github.com/envoyproxy/envoy/commit/7ed6d2187df94c4cb96f7dccb8643bf764af2ccb In both cases, the Envoy security team considered the issues of medium criticality (CVSS 6.5) initially, since it was thought that the attack complexity was high, requiring special circumstances to apply. As we continued discussion with Istio and Google teams, it became apparent that the exploits were trivial to automate and we upgraded to high criticality (CVSS 8.3), due to the lower attack complexity. A 1.9.1 security release was initially targeted for 2019-04-02 and announced on 2019-03-22. An e-mail was sent to the Envoy private distributor list sharing CVE details. After private discussions with a distributor on 2019-03-28, who expressed concern over the very short (3 working day) distance between fix patch availability and release, the Envoy security team decided to delay the 1.9.1 release until 2019-04-05. This provided 1 week for distributors to prepare their software for the security release date. Fix patches were shared with the private distributor list late on 2019-03-28. During the fix process, two distributors reached out to us to request the ability to stage in publicly accessible locations binary images with the fixes applied. While technically this would violate embargo, we decided to allow this due to a lack of a clear alternative; Envoy's sidecar use cases and reliance on Docker for distribution, where images are generally staged on public hubs, did not lend itself to opaque rollout. ## Detection The underlying issue behind CVE-2019-9900 was first noticed via fuzzers when an explicit `ASSERT` check for embedded NULs was added in #6170. The following issue was tripped by `h1_capture_fuzz_test`: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13613. Some experiments with `netcat`, `tcpdump` and an Envoy binary demonstrated that it was viable to at least bypass header suffix matches via this mechanism. CVE-2019-9901 was reported by an external researcher (Erlend Oftedal) to the Istio security team. ## Action Items * https://github.com/envoyproxy/envoy/issues?utf8=%E2%9C%93&q=is%3Aissue+%22Action+item+for+CVE-2019-9900%22+ * https://github.com/envoyproxy/envoy/issues?utf8=%E2%9C%93&q=is%3Aissue+%22Action+item+for+CVE-2019-9901%22+ ## Lessons Learned ### What went well * Fix patches were available within 2 weeks of vulnerability disclosure. The changes were localized and relatively clean. ### What went wrong * The Envoy private distributor list was initially almost empty. We sent out an e-mail to remind distributors to sign up on 2019-03-14 and the list is now O(10). * The security impact of https://github.com/envoyproxy/envoy/issues/6008 was not caught by Envoy until this was brought to our attention ~20 days after the issue was first pushed. Ideally such issues should be routed to envoy-security@googlegroups.com first in the future and Envoy reviewers/maintainers should keep an eye out for inadvertent security disclosures through public channels. In addition, an earlier issue https://github.com/envoyproxy/envoy/issues/2956 was opened a year previous, but was not tagged as being security sensitive. * Applicants for the private distributor list were turned down based on membership criteria that was adopted from k8s. This is now being revisited in https://github.com/envoyproxy/envoy/issues/6586. * Distributors were only provided 3 days from candidate fix patch availability until public release at first. While this was extended to 1 week, even this might be too little. This is now being codified in https://github.com/envoyproxy/envoy/issues/6587. * The Chromium URL library was forked, minified and adapted to Envoy. This was expedient but not a maintainable long term solution, see https://github.com/envoyproxy/envoy/issues/6588. * Only coarse grained control over path normalization was provided, since this was expedient and mitigated the vulnerability. We should provide finer grained controls, see https://github.com/envoyproxy/envoy/issues/6589. * Our report to the Node.js security working group was lost due to https://github.com/nodejs/security-wg/issues/454#issuecomment-481919759. We should avoid this happening Envoy-side, see https://github.com/envoyproxy/envoy/issues/6590. More generally, we should err on the side of reaching out over more channels in the future, since it's unclear how effective any given disclosure channel is. * The security release day (2019-04-05) was Friday PDT. We should pick a globally friendly day-of-week, e.g. Tue-Thu, for security releases. * Nginx already had a CVE for path normalization (https://www.rapid7.com/db/vulnerabilities/nginx-cve-2009-3898) similar to CVE-2019-9901, but we did not know this until after the fact. We should audit CVEs for similar class software, see https://github.com/envoyproxy/envoy/issues/6592. * A distributor reached out to the security team for permission to perform silent binary rollouts as discussed above. While in principle our relaxation of the embargo policy applied to all distributors, an e-mail was not sent to the list. This resulted in confusion when a second distributor observed this rollout. We should ensure going forward that any policy relaxation during CVE handling is clearly communicated across the board. * Public, albeit silent, staging of Docker images before the public security release date was a necessary pragmatic tradeoff. We need to refine the security release process to deal with this explicitly, see https://github.com/envoyproxy/envoy/issues/6593. * The security release forced `envoy-dev:latest` back to the 1.9.1 release branch. This should be fixed, see https://github.com/envoyproxy/envoy/issues/6595. * There was a window of ~50 minutes between the release tagging of the Envoy 1.9.1 branch and availability of Docker images. Ideally we shrink this to allow users to upgrade faster. See https://github.com/envoyproxy/envoy/issues/6596. * The CVE-2019-9901 fix required either control plane or runtime changes. This orchestration was not well suited to all deployment environments, so some distributions, e.g. Istio, applied additional patches to enable at compile time. Ideally we support control plane, runtime and CLI or compile-time fix opt-in abilities. ### Where we got lucky * The defects were not critical (by CVSS scoring and intuition) and (mostly) privately disclosed. This provided an opportunity to exercise and refine the Envoy security release process. * Huffman and HPACK in general frustrates HTTP/2 testing and fuzzing for security properties. We had no effective fuzzing or testing for this previously as a result, we were lucky that the scope of CVE-2019-9900 was limited to HTTP/1.1. * CVE-2019-9900 was only discovered as a result of additional `ASSERT`s added to verify a property that Envoy developers were certain held. Fuzzing alone had not previously caught this. * Distributors were able to execute their own security releases within the 1 week provided from patch availability. Anecdotally, this involved effort beyond that which we should expect normally to manage an Envoy fix. * No known instances reported of pre-release embargo breakage due to silent public staging of Docker images. ## Timeline All times US/Pacific 2019-02-18: * [CVE-2019-9901] Path normalization issue was reported to Istio security team at vulnerabilities@discuss.istio.io. 2019-02-19: * [CVE-2019-9901] https://github.com/envoyproxy/envoy/issues/6008 was opened. This was not the first Envoy report of missing path normalization (see https://github.com/envoyproxy/envoy/issues/2956). Neither issue mentioned the security basis and Envoy reviewers speculated on the potential for path traversal attacks. 2019-03-08: * [CVE-2019-9900] oss-fuzz reports https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13613 under embargo. 2019-03-10: * [CVE-2019-9900] E-mail thread on envoy-security@googlegroups.com regarding the potential effects of this bugs. While it was unclear whether there would be impact beyond some narrow circumstances, agreement was reached to start the security release process. Analysis began to determine the extent of impact on HTTP/2 and Envoy's code base was audited. 2019-03-11: * [CVE-2019-9901] https://github.com/envoyproxy/envoy/pull/6258 was opened to address https://github.com/envoyproxy/envoy/issues/6008. 2019-03-13: * [CVE-2019-9901] https://github.com/envoyproxy/envoy/pull/6258 was closed after offline discussions between Envoy security team and the author, once the Envoy security team became aware of the potential severity in the Istio setup (in particular with RBAC and Mixer in play). 2019-03-14: * [CVE-2019-9900] Finding were presented to envoy-security@. A fix plan was agreed upon and a candidate fix PR was shared with the team by e-mail. At this point, no private fix repository existed. * [CVE-2019-9901] The Istio fix leads initiated private work on a fix patch. Since it was likely that this would land within the 1.9.1 release window for CVE-2019-9900, CVE-2019-9901 was also scheduled for the release. * [Announcement](https://groups.google.com/forum/#!topic/envoy-announce/dEOLqAiaSUI) sent to remind distributors to join cncf-envoy-distributors-announce@lists.cncf.io. 2019-03-20: * CVEs were requested from MITRE for both issues. * Draft fix PRs for CVE-2019-9900 and CVE-2019-9901 were shared on private Envoy security repository. Reviews and further development occurred over the following week. 2019-03-22: * 11:20 1.9.1 security release for the two vulnerabilities was [announced](https://groups.google.com/d/msg/envoy-announce/6fwGB2TxB74/dKeURAdfAgAJ). * 11:24 CVE summary details shared with cncf-envoy-distributors-announce@lists.cncf.io. 2019-03-28: * Envoy security team met with a distributor to discuss their concerns over the lack of time between patch availability and the release date. We agreed that three days was insufficient and agreed to extend to a week. * 13:53 A delay of the 1.9.1 release until 2019-04-05 was [announced](https://groups.google.com/d/msg/envoy-announce/6fwGB2TxB74/Pe3PPFbPBAAJ). * 20:07 Candidate fix patches for both CVE shared with cncf-envoy-distributors-announce@lists.cncf.io. 2019-03-29: * Envoy security team was contacted by a distributor regarding the permissibility of silently staging binary images in public locations in advance of the security release due to a lack of viable alternatives. The Envoy security team agreed that there was no better alternative and provided an exemption. 2019-04-02: * 08:15 The increase of severity from medium to high was [announced](https://groups.google.com/d/msg/envoy-announce/6fwGB2TxB74/qiDEgclFBgAJ). This followed several days of offline discussion between Istio and Envoy teams on Istio's independent assessment of the issues as high severity, and a better awareness of how to score. What was missing was the intuition that a vulnerability can be high severity even if it only affects a rather limited number of users. 2019-04-04: * 15:41 The Envoy master branch was frozen to prepare for the security release. PRs were rebased against master and prepared for the release push. * 18:33 Envoy security team was contacted by a distributor who had noticed public visibility of binary images with the fix patch by other vendors. After discussion, we agreed on a general exemption for these CVEs to the embargo policy for binary images with some constraints. * 19:18 cncf-envoy-distributors-announce@lists.cncf.io was e-mailed to clarify position on staging of binary images on public sites prior to the release date. A narrow set of circumstances under which this was permissible were outlined. 2019-04-05: * 10:00 - 10:05 The [v1.9.1](https://github.com/envoyproxy/envoy/tree/v1.9.1) release branch was pushed and the 1.9.1 releaes was tagged. This started the Docker build process for the release. The same PRs were pushed to master. * 10:05 The Envoy 1.9.1 security release was [announced](https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!topic/envoy-announce/VoHfnDqZiAM). * 10:57 The v1.9.1 image was available at https://hub.docker.com/r/envoyproxy/envoy/tags. ## Supporting information ================================================ FILE: security/postmortems/cve-2019-9901.md ================================================ See [cve-2019-9900.md](cve-2019-9900.md) ================================================ FILE: source/common/access_log/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "access_log_lib", srcs = ["access_log_impl.cc"], hdrs = ["access_log_impl.h"], external_deps = [ "abseil_hash", ], deps = [ "//include/envoy/access_log:access_log_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/http:header_map_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:access_log_config_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/stream_info:stream_info_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "access_log_manager_lib", srcs = ["access_log_manager_impl.cc"], hdrs = ["access_log_manager_impl.h"], deps = [ "//include/envoy/access_log:access_log_interface", "//include/envoy/api:api_interface", "//source/common/buffer:buffer_lib", "//source/common/common:logger_lib", "//source/common/common:thread_lib", ], ) ================================================ FILE: source/common/access_log/access_log_impl.cc ================================================ #include "common/access_log/access_log_impl.h" #include #include #include "envoy/common/time.h" #include "envoy/config/accesslog/v3/accesslog.pb.h" #include "envoy/config/accesslog/v3/accesslog.pb.validate.h" #include "envoy/filesystem/filesystem.h" #include "envoy/http/header_map.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/config/metadata.h" #include "common/config/utility.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "common/stream_info/utility.h" #include "common/tracing/http_tracer_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace AccessLog { ComparisonFilter::ComparisonFilter(const envoy::config::accesslog::v3::ComparisonFilter& config, Runtime::Loader& runtime) : config_(config), runtime_(runtime) {} bool ComparisonFilter::compareAgainstValue(uint64_t lhs) const { uint64_t value = config_.value().default_value(); if (!config_.value().runtime_key().empty()) { value = runtime_.snapshot().getInteger(config_.value().runtime_key(), value); } switch (config_.op()) { case envoy::config::accesslog::v3::ComparisonFilter::GE: return lhs >= value; case envoy::config::accesslog::v3::ComparisonFilter::EQ: return lhs == value; case envoy::config::accesslog::v3::ComparisonFilter::LE: return lhs <= value; default: NOT_REACHED_GCOVR_EXCL_LINE; } } FilterPtr FilterFactory::fromProto(const envoy::config::accesslog::v3::AccessLogFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor) { switch (config.filter_specifier_case()) { case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kStatusCodeFilter: return FilterPtr{new StatusCodeFilter(config.status_code_filter(), runtime)}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kDurationFilter: return FilterPtr{new DurationFilter(config.duration_filter(), runtime)}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kNotHealthCheckFilter: return FilterPtr{new NotHealthCheckFilter()}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kTraceableFilter: return FilterPtr{new TraceableRequestFilter()}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kRuntimeFilter: return FilterPtr{new RuntimeFilter(config.runtime_filter(), runtime, random)}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kAndFilter: return FilterPtr{new AndFilter(config.and_filter(), runtime, random, validation_visitor)}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kOrFilter: return FilterPtr{new OrFilter(config.or_filter(), runtime, random, validation_visitor)}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kHeaderFilter: return FilterPtr{new HeaderFilter(config.header_filter())}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kResponseFlagFilter: MessageUtil::validate(config, validation_visitor); return FilterPtr{new ResponseFlagFilter(config.response_flag_filter())}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kGrpcStatusFilter: MessageUtil::validate(config, validation_visitor); return FilterPtr{new GrpcStatusFilter(config.grpc_status_filter())}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kMetadataFilter: return FilterPtr{new MetadataFilter(config.metadata_filter())}; case envoy::config::accesslog::v3::AccessLogFilter::FilterSpecifierCase::kExtensionFilter: MessageUtil::validate(config, validation_visitor); { auto& factory = Config::Utility::getAndCheckFactory(config.extension_filter()); return factory.createFilter(config.extension_filter(), runtime, random); } default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool TraceableRequestFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { Tracing::Decision decision = Tracing::HttpTracerUtility::isTracing(info, request_headers); return decision.traced && decision.reason == Tracing::Reason::ServiceForced; } bool StatusCodeFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { if (!info.responseCode()) { return compareAgainstValue(0ULL); } return compareAgainstValue(info.responseCode().value()); } bool DurationFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { absl::optional final = info.requestComplete(); ASSERT(final); return compareAgainstValue( std::chrono::duration_cast(final.value()).count()); } RuntimeFilter::RuntimeFilter(const envoy::config::accesslog::v3::RuntimeFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random) : runtime_(runtime), random_(random), runtime_key_(config.runtime_key()), percent_(config.percent_sampled()), use_independent_randomness_(config.use_independent_randomness()) {} bool RuntimeFilter::evaluate(const StreamInfo::StreamInfo& stream_info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { auto rid_extension = stream_info.getRequestIDExtension(); uint64_t random_value; if (use_independent_randomness_ || !rid_extension->modBy( request_headers, random_value, ProtobufPercentHelper::fractionalPercentDenominatorToInt(percent_.denominator()))) { random_value = random_.random(); } return runtime_.snapshot().featureEnabled( runtime_key_, percent_.numerator(), random_value, ProtobufPercentHelper::fractionalPercentDenominatorToInt(percent_.denominator())); } OperatorFilter::OperatorFilter( const Protobuf::RepeatedPtrField& configs, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor) { for (const auto& config : configs) { filters_.emplace_back(FilterFactory::fromProto(config, runtime, random, validation_visitor)); } } OrFilter::OrFilter(const envoy::config::accesslog::v3::OrFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor) : OperatorFilter(config.filters(), runtime, random, validation_visitor) {} AndFilter::AndFilter(const envoy::config::accesslog::v3::AndFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor) : OperatorFilter(config.filters(), runtime, random, validation_visitor) {} bool OrFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const { bool result = false; for (auto& filter : filters_) { result |= filter->evaluate(info, request_headers, response_headers, response_trailers); if (result) { break; } } return result; } bool AndFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const { bool result = true; for (auto& filter : filters_) { result &= filter->evaluate(info, request_headers, response_headers, response_trailers); if (!result) { break; } } return result; } bool NotHealthCheckFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { return !info.healthCheck(); } HeaderFilter::HeaderFilter(const envoy::config::accesslog::v3::HeaderFilter& config) : header_data_(std::make_unique(config.header())) {} bool HeaderFilter::evaluate(const StreamInfo::StreamInfo&, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { return Http::HeaderUtility::matchHeaders(request_headers, *header_data_); } ResponseFlagFilter::ResponseFlagFilter( const envoy::config::accesslog::v3::ResponseFlagFilter& config) { for (int i = 0; i < config.flags_size(); i++) { absl::optional response_flag = StreamInfo::ResponseFlagUtils::toResponseFlag(config.flags(i)); // The config has been validated. Therefore, every flag in the config will have a mapping. ASSERT(response_flag.has_value()); configured_flags_ |= response_flag.value(); } } bool ResponseFlagFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { if (configured_flags_ != 0) { return info.intersectResponseFlags(configured_flags_); } return info.hasAnyResponseFlag(); } GrpcStatusFilter::GrpcStatusFilter(const envoy::config::accesslog::v3::GrpcStatusFilter& config) { for (int i = 0; i < config.statuses_size(); i++) { statuses_.insert(protoToGrpcStatus(config.statuses(i))); } exclude_ = config.exclude(); } bool GrpcStatusFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const { Grpc::Status::GrpcStatus status = Grpc::Status::WellKnownGrpcStatus::Unknown; const auto& optional_status = Grpc::Common::getGrpcStatus(response_trailers, response_headers, info); if (optional_status.has_value()) { status = optional_status.value(); } const bool found = statuses_.find(status) != statuses_.end(); return exclude_ ? !found : found; } Grpc::Status::GrpcStatus GrpcStatusFilter::protoToGrpcStatus( envoy::config::accesslog::v3::GrpcStatusFilter::Status status) const { return static_cast(status); } MetadataFilter::MetadataFilter(const envoy::config::accesslog::v3::MetadataFilter& filter_config) : default_match_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(filter_config, match_if_key_not_found, true)), filter_(filter_config.matcher().filter()) { if (filter_config.has_matcher()) { auto& matcher_config = filter_config.matcher(); for (const auto& seg : matcher_config.path()) { path_.push_back(seg.key()); } // Matches if the value equals the configured 'MetadataMatcher' value. const auto& val = matcher_config.value(); value_matcher_ = Matchers::ValueMatcher::create(val); } // Matches if the value is present in dynamic metadata auto present_val = envoy::type::matcher::v3::ValueMatcher(); present_val.set_present_match(true); present_matcher_ = Matchers::ValueMatcher::create(present_val); } bool MetadataFilter::evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const { const auto& value = Envoy::Config::Metadata::metadataValue(&info.dynamicMetadata(), filter_, path_); // If the key corresponds to a set value in dynamic metadata, return true if the value matches the // the configured 'MetadataMatcher' value and false otherwise if (present_matcher_->match(value)) { return value_matcher_ && value_matcher_->match(value); } // If the key does not correspond to a set value in dynamic metadata, return true if // 'match_if_key_not_found' is set to true and false otherwise return default_match_; } InstanceSharedPtr AccessLogFactory::fromProto(const envoy::config::accesslog::v3::AccessLog& config, Server::Configuration::FactoryContext& context) { FilterPtr filter; if (config.has_filter()) { filter = FilterFactory::fromProto(config.filter(), context.runtime(), context.api().randomGenerator(), context.messageValidationVisitor()); } auto& factory = Config::Utility::getAndCheckFactory(config); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( config, context.messageValidationVisitor(), factory); return factory.createAccessLogInstance(*message, std::move(filter), context); } } // namespace AccessLog } // namespace Envoy ================================================ FILE: source/common/access_log/access_log_impl.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/random_generator.h" #include "envoy/config/accesslog/v3/accesslog.pb.h" #include "envoy/config/typed_config.h" #include "envoy/runtime/runtime.h" #include "envoy/server/access_log_config.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/matchers.h" #include "common/grpc/status.h" #include "common/http/header_utility.h" #include "common/protobuf/protobuf.h" #include "absl/container/node_hash_set.h" #include "absl/hash/hash.h" namespace Envoy { namespace AccessLog { /** * Access log filter factory that reads from proto. */ class FilterFactory { public: /** * Read a filter definition from proto and instantiate a concrete filter class. */ static FilterPtr fromProto(const envoy::config::accesslog::v3::AccessLogFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor); }; /** * Base implementation of an access log filter that performs comparisons. */ class ComparisonFilter : public Filter { protected: ComparisonFilter(const envoy::config::accesslog::v3::ComparisonFilter& config, Runtime::Loader& runtime); bool compareAgainstValue(uint64_t lhs) const; envoy::config::accesslog::v3::ComparisonFilter config_; Runtime::Loader& runtime_; }; /** * Filter on response status code. */ class StatusCodeFilter : public ComparisonFilter { public: StatusCodeFilter(const envoy::config::accesslog::v3::StatusCodeFilter& config, Runtime::Loader& runtime) : ComparisonFilter(config.comparison(), runtime) {} // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * Filter on total request/response duration. */ class DurationFilter : public ComparisonFilter { public: DurationFilter(const envoy::config::accesslog::v3::DurationFilter& config, Runtime::Loader& runtime) : ComparisonFilter(config.comparison(), runtime) {} // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * Base operator filter, compose other filters with operation */ class OperatorFilter : public Filter { public: OperatorFilter( const Protobuf::RepeatedPtrField& configs, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor); protected: std::vector filters_; }; /** * *And* operator filter, apply logical *and* operation to all of the sub filters. */ class AndFilter : public OperatorFilter { public: AndFilter(const envoy::config::accesslog::v3::AndFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * *Or* operator filter, apply logical *or* operation to all of the sub filters. */ class OrFilter : public OperatorFilter { public: OrFilter(const envoy::config::accesslog::v3::OrFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random, ProtobufMessage::ValidationVisitor& validation_visitor); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * Filter out health check requests. */ class NotHealthCheckFilter : public Filter { public: NotHealthCheckFilter() = default; // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * Filter traceable requests. */ class TraceableRequestFilter : public Filter { public: // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; }; /** * Filter that uses a runtime feature key to check if the log should be written. */ class RuntimeFilter : public Filter { public: RuntimeFilter(const envoy::config::accesslog::v3::RuntimeFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; private: Runtime::Loader& runtime_; Random::RandomGenerator& random_; const std::string runtime_key_; const envoy::type::v3::FractionalPercent percent_; const bool use_independent_randomness_; }; /** * Filter based on headers. */ class HeaderFilter : public Filter { public: HeaderFilter(const envoy::config::accesslog::v3::HeaderFilter& config); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; private: const Http::HeaderUtility::HeaderDataPtr header_data_; }; /** * Filter requests that had a response with an Envoy response flag set. */ class ResponseFlagFilter : public Filter { public: ResponseFlagFilter(const envoy::config::accesslog::v3::ResponseFlagFilter& config); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; private: uint64_t configured_flags_{}; }; /** * Filters requests that have a response with a gRPC status. Because the gRPC protocol does not * guarantee a gRPC status code, if a gRPC status code is not available, then the filter will infer * the gRPC status code from an HTTP status code if available. */ class GrpcStatusFilter : public Filter { public: using GrpcStatusHashSet = absl::node_hash_set>; GrpcStatusFilter(const envoy::config::accesslog::v3::GrpcStatusFilter& config); // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; private: GrpcStatusHashSet statuses_; bool exclude_; /** * Converts a Protobuf representation of a gRPC status into the equivalent code version of a gRPC * status. */ Grpc::Status::GrpcStatus protoToGrpcStatus(envoy::config::accesslog::v3::GrpcStatusFilter::Status status) const; }; /** * Filters requests based on dynamic metadata */ class MetadataFilter : public Filter { public: MetadataFilter(const envoy::config::accesslog::v3::MetadataFilter& filter_config); bool evaluate(const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers) const override; private: Matchers::ValueMatcherConstSharedPtr present_matcher_; Matchers::ValueMatcherConstSharedPtr value_matcher_; std::vector path_; const bool default_match_; const std::string filter_; }; /** * Extension filter factory that reads from ExtensionFilter proto. */ class ExtensionFilterFactory : public Config::TypedFactory { public: ~ExtensionFilterFactory() override = default; /** * Create a particular extension filter implementation from a config proto. If the * implementation is unable to produce a filter with the provided parameters, it should throw an * EnvoyException. The returned pointer should never be nullptr. * @param config supplies the custom configuration for this filter type. * @param runtime supplies the runtime loader. * @param random supplies the random generator. * @return an instance of extension filter implementation from a config proto. */ virtual FilterPtr createFilter(const envoy::config::accesslog::v3::ExtensionFilter& config, Runtime::Loader& runtime, Random::RandomGenerator& random) PURE; std::string category() const override { return "envoy.access_logger.extension_filters"; } }; /** * Access log factory that reads the configuration from proto. */ class AccessLogFactory { public: /** * Read a filter definition from proto and instantiate an Instance. */ static InstanceSharedPtr fromProto(const envoy::config::accesslog::v3::AccessLog& config, Server::Configuration::FactoryContext& context); }; } // namespace AccessLog } // namespace Envoy ================================================ FILE: source/common/access_log/access_log_manager_impl.cc ================================================ #include "common/access_log/access_log_manager_impl.h" #include #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/lock_guard.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace AccessLog { AccessLogManagerImpl::~AccessLogManagerImpl() { for (auto& [log_key, log_file_ptr] : access_logs_) { ENVOY_LOG(debug, "destroying access logger {}", log_key); log_file_ptr.reset(); } ENVOY_LOG(debug, "destroyed access loggers"); } void AccessLogManagerImpl::reopen() { for (auto& iter : access_logs_) { iter.second->reopen(); } } AccessLogFileSharedPtr AccessLogManagerImpl::createAccessLog(const std::string& file_name) { if (access_logs_.count(file_name)) { return access_logs_[file_name]; } access_logs_[file_name] = std::make_shared( api_.fileSystem().createFile(file_name), dispatcher_, lock_, file_stats_, file_flush_interval_msec_, api_.threadFactory()); return access_logs_[file_name]; } AccessLogFileImpl::AccessLogFileImpl(Filesystem::FilePtr&& file, Event::Dispatcher& dispatcher, Thread::BasicLockable& lock, AccessLogFileStats& stats, std::chrono::milliseconds flush_interval_msec, Thread::ThreadFactory& thread_factory) : file_(std::move(file)), file_lock_(lock), flush_timer_(dispatcher.createTimer([this]() -> void { stats_.flushed_by_timer_.inc(); flush_event_.notifyOne(); flush_timer_->enableTimer(flush_interval_msec_); })), thread_factory_(thread_factory), flush_interval_msec_(flush_interval_msec), stats_(stats) { open(); } Filesystem::FlagSet AccessLogFileImpl::defaultFlags() { static constexpr Filesystem::FlagSet default_flags{1 << Filesystem::File::Operation::Write | 1 << Filesystem::File::Operation::Create | 1 << Filesystem::File::Operation::Append}; return default_flags; } void AccessLogFileImpl::open() { const Api::IoCallBoolResult result = file_->open(defaultFlags()); if (!result.rc_) { throw EnvoyException( fmt::format("unable to open file '{}': {}", file_->path(), result.err_->getErrorDetails())); } } void AccessLogFileImpl::reopen() { reopen_file_ = true; } AccessLogFileImpl::~AccessLogFileImpl() { { Thread::LockGuard lock(write_lock_); flush_thread_exit_ = true; flush_event_.notifyOne(); } if (flush_thread_ != nullptr) { flush_thread_->join(); } // Flush any remaining data. If file was not opened for some reason, skip flushing part. if (file_->isOpen()) { if (flush_buffer_.length() > 0) { doWrite(flush_buffer_); } const Api::IoCallBoolResult result = file_->close(); ASSERT(result.rc_, fmt::format("unable to close file '{}': {}", file_->path(), result.err_->getErrorDetails())); } } void AccessLogFileImpl::doWrite(Buffer::Instance& buffer) { Buffer::RawSliceVector slices = buffer.getRawSlices(); // We must do the actual writes to disk under lock, so that we don't intermix chunks from // different AccessLogFileImpl pointing to the same underlying file. This can happen either via // hot restart or if calling code opens the same underlying file into a different // AccessLogFileImpl in the same process. // TODO PERF: Currently, we use a single cross process lock to serialize all disk writes. This // will never block network workers, but does mean that only a single flush thread can // actually flush to disk. In the future it would be nice if we did away with the cross // process lock or had multiple locks. { Thread::LockGuard lock(file_lock_); for (const Buffer::RawSlice& slice : slices) { absl::string_view data(static_cast(slice.mem_), slice.len_); const Api::IoCallSizeResult result = file_->write(data); if (result.ok() && result.rc_ == static_cast(slice.len_)) { stats_.write_completed_.inc(); } else { // Probably disk full. stats_.write_failed_.inc(); } } } stats_.write_total_buffered_.sub(buffer.length()); buffer.drain(buffer.length()); } void AccessLogFileImpl::flushThreadFunc() { while (true) { std::unique_lock flush_lock; { Thread::LockGuard write_lock(write_lock_); // flush_event_ can be woken up either by large enough flush_buffer or by timer. // In case it was timer, flush_buffer_ can be empty. while (flush_buffer_.length() == 0 && !flush_thread_exit_ && !reopen_file_) { // CondVar::wait() does not throw, so it's safe to pass the mutex rather than the guard. flush_event_.wait(write_lock_); } if (flush_thread_exit_) { return; } flush_lock = std::unique_lock(flush_lock_); about_to_write_buffer_.move(flush_buffer_); ASSERT(flush_buffer_.length() == 0); } // if we failed to open file before, then simply ignore if (file_->isOpen()) { try { if (reopen_file_) { reopen_file_ = false; const Api::IoCallBoolResult result = file_->close(); ASSERT(result.rc_, fmt::format("unable to close file '{}': {}", file_->path(), result.err_->getErrorDetails())); open(); } doWrite(about_to_write_buffer_); } catch (const EnvoyException&) { stats_.reopen_failed_.inc(); } } } } void AccessLogFileImpl::flush() { std::unique_lock flush_buffer_lock; { Thread::LockGuard write_lock(write_lock_); // flush_lock_ must be held while checking this or else it is // possible that flushThreadFunc() has already moved data from // flush_buffer_ to about_to_write_buffer_, has unlocked write_lock_, // but has not yet completed doWrite(). This would allow flush() to // return before the pending data has actually been written to disk. flush_buffer_lock = std::unique_lock(flush_lock_); if (flush_buffer_.length() == 0) { return; } about_to_write_buffer_.move(flush_buffer_); ASSERT(flush_buffer_.length() == 0); } doWrite(about_to_write_buffer_); } void AccessLogFileImpl::write(absl::string_view data) { Thread::LockGuard lock(write_lock_); if (flush_thread_ == nullptr) { createFlushStructures(); } stats_.write_buffered_.inc(); stats_.write_total_buffered_.add(data.length()); flush_buffer_.add(data.data(), data.size()); if (flush_buffer_.length() > MIN_FLUSH_SIZE) { flush_event_.notifyOne(); } } void AccessLogFileImpl::createFlushStructures() { flush_thread_ = thread_factory_.createThread([this]() -> void { flushThreadFunc(); }, Thread::Options{"AccessLogFlush"}); flush_timer_->enableTimer(flush_interval_msec_); } } // namespace AccessLog } // namespace Envoy ================================================ FILE: source/common/access_log/access_log_manager_impl.h ================================================ #pragma once #include #include "envoy/access_log/access_log.h" #include "envoy/api/api.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/filesystem.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/store.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "absl/container/node_hash_map.h" namespace Envoy { #define ACCESS_LOG_FILE_STATS(COUNTER, GAUGE) \ COUNTER(flushed_by_timer) \ COUNTER(reopen_failed) \ COUNTER(write_buffered) \ COUNTER(write_completed) \ COUNTER(write_failed) \ GAUGE(write_total_buffered, Accumulate) struct AccessLogFileStats { ACCESS_LOG_FILE_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; namespace AccessLog { class AccessLogManagerImpl : public AccessLogManager, Logger::Loggable { public: AccessLogManagerImpl(std::chrono::milliseconds file_flush_interval_msec, Api::Api& api, Event::Dispatcher& dispatcher, Thread::BasicLockable& lock, Stats::Store& stats_store) : file_flush_interval_msec_(file_flush_interval_msec), api_(api), dispatcher_(dispatcher), lock_(lock), file_stats_{ ACCESS_LOG_FILE_STATS(POOL_COUNTER_PREFIX(stats_store, "filesystem."), POOL_GAUGE_PREFIX(stats_store, "filesystem."))} {} ~AccessLogManagerImpl() override; // AccessLog::AccessLogManager void reopen() override; AccessLogFileSharedPtr createAccessLog(const std::string& file_name) override; private: const std::chrono::milliseconds file_flush_interval_msec_; Api::Api& api_; Event::Dispatcher& dispatcher_; Thread::BasicLockable& lock_; AccessLogFileStats file_stats_; absl::node_hash_map access_logs_; }; /** * This is a file implementation geared for writing out access logs. It turn out that in certain * cases even if a standard file is opened with O_NONBLOCK, the kernel can still block when writing. * This implementation uses a flush thread per file, with the idea there aren't that many * files. If this turns out to be a good implementation we can potentially have a single flush * thread that flushes all files, but we will start with this. */ class AccessLogFileImpl : public AccessLogFile { public: AccessLogFileImpl(Filesystem::FilePtr&& file, Event::Dispatcher& dispatcher, Thread::BasicLockable& lock, AccessLogFileStats& stats, std::chrono::milliseconds flush_interval_msec, Thread::ThreadFactory& thread_factory); ~AccessLogFileImpl() override; // AccessLog::AccessLogFile void write(absl::string_view data) override; /** * Reopen file asynchronously. * This only sets reopen flag, actual reopen operation is delayed. * Reopen happens before the next write operation. */ void reopen() override; void flush() override; private: void doWrite(Buffer::Instance& buffer); void flushThreadFunc(); void open(); void createFlushStructures(); // return default flags set which used by open static Filesystem::FlagSet defaultFlags(); // Minimum size before the flush thread will be told to flush. static const uint64_t MIN_FLUSH_SIZE = 1024 * 64; Filesystem::FilePtr file_; // These locks are always acquired in the following order if multiple locks are held: // 1) write_lock_ // 2) flush_lock_ // 3) file_lock_ Thread::BasicLockable& file_lock_; // This lock is used only by the flush thread when writing // to disk. This is used to make sure that file blocks do // not get interleaved by multiple processes writing to // the same file during hot-restart. Thread::MutexBasicLockable flush_lock_; // This lock is used to prevent simultaneous flushes from // the flush thread and a synchronous flush. This protects // concurrent access to the about_to_write_buffer_, fd_, // and all other data used during flushing and file // re-opening. Thread::MutexBasicLockable write_lock_; // The lock is used when filling the flush buffer. It allows // multiple threads to write to the same file at relatively // high performance. It is always local to the process. Thread::ThreadPtr flush_thread_; Thread::CondVar flush_event_; std::atomic flush_thread_exit_{}; std::atomic reopen_file_{}; Buffer::OwnedImpl flush_buffer_ ABSL_GUARDED_BY(write_lock_); // This buffer is used by multiple threads. It // gets filled and then flushed either when max // size is reached or when a timer fires. // TODO(jmarantz): this should be ABSL_GUARDED_BY(flush_lock_) but the analysis cannot poke // through the std::make_unique assignment. I do not believe it's possible to annotate this // properly now due to limitations in the clang thread annotation analysis. Buffer::OwnedImpl about_to_write_buffer_; // This buffer is used only by the flush thread. Data // is moved from flush_buffer_ under lock, and then // the lock is released so that flush_buffer_ can // continue to fill. This buffer is then used for the // final write to disk. Event::TimerPtr flush_timer_; Thread::ThreadFactory& thread_factory_; const std::chrono::milliseconds flush_interval_msec_; // Time interval buffer gets flushed no // matter if it reached the MIN_FLUSH_SIZE // or not. AccessLogFileStats& stats_; }; } // namespace AccessLog } // namespace Envoy ================================================ FILE: source/common/api/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", "envoy_select_hot_restart", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "api_lib", srcs = ["api_impl.cc"], hdrs = ["api_impl.h"], deps = [ "//include/envoy/api:api_interface", "//source/common/common:thread_lib", "//source/common/event:dispatcher_lib", "//source/common/network:socket_lib", ], ) envoy_cc_library( name = "os_sys_calls_lib", srcs = select({ "//bazel:linux": [ "posix/os_sys_calls_impl.cc", "posix/os_sys_calls_impl_linux.cc", ], "//bazel:windows_x86_64": ["win32/os_sys_calls_impl.cc"], "//conditions:default": ["posix/os_sys_calls_impl.cc"], }) + envoy_select_hot_restart(["posix/os_sys_calls_impl_hot_restart.cc"]), hdrs = select({ "//bazel:linux": [ "posix/os_sys_calls_impl.h", "posix/os_sys_calls_impl_linux.h", ], "//bazel:windows_x86_64": ["win32/os_sys_calls_impl.h"], "//conditions:default": ["posix/os_sys_calls_impl.h"], }) + envoy_select_hot_restart(["posix/os_sys_calls_impl_hot_restart.h"]), strip_include_prefix = select({ "//bazel:windows_x86_64": "win32", "//conditions:default": "posix", }), deps = [ "//include/envoy/api:os_sys_calls_interface", "//source/common/singleton:threadsafe_singleton", ], ) ================================================ FILE: source/common/api/api_impl.cc ================================================ #include "common/api/api_impl.h" #include #include #include "common/common/thread.h" #include "common/event/dispatcher_impl.h" namespace Envoy { namespace Api { Impl::Impl(Thread::ThreadFactory& thread_factory, Stats::Store& store, Event::TimeSystem& time_system, Filesystem::Instance& file_system, Random::RandomGenerator& random_generator, const ProcessContextOptRef& process_context) : thread_factory_(thread_factory), store_(store), time_system_(time_system), file_system_(file_system), random_generator_(random_generator), process_context_(process_context) {} Event::DispatcherPtr Impl::allocateDispatcher(const std::string& name) { return std::make_unique(name, *this, time_system_); } Event::DispatcherPtr Impl::allocateDispatcher(const std::string& name, Buffer::WatermarkFactoryPtr&& factory) { return std::make_unique(name, std::move(factory), *this, time_system_); } } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/api_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/event/timer.h" #include "envoy/filesystem/filesystem.h" #include "envoy/network/socket.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Api { /** * Implementation of Api::Api */ class Impl : public Api { public: Impl(Thread::ThreadFactory& thread_factory, Stats::Store& store, Event::TimeSystem& time_system, Filesystem::Instance& file_system, Random::RandomGenerator& random_generator, const ProcessContextOptRef& process_context = absl::nullopt); // Api::Api Event::DispatcherPtr allocateDispatcher(const std::string& name) override; Event::DispatcherPtr allocateDispatcher(const std::string& name, Buffer::WatermarkFactoryPtr&& watermark_factory) override; Thread::ThreadFactory& threadFactory() override { return thread_factory_; } Filesystem::Instance& fileSystem() override { return file_system_; } TimeSource& timeSource() override { return time_system_; } const Stats::Scope& rootScope() override { return store_; } Random::RandomGenerator& randomGenerator() override { return random_generator_; } ProcessContextOptRef processContext() override { return process_context_; } private: Thread::ThreadFactory& thread_factory_; Stats::Store& store_; Event::TimeSystem& time_system_; Filesystem::Instance& file_system_; Random::RandomGenerator& random_generator_; ProcessContextOptRef process_context_; }; } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl.cc ================================================ #include #include #include #include #include #include "common/api/os_sys_calls_impl.h" namespace Envoy { namespace Api { SysCallIntResult OsSysCallsImpl::bind(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) { const int rc = ::bind(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::chmod(const std::string& path, mode_t mode) { const int rc = ::chmod(path.c_str(), mode); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::ioctl(os_fd_t sockfd, unsigned long int request, void* argp) { const int rc = ::ioctl(sockfd, request, argp); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::close(os_fd_t fd) { const int rc = ::close(fd); return {rc, rc != -1 ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::writev(os_fd_t fd, const iovec* iov, int num_iov) { const ssize_t rc = ::writev(fd, iov, num_iov); return {rc, rc != -1 ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::readv(os_fd_t fd, const iovec* iov, int num_iov) { const ssize_t rc = ::readv(fd, iov, num_iov); return {rc, rc != -1 ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::recv(os_fd_t socket, void* buffer, size_t length, int flags) { const ssize_t rc = ::recv(socket, buffer, length, flags); return {rc, rc != -1 ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::recvmsg(os_fd_t sockfd, msghdr* msg, int flags) { const ssize_t rc = ::recvmsg(sockfd, msg, flags); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::recvmmsg(os_fd_t sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags, struct timespec* timeout) { #if ENVOY_MMSG_MORE const int rc = ::recvmmsg(sockfd, msgvec, vlen, flags, timeout); return {rc, errno}; #else UNREFERENCED_PARAMETER(sockfd); UNREFERENCED_PARAMETER(msgvec); UNREFERENCED_PARAMETER(vlen); UNREFERENCED_PARAMETER(flags); UNREFERENCED_PARAMETER(timeout); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; #endif } bool OsSysCallsImpl::supportsMmsg() const { #if ENVOY_MMSG_MORE return true; #else return false; #endif } bool OsSysCallsImpl::supportsUdpGro() const { #if !defined(__linux__) return false; #else static const bool is_supported = [] { int fd = ::socket(AF_INET, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); if (fd < 0) { return false; } int val = 1; bool result = (0 == ::setsockopt(fd, IPPROTO_UDP, UDP_GRO, &val, sizeof(val))); ::close(fd); return result; }(); return is_supported; #endif } bool OsSysCallsImpl::supportsUdpGso() const { #if !defined(__linux__) return false; #else static const bool is_supported = [] { int fd = ::socket(AF_INET, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); if (fd < 0) { return false; } int optval; socklen_t optlen = sizeof(optval); bool result = (0 <= ::getsockopt(fd, IPPROTO_UDP, UDP_SEGMENT, &optval, &optlen)); ::close(fd); return result; }(); return is_supported; #endif } bool OsSysCallsImpl::supportsIpTransparent() const { #if !defined(__linux__) || !defined(IPV6_TRANSPARENT) return false; #else // The linux kernel supports IP_TRANSPARENT by following patch(starting from v2.6.28) : // https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/ip_sockglue.c?id=f5715aea4564f233767ea1d944b2637a5fd7cd2e // // The linux kernel supports IPV6_TRANSPARENT by following patch(starting from v2.6.37) : // https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/ipv6_sockglue.c?id=6c46862280c5f55eda7750391bc65cd7e08c7535 // // So, almost recent linux kernel supports both IP_TRANSPARENT and IPV6_TRANSPARENT options. // // And these socket options need CAP_NET_ADMIN capability to be applied. // The CAP_NET_ADMIN capability should be applied by root user before call this function. static const bool is_supported = [] { // Check ipv4 case int fd = ::socket(AF_INET, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); if (fd < 0) { return false; } int val = 1; bool result = (0 == ::setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &val, sizeof(val))); ::close(fd); if (!result) { return false; } // Check ipv6 case fd = ::socket(AF_INET6, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); if (fd < 0) { return false; } val = 1; result = (0 == ::setsockopt(fd, IPPROTO_IPV6, IPV6_TRANSPARENT, &val, sizeof(val))); ::close(fd); return result; }(); return is_supported; #endif } SysCallIntResult OsSysCallsImpl::ftruncate(int fd, off_t length) { const int rc = ::ftruncate(fd, length); return {rc, rc != -1 ? 0 : errno}; } SysCallPtrResult OsSysCallsImpl::mmap(void* addr, size_t length, int prot, int flags, int fd, off_t offset) { void* rc = ::mmap(addr, length, prot, flags, fd, offset); return {rc, rc != MAP_FAILED ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::stat(const char* pathname, struct stat* buf) { const int rc = ::stat(pathname, buf); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::setsockopt(os_fd_t sockfd, int level, int optname, const void* optval, socklen_t optlen) { const int rc = ::setsockopt(sockfd, level, optname, optval, optlen); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::getsockopt(os_fd_t sockfd, int level, int optname, void* optval, socklen_t* optlen) { const int rc = ::getsockopt(sockfd, level, optname, optval, optlen); return {rc, rc != -1 ? 0 : errno}; } SysCallSocketResult OsSysCallsImpl::socket(int domain, int type, int protocol) { const os_fd_t rc = ::socket(domain, type, protocol); return {rc, SOCKET_VALID(rc) ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::sendmsg(os_fd_t fd, const msghdr* message, int flags) { const int rc = ::sendmsg(fd, message, flags); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::getsockname(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) { const int rc = ::getsockname(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::gethostname(char* name, size_t length) { const int rc = ::gethostname(name, length); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::getpeername(os_fd_t sockfd, sockaddr* name, socklen_t* namelen) { const int rc = ::getpeername(sockfd, name, namelen); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::setsocketblocking(os_fd_t sockfd, bool blocking) { const int flags = ::fcntl(sockfd, F_GETFL, 0); int rc; if (flags == -1) { return {-1, errno}; } if (blocking) { rc = ::fcntl(sockfd, F_SETFL, flags & ~O_NONBLOCK); } else { rc = ::fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); } return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::connect(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) { const int rc = ::connect(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::shutdown(os_fd_t sockfd, int how) { const int rc = ::shutdown(sockfd, how); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::socketpair(int domain, int type, int protocol, os_fd_t sv[2]) { const int rc = ::socketpair(domain, type, protocol, sv); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::listen(os_fd_t sockfd, int backlog) { const int rc = ::listen(sockfd, backlog); return {rc, rc != -1 ? 0 : errno}; } SysCallSizeResult OsSysCallsImpl::write(os_fd_t sockfd, const void* buffer, size_t length) { const ssize_t rc = ::write(sockfd, buffer, length); return {rc, rc != -1 ? 0 : errno}; } SysCallSocketResult OsSysCallsImpl::accept(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) { os_fd_t rc; #if defined(__linux__) rc = ::accept4(sockfd, addr, addrlen, SOCK_NONBLOCK); // If failed with EINVAL try without flags if (rc >= 0 || errno != EINVAL) { return {rc, rc != -1 ? 0 : errno}; } #endif rc = ::accept(sockfd, addr, addrlen); if (rc >= 0) { setsocketblocking(rc, false); } return {rc, rc != -1 ? 0 : errno}; } } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl.h ================================================ #pragma once #include #include "envoy/api/os_sys_calls.h" #include "common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { class OsSysCallsImpl : public OsSysCalls { public: // Api::OsSysCalls SysCallIntResult bind(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) override; SysCallIntResult chmod(const std::string& path, mode_t mode) override; SysCallIntResult ioctl(os_fd_t sockfd, unsigned long int request, void* argp) override; SysCallSizeResult writev(os_fd_t fd, const iovec* iov, int num_iov) override; SysCallSizeResult readv(os_fd_t fd, const iovec* iov, int num_iov) override; SysCallSizeResult recv(os_fd_t socket, void* buffer, size_t length, int flags) override; SysCallSizeResult recvmsg(os_fd_t sockfd, msghdr* msg, int flags) override; SysCallIntResult recvmmsg(os_fd_t sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags, struct timespec* timeout) override; bool supportsMmsg() const override; bool supportsUdpGro() const override; bool supportsUdpGso() const override; bool supportsIpTransparent() const override; SysCallIntResult close(os_fd_t fd) override; SysCallIntResult ftruncate(int fd, off_t length) override; SysCallPtrResult mmap(void* addr, size_t length, int prot, int flags, int fd, off_t offset) override; SysCallIntResult stat(const char* pathname, struct stat* buf) override; SysCallIntResult setsockopt(os_fd_t sockfd, int level, int optname, const void* optval, socklen_t optlen) override; SysCallIntResult getsockopt(os_fd_t sockfd, int level, int optname, void* optval, socklen_t* optlen) override; SysCallSocketResult socket(int domain, int type, int protocol) override; SysCallSizeResult sendmsg(os_fd_t fd, const msghdr* message, int flags) override; SysCallIntResult getsockname(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) override; SysCallIntResult gethostname(char* name, size_t length) override; SysCallIntResult getpeername(os_fd_t sockfd, sockaddr* name, socklen_t* namelen) override; SysCallIntResult setsocketblocking(os_fd_t sockfd, bool blocking) override; SysCallIntResult connect(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) override; SysCallIntResult shutdown(os_fd_t sockfd, int how) override; SysCallIntResult socketpair(int domain, int type, int protocol, os_fd_t sv[2]) override; SysCallIntResult listen(os_fd_t sockfd, int backlog) override; SysCallSizeResult write(os_fd_t socket, const void* buffer, size_t length) override; SysCallSocketResult accept(os_fd_t socket, sockaddr* addr, socklen_t* addrlen) override; }; using OsSysCallsSingleton = ThreadSafeSingleton; } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl_hot_restart.cc ================================================ #include #include "common/api/os_sys_calls_impl_hot_restart.h" namespace Envoy { namespace Api { SysCallIntResult HotRestartOsSysCallsImpl::shmOpen(const char* name, int oflag, mode_t mode) { const int rc = ::shm_open(name, oflag, mode); return {rc, errno}; } SysCallIntResult HotRestartOsSysCallsImpl::shmUnlink(const char* name) { const int rc = ::shm_unlink(name); return {rc, errno}; } } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl_hot_restart.h ================================================ #pragma once #include "envoy/api/os_sys_calls_hot_restart.h" #include "common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { class HotRestartOsSysCallsImpl : public HotRestartOsSysCalls { public: // Api::HotRestartOsSysCalls SysCallIntResult shmOpen(const char* name, int oflag, mode_t mode) override; SysCallIntResult shmUnlink(const char* name) override; }; using HotRestartOsSysCallsSingleton = ThreadSafeSingleton; } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl_linux.cc ================================================ #if !defined(__linux__) #error "Linux platform file is part of non-Linux build." #endif #include #include #include "common/api/os_sys_calls_impl_linux.h" namespace Envoy { namespace Api { SysCallIntResult LinuxOsSysCallsImpl::sched_getaffinity(pid_t pid, size_t cpusetsize, cpu_set_t* mask) { const int rc = ::sched_getaffinity(pid, cpusetsize, mask); return {rc, errno}; } } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/posix/os_sys_calls_impl_linux.h ================================================ #pragma once #if !defined(__linux__) #error "Linux platform file is part of non-Linux build." #endif #include "envoy/api/os_sys_calls_linux.h" #include "common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { class LinuxOsSysCallsImpl : public LinuxOsSysCalls { public: // Api::LinuxOsSysCalls SysCallIntResult sched_getaffinity(pid_t pid, size_t cpusetsize, cpu_set_t* mask) override; }; using LinuxOsSysCallsSingleton = ThreadSafeSingleton; } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/win32/os_sys_calls_impl.cc ================================================ #include #include #include #include #include #include #include "common/api/os_sys_calls_impl.h" #define DWORD_MAX UINT32_MAX namespace Envoy { namespace Api { namespace { using WSAMSGPtr = std::unique_ptr; struct wsamsgResult { WSAMSGPtr wsamsg_; std::vector buff_data_; }; std::vector iovecToWSABUF(const iovec* vec, int in_vec) { DWORD num_vec = 0; for (int i = 0; i < in_vec; i++) { size_t cur_len = vec[i].iov_len; num_vec++; while (cur_len > DWORD_MAX) { num_vec++; cur_len -= DWORD_MAX; } } std::vector buff(num_vec); auto it = buff.begin(); std::vector vecs(vec, vec + in_vec); for (const auto& vec : vecs) { auto chunk = (CHAR*)vec.iov_base; size_t chunk_len = vec.iov_len; // There is the case that the chunk does not fit into a single WSABUF buffer // this is the case because sizeof(size_t) > sizeof(DWORD). // In this case we split the chunk into multiple WSABUF buffers auto remaining_data = chunk_len; do { (*it).buf = chunk; (*it).len = (remaining_data > DWORD_MAX) ? DWORD_MAX : static_cast(chunk_len); remaining_data -= (*it).len; chunk += (*it).len; it++; } while (remaining_data > 0); } return buff; } LPFN_WSARECVMSG getFnPtrWSARecvMsg() { LPFN_WSARECVMSG recvmsg_fn_ptr = NULL; GUID recvmsg_guid = WSAID_WSARECVMSG; SOCKET sock = INVALID_SOCKET; DWORD bytes_received = 0; sock = socket(AF_INET6, SOCK_DGRAM, 0); RELEASE_ASSERT( WSAIoctl(sock, SIO_GET_EXTENSION_FUNCTION_POINTER, &recvmsg_guid, sizeof(recvmsg_guid), &recvmsg_fn_ptr, sizeof(recvmsg_fn_ptr), &bytes_received, NULL, NULL) != SOCKET_ERROR, "WSAIoctl SIO_GET_EXTENSION_FUNCTION_POINTER for WSARecvMsg failed, not implemented?"); closesocket(sock); return recvmsg_fn_ptr; } wsamsgResult msghdrToWSAMSG(const msghdr* msg) { WSAMSGPtr wsa_msg(new WSAMSG); wsa_msg->name = reinterpret_cast(msg->msg_name); wsa_msg->namelen = msg->msg_namelen; auto buffer = iovecToWSABUF(msg->msg_iov, msg->msg_iovlen); wsa_msg->lpBuffers = buffer.data(); wsa_msg->dwBufferCount = buffer.size(); WSABUF control; control.buf = reinterpret_cast(msg->msg_control); control.len = msg->msg_controllen; wsa_msg->Control = control; wsa_msg->dwFlags = msg->msg_flags; return wsamsgResult{std::move(wsa_msg), std::move(buffer)}; } } // namespace SysCallIntResult OsSysCallsImpl::bind(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) { const int rc = ::bind(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::chmod(const std::string& path, mode_t mode) { const int rc = ::_chmod(path.c_str(), mode); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::ioctl(os_fd_t sockfd, unsigned long int request, void* argp) { const int rc = ::ioctlsocket(sockfd, request, static_cast(argp)); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::close(os_fd_t fd) { const int rc = ::closesocket(fd); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSizeResult OsSysCallsImpl::writev(os_fd_t fd, const iovec* iov, int num_iov) { DWORD bytes_sent; auto buffer = iovecToWSABUF(iov, num_iov); const int rc = ::WSASend(fd, buffer.data(), buffer.size(), &bytes_sent, 0, nullptr, nullptr); if (SOCKET_FAILURE(rc)) { return {-1, ::WSAGetLastError()}; } return {bytes_sent, 0}; } SysCallSizeResult OsSysCallsImpl::readv(os_fd_t fd, const iovec* iov, int num_iov) { DWORD bytes_received; DWORD flags = 0; auto buffer = iovecToWSABUF(iov, num_iov); const int rc = ::WSARecv(fd, buffer.data(), buffer.size(), &bytes_received, &flags, nullptr, nullptr); if (SOCKET_FAILURE(rc)) { return {-1, ::WSAGetLastError()}; } return {bytes_received, 0}; } SysCallSizeResult OsSysCallsImpl::recv(os_fd_t socket, void* buffer, size_t length, int flags) { const ssize_t rc = ::recv(socket, static_cast(buffer), length, flags); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSizeResult OsSysCallsImpl::recvmsg(os_fd_t sockfd, msghdr* msg, int flags) { DWORD bytes_received; LPFN_WSARECVMSG recvmsg_fn_ptr = getFnPtrWSARecvMsg(); wsamsgResult wsamsg = msghdrToWSAMSG(msg); // Windows supports only a single flag on input to WSARecvMsg wsamsg.wsamsg_->dwFlags = flags & MSG_PEEK; const int rc = recvmsg_fn_ptr(sockfd, wsamsg.wsamsg_.get(), &bytes_received, nullptr, nullptr); if (rc == SOCKET_ERROR) { return {-1, ::WSAGetLastError()}; } msg->msg_namelen = wsamsg.wsamsg_->namelen; msg->msg_flags = wsamsg.wsamsg_->dwFlags; msg->msg_controllen = wsamsg.wsamsg_->Control.len; return {bytes_received, 0}; } SysCallIntResult OsSysCallsImpl::recvmmsg(os_fd_t sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags, struct timespec* timeout) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } bool OsSysCallsImpl::supportsMmsg() const { // Windows doesn't support it. return false; } bool OsSysCallsImpl::supportsUdpGro() const { // Windows doesn't support it. return false; } bool OsSysCallsImpl::supportsUdpGso() const { // Windows doesn't support it. return false; } bool OsSysCallsImpl::supportsIpTransparent() const { // Windows doesn't support it. return false; } SysCallIntResult OsSysCallsImpl::ftruncate(int fd, off_t length) { const int rc = ::_chsize_s(fd, length); return {rc, rc == 0 ? 0 : errno}; } SysCallPtrResult OsSysCallsImpl::mmap(void* addr, size_t length, int prot, int flags, int fd, off_t offset) { PANIC("mmap not implemented on Windows"); } SysCallIntResult OsSysCallsImpl::stat(const char* pathname, struct stat* buf) { const int rc = ::stat(pathname, buf); return {rc, rc != -1 ? 0 : errno}; } SysCallIntResult OsSysCallsImpl::setsockopt(os_fd_t sockfd, int level, int optname, const void* optval, socklen_t optlen) { const int rc = ::setsockopt(sockfd, level, optname, static_cast(optval), optlen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::getsockopt(os_fd_t sockfd, int level, int optname, void* optval, socklen_t* optlen) { const int rc = ::getsockopt(sockfd, level, optname, static_cast(optval), optlen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSocketResult OsSysCallsImpl::socket(int domain, int type, int protocol) { const os_fd_t rc = ::socket(domain, type, protocol); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSizeResult OsSysCallsImpl::sendmsg(os_fd_t sockfd, const msghdr* msg, int flags) { DWORD bytes_received; // if overlapped and/or completion routines are supported adjust the arguments accordingly wsamsgResult wsamsg = msghdrToWSAMSG(msg); const int rc = ::WSASendMsg(sockfd, wsamsg.wsamsg_.get(), flags, &bytes_received, nullptr, nullptr); if (rc == SOCKET_ERROR) { return {-1, ::WSAGetLastError()}; } return {bytes_received, 0}; } SysCallIntResult OsSysCallsImpl::getsockname(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) { const int rc = ::getsockname(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::gethostname(char* name, size_t length) { const int rc = ::gethostname(name, length); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::getpeername(os_fd_t sockfd, sockaddr* name, socklen_t* namelen) { const int rc = ::getpeername(sockfd, name, namelen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::setsocketblocking(os_fd_t sockfd, bool blocking) { u_long io_mode = blocking ? 0 : 1; const int rc = ::ioctlsocket(sockfd, FIONBIO, &io_mode); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::connect(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) { const int rc = ::connect(sockfd, addr, addrlen); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::shutdown(os_fd_t sockfd, int how) { const int rc = ::shutdown(sockfd, how); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallIntResult OsSysCallsImpl::socketpair(int domain, int type, int protocol, os_fd_t sv[2]) { if (sv == nullptr) { return {SOCKET_ERROR, SOCKET_ERROR_INVAL}; } sv[0] = sv[1] = INVALID_SOCKET; SysCallSocketResult socket_result = socket(domain, type, protocol); if (SOCKET_INVALID(socket_result.rc_)) { return {SOCKET_ERROR, socket_result.errno_}; } os_fd_t listener = socket_result.rc_; typedef union { struct sockaddr_storage sa; struct sockaddr_in in; struct sockaddr_in6 in6; } sa_union; sa_union a = {}; socklen_t sa_size = sizeof(a); a.sa.ss_family = domain; if (domain == AF_INET) { a.in.sin_addr.s_addr = ::htonl(INADDR_LOOPBACK); a.in.sin_port = 0; } else if (domain == AF_INET6) { a.in6.sin6_addr = in6addr_loopback; a.in6.sin6_port = 0; } else { return {SOCKET_ERROR, SOCKET_ERROR_INVAL}; } auto onErr = [this, listener, sv]() -> void { ::closesocket(listener); ::closesocket(sv[0]); ::closesocket(sv[1]); sv[0] = INVALID_SOCKET; sv[1] = INVALID_SOCKET; }; SysCallIntResult int_result = bind(listener, reinterpret_cast(&a), sa_size); if (int_result.rc_ == SOCKET_ERROR) { onErr(); return int_result; } int_result = listen(listener, 1); if (int_result.rc_ == SOCKET_ERROR) { onErr(); return int_result; } socket_result = socket(domain, type, protocol); if (SOCKET_INVALID(socket_result.rc_)) { onErr(); return {SOCKET_ERROR, socket_result.errno_}; } sv[0] = socket_result.rc_; a = {}; int_result = getsockname(listener, reinterpret_cast(&a), &sa_size); if (int_result.rc_ == SOCKET_ERROR) { onErr(); return int_result; } int_result = connect(sv[0], reinterpret_cast(&a), sa_size); if (int_result.rc_ == SOCKET_ERROR) { onErr(); return int_result; } socket_result.rc_ = ::accept(listener, nullptr, nullptr); if (SOCKET_INVALID(socket_result.rc_)) { socket_result.errno_ = ::WSAGetLastError(); onErr(); return {SOCKET_ERROR, socket_result.errno_}; } sv[1] = socket_result.rc_; ::closesocket(listener); return {0, 0}; } SysCallIntResult OsSysCallsImpl::listen(os_fd_t sockfd, int backlog) { const int rc = ::listen(sockfd, backlog); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSizeResult OsSysCallsImpl::write(os_fd_t sockfd, const void* buffer, size_t length) { const ssize_t rc = ::send(sockfd, static_cast(buffer), length, 0); return {rc, rc != -1 ? 0 : ::WSAGetLastError()}; } SysCallSocketResult OsSysCallsImpl::accept(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) { const os_fd_t rc = ::accept(sockfd, addr, addrlen); if (SOCKET_INVALID(rc)) { return {rc, ::WSAGetLastError()}; } setsocketblocking(rc, false); return {rc, 0}; } } // namespace Api } // namespace Envoy ================================================ FILE: source/common/api/win32/os_sys_calls_impl.h ================================================ #pragma once #include #include "envoy/api/os_sys_calls.h" #include "common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { class OsSysCallsImpl : public OsSysCalls { public: // Api::OsSysCalls SysCallIntResult bind(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) override; SysCallIntResult chmod(const std::string& path, mode_t mode) override; SysCallIntResult ioctl(os_fd_t sockfd, unsigned long int request, void* argp) override; SysCallSizeResult writev(os_fd_t fd, const iovec* iov, int num_iov) override; SysCallSizeResult readv(os_fd_t fd, const iovec* iov, int num_iov) override; SysCallSizeResult recv(os_fd_t socket, void* buffer, size_t length, int flags) override; SysCallSizeResult recvmsg(os_fd_t sockfd, msghdr* msg, int flags) override; SysCallIntResult recvmmsg(os_fd_t sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags, struct timespec* timeout) override; bool supportsMmsg() const override; bool supportsUdpGro() const override; bool supportsUdpGso() const override; bool supportsIpTransparent() const override; SysCallIntResult close(os_fd_t fd) override; SysCallIntResult ftruncate(int fd, off_t length) override; SysCallPtrResult mmap(void* addr, size_t length, int prot, int flags, int fd, off_t offset) override; SysCallIntResult stat(const char* pathname, struct stat* buf) override; SysCallIntResult setsockopt(os_fd_t sockfd, int level, int optname, const void* optval, socklen_t optlen) override; SysCallIntResult getsockopt(os_fd_t sockfd, int level, int optname, void* optval, socklen_t* optlen) override; SysCallSocketResult socket(int domain, int type, int protocol) override; SysCallSizeResult sendmsg(os_fd_t fd, const msghdr* message, int flags) override; SysCallIntResult getsockname(os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) override; SysCallIntResult gethostname(char* name, size_t length) override; SysCallIntResult getpeername(os_fd_t sockfd, sockaddr* name, socklen_t* namelen) override; SysCallIntResult setsocketblocking(os_fd_t sockfd, bool blocking) override; SysCallIntResult connect(os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) override; SysCallIntResult shutdown(os_fd_t sockfd, int how) override; SysCallIntResult socketpair(int domain, int type, int protocol, os_fd_t sv[2]) override; SysCallIntResult listen(os_fd_t sockfd, int backlog) override; SysCallSizeResult write(os_fd_t socket, const void* buffer, size_t length) override; SysCallSocketResult accept(os_fd_t socket, sockaddr* addr, socklen_t* addrlen) override; }; using OsSysCallsSingleton = ThreadSafeSingleton; } // namespace Api } // namespace Envoy ================================================ FILE: source/common/buffer/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "watermark_buffer_lib", srcs = ["watermark_buffer.cc"], hdrs = ["watermark_buffer.h"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/runtime:runtime_features_lib", ], ) envoy_cc_library( name = "buffer_lib", srcs = ["buffer_impl.cc"], hdrs = ["buffer_impl.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//source/common/common:non_copyable", "//source/common/common:utility_lib", "//source/common/event:libevent_lib", ], ) envoy_cc_library( name = "zero_copy_input_stream_lib", srcs = ["zero_copy_input_stream_impl.cc"], hdrs = ["zero_copy_input_stream_impl.h"], deps = [ ":buffer_lib", "//source/common/protobuf", ], ) ================================================ FILE: source/common/buffer/buffer_impl.cc ================================================ #include "common/buffer/buffer_impl.h" #include #include #include "common/common/assert.h" #include "absl/container/fixed_array.h" #include "event2/buffer.h" namespace Envoy { namespace Buffer { namespace { // This size has been determined to be optimal from running the // //test/integration:http_benchmark benchmark tests. // TODO(yanavlasov): This may not be optimal for all hardware configurations or traffic patterns and // may need to be configurable in the future. constexpr uint64_t CopyThreshold = 512; } // namespace void OwnedImpl::addImpl(const void* data, uint64_t size) { const char* src = static_cast(data); bool new_slice_needed = slices_.empty(); while (size != 0) { if (new_slice_needed) { slices_.emplace_back(OwnedSlice::create(size)); } uint64_t copy_size = slices_.back()->append(src, size); src += copy_size; size -= copy_size; length_ += copy_size; new_slice_needed = true; } } void OwnedImpl::addDrainTracker(std::function drain_tracker) { ASSERT(!slices_.empty()); slices_.back()->addDrainTracker(std::move(drain_tracker)); } void OwnedImpl::add(const void* data, uint64_t size) { addImpl(data, size); } void OwnedImpl::addBufferFragment(BufferFragment& fragment) { length_ += fragment.size(); slices_.emplace_back(std::make_unique(fragment)); } void OwnedImpl::add(absl::string_view data) { add(data.data(), data.size()); } void OwnedImpl::add(const Instance& data) { ASSERT(&data != this); for (const RawSlice& slice : data.getRawSlices()) { add(slice.mem_, slice.len_); } } void OwnedImpl::prepend(absl::string_view data) { uint64_t size = data.size(); bool new_slice_needed = slices_.empty(); while (size != 0) { if (new_slice_needed) { slices_.emplace_front(OwnedSlice::create(size)); } uint64_t copy_size = slices_.front()->prepend(data.data(), size); size -= copy_size; length_ += copy_size; new_slice_needed = true; } } void OwnedImpl::prepend(Instance& data) { ASSERT(&data != this); OwnedImpl& other = static_cast(data); while (!other.slices_.empty()) { uint64_t slice_size = other.slices_.back()->dataSize(); length_ += slice_size; slices_.emplace_front(std::move(other.slices_.back())); other.slices_.pop_back(); other.length_ -= slice_size; } other.postProcess(); } void OwnedImpl::commit(RawSlice* iovecs, uint64_t num_iovecs) { if (num_iovecs == 0) { return; } // Find the slices in the buffer that correspond to the iovecs: // First, scan backward from the end of the buffer to find the last slice containing // any content. Reservations are made from the end of the buffer, and out-of-order commits // aren't supported, so any slices before this point cannot match the iovecs being committed. ssize_t slice_index = static_cast(slices_.size()) - 1; while (slice_index >= 0 && slices_[slice_index]->dataSize() == 0) { slice_index--; } if (slice_index < 0) { // There was no slice containing any data, so rewind the iterator at the first slice. slice_index = 0; if (!slices_[0]) { return; } } // Next, scan forward and attempt to match the slices against iovecs. uint64_t num_slices_committed = 0; while (num_slices_committed < num_iovecs) { if (slices_[slice_index]->commit(iovecs[num_slices_committed])) { length_ += iovecs[num_slices_committed].len_; num_slices_committed++; } slice_index++; if (slice_index == static_cast(slices_.size())) { break; } } // In case an extra slice was reserved, remove empty slices from the end of the buffer. while (!slices_.empty() && slices_.back()->dataSize() == 0) { slices_.pop_back(); } ASSERT(num_slices_committed > 0); } void OwnedImpl::copyOut(size_t start, uint64_t size, void* data) const { uint64_t bytes_to_skip = start; uint8_t* dest = static_cast(data); for (const auto& slice : slices_) { if (size == 0) { break; } uint64_t data_size = slice->dataSize(); if (data_size <= bytes_to_skip) { // The offset where the caller wants to start copying is after the end of this slice, // so just skip over this slice completely. bytes_to_skip -= data_size; continue; } uint64_t copy_size = std::min(size, data_size - bytes_to_skip); memcpy(dest, slice->data() + bytes_to_skip, copy_size); size -= copy_size; dest += copy_size; // Now that we've started copying, there are no bytes left to skip over. If there // is any more data to be copied, the next iteration can start copying from the very // beginning of the next slice. bytes_to_skip = 0; } ASSERT(size == 0); } void OwnedImpl::drain(uint64_t size) { drainImpl(size); } void OwnedImpl::drainImpl(uint64_t size) { while (size != 0) { if (slices_.empty()) { break; } uint64_t slice_size = slices_.front()->dataSize(); if (slice_size <= size) { slices_.pop_front(); length_ -= slice_size; size -= slice_size; } else { slices_.front()->drain(size); length_ -= size; size = 0; } } // Make sure to drain any zero byte fragments that might have been added as // sentinels for flushed data. while (!slices_.empty() && slices_.front()->dataSize() == 0) { slices_.pop_front(); } } RawSliceVector OwnedImpl::getRawSlices(absl::optional max_slices) const { uint64_t max_out = slices_.size(); if (max_slices.has_value()) { max_out = std::min(max_out, max_slices.value()); } RawSliceVector raw_slices; raw_slices.reserve(max_out); for (const auto& slice : slices_) { if (raw_slices.size() >= max_out) { break; } if (slice->dataSize() == 0) { continue; } // Temporary cast to fix 32-bit Envoy mobile builds, where sizeof(uint64_t) != sizeof(size_t). // dataSize represents the size of a buffer so size_t should always be large enough to hold its // size regardless of architecture. Buffer slices should in practice be relatively small, but // there is currently no max size validation. // TODO(antoniovicente) Set realistic limits on the max size of BufferSlice and consider use of // size_t instead of uint64_t in the Slice interface. raw_slices.emplace_back(RawSlice{slice->data(), static_cast(slice->dataSize())}); } return raw_slices; } SliceDataPtr OwnedImpl::extractMutableFrontSlice() { RELEASE_ASSERT(length_ > 0, "Extract called on empty buffer"); // Remove zero byte fragments from the front of the queue to ensure // that the extracted slice has data. while (!slices_.empty() && slices_.front()->dataSize() == 0) { slices_.pop_front(); } ASSERT(!slices_.empty()); ASSERT(slices_.front()); auto slice = std::move(slices_.front()); auto size = slice->dataSize(); length_ -= size; slices_.pop_front(); if (!slice->isMutable()) { // Create a mutable copy of the immutable slice data. auto mutable_slice = OwnedSlice::create(size); auto copy_size = mutable_slice->append(slice->data(), size); ASSERT(copy_size == size); // Drain trackers for the immutable slice will be called as part of the slice destructor. return mutable_slice; } else { // Make sure drain trackers are called before ownership of the slice is transferred from // the buffer to the caller. slice->callAndClearDrainTrackers(); return slice; } } uint64_t OwnedImpl::length() const { #ifndef NDEBUG // When running in debug mode, verify that the precomputed length matches the sum // of the lengths of the slices. uint64_t length = 0; for (const auto& slice : slices_) { length += slice->dataSize(); } ASSERT(length == length_); #endif return length_; } void* OwnedImpl::linearize(uint32_t size) { RELEASE_ASSERT(size <= length(), "Linearize size exceeds buffer size"); if (slices_.empty()) { return nullptr; } if (slices_[0]->dataSize() < size) { auto new_slice = OwnedSlice::create(size); Slice::Reservation reservation = new_slice->reserve(size); ASSERT(reservation.mem_ != nullptr); ASSERT(reservation.len_ == size); copyOut(0, size, reservation.mem_); new_slice->commit(reservation); // Replace the first 'size' bytes in the buffer with the new slice. Since new_slice re-adds the // drained bytes, avoid use of the overridable 'drain' method to avoid incorrectly checking if // we dipped below low-watermark. drainImpl(size); slices_.emplace_front(std::move(new_slice)); length_ += size; } return slices_.front()->data(); } void OwnedImpl::coalesceOrAddSlice(SlicePtr&& other_slice) { const uint64_t slice_size = other_slice->dataSize(); // The `other_slice` content can be coalesced into the existing slice IFF: // 1. The `other_slice` can be coalesced. Objects of type UnownedSlice can not be coalesced. See // comment in the UnownedSlice class definition; // 2. There are existing slices; // 3. The `other_slice` content length is under the CopyThreshold; // 4. There is enough unused space in the existing slice to accommodate the `other_slice` content. if (other_slice->canCoalesce() && !slices_.empty() && slice_size < CopyThreshold && slices_.back()->reservableSize() >= slice_size) { // Copy content of the `other_slice`. The `move` methods which call this method effectively // drain the source buffer. addImpl(other_slice->data(), slice_size); other_slice->transferDrainTrackersTo(*slices_.back()); } else { // Take ownership of the slice. slices_.emplace_back(std::move(other_slice)); length_ += slice_size; } } void OwnedImpl::move(Instance& rhs) { ASSERT(&rhs != this); // We do the static cast here because in practice we only have one buffer implementation right // now and this is safe. This is a reasonable compromise in a high performance path where we // want to maintain an abstraction. OwnedImpl& other = static_cast(rhs); while (!other.slices_.empty()) { const uint64_t slice_size = other.slices_.front()->dataSize(); coalesceOrAddSlice(std::move(other.slices_.front())); other.length_ -= slice_size; other.slices_.pop_front(); } other.postProcess(); } void OwnedImpl::move(Instance& rhs, uint64_t length) { ASSERT(&rhs != this); // See move() above for why we do the static cast. OwnedImpl& other = static_cast(rhs); while (length != 0 && !other.slices_.empty()) { const uint64_t slice_size = other.slices_.front()->dataSize(); const uint64_t copy_size = std::min(slice_size, length); if (copy_size == 0) { other.slices_.pop_front(); } else if (copy_size < slice_size) { // TODO(brian-pane) add reference-counting to allow slices to share their storage // and eliminate the copy for this partial-slice case? add(other.slices_.front()->data(), copy_size); other.slices_.front()->drain(copy_size); other.length_ -= copy_size; } else { coalesceOrAddSlice(std::move(other.slices_.front())); other.slices_.pop_front(); other.length_ -= slice_size; } length -= copy_size; } other.postProcess(); } uint64_t OwnedImpl::reserve(uint64_t length, RawSlice* iovecs, uint64_t num_iovecs) { if (num_iovecs == 0 || length == 0) { return 0; } // Check whether there are any empty slices with reservable space at the end of the buffer. size_t first_reservable_slice = slices_.size(); while (first_reservable_slice > 0) { if (slices_[first_reservable_slice - 1]->reservableSize() == 0) { break; } first_reservable_slice--; if (slices_[first_reservable_slice]->dataSize() != 0) { // There is some content in this slice, so anything in front of it is non-reservable. break; } } // Having found the sequence of reservable slices at the back of the buffer, reserve // as much space as possible from each one. uint64_t num_slices_used = 0; uint64_t bytes_remaining = length; size_t slice_index = first_reservable_slice; while (slice_index < slices_.size() && bytes_remaining != 0 && num_slices_used < num_iovecs) { auto& slice = slices_[slice_index]; const uint64_t reservation_size = std::min(slice->reservableSize(), bytes_remaining); if (num_slices_used + 1 == num_iovecs && reservation_size < bytes_remaining) { // There is only one iovec left, and this next slice does not have enough space to // complete the reservation. Stop iterating, with last one iovec still unpopulated, // so the code following this loop can allocate a new slice to hold the rest of the // reservation. break; } iovecs[num_slices_used] = slice->reserve(reservation_size); bytes_remaining -= iovecs[num_slices_used].len_; num_slices_used++; slice_index++; } // If needed, allocate one more slice at the end to provide the remainder of the reservation. if (bytes_remaining != 0) { slices_.emplace_back(OwnedSlice::create(bytes_remaining)); iovecs[num_slices_used] = slices_.back()->reserve(bytes_remaining); bytes_remaining -= iovecs[num_slices_used].len_; num_slices_used++; } ASSERT(num_slices_used <= num_iovecs); ASSERT(bytes_remaining == 0); return num_slices_used; } ssize_t OwnedImpl::search(const void* data, uint64_t size, size_t start, size_t length) const { // This implementation uses the same search algorithm as evbuffer_search(), a naive // scan that requires O(M*N) comparisons in the worst case. // TODO(brian-pane): replace this with a more efficient search if it shows up // prominently in CPU profiling. if (size == 0) { return (start <= length_) ? start : -1; } // length equal to zero means that entire buffer must be searched. // Adjust the length to buffer length taking the staring index into account. size_t left_to_search = length; if (0 == length) { left_to_search = length_ - start; } ssize_t offset = 0; const uint8_t* needle = static_cast(data); for (size_t slice_index = 0; slice_index < slices_.size() && (left_to_search > 0); slice_index++) { const auto& slice = slices_[slice_index]; uint64_t slice_size = slice->dataSize(); if (slice_size <= start) { start -= slice_size; offset += slice_size; continue; } const uint8_t* slice_start = slice->data(); const uint8_t* haystack = slice_start; const uint8_t* haystack_end = haystack + slice_size; haystack += start; while (haystack < haystack_end) { const size_t slice_search_limit = std::min(static_cast(haystack_end - haystack), left_to_search); // Search within this slice for the first byte of the needle. const uint8_t* first_byte_match = static_cast(memchr(haystack, needle[0], slice_search_limit)); if (first_byte_match == nullptr) { left_to_search -= slice_search_limit; break; } // After finding a match for the first byte of the needle, check whether the following // bytes in the buffer match the remainder of the needle. Note that the match can span // two or more slices. left_to_search -= static_cast(first_byte_match - haystack + 1); // Save the current number of bytes left to search. // If the pattern is not found, the search will resume from the next byte // and left_to_search value must be restored. const size_t saved_left_to_search = left_to_search; size_t i = 1; size_t match_index = slice_index; const uint8_t* match_next = first_byte_match + 1; const uint8_t* match_end = haystack_end; while ((i < size) && (0 < left_to_search)) { if (match_next >= match_end) { // We've hit the end of this slice, so continue checking against the next slice. match_index++; if (match_index == slices_.size()) { // We've hit the end of the entire buffer. break; } const auto& match_slice = slices_[match_index]; match_next = match_slice->data(); match_end = match_next + match_slice->dataSize(); continue; } left_to_search--; if (*match_next++ != needle[i]) { break; } i++; } if (i == size) { // Successful match of the entire needle. return offset + (first_byte_match - slice_start); } // If this wasn't a successful match, start scanning again at the next byte. haystack = first_byte_match + 1; left_to_search = saved_left_to_search; } start = 0; offset += slice_size; } return -1; } bool OwnedImpl::startsWith(absl::string_view data) const { if (length() < data.length()) { // Buffer is too short to contain data. return false; } if (data.length() == 0) { return true; } const uint8_t* prefix = reinterpret_cast(data.data()); size_t size = data.length(); for (const auto& slice : slices_) { uint64_t slice_size = slice->dataSize(); const uint8_t* slice_start = slice->data(); if (slice_size >= size) { // The remaining size bytes of data are in this slice. return memcmp(prefix, slice_start, size) == 0; } // Slice is smaller than data, see if the prefix matches. if (memcmp(prefix, slice_start, slice_size) != 0) { return false; } // Prefix matched. Continue looking at the next slice. prefix += slice_size; size -= slice_size; } // Less data in slices than length() reported. NOT_REACHED_GCOVR_EXCL_LINE; } OwnedImpl::OwnedImpl() = default; OwnedImpl::OwnedImpl(absl::string_view data) : OwnedImpl() { add(data); } OwnedImpl::OwnedImpl(const Instance& data) : OwnedImpl() { add(data); } OwnedImpl::OwnedImpl(const void* data, uint64_t size) : OwnedImpl() { add(data, size); } std::string OwnedImpl::toString() const { std::string output; output.reserve(length()); for (const RawSlice& slice : getRawSlices()) { output.append(static_cast(slice.mem_), slice.len_); } return output; } void OwnedImpl::postProcess() {} void OwnedImpl::appendSliceForTest(const void* data, uint64_t size) { slices_.emplace_back(OwnedSlice::create(data, size)); length_ += size; } void OwnedImpl::appendSliceForTest(absl::string_view data) { appendSliceForTest(data.data(), data.size()); } std::vector OwnedImpl::describeSlicesForTest() const { std::vector slices; for (const auto& slice : slices_) { slices.push_back(slice->describeSliceForTest()); } return slices; } } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/buffer/buffer_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/buffer/buffer.h" #include "common/common/assert.h" #include "common/common/non_copyable.h" #include "common/common/utility.h" #include "common/event/libevent.h" namespace Envoy { namespace Buffer { /** * A Slice manages a contiguous block of bytes. * The block is arranged like this: * |<- dataSize() ->|<- reservableSize() ->| * +-----------------+----------------+----------------------+ * | Drained | Data | Reservable | * | Unused space | Usable content | New content can be | * | that formerly | | added here with | * | was in the Data | | reserve()/commit() | * | section | | | * +-----------------+----------------+----------------------+ * ^ * | * data() */ class Slice : public SliceData { public: using Reservation = RawSlice; ~Slice() override { callAndClearDrainTrackers(); } // SliceData absl::Span getMutableData() override { RELEASE_ASSERT(isMutable(), "Not allowed to call getMutableData if slice is immutable"); return {base_ + data_, static_cast::size_type>(reservable_ - data_)}; } /** * @return true if the data in the slice is mutable */ virtual bool isMutable() const { return false; } /** * @return a pointer to the start of the usable content. */ const uint8_t* data() const { return base_ + data_; } /** * @return a pointer to the start of the usable content. */ uint8_t* data() { return base_ + data_; } /** * @return the size in bytes of the usable content. */ uint64_t dataSize() const { return reservable_ - data_; } /** * Remove the first `size` bytes of usable content. Runs in O(1) time. * @param size number of bytes to remove. If greater than data_size(), the result is undefined. */ void drain(uint64_t size) { ASSERT(data_ + size <= reservable_); data_ += size; if (data_ == reservable_) { // All the data in the slice has been drained. Reset the offsets so all // the data can be reused. data_ = 0; reservable_ = 0; } } /** * @return the number of bytes available to be reserve()d. * @note Read-only implementations of Slice should return zero from this method. */ uint64_t reservableSize() const { ASSERT(capacity_ >= reservable_); return capacity_ - reservable_; } /** * Reserve `size` bytes that the caller can populate with content. The caller SHOULD then * call commit() to add the newly populated content from the Reserved section to the Data * section. * @note If there is already an outstanding reservation (i.e., a reservation obtained * from reserve() that has not been released by calling commit()), this method will * return a new reservation that replaces it. * @param size the number of bytes to reserve. The Slice implementation MAY reserve * fewer bytes than requested (for example, if it doesn't have enough room in the * Reservable section to fulfill the whole request). * @return a tuple containing the address of the start of resulting reservation and the * reservation size in bytes. If the address is null, the reservation failed. * @note Read-only implementations of Slice should return {nullptr, 0} from this method. */ Reservation reserve(uint64_t size) { if (size == 0) { return {nullptr, 0}; } // Verify the semantics that drain() enforces: if the slice is empty, either because // no data has been added or because all the added data has been drained, the data // section is at the very start of the slice. ASSERT(!(dataSize() == 0 && data_ > 0)); uint64_t available_size = capacity_ - reservable_; if (available_size == 0) { return {nullptr, 0}; } uint64_t reservation_size = std::min(size, available_size); void* reservation = &(base_[reservable_]); return {reservation, static_cast(reservation_size)}; } /** * Commit a Reservation that was previously obtained from a call to reserve(). * The Reservation's size is added to the Data section. * @param reservation a reservation obtained from a previous call to reserve(). * If the reservation is not from this Slice, commit() will return false. * If the caller is committing fewer bytes than provided by reserve(), it * should change the len_ field of the reservation before calling commit(). * For example, if a caller reserve()s 4KB to do a nonblocking socket read, * and the read only returns two bytes, the caller should set * reservation.len_ = 2 and then call `commit(reservation)`. * @return whether the Reservation was successfully committed to the Slice. */ bool commit(const Reservation& reservation) { if (static_cast(reservation.mem_) != base_ + reservable_ || reservable_ + reservation.len_ > capacity_ || reservable_ >= capacity_) { // The reservation is not from this OwnedSlice. return false; } reservable_ += reservation.len_; return true; } /** * Copy as much of the supplied data as possible to the end of the slice. * @param data start of the data to copy. * @param size number of bytes to copy. * @return number of bytes copied (may be a smaller than size, may even be zero). */ uint64_t append(const void* data, uint64_t size) { uint64_t copy_size = std::min(size, reservableSize()); if (copy_size == 0) { return 0; } uint8_t* dest = base_ + reservable_; reservable_ += copy_size; // NOLINTNEXTLINE(clang-analyzer-core.NullDereference) memcpy(dest, data, copy_size); return copy_size; } /** * Copy as much of the supplied data as possible to the front of the slice. * If only part of the data will fit in the slice, the bytes from the _end_ are * copied. * @param data start of the data to copy. * @param size number of bytes to copy. * @return number of bytes copied (may be a smaller than size, may even be zero). */ uint64_t prepend(const void* data, uint64_t size) { const uint8_t* src = static_cast(data); uint64_t copy_size; if (dataSize() == 0) { // There is nothing in the slice, so put the data at the very end in case the caller // later tries to prepend anything else in front of it. copy_size = std::min(size, reservableSize()); reservable_ = capacity_; data_ = capacity_ - copy_size; } else { if (data_ == 0) { // There is content in the slice, and no space in front of it to write anything. return 0; } // Write into the space in front of the slice's current content. copy_size = std::min(size, data_); data_ -= copy_size; } memcpy(base_ + data_, src + size - copy_size, copy_size); return copy_size; } /** * @return true if content in this Slice can be coalesced into another Slice. */ virtual bool canCoalesce() const { return true; } /** * Describe the in-memory representation of the slice. For use * in tests that want to make assertions about the specific arrangement of * bytes in a slice. */ struct SliceRepresentation { uint64_t data; uint64_t reservable; uint64_t capacity; }; SliceRepresentation describeSliceForTest() const { return SliceRepresentation{dataSize(), reservableSize(), capacity_}; } /** * Move all drain trackers from the current slice to the destination slice. */ void transferDrainTrackersTo(Slice& destination) { destination.drain_trackers_.splice(destination.drain_trackers_.end(), drain_trackers_); ASSERT(drain_trackers_.empty()); } /** * Add a drain tracker to the slice. */ void addDrainTracker(std::function drain_tracker) { drain_trackers_.emplace_back(std::move(drain_tracker)); } /** * Call all drain trackers associated with the slice, then clear * the drain tracker list. */ void callAndClearDrainTrackers() { for (const auto& drain_tracker : drain_trackers_) { drain_tracker(); } drain_trackers_.clear(); } protected: Slice(uint64_t data, uint64_t reservable, uint64_t capacity) : data_(data), reservable_(reservable), capacity_(capacity) {} /** Start of the slice - subclasses must set this */ uint8_t* base_{nullptr}; /** Offset in bytes from the start of the slice to the start of the Data section */ uint64_t data_; /** Offset in bytes from the start of the slice to the start of the Reservable section */ uint64_t reservable_; /** Total number of bytes in the slice */ uint64_t capacity_; std::list> drain_trackers_; }; using SlicePtr = std::unique_ptr; // OwnedSlice can not be derived from as it has variable sized array as member. class OwnedSlice final : public Slice, public InlineStorage { public: /** * Create an empty OwnedSlice. * @param capacity number of bytes of space the slice should have. * @return an OwnedSlice with at least the specified capacity. */ static SlicePtr create(uint64_t capacity) { uint64_t slice_capacity = sliceSize(capacity); return SlicePtr(new (slice_capacity) OwnedSlice(slice_capacity)); } /** * Create an OwnedSlice and initialize it with a copy of the supplied copy. * @param data the content to copy into the slice. * @param size length of the content. * @return an OwnedSlice containing a copy of the content, which may (dependent on * the internal implementation) have a nonzero amount of reservable space at the end. */ static SlicePtr create(const void* data, uint64_t size) { uint64_t slice_capacity = sliceSize(size); std::unique_ptr slice(new (slice_capacity) OwnedSlice(slice_capacity)); memcpy(slice->base_, data, size); slice->reservable_ = size; return slice; } private: OwnedSlice(uint64_t size) : Slice(0, 0, size) { base_ = storage_; } bool isMutable() const override { return true; } /** * Compute a slice size big enough to hold a specified amount of data. * @param data_size the minimum amount of data the slice must be able to store, in bytes. * @return a recommended slice size, in bytes. */ static uint64_t sliceSize(uint64_t data_size) { static constexpr uint64_t PageSize = 4096; const uint64_t num_pages = (sizeof(OwnedSlice) + data_size + PageSize - 1) / PageSize; return num_pages * PageSize - sizeof(OwnedSlice); } uint8_t storage_[]; }; /** * Queue of SlicePtr that supports efficient read and write access to both * the front and the back of the queue. * @note This class has similar properties to std::deque. The reason for using * a custom deque implementation is that benchmark testing during development * revealed that std::deque was too slow to reach performance parity with the * prior evbuffer-based buffer implementation. */ class SliceDeque { public: SliceDeque() : ring_(inline_ring_), capacity_(InlineRingCapacity) {} SliceDeque(SliceDeque&& rhs) noexcept { // This custom move constructor is needed so that ring_ will be updated properly. std::move(rhs.inline_ring_, rhs.inline_ring_ + InlineRingCapacity, inline_ring_); external_ring_ = std::move(rhs.external_ring_); ring_ = (external_ring_ != nullptr) ? external_ring_.get() : inline_ring_; start_ = rhs.start_; size_ = rhs.size_; capacity_ = rhs.capacity_; } SliceDeque& operator=(SliceDeque&& rhs) noexcept { // This custom assignment move operator is needed so that ring_ will be updated properly. std::move(rhs.inline_ring_, rhs.inline_ring_ + InlineRingCapacity, inline_ring_); external_ring_ = std::move(rhs.external_ring_); ring_ = (external_ring_ != nullptr) ? external_ring_.get() : inline_ring_; start_ = rhs.start_; size_ = rhs.size_; capacity_ = rhs.capacity_; return *this; } void emplace_back(SlicePtr&& slice) { growRing(); size_t index = internalIndex(size_); ring_[index] = std::move(slice); size_++; } void emplace_front(SlicePtr&& slice) { growRing(); start_ = (start_ == 0) ? capacity_ - 1 : start_ - 1; ring_[start_] = std::move(slice); size_++; } bool empty() const { return size() == 0; } size_t size() const { return size_; } SlicePtr& front() { return ring_[start_]; } const SlicePtr& front() const { return ring_[start_]; } SlicePtr& back() { return ring_[internalIndex(size_ - 1)]; } const SlicePtr& back() const { return ring_[internalIndex(size_ - 1)]; } SlicePtr& operator[](size_t i) { return ring_[internalIndex(i)]; } const SlicePtr& operator[](size_t i) const { return ring_[internalIndex(i)]; } void pop_front() { if (size() == 0) { return; } front() = SlicePtr(); size_--; start_++; if (start_ == capacity_) { start_ = 0; } } void pop_back() { if (size() == 0) { return; } back() = SlicePtr(); size_--; } /** * Forward const iterator for SliceDeque. * @note this implementation currently supports the minimum functionality needed to support * the `for (const auto& slice : slice_deque)` idiom. */ class ConstIterator { public: const SlicePtr& operator*() { return deque_[index_]; } ConstIterator operator++() { index_++; return *this; } bool operator!=(const ConstIterator& rhs) const { return &deque_ != &rhs.deque_ || index_ != rhs.index_; } friend class SliceDeque; private: ConstIterator(const SliceDeque& deque, size_t index) : deque_(deque), index_(index) {} const SliceDeque& deque_; size_t index_; }; ConstIterator begin() const noexcept { return {*this, 0}; } ConstIterator end() const noexcept { return {*this, size_}; } private: constexpr static size_t InlineRingCapacity = 8; size_t internalIndex(size_t index) const { size_t internal_index = start_ + index; if (internal_index >= capacity_) { internal_index -= capacity_; ASSERT(internal_index < capacity_); } return internal_index; } void growRing() { if (size_ < capacity_) { return; } const size_t new_capacity = capacity_ * 2; auto new_ring = std::make_unique(new_capacity); for (size_t i = 0; i < new_capacity; i++) { ASSERT(new_ring[i] == nullptr); } size_t src = start_; size_t dst = 0; for (size_t i = 0; i < size_; i++) { new_ring[dst++] = std::move(ring_[src++]); if (src == capacity_) { src = 0; } } for (size_t i = 0; i < capacity_; i++) { ASSERT(ring_[i].get() == nullptr); } external_ring_.swap(new_ring); ring_ = external_ring_.get(); start_ = 0; capacity_ = new_capacity; } SlicePtr inline_ring_[InlineRingCapacity]; std::unique_ptr external_ring_; SlicePtr* ring_; // points to start of either inline or external ring. size_t start_{0}; size_t size_{0}; size_t capacity_; }; class UnownedSlice : public Slice { public: UnownedSlice(BufferFragment& fragment) : Slice(0, fragment.size(), fragment.size()), fragment_(fragment) { base_ = static_cast(const_cast(fragment.data())); } ~UnownedSlice() override { fragment_.done(); } /** * BufferFragment objects encapsulated by UnownedSlice are used to track when response content * is written into transport connection. As a result these slices can not be coalesced when moved * between buffers. */ bool canCoalesce() const override { return false; } private: BufferFragment& fragment_; }; /** * An implementation of BufferFragment where a releasor callback is called when the data is * no longer needed. */ class BufferFragmentImpl : NonCopyable, public BufferFragment { public: /** * Creates a new wrapper around the externally owned of size . * The caller must ensure is valid until releasor() is called, or for the lifetime of the * fragment. releasor() is called with , and to allow caller to delete * the fragment object. * @param data external data to reference * @param size size of data * @param releasor a callback function to be called when data is no longer needed. */ BufferFragmentImpl( const void* data, size_t size, const std::function& releasor) : data_(data), size_(size), releasor_(releasor) {} // Buffer::BufferFragment const void* data() const override { return data_; } size_t size() const override { return size_; } void done() override { if (releasor_) { releasor_(data_, size_, this); } } private: const void* const data_; const size_t size_; const std::function releasor_; }; class LibEventInstance : public Instance { public: // Called after accessing the memory in buffer() directly to allow any post-processing. virtual void postProcess() PURE; }; /** * Wrapper for uint64_t that asserts upon integer overflow and underflow. */ class OverflowDetectingUInt64 { public: operator uint64_t() const { return value_; } OverflowDetectingUInt64& operator+=(uint64_t size) { uint64_t new_value = value_ + size; RELEASE_ASSERT(new_value >= value_, "64-bit unsigned integer overflowed"); value_ = new_value; return *this; } OverflowDetectingUInt64& operator-=(uint64_t size) { RELEASE_ASSERT(value_ >= size, "unsigned integer underflowed"); value_ -= size; return *this; } private: uint64_t value_{0}; }; /** * Wraps an allocated and owned buffer. * * Note that due to the internals of move(), OwnedImpl is not * compatible with non-OwnedImpl buffers. */ class OwnedImpl : public LibEventInstance { public: OwnedImpl(); OwnedImpl(absl::string_view data); OwnedImpl(const Instance& data); OwnedImpl(const void* data, uint64_t size); // Buffer::Instance void addDrainTracker(std::function drain_tracker) override; void add(const void* data, uint64_t size) override; void addBufferFragment(BufferFragment& fragment) override; void add(absl::string_view data) override; void add(const Instance& data) override; void prepend(absl::string_view data) override; void prepend(Instance& data) override; void commit(RawSlice* iovecs, uint64_t num_iovecs) override; void copyOut(size_t start, uint64_t size, void* data) const override; void drain(uint64_t size) override; RawSliceVector getRawSlices(absl::optional max_slices = absl::nullopt) const override; SliceDataPtr extractMutableFrontSlice() override; uint64_t length() const override; void* linearize(uint32_t size) override; void move(Instance& rhs) override; void move(Instance& rhs, uint64_t length) override; uint64_t reserve(uint64_t length, RawSlice* iovecs, uint64_t num_iovecs) override; ssize_t search(const void* data, uint64_t size, size_t start, size_t length) const override; bool startsWith(absl::string_view data) const override; std::string toString() const override; // LibEventInstance void postProcess() override; /** * Create a new slice at the end of the buffer, and copy the supplied content into it. * @param data start of the content to copy. * */ virtual void appendSliceForTest(const void* data, uint64_t size); /** * Create a new slice at the end of the buffer, and copy the supplied string into it. * @param data the string to append to the buffer. */ virtual void appendSliceForTest(absl::string_view data); /** * Describe the in-memory representation of the slices in the buffer. For use * in tests that want to make assertions about the specific arrangement of * bytes in the buffer. */ std::vector describeSlicesForTest() const; private: /** * @param rhs another buffer * @return whether the rhs buffer is also an instance of OwnedImpl (or a subclass) that * uses the same internal implementation as this buffer. */ bool isSameBufferImpl(const Instance& rhs) const; void addImpl(const void* data, uint64_t size); void drainImpl(uint64_t size); /** * Moves contents of the `other_slice` by either taking its ownership or coalescing it * into an existing slice. * NOTE: the caller is responsible for draining the buffer that contains the `other_slice`. */ void coalesceOrAddSlice(SlicePtr&& other_slice); /** Ring buffer of slices. */ SliceDeque slices_; /** Sum of the dataSize of all slices. */ OverflowDetectingUInt64 length_; }; using BufferFragmentPtr = std::unique_ptr; /** * An implementation of BufferFragment where a releasor callback is called when the data is * no longer needed. Copies data into internal buffer. */ class OwnedBufferFragmentImpl final : public BufferFragment, public InlineStorage { public: using Releasor = std::function; /** * Copies the data into internal buffer. The releasor is called when the data has been * fully drained or the buffer that contains this fragment is destroyed. * @param data external data to reference * @param releasor a callback function to be called when data is no longer needed. */ static BufferFragmentPtr create(absl::string_view data, const Releasor& releasor) { return BufferFragmentPtr(new (sizeof(OwnedBufferFragmentImpl) + data.size()) OwnedBufferFragmentImpl(data, releasor)); } // Buffer::BufferFragment const void* data() const override { return data_; } size_t size() const override { return size_; } void done() override { releasor_(this); } private: OwnedBufferFragmentImpl(absl::string_view data, const Releasor& releasor) : releasor_(releasor), size_(data.size()) { ASSERT(releasor != nullptr); memcpy(data_, data.data(), data.size()); } const Releasor releasor_; const size_t size_; uint8_t data_[]; }; using OwnedBufferFragmentImplPtr = std::unique_ptr; } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/buffer/watermark_buffer.cc ================================================ #include "common/buffer/watermark_buffer.h" #include "common/common/assert.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Buffer { void WatermarkBuffer::add(const void* data, uint64_t size) { OwnedImpl::add(data, size); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::add(absl::string_view data) { OwnedImpl::add(data); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::add(const Instance& data) { OwnedImpl::add(data); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::prepend(absl::string_view data) { OwnedImpl::prepend(data); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::prepend(Instance& data) { OwnedImpl::prepend(data); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::commit(RawSlice* iovecs, uint64_t num_iovecs) { OwnedImpl::commit(iovecs, num_iovecs); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::drain(uint64_t size) { OwnedImpl::drain(size); checkLowWatermark(); } void WatermarkBuffer::move(Instance& rhs) { OwnedImpl::move(rhs); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::move(Instance& rhs, uint64_t length) { OwnedImpl::move(rhs, length); checkHighAndOverflowWatermarks(); } SliceDataPtr WatermarkBuffer::extractMutableFrontSlice() { auto result = OwnedImpl::extractMutableFrontSlice(); checkLowWatermark(); return result; } uint64_t WatermarkBuffer::reserve(uint64_t length, RawSlice* iovecs, uint64_t num_iovecs) { uint64_t bytes_reserved = OwnedImpl::reserve(length, iovecs, num_iovecs); checkHighAndOverflowWatermarks(); return bytes_reserved; } void WatermarkBuffer::appendSliceForTest(const void* data, uint64_t size) { OwnedImpl::appendSliceForTest(data, size); checkHighAndOverflowWatermarks(); } void WatermarkBuffer::appendSliceForTest(absl::string_view data) { appendSliceForTest(data.data(), data.size()); } void WatermarkBuffer::setWatermarks(uint32_t low_watermark, uint32_t high_watermark) { ASSERT(low_watermark < high_watermark || (high_watermark == 0 && low_watermark == 0)); uint32_t overflow_watermark_multiplier = Runtime::getInteger("envoy.buffer.overflow_multiplier", 0); if (overflow_watermark_multiplier > 0 && (static_cast(overflow_watermark_multiplier) * high_watermark) > std::numeric_limits::max()) { ENVOY_LOG_MISC(debug, "Error setting overflow threshold: envoy.buffer.overflow_multiplier * " "high_watermark is overflowing. Disabling overflow watermark."); overflow_watermark_multiplier = 0; } low_watermark_ = low_watermark; high_watermark_ = high_watermark; overflow_watermark_ = overflow_watermark_multiplier * high_watermark; checkHighAndOverflowWatermarks(); checkLowWatermark(); } void WatermarkBuffer::checkLowWatermark() { if (!above_high_watermark_called_ || (high_watermark_ != 0 && OwnedImpl::length() > low_watermark_)) { return; } above_high_watermark_called_ = false; below_low_watermark_(); } void WatermarkBuffer::checkHighAndOverflowWatermarks() { if (high_watermark_ == 0 || OwnedImpl::length() <= high_watermark_) { return; } if (!above_high_watermark_called_) { above_high_watermark_called_ = true; above_high_watermark_(); } // Check if overflow watermark is enabled, wasn't previously triggered, // and the buffer size is above the threshold if (overflow_watermark_ != 0 && !above_overflow_watermark_called_ && OwnedImpl::length() > overflow_watermark_) { above_overflow_watermark_called_ = true; above_overflow_watermark_(); } } } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/buffer/watermark_buffer.h ================================================ #pragma once #include #include #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Buffer { // A subclass of OwnedImpl which does watermark validation. // Each time the buffer is resized (written to or drained), the watermarks are checked. As the // buffer size transitions from under the low watermark to above the high watermark, the // above_high_watermark function is called one time. It will not be called again until the buffer // is drained below the low watermark, at which point the below_low_watermark function is called. // If the buffer size is above the overflow watermark, above_overflow_watermark is called. // It is only called on the first time the buffer overflows. class WatermarkBuffer : public OwnedImpl { public: WatermarkBuffer(std::function below_low_watermark, std::function above_high_watermark, std::function above_overflow_watermark) : below_low_watermark_(below_low_watermark), above_high_watermark_(above_high_watermark), above_overflow_watermark_(above_overflow_watermark) {} // Override all functions from Instance which can result in changing the size // of the underlying buffer. void add(const void* data, uint64_t size) override; void add(absl::string_view data) override; void add(const Instance& data) override; void prepend(absl::string_view data) override; void prepend(Instance& data) override; void commit(RawSlice* iovecs, uint64_t num_iovecs) override; void drain(uint64_t size) override; void move(Instance& rhs) override; void move(Instance& rhs, uint64_t length) override; SliceDataPtr extractMutableFrontSlice() override; uint64_t reserve(uint64_t length, RawSlice* iovecs, uint64_t num_iovecs) override; void postProcess() override { checkLowWatermark(); } void appendSliceForTest(const void* data, uint64_t size) override; void appendSliceForTest(absl::string_view data) override; void setWatermarks(uint32_t watermark) { setWatermarks(watermark / 2, watermark); } void setWatermarks(uint32_t low_watermark, uint32_t high_watermark); uint32_t highWatermark() const { return high_watermark_; } // Returns true if the high watermark callbacks have been called more recently // than the low watermark callbacks. bool highWatermarkTriggered() const { return above_high_watermark_called_; } private: void checkHighAndOverflowWatermarks(); void checkLowWatermark(); std::function below_low_watermark_; std::function above_high_watermark_; std::function above_overflow_watermark_; // Used for enforcing buffer limits (off by default). If these are set to non-zero by a call to // setWatermarks() the watermark callbacks will be called as described above. uint32_t high_watermark_{0}; uint32_t low_watermark_{0}; uint32_t overflow_watermark_{0}; // Tracks the latest state of watermark callbacks. // True between the time above_high_watermark_ has been called until above_high_watermark_ has // been called. bool above_high_watermark_called_{false}; // Set to true when above_overflow_watermark_ is called (and isn't cleared). bool above_overflow_watermark_called_{false}; }; using WatermarkBufferPtr = std::unique_ptr; class WatermarkBufferFactory : public WatermarkFactory { public: // Buffer::WatermarkFactory InstancePtr create(std::function below_low_watermark, std::function above_high_watermark, std::function above_overflow_watermark) override { return std::make_unique(below_low_watermark, above_high_watermark, above_overflow_watermark); } }; } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/buffer/zero_copy_input_stream_impl.cc ================================================ #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Buffer { ZeroCopyInputStreamImpl::ZeroCopyInputStreamImpl() : buffer_(new Buffer::OwnedImpl) {} ZeroCopyInputStreamImpl::ZeroCopyInputStreamImpl(Buffer::InstancePtr&& buffer) : buffer_(std::move(buffer)) { finish(); } void ZeroCopyInputStreamImpl::move(Buffer::Instance& instance) { ASSERT(!finished_); buffer_->move(instance); } void ZeroCopyInputStreamImpl::drainLastSlice() { if (position_ != 0) { buffer_->drain(position_); position_ = 0; } } bool ZeroCopyInputStreamImpl::Next(const void** data, int* size) { drainLastSlice(); Buffer::RawSliceVector slices = buffer_->getRawSlices(1); if (!slices.empty() && slices[0].len_ > 0) { auto& slice = slices[0]; *data = slice.mem_; *size = slice.len_; position_ = slice.len_; byte_count_ += slice.len_; return true; } if (!finished_) { *data = nullptr; *size = 0; return true; } return false; } bool ZeroCopyInputStreamImpl::Skip(int count) { ASSERT(count >= 0); drainLastSlice(); // Could not skip more than buffer length. if (static_cast(count) > buffer_->length()) { return false; } buffer_->drain(count); byte_count_ += count; return true; } void ZeroCopyInputStreamImpl::BackUp(int count) { ASSERT(count >= 0); ASSERT(uint64_t(count) <= position_); // Preconditions for BackUp: // - The last method called must have been Next(). // - count must be less than or equal to the size of the last buffer returned by Next(). // Due to preconditions above, it is safe to just adjust position_ and byte_count_ here, and // drain in Next(). position_ -= count; byte_count_ -= count; } } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/buffer/zero_copy_input_stream_impl.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Buffer { class ZeroCopyInputStreamImpl : public virtual Protobuf::io::ZeroCopyInputStream { public: // Create input stream with one buffer, and finish immediately ZeroCopyInputStreamImpl(Buffer::InstancePtr&& buffer); // Create input stream with empty buffer ZeroCopyInputStreamImpl(); // Add a buffer to input stream, will consume all buffer from parameter // if the stream is not finished void move(Buffer::Instance& instance); // Mark the stream is finished void finish() { finished_ = true; } // Protobuf::io::ZeroCopyInputStream // See // https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.io.zero_copy_stream#ZeroCopyInputStream // for each method details. // Note Next() will return true with no data until more data is available if the stream is not // finished. It is the caller's responsibility to finish the stream or wrap with // LimitingInputStream before passing to protobuf code to avoid a spin loop. bool Next(const void** data, int* size) override; void BackUp(int count) override; bool Skip(int count) override; ProtobufTypes::Int64 ByteCount() const override { return byte_count_; } protected: // The last slice is kept to support limited BackUp() calls. // This function will drain it. void drainLastSlice(); Buffer::InstancePtr buffer_; uint64_t position_{0}; bool finished_{false}; private: uint64_t byte_count_{0}; }; } // namespace Buffer } // namespace Envoy ================================================ FILE: source/common/chromium_url/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "chromium_url", srcs = [ "url_canon.cc", "url_canon_internal.cc", "url_canon_path.cc", "url_canon_stdstring.cc", ], hdrs = [ "envoy_shim.h", "url_canon.h", "url_canon_internal.h", "url_canon_stdstring.h", "url_parse.h", "url_parse_internal.h", ], deps = ["//source/common/common:assert_lib"], ) ================================================ FILE: source/common/chromium_url/LICENSE ================================================ // Copyright 2015 The Chromium Authors. All rights reserved. // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are // met: // // * Redistributions of source code must retain the above copyright // notice, this list of conditions and the following disclaimer. // * Redistributions in binary form must reproduce the above // copyright notice, this list of conditions and the following disclaimer // in the documentation and/or other materials provided with the // distribution. // * Neither the name of Google Inc. nor the names of its // contributors may be used to endorse or promote products derived from // this software without specific prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================ FILE: source/common/chromium_url/README.md ================================================ This is a manually minified variant of https://chromium.googlesource.com/chromium/src.git/+archive/74.0.3729.15/url.tar.gz, providing just the parts needed for `url::CanonicalizePath()`. This is intended to support a security release fix for CVE-2019-9901. Long term we need this to be moved to absl or QUICHE for upgrades and long-term support. Some specific transforms of interest: * The namespace `url` was changed to `chromium_url`. * `url_parse.h` is minified to just `Component` and flattened back into the URL directory. It does not contain any non-Chromium authored code any longer and so does not have a separate LICENSE. * `envoy_shim.h` adapts various macros to the Envoy context. * Anything not reachable from `url::CanonicalizePath()` has been dropped. * Header include paths have changed as needed. * BUILD was manually written. * Various clang-tidy and format fixes. ================================================ FILE: source/common/chromium_url/envoy_shim.h ================================================ #pragma once #include "common/common/assert.h" // This is a minimal Envoy adaptation layer for the Chromium URL library. // NOLINT(namespace-envoy) #define DISALLOW_COPY_AND_ASSIGN(TypeName) \ TypeName(const TypeName&) = delete; \ TypeName& operator=(const TypeName&) = delete #define EXPORT_TEMPLATE_DECLARE(x) #define EXPORT_TEMPLATE_DEFINE(x) #define COMPONENT_EXPORT(x) #define DCHECK(x) ASSERT(x) #define NOTREACHED() NOT_REACHED_GCOVR_EXCL_LINE ================================================ FILE: source/common/chromium_url/url_canon.cc ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2017 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "common/chromium_url/url_canon.h" #include "common/chromium_url/envoy_shim.h" namespace chromium_url { template class EXPORT_TEMPLATE_DEFINE(COMPONENT_EXPORT(URL)) CanonOutputT; } // namespace chromium_url ================================================ FILE: source/common/chromium_url/url_canon.h ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef URL_URL_CANON_H_ #define URL_URL_CANON_H_ #include #include #include "common/chromium_url/envoy_shim.h" #include "common/chromium_url/url_parse.h" namespace chromium_url { // Canonicalizer output ------------------------------------------------------- // Base class for the canonicalizer output, this maintains a buffer and // supports simple resizing and append operations on it. // // It is VERY IMPORTANT that no virtual function calls be made on the common // code path. We only have two virtual function calls, the destructor and a // resize function that is called when the existing buffer is not big enough. // The derived class is then in charge of setting up our buffer which we will // manage. template class CanonOutputT { public: CanonOutputT() : buffer_(NULL), buffer_len_(0), cur_len_(0) {} virtual ~CanonOutputT() = default; // Implemented to resize the buffer. This function should update the buffer // pointer to point to the new buffer, and any old data up to |cur_len_| in // the buffer must be copied over. // // The new size |sz| must be larger than buffer_len_. virtual void Resize(int sz) = 0; // Accessor for returning a character at a given position. The input offset // must be in the valid range. inline T at(int offset) const { return buffer_[offset]; } // Sets the character at the given position. The given position MUST be less // than the length(). inline void set(int offset, T ch) { buffer_[offset] = ch; } // Returns the number of characters currently in the buffer. inline int length() const { return cur_len_; } // Returns the current capacity of the buffer. The length() is the number of // characters that have been declared to be written, but the capacity() is // the number that can be written without reallocation. If the caller must // write many characters at once, it can make sure there is enough capacity, // write the data, then use set_size() to declare the new length(). int capacity() const { return buffer_len_; } // Called by the user of this class to get the output. The output will NOT // be NULL-terminated. Call length() to get the // length. const T* data() const { return buffer_; } T* data() { return buffer_; } // Shortens the URL to the new length. Used for "backing up" when processing // relative paths. This can also be used if an external function writes a lot // of data to the buffer (when using the "Raw" version below) beyond the end, // to declare the new length. // // This MUST NOT be used to expand the size of the buffer beyond capacity(). void set_length(int new_len) { cur_len_ = new_len; } // This is the most performance critical function, since it is called for // every character. void push_back(T ch) { // In VC2005, putting this common case first speeds up execution // dramatically because this branch is predicted as taken. if (cur_len_ < buffer_len_) { buffer_[cur_len_] = ch; cur_len_++; return; } // Grow the buffer to hold at least one more item. Hopefully we won't have // to do this very often. if (!Grow(1)) return; // Actually do the insertion. buffer_[cur_len_] = ch; cur_len_++; } // Appends the given string to the output. void Append(const T* str, int str_len) { if (cur_len_ + str_len > buffer_len_) { if (!Grow(cur_len_ + str_len - buffer_len_)) return; } for (int i = 0; i < str_len; i++) buffer_[cur_len_ + i] = str[i]; cur_len_ += str_len; } void ReserveSizeIfNeeded(int estimated_size) { // Reserve a bit extra to account for escaped chars. if (estimated_size > buffer_len_) Resize(estimated_size + 8); } protected: // Grows the given buffer so that it can fit at least |min_additional| // characters. Returns true if the buffer could be resized, false on OOM. bool Grow(int min_additional) { static const int kMinBufferLen = 16; int new_len = (buffer_len_ == 0) ? kMinBufferLen : buffer_len_; do { if (new_len >= (1 << 30)) // Prevent overflow below. return false; new_len *= 2; } while (new_len < buffer_len_ + min_additional); Resize(new_len); return true; } T* buffer_; int buffer_len_; // Used characters in the buffer. int cur_len_; }; // Simple implementation of the CanonOutput using new[]. This class // also supports a static buffer so if it is allocated on the stack, most // URLs can be canonicalized with no heap allocations. template class RawCanonOutputT : public CanonOutputT { public: RawCanonOutputT() : CanonOutputT() { this->buffer_ = fixed_buffer_; this->buffer_len_ = fixed_capacity; } ~RawCanonOutputT() override { if (this->buffer_ != fixed_buffer_) delete[] this->buffer_; } void Resize(int sz) override { T* new_buf = new T[sz]; memcpy(new_buf, this->buffer_, sizeof(T) * (this->cur_len_ < sz ? this->cur_len_ : sz)); if (this->buffer_ != fixed_buffer_) delete[] this->buffer_; this->buffer_ = new_buf; this->buffer_len_ = sz; } protected: T fixed_buffer_[fixed_capacity]; }; // Explicitly instantiate commonly used instantiations. extern template class EXPORT_TEMPLATE_DECLARE(COMPONENT_EXPORT(URL)) CanonOutputT; // Normally, all canonicalization output is in narrow characters. We support // the templates so it can also be used internally if a wide buffer is // required. using CanonOutput = CanonOutputT; template class RawCanonOutput : public RawCanonOutputT {}; // Path. If the input does not begin in a slash (including if the input is // empty), we'll prepend a slash to the path to make it canonical. // // The 8-bit version assumes UTF-8 encoding, but does not verify the validity // of the UTF-8 (i.e., you can have invalid UTF-8 sequences, invalid // characters, etc.). Normally, URLs will come in as UTF-16, so this isn't // an issue. Somebody giving us an 8-bit path is responsible for generating // the path that the server expects (we'll escape high-bit characters), so // if something is invalid, it's their problem. COMPONENT_EXPORT(URL) bool CanonicalizePath(const char* spec, const Component& path, CanonOutput* output, Component* out_path); } // namespace chromium_url #endif // URL_URL_CANON_H_ ================================================ FILE: source/common/chromium_url/url_canon_internal.cc ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "common/chromium_url/url_canon_internal.h" namespace chromium_url { // See the header file for this array's declaration. const unsigned char kSharedCharTypeTable[0x100] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x00 - 0x0f 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x10 - 0x1f 0, // 0x20 ' ' (escape spaces in queries) CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x21 ! 0, // 0x22 " 0, // 0x23 # (invalid in query since it marks the ref) CHAR_QUERY | CHAR_USERINFO, // 0x24 $ CHAR_QUERY | CHAR_USERINFO, // 0x25 % CHAR_QUERY | CHAR_USERINFO, // 0x26 & 0, // 0x27 ' (Try to prevent XSS.) CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x28 ( CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x29 ) CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x2a * CHAR_QUERY | CHAR_USERINFO, // 0x2b + CHAR_QUERY | CHAR_USERINFO, // 0x2c , CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x2d - CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x2e . CHAR_QUERY, // 0x2f / CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x30 0 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x31 1 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x32 2 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x33 3 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x34 4 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x35 5 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x36 6 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x37 7 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_COMPONENT, // 0x38 8 CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_COMPONENT, // 0x39 9 CHAR_QUERY, // 0x3a : CHAR_QUERY, // 0x3b ; 0, // 0x3c < (Try to prevent certain types of XSS.) CHAR_QUERY, // 0x3d = 0, // 0x3e > (Try to prevent certain types of XSS.) CHAR_QUERY, // 0x3f ? CHAR_QUERY, // 0x40 @ CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x41 A CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x42 B CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x43 C CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x44 D CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x45 E CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x46 F CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x47 G CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x48 H CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x49 I CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4a J CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4b K CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4c L CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4d M CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4e N CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4f O CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x50 P CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x51 Q CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x52 R CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x53 S CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x54 T CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x55 U CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x56 V CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x57 W CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x58 X CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x59 Y CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x5a Z CHAR_QUERY, // 0x5b [ CHAR_QUERY, // 0x5c '\' CHAR_QUERY, // 0x5d ] CHAR_QUERY, // 0x5e ^ CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x5f _ CHAR_QUERY, // 0x60 ` CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x61 a CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x62 b CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x63 c CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x64 d CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x65 e CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x66 f CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x67 g CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x68 h CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x69 i CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6a j CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6b k CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6c l CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6d m CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6e n CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6f o CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x70 p CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x71 q CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x72 r CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x73 s CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x74 t CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x75 u CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x76 v CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x77 w CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x78 x CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x79 y CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x7a z CHAR_QUERY, // 0x7b { CHAR_QUERY, // 0x7c | CHAR_QUERY, // 0x7d } CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x7e ~ 0, // 0x7f 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x80 - 0x8f 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x90 - 0x9f 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xa0 - 0xaf 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xb0 - 0xbf 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xc0 - 0xcf 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xd0 - 0xdf 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xe0 - 0xef 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xf0 - 0xff }; const char kHexCharLookup[0x10] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', }; const char kCharToHexLookup[8] = { 0, // 0x00 - 0x1f '0', // 0x20 - 0x3f: digits 0 - 9 are 0x30 - 0x39 'A' - 10, // 0x40 - 0x5f: letters A - F are 0x41 - 0x46 'a' - 10, // 0x60 - 0x7f: letters a - f are 0x61 - 0x66 0, // 0x80 - 0x9F 0, // 0xA0 - 0xBF 0, // 0xC0 - 0xDF 0, // 0xE0 - 0xFF }; } // namespace chromium_url ================================================ FILE: source/common/chromium_url/url_canon_internal.h ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef URL_URL_CANON_INTERNAL_H_ #define URL_URL_CANON_INTERNAL_H_ // This file is intended to be included in another C++ file where the character // types are defined. This allows us to write mostly generic code, but not have // template bloat because everything is inlined when anybody calls any of our // functions. #include #include #include "common/chromium_url/envoy_shim.h" #include "common/chromium_url/url_canon.h" namespace chromium_url { // Character type handling ----------------------------------------------------- // Bits that identify different character types. These types identify different // bits that are set for each 8-bit character in the kSharedCharTypeTable. enum SharedCharTypes { // Characters that do not require escaping in queries. Characters that do // not have this flag will be escaped; see url_canon_query.cc CHAR_QUERY = 1, // Valid in the username/password field. CHAR_USERINFO = 2, // Valid in a IPv4 address (digits plus dot and 'x' for hex). CHAR_IPV4 = 4, // Valid in an ASCII-representation of a hex digit (as in %-escaped). CHAR_HEX = 8, // Valid in an ASCII-representation of a decimal digit. CHAR_DEC = 16, // Valid in an ASCII-representation of an octal digit. CHAR_OCT = 32, // Characters that do not require escaping in encodeURIComponent. Characters // that do not have this flag will be escaped; see url_util.cc. CHAR_COMPONENT = 64, }; // This table contains the flags in SharedCharTypes for each 8-bit character. // Some canonicalization functions have their own specialized lookup table. // For those with simple requirements, we have collected the flags in one // place so there are fewer lookup tables to load into the CPU cache. // // Using an unsigned char type has a small but measurable performance benefit // over using a 32-bit number. extern const unsigned char kSharedCharTypeTable[0x100]; // More readable wrappers around the character type lookup table. inline bool IsCharOfType(unsigned char c, SharedCharTypes type) { return !!(kSharedCharTypeTable[c] & type); } inline bool IsQueryChar(unsigned char c) { return IsCharOfType(c, CHAR_QUERY); } inline bool IsIPv4Char(unsigned char c) { return IsCharOfType(c, CHAR_IPV4); } inline bool IsHexChar(unsigned char c) { return IsCharOfType(c, CHAR_HEX); } inline bool IsComponentChar(unsigned char c) { return IsCharOfType(c, CHAR_COMPONENT); } // Maps the hex numerical values 0x0 to 0xf to the corresponding ASCII digit // that will be used to represent it. COMPONENT_EXPORT(URL) extern const char kHexCharLookup[0x10]; // This lookup table allows fast conversion between ASCII hex letters and their // corresponding numerical value. The 8-bit range is divided up into 8 // regions of 0x20 characters each. Each of the three character types (numbers, // uppercase, lowercase) falls into different regions of this range. The table // contains the amount to subtract from characters in that range to get at // the corresponding numerical value. // // See HexDigitToValue for the lookup. extern const char kCharToHexLookup[8]; // Assumes the input is a valid hex digit! Call IsHexChar before using this. inline unsigned char HexCharToValue(unsigned char c) { return c - kCharToHexLookup[c / 0x20]; } // Indicates if the given character is a dot or dot equivalent, returning the // number of characters taken by it. This will be one for a literal dot, 3 for // an escaped dot. If the character is not a dot, this will return 0. template inline int IsDot(const CHAR* spec, int offset, int end) { if (spec[offset] == '.') { return 1; } else if (spec[offset] == '%' && offset + 3 <= end && spec[offset + 1] == '2' && (spec[offset + 2] == 'e' || spec[offset + 2] == 'E')) { // Found "%2e" return 3; } return 0; } // Write a single character, escaped, to the output. This always escapes: it // does no checking that thee character requires escaping. // Escaping makes sense only 8 bit chars, so code works in all cases of // input parameters (8/16bit). template inline void AppendEscapedChar(UINCHAR ch, CanonOutputT* output) { output->push_back('%'); output->push_back(kHexCharLookup[(ch >> 4) & 0xf]); output->push_back(kHexCharLookup[ch & 0xf]); } // UTF-8 functions ------------------------------------------------------------ // Generic To-UTF-8 converter. This will call the given append method for each // character that should be appended, with the given output method. Wrappers // are provided below for escaped and non-escaped versions of this. // // The char_value must have already been checked that it's a valid Unicode // character. template inline void DoAppendUTF8(unsigned char_value, Output* output) { if (char_value <= 0x7f) { Appender(static_cast(char_value), output); } else if (char_value <= 0x7ff) { // 110xxxxx 10xxxxxx Appender(static_cast(0xC0 | (char_value >> 6)), output); Appender(static_cast(0x80 | (char_value & 0x3f)), output); } else if (char_value <= 0xffff) { // 1110xxxx 10xxxxxx 10xxxxxx Appender(static_cast(0xe0 | (char_value >> 12)), output); Appender(static_cast(0x80 | ((char_value >> 6) & 0x3f)), output); Appender(static_cast(0x80 | (char_value & 0x3f)), output); } else if (char_value <= 0x10FFFF) { // Max Unicode code point. // 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx Appender(static_cast(0xf0 | (char_value >> 18)), output); Appender(static_cast(0x80 | ((char_value >> 12) & 0x3f)), output); Appender(static_cast(0x80 | ((char_value >> 6) & 0x3f)), output); Appender(static_cast(0x80 | (char_value & 0x3f)), output); } else { // Invalid UTF-8 character (>20 bits). NOTREACHED(); } } // Helper used by AppendUTF8Value below. We use an unsigned parameter so there // are no funny sign problems with the input, but then have to convert it to // a regular char for appending. inline void AppendCharToOutput(unsigned char ch, CanonOutput* output) { output->push_back(static_cast(ch)); } // Writes the given character to the output as UTF-8. This does NO checking // of the validity of the Unicode characters; the caller should ensure that // the value it is appending is valid to append. inline void AppendUTF8Value(unsigned char_value, CanonOutput* output) { DoAppendUTF8(char_value, output); } // Writes the given character to the output as UTF-8, escaping ALL // characters (even when they are ASCII). This does NO checking of the // validity of the Unicode characters; the caller should ensure that the value // it is appending is valid to append. inline void AppendUTF8EscapedValue(unsigned char_value, CanonOutput* output) { DoAppendUTF8(char_value, output); } // Given a '%' character at |*begin| in the string |spec|, this will decode // the escaped value and put it into |*unescaped_value| on success (returns // true). On failure, this will return false, and will not write into // |*unescaped_value|. // // |*begin| will be updated to point to the last character of the escape // sequence so that when called with the index of a for loop, the next time // through it will point to the next character to be considered. On failure, // |*begin| will be unchanged. inline bool Is8BitChar(char /*c*/) { return true; // this case is specialized to avoid a warning } template inline bool DecodeEscaped(const CHAR* spec, int* begin, int end, unsigned char* unescaped_value) { if (*begin + 3 > end || !Is8BitChar(spec[*begin + 1]) || !Is8BitChar(spec[*begin + 2])) { // Invalid escape sequence because there's not enough room, or the // digits are not ASCII. return false; } unsigned char first = static_cast(spec[*begin + 1]); unsigned char second = static_cast(spec[*begin + 2]); if (!IsHexChar(first) || !IsHexChar(second)) { // Invalid hex digits, fail. return false; } // Valid escape sequence. *unescaped_value = (HexCharToValue(first) << 4) + HexCharToValue(second); *begin += 2; return true; } } // namespace chromium_url #endif // URL_URL_CANON_INTERNAL_H_ ================================================ FILE: source/common/chromium_url/url_canon_path.cc ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include #include "common/chromium_url/url_canon.h" #include "common/chromium_url/url_canon_internal.h" #include "common/chromium_url/url_parse_internal.h" namespace chromium_url { namespace { enum CharacterFlags { // Pass through unchanged, whether escaped or unescaped. This doesn't // actually set anything so you can't OR it to check, it's just to make the // table below more clear when neither ESCAPE or UNESCAPE is set. PASS = 0, // This character requires special handling in DoPartialPath. Doing this test // first allows us to filter out the common cases of regular characters that // can be directly copied. SPECIAL = 1, // This character must be escaped in the canonical output. Note that all // escaped chars also have the "special" bit set so that the code that looks // for this is triggered. Not valid with PASS or ESCAPE ESCAPE_BIT = 2, ESCAPE = ESCAPE_BIT | SPECIAL, // This character must be unescaped in canonical output. Not valid with // ESCAPE or PASS. We DON'T set the SPECIAL flag since if we encounter these // characters unescaped, they should just be copied. UNESCAPE = 4, // This character is disallowed in URLs. Note that the "special" bit is also // set to trigger handling. INVALID_BIT = 8, INVALID = INVALID_BIT | SPECIAL, }; // This table contains one of the above flag values. Note some flags are more // than one bits because they also turn on the "special" flag. Special is the // only flag that may be combined with others. // // This table is designed to match exactly what IE does with the characters. // // Dot is even more special, and the escaped version is handled specially by // IsDot. Therefore, we don't need the "escape" flag, and even the "unescape" // bit is never handled (we just need the "special") bit. const unsigned char kPathCharLookup[0x100] = { // NULL control chars... INVALID, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, // control chars... ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, // ' ' ! " # $ % & ' ( ) * // + , - . / ESCAPE, PASS, ESCAPE, ESCAPE, PASS, ESCAPE, PASS, PASS, PASS, PASS, PASS, PASS, PASS, UNESCAPE, SPECIAL, PASS, // 0 1 2 3 4 5 6 7 8 9 : // ; < = > ? UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, PASS, PASS, ESCAPE, PASS, ESCAPE, ESCAPE, // @ A B C D E F G H I J // K L M N O PASS, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, // P Q R S T U V W X Y Z // [ \ ] ^ _ UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, PASS, ESCAPE, PASS, ESCAPE, UNESCAPE, // ` a b c d e f g h i j // k l m n o ESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, // p q r s t u v w x y z // { | } ~ UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, UNESCAPE, ESCAPE, ESCAPE, ESCAPE, UNESCAPE, ESCAPE, // ...all the high-bit characters are escaped ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE, ESCAPE}; enum DotDisposition { // The given dot is just part of a filename and is not special. NOT_A_DIRECTORY, // The given dot is the current directory. DIRECTORY_CUR, // The given dot is the first of a double dot that should take us up one. DIRECTORY_UP }; // When the path resolver finds a dot, this function is called with the // character following that dot to see what it is. The return value // indicates what type this dot is (see above). This code handles the case // where the dot is at the end of the input. // // |*consumed_len| will contain the number of characters in the input that // express what we found. // // If the input is "../foo", |after_dot| = 1, |end| = 6, and // at the end, |*consumed_len| = 2 for the "./" this function consumed. The // original dot length should be handled by the caller. template DotDisposition ClassifyAfterDot(const CHAR* spec, int after_dot, int end, int* consumed_len) { if (after_dot == end) { // Single dot at the end. *consumed_len = 0; return DIRECTORY_CUR; } if (IsURLSlash(spec[after_dot])) { // Single dot followed by a slash. *consumed_len = 1; // Consume the slash return DIRECTORY_CUR; } int second_dot_len = IsDot(spec, after_dot, end); if (second_dot_len) { int after_second_dot = after_dot + second_dot_len; if (after_second_dot == end) { // Double dot at the end. *consumed_len = second_dot_len; return DIRECTORY_UP; } if (IsURLSlash(spec[after_second_dot])) { // Double dot followed by a slash. *consumed_len = second_dot_len + 1; return DIRECTORY_UP; } } // The dots are followed by something else, not a directory. *consumed_len = 0; return NOT_A_DIRECTORY; } // Rewinds the output to the previous slash. It is assumed that the output // ends with a slash and this doesn't count (we call this when we are // appending directory paths, so the previous path component has and ending // slash). // // This will stop at the first slash (assumed to be at position // |path_begin_in_output| and not go any higher than that. Some web pages // do ".." too many times, so we need to handle that brokenness. // // It searches for a literal slash rather than including a backslash as well // because it is run only on the canonical output. // // The output is guaranteed to end in a slash when this function completes. void BackUpToPreviousSlash(int path_begin_in_output, CanonOutput* output) { DCHECK(output->length() > 0); int i = output->length() - 1; DCHECK(output->at(i) == '/'); if (i == path_begin_in_output) return; // We're at the first slash, nothing to do. // Now back up (skipping the trailing slash) until we find another slash. i--; while (output->at(i) != '/' && i > path_begin_in_output) i--; // Now shrink the output to just include that last slash we found. output->set_length(i + 1); } // Looks for problematic nested escape sequences and escapes the output as // needed to ensure they can't be misinterpreted. // // Our concern is that in input escape sequence that's invalid because it // contains nested escape sequences might look valid once those are unescaped. // For example, "%%300" is not a valid escape sequence, but after unescaping the // inner "%30" this becomes "%00" which is valid. Leaving this in the output // string can result in callers re-canonicalizing the string and unescaping this // sequence, thus resulting in something fundamentally different than the // original input here. This can cause a variety of problems. // // This function is called after we've just unescaped a sequence that's within // two output characters of a previous '%' that we know didn't begin a valid // escape sequence in the input string. We look for whether the output is going // to turn into a valid escape sequence, and if so, convert the initial '%' into // an escaped "%25" so the output can't be misinterpreted. // // |spec| is the input string we're canonicalizing. // |next_input_index| is the index of the next unprocessed character in |spec|. // |input_len| is the length of |spec|. // |last_invalid_percent_index| is the index in |output| of a previously-seen // '%' character. The caller knows this '%' character isn't followed by a valid // escape sequence in the input string. // |output| is the canonicalized output thus far. The caller guarantees this // ends with a '%' followed by one or two characters, and the '%' is the one // pointed to by |last_invalid_percent_index|. The last character in the string // was just unescaped. template void CheckForNestedEscapes(const CHAR* spec, int next_input_index, int input_len, int last_invalid_percent_index, CanonOutput* output) { const int length = output->length(); const char last_unescaped_char = output->at(length - 1); // If |output| currently looks like "%c", we need to try appending the next // input character to see if this will result in a problematic escape // sequence. Note that this won't trigger on the first nested escape of a // two-escape sequence like "%%30%30" -- we'll allow the conversion to // "%0%30" -- but the second nested escape will be caught by this function // when it's called again in that case. const bool append_next_char = last_invalid_percent_index == length - 2; if (append_next_char) { // If the input doesn't contain a 7-bit character next, this case won't be a // problem. if ((next_input_index == input_len) || (spec[next_input_index] >= 0x80)) return; output->push_back(static_cast(spec[next_input_index])); } // Now output ends like "%cc". Try to unescape this. int begin = last_invalid_percent_index; unsigned char temp; if (DecodeEscaped(output->data(), &begin, output->length(), &temp)) { // New escape sequence found. Overwrite the characters following the '%' // with "25", and push_back() the one or two characters that were following // the '%' when we were called. if (!append_next_char) output->push_back(output->at(last_invalid_percent_index + 1)); output->set(last_invalid_percent_index + 1, '2'); output->set(last_invalid_percent_index + 2, '5'); output->push_back(last_unescaped_char); } else if (append_next_char) { // Not a valid escape sequence, but we still need to undo appending the next // source character so the caller can process it normally. output->set_length(length); } } // Appends the given path to the output. It assumes that if the input path // starts with a slash, it should be copied to the output. If no path has // already been appended to the output (the case when not resolving // relative URLs), the path should begin with a slash. // // If there are already path components (this mode is used when appending // relative paths for resolving), it assumes that the output already has // a trailing slash and that if the input begins with a slash, it should be // copied to the output. // // We do not collapse multiple slashes in a row to a single slash. It seems // no web browsers do this, and we don't want incompatibilities, even though // it would be correct for most systems. template bool DoPartialPath(const CHAR* spec, const Component& path, int path_begin_in_output, CanonOutput* output) { int end = path.end(); // We use this variable to minimize the amount of work done when unescaping -- // we'll only call CheckForNestedEscapes() when this points at one of the last // couple of characters in |output|. int last_invalid_percent_index = INT_MIN; bool success = true; for (int i = path.begin; i < end; i++) { UCHAR uch = static_cast(spec[i]); // Chromium UTF8 logic is unneeded, as the missing templated result // refers only to char const* (single-byte) characters at this time. // This only trips up MSVC, since linux gcc seems to optimize it away. // Indention is to avoid gratuitous diffs to origin source { unsigned char out_ch = static_cast(uch); unsigned char flags = kPathCharLookup[out_ch]; if (flags & SPECIAL) { // Needs special handling of some sort. int dotlen; if ((dotlen = IsDot(spec, i, end)) > 0) { // See if this dot was preceded by a slash in the output. We // assume that when canonicalizing paths, they will always // start with a slash and not a dot, so we don't have to // bounds check the output. // // Note that we check this in the case of dots so we don't have to // special case slashes. Since slashes are much more common than // dots, this actually increases performance measurably (though // slightly). DCHECK(output->length() > path_begin_in_output); if (output->length() > path_begin_in_output && output->at(output->length() - 1) == '/') { // Slash followed by a dot, check to see if this is means relative int consumed_len; switch (ClassifyAfterDot(spec, i + dotlen, end, &consumed_len)) { case NOT_A_DIRECTORY: // Copy the dot to the output, it means nothing special. output->push_back('.'); i += dotlen - 1; break; case DIRECTORY_CUR: // Current directory, just skip the input. i += dotlen + consumed_len - 1; break; case DIRECTORY_UP: BackUpToPreviousSlash(path_begin_in_output, output); i += dotlen + consumed_len - 1; break; } } else { // This dot is not preceded by a slash, it is just part of some // file name. output->push_back('.'); i += dotlen - 1; } } else if (out_ch == '\\') { // Convert backslashes to forward slashes output->push_back('/'); } else if (out_ch == '%') { // Handle escape sequences. unsigned char unescaped_value; if (DecodeEscaped(spec, &i, end, &unescaped_value)) { // Valid escape sequence, see if we keep, reject, or unescape it. // Note that at this point DecodeEscape() will have advanced |i| to // the last character of the escape sequence. char unescaped_flags = kPathCharLookup[unescaped_value]; if (unescaped_flags & UNESCAPE) { // This escaped value shouldn't be escaped. Try to copy it. output->push_back(unescaped_value); // If we just unescaped a value within 2 output characters of the // '%' from a previously-detected invalid escape sequence, we // might have an input string with problematic nested escape // sequences; detect and fix them. if (last_invalid_percent_index >= (output->length() - 3)) { CheckForNestedEscapes(spec, i + 1, end, last_invalid_percent_index, output); } } else { // Either this is an invalid escaped character, or it's a valid // escaped character we should keep escaped. In the first case we // should just copy it exactly and remember the error. In the // second we also copy exactly in case the server is sensitive to // changing the case of any hex letters. output->push_back('%'); output->push_back(static_cast(spec[i - 1])); output->push_back(static_cast(spec[i])); if (unescaped_flags & INVALID_BIT) success = false; } } else { // Invalid escape sequence. IE7+ rejects any URLs with such // sequences, while other browsers pass them through unchanged. We // use the permissive behavior. // TODO(brettw): Consider testing IE's strict behavior, which would // allow removing the code to handle nested escapes above. last_invalid_percent_index = output->length(); output->push_back('%'); } } else if (flags & INVALID_BIT) { // For NULLs, etc. fail. AppendEscapedChar(out_ch, output); success = false; } else if (flags & ESCAPE_BIT) { // This character should be escaped. AppendEscapedChar(out_ch, output); } } else { // Nothing special about this character, just append it. output->push_back(out_ch); } } } return success; } template bool DoPath(const CHAR* spec, const Component& path, CanonOutput* output, Component* out_path) { bool success = true; out_path->begin = output->length(); if (path.len > 0) { // Write out an initial slash if the input has none. If we just parse a URL // and then canonicalize it, it will of course have a slash already. This // check is for the replacement and relative URL resolving cases of file // URLs. if (!IsURLSlash(spec[path.begin])) output->push_back('/'); success = DoPartialPath(spec, path, out_path->begin, output); } else { // No input, canonical path is a slash. output->push_back('/'); } out_path->len = output->length() - out_path->begin; return success; } } // namespace bool CanonicalizePath(const char* spec, const Component& path, CanonOutput* output, Component* out_path) { return DoPath(spec, path, output, out_path); } } // namespace chromium_url ================================================ FILE: source/common/chromium_url/url_canon_stdstring.cc ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "common/chromium_url/url_canon_stdstring.h" namespace chromium_url { StdStringCanonOutput::StdStringCanonOutput(std::string* str) : CanonOutput(), str_(str) { cur_len_ = static_cast(str_->size()); // Append to existing data. buffer_ = str_->empty() ? NULL : &(*str_)[0]; buffer_len_ = static_cast(str_->size()); } StdStringCanonOutput::~StdStringCanonOutput() { // Nothing to do, we don't own the string. } void StdStringCanonOutput::Complete() { str_->resize(cur_len_); buffer_len_ = cur_len_; } void StdStringCanonOutput::Resize(int sz) { str_->resize(sz); buffer_ = str_->empty() ? NULL : &(*str_)[0]; buffer_len_ = sz; } } // namespace chromium_url ================================================ FILE: source/common/chromium_url/url_canon_stdstring.h ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef URL_URL_CANON_STDSTRING_H_ #define URL_URL_CANON_STDSTRING_H_ // This header file defines a canonicalizer output method class for STL // strings. Because the canonicalizer tries not to be dependent on the STL, // we have segregated it here. #include #include "common/chromium_url/envoy_shim.h" #include "common/chromium_url/url_canon.h" #define DISALLOW_COPY_AND_ASSIGN(TypeName) \ TypeName(const TypeName&) = delete; \ TypeName& operator=(const TypeName&) = delete namespace chromium_url { // Write into a std::string given in the constructor. This object does not own // the string itself, and the user must ensure that the string stays alive // throughout the lifetime of this object. // // The given string will be appended to; any existing data in the string will // be preserved. // // Note that when canonicalization is complete, the string will likely have // unused space at the end because we make the string very big to start out // with (by |initial_size|). This ends up being important because resize // operations are slow, and because the base class needs to write directly // into the buffer. // // Therefore, the user should call Complete() before using the string that // this class wrote into. class COMPONENT_EXPORT(URL) StdStringCanonOutput : public CanonOutput { public: StdStringCanonOutput(std::string* str); ~StdStringCanonOutput() override; // Must be called after writing has completed but before the string is used. void Complete(); void Resize(int sz) override; protected: std::string* str_; DISALLOW_COPY_AND_ASSIGN(StdStringCanonOutput); }; } // namespace chromium_url #endif // URL_URL_CANON_STDSTRING_H_ ================================================ FILE: source/common/chromium_url/url_parse.h ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef URL_PARSE_H_ #define URL_PARSE_H_ namespace chromium_url { // Component ------------------------------------------------------------------ // Represents a substring for URL parsing. struct Component { Component() : begin(0), len(-1) {} // Normal constructor: takes an offset and a length. Component(int b, int l) : begin(b), len(l) {} int end() const { return begin + len; } // Returns true if this component is valid, meaning the length is given. Even // valid components may be empty to record the fact that they exist. bool is_valid() const { return (len != -1); } // Returns true if the given component is specified on false, the component // is either empty or invalid. bool is_nonempty() const { return (len > 0); } void reset() { begin = 0; len = -1; } bool operator==(const Component& other) const { return begin == other.begin && len == other.len; } int begin; // Byte offset in the string of this component. int len; // Will be -1 if the component is unspecified. }; // Helper that returns a component created with the given begin and ending // points. The ending point is non-inclusive. inline Component MakeRange(int begin, int end) { return Component(begin, end - begin); } } // namespace chromium_url #endif // URL_PARSE_H_ ================================================ FILE: source/common/chromium_url/url_parse_internal.h ================================================ // Envoy snapshot of Chromium URL path normalization, see README.md. // NOLINT(namespace-envoy) // Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef URL_URL_PARSE_INTERNAL_H_ #define URL_URL_PARSE_INTERNAL_H_ namespace chromium_url { // We treat slashes and backslashes the same for IE compatibility. inline bool IsURLSlash(char ch) { return ch == '/' || ch == '\\'; } } // namespace chromium_url #endif // URL_URL_PARSE_INTERNAL_H_ ================================================ FILE: source/common/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_basic_cc_library", "envoy_cc_library", "envoy_cc_platform_dep", "envoy_cc_posix_library", "envoy_cc_win32_library", "envoy_include_prefix", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "assert_lib", srcs = ["assert.cc"], hdrs = ["assert.h"], external_deps = [ "abseil_base", "abseil_synchronization", ], deps = [":minimal_logger_lib"], ) envoy_cc_library( name = "debug_recursion_checker_lib", hdrs = ["debug_recursion_checker.h"], deps = [":assert_lib"], ) envoy_cc_library( name = "backoff_lib", srcs = ["backoff_strategy.cc"], hdrs = ["backoff_strategy.h"], deps = [ ":assert_lib", "//include/envoy/common:backoff_strategy_interface", "//include/envoy/common:random_generator_interface", ], ) envoy_cc_library( name = "base64_lib", srcs = ["base64.cc"], hdrs = ["base64.h"], deps = [ ":assert_lib", ":empty_string", "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "byte_order_lib", hdrs = ["byte_order.h"], ) envoy_cc_library( name = "c_smart_ptr_lib", hdrs = ["c_smart_ptr.h"], ) envoy_cc_library( name = "cleanup_lib", hdrs = ["cleanup.h"], deps = [ ":assert_lib", ], ) envoy_cc_library( name = "compiler_requirements_lib", hdrs = ["compiler_requirements.h"], ) envoy_cc_library( name = "documentation_url_lib", hdrs = ["documentation_url.h"], ) envoy_cc_library( name = "empty_string", hdrs = ["empty_string.h"], ) envoy_cc_library( name = "enum_to_int", hdrs = ["enum_to_int.h"], ) # fmt_lib is automatically a dependency of all envoy_cc_library definitions. envoy_basic_cc_library( name = "fmt_lib", hdrs = ["fmt.h"], external_deps = [ "abseil_strings", "fmtlib", ], include_prefix = envoy_include_prefix(package_name()), deps = ["//include/envoy/common:base_includes"], ) envoy_cc_library( name = "hash_lib", srcs = ["hash.cc"], hdrs = ["hash.h"], external_deps = ["xxhash"], ) envoy_cc_library( name = "hex_lib", srcs = ["hex.cc"], hdrs = ["hex.h"], deps = [":utility_lib"], ) envoy_cc_library( name = "linked_object", hdrs = ["linked_object.h"], deps = [":assert_lib"], ) envoy_cc_library( name = "mem_block_builder_lib", hdrs = ["mem_block_builder.h"], deps = [":assert_lib"], ) # Contains macros and helpers for dumpState utilities envoy_cc_library( name = "dump_state_utils", hdrs = ["dump_state_utils.h"], ) # Contains minimal code for logging to stderr. envoy_cc_library( name = "minimal_logger_lib", srcs = [ "fancy_logger.cc", "logger.cc", ], hdrs = [ "fancy_logger.h", "logger.h", ], external_deps = ["abseil_synchronization"], deps = [ ":base_logger_lib", ":lock_guard_lib", ":macros", ":non_copyable", ] + select({ "//bazel:android_logger": ["logger_impl_lib_android"], "//conditions:default": ["logger_impl_lib_standard"], }), ) envoy_cc_library( name = "base_logger_lib", srcs = ["base_logger.cc"], hdrs = ["base_logger.h"], ) envoy_cc_library( name = "logger_impl_lib_standard", hdrs = ["standard/logger_impl.h"], strip_include_prefix = "standard", deps = [":base_logger_lib"], ) envoy_cc_library( name = "logger_impl_lib_android", srcs = select({ "//bazel:android_logger": ["android/logger_impl.cc"], "//conditions:default": [], }), hdrs = select({ "//bazel:android_logger": ["android/logger_impl.h"], "//conditions:default": [], }), strip_include_prefix = "android", deps = [":base_logger_lib"], ) envoy_cc_library( name = "mutex_tracer_lib", srcs = ["mutex_tracer_impl.cc"], hdrs = ["mutex_tracer_impl.h"], external_deps = ["abseil_synchronization"], deps = [ ":assert_lib", "//include/envoy/common:mutex_tracer", ], ) # All non-essential logger delegates should go here to reduce dependencies that # minimal_logger_lib maintains. envoy_cc_library( name = "logger_lib", srcs = ["logger_delegates.cc"], hdrs = ["logger_delegates.h"], deps = [ ":dump_state_utils", ":macros", ":minimal_logger_lib", "//include/envoy/access_log:access_log_interface", ], ) envoy_cc_library( name = "basic_resource_lib", hdrs = ["basic_resource_impl.h"], deps = [ "//include/envoy/common:resource_interface", "//include/envoy/runtime:runtime_interface", ], ) envoy_cc_library( name = "macros", hdrs = ["macros.h"], ) envoy_cc_library( name = "matchers_lib", srcs = ["matchers.cc"], hdrs = ["matchers.h"], external_deps = ["abseil_optional"], deps = [ ":utility_lib", "//include/envoy/common:matchers_interface", "//source/common/common:regex_lib", "//source/common/config:metadata_lib", "//source/common/http:path_utility_lib", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "random_generator_lib", srcs = [ "random_generator.cc", ], hdrs = [ "random_generator.h", ], external_deps = ["ssl"], deps = [ ":assert_lib", "//include/envoy/common:random_generator_interface", ], ) envoy_cc_library( name = "regex_lib", srcs = ["regex.cc"], hdrs = ["regex.h"], deps = [ ":assert_lib", "//include/envoy/common:regex_interface", "//source/common/protobuf:utility_lib", "//source/common/stats:symbol_table_lib", "@com_googlesource_code_re2//:re2", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "non_copyable", hdrs = ["non_copyable.h"], ) envoy_cc_library( name = "phantom", hdrs = ["phantom.h"], ) envoy_cc_library( name = "scope_tracker", hdrs = ["scope_tracker.h"], deps = [ "//include/envoy/common:scope_tracker_interface", "//include/envoy/event:dispatcher_interface", ], ) envoy_cc_library( name = "stl_helpers", hdrs = ["stl_helpers.h"], ) envoy_cc_library( name = "thread_annotations", hdrs = ["thread_annotations.h"], external_deps = ["abseil_base"], ) envoy_cc_library( name = "thread_synchronizer_lib", srcs = ["thread_synchronizer.cc"], hdrs = ["thread_synchronizer.h"], external_deps = ["abseil_synchronization"], deps = [ ":assert_lib", ], ) envoy_cc_library( name = "thread_lib", hdrs = ["thread.h"], external_deps = ["abseil_synchronization"], deps = envoy_cc_platform_dep("thread_impl_lib") + [ ":non_copyable", ], ) envoy_cc_posix_library( name = "thread_impl_lib", srcs = ["posix/thread_impl.cc"], hdrs = ["posix/thread_impl.h"], strip_include_prefix = "posix", deps = [ ":assert_lib", "//include/envoy/thread:thread_interface", ], ) envoy_cc_win32_library( name = "thread_impl_lib", srcs = ["win32/thread_impl.cc"], hdrs = ["win32/thread_impl.h"], strip_include_prefix = "win32", deps = [ ":assert_lib", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "lock_guard_lib", hdrs = ["lock_guard.h"], deps = [ ":thread_annotations", "//include/envoy/thread:thread_interface", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = ["abseil_node_hash_map"], deps = [ ":assert_lib", ":hash_lib", ":non_copyable", "//include/envoy/common:interval_set_interface", "//include/envoy/common:time_interface", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "callback_impl_lib", hdrs = ["callback_impl.h"], deps = [ ":assert_lib", "//include/envoy/common:callback", ], ) envoy_cc_library( name = "perf_annotation_lib", srcs = ["perf_annotation.cc"], hdrs = ["perf_annotation.h"], deps = [ ":assert_lib", ":thread_annotations", ":thread_lib", ":utility_lib", ], ) envoy_cc_library( name = "scalar_to_byte_vector_lib", hdrs = ["scalar_to_byte_vector.h"], ) envoy_cc_library( name = "token_bucket_impl_lib", srcs = ["token_bucket_impl.cc"], hdrs = ["token_bucket_impl.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/common:token_bucket_interface", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "statusor_lib", hdrs = ["statusor.h"], deps = [ "//third_party/statusor:statusor_lib", ], ) ================================================ FILE: source/common/common/android/logger_impl.cc ================================================ #include "common/common/logger_impl.h" #include "spdlog/sinks/android_sink.h" namespace Envoy { namespace Logger { AndroidLogger::AndroidLogger(const std::string& name) : Logger(std::make_shared( name, std::make_shared>())) {} } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/android/logger_impl.h ================================================ #pragma once #include "common/common/base_logger.h" namespace Envoy { namespace Logger { #define GENERATE_LOGGER(X) AndroidLogger(#X), /** * Logger that uses spdlog::sinks::android_sink. */ class AndroidLogger : public Logger { private: AndroidLogger(const std::string& name); friend class Registry; }; } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/assert.cc ================================================ #include "common/common/assert.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/str_join.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Assert { class ActionRegistrationImpl : public ActionRegistration { public: ActionRegistrationImpl(std::function action) { ASSERT(debug_assertion_failure_record_action_ == nullptr); debug_assertion_failure_record_action_ = action; } ~ActionRegistrationImpl() override { ASSERT(debug_assertion_failure_record_action_ != nullptr); debug_assertion_failure_record_action_ = nullptr; } static void invokeAction() { if (debug_assertion_failure_record_action_ != nullptr) { debug_assertion_failure_record_action_(); } } private: // This implementation currently only handles one action being set at a time. This is currently // sufficient. If multiple actions are ever needed, the actions should be chained when // additional actions are registered. static std::function debug_assertion_failure_record_action_; }; // This class implements the logic for triggering ENVOY_BUG logs and actions. Logging and actions // will be triggered with exponential back-off per file and line bug. class EnvoyBugRegistrationImpl : public ActionRegistration { public: EnvoyBugRegistrationImpl(std::function action) { ASSERT(envoy_bug_failure_record_action_ == nullptr, "An ENVOY_BUG action was already set. Currently only a single action is supported."); envoy_bug_failure_record_action_ = action; counters_.clear(); } ~EnvoyBugRegistrationImpl() override { ASSERT(envoy_bug_failure_record_action_ != nullptr); envoy_bug_failure_record_action_ = nullptr; } // This method is invoked when an ENVOY_BUG condition fails. It increments a per file and line // counter for every ENVOY_BUG hit in a mutex guarded map. // The implementation may also be a inline static counter per-file and line. There is no benchmark // to show that the performance of this mutex is any worse than atomic counters. Acquiring and // releasing a mutex is cheaper than a cache miss, but the mutex here is contended for every // ENVOY_BUG failure rather than per individual bug. Logging ENVOY_BUGs is not a performance // critical path, and mutex contention would indicate that there is a serious failure. // Currently, this choice reduces code size and has the advantage that behavior is easier to // understand and debug, and test behavior is predictable. static bool shouldLogAndInvoke(absl::string_view bug_name) { // Increment counter, inserting first if counter does not exist. uint64_t counter_value = 0; { absl::MutexLock lock(&mutex_); counter_value = ++counters_[bug_name]; } // Check if counter is power of two by its bitwise representation. return (counter_value & (counter_value - 1)) == 0; } static void invokeAction() { if (envoy_bug_failure_record_action_ != nullptr) { envoy_bug_failure_record_action_(); } } private: // This implementation currently only handles one action being set at a time. This is currently // sufficient. If multiple actions are ever needed, the actions should be chained when // additional actions are registered. static std::function envoy_bug_failure_record_action_; using EnvoyBugMap = absl::flat_hash_map; static absl::Mutex mutex_; static EnvoyBugMap counters_ GUARDED_BY(mutex_); }; std::function ActionRegistrationImpl::debug_assertion_failure_record_action_; std::function EnvoyBugRegistrationImpl::envoy_bug_failure_record_action_; EnvoyBugRegistrationImpl::EnvoyBugMap EnvoyBugRegistrationImpl::counters_; absl::Mutex EnvoyBugRegistrationImpl::mutex_; ActionRegistrationPtr setDebugAssertionFailureRecordAction(const std::function& action) { return std::make_unique(action); } ActionRegistrationPtr setEnvoyBugFailureRecordAction(const std::function& action) { return std::make_unique(action); } void invokeDebugAssertionFailureRecordActionForAssertMacroUseOnly() { ActionRegistrationImpl::invokeAction(); } void invokeEnvoyBugFailureRecordActionForEnvoyBugMacroUseOnly() { EnvoyBugRegistrationImpl::invokeAction(); } bool shouldLogAndInvokeEnvoyBugForEnvoyBugMacroUseOnly(absl::string_view bug_name) { return EnvoyBugRegistrationImpl::shouldLogAndInvoke(bug_name); } } // namespace Assert } // namespace Envoy ================================================ FILE: source/common/common/assert.h ================================================ #pragma once #include #include "common/common/logger.h" namespace Envoy { namespace Assert { class ActionRegistration { public: virtual ~ActionRegistration() = default; }; using ActionRegistrationPtr = std::unique_ptr; /** * Sets an action to be invoked when a debug assertion failure is detected * in a release build. This action will be invoked each time an assertion * failure is detected. * * This function is not thread-safe; concurrent calls to set the action are not allowed. * * The action may be invoked concurrently if two ASSERTS in different threads fail at the * same time, so the action must be thread-safe. * * This has no effect in debug builds (assertion failure aborts the process) * or in release builds without ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE defined (assertion * tests are compiled out). * * @param action The action to take when an assertion fails. * @return A registration object. The registration is removed when the object is destructed. */ ActionRegistrationPtr setDebugAssertionFailureRecordAction(const std::function& action); /** * Sets an action to be invoked when an ENVOY_BUG failure is detected in a release build. This * action will be invoked each time an ENVOY_BUG failure is detected. * * This function is not thread-safe; concurrent calls to set the action are not allowed. * * The action may be invoked concurrently if two ENVOY_BUGs in different threads fail at the * same time, so the action must be thread-safe. * * This has no effect in debug builds (envoy bug failure aborts the process). * * @param action The action to take when an envoy bug fails. * @return A registration object. The registration is removed when the object is destructed. */ ActionRegistrationPtr setEnvoyBugFailureRecordAction(const std::function& action); /** * Invokes the action set by setDebugAssertionFailureRecordAction, or does nothing if * no action has been set. * * This should only be called by ASSERT macros in this file. */ void invokeDebugAssertionFailureRecordActionForAssertMacroUseOnly(); /** * Invokes the action set by setEnvoyBugFailureRecordAction, or does nothing if * no action has been set. * * This should only be called by ENVOY_BUG macros in this file. */ void invokeEnvoyBugFailureRecordActionForEnvoyBugMacroUseOnly(); /** * Increments power of two counter for EnvoyBugRegistrationImpl. * * This should only be called by ENVOY_BUG macros in this file. */ bool shouldLogAndInvokeEnvoyBugForEnvoyBugMacroUseOnly(absl::string_view bug_name); // CONDITION_STR is needed to prevent macros in condition from being expected, which obfuscates // the logged failure, e.g., "EAGAIN" vs "11". #define _ASSERT_IMPL(CONDITION, CONDITION_STR, ACTION, DETAILS) \ do { \ if (!(CONDITION)) { \ const std::string& details = (DETAILS); \ ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::assert), critical, \ "assert failure: {}.{}{}", CONDITION_STR, \ details.empty() ? "" : " Details: ", details); \ ACTION; \ } \ } while (false) // This non-implementation ensures that its argument is a valid expression that can be statically // casted to a bool, but the expression is never evaluated and will be compiled away. #define _NULL_ASSERT_IMPL(X, ...) \ do { \ constexpr bool __assert_dummy_variable = false && static_cast(X); \ (void)__assert_dummy_variable; \ } while (false) /** * assert macro that uses our builtin logging which gives us thread ID and can log to various * sinks. * * The old style release assert was of the form RELEASE_ASSERT(foo == bar); * where it would log stack traces and the failed conditional and crash if the * condition is not met. The are many legacy RELEASE_ASSERTS in Envoy which * were converted to RELEASE_ASSERT(foo == bar, ""); * * The new style of release assert is of the form * RELEASE_ASSERT(foo == bar, "reason foo should actually be bar"); * new uses of RELEASE_ASSERT should supply a verbose explanation of what went wrong. */ #define RELEASE_ASSERT(X, DETAILS) _ASSERT_IMPL(X, #X, abort(), DETAILS) /** * Assert macro intended for security guarantees. It has the same functionality * as RELEASE_ASSERT, but is intended for memory bounds-checking. */ #define SECURITY_ASSERT(X, DETAILS) _ASSERT_IMPL(X, #X, abort(), DETAILS) #if !defined(NDEBUG) || defined(ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE) #if !defined(NDEBUG) // If this is a debug build. #define ASSERT_ACTION abort() #else // If this is not a debug build, but ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE is defined. #define ASSERT_ACTION Envoy::Assert::invokeDebugAssertionFailureRecordActionForAssertMacroUseOnly() #endif // !defined(NDEBUG) #define _ASSERT_ORIGINAL(X) _ASSERT_IMPL(X, #X, ASSERT_ACTION, "") #define _ASSERT_VERBOSE(X, Y) _ASSERT_IMPL(X, #X, ASSERT_ACTION, Y) #define _ASSERT_SELECTOR(_1, _2, ASSERT_MACRO, ...) ASSERT_MACRO // This is a workaround for fact that MSVC expands __VA_ARGS__ after passing them into a macro, // rather than before passing them into a macro. Without this, _ASSERT_SELECTOR does not work // correctly when compiled with MSVC #define EXPAND(X) X #if !defined(ENVOY_DISABLE_KNOWN_ISSUE_ASSERTS) /** * Assert wrapper for an as-yet unidentified issue. Even with ASSERTs compiled in, it may be * excluded, by defining ENVOY_DISABLE_KNOWN_ISSUE_ASSERTS. It represents a condition that * should always pass but that sometimes fails for an unknown reason. The macro allows it to * be temporarily compiled out while the failure is triaged and investigated. */ #define KNOWN_ISSUE_ASSERT(X, DETAILS) _ASSERT_IMPL(X, #X, abort(), DETAILS) #else // This non-implementation ensures that its argument is a valid expression that can be statically // casted to a bool, but the expression is never evaluated and will be compiled away. #define KNOWN_ISSUE_ASSERT _NULL_ASSERT_IMPL #endif // defined(ENVOY_DISABLE_KNOWN_ISSUE_ASSERTS) // If ASSERT is called with one argument, the ASSERT_SELECTOR will return // _ASSERT_ORIGINAL and this will call _ASSERT_ORIGINAL(__VA_ARGS__). // If ASSERT is called with two arguments, ASSERT_SELECTOR will return // _ASSERT_VERBOSE, and this will call _ASSERT_VERBOSE,(__VA_ARGS__) #define ASSERT(...) \ EXPAND(_ASSERT_SELECTOR(__VA_ARGS__, _ASSERT_VERBOSE, _ASSERT_ORIGINAL)(__VA_ARGS__)) #else #define ASSERT _NULL_ASSERT_IMPL #define KNOWN_ISSUE_ASSERT _NULL_ASSERT_IMPL #endif // !defined(NDEBUG) || defined(ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE) /** * Indicate a panic situation and exit. */ #define PANIC(X) \ do { \ ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::assert), critical, \ "panic: {}", X); \ abort(); \ } while (false) #if !defined(NDEBUG) #define ENVOY_BUG_ACTION abort() #else #define ENVOY_BUG_ACTION Envoy::Assert::invokeEnvoyBugFailureRecordActionForEnvoyBugMacroUseOnly() #endif // These macros are needed to stringify __LINE__ correctly. #define STRINGIFY(X) #X #define TOSTRING(X) STRINGIFY(X) // CONDITION_STR is needed to prevent macros in condition from being expected, which obfuscates // the logged failure, e.g., "EAGAIN" vs "11". // ENVOY_BUG logging and actions are invoked only on power-of-two instances per log line. #define _ENVOY_BUG_IMPL(CONDITION, CONDITION_STR, ACTION, DETAILS) \ do { \ if (!(CONDITION) && Envoy::Assert::shouldLogAndInvokeEnvoyBugForEnvoyBugMacroUseOnly( \ __FILE__ ":" TOSTRING(__LINE__))) { \ const std::string& details = (DETAILS); \ ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::envoy_bug), error, \ "envoy bug failure: {}.{}{}", CONDITION_STR, \ details.empty() ? "" : " Details: ", details); \ ACTION; \ } \ } while (false) #define _ENVOY_BUG_VERBOSE(X, Y) _ENVOY_BUG_IMPL(X, #X, ENVOY_BUG_ACTION, Y) // This macro is needed to help to remove: "warning C4003: not enough arguments for function-like // macro invocation ''" when expanding __VA_ARGS__. In our setup, MSVC treats this // warning as an error. A sample code to reproduce the case: https://godbolt.org/z/M4zZNG. #define PASS_ON(...) __VA_ARGS__ /** * Indicate a failure condition that should never be met in normal circumstances. In contrast * with ASSERT, an ENVOY_BUG is compiled in release mode. If a failure condition is met in release * mode, it is logged and a stat is incremented with exponential back-off per ENVOY_BUG. In debug * mode, it will crash if the condition is not met. ENVOY_BUG must be called with two arguments for * verbose logging. */ #define ENVOY_BUG(...) PASS_ON(PASS_ON(_ENVOY_BUG_VERBOSE)(__VA_ARGS__)) // NOT_IMPLEMENTED_GCOVR_EXCL_LINE is for overridden functions that are expressly not implemented. // The macro name includes "GCOVR_EXCL_LINE" to exclude the macro's usage from code coverage // reports. #define NOT_IMPLEMENTED_GCOVR_EXCL_LINE PANIC("not implemented") // NOT_REACHED_GCOVR_EXCL_LINE is for spots the compiler insists on having a return, but where we // know that it shouldn't be possible to arrive there, assuming no horrendous bugs. For example, // after a switch (some_enum) with all enum values included in the cases. The macro name includes // "GCOVR_EXCL_LINE" to exclude the macro's usage from code coverage reports. #define NOT_REACHED_GCOVR_EXCL_LINE PANIC("not reached") } // namespace Assert } // namespace Envoy ================================================ FILE: source/common/common/backoff_strategy.cc ================================================ #include "common/common/backoff_strategy.h" namespace Envoy { JitteredExponentialBackOffStrategy::JitteredExponentialBackOffStrategy( uint64_t base_interval, uint64_t max_interval, Random::RandomGenerator& random) : base_interval_(base_interval), max_interval_(max_interval), next_interval_(base_interval), random_(random) { ASSERT(base_interval_ > 0); ASSERT(base_interval_ <= max_interval_); } uint64_t JitteredExponentialBackOffStrategy::nextBackOffMs() { const uint64_t backoff = next_interval_; ASSERT(backoff > 0); // Set next_interval_ to max_interval_ if doubling the interval would exceed the max or overflow. if (next_interval_ < max_interval_ / 2) { next_interval_ *= 2; } else { next_interval_ = max_interval_; } return std::min(random_.random() % backoff, max_interval_); } void JitteredExponentialBackOffStrategy::reset() { next_interval_ = base_interval_; } JitteredLowerBoundBackOffStrategy::JitteredLowerBoundBackOffStrategy( uint64_t min_interval, Random::RandomGenerator& random) : min_interval_(min_interval), random_(random) { ASSERT(min_interval_ > 1); } uint64_t JitteredLowerBoundBackOffStrategy::nextBackOffMs() { // random(min_interval_, 1.5 * min_interval_) return (random_.random() % (min_interval_ >> 1)) + min_interval_; } FixedBackOffStrategy::FixedBackOffStrategy(uint64_t interval_ms) : interval_ms_(interval_ms) { ASSERT(interval_ms_ > 0); } uint64_t FixedBackOffStrategy::nextBackOffMs() { return interval_ms_; } } // namespace Envoy ================================================ FILE: source/common/common/backoff_strategy.h ================================================ #pragma once #include #include #include "envoy/common/backoff_strategy.h" #include "envoy/common/random_generator.h" #include "common/common/assert.h" namespace Envoy { /** * Implementation of BackOffStrategy that uses a fully jittered exponential backoff algorithm. */ class JitteredExponentialBackOffStrategy : public BackOffStrategy { public: /** * Constructs fully jittered backoff strategy. * @param base_interval the base interval to be used for next backoff computation. It should be * greater than zero and less than or equal to max_interval. * @param max_interval the cap on the next backoff value. * @param random the random generator. */ JitteredExponentialBackOffStrategy(uint64_t base_interval, uint64_t max_interval, Random::RandomGenerator& random); // BackOffStrategy methods uint64_t nextBackOffMs() override; void reset() override; private: const uint64_t base_interval_; const uint64_t max_interval_{}; uint64_t next_interval_; Random::RandomGenerator& random_; }; /** * Implementation of BackOffStrategy that returns random values in the range * [min_interval, 1.5 * min_interval). */ class JitteredLowerBoundBackOffStrategy : public BackOffStrategy { public: /** * Constructs fully jittered backoff strategy. * @param min_interval the lower bound on the next backoff value. It must be greater than one. * @param random the random generator. */ JitteredLowerBoundBackOffStrategy(uint64_t min_interval, Random::RandomGenerator& random); // BackOffStrategy methods uint64_t nextBackOffMs() override; void reset() override {} private: const uint64_t min_interval_; Random::RandomGenerator& random_; }; /** * Implementation of BackOffStrategy that uses a fixed backoff. */ class FixedBackOffStrategy : public BackOffStrategy { public: /** * Constructs fixed backoff strategy. * @param interval_ms the fixed backoff duration. It should be greater than zero. */ FixedBackOffStrategy(uint64_t interval_ms); // BackOffStrategy methods. uint64_t nextBackOffMs() override; void reset() override {} private: const uint64_t interval_ms_; }; } // namespace Envoy ================================================ FILE: source/common/common/base64.cc ================================================ #include "common/common/base64.h" #include #include #include "common/common/assert.h" #include "common/common/empty_string.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace { // clang-format off constexpr char CHAR_TABLE[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; // Conversion table is taken from // https://opensource.apple.com/source/QuickTimeStreamingServer/QuickTimeStreamingServer-452/CommonUtilitiesLib/base64.c constexpr unsigned char REVERSE_LOOKUP_TABLE[256] = { 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64}; // The base64url tables are copied from above and modified based on table in // https://tools.ietf.org/html/rfc4648#section-5 constexpr char URL_CHAR_TABLE[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; constexpr unsigned char URL_REVERSE_LOOKUP_TABLE[256] = { 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 63, 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64}; // clang-format on inline bool decodeBase(const uint8_t cur_char, uint64_t pos, std::string& ret, const unsigned char* const reverse_lookup_table) { const unsigned char c = reverse_lookup_table[static_cast(cur_char)]; if (c == 64) { // Invalid character return false; } switch (pos % 4) { case 0: ret.push_back(c << 2); break; case 1: ret.back() |= c >> 4; ret.push_back(c << 4); break; case 2: ret.back() |= c >> 2; ret.push_back(c << 6); break; case 3: ret.back() |= c; break; } return true; } inline bool decodeLast(const uint8_t cur_char, uint64_t pos, std::string& ret, const unsigned char* const reverse_lookup_table) { const unsigned char c = reverse_lookup_table[static_cast(cur_char)]; if (c == 64) { // Invalid character return false; } switch (pos % 4) { case 0: return false; case 1: ret.back() |= c >> 4; return (c & 0b1111) == 0; case 2: ret.back() |= c >> 2; return (c & 0b11) == 0; case 3: ret.back() |= c; break; } return true; } inline void encodeBase(const uint8_t cur_char, uint64_t pos, uint8_t& next_c, std::string& ret, const char* const char_table) { switch (pos % 3) { case 0: ret.push_back(char_table[cur_char >> 2]); next_c = (cur_char & 0x03) << 4; break; case 1: ret.push_back(char_table[next_c | (cur_char >> 4)]); next_c = (cur_char & 0x0f) << 2; break; case 2: ret.push_back(char_table[next_c | (cur_char >> 6)]); ret.push_back(char_table[cur_char & 0x3f]); next_c = 0; break; } } inline void encodeLast(uint64_t pos, uint8_t last_char, std::string& ret, const char* const char_table, bool add_padding) { switch (pos % 3) { case 1: ret.push_back(char_table[last_char]); if (add_padding) { ret.push_back('='); ret.push_back('='); } break; case 2: ret.push_back(char_table[last_char]); if (add_padding) { ret.push_back('='); } break; default: break; } } } // namespace std::string Base64::decode(const std::string& input) { if (input.length() % 4) { return EMPTY_STRING; } return decodeWithoutPadding(input); } std::string Base64::decodeWithoutPadding(absl::string_view input) { if (input.empty()) { return EMPTY_STRING; } // At most last two chars can be '='. size_t n = input.length(); if (input[n - 1] == '=') { n--; if (n > 0 && input[n - 1] == '=') { n--; } } // Last position before "valid" padding character. uint64_t last = n - 1; // Determine output length. size_t max_length = (n + 3) / 4 * 3; if (n % 4 == 3) { max_length -= 1; } if (n % 4 == 2) { max_length -= 2; } std::string ret; ret.reserve(max_length); for (uint64_t i = 0; i < last; ++i) { if (!decodeBase(input[i], i, ret, REVERSE_LOOKUP_TABLE)) { return EMPTY_STRING; } } if (!decodeLast(input[last], last, ret, REVERSE_LOOKUP_TABLE)) { return EMPTY_STRING; } ASSERT(ret.size() == max_length); return ret; } std::string Base64::encode(const Buffer::Instance& buffer, uint64_t length) { uint64_t output_length = (std::min(length, buffer.length()) + 2) / 3 * 4; std::string ret; ret.reserve(output_length); uint64_t j = 0; uint8_t next_c = 0; for (const Buffer::RawSlice& slice : buffer.getRawSlices()) { const uint8_t* slice_mem = static_cast(slice.mem_); for (uint64_t i = 0; i < slice.len_ && j < length; ++i, ++j) { encodeBase(slice_mem[i], j, next_c, ret, CHAR_TABLE); } if (j == length) { break; } } encodeLast(j, next_c, ret, CHAR_TABLE, true); return ret; } std::string Base64::encode(const char* input, uint64_t length) { return encode(input, length, true); } std::string Base64::encode(const char* input, uint64_t length, bool add_padding) { uint64_t output_length = (length + 2) / 3 * 4; std::string ret; ret.reserve(output_length); uint64_t pos = 0; uint8_t next_c = 0; for (uint64_t i = 0; i < length; ++i) { encodeBase(input[i], pos++, next_c, ret, CHAR_TABLE); } encodeLast(pos, next_c, ret, CHAR_TABLE, add_padding); return ret; } std::string Base64Url::decode(const std::string& input) { if (input.empty()) { return EMPTY_STRING; } std::string ret; ret.reserve(input.length() / 4 * 3 + 3); uint64_t last = input.length() - 1; for (uint64_t i = 0; i < last; ++i) { if (!decodeBase(input[i], i, ret, URL_REVERSE_LOOKUP_TABLE)) { return EMPTY_STRING; } } if (!decodeLast(input[last], last, ret, URL_REVERSE_LOOKUP_TABLE)) { return EMPTY_STRING; } return ret; } std::string Base64Url::encode(const char* input, uint64_t length) { uint64_t output_length = (length + 2) / 3 * 4; std::string ret; ret.reserve(output_length); uint64_t pos = 0; uint8_t next_c = 0; for (uint64_t i = 0; i < length; ++i) { encodeBase(input[i], pos++, next_c, ret, URL_CHAR_TABLE); } encodeLast(pos, next_c, ret, URL_CHAR_TABLE, false); return ret; } } // namespace Envoy ================================================ FILE: source/common/common/base64.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "absl/strings/string_view.h" namespace Envoy { /** * A utility class to support base64 encoding, which is defined in RFC4648 Section 4. * See https://tools.ietf.org/html/rfc4648#section-4 */ class Base64 { public: /** * Base64 encode an input buffer. * @param buffer supplies the buffer to encode. * @param length supplies the length to encode which may be <= the buffer length. */ static std::string encode(const Buffer::Instance& buffer, uint64_t length); /** * Base64 encode an input char buffer with a given length. * @param input char array to encode. * @param length of the input array. */ static std::string encode(const char* input, uint64_t length); /** * Base64 encode an input char buffer with a given length. * @param input char array to encode. * @param length of the input array. * @param whether add padding at the end of the output. */ static std::string encode(const char* input, uint64_t length, bool add_padding); /** * Base64 decode an input string. Padding is required. * @param input supplies the input to decode. * * Note, decoded string may contain '\0' at any position, it should be treated as a sequence of * bytes. */ static std::string decode(const std::string& input); /** * Base64 decode an input string. Padding is not required. * @param input supplies the input to decode. * * Note, decoded string may contain '\0' at any position, it should be treated as a sequence of * bytes. */ static std::string decodeWithoutPadding(absl::string_view input); }; /** * A utility class to support base64url encoding, which is defined in RFC4648 Section 5. * See https://tools.ietf.org/html/rfc4648#section-5 */ class Base64Url { public: /** * Base64url encode an input char buffer with a given length. * @param input char array to encode. * @param length of the input array. */ static std::string encode(const char* input, uint64_t length); /** * Base64url decode an input string. Padding must not be included in the input. * @param input supplies the input to decode. * * Note, decoded string may contain '\0' at any position, it should be treated as a sequence of * bytes. */ static std::string decode(const std::string& input); }; } // namespace Envoy ================================================ FILE: source/common/common/base_logger.cc ================================================ #include "common/common/base_logger.h" namespace Envoy { namespace Logger { const char* Logger::DEFAULT_LOG_FORMAT = "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"; Logger::Logger(std::shared_ptr logger) : logger_(logger) { logger_->set_pattern(DEFAULT_LOG_FORMAT); logger_->set_level(spdlog::level::trace); // Ensure that critical errors, especially ASSERT/PANIC, get flushed logger_->flush_on(spdlog::level::critical); } } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/base_logger.h ================================================ #pragma once #include #include #include "spdlog/spdlog.h" namespace Envoy { namespace Logger { /** * Logger wrapper for a spdlog logger. */ class Logger { public: /* This is simple mapping between Logger severity levels and spdlog severity levels. * The only reason for this mapping is to go around the fact that spdlog defines level as err * but the method to log at err level is called LOGGER.error not LOGGER.err. All other level are * fine spdlog::info corresponds to LOGGER.info method. */ using Levels = enum { trace = spdlog::level::trace, // NOLINT(readability-identifier-naming) debug = spdlog::level::debug, // NOLINT(readability-identifier-naming) info = spdlog::level::info, // NOLINT(readability-identifier-naming) warn = spdlog::level::warn, // NOLINT(readability-identifier-naming) error = spdlog::level::err, // NOLINT(readability-identifier-naming) critical = spdlog::level::critical, // NOLINT(readability-identifier-naming) off = spdlog::level::off // NOLINT(readability-identifier-naming) }; spdlog::string_view_t levelString() const { return spdlog::level::level_string_views[logger_->level()]; } std::string name() const { return logger_->name(); } void setLevel(spdlog::level::level_enum level) { logger_->set_level(level); } spdlog::level::level_enum level() const { return logger_->level(); } static const char* DEFAULT_LOG_FORMAT; protected: Logger(std::shared_ptr logger); private: std::shared_ptr logger_; // Use shared_ptr here to allow static construction // of vector in Registry::allLoggers(). // TODO(junr03): expand Logger's public API to delete this friendship. friend class Registry; }; } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/basic_resource_impl.h ================================================ #pragma once #include #include "envoy/common/resource.h" #include "envoy/runtime/runtime.h" #include "common/common/assert.h" #include "absl/types/optional.h" namespace Envoy { /** * A handle to track some limited resource. * * NOTE: * This implementation makes some assumptions which favor simplicity over correctness. Though * atomics are used, it is possible for resources to temporarily go above the supplied maximums. * This should not effect overall behavior. */ class BasicResourceLimitImpl : public ResourceLimit { public: BasicResourceLimitImpl(uint64_t max, Runtime::Loader& runtime, const std::string& runtime_key) : max_(max), runtime_(&runtime), runtime_key_(runtime_key) {} BasicResourceLimitImpl(uint64_t max) : max_(max) {} BasicResourceLimitImpl() : max_(std::numeric_limits::max()) {} bool canCreate() override { return current_.load() < max(); } void inc() override { ++current_; } void dec() override { decBy(1); } void decBy(uint64_t amount) override { ASSERT(current_ >= amount); current_ -= amount; } uint64_t max() override { return (runtime_ != nullptr && runtime_key_.has_value()) ? runtime_->snapshot().getInteger(runtime_key_.value(), max_) : max_; } uint64_t count() const override { return current_.load(); } void setMax(uint64_t new_max) { max_ = new_max; } void resetMax() { max_ = std::numeric_limits::max(); } protected: std::atomic current_{}; private: uint64_t max_; Runtime::Loader* runtime_{nullptr}; const absl::optional runtime_key_; }; } // namespace Envoy ================================================ FILE: source/common/common/byte_order.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" // NOLINT(namespace-envoy) enum class ByteOrder { Host, LittleEndian, BigEndian }; template struct EndiannessConverter; // convenience function that converts an integer from host byte-order to a specified endianness template inline T toEndianness(T value) { return EndiannessConverter::to(value); } // convenience function that converts an integer from a specified endianness to host byte-order template inline T fromEndianness(T value) { return EndiannessConverter::from(value); } // Implementation details below // implementation details of EndiannessConverter for 8-bit host endianness integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint8_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 16-bit host endianness integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint16_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 32-bit host endianness integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint32_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 64-bit host endianness integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint64_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 8-bit little endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint8_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 16-bit little endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint16_t), "incorrect type width"); static T to(T value) { return static_cast(htole16(static_cast(value))); } static T from(T value) { return static_cast(le16toh(static_cast(value))); } }; // implementation details of EndiannessConverter for 32-bit little endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint32_t), "incorrect type width"); static T to(T value) { return static_cast(htole32(static_cast(value))); } static T from(T value) { return static_cast(le32toh(static_cast(value))); } }; // implementation details of EndiannessConverter for 64-bit little endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint64_t), "incorrect type width"); static T to(T value) { return static_cast(htole64(static_cast(value))); } static T from(T value) { return static_cast(le64toh(static_cast(value))); } }; // implementation details of EndiannessConverter for 8-bit big endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint8_t), "incorrect type width"); static T to(T value) { return value; } static T from(T value) { return value; } }; // implementation details of EndiannessConverter for 16-bit big endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint16_t), "incorrect type width"); static T to(T value) { return static_cast(htobe16(static_cast(value))); } static T from(T value) { return static_cast(be16toh(static_cast(value))); } }; // implementation details of EndiannessConverter for 32-bit big endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint32_t), "incorrect type width"); static T to(T value) { return static_cast(htobe32(static_cast(value))); } static T from(T value) { return static_cast(be32toh(static_cast(value))); } }; // implementation details of EndiannessConverter for 64-bit big endian integers template struct EndiannessConverter { static_assert(sizeof(T) == sizeof(uint64_t), "incorrect type width"); static T to(T value) { return static_cast(htobe64(static_cast(value))); } static T from(T value) { return static_cast(be64toh(static_cast(value))); } }; ================================================ FILE: source/common/common/c_smart_ptr.h ================================================ #pragma once #include namespace Envoy { /** * This is a helper that wraps C style API objects that need to be deleted with a smart pointer. */ template class CSmartPtr : public std::unique_ptr { public: CSmartPtr() : std::unique_ptr(nullptr, deleter) {} CSmartPtr(T* object) : std::unique_ptr(object, deleter) {} }; } // namespace Envoy ================================================ FILE: source/common/common/callback_impl.h ================================================ #pragma once #include #include #include "envoy/common/callback.h" #include "common/common/assert.h" namespace Envoy { namespace Common { /** * Utility class for managing callbacks. */ template class CallbackManager { public: using Callback = std::function; /** * Add a callback. * @param callback supplies the callback to add. * @return CallbackHandle* a handle that can be used to remove the callback. */ CallbackHandle* add(Callback callback) { callbacks_.emplace_back(*this, callback); // get the list iterator of added callback handle, which will be used to remove itself from // callbacks_ list. callbacks_.back().it_ = (--callbacks_.end()); return &callbacks_.back(); } /** * Run all registered callbacks. * NOTE: This code is currently safe if a callback deletes ITSELF from within a callback. It is * not safe if a callback deletes other callbacks. If that is required the code will need * to change (specifically, it will crash if the next callback in the list is deleted). * @param args supplies the callback arguments. */ void runCallbacks(CallbackArgs... args) { for (auto it = callbacks_.cbegin(); it != callbacks_.cend();) { auto current = it++; current->cb_(args...); } } private: struct CallbackHolder : public CallbackHandle { CallbackHolder(CallbackManager& parent, Callback cb) : parent_(parent), cb_(cb) {} // CallbackHandle void remove() override { parent_.remove(it_); } CallbackManager& parent_; Callback cb_; // the iterator of this callback holder inside callbacks_ list // upon removal, use this iterator to delete callback holder in O(1) typename std::list::iterator it_; }; /** * Remove a member update callback added via add(). * @param handle supplies the callback handle to remove. */ void remove(typename std::list::iterator& it) { callbacks_.erase(it); } std::list callbacks_; }; } // namespace Common } // namespace Envoy ================================================ FILE: source/common/common/cleanup.h ================================================ #pragma once #include #include #include "common/common/assert.h" namespace Envoy { // RAII cleanup via functor. class Cleanup { public: Cleanup(std::function f) : f_(std::move(f)), cancelled_(false) {} ~Cleanup() { f_(); } void cancel() { cancelled_ = true; f_ = []() {}; } bool cancelled() { return cancelled_; } private: std::function f_; bool cancelled_; }; // RAII helper class to add an element to an std::list on construction and erase // it on destruction, unless the cancel method has been called. template class RaiiListElement { public: RaiiListElement(std::list& container, T element) : container_(container), cancelled_(false) { it_ = container.emplace(container.begin(), element); } virtual ~RaiiListElement() { if (!cancelled_) { erase(); } } // Cancel deletion of the element on destruction. This should be called if the iterator has // been invalidated, e.g., if the list has been cleared or the element removed some other way. void cancel() { cancelled_ = true; } // Delete the element now, instead of at destruction. void erase() { ASSERT(!cancelled_); container_.erase(it_); cancelled_ = true; } private: std::list& container_; typename std::list::iterator it_; bool cancelled_; }; } // namespace Envoy ================================================ FILE: source/common/common/compiler_requirements.h ================================================ #pragma once namespace Envoy { #if __cplusplus < 201402L #error "Your compiler does not support C++14. GCC 5+, Clang, or MSVC 2017+ is required." #endif // See: // https://gcc.gnu.org/onlinedocs/libstdc++/manual/using_dual_abi.html // https://bugzilla.redhat.com/show_bug.cgi?id=1546704 #if defined(_GLIBCXX_USE_CXX11_ABI) && _GLIBCXX_USE_CXX11_ABI != 1 && \ !defined(ENVOY_IGNORE_GLIBCXX_USE_CXX11_ABI_ERROR) #error "Your toolchain has set _GLIBCXX_USE_CXX11_ABI to a value that uses a std::string " \ "implementation that is not thread-safe. This may cause rare and difficult-to-debug errors " \ "if std::string is passed between threads in any way. If you accept this risk, you may define " \ "ENVOY_IGNORE_GLIBCXX_USE_CXX11_ABI_ERROR=1 in your build." #endif } // namespace Envoy ================================================ FILE: source/common/common/debug_recursion_checker.h ================================================ #pragma once #include "common/common/assert.h" namespace Envoy { namespace Common { /** * A helper class to assert that a call is not recursive. */ class DebugRecursionChecker { public: void enter() { ASSERT(!entered_, "A resource should only be entered once"); #if !defined(NDEBUG) entered_ = true; #endif // !defined(NDEBUG) } void exit() { #if !defined(NDEBUG) entered_ = false; #endif // !defined(NDEBUG) } private: bool entered_ = false; }; class AutoDebugRecursionChecker { public: explicit AutoDebugRecursionChecker(DebugRecursionChecker& checker) : checker_(checker) { checker.enter(); } ~AutoDebugRecursionChecker() { checker_.exit(); } private: DebugRecursionChecker& checker_; }; } // namespace Common } // namespace Envoy ================================================ FILE: source/common/common/documentation_url.h ================================================ namespace Envoy { // TODO(ggreenway): replace 'latest' with the current version, pulled from the VERSION file at // the root of the repo. #define ENVOY_DOC_URL_ROOT "https://www.envoyproxy.io/docs/envoy/latest" #define ENVOY_DOC_URL_VERSION_HISTORY ENVOY_DOC_URL_ROOT "/version_history/version_history" #define ENVOY_DOC_URL_RUNTIME_OVERRIDE_DEPRECATED \ ENVOY_DOC_URL_ROOT \ "/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features" } // namespace Envoy ================================================ FILE: source/common/common/dump_state_utils.h ================================================ #pragma once #include namespace Envoy { // A collection of macros for pretty printing objects on fatal error. // These are fairly ugly in an attempt to maximize the conditions where fatal error logging occurs, // i.e. under the Envoy signal handler if encountering a crash due to OOM, where allocating more // memory would likely lead to the crash handler itself causing a subsequent OOM. #define DUMP_MEMBER(member) ", " #member ": " << (member) #define DUMP_OPTIONAL_MEMBER(member) \ ", " #member ": " << ((member).has_value() ? absl::StrCat((member).value()) : "null") // Macro assumes local member variables // os (ostream) // indent_level (int) #define DUMP_DETAILS(member) \ do { \ os << spaces << #member ": "; \ if ((member) != nullptr) { \ os << "\n"; \ (member)->dumpState(os, indent_level + 1); \ } else { \ os << spaces << "null\n"; \ } \ } while (false) // Macro assumes local member variables // os (ostream) // indent_level (int) #define DUMP_OPT_REF_DETAILS(member) \ do { \ os << spaces << #member ": "; \ if ((member).has_value()) { \ os << "\n"; \ (member)->get().dumpState(os, indent_level + 1); \ } else { \ os << spaces << "empty\n"; \ } \ } while (false) // Return the const char* equivalent of string(level*2, ' '), without dealing // with string creation overhead. Cap arbitrarily at 6 as we're (hopefully) // not going to have nested objects deeper than that. inline const char* spacesForLevel(int level) { switch (level) { case 0: return ""; case 1: return " "; case 2: return " "; case 3: return " "; case 4: return " "; case 5: return " "; default: return " "; } return ""; } } // namespace Envoy ================================================ FILE: source/common/common/empty_string.h ================================================ #pragma once #include namespace Envoy { static const std::string EMPTY_STRING; } // namespace Envoy ================================================ FILE: source/common/common/enum_to_int.h ================================================ #pragma once #include namespace Envoy { /** * Convert an int based enum to an int. */ template constexpr uint32_t enumToInt(T val) { return static_cast(val); } /** * Convert an int based enum to a signed int. */ template constexpr int32_t enumToSignedInt(T val) { return static_cast(val); } } // namespace Envoy ================================================ FILE: source/common/common/fancy_logger.cc ================================================ #include "common/common/fancy_logger.h" #include #include #include "common/common/logger.h" using spdlog::level::level_enum; namespace Envoy { /** * Implements a lock from BasicLockable, to avoid dependency problem of thread.h. */ class FancyBasicLockable : public Thread::BasicLockable { public: // BasicLockable void lock() ABSL_EXCLUSIVE_LOCK_FUNCTION() override { mutex_.Lock(); } bool tryLock() ABSL_EXCLUSIVE_TRYLOCK_FUNCTION(true) override { return mutex_.TryLock(); } void unlock() ABSL_UNLOCK_FUNCTION() override { mutex_.Unlock(); } private: absl::Mutex mutex_; }; SpdLoggerSharedPtr FancyContext::getFancyLogEntry(std::string key) ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { absl::ReaderMutexLock l(&fancy_log_lock_); auto it = fancy_log_map_->find(key); if (it != fancy_log_map_->end()) { return it->second; } return nullptr; } void FancyContext::initFancyLogger(std::string key, std::atomic& logger) ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { absl::WriterMutexLock l(&fancy_log_lock_); auto it = fancy_log_map_->find(key); spdlog::logger* target; if (it == fancy_log_map_->end()) { target = createLogger(key); } else { target = it->second.get(); } logger.store(target); } bool FancyContext::setFancyLogger(std::string key, level_enum log_level) ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { absl::ReaderMutexLock l(&fancy_log_lock_); auto it = fancy_log_map_->find(key); if (it != fancy_log_map_->end()) { it->second->set_level(log_level); return true; } return false; } void FancyContext::setDefaultFancyLevelFormat(spdlog::level::level_enum level, std::string format) ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { if (level == Logger::Context::getFancyDefaultLevel() && format == Logger::Context::getFancyLogFormat()) { return; } absl::ReaderMutexLock l(&fancy_log_lock_); for (const auto& it : *fancy_log_map_) { if (it.second->level() == Logger::Context::getFancyDefaultLevel()) { // if logger is default level now it.second->set_level(level); } it.second->set_pattern(format); } } std::string FancyContext::listFancyLoggers() ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { std::string info = ""; absl::ReaderMutexLock l(&fancy_log_lock_); for (const auto& it : *fancy_log_map_) { info += fmt::format(" {}: {}\n", it.first, static_cast(it.second->level())); } return info; } void FancyContext::setAllFancyLoggers(spdlog::level::level_enum level) ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { absl::ReaderMutexLock l(&fancy_log_lock_); for (const auto& it : *fancy_log_map_) { it.second->set_level(level); } } FancyLogLevelMap FancyContext::getAllFancyLogLevelsForTest() ABSL_LOCKS_EXCLUDED(fancy_log_lock_) { FancyLogLevelMap log_levels; absl::ReaderMutexLock l(&fancy_log_lock_); for (const auto& it : *fancy_log_map_) { log_levels[it.first] = it.second->level(); } return log_levels; } void FancyContext::initSink() { spdlog::sink_ptr sink = Logger::Registry::getSink(); Logger::DelegatingLogSinkSharedPtr sp = std::static_pointer_cast(sink); if (!sp->hasLock()) { static FancyBasicLockable tlock; sp->setLock(tlock); sp->setShouldEscape(false); } } spdlog::logger* FancyContext::createLogger(std::string key, int level) ABSL_EXCLUSIVE_LOCKS_REQUIRED(fancy_log_lock_) { SpdLoggerSharedPtr new_logger = std::make_shared(key, Logger::Registry::getSink()); if (!Logger::Registry::getSink()->hasLock()) { // occurs in benchmark test initSink(); } level_enum lv = Logger::Context::getFancyDefaultLevel(); if (level > -1) { lv = static_cast(level); } new_logger->set_level(lv); new_logger->set_pattern(Logger::Context::getFancyLogFormat()); new_logger->flush_on(level_enum::critical); fancy_log_map_->insert(std::make_pair(key, new_logger)); return new_logger.get(); } FancyContext& getFancyContext() { MUTABLE_CONSTRUCT_ON_FIRST_USE(FancyContext); } } // namespace Envoy ================================================ FILE: source/common/common/fancy_logger.h ================================================ #pragma once #include #include "common/common/macros.h" #include "absl/container/flat_hash_map.h" #include "absl/synchronization/mutex.h" #include "spdlog/spdlog.h" namespace Envoy { using SpdLoggerSharedPtr = std::shared_ptr; using FancyMap = absl::flat_hash_map; using FancyMapPtr = std::shared_ptr; using FancyLogLevelMap = absl::flat_hash_map; /** * Stores the lock and functions used by Fancy Logger's macro so that we don't need to declare * them globally. Functions are provided to initialize a logger, set log level, flush a logger. */ class FancyContext { public: /** * Gets a logger from map given a key (e.g. file name). */ SpdLoggerSharedPtr getFancyLogEntry(std::string key) ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Initializes Fancy Logger and register it in global map if not done. */ void initFancyLogger(std::string key, std::atomic& logger) ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Sets log level. If not found, return false. */ bool setFancyLogger(std::string key, spdlog::level::level_enum log_level) ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Sets the default logger level and format when updating context. It should only be used in * Context, otherwise the fancy_default_level will possibly be inconsistent with the actual * logger level. */ void setDefaultFancyLevelFormat(spdlog::level::level_enum level, std::string format) ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Lists keys and levels of all loggers in a string for admin page usage. */ std::string listFancyLoggers() ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Sets the levels of all loggers. */ void setAllFancyLoggers(spdlog::level::level_enum level) ABSL_LOCKS_EXCLUDED(fancy_log_lock_); /** * Obtain a map from logger key to log level. Useful for testing, e.g. in macros such as * EXPECT_LOG_CONTAINS_ALL_OF_HELPER. */ FancyLogLevelMap getAllFancyLogLevelsForTest() ABSL_LOCKS_EXCLUDED(fancy_log_lock_); private: /** * Initializes sink for the initialization of loggers, needed only in benchmark test. */ void initSink(); /** * Creates a logger given key and log level, and add it to map. * Key is the log component name, e.g. file name now. */ spdlog::logger* createLogger(std::string key, int level = -1) ABSL_EXCLUSIVE_LOCKS_REQUIRED(fancy_log_lock_); /** * Lock for the following map (not for the corresponding loggers). */ absl::Mutex fancy_log_lock_; /** * Map that stores pairs, key can be the file name. */ FancyMapPtr fancy_log_map_ ABSL_GUARDED_BY(fancy_log_lock_) = std::make_shared(); }; FancyContext& getFancyContext(); #define FANCY_KEY std::string(__FILE__) /** * Macro for fancy logger. * Uses a global map to store logger and take use of thread-safe spdlog::logger. * The local pointer is used to avoid another load() when logging. Here we use * spdlog::logger* as atomic is a C++20 feature. */ #define FANCY_LOG(LEVEL, ...) \ do { \ static std::atomic flogger{0}; \ spdlog::logger* local_flogger = flogger.load(std::memory_order_relaxed); \ if (!local_flogger) { \ ::Envoy::getFancyContext().initFancyLogger(FANCY_KEY, flogger); \ local_flogger = flogger.load(std::memory_order_relaxed); \ } \ if (ENVOY_LOG_COMP_LEVEL(*local_flogger, LEVEL)) { \ local_flogger->log(spdlog::source_loc{__FILE__, __LINE__, __func__}, \ ENVOY_SPDLOG_LEVEL(LEVEL), __VA_ARGS__); \ } \ } while (0) /** * Convenient macro for connection log. */ #define FANCY_CONN_LOG(LEVEL, FORMAT, CONNECTION, ...) \ FANCY_LOG(LEVEL, "[C{}] " FORMAT, (CONNECTION).id(), ##__VA_ARGS__) /** * Convenient macro for stream log. */ #define FANCY_STREAM_LOG(LEVEL, FORMAT, STREAM, ...) \ FANCY_LOG(LEVEL, "[C{}][S{}] " FORMAT, (STREAM).connection() ? (STREAM).connection()->id() : 0, \ (STREAM).streamId(), ##__VA_ARGS__) /** * Convenient macro for log flush. */ #define FANCY_FLUSH_LOG() \ do { \ SpdLoggerSharedPtr p = ::Envoy::getFancyContext().getFancyLogEntry(FANCY_KEY); \ if (p) { \ p->flush(); \ } \ } while (0) } // namespace Envoy ================================================ FILE: source/common/common/fmt.h ================================================ #pragma once #include "envoy/common/platform.h" // Avert format.h including windows.h #include "absl/strings/string_view.h" #include "fmt/format.h" #include "fmt/ostream.h" // NOLINT(namespace-envoy) namespace fmt { // Provide an implementation of formatter for fmt::format that allows absl::string_view to be // formatted with the same format specifiers available to std::string. // TODO(zuercher): Once absl::string_view is replaced with the std type, this can be removed // as fmtlib handles string_view natively. // NOLINTNEXTLINE(readability-identifier-naming) template <> struct formatter : formatter { auto format(absl::string_view absl_string_view, fmt::format_context& ctx) -> decltype(ctx.out()) { string_view fmt_string_view(absl_string_view.data(), absl_string_view.size()); return formatter::format(fmt_string_view, ctx); } }; } // namespace fmt ================================================ FILE: source/common/common/hash.cc ================================================ #include "common/common/hash.h" #include "absl/strings/string_view.h" namespace Envoy { // Computes a 64-bit murmur hash 2, only works with 64-bit platforms. Revisit if support for 32-bit // platforms are needed. // from // (https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=libstdc%2b%2b-v3/libsupc%2b%2b/hash_bytes.cc) uint64_t MurmurHash::murmurHash2(absl::string_view key, uint64_t seed) { static const uint64_t mul = 0xc6a4a7935bd1e995UL; const char* const buf = static_cast(key.data()); uint64_t len = key.size(); // Remove the bytes not divisible by the sizeof(uint64_t). This // allows the main loop to process the data as 64-bit integers. const int len_aligned = len & ~0x7; const char* const end = buf + len_aligned; uint64_t hash = seed ^ (len * mul); for (const char* p = buf; p != end; p += 8) { const uint64_t data = shiftMix(unalignedLoad(p) * mul) * mul; hash ^= data; hash *= mul; } if ((len & 0x7) != 0) { const uint64_t data = loadBytes(end, len & 0x7); hash ^= data; hash *= mul; } hash = shiftMix(hash) * mul; hash = shiftMix(hash); return hash; } } // namespace Envoy ================================================ FILE: source/common/common/hash.h ================================================ #pragma once #include #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" #include "absl/strings/ascii.h" #include "absl/strings/string_view.h" #include "xxhash.h" namespace Envoy { class HashUtil { public: /** * Return 64-bit hash from the xxHash algorithm. * @param input supplies the string view to hash. * @param seed supplies the hash seed which defaults to 0. * See https://github.com/Cyan4973/xxHash for details. */ static uint64_t xxHash64(absl::string_view input, uint64_t seed = 0) { return XXH64(input.data(), input.size(), seed); } /** * TODO(gsagula): extend xxHash to handle case-insensitive. * * Return 64-bit hash representation of string ignoring case. * See djb2 (http://www.cse.yorku.ca/~oz/hash.html) for more details. * @param input supplies the string view. * @return 64-bit hash representation of the supplied string view. */ static uint64_t djb2CaseInsensitiveHash(absl::string_view input) { uint64_t hash = 5381; for (unsigned char c : input) { hash += ((hash << 5) + hash) + absl::ascii_tolower(c); }; return hash; } }; /** * From * (https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=libstdc%2b%2b-v3/libsupc%2b%2b/hash_bytes.cc). * Which is based on (https://sites.google.com/site/murmurhash/). */ class MurmurHash { public: static const uint64_t STD_HASH_SEED = 0xc70f6907UL; /** * Return 64-bit hash from murmur hash2 as is implemented in std::hash. * @param key supplies the string view * @param seed the seed to use for the hash * @return 64-bit hash representation of the supplied string view */ static uint64_t murmurHash2(absl::string_view key, uint64_t seed = STD_HASH_SEED); private: static inline uint64_t unalignedLoad(const char* p) { uint64_t result; memcpy(&result, p, sizeof(result)); return result; } // Loads n bytes, where 1 <= n < 8. static inline uint64_t loadBytes(const char* p, int n) { uint64_t result = 0; --n; do { result = (result << 8) + static_cast(p[n]); } while (--n >= 0); return result; } static inline uint64_t shiftMix(uint64_t v) { return v ^ (v >> 47); } }; using SharedString = std::shared_ptr; struct HeterogeneousStringHash { // Specifying is_transparent indicates to the library infrastructure that // type-conversions should not be applied when calling find(), but instead // pass the actual types of the contained and searched-for objects directly to // these functors. See // https://en.cppreference.com/w/cpp/utility/functional/less_void for an // official reference, and https://abseil.io/tips/144 for a description of // using it in the context of absl. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(absl::string_view a) const { return HashUtil::xxHash64(a); } size_t operator()(const SharedString& a) const { return HashUtil::xxHash64(*a); } }; struct HeterogeneousStringEqual { // See description for HeterogeneousStringHash::is_transparent. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(absl::string_view a, absl::string_view b) const { return a == b; } size_t operator()(const SharedString& a, const SharedString& b) const { return *a == *b; } size_t operator()(absl::string_view a, const SharedString& b) const { return a == *b; } size_t operator()(const SharedString& a, absl::string_view b) const { return *a == b; } }; // We use heterogeneous hash/equal functors to do a find() without constructing // a shared_string, which would entail making a full copy of the stat name. using SharedStringSet = absl::flat_hash_set; // A special heterogeneous comparator is not needed for maps of strings; absl // hashes allow for looking up a string-container with a string-view by default. template using StringMap = absl::flat_hash_map; } // namespace Envoy ================================================ FILE: source/common/common/hex.cc ================================================ #include "common/common/hex.h" #include #include #include #include #include "envoy/common/exception.h" #include "common/common/fmt.h" #include "common/common/utility.h" namespace Envoy { std::string Hex::encode(const uint8_t* data, size_t length) { static const char* const digits = "0123456789abcdef"; std::string ret; ret.reserve(length * 2); for (size_t i = 0; i < length; i++) { uint8_t d = data[i]; ret.push_back(digits[d >> 4]); ret.push_back(digits[d & 0xf]); } return ret; } std::vector Hex::decode(const std::string& hex_string) { if (hex_string.empty() || hex_string.size() % 2 != 0) { return {}; } std::vector segment; for (size_t i = 0; i < hex_string.size(); i += 2) { std::string hex_byte = hex_string.substr(i, 2); uint64_t out; if (!StringUtil::atoull(hex_byte.c_str(), out, 16)) { return {}; } segment.push_back(out); } return segment; } std::string Hex::uint64ToHex(uint64_t value) { std::array data; // This is explicitly done for performance reasons data[7] = (value & 0x00000000000000FF); data[6] = (value & 0x000000000000FF00) >> 8; data[5] = (value & 0x0000000000FF0000) >> 16; data[4] = (value & 0x00000000FF000000) >> 24; data[3] = (value & 0x000000FF00000000) >> 32; data[2] = (value & 0x0000FF0000000000) >> 40; data[1] = (value & 0x00FF000000000000) >> 48; data[0] = (value & 0xFF00000000000000) >> 56; return encode(data.data(), data.size()); } std::string Hex::uint32ToHex(uint32_t value) { std::array data; // This is explicitly done for performance reasons // using std::stringstream with std::hex is ~3 orders of magnitude slower data[3] = (value & 0x000000FF); data[2] = (value & 0x0000FF00) >> 8; data[1] = (value & 0x00FF0000) >> 16; data[0] = (value & 0xFF000000) >> 24; return encode(data.data(), data.size()); } std::string Hex::uint16ToHex(uint16_t value) { std::array data; // This is explicitly done for performance reasons // using std::stringstream with std::hex is ~3 orders of magnitude slower. data[1] = (value & 0x00FF); data[0] = (value & 0xFF00) >> 8; return encode(data.data(), data.size()); } } // namespace Envoy ================================================ FILE: source/common/common/hex.h ================================================ #pragma once #include #include namespace Envoy { /** * Hex encoder/decoder. Produces lowercase hex digits. Can consume either lowercase or uppercase * digits. */ class Hex final { public: /** * Generates a hex dump of the given data * @param data the binary data to convert * @return the hex encoded string representing data */ static std::string encode(const std::vector& data) { return encode(data.data(), data.size()); } /** * Generates a hex dump of the given data * @param data the binary data to convert * @param length the length of the data * @return the hex encoded string representing data */ static std::string encode(const uint8_t* data, size_t length); /** * Converts a hex dump to binary data * @param input the hex dump to decode * @return binary data or empty vector in case of invalid input */ static std::vector decode(const std::string& input); /** * Converts the given 64-bit unsigned integer into a hexadecimal string. * The result is always a string of 16 characters left padded with zeroes. * @param value The unsigned integer to be converted. * @return value as hexadecimal string */ static std::string uint64ToHex(uint64_t value); /** * Converts the given 32-bit unsigned integer into a hexadecimal string. * The result is always a string of 8 characters left padded with zeroes. * @param value The unsigned integer to be converted. * @return value as hexadecimal string */ static std::string uint32ToHex(uint32_t value); /** * Converts the given 16-bit unsigned integer into a hexadecimal string. * The result is always a string of 4 characters left padded with zeroes. * @param value The unsigned integer to be converted. * @return value as hexadecimal string */ static std::string uint16ToHex(uint16_t value); }; } // namespace Envoy ================================================ FILE: source/common/common/linked_object.h ================================================ #pragma once #include #include #include "common/common/assert.h" namespace Envoy { /** * Helper methods for placing LinkedObject into a list. */ namespace LinkedList { /** * Move an item into a linked list at the front. * @param item supplies the item to move in. * @param list supplies the list to move the item into. */ template void moveIntoList(std::unique_ptr&& item, std::list>& list) { ASSERT(!item->inserted_); item->inserted_ = true; auto position = list.emplace(list.begin(), std::move(item)); (*position)->entry_ = position; } /** * Move an item into a linked list at the back. * @param item supplies the item to move in. * @param list supplies the list to move the item into. */ template void moveIntoListBack(std::unique_ptr&& item, std::list>& list) { ASSERT(!item->inserted_); item->inserted_ = true; auto position = list.emplace(list.end(), std::move(item)); (*position)->entry_ = position; } } // namespace LinkedList /** * Mixin class that allows an object contained in a unique pointer to be easily linked and unlinked * from lists. */ template class LinkedObject { public: using ListType = std::list>; /** * @return the list iterator for the object. */ typename ListType::iterator entry() { ASSERT(inserted_); return entry_; } /** * @return whether the object is currently inserted into a list. */ bool inserted() { return inserted_; } /** * Move a linked item from src list to dst list. * @param src supplies the list that the item is currently in. * @param dst supplies the destination list for the item. */ void moveBetweenLists(ListType& src, ListType& dst) { ASSERT(inserted_); ASSERT(std::find(src.begin(), src.end(), *entry_) != src.end()); dst.splice(dst.begin(), src, entry_); } /** * Remove this item from a list. * @param list supplies the list to remove from. This item should be in this list. */ std::unique_ptr removeFromList(ListType& list) { ASSERT(inserted_); ASSERT(std::find(list.begin(), list.end(), *entry_) != list.end()); std::unique_ptr removed = std::move(*entry_); list.erase(entry_); inserted_ = false; return removed; } protected: LinkedObject() = default; private: template friend void LinkedList::moveIntoList(std::unique_ptr&&, std::list>&); template friend void LinkedList::moveIntoListBack(std::unique_ptr&&, std::list>&); typename ListType::iterator entry_; bool inserted_{false}; // iterators do not have any "invalid" value so we need this boolean for // sanity checking. }; } // namespace Envoy ================================================ FILE: source/common/common/lock_guard.h ================================================ #pragma once #include #include #include "envoy/thread/thread.h" namespace Envoy { namespace Thread { /** * A lock guard that deals with an optional lock. */ class ABSL_SCOPED_LOCKABLE OptionalLockGuard { public: /** * Establishes a scoped mutex-lock. If non-null, the mutex is locked upon construction. * * @param lock the mutex. */ OptionalLockGuard(BasicLockable* lock) ABSL_EXCLUSIVE_LOCK_FUNCTION(lock) : lock_(lock) { if (lock_ != nullptr) { lock_->lock(); } } /** * Destruction of the OptionalLockGuard unlocks the lock, if it is non-null. */ ~OptionalLockGuard() ABSL_UNLOCK_FUNCTION() { if (lock_ != nullptr) { lock_->unlock(); } } private: BasicLockable* const lock_; }; // At the moment, TryLockGuard is very hard to annotate correctly, I // believe due to limitations in clang. At the moment there are no // ABSL_GUARDED_BY variables for any tryLocks in the codebase, so it's // easiest just to leave it out. In a future clang release it's // possible we can enable this. See also the commented-out block // in ThreadTest.TestTryLockGuard in test/common/common/thread_test.cc. #define DISABLE_TRYLOCKGUARD_ANNOTATION(annotation) /** * Like LockGuard, but uses a tryLock() on construction rather than a lock(). This * class lacks thread annotations, as clang currently does appear to be able to handle * conditional thread annotations. So the ones we'd like are commented out. */ class ABSL_SCOPED_LOCKABLE TryLockGuard { public: /** * Establishes a scoped mutex-lock; the a mutex lock is attempted via tryLock, so * an expected outcome is that the lock may fail. isLocked() must be called to * determine whether he lock was actually acquired. * * @param lock the mutex. */ TryLockGuard(BasicLockable& lock) : lock_(lock) {} /** * Destruction of the TryLockGuard unlocks the lock, if it was locked. */ ~TryLockGuard() DISABLE_TRYLOCKGUARD_ANNOTATION(ABSL_UNLOCK_FUNCTION()) { if (is_locked_) { lock_.unlock(); } } /** * @return bool whether the lock was successfully acquired. */ bool tryLock() DISABLE_TRYLOCKGUARD_ANNOTATION(ABSL_EXCLUSIVE_TRYLOCK_FUNCTION(true)) { is_locked_ = lock_.tryLock(); return is_locked_; } private: BasicLockable& lock_; bool is_locked_{false}; }; /** * Implements a LockGuard that is identical to absl::ReleasableMutexLock, but takes a * BasicLockable& to allow usages to be agnostic to cross-process mutexes vs. single-process * mutexes. * * Note: this implementation holds the mutex for the lifetime of the LockGuard, simplifying * implementation (no conditionals) and readability at call-sites. In some cases, an early * release is needed, in which case, a ReleasableLockGuard can be used. */ class ABSL_SCOPED_LOCKABLE LockGuard { public: /** * Establishes a scoped mutex-lock; the mutex is locked upon construction. * * @param lock the mutex. */ explicit LockGuard(BasicLockable& lock) ABSL_EXCLUSIVE_LOCK_FUNCTION(lock) : lock_(lock) { lock_.lock(); } /** * Destruction of the LockGuard unlocks the lock. */ ~LockGuard() ABSL_UNLOCK_FUNCTION() { lock_.unlock(); } private: BasicLockable& lock_; }; /** * Implements a LockGuard that is identical to absl::ReleasableMutexLock, but takes a * BasicLockable& to allow usages to be agnostic to cross-process mutexes vs. single-process * mutexes. */ class ABSL_SCOPED_LOCKABLE ReleasableLockGuard { public: /** * Establishes a scoped mutex-lock; the mutex is locked upon construction. * * @param lock the mutex. */ explicit ReleasableLockGuard(BasicLockable& lock) ABSL_EXCLUSIVE_LOCK_FUNCTION(lock) : lock_(&lock) { lock_->lock(); } /** * Destruction of the LockGuard unlocks the lock, if it has not already been explicitly released. */ ~ReleasableLockGuard() ABSL_UNLOCK_FUNCTION() { release(); } /** * Unlocks the mutex. This enables call-sites to release the mutex prior to the Lock going out of * scope. This is called release() for consistency with absl::ReleasableMutexLock. */ void release() ABSL_UNLOCK_FUNCTION() { if (lock_ != nullptr) { lock_->unlock(); lock_ = nullptr; } } private: BasicLockable* lock_; // Set to nullptr on unlock, to prevent double-unlocking. }; } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/logger.cc ================================================ #include "common/common/logger.h" #include // use direct system-assert to avoid cyclic dependency. #include #include #include #include #include "common/common/lock_guard.h" #include "absl/strings/ascii.h" #include "absl/strings/escaping.h" #include "absl/strings/str_replace.h" #include "absl/strings/strip.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Logger { StandardLogger::StandardLogger(const std::string& name) : Logger(std::make_shared(name, Registry::getSink())) {} SinkDelegate::SinkDelegate(DelegatingLogSinkSharedPtr log_sink) : log_sink_(log_sink) {} SinkDelegate::~SinkDelegate() { // The previous delegate should have never been set or should have been reset by now via // restoreDelegate(); assert(previous_delegate_ == nullptr); } void SinkDelegate::setDelegate() { // There should be no previous delegate before this call. assert(previous_delegate_ == nullptr); previous_delegate_ = log_sink_->delegate(); log_sink_->setDelegate(this); } void SinkDelegate::restoreDelegate() { // Ensures stacked allocation of delegates. assert(log_sink_->delegate() == this); log_sink_->setDelegate(previous_delegate_); previous_delegate_ = nullptr; } StderrSinkDelegate::StderrSinkDelegate(DelegatingLogSinkSharedPtr log_sink) : SinkDelegate(log_sink) { setDelegate(); } StderrSinkDelegate::~StderrSinkDelegate() { restoreDelegate(); } void StderrSinkDelegate::log(absl::string_view msg) { Thread::OptionalLockGuard guard(lock_); std::cerr << msg; } void StderrSinkDelegate::flush() { Thread::OptionalLockGuard guard(lock_); std::cerr << std::flush; } void DelegatingLogSink::set_formatter(std::unique_ptr formatter) { absl::MutexLock lock(&format_mutex_); formatter_ = std::move(formatter); } void DelegatingLogSink::log(const spdlog::details::log_msg& msg) { absl::ReleasableMutexLock lock(&format_mutex_); absl::string_view msg_view = absl::string_view(msg.payload.data(), msg.payload.size()); // This memory buffer must exist in the scope of the entire function, // otherwise the string_view will refer to memory that is already free. spdlog::memory_buf_t formatted; if (formatter_) { formatter_->format(msg, formatted); msg_view = absl::string_view(formatted.data(), formatted.size()); } lock.Release(); // Hold the sink mutex while performing the actual logging. This prevents the sink from being // swapped during an individual log event. // TODO(mattklein123): In production this lock will never be contended. In practice, thread // protection is really only needed in tests. It would be nice to figure out a test-only // mechanism for this that does not require extra locking that we don't explicitly need in the // prod code. absl::ReaderMutexLock sink_lock(&sink_mutex_); if (should_escape_) { sink_->log(escapeLogLine(msg_view)); } else { sink_->log(msg_view); } } std::string DelegatingLogSink::escapeLogLine(absl::string_view msg_view) { // Split the actual message from the trailing whitespace. auto eol_it = std::find_if_not(msg_view.rbegin(), msg_view.rend(), absl::ascii_isspace); absl::string_view msg_leading = msg_view.substr(0, msg_view.rend() - eol_it); absl::string_view msg_trailing_whitespace = msg_view.substr(msg_view.rend() - eol_it, eol_it - msg_view.rbegin()); // Escape the message, but keep the whitespace unescaped. return absl::StrCat(absl::CEscape(msg_leading), msg_trailing_whitespace); } DelegatingLogSinkSharedPtr DelegatingLogSink::init() { DelegatingLogSinkSharedPtr delegating_sink(new DelegatingLogSink); delegating_sink->stderr_sink_ = std::make_unique(delegating_sink); return delegating_sink; } static Context* current_context = nullptr; Context::Context(spdlog::level::level_enum log_level, const std::string& log_format, Thread::BasicLockable& lock, bool should_escape, bool enable_fine_grain_logging) : log_level_(log_level), log_format_(log_format), lock_(lock), should_escape_(should_escape), enable_fine_grain_logging_(enable_fine_grain_logging), save_context_(current_context) { current_context = this; activate(); } Context::~Context() { current_context = save_context_; if (current_context != nullptr) { current_context->activate(); } else { Registry::getSink()->clearLock(); } } void Context::activate() { Registry::getSink()->setLock(lock_); Registry::getSink()->setShouldEscape(should_escape_); Registry::setLogLevel(log_level_); Registry::setLogFormat(log_format_); // sets level and format for Fancy Logger fancy_default_level_ = log_level_; fancy_log_format_ = log_format_; if (enable_fine_grain_logging_) { // loggers with default level before are set to log_level_ as new default getFancyContext().setDefaultFancyLevelFormat(log_level_, log_format_); if (log_format_ == Logger::Logger::DEFAULT_LOG_FORMAT) { fancy_log_format_ = absl::StrReplaceAll(log_format_, {{"[%n]", ""}}); } } } bool Context::useFancyLogger() { if (current_context) { return current_context->enable_fine_grain_logging_; } return false; } void Context::enableFancyLogger() { current_context->enable_fine_grain_logging_ = true; if (current_context) { getFancyContext().setDefaultFancyLevelFormat(current_context->log_level_, current_context->log_format_); current_context->fancy_default_level_ = current_context->log_level_; current_context->fancy_log_format_ = current_context->log_format_; if (current_context->log_format_ == Logger::Logger::DEFAULT_LOG_FORMAT) { current_context->fancy_log_format_ = absl::StrReplaceAll(current_context->log_format_, {{"[%n]", ""}}); } } } void Context::disableFancyLogger() { if (current_context) { current_context->enable_fine_grain_logging_ = false; } } std::string Context::getFancyLogFormat() { if (!current_context) { // Context is not instantiated in benchmark test return "[%Y-%m-%d %T.%e][%t][%l] %v"; } return current_context->fancy_log_format_; } spdlog::level::level_enum Context::getFancyDefaultLevel() { if (!current_context) { return spdlog::level::info; } return current_context->fancy_default_level_; } std::vector& Registry::allLoggers() { static std::vector* all_loggers = new std::vector({ALL_LOGGER_IDS(GENERATE_LOGGER)}); return *all_loggers; } spdlog::logger& Registry::getLog(Id id) { return *allLoggers()[static_cast(id)].logger_; } void Registry::setLogLevel(spdlog::level::level_enum log_level) { for (Logger& logger : allLoggers()) { logger.logger_->set_level(static_cast(log_level)); } } void Registry::setLogFormat(const std::string& log_format) { for (Logger& logger : allLoggers()) { logger.logger_->set_pattern(log_format); } } Logger* Registry::logger(const std::string& log_name) { Logger* logger_to_return = nullptr; for (Logger& logger : loggers()) { if (logger.name() == log_name) { logger_to_return = &logger; break; } } return logger_to_return; } } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/logger.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/thread/thread.h" #include "common/common/base_logger.h" #include "common/common/fancy_logger.h" #include "common/common/fmt.h" #include "common/common/logger_impl.h" #include "common/common/macros.h" #include "common/common/non_copyable.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" #include "absl/synchronization/mutex.h" #include "fmt/ostream.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Logger { // TODO: find out a way for extensions to register new logger IDs #define ALL_LOGGER_IDS(FUNCTION) \ FUNCTION(admin) \ FUNCTION(aws) \ FUNCTION(assert) \ FUNCTION(backtrace) \ FUNCTION(cache_filter) \ FUNCTION(client) \ FUNCTION(config) \ FUNCTION(connection) \ FUNCTION(conn_handler) \ FUNCTION(decompression) \ FUNCTION(dubbo) \ FUNCTION(envoy_bug) \ FUNCTION(ext_authz) \ FUNCTION(rocketmq) \ FUNCTION(file) \ FUNCTION(filter) \ FUNCTION(forward_proxy) \ FUNCTION(grpc) \ FUNCTION(hc) \ FUNCTION(health_checker) \ FUNCTION(http) \ FUNCTION(http2) \ FUNCTION(hystrix) \ FUNCTION(init) \ FUNCTION(io) \ FUNCTION(jwt) \ FUNCTION(kafka) \ FUNCTION(lua) \ FUNCTION(main) \ FUNCTION(misc) \ FUNCTION(mongo) \ FUNCTION(quic) \ FUNCTION(quic_stream) \ FUNCTION(pool) \ FUNCTION(rbac) \ FUNCTION(redis) \ FUNCTION(router) \ FUNCTION(runtime) \ FUNCTION(stats) \ FUNCTION(secret) \ FUNCTION(tap) \ FUNCTION(testing) \ FUNCTION(thrift) \ FUNCTION(tracing) \ FUNCTION(upstream) \ FUNCTION(udp) \ FUNCTION(wasm) // clang-format off enum class Id { ALL_LOGGER_IDS(GENERATE_ENUM) }; // clang-format on /** * Logger that uses the DelegatingLogSink. */ class StandardLogger : public Logger { private: StandardLogger(const std::string& name); friend class Registry; }; class DelegatingLogSink; using DelegatingLogSinkSharedPtr = std::shared_ptr; /** * Captures a logging sink that can be delegated to for a bounded amount of time. * On destruction, logging is reverted to its previous state. SinkDelegates must * be allocated/freed as a stack. */ class SinkDelegate : NonCopyable { public: explicit SinkDelegate(DelegatingLogSinkSharedPtr log_sink); virtual ~SinkDelegate(); virtual void log(absl::string_view msg) PURE; virtual void flush() PURE; protected: // Swap the current log sink delegate for this one. This should be called by the derived class // constructor immediately before returning. This is required to match restoreDelegate(), // otherwise it's possible for the previous delegate to get set in the base class constructor, // the derived class constructor throws, and cleanup becomes broken. void setDelegate(); // Swap the current log sink (this) for the previous one. This should be called by the derived // class destructor in the body. This is critical as otherwise it's possible for a log message // to get routed to a partially destructed sink. void restoreDelegate(); SinkDelegate* previousDelegate() { return previous_delegate_; } private: SinkDelegate* previous_delegate_{nullptr}; DelegatingLogSinkSharedPtr log_sink_; }; /** * SinkDelegate that writes log messages to stderr. */ class StderrSinkDelegate : public SinkDelegate { public: explicit StderrSinkDelegate(DelegatingLogSinkSharedPtr log_sink); ~StderrSinkDelegate() override; // SinkDelegate void log(absl::string_view msg) override; void flush() override; bool hasLock() const { return lock_ != nullptr; } void setLock(Thread::BasicLockable& lock) { lock_ = &lock; } void clearLock() { lock_ = nullptr; } private: Thread::BasicLockable* lock_{}; }; /** * Stacks logging sinks, so you can temporarily override the logging mechanism, restoring * the previous state when the DelegatingSink is destructed. */ class DelegatingLogSink : public spdlog::sinks::sink { public: void setLock(Thread::BasicLockable& lock) { stderr_sink_->setLock(lock); } void clearLock() { stderr_sink_->clearLock(); } // spdlog::sinks::sink void log(const spdlog::details::log_msg& msg) override; void flush() override { absl::ReaderMutexLock lock(&sink_mutex_); sink_->flush(); } void set_pattern(const std::string& pattern) override { set_formatter(spdlog::details::make_unique(pattern)); } void set_formatter(std::unique_ptr formatter) override; void setShouldEscape(bool should_escape) { should_escape_ = should_escape; } /** * @return bool whether a lock has been established. */ bool hasLock() const { return stderr_sink_->hasLock(); } /** * Constructs a new DelegatingLogSink, sets up the default sink to stderr, * and returns a shared_ptr to it. * * A shared_ptr is required for sinks used * in spdlog::logger; it would not otherwise be required in Envoy. This method * must own the construction process because StderrSinkDelegate needs access to * the DelegatingLogSinkSharedPtr, not just the DelegatingLogSink*, and that is only * available after construction. */ static DelegatingLogSinkSharedPtr init(); /** * Give a log line with trailing whitespace, this will escape all c-style * escape sequences except for the trailing whitespace. * This allows logging escaped messages, but preserves end-of-line characters. * * @param source the log line with trailing whitespace * @return a string with all c-style escape sequences escaped, except trailing whitespace */ static std::string escapeLogLine(absl::string_view source); private: friend class SinkDelegate; DelegatingLogSink() = default; void setDelegate(SinkDelegate* sink) { absl::WriterMutexLock lock(&sink_mutex_); sink_ = sink; } SinkDelegate* delegate() { absl::ReaderMutexLock lock(&sink_mutex_); return sink_; } SinkDelegate* sink_ ABSL_GUARDED_BY(sink_mutex_){nullptr}; absl::Mutex sink_mutex_; std::unique_ptr stderr_sink_; // Builtin sink to use as a last resort. std::unique_ptr formatter_ ABSL_GUARDED_BY(format_mutex_); absl::Mutex format_mutex_; bool should_escape_{false}; }; enum class LoggerMode { Envoy, Fancy }; /** * Defines a scope for the logging system with the specified lock and log level. * This is equivalent to setLogLevel, setLogFormat, and setLock, which can be * called individually as well, e.g. to set the log level without changing the * lock or format. * * Contexts can be nested. When a nested context is destroyed, the previous * context is restored. When all contexts are destroyed, the lock is cleared, * and logging will remain unlocked, the same state it is in prior to * instantiating a Context. * * Settings for Fancy Logger, a file level logger without explicit implementation of * Envoy::Logger:Loggable, are integrated here, as they should be updated when * context switch occurs. */ class Context { public: Context(spdlog::level::level_enum log_level, const std::string& log_format, Thread::BasicLockable& lock, bool should_escape, bool enable_fine_grain_logging = false); ~Context(); /** * Same as before, with boolean returned to use in log macros. */ static bool useFancyLogger(); static void enableFancyLogger(); static void disableFancyLogger(); static std::string getFancyLogFormat(); static spdlog::level::level_enum getFancyDefaultLevel(); private: void activate(); const spdlog::level::level_enum log_level_; const std::string log_format_; Thread::BasicLockable& lock_; bool should_escape_; bool enable_fine_grain_logging_; Context* const save_context_; std::string fancy_log_format_ = "[%Y-%m-%d %T.%e][%t][%l][%n] %v"; spdlog::level::level_enum fancy_default_level_ = spdlog::level::info; }; /** * A registry of all named loggers in envoy. Usable for adjusting levels of each logger * individually. */ class Registry { public: /** * @param id supplies the fixed ID of the logger to create. * @return spdlog::logger& a logger with system specified sinks for a given ID. */ static spdlog::logger& getLog(Id id); /** * @return the singleton sink to use for all loggers. */ static DelegatingLogSinkSharedPtr getSink() { static DelegatingLogSinkSharedPtr sink = DelegatingLogSink::init(); return sink; } /** * Sets the minimum log severity required to print messages. * Messages below this loglevel will be suppressed. */ static void setLogLevel(spdlog::level::level_enum log_level); /** * Sets the log format. */ static void setLogFormat(const std::string& log_format); /** * @return std::vector& the installed loggers. */ static std::vector& loggers() { return allLoggers(); } /** * @Return bool whether the registry has been initialized. */ static bool initialized() { return getSink()->hasLock(); } static Logger* logger(const std::string& log_name); private: /* * @return std::vector& return the installed loggers. */ static std::vector& allLoggers(); }; /** * Mixin class that allows any class to perform logging with a logger of a particular ID. */ template class Loggable { protected: /** * Do not use this directly, use macros defined below. * @return spdlog::logger& the static log instance to use for class local logging. */ static spdlog::logger& __log_do_not_use_read_comment() { static spdlog::logger& instance = Registry::getLog(id); return instance; } }; } // namespace Logger /** * Base logging macros. It is expected that users will use the convenience macros below rather than * invoke these directly. */ #define ENVOY_SPDLOG_LEVEL(LEVEL) \ (static_cast(Envoy::Logger::Logger::LEVEL)) #define ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL) (ENVOY_SPDLOG_LEVEL(LEVEL) >= (LOGGER).level()) // Compare levels before invoking logger. This is an optimization to avoid // executing expressions computing log contents when they would be suppressed. // The same filtering will also occur in spdlog::logger. #define ENVOY_LOG_COMP_AND_LOG(LOGGER, LEVEL, ...) \ do { \ if (ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL)) { \ LOGGER.log(::spdlog::source_loc{__FILE__, __LINE__, __func__}, ENVOY_SPDLOG_LEVEL(LEVEL), \ __VA_ARGS__); \ } \ } while (0) #define ENVOY_LOG_CHECK_LEVEL(LEVEL) ENVOY_LOG_COMP_LEVEL(ENVOY_LOGGER(), LEVEL) /** * Convenience macro to log to a user-specified logger. When fancy logging is used, the specific * logger is ignored and instead the file-specific logger is used. */ #define ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, ...) \ do { \ if (Envoy::Logger::Context::useFancyLogger()) { \ FANCY_LOG(LEVEL, ##__VA_ARGS__); \ } else { \ ENVOY_LOG_COMP_AND_LOG(LOGGER, LEVEL, ##__VA_ARGS__); \ } \ } while (0) /** * Convenience macro to get logger. */ #define ENVOY_LOGGER() __log_do_not_use_read_comment() /** * Convenience macro to log to the misc logger, which allows for logging without of direct access to * a logger. */ #define GET_MISC_LOGGER() ::Envoy::Logger::Registry::getLog(::Envoy::Logger::Id::misc) #define ENVOY_LOG_MISC(LEVEL, ...) ENVOY_LOG_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, ##__VA_ARGS__) /** * Convenience macros for logging with connection ID. */ #define ENVOY_CONN_LOG_TO_LOGGER(LOGGER, LEVEL, FORMAT, CONNECTION, ...) \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, "[C{}] " FORMAT, (CONNECTION).id(), ##__VA_ARGS__) /** * Convenience macros for logging with a stream ID and a connection ID. */ #define ENVOY_STREAM_LOG_TO_LOGGER(LOGGER, LEVEL, FORMAT, STREAM, ...) \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, "[C{}][S{}] " FORMAT, \ (STREAM).connection() ? (STREAM).connection()->id() : 0, \ (STREAM).streamId(), ##__VA_ARGS__) // TODO(danielhochman): macros(s)/function(s) for logging structures that support iteration. /** * Command line options for log macros: use Fancy Logger or not. */ #define ENVOY_LOG(LEVEL, ...) ENVOY_LOG_TO_LOGGER(ENVOY_LOGGER(), LEVEL, ##__VA_ARGS__) #define ENVOY_LOG_FIRST_N_TO_LOGGER(LOGGER, LEVEL, N, ...) \ do { \ if (ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL)) { \ static auto* countdown = new std::atomic(); \ if (countdown->fetch_add(1) < N) { \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, ##__VA_ARGS__); \ } \ } \ } while (0) #define ENVOY_LOG_FIRST_N(LEVEL, N, ...) \ ENVOY_LOG_FIRST_N_TO_LOGGER(ENVOY_LOGGER(), LEVEL, N, ##__VA_ARGS__) #define ENVOY_LOG_FIRST_N_MISC(LEVEL, N, ...) \ ENVOY_LOG_FIRST_N_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, N, ##__VA_ARGS__) #define ENVOY_LOG_ONCE_TO_LOGGER(LOGGER, LEVEL, ...) \ ENVOY_LOG_FIRST_N_TO_LOGGER(LOGGER, LEVEL, 1, ##__VA_ARGS__) #define ENVOY_LOG_ONCE(LEVEL, ...) ENVOY_LOG_ONCE_TO_LOGGER(ENVOY_LOGGER(), LEVEL, ##__VA_ARGS__) #define ENVOY_LOG_ONCE_MISC(LEVEL, ...) \ ENVOY_LOG_ONCE_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, ##__VA_ARGS__) #define ENVOY_LOG_EVERY_NTH_TO_LOGGER(LOGGER, LEVEL, N, ...) \ do { \ if (ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL)) { \ static auto* count = new std::atomic(); \ if ((count->fetch_add(1) % N) == 0) { \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, ##__VA_ARGS__); \ } \ } \ } while (0) #define ENVOY_LOG_EVERY_NTH(LEVEL, N, ...) \ ENVOY_LOG_EVERY_NTH_TO_LOGGER(ENVOY_LOGGER(), LEVEL, N, ##__VA_ARGS__) #define ENVOY_LOG_EVERY_NTH_MISC(LEVEL, N, ...) \ ENVOY_LOG_EVERY_NTH_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, N, ##__VA_ARGS__) #define ENVOY_LOG_EVERY_POW_2_TO_LOGGER(LOGGER, LEVEL, ...) \ do { \ if (ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL)) { \ static auto* count = new std::atomic(); \ if (std::bitset<64>(1 /* for the first hit*/ + count->fetch_add(1)).count() == 1) { \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, ##__VA_ARGS__); \ } \ } \ } while (0) #define ENVOY_LOG_EVERY_POW_2(LEVEL, ...) \ ENVOY_LOG_EVERY_POW_2_TO_LOGGER(ENVOY_LOGGER(), LEVEL, ##__VA_ARGS__) #define ENVOY_LOG_EVERY_POW_2_MISC(LEVEL, ...) \ ENVOY_LOG_EVERY_POW_2_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, ##__VA_ARGS__) // This is to get us to pass the format check. We reference a real-world time source here. // We'd have to introduce a singleton for a time source here, and consensus was that avoiding // that is preferable. using t_logclock = std::chrono::steady_clock; // NOLINT #define ENVOY_LOG_PERIODIC_TO_LOGGER(LOGGER, LEVEL, CHRONO_DURATION, ...) \ do { \ if (ENVOY_LOG_COMP_LEVEL(LOGGER, LEVEL)) { \ static auto* last_hit = new std::atomic(); \ auto last = last_hit->load(); \ const auto now = t_logclock::now().time_since_epoch().count(); \ if ((now - last) > \ std::chrono::duration_cast(CHRONO_DURATION).count() && \ last_hit->compare_exchange_strong(last, now)) { \ ENVOY_LOG_TO_LOGGER(LOGGER, LEVEL, ##__VA_ARGS__); \ } \ } \ } while (0) #define ENVOY_LOG_PERIODIC(LEVEL, CHRONO_DURATION, ...) \ ENVOY_LOG_PERIODIC_TO_LOGGER(ENVOY_LOGGER(), LEVEL, CHRONO_DURATION, ##__VA_ARGS__) #define ENVOY_LOG_PERIODIC_MISC(LEVEL, CHRONO_DURATION, ...) \ ENVOY_LOG_PERIODIC_TO_LOGGER(GET_MISC_LOGGER(), LEVEL, CHRONO_DURATION, ##__VA_ARGS__) #define ENVOY_FLUSH_LOG() \ do { \ if (Envoy::Logger::Context::useFancyLogger()) { \ FANCY_FLUSH_LOG(); \ } else { \ ENVOY_LOGGER().flush(); \ } \ } while (0) #define ENVOY_CONN_LOG(LEVEL, FORMAT, CONNECTION, ...) \ do { \ if (Envoy::Logger::Context::useFancyLogger()) { \ FANCY_CONN_LOG(LEVEL, FORMAT, CONNECTION, ##__VA_ARGS__); \ } else { \ ENVOY_CONN_LOG_TO_LOGGER(ENVOY_LOGGER(), LEVEL, FORMAT, CONNECTION, ##__VA_ARGS__); \ } \ } while (0) #define ENVOY_STREAM_LOG(LEVEL, FORMAT, STREAM, ...) \ do { \ if (Envoy::Logger::Context::useFancyLogger()) { \ FANCY_STREAM_LOG(LEVEL, FORMAT, STREAM, ##__VA_ARGS__); \ } else { \ ENVOY_STREAM_LOG_TO_LOGGER(ENVOY_LOGGER(), LEVEL, FORMAT, STREAM, ##__VA_ARGS__); \ } \ } while (0) } // namespace Envoy ================================================ FILE: source/common/common/logger_delegates.cc ================================================ #include "common/common/logger_delegates.h" #include // use direct system-assert to avoid cyclic dependency. #include #include #include #include "spdlog/spdlog.h" namespace Envoy { namespace Logger { FileSinkDelegate::FileSinkDelegate(const std::string& log_path, AccessLog::AccessLogManager& log_manager, DelegatingLogSinkSharedPtr log_sink) : SinkDelegate(log_sink), log_file_(log_manager.createAccessLog(log_path)) { setDelegate(); } FileSinkDelegate::~FileSinkDelegate() { restoreDelegate(); } void FileSinkDelegate::log(absl::string_view msg) { // Log files have internal locking to ensure serial, non-interleaved // writes, so no additional locking needed here. log_file_->write(msg); } void FileSinkDelegate::flush() { // Log files have internal locking to ensure serial, non-interleaved // writes, so no additional locking needed here. log_file_->flush(); } } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/logger_delegates.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "common/common/logger.h" #include "common/common/macros.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Logger { /** * SinkDelegate that writes log messages to a file. */ class FileSinkDelegate : public SinkDelegate { public: FileSinkDelegate(const std::string& log_path, AccessLog::AccessLogManager& log_manager, DelegatingLogSinkSharedPtr log_sink); ~FileSinkDelegate() override; // SinkDelegate void log(absl::string_view msg) override; void flush() override; private: AccessLog::AccessLogFileSharedPtr log_file_; }; } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/macros.h ================================================ #pragma once namespace Envoy { /** * @return the size of a C array. */ #define ARRAY_SIZE(X) (sizeof(X) / sizeof(X[0])) /** * @return the length of a static string literal, e.g. STATIC_STRLEN("foo") == 3. */ #define STATIC_STRLEN(X) (sizeof(X) - 1) /** * Helper macros from enum to string macros. */ #define GENERATE_ENUM(X) X, #define GENERATE_STRING(X) #X, /** * Stop the compiler from complaining about an unreferenced parameter. */ #ifndef WIN32 #define UNREFERENCED_PARAMETER(X) ((void)(X)) #endif /** * Construct On First Use idiom. * See https://isocpp.org/wiki/faq/ctors#static-init-order-on-first-use. */ #define CONSTRUCT_ON_FIRST_USE(type, ...) \ do { \ static const type* objectptr = new type{__VA_ARGS__}; \ return *objectptr; \ } while (0) #define MUTABLE_CONSTRUCT_ON_FIRST_USE(type, ...) \ do { \ static type* objectptr = new type{__VA_ARGS__}; \ return *objectptr; \ } while (0) /** * Have a generic fall-through for different versions of C++ */ #if __cplusplus >= 201703L // C++17 and above #define FALLTHRU [[fallthrough]] #elif __cplusplus >= 201402L && __clang_major__ >= 5 // C++14 clang-5 #define FALLTHRU [[fallthrough]] #elif __cplusplus >= 201103L && __GNUC__ >= 7 // C++11 gcc 7 #define FALLTHRU [[gnu::fallthrough]] #else // C++11 on gcc 6, and all other cases #define FALLTHRU #endif #if (defined(__GNUC__) && !defined(__clang__)) #define GCC_COMPILER #endif } // namespace Envoy ================================================ FILE: source/common/common/matchers.cc ================================================ #include "common/common/matchers.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/matcher/v3/metadata.pb.h" #include "envoy/type/matcher/v3/number.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" #include "common/common/macros.h" #include "common/common/regex.h" #include "common/config/metadata.h" #include "common/http/path_utility.h" #include "absl/strings/match.h" namespace Envoy { namespace Matchers { ValueMatcherConstSharedPtr ValueMatcher::create(const envoy::type::matcher::v3::ValueMatcher& v) { switch (v.match_pattern_case()) { case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kNullMatch: return std::make_shared(); case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kDoubleMatch: return std::make_shared(v.double_match()); case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kStringMatch: return std::make_shared(v.string_match()); case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kBoolMatch: return std::make_shared(v.bool_match()); case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kPresentMatch: return std::make_shared(v.present_match()); case envoy::type::matcher::v3::ValueMatcher::MatchPatternCase::kListMatch: return std::make_shared(v.list_match()); default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool NullMatcher::match(const ProtobufWkt::Value& value) const { return value.kind_case() == ProtobufWkt::Value::kNullValue; } bool BoolMatcher::match(const ProtobufWkt::Value& value) const { return value.kind_case() == ProtobufWkt::Value::kBoolValue && matcher_ == value.bool_value(); } bool PresentMatcher::match(const ProtobufWkt::Value& value) const { return matcher_ && value.kind_case() != ProtobufWkt::Value::KIND_NOT_SET; } bool DoubleMatcher::match(const ProtobufWkt::Value& value) const { if (value.kind_case() != ProtobufWkt::Value::kNumberValue) { return false; } const double v = value.number_value(); switch (matcher_.match_pattern_case()) { case envoy::type::matcher::v3::DoubleMatcher::MatchPatternCase::kRange: return matcher_.range().start() <= v && v < matcher_.range().end(); case envoy::type::matcher::v3::DoubleMatcher::MatchPatternCase::kExact: return matcher_.exact() == v; default: NOT_REACHED_GCOVR_EXCL_LINE; }; } StringMatcherImpl::StringMatcherImpl(const envoy::type::matcher::v3::StringMatcher& matcher) : matcher_(matcher) { if (matcher.match_pattern_case() == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kHiddenEnvoyDeprecatedRegex) { if (matcher.ignore_case()) { throw EnvoyException("ignore_case has no effect for regex."); } regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher(matcher_.hidden_envoy_deprecated_regex()); } else if (matcher.match_pattern_case() == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSafeRegex) { if (matcher.ignore_case()) { throw EnvoyException("ignore_case has no effect for safe_regex."); } regex_ = Regex::Utility::parseRegex(matcher_.safe_regex()); } else if (matcher.match_pattern_case() == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kContains) { if (matcher_.ignore_case()) { // Cache the lowercase conversion of the Contains matcher for future use lowercase_contains_match_ = absl::AsciiStrToLower(matcher_.contains()); } } } bool StringMatcherImpl::match(const ProtobufWkt::Value& value) const { if (value.kind_case() != ProtobufWkt::Value::kStringValue) { return false; } return match(value.string_value()); } bool StringMatcherImpl::match(const absl::string_view value) const { switch (matcher_.match_pattern_case()) { case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kExact: return matcher_.ignore_case() ? absl::EqualsIgnoreCase(value, matcher_.exact()) : value == matcher_.exact(); case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kPrefix: return matcher_.ignore_case() ? absl::StartsWithIgnoreCase(value, matcher_.prefix()) : absl::StartsWith(value, matcher_.prefix()); case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSuffix: return matcher_.ignore_case() ? absl::EndsWithIgnoreCase(value, matcher_.suffix()) : absl::EndsWith(value, matcher_.suffix()); case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kContains: return matcher_.ignore_case() ? absl::StrContains(absl::AsciiStrToLower(value), lowercase_contains_match_) : absl::StrContains(value, matcher_.contains()); case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kHiddenEnvoyDeprecatedRegex: FALLTHRU; case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSafeRegex: return regex_->match(value); default: NOT_REACHED_GCOVR_EXCL_LINE; } } ListMatcher::ListMatcher(const envoy::type::matcher::v3::ListMatcher& matcher) : matcher_(matcher) { ASSERT(matcher_.match_pattern_case() == envoy::type::matcher::v3::ListMatcher::MatchPatternCase::kOneOf); oneof_value_matcher_ = ValueMatcher::create(matcher_.one_of()); } bool ListMatcher::match(const ProtobufWkt::Value& value) const { if (value.kind_case() != ProtobufWkt::Value::kListValue) { return false; } if (oneof_value_matcher_) { for (const auto& lv : value.list_value().values()) { if (oneof_value_matcher_->match(lv)) { return true; } } } return false; } MetadataMatcher::MetadataMatcher(const envoy::type::matcher::v3::MetadataMatcher& matcher) : matcher_(matcher) { for (const auto& seg : matcher.path()) { path_.push_back(seg.key()); } const auto& v = matcher_.value(); value_matcher_ = ValueMatcher::create(v); } PathMatcherConstSharedPtr PathMatcher::createExact(const std::string& exact, bool ignore_case) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact(exact); matcher.set_ignore_case(ignore_case); return std::make_shared(matcher); } PathMatcherConstSharedPtr PathMatcher::createPrefix(const std::string& prefix, bool ignore_case) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_prefix(prefix); matcher.set_ignore_case(ignore_case); return std::make_shared(matcher); } bool MetadataMatcher::match(const envoy::config::core::v3::Metadata& metadata) const { const auto& value = Envoy::Config::Metadata::metadataValue(&metadata, matcher_.filter(), path_); return value_matcher_ && value_matcher_->match(value); } bool PathMatcher::match(const absl::string_view path) const { return matcher_.match(Http::PathUtil::removeQueryAndFragment(path)); } } // namespace Matchers } // namespace Envoy ================================================ FILE: source/common/common/matchers.h ================================================ #pragma once #include #include "envoy/common/matchers.h" #include "envoy/common/regex.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/matcher/v3/metadata.pb.h" #include "envoy/type/matcher/v3/number.pb.h" #include "envoy/type/matcher/v3/path.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" #include "common/common/utility.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Matchers { class ValueMatcher; using ValueMatcherConstSharedPtr = std::shared_ptr; class PathMatcher; using PathMatcherConstSharedPtr = std::shared_ptr; class ValueMatcher { public: virtual ~ValueMatcher() = default; /** * Check whether the value is matched to the matcher. */ virtual bool match(const ProtobufWkt::Value& value) const PURE; /** * Create the matcher object. */ static ValueMatcherConstSharedPtr create(const envoy::type::matcher::v3::ValueMatcher& value); }; class NullMatcher : public ValueMatcher { public: /** * Check whether the value is NULL. */ bool match(const ProtobufWkt::Value& value) const override; }; class BoolMatcher : public ValueMatcher { public: BoolMatcher(bool matcher) : matcher_(matcher) {} bool match(const ProtobufWkt::Value& value) const override; private: const bool matcher_; }; class PresentMatcher : public ValueMatcher { public: PresentMatcher(bool matcher) : matcher_(matcher) {} bool match(const ProtobufWkt::Value& value) const override; private: const bool matcher_; }; class DoubleMatcher : public ValueMatcher { public: DoubleMatcher(const envoy::type::matcher::v3::DoubleMatcher& matcher) : matcher_(matcher) {} bool match(const ProtobufWkt::Value& value) const override; private: const envoy::type::matcher::v3::DoubleMatcher matcher_; }; class StringMatcherImpl : public ValueMatcher, public StringMatcher { public: explicit StringMatcherImpl(const envoy::type::matcher::v3::StringMatcher& matcher); bool match(const absl::string_view value) const override; bool match(const ProtobufWkt::Value& value) const override; const envoy::type::matcher::v3::StringMatcher& matcher() const { return matcher_; } private: const envoy::type::matcher::v3::StringMatcher matcher_; Regex::CompiledMatcherPtr regex_; std::string lowercase_contains_match_; }; class ListMatcher : public ValueMatcher { public: ListMatcher(const envoy::type::matcher::v3::ListMatcher& matcher); bool match(const ProtobufWkt::Value& value) const override; private: const envoy::type::matcher::v3::ListMatcher matcher_; ValueMatcherConstSharedPtr oneof_value_matcher_; }; class MetadataMatcher { public: MetadataMatcher(const envoy::type::matcher::v3::MetadataMatcher& matcher); /** * Check whether the metadata is matched to the matcher. * @param metadata the metadata to check. * @return true if it's matched otherwise false. */ bool match(const envoy::config::core::v3::Metadata& metadata) const; private: const envoy::type::matcher::v3::MetadataMatcher matcher_; std::vector path_; ValueMatcherConstSharedPtr value_matcher_; }; class PathMatcher : public StringMatcher { public: PathMatcher(const envoy::type::matcher::v3::PathMatcher& path) : matcher_(path.path()) {} PathMatcher(const envoy::type::matcher::v3::StringMatcher& matcher) : matcher_(matcher) {} static PathMatcherConstSharedPtr createExact(const std::string& exact, bool ignore_case); static PathMatcherConstSharedPtr createPrefix(const std::string& prefix, bool ignore_case); bool match(const absl::string_view path) const override; private: const StringMatcherImpl matcher_; }; } // namespace Matchers } // namespace Envoy ================================================ FILE: source/common/common/mem_block_builder.h ================================================ #pragma once #include #include "common/common/assert.h" #include "absl/types/span.h" namespace Envoy { // Manages a block of raw memory for objects of type T. T is generally expected // to be a POD, where it makes sense to memcpy over it. This class carries extra // member variables for tracking size, and a write-pointer to support safe // appends. // // MemBlockBuilder is used to safely write blocks of data into a memory // buffer. Due to two extra member variables, it is not optimal for storing in // data structures. The intended usage model is to release the raw assembled // memory block from the MemBlockBuilder for efficient storage. // // The goal for this class is to provide a usage model to replace direct usage // of memcpy with a pattern that is easy to validate for correctness by // inspection, asserts, and fuzzing, but when compiled for optimization is // roughly as efficient as raw memcpy. template class MemBlockBuilder { public: // Constructs a MemBlockBuilder allowing for 'capacity' instances of T. explicit MemBlockBuilder(uint64_t capacity) : data_(std::make_unique(capacity)), write_span_(data_.get(), capacity) {} MemBlockBuilder() = default; /** * Allocates (or reallocates) memory for the MemBlockBuilder to make it the * specified capacity. This does not have resize semantics; when setCapacity() * is called any previous contents are erased. * * @param capacity The number of memory elements to allocate. */ void setCapacity(uint64_t capacity) { setCapacityHelper(capacity, std::make_unique(capacity)); } /** * @return the capacity. */ uint64_t capacity() const { return write_span_.size() + write_span_.data() - data_.get(); } /** * Appends a single object of type T, moving an internal write-pointer * forward. Asserts that there is room to write the object when compiled * for debug. * * @param object the object to append. */ void appendOne(T object) { SECURITY_ASSERT(write_span_.size() >= 1, "insufficient capacity"); *write_span_.data() = object; write_span_.remove_prefix(1); } /** * Appends raw data specified as a span, moving an internal write-pointer * forward. Asserts that there is room to write the block. It is the caller's * responsibility to ensure that the input data is valid. * * @param data The span of objects to insert. */ void appendData(absl::Span data) { uint64_t size = data.size(); SECURITY_ASSERT(write_span_.size() >= size, "insufficient capacity"); if (size == 0) { return; } memcpy(write_span_.data(), data.data(), size * sizeof(T)); write_span_.remove_prefix(size); } /** * Appends the contents of another memory block to this one. * * @param src the block to append. */ void appendBlock(const MemBlockBuilder& src) { appendData(src.span()); } /** * @return the number of elements remaining in the MemBlockBuilder. */ uint64_t capacityRemaining() const { return write_span_.size(); } /** * Empties the contents of this. */ void reset() { setCapacityHelper(0, std::unique_ptr(nullptr)); } /** * Returns the underlying storage as a unique pointer, clearing this. * * @return the transferred storage. */ std::unique_ptr release() { write_span_ = absl::MakeSpan(static_cast(nullptr), 0); return std::move(data_); } /** * @return the populated data as an absl::Span. */ absl::Span span() const { return absl::MakeSpan(data_.get(), write_span_.data()); } /** * @return The number of elements the have been added to the builder. */ uint64_t size() const { return write_span_.data() - data_.get(); } private: void setCapacityHelper(uint64_t capacity, std::unique_ptr data) { data_ = std::move(data); write_span_ = absl::MakeSpan(data_.get(), capacity); } std::unique_ptr data_; absl::Span write_span_; }; } // namespace Envoy ================================================ FILE: source/common/common/mutex_tracer_impl.cc ================================================ #include "common/common/mutex_tracer_impl.h" #include #include #include "common/common/assert.h" #include "absl/synchronization/mutex.h" namespace Envoy { MutexTracerImpl* MutexTracerImpl::singleton_ = nullptr; MutexTracerImpl& MutexTracerImpl::getOrCreateTracer() { if (singleton_ == nullptr) { singleton_ = new MutexTracerImpl; // There's no easy way to unregister a hook. Luckily, this hook is innocuous enough that it // seems safe to leave it registered during testing, even though this technically breaks // hermeticity. absl::RegisterMutexTracer(&Envoy::MutexTracerImpl::contentionHook); } return *singleton_; } void MutexTracerImpl::contentionHook(const char* msg, const void* obj, int64_t wait_cycles) { ASSERT(singleton_ != nullptr); singleton_->recordContention(msg, obj, wait_cycles); } void MutexTracerImpl::reset() { num_contentions_.store(0, order_); current_wait_cycles_.store(0, order_); lifetime_wait_cycles_.store(0, order_); } inline void MutexTracerImpl::recordContention(const char*, const void*, int64_t wait_cycles) { num_contentions_.fetch_add(1, order_); current_wait_cycles_.store(wait_cycles, order_); lifetime_wait_cycles_.fetch_add(wait_cycles, order_); } } // namespace Envoy ================================================ FILE: source/common/common/mutex_tracer_impl.h ================================================ #pragma once #include #include #include #include "envoy/common/mutex_tracer.h" #include "common/common/thread_annotations.h" namespace Envoy { // Encapsulates a contention hook which is registered from getOrCreateTracer() which records // statistics about that contention. // // MutexTracer should be accessed via getOrCreateTracer(), which ensures that the global singleton // MutexTracer object is always being called. This is necessary because of the type signature which // absl::RegisterMutexTracer() expects. // // *NB*: getOrCreateTracer() is not thread-safe, and should be called once at startup, after which // the internal contention hook is thread-safe. This is possible by utilizing memory_order_relaxed // atomic writes. class MutexTracerImpl final : public MutexTracer { public: static MutexTracerImpl& getOrCreateTracer(); // Resets the recorded statistics. void reset() override; int64_t numContentions() const override { return num_contentions_.load(order_); } int64_t currentWaitCycles() const override { return current_wait_cycles_.load(order_); } int64_t lifetimeWaitCycles() const override { return lifetime_wait_cycles_.load(order_); } private: friend class MutexTracerTest; // Hook called by absl mutex system once registered from getOrCreateTracer(). static void contentionHook(const char* msg, const void* obj, int64_t wait_cycles); // Utility function for contentionHook. inline void recordContention(const char*, const void*, int64_t wait_cycles); // Keeping singleton_ as a static class member avoids the barrier-lookup for the tracer object on // every contention. static MutexTracerImpl* singleton_; // Number of mutex contention occurrences since last reset. std::atomic num_contentions_{0}; // Length of the current contention wait cycle. std::atomic current_wait_cycles_{0}; // Total sum of all wait cycles. std::atomic lifetime_wait_cycles_{0}; // TODO(ambuc): Build running averages here? // We utilize std::memory_order_relaxed for all operations for the least possible contention. static constexpr std::memory_order order_{std::memory_order_relaxed}; }; } // namespace Envoy ================================================ FILE: source/common/common/non_copyable.h ================================================ #pragma once namespace Envoy { /** * Mixin class that makes derived classes not copyable and not moveable. Like boost::noncopyable * without boost. */ class NonCopyable { protected: NonCopyable() = default; // Non-moveable. NonCopyable(NonCopyable&&) noexcept = delete; NonCopyable& operator=(NonCopyable&&) noexcept = delete; // Non-copyable. NonCopyable(const NonCopyable&) = delete; NonCopyable& operator=(const NonCopyable&) = delete; }; } // namespace Envoy ================================================ FILE: source/common/common/perf_annotation.cc ================================================ #ifndef ENVOY_PERF_ANNOTATION #define ENVOY_PERF_ANNOTATION #endif #include "common/common/perf_annotation.h" #include #include #include #include "envoy/common/platform.h" #include "common/common/lock_guard.h" #include "common/common/utility.h" #include "absl/strings/str_cat.h" namespace Envoy { PerfOperation::PerfOperation() : context_(PerfAnnotationContext::getOrCreate()), start_time_(context_->currentTime()) {} void PerfOperation::record(absl::string_view category, absl::string_view description) { const MonotonicTime end_time = context_->currentTime(); const std::chrono::nanoseconds duration = std::chrono::duration_cast(end_time - start_time_); context_->record(duration, category, description); } // The ctor is explicitly declared private to encourage clients to use getOrCreate(), at // least for now. Given that it's declared it must be instantiated. It's not inlined // because the constructor is non-trivial due to the contained unordered_map. PerfAnnotationContext::PerfAnnotationContext() = default; void PerfAnnotationContext::record(std::chrono::nanoseconds duration, absl::string_view category, absl::string_view description) { CategoryDescription key = {std::string(category), std::string(description)}; { #if PERF_THREAD_SAFE Thread::LockGuard lock(mutex_); #endif DurationStats& stats = duration_stats_map_[key]; stats.stddev_.update(static_cast(duration.count())); if ((stats.stddev_.count() == 1) || (duration < stats.min_)) { stats.min_ = duration; } stats.max_ = std::max(stats.max_, duration); stats.total_ += duration; } } // TODO(jmarantz): Consider hooking up perf information-dump into admin console, if // we find a performance problem we want to annotate with a live server. void PerfAnnotationContext::dump() { std::cout << toString() << std::endl; } std::string PerfAnnotationContext::toString() { PerfAnnotationContext* context = getOrCreate(); std::string out; #if PERF_THREAD_SAFE Thread::LockGuard lock(context->mutex_); #endif // The map is from category/description -> [duration, time]. Reverse-sort by duration. std::vector sorted_values; sorted_values.reserve(context->duration_stats_map_.size()); for (const auto& iter : context->duration_stats_map_) { sorted_values.push_back(&iter); } std::sort( sorted_values.begin(), sorted_values.end(), [](const DurationStatsMap::value_type* a, const DurationStatsMap::value_type* b) -> bool { const DurationStats& a_stats = a->second; const DurationStats& b_stats = b->second; return a_stats.total_ > b_stats.total_; }); // Organize the report so it lines up in columns. Note that the widest duration comes first, // though that may not be descending order of calls or per_call time, so we need two passes // to compute column widths. First collect the column headers and their widths. // // TODO(jmarantz): Add a mechanism for dumping to HTML for viewing results in web browser. static const char* headers[] = {"Duration(us)", "# Calls", "Mean(ns)", "StdDev(ns)", "Min(ns)", "Max(ns)", "Category", "Description"}; constexpr int num_columns = ARRAY_SIZE(headers); size_t widths[num_columns]; std::vector columns[num_columns]; for (size_t i = 0; i < num_columns; ++i) { std::string column(headers[i]); widths[i] = column.size(); columns[i].emplace_back(column); } // Compute all the column strings and their max widths. for (const auto& p : sorted_values) { const DurationStats& stats = p->second; const auto microseconds_string = [](std::chrono::nanoseconds ns) -> std::string { return std::to_string(std::chrono::duration_cast(ns).count()); }; const auto nanoseconds_string = [](std::chrono::nanoseconds ns) -> std::string { return std::to_string(std::chrono::duration_cast(ns).count()); }; columns[0].push_back(microseconds_string(stats.total_)); const uint64_t count = stats.stddev_.count(); columns[1].push_back(std::to_string(count)); columns[2].push_back( (count == 0) ? "NaN" : std::to_string( std::chrono::duration_cast(stats.total_).count() / count)); columns[3].push_back(absl::StrCat("", stats.stddev_.computeStandardDeviation())); columns[4].push_back(nanoseconds_string(stats.min_)); columns[5].push_back(nanoseconds_string(stats.max_)); const CategoryDescription& category_description = p->first; columns[6].push_back(category_description.category); columns[7].push_back(category_description.description); for (size_t i = 0; i < num_columns; ++i) { widths[i] = std::max(widths[i], columns[i].back().size()); } } // Create format-strings to right justify each column, e.g. {:>14} for a column of width 14. std::vector formats; for (size_t i = 0; i < num_columns; ++i) { // left-justify category & description, but right-justify the numeric columns. const absl::string_view justify = (i < num_columns - 2) ? ">" : "<"; formats.push_back(absl::StrCat("{:", justify, widths[i], "}")); } // Write out the table. for (size_t row = 0; row < columns[0].size(); ++row) { for (size_t i = 0; i < num_columns; ++i) { const std::string& str = columns[i][row]; absl::StrAppend(&out, fmt::format(formats[i], str), (i != (num_columns - 1) ? " " : "\n")); } } return out; } void PerfAnnotationContext::clear() { PerfAnnotationContext* context = getOrCreate(); #if PERF_THREAD_SAFE Thread::LockGuard lock(context->mutex_); #endif context->duration_stats_map_.clear(); } PerfAnnotationContext* PerfAnnotationContext::getOrCreate() { static auto* context = new PerfAnnotationContext(); return context; } } // namespace Envoy ================================================ FILE: source/common/common/perf_annotation.h ================================================ #pragma once #ifdef ENVOY_PERF_ANNOTATION #include #include #include "common/common/thread.h" #include "common/common/utility.h" #include "absl/container/node_hash_map.h" #include "absl/strings/string_view.h" // Performance Annotation system, enabled with // bazel --define=perf_annotation=enabled ... // or, in individual .cc files: // #define ENVOY_PERF_ANNOTATION // In the absence of such directives, the support classes are built and tested. // However, the macros for instrumenting code for performance analysis will expand // to nothing. // // See also: https://github.com/LLNL/Caliper -- it may be worth integrating with // that for added functionality, particularly around loops. // // See also, for a much more comprehensive study in performance annotation: // https://labs.vmware.com/vmtj/methodology-for-performance-analysis-of-vmware-vsphere-under-tier-1-applications // https://dl.acm.org/citation.cfm?id=1899945&dl=ACM&coll=DL /** * Initiates a performance operation, storing its state in perf_var. A perf_var * can then be reported multiple times. */ #define PERF_OPERATION(perf_var) Envoy::PerfOperation perf_var /** * Records performance data initiated with PERF_OPERATION. The category and description * are joined with in the library, but only if perf is enabled. This way, any concatenation * overhead is skipped when perf-annotation is disabled. */ #define PERF_RECORD(perf, category, description) \ do { \ perf.record(category, description); \ } while (false) /** * Dumps recorded performance data to stdout. Expands to nothing if not enabled. */ #define PERF_DUMP() Envoy::PerfAnnotationContext::dump() /** * Returns the aggregated performance data as a formatted multi-line string, showing a * formatted table of values. Returns "" if perf-annotation is disabled. */ #define PERF_TO_STRING() Envoy::PerfAnnotationContext::toString() /** * Clears all performance data. */ #define PERF_CLEAR() Envoy::PerfAnnotationContext::clear() /** * Controls whether performances collection and reporting is thread safe. For now, * leaving this enabled for predictability across multiple applications, on the assumption * that an uncontended mutex lock has vanishingly small cost. In the future we may try * to make this system thread-unsafe if mutex contention disturbs the metrics. */ #define PERF_THREAD_SAFE true namespace Envoy { /** * Defines a context for collecting performance data. Note that this class is * fully declared and defined even if ENVOY_PERF_AUTOMATION is off. We depend on * the macros to disable performance collection for production. */ class PerfAnnotationContext { public: /** * Records time consumed by a category and description, which are shown as separate * columns in the generated output table. * * @param duration the duration. * @param category the name of a category for the recording. * @param description the name of description for the recording. */ void record(std::chrono::nanoseconds duration, absl::string_view category, absl::string_view description); /** @return MonotonicTime the current time */ MonotonicTime currentTime() { return time_source_.monotonicTime(); } /** * Renders the aggregated statistics as a string. * @return std::string the performance data as a formatted string. */ static std::string toString(); /** * Dumps aggregated statistics (if any) to stdout. */ static void dump(); /** * Thread-safe lazy-initialization of a PerfAnnotationContext on first use. * @return PerfAnnotationContext* the context. */ static PerfAnnotationContext* getOrCreate(); /** * Clears out all aggregated statistics. */ static void clear(); private: /** * PerfAnnotationContext construction should be done via getOrCreate(). */ PerfAnnotationContext(); struct CategoryDescription { std::string category; std::string description; bool operator==(const CategoryDescription& other) const { return category == other.category && description == other.description; } }; struct DurationStats { std::chrono::nanoseconds total_{0}; std::chrono::nanoseconds min_{0}; std::chrono::nanoseconds max_{0}; WelfordStandardDeviation stddev_; }; struct Hash { size_t operator()(const CategoryDescription& a) const { return std::hash()(a.category) + 13 * std::hash()(a.description); } }; using DurationStatsMap = absl::node_hash_map; // Maps {category, description} to DurationStats. #if PERF_THREAD_SAFE DurationStatsMap duration_stats_map_ ABSL_GUARDED_BY(mutex_); Thread::MutexBasicLockable mutex_; #else DurationStatsMap duration_stats_map_; #endif RealTimeSource time_source_; }; /** * Represents an operation for reporting timing to the perf system. Usage: * * f() { * PerfOperation perf_op; * computeIntensiveWork(); * perf_op.record("category", "description"); * } */ class PerfOperation { public: PerfOperation(); /** * Report an event relative to the operation in progress. Note report can be called * multiple times on a single PerfOperation, with distinct category/description combinations. * @param category the name of a category for the recording. * @param description the name of description for the recording. */ void record(absl::string_view category, absl::string_view description); private: PerfAnnotationContext* context_; MonotonicTime start_time_; }; } // namespace Envoy #else // Macros that expand to nothing when performance collection is disabled. These are contrived to // work syntactically as a C++ statement (e.g. if (foo) PERF_RECORD(...) else PERF_RECORD(...)). #define PERF_OPERATION(perf_var) \ do { \ } while (false) #define PERF_RECORD(perf, category, description) \ do { \ } while (false) #define PERF_DUMP() \ do { \ } while (false) #define PERF_TO_STRING() "" #define PERF_CLEAR() \ do { \ } while (false) #endif ================================================ FILE: source/common/common/phantom.h ================================================ #pragma once #include namespace Envoy { // A phantom type allows wrapping a common type with additional type information in order to allow // additional compile time safety when passing it around. template struct Phantom { Phantom() = default; explicit Phantom(const InnerT& t) : val_(t) {} explicit Phantom(InnerT&& t) : val_(std::move(t)) {} InnerT& get() { return val_; } const InnerT& get() const { return val_; }; bool operator==(const Phantom& other) const { return val_ == other.val_; } private: InnerT val_; }; } // namespace Envoy ================================================ FILE: source/common/common/posix/thread_impl.cc ================================================ #include "common/common/assert.h" #include "common/common/thread_impl.h" #include "absl/strings/str_cat.h" #if defined(__linux__) #include #endif namespace Envoy { namespace Thread { namespace { int64_t getCurrentThreadId() { #ifdef __linux__ return static_cast(syscall(SYS_gettid)); #elif defined(__APPLE__) uint64_t tid; pthread_threadid_np(nullptr, &tid); return tid; #else #error "Enable and test pthread id retrieval code for you arch in pthread/thread_impl.cc" #endif } } // namespace // See https://www.man7.org/linux/man-pages/man3/pthread_setname_np.3.html. // The maximum thread name is 16 bytes including the terminating nul byte, // so we need to truncate the string_view to 15 bytes. #define PTHREAD_MAX_THREADNAME_LEN_INCLUDING_NULL_BYTE 16 /** * Wrapper for a pthread thread. We don't use std::thread because it eats exceptions and leads to * unusable stack traces. */ class ThreadImplPosix : public Thread { public: ThreadImplPosix(std::function thread_routine, OptionsOptConstRef options) : thread_routine_(std::move(thread_routine)) { if (options) { name_ = options->name_.substr(0, PTHREAD_MAX_THREADNAME_LEN_INCLUDING_NULL_BYTE - 1); } RELEASE_ASSERT(Logger::Registry::initialized(), ""); const int rc = pthread_create( &thread_handle_, nullptr, [](void* arg) -> void* { static_cast(arg)->thread_routine_(); return nullptr; }, this); RELEASE_ASSERT(rc == 0, ""); #if SUPPORTS_PTHREAD_NAMING // If the name was not specified, get it from the OS. If the name was // specified, write it into the thread, and assert that the OS sees it the // same way. if (name_.empty()) { getNameFromOS(name_); } else { const int set_name_rc = pthread_setname_np(thread_handle_, name_.c_str()); if (set_name_rc != 0) { ENVOY_LOG_MISC(trace, "Error {} setting name `{}'", set_name_rc, name_); } else { // When compiling in debug mode, read back the thread-name from the OS, // and verify it's what we asked for. This ensures the truncation is as // expected, and that the OS will actually retain all the bytes of the // name we expect. // // Note that the system-call to read the thread name may fail in case // the thread exits after the call to set the name above, and before the // call to get the name, so we can only do the assert if that call // succeeded. std::string check_name; ASSERT(!getNameFromOS(check_name) || check_name == name_, absl::StrCat("configured name=", name_, " os name=", check_name)); } } #endif } ~ThreadImplPosix() override { ASSERT(joined_); } std::string name() const override { return name_; } // Thread::Thread void join() override { ASSERT(!joined_); joined_ = true; const int rc = pthread_join(thread_handle_, nullptr); RELEASE_ASSERT(rc == 0, ""); } private: #if SUPPORTS_PTHREAD_NAMING // Attempts to get the name from the operating system, returning true and // updating 'name' if successful. Note that during normal operation this // may fail, if the thread exits prior to the system call. bool getNameFromOS(std::string& name) { // Verify that the name got written into the thread as expected. char buf[PTHREAD_MAX_THREADNAME_LEN_INCLUDING_NULL_BYTE]; const int get_name_rc = pthread_getname_np(thread_handle_, buf, sizeof(buf)); if (get_name_rc != 0) { ENVOY_LOG_MISC(trace, "Error {} getting name", get_name_rc); return false; } name = buf; return true; } #endif std::function thread_routine_; pthread_t thread_handle_; std::string name_; bool joined_{false}; }; ThreadPtr ThreadFactoryImplPosix::createThread(std::function thread_routine, OptionsOptConstRef options) { return std::make_unique(thread_routine, options); } ThreadId ThreadFactoryImplPosix::currentThreadId() { return ThreadId(getCurrentThreadId()); } } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/posix/thread_impl.h ================================================ #pragma once #include #include #include "envoy/thread/thread.h" namespace Envoy { namespace Thread { /** * Implementation of ThreadFactory */ class ThreadFactoryImplPosix : public ThreadFactory { public: // Thread::ThreadFactory ThreadPtr createThread(std::function thread_routine, OptionsOptConstRef options) override; ThreadId currentThreadId() override; }; } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/random_generator.cc ================================================ #include "common/common/random_generator.h" #include "common/common/assert.h" #include "openssl/rand.h" namespace Envoy { namespace Random { const size_t RandomGeneratorImpl::UUID_LENGTH = 36; uint64_t RandomGeneratorImpl::random() { // Prefetch 256 * sizeof(uint64_t) bytes of randomness. buffered_idx is initialized to 256, // i.e. out-of-range value, so the buffer will be filled with randomness on the first call // to this function. // // There is a diminishing return when increasing the prefetch size, as illustrated below in // a test that generates 1,000,000,000 uint64_t numbers (results on Intel Xeon E5-1650v3). // // //test/common/runtime:runtime_impl_test - Random.DISABLED_benchmarkRandom // // prefetch | time | improvement // (uint64_t) | (ms) | (% vs prev) // --------------------------------- // 32 | 25,931 | // 64 | 15,124 | 42% faster // 128 | 9,653 | 36% faster // 256 | 6,930 | 28% faster <-- used right now // 512 | 5,571 | 20% faster // 1024 | 4,888 | 12% faster // 2048 | 4,594 | 6% faster // 4096 | 4,424 | 4% faster // 8192 | 4,386 | 1% faster const size_t prefetch = 256; static thread_local uint64_t buffered[prefetch]; static thread_local size_t buffered_idx = prefetch; if (buffered_idx >= prefetch) { int rc = RAND_bytes(reinterpret_cast(buffered), sizeof(buffered)); ASSERT(rc == 1); buffered_idx = 0; } // Consume uint64_t from the buffer. return buffered[buffered_idx++]; } std::string RandomGeneratorImpl::uuid() { // Prefetch 2048 bytes of randomness. buffered_idx is initialized to sizeof(buffered), // i.e. out-of-range value, so the buffer will be filled with randomness on the first // call to this function. // // There is a diminishing return when increasing the prefetch size, as illustrated below // in a test that generates 100,000,000 UUIDs (results on Intel Xeon E5-1650v3). // // //test/common/runtime:uuid_util_test - UUIDUtilsTest.DISABLED_benchmark // // prefetch | time | improvement // (bytes) | (ms) | (% vs prev) // --------------------------------- // 128 | 16,353 | // 256 | 11,827 | 28% faster // 512 | 9,676 | 18% faster // 1024 | 8,594 | 11% faster // 2048 | 8,097 | 6% faster <-- used right now // 4096 | 7,790 | 4% faster // 8192 | 7,737 | 1% faster static thread_local uint8_t buffered[2048]; static thread_local size_t buffered_idx = sizeof(buffered); if (buffered_idx + 16 > sizeof(buffered)) { int rc = RAND_bytes(buffered, sizeof(buffered)); ASSERT(rc == 1); buffered_idx = 0; } // Consume 16 bytes from the buffer. ASSERT(buffered_idx + 16 <= sizeof(buffered)); uint8_t* rand = &buffered[buffered_idx]; buffered_idx += 16; // Create UUID from Truly Random or Pseudo-Random Numbers. // See: https://tools.ietf.org/html/rfc4122#section-4.4 rand[6] = (rand[6] & 0x0f) | 0x40; // UUID version 4 (random) rand[8] = (rand[8] & 0x3f) | 0x80; // UUID variant 1 (RFC4122) // Convert UUID to a string representation, e.g. a121e9e1-feae-4136-9e0e-6fac343d56c9. static const char* const hex = "0123456789abcdef"; char uuid[UUID_LENGTH]; for (uint8_t i = 0; i < 4; i++) { const uint8_t d = rand[i]; uuid[2 * i] = hex[d >> 4]; uuid[2 * i + 1] = hex[d & 0x0f]; } uuid[8] = '-'; for (uint8_t i = 4; i < 6; i++) { const uint8_t d = rand[i]; uuid[2 * i + 1] = hex[d >> 4]; uuid[2 * i + 2] = hex[d & 0x0f]; } uuid[13] = '-'; for (uint8_t i = 6; i < 8; i++) { const uint8_t d = rand[i]; uuid[2 * i + 2] = hex[d >> 4]; uuid[2 * i + 3] = hex[d & 0x0f]; } uuid[18] = '-'; for (uint8_t i = 8; i < 10; i++) { const uint8_t d = rand[i]; uuid[2 * i + 3] = hex[d >> 4]; uuid[2 * i + 4] = hex[d & 0x0f]; } uuid[23] = '-'; for (uint8_t i = 10; i < 16; i++) { const uint8_t d = rand[i]; uuid[2 * i + 4] = hex[d >> 4]; uuid[2 * i + 5] = hex[d & 0x0f]; } return std::string(uuid, UUID_LENGTH); } } // namespace Random } // namespace Envoy ================================================ FILE: source/common/common/random_generator.h ================================================ #pragma once #include "envoy/common/random_generator.h" namespace Envoy { namespace Random { /** * Implementation of RandomGenerator that uses per-thread RANLUX generators seeded with current * time. */ class RandomGeneratorImpl : public RandomGenerator { public: // Random::RandomGenerator uint64_t random() override; std::string uuid() override; static const size_t UUID_LENGTH; }; } // namespace Random } // namespace Envoy ================================================ FILE: source/common/common/regex.cc ================================================ #include "common/common/regex.h" #include "envoy/common/exception.h" #include "envoy/runtime/runtime.h" #include "envoy/type/matcher/v3/regex.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/protobuf/utility.h" #include "common/stats/symbol_table_impl.h" #include "re2/re2.h" namespace Envoy { namespace Regex { namespace { class CompiledStdMatcher : public CompiledMatcher { public: CompiledStdMatcher(std::regex&& regex) : regex_(std::move(regex)) {} // CompiledMatcher bool match(absl::string_view value) const override { try { return std::regex_match(value.begin(), value.end(), regex_); } catch (const std::regex_error& e) { return false; } } // CompiledMatcher std::string replaceAll(absl::string_view value, absl::string_view substitution) const override { try { return std::regex_replace(std::string(value), regex_, std::string(substitution)); } catch (const std::regex_error& e) { return std::string(value); } } private: const std::regex regex_; }; class CompiledGoogleReMatcher : public CompiledMatcher { public: CompiledGoogleReMatcher(const envoy::type::matcher::v3::RegexMatcher& config) : regex_(config.regex(), re2::RE2::Quiet) { if (!regex_.ok()) { throw EnvoyException(regex_.error()); } const uint32_t regex_program_size = static_cast(regex_.ProgramSize()); // Check if the deprecated field max_program_size is set first, and follow the old logic if so. if (config.google_re2().has_max_program_size()) { const uint32_t max_program_size = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.google_re2(), max_program_size, 100); if (regex_program_size > max_program_size) { throw EnvoyException(fmt::format("regex '{}' RE2 program size of {} > max program size of " "{}. Increase configured max program size if necessary.", config.regex(), regex_program_size, max_program_size)); } return; } Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting(); if (runtime) { Stats::Scope& root_scope = runtime->getRootScope(); // TODO(perf): It would be more efficient to create the stats (program size histogram, warning // counter) on startup and not with each regex match. Stats::StatNameManagedStorage program_size_stat_name("re2.program_size", root_scope.symbolTable()); Stats::Histogram& program_size_stat = root_scope.histogramFromStatName( program_size_stat_name.statName(), Stats::Histogram::Unit::Unspecified); program_size_stat.recordValue(regex_program_size); Stats::StatNameManagedStorage warn_count_stat_name("re2.exceeded_warn_level", root_scope.symbolTable()); Stats::Counter& warn_count = root_scope.counterFromStatName(warn_count_stat_name.statName()); const uint32_t max_program_size_error_level = runtime->snapshot().getInteger("re2.max_program_size.error_level", 100); if (regex_program_size > max_program_size_error_level) { throw EnvoyException(fmt::format("regex '{}' RE2 program size of {} > max program size of " "{} set for the error level threshold. Increase " "configured max program size if necessary.", config.regex(), regex_program_size, max_program_size_error_level)); } const uint32_t max_program_size_warn_level = runtime->snapshot().getInteger("re2.max_program_size.warn_level", UINT32_MAX); if (regex_program_size > max_program_size_warn_level) { warn_count.inc(); ENVOY_LOG_MISC( warn, "regex '{}' RE2 program size of {} > max program size of {} set for the warn " "level threshold. Increase configured max program size if necessary.", config.regex(), regex_program_size, max_program_size_warn_level); } } } // CompiledMatcher bool match(absl::string_view value) const override { return re2::RE2::FullMatch(re2::StringPiece(value.data(), value.size()), regex_); } // CompiledMatcher std::string replaceAll(absl::string_view value, absl::string_view substitution) const override { std::string result = std::string(value); re2::RE2::GlobalReplace(&result, regex_, re2::StringPiece(substitution.data(), substitution.size())); return result; } private: const re2::RE2 regex_; }; } // namespace CompiledMatcherPtr Utility::parseRegex(const envoy::type::matcher::v3::RegexMatcher& matcher) { // Google Re is the only currently supported engine. ASSERT(matcher.has_google_re2()); return std::make_unique(matcher); } CompiledMatcherPtr Utility::parseStdRegexAsCompiledMatcher(const std::string& regex, std::regex::flag_type flags) { return std::make_unique(parseStdRegex(regex, flags)); } std::regex Utility::parseStdRegex(const std::string& regex, std::regex::flag_type flags) { // TODO(zuercher): In the future, PGV (https://github.com/envoyproxy/protoc-gen-validate) // annotations may allow us to remove this in favor of direct validation of regular // expressions. try { return std::regex(regex, flags); } catch (const std::regex_error& e) { throw EnvoyException(fmt::format("Invalid regex '{}': {}", regex, e.what())); } } } // namespace Regex } // namespace Envoy ================================================ FILE: source/common/common/regex.h ================================================ #pragma once #include #include #include "envoy/common/regex.h" #include "envoy/type/matcher/v3/regex.pb.h" namespace Envoy { namespace Regex { /** * Utilities for constructing regular expressions. */ class Utility { public: /** * Constructs a std::regex, converting any std::regex_error exception into an EnvoyException. * @param regex std::string containing the regular expression to parse. * @param flags std::regex::flag_type containing parser flags. Defaults to std::regex::optimize. * @return std::regex constructed from regex and flags. * @throw EnvoyException if the regex string is invalid. */ static std::regex parseStdRegex(const std::string& regex, std::regex::flag_type flags = std::regex::optimize); /** * Construct an std::regex compiled regex matcher. * * TODO(mattklein123): In general this is only currently used in deprecated code paths and can be * removed once all of those code paths are removed. */ static CompiledMatcherPtr parseStdRegexAsCompiledMatcher(const std::string& regex, std::regex::flag_type flags = std::regex::optimize); /** * Construct a compiled regex matcher from a match config. */ static CompiledMatcherPtr parseRegex(const envoy::type::matcher::v3::RegexMatcher& matcher); }; } // namespace Regex } // namespace Envoy ================================================ FILE: source/common/common/scalar_to_byte_vector.h ================================================ #pragma once #include #include namespace Envoy { template void pushScalarToByteVector(T val, std::vector& bytes) { uint8_t* byte_ptr = reinterpret_cast(&val); for (uint32_t byte_index = 0; byte_index < sizeof val; byte_index++) { bytes.push_back(*byte_ptr++); } } } // namespace Envoy ================================================ FILE: source/common/common/scope_tracker.h ================================================ #pragma once #include "envoy/common/scope_tracker.h" #include "envoy/event/dispatcher.h" namespace Envoy { // A small class for tracking the scope of the object which is currently having // work done in this thread. // // When created, it sets the tracked object in the dispatcher, and when destroyed it points the // dispatcher at the previously tracked object. class ScopeTrackerScopeState { public: ScopeTrackerScopeState(const ScopeTrackedObject* object, Event::Dispatcher& dispatcher) : dispatcher_(dispatcher) { latched_object_ = dispatcher_.setTrackedObject(object); } ~ScopeTrackerScopeState() { dispatcher_.setTrackedObject(latched_object_); } private: const ScopeTrackedObject* latched_object_; Event::Dispatcher& dispatcher_; }; } // namespace Envoy ================================================ FILE: source/common/common/standard/logger_impl.h ================================================ #pragma once #include "common/common/base_logger.h" namespace Envoy { namespace Logger { #define GENERATE_LOGGER(X) StandardLogger(#X), } // namespace Logger } // namespace Envoy ================================================ FILE: source/common/common/statusor.h ================================================ #pragma once #include "third_party/statusor/statusor.h" /** * Facility for returning either a valid value or an error in a form of Envoy::Status. * * IMPORTANT: StatusOr default constructor must not be used as it does not fit into any * Envoy's use cases. The error extracting functions in the common/common/status.h will * RELEASE_ASSERT on default initialized StatusOr. * * To return an error StatusOr object an error creating function from common/common/status.h must be * used. * TODO(yanavlasov): add clang-tidy or lint check to enforce this. * * Usage example: * * Envoy::StatusOr Foo() { * ... * if (codec_error) { * return CodecProtocolError("Invalid protocol"); * } * return 123456; * } * * void Bar() { * auto status_or = Foo(); * if (status_or.ok()) { * int result = status_or.value(); * ... * } else { * ASSERT(IsCodecProtocolError(status_or.status())); * ENVOY_LOG(debug, "Codec error encountered: {}", status_or.status().message()); * } * } */ namespace Envoy { using absl::StatusOr; // NOLINT(misc-unused-using-decls) } // namespace Envoy ================================================ FILE: source/common/common/stl_helpers.h ================================================ #pragma once #include #include #include #include #include "absl/strings/str_join.h" namespace Envoy { /** * See if a reference exists within a container of std::reference_wrappers. */ template bool containsReference(const Container& c, const T& t) { return std::find_if(c.begin(), c.end(), [&](std::reference_wrapper e) -> bool { return &e.get() == &t; }) != c.end(); } } // namespace Envoy // NOLINT(namespace-envoy) // Overload functions in std library. namespace std { // Overload std::operator<< to output a vector. template std::ostream& operator<<(std::ostream& out, const std::vector& v) { out << "vector { " << absl::StrJoin(v, ", ", absl::StreamFormatter()) << " }"; return out; } } // namespace std ================================================ FILE: source/common/common/thread.h ================================================ #pragma once #include #include #include #include #include "envoy/thread/thread.h" #include "common/common/non_copyable.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Thread { /** * Implementation of BasicLockable */ class MutexBasicLockable : public BasicLockable { public: // BasicLockable void lock() ABSL_EXCLUSIVE_LOCK_FUNCTION() override { mutex_.Lock(); } bool tryLock() ABSL_EXCLUSIVE_TRYLOCK_FUNCTION(true) override { return mutex_.TryLock(); } void unlock() ABSL_UNLOCK_FUNCTION() override { mutex_.Unlock(); } private: friend class CondVar; absl::Mutex mutex_; }; /** * Implementation of condvar, based on MutexLockable. This interface is a hybrid * between std::condition_variable and absl::CondVar. */ class CondVar { public: enum class WaitStatus { Timeout, NoTimeout, // Success or Spurious }; /** * Note that it is not necessary to be holding an associated mutex to call * notifyOne or notifyAll. See the discussion in * http://en.cppreference.com/w/cpp/thread/condition_variable_any/notify_one * for more details. */ void notifyOne() noexcept { condvar_.Signal(); } void notifyAll() noexcept { condvar_.SignalAll(); }; /** * wait() and waitFor do not throw, and never will, as they are based on * absl::CondVar, so it's safe to pass the a mutex to wait() directly, even if * it's also managed by a LockGuard. See definition of CondVar in * source/source/thread.h for an alternate implementation, which does not work * with thread annotation. */ void wait(MutexBasicLockable& mutex) noexcept ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex) { condvar_.Wait(&mutex.mutex_); } /** * @return WaitStatus whether the condition timed out or not. */ template WaitStatus waitFor(MutexBasicLockable& mutex, std::chrono::duration duration) noexcept ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex) { return condvar_.WaitWithTimeout(&mutex.mutex_, absl::FromChrono(duration)) ? WaitStatus::Timeout : WaitStatus::NoTimeout; } private: // Note: alternate implementation of this class based on std::condition_variable_any // https://gist.github.com/jmarantz/d22b836cee3ca203cc368553eda81ce5 // does not currently work well with thread-annotation. absl::CondVar condvar_; }; enum class AtomicPtrAllocMode { DoNotDelete, DeleteOnDestruct }; // Manages an array of atomic pointers to T, providing a relatively // contention-free mechanism to lazily get a T* at an index, where the caller // provides a mechanism to instantiate a T* under lock, if one has not already // been stored at that index. // // alloc_mode controls whether allocated T* entries should be deleted on // destruction of the array. This should be set to AtomicPtrAllocMode::DoNotDelete // if the T* returned from MakeObject are managed by the caller. template class AtomicPtrArray : NonCopyable { public: AtomicPtrArray() { for (std::atomic& atomic_ref : data_) { atomic_ref = nullptr; } } ~AtomicPtrArray() { if (alloc_mode == AtomicPtrAllocMode::DeleteOnDestruct) { for (std::atomic& atomic_ref : data_) { T* ptr = atomic_ref.load(); if (ptr != nullptr) { delete ptr; } } } } // User-defined function for allocating an object. This will be called // under a lock controlled by this class, so MakeObject will not race // against itself. MakeObject is allowed to return nullptr, in which // case the next call to get() will call MakeObject again. using MakeObject = std::function; /* * Returns an already existing T* at index, or calls make_object to * instantiate and save the T* under lock. * * @param index the Index to look up. * @param make_object function to call under lock to make a T*. * @return The new or already-existing T*, possibly nullptr if make_object returns nullptr. */ T* get(uint32_t index, const MakeObject& make_object) { std::atomic& atomic_ref = data_[index]; // First, use an atomic load to see if the object has already been allocated. if (atomic_ref.load() == nullptr) { absl::MutexLock lock(&mutex_); // If that fails, check again under lock as two threads might have raced // to create the object. if (atomic_ref.load() == nullptr) { atomic_ref = make_object(); } } return atomic_ref.load(); } private: std::atomic data_[size]; absl::Mutex mutex_; }; // Manages a pointer to T, providing a relatively contention-free mechanism to // lazily create a T*, where the caller provides a mechanism to instantiate a // T* under lock, if one has not already been stored. // // alloc_mode controls whether allocated T* objects should be deleted on // destruction of the AtomicObject. This should be set to // AtomicPtrAllocMode::DoNotDelete if the T* returned from MakeObject are managed // by the caller. template class AtomicPtr : private AtomicPtrArray { public: using BaseClass = AtomicPtrArray; using typename BaseClass::MakeObject; /* * Returns an already existing T*, or calls make_object to instantiate and * save the T* under lock. * * @param make_object function to call under lock to make a T*. * @return The new or already-existing T*, possibly nullptr if make_object returns nullptr. */ T* get(const MakeObject& make_object) { return BaseClass::get(0, make_object); } }; } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/thread_annotations.h ================================================ #pragma once // NOLINT(namespace-envoy) #include "absl/base/thread_annotations.h" ================================================ FILE: source/common/common/thread_synchronizer.cc ================================================ #include "common/common/thread_synchronizer.h" namespace Envoy { namespace Thread { void ThreadSynchronizer::enable() { ASSERT(data_ == nullptr); data_ = std::make_unique(); } ThreadSynchronizer::SynchronizerEntry& ThreadSynchronizer::getOrCreateEntry(absl::string_view event_name) { absl::MutexLock lock(&data_->mutex_); auto& existing_entry = data_->entries_[event_name]; if (existing_entry == nullptr) { ENVOY_LOG(debug, "thread synchronzier: creating entry: {}", event_name); existing_entry = std::make_unique(); } return *existing_entry; } void ThreadSynchronizer::waitOnWorker(absl::string_view event_name) { SynchronizerEntry& entry = getOrCreateEntry(event_name); absl::MutexLock lock(&entry.mutex_); ENVOY_LOG(debug, "thread synchronizer: waiting on next {}", event_name); ASSERT(!entry.wait_on_); entry.wait_on_ = true; } void ThreadSynchronizer::syncPointWorker(absl::string_view event_name) { SynchronizerEntry& entry = getOrCreateEntry(event_name); absl::MutexLock lock(&entry.mutex_); // See if we are ignoring waits. If so, just return. if (!entry.wait_on_) { ENVOY_LOG(debug, "thread synchronizer: sync point {}: ignoring", event_name); return; } entry.wait_on_ = false; // See if we are already signaled. If so, just clear signaled and return. if (entry.signaled_) { ENVOY_LOG(debug, "thread synchronizer: sync point {}: already signaled", event_name); entry.signaled_ = false; return; } // Now signal any barrier waiters. entry.at_barrier_ = true; // Now wait to be signaled. ENVOY_LOG(debug, "thread synchronizer: blocking on sync point {}", event_name); entry.mutex_.Await(absl::Condition(&entry.signaled_)); ENVOY_LOG(debug, "thread synchronizer: done blocking for sync point {}", event_name); // Clear the barrier and signaled before unlocking and returning. ASSERT(entry.at_barrier_); entry.at_barrier_ = false; ASSERT(entry.signaled_); entry.signaled_ = false; } void ThreadSynchronizer::barrierOnWorker(absl::string_view event_name) { SynchronizerEntry& entry = getOrCreateEntry(event_name); absl::MutexLock lock(&entry.mutex_); ENVOY_LOG(debug, "thread synchronizer: barrier on {}", event_name); entry.mutex_.Await(absl::Condition(&entry.at_barrier_)); ENVOY_LOG(debug, "thread synchronizer: barrier complete {}", event_name); } void ThreadSynchronizer::signalWorker(absl::string_view event_name) { SynchronizerEntry& entry = getOrCreateEntry(event_name); absl::MutexLock lock(&entry.mutex_); ASSERT(!entry.signaled_); ENVOY_LOG(debug, "thread synchronizer: signaling {}", event_name); entry.signaled_ = true; } } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/thread_synchronizer.h ================================================ #pragma once #include "common/common/assert.h" #include "common/common/logger.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Thread { /** * This class allows for forcing hard to test thread permutations. It is loosely modeled after: * https://github.com/apache/incubator-pagespeed-mod/blob/master/pagespeed/kernel/thread/thread_synchronizer.h * * The idea is that there is almost no cost if the synchronizer is not enabled by test code as * there is a single inline pointer check. */ class ThreadSynchronizer : Logger::Loggable { public: /** * Enable the synchronizer. This should be called once per test by test code. */ void enable(); /** * This is the only API that should generally be called from production code. It introduces * a "sync point" that test code can then use to force blocking, thread barriers, etc. Even * when the synchronizer is enabled(), the syncPoint() will do nothing unless it has been * registered to block via waitOn(). */ void syncPoint(absl::string_view event_name) { if (data_ != nullptr) { syncPointWorker(event_name); } } /** * The next time the sync point registered with event_name is invoked via syncPoint(), the calling * code will block until signaled. Note that this is a one-shot operation and the sync point's * wait status will be cleared. */ void waitOn(absl::string_view event_name) { ASSERT(data_ != nullptr, "call enable() from test code before calling this method"); waitOnWorker(event_name); } /** * This call will block until the next time the sync point registered with event_name is invoked. * The event_name must have been previously registered for blocking via waitOn(). The typical * test pattern is to have a thread arrive at a sync point, block, and then release a test * thread which continues test execution, eventually calling signal() to release the other thread. */ void barrierOn(absl::string_view event_name) { ASSERT(data_ != nullptr, "call enable() from test code before calling this method"); barrierOnWorker(event_name); } /** * Signal an event such that a thread that is blocked within syncPoint() will now proceed. */ void signal(absl::string_view event_name) { ASSERT(data_ != nullptr, "call enable() from test code before calling this method"); signalWorker(event_name); } private: struct SynchronizerEntry { ~SynchronizerEntry() { // Make sure we don't have any pending signals which would indicate a bad test. ASSERT(!signaled_); } absl::Mutex mutex_; bool wait_on_ ABSL_GUARDED_BY(mutex_){}; bool signaled_ ABSL_GUARDED_BY(mutex_){}; bool at_barrier_ ABSL_GUARDED_BY(mutex_){}; }; struct SynchronizerData { absl::Mutex mutex_; absl::flat_hash_map> entries_ ABSL_GUARDED_BY(mutex_); }; SynchronizerEntry& getOrCreateEntry(absl::string_view event_name); void syncPointWorker(absl::string_view event_name); void waitOnWorker(absl::string_view event_name); void barrierOnWorker(absl::string_view event_name); void signalWorker(absl::string_view event_name); std::unique_ptr data_; }; } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/token_bucket_impl.cc ================================================ #include "common/common/token_bucket_impl.h" #include namespace Envoy { TokenBucketImpl::TokenBucketImpl(uint64_t max_tokens, TimeSource& time_source, double fill_rate) : max_tokens_(max_tokens), fill_rate_(std::abs(fill_rate)), tokens_(max_tokens), last_fill_(time_source.monotonicTime()), time_source_(time_source) {} uint64_t TokenBucketImpl::consume(uint64_t tokens, bool allow_partial) { if (tokens_ < max_tokens_) { const auto time_now = time_source_.monotonicTime(); tokens_ = std::min((std::chrono::duration(time_now - last_fill_).count() * fill_rate_) + tokens_, max_tokens_); last_fill_ = time_now; } if (allow_partial) { tokens = std::min(tokens, static_cast(std::floor(tokens_))); } if (tokens_ < tokens) { return 0; } tokens_ -= tokens; return tokens; } std::chrono::milliseconds TokenBucketImpl::nextTokenAvailable() { // If there are tokens available, return immediately. if (tokens_ >= 1) { return std::chrono::milliseconds(0); } // TODO(ramaraochavali): implement a more precise way that works for very low rate limits. return std::chrono::milliseconds(static_cast(std::ceil((1 / fill_rate_) * 1000))); } void TokenBucketImpl::reset(uint64_t num_tokens) { ASSERT(num_tokens <= max_tokens_); tokens_ = num_tokens; last_fill_ = time_source_.monotonicTime(); } } // namespace Envoy ================================================ FILE: source/common/common/token_bucket_impl.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/common/token_bucket.h" #include "common/common/utility.h" namespace Envoy { /** * A class that implements token bucket interface (not thread-safe). */ class TokenBucketImpl : public TokenBucket { public: /** * @param max_tokens supplies the maximum number of tokens in the bucket. * @param time_source supplies the time source. * @param fill_rate supplies the number of tokens that will return to the bucket on each second. * The default is 1. */ explicit TokenBucketImpl(uint64_t max_tokens, TimeSource& time_source, double fill_rate = 1); // TokenBucket uint64_t consume(uint64_t tokens, bool allow_partial) override; std::chrono::milliseconds nextTokenAvailable() override; void reset(uint64_t num_tokens) override; private: const double max_tokens_; const double fill_rate_; double tokens_; MonotonicTime last_fill_; TimeSource& time_source_; }; } // namespace Envoy ================================================ FILE: source/common/common/utility.cc ================================================ #include "common/common/utility.h" #include #include #include #include #include #include #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/hash.h" #include "common/singleton/const_singleton.h" #include "absl/container/node_hash_map.h" #include "absl/strings/ascii.h" #include "absl/strings/match.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "absl/time/time.h" #include "spdlog/spdlog.h" namespace Envoy { namespace { class SpecifierConstantValues { public: // This captures three groups: subsecond-specifier, subsecond-specifier width and // second-specifier. const std::regex PATTERN{"(%([1-9])?f)|(%s)", std::regex::optimize}; }; using SpecifierConstants = ConstSingleton; using UnsignedMilliseconds = std::chrono::duration; } // namespace const std::string errorDetails(int error_code) { #ifndef WIN32 // clang-format off return strerror(error_code); // clang-format on #else // Windows error codes do not correspond to POSIX errno values // Use FormatMessage, strip trailing newline, and return "Unknown error" on failure (as on POSIX). // Failures will usually be due to the error message not being found. char* buffer = NULL; DWORD msg_size = FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_ALLOCATE_BUFFER, NULL, error_code, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&buffer, 0, NULL); if (msg_size == 0) { return "Unknown error"; } if (msg_size > 1 && buffer[msg_size - 2] == '\r' && buffer[msg_size - 1] == '\n') { msg_size -= 2; } std::string error_details(buffer, msg_size); ASSERT(LocalFree(buffer) == NULL); return error_details; #endif } std::string DateFormatter::fromTime(const SystemTime& time) const { struct CachedTime { // The string length of a number of seconds since the Epoch. E.g. for "1528270093", the length // is 10. size_t seconds_length; // A container object to hold a absl::FormatTime string, its timestamp (in seconds) and a list // of position offsets for each specifier found in a format string. struct Formatted { // The resulted string after format string is passed to absl::FormatTime at a given point in // time. std::string str; // A timestamp (in seconds) when this object is created. std::chrono::seconds epoch_time_seconds; // List of offsets for each specifier found in a format string. This is needed to compensate // the position of each recorded specifier due to the possible size change of the previous // segment (after being formatted). SpecifierOffsets specifier_offsets; }; // A map is used to keep different formatted format strings at a given second. absl::node_hash_map formatted; }; static thread_local CachedTime cached_time; const std::chrono::nanoseconds epoch_time_ns = std::chrono::duration_cast(time.time_since_epoch()); const std::chrono::seconds epoch_time_seconds = std::chrono::duration_cast(epoch_time_ns); const auto& item = cached_time.formatted.find(raw_format_string_); if (item == cached_time.formatted.end() || item->second.epoch_time_seconds != epoch_time_seconds) { // Remove all the expired cached items. for (auto it = cached_time.formatted.cbegin(); it != cached_time.formatted.cend();) { if (it->second.epoch_time_seconds != epoch_time_seconds) { auto next_it = std::next(it); cached_time.formatted.erase(it); it = next_it; } else { ++it; } } const time_t current_time = std::chrono::system_clock::to_time_t(time); // Build a new formatted format string at current time. CachedTime::Formatted formatted; const std::string seconds_str = fmt::format_int(epoch_time_seconds.count()).str(); formatted.str = fromTimeAndPrepareSpecifierOffsets(current_time, formatted.specifier_offsets, seconds_str); cached_time.seconds_length = seconds_str.size(); // Stamp the formatted string using the current epoch time in seconds, and then cache it in. formatted.epoch_time_seconds = epoch_time_seconds; cached_time.formatted.emplace(std::make_pair(raw_format_string_, formatted)); } const auto& formatted = cached_time.formatted.at(raw_format_string_); ASSERT(specifiers_.size() == formatted.specifier_offsets.size()); // Copy the current cached formatted format string, then replace its subseconds part (when it has // non-zero width) by correcting its position using prepared subseconds offsets. std::string formatted_str = formatted.str; std::string nanoseconds = fmt::format_int(epoch_time_ns.count()).str(); // Special case handling for beginning of time, we should never need to do this outside of // tests or a time machine. if (nanoseconds.size() < 10) { nanoseconds = std::string(10 - nanoseconds.size(), '0') + nanoseconds; } for (size_t i = 0; i < specifiers_.size(); ++i) { const auto& specifier = specifiers_.at(i); // When specifier.width_ is zero, skip the replacement. This is the last segment or it has no // specifier. if (specifier.width_ > 0 && !specifier.second_) { ASSERT(specifier.position_ + formatted.specifier_offsets.at(i) < formatted_str.size()); formatted_str.replace(specifier.position_ + formatted.specifier_offsets.at(i), specifier.width_, nanoseconds.substr(cached_time.seconds_length, specifier.width_)); } } ASSERT(formatted_str.size() == formatted.str.size()); return formatted_str; } void DateFormatter::parse(const std::string& format_string) { std::string suffix = format_string; std::smatch matched; // "step" is the last specifier's position + the last specifier's width. It's not the current // position in "format_string" because the length has changed. It is actually the index which // points to the end of the last specifier in formatted string (generated in the future). size_t step = 0; while (regex_search(suffix, matched, SpecifierConstants::get().PATTERN)) { // The std::smatch matched for (%([1-9])?f)|(%s): [all, subsecond-specifier, subsecond-specifier // width, second-specifier]. const std::string& width_specifier = matched[2]; const std::string& second_specifier = matched[3]; // In the template string to be used in runtime substitution, the width is the number of // characters to be replaced. const size_t width = width_specifier.empty() ? 9 : width_specifier.at(0) - '0'; ASSERT(!suffix.empty()); // This records matched position, the width of current subsecond pattern, and also the string // segment before the matched position. These values will be used later at data path. specifiers_.emplace_back( second_specifier.empty() ? Specifier(step + matched.position(), width, suffix.substr(0, matched.position())) : Specifier(step + matched.position(), suffix.substr(0, matched.position()))); step = specifiers_.back().position_ + specifiers_.back().width_; suffix = matched.suffix(); } // To capture the segment after the last specifier pattern of a format string by creating a zero // width specifier. E.g. %3f-this-is-the-last-%s-segment-%Y-until-this. if (!suffix.empty()) { Specifier specifier(step, 0, suffix); specifiers_.emplace_back(specifier); } } std::string DateFormatter::fromTimeAndPrepareSpecifierOffsets(time_t time, SpecifierOffsets& specifier_offsets, const std::string& seconds_str) const { std::string formatted_time; int32_t previous = 0; specifier_offsets.reserve(specifiers_.size()); for (const auto& specifier : specifiers_) { std::string current_format = absl::FormatTime(specifier.segment_, absl::FromTimeT(time), absl::UTCTimeZone()); absl::StrAppend(&formatted_time, current_format, specifier.second_ ? seconds_str : std::string(specifier.width_, '?')); // This computes and saves offset of each specifier's pattern to correct its position after the // previous string segment is formatted. An offset can be a negative value. // // If the current specifier is a second specifier (%s), it needs to be corrected by 2. const int32_t offset = (current_format.length() + (specifier.second_ ? (seconds_str.size() - 2) : 0)) - specifier.segment_.size(); specifier_offsets.emplace_back(previous + offset); previous += offset; } return formatted_time; } std::string DateFormatter::now(TimeSource& time_source) { return fromTime(time_source.systemTime()); } ConstMemoryStreamBuffer::ConstMemoryStreamBuffer(const char* data, size_t size) { // std::streambuf won't modify `data`, but the interface still requires a char* for convenience, // so we need to const_cast. char* ptr = const_cast(data); this->setg(ptr, ptr, ptr + size); } InputConstMemoryStream::InputConstMemoryStream(const char* data, size_t size) : ConstMemoryStreamBuffer{data, size}, std::istream{static_cast(this)} {} bool DateUtil::timePointValid(SystemTime time_point) { return std::chrono::duration_cast(time_point.time_since_epoch()) .count() != 0; } bool DateUtil::timePointValid(MonotonicTime time_point) { return std::chrono::duration_cast(time_point.time_since_epoch()) .count() != 0; } uint64_t DateUtil::nowToMilliseconds(TimeSource& time_source) { const SystemTime& now = time_source.systemTime(); return std::chrono::time_point_cast(now).time_since_epoch().count(); } const char StringUtil::WhitespaceChars[] = " \t\f\v\n\r"; const char* StringUtil::strtoull(const char* str, uint64_t& out, int base) { if (strlen(str) == 0) { return nullptr; } char* end_ptr; errno = 0; out = std::strtoull(str, &end_ptr, base); if (end_ptr == str || (out == ULLONG_MAX && errno == ERANGE)) { return nullptr; } else { return end_ptr; } } bool StringUtil::atoull(const char* str, uint64_t& out, int base) { const char* end_ptr = StringUtil::strtoull(str, out, base); if (end_ptr == nullptr || *end_ptr != '\0') { return false; } else { return true; } } absl::string_view StringUtil::ltrim(absl::string_view source) { const absl::string_view::size_type pos = source.find_first_not_of(WhitespaceChars); if (pos != absl::string_view::npos) { source.remove_prefix(pos); } else { source.remove_prefix(source.size()); } return source; } absl::string_view StringUtil::rtrim(absl::string_view source) { const absl::string_view::size_type pos = source.find_last_not_of(WhitespaceChars); if (pos != absl::string_view::npos) { source.remove_suffix(source.size() - pos - 1); } else { source.remove_suffix(source.size()); } return source; } absl::string_view StringUtil::trim(absl::string_view source) { return ltrim(rtrim(source)); } absl::string_view StringUtil::removeTrailingCharacters(absl::string_view source, char ch) { const absl::string_view::size_type pos = source.find_last_not_of(ch); if (pos != absl::string_view::npos) { source.remove_suffix(source.size() - pos - 1); } else { source.remove_suffix(source.size()); } return source; } bool StringUtil::findToken(absl::string_view source, absl::string_view delimiters, absl::string_view key_token, bool trim_whitespace) { const auto tokens = splitToken(source, delimiters, trim_whitespace); if (trim_whitespace) { for (const auto& token : tokens) { if (key_token == trim(token)) { return true; } } return false; } return std::find(tokens.begin(), tokens.end(), key_token) != tokens.end(); } bool StringUtil::caseFindToken(absl::string_view source, absl::string_view delimiters, absl::string_view key_token, bool trim_whitespace) { const auto tokens = splitToken(source, delimiters, trim_whitespace); std::function predicate; if (trim_whitespace) { predicate = [&](absl::string_view token) { return absl::EqualsIgnoreCase(key_token, trim(token)); }; } else { predicate = [&](absl::string_view token) { return absl::EqualsIgnoreCase(key_token, token); }; } return std::find_if(tokens.begin(), tokens.end(), predicate) != tokens.end(); } absl::string_view StringUtil::cropRight(absl::string_view source, absl::string_view delimiter) { const absl::string_view::size_type pos = source.find(delimiter); if (pos != absl::string_view::npos) { source.remove_suffix(source.size() - pos); } return source; } absl::string_view StringUtil::cropLeft(absl::string_view source, absl::string_view delimiter) { const absl::string_view::size_type pos = source.find(delimiter); if (pos != absl::string_view::npos) { source.remove_prefix(pos + delimiter.size()); } return source; } std::vector StringUtil::splitToken(absl::string_view source, absl::string_view delimiters, bool keep_empty_string, bool trim_whitespace) { std::vector result; if (keep_empty_string) { result = absl::StrSplit(source, absl::ByAnyChar(delimiters)); } else { if (trim_whitespace) { result = absl::StrSplit(source, absl::ByAnyChar(delimiters), absl::SkipWhitespace()); } else { result = absl::StrSplit(source, absl::ByAnyChar(delimiters), absl::SkipEmpty()); } } if (trim_whitespace) { for_each(result.begin(), result.end(), [](auto& v) { v = trim(v); }); } return result; } std::string StringUtil::removeTokens(absl::string_view source, absl::string_view delimiters, const CaseUnorderedSet& tokens_to_remove, absl::string_view joiner) { auto values = Envoy::StringUtil::splitToken(source, delimiters, false, true); auto end = std::remove_if(values.begin(), values.end(), [&](absl::string_view t) { return tokens_to_remove.count(t) != 0; }); return absl::StrJoin(values.begin(), end, joiner); } uint32_t StringUtil::itoa(char* out, size_t buffer_size, uint64_t i) { // The maximum size required for an unsigned 64-bit integer is 21 chars (including null). if (buffer_size < 21) { throw std::invalid_argument("itoa buffer too small"); } char* current = out; do { *current++ = "0123456789"[i % 10]; i /= 10; } while (i > 0); for (uint64_t i = 0, j = current - out - 1; i < j; i++, j--) { char c = out[i]; out[i] = out[j]; out[j] = c; } *current = 0; return static_cast(current - out); } size_t StringUtil::strlcpy(char* dst, const char* src, size_t size) { strncpy(dst, src, size - 1); dst[size - 1] = '\0'; return strlen(src); } std::string StringUtil::subspan(absl::string_view source, size_t start, size_t end) { return std::string(source.data() + start, end - start); } std::string StringUtil::escape(const std::string& source) { std::string ret; // Prevent unnecessary allocation by allocating 2x original size. ret.reserve(source.length() * 2); for (char c : source) { switch (c) { case '\r': ret += "\\r"; break; case '\n': ret += "\\n"; break; case '\t': ret += "\\t"; break; case '"': ret += "\\\""; break; default: ret += c; break; } } return ret; } const std::string& getDefaultDateFormat() { CONSTRUCT_ON_FIRST_USE(std::string, "%Y-%m-%dT%H:%M:%E3SZ"); } std::string AccessLogDateTimeFormatter::fromTime(const SystemTime& system_time) { struct CachedTime { std::chrono::seconds epoch_time_seconds; std::string formatted_time; }; static thread_local CachedTime cached_time; const std::chrono::milliseconds epoch_time_ms = std::chrono::duration_cast(system_time.time_since_epoch()); const std::chrono::seconds epoch_time_seconds = std::chrono::duration_cast(epoch_time_ms); if (cached_time.formatted_time.empty() || cached_time.epoch_time_seconds != epoch_time_seconds) { cached_time.formatted_time = absl::FormatTime( getDefaultDateFormat(), absl::FromChrono(system_time), absl::UTCTimeZone()); cached_time.epoch_time_seconds = epoch_time_seconds; } else { // Overwrite the digits in the ".000Z" at the end of the string with the // millisecond count from the input time. ASSERT(cached_time.formatted_time.length() == 24); size_t offset = cached_time.formatted_time.length() - 4; uint32_t msec = epoch_time_ms.count() % 1000; cached_time.formatted_time[offset++] = ('0' + (msec / 100)); msec %= 100; cached_time.formatted_time[offset++] = ('0' + (msec / 10)); msec %= 10; cached_time.formatted_time[offset++] = ('0' + msec); } return cached_time.formatted_time; } const std::string& StringUtil::nonEmptyStringOrDefault(const std::string& s, const std::string& default_value) { return s.empty() ? default_value : s; } std::string StringUtil::toUpper(absl::string_view s) { std::string upper_s; upper_s.reserve(s.size()); std::transform(s.cbegin(), s.cend(), std::back_inserter(upper_s), absl::ascii_toupper); return upper_s; } bool StringUtil::CaseInsensitiveCompare::operator()(absl::string_view lhs, absl::string_view rhs) const { return absl::EqualsIgnoreCase(lhs, rhs); } uint64_t StringUtil::CaseInsensitiveHash::operator()(absl::string_view key) const { return HashUtil::djb2CaseInsensitiveHash(key); } std::string StringUtil::removeCharacters(const absl::string_view& str, const IntervalSet& remove_characters) { std::string ret; size_t pos = 0; const auto intervals = remove_characters.toVector(); std::vector pieces; pieces.reserve(intervals.size()); for (const auto& [left_bound, right_bound] : intervals) { if (left_bound != pos) { ASSERT(right_bound <= str.size()); pieces.push_back(str.substr(pos, left_bound - pos)); } pos = right_bound; } if (pos != str.size()) { pieces.push_back(str.substr(pos)); } return absl::StrJoin(pieces, ""); } bool Primes::isPrime(uint32_t x) { if (x < 4) { return true; // eliminates special-casing 2. } else if ((x & 1) == 0) { return false; // eliminates even numbers >2. } uint32_t limit = sqrt(x); for (uint32_t factor = 3; factor <= limit; factor += 2) { if ((x % factor) == 0) { return false; } } return true; } uint32_t Primes::findPrimeLargerThan(uint32_t x) { x += (x % 2) + 1; while (!isPrime(x)) { x += 2; } return x; } // https://en.wikipedia.org/wiki/Algorithms_for_calculating_variance#Online_algorithm void WelfordStandardDeviation::update(double new_value) { ++count_; const double delta = new_value - mean_; mean_ += delta / count_; const double delta2 = new_value - mean_; m2_ += delta * delta2; } double WelfordStandardDeviation::computeVariance() const { if (count_ < 2) { return std::nan(""); } return m2_ / (count_ - 1); } double WelfordStandardDeviation::computeStandardDeviation() const { const double variance = computeVariance(); // It seems very difficult for variance to go negative, but from the calculation in update() // above, I can't quite convince myself it's impossible, so put in a guard to be sure. return (std::isnan(variance) || variance < 0) ? std::nan("") : sqrt(variance); } InlineString::InlineString(const char* str, size_t size) : size_(size) { RELEASE_ASSERT(size <= 0xffffffff, "size must fit in 32 bits"); memcpy(data_, str, size); } void ExceptionUtil::throwEnvoyException(const std::string& message) { throw EnvoyException(message); } } // namespace Envoy ================================================ FILE: source/common/common/utility.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/interval_set.h" #include "envoy/common/time.h" #include "common/common/assert.h" #include "common/common/hash.h" #include "common/common/non_copyable.h" #include "absl/strings/string_view.h" namespace Envoy { /** * Retrieve string description of error code * @param int error code * @return const std::string error detail description */ const std::string errorDetails(int error_code); /** * Utility class for formatting dates given an absl::FormatTime style format string. */ class DateFormatter { public: DateFormatter(const std::string& format_string) : raw_format_string_(format_string) { parse(format_string); } /** * @return std::string representing the GMT/UTC time based on the input time. */ std::string fromTime(const SystemTime& time) const; /** * @param time_source time keeping source. * @return std::string representing the GMT/UTC time of a TimeSource based on the format string. */ std::string now(TimeSource& time_source); /** * @return std::string the format string used. */ const std::string& formatString() const { return raw_format_string_; } private: void parse(const std::string& format_string); using SpecifierOffsets = std::vector; std::string fromTimeAndPrepareSpecifierOffsets(time_t time, SpecifierOffsets& specifier_offsets, const std::string& seconds_str) const; // A container to hold a specifiers (%f, %Nf, %s) found in a format string. struct Specifier { // To build a subsecond-specifier. Specifier(const size_t position, const size_t width, const std::string& segment) : position_(position), width_(width), segment_(segment), second_(false) {} // To build a second-specifier (%s), the number of characters to be replaced is always 2. Specifier(const size_t position, const std::string& segment) : position_(position), width_(2), segment_(segment), second_(true) {} // The position/index of a specifier in a format string. const size_t position_; // The width of a specifier, e.g. given %3f, the width is 3. If %f is set as the // specifier, the width value should be 9 (the number of nanosecond digits). const size_t width_; // The string before the current specifier's position and after the previous found specifier. A // segment may include absl::FormatTime accepted specifiers. E.g. given // "%3f-this-i%s-a-segment-%4f", the current specifier is "%4f" and the segment is // "-this-i%s-a-segment-". const std::string segment_; // As an indication that this specifier is a %s (expect to be replaced by seconds since the // epoch). const bool second_; }; // This holds all specifiers found in a given format string. std::vector specifiers_; // This is the format string as supplied in configuration, e.g. "foo %3f bar". const std::string raw_format_string_; }; /** * Utility class for access log date/time format with milliseconds support. */ class AccessLogDateTimeFormatter { public: static std::string fromTime(const SystemTime& time); }; /** * Real-world time implementation of TimeSource. */ class RealTimeSource : public TimeSource { public: // TimeSource SystemTime systemTime() override { return std::chrono::system_clock::now(); } MonotonicTime monotonicTime() override { return std::chrono::steady_clock::now(); } }; /** * Class used for creating non-copying std::istream's. See InputConstMemoryStream below. */ class ConstMemoryStreamBuffer : public std::streambuf { public: ConstMemoryStreamBuffer(const char* data, size_t size); }; /** * std::istream class similar to std::istringstream, except that it provides a view into a region of * constant memory. It can be more efficient than std::istringstream because it doesn't copy the * provided string. * * See https://stackoverflow.com/a/13059195/4447365. */ class InputConstMemoryStream : public virtual ConstMemoryStreamBuffer, public std::istream { public: InputConstMemoryStream(const char* data, size_t size); }; /** * Utility class for date/time helpers. */ class DateUtil { public: /** * @return whether a time_point contains a valid, not default constructed time. */ static bool timePointValid(SystemTime time_point); /** * @return whether a time_point contains a valid, not default constructed time. */ static bool timePointValid(MonotonicTime time_point); /** * @param time_source time keeping source. * @return uint64_t the number of milliseconds since the epoch. */ static uint64_t nowToMilliseconds(TimeSource& time_source); }; /** * Utility routines for working with strings. */ class StringUtil { public: /** * Callable struct that returns the result of string comparison ignoring case. * @param lhs supplies the first string view. * @param rhs supplies the second string view. * @return true if strings are semantically the same and false otherwise. */ struct CaseInsensitiveCompare { // Enable heterogeneous lookup (https://abseil.io/tips/144) using is_transparent = void; // NOLINT(readability-identifier-naming) bool operator()(absl::string_view lhs, absl::string_view rhs) const; }; /** * Callable struct that returns the hash representation of a case-insensitive string_view input. * @param key supplies the string view. * @return uint64_t hash representation of the supplied string view. */ struct CaseInsensitiveHash { // Enable heterogeneous lookup (https://abseil.io/tips/144) using is_transparent = void; // NOLINT(readability-identifier-naming) uint64_t operator()(absl::string_view key) const; }; /** * Definition of unordered set of case-insensitive std::string. */ using CaseUnorderedSet = absl::flat_hash_set; static const char WhitespaceChars[]; /** * Convert a string to an unsigned long, checking for error. * @return pointer to the remainder of 'str' if successful, nullptr otherwise. */ static const char* strtoull(const char* str, uint64_t& out, int base = 10); /** * Convert a string to an unsigned long, checking for error. * * Consider absl::SimpleAtoi instead if using base 10. * * @param return true if successful, false otherwise. */ static bool atoull(const char* str, uint64_t& out, int base = 10); /** * Convert an unsigned integer to a base 10 string as fast as possible. * @param out supplies the string to fill. * @param out_len supplies the length of the output buffer. Must be >= MIN_ITOA_OUT_LEN. * @param i supplies the number to convert. * @return the size of the string, not including the null termination. */ static constexpr size_t MIN_ITOA_OUT_LEN = 21; static uint32_t itoa(char* out, size_t out_len, uint64_t i); /** * Trim leading whitespace from a string view. * @param source supplies the string view to be trimmed. * @return trimmed string view. */ static absl::string_view ltrim(absl::string_view source); /** * Trim trailing whitespaces from a string view. * @param source supplies the string view to be trimmed. * @return trimmed string view. */ static absl::string_view rtrim(absl::string_view source); /** * Trim leading and trailing whitespaces from a string view. * @param source supplies the string view to be trimmed. * @return trimmed string view. */ static absl::string_view trim(absl::string_view source); /** * Removes any specific trailing characters from the end of a string_view. * * @param source the string_view. * @param ch the character to strip from the end of the string_view. * @return a view of the string with the end characters removed. */ static absl::string_view removeTrailingCharacters(absl::string_view source, char ch); /** * Look up for an exactly token in a delimiter-separated string view. * @param source supplies the delimiter-separated string view. * @param multi-delimiter supplies chars used to split the delimiter-separated string view. * @param token supplies the lookup string view. * @param trim_whitespace remove leading and trailing whitespaces from each of the split * string views; default = true. * @return true if found and false otherwise. * * E.g., * * findToken("A=5; b", "=;", "5") . true * findToken("A=5; b", "=;", "A=5") . false * findToken("A=5; b", "=;", "A") . true * findToken("A=5; b", "=;", "b") . true * findToken("A=5", ".", "A=5") . true */ static bool findToken(absl::string_view source, absl::string_view delimiters, absl::string_view token, bool trim_whitespace = true); /** * Look up for a token in a delimiter-separated string view ignoring case * sensitivity. * @param source supplies the delimiter-separated string view. * @param multi-delimiter supplies chars used to split the delimiter-separated string view. * @param token supplies the lookup string view. * @param trim_whitespace remove leading and trailing whitespaces from each of the split * string views; default = true. * @return true if found a string that is semantically the same and false otherwise. * * E.g., * * findToken("hello; world", ";", "HELLO") . true */ static bool caseFindToken(absl::string_view source, absl::string_view delimiters, absl::string_view key_token, bool trim_whitespace = true); /** * Crop characters from a string view starting at the first character of the matched * delimiter string view until the end of the source string view. * @param source supplies the string view to be processed. * @param delimiter supplies the string view that delimits the starting point for deletion. * @return sub-string of the string view if any. * * E.g., * * cropRight("foo ; ; ; ; ; ; ", ";") == "foo " */ static absl::string_view cropRight(absl::string_view source, absl::string_view delimiters); /** * Crop characters from a string view starting at the first character of the matched * delimiter string view until the beginning of the source string view. * @param source supplies the string view to be processed. * @param delimiter supplies the string view that delimits the starting point for deletion. * @return sub-string of the string view if any. * * E.g., * * cropLeft("foo ; ; ; ; ; ", ";") == " ; ; ; ; " */ static absl::string_view cropLeft(absl::string_view source, absl::string_view delimiters); /** * Split a delimiter-separated string view. * @param source supplies the delimiter-separated string view. * @param multi-delimiter supplies chars used to split the delimiter-separated string view. * @param keep_empty_string result contains empty strings if the string starts or ends with * 'split', or if instances of 'split' are adjacent; default = false. * @param trim_whitespace remove leading and trailing whitespaces from each of the split * string views; default = false. * @return vector containing views of the split strings */ static std::vector splitToken(absl::string_view source, absl::string_view delimiters, bool keep_empty_string = false, bool trim_whitespace = false); /** * Remove tokens from a delimiter-separated string view. The tokens are trimmed before * they are compared ignoring case with the elements of 'tokens_to_remove'. The output is * built from the trimmed tokens preserving case. * @param source supplies the delimiter-separated string view. * @param multi-delimiters supplies chars used to split the delimiter-separated string view. * @param tokens_to_remove supplies a set of tokens which should not appear in the result. * @param joiner contains a string used between tokens in the result. * @return string of the remaining joined tokens. */ static std::string removeTokens(absl::string_view source, absl::string_view delimiters, const CaseUnorderedSet& tokens_to_remove, absl::string_view joiner); /** * Size-bounded string copying and concatenation */ static size_t strlcpy(char* dst, const char* src, size_t size); /** * Version of substr() that operates on a start and end index instead of a start index and a * length. * @return string substring starting at start, and ending right before end. */ static std::string subspan(absl::string_view source, size_t start, size_t end); /** * Escape strings for logging purposes. Returns a copy of the string with * \n, \r, \t, and " (double quote) escaped. * @param source supplies the string to escape. * @return escaped string. */ static std::string escape(const std::string& source); /** * Provide a default value for a string if empty. * @param s string. * @param default_value replacement for s if empty. * @return s is !s.empty() otherwise default_value. */ static const std::string& nonEmptyStringOrDefault(const std::string& s, const std::string& default_value); /** * Convert a string to upper case. * @param s string. * @return std::string s converted to upper case. */ static std::string toUpper(absl::string_view s); /** * Removes all the character indices from str contained in the interval-set. * @param str the string containing the characters to be removed. * @param remove_characters the set of character-intervals. * @return std::string the string with the desired characters removed. */ static std::string removeCharacters(const absl::string_view& str, const IntervalSet& remove_characters); }; /** * Utilities for finding primes. */ class Primes { public: /** * Determines whether x is prime. */ static bool isPrime(uint32_t x); /** * Finds the next prime number larger than x. */ static uint32_t findPrimeLargerThan(uint32_t x); }; /** * Utilities for working with weighted clusters. */ class WeightedClusterUtil { public: /* * Returns a WeightedClusterEntry from the given weighted clusters based on * the total cluster weight and a random value. * @param weighted_clusters a vector of WeightedClusterEntry instances. * @param total_cluster_weight the total weight of all clusters. * @param random_value the random value. * @param ignore_overflow whether to ignore cluster weight overflows. * @return a WeightedClusterEntry. */ template static const WeightedClusterEntry& pickCluster(const std::vector& weighted_clusters, const uint64_t total_cluster_weight, const uint64_t random_value, const bool ignore_overflow) { uint64_t selected_value = random_value % total_cluster_weight; uint64_t begin = 0; uint64_t end = 0; // Find the right cluster to route to based on the interval in which // the selected value falls. The intervals are determined as // [0, cluster1_weight), [cluster1_weight, cluster1_weight+cluster2_weight),.. for (const WeightedClusterEntry& cluster : weighted_clusters) { end = begin + cluster->clusterWeight(); if (!ignore_overflow) { // end > total_cluster_weight: This case can only occur with Runtimes, // when the user specifies invalid weights such that // sum(weights) > total_cluster_weight. ASSERT(end <= total_cluster_weight); } if (selected_value >= begin && selected_value < end) { return cluster; } begin = end; } NOT_REACHED_GCOVR_EXCL_LINE; } }; /** * Maintains sets of numeric intervals. As new intervals are added, existing ones in the * set are combined so that no overlapping intervals remain in the representation. * * Value can be any type that is comparable with <, ==, and >. */ template class IntervalSetImpl : public IntervalSet { public: // Interval is a pair of Values. using Interval = typename IntervalSet::Interval; void insert(Value left, Value right) override { if (left == right) { return; } ASSERT(left < right); // There 3 cases where we'll decide the [left, right) is disjoint with the // current contents, and just need to insert. But we'll structure the code // to search for where existing interval(s) needs to be merged, and fall back // to the disjoint insertion case. if (!intervals_.empty()) { const auto left_pos = intervals_.lower_bound(Interval(left, left)); if (left_pos != intervals_.end() && (right >= left_pos->first)) { // upper_bound is exclusive, and we want to be inclusive. auto right_pos = intervals_.upper_bound(Interval(right, right)); if (right_pos != intervals_.begin()) { --right_pos; if (right_pos->second >= left) { // Both bounds overlap, with one or more existing intervals. left = std::min(left_pos->first, left); right = std::max(right_pos->second, right); ++right_pos; // erase is non-inclusive on upper bound. intervals_.erase(left_pos, right_pos); } } } } intervals_.insert(Interval(left, right)); } std::vector toVector() const override { return std::vector(intervals_.begin(), intervals_.end()); } void clear() override { intervals_.clear(); } private: struct Compare { bool operator()(const Interval& a, const Interval& b) const { return a.second < b.first; } }; std::set intervals_; // Intervals do not overlap or abut. }; /** * Hashing functor for use with enum class types. * This is needed for GCC 5.X; newer versions of GCC, as well as clang7, provide native hashing * specializations. */ struct EnumClassHash { template std::size_t operator()(T t) const { return std::hash()(static_cast(t)); } }; /** * Computes running standard-deviation using Welford's algorithm: * https://en.wikipedia.org/wiki/Algorithms_for_calculating_variance#Online_algorithm */ class WelfordStandardDeviation { public: /** * Accumulates a new value into the standard deviation. * @param new_value the new value */ void update(double new_value); /** * @return double the computed mean value. */ double mean() const { return mean_; } /** * @return uint64_t the number of times update() was called */ uint64_t count() const { return count_; } /** * @return double the standard deviation. */ double computeStandardDeviation() const; private: double computeVariance() const; uint64_t count_{0}; double mean_{0}; double m2_{0}; }; template struct TrieEntry { Value value_{}; std::array, 256> entries_; }; /** * A trie used for faster lookup with lookup time at most equal to the size of the key. */ template struct TrieLookupTable { /** * Adds an entry to the Trie at the given Key. * @param key the key used to add the entry. * @param value the value to be associated with the key. * @param overwrite_existing will overwrite the value when the value for a given key already * exists. * @return false when a value already exists for the given key. */ bool add(absl::string_view key, Value value, bool overwrite_existing = true) { TrieEntry* current = &root_; for (uint8_t c : key) { if (!current->entries_[c]) { current->entries_[c] = std::make_unique>(); } current = current->entries_[c].get(); } if (current->value_ && !overwrite_existing) { return false; } current->value_ = value; return true; } /** * Finds the entry associated with the key. * @param key the key used to find. * @return the value associated with the key. */ Value find(absl::string_view key) const { const TrieEntry* current = &root_; for (uint8_t c : key) { current = current->entries_[c].get(); if (current == nullptr) { return nullptr; } } return current->value_; } /** * Finds the entry associated with the longest prefix. Complexity is O(min(longest key prefix, key * length)) * @param key the key used to find. * @return the value matching the longest prefix based on the key. */ Value findLongestPrefix(const char* key) const { const TrieEntry* current = &root_; const TrieEntry* result = nullptr; while (uint8_t c = *key) { if (current->value_) { result = current; } // https://github.com/facebook/mcrouter/blob/master/mcrouter/lib/fbi/cpp/Trie-inl.h#L126-L143 current = current->entries_[c].get(); if (current == nullptr) { return result ? result->value_ : nullptr; } key++; } return current ? current->value_ : result->value_; } TrieEntry root_; }; /** * A global utility class to take care of all the exception throwing behaviors in header files. * Its functions simply forward the throwing into .cc file. */ class ExceptionUtil { public: [[noreturn]] static void throwEnvoyException(const std::string& message); }; // Mix-in class for allocating classes with variable-sized inlined storage. // // Use this class by inheriting from it, ensuring that: // - The variable sized array is declared as VarType[] as the last // member variable of the class. // - YourType accurately describes the type that will be stored there, // to enable the compiler to perform correct alignment. No casting // should be needed. // - The class constructor is private, because you need to allocate the // class the placed new operator exposed in the protected section below. // Constructing the class directly will not provide space for the // variable-size data. // - You expose a public factory method that return a placement-new, e.g. // static YourClass* alloc(size_t num_elements, constructor_args...) { // new (num_elements * sizeof(VarType)) YourClass(constructor_args...); // } // // See InlineString below for an example usage. // // // Perf note: The alignment will be correct and safe without further // consideration as long as there are no casts. But for micro-optimization, // consider this case: // struct MyStruct : public InlineStorage { uint64_t a_; uint16_t b_; uint8_t data_[]; }; // When compiled with a typical compiler on a 64-bit machine: // sizeof(MyStruct) == 16, because the compiler will round up from 10 for uint64_t alignment. // So: // calling new (6) MyStruct() causes an allocation of 16+6=22, rounded up to 24 bytes. // But data_ doesn't need 8-byte alignment, so it will wind up adjacent to the uint16_t. // ((char*) my_struct.data) - ((char*) &my_struct) == 10 // If we had instead declared data_[6], then the whole allocation would have fit in 16 bytes. // Instead: // - the starting address of data will not be 8-byte aligned. This is not required // by the C++ standard for a uint8_t, but may be suboptimal on some processors. // - the 6 bytes of data will be at byte offsets 10 to 15, and bytes 16 to 23 will be // unused. This may be surprising to some users, and suboptimal in resource usage. // One possible tweak is to declare data_ as a uint64_t[], or to use an `alignas` // declaration. As always, micro-optimizations should be informed by // microbenchmarks, showing the benefit. class InlineStorage : public NonCopyable { public: // Custom delete operator to keep C++14 from using the global operator delete(void*, size_t), // which would result in the compiler error: // "exception cleanup for this placement new selects non-placement operator delete" static void operator delete(void* address) { ::operator delete(address); } protected: /** * @param object_size the size of the base object; supplied automatically by the compiler. * @param data_size the amount of variable-size storage to be added, in bytes. * @return a variable-size object based on data_size_bytes. */ static void* operator new(size_t object_size, size_t data_size_bytes) { return ::operator new(object_size + data_size_bytes); } }; class InlineString; using InlineStringPtr = std::unique_ptr; // Represents immutable string data, keeping the storage inline with the // object. These cannot be copied or held by value; they must be created // as unique pointers. // // Note: this is not yet proven better (smaller or faster) than std::string for // all applications, but memory-size improvements have been measured for one // application (Stats::SymbolTableImpl). This is presented here to serve as an // example of how to use InlineStorage. class InlineString : public InlineStorage { public: /** * @param str the string_view for which to create an InlineString * @return a unique_ptr to the InlineString containing the bytes of str. */ static InlineStringPtr create(absl::string_view str) { return InlineStringPtr(new (str.size()) InlineString(str.data(), str.size())); } /** * @return a std::string copy of the InlineString. */ std::string toString() const { return std::string(data_, size_); } /** * @return a string_view into the InlineString. */ absl::string_view toStringView() const { return {data_, size_}; } private: // Constructor is declared private so that no one constructs one without the // proper size allocation. to accommodate the variable-size buffer. InlineString(const char* str, size_t size); uint32_t size_; char data_[]; }; } // namespace Envoy ================================================ FILE: source/common/common/win32/thread_impl.cc ================================================ #include #include "common/common/assert.h" #include "common/common/thread_impl.h" namespace Envoy { namespace Thread { ThreadImplWin32::ThreadImplWin32(std::function thread_routine, OptionsOptConstRef options) : thread_routine_(thread_routine) { if (options) { name_ = options->name_; // TODO(jmarantz): set the thread name for task manager, etc, or pull the // auto-generated name from the OS if options is not present. } RELEASE_ASSERT(Logger::Registry::initialized(), ""); thread_handle_ = reinterpret_cast(::_beginthreadex( nullptr, 0, [](void* arg) -> unsigned int { static_cast(arg)->thread_routine_(); return 0; }, this, 0, nullptr)); RELEASE_ASSERT(thread_handle_ != 0, ""); } ThreadImplWin32::~ThreadImplWin32() { ::CloseHandle(thread_handle_); } void ThreadImplWin32::join() { const DWORD rc = ::WaitForSingleObject(thread_handle_, INFINITE); RELEASE_ASSERT(rc == WAIT_OBJECT_0, ""); } ThreadPtr ThreadFactoryImplWin32::createThread(std::function thread_routine, OptionsOptConstRef options) { return std::make_unique(thread_routine, options); } ThreadId ThreadFactoryImplWin32::currentThreadId() { // TODO(mhoran): test this in windows please. return ThreadId(static_cast(::GetCurrentThreadId())); } } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/common/win32/thread_impl.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Thread { /** * Wrapper for a win32 thread. We don't use std::thread because it eats exceptions and leads to * unusable stack traces. */ class ThreadImplWin32 : public Thread { public: ThreadImplWin32(std::function thread_routine, OptionsOptConstRef options); ~ThreadImplWin32(); // Thread::Thread void join() override; std::string name() const override { return name_; } // Needed for WatcherImpl for the QueueUserAPC callback context HANDLE handle() const { return thread_handle_; } private: std::function thread_routine_; HANDLE thread_handle_; std::string name_; }; /** * Implementation of ThreadFactory */ class ThreadFactoryImplWin32 : public ThreadFactory { public: // Thread::ThreadFactory ThreadPtr createThread(std::function thread_routine, OptionsOptConstRef options) override; ThreadId currentThreadId() override; }; } // namespace Thread } // namespace Envoy ================================================ FILE: source/common/config/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "api_type_oracle_lib", srcs = ["api_type_oracle.cc"], hdrs = ["api_type_oracle.h"], deps = [ "//source/common/protobuf", "//source/common/protobuf:type_util_lib", "@com_github_cncf_udpa//udpa/annotations:pkg_cc_proto", ], ) envoy_cc_library( name = "api_version_lib", hdrs = ["api_version.h"], ) envoy_cc_library( name = "config_provider_lib", srcs = ["config_provider_impl.cc"], hdrs = ["config_provider_impl.h"], deps = [ ":utility_lib", "//include/envoy/config:config_provider_interface", "//include/envoy/config:config_provider_manager_interface", "//include/envoy/init:manager_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:config_tracker_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/init:watcher_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "datasource_lib", srcs = ["datasource.cc"], hdrs = ["datasource.h"], deps = [ ":remote_data_fetcher_lib", "//include/envoy/api:api_interface", "//include/envoy/init:manager_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:backoff_lib", "//source/common/common:empty_string", "//source/common/init:target_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "decoded_resource_lib", hdrs = ["decoded_resource_impl.h"], deps = [ "//include/envoy/config:subscription_interface", "//source/common/protobuf:utility_lib", "@com_github_cncf_udpa//udpa/core/v1:pkg_cc_proto", ], ) envoy_cc_library( name = "delta_subscription_state_lib", srcs = ["delta_subscription_state.cc"], hdrs = ["delta_subscription_state.h"], deps = [ ":api_version_lib", ":pausable_ack_queue_lib", ":utility_lib", ":watch_map_lib", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:token_bucket_impl_lib", "//source/common/grpc:common_lib", "//source/common/protobuf", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filesystem_subscription_lib", srcs = ["filesystem_subscription_impl.cc"], hdrs = ["filesystem_subscription_impl.h"], deps = [ ":decoded_resource_lib", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/filesystem:filesystem_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:message_validator_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "grpc_stream_lib", hdrs = ["grpc_stream.h"], deps = [ ":utility_lib", "//include/envoy/config:grpc_mux_interface", "//include/envoy/config:subscription_interface", "//include/envoy/grpc:async_client_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:token_bucket_impl_lib", "//source/common/grpc:async_client_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "grpc_mux_lib", srcs = ["grpc_mux_impl.cc"], hdrs = ["grpc_mux_impl.h"], deps = [ ":api_version_lib", ":decoded_resource_lib", ":grpc_stream_lib", ":utility_lib", "//include/envoy/config:grpc_mux_interface", "//include/envoy/config:subscription_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/memory:utils_lib", "//source/common/protobuf", "@com_google_absl//absl/container:btree", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "grpc_subscription_lib", srcs = ["grpc_subscription_impl.cc"], hdrs = ["grpc_subscription_impl.h"], deps = [ ":grpc_mux_lib", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/grpc:async_client_interface", ], ) envoy_cc_library( name = "new_grpc_mux_lib", srcs = ["new_grpc_mux_impl.cc"], hdrs = ["new_grpc_mux_impl.h"], deps = [ ":delta_subscription_state_lib", ":grpc_stream_lib", ":pausable_ack_queue_lib", ":version_converter_lib", ":watch_map_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/grpc:async_client_interface", "//source/common/memory:utils_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "http_subscription_lib", srcs = ["http_subscription_impl.cc"], hdrs = ["http_subscription_impl.h"], external_deps = [ "http_api_protos", ], deps = [ ":api_version_lib", ":decoded_resource_lib", ":version_converter_lib", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/http:headers_lib", "//source/common/http:rest_api_fetcher_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "metadata_lib", srcs = ["metadata.cc"], hdrs = ["metadata.h"], deps = [ "//include/envoy/config:typed_metadata_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/registry", "//include/envoy/singleton:manager_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/common/shared_pool:shared_pool_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/metadata/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "opaque_resource_decoder_lib", hdrs = ["opaque_resource_decoder_impl.h"], deps = [ "//include/envoy/config:subscription_interface", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "pausable_ack_queue_lib", srcs = ["pausable_ack_queue.cc"], hdrs = ["pausable_ack_queue.h"], deps = [ ":update_ack_lib", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "protobuf_link_hacks", hdrs = ["protobuf_link_hacks.h"], deps = [ "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", "@envoy_api//envoy/service/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", "@envoy_api//envoy/service/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/extension/v3:pkg_cc_proto", "@envoy_api//envoy/service/listener/v3:pkg_cc_proto", "@envoy_api//envoy/service/ratelimit/v2:pkg_cc_proto", "@envoy_api//envoy/service/ratelimit/v3:pkg_cc_proto", "@envoy_api//envoy/service/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/runtime/v3:pkg_cc_proto", "@envoy_api//envoy/service/secret/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "remote_data_fetcher_lib", srcs = ["remote_data_fetcher.cc"], hdrs = ["remote_data_fetcher.h"], deps = [ "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:hex_lib", "//source/common/crypto:utility_lib", "//source/common/http:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "resource_name_lib", hdrs = ["resource_name.h"], deps = [ ":api_type_oracle_lib", "//source/common/common:assert_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "runtime_utility_lib", srcs = ["runtime_utility.cc"], hdrs = ["runtime_utility.h"], deps = ["@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto"], ) envoy_cc_library( name = "subscription_factory_lib", srcs = ["subscription_factory_impl.cc"], hdrs = ["subscription_factory_impl.h"], deps = [ ":filesystem_subscription_lib", ":grpc_subscription_lib", ":http_subscription_lib", ":new_grpc_mux_lib", ":type_to_endpoint_lib", ":udpa_resource_lib", ":utility_lib", "//include/envoy/config:subscription_factory_interface", "//include/envoy/config:subscription_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/http:utility_lib", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "type_to_endpoint_lib", srcs = ["type_to_endpoint.cc"], hdrs = ["type_to_endpoint.h"], deps = [ "//source/common/grpc:common_lib", "//source/common/protobuf", "@envoy_api//envoy/annotations:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "udpa_context_params_lib", srcs = ["udpa_context_params.cc"], hdrs = ["udpa_context_params.h"], deps = [ "//source/common/common:macros", "//source/common/protobuf:utility_lib", "@com_github_cncf_udpa//udpa/core/v1:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "udpa_resource_lib", srcs = ["udpa_resource.cc"], hdrs = ["udpa_resource.h"], deps = [ "//source/common/http:utility_lib", "@com_github_cncf_udpa//udpa/core/v1:pkg_cc_proto", ], ) envoy_cc_library( name = "update_ack_lib", hdrs = ["update_ack.h"], deps = ["@com_google_googleapis//google/rpc:status_cc_proto"], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [ ":api_type_oracle_lib", ":version_converter_lib", "//include/envoy/config:grpc_mux_interface", "//include/envoy/config:subscription_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:hash_lib", "//source/common/common:hex_lib", "//source/common/grpc:common_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/common/singleton:const_singleton", "//source/common/stats:histogram_lib", "//source/common/stats:stats_lib", "//source/common/stats:stats_matcher_lib", "//source/common/stats:tag_producer_lib", "@com_github_cncf_udpa//udpa/type/v1:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "version_converter_lib", srcs = ["version_converter.cc"], hdrs = ["version_converter.h"], deps = [ ":api_type_oracle_lib", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/common/protobuf:visitor_lib", "//source/common/protobuf:well_known_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "watch_map_lib", srcs = ["watch_map.cc"], hdrs = ["watch_map.h"], deps = [ ":decoded_resource_lib", "//include/envoy/config:subscription_interface", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/protobuf", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "subscription_base_interface", hdrs = ["subscription_base.h"], deps = [ ":opaque_resource_decoder_lib", ":resource_name_lib", "//include/envoy/config:subscription_interface", ], ) envoy_cc_library( name = "well_known_names", srcs = ["well_known_names.cc"], hdrs = ["well_known_names.h"], deps = [ "//source/common/common:assert_lib", "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/common/config/README.md ================================================ # xDS xDS stands for [fill in the blank] Discovery Service. It provides dynamic config discovery/updates. tldr: xDS can use the filesystem, REST, or gRPC. gRPC xDS comes in four flavors. However, Envoy code uses all of that via the same Subscription interface. If you are an Envoy developer with your hands on a valid Subscription object, you can mostly forget the filesystem/REST/gRPC distinction, and you can especially forget about the gRPC flavors. All of that is specified in the bootstrap config, which is read and put into action by ClusterManagerImpl. Note that there can be multiple active gRPC subscriptions for a single resource type. This concept is called "resource watches". If one EDS subscription subscribes to X and Y, and another subscribes to Y and Z, the underlying subscription logic will maintain a subscription to the union: X Y and Z. Updates to X will be delivered to the first object, Y to both, Z to the second. This logic is implemented by WatchMap. ### If you are working on Envoy's gRPC xDS client logic itself, read on. When using gRPC, xDS has two pairs of options: aggregated/non-aggregated, and delta/state-of-the-world updates. All four combinations of these are usable. "Aggregated" means that EDS, CDS, etc resources are all carried by the same gRPC stream. For Envoy's implementation of xDS client logic, there is effectively no difference between aggregated xDS and non-aggregated: they both use the same request/response protos. The non-aggregated case is handled by running the aggregated logic, and just happening to only have 1 xDS subscription type to "aggregate", i.e., NewGrpcMuxImpl only has one DeltaSubscriptionState entry in its map. However, to the config server, there is a huge difference: when using ADS (caused by the user providing an ads_config in the bootstrap config), the gRPC client sets its method string to {Delta,Stream}AggregatedResources, as opposed to {Delta,Stream}Clusters, {Delta,Stream}Routes, etc. So, despite using the same request/response protos, and having identical client code, they're actually different gRPC services. Delta vs state-of-the-world is a question of wire format: the protos in question are named [Delta]Discovery{Request,Response}. That is what the GrpcMux interface is useful for: its NewGrpcMuxImpl (TODO may be renamed) implementation works with DeltaDiscovery{Request,Response} and has delta-specific logic; its GrpxMuxImpl implementation (TODO will be merged into NewGrpcMuxImpl) works with Discovery{Request,Response} and has SotW-specific logic. Both the delta and SotW Subscription implementations (TODO will be merged) hold a shared_ptr. The shared_ptr allows for both non- and aggregated: if non-aggregated, you'll be the only holder of that shared_ptr. ![xDS_code_diagram](xDS_code_diagram.png) Note that the orange flow does not necessarily have to happen in response to the blue flow; there can be spontaneous updates. ACKs are not shown in this diagram; they are also carred by the [Delta]DiscoveryRequest protos. What does GrpcXdsContext even do in this diagram? Just own things and pass through function calls? Answer: it sequences the requests and ACKs that the various type_urls send. ================================================ FILE: source/common/config/api_type_oracle.cc ================================================ #include "common/config/api_type_oracle.h" #include "udpa/annotations/versioning.pb.h" namespace Envoy { namespace Config { const Protobuf::Descriptor* ApiTypeOracle::getEarlierVersionDescriptor(const std::string& message_type) { const auto previous_message_string = getEarlierVersionMessageTypeName(message_type); if (previous_message_string != absl::nullopt) { const Protobuf::Descriptor* earlier_desc = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName( previous_message_string.value()); return earlier_desc; } else { return nullptr; } } const absl::optional ApiTypeOracle::getEarlierVersionMessageTypeName(const std::string& message_type) { // Determine if there is an earlier API version for message_type. const Protobuf::Descriptor* desc = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(std::string{message_type}); if (desc == nullptr) { return absl::nullopt; } if (desc->options().HasExtension(udpa::annotations::versioning)) { return desc->options().GetExtension(udpa::annotations::versioning).previous_message_type(); } return absl::nullopt; } const absl::optional ApiTypeOracle::getEarlierTypeUrl(const std::string& type_url) { const std::string type{TypeUtil::typeUrlToDescriptorFullName(type_url)}; absl::optional old_type = ApiTypeOracle::getEarlierVersionMessageTypeName(type); if (old_type.has_value()) { return TypeUtil::descriptorFullNameToTypeUrl(old_type.value()); } return {}; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/api_type_oracle.h ================================================ #pragma once #include "common/protobuf/protobuf.h" #include "common/protobuf/type_util.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Config { class ApiTypeOracle { public: /** * Based on a given message, determine if there exists an earlier version of * this message. If so, return the descriptor for the earlier * message, to support upgrading via VersionConverter::upgrade(). * * @param message_type protobuf message type * @return const Protobuf::Descriptor* descriptor for earlier message version * corresponding to message, if any, otherwise nullptr. */ static const Protobuf::Descriptor* getEarlierVersionDescriptor(const std::string& message_type); static const absl::optional getEarlierVersionMessageTypeName(const std::string& message_type); static const absl::optional getEarlierTypeUrl(const std::string& type_url); }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/api_version.h ================================================ #pragma once // Use this to force a specific version of a given config proto, preventing API // boosting from modifying it. E.g. API_NO_BOOST(envoy::api::v2::Cluster). #define API_NO_BOOST(x) x namespace Envoy {} ================================================ FILE: source/common/config/config_provider_impl.cc ================================================ #include "common/config/config_provider_impl.h" namespace Envoy { namespace Config { ImmutableConfigProviderBase::ImmutableConfigProviderBase( Server::Configuration::ServerFactoryContext& factory_context, ConfigProviderManagerImplBase& config_provider_manager, ConfigProviderInstanceType instance_type, ApiType api_type) : last_updated_(factory_context.timeSource().systemTime()), config_provider_manager_(config_provider_manager), instance_type_(instance_type), api_type_(api_type) { ASSERT(instance_type_ == ConfigProviderInstanceType::Static || instance_type_ == ConfigProviderInstanceType::Inline); config_provider_manager_.bindImmutableConfigProvider(this); } ImmutableConfigProviderBase::~ImmutableConfigProviderBase() { config_provider_manager_.unbindImmutableConfigProvider(this); } ConfigSubscriptionCommonBase::~ConfigSubscriptionCommonBase() { local_init_target_.ready(); config_provider_manager_.unbindSubscription(manager_identifier_); } void ConfigSubscriptionCommonBase::applyConfigUpdate(const ConfigUpdateCb& update_fn) { tls_->runOnAllThreads([update_fn](ThreadLocal::ThreadLocalObjectSharedPtr previous) -> ThreadLocal::ThreadLocalObjectSharedPtr { auto prev_thread_local_config = std::dynamic_pointer_cast(previous); prev_thread_local_config->config_ = update_fn(prev_thread_local_config->config_); return previous; }); } bool ConfigSubscriptionInstance::checkAndApplyConfigUpdate(const Protobuf::Message& config_proto, const std::string& config_name, const std::string& version_info) { const uint64_t new_hash = MessageUtil::hash(config_proto); if (config_info_) { ASSERT(config_info_.value().last_config_hash_.has_value()); if (config_info_.value().last_config_hash_.value() == new_hash) { return false; } } config_info_ = {new_hash, version_info}; ENVOY_LOG(debug, "{}: loading new configuration: config_name={} hash={}", name_, config_name, new_hash); ConfigProvider::ConfigConstSharedPtr new_config_impl = onConfigProtoUpdate(config_proto); applyConfigUpdate([new_config_impl](ConfigProvider::ConfigConstSharedPtr) -> ConfigProvider::ConfigConstSharedPtr { return new_config_impl; }); return true; } ConfigProviderManagerImplBase::ConfigProviderManagerImplBase(Server::Admin& admin, const std::string& config_name) { config_tracker_entry_ = admin.getConfigTracker().add(config_name, [this] { return dumpConfigs(); }); // ConfigTracker keys must be unique. We are asserting that no one has stolen the key // from us, since the returned entry will be nullptr if the key already exists. RELEASE_ASSERT(config_tracker_entry_, ""); } const ConfigProviderManagerImplBase::ConfigProviderSet& ConfigProviderManagerImplBase::immutableConfigProviders(ConfigProviderInstanceType type) const { static ConfigProviderSet empty_set; ConfigProviderMap::const_iterator it; if ((it = immutable_config_providers_map_.find(type)) == immutable_config_providers_map_.end()) { return empty_set; } return *it->second; } void ConfigProviderManagerImplBase::bindImmutableConfigProvider( ImmutableConfigProviderBase* provider) { ConfigProviderMap::iterator it; if ((it = immutable_config_providers_map_.find(provider->instanceType())) == immutable_config_providers_map_.end()) { immutable_config_providers_map_.insert(std::make_pair( provider->instanceType(), std::make_unique(std::initializer_list({provider})))); } else { it->second->insert(provider); } } void ConfigProviderManagerImplBase::unbindImmutableConfigProvider( ImmutableConfigProviderBase* provider) { auto it = immutable_config_providers_map_.find(provider->instanceType()); ASSERT(it != immutable_config_providers_map_.end()); it->second->erase(provider); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/config_provider_impl.h ================================================ #pragma once #include "envoy/config/config_provider.h" #include "envoy/config/config_provider_manager.h" #include "envoy/init/manager.h" #include "envoy/server/admin.h" #include "envoy/server/config_tracker.h" #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" #include "common/common/thread.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/init/manager_impl.h" #include "common/init/target_impl.h" #include "common/init/watcher_impl.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { // This file provides a set of base classes, (ImmutableConfigProviderBase, // MutableConfigProviderCommonBase, ConfigProviderManagerImplBase, ConfigSubscriptionCommonBase, // ConfigSubscriptionInstance, DeltaConfigSubscriptionInstance), conforming to the // ConfigProvider/ConfigProviderManager interfaces, which in tandem provide a framework for // implementing statically defined (i.e., immutable) and dynamic (mutable via subscriptions) // configuration for Envoy. // // The mutability property applies to the ConfigProvider itself and _not_ the underlying config // proto, which is always immutable. MutableConfigProviderCommonBase objects receive config proto // updates via xDS subscriptions, resulting in new ConfigProvider::Config objects being instantiated // with the corresponding change in behavior corresponding to updated config. ConfigProvider::Config // objects must be latched/associated with the appropriate objects in the connection and request // processing pipeline, such that configuration stays consistent for the lifetime of the connection // and/or stream/request (if required by the configuration being processed). // // Dynamic configuration is distributed via xDS APIs (see // https://github.com/envoyproxy/data-plane-api/blob/master/xds_protocol.rst). The framework exposed // by these classes simplifies creation of client xDS implementations following a shared ownership // model, where according to the config source specification, a config subscription, config protos // received over the subscription and the subsequent config "implementation" (i.e., data structures // and associated business logic) are shared across ConfigProvider objects and Envoy worker threads. // // This approach enables linear memory scalability based primarily on the size of the configuration // set. // // A blueprint to follow for implementing mutable or immutable config providers is as follows: // // For both: // 1) Create a class derived from ConfigProviderManagerImplBase and implement the required // interface. // When implementing createXdsConfigProvider(), it is expected that getSubscription() will // be called to fetch either an existing ConfigSubscriptionCommonBase if the config // source configuration matches, or a newly instantiated subscription otherwise. // // For immutable providers: // 1) Create a class derived from ImmutableConfigProviderBase and implement the required // interface. // // For mutable (xDS) providers: // 1) According to the API type, create a class derived from MutableConfigProviderCommonBase and // implement the required interface. // 2) According to the API type, create a class derived from // ConfigSubscriptionInstance or DeltaConfigSubscriptionInstance; this is the entity responsible // for owning and managing the Envoy::Config::Subscription that provides the // underlying config subscription, and the Config implementation shared by associated providers. // a) For a ConfigProvider::ApiType::Full subscription instance (i.e., a // ConfigSubscriptionInstance child): // - When subscription callbacks (onConfigUpdate, onConfigUpdateFailed) are issued by the // underlying subscription, the corresponding ConfigSubscriptionInstance functions // must be called as well. // - On a successful config update, checkAndApplyConfigUpdate() should be called to instantiate // the new config implementation and propagate it to the shared config providers and all worker // threads. // - On a successful return from checkAndApplyConfigUpdate(), the config proto must be latched // into this class and returned via the getConfigProto() override. // b) For a ConfigProvider::ApiType::Delta subscription instance (i.e., a // DeltaConfigSubscriptionInstance child): // - When subscription callbacks (onConfigUpdate, onConfigUpdateFailed) are issued by the // underlying subscription, the corresponding ConfigSubscriptionInstance functions must be called // as well. // - On a successful config update, applyConfigUpdate() should be called to propagate the // config updates to all bound config providers and worker threads. class ConfigProviderManagerImplBase; /** * Specifies the type of config associated with a ConfigProvider. */ enum class ConfigProviderInstanceType { // Configuration defined as a static resource in the bootstrap config. Static, // Configuration defined inline in a resource that may be specified statically or obtained via // xDS. Inline, // Configuration obtained from an xDS subscription. Xds }; /** * ConfigProvider implementation for immutable configuration. * * TODO(AndresGuedez): support sharing of config protos and config impls, as is * done with the MutableConfigProviderCommonBase. * * This class can not be instantiated directly; instead, it provides the foundation for * immutable config provider implementations which derive from it. */ class ImmutableConfigProviderBase : public ConfigProvider { public: ~ImmutableConfigProviderBase() override; // Envoy::Config::ConfigProvider SystemTime lastUpdated() const override { return last_updated_; } ApiType apiType() const override { return api_type_; } ConfigProviderInstanceType instanceType() const { return instance_type_; } protected: ImmutableConfigProviderBase(Server::Configuration::ServerFactoryContext& factory_context, ConfigProviderManagerImplBase& config_provider_manager, ConfigProviderInstanceType instance_type, ApiType api_type); private: SystemTime last_updated_; ConfigProviderManagerImplBase& config_provider_manager_; ConfigProviderInstanceType instance_type_; ApiType api_type_; }; class MutableConfigProviderCommonBase; /** * Provides common DS API subscription functionality required by the ConfigProvider::ApiType. * * This class can not be instantiated directly; instead, it provides the foundation for * config subscription implementations which derive from it. * * A subscription is intended to be co-owned by config providers with the same config source, it's * designed to be created/destructed on admin thread only. * */ class ConfigSubscriptionCommonBase : protected Logger::Loggable { public: // Callback for updating a Config implementation held in each worker thread, the callback is // called in applyConfigUpdate() with the current version Config, and is expected to return the // new version Config. using ConfigUpdateCb = std::function; struct LastConfigInfo { absl::optional last_config_hash_; std::string last_config_version_; }; virtual ~ConfigSubscriptionCommonBase(); /** * Starts the subscription corresponding to a config source. * A derived class must own the configuration proto specific Envoy::Config::Subscription to be * started. */ virtual void start() PURE; const SystemTime& lastUpdated() const { return last_updated_; } const absl::optional& configInfo() const { return config_info_; } ConfigProvider::ConfigConstSharedPtr getConfig() const { return tls_->getTyped().config_; } /** * Must be called by derived classes when the onConfigUpdate() callback associated with the * underlying subscription is issued. */ void onConfigUpdate() { setLastUpdated(); local_init_target_.ready(); } /** * Must be called by derived classes when the onConfigUpdateFailed() callback associated with the * underlying subscription is issued. */ void onConfigUpdateFailed() { setLastUpdated(); local_init_target_.ready(); } protected: struct ThreadLocalConfig : public ThreadLocal::ThreadLocalObject { explicit ThreadLocalConfig(ConfigProvider::ConfigConstSharedPtr initial_config) : config_(std::move(initial_config)) {} ConfigProvider::ConfigConstSharedPtr config_; }; ConfigSubscriptionCommonBase(const std::string& name, const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager, Server::Configuration::ServerFactoryContext& factory_context) : name_(name), tls_(factory_context.threadLocal().allocateSlot()), local_init_target_( fmt::format("ConfigSubscriptionCommonBase local init target '{}'", name_), [this]() { start(); }), parent_init_target_(fmt::format("ConfigSubscriptionCommonBase init target '{}'", name_), [this]() { local_init_manager_.initialize(local_init_watcher_); }), local_init_watcher_(fmt::format("ConfigSubscriptionCommonBase local watcher '{}'", name_), [this]() { parent_init_target_.ready(); }), local_init_manager_( fmt::format("ConfigSubscriptionCommonBase local init manager '{}'", name_)), manager_identifier_(manager_identifier), config_provider_manager_(config_provider_manager), time_source_(factory_context.timeSource()), last_updated_(factory_context.timeSource().systemTime()) { Envoy::Config::Utility::checkLocalInfo(name, factory_context.localInfo()); local_init_manager_.add(local_init_target_); } /** * Propagates a config update to worker threads. * * @param update_fn the callback to run on each thread, it takes the previous version Config and * returns a updated/new version Config. */ void applyConfigUpdate(const ConfigUpdateCb& update_fn); void setLastUpdated() { last_updated_ = time_source_.systemTime(); } Init::Manager& localInitManager() { return local_init_manager_; } void setLastConfigInfo(absl::optional&& config_info) { config_info_ = std::move(config_info); } const std::string name_; absl::optional config_info_; // This slot holds a Config implementation in each thread, which is intended to be shared between // config providers from the same config source. ThreadLocal::SlotPtr tls_; private: // Local init target which signals first RPC interaction with management server. Init::TargetImpl local_init_target_; // Target added to factory context's initManager. Init::TargetImpl parent_init_target_; // Watcher that marks parent_init_target_ ready when the local init manager is ready. Init::WatcherImpl local_init_watcher_; // Local manager that tracks the subscription initialization, it is also used for sub-resource // initialization if the sub-resource is not initialized. Init::ManagerImpl local_init_manager_; const uint64_t manager_identifier_; ConfigProviderManagerImplBase& config_provider_manager_; TimeSource& time_source_; SystemTime last_updated_; // ConfigSubscriptionCommonBase, MutableConfigProviderCommonBase and // ConfigProviderManagerImplBase are tightly coupled with the current shared ownership model; use // friend classes to explicitly denote the binding between them. // // TODO(AndresGuedez): Investigate whether a shared ownership model avoiding the s and // instead centralizing lifetime management in the ConfigProviderManagerImplBase with explicit // reference counting would be more maintainable. friend class ConfigProviderManagerImplBase; }; using ConfigSubscriptionCommonBaseSharedPtr = std::shared_ptr; /** * Provides common subscription functionality required by ConfigProvider::ApiType::Full DS APIs. * A single Config instance is shared across all providers and all workers associated with this * subscription. */ class ConfigSubscriptionInstance : public ConfigSubscriptionCommonBase { public: ConfigSubscriptionInstance(const std::string& name, const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager, Server::Configuration::ServerFactoryContext& factory_context) : ConfigSubscriptionCommonBase(name, manager_identifier, config_provider_manager, factory_context) {} /** * Must be called by the derived class' constructor. * @param initial_config supplies an initial Envoy::Config::ConfigProvider::Config associated * with the underlying subscription, shared across all providers and workers. */ void initialize(const ConfigProvider::ConfigConstSharedPtr& initial_config) { tls_->set([initial_config](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(initial_config); }); } /** * Determines whether a configuration proto is a new update, and if so, propagates it to all * config providers associated with this subscription. * @param config_proto supplies the newly received config proto. * @param config_name supplies the name associated with the config. * @param version_info supplies the version associated with the config. * @return bool false when the config proto has no delta from the previous config, true * otherwise. */ bool checkAndApplyConfigUpdate(const Protobuf::Message& config_proto, const std::string& config_name, const std::string& version_info); protected: /** * Called when a new config proto is received via an xDS subscription. * On successful validation of the config, must return a shared_ptr to a ConfigProvider::Config * implementation that will be propagated to all mutable config providers sharing the * subscription. * Note that this function is called _once_ across all shared config providers per xDS * subscription config update. * @param config_proto supplies the configuration proto. * @return ConfigConstSharedPtr the ConfigProvider::Config to share with other providers. */ virtual ConfigProvider::ConfigConstSharedPtr onConfigProtoUpdate(const Protobuf::Message& config_proto) PURE; }; /** * Provides common subscription functionality required by ConfigProvider::ApiType::Delta DS APIs. */ class DeltaConfigSubscriptionInstance : public ConfigSubscriptionCommonBase { protected: using ConfigSubscriptionCommonBase::ConfigSubscriptionCommonBase; /** * Must be called by the derived class' constructor. * @param init_cb supplies an initial Envoy::Config::ConfigProvider::Config associated with the * underlying subscription for each worker thread. */ void initialize(const std::function& init_cb) { tls_->set([init_cb](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(init_cb()); }); } }; /** * Provides generic functionality required by the ConfigProvider::ApiType specific dynamic config * providers. * * This class can not be instantiated directly; instead, it provides the foundation for * dynamic config provider implementations which derive from it. */ class MutableConfigProviderCommonBase : public ConfigProvider { public: // Envoy::Config::ConfigProvider SystemTime lastUpdated() const override { return subscription_->lastUpdated(); } ApiType apiType() const override { return api_type_; } protected: MutableConfigProviderCommonBase(ConfigSubscriptionCommonBaseSharedPtr&& subscription, ApiType api_type) : subscription_(subscription), api_type_(api_type) {} // Envoy::Config::ConfigProvider ConfigConstSharedPtr getConfig() const override { return subscription_->getConfig(); } ConfigSubscriptionCommonBaseSharedPtr subscription_; private: ApiType api_type_; }; /** * Provides generic functionality required by all config provider managers, such as managing * shared lifetime of subscriptions and dynamic config providers, along with determining which * subscriptions should be associated with newly instantiated providers. * * The implementation of this class is not thread safe. Note that ImmutableConfigProviderBase * and ConfigSubscriptionCommonBase call the corresponding {bind,unbind}* functions exposed * by this class. * * All config processing is done on the main thread, so instantiation of *ConfigProvider* objects * via createStaticConfigProvider() and createXdsConfigProvider() is naturally thread safe. Care * must be taken with regards to destruction of these objects, since it must also happen on the * main thread _prior_ to destruction of the ConfigProviderManagerImplBase object from which they * were created. * * This class can not be instantiated directly; instead, it provides the foundation for * dynamic config provider implementations which derive from it. */ class ConfigProviderManagerImplBase : public ConfigProviderManager, public Singleton::Instance { public: /** * This is invoked by the /config_dump admin handler. * @return ProtobufTypes::MessagePtr the config dump proto corresponding to the associated * config providers. */ virtual ProtobufTypes::MessagePtr dumpConfigs() const PURE; protected: // Ordered set for deterministic config dump output. using ConfigProviderSet = std::set; using ConfigProviderMap = absl::node_hash_map, EnumClassHash>; using ConfigSubscriptionMap = absl::node_hash_map>; ConfigProviderManagerImplBase(Server::Admin& admin, const std::string& config_name); const ConfigSubscriptionMap& configSubscriptions() const { return config_subscriptions_; } /** * Returns the set of bound ImmutableConfigProviderBase-derived providers of a given type. * @param type supplies the type of config providers to return. * @return const ConfigProviderSet* the set of config providers corresponding to the type. */ const ConfigProviderSet& immutableConfigProviders(ConfigProviderInstanceType type) const; /** * Returns the subscription associated with the config_source_proto; if none exists, a new one * is allocated according to the subscription_factory_fn. * @param config_source_proto supplies the proto specifying the config subscription parameters. * @param init_manager supplies the init manager. * @param subscription_factory_fn supplies a function to be called when a new subscription needs * to be allocated. * @return std::shared_ptr an existing (if a match is found) or newly allocated subscription. */ template std::shared_ptr getSubscription(const Protobuf::Message& config_source_proto, Init::Manager& init_manager, const std::function& subscription_factory_fn) { static_assert(std::is_base_of::value, "T must be a subclass of ConfigSubscriptionCommonBase"); ConfigSubscriptionCommonBaseSharedPtr subscription; const uint64_t manager_identifier = MessageUtil::hash(config_source_proto); auto it = config_subscriptions_.find(manager_identifier); if (it == config_subscriptions_.end()) { // std::make_shared does not work for classes with private constructors. There are ways // around it. However, since this is not a performance critical path we err on the side // of simplicity. subscription = subscription_factory_fn(manager_identifier, *this); init_manager.add(subscription->parent_init_target_); bindSubscription(manager_identifier, subscription); } else { // Because the ConfigProviderManagerImplBase's weak_ptrs only get cleaned up // in the ConfigSubscriptionCommonBase destructor, and the single threaded nature // of this code, locking the weak_ptr will not fail. subscription = it->second.lock(); } ASSERT(subscription); return std::static_pointer_cast(subscription); } private: void bindSubscription(const uint64_t manager_identifier, ConfigSubscriptionCommonBaseSharedPtr& subscription) { config_subscriptions_.insert({manager_identifier, subscription}); } void unbindSubscription(const uint64_t manager_identifier) { config_subscriptions_.erase(manager_identifier); } void bindImmutableConfigProvider(ImmutableConfigProviderBase* provider); void unbindImmutableConfigProvider(ImmutableConfigProviderBase* provider); // TODO(jsedgwick) These two members are prime candidates for the owned-entry list/map // as in ConfigTracker. I.e. the ProviderImpls would have an EntryOwner for these lists // Then the lifetime management stuff is centralized and opaque. ConfigSubscriptionMap config_subscriptions_; ConfigProviderMap immutable_config_providers_map_; Server::ConfigTracker::EntryOwnerPtr config_tracker_entry_; // See comment for friend classes in the ConfigSubscriptionCommonBase for more details on // the use of friends. friend class ConfigSubscriptionCommonBase; friend class ImmutableConfigProviderBase; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/datasource.cc ================================================ #include "common/config/datasource.h" #include "envoy/config/core/v3/base.pb.h" #include "fmt/format.h" namespace Envoy { namespace Config { namespace DataSource { // Parameters of the jittered backoff strategy. static constexpr uint32_t RetryInitialDelayMilliseconds = 1000; static constexpr uint32_t RetryMaxDelayMilliseconds = 10 * 1000; static constexpr uint32_t RetryCount = 1; std::string read(const envoy::config::core::v3::DataSource& source, bool allow_empty, Api::Api& api) { switch (source.specifier_case()) { case envoy::config::core::v3::DataSource::SpecifierCase::kFilename: return api.fileSystem().fileReadToEnd(source.filename()); case envoy::config::core::v3::DataSource::SpecifierCase::kInlineBytes: return source.inline_bytes(); case envoy::config::core::v3::DataSource::SpecifierCase::kInlineString: return source.inline_string(); default: if (!allow_empty) { throw EnvoyException( fmt::format("Unexpected DataSource::specifier_case(): {}", source.specifier_case())); } return ""; } } absl::optional getPath(const envoy::config::core::v3::DataSource& source) { return source.specifier_case() == envoy::config::core::v3::DataSource::SpecifierCase::kFilename ? absl::make_optional(source.filename()) : absl::nullopt; } RemoteAsyncDataProvider::RemoteAsyncDataProvider( Upstream::ClusterManager& cm, Init::Manager& manager, const envoy::config::core::v3::RemoteDataSource& source, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, bool allow_empty, AsyncDataSourceCb&& callback) : allow_empty_(allow_empty), callback_(std::move(callback)), fetcher_(std::make_unique(cm, source.http_uri(), source.sha256(), *this)), init_target_("RemoteAsyncDataProvider", [this]() { start(); }), retries_remaining_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(source.retry_policy(), num_retries, RetryCount)) { uint64_t base_interval_ms = RetryInitialDelayMilliseconds; uint64_t max_interval_ms = RetryMaxDelayMilliseconds; if (source.has_retry_policy()) { if (source.retry_policy().has_retry_back_off()) { base_interval_ms = PROTOBUF_GET_MS_REQUIRED(source.retry_policy().retry_back_off(), base_interval); max_interval_ms = PROTOBUF_GET_MS_OR_DEFAULT(source.retry_policy().retry_back_off(), max_interval, base_interval_ms * 10); if (max_interval_ms < base_interval_ms) { throw EnvoyException("max_interval must be greater than or equal to the base_interval"); } } } backoff_strategy_ = std::make_unique(base_interval_ms, max_interval_ms, random); retry_timer_ = dispatcher.createTimer([this]() -> void { start(); }); manager.add(init_target_); } } // namespace DataSource } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/datasource.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/event/deferred_deletable.h" #include "envoy/init/manager.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/backoff_strategy.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/config/remote_data_fetcher.h" #include "common/init/target_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace Config { namespace DataSource { /** * Read contents of the DataSource. * @param source data source. * @param allow_empty return an empty string if no DataSource case is specified. * @param api reference to the Api object * @return std::string with DataSource contents. * @throw EnvoyException if no DataSource case is specified and !allow_empty. */ std::string read(const envoy::config::core::v3::DataSource& source, bool allow_empty, Api::Api& api); /** * @param source data source. * @return absl::optional path to DataSource if a filename, otherwise absl::nullopt. */ absl::optional getPath(const envoy::config::core::v3::DataSource& source); /** * Callback for async data source. */ using AsyncDataSourceCb = std::function; class LocalAsyncDataProvider { public: LocalAsyncDataProvider(Init::Manager& manager, const envoy::config::core::v3::DataSource& source, bool allow_empty, Api::Api& api, AsyncDataSourceCb&& callback) : init_target_("LocalAsyncDataProvider", [this, &source, allow_empty, &api, callback]() { callback(DataSource::read(source, allow_empty, api)); init_target_.ready(); }) { manager.add(init_target_); } ~LocalAsyncDataProvider() { init_target_.ready(); } private: Init::TargetImpl init_target_; }; using LocalAsyncDataProviderPtr = std::unique_ptr; class RemoteAsyncDataProvider : public Event::DeferredDeletable, public Config::DataFetcher::RemoteDataFetcherCallback, public Logger::Loggable { public: RemoteAsyncDataProvider(Upstream::ClusterManager& cm, Init::Manager& manager, const envoy::config::core::v3::RemoteDataSource& source, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, bool allow_empty, AsyncDataSourceCb&& callback); ~RemoteAsyncDataProvider() override { init_target_.ready(); if (retry_timer_) { retry_timer_->disableTimer(); } } // Config::DataFetcher::RemoteDataFetcherCallback void onSuccess(const std::string& data) override { callback_(data); init_target_.ready(); } // Config::DataFetcher::RemoteDataFetcherCallback void onFailure(Config::DataFetcher::FailureReason failure) override { ENVOY_LOG(debug, "Failed to fetch remote data, failure reason: {}", enumToInt(failure)); if (retries_remaining_-- == 0) { ENVOY_LOG(warn, "Retry limit exceeded for fetching data from remote data source."); if (allow_empty_) { callback_(EMPTY_STRING); } // We need to allow server startup to continue. init_target_.ready(); return; } const auto retry_ms = std::chrono::milliseconds(backoff_strategy_->nextBackOffMs()); ENVOY_LOG(debug, "Remote data provider will retry in {} ms.", retry_ms.count()); retry_timer_->enableTimer(retry_ms); } private: void start() { fetcher_->fetch(); } bool allow_empty_; AsyncDataSourceCb callback_; const Config::DataFetcher::RemoteDataFetcherPtr fetcher_; Init::TargetImpl init_target_; Event::TimerPtr retry_timer_; BackOffStrategyPtr backoff_strategy_; uint32_t retries_remaining_; }; using RemoteAsyncDataProviderPtr = std::unique_ptr; } // namespace DataSource } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/decoded_resource_impl.h ================================================ #pragma once #include "envoy/config/subscription.h" #include "common/protobuf/utility.h" #include "udpa/core/v1/collection_entry.pb.h" namespace Envoy { namespace Config { namespace { std::vector repeatedPtrFieldToVector(const Protobuf::RepeatedPtrField& xs) { std::vector ys; std::copy(xs.begin(), xs.end(), std::back_inserter(ys)); return ys; } } // namespace class DecodedResourceImpl : public DecodedResource { public: DecodedResourceImpl(OpaqueResourceDecoder& resource_decoder, const ProtobufWkt::Any& resource, const std::string& version) : DecodedResourceImpl(resource_decoder, {}, Protobuf::RepeatedPtrField(), resource, true, version) {} DecodedResourceImpl(OpaqueResourceDecoder& resource_decoder, const envoy::service::discovery::v3::Resource& resource) : DecodedResourceImpl(resource_decoder, resource.name(), resource.aliases(), resource.resource(), resource.has_resource(), resource.version()) {} DecodedResourceImpl(OpaqueResourceDecoder& resource_decoder, const udpa::core::v1::CollectionEntry::InlineEntry& inline_entry) : DecodedResourceImpl(resource_decoder, inline_entry.name(), Protobuf::RepeatedPtrField(), inline_entry.resource(), true, inline_entry.version()) {} DecodedResourceImpl(ProtobufTypes::MessagePtr resource, const std::string& name, const std::vector& aliases, const std::string& version) : resource_(std::move(resource)), has_resource_(true), name_(name), aliases_(aliases), version_(version) {} // Config::DecodedResource const std::string& name() const override { return name_; } const std::vector& aliases() const override { return aliases_; } const std::string& version() const override { return version_; }; const Protobuf::Message& resource() const override { return *resource_; }; bool hasResource() const override { return has_resource_; } private: DecodedResourceImpl(OpaqueResourceDecoder& resource_decoder, absl::optional name, const Protobuf::RepeatedPtrField& aliases, const ProtobufWkt::Any& resource, bool has_resource, const std::string& version) : resource_(resource_decoder.decodeResource(resource)), has_resource_(has_resource), name_(name ? *name : resource_decoder.resourceName(*resource_)), aliases_(repeatedPtrFieldToVector(aliases)), version_(version) {} const ProtobufTypes::MessagePtr resource_; const bool has_resource_; const std::string name_; const std::vector aliases_; const std::string version_; }; using DecodedResourceImplPtr = std::unique_ptr; struct DecodedResourcesWrapper { DecodedResourcesWrapper() = default; DecodedResourcesWrapper(OpaqueResourceDecoder& resource_decoder, const Protobuf::RepeatedPtrField& resources, const std::string& version) { for (const auto& resource : resources) { pushBack(std::make_unique(resource_decoder, resource, version)); } } void pushBack(Config::DecodedResourcePtr&& resource) { owned_resources_.push_back(std::move(resource)); refvec_.emplace_back(*owned_resources_.back()); } std::vector owned_resources_; std::vector refvec_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/delta_subscription_state.cc ================================================ #include "common/config/delta_subscription_state.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/hash.h" #include "common/config/utility.h" namespace Envoy { namespace Config { DeltaSubscriptionState::DeltaSubscriptionState(std::string type_url, UntypedConfigUpdateCallbacks& watch_map, const LocalInfo::LocalInfo& local_info) : type_url_(std::move(type_url)), watch_map_(watch_map), local_info_(local_info) {} void DeltaSubscriptionState::updateSubscriptionInterest(const std::set& cur_added, const std::set& cur_removed) { for (const auto& a : cur_added) { setResourceWaitingForServer(a); // If interest in a resource is removed-then-added (all before a discovery request // can be sent), we must treat it as a "new" addition: our user may have forgotten its // copy of the resource after instructing us to remove it, and need to be reminded of it. names_removed_.erase(a); names_added_.insert(a); } for (const auto& r : cur_removed) { setLostInterestInResource(r); // Ideally, when interest in a resource is added-then-removed in between requests, // we would avoid putting a superfluous "unsubscribe [resource that was never subscribed]" // in the request. However, the removed-then-added case *does* need to go in the request, // and due to how we accomplish that, it's difficult to distinguish remove-add-remove from // add-remove (because "remove-add" has to be treated as equivalent to just "add"). names_added_.erase(r); names_removed_.insert(r); } } // Not having sent any requests yet counts as an "update pending" since you're supposed to resend // the entirety of your interest at the start of a stream, even if nothing has changed. bool DeltaSubscriptionState::subscriptionUpdatePending() const { return !names_added_.empty() || !names_removed_.empty() || !any_request_sent_yet_in_current_stream_; } UpdateAck DeltaSubscriptionState::handleResponse( const envoy::service::discovery::v3::DeltaDiscoveryResponse& message) { // We *always* copy the response's nonce into the next request, even if we're going to make that // request a NACK by setting error_detail. UpdateAck ack(message.nonce(), type_url_); try { handleGoodResponse(message); } catch (const EnvoyException& e) { handleBadResponse(e, ack); } return ack; } void DeltaSubscriptionState::handleGoodResponse( const envoy::service::discovery::v3::DeltaDiscoveryResponse& message) { absl::flat_hash_set names_added_removed; for (const auto& resource : message.resources()) { if (!names_added_removed.insert(resource.name()).second) { throw EnvoyException( fmt::format("duplicate name {} found among added/updated resources", resource.name())); } // DeltaDiscoveryResponses for unresolved aliases don't contain an actual resource if (!resource.has_resource() && resource.aliases_size() > 0) { continue; } if (message.type_url() != resource.resource().type_url()) { throw EnvoyException(fmt::format("type URL {} embedded in an individual Any does not match " "the message-wide type URL {} in DeltaDiscoveryResponse {}", resource.resource().type_url(), message.type_url(), message.DebugString())); } } for (const auto& name : message.removed_resources()) { if (!names_added_removed.insert(name).second) { throw EnvoyException( fmt::format("duplicate name {} found in the union of added+removed resources", name)); } } watch_map_.onConfigUpdate(message.resources(), message.removed_resources(), message.system_version_info()); for (const auto& resource : message.resources()) { setResourceVersion(resource.name(), resource.version()); } // If a resource is gone, there is no longer a meaningful version for it that makes sense to // provide to the server upon stream reconnect: either it will continue to not exist, in which // case saying nothing is fine, or the server will bring back something new, which we should // receive regardless (which is the logic that not specifying a version will get you). // // So, leave the version map entry present but blank. It will be left out of // initial_resource_versions messages, but will remind us to explicitly tell the server "I'm // cancelling my subscription" when we lose interest. for (const auto& resource_name : message.removed_resources()) { if (resource_names_.find(resource_name) != resource_names_.end()) { setResourceWaitingForServer(resource_name); } } ENVOY_LOG(debug, "Delta config for {} accepted with {} resources added, {} removed", type_url_, message.resources().size(), message.removed_resources().size()); } void DeltaSubscriptionState::handleBadResponse(const EnvoyException& e, UpdateAck& ack) { // Note that error_detail being set is what indicates that a DeltaDiscoveryRequest is a NACK. ack.error_detail_.set_code(Grpc::Status::WellKnownGrpcStatus::Internal); ack.error_detail_.set_message(Config::Utility::truncateGrpcStatusMessage(e.what())); ENVOY_LOG(warn, "delta config for {} rejected: {}", type_url_, e.what()); watch_map_.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, &e); } void DeltaSubscriptionState::handleEstablishmentFailure() { watch_map_.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, nullptr); } envoy::service::discovery::v3::DeltaDiscoveryRequest DeltaSubscriptionState::getNextRequestAckless() { envoy::service::discovery::v3::DeltaDiscoveryRequest request; if (!any_request_sent_yet_in_current_stream_) { any_request_sent_yet_in_current_stream_ = true; // initial_resource_versions "must be populated for first request in a stream". // Also, since this might be a new server, we must explicitly state *all* of our subscription // interest. for (auto const& [resource_name, resource_version] : resource_versions_) { // Populate initial_resource_versions with the resource versions we currently have. // Resources we are interested in, but are still waiting to get any version of from the // server, do not belong in initial_resource_versions. (But do belong in new subscriptions!) if (!resource_version.waitingForServer()) { (*request.mutable_initial_resource_versions())[resource_name] = resource_version.version(); } // As mentioned above, fill resource_names_subscribe with everything, including names we // have yet to receive any resource for. names_added_.insert(resource_name); } names_removed_.clear(); } std::copy(names_added_.begin(), names_added_.end(), Protobuf::RepeatedFieldBackInserter(request.mutable_resource_names_subscribe())); std::copy(names_removed_.begin(), names_removed_.end(), Protobuf::RepeatedFieldBackInserter(request.mutable_resource_names_unsubscribe())); names_added_.clear(); names_removed_.clear(); request.set_type_url(type_url_); request.mutable_node()->MergeFrom(local_info_.node()); return request; } envoy::service::discovery::v3::DeltaDiscoveryRequest DeltaSubscriptionState::getNextRequestWithAck(const UpdateAck& ack) { envoy::service::discovery::v3::DeltaDiscoveryRequest request = getNextRequestAckless(); request.set_response_nonce(ack.nonce_); if (ack.error_detail_.code() != Grpc::Status::WellKnownGrpcStatus::Ok) { // Don't needlessly make the field present-but-empty if status is ok. request.mutable_error_detail()->CopyFrom(ack.error_detail_); } return request; } void DeltaSubscriptionState::setResourceVersion(const std::string& resource_name, const std::string& resource_version) { resource_versions_[resource_name] = ResourceVersion(resource_version); resource_names_.insert(resource_name); } void DeltaSubscriptionState::setResourceWaitingForServer(const std::string& resource_name) { resource_versions_[resource_name] = ResourceVersion(); resource_names_.insert(resource_name); } void DeltaSubscriptionState::setLostInterestInResource(const std::string& resource_name) { resource_versions_.erase(resource_name); resource_names_.erase(resource_name); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/delta_subscription_state.h ================================================ #pragma once #include "envoy/api/v2/discovery.pb.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/grpc/status.h" #include "envoy/local_info/local_info.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/config/api_version.h" #include "common/config/pausable_ack_queue.h" #include "common/config/watch_map.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Config { // Tracks the xDS protocol state of an individual ongoing delta xDS session, i.e. a single type_url. // There can be multiple DeltaSubscriptionStates active. They will always all be // blissfully unaware of each other's existence, even when their messages are // being multiplexed together by ADS. class DeltaSubscriptionState : public Logger::Loggable { public: DeltaSubscriptionState(std::string type_url, UntypedConfigUpdateCallbacks& watch_map, const LocalInfo::LocalInfo& local_info); // Update which resources we're interested in subscribing to. void updateSubscriptionInterest(const std::set& cur_added, const std::set& cur_removed); void addAliasesToResolve(const std::set& aliases); // Whether there was a change in our subscription interest we have yet to inform the server of. bool subscriptionUpdatePending() const; void markStreamFresh() { any_request_sent_yet_in_current_stream_ = false; } UpdateAck handleResponse(const envoy::service::discovery::v3::DeltaDiscoveryResponse& message); void handleEstablishmentFailure(); // Returns the next gRPC request proto to be sent off to the server, based on this object's // understanding of the current protocol state, and new resources that Envoy wants to request. envoy::service::discovery::v3::DeltaDiscoveryRequest getNextRequestAckless(); // The WithAck version first calls the Ack-less version, then adds in the passed-in ack. envoy::service::discovery::v3::DeltaDiscoveryRequest getNextRequestWithAck(const UpdateAck& ack); DeltaSubscriptionState(const DeltaSubscriptionState&) = delete; DeltaSubscriptionState& operator=(const DeltaSubscriptionState&) = delete; private: void handleGoodResponse(const envoy::service::discovery::v3::DeltaDiscoveryResponse& message); void handleBadResponse(const EnvoyException& e, UpdateAck& ack); class ResourceVersion { public: explicit ResourceVersion(absl::string_view version) : version_(version) {} // Builds a ResourceVersion in the waitingForServer state. ResourceVersion() = default; // If true, we currently have no version of this resource - we are waiting for the server to // provide us with one. bool waitingForServer() const { return version_ == absl::nullopt; } // Must not be called if waitingForServer() == true. std::string version() const { ASSERT(version_.has_value()); return version_.value_or(""); } private: absl::optional version_; }; // Use these helpers to ensure resource_versions_ and resource_names_ get updated together. void setResourceVersion(const std::string& resource_name, const std::string& resource_version); void setResourceWaitingForServer(const std::string& resource_name); void setLostInterestInResource(const std::string& resource_name); void populateDiscoveryRequest(envoy::service::discovery::v3::DeltaDiscoveryResponse& request); // A map from resource name to per-resource version. The keys of this map are exactly the resource // names we are currently interested in. Those in the waitingForServer state currently don't have // any version for that resource: we need to inform the server if we lose interest in them, but we // also need to *not* include them in the initial_resource_versions map upon a reconnect. absl::node_hash_map resource_versions_; // The keys of resource_versions_. Only tracked separately because std::map does not provide an // iterator into just its keys, e.g. for use in std::set_difference. std::set resource_names_; const std::string type_url_; UntypedConfigUpdateCallbacks& watch_map_; const LocalInfo::LocalInfo& local_info_; std::chrono::milliseconds init_fetch_timeout_; bool any_request_sent_yet_in_current_stream_{}; // Tracks changes in our subscription interest since the previous DeltaDiscoveryRequest we sent. // TODO: Can't use absl::flat_hash_set due to ordering issues in gTest expectation matching. // Feel free to change to an unordered container once we figure out how to make it work. std::set names_added_; std::set names_removed_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/filesystem_subscription_impl.cc ================================================ #include "common/config/filesystem_subscription_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/config/decoded_resource_impl.h" #include "common/config/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { FilesystemSubscriptionImpl::FilesystemSubscriptionImpl( Event::Dispatcher& dispatcher, absl::string_view path, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : path_(path), watcher_(dispatcher.createFilesystemWatcher()), callbacks_(callbacks), resource_decoder_(resource_decoder), stats_(stats), api_(api), validation_visitor_(validation_visitor) { watcher_->addWatch(path_, Filesystem::Watcher::Events::MovedTo, [this](uint32_t) { if (started_) { refresh(); } }); } // Config::Subscription void FilesystemSubscriptionImpl::start(const std::set&, const bool) { started_ = true; // Attempt to read in case there is a file there already. refresh(); } void FilesystemSubscriptionImpl::updateResourceInterest(const std::set&) { // Bump stats for consistent behavior with other xDS. stats_.update_attempt_.inc(); } void FilesystemSubscriptionImpl::configRejected(const EnvoyException& e, const std::string& message) { ENVOY_LOG(warn, "Filesystem config update rejected: {}", e.what()); ENVOY_LOG(debug, "Failed configuration:\n{}", message); stats_.update_rejected_.inc(); callbacks_.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, &e); } std::string FilesystemSubscriptionImpl::refreshInternal(ProtobufTypes::MessagePtr* config_update) { auto owned_message = std::make_unique(); auto& message = *owned_message; MessageUtil::loadFromFile(path_, message, validation_visitor_, api_); *config_update = std::move(owned_message); const auto decoded_resources = DecodedResourcesWrapper(resource_decoder_, message.resources(), message.version_info()); callbacks_.onConfigUpdate(decoded_resources.refvec_, message.version_info()); return message.version_info(); } void FilesystemSubscriptionImpl::refresh() { ENVOY_LOG(debug, "Filesystem config refresh for {}", path_); stats_.update_attempt_.inc(); ProtobufTypes::MessagePtr config_update; try { const std::string version = refreshInternal(&config_update); stats_.update_time_.set(DateUtil::nowToMilliseconds(api_.timeSource())); stats_.version_.set(HashUtil::xxHash64(version)); stats_.version_text_.set(version); stats_.update_success_.inc(); ENVOY_LOG(debug, "Filesystem config update accepted for {}: {}", path_, config_update->DebugString()); } catch (const ProtobufMessage::UnknownProtoFieldException& e) { configRejected(e, config_update == nullptr ? "" : config_update->DebugString()); } catch (const EnvoyException& e) { if (config_update != nullptr) { configRejected(e, config_update->DebugString()); } else { ENVOY_LOG(warn, "Filesystem config update failure: {}", e.what()); stats_.update_failure_.inc(); // This could happen due to filesystem issues or a bad configuration (e.g. proto validation). // Since the latter is more likely, for now we will treat it as rejection. callbacks_.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, &e); } } } FilesystemCollectionSubscriptionImpl::FilesystemCollectionSubscriptionImpl( Event::Dispatcher& dispatcher, absl::string_view path, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : FilesystemSubscriptionImpl(dispatcher, path, callbacks, resource_decoder, stats, validation_visitor, api) {} std::string FilesystemCollectionSubscriptionImpl::refreshInternal(ProtobufTypes::MessagePtr* config_update) { auto owned_resource_message = std::make_unique(); auto& resource_message = *owned_resource_message; MessageUtil::loadFromFile(path_, resource_message, validation_visitor_, api_); // Dynamically load the collection message. const std::string collection_type = std::string(TypeUtil::typeUrlToDescriptorFullName(resource_message.resource().type_url())); const Protobuf::Descriptor* collection_descriptor = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(collection_type); if (collection_descriptor == nullptr) { throw EnvoyException(fmt::format("Unknown collection type {}", collection_type)); } Protobuf::DynamicMessageFactory dmf; ProtobufTypes::MessagePtr collection_message; collection_message.reset(dmf.GetPrototype(collection_descriptor)->New()); MessageUtil::unpackTo(resource_message.resource(), *collection_message); const auto* collection_entries_field_descriptor = collection_descriptor->field(0); // Verify collection message type structure. if (collection_entries_field_descriptor == nullptr || collection_entries_field_descriptor->type() != Protobuf::FieldDescriptor::TYPE_MESSAGE || collection_entries_field_descriptor->message_type()->full_name() != "udpa.core.v1.CollectionEntry" || !collection_entries_field_descriptor->is_repeated()) { throw EnvoyException(fmt::format("Invalid structure for collection type {} in {}", collection_type, resource_message.DebugString())); } const auto* reflection = collection_message->GetReflection(); const uint32_t num_entries = reflection->FieldSize(*collection_message, collection_entries_field_descriptor); DecodedResourcesWrapper decoded_resources; for (uint32_t i = 0; i < num_entries; ++i) { udpa::core::v1::CollectionEntry collection_entry; collection_entry.MergeFrom(reflection->GetRepeatedMessage( *collection_message, collection_entries_field_descriptor, i)); // TODO(htuch): implement indirect collection entries. if (collection_entry.has_inline_entry()) { decoded_resources.pushBack(std::make_unique( resource_decoder_, collection_entry.inline_entry())); } } *config_update = std::move(owned_resource_message); callbacks_.onConfigUpdate(decoded_resources.refvec_, resource_message.version()); return resource_message.version(); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/filesystem_subscription_impl.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/filesystem.h" #include "envoy/protobuf/message_validator.h" #include "common/common/logger.h" namespace Envoy { namespace Config { /** * Filesystem inotify implementation of the API Subscription interface. This allows the API to be * consumed on filesystem changes to files containing the JSON canonical representation of * lists of xDS resources. */ class FilesystemSubscriptionImpl : public Config::Subscription, protected Logger::Loggable { public: FilesystemSubscriptionImpl(Event::Dispatcher& dispatcher, absl::string_view path, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); // Config::Subscription // We report all discovered resources in the watched file, so the resource names arguments are // unused, and updateResourceInterest is a no-op (other than updating a stat). void start(const std::set&, const bool use_namespace_matching = false) override; void updateResourceInterest(const std::set&) override; void requestOnDemandUpdate(const std::set&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } protected: virtual std::string refreshInternal(ProtobufTypes::MessagePtr* config_update); void refresh(); void configRejected(const EnvoyException& e, const std::string& message); bool started_{}; const std::string path_; std::unique_ptr watcher_; SubscriptionCallbacks& callbacks_; OpaqueResourceDecoder& resource_decoder_; SubscriptionStats stats_; Api::Api& api_; ProtobufMessage::ValidationVisitor& validation_visitor_; }; // Currently a FilesystemSubscriptionImpl subclass, but this will need to change when we support // non-inline collection resources. class FilesystemCollectionSubscriptionImpl : public FilesystemSubscriptionImpl { public: FilesystemCollectionSubscriptionImpl(Event::Dispatcher& dispatcher, absl::string_view path, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); std::string refreshInternal(ProtobufTypes::MessagePtr* config_update) override; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/grpc_mux_impl.cc ================================================ #include "common/config/grpc_mux_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/decoded_resource_impl.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/memory/utils.h" #include "common/protobuf/protobuf.h" #include "absl/container/btree_map.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Config { GrpcMuxImpl::GrpcMuxImpl(const LocalInfo::LocalInfo& local_info, Grpc::RawAsyncClientPtr async_client, Event::Dispatcher& dispatcher, const Protobuf::MethodDescriptor& service_method, envoy::config::core::v3::ApiVersion transport_api_version, Random::RandomGenerator& random, Stats::Scope& scope, const RateLimitSettings& rate_limit_settings, bool skip_subsequent_node) : grpc_stream_(this, std::move(async_client), service_method, random, dispatcher, scope, rate_limit_settings), local_info_(local_info), skip_subsequent_node_(skip_subsequent_node), first_stream_request_(true), transport_api_version_(transport_api_version), enable_type_url_downgrade_and_upgrade_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.enable_type_url_downgrade_and_upgrade")) { Config::Utility::checkLocalInfo("ads", local_info); } void GrpcMuxImpl::start() { grpc_stream_.establishNewStream(); } void GrpcMuxImpl::sendDiscoveryRequest(const std::string& type_url) { ApiState& api_state = api_state_[type_url]; auto& request = api_state.request_; request.mutable_resource_names()->Clear(); // Maintain a set to avoid dupes. absl::node_hash_set resources; for (const auto* watch : api_state.watches_) { for (const std::string& resource : watch->resources_) { if (resources.count(resource) == 0) { resources.emplace(resource); request.add_resource_names(resource); } } } if (skip_subsequent_node_ && !first_stream_request_) { request.clear_node(); } VersionConverter::prepareMessageForGrpcWire(request, transport_api_version_); ENVOY_LOG(trace, "Sending DiscoveryRequest for {}: {}", type_url, request.DebugString()); grpc_stream_.sendMessage(request); first_stream_request_ = false; // clear error_detail after the request is sent if it exists. if (api_state_[type_url].request_.has_error_detail()) { api_state_[type_url].request_.clear_error_detail(); } } GrpcMuxWatchPtr GrpcMuxImpl::addWatch(const std::string& type_url, const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const bool) { auto watch = std::make_unique(resources, callbacks, resource_decoder, type_url, *this); ENVOY_LOG(debug, "gRPC mux addWatch for " + type_url); // Lazily kick off the requests based on first subscription. This has the // convenient side-effect that we order messages on the channel based on // Envoy's internal dependency ordering. // TODO(gsagula): move TokenBucketImpl params to a config. if (!api_state_[type_url].subscribed_) { api_state_[type_url].request_.set_type_url(type_url); api_state_[type_url].request_.mutable_node()->MergeFrom(local_info_.node()); api_state_[type_url].subscribed_ = true; subscriptions_.emplace_back(type_url); if (enable_type_url_downgrade_and_upgrade_) { registerVersionedTypeUrl(type_url); } } // This will send an updated request on each subscription. // TODO(htuch): For RDS/EDS, this will generate a new DiscoveryRequest on each resource we added. // Consider in the future adding some kind of collation/batching during CDS/LDS updates so that we // only send a single RDS/EDS update after the CDS/LDS update. queueDiscoveryRequest(type_url); return watch; } ScopedResume GrpcMuxImpl::pause(const std::string& type_url) { return pause(std::vector{type_url}); } ScopedResume GrpcMuxImpl::pause(const std::vector type_urls) { for (const auto& type_url : type_urls) { ApiState& api_state = api_state_[type_url]; ENVOY_LOG(debug, "Pausing discovery requests for {} (previous count {})", type_url, api_state.pauses_); ++api_state.pauses_; } return std::make_unique([this, type_urls]() { for (const auto& type_url : type_urls) { ApiState& api_state = api_state_[type_url]; ENVOY_LOG(debug, "Resuming discovery requests for {} (previous count {})", type_url, api_state.pauses_); ASSERT(api_state.paused()); if (--api_state.pauses_ == 0 && api_state.pending_ && api_state.subscribed_) { queueDiscoveryRequest(type_url); api_state.pending_ = false; } } }); } void GrpcMuxImpl::registerVersionedTypeUrl(const std::string& type_url) { TypeUrlMap& type_url_map = typeUrlMap(); if (type_url_map.find(type_url) != type_url_map.end()) { return; } // If type_url is v3, earlier_type_url will contain v2 type url. const absl::optional earlier_type_url = ApiTypeOracle::getEarlierTypeUrl(type_url); // Register v2 to v3 and v3 to v2 type_url mapping in the hash map. if (earlier_type_url.has_value()) { type_url_map[earlier_type_url.value()] = type_url; type_url_map[type_url] = earlier_type_url.value(); } } void GrpcMuxImpl::onDiscoveryResponse( std::unique_ptr&& message, ControlPlaneStats& control_plane_stats) { std::string type_url = message->type_url(); ENVOY_LOG(debug, "Received gRPC message for {} at version {}", type_url, message->version_info()); if (message->has_control_plane()) { control_plane_stats.identifier_.set(message->control_plane().identifier()); } // If this type url is not watched(no subscriber or no watcher), try another version of type url. if (enable_type_url_downgrade_and_upgrade_ && api_state_.count(type_url) == 0) { registerVersionedTypeUrl(type_url); TypeUrlMap& type_url_map = typeUrlMap(); if (type_url_map.find(type_url) != type_url_map.end()) { type_url = type_url_map[type_url]; } } if (api_state_.count(type_url) == 0) { // TODO(yuval-k): This should never happen. consider dropping the stream as this is a // protocol violation ENVOY_LOG(warn, "Ignoring the message for type URL {} as it has no current subscribers.", type_url); return; } if (api_state_[type_url].watches_.empty()) { // update the nonce as we are processing this response. api_state_[type_url].request_.set_response_nonce(message->nonce()); if (message->resources().empty()) { // No watches and no resources. This can happen when envoy unregisters from a // resource that's removed from the server as well. For example, a deleted cluster // triggers un-watching the ClusterLoadAssignment watch, and at the same time the // xDS server sends an empty list of ClusterLoadAssignment resources. we'll accept // this update. no need to send a discovery request, as we don't watch for anything. api_state_[type_url].request_.set_version_info(message->version_info()); } else { // No watches and we have resources - this should not happen. send a NACK (by not // updating the version). ENVOY_LOG(warn, "Ignoring unwatched type URL {}", type_url); queueDiscoveryRequest(type_url); } return; } ScopedResume same_type_resume; // We pause updates of the same type. This is necessary for SotW and GrpcMuxImpl, since unlike // delta and NewGRpcMuxImpl, independent watch additions/removals trigger updates regardless of // the delta state. The proper fix for this is to converge these implementations, // see https://github.com/envoyproxy/envoy/issues/11477. same_type_resume = pause(type_url); try { // To avoid O(n^2) explosion (e.g. when we have 1000s of EDS watches), we // build a map here from resource name to resource and then walk watches_. // We have to walk all watches (and need an efficient map as a result) to // ensure we deliver empty config updates when a resource is dropped. We make the map ordered // for test determinism. std::vector resources; absl::btree_map resource_ref_map; std::vector all_resource_refs; OpaqueResourceDecoder& resource_decoder = api_state_[type_url].watches_.front()->resource_decoder_; for (const auto& resource : message->resources()) { if (message->type_url() != resource.type_url()) { throw EnvoyException( fmt::format("{} does not match the message-wide type URL {} in DiscoveryResponse {}", resource.type_url(), message->type_url(), message->DebugString())); } resources.emplace_back( new DecodedResourceImpl(resource_decoder, resource, message->version_info())); all_resource_refs.emplace_back(*resources.back()); resource_ref_map.emplace(resources.back()->name(), *resources.back()); } for (auto watch : api_state_[type_url].watches_) { // onConfigUpdate should be called in all cases for single watch xDS (Cluster and // Listener) even if the message does not have resources so that update_empty stat // is properly incremented and state-of-the-world semantics are maintained. if (watch->resources_.empty()) { watch->callbacks_.onConfigUpdate(all_resource_refs, message->version_info()); continue; } std::vector found_resources; for (const auto& watched_resource_name : watch->resources_) { auto it = resource_ref_map.find(watched_resource_name); if (it != resource_ref_map.end()) { found_resources.emplace_back(it->second); } } // onConfigUpdate should be called only on watches(clusters/routes) that have // updates in the message for EDS/RDS. if (!found_resources.empty()) { watch->callbacks_.onConfigUpdate(found_resources, message->version_info()); } } // TODO(mattklein123): In the future if we start tracking per-resource versions, we // would do that tracking here. api_state_[type_url].request_.set_version_info(message->version_info()); Memory::Utils::tryShrinkHeap(); } catch (const EnvoyException& e) { for (auto watch : api_state_[type_url].watches_) { watch->callbacks_.onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, &e); } ::google::rpc::Status* error_detail = api_state_[type_url].request_.mutable_error_detail(); error_detail->set_code(Grpc::Status::WellKnownGrpcStatus::Internal); error_detail->set_message(Config::Utility::truncateGrpcStatusMessage(e.what())); } api_state_[type_url].request_.set_response_nonce(message->nonce()); ASSERT(api_state_[type_url].paused()); queueDiscoveryRequest(type_url); } void GrpcMuxImpl::onWriteable() { drainRequests(); } void GrpcMuxImpl::onStreamEstablished() { first_stream_request_ = true; grpc_stream_.maybeUpdateQueueSizeStat(0); request_queue_ = std::make_unique>(); for (const auto& type_url : subscriptions_) { queueDiscoveryRequest(type_url); } } void GrpcMuxImpl::onEstablishmentFailure() { for (const auto& api_state : api_state_) { for (auto watch : api_state.second.watches_) { watch->callbacks_.onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, nullptr); } } } void GrpcMuxImpl::queueDiscoveryRequest(const std::string& queue_item) { if (!grpc_stream_.grpcStreamAvailable()) { ENVOY_LOG(debug, "No stream available to queueDiscoveryRequest for {}", queue_item); return; // Drop this request; the reconnect will enqueue a new one. } ApiState& api_state = api_state_[queue_item]; if (api_state.paused()) { ENVOY_LOG(trace, "API {} paused during queueDiscoveryRequest(), setting pending.", queue_item); api_state.pending_ = true; return; // Drop this request; the unpause will enqueue a new one. } request_queue_->push(queue_item); drainRequests(); } void GrpcMuxImpl::drainRequests() { while (!request_queue_->empty() && grpc_stream_.checkRateLimitAllowsDrain()) { // Process the request, if rate limiting is not enabled at all or if it is under rate limit. sendDiscoveryRequest(request_queue_->front()); request_queue_->pop(); } grpc_stream_.maybeUpdateQueueSizeStat(request_queue_->size()); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/grpc_mux_impl.h ================================================ #pragma once #include #include #include #include "envoy/api/v2/discovery.pb.h" #include "envoy/common/random_generator.h" #include "envoy/common/time.h" #include "envoy/config/grpc_mux.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/grpc/status.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/cleanup.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/config/api_version.h" #include "common/config/grpc_stream.h" #include "common/config/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Config { /** * ADS API implementation that fetches via gRPC. */ class GrpcMuxImpl : public GrpcMux, public GrpcStreamCallbacks, public Logger::Loggable { public: GrpcMuxImpl(const LocalInfo::LocalInfo& local_info, Grpc::RawAsyncClientPtr async_client, Event::Dispatcher& dispatcher, const Protobuf::MethodDescriptor& service_method, envoy::config::core::v3::ApiVersion transport_api_version, Random::RandomGenerator& random, Stats::Scope& scope, const RateLimitSettings& rate_limit_settings, bool skip_subsequent_node); ~GrpcMuxImpl() override = default; void start() override; // GrpcMux ScopedResume pause(const std::string& type_url) override; ScopedResume pause(const std::vector type_urls) override; GrpcMuxWatchPtr addWatch(const std::string& type_url, const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const bool use_namespace_matching = false) override; void requestOnDemandUpdate(const std::string&, const std::set&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void handleDiscoveryResponse( std::unique_ptr&& message); // Config::GrpcStreamCallbacks void onStreamEstablished() override; void onEstablishmentFailure() override; void registerVersionedTypeUrl(const std::string& type_url); void onDiscoveryResponse(std::unique_ptr&& message, ControlPlaneStats& control_plane_stats) override; void onWriteable() override; GrpcStream& grpcStreamForTest() { return grpc_stream_; } private: void drainRequests(); void setRetryTimer(); void sendDiscoveryRequest(const std::string& type_url); struct GrpcMuxWatchImpl : public GrpcMuxWatch { GrpcMuxWatchImpl(const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const std::string& type_url, GrpcMuxImpl& parent) : resources_(resources), callbacks_(callbacks), resource_decoder_(resource_decoder), type_url_(type_url), parent_(parent), watches_(parent.api_state_[type_url].watches_) { watches_.emplace(watches_.begin(), this); } ~GrpcMuxWatchImpl() override { watches_.remove(this); if (!resources_.empty()) { parent_.queueDiscoveryRequest(type_url_); } } void update(const std::set& resources) override { watches_.remove(this); if (!resources_.empty()) { parent_.queueDiscoveryRequest(type_url_); } resources_ = resources; // move this watch to the beginning of the list watches_.emplace(watches_.begin(), this); parent_.queueDiscoveryRequest(type_url_); } std::set resources_; SubscriptionCallbacks& callbacks_; OpaqueResourceDecoder& resource_decoder_; const std::string type_url_; GrpcMuxImpl& parent_; private: std::list& watches_; }; // Per muxed API state. struct ApiState { bool paused() const { return pauses_ > 0; } // Watches on the returned resources for the API; std::list watches_; // Current DiscoveryRequest for API. envoy::service::discovery::v3::DiscoveryRequest request_; // Count of unresumed pause() invocations. uint32_t pauses_{}; // Was a DiscoveryRequest elided during a pause? bool pending_{}; // Has this API been tracked in subscriptions_? bool subscribed_{}; }; // Request queue management logic. void queueDiscoveryRequest(const std::string& queue_item); GrpcStream grpc_stream_; const LocalInfo::LocalInfo& local_info_; const bool skip_subsequent_node_; bool first_stream_request_; absl::node_hash_map api_state_; // Envoy's dependency ordering. std::list subscriptions_; // A queue to store requests while rate limited. Note that when requests cannot be sent due to the // gRPC stream being down, this queue does not store them; rather, they are simply dropped. // This string is a type URL. std::unique_ptr> request_queue_; const envoy::config::core::v3::ApiVersion transport_api_version_; bool enable_type_url_downgrade_and_upgrade_; }; using GrpcMuxImplPtr = std::unique_ptr; using GrpcMuxImplSharedPtr = std::shared_ptr; class NullGrpcMuxImpl : public GrpcMux, GrpcStreamCallbacks { public: void start() override {} ScopedResume pause(const std::string&) override { return std::make_unique([] {}); } ScopedResume pause(const std::vector) override { return std::make_unique([] {}); } GrpcMuxWatchPtr addWatch(const std::string&, const std::set&, SubscriptionCallbacks&, OpaqueResourceDecoder&, const bool) override { ExceptionUtil::throwEnvoyException("ADS must be configured to support an ADS config source"); } void requestOnDemandUpdate(const std::string&, const std::set&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void onWriteable() override {} void onStreamEstablished() override {} void onEstablishmentFailure() override {} void onDiscoveryResponse(std::unique_ptr&&, ControlPlaneStats&) override {} }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/grpc_stream.h ================================================ #pragma once #include #include #include "envoy/common/random_generator.h" #include "envoy/config/grpc_mux.h" #include "envoy/grpc/async_client.h" #include "common/common/backoff_strategy.h" #include "common/common/token_bucket_impl.h" #include "common/config/utility.h" #include "common/grpc/typed_async_client.h" namespace Envoy { namespace Config { template using ResponseProtoPtr = std::unique_ptr; // Oversees communication for gRPC xDS implementations (parent to both regular xDS and delta // xDS variants). Reestablishes the gRPC channel when necessary, and provides rate limiting of // requests. template class GrpcStream : public Grpc::AsyncStreamCallbacks, public Logger::Loggable { public: GrpcStream(GrpcStreamCallbacks* callbacks, Grpc::RawAsyncClientPtr async_client, const Protobuf::MethodDescriptor& service_method, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, Stats::Scope& scope, const RateLimitSettings& rate_limit_settings) : callbacks_(callbacks), async_client_(std::move(async_client)), service_method_(service_method), control_plane_stats_(Utility::generateControlPlaneStats(scope)), random_(random), time_source_(dispatcher.timeSource()), rate_limiting_enabled_(rate_limit_settings.enabled_) { retry_timer_ = dispatcher.createTimer([this]() -> void { establishNewStream(); }); if (rate_limiting_enabled_) { // Default Bucket contains 100 tokens maximum and refills at 10 tokens/sec. limit_request_ = std::make_unique( rate_limit_settings.max_tokens_, time_source_, rate_limit_settings.fill_rate_); drain_request_timer_ = dispatcher.createTimer([this]() { if (stream_ != nullptr) { callbacks_->onWriteable(); } }); } // TODO(htuch): Make this configurable. static constexpr uint32_t RetryInitialDelayMs = 500; static constexpr uint32_t RetryMaxDelayMs = 30000; // Do not cross more than 30s backoff_strategy_ = std::make_unique( RetryInitialDelayMs, RetryMaxDelayMs, random_); } void establishNewStream() { ENVOY_LOG(debug, "Establishing new gRPC bidi stream for {}", service_method_.DebugString()); if (stream_ != nullptr) { ENVOY_LOG(warn, "gRPC bidi stream for {} already exists!", service_method_.DebugString()); return; } stream_ = async_client_->start(service_method_, *this, Http::AsyncClient::StreamOptions()); if (stream_ == nullptr) { ENVOY_LOG(warn, "Unable to establish new stream"); callbacks_->onEstablishmentFailure(); setRetryTimer(); return; } control_plane_stats_.connected_state_.set(1); callbacks_->onStreamEstablished(); } bool grpcStreamAvailable() const { return stream_ != nullptr; } void sendMessage(const RequestProto& request) { stream_->sendMessage(request, false); } // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) override { UNREFERENCED_PARAMETER(metadata); } void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) override { UNREFERENCED_PARAMETER(metadata); } void onReceiveMessage(ResponseProtoPtr&& message) override { // Reset here so that it starts with fresh backoff interval on next disconnect. backoff_strategy_->reset(); // Sometimes during hot restarts this stat's value becomes inconsistent and will continue to // have 0 until it is reconnected. Setting here ensures that it is consistent with the state of // management server connection. control_plane_stats_.connected_state_.set(1); callbacks_->onDiscoveryResponse(std::move(message), control_plane_stats_); } void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) override { UNREFERENCED_PARAMETER(metadata); } void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override { ENVOY_LOG(warn, "{} gRPC config stream closed: {}, {}", service_method_.name(), status, message); stream_ = nullptr; control_plane_stats_.connected_state_.set(0); callbacks_->onEstablishmentFailure(); setRetryTimer(); } void maybeUpdateQueueSizeStat(uint64_t size) { // Although request_queue_.push() happens elsewhere, the only time the queue is non-transiently // non-empty is when it remains non-empty after a drain attempt. (The push() doesn't matter // because we always attempt this drain immediately after the push). Basically, a change in // queue length is not "meaningful" until it has persisted until here. We need the // if(>0 || used) to keep this stat from being wrongly marked interesting by a pointless set(0) // and needlessly taking up space. The first time we set(123), used becomes true, and so we will // subsequently always do the set (including set(0)). if (size > 0 || control_plane_stats_.pending_requests_.used()) { control_plane_stats_.pending_requests_.set(size); } } bool checkRateLimitAllowsDrain() { if (!rate_limiting_enabled_ || limit_request_->consume(1, false)) { return true; } ASSERT(drain_request_timer_ != nullptr); control_plane_stats_.rate_limit_enforced_.inc(); // Enable the drain request timer. if (!drain_request_timer_->enabled()) { drain_request_timer_->enableTimer(limit_request_->nextTokenAvailable()); } return false; } private: void setRetryTimer() { retry_timer_->enableTimer(std::chrono::milliseconds(backoff_strategy_->nextBackOffMs())); } GrpcStreamCallbacks* const callbacks_; Grpc::AsyncClient async_client_; Grpc::AsyncStream stream_{}; const Protobuf::MethodDescriptor& service_method_; ControlPlaneStats control_plane_stats_; // Reestablishes the gRPC channel when necessary, with some backoff politeness. Event::TimerPtr retry_timer_; Random::RandomGenerator& random_; TimeSource& time_source_; BackOffStrategyPtr backoff_strategy_; // Prevents the Envoy from making too many requests. TokenBucketPtr limit_request_; const bool rate_limiting_enabled_; Event::TimerPtr drain_request_timer_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/grpc_subscription_impl.cc ================================================ #include "common/config/grpc_subscription_impl.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { GrpcSubscriptionImpl::GrpcSubscriptionImpl( GrpcMuxSharedPtr grpc_mux, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, absl::string_view type_url, Event::Dispatcher& dispatcher, std::chrono::milliseconds init_fetch_timeout, bool is_aggregated) : grpc_mux_(grpc_mux), callbacks_(callbacks), resource_decoder_(resource_decoder), stats_(stats), type_url_(type_url), dispatcher_(dispatcher), init_fetch_timeout_(init_fetch_timeout), is_aggregated_(is_aggregated) {} // Config::Subscription void GrpcSubscriptionImpl::start(const std::set& resources, const bool use_namespace_matching) { if (init_fetch_timeout_.count() > 0) { init_fetch_timeout_timer_ = dispatcher_.createTimer([this]() -> void { callbacks_.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::FetchTimedout, nullptr); }); init_fetch_timeout_timer_->enableTimer(init_fetch_timeout_); } watch_ = grpc_mux_->addWatch(type_url_, resources, *this, resource_decoder_, use_namespace_matching); // The attempt stat here is maintained for the purposes of having consistency between ADS and // gRPC/filesystem/REST Subscriptions. Since ADS is push based and muxed, the notion of an // "attempt" for a given xDS API combined by ADS is not really that meaningful. stats_.update_attempt_.inc(); // ADS initial request batching relies on the users of the GrpcMux *not* calling start on it, // whereas non-ADS xDS users must call it themselves. if (!is_aggregated_) { grpc_mux_->start(); } } void GrpcSubscriptionImpl::updateResourceInterest( const std::set& update_to_these_names) { watch_->update(update_to_these_names); stats_.update_attempt_.inc(); } void GrpcSubscriptionImpl::requestOnDemandUpdate(const std::set& for_update) { grpc_mux_->requestOnDemandUpdate(type_url_, for_update); stats_.update_attempt_.inc(); } // Config::SubscriptionCallbacks void GrpcSubscriptionImpl::onConfigUpdate(const std::vector& resources, const std::string& version_info) { disableInitFetchTimeoutTimer(); // TODO(mattklein123): In the future if we start tracking per-resource versions, we need to // supply those versions to onConfigUpdate() along with the xDS response ("system") // version_info. This way, both types of versions can be tracked and exposed for debugging by // the configuration update targets. callbacks_.onConfigUpdate(resources, version_info); stats_.update_success_.inc(); stats_.update_attempt_.inc(); stats_.update_time_.set(DateUtil::nowToMilliseconds(dispatcher_.timeSource())); stats_.version_.set(HashUtil::xxHash64(version_info)); stats_.version_text_.set(version_info); ENVOY_LOG(debug, "gRPC config for {} accepted with {} resources with version {}", type_url_, resources.size(), version_info); } void GrpcSubscriptionImpl::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) { disableInitFetchTimeoutTimer(); stats_.update_attempt_.inc(); callbacks_.onConfigUpdate(added_resources, removed_resources, system_version_info); stats_.update_success_.inc(); stats_.update_time_.set(DateUtil::nowToMilliseconds(dispatcher_.timeSource())); stats_.version_.set(HashUtil::xxHash64(system_version_info)); stats_.version_text_.set(system_version_info); } void GrpcSubscriptionImpl::onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) { switch (reason) { case Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure: stats_.update_failure_.inc(); ENVOY_LOG(debug, "gRPC update for {} failed", type_url_); break; case Envoy::Config::ConfigUpdateFailureReason::FetchTimedout: stats_.init_fetch_timeout_.inc(); disableInitFetchTimeoutTimer(); ENVOY_LOG(warn, "gRPC config: initial fetch timed out for {}", type_url_); callbacks_.onConfigUpdateFailed(reason, e); break; case Envoy::Config::ConfigUpdateFailureReason::UpdateRejected: // We expect Envoy exception to be thrown when update is rejected. ASSERT(e != nullptr); disableInitFetchTimeoutTimer(); stats_.update_rejected_.inc(); ENVOY_LOG(warn, "gRPC config for {} rejected: {}", type_url_, e->what()); callbacks_.onConfigUpdateFailed(reason, e); break; } stats_.update_attempt_.inc(); } ScopedResume GrpcSubscriptionImpl::pause() { return grpc_mux_->pause(type_url_); } void GrpcSubscriptionImpl::disableInitFetchTimeoutTimer() { if (init_fetch_timeout_timer_) { init_fetch_timeout_timer_->disableTimer(); init_fetch_timeout_timer_.reset(); } } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/grpc_subscription_impl.h ================================================ #pragma once #include #include "envoy/config/grpc_mux.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "common/common/logger.h" namespace Envoy { namespace Config { /** * Adapter from typed Subscription to untyped GrpcMux. Also handles per-xDS API stats/logging. */ class GrpcSubscriptionImpl : public Subscription, SubscriptionCallbacks, Logger::Loggable { public: GrpcSubscriptionImpl(GrpcMuxSharedPtr grpc_mux, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, absl::string_view type_url, Event::Dispatcher& dispatcher, std::chrono::milliseconds init_fetch_timeout, bool is_aggregated); // Config::Subscription void start(const std::set& resource_names, const bool use_namespace_matching = false) override; void updateResourceInterest(const std::set& update_to_these_names) override; void requestOnDemandUpdate(const std::set& add_these_names) override; // Config::SubscriptionCallbacks (all pass through to callbacks_!) void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) override; GrpcMuxSharedPtr grpcMux() { return grpc_mux_; } ScopedResume pause(); private: void disableInitFetchTimeoutTimer(); GrpcMuxSharedPtr grpc_mux_; SubscriptionCallbacks& callbacks_; OpaqueResourceDecoder& resource_decoder_; SubscriptionStats stats_; const std::string type_url_; GrpcMuxWatchPtr watch_; Event::Dispatcher& dispatcher_; // NOTE: if another subscription of the same type_url has already been started, this value will be // ignored in favor of the other subscription's. std::chrono::milliseconds init_fetch_timeout_; Event::TimerPtr init_fetch_timeout_timer_; const bool is_aggregated_; }; using GrpcSubscriptionImplPtr = std::unique_ptr; using GrpcSubscriptionImplSharedPtr = std::shared_ptr; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/http_subscription_impl.cc ================================================ #include "common/config/http_subscription_impl.h" #include #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/config/decoded_resource_impl.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/http/headers.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "google/api/annotations.pb.h" namespace Envoy { namespace Config { HttpSubscriptionImpl::HttpSubscriptionImpl( const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cm, const std::string& remote_cluster_name, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, std::chrono::milliseconds refresh_interval, std::chrono::milliseconds request_timeout, const Protobuf::MethodDescriptor& service_method, absl::string_view type_url, envoy::config::core::v3::ApiVersion transport_api_version, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, std::chrono::milliseconds init_fetch_timeout, ProtobufMessage::ValidationVisitor& validation_visitor) : Http::RestApiFetcher(cm, remote_cluster_name, dispatcher, random, refresh_interval, request_timeout), callbacks_(callbacks), resource_decoder_(resource_decoder), stats_(stats), dispatcher_(dispatcher), init_fetch_timeout_(init_fetch_timeout), validation_visitor_(validation_visitor), transport_api_version_(transport_api_version) { request_.mutable_node()->CopyFrom(local_info.node()); request_.set_type_url(std::string(type_url)); ASSERT(service_method.options().HasExtension(google::api::http)); const auto& http_rule = service_method.options().GetExtension(google::api::http); path_ = http_rule.post(); ASSERT(http_rule.body() == "*"); } // Config::Subscription void HttpSubscriptionImpl::start(const std::set& resource_names, const bool) { if (init_fetch_timeout_.count() > 0) { init_fetch_timeout_timer_ = dispatcher_.createTimer([this]() -> void { handleFailure(Config::ConfigUpdateFailureReason::FetchTimedout, nullptr); }); init_fetch_timeout_timer_->enableTimer(init_fetch_timeout_); } Protobuf::RepeatedPtrField resources_vector(resource_names.begin(), resource_names.end()); request_.mutable_resource_names()->Swap(&resources_vector); initialize(); } void HttpSubscriptionImpl::updateResourceInterest( const std::set& update_to_these_names) { Protobuf::RepeatedPtrField resources_vector(update_to_these_names.begin(), update_to_these_names.end()); request_.mutable_resource_names()->Swap(&resources_vector); } // Http::RestApiFetcher void HttpSubscriptionImpl::createRequest(Http::RequestMessage& request) { ENVOY_LOG(debug, "Sending REST request for {}", path_); stats_.update_attempt_.inc(); request.headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); request.headers().setPath(path_); request.body().add(VersionConverter::getJsonStringFromMessage(request_, transport_api_version_)); request.headers().setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); request.headers().setContentLength(request.body().length()); } void HttpSubscriptionImpl::parseResponse(const Http::ResponseMessage& response) { disableInitFetchTimeoutTimer(); envoy::service::discovery::v3::DiscoveryResponse message; try { MessageUtil::loadFromJson(response.bodyAsString(), message, validation_visitor_); } catch (const EnvoyException& e) { handleFailure(Config::ConfigUpdateFailureReason::UpdateRejected, &e); return; } try { const auto decoded_resources = DecodedResourcesWrapper(resource_decoder_, message.resources(), message.version_info()); callbacks_.onConfigUpdate(decoded_resources.refvec_, message.version_info()); request_.set_version_info(message.version_info()); stats_.update_time_.set(DateUtil::nowToMilliseconds(dispatcher_.timeSource())); stats_.version_.set(HashUtil::xxHash64(request_.version_info())); stats_.version_text_.set(request_.version_info()); stats_.update_success_.inc(); } catch (const EnvoyException& e) { handleFailure(Config::ConfigUpdateFailureReason::UpdateRejected, &e); } } void HttpSubscriptionImpl::onFetchComplete() {} void HttpSubscriptionImpl::onFetchFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e) { handleFailure(reason, e); } void HttpSubscriptionImpl::handleFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e) { switch (reason) { case Config::ConfigUpdateFailureReason::ConnectionFailure: ENVOY_LOG(warn, "REST update for {} failed", path_); stats_.update_failure_.inc(); break; case Config::ConfigUpdateFailureReason::FetchTimedout: ENVOY_LOG(warn, "REST config: initial fetch timeout for {}", path_); stats_.init_fetch_timeout_.inc(); disableInitFetchTimeoutTimer(); break; case Config::ConfigUpdateFailureReason::UpdateRejected: ASSERT(e != nullptr); ENVOY_LOG(warn, "REST config for {} rejected: {}", path_, e->what()); stats_.update_rejected_.inc(); disableInitFetchTimeoutTimer(); break; } if (reason == Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure) { // New requests will be sent again. // If init_fetch_timeout is non-zero, server will continue startup after it timeout return; } callbacks_.onConfigUpdateFailed(reason, e); } void HttpSubscriptionImpl::disableInitFetchTimeoutTimer() { if (init_fetch_timeout_timer_) { init_fetch_timeout_timer_->disableTimer(); init_fetch_timeout_timer_.reset(); } } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/http_subscription_impl.h ================================================ #pragma once #include "envoy/api/v2/discovery.pb.h" #include "envoy/common/random_generator.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/api_version.h" #include "common/http/rest_api_fetcher.h" namespace Envoy { namespace Config { /** * REST implementation of the API Subscription interface. This fetches the API via periodic polling * with jitter (based on RestApiFetcher). The REST requests are POSTs of the JSON canonical * representation of the DiscoveryRequest proto and the responses are in the form of the JSON * canonical representation of DiscoveryResponse. This implementation is responsible for translating * between the proto serializable objects in the Subscription API and the REST JSON representation. */ class HttpSubscriptionImpl : public Http::RestApiFetcher, public Config::Subscription, Logger::Loggable { public: HttpSubscriptionImpl(const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cm, const std::string& remote_cluster_name, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, std::chrono::milliseconds refresh_interval, std::chrono::milliseconds request_timeout, const Protobuf::MethodDescriptor& service_method, absl::string_view type_url, envoy::config::core::v3::ApiVersion transport_api_version, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, SubscriptionStats stats, std::chrono::milliseconds init_fetch_timeout, ProtobufMessage::ValidationVisitor& validation_visitor); // Config::Subscription void start(const std::set& resource_names, const bool use_namespace_matching = false) override; void updateResourceInterest(const std::set& update_to_these_names) override; void requestOnDemandUpdate(const std::set&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // Http::RestApiFetcher void createRequest(Http::RequestMessage& request) override; void parseResponse(const Http::ResponseMessage& response) override; void onFetchComplete() override; void onFetchFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; private: void handleFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e); void disableInitFetchTimeoutTimer(); std::string path_; Protobuf::RepeatedPtrField resources_; envoy::service::discovery::v3::DiscoveryRequest request_; Config::SubscriptionCallbacks& callbacks_; Config::OpaqueResourceDecoder& resource_decoder_; SubscriptionStats stats_; Event::Dispatcher& dispatcher_; std::chrono::milliseconds init_fetch_timeout_; Event::TimerPtr init_fetch_timeout_timer_; ProtobufMessage::ValidationVisitor& validation_visitor_; const envoy::config::core::v3::ApiVersion transport_api_version_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/metadata.cc ================================================ #include "common/config/metadata.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/metadata/v3/metadata.pb.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { SINGLETON_MANAGER_REGISTRATION(const_metadata_shared_pool); MetadataKey::MetadataKey(const envoy::type::metadata::v3::MetadataKey& metadata_key) : key_(metadata_key.key()) { for (const auto& seg : metadata_key.path()) { path_.push_back(seg.key()); } } const ProtobufWkt::Value& Metadata::metadataValue(const envoy::config::core::v3::Metadata* metadata, const MetadataKey& metadata_key) { return metadataValue(metadata, metadata_key.key_, metadata_key.path_); } const ProtobufWkt::Value& Metadata::metadataValue(const envoy::config::core::v3::Metadata* metadata, const std::string& filter, const std::vector& path) { if (!metadata) { return ProtobufWkt::Value::default_instance(); } const auto filter_it = metadata->filter_metadata().find(filter); if (filter_it == metadata->filter_metadata().end()) { return ProtobufWkt::Value::default_instance(); } const ProtobufWkt::Struct* data_struct = &(filter_it->second); const ProtobufWkt::Value* val = nullptr; // go through path to select sub entries for (const auto& p : path) { if (nullptr == data_struct) { // sub entry not found return ProtobufWkt::Value::default_instance(); } const auto entry_it = data_struct->fields().find(p); if (entry_it == data_struct->fields().end()) { return ProtobufWkt::Value::default_instance(); } val = &(entry_it->second); if (val->has_struct_value()) { data_struct = &(val->struct_value()); } else { data_struct = nullptr; } } if (nullptr == val) { return ProtobufWkt::Value::default_instance(); } return *val; } const ProtobufWkt::Value& Metadata::metadataValue(const envoy::config::core::v3::Metadata* metadata, const std::string& filter, const std::string& key) { const std::vector path{key}; return metadataValue(metadata, filter, path); } ProtobufWkt::Value& Metadata::mutableMetadataValue(envoy::config::core::v3::Metadata& metadata, const std::string& filter, const std::string& key) { return (*(*metadata.mutable_filter_metadata())[filter].mutable_fields())[key]; } bool Metadata::metadataLabelMatch(const LabelSet& label_set, const envoy::config::core::v3::Metadata* host_metadata, const std::string& filter_key, bool list_as_any) { if (!host_metadata) { return label_set.empty(); } const auto filter_it = host_metadata->filter_metadata().find(filter_key); if (filter_it == host_metadata->filter_metadata().end()) { return label_set.empty(); } const ProtobufWkt::Struct& data_struct = filter_it->second; const auto& fields = data_struct.fields(); for (const auto& kv : label_set) { const auto entry_it = fields.find(kv.first); if (entry_it == fields.end()) { return false; } if (list_as_any && entry_it->second.kind_case() == ProtobufWkt::Value::kListValue) { bool any_match = false; for (const auto& v : entry_it->second.list_value().values()) { if (ValueUtil::equal(v, kv.second)) { any_match = true; break; } } if (!any_match) { return false; } } else if (!ValueUtil::equal(entry_it->second, kv.second)) { return false; } } return true; } ConstMetadataSharedPoolSharedPtr Metadata::getConstMetadataSharedPool(Singleton::Manager& manager, Event::Dispatcher& dispatcher) { return manager .getTyped>( SINGLETON_MANAGER_REGISTERED_NAME(const_metadata_shared_pool), [&dispatcher] { return std::make_shared< SharedPool::ObjectSharedPool>( dispatcher); }); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/metadata.h ================================================ #pragma once #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/event/dispatcher.h" #include "envoy/registry/registry.h" #include "envoy/singleton/manager.h" #include "envoy/type/metadata/v3/metadata.pb.h" #include "common/protobuf/protobuf.h" #include "common/shared_pool/shared_pool.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Config { using ConstMetadataSharedPoolSharedPtr = std::shared_ptr< SharedPool::ObjectSharedPool>; /** * MetadataKey presents the key name and path to retrieve value from metadata. */ struct MetadataKey { std::string key_; std::vector path_; MetadataKey(const envoy::type::metadata::v3::MetadataKey& metadata_key); }; /** * Config metadata helpers. */ class Metadata { public: /** * Lookup value of a key for a given filter in Metadata. * @param metadata reference. * @param filter name. * @param key for filter metadata. * @return const ProtobufWkt::Value& value if found, empty if not found. */ static const ProtobufWkt::Value& metadataValue(const envoy::config::core::v3::Metadata* metadata, const std::string& filter, const std::string& key); /** * Lookup value by a multi-key path for a given filter in Metadata. If path is empty * will return the empty struct. * @param metadata reference. * @param filter name. * @param path multi-key path. * @return const ProtobufWkt::Value& value if found, empty if not found. */ static const ProtobufWkt::Value& metadataValue(const envoy::config::core::v3::Metadata* metadata, const std::string& filter, const std::vector& path); /** * Lookup the value by a metadata key from a Metadata. * @param metadata reference. * @param metadata_key with key name and path to retrieve the value. * @return const ProtobufWkt::Value& value if found, empty if not found. */ static const ProtobufWkt::Value& metadataValue(const envoy::config::core::v3::Metadata* metadata, const MetadataKey& metadata_key); /** * Obtain mutable reference to metadata value for a given filter and key. * @param metadata reference. * @param filter name. * @param key for filter metadata. * @return ProtobufWkt::Value&. A Value message is created if not found. */ static ProtobufWkt::Value& mutableMetadataValue(envoy::config::core::v3::Metadata& metadata, const std::string& filter, const std::string& key); using LabelSet = std::vector>; /** * Returns whether a set of the labels match a particular host's metadata. * @param label_set the target label key/value pair set. * @param host_metadata a given host's metadata. * @param filter_key identifies the entry in the metadata entry for the match. * @param list_as_any if the metadata value entry is a list, and any one of * the element equals to the input label_set, it's considered as match. */ static bool metadataLabelMatch(const LabelSet& label_set, const envoy::config::core::v3::Metadata* host_metadata, const std::string& filter_key, bool list_as_any); /** * Returns an ObjectSharedPool to store const Metadata * @param manager used to create singleton * @param dispatcher the dispatcher object reference to the thread that created the * ObjectSharedPool */ static ConstMetadataSharedPoolSharedPtr getConstMetadataSharedPool(Singleton::Manager& manager, Event::Dispatcher& dispatcher); }; template class TypedMetadataImpl : public TypedMetadata { public: static_assert(std::is_base_of::value, "Factory type must be inherited from Envoy::Config::TypedMetadataFactory."); TypedMetadataImpl(const envoy::config::core::v3::Metadata& metadata) { populateFrom(metadata); } const TypedMetadata::Object* getData(const std::string& key) const override { const auto& it = data_.find(key); return it == data_.end() ? nullptr : it->second.get(); } protected: /* Attempt to run each of the registered factories for TypedMetadata, to * populate the data_ map. */ void populateFrom(const envoy::config::core::v3::Metadata& metadata) { auto& data_by_key = metadata.filter_metadata(); for (const auto& [factory_name, factory] : Registry::FactoryRegistry::factories()) { const auto& meta_iter = data_by_key.find(factory_name); if (meta_iter != data_by_key.end()) { data_[factory->name()] = factory->parse(meta_iter->second); } } } absl::node_hash_map> data_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/new_grpc_mux_impl.cc ================================================ #include "common/config/new_grpc_mux_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/backoff_strategy.h" #include "common/common/token_bucket_impl.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/memory/utils.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { NewGrpcMuxImpl::NewGrpcMuxImpl(Grpc::RawAsyncClientPtr&& async_client, Event::Dispatcher& dispatcher, const Protobuf::MethodDescriptor& service_method, envoy::config::core::v3::ApiVersion transport_api_version, Random::RandomGenerator& random, Stats::Scope& scope, const RateLimitSettings& rate_limit_settings, const LocalInfo::LocalInfo& local_info) : grpc_stream_(this, std::move(async_client), service_method, random, dispatcher, scope, rate_limit_settings), local_info_(local_info), transport_api_version_(transport_api_version), enable_type_url_downgrade_and_upgrade_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.enable_type_url_downgrade_and_upgrade")) {} ScopedResume NewGrpcMuxImpl::pause(const std::string& type_url) { return pause(std::vector{type_url}); } ScopedResume NewGrpcMuxImpl::pause(const std::vector type_urls) { for (const auto& type_url : type_urls) { pausable_ack_queue_.pause(type_url); } return std::make_unique([this, type_urls]() { for (const auto& type_url : type_urls) { pausable_ack_queue_.resume(type_url); if (!pausable_ack_queue_.paused(type_url)) { trySendDiscoveryRequests(); } } }); } void NewGrpcMuxImpl::registerVersionedTypeUrl(const std::string& type_url) { TypeUrlMap& type_url_map = typeUrlMap(); if (type_url_map.find(type_url) != type_url_map.end()) { return; } // If type_url is v3, earlier_type_url will contain v2 type url. absl::optional earlier_type_url = ApiTypeOracle::getEarlierTypeUrl(type_url); // Register v2 to v3 and v3 to v2 type_url mapping in the hash map. if (earlier_type_url.has_value()) { type_url_map[earlier_type_url.value()] = type_url; type_url_map[type_url] = earlier_type_url.value(); } } void NewGrpcMuxImpl::onDiscoveryResponse( std::unique_ptr&& message, ControlPlaneStats&) { ENVOY_LOG(debug, "Received DeltaDiscoveryResponse for {} at version {}", message->type_url(), message->system_version_info()); auto sub = subscriptions_.find(message->type_url()); // If this type url is not watched, try another version type url. if (enable_type_url_downgrade_and_upgrade_ && sub == subscriptions_.end()) { const std::string& type_url = message->type_url(); registerVersionedTypeUrl(type_url); TypeUrlMap& type_url_map = typeUrlMap(); if (type_url_map.find(type_url) != type_url_map.end()) { sub = subscriptions_.find(type_url_map[type_url]); } } if (sub == subscriptions_.end()) { ENVOY_LOG(warn, "Dropping received DeltaDiscoveryResponse (with version {}) for non-existent " "subscription {}.", message->system_version_info(), message->type_url()); return; } kickOffAck(sub->second->sub_state_.handleResponse(*message)); Memory::Utils::tryShrinkHeap(); } void NewGrpcMuxImpl::onStreamEstablished() { for (auto& [type_url, subscription] : subscriptions_) { subscription->sub_state_.markStreamFresh(); } trySendDiscoveryRequests(); } void NewGrpcMuxImpl::onEstablishmentFailure() { // If this happens while Envoy is still initializing, the onConfigUpdateFailed() we ultimately // call on CDS will cause LDS to start up, which adds to subscriptions_ here. So, to avoid a // crash, the iteration needs to dance around a little: collect pointers to all // SubscriptionStates, call on all those pointers we haven't yet called on, repeat if there are // now more SubscriptionStates. absl::flat_hash_map all_subscribed; absl::flat_hash_map already_called; do { for (auto& [type_url, subscription] : subscriptions_) { all_subscribed[type_url] = &subscription->sub_state_; } for (auto& sub : all_subscribed) { if (already_called.insert(sub).second) { // insert succeeded ==> not already called sub.second->handleEstablishmentFailure(); } } } while (all_subscribed.size() != subscriptions_.size()); } void NewGrpcMuxImpl::onWriteable() { trySendDiscoveryRequests(); } void NewGrpcMuxImpl::kickOffAck(UpdateAck ack) { pausable_ack_queue_.push(std::move(ack)); trySendDiscoveryRequests(); } // TODO(fredlas) to be removed from the GrpcMux interface very soon. void NewGrpcMuxImpl::start() { grpc_stream_.establishNewStream(); } GrpcMuxWatchPtr NewGrpcMuxImpl::addWatch(const std::string& type_url, const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const bool use_namespace_matching) { auto entry = subscriptions_.find(type_url); if (entry == subscriptions_.end()) { // We don't yet have a subscription for type_url! Make one! if (enable_type_url_downgrade_and_upgrade_) { registerVersionedTypeUrl(type_url); } addSubscription(type_url, use_namespace_matching); return addWatch(type_url, resources, callbacks, resource_decoder, use_namespace_matching); } Watch* watch = entry->second->watch_map_.addWatch(callbacks, resource_decoder); // updateWatch() queues a discovery request if any of 'resources' are not yet subscribed. updateWatch(type_url, watch, resources, use_namespace_matching); return std::make_unique(type_url, watch, *this); } // Updates the list of resource names watched by the given watch. If an added name is new across // the whole subscription, or if a removed name has no other watch interested in it, then the // subscription will enqueue and attempt to send an appropriate discovery request. void NewGrpcMuxImpl::updateWatch(const std::string& type_url, Watch* watch, const std::set& resources, bool creating_namespace_watch) { ASSERT(watch != nullptr); auto sub = subscriptions_.find(type_url); RELEASE_ASSERT(sub != subscriptions_.end(), fmt::format("Watch of {} has no subscription to update.", type_url)); auto added_removed = sub->second->watch_map_.updateWatchInterest(watch, resources); if (creating_namespace_watch) { // This is to prevent sending out of requests that contain prefixes instead of resource names sub->second->sub_state_.updateSubscriptionInterest({}, {}); } else { sub->second->sub_state_.updateSubscriptionInterest(added_removed.added_, added_removed.removed_); } // Tell the server about our change in interest, if any. if (sub->second->sub_state_.subscriptionUpdatePending()) { trySendDiscoveryRequests(); } } void NewGrpcMuxImpl::requestOnDemandUpdate(const std::string& type_url, const std::set& for_update) { auto sub = subscriptions_.find(type_url); RELEASE_ASSERT(sub != subscriptions_.end(), fmt::format("Watch of {} has no subscription to update.", type_url)); sub->second->sub_state_.updateSubscriptionInterest(for_update, {}); // Tell the server about our change in interest, if any. if (sub->second->sub_state_.subscriptionUpdatePending()) { trySendDiscoveryRequests(); } } void NewGrpcMuxImpl::removeWatch(const std::string& type_url, Watch* watch) { updateWatch(type_url, watch, {}); auto entry = subscriptions_.find(type_url); ASSERT(entry != subscriptions_.end(), fmt::format("removeWatch() called for non-existent subscription {}.", type_url)); entry->second->watch_map_.removeWatch(watch); } void NewGrpcMuxImpl::addSubscription(const std::string& type_url, const bool use_namespace_matching) { subscriptions_.emplace( type_url, std::make_unique(type_url, local_info_, use_namespace_matching)); subscription_ordering_.emplace_back(type_url); } void NewGrpcMuxImpl::trySendDiscoveryRequests() { while (true) { // Do any of our subscriptions even want to send a request? absl::optional maybe_request_type = whoWantsToSendDiscoveryRequest(); if (!maybe_request_type.has_value()) { break; } // If so, which one (by type_url)? std::string next_request_type_url = maybe_request_type.value(); // If we don't have a subscription object for this request's type_url, drop the request. auto sub = subscriptions_.find(next_request_type_url); RELEASE_ASSERT(sub != subscriptions_.end(), fmt::format("Tried to send discovery request for non-existent subscription {}.", next_request_type_url)); // Try again later if paused/rate limited/stream down. if (!canSendDiscoveryRequest(next_request_type_url)) { break; } envoy::service::discovery::v3::DeltaDiscoveryRequest request; // Get our subscription state to generate the appropriate DeltaDiscoveryRequest, and send. if (!pausable_ack_queue_.empty()) { // Because ACKs take precedence over plain requests, if there is anything in the queue, it's // safe to assume it's of the type_url that we're wanting to send. request = sub->second->sub_state_.getNextRequestWithAck(pausable_ack_queue_.popFront()); } else { request = sub->second->sub_state_.getNextRequestAckless(); } VersionConverter::prepareMessageForGrpcWire(request, transport_api_version_); grpc_stream_.sendMessage(request); } grpc_stream_.maybeUpdateQueueSizeStat(pausable_ack_queue_.size()); } // Checks whether external conditions allow sending a DeltaDiscoveryRequest. (Does not check // whether we *want* to send a DeltaDiscoveryRequest). bool NewGrpcMuxImpl::canSendDiscoveryRequest(const std::string& type_url) { RELEASE_ASSERT( !pausable_ack_queue_.paused(type_url), fmt::format("canSendDiscoveryRequest() called on paused type_url {}. Pausedness is " "supposed to be filtered out by whoWantsToSendDiscoveryRequest(). ", type_url)); if (!grpc_stream_.grpcStreamAvailable()) { ENVOY_LOG(trace, "No stream available to send a discovery request for {}.", type_url); return false; } else if (!grpc_stream_.checkRateLimitAllowsDrain()) { ENVOY_LOG(trace, "{} discovery request hit rate limit; will try later.", type_url); return false; } return true; } // Checks whether we have something to say in a DeltaDiscoveryRequest, which can be an ACK and/or // a subscription update. (Does not check whether we *can* send that DeltaDiscoveryRequest). // Returns the type_url we should send the DeltaDiscoveryRequest for (if any). // First, prioritizes ACKs over non-ACK subscription interest updates. // Then, prioritizes non-ACK updates in the order the various types // of subscriptions were activated. absl::optional NewGrpcMuxImpl::whoWantsToSendDiscoveryRequest() { // All ACKs are sent before plain updates. trySendDiscoveryRequests() relies on this. So, choose // type_url from pausable_ack_queue_ if possible, before looking at pending updates. if (!pausable_ack_queue_.empty()) { return pausable_ack_queue_.front().type_url_; } // If we're looking to send multiple non-ACK requests, send them in the order that their // subscriptions were initiated. for (const auto& sub_type : subscription_ordering_) { auto sub = subscriptions_.find(sub_type); if (sub != subscriptions_.end() && sub->second->sub_state_.subscriptionUpdatePending() && !pausable_ack_queue_.paused(sub_type)) { return sub->first; } } return absl::nullopt; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/new_grpc_mux_impl.h ================================================ #pragma once #include #include "envoy/api/v2/discovery.pb.h" #include "envoy/common/random_generator.h" #include "envoy/common/token_bucket.h" #include "envoy/config/grpc_mux.h" #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/logger.h" #include "common/config/api_version.h" #include "common/config/delta_subscription_state.h" #include "common/config/grpc_stream.h" #include "common/config/pausable_ack_queue.h" #include "common/config/watch_map.h" #include "common/grpc/common.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Config { // Manages subscriptions to one or more type of resource. The logical protocol // state of those subscription(s) is handled by DeltaSubscriptionState. // This class owns the GrpcStream used to talk to the server, maintains queuing // logic to properly order the subscription(s)' various messages, and allows // starting/stopping/pausing of the subscriptions. class NewGrpcMuxImpl : public GrpcMux, public GrpcStreamCallbacks, Logger::Loggable { public: NewGrpcMuxImpl(Grpc::RawAsyncClientPtr&& async_client, Event::Dispatcher& dispatcher, const Protobuf::MethodDescriptor& service_method, envoy::config::core::v3::ApiVersion transport_api_version, Random::RandomGenerator& random, Stats::Scope& scope, const RateLimitSettings& rate_limit_settings, const LocalInfo::LocalInfo& local_info); GrpcMuxWatchPtr addWatch(const std::string& type_url, const std::set& resources, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const bool use_namespace_matching = false) override; void requestOnDemandUpdate(const std::string& type_url, const std::set& for_update) override; ScopedResume pause(const std::string& type_url) override; ScopedResume pause(const std::vector type_urls) override; void registerVersionedTypeUrl(const std::string& type_url); void onDiscoveryResponse( std::unique_ptr&& message, ControlPlaneStats& control_plane_stats) override; void onStreamEstablished() override; void onEstablishmentFailure() override; void onWriteable() override; void kickOffAck(UpdateAck ack); // TODO(fredlas) remove this from the GrpcMux interface. void start() override; struct SubscriptionStuff { SubscriptionStuff(const std::string& type_url, const LocalInfo::LocalInfo& local_info, const bool use_namespace_matching) : watch_map_(use_namespace_matching), sub_state_(type_url, watch_map_, local_info) {} WatchMap watch_map_; DeltaSubscriptionState sub_state_; SubscriptionStuff(const SubscriptionStuff&) = delete; SubscriptionStuff& operator=(const SubscriptionStuff&) = delete; }; using SubscriptionStuffPtr = std::unique_ptr; // for use in tests only const absl::flat_hash_map& subscriptions() { return subscriptions_; } private: class WatchImpl : public GrpcMuxWatch { public: WatchImpl(const std::string& type_url, Watch* watch, NewGrpcMuxImpl& parent) : type_url_(type_url), watch_(watch), parent_(parent) {} ~WatchImpl() override { remove(); } void remove() { if (watch_) { parent_.removeWatch(type_url_, watch_); watch_ = nullptr; } } void update(const std::set& resources) override { parent_.updateWatch(type_url_, watch_, resources); } private: const std::string type_url_; Watch* watch_; NewGrpcMuxImpl& parent_; }; void removeWatch(const std::string& type_url, Watch* watch); // Updates the list of resource names watched by the given watch. If an added name is new across // the whole subscription, or if a removed name has no other watch interested in it, then the // subscription will enqueue and attempt to send an appropriate discovery request. void updateWatch(const std::string& type_url, Watch* watch, const std::set& resources, const bool creating_namespace_watch = false); void addSubscription(const std::string& type_url, const bool use_namespace_matching); void trySendDiscoveryRequests(); // Checks whether external conditions allow sending a DeltaDiscoveryRequest. (Does not check // whether we *want* to send a DeltaDiscoveryRequest). bool canSendDiscoveryRequest(const std::string& type_url); // Checks whether we have something to say in a DeltaDiscoveryRequest, which can be an ACK and/or // a subscription update. (Does not check whether we *can* send that DeltaDiscoveryRequest). // Returns the type_url we should send the DeltaDiscoveryRequest for (if any). // First, prioritizes ACKs over non-ACK subscription interest updates. // Then, prioritizes non-ACK updates in the order the various types // of subscriptions were activated. absl::optional whoWantsToSendDiscoveryRequest(); // Resource (N)ACKs we're waiting to send, stored in the order that they should be sent in. All // of our different resource types' ACKs are mixed together in this queue. See class for // description of how it interacts with pause() and resume(). PausableAckQueue pausable_ack_queue_; // Map key is type_url. absl::flat_hash_map subscriptions_; // Determines the order of initial discovery requests. (Assumes that subscriptions are added in // the order of Envoy's dependency ordering). std::list subscription_ordering_; GrpcStream grpc_stream_; const LocalInfo::LocalInfo& local_info_; const envoy::config::core::v3::ApiVersion transport_api_version_; const bool enable_type_url_downgrade_and_upgrade_; }; using NewGrpcMuxImplPtr = std::unique_ptr; using NewGrpcMuxImplSharedPtr = std::shared_ptr; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/opaque_resource_decoder_impl.h ================================================ #pragma once #include "envoy/config/subscription.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { template class OpaqueResourceDecoderImpl : public Config::OpaqueResourceDecoder { public: OpaqueResourceDecoderImpl(ProtobufMessage::ValidationVisitor& validation_visitor, absl::string_view name_field) : validation_visitor_(validation_visitor), name_field_(name_field) {} // Config::OpaqueResourceDecoder ProtobufTypes::MessagePtr decodeResource(const ProtobufWkt::Any& resource) override { auto typed_message = std::make_unique(); // If the Any is a synthetic empty message (e.g. because the resource field was not set in // Resource, this might be empty, so we shouldn't decode. if (!resource.type_url().empty()) { MessageUtil::anyConvertAndValidate(resource, *typed_message, validation_visitor_); } return typed_message; } std::string resourceName(const Protobuf::Message& resource) override { return MessageUtil::getStringField(resource, name_field_); } private: ProtobufMessage::ValidationVisitor& validation_visitor_; const std::string name_field_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/pausable_ack_queue.cc ================================================ #include "common/config/pausable_ack_queue.h" #include #include "common/common/assert.h" namespace Envoy { namespace Config { void PausableAckQueue::push(UpdateAck x) { storage_.push_back(std::move(x)); } size_t PausableAckQueue::size() const { return storage_.size(); } bool PausableAckQueue::empty() { for (const auto& entry : storage_) { if (pauses_[entry.type_url_] == 0) { return false; } } return true; } const UpdateAck& PausableAckQueue::front() { for (const auto& entry : storage_) { if (pauses_[entry.type_url_] == 0) { return entry; } } RELEASE_ASSERT(false, "front() on an empty queue is undefined behavior!"); NOT_REACHED_GCOVR_EXCL_LINE; } UpdateAck PausableAckQueue::popFront() { for (auto it = storage_.begin(); it != storage_.end(); ++it) { if (pauses_[it->type_url_] == 0) { UpdateAck ret = *it; storage_.erase(it); return ret; } } RELEASE_ASSERT(false, "popFront() on an empty queue is undefined behavior!"); NOT_REACHED_GCOVR_EXCL_LINE; } void PausableAckQueue::pause(const std::string& type_url) { // It's ok to pause a subscription that doesn't exist yet. auto& pause_entry = pauses_[type_url]; ++pause_entry; } void PausableAckQueue::resume(const std::string& type_url) { auto& pause_entry = pauses_[type_url]; ASSERT(pause_entry > 0); --pause_entry; } bool PausableAckQueue::paused(const std::string& type_url) const { auto entry = pauses_.find(type_url); if (entry == pauses_.end()) { return false; } return entry->second > 0; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/pausable_ack_queue.h ================================================ #pragma once #include #include "common/config/update_ack.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Config { // There is a head-of-line blocking issue resulting from the intersection of 1) ADS's need for // subscription request ordering and 2) the ability to "pause" one of the resource types within ADS. // We need a queue that understands ADS's resource type pausing. Specifically, we need front()/pop() // to choose the first element whose type_url isn't paused. class PausableAckQueue { public: void push(UpdateAck x); size_t size() const; bool empty(); const UpdateAck& front(); UpdateAck popFront(); void pause(const std::string& type_url); void resume(const std::string& type_url); bool paused(const std::string& type_url) const; private: // It's ok for non-existent subs to be paused/resumed. The cleanest way to support that is to give // the pause state its own map. (Map key is type_url.) absl::flat_hash_map pauses_; std::list storage_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/protobuf_link_hacks.h ================================================ #pragma once #include "envoy/api/v2/cds.pb.h" #include "envoy/api/v2/eds.pb.h" #include "envoy/api/v2/lds.pb.h" #include "envoy/api/v2/rds.pb.h" #include "envoy/api/v2/srds.pb.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "envoy/service/cluster/v3/cds.pb.h" #include "envoy/service/discovery/v2/ads.pb.h" #include "envoy/service/discovery/v2/hds.pb.h" #include "envoy/service/discovery/v2/rtds.pb.h" #include "envoy/service/discovery/v2/sds.pb.h" #include "envoy/service/discovery/v3/ads.pb.h" #include "envoy/service/endpoint/v3/eds.pb.h" #include "envoy/service/extension/v3/config_discovery.pb.h" #include "envoy/service/listener/v3/lds.pb.h" #include "envoy/service/ratelimit/v2/rls.pb.h" #include "envoy/service/ratelimit/v3/rls.pb.h" #include "envoy/service/route/v3/rds.pb.h" #include "envoy/service/route/v3/srds.pb.h" #include "envoy/service/runtime/v3/rtds.pb.h" #include "envoy/service/secret/v3/sds.pb.h" // API_NO_BOOST_FILE namespace Envoy { // Hack to force linking of the service: https://github.com/google/protobuf/issues/4221. // This file should be included ONLY if this hack is required. const envoy::service::discovery::v2::AdsDummy _ads_dummy_v2; const envoy::service::ratelimit::v2::RateLimitRequest _rls_dummy_v2; const envoy::service::discovery::v2::SdsDummy _sds_dummy_v2; const envoy::service::discovery::v2::RtdsDummy _tds_dummy_v2; const envoy::api::v2::LdsDummy _lds_dummy_v2; const envoy::api::v2::RdsDummy _rds_dummy_v2; const envoy::api::v2::CdsDummy _cds_dummy_v2; const envoy::api::v2::EdsDummy _eds_dummy_v2; const envoy::api::v2::SrdsDummy _srds_dummy_v2; const envoy::service::discovery::v3::AdsDummy _ads_dummy_v3; const envoy::service::ratelimit::v3::RateLimitRequest _rls_dummy_v3; const envoy::service::secret::v3::SdsDummy _sds_dummy_v3; const envoy::service::runtime::v3::RtdsDummy _tds_dummy_v3; const envoy::service::listener::v3::LdsDummy _lds_dummy_v3; const envoy::service::route::v3::RdsDummy _rds_dummy_v3; const envoy::service::cluster::v3::CdsDummy _cds_dummy_v3; const envoy::service::endpoint::v3::EdsDummy _eds_dummy_v3; const envoy::service::route::v3::SrdsDummy _srds_dummy_v3; // With the v2 -> v3 migration there is another, related linking issue. // Symbols for v2 protos which headers are not included in any file in the codebase are being // dropped by the linker in some circumstances. For example, in the Envoy Mobile iOS build system. // Even though all v2 packages are included as a dependency in their corresponding v3 package, and // `always_link` is set for all proto bazel targets. // Further proof of this can be seen by way of counter example with the envoy.api.v2.Cluster type, // which is checked for by proto_descriptors.cc. This type **is** getting linked because its headers // is still included in cds_api_impl.cc. On the other side because the v2 hds header is not included // anywhere the v2 service type is getting dropped, and thus the descriptor is not present in the // descriptor pool. // https://github.com/envoyproxy/envoy/issues/9639 const envoy::config::bootstrap::v2::Bootstrap _bootstrap_dummy_v2; const envoy::service::discovery::v2::Capability _hds_dummy_v2; } // namespace Envoy ================================================ FILE: source/common/config/remote_data_fetcher.cc ================================================ #include "common/config/remote_data_fetcher.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "common/common/enum_to_int.h" #include "common/common/hex.h" #include "common/crypto/utility.h" #include "common/http/headers.h" #include "common/http/utility.h" namespace Envoy { namespace Config { namespace DataFetcher { RemoteDataFetcher::RemoteDataFetcher(Upstream::ClusterManager& cm, const envoy::config::core::v3::HttpUri& uri, const std::string& content_hash, RemoteDataFetcherCallback& callback) : cm_(cm), uri_(uri), content_hash_(content_hash), callback_(callback) {} RemoteDataFetcher::~RemoteDataFetcher() { cancel(); } void RemoteDataFetcher::cancel() { if (request_) { request_->cancel(); ENVOY_LOG(debug, "fetch remote data [uri = {}]: canceled", uri_.uri()); } request_ = nullptr; } void RemoteDataFetcher::fetch() { Http::RequestMessagePtr message = Http::Utility::prepareHeaders(uri_); message->headers().setReferenceMethod(Http::Headers::get().MethodValues.Get); ENVOY_LOG(debug, "fetch remote data from [uri = {}]: start", uri_.uri()); request_ = cm_.httpAsyncClientForCluster(uri_.cluster()) .send(std::move(message), *this, Http::AsyncClient::RequestOptions().setTimeout(std::chrono::milliseconds( DurationUtil::durationToMilliseconds(uri_.timeout())))); } void RemoteDataFetcher::onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) { const uint64_t status_code = Http::Utility::getResponseStatus(response->headers()); if (status_code == enumToInt(Http::Code::OK)) { ENVOY_LOG(debug, "fetch remote data [uri = {}]: success", uri_.uri()); if (response->body().length() > 0) { auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); const auto content_hash = Hex::encode(crypto_util.getSha256Digest(response->body())); if (content_hash_ != content_hash) { ENVOY_LOG(debug, "fetch remote data [uri = {}]: data is invalid", uri_.uri()); callback_.onFailure(FailureReason::InvalidData); } else { callback_.onSuccess(response->bodyAsString()); } } else { ENVOY_LOG(debug, "fetch remote data [uri = {}]: body is empty", uri_.uri()); callback_.onFailure(FailureReason::Network); } } else { ENVOY_LOG(debug, "fetch remote data [uri = {}]: response status code {}", uri_.uri(), status_code); callback_.onFailure(FailureReason::Network); } request_ = nullptr; } void RemoteDataFetcher::onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) { ENVOY_LOG(debug, "fetch remote data [uri = {}]: network error {}", uri_.uri(), enumToInt(reason)); request_ = nullptr; callback_.onFailure(FailureReason::Network); } } // namespace DataFetcher } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/remote_data_fetcher.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Config { namespace DataFetcher { /** * Failure reason. */ enum class FailureReason { /* A network error occurred causing remote data retrieval failure. */ Network, /* A failure occurred when trying to verify remote data using sha256. */ InvalidData, }; /** * Callback used by remote data fetcher. */ class RemoteDataFetcherCallback { public: virtual ~RemoteDataFetcherCallback() = default; /** * This function will be called when data is fetched successfully from remote. * @param data remote data */ virtual void onSuccess(const std::string& data) PURE; /** * This function is called when error happens during fetching data. * @param reason failure reason. */ virtual void onFailure(FailureReason reason) PURE; }; /** * Remote data fetcher. */ class RemoteDataFetcher : public Logger::Loggable, public Http::AsyncClient::Callbacks { public: RemoteDataFetcher(Upstream::ClusterManager& cm, const envoy::config::core::v3::HttpUri& uri, const std::string& content_hash, RemoteDataFetcherCallback& callback); ~RemoteDataFetcher() override; // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) override; void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span&, const Http::ResponseHeaderMap*) override {} /** * Fetch data from remote. * @param uri remote URI * @param content_hash for verifying data integrity * @param callback callback when fetch is done. */ void fetch(); /** * Cancel the fetch. */ void cancel(); private: Upstream::ClusterManager& cm_; const envoy::config::core::v3::HttpUri uri_; const std::string content_hash_; RemoteDataFetcherCallback& callback_; Http::AsyncClient::Request* request_{}; }; using RemoteDataFetcherPtr = std::unique_ptr; } // namespace DataFetcher } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/resource_name.h ================================================ #pragma once #include #include #include "envoy/config/core/v3/config_source.pb.h" #include "common/common/assert.h" #include "common/config/api_type_oracle.h" namespace Envoy { namespace Config { /** * Get resource name from api type and version. */ template std::string getResourceName(envoy::config::core::v3::ApiVersion resource_api_version) { switch (resource_api_version) { case envoy::config::core::v3::ApiVersion::AUTO: case envoy::config::core::v3::ApiVersion::V2: return ApiTypeOracle::getEarlierVersionMessageTypeName(Current().GetDescriptor()->full_name()) .value(); case envoy::config::core::v3::ApiVersion::V3: return Current().GetDescriptor()->full_name(); default: NOT_REACHED_GCOVR_EXCL_LINE; } } /** * Get type url from api type and version. */ template std::string getTypeUrl(envoy::config::core::v3::ApiVersion resource_api_version) { return "type.googleapis.com/" + getResourceName(resource_api_version); } /** * get all version resource names. */ template std::vector getAllVersionResourceNames() { return std::vector{ Current().GetDescriptor()->full_name(), ApiTypeOracle::getEarlierVersionMessageTypeName(Current().GetDescriptor()->full_name()) .value()}; } /** * get all version type urls. */ template std::vector getAllVersionTypeUrls() { auto resource_names = getAllVersionResourceNames(); for (auto&& resource_name : resource_names) { resource_name = "type.googleapis.com/" + resource_name; } return resource_names; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/runtime_utility.cc ================================================ #include "common/config/runtime_utility.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" namespace Envoy { namespace Config { void translateRuntime(const envoy::config::bootstrap::v3::Runtime& runtime_config, envoy::config::bootstrap::v3::LayeredRuntime& layered_runtime_config) { { auto* layer = layered_runtime_config.add_layers(); layer->set_name("base"); layer->mutable_static_layer()->MergeFrom(runtime_config.base()); } if (!runtime_config.symlink_root().empty()) { { auto* layer = layered_runtime_config.add_layers(); layer->set_name("root"); layer->mutable_disk_layer()->set_symlink_root(runtime_config.symlink_root()); layer->mutable_disk_layer()->set_subdirectory(runtime_config.subdirectory()); } if (!runtime_config.override_subdirectory().empty()) { auto* layer = layered_runtime_config.add_layers(); layer->set_name("override"); layer->mutable_disk_layer()->set_symlink_root(runtime_config.symlink_root()); layer->mutable_disk_layer()->set_subdirectory(runtime_config.override_subdirectory()); layer->mutable_disk_layer()->set_append_service_cluster(true); } } { auto* layer = layered_runtime_config.add_layers(); layer->set_name("admin"); layer->mutable_admin_layer(); } } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/runtime_utility.h ================================================ #pragma once #include "envoy/config/bootstrap/v3/bootstrap.pb.h" namespace Envoy { namespace Config { // Translate from old fixed runtime to new layered runtime configuration. void translateRuntime(const envoy::config::bootstrap::v3::Runtime& runtime_config, envoy::config::bootstrap::v3::LayeredRuntime& layered_runtime_config); } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/subscription_base.h ================================================ #pragma once #include "envoy/config/subscription.h" #include "common/config/opaque_resource_decoder_impl.h" #include "common/config/resource_name.h" namespace Envoy { namespace Config { template struct SubscriptionBase : public Config::SubscriptionCallbacks { public: SubscriptionBase(const envoy::config::core::v3::ApiVersion api_version, ProtobufMessage::ValidationVisitor& validation_visitor, absl::string_view name_field) : resource_decoder_(validation_visitor, name_field), api_version_(api_version) {} std::string getResourceName() const { return Envoy::Config::getResourceName(api_version_); } protected: Config::OpaqueResourceDecoderImpl resource_decoder_; private: const envoy::config::core::v3::ApiVersion api_version_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/subscription_factory_impl.cc ================================================ #include "common/config/subscription_factory_impl.h" #include "envoy/config/core/v3/config_source.pb.h" #include "common/config/filesystem_subscription_impl.h" #include "common/config/grpc_mux_impl.h" #include "common/config/grpc_subscription_impl.h" #include "common/config/http_subscription_impl.h" #include "common/config/new_grpc_mux_impl.h" #include "common/config/type_to_endpoint.h" #include "common/config/udpa_resource.h" #include "common/config/utility.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Config { SubscriptionFactoryImpl::SubscriptionFactoryImpl( const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Upstream::ClusterManager& cm, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api, Runtime::Loader& runtime) : local_info_(local_info), dispatcher_(dispatcher), cm_(cm), validation_visitor_(validation_visitor), api_(api), runtime_(runtime) {} SubscriptionPtr SubscriptionFactoryImpl::subscriptionFromConfigSource( const envoy::config::core::v3::ConfigSource& config, absl::string_view type_url, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) { Config::Utility::checkLocalInfo(type_url, local_info_); std::unique_ptr result; SubscriptionStats stats = Utility::generateStats(scope); auto& runtime_snapshot = runtime_.snapshot(); const auto transport_api_version = config.api_config_source().transport_api_version(); if (transport_api_version == envoy::config::core::v3::ApiVersion::V2 && runtime_snapshot.runtimeFeatureEnabled( "envoy.reloadable_features.enable_deprecated_v2_api_warning")) { runtime_.countDeprecatedFeatureUse(); ENVOY_LOG(warn, "xDS of version v2 has been deprecated and will be removed in subsequent versions"); } switch (config.config_source_specifier_case()) { case envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kPath: { Utility::checkFilesystemSubscriptionBackingPath(config.path(), api_); return std::make_unique( dispatcher_, config.path(), callbacks, resource_decoder, stats, validation_visitor_, api_); } case envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kApiConfigSource: { const envoy::config::core::v3::ApiConfigSource& api_config_source = config.api_config_source(); Utility::checkApiConfigSourceSubscriptionBackingCluster(cm_.primaryClusters(), api_config_source); switch (api_config_source.api_type()) { case envoy::config::core::v3::ApiConfigSource::hidden_envoy_deprecated_UNSUPPORTED_REST_LEGACY: throw EnvoyException( "REST_LEGACY no longer a supported ApiConfigSource. " "Please specify an explicit supported api_type in the following config:\n" + config.DebugString()); case envoy::config::core::v3::ApiConfigSource::REST: return std::make_unique( local_info_, cm_, api_config_source.cluster_names()[0], dispatcher_, api_.randomGenerator(), Utility::apiConfigSourceRefreshDelay(api_config_source), Utility::apiConfigSourceRequestTimeout(api_config_source), restMethod(type_url, api_config_source.transport_api_version()), type_url, api_config_source.transport_api_version(), callbacks, resource_decoder, stats, Utility::configSourceInitialFetchTimeout(config), validation_visitor_); case envoy::config::core::v3::ApiConfigSource::GRPC: return std::make_unique( std::make_shared( local_info_, Utility::factoryForGrpcApiConfigSource(cm_.grpcAsyncClientManager(), api_config_source, scope, true) ->create(), dispatcher_, sotwGrpcMethod(type_url, api_config_source.transport_api_version()), api_config_source.transport_api_version(), api_.randomGenerator(), scope, Utility::parseRateLimitSettings(api_config_source), api_config_source.set_node_on_first_message_only()), callbacks, resource_decoder, stats, type_url, dispatcher_, Utility::configSourceInitialFetchTimeout(config), /*is_aggregated*/ false); case envoy::config::core::v3::ApiConfigSource::DELTA_GRPC: { return std::make_unique( std::make_shared( Config::Utility::factoryForGrpcApiConfigSource(cm_.grpcAsyncClientManager(), api_config_source, scope, true) ->create(), dispatcher_, deltaGrpcMethod(type_url, api_config_source.transport_api_version()), api_config_source.transport_api_version(), api_.randomGenerator(), scope, Utility::parseRateLimitSettings(api_config_source), local_info_), callbacks, resource_decoder, stats, type_url, dispatcher_, Utility::configSourceInitialFetchTimeout(config), false); } default: NOT_REACHED_GCOVR_EXCL_LINE; } } case envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kAds: { return std::make_unique( cm_.adsMux(), callbacks, resource_decoder, stats, type_url, dispatcher_, Utility::configSourceInitialFetchTimeout(config), true); } default: throw EnvoyException( "Missing config source specifier in envoy::config::core::v3::ConfigSource"); } NOT_REACHED_GCOVR_EXCL_LINE; } SubscriptionPtr SubscriptionFactoryImpl::collectionSubscriptionFromUrl( const udpa::core::v1::ResourceLocator& collection_locator, const envoy::config::core::v3::ConfigSource& /*config*/, absl::string_view /*type_url*/, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) { std::unique_ptr result; SubscriptionStats stats = Utility::generateStats(scope); switch (collection_locator.scheme()) { case udpa::core::v1::ResourceLocator::FILE: { const std::string path = Http::Utility::localPathFromFilePath(absl::StrJoin(collection_locator.id(), "/")); Utility::checkFilesystemSubscriptionBackingPath(path, api_); return std::make_unique( dispatcher_, path, callbacks, resource_decoder, stats, validation_visitor_, api_); } default: throw EnvoyException(fmt::format("Unsupported collection resource locator: {}", UdpaResourceIdentifier::encodeUrl(collection_locator))); } NOT_REACHED_GCOVR_EXCL_LINE; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/subscription_factory_impl.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/subscription.h" #include "envoy/config/subscription_factory.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" namespace Envoy { namespace Config { class SubscriptionFactoryImpl : public SubscriptionFactory, Logger::Loggable { public: SubscriptionFactoryImpl(const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Upstream::ClusterManager& cm, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api, Runtime::Loader& runtime); // Config::SubscriptionFactory SubscriptionPtr subscriptionFromConfigSource(const envoy::config::core::v3::ConfigSource& config, absl::string_view type_url, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) override; SubscriptionPtr collectionSubscriptionFromUrl(const udpa::core::v1::ResourceLocator& collection_locator, const envoy::config::core::v3::ConfigSource& config, absl::string_view type_url, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) override; private: const LocalInfo::LocalInfo& local_info_; Event::Dispatcher& dispatcher_; Upstream::ClusterManager& cm_; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; Runtime::Loader& runtime_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/type_to_endpoint.cc ================================================ #include "common/config/type_to_endpoint.h" #include "envoy/annotations/resource.pb.h" #include "common/grpc/common.h" // API_NO_BOOST_FILE #define SERVICE_VERSION_INFO(v2, v3) \ createServiceVersionInfoMap(v2, {v2, v3}), createServiceVersionInfoMap(v3, {v2, v3}) namespace Envoy { namespace Config { namespace { // A service's name, e.g. "envoy.api.v2.RouteDiscoveryService", // "envoy.service.route.v3.RouteDiscoveryService". using ServiceName = std::string; struct ServiceVersionInfo { // This hold a name for each transport_api_version, for example for // "envoy.api.v2.RouteDiscoveryService": // { // "V2": "envoy.api.v2.RouteDiscoveryService", // "V3": "envoy.service.route.v3.RouteDiscoveryService" // } absl::flat_hash_map names_; }; // A ServiceVersionInfoMap holds a service's transport_api_version and possible names for each // available transport_api_version. For examples: // // Given "envoy.api.v2.RouteDiscoveryService" as the service name: // { // "envoy.api.v2.RouteDiscoveryService": { // "names_": { // "V2": "envoy.api.v2.RouteDiscoveryService", // "V3": "envoy.service.route.v3.RouteDiscoveryService" // } // } // } // // And for "envoy.service.route.v3.RouteDiscoveryService": // { // "envoy.service.route.v3.RouteDiscoveryService": // "names_": { // "V2": "envoy.api.v2.RouteDiscoveryService", // "V3": "envoy.service.route.v3.RouteDiscoveryService" // } // } // } using ServiceVersionInfoMap = absl::flat_hash_map; // This creates a ServiceVersionInfoMap, with service name (For example: // "envoy.api.v2.RouteDiscoveryService") as the key. ServiceVersionInfoMap createServiceVersionInfoMap(absl::string_view service_name, const std::array& versioned_service_names) { const auto key = static_cast(service_name); return ServiceVersionInfoMap{{ // ServiceName as the key. key, // ServiceVersionInfo as the value. ServiceVersionInfo{{ {envoy::config::core::v3::ApiVersion::V2, versioned_service_names[0]}, {envoy::config::core::v3::ApiVersion::V3, versioned_service_names[1]}, }}, }}; } // A resource type URL. For example: "type.googleapis.com/envoy.api.v2.RouteConfiguration". using TypeUrl = std::string; TypeUrl getResourceTypeUrl(absl::string_view service_name) { const auto* service_desc = Protobuf::DescriptorPool::generated_pool()->FindServiceByName( static_cast(service_name)); ASSERT(service_desc != nullptr, fmt::format("{} missing", service_name)); ASSERT(service_desc->options().HasExtension(envoy::annotations::resource)); return Grpc::Common::typeUrl( service_desc->options().GetExtension(envoy::annotations::resource).type()); } // A method name, e.g. "envoy.api.v2.RouteDiscoveryService.StreamRoutes". using MethodName = std::string; struct VersionedDiscoveryType { // A map of transport_api_version to discovery service RPC method fully qualified names. e.g. // { // "V2": "envoy.api.v2.RouteDiscoveryService.StreamRoutes", // "V3": "envoy.service.route.v3.RouteDiscoveryService.StreamRoutes" // } absl::flat_hash_map methods_; }; // This holds versioned discovery types. struct VersionedService { VersionedDiscoveryType sotw_grpc_; VersionedDiscoveryType delta_grpc_; VersionedDiscoveryType rest_; }; using TypeUrlToVersionedServiceMap = absl::flat_hash_map; // buildTypeUrlToServiceMap() builds a reverse map from a resource type URLs to a versioned service // (by transport_api_version). // // The way we build it is by firstly constructing a list of ServiceVersionInfoMap: // [ // { // "envoy.api.v2.RouteDiscoveryService": { // "names_": { // "V2": "envoy.api.v2.RouteDiscoveryService", // "V3": "envoy.service.route.v3.RouteDiscoveryService" // } // } // }, // { // "envoy.service.route.v3.RouteDiscoveryService": { // "names_": { // "V2": "envoy.api.v2.RouteDiscoveryService", // "V3": "envoy.service.route.v3.RouteDiscoveryService" // } // } // } // ... // ] // // Then we convert it into the following map, with the inferred resource type URL as the key: // // { // "type.googleapis.com/envoy.api.v2.RouteConfiguration": { // "sotw_grpc_": { // "methods_": { // "V2": "envoy.api.v2.RouteDiscoveryService.StreamRoutes", // "V3": "envoy.service.route.v3.RouteDiscoveryService.StreamRoutes" // } // }, // ... // }, // "type.googleapis.com/envoy.config.route.v3.RouteConfiguration": { // "sotw_grpc_": { // "methods_": { // "V2": "envoy.api.v2.RouteDiscoveryService.StreamRoutes", // "V3": "envoy.service.route.v3.RouteDiscoveryService.StreamRoutes" // } // }, // ... // } // } // TypeUrlToVersionedServiceMap* buildTypeUrlToServiceMap() { auto* type_url_to_versioned_service_map = new TypeUrlToVersionedServiceMap(); // This happens once in the lifetime of Envoy. We build a reverse map from resource type URL to // service methods (versioned by transport_api_version). We explicitly enumerate all services, // since DescriptorPool doesn't support iterating over all descriptors, due its lazy load design, // see https://www.mail-archive.com/protobuf@googlegroups.com/msg04540.html. for (const ServiceVersionInfoMap& registered : { SERVICE_VERSION_INFO("envoy.api.v2.RouteDiscoveryService", "envoy.service.route.v3.RouteDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.ScopedRoutesDiscoveryService", "envoy.service.route.v3.ScopedRoutesDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.ScopedRoutesDiscoveryService", "envoy.service.route.v3.ScopedRoutesDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.VirtualHostDiscoveryService", "envoy.service.route.v3.VirtualHostDiscoveryService"), SERVICE_VERSION_INFO("envoy.service.discovery.v2.SecretDiscoveryService", "envoy.service.secret.v3.SecretDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.ClusterDiscoveryService", "envoy.service.cluster.v3.ClusterDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.EndpointDiscoveryService", "envoy.service.endpoint.v3.EndpointDiscoveryService"), SERVICE_VERSION_INFO("envoy.api.v2.ListenerDiscoveryService", "envoy.service.listener.v3.ListenerDiscoveryService"), SERVICE_VERSION_INFO("envoy.service.discovery.v2.RuntimeDiscoveryService", "envoy.service.runtime.v3.RuntimeDiscoveryService"), ServiceVersionInfoMap{{ "envoy.service.extension.v3.ExtensionConfigDiscoveryService", ServiceVersionInfo{{ {envoy::config::core::v3::ApiVersion::V3, "envoy.service.extension.v3.ExtensionConfigDiscoveryService"}, }}, }}, }) { for (const auto& [registered_service_name, registered_service_info] : registered) { const TypeUrl resource_type_url = getResourceTypeUrl(registered_service_name); VersionedService& service = (*type_url_to_versioned_service_map)[resource_type_url]; for (const auto& [transport_api_version, service_name] : registered_service_info.names_) { const auto* service_desc = Protobuf::DescriptorPool::generated_pool()->FindServiceByName(service_name); ASSERT(service_desc != nullptr, fmt::format("{} missing", service_name)); ASSERT(service_desc->options().HasExtension(envoy::annotations::resource)); // We populate the service methods that are known below, but it's possible that some // services don't implement all, e.g. VHDS doesn't support SotW or REST. for (int method_index = 0; method_index < service_desc->method_count(); ++method_index) { const auto& method_desc = *service_desc->method(method_index); if (absl::StartsWith(method_desc.name(), "Stream")) { service.sotw_grpc_.methods_[transport_api_version] = method_desc.full_name(); } else if (absl::StartsWith(method_desc.name(), "Delta")) { service.delta_grpc_.methods_[transport_api_version] = method_desc.full_name(); } else if (absl::StartsWith(method_desc.name(), "Fetch")) { service.rest_.methods_[transport_api_version] = method_desc.full_name(); } else { ASSERT(false, "Unknown xDS service method"); } } } } } return type_url_to_versioned_service_map; } TypeUrlToVersionedServiceMap& typeUrlToVersionedServiceMap() { static TypeUrlToVersionedServiceMap* type_url_to_versioned_service_map = buildTypeUrlToServiceMap(); return *type_url_to_versioned_service_map; } envoy::config::core::v3::ApiVersion effectiveTransportApiVersion(envoy::config::core::v3::ApiVersion transport_api_version) { // By default (when the transport_api_version is "AUTO"), the effective transport_api_version is // envoy::config::core::v3::ApiVersion::V2. if (transport_api_version == envoy::config::core::v3::ApiVersion::AUTO) { return envoy::config::core::v3::ApiVersion::V2; } return transport_api_version; } } // namespace const Protobuf::MethodDescriptor& deltaGrpcMethod(absl::string_view type_url, envoy::config::core::v3::ApiVersion transport_api_version) { const auto it = typeUrlToVersionedServiceMap().find(static_cast(type_url)); ASSERT(it != typeUrlToVersionedServiceMap().cend()); return *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( it->second.delta_grpc_.methods_[effectiveTransportApiVersion(transport_api_version)]); } const Protobuf::MethodDescriptor& sotwGrpcMethod(absl::string_view type_url, envoy::config::core::v3::ApiVersion transport_api_version) { const auto it = typeUrlToVersionedServiceMap().find(static_cast(type_url)); ASSERT(it != typeUrlToVersionedServiceMap().cend()); return *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( it->second.sotw_grpc_.methods_[effectiveTransportApiVersion(transport_api_version)]); } const Protobuf::MethodDescriptor& restMethod(absl::string_view type_url, envoy::config::core::v3::ApiVersion transport_api_version) { const auto it = typeUrlToVersionedServiceMap().find(static_cast(type_url)); ASSERT(it != typeUrlToVersionedServiceMap().cend()); return *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( it->second.rest_.methods_[effectiveTransportApiVersion(transport_api_version)]); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/type_to_endpoint.h ================================================ #pragma once #include "envoy/config/core/v3/config_source.pb.h" #include "common/protobuf/protobuf.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Config { // Translates an xDS resource type_url to the name of the delta gRPC service that carries it. const Protobuf::MethodDescriptor& deltaGrpcMethod(absl::string_view resource_type_url, envoy::config::core::v3::ApiVersion transport_api_version); // Translates an xDS resource type_url to the name of the state-of-the-world gRPC service that // carries it. const Protobuf::MethodDescriptor& sotwGrpcMethod(absl::string_view resource_type_url, envoy::config::core::v3::ApiVersion transport_api_version); // Translates an xDS resource type_url to the name of the REST service that carries it. const Protobuf::MethodDescriptor& restMethod(absl::string_view resource_type_url, envoy::config::core::v3::ApiVersion transport_api_version); } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/udpa_context_params.cc ================================================ #include "common/config/udpa_context_params.h" #include "common/common/macros.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Config { namespace { using RenderContextParamCb = std::function; using NodeContextRenderers = absl::flat_hash_map; RenderContextParamCb directStringFieldRenderer(const std::string& field) { return [field](const envoy::config::core::v3::Node& node) -> std::string { return MessageUtil::getStringField(node, field); }; } RenderContextParamCb localityStringFieldRenderer(const std::string& field) { return [field](const envoy::config::core::v3::Node& node) -> std::string { return MessageUtil::getStringField(node.locality(), field); }; } std::string buildSemanticVersionRenderer(const envoy::config::core::v3::Node& node) { const auto& semver = node.user_agent_build_version().version(); return fmt::format("{}.{}.{}", semver.major_number(), semver.minor_number(), semver.patch()); } const NodeContextRenderers& nodeParamCbs() { CONSTRUCT_ON_FIRST_USE(NodeContextRenderers, {"id", directStringFieldRenderer("id")}, {"cluster", directStringFieldRenderer("cluster")}, {"user_agent_name", directStringFieldRenderer("user_agent_name")}, {"user_agent_version", directStringFieldRenderer("user_agent_version")}, {"locality.region", localityStringFieldRenderer("region")}, {"locality.zone", localityStringFieldRenderer("zone")}, {"locality.sub_zone", localityStringFieldRenderer("sub_zone")}, {"user_agent_build_version.version", buildSemanticVersionRenderer}); } void mergeMetadataJson(Protobuf::Map& params, const ProtobufWkt::Struct& metadata, const std::string& prefix) { for (const auto& it : metadata.fields()) { params[prefix + it.first] = MessageUtil::getJsonStringFromMessage(it.second); } } } // namespace udpa::core::v1::ContextParams UdpaContextParams::encode( const envoy::config::core::v3::Node& node, const std::vector& node_context_params, const udpa::core::v1::ContextParams& resource_context_params, const std::vector& client_features, const absl::flat_hash_map& extra_resource_params) { udpa::core::v1::ContextParams context_params; auto& mutable_params = *context_params.mutable_params(); // 1. Establish base layer of per-node context parameters. for (const std::string& ncp : node_context_params) { // First attempt field accessors known ahead of time, if that fails we consider the cases of // metadata, either directly in the Node message, or nested in the user_agent_build_version. if (nodeParamCbs().count(ncp) > 0) { mutable_params["udpa.node." + ncp] = nodeParamCbs().at(ncp)(node); } else if (ncp == "metadata") { mergeMetadataJson(mutable_params, node.metadata(), "udpa.node.metadata."); } else if (ncp == "user_agent_build_version.metadata") { mergeMetadataJson(mutable_params, node.user_agent_build_version().metadata(), "udpa.node.user_agent_build_version.metadata."); } } // 2. Overlay with context parameters from resource name. for (const auto& it : resource_context_params.params()) { mutable_params[it.first] = it.second; } // 3. Overlay with per-resource type context parameters. for (const std::string& cf : client_features) { mutable_params["udpa.client_feature." + cf] = "true"; } // 4. Overlay with per-resource well-known attributes. for (const auto& it : extra_resource_params) { mutable_params["udpa.resource." + it.first] = it.second; } return context_params; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/udpa_context_params.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "absl/container/flat_hash_map.h" #include "udpa/core/v1/context_params.pb.h" namespace Envoy { namespace Config { // Utilities for working with context parameters. class UdpaContextParams { public: /** * Encode context parameters by following the xDS transport precedence algorithm and applying * parameter prefixes. * @param node reference to the local Node information. * @param node_context_params a list of node fields to include in context parameters. * @param resource_context_params context parameters from resource locator. * @param client_features client feature capabilities. * @param extra_resource_param per-resource type well known attributes. * @return udpa::core::v1::ContextParams encoded context parameters. */ static udpa::core::v1::ContextParams encode(const envoy::config::core::v3::Node& node, const std::vector& node_context_params, const udpa::core::v1::ContextParams& resource_context_params, const std::vector& client_features, const absl::flat_hash_map& extra_resource_params); }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/udpa_resource.cc ================================================ #include "common/config/udpa_resource.h" #include #include "common/common/fmt.h" #include "common/http/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" // TODO(htuch): This file has a bunch of ad hoc URI encoding/decoding based on Envoy's HTTP util // functions. Once https://github.com/envoyproxy/envoy/issues/6588 lands, we can replace with GURL. namespace Envoy { namespace Config { using PercentEncoding = Http::Utility::PercentEncoding; namespace { // We need to percent-encode authority, id, path and query params. Resource types should not have // reserved characters. std::string encodeAuthority(const std::string& authority) { return PercentEncoding::encode(authority, "%/?#"); } std::string encodeIdPath(const Protobuf::RepeatedPtrField& id) { std::vector path_components; for (const auto& id_component : id) { path_components.emplace_back(PercentEncoding::encode(id_component, "%:/?#[]")); } const std::string path = absl::StrJoin(path_components, "/"); return path.empty() ? "" : absl::StrCat("/", path); } std::string encodeContextParams(const udpa::core::v1::ContextParams& context_params, bool sort_context_params) { std::vector query_param_components; for (const auto& context_param : context_params.params()) { query_param_components.emplace_back( absl::StrCat(PercentEncoding::encode(context_param.first, "%#[]&="), "=", PercentEncoding::encode(context_param.second, "%#[]&="))); } if (sort_context_params) { std::sort(query_param_components.begin(), query_param_components.end()); } return query_param_components.empty() ? "" : "?" + absl::StrJoin(query_param_components, "&"); } std::string encodeDirectives( const Protobuf::RepeatedPtrField& directives) { std::vector fragment_components; const std::string DirectiveEscapeChars = "%#[],"; for (const auto& directive : directives) { switch (directive.directive_case()) { case udpa::core::v1::ResourceLocator::Directive::DirectiveCase::kAlt: fragment_components.emplace_back(absl::StrCat( "alt=", PercentEncoding::encode(UdpaResourceIdentifier::encodeUrl(directive.alt()), DirectiveEscapeChars))); break; case udpa::core::v1::ResourceLocator::Directive::DirectiveCase::kEntry: fragment_components.emplace_back( absl::StrCat("entry=", PercentEncoding::encode(directive.entry(), DirectiveEscapeChars))); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } return fragment_components.empty() ? "" : "#" + absl::StrJoin(fragment_components, ","); } } // namespace std::string UdpaResourceIdentifier::encodeUrn(const udpa::core::v1::ResourceName& resource_name, const EncodeOptions& options) { const std::string authority = encodeAuthority(resource_name.authority()); const std::string id_path = encodeIdPath(resource_name.id()); const std::string query_params = encodeContextParams(resource_name.context(), options.sort_context_params_); return absl::StrCat("udpa://", authority, "/", resource_name.resource_type(), id_path, query_params); } std::string UdpaResourceIdentifier::encodeUrl(const udpa::core::v1::ResourceLocator& resource_locator, const EncodeOptions& options) { const std::string id_path = encodeIdPath(resource_locator.id()); const std::string fragment = encodeDirectives(resource_locator.directives()); std::string scheme = "udpa:"; switch (resource_locator.scheme()) { case udpa::core::v1::ResourceLocator::HTTP: scheme = "http:"; FALLTHRU; case udpa::core::v1::ResourceLocator::UDPA: { const std::string authority = encodeAuthority(resource_locator.authority()); const std::string query_params = encodeContextParams(resource_locator.exact_context(), options.sort_context_params_); return absl::StrCat(scheme, "//", authority, "/", resource_locator.resource_type(), id_path, query_params, fragment); } case udpa::core::v1::ResourceLocator::FILE: { return absl::StrCat("file://", id_path, fragment); } default: NOT_REACHED_GCOVR_EXCL_LINE; } } namespace { void decodePath(absl::string_view path, std::string* resource_type, Protobuf::RepeatedPtrField& id) { // This is guaranteed by Http::Utility::extractHostPathFromUrn. ASSERT(absl::StartsWith(path, "/")); const std::vector path_components = absl::StrSplit(path.substr(1), '/'); auto id_it = path_components.cbegin(); if (resource_type != nullptr) { *resource_type = std::string(path_components[0]); if (resource_type->empty()) { throw UdpaResourceIdentifier::DecodeException( fmt::format("Resource type missing from {}", path)); } id_it = std::next(id_it); } for (; id_it != path_components.cend(); id_it++) { *id.Add() = PercentEncoding::decode(*id_it); } } void decodeQueryParams(absl::string_view query_params, udpa::core::v1::ContextParams& context_params) { Http::Utility::QueryParams query_params_components = Http::Utility::parseQueryString(query_params); for (const auto& it : query_params_components) { (*context_params.mutable_params())[PercentEncoding::decode(it.first)] = PercentEncoding::decode(it.second); } } void decodeFragment( absl::string_view fragment, Protobuf::RepeatedPtrField& directives) { const std::vector fragment_components = absl::StrSplit(fragment, ','); for (const absl::string_view& fragment_component : fragment_components) { if (absl::StartsWith(fragment_component, "alt=")) { directives.Add()->mutable_alt()->MergeFrom( UdpaResourceIdentifier::decodeUrl(PercentEncoding::decode(fragment_component.substr(4)))); } else if (absl::StartsWith(fragment_component, "entry=")) { directives.Add()->set_entry(PercentEncoding::decode(fragment_component.substr(6))); } else { throw UdpaResourceIdentifier::DecodeException( fmt::format("Unknown fragment component {}", fragment_component)); ; } } } } // namespace udpa::core::v1::ResourceName UdpaResourceIdentifier::decodeUrn(absl::string_view resource_urn) { if (!absl::StartsWith(resource_urn, "udpa:")) { throw UdpaResourceIdentifier::DecodeException( fmt::format("{} does not have an udpa: scheme", resource_urn)); } absl::string_view host, path; Http::Utility::extractHostPathFromUri(resource_urn, host, path); udpa::core::v1::ResourceName decoded_resource_name; decoded_resource_name.set_authority(PercentEncoding::decode(host)); const size_t query_params_start = path.find('?'); if (query_params_start != absl::string_view::npos) { decodeQueryParams(path.substr(query_params_start), *decoded_resource_name.mutable_context()); path = path.substr(0, query_params_start); } decodePath(path, decoded_resource_name.mutable_resource_type(), *decoded_resource_name.mutable_id()); return decoded_resource_name; } udpa::core::v1::ResourceLocator UdpaResourceIdentifier::decodeUrl(absl::string_view resource_url) { absl::string_view host, path; Http::Utility::extractHostPathFromUri(resource_url, host, path); udpa::core::v1::ResourceLocator decoded_resource_locator; const size_t fragment_start = path.find('#'); if (fragment_start != absl::string_view::npos) { decodeFragment(path.substr(fragment_start + 1), *decoded_resource_locator.mutable_directives()); path = path.substr(0, fragment_start); } if (absl::StartsWith(resource_url, "udpa:")) { decoded_resource_locator.set_scheme(udpa::core::v1::ResourceLocator::UDPA); } else if (absl::StartsWith(resource_url, "http:")) { decoded_resource_locator.set_scheme(udpa::core::v1::ResourceLocator::HTTP); } else if (absl::StartsWith(resource_url, "file:")) { decoded_resource_locator.set_scheme(udpa::core::v1::ResourceLocator::FILE); // File URLs only have a path and fragment. decodePath(path, nullptr, *decoded_resource_locator.mutable_id()); return decoded_resource_locator; } else { throw UdpaResourceIdentifier::DecodeException( fmt::format("{} does not have a udpa:, http: or file: scheme", resource_url)); } decoded_resource_locator.set_authority(PercentEncoding::decode(host)); const size_t query_params_start = path.find('?'); if (query_params_start != absl::string_view::npos) { decodeQueryParams(path.substr(query_params_start), *decoded_resource_locator.mutable_exact_context()); path = path.substr(0, query_params_start); } decodePath(path, decoded_resource_locator.mutable_resource_type(), *decoded_resource_locator.mutable_id()); return decoded_resource_locator; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/udpa_resource.h ================================================ #pragma once #include "envoy/common/exception.h" #include "absl/strings/string_view.h" #include "udpa/core/v1/resource_locator.pb.h" #include "udpa/core/v1/resource_name.pb.h" namespace Envoy { namespace Config { // Utilities for URI encoding/decoding of udpa::core::v1::Resource{Name,Locator}. class UdpaResourceIdentifier { public: // Options for encoded URIs. struct EncodeOptions { // Should the context params be sorted by key? This provides deterministic encoding. bool sort_context_params_{}; }; /** * Encode a udpa::core::v1::ResourceName message as a udpa:// URN string. * * @param resource_name resource name message. * @param options encoding options. * @return std::string udpa:// URN for resource_name. */ static std::string encodeUrn(const udpa::core::v1::ResourceName& resource_name, const EncodeOptions& options); static std::string encodeUrn(const udpa::core::v1::ResourceName& resource_name) { return encodeUrn(resource_name, {}); } /** * Encode a udpa::core::v1::ResourceLocator message as a udpa:// URL string. * * @param resource_name resource name message. * @param options encoding options. * @return std::string udpa:// URL for resource_name. */ static std::string encodeUrl(const udpa::core::v1::ResourceLocator& resource_locator, const EncodeOptions& options); static std::string encodeUrl(const udpa::core::v1::ResourceLocator& resource_locator) { return encodeUrl(resource_locator, {}); } // Thrown when an exception occurs during URI decoding. class DecodeException : public EnvoyException { public: DecodeException(const std::string& what) : EnvoyException(what) {} }; /** * Decode a udpa:// URN string to a udpa::core::v1::ResourceName. * * @param resource_urn udpa:// resource URN. * @return udpa::core::v1::ResourceName resource name message for resource_urn. * @throws DecodeException when parsing fails. */ static udpa::core::v1::ResourceName decodeUrn(absl::string_view resource_urn); /** * Decode a udpa:// URL string to a udpa::core::v1::ResourceLocator. * * @param resource_url udpa:// resource URL. * @return udpa::core::v1::ResourceLocator resource name message for resource_url. * @throws DecodeException when parsing fails. */ static udpa::core::v1::ResourceLocator decodeUrl(absl::string_view resource_url); }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/update_ack.h ================================================ #pragma once #include #include "absl/strings/string_view.h" #include "google/rpc/status.pb.h" namespace Envoy { namespace Config { struct UpdateAck { UpdateAck(absl::string_view nonce, absl::string_view type_url) : nonce_(nonce), type_url_(type_url) {} const std::string nonce_; const std::string type_url_; ::google::rpc::Status error_detail_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/utility.cc ================================================ #include "common/config/utility.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/common/utility.h" #include "common/config/api_type_oracle.h" #include "common/config/version_converter.h" #include "common/config/well_known_names.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/stats/histogram_impl.h" #include "common/stats/stats_matcher_impl.h" #include "common/stats/tag_producer_impl.h" namespace Envoy { namespace Config { std::string Utility::truncateGrpcStatusMessage(absl::string_view error_message) { // GRPC sends error message via trailers, which by default has a 8KB size limit(see // https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#requests). Truncates the // error message if it's too long. constexpr uint32_t kProtobufErrMsgLen = 4096; return fmt::format("{}{}", error_message.substr(0, kProtobufErrMsgLen), error_message.length() > kProtobufErrMsgLen ? "...(truncated)" : ""); } void Utility::translateApiConfigSource( const std::string& cluster, uint32_t refresh_delay_ms, const std::string& api_type, envoy::config::core::v3::ApiConfigSource& api_config_source) { // TODO(junr03): document the option to chose an api type once we have created // stronger constraints around v2. if (api_type == ApiType::get().Grpc) { api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); envoy::config::core::v3::GrpcService* grpc_service = api_config_source.add_grpc_services(); grpc_service->mutable_envoy_grpc()->set_cluster_name(cluster); } else { if (api_type == ApiType::get().UnsupportedRestLegacy) { api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource:: hidden_envoy_deprecated_UNSUPPORTED_REST_LEGACY); } else if (api_type == ApiType::get().Rest) { api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::REST); } api_config_source.add_cluster_names(cluster); } api_config_source.mutable_refresh_delay()->CopyFrom( Protobuf::util::TimeUtil::MillisecondsToDuration(refresh_delay_ms)); } void Utility::checkCluster(absl::string_view error_prefix, absl::string_view cluster_name, Upstream::ClusterManager& cm, bool allow_added_via_api) { Upstream::ThreadLocalCluster* cluster = cm.get(cluster_name); if (cluster == nullptr) { throw EnvoyException(fmt::format("{}: unknown cluster '{}'", error_prefix, cluster_name)); } if (!allow_added_via_api && cluster->info()->addedViaApi()) { throw EnvoyException(fmt::format( "{}: invalid cluster '{}': currently only static (non-CDS) clusters are supported", error_prefix, cluster_name)); } } void Utility::checkClusterAndLocalInfo(absl::string_view error_prefix, absl::string_view cluster_name, Upstream::ClusterManager& cm, const LocalInfo::LocalInfo& local_info) { checkCluster(error_prefix, cluster_name, cm); checkLocalInfo(error_prefix, local_info); } void Utility::checkLocalInfo(absl::string_view error_prefix, const LocalInfo::LocalInfo& local_info) { if (local_info.clusterName().empty() || local_info.nodeName().empty()) { throw EnvoyException( fmt::format("{}: node 'id' and 'cluster' are required. Set it either in 'node' config or " "via --service-node and --service-cluster options.", error_prefix, local_info.node().DebugString())); } } void Utility::checkFilesystemSubscriptionBackingPath(const std::string& path, Api::Api& api) { // TODO(junr03): the file might be deleted between this check and the // watch addition. if (!api.fileSystem().fileExists(path)) { throw EnvoyException(fmt::format( "envoy::api::v2::Path must refer to an existing path in the system: '{}' does not exist", path)); } } void Utility::checkApiConfigSourceNames( const envoy::config::core::v3::ApiConfigSource& api_config_source) { const bool is_grpc = (api_config_source.api_type() == envoy::config::core::v3::ApiConfigSource::GRPC || api_config_source.api_type() == envoy::config::core::v3::ApiConfigSource::DELTA_GRPC); if (api_config_source.cluster_names().empty() && api_config_source.grpc_services().empty()) { throw EnvoyException( fmt::format("API configs must have either a gRPC service or a cluster name defined: {}", api_config_source.DebugString())); } if (is_grpc) { if (!api_config_source.cluster_names().empty()) { throw EnvoyException( fmt::format("{}::(DELTA_)GRPC must not have a cluster name specified: {}", api_config_source.GetTypeName(), api_config_source.DebugString())); } if (api_config_source.grpc_services().size() > 1) { throw EnvoyException( fmt::format("{}::(DELTA_)GRPC must have a single gRPC service specified: {}", api_config_source.GetTypeName(), api_config_source.DebugString())); } } else { if (!api_config_source.grpc_services().empty()) { throw EnvoyException( fmt::format("{}, if not a gRPC type, must not have a gRPC service specified: {}", api_config_source.GetTypeName(), api_config_source.DebugString())); } if (api_config_source.cluster_names().size() != 1) { throw EnvoyException(fmt::format("{} must have a singleton cluster name specified: {}", api_config_source.GetTypeName(), api_config_source.DebugString())); } } } void Utility::validateClusterName(const Upstream::ClusterManager::ClusterSet& primary_clusters, const std::string& cluster_name, const std::string& config_source) { const auto& it = primary_clusters.find(cluster_name); if (it == primary_clusters.end()) { throw EnvoyException(fmt::format("{} must have a statically defined non-EDS cluster: '{}' does " "not exist, was added via api, or is an EDS cluster", config_source, cluster_name)); } } void Utility::checkApiConfigSourceSubscriptionBackingCluster( const Upstream::ClusterManager::ClusterSet& primary_clusters, const envoy::config::core::v3::ApiConfigSource& api_config_source) { Utility::checkApiConfigSourceNames(api_config_source); const bool is_grpc = (api_config_source.api_type() == envoy::config::core::v3::ApiConfigSource::GRPC); if (!api_config_source.cluster_names().empty()) { // All API configs of type REST and UNSUPPORTED_REST_LEGACY should have cluster names. // Additionally, some gRPC API configs might have a cluster name set instead // of an envoy gRPC. Utility::validateClusterName(primary_clusters, api_config_source.cluster_names()[0], api_config_source.GetTypeName()); } else if (is_grpc) { // Some ApiConfigSources of type GRPC won't have a cluster name, such as if // they've been configured with google_grpc. if (api_config_source.grpc_services()[0].has_envoy_grpc()) { // If an Envoy gRPC exists, we take its cluster name. Utility::validateClusterName(primary_clusters, api_config_source.grpc_services()[0].envoy_grpc().cluster_name(), api_config_source.GetTypeName()); } } // Otherwise, there is no cluster name to validate. } std::chrono::milliseconds Utility::apiConfigSourceRefreshDelay( const envoy::config::core::v3::ApiConfigSource& api_config_source) { if (!api_config_source.has_refresh_delay()) { throw EnvoyException("refresh_delay is required for REST API configuration sources"); } return std::chrono::milliseconds( DurationUtil::durationToMilliseconds(api_config_source.refresh_delay())); } std::chrono::milliseconds Utility::apiConfigSourceRequestTimeout( const envoy::config::core::v3::ApiConfigSource& api_config_source) { return std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(api_config_source, request_timeout, 1000)); } std::chrono::milliseconds Utility::configSourceInitialFetchTimeout( const envoy::config::core::v3::ConfigSource& config_source) { return std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(config_source, initial_fetch_timeout, 15000)); } RateLimitSettings Utility::parseRateLimitSettings(const envoy::config::core::v3::ApiConfigSource& api_config_source) { RateLimitSettings rate_limit_settings; if (api_config_source.has_rate_limit_settings()) { rate_limit_settings.enabled_ = true; rate_limit_settings.max_tokens_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(api_config_source.rate_limit_settings(), max_tokens, Envoy::Config::RateLimitSettings::DefaultMaxTokens); rate_limit_settings.fill_rate_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(api_config_source.rate_limit_settings(), fill_rate, Envoy::Config::RateLimitSettings::DefaultFillRate); } return rate_limit_settings; } Stats::TagProducerPtr Utility::createTagProducer(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { return std::make_unique(bootstrap.stats_config()); } Stats::StatsMatcherPtr Utility::createStatsMatcher(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { return std::make_unique(bootstrap.stats_config()); } Stats::HistogramSettingsConstPtr Utility::createHistogramSettings(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { return std::make_unique(bootstrap.stats_config()); } Grpc::AsyncClientFactoryPtr Utility::factoryForGrpcApiConfigSource( Grpc::AsyncClientManager& async_client_manager, const envoy::config::core::v3::ApiConfigSource& api_config_source, Stats::Scope& scope, bool skip_cluster_check) { Utility::checkApiConfigSourceNames(api_config_source); if (api_config_source.api_type() != envoy::config::core::v3::ApiConfigSource::GRPC && api_config_source.api_type() != envoy::config::core::v3::ApiConfigSource::DELTA_GRPC) { throw EnvoyException(fmt::format("{} type must be gRPC: {}", api_config_source.GetTypeName(), api_config_source.DebugString())); } envoy::config::core::v3::GrpcService grpc_service; grpc_service.MergeFrom(api_config_source.grpc_services(0)); return async_client_manager.factoryForGrpcService(grpc_service, scope, skip_cluster_check); } envoy::config::endpoint::v3::ClusterLoadAssignment Utility::translateClusterHosts( const Protobuf::RepeatedPtrField& hosts) { envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; envoy::config::endpoint::v3::LocalityLbEndpoints* locality_lb_endpoints = load_assignment.add_endpoints(); // Since this LocalityLbEndpoints is built from hosts list, set the default weight to 1. locality_lb_endpoints->mutable_load_balancing_weight()->set_value(1); for (const envoy::config::core::v3::Address& host : hosts) { envoy::config::endpoint::v3::LbEndpoint* lb_endpoint = locality_lb_endpoints->add_lb_endpoints(); lb_endpoint->mutable_endpoint()->mutable_address()->MergeFrom(host); lb_endpoint->mutable_load_balancing_weight()->set_value(1); } return load_assignment; } void Utility::translateOpaqueConfig(const ProtobufWkt::Any& typed_config, const ProtobufWkt::Struct& config, ProtobufMessage::ValidationVisitor& validation_visitor, Protobuf::Message& out_proto) { static const std::string struct_type = ProtobufWkt::Struct::default_instance().GetDescriptor()->full_name(); static const std::string typed_struct_type = udpa::type::v1::TypedStruct::default_instance().GetDescriptor()->full_name(); if (!typed_config.value().empty()) { // Unpack methods will only use the fully qualified type name after the last '/'. // https://github.com/protocolbuffers/protobuf/blob/3.6.x/src/google/protobuf/any.proto#L87 absl::string_view type = TypeUtil::typeUrlToDescriptorFullName(typed_config.type_url()); if (type == typed_struct_type) { udpa::type::v1::TypedStruct typed_struct; MessageUtil::unpackTo(typed_config, typed_struct); // if out_proto is expecting Struct, return directly if (out_proto.GetDescriptor()->full_name() == struct_type) { out_proto.CopyFrom(typed_struct.value()); } else { // The typed struct might match out_proto, or some earlier version, let // MessageUtil::jsonConvert sort this out. MessageUtil::jsonConvert(typed_struct.value(), validation_visitor, out_proto); } } // out_proto is expecting Struct, unpack directly else if (type != struct_type || out_proto.GetDescriptor()->full_name() == struct_type) { MessageUtil::unpackTo(typed_config, out_proto); } else { ProtobufWkt::Struct struct_config; MessageUtil::unpackTo(typed_config, struct_config); MessageUtil::jsonConvert(struct_config, validation_visitor, out_proto); } } if (!config.fields().empty()) { MessageUtil::jsonConvert(config, validation_visitor, out_proto); } } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/utility.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/grpc_mux.h" #include "envoy/config/subscription.h" #include "envoy/local_info/local_info.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "envoy/stats/histogram.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_matcher.h" #include "envoy/stats/tag_producer.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/backoff_strategy.h" #include "common/common/hash.h" #include "common/common/hex.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "udpa/type/v1/typed_struct.pb.h" namespace Envoy { namespace Config { /** * Constant Api Type Values, used by envoy::config::core::v3::ApiConfigSource. */ class ApiTypeValues { public: const std::string UnsupportedRestLegacy{"REST_LEGACY"}; const std::string Rest{"REST"}; const std::string Grpc{"GRPC"}; }; /** * RateLimitSettings for discovery requests. */ struct RateLimitSettings { // Default Max Tokens. static const uint32_t DefaultMaxTokens = 100; // Default Fill Rate. static constexpr double DefaultFillRate = 10; uint32_t max_tokens_{DefaultMaxTokens}; double fill_rate_{DefaultFillRate}; bool enabled_{false}; }; using ApiType = ConstSingleton; /** * General config API utilities. */ class Utility { public: /** * Legacy APIs uses JSON and do not have an explicit version. * @param input the input to hash. * @return std::pair the string is the hash converted into * a hex string, pre-pended by a user friendly prefix. The uint64_t is the * raw hash. */ static std::pair computeHashedVersion(const std::string& input) { uint64_t hash = HashUtil::xxHash64(input); return std::make_pair("hash_" + Hex::uint64ToHex(hash), hash); } /** * Extract refresh_delay as a std::chrono::milliseconds from * envoy::config::core::v3::ApiConfigSource. */ static std::chrono::milliseconds apiConfigSourceRefreshDelay(const envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Extract request_timeout as a std::chrono::milliseconds from * envoy::config::core::v3::ApiConfigSource. If request_timeout isn't set in the config source, a * default value of 1s will be returned. */ static std::chrono::milliseconds apiConfigSourceRequestTimeout(const envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Extract initial_fetch_timeout as a std::chrono::milliseconds from * envoy::config::core::v3::ApiConfigSource. If request_timeout isn't set in the config source, a * default value of 0s will be returned. */ static std::chrono::milliseconds configSourceInitialFetchTimeout(const envoy::config::core::v3::ConfigSource& config_source); /** * Populate an envoy::config::core::v3::ApiConfigSource. * @param cluster supplies the cluster name for the ApiConfigSource. * @param refresh_delay_ms supplies the refresh delay for the ApiConfigSource in ms. * @param api_type supplies the type of subscription to use for the ApiConfigSource. * @param api_config_source a reference to the envoy::config::core::v3::ApiConfigSource object to * populate. */ static void translateApiConfigSource(const std::string& cluster, uint32_t refresh_delay_ms, const std::string& api_type, envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Check cluster info for API config sanity. Throws on error. * @param error_prefix supplies the prefix to use in error messages. * @param cluster_name supplies the cluster name to check. * @param cm supplies the cluster manager. * @param allow_added_via_api indicates whether a cluster is allowed to be added via api * rather than be a static resource from the bootstrap config. */ static void checkCluster(absl::string_view error_prefix, absl::string_view cluster_name, Upstream::ClusterManager& cm, bool allow_added_via_api = false); /** * Check cluster/local info for API config sanity. Throws on error. * @param error_prefix supplies the prefix to use in error messages. * @param cluster_name supplies the cluster name to check. * @param cm supplies the cluster manager. * @param local_info supplies the local info. */ static void checkClusterAndLocalInfo(absl::string_view error_prefix, absl::string_view cluster_name, Upstream::ClusterManager& cm, const LocalInfo::LocalInfo& local_info); /** * Check local info for API config sanity. Throws on error. * @param error_prefix supplies the prefix to use in error messages. * @param local_info supplies the local info. */ static void checkLocalInfo(absl::string_view error_prefix, const LocalInfo::LocalInfo& local_info); /** * Check the existence of a path for a filesystem subscription. Throws on error. * @param path the path to validate. * @param api reference to the Api object */ static void checkFilesystemSubscriptionBackingPath(const std::string& path, Api::Api& api); /** * Check the grpc_services and cluster_names for API config sanity. Throws on error. * @param api_config_source the config source to validate. * @throws EnvoyException when an API config has the wrong number of gRPC * services or cluster names, depending on expectations set by its API type. */ static void checkApiConfigSourceNames(const envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Check the validity of a cluster backing an api config source. Throws on error. * @param primary_clusters the API config source eligible clusters. * @param cluster_name the cluster name to validate. * @param config_source the config source typed name. * @throws EnvoyException when an API config doesn't have a statically defined non-EDS cluster. */ static void validateClusterName(const Upstream::ClusterManager::ClusterSet& primary_clusters, const std::string& cluster_name, const std::string& config_source); /** * Potentially calls Utility::validateClusterName, if a cluster name can be found. * @param primary_clusters the API config source eligible clusters. * @param api_config_source the config source to validate. * @throws EnvoyException when an API config doesn't have a statically defined non-EDS cluster. */ static void checkApiConfigSourceSubscriptionBackingCluster( const Upstream::ClusterManager::ClusterSet& primary_clusters, const envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Parses RateLimit configuration from envoy::config::core::v3::ApiConfigSource to * RateLimitSettings. * @param api_config_source ApiConfigSource. * @return RateLimitSettings. */ static RateLimitSettings parseRateLimitSettings(const envoy::config::core::v3::ApiConfigSource& api_config_source); /** * Generate a ControlPlaneStats object from stats scope. * @param scope for stats. * @return ControlPlaneStats for scope. */ static ControlPlaneStats generateControlPlaneStats(Stats::Scope& scope) { const std::string control_plane_prefix = "control_plane."; return {ALL_CONTROL_PLANE_STATS(POOL_COUNTER_PREFIX(scope, control_plane_prefix), POOL_GAUGE_PREFIX(scope, control_plane_prefix), POOL_TEXT_READOUT_PREFIX(scope, control_plane_prefix))}; } /** * Generate a SubscriptionStats object from stats scope. * @param scope for stats. * @return SubscriptionStats for scope. */ static SubscriptionStats generateStats(Stats::Scope& scope) { return { ALL_SUBSCRIPTION_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope), POOL_TEXT_READOUT(scope))}; } /** * Get a Factory from the registry with a particular name (and templated type) with error checking * to ensure the name and factory are valid. * @param name string identifier for the particular implementation. Note: this is a proto string * because it is assumed that this value will be pulled directly from the configuration proto. */ template static Factory& getAndCheckFactoryByName(const std::string& name) { if (name.empty()) { ExceptionUtil::throwEnvoyException("Provided name for static registration lookup was empty."); } Factory* factory = Registry::FactoryRegistry::getFactory(name); if (factory == nullptr) { ExceptionUtil::throwEnvoyException( fmt::format("Didn't find a registered implementation for name: '{}'", name)); } return *factory; } /** * Get a Factory from the registry with error checking to ensure the name and the factory are * valid. * @param message proto that contains fields 'name' and 'typed_config'. */ template static Factory& getAndCheckFactory(const ProtoMessage& message) { Factory* factory = Utility::getFactoryByType(message.typed_config()); if (factory != nullptr) { return *factory; } return Utility::getAndCheckFactoryByName(message.name()); } /** * Get type URL from a typed config. * @param typed_config for the extension config. */ static std::string getFactoryType(const ProtobufWkt::Any& typed_config) { static const std::string& typed_struct_type = udpa::type::v1::TypedStruct::default_instance().GetDescriptor()->full_name(); // Unpack methods will only use the fully qualified type name after the last '/'. // https://github.com/protocolbuffers/protobuf/blob/3.6.x/src/google/protobuf/any.proto#L87 auto type = std::string(TypeUtil::typeUrlToDescriptorFullName(typed_config.type_url())); if (type == typed_struct_type) { udpa::type::v1::TypedStruct typed_struct; MessageUtil::unpackTo(typed_config, typed_struct); // Not handling nested structs or typed structs in typed structs return std::string(TypeUtil::typeUrlToDescriptorFullName(typed_struct.type_url())); } return type; } /** * Get a Factory from the registry by type URL. * @param typed_config for the extension config. */ template static Factory* getFactoryByType(const ProtobufWkt::Any& typed_config) { if (typed_config.type_url().empty()) { return nullptr; } return Registry::FactoryRegistry::getFactoryByType(getFactoryType(typed_config)); } /** * Translate a nested config into a proto message provided by the implementation factory. * @param enclosing_message proto that contains a field 'config'. Note: the enclosing proto is * provided because for statically registered implementations, a custom config is generally * optional, which means the conversion must be done conditionally. * @param validation_visitor message validation visitor instance. * @param factory implementation factory with the method 'createEmptyConfigProto' to produce a * proto to be filled with the translated configuration. */ template static ProtobufTypes::MessagePtr translateToFactoryConfig(const ProtoMessage& enclosing_message, ProtobufMessage::ValidationVisitor& validation_visitor, Factory& factory) { ProtobufTypes::MessagePtr config = factory.createEmptyConfigProto(); // Fail in an obvious way if a plugin does not return a proto. RELEASE_ASSERT(config != nullptr, ""); // Check that the config type is not google.protobuf.Empty RELEASE_ASSERT(config->GetDescriptor()->full_name() != "google.protobuf.Empty", ""); translateOpaqueConfig(enclosing_message.typed_config(), enclosing_message.hidden_envoy_deprecated_config(), validation_visitor, *config); return config; } /** * Translate the typed any field into a proto message provided by the implementation factory. * @param typed_config typed configuration. * @param validation_visitor message validation visitor instance. * @param factory implementation factory with the method 'createEmptyConfigProto' to produce a * proto to be filled with the translated configuration. */ template static ProtobufTypes::MessagePtr translateAnyToFactoryConfig(const ProtobufWkt::Any& typed_config, ProtobufMessage::ValidationVisitor& validation_visitor, Factory& factory) { ProtobufTypes::MessagePtr config = factory.createEmptyConfigProto(); // Fail in an obvious way if a plugin does not return a proto. RELEASE_ASSERT(config != nullptr, ""); // Check that the config type is not google.protobuf.Empty RELEASE_ASSERT(config->GetDescriptor()->full_name() != "google.protobuf.Empty", ""); translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), validation_visitor, *config); return config; } /** * Truncates the message to a length less than default GRPC trailers size limit (by default 8KiB). */ static std::string truncateGrpcStatusMessage(absl::string_view error_message); /** * Create TagProducer instance. Check all tag names for conflicts to avoid * unexpected tag name overwriting. * @param bootstrap bootstrap proto. * @throws EnvoyException when the conflict of tag names is found. */ static Stats::TagProducerPtr createTagProducer(const envoy::config::bootstrap::v3::Bootstrap& bootstrap); /** * Create StatsMatcher instance. */ static Stats::StatsMatcherPtr createStatsMatcher(const envoy::config::bootstrap::v3::Bootstrap& bootstrap); /** * Create HistogramSettings instance. */ static Stats::HistogramSettingsConstPtr createHistogramSettings(const envoy::config::bootstrap::v3::Bootstrap& bootstrap); /** * Obtain gRPC async client factory from a envoy::config::core::v3::ApiConfigSource. * @param async_client_manager gRPC async client manager. * @param api_config_source envoy::config::core::v3::ApiConfigSource. Must have config type GRPC. * @param skip_cluster_check whether to skip cluster validation. * @return Grpc::AsyncClientFactoryPtr gRPC async client factory. */ static Grpc::AsyncClientFactoryPtr factoryForGrpcApiConfigSource(Grpc::AsyncClientManager& async_client_manager, const envoy::config::core::v3::ApiConfigSource& api_config_source, Stats::Scope& scope, bool skip_cluster_check); /** * Translate a set of cluster's hosts into a load assignment configuration. * @param hosts cluster's list of hosts. * @return envoy::config::endpoint::v3::ClusterLoadAssignment a load assignment configuration. */ static envoy::config::endpoint::v3::ClusterLoadAssignment translateClusterHosts(const Protobuf::RepeatedPtrField& hosts); /** * Translate opaque config from google.protobuf.Any or google.protobuf.Struct to defined proto * message. * @param typed_config opaque config packed in google.protobuf.Any * @param config the deprecated google.protobuf.Struct config, empty struct if doesn't exist. * @param validation_visitor message validation visitor instance. * @param out_proto the proto message instantiated by extensions */ static void translateOpaqueConfig(const ProtobufWkt::Any& typed_config, const ProtobufWkt::Struct& config, ProtobufMessage::ValidationVisitor& validation_visitor, Protobuf::Message& out_proto); /** * Verify that any filter designed to be terminal is configured to be terminal, and vice versa. * @param name the name of the filter. * @param filter_type the type of filter. * @param filter_chain_type the type of filter chain. * @param is_terminal_filter true if the filter is designed to be terminal. * @param last_filter_in_current_config true if the filter is last in the configuration. * @throws EnvoyException if there is a mismatch between design and configuration. */ static void validateTerminalFilters(const std::string& name, const std::string& filter_type, const char* filter_chain_type, bool is_terminal_filter, bool last_filter_in_current_config) { if (is_terminal_filter && !last_filter_in_current_config) { ExceptionUtil::throwEnvoyException( fmt::format("Error: terminal filter named {} of type {} must be the " "last filter in a {} filter chain.", name, filter_type, filter_chain_type)); } else if (!is_terminal_filter && last_filter_in_current_config) { ExceptionUtil::throwEnvoyException(fmt::format( "Error: non-terminal filter named {} of type {} is the last filter in a {} filter chain.", name, filter_type, filter_chain_type)); } } /** * Prepares the DNS failure refresh backoff strategy given the cluster configuration. * @param config the config that contains dns refresh information. * @param dns_refresh_rate_ms the default DNS refresh rate. * @param random the random generator. * @return BackOffStrategyPtr for scheduling refreshes. */ template static BackOffStrategyPtr prepareDnsRefreshStrategy(const T& config, uint64_t dns_refresh_rate_ms, Random::RandomGenerator& random) { if (config.has_dns_failure_refresh_rate()) { uint64_t base_interval_ms = PROTOBUF_GET_MS_REQUIRED(config.dns_failure_refresh_rate(), base_interval); uint64_t max_interval_ms = PROTOBUF_GET_MS_OR_DEFAULT(config.dns_failure_refresh_rate(), max_interval, base_interval_ms * 10); if (max_interval_ms < base_interval_ms) { ExceptionUtil::throwEnvoyException( "dns_failure_refresh_rate must have max_interval greater than " "or equal to the base_interval"); } return std::make_unique(base_interval_ms, max_interval_ms, random); } return std::make_unique(dns_refresh_rate_ms); } }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/version_converter.cc ================================================ #include "common/config/version_converter.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/config/api_type_oracle.h" #include "common/protobuf/visitor.h" #include "common/protobuf/well_known.h" #include "absl/strings/match.h" namespace Envoy { namespace Config { namespace { class ProtoVisitor { public: virtual ~ProtoVisitor() = default; // Invoked when a field is visited, with the message, field descriptor and // context. Returns a new context for use when traversing the sub-message in a // field. virtual const void* onField(Protobuf::Message&, const Protobuf::FieldDescriptor&, const void* ctxt) { return ctxt; } // Invoked when a message is visited, with the message and a context. virtual void onMessage(Protobuf::Message&, const void*){}; }; // Reinterpret a Protobuf message as another Protobuf message by converting to wire format and back. // This only works for messages that can be effectively duck typed this way, e.g. with a subtype // relationship modulo field name. void wireCast(const Protobuf::Message& src, Protobuf::Message& dst) { // This should should generally succeed, but if there are malformed UTF-8 strings in a message, // this can fail. if (!dst.ParseFromString(src.SerializeAsString())) { throw EnvoyException("Unable to deserialize during wireCast()"); } } // Create a new dynamic message based on some message wire cast to the target // descriptor. If the descriptor is null, a copy is performed. DynamicMessagePtr createForDescriptorWithCast(const Protobuf::Message& message, const Protobuf::Descriptor* desc) { auto dynamic_message = std::make_unique(); if (desc != nullptr) { dynamic_message->msg_.reset(dynamic_message->dynamic_msg_factory_.GetPrototype(desc)->New()); wireCast(message, *dynamic_message->msg_); return dynamic_message; } // Unnecessary copy, since the existing message is being treated as // "dynamic". However, we want to transfer an owned object, so this is the // best we can do. dynamic_message->msg_.reset(message.New()); dynamic_message->msg_->MergeFrom(message); return dynamic_message; } } // namespace void VersionConverter::upgrade(const Protobuf::Message& prev_message, Protobuf::Message& next_message) { wireCast(prev_message, next_message); // Track original type to support recoverOriginal(). annotateWithOriginalType(*prev_message.GetDescriptor(), next_message); } // This needs to be recursive, since sub-messages are consumed and stored // internally, we later want to recover their original types. void VersionConverter::annotateWithOriginalType(const Protobuf::Descriptor& prev_descriptor, Protobuf::Message& upgraded_message) { class TypeAnnotatingProtoVisitor : public ProtobufMessage::ProtoVisitor { public: void onMessage(Protobuf::Message& message, const void* ctxt) override { const Protobuf::Descriptor* descriptor = message.GetDescriptor(); const Protobuf::Reflection* reflection = message.GetReflection(); const Protobuf::Descriptor& prev_descriptor = *static_cast(ctxt); // If they are the same type, there's no possibility of any different type // further down, so we're done. if (descriptor->full_name() == prev_descriptor.full_name()) { return; } auto* unknown_field_set = reflection->MutableUnknownFields(&message); unknown_field_set->AddLengthDelimited(ProtobufWellKnown::OriginalTypeFieldNumber, prev_descriptor.full_name()); } const void* onField(Protobuf::Message&, const Protobuf::FieldDescriptor& field, const void* ctxt) override { const Protobuf::Descriptor& prev_descriptor = *static_cast(ctxt); // TODO(htuch): This is a terrible hack, there should be no per-resource // business logic in this file. The reason this is required is that // endpoints, when captured in configuration such as inlined hosts in // Clusters for config dump purposes, can potentially contribute a // significant amount to memory consumption. stats_integration_test // complains as a result if we increase any memory due to type annotations. // In theory, we should be able to just clean up these annotations in // ClusterManagerImpl with type erasure, but protobuf doesn't free up memory // as expected, we probably need some arena level trick to address this. if (prev_descriptor.full_name() == "envoy.api.v2.Cluster" && (field.name() == "hidden_envoy_deprecated_hosts" || field.name() == "load_assignment")) { // This will cause the sub-message visit to abort early. return field.message_type(); } const Protobuf::FieldDescriptor* prev_field = prev_descriptor.FindFieldByNumber(field.number()); return prev_field != nullptr ? prev_field->message_type() : nullptr; } }; TypeAnnotatingProtoVisitor proto_visitor; ProtobufMessage::traverseMutableMessage(proto_visitor, upgraded_message, &prev_descriptor); } void VersionConverter::eraseOriginalTypeInformation(Protobuf::Message& message) { class TypeErasingProtoVisitor : public ProtobufMessage::ProtoVisitor { public: void onMessage(Protobuf::Message& message, const void*) override { const Protobuf::Reflection* reflection = message.GetReflection(); auto* unknown_field_set = reflection->MutableUnknownFields(&message); unknown_field_set->DeleteByNumber(ProtobufWellKnown::OriginalTypeFieldNumber); } }; TypeErasingProtoVisitor proto_visitor; ProtobufMessage::traverseMutableMessage(proto_visitor, message, nullptr); } DynamicMessagePtr VersionConverter::recoverOriginal(const Protobuf::Message& upgraded_message) { const Protobuf::Reflection* reflection = upgraded_message.GetReflection(); const auto& unknown_field_set = reflection->GetUnknownFields(upgraded_message); for (int i = 0; i < unknown_field_set.field_count(); ++i) { const auto& unknown_field = unknown_field_set.field(i); if (unknown_field.number() == ProtobufWellKnown::OriginalTypeFieldNumber) { ASSERT(unknown_field.type() == Protobuf::UnknownField::TYPE_LENGTH_DELIMITED); const std::string& original_type = unknown_field.length_delimited(); const Protobuf::Descriptor* original_descriptor = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(original_type); auto result = createForDescriptorWithCast(upgraded_message, original_descriptor); // We should clear out the OriginalTypeFieldNumber in the recovered message. eraseOriginalTypeInformation(*result->msg_); return result; } } return createForDescriptorWithCast(upgraded_message, nullptr); } DynamicMessagePtr VersionConverter::downgrade(const Protobuf::Message& message) { const Protobuf::Descriptor* prev_desc = ApiTypeOracle::getEarlierVersionDescriptor(message.GetDescriptor()->full_name()); return createForDescriptorWithCast(message, prev_desc); } std::string VersionConverter::getJsonStringFromMessage(const Protobuf::Message& message, envoy::config::core::v3::ApiVersion api_version) { DynamicMessagePtr dynamic_message; switch (api_version) { case envoy::config::core::v3::ApiVersion::AUTO: FALLTHRU; case envoy::config::core::v3::ApiVersion::V2: { // TODO(htuch): this works as long as there are no new fields in the v3+ // DiscoveryRequest. When they are added, we need to do a full v2 conversion // and also discard unknown fields. Tracked at // https://github.com/envoyproxy/envoy/issues/9619. dynamic_message = downgrade(message); break; } case envoy::config::core::v3::ApiVersion::V3: { // We need to scrub the hidden fields. dynamic_message = std::make_unique(); dynamic_message->msg_.reset(message.New()); dynamic_message->msg_->MergeFrom(message); VersionUtil::scrubHiddenEnvoyDeprecated(*dynamic_message->msg_); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } eraseOriginalTypeInformation(*dynamic_message->msg_); std::string json; Protobuf::util::JsonPrintOptions json_options; json_options.preserve_proto_field_names = true; const auto status = Protobuf::util::MessageToJsonString(*dynamic_message->msg_, &json, json_options); // This should always succeed unless something crash-worthy such as out-of-memory. RELEASE_ASSERT(status.ok(), ""); return json; } void VersionConverter::prepareMessageForGrpcWire(Protobuf::Message& message, envoy::config::core::v3::ApiVersion api_version) { // TODO(htuch): this works as long as there are no new fields in the v3+ // DiscoveryRequest. When they are added, we need to do a full v2 conversion // and also discard unknown fields. Tracked at // https://github.com/envoyproxy/envoy/issues/9619. if (api_version == envoy::config::core::v3::ApiVersion::V3) { VersionUtil::scrubHiddenEnvoyDeprecated(message); } eraseOriginalTypeInformation(message); } void VersionUtil::scrubHiddenEnvoyDeprecated(Protobuf::Message& message) { class HiddenFieldScrubbingProtoVisitor : public ProtobufMessage::ProtoVisitor { public: const void* onField(Protobuf::Message& message, const Protobuf::FieldDescriptor& field, const void*) override { const Protobuf::Reflection* reflection = message.GetReflection(); if (absl::StartsWith(field.name(), DeprecatedFieldShadowPrefix)) { reflection->ClearField(&message, &field); } return nullptr; } }; HiddenFieldScrubbingProtoVisitor proto_visitor; ProtobufMessage::traverseMutableMessage(proto_visitor, message, nullptr); } const char VersionUtil::DeprecatedFieldShadowPrefix[] = "hidden_envoy_deprecated_"; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/version_converter.h ================================================ #pragma once #include "envoy/config/core/v3/config_source.pb.h" #include "common/protobuf/protobuf.h" // Convenience macro for downgrading a message and obtaining a reference. #define API_DOWNGRADE(msg) (*Envoy::Config::VersionConverter::downgrade(msg)->msg_) // Convenience macro for recovering original message and obtaining a reference. #define API_RECOVER_ORIGINAL(msg) (*Envoy::Config::VersionConverter::recoverOriginal(msg)->msg_) namespace Envoy { namespace Config { // An instance of a dynamic message from a DynamicMessageFactory. struct DynamicMessage { // The dynamic message factory must outlive the message. Protobuf::DynamicMessageFactory dynamic_msg_factory_; // Dynamic message. ProtobufTypes::MessagePtr msg_; }; using DynamicMessagePtr = std::unique_ptr; class VersionConverter { public: /** * Upgrade a message from an earlier to later version of the Envoy API. This * performs a simple wire-level reinterpretation of the fields. As a result of * shadow protos, earlier deprecated fields such as foo are materialized as * hidden_envoy_deprecated_foo. * * This should be used when you have wire input (e.g. bootstrap, xDS, some * opaque config) that might be at any supported version and want to upgrade * to Envoy's internal latest API usage. * * @param prev_message previous version message input. * @param next_message next version message to generate. * * @throw EnvoyException if a Protobuf (de)serialization error occurs. */ static void upgrade(const Protobuf::Message& prev_message, Protobuf::Message& next_message); /** * Downgrade a message to the previous version. If no previous version exists, * the given message is copied in the return value. This is not super * efficient, most uses are expected to be tests and performance agnostic * code. * * This is used primarily in tests, to allow tests to internally use the * latest supported API but ensure that earlier versions are used on the wire. * * @param message message input. * @return DynamicMessagePtr with the downgraded message (and associated * factory state). * * @throw EnvoyException if a Protobuf (de)serialization error occurs. */ static DynamicMessagePtr downgrade(const Protobuf::Message& message); /** * Obtain JSON wire representation for an Envoy internal API message at v3 * based on a given transport API version. This will downgrade() to an earlier * version or scrub the shadow deprecated fields in the existing one. * * This is typically used when Envoy is generating a JSON wire message from * some internally generated message, e.g. DiscoveryRequest, and we want to * ensure it matches a specific API version. For example, a v3 * DiscoveryRequest must have any deprecated v2 fields removed (they only * exist because of shadowing) and a v2 DiscoveryRequest needs to have type * envoy.api.v2.DiscoveryRequest to ensure JSON representations have the * correct field names (after renames/deprecations are reversed). * * @param message message input. * @param api_version target API version. * @return std::string JSON representation. */ static std::string getJsonStringFromMessage(const Protobuf::Message& message, envoy::config::core::v3::ApiVersion api_version); /** * Modify a v3 message to make it suitable for sending as a gRPC message. This * requires that a v3 message has hidden_envoy_deprecated_* fields removed, * and that for all versions that original type information is removed. * * @param message message to modify. * @param api_version target API version. */ static void prepareMessageForGrpcWire(Protobuf::Message& message, envoy::config::core::v3::ApiVersion api_version); /** * Annotate an upgraded message with original message type information. * * @param prev_descriptor descriptor for original type. * @param upgraded_message upgraded message. */ static void annotateWithOriginalType(const Protobuf::Descriptor& prev_descriptor, Protobuf::Message& upgraded_message); /** * For a message that may have been upgraded, recover the original message. * This is useful for config dump, debug output etc. * * @param upgraded_message upgraded message input. * * @return DynamicMessagePtr original message (as a dynamic message). * * @throw EnvoyException if a Protobuf (de)serialization error occurs. */ static DynamicMessagePtr recoverOriginal(const Protobuf::Message& upgraded_message); /** * Remove original type information, when it's not needed, e.g. in tests. * * @param message upgraded message to scrub. */ static void eraseOriginalTypeInformation(Protobuf::Message& message); }; class VersionUtil { public: // Some helpers for working with earlier message version deprecated fields. static void scrubHiddenEnvoyDeprecated(Protobuf::Message& message); // A prefix that is added to deprecated fields names upon shadowing. static const char DeprecatedFieldShadowPrefix[]; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/watch_map.cc ================================================ #include "common/config/watch_map.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/cleanup.h" #include "common/config/decoded_resource_impl.h" namespace Envoy { namespace Config { namespace { // Returns the namespace part (if there's any) in the resource name. std::string namespaceFromName(const std::string& resource_name) { const auto pos = resource_name.find_last_of('/'); // we are not interested in the "/" character in the namespace return pos == std::string::npos ? "" : resource_name.substr(0, pos); } } // namespace Watch* WatchMap::addWatch(SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) { auto watch = std::make_unique(callbacks, resource_decoder); Watch* watch_ptr = watch.get(); wildcard_watches_.insert(watch_ptr); watches_.insert(std::move(watch)); return watch_ptr; } void WatchMap::removeWatch(Watch* watch) { if (deferred_removed_during_update_ != nullptr) { deferred_removed_during_update_->insert(watch); } else { wildcard_watches_.erase(watch); // may or may not be in there, but we want it gone. watches_.erase(watch); } } void WatchMap::removeDeferredWatches() { for (auto& watch : *deferred_removed_during_update_) { wildcard_watches_.erase(watch); // may or may not be in there, but we want it gone. watches_.erase(watch); } deferred_removed_during_update_ = nullptr; } AddedRemoved WatchMap::updateWatchInterest(Watch* watch, const std::set& update_to_these_names) { if (update_to_these_names.empty()) { wildcard_watches_.insert(watch); } else { wildcard_watches_.erase(watch); } std::vector newly_added_to_watch; std::set_difference(update_to_these_names.begin(), update_to_these_names.end(), watch->resource_names_.begin(), watch->resource_names_.end(), std::inserter(newly_added_to_watch, newly_added_to_watch.begin())); std::vector newly_removed_from_watch; std::set_difference(watch->resource_names_.begin(), watch->resource_names_.end(), update_to_these_names.begin(), update_to_these_names.end(), std::inserter(newly_removed_from_watch, newly_removed_from_watch.begin())); watch->resource_names_ = update_to_these_names; return AddedRemoved(findAdditions(newly_added_to_watch, watch), findRemovals(newly_removed_from_watch, watch)); } absl::flat_hash_set WatchMap::watchesInterestedIn(const std::string& resource_name) { absl::flat_hash_set ret; if (!use_namespace_matching_) { ret = wildcard_watches_; } const auto prefix = namespaceFromName(resource_name); const auto resource_key = use_namespace_matching_ && !prefix.empty() ? prefix : resource_name; const auto watches_interested = watch_interest_.find(resource_key); if (watches_interested != watch_interest_.end()) { for (const auto& watch : watches_interested->second) { ret.insert(watch); } } return ret; } void WatchMap::onConfigUpdate(const Protobuf::RepeatedPtrField& resources, const std::string& version_info) { if (watches_.empty()) { return; } // Track any removals triggered by earlier watch updates. ASSERT(deferred_removed_during_update_ == nullptr); deferred_removed_during_update_ = std::make_unique>(); Cleanup cleanup([this] { removeDeferredWatches(); }); // Build a map from watches, to the set of updated resources that each watch cares about. Each // entry in the map is then a nice little bundle that can be fed directly into the individual // onConfigUpdate()s. std::vector decoded_resources; absl::flat_hash_map> per_watch_updates; for (const auto& r : resources) { decoded_resources.emplace_back( new DecodedResourceImpl((*watches_.begin())->resource_decoder_, r, version_info)); const absl::flat_hash_set& interested_in_r = watchesInterestedIn(decoded_resources.back()->name()); for (const auto& interested_watch : interested_in_r) { per_watch_updates[interested_watch].emplace_back(*decoded_resources.back()); } } const bool map_is_single_wildcard = (watches_.size() == 1 && wildcard_watches_.size() == 1); // We just bundled up the updates into nice per-watch packages. Now, deliver them. for (auto& watch : watches_) { if (deferred_removed_during_update_->count(watch.get()) > 0) { continue; } const auto this_watch_updates = per_watch_updates.find(watch); if (this_watch_updates == per_watch_updates.end()) { // This update included no resources this watch cares about. // 1) If there is only a single, wildcard watch (i.e. Cluster or Listener), always call // its onConfigUpdate even if just a no-op, to properly maintain state-of-the-world // semantics and the update_empty stat. // 2) If this watch previously had some resources, it means this update is removing all // of this watch's resources, so the watch must be informed with an onConfigUpdate. // 3) Otherwise, we can skip onConfigUpdate for this watch. if (map_is_single_wildcard || !watch->state_of_the_world_empty_) { watch->state_of_the_world_empty_ = true; watch->callbacks_.onConfigUpdate({}, version_info); } } else { watch->state_of_the_world_empty_ = false; watch->callbacks_.onConfigUpdate(this_watch_updates->second, version_info); } } } void WatchMap::onConfigUpdate( const Protobuf::RepeatedPtrField& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) { // Track any removals triggered by earlier watch updates. ASSERT(deferred_removed_during_update_ == nullptr); deferred_removed_during_update_ = std::make_unique>(); Cleanup cleanup([this] { removeDeferredWatches(); }); // Build a pair of maps: from watches, to the set of resources {added,removed} that each watch // cares about. Each entry in the map-pair is then a nice little bundle that can be fed directly // into the individual onConfigUpdate()s. std::vector decoded_resources; absl::flat_hash_map> per_watch_added; for (const auto& r : added_resources) { const absl::flat_hash_set& interested_in_r = watchesInterestedIn(r.name()); // If there are no watches, then we don't need to decode. If there are watches, they should all // be for the same resource type, so we can just use the callbacks of the first watch to decode. if (interested_in_r.empty()) { continue; } decoded_resources.emplace_back( new DecodedResourceImpl((*interested_in_r.begin())->resource_decoder_, r)); for (const auto& interested_watch : interested_in_r) { per_watch_added[interested_watch].emplace_back(*decoded_resources.back()); } } absl::flat_hash_map> per_watch_removed; for (const auto& r : removed_resources) { const absl::flat_hash_set& interested_in_r = watchesInterestedIn(r); for (const auto& interested_watch : interested_in_r) { *per_watch_removed[interested_watch].Add() = r; } } // We just bundled up the updates into nice per-watch packages. Now, deliver them. for (const auto& [cur_watch, resource_to_add] : per_watch_added) { if (deferred_removed_during_update_->count(cur_watch) > 0) { continue; } const auto removed = per_watch_removed.find(cur_watch); if (removed == per_watch_removed.end()) { // additions only, no removals cur_watch->callbacks_.onConfigUpdate(resource_to_add, {}, system_version_info); } else { // both additions and removals cur_watch->callbacks_.onConfigUpdate(resource_to_add, removed->second, system_version_info); // Drop the removals now, so the final removals-only pass won't use them. per_watch_removed.erase(removed); } } // Any removals-only updates will not have been picked up in the per_watch_added loop. for (auto& [cur_watch, resource_to_remove] : per_watch_removed) { if (deferred_removed_during_update_->count(cur_watch) > 0) { continue; } cur_watch->callbacks_.onConfigUpdate({}, resource_to_remove, system_version_info); } // notify empty update if (added_resources.empty() && removed_resources.empty()) { for (auto& cur_watch : wildcard_watches_) { cur_watch->callbacks_.onConfigUpdate({}, {}, system_version_info); } } } void WatchMap::onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) { for (auto& watch : watches_) { watch->callbacks_.onConfigUpdateFailed(reason, e); } } std::set WatchMap::findAdditions(const std::vector& newly_added_to_watch, Watch* watch) { std::set newly_added_to_subscription; for (const auto& name : newly_added_to_watch) { auto entry = watch_interest_.find(name); if (entry == watch_interest_.end()) { newly_added_to_subscription.insert(name); watch_interest_[name] = {watch}; } else { // Add this watch to the already-existing set at watch_interest_[name] entry->second.insert(watch); } } return newly_added_to_subscription; } std::set WatchMap::findRemovals(const std::vector& newly_removed_from_watch, Watch* watch) { std::set newly_removed_from_subscription; for (const auto& name : newly_removed_from_watch) { auto entry = watch_interest_.find(name); RELEASE_ASSERT( entry != watch_interest_.end(), fmt::format("WatchMap: tried to remove a watch from untracked resource {}", name)); entry->second.erase(watch); if (entry->second.empty()) { watch_interest_.erase(entry); newly_removed_from_subscription.insert(name); } } return newly_removed_from_subscription; } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/watch_map.h ================================================ #pragma once #include #include #include #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Config { struct AddedRemoved { AddedRemoved(std::set&& added, std::set&& removed) : added_(std::move(added)), removed_(std::move(removed)) {} std::set added_; std::set removed_; }; struct Watch { Watch(SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) : callbacks_(callbacks), resource_decoder_(resource_decoder) {} SubscriptionCallbacks& callbacks_; OpaqueResourceDecoder& resource_decoder_; std::set resource_names_; // must be sorted set, for set_difference. // Needed only for state-of-the-world. // Whether the most recent update contained any resources this watch cares about. // If true, a new update that also contains no resources can skip this watch. bool state_of_the_world_empty_{true}; }; // NOTE: Users are responsible for eventually calling removeWatch() on the Watch* returned // by addWatch(). We don't expect there to be new users of this class beyond // NewGrpcMuxImpl and DeltaSubscriptionImpl (TODO(fredlas) to be renamed). // // Manages "watches" of xDS resources. Several xDS callers might ask for a subscription to the same // resource name "X". The xDS machinery must return to each their very own subscription to X. // The xDS machinery's "watch" concept accomplishes that, while avoiding parallel redundant xDS // requests for X. Each of those subscriptions is viewed as a "watch" on X, while behind the scenes // there is just a single real subscription to that resource name. // // This class maintains the watches<-->subscription mapping: it // 1) delivers updates to all interested watches, and // 2) tracks which resource names should be {added to,removed from} the subscription when the // {first,last} watch on a resource name is {added,removed}. // // #1 is accomplished by WatchMap's implementation of the SubscriptionCallbacks interface. // This interface allows the xDS client to just throw each xDS update message it receives directly // into WatchMap::onConfigUpdate, rather than having to track the various watches' callbacks. // // The information for #2 is returned by updateWatchInterest(); the caller should use it to // update the subscription accordingly. // // A WatchMap is assumed to be dedicated to a single type_url type of resource (EDS, CDS, etc). class WatchMap : public UntypedConfigUpdateCallbacks, public Logger::Loggable { public: WatchMap(const bool use_namespace_matching) : use_namespace_matching_(use_namespace_matching) {} // Adds 'callbacks' to the WatchMap, with every possible resource being watched. // (Use updateWatchInterest() to narrow it down to some specific names). // Returns the newly added watch, to be used with updateWatchInterest and removeWatch. Watch* addWatch(SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder); // Updates the set of resource names that the given watch should watch. // Returns any resource name additions/removals that are unique across all watches. That is: // 1) if 'resources' contains X and no other watch cares about X, X will be in added_. // 2) if 'resources' does not contain Y, and this watch was the only one that cared about Y, // Y will be in removed_. AddedRemoved updateWatchInterest(Watch* watch, const std::set& update_to_these_names); // Expects that the watch to be removed has already had all of its resource names removed via // updateWatchInterest(). void removeWatch(Watch* watch); // UntypedConfigUpdateCallbacks. void onConfigUpdate(const Protobuf::RepeatedPtrField& resources, const std::string& version_info) override; void onConfigUpdate( const Protobuf::RepeatedPtrField& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(ConfigUpdateFailureReason reason, const EnvoyException* e) override; WatchMap(const WatchMap&) = delete; WatchMap& operator=(const WatchMap&) = delete; private: void removeDeferredWatches(); // Given a list of names that are new to an individual watch, returns those names that are in fact // new to the entire subscription. std::set findAdditions(const std::vector& newly_added_to_watch, Watch* watch); // Given a list of names that an individual watch no longer cares about, returns those names that // in fact the entire subscription no longer cares about. std::set findRemovals(const std::vector& newly_removed_from_watch, Watch* watch); // Returns the union of watch_interest_[resource_name] and wildcard_watches_. absl::flat_hash_set watchesInterestedIn(const std::string& resource_name); absl::flat_hash_set> watches_; // Watches whose interest set is currently empty, which is interpreted as "everything". absl::flat_hash_set wildcard_watches_; // Watches that have been removed inside the call stack of the WatchMap's onConfigUpdate(). This // can happen when a watch's onConfigUpdate() results in another watch being removed via // removeWatch(). std::unique_ptr> deferred_removed_during_update_; // Maps a resource name to the set of watches interested in that resource. Has two purposes: // 1) Acts as a reference count; no watches care anymore ==> the resource can be removed. // 2) Enables efficient lookup of all interested watches when a resource has been updated. absl::flat_hash_map> watch_interest_; const bool use_namespace_matching_; }; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/well_known_names.cc ================================================ #include "common/config/well_known_names.h" namespace Envoy { namespace Config { TagNameValues::TagNameValues() { // Note: the default regexes are defined below in the order that they will typically be matched // (see the TagExtractor class definition for an explanation of the iterative matching process). // This ordering is roughly from most specific to least specific. Despite the fact that these // regexes are defined with a particular ordering in mind, users can customize the ordering of the // processing of the default tag extraction regexes and include custom tags with regexes via the // bootstrap configuration. Because of this flexibility, these regexes are designed to not // interfere with one another no matter the ordering. They are tested in forward and reverse // ordering to ensure they will be safe in most ordering configurations. // To give a more user-friendly explanation of the intended behavior of each regex, each is // preceded by a comment with a simplified notation to explain what the regex is designed to // match: // - The text that the regex is intended to capture will be enclosed in (). // - Other default tags that are expected to exist in the name (and may or may not have been // removed before this regex has been applied) are enclosed in []. // - Stand-ins for a variable segment of the name (including inside capture groups) will be // enclosed in <>. // - Typical * notation will be used to denote an arbitrary set of characters. // *_rq(_) addRegex(RESPONSE_CODE, "_rq(_(\\d{3}))$", "_rq_"); // *_rq_()xx addRegex(RESPONSE_CODE_CLASS, "_rq_(\\d)xx$", "_rq_"); // http.[.]dynamodb.table.[.]capacity.[.](__partition_id=) addRegex(DYNAMO_PARTITION_ID, "^http(?=\\.).*?\\.dynamodb\\.table(?=\\.).*?\\." "capacity(?=\\.).*?(\\.__partition_id=(\\w{7}))$", ".dynamodb.table."); // http.[.]dynamodb.operation.(.) or // http.[.]dynamodb.table.[.]capacity.(.)[] addRegex(DYNAMO_OPERATION, "^http(?=\\.).*?\\.dynamodb.(?:operation|table(?=" "\\.).*?\\.capacity)(\\.(.*?))(?:\\.|$)", ".dynamodb."); // mongo.[.]collection.[.]callsite.(.)query. addRegex(MONGO_CALLSITE, R"(^mongo(?=\.).*?\.collection(?=\.).*?\.callsite\.((.*?)\.).*?query.\w+?$)", ".collection."); // http.[.]dynamodb.table.(.) or // http.[.]dynamodb.error.(.)* addRegex(DYNAMO_TABLE, R"(^http(?=\.).*?\.dynamodb.(?:table|error)\.((.*?)\.))", ".dynamodb."); // mongo.[.]collection.(.)query. addRegex(MONGO_COLLECTION, R"(^mongo(?=\.).*?\.collection\.((.*?)\.).*?query.\w+?$)", ".collection."); // mongo.[.]cmd.(.) addRegex(MONGO_CMD, R"(^mongo(?=\.).*?\.cmd\.((.*?)\.)\w+?$)", ".cmd."); // cluster.[.]grpc.[.](.) addRegex(GRPC_BRIDGE_METHOD, R"(^cluster(?=\.).*?\.grpc(?=\.).*\.((.*?)\.)\w+?$)", ".grpc."); // http.[.]user_agent.(.) addRegex(HTTP_USER_AGENT, R"(^http(?=\.).*?\.user_agent\.((.*?)\.)\w+?$)", ".user_agent."); // vhost.[.]vcluster.(.) addRegex(VIRTUAL_CLUSTER, R"(^vhost(?=\.).*?\.vcluster\.((.*?)\.)\w+?$)", ".vcluster."); // http.[.]fault.(.) addRegex(FAULT_DOWNSTREAM_CLUSTER, R"(^http(?=\.).*?\.fault\.((.*?)\.)\w+?$)", ".fault."); // listener.[
    .]ssl.cipher.() addRegex(SSL_CIPHER, R"(^listener(?=\.).*?\.ssl\.cipher(\.(.*?))$)"); // cluster.[.]ssl.ciphers.() addRegex(SSL_CIPHER_SUITE, R"(^cluster(?=\.).*?\.ssl\.ciphers(\.(.*?))$)", ".ssl.ciphers."); // cluster.[.]grpc.(.)* addRegex(GRPC_BRIDGE_SERVICE, R"(^cluster(?=\.).*?\.grpc\.((.*?)\.))", ".grpc."); // tcp.(.) addRegex(TCP_PREFIX, R"(^tcp\.((.*?)\.)\w+?$)"); // udp.(.) addRegex(UDP_PREFIX, R"(^udp\.((.*?)\.)\w+?$)"); // auth.clientssl.(.) addRegex(CLIENTSSL_PREFIX, R"(^auth\.clientssl\.((.*?)\.)\w+?$)"); // ratelimit.(.) addRegex(RATELIMIT_PREFIX, R"(^ratelimit\.((.*?)\.)\w+?$)"); // cluster.(.)* addRegex(CLUSTER_NAME, "^cluster\\.((.*?)\\.)"); // listener.[
    .]http.(.)* addRegex(HTTP_CONN_MANAGER_PREFIX, R"(^listener(?=\.).*?\.http\.((.*?)\.))", ".http."); // http.(.)* addRegex(HTTP_CONN_MANAGER_PREFIX, "^http\\.((.*?)\\.)"); // listener.(
    .)* addRegex(LISTENER_ADDRESS, R"(^listener\.(((?:[_.[:digit:]]*|[_\[\]aAbBcCdDeEfF[:digit:]]*))\.))"); // vhost.(.)* addRegex(VIRTUAL_HOST, "^vhost\\.((.*?)\\.)"); // mongo.(.)* addRegex(MONGO_PREFIX, "^mongo\\.((.*?)\\.)"); // http.[.]rds.(.) addRegex(RDS_ROUTE_CONFIG, R"(^http(?=\.).*?\.rds\.((.*?)\.)\w+?$)", ".rds."); // listener_manager.(worker_.)* addRegex(WORKER_ID, R"(^listener_manager\.((worker_\d+)\.))", "listener_manager.worker_"); } void TagNameValues::addRegex(const std::string& name, const std::string& regex, const std::string& substr) { descriptor_vec_.emplace_back(Descriptor(name, regex, substr)); } } // namespace Config } // namespace Envoy ================================================ FILE: source/common/config/well_known_names.h ================================================ #pragma once #include #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Config { /** * Well-known address resolver names. */ class AddressResolverNameValues { public: // Basic IP resolver const std::string IP = "envoy.ip"; }; using AddressResolverNames = ConstSingleton; /** * Well-known metadata filter namespaces. */ class MetadataFilterValues { public: // Filter namespace for built-in load balancer. const std::string ENVOY_LB = "envoy.lb"; // Filter namespace for built-in transport socket match in cluster. const std::string ENVOY_TRANSPORT_SOCKET_MATCH = "envoy.transport_socket_match"; }; using MetadataFilters = ConstSingleton; /** * Keys for MetadataFilterValues::ENVOY_LB metadata. */ class MetadataEnvoyLbKeyValues { public: // Key in envoy.lb filter namespace for endpoint canary bool value. const std::string CANARY = "canary"; }; using MetadataEnvoyLbKeys = ConstSingleton; /** * Well known tags values and a mapping from these names to the regexes they * represent. Note: when names are added to the list, they also must be added to * the regex map by adding an entry in the getRegexMapping function. */ class TagNameValues { public: TagNameValues(); /** * Represents a tag extraction. This structure may be extended to * allow for an faster pattern-matching engine to be used as an * alternative to regexes, on an individual tag basis. Some of the * tags, such as "_rq_(\\d)xx$", will probably stay as regexes. */ struct Descriptor { Descriptor(const std::string& name, const std::string& regex, const std::string& substr = "") : name_(name), regex_(regex), substr_(substr) {} const std::string name_; const std::string regex_; const std::string substr_; }; // Cluster name tag const std::string CLUSTER_NAME = "envoy.cluster_name"; // Listener port tag const std::string LISTENER_ADDRESS = "envoy.listener_address"; // Stats prefix for HttpConnectionManager const std::string HTTP_CONN_MANAGER_PREFIX = "envoy.http_conn_manager_prefix"; // User agent for a connection const std::string HTTP_USER_AGENT = "envoy.http_user_agent"; // SSL cipher for a connection const std::string SSL_CIPHER = "envoy.ssl_cipher"; // SSL cipher suite const std::string SSL_CIPHER_SUITE = "cipher_suite"; // Stats prefix for the Client SSL Auth network filter const std::string CLIENTSSL_PREFIX = "envoy.clientssl_prefix"; // Stats prefix for the Mongo Proxy network filter const std::string MONGO_PREFIX = "envoy.mongo_prefix"; // Request command for the Mongo Proxy network filter const std::string MONGO_CMD = "envoy.mongo_cmd"; // Request collection for the Mongo Proxy network filter const std::string MONGO_COLLECTION = "envoy.mongo_collection"; // Request callsite for the Mongo Proxy network filter const std::string MONGO_CALLSITE = "envoy.mongo_callsite"; // Stats prefix for the Ratelimit network filter const std::string RATELIMIT_PREFIX = "envoy.ratelimit_prefix"; // Stats prefix for the TCP Proxy network filter const std::string TCP_PREFIX = "envoy.tcp_prefix"; // Stats prefix for the UDP Proxy network filter const std::string UDP_PREFIX = "envoy.udp_prefix"; // Downstream cluster for the Fault http filter const std::string FAULT_DOWNSTREAM_CLUSTER = "envoy.fault_downstream_cluster"; // Operation name for the Dynamo http filter const std::string DYNAMO_OPERATION = "envoy.dynamo_operation"; // Table name for the Dynamo http filter const std::string DYNAMO_TABLE = "envoy.dynamo_table"; // Partition ID for the Dynamo http filter const std::string DYNAMO_PARTITION_ID = "envoy.dynamo_partition_id"; // Request service name GRPC Bridge http filter const std::string GRPC_BRIDGE_SERVICE = "envoy.grpc_bridge_service"; // Request method name for the GRPC Bridge http filter const std::string GRPC_BRIDGE_METHOD = "envoy.grpc_bridge_method"; // Request virtual host given by the Router http filter const std::string VIRTUAL_HOST = "envoy.virtual_host"; // Request virtual cluster given by the Router http filter const std::string VIRTUAL_CLUSTER = "envoy.virtual_cluster"; // Request response code const std::string RESPONSE_CODE = "envoy.response_code"; // Request response code class const std::string RESPONSE_CODE_CLASS = "envoy.response_code_class"; // Route config name for RDS updates const std::string RDS_ROUTE_CONFIG = "envoy.rds_route_config"; // Listener manager worker id const std::string WORKER_ID = "envoy.worker_id"; // Mapping from the names above to their respective regex strings. const std::vector> name_regex_pairs_; // Returns the list of descriptors. const std::vector& descriptorVec() const { return descriptor_vec_; } private: void addRegex(const std::string& name, const std::string& regex, const std::string& substr = ""); // Collection of tag descriptors. std::vector descriptor_vec_; }; using TagNames = ConstSingleton; } // namespace Config } // namespace Envoy ================================================ FILE: source/common/conn_pool/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "conn_pool_base_lib", srcs = ["conn_pool_base.cc"], hdrs = ["conn_pool_base.h"], deps = [ "//include/envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/stats:timespan_lib", "//source/common/upstream:upstream_lib", ], ) ================================================ FILE: source/common/conn_pool/conn_pool_base.cc ================================================ #include "common/conn_pool/conn_pool_base.h" #include "common/common/assert.h" #include "common/network/transport_socket_options_impl.h" #include "common/runtime/runtime_features.h" #include "common/stats/timespan_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace ConnectionPool { ConnPoolImplBase::ConnPoolImplBase( Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) : host_(host), priority_(priority), dispatcher_(dispatcher), socket_options_(options), transport_socket_options_(transport_socket_options) {} ConnPoolImplBase::~ConnPoolImplBase() { ASSERT(ready_clients_.empty()); ASSERT(busy_clients_.empty()); ASSERT(connecting_clients_.empty()); } void ConnPoolImplBase::destructAllConnections() { for (auto* list : {&ready_clients_, &busy_clients_, &connecting_clients_}) { while (!list->empty()) { list->front()->close(); } } // Make sure all clients are destroyed before we are destroyed. dispatcher_.clearDeferredDeleteList(); } bool ConnPoolImplBase::shouldCreateNewConnection(float global_prefetch_ratio) const { // If the host is not healthy, don't make it do extra work, especially as // upstream selection logic may result in bypassing this upstream entirely. // If an Envoy user wants prefetching for degraded upstreams this could be // added later via extending the prefetch config. if (host_->health() != Upstream::Host::Health::Healthy) { return pending_streams_.size() > connecting_stream_capacity_; } // If global prefetching is on, and this connection is within the global // prefetch limit, prefetch. // We may eventually want to track prefetch_attempts to allow more prefetching for // heavily weighted upstreams or sticky picks. if (global_prefetch_ratio > 1.0 && ((pending_streams_.size() + 1 + num_active_streams_) * global_prefetch_ratio > (connecting_stream_capacity_ + num_active_streams_))) { return true; } // The number of streams we want to be provisioned for is the number of // pending and active streams times the prefetch ratio. // The number of streams we are (theoretically) provisioned for is the // connecting stream capacity plus the number of active streams. // // If prefetch ratio is not set, it defaults to 1, and this simplifies to the // legacy value of pending_streams_.size() > connecting_stream_capacity_ return (pending_streams_.size() + num_active_streams_) * perUpstreamPrefetchRatio() > (connecting_stream_capacity_ + num_active_streams_); } float ConnPoolImplBase::perUpstreamPrefetchRatio() const { if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.allow_prefetch")) { return host_->cluster().perUpstreamPrefetchRatio(); } else { return 1.0; } } void ConnPoolImplBase::tryCreateNewConnections() { // Somewhat arbitrarily cap the number of connections prefetched due to new // incoming connections. The prefetch ratio is capped at 3, so in steady // state, no more than 3 connections should be prefetched. If hosts go // unhealthy, and connections are not immediately prefetched, it could be that // many connections are desired when the host becomes healthy again, but // overwhelming it with connections is not desirable. for (int i = 0; i < 3; ++i) { if (!tryCreateNewConnection()) { return; } } } bool ConnPoolImplBase::tryCreateNewConnection(float global_prefetch_ratio) { // There are already enough CONNECTING connections for the number of queued streams. if (!shouldCreateNewConnection(global_prefetch_ratio)) { return false; } const bool can_create_connection = host_->cluster().resourceManager(priority_).connections().canCreate(); if (!can_create_connection) { host_->cluster().stats().upstream_cx_overflow_.inc(); } // If we are at the connection circuit-breaker limit due to other upstreams having // too many open connections, and this upstream has no connections, always create one, to // prevent pending streams being queued to this upstream with no way to be processed. if (can_create_connection || (ready_clients_.empty() && busy_clients_.empty() && connecting_clients_.empty())) { ENVOY_LOG(debug, "creating a new connection"); ActiveClientPtr client = instantiateActiveClient(); ASSERT(client->state_ == ActiveClient::State::CONNECTING); ASSERT(std::numeric_limits::max() - connecting_stream_capacity_ >= client->effectiveConcurrentStreamLimit()); ASSERT(client->real_host_description_); connecting_stream_capacity_ += client->effectiveConcurrentStreamLimit(); LinkedList::moveIntoList(std::move(client), owningList(client->state_)); } return can_create_connection; } void ConnPoolImplBase::attachStreamToClient(Envoy::ConnectionPool::ActiveClient& client, AttachContext& context) { ASSERT(client.state_ == Envoy::ConnectionPool::ActiveClient::State::READY); if (!host_->cluster().resourceManager(priority_).requests().canCreate()) { ENVOY_LOG(debug, "max streams overflow"); onPoolFailure(client.real_host_description_, absl::string_view(), ConnectionPool::PoolFailureReason::Overflow, context); host_->cluster().stats().upstream_rq_pending_overflow_.inc(); } else { ENVOY_CONN_LOG(debug, "creating stream", client); client.remaining_streams_--; if (client.remaining_streams_ == 0) { ENVOY_CONN_LOG(debug, "maximum streams per connection, DRAINING", client); host_->cluster().stats().upstream_cx_max_requests_.inc(); transitionActiveClientState(client, Envoy::ConnectionPool::ActiveClient::State::DRAINING); } else if (client.numActiveStreams() + 1 >= client.concurrent_stream_limit_) { // As soon as the new stream is created, the client will be maxed out. transitionActiveClientState(client, Envoy::ConnectionPool::ActiveClient::State::BUSY); } num_active_streams_++; host_->stats().rq_total_.inc(); host_->stats().rq_active_.inc(); host_->cluster().stats().upstream_rq_total_.inc(); host_->cluster().stats().upstream_rq_active_.inc(); host_->cluster().resourceManager(priority_).requests().inc(); onPoolReady(client, context); } } void ConnPoolImplBase::onStreamClosed(Envoy::ConnectionPool::ActiveClient& client, bool delay_attaching_stream) { ENVOY_CONN_LOG(debug, "destroying stream: {} remaining", client, client.numActiveStreams()); ASSERT(num_active_streams_ > 0); num_active_streams_--; host_->stats().rq_active_.dec(); host_->cluster().stats().upstream_rq_active_.dec(); host_->cluster().resourceManager(priority_).requests().dec(); if (client.state_ == ActiveClient::State::DRAINING && client.numActiveStreams() == 0) { // Close out the draining client if we no longer have active streams. client.close(); } else if (client.state_ == ActiveClient::State::BUSY) { // A stream was just ended, so we should be below the limit now. ASSERT(client.numActiveStreams() < client.concurrent_stream_limit_); transitionActiveClientState(client, ActiveClient::State::READY); if (!delay_attaching_stream) { onUpstreamReady(); } } } ConnectionPool::Cancellable* ConnPoolImplBase::newStream(AttachContext& context) { if (!ready_clients_.empty()) { ActiveClient& client = *ready_clients_.front(); ENVOY_CONN_LOG(debug, "using existing connection", client); attachStreamToClient(client, context); // Even if there's a ready client, we may want to prefetch a new connection // to handle the next incoming stream. tryCreateNewConnections(); return nullptr; } if (host_->cluster().resourceManager(priority_).pendingRequests().canCreate()) { ConnectionPool::Cancellable* pending = newPendingStream(context); // This must come after newPendingStream() because this function uses the // length of pending_streams_ to determine if a new connection is needed. tryCreateNewConnections(); return pending; } else { ENVOY_LOG(debug, "max pending streams overflow"); onPoolFailure(nullptr, absl::string_view(), ConnectionPool::PoolFailureReason::Overflow, context); host_->cluster().stats().upstream_rq_pending_overflow_.inc(); return nullptr; } } bool ConnPoolImplBase::maybePrefetch(float global_prefetch_ratio) { return tryCreateNewConnection(global_prefetch_ratio); } void ConnPoolImplBase::onUpstreamReady() { while (!pending_streams_.empty() && !ready_clients_.empty()) { ActiveClientPtr& client = ready_clients_.front(); ENVOY_CONN_LOG(debug, "attaching to next stream", *client); // Pending streams are pushed onto the front, so pull from the back. attachStreamToClient(*client, pending_streams_.back()->context()); pending_streams_.pop_back(); } } std::list& ConnPoolImplBase::owningList(ActiveClient::State state) { switch (state) { case ActiveClient::State::CONNECTING: return connecting_clients_; case ActiveClient::State::READY: return ready_clients_; case ActiveClient::State::BUSY: return busy_clients_; case ActiveClient::State::DRAINING: return busy_clients_; case ActiveClient::State::CLOSED: NOT_REACHED_GCOVR_EXCL_LINE; } NOT_REACHED_GCOVR_EXCL_LINE; } void ConnPoolImplBase::transitionActiveClientState(ActiveClient& client, ActiveClient::State new_state) { auto& old_list = owningList(client.state_); auto& new_list = owningList(new_state); client.state_ = new_state; // old_list and new_list can be equal when transitioning from BUSY to DRAINING. // // The documentation for list.splice() (which is what moveBetweenLists() calls) is // unclear whether it is allowed for src and dst to be the same, so check here // since it is a no-op anyways. if (&old_list != &new_list) { client.moveBetweenLists(old_list, new_list); } } void ConnPoolImplBase::addDrainedCallbackImpl(Instance::DrainedCb cb) { drained_callbacks_.push_back(cb); checkForDrained(); } void ConnPoolImplBase::closeIdleConnections() { // Create a separate list of elements to close to avoid mutate-while-iterating problems. std::list to_close; for (auto& client : ready_clients_) { if (client->numActiveStreams() == 0) { to_close.push_back(client.get()); } } if (pending_streams_.empty()) { for (auto& client : connecting_clients_) { to_close.push_back(client.get()); } } for (auto& entry : to_close) { entry->close(); } } void ConnPoolImplBase::drainConnectionsImpl() { closeIdleConnections(); // closeIdleConnections() closes all connections in ready_clients_ with no active streams, // so all remaining entries in ready_clients_ are serving streams. Move them and all entries // in busy_clients_ to draining. while (!ready_clients_.empty()) { transitionActiveClientState(*ready_clients_.front(), ActiveClient::State::DRAINING); } // Changing busy_clients_ to DRAINING does not move them between lists, // so use a for-loop since the list is not mutated. ASSERT(&owningList(ActiveClient::State::DRAINING) == &busy_clients_); for (auto& busy_client : busy_clients_) { transitionActiveClientState(*busy_client, ActiveClient::State::DRAINING); } } void ConnPoolImplBase::checkForDrained() { if (drained_callbacks_.empty()) { return; } closeIdleConnections(); if (pending_streams_.empty() && ready_clients_.empty() && busy_clients_.empty() && connecting_clients_.empty()) { ENVOY_LOG(debug, "invoking drained callbacks"); for (const Instance::DrainedCb& cb : drained_callbacks_) { cb(); } } } void ConnPoolImplBase::onConnectionEvent(ActiveClient& client, absl::string_view failure_reason, Network::ConnectionEvent event) { if (client.state_ == ActiveClient::State::CONNECTING) { ASSERT(connecting_stream_capacity_ >= client.effectiveConcurrentStreamLimit()); connecting_stream_capacity_ -= client.effectiveConcurrentStreamLimit(); } if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { // The client died. ENVOY_CONN_LOG(debug, "client disconnected, failure reason: {}", client, failure_reason); Envoy::Upstream::reportUpstreamCxDestroy(host_, event); const bool incomplete_stream = client.closingWithIncompleteStream(); if (incomplete_stream) { Envoy::Upstream::reportUpstreamCxDestroyActiveRequest(host_, event); } if (client.state_ == ActiveClient::State::CONNECTING) { host_->cluster().stats().upstream_cx_connect_fail_.inc(); host_->stats().cx_connect_fail_.inc(); ConnectionPool::PoolFailureReason reason; if (client.timed_out_) { reason = ConnectionPool::PoolFailureReason::Timeout; } else if (event == Network::ConnectionEvent::RemoteClose) { reason = ConnectionPool::PoolFailureReason::RemoteConnectionFailure; } else { reason = ConnectionPool::PoolFailureReason::LocalConnectionFailure; } // Raw connect failures should never happen under normal circumstances. If we have an upstream // that is behaving badly, streams can get stuck here in the pending state. If we see a // connect failure, we purge all pending streams so that calling code can determine what to // do with the stream. // NOTE: We move the existing pending streams to a temporary list. This is done so that // if retry logic submits a new stream to the pool, we don't fail it inline. purgePendingStreams(client.real_host_description_, failure_reason, reason); // See if we should prefetch another connection based on active connections. tryCreateNewConnections(); } // We need to release our resourceManager() resources before checking below for // whether we can create a new connection. Normally this would happen when // client's destructor runs, but this object needs to be deferredDelete'd(), so // this forces part of its cleanup to happen now. client.releaseResources(); dispatcher_.deferredDelete(client.removeFromList(owningList(client.state_))); if (incomplete_stream) { checkForDrained(); } client.state_ = ActiveClient::State::CLOSED; // If we have pending streams and we just lost a connection we should make a new one. if (!pending_streams_.empty()) { tryCreateNewConnections(); } } else if (event == Network::ConnectionEvent::Connected) { client.conn_connect_ms_->complete(); client.conn_connect_ms_.reset(); ASSERT(client.state_ == ActiveClient::State::CONNECTING); transitionActiveClientState(client, ActiveClient::State::READY); onUpstreamReady(); checkForDrained(); } if (client.connect_timer_) { client.connect_timer_->disableTimer(); client.connect_timer_.reset(); } } PendingStream::PendingStream(ConnPoolImplBase& parent) : parent_(parent) { parent_.host()->cluster().stats().upstream_rq_pending_total_.inc(); parent_.host()->cluster().stats().upstream_rq_pending_active_.inc(); parent_.host()->cluster().resourceManager(parent_.priority()).pendingRequests().inc(); } PendingStream::~PendingStream() { parent_.host()->cluster().stats().upstream_rq_pending_active_.dec(); parent_.host()->cluster().resourceManager(parent_.priority()).pendingRequests().dec(); } void PendingStream::cancel(Envoy::ConnectionPool::CancelPolicy policy) { parent_.onPendingStreamCancel(*this, policy); } void ConnPoolImplBase::purgePendingStreams( const Upstream::HostDescriptionConstSharedPtr& host_description, absl::string_view failure_reason, ConnectionPool::PoolFailureReason reason) { // NOTE: We move the existing pending streams to a temporary list. This is done so that // if retry logic submits a new stream to the pool, we don't fail it inline. pending_streams_to_purge_ = std::move(pending_streams_); while (!pending_streams_to_purge_.empty()) { PendingStreamPtr stream = pending_streams_to_purge_.front()->removeFromList(pending_streams_to_purge_); host_->cluster().stats().upstream_rq_pending_failure_eject_.inc(); onPoolFailure(host_description, failure_reason, reason, stream->context()); } } bool ConnPoolImplBase::connectingConnectionIsExcess() const { ASSERT(connecting_stream_capacity_ >= connecting_clients_.front()->effectiveConcurrentStreamLimit()); // If perUpstreamPrefetchRatio is one, this simplifies to checking if there would still be // sufficient connecting stream capacity to serve all pending streams if the most recent client // were removed from the picture. // // If prefetch ratio is set, it also factors in the anticipated load based on both queued streams // and active streams, and makes sure the connecting capacity would still be sufficient to serve // that even with the most recent client removed. return (pending_streams_.size() + num_active_streams_) * perUpstreamPrefetchRatio() <= (connecting_stream_capacity_ - connecting_clients_.front()->effectiveConcurrentStreamLimit() + num_active_streams_); } void ConnPoolImplBase::onPendingStreamCancel(PendingStream& stream, Envoy::ConnectionPool::CancelPolicy policy) { ENVOY_LOG(debug, "cancelling pending stream"); if (!pending_streams_to_purge_.empty()) { // If pending_streams_to_purge_ is not empty, it means that we are called from // with-in a onPoolFailure callback invoked in purgePendingStreams (i.e. purgePendingStreams // is down in the call stack). Remove this stream from the list as it is cancelled, // and there is no need to call its onPoolFailure callback. stream.removeFromList(pending_streams_to_purge_); } else { stream.removeFromList(pending_streams_); } if (policy == Envoy::ConnectionPool::CancelPolicy::CloseExcess && !connecting_clients_.empty() && connectingConnectionIsExcess()) { auto& client = *connecting_clients_.front(); transitionActiveClientState(client, ActiveClient::State::DRAINING); client.close(); } host_->cluster().stats().upstream_rq_cancelled_.inc(); checkForDrained(); } namespace { // Translate zero to UINT64_MAX so that the zero/unlimited case doesn't // have to be handled specially. uint64_t translateZeroToUnlimited(uint64_t limit) { return (limit != 0) ? limit : std::numeric_limits::max(); } } // namespace ActiveClient::ActiveClient(ConnPoolImplBase& parent, uint64_t lifetime_stream_limit, uint64_t concurrent_stream_limit) : parent_(parent), remaining_streams_(translateZeroToUnlimited(lifetime_stream_limit)), concurrent_stream_limit_(translateZeroToUnlimited(concurrent_stream_limit)), connect_timer_(parent_.dispatcher().createTimer([this]() -> void { onConnectTimeout(); })) { conn_connect_ms_ = std::make_unique( parent_.host()->cluster().stats().upstream_cx_connect_ms_, parent_.dispatcher().timeSource()); conn_length_ = std::make_unique( parent_.host()->cluster().stats().upstream_cx_length_ms_, parent_.dispatcher().timeSource()); connect_timer_->enableTimer(parent_.host()->cluster().connectTimeout()); parent_.host()->stats().cx_total_.inc(); parent_.host()->stats().cx_active_.inc(); parent_.host()->cluster().stats().upstream_cx_total_.inc(); parent_.host()->cluster().stats().upstream_cx_active_.inc(); parent_.host()->cluster().resourceManager(parent_.priority()).connections().inc(); } ActiveClient::~ActiveClient() { releaseResources(); } void ActiveClient::onEvent(Network::ConnectionEvent event) { parent_.onConnectionEvent(*this, "", event); } void ActiveClient::releaseResources() { if (!resources_released_) { resources_released_ = true; conn_length_->complete(); parent_.host()->cluster().stats().upstream_cx_active_.dec(); parent_.host()->stats().cx_active_.dec(); parent_.host()->cluster().resourceManager(parent_.priority()).connections().dec(); } } void ActiveClient::onConnectTimeout() { ENVOY_CONN_LOG(debug, "connect timeout", *this); parent_.host()->cluster().stats().upstream_cx_connect_timeout_.inc(); timed_out_ = true; close(); } } // namespace ConnectionPool } // namespace Envoy ================================================ FILE: source/common/conn_pool/conn_pool_base.h ================================================ #pragma once #include "envoy/common/conn_pool.h" #include "envoy/event/dispatcher.h" #include "envoy/network/connection.h" #include "envoy/stats/timespan.h" #include "common/common/linked_object.h" #include "absl/strings/string_view.h" namespace Envoy { namespace ConnectionPool { class ConnPoolImplBase; // A placeholder struct for whatever data a given connection pool needs to // successfully attach and upstream connection to a downstream connection. struct AttachContext { // Add a virtual destructor to allow for the dynamic_cast ASSERT in typedContext. virtual ~AttachContext() = default; }; // ActiveClient provides a base class for connection pool clients that handles connection timings // as well as managing the connection timeout. class ActiveClient : public LinkedObject, public Network::ConnectionCallbacks, public Event::DeferredDeletable, protected Logger::Loggable { public: ActiveClient(ConnPoolImplBase& parent, uint64_t lifetime_stream_limit, uint64_t concurrent_stream_limit); ~ActiveClient() override; void releaseResources(); // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // Called if the connection does not complete within the cluster's connectTimeout() void onConnectTimeout(); // Returns the concurrent stream limit, accounting for if the total stream limit // is less than the concurrent stream limit. uint64_t effectiveConcurrentStreamLimit() const { return std::min(remaining_streams_, concurrent_stream_limit_); } // Closes the underlying connection. virtual void close() PURE; // Returns the ID of the underlying connection. virtual uint64_t id() const PURE; // Returns true if this closed with an incomplete stream, for stats tracking/ purposes. virtual bool closingWithIncompleteStream() const PURE; // Returns the number of active streams on this connection. virtual size_t numActiveStreams() const PURE; enum class State { CONNECTING, // Connection is not yet established. READY, // Additional streams may be immediately dispatched to this connection. BUSY, // Connection is at its concurrent stream limit. DRAINING, // No more streams can be dispatched to this connection, and it will be closed // when all streams complete. CLOSED // Connection is closed and object is queued for destruction. }; ConnPoolImplBase& parent_; uint64_t remaining_streams_; const uint64_t concurrent_stream_limit_; State state_{State::CONNECTING}; Upstream::HostDescriptionConstSharedPtr real_host_description_; Stats::TimespanPtr conn_connect_ms_; Stats::TimespanPtr conn_length_; Event::TimerPtr connect_timer_; bool resources_released_{false}; bool timed_out_{false}; }; // PendingStream is the base class tracking streams for which a connection has been created but not // yet established. class PendingStream : public LinkedObject, public ConnectionPool::Cancellable { public: PendingStream(ConnPoolImplBase& parent); ~PendingStream() override; // ConnectionPool::Cancellable void cancel(Envoy::ConnectionPool::CancelPolicy policy) override; // The context here returns a pointer to whatever context is provided with newStream(), // which will be passed back to the parent in onPoolReady or onPoolFailure. virtual AttachContext& context() PURE; ConnPoolImplBase& parent_; }; using PendingStreamPtr = std::unique_ptr; using ActiveClientPtr = std::unique_ptr; // Base class that handles stream queueing logic shared between connection pool implementations. class ConnPoolImplBase : protected Logger::Loggable { public: ConnPoolImplBase(Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options); virtual ~ConnPoolImplBase(); // A helper function to get the specific context type from the base class context. template T& typedContext(AttachContext& context) { ASSERT(dynamic_cast(&context) != nullptr); return *static_cast(&context); } void addDrainedCallbackImpl(Instance::DrainedCb cb); void drainConnectionsImpl(); // Closes and destroys all connections. This must be called in the destructor of // derived classes because the derived ActiveClient will downcast parent_ to a more // specific type of ConnPoolImplBase, but if the more specific part is already destructed // (due to bottom-up destructor ordering in c++) that access will be invalid. void destructAllConnections(); // Returns a new instance of ActiveClient. virtual ActiveClientPtr instantiateActiveClient() PURE; // Gets a pointer to the list that currently owns this client. std::list& owningList(ActiveClient::State state); // Removes the PendingStream from the list of streams. Called when the PendingStream is // cancelled, e.g. when the stream is reset before a connection has been established. void onPendingStreamCancel(PendingStream& stream, Envoy::ConnectionPool::CancelPolicy policy); // Fails all pending streams, calling onPoolFailure on the associated callbacks. void purgePendingStreams(const Upstream::HostDescriptionConstSharedPtr& host_description, absl::string_view failure_reason, ConnectionPool::PoolFailureReason pool_failure_reason); // Closes any idle connections. void closeIdleConnections(); // Changes the state_ of an ActiveClient and moves to the appropriate list. void transitionActiveClientState(ActiveClient& client, ActiveClient::State new_state); void onConnectionEvent(ActiveClient& client, absl::string_view failure_reason, Network::ConnectionEvent event); void checkForDrained(); void onUpstreamReady(); ConnectionPool::Cancellable* newStream(AttachContext& context); // Called if this pool is likely to be picked soon, to determine if it's worth // prefetching a connection. bool maybePrefetch(float global_prefetch_ratio); virtual ConnectionPool::Cancellable* newPendingStream(AttachContext& context) PURE; void attachStreamToClient(Envoy::ConnectionPool::ActiveClient& client, AttachContext& context); virtual void onPoolFailure(const Upstream::HostDescriptionConstSharedPtr& host_description, absl::string_view failure_reason, ConnectionPool::PoolFailureReason pool_failure_reason, AttachContext& context) PURE; virtual void onPoolReady(ActiveClient& client, AttachContext& context) PURE; // Called by derived classes any time a stream is completed or destroyed for any reason. void onStreamClosed(Envoy::ConnectionPool::ActiveClient& client, bool delay_attaching_stream); const Upstream::HostConstSharedPtr& host() const { return host_; } Event::Dispatcher& dispatcher() { return dispatcher_; } Upstream::ResourcePriority priority() const { return priority_; } const Network::ConnectionSocket::OptionsSharedPtr& socketOptions() { return socket_options_; } const Network::TransportSocketOptionsSharedPtr& transportSocketOptions() { return transport_socket_options_; } protected: // Creates up to 3 connections, based on the prefetch ratio. void tryCreateNewConnections(); // Creates a new connection if there is sufficient demand, it is allowed by resourceManager, or // to avoid starving this pool. // Demand is determined either by perUpstreamPrefetchRatio() or global_prefetch_ratio // if this is called by maybePrefetch() bool tryCreateNewConnection(float global_prefetch_ratio = 0); // A helper function which determines if a canceled pending connection should // be closed as excess or not. bool connectingConnectionIsExcess() const; // A helper function which determines if a new incoming stream should trigger // connection prefetch. bool shouldCreateNewConnection(float global_prefetch_ratio) const; float perUpstreamPrefetchRatio() const; const Upstream::HostConstSharedPtr host_; const Upstream::ResourcePriority priority_; Event::Dispatcher& dispatcher_; const Network::ConnectionSocket::OptionsSharedPtr socket_options_; const Network::TransportSocketOptionsSharedPtr transport_socket_options_; std::list drained_callbacks_; std::list pending_streams_; // When calling purgePendingStreams, this list will be used to hold the streams we are about // to purge. We need this if one cancelled streams cancels a different pending stream std::list pending_streams_to_purge_; // Clients that are ready to handle additional streams. // All entries are in state READY. std::list ready_clients_; // Clients that are not ready to handle additional streams due to being BUSY or DRAINING. std::list busy_clients_; // Clients that are not ready to handle additional streams because they are CONNECTING. std::list connecting_clients_; // The number of streams currently attached to clients. uint64_t num_active_streams_{0}; // The number of streams that can be immediately dispatched // if all CONNECTING connections become connected. uint64_t connecting_stream_capacity_{0}; }; } // namespace ConnectionPool } // namespace Envoy ================================================ FILE: source/common/crypto/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "utility_lib", hdrs = [ "utility.h", ], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/common/crypto:crypto_interface", "//source/common/common:assert_lib", "//source/common/singleton:threadsafe_singleton", ], ) ================================================ FILE: source/common/crypto/utility.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/crypto/crypto.h" #include "common/singleton/threadsafe_singleton.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Common { namespace Crypto { struct VerificationOutput { /** * Verification result. If result_ is true, error_message_ is empty. */ bool result_; /** * Error message when verification failed. * TODO(crazyxy): switch to absl::StatusOr when available */ std::string error_message_; }; class Utility { public: virtual ~Utility() = default; /** * Computes the SHA-256 digest of a buffer. * @param buffer the buffer. * @return a vector of bytes for the computed digest. */ virtual std::vector getSha256Digest(const Buffer::Instance& buffer) PURE; /** * Computes the SHA-256 HMAC for a given key and message. * @param key the HMAC function key. * @param message message data for the HMAC function. * @return a vector of bytes for the computed HMAC. */ virtual std::vector getSha256Hmac(const std::vector& key, absl::string_view message) PURE; /** * Verify cryptographic signatures. * @param hash hash function(including SHA1, SHA224, SHA256, SHA384, SHA512) * @param key pointer to EVP_PKEY public key * @param signature signature * @param text clear text * @return If the result_ is true, the error_message_ is empty; otherwise, * the error_message_ stores the error message */ virtual const VerificationOutput verifySignature(absl::string_view hash, CryptoObject& key, const std::vector& signature, const std::vector& text) PURE; /** * Import public key. * @param key key string * @return pointer to EVP_PKEY public key */ virtual CryptoObjectPtr importPublicKey(const std::vector& key) PURE; }; using UtilitySingleton = InjectableSingleton; using ScopedUtilitySingleton = ScopedInjectableLoader; } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: source/common/event/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "dispatcher_lib", srcs = [ "dispatcher_impl.cc", "file_event_impl.cc", "signal_impl.cc", ], hdrs = [ "signal_impl.h", ], deps = [ ":dispatcher_includes", ":libevent_scheduler_lib", ":real_time_system_lib", "//include/envoy/common:scope_tracker_interface", "//include/envoy/common:time_interface", "//include/envoy/event:signal_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/network:listener_interface", "//source/common/common:assert_lib", "//source/common/common:thread_lib", "//source/common/filesystem:watcher_lib", "//source/common/network:dns_lib", "//source/common/network:connection_lib", "//source/common/network:listener_lib", "//source/common/runtime:runtime_features_lib", ] + select({ "//bazel:apple": ["//source/common/network:apple_dns_lib"], "//conditions:default": [], }), ) envoy_cc_library( name = "event_impl_base_lib", srcs = ["event_impl_base.cc"], hdrs = ["event_impl_base.h"], external_deps = [ "event", ], ) envoy_cc_library( name = "real_time_system_lib", srcs = ["real_time_system.cc"], hdrs = ["real_time_system.h"], deps = [ ":event_impl_base_lib", ":timer_lib", "//include/envoy/event:timer_interface", "//source/common/common:utility_lib", "//source/common/event:dispatcher_includes", ], ) envoy_cc_library( name = "dispatcher_includes", hdrs = [ "dispatcher_impl.h", "event_impl_base.h", "file_event_impl.h", "schedulable_cb_impl.h", ], deps = [ ":libevent_lib", ":libevent_scheduler_lib", "//include/envoy/api:api_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/network:connection_handler_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//source/common/signal:fatal_error_handler_lib", ] + select({ "//bazel:disable_signal_trace": [], "//conditions:default": [ "//source/common/signal:sigaction_lib", ], }), ) envoy_cc_library( name = "libevent_lib", srcs = ["libevent.cc"], hdrs = ["libevent.h"], external_deps = [ "event", ], deps = [ "//source/common/common:assert_lib", "//source/common/common:c_smart_ptr_lib", ], ) envoy_cc_library( name = "libevent_scheduler_lib", srcs = ["libevent_scheduler.cc"], hdrs = ["libevent_scheduler.h"], external_deps = ["event"], deps = [ ":libevent_lib", ":schedulable_cb_lib", ":timer_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "schedulable_cb_lib", srcs = ["schedulable_cb_impl.cc"], hdrs = ["schedulable_cb_impl.h"], external_deps = ["event"], deps = [ ":event_impl_base_lib", ":libevent_lib", "//include/envoy/event:schedulable_cb_interface", ], ) envoy_cc_library( name = "timer_lib", srcs = ["timer_impl.cc"], hdrs = ["timer_impl.h"], external_deps = ["event"], deps = [ ":event_impl_base_lib", ":libevent_lib", "//include/envoy/event:timer_interface", "//source/common/common:scope_tracker", "//source/common/common:utility_lib", "//source/common/runtime:runtime_features_lib", ], ) envoy_cc_library( name = "deferred_task", hdrs = ["deferred_task.h"], deps = [ "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", ], ) envoy_cc_library( name = "scaled_range_timer_manager", srcs = ["scaled_range_timer_manager.cc"], hdrs = ["scaled_range_timer_manager.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:range_timer_interface", "//source/common/common:scope_tracker", ], ) ================================================ FILE: source/common/event/deferred_task.h ================================================ #pragma once #include #include "envoy/event/dispatcher.h" namespace Envoy { namespace Event { /** * A util to schedule a task to run in a future event loop cycle. One of the use cases is to run the * task after the previously DeferredDeletable objects are destroyed. */ class DeferredTaskUtil { private: class DeferredTask : public DeferredDeletable { public: DeferredTask(std::function&& task) : task_(std::move(task)) {} ~DeferredTask() override { task_(); } private: std::function task_; }; public: /** * Submits an item for run deferred delete. */ static void deferredRun(Dispatcher& dispatcher, std::function&& func) { dispatcher.deferredDelete(std::make_unique(std::move(func))); } }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/dispatcher_impl.cc ================================================ #include "common/event/dispatcher_impl.h" #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" #include "common/buffer/buffer_impl.h" #include "common/common/lock_guard.h" #include "common/common/thread.h" #include "common/event/file_event_impl.h" #include "common/event/libevent_scheduler.h" #include "common/event/signal_impl.h" #include "common/event/timer_impl.h" #include "common/filesystem/watcher_impl.h" #include "common/network/connection_impl.h" #include "common/network/dns_impl.h" #include "common/network/tcp_listener_impl.h" #include "common/network/udp_listener_impl.h" #include "common/runtime/runtime_features.h" #include "event2/event.h" #ifdef ENVOY_HANDLE_SIGNALS #include "common/signal/signal_action.h" #endif #ifdef __APPLE__ #include "common/network/apple_dns_impl.h" #endif namespace Envoy { namespace Event { DispatcherImpl::DispatcherImpl(const std::string& name, Api::Api& api, Event::TimeSystem& time_system) : DispatcherImpl(name, std::make_unique(), api, time_system) {} DispatcherImpl::DispatcherImpl(const std::string& name, Buffer::WatermarkFactoryPtr&& factory, Api::Api& api, Event::TimeSystem& time_system) : name_(name), api_(api), buffer_factory_(std::move(factory)), scheduler_(time_system.createScheduler(base_scheduler_, base_scheduler_)), deferred_delete_cb_(base_scheduler_.createSchedulableCallback( [this]() -> void { clearDeferredDeleteList(); })), post_cb_(base_scheduler_.createSchedulableCallback([this]() -> void { runPostCallbacks(); })), current_to_delete_(&to_delete_1_) { ASSERT(!name_.empty()); FatalErrorHandler::registerFatalErrorHandler(*this); updateApproximateMonotonicTimeInternal(); base_scheduler_.registerOnPrepareCallback( std::bind(&DispatcherImpl::updateApproximateMonotonicTime, this)); } DispatcherImpl::~DispatcherImpl() { FatalErrorHandler::removeFatalErrorHandler(*this); } void DispatcherImpl::initializeStats(Stats::Scope& scope, const absl::optional& prefix) { const std::string effective_prefix = prefix.has_value() ? *prefix : absl::StrCat(name_, "."); // This needs to be run in the dispatcher's thread, so that we have a thread id to log. post([this, &scope, effective_prefix] { stats_prefix_ = effective_prefix + "dispatcher"; stats_ = std::make_unique( DispatcherStats{ALL_DISPATCHER_STATS(POOL_HISTOGRAM_PREFIX(scope, stats_prefix_ + "."))}); base_scheduler_.initializeStats(stats_.get()); ENVOY_LOG(debug, "running {} on thread {}", stats_prefix_, run_tid_.debugString()); }); } void DispatcherImpl::clearDeferredDeleteList() { ASSERT(isThreadSafe()); std::vector* to_delete = current_to_delete_; size_t num_to_delete = to_delete->size(); if (deferred_deleting_ || !num_to_delete) { return; } ENVOY_LOG(trace, "clearing deferred deletion list (size={})", num_to_delete); // Swap the current deletion vector so that if we do deferred delete while we are deleting, we // use the other vector. We will get another callback to delete that vector. if (current_to_delete_ == &to_delete_1_) { current_to_delete_ = &to_delete_2_; } else { current_to_delete_ = &to_delete_1_; } deferred_deleting_ = true; // Calling clear() on the vector does not specify which order destructors run in. We want to // destroy in FIFO order so just do it manually. This required 2 passes over the vector which is // not optimal but can be cleaned up later if needed. for (size_t i = 0; i < num_to_delete; i++) { (*to_delete)[i].reset(); } to_delete->clear(); deferred_deleting_ = false; } Network::ConnectionPtr DispatcherImpl::createServerConnection(Network::ConnectionSocketPtr&& socket, Network::TransportSocketPtr&& transport_socket, StreamInfo::StreamInfo& stream_info) { ASSERT(isThreadSafe()); return std::make_unique(*this, std::move(socket), std::move(transport_socket), stream_info, true); } Network::ClientConnectionPtr DispatcherImpl::createClientConnection(Network::Address::InstanceConstSharedPtr address, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) { ASSERT(isThreadSafe()); return std::make_unique(*this, address, source_address, std::move(transport_socket), options); } Network::DnsResolverSharedPtr DispatcherImpl::createDnsResolver( const std::vector& resolvers, const bool use_tcp_for_dns_lookups) { ASSERT(isThreadSafe()); #ifdef __APPLE__ static bool use_apple_api_for_dns_lookups = Runtime::runtimeFeatureEnabled("envoy.restart_features.use_apple_api_for_dns_lookups"); if (use_apple_api_for_dns_lookups) { RELEASE_ASSERT( resolvers.empty(), "defining custom resolvers is not possible when using Apple APIs for DNS resolution. " "Apple's API only allows overriding DNS resolvers via system settings. Delete resolvers " "config or disable the envoy.restart_features.use_apple_api_for_dns_lookups runtime " "feature."); RELEASE_ASSERT(!use_tcp_for_dns_lookups, "using TCP for DNS lookups is not possible when using Apple APIs for DNS " "resolution. Apple' API only uses UDP for DNS resolution. Use UDP or disable " "the envoy.restart_features.use_apple_api_for_dns_lookups runtime feature."); return Network::DnsResolverSharedPtr{new Network::AppleDnsResolverImpl(*this)}; } #endif return Network::DnsResolverSharedPtr{ new Network::DnsResolverImpl(*this, resolvers, use_tcp_for_dns_lookups)}; } FileEventPtr DispatcherImpl::createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events) { ASSERT(isThreadSafe()); return FileEventPtr{new FileEventImpl(*this, fd, cb, trigger, events)}; } Filesystem::WatcherPtr DispatcherImpl::createFilesystemWatcher() { ASSERT(isThreadSafe()); return Filesystem::WatcherPtr{new Filesystem::WatcherImpl(*this, api_)}; } Network::ListenerPtr DispatcherImpl::createListener(Network::SocketSharedPtr&& socket, Network::TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size) { ASSERT(isThreadSafe()); return std::make_unique(*this, std::move(socket), cb, bind_to_port, backlog_size); } Network::UdpListenerPtr DispatcherImpl::createUdpListener(Network::SocketSharedPtr socket, Network::UdpListenerCallbacks& cb) { ASSERT(isThreadSafe()); return std::make_unique(*this, std::move(socket), cb, timeSource()); } TimerPtr DispatcherImpl::createTimer(TimerCb cb) { ASSERT(isThreadSafe()); return createTimerInternal(cb); } Event::SchedulableCallbackPtr DispatcherImpl::createSchedulableCallback(std::function cb) { ASSERT(isThreadSafe()); return base_scheduler_.createSchedulableCallback(cb); } TimerPtr DispatcherImpl::createTimerInternal(TimerCb cb) { return scheduler_->createTimer(cb, *this); } void DispatcherImpl::deferredDelete(DeferredDeletablePtr&& to_delete) { ASSERT(isThreadSafe()); current_to_delete_->emplace_back(std::move(to_delete)); ENVOY_LOG(trace, "item added to deferred deletion list (size={})", current_to_delete_->size()); if (current_to_delete_->size() == 1) { deferred_delete_cb_->scheduleCallbackCurrentIteration(); } } void DispatcherImpl::exit() { base_scheduler_.loopExit(); } SignalEventPtr DispatcherImpl::listenForSignal(int signal_num, SignalCb cb) { ASSERT(isThreadSafe()); return SignalEventPtr{new SignalEventImpl(*this, signal_num, cb)}; } void DispatcherImpl::post(std::function callback) { bool do_post; { Thread::LockGuard lock(post_lock_); do_post = post_callbacks_.empty(); post_callbacks_.push_back(callback); } if (do_post) { post_cb_->scheduleCallbackCurrentIteration(); } } void DispatcherImpl::run(RunType type) { run_tid_ = api_.threadFactory().currentThreadId(); // Flush all post callbacks before we run the event loop. We do this because there are post // callbacks that have to get run before the initial event loop starts running. libevent does // not guarantee that events are run in any particular order. So even if we post() and call // event_base_once() before some other event, the other event might get called first. runPostCallbacks(); base_scheduler_.run(type); } MonotonicTime DispatcherImpl::approximateMonotonicTime() const { return approximate_monotonic_time_; } void DispatcherImpl::updateApproximateMonotonicTime() { updateApproximateMonotonicTimeInternal(); } void DispatcherImpl::updateApproximateMonotonicTimeInternal() { approximate_monotonic_time_ = api_.timeSource().monotonicTime(); } void DispatcherImpl::runPostCallbacks() { while (true) { // It is important that this declaration is inside the body of the loop so that the callback is // destructed while post_lock_ is not held. If callback is declared outside the loop and reused // for each iteration, the previous iteration's callback is destructed when callback is // re-assigned, which happens while holding the lock. This can lead to a deadlock (via // recursive mutex acquisition) if destroying the callback runs a destructor, which through some // callstack calls post() on this dispatcher. std::function callback; { Thread::LockGuard lock(post_lock_); if (post_callbacks_.empty()) { return; } callback = post_callbacks_.front(); post_callbacks_.pop_front(); } callback(); } } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/dispatcher_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/common/scope_tracker.h" #include "envoy/common/time.h" #include "envoy/event/deferred_deletable.h" #include "envoy/event/dispatcher.h" #include "envoy/network/connection_handler.h" #include "envoy/stats/scope.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/event/libevent.h" #include "common/event/libevent_scheduler.h" #include "common/signal/fatal_error_handler.h" namespace Envoy { namespace Event { /** * libevent implementation of Event::Dispatcher. */ class DispatcherImpl : Logger::Loggable, public Dispatcher, public FatalErrorHandlerInterface { public: DispatcherImpl(const std::string& name, Api::Api& api, Event::TimeSystem& time_system); DispatcherImpl(const std::string& name, Buffer::WatermarkFactoryPtr&& factory, Api::Api& api, Event::TimeSystem& time_system); ~DispatcherImpl() override; /** * @return event_base& the libevent base. */ event_base& base() { return base_scheduler_.base(); } // Event::Dispatcher const std::string& name() override { return name_; } TimeSource& timeSource() override { return api_.timeSource(); } void initializeStats(Stats::Scope& scope, const absl::optional& prefix) override; void clearDeferredDeleteList() override; Network::ConnectionPtr createServerConnection(Network::ConnectionSocketPtr&& socket, Network::TransportSocketPtr&& transport_socket, StreamInfo::StreamInfo& stream_info) override; Network::ClientConnectionPtr createClientConnection(Network::Address::InstanceConstSharedPtr address, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) override; Network::DnsResolverSharedPtr createDnsResolver(const std::vector& resolvers, const bool use_tcp_for_dns_lookups) override; FileEventPtr createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events) override; Filesystem::WatcherPtr createFilesystemWatcher() override; Network::ListenerPtr createListener(Network::SocketSharedPtr&& socket, Network::TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size) override; Network::UdpListenerPtr createUdpListener(Network::SocketSharedPtr socket, Network::UdpListenerCallbacks& cb) override; TimerPtr createTimer(TimerCb cb) override; Event::SchedulableCallbackPtr createSchedulableCallback(std::function cb) override; void deferredDelete(DeferredDeletablePtr&& to_delete) override; void exit() override; SignalEventPtr listenForSignal(int signal_num, SignalCb cb) override; void post(std::function callback) override; void run(RunType type) override; Buffer::WatermarkFactory& getWatermarkFactory() override { return *buffer_factory_; } const ScopeTrackedObject* setTrackedObject(const ScopeTrackedObject* object) override { const ScopeTrackedObject* return_object = current_object_; current_object_ = object; return return_object; } MonotonicTime approximateMonotonicTime() const override; void updateApproximateMonotonicTime() override; // FatalErrorInterface void onFatalError(std::ostream& os) const override { // Dump the state of the tracked object if it is in the current thread. This generally results // in dumping the active state only for the thread which caused the fatal error. if (isThreadSafe()) { if (current_object_) { current_object_->dumpState(os); } } } private: TimerPtr createTimerInternal(TimerCb cb); void updateApproximateMonotonicTimeInternal(); void runPostCallbacks(); // Validate that an operation is thread safe, i.e. it's invoked on the same thread that the // dispatcher run loop is executing on. We allow run_tid_ to be empty for tests where we don't // invoke run(). bool isThreadSafe() const override { return run_tid_.isEmpty() || run_tid_ == api_.threadFactory().currentThreadId(); } const std::string name_; Api::Api& api_; std::string stats_prefix_; DispatcherStatsPtr stats_; Thread::ThreadId run_tid_; Buffer::WatermarkFactoryPtr buffer_factory_; LibeventScheduler base_scheduler_; SchedulerPtr scheduler_; SchedulableCallbackPtr deferred_delete_cb_; SchedulableCallbackPtr post_cb_; std::vector to_delete_1_; std::vector to_delete_2_; std::vector* current_to_delete_; Thread::MutexBasicLockable post_lock_; std::list> post_callbacks_ ABSL_GUARDED_BY(post_lock_); const ScopeTrackedObject* current_object_{}; bool deferred_deleting_{}; MonotonicTime approximate_monotonic_time_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/event_impl_base.cc ================================================ #include "common/event/event_impl_base.h" #include "event2/event.h" namespace Envoy { namespace Event { ImplBase::~ImplBase() { // Derived classes are assumed to have already assigned the raw event in the constructor. event_del(&raw_event_); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/event_impl_base.h ================================================ #pragma once #include "event2/event_struct.h" namespace Envoy { namespace Event { /** * Base class for libevent event implementations. The event struct is embedded inside of this class * and derived classes are expected to assign it inside of the constructor. */ class ImplBase { protected: ~ImplBase(); event raw_event_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/file_event_impl.cc ================================================ #include "common/event/file_event_impl.h" #include #include "common/common/assert.h" #include "common/event/dispatcher_impl.h" #include "common/runtime/runtime_features.h" #include "event2/event.h" namespace Envoy { namespace Event { FileEventImpl::FileEventImpl(DispatcherImpl& dispatcher, os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events) : cb_(cb), fd_(fd), trigger_(trigger), activate_fd_events_next_event_loop_( // Only read the runtime feature if the runtime loader singleton has already been created. // Attempts to access runtime features too early in the initialization sequence triggers // some spurious, scary-looking logs about not being able to read runtime feature config // from the singleton. These warnings are caused by creation of filesystem watchers as // part of the process of loading the runtime configuration from disk. Runtime::LoaderSingleton::getExisting() ? Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.activate_fds_next_event_loop") : true) { // Treat the lack of a valid fd (which in practice should only happen if we run out of FDs) as // an OOM condition and just crash. RELEASE_ASSERT(SOCKET_VALID(fd), ""); #ifdef WIN32 RELEASE_ASSERT(trigger_ == FileTriggerType::Level, "libevent does not support edge triggers on Windows"); #endif assignEvents(events, &dispatcher.base()); event_add(&raw_event_, nullptr); if (activate_fd_events_next_event_loop_) { activation_cb_ = dispatcher.createSchedulableCallback([this]() { ASSERT(injected_activation_events_ != 0); mergeInjectedEventsAndRunCb(0); }); } } void FileEventImpl::activate(uint32_t events) { // events is not empty. ASSERT(events != 0); // Only supported event types are set. ASSERT((events & (FileReadyType::Read | FileReadyType::Write | FileReadyType::Closed)) == events); if (!activate_fd_events_next_event_loop_) { // Legacy implementation int libevent_events = 0; if (events & FileReadyType::Read) { libevent_events |= EV_READ; } if (events & FileReadyType::Write) { libevent_events |= EV_WRITE; } if (events & FileReadyType::Closed) { libevent_events |= EV_CLOSED; } ASSERT(libevent_events); event_active(&raw_event_, libevent_events, 0); return; } // Schedule the activation callback so it runs as part of the next loop iteration if it is not // already scheduled. if (injected_activation_events_ == 0) { ASSERT(!activation_cb_->enabled()); activation_cb_->scheduleCallbackNextIteration(); } ASSERT(activation_cb_->enabled()); // Merge new events with pending injected events. injected_activation_events_ |= events; } void FileEventImpl::assignEvents(uint32_t events, event_base* base) { ASSERT(base != nullptr); event_assign( &raw_event_, base, fd_, EV_PERSIST | (trigger_ == FileTriggerType::Level ? 0 : EV_ET) | (events & FileReadyType::Read ? EV_READ : 0) | (events & FileReadyType::Write ? EV_WRITE : 0) | (events & FileReadyType::Closed ? EV_CLOSED : 0), [](evutil_socket_t, short what, void* arg) -> void { auto* event = static_cast(arg); uint32_t events = 0; if (what & EV_READ) { events |= FileReadyType::Read; } if (what & EV_WRITE) { events |= FileReadyType::Write; } if (what & EV_CLOSED) { events |= FileReadyType::Closed; } ASSERT(events != 0); event->mergeInjectedEventsAndRunCb(events); }, this); } void FileEventImpl::setEnabled(uint32_t events) { if (activate_fd_events_next_event_loop_ && injected_activation_events_ != 0) { // Clear pending events on updates to the fd event mask to avoid delivering events that are no // longer relevant. Updating the event mask will reset the fd edge trigger state so the proxy // will be able to determine the fd read/write state without need for the injected activation // events. injected_activation_events_ = 0; activation_cb_->cancel(); } auto* base = event_get_base(&raw_event_); event_del(&raw_event_); assignEvents(events, base); event_add(&raw_event_, nullptr); } void FileEventImpl::mergeInjectedEventsAndRunCb(uint32_t events) { if (activate_fd_events_next_event_loop_ && injected_activation_events_ != 0) { events |= injected_activation_events_; injected_activation_events_ = 0; activation_cb_->cancel(); } cb_(events); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/file_event_impl.h ================================================ #pragma once #include #include "envoy/event/file_event.h" #include "common/event/dispatcher_impl.h" #include "common/event/event_impl_base.h" namespace Envoy { namespace Event { /** * Implementation of FileEvent for libevent that uses persistent events and * assumes the user will read/write until EAGAIN is returned from the file. */ class FileEventImpl : public FileEvent, ImplBase { public: FileEventImpl(DispatcherImpl& dispatcher, os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events); // Event::FileEvent void activate(uint32_t events) override; void setEnabled(uint32_t events) override; private: void assignEvents(uint32_t events, event_base* base); void mergeInjectedEventsAndRunCb(uint32_t events); FileReadyCb cb_; os_fd_t fd_; FileTriggerType trigger_; // Injected FileReadyType events that were scheduled by recent calls to activate() and are pending // delivery. uint32_t injected_activation_events_{}; // Used to schedule delayed event activation. Armed iff pending_activation_events_ != 0. SchedulableCallbackPtr activation_cb_; // Latched "envoy.reloadable_features.activate_fds_next_event_loop" runtime feature. If true, fd // events scheduled via activate are evaluated in the next iteration of the event loop after // polling and activating new fd events. const bool activate_fd_events_next_event_loop_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/libevent.cc ================================================ #include "common/event/libevent.h" #include #include "common/common/assert.h" #include "event2/thread.h" namespace Envoy { namespace Event { namespace Libevent { bool Global::initialized_ = false; void Global::initialize() { #ifdef WIN32 evthread_use_windows_threads(); #else evthread_use_pthreads(); // Ignore SIGPIPE and allow errors to propagate through error codes. signal(SIGPIPE, SIG_IGN); #endif initialized_ = true; } } // namespace Libevent } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/libevent.h ================================================ #pragma once #include "common/common/c_smart_ptr.h" struct event_base; extern "C" { void event_base_free(event_base*); } struct evconnlistener; extern "C" { void evconnlistener_free(evconnlistener*); } namespace Envoy { namespace Event { namespace Libevent { /** * Global functionality specific to libevent. */ class Global { public: static bool initialized() { return initialized_; } /** * Initialize the library globally. */ static void initialize(); private: // True if initialized() has been called. static bool initialized_; }; using BasePtr = CSmartPtr; } // namespace Libevent } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/libevent_scheduler.cc ================================================ #include "common/event/libevent_scheduler.h" #include "common/common/assert.h" #include "common/event/schedulable_cb_impl.h" #include "common/event/timer_impl.h" #include "event2/util.h" namespace Envoy { namespace Event { namespace { void recordTimeval(Stats::Histogram& histogram, const timeval& tv) { histogram.recordValue(tv.tv_sec * 1000000 + tv.tv_usec); } } // namespace LibeventScheduler::LibeventScheduler() { #ifdef WIN32 event_config* event_config = event_config_new(); RELEASE_ASSERT(event_config != nullptr, "Failed to initialize libevent event_base: event_config_new"); // Request wepoll backend by avoiding win32 backend. int error = event_config_avoid_method(event_config, "win32"); RELEASE_ASSERT(error == 0, "Failed to initialize libevent event_base: event_config_avoid_method"); event_base* event_base = event_base_new_with_config(event_config); event_config_free(event_config); #else event_base* event_base = event_base_new(); #endif RELEASE_ASSERT(event_base != nullptr, "Failed to initialize libevent event_base"); libevent_ = Libevent::BasePtr(event_base); // The dispatcher won't work as expected if libevent hasn't been configured to use threads. RELEASE_ASSERT(Libevent::Global::initialized(), ""); } TimerPtr LibeventScheduler::createTimer(const TimerCb& cb, Dispatcher& dispatcher) { return std::make_unique(libevent_, cb, dispatcher); }; SchedulableCallbackPtr LibeventScheduler::createSchedulableCallback(const std::function& cb) { return std::make_unique(libevent_, cb); }; void LibeventScheduler::run(Dispatcher::RunType mode) { int flag = 0; switch (mode) { case Dispatcher::RunType::NonBlock: flag = LibeventScheduler::flagsBasedOnEventType(); case Dispatcher::RunType::Block: // The default flags have 'block' behavior. See // http://www.wangafu.net/~nickm/libevent-book/Ref3_eventloop.html break; case Dispatcher::RunType::RunUntilExit: flag = EVLOOP_NO_EXIT_ON_EMPTY; break; } event_base_loop(libevent_.get(), flag); } void LibeventScheduler::loopExit() { event_base_loopexit(libevent_.get(), nullptr); } void LibeventScheduler::registerOnPrepareCallback(OnPrepareCallback&& callback) { ASSERT(callback); ASSERT(!callback_); callback_ = std::move(callback); evwatch_prepare_new(libevent_.get(), &onPrepareForCallback, this); } void LibeventScheduler::initializeStats(DispatcherStats* stats) { stats_ = stats; // These are thread safe. evwatch_prepare_new(libevent_.get(), &onPrepareForStats, this); evwatch_check_new(libevent_.get(), &onCheckForStats, this); } void LibeventScheduler::onPrepareForCallback(evwatch*, const evwatch_prepare_cb_info*, void* arg) { // `self` is `this`, passed in from evwatch_prepare_new. auto self = static_cast(arg); self->callback_(); } void LibeventScheduler::onPrepareForStats(evwatch*, const evwatch_prepare_cb_info* info, void* arg) { // `self` is `this`, passed in from evwatch_prepare_new. auto self = static_cast(arg); // Record poll timeout and prepare time for this iteration of the event loop. The timeout is the // expected polling duration, whereas the actual polling duration will be the difference measured // between the prepare time and the check time immediately after polling. These are compared in // onCheckForStats to compute the poll_delay stat. self->timeout_set_ = evwatch_prepare_get_timeout(info, &self->timeout_); evutil_gettimeofday(&self->prepare_time_, nullptr); // If we have a check time available from a previous iteration of the event loop (that is, all but // the first), compute the loop_duration stat. if (self->check_time_.tv_sec != 0) { timeval delta; evutil_timersub(&self->prepare_time_, &self->check_time_, &delta); recordTimeval(self->stats_->loop_duration_us_, delta); } } void LibeventScheduler::onCheckForStats(evwatch*, const evwatch_check_cb_info*, void* arg) { // `self` is `this`, passed in from evwatch_check_new. auto self = static_cast(arg); // Record check time for this iteration of the event loop. Use this together with prepare time // from above to compute the actual polling duration, and store it for the next iteration of the // event loop to compute the loop duration. evutil_gettimeofday(&self->check_time_, nullptr); if (self->timeout_set_) { timeval delta, delay; evutil_timersub(&self->check_time_, &self->prepare_time_, &delta); evutil_timersub(&delta, &self->timeout_, &delay); // Delay can be negative, meaning polling completed early. This happens in normal operation, // either because I/O was ready before we hit the timeout, or just because the kernel was // feeling saucy. Disregard negative delays in stats, since they don't indicate anything // particularly useful. if (delay.tv_sec >= 0) { recordTimeval(self->stats_->poll_delay_us_, delay); } } } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/libevent_scheduler.h ================================================ #pragma once #include #include "envoy/event/dispatcher.h" #include "envoy/event/schedulable_cb.h" #include "envoy/event/timer.h" #include "common/event/libevent.h" #include "event2/event.h" #include "event2/watch.h" namespace Envoy { namespace Event { // Implements Scheduler based on libevent. // // Here is a rough summary of operations that libevent performs in each event loop iteration, in // order. Note that the invocation order for "same-iteration" operations that execute as a group // can be surprising and invocation order of expired timers is non-deterministic. // Whenever possible, it is preferable to avoid making event invocation ordering assumptions. // // 1. Calculate the poll timeout by comparing the current time to the deadline of the closest // timer (the one at head of the priority queue). // 2. Run registered "prepare" callbacks. // 3. Poll for fd events using the closest timer as timeout, add active fds to the work list. // 4. Run registered "check" callbacks. // 5. Check timer deadlines against current time and move expired timers from the timer priority // queue to the work list. Expired timers are moved to the work list is a non-deterministic order. // 6. Execute items in the work list until the list is empty. Note that additional work // items could be added to the work list during execution of this step, more details below. // 7. Goto 1 if the loop termination condition has not been reached // // The following "same-iteration" work items are added directly to the work list when they are // scheduled so they execute in the current iteration of the event loop. Note that there are no // ordering guarantees when mixing the mechanisms below. Specifically, it is unsafe to assume that // calling post followed by deferredDelete will result in the post callback being invoked before the // deferredDelete; deferredDelete will run first if there is a pending deferredDeletion at the time // the post callback is scheduled because deferredDelete invocation is grouped. // - Event::Dispatcher::post(cb). Post callbacks are invoked as a group. // - Event::Dispatcher::deferredDelete(object) and Event::DeferredTaskUtil::deferredRun(...). // The same mechanism implements both of these operations, so they are invoked as a group. // - Event::SchedulableCallback::scheduleCallbackCurrentIteration(). Each of these callbacks is // scheduled and invoked independently. // - Event::FileEvent::activate() if "envoy.reloadable_features.activate_fds_next_event_loop" // runtime feature is disabled. // - Event::Timer::enableTimer(0) if "envoy.reloadable_features.activate_timers_next_event_loop" // runtime feature is disabled. // // Event::FileEvent::activate and Event::SchedulableCallback::scheduleCallbackNextIteration are // implemented as libevent timers with a deadline of 0. Both of these actions are moved to the work // list while checking for expired timers during step 5. // // Events execute in the following order, derived from the order in which items were added to the // work list: // 0. Events added via event_active prior to the start of the event loop (in tests) // 1. Fd events // 2. Timers, FileEvent::activate and SchedulableCallback::scheduleCallbackNextIteration // 3. "Same-iteration" work items described above, including Event::Dispatcher::post callbacks class LibeventScheduler : public Scheduler, public CallbackScheduler { public: using OnPrepareCallback = std::function; LibeventScheduler(); // Scheduler TimerPtr createTimer(const TimerCb& cb, Dispatcher& dispatcher) override; SchedulableCallbackPtr createSchedulableCallback(const std::function& cb) override; /** * Runs the event loop. * * @param mode The mode in which to run the event loop. */ void run(Dispatcher::RunType mode); /** * Exits the libevent loop. */ void loopExit(); /** * TODO(jmarantz): consider strengthening this abstraction and instead of * exposing the libevent base pointer, provide API abstractions for the calls * into it. Among other benefits this might make it more tractable to someday * consider an alternative to libevent if the need arises. * * @return the underlying libevent structure. */ event_base& base() { return *libevent_; } /** * Register callback to be called in the event loop prior to polling for * events. Must not be called more than once. |callback| must not be null. * |callback| cannot be unregistered, therefore it has to be valid throughout * the lifetime of |this|. */ void registerOnPrepareCallback(OnPrepareCallback&& callback); /** * Start writing stats once thread-local storage is ready to receive them (see * ThreadLocalStoreImpl::initializeThreading). */ void initializeStats(DispatcherStats* stats); private: static void onPrepareForCallback(evwatch*, const evwatch_prepare_cb_info* info, void* arg); static void onPrepareForStats(evwatch*, const evwatch_prepare_cb_info* info, void* arg); static void onCheckForStats(evwatch*, const evwatch_check_cb_info*, void* arg); static constexpr int flagsBasedOnEventType() { if constexpr (Event::PlatformDefaultTriggerType == FileTriggerType::Level) { // On Windows, EVLOOP_NONBLOCK will cause the libevent event_base_loop to run forever. // This is because libevent only supports level triggering on Windows, and so the write // event callbacks will trigger every time through the loop. Adding EVLOOP_ONCE ensures the // loop will run at most once return EVLOOP_NONBLOCK | EVLOOP_ONCE; } return EVLOOP_NONBLOCK; } Libevent::BasePtr libevent_; DispatcherStats* stats_{}; // stats owned by the containing DispatcherImpl bool timeout_set_{}; // whether there is a poll timeout in the current event loop iteration timeval timeout_{}; // the poll timeout for the current event loop iteration, if available timeval prepare_time_{}; // timestamp immediately before polling timeval check_time_{}; // timestamp immediately after polling OnPrepareCallback callback_; // callback to be called from onPrepareForCallback() }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/real_time_system.cc ================================================ #include "common/event/real_time_system.h" #include #include "common/common/assert.h" #include "common/event/timer_impl.h" namespace Envoy { namespace Event { namespace { class RealScheduler : public Scheduler { public: RealScheduler(Scheduler& base_scheduler) : base_scheduler_(base_scheduler) {} TimerPtr createTimer(const TimerCb& cb, Dispatcher& d) override { return base_scheduler_.createTimer(cb, d); }; private: Scheduler& base_scheduler_; }; } // namespace SchedulerPtr RealTimeSystem::createScheduler(Scheduler& base_scheduler, CallbackScheduler&) { return std::make_unique(base_scheduler); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/real_time_system.h ================================================ #pragma once #include "envoy/event/timer.h" #include "common/common/utility.h" namespace Envoy { namespace Event { /** * Real-world time implementation of TimeSystem. */ class RealTimeSystem : public TimeSystem { public: // TimeSystem SchedulerPtr createScheduler(Scheduler&, CallbackScheduler&) override; // TimeSource SystemTime systemTime() override { return time_source_.systemTime(); } MonotonicTime monotonicTime() override { return time_source_.monotonicTime(); } private: RealTimeSource time_source_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/scaled_range_timer_manager.cc ================================================ #include "common/event/scaled_range_timer_manager.h" #include #include #include #include "envoy/event/range_timer.h" #include "envoy/event/timer.h" #include "common/common/assert.h" #include "common/common/scope_tracker.h" namespace Envoy { namespace Event { /** * Implementation of RangeTimer that can be scaled by the backing manager object. * * Instances of this class exist in one of 3 states: * - inactive: not enabled * - waiting-for-min: enabled, min timeout not elapsed * - scaling-max: enabled, min timeout elapsed, max timeout not elapsed * * The allowed state transitions are: * - inactive -> waiting-for-min * - waiting-for-min -> scaling-max | inactive * - scaling-max -> inactive * * Some methods combine multiple state transitions; enableTimer(0, max) on a * timer in the scaling-max state will logically execute the transition sequence * [scaling-max -> inactive -> waiting-for-min -> scaling-max] in a single * method call. The waiting-for-min transitions are elided for efficiency. */ class ScaledRangeTimerManager::RangeTimerImpl final : public RangeTimer { public: RangeTimerImpl(TimerCb callback, ScaledRangeTimerManager& manager) : manager_(manager), callback_(std::move(callback)), min_duration_timer_(manager.dispatcher_.createTimer([this] { onMinTimerComplete(); })) {} ~RangeTimerImpl() override { disableTimer(); } void disableTimer() override { struct Dispatch { Dispatch(RangeTimerImpl& timer) : timer_(timer) {} RangeTimerImpl& timer_; void operator()(const Inactive&) {} void operator()(const WaitingForMin&) { timer_.min_duration_timer_->disableTimer(); } void operator()(ScalingMax& active) { timer_.manager_.removeTimer(active.handle_); } }; absl::visit(Dispatch(*this), state_); state_.emplace(); scope_ = nullptr; } void enableTimer(const std::chrono::milliseconds min_ms, const std::chrono::milliseconds max_ms, const ScopeTrackedObject* scope) override { disableTimer(); scope_ = scope; ENVOY_LOG_MISC(trace, "enableTimer called on {} for ({}ms, {}ms)", static_cast(this), min_ms.count(), max_ms.count()); if (min_ms <= std::chrono::milliseconds::zero()) { // If the duration spread (max - min) is zero, skip over the waiting-for-min and straight to // the scaling-max state. auto handle = manager_.activateTimer(max_ms, *this); state_.emplace(handle); } else { state_.emplace(max_ms - min_ms); min_duration_timer_->enableTimer(min_ms); } } bool enabled() override { return !absl::holds_alternative(state_); } void trigger() { ASSERT(manager_.dispatcher_.isThreadSafe()); ASSERT(!absl::holds_alternative(state_)); ENVOY_LOG_MISC(trace, "RangeTimerImpl triggered: {}", static_cast(this)); state_.emplace(); if (scope_ == nullptr) { callback_(); } else { ScopeTrackerScopeState scope(scope_, manager_.dispatcher_); scope_ = nullptr; callback_(); } } private: struct Inactive {}; struct WaitingForMin { WaitingForMin(std::chrono::milliseconds scalable_duration) : scalable_duration_(scalable_duration) {} // The amount of time between this enabled timer's max and min, which should // be scaled by the current scale factor. const std::chrono::milliseconds scalable_duration_; }; struct ScalingMax { ScalingMax(ScaledRangeTimerManager::ScalingTimerHandle handle) : handle_(handle) {} // A handle that can be used to disable the timer. ScaledRangeTimerManager::ScalingTimerHandle handle_; }; /** * This is called when the min timer expires, on the dispatcher for the manager. It registers with * the manager so the duration can be scaled, unless the duration is zero in which case it just * triggers the callback right away. */ void onMinTimerComplete() { ASSERT(manager_.dispatcher_.isThreadSafe()); ENVOY_LOG_MISC(info, "min timer complete for {}", static_cast(this)); ASSERT(absl::holds_alternative(state_)); const WaitingForMin& waiting = absl::get(state_); // This if (waiting.scalable_duration_ < std::chrono::milliseconds::zero()) { trigger(); } else { state_.emplace(manager_.activateTimer(waiting.scalable_duration_, *this)); } } ScaledRangeTimerManager& manager_; const TimerCb callback_; const TimerPtr min_duration_timer_; absl::variant state_; const ScopeTrackedObject* scope_; }; ScaledRangeTimerManager::ScaledRangeTimerManager(Dispatcher& dispatcher) : dispatcher_(dispatcher), scale_factor_(1.0) {} ScaledRangeTimerManager::~ScaledRangeTimerManager() { // Scaled timers created by the manager shouldn't outlive it. This is // necessary but not sufficient to guarantee that. ASSERT(queues_.empty()); } RangeTimerPtr ScaledRangeTimerManager::createTimer(TimerCb callback) { return std::make_unique(callback, *this); } void ScaledRangeTimerManager::setScaleFactor(double scale_factor) { const MonotonicTime now = dispatcher_.approximateMonotonicTime(); scale_factor_ = DurationScaleFactor(scale_factor); for (auto& queue : queues_) { resetQueueTimer(*queue, now); } } ScaledRangeTimerManager::Queue::Item::Item(RangeTimerImpl& timer, MonotonicTime active_time) : timer_(timer), active_time_(active_time) {} ScaledRangeTimerManager::Queue::Queue(std::chrono::milliseconds duration, ScaledRangeTimerManager& manager, Dispatcher& dispatcher) : duration_(duration), timer_(dispatcher.createTimer([this, &manager] { manager.onQueueTimerFired(*this); })) {} ScaledRangeTimerManager::ScalingTimerHandle::ScalingTimerHandle(Queue& queue, Queue::Iterator iterator) : queue_(queue), iterator_(iterator) {} ScaledRangeTimerManager::DurationScaleFactor::DurationScaleFactor(double value) : value_(std::max(0.0, std::min(value, 1.0))) {} MonotonicTime ScaledRangeTimerManager::computeTriggerTime(const Queue::Item& item, std::chrono::milliseconds duration, DurationScaleFactor scale_factor) { return item.active_time_ + std::chrono::duration_cast(duration * scale_factor.value()); } ScaledRangeTimerManager::ScalingTimerHandle ScaledRangeTimerManager::activateTimer(std::chrono::milliseconds duration, RangeTimerImpl& range_timer) { // Ensure this is being called on the same dispatcher. ASSERT(dispatcher_.isThreadSafe()); // Find the matching queue for the (max - min) duration of the range timer; if there isn't one, // create it. auto it = queues_.find(duration); if (it == queues_.end()) { auto queue = std::make_unique(duration, *this, dispatcher_); it = queues_.emplace(std::move(queue)).first; } Queue& queue = **it; // Put the timer at the back of the queue. Since the timer has the same maximum duration as all // the other timers in the queue, and since the activation times are monotonic, the queue stays in // sorted order. queue.range_timers_.emplace_back(range_timer, dispatcher_.approximateMonotonicTime()); if (queue.range_timers_.size() == 1) { resetQueueTimer(queue, dispatcher_.approximateMonotonicTime()); } return ScalingTimerHandle(queue, --queue.range_timers_.end()); } void ScaledRangeTimerManager::removeTimer(ScalingTimerHandle handle) { // Ensure this is being called on the same dispatcher. ASSERT(dispatcher_.isThreadSafe()); const bool was_front = handle.queue_.range_timers_.begin() == handle.iterator_; handle.queue_.range_timers_.erase(handle.iterator_); // Don't keep around empty queues if (handle.queue_.range_timers_.empty()) { queues_.erase(handle.queue_); return; } // The queue's timer tracks the expiration time of the first range timer, so it only needs // adjusting if the first timer is the one that was removed. if (was_front) { resetQueueTimer(handle.queue_, dispatcher_.approximateMonotonicTime()); } } void ScaledRangeTimerManager::resetQueueTimer(Queue& queue, MonotonicTime now) { ASSERT(!queue.range_timers_.empty()); const MonotonicTime trigger_time = computeTriggerTime(queue.range_timers_.front(), queue.duration_, scale_factor_); if (trigger_time < now) { queue.timer_->enableTimer(std::chrono::milliseconds::zero()); } else { queue.timer_->enableTimer( std::chrono::duration_cast(trigger_time - now)); } } void ScaledRangeTimerManager::onQueueTimerFired(Queue& queue) { auto& timers = queue.range_timers_; ASSERT(!timers.empty()); const MonotonicTime now = dispatcher_.approximateMonotonicTime(); // Pop and trigger timers until the one at the front isn't supposed to have expired yet (given the // current scale factor). while (!timers.empty() && computeTriggerTime(timers.front(), queue.duration_, scale_factor_) <= now) { auto item = std::move(queue.range_timers_.front()); queue.range_timers_.pop_front(); item.timer_.trigger(); } if (queue.range_timers_.empty()) { // Maintain the invariant that queues are never empty. queues_.erase(queue); } else { resetQueueTimer(queue, now); } } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/scaled_range_timer_manager.h ================================================ #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/range_timer.h" #include "envoy/event/timer.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Event { /** * Class for creating RangeTimer objects that can be adjusted towards either the minimum or maximum * of their range by the owner of the manager object. Users of this class can call createTimer() to * receive a new RangeTimer object that they can then enable or disable at will (but only on the * same dispatcher), and setScaleFactor() to change the scaling factor. The current scale factor is * applied to all timers, including those that are created later. * * Internally, the manager uses a set of queues to track timers. When an enabled timer reaches its * min duration, it adds a tracker object to the queue corresponding to the duration (max - min). * Each queue tracks timers of only a single duration, and uses a real Timer object to schedule the * expiration of the first timer in the queue. The expectation is that the number of (max - min) * values used to enable timers is small, so the number of queues is tightly bounded. The * queue-based implementation depends on that expectation for efficient operation. */ class ScaledRangeTimerManager { public: explicit ScaledRangeTimerManager(Dispatcher& dispatcher); ~ScaledRangeTimerManager(); /** * Creates a new range timer backed by the manager. The returned timer will be subject to the * current and future scale factor values set on the manager. All returned timers must be deleted * before the manager. */ RangeTimerPtr createTimer(TimerCb callback); /** * Sets the scale factor for all timers created through this manager. The value should be between * 0 and 1, inclusive. The scale factor affects the amount of time timers spend in their target * range. The RangeTimers returned by createTimer will fire after (min + (max - min) * * scale_factor). This means that a scale factor of 0 causes timers to fire immediately at the min * duration, a factor of 0.5 causes firing halfway between min and max, and a factor of 1 causes * firing at max. */ void setScaleFactor(double scale_factor); private: class RangeTimerImpl; // A queue object that maintains a list of timers with the same (max - min) values. struct Queue { struct Item { Item(RangeTimerImpl& timer, MonotonicTime active_time); // The timer owned by the caller being kept in the queue. RangeTimerImpl& timer_; // The time at which the timer became active (when its min duration expired). MonotonicTime active_time_; }; // Typedef for convenience. using Iterator = std::list::iterator; Queue(std::chrono::milliseconds duration, ScaledRangeTimerManager& manager, Dispatcher& dispatcher); // The (max - min) value for all timers in range_timers_. const std::chrono::milliseconds duration_; // The list of active timers in this queue. This is implemented as a // std::list so that the iterators held in ScalingTimerHandle instances are // not invalidated by removal or insertion of other timers. The timers in // the list are in sorted order by active_time_ because they are only // inserted at the end of the list, and the time is monotonically increasing. std::list range_timers_; // A real Timer that tracks the expiration time of the first timer in the queue. This gets // adjusted // 1) at queue creation time // 2) on expiration // 3) when the scale factor changes const TimerPtr timer_; }; /** * An object passed back to RangeTimerImpl that can be used to remove it from its queue. */ struct ScalingTimerHandle { ScalingTimerHandle(Queue& queue, Queue::Iterator iterator); Queue& queue_; Queue::Iterator iterator_; }; // A simple wrapper around a float that ensures value() is sane (in the range [0, 1]). class DurationScaleFactor { public: DurationScaleFactor(double value); double value() const { return value_; } private: double value_; }; struct Hash { // Magic declaration to allow heterogeneous lookup. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(const std::chrono::milliseconds duration) const { return hash_(duration.count()); } size_t operator()(const Queue& queue) const { return (*this)(queue.duration_); } size_t operator()(const std::unique_ptr& queue) const { return (*this)(*queue); } std::hash hash_; }; struct Eq { // Magic declaration to allow heterogeneous lookup. using is_transparent = void; // NOLINT(readability-identifier-naming) bool operator()(const std::unique_ptr& lhs, std::chrono::milliseconds rhs) const { return lhs->duration_ == rhs; } bool operator()(const std::unique_ptr& lhs, const Queue& rhs) const { return (*this)(lhs, rhs.duration_); } bool operator()(const std::unique_ptr& lhs, const std::unique_ptr& rhs) const { return (*this)(lhs, *rhs); } }; static MonotonicTime computeTriggerTime(const Queue::Item& item, std::chrono::milliseconds duration, DurationScaleFactor scale_factor); ScalingTimerHandle activateTimer(std::chrono::milliseconds duration, RangeTimerImpl& timer); void removeTimer(ScalingTimerHandle handle); void resetQueueTimer(Queue& queue, MonotonicTime now); void onQueueTimerFired(Queue& queue); Dispatcher& dispatcher_; DurationScaleFactor scale_factor_; absl::flat_hash_set, Hash, Eq> queues_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/schedulable_cb_impl.cc ================================================ #include "common/event/schedulable_cb_impl.h" #include "common/common/assert.h" #include "event2/event.h" namespace Envoy { namespace Event { SchedulableCallbackImpl::SchedulableCallbackImpl(Libevent::BasePtr& libevent, std::function cb) : cb_(cb) { ASSERT(cb_); evtimer_assign( &raw_event_, libevent.get(), [](evutil_socket_t, short, void* arg) -> void { SchedulableCallbackImpl* cb = static_cast(arg); cb->cb_(); }, this); } void SchedulableCallbackImpl::scheduleCallbackCurrentIteration() { if (enabled()) { return; } // event_active directly adds the event to the end of the work queue so it executes in the current // iteration of the event loop. event_active(&raw_event_, EV_TIMEOUT, 0); } void SchedulableCallbackImpl::scheduleCallbackNextIteration() { if (enabled()) { return; } // libevent computes the list of timers to move to the work list after polling for fd events, but // iteration through the work list starts. Zero delay timers added while iterating through the // work list execute on the next iteration of the event loop. const timeval zero_tv{}; event_add(&raw_event_, &zero_tv); } void SchedulableCallbackImpl::cancel() { event_del(&raw_event_); } bool SchedulableCallbackImpl::enabled() { return 0 != evtimer_pending(&raw_event_, nullptr); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/schedulable_cb_impl.h ================================================ #pragma once #include "envoy/event/schedulable_cb.h" #include "common/event/event_impl_base.h" #include "common/event/libevent.h" namespace Envoy { namespace Event { class DispatcherImpl; /** * libevent implementation of SchedulableCallback. */ class SchedulableCallbackImpl : public SchedulableCallback, ImplBase { public: SchedulableCallbackImpl(Libevent::BasePtr& libevent, std::function cb); // SchedulableCallback implementation. void scheduleCallbackCurrentIteration() override; void scheduleCallbackNextIteration() override; void cancel() override; bool enabled() override; private: std::function cb_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/signal_impl.cc ================================================ #include "common/event/signal_impl.h" #include "common/event/dispatcher_impl.h" #include "event2/event.h" namespace Envoy { namespace Event { SignalEventImpl::SignalEventImpl(DispatcherImpl& dispatcher, int signal_num, SignalCb cb) : cb_(cb) { evsignal_assign( &raw_event_, &dispatcher.base(), signal_num, [](evutil_socket_t, short, void* arg) -> void { static_cast(arg)->cb_(); }, this); evsignal_add(&raw_event_, nullptr); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/signal_impl.h ================================================ #pragma once #include "envoy/event/signal.h" #include "common/event/dispatcher_impl.h" #include "common/event/event_impl_base.h" namespace Envoy { namespace Event { /** * libevent implementation of Event::SignalEvent. */ class SignalEventImpl : public SignalEvent, ImplBase { public: SignalEventImpl(DispatcherImpl& dispatcher, int signal_num, SignalCb cb); private: SignalCb cb_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/timer_impl.cc ================================================ #include "common/event/timer_impl.h" #include #include "common/common/assert.h" #include "common/runtime/runtime_features.h" #include "event2/event.h" namespace Envoy { namespace Event { TimerImpl::TimerImpl(Libevent::BasePtr& libevent, TimerCb cb, Dispatcher& dispatcher) : cb_(cb), dispatcher_(dispatcher), activate_timers_next_event_loop_( // Only read the runtime feature if the runtime loader singleton has already been created. // Accessing runtime features too early in the initialization sequence triggers logging // and the logging code itself depends on the use of timers. Attempts to log while // initializing the logging subsystem will result in a crash. Runtime::LoaderSingleton::getExisting() ? Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.activate_timers_next_event_loop") : true) { ASSERT(cb_); evtimer_assign( &raw_event_, libevent.get(), [](evutil_socket_t, short, void* arg) -> void { TimerImpl* timer = static_cast(arg); if (timer->object_ == nullptr) { timer->cb_(); return; } ScopeTrackerScopeState scope(timer->object_, timer->dispatcher_); timer->object_ = nullptr; timer->cb_(); }, this); } void TimerImpl::disableTimer() { event_del(&raw_event_); } void TimerImpl::enableTimer(const std::chrono::milliseconds d, const ScopeTrackedObject* object) { timeval tv; TimerUtils::durationToTimeval(d, tv); internalEnableTimer(tv, object); } void TimerImpl::enableHRTimer(const std::chrono::microseconds d, const ScopeTrackedObject* object = nullptr) { timeval tv; TimerUtils::durationToTimeval(d, tv); internalEnableTimer(tv, object); } void TimerImpl::internalEnableTimer(const timeval& tv, const ScopeTrackedObject* object) { object_ = object; if (!activate_timers_next_event_loop_ && tv.tv_sec == 0 && tv.tv_usec == 0) { event_active(&raw_event_, EV_TIMEOUT, 0); } else { event_add(&raw_event_, &tv); } } bool TimerImpl::enabled() { return 0 != evtimer_pending(&raw_event_, nullptr); } } // namespace Event } // namespace Envoy ================================================ FILE: source/common/event/timer_impl.h ================================================ #pragma once #include #include "envoy/event/timer.h" #include "common/common/scope_tracker.h" #include "common/common/utility.h" #include "common/event/event_impl_base.h" #include "common/event/libevent.h" namespace Envoy { namespace Event { /** * Utility helper functions for Timer implementation. */ class TimerUtils { public: /** * Intended for consumption by enable(HR)Timer, this method is templated method to avoid implicit * duration conversions for its input arguments. This lets us have an opportunity to check bounds * before doing any conversions. When the passed in duration exceeds INT32_MAX max seconds, the * output will be clipped to yield INT32_MAX seconds and 0 microseconds for the * output argument. We clip to INT32_MAX to guard against overflowing the timeval structure. * Throws an EnvoyException on negative duration input. * @tparam Duration std::chrono duration type, e.g. seconds, milliseconds, ... * @param d duration value * @param tv output parameter that will be updated */ template static void durationToTimeval(const Duration& d, timeval& tv) { if (d.count() < 0) { ExceptionUtil::throwEnvoyException( fmt::format("Negative duration passed to durationToTimeval(): {}", d.count())); }; constexpr int64_t clip_to = INT32_MAX; // 136.102208 years auto secs = std::chrono::duration_cast(d); if (secs.count() > clip_to) { tv.tv_sec = clip_to; tv.tv_usec = 0; return; } auto usecs = std::chrono::duration_cast(d - secs); tv.tv_sec = secs.count(); tv.tv_usec = usecs.count(); } }; /** * libevent implementation of Timer. */ class TimerImpl : public Timer, ImplBase { public: TimerImpl(Libevent::BasePtr& libevent, TimerCb cb, Event::Dispatcher& dispatcher); // Timer void disableTimer() override; void enableTimer(std::chrono::milliseconds d, const ScopeTrackedObject* scope) override; void enableHRTimer(std::chrono::microseconds us, const ScopeTrackedObject* object) override; bool enabled() override; private: void internalEnableTimer(const timeval& tv, const ScopeTrackedObject* scope); TimerCb cb_; Dispatcher& dispatcher_; // This has to be atomic for alarms which are handled out of thread, for // example if the DispatcherImpl::post is called by two threads, they race to // both set this to null. std::atomic object_{}; // Latched "envoy.reloadable_features.activate_timers_next_event_loop" runtime feature. If true, // timers scheduled with a 0 time delta are evaluated in the next iteration of the event loop // after polling and activating new fd events. const bool activate_timers_next_event_loop_; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/common/filesystem/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_cc_platform_dep", "envoy_cc_posix_library", "envoy_cc_win32_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "directory_lib", hdrs = ["directory.h"], deps = envoy_cc_platform_dep("directory_iterator_impl_lib"), ) envoy_cc_win32_library( name = "directory_iterator_impl_lib", srcs = ["win32/directory_iterator_impl.cc"], hdrs = ["win32/directory_iterator_impl.h"], strip_include_prefix = "win32", deps = [ "//include/envoy/filesystem:filesystem_interface", ], ) envoy_cc_posix_library( name = "directory_iterator_impl_lib", srcs = ["posix/directory_iterator_impl.cc"], hdrs = ["posix/directory_iterator_impl.h"], strip_include_prefix = "posix", deps = [ "//include/envoy/filesystem:filesystem_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "filesystem_lib", deps = envoy_cc_platform_dep("filesystem_impl_lib"), ) envoy_cc_posix_library( name = "filesystem_impl_lib", srcs = ["posix/filesystem_impl.cc"], hdrs = ["posix/filesystem_impl.h"], strip_include_prefix = "posix", deps = [ ":file_shared_lib", ], ) envoy_cc_win32_library( name = "filesystem_impl_lib", srcs = ["win32/filesystem_impl.cc"], hdrs = ["win32/filesystem_impl.h"], strip_include_prefix = "win32", deps = [ ":file_shared_lib", ], ) envoy_cc_library( name = "file_shared_lib", srcs = ["file_shared_impl.cc"], hdrs = ["file_shared_impl.h"], deps = [ "//include/envoy/filesystem:filesystem_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "watcher_lib", srcs = select({ "//bazel:apple": [ "kqueue/watcher_impl.cc", ], "//bazel:windows_x86_64": [ "win32/watcher_impl.cc", ], "//conditions:default": [ "inotify/watcher_impl.cc", ], }), hdrs = select({ "//bazel:apple": [ "kqueue/watcher_impl.h", ], "//bazel:windows_x86_64": [ "win32/watcher_impl.h", ], "//conditions:default": [ "inotify/watcher_impl.h", ], }), external_deps = [ "event", ], strip_include_prefix = select({ "//bazel:apple": "kqueue", "//bazel:windows_x86_64": "win32", "//conditions:default": "inotify", }), deps = [ "//include/envoy/api:api_interface", "//include/envoy/event:dispatcher_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", ] + select({ "//bazel:windows_x86_64": [ "//source/common/api:os_sys_calls_lib", "//source/common/common:thread_lib", ], "//conditions:default": [], }), ) ================================================ FILE: source/common/filesystem/directory.h ================================================ #pragma once #include #include "envoy/filesystem/filesystem.h" #include "common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { // This class does not do any validation of input data. Do not use with untrusted inputs. class Directory { public: Directory(const std::string& directory_path) : directory_path_(directory_path) {} DirectoryIteratorImpl begin() { return DirectoryIteratorImpl(directory_path_); } DirectoryIteratorImpl end() { return DirectoryIteratorImpl(); } private: const std::string directory_path_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/file_shared_impl.cc ================================================ #include "common/filesystem/file_shared_impl.h" #include "common/common/utility.h" namespace Envoy { namespace Filesystem { Api::IoError::IoErrorCode IoFileError::getErrorCode() const { switch (errno_) { case HANDLE_ERROR_PERM: return IoErrorCode::Permission; case HANDLE_ERROR_INVALID: return IoErrorCode::BadFd; default: ENVOY_LOG_MISC(debug, "Unknown error code {} details {}", errno_, getErrorDetails()); return IoErrorCode::UnknownError; } } std::string IoFileError::getErrorDetails() const { return errorDetails(errno_); } bool FileSharedImpl::isOpen() const { return fd_ != INVALID_HANDLE; }; std::string FileSharedImpl::path() const { return path_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/file_shared_impl.h ================================================ #pragma once #include #include "envoy/filesystem/filesystem.h" #include "common/common/assert.h" namespace Envoy { namespace Filesystem { class IoFileError : public Api::IoError { public: explicit IoFileError(int sys_errno) : errno_(sys_errno) {} ~IoFileError() override = default; Api::IoError::IoErrorCode getErrorCode() const override; std::string getErrorDetails() const override; private: const int errno_; }; using IoFileErrorPtr = std::unique_ptr; template Api::IoCallResult resultFailure(T result, int sys_errno) { return {result, IoFileErrorPtr(new IoFileError(sys_errno), [](Api::IoError* err) { ASSERT(err != nullptr); delete err; })}; } template Api::IoCallResult resultSuccess(T result) { return {result, IoFileErrorPtr(nullptr, [](Api::IoError*) { NOT_REACHED_GCOVR_EXCL_LINE; })}; } class FileSharedImpl : public File { public: FileSharedImpl(std::string path) : fd_(INVALID_HANDLE), path_(std::move(path)) {} ~FileSharedImpl() override = default; bool isOpen() const override; std::string path() const override; protected: filesystem_os_id_t fd_; const std::string path_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/inotify/watcher_impl.cc ================================================ #include #include #include #include "envoy/api/api.h" #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/filesystem/watcher_impl.h" namespace Envoy { namespace Filesystem { WatcherImpl::WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api) : api_(api), inotify_fd_(inotify_init1(IN_NONBLOCK)), inotify_event_(dispatcher.createFileEvent( inotify_fd_, [this](uint32_t events) -> void { ASSERT(events == Event::FileReadyType::Read); onInotifyEvent(); }, Event::FileTriggerType::Edge, Event::FileReadyType::Read)) { RELEASE_ASSERT(inotify_fd_ >= 0, "Consider increasing value of user.max_inotify_watches via sysctl"); } WatcherImpl::~WatcherImpl() { close(inotify_fd_); } void WatcherImpl::addWatch(absl::string_view path, uint32_t events, OnChangedCb callback) { // Because of general inotify pain, we always watch the directory that the file lives in, // and then synthetically raise per file events. const PathSplitResult result = api_.fileSystem().splitPathFromFilename(path); const uint32_t watch_mask = IN_MODIFY | IN_MOVED_TO; int watch_fd = inotify_add_watch(inotify_fd_, std::string(result.directory_).c_str(), watch_mask); if (watch_fd == -1) { throw EnvoyException( fmt::format("unable to add filesystem watch for file {}: {}", path, errorDetails(errno))); } ENVOY_LOG(debug, "added watch for directory: '{}' file: '{}' fd: {}", result.directory_, result.file_, watch_fd); callback_map_[watch_fd].watches_.push_back({std::string(result.file_), events, callback}); } void WatcherImpl::onInotifyEvent() { while (true) { uint8_t buffer[sizeof(inotify_event) + NAME_MAX + 1]; ssize_t rc = read(inotify_fd_, &buffer, sizeof(buffer)); if (rc == -1 && errno == EAGAIN) { return; } RELEASE_ASSERT(rc >= 0, ""); const size_t event_count = rc; size_t index = 0; while (index < event_count) { auto* file_event = reinterpret_cast(&buffer[index]); ASSERT(callback_map_.count(file_event->wd) == 1); std::string file; if (file_event->len > 0) { file.assign(file_event->name); } ENVOY_LOG(debug, "notification: fd: {} mask: {:x} file: {}", file_event->wd, file_event->mask, file); uint32_t events = 0; if (file_event->mask & IN_MODIFY) { events |= Events::Modified; } if (file_event->mask & IN_MOVED_TO) { events |= Events::MovedTo; } for (FileWatch& watch : callback_map_[file_event->wd].watches_) { if (watch.events_ & events) { if (watch.file_ == file) { ENVOY_LOG(debug, "matched callback: file: {}", file); watch.cb_(events); } else if (watch.file_.empty()) { ENVOY_LOG(debug, "matched callback: directory: {}", file); watch.cb_(events); } } } index += sizeof(inotify_event) + file_event->len; } } } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/inotify/watcher_impl.h ================================================ #pragma once #include #include #include #include "envoy/api/api.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/watcher.h" #include "common/common/logger.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Filesystem { /** * Implementation of Watcher that uses inotify. inotify is an awful API. In order to make this work * in a somewhat sane way we always watch the directory that owns the thing being watched, and then * filter for events that are relevant to the thing being watched. */ class WatcherImpl : public Watcher, Logger::Loggable { public: WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api); ~WatcherImpl() override; // Filesystem::Watcher void addWatch(absl::string_view path, uint32_t events, OnChangedCb cb) override; private: struct FileWatch { std::string file_; uint32_t events_; OnChangedCb cb_; }; struct DirectoryWatch { std::list watches_; }; void onInotifyEvent(); Api::Api& api_; int inotify_fd_; Event::FileEventPtr inotify_event_; absl::node_hash_map callback_map_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/kqueue/watcher_impl.cc ================================================ #include #include #include #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/filesystem/watcher_impl.h" #include "event2/event.h" namespace Envoy { namespace Filesystem { WatcherImpl::WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api) : api_(api), queue_(kqueue()), kqueue_event_(dispatcher.createFileEvent( queue_, [this](uint32_t events) -> void { if (events & Event::FileReadyType::Read) { onKqueueEvent(); } }, Event::FileTriggerType::Edge, Event::FileReadyType::Read)) {} WatcherImpl::~WatcherImpl() { close(queue_); watches_.clear(); } void WatcherImpl::addWatch(absl::string_view path, uint32_t events, Watcher::OnChangedCb cb) { FileWatchPtr watch = addWatch(path, events, cb, false); if (watch == nullptr) { throw EnvoyException(absl::StrCat("invalid watch path ", path)); } } WatcherImpl::FileWatchPtr WatcherImpl::addWatch(absl::string_view path, uint32_t events, Watcher::OnChangedCb cb, bool path_must_exist) { bool watching_dir = false; std::string pathname(path); int watch_fd = open(pathname.c_str(), O_SYMLINK); if (watch_fd == -1) { if (path_must_exist) { return nullptr; } watch_fd = open(std::string(api_.fileSystem().splitPathFromFilename(path).directory_).c_str(), 0); if (watch_fd == -1) { return nullptr; } watching_dir = true; } FileWatchPtr watch(new FileWatch()); watch->fd_ = watch_fd; watch->file_ = pathname; watch->events_ = events; watch->callback_ = cb; watch->watching_dir_ = watching_dir; u_int flags = NOTE_DELETE | NOTE_RENAME | NOTE_WRITE; struct kevent event; EV_SET(&event, watch_fd, EVFILT_VNODE, EV_ADD | EV_CLEAR, flags, 0, reinterpret_cast(watch_fd)); if (kevent(queue_, &event, 1, nullptr, 0, nullptr) == -1 || event.flags & EV_ERROR) { throw EnvoyException( fmt::format("unable to add filesystem watch for file {}: {}", path, errorDetails(errno))); } ENVOY_LOG(debug, "added watch for file: '{}' fd: {}", path, watch_fd); watches_[watch_fd] = watch; return watch; } void WatcherImpl::removeWatch(FileWatchPtr& watch) { // Removing the map entry closes the fd, which will automatically // unregister the kqueue event. int fd = watch->fd_; watches_.erase(fd); } void WatcherImpl::onKqueueEvent() { struct kevent event = {}; timespec nullts = {0, 0}; while (true) { uint32_t events = 0; int nevents = kevent(queue_, nullptr, 0, &event, 1, &nullts); if (nevents < 1 || event.udata == nullptr) { return; } int watch_fd = reinterpret_cast(event.udata); FileWatchPtr file = watches_[watch_fd]; ASSERT(file != nullptr); ASSERT(watch_fd == file->fd_); auto pathname = api_.fileSystem().splitPathFromFilename(file->file_); if (file->watching_dir_) { if (event.fflags & NOTE_DELETE) { // directory was deleted removeWatch(file); return; } if (event.fflags & NOTE_WRITE) { // directory was written -- check if the file we're actually watching appeared FileWatchPtr new_file = addWatch(file->file_, file->events_, file->callback_, true); if (new_file != nullptr) { removeWatch(file); file = new_file; events |= Events::MovedTo; } } } else if (pathname.file_.empty()) { if (event.fflags & NOTE_WRITE) { events |= Events::MovedTo; } } else { // kqueue doesn't seem to work well with NOTE_RENAME and O_SYMLINK, so instead if we // get a NOTE_DELETE on the symlink we check if there is another file with the same // name we assume a NOTE_RENAME and re-attach another event to the new file. if (event.fflags & NOTE_DELETE) { removeWatch(file); FileWatchPtr new_file = addWatch(file->file_, file->events_, file->callback_, true); if (new_file == nullptr) { return; } event.fflags |= NOTE_RENAME; file = new_file; } if (event.fflags & NOTE_RENAME) { events |= Events::MovedTo; } if (event.fflags & NOTE_WRITE) { events |= Events::Modified; } } ENVOY_LOG(debug, "notification: fd: {} flags: {:x} file: {}", file->fd_, event.fflags, file->file_); if (events & file->events_) { ENVOY_LOG(debug, "matched callback: file: {}", file->file_); file->callback_(events); } } } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/kqueue/watcher_impl.h ================================================ #pragma once #include #include #include #include "envoy/api/api.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/watcher.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Filesystem { /** * Implementation of Watcher that uses kqueue. If the file being watched doesn't exist, we watch * the directory, and then try to add a file watch each time there's a write event to the * directory. */ class WatcherImpl : public Watcher, Logger::Loggable { public: WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api); ~WatcherImpl(); // Filesystem::Watcher void addWatch(absl::string_view path, uint32_t events, OnChangedCb cb) override; private: struct FileWatch : LinkedObject { ~FileWatch() { close(fd_); } int fd_; uint32_t events_; std::string file_; OnChangedCb callback_; bool watching_dir_; }; using FileWatchPtr = std::shared_ptr; void onKqueueEvent(); FileWatchPtr addWatch(absl::string_view path, uint32_t events, Watcher::OnChangedCb cb, bool pathMustExist); void removeWatch(FileWatchPtr& watch); Api::Api& api_; int queue_; absl::node_hash_map watches_; Event::FileEventPtr kqueue_event_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/posix/directory_iterator_impl.cc ================================================ #include "envoy/common/exception.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { DirectoryIteratorImpl::DirectoryIteratorImpl(const std::string& directory_path) : directory_path_(directory_path), os_sys_calls_(Api::OsSysCallsSingleton::get()) { openDirectory(); nextEntry(); } DirectoryIteratorImpl::~DirectoryIteratorImpl() { if (dir_ != nullptr) { ::closedir(dir_); } } DirectoryIteratorImpl& DirectoryIteratorImpl::operator++() { nextEntry(); return *this; } void DirectoryIteratorImpl::openDirectory() { DIR* temp_dir = ::opendir(directory_path_.c_str()); dir_ = temp_dir; if (!dir_) { throw EnvoyException( fmt::format("unable to open directory {}: {}", directory_path_, errorDetails(errno))); } } void DirectoryIteratorImpl::nextEntry() { errno = 0; dirent* entry = ::readdir(dir_); if (entry == nullptr && errno != 0) { throw EnvoyException( fmt::format("unable to iterate directory {}: {}", directory_path_, errorDetails(errno))); } if (entry == nullptr) { entry_ = {"", FileType::Other}; } else { const std::string current_path(entry->d_name); const std::string full_path(directory_path_ + "/" + current_path); entry_ = {current_path, fileType(full_path)}; } } FileType DirectoryIteratorImpl::fileType(const std::string& full_path) const { struct stat stat_buf; const Api::SysCallIntResult result = os_sys_calls_.stat(full_path.c_str(), &stat_buf); if (result.rc_ != 0) { if (errno == ENOENT) { // Special case. This directory entity is likely to be a symlink, // but the reference is broken as the target could not be stat()'ed. // If we confirm this with an lstat, treat this file entity as // a regular file, which may be unlink()'ed. if (::lstat(full_path.c_str(), &stat_buf) == 0 && S_ISLNK(stat_buf.st_mode)) { return FileType::Regular; } } throw EnvoyException(fmt::format("unable to stat file: '{}' ({})", full_path, errno)); } if (S_ISDIR(stat_buf.st_mode)) { return FileType::Directory; } else if (S_ISREG(stat_buf.st_mode)) { return FileType::Regular; } return FileType::Other; } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/posix/directory_iterator_impl.h ================================================ #pragma once #include #include "envoy/filesystem/filesystem.h" #include "common/api/os_sys_calls_impl.h" namespace Envoy { namespace Filesystem { class DirectoryIteratorImpl : public DirectoryIterator { public: DirectoryIteratorImpl(const std::string& directory_path); DirectoryIteratorImpl() : directory_path_(""), os_sys_calls_(Api::OsSysCallsSingleton::get()) {} ~DirectoryIteratorImpl() override; DirectoryIteratorImpl& operator++() override; // We don't want this iterator to be copied. If the copy gets destructed, // then it will close its copy of the DIR* pointer, which will cause the // original's to be invalid. While we could implement a deep copy constructor to // work around this, it is not needed the moment. DirectoryIteratorImpl(const DirectoryIteratorImpl&) = delete; DirectoryIteratorImpl(DirectoryIteratorImpl&&) = default; private: void nextEntry(); void openDirectory(); FileType fileType(const std::string& name) const; std::string directory_path_; DIR* dir_{nullptr}; Api::OsSysCallsImpl& os_sys_calls_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/posix/filesystem_impl.cc ================================================ #include #include #include #include #include #include #include #include #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/filesystem/filesystem_impl.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Filesystem { FileImplPosix::~FileImplPosix() { if (isOpen()) { const Api::IoCallBoolResult result = close(); ASSERT(result.rc_); } } Api::IoCallBoolResult FileImplPosix::open(FlagSet in) { if (isOpen()) { return resultSuccess(true); } const auto flags_and_mode = translateFlag(in); fd_ = ::open(path_.c_str(), flags_and_mode.flags_, flags_and_mode.mode_); return fd_ != -1 ? resultSuccess(true) : resultFailure(false, errno); } Api::IoCallSizeResult FileImplPosix::write(absl::string_view buffer) { const ssize_t rc = ::write(fd_, buffer.data(), buffer.size()); return rc != -1 ? resultSuccess(rc) : resultFailure(rc, errno); }; Api::IoCallBoolResult FileImplPosix::close() { ASSERT(isOpen()); int rc = ::close(fd_); fd_ = -1; return (rc != -1) ? resultSuccess(true) : resultFailure(false, errno); } FileImplPosix::FlagsAndMode FileImplPosix::translateFlag(FlagSet in) { int out = 0; mode_t mode = 0; if (in.test(File::Operation::Create)) { out |= O_CREAT; mode |= S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; } if (in.test(File::Operation::Append)) { out |= O_APPEND; } if (in.test(File::Operation::Read) && in.test(File::Operation::Write)) { out |= O_RDWR; } else if (in.test(File::Operation::Read)) { out |= O_RDONLY; } else if (in.test(File::Operation::Write)) { out |= O_WRONLY; } return {out, mode}; } FilePtr InstanceImplPosix::createFile(const std::string& path) { return std::make_unique(path); } bool InstanceImplPosix::fileExists(const std::string& path) { std::ifstream input_file(path); return input_file.is_open(); } bool InstanceImplPosix::directoryExists(const std::string& path) { DIR* const dir = ::opendir(path.c_str()); const bool dir_exists = nullptr != dir; if (dir_exists) { ::closedir(dir); } return dir_exists; } ssize_t InstanceImplPosix::fileSize(const std::string& path) { struct stat info; if (::stat(path.c_str(), &info) != 0) { return -1; } return info.st_size; } std::string InstanceImplPosix::fileReadToEnd(const std::string& path) { if (illegalPath(path)) { throw EnvoyException(absl::StrCat("Invalid path: ", path)); } std::ifstream file(path); if (file.fail()) { throw EnvoyException(absl::StrCat("unable to read file: ", path)); } std::stringstream file_string; file_string << file.rdbuf(); return file_string.str(); } PathSplitResult InstanceImplPosix::splitPathFromFilename(absl::string_view path) { size_t last_slash = path.rfind('/'); if (last_slash == std::string::npos) { throw EnvoyException(fmt::format("invalid file path {}", path)); } absl::string_view name = path.substr(last_slash + 1); // truncate all trailing slashes, except root slash if (last_slash == 0) { ++last_slash; } return {path.substr(0, last_slash), name}; } bool InstanceImplPosix::illegalPath(const std::string& path) { // Special case, allow /dev/fd/* access here so that config can be passed in a // file descriptor from a bootstrap script via exec. The reason we do this // _before_ canonicalizing the path is that different unix flavors implement // /dev/fd/* differently, for example on linux they are symlinks to /dev/pts/* // which are symlinks to /proc/self/fds/. On BSD (and darwin) they are not // symlinks at all. To avoid lots of platform, specifics, we allowlist // /dev/fd/* _before_ resolving the canonical path. if (absl::StartsWith(path, "/dev/fd/")) { return false; } const Api::SysCallStringResult canonical_path = canonicalPath(path); if (canonical_path.rc_.empty()) { ENVOY_LOG_MISC(debug, "Unable to determine canonical path for {}: {}", path, errorDetails(canonical_path.errno_)); return true; } // Platform specific path sanity; we provide a convenience to avoid Envoy // instances poking in bad places. We may have to consider conditioning on // platform in the future, growing these or relaxing some constraints (e.g. // there are valid reasons to go via /proc for file paths). // TODO(htuch): Optimize this as a hash lookup if we grow any further. if (absl::StartsWith(canonical_path.rc_, "/dev") || absl::StartsWith(canonical_path.rc_, "/sys") || absl::StartsWith(canonical_path.rc_, "/proc")) { return true; } return false; } Api::SysCallStringResult InstanceImplPosix::canonicalPath(const std::string& path) { char* resolved_path = ::realpath(path.c_str(), nullptr); if (resolved_path == nullptr) { return {std::string(), errno}; } std::string resolved_path_string{resolved_path}; ::free(resolved_path); return {resolved_path_string, 0}; } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/posix/filesystem_impl.h ================================================ #pragma once #include #include #include "envoy/api/os_sys_calls.h" #include "common/filesystem/file_shared_impl.h" namespace Envoy { namespace Filesystem { class FileImplPosix : public FileSharedImpl { public: FileImplPosix(const std::string& path) : FileSharedImpl(path) {} ~FileImplPosix() override; protected: struct FlagsAndMode { int flags_ = 0; mode_t mode_ = 0; }; Api::IoCallBoolResult open(FlagSet flag) override; Api::IoCallSizeResult write(absl::string_view buffer) override; Api::IoCallBoolResult close() override; private: FlagsAndMode translateFlag(FlagSet in); friend class FileSystemImplTest; }; class InstanceImplPosix : public Instance { public: // Filesystem::Instance FilePtr createFile(const std::string& path) override; bool fileExists(const std::string& path) override; bool directoryExists(const std::string& path) override; ssize_t fileSize(const std::string& path) override; std::string fileReadToEnd(const std::string& path) override; PathSplitResult splitPathFromFilename(absl::string_view path) override; bool illegalPath(const std::string& path) override; private: Api::SysCallStringResult canonicalPath(const std::string& path); friend class FileSystemImplTest; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/directory_iterator_impl.cc ================================================ #include "envoy/common/exception.h" #include "common/common/fmt.h" #include "common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { DirectoryIteratorImpl::DirectoryIteratorImpl(const std::string& directory_path) : DirectoryIterator(), find_handle_(INVALID_HANDLE_VALUE) { WIN32_FIND_DATA find_data; const std::string glob = directory_path + "\\*"; find_handle_ = ::FindFirstFile(glob.c_str(), &find_data); if (find_handle_ == INVALID_HANDLE_VALUE) { throw EnvoyException( fmt::format("unable to open directory {}: {}", directory_path, ::GetLastError())); } entry_ = {std::string(find_data.cFileName), fileType(find_data)}; } DirectoryIteratorImpl::~DirectoryIteratorImpl() { if (find_handle_ != INVALID_HANDLE_VALUE) { ::FindClose(find_handle_); } } DirectoryIteratorImpl& DirectoryIteratorImpl::operator++() { WIN32_FIND_DATA find_data; const BOOL ret = ::FindNextFile(find_handle_, &find_data); const DWORD err = ::GetLastError(); if (ret == 0 && err != ERROR_NO_MORE_FILES) { throw EnvoyException(fmt::format("unable to iterate directory: {}", err)); } if (ret == 0) { entry_ = {"", FileType::Other}; } else { entry_ = {std::string(find_data.cFileName), fileType(find_data)}; } return *this; } FileType DirectoryIteratorImpl::fileType(const WIN32_FIND_DATA& find_data) const { if ((find_data.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) && !(find_data.dwReserved0 & IO_REPARSE_TAG_SYMLINK)) { // The file is reparse point and not a symlink, so it can't be // a regular file or a directory return FileType::Other; } if (find_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { return FileType::Directory; } return FileType::Regular; } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/directory_iterator_impl.h ================================================ #pragma once #include "envoy/filesystem/filesystem.h" namespace Envoy { namespace Filesystem { class DirectoryIteratorImpl : public DirectoryIterator { public: DirectoryIteratorImpl(const std::string& directory_path); DirectoryIteratorImpl() : DirectoryIterator(), find_handle_(INVALID_HANDLE_VALUE) {} ~DirectoryIteratorImpl(); DirectoryIteratorImpl& operator++() override; // We don't want this iterator to be copied. If the copy gets destructed, // then it will close its copy of the directory HANDLE, which will cause the // original's to be invalid. While we could implement a deep copy constructor to // work around this, it is not needed the moment. DirectoryIteratorImpl(const DirectoryIteratorImpl&) = delete; DirectoryIteratorImpl(DirectoryIteratorImpl&&) = default; DirectoryIteratorImpl& operator=(DirectoryIteratorImpl&&) = default; private: FileType fileType(const WIN32_FIND_DATA& find_data) const; HANDLE find_handle_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/filesystem_impl.cc ================================================ #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/filesystem/filesystem_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Filesystem { FileImplWin32::~FileImplWin32() { if (isOpen()) { const Api::IoCallBoolResult result = close(); ASSERT(result.rc_); } } Api::IoCallBoolResult FileImplWin32::open(FlagSet in) { if (isOpen()) { return resultSuccess(true); } auto flags = translateFlag(in); fd_ = CreateFileA(path_.c_str(), flags.access_, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, flags.creation_, 0, NULL); if (fd_ == INVALID_HANDLE) { return resultFailure(false, ::GetLastError()); } return resultSuccess(true); } Api::IoCallSizeResult FileImplWin32::write(absl::string_view buffer) { DWORD bytes_written; BOOL result = WriteFile(fd_, buffer.data(), buffer.length(), &bytes_written, NULL); if (result == 0) { return resultFailure(-1, ::GetLastError()); } return resultSuccess(bytes_written); }; Api::IoCallBoolResult FileImplWin32::close() { ASSERT(isOpen()); BOOL result = CloseHandle(fd_); fd_ = INVALID_HANDLE; if (result == 0) { return resultFailure(false, ::GetLastError()); } return resultSuccess(true); } FileImplWin32::FlagsAndMode FileImplWin32::translateFlag(FlagSet in) { DWORD access = 0; DWORD creation = OPEN_EXISTING; if (in.test(File::Operation::Create)) { creation = OPEN_ALWAYS; } if (in.test(File::Operation::Write)) { access = GENERIC_WRITE; } // Order of tests matter here. There reason for that // is that `FILE_APPEND_DATA` should not be used together // with `GENERIC_WRITE`. If both of them are used the file // is not opened in append mode. if (in.test(File::Operation::Append)) { access = FILE_APPEND_DATA; } if (in.test(File::Operation::Read)) { access |= GENERIC_READ; } return {access, creation}; } FilePtr InstanceImplWin32::createFile(const std::string& path) { return std::make_unique(path); } bool InstanceImplWin32::fileExists(const std::string& path) { const DWORD attributes = ::GetFileAttributes(path.c_str()); return attributes != INVALID_FILE_ATTRIBUTES; } bool InstanceImplWin32::directoryExists(const std::string& path) { const DWORD attributes = ::GetFileAttributes(path.c_str()); if (attributes == INVALID_FILE_ATTRIBUTES) { return false; } return attributes & FILE_ATTRIBUTE_DIRECTORY; } ssize_t InstanceImplWin32::fileSize(const std::string& path) { auto fd = CreateFileA(path.c_str(), GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, 0, NULL); if (fd == INVALID_HANDLE) { return -1; } ssize_t result = 0; LARGE_INTEGER lFileSize; BOOL bGetSize = GetFileSizeEx(fd, &lFileSize); CloseHandle(fd); if (!bGetSize) { return -1; } result += lFileSize.QuadPart; return result; } std::string InstanceImplWin32::fileReadToEnd(const std::string& path) { if (illegalPath(path)) { throw EnvoyException(absl::StrCat("Invalid path: ", path)); } std::ios::sync_with_stdio(false); // On Windows, we need to explicitly set the file mode as binary. Otherwise, // 0x1a will be treated as EOF std::ifstream file(path, std::ios_base::binary); if (file.fail()) { auto last_error = ::GetLastError(); if (last_error == ERROR_FILE_NOT_FOUND) { throw EnvoyException(absl::StrCat("Invalid path: ", path)); } throw EnvoyException(absl::StrCat("unable to read file: ", path)); } std::stringstream file_string; file_string << file.rdbuf(); return file_string.str(); } PathSplitResult InstanceImplWin32::splitPathFromFilename(absl::string_view path) { size_t last_slash = path.find_last_of(":/\\"); if (last_slash == std::string::npos) { throw EnvoyException(fmt::format("invalid file path {}", path)); } absl::string_view name = path.substr(last_slash + 1); // Truncate all trailing slashes, but retain the entire // single '/', 'd:' drive, and 'd:\' drive root paths if (last_slash == 0 || path[last_slash] == ':' || path[last_slash - 1] == ':') { ++last_slash; } return {path.substr(0, last_slash), name}; } // clang-format off // // Filename warnings and caveats are documented at; // https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file // Originally prepared by wrowe@rowe-clan.net for the Apache APR project, see; // http://svn.apache.org/viewvc/apr/apr/trunk/file_io/win32/filesys.c?view=log&pathrev=62242 // // Note special delimiter cases for path prefixes; // "D:\" for local drive volumes // "\server\share\" for network volumes // "\\?\" to pass path directly to the underlying driver // (invalidates the '/' separator and bypasses ".", ".." handling) // "\\?\D:\" for local drive volumes // "\\?\UNC\server\share\" for network volumes (literal "UNC") // "\\.\" for device namespace (e.g. volume names, character devices) // File path components must not end in whitespace or '.' (except literal "." and "..") // Allow ':' for drive letter only (attempt to name alternate file stream) // Allow '/', '\\' as path delimiters only // Valid file name character excluding delimiters; static const char filename_char_table[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, // @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, // ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, // High bit codes are accepted (subject to code page translation rules) 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }; // The "COM#" and "LPT#" names below have boolean flag requiring a [1-9] suffix. // This list can be avoided by observing dwFileAttributes & FILE_ATTRIBUTE_DEVICE // within WIN32_FILE_ATTRIBUTE_DATA or WIN32_FIND_DATA results. absl::node_hash_map pathelt_table = { {"CON", false}, {"NUL", false}, {"AUX", false}, {"PRN", false}, {"COM", true}, {"LPT", true} }; // clang-format on bool InstanceImplWin32::illegalPath(const std::string& path) { std::string pathbuffer = path; absl::string_view pathname = pathbuffer; // Examine and skip common leading path patterns of \\?\ and // reject paths with any other leading \\.\ device or an // unrecognized \\*\ prefix if ((pathname.size() >= 4) && (pathname[0] == '/' || pathname[0] == '\\') && (pathname[1] == '/' || pathname[1] == '\\') && (pathname[3] == '/' || pathname[3] == '\\')) { if (pathname[2] == '?') { pathname = pathname.substr(4); } else { return true; } } // Examine and accept D: drive prefix (last opportunity to // accept a colon in the file path) and skip the D: component // This may result in a relative-to working directory or absolute path on D: if (pathname.size() >= 2 && std::isalpha(pathname[0]) && pathname[1] == ':') { pathname = pathname.substr(2); } std::string ucase_prefix(" "); std::vector pathelts = absl::StrSplit(pathname, absl::ByAnyChar("/\\")); for (const std::string& elt : pathelts) { // Accept element of empty, ".", ".." as special cases, if (elt.size() == 0 || (elt[0] == '.' && (elt.size() == 1 || (elt[1] == '.' && (elt.size() == 2))))) { continue; } // Upper-case path segment prefix to compare to character device names if (elt.size() >= 3) { int i; for (i = 0; i < 3; ++i) { ucase_prefix[i] = ::toupper(elt[i]); } auto found_elt = pathelt_table.find(ucase_prefix); if (found_elt != pathelt_table.end()) { // If a non-zero digit is significant, but not present, treat as not-found if (!found_elt->second || (elt.size() >= 4 && ::isdigit(elt[i]) && elt[i++] != '0')) { if (elt.size() == i) { return true; } // The literal device name is invalid for both an exact match, // and also when followed by (whitespace plus) any .ext suffix for (auto ch = elt.begin() + i; ch != elt.end(); ++ch) { if (*ch == '.') { return true; } if (*ch != ' ') { break; } } } } } for (const char& ch : elt) { if (!(filename_char_table[ch] & 1)) { return true; } } const char& lastch = elt[elt.size() - 1]; if (lastch == ' ' || lastch == '.') { return true; } } return false; } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/filesystem_impl.h ================================================ #pragma once #include #include #include "common/filesystem/file_shared_impl.h" namespace Envoy { namespace Filesystem { class FileImplWin32 : public FileSharedImpl { public: FileImplWin32(const std::string& path) : FileSharedImpl(path) {} ~FileImplWin32(); protected: Api::IoCallBoolResult open(FlagSet flag) override; Api::IoCallSizeResult write(absl::string_view buffer) override; Api::IoCallBoolResult close() override; private: struct FlagsAndMode { DWORD access_ = 0; DWORD creation_ = 0; }; FlagsAndMode translateFlag(FlagSet in); friend class FileSystemImplTest; }; class InstanceImplWin32 : public Instance { public: // Filesystem::Instance FilePtr createFile(const std::string& path) override; bool fileExists(const std::string& path) override; bool directoryExists(const std::string& path) override; ssize_t fileSize(const std::string& path) override; std::string fileReadToEnd(const std::string& path) override; PathSplitResult splitPathFromFilename(absl::string_view path) override; bool illegalPath(const std::string& path) override; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/watcher_impl.cc ================================================ #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/thread_impl.h" #include "common/filesystem/watcher_impl.h" namespace Envoy { namespace Filesystem { WatcherImpl::WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api) : api_(api), os_sys_calls_(Api::OsSysCallsSingleton::get()) { os_fd_t socks[2]; Api::SysCallIntResult result = os_sys_calls_.socketpair(AF_INET, SOCK_STREAM, IPPROTO_TCP, socks); ASSERT(result.rc_ == 0); event_read_ = socks[0]; event_write_ = socks[1]; result = os_sys_calls_.setsocketblocking(event_read_, false); ASSERT(result.rc_ == 0); result = os_sys_calls_.setsocketblocking(event_write_, false); ASSERT(result.rc_ == 0); directory_event_ = dispatcher.createFileEvent( event_read_, [this](uint32_t events) -> void { ASSERT(events == Event::FileReadyType::Read); onDirectoryEvent(); }, Event::FileTriggerType::Level, Event::FileReadyType::Read); thread_exit_event_ = ::CreateEvent(nullptr, false, false, nullptr); ASSERT(thread_exit_event_ != NULL); keep_watching_ = true; // See comments in WorkerImpl::start for the naming convention. Thread::Options options{absl::StrCat("wat:", dispatcher.name())}; watch_thread_ = thread_factory_.createThread([this]() -> void { watchLoop(); }, options); } WatcherImpl::~WatcherImpl() { const BOOL rc = ::SetEvent(thread_exit_event_); ASSERT(rc); watch_thread_->join(); for (auto& entry : callback_map_) { ::CloseHandle(entry.second->dir_handle_); ::CloseHandle(entry.second->overlapped_.hEvent); } ::CloseHandle(thread_exit_event_); ::closesocket(event_read_); ::closesocket(event_write_); } void WatcherImpl::addWatch(absl::string_view path, uint32_t events, OnChangedCb cb) { if (path == Platform::null_device_path) { return; } const PathSplitResult result = api_.fileSystem().splitPathFromFilename(path); // ReadDirectoryChangesW only has a Unicode version, so we need // to use wide strings here const std::wstring directory = wstring_converter_.from_bytes(std::string(result.directory_)); const std::wstring file = wstring_converter_.from_bytes(std::string(result.file_)); const HANDLE dir_handle = CreateFileW( directory.c_str(), GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, nullptr, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OVERLAPPED, NULL); if (dir_handle == INVALID_HANDLE_VALUE) { throw EnvoyException( fmt::format("unable to open directory {}: {}", result.directory_, GetLastError())); } std::string fii_key(sizeof(FILE_ID_INFO), '\0'); RELEASE_ASSERT( GetFileInformationByHandleEx(dir_handle, FileIdInfo, &fii_key[0], sizeof(FILE_ID_INFO)), fmt::format("unable to identify directory {}: {}", result.directory_, GetLastError())); if (callback_map_.find(fii_key) != callback_map_.end()) { CloseHandle(dir_handle); } else { callback_map_[fii_key] = std::make_unique(); callback_map_[fii_key]->dir_handle_ = dir_handle; callback_map_[fii_key]->buffer_.resize(16384); callback_map_[fii_key]->watcher_ = this; // According to Microsoft docs, "the hEvent member of the OVERLAPPED structure is not used by // the system, so you can use it yourself". We will use it for synchronization of the completion // routines HANDLE event_handle = ::CreateEvent(nullptr, false, false, nullptr); RELEASE_ASSERT(event_handle, fmt::format("CreateEvent failed: {}", GetLastError())); callback_map_[fii_key]->overlapped_.hEvent = event_handle; dir_watch_complete_events_.push_back(event_handle); // send the first ReadDirectoryChangesW request to our watch thread. This ensures that all of // the io completion routines will run in that thread DWORD rc = ::QueueUserAPC(&issueFirstRead, static_cast(watch_thread_.get())->handle(), reinterpret_cast(callback_map_[fii_key].get())); RELEASE_ASSERT(rc, fmt::format("QueueUserAPC failed: {}", GetLastError())); // wait for issueFirstRead to confirm that it has issued a call to ReadDirectoryChangesW rc = ::WaitForSingleObject(event_handle, INFINITE); RELEASE_ASSERT(rc == WAIT_OBJECT_0, fmt::format("WaitForSingleObject failed: {}", GetLastError())); ENVOY_LOG(debug, "created watch for directory: '{}' handle: {}", result.directory_, dir_handle); } callback_map_[fii_key]->watches_.push_back({file, events, cb}); ENVOY_LOG(debug, "added watch for file '{}' in directory '{}'", result.file_, result.directory_); } void WatcherImpl::onDirectoryEvent() { while (true) { char data = 0; const int rc = ::recv(event_read_, &data, sizeof(data), 0); const int err = ::WSAGetLastError(); if (rc == SOCKET_ERROR && err == WSAEWOULDBLOCK) { return; } RELEASE_ASSERT(rc != SOCKET_ERROR, fmt::format("recv errored: {}", err)); if (data == 0) { // no callbacks to run; this is just a notification that a DirectoryWatch exited return; } CbClosure callback; bool exists = active_callbacks_.try_pop(callback); RELEASE_ASSERT(exists, "expected callback, found none"); ENVOY_LOG(debug, "executing callback"); callback(); } } void WatcherImpl::issueFirstRead(ULONG_PTR param) { DirectoryWatch* dir_watch = reinterpret_cast(param); // Since the first member in each DirectoryWatch is an OVERLAPPED, we can pass // a pointer to DirectoryWatch as the OVERLAPPED for ReadDirectoryChangesW. Then, the // completion routine can use its OVERLAPPED* parameter to access the DirectoryWatch see: // https://docs.microsoft.com/en-us/windows/desktop/ipc/named-pipe-server-using-completion-routines ReadDirectoryChangesW(dir_watch->dir_handle_, &(dir_watch->buffer_[0]), dir_watch->buffer_.capacity(), false, FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_LAST_WRITE, nullptr, reinterpret_cast(param), &directoryChangeCompletion); const BOOL rc = ::SetEvent(dir_watch->overlapped_.hEvent); ASSERT(rc); } void WatcherImpl::endDirectoryWatch(os_fd_t sock, HANDLE event_handle) { const BOOL rc = ::SetEvent(event_handle); ASSERT(rc); // let libevent know that a ReadDirectoryChangesW call returned const char data = 0; const int bytes_written = ::send(sock, &data, sizeof(data), 0); RELEASE_ASSERT(bytes_written == sizeof(data), fmt::format("failed to write 1 byte: {}", ::WSAGetLastError())); } void WatcherImpl::directoryChangeCompletion(DWORD err, DWORD num_bytes, LPOVERLAPPED overlapped) { DirectoryWatch* dir_watch = reinterpret_cast(overlapped); WatcherImpl* watcher = dir_watch->watcher_; PFILE_NOTIFY_INFORMATION fni = reinterpret_cast(&dir_watch->buffer_[0]); if (err == ERROR_OPERATION_ABORTED) { ENVOY_LOG(debug, "ReadDirectoryChangesW aborted, exiting"); endDirectoryWatch(watcher->event_write_, dir_watch->overlapped_.hEvent); return; } else if (err != 0) { ENVOY_LOG(error, "ReadDirectoryChangesW errored: {}, exiting", err); endDirectoryWatch(watcher->event_write_, dir_watch->overlapped_.hEvent); return; } else if (num_bytes < sizeof(_FILE_NOTIFY_INFORMATION)) { ENVOY_LOG(error, "ReadDirectoryChangesW returned {} bytes, expected {}, exiting", num_bytes, sizeof(_FILE_NOTIFY_INFORMATION)); endDirectoryWatch(watcher->event_write_, dir_watch->overlapped_.hEvent); return; } DWORD next_entry = 0; do { fni = reinterpret_cast(reinterpret_cast(fni) + next_entry); // the length of the file name is given in bytes, not wide characters std::wstring file(fni->FileName, fni->FileNameLength / 2); ENVOY_LOG(debug, "notification: handle: {} action: {:x} file: {}", dir_watch->dir_handle_, fni->Action, watcher->wstring_converter_.to_bytes(file)); uint32_t events = 0; if (fni->Action == FILE_ACTION_RENAMED_NEW_NAME) { events |= Events::MovedTo; } if (fni->Action == FILE_ACTION_MODIFIED) { events |= Events::Modified; } for (FileWatch& watch : dir_watch->watches_) { if (watch.file_ == file && (watch.events_ & events)) { ENVOY_LOG(debug, "matched callback: file: {}", watcher->wstring_converter_.to_bytes(file)); const auto cb = watch.cb_; const auto cb_closure = [cb, events]() -> void { cb(events); }; watcher->active_callbacks_.push(cb_closure); // write a byte to the other end of the socket that libevent is watching // this tells the libevent callback to pull this callback off the active_callbacks_ // queue. We do this so that the callbacks are executed in the main libevent loop, // not in this completion routine const char data = 1; const int bytes_written = ::send(watcher->event_write_, &data, sizeof(data), 0); RELEASE_ASSERT(bytes_written == sizeof(data), fmt::format("failed to write 1 byte: {}", ::WSAGetLastError())); } } next_entry = fni->NextEntryOffset; } while (next_entry != 0); if (!watcher->keep_watching_.load()) { ENVOY_LOG(debug, "ending watch on directory: handle: {}", dir_watch->dir_handle_); endDirectoryWatch(watcher->event_write_, dir_watch->overlapped_.hEvent); return; } ReadDirectoryChangesW(dir_watch->dir_handle_, &(dir_watch->buffer_[0]), dir_watch->buffer_.capacity(), false, FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_LAST_WRITE, nullptr, overlapped, directoryChangeCompletion); } void WatcherImpl::watchLoop() { while (keep_watching_.load()) { DWORD wait = WaitForSingleObjectEx(thread_exit_event_, INFINITE, true); switch (wait) { case WAIT_OBJECT_0: // object is getting destroyed, exit the loop keep_watching_.store(false); break; case WAIT_IO_COMPLETION: // an IO completion routine finished, nothing to do break; default: ENVOY_LOG(error, "WaitForSingleObjectEx: {}, GetLastError: {}, exiting", wait, GetLastError()); keep_watching_.store(false); } } for (auto& entry : callback_map_) { ::CancelIoEx(entry.second->dir_handle_, nullptr); } const int num_directories = dir_watch_complete_events_.size(); if (num_directories > 0) { while (true) { DWORD wait = ::WaitForMultipleObjectsEx(num_directories, &dir_watch_complete_events_[0], true, INFINITE, true); if (WAIT_OBJECT_0 <= wait && wait < (WAIT_OBJECT_0 + num_directories)) { // we have no pending IO remaining return; } else if (wait == WAIT_IO_COMPLETION) { // an io completion routine finished, keep waiting continue; } else { ENVOY_LOG(error, "WaitForMultipleObjectsEx: {}, GetLastError: {}, exiting", wait, GetLastError()); return; } } } } } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filesystem/win32/watcher_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/watcher.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/thread_impl.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Filesystem { class WatcherImpl : public Watcher, Logger::Loggable { public: WatcherImpl(Event::Dispatcher& dispatcher, Api::Api& api); ~WatcherImpl(); // Filesystem::Watcher void addWatch(absl::string_view path, uint32_t events, OnChangedCb cb) override; private: static void issueFirstRead(ULONG_PTR param); static void directoryChangeCompletion(DWORD err, DWORD num_bytes, LPOVERLAPPED overlapped); static void endDirectoryWatch(os_fd_t sock, HANDLE hEvent); void watchLoop(); void onDirectoryEvent(); struct FileWatch { // store the wide character string for ReadDirectoryChangesW std::wstring file_; uint32_t events_; OnChangedCb cb_; }; typedef std::function CbClosure; struct DirectoryWatch { OVERLAPPED overlapped_; std::list watches_; HANDLE dir_handle_; std::vector buffer_; WatcherImpl* watcher_; }; typedef std::unique_ptr DirectoryWatchPtr; Api::Api& api_; absl::node_hash_map callback_map_; Event::FileEventPtr directory_event_; os_fd_t event_write_; os_fd_t event_read_; Thread::ThreadPtr watch_thread_; Thread::ThreadFactoryImplWin32 thread_factory_; HANDLE thread_exit_event_; std::vector dir_watch_complete_events_; std::atomic keep_watching_; concurrency::concurrent_queue active_callbacks_; Api::OsSysCallsImpl& os_sys_calls_; std::wstring_convert> wstring_converter_; }; } // namespace Filesystem } // namespace Envoy ================================================ FILE: source/common/filter/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "filter_config_discovery_lib", srcs = ["filter_config_discovery_impl.cc"], hdrs = ["filter_config_discovery_impl.h"], deps = [ "//include/envoy/config:subscription_interface", "//include/envoy/filter/http:filter_config_provider_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/stats:stats_macros", "//include/envoy/thread_local:thread_local_interface", "//source/common/config:subscription_base_interface", "//source/common/config:subscription_factory_lib", "//source/common/config:utility_lib", "//source/common/grpc:common_lib", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/init:watcher_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/filter/http/filter_config_discovery_impl.cc ================================================ #include "common/filter/http/filter_config_discovery_impl.h" #include "envoy/config/core/v3/extension.pb.validate.h" #include "envoy/server/filter_config.h" #include "common/config/utility.h" #include "common/grpc/common.h" #include "common/protobuf/utility.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Filter { namespace Http { DynamicFilterConfigProviderImpl::DynamicFilterConfigProviderImpl( FilterConfigSubscriptionSharedPtr&& subscription, const std::set& require_type_urls, Server::Configuration::FactoryContext& factory_context) : subscription_(std::move(subscription)), require_type_urls_(require_type_urls), tls_(factory_context.threadLocal().allocateSlot()), init_target_("DynamicFilterConfigProviderImpl", [this]() { subscription_->start(); // This init target is used to activate the subscription but not wait // for a response. It is used whenever a default config is provided to be // used while waiting for a response. init_target_.ready(); }) { subscription_->filter_config_providers_.insert(this); tls_->set([](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(); }); } DynamicFilterConfigProviderImpl::~DynamicFilterConfigProviderImpl() { subscription_->filter_config_providers_.erase(this); } const std::string& DynamicFilterConfigProviderImpl::name() { return subscription_->name(); } absl::optional DynamicFilterConfigProviderImpl::config() { return tls_->getTyped().config_; } void DynamicFilterConfigProviderImpl::validateConfig( const ProtobufWkt::Any& proto_config, Server::Configuration::NamedHttpFilterConfigFactory&) { auto type_url = Config::Utility::getFactoryType(proto_config); if (require_type_urls_.count(type_url) == 0) { throw EnvoyException(fmt::format("Error: filter config has type URL {} but expect {}.", type_url, absl::StrJoin(require_type_urls_, ", "))); } } void DynamicFilterConfigProviderImpl::onConfigUpdate(Envoy::Http::FilterFactoryCb config, const std::string&, Config::ConfigAppliedCb cb) { tls_->runOnAllThreads( [config, cb](ThreadLocal::ThreadLocalObjectSharedPtr previous) -> ThreadLocal::ThreadLocalObjectSharedPtr { auto prev_config = std::dynamic_pointer_cast(previous); prev_config->config_ = config; if (cb) { cb(); } return previous; }, [this, config]() { // This happens after all workers have discarded the previous config so it can be safely // deleted on the main thread by an update with the new config. this->current_config_ = config; }); } FilterConfigSubscription::FilterConfigSubscription( const envoy::config::core::v3::ConfigSource& config_source, const std::string& filter_config_name, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix, FilterConfigProviderManagerImpl& filter_config_provider_manager, const std::string& subscription_id) : Config::SubscriptionBase( envoy::config::core::v3::ApiVersion::V3, factory_context.messageValidationContext().dynamicValidationVisitor(), "name"), filter_config_name_(filter_config_name), factory_context_(factory_context), validator_(factory_context.messageValidationContext().dynamicValidationVisitor()), init_target_(fmt::format("FilterConfigSubscription init {}", filter_config_name_), [this]() { start(); }), scope_(factory_context.scope().createScope(stat_prefix + "extension_config_discovery." + filter_config_name_ + ".")), stat_prefix_(stat_prefix), stats_({ALL_EXTENSION_CONFIG_DISCOVERY_STATS(POOL_COUNTER(*scope_))}), filter_config_provider_manager_(filter_config_provider_manager), subscription_id_(subscription_id) { const auto resource_name = getResourceName(); subscription_ = factory_context.clusterManager().subscriptionFactory().subscriptionFromConfigSource( config_source, Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); } void FilterConfigSubscription::start() { if (!started_) { started_ = true; subscription_->start({filter_config_name_}); } } void FilterConfigSubscription::onConfigUpdate( const std::vector& resources, const std::string& version_info) { // Make sure to make progress in case the control plane is temporarily inconsistent. init_target_.ready(); if (resources.size() != 1) { throw EnvoyException(fmt::format( "Unexpected number of resources in ExtensionConfigDS response: {}", resources.size())); } const auto& filter_config = dynamic_cast( resources[0].get().resource()); if (filter_config.name() != filter_config_name_) { throw EnvoyException(fmt::format("Unexpected resource name in ExtensionConfigDS response: {}", filter_config.name())); } // Skip update if hash matches const uint64_t new_hash = MessageUtil::hash(filter_config.typed_config()); if (new_hash == last_config_hash_) { return; } auto& factory = Config::Utility::getAndCheckFactory( filter_config); // Ensure that the filter config is valid in the filter chain context once the proto is processed. // Validation happens before updating to prevent a partial update application. It might be // possible that the providers have distinct type URL constraints. for (auto* provider : filter_config_providers_) { provider->validateConfig(filter_config.typed_config(), factory); } ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( filter_config.typed_config(), validator_, factory); Envoy::Http::FilterFactoryCb factory_callback = factory.createFilterFactoryFromProto(*message, stat_prefix_, factory_context_); ENVOY_LOG(debug, "Updating filter config {}", filter_config_name_); const auto pending_update = std::make_shared>( (factory_context_.admin().concurrency() + 1) * filter_config_providers_.size()); for (auto* provider : filter_config_providers_) { provider->onConfigUpdate(factory_callback, version_info, [this, pending_update]() { if (--(*pending_update) == 0) { stats_.config_reload_.inc(); } }); } last_config_hash_ = new_hash; } void FilterConfigSubscription::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string&) { if (!removed_resources.empty()) { ENVOY_LOG(error, "Server sent a delta ExtensionConfigDS update attempting to remove a resource (name: " "{}). Ignoring.", removed_resources[0]); } if (!added_resources.empty()) { onConfigUpdate(added_resources, added_resources[0].get().version()); } } void FilterConfigSubscription::onConfigUpdateFailed(Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ENVOY_LOG(debug, "Updating filter config {} failed due to {}", filter_config_name_, reason); stats_.config_fail_.inc(); // Make sure to make progress in case the control plane is temporarily failing. init_target_.ready(); } FilterConfigSubscription::~FilterConfigSubscription() { // If we get destroyed during initialization, make sure we signal that we "initialized". init_target_.ready(); // Remove the subscription from the provider manager. filter_config_provider_manager_.subscriptions_.erase(subscription_id_); } std::shared_ptr FilterConfigProviderManagerImpl::getSubscription( const envoy::config::core::v3::ConfigSource& config_source, const std::string& name, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix) { // FilterConfigSubscriptions are unique based on their config source and filter config name // combination. // TODO(https://github.com/envoyproxy/envoy/issues/11967) Hash collision can cause subscription // aliasing. const std::string subscription_id = absl::StrCat(MessageUtil::hash(config_source), ".", name); auto it = subscriptions_.find(subscription_id); if (it == subscriptions_.end()) { auto subscription = std::make_shared( config_source, name, factory_context, stat_prefix, *this, subscription_id); subscriptions_.insert({subscription_id, std::weak_ptr(subscription)}); return subscription; } else { auto existing = it->second.lock(); ASSERT(existing != nullptr, absl::StrCat("Cannot find subscribed filter config resource ", name)); return existing; } } FilterConfigProviderPtr FilterConfigProviderManagerImpl::createDynamicFilterConfigProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& filter_config_name, const std::set& require_type_urls, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix, bool apply_without_warming) { auto subscription = getSubscription(config_source, filter_config_name, factory_context, stat_prefix); // For warming, wait until the subscription receives the first response to indicate readiness. // Otherwise, mark ready immediately and start the subscription on initialization. A default // config is expected in the latter case. if (!apply_without_warming) { factory_context.initManager().add(subscription->initTarget()); } auto provider = std::make_unique( std::move(subscription), require_type_urls, factory_context); // Ensure the subscription starts if it has not already. if (apply_without_warming) { factory_context.initManager().add(provider->init_target_); } return provider; } } // namespace Http } // namespace Filter } // namespace Envoy ================================================ FILE: source/common/filter/http/filter_config_discovery_impl.h ================================================ #pragma once #include "envoy/config/core/v3/extension.pb.h" #include "envoy/config/core/v3/extension.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/filter/http/filter_config_provider.h" #include "envoy/protobuf/message_validator.h" #include "envoy/server/factory_context.h" #include "envoy/singleton/instance.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/config/subscription_base.h" #include "common/init/manager_impl.h" #include "common/init/target_impl.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Filter { namespace Http { class FilterConfigProviderManagerImpl; class FilterConfigSubscription; using FilterConfigSubscriptionSharedPtr = std::shared_ptr; /** * Implementation of a filter config provider using discovery subscriptions. **/ class DynamicFilterConfigProviderImpl : public FilterConfigProvider { public: DynamicFilterConfigProviderImpl(FilterConfigSubscriptionSharedPtr&& subscription, const std::set& require_type_urls, Server::Configuration::FactoryContext& factory_context); ~DynamicFilterConfigProviderImpl() override; // Config::ExtensionConfigProvider const std::string& name() override; absl::optional config() override; void validateConfig(const ProtobufWkt::Any& proto_config, Server::Configuration::NamedHttpFilterConfigFactory&) override; void onConfigUpdate(Envoy::Http::FilterFactoryCb config, const std::string&, Config::ConfigAppliedCb cb) override; private: struct ThreadLocalConfig : public ThreadLocal::ThreadLocalObject { ThreadLocalConfig() : config_{absl::nullopt} {} absl::optional config_{}; }; FilterConfigSubscriptionSharedPtr subscription_; const std::set require_type_urls_; // Currently applied configuration to ensure that the main thread deletes the last reference to // it. absl::optional current_config_{absl::nullopt}; ThreadLocal::SlotPtr tls_; // Local initialization target to ensure that the subscription starts in // case no warming is requested by any other filter config provider. Init::TargetImpl init_target_; friend class FilterConfigProviderManagerImpl; }; /** * All extension config discovery stats. @see stats_macros.h */ #define ALL_EXTENSION_CONFIG_DISCOVERY_STATS(COUNTER) \ COUNTER(config_reload) \ COUNTER(config_fail) /** * Struct definition for all extension config discovery stats. @see stats_macros.h */ struct ExtensionConfigDiscoveryStats { ALL_EXTENSION_CONFIG_DISCOVERY_STATS(GENERATE_COUNTER_STRUCT) }; /** * A class that fetches the filter configuration dynamically using the filter config discovery API. * Subscriptions are shared between the filter config providers. The filter config providers are * notified when a new config is accepted. */ class FilterConfigSubscription : Config::SubscriptionBase, Logger::Loggable { public: FilterConfigSubscription(const envoy::config::core::v3::ConfigSource& config_source, const std::string& filter_config_name, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix, FilterConfigProviderManagerImpl& filter_config_provider_manager, const std::string& subscription_id); ~FilterConfigSubscription() override; const Init::SharedTargetImpl& initTarget() { return init_target_; } const std::string& name() { return filter_config_name_; } private: void start(); // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string&) override; void onConfigUpdateFailed(Config::ConfigUpdateFailureReason reason, const EnvoyException*) override; const std::string filter_config_name_; uint64_t last_config_hash_{0ul}; Server::Configuration::FactoryContext& factory_context_; ProtobufMessage::ValidationVisitor& validator_; Init::SharedTargetImpl init_target_; bool started_{false}; Stats::ScopePtr scope_; const std::string stat_prefix_; ExtensionConfigDiscoveryStats stats_; // FilterConfigProviderManagerImpl maintains active subscriptions in a map. FilterConfigProviderManagerImpl& filter_config_provider_manager_; const std::string subscription_id_; absl::flat_hash_set filter_config_providers_; friend class DynamicFilterConfigProviderImpl; // This must be the last since its destructor may call out to stats to report // on draining requests. std::unique_ptr subscription_; }; /** * Provider implementation of a static filter config. **/ class StaticFilterConfigProviderImpl : public FilterConfigProvider { public: StaticFilterConfigProviderImpl(const Envoy::Http::FilterFactoryCb& config, const std::string filter_config_name) : config_(config), filter_config_name_(filter_config_name) {} // Config::ExtensionConfigProvider const std::string& name() override { return filter_config_name_; } absl::optional config() override { return config_; } void validateConfig(const ProtobufWkt::Any&, Server::Configuration::NamedHttpFilterConfigFactory&) override { NOT_REACHED_GCOVR_EXCL_LINE; } void onConfigUpdate(Envoy::Http::FilterFactoryCb, const std::string&, Config::ConfigAppliedCb) override { NOT_REACHED_GCOVR_EXCL_LINE; } private: Envoy::Http::FilterFactoryCb config_; const std::string filter_config_name_; }; /** * An implementation of FilterConfigProviderManager. */ class FilterConfigProviderManagerImpl : public FilterConfigProviderManager, public Singleton::Instance { public: FilterConfigProviderPtr createDynamicFilterConfigProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& filter_config_name, const std::set& require_type_urls, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix, bool apply_without_warming) override; FilterConfigProviderPtr createStaticFilterConfigProvider(const Envoy::Http::FilterFactoryCb& config, const std::string& filter_config_name) override { return std::make_unique(config, filter_config_name); } private: std::shared_ptr getSubscription(const envoy::config::core::v3::ConfigSource& config_source, const std::string& name, Server::Configuration::FactoryContext& factory_context, const std::string& stat_prefix); absl::flat_hash_map> subscriptions_; friend class FilterConfigSubscription; }; } // namespace Http } // namespace Filter } // namespace Envoy ================================================ FILE: source/common/formatter/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "substitution_formatter_lib", srcs = ["substitution_formatter.cc"], hdrs = ["substitution_formatter.h"], external_deps = ["abseil_str_format"], deps = [ "//include/envoy/formatter:substitution_formatter_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:metadata_lib", "//source/common/grpc:common_lib", "//source/common/http:utility_lib", "//source/common/protobuf:message_validator_lib", "//source/common/stream_info:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "substitution_format_string_lib", srcs = ["substitution_format_string.cc"], hdrs = ["substitution_format_string.h"], deps = [ ":substitution_formatter_lib", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/formatter/substitution_format_string.cc ================================================ #include "common/formatter/substitution_format_string.h" #include "common/formatter/substitution_formatter.h" namespace Envoy { namespace Formatter { FormatterPtr SubstitutionFormatStringUtils::createJsonFormatter(const ProtobufWkt::Struct& struct_format, bool preserve_types, bool omit_empty_values) { return std::make_unique(struct_format, preserve_types, omit_empty_values); } FormatterPtr SubstitutionFormatStringUtils::fromProtoConfig( const envoy::config::core::v3::SubstitutionFormatString& config) { switch (config.format_case()) { case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kTextFormat: return std::make_unique(config.text_format(), config.omit_empty_values()); case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kJsonFormat: { return createJsonFormatter(config.json_format(), true, config.omit_empty_values()); } default: NOT_REACHED_GCOVR_EXCL_LINE; } return nullptr; } } // namespace Formatter } // namespace Envoy ================================================ FILE: source/common/formatter/substitution_format_string.h ================================================ #pragma once #include #include "envoy/config/core/v3/substitution_format_string.pb.h" #include "envoy/formatter/substitution_formatter.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Formatter { /** * Utilities for using envoy::config::core::v3::SubstitutionFormatString */ class SubstitutionFormatStringUtils { public: /** * Generate a formatter object from config SubstitutionFormatString. */ static FormatterPtr fromProtoConfig(const envoy::config::core::v3::SubstitutionFormatString& config); /** * Generate a Json formatter object from proto::Struct config */ static FormatterPtr createJsonFormatter(const ProtobufWkt::Struct& struct_format, bool preserve_types, bool omit_empty_values); }; } // namespace Formatter } // namespace Envoy ================================================ FILE: source/common/formatter/substitution_formatter.cc ================================================ #include "common/formatter/substitution_formatter.h" #include #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/metadata.h" #include "common/grpc/common.h" #include "common/grpc/status.h" #include "common/http/utility.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/stream_info/utility.h" #include "absl/strings/str_split.h" #include "fmt/format.h" using Envoy::Config::Metadata; namespace Envoy { namespace Formatter { static const std::string DefaultUnspecifiedValueString = "-"; namespace { const ProtobufWkt::Value& unspecifiedValue() { return ValueUtil::nullValue(); } void truncate(std::string& str, absl::optional max_length) { if (!max_length) { return; } str = str.substr(0, max_length.value()); } // Matches newline pattern in a StartTimeFormatter format string. const std::regex& getStartTimeNewlinePattern() { CONSTRUCT_ON_FIRST_USE(std::regex, "%[-_0^#]*[1-9]*(E|O)?n"); } const std::regex& getNewlinePattern() { CONSTRUCT_ON_FIRST_USE(std::regex, "\n"); } template struct JsonFormatMapVisitor : Ts... { using Ts::operator()...; }; template JsonFormatMapVisitor(Ts...) -> JsonFormatMapVisitor; } // namespace const std::string SubstitutionFormatUtils::DEFAULT_FORMAT = "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" " "%RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% " "%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% " "\"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" " "\"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\"\n"; FormatterPtr SubstitutionFormatUtils::defaultSubstitutionFormatter() { return FormatterPtr{new FormatterImpl(DEFAULT_FORMAT, false)}; } const absl::optional> SubstitutionFormatUtils::protocolToString(const absl::optional& protocol) { if (protocol) { return Http::Utility::getProtocolString(protocol.value()); } return absl::nullopt; } const std::string& SubstitutionFormatUtils::protocolToStringOrDefault(const absl::optional& protocol) { if (protocol) { return Http::Utility::getProtocolString(protocol.value()); } return DefaultUnspecifiedValueString; } const absl::optional SubstitutionFormatUtils::getHostname() { #ifdef HOST_NAME_MAX const size_t len = HOST_NAME_MAX; #else // This is notably the case in OSX. const size_t len = 255; #endif char name[len]; Api::OsSysCalls& os_sys_calls = Api::OsSysCallsSingleton::get(); const Api::SysCallIntResult result = os_sys_calls.gethostname(name, len); absl::optional hostname; if (result.rc_ == 0) { hostname = name; } return hostname; } const std::string SubstitutionFormatUtils::getHostnameOrDefault() { absl::optional hostname = getHostname(); if (hostname.has_value()) { return hostname.value(); } return DefaultUnspecifiedValueString; } FormatterImpl::FormatterImpl(const std::string& format, bool omit_empty_values) : empty_value_string_(omit_empty_values ? EMPTY_STRING : DefaultUnspecifiedValueString) { providers_ = SubstitutionFormatParser::parse(format); } std::string FormatterImpl::format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const { std::string log_line; log_line.reserve(256); for (const FormatterProviderPtr& provider : providers_) { const auto bit = provider->format(request_headers, response_headers, response_trailers, stream_info, local_reply_body); log_line += bit.value_or(empty_value_string_); } return log_line; } std::string JsonFormatterImpl::format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const { const auto output_struct = toStruct(request_headers, response_headers, response_trailers, stream_info, local_reply_body); const std::string log_line = MessageUtil::getJsonStringFromMessage(output_struct, false, true); return absl::StrCat(log_line, "\n"); } JsonFormatterImpl::JsonFormatMapWrapper JsonFormatterImpl::toFormatMap(const ProtobufWkt::Struct& json_format) const { auto output = std::make_unique(); for (const auto& pair : json_format.fields()) { switch (pair.second.kind_case()) { case ProtobufWkt::Value::kStringValue: output->emplace(pair.first, SubstitutionFormatParser::parse(pair.second.string_value())); break; case ProtobufWkt::Value::kStructValue: output->emplace(pair.first, toFormatMap(pair.second.struct_value())); break; default: throw EnvoyException( "Only string values or nested structs are supported in the JSON access log format."); } } return {std::move(output)}; }; ProtobufWkt::Struct JsonFormatterImpl::toStruct(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const { const std::string& empty_value = omit_empty_values_ ? EMPTY_STRING : DefaultUnspecifiedValueString; const std::function&)> providers_callback = [&](const std::vector& providers) { ASSERT(!providers.empty()); if (providers.size() == 1) { const auto& provider = providers.front(); if (preserve_types_) { return provider->formatValue(request_headers, response_headers, response_trailers, stream_info, local_reply_body); } if (omit_empty_values_) { return ValueUtil::optionalStringValue( provider->format(request_headers, response_headers, response_trailers, stream_info, local_reply_body)); } const auto str = provider->format(request_headers, response_headers, response_trailers, stream_info, local_reply_body); return ValueUtil::stringValue(str.value_or(DefaultUnspecifiedValueString)); } // Multiple providers forces string output. std::string str; for (const auto& provider : providers) { const auto bit = provider->format(request_headers, response_headers, response_trailers, stream_info, local_reply_body); str += bit.value_or(empty_value); } return ValueUtil::stringValue(str); }; const std::function json_format_map_callback = [&](const JsonFormatterImpl::JsonFormatMapWrapper& format) { ProtobufWkt::Struct output; auto* fields = output.mutable_fields(); JsonFormatMapVisitor visitor{json_format_map_callback, providers_callback}; for (const auto& pair : *format.value_) { ProtobufWkt::Value value = absl::visit(visitor, pair.second); if (omit_empty_values_ && value.kind_case() == ProtobufWkt::Value::kNullValue) { continue; } (*fields)[pair.first] = value; } return ValueUtil::structValue(output); }; return json_format_map_callback(json_output_format_).struct_value(); } void SubstitutionFormatParser::parseCommandHeader(const std::string& token, const size_t start, std::string& main_header, std::string& alternative_header, absl::optional& max_length) { std::vector subs; parseCommand(token, start, "?", main_header, subs, max_length); if (subs.size() > 1) { throw EnvoyException( // Header format rules support only one alternative header. // docs/root/configuration/access_log.rst#format-rules absl::StrCat("More than 1 alternative header specified in token: ", token)); } if (subs.size() == 1) { alternative_header = subs.front(); } else { alternative_header = ""; } // The main and alternative header should not contain invalid characters {NUL, LR, CF}. if (std::regex_search(main_header, getNewlinePattern()) || std::regex_search(alternative_header, getNewlinePattern())) { throw EnvoyException("Invalid header configuration. Format string contains newline."); } } void SubstitutionFormatParser::parseCommand(const std::string& token, const size_t start, const std::string& separator, std::string& main, std::vector& sub_items, absl::optional& max_length) { // TODO(dnoe): Convert this to use string_view throughout. const size_t end_request = token.find(')', start); sub_items.clear(); if (end_request != token.length() - 1) { // Closing bracket is not found. if (end_request == std::string::npos) { throw EnvoyException(absl::StrCat("Closing bracket is missing in token: ", token)); } // Closing bracket should be either last one or followed by ':' to denote limitation. if (token[end_request + 1] != ':') { throw EnvoyException(absl::StrCat("Incorrect position of ')' in token: ", token)); } const auto length_str = absl::string_view(token).substr(end_request + 2); uint64_t length_value; if (!absl::SimpleAtoi(length_str, &length_value)) { throw EnvoyException(absl::StrCat("Length must be an integer, given: ", length_str)); } max_length = length_value; } const std::string name_data = token.substr(start, end_request - start); if (!separator.empty()) { const std::vector keys = absl::StrSplit(name_data, separator); if (!keys.empty()) { // The main value is the first key main = keys.at(0); if (keys.size() > 1) { // Sub items contain additional keys sub_items.insert(sub_items.end(), keys.begin() + 1, keys.end()); } } } else { main = name_data; } } // TODO(derekargueta): #2967 - Rewrite SubstitutionFormatter with parser library & formal grammar std::vector SubstitutionFormatParser::parse(const std::string& format) { std::string current_token; std::vector formatters; static constexpr absl::string_view DYNAMIC_META_TOKEN{"DYNAMIC_METADATA("}; static constexpr absl::string_view FILTER_STATE_TOKEN{"FILTER_STATE("}; const std::regex command_w_args_regex(R"EOF(^%([A-Z]|_)+(\([^\)]*\))?(:[0-9]+)?(%))EOF"); static constexpr absl::string_view PLAIN_SERIALIZATION{"PLAIN"}; static constexpr absl::string_view TYPED_SERIALIZATION{"TYPED"}; for (size_t pos = 0; pos < format.length(); ++pos) { if (format[pos] == '%') { if (!current_token.empty()) { formatters.emplace_back(FormatterProviderPtr{new PlainStringFormatter(current_token)}); current_token = ""; } std::smatch m; const std::string search_space = format.substr(pos); if (!std::regex_search(search_space, m, command_w_args_regex)) { throw EnvoyException( fmt::format("Incorrect configuration: {}. Couldn't find valid command at position {}", format, pos)); } const std::string match = m.str(0); const std::string token = match.substr(1, match.length() - 2); pos += 1; const int command_end_position = pos + token.length(); if (absl::StartsWith(token, "REQ(")) { std::string main_header, alternative_header; absl::optional max_length; parseCommandHeader(token, ReqParamStart, main_header, alternative_header, max_length); formatters.emplace_back(FormatterProviderPtr{ new RequestHeaderFormatter(main_header, alternative_header, max_length)}); } else if (absl::StartsWith(token, "RESP(")) { std::string main_header, alternative_header; absl::optional max_length; parseCommandHeader(token, RespParamStart, main_header, alternative_header, max_length); formatters.emplace_back(FormatterProviderPtr{ new ResponseHeaderFormatter(main_header, alternative_header, max_length)}); } else if (absl::StartsWith(token, "TRAILER(")) { std::string main_header, alternative_header; absl::optional max_length; parseCommandHeader(token, TrailParamStart, main_header, alternative_header, max_length); formatters.emplace_back(FormatterProviderPtr{ new ResponseTrailerFormatter(main_header, alternative_header, max_length)}); } else if (absl::StartsWith(token, "LOCAL_REPLY_BODY")) { formatters.emplace_back(std::make_unique()); } else if (absl::StartsWith(token, DYNAMIC_META_TOKEN)) { std::string filter_namespace; absl::optional max_length; std::vector path; const size_t start = DYNAMIC_META_TOKEN.size(); parseCommand(token, start, ":", filter_namespace, path, max_length); formatters.emplace_back( FormatterProviderPtr{new DynamicMetadataFormatter(filter_namespace, path, max_length)}); } else if (absl::StartsWith(token, FILTER_STATE_TOKEN)) { std::string key; absl::optional max_length; std::vector path; const size_t start = FILTER_STATE_TOKEN.size(); parseCommand(token, start, ":", key, path, max_length); if (key.empty()) { throw EnvoyException("Invalid filter state configuration, key cannot be empty."); } const absl::string_view serialize_type = !path.empty() ? path[path.size() - 1] : TYPED_SERIALIZATION; if (serialize_type != PLAIN_SERIALIZATION && serialize_type != TYPED_SERIALIZATION) { throw EnvoyException("Invalid filter state serialize type, only support PLAIN/TYPED."); } const bool serialize_as_string = serialize_type == PLAIN_SERIALIZATION; formatters.push_back( std::make_unique(key, max_length, serialize_as_string)); } else if (absl::StartsWith(token, "START_TIME")) { const size_t parameters_length = pos + StartTimeParamStart + 1; const size_t parameters_end = command_end_position - parameters_length; const std::string args = token[StartTimeParamStart - 1] == '(' ? token.substr(StartTimeParamStart, parameters_end) : ""; // Validate the input specifier here. The formatted string may be destined for a header, and // should not contain invalid characters {NUL, LR, CF}. if (std::regex_search(args, getStartTimeNewlinePattern())) { throw EnvoyException("Invalid header configuration. Format string contains newline."); } formatters.emplace_back(FormatterProviderPtr{new StartTimeFormatter(args)}); } else if (absl::StartsWith(token, "GRPC_STATUS")) { formatters.emplace_back(FormatterProviderPtr{ new GrpcStatusFormatter("grpc-status", "", absl::optional())}); } else { formatters.emplace_back(FormatterProviderPtr{new StreamInfoFormatter(token)}); } pos = command_end_position; } else { current_token += format[pos]; } } if (!current_token.empty()) { formatters.emplace_back(FormatterProviderPtr{new PlainStringFormatter(current_token)}); } return formatters; } // StreamInfo std::string field extractor. class StreamInfoStringFieldExtractor : public StreamInfoFormatter::FieldExtractor { public: using FieldExtractor = std::function(const StreamInfo::StreamInfo&)>; StreamInfoStringFieldExtractor(FieldExtractor f) : field_extractor_(f) {} // StreamInfoFormatter::FieldExtractor absl::optional extract(const StreamInfo::StreamInfo& stream_info) const override { return field_extractor_(stream_info); } ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo& stream_info) const override { return ValueUtil::optionalStringValue(field_extractor_(stream_info)); } private: FieldExtractor field_extractor_; }; // StreamInfo std::chrono_nanoseconds field extractor. class StreamInfoDurationFieldExtractor : public StreamInfoFormatter::FieldExtractor { public: using FieldExtractor = std::function(const StreamInfo::StreamInfo&)>; StreamInfoDurationFieldExtractor(FieldExtractor f) : field_extractor_(f) {} // StreamInfoFormatter::FieldExtractor absl::optional extract(const StreamInfo::StreamInfo& stream_info) const override { const auto millis = extractMillis(stream_info); if (!millis) { return absl::nullopt; } return fmt::format_int(millis.value()).str(); } ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo& stream_info) const override { const auto millis = extractMillis(stream_info); if (!millis) { return unspecifiedValue(); } return ValueUtil::numberValue(millis.value()); } private: absl::optional extractMillis(const StreamInfo::StreamInfo& stream_info) const { const auto time = field_extractor_(stream_info); if (time) { return std::chrono::duration_cast(time.value()).count(); } return absl::nullopt; } FieldExtractor field_extractor_; }; // StreamInfo uint64_t field extractor. class StreamInfoUInt64FieldExtractor : public StreamInfoFormatter::FieldExtractor { public: using FieldExtractor = std::function; StreamInfoUInt64FieldExtractor(FieldExtractor f) : field_extractor_(f) {} // StreamInfoFormatter::FieldExtractor absl::optional extract(const StreamInfo::StreamInfo& stream_info) const override { return fmt::format_int(field_extractor_(stream_info)).str(); } ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo& stream_info) const override { return ValueUtil::numberValue(field_extractor_(stream_info)); } private: FieldExtractor field_extractor_; }; // StreamInfo Envoy::Network::Address::InstanceConstSharedPtr field extractor. class StreamInfoAddressFieldExtractor : public StreamInfoFormatter::FieldExtractor { public: using FieldExtractor = std::function; static std::unique_ptr withPort(FieldExtractor f) { return std::make_unique( f, StreamInfoFormatter::StreamInfoAddressFieldExtractionType::WithPort); } static std::unique_ptr withoutPort(FieldExtractor f) { return std::make_unique( f, StreamInfoFormatter::StreamInfoAddressFieldExtractionType::WithoutPort); } static std::unique_ptr justPort(FieldExtractor f) { return std::make_unique( f, StreamInfoFormatter::StreamInfoAddressFieldExtractionType::JustPort); } StreamInfoAddressFieldExtractor( FieldExtractor f, StreamInfoFormatter::StreamInfoAddressFieldExtractionType extraction_type) : field_extractor_(f), extraction_type_(extraction_type) {} // StreamInfoFormatter::FieldExtractor absl::optional extract(const StreamInfo::StreamInfo& stream_info) const override { Network::Address::InstanceConstSharedPtr address = field_extractor_(stream_info); if (!address) { return absl::nullopt; } return toString(*address); } ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo& stream_info) const override { Network::Address::InstanceConstSharedPtr address = field_extractor_(stream_info); if (!address) { return unspecifiedValue(); } return ValueUtil::stringValue(toString(*address)); } private: std::string toString(const Network::Address::Instance& address) const { switch (extraction_type_) { case StreamInfoFormatter::StreamInfoAddressFieldExtractionType::WithoutPort: return StreamInfo::Utility::formatDownstreamAddressNoPort(address); case StreamInfoFormatter::StreamInfoAddressFieldExtractionType::JustPort: return StreamInfo::Utility::formatDownstreamAddressJustPort(address); case StreamInfoFormatter::StreamInfoAddressFieldExtractionType::WithPort: default: return address.asString(); } } FieldExtractor field_extractor_; const StreamInfoFormatter::StreamInfoAddressFieldExtractionType extraction_type_; }; // Ssl::ConnectionInfo std::string field extractor. class StreamInfoSslConnectionInfoFieldExtractor : public StreamInfoFormatter::FieldExtractor { public: using FieldExtractor = std::function(const Ssl::ConnectionInfo& connection_info)>; StreamInfoSslConnectionInfoFieldExtractor(FieldExtractor f) : field_extractor_(f) {} absl::optional extract(const StreamInfo::StreamInfo& stream_info) const override { if (stream_info.downstreamSslConnection() == nullptr) { return absl::nullopt; } const auto value = field_extractor_(*stream_info.downstreamSslConnection()); if (value && value->empty()) { return absl::nullopt; } return value; } ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo& stream_info) const override { if (stream_info.downstreamSslConnection() == nullptr) { return unspecifiedValue(); } const auto value = field_extractor_(*stream_info.downstreamSslConnection()); if (value && value->empty()) { return unspecifiedValue(); } return ValueUtil::optionalStringValue(value); } private: FieldExtractor field_extractor_; }; StreamInfoFormatter::StreamInfoFormatter(const std::string& field_name) { if (field_name == "REQUEST_DURATION") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.lastDownstreamRxByteReceived(); }); } else if (field_name == "RESPONSE_DURATION") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.firstUpstreamRxByteReceived(); }); } else if (field_name == "RESPONSE_TX_DURATION") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { auto downstream = stream_info.lastDownstreamTxByteSent(); auto upstream = stream_info.firstUpstreamRxByteReceived(); absl::optional result; if (downstream && upstream) { result = downstream.value() - upstream.value(); } return result; }); } else if (field_name == "BYTES_RECEIVED") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.bytesReceived(); }); } else if (field_name == "PROTOCOL") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return SubstitutionFormatUtils::protocolToString(stream_info.protocol()); }); } else if (field_name == "RESPONSE_CODE") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.responseCode().value_or(0); }); } else if (field_name == "RESPONSE_CODE_DETAILS") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.responseCodeDetails(); }); } else if (field_name == "CONNECTION_TERMINATION_DETAILS") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.connectionTerminationDetails(); }); } else if (field_name == "BYTES_SENT") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.bytesSent(); }); } else if (field_name == "DURATION") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.requestComplete(); }); } else if (field_name == "RESPONSE_FLAGS") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return StreamInfo::ResponseFlagUtils::toShortString(stream_info); }); } else if (field_name == "UPSTREAM_HOST") { field_extractor_ = StreamInfoAddressFieldExtractor::withPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.upstreamHost() ? stream_info.upstreamHost()->address() : nullptr; }); } else if (field_name == "UPSTREAM_CLUSTER") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { std::string upstream_cluster_name; if (nullptr != stream_info.upstreamHost()) { upstream_cluster_name = stream_info.upstreamHost()->cluster().name(); } return upstream_cluster_name.empty() ? absl::nullopt : absl::make_optional(upstream_cluster_name); }); } else if (field_name == "UPSTREAM_LOCAL_ADDRESS") { field_extractor_ = StreamInfoAddressFieldExtractor::withPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.upstreamLocalAddress(); }); } else if (field_name == "DOWNSTREAM_LOCAL_ADDRESS") { field_extractor_ = StreamInfoAddressFieldExtractor::withPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamLocalAddress(); }); } else if (field_name == "DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT") { field_extractor_ = StreamInfoAddressFieldExtractor::withoutPort( [](const Envoy::StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamLocalAddress(); }); } else if (field_name == "DOWNSTREAM_LOCAL_PORT") { field_extractor_ = StreamInfoAddressFieldExtractor::justPort( [](const Envoy::StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamLocalAddress(); }); } else if (field_name == "DOWNSTREAM_REMOTE_ADDRESS") { field_extractor_ = StreamInfoAddressFieldExtractor::withPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamRemoteAddress(); }); } else if (field_name == "DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT") { field_extractor_ = StreamInfoAddressFieldExtractor::withoutPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamRemoteAddress(); }); } else if (field_name == "DOWNSTREAM_DIRECT_REMOTE_ADDRESS") { field_extractor_ = StreamInfoAddressFieldExtractor::withPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamDirectRemoteAddress(); }); } else if (field_name == "DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT") { field_extractor_ = StreamInfoAddressFieldExtractor::withoutPort([](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamDirectRemoteAddress(); }); } else if (field_name == "CONNECTION_ID") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { return stream_info.connectionID().value_or(0); }); } else if (field_name == "REQUESTED_SERVER_NAME") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { absl::optional result; if (!stream_info.requestedServerName().empty()) { result = stream_info.requestedServerName(); } return result; }); } else if (field_name == "ROUTE_NAME") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { absl::optional result; std::string route_name = stream_info.getRouteName(); if (!route_name.empty()) { result = route_name; } return result; }); } else if (field_name == "DOWNSTREAM_PEER_URI_SAN") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return absl::StrJoin(connection_info.uriSanPeerCertificate(), ","); }); } else if (field_name == "DOWNSTREAM_LOCAL_URI_SAN") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return absl::StrJoin(connection_info.uriSanLocalCertificate(), ","); }); } else if (field_name == "DOWNSTREAM_PEER_SUBJECT") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.subjectPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_LOCAL_SUBJECT") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.subjectLocalCertificate(); }); } else if (field_name == "DOWNSTREAM_TLS_SESSION_ID") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.sessionId(); }); } else if (field_name == "DOWNSTREAM_TLS_CIPHER") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.ciphersuiteString(); }); } else if (field_name == "DOWNSTREAM_TLS_VERSION") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.tlsVersion(); }); } else if (field_name == "DOWNSTREAM_PEER_FINGERPRINT_256") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.sha256PeerCertificateDigest(); }); } else if (field_name == "DOWNSTREAM_PEER_FINGERPRINT_1") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.sha1PeerCertificateDigest(); }); } else if (field_name == "DOWNSTREAM_PEER_SERIAL") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.serialNumberPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_ISSUER") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.issuerPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_CERT") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.urlEncodedPemEncodedPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_CERT_V_START") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { absl::optional time = connection_info.validFromPeerCertificate(); absl::optional result; if (time.has_value()) { result = AccessLogDateTimeFormatter::fromTime(time.value()); } return result; }); } else if (field_name == "DOWNSTREAM_PEER_CERT_V_END") { field_extractor_ = std::make_unique( [](const Ssl::ConnectionInfo& connection_info) { absl::optional time = connection_info.expirationPeerCertificate(); absl::optional result; if (time.has_value()) { result = AccessLogDateTimeFormatter::fromTime(time.value()); } return result; }); } else if (field_name == "UPSTREAM_TRANSPORT_FAILURE_REASON") { field_extractor_ = std::make_unique( [](const StreamInfo::StreamInfo& stream_info) { absl::optional result; if (!stream_info.upstreamTransportFailureReason().empty()) { result = stream_info.upstreamTransportFailureReason(); } return result; }); } else if (field_name == "HOSTNAME") { absl::optional hostname = SubstitutionFormatUtils::getHostname(); field_extractor_ = std::make_unique( [hostname](const StreamInfo::StreamInfo&) { return hostname; }); } else { throw EnvoyException(fmt::format("Not supported field in StreamInfo: {}", field_name)); } } absl::optional StreamInfoFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { return field_extractor_->extract(stream_info); } ProtobufWkt::Value StreamInfoFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { return field_extractor_->extractValue(stream_info); } PlainStringFormatter::PlainStringFormatter(const std::string& str) { str_.set_string_value(str); } absl::optional PlainStringFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return str_.string_value(); } ProtobufWkt::Value PlainStringFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return str_; } absl::optional LocalReplyBodyFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view local_reply_body) const { return std::string(local_reply_body); } ProtobufWkt::Value LocalReplyBodyFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view local_reply_body) const { return ValueUtil::stringValue(std::string(local_reply_body)); } HeaderFormatter::HeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length) : main_header_(main_header), alternative_header_(alternative_header), max_length_(max_length) {} const Http::HeaderEntry* HeaderFormatter::findHeader(const Http::HeaderMap& headers) const { const Http::HeaderEntry* header = headers.get(main_header_); if (!header && !alternative_header_.get().empty()) { return headers.get(alternative_header_); } return header; } absl::optional HeaderFormatter::format(const Http::HeaderMap& headers) const { const Http::HeaderEntry* header = findHeader(headers); if (!header) { return absl::nullopt; } std::string val = std::string(header->value().getStringView()); truncate(val, max_length_); return val; } ProtobufWkt::Value HeaderFormatter::formatValue(const Http::HeaderMap& headers) const { const Http::HeaderEntry* header = findHeader(headers); if (!header) { return unspecifiedValue(); } std::string val = std::string(header->value().getStringView()); truncate(val, max_length_); return ValueUtil::stringValue(val); } ResponseHeaderFormatter::ResponseHeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length) : HeaderFormatter(main_header, alternative_header, max_length) {} absl::optional ResponseHeaderFormatter::format( const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::format(response_headers); } ProtobufWkt::Value ResponseHeaderFormatter::formatValue( const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::formatValue(response_headers); } RequestHeaderFormatter::RequestHeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length) : HeaderFormatter(main_header, alternative_header, max_length) {} absl::optional RequestHeaderFormatter::format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::format(request_headers); } ProtobufWkt::Value RequestHeaderFormatter::formatValue(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::formatValue(request_headers); } ResponseTrailerFormatter::ResponseTrailerFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length) : HeaderFormatter(main_header, alternative_header, max_length) {} absl::optional ResponseTrailerFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::format(response_trailers); } ProtobufWkt::Value ResponseTrailerFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo&, absl::string_view) const { return HeaderFormatter::formatValue(response_trailers); } GrpcStatusFormatter::GrpcStatusFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length) : HeaderFormatter(main_header, alternative_header, max_length) {} absl::optional GrpcStatusFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& info, absl::string_view) const { const auto grpc_status = Grpc::Common::getGrpcStatus(response_trailers, response_headers, info, true); if (!grpc_status.has_value()) { return absl::nullopt; } const auto grpc_status_message = Grpc::Utility::grpcStatusToString(grpc_status.value()); if (grpc_status_message == EMPTY_STRING || grpc_status_message == "InvalidCode") { return std::to_string(grpc_status.value()); } return grpc_status_message; } ProtobufWkt::Value GrpcStatusFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& info, absl::string_view) const { const auto grpc_status = Grpc::Common::getGrpcStatus(response_trailers, response_headers, info, true); if (!grpc_status.has_value()) { return unspecifiedValue(); } const auto grpc_status_message = Grpc::Utility::grpcStatusToString(grpc_status.value()); if (grpc_status_message == EMPTY_STRING || grpc_status_message == "InvalidCode") { return ValueUtil::stringValue(std::to_string(grpc_status.value())); } return ValueUtil::stringValue(grpc_status_message); } MetadataFormatter::MetadataFormatter(const std::string& filter_namespace, const std::vector& path, absl::optional max_length) : filter_namespace_(filter_namespace), path_(path), max_length_(max_length) {} absl::optional MetadataFormatter::formatMetadata(const envoy::config::core::v3::Metadata& metadata) const { ProtobufWkt::Value value = formatMetadataValue(metadata); if (value.kind_case() == ProtobufWkt::Value::kNullValue) { return absl::nullopt; } std::string json = MessageUtil::getJsonStringFromMessage(value, false, true); truncate(json, max_length_); return json; } ProtobufWkt::Value MetadataFormatter::formatMetadataValue(const envoy::config::core::v3::Metadata& metadata) const { if (path_.empty()) { const auto filter_it = metadata.filter_metadata().find(filter_namespace_); if (filter_it == metadata.filter_metadata().end()) { return unspecifiedValue(); } ProtobufWkt::Value output; output.mutable_struct_value()->CopyFrom(filter_it->second); return output; } const ProtobufWkt::Value& val = Metadata::metadataValue(&metadata, filter_namespace_, path_); if (val.kind_case() == ProtobufWkt::Value::KindCase::KIND_NOT_SET) { return unspecifiedValue(); } return val; } // TODO(glicht): Consider adding support for route/listener/cluster metadata as suggested by @htuch. // See: https://github.com/envoyproxy/envoy/issues/3006 DynamicMetadataFormatter::DynamicMetadataFormatter(const std::string& filter_namespace, const std::vector& path, absl::optional max_length) : MetadataFormatter(filter_namespace, path, max_length) {} absl::optional DynamicMetadataFormatter::format( const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { return MetadataFormatter::formatMetadata(stream_info.dynamicMetadata()); } ProtobufWkt::Value DynamicMetadataFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { return MetadataFormatter::formatMetadataValue(stream_info.dynamicMetadata()); } FilterStateFormatter::FilterStateFormatter(const std::string& key, absl::optional max_length, bool serialize_as_string) : key_(key), max_length_(max_length), serialize_as_string_(serialize_as_string) {} const Envoy::StreamInfo::FilterState::Object* FilterStateFormatter::filterState(const StreamInfo::StreamInfo& stream_info) const { const StreamInfo::FilterState& filter_state = stream_info.filterState(); if (!filter_state.hasDataWithName(key_)) { return nullptr; } return &filter_state.getDataReadOnly(key_); } absl::optional FilterStateFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { const Envoy::StreamInfo::FilterState::Object* state = filterState(stream_info); if (!state) { return absl::nullopt; } if (serialize_as_string_) { absl::optional plain_value = state->serializeAsString(); if (plain_value.has_value()) { truncate(plain_value.value(), max_length_); return plain_value.value(); } return absl::nullopt; } ProtobufTypes::MessagePtr proto = state->serializeAsProto(); if (proto == nullptr) { return absl::nullopt; } std::string value; const auto status = Protobuf::util::MessageToJsonString(*proto, &value); if (!status.ok()) { // If the message contains an unknown Any (from WASM or Lua), MessageToJsonString will fail. // TODO(lizan): add support of unknown Any. return absl::nullopt; } truncate(value, max_length_); return value; } ProtobufWkt::Value FilterStateFormatter::formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { const Envoy::StreamInfo::FilterState::Object* state = filterState(stream_info); if (!state) { return unspecifiedValue(); } if (serialize_as_string_) { absl::optional plain_value = state->serializeAsString(); if (plain_value.has_value()) { truncate(plain_value.value(), max_length_); return ValueUtil::stringValue(plain_value.value()); } return unspecifiedValue(); } ProtobufTypes::MessagePtr proto = state->serializeAsProto(); if (!proto) { return unspecifiedValue(); } ProtobufWkt::Value val; try { MessageUtil::jsonConvertValue(*proto, val); } catch (EnvoyException& ex) { return unspecifiedValue(); } return val; } StartTimeFormatter::StartTimeFormatter(const std::string& format) : date_formatter_(format) {} absl::optional StartTimeFormatter::format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info, absl::string_view) const { if (date_formatter_.formatString().empty()) { return AccessLogDateTimeFormatter::fromTime(stream_info.startTime()); } return date_formatter_.fromTime(stream_info.startTime()); } ProtobufWkt::Value StartTimeFormatter::formatValue( const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const { return ValueUtil::optionalStringValue( format(request_headers, response_headers, response_trailers, stream_info, local_reply_body)); } } // namespace Formatter } // namespace Envoy ================================================ FILE: source/common/formatter/substitution_formatter.h ================================================ #pragma once #include #include #include #include "envoy/common/time.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/formatter/substitution_formatter.h" #include "envoy/stream_info/stream_info.h" #include "common/common/utility.h" #include "absl/container/flat_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Formatter { /** * Access log format parser. */ class SubstitutionFormatParser { public: static std::vector parse(const std::string& format); private: /** * Parse a header format rule of the form: %REQ(X?Y):Z% . * Will populate a main_header and an optional alternative header if specified. * See doc: * docs/root/configuration/access_log.rst#format-rules */ static void parseCommandHeader(const std::string& token, const size_t start, std::string& main_header, std::string& alternative_header, absl::optional& max_length); /** * General parse command utility. Will parse token from start position. Token is expected to end * with ')'. An optional ":max_length" may be specified after the closing ')' char. Token may * contain multiple values separated by "separator" string. First value will be populated in * "main" and any additional sub values will be set in the vector "subitems". For example token * of: "com.test.my_filter:test_object:inner_key):100" with separator of ":" will set the * following: * - main: com.test.my_filter * - subitems: {test_object, inner_key} * - max_length: 100 * * @param token the token to parse * @param start the index to start parsing from * @param separator separator between values * @param main the first value * @param sub_items any additional values * @param max_length optional max_length will be populated if specified * * TODO(glicht) Rewrite with a parser library. See: * https://github.com/envoyproxy/envoy/issues/2967 */ static void parseCommand(const std::string& token, const size_t start, const std::string& separator, std::string& main, std::vector& sub_items, absl::optional& max_length); // the indexes of where the parameters for each directive is expected to begin static const size_t ReqParamStart{sizeof("REQ(") - 1}; static const size_t RespParamStart{sizeof("RESP(") - 1}; static const size_t TrailParamStart{sizeof("TRAILER(") - 1}; static const size_t StartTimeParamStart{sizeof("START_TIME(") - 1}; }; /** * Util class for access log format. */ class SubstitutionFormatUtils { public: static FormatterPtr defaultSubstitutionFormatter(); // Optional references are not supported, but this method has large performance // impact, so using reference_wrapper. static const absl::optional> protocolToString(const absl::optional& protocol); static const std::string& protocolToStringOrDefault(const absl::optional& protocol); static const absl::optional getHostname(); static const std::string getHostnameOrDefault(); private: SubstitutionFormatUtils(); static const std::string DEFAULT_FORMAT; }; /** * Composite formatter implementation. */ class FormatterImpl : public Formatter { public: FormatterImpl(const std::string& format, bool omit_empty_values = false); // Formatter::format std::string format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const override; private: const std::string& empty_value_string_; std::vector providers_; }; class JsonFormatterImpl : public Formatter { public: JsonFormatterImpl(const ProtobufWkt::Struct& format_mapping, bool preserve_types, bool omit_empty_values) : omit_empty_values_(omit_empty_values), preserve_types_(preserve_types), json_output_format_(toFormatMap(format_mapping)) {} // Formatter::format std::string format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const override; private: struct JsonFormatMapWrapper; using JsonFormatMapValue = absl::variant, const JsonFormatMapWrapper>; // Although not required for JSON, it is nice to have the order of properties // preserved between the format and the log entry, thus std::map. using JsonFormatMap = std::map; using JsonFormatMapPtr = std::unique_ptr; struct JsonFormatMapWrapper { JsonFormatMapPtr value_; }; bool omit_empty_values_; bool preserve_types_; const JsonFormatMapWrapper json_output_format_; ProtobufWkt::Struct toStruct(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, absl::string_view local_reply_body) const; JsonFormatMapWrapper toFormatMap(const ProtobufWkt::Struct& json_format) const; }; /** * FormatterProvider for string literals. It ignores headers and stream info and returns string by * which it was initialized. */ class PlainStringFormatter : public FormatterProvider { public: PlainStringFormatter(const std::string& str); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; private: ProtobufWkt::Value str_; }; /** * FormatterProvider for local_reply_body. It returns the string from `local_reply_body` argument. */ class LocalReplyBodyFormatter : public FormatterProvider { public: LocalReplyBodyFormatter() = default; // Formatter::format absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view local_reply_body) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view local_reply_body) const override; }; class HeaderFormatter { public: HeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length); protected: absl::optional format(const Http::HeaderMap& headers) const; ProtobufWkt::Value formatValue(const Http::HeaderMap& headers) const; private: const Http::HeaderEntry* findHeader(const Http::HeaderMap& headers) const; Http::LowerCaseString main_header_; Http::LowerCaseString alternative_header_; absl::optional max_length_; }; /** * FormatterProvider for request headers. */ class RequestHeaderFormatter : public FormatterProvider, HeaderFormatter { public: RequestHeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length); // FormatterProvider absl::optional format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; }; /** * FormatterProvider for response headers. */ class ResponseHeaderFormatter : public FormatterProvider, HeaderFormatter { public: ResponseHeaderFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; }; /** * FormatterProvider for response trailers. */ class ResponseTrailerFormatter : public FormatterProvider, HeaderFormatter { public: ResponseTrailerFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; }; /** * FormatterProvider for grpc-status */ class GrpcStatusFormatter : public FormatterProvider, HeaderFormatter { public: GrpcStatusFormatter(const std::string& main_header, const std::string& alternative_header, absl::optional max_length); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; }; /** * FormatterProvider based on StreamInfo fields. */ class StreamInfoFormatter : public FormatterProvider { public: StreamInfoFormatter(const std::string& field_name); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; class FieldExtractor { public: virtual ~FieldExtractor() = default; virtual absl::optional extract(const StreamInfo::StreamInfo&) const PURE; virtual ProtobufWkt::Value extractValue(const StreamInfo::StreamInfo&) const PURE; }; using FieldExtractorPtr = std::unique_ptr; enum class StreamInfoAddressFieldExtractionType { WithPort, WithoutPort, JustPort }; private: FieldExtractorPtr field_extractor_; }; /** * Base formatter for formatting Metadata objects */ class MetadataFormatter { public: MetadataFormatter(const std::string& filter_namespace, const std::vector& path, absl::optional max_length); protected: absl::optional formatMetadata(const envoy::config::core::v3::Metadata& metadata) const; ProtobufWkt::Value formatMetadataValue(const envoy::config::core::v3::Metadata& metadata) const; private: std::string filter_namespace_; std::vector path_; absl::optional max_length_; }; /** * FormatterProvider for DynamicMetadata from StreamInfo. */ class DynamicMetadataFormatter : public FormatterProvider, MetadataFormatter { public: DynamicMetadataFormatter(const std::string& filter_namespace, const std::vector& path, absl::optional max_length); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; }; /** * FormatterProvider for FilterState from StreamInfo. */ class FilterStateFormatter : public FormatterProvider { public: FilterStateFormatter(const std::string& key, absl::optional max_length, bool serialize_as_string); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; private: const Envoy::StreamInfo::FilterState::Object* filterState(const StreamInfo::StreamInfo& stream_info) const; std::string key_; absl::optional max_length_; bool serialize_as_string_; }; /** * FormatterProvider for request start time from StreamInfo. */ class StartTimeFormatter : public FormatterProvider { public: StartTimeFormatter(const std::string& format); // FormatterProvider absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, absl::string_view) const override; private: const Envoy::DateFormatter date_formatter_; }; } // namespace Formatter } // namespace Envoy ================================================ FILE: source/common/grpc/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_google_grpc_external_deps", "envoy_package", "envoy_select_google_grpc", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "typed_async_client_lib", srcs = ["typed_async_client.cc"], hdrs = ["typed_async_client.h"], deps = [ ":codec_lib", ":context_lib", "//include/envoy/grpc:async_client_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/http:async_client_lib", ], ) envoy_cc_library( name = "async_client_lib", srcs = ["async_client_impl.cc"], hdrs = ["async_client_impl.h"], deps = [ ":codec_lib", ":context_lib", ":typed_async_client_lib", "//include/envoy/grpc:async_client_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/config:version_converter_lib", "//source/common/http:async_client_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "async_client_manager_lib", srcs = ["async_client_manager_impl.cc"], hdrs = ["async_client_manager_impl.h"], deps = [ ":async_client_lib", ":context_lib", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", ] + envoy_select_google_grpc([":google_async_client_lib"]), ) envoy_cc_library( name = "codec_lib", srcs = ["codec.cc"], hdrs = ["codec.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "status_lib", srcs = ["status.cc"], hdrs = ["status.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/grpc:status", ], ) envoy_cc_library( name = "common_lib", srcs = ["common.cc"], hdrs = ["common.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/http:header_map_interface", "//include/envoy/http:message_interface", "//include/envoy/stats:stats_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/common:assert_lib", "//source/common/common:base64_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:hash_lib", "//source/common/common:macros", "//source/common/common:utility_lib", "//source/common/grpc:status_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "context_lib", srcs = ["context_impl.cc"], hdrs = ["context_impl.h"], external_deps = ["abseil_optional"], deps = [ ":common_lib", ":stat_names_lib", "//include/envoy/grpc:context_interface", "//include/envoy/http:header_map_interface", "//include/envoy/stats:stats_interface", "//source/common/common:hash_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "google_grpc_utils_lib", srcs = ["google_grpc_utils.cc"], hdrs = ["google_grpc_utils.h"], external_deps = [ "abseil_optional", "grpc", ], deps = [ ":google_grpc_creds_lib", "//include/envoy/api:api_interface", "//include/envoy/registry", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:macros", "//source/common/common:utility_lib", "//source/common/grpc:status_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "stat_names_lib", srcs = ["stat_names.cc"], hdrs = ["stat_names.h"], deps = [ "//include/envoy/grpc:status", "//source/common/stats:symbol_table_lib", ], ) envoy_cc_library( name = "google_async_client_lib", srcs = ["google_async_client_impl.cc"], hdrs = ["google_async_client_impl.h"], external_deps = [ "abseil_synchronization", "grpc", ], deps = [ ":context_lib", ":google_grpc_context_lib", ":google_grpc_creds_lib", ":google_grpc_utils_lib", ":stat_names_lib", ":typed_async_client_lib", "//include/envoy/api:api_interface", "//include/envoy/grpc:google_grpc_creds_interface", "//include/envoy/thread:thread_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:base64_lib", "//source/common/common:empty_string", "//source/common/common:linked_object", "//source/common/common:thread_annotations", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "google_grpc_context_lib", srcs = ["google_grpc_context.cc"], hdrs = ["google_grpc_context.h"], deps = [ "//source/common/common:assert_lib", "//source/common/common:lock_guard_lib", "//source/common/common:macros", "//source/common/common:thread_lib", ] + envoy_google_grpc_external_deps(), ) envoy_cc_library( name = "google_grpc_creds_lib", srcs = ["google_grpc_creds_impl.cc"], hdrs = ["google_grpc_creds_impl.h"], external_deps = ["grpc"], deps = [ "//include/envoy/api:api_interface", "//include/envoy/grpc:google_grpc_creds_interface", "//include/envoy/registry", "//source/common/config:datasource_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/grpc/async_client_impl.cc ================================================ #include "common/grpc/async_client_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/common/enum_to_int.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/header_map_impl.h" #include "common/http/utility.h" namespace Envoy { namespace Grpc { AsyncClientImpl::AsyncClientImpl(Upstream::ClusterManager& cm, const envoy::config::core::v3::GrpcService& config, TimeSource& time_source) : cm_(cm), remote_cluster_name_(config.envoy_grpc().cluster_name()), host_name_(config.envoy_grpc().authority()), initial_metadata_(config.initial_metadata()), time_source_(time_source) {} AsyncClientImpl::~AsyncClientImpl() { while (!active_streams_.empty()) { active_streams_.front()->resetStream(); } } AsyncRequest* AsyncClientImpl::sendRaw(absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) { auto* const async_request = new AsyncRequestImpl( *this, service_full_name, method_name, std::move(request), callbacks, parent_span, options); AsyncStreamImplPtr grpc_stream{async_request}; grpc_stream->initialize(true); if (grpc_stream->hasResetStream()) { return nullptr; } LinkedList::moveIntoList(std::move(grpc_stream), active_streams_); return async_request; } RawAsyncStream* AsyncClientImpl::startRaw(absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) { auto grpc_stream = std::make_unique(*this, service_full_name, method_name, callbacks, options); grpc_stream->initialize(false); if (grpc_stream->hasResetStream()) { return nullptr; } LinkedList::moveIntoList(std::move(grpc_stream), active_streams_); return active_streams_.front().get(); } AsyncStreamImpl::AsyncStreamImpl(AsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) : parent_(parent), service_full_name_(service_full_name), method_name_(method_name), callbacks_(callbacks), options_(options) {} void AsyncStreamImpl::initialize(bool buffer_body_for_retry) { if (parent_.cm_.get(parent_.remote_cluster_name_) == nullptr) { callbacks_.onRemoteClose(Status::WellKnownGrpcStatus::Unavailable, "Cluster not available"); http_reset_ = true; return; } auto& http_async_client = parent_.cm_.httpAsyncClientForCluster(parent_.remote_cluster_name_); dispatcher_ = &http_async_client.dispatcher(); stream_ = http_async_client.start(*this, options_.setBufferBodyForRetry(buffer_body_for_retry)); if (stream_ == nullptr) { callbacks_.onRemoteClose(Status::WellKnownGrpcStatus::Unavailable, EMPTY_STRING); http_reset_ = true; return; } // TODO(htuch): match Google gRPC base64 encoding behavior for *-bin headers, see // https://github.com/envoyproxy/envoy/pull/2444#discussion_r163914459. headers_message_ = Common::prepareHeaders( parent_.host_name_.empty() ? parent_.remote_cluster_name_ : parent_.host_name_, service_full_name_, method_name_, options_.timeout); // Fill service-wide initial metadata. for (const auto& header_value : parent_.initial_metadata_) { headers_message_->headers().addCopy(Http::LowerCaseString(header_value.key()), header_value.value()); } callbacks_.onCreateInitialMetadata(headers_message_->headers()); stream_->sendHeaders(headers_message_->headers(), false); } // TODO(htuch): match Google gRPC base64 encoding behavior for *-bin headers, see // https://github.com/envoyproxy/envoy/pull/2444#discussion_r163914459. void AsyncStreamImpl::onHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) { const auto http_response_status = Http::Utility::getResponseStatus(*headers); const auto grpc_status = Common::getGrpcStatus(*headers); callbacks_.onReceiveInitialMetadata(end_stream ? Http::ResponseHeaderMapImpl::create() : std::move(headers)); if (http_response_status != enumToInt(Http::Code::OK)) { // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md requires that // grpc-status be used if available. if (end_stream && grpc_status) { // Due to headers/trailers type differences we need to copy here. This is an uncommon case but // we can potentially optimize in the future. // TODO(mattklein123): clang-tidy is showing a use after move when passing to // onReceiveInitialMetadata() above. This looks like an actual bug that I will fix in a // follow up. onTrailers(Http::createHeaderMap(*headers)); return; } // Technically this should be // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md // as given by Grpc::Utility::httpToGrpcStatus(), but the Google gRPC client treats // this as WellKnownGrpcStatus::Canceled. streamError(Status::WellKnownGrpcStatus::Canceled); return; } if (end_stream) { // Due to headers/trailers type differences we need to copy here. This is an uncommon case but // we can potentially optimize in the future. onTrailers(Http::createHeaderMap(*headers)); } } void AsyncStreamImpl::onData(Buffer::Instance& data, bool end_stream) { decoded_frames_.clear(); if (!decoder_.decode(data, decoded_frames_)) { streamError(Status::WellKnownGrpcStatus::Internal); return; } for (auto& frame : decoded_frames_) { if (frame.length_ > 0 && frame.flags_ != GRPC_FH_DEFAULT) { streamError(Status::WellKnownGrpcStatus::Internal); return; } if (!callbacks_.onReceiveMessageRaw(frame.data_ ? std::move(frame.data_) : std::make_unique())) { streamError(Status::WellKnownGrpcStatus::Internal); return; } } if (end_stream) { streamError(Status::WellKnownGrpcStatus::Unknown); } } // TODO(htuch): match Google gRPC base64 encoding behavior for *-bin headers, see // https://github.com/envoyproxy/envoy/pull/2444#discussion_r163914459. void AsyncStreamImpl::onTrailers(Http::ResponseTrailerMapPtr&& trailers) { auto grpc_status = Common::getGrpcStatus(*trailers); const std::string grpc_message = Common::getGrpcMessage(*trailers); callbacks_.onReceiveTrailingMetadata(std::move(trailers)); if (!grpc_status) { grpc_status = Status::WellKnownGrpcStatus::Unknown; } callbacks_.onRemoteClose(grpc_status.value(), grpc_message); cleanup(); } void AsyncStreamImpl::streamError(Status::GrpcStatus grpc_status, const std::string& message) { callbacks_.onReceiveTrailingMetadata(Http::ResponseTrailerMapImpl::create()); callbacks_.onRemoteClose(grpc_status, message); resetStream(); } void AsyncStreamImpl::onComplete() { // No-op since stream completion is handled within other callbacks. } void AsyncStreamImpl::onReset() { if (http_reset_) { return; } http_reset_ = true; streamError(Status::WellKnownGrpcStatus::Internal); } void AsyncStreamImpl::sendMessage(const Protobuf::Message& request, bool end_stream) { stream_->sendData(*Common::serializeToGrpcFrame(request), end_stream); } void AsyncStreamImpl::sendMessageRaw(Buffer::InstancePtr&& buffer, bool end_stream) { Common::prependGrpcFrameHeader(*buffer); stream_->sendData(*buffer, end_stream); } void AsyncStreamImpl::closeStream() { Buffer::OwnedImpl empty_buffer; stream_->sendData(empty_buffer, true); } void AsyncStreamImpl::resetStream() { cleanup(); } void AsyncStreamImpl::cleanup() { if (!http_reset_) { http_reset_ = true; stream_->reset(); } // This will destroy us, but only do so if we are actually in a list. This does not happen in // the immediate failure case. if (LinkedObject::inserted()) { dispatcher_->deferredDelete( LinkedObject::removeFromList(parent_.active_streams_)); } } AsyncRequestImpl::AsyncRequestImpl(AsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) : AsyncStreamImpl(parent, service_full_name, method_name, *this, options), request_(std::move(request)), callbacks_(callbacks) { current_span_ = parent_span.spawnChild(Tracing::EgressConfig::get(), "async " + parent.remote_cluster_name_ + " egress", parent.time_source_.systemTime()); current_span_->setTag(Tracing::Tags::get().UpstreamCluster, parent.remote_cluster_name_); current_span_->setTag(Tracing::Tags::get().Component, Tracing::Tags::get().Proxy); } void AsyncRequestImpl::initialize(bool buffer_body_for_retry) { AsyncStreamImpl::initialize(buffer_body_for_retry); if (this->hasResetStream()) { return; } this->sendMessageRaw(std::move(request_), true); } void AsyncRequestImpl::cancel() { current_span_->setTag(Tracing::Tags::get().Status, Tracing::Tags::get().Canceled); current_span_->finishSpan(); this->resetStream(); } void AsyncRequestImpl::onCreateInitialMetadata(Http::RequestHeaderMap& metadata) { current_span_->injectContext(metadata); callbacks_.onCreateInitialMetadata(metadata); } void AsyncRequestImpl::onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) {} bool AsyncRequestImpl::onReceiveMessageRaw(Buffer::InstancePtr&& response) { response_ = std::move(response); return true; } void AsyncRequestImpl::onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) {} void AsyncRequestImpl::onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) { current_span_->setTag(Tracing::Tags::get().GrpcStatusCode, std::to_string(status)); if (status != Grpc::Status::WellKnownGrpcStatus::Ok) { current_span_->setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); callbacks_.onFailure(status, message, *current_span_); } else if (response_ == nullptr) { current_span_->setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); callbacks_.onFailure(Status::Internal, EMPTY_STRING, *current_span_); } else { callbacks_.onSuccessRaw(std::move(response_), *current_span_); } current_span_->finishSpan(); } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/async_client_impl.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client.h" #include "common/common/linked_object.h" #include "common/grpc/codec.h" #include "common/grpc/typed_async_client.h" #include "common/http/async_client_impl.h" namespace Envoy { namespace Grpc { class AsyncRequestImpl; class AsyncStreamImpl; using AsyncStreamImplPtr = std::unique_ptr; class AsyncClientImpl final : public RawAsyncClient { public: AsyncClientImpl(Upstream::ClusterManager& cm, const envoy::config::core::v3::GrpcService& config, TimeSource& time_source); ~AsyncClientImpl() override; // Grpc::AsyncClient AsyncRequest* sendRaw(absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) override; RawAsyncStream* startRaw(absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) override; private: Upstream::ClusterManager& cm_; const std::string remote_cluster_name_; // The host header value in the http transport. const std::string host_name_; const Protobuf::RepeatedPtrField initial_metadata_; std::list active_streams_; TimeSource& time_source_; friend class AsyncRequestImpl; friend class AsyncStreamImpl; }; class AsyncStreamImpl : public RawAsyncStream, Http::AsyncClient::StreamCallbacks, public Event::DeferredDeletable, public LinkedObject { public: AsyncStreamImpl(AsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options); virtual void initialize(bool buffer_body_for_retry); void sendMessage(const Protobuf::Message& request, bool end_stream); // Http::AsyncClient::StreamCallbacks void onHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) override; void onData(Buffer::Instance& data, bool end_stream) override; void onTrailers(Http::ResponseTrailerMapPtr&& trailers) override; void onComplete() override; void onReset() override; // Grpc::AsyncStream void sendMessageRaw(Buffer::InstancePtr&& request, bool end_stream) override; void closeStream() override; void resetStream() override; bool isAboveWriteBufferHighWatermark() const override { return stream_ && stream_->isAboveWriteBufferHighWatermark(); } bool hasResetStream() const { return http_reset_; } private: void streamError(Status::GrpcStatus grpc_status, const std::string& message); void streamError(Status::GrpcStatus grpc_status) { streamError(grpc_status, EMPTY_STRING); } void cleanup(); void trailerResponse(absl::optional grpc_status, const std::string& grpc_message); Event::Dispatcher* dispatcher_{}; Http::RequestMessagePtr headers_message_; AsyncClientImpl& parent_; std::string service_full_name_; std::string method_name_; RawAsyncStreamCallbacks& callbacks_; Http::AsyncClient::StreamOptions options_; bool http_reset_{}; Http::AsyncClient::Stream* stream_{}; Decoder decoder_; // This is a member to avoid reallocation on every onData(). std::vector decoded_frames_; friend class AsyncClientImpl; }; class AsyncRequestImpl : public AsyncRequest, public AsyncStreamImpl, RawAsyncStreamCallbacks { public: AsyncRequestImpl(AsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options); void initialize(bool buffer_body_for_retry) override; // Grpc::AsyncRequest void cancel() override; private: // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) override; void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) override; bool onReceiveMessageRaw(Buffer::InstancePtr&& response) override; void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) override; void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; Buffer::InstancePtr request_; RawAsyncRequestCallbacks& callbacks_; Tracing::SpanPtr current_span_; Buffer::InstancePtr response_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/async_client_manager_impl.cc ================================================ #include "common/grpc/async_client_manager_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" #include "common/grpc/async_client_impl.h" #ifdef ENVOY_GOOGLE_GRPC #include "common/grpc/google_async_client_impl.h" #endif namespace Envoy { namespace Grpc { AsyncClientFactoryImpl::AsyncClientFactoryImpl(Upstream::ClusterManager& cm, const envoy::config::core::v3::GrpcService& config, bool skip_cluster_check, TimeSource& time_source) : cm_(cm), config_(config), time_source_(time_source) { if (skip_cluster_check) { return; } const std::string& cluster_name = config.envoy_grpc().cluster_name(); auto clusters = cm_.clusters(); const auto& it = clusters.find(cluster_name); if (it == clusters.end()) { throw EnvoyException(fmt::format("Unknown gRPC client cluster '{}'", cluster_name)); } if (it->second.get().info()->addedViaApi()) { throw EnvoyException(fmt::format("gRPC client cluster '{}' is not static", cluster_name)); } } AsyncClientManagerImpl::AsyncClientManagerImpl(Upstream::ClusterManager& cm, ThreadLocal::Instance& tls, TimeSource& time_source, Api::Api& api, const StatNames& stat_names) : cm_(cm), tls_(tls), time_source_(time_source), api_(api), stat_names_(stat_names) { #ifdef ENVOY_GOOGLE_GRPC google_tls_slot_ = tls.allocateSlot(); google_tls_slot_->set( [&api](Event::Dispatcher&) { return std::make_shared(api); }); #else UNREFERENCED_PARAMETER(api_); #endif } RawAsyncClientPtr AsyncClientFactoryImpl::create() { return std::make_unique(cm_, config_, time_source_); } GoogleAsyncClientFactoryImpl::GoogleAsyncClientFactoryImpl( ThreadLocal::Instance& tls, ThreadLocal::Slot* google_tls_slot, Stats::Scope& scope, const envoy::config::core::v3::GrpcService& config, Api::Api& api, const StatNames& stat_names) : tls_(tls), google_tls_slot_(google_tls_slot), scope_(scope.createScope(fmt::format("grpc.{}.", config.google_grpc().stat_prefix()))), config_(config), api_(api), stat_names_(stat_names) { #ifndef ENVOY_GOOGLE_GRPC UNREFERENCED_PARAMETER(tls_); UNREFERENCED_PARAMETER(google_tls_slot_); UNREFERENCED_PARAMETER(scope_); UNREFERENCED_PARAMETER(config_); UNREFERENCED_PARAMETER(api_); UNREFERENCED_PARAMETER(stat_names_); throw EnvoyException("Google C++ gRPC client is not linked"); #else ASSERT(google_tls_slot_ != nullptr); #endif } RawAsyncClientPtr GoogleAsyncClientFactoryImpl::create() { #ifdef ENVOY_GOOGLE_GRPC GoogleGenericStubFactory stub_factory; return std::make_unique( tls_.dispatcher(), google_tls_slot_->getTyped(), stub_factory, scope_, config_, api_, stat_names_); #else return nullptr; #endif } AsyncClientFactoryPtr AsyncClientManagerImpl::factoryForGrpcService(const envoy::config::core::v3::GrpcService& config, Stats::Scope& scope, bool skip_cluster_check) { switch (config.target_specifier_case()) { case envoy::config::core::v3::GrpcService::TargetSpecifierCase::kEnvoyGrpc: return std::make_unique(cm_, config, skip_cluster_check, time_source_); case envoy::config::core::v3::GrpcService::TargetSpecifierCase::kGoogleGrpc: return std::make_unique(tls_, google_tls_slot_.get(), scope, config, api_, stat_names_); default: NOT_REACHED_GCOVR_EXCL_LINE; } return nullptr; } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/async_client_manager_impl.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/singleton/manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/grpc/stat_names.h" namespace Envoy { namespace Grpc { class AsyncClientFactoryImpl : public AsyncClientFactory { public: AsyncClientFactoryImpl(Upstream::ClusterManager& cm, const envoy::config::core::v3::GrpcService& config, bool skip_cluster_check, TimeSource& time_source); RawAsyncClientPtr create() override; private: Upstream::ClusterManager& cm_; const envoy::config::core::v3::GrpcService config_; TimeSource& time_source_; }; class GoogleAsyncClientFactoryImpl : public AsyncClientFactory { public: GoogleAsyncClientFactoryImpl(ThreadLocal::Instance& tls, ThreadLocal::Slot* google_tls_slot, Stats::Scope& scope, const envoy::config::core::v3::GrpcService& config, Api::Api& api, const StatNames& stat_names); RawAsyncClientPtr create() override; private: ThreadLocal::Instance& tls_; ThreadLocal::Slot* google_tls_slot_; Stats::ScopeSharedPtr scope_; const envoy::config::core::v3::GrpcService config_; Api::Api& api_; const StatNames& stat_names_; }; class AsyncClientManagerImpl : public AsyncClientManager { public: AsyncClientManagerImpl(Upstream::ClusterManager& cm, ThreadLocal::Instance& tls, TimeSource& time_source, Api::Api& api, const StatNames& stat_names); // Grpc::AsyncClientManager AsyncClientFactoryPtr factoryForGrpcService(const envoy::config::core::v3::GrpcService& config, Stats::Scope& scope, bool skip_cluster_check) override; private: Upstream::ClusterManager& cm_; ThreadLocal::Instance& tls_; ThreadLocal::SlotPtr google_tls_slot_; TimeSource& time_source_; Api::Api& api_; const StatNames& stat_names_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/codec.cc ================================================ #include "common/grpc/codec.h" #include #include #include #include #include "common/buffer/buffer_impl.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Grpc { Encoder::Encoder() = default; void Encoder::newFrame(uint8_t flags, uint64_t length, std::array& output) { output[0] = flags; output[1] = static_cast(length >> 24); output[2] = static_cast(length >> 16); output[3] = static_cast(length >> 8); output[4] = static_cast(length); } void Encoder::prependFrameHeader(uint8_t flags, Buffer::Instance& buffer) { // Compute the size of the payload and construct the length prefix. std::array frame; Grpc::Encoder().newFrame(flags, buffer.length(), frame); Buffer::OwnedImpl frame_buffer(frame.data(), frame.size()); buffer.prepend(frame_buffer); } bool Decoder::decode(Buffer::Instance& input, std::vector& output) { decoding_error_ = false; output_ = &output; inspect(input); output_ = nullptr; if (decoding_error_) { return false; } input.drain(input.length()); return true; } bool Decoder::frameStart(uint8_t flags) { // Unsupported flags. if (flags & ~GRPC_FH_COMPRESSED) { decoding_error_ = true; return false; } frame_.flags_ = flags; return true; } void Decoder::frameDataStart() { frame_.length_ = length_; frame_.data_ = std::make_unique(); } void Decoder::frameData(uint8_t* mem, uint64_t length) { frame_.data_->add(mem, length); } void Decoder::frameDataEnd() { output_->push_back(std::move(frame_)); frame_.flags_ = 0; frame_.length_ = 0; frame_.data_ = nullptr; } uint64_t FrameInspector::inspect(const Buffer::Instance& data) { uint64_t delta = 0; for (const Buffer::RawSlice& slice : data.getRawSlices()) { uint8_t* mem = reinterpret_cast(slice.mem_); for (uint64_t j = 0; j < slice.len_;) { uint8_t c = *mem; switch (state_) { case State::FhFlag: if (!frameStart(c)) { return delta; } count_ += 1; delta += 1; state_ = State::FhLen0; mem++; j++; break; case State::FhLen0: length_ = static_cast(c) << 24; state_ = State::FhLen1; mem++; j++; break; case State::FhLen1: length_ |= static_cast(c) << 16; state_ = State::FhLen2; mem++; j++; break; case State::FhLen2: length_ |= static_cast(c) << 8; state_ = State::FhLen3; mem++; j++; break; case State::FhLen3: length_ |= static_cast(c); frameDataStart(); if (length_ == 0) { frameDataEnd(); state_ = State::FhFlag; } else { state_ = State::Data; } mem++; j++; break; case State::Data: uint64_t remain_in_buffer = slice.len_ - j; if (remain_in_buffer <= length_) { frameData(mem, remain_in_buffer); mem += remain_in_buffer; j += remain_in_buffer; length_ -= remain_in_buffer; } else { frameData(mem, length_); mem += length_; j += length_; length_ = 0; } if (length_ == 0) { frameDataEnd(); state_ = State::FhFlag; } break; } } } return delta; } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/codec.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" namespace Envoy { namespace Grpc { // Last bit for an expanded message without compression. const uint8_t GRPC_FH_DEFAULT = 0b0u; // Last bit for a compressed message. const uint8_t GRPC_FH_COMPRESSED = 0b1u; constexpr uint64_t GRPC_FRAME_HEADER_SIZE = sizeof(uint8_t) + sizeof(uint32_t); enum class CompressionAlgorithm { None, Gzip }; struct Frame { uint8_t flags_; uint32_t length_; Buffer::InstancePtr data_; }; class Encoder { public: Encoder(); // Creates a new GRPC data frame with the given flags and length. // @param flags supplies the GRPC data frame flags. // @param length supplies the GRPC data frame length. // @param output the buffer to store the encoded data. Its size must be 5. void newFrame(uint8_t flags, uint64_t length, std::array& output); // Prepend the gRPC frame into the buffer. // @param flags supplies the GRPC data frame flags. // @param buffer the buffer with the message payload. void prependFrameHeader(uint8_t flags, Buffer::Instance& buffer); }; // Wire format (http://www.grpc.io/docs/guides/wire.html) of GRPC data frame // header: // // ----------------------------------------------------------------------- // |R|R|R|R|R|R|R|R|C| L | L | L | L | // ----------------------------------------------------------------------- // Flag (1 byte) Message Length (4 bytes) // // A fixed header consists of five bytes. // The first byte is the Flag. The last one "C" bit indicates if the message // is compressed or not (0 is uncompressed, 1 is compressed). The other seven // "R" bits are reserved for future use. // The next four "L" bytes represent the message length in BigEndian format. enum class State { // Waiting for decoding the flags (1 byte) of the GRPC data frame. FhFlag, // Waiting for decoding the 1st byte of the length (4 bytes in total) of the // GRPC data frame. FhLen0, // Waiting for decoding the 2nd byte of the length (4 bytes in total) of the // GRPC data frame. FhLen1, // Waiting for decoding the 3rd byte of the length (4 bytes in total) of the // GRPC data frame. FhLen2, // Waiting for decoding the 4th byte of the length (4 bytes in total) of the // GRPC data frame. FhLen3, // Waiting for decoding the data. Data, }; class FrameInspector { public: // Inspects the given buffer with GRPC data frame and updates the frame count. // Invokes visitor callbacks for each frame in the following sequence: // "frameStart frameDataStart frameData* frameDataEnd" // If frameStart returns false, then the inspector aborts. // Returns the increase in the frame count. uint64_t inspect(const Buffer::Instance& input); // Returns the current frame count, corresponding to the request/response // message count. Counter is incremented on a frame start. uint64_t frameCount() const { return count_; } // Returns the current state in the frame parsing. State state() const { return state_; } virtual ~FrameInspector() = default; protected: virtual bool frameStart(uint8_t) { return true; } virtual void frameDataStart() {} virtual void frameData(uint8_t*, uint64_t) {} virtual void frameDataEnd() {} State state_{State::FhFlag}; uint32_t length_{0}; uint64_t count_{0}; }; class Decoder : public FrameInspector { public: // Decodes the given buffer with GRPC data frame. Drains the input buffer when // decoding succeeded (returns true). If the input is not sufficient to make a // complete GRPC data frame, it will be buffered in the decoder. If a decoding // error happened, the input buffer remains unchanged. // @param input supplies the binary octets wrapped in a GRPC data frame. // @param output supplies the buffer to store the decoded data. // @return bool whether the decoding succeeded or not. bool decode(Buffer::Instance& input, std::vector& output); // Determine the length of the current frame being decoded. This is useful when supplying a // partial frame to decode() and wanting to know how many more bytes need to be read to complete // the frame. uint32_t length() const { return frame_.length_; } // Indicates whether it has buffered any partial data. bool hasBufferedData() const { return state_ != State::FhFlag; } protected: bool frameStart(uint8_t) override; void frameDataStart() override; void frameData(uint8_t*, uint64_t) override; void frameDataEnd() override; private: Frame frame_; std::vector* output_{nullptr}; bool decoding_error_{false}; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/common.cc ================================================ #include "common/grpc/common.h" #include #include #include #include #include "common/buffer/buffer_impl.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/common/assert.h" #include "common/common/base64.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" namespace Envoy { namespace Grpc { bool Common::hasGrpcContentType(const Http::RequestOrResponseHeaderMap& headers) { const absl::string_view content_type = headers.getContentTypeValue(); // Content type is gRPC if it is exactly "application/grpc" or starts with // "application/grpc+". Specifically, something like application/grpc-web is not gRPC. return absl::StartsWith(content_type, Http::Headers::get().ContentTypeValues.Grpc) && (content_type.size() == Http::Headers::get().ContentTypeValues.Grpc.size() || content_type[Http::Headers::get().ContentTypeValues.Grpc.size()] == '+'); } bool Common::isGrpcRequestHeaders(const Http::RequestHeaderMap& headers) { if (!headers.Path()) { return false; } return hasGrpcContentType(headers); } bool Common::isGrpcResponseHeaders(const Http::ResponseHeaderMap& headers, bool end_stream) { if (end_stream) { // Trailers-only response, only grpc-status is required. return headers.GrpcStatus() != nullptr; } if (Http::Utility::getResponseStatus(headers) != enumToInt(Http::Code::OK)) { return false; } return hasGrpcContentType(headers); } absl::optional Common::getGrpcStatus(const Http::ResponseHeaderOrTrailerMap& trailers, bool allow_user_defined) { const absl::string_view grpc_status_header = trailers.getGrpcStatusValue(); uint64_t grpc_status_code; if (grpc_status_header.empty()) { return absl::nullopt; } if (!absl::SimpleAtoi(grpc_status_header, &grpc_status_code) || (grpc_status_code > Status::WellKnownGrpcStatus::MaximumKnown && !allow_user_defined)) { return {Status::WellKnownGrpcStatus::InvalidCode}; } return {static_cast(grpc_status_code)}; } absl::optional Common::getGrpcStatus(const Http::ResponseTrailerMap& trailers, const Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& info, bool allow_user_defined) { // The gRPC specification does not guarantee a gRPC status code will be returned from a gRPC // request. When it is returned, it will be in the response trailers. With that said, Envoy will // treat a trailers-only response as a headers-only response, so we have to check the following // in order: // 1. trailers gRPC status, if it exists. // 2. headers gRPC status, if it exists. // 3. Inferred from info HTTP status, if it exists. const std::array, 3> optional_statuses = {{ {Grpc::Common::getGrpcStatus(trailers, allow_user_defined)}, {Grpc::Common::getGrpcStatus(headers, allow_user_defined)}, {info.responseCode() ? absl::optional( Grpc::Utility::httpToGrpcStatus(info.responseCode().value())) : absl::nullopt}, }}; for (const auto& optional_status : optional_statuses) { if (optional_status.has_value()) { return optional_status; } } return absl::nullopt; } std::string Common::getGrpcMessage(const Http::ResponseHeaderOrTrailerMap& trailers) { const auto entry = trailers.GrpcMessage(); return entry ? std::string(entry->value().getStringView()) : EMPTY_STRING; } absl::optional Common::getGrpcStatusDetailsBin(const Http::HeaderMap& trailers) { const Http::HeaderEntry* details_header = trailers.get(Http::Headers::get().GrpcStatusDetailsBin); if (!details_header) { return absl::nullopt; } // Some implementations use non-padded base64 encoding for grpc-status-details-bin. auto decoded_value = Base64::decodeWithoutPadding(details_header->value().getStringView()); if (decoded_value.empty()) { return absl::nullopt; } google::rpc::Status status; if (!status.ParseFromString(decoded_value)) { return absl::nullopt; } return {std::move(status)}; } Buffer::InstancePtr Common::serializeToGrpcFrame(const Protobuf::Message& message) { // http://www.grpc.io/docs/guides/wire.html // Reserve enough space for the entire message and the 5 byte header. // NB: we do not use prependGrpcFrameHeader because that would add another BufferFragment and this // (using a single BufferFragment) is more efficient. Buffer::InstancePtr body(new Buffer::OwnedImpl()); const uint32_t size = message.ByteSize(); const uint32_t alloc_size = size + 5; Buffer::RawSlice iovec; body->reserve(alloc_size, &iovec, 1); ASSERT(iovec.len_ >= alloc_size); iovec.len_ = alloc_size; uint8_t* current = reinterpret_cast(iovec.mem_); *current++ = 0; // flags const uint32_t nsize = htonl(size); std::memcpy(current, reinterpret_cast(&nsize), sizeof(uint32_t)); current += sizeof(uint32_t); Protobuf::io::ArrayOutputStream stream(current, size, -1); Protobuf::io::CodedOutputStream codec_stream(&stream); message.SerializeWithCachedSizes(&codec_stream); body->commit(&iovec, 1); return body; } Buffer::InstancePtr Common::serializeMessage(const Protobuf::Message& message) { auto body = std::make_unique(); const uint32_t size = message.ByteSize(); Buffer::RawSlice iovec; body->reserve(size, &iovec, 1); ASSERT(iovec.len_ >= size); iovec.len_ = size; uint8_t* current = reinterpret_cast(iovec.mem_); Protobuf::io::ArrayOutputStream stream(current, size, -1); Protobuf::io::CodedOutputStream codec_stream(&stream); message.SerializeWithCachedSizes(&codec_stream); body->commit(&iovec, 1); return body; } absl::optional Common::getGrpcTimeout(const Http::RequestHeaderMap& request_headers) { const Http::HeaderEntry* header_grpc_timeout_entry = request_headers.GrpcTimeout(); std::chrono::milliseconds timeout; if (header_grpc_timeout_entry) { uint64_t grpc_timeout; // TODO(dnoe): Migrate to pure string_view (#6580) std::string grpc_timeout_string(header_grpc_timeout_entry->value().getStringView()); const char* unit = StringUtil::strtoull(grpc_timeout_string.c_str(), grpc_timeout); if (unit != nullptr && *unit != '\0') { switch (*unit) { case 'H': return std::chrono::hours(grpc_timeout); case 'M': return std::chrono::minutes(grpc_timeout); case 'S': return std::chrono::seconds(grpc_timeout); case 'm': return std::chrono::milliseconds(grpc_timeout); break; case 'u': timeout = std::chrono::duration_cast( std::chrono::microseconds(grpc_timeout)); if (timeout < std::chrono::microseconds(grpc_timeout)) { timeout++; } return timeout; case 'n': timeout = std::chrono::duration_cast( std::chrono::nanoseconds(grpc_timeout)); if (timeout < std::chrono::nanoseconds(grpc_timeout)) { timeout++; } return timeout; } } } return absl::nullopt; } void Common::toGrpcTimeout(const std::chrono::milliseconds& timeout, Http::RequestHeaderMap& headers) { uint64_t time = timeout.count(); static const char units[] = "mSMH"; const char* unit = units; // start with milliseconds static constexpr size_t MAX_GRPC_TIMEOUT_VALUE = 99999999; if (time > MAX_GRPC_TIMEOUT_VALUE) { time /= 1000; // Convert from milliseconds to seconds unit++; } while (time > MAX_GRPC_TIMEOUT_VALUE) { if (*unit == 'H') { time = MAX_GRPC_TIMEOUT_VALUE; // No bigger unit available, clip to max 8 digit hours. } else { time /= 60; // Convert from seconds to minutes to hours unit++; } } headers.setGrpcTimeout(absl::StrCat(time, absl::string_view(unit, 1))); } Http::RequestMessagePtr Common::prepareHeaders(const std::string& host_name, const std::string& service_full_name, const std::string& method_name, const absl::optional& timeout) { Http::RequestMessagePtr message(new Http::RequestMessageImpl()); message->headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); message->headers().setPath(absl::StrCat("/", service_full_name, "/", method_name)); message->headers().setHost(host_name); // According to https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md TE should appear // before Timeout and ContentType. message->headers().setReferenceTE(Http::Headers::get().TEValues.Trailers); if (timeout) { toGrpcTimeout(timeout.value(), message->headers()); } message->headers().setReferenceContentType(Http::Headers::get().ContentTypeValues.Grpc); return message; } void Common::checkForHeaderOnlyError(Http::ResponseMessage& http_response) { // First check for grpc-status in headers. If it is here, we have an error. absl::optional grpc_status_code = Common::getGrpcStatus(http_response.headers()); if (!grpc_status_code) { return; } if (grpc_status_code.value() == Status::WellKnownGrpcStatus::InvalidCode) { throw Exception(absl::optional(), "bad grpc-status header"); } throw Exception(grpc_status_code.value(), Common::getGrpcMessage(http_response.headers())); } void Common::validateResponse(Http::ResponseMessage& http_response) { if (Http::Utility::getResponseStatus(http_response.headers()) != enumToInt(Http::Code::OK)) { throw Exception(absl::optional(), "non-200 response code"); } checkForHeaderOnlyError(http_response); // Check for existence of trailers. if (!http_response.trailers()) { throw Exception(absl::optional(), "no response trailers"); } absl::optional grpc_status_code = Common::getGrpcStatus(*http_response.trailers()); if (!grpc_status_code || grpc_status_code.value() < 0) { throw Exception(absl::optional(), "bad grpc-status trailer"); } if (grpc_status_code.value() != 0) { throw Exception(grpc_status_code.value(), Common::getGrpcMessage(*http_response.trailers())); } } const std::string& Common::typeUrlPrefix() { CONSTRUCT_ON_FIRST_USE(std::string, "type.googleapis.com"); } std::string Common::typeUrl(const std::string& qualified_name) { return typeUrlPrefix() + "/" + qualified_name; } void Common::prependGrpcFrameHeader(Buffer::Instance& buffer) { std::array header; header[0] = 0; // flags const uint32_t nsize = htonl(buffer.length()); std::memcpy(&header[1], reinterpret_cast(&nsize), sizeof(uint32_t)); buffer.prepend(absl::string_view(&header[0], 5)); } bool Common::parseBufferInstance(Buffer::InstancePtr&& buffer, Protobuf::Message& proto) { Buffer::ZeroCopyInputStreamImpl stream(std::move(buffer)); return proto.ParseFromZeroCopyStream(&stream); } absl::optional Common::resolveServiceAndMethod(const Http::HeaderEntry* path) { absl::optional request_names; if (path == nullptr) { return request_names; } absl::string_view str = path->value().getStringView(); str = str.substr(0, str.find('?')); const auto parts = StringUtil::splitToken(str, "/"); if (parts.size() != 2) { return request_names; } request_names = RequestNames{parts[0], parts[1]}; return request_names; } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/common.h ================================================ #pragma once #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/grpc/status.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/http/message.h" #include "common/common/hash.h" #include "common/grpc/status.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" #include "google/rpc/status.pb.h" namespace Envoy { namespace Grpc { class Exception : public EnvoyException { public: Exception(const absl::optional& grpc_status, const std::string& message) : EnvoyException(message), grpc_status_(grpc_status) {} const absl::optional grpc_status_; }; class Common { public: /** * @param headers the headers to parse. * @return bool indicating whether content-type is gRPC. */ static bool hasGrpcContentType(const Http::RequestOrResponseHeaderMap& headers); /** * @param headers the headers to parse. * @return bool indicating whether the header is a gRPC request header. * Currently headers are considered gRPC request headers if they have the gRPC * content type, and have a path header. */ static bool isGrpcRequestHeaders(const Http::RequestHeaderMap& headers); /** * @param headers the headers to parse. * @param bool indicating whether the header is at end_stream. * @return bool indicating whether the header is a gRPC response header */ static bool isGrpcResponseHeaders(const Http::ResponseHeaderMap& headers, bool end_stream); /** * Returns the GrpcStatus code from a given set of trailers, if present. * @param trailers the trailers to parse. * @param allow_user_status whether allow user defined grpc status. * if this value is false, custom grpc status is regarded as invalid status * @return absl::optional the parsed status code or InvalidCode if no valid * status is found. */ static absl::optional getGrpcStatus(const Http::ResponseHeaderOrTrailerMap& trailers, bool allow_user_defined = false); /** * Returns the GrpcStatus code from the set of trailers, headers, and StreamInfo, if present. * @param trailers the trailers to parse for a status code * @param headers the headers to parse if no status code was found in the trailers * @param info the StreamInfo to check for HTTP response code if no code was found in the trailers * or headers * @return absl::optional the parsed status code or absl::nullopt if no status * is found */ static absl::optional getGrpcStatus(const Http::ResponseTrailerMap& trailers, const Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& info, bool allow_user_defined = false); /** * Returns the grpc-message from a given set of trailers, if present. * @param trailers the trailers to parse. * @return std::string the gRPC status message or empty string if grpc-message is not present in * trailers. */ static std::string getGrpcMessage(const Http::ResponseHeaderOrTrailerMap& trailers); /** * Returns the decoded google.rpc.Status message from a given set of trailers, if present. * @param trailers the trailers to parse. * @return std::unique_ptr the gRPC status message or empty pointer if no * grpc-status-details-bin trailer found or it was invalid. */ static absl::optional getGrpcStatusDetailsBin(const Http::HeaderMap& trailers); /** * Parse gRPC header 'grpc-timeout' value to a duration in milliseconds. * @param request_headers the header map from which to extract the value of 'grpc-timeout' header. * If this header is missing the timeout corresponds to infinity. The header is encoded in * maximum of 8 decimal digits and a char for the unit. * @return absl::optional the duration in milliseconds. absl::nullopt * is returned if 'grpc-timeout' is missing or malformed. */ static absl::optional getGrpcTimeout(const Http::RequestHeaderMap& request_headers); /** * Encode 'timeout' into 'grpc-timeout' format in the grpc-timeout header. * @param timeout the duration in std::chrono::milliseconds. * @param headers the HeaderMap in which the grpc-timeout header will be set with the timeout in * 'grpc-timeout' format, up to 8 decimal digits and a letter indicating the unit. */ static void toGrpcTimeout(const std::chrono::milliseconds& timeout, Http::RequestHeaderMap& headers); /** * Serialize protobuf message with gRPC frame header. */ static Buffer::InstancePtr serializeToGrpcFrame(const Protobuf::Message& message); /** * Serialize protobuf message. Without grpc header. */ static Buffer::InstancePtr serializeMessage(const Protobuf::Message& message); /** * Prepare headers for protobuf service. */ static Http::RequestMessagePtr prepareHeaders(const std::string& upstream_cluster, const std::string& service_full_name, const std::string& method_name, const absl::optional& timeout); /** * Basic validation of gRPC response, @throws Grpc::Exception in case of non successful response. */ static void validateResponse(Http::ResponseMessage& http_response); /** * @return const std::string& type URL prefix. */ static const std::string& typeUrlPrefix(); /** * Prefix type URL to a qualified name. * @param qualified_name packagename.messagename. * @return qualified_name prefixed with typeUrlPrefix + "/". */ static std::string typeUrl(const std::string& qualified_name); /** * Prepend a gRPC frame header to a Buffer::Instance containing a single gRPC frame. * @param buffer containing the frame data which will be modified. */ static void prependGrpcFrameHeader(Buffer::Instance& buffer); /** * Parse a Buffer::Instance into a Protobuf::Message. * @param buffer containing the data to be parsed. * @param proto the parsed proto. * @return bool true if the parse was successful. */ static bool parseBufferInstance(Buffer::InstancePtr&& buffer, Protobuf::Message& proto); struct RequestNames { absl::string_view service_; absl::string_view method_; }; /** * Resolve the gRPC service and method from the HTTP2 :path header. * @param path supplies the :path header. * @return if both gRPC serve and method have been resolved successfully returns * a populated RequestNames, otherwise returns an empty optional. * @note The return value is only valid as long as `path` is still valid and unmodified. */ static absl::optional resolveServiceAndMethod(const Http::HeaderEntry* path); private: static void checkForHeaderOnlyError(Http::ResponseMessage& http_response); }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/context_impl.cc ================================================ #include "common/grpc/context_impl.h" #include #include #include "common/grpc/common.h" #include "common/stats/utility.h" namespace Envoy { namespace Grpc { ContextImpl::ContextImpl(Stats::SymbolTable& symbol_table) : stat_name_pool_(symbol_table), grpc_(stat_name_pool_.add("grpc")), grpc_web_(stat_name_pool_.add("grpc-web")), success_(stat_name_pool_.add("success")), failure_(stat_name_pool_.add("failure")), total_(stat_name_pool_.add("total")), zero_(stat_name_pool_.add("0")), request_message_count_(stat_name_pool_.add("request_message_count")), response_message_count_(stat_name_pool_.add("response_message_count")), upstream_rq_time_(stat_name_pool_.add("upstream_rq_time")), stat_names_(symbol_table) {} // Gets the stat prefix and underlying storage, depending on whether request_names is empty Stats::ElementVec ContextImpl::statElements(Protocol protocol, const absl::optional& request_names, Stats::Element suffix) { const Stats::StatName protocolName = protocolStatName(protocol); if (request_names) { return Stats::ElementVec{protocolName, request_names->service_, request_names->method_, suffix}; } return Stats::ElementVec{protocolName, suffix}; } void ContextImpl::chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, const Http::HeaderEntry* grpc_status) { if (!grpc_status) { return; } absl::string_view status_str = grpc_status->value().getStringView(); auto iter = stat_names_.status_names_.find(status_str); Stats::ElementVec elements = statElements(protocol, request_names, (iter != stat_names_.status_names_.end()) ? Stats::Element(iter->second) : Stats::DynamicName(status_str)); Stats::Utility::counterFromElements(cluster.statsScope(), elements).inc(); chargeStat(cluster, protocol, request_names, (status_str == "0")); } void ContextImpl::chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, bool success) { Stats::ElementVec elements = statElements(protocol, request_names, successStatName(success)); Stats::Utility::counterFromElements(cluster.statsScope(), elements).inc(); elements.back() = total_; Stats::Utility::counterFromElements(cluster.statsScope(), elements).inc(); } void ContextImpl::chargeStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, bool success) { chargeStat(cluster, Protocol::Grpc, request_names, success); } void ContextImpl::chargeRequestMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) { Stats::ElementVec elements = statElements(Protocol::Grpc, request_names, request_message_count_); Stats::Utility::counterFromElements(cluster.statsScope(), elements).add(amount); } void ContextImpl::chargeResponseMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) { Stats::ElementVec elements = statElements(Protocol::Grpc, request_names, response_message_count_); Stats::Utility::counterFromElements(cluster.statsScope(), elements).add(amount); } void ContextImpl::chargeUpstreamStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, std::chrono::milliseconds duration) { Stats::ElementVec elements = statElements(Protocol::Grpc, request_names, upstream_rq_time_); Stats::Utility::histogramFromElements(cluster.statsScope(), elements, Stats::Histogram::Unit::Milliseconds) .recordValue(duration.count()); } absl::optional ContextImpl::resolveDynamicServiceAndMethod(const Http::HeaderEntry* path) { absl::optional request_names = Common::resolveServiceAndMethod(path); if (!request_names) { return {}; } Stats::Element service = Stats::DynamicName(request_names->service_); Stats::Element method = Stats::DynamicName(request_names->method_); return RequestStatNames{service, method}; } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/context_impl.h ================================================ #pragma once #include #include #include "envoy/grpc/context.h" #include "envoy/http/header_map.h" #include "common/common/hash.h" #include "common/grpc/stat_names.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" #include "absl/types/optional.h" namespace Envoy { namespace Grpc { struct Context::RequestStatNames { Stats::Element service_; // supplies the service name. Stats::Element method_; // supplies the method name. }; class ContextImpl : public Context { public: explicit ContextImpl(Stats::SymbolTable& symbol_table); // Context void chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, const Http::HeaderEntry* grpc_status) override; void chargeStat(const Upstream::ClusterInfo& cluster, Protocol protocol, const absl::optional& request_names, bool success) override; void chargeStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, bool success) override; void chargeRequestMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) override; void chargeResponseMessageStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, uint64_t amount) override; void chargeUpstreamStat(const Upstream::ClusterInfo& cluster, const absl::optional& request_names, std::chrono::milliseconds duration) override; /** * Resolve the gRPC service and method from the HTTP2 :path header. * @param path supplies the :path header. * @return if both gRPC serve and method have been resolved successfully returns * a populated RequestStatNames, otherwise returns an empty optional. */ absl::optional resolveDynamicServiceAndMethod(const Http::HeaderEntry* path) override; Stats::StatName successStatName(bool success) const { return success ? success_ : failure_; } Stats::StatName protocolStatName(Protocol protocol) const { return protocol == Context::Protocol::Grpc ? grpc_ : grpc_web_; } StatNames& statNames() override { return stat_names_; } private: // Creates an array of stat-name elements, comprising the protocol, optional // service and method, and a suffix. Stats::ElementVec statElements(Protocol protocol, const absl::optional& request_names, Stats::Element suffix); Stats::StatNamePool stat_name_pool_; const Stats::StatName grpc_; const Stats::StatName grpc_web_; const Stats::StatName success_; const Stats::StatName failure_; const Stats::StatName total_; const Stats::StatName zero_; const Stats::StatName request_message_count_; const Stats::StatName response_message_count_; const Stats::StatName upstream_rq_time_; StatNames stat_names_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_async_client_impl.cc ================================================ #include "common/grpc/google_async_client_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" #include "common/common/base64.h" #include "common/common/empty_string.h" #include "common/common/lock_guard.h" #include "common/config/datasource.h" #include "common/grpc/common.h" #include "common/grpc/google_grpc_creds_impl.h" #include "common/grpc/google_grpc_utils.h" #include "common/tracing/http_tracer_impl.h" #include "grpcpp/support/proto_buffer_reader.h" namespace Envoy { namespace Grpc { namespace { static constexpr int DefaultBufferLimitBytes = 1024 * 1024; } GoogleAsyncClientThreadLocal::GoogleAsyncClientThreadLocal(Api::Api& api) : completion_thread_(api.threadFactory().createThread([this] { completionThread(); }, Thread::Options{"GrpcGoogClient"})) {} GoogleAsyncClientThreadLocal::~GoogleAsyncClientThreadLocal() { // Force streams to shutdown and invoke TryCancel() to start the drain of // pending op. If we don't do this, Shutdown() below can jam on pending ops. // This is also required to satisfy the contract that once Shutdown is called, // streams no longer queue any additional tags. for (auto it = streams_.begin(); it != streams_.end();) { // resetStream() may result in immediate unregisterStream() and erase(), // which would invalidate the iterator for the current element, so make sure // we point to the next one first. (*it++)->resetStream(); } cq_.Shutdown(); ENVOY_LOG(debug, "Joining completionThread"); completion_thread_->join(); ENVOY_LOG(debug, "Joined completionThread"); // Ensure that we have cleaned up all orphan streams, now that CQ is gone. while (!streams_.empty()) { (*streams_.begin())->onCompletedOps(); } } void GoogleAsyncClientThreadLocal::completionThread() { ENVOY_LOG(debug, "completionThread running"); void* tag; bool ok; while (cq_.Next(&tag, &ok)) { const auto& google_async_tag = *reinterpret_cast(tag); const GoogleAsyncTag::Operation op = google_async_tag.op_; GoogleAsyncStreamImpl& stream = google_async_tag.stream_; ENVOY_LOG(trace, "completionThread CQ event {} {}", op, ok); Thread::LockGuard lock(stream.completed_ops_lock_); // It's an invariant that there must only be one pending post for arbitrary // length completed_ops_, otherwise we can race in stream destruction, where // we process multiple events in onCompletedOps() but have only partially // consumed the posts on the dispatcher. // TODO(htuch): This may result in unbounded processing on the silo thread // in onCompletedOps() in extreme cases, when we emplace_back() in // completionThread() at a high rate, consider bounding the length of such // sequences if this behavior becomes an issue. if (stream.completed_ops_.empty()) { stream.dispatcher_.post([&stream] { stream.onCompletedOps(); }); } stream.completed_ops_.emplace_back(op, ok); } ENVOY_LOG(debug, "completionThread exiting"); } GoogleAsyncClientImpl::GoogleAsyncClientImpl(Event::Dispatcher& dispatcher, GoogleAsyncClientThreadLocal& tls, GoogleStubFactory& stub_factory, Stats::ScopeSharedPtr scope, const envoy::config::core::v3::GrpcService& config, Api::Api& api, const StatNames& stat_names) : dispatcher_(dispatcher), tls_(tls), stat_prefix_(config.google_grpc().stat_prefix()), initial_metadata_(config.initial_metadata()), scope_(scope), per_stream_buffer_limit_bytes_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config.google_grpc(), per_stream_buffer_limit_bytes, DefaultBufferLimitBytes)) { // We rebuild the channel each time we construct the channel. It appears that the gRPC library is // smart enough to do connection pooling and reuse with identical channel args, so this should // have comparable overhead to what we are doing in Grpc::AsyncClientImpl, i.e. no expensive // new connection implied. std::shared_ptr channel = GoogleGrpcUtils::createChannel(config, api); stub_ = stub_factory.createStub(channel); scope_->counterFromStatName(stat_names.google_grpc_client_creation_).inc(); // Initialize client stats. // TODO(jmarantz): Capture these names in async_client_manager_impl.cc and // pass in a struct of StatName objects so we don't have to take locks here. stats_.streams_total_ = &scope_->counterFromStatName(stat_names.streams_total_); for (uint32_t i = 0; i <= Status::WellKnownGrpcStatus::MaximumKnown; ++i) { stats_.streams_closed_[i] = &scope_->counterFromStatName(stat_names.streams_closed_[i]); } } GoogleAsyncClientImpl::~GoogleAsyncClientImpl() { ENVOY_LOG(debug, "Client teardown, resetting streams"); while (!active_streams_.empty()) { active_streams_.front()->resetStream(); } } AsyncRequest* GoogleAsyncClientImpl::sendRaw(absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) { auto* const async_request = new GoogleAsyncRequestImpl( *this, service_full_name, method_name, std::move(request), callbacks, parent_span, options); GoogleAsyncStreamImplPtr grpc_stream{async_request}; grpc_stream->initialize(true); if (grpc_stream->callFailed()) { return nullptr; } LinkedList::moveIntoList(std::move(grpc_stream), active_streams_); return async_request; } RawAsyncStream* GoogleAsyncClientImpl::startRaw(absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) { auto grpc_stream = std::make_unique(*this, service_full_name, method_name, callbacks, options); grpc_stream->initialize(false); if (grpc_stream->callFailed()) { return nullptr; } LinkedList::moveIntoList(std::move(grpc_stream), active_streams_); return active_streams_.front().get(); } GoogleAsyncStreamImpl::GoogleAsyncStreamImpl(GoogleAsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) : parent_(parent), tls_(parent_.tls_), dispatcher_(parent_.dispatcher_), stub_(parent_.stub_), service_full_name_(service_full_name), method_name_(method_name), callbacks_(callbacks), options_(options) {} GoogleAsyncStreamImpl::~GoogleAsyncStreamImpl() { ENVOY_LOG(debug, "GoogleAsyncStreamImpl destruct"); } GoogleAsyncStreamImpl::PendingMessage::PendingMessage(Buffer::InstancePtr request, bool end_stream) : buf_(GoogleGrpcUtils::makeByteBuffer(std::move(request))), end_stream_(end_stream) {} // TODO(htuch): figure out how to propagate "this request should be buffered for // retry" bit to Google gRPC library. void GoogleAsyncStreamImpl::initialize(bool /*buffer_body_for_retry*/) { parent_.stats_.streams_total_->inc(); gpr_timespec abs_deadline = options_.timeout ? gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), gpr_time_from_millis(options_.timeout.value().count(), GPR_TIMESPAN)) : gpr_inf_future(GPR_CLOCK_REALTIME); ctxt_.set_deadline(abs_deadline); // Fill service-wide initial metadata. for (const auto& header_value : parent_.initial_metadata_) { ctxt_.AddMetadata(header_value.key(), header_value.value()); } // Due to the different HTTP header implementations, we effectively double // copy headers here. auto initial_metadata = Http::RequestHeaderMapImpl::create(); callbacks_.onCreateInitialMetadata(*initial_metadata); initial_metadata->iterate([this](const Http::HeaderEntry& header) { ctxt_.AddMetadata(std::string(header.key().getStringView()), std::string(header.value().getStringView())); return Http::HeaderMap::Iterate::Continue; }); // Invoke stub call. rw_ = parent_.stub_->PrepareCall(&ctxt_, "/" + service_full_name_ + "/" + method_name_, &parent_.tls_.completionQueue()); if (rw_ == nullptr) { notifyRemoteClose(Status::WellKnownGrpcStatus::Unavailable, nullptr, EMPTY_STRING); call_failed_ = true; return; } parent_.tls_.registerStream(this); rw_->StartCall(&init_tag_); ++inflight_tags_; } void GoogleAsyncStreamImpl::notifyRemoteClose(Status::GrpcStatus grpc_status, Http::ResponseTrailerMapPtr trailing_metadata, const std::string& message) { if (grpc_status > Status::WellKnownGrpcStatus::MaximumKnown || grpc_status < 0) { ENVOY_LOG(error, "notifyRemoteClose invalid gRPC status code {}", grpc_status); // Set the grpc_status as InvalidCode but increment the Unknown stream to avoid out-of-range // crash.. grpc_status = Status::WellKnownGrpcStatus::InvalidCode; parent_.stats_.streams_closed_[Status::WellKnownGrpcStatus::Unknown]->inc(); } else { parent_.stats_.streams_closed_[grpc_status]->inc(); } ENVOY_LOG(debug, "notifyRemoteClose {} {}", grpc_status, message); callbacks_.onReceiveTrailingMetadata(trailing_metadata ? std::move(trailing_metadata) : Http::ResponseTrailerMapImpl::create()); callbacks_.onRemoteClose(grpc_status, message); } void GoogleAsyncStreamImpl::sendMessageRaw(Buffer::InstancePtr&& request, bool end_stream) { write_pending_queue_.emplace(std::move(request), end_stream); ENVOY_LOG(trace, "Queued message to write ({} bytes)", write_pending_queue_.back().buf_.value().Length()); bytes_in_write_pending_queue_ += write_pending_queue_.back().buf_.value().Length(); writeQueued(); } void GoogleAsyncStreamImpl::closeStream() { // Empty EOS write queued. write_pending_queue_.emplace(); writeQueued(); } void GoogleAsyncStreamImpl::resetStream() { ENVOY_LOG(debug, "resetStream"); cleanup(); } void GoogleAsyncStreamImpl::writeQueued() { if (!call_initialized_ || finish_pending_ || write_pending_ || write_pending_queue_.empty() || draining_cq_) { return; } write_pending_ = true; const PendingMessage& msg = write_pending_queue_.front(); if (!msg.buf_) { ASSERT(msg.end_stream_); rw_->WritesDone(&write_last_tag_); ++inflight_tags_; } else if (msg.end_stream_) { grpc::WriteOptions write_options; rw_->WriteLast(msg.buf_.value(), write_options, &write_last_tag_); ++inflight_tags_; } else { rw_->Write(msg.buf_.value(), &write_tag_); ++inflight_tags_; } ENVOY_LOG(trace, "Write op dispatched"); } void GoogleAsyncStreamImpl::onCompletedOps() { Thread::LockGuard lock(completed_ops_lock_); while (!completed_ops_.empty()) { GoogleAsyncTag::Operation op; bool ok; std::tie(op, ok) = completed_ops_.front(); completed_ops_.pop_front(); handleOpCompletion(op, ok); } } void GoogleAsyncStreamImpl::handleOpCompletion(GoogleAsyncTag::Operation op, bool ok) { ENVOY_LOG(trace, "handleOpCompletion op={} ok={} inflight={}", op, ok, inflight_tags_); ASSERT(inflight_tags_ > 0); --inflight_tags_; if (draining_cq_) { if (inflight_tags_ == 0) { deferredDelete(); } // Ignore op completions while draining CQ. return; } // Consider failure cases first. if (!ok) { // Early fails can be just treated as Internal. if (op == GoogleAsyncTag::Operation::Init || op == GoogleAsyncTag::Operation::ReadInitialMetadata) { notifyRemoteClose(Status::WellKnownGrpcStatus::Internal, nullptr, EMPTY_STRING); resetStream(); return; } // Remote server has closed, we can pick up some meaningful status. // TODO(htuch): We're assuming here that a failed Write/WriteLast operation will result in // stream termination, and pick up on the failed Read here. Confirm that this assumption is // valid. if (op == GoogleAsyncTag::Operation::Read) { finish_pending_ = true; rw_->Finish(&status_, &finish_tag_); ++inflight_tags_; } return; } switch (op) { case GoogleAsyncTag::Operation::Init: { ASSERT(ok); ASSERT(!call_initialized_); call_initialized_ = true; rw_->ReadInitialMetadata(&read_initial_metadata_tag_); ++inflight_tags_; writeQueued(); break; } case GoogleAsyncTag::Operation::ReadInitialMetadata: { ASSERT(ok); ASSERT(call_initialized_); rw_->Read(&read_buf_, &read_tag_); ++inflight_tags_; Http::ResponseHeaderMapPtr initial_metadata = Http::ResponseHeaderMapImpl::create(); metadataTranslate(ctxt_.GetServerInitialMetadata(), *initial_metadata); callbacks_.onReceiveInitialMetadata(std::move(initial_metadata)); break; } case GoogleAsyncTag::Operation::Write: { ASSERT(ok); write_pending_ = false; bytes_in_write_pending_queue_ -= write_pending_queue_.front().buf_.value().Length(); write_pending_queue_.pop(); writeQueued(); break; } case GoogleAsyncTag::Operation::WriteLast: { ASSERT(ok); write_pending_ = false; break; } case GoogleAsyncTag::Operation::Read: { ASSERT(ok); auto buffer = GoogleGrpcUtils::makeBufferInstance(read_buf_); if (!buffer || !callbacks_.onReceiveMessageRaw(std::move(buffer))) { // This is basically streamError in Grpc::AsyncClientImpl. notifyRemoteClose(Status::WellKnownGrpcStatus::Internal, nullptr, EMPTY_STRING); resetStream(); break; } rw_->Read(&read_buf_, &read_tag_); ++inflight_tags_; break; } case GoogleAsyncTag::Operation::Finish: { ASSERT(finish_pending_); ENVOY_LOG(debug, "Finish with grpc-status code {}", status_.error_code()); Http::ResponseTrailerMapPtr trailing_metadata = Http::ResponseTrailerMapImpl::create(); metadataTranslate(ctxt_.GetServerTrailingMetadata(), *trailing_metadata); notifyRemoteClose(static_cast(status_.error_code()), std::move(trailing_metadata), status_.error_message()); cleanup(); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } void GoogleAsyncStreamImpl::metadataTranslate( const std::multimap& grpc_metadata, Http::HeaderMap& header_map) { // More painful copying, this time due to the mismatch in header // representation data structures in Envoy and Google gRPC. for (const auto& it : grpc_metadata) { auto key = Http::LowerCaseString(std::string(it.first.data(), it.first.size())); if (absl::EndsWith(key.get(), "-bin")) { auto value = Base64::encode(it.second.data(), it.second.size()); header_map.addCopy(key, value); continue; } header_map.addCopy(key, std::string(it.second.data(), it.second.size())); } } void GoogleAsyncStreamImpl::deferredDelete() { ENVOY_LOG(debug, "Deferred delete"); tls_.unregisterStream(this); // We only get here following cleanup(), which has performed a // remoteFromList(), resulting in self-ownership of the object's memory. // Hence, it is safe here to create a unique_ptr to this and transfer // ownership to dispatcher_.deferredDelete(). After this call, no further // methods may be invoked on this object. dispatcher_.deferredDelete(GoogleAsyncStreamImplPtr(this)); } void GoogleAsyncStreamImpl::cleanup() { ENVOY_LOG(debug, "Stream cleanup with {} in-flight tags", inflight_tags_); // We can get here if the client has already issued resetStream() and, while // this is in progress, the destructor runs. if (draining_cq_) { ENVOY_LOG(debug, "Cleanup already in progress"); return; } draining_cq_ = true; ctxt_.TryCancel(); if (LinkedObject::inserted()) { // We take ownership of our own memory at this point. LinkedObject::removeFromList(parent_.active_streams_).release(); if (inflight_tags_ == 0) { deferredDelete(); } } } GoogleAsyncRequestImpl::GoogleAsyncRequestImpl( GoogleAsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) : GoogleAsyncStreamImpl(parent, service_full_name, method_name, *this, options), request_(std::move(request)), callbacks_(callbacks) { current_span_ = parent_span.spawnChild(Tracing::EgressConfig::get(), "async " + parent.stat_prefix_ + " egress", parent.timeSource().systemTime()); current_span_->setTag(Tracing::Tags::get().UpstreamCluster, parent.stat_prefix_); current_span_->setTag(Tracing::Tags::get().Component, Tracing::Tags::get().Proxy); } void GoogleAsyncRequestImpl::initialize(bool buffer_body_for_retry) { GoogleAsyncStreamImpl::initialize(buffer_body_for_retry); if (callFailed()) { return; } sendMessageRaw(std::move(request_), true); } void GoogleAsyncRequestImpl::cancel() { current_span_->setTag(Tracing::Tags::get().Status, Tracing::Tags::get().Canceled); current_span_->finishSpan(); resetStream(); } void GoogleAsyncRequestImpl::onCreateInitialMetadata(Http::RequestHeaderMap& metadata) { current_span_->injectContext(metadata); callbacks_.onCreateInitialMetadata(metadata); } void GoogleAsyncRequestImpl::onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) {} bool GoogleAsyncRequestImpl::onReceiveMessageRaw(Buffer::InstancePtr&& response) { response_ = std::move(response); return true; } void GoogleAsyncRequestImpl::onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) {} void GoogleAsyncRequestImpl::onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) { current_span_->setTag(Tracing::Tags::get().GrpcStatusCode, std::to_string(status)); if (status != Grpc::Status::WellKnownGrpcStatus::Ok) { current_span_->setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); callbacks_.onFailure(status, message, *current_span_); } else if (response_ == nullptr) { current_span_->setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); callbacks_.onFailure(Status::Internal, EMPTY_STRING, *current_span_); } else { callbacks_.onSuccessRaw(std::move(response_), *current_span_); } current_span_->finishSpan(); } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_async_client_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/stats/scope.h" #include "envoy/thread/thread.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "common/common/linked_object.h" #include "common/common/thread.h" #include "common/common/thread_annotations.h" #include "common/grpc/google_grpc_context.h" #include "common/grpc/stat_names.h" #include "common/grpc/typed_async_client.h" #include "common/tracing/http_tracer_impl.h" #include "absl/container/node_hash_set.h" #include "grpcpp/generic/generic_stub.h" #include "grpcpp/grpcpp.h" #include "grpcpp/support/proto_buffer_writer.h" namespace Envoy { namespace Grpc { class GoogleAsyncStreamImpl; using GoogleAsyncStreamImplPtr = std::unique_ptr; class GoogleAsyncRequestImpl; struct GoogleAsyncTag { // Operation defines tags that are handed to the gRPC AsyncReaderWriter for use in completion // notification for their namesake operations. Read* and Write* operations may be outstanding // simultaneously, but there will be no more than one operation of each type in-flight for a given // stream. Init and Finish will both be issued exclusively when no other operations are in-flight // for a stream. See // https://github.com/grpc/grpc/blob/master/include/grpc%2B%2B/impl/codegen/async_stream.h for // further insight into the semantics of the different gRPC client operations. enum Operation { // Initial stub call issued, waiting for initialization to complete. Init = 0, // Waiting for initial meta-data from server following Init completion. ReadInitialMetadata, // Waiting for response protobuf from server following ReadInitialMetadata completion. Read, // Waiting for write of request protobuf to server to complete. Write, // Waiting for write of request protobuf (EOS) __OR__ an EOS WritesDone to server to complete. WriteLast, // Waiting for final status. This must only be issued once all Read* and Write* operations have // completed. Finish, }; GoogleAsyncTag(GoogleAsyncStreamImpl& stream, Operation op) : stream_(stream), op_(op) {} GoogleAsyncStreamImpl& stream_; const Operation op_; }; class GoogleAsyncClientThreadLocal : public ThreadLocal::ThreadLocalObject, Logger::Loggable { public: GoogleAsyncClientThreadLocal(Api::Api& api); ~GoogleAsyncClientThreadLocal() override; grpc::CompletionQueue& completionQueue() { return cq_; } void registerStream(GoogleAsyncStreamImpl* stream) { ASSERT(streams_.find(stream) == streams_.end()); streams_.insert(stream); } void unregisterStream(GoogleAsyncStreamImpl* stream) { auto it = streams_.find(stream); ASSERT(it != streams_.end()); streams_.erase(it); } private: void completionThread(); // There is blanket google-grpc initialization in MainCommonBase, but that // doesn't cover unit tests. However, putting blanket coverage in ProcessWide // causes background threaded memory allocation in all unit tests making it // hard to measure memory. Thus we also initialize grpc using our idempotent // wrapper-class in classes that need it. See // https://github.com/envoyproxy/envoy/issues/8282 for details. GoogleGrpcContext google_grpc_context_; // The CompletionQueue for in-flight operations. This must precede completion_thread_ to ensure it // is constructed before the thread runs. grpc::CompletionQueue cq_; // The threading model for the Google gRPC C++ library is not directly compatible with Envoy's // siloed model. We resolve this by issuing non-blocking asynchronous // operations on the GoogleAsyncClientImpl silo thread, and then synchronously // blocking on a completion queue, cq_, on a distinct thread. When cq_ events // are delivered, we cross-post to the silo dispatcher to continue the // operation. // // We have an independent completion thread for each TLS silo (i.e. one per worker and // also one for the main thread). Thread::ThreadPtr completion_thread_; // Track all streams that are currently using this CQ, so we can notify them // on shutdown. absl::node_hash_set streams_; }; using GoogleAsyncClientThreadLocalPtr = std::unique_ptr; // Google gRPC client stats. TODO(htuch): consider how a wider set of stats collected by the // library, such as the census related ones, can be externalized as needed. struct GoogleAsyncClientStats { // .streams_total Stats::Counter* streams_total_; // .streams_closed_ std::array streams_closed_; }; // Interface to allow the gRPC stub to be mocked out by tests. class GoogleStub { public: virtual ~GoogleStub() = default; // See grpc::PrepareCall(). virtual std::unique_ptr PrepareCall(grpc::ClientContext* context, const grpc::string& method, grpc::CompletionQueue* cq) PURE; }; using GoogleStubSharedPtr = std::shared_ptr; class GoogleGenericStub : public GoogleStub { public: GoogleGenericStub(std::shared_ptr channel) : stub_(channel) {} std::unique_ptr PrepareCall(grpc::ClientContext* context, const grpc::string& method, grpc::CompletionQueue* cq) override { return stub_.PrepareCall(context, method, cq); } private: grpc::GenericStub stub_; }; // Interface to allow the gRPC stub creation to be mocked out by tests. class GoogleStubFactory { public: virtual ~GoogleStubFactory() = default; // Create a stub from a given channel. virtual GoogleStubSharedPtr createStub(std::shared_ptr channel) PURE; }; class GoogleGenericStubFactory : public GoogleStubFactory { public: GoogleStubSharedPtr createStub(std::shared_ptr channel) override { return std::make_shared(channel); } }; // Google gRPC C++ client library implementation of Grpc::AsyncClient. class GoogleAsyncClientImpl final : public RawAsyncClient, Logger::Loggable { public: GoogleAsyncClientImpl(Event::Dispatcher& dispatcher, GoogleAsyncClientThreadLocal& tls, GoogleStubFactory& stub_factory, Stats::ScopeSharedPtr scope, const envoy::config::core::v3::GrpcService& config, Api::Api& api, const StatNames& stat_names); ~GoogleAsyncClientImpl() override; // Grpc::AsyncClient AsyncRequest* sendRaw(absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr&& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) override; RawAsyncStream* startRaw(absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) override; TimeSource& timeSource() { return dispatcher_.timeSource(); } uint64_t perStreamBufferLimitBytes() const { return per_stream_buffer_limit_bytes_; } private: Event::Dispatcher& dispatcher_; GoogleAsyncClientThreadLocal& tls_; // This is shared with child streams, so that they can cleanup independent of // the client if it gets destructed. The streams need to wait for their tags // to drain from the CQ. GoogleStubSharedPtr stub_; std::list active_streams_; const std::string stat_prefix_; const Protobuf::RepeatedPtrField initial_metadata_; Stats::ScopeSharedPtr scope_; GoogleAsyncClientStats stats_; uint64_t per_stream_buffer_limit_bytes_; friend class GoogleAsyncClientThreadLocal; friend class GoogleAsyncRequestImpl; friend class GoogleAsyncStreamImpl; }; class GoogleAsyncStreamImpl : public RawAsyncStream, public Event::DeferredDeletable, Logger::Loggable, public LinkedObject { public: GoogleAsyncStreamImpl(GoogleAsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options); ~GoogleAsyncStreamImpl() override; virtual void initialize(bool buffer_body_for_retry); // Grpc::RawAsyncStream void sendMessageRaw(Buffer::InstancePtr&& request, bool end_stream) override; void closeStream() override; void resetStream() override; // While the Google-gRPC code doesn't use Envoy watermark buffers, the logical // analog is to make sure that the aren't too many bytes in the pending write // queue. bool isAboveWriteBufferHighWatermark() const override { return bytes_in_write_pending_queue_ > parent_.perStreamBufferLimitBytes(); } protected: bool callFailed() const { return call_failed_; } private: // Process queued events in completed_ops_ with handleOpCompletion() on // GoogleAsyncClient silo thread. void onCompletedOps(); // Handle Operation completion on GoogleAsyncClient silo thread. This is posted by // GoogleAsyncClientThreadLocal::completionThread() when a message is received on cq_. void handleOpCompletion(GoogleAsyncTag::Operation op, bool ok); // Convert from Google gRPC client std::multimap metadata to Envoy Http::HeaderMap. void metadataTranslate(const std::multimap& grpc_metadata, Http::HeaderMap& header_map); // Write the first PendingMessage in the write queue if non-empty. void writeQueued(); // Deliver notification and update stats when the connection closes. void notifyRemoteClose(Status::GrpcStatus grpc_status, Http::ResponseTrailerMapPtr trailing_metadata, const std::string& message); // Schedule stream for deferred deletion. void deferredDelete(); // Cleanup and schedule stream for deferred deletion if no inflight // completions. void cleanup(); // Pending serialized message on write queue. Only one Operation::Write is in-flight at any // point-in-time, so we queue pending writes here. struct PendingMessage { PendingMessage(Buffer::InstancePtr request, bool end_stream); // End-of-stream with no additional message. PendingMessage() = default; const absl::optional buf_{}; const bool end_stream_{true}; }; GoogleAsyncTag init_tag_{*this, GoogleAsyncTag::Operation::Init}; GoogleAsyncTag read_initial_metadata_tag_{*this, GoogleAsyncTag::Operation::ReadInitialMetadata}; GoogleAsyncTag read_tag_{*this, GoogleAsyncTag::Operation::Read}; GoogleAsyncTag write_tag_{*this, GoogleAsyncTag::Operation::Write}; GoogleAsyncTag write_last_tag_{*this, GoogleAsyncTag::Operation::WriteLast}; GoogleAsyncTag finish_tag_{*this, GoogleAsyncTag::Operation::Finish}; GoogleAsyncClientImpl& parent_; GoogleAsyncClientThreadLocal& tls_; // Latch our own version of this reference, so that completionThread() doesn't // try and access via parent_, which might not exist in teardown. We assume // that the dispatcher lives longer than completionThread() life, which should // hold for the expected server object lifetimes. Event::Dispatcher& dispatcher_; // We hold a ref count on the stub_ to allow the stream to wait for its tags // to drain from the CQ on cleanup. GoogleStubSharedPtr stub_; std::string service_full_name_; std::string method_name_; RawAsyncStreamCallbacks& callbacks_; const Http::AsyncClient::StreamOptions& options_; grpc::ClientContext ctxt_; std::unique_ptr rw_; std::queue write_pending_queue_; uint64_t bytes_in_write_pending_queue_{}; grpc::ByteBuffer read_buf_; grpc::Status status_; // Has Operation::Init completed? bool call_initialized_{}; // Did the stub Call fail? If this is true, no Operation::Init completion will ever occur. bool call_failed_{}; // Is there an Operation::Write[Last] in-flight? bool write_pending_{}; // Is an Operation::Finish in-flight? bool finish_pending_{}; // Have we entered CQ draining state? If so, we're just waiting for all our // ops on the CQ to drain away before freeing the stream. bool draining_cq_{}; // Count of the tags in-flight. This must hit zero before the stream can be // freed. uint32_t inflight_tags_{}; // Queue of completed (op, ok) passed from completionThread() to // handleOpCompletion(). std::deque> completed_ops_ ABSL_GUARDED_BY(completed_ops_lock_); Thread::MutexBasicLockable completed_ops_lock_; friend class GoogleAsyncClientImpl; friend class GoogleAsyncClientThreadLocal; }; class GoogleAsyncRequestImpl : public AsyncRequest, public GoogleAsyncStreamImpl, RawAsyncStreamCallbacks { public: GoogleAsyncRequestImpl(GoogleAsyncClientImpl& parent, absl::string_view service_full_name, absl::string_view method_name, Buffer::InstancePtr request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options); void initialize(bool buffer_body_for_retry) override; // Grpc::AsyncRequest void cancel() override; private: // Grpc::RawAsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) override; void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) override; bool onReceiveMessageRaw(Buffer::InstancePtr&& response) override; void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) override; void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; Buffer::InstancePtr request_; RawAsyncRequestCallbacks& callbacks_; Tracing::SpanPtr current_span_; Buffer::InstancePtr response_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_context.cc ================================================ #include "common/grpc/google_grpc_context.h" #include #include "common/common/assert.h" #include "common/common/lock_guard.h" #include "common/common/macros.h" #include "common/common/thread.h" #ifdef ENVOY_GOOGLE_GRPC #include "grpcpp/grpcpp.h" #endif namespace Envoy { namespace Grpc { GoogleGrpcContext::GoogleGrpcContext() : instance_tracker_(instanceTracker()) { #ifdef ENVOY_GOOGLE_GRPC Thread::LockGuard lock(instance_tracker_.mutex_); if (++instance_tracker_.live_instances_ == 1) { grpc_init(); } #endif } GoogleGrpcContext::~GoogleGrpcContext() { #ifdef ENVOY_GOOGLE_GRPC // Per https://github.com/grpc/grpc/issues/20303 it is OK to call // grpc_shutdown_blocking() as long as no one can concurrently call // grpc_init(). We use check_format.py to ensure that this file contains the // only callers to grpc_init(), and the mutex to then make that guarantee // across users of this class. Thread::LockGuard lock(instance_tracker_.mutex_); ASSERT(instance_tracker_.live_instances_ > 0); if (--instance_tracker_.live_instances_ == 0) { grpc_shutdown_blocking(); // Waiting for quiescence avoids non-determinism in tests. } #endif } GoogleGrpcContext::InstanceTracker& GoogleGrpcContext::instanceTracker() { MUTABLE_CONSTRUCT_ON_FIRST_USE(InstanceTracker); } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_context.h ================================================ #pragma once #include "common/common/thread.h" namespace Envoy { namespace Grpc { // Captures global grpc initialization and shutdown. Note that grpc // initialization starts several threads, so it is a little annoying to run them // alongside unrelated tests, particularly if they are trying to track memory // usage, or you are exploiting otherwise consistent run-to-run pointer values // during debug. // // Instantiating this class makes it easy to ensure classes that depend on grpc // libraries get them initialized. class GoogleGrpcContext { public: GoogleGrpcContext(); ~GoogleGrpcContext(); private: struct InstanceTracker { Thread::MutexBasicLockable mutex_; uint64_t live_instances_ ABSL_GUARDED_BY(mutex_) = 0; }; static InstanceTracker& instanceTracker(); InstanceTracker& instance_tracker_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_creds_impl.cc ================================================ #include "common/grpc/google_grpc_creds_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" #include "common/config/datasource.h" namespace Envoy { namespace Grpc { std::shared_ptr CredsUtility::getChannelCredentials( const envoy::config::core::v3::GrpcService::GoogleGrpc& google_grpc, Api::Api& api) { if (google_grpc.has_channel_credentials()) { switch (google_grpc.channel_credentials().credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::ChannelCredentials:: CredentialSpecifierCase::kSslCredentials: { const auto& ssl_credentials = google_grpc.channel_credentials().ssl_credentials(); const grpc::SslCredentialsOptions ssl_credentials_options = { Config::DataSource::read(ssl_credentials.root_certs(), true, api), Config::DataSource::read(ssl_credentials.private_key(), true, api), Config::DataSource::read(ssl_credentials.cert_chain(), true, api), }; return grpc::SslCredentials(ssl_credentials_options); } case envoy::config::core::v3::GrpcService::GoogleGrpc::ChannelCredentials:: CredentialSpecifierCase::kLocalCredentials: { return grpc::experimental::LocalCredentials(UDS); } case envoy::config::core::v3::GrpcService::GoogleGrpc::ChannelCredentials:: CredentialSpecifierCase::kGoogleDefault: { return grpc::GoogleDefaultCredentials(); } default: return nullptr; } } return nullptr; } std::shared_ptr CredsUtility::defaultSslChannelCredentials( const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) { auto creds = getChannelCredentials(grpc_service_config.google_grpc(), api); if (creds != nullptr) { return creds; } return grpc::SslCredentials({}); } std::vector> CredsUtility::callCredentials(const envoy::config::core::v3::GrpcService::GoogleGrpc& google_grpc) { std::vector> creds; for (const auto& credential : google_grpc.call_credentials()) { std::shared_ptr new_call_creds; switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kAccessToken: { new_call_creds = grpc::AccessTokenCredentials(credential.access_token()); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kGoogleComputeEngine: { new_call_creds = grpc::GoogleComputeEngineCredentials(); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kGoogleRefreshToken: { new_call_creds = grpc::GoogleRefreshTokenCredentials(credential.google_refresh_token()); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kServiceAccountJwtAccess: { new_call_creds = grpc::ServiceAccountJWTAccessCredentials( credential.service_account_jwt_access().json_key(), credential.service_account_jwt_access().token_lifetime_seconds()); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kGoogleIam: { new_call_creds = grpc::GoogleIAMCredentials(credential.google_iam().authorization_token(), credential.google_iam().authority_selector()); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kStsService: { grpc::experimental::StsCredentialsOptions options = { credential.sts_service().token_exchange_service_uri(), credential.sts_service().resource(), credential.sts_service().audience(), credential.sts_service().scope(), credential.sts_service().requested_token_type(), credential.sts_service().subject_token_path(), credential.sts_service().subject_token_type(), credential.sts_service().actor_token_path(), credential.sts_service().actor_token_type(), }; new_call_creds = grpc::experimental::StsCredentials(options); break; } default: // We don't handle plugin credentials here, callers can do so instead if they want. continue; } // Any of the above creds creation can fail, if they do they return nullptr // and we ignore them. if (new_call_creds != nullptr) { creds.emplace_back(new_call_creds); } } return creds; } std::shared_ptr CredsUtility::defaultChannelCredentials( const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) { std::shared_ptr channel_creds = getChannelCredentials(grpc_service_config.google_grpc(), api); if (channel_creds == nullptr) { channel_creds = grpc::InsecureChannelCredentials(); } auto call_creds_vec = callCredentials(grpc_service_config.google_grpc()); if (call_creds_vec.empty()) { return channel_creds; } std::shared_ptr call_creds = call_creds_vec[0]; for (uint32_t i = 1; i < call_creds_vec.size(); ++i) { call_creds = grpc::CompositeCallCredentials(call_creds, call_creds_vec[i]); } return grpc::CompositeChannelCredentials(channel_creds, call_creds); } /** * Default implementation of Google Grpc Credentials Factory * Uses ssl creds if available, or defaults to insecure channel. * * This is not the same as google_default credentials. This is the default implementation that is * loaded if no other implementation is configured. */ class DefaultGoogleGrpcCredentialsFactory : public GoogleGrpcCredentialsFactory { public: std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) override { return CredsUtility::defaultChannelCredentials(grpc_service_config, api); } std::string name() const override { return "envoy.grpc_credentials.default"; } }; /** * Static registration for the default Google gRPC credentials factory. @see RegisterFactory. */ REGISTER_FACTORY(DefaultGoogleGrpcCredentialsFactory, GoogleGrpcCredentialsFactory); } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_creds_impl.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "grpcpp/grpcpp.h" namespace Envoy { namespace Grpc { grpc::SslCredentialsOptions buildSslOptionsFromConfig( const envoy::config::core::v3::GrpcService::GoogleGrpc::SslCredentials& ssl_config); std::shared_ptr getGoogleGrpcChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service, Api::Api& api); class CredsUtility { public: /** * Translation from envoy::config::core::v3::GrpcService::GoogleGrpc to grpc::ChannelCredentials * for channel credentials. * @param google_grpc Google gRPC config. * @param api reference to the Api object * @return std::shared_ptr channel credentials. A nullptr * will be returned in the absence of any configured credentials. */ static std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService::GoogleGrpc& google_grpc, Api::Api& api); /** * Static translation from envoy::config::core::v3::GrpcService::GoogleGrpc to a vector of * grpc::CallCredentials. Any plugin based call credentials will be elided. * @param grpc_service Google gRPC config. * @return std::vector> call credentials. */ static std::vector> callCredentials(const envoy::config::core::v3::GrpcService::GoogleGrpc& google_grpc); /** * Default translation from envoy::config::core::v3::GrpcService::GoogleGrpc to * grpc::ChannelCredentials for SSL channel credentials. * @param grpc_service_config gRPC service config. * @param api reference to the Api object * @return std::shared_ptr SSL channel credentials. Empty SSL * credentials will be set in the absence of any configured SSL in grpc_service_config, * forcing the channel to SSL. */ static std::shared_ptr defaultSslChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api); /** * Default static translation from envoy::config::core::v3::GrpcService::GoogleGrpc to * grpc::ChannelCredentials for all non-plugin based channel and call credentials. * @param grpc_service_config gRPC service config. * @param api reference to the Api object * @return std::shared_ptr composite channel and call credentials. * will be set in the absence of any configured SSL in grpc_service_config, forcing the * channel to SSL. */ static std::shared_ptr defaultChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api); }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_utils.cc ================================================ #include "common/grpc/google_grpc_utils.h" #include #include #include #include #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" namespace Envoy { namespace Grpc { namespace { std::shared_ptr getGoogleGrpcChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service, Api::Api& api) { GoogleGrpcCredentialsFactory* credentials_factory = nullptr; const std::string& google_grpc_credentials_factory_name = grpc_service.google_grpc().credentials_factory_name(); if (google_grpc_credentials_factory_name.empty()) { credentials_factory = Registry::FactoryRegistry::getFactory( "envoy.grpc_credentials.default"); } else { credentials_factory = Registry::FactoryRegistry::getFactory( google_grpc_credentials_factory_name); } if (credentials_factory == nullptr) { throw EnvoyException(absl::StrCat("Unknown google grpc credentials factory: ", google_grpc_credentials_factory_name)); } return credentials_factory->getChannelCredentials(grpc_service, api); } } // namespace struct BufferInstanceContainer { BufferInstanceContainer(int ref_count, Buffer::InstancePtr&& buffer) : ref_count_(ref_count), buffer_(std::move(buffer)) {} std::atomic ref_count_; // In case gPRC dereferences in a different threads. Buffer::InstancePtr buffer_; static void derefBufferInstanceContainer(void* container_ptr) { auto container = static_cast(container_ptr); container->ref_count_--; // This is safe because the ref_count_ is never incremented. if (container->ref_count_ <= 0) { delete container; } } }; grpc::ByteBuffer GoogleGrpcUtils::makeByteBuffer(Buffer::InstancePtr&& buffer_instance) { if (!buffer_instance) { return {}; } Buffer::RawSliceVector raw_slices = buffer_instance->getRawSlices(); if (raw_slices.empty()) { return {}; } auto* container = new BufferInstanceContainer{static_cast(raw_slices.size()), std::move(buffer_instance)}; std::vector slices; slices.reserve(raw_slices.size()); for (Buffer::RawSlice& raw_slice : raw_slices) { slices.emplace_back(raw_slice.mem_, raw_slice.len_, &BufferInstanceContainer::derefBufferInstanceContainer, container); } return {&slices[0], slices.size()}; } class GrpcSliceBufferFragmentImpl : public Buffer::BufferFragment { public: explicit GrpcSliceBufferFragmentImpl(grpc::Slice&& slice) : slice_(std::move(slice)) {} // Buffer::BufferFragment const void* data() const override { return slice_.begin(); } size_t size() const override { return slice_.size(); } void done() override { delete this; } private: const grpc::Slice slice_; }; Buffer::InstancePtr GoogleGrpcUtils::makeBufferInstance(const grpc::ByteBuffer& byte_buffer) { auto buffer = std::make_unique(); if (byte_buffer.Length() == 0) { return buffer; } // NB: ByteBuffer::Dump moves the data out of the ByteBuffer so we need to ensure that the // lifetime of the Slice(s) exceeds our Buffer::Instance. std::vector slices; if (!byte_buffer.Dump(&slices).ok()) { return nullptr; } for (auto& slice : slices) { buffer->addBufferFragment(*new GrpcSliceBufferFragmentImpl(std::move(slice))); } return buffer; } grpc::ChannelArguments GoogleGrpcUtils::channelArgsFromConfig(const envoy::config::core::v3::GrpcService& config) { grpc::ChannelArguments args; for (const auto& channel_arg : config.google_grpc().channel_args().args()) { switch (channel_arg.second.value_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::ChannelArgs::Value::kStringValue: { args.SetString(channel_arg.first, channel_arg.second.string_value()); break; } case envoy::config::core::v3::GrpcService::GoogleGrpc::ChannelArgs::Value::kIntValue: { args.SetInt(channel_arg.first, channel_arg.second.int_value()); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } return args; } std::shared_ptr GoogleGrpcUtils::createChannel(const envoy::config::core::v3::GrpcService& config, Api::Api& api) { std::shared_ptr creds = getGoogleGrpcChannelCredentials(config, api); const grpc::ChannelArguments args = channelArgsFromConfig(config); return CreateCustomChannel(config.google_grpc().target_uri(), creds, args); } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/google_grpc_utils.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "grpcpp/grpcpp.h" namespace Envoy { namespace Grpc { class GoogleGrpcUtils { public: /** * Build grpc::ByteBuffer which aliases the data in a Buffer::InstancePtr. * @param buffer source data container. * @return byteBuffer target container aliased to the data in Buffer::Instance and owning the * Buffer::Instance. */ static grpc::ByteBuffer makeByteBuffer(Buffer::InstancePtr&& buffer); /** * Build Buffer::Instance which aliases the data in a grpc::ByteBuffer. * @param buffer source data container. * @return a Buffer::InstancePtr aliased to the data in the provided grpc::ByteBuffer and * owning the corresponding grpc::Slice(s) or nullptr if the grpc::ByteBuffer is bad. */ static Buffer::InstancePtr makeBufferInstance(const grpc::ByteBuffer& buffer); /** * Build grpc::ChannelArguments from gRPC service config. * @param config Google gRPC config. * @return grpc::ChannelArguments corresponding to config. */ static grpc::ChannelArguments channelArgsFromConfig(const envoy::config::core::v3::GrpcService& config); /** * Build gRPC channel based on the given GrpcService configuration. * @param config Google gRPC config. * @param api reference to the Api object * @return static std::shared_ptr a gRPC channel. */ static std::shared_ptr createChannel(const envoy::config::core::v3::GrpcService& config, Api::Api& api); }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/stat_names.cc ================================================ #include "common/grpc/stat_names.h" namespace Envoy { namespace Grpc { StatNames::StatNames(Stats::SymbolTable& symbol_table) : pool_(symbol_table), streams_total_(pool_.add("streams_total")), google_grpc_client_creation_(pool_.add("google_grpc_client_creation")) { for (uint32_t i = 0; i <= Status::WellKnownGrpcStatus::MaximumKnown; ++i) { std::string status_str = absl::StrCat(i); streams_closed_[i] = pool_.add(absl::StrCat("streams_closed_", status_str)); status_names_[status_str] = pool_.add(status_str); } } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/stat_names.h ================================================ #pragma once #include "envoy/grpc/status.h" #include "common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Grpc { /** * Captures symbolized representation for tokens used in grpc stats. These are * broken out so they can be allocated early and used across all gRPC-related * filters. */ struct StatNames { explicit StatNames(Stats::SymbolTable& symbol_table); Stats::StatNamePool pool_; Stats::StatName streams_total_; std::array streams_closed_; absl::flat_hash_map status_names_; // Stat name tracking the creation of the Google grpc client. Stats::StatName google_grpc_client_creation_; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/status.cc ================================================ #include "common/grpc/status.h" namespace Envoy { namespace Grpc { Status::GrpcStatus Utility::httpToGrpcStatus(uint64_t http_response_status) { // From // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md. switch (http_response_status) { case 400: return Status::WellKnownGrpcStatus::Internal; case 401: return Status::WellKnownGrpcStatus::Unauthenticated; case 403: return Status::WellKnownGrpcStatus::PermissionDenied; case 404: return Status::WellKnownGrpcStatus::Unimplemented; case 429: case 502: case 503: case 504: return Status::WellKnownGrpcStatus::Unavailable; default: return Status::WellKnownGrpcStatus::Unknown; } } uint64_t Utility::grpcToHttpStatus(Status::GrpcStatus grpc_status) { // From https://cloud.google.com/apis/design/errors#handling_errors. switch (grpc_status) { case Status::WellKnownGrpcStatus::Ok: return 200; case Status::WellKnownGrpcStatus::Canceled: // Client closed request. return 499; case Status::WellKnownGrpcStatus::Unknown: // Internal server error. return 500; case Status::WellKnownGrpcStatus::InvalidArgument: // Bad request. return 400; case Status::WellKnownGrpcStatus::DeadlineExceeded: // Gateway Time-out. return 504; case Status::WellKnownGrpcStatus::NotFound: // Not found. return 404; case Status::WellKnownGrpcStatus::AlreadyExists: // Conflict. return 409; case Status::WellKnownGrpcStatus::PermissionDenied: // Forbidden. return 403; case Status::WellKnownGrpcStatus::ResourceExhausted: // Too many requests. return 429; case Status::WellKnownGrpcStatus::FailedPrecondition: // Bad request. return 400; case Status::WellKnownGrpcStatus::Aborted: // Conflict. return 409; case Status::WellKnownGrpcStatus::OutOfRange: // Bad request. return 400; case Status::WellKnownGrpcStatus::Unimplemented: // Not implemented. return 501; case Status::WellKnownGrpcStatus::Internal: // Internal server error. return 500; case Status::WellKnownGrpcStatus::Unavailable: // Service unavailable. return 503; case Status::WellKnownGrpcStatus::DataLoss: // Internal server error. return 500; case Status::WellKnownGrpcStatus::Unauthenticated: // Unauthorized. return 401; case Status::WellKnownGrpcStatus::InvalidCode: default: // Internal server error. return 500; } } std::string Utility::grpcStatusToString(Status::GrpcStatus grpc_status) { switch (grpc_status) { case Status::WellKnownGrpcStatus::Ok: return "OK"; case Status::WellKnownGrpcStatus::Canceled: return "Canceled"; case Status::WellKnownGrpcStatus::Unknown: return "Unknown"; case Status::WellKnownGrpcStatus::InvalidArgument: return "InvalidArgument"; case Status::WellKnownGrpcStatus::DeadlineExceeded: return "DeadlineExceeded"; case Status::WellKnownGrpcStatus::NotFound: return "NotFound"; case Status::WellKnownGrpcStatus::AlreadyExists: return "AlreadyExists"; case Status::WellKnownGrpcStatus::PermissionDenied: return "PermissionDenied"; case Status::WellKnownGrpcStatus::ResourceExhausted: return "ResourceExhausted"; case Status::WellKnownGrpcStatus::FailedPrecondition: return "FailedPrecondition"; case Status::WellKnownGrpcStatus::Aborted: return "Aborted"; case Status::WellKnownGrpcStatus::OutOfRange: return "OutOfRange"; case Status::WellKnownGrpcStatus::Unimplemented: return "Unimplemented"; case Status::WellKnownGrpcStatus::Internal: return "Internal"; case Status::WellKnownGrpcStatus::Unavailable: return "Unavailable"; case Status::WellKnownGrpcStatus::DataLoss: return "DataLoss"; case Status::WellKnownGrpcStatus::Unauthenticated: return "Unauthenticated"; case Status::WellKnownGrpcStatus::InvalidCode: default: return "InvalidCode"; } } } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/status.h ================================================ #pragma once #include #include #include "envoy/grpc/status.h" namespace Envoy { namespace Grpc { /** * Grpc::Status utilities. */ class Utility { public: /** * Returns the gRPC status code from a given HTTP response status code. Ordinarily, it is expected * that a 200 response is provided, but gRPC defines a mapping for intermediaries that are not * gRPC aware, see https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md. * @param http_response_status HTTP status code. * @return Status::GrpcStatus corresponding gRPC status code. */ static Status::GrpcStatus httpToGrpcStatus(uint64_t http_response_status); /** * @param grpc_status gRPC status from grpc-status header. * @return uint64_t the canonical HTTP status code corresponding to a gRPC status code. */ static uint64_t grpcToHttpStatus(Status::GrpcStatus grpc_status); /** * @param grpc_status gRPC status from grpc-status header. * @return gRPC status string converted from grpc-status. */ static std::string grpcStatusToString(Status::GrpcStatus grpc_status); }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/typed_async_client.cc ================================================ #include "common/grpc/typed_async_client.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/utility.h" namespace Envoy { namespace Grpc { namespace Internal { void sendMessageUntyped(RawAsyncStream* stream, const Protobuf::Message& request, bool end_stream) { stream->sendMessageRaw(Common::serializeMessage(request), end_stream); } ProtobufTypes::MessagePtr parseMessageUntyped(ProtobufTypes::MessagePtr&& message, Buffer::InstancePtr&& response) { // TODO(htuch): Need to add support for compressed responses as well here. if (response->length() > 0) { Buffer::ZeroCopyInputStreamImpl stream(std::move(response)); if (!message->ParseFromZeroCopyStream(&stream)) { return nullptr; } } return std::move(message); } RawAsyncStream* startUntyped(RawAsyncClient* client, const Protobuf::MethodDescriptor& service_method, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) { return client->startRaw(service_method.service()->full_name(), service_method.name(), callbacks, options); } AsyncRequest* sendUntyped(RawAsyncClient* client, const Protobuf::MethodDescriptor& service_method, const Protobuf::Message& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) { return client->sendRaw(service_method.service()->full_name(), service_method.name(), Common::serializeMessage(request), callbacks, parent_span, options); } } // namespace Internal } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/grpc/typed_async_client.h ================================================ #pragma once #include #include #include "envoy/grpc/async_client.h" #include "common/common/empty_string.h" #include "common/config/version_converter.h" namespace Envoy { namespace Grpc { namespace Internal { /** * Forward declarations for helper functions. */ void sendMessageUntyped(RawAsyncStream* stream, const Protobuf::Message& request, bool end_stream); ProtobufTypes::MessagePtr parseMessageUntyped(ProtobufTypes::MessagePtr&& message, Buffer::InstancePtr&& response); RawAsyncStream* startUntyped(RawAsyncClient* client, const Protobuf::MethodDescriptor& service_method, RawAsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options); AsyncRequest* sendUntyped(RawAsyncClient* client, const Protobuf::MethodDescriptor& service_method, const Protobuf::Message& request, RawAsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options); } // namespace Internal /** * Convenience wrapper for an AsyncStream* providing typed protobuf support. */ template class AsyncStream /* : public RawAsyncStream */ { public: AsyncStream() = default; AsyncStream(RawAsyncStream* stream) : stream_(stream) {} AsyncStream(const AsyncStream& other) = default; void sendMessage(const Protobuf::Message& request, bool end_stream) { Internal::sendMessageUntyped(stream_, std::move(request), end_stream); } void sendMessage(const Protobuf::Message& request, envoy::config::core::v3::ApiVersion transport_api_version, bool end_stream) { Config::VersionConverter::prepareMessageForGrpcWire(const_cast(request), transport_api_version); Internal::sendMessageUntyped(stream_, std::move(request), end_stream); } void closeStream() { stream_->closeStream(); } void resetStream() { stream_->resetStream(); } bool isAboveWriteBufferHighWatermark() const { return stream_->isAboveWriteBufferHighWatermark(); } AsyncStream* operator->() { return this; } AsyncStream operator=(RawAsyncStream* stream) { stream_ = stream; return *this; } bool operator==(RawAsyncStream* stream) const { return stream_ == stream; } bool operator!=(RawAsyncStream* stream) const { return stream_ != stream; } private: RawAsyncStream* stream_{}; }; template using ResponsePtr = std::unique_ptr; /** * Convenience subclasses for AsyncRequestCallbacks. */ template class AsyncRequestCallbacks : public RawAsyncRequestCallbacks { public: ~AsyncRequestCallbacks() override = default; virtual void onSuccess(ResponsePtr&& response, Tracing::Span& span) PURE; private: void onSuccessRaw(Buffer::InstancePtr&& response, Tracing::Span& span) override { auto message = ResponsePtr(dynamic_cast( Internal::parseMessageUntyped(std::make_unique(), std::move(response)) .release())); if (!message) { onFailure(Status::WellKnownGrpcStatus::Internal, "", span); return; } onSuccess(std::move(message), span); } }; /** * Versioned methods wrapper. */ class VersionedMethods { public: VersionedMethods(const std::string& v3, const std::string& v2, const std::string& v2_alpha = "") : v3_(Protobuf::DescriptorPool::generated_pool()->FindMethodByName(v3)), v2_(Protobuf::DescriptorPool::generated_pool()->FindMethodByName(v2)), v2_alpha_(v2_alpha.empty() ? nullptr : Protobuf::DescriptorPool::generated_pool()->FindMethodByName(v2_alpha)) {} /** * Given a version, return the method descriptor for a specific version. * * @param api_version target API version. * @param use_alpha if this is an alpha version of an API method. * * @return Protobuf::MethodDescriptor& of a method for a specific version. */ const Protobuf::MethodDescriptor& getMethodDescriptorForVersion(envoy::config::core::v3::ApiVersion api_version, bool use_alpha = false) const { switch (api_version) { case envoy::config::core::v3::ApiVersion::AUTO: FALLTHRU; case envoy::config::core::v3::ApiVersion::V2: { const auto* descriptor = use_alpha ? v2_alpha_ : v2_; ASSERT(descriptor != nullptr); return *descriptor; } case envoy::config::core::v3::ApiVersion::V3: { const auto* descriptor = v3_; ASSERT(descriptor != nullptr); return *descriptor; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } private: const Protobuf::MethodDescriptor* v3_{nullptr}; const Protobuf::MethodDescriptor* v2_{nullptr}; const Protobuf::MethodDescriptor* v2_alpha_{nullptr}; }; /** * Convenience subclasses for AsyncStreamCallbacks. */ template class AsyncStreamCallbacks : public RawAsyncStreamCallbacks { public: ~AsyncStreamCallbacks() override = default; virtual void onReceiveMessage(ResponsePtr&& message) PURE; private: bool onReceiveMessageRaw(Buffer::InstancePtr&& response) override { auto message = ResponsePtr(dynamic_cast( Internal::parseMessageUntyped(std::make_unique(), std::move(response)) .release())); if (!message) { return false; } onReceiveMessage(std::move(message)); return true; } }; template class AsyncClient /* : public RawAsyncClient )*/ { public: AsyncClient() = default; AsyncClient(RawAsyncClientPtr&& client) : client_(std::move(client)) {} AsyncClient(RawAsyncClientSharedPtr client) : client_(client) {} virtual ~AsyncClient() = default; virtual AsyncRequest* send(const Protobuf::MethodDescriptor& service_method, const Protobuf::Message& request, AsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options) { return Internal::sendUntyped(client_.get(), service_method, request, callbacks, parent_span, options); } virtual AsyncRequest* send(const Protobuf::MethodDescriptor& service_method, const Protobuf::Message& request, AsyncRequestCallbacks& callbacks, Tracing::Span& parent_span, const Http::AsyncClient::RequestOptions& options, envoy::config::core::v3::ApiVersion transport_api_version) { Config::VersionConverter::prepareMessageForGrpcWire(const_cast(request), transport_api_version); return Internal::sendUntyped(client_.get(), service_method, request, callbacks, parent_span, options); } virtual AsyncStream start(const Protobuf::MethodDescriptor& service_method, AsyncStreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions& options) { return AsyncStream( Internal::startUntyped(client_.get(), service_method, callbacks, options)); } AsyncClient* operator->() { return this; } void operator=(RawAsyncClientPtr&& client) { client_ = std::move(client); } void reset() { client_.reset(); } private: RawAsyncClientSharedPtr client_{}; }; } // namespace Grpc } // namespace Envoy ================================================ FILE: source/common/html/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], ) ================================================ FILE: source/common/html/utility.cc ================================================ #include "common/html/utility.h" #include #include "absl/strings/str_replace.h" namespace Envoy { namespace Html { std::string Utility::sanitize(const std::string& text) { return absl::StrReplaceAll( text, {{"&", "&"}, {"<", "<"}, {">", ">"}, {"\"", """}, {"'", "'"}}); } } // namespace Html } // namespace Envoy ================================================ FILE: source/common/html/utility.h ================================================ #pragma once #include namespace Envoy { namespace Html { /** * General HTML utilities. */ class Utility { public: /** * Sanitizes arbitrary text so it can be included in HTML. * @param text arbitrary text to be escaped for safe inclusion in HTML. */ static std::string sanitize(const std::string& text); }; } // namespace Html } // namespace Envoy ================================================ FILE: source/common/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "async_client_lib", srcs = ["async_client_impl.cc"], hdrs = ["async_client_impl.h"], deps = [ "//include/envoy/config:typed_metadata_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/http:async_client_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:context_interface", "//include/envoy/http:header_map_interface", "//include/envoy/http:message_interface", "//include/envoy/router:router_interface", "//include/envoy/router:router_ratelimit_interface", "//include/envoy/router:shadow_writer_interface", "//include/envoy/ssl:connection_interface", "//source/common/common:empty_string", "//source/common/common:linked_object", "//source/common/router:router_lib", "//source/common/stream_info:stream_info_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "async_client_utility_lib", srcs = ["async_client_utility.cc"], hdrs = ["async_client_utility.h"], deps = [ "//include/envoy/http:async_client_interface", ], ) envoy_cc_library( name = "codec_client_lib", srcs = ["codec_client.cc"], hdrs = ["codec_client.h"], deps = [ ":codec_wrappers_lib", ":exception_lib", ":status_lib", ":utility_lib", "//include/envoy/event:deferred_deletable", "//include/envoy/http:codec_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/common:linked_object", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/http/http1:codec_legacy_lib", "//source/common/http/http1:codec_lib", "//source/common/http/http2:codec_legacy_lib", "//source/common/http/http2:codec_lib", "//source/common/http/http3:quic_codec_factory_lib", "//source/common/http/http3:well_known_names", "//source/common/network:filter_lib", "//source/common/runtime:runtime_features_lib", "//source/common/runtime:runtime_lib", ], ) envoy_cc_library( name = "codec_helper_lib", hdrs = ["codec_helper.h"], deps = [ "//include/envoy/http:codec_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "default_server_string_lib", hdrs = ["default_server_string.h"], deps = [ "//source/common/common:macros", ], ) envoy_cc_library( name = "codec_wrappers_lib", hdrs = ["codec_wrappers.h"], deps = ["//include/envoy/http:codec_interface"], ) envoy_cc_library( name = "codes_lib", srcs = ["codes.cc"], hdrs = ["codes.h"], deps = [ ":headers_lib", ":utility_lib", "//include/envoy/http:codes_interface", "//include/envoy/http:header_map_interface", "//include/envoy/stats:stats_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/stats:symbol_table_lib", ], ) envoy_cc_library( name = "context_lib", srcs = ["context_impl.cc"], hdrs = ["context_impl.h"], deps = [ ":codes_lib", ":user_agent_lib", "//include/envoy/http:context_interface", ], ) envoy_cc_library( name = "conn_pool_base_lib", srcs = ["conn_pool_base.cc"], hdrs = ["conn_pool_base.h"], deps = [ ":codec_client_lib", "//include/envoy/http:conn_pool_interface", "//include/envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/conn_pool:conn_pool_base_lib", "//source/common/stats:timespan_lib", "//source/common/upstream:upstream_lib", ], ) envoy_cc_library( name = "conn_manager_config_interface", hdrs = ["conn_manager_config.h"], deps = [ ":date_provider_lib", "//include/envoy/config:config_provider_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:request_id_extension_interface", "//include/envoy/router:rds_interface", "//source/common/local_reply:local_reply_lib", "//source/common/network:utility_lib", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_manager_lib", srcs = [ "filter_manager.cc", ], hdrs = [ "filter_manager.h", ], deps = [ ":headers_lib", "//include/envoy/http:filter_interface", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:linked_object", "//source/common/common:scope_tracker", "//source/common/grpc:common_lib", "//source/common/local_reply:local_reply_lib", ], ) envoy_cc_library( name = "conn_manager_lib", srcs = [ "conn_manager_impl.cc", "conn_manager_utility.cc", ], hdrs = [ "conn_manager_impl.h", "conn_manager_utility.h", ], deps = [ ":codes_lib", ":conn_manager_config_interface", ":exception_lib", ":filter_manager_lib", ":header_map_lib", ":header_utility_lib", ":headers_lib", ":path_utility_lib", ":status_lib", ":user_agent_lib", ":utility_lib", "//include/envoy/access_log:access_log_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/common:scope_tracker_interface", "//include/envoy/common:time_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/http:api_listener_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:context_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:drain_decision_interface", "//include/envoy/network:filter_interface", "//include/envoy/router:rds_interface", "//include/envoy/router:scopes_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:overload_manager_interface", "//include/envoy/ssl:connection_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//include/envoy/stats:timespan_interface", "//include/envoy/upstream:upstream_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:linked_object", "//source/common/common:regex_lib", "//source/common/common:scope_tracker", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/http/http1:codec_legacy_lib", "//source/common/http/http1:codec_lib", "//source/common/http/http2:codec_legacy_lib", "//source/common/http/http2:codec_lib", "//source/common/http/http3:quic_codec_factory_lib", "//source/common/http/http3:well_known_names", "//source/common/network:utility_lib", "//source/common/router:config_lib", "//source/common/router:scoped_rds_lib", "//source/common/stats:timespan_lib", "//source/common/stream_info:stream_info_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "date_provider_lib", srcs = ["date_provider_impl.cc"], hdrs = [ "date_provider.h", "date_provider_impl.h", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/http:header_map_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "exception_lib", hdrs = ["exception.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:header_map_interface", ], ) envoy_cc_library( name = "hash_policy_lib", srcs = ["hash_policy.cc"], hdrs = ["hash_policy.h"], deps = [ ":utility_lib", "//include/envoy/http:hash_policy_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "header_list_view_lib", srcs = ["header_list_view.cc"], hdrs = ["header_list_view.h"], deps = [ "//include/envoy/http:header_map_interface", ], ) envoy_cc_library( name = "header_map_lib", srcs = ["header_map_impl.cc"], hdrs = ["header_map_impl.h"], deps = [ ":headers_lib", "//include/envoy/http:header_map_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/common:empty_string", "//source/common/common:non_copyable", "//source/common/common:utility_lib", "//source/common/runtime:runtime_features_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "headers_lib", hdrs = ["headers.h"], deps = [ "//include/envoy/http:header_map_interface", "//source/common/singleton:const_singleton", "//source/common/singleton:threadsafe_singleton", ], ) envoy_cc_library( name = "message_lib", hdrs = ["message_impl.h"], deps = [ ":header_map_lib", "//include/envoy/http:header_map_interface", "//include/envoy/http:message_interface", "//source/common/buffer:buffer_lib", "//source/common/common:non_copyable", ], ) envoy_cc_library( name = "rest_api_fetcher_lib", srcs = ["rest_api_fetcher.cc"], hdrs = ["rest_api_fetcher.h"], deps = [ ":message_lib", ":utility_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/config:utility_lib", ], ) envoy_cc_library( name = "user_agent_lib", srcs = ["user_agent.cc"], hdrs = ["user_agent.h"], deps = [ ":headers_lib", "//include/envoy/http:header_map_interface", "//include/envoy/network:connection_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//include/envoy/stats:timespan_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = [ "abseil_node_hash_set", "abseil_optional", "http_parser", "nghttp2", ], deps = [ ":exception_lib", ":header_map_lib", ":headers_lib", ":message_lib", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/http:query_params_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/grpc:status_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_features_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "header_utility_lib", srcs = ["header_utility.cc"], hdrs = ["header_utility.h"], external_deps = [ "nghttp2", ], deps = [ ":header_map_lib", ":utility_lib", "//include/envoy/common:regex_interface", "//include/envoy/http:header_map_interface", "//source/common/common:regex_lib", "//source/common/common:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_features_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "path_utility_lib", srcs = ["path_utility.cc"], hdrs = ["path_utility.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/http:header_map_interface", "//source/common/chromium_url", "//source/common/common:logger_lib", ], ) envoy_cc_library( name = "request_id_extension_lib", srcs = [ "request_id_extension_impl.cc", "request_id_extension_uuid_impl.cc", ], hdrs = [ "request_id_extension_impl.h", "request_id_extension_uuid_impl.h", ], deps = [ "//include/envoy/http:request_id_extension_interface", "//include/envoy/server:request_id_extension_config_interface", "//source/common/common:random_generator_lib", "//source/common/config:utility_lib", "//source/common/runtime:runtime_lib", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "status_lib", srcs = ["status.cc"], hdrs = ["status.h"], external_deps = [ "abseil_status", ], deps = [ "//include/envoy/http:codes_interface", "//source/common/common:assert_lib", ], ) ================================================ FILE: source/common/http/async_client_impl.cc ================================================ #include "common/http/async_client_impl.h" #include #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "common/grpc/common.h" #include "common/http/utility.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { const std::vector> AsyncStreamImpl::NullRateLimitPolicy::rate_limit_policy_entry_; const AsyncStreamImpl::NullHedgePolicy AsyncStreamImpl::RouteEntryImpl::hedge_policy_; const AsyncStreamImpl::NullRateLimitPolicy AsyncStreamImpl::RouteEntryImpl::rate_limit_policy_; const AsyncStreamImpl::NullRetryPolicy AsyncStreamImpl::RouteEntryImpl::retry_policy_; const Router::InternalRedirectPolicyImpl AsyncStreamImpl::RouteEntryImpl::internal_redirect_policy_; const std::vector AsyncStreamImpl::RouteEntryImpl::shadow_policies_; const AsyncStreamImpl::NullVirtualHost AsyncStreamImpl::RouteEntryImpl::virtual_host_; const AsyncStreamImpl::NullRateLimitPolicy AsyncStreamImpl::NullVirtualHost::rate_limit_policy_; const AsyncStreamImpl::NullConfig AsyncStreamImpl::NullVirtualHost::route_configuration_; const std::multimap AsyncStreamImpl::RouteEntryImpl::opaque_config_; const envoy::config::core::v3::Metadata AsyncStreamImpl::RouteEntryImpl::metadata_; const Config::TypedMetadataImpl AsyncStreamImpl::RouteEntryImpl::typed_metadata_({}); const AsyncStreamImpl::NullPathMatchCriterion AsyncStreamImpl::RouteEntryImpl::path_match_criterion_; const absl::optional AsyncStreamImpl::RouteEntryImpl::connect_config_nullopt_; const std::list AsyncStreamImpl::NullConfig::internal_only_headers_; AsyncClientImpl::AsyncClientImpl(Upstream::ClusterInfoConstSharedPtr cluster, Stats::Store& stats_store, Event::Dispatcher& dispatcher, const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cm, Runtime::Loader& runtime, Random::RandomGenerator& random, Router::ShadowWriterPtr&& shadow_writer, Http::Context& http_context) : cluster_(cluster), config_("http.async-client.", local_info, stats_store, cm, runtime, random, std::move(shadow_writer), true, false, false, false, {}, dispatcher.timeSource(), http_context), dispatcher_(dispatcher) {} AsyncClientImpl::~AsyncClientImpl() { while (!active_streams_.empty()) { active_streams_.front()->reset(); } } AsyncClient::Request* AsyncClientImpl::send(RequestMessagePtr&& request, AsyncClient::Callbacks& callbacks, const AsyncClient::RequestOptions& options) { AsyncRequestImpl* async_request = new AsyncRequestImpl(std::move(request), *this, callbacks, options); async_request->initialize(); std::unique_ptr new_request{async_request}; // The request may get immediately failed. If so, we will return nullptr. if (!new_request->remote_closed_) { LinkedList::moveIntoList(std::move(new_request), active_streams_); return async_request; } else { new_request->cleanup(); return nullptr; } } AsyncClient::Stream* AsyncClientImpl::start(AsyncClient::StreamCallbacks& callbacks, const AsyncClient::StreamOptions& options) { std::unique_ptr new_stream{new AsyncStreamImpl(*this, callbacks, options)}; LinkedList::moveIntoList(std::move(new_stream), active_streams_); return active_streams_.front().get(); } AsyncStreamImpl::AsyncStreamImpl(AsyncClientImpl& parent, AsyncClient::StreamCallbacks& callbacks, const AsyncClient::StreamOptions& options) : parent_(parent), stream_callbacks_(callbacks), stream_id_(parent.config_.random_.random()), router_(parent.config_), stream_info_(Protocol::Http11, parent.dispatcher().timeSource()), tracing_config_(Tracing::EgressConfig::get()), route_(std::make_shared(parent_.cluster_->name(), options.timeout, options.hash_policy)), send_xff_(options.send_xff) { if (options.buffer_body_for_retry) { buffered_body_ = std::make_unique(); } router_.setDecoderFilterCallbacks(*this); // TODO(mattklein123): Correctly set protocol in stream info when we support access logging. } void AsyncStreamImpl::encodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream, absl::string_view) { ENVOY_LOG(debug, "async http request response headers (end_stream={}):\n{}", end_stream, *headers); ASSERT(!remote_closed_); encoded_response_headers_ = true; stream_callbacks_.onHeaders(std::move(headers), end_stream); closeRemote(end_stream); // At present, the router cleans up stream state as soon as the remote is closed, making a // half-open local stream unsupported and dangerous. Ensure we close locally to trigger completion // and keep things consistent. Another option would be to issue a stream reset here if local isn't // yet closed, triggering cleanup along a more standardized path. However, this would require // additional logic to handle the response completion and subsequent reset, and run the risk of // being interpreted as a failure, when in fact no error has necessarily occurred. Gracefully // closing seems most in-line with behavior elsewhere in Envoy for now. closeLocal(end_stream); } void AsyncStreamImpl::encodeData(Buffer::Instance& data, bool end_stream) { ENVOY_LOG(trace, "async http request response data (length={} end_stream={})", data.length(), end_stream); ASSERT(!remote_closed_); stream_callbacks_.onData(data, end_stream); closeRemote(end_stream); // Ensure we close locally on receiving a complete response; see comment in encodeHeaders for // rationale. closeLocal(end_stream); } void AsyncStreamImpl::encodeTrailers(ResponseTrailerMapPtr&& trailers) { ENVOY_LOG(debug, "async http request response trailers:\n{}", *trailers); ASSERT(!remote_closed_); stream_callbacks_.onTrailers(std::move(trailers)); closeRemote(true); // Ensure we close locally on receiving a complete response; see comment in encodeHeaders for // rationale. closeLocal(true); } void AsyncStreamImpl::sendHeaders(RequestHeaderMap& headers, bool end_stream) { if (Http::Headers::get().MethodValues.Head == headers.getMethodValue()) { is_head_request_ = true; } is_grpc_request_ = Grpc::Common::isGrpcRequestHeaders(headers); headers.setReferenceEnvoyInternalRequest(Headers::get().EnvoyInternalRequestValues.True); if (send_xff_) { Utility::appendXff(headers, *parent_.config_.local_info_.address()); } router_.decodeHeaders(headers, end_stream); closeLocal(end_stream); } void AsyncStreamImpl::sendData(Buffer::Instance& data, bool end_stream) { // Map send calls after local closure to no-ops. The send call could have been queued prior to // remote reset or closure, and/or closure could have occurred synchronously in response to a // previous send. In these cases the router will have already cleaned up stream state. This // parallels handling in the main Http::ConnectionManagerImpl as well. if (local_closed_) { return; } // TODO(mattklein123): We trust callers currently to not do anything insane here if they set up // buffering on an async client call. We should potentially think about limiting the size of // buffering that we allow here. if (buffered_body_ != nullptr) { buffered_body_->add(data); } router_.decodeData(data, end_stream); closeLocal(end_stream); } void AsyncStreamImpl::sendTrailers(RequestTrailerMap& trailers) { // See explanation in sendData. if (local_closed_) { return; } router_.decodeTrailers(trailers); closeLocal(true); } void AsyncStreamImpl::closeLocal(bool end_stream) { // This guard ensures that we don't attempt to clean up a stream or fire a completion callback // for a stream that has already been closed. Both send* calls and resets can result in stream // closure, and this state may be updated synchronously during stream interaction and callbacks. // Additionally AsyncRequestImpl maintains behavior wherein its onComplete callback will fire // immediately upon receiving a complete response, regardless of whether it has finished sending // a request. // Previous logic treated post-closure entry here as more-or-less benign (providing later-stage // guards against redundant cleanup), but to surface consistent stream state via callbacks, // it's necessary to be more rigorous. // TODO(goaway): Consider deeper cleanup of assumptions here. if (local_closed_) { return; } local_closed_ = end_stream; if (complete()) { stream_callbacks_.onComplete(); cleanup(); } } void AsyncStreamImpl::closeRemote(bool end_stream) { // This guard ensures that we don't attempt to clean up a stream or fire a completion callback for // a stream that has already been closed. This function is called synchronously after callbacks // have executed, and it's possible for callbacks to, for instance, directly reset a stream or // close the remote manually. The test case ResetInOnHeaders covers this case specifically. // Previous logic treated post-closure entry here as more-or-less benign (providing later-stage // guards against redundant cleanup), but to surface consistent stream state via callbacks, it's // necessary to be more rigorous. // TODO(goaway): Consider deeper cleanup of assumptions here. if (remote_closed_) { return; } remote_closed_ = end_stream; if (complete()) { stream_callbacks_.onComplete(); cleanup(); } } void AsyncStreamImpl::reset() { router_.onDestroy(); resetStream(); } void AsyncStreamImpl::cleanup() { local_closed_ = remote_closed_ = true; // This will destroy us, but only do so if we are actually in a list. This does not happen in // the immediate failure case. if (inserted()) { dispatcher().deferredDelete(removeFromList(parent_.active_streams_)); } } void AsyncStreamImpl::resetStream() { stream_callbacks_.onReset(); cleanup(); } AsyncRequestImpl::AsyncRequestImpl(RequestMessagePtr&& request, AsyncClientImpl& parent, AsyncClient::Callbacks& callbacks, const AsyncClient::RequestOptions& options) : AsyncStreamImpl(parent, *this, options), request_(std::move(request)), callbacks_(callbacks) { if (nullptr != options.parent_span_) { const std::string child_span_name = options.child_span_name_.empty() ? absl::StrCat("async ", parent.cluster_->name(), " egress") : options.child_span_name_; child_span_ = options.parent_span_->spawnChild(Tracing::EgressConfig::get(), child_span_name, parent.dispatcher().timeSource().systemTime()); } else { child_span_ = std::make_unique(); } child_span_->setSampled(options.sampled_); } void AsyncRequestImpl::initialize() { child_span_->injectContext(request_->headers()); sendHeaders(request_->headers(), request_->body().length() == 0); if (request_->body().length() != 0) { // It's possible this will be a no-op due to a local response synchronously generated in // sendHeaders; guards handle this within AsyncStreamImpl. sendData(request_->body(), true); } // TODO(mattklein123): Support request trailers. } void AsyncRequestImpl::onComplete() { callbacks_.onBeforeFinalizeUpstreamSpan(*child_span_, &response_->headers()); Tracing::HttpTracerUtility::finalizeUpstreamSpan(*child_span_, &response_->headers(), response_->trailers(), streamInfo(), Tracing::EgressConfig::get()); callbacks_.onSuccess(*this, std::move(response_)); } void AsyncRequestImpl::onHeaders(ResponseHeaderMapPtr&& headers, bool) { const uint64_t response_code = Http::Utility::getResponseStatus(*headers); streamInfo().response_code_ = response_code; response_ = std::make_unique(std::move(headers)); } void AsyncRequestImpl::onData(Buffer::Instance& data, bool) { streamInfo().addBytesReceived(data.length()); response_->body().move(data); } void AsyncRequestImpl::onTrailers(ResponseTrailerMapPtr&& trailers) { response_->trailers(std::move(trailers)); } void AsyncRequestImpl::onReset() { if (!cancelled_) { // Set "error reason" tag related to reset. The tagging for "error true" is done inside the // Tracing::HttpTracerUtility::finalizeUpstreamSpan. child_span_->setTag(Tracing::Tags::get().ErrorReason, "Reset"); } callbacks_.onBeforeFinalizeUpstreamSpan(*child_span_, remoteClosed() ? &response_->headers() : nullptr); // Finalize the span based on whether we received a response or not. Tracing::HttpTracerUtility::finalizeUpstreamSpan( *child_span_, remoteClosed() ? &response_->headers() : nullptr, remoteClosed() ? response_->trailers() : nullptr, streamInfo(), Tracing::EgressConfig::get()); if (!cancelled_) { // In this case we don't have a valid response so we do need to raise a failure. callbacks_.onFailure(*this, AsyncClient::FailureReason::Reset); } } void AsyncRequestImpl::cancel() { cancelled_ = true; // Add tags about the cancellation. child_span_->setTag(Tracing::Tags::get().Canceled, Tracing::Tags::get().True); reset(); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/async_client_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/common/scope_tracker.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/event/dispatcher.h" #include "envoy/http/async_client.h" #include "envoy/http/codec.h" #include "envoy/http/context.h" #include "envoy/http/header_map.h" #include "envoy/http/message.h" #include "envoy/router/router.h" #include "envoy/router/router_ratelimit.h" #include "envoy/router/shadow_writer.h" #include "envoy/server/filter_config.h" #include "envoy/ssl/connection.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" #include "common/common/empty_string.h" #include "common/common/linked_object.h" #include "common/http/message_impl.h" #include "common/router/router.h" #include "common/stream_info/stream_info_impl.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { class AsyncStreamImpl; class AsyncRequestImpl; class AsyncClientImpl final : public AsyncClient { public: AsyncClientImpl(Upstream::ClusterInfoConstSharedPtr cluster, Stats::Store& stats_store, Event::Dispatcher& dispatcher, const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cm, Runtime::Loader& runtime, Random::RandomGenerator& random, Router::ShadowWriterPtr&& shadow_writer, Http::Context& http_context); ~AsyncClientImpl() override; // Http::AsyncClient Request* send(RequestMessagePtr&& request, Callbacks& callbacks, const AsyncClient::RequestOptions& options) override; Stream* start(StreamCallbacks& callbacks, const AsyncClient::StreamOptions& options) override; Event::Dispatcher& dispatcher() override { return dispatcher_; } private: Upstream::ClusterInfoConstSharedPtr cluster_; Router::FilterConfig config_; Event::Dispatcher& dispatcher_; std::list> active_streams_; friend class AsyncStreamImpl; friend class AsyncRequestImpl; }; /** * Implementation of AsyncRequest. This implementation is capable of sending HTTP requests to a * ConnectionPool asynchronously. */ class AsyncStreamImpl : public AsyncClient::Stream, public StreamDecoderFilterCallbacks, public Event::DeferredDeletable, Logger::Loggable, public LinkedObject, public ScopeTrackedObject { public: AsyncStreamImpl(AsyncClientImpl& parent, AsyncClient::StreamCallbacks& callbacks, const AsyncClient::StreamOptions& options); // Http::StreamDecoderFilterCallbacks void requestRouteConfigUpdate(Http::RouteConfigUpdatedCallbackSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // Http::AsyncClient::Stream void sendHeaders(RequestHeaderMap& headers, bool end_stream) override; void sendData(Buffer::Instance& data, bool end_stream) override; void sendTrailers(RequestTrailerMap& trailers) override; void reset() override; bool isAboveWriteBufferHighWatermark() const override { return high_watermark_calls_ > 0; } protected: bool remoteClosed() { return remote_closed_; } void closeLocal(bool end_stream); StreamInfo::StreamInfoImpl& streamInfo() override { return stream_info_; } AsyncClientImpl& parent_; private: struct NullHedgePolicy : public Router::HedgePolicy { // Router::HedgePolicy uint32_t initialRequests() const override { return 1; } const envoy::type::v3::FractionalPercent& additionalRequestChance() const override { return additional_request_chance_; } bool hedgeOnPerTryTimeout() const override { return false; } const envoy::type::v3::FractionalPercent additional_request_chance_; }; struct NullRateLimitPolicy : public Router::RateLimitPolicy { // Router::RateLimitPolicy const std::vector>& getApplicableRateLimit(uint64_t) const override { return rate_limit_policy_entry_; } bool empty() const override { return true; } static const std::vector> rate_limit_policy_entry_; }; struct NullRetryPolicy : public Router::RetryPolicy { // Router::RetryPolicy std::chrono::milliseconds perTryTimeout() const override { return std::chrono::milliseconds(0); } std::vector retryHostPredicates() const override { return {}; } Upstream::RetryPrioritySharedPtr retryPriority() const override { return {}; } uint32_t hostSelectionMaxAttempts() const override { return 1; } uint32_t numRetries() const override { return 1; } uint32_t retryOn() const override { return 0; } const std::vector& retriableStatusCodes() const override { return retriable_status_codes_; } const std::vector& retriableHeaders() const override { return retriable_headers_; } const std::vector& retriableRequestHeaders() const override { return retriable_request_headers_; } absl::optional baseInterval() const override { return absl::nullopt; } absl::optional maxInterval() const override { return absl::nullopt; } const std::vector& resetHeaders() const override { return reset_headers_; } std::chrono::milliseconds resetMaxInterval() const override { return std::chrono::milliseconds(300000); } const std::vector retriable_status_codes_{}; const std::vector retriable_headers_{}; const std::vector retriable_request_headers_{}; const std::vector reset_headers_{}; }; struct NullConfig : public Router::Config { Router::RouteConstSharedPtr route(const Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, uint64_t) const override { return nullptr; } Router::RouteConstSharedPtr route(const Router::RouteCallback&, const Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, uint64_t) const override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } const std::list& internalOnlyHeaders() const override { return internal_only_headers_; } const std::string& name() const override { return EMPTY_STRING; } bool usesVhds() const override { return false; } bool mostSpecificHeaderMutationsWins() const override { return false; } static const std::list internal_only_headers_; }; struct NullVirtualHost : public Router::VirtualHost { // Router::VirtualHost Stats::StatName statName() const override { return {}; } const Router::RateLimitPolicy& rateLimitPolicy() const override { return rate_limit_policy_; } const Router::CorsPolicy* corsPolicy() const override { return nullptr; } const Router::Config& routeConfig() const override { return route_configuration_; } const Router::RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override { return nullptr; } bool includeAttemptCountInRequest() const override { return false; } bool includeAttemptCountInResponse() const override { return false; } uint32_t retryShadowBufferLimit() const override { return std::numeric_limits::max(); } static const NullRateLimitPolicy rate_limit_policy_; static const NullConfig route_configuration_; }; struct NullPathMatchCriterion : public Router::PathMatchCriterion { Router::PathMatchType matchType() const override { return Router::PathMatchType::None; } const std::string& matcher() const override { return EMPTY_STRING; } }; struct RouteEntryImpl : public Router::RouteEntry { RouteEntryImpl( const std::string& cluster_name, const absl::optional& timeout, const Protobuf::RepeatedPtrField& hash_policy) : cluster_name_(cluster_name), timeout_(timeout) { if (!hash_policy.empty()) { hash_policy_ = std::make_unique(hash_policy); } } // Router::RouteEntry const std::string& clusterName() const override { return cluster_name_; } Http::Code clusterNotFoundResponseCode() const override { return Http::Code::InternalServerError; } const Router::CorsPolicy* corsPolicy() const override { return nullptr; } void finalizeRequestHeaders(Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, bool) const override {} void finalizeResponseHeaders(Http::ResponseHeaderMap&, const StreamInfo::StreamInfo&) const override {} const HashPolicy* hashPolicy() const override { return hash_policy_.get(); } const Router::HedgePolicy& hedgePolicy() const override { return hedge_policy_; } const Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return nullptr; } Upstream::ResourcePriority priority() const override { return Upstream::ResourcePriority::Default; } const Router::RateLimitPolicy& rateLimitPolicy() const override { return rate_limit_policy_; } const Router::RetryPolicy& retryPolicy() const override { return retry_policy_; } const Router::InternalRedirectPolicy& internalRedirectPolicy() const override { return internal_redirect_policy_; } uint32_t retryShadowBufferLimit() const override { return std::numeric_limits::max(); } const std::vector& shadowPolicies() const override { return shadow_policies_; } std::chrono::milliseconds timeout() const override { if (timeout_) { return timeout_.value(); } else { return std::chrono::milliseconds(0); } } absl::optional idleTimeout() const override { return absl::nullopt; } absl::optional maxStreamDuration() const override { return absl::nullopt; } absl::optional grpcTimeoutHeaderMax() const override { return absl::nullopt; } absl::optional grpcTimeoutHeaderOffset() const override { return absl::nullopt; } absl::optional maxGrpcTimeout() const override { return absl::nullopt; } absl::optional grpcTimeoutOffset() const override { return absl::nullopt; } const Router::VirtualCluster* virtualCluster(const Http::HeaderMap&) const override { return nullptr; } const Router::TlsContextMatchCriteria* tlsContextMatchCriteria() const override { return nullptr; } const std::multimap& opaqueConfig() const override { return opaque_config_; } const Router::VirtualHost& virtualHost() const override { return virtual_host_; } bool autoHostRewrite() const override { return false; } bool includeVirtualHostRateLimits() const override { return true; } const envoy::config::core::v3::Metadata& metadata() const override { return metadata_; } const Config::TypedMetadata& typedMetadata() const override { return typed_metadata_; } const Router::PathMatchCriterion& pathMatchCriterion() const override { return path_match_criterion_; } const Router::RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override { return nullptr; } const absl::optional& connectConfig() const override { return connect_config_nullopt_; } bool includeAttemptCountInRequest() const override { return false; } bool includeAttemptCountInResponse() const override { return false; } const Router::RouteEntry::UpgradeMap& upgradeMap() const override { return upgrade_map_; } const std::string& routeName() const override { return route_name_; } std::unique_ptr hash_policy_; static const NullHedgePolicy hedge_policy_; static const NullRateLimitPolicy rate_limit_policy_; static const NullRetryPolicy retry_policy_; static const Router::InternalRedirectPolicyImpl internal_redirect_policy_; static const std::vector shadow_policies_; static const NullVirtualHost virtual_host_; static const std::multimap opaque_config_; static const envoy::config::core::v3::Metadata metadata_; // Async client doesn't require metadata. static const Config::TypedMetadataImpl typed_metadata_; static const NullPathMatchCriterion path_match_criterion_; Router::RouteEntry::UpgradeMap upgrade_map_; const std::string& cluster_name_; absl::optional timeout_; static const absl::optional connect_config_nullopt_; const std::string route_name_; }; struct RouteImpl : public Router::Route { RouteImpl(const std::string& cluster_name, const absl::optional& timeout, const Protobuf::RepeatedPtrField& hash_policy) : route_entry_(cluster_name, timeout, hash_policy) {} // Router::Route const Router::DirectResponseEntry* directResponseEntry() const override { return nullptr; } const Router::RouteEntry* routeEntry() const override { return &route_entry_; } const Router::Decorator* decorator() const override { return nullptr; } const Router::RouteTracing* tracingConfig() const override { return nullptr; } const Router::RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override { return nullptr; } RouteEntryImpl route_entry_; }; void cleanup(); void closeRemote(bool end_stream); bool complete() { return local_closed_ && remote_closed_; } // Http::StreamDecoderFilterCallbacks const Network::Connection* connection() override { return nullptr; } Event::Dispatcher& dispatcher() override { return parent_.dispatcher_; } void resetStream() override; Router::RouteConstSharedPtr route() override { return route_; } Router::RouteConstSharedPtr route(const Router::RouteCallback&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Upstream::ClusterInfoConstSharedPtr clusterInfo() override { return parent_.cluster_; } void clearRouteCache() override {} uint64_t streamId() const override { return stream_id_; } Tracing::Span& activeSpan() override { return active_span_; } const Tracing::Config& tracingConfig() override { return tracing_config_; } void continueDecoding() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } RequestTrailerMap& addDecodedTrailers() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void addDecodedData(Buffer::Instance&, bool) override { // This should only be called if the user has set up buffering. The request is already fully // buffered. Note that this is only called via the async client's internal use of the router // filter which uses this function for buffering. ASSERT(buffered_body_ != nullptr); } MetadataMapVector& addDecodedMetadata() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void injectDecodedDataToFilterChain(Buffer::Instance&, bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } const Buffer::Instance* decodingBuffer() override { return buffered_body_.get(); } void modifyDecodingBuffer(std::function) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void sendLocalReply(Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) override { if (encoded_response_headers_) { resetStream(); return; } Utility::sendLocalReply( remote_closed_, Utility::EncodeFunctions{nullptr, nullptr, [this, modify_headers, &details](ResponseHeaderMapPtr&& headers, bool end_stream) -> void { if (modify_headers != nullptr) { modify_headers(*headers); } encodeHeaders(std::move(headers), end_stream, details); }, [this](Buffer::Instance& data, bool end_stream) -> void { encodeData(data, end_stream); }}, Utility::LocalReplyData{is_grpc_request_, code, body, grpc_status, is_head_request_}); } // The async client won't pause if sending an Expect: 100-Continue so simply // swallows any incoming encode100Continue. void encode100ContinueHeaders(ResponseHeaderMapPtr&&) override {} void encodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream, absl::string_view details) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeTrailers(ResponseTrailerMapPtr&& trailers) override; void encodeMetadata(MetadataMapPtr&&) override {} void onDecoderFilterAboveWriteBufferHighWatermark() override { ++high_watermark_calls_; } void onDecoderFilterBelowWriteBufferLowWatermark() override { ASSERT(high_watermark_calls_ != 0); --high_watermark_calls_; } void addDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks&) override {} void removeDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks&) override {} void setDecoderBufferLimit(uint32_t) override {} uint32_t decoderBufferLimit() override { return 0; } bool recreateStream() override { return false; } const ScopeTrackedObject& scope() override { return *this; } void addUpstreamSocketOptions(const Network::Socket::OptionsSharedPtr&) override {} Network::Socket::OptionsSharedPtr getUpstreamSocketOptions() const override { return {}; } // ScopeTrackedObject void dumpState(std::ostream& os, int indent_level) const override { const char* spaces = spacesForLevel(indent_level); os << spaces << "AsyncClient " << this << DUMP_MEMBER(stream_id_) << "\n"; DUMP_DETAILS(&stream_info_); } AsyncClient::StreamCallbacks& stream_callbacks_; const uint64_t stream_id_; Router::ProdFilter router_; StreamInfo::StreamInfoImpl stream_info_; Tracing::NullSpan active_span_; const Tracing::Config& tracing_config_; std::shared_ptr route_; uint32_t high_watermark_calls_{}; bool local_closed_{}; bool remote_closed_{}; Buffer::InstancePtr buffered_body_; bool encoded_response_headers_{}; bool is_grpc_request_{}; bool is_head_request_{false}; bool send_xff_{true}; friend class AsyncClientImpl; friend class AsyncClientImplUnitTest; }; class AsyncRequestImpl final : public AsyncClient::Request, AsyncStreamImpl, AsyncClient::StreamCallbacks { public: AsyncRequestImpl(RequestMessagePtr&& request, AsyncClientImpl& parent, AsyncClient::Callbacks& callbacks, const AsyncClient::RequestOptions& options); // AsyncClient::Request void cancel() override; private: void initialize(); // AsyncClient::StreamCallbacks void onHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) override; void onData(Buffer::Instance& data, bool end_stream) override; void onTrailers(ResponseTrailerMapPtr&& trailers) override; void onComplete() override; void onReset() override; // Http::StreamDecoderFilterCallbacks void addDecodedData(Buffer::Instance&, bool) override { // The request is already fully buffered. Note that this is only called via the async client's // internal use of the router filter which uses this function for buffering. } const Buffer::Instance* decodingBuffer() override { return &request_->body(); } void modifyDecodingBuffer(std::function) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } RequestMessagePtr request_; AsyncClient::Callbacks& callbacks_; std::unique_ptr response_; bool cancelled_{}; Tracing::SpanPtr child_span_; friend class AsyncClientImpl; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/async_client_utility.cc ================================================ #include "common/http/async_client_utility.h" #include "common/common/assert.h" namespace Envoy { namespace Http { AsyncClientRequestTracker::~AsyncClientRequestTracker() { for (auto* active_request : active_requests_) { active_request->cancel(); } } void AsyncClientRequestTracker::add(AsyncClient::Request& request) { ASSERT(active_requests_.find(&request) == active_requests_.end(), "request is already tracked."); active_requests_.insert(&request); } void AsyncClientRequestTracker::remove(const AsyncClient::Request& request) { // Notice that use of "const_cast" here is motivated by keeping API convenient for client code. // In the context where remove() will be typically called, request.cancel() is no longer // desirable and therefore get prevented by means of "const" modifier. auto it = active_requests_.find(const_cast(&request)); // Support a use case where request callbacks might get called prior to a request handle // is returned from AsyncClient::send(). if (it != active_requests_.end()) { active_requests_.erase(it); } } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/async_client_utility.h ================================================ #pragma once #include "envoy/http/async_client.h" namespace Envoy { namespace Http { /** * Keeps track of active async HTTP requests to be able to cancel them on destruction. */ class AsyncClientRequestTracker { public: /** * Cancels all known active async HTTP requests. */ ~AsyncClientRequestTracker(); /** * Includes a given async HTTP request into a set of known active requests. * @param request request handle */ void add(AsyncClient::Request& request); /** * Excludes a given async HTTP request from a set of known active requests. * * NOTE: Asymmetry between signatures of add() and remove() is caused by the difference * between contexts in which these methods will be used. * add() will be called right after AsyncClient::send() when request.cancel() is * perfectly valid and desirable. * However, remove() will be called in the context of * AsyncClient::Callbacks::[onSuccess | onFailure] where request.cancel() is no longer * expected and therefore get prevented by means of "const" modifier. * * @param request request handle */ void remove(const AsyncClient::Request& request); private: // Track active async HTTP requests to be able to cancel them on destruction. absl::flat_hash_set active_requests_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codec_client.cc ================================================ #include "common/http/codec_client.h" #include #include #include "envoy/http/codec.h" #include "common/common/enum_to_int.h" #include "common/config/utility.h" #include "common/http/exception.h" #include "common/http/http1/codec_impl.h" #include "common/http/http1/codec_impl_legacy.h" #include "common/http/http2/codec_impl.h" #include "common/http/http2/codec_impl_legacy.h" #include "common/http/http3/quic_codec_factory.h" #include "common/http/http3/well_known_names.h" #include "common/http/status.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" #include "common/runtime/runtime_impl.h" namespace Envoy { namespace Http { CodecClient::CodecClient(Type type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher) : type_(type), host_(host), connection_(std::move(connection)), idle_timeout_(host_->cluster().idleTimeout()) { if (type_ != Type::HTTP3) { // Make sure upstream connections process data and then the FIN, rather than processing // TCP disconnects immediately. (see https://github.com/envoyproxy/envoy/issues/1679 for // details) connection_->detectEarlyCloseWhenReadDisabled(false); } connection_->addConnectionCallbacks(*this); connection_->addReadFilter(Network::ReadFilterSharedPtr{new CodecReadFilter(*this)}); ENVOY_CONN_LOG(debug, "connecting", *connection_); connection_->connect(); if (idle_timeout_) { idle_timer_ = dispatcher.createTimer([this]() -> void { onIdleTimeout(); }); enableIdleTimer(); } // We just universally set no delay on connections. Theoretically we might at some point want // to make this configurable. connection_->noDelay(true); } CodecClient::~CodecClient() = default; void CodecClient::close() { connection_->close(Network::ConnectionCloseType::NoFlush); } void CodecClient::deleteRequest(ActiveRequest& request) { connection_->dispatcher().deferredDelete(request.removeFromList(active_requests_)); if (codec_client_callbacks_) { codec_client_callbacks_->onStreamDestroy(); } if (numActiveRequests() == 0) { enableIdleTimer(); } } RequestEncoder& CodecClient::newStream(ResponseDecoder& response_decoder) { ActiveRequestPtr request(new ActiveRequest(*this, response_decoder)); request->encoder_ = &codec_->newStream(*request); request->encoder_->getStream().addCallbacks(*request); LinkedList::moveIntoList(std::move(request), active_requests_); disableIdleTimer(); return *active_requests_.front()->encoder_; } void CodecClient::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::Connected) { ENVOY_CONN_LOG(debug, "connected", *connection_); connection_->streamInfo().setDownstreamSslConnection(connection_->ssl()); connected_ = true; } if (event == Network::ConnectionEvent::RemoteClose) { remote_closed_ = true; } // HTTP/1 can signal end of response by disconnecting. We need to handle that case. if (type_ == Type::HTTP1 && event == Network::ConnectionEvent::RemoteClose && !active_requests_.empty()) { Buffer::OwnedImpl empty; onData(empty); } if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { ENVOY_CONN_LOG(debug, "disconnect. resetting {} pending requests", *connection_, active_requests_.size()); disableIdleTimer(); idle_timer_.reset(); while (!active_requests_.empty()) { // Fake resetting all active streams so that reset() callbacks get invoked. active_requests_.front()->encoder_->getStream().resetStream( connected_ ? StreamResetReason::ConnectionTermination : StreamResetReason::ConnectionFailure); } } } void CodecClient::responseDecodeComplete(ActiveRequest& request) { ENVOY_CONN_LOG(debug, "response complete", *connection_); deleteRequest(request); // HTTP/2 can send us a reset after a complete response if the request was not complete. Users // of CodecClient will deal with the premature response case and we should not handle any // further reset notification. request.encoder_->getStream().removeCallbacks(request); } void CodecClient::onReset(ActiveRequest& request, StreamResetReason reason) { ENVOY_CONN_LOG(debug, "request reset", *connection_); if (codec_client_callbacks_) { codec_client_callbacks_->onStreamReset(reason); } deleteRequest(request); } void CodecClient::onData(Buffer::Instance& data) { bool protocol_error = false; const Status status = codec_->dispatch(data); if (isCodecProtocolError(status)) { ENVOY_CONN_LOG(debug, "protocol error: {}", *connection_, status.message()); close(); protocol_error = true; } else if (isPrematureResponseError(status)) { ENVOY_CONN_LOG(debug, "premature response", *connection_); close(); // Don't count 408 responses where we have no active requests as protocol errors if (!active_requests_.empty() || getPrematureResponseHttpCode(status) != Code::RequestTimeout) { protocol_error = true; } } if (protocol_error) { host_->cluster().stats().upstream_cx_protocol_error_.inc(); } } CodecClientProd::CodecClientProd(Type type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator) : CodecClient(type, std::move(connection), host, dispatcher) { switch (type) { case Type::HTTP1: { if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.new_codec_behavior")) { codec_ = std::make_unique( *connection_, host->cluster().http1CodecStats(), *this, host->cluster().http1Settings(), host->cluster().maxResponseHeadersCount()); } else { codec_ = std::make_unique( *connection_, host->cluster().http1CodecStats(), *this, host->cluster().http1Settings(), host->cluster().maxResponseHeadersCount()); } break; } case Type::HTTP2: { if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.new_codec_behavior")) { codec_ = std::make_unique( *connection_, *this, host->cluster().http2CodecStats(), random_generator, host->cluster().http2Options(), Http::DEFAULT_MAX_REQUEST_HEADERS_KB, host->cluster().maxResponseHeadersCount(), Http2::ProdNghttp2SessionFactory::get()); } else { codec_ = std::make_unique( *connection_, *this, host->cluster().http2CodecStats(), random_generator, host->cluster().http2Options(), Http::DEFAULT_MAX_REQUEST_HEADERS_KB, host->cluster().maxResponseHeadersCount(), Http2::ProdNghttp2SessionFactory::get()); } break; } case Type::HTTP3: { codec_ = std::unique_ptr( Config::Utility::getAndCheckFactoryByName( Http::QuicCodecNames::get().Quiche) .createQuicClientConnection(*connection_, *this)); break; } } } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codec_client.h ================================================ #pragma once #include #include #include #include "envoy/common/random_generator.h" #include "envoy/event/deferred_deletable.h" #include "envoy/event/timer.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/http/codec_wrappers.h" #include "common/network/filter_impl.h" namespace Envoy { namespace Http { /** * Callbacks specific to a codec client. */ class CodecClientCallbacks { public: virtual ~CodecClientCallbacks() = default; /** * Called every time an owned stream is destroyed, whether complete or not. */ virtual void onStreamDestroy() PURE; /** * Called when a stream is reset by the client. * @param reason supplies the reset reason. */ virtual void onStreamReset(StreamResetReason reason) PURE; }; /** * This is an HTTP client that multiple stream management and underlying connection management * across multiple HTTP codec types. */ class CodecClient : Logger::Loggable, public Http::ConnectionCallbacks, public Network::ConnectionCallbacks, public Event::DeferredDeletable { public: /** * Type of HTTP codec to use. */ enum class Type { HTTP1, HTTP2, HTTP3 }; ~CodecClient() override; /** * Add a connection callback to the underlying network connection. */ void addConnectionCallbacks(Network::ConnectionCallbacks& cb) { connection_->addConnectionCallbacks(cb); } /** * Close the underlying network connection. This is immediate and will not attempt to flush any * pending write data. */ void close(); /** * Send a codec level go away indication to the peer. */ void goAway() { codec_->goAway(); } /** * @return the underlying connection ID. */ uint64_t id() const { return connection_->id(); } /** * @return the underlying codec protocol. */ Protocol protocol() { return codec_->protocol(); } /** * @return the underlying connection error. */ absl::string_view connectionFailureReason() { return connection_->transportFailureReason(); } /** * @return size_t the number of outstanding requests that have not completed or been reset. */ size_t numActiveRequests() { return active_requests_.size(); } /** * Create a new stream. Note: The CodecClient will NOT buffer multiple requests for HTTP1 * connections. Thus, calling newStream() before the previous request has been fully encoded * is an error. Pipelining is supported however. * @param response_decoder supplies the decoder to use for response callbacks. * @return StreamEncoder& the encoder to use for encoding the request. */ RequestEncoder& newStream(ResponseDecoder& response_decoder); void setConnectionStats(const Network::Connection::ConnectionStats& stats) { connection_->setConnectionStats(stats); } void setCodecClientCallbacks(CodecClientCallbacks& callbacks) { codec_client_callbacks_ = &callbacks; } void setCodecConnectionCallbacks(Http::ConnectionCallbacks& callbacks) { codec_callbacks_ = &callbacks; } bool remoteClosed() const { return remote_closed_; } Type type() const { return type_; } const StreamInfo::StreamInfo& streamInfo() { return connection_->streamInfo(); } protected: /** * Create a codec client and connect to a remote host/port. * @param type supplies the codec type. * @param connection supplies the connection to communicate on. * @param host supplies the owning host. */ CodecClient(Type type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher); // Http::ConnectionCallbacks void onGoAway(GoAwayErrorCode error_code) override { if (codec_callbacks_) { codec_callbacks_->onGoAway(error_code); } } void onIdleTimeout() { host_->cluster().stats().upstream_cx_idle_timeout_.inc(); close(); } void disableIdleTimer() { if (idle_timer_ != nullptr) { idle_timer_->disableTimer(); } } void enableIdleTimer() { if (idle_timer_ != nullptr) { idle_timer_->enableTimer(idle_timeout_.value()); } } const Type type_; // The order of host_, connection_, and codec_ matter as during destruction each can refer to // the previous, at least in tests. Upstream::HostDescriptionConstSharedPtr host_; Network::ClientConnectionPtr connection_; ClientConnectionPtr codec_; Event::TimerPtr idle_timer_; const absl::optional idle_timeout_; private: /** * Wrapper read filter to drive incoming connection data into the codec. We could potentially * support other filters in the future. */ struct CodecReadFilter : public Network::ReadFilterBaseImpl { CodecReadFilter(CodecClient& parent) : parent_(parent) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool) override { parent_.onData(data); return Network::FilterStatus::StopIteration; } CodecClient& parent_; }; struct ActiveRequest; /** * Wrapper for an outstanding request. Designed for handling stream multiplexing. */ struct ActiveRequest : LinkedObject, public Event::DeferredDeletable, public StreamCallbacks, public ResponseDecoderWrapper { ActiveRequest(CodecClient& parent, ResponseDecoder& inner) : ResponseDecoderWrapper(inner), parent_(parent) {} // StreamCallbacks void onResetStream(StreamResetReason reason, absl::string_view) override { parent_.onReset(*this, reason); } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // StreamDecoderWrapper void onPreDecodeComplete() override { parent_.responseDecodeComplete(*this); } void onDecodeComplete() override {} RequestEncoder* encoder_{}; CodecClient& parent_; }; using ActiveRequestPtr = std::unique_ptr; /** * Called when a response finishes decoding. This is called *before* forwarding on to the * wrapped decoder. */ void responseDecodeComplete(ActiveRequest& request); void deleteRequest(ActiveRequest& request); void onReset(ActiveRequest& request, StreamResetReason reason); void onData(Buffer::Instance& data); // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; // Pass watermark events from the connection on to the codec which will pass it to the underlying // streams. void onAboveWriteBufferHighWatermark() override { codec_->onUnderlyingConnectionAboveWriteBufferHighWatermark(); } void onBelowWriteBufferLowWatermark() override { codec_->onUnderlyingConnectionBelowWriteBufferLowWatermark(); } std::list active_requests_; Http::ConnectionCallbacks* codec_callbacks_{}; CodecClientCallbacks* codec_client_callbacks_{}; bool connected_{}; bool remote_closed_{}; }; using CodecClientPtr = std::unique_ptr; /** * Production implementation that installs a real codec. */ class CodecClientProd : public CodecClient { public: CodecClientProd(Type type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codec_helper.h ================================================ #pragma once #include "envoy/http/codec.h" #include "common/common/assert.h" #include "absl/container/inlined_vector.h" namespace Envoy { namespace Http { class StreamCallbackHelper { public: void runLowWatermarkCallbacks() { if (reset_callbacks_started_ || local_end_stream_) { return; } ASSERT(high_watermark_callbacks_ > 0); --high_watermark_callbacks_; for (StreamCallbacks* callbacks : callbacks_) { if (callbacks) { callbacks->onBelowWriteBufferLowWatermark(); } } } void runHighWatermarkCallbacks() { if (reset_callbacks_started_ || local_end_stream_) { return; } ++high_watermark_callbacks_; for (StreamCallbacks* callbacks : callbacks_) { if (callbacks) { callbacks->onAboveWriteBufferHighWatermark(); } } } void runResetCallbacks(StreamResetReason reason) { // Reset callbacks are a special case, and the only StreamCallbacks allowed // to run after local_end_stream_. if (reset_callbacks_started_) { return; } reset_callbacks_started_ = true; for (StreamCallbacks* callbacks : callbacks_) { if (callbacks) { callbacks->onResetStream(reason, absl::string_view()); } } } bool local_end_stream_{}; protected: void addCallbacksHelper(StreamCallbacks& callbacks) { ASSERT(!reset_callbacks_started_ && !local_end_stream_); callbacks_.push_back(&callbacks); for (uint32_t i = 0; i < high_watermark_callbacks_; ++i) { callbacks.onAboveWriteBufferHighWatermark(); } } void removeCallbacksHelper(StreamCallbacks& callbacks) { // For performance reasons we just clear the callback and do not resize the vector. // Reset callbacks scale with the number of filters per request and do not get added and // removed multiple times. // The vector may not be safely resized without making sure the run.*Callbacks() helper // functions above still handle removeCallbacksHelper() calls mid-loop. for (auto& callback : callbacks_) { if (callback == &callbacks) { callback = nullptr; return; } } } private: absl::InlinedVector callbacks_; bool reset_callbacks_started_{}; uint32_t high_watermark_callbacks_{}; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codec_wrappers.h ================================================ #pragma once #include "envoy/http/codec.h" namespace Envoy { namespace Http { /** * Wrapper for ResponseDecoder that just forwards to an "inner" decoder. */ class ResponseDecoderWrapper : public ResponseDecoder { public: // ResponseDecoder void decode100ContinueHeaders(ResponseHeaderMapPtr&& headers) override { inner_.decode100ContinueHeaders(std::move(headers)); } void decodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) override { if (end_stream) { onPreDecodeComplete(); } inner_.decodeHeaders(std::move(headers), end_stream); if (end_stream) { onDecodeComplete(); } } void decodeData(Buffer::Instance& data, bool end_stream) override { if (end_stream) { onPreDecodeComplete(); } inner_.decodeData(data, end_stream); if (end_stream) { onDecodeComplete(); } } void decodeTrailers(ResponseTrailerMapPtr&& trailers) override { onPreDecodeComplete(); inner_.decodeTrailers(std::move(trailers)); onDecodeComplete(); } void decodeMetadata(MetadataMapPtr&& metadata_map) override { inner_.decodeMetadata(std::move(metadata_map)); } protected: ResponseDecoderWrapper(ResponseDecoder& inner) : inner_(inner) {} /** * Consumers of the wrapper generally want to know when a decode is complete. This is called * at that time and is implemented by derived classes. */ virtual void onPreDecodeComplete() PURE; virtual void onDecodeComplete() PURE; ResponseDecoder& inner_; }; /** * Wrapper for RequestEncoder that just forwards to an "inner" encoder. */ class RequestEncoderWrapper : public RequestEncoder { public: // RequestEncoder void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) override { inner_.encodeHeaders(headers, end_stream); if (end_stream) { onEncodeComplete(); } } void encodeData(Buffer::Instance& data, bool end_stream) override { inner_.encodeData(data, end_stream); if (end_stream) { onEncodeComplete(); } } void encodeTrailers(const RequestTrailerMap& trailers) override { inner_.encodeTrailers(trailers); onEncodeComplete(); } void encodeMetadata(const MetadataMapVector& metadata_map_vector) override { inner_.encodeMetadata(metadata_map_vector); } Stream& getStream() override { return inner_.getStream(); } Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return inner_.http1StreamEncoderOptions(); } protected: RequestEncoderWrapper(RequestEncoder& inner) : inner_(inner) {} /** * Consumers of the wrapper generally want to know when an encode is complete. This is called at * that time and is implemented by derived classes. */ virtual void onEncodeComplete() PURE; RequestEncoder& inner_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codes.cc ================================================ #include "common/http/codes.h" #include #include #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" #include "common/common/enum_to_int.h" #include "common/common/utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Http { CodeStatsImpl::CodeStatsImpl(Stats::SymbolTable& symbol_table) : stat_name_pool_(symbol_table), symbol_table_(symbol_table), canary_(stat_name_pool_.add("canary")), external_(stat_name_pool_.add("external")), internal_(stat_name_pool_.add("internal")), upstream_rq_1xx_(stat_name_pool_.add("upstream_rq_1xx")), upstream_rq_2xx_(stat_name_pool_.add("upstream_rq_2xx")), upstream_rq_3xx_(stat_name_pool_.add("upstream_rq_3xx")), upstream_rq_4xx_(stat_name_pool_.add("upstream_rq_4xx")), upstream_rq_5xx_(stat_name_pool_.add("upstream_rq_5xx")), upstream_rq_unknown_(stat_name_pool_.add("upstream_rq_unknown")), // Covers invalid http // response codes e.g. 600. upstream_rq_completed_(stat_name_pool_.add("upstream_rq_completed")), upstream_rq_time_(stat_name_pool_.add("upstream_rq_time")), vcluster_(stat_name_pool_.add("vcluster")), vhost_(stat_name_pool_.add("vhost")), zone_(stat_name_pool_.add("zone")) { // Pre-allocate response codes 200, 404, and 503, as those seem quite likely. // We don't pre-allocate all the HTTP codes because the first 127 allocations // are likely to be encoded in one byte, and we would rather spend those on // common components of stat-names that appear frequently. upstreamRqStatName(Code::OK); upstreamRqStatName(Code::NotFound); upstreamRqStatName(Code::ServiceUnavailable); } void CodeStatsImpl::incCounter(Stats::Scope& scope, const Stats::StatNameVec& names) const { const Stats::SymbolTable::StoragePtr stat_name_storage = symbol_table_.join(names); scope.counterFromStatName(Stats::StatName(stat_name_storage.get())).inc(); } void CodeStatsImpl::incCounter(Stats::Scope& scope, Stats::StatName a, Stats::StatName b) const { const Stats::SymbolTable::StoragePtr stat_name_storage = symbol_table_.join({a, b}); scope.counterFromStatName(Stats::StatName(stat_name_storage.get())).inc(); } void CodeStatsImpl::recordHistogram(Stats::Scope& scope, const Stats::StatNameVec& names, Stats::Histogram::Unit unit, uint64_t count) const { const Stats::SymbolTable::StoragePtr stat_name_storage = symbol_table_.join(names); scope.histogramFromStatName(Stats::StatName(stat_name_storage.get()), unit).recordValue(count); } void CodeStatsImpl::chargeBasicResponseStat(Stats::Scope& scope, Stats::StatName prefix, Code response_code) const { ASSERT(&symbol_table_ == &scope.symbolTable()); // Build a dynamic stat for the response code and increment it. incCounter(scope, prefix, upstream_rq_completed_); const Stats::StatName rq_group = upstreamRqGroup(response_code); if (!rq_group.empty()) { incCounter(scope, prefix, rq_group); } incCounter(scope, prefix, upstreamRqStatName(response_code)); } void CodeStatsImpl::chargeResponseStat(const ResponseStatInfo& info) const { const Code code = static_cast(info.response_status_code_); ASSERT(&info.cluster_scope_.symbolTable() == &symbol_table_); chargeBasicResponseStat(info.cluster_scope_, info.prefix_, code); const Stats::StatName rq_group = upstreamRqGroup(code); const Stats::StatName rq_code = upstreamRqStatName(code); // If the response is from a canary, also create canary stats. if (info.upstream_canary_) { writeCategory(info, rq_group, rq_code, canary_); } // Split stats into external vs. internal. if (info.internal_request_) { writeCategory(info, rq_group, rq_code, internal_); } else { writeCategory(info, rq_group, rq_code, external_); } // Handle request virtual cluster. if (!info.request_vcluster_name_.empty()) { incCounter(info.global_scope_, {vhost_, info.request_vhost_name_, vcluster_, info.request_vcluster_name_, upstream_rq_completed_}); incCounter(info.global_scope_, {vhost_, info.request_vhost_name_, vcluster_, info.request_vcluster_name_, rq_group}); incCounter(info.global_scope_, {vhost_, info.request_vhost_name_, vcluster_, info.request_vcluster_name_, rq_code}); } // Handle per zone stats. if (!info.from_zone_.empty() && !info.to_zone_.empty()) { incCounter(info.cluster_scope_, {info.prefix_, zone_, info.from_zone_, info.to_zone_, upstream_rq_completed_}); incCounter(info.cluster_scope_, {info.prefix_, zone_, info.from_zone_, info.to_zone_, rq_group}); incCounter(info.cluster_scope_, {info.prefix_, zone_, info.from_zone_, info.to_zone_, rq_code}); } } void CodeStatsImpl::writeCategory(const ResponseStatInfo& info, Stats::StatName rq_group, Stats::StatName rq_code, Stats::StatName category) const { incCounter(info.cluster_scope_, {info.prefix_, category, upstream_rq_completed_}); if (!rq_group.empty()) { incCounter(info.cluster_scope_, {info.prefix_, category, rq_group}); } incCounter(info.cluster_scope_, {info.prefix_, category, rq_code}); } void CodeStatsImpl::chargeResponseTiming(const ResponseTimingInfo& info) const { const uint64_t count = info.response_time_.count(); recordHistogram(info.cluster_scope_, {info.prefix_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); if (info.upstream_canary_) { recordHistogram(info.cluster_scope_, {info.prefix_, canary_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); } if (info.internal_request_) { recordHistogram(info.cluster_scope_, {info.prefix_, internal_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); } else { recordHistogram(info.cluster_scope_, {info.prefix_, external_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); } if (!info.request_vcluster_name_.empty()) { recordHistogram(info.global_scope_, {vhost_, info.request_vhost_name_, vcluster_, info.request_vcluster_name_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); } // Handle per zone stats. if (!info.from_zone_.empty() && !info.to_zone_.empty()) { recordHistogram(info.cluster_scope_, {info.prefix_, zone_, info.from_zone_, info.to_zone_, upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, count); } } Stats::StatName CodeStatsImpl::upstreamRqGroup(Code response_code) const { switch (enumToInt(response_code) / 100) { case 1: return upstream_rq_1xx_; case 2: return upstream_rq_2xx_; case 3: return upstream_rq_3xx_; case 4: return upstream_rq_4xx_; case 5: return upstream_rq_5xx_; } return empty_; // Unknown codes do not go into a group. } Stats::StatName CodeStatsImpl::upstreamRqStatName(Code response_code) const { // Take a lock only if we've never seen this response-code before. const uint32_t rc_index = static_cast(response_code) - HttpCodeOffset; if (rc_index >= NumHttpCodes) { return upstream_rq_unknown_; } return Stats::StatName(rc_stat_names_.get(rc_index, [this, response_code]() -> const uint8_t* { return stat_name_pool_.addReturningStorage( absl::StrCat("upstream_rq_", enumToInt(response_code))); })); } std::string CodeUtility::groupStringForResponseCode(Code response_code) { // Note: this is only used in the unit test and in dynamo_filter.cc, which // needs the same sort of symbolization treatment we are doing here. if (CodeUtility::is1xx(enumToInt(response_code))) { return "1xx"; } else if (CodeUtility::is2xx(enumToInt(response_code))) { return "2xx"; } else if (CodeUtility::is3xx(enumToInt(response_code))) { return "3xx"; } else if (CodeUtility::is4xx(enumToInt(response_code))) { return "4xx"; } else if (CodeUtility::is5xx(enumToInt(response_code))) { return "5xx"; } else { return ""; } } const char* CodeUtility::toString(Code code) { // clang-format off switch (code) { // 1xx case Code::Continue: return "Continue"; case Code::SwitchingProtocols: return "Switching Protocols"; // 2xx case Code::OK: return "OK"; case Code::Created: return "Created"; case Code::Accepted: return "Accepted"; case Code::NonAuthoritativeInformation: return "Non-Authoritative Information"; case Code::NoContent: return "No Content"; case Code::ResetContent: return "Reset Content"; case Code::PartialContent: return "Partial Content"; case Code::MultiStatus: return "Multi-Status"; case Code::AlreadyReported: return "Already Reported"; case Code::IMUsed: return "IM Used"; // 3xx case Code::MultipleChoices: return "Multiple Choices"; case Code::MovedPermanently: return "Moved Permanently"; case Code::Found: return "Found"; case Code::SeeOther: return "See Other"; case Code::NotModified: return "Not Modified"; case Code::UseProxy: return "Use Proxy"; case Code::TemporaryRedirect: return "Temporary Redirect"; case Code::PermanentRedirect: return "Permanent Redirect"; // 4xx case Code::BadRequest: return "Bad Request"; case Code::Unauthorized: return "Unauthorized"; case Code::PaymentRequired: return "Payment Required"; case Code::Forbidden: return "Forbidden"; case Code::NotFound: return "Not Found"; case Code::MethodNotAllowed: return "Method Not Allowed"; case Code::NotAcceptable: return "Not Acceptable"; case Code::ProxyAuthenticationRequired: return "Proxy Authentication Required"; case Code::RequestTimeout: return "Request Timeout"; case Code::Conflict: return "Conflict"; case Code::Gone: return "Gone"; case Code::LengthRequired: return "Length Required"; case Code::PreconditionFailed: return "Precondition Failed"; case Code::PayloadTooLarge: return "Payload Too Large"; case Code::URITooLong: return "URI Too Long"; case Code::UnsupportedMediaType: return "Unsupported Media Type"; case Code::RangeNotSatisfiable: return "Range Not Satisfiable"; case Code::ExpectationFailed: return "Expectation Failed"; case Code::MisdirectedRequest: return "Misdirected Request"; case Code::UnprocessableEntity: return "Unprocessable Entity"; case Code::Locked: return "Locked"; case Code::FailedDependency: return "Failed Dependency"; case Code::UpgradeRequired: return "Upgrade Required"; case Code::PreconditionRequired: return "Precondition Required"; case Code::TooManyRequests: return "Too Many Requests"; case Code::RequestHeaderFieldsTooLarge: return "Request Header Fields Too Large"; // 5xx case Code::InternalServerError: return "Internal Server Error"; case Code::NotImplemented: return "Not Implemented"; case Code::BadGateway: return "Bad Gateway"; case Code::ServiceUnavailable: return "Service Unavailable"; case Code::GatewayTimeout: return "Gateway Timeout"; case Code::HTTPVersionNotSupported: return "HTTP Version Not Supported"; case Code::VariantAlsoNegotiates: return "Variant Also Negotiates"; case Code::InsufficientStorage: return "Insufficient Storage"; case Code::LoopDetected: return "Loop Detected"; case Code::NotExtended: return "Not Extended"; case Code::NetworkAuthenticationRequired: return "Network Authentication Required"; } // clang-format on return "Unknown"; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/codes.h ================================================ #pragma once #include #include #include #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" #include "common/common/thread.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { struct CodeStats::ResponseStatInfo { Stats::Scope& global_scope_; Stats::Scope& cluster_scope_; Stats::StatName prefix_; uint64_t response_status_code_; bool internal_request_; Stats::StatName request_vhost_name_; Stats::StatName request_vcluster_name_; Stats::StatName from_zone_; Stats::StatName to_zone_; bool upstream_canary_; }; struct CodeStats::ResponseTimingInfo { Stats::Scope& global_scope_; Stats::Scope& cluster_scope_; Stats::StatName prefix_; std::chrono::milliseconds response_time_; bool upstream_canary_; bool internal_request_; Stats::StatName request_vhost_name_; Stats::StatName request_vcluster_name_; Stats::StatName from_zone_; Stats::StatName to_zone_; }; class CodeStatsImpl : public CodeStats { public: explicit CodeStatsImpl(Stats::SymbolTable& symbol_table); // CodeStats void chargeBasicResponseStat(Stats::Scope& scope, Stats::StatName prefix, Code response_code) const override; void chargeResponseStat(const ResponseStatInfo& info) const override; void chargeResponseTiming(const ResponseTimingInfo& info) const override; private: friend class CodeStatsTest; void writeCategory(const ResponseStatInfo& info, Stats::StatName rq_group, Stats::StatName rq_code, Stats::StatName category) const; void incCounter(Stats::Scope& scope, const Stats::StatNameVec& names) const; void incCounter(Stats::Scope& scope, Stats::StatName a, Stats::StatName b) const; void recordHistogram(Stats::Scope& scope, const Stats::StatNameVec& names, Stats::Histogram::Unit unit, uint64_t count) const; Stats::StatName upstreamRqGroup(Code response_code) const; Stats::StatName upstreamRqStatName(Code response_code) const; mutable Stats::StatNamePool stat_name_pool_; Stats::SymbolTable& symbol_table_; const Stats::StatName canary_; const Stats::StatName empty_; // Used for the group-name for invalid http codes. const Stats::StatName external_; const Stats::StatName internal_; const Stats::StatName upstream_; const Stats::StatName upstream_rq_1xx_; const Stats::StatName upstream_rq_2xx_; const Stats::StatName upstream_rq_3xx_; const Stats::StatName upstream_rq_4xx_; const Stats::StatName upstream_rq_5xx_; const Stats::StatName upstream_rq_unknown_; const Stats::StatName upstream_rq_completed_; const Stats::StatName upstream_rq_time_; const Stats::StatName vcluster_; const Stats::StatName vhost_; const Stats::StatName zone_; // Use an array of atomic pointers to hold StatNameStorage objects for // every conceivable HTTP response code. In the hot-path we'll reference // these with a null-check, and if we need to allocate a symbol for a // new code, we'll take a mutex to avoid duplicate allocations and // subsequent leaks. This is similar in principle to a ReaderMutexLock, // but should be faster, as ReaderMutexLocks appear to be too expensive for // fine-grained controls. Another option would be to use a lock per // stat-name, which might have similar performance to atomics with default // barrier policy. // // We don't allocate these all up front during construction because // SymbolTable greedily encodes the first 128 names it discovers in one // byte. We don't want those high-value single-byte codes to go to fully // enumerating the 4 prefixes combined with HTTP codes that are seldom used, // so we allocate these on demand. // // There can be multiple symbol tables in a server. The one passed into the // Codes constructor should be the same as the one passed to // Stats::ThreadLocalStore. Note that additional symbol tables can be created // from IsolatedStoreImpl's default constructor. // // The Codes object is global to the server. static constexpr uint32_t NumHttpCodes = 500; static constexpr uint32_t HttpCodeOffset = 100; // code 100 is at index 0. mutable Thread::AtomicPtrArray rc_stat_names_; }; /** * General utility routines for HTTP codes. */ class CodeUtility { public: /** * Convert an HTTP response code to a descriptive string. * @param code supplies the code to convert. * @return const char* the string. */ static const char* toString(Code code); static bool is1xx(uint64_t code) { return code >= 100 && code < 200; } static bool is2xx(uint64_t code) { return code >= 200 && code < 300; } static bool is3xx(uint64_t code) { return code >= 300 && code < 400; } static bool is4xx(uint64_t code) { return code >= 400 && code < 500; } static bool is5xx(uint64_t code) { return code >= 500 && code < 600; } static bool isGatewayError(uint64_t code) { return code >= 502 && code < 505; } static std::string groupStringForResponseCode(Code response_code); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_manager_config.h ================================================ #pragma once #include "envoy/config/config_provider.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/http/filter.h" #include "envoy/http/request_id_extension.h" #include "envoy/router/rds.h" #include "envoy/stats/scope.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" #include "common/http/date_provider.h" #include "common/local_reply/local_reply.h" #include "common/network/utility.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { /** * All stats for the connection manager. @see stats_macros.h */ #define ALL_HTTP_CONN_MAN_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(downstream_cx_delayed_close_timeout) \ COUNTER(downstream_cx_destroy) \ COUNTER(downstream_cx_destroy_active_rq) \ COUNTER(downstream_cx_destroy_local) \ COUNTER(downstream_cx_destroy_local_active_rq) \ COUNTER(downstream_cx_destroy_remote) \ COUNTER(downstream_cx_destroy_remote_active_rq) \ COUNTER(downstream_cx_drain_close) \ COUNTER(downstream_cx_http1_total) \ COUNTER(downstream_cx_http2_total) \ COUNTER(downstream_cx_http3_total) \ COUNTER(downstream_cx_idle_timeout) \ COUNTER(downstream_cx_max_duration_reached) \ COUNTER(downstream_cx_overload_disable_keepalive) \ COUNTER(downstream_cx_protocol_error) \ COUNTER(downstream_cx_rx_bytes_total) \ COUNTER(downstream_cx_ssl_total) \ COUNTER(downstream_cx_total) \ COUNTER(downstream_cx_tx_bytes_total) \ COUNTER(downstream_cx_upgrades_total) \ COUNTER(downstream_flow_control_paused_reading_total) \ COUNTER(downstream_flow_control_resumed_reading_total) \ COUNTER(downstream_rq_1xx) \ COUNTER(downstream_rq_2xx) \ COUNTER(downstream_rq_3xx) \ COUNTER(downstream_rq_4xx) \ COUNTER(downstream_rq_5xx) \ COUNTER(downstream_rq_completed) \ COUNTER(downstream_rq_http1_total) \ COUNTER(downstream_rq_http2_total) \ COUNTER(downstream_rq_http3_total) \ COUNTER(downstream_rq_idle_timeout) \ COUNTER(downstream_rq_non_relative_path) \ COUNTER(downstream_rq_overload_close) \ COUNTER(downstream_rq_response_before_rq_complete) \ COUNTER(downstream_rq_rx_reset) \ COUNTER(downstream_rq_timeout) \ COUNTER(downstream_rq_too_large) \ COUNTER(downstream_rq_total) \ COUNTER(downstream_rq_tx_reset) \ COUNTER(downstream_rq_max_duration_reached) \ COUNTER(downstream_rq_ws_on_non_ws_route) \ COUNTER(rs_too_large) \ GAUGE(downstream_cx_active, Accumulate) \ GAUGE(downstream_cx_http1_active, Accumulate) \ GAUGE(downstream_cx_http2_active, Accumulate) \ GAUGE(downstream_cx_http3_active, Accumulate) \ GAUGE(downstream_cx_rx_bytes_buffered, Accumulate) \ GAUGE(downstream_cx_ssl_active, Accumulate) \ GAUGE(downstream_cx_tx_bytes_buffered, Accumulate) \ GAUGE(downstream_cx_upgrades_active, Accumulate) \ GAUGE(downstream_rq_active, Accumulate) \ HISTOGRAM(downstream_cx_length_ms, Milliseconds) \ HISTOGRAM(downstream_rq_time, Milliseconds) /** * Wrapper struct for connection manager stats. @see stats_macros.h */ struct ConnectionManagerNamedStats { ALL_HTTP_CONN_MAN_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; struct ConnectionManagerStats { ConnectionManagerStats(ConnectionManagerNamedStats&& named_stats, const std::string& prefix, Stats::Scope& scope) : named_(std::move(named_stats)), prefix_(prefix), prefix_stat_name_storage_(prefix, scope.symbolTable()), scope_(scope) {} Stats::StatName prefixStatName() const { return prefix_stat_name_storage_.statName(); } ConnectionManagerNamedStats named_; std::string prefix_; Stats::StatNameManagedStorage prefix_stat_name_storage_; Stats::Scope& scope_; }; /** * Connection manager tracing specific stats. @see stats_macros.h */ #define CONN_MAN_TRACING_STATS(COUNTER) \ COUNTER(random_sampling) \ COUNTER(service_forced) \ COUNTER(client_enabled) \ COUNTER(not_traceable) \ COUNTER(health_check) /** * Wrapper struct for connection manager tracing stats. @see stats_macros.h */ struct ConnectionManagerTracingStats { CONN_MAN_TRACING_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for tracing which is set on the connection manager level. * Http Tracing can be enabled/disabled on a per connection manager basis. * Here we specify some specific for connection manager settings. */ struct TracingConnectionManagerConfig { Tracing::OperationName operation_name_; Tracing::CustomTagMap custom_tags_; envoy::type::v3::FractionalPercent client_sampling_; envoy::type::v3::FractionalPercent random_sampling_; envoy::type::v3::FractionalPercent overall_sampling_; bool verbose_; uint32_t max_path_tag_length_; }; using TracingConnectionManagerConfigPtr = std::unique_ptr; /** * Connection manager per listener stats. @see stats_macros.h */ #define CONN_MAN_LISTENER_STATS(COUNTER) \ COUNTER(downstream_rq_1xx) \ COUNTER(downstream_rq_2xx) \ COUNTER(downstream_rq_3xx) \ COUNTER(downstream_rq_4xx) \ COUNTER(downstream_rq_5xx) \ COUNTER(downstream_rq_completed) /** * Wrapper struct for connection manager listener stats. @see stats_macros.h */ struct ConnectionManagerListenerStats { CONN_MAN_LISTENER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for how to forward client certs. */ enum class ForwardClientCertType { ForwardOnly, AppendForward, SanitizeSet, Sanitize, AlwaysForwardOnly }; /** * Configuration for the fields of the client cert, used for populating the current client cert * information to the next hop. */ enum class ClientCertDetailsType { Cert, Chain, Subject, URI, DNS }; /** * Configuration for what addresses should be considered internal beyond the defaults. */ class InternalAddressConfig { public: virtual ~InternalAddressConfig() = default; virtual bool isInternalAddress(const Network::Address::Instance& address) const PURE; }; /** * Determines if an address is internal based on whether it is an RFC1918 ip address. */ class DefaultInternalAddressConfig : public Http::InternalAddressConfig { public: bool isInternalAddress(const Network::Address::Instance& address) const override { return Network::Utility::isInternalAddress(address); } }; /** * Abstract configuration for the connection manager. */ class ConnectionManagerConfig { public: using HttpConnectionManagerProto = envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager; virtual ~ConnectionManagerConfig() = default; /** * @return RequestIDExtensionSharedPtr The request id utilities instance to use */ virtual RequestIDExtensionSharedPtr requestIDExtension() PURE; /** * @return const std::list& the access logs to write to. */ virtual const std::list& accessLogs() PURE; /** * Called to create a codec for the connection manager. This function will be called when the * first byte of application data is received. This is done to support handling of ALPN, protocol * detection, etc. * @param connection supplies the owning connection. * @param data supplies the currently available read data. * @param callbacks supplies the callbacks to install into the codec. * @return a codec or nullptr if no codec can be created. */ virtual ServerConnectionPtr createCodec(Network::Connection& connection, const Buffer::Instance& data, ServerConnectionCallbacks& callbacks) PURE; /** * @return DateProvider& the date provider to use for */ virtual DateProvider& dateProvider() PURE; /** * @return the time in milliseconds the connection manager will wait between issuing a "shutdown * notice" to the time it will issue a full GOAWAY and not accept any new streams. */ virtual std::chrono::milliseconds drainTimeout() const PURE; /** * @return FilterChainFactory& the HTTP level filter factory to build the connection's filter * chain. */ virtual FilterChainFactory& filterFactory() PURE; /** * @return whether the connection manager will generate a fresh x-request-id if the request does * not have one. */ virtual bool generateRequestId() const PURE; /** * @return whether the x-request-id should not be reset on edge entry inside mesh */ virtual bool preserveExternalRequestId() const PURE; /** * @return whether the x-request-id should always be set in the response. */ virtual bool alwaysSetRequestIdInResponse() const PURE; /** * @return optional idle timeout for incoming connection manager connections. */ virtual absl::optional idleTimeout() const PURE; /** * @return if the connection manager does routing base on router config, e.g. a Server::Admin impl * has no route config. */ virtual bool isRoutable() const PURE; /** * @return optional maximum connection duration timeout for manager connections. */ virtual absl::optional maxConnectionDuration() const PURE; /** * @return maximum request headers size the connection manager will accept. */ virtual uint32_t maxRequestHeadersKb() const PURE; /** * @return maximum number of request headers the codecs will accept. */ virtual uint32_t maxRequestHeadersCount() const PURE; /** * @return per-stream idle timeout for incoming connection manager connections. Zero indicates a * disabled idle timeout. */ virtual std::chrono::milliseconds streamIdleTimeout() const PURE; /** * @return request timeout for incoming connection manager connections. Zero indicates * a disabled request timeout. */ virtual std::chrono::milliseconds requestTimeout() const PURE; /** * @return delayed close timeout for downstream HTTP connections. Zero indicates a disabled * timeout. See http_connection_manager.proto for a detailed description of this timeout. */ virtual std::chrono::milliseconds delayedCloseTimeout() const PURE; /** * @return maximum duration time to keep alive stream */ virtual absl::optional maxStreamDuration() const PURE; /** * @return Router::RouteConfigProvider* the configuration provider used to acquire a route * config for each request flow. Pointer ownership is _not_ transferred to the caller of * this function. This will return nullptr when scoped routing is enabled. */ virtual Router::RouteConfigProvider* routeConfigProvider() PURE; /** * @return Config::ConfigProvider* the configuration provider used to acquire scoped routing * configuration for each request flow. Pointer ownership is _not_ transferred to the caller of * this function. This will return nullptr when scoped routing is not enabled. */ virtual Config::ConfigProvider* scopedRouteConfigProvider() PURE; /** * @return const std::string& the server name to write into responses. */ virtual const std::string& serverName() const PURE; /** * @return ServerHeaderTransformation the transformation to apply to Server response headers. */ virtual HttpConnectionManagerProto::ServerHeaderTransformation serverHeaderTransformation() const PURE; /** * @return ConnectionManagerStats& the stats to write to. */ virtual ConnectionManagerStats& stats() PURE; /** * @return ConnectionManagerTracingStats& the stats to write to. */ virtual ConnectionManagerTracingStats& tracingStats() PURE; /** * @return bool whether to use the remote address for populating XFF, determining internal request * status, etc. or to assume that XFF will already be populated with the remote address. */ virtual bool useRemoteAddress() const PURE; /** * @return InternalAddressConfig configuration for user defined internal addresses. */ virtual const InternalAddressConfig& internalAddressConfig() const PURE; /** * @return uint32_t the number of trusted proxy hops in front of this Envoy instance, for * the purposes of XFF processing. */ virtual uint32_t xffNumTrustedHops() const PURE; /** * @return bool don't append the remote address to XFF? This overrides the behavior of * useRemoteAddress() and may be used when XFF should not be modified but we still * want to avoid trusting incoming XFF in remote IP determination. */ virtual bool skipXffAppend() const PURE; /** * @return const absl::optional& value of via header to add to requests and response * headers if set. */ virtual const std::string& via() const PURE; /** * @return ForwardClientCertType the configuration of how to forward the client cert information. */ virtual ForwardClientCertType forwardClientCert() const PURE; /** * @return vector of ClientCertDetailsType the configuration of the current client cert's details * to be forwarded. */ virtual const std::vector& setCurrentClientCertDetails() const PURE; /** * @return local address. * Gives richer information in case of internal requests. */ virtual const Network::Address::Instance& localAddress() PURE; /** * @return custom user agent for internal requests for better debugging. Must be configured to * be enabled. User agent will only overwritten if it doesn't already exist. If enabled, * the same user agent will be written to the x-envoy-downstream-service-cluster header. */ virtual const absl::optional& userAgent() PURE; /** * @return HttpTracerSharedPtr HttpTracer to use. */ virtual Tracing::HttpTracerSharedPtr tracer() PURE; /** * @return tracing config. */ virtual const TracingConnectionManagerConfig* tracingConfig() PURE; /** * @return ConnectionManagerListenerStats& the stats to write to. */ virtual ConnectionManagerListenerStats& listenerStats() PURE; /** * @return bool supplies if the HttpConnectionManager should proxy the Expect: 100-Continue */ virtual bool proxy100Continue() const PURE; /** * @return bool supplies if the HttpConnectionManager should handle invalid HTTP with a stream * error or connection error. */ virtual bool streamErrorOnInvalidHttpMessaging() const PURE; /** * @return supplies the http1 settings. */ virtual const Http::Http1Settings& http1Settings() const PURE; /** * @return if the HttpConnectionManager should normalize url following RFC3986 */ virtual bool shouldNormalizePath() const PURE; /** * @return if the HttpConnectionManager should merge two or more adjacent slashes in the path into * one. */ virtual bool shouldMergeSlashes() const PURE; /** * @return if the HttpConnectionManager should remove the port from host/authority header */ virtual bool shouldStripMatchingPort() const PURE; /** * @return the action HttpConnectionManager should take when receiving client request * headers containing underscore characters. */ virtual envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const PURE; /** * @return LocalReply configuration which supplies mapping for local reply generated by Envoy. */ virtual const LocalReply::LocalReply& localReply() const PURE; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_manager_impl.cc ================================================ #include "common/http/conn_manager_impl.h" #include #include #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/time.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/http/header_map.h" #include "envoy/network/drain_decision.h" #include "envoy/router/router.h" #include "envoy/ssl/connection.h" #include "envoy/stats/scope.h" #include "envoy/stream_info/filter_state.h" #include "envoy/stream_info/stream_info.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/scope_tracker.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/http/conn_manager_utility.h" #include "common/http/exception.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http1/codec_impl.h" #include "common/http/http2/codec_impl.h" #include "common/http/path_utility.h" #include "common/http/status.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "common/router/config_impl.h" #include "common/runtime/runtime_features.h" #include "common/runtime/runtime_impl.h" #include "common/stats/timespan_impl.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Http { ConnectionManagerStats ConnectionManagerImpl::generateStats(const std::string& prefix, Stats::Scope& scope) { return ConnectionManagerStats( {ALL_HTTP_CONN_MAN_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}, prefix, scope); } ConnectionManagerTracingStats ConnectionManagerImpl::generateTracingStats(const std::string& prefix, Stats::Scope& scope) { return {CONN_MAN_TRACING_STATS(POOL_COUNTER_PREFIX(scope, prefix + "tracing."))}; } ConnectionManagerListenerStats ConnectionManagerImpl::generateListenerStats(const std::string& prefix, Stats::Scope& scope) { return {CONN_MAN_LISTENER_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } ConnectionManagerImpl::ConnectionManagerImpl(ConnectionManagerConfig& config, const Network::DrainDecision& drain_close, Random::RandomGenerator& random_generator, Http::Context& http_context, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cluster_manager, Server::OverloadManager& overload_manager, TimeSource& time_source) : config_(config), stats_(config_.stats()), conn_length_(new Stats::HistogramCompletableTimespanImpl( stats_.named_.downstream_cx_length_ms_, time_source)), drain_close_(drain_close), user_agent_(http_context.userAgentContext()), random_generator_(random_generator), http_context_(http_context), runtime_(runtime), local_info_(local_info), cluster_manager_(cluster_manager), listener_stats_(config_.listenerStats()), overload_stop_accepting_requests_ref_(overload_manager.getThreadLocalOverloadState().getState( Server::OverloadActionNames::get().StopAcceptingRequests)), overload_disable_keepalive_ref_(overload_manager.getThreadLocalOverloadState().getState( Server::OverloadActionNames::get().DisableHttpKeepAlive)), time_source_(time_source) {} const ResponseHeaderMap& ConnectionManagerImpl::continueHeader() { static const auto headers = createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Code::Continue))}}); return *headers; } void ConnectionManagerImpl::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; stats_.named_.downstream_cx_total_.inc(); stats_.named_.downstream_cx_active_.inc(); if (read_callbacks_->connection().ssl()) { stats_.named_.downstream_cx_ssl_total_.inc(); stats_.named_.downstream_cx_ssl_active_.inc(); } read_callbacks_->connection().addConnectionCallbacks(*this); if (config_.idleTimeout()) { connection_idle_timer_ = read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onIdleTimeout(); }); connection_idle_timer_->enableTimer(config_.idleTimeout().value()); } if (config_.maxConnectionDuration()) { connection_duration_timer_ = read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onConnectionDurationTimeout(); }); connection_duration_timer_->enableTimer(config_.maxConnectionDuration().value()); } read_callbacks_->connection().setDelayedCloseTimeout(config_.delayedCloseTimeout()); read_callbacks_->connection().setConnectionStats( {stats_.named_.downstream_cx_rx_bytes_total_, stats_.named_.downstream_cx_rx_bytes_buffered_, stats_.named_.downstream_cx_tx_bytes_total_, stats_.named_.downstream_cx_tx_bytes_buffered_, nullptr, &stats_.named_.downstream_cx_delayed_close_timeout_}); } ConnectionManagerImpl::~ConnectionManagerImpl() { stats_.named_.downstream_cx_destroy_.inc(); stats_.named_.downstream_cx_active_.dec(); if (read_callbacks_->connection().ssl()) { stats_.named_.downstream_cx_ssl_active_.dec(); } if (codec_) { if (codec_->protocol() == Protocol::Http2) { stats_.named_.downstream_cx_http2_active_.dec(); } else if (codec_->protocol() == Protocol::Http3) { stats_.named_.downstream_cx_http3_active_.dec(); } else { stats_.named_.downstream_cx_http1_active_.dec(); } } conn_length_->complete(); user_agent_.completeConnectionLength(*conn_length_); } void ConnectionManagerImpl::checkForDeferredClose() { if (drain_state_ == DrainState::Closing && streams_.empty() && !codec_->wantsToWrite()) { doConnectionClose(Network::ConnectionCloseType::FlushWriteAndDelay, absl::nullopt, StreamInfo::ResponseCodeDetails::get().DownstreamLocalDisconnect); } } void ConnectionManagerImpl::doEndStream(ActiveStream& stream) { // The order of what happens in this routine is important and a little complicated. We first see // if the stream needs to be reset. If it needs to be, this will end up invoking reset callbacks // and then moving the stream to the deferred destruction list. If the stream has not been reset, // we move it to the deferred deletion list here. Then, we potentially close the connection. This // must be done after deleting the stream since the stream refers to the connection and must be // deleted first. bool reset_stream = false; // If the response encoder is still associated with the stream, reset the stream. The exception // here is when Envoy "ends" the stream by calling recreateStream at which point recreateStream // explicitly nulls out response_encoder to avoid the downstream being notified of the // Envoy-internal stream instance being ended. if (stream.response_encoder_ != nullptr && (!stream.filter_manager_.remoteComplete() || !stream.state_.codec_saw_local_complete_)) { // Indicate local is complete at this point so that if we reset during a continuation, we don't // raise further data or trailers. ENVOY_STREAM_LOG(debug, "doEndStream() resetting stream", stream); // TODO(snowp): This call might not be necessary, try to clean up + remove setter function. stream.filter_manager_.setLocalComplete(); stream.state_.codec_saw_local_complete_ = true; stream.response_encoder_->getStream().resetStream(StreamResetReason::LocalReset); reset_stream = true; } if (!reset_stream) { doDeferredStreamDestroy(stream); } if (reset_stream && codec_->protocol() < Protocol::Http2) { drain_state_ = DrainState::Closing; } checkForDeferredClose(); } void ConnectionManagerImpl::doDeferredStreamDestroy(ActiveStream& stream) { if (stream.max_stream_duration_timer_) { stream.max_stream_duration_timer_->disableTimer(); stream.max_stream_duration_timer_ = nullptr; } if (stream.stream_idle_timer_ != nullptr) { stream.stream_idle_timer_->disableTimer(); stream.stream_idle_timer_ = nullptr; } stream.filter_manager_.disarmRequestTimeout(); stream.completeRequest(); stream.filter_manager_.onStreamComplete(); stream.filter_manager_.log(); stream.filter_manager_.destroyFilters(); read_callbacks_->connection().dispatcher().deferredDelete(stream.removeFromList(streams_)); if (connection_idle_timer_ && streams_.empty()) { connection_idle_timer_->enableTimer(config_.idleTimeout().value()); } } RequestDecoder& ConnectionManagerImpl::newStream(ResponseEncoder& response_encoder, bool is_internally_created) { if (connection_idle_timer_) { connection_idle_timer_->disableTimer(); } ENVOY_CONN_LOG(debug, "new stream", read_callbacks_->connection()); ActiveStreamPtr new_stream(new ActiveStream(*this, response_encoder.getStream().bufferLimit())); new_stream->state_.is_internally_created_ = is_internally_created; new_stream->response_encoder_ = &response_encoder; new_stream->response_encoder_->getStream().addCallbacks(*new_stream); new_stream->response_encoder_->getStream().setFlushTimeout(new_stream->idle_timeout_ms_); // If the network connection is backed up, the stream should be made aware of it on creation. // Both HTTP/1.x and HTTP/2 codecs handle this in StreamCallbackHelper::addCallbacksHelper. ASSERT(read_callbacks_->connection().aboveHighWatermark() == false || new_stream->filter_manager_.aboveHighWatermark()); LinkedList::moveIntoList(std::move(new_stream), streams_); return **streams_.begin(); } void ConnectionManagerImpl::handleCodecError(absl::string_view error) { ENVOY_CONN_LOG(debug, "dispatch error: {}", read_callbacks_->connection(), error); read_callbacks_->connection().streamInfo().setResponseFlag( StreamInfo::ResponseFlag::DownstreamProtocolError); // HTTP/1.1 codec has already sent a 400 response if possible. HTTP/2 codec has already sent // GOAWAY. doConnectionClose(Network::ConnectionCloseType::FlushWriteAndDelay, StreamInfo::ResponseFlag::DownstreamProtocolError, absl::StrCat("codec error: ", error)); } void ConnectionManagerImpl::createCodec(Buffer::Instance& data) { ASSERT(!codec_); codec_ = config_.createCodec(read_callbacks_->connection(), data, *this); switch (codec_->protocol()) { case Protocol::Http3: stats_.named_.downstream_cx_http3_total_.inc(); stats_.named_.downstream_cx_http3_active_.inc(); break; case Protocol::Http2: stats_.named_.downstream_cx_http2_total_.inc(); stats_.named_.downstream_cx_http2_active_.inc(); break; case Protocol::Http11: case Protocol::Http10: stats_.named_.downstream_cx_http1_total_.inc(); stats_.named_.downstream_cx_http1_active_.inc(); break; } } Network::FilterStatus ConnectionManagerImpl::onData(Buffer::Instance& data, bool) { if (!codec_) { // Http3 codec should have been instantiated by now. createCodec(data); } bool redispatch; do { redispatch = false; const Status status = codec_->dispatch(data); if (isBufferFloodError(status) || isInboundFramesWithEmptyPayloadError(status)) { handleCodecError(status.message()); return Network::FilterStatus::StopIteration; } else if (isCodecProtocolError(status)) { stats_.named_.downstream_cx_protocol_error_.inc(); handleCodecError(status.message()); return Network::FilterStatus::StopIteration; } ASSERT(status.ok()); // Processing incoming data may release outbound data so check for closure here as well. checkForDeferredClose(); // The HTTP/1 codec will pause dispatch after a single message is complete. We want to // either redispatch if there are no streams and we have more data. If we have a single // complete non-WebSocket stream but have not responded yet we will pause socket reads // to apply back pressure. if (codec_->protocol() < Protocol::Http2) { if (read_callbacks_->connection().state() == Network::Connection::State::Open && data.length() > 0 && streams_.empty()) { redispatch = true; } } } while (redispatch); if (!read_callbacks_->connection().streamInfo().protocol()) { read_callbacks_->connection().streamInfo().protocol(codec_->protocol()); } return Network::FilterStatus::StopIteration; } Network::FilterStatus ConnectionManagerImpl::onNewConnection() { if (!read_callbacks_->connection().streamInfo().protocol()) { // For Non-QUIC traffic, continue passing data to filters. return Network::FilterStatus::Continue; } // Only QUIC connection's stream_info_ specifies protocol. Buffer::OwnedImpl dummy; createCodec(dummy); ASSERT(codec_->protocol() == Protocol::Http3); // Stop iterating through each filters for QUIC. Currently a QUIC connection // only supports one filter, HCM, and bypasses the onData() interface. Because // QUICHE already handles de-multiplexing. return Network::FilterStatus::StopIteration; } void ConnectionManagerImpl::resetAllStreams(absl::optional response_flag, absl::string_view details) { while (!streams_.empty()) { // Mimic a downstream reset in this case. We must also remove callbacks here. Though we are // about to close the connection and will disable further reads, it is possible that flushing // data out can cause stream callbacks to fire (e.g., low watermark callbacks). // // TODO(mattklein123): I tried to actually reset through the codec here, but ran into issues // with nghttp2 state and being unhappy about sending reset frames after the connection had // been terminated via GOAWAY. It might be possible to do something better here inside the h2 // codec but there are no easy answers and this seems simpler. auto& stream = *streams_.front(); stream.response_encoder_->getStream().removeCallbacks(stream); if (!stream.response_encoder_->getStream().responseDetails().empty()) { stream.filter_manager_.streamInfo().setResponseCodeDetails( stream.response_encoder_->getStream().responseDetails()); } else if (!details.empty()) { stream.filter_manager_.streamInfo().setResponseCodeDetails(details); } if (response_flag.has_value()) { stream.filter_manager_.streamInfo().setResponseFlag(response_flag.value()); } stream.onResetStream(StreamResetReason::ConnectionTermination, absl::string_view()); } } void ConnectionManagerImpl::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::LocalClose) { stats_.named_.downstream_cx_destroy_local_.inc(); } if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (event == Network::ConnectionEvent::RemoteClose) { remote_close_ = true; stats_.named_.downstream_cx_destroy_remote_.inc(); } absl::string_view details = event == Network::ConnectionEvent::RemoteClose ? StreamInfo::ResponseCodeDetails::get().DownstreamRemoteDisconnect : StreamInfo::ResponseCodeDetails::get().DownstreamLocalDisconnect; // TODO(mattklein123): It is technically possible that something outside of the filter causes // a local connection close, so we still guard against that here. A better solution would be to // have some type of "pre-close" callback that we could hook for cleanup that would get called // regardless of where local close is invoked from. // NOTE: that this will cause doConnectionClose() to get called twice in the common local close // cases, but the method protects against that. // NOTE: In the case where a local close comes from outside the filter, this will cause any // stream closures to increment remote close stats. We should do better here in the future, // via the pre-close callback mentioned above. doConnectionClose(absl::nullopt, absl::nullopt, details); } } void ConnectionManagerImpl::doConnectionClose( absl::optional close_type, absl::optional response_flag, absl::string_view details) { if (connection_idle_timer_) { connection_idle_timer_->disableTimer(); connection_idle_timer_.reset(); } if (connection_duration_timer_) { connection_duration_timer_->disableTimer(); connection_duration_timer_.reset(); } if (drain_timer_) { drain_timer_->disableTimer(); drain_timer_.reset(); } if (!streams_.empty()) { const Network::ConnectionEvent event = close_type.has_value() ? Network::ConnectionEvent::LocalClose : Network::ConnectionEvent::RemoteClose; if (event == Network::ConnectionEvent::LocalClose) { stats_.named_.downstream_cx_destroy_local_active_rq_.inc(); } if (event == Network::ConnectionEvent::RemoteClose) { stats_.named_.downstream_cx_destroy_remote_active_rq_.inc(); } stats_.named_.downstream_cx_destroy_active_rq_.inc(); user_agent_.onConnectionDestroy(event, true); // Note that resetAllStreams() does not actually write anything to the wire. It just resets // all upstream streams and their filter stacks. Thus, there are no issues around recursive // entry. resetAllStreams(response_flag, details); } if (close_type.has_value()) { read_callbacks_->connection().close(close_type.value()); } } void ConnectionManagerImpl::onGoAway(GoAwayErrorCode) { // Currently we do nothing with remote go away frames. In the future we can decide to no longer // push resources if applicable. } void ConnectionManagerImpl::onIdleTimeout() { ENVOY_CONN_LOG(debug, "idle timeout", read_callbacks_->connection()); stats_.named_.downstream_cx_idle_timeout_.inc(); if (!codec_) { // No need to delay close after flushing since an idle timeout has already fired. Attempt to // write out buffered data one last time and issue a local close if successful. doConnectionClose(Network::ConnectionCloseType::FlushWrite, absl::nullopt, ""); } else if (drain_state_ == DrainState::NotDraining) { startDrainSequence(); } } // TODO(#13142): Add DurationTimeout response flag for HCM. void ConnectionManagerImpl::onConnectionDurationTimeout() { ENVOY_CONN_LOG(debug, "max connection duration reached", read_callbacks_->connection()); stats_.named_.downstream_cx_max_duration_reached_.inc(); if (!codec_) { // Attempt to write out buffered data one last time and issue a local close if successful. doConnectionClose(Network::ConnectionCloseType::FlushWrite, absl::nullopt, StreamInfo::ResponseCodeDetails::get().DurationTimeout); } else if (drain_state_ == DrainState::NotDraining) { startDrainSequence(); } } void ConnectionManagerImpl::onDrainTimeout() { ASSERT(drain_state_ != DrainState::NotDraining); codec_->goAway(); drain_state_ = DrainState::Closing; checkForDeferredClose(); } void ConnectionManagerImpl::chargeTracingStats(const Tracing::Reason& tracing_reason, ConnectionManagerTracingStats& tracing_stats) { switch (tracing_reason) { case Tracing::Reason::ClientForced: tracing_stats.client_enabled_.inc(); break; case Tracing::Reason::NotTraceableRequestId: tracing_stats.not_traceable_.inc(); break; case Tracing::Reason::Sampling: tracing_stats.random_sampling_.inc(); break; case Tracing::Reason::ServiceForced: tracing_stats.service_forced_.inc(); break; default: throw std::invalid_argument( absl::StrCat("invalid tracing reason, value: ", static_cast(tracing_reason))); } } // TODO(chaoqin-li1123): Make on demand vhds and on demand srds works at the same time. void ConnectionManagerImpl::RdsRouteConfigUpdateRequester::requestRouteConfigUpdate( Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) { absl::optional route_config = parent_.routeConfig(); Event::Dispatcher& thread_local_dispatcher = parent_.connection_manager_.read_callbacks_->connection().dispatcher(); if (route_config.has_value() && route_config.value()->usesVhds()) { ASSERT(!parent_.request_headers_->Host()->value().empty()); const auto& host_header = absl::AsciiStrToLower(parent_.request_headers_->getHostValue()); requestVhdsUpdate(host_header, thread_local_dispatcher, std::move(route_config_updated_cb)); return; } else if (parent_.snapped_scoped_routes_config_ != nullptr) { Router::ScopeKeyPtr scope_key = parent_.snapped_scoped_routes_config_->computeScopeKey(*parent_.request_headers_); // If scope_key is not null, the scope exists but RouteConfiguration is not initialized. if (scope_key != nullptr) { requestSrdsUpdate(std::move(scope_key), thread_local_dispatcher, std::move(route_config_updated_cb)); return; } } // Continue the filter chain if no on demand update is requested. (*route_config_updated_cb)(false); } void ConnectionManagerImpl::RdsRouteConfigUpdateRequester::requestVhdsUpdate( const std::string& host_header, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) { route_config_provider_->requestVirtualHostsUpdate(host_header, thread_local_dispatcher, std::move(route_config_updated_cb)); } void ConnectionManagerImpl::RdsRouteConfigUpdateRequester::requestSrdsUpdate( Router::ScopeKeyPtr scope_key, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) { // Since inline scope_route_config_provider is not fully implemented and never used, // dynamic cast in constructor always succeed and the pointer should not be null here. ASSERT(scoped_route_config_provider_ != nullptr); Http::RouteConfigUpdatedCallback scoped_route_config_updated_cb = Http::RouteConfigUpdatedCallback( [this, weak_route_config_updated_cb = std::weak_ptr( route_config_updated_cb)](bool scope_exist) { // If the callback can be locked, this ActiveStream is still alive. if (auto cb = weak_route_config_updated_cb.lock()) { // Refresh the route before continue the filter chain. if (scope_exist) { parent_.refreshCachedRoute(); } (*cb)(scope_exist && parent_.hasCachedRoute()); } }); scoped_route_config_provider_->onDemandRdsUpdate(std::move(scope_key), thread_local_dispatcher, std::move(scoped_route_config_updated_cb)); } ConnectionManagerImpl::ActiveStream::ActiveStream(ConnectionManagerImpl& connection_manager, uint32_t buffer_limit) : connection_manager_(connection_manager), stream_id_(connection_manager.random_generator_.random()), filter_manager_(*this, connection_manager_.read_callbacks_->connection().dispatcher(), connection_manager_.read_callbacks_->connection(), stream_id_, connection_manager_.config_.proxy100Continue(), buffer_limit, connection_manager_.config_.filterFactory(), connection_manager_.config_.localReply(), connection_manager_.codec_->protocol(), connection_manager_.timeSource(), connection_manager_.read_callbacks_->connection().streamInfo().filterState(), StreamInfo::FilterState::LifeSpan::Connection), request_response_timespan_(new Stats::HistogramCompletableTimespanImpl( connection_manager_.stats_.named_.downstream_rq_time_, connection_manager_.timeSource())) { ASSERT(!connection_manager.config_.isRoutable() || ((connection_manager.config_.routeConfigProvider() == nullptr && connection_manager.config_.scopedRouteConfigProvider() != nullptr) || (connection_manager.config_.routeConfigProvider() != nullptr && connection_manager.config_.scopedRouteConfigProvider() == nullptr)), "Either routeConfigProvider or scopedRouteConfigProvider should be set in " "ConnectionManagerImpl."); for (const AccessLog::InstanceSharedPtr& access_log : connection_manager_.config_.accessLogs()) { filter_manager_.addAccessLogHandler(access_log); } filter_manager_.streamInfo().setRequestIDExtension( connection_manager.config_.requestIDExtension()); if (connection_manager_.config_.isRoutable() && connection_manager.config_.routeConfigProvider() != nullptr) { route_config_update_requester_ = std::make_unique( connection_manager.config_.routeConfigProvider(), *this); } else if (connection_manager_.config_.isRoutable() && connection_manager.config_.scopedRouteConfigProvider() != nullptr) { route_config_update_requester_ = std::make_unique( connection_manager.config_.scopedRouteConfigProvider(), *this); } ScopeTrackerScopeState scope(this, connection_manager_.read_callbacks_->connection().dispatcher()); connection_manager_.stats_.named_.downstream_rq_total_.inc(); connection_manager_.stats_.named_.downstream_rq_active_.inc(); if (connection_manager_.codec_->protocol() == Protocol::Http2) { connection_manager_.stats_.named_.downstream_rq_http2_total_.inc(); } else if (connection_manager_.codec_->protocol() == Protocol::Http3) { connection_manager_.stats_.named_.downstream_rq_http3_total_.inc(); } else { connection_manager_.stats_.named_.downstream_rq_http1_total_.inc(); } filter_manager_.streamInfo().setDownstreamLocalAddress( connection_manager_.read_callbacks_->connection().localAddress()); filter_manager_.streamInfo().setDownstreamDirectRemoteAddress( connection_manager_.read_callbacks_->connection().directRemoteAddress()); // Initially, the downstream remote address is the source address of the // downstream connection. That can change later in the request's lifecycle, // based on XFF processing, but setting the downstream remote address here // prevents surprises for logging code in edge cases. filter_manager_.streamInfo().setDownstreamRemoteAddress( connection_manager_.read_callbacks_->connection().remoteAddress()); filter_manager_.streamInfo().setDownstreamSslConnection( connection_manager_.read_callbacks_->connection().ssl()); filter_manager_.streamInfo().setConnectionID( connection_manager_.read_callbacks_->connection().id()); if (connection_manager_.config_.streamIdleTimeout().count()) { idle_timeout_ms_ = connection_manager_.config_.streamIdleTimeout(); stream_idle_timer_ = connection_manager_.read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onIdleTimeout(); }); resetIdleTimer(); } if (connection_manager_.config_.requestTimeout().count()) { std::chrono::milliseconds request_timeout_ms_ = connection_manager_.config_.requestTimeout(); request_timer_ = connection_manager.read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onRequestTimeout(); }); request_timer_->enableTimer(request_timeout_ms_, this); } const auto max_stream_duration = connection_manager_.config_.maxStreamDuration(); if (max_stream_duration.has_value() && max_stream_duration.value().count()) { max_stream_duration_timer_ = connection_manager.read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onStreamMaxDurationReached(); }); max_stream_duration_timer_->enableTimer(connection_manager_.config_.maxStreamDuration().value(), this); } filter_manager_.streamInfo().setRequestedServerName( connection_manager_.read_callbacks_->connection().requestedServerName()); } void ConnectionManagerImpl::ActiveStream::completeRequest() { filter_manager_.streamInfo().onRequestComplete(); Upstream::HostDescriptionConstSharedPtr upstream_host = connection_manager_.read_callbacks_->upstreamHost(); if (upstream_host != nullptr) { Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = upstream_host->cluster().requestResponseSizeStats(); if (req_resp_stats.has_value()) { req_resp_stats->get().upstream_rq_body_size_.recordValue( filter_manager_.streamInfo().bytesReceived()); req_resp_stats->get().upstream_rs_body_size_.recordValue( filter_manager_.streamInfo().bytesSent()); } } if (connection_manager_.remote_close_) { filter_manager_.streamInfo().setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().DownstreamRemoteDisconnect); filter_manager_.streamInfo().setResponseFlag( StreamInfo::ResponseFlag::DownstreamConnectionTermination); } // TODO(danzh) bring HTTP/3 to parity here. if (connection_manager_.codec_->protocol() != Protocol::Http3) { ASSERT(filter_manager_.streamInfo().responseCodeDetails().has_value()); } connection_manager_.stats_.named_.downstream_rq_active_.dec(); if (filter_manager_.streamInfo().healthCheck()) { connection_manager_.config_.tracingStats().health_check_.inc(); } if (active_span_) { Tracing::HttpTracerUtility::finalizeDownstreamSpan( *active_span_, request_headers_.get(), response_headers_.get(), response_trailers_.get(), filter_manager_.streamInfo(), *this); } if (state_.successful_upgrade_) { connection_manager_.stats_.named_.downstream_cx_upgrades_active_.dec(); } } void ConnectionManagerImpl::ActiveStream::resetIdleTimer() { if (stream_idle_timer_ != nullptr) { // TODO(htuch): If this shows up in performance profiles, optimize by only // updating a timestamp here and doing periodic checks for idle timeouts // instead, or reducing the accuracy of timers. stream_idle_timer_->enableTimer(idle_timeout_ms_); } } void ConnectionManagerImpl::ActiveStream::onIdleTimeout() { connection_manager_.stats_.named_.downstream_rq_idle_timeout_.inc(); // If headers have not been sent to the user, send a 408. if (responseHeaders().has_value() && !Runtime::runtimeFeatureEnabled("envoy.reloadable_features.allow_response_for_timeout")) { // TODO(htuch): We could send trailers here with an x-envoy timeout header // or gRPC status code, and/or set H2 RST_STREAM error. filter_manager_.streamInfo().setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().StreamIdleTimeout); connection_manager_.doEndStream(*this); } else { // TODO(mattklein) this may result in multiple flags. This Ok? filter_manager_.streamInfo().setResponseFlag(StreamInfo::ResponseFlag::StreamIdleTimeout); sendLocalReply(request_headers_ != nullptr && Grpc::Common::isGrpcRequestHeaders(*request_headers_), Http::Code::RequestTimeout, "stream timeout", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().StreamIdleTimeout); } } void ConnectionManagerImpl::ActiveStream::onRequestTimeout() { connection_manager_.stats_.named_.downstream_rq_timeout_.inc(); sendLocalReply(request_headers_ != nullptr && Grpc::Common::isGrpcRequestHeaders(*request_headers_), Http::Code::RequestTimeout, "request timeout", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().RequestOverallTimeout); } void ConnectionManagerImpl::ActiveStream::onStreamMaxDurationReached() { ENVOY_STREAM_LOG(debug, "Stream max duration time reached", *this); connection_manager_.stats_.named_.downstream_rq_max_duration_reached_.inc(); if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.allow_response_for_timeout")) { sendLocalReply(request_headers_ != nullptr && Grpc::Common::isGrpcRequestHeaders(*request_headers_), Http::Code::RequestTimeout, "downstream duration timeout", nullptr, Grpc::Status::WellKnownGrpcStatus::DeadlineExceeded, StreamInfo::ResponseCodeDetails::get().MaxDurationTimeout); } else { filter_manager_.streamInfo().setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().MaxDurationTimeout); connection_manager_.doEndStream(*this); } } void ConnectionManagerImpl::ActiveStream::chargeStats(const ResponseHeaderMap& headers) { uint64_t response_code = Utility::getResponseStatus(headers); filter_manager_.streamInfo().response_code_ = response_code; if (filter_manager_.streamInfo().health_check_request_) { return; } Upstream::HostDescriptionConstSharedPtr upstream_host = connection_manager_.read_callbacks_->upstreamHost(); if (upstream_host != nullptr) { Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = upstream_host->cluster().requestResponseSizeStats(); if (req_resp_stats.has_value()) { req_resp_stats->get().upstream_rs_headers_size_.recordValue(headers.byteSize()); } } connection_manager_.stats_.named_.downstream_rq_completed_.inc(); connection_manager_.listener_stats_.downstream_rq_completed_.inc(); if (CodeUtility::is1xx(response_code)) { connection_manager_.stats_.named_.downstream_rq_1xx_.inc(); connection_manager_.listener_stats_.downstream_rq_1xx_.inc(); } else if (CodeUtility::is2xx(response_code)) { connection_manager_.stats_.named_.downstream_rq_2xx_.inc(); connection_manager_.listener_stats_.downstream_rq_2xx_.inc(); } else if (CodeUtility::is3xx(response_code)) { connection_manager_.stats_.named_.downstream_rq_3xx_.inc(); connection_manager_.listener_stats_.downstream_rq_3xx_.inc(); } else if (CodeUtility::is4xx(response_code)) { connection_manager_.stats_.named_.downstream_rq_4xx_.inc(); connection_manager_.listener_stats_.downstream_rq_4xx_.inc(); } else if (CodeUtility::is5xx(response_code)) { connection_manager_.stats_.named_.downstream_rq_5xx_.inc(); connection_manager_.listener_stats_.downstream_rq_5xx_.inc(); } } const Network::Connection* ConnectionManagerImpl::ActiveStream::connection() { return &connection_manager_.read_callbacks_->connection(); } uint32_t ConnectionManagerImpl::ActiveStream::localPort() { auto ip = connection()->localAddress()->ip(); if (ip == nullptr) { return 0; } return ip->port(); } // Ordering in this function is complicated, but important. // // We want to do minimal work before selecting route and creating a filter // chain to maximize the number of requests which get custom filter behavior, // e.g. registering access logging. // // This must be balanced by doing sanity checking for invalid requests (one // can't route select properly without full headers), checking state required to // serve error responses (connection close, head requests, etc), and // modifications which may themselves affect route selection. void ConnectionManagerImpl::ActiveStream::decodeHeaders(RequestHeaderMapPtr&& headers, bool end_stream) { ScopeTrackerScopeState scope(this, connection_manager_.read_callbacks_->connection().dispatcher()); request_headers_ = std::move(headers); filter_manager_.requestHeadersInitialized(); Upstream::HostDescriptionConstSharedPtr upstream_host = connection_manager_.read_callbacks_->upstreamHost(); if (upstream_host != nullptr) { Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = upstream_host->cluster().requestResponseSizeStats(); if (req_resp_stats.has_value()) { req_resp_stats->get().upstream_rq_headers_size_.recordValue(request_headers_->byteSize()); } } // Both saw_connection_close_ and is_head_request_ affect local replies: set // them as early as possible. const Protocol protocol = connection_manager_.codec_->protocol(); const bool fixed_connection_close = Runtime::runtimeFeatureEnabled("envoy.reloadable_features.fixed_connection_close"); if (fixed_connection_close) { state_.saw_connection_close_ = HeaderUtility::shouldCloseConnection(protocol, *request_headers_); } if (HeaderUtility::isConnect(*request_headers_) && !request_headers_->Path() && !Runtime::runtimeFeatureEnabled("envoy.reloadable_features.stop_faking_paths")) { request_headers_->setPath("/"); } // We need to snap snapped_route_config_ here as it's used in mutateRequestHeaders later. if (connection_manager_.config_.isRoutable()) { if (connection_manager_.config_.routeConfigProvider() != nullptr) { snapped_route_config_ = connection_manager_.config_.routeConfigProvider()->config(); } else if (connection_manager_.config_.scopedRouteConfigProvider() != nullptr) { snapped_scoped_routes_config_ = connection_manager_.config_.scopedRouteConfigProvider()->config(); snapScopedRouteConfig(); } } else { snapped_route_config_ = connection_manager_.config_.routeConfigProvider()->config(); } ENVOY_STREAM_LOG(debug, "request headers complete (end_stream={}):\n{}", *this, end_stream, *request_headers_); // We end the decode here only if the request is header only. If we convert the request to a // header only, the stream will be marked as done once a subsequent decodeData/decodeTrailers is // called with end_stream=true. filter_manager_.maybeEndDecode(end_stream); // Drop new requests when overloaded as soon as we have decoded the headers. if (connection_manager_.random_generator_.bernoulli( connection_manager_.overload_stop_accepting_requests_ref_.value())) { // In this one special case, do not create the filter chain. If there is a risk of memory // overload it is more important to avoid unnecessary allocation than to create the filters. filter_manager_.skipFilterChainCreation(); connection_manager_.stats_.named_.downstream_rq_overload_close_.inc(); sendLocalReply(Grpc::Common::isGrpcRequestHeaders(*request_headers_), Http::Code::ServiceUnavailable, "envoy overloaded", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().Overload); return; } if (!connection_manager_.config_.proxy100Continue() && request_headers_->Expect() && request_headers_->Expect()->value() == Headers::get().ExpectValues._100Continue.c_str()) { // Note in the case Envoy is handling 100-Continue complexity, it skips the filter chain // and sends the 100-Continue directly to the encoder. chargeStats(continueHeader()); response_encoder_->encode100ContinueHeaders(continueHeader()); // Remove the Expect header so it won't be handled again upstream. request_headers_->removeExpect(); } connection_manager_.user_agent_.initializeFromHeaders(*request_headers_, connection_manager_.stats_.prefixStatName(), connection_manager_.stats_.scope_); // Make sure we are getting a codec version we support. if (protocol == Protocol::Http10) { // Assume this is HTTP/1.0. This is fine for HTTP/0.9 but this code will also affect any // requests with non-standard version numbers (0.9, 1.3), basically anything which is not // HTTP/1.1. // // The protocol may have shifted in the HTTP/1.0 case so reset it. filter_manager_.streamInfo().protocol(protocol); if (!connection_manager_.config_.http1Settings().accept_http_10_) { // Send "Upgrade Required" if HTTP/1.0 support is not explicitly configured on. sendLocalReply(false, Code::UpgradeRequired, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().LowVersion); return; } else if (!fixed_connection_close) { // HTTP/1.0 defaults to single-use connections. Make sure the connection // will be closed unless Keep-Alive is present. state_.saw_connection_close_ = true; if (absl::EqualsIgnoreCase(request_headers_->getConnectionValue(), Http::Headers::get().ConnectionValues.KeepAlive)) { state_.saw_connection_close_ = false; } } if (!request_headers_->Host() && !connection_manager_.config_.http1Settings().default_host_for_http_10_.empty()) { // Add a default host if configured to do so. request_headers_->setHost( connection_manager_.config_.http1Settings().default_host_for_http_10_); } } if (!request_headers_->Host()) { // Require host header. For HTTP/1.1 Host has already been translated to :authority. sendLocalReply(Grpc::Common::hasGrpcContentType(*request_headers_), Code::BadRequest, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().MissingHost); return; } // Verify header sanity checks which should have been performed by the codec. ASSERT(HeaderUtility::requestHeadersValid(*request_headers_).has_value() == false); // Check for the existence of the :path header for non-CONNECT requests, or present-but-empty // :path header for CONNECT requests. We expect the codec to have broken the path into pieces if // applicable. NOTE: Currently the HTTP/1.1 codec only does this when the allow_absolute_url flag // is enabled on the HCM. if ((!HeaderUtility::isConnect(*request_headers_) || request_headers_->Path()) && request_headers_->getPathValue().empty()) { sendLocalReply(Grpc::Common::hasGrpcContentType(*request_headers_), Code::NotFound, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().MissingPath); return; } // Currently we only support relative paths at the application layer. if (!request_headers_->getPathValue().empty() && request_headers_->getPathValue()[0] != '/') { connection_manager_.stats_.named_.downstream_rq_non_relative_path_.inc(); sendLocalReply(Grpc::Common::hasGrpcContentType(*request_headers_), Code::NotFound, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().AbsolutePath); return; } // Path sanitization should happen before any path access other than the above sanity check. if (!ConnectionManagerUtility::maybeNormalizePath(*request_headers_, connection_manager_.config_)) { sendLocalReply(Grpc::Common::hasGrpcContentType(*request_headers_), Code::BadRequest, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().PathNormalizationFailed); return; } ConnectionManagerUtility::maybeNormalizeHost(*request_headers_, connection_manager_.config_, localPort()); if (!fixed_connection_close && protocol == Protocol::Http11 && absl::EqualsIgnoreCase(request_headers_->getConnectionValue(), Http::Headers::get().ConnectionValues.Close)) { state_.saw_connection_close_ = true; } // Note: Proxy-Connection is not a standard header, but is supported here // since it is supported by http-parser the underlying parser for http // requests. if (!fixed_connection_close && protocol < Protocol::Http2 && !state_.saw_connection_close_ && absl::EqualsIgnoreCase(request_headers_->getProxyConnectionValue(), Http::Headers::get().ConnectionValues.Close)) { state_.saw_connection_close_ = true; } if (!state_.is_internally_created_) { // Only sanitize headers on first pass. // Modify the downstream remote address depending on configuration and headers. filter_manager_.streamInfo().setDownstreamRemoteAddress( ConnectionManagerUtility::mutateRequestHeaders( *request_headers_, connection_manager_.read_callbacks_->connection(), connection_manager_.config_, *snapped_route_config_, connection_manager_.local_info_)); } ASSERT(filter_manager_.streamInfo().downstreamRemoteAddress() != nullptr); ASSERT(!cached_route_); refreshCachedRoute(); if (!state_.is_internally_created_) { // Only mutate tracing headers on first pass. ConnectionManagerUtility::mutateTracingRequestHeader( *request_headers_, connection_manager_.runtime_, connection_manager_.config_, cached_route_.value().get()); } filter_manager_.streamInfo().setRequestHeaders(*request_headers_); const bool upgrade_rejected = filter_manager_.createFilterChain() == false; // TODO if there are no filters when starting a filter iteration, the connection manager // should return 404. The current returns no response if there is no router filter. if (hasCachedRoute()) { // Do not allow upgrades if the route does not support it. if (upgrade_rejected) { // While downstream servers should not send upgrade payload without the upgrade being // accepted, err on the side of caution and refuse to process any further requests on this // connection, to avoid a class of HTTP/1.1 smuggling bugs where Upgrade or CONNECT payload // contains a smuggled HTTP request. state_.saw_connection_close_ = true; connection_manager_.stats_.named_.downstream_rq_ws_on_non_ws_route_.inc(); sendLocalReply(Grpc::Common::hasGrpcContentType(*request_headers_), Code::Forbidden, "", nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().UpgradeFailed); return; } // Allow non websocket requests to go through websocket enabled routes. } if (hasCachedRoute()) { const Router::RouteEntry* route_entry = cached_route_.value()->routeEntry(); if (route_entry != nullptr && route_entry->idleTimeout()) { // TODO(mattklein123): Technically if the cached route changes, we should also see if the // route idle timeout has changed and update the value. idle_timeout_ms_ = route_entry->idleTimeout().value(); response_encoder_->getStream().setFlushTimeout(idle_timeout_ms_); if (idle_timeout_ms_.count()) { // If we have a route-level idle timeout but no global stream idle timeout, create a timer. if (stream_idle_timer_ == nullptr) { stream_idle_timer_ = connection_manager_.read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onIdleTimeout(); }); } } else if (stream_idle_timer_ != nullptr) { // If we had a global stream idle timeout but the route-level idle timeout is set to zero // (to override), we disable the idle timer. stream_idle_timer_->disableTimer(); stream_idle_timer_ = nullptr; } } } // Check if tracing is enabled at all. if (connection_manager_.config_.tracingConfig()) { traceRequest(); } filter_manager_.decodeHeaders(*request_headers_, end_stream); // Reset it here for both global and overridden cases. resetIdleTimer(); } void ConnectionManagerImpl::ActiveStream::traceRequest() { Tracing::Decision tracing_decision = Tracing::HttpTracerUtility::isTracing(filter_manager_.streamInfo(), *request_headers_); ConnectionManagerImpl::chargeTracingStats(tracing_decision.reason, connection_manager_.config_.tracingStats()); active_span_ = connection_manager_.tracer().startSpan( *this, *request_headers_, filter_manager_.streamInfo(), tracing_decision); if (!active_span_) { return; } // TODO: Need to investigate the following code based on the cached route, as may // be broken in the case a filter changes the route. // If a decorator has been defined, apply it to the active span. if (hasCachedRoute() && cached_route_.value()->decorator()) { const Router::Decorator* decorator = cached_route_.value()->decorator(); decorator->apply(*active_span_); state_.decorated_propagate_ = decorator->propagate(); // Cache decorated operation. if (!decorator->getOperation().empty()) { decorated_operation_ = &decorator->getOperation(); } } if (connection_manager_.config_.tracingConfig()->operation_name_ == Tracing::OperationName::Egress) { // For egress (outbound) requests, pass the decorator's operation name (if defined and // propagation enabled) as a request header to enable the receiving service to use it in its // server span. if (decorated_operation_ && state_.decorated_propagate_) { request_headers_->setEnvoyDecoratorOperation(*decorated_operation_); } } else { const HeaderEntry* req_operation_override = request_headers_->EnvoyDecoratorOperation(); // For ingress (inbound) requests, if a decorator operation name has been provided, it // should be used to override the active span's operation. if (req_operation_override) { if (!req_operation_override->value().empty()) { active_span_->setOperation(req_operation_override->value().getStringView()); // Clear the decorated operation so won't be used in the response header, as // it has been overridden by the inbound decorator operation request header. decorated_operation_ = nullptr; } // Remove header so not propagated to service request_headers_->removeEnvoyDecoratorOperation(); } } } void ConnectionManagerImpl::ActiveStream::decodeData(Buffer::Instance& data, bool end_stream) { ScopeTrackerScopeState scope(this, connection_manager_.read_callbacks_->connection().dispatcher()); filter_manager_.maybeEndDecode(end_stream); filter_manager_.streamInfo().addBytesReceived(data.length()); filter_manager_.decodeData(data, end_stream); } void ConnectionManagerImpl::ActiveStream::decodeTrailers(RequestTrailerMapPtr&& trailers) { ScopeTrackerScopeState scope(this, connection_manager_.read_callbacks_->connection().dispatcher()); resetIdleTimer(); ASSERT(!request_trailers_); request_trailers_ = std::move(trailers); filter_manager_.maybeEndDecode(true); filter_manager_.decodeTrailers(*request_trailers_); } void ConnectionManagerImpl::ActiveStream::decodeMetadata(MetadataMapPtr&& metadata_map) { resetIdleTimer(); // After going through filters, the ownership of metadata_map will be passed to terminal filter. // The terminal filter may encode metadata_map to the next hop immediately or store metadata_map // and encode later when connection pool is ready. filter_manager_.decodeMetadata(*metadata_map); } void ConnectionManagerImpl::ActiveStream::disarmRequestTimeout() { if (request_timer_) { request_timer_->disableTimer(); } } void ConnectionManagerImpl::startDrainSequence() { ASSERT(drain_state_ == DrainState::NotDraining); drain_state_ = DrainState::Draining; codec_->shutdownNotice(); drain_timer_ = read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onDrainTimeout(); }); drain_timer_->enableTimer(config_.drainTimeout()); } void ConnectionManagerImpl::ActiveStream::snapScopedRouteConfig() { // NOTE: if a RDS subscription hasn't got a RouteConfiguration back, a Router::NullConfigImpl is // returned, in that case we let it pass. snapped_route_config_ = snapped_scoped_routes_config_->getRouteConfig(*request_headers_); if (snapped_route_config_ == nullptr) { ENVOY_STREAM_LOG(trace, "can't find SRDS scope.", *this); // TODO(stevenzzzz): Consider to pass an error message to router filter, so that it can // send back 404 with some more details. snapped_route_config_ = std::make_shared(); } } void ConnectionManagerImpl::ActiveStream::refreshCachedRoute() { refreshCachedRoute(nullptr); } void ConnectionManagerImpl::ActiveStream::refreshDurationTimeout() { if (!filter_manager_.streamInfo().route_entry_ || !request_headers_) { return; } auto& route = filter_manager_.streamInfo().route_entry_; auto grpc_timeout = Grpc::Common::getGrpcTimeout(*request_headers_); std::chrono::milliseconds timeout; bool disable_timer = false; if (!grpc_timeout || !route->grpcTimeoutHeaderMax()) { // Either there is no grpc-timeout header or special timeouts for it are not // configured. Use stream duration. if (route->maxStreamDuration()) { timeout = route->maxStreamDuration().value(); if (timeout == std::chrono::milliseconds(0)) { // Explicitly configured 0 means no timeout. disable_timer = true; } } else { // Fall back to HCM config. If no HCM duration limit exists, disable // timers set by any prior route configuration. const auto max_stream_duration = connection_manager_.config_.maxStreamDuration(); if (max_stream_duration.has_value() && max_stream_duration.value().count()) { timeout = max_stream_duration.value(); } else { disable_timer = true; } } } else { // Start with the timeout equal to the gRPC timeout header. timeout = grpc_timeout.value(); // If there's a valid cap, apply it. if (timeout > route->grpcTimeoutHeaderMax().value() && route->grpcTimeoutHeaderMax().value() != std::chrono::milliseconds(0)) { timeout = route->grpcTimeoutHeaderMax().value(); } // Apply the configured offset. if (timeout != std::chrono::milliseconds(0) && route->grpcTimeoutHeaderOffset()) { const auto offset = route->grpcTimeoutHeaderOffset().value(); if (offset < timeout) { timeout -= offset; } else { timeout = std::chrono::milliseconds(0); } } } // Disable any existing timer if configured to do so. if (disable_timer) { if (max_stream_duration_timer_) { max_stream_duration_timer_->disableTimer(); } return; } // See how long this stream has been alive, and adjust the timeout // accordingly. std::chrono::duration time_used = std::chrono::duration_cast( connection_manager_.timeSource().monotonicTime() - filter_manager_.streamInfo().startTimeMonotonic()); if (timeout > time_used) { timeout -= time_used; } else { timeout = std::chrono::milliseconds(0); } // Finally create (if necessary) and enable the timer. if (!max_stream_duration_timer_) { max_stream_duration_timer_ = connection_manager_.read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onStreamMaxDurationReached(); }); } max_stream_duration_timer_->enableTimer(timeout); } void ConnectionManagerImpl::ActiveStream::refreshCachedRoute(const Router::RouteCallback& cb) { Router::RouteConstSharedPtr route; if (request_headers_ != nullptr) { if (connection_manager_.config_.isRoutable() && connection_manager_.config_.scopedRouteConfigProvider() != nullptr) { // NOTE: re-select scope as well in case the scope key header has been changed by a filter. snapScopedRouteConfig(); } if (snapped_route_config_ != nullptr) { route = snapped_route_config_->route(cb, *request_headers_, filter_manager_.streamInfo(), stream_id_); } } filter_manager_.streamInfo().route_entry_ = route ? route->routeEntry() : nullptr; cached_route_ = std::move(route); if (nullptr == filter_manager_.streamInfo().route_entry_) { cached_cluster_info_ = nullptr; } else { Upstream::ThreadLocalCluster* local_cluster = connection_manager_.cluster_manager_.get( filter_manager_.streamInfo().route_entry_->clusterName()); cached_cluster_info_ = (nullptr == local_cluster) ? nullptr : local_cluster->info(); } filter_manager_.streamInfo().setUpstreamClusterInfo(cached_cluster_info_.value()); refreshCachedTracingCustomTags(); refreshDurationTimeout(); } void ConnectionManagerImpl::ActiveStream::refreshCachedTracingCustomTags() { if (!connection_manager_.config_.tracingConfig()) { return; } const Tracing::CustomTagMap& conn_manager_tags = connection_manager_.config_.tracingConfig()->custom_tags_; const Tracing::CustomTagMap* route_tags = nullptr; if (hasCachedRoute() && cached_route_.value()->tracingConfig()) { route_tags = &cached_route_.value()->tracingConfig()->getCustomTags(); } const bool configured_in_conn = !conn_manager_tags.empty(); const bool configured_in_route = route_tags && !route_tags->empty(); if (!configured_in_conn && !configured_in_route) { return; } Tracing::CustomTagMap& custom_tag_map = getOrMakeTracingCustomTagMap(); if (configured_in_route) { custom_tag_map.insert(route_tags->begin(), route_tags->end()); } if (configured_in_conn) { custom_tag_map.insert(conn_manager_tags.begin(), conn_manager_tags.end()); } } // TODO(chaoqin-li1123): Make on demand vhds and on demand srds works at the same time. void ConnectionManagerImpl::ActiveStream::requestRouteConfigUpdate( Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) { route_config_update_requester_->requestRouteConfigUpdate(route_config_updated_cb); } absl::optional ConnectionManagerImpl::ActiveStream::routeConfig() { if (connection_manager_.config_.routeConfigProvider() != nullptr) { return absl::optional( connection_manager_.config_.routeConfigProvider()->config()); } return {}; } void ConnectionManagerImpl::ActiveStream::onLocalReply(Code code) { // The BadRequest error code indicates there has been a messaging error. if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.hcm_stream_error_on_invalid_message") && code == Http::Code::BadRequest && connection_manager_.codec_->protocol() < Protocol::Http2 && !response_encoder_->streamErrorOnInvalidHttpMessage()) { state_.saw_connection_close_ = true; } } void ConnectionManagerImpl::ActiveStream::encode100ContinueHeaders( ResponseHeaderMap& response_headers) { // Strip the T-E headers etc. Defer other header additions as well as drain-close logic to the // continuation headers. ConnectionManagerUtility::mutateResponseHeaders(response_headers, request_headers_.get(), connection_manager_.config_, EMPTY_STRING); // Count both the 1xx and follow-up response code in stats. chargeStats(response_headers); ENVOY_STREAM_LOG(debug, "encoding 100 continue headers via codec:\n{}", *this, response_headers); // Now actually encode via the codec. response_encoder_->encode100ContinueHeaders(response_headers); } void ConnectionManagerImpl::ActiveStream::encodeHeaders(ResponseHeaderMap& headers, bool end_stream) { // Base headers. // By default, always preserve the upstream date response header if present. If we choose to // overwrite the upstream date unconditionally (a previous behavior), only do so if the response // is not from cache const bool should_preserve_upstream_date = Runtime::runtimeFeatureEnabled("envoy.reloadable_features.preserve_upstream_date") || filter_manager_.streamInfo().hasResponseFlag( StreamInfo::ResponseFlag::ResponseFromCacheFilter); if (!should_preserve_upstream_date || !headers.Date()) { connection_manager_.config_.dateProvider().setDateHeader(headers); } // Following setReference() is safe because serverName() is constant for the life of the // listener. const auto transformation = connection_manager_.config_.serverHeaderTransformation(); if (transformation == ConnectionManagerConfig::HttpConnectionManagerProto::OVERWRITE || (transformation == ConnectionManagerConfig::HttpConnectionManagerProto::APPEND_IF_ABSENT && headers.Server() == nullptr)) { headers.setReferenceServer(connection_manager_.config_.serverName()); } ConnectionManagerUtility::mutateResponseHeaders(headers, request_headers_.get(), connection_manager_.config_, connection_manager_.config_.via()); bool drain_connection_due_to_overload = false; if (connection_manager_.drain_state_ == DrainState::NotDraining && connection_manager_.random_generator_.bernoulli( connection_manager_.overload_disable_keepalive_ref_.value())) { ENVOY_STREAM_LOG(debug, "disabling keepalive due to envoy overload", *this); if (connection_manager_.codec_->protocol() < Protocol::Http2 || Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.overload_manager_disable_keepalive_drain_http2")) { drain_connection_due_to_overload = true; } connection_manager_.stats_.named_.downstream_cx_overload_disable_keepalive_.inc(); } // See if we want to drain/close the connection. Send the go away frame prior to encoding the // header block. if (connection_manager_.drain_state_ == DrainState::NotDraining && (connection_manager_.drain_close_.drainClose() || drain_connection_due_to_overload)) { // This doesn't really do anything for HTTP/1.1 other then give the connection another boost // of time to race with incoming requests. For HTTP/2 connections, send a GOAWAY frame to // prevent any new streams. connection_manager_.startDrainSequence(); connection_manager_.stats_.named_.downstream_cx_drain_close_.inc(); ENVOY_STREAM_LOG(debug, "drain closing connection", *this); } if (connection_manager_.codec_->protocol() == Protocol::Http10) { // As HTTP/1.0 and below can not do chunked encoding, if there is no content // length the response will be framed by connection close. if (!headers.ContentLength()) { state_.saw_connection_close_ = true; } // If the request came with a keep-alive and no other factor resulted in a // connection close header, send an explicit keep-alive header. if (!state_.saw_connection_close_) { headers.setConnection(Headers::get().ConnectionValues.KeepAlive); } } if (connection_manager_.drain_state_ == DrainState::NotDraining && state_.saw_connection_close_) { ENVOY_STREAM_LOG(debug, "closing connection due to connection close header", *this); connection_manager_.drain_state_ = DrainState::Closing; } // If we are destroying a stream before remote is complete and the connection does not support // multiplexing, we should disconnect since we don't want to wait around for the request to // finish. if (!filter_manager_.remoteComplete()) { if (connection_manager_.codec_->protocol() < Protocol::Http2) { connection_manager_.drain_state_ = DrainState::Closing; } connection_manager_.stats_.named_.downstream_rq_response_before_rq_complete_.inc(); } if (connection_manager_.drain_state_ != DrainState::NotDraining && connection_manager_.codec_->protocol() < Protocol::Http2) { // If the connection manager is draining send "Connection: Close" on HTTP/1.1 connections. // Do not do this for H2 (which drains via GOAWAY) or Upgrade or CONNECT (as the // payload is no longer HTTP/1.1) if (!Utility::isUpgrade(headers) && !HeaderUtility::isConnectResponse(request_headers_.get(), *responseHeaders())) { headers.setReferenceConnection(Headers::get().ConnectionValues.Close); } } if (connection_manager_.config_.tracingConfig()) { if (connection_manager_.config_.tracingConfig()->operation_name_ == Tracing::OperationName::Ingress) { // For ingress (inbound) responses, if the request headers do not include a // decorator operation (override), and the decorated operation should be // propagated, then pass the decorator's operation name (if defined) // as a response header to enable the client service to use it in its client span. if (decorated_operation_ && state_.decorated_propagate_) { headers.setEnvoyDecoratorOperation(*decorated_operation_); } } else if (connection_manager_.config_.tracingConfig()->operation_name_ == Tracing::OperationName::Egress) { const HeaderEntry* resp_operation_override = headers.EnvoyDecoratorOperation(); // For Egress (outbound) response, if a decorator operation name has been provided, it // should be used to override the active span's operation. if (resp_operation_override) { if (!resp_operation_override->value().empty() && active_span_) { active_span_->setOperation(resp_operation_override->value().getStringView()); } // Remove header so not propagated to service. headers.removeEnvoyDecoratorOperation(); } } } chargeStats(headers); ENVOY_STREAM_LOG(debug, "encoding headers via codec (end_stream={}):\n{}", *this, end_stream, headers); // Now actually encode via the codec. filter_manager_.streamInfo().onFirstDownstreamTxByteSent(); response_encoder_->encodeHeaders(headers, end_stream); } void ConnectionManagerImpl::ActiveStream::encodeData(Buffer::Instance& data, bool end_stream) { ENVOY_STREAM_LOG(trace, "encoding data via codec (size={} end_stream={})", *this, data.length(), end_stream); filter_manager_.streamInfo().addBytesSent(data.length()); response_encoder_->encodeData(data, end_stream); } void ConnectionManagerImpl::ActiveStream::encodeTrailers(ResponseTrailerMap& trailers) { ENVOY_STREAM_LOG(debug, "encoding trailers via codec:\n{}", *this, trailers); response_encoder_->encodeTrailers(trailers); } void ConnectionManagerImpl::ActiveStream::encodeMetadata(MetadataMapVector& metadata) { ENVOY_STREAM_LOG(debug, "encoding metadata via codec:\n{}", *this, metadata); response_encoder_->encodeMetadata(metadata); } void ConnectionManagerImpl::ActiveStream::onDecoderFilterBelowWriteBufferLowWatermark() { ENVOY_STREAM_LOG(debug, "Read-enabling downstream stream due to filter callbacks.", *this); // If the state is destroyed, the codec's stream is already torn down. On // teardown the codec will unwind any remaining read disable calls. if (!filter_manager_.destroyed()) { response_encoder_->getStream().readDisable(false); } connection_manager_.stats_.named_.downstream_flow_control_resumed_reading_total_.inc(); } void ConnectionManagerImpl::ActiveStream::onDecoderFilterAboveWriteBufferHighWatermark() { ENVOY_STREAM_LOG(debug, "Read-disabling downstream stream due to filter callbacks.", *this); response_encoder_->getStream().readDisable(true); connection_manager_.stats_.named_.downstream_flow_control_paused_reading_total_.inc(); } void ConnectionManagerImpl::ActiveStream::onResetStream(StreamResetReason reset_reason, absl::string_view) { // NOTE: This function gets called in all of the following cases: // 1) We TX an app level reset // 2) The codec TX a codec level reset // 3) The codec RX a reset // If we need to differentiate we need to do it inside the codec. Can start with this. ENVOY_STREAM_LOG(debug, "stream reset", *this); connection_manager_.stats_.named_.downstream_rq_rx_reset_.inc(); // If the codec sets its responseDetails() for a reason other than peer reset, set a // DownstreamProtocolError. Either way, propagate details. const absl::string_view encoder_details = response_encoder_->getStream().responseDetails(); if (!encoder_details.empty() && reset_reason == StreamResetReason::LocalReset) { filter_manager_.streamInfo().setResponseFlag(StreamInfo::ResponseFlag::DownstreamProtocolError); } if (!encoder_details.empty()) { filter_manager_.streamInfo().setResponseCodeDetails(encoder_details); } connection_manager_.doDeferredStreamDestroy(*this); } void ConnectionManagerImpl::ActiveStream::onAboveWriteBufferHighWatermark() { ENVOY_STREAM_LOG(debug, "Disabling upstream stream due to downstream stream watermark.", *this); filter_manager_.callHighWatermarkCallbacks(); } void ConnectionManagerImpl::ActiveStream::onBelowWriteBufferLowWatermark() { ENVOY_STREAM_LOG(debug, "Enabling upstream stream due to downstream stream watermark.", *this); filter_manager_.callLowWatermarkCallbacks(); } Tracing::OperationName ConnectionManagerImpl::ActiveStream::operationName() const { return connection_manager_.config_.tracingConfig()->operation_name_; } const Tracing::CustomTagMap* ConnectionManagerImpl::ActiveStream::customTags() const { return tracing_custom_tags_.get(); } bool ConnectionManagerImpl::ActiveStream::verbose() const { return connection_manager_.config_.tracingConfig()->verbose_; } uint32_t ConnectionManagerImpl::ActiveStream::maxPathTagLength() const { return connection_manager_.config_.tracingConfig()->max_path_tag_length_; } const Router::RouteEntry::UpgradeMap* ConnectionManagerImpl::ActiveStream::upgradeMap() { // We must check if the 'cached_route_' optional is populated since this function can be called // early via sendLocalReply(), before the cached route is populated. if (hasCachedRoute() && cached_route_.value()->routeEntry()) { return &cached_route_.value()->routeEntry()->upgradeMap(); } return nullptr; } Tracing::Span& ConnectionManagerImpl::ActiveStream::activeSpan() { if (active_span_) { return *active_span_; } else { return Tracing::NullSpan::instance(); } } Tracing::Config& ConnectionManagerImpl::ActiveStream::tracingConfig() { return *this; } const ScopeTrackedObject& ConnectionManagerImpl::ActiveStream::scope() { return *this; } Upstream::ClusterInfoConstSharedPtr ConnectionManagerImpl::ActiveStream::clusterInfo() { // NOTE: Refreshing route caches clusterInfo as well. if (!cached_route_.has_value()) { refreshCachedRoute(); } return cached_cluster_info_.value(); } Router::RouteConstSharedPtr ConnectionManagerImpl::ActiveStream::route(const Router::RouteCallback& cb) { if (cached_route_.has_value()) { return cached_route_.value(); } refreshCachedRoute(cb); return cached_route_.value(); } void ConnectionManagerImpl::ActiveStream::clearRouteCache() { cached_route_ = absl::optional(); cached_cluster_info_ = absl::optional(); if (tracing_custom_tags_) { tracing_custom_tags_->clear(); } } void ConnectionManagerImpl::ActiveStream::onRequestDataTooLarge() { connection_manager_.stats_.named_.downstream_rq_too_large_.inc(); } void ConnectionManagerImpl::ActiveStream::recreateStream( StreamInfo::FilterStateSharedPtr filter_state) { // n.b. we do not currently change the codecs to point at the new stream // decoder because the decoder callbacks are complete. It would be good to // null out that pointer but should not be necessary. ResponseEncoder* response_encoder = response_encoder_; response_encoder_ = nullptr; response_encoder->getStream().removeCallbacks(*this); // This functionally deletes the stream (via deferred delete) so do not // reference anything beyond this point. connection_manager_.doEndStream(*this); RequestDecoder& new_stream = connection_manager_.newStream(*response_encoder, true); // We don't need to copy over the old parent FilterState from the old StreamInfo if it did not // store any objects with a LifeSpan at or above DownstreamRequest. This is to avoid unnecessary // heap allocation. // TODO(snowp): In the case where connection level filter state has been set on the connection // FilterState that we inherit, we'll end up copying this every time even though we could get // away with just resetting it to the HCM filter_state_. if (filter_state->hasDataAtOrAboveLifeSpan(StreamInfo::FilterState::LifeSpan::Request)) { (*connection_manager_.streams_.begin())->filter_manager_.streamInfo().filter_state_ = std::make_shared( filter_state->parent(), StreamInfo::FilterState::LifeSpan::FilterChain); } new_stream.decodeHeaders(std::move(request_headers_), true); } Http1StreamEncoderOptionsOptRef ConnectionManagerImpl::ActiveStream::http1StreamEncoderOptions() { return response_encoder_->http1StreamEncoderOptions(); } void ConnectionManagerImpl::ActiveStream::onResponseDataTooLarge() { connection_manager_.stats_.named_.rs_too_large_.inc(); } void ConnectionManagerImpl::ActiveStream::resetStream() { connection_manager_.stats_.named_.downstream_rq_tx_reset_.inc(); connection_manager_.doEndStream(*this); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_manager_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/random_generator.h" #include "envoy/common/scope_tracker.h" #include "envoy/common/time.h" #include "envoy/event/deferred_deletable.h" #include "envoy/http/api_listener.h" #include "envoy/http/codec.h" #include "envoy/http/codes.h" #include "envoy/http/context.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "envoy/network/drain_decision.h" #include "envoy/network/filter.h" #include "envoy/router/rds.h" #include "envoy/router/scopes.h" #include "envoy/runtime/runtime.h" #include "envoy/server/overload_manager.h" #include "envoy/ssl/connection.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stream_info/filter_state.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/upstream.h" #include "common/buffer/watermark_buffer.h" #include "common/common/dump_state_utils.h" #include "common/common/linked_object.h" #include "common/grpc/common.h" #include "common/http/conn_manager_config.h" #include "common/http/filter_manager.h" #include "common/http/user_agent.h" #include "common/http/utility.h" #include "common/local_reply/local_reply.h" #include "common/router/scoped_rds.h" #include "common/stream_info/stream_info_impl.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { /** * Implementation of both ConnectionManager and ServerConnectionCallbacks. This is a * Network::Filter that can be installed on a connection that will perform HTTP protocol agnostic * handling of a connection and all requests/pushes that occur on a connection. */ class ConnectionManagerImpl : Logger::Loggable, public Network::ReadFilter, public ServerConnectionCallbacks, public Network::ConnectionCallbacks, public Http::ApiListener { public: ConnectionManagerImpl(ConnectionManagerConfig& config, const Network::DrainDecision& drain_close, Random::RandomGenerator& random_generator, Http::Context& http_context, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, Upstream::ClusterManager& cluster_manager, Server::OverloadManager& overload_manager, TimeSource& time_system); ~ConnectionManagerImpl() override; static ConnectionManagerStats generateStats(const std::string& prefix, Stats::Scope& scope); static ConnectionManagerTracingStats generateTracingStats(const std::string& prefix, Stats::Scope& scope); static void chargeTracingStats(const Tracing::Reason& tracing_reason, ConnectionManagerTracingStats& tracing_stats); static ConnectionManagerListenerStats generateListenerStats(const std::string& prefix, Stats::Scope& scope); static const ResponseHeaderMap& continueHeader(); // Currently the ConnectionManager creates a codec lazily when either: // a) onConnection for H3. // b) onData for H1 and H2. // With the introduction of ApiListeners, neither event occurs. This function allows consumer code // to manually create a codec. // TODO(junr03): consider passing a synthetic codec instead of creating once. The codec in the // ApiListener case is solely used to determine the protocol version. void createCodec(Buffer::Instance& data); // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Http::ConnectionCallbacks void onGoAway(GoAwayErrorCode error_code) override; // Http::ServerConnectionCallbacks RequestDecoder& newStream(ResponseEncoder& response_encoder, bool is_internally_created = false) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; // Pass connection watermark events on to all the streams associated with that connection. void onAboveWriteBufferHighWatermark() override { codec_->onUnderlyingConnectionAboveWriteBufferHighWatermark(); } void onBelowWriteBufferLowWatermark() override { codec_->onUnderlyingConnectionBelowWriteBufferLowWatermark(); } TimeSource& timeSource() { return time_source_; } private: struct ActiveStream; class RdsRouteConfigUpdateRequester { public: RdsRouteConfigUpdateRequester(Router::RouteConfigProvider* route_config_provider, ActiveStream& parent) : route_config_provider_(route_config_provider), parent_(parent) {} RdsRouteConfigUpdateRequester(Config::ConfigProvider* scoped_route_config_provider, ActiveStream& parent) // Expect the dynamic cast to succeed because only ScopedRdsConfigProvider is fully // implemented. Inline provider will be cast to nullptr here but it is not full implemented // and can't not be used at this point. Should change this implementation if we have a // functional inline scope route provider in the future. : scoped_route_config_provider_( dynamic_cast(scoped_route_config_provider)), parent_(parent) {} void requestRouteConfigUpdate(Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb); void requestVhdsUpdate(const std::string& host_header, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb); void requestSrdsUpdate(Router::ScopeKeyPtr scope_key, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb); private: Router::RouteConfigProvider* route_config_provider_; Router::ScopedRdsConfigProvider* scoped_route_config_provider_; ActiveStream& parent_; }; /** * Wraps a single active stream on the connection. These are either full request/response pairs * or pushes. */ struct ActiveStream : LinkedObject, public Event::DeferredDeletable, public StreamCallbacks, public RequestDecoder, public Tracing::Config, public ScopeTrackedObject, public FilterManagerCallbacks { ActiveStream(ConnectionManagerImpl& connection_manager, uint32_t buffer_limit); void completeRequest(); void chargeStats(const ResponseHeaderMap& headers); const Network::Connection* connection(); void sendLocalReply(bool is_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, const absl::optional grpc_status, absl::string_view details) override { return filter_manager_.sendLocalReply(is_grpc_request, code, body, modify_headers, grpc_status, details); } uint64_t streamId() { return stream_id_; } // This is a helper function for encodeHeaders and responseDataTooLarge which allows for // shared code for the two headers encoding paths. It does header munging, updates timing // stats, and sends the headers to the encoder. void encodeHeadersInternal(ResponseHeaderMap& headers, bool end_stream); // This is a helper function for encodeData and responseDataTooLarge which allows for shared // code for the two data encoding paths. It does stats updates and tracks potential end of // stream. void encodeDataInternal(Buffer::Instance& data, bool end_stream); // Http::StreamCallbacks void onResetStream(StreamResetReason reason, absl::string_view transport_failure_reason) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; // Http::StreamDecoder void decodeData(Buffer::Instance& data, bool end_stream) override; void decodeMetadata(MetadataMapPtr&&) override; // Http::RequestDecoder void decodeHeaders(RequestHeaderMapPtr&& headers, bool end_stream) override; void decodeTrailers(RequestTrailerMapPtr&& trailers) override; // Tracing::TracingConfig Tracing::OperationName operationName() const override; const Tracing::CustomTagMap* customTags() const override; bool verbose() const override; uint32_t maxPathTagLength() const override; // ScopeTrackedObject void dumpState(std::ostream& os, int indent_level = 0) const override { const char* spaces = spacesForLevel(indent_level); os << spaces << "ActiveStream " << this << DUMP_MEMBER(stream_id_); DUMP_DETAILS(&filter_manager_); } // FilterManagerCallbacks void encodeHeaders(ResponseHeaderMap& response_headers, bool end_stream) override; void encode100ContinueHeaders(ResponseHeaderMap& response_headers) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeTrailers(ResponseTrailerMap& trailers) override; void encodeMetadata(MetadataMapVector& metadata) override; void setRequestTrailers(Http::RequestTrailerMapPtr&& request_trailers) override { ASSERT(!request_trailers_); request_trailers_ = std::move(request_trailers); } void setContinueHeaders(Http::ResponseHeaderMapPtr&& continue_headers) override { ASSERT(!continue_headers_); continue_headers_ = std::move(continue_headers); } void setResponseHeaders(Http::ResponseHeaderMapPtr&& response_headers) override { // We'll overwrite the headers in the case where we fail the stream after upstream headers // have begun filter processing but before they have been sent downstream. response_headers_ = std::move(response_headers); } void setResponseTrailers(Http::ResponseTrailerMapPtr&& response_trailers) override { response_trailers_ = std::move(response_trailers); } // TODO(snowp): Create shared OptRef/OptConstRef helpers Http::RequestHeaderMapOptRef requestHeaders() override { return request_headers_ ? absl::make_optional(std::ref(*request_headers_)) : absl::nullopt; } Http::RequestTrailerMapOptRef requestTrailers() override { return request_trailers_ ? absl::make_optional(std::ref(*request_trailers_)) : absl::nullopt; } Http::ResponseHeaderMapOptRef continueHeaders() override { return continue_headers_ ? absl::make_optional(std::ref(*continue_headers_)) : absl::nullopt; } Http::ResponseHeaderMapOptRef responseHeaders() override { return response_headers_ ? absl::make_optional(std::ref(*response_headers_)) : absl::nullopt; } Http::ResponseTrailerMapOptRef responseTrailers() override { return response_trailers_ ? absl::make_optional(std::ref(*response_trailers_)) : absl::nullopt; } void endStream() override { ASSERT(!state_.codec_saw_local_complete_); state_.codec_saw_local_complete_ = true; filter_manager_.streamInfo().onLastDownstreamTxByteSent(); request_response_timespan_->complete(); connection_manager_.doEndStream(*this); } void onDecoderFilterBelowWriteBufferLowWatermark() override; void onDecoderFilterAboveWriteBufferHighWatermark() override; void upgradeFilterChainCreated() override { connection_manager_.stats_.named_.downstream_cx_upgrades_total_.inc(); connection_manager_.stats_.named_.downstream_cx_upgrades_active_.inc(); state_.successful_upgrade_ = true; } void disarmRequestTimeout() override; void resetIdleTimer() override; void recreateStream(StreamInfo::FilterStateSharedPtr filter_state) override; void resetStream() override; const Router::RouteEntry::UpgradeMap* upgradeMap() override; Upstream::ClusterInfoConstSharedPtr clusterInfo() override; Router::RouteConstSharedPtr route(const Router::RouteCallback& cb) override; void clearRouteCache() override; absl::optional routeConfig() override; Tracing::Span& activeSpan() override; void onResponseDataTooLarge() override; void onRequestDataTooLarge() override; Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override; void onLocalReply(Code code) override; Tracing::Config& tracingConfig() override; const ScopeTrackedObject& scope() override; void traceRequest(); // Updates the snapped_route_config_ (by reselecting scoped route configuration), if a scope is // not found, snapped_route_config_ is set to Router::NullConfigImpl. void snapScopedRouteConfig(); void refreshCachedRoute(); void refreshCachedRoute(const Router::RouteCallback& cb); void requestRouteConfigUpdate( Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) override; void refreshCachedTracingCustomTags(); void refreshDurationTimeout(); // All state for the stream. Put here for readability. struct State { State() : codec_saw_local_complete_(false), saw_connection_close_(false), successful_upgrade_(false), is_internally_created_(false), decorated_propagate_(true) {} bool codec_saw_local_complete_ : 1; // This indicates that local is complete as written all // the way through to the codec. bool saw_connection_close_ : 1; bool successful_upgrade_ : 1; // True if this stream is internally created. Currently only used for // internal redirects or other streams created via recreateStream(). bool is_internally_created_ : 1; bool decorated_propagate_ : 1; }; // Per-stream idle timeout callback. void onIdleTimeout(); // Per-stream request timeout callback. void onRequestTimeout(); // Per-stream alive duration reached. void onStreamMaxDurationReached(); bool hasCachedRoute() { return cached_route_.has_value() && cached_route_.value(); } // Return local port of the connection. uint32_t localPort(); friend std::ostream& operator<<(std::ostream& os, const ActiveStream& s) { s.dumpState(os); return os; } Tracing::CustomTagMap& getOrMakeTracingCustomTagMap() { if (tracing_custom_tags_ == nullptr) { tracing_custom_tags_ = std::make_unique(); } return *tracing_custom_tags_; } ConnectionManagerImpl& connection_manager_; // TODO(snowp): It might make sense to move this to the FilterManager to avoid storing it in // both locations, then refer to the FM when doing stream logs. const uint64_t stream_id_; RequestHeaderMapPtr request_headers_; RequestTrailerMapPtr request_trailers_; ResponseHeaderMapPtr continue_headers_; ResponseHeaderMapPtr response_headers_; ResponseTrailerMapPtr response_trailers_; // Note: The FM must outlive the above headers, as they are possibly accessed during filter // destruction. FilterManager filter_manager_; Router::ConfigConstSharedPtr snapped_route_config_; Router::ScopedConfigConstSharedPtr snapped_scoped_routes_config_; Tracing::SpanPtr active_span_; ResponseEncoder* response_encoder_{}; Stats::TimespanPtr request_response_timespan_; // Per-stream idle timeout. Event::TimerPtr stream_idle_timer_; // Per-stream request timeout. Event::TimerPtr request_timer_; // Per-stream alive duration. Event::TimerPtr max_stream_duration_timer_; std::chrono::milliseconds idle_timeout_ms_{}; State state_; absl::optional cached_route_; absl::optional cached_cluster_info_; const std::string* decorated_operation_{nullptr}; std::unique_ptr route_config_update_requester_; std::unique_ptr tracing_custom_tags_{nullptr}; friend FilterManager; }; using ActiveStreamPtr = std::unique_ptr; /** * Check to see if the connection can be closed after gracefully waiting to send pending codec * data. */ void checkForDeferredClose(); /** * Do a delayed destruction of a stream to allow for stack unwind. Also calls onDestroy() for * each filter. */ void doDeferredStreamDestroy(ActiveStream& stream); /** * Process a stream that is ending due to upstream response or reset. */ void doEndStream(ActiveStream& stream); void resetAllStreams(absl::optional response_flag, absl::string_view details); void onIdleTimeout(); void onConnectionDurationTimeout(); void onDrainTimeout(); void startDrainSequence(); Tracing::HttpTracer& tracer() { return *config_.tracer(); } void handleCodecError(absl::string_view error); void doConnectionClose(absl::optional close_type, absl::optional response_flag, absl::string_view details); enum class DrainState { NotDraining, Draining, Closing }; ConnectionManagerConfig& config_; ConnectionManagerStats& stats_; // We store a reference here to avoid an extra stats() call on // the config in the hot path. ServerConnectionPtr codec_; std::list streams_; Stats::TimespanPtr conn_length_; const Network::DrainDecision& drain_close_; DrainState drain_state_{DrainState::NotDraining}; UserAgent user_agent_; // An idle timer for the connection. This is only armed when there are no streams on the // connection. When there are active streams it is disarmed in favor of each stream's // stream_idle_timer_. Event::TimerPtr connection_idle_timer_; // A connection duration timer. Armed during handling new connection if enabled in config. Event::TimerPtr connection_duration_timer_; Event::TimerPtr drain_timer_; Random::RandomGenerator& random_generator_; Http::Context& http_context_; Runtime::Loader& runtime_; const LocalInfo::LocalInfo& local_info_; Upstream::ClusterManager& cluster_manager_; Network::ReadFilterCallbacks* read_callbacks_{}; ConnectionManagerListenerStats& listener_stats_; // References into the overload manager thread local state map. Using these lets us avoid a // map lookup in the hot path of processing each request. const Server::OverloadActionState& overload_stop_accepting_requests_ref_; const Server::OverloadActionState& overload_disable_keepalive_ref_; TimeSource& time_source_; bool remote_close_{}; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_manager_utility.cc ================================================ #include "common/http/conn_manager_utility.h" #include #include #include #include "envoy/type/v3/percent.pb.h" #include "common/common/empty_string.h" #include "common/common/utility.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http1/codec_impl.h" #include "common/http/http1/codec_impl_legacy.h" #include "common/http/http2/codec_impl.h" #include "common/http/http2/codec_impl_legacy.h" #include "common/http/path_utility.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "common/runtime/runtime_features.h" #include "common/tracing/http_tracer_impl.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Http { std::string ConnectionManagerUtility::determineNextProtocol(Network::Connection& connection, const Buffer::Instance& data) { if (!connection.nextProtocol().empty()) { return connection.nextProtocol(); } // See if the data we have so far shows the HTTP/2 prefix. We ignore the case where someone sends // us the first few bytes of the HTTP/2 prefix since in all public cases we use SSL/ALPN. For // internal cases this should practically never happen. if (data.startsWith(Http2::CLIENT_MAGIC_PREFIX)) { return Utility::AlpnNames::get().Http2; } return ""; } ServerConnectionPtr ConnectionManagerUtility::autoCreateCodec( Network::Connection& connection, const Buffer::Instance& data, ServerConnectionCallbacks& callbacks, Stats::Scope& scope, Random::RandomGenerator& random, Http1::CodecStats::AtomicPtr& http1_codec_stats, Http2::CodecStats::AtomicPtr& http2_codec_stats, const Http1Settings& http1_settings, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, uint32_t max_request_headers_kb, uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) { if (determineNextProtocol(connection, data) == Utility::AlpnNames::get().Http2) { Http2::CodecStats& stats = Http2::CodecStats::atomicGet(http2_codec_stats, scope); if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.new_codec_behavior")) { return std::make_unique( connection, callbacks, stats, random, http2_options, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); } else { return std::make_unique( connection, callbacks, stats, random, http2_options, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); } } else { Http1::CodecStats& stats = Http1::CodecStats::atomicGet(http1_codec_stats, scope); if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.new_codec_behavior")) { return std::make_unique( connection, stats, callbacks, http1_settings, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); } else { return std::make_unique( connection, stats, callbacks, http1_settings, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); } } } Network::Address::InstanceConstSharedPtr ConnectionManagerUtility::mutateRequestHeaders( RequestHeaderMap& request_headers, Network::Connection& connection, ConnectionManagerConfig& config, const Router::Config& route_config, const LocalInfo::LocalInfo& local_info) { // If this is a Upgrade request, do not remove the Connection and Upgrade headers, // as we forward them verbatim to the upstream hosts. if (Utility::isUpgrade(request_headers)) { // The current WebSocket implementation re-uses the HTTP1 codec to send upgrade headers to // the upstream host. This adds the "transfer-encoding: chunked" request header if the stream // has not ended and content-length does not exist. In HTTP1.1, if transfer-encoding and // content-length both do not exist this means there is no request body. After transfer-encoding // is stripped here, the upstream request becomes invalid. We can fix it by explicitly adding a // "content-length: 0" request header here. const bool no_body = (!request_headers.TransferEncoding() && !request_headers.ContentLength()); if (no_body) { request_headers.setContentLength(uint64_t(0)); } } else { request_headers.removeConnection(); request_headers.removeUpgrade(); } // Clean proxy headers. request_headers.removeEnvoyInternalRequest(); request_headers.removeKeepAlive(); request_headers.removeProxyConnection(); request_headers.removeTransferEncoding(); // If we are "using remote address" this means that we create/append to XFF with our immediate // peer. Cases where we don't "use remote address" include trusted double proxy where we expect // our peer to have already properly set XFF, etc. Network::Address::InstanceConstSharedPtr final_remote_address; bool single_xff_address; const uint32_t xff_num_trusted_hops = config.xffNumTrustedHops(); if (config.useRemoteAddress()) { single_xff_address = request_headers.ForwardedFor() == nullptr; // If there are any trusted proxies in front of this Envoy instance (as indicated by // the xff_num_trusted_hops configuration option), get the trusted client address // from the XFF before we append to XFF. if (xff_num_trusted_hops > 0) { final_remote_address = Utility::getLastAddressFromXFF(request_headers, xff_num_trusted_hops - 1).address_; } // If there aren't any trusted proxies in front of this Envoy instance, or there // are but they didn't populate XFF properly, the trusted client address is the // source address of the immediate downstream's connection to us. if (final_remote_address == nullptr) { final_remote_address = connection.remoteAddress(); } if (!config.skipXffAppend()) { if (Network::Utility::isLoopbackAddress(*connection.remoteAddress())) { Utility::appendXff(request_headers, config.localAddress()); } else { Utility::appendXff(request_headers, *connection.remoteAddress()); } } // If the prior hop is not a trusted proxy, overwrite any x-forwarded-proto value it set as // untrusted. Alternately if no x-forwarded-proto header exists, add one. if (xff_num_trusted_hops == 0 || request_headers.ForwardedProto() == nullptr) { request_headers.setReferenceForwardedProto( connection.ssl() ? Headers::get().SchemeValues.Https : Headers::get().SchemeValues.Http); } } else { // If we are not using remote address, attempt to pull a valid IPv4 or IPv6 address out of XFF. // If we find one, it will be used as the downstream address for logging. It may or may not be // used for determining internal/external status (see below). auto ret = Utility::getLastAddressFromXFF(request_headers, xff_num_trusted_hops); final_remote_address = ret.address_; single_xff_address = ret.single_address_; } // If the x-forwarded-proto header is not set, set it here, since Envoy uses it for determining // scheme and communicating it upstream. if (!request_headers.ForwardedProto()) { request_headers.setReferenceForwardedProto(connection.ssl() ? Headers::get().SchemeValues.Https : Headers::get().SchemeValues.Http); } // At this point we can determine whether this is an internal or external request. The // determination of internal status uses the following: // 1) After remote address/XFF appending, the XFF header must contain a *single* address. // 2) The single address must be an internal address. // 3) If configured to not use remote address, but no XFF header is available, even if the real // remote is internal, the request is considered external. // HUGE WARNING: The way we do this is not optimal but is how it worked "from the beginning" so // we can't change it at this point. In the future we will likely need to add // additional inference modes and make this mode legacy. const bool internal_request = single_xff_address && final_remote_address != nullptr && config.internalAddressConfig().isInternalAddress(*final_remote_address); // After determining internal request status, if there is no final remote address, due to no XFF, // busted XFF, etc., use the direct connection remote address for logging. if (final_remote_address == nullptr) { final_remote_address = connection.remoteAddress(); } // Edge request is the request from external clients to front Envoy. // Request from front Envoy to the internal service will be treated as not edge request. const bool edge_request = !internal_request && config.useRemoteAddress(); // If internal request, set header and do other internal only modifications. if (internal_request) { request_headers.setReferenceEnvoyInternalRequest( Headers::get().EnvoyInternalRequestValues.True); } else { if (edge_request) { request_headers.removeEnvoyDecoratorOperation(); request_headers.removeEnvoyDownstreamServiceCluster(); request_headers.removeEnvoyDownstreamServiceNode(); } request_headers.removeEnvoyRetriableStatusCodes(); request_headers.removeEnvoyRetriableHeaderNames(); request_headers.removeEnvoyRetryOn(); request_headers.removeEnvoyRetryGrpcOn(); request_headers.removeEnvoyMaxRetries(); request_headers.removeEnvoyUpstreamAltStatName(); request_headers.removeEnvoyUpstreamRequestTimeoutMs(); request_headers.removeEnvoyUpstreamRequestPerTryTimeoutMs(); request_headers.removeEnvoyUpstreamRequestTimeoutAltResponse(); request_headers.removeEnvoyExpectedRequestTimeoutMs(); request_headers.removeEnvoyForceTrace(); request_headers.removeEnvoyIpTags(); request_headers.removeEnvoyOriginalUrl(); request_headers.removeEnvoyHedgeOnPerTryTimeout(); for (const LowerCaseString& header : route_config.internalOnlyHeaders()) { request_headers.remove(header); } } if (config.userAgent()) { request_headers.setEnvoyDownstreamServiceCluster(config.userAgent().value()); const HeaderEntry* user_agent_header = request_headers.UserAgent(); if (!user_agent_header || user_agent_header->value().empty()) { // Following setReference() is safe because user agent is constant for the life of the // listener. request_headers.setReferenceUserAgent(config.userAgent().value()); } // TODO(htuch): should this be under the config.userAgent() condition or in the outer scope? if (!local_info.nodeName().empty()) { // Following setReference() is safe because local info is constant for the life of the server. request_headers.setReferenceEnvoyDownstreamServiceNode(local_info.nodeName()); } } if (!config.via().empty()) { Utility::appendVia(request_headers, config.via()); } // If we are an external request, AND we are "using remote address" (see above), we set // x-envoy-external-address since this is our first ingress point into the trusted network. if (edge_request && final_remote_address->type() == Network::Address::Type::Ip) { request_headers.setEnvoyExternalAddress(final_remote_address->ip()->addressAsString()); } // Generate x-request-id for all edge requests, or if there is none. if (config.generateRequestId()) { auto rid_extension = config.requestIDExtension(); // Unconditionally set a request ID if we are allowed to override it from // the edge. Otherwise just ensure it is set. const bool force_set = !config.preserveExternalRequestId() && edge_request; rid_extension->set(request_headers, force_set); } mutateXfccRequestHeader(request_headers, connection, config); return final_remote_address; } void ConnectionManagerUtility::mutateTracingRequestHeader(RequestHeaderMap& request_headers, Runtime::Loader& runtime, ConnectionManagerConfig& config, const Router::Route* route) { if (!config.tracingConfig()) { return; } auto rid_extension = config.requestIDExtension(); uint64_t result; // Skip if request-id is corrupted, or non-existent if (!rid_extension->modBy(request_headers, result, 10000)) { return; } const envoy::type::v3::FractionalPercent* client_sampling = &config.tracingConfig()->client_sampling_; const envoy::type::v3::FractionalPercent* random_sampling = &config.tracingConfig()->random_sampling_; const envoy::type::v3::FractionalPercent* overall_sampling = &config.tracingConfig()->overall_sampling_; if (route && route->tracingConfig()) { client_sampling = &route->tracingConfig()->getClientSampling(); random_sampling = &route->tracingConfig()->getRandomSampling(); overall_sampling = &route->tracingConfig()->getOverallSampling(); } // Do not apply tracing transformations if we are currently tracing. if (TraceStatus::NoTrace == rid_extension->getTraceStatus(request_headers)) { if (request_headers.ClientTraceId() && runtime.snapshot().featureEnabled("tracing.client_enabled", *client_sampling)) { rid_extension->setTraceStatus(request_headers, TraceStatus::Client); } else if (request_headers.EnvoyForceTrace()) { rid_extension->setTraceStatus(request_headers, TraceStatus::Forced); } else if (runtime.snapshot().featureEnabled("tracing.random_sampling", *random_sampling, result)) { rid_extension->setTraceStatus(request_headers, TraceStatus::Sampled); } } if (!runtime.snapshot().featureEnabled("tracing.global_enabled", *overall_sampling, result)) { rid_extension->setTraceStatus(request_headers, TraceStatus::NoTrace); } } void ConnectionManagerUtility::mutateXfccRequestHeader(RequestHeaderMap& request_headers, Network::Connection& connection, ConnectionManagerConfig& config) { // When AlwaysForwardOnly is set, always forward the XFCC header without modification. if (config.forwardClientCert() == ForwardClientCertType::AlwaysForwardOnly) { return; } // When Sanitize is set, or the connection is not mutual TLS, remove the XFCC header. if (config.forwardClientCert() == ForwardClientCertType::Sanitize || !(connection.ssl() && connection.ssl()->peerCertificatePresented())) { request_headers.removeForwardedClientCert(); return; } // When ForwardOnly is set, always forward the XFCC header without modification. if (config.forwardClientCert() == ForwardClientCertType::ForwardOnly) { return; } // TODO(myidpt): Handle the special characters in By and URI fields. // TODO: Optimize client_cert_details based on perf analysis (direct string appending may be more // preferable). std::vector client_cert_details; // When AppendForward or SanitizeSet is set, the client certificate information should be set into // the XFCC header. if (config.forwardClientCert() == ForwardClientCertType::AppendForward || config.forwardClientCert() == ForwardClientCertType::SanitizeSet) { const auto uri_sans_local_cert = connection.ssl()->uriSanLocalCertificate(); if (!uri_sans_local_cert.empty()) { client_cert_details.push_back(absl::StrCat("By=", uri_sans_local_cert[0])); } const std::string cert_digest = connection.ssl()->sha256PeerCertificateDigest(); if (!cert_digest.empty()) { client_cert_details.push_back(absl::StrCat("Hash=", cert_digest)); } for (const auto& detail : config.setCurrentClientCertDetails()) { switch (detail) { case ClientCertDetailsType::Cert: { const std::string peer_cert = connection.ssl()->urlEncodedPemEncodedPeerCertificate(); if (!peer_cert.empty()) { client_cert_details.push_back(absl::StrCat("Cert=\"", peer_cert, "\"")); } break; } case ClientCertDetailsType::Chain: { const std::string peer_chain = connection.ssl()->urlEncodedPemEncodedPeerCertificateChain(); if (!peer_chain.empty()) { client_cert_details.push_back(absl::StrCat("Chain=\"", peer_chain, "\"")); } break; } case ClientCertDetailsType::Subject: // The "Subject" key still exists even if the subject is empty. client_cert_details.push_back( absl::StrCat("Subject=\"", connection.ssl()->subjectPeerCertificate(), "\"")); break; case ClientCertDetailsType::URI: { // The "URI" key still exists even if the URI is empty. const auto sans = connection.ssl()->uriSanPeerCertificate(); const auto& uri_san = sans.empty() ? "" : sans[0]; client_cert_details.push_back(absl::StrCat("URI=", uri_san)); break; } case ClientCertDetailsType::DNS: { auto dns_sans = connection.ssl()->dnsSansPeerCertificate(); if (!dns_sans.empty()) { for (const std::string& dns : dns_sans) { client_cert_details.push_back(absl::StrCat("DNS=", dns)); } } break; } } } } const std::string client_cert_details_str = absl::StrJoin(client_cert_details, ";"); if (config.forwardClientCert() == ForwardClientCertType::AppendForward) { request_headers.appendForwardedClientCert(client_cert_details_str, ","); } else if (config.forwardClientCert() == ForwardClientCertType::SanitizeSet) { request_headers.setForwardedClientCert(client_cert_details_str); } else { NOT_REACHED_GCOVR_EXCL_LINE; } } void ConnectionManagerUtility::mutateResponseHeaders(ResponseHeaderMap& response_headers, const RequestHeaderMap* request_headers, ConnectionManagerConfig& config, const std::string& via) { if (request_headers != nullptr && Utility::isUpgrade(*request_headers) && Utility::isUpgrade(response_headers)) { // As in mutateRequestHeaders, Upgrade responses have special handling. // // Unlike mutateRequestHeaders there is no explicit protocol check. If Envoy is proxying an // upgrade response it has already passed the protocol checks. const bool no_body = (!response_headers.TransferEncoding() && !response_headers.ContentLength()); const bool is_1xx = CodeUtility::is1xx(Utility::getResponseStatus(response_headers)); // We are explicitly forbidden from setting content-length for 1xx responses // (RFC7230, Section 3.3.2). We ignore 204 because this is an upgrade. if (no_body && !is_1xx) { response_headers.setContentLength(uint64_t(0)); } } else { response_headers.removeConnection(); if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.fix_upgrade_response")) { response_headers.removeUpgrade(); } } response_headers.removeTransferEncoding(); if (request_headers != nullptr && (config.alwaysSetRequestIdInResponse() || request_headers->EnvoyForceTrace())) { config.requestIDExtension()->setInResponse(response_headers, *request_headers); } response_headers.removeKeepAlive(); response_headers.removeProxyConnection(); if (!via.empty()) { Utility::appendVia(response_headers, via); } } bool ConnectionManagerUtility::maybeNormalizePath(RequestHeaderMap& request_headers, const ConnectionManagerConfig& config) { if (!request_headers.Path()) { return true; // It's as valid as it is going to get. } bool is_valid_path = true; if (config.shouldNormalizePath()) { is_valid_path = PathUtil::canonicalPath(request_headers); } // Merge slashes after path normalization to catch potential edge cases with percent encoding. if (is_valid_path && config.shouldMergeSlashes()) { PathUtil::mergeSlashes(request_headers); } return is_valid_path; } void ConnectionManagerUtility::maybeNormalizeHost(RequestHeaderMap& request_headers, const ConnectionManagerConfig& config, uint32_t port) { if (config.shouldStripMatchingPort()) { HeaderUtility::stripPortFromHost(request_headers, port); } } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_manager_utility.h ================================================ #pragma once #include #include #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "common/http/conn_manager_impl.h" #include "common/http/http1/codec_stats.h" #include "common/http/http2/codec_stats.h" namespace Envoy { namespace Http { /** * Connection manager utilities split out for ease of testing. */ class ConnectionManagerUtility { public: /** * Determine the next protocol to used based both on ALPN as well as protocol inspection. * @param connection supplies the connection to determine a protocol for. * @param data supplies the currently available read data on the connection. */ static std::string determineNextProtocol(Network::Connection& connection, const Buffer::Instance& data); /** * Create an HTTP codec given the connection and the beginning of the incoming data. * @param connection supplies the connection. * @param data supplies the initial data supplied by the client. * @param callbacks supplies the codec callbacks. * @param scope supplies the stats scope for codec stats. * @param http1_settings supplies the HTTP/1 settings to use if HTTP/1 is chosen. * @param http2_settings supplies the HTTP/2 settings to use if HTTP/2 is chosen. */ static ServerConnectionPtr autoCreateCodec(Network::Connection& connection, const Buffer::Instance& data, ServerConnectionCallbacks& callbacks, Stats::Scope& scope, Random::RandomGenerator& random, Http1::CodecStats::AtomicPtr& http1_codec_stats, Http2::CodecStats::AtomicPtr& http2_codec_stats, const Http1Settings& http1_settings, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, uint32_t max_request_headers_kb, uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); /** * Mutates request headers in various ways. This functionality is broken out because of its * complexity for ease of testing. See the method itself for detailed comments on what * mutations are performed. * * Note this function may be called twice on the response path if there are * 100-Continue headers. * * @return the final trusted remote address. This depends on various settings and the * existence of the x-forwarded-for header. Again see the method for more details. */ static Network::Address::InstanceConstSharedPtr mutateRequestHeaders(RequestHeaderMap& request_headers, Network::Connection& connection, ConnectionManagerConfig& config, const Router::Config& route_config, const LocalInfo::LocalInfo& local_info); static void mutateResponseHeaders(ResponseHeaderMap& response_headers, const RequestHeaderMap* request_headers, ConnectionManagerConfig& config, const std::string& via); // Sanitize the path in the header map if the path exists and it is forced by config. // Side affect: the string view of Path header is invalidated. // Return false if error happens during the sanitization. // Returns true if there is no path. static bool maybeNormalizePath(RequestHeaderMap& request_headers, const ConnectionManagerConfig& config); static void maybeNormalizeHost(RequestHeaderMap& request_headers, const ConnectionManagerConfig& config, uint32_t port); /** * Mutate request headers if request needs to be traced. */ static void mutateTracingRequestHeader(RequestHeaderMap& request_headers, Runtime::Loader& runtime, ConnectionManagerConfig& config, const Router::Route* route); private: static void mutateXfccRequestHeader(RequestHeaderMap& request_headers, Network::Connection& connection, ConnectionManagerConfig& config); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_pool_base.cc ================================================ #include "common/http/conn_pool_base.h" #include "common/common/assert.h" #include "common/http/utility.h" #include "common/network/transport_socket_options_impl.h" #include "common/runtime/runtime_features.h" #include "common/stats/timespan_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Http { Network::TransportSocketOptionsSharedPtr wrapTransportSocketOptions(Network::TransportSocketOptionsSharedPtr transport_socket_options, Protocol protocol) { if (!Runtime::runtimeFeatureEnabled("envoy.reloadable_features.http_default_alpn")) { return transport_socket_options; } // If configured to do so, we override the ALPN to use for the upstream connection to match the // selected protocol. std::string alpn; switch (protocol) { case Http::Protocol::Http10: NOT_REACHED_GCOVR_EXCL_LINE; case Http::Protocol::Http11: alpn = Http::Utility::AlpnNames::get().Http11; break; case Http::Protocol::Http2: alpn = Http::Utility::AlpnNames::get().Http2; break; case Http::Protocol::Http3: // TODO(snowp): Add once HTTP/3 upstream support is added. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; break; } if (transport_socket_options) { return std::make_shared( std::move(alpn), transport_socket_options); } else { return std::make_shared( "", std::vector{}, std::vector{}, std::move(alpn)); } } HttpConnPoolImplBase::HttpConnPoolImplBase( Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options, Http::Protocol protocol) : Envoy::ConnectionPool::ConnPoolImplBase( host, priority, dispatcher, options, wrapTransportSocketOptions(transport_socket_options, protocol)) {} ConnectionPool::Cancellable* HttpConnPoolImplBase::newStream(Http::ResponseDecoder& response_decoder, Http::ConnectionPool::Callbacks& callbacks) { HttpAttachContext context({&response_decoder, &callbacks}); return Envoy::ConnectionPool::ConnPoolImplBase::newStream(context); } bool HttpConnPoolImplBase::hasActiveConnections() const { return (!pending_streams_.empty() || (num_active_streams_ > 0)); } ConnectionPool::Cancellable* HttpConnPoolImplBase::newPendingStream(Envoy::ConnectionPool::AttachContext& context) { Http::ResponseDecoder& decoder = *typedContext(context).decoder_; Http::ConnectionPool::Callbacks& callbacks = *typedContext(context).callbacks_; ENVOY_LOG(debug, "queueing stream due to no available connections"); Envoy::ConnectionPool::PendingStreamPtr pending_stream( new HttpPendingStream(*this, decoder, callbacks)); LinkedList::moveIntoList(std::move(pending_stream), pending_streams_); return pending_streams_.front().get(); } void HttpConnPoolImplBase::onPoolReady(Envoy::ConnectionPool::ActiveClient& client, Envoy::ConnectionPool::AttachContext& context) { ActiveClient* http_client = static_cast(&client); auto& http_context = typedContext(context); Http::ResponseDecoder& response_decoder = *http_context.decoder_; Http::ConnectionPool::Callbacks& callbacks = *http_context.callbacks_; Http::RequestEncoder& new_encoder = http_client->newStreamEncoder(response_decoder); callbacks.onPoolReady(new_encoder, client.real_host_description_, http_client->codec_client_->streamInfo()); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/conn_pool_base.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/http/conn_pool.h" #include "envoy/network/connection.h" #include "envoy/stats/timespan.h" #include "common/common/linked_object.h" #include "common/conn_pool/conn_pool_base.h" #include "common/http/codec_client.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Http { struct HttpAttachContext : public Envoy::ConnectionPool::AttachContext { HttpAttachContext(Http::ResponseDecoder* d, Http::ConnectionPool::Callbacks* c) : decoder_(d), callbacks_(c) {} Http::ResponseDecoder* decoder_; Http::ConnectionPool::Callbacks* callbacks_; }; // An implementation of Envoy::ConnectionPool::PendingStream for HTTP/1.1 and HTTP/2 class HttpPendingStream : public Envoy::ConnectionPool::PendingStream { public: // OnPoolSuccess for HTTP requires both the decoder and callbacks. OnPoolFailure // requires only the callbacks, but passes both for consistency. HttpPendingStream(Envoy::ConnectionPool::ConnPoolImplBase& parent, Http::ResponseDecoder& decoder, Http::ConnectionPool::Callbacks& callbacks) : Envoy::ConnectionPool::PendingStream(parent), context_(&decoder, &callbacks) {} Envoy::ConnectionPool::AttachContext& context() override { return context_; } HttpAttachContext context_; }; // An implementation of Envoy::ConnectionPool::ConnPoolImplBase for shared code // between HTTP/1.1 and HTTP/2 class HttpConnPoolImplBase : public Envoy::ConnectionPool::ConnPoolImplBase, public Http::ConnectionPool::Instance { public: HttpConnPoolImplBase(Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options, Http::Protocol protocol); // ConnectionPool::Instance void addDrainedCallback(DrainedCb cb) override { addDrainedCallbackImpl(cb); } void drainConnections() override { drainConnectionsImpl(); } Upstream::HostDescriptionConstSharedPtr host() const override { return host_; } ConnectionPool::Cancellable* newStream(Http::ResponseDecoder& response_decoder, Http::ConnectionPool::Callbacks& callbacks) override; bool maybePrefetch(float ratio) override { return Envoy::ConnectionPool::ConnPoolImplBase::maybePrefetch(ratio); } bool hasActiveConnections() const override; // Creates a new PendingStream and enqueues it into the queue. ConnectionPool::Cancellable* newPendingStream(Envoy::ConnectionPool::AttachContext& context) override; void onPoolFailure(const Upstream::HostDescriptionConstSharedPtr& host_description, absl::string_view failure_reason, ConnectionPool::PoolFailureReason reason, Envoy::ConnectionPool::AttachContext& context) override { auto* callbacks = typedContext(context).callbacks_; callbacks->onPoolFailure(reason, failure_reason, host_description); } void onPoolReady(Envoy::ConnectionPool::ActiveClient& client, Envoy::ConnectionPool::AttachContext& context) override; virtual CodecClientPtr createCodecClient(Upstream::Host::CreateConnectionData& data) PURE; }; // An implementation of Envoy::ConnectionPool::ActiveClient for HTTP/1.1 and HTTP/2 class ActiveClient : public Envoy::ConnectionPool::ActiveClient { public: ActiveClient(HttpConnPoolImplBase& parent, uint64_t lifetime_stream_limit, uint64_t concurrent_stream_limit) : Envoy::ConnectionPool::ActiveClient(parent, lifetime_stream_limit, concurrent_stream_limit) { Upstream::Host::CreateConnectionData data = parent_.host()->createConnection( parent_.dispatcher(), parent_.socketOptions(), parent_.transportSocketOptions()); real_host_description_ = data.host_description_; codec_client_ = parent.createCodecClient(data); codec_client_->addConnectionCallbacks(*this); codec_client_->setConnectionStats( {parent_.host()->cluster().stats().upstream_cx_rx_bytes_total_, parent_.host()->cluster().stats().upstream_cx_rx_bytes_buffered_, parent_.host()->cluster().stats().upstream_cx_tx_bytes_total_, parent_.host()->cluster().stats().upstream_cx_tx_bytes_buffered_, &parent_.host()->cluster().stats().bind_errors_, nullptr}); } void close() override { codec_client_->close(); } virtual Http::RequestEncoder& newStreamEncoder(Http::ResponseDecoder& response_decoder) PURE; void onEvent(Network::ConnectionEvent event) override { parent_.onConnectionEvent(*this, codec_client_->connectionFailureReason(), event); } size_t numActiveStreams() const override { return codec_client_->numActiveRequests(); } uint64_t id() const override { return codec_client_->id(); } Http::CodecClientPtr codec_client_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/context_impl.cc ================================================ #include "common/http/context_impl.h" namespace Envoy { namespace Http { ContextImpl::ContextImpl(Stats::SymbolTable& symbol_table) : code_stats_(symbol_table), user_agent_context_(symbol_table) {} } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/context_impl.h ================================================ #pragma once #include "envoy/http/context.h" #include "common/http/codes.h" #include "common/http/user_agent.h" namespace Envoy { namespace Http { /** * Captures http-related structures with cardinality of one per server. */ class ContextImpl : public Context { public: explicit ContextImpl(Stats::SymbolTable& symbol_table); ~ContextImpl() override = default; const envoy::config::trace::v3::Tracing& defaultTracingConfig() override { return default_tracing_config_; } CodeStats& codeStats() override { return code_stats_; } void setDefaultTracingConfig(const envoy::config::trace::v3::Tracing& tracing_config) { default_tracing_config_ = tracing_config; } const UserAgentContext& userAgentContext() const override { return user_agent_context_; } private: CodeStatsImpl code_stats_; UserAgentContext user_agent_context_; envoy::config::trace::v3::Tracing default_tracing_config_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/date_provider.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Http { /** * Fills headers with a date header. */ class DateProvider { public: virtual ~DateProvider() = default; /** * Set the Date header potentially using a cached value. * @param headers supplies the headers to fill. */ virtual void setDateHeader(ResponseHeaderMap& headers) PURE; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/date_provider_impl.cc ================================================ #include "common/http/date_provider_impl.h" #include #include namespace Envoy { namespace Http { DateFormatter DateProviderImplBase::date_formatter_("%a, %d %b %Y %H:%M:%S GMT"); TlsCachingDateProviderImpl::TlsCachingDateProviderImpl(Event::Dispatcher& dispatcher, ThreadLocal::SlotAllocator& tls) : DateProviderImplBase(dispatcher.timeSource()), tls_(tls.allocateSlot()), refresh_timer_(dispatcher.createTimer([this]() -> void { onRefreshDate(); })) { onRefreshDate(); } void TlsCachingDateProviderImpl::onRefreshDate() { std::string new_date_string = date_formatter_.now(time_source_); tls_->set([new_date_string](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(new_date_string); }); refresh_timer_->enableTimer(std::chrono::milliseconds(500)); } void TlsCachingDateProviderImpl::setDateHeader(ResponseHeaderMap& headers) { headers.setDate(tls_->getTyped().date_string_); } void SlowDateProviderImpl::setDateHeader(ResponseHeaderMap& headers) { headers.setDate(date_formatter_.now(time_source_)); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/date_provider_impl.h ================================================ #pragma once #include #include #include "envoy/event/dispatcher.h" #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" #include "common/common/utility.h" #include "date_provider.h" namespace Envoy { namespace Http { /** * Base for all providers. */ class DateProviderImplBase : public DateProvider { public: explicit DateProviderImplBase(TimeSource& time_source) : time_source_(time_source) {} protected: static DateFormatter date_formatter_; TimeSource& time_source_; }; /** * A caching thread local provider. This implementation updates the date string every 500ms and * caches on each thread. */ class TlsCachingDateProviderImpl : public DateProviderImplBase, public Singleton::Instance { public: TlsCachingDateProviderImpl(Event::Dispatcher& dispatcher, ThreadLocal::SlotAllocator& tls); // Http::DateProvider void setDateHeader(ResponseHeaderMap& headers) override; private: struct ThreadLocalCachedDate : public ThreadLocal::ThreadLocalObject { ThreadLocalCachedDate(const std::string& date_string) : date_string_(date_string) {} const std::string date_string_; }; void onRefreshDate(); ThreadLocal::SlotPtr tls_; Event::TimerPtr refresh_timer_; }; /** * A basic provider that just creates the date string every time. */ class SlowDateProviderImpl : public DateProviderImplBase { using DateProviderImplBase::DateProviderImplBase; public: // Http::DateProvider void setDateHeader(ResponseHeaderMap& headers) override; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/default_server_string.h ================================================ #pragma once #include #include "common/common/macros.h" namespace Envoy { namespace Http { class DefaultServerString { public: /** * @return the default HTTP server header string. */ static const std::string& get() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy"); } }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/exception.h ================================================ #pragma once #include #include "envoy/common/exception.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Http { /** * Indicates a non-recoverable protocol error that should result in connection termination. */ class CodecProtocolException : public EnvoyException { public: CodecProtocolException(const std::string& message) : EnvoyException(message) {} }; /** * Raised when outbound frame queue flood is detected. */ class FrameFloodException : public CodecProtocolException { public: FrameFloodException(const std::string& message) : CodecProtocolException(message) {} }; /** * Raised when a response is received on a connection that did not send a request. In practice * this can only happen on HTTP/1.1 connections. */ class PrematureResponseException : public EnvoyException { public: PrematureResponseException(Http::Code response_code) : EnvoyException(""), response_code_(response_code) {} Http::Code responseCode() { return response_code_; } private: const Http::Code response_code_; }; /** * Indicates a client (local) side error which should not happen. */ class CodecClientException : public EnvoyException { public: CodecClientException(const std::string& message) : EnvoyException(message) {} }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/filter_manager.cc ================================================ #include "common/http/filter_manager.h" #include "common/common/enum_to_int.h" #include "common/common/scope_tracker.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Http { namespace { template using FilterList = std::list>; // Shared helper for recording the latest filter used. template void recordLatestDataFilter(const typename FilterList::iterator current_filter, T*& latest_filter, const FilterList& filters) { // If this is the first time we're calling onData, just record the current filter. if (latest_filter == nullptr) { latest_filter = current_filter->get(); return; } // We want to keep this pointing at the latest filter in the filter list that has received the // onData callback. To do so, we compare the current latest with the *previous* filter. If they // match, then we must be processing a new filter for the first time. We omit this check if we're // the first filter, since the above check handles that case. // // We compare against the previous filter to avoid multiple filter iterations from resetting the // pointer: If we just set latest to current, then the first onData filter iteration would // correctly iterate over the filters and set latest, but on subsequent onData iterations // we'd start from the beginning again, potentially allowing filter N to modify the buffer even // though filter M > N was the filter that inserted data into the buffer. if (current_filter != filters.begin() && latest_filter == std::prev(current_filter)->get()) { latest_filter = current_filter->get(); } } } // namespace void ActiveStreamFilterBase::commonContinue() { // TODO(mattklein123): Raise an error if this is called during a callback. if (!canContinue()) { ENVOY_STREAM_LOG(trace, "cannot continue filter chain: filter={}", *this, static_cast(this)); return; } ENVOY_STREAM_LOG(trace, "continuing filter chain: filter={}", *this, static_cast(this)); ASSERT(!canIterate(), "Attempting to continue iteration while the IterationState is already Continue"); // If iteration has stopped for all frame types, set iterate_from_current_filter_ to true so the // filter iteration starts with the current filter instead of the next one. if (stoppedAll()) { iterate_from_current_filter_ = true; } allowIteration(); // Only resume with do100ContinueHeaders() if we've actually seen a 100-Continue. if (has100Continueheaders()) { continue_headers_continued_ = true; do100ContinueHeaders(); // If the response headers have not yet come in, don't continue on with // headers and body. doHeaders expects request headers to exist. if (!parent_.filter_manager_callbacks_.responseHeaders()) { return; } } // Make sure that we handle the zero byte data frame case. We make no effort to optimize this // case in terms of merging it into a header only request/response. This could be done in the // future. if (!headers_continued_) { headers_continued_ = true; doHeaders(complete() && !bufferedData() && !hasTrailers()); } doMetadata(); if (bufferedData()) { doData(complete() && !hasTrailers()); } if (hasTrailers()) { doTrailers(); } iterate_from_current_filter_ = false; } bool ActiveStreamFilterBase::commonHandleAfter100ContinueHeadersCallback( FilterHeadersStatus status) { ASSERT(parent_.state_.has_continue_headers_); ASSERT(!continue_headers_continued_); ASSERT(canIterate()); if (status == FilterHeadersStatus::StopIteration) { iteration_state_ = IterationState::StopSingleIteration; return false; } else { ASSERT(status == FilterHeadersStatus::Continue); continue_headers_continued_ = true; return true; } } bool ActiveStreamFilterBase::commonHandleAfterHeadersCallback(FilterHeadersStatus status, bool& end_stream, bool& headers_only) { ASSERT(!headers_continued_); ASSERT(canIterate()); switch (status) { case FilterHeadersStatus::StopIteration: iteration_state_ = IterationState::StopSingleIteration; break; case FilterHeadersStatus::StopAllIterationAndBuffer: iteration_state_ = IterationState::StopAllBuffer; break; case FilterHeadersStatus::StopAllIterationAndWatermark: iteration_state_ = IterationState::StopAllWatermark; break; case FilterHeadersStatus::ContinueAndEndStream: // Set headers_only to true so we know to end early if necessary, // but continue filter iteration so we actually write the headers/run the cleanup code. headers_only = true; ENVOY_STREAM_LOG(debug, "converting to headers only", parent_); break; case FilterHeadersStatus::ContinueAndDontEndStream: headers_only = false; end_stream = false; headers_continued_ = true; ENVOY_STREAM_LOG(debug, "converting to headers and body (body not available yet)", parent_); break; case FilterHeadersStatus::Continue: headers_continued_ = true; break; } handleMetadataAfterHeadersCallback(); if (stoppedAll() || status == FilterHeadersStatus::StopIteration) { return false; } else { return true; } } void ActiveStreamFilterBase::commonHandleBufferData(Buffer::Instance& provided_data) { // The way we do buffering is a little complicated which is why we have this common function // which is used for both encoding and decoding. When data first comes into our filter pipeline, // we send it through. Any filter can choose to stop iteration and buffer or not. If we then // continue iteration in the future, we use the buffered data. A future filter can stop and // buffer again. In this case, since we are already operating on buffered data, we don't // rebuffer, because we assume the filter has modified the buffer as it wishes in place. if (bufferedData().get() != &provided_data) { if (!bufferedData()) { bufferedData() = createBuffer(); } bufferedData()->move(provided_data); } } bool ActiveStreamFilterBase::commonHandleAfterDataCallback(FilterDataStatus status, Buffer::Instance& provided_data, bool& buffer_was_streaming) { if (status == FilterDataStatus::Continue) { if (iteration_state_ == IterationState::StopSingleIteration) { commonHandleBufferData(provided_data); commonContinue(); return false; } else { ASSERT(headers_continued_); } } else { iteration_state_ = IterationState::StopSingleIteration; if (status == FilterDataStatus::StopIterationAndBuffer || status == FilterDataStatus::StopIterationAndWatermark) { buffer_was_streaming = status == FilterDataStatus::StopIterationAndWatermark; commonHandleBufferData(provided_data); } else if (complete() && !hasTrailers() && !bufferedData()) { // If this filter is doing StopIterationNoBuffer and this stream is terminated with a zero // byte data frame, we need to create an empty buffer to make sure that when commonContinue // is called, the pipeline resumes with an empty data frame with end_stream = true ASSERT(end_stream_); bufferedData() = createBuffer(); } return false; } return true; } bool ActiveStreamFilterBase::commonHandleAfterTrailersCallback(FilterTrailersStatus status) { if (status == FilterTrailersStatus::Continue) { if (iteration_state_ == IterationState::StopSingleIteration) { commonContinue(); return false; } else { ASSERT(headers_continued_); } } else { return false; } return true; } const Network::Connection* ActiveStreamFilterBase::connection() { return parent_.connection(); } Event::Dispatcher& ActiveStreamFilterBase::dispatcher() { return parent_.dispatcher_; } StreamInfo::StreamInfo& ActiveStreamFilterBase::streamInfo() { return parent_.stream_info_; } Tracing::Span& ActiveStreamFilterBase::activeSpan() { return parent_.filter_manager_callbacks_.activeSpan(); } const ScopeTrackedObject& ActiveStreamFilterBase::scope() { return parent_.filter_manager_callbacks_.scope(); } Tracing::Config& ActiveStreamFilterBase::tracingConfig() { return parent_.filter_manager_callbacks_.tracingConfig(); } Upstream::ClusterInfoConstSharedPtr ActiveStreamFilterBase::clusterInfo() { return parent_.filter_manager_callbacks_.clusterInfo(); } Router::RouteConstSharedPtr ActiveStreamFilterBase::route() { return route(nullptr); } Router::RouteConstSharedPtr ActiveStreamFilterBase::route(const Router::RouteCallback& cb) { return parent_.filter_manager_callbacks_.route(cb); } void ActiveStreamFilterBase::clearRouteCache() { parent_.filter_manager_callbacks_.clearRouteCache(); } bool ActiveStreamDecoderFilter::canContinue() { // It is possible for the connection manager to respond directly to a request even while // a filter is trying to continue. If a response has already happened, we should not // continue to further filters. A concrete example of this is a filter buffering data, the // last data frame comes in and the filter continues, but the final buffering takes the stream // over the high watermark such that a 413 is returned. return !parent_.state_.local_complete_; } Buffer::WatermarkBufferPtr ActiveStreamDecoderFilter::createBuffer() { auto buffer = std::make_unique( [this]() -> void { this->requestDataDrained(); }, [this]() -> void { this->requestDataTooLarge(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }); buffer->setWatermarks(parent_.buffer_limit_); return buffer; } Buffer::WatermarkBufferPtr& ActiveStreamDecoderFilter::bufferedData() { return parent_.buffered_request_data_; } bool ActiveStreamDecoderFilter::complete() { return parent_.state_.remote_complete_; } void ActiveStreamDecoderFilter::doHeaders(bool end_stream) { parent_.decodeHeaders(this, *parent_.filter_manager_callbacks_.requestHeaders(), end_stream); } void ActiveStreamDecoderFilter::doData(bool end_stream) { parent_.decodeData(this, *parent_.buffered_request_data_, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); } void ActiveStreamDecoderFilter::doTrailers() { parent_.decodeTrailers(this, *parent_.filter_manager_callbacks_.requestTrailers()); } bool ActiveStreamDecoderFilter::hasTrailers() { return parent_.filter_manager_callbacks_.requestTrailers().has_value(); } void ActiveStreamDecoderFilter::drainSavedRequestMetadata() { ASSERT(saved_request_metadata_ != nullptr); for (auto& metadata_map : *getSavedRequestMetadata()) { parent_.decodeMetadata(this, *metadata_map); } getSavedRequestMetadata()->clear(); } void ActiveStreamDecoderFilter::handleMetadataAfterHeadersCallback() { // If we drain accumulated metadata, the iteration must start with the current filter. const bool saved_state = iterate_from_current_filter_; iterate_from_current_filter_ = true; // If decodeHeaders() returns StopAllIteration, we should skip draining metadata, and wait // for doMetadata() to drain the metadata after iteration continues. if (!stoppedAll() && saved_request_metadata_ != nullptr && !getSavedRequestMetadata()->empty()) { drainSavedRequestMetadata(); } // Restores the original value of iterate_from_current_filter_. iterate_from_current_filter_ = saved_state; } RequestTrailerMap& ActiveStreamDecoderFilter::addDecodedTrailers() { return parent_.addDecodedTrailers(); } void ActiveStreamDecoderFilter::addDecodedData(Buffer::Instance& data, bool streaming) { parent_.addDecodedData(*this, data, streaming); } MetadataMapVector& ActiveStreamDecoderFilter::addDecodedMetadata() { return parent_.addDecodedMetadata(); } void ActiveStreamDecoderFilter::injectDecodedDataToFilterChain(Buffer::Instance& data, bool end_stream) { parent_.decodeData(this, data, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); } void ActiveStreamDecoderFilter::continueDecoding() { commonContinue(); } const Buffer::Instance* ActiveStreamDecoderFilter::decodingBuffer() { return parent_.buffered_request_data_.get(); } void ActiveStreamDecoderFilter::modifyDecodingBuffer( std::function callback) { ASSERT(parent_.state_.latest_data_decoding_filter_ == this); callback(*parent_.buffered_request_data_.get()); } void ActiveStreamDecoderFilter::sendLocalReply( Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) { parent_.sendLocalReply(is_grpc_request_, code, body, modify_headers, grpc_status, details); } void ActiveStreamDecoderFilter::encode100ContinueHeaders(ResponseHeaderMapPtr&& headers) { // If Envoy is not configured to proxy 100-Continue responses, swallow the 100 Continue // here. This avoids the potential situation where Envoy strips Expect: 100-Continue and sends a // 100-Continue, then proxies a duplicate 100 Continue from upstream. if (parent_.proxy_100_continue_) { parent_.filter_manager_callbacks_.setContinueHeaders(std::move(headers)); parent_.encode100ContinueHeaders(nullptr, *parent_.filter_manager_callbacks_.continueHeaders()); } } void ActiveStreamDecoderFilter::encodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream, absl::string_view details) { parent_.stream_info_.setResponseCodeDetails(details); parent_.filter_manager_callbacks_.setResponseHeaders(std::move(headers)); parent_.encodeHeaders(nullptr, *parent_.filter_manager_callbacks_.responseHeaders(), end_stream); } void ActiveStreamDecoderFilter::encodeData(Buffer::Instance& data, bool end_stream) { parent_.encodeData(nullptr, data, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); } void ActiveStreamDecoderFilter::encodeTrailers(ResponseTrailerMapPtr&& trailers) { parent_.filter_manager_callbacks_.setResponseTrailers(std::move(trailers)); parent_.encodeTrailers(nullptr, *parent_.filter_manager_callbacks_.responseTrailers()); } void ActiveStreamDecoderFilter::encodeMetadata(MetadataMapPtr&& metadata_map_ptr) { parent_.encodeMetadata(nullptr, std::move(metadata_map_ptr)); } void ActiveStreamDecoderFilter::onDecoderFilterAboveWriteBufferHighWatermark() { parent_.filter_manager_callbacks_.onDecoderFilterAboveWriteBufferHighWatermark(); } void ActiveStreamDecoderFilter::requestDataTooLarge() { ENVOY_STREAM_LOG(debug, "request data too large watermark exceeded", parent_); if (parent_.state_.decoder_filters_streaming_) { onDecoderFilterAboveWriteBufferHighWatermark(); } else { parent_.filter_manager_callbacks_.onRequestDataTooLarge(); sendLocalReply(Code::PayloadTooLarge, CodeUtility::toString(Code::PayloadTooLarge), nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().RequestPayloadTooLarge); } } void FilterManager::addStreamDecoderFilterWorker(StreamDecoderFilterSharedPtr filter, bool dual_filter) { ActiveStreamDecoderFilterPtr wrapper(new ActiveStreamDecoderFilter(*this, filter, dual_filter)); filter->setDecoderFilterCallbacks(*wrapper); // Note: configured decoder filters are appended to decoder_filters_. // This means that if filters are configured in the following order (assume all three filters are // both decoder/encoder filters): // http_filters: // - A // - B // - C // The decoder filter chain will iterate through filters A, B, C. LinkedList::moveIntoListBack(std::move(wrapper), decoder_filters_); } void FilterManager::addStreamEncoderFilterWorker(StreamEncoderFilterSharedPtr filter, bool dual_filter) { ActiveStreamEncoderFilterPtr wrapper(new ActiveStreamEncoderFilter(*this, filter, dual_filter)); filter->setEncoderFilterCallbacks(*wrapper); // Note: configured encoder filters are prepended to encoder_filters_. // This means that if filters are configured in the following order (assume all three filters are // both decoder/encoder filters): // http_filters: // - A // - B // - C // The encoder filter chain will iterate through filters C, B, A. LinkedList::moveIntoList(std::move(wrapper), encoder_filters_); } void FilterManager::addAccessLogHandler(AccessLog::InstanceSharedPtr handler) { access_log_handlers_.push_back(handler); } void FilterManager::maybeContinueDecoding( const std::list::iterator& continue_data_entry) { if (continue_data_entry != decoder_filters_.end()) { // We use the continueDecoding() code since it will correctly handle not calling // decodeHeaders() again. Fake setting StopSingleIteration since the continueDecoding() code // expects it. ASSERT(buffered_request_data_); (*continue_data_entry)->iteration_state_ = ActiveStreamFilterBase::IterationState::StopSingleIteration; (*continue_data_entry)->continueDecoding(); } } void FilterManager::decodeHeaders(ActiveStreamDecoderFilter* filter, RequestHeaderMap& headers, bool end_stream) { // Headers filter iteration should always start with the next filter if available. std::list::iterator entry = commonDecodePrefix(filter, FilterIterationStartState::AlwaysStartFromNext); std::list::iterator continue_data_entry = decoder_filters_.end(); for (; entry != decoder_filters_.end(); entry++) { ASSERT(!(state_.filter_call_state_ & FilterCallState::DecodeHeaders)); state_.filter_call_state_ |= FilterCallState::DecodeHeaders; (*entry)->end_stream_ = state_.decoding_headers_only_ || (end_stream && continue_data_entry == decoder_filters_.end()); FilterHeadersStatus status = (*entry)->decodeHeaders(headers, (*entry)->end_stream_); ASSERT(!(status == FilterHeadersStatus::ContinueAndEndStream && (*entry)->end_stream_), "Filters should not return FilterHeadersStatus::ContinueAndEndStream from decodeHeaders " "when end_stream is already true"); ASSERT(!(status == FilterHeadersStatus::ContinueAndDontEndStream && !(*entry)->end_stream_), "Filters should not return FilterHeadersStatus::ContinueAndDontEndStream from " "decodeHeaders when end_stream is already false"); state_.filter_call_state_ &= ~FilterCallState::DecodeHeaders; ENVOY_STREAM_LOG(trace, "decode headers called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); (*entry)->decode_headers_called_ = true; // decoding_headers_only_ is set if the filter returns ContinueAndEndStream. const auto continue_iteration = (*entry)->commonHandleAfterHeadersCallback( status, end_stream, state_.decoding_headers_only_); // If this filter ended the stream, decodeComplete() should be called for it. if ((*entry)->end_stream_ || state_.decoding_headers_only_) { (*entry)->handle_->decodeComplete(); } const bool new_metadata_added = processNewlyAddedMetadata(); // If end_stream is set in headers, and a filter adds new metadata, we need to delay end_stream // in headers by inserting an empty data frame with end_stream set. The empty data frame is sent // after the new metadata. if ((*entry)->end_stream_ && new_metadata_added && !buffered_request_data_) { Buffer::OwnedImpl empty_data(""); ENVOY_STREAM_LOG( trace, "inserting an empty data frame for end_stream due metadata being added.", *this); // Metadata frame doesn't carry end of stream bit. We need an empty data frame to end the // stream. addDecodedData(*((*entry).get()), empty_data, true); } if (!continue_iteration && std::next(entry) != decoder_filters_.end()) { // Stop iteration IFF this is not the last filter. If it is the last filter, continue with // processing since we need to handle the case where a terminal filter wants to buffer, but // a previous filter has added body. maybeContinueDecoding(continue_data_entry); return; } // Here we handle the case where we have a header only request, but a filter adds a body // to it. We need to not raise end_stream = true to further filters during inline iteration. if (end_stream && buffered_request_data_ && continue_data_entry == decoder_filters_.end()) { continue_data_entry = entry; } } maybeContinueDecoding(continue_data_entry); if (end_stream) { disarmRequestTimeout(); } } void FilterManager::decodeData(ActiveStreamDecoderFilter* filter, Buffer::Instance& data, bool end_stream, FilterIterationStartState filter_iteration_start_state) { ScopeTrackerScopeState scope(&*this, dispatcher_); filter_manager_callbacks_.resetIdleTimer(); // If we previously decided to decode only the headers, do nothing here. if (state_.decoding_headers_only_) { return; } // If a response is complete or a reset has been sent, filters do not care about further body // data. Just drop it. if (state_.local_complete_) { return; } auto trailers_added_entry = decoder_filters_.end(); const bool trailers_exists_at_start = filter_manager_callbacks_.requestTrailers().has_value(); // Filter iteration may start at the current filter. std::list::iterator entry = commonDecodePrefix(filter, filter_iteration_start_state); for (; entry != decoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame types, return now. if (handleDataIfStopAll(**entry, data, state_.decoder_filters_streaming_)) { return; } // If end_stream_ is marked for a filter, the data is not for this filter and filters after. // // In following case, ActiveStreamFilterBase::commonContinue() could be called recursively and // its doData() is called with wrong data. // // There are 3 decode filters and "wrapper" refers to ActiveStreamFilter object. // // filter0->decodeHeaders(_, true) // return STOP // filter0->continueDecoding() // wrapper0->commonContinue() // wrapper0->decodeHeaders(_, _, true) // filter1->decodeHeaders(_, true) // filter1->addDecodeData() // return CONTINUE // filter2->decodeHeaders(_, false) // return CONTINUE // wrapper1->commonContinue() // Detects data is added. // wrapper1->doData() // wrapper1->decodeData() // filter2->decodeData(_, true) // return CONTINUE // wrapper0->doData() // This should not be called // wrapper0->decodeData() // filter1->decodeData(_, true) // It will cause assertions. // // One way to solve this problem is to mark end_stream_ for each filter. // If a filter is already marked as end_stream_ when decodeData() is called, bails out the // whole function. If just skip the filter, the codes after the loop will be called with // wrong data. For encodeData, the response_encoder->encode() will be called. if ((*entry)->end_stream_) { return; } ASSERT(!(state_.filter_call_state_ & FilterCallState::DecodeData)); // We check the request_trailers_ pointer here in case addDecodedTrailers // is called in decodeData during a previous filter invocation, at which point we communicate to // the current and future filters that the stream has not yet ended. if (end_stream) { state_.filter_call_state_ |= FilterCallState::LastDataFrame; } recordLatestDataFilter(entry, state_.latest_data_decoding_filter_, decoder_filters_); state_.filter_call_state_ |= FilterCallState::DecodeData; (*entry)->end_stream_ = end_stream && !filter_manager_callbacks_.requestTrailers(); FilterDataStatus status = (*entry)->handle_->decodeData(data, (*entry)->end_stream_); if ((*entry)->end_stream_) { (*entry)->handle_->decodeComplete(); } state_.filter_call_state_ &= ~FilterCallState::DecodeData; if (end_stream) { state_.filter_call_state_ &= ~FilterCallState::LastDataFrame; } ENVOY_STREAM_LOG(trace, "decode data called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); processNewlyAddedMetadata(); if (!trailers_exists_at_start && filter_manager_callbacks_.requestTrailers() && trailers_added_entry == decoder_filters_.end()) { trailers_added_entry = entry; } if (!(*entry)->commonHandleAfterDataCallback(status, data, state_.decoder_filters_streaming_) && std::next(entry) != decoder_filters_.end()) { // Stop iteration IFF this is not the last filter. If it is the last filter, continue with // processing since we need to handle the case where a terminal filter wants to buffer, but // a previous filter has added trailers. return; } } // If trailers were adding during decodeData we need to trigger decodeTrailers in order // to allow filters to process the trailers. if (trailers_added_entry != decoder_filters_.end()) { decodeTrailers(trailers_added_entry->get(), *filter_manager_callbacks_.requestTrailers()); } if (end_stream) { disarmRequestTimeout(); } } RequestTrailerMap& FilterManager::addDecodedTrailers() { // Trailers can only be added during the last data frame (i.e. end_stream = true). ASSERT(state_.filter_call_state_ & FilterCallState::LastDataFrame); filter_manager_callbacks_.setRequestTrailers(RequestTrailerMapImpl::create()); return *filter_manager_callbacks_.requestTrailers(); } void FilterManager::addDecodedData(ActiveStreamDecoderFilter& filter, Buffer::Instance& data, bool streaming) { if (state_.filter_call_state_ == 0 || (state_.filter_call_state_ & FilterCallState::DecodeHeaders) || (state_.filter_call_state_ & FilterCallState::DecodeData) || ((state_.filter_call_state_ & FilterCallState::DecodeTrailers) && !filter.canIterate())) { // Make sure if this triggers watermarks, the correct action is taken. state_.decoder_filters_streaming_ = streaming; // If no call is happening or we are in the decode headers/data callback, buffer the data. // Inline processing happens in the decodeHeaders() callback if necessary. filter.commonHandleBufferData(data); } else if (state_.filter_call_state_ & FilterCallState::DecodeTrailers) { // In this case we need to inline dispatch the data to further filters. If those filters // choose to buffer/stop iteration that's fine. decodeData(&filter, data, false, FilterIterationStartState::AlwaysStartFromNext); } else { // TODO(mattklein123): Formalize error handling for filters and add tests. Should probably // throw an exception here. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } MetadataMapVector& FilterManager::addDecodedMetadata() { return *getRequestMetadataMapVector(); } void FilterManager::decodeTrailers(ActiveStreamDecoderFilter* filter, RequestTrailerMap& trailers) { // If we previously decided to decode only the headers, do nothing here. if (state_.decoding_headers_only_) { return; } // See decodeData() above for why we check local_complete_ here. if (state_.local_complete_) { return; } // Filter iteration may start at the current filter. std::list::iterator entry = commonDecodePrefix(filter, FilterIterationStartState::CanStartFromCurrent); for (; entry != decoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame type, return now. if ((*entry)->stoppedAll()) { return; } ASSERT(!(state_.filter_call_state_ & FilterCallState::DecodeTrailers)); state_.filter_call_state_ |= FilterCallState::DecodeTrailers; FilterTrailersStatus status = (*entry)->handle_->decodeTrailers(trailers); (*entry)->handle_->decodeComplete(); (*entry)->end_stream_ = true; state_.filter_call_state_ &= ~FilterCallState::DecodeTrailers; ENVOY_STREAM_LOG(trace, "decode trailers called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); processNewlyAddedMetadata(); if (!(*entry)->commonHandleAfterTrailersCallback(status)) { return; } } disarmRequestTimeout(); } void FilterManager::decodeMetadata(ActiveStreamDecoderFilter* filter, MetadataMap& metadata_map) { // Filter iteration may start at the current filter. std::list::iterator entry = commonDecodePrefix(filter, FilterIterationStartState::CanStartFromCurrent); for (; entry != decoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame type, stores metadata and returns. // If the filter pointed by entry hasn't returned from decodeHeaders, stores newly added // metadata in case decodeHeaders returns StopAllIteration. The latter can happen when headers // callbacks generate new metadata. if (!(*entry)->decode_headers_called_ || (*entry)->stoppedAll()) { Http::MetadataMapPtr metadata_map_ptr = std::make_unique(metadata_map); (*entry)->getSavedRequestMetadata()->emplace_back(std::move(metadata_map_ptr)); return; } FilterMetadataStatus status = (*entry)->handle_->decodeMetadata(metadata_map); ENVOY_STREAM_LOG(trace, "decode metadata called: filter={} status={}, metadata: {}", *this, static_cast((*entry).get()), static_cast(status), metadata_map); } } void FilterManager::maybeEndDecode(bool end_stream) { ASSERT(!state_.remote_complete_); state_.remote_complete_ = end_stream; if (end_stream) { stream_info_.onLastDownstreamRxByteReceived(); ENVOY_STREAM_LOG(debug, "request end stream", *this); } } void FilterManager::disarmRequestTimeout() { filter_manager_callbacks_.disarmRequestTimeout(); } std::list::iterator FilterManager::commonEncodePrefix(ActiveStreamEncoderFilter* filter, bool end_stream, FilterIterationStartState filter_iteration_start_state) { // Only do base state setting on the initial call. Subsequent calls for filtering do not touch // the base state. if (filter == nullptr) { ASSERT(!state_.local_complete_); state_.local_complete_ = end_stream; return encoder_filters_.begin(); } if (filter_iteration_start_state == FilterIterationStartState::CanStartFromCurrent && (*(filter->entry()))->iterate_from_current_filter_) { // The filter iteration has been stopped for all frame types, and now the iteration continues. // The current filter's encoding callback has not be called. Call it now. return filter->entry(); } return std::next(filter->entry()); } std::list::iterator FilterManager::commonDecodePrefix(ActiveStreamDecoderFilter* filter, FilterIterationStartState filter_iteration_start_state) { if (!filter) { return decoder_filters_.begin(); } if (filter_iteration_start_state == FilterIterationStartState::CanStartFromCurrent && (*(filter->entry()))->iterate_from_current_filter_) { // The filter iteration has been stopped for all frame types, and now the iteration continues. // The current filter's callback function has not been called. Call it now. return filter->entry(); } return std::next(filter->entry()); } void FilterManager::sendLocalReply( bool old_was_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, const absl::optional grpc_status, absl::string_view details) { const bool is_head_request = state_.is_head_request_; bool is_grpc_request = old_was_grpc_request; if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.unify_grpc_handling")) { is_grpc_request = state_.is_grpc_request_; } stream_info_.setResponseCodeDetails(details); filter_manager_callbacks_.onLocalReply(code); if (!filter_manager_callbacks_.responseHeaders().has_value()) { // If the response has not started at all, send the response through the filter chain. sendLocalReplyViaFilterChain(is_grpc_request, code, body, modify_headers, is_head_request, grpc_status, details); } else if (!state_.non_100_response_headers_encoded_) { ENVOY_STREAM_LOG(debug, "Sending local reply with details {} directly to the encoder", *this, details); // In this case, at least the header and possibly the body has started // processing through the filter chain, but no non-informational headers // have been sent downstream. To ensure that filters don't get their // state machine screwed up, bypass the filter chain and send the local // reply directly to the codec. // sendDirectLocalReply(code, body, modify_headers, state_.is_head_request_, grpc_status); } else { // If we land in this branch, response headers have already been sent to the client. // All we can do at this point is reset the stream. ENVOY_STREAM_LOG(debug, "Resetting stream due to {}. Prior headers have already been sent", *this, details); // TODO(snowp): This means we increment the tx_reset stat which we weren't doing previously. // Intended? filter_manager_callbacks_.resetStream(); } } void FilterManager::sendLocalReplyViaFilterChain( bool is_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, bool is_head_request, const absl::optional grpc_status, absl::string_view details) { ENVOY_STREAM_LOG(debug, "Sending local reply with details {}", *this, details); ASSERT(!filter_manager_callbacks_.responseHeaders().has_value()); // For early error handling, do a best-effort attempt to create a filter chain // to ensure access logging. If the filter chain already exists this will be // a no-op. createFilterChain(); Utility::sendLocalReply( state_.destroyed_, Utility::EncodeFunctions{ [this, modify_headers](ResponseHeaderMap& headers) -> void { if (streamInfo().route_entry_ && Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.always_apply_route_header_rules")) { streamInfo().route_entry_->finalizeResponseHeaders(headers, streamInfo()); } if (modify_headers) { modify_headers(headers); } }, [this](ResponseHeaderMap& response_headers, Code& code, std::string& body, absl::string_view& content_type) -> void { // TODO(snowp): This &get() business isn't nice, rework LocalReply and others to accept // opt refs. local_reply_.rewrite(filter_manager_callbacks_.requestHeaders().has_value() ? &filter_manager_callbacks_.requestHeaders()->get() : nullptr, response_headers, stream_info_, code, body, content_type); }, [this, modify_headers](ResponseHeaderMapPtr&& headers, bool end_stream) -> void { filter_manager_callbacks_.setResponseHeaders(std::move(headers)); // TODO: Start encoding from the last decoder filter that saw the // request instead. encodeHeaders(nullptr, filter_manager_callbacks_.responseHeaders()->get(), end_stream); }, [this](Buffer::Instance& data, bool end_stream) -> void { // TODO: Start encoding from the last decoder filter that saw the // request instead. encodeData(nullptr, data, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); }}, Utility::LocalReplyData{is_grpc_request, code, body, grpc_status, is_head_request}); } void FilterManager::sendDirectLocalReply( Code code, absl::string_view body, const std::function& modify_headers, bool is_head_request, const absl::optional grpc_status) { // Make sure we won't end up with nested watermark calls from the body buffer. state_.encoder_filters_streaming_ = true; Http::Utility::sendLocalReply( state_.destroyed_, Utility::EncodeFunctions{ [this, modify_headers](ResponseHeaderMap& headers) -> void { if (streamInfo().route_entry_ && Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.always_apply_route_header_rules")) { streamInfo().route_entry_->finalizeResponseHeaders(headers, streamInfo()); } if (modify_headers) { modify_headers(headers); } }, [&](ResponseHeaderMap& response_headers, Code& code, std::string& body, absl::string_view& content_type) -> void { local_reply_.rewrite(filter_manager_callbacks_.requestHeaders().has_value() ? &filter_manager_callbacks_.requestHeaders()->get() : nullptr, response_headers, stream_info_, code, body, content_type); }, [&](ResponseHeaderMapPtr&& response_headers, bool end_stream) -> void { // Move the response headers into the FilterManager to make sure they're visible to // access logs. filter_manager_callbacks_.setResponseHeaders(std::move(response_headers)); state_.non_100_response_headers_encoded_ = true; filter_manager_callbacks_.encodeHeaders(*filter_manager_callbacks_.responseHeaders(), end_stream); maybeEndEncode(end_stream); }, [&](Buffer::Instance& data, bool end_stream) -> void { filter_manager_callbacks_.encodeData(data, end_stream); maybeEndEncode(end_stream); }}, Utility::LocalReplyData{state_.is_grpc_request_, code, body, grpc_status, is_head_request}); } void FilterManager::encode100ContinueHeaders(ActiveStreamEncoderFilter* filter, ResponseHeaderMap& headers) { filter_manager_callbacks_.resetIdleTimer(); ASSERT(proxy_100_continue_); // The caller must guarantee that encode100ContinueHeaders() is invoked at most once. ASSERT(!state_.has_continue_headers_ || filter != nullptr); // Make sure commonContinue continues encode100ContinueHeaders. state_.has_continue_headers_ = true; // Similar to the block in encodeHeaders, run encode100ContinueHeaders on each // filter. This is simpler than that case because 100 continue implies no // end-stream, and because there are normal headers coming there's no need for // complex continuation logic. // 100-continue filter iteration should always start with the next filter if available. std::list::iterator entry = commonEncodePrefix(filter, false, FilterIterationStartState::AlwaysStartFromNext); for (; entry != encoder_filters_.end(); entry++) { ASSERT(!(state_.filter_call_state_ & FilterCallState::Encode100ContinueHeaders)); state_.filter_call_state_ |= FilterCallState::Encode100ContinueHeaders; FilterHeadersStatus status = (*entry)->handle_->encode100ContinueHeaders(headers); state_.filter_call_state_ &= ~FilterCallState::Encode100ContinueHeaders; ENVOY_STREAM_LOG(trace, "encode 100 continue headers called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); if (!(*entry)->commonHandleAfter100ContinueHeadersCallback(status)) { return; } } filter_manager_callbacks_.encode100ContinueHeaders(headers); } void FilterManager::maybeContinueEncoding( const std::list::iterator& continue_data_entry) { if (continue_data_entry != encoder_filters_.end()) { // We use the continueEncoding() code since it will correctly handle not calling // encodeHeaders() again. Fake setting StopSingleIteration since the continueEncoding() code // expects it. ASSERT(buffered_response_data_); (*continue_data_entry)->iteration_state_ = ActiveStreamFilterBase::IterationState::StopSingleIteration; (*continue_data_entry)->continueEncoding(); } } void FilterManager::encodeHeaders(ActiveStreamEncoderFilter* filter, ResponseHeaderMap& headers, bool end_stream) { // See encodeHeaders() comments in include/envoy/http/filter.h for why the 1xx precondition holds. ASSERT(!CodeUtility::is1xx(Utility::getResponseStatus(headers)) || Utility::getResponseStatus(headers) == enumToInt(Http::Code::SwitchingProtocols)); filter_manager_callbacks_.resetIdleTimer(); disarmRequestTimeout(); // Headers filter iteration should always start with the next filter if available. std::list::iterator entry = commonEncodePrefix(filter, end_stream, FilterIterationStartState::AlwaysStartFromNext); std::list::iterator continue_data_entry = encoder_filters_.end(); for (; entry != encoder_filters_.end(); entry++) { ASSERT(!(state_.filter_call_state_ & FilterCallState::EncodeHeaders)); state_.filter_call_state_ |= FilterCallState::EncodeHeaders; (*entry)->end_stream_ = state_.encoding_headers_only_ || (end_stream && continue_data_entry == encoder_filters_.end()); FilterHeadersStatus status = (*entry)->handle_->encodeHeaders(headers, (*entry)->end_stream_); ASSERT(!(status == FilterHeadersStatus::ContinueAndEndStream && (*entry)->end_stream_), "Filters should not return FilterHeadersStatus::ContinueAndEndStream from encodeHeaders " "when end_stream is already true"); ASSERT(!(status == FilterHeadersStatus::ContinueAndDontEndStream && !(*entry)->end_stream_), "Filters should not return FilterHeadersStatus::ContinueAndDontEndStream from " "encodeHeaders when end_stream is already false"); state_.filter_call_state_ &= ~FilterCallState::EncodeHeaders; ENVOY_STREAM_LOG(trace, "encode headers called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); (*entry)->encode_headers_called_ = true; // encoding_headers_only_ is set if the filter returns ContinueAndEndStream. const auto continue_iteration = (*entry)->commonHandleAfterHeadersCallback( status, end_stream, state_.encoding_headers_only_); // If this filter ended the stream, encodeComplete() should be called for it. if ((*entry)->end_stream_ || state_.encoding_headers_only_) { (*entry)->handle_->encodeComplete(); } // If we're encoding a headers only response, then mark the local as complete. This ensures // that we don't attempt to reset the downstream request in doEndStream. if (state_.encoding_headers_only_) { state_.local_complete_ = true; } if (!continue_iteration) { if (!(*entry)->end_stream_) { maybeContinueEncoding(continue_data_entry); } return; } // Here we handle the case where we have a header only response, but a filter adds a body // to it. We need to not raise end_stream = true to further filters during inline iteration. if (end_stream && buffered_response_data_ && continue_data_entry == encoder_filters_.end()) { continue_data_entry = entry; } } const bool modified_end_stream = state_.encoding_headers_only_ || (end_stream && continue_data_entry == encoder_filters_.end()); state_.non_100_response_headers_encoded_ = true; filter_manager_callbacks_.encodeHeaders(headers, modified_end_stream); maybeEndEncode(modified_end_stream); if (!modified_end_stream) { maybeContinueEncoding(continue_data_entry); } } void FilterManager::encodeMetadata(ActiveStreamEncoderFilter* filter, MetadataMapPtr&& metadata_map_ptr) { filter_manager_callbacks_.resetIdleTimer(); std::list::iterator entry = commonEncodePrefix(filter, false, FilterIterationStartState::CanStartFromCurrent); for (; entry != encoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame type, stores metadata and returns. // If the filter pointed by entry hasn't returned from encodeHeaders, stores newly added // metadata in case encodeHeaders returns StopAllIteration. The latter can happen when headers // callbacks generate new metadata. if (!(*entry)->encode_headers_called_ || (*entry)->stoppedAll()) { (*entry)->getSavedResponseMetadata()->emplace_back(std::move(metadata_map_ptr)); return; } FilterMetadataStatus status = (*entry)->handle_->encodeMetadata(*metadata_map_ptr); ENVOY_STREAM_LOG(trace, "encode metadata called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); } // TODO(soya3129): update stats with metadata. // Now encode metadata via the codec. if (!metadata_map_ptr->empty()) { MetadataMapVector metadata_map_vector; metadata_map_vector.emplace_back(std::move(metadata_map_ptr)); filter_manager_callbacks_.encodeMetadata(metadata_map_vector); } } ResponseTrailerMap& FilterManager::addEncodedTrailers() { // Trailers can only be added during the last data frame (i.e. end_stream = true). ASSERT(state_.filter_call_state_ & FilterCallState::LastDataFrame); // Trailers can only be added once. ASSERT(!filter_manager_callbacks_.responseTrailers()); filter_manager_callbacks_.setResponseTrailers(ResponseTrailerMapImpl::create()); return *filter_manager_callbacks_.responseTrailers(); } void FilterManager::addEncodedData(ActiveStreamEncoderFilter& filter, Buffer::Instance& data, bool streaming) { if (state_.filter_call_state_ == 0 || (state_.filter_call_state_ & FilterCallState::EncodeHeaders) || (state_.filter_call_state_ & FilterCallState::EncodeData) || ((state_.filter_call_state_ & FilterCallState::EncodeTrailers) && !filter.canIterate())) { // Make sure if this triggers watermarks, the correct action is taken. state_.encoder_filters_streaming_ = streaming; // If no call is happening or we are in the decode headers/data callback, buffer the data. // Inline processing happens in the decodeHeaders() callback if necessary. filter.commonHandleBufferData(data); } else if (state_.filter_call_state_ & FilterCallState::EncodeTrailers) { // In this case we need to inline dispatch the data to further filters. If those filters // choose to buffer/stop iteration that's fine. encodeData(&filter, data, false, FilterIterationStartState::AlwaysStartFromNext); } else { // TODO(mattklein123): Formalize error handling for filters and add tests. Should probably // throw an exception here. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } void FilterManager::encodeData(ActiveStreamEncoderFilter* filter, Buffer::Instance& data, bool end_stream, FilterIterationStartState filter_iteration_start_state) { filter_manager_callbacks_.resetIdleTimer(); // If we previously decided to encode only the headers, do nothing here. if (state_.encoding_headers_only_) { return; } // Filter iteration may start at the current filter. std::list::iterator entry = commonEncodePrefix(filter, end_stream, filter_iteration_start_state); auto trailers_added_entry = encoder_filters_.end(); const bool trailers_exists_at_start = filter_manager_callbacks_.responseTrailers().has_value(); for (; entry != encoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame type, return now. if (handleDataIfStopAll(**entry, data, state_.encoder_filters_streaming_)) { return; } // If end_stream_ is marked for a filter, the data is not for this filter and filters after. // For details, please see the comment in the ActiveStream::decodeData() function. if ((*entry)->end_stream_) { return; } ASSERT(!(state_.filter_call_state_ & FilterCallState::EncodeData)); // We check the response_trailers_ pointer here in case addEncodedTrailers // is called in encodeData during a previous filter invocation, at which point we communicate to // the current and future filters that the stream has not yet ended. state_.filter_call_state_ |= FilterCallState::EncodeData; if (end_stream) { state_.filter_call_state_ |= FilterCallState::LastDataFrame; } recordLatestDataFilter(entry, state_.latest_data_encoding_filter_, encoder_filters_); (*entry)->end_stream_ = end_stream && !filter_manager_callbacks_.responseTrailers(); FilterDataStatus status = (*entry)->handle_->encodeData(data, (*entry)->end_stream_); if ((*entry)->end_stream_) { (*entry)->handle_->encodeComplete(); } state_.filter_call_state_ &= ~FilterCallState::EncodeData; if (end_stream) { state_.filter_call_state_ &= ~FilterCallState::LastDataFrame; } ENVOY_STREAM_LOG(trace, "encode data called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); if (!trailers_exists_at_start && filter_manager_callbacks_.responseTrailers() && trailers_added_entry == encoder_filters_.end()) { trailers_added_entry = entry; } if (!(*entry)->commonHandleAfterDataCallback(status, data, state_.encoder_filters_streaming_)) { return; } } const bool modified_end_stream = end_stream && trailers_added_entry == encoder_filters_.end(); ASSERT(!state_.encoding_headers_only_); filter_manager_callbacks_.encodeData(data, modified_end_stream); maybeEndEncode(modified_end_stream); // If trailers were adding during encodeData we need to trigger decodeTrailers in order // to allow filters to process the trailers. if (trailers_added_entry != encoder_filters_.end()) { encodeTrailers(trailers_added_entry->get(), *filter_manager_callbacks_.responseTrailers()); } } void FilterManager::encodeTrailers(ActiveStreamEncoderFilter* filter, ResponseTrailerMap& trailers) { filter_manager_callbacks_.resetIdleTimer(); // If we previously decided to encode only the headers, do nothing here. if (state_.encoding_headers_only_) { return; } // Filter iteration may start at the current filter. std::list::iterator entry = commonEncodePrefix(filter, true, FilterIterationStartState::CanStartFromCurrent); for (; entry != encoder_filters_.end(); entry++) { // If the filter pointed by entry has stopped for all frame type, return now. if ((*entry)->stoppedAll()) { return; } ASSERT(!(state_.filter_call_state_ & FilterCallState::EncodeTrailers)); state_.filter_call_state_ |= FilterCallState::EncodeTrailers; FilterTrailersStatus status = (*entry)->handle_->encodeTrailers(trailers); (*entry)->handle_->encodeComplete(); (*entry)->end_stream_ = true; state_.filter_call_state_ &= ~FilterCallState::EncodeTrailers; ENVOY_STREAM_LOG(trace, "encode trailers called: filter={} status={}", *this, static_cast((*entry).get()), static_cast(status)); if (!(*entry)->commonHandleAfterTrailersCallback(status)) { return; } } filter_manager_callbacks_.encodeTrailers(trailers); maybeEndEncode(true); } void FilterManager::maybeEndEncode(bool end_stream) { if (end_stream) { filter_manager_callbacks_.endStream(); } } bool FilterManager::processNewlyAddedMetadata() { if (request_metadata_map_vector_ == nullptr) { return false; } for (const auto& metadata_map : *getRequestMetadataMapVector()) { decodeMetadata(nullptr, *metadata_map); } getRequestMetadataMapVector()->clear(); return true; } bool FilterManager::handleDataIfStopAll(ActiveStreamFilterBase& filter, Buffer::Instance& data, bool& filter_streaming) { if (filter.stoppedAll()) { ASSERT(!filter.canIterate()); filter_streaming = filter.iteration_state_ == ActiveStreamFilterBase::IterationState::StopAllWatermark; filter.commonHandleBufferData(data); return true; } return false; } void FilterManager::callHighWatermarkCallbacks() { ++high_watermark_count_; for (auto watermark_callbacks : watermark_callbacks_) { watermark_callbacks->onAboveWriteBufferHighWatermark(); } } void FilterManager::callLowWatermarkCallbacks() { ASSERT(high_watermark_count_ > 0); --high_watermark_count_; for (auto watermark_callbacks : watermark_callbacks_) { watermark_callbacks->onBelowWriteBufferLowWatermark(); } } void FilterManager::setBufferLimit(uint32_t new_limit) { ENVOY_STREAM_LOG(debug, "setting buffer limit to {}", *this, new_limit); buffer_limit_ = new_limit; if (buffered_request_data_) { buffered_request_data_->setWatermarks(buffer_limit_); } if (buffered_response_data_) { buffered_response_data_->setWatermarks(buffer_limit_); } } bool FilterManager::createFilterChain() { if (state_.created_filter_chain_) { return false; } bool upgrade_rejected = false; const HeaderEntry* upgrade = nullptr; if (filter_manager_callbacks_.requestHeaders()) { upgrade = filter_manager_callbacks_.requestHeaders()->get().Upgrade(); // Treat CONNECT requests as a special upgrade case. if (!upgrade && HeaderUtility::isConnect(*filter_manager_callbacks_.requestHeaders())) { upgrade = filter_manager_callbacks_.requestHeaders()->get().Method(); } } state_.created_filter_chain_ = true; if (upgrade != nullptr) { const Router::RouteEntry::UpgradeMap* upgrade_map = filter_manager_callbacks_.upgradeMap(); if (filter_chain_factory_.createUpgradeFilterChain(upgrade->value().getStringView(), upgrade_map, *this)) { filter_manager_callbacks_.upgradeFilterChainCreated(); return true; } else { upgrade_rejected = true; // Fall through to the default filter chain. The function calling this // will send a local reply indicating that the upgrade failed. } } filter_chain_factory_.createFilterChain(*this); return !upgrade_rejected; } void ActiveStreamDecoderFilter::requestDataDrained() { // If this is called it means the call to requestDataTooLarge() was a // streaming call, or a 413 would have been sent. onDecoderFilterBelowWriteBufferLowWatermark(); } void ActiveStreamDecoderFilter::onDecoderFilterBelowWriteBufferLowWatermark() { parent_.filter_manager_callbacks_.onDecoderFilterBelowWriteBufferLowWatermark(); } void ActiveStreamDecoderFilter::addDownstreamWatermarkCallbacks( DownstreamWatermarkCallbacks& watermark_callbacks) { // This is called exactly once per upstream-stream, by the router filter. Therefore, we // expect the same callbacks to not be registered twice. ASSERT(std::find(parent_.watermark_callbacks_.begin(), parent_.watermark_callbacks_.end(), &watermark_callbacks) == parent_.watermark_callbacks_.end()); parent_.watermark_callbacks_.emplace(parent_.watermark_callbacks_.end(), &watermark_callbacks); for (uint32_t i = 0; i < parent_.high_watermark_count_; ++i) { watermark_callbacks.onAboveWriteBufferHighWatermark(); } } void ActiveStreamDecoderFilter::removeDownstreamWatermarkCallbacks( DownstreamWatermarkCallbacks& watermark_callbacks) { ASSERT(std::find(parent_.watermark_callbacks_.begin(), parent_.watermark_callbacks_.end(), &watermark_callbacks) != parent_.watermark_callbacks_.end()); parent_.watermark_callbacks_.remove(&watermark_callbacks); } void ActiveStreamDecoderFilter::setDecoderBufferLimit(uint32_t limit) { parent_.setBufferLimit(limit); } uint32_t ActiveStreamDecoderFilter::decoderBufferLimit() { return parent_.buffer_limit_; } bool ActiveStreamDecoderFilter::recreateStream() { // Because the filter's and the HCM view of if the stream has a body and if // the stream is complete may differ, re-check bytesReceived() to make sure // there was no body from the HCM's point of view. if (!complete() || parent_.stream_info_.bytesReceived() != 0) { return false; } parent_.stream_info_.setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().InternalRedirect); parent_.filter_manager_callbacks_.recreateStream(parent_.stream_info_.filter_state_); return true; } void ActiveStreamDecoderFilter::addUpstreamSocketOptions( const Network::Socket::OptionsSharedPtr& options) { Network::Socket::appendOptions(parent_.upstream_options_, options); } Network::Socket::OptionsSharedPtr ActiveStreamDecoderFilter::getUpstreamSocketOptions() const { return parent_.upstream_options_; } void ActiveStreamDecoderFilter::requestRouteConfigUpdate( Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) { parent_.filter_manager_callbacks_.requestRouteConfigUpdate(std::move(route_config_updated_cb)); } absl::optional ActiveStreamDecoderFilter::routeConfig() { return parent_.filter_manager_callbacks_.routeConfig(); } Buffer::WatermarkBufferPtr ActiveStreamEncoderFilter::createBuffer() { auto buffer = new Buffer::WatermarkBuffer( [this]() -> void { this->responseDataDrained(); }, [this]() -> void { this->responseDataTooLarge(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }); buffer->setWatermarks(parent_.buffer_limit_); return Buffer::WatermarkBufferPtr{buffer}; } Buffer::WatermarkBufferPtr& ActiveStreamEncoderFilter::bufferedData() { return parent_.buffered_response_data_; } bool ActiveStreamEncoderFilter::complete() { return parent_.state_.local_complete_; } bool ActiveStreamEncoderFilter::has100Continueheaders() { return parent_.state_.has_continue_headers_ && !continue_headers_continued_; } void ActiveStreamEncoderFilter::do100ContinueHeaders() { parent_.encode100ContinueHeaders(this, *parent_.filter_manager_callbacks_.continueHeaders()); } void ActiveStreamEncoderFilter::doHeaders(bool end_stream) { parent_.encodeHeaders(this, *parent_.filter_manager_callbacks_.responseHeaders(), end_stream); } void ActiveStreamEncoderFilter::doData(bool end_stream) { parent_.encodeData(this, *parent_.buffered_response_data_, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); } void ActiveStreamEncoderFilter::drainSavedResponseMetadata() { ASSERT(saved_response_metadata_ != nullptr); for (auto& metadata_map : *getSavedResponseMetadata()) { parent_.encodeMetadata(this, std::move(metadata_map)); } getSavedResponseMetadata()->clear(); } void ActiveStreamEncoderFilter::handleMetadataAfterHeadersCallback() { // If we drain accumulated metadata, the iteration must start with the current filter. const bool saved_state = iterate_from_current_filter_; iterate_from_current_filter_ = true; // If encodeHeaders() returns StopAllIteration, we should skip draining metadata, and wait // for doMetadata() to drain the metadata after iteration continues. if (!stoppedAll() && saved_response_metadata_ != nullptr && !getSavedResponseMetadata()->empty()) { drainSavedResponseMetadata(); } // Restores the original value of iterate_from_current_filter_. iterate_from_current_filter_ = saved_state; } void ActiveStreamEncoderFilter::doTrailers() { parent_.encodeTrailers(this, *parent_.filter_manager_callbacks_.responseTrailers()); } bool ActiveStreamEncoderFilter::hasTrailers() { return parent_.filter_manager_callbacks_.responseTrailers().has_value(); } void ActiveStreamEncoderFilter::addEncodedData(Buffer::Instance& data, bool streaming) { return parent_.addEncodedData(*this, data, streaming); } void ActiveStreamEncoderFilter::injectEncodedDataToFilterChain(Buffer::Instance& data, bool end_stream) { // TODO(yosrym93): Check if this filter had previously stopped headers iteration. // If so, it should be continued before injecting data. parent_.encodeData(this, data, end_stream, FilterManager::FilterIterationStartState::CanStartFromCurrent); } ResponseTrailerMap& ActiveStreamEncoderFilter::addEncodedTrailers() { return parent_.addEncodedTrailers(); } void ActiveStreamEncoderFilter::addEncodedMetadata(MetadataMapPtr&& metadata_map_ptr) { return parent_.encodeMetadata(this, std::move(metadata_map_ptr)); } void ActiveStreamEncoderFilter::onEncoderFilterAboveWriteBufferHighWatermark() { ENVOY_STREAM_LOG(debug, "Disabling upstream stream due to filter callbacks.", parent_); parent_.callHighWatermarkCallbacks(); } void ActiveStreamEncoderFilter::onEncoderFilterBelowWriteBufferLowWatermark() { ENVOY_STREAM_LOG(debug, "Enabling upstream stream due to filter callbacks.", parent_); parent_.callLowWatermarkCallbacks(); } void ActiveStreamEncoderFilter::setEncoderBufferLimit(uint32_t limit) { parent_.setBufferLimit(limit); } uint32_t ActiveStreamEncoderFilter::encoderBufferLimit() { return parent_.buffer_limit_; } void ActiveStreamEncoderFilter::continueEncoding() { commonContinue(); } const Buffer::Instance* ActiveStreamEncoderFilter::encodingBuffer() { return parent_.buffered_response_data_.get(); } void ActiveStreamEncoderFilter::modifyEncodingBuffer( std::function callback) { ASSERT(parent_.state_.latest_data_encoding_filter_ == this); callback(*parent_.buffered_response_data_.get()); } void ActiveStreamEncoderFilter::sendLocalReply( Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) { parent_.sendLocalReply(parent_.state_.is_grpc_request_, code, body, modify_headers, grpc_status, details); } Http1StreamEncoderOptionsOptRef ActiveStreamEncoderFilter::http1StreamEncoderOptions() { // TODO(mattklein123): At some point we might want to actually wrap this interface but for now // we give the filter direct access to the encoder options. return parent_.filter_manager_callbacks_.http1StreamEncoderOptions(); } void ActiveStreamEncoderFilter::responseDataTooLarge() { if (parent_.state_.encoder_filters_streaming_) { onEncoderFilterAboveWriteBufferHighWatermark(); } else { parent_.filter_manager_callbacks_.onResponseDataTooLarge(); // In this case, sendLocalReply will either send a response directly to the encoder, or // reset the stream. parent_.sendLocalReply( parent_.filter_manager_callbacks_.requestHeaders() && Grpc::Common::isGrpcRequestHeaders(*parent_.filter_manager_callbacks_.requestHeaders()), Http::Code::InternalServerError, CodeUtility::toString(Http::Code::InternalServerError), nullptr, absl::nullopt, StreamInfo::ResponseCodeDetails::get().ResponsePayloadTooLarge); } } void ActiveStreamEncoderFilter::responseDataDrained() { onEncoderFilterBelowWriteBufferLowWatermark(); } void ActiveStreamFilterBase::resetStream() { parent_.filter_manager_callbacks_.resetStream(); } uint64_t ActiveStreamFilterBase::streamId() const { return parent_.streamId(); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/filter_manager.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "common/buffer/watermark_buffer.h" #include "common/common/dump_state_utils.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/grpc/common.h" #include "common/http/headers.h" #include "common/local_reply/local_reply.h" namespace Envoy { namespace Http { class FilterManager; /** * Base class wrapper for both stream encoder and decoder filters. */ struct ActiveStreamFilterBase : public virtual StreamFilterCallbacks, Logger::Loggable { ActiveStreamFilterBase(FilterManager& parent, bool dual_filter) : parent_(parent), iteration_state_(IterationState::Continue), iterate_from_current_filter_(false), headers_continued_(false), continue_headers_continued_(false), end_stream_(false), dual_filter_(dual_filter), decode_headers_called_(false), encode_headers_called_(false) {} // Functions in the following block are called after the filter finishes processing // corresponding data. Those functions handle state updates and data storage (if needed) // according to the status returned by filter's callback functions. bool commonHandleAfter100ContinueHeadersCallback(FilterHeadersStatus status); bool commonHandleAfterHeadersCallback(FilterHeadersStatus status, bool& end_stream, bool& headers_only); bool commonHandleAfterDataCallback(FilterDataStatus status, Buffer::Instance& provided_data, bool& buffer_was_streaming); bool commonHandleAfterTrailersCallback(FilterTrailersStatus status); // Buffers provided_data. void commonHandleBufferData(Buffer::Instance& provided_data); // If iteration has stopped for all frame types, calls this function to buffer the data before // the filter processes data. The function also updates streaming state. void commonBufferDataIfStopAll(Buffer::Instance& provided_data, bool& buffer_was_streaming); void commonContinue(); virtual bool canContinue() PURE; virtual Buffer::WatermarkBufferPtr createBuffer() PURE; virtual Buffer::WatermarkBufferPtr& bufferedData() PURE; virtual bool complete() PURE; virtual bool has100Continueheaders() PURE; virtual void do100ContinueHeaders() PURE; virtual void doHeaders(bool end_stream) PURE; virtual void doData(bool end_stream) PURE; virtual void doTrailers() PURE; virtual bool hasTrailers() PURE; virtual void doMetadata() PURE; // TODO(soya3129): make this pure when adding impl to encoder filter. virtual void handleMetadataAfterHeadersCallback() PURE; // Http::StreamFilterCallbacks const Network::Connection* connection() override; Event::Dispatcher& dispatcher() override; void resetStream() override; Router::RouteConstSharedPtr route() override; Router::RouteConstSharedPtr route(const Router::RouteCallback& cb) override; Upstream::ClusterInfoConstSharedPtr clusterInfo() override; void clearRouteCache() override; uint64_t streamId() const override; StreamInfo::StreamInfo& streamInfo() override; Tracing::Span& activeSpan() override; Tracing::Config& tracingConfig() override; const ScopeTrackedObject& scope() override; // Functions to set or get iteration state. bool canIterate() { return iteration_state_ == IterationState::Continue; } bool stoppedAll() { return iteration_state_ == IterationState::StopAllBuffer || iteration_state_ == IterationState::StopAllWatermark; } void allowIteration() { ASSERT(iteration_state_ != IterationState::Continue); iteration_state_ = IterationState::Continue; } MetadataMapVector* getSavedRequestMetadata() { if (saved_request_metadata_ == nullptr) { saved_request_metadata_ = std::make_unique(); } return saved_request_metadata_.get(); } MetadataMapVector* getSavedResponseMetadata() { if (saved_response_metadata_ == nullptr) { saved_response_metadata_ = std::make_unique(); } return saved_response_metadata_.get(); } // A vector to save metadata when the current filter's [de|en]codeMetadata() can not be called, // either because [de|en]codeHeaders() of the current filter returns StopAllIteration or because // [de|en]codeHeaders() adds new metadata to [de|en]code, but we don't know // [de|en]codeHeaders()'s return value yet. The storage is created on demand. std::unique_ptr saved_request_metadata_{nullptr}; std::unique_ptr saved_response_metadata_{nullptr}; // The state of iteration. enum class IterationState { Continue, // Iteration has not stopped for any frame type. StopSingleIteration, // Iteration has stopped for headers, 100-continue, or data. StopAllBuffer, // Iteration has stopped for all frame types, and following data should // be buffered. StopAllWatermark, // Iteration has stopped for all frame types, and following data should // be buffered until high watermark is reached. }; FilterManager& parent_; IterationState iteration_state_; // If the filter resumes iteration from a StopAllBuffer/Watermark state, the current filter // hasn't parsed data and trailers. As a result, the filter iteration should start with the // current filter instead of the next one. If true, filter iteration starts with the current // filter. Otherwise, starts with the next filter in the chain. bool iterate_from_current_filter_ : 1; bool headers_continued_ : 1; bool continue_headers_continued_ : 1; // If true, end_stream is called for this filter. bool end_stream_ : 1; const bool dual_filter_ : 1; bool decode_headers_called_ : 1; bool encode_headers_called_ : 1; }; /** * Wrapper for a stream decoder filter. */ struct ActiveStreamDecoderFilter : public ActiveStreamFilterBase, public StreamDecoderFilterCallbacks, LinkedObject { ActiveStreamDecoderFilter(FilterManager& parent, StreamDecoderFilterSharedPtr filter, bool dual_filter) : ActiveStreamFilterBase(parent, dual_filter), handle_(filter) {} // ActiveStreamFilterBase bool canContinue() override; Buffer::WatermarkBufferPtr createBuffer() override; Buffer::WatermarkBufferPtr& bufferedData() override; bool complete() override; bool has100Continueheaders() override { return false; } void do100ContinueHeaders() override { NOT_REACHED_GCOVR_EXCL_LINE; } void doHeaders(bool end_stream) override; void doData(bool end_stream) override; void doMetadata() override { if (saved_request_metadata_ != nullptr) { drainSavedRequestMetadata(); } } void doTrailers() override; bool hasTrailers() override; void drainSavedRequestMetadata(); // This function is called after the filter calls decodeHeaders() to drain accumulated metadata. void handleMetadataAfterHeadersCallback() override; // Http::StreamDecoderFilterCallbacks void addDecodedData(Buffer::Instance& data, bool streaming) override; void injectDecodedDataToFilterChain(Buffer::Instance& data, bool end_stream) override; RequestTrailerMap& addDecodedTrailers() override; MetadataMapVector& addDecodedMetadata() override; void continueDecoding() override; const Buffer::Instance* decodingBuffer() override; void modifyDecodingBuffer(std::function callback) override; void sendLocalReply(Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) override; void encode100ContinueHeaders(ResponseHeaderMapPtr&& headers) override; void encodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream, absl::string_view details) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeTrailers(ResponseTrailerMapPtr&& trailers) override; void encodeMetadata(MetadataMapPtr&& metadata_map_ptr) override; void onDecoderFilterAboveWriteBufferHighWatermark() override; void onDecoderFilterBelowWriteBufferLowWatermark() override; void addDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks& watermark_callbacks) override; void removeDownstreamWatermarkCallbacks(DownstreamWatermarkCallbacks& watermark_callbacks) override; void setDecoderBufferLimit(uint32_t limit) override; uint32_t decoderBufferLimit() override; bool recreateStream() override; void addUpstreamSocketOptions(const Network::Socket::OptionsSharedPtr& options) override; Network::Socket::OptionsSharedPtr getUpstreamSocketOptions() const override; // Each decoder filter instance checks if the request passed to the filter is gRPC // so that we can issue gRPC local responses to gRPC requests. Filter's decodeHeaders() // called here may change the content type, so we must check it before the call. FilterHeadersStatus decodeHeaders(RequestHeaderMap& headers, bool end_stream) { is_grpc_request_ = Grpc::Common::isGrpcRequestHeaders(headers); FilterHeadersStatus status = handle_->decodeHeaders(headers, end_stream); return status; } void requestDataTooLarge(); void requestDataDrained(); void requestRouteConfigUpdate( Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) override; absl::optional routeConfig(); StreamDecoderFilterSharedPtr handle_; bool is_grpc_request_{}; }; using ActiveStreamDecoderFilterPtr = std::unique_ptr; /** * Wrapper for a stream encoder filter. */ struct ActiveStreamEncoderFilter : public ActiveStreamFilterBase, public StreamEncoderFilterCallbacks, LinkedObject { ActiveStreamEncoderFilter(FilterManager& parent, StreamEncoderFilterSharedPtr filter, bool dual_filter) : ActiveStreamFilterBase(parent, dual_filter), handle_(filter) {} // ActiveStreamFilterBase bool canContinue() override { return true; } Buffer::WatermarkBufferPtr createBuffer() override; Buffer::WatermarkBufferPtr& bufferedData() override; bool complete() override; bool has100Continueheaders() override; void do100ContinueHeaders() override; void doHeaders(bool end_stream) override; void doData(bool end_stream) override; void drainSavedResponseMetadata(); void handleMetadataAfterHeadersCallback() override; void doMetadata() override { if (saved_response_metadata_ != nullptr) { drainSavedResponseMetadata(); } } void doTrailers() override; bool hasTrailers() override; // Http::StreamEncoderFilterCallbacks void addEncodedData(Buffer::Instance& data, bool streaming) override; void injectEncodedDataToFilterChain(Buffer::Instance& data, bool end_stream) override; ResponseTrailerMap& addEncodedTrailers() override; void addEncodedMetadata(MetadataMapPtr&& metadata_map) override; void onEncoderFilterAboveWriteBufferHighWatermark() override; void onEncoderFilterBelowWriteBufferLowWatermark() override; void setEncoderBufferLimit(uint32_t limit) override; uint32_t encoderBufferLimit() override; void continueEncoding() override; const Buffer::Instance* encodingBuffer() override; void modifyEncodingBuffer(std::function callback) override; void sendLocalReply(Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, absl::string_view details) override; Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override; void responseDataTooLarge(); void responseDataDrained(); StreamEncoderFilterSharedPtr handle_; }; using ActiveStreamEncoderFilterPtr = std::unique_ptr; /** * Callbacks invoked by the FilterManager to pass filter data/events back to the caller. */ class FilterManagerCallbacks { public: virtual ~FilterManagerCallbacks() = default; /** * Called when the provided headers have been encoded by all the filters in the chain. * @param response_headers the encoded headers. * @param end_stream whether this is a header only response. */ virtual void encodeHeaders(ResponseHeaderMap& response_headers, bool end_stream) PURE; /** * Called when the provided 100 Continue headers have been encoded by all the filters in the * chain. * @param response_headers the encoded headers. */ virtual void encode100ContinueHeaders(ResponseHeaderMap& response_headers) PURE; /** * Called when the provided data has been encoded by all filters in the chain. * @param data the encoded data. * @param end_stream whether this is the end of the response. */ virtual void encodeData(Buffer::Instance& data, bool end_stream) PURE; /** * Called when the provided trailers have been encoded by all filters in the chain. * @param trailers the encoded trailers. */ virtual void encodeTrailers(ResponseTrailerMap& trailers) PURE; /** * Called when the provided metadata has been encoded by all filters in the chain. * @param trailers the encoded trailers. */ virtual void encodeMetadata(MetadataMapVector& metadata) PURE; /** * Injects request trailers into a stream that originally did not have request trailers. */ virtual void setRequestTrailers(RequestTrailerMapPtr&& request_trailers) PURE; /** * Passes ownership of received continue headers to the parent. This may be called multiple times * in the case of multiple upstream calls. */ virtual void setContinueHeaders(ResponseHeaderMapPtr&& response_headers) PURE; /** * Passes ownership of received response headers to the parent. This may be called multiple times * in the case of multiple upstream calls. */ virtual void setResponseHeaders(ResponseHeaderMapPtr&& response_headers) PURE; /** * Passes ownership of received response trailers to the parent. This may be called multiple times * in the case of multiple upstream calls. */ virtual void setResponseTrailers(ResponseTrailerMapPtr&& response_trailers) PURE; // TODO(snowp): We should consider moving filter access to headers/trailers to happen via the // callbacks instead of via the encode/decode callbacks on the filters. /** * The downstream request headers if set. */ virtual RequestHeaderMapOptRef requestHeaders() PURE; /** * The downstream request trailers if present. */ virtual RequestTrailerMapOptRef requestTrailers() PURE; /** * Retrieves a pointer to the continue headers set via the call to setContinueHeaders. */ virtual ResponseHeaderMapOptRef continueHeaders() PURE; /** * Retrieves a pointer to the response headers set via the last call to setResponseHeaders. * Note that response headers might be set multiple times (e.g. if a local reply is issued after * headers have been received but before headers have been encoded), so it is not safe in general * to assume that any set of headers will be valid for the duration of a stream. */ virtual ResponseHeaderMapOptRef responseHeaders() PURE; /** * Retrieves a pointer to the last response trailers set via setResponseTrailers. * Note that response trailers might be set multiple times, so it is not safe in general to assume * that any set of trailers will be valid for the duration of the stream. */ virtual ResponseTrailerMapOptRef responseTrailers() PURE; /** * Called after encoding has completed. */ virtual void endStream() PURE; /** * Called when the stream write buffer is no longer above the low watermark. */ virtual void onDecoderFilterBelowWriteBufferLowWatermark() PURE; /** * Called when the stream write buffer is above above the high watermark. */ virtual void onDecoderFilterAboveWriteBufferHighWatermark() PURE; /** * Called when the FilterManager creates an Upgrade filter chain. */ virtual void upgradeFilterChainCreated() PURE; /** * Called when request activity indicates that the request timeout should be disarmed. */ virtual void disarmRequestTimeout() PURE; /** * Called when stream activity indicates that the stream idle timeout should be reset. */ virtual void resetIdleTimer() PURE; /** * Called when the stream should be re-created, e.g. for an internal redirect. */ virtual void recreateStream(StreamInfo::FilterStateSharedPtr filter_state) PURE; /** * Called when the stream should be reset. */ virtual void resetStream() PURE; /** * Returns the upgrade map for the current route entry. */ virtual const Router::RouteEntry::UpgradeMap* upgradeMap() PURE; /** * Returns the cluster info for the current route entry. */ virtual Upstream::ClusterInfoConstSharedPtr clusterInfo() PURE; /** * Returns the current route. */ virtual Router::RouteConstSharedPtr route(const Router::RouteCallback& cb) PURE; /** * Clears the cached route. */ virtual void clearRouteCache() PURE; /** * Returns the current route configuration. */ virtual absl::optional routeConfig() PURE; /** * Update the current route configuration. */ virtual void requestRouteConfigUpdate(Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_cb) PURE; /** * Returns the current active span. */ virtual Tracing::Span& activeSpan() PURE; // TODO(snowp): It might make more sense to pass (optional?) counters to the FM instead of // calling back out to the AS to record them. /** * Called when a stream fails due to the response data being too large. */ virtual void onResponseDataTooLarge() PURE; /** * Called when a stream fails due to the request data being too large. */ virtual void onRequestDataTooLarge() PURE; /** * Returns the Http1StreamEncoderOptions associated with the response encoder. */ virtual Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() PURE; /** * Called when a local reply is made by the filter manager. * @param code the response code of the local reply. */ virtual void onLocalReply(Code code) PURE; /** * Returns the tracing configuration to use for this stream. */ virtual Tracing::Config& tracingConfig() PURE; /** * Returns the tracked scope to use for this stream. */ virtual const ScopeTrackedObject& scope() PURE; }; /** * FilterManager manages decoding a request through a series of decoding filter and the encoding * of the resulting response. */ class FilterManager : public ScopeTrackedObject, FilterChainFactoryCallbacks, Logger::Loggable { public: FilterManager(FilterManagerCallbacks& filter_manager_callbacks, Event::Dispatcher& dispatcher, const Network::Connection& connection, uint64_t stream_id, bool proxy_100_continue, uint32_t buffer_limit, FilterChainFactory& filter_chain_factory, const LocalReply::LocalReply& local_reply, Http::Protocol protocol, TimeSource& time_source, StreamInfo::FilterStateSharedPtr parent_filter_state, StreamInfo::FilterState::LifeSpan filter_state_life_span) : filter_manager_callbacks_(filter_manager_callbacks), dispatcher_(dispatcher), connection_(connection), stream_id_(stream_id), proxy_100_continue_(proxy_100_continue), buffer_limit_(buffer_limit), filter_chain_factory_(filter_chain_factory), local_reply_(local_reply), stream_info_(protocol, time_source, parent_filter_state, filter_state_life_span) {} ~FilterManager() override { ASSERT(state_.destroyed_); ASSERT(state_.filter_call_state_ == 0); } // ScopeTrackedObject void dumpState(std::ostream& os, int indent_level = 0) const override { const char* spaces = spacesForLevel(indent_level); os << spaces << "FilterManager " << this << DUMP_MEMBER(state_.has_continue_headers_) << DUMP_MEMBER(state_.decoding_headers_only_) << DUMP_MEMBER(state_.encoding_headers_only_) << "\n"; DUMP_OPT_REF_DETAILS(filter_manager_callbacks_.requestHeaders()); DUMP_OPT_REF_DETAILS(filter_manager_callbacks_.requestTrailers()); DUMP_OPT_REF_DETAILS(filter_manager_callbacks_.responseHeaders()); DUMP_OPT_REF_DETAILS(filter_manager_callbacks_.responseTrailers()); DUMP_DETAILS(&stream_info_); } // Http::FilterChainFactoryCallbacks void addStreamDecoderFilter(StreamDecoderFilterSharedPtr filter) override { addStreamDecoderFilterWorker(filter, false); } void addStreamEncoderFilter(StreamEncoderFilterSharedPtr filter) override { addStreamEncoderFilterWorker(filter, false); } void addStreamFilter(StreamFilterSharedPtr filter) override { addStreamDecoderFilterWorker(filter, true); addStreamEncoderFilterWorker(filter, true); } void addAccessLogHandler(AccessLog::InstanceSharedPtr handler) override; void log() { RequestHeaderMap* request_headers = nullptr; if (filter_manager_callbacks_.requestHeaders()) { request_headers = &filter_manager_callbacks_.requestHeaders()->get(); } ResponseHeaderMap* response_headers = nullptr; if (filter_manager_callbacks_.responseHeaders()) { response_headers = &filter_manager_callbacks_.responseHeaders()->get(); } ResponseTrailerMap* response_trailers = nullptr; if (filter_manager_callbacks_.responseTrailers()) { response_trailers = &filter_manager_callbacks_.responseTrailers()->get(); } for (const auto& log_handler : access_log_handlers_) { log_handler->log(request_headers, response_headers, response_trailers, stream_info_); } } void onStreamComplete() { for (auto& filter : decoder_filters_) { filter->handle_->onStreamComplete(); } for (auto& filter : encoder_filters_) { // Do not call onStreamComplete twice for dual registered filters. if (!filter->dual_filter_) { filter->handle_->onStreamComplete(); } } } void destroyFilters() { state_.destroyed_ = true; for (auto& filter : decoder_filters_) { filter->handle_->onDestroy(); } for (auto& filter : encoder_filters_) { // Do not call on destroy twice for dual registered filters. if (!filter->dual_filter_) { filter->handle_->onDestroy(); } } } /** * Decodes the provided headers starting at the first filter in the chain. * @param headers the headers to decode. * @param end_stream whether the request is header only. */ void decodeHeaders(RequestHeaderMap& headers, bool end_stream) { decodeHeaders(nullptr, headers, end_stream); } /** * Decodes the provided data starting at the first filter in the chain. * @param data the data to decode. * @param end_stream whether this data is the end of the request. */ void decodeData(Buffer::Instance& data, bool end_stream) { decodeData(nullptr, data, end_stream, FilterIterationStartState::CanStartFromCurrent); } /** * Decodes the provided trailers starting at the first filter in the chain. * @param trailers the trailers to decode. */ void decodeTrailers(RequestTrailerMap& trailers) { decodeTrailers(nullptr, trailers); } /** * Decodes the provided metadata starting at the first filter in the chain. * @param metadata_map the metadata to decode. */ void decodeMetadata(MetadataMap& metadata_map) { decodeMetadata(nullptr, metadata_map); } // TODO(snowp): Make private as filter chain construction is moved into FM. void addStreamDecoderFilterWorker(StreamDecoderFilterSharedPtr filter, bool dual_filter); void addStreamEncoderFilterWorker(StreamEncoderFilterSharedPtr filter, bool dual_filter); void disarmRequestTimeout(); /** * If end_stream is true, marks decoding as complete. This is a noop if end_stream is false. * @param end_stream whether decoding is complete. */ void maybeEndDecode(bool end_stream); /** * If end_stream is true, marks encoding as complete. This is a noop if end_stream is false. * @param end_stream whether encoding is complete. */ void maybeEndEncode(bool end_stream); void sendLocalReply(bool is_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, const absl::optional grpc_status, absl::string_view details); /** * Sends a local reply by constructing a response and passing it through all the encoder * filters. The resulting response will be passed out via the FilterManagerCallbacks. */ void sendLocalReplyViaFilterChain( bool is_grpc_request, Code code, absl::string_view body, const std::function& modify_headers, bool is_head_request, const absl::optional grpc_status, absl::string_view details); /** * Sends a local reply by constructing a response and skipping the encoder filters. The * resulting response will be passed out via the FilterManagerCallbacks. */ void sendDirectLocalReply(Code code, absl::string_view body, const std::function& modify_headers, bool is_head_request, const absl::optional grpc_status); // Possibly increases buffer_limit_ to the value of limit. void setBufferLimit(uint32_t limit); /** * @return bool whether any above high watermark triggers are currently active */ bool aboveHighWatermark() { return high_watermark_count_ != 0; } // Pass on watermark callbacks to watermark subscribers. This boils down to passing watermark // events for this stream and the downstream connection to the router filter. void callHighWatermarkCallbacks(); void callLowWatermarkCallbacks(); void requestHeadersInitialized() { if (Http::Headers::get().MethodValues.Head == filter_manager_callbacks_.requestHeaders()->get().getMethodValue()) { state_.is_head_request_ = true; } state_.is_grpc_request_ = Grpc::Common::isGrpcRequestHeaders(filter_manager_callbacks_.requestHeaders()->get()); } /** * Marks local processing as complete. */ void setLocalComplete() { state_.local_complete_ = true; } /** * Whether the filters have been destroyed. */ bool destroyed() const { return state_.destroyed_; } /** * Whether remote processing has been marked as complete. */ bool remoteComplete() const { return state_.remote_complete_; } /** * Instructs the FilterManager to not create a filter chain. This makes it possible to issue * a local reply without the overhead of creating and traversing the filters. */ void skipFilterChainCreation() { ASSERT(!state_.created_filter_chain_); state_.created_filter_chain_ = true; } // TODO(snowp): This should probably return a StreamInfo instead of the impl. StreamInfo::StreamInfoImpl& streamInfo() { return stream_info_; } const StreamInfo::StreamInfoImpl& streamInfo() const { return stream_info_; } // Set up the Encoder/Decoder filter chain. bool createFilterChain(); const Network::Connection* connection() const { return &connection_; } uint64_t streamId() const { return stream_id_; } private: // Indicates which filter to start the iteration with. enum class FilterIterationStartState { AlwaysStartFromNext, CanStartFromCurrent }; // Returns the encoder filter to start iteration with. std::list::iterator commonEncodePrefix(ActiveStreamEncoderFilter* filter, bool end_stream, FilterIterationStartState filter_iteration_start_state); // Returns the decoder filter to start iteration with. std::list::iterator commonDecodePrefix(ActiveStreamDecoderFilter* filter, FilterIterationStartState filter_iteration_start_state); void addDecodedData(ActiveStreamDecoderFilter& filter, Buffer::Instance& data, bool streaming); RequestTrailerMap& addDecodedTrailers(); MetadataMapVector& addDecodedMetadata(); // Helper function for the case where we have a header only request, but a filter adds a body // to it. void maybeContinueDecoding( const std::list::iterator& maybe_continue_data_entry); void decodeHeaders(ActiveStreamDecoderFilter* filter, RequestHeaderMap& headers, bool end_stream); // Sends data through decoding filter chains. filter_iteration_start_state indicates which // filter to start the iteration with. void decodeData(ActiveStreamDecoderFilter* filter, Buffer::Instance& data, bool end_stream, FilterIterationStartState filter_iteration_start_state); void decodeTrailers(ActiveStreamDecoderFilter* filter, RequestTrailerMap& trailers); void decodeMetadata(ActiveStreamDecoderFilter* filter, MetadataMap& metadata_map); void addEncodedData(ActiveStreamEncoderFilter& filter, Buffer::Instance& data, bool streaming); ResponseTrailerMap& addEncodedTrailers(); void encode100ContinueHeaders(ActiveStreamEncoderFilter* filter, ResponseHeaderMap& headers); // As with most of the encode functions, this runs encodeHeaders on various // filters before calling encodeHeadersInternal which does final header munging and passes the // headers to the encoder. void maybeContinueEncoding( const std::list::iterator& maybe_continue_data_entry); void encodeHeaders(ActiveStreamEncoderFilter* filter, ResponseHeaderMap& headers, bool end_stream); // Sends data through encoding filter chains. filter_iteration_start_state indicates which // filter to start the iteration with, and finally calls encodeDataInternal // to update stats, do end stream bookkeeping, and send the data to encoder. void encodeData(ActiveStreamEncoderFilter* filter, Buffer::Instance& data, bool end_stream, FilterIterationStartState filter_iteration_start_state); void encodeTrailers(ActiveStreamEncoderFilter* filter, ResponseTrailerMap& trailers); void encodeMetadata(ActiveStreamEncoderFilter* filter, MetadataMapPtr&& metadata_map_ptr); // Returns true if new metadata is decoded. Otherwise, returns false. bool processNewlyAddedMetadata(); // Returns true if filter has stopped iteration for all frame types. Otherwise, returns false. // filter_streaming is the variable to indicate if stream is streaming, and its value may be // changed by the function. bool handleDataIfStopAll(ActiveStreamFilterBase& filter, Buffer::Instance& data, bool& filter_streaming); MetadataMapVector* getRequestMetadataMapVector() { if (request_metadata_map_vector_ == nullptr) { request_metadata_map_vector_ = std::make_unique(); } return request_metadata_map_vector_.get(); } FilterManagerCallbacks& filter_manager_callbacks_; Event::Dispatcher& dispatcher_; const Network::Connection& connection_; const uint64_t stream_id_; const bool proxy_100_continue_; std::list decoder_filters_; std::list encoder_filters_; std::list access_log_handlers_; // Stores metadata added in the decoding filter that is being processed. Will be cleared before // processing the next filter. The storage is created on demand. We need to store metadata // temporarily in the filter in case the filter has stopped all while processing headers. std::unique_ptr request_metadata_map_vector_; Buffer::WatermarkBufferPtr buffered_response_data_; Buffer::WatermarkBufferPtr buffered_request_data_; uint32_t buffer_limit_{0}; uint32_t high_watermark_count_{0}; std::list watermark_callbacks_; Network::Socket::OptionsSharedPtr upstream_options_ = std::make_shared(); FilterChainFactory& filter_chain_factory_; const LocalReply::LocalReply& local_reply_; StreamInfo::StreamInfoImpl stream_info_; // TODO(snowp): Once FM has been moved to its own file we'll make these private classes of FM, // at which point they no longer need to be friends. friend ActiveStreamFilterBase; friend ActiveStreamDecoderFilter; friend ActiveStreamEncoderFilter; /** * Flags that keep track of which filter calls are currently in progress. */ // clang-format off struct FilterCallState { static constexpr uint32_t DecodeHeaders = 0x01; static constexpr uint32_t DecodeData = 0x02; static constexpr uint32_t DecodeTrailers = 0x04; static constexpr uint32_t EncodeHeaders = 0x08; static constexpr uint32_t EncodeData = 0x10; static constexpr uint32_t EncodeTrailers = 0x20; // Encode100ContinueHeaders is a bit of a special state as 100 continue // headers may be sent during request processing. This state is only used // to verify we do not encode100Continue headers more than once per // filter. static constexpr uint32_t Encode100ContinueHeaders = 0x40; // Used to indicate that we're processing the final [En|De]codeData frame, // i.e. end_stream = true static constexpr uint32_t LastDataFrame = 0x80; }; // clang-format on struct State { State() : remote_complete_(false), local_complete_(false), has_continue_headers_(false), created_filter_chain_(false), is_head_request_(false), is_grpc_request_(false), non_100_response_headers_encoded_(false) {} uint32_t filter_call_state_{0}; bool remote_complete_ : 1; bool local_complete_ : 1; // This indicates that local is complete prior to filter processing. // A filter can still stop the stream from being complete as seen // by the codec. // By default, we will assume there are no 100-Continue headers. If encode100ContinueHeaders // is ever called, this is set to true so commonContinue resumes processing the 100-Continue. bool has_continue_headers_ : 1; bool created_filter_chain_ : 1; // These two are latched on initial header read, to determine if the original headers // constituted a HEAD or gRPC request, respectively. bool is_head_request_ : 1; bool is_grpc_request_ : 1; // Tracks if headers other than 100-Continue have been encoded to the codec. bool non_100_response_headers_encoded_ : 1; // The following 3 members are booleans rather than part of the space-saving bitfield as they // are passed as arguments to functions expecting bools. Extend State using the bitfield // where possible. bool encoder_filters_streaming_{true}; bool decoder_filters_streaming_{true}; bool destroyed_{false}; // Whether a filter has indicated that the response should be treated as a headers only // response. bool encoding_headers_only_{false}; // Whether a filter has indicated that the request should be treated as a headers only // request. bool decoding_headers_only_{false}; // Used to track which filter is the latest filter that has received data. ActiveStreamEncoderFilter* latest_data_encoding_filter_{}; ActiveStreamDecoderFilter* latest_data_decoding_filter_{}; }; State state_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/hash_policy.cc ================================================ #include "common/http/hash_policy.h" #include "envoy/config/route/v3/route_components.pb.h" #include "common/common/matchers.h" #include "common/common/regex.h" #include "common/http/utility.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Http { class HashMethodImplBase : public HashPolicyImpl::HashMethod { public: explicit HashMethodImplBase(bool terminal) : terminal_(terminal) {} bool terminal() const override { return terminal_; } private: const bool terminal_; }; class HeaderHashMethod : public HashMethodImplBase { public: HeaderHashMethod(const envoy::config::route::v3::RouteAction::HashPolicy::Header& header, bool terminal) : HashMethodImplBase(terminal), header_name_(header.header_name()) { if (header.has_regex_rewrite()) { const auto& rewrite_spec = header.regex_rewrite(); regex_rewrite_ = Regex::Utility::parseRegex(rewrite_spec.pattern()); regex_rewrite_substitution_ = rewrite_spec.substitution(); } } absl::optional evaluate(const Network::Address::Instance*, const RequestHeaderMap& headers, const HashPolicy::AddCookieCallback, const StreamInfo::FilterStateSharedPtr) const override { absl::optional hash; const HeaderEntry* header = headers.get(header_name_); if (header) { if (regex_rewrite_ != nullptr) { hash = HashUtil::xxHash64(regex_rewrite_->replaceAll(header->value().getStringView(), regex_rewrite_substitution_)); } else { hash = HashUtil::xxHash64(header->value().getStringView()); } } return hash; } private: const LowerCaseString header_name_; Regex::CompiledMatcherPtr regex_rewrite_{}; std::string regex_rewrite_substitution_{}; }; class CookieHashMethod : public HashMethodImplBase { public: CookieHashMethod(const std::string& key, const std::string& path, const absl::optional& ttl, bool terminal) : HashMethodImplBase(terminal), key_(key), path_(path), ttl_(ttl) {} absl::optional evaluate(const Network::Address::Instance*, const RequestHeaderMap& headers, const HashPolicy::AddCookieCallback add_cookie, const StreamInfo::FilterStateSharedPtr) const override { absl::optional hash; std::string value = Utility::parseCookieValue(headers, key_); if (value.empty() && ttl_.has_value()) { value = add_cookie(key_, path_, ttl_.value()); hash = HashUtil::xxHash64(value); } else if (!value.empty()) { hash = HashUtil::xxHash64(value); } return hash; } private: const std::string key_; const std::string path_; const absl::optional ttl_; }; class IpHashMethod : public HashMethodImplBase { public: IpHashMethod(bool terminal) : HashMethodImplBase(terminal) {} absl::optional evaluate(const Network::Address::Instance* downstream_addr, const RequestHeaderMap&, const HashPolicy::AddCookieCallback, const StreamInfo::FilterStateSharedPtr) const override { if (downstream_addr == nullptr) { return absl::nullopt; } auto* downstream_ip = downstream_addr->ip(); if (downstream_ip == nullptr) { return absl::nullopt; } const auto& downstream_addr_str = downstream_ip->addressAsString(); if (downstream_addr_str.empty()) { return absl::nullopt; } return HashUtil::xxHash64(downstream_addr_str); } }; class QueryParameterHashMethod : public HashMethodImplBase { public: QueryParameterHashMethod(const std::string& parameter_name, bool terminal) : HashMethodImplBase(terminal), parameter_name_(parameter_name) {} absl::optional evaluate(const Network::Address::Instance*, const RequestHeaderMap& headers, const HashPolicy::AddCookieCallback, const StreamInfo::FilterStateSharedPtr) const override { absl::optional hash; const HeaderEntry* header = headers.Path(); if (header) { Http::Utility::QueryParams query_parameters = Http::Utility::parseQueryString(header->value().getStringView()); const auto& iter = query_parameters.find(parameter_name_); if (iter != query_parameters.end()) { hash = HashUtil::xxHash64(iter->second); } } return hash; } private: const std::string parameter_name_; }; class FilterStateHashMethod : public HashMethodImplBase { public: FilterStateHashMethod(const std::string& key, bool terminal) : HashMethodImplBase(terminal), key_(key) {} absl::optional evaluate(const Network::Address::Instance*, const RequestHeaderMap&, const HashPolicy::AddCookieCallback, const StreamInfo::FilterStateSharedPtr filter_state) const override { if (filter_state->hasData(key_)) { return filter_state->getDataReadOnly(key_).hash(); } return absl::nullopt; } private: const std::string key_; }; HashPolicyImpl::HashPolicyImpl( absl::Span hash_policies) { hash_impls_.reserve(hash_policies.size()); for (auto* hash_policy : hash_policies) { switch (hash_policy->policy_specifier_case()) { case envoy::config::route::v3::RouteAction::HashPolicy::PolicySpecifierCase::kHeader: hash_impls_.emplace_back( new HeaderHashMethod(hash_policy->header(), hash_policy->terminal())); break; case envoy::config::route::v3::RouteAction::HashPolicy::PolicySpecifierCase::kCookie: { absl::optional ttl; if (hash_policy->cookie().has_ttl()) { ttl = std::chrono::seconds(hash_policy->cookie().ttl().seconds()); } hash_impls_.emplace_back(new CookieHashMethod(hash_policy->cookie().name(), hash_policy->cookie().path(), ttl, hash_policy->terminal())); break; } case envoy::config::route::v3::RouteAction::HashPolicy::PolicySpecifierCase:: kConnectionProperties: if (hash_policy->connection_properties().source_ip()) { hash_impls_.emplace_back(new IpHashMethod(hash_policy->terminal())); } break; case envoy::config::route::v3::RouteAction::HashPolicy::PolicySpecifierCase::kQueryParameter: hash_impls_.emplace_back(new QueryParameterHashMethod(hash_policy->query_parameter().name(), hash_policy->terminal())); break; case envoy::config::route::v3::RouteAction::HashPolicy::PolicySpecifierCase::kFilterState: hash_impls_.emplace_back( new FilterStateHashMethod(hash_policy->filter_state().key(), hash_policy->terminal())); break; default: throw EnvoyException( absl::StrCat("Unsupported hash policy ", hash_policy->policy_specifier_case())); } } } absl::optional HashPolicyImpl::generateHash(const Network::Address::Instance* downstream_addr, const RequestHeaderMap& headers, const AddCookieCallback add_cookie, const StreamInfo::FilterStateSharedPtr filter_state) const { absl::optional hash; for (const HashMethodPtr& hash_impl : hash_impls_) { const absl::optional new_hash = hash_impl->evaluate(downstream_addr, headers, add_cookie, filter_state); if (new_hash) { // Rotating the old value prevents duplicate hash rules from cancelling each other out // and preserves all of the entropy const uint64_t old_value = hash ? ((hash.value() << 1) | (hash.value() >> 63)) : 0; hash = old_value ^ new_hash.value(); } // If the policy is a terminal policy and a hash has been generated, ignore // the rest of the hash policies. if (hash_impl->terminal() && hash) { break; } } return hash; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/hash_policy.h ================================================ #pragma once #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/hash_policy.h" #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace Http { /** * Implementation of HashPolicy that reads from the proto route config and only currently supports * hashing on an HTTP header. */ class HashPolicyImpl : public HashPolicy { public: explicit HashPolicyImpl( absl::Span hash_policy); // Http::HashPolicy absl::optional generateHash(const Network::Address::Instance* downstream_addr, const RequestHeaderMap& headers, const AddCookieCallback add_cookie, const StreamInfo::FilterStateSharedPtr filter_state) const override; class HashMethod { public: virtual ~HashMethod() = default; virtual absl::optional evaluate(const Network::Address::Instance* downstream_addr, const RequestHeaderMap& headers, const AddCookieCallback add_cookie, const StreamInfo::FilterStateSharedPtr filter_state) const PURE; // If the method is a terminal method, ignore rest of the hash policy chain. virtual bool terminal() const PURE; }; using HashMethodPtr = std::unique_ptr; private: std::vector hash_impls_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_list_view.cc ================================================ #include "common/http/header_list_view.h" namespace Envoy { namespace Http { HeaderListView::HeaderListView(const HeaderMap& header_map) { header_map.iterate([this](const Http::HeaderEntry& header) -> HeaderMap::Iterate { keys_.emplace_back(std::reference_wrapper(header.key())); values_.emplace_back(std::reference_wrapper(header.value())); return HeaderMap::Iterate::Continue; }); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_list_view.h ================================================ #pragma once #include #include "envoy/http/header_map.h" namespace Envoy { namespace Http { class HeaderListView { public: using HeaderStringRefs = std::vector>; HeaderListView(const HeaderMap& header_map); const HeaderStringRefs& keys() const { return keys_; } const HeaderStringRefs& values() const { return values_; } private: HeaderStringRefs keys_; HeaderStringRefs values_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_map_impl.cc ================================================ #include "common/http/header_map_impl.h" #include #include #include #include #include "envoy/http/header_map.h" #include "common/common/assert.h" #include "common/common/dump_state_utils.h" #include "common/common/empty_string.h" #include "common/runtime/runtime_features.h" #include "common/singleton/const_singleton.h" #include "absl/strings/match.h" namespace Envoy { namespace Http { namespace { // This includes the NULL (StringUtil::itoa technically only needs 21). constexpr size_t MaxIntegerLength{32}; void validateCapacity(uint64_t new_capacity) { // If the resizing will cause buffer overflow due to hitting uint32_t::max, an OOM is likely // imminent. Fast-fail rather than allow a buffer overflow attack (issue #1421) RELEASE_ASSERT(new_capacity <= std::numeric_limits::max(), "Trying to allocate overly large headers."); } absl::string_view getStrView(const VariantHeader& buffer) { return absl::get(buffer); } InlineHeaderVector& getInVec(VariantHeader& buffer) { return absl::get(buffer); } const InlineHeaderVector& getInVec(const VariantHeader& buffer) { return absl::get(buffer); } } // namespace // Initialize as a Type::Inline HeaderString::HeaderString() : buffer_(InlineHeaderVector()) { ASSERT((getInVec(buffer_).capacity()) >= MaxIntegerLength); ASSERT(valid()); } // Initialize as a Type::Reference HeaderString::HeaderString(const LowerCaseString& ref_value) : buffer_(absl::string_view(ref_value.get().c_str(), ref_value.get().size())) { ASSERT(valid()); } // Initialize as a Type::Reference HeaderString::HeaderString(absl::string_view ref_value) : buffer_(ref_value) { ASSERT(valid()); } HeaderString::HeaderString(HeaderString&& move_value) noexcept : buffer_(std::move(move_value.buffer_)) { move_value.clear(); ASSERT(valid()); } bool HeaderString::valid() const { return validHeaderString(getStringView()); } void HeaderString::append(const char* data, uint32_t data_size) { // Make sure the requested memory allocation is below uint32_t::max const uint64_t new_capacity = static_cast(data_size) + size(); validateCapacity(new_capacity); ASSERT(validHeaderString(absl::string_view(data, data_size))); switch (type()) { case Type::Reference: { // Rather than be too clever and optimize this uncommon case, we switch to // Inline mode and copy. const absl::string_view prev = getStrView(buffer_); buffer_ = InlineHeaderVector(); // Assigning new_capacity to avoid resizing when appending the new data getInVec(buffer_).reserve(new_capacity); getInVec(buffer_).assign(prev.begin(), prev.end()); break; } case Type::Inline: { getInVec(buffer_).reserve(new_capacity); break; } } getInVec(buffer_).insert(getInVec(buffer_).end(), data, data + data_size); } void HeaderString::rtrim() { ASSERT(type() == Type::Inline); absl::string_view original = getStringView(); absl::string_view rtrimmed = StringUtil::rtrim(original); if (original.size() != rtrimmed.size()) { getInVec(buffer_).resize(rtrimmed.size()); } } absl::string_view HeaderString::getStringView() const { if (type() == Type::Reference) { return getStrView(buffer_); } ASSERT(type() == Type::Inline); return {getInVec(buffer_).data(), getInVec(buffer_).size()}; } void HeaderString::clear() { if (type() == Type::Inline) { getInVec(buffer_).clear(); } } void HeaderString::setCopy(const char* data, uint32_t size) { ASSERT(validHeaderString(absl::string_view(data, size))); if (!absl::holds_alternative(buffer_)) { // Switching from Type::Reference to Type::Inline buffer_ = InlineHeaderVector(); } getInVec(buffer_).reserve(size); getInVec(buffer_).assign(data, data + size); ASSERT(valid()); } void HeaderString::setCopy(absl::string_view view) { this->setCopy(view.data(), static_cast(view.size())); } void HeaderString::setInteger(uint64_t value) { // Initialize the size to the max length, copy the actual data, and then // reduce the size (but not the capacity) as needed // Note: instead of using the inner_buffer, attempted the following: // resize buffer_ to MaxIntegerLength, apply StringUtil::itoa to the buffer_.data(), and then // resize buffer_ to int_length (the number of digits in value). // However it was slower than the following approach. char inner_buffer[MaxIntegerLength]; const uint32_t int_length = StringUtil::itoa(inner_buffer, MaxIntegerLength, value); if (type() == Type::Reference) { // Switching from Type::Reference to Type::Inline buffer_ = InlineHeaderVector(); } ASSERT((getInVec(buffer_).capacity()) > MaxIntegerLength); getInVec(buffer_).assign(inner_buffer, inner_buffer + int_length); } void HeaderString::setReference(absl::string_view ref_value) { buffer_ = ref_value; ASSERT(valid()); } uint32_t HeaderString::size() const { if (type() == Type::Reference) { return getStrView(buffer_).size(); } ASSERT(type() == Type::Inline); return getInVec(buffer_).size(); } HeaderString::Type HeaderString::type() const { // buffer_.index() is correlated with the order of Reference and Inline in the // enum. ASSERT(buffer_.index() == 0 || buffer_.index() == 1); ASSERT((buffer_.index() == 0 && absl::holds_alternative(buffer_)) || (buffer_.index() != 0)); ASSERT((buffer_.index() == 1 && absl::holds_alternative(buffer_)) || (buffer_.index() != 1)); return Type(buffer_.index()); } // Specialization needed for HeaderMapImpl::HeaderList::insert() when key is LowerCaseString. // A fully specialized template must be defined once in the program, hence this may not be in // a header file. template <> bool HeaderMapImpl::HeaderList::isPseudoHeader(const LowerCaseString& key) { return key.get().c_str()[0] == ':'; } bool HeaderMapImpl::HeaderList::maybeMakeMap() { if (lazy_map_.empty()) { if (headers_.size() < lazy_map_min_size_) { return false; } // Add all entries from the list into the map. for (auto node = headers_.begin(); node != headers_.end(); ++node) { HeaderNodeVector& v = lazy_map_[node->key().getStringView()]; v.push_back(node); } } return true; } size_t HeaderMapImpl::HeaderList::remove(absl::string_view key) { size_t removed_bytes = 0; if (maybeMakeMap()) { auto iter = lazy_map_.find(key); if (iter != lazy_map_.end()) { // Erase from the map, and all same key entries from the list. HeaderNodeVector header_nodes = std::move(iter->second); lazy_map_.erase(iter); for (const HeaderNode& node : header_nodes) { ASSERT(node->key() == key); removed_bytes += node->key().size() + node->value().size(); erase(node, false /* remove_from_map */); } } } else { // Erase all same key entries from the list. for (auto i = headers_.begin(); i != headers_.end();) { if (i->key() == key) { removed_bytes += i->key().size() + i->value().size(); i = erase(i, false /* remove_from_map */); } else { ++i; } } } return removed_bytes; } HeaderMapImpl::HeaderEntryImpl::HeaderEntryImpl(const LowerCaseString& key) : key_(key) {} HeaderMapImpl::HeaderEntryImpl::HeaderEntryImpl(const LowerCaseString& key, HeaderString&& value) : key_(key), value_(std::move(value)) {} HeaderMapImpl::HeaderEntryImpl::HeaderEntryImpl(HeaderString&& key, HeaderString&& value) : key_(std::move(key)), value_(std::move(value)) {} void HeaderMapImpl::HeaderEntryImpl::value(absl::string_view value) { value_.setCopy(value); } void HeaderMapImpl::HeaderEntryImpl::value(uint64_t value) { value_.setInteger(value); } void HeaderMapImpl::HeaderEntryImpl::value(const HeaderEntry& header) { value(header.value().getStringView()); } template <> HeaderMapImpl::StaticLookupTable::StaticLookupTable() { #define REGISTER_DEFAULT_REQUEST_HEADER(name) \ CustomInlineHeaderRegistry::registerInlineHeader( \ Headers::get().name); INLINE_REQ_HEADERS(REGISTER_DEFAULT_REQUEST_HEADER) INLINE_REQ_RESP_HEADERS(REGISTER_DEFAULT_REQUEST_HEADER) finalizeTable(); // Special case where we map a legacy host header to :authority. const auto handle = CustomInlineHeaderRegistry::getInlineHeader( Headers::get().Host); add(Headers::get().HostLegacy.get().c_str(), [handle](HeaderMapImpl& h) -> StaticLookupResponse { return {&h.inlineHeaders()[handle.value().it_->second], &handle.value().it_->first}; }); } template <> HeaderMapImpl::StaticLookupTable::StaticLookupTable() { finalizeTable(); } template <> HeaderMapImpl::StaticLookupTable::StaticLookupTable() { #define REGISTER_RESPONSE_HEADER(name) \ CustomInlineHeaderRegistry::registerInlineHeader( \ Headers::get().name); INLINE_RESP_HEADERS(REGISTER_RESPONSE_HEADER) INLINE_REQ_RESP_HEADERS(REGISTER_RESPONSE_HEADER) INLINE_RESP_HEADERS_TRAILERS(REGISTER_RESPONSE_HEADER) finalizeTable(); } template <> HeaderMapImpl::StaticLookupTable::StaticLookupTable() { #define REGISTER_RESPONSE_TRAILER(name) \ CustomInlineHeaderRegistry::registerInlineHeader( \ Headers::get().name); INLINE_RESP_HEADERS_TRAILERS(REGISTER_RESPONSE_TRAILER) finalizeTable(); } uint64_t HeaderMapImpl::appendToHeader(HeaderString& header, absl::string_view data, absl::string_view delimiter) { if (data.empty()) { return 0; } uint64_t byte_size = 0; if (!header.empty()) { header.append(delimiter.data(), delimiter.size()); byte_size += delimiter.size(); } header.append(data.data(), data.size()); return data.size() + byte_size; } void HeaderMapImpl::updateSize(uint64_t from_size, uint64_t to_size) { ASSERT(cached_byte_size_ >= from_size); cached_byte_size_ -= from_size; cached_byte_size_ += to_size; } void HeaderMapImpl::addSize(uint64_t size) { cached_byte_size_ += size; } void HeaderMapImpl::subtractSize(uint64_t size) { ASSERT(cached_byte_size_ >= size); cached_byte_size_ -= size; } void HeaderMapImpl::copyFrom(HeaderMap& lhs, const HeaderMap& header_map) { header_map.iterate([&lhs](const HeaderEntry& header) -> HeaderMap::Iterate { // TODO(mattklein123) PERF: Avoid copying here if not necessary. HeaderString key_string; key_string.setCopy(header.key().getStringView()); HeaderString value_string; value_string.setCopy(header.value().getStringView()); lhs.addViaMove(std::move(key_string), std::move(value_string)); return HeaderMap::Iterate::Continue; }); } namespace { // This is currently only used in tests and is not optimized for performance. HeaderMap::ConstIterateCb collectAllHeaders(std::vector>* dest) { return [dest](const HeaderEntry& header) -> HeaderMap::Iterate { dest->push_back(std::make_pair(header.key().getStringView(), header.value().getStringView())); return HeaderMap::Iterate::Continue; }; }; } // namespace // This is currently only used in tests and is not optimized for performance. bool HeaderMapImpl::operator==(const HeaderMap& rhs) const { if (size() != rhs.size()) { return false; } std::vector> rhs_headers; rhs_headers.reserve(rhs.size()); rhs.iterate(collectAllHeaders(&rhs_headers)); auto i = headers_.begin(); auto j = rhs_headers.begin(); for (; i != headers_.end(); ++i, ++j) { if (i->key() != j->first || i->value() != j->second) { return false; } } return true; } bool HeaderMapImpl::operator!=(const HeaderMap& rhs) const { return !operator==(rhs); } void HeaderMapImpl::insertByKey(HeaderString&& key, HeaderString&& value) { auto lookup = staticLookup(key.getStringView()); if (lookup.has_value()) { key.clear(); if (*lookup.value().entry_ == nullptr) { maybeCreateInline(lookup.value().entry_, *lookup.value().key_, std::move(value)); } else { const uint64_t added_size = appendToHeader((*lookup.value().entry_)->value(), value.getStringView()); addSize(added_size); value.clear(); } } else { addSize(key.size() + value.size()); HeaderNode i = headers_.insert(std::move(key), std::move(value)); i->entry_ = i; } } void HeaderMapImpl::addViaMove(HeaderString&& key, HeaderString&& value) { insertByKey(std::move(key), std::move(value)); } void HeaderMapImpl::addReference(const LowerCaseString& key, absl::string_view value) { HeaderString ref_key(key); HeaderString ref_value(value); insertByKey(std::move(ref_key), std::move(ref_value)); } void HeaderMapImpl::addReferenceKey(const LowerCaseString& key, uint64_t value) { HeaderString ref_key(key); HeaderString new_value; new_value.setInteger(value); insertByKey(std::move(ref_key), std::move(new_value)); ASSERT(new_value.empty()); // NOLINT(bugprone-use-after-move) } void HeaderMapImpl::addReferenceKey(const LowerCaseString& key, absl::string_view value) { HeaderString ref_key(key); HeaderString new_value; new_value.setCopy(value); insertByKey(std::move(ref_key), std::move(new_value)); ASSERT(new_value.empty()); // NOLINT(bugprone-use-after-move) } void HeaderMapImpl::addCopy(const LowerCaseString& key, uint64_t value) { // In the case that the header is appended, we will perform a needless copy of the key and value. // This is done on purpose to keep the code simple and should be rare. HeaderString new_key; new_key.setCopy(key.get()); HeaderString new_value; new_value.setInteger(value); insertByKey(std::move(new_key), std::move(new_value)); ASSERT(new_key.empty()); // NOLINT(bugprone-use-after-move) ASSERT(new_value.empty()); // NOLINT(bugprone-use-after-move) } void HeaderMapImpl::addCopy(const LowerCaseString& key, absl::string_view value) { // In the case that the header is appended, we will perform a needless copy of the key and value. // This is done on purpose to keep the code simple and should be rare. HeaderString new_key; new_key.setCopy(key.get()); HeaderString new_value; new_value.setCopy(value); insertByKey(std::move(new_key), std::move(new_value)); ASSERT(new_key.empty()); // NOLINT(bugprone-use-after-move) ASSERT(new_value.empty()); // NOLINT(bugprone-use-after-move) } void HeaderMapImpl::appendCopy(const LowerCaseString& key, absl::string_view value) { // TODO(#9221): converge on and document a policy for coalescing multiple headers. auto entry = getExisting(key); if (!entry.empty()) { const uint64_t added_size = appendToHeader(entry[0]->value(), value); addSize(added_size); } else { addCopy(key, value); } } void HeaderMapImpl::setReference(const LowerCaseString& key, absl::string_view value) { remove(key); addReference(key, value); } void HeaderMapImpl::setReferenceKey(const LowerCaseString& key, absl::string_view value) { remove(key); addReferenceKey(key, value); } void HeaderMapImpl::setCopy(const LowerCaseString& key, absl::string_view value) { if (!Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http_set_copy_replace_all_headers")) { auto entry = getExisting(key); if (!entry.empty()) { updateSize(entry[0]->value().size(), value.size()); entry[0]->value(value); } else { addCopy(key, value); } } else { remove(key); addCopy(key, value); } } uint64_t HeaderMapImpl::byteSize() const { return cached_byte_size_; } void HeaderMapImpl::verifyByteSizeInternalForTest() const { // Computes the total byte size by summing the byte size of the keys and values. uint64_t byte_size = 0; for (const HeaderEntryImpl& header : headers_) { byte_size += header.key().size(); byte_size += header.value().size(); } ASSERT(cached_byte_size_ == byte_size); } const HeaderEntry* HeaderMapImpl::get(const LowerCaseString& key) const { const auto result = getAll(key); return result.empty() ? nullptr : result[0]; } HeaderMap::GetResult HeaderMapImpl::getAll(const LowerCaseString& key) const { return HeaderMap::GetResult(const_cast(this)->getExisting(key)); } HeaderMap::NonConstGetResult HeaderMapImpl::getExisting(const LowerCaseString& key) { // Attempt a trie lookup first to see if the user is requesting an O(1) header. This may be // relatively common in certain header matching / routing patterns. // TODO(mattklein123): Add inline handle support directly to the header matcher code to support // this use case more directly. HeaderMap::NonConstGetResult ret; auto lookup = staticLookup(key.get()); if (lookup.has_value()) { if (*lookup.value().entry_ != nullptr) { ret.push_back(*lookup.value().entry_); } return ret; } // If the requested header is not an O(1) header try using the lazy map to // search for it instead of iterating the headers list. if (headers_.maybeMakeMap()) { HeaderList::HeaderLazyMap::iterator iter = headers_.mapFind(key.get()); if (iter != headers_.mapEnd()) { const HeaderList::HeaderNodeVector& v = iter->second; ASSERT(!v.empty()); // It's impossible to have a map entry with an empty vector as its value. for (const auto& values_it : v) { // Convert the iterated value to a HeaderEntry*. ret.push_back(&(*values_it)); } } return ret; } // If the requested header is not an O(1) header and the lazy map is not in use, we do a full // scan. Doing the trie lookup is wasteful in the miss case, but is present for code consistency // with other functions that do similar things. for (HeaderEntryImpl& header : headers_) { if (header.key() == key.get().c_str()) { ret.push_back(&header); } } return ret; } void HeaderMapImpl::iterate(HeaderMap::ConstIterateCb cb) const { for (const HeaderEntryImpl& header : headers_) { if (cb(header) == HeaderMap::Iterate::Break) { break; } } } void HeaderMapImpl::iterateReverse(HeaderMap::ConstIterateCb cb) const { for (auto it = headers_.rbegin(); it != headers_.rend(); it++) { if (cb(*it) == HeaderMap::Iterate::Break) { break; } } } void HeaderMapImpl::clear() { clearInline(); headers_.clear(); cached_byte_size_ = 0; } size_t HeaderMapImpl::removeIf(const HeaderMap::HeaderMatchPredicate& predicate) { const size_t old_size = headers_.size(); headers_.removeIf([&predicate, this](const HeaderEntryImpl& entry) { const bool to_remove = predicate(entry); if (to_remove) { // If this header should be removed, make sure any references in the // static lookup table are cleared as well. auto lookup = staticLookup(entry.key().getStringView()); if (lookup.has_value()) { if (lookup.value().entry_) { const uint32_t key_value_size = (*lookup.value().entry_)->key().size() + (*lookup.value().entry_)->value().size(); subtractSize(key_value_size); *lookup.value().entry_ = nullptr; } } else { subtractSize(entry.key().size() + entry.value().size()); } } return to_remove; }); return old_size - headers_.size(); } size_t HeaderMapImpl::remove(const LowerCaseString& key) { const size_t old_size = headers_.size(); auto lookup = staticLookup(key.get()); if (lookup.has_value()) { removeInline(lookup.value().entry_); } else { subtractSize(headers_.remove(key.get())); } return old_size - headers_.size(); } size_t HeaderMapImpl::removePrefix(const LowerCaseString& prefix) { return HeaderMapImpl::removeIf([&prefix](const HeaderEntry& entry) -> bool { return absl::StartsWith(entry.key().getStringView(), prefix.get()); }); } void HeaderMapImpl::dumpState(std::ostream& os, int indent_level) const { iterate([&os, spaces = spacesForLevel(indent_level)](const HeaderEntry& header) -> HeaderMap::Iterate { os << spaces << "'" << header.key().getStringView() << "', '" << header.value().getStringView() << "'\n"; return HeaderMap::Iterate::Continue; }); } HeaderMapImpl::HeaderEntryImpl& HeaderMapImpl::maybeCreateInline(HeaderEntryImpl** entry, const LowerCaseString& key) { if (*entry) { return **entry; } addSize(key.get().size()); HeaderNode i = headers_.insert(key); i->entry_ = i; *entry = &(*i); return **entry; } HeaderMapImpl::HeaderEntryImpl& HeaderMapImpl::maybeCreateInline(HeaderEntryImpl** entry, const LowerCaseString& key, HeaderString&& value) { if (*entry) { value.clear(); return **entry; } addSize(key.get().size() + value.size()); HeaderNode i = headers_.insert(key, std::move(value)); i->entry_ = i; *entry = &(*i); return **entry; } size_t HeaderMapImpl::removeInline(HeaderEntryImpl** ptr_to_entry) { if (!*ptr_to_entry) { return 0; } HeaderEntryImpl* entry = *ptr_to_entry; const uint64_t size_to_subtract = entry->entry_->key().size() + entry->entry_->value().size(); subtractSize(size_to_subtract); *ptr_to_entry = nullptr; headers_.erase(entry->entry_, true); return 1; } namespace { template HeaderMapImplUtility::HeaderMapImplInfo makeHeaderMapImplInfo(absl::string_view name) { // Constructing a header map implementation will force the custom headers and sizing to be // finalized, so do that first. auto header_map = T::create(); HeaderMapImplUtility::HeaderMapImplInfo info; info.name_ = std::string(name); info.size_ = T::inlineHeadersSize() + sizeof(T); for (const auto& header : CustomInlineHeaderRegistry::headers()) { info.registered_headers_.push_back(header.first.get()); } return info; } } // namespace std::vector HeaderMapImplUtility::getAllHeaderMapImplInfo() { std::vector ret; ret.push_back(makeHeaderMapImplInfo("request header map")); ret.push_back(makeHeaderMapImplInfo("request trailer map")); ret.push_back(makeHeaderMapImplInfo("response header map")); ret.push_back(makeHeaderMapImplInfo("response trailer map")); return ret; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_map_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/http/header_map.h" #include "common/common/non_copyable.h" #include "common/common/utility.h" #include "common/http/headers.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Http { /** * These are definitions of all of the inline header access functions described inside header_map.h */ #define DEFINE_INLINE_HEADER_FUNCS(name) \ public: \ const HeaderEntry* name() const override { return getInline(HeaderHandles::get().name); } \ void append##name(absl::string_view data, absl::string_view delimiter) override { \ appendInline(HeaderHandles::get().name, data, delimiter); \ } \ void setReference##name(absl::string_view value) override { \ setReferenceInline(HeaderHandles::get().name, value); \ } \ void set##name(absl::string_view value) override { \ setInline(HeaderHandles::get().name, value); \ } \ void set##name(uint64_t value) override { setInline(HeaderHandles::get().name, value); } \ size_t remove##name() override { return removeInline(HeaderHandles::get().name); } \ absl::string_view get##name##Value() const override { \ return getInlineValue(HeaderHandles::get().name); \ } /** * Implementation of Http::HeaderMap. This is heavily optimized for performance. Roughly, when * headers are added to the map by string, we do a trie lookup to see if it's one of the O(1) * headers. If it is, we store a reference to it that can be accessed later directly via direct * method access. Most high performance paths use O(1) direct method access. In general, we try to * copy as little as possible and allocate as little as possible in any of the paths. */ class HeaderMapImpl : NonCopyable { public: virtual ~HeaderMapImpl() = default; // The following "constructors" call virtual functions during construction and must use the // static factory pattern. static void copyFrom(HeaderMap& lhs, const HeaderMap& rhs); // The value_type of iterator must be pair, and the first value of them must be LowerCaseString. // If not, it won't be compiled successfully. template static void initFromInitList(HeaderMap& new_header_map, It begin, It end) { for (auto it = begin; it != end; ++it) { static_assert(std::is_samefirst), LowerCaseString>::value, "iterator must be pair and the first value of them must be LowerCaseString"); HeaderString key_string; key_string.setCopy(it->first.get().c_str(), it->first.get().size()); HeaderString value_string; value_string.setCopy(it->second.c_str(), it->second.size()); new_header_map.addViaMove(std::move(key_string), std::move(value_string)); } } // Performs a manual byte size count for test verification. void verifyByteSizeInternalForTest() const; // Note: This class does not actually implement Http::HeaderMap to avoid virtual inheritance in // the derived classes. Instead, it is used as a mix-in class for TypedHeaderMapImpl below. This // both avoid virtual inheritance and allows the concrete final header maps to use a variable // length member at the end. bool operator==(const HeaderMap& rhs) const; bool operator!=(const HeaderMap& rhs) const; void addViaMove(HeaderString&& key, HeaderString&& value); void addReference(const LowerCaseString& key, absl::string_view value); void addReferenceKey(const LowerCaseString& key, uint64_t value); void addReferenceKey(const LowerCaseString& key, absl::string_view value); void addCopy(const LowerCaseString& key, uint64_t value); void addCopy(const LowerCaseString& key, absl::string_view value); void appendCopy(const LowerCaseString& key, absl::string_view value); void setReference(const LowerCaseString& key, absl::string_view value); void setReferenceKey(const LowerCaseString& key, absl::string_view value); void setCopy(const LowerCaseString& key, absl::string_view value); uint64_t byteSize() const; const HeaderEntry* get(const LowerCaseString& key) const; HeaderMap::GetResult getAll(const LowerCaseString& key) const; void iterate(HeaderMap::ConstIterateCb cb) const; void iterateReverse(HeaderMap::ConstIterateCb cb) const; void clear(); size_t remove(const LowerCaseString& key); size_t removeIf(const HeaderMap::HeaderMatchPredicate& predicate); size_t removePrefix(const LowerCaseString& key); size_t size() const { return headers_.size(); } bool empty() const { return headers_.empty(); } void dumpState(std::ostream& os, int indent_level = 0) const; protected: struct HeaderEntryImpl : public HeaderEntry, NonCopyable { HeaderEntryImpl(const LowerCaseString& key); HeaderEntryImpl(const LowerCaseString& key, HeaderString&& value); HeaderEntryImpl(HeaderString&& key, HeaderString&& value); // HeaderEntry const HeaderString& key() const override { return key_; } void value(absl::string_view value) override; void value(uint64_t value) override; void value(const HeaderEntry& header) override; const HeaderString& value() const override { return value_; } HeaderString& value() override { return value_; } HeaderString key_; HeaderString value_; std::list::iterator entry_; }; using HeaderNode = std::list::iterator; /** * This is the static lookup table that is used to determine whether a header is one of the O(1) * headers. This uses a trie for lookup time at most equal to the size of the incoming string. */ struct StaticLookupResponse { HeaderEntryImpl** entry_; const LowerCaseString* key_; }; /** * Base class for a static lookup table that converts a string key into an O(1) header. */ template struct StaticLookupTable : public TrieLookupTable> { StaticLookupTable(); void finalizeTable() { CustomInlineHeaderRegistry::finalize(); auto& headers = CustomInlineHeaderRegistry::headers(); size_ = headers.size(); for (const auto& header : headers) { this->add(header.first.get().c_str(), [&header](HeaderMapImpl& h) -> StaticLookupResponse { return {&h.inlineHeaders()[header.second], &header.first}; }); } } static size_t size() { // The size of the lookup table is finalized when the singleton lookup table is created. This // allows for late binding of custom headers as well as envoy header prefix changes. This // does mean that once the first header map is created of this type, no further changes are // possible. // TODO(mattklein123): If we decide to keep this implementation, it is conceivable that header // maps could be created by an API factory that is owned by the listener/HCM, thus making // O(1) header delivery over xDS possible. return ConstSingleton::get().size_; } static absl::optional lookup(HeaderMapImpl& header_map, absl::string_view key) { const auto& entry = ConstSingleton::get().find(key); if (entry != nullptr) { return entry(header_map); } else { return absl::nullopt; } } size_t size_; }; /** * List of HeaderEntryImpl that keeps the pseudo headers (key starting with ':') in the front * of the list (as required by nghttp2) and otherwise maintains insertion order. * When the list size is greater or equal to the envoy.http.headermap.lazy_map_min_size runtime * feature value (or uint32_t max value if not set), all headers are added to a map, to allow * fast access given a header key. Once the map is initialized, it will be used even if the number * of headers decreases below the threshold. * * Note: the internal iterators held in fields make this unsafe to copy and move, since the * reference to end() is not preserved across a move (see Notes in * https://en.cppreference.com/w/cpp/container/list/list). The NonCopyable will suppress both copy * and move constructors/assignment. * TODO(htuch): Maybe we want this to movable one day; for now, our header map moves happen on * HeaderMapPtr, so the performance impact should not be evident. */ class HeaderList : NonCopyable { public: using HeaderNodeVector = absl::InlinedVector; using HeaderLazyMap = absl::flat_hash_map; HeaderList() : pseudo_headers_end_(headers_.end()), lazy_map_min_size_(static_cast(Runtime::getInteger( "envoy.http.headermap.lazy_map_min_size", std::numeric_limits::max()))) {} template bool isPseudoHeader(const Key& key) { return !key.getStringView().empty() && key.getStringView()[0] == ':'; } template HeaderNode insert(Key&& key, Value&&... value) { const bool is_pseudo_header = isPseudoHeader(key); HeaderNode i = headers_.emplace(is_pseudo_header ? pseudo_headers_end_ : headers_.end(), std::forward(key), std::forward(value)...); if (!lazy_map_.empty()) { lazy_map_[i->key().getStringView()].push_back(i); } if (!is_pseudo_header && pseudo_headers_end_ == headers_.end()) { pseudo_headers_end_ = i; } return i; } HeaderNode erase(HeaderNode i, bool remove_from_map) { if (pseudo_headers_end_ == i) { pseudo_headers_end_++; } if (remove_from_map) { lazy_map_.erase(i->key().getStringView()); } return headers_.erase(i); } template void removeIf(UnaryPredicate p) { if (!lazy_map_.empty()) { // Lazy map is used, iterate over its elements and remove those that satisfy the predicate // from the map and from the list. for (auto map_it = lazy_map_.begin(); map_it != lazy_map_.end();) { auto& values_vec = map_it->second; ASSERT(!values_vec.empty()); // The following call to std::remove_if removes the elements that satisfy the // UnaryPredicate and shifts the vector elements, but does not resize the vector. // The call to erase that follows erases the unneeded cells (from remove_pos to the // end) and modifies the vector's size. const auto remove_pos = std::remove_if(values_vec.begin(), values_vec.end(), [&](HeaderNode it) { if (p(*(it->entry_))) { // Remove the element from the list. if (pseudo_headers_end_ == it->entry_) { pseudo_headers_end_++; } headers_.erase(it); return true; } return false; }); values_vec.erase(remove_pos, values_vec.end()); // If all elements were removed from the map entry, erase it. if (values_vec.empty()) { lazy_map_.erase(map_it++); } else { map_it++; } } } else { // The lazy map isn't used, iterate over the list elements and remove elements that satisfy // the predicate. headers_.remove_if([&](const HeaderEntryImpl& entry) { const bool to_remove = p(entry); if (to_remove) { if (pseudo_headers_end_ == entry.entry_) { pseudo_headers_end_++; } } return to_remove; }); } } /* * Creates and populates a map if the number of headers is at least the * envoy.http.headermap.lazy_map_min_size runtime feature value. * * @return if a map was created. */ bool maybeMakeMap(); /* * Removes a given key and its values from the HeaderList. * * @return the number of bytes that were removed. */ size_t remove(absl::string_view key); std::list::iterator begin() { return headers_.begin(); } std::list::iterator end() { return headers_.end(); } std::list::const_iterator begin() const { return headers_.begin(); } std::list::const_iterator end() const { return headers_.end(); } std::list::const_reverse_iterator rbegin() const { return headers_.rbegin(); } std::list::const_reverse_iterator rend() const { return headers_.rend(); } HeaderLazyMap::iterator mapFind(absl::string_view key) { return lazy_map_.find(key); } HeaderLazyMap::iterator mapEnd() { return lazy_map_.end(); } size_t size() const { return headers_.size(); } bool empty() const { return headers_.empty(); } void clear() { headers_.clear(); pseudo_headers_end_ = headers_.end(); lazy_map_.clear(); } private: std::list headers_; HeaderNode pseudo_headers_end_; // The number of headers threshold for lazy map usage. const uint32_t lazy_map_min_size_; HeaderLazyMap lazy_map_; }; void insertByKey(HeaderString&& key, HeaderString&& value); static uint64_t appendToHeader(HeaderString& header, absl::string_view data, absl::string_view delimiter = ","); HeaderEntryImpl& maybeCreateInline(HeaderEntryImpl** entry, const LowerCaseString& key); HeaderEntryImpl& maybeCreateInline(HeaderEntryImpl** entry, const LowerCaseString& key, HeaderString&& value); HeaderMap::NonConstGetResult getExisting(const LowerCaseString& key); size_t removeInline(HeaderEntryImpl** entry); void updateSize(uint64_t from_size, uint64_t to_size); void addSize(uint64_t size); void subtractSize(uint64_t size); virtual absl::optional staticLookup(absl::string_view) PURE; virtual void clearInline() PURE; virtual HeaderEntryImpl** inlineHeaders() PURE; HeaderList headers_; // This holds the internal byte size of the HeaderMap. uint64_t cached_byte_size_ = 0; }; /** * Typed derived classes for all header map types. This class implements the actual typed * interface and for the majority of methods just passes through to the HeaderMapImpl mix-in. Per * above, this avoids virtual inheritance. */ template class TypedHeaderMapImpl : public HeaderMapImpl, public Interface { public: // Implementation of Http::HeaderMap that passes through to HeaderMapImpl. bool operator==(const HeaderMap& rhs) const override { return HeaderMapImpl::operator==(rhs); } bool operator!=(const HeaderMap& rhs) const override { return HeaderMapImpl::operator!=(rhs); } void addViaMove(HeaderString&& key, HeaderString&& value) override { HeaderMapImpl::addViaMove(std::move(key), std::move(value)); } void addReference(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::addReference(key, value); } void addReferenceKey(const LowerCaseString& key, uint64_t value) override { HeaderMapImpl::addReferenceKey(key, value); } void addReferenceKey(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::addReferenceKey(key, value); } void addCopy(const LowerCaseString& key, uint64_t value) override { HeaderMapImpl::addCopy(key, value); } void addCopy(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::addCopy(key, value); } void appendCopy(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::appendCopy(key, value); } void setReference(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::setReference(key, value); } void setReferenceKey(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::setReferenceKey(key, value); } void setCopy(const LowerCaseString& key, absl::string_view value) override { HeaderMapImpl::setCopy(key, value); } uint64_t byteSize() const override { return HeaderMapImpl::byteSize(); } const HeaderEntry* get(const LowerCaseString& key) const override { return HeaderMapImpl::get(key); } HeaderMap::GetResult getAll(const LowerCaseString& key) const override { return HeaderMapImpl::getAll(key); } void iterate(HeaderMap::ConstIterateCb cb) const override { HeaderMapImpl::iterate(cb); } void iterateReverse(HeaderMap::ConstIterateCb cb) const override { HeaderMapImpl::iterateReverse(cb); } void clear() override { HeaderMapImpl::clear(); } size_t remove(const LowerCaseString& key) override { return HeaderMapImpl::remove(key); } size_t removeIf(const HeaderMap::HeaderMatchPredicate& predicate) override { return HeaderMapImpl::removeIf(predicate); } size_t removePrefix(const LowerCaseString& key) override { return HeaderMapImpl::removePrefix(key); } size_t size() const override { return HeaderMapImpl::size(); } bool empty() const override { return HeaderMapImpl::empty(); } void dumpState(std::ostream& os, int indent_level = 0) const override { HeaderMapImpl::dumpState(os, indent_level); } // Generic custom header functions for each fully typed interface. To avoid accidental issues, // the Handle type is different for each interface, which is why these functions live here vs. // inside HeaderMapImpl. using Handle = CustomInlineHeaderRegistry::Handle; const HeaderEntry* getInline(Handle handle) const override { ASSERT(handle.it_->second < inlineHeadersSize()); return constInlineHeaders()[handle.it_->second]; } void appendInline(Handle handle, absl::string_view data, absl::string_view delimiter) override { ASSERT(handle.it_->second < inlineHeadersSize()); HeaderEntry& entry = maybeCreateInline(&inlineHeaders()[handle.it_->second], handle.it_->first); addSize(HeaderMapImpl::appendToHeader(entry.value(), data, delimiter)); } void setReferenceInline(Handle handle, absl::string_view value) override { ASSERT(handle.it_->second < inlineHeadersSize()); HeaderEntry& entry = maybeCreateInline(&inlineHeaders()[handle.it_->second], handle.it_->first); updateSize(entry.value().size(), value.size()); entry.value().setReference(value); } void setInline(Handle handle, absl::string_view value) override { ASSERT(handle.it_->second < inlineHeadersSize()); HeaderEntry& entry = maybeCreateInline(&inlineHeaders()[handle.it_->second], handle.it_->first); updateSize(entry.value().size(), value.size()); entry.value().setCopy(value); } void setInline(Handle handle, uint64_t value) override { ASSERT(handle.it_->second < inlineHeadersSize()); HeaderEntry& entry = maybeCreateInline(&inlineHeaders()[handle.it_->second], handle.it_->first); subtractSize(entry.value().size()); entry.value().setInteger(value); addSize(entry.value().size()); } size_t removeInline(Handle handle) override { ASSERT(handle.it_->second < inlineHeadersSize()); return HeaderMapImpl::removeInline(&inlineHeaders()[handle.it_->second]); } static size_t inlineHeadersSize() { return StaticLookupTable::size() * sizeof(HeaderEntryImpl*); } protected: absl::optional staticLookup(absl::string_view key) override { return StaticLookupTable::lookup(*this, key); } virtual const HeaderEntryImpl* const* constInlineHeaders() const PURE; }; #define DEFINE_HEADER_HANDLE(name) \ Handle name = \ CustomInlineHeaderRegistry::getInlineHeader(Headers::get().name).value(); /** * Concrete implementation of RequestHeaderMap which allows for variable custom registered inline * headers. */ class RequestHeaderMapImpl final : public TypedHeaderMapImpl, public InlineStorage { public: static std::unique_ptr create() { return std::unique_ptr(new (inlineHeadersSize()) RequestHeaderMapImpl()); } INLINE_REQ_HEADERS(DEFINE_INLINE_HEADER_FUNCS) INLINE_REQ_RESP_HEADERS(DEFINE_INLINE_HEADER_FUNCS) protected: // NOTE: Because inline_headers_ is a variable size member, it must be the last member in the // most derived class. This forces the definition of the following three functions to also be // in the most derived class and thus duplicated. There may be a way to consolidate thus but it's // not clear and can be deferred for now. void clearInline() override { memset(inline_headers_, 0, inlineHeadersSize()); } const HeaderEntryImpl* const* constInlineHeaders() const override { return inline_headers_; } HeaderEntryImpl** inlineHeaders() override { return inline_headers_; } private: struct HeaderHandleValues { INLINE_REQ_HEADERS(DEFINE_HEADER_HANDLE) INLINE_REQ_RESP_HEADERS(DEFINE_HEADER_HANDLE) }; using HeaderHandles = ConstSingleton; RequestHeaderMapImpl() { clearInline(); } HeaderEntryImpl* inline_headers_[]; }; /** * Concrete implementation of RequestTrailerMap which allows for variable custom registered inline * headers. */ class RequestTrailerMapImpl final : public TypedHeaderMapImpl, public InlineStorage { public: static std::unique_ptr create() { return std::unique_ptr(new (inlineHeadersSize()) RequestTrailerMapImpl()); } protected: // See comment in RequestHeaderMapImpl. void clearInline() override { memset(inline_headers_, 0, inlineHeadersSize()); } const HeaderEntryImpl* const* constInlineHeaders() const override { return inline_headers_; } HeaderEntryImpl** inlineHeaders() override { return inline_headers_; } private: RequestTrailerMapImpl() { clearInline(); } HeaderEntryImpl* inline_headers_[]; }; /** * Concrete implementation of ResponseHeaderMap which allows for variable custom registered inline * headers. */ class ResponseHeaderMapImpl final : public TypedHeaderMapImpl, public InlineStorage { public: static std::unique_ptr create() { return std::unique_ptr(new (inlineHeadersSize()) ResponseHeaderMapImpl()); } INLINE_RESP_HEADERS(DEFINE_INLINE_HEADER_FUNCS) INLINE_REQ_RESP_HEADERS(DEFINE_INLINE_HEADER_FUNCS) INLINE_RESP_HEADERS_TRAILERS(DEFINE_INLINE_HEADER_FUNCS) protected: // See comment in RequestHeaderMapImpl. void clearInline() override { memset(inline_headers_, 0, inlineHeadersSize()); } const HeaderEntryImpl* const* constInlineHeaders() const override { return inline_headers_; } HeaderEntryImpl** inlineHeaders() override { return inline_headers_; } private: struct HeaderHandleValues { INLINE_RESP_HEADERS(DEFINE_HEADER_HANDLE) INLINE_REQ_RESP_HEADERS(DEFINE_HEADER_HANDLE) INLINE_RESP_HEADERS_TRAILERS(DEFINE_HEADER_HANDLE) }; using HeaderHandles = ConstSingleton; ResponseHeaderMapImpl() { clearInline(); } HeaderEntryImpl* inline_headers_[]; }; /** * Concrete implementation of ResponseTrailerMap which allows for variable custom registered * inline headers. */ class ResponseTrailerMapImpl final : public TypedHeaderMapImpl, public InlineStorage { public: static std::unique_ptr create() { return std::unique_ptr(new (inlineHeadersSize()) ResponseTrailerMapImpl()); } INLINE_RESP_HEADERS_TRAILERS(DEFINE_INLINE_HEADER_FUNCS) protected: // See comment in RequestHeaderMapImpl. void clearInline() override { memset(inline_headers_, 0, inlineHeadersSize()); } const HeaderEntryImpl* const* constInlineHeaders() const override { return inline_headers_; } HeaderEntryImpl** inlineHeaders() override { return inline_headers_; } private: struct HeaderHandleValues { INLINE_RESP_HEADERS_TRAILERS(DEFINE_HEADER_HANDLE) }; using HeaderHandles = ConstSingleton; ResponseTrailerMapImpl() { clearInline(); } HeaderEntryImpl* inline_headers_[]; }; template std::unique_ptr createHeaderMap(const std::initializer_list>& values) { auto new_header_map = T::create(); HeaderMapImpl::initFromInitList(*new_header_map, values.begin(), values.end()); return new_header_map; } template std::unique_ptr createHeaderMap(It begin, It end) { auto new_header_map = T::create(); HeaderMapImpl::initFromInitList(*new_header_map, begin, end); return new_header_map; } template std::unique_ptr createHeaderMap(const HeaderMap& rhs) { // TODO(mattklein123): Use of this function allows copying a request header map into a response // header map, etc. which is probably not what we want. Unfortunately, we do this on purpose in // a few places when dealing with gRPC headers/trailers conversions so it's not trivial to remove. // We should revisit this to figure how to make this a bit safer as a non-intentional conversion // may have surprising results with different O(1) headers, implementations, etc. auto new_header_map = T::create(); HeaderMapImpl::copyFrom(*new_header_map, rhs); return new_header_map; } struct EmptyHeaders { RequestHeaderMapPtr request_headers = RequestHeaderMapImpl::create(); ResponseHeaderMapPtr response_headers = ResponseHeaderMapImpl::create(); ResponseTrailerMapPtr response_trailers = ResponseTrailerMapImpl::create(); }; using StaticEmptyHeaders = ConstSingleton; class HeaderMapImplUtility { public: struct HeaderMapImplInfo { // Human readable name for the header map used in info logging. std::string name_; // The byte size of the header map including both fixed space as well as variable space used // by the registered custom headers. size_t size_; // All registered custom headers for the header map. std::vector registered_headers_; }; /** * Fetch detailed information about each header map implementation for use in logging. */ static std::vector getAllHeaderMapImplInfo(); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_utility.cc ================================================ #include "common/http/header_utility.h" #include "envoy/config/route/v3/route_components.pb.h" #include "common/common/regex.h" #include "common/common/utility.h" #include "common/http/header_map_impl.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "absl/strings/match.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { struct SharedResponseCodeDetailsValues { const absl::string_view InvalidAuthority = "http.invalid_authority"; const absl::string_view ConnectUnsupported = "http.connect_not_supported"; }; using SharedResponseCodeDetails = ConstSingleton; // HeaderMatcher will consist of: // header_match_specifier which can be any one of exact_match, regex_match, range_match, // present_match, prefix_match or suffix_match. // Each of these also can be inverted with the invert_match option. // Absence of these options implies empty header value match based on header presence. // a.exact_match: value will be used for exact string matching. // b.regex_match: Match will succeed if header value matches the value specified here. // c.range_match: Match will succeed if header value lies within the range specified // here, using half open interval semantics [start,end). // d.present_match: Match will succeed if the header is present. // f.prefix_match: Match will succeed if header value matches the prefix value specified here. // g.suffix_match: Match will succeed if header value matches the suffix value specified here. HeaderUtility::HeaderData::HeaderData(const envoy::config::route::v3::HeaderMatcher& config) : name_(config.name()), invert_match_(config.invert_match()) { switch (config.header_match_specifier_case()) { case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kExactMatch: header_match_type_ = HeaderMatchType::Value; value_ = config.exact_match(); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: kHiddenEnvoyDeprecatedRegexMatch: header_match_type_ = HeaderMatchType::Regex; regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( config.hidden_envoy_deprecated_regex_match()); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kSafeRegexMatch: header_match_type_ = HeaderMatchType::Regex; regex_ = Regex::Utility::parseRegex(config.safe_regex_match()); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kRangeMatch: header_match_type_ = HeaderMatchType::Range; range_.set_start(config.range_match().start()); range_.set_end(config.range_match().end()); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPresentMatch: header_match_type_ = HeaderMatchType::Present; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPrefixMatch: header_match_type_ = HeaderMatchType::Prefix; value_ = config.prefix_match(); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kSuffixMatch: header_match_type_ = HeaderMatchType::Suffix; value_ = config.suffix_match(); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kContainsMatch: header_match_type_ = HeaderMatchType::Contains; value_ = config.contains_match(); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: HEADER_MATCH_SPECIFIER_NOT_SET: FALLTHRU; default: header_match_type_ = HeaderMatchType::Present; break; } } void HeaderUtility::getAllOfHeader(const HeaderMap& headers, absl::string_view key, std::vector& out) { headers.iterate([key = LowerCaseString(std::string(key)), &out](const HeaderEntry& header) -> HeaderMap::Iterate { if (header.key() == key.get().c_str()) { out.emplace_back(header.value().getStringView()); } return HeaderMap::Iterate::Continue; }); } bool HeaderUtility::matchHeaders(const HeaderMap& request_headers, const std::vector& config_headers) { // No headers to match is considered a match. if (!config_headers.empty()) { for (const HeaderDataPtr& cfg_header_data : config_headers) { if (!matchHeaders(request_headers, *cfg_header_data)) { return false; } } } return true; } HeaderUtility::GetAllOfHeaderAsStringResult HeaderUtility::getAllOfHeaderAsString(const HeaderMap& headers, const Http::LowerCaseString& key) { GetAllOfHeaderAsStringResult result; const auto header_value = headers.getAll(key); if (header_value.empty()) { // Empty for clarity. Avoid handling the empty case in the block below if the runtime feature // is disabled. } else if (header_value.size() == 1 || !Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http_match_on_all_headers")) { result.result_ = header_value[0]->value().getStringView(); } else { // In this case we concatenate all found headers using a ',' delimiter before performing the // final match. We use an InlinedVector of absl::string_view to invoke the optimized join // algorithm. This requires a copying phase before we invoke join. The 3 used as the inline // size has been arbitrarily chosen. // TODO(mattklein123): Do we need to normalize any whitespace here? absl::InlinedVector string_view_vector; string_view_vector.reserve(header_value.size()); for (size_t i = 0; i < header_value.size(); i++) { string_view_vector.push_back(header_value[i]->value().getStringView()); } result.result_backing_string_ = absl::StrJoin(string_view_vector, ","); } return result; } bool HeaderUtility::matchHeaders(const HeaderMap& request_headers, const HeaderData& header_data) { const auto header_value = getAllOfHeaderAsString(request_headers, header_data.name_); if (!header_value.result().has_value()) { return header_data.invert_match_ && header_data.header_match_type_ == HeaderMatchType::Present; } bool match; switch (header_data.header_match_type_) { case HeaderMatchType::Value: match = header_data.value_.empty() || header_value.result().value() == header_data.value_; break; case HeaderMatchType::Regex: match = header_data.regex_->match(header_value.result().value()); break; case HeaderMatchType::Range: { int64_t header_int_value = 0; match = absl::SimpleAtoi(header_value.result().value(), &header_int_value) && header_int_value >= header_data.range_.start() && header_int_value < header_data.range_.end(); break; } case HeaderMatchType::Present: match = true; break; case HeaderMatchType::Prefix: match = absl::StartsWith(header_value.result().value(), header_data.value_); break; case HeaderMatchType::Suffix: match = absl::EndsWith(header_value.result().value(), header_data.value_); break; case HeaderMatchType::Contains: match = absl::StrContains(header_value.result().value(), header_data.value_); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } return match != header_data.invert_match_; } bool HeaderUtility::headerValueIsValid(const absl::string_view header_value) { return nghttp2_check_header_value(reinterpret_cast(header_value.data()), header_value.size()) != 0; } bool HeaderUtility::headerNameContainsUnderscore(const absl::string_view header_name) { return header_name.find('_') != absl::string_view::npos; } bool HeaderUtility::authorityIsValid(const absl::string_view header_value) { return nghttp2_check_authority(reinterpret_cast(header_value.data()), header_value.size()) != 0; } bool HeaderUtility::isConnect(const RequestHeaderMap& headers) { return headers.Method() && headers.Method()->value() == Http::Headers::get().MethodValues.Connect; } bool HeaderUtility::isConnectResponse(const RequestHeaderMap* request_headers, const ResponseHeaderMap& response_headers) { return request_headers && isConnect(*request_headers) && static_cast(Http::Utility::getResponseStatus(response_headers)) == Http::Code::OK; } void HeaderUtility::addHeaders(HeaderMap& headers, const HeaderMap& headers_to_add) { headers_to_add.iterate([&headers](const HeaderEntry& header) -> HeaderMap::Iterate { HeaderString k; k.setCopy(header.key().getStringView()); HeaderString v; v.setCopy(header.value().getStringView()); headers.addViaMove(std::move(k), std::move(v)); return HeaderMap::Iterate::Continue; }); } bool HeaderUtility::isEnvoyInternalRequest(const RequestHeaderMap& headers) { const HeaderEntry* internal_request_header = headers.EnvoyInternalRequest(); return internal_request_header != nullptr && internal_request_header->value() == Headers::get().EnvoyInternalRequestValues.True; } void HeaderUtility::stripPortFromHost(RequestHeaderMap& headers, uint32_t listener_port) { if (headers.getMethodValue() == Http::Headers::get().MethodValues.Connect) { // According to RFC 2817 Connect method should have port part in host header. // In this case we won't strip it even if configured to do so. return; } const absl::string_view original_host = headers.getHostValue(); const absl::string_view::size_type port_start = original_host.rfind(':'); if (port_start == absl::string_view::npos) { return; } // According to RFC3986 v6 address is always enclosed in "[]". section 3.2.2. const auto v6_end_index = original_host.rfind("]"); if (v6_end_index == absl::string_view::npos || v6_end_index < port_start) { if ((port_start + 1) > original_host.size()) { return; } const absl::string_view port_str = original_host.substr(port_start + 1); uint32_t port = 0; if (!absl::SimpleAtoi(port_str, &port)) { return; } if (port != listener_port) { // We would strip ports only if they are the same, as local port of the listener. return; } const absl::string_view host = original_host.substr(0, port_start); headers.setHost(host); } } absl::optional> HeaderUtility::requestHeadersValid(const RequestHeaderMap& headers) { // Make sure the host is valid. if (headers.Host() && !HeaderUtility::authorityIsValid(headers.Host()->value().getStringView())) { return SharedResponseCodeDetails::get().InvalidAuthority; } return absl::nullopt; } bool HeaderUtility::shouldCloseConnection(Http::Protocol protocol, const RequestOrResponseHeaderMap& headers) { // HTTP/1.0 defaults to single-use connections. Make sure the connection will be closed unless // Keep-Alive is present. if (protocol == Protocol::Http10 && (!headers.Connection() || !Envoy::StringUtil::caseFindToken(headers.Connection()->value().getStringView(), ",", Http::Headers::get().ConnectionValues.KeepAlive))) { return true; } if (protocol == Protocol::Http11 && headers.Connection() && Envoy::StringUtil::caseFindToken(headers.Connection()->value().getStringView(), ",", Http::Headers::get().ConnectionValues.Close)) { return true; } // Note: Proxy-Connection is not a standard header, but is supported here // since it is supported by http-parser the underlying parser for http // requests. if (protocol < Protocol::Http2 && headers.ProxyConnection() && Envoy::StringUtil::caseFindToken(headers.ProxyConnection()->value().getStringView(), ",", Http::Headers::get().ConnectionValues.Close)) { return true; } return false; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/header_utility.h ================================================ #pragma once #include #include "envoy/common/regex.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/header_map.h" #include "envoy/http/protocol.h" #include "envoy/type/v3/range.pb.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Http { /** * Classes and methods for manipulating and checking HTTP headers. */ class HeaderUtility { public: enum class HeaderMatchType { Value, Regex, Range, Present, Prefix, Suffix, Contains }; /** * Get all instances of the header key specified, and return the values in the vector provided. * * This should not be used for inline headers, as it turns a constant time lookup into O(n). * * @param headers the headers to return keys from * @param key the header key to return values for * @param out the vector to return values in */ static void getAllOfHeader(const HeaderMap& headers, absl::string_view key, std::vector& out); /** * Get all header values as a single string. Multiple headers are concatenated with ','. */ class GetAllOfHeaderAsStringResult { public: // The ultimate result of the concatenation. If absl::nullopt, no header values were found. // If the final string required a string allocation, the memory is held in // backingString(). This allows zero allocation in the common case of a single header // value. absl::optional result() const { // This is safe for move/copy of this class as the backing string will be moved or copied. // Otherwise result_ is valid. The assert verifies that both are empty or only 1 is set. ASSERT((!result_.has_value() && result_backing_string_.empty()) || (result_.has_value() ^ !result_backing_string_.empty())); return !result_backing_string_.empty() ? result_backing_string_ : result_; } const std::string& backingString() const { return result_backing_string_; } private: absl::optional result_; // Valid only if result_ relies on memory allocation that must live beyond the call. See above. std::string result_backing_string_; friend class HeaderUtility; }; static GetAllOfHeaderAsStringResult getAllOfHeaderAsString(const HeaderMap& headers, const Http::LowerCaseString& key); // A HeaderData specifies one of exact value or regex or range element // to match in a request's header, specified in the header_match_type_ member. // It is the runtime equivalent of the HeaderMatchSpecifier proto in RDS API. struct HeaderData : public HeaderMatcher { HeaderData(const envoy::config::route::v3::HeaderMatcher& config); const LowerCaseString name_; HeaderMatchType header_match_type_; std::string value_; Regex::CompiledMatcherPtr regex_; envoy::type::v3::Int64Range range_; const bool invert_match_; // HeaderMatcher bool matchesHeaders(const HeaderMap& headers) const override { return HeaderUtility::matchHeaders(headers, *this); }; }; using HeaderDataPtr = std::unique_ptr; /** * Build a vector of HeaderDataPtr given input config. */ static std::vector buildHeaderDataVector( const Protobuf::RepeatedPtrField& header_matchers) { std::vector ret; for (const auto& header_matcher : header_matchers) { ret.emplace_back(std::make_unique(header_matcher)); } return ret; } /** * Build a vector of HeaderMatcherSharedPtr given input config. */ static std::vector buildHeaderMatcherVector( const Protobuf::RepeatedPtrField& header_matchers) { std::vector ret; for (const auto& header_matcher : header_matchers) { ret.emplace_back(std::make_shared(header_matcher)); } return ret; } /** * See if the headers specified in the config are present in a request. * @param request_headers supplies the headers from the request. * @param config_headers supplies the list of configured header conditions on which to match. * @return bool true if all the headers (and values) in the config_headers are found in the * request_headers. If no config_headers are specified, returns true. */ static bool matchHeaders(const HeaderMap& request_headers, const std::vector& config_headers); static bool matchHeaders(const HeaderMap& request_headers, const HeaderData& config_header); /** * Validates that a header value is valid, according to RFC 7230, section 3.2. * http://tools.ietf.org/html/rfc7230#section-3.2 * @return bool true if the header values are valid, according to the aforementioned RFC. */ static bool headerValueIsValid(const absl::string_view header_value); /** * Checks if header name contains underscore characters. * Underscore character is allowed in header names by the RFC-7230 and this check is implemented * as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by * default allows headers with underscore characters. * @return bool true if header name contains underscore characters. */ static bool headerNameContainsUnderscore(const absl::string_view header_name); /** * Validates that the characters in the authority are valid. * @return bool true if the header values are valid, false otherwise. */ static bool authorityIsValid(const absl::string_view authority_value); /** * @brief a helper function to determine if the headers represent a CONNECT request. */ static bool isConnect(const RequestHeaderMap& headers); /** * @brief a helper function to determine if the headers represent an accepted CONNECT response. */ static bool isConnectResponse(const RequestHeaderMap* request_headers, const ResponseHeaderMap& response_headers); /** * Add headers from one HeaderMap to another * @param headers target where headers will be added * @param headers_to_add supplies the headers to be added */ static void addHeaders(HeaderMap& headers, const HeaderMap& headers_to_add); /** * @brief a helper function to determine if the headers represent an envoy internal request */ static bool isEnvoyInternalRequest(const RequestHeaderMap& headers); /** * Determines if request headers pass Envoy validity checks. * @param headers to validate * @return details of the error if an error is present, otherwise absl::nullopt */ static absl::optional> requestHeadersValid(const RequestHeaderMap& headers); /** * Determines if the response should be framed by Connection: Close based on protocol * and headers. * @param protocol the protocol of the request * @param headers the request or response headers * @return if the response should be framed by Connection: Close */ static bool shouldCloseConnection(Http::Protocol protocol, const RequestOrResponseHeaderMap& headers); /** * @brief Remove the port part from host/authority header if it is equal to provided port */ static void stripPortFromHost(RequestHeaderMap& headers, uint32_t listener_port); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/headers.h ================================================ #pragma once #include #include "envoy/http/header_map.h" #include "common/singleton/const_singleton.h" #include "common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Http { // This class allows early override of the x-envoy prefix from bootstrap config, // so that servers can configure their own x-custom-string prefix. // // Once the HeaderValues const singleton has been created, changing the prefix // is disallowed. Essentially this is write-once then read-only. class PrefixValue { public: const char* prefix() { absl::WriterMutexLock lock(&m_); read_ = true; return prefix_.c_str(); } // The char* prefix is used directly, so must be available for the interval where prefix() may be // called. void setPrefix(const char* prefix) { absl::WriterMutexLock lock(&m_); // The check for unchanged string is purely for integration tests - this // should not happen in production. RELEASE_ASSERT(!read_ || prefix_ == std::string(prefix), "Attempting to change the header prefix after it has been used!"); if (!read_) { prefix_ = prefix; } } private: absl::Mutex m_; bool read_ = false; std::string prefix_ = "x-envoy"; }; /** * These are headers that are used in extension custom O(1) header registration. These headers * *must* not contain any prefix override headers, as static init order requires that HeaderValues * be instantiated for the first time after bootstrap is loaded and before the header maps are * finalized. */ class CustomHeaderValues { public: const LowerCaseString Accept{"accept"}; const LowerCaseString AcceptEncoding{"accept-encoding"}; const LowerCaseString AccessControlRequestMethod{"access-control-request-method"}; const LowerCaseString AccessControlAllowOrigin{"access-control-allow-origin"}; const LowerCaseString AccessControlAllowHeaders{"access-control-allow-headers"}; const LowerCaseString AccessControlAllowMethods{"access-control-allow-methods"}; const LowerCaseString AccessControlExposeHeaders{"access-control-expose-headers"}; const LowerCaseString AccessControlMaxAge{"access-control-max-age"}; const LowerCaseString AccessControlAllowCredentials{"access-control-allow-credentials"}; const LowerCaseString Authorization{"authorization"}; const LowerCaseString CacheControl{"cache-control"}; const LowerCaseString CdnLoop{"cdn-loop"}; const LowerCaseString ContentEncoding{"content-encoding"}; const LowerCaseString Etag{"etag"}; const LowerCaseString GrpcAcceptEncoding{"grpc-accept-encoding"}; const LowerCaseString IfMatch{"if-match"}; const LowerCaseString IfNoneMatch{"if-none-match"}; const LowerCaseString IfModifiedSince{"if-modified-since"}; const LowerCaseString IfUnmodifiedSince{"if-unmodified-since"}; const LowerCaseString IfRange{"if-range"}; const LowerCaseString LastModified{"last-modified"}; const LowerCaseString Origin{"origin"}; const LowerCaseString OtSpanContext{"x-ot-span-context"}; const LowerCaseString Pragma{"pragma"}; const LowerCaseString Referer{"referer"}; const LowerCaseString Vary{"vary"}; struct { const std::string Gzip{"gzip"}; const std::string Identity{"identity"}; const std::string Wildcard{"*"}; } AcceptEncodingValues; struct { const std::string All{"*"}; } AccessControlAllowOriginValue; struct { const std::string NoCache{"no-cache"}; const std::string NoCacheMaxAge0{"no-cache, max-age=0"}; const std::string NoTransform{"no-transform"}; const std::string Private{"private"}; } CacheControlValues; struct { const std::string Gzip{"gzip"}; } ContentEncodingValues; struct { const std::string True{"true"}; } CORSValues; struct { const std::string Default{"identity,deflate,gzip"}; } GrpcAcceptEncodingValues; struct { const std::string AcceptEncoding{"Accept-Encoding"}; const std::string Wildcard{"*"}; } VaryValues; }; using CustomHeaders = ConstSingleton; /** * Constant HTTP headers and values. All lower case. This group of headers can contain prefix * override headers. */ class HeaderValues { public: const char* prefix() const { return ThreadSafeSingleton::get().prefix(); } const LowerCaseString Age{"age"}; const LowerCaseString ProxyAuthenticate{"proxy-authenticate"}; const LowerCaseString ProxyAuthorization{"proxy-authorization"}; const LowerCaseString ClientTraceId{"x-client-trace-id"}; const LowerCaseString Connection{"connection"}; const LowerCaseString ContentLength{"content-length"}; const LowerCaseString ContentRange{"content-range"}; const LowerCaseString ContentType{"content-type"}; const LowerCaseString Cookie{"cookie"}; const LowerCaseString Date{"date"}; const LowerCaseString EnvoyAttemptCount{absl::StrCat(prefix(), "-attempt-count")}; const LowerCaseString EnvoyCluster{absl::StrCat(prefix(), "-cluster")}; const LowerCaseString EnvoyDegraded{absl::StrCat(prefix(), "-degraded")}; const LowerCaseString EnvoyDownstreamServiceCluster{ absl::StrCat(prefix(), "-downstream-service-cluster")}; const LowerCaseString EnvoyDownstreamServiceNode{ absl::StrCat(prefix(), "-downstream-service-node")}; const LowerCaseString EnvoyExternalAddress{absl::StrCat(prefix(), "-external-address")}; const LowerCaseString EnvoyForceTrace{absl::StrCat(prefix(), "-force-trace")}; const LowerCaseString EnvoyHedgeOnPerTryTimeout{ absl::StrCat(prefix(), "-hedge-on-per-try-timeout")}; const LowerCaseString EnvoyImmediateHealthCheckFail{ absl::StrCat(prefix(), "-immediate-health-check-fail")}; const LowerCaseString EnvoyOriginalUrl{absl::StrCat(prefix(), "-original-url")}; const LowerCaseString EnvoyInternalRequest{absl::StrCat(prefix(), "-internal")}; // TODO(mattklein123): EnvoyIpTags should be a custom header registered with the IP tagging // filter. We need to figure out if we can remove this header from the set of headers that // participate in prefix overrides. const LowerCaseString EnvoyIpTags{absl::StrCat(prefix(), "-ip-tags")}; const LowerCaseString EnvoyMaxRetries{absl::StrCat(prefix(), "-max-retries")}; const LowerCaseString EnvoyNotForwarded{absl::StrCat(prefix(), "-not-forwarded")}; const LowerCaseString EnvoyOriginalDstHost{absl::StrCat(prefix(), "-original-dst-host")}; const LowerCaseString EnvoyOriginalMethod{absl::StrCat(prefix(), "-original-method")}; const LowerCaseString EnvoyOriginalPath{absl::StrCat(prefix(), "-original-path")}; const LowerCaseString EnvoyOverloaded{absl::StrCat(prefix(), "-overloaded")}; const LowerCaseString EnvoyRateLimited{absl::StrCat(prefix(), "-ratelimited")}; const LowerCaseString EnvoyRetryOn{absl::StrCat(prefix(), "-retry-on")}; const LowerCaseString EnvoyRetryGrpcOn{absl::StrCat(prefix(), "-retry-grpc-on")}; const LowerCaseString EnvoyRetriableStatusCodes{ absl::StrCat(prefix(), "-retriable-status-codes")}; const LowerCaseString EnvoyRetriableHeaderNames{ absl::StrCat(prefix(), "-retriable-header-names")}; const LowerCaseString EnvoyUpstreamAltStatName{absl::StrCat(prefix(), "-upstream-alt-stat-name")}; const LowerCaseString EnvoyUpstreamCanary{absl::StrCat(prefix(), "-upstream-canary")}; const LowerCaseString EnvoyUpstreamHostAddress{absl::StrCat(prefix(), "-upstream-host-address")}; const LowerCaseString EnvoyUpstreamHostname{absl::StrCat(prefix(), "-upstream-hostname")}; const LowerCaseString EnvoyUpstreamRequestTimeoutAltResponse{ absl::StrCat(prefix(), "-upstream-rq-timeout-alt-response")}; const LowerCaseString EnvoyUpstreamRequestTimeoutMs{ absl::StrCat(prefix(), "-upstream-rq-timeout-ms")}; const LowerCaseString EnvoyUpstreamRequestPerTryTimeoutMs{ absl::StrCat(prefix(), "-upstream-rq-per-try-timeout-ms")}; const LowerCaseString EnvoyExpectedRequestTimeoutMs{ absl::StrCat(prefix(), "-expected-rq-timeout-ms")}; const LowerCaseString EnvoyUpstreamServiceTime{absl::StrCat(prefix(), "-upstream-service-time")}; const LowerCaseString EnvoyUpstreamHealthCheckedCluster{ absl::StrCat(prefix(), "-upstream-healthchecked-cluster")}; const LowerCaseString EnvoyDecoratorOperation{absl::StrCat(prefix(), "-decorator-operation")}; const LowerCaseString Expect{"expect"}; const LowerCaseString Expires{"expires"}; const LowerCaseString ForwardedClientCert{"x-forwarded-client-cert"}; const LowerCaseString ForwardedFor{"x-forwarded-for"}; const LowerCaseString ForwardedHost{"x-forwarded-host"}; const LowerCaseString ForwardedProto{"x-forwarded-proto"}; const LowerCaseString GrpcMessage{"grpc-message"}; const LowerCaseString GrpcStatus{"grpc-status"}; const LowerCaseString GrpcTimeout{"grpc-timeout"}; const LowerCaseString GrpcStatusDetailsBin{"grpc-status-details-bin"}; const LowerCaseString Host{":authority"}; const LowerCaseString HostLegacy{"host"}; const LowerCaseString Http2Settings{"http2-settings"}; const LowerCaseString KeepAlive{"keep-alive"}; const LowerCaseString Location{"location"}; const LowerCaseString Method{":method"}; const LowerCaseString Path{":path"}; const LowerCaseString Protocol{":protocol"}; const LowerCaseString ProxyConnection{"proxy-connection"}; const LowerCaseString Range{"range"}; const LowerCaseString RequestId{"x-request-id"}; const LowerCaseString Scheme{":scheme"}; const LowerCaseString Server{"server"}; const LowerCaseString SetCookie{"set-cookie"}; const LowerCaseString Status{":status"}; const LowerCaseString TransferEncoding{"transfer-encoding"}; const LowerCaseString TE{"te"}; const LowerCaseString Upgrade{"upgrade"}; const LowerCaseString UserAgent{"user-agent"}; const LowerCaseString Vary{"vary"}; const LowerCaseString Via{"via"}; const LowerCaseString WWWAuthenticate{"www-authenticate"}; const LowerCaseString XContentTypeOptions{"x-content-type-options"}; const LowerCaseString XSquashDebug{"x-squash-debug"}; struct { const std::string Close{"close"}; const std::string Http2Settings{"http2-settings"}; const std::string KeepAlive{"keep-alive"}; const std::string Upgrade{"upgrade"}; } ConnectionValues; struct { const std::string H2c{"h2c"}; const std::string WebSocket{"websocket"}; } UpgradeValues; struct { const std::string Text{"text/plain"}; const std::string TextEventStream{"text/event-stream"}; const std::string TextUtf8{"text/plain; charset=UTF-8"}; // TODO(jmarantz): fold this into Text const std::string Html{"text/html; charset=UTF-8"}; const std::string Grpc{"application/grpc"}; const std::string GrpcWeb{"application/grpc-web"}; const std::string GrpcWebProto{"application/grpc-web+proto"}; const std::string GrpcWebText{"application/grpc-web-text"}; const std::string GrpcWebTextProto{"application/grpc-web-text+proto"}; const std::string Json{"application/json"}; const std::string Protobuf{"application/x-protobuf"}; const std::string FormUrlEncoded{"application/x-www-form-urlencoded"}; } ContentTypeValues; struct { const std::string True{"true"}; } EnvoyImmediateHealthCheckFailValues; struct { const std::string True{"true"}; } EnvoyInternalRequestValues; struct { const std::string True{"true"}; } EnvoyOverloadedValues; struct { const std::string True{"true"}; } EnvoyRateLimitedValues; struct { const std::string _5xx{"5xx"}; const std::string GatewayError{"gateway-error"}; const std::string ConnectFailure{"connect-failure"}; const std::string EnvoyRateLimited{"envoy-ratelimited"}; const std::string RefusedStream{"refused-stream"}; const std::string Retriable4xx{"retriable-4xx"}; const std::string RetriableStatusCodes{"retriable-status-codes"}; const std::string RetriableHeaders{"retriable-headers"}; const std::string Reset{"reset"}; } EnvoyRetryOnValues; struct { const std::string Cancelled{"cancelled"}; const std::string DeadlineExceeded{"deadline-exceeded"}; const std::string ResourceExhausted{"resource-exhausted"}; const std::string Unavailable{"unavailable"}; const std::string Internal{"internal"}; } EnvoyRetryOnGrpcValues; struct { const std::string _100Continue{"100-continue"}; } ExpectValues; struct { const std::string Connect{"CONNECT"}; const std::string Delete{"DELETE"}; const std::string Get{"GET"}; const std::string Head{"HEAD"}; const std::string Options{"OPTIONS"}; const std::string Patch{"PATCH"}; const std::string Post{"POST"}; const std::string Put{"PUT"}; const std::string Trace{"TRACE"}; } MethodValues; struct { // per https://tools.ietf.org/html/draft-kinnear-httpbis-http2-transport-02 const std::string Bytestream{"bytestream"}; } ProtocolValues; struct { const std::string Http{"http"}; const std::string Https{"https"}; } SchemeValues; struct { const std::string Chunked{"chunked"}; const std::string Deflate{"deflate"}; const std::string Gzip{"gzip"}; const std::string Identity{"identity"}; } TransferEncodingValues; struct { const std::string EnvoyHealthChecker{"Envoy/HC"}; } UserAgentValues; struct { const std::string Trailers{"trailers"}; } TEValues; struct { const std::string Nosniff{"nosniff"}; } XContentTypeOptionValues; struct { const std::string Http10String{"HTTP/1.0"}; const std::string Http11String{"HTTP/1.1"}; const std::string Http2String{"HTTP/2"}; const std::string Http3String{"HTTP/3"}; } ProtocolStrings; }; using Headers = ConstSingleton; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "header_formatter_lib", srcs = ["header_formatter.cc"], hdrs = ["header_formatter.h"], ) envoy_cc_library( name = "codec_stats_lib", hdrs = ["codec_stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/common:thread_lib", ], ) CODEC_LIB_DEPS = [ ":codec_stats_lib", ":header_formatter_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:header_map_interface", "//include/envoy/network:connection_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:statusor_lib", "//source/common/common:utility_lib", "//source/common/grpc:common_lib", "//source/common/http:codec_helper_lib", "//source/common/http:codes_lib", "//source/common/http:exception_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:status_lib", "//source/common/http:utility_lib", "//source/common/runtime:runtime_features_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ] envoy_cc_library( name = "codec_lib", srcs = ["codec_impl.cc"], hdrs = ["codec_impl.h"], external_deps = ["http_parser"], deps = CODEC_LIB_DEPS + ["//source/common/common:cleanup_lib"], ) envoy_cc_library( name = "codec_legacy_lib", srcs = ["codec_impl_legacy.cc"], hdrs = ["codec_impl_legacy.h"], external_deps = ["http_parser"], deps = CODEC_LIB_DEPS, ) envoy_cc_library( name = "conn_pool_lib", srcs = ["conn_pool.cc"], hdrs = ["conn_pool.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/http:conn_pool_interface", "//include/envoy/http:header_map_interface", "//include/envoy/upstream:upstream_interface", "//source/common/http:codec_client_lib", "//source/common/http:codec_wrappers_lib", "//source/common/http:codes_lib", "//source/common/http:conn_pool_base_lib", "//source/common/http:headers_lib", "//source/common/runtime:runtime_features_lib", "//source/common/upstream:upstream_lib", ], ) ================================================ FILE: source/common/http/http1/codec_impl.cc ================================================ #include "common/http/http1/codec_impl.h" #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/http/codec.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "common/common/cleanup.h" #include "common/common/enum_to_int.h" #include "common/common/statusor.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/exception.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http1/header_formatter.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" #include "absl/strings/ascii.h" namespace Envoy { namespace Http { namespace Http1 { namespace { // Changes or additions to details should be reflected in // docs/root/configuration/http/http_conn_man/response_code_details_details.rst struct Http1ResponseCodeDetailValues { const absl::string_view TooManyHeaders = "http1.too_many_headers"; const absl::string_view HeadersTooLarge = "http1.headers_too_large"; const absl::string_view HttpCodecError = "http1.codec_error"; const absl::string_view InvalidCharacters = "http1.invalid_characters"; const absl::string_view ConnectionHeaderSanitization = "http1.connection_header_rejected"; const absl::string_view InvalidUrl = "http1.invalid_url"; const absl::string_view InvalidTransferEncoding = "http1.invalid_transfer_encoding"; const absl::string_view BodyDisallowed = "http1.body_disallowed"; const absl::string_view TransferEncodingNotAllowed = "http1.transfer_encoding_not_allowed"; const absl::string_view ContentLengthNotAllowed = "http1.content_length_not_allowed"; const absl::string_view InvalidUnderscore = "http1.unexpected_underscore"; const absl::string_view ChunkedContentLength = "http1.content_length_and_chunked_not_allowed"; }; struct Http1HeaderTypesValues { const absl::string_view Headers = "headers"; const absl::string_view Trailers = "trailers"; }; using Http1ResponseCodeDetails = ConstSingleton; using Http1HeaderTypes = ConstSingleton; const StringUtil::CaseUnorderedSet& caseUnorderdSetContainingUpgradeAndHttp2Settings() { CONSTRUCT_ON_FIRST_USE(StringUtil::CaseUnorderedSet, Http::Headers::get().ConnectionValues.Upgrade, Http::Headers::get().ConnectionValues.Http2Settings); } HeaderKeyFormatterPtr formatter(const Http::Http1Settings& settings) { if (settings.header_key_format_ == Http1Settings::HeaderKeyFormat::ProperCase) { return std::make_unique(); } return nullptr; } } // namespace const std::string StreamEncoderImpl::CRLF = "\r\n"; // Last chunk as defined here https://tools.ietf.org/html/rfc7230#section-4.1 const std::string StreamEncoderImpl::LAST_CHUNK = "0\r\n"; StreamEncoderImpl::StreamEncoderImpl(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter) : connection_(connection), disable_chunk_encoding_(false), chunk_encoding_(true), is_response_to_head_request_(false), is_response_to_connect_request_(false), header_key_formatter_(header_key_formatter) { if (connection_.connection().aboveHighWatermark()) { runHighWatermarkCallbacks(); } } void StreamEncoderImpl::encodeHeader(const char* key, uint32_t key_size, const char* value, uint32_t value_size) { ASSERT(key_size > 0); connection_.copyToBuffer(key, key_size); connection_.addCharToBuffer(':'); connection_.addCharToBuffer(' '); connection_.copyToBuffer(value, value_size); connection_.addToBuffer(CRLF); } void StreamEncoderImpl::encodeHeader(absl::string_view key, absl::string_view value) { this->encodeHeader(key.data(), key.size(), value.data(), value.size()); } void StreamEncoderImpl::encodeFormattedHeader(absl::string_view key, absl::string_view value) { if (header_key_formatter_ != nullptr) { encodeHeader(header_key_formatter_->format(key), value); } else { encodeHeader(key, value); } } void ResponseEncoderImpl::encode100ContinueHeaders(const ResponseHeaderMap& headers) { ASSERT(headers.Status()->value() == "100"); encodeHeaders(headers, false); } void StreamEncoderImpl::encodeHeadersBase(const RequestOrResponseHeaderMap& headers, absl::optional status, bool end_stream) { bool saw_content_length = false; headers.iterate([this](const HeaderEntry& header) -> HeaderMap::Iterate { absl::string_view key_to_use = header.key().getStringView(); uint32_t key_size_to_use = header.key().size(); // Translate :authority -> host so that upper layers do not need to deal with this. if (key_size_to_use > 1 && key_to_use[0] == ':' && key_to_use[1] == 'a') { key_to_use = absl::string_view(Headers::get().HostLegacy.get()); key_size_to_use = Headers::get().HostLegacy.get().size(); } // Skip all headers starting with ':' that make it here. if (key_to_use[0] == ':') { return HeaderMap::Iterate::Continue; } encodeFormattedHeader(key_to_use, header.value().getStringView()); return HeaderMap::Iterate::Continue; }); if (headers.ContentLength()) { saw_content_length = true; } ASSERT(!headers.TransferEncoding()); // Assume we are chunk encoding unless we are passed a content length or this is a header only // response. Upper layers generally should strip transfer-encoding since it only applies to // HTTP/1.1. The codec will infer it based on the type of response. // for streaming (e.g. SSE stream sent to hystrix dashboard), we do not want // chunk transfer encoding but we don't have a content-length so disable_chunk_encoding_ is // consulted before enabling chunk encoding. // // Note that for HEAD requests Envoy does best-effort guessing when there is no // content-length. If a client makes a HEAD request for an upstream resource // with no bytes but the upstream response doesn't include "Content-length: 0", // Envoy will incorrectly assume a subsequent response to GET will be chunk encoded. if (saw_content_length || disable_chunk_encoding_) { chunk_encoding_ = false; } else { if (status && *status == 100) { // Make sure we don't serialize chunk information with 100-Continue headers. chunk_encoding_ = false; } else if (end_stream && !is_response_to_head_request_) { // If this is a headers-only stream, append an explicit "Content-Length: 0" unless it's a // response to a HEAD request. // For 204s and 1xx where content length is disallowed, don't append the content length but // also don't chunk encode. if (!status || (*status >= 200 && *status != 204)) { encodeFormattedHeader(Headers::get().ContentLength.get(), "0"); } chunk_encoding_ = false; } else if (connection_.protocol() == Protocol::Http10) { chunk_encoding_ = false; } else if (status && (*status < 200 || *status == 204) && connection_.strict1xxAnd204Headers()) { // TODO(zuercher): when the "envoy.reloadable_features.strict_1xx_and_204_response_headers" // feature flag is removed, this block can be coalesced with the 100 Continue logic above. // For 1xx and 204 responses, do not send the chunked encoding header or enable chunked // encoding: https://tools.ietf.org/html/rfc7230#section-3.3.1 chunk_encoding_ = false; } else { // For responses to connect requests, do not send the chunked encoding header: // https://tools.ietf.org/html/rfc7231#section-4.3.6. if (!is_response_to_connect_request_) { encodeFormattedHeader(Headers::get().TransferEncoding.get(), Headers::get().TransferEncodingValues.Chunked); } // We do not apply chunk encoding for HTTP upgrades, including CONNECT style upgrades. // If there is a body in a response on the upgrade path, the chunks will be // passed through via maybeDirectDispatch so we need to avoid appending // extra chunk boundaries. // // When sending a response to a HEAD request Envoy may send an informational // "Transfer-Encoding: chunked" header, but should not send a chunk encoded body. chunk_encoding_ = !Utility::isUpgrade(headers) && !is_response_to_head_request_ && !is_response_to_connect_request_; } } connection_.addToBuffer(CRLF); if (end_stream) { endEncode(); } else { connection_.flushOutput(); } } void StreamEncoderImpl::encodeData(Buffer::Instance& data, bool end_stream) { // end_stream may be indicated with a zero length data buffer. If that is the case, so not // actually write the zero length buffer out. if (data.length() > 0) { if (chunk_encoding_) { connection_.buffer().add(absl::StrCat(absl::Hex(data.length()), CRLF)); } connection_.buffer().move(data); if (chunk_encoding_) { connection_.buffer().add(CRLF); } } if (end_stream) { endEncode(); } else { connection_.flushOutput(); } } void StreamEncoderImpl::encodeTrailersBase(const HeaderMap& trailers) { if (!connection_.enableTrailers()) { return endEncode(); } // Trailers only matter if it is a chunk transfer encoding // https://tools.ietf.org/html/rfc7230#section-4.4 if (chunk_encoding_) { // Finalize the body connection_.buffer().add(LAST_CHUNK); trailers.iterate([this](const HeaderEntry& header) -> HeaderMap::Iterate { encodeFormattedHeader(header.key().getStringView(), header.value().getStringView()); return HeaderMap::Iterate::Continue; }); connection_.flushOutput(); connection_.buffer().add(CRLF); } connection_.flushOutput(); connection_.onEncodeComplete(); } void StreamEncoderImpl::encodeMetadata(const MetadataMapVector&) { connection_.stats().metadata_not_supported_error_.inc(); } void StreamEncoderImpl::endEncode() { if (chunk_encoding_) { connection_.buffer().add(LAST_CHUNK); connection_.buffer().add(CRLF); } connection_.flushOutput(true); connection_.onEncodeComplete(); } void ServerConnectionImpl::maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer& output_buffer) { if (!flood_protection_) { return; } // It's messy and complicated to try to tag the final write of an HTTP response for response // tracking for flood protection. Instead, write an empty buffer fragment after the response, // to allow for tracking. // When the response is written out, the fragment will be deleted and the counter will be updated // by ServerConnectionImpl::releaseOutboundResponse() auto fragment = Buffer::OwnedBufferFragmentImpl::create(absl::string_view("", 0), response_buffer_releasor_); output_buffer.addBufferFragment(*fragment.release()); ASSERT(outbound_responses_ < max_outbound_responses_); outbound_responses_++; } Status ServerConnectionImpl::doFloodProtectionChecks() const { ASSERT(dispatching_); if (!flood_protection_) { return okStatus(); } // Before processing another request, make sure that we are below the response flood protection // threshold. if (outbound_responses_ >= max_outbound_responses_) { ENVOY_CONN_LOG(trace, "error accepting request: too many pending responses queued", connection_); stats_.response_flood_.inc(); return bufferFloodError("Too many responses queued."); } return okStatus(); } void ConnectionImpl::flushOutput(bool end_encode) { if (end_encode) { // If this is an HTTP response in ServerConnectionImpl, track outbound responses for flood // protection maybeAddSentinelBufferFragment(output_buffer_); } connection().write(output_buffer_, false); ASSERT(0UL == output_buffer_.length()); } void ConnectionImpl::addToBuffer(absl::string_view data) { output_buffer_.add(data); } void ConnectionImpl::addCharToBuffer(char c) { output_buffer_.add(&c, 1); } void ConnectionImpl::addIntToBuffer(uint64_t i) { output_buffer_.add(absl::StrCat(i)); } void ConnectionImpl::copyToBuffer(const char* data, uint64_t length) { output_buffer_.add(data, length); } void StreamEncoderImpl::resetStream(StreamResetReason reason) { connection_.onResetStreamBase(reason); } void StreamEncoderImpl::readDisable(bool disable) { if (disable) { ++read_disable_calls_; } else { ASSERT(read_disable_calls_ != 0); if (read_disable_calls_ != 0) { --read_disable_calls_; } } connection_.readDisable(disable); } uint32_t StreamEncoderImpl::bufferLimit() { return connection_.bufferLimit(); } const Network::Address::InstanceConstSharedPtr& StreamEncoderImpl::connectionLocalAddress() { return connection_.connection().localAddress(); } static const char RESPONSE_PREFIX[] = "HTTP/1.1 "; static const char HTTP_10_RESPONSE_PREFIX[] = "HTTP/1.0 "; void ResponseEncoderImpl::encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) { started_response_ = true; // The contract is that client codecs must ensure that :status is present. ASSERT(headers.Status() != nullptr); uint64_t numeric_status = Utility::getResponseStatus(headers); if (connection_.protocol() == Protocol::Http10 && connection_.supportsHttp10()) { connection_.copyToBuffer(HTTP_10_RESPONSE_PREFIX, sizeof(HTTP_10_RESPONSE_PREFIX) - 1); } else { connection_.copyToBuffer(RESPONSE_PREFIX, sizeof(RESPONSE_PREFIX) - 1); } connection_.addIntToBuffer(numeric_status); connection_.addCharToBuffer(' '); const char* status_string = CodeUtility::toString(static_cast(numeric_status)); uint32_t status_string_len = strlen(status_string); connection_.copyToBuffer(status_string, status_string_len); connection_.addCharToBuffer('\r'); connection_.addCharToBuffer('\n'); if (numeric_status >= 300) { // Don't do special CONNECT logic if the CONNECT was rejected. is_response_to_connect_request_ = false; } encodeHeadersBase(headers, absl::make_optional(numeric_status), end_stream); } static const char REQUEST_POSTFIX[] = " HTTP/1.1\r\n"; void RequestEncoderImpl::encodeHeaders(const RequestHeaderMap& headers, bool end_stream) { const HeaderEntry* method = headers.Method(); const HeaderEntry* path = headers.Path(); const HeaderEntry* host = headers.Host(); bool is_connect = HeaderUtility::isConnect(headers); // TODO(#10878): Include missing host header for CONNECT. // The RELEASE_ASSERT below does not change the existing behavior of `encodeHeaders`. // The `encodeHeaders` used to throw on errors. Callers of `encodeHeaders()` do not catch // exceptions and this would cause abnormal process termination in error cases. This change // replaces abnormal process termination from unhandled exception with the RELEASE_ASSERT. Further // work will replace this RELEASE_ASSERT with proper error handling. RELEASE_ASSERT(method && (path || is_connect), ":method and :path must be specified"); if (method->value() == Headers::get().MethodValues.Head) { head_request_ = true; } else if (method->value() == Headers::get().MethodValues.Connect) { disableChunkEncoding(); connect_request_ = true; } if (Utility::isUpgrade(headers)) { upgrade_request_ = true; } connection_.copyToBuffer(method->value().getStringView().data(), method->value().size()); connection_.addCharToBuffer(' '); if (is_connect) { connection_.copyToBuffer(host->value().getStringView().data(), host->value().size()); } else { connection_.copyToBuffer(path->value().getStringView().data(), path->value().size()); } connection_.copyToBuffer(REQUEST_POSTFIX, sizeof(REQUEST_POSTFIX) - 1); encodeHeadersBase(headers, absl::nullopt, end_stream); } int ConnectionImpl::setAndCheckCallbackStatus(Status&& status) { ASSERT(codec_status_.ok()); codec_status_ = std::move(status); return codec_status_.ok() ? enumToInt(HttpParserCode::Success) : enumToInt(HttpParserCode::Error); } int ConnectionImpl::setAndCheckCallbackStatusOr(Envoy::StatusOr&& statusor) { ASSERT(codec_status_.ok()); if (statusor.ok()) { return statusor.value(); } else { codec_status_ = std::move(statusor.status()); return enumToInt(HttpParserCode::Error); } } http_parser_settings ConnectionImpl::settings_{ [](http_parser* parser) -> int { auto* conn_impl = static_cast(parser->data); auto status = conn_impl->onMessageBeginBase(); return conn_impl->setAndCheckCallbackStatus(std::move(status)); }, [](http_parser* parser, const char* at, size_t length) -> int { auto* conn_impl = static_cast(parser->data); auto status = conn_impl->onUrl(at, length); return conn_impl->setAndCheckCallbackStatus(std::move(status)); }, nullptr, // on_status [](http_parser* parser, const char* at, size_t length) -> int { auto* conn_impl = static_cast(parser->data); auto status = conn_impl->onHeaderField(at, length); return conn_impl->setAndCheckCallbackStatus(std::move(status)); }, [](http_parser* parser, const char* at, size_t length) -> int { auto* conn_impl = static_cast(parser->data); auto status = conn_impl->onHeaderValue(at, length); return conn_impl->setAndCheckCallbackStatus(std::move(status)); }, [](http_parser* parser) -> int { auto* conn_impl = static_cast(parser->data); auto statusor = conn_impl->onHeadersCompleteBase(); return conn_impl->setAndCheckCallbackStatusOr(std::move(statusor)); }, [](http_parser* parser, const char* at, size_t length) -> int { static_cast(parser->data)->bufferBody(at, length); return 0; }, [](http_parser* parser) -> int { auto* conn_impl = static_cast(parser->data); auto status = conn_impl->onMessageCompleteBase(); return conn_impl->setAndCheckCallbackStatus(std::move(status)); }, [](http_parser* parser) -> int { // A 0-byte chunk header is used to signal the end of the chunked body. // When this function is called, http-parser holds the size of the chunk in // parser->content_length. See // https://github.com/nodejs/http-parser/blob/v2.9.3/http_parser.h#L336 const bool is_final_chunk = (parser->content_length == 0); static_cast(parser->data)->onChunkHeader(is_final_chunk); return 0; }, nullptr // on_chunk_complete }; ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stats, const Http1Settings& settings, http_parser_type type, uint32_t max_headers_kb, const uint32_t max_headers_count, HeaderKeyFormatterPtr&& header_key_formatter) : connection_(connection), stats_(stats), codec_settings_(settings), header_key_formatter_(std::move(header_key_formatter)), processing_trailers_(false), handling_upgrade_(false), reset_stream_called_(false), deferred_end_stream_headers_(false), strict_1xx_and_204_headers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.strict_1xx_and_204_response_headers")), dispatching_(false), output_buffer_([&]() -> void { this->onBelowLowWatermark(); }, [&]() -> void { this->onAboveHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }), max_headers_kb_(max_headers_kb), max_headers_count_(max_headers_count) { output_buffer_.setWatermarks(connection.bufferLimit()); http_parser_init(&parser_, type); parser_.allow_chunked_length = 1; parser_.data = this; } Status ConnectionImpl::completeLastHeader() { ASSERT(dispatching_); ENVOY_CONN_LOG(trace, "completed header: key={} value={}", connection_, current_header_field_.getStringView(), current_header_value_.getStringView()); RETURN_IF_ERROR(checkHeaderNameForUnderscores()); auto& headers_or_trailers = headersOrTrailers(); if (!current_header_field_.empty()) { current_header_field_.inlineTransform([](char c) { return absl::ascii_tolower(c); }); // Strip trailing whitespace of the current header value if any. Leading whitespace was trimmed // in ConnectionImpl::onHeaderValue. http_parser does not strip leading or trailing whitespace // as the spec requires: https://tools.ietf.org/html/rfc7230#section-3.2.4 current_header_value_.rtrim(); headers_or_trailers.addViaMove(std::move(current_header_field_), std::move(current_header_value_)); } // Check if the number of headers exceeds the limit. if (headers_or_trailers.size() > max_headers_count_) { error_code_ = Http::Code::RequestHeaderFieldsTooLarge; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().TooManyHeaders)); const absl::string_view header_type = processing_trailers_ ? Http1HeaderTypes::get().Trailers : Http1HeaderTypes::get().Headers; return codecProtocolError(absl::StrCat(header_type, " size exceeds limit")); } header_parsing_state_ = HeaderParsingState::Field; ASSERT(current_header_field_.empty()); ASSERT(current_header_value_.empty()); return okStatus(); } uint32_t ConnectionImpl::getHeadersSize() { return current_header_field_.size() + current_header_value_.size() + headersOrTrailers().byteSize(); } Status ConnectionImpl::checkMaxHeadersSize() { const uint32_t total = getHeadersSize(); if (total > (max_headers_kb_ * 1024)) { const absl::string_view header_type = processing_trailers_ ? Http1HeaderTypes::get().Trailers : Http1HeaderTypes::get().Headers; error_code_ = Http::Code::RequestHeaderFieldsTooLarge; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().HeadersTooLarge)); return codecProtocolError(absl::StrCat(header_type, " size exceeds limit")); } return okStatus(); } bool ConnectionImpl::maybeDirectDispatch(Buffer::Instance& data) { if (!handling_upgrade_) { // Only direct dispatch for Upgrade requests. return false; } ENVOY_CONN_LOG(trace, "direct-dispatched {} bytes", connection_, data.length()); onBody(data); data.drain(data.length()); return true; } Http::Status ConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ConnectionImpl::innerDispatch(Buffer::Instance& data) { ENVOY_CONN_LOG(trace, "parsing {} bytes", connection_, data.length()); // Make sure that dispatching_ is set to false after dispatching, even when // http_parser exits early with an error code. Cleanup cleanup([this]() { dispatching_ = false; }); ASSERT(!dispatching_); ASSERT(codec_status_.ok()); ASSERT(buffered_body_.length() == 0); dispatching_ = true; if (maybeDirectDispatch(data)) { return Http::okStatus(); } // Always unpause before dispatch. http_parser_pause(&parser_, 0); ssize_t total_parsed = 0; if (data.length() > 0) { for (const Buffer::RawSlice& slice : data.getRawSlices()) { auto statusor_parsed = dispatchSlice(static_cast(slice.mem_), slice.len_); if (!statusor_parsed.ok()) { return statusor_parsed.status(); } total_parsed += statusor_parsed.value(); if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK) { // Parse errors trigger an exception in dispatchSlice so we are guaranteed to be paused at // this point. ASSERT(HTTP_PARSER_ERRNO(&parser_) == HPE_PAUSED); break; } } dispatchBufferedBody(); } else { auto result = dispatchSlice(nullptr, 0); if (!result.ok()) { return result.status(); } } ASSERT(buffered_body_.length() == 0); ENVOY_CONN_LOG(trace, "parsed {} bytes", connection_, total_parsed); data.drain(total_parsed); // If an upgrade has been handled and there is body data or early upgrade // payload to send on, send it on. maybeDirectDispatch(data); return Http::okStatus(); } Envoy::StatusOr ConnectionImpl::dispatchSlice(const char* slice, size_t len) { ASSERT(codec_status_.ok() && dispatching_); ssize_t rc = http_parser_execute(&parser_, &settings_, slice, len); if (!codec_status_.ok()) { return codec_status_; } if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK && HTTP_PARSER_ERRNO(&parser_) != HPE_PAUSED) { RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().HttpCodecError)); // Avoid overwriting the codec_status_ set in the callbacks. ASSERT(codec_status_.ok()); codec_status_ = codecProtocolError( absl::StrCat("http/1.1 protocol error: ", http_errno_name(HTTP_PARSER_ERRNO(&parser_)))); return codec_status_; } return rc; } Status ConnectionImpl::onHeaderField(const char* data, size_t length) { ASSERT(dispatching_); // We previously already finished up the headers, these headers are // now trailers. if (header_parsing_state_ == HeaderParsingState::Done) { if (!enableTrailers()) { // Ignore trailers. return okStatus(); } processing_trailers_ = true; header_parsing_state_ = HeaderParsingState::Field; allocTrailers(); } if (header_parsing_state_ == HeaderParsingState::Value) { RETURN_IF_ERROR(completeLastHeader()); } current_header_field_.append(data, length); return checkMaxHeadersSize(); } Status ConnectionImpl::onHeaderValue(const char* data, size_t length) { ASSERT(dispatching_); if (header_parsing_state_ == HeaderParsingState::Done && !enableTrailers()) { // Ignore trailers. return okStatus(); } absl::string_view header_value{data, length}; if (!Http::HeaderUtility::headerValueIsValid(header_value)) { ENVOY_CONN_LOG(debug, "invalid header value: {}", connection_, header_value); error_code_ = Http::Code::BadRequest; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().InvalidCharacters)); return codecProtocolError("http/1.1 protocol error: header value contains invalid chars"); } header_parsing_state_ = HeaderParsingState::Value; if (current_header_value_.empty()) { // Strip leading whitespace if the current header value input contains the first bytes of the // encoded header value. Trailing whitespace is stripped once the full header value is known in // ConnectionImpl::completeLastHeader. http_parser does not strip leading or trailing whitespace // as the spec requires: https://tools.ietf.org/html/rfc7230#section-3.2.4 . header_value = StringUtil::ltrim(header_value); } current_header_value_.append(header_value.data(), header_value.length()); return checkMaxHeadersSize(); } Envoy::StatusOr ConnectionImpl::onHeadersCompleteBase() { ASSERT(!processing_trailers_); ASSERT(dispatching_); ENVOY_CONN_LOG(trace, "onHeadersCompleteBase", connection_); RETURN_IF_ERROR(completeLastHeader()); if (!(parser_.http_major == 1 && parser_.http_minor == 1)) { // This is not necessarily true, but it's good enough since higher layers only care if this is // HTTP/1.1 or not. protocol_ = Protocol::Http10; } RequestOrResponseHeaderMap& request_or_response_headers = requestOrResponseHeaders(); if (Utility::isUpgrade(request_or_response_headers) && upgradeAllowed()) { // Ignore h2c upgrade requests until we support them. // See https://github.com/envoyproxy/envoy/issues/7161 for details. if (absl::EqualsIgnoreCase(request_or_response_headers.getUpgradeValue(), Http::Headers::get().UpgradeValues.H2c)) { ENVOY_CONN_LOG(trace, "removing unsupported h2c upgrade headers.", connection_); request_or_response_headers.removeUpgrade(); if (request_or_response_headers.Connection()) { const auto& tokens_to_remove = caseUnorderdSetContainingUpgradeAndHttp2Settings(); std::string new_value = StringUtil::removeTokens( request_or_response_headers.getConnectionValue(), ",", tokens_to_remove, ","); if (new_value.empty()) { request_or_response_headers.removeConnection(); } else { request_or_response_headers.setConnection(new_value); } } request_or_response_headers.remove(Headers::get().Http2Settings); } else { ENVOY_CONN_LOG(trace, "codec entering upgrade mode.", connection_); handling_upgrade_ = true; } } if (parser_.method == HTTP_CONNECT) { if (request_or_response_headers.ContentLength()) { if (request_or_response_headers.getContentLengthValue() == "0") { request_or_response_headers.removeContentLength(); } else { // Per https://tools.ietf.org/html/rfc7231#section-4.3.6 a payload with a // CONNECT request has no defined semantics, and may be rejected. error_code_ = Http::Code::BadRequest; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().BodyDisallowed)); return codecProtocolError("http/1.1 protocol error: unsupported content length"); } } ENVOY_CONN_LOG(trace, "codec entering upgrade mode for CONNECT request.", connection_); handling_upgrade_ = true; } // https://tools.ietf.org/html/rfc7230#section-3.3.3 // If a message is received with both a Transfer-Encoding and a // Content-Length header field, the Transfer-Encoding overrides the // Content-Length. Such a message might indicate an attempt to // perform request smuggling (Section 9.5) or response splitting // (Section 9.4) and ought to be handled as an error. A sender MUST // remove the received Content-Length field prior to forwarding such // a message. // Reject message with Http::Code::BadRequest if both Transfer-Encoding and Content-Length // headers are present or if allowed by http1 codec settings and 'Transfer-Encoding' // is chunked - remove Content-Length and serve request. if (parser_.uses_transfer_encoding != 0 && request_or_response_headers.ContentLength()) { if ((parser_.flags & F_CHUNKED) && codec_settings_.allow_chunked_length_) { request_or_response_headers.removeContentLength(); } else { error_code_ = Http::Code::BadRequest; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().ChunkedContentLength)); return codecProtocolError( "http/1.1 protocol error: both 'Content-Length' and 'Transfer-Encoding' are set."); } } // Per https://tools.ietf.org/html/rfc7230#section-3.3.1 Envoy should reject // transfer-codings it does not understand. // Per https://tools.ietf.org/html/rfc7231#section-4.3.6 a payload with a // CONNECT request has no defined semantics, and may be rejected. if (request_or_response_headers.TransferEncoding()) { const absl::string_view encoding = request_or_response_headers.getTransferEncodingValue(); if (!absl::EqualsIgnoreCase(encoding, Headers::get().TransferEncodingValues.Chunked) || parser_.method == HTTP_CONNECT) { error_code_ = Http::Code::NotImplemented; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().InvalidTransferEncoding)); return codecProtocolError("http/1.1 protocol error: unsupported transfer encoding"); } } auto statusor = onHeadersComplete(); if (!statusor.ok()) { RETURN_IF_ERROR(statusor.status()); } header_parsing_state_ = HeaderParsingState::Done; // Returning 2 informs http_parser to not expect a body or further data on this connection. return handling_upgrade_ ? 2 : statusor.value(); } void ConnectionImpl::bufferBody(const char* data, size_t length) { buffered_body_.add(data, length); } void ConnectionImpl::dispatchBufferedBody() { ASSERT(HTTP_PARSER_ERRNO(&parser_) == HPE_OK || HTTP_PARSER_ERRNO(&parser_) == HPE_PAUSED); ASSERT(codec_status_.ok()); if (buffered_body_.length() > 0) { onBody(buffered_body_); buffered_body_.drain(buffered_body_.length()); } } void ConnectionImpl::onChunkHeader(bool is_final_chunk) { if (is_final_chunk) { // Dispatch body before parsing trailers, so body ends up dispatched even if an error is found // while processing trailers. dispatchBufferedBody(); } } Status ConnectionImpl::onMessageCompleteBase() { ENVOY_CONN_LOG(trace, "message complete", connection_); dispatchBufferedBody(); if (handling_upgrade_) { // If this is an upgrade request, swallow the onMessageComplete. The // upgrade payload will be treated as stream body. ASSERT(!deferred_end_stream_headers_); ENVOY_CONN_LOG(trace, "Pausing parser due to upgrade.", connection_); http_parser_pause(&parser_, 1); return okStatus(); } // If true, this indicates we were processing trailers and must // move the last header into current_header_map_ if (header_parsing_state_ == HeaderParsingState::Value) { RETURN_IF_ERROR(completeLastHeader()); } onMessageComplete(); return okStatus(); } Status ConnectionImpl::onMessageBeginBase() { ENVOY_CONN_LOG(trace, "message begin", connection_); // Make sure that if HTTP/1.0 and HTTP/1.1 requests share a connection Envoy correctly sets // protocol for each request. Envoy defaults to 1.1 but sets the protocol to 1.0 where applicable // in onHeadersCompleteBase protocol_ = Protocol::Http11; processing_trailers_ = false; header_parsing_state_ = HeaderParsingState::Field; allocHeaders(); return onMessageBegin(); } void ConnectionImpl::onResetStreamBase(StreamResetReason reason) { ASSERT(!reset_stream_called_); reset_stream_called_ = true; onResetStream(reason); } ServerConnectionImpl::ServerConnectionImpl( Network::Connection& connection, CodecStats& stats, ServerConnectionCallbacks& callbacks, const Http1Settings& settings, uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) : ConnectionImpl(connection, stats, settings, HTTP_REQUEST, max_request_headers_kb, max_request_headers_count, formatter(settings)), callbacks_(callbacks), response_buffer_releasor_([this](const Buffer::OwnedBufferFragmentImpl* fragment) { releaseOutboundResponse(fragment); }), // Pipelining is generally not well supported on the internet and has a series of dangerous // overflow bugs. As such we are disabling it for now, and removing this temporary override if // no one objects. If you use this integer to restore prior behavior, contact the // maintainer team as it will otherwise be removed entirely soon. max_outbound_responses_( Runtime::getInteger("envoy.do_not_use_going_away_max_http2_outbound_responses", 2)), flood_protection_( Runtime::runtimeFeatureEnabled("envoy.reloadable_features.http1_flood_protection")), headers_with_underscores_action_(headers_with_underscores_action) {} uint32_t ServerConnectionImpl::getHeadersSize() { // Add in the size of the request URL if processing request headers. const uint32_t url_size = (!processing_trailers_ && active_request_.has_value()) ? active_request_.value().request_url_.size() : 0; return url_size + ConnectionImpl::getHeadersSize(); } void ServerConnectionImpl::onEncodeComplete() { if (active_request_.value().remote_complete_) { // Only do this if remote is complete. If we are replying before the request is complete the // only logical thing to do is for higher level code to reset() / close the connection so we // leave the request around so that it can fire reset callbacks. active_request_.reset(); } } Status ServerConnectionImpl::handlePath(RequestHeaderMap& headers, unsigned int method) { HeaderString path(Headers::get().Path); bool is_connect = (method == HTTP_CONNECT); // The url is relative or a wildcard when the method is OPTIONS. Nothing to do here. auto& active_request = active_request_.value(); if (!is_connect && !active_request.request_url_.getStringView().empty() && (active_request.request_url_.getStringView()[0] == '/' || ((method == HTTP_OPTIONS) && active_request.request_url_.getStringView()[0] == '*'))) { headers.addViaMove(std::move(path), std::move(active_request.request_url_)); return okStatus(); } // If absolute_urls and/or connect are not going be handled, copy the url and return. // This forces the behavior to be backwards compatible with the old codec behavior. // CONNECT "urls" are actually host:port so look like absolute URLs to the above checks. // Absolute URLS in CONNECT requests will be rejected below by the URL class validation. if (!codec_settings_.allow_absolute_url_ && !is_connect) { headers.addViaMove(std::move(path), std::move(active_request.request_url_)); return okStatus(); } Utility::Url absolute_url; if (!absolute_url.initialize(active_request.request_url_.getStringView(), is_connect)) { RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().InvalidUrl)); return codecProtocolError("http/1.1 protocol error: invalid url in request line"); } // RFC7230#5.7 // When a proxy receives a request with an absolute-form of // request-target, the proxy MUST ignore the received Host header field // (if any) and instead replace it with the host information of the // request-target. A proxy that forwards such a request MUST generate a // new Host field-value based on the received request-target rather than // forward the received Host field-value. headers.setHost(absolute_url.hostAndPort()); if (!absolute_url.pathAndQueryParams().empty()) { headers.setPath(absolute_url.pathAndQueryParams()); } active_request.request_url_.clear(); return okStatus(); } Envoy::StatusOr ServerConnectionImpl::onHeadersComplete() { // Handle the case where response happens prior to request complete. It's up to upper layer code // to disconnect the connection but we shouldn't fire any more events since it doesn't make // sense. if (active_request_.has_value()) { auto& active_request = active_request_.value(); auto& headers = absl::get(headers_or_trailers_); ENVOY_CONN_LOG(trace, "Server: onHeadersComplete size={}", connection_, headers->size()); const char* method_string = http_method_str(static_cast(parser_.method)); if (!handling_upgrade_ && headers->Connection()) { // If we fail to sanitize the request, return a 400 to the client if (!Utility::sanitizeConnectionHeader(*headers)) { absl::string_view header_value = headers->getConnectionValue(); ENVOY_CONN_LOG(debug, "Invalid nominated headers in Connection: {}", connection_, header_value); error_code_ = Http::Code::BadRequest; RETURN_IF_ERROR( sendProtocolError(Http1ResponseCodeDetails::get().ConnectionHeaderSanitization)); return codecProtocolError("Invalid nominated headers in Connection."); } } // Inform the response encoder about any HEAD method, so it can set content // length and transfer encoding headers correctly. active_request.response_encoder_.setIsResponseToHeadRequest(parser_.method == HTTP_HEAD); active_request.response_encoder_.setIsResponseToConnectRequest(parser_.method == HTTP_CONNECT); RETURN_IF_ERROR(handlePath(*headers, parser_.method)); ASSERT(active_request.request_url_.empty()); headers->setMethod(method_string); // Make sure the host is valid. auto details = HeaderUtility::requestHeadersValid(*headers); if (details.has_value()) { RETURN_IF_ERROR(sendProtocolError(details.value().get())); return codecProtocolError( "http/1.1 protocol error: request headers failed spec compliance checks"); } // Determine here whether we have a body or not. This uses the new RFC semantics where the // presence of content-length or chunked transfer-encoding indicates a body vs. a particular // method. If there is no body, we defer raising decodeHeaders() until the parser is flushed // with message complete. This allows upper layers to behave like HTTP/2 and prevents a proxy // scenario where the higher layers stream through and implicitly switch to chunked transfer // encoding because end stream with zero body length has not yet been indicated. if (parser_.flags & F_CHUNKED || (parser_.content_length > 0 && parser_.content_length != ULLONG_MAX) || handling_upgrade_) { active_request.request_decoder_->decodeHeaders(std::move(headers), false); // If the connection has been closed (or is closing) after decoding headers, pause the parser // so we return control to the caller. if (connection_.state() != Network::Connection::State::Open) { http_parser_pause(&parser_, 1); } } else { deferred_end_stream_headers_ = true; } } return 0; } Status ServerConnectionImpl::onMessageBegin() { if (!resetStreamCalled()) { ASSERT(!active_request_.has_value()); active_request_.emplace(*this, header_key_formatter_.get()); auto& active_request = active_request_.value(); if (resetStreamCalled()) { return codecClientError("cannot create new streams after calling reset"); } active_request.request_decoder_ = &callbacks_.newStream(active_request.response_encoder_); // Check for pipelined request flood as we prepare to accept a new request. // Parse errors that happen prior to onMessageBegin result in stream termination, it is not // possible to overflow output buffers with early parse errors. RETURN_IF_ERROR(doFloodProtectionChecks()); } return okStatus(); } Status ServerConnectionImpl::onUrl(const char* data, size_t length) { if (active_request_.has_value()) { active_request_.value().request_url_.append(data, length); RETURN_IF_ERROR(checkMaxHeadersSize()); } return okStatus(); } void ServerConnectionImpl::onBody(Buffer::Instance& data) { ASSERT(!deferred_end_stream_headers_); if (active_request_.has_value()) { ENVOY_CONN_LOG(trace, "body size={}", connection_, data.length()); active_request_.value().request_decoder_->decodeData(data, false); } } void ServerConnectionImpl::onMessageComplete() { ASSERT(!handling_upgrade_); if (active_request_.has_value()) { auto& active_request = active_request_.value(); if (active_request.request_decoder_) { active_request.response_encoder_.readDisable(true); } active_request.remote_complete_ = true; if (deferred_end_stream_headers_) { active_request.request_decoder_->decodeHeaders( std::move(absl::get(headers_or_trailers_)), true); deferred_end_stream_headers_ = false; } else if (processing_trailers_) { active_request.request_decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } else { Buffer::OwnedImpl buffer; active_request.request_decoder_->decodeData(buffer, true); } // Reset to ensure no information from one requests persists to the next. headers_or_trailers_.emplace(nullptr); } // Always pause the parser so that the calling code can process 1 request at a time and apply // back pressure. However this means that the calling code needs to detect if there is more data // in the buffer and dispatch it again. http_parser_pause(&parser_, 1); } void ServerConnectionImpl::onResetStream(StreamResetReason reason) { active_request_.value().response_encoder_.runResetCallbacks(reason); active_request_.reset(); } void ServerConnectionImpl::sendProtocolErrorOld(absl::string_view details) { if (active_request_.has_value()) { active_request_.value().response_encoder_.setDetails(details); } // We do this here because we may get a protocol error before we have a logical stream. Higher // layers can only operate on streams, so there is no coherent way to allow them to send an error // "out of band." On one hand this is kind of a hack but on the other hand it normalizes HTTP/1.1 // to look more like HTTP/2 to higher layers. if (!active_request_.has_value() || !active_request_.value().response_encoder_.startedResponse()) { Buffer::OwnedImpl bad_request_response( absl::StrCat("HTTP/1.1 ", error_code_, " ", CodeUtility::toString(error_code_), "\r\ncontent-length: 0\r\nconnection: close\r\n\r\n")); connection_.write(bad_request_response, false); } } Status ServerConnectionImpl::sendProtocolError(absl::string_view details) { if (!Runtime::runtimeFeatureEnabled("envoy.reloadable_features.early_errors_via_hcm")) { sendProtocolErrorOld(details); return okStatus(); } // We do this here because we may get a protocol error before we have a logical stream. if (!active_request_.has_value()) { RETURN_IF_ERROR(onMessageBeginBase()); } ASSERT(active_request_.has_value()); active_request_.value().response_encoder_.setDetails(details); if (!active_request_.value().response_encoder_.startedResponse()) { // Note that the correctness of is_grpc_request and is_head_request is best-effort. // If headers have not been fully parsed they may not be inferred correctly. bool is_grpc_request = false; if (absl::holds_alternative(headers_or_trailers_) && absl::get(headers_or_trailers_) != nullptr) { is_grpc_request = Grpc::Common::isGrpcRequestHeaders(*absl::get(headers_or_trailers_)); } active_request_->request_decoder_->sendLocalReply(is_grpc_request, error_code_, CodeUtility::toString(error_code_), nullptr, absl::nullopt, details); } return okStatus(); } void ServerConnectionImpl::onAboveHighWatermark() { if (active_request_.has_value()) { active_request_.value().response_encoder_.runHighWatermarkCallbacks(); } } void ServerConnectionImpl::onBelowLowWatermark() { if (active_request_.has_value()) { active_request_.value().response_encoder_.runLowWatermarkCallbacks(); } } void ServerConnectionImpl::releaseOutboundResponse( const Buffer::OwnedBufferFragmentImpl* fragment) { ASSERT(outbound_responses_ >= 1); --outbound_responses_; delete fragment; } Status ServerConnectionImpl::checkHeaderNameForUnderscores() { if (headers_with_underscores_action_ != envoy::config::core::v3::HttpProtocolOptions::ALLOW && Http::HeaderUtility::headerNameContainsUnderscore(current_header_field_.getStringView())) { if (headers_with_underscores_action_ == envoy::config::core::v3::HttpProtocolOptions::DROP_HEADER) { ENVOY_CONN_LOG(debug, "Dropping header with invalid characters in its name: {}", connection_, current_header_field_.getStringView()); stats_.dropped_headers_with_underscores_.inc(); current_header_field_.clear(); current_header_value_.clear(); } else { ENVOY_CONN_LOG(debug, "Rejecting request due to header name with underscores: {}", connection_, current_header_field_.getStringView()); error_code_ = Http::Code::BadRequest; RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().InvalidUnderscore)); stats_.requests_rejected_with_underscores_in_headers_.inc(); return codecProtocolError("http/1.1 protocol error: header name contains underscores"); } } return okStatus(); } ClientConnectionImpl::ClientConnectionImpl(Network::Connection& connection, CodecStats& stats, ConnectionCallbacks&, const Http1Settings& settings, const uint32_t max_response_headers_count) : ConnectionImpl(connection, stats, settings, HTTP_RESPONSE, MAX_RESPONSE_HEADERS_KB, max_response_headers_count, formatter(settings)) {} bool ClientConnectionImpl::cannotHaveBody() { if (pending_response_.has_value() && pending_response_.value().encoder_.headRequest()) { ASSERT(!pending_response_done_); return true; } else if (parser_.status_code == 204 || parser_.status_code == 304 || (parser_.status_code >= 200 && parser_.content_length == 0 && !(parser_.flags & F_CHUNKED))) { return true; } else { return false; } } RequestEncoder& ClientConnectionImpl::newStream(ResponseDecoder& response_decoder) { // If reads were disabled due to flow control, we expect reads to always be enabled again before // reusing this connection. This is done when the response is received. ASSERT(connection_.readEnabled()); ASSERT(!pending_response_.has_value()); ASSERT(pending_response_done_); pending_response_.emplace(*this, header_key_formatter_.get(), &response_decoder); pending_response_done_ = false; return pending_response_.value().encoder_; } Envoy::StatusOr ClientConnectionImpl::onHeadersComplete() { ENVOY_CONN_LOG(trace, "status_code {}", connection_, parser_.status_code); // Handle the case where the client is closing a kept alive connection (by sending a 408 // with a 'Connection: close' header). In this case we just let response flush out followed // by the remote close. if (!pending_response_.has_value() && !resetStreamCalled()) { return prematureResponseError("", static_cast(parser_.status_code)); } else if (pending_response_.has_value()) { ASSERT(!pending_response_done_); auto& headers = absl::get(headers_or_trailers_); ENVOY_CONN_LOG(trace, "Client: onHeadersComplete size={}", connection_, headers->size()); headers->setStatus(parser_.status_code); if (parser_.status_code >= 200 && parser_.status_code < 300 && pending_response_.value().encoder_.connectRequest()) { ENVOY_CONN_LOG(trace, "codec entering upgrade mode for CONNECT response.", connection_); handling_upgrade_ = true; // For responses to connect requests, do not accept the chunked // encoding header: https://tools.ietf.org/html/rfc7231#section-4.3.6 if (headers->TransferEncoding() && absl::EqualsIgnoreCase(headers->TransferEncoding()->value().getStringView(), Headers::get().TransferEncodingValues.Chunked)) { RETURN_IF_ERROR(sendProtocolError(Http1ResponseCodeDetails::get().InvalidTransferEncoding)); return codecProtocolError("http/1.1 protocol error: unsupported transfer encoding"); } } if (strict_1xx_and_204_headers_ && (parser_.status_code < 200 || parser_.status_code == 204)) { if (headers->TransferEncoding()) { RETURN_IF_ERROR( sendProtocolError(Http1ResponseCodeDetails::get().TransferEncodingNotAllowed)); return codecProtocolError( "http/1.1 protocol error: transfer encoding not allowed in 1xx or 204"); } if (headers->ContentLength()) { // Report a protocol error for non-zero Content-Length, but paper over zero Content-Length. if (headers->ContentLength()->value().getStringView() != "0") { RETURN_IF_ERROR( sendProtocolError(Http1ResponseCodeDetails::get().ContentLengthNotAllowed)); return codecProtocolError( "http/1.1 protocol error: content length not allowed in 1xx or 204"); } headers->removeContentLength(); } } if (parser_.status_code == enumToInt(Http::Code::Continue)) { pending_response_.value().decoder_->decode100ContinueHeaders(std::move(headers)); } else if (cannotHaveBody() && !handling_upgrade_) { deferred_end_stream_headers_ = true; } else { pending_response_.value().decoder_->decodeHeaders(std::move(headers), false); } // http-parser treats 1xx headers as their own complete response. Swallow the spurious // onMessageComplete and continue processing for purely informational headers. // 101-SwitchingProtocols is exempt as all data after the header is proxied through after // upgrading. if (CodeUtility::is1xx(parser_.status_code) && parser_.status_code != enumToInt(Http::Code::SwitchingProtocols)) { ignore_message_complete_for_1xx_ = true; // Reset to ensure no information from the 1xx headers is used for the response headers. headers_or_trailers_.emplace(nullptr); } } // Here we deal with cases where the response cannot have a body by returning 1, but http_parser // does not deal with it for us. return cannotHaveBody() ? 1 : 0; } bool ClientConnectionImpl::upgradeAllowed() const { if (pending_response_.has_value()) { return pending_response_->encoder_.upgradeRequest(); } return false; } void ClientConnectionImpl::onBody(Buffer::Instance& data) { ASSERT(!deferred_end_stream_headers_); if (pending_response_.has_value()) { ASSERT(!pending_response_done_); pending_response_.value().decoder_->decodeData(data, false); } } void ClientConnectionImpl::onMessageComplete() { ENVOY_CONN_LOG(trace, "message complete", connection_); if (ignore_message_complete_for_1xx_) { ignore_message_complete_for_1xx_ = false; return; } if (pending_response_.has_value()) { ASSERT(!pending_response_done_); // After calling decodeData() with end stream set to true, we should no longer be able to reset. PendingResponse& response = pending_response_.value(); // Encoder is used as part of decode* calls later in this function so pending_response_ can not // be reset just yet. Preserve the state in pending_response_done_ instead. pending_response_done_ = true; if (deferred_end_stream_headers_) { response.decoder_->decodeHeaders( std::move(absl::get(headers_or_trailers_)), true); deferred_end_stream_headers_ = false; } else if (processing_trailers_) { response.decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } else { Buffer::OwnedImpl buffer; response.decoder_->decodeData(buffer, true); } // Reset to ensure no information from one requests persists to the next. pending_response_.reset(); headers_or_trailers_.emplace(nullptr); } } void ClientConnectionImpl::onResetStream(StreamResetReason reason) { // Only raise reset if we did not already dispatch a complete response. if (pending_response_.has_value() && !pending_response_done_) { pending_response_.value().encoder_.runResetCallbacks(reason); pending_response_done_ = true; pending_response_.reset(); } } Status ClientConnectionImpl::sendProtocolError(absl::string_view details) { if (pending_response_.has_value()) { ASSERT(!pending_response_done_); pending_response_.value().encoder_.setDetails(details); } return okStatus(); } void ClientConnectionImpl::onAboveHighWatermark() { // This should never happen without an active stream/request. pending_response_.value().encoder_.runHighWatermarkCallbacks(); } void ClientConnectionImpl::onBelowLowWatermark() { // This can get called without an active stream/request when the response completion causes us to // close the connection, but in doing so go below low watermark. if (pending_response_.has_value() && !pending_response_done_) { pending_response_.value().encoder_.runLowWatermarkCallbacks(); } } } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/codec_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "common/buffer/watermark_buffer.h" #include "common/common/assert.h" #include "common/common/statusor.h" #include "common/http/codec_helper.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/http1/codec_stats.h" #include "common/http/http1/header_formatter.h" #include "common/http/status.h" namespace Envoy { namespace Http { namespace Http1 { class ConnectionImpl; /** * Base class for HTTP/1.1 request and response encoders. */ class StreamEncoderImpl : public virtual StreamEncoder, public Stream, Logger::Loggable, public StreamCallbackHelper, public Http1StreamEncoderOptions { public: ~StreamEncoderImpl() override { // When the stream goes away, undo any read blocks to resume reading. while (read_disable_calls_ != 0) { StreamEncoderImpl::readDisable(false); } } // Http::StreamEncoder void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeMetadata(const MetadataMapVector&) override; Stream& getStream() override { return *this; } Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return *this; } // Http::Http1StreamEncoderOptions void disableChunkEncoding() override { disable_chunk_encoding_ = true; } // Http::Stream void addCallbacks(StreamCallbacks& callbacks) override { addCallbacksHelper(callbacks); } void removeCallbacks(StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } // After this is called, for the HTTP/1 codec, the connection should be closed, i.e. no further // progress may be made with the codec. void resetStream(StreamResetReason reason) override; void readDisable(bool disable) override; uint32_t bufferLimit() override; absl::string_view responseDetails() override { return details_; } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override; void setFlushTimeout(std::chrono::milliseconds) override { // HTTP/1 has one stream per connection, thus any data encoded is immediately written to the // connection, invoking any watermarks as necessary. There is no internal buffering that would // require a flush timeout not already covered by other timeouts. } void setIsResponseToHeadRequest(bool value) { is_response_to_head_request_ = value; } void setIsResponseToConnectRequest(bool value) { is_response_to_connect_request_ = value; } void setDetails(absl::string_view details) { details_ = details; } void clearReadDisableCallsForTests() { read_disable_calls_ = 0; } protected: StreamEncoderImpl(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter); void encodeHeadersBase(const RequestOrResponseHeaderMap& headers, absl::optional status, bool end_stream); void encodeTrailersBase(const HeaderMap& headers); static const std::string CRLF; static const std::string LAST_CHUNK; ConnectionImpl& connection_; uint32_t read_disable_calls_{}; bool disable_chunk_encoding_ : 1; bool chunk_encoding_ : 1; bool is_response_to_head_request_ : 1; bool is_response_to_connect_request_ : 1; private: /** * Called to encode an individual header. * @param key supplies the header to encode. * @param key_size supplies the byte size of the key. * @param value supplies the value to encode. * @param value_size supplies the byte size of the value. */ void encodeHeader(const char* key, uint32_t key_size, const char* value, uint32_t value_size); /** * Called to encode an individual header. * @param key supplies the header to encode as a string_view. * @param value supplies the value to encode as a string_view. */ void encodeHeader(absl::string_view key, absl::string_view value); /** * Called to finalize a stream encode. */ void endEncode(); void encodeFormattedHeader(absl::string_view key, absl::string_view value); const HeaderKeyFormatter* const header_key_formatter_; absl::string_view details_; }; /** * HTTP/1.1 response encoder. */ class ResponseEncoderImpl : public StreamEncoderImpl, public ResponseEncoder { public: ResponseEncoderImpl(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter, bool stream_error_on_invalid_http_message) : StreamEncoderImpl(connection, header_key_formatter), stream_error_on_invalid_http_message_(stream_error_on_invalid_http_message) {} bool startedResponse() { return started_response_; } // Http::ResponseEncoder void encode100ContinueHeaders(const ResponseHeaderMap& headers) override; void encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) override; void encodeTrailers(const ResponseTrailerMap& trailers) override { encodeTrailersBase(trailers); } bool streamErrorOnInvalidHttpMessage() const override { return stream_error_on_invalid_http_message_; } private: bool started_response_{}; const bool stream_error_on_invalid_http_message_; }; /** * HTTP/1.1 request encoder. */ class RequestEncoderImpl : public StreamEncoderImpl, public RequestEncoder { public: RequestEncoderImpl(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter) : StreamEncoderImpl(connection, header_key_formatter) {} bool upgradeRequest() const { return upgrade_request_; } bool headRequest() const { return head_request_; } bool connectRequest() const { return connect_request_; } // Http::RequestEncoder void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) override; void encodeTrailers(const RequestTrailerMap& trailers) override { encodeTrailersBase(trailers); } private: bool upgrade_request_{}; bool head_request_{}; bool connect_request_{}; }; /** * Base class for HTTP/1.1 client and server connections. * Handles the callbacks of http_parser with its own base routine and then * virtual dispatches to its subclasses. */ class ConnectionImpl : public virtual Connection, protected Logger::Loggable { public: /** * @return Network::Connection& the backing network connection. */ Network::Connection& connection() { return connection_; } /** * Called when the active encoder has completed encoding the outbound half of the stream. */ virtual void onEncodeComplete() PURE; /** * Called when resetStream() has been called on an active stream. In HTTP/1.1 the only * valid operation after this point is for the connection to get blown away, but we will not * fire any more callbacks in case some stack has to unwind. */ void onResetStreamBase(StreamResetReason reason); /** * Flush all pending output from encoding. */ void flushOutput(bool end_encode = false); void addToBuffer(absl::string_view data); void addCharToBuffer(char c); void addIntToBuffer(uint64_t i); Buffer::WatermarkBuffer& buffer() { return output_buffer_; } uint64_t bufferRemainingSize(); void copyToBuffer(const char* data, uint64_t length); void reserveBuffer(uint64_t size); void readDisable(bool disable) { if (connection_.state() == Network::Connection::State::Open) { connection_.readDisable(disable); } } uint32_t bufferLimit() { return connection_.bufferLimit(); } virtual bool supportsHttp10() { return false; } bool maybeDirectDispatch(Buffer::Instance& data); virtual void maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer&) {} CodecStats& stats() { return stats_; } bool enableTrailers() const { return codec_settings_.enable_trailers_; } // Http::Connection Http::Status dispatch(Buffer::Instance& data) override; void goAway() override {} // Called during connection manager drain flow Protocol protocol() override { return protocol_; } void shutdownNotice() override {} // Called during connection manager drain flow bool wantsToWrite() override { return false; } void onUnderlyingConnectionAboveWriteBufferHighWatermark() override { onAboveHighWatermark(); } void onUnderlyingConnectionBelowWriteBufferLowWatermark() override { onBelowLowWatermark(); } bool strict1xxAnd204Headers() { return strict_1xx_and_204_headers_; } int setAndCheckCallbackStatus(Status&& status); int setAndCheckCallbackStatusOr(Envoy::StatusOr&& statusor); // Codec errors found in callbacks are overridden within the http_parser library. This holds those // errors to propagate them through to dispatch() where we can handle the error. Envoy::Http::Status codec_status_; protected: ConnectionImpl(Network::Connection& connection, CodecStats& stats, const Http1Settings& settings, http_parser_type type, uint32_t max_headers_kb, const uint32_t max_headers_count, HeaderKeyFormatterPtr&& header_key_formatter); // The following define special return values for http_parser callbacks. See: // https://github.com/nodejs/http-parser/blob/5c5b3ac62662736de9e71640a8dc16da45b32503/http_parser.h#L72 // These codes do not overlap with standard HTTP Status codes. They are only used for user // callbacks. enum class HttpParserCode { // Callbacks other than on_headers_complete should return a non-zero int to indicate an error // and // halt execution. Error = -1, Success = 0, // Returning '1' from on_headers_complete will tell http_parser that it should not expect a // body. NoBody = 1, // Returning '2' from on_headers_complete will tell http_parser that it should not expect a body // nor any further data on the connection. NoBodyData = 2, }; bool resetStreamCalled() { return reset_stream_called_; } Status onMessageBeginBase(); /** * Get memory used to represent HTTP headers or trailers currently being parsed. * Computed by adding the partial header field and value that is currently being parsed and the * estimated header size for previous header lines provided by HeaderMap::byteSize(). */ virtual uint32_t getHeadersSize(); /** * Called from onUrl, onHeaderField and onHeaderValue to verify that the headers do not exceed the * configured max header size limit. * @return A codecProtocolError status if headers exceed the size limit. */ Status checkMaxHeadersSize(); Network::Connection& connection_; CodecStats& stats_; const Http1Settings codec_settings_; http_parser parser_; Http::Code error_code_{Http::Code::BadRequest}; const HeaderKeyFormatterPtr header_key_formatter_; HeaderString current_header_field_; HeaderString current_header_value_; bool processing_trailers_ : 1; bool handling_upgrade_ : 1; bool reset_stream_called_ : 1; // Deferred end stream headers indicate that we are not going to raise headers until the full // HTTP/1 message has been flushed from the parser. This allows raising an HTTP/2 style headers // block with end stream set to true with no further protocol data remaining. bool deferred_end_stream_headers_ : 1; const bool strict_1xx_and_204_headers_ : 1; bool dispatching_ : 1; private: enum class HeaderParsingState { Field, Value, Done }; virtual HeaderMap& headersOrTrailers() PURE; virtual RequestOrResponseHeaderMap& requestOrResponseHeaders() PURE; virtual void allocHeaders() PURE; virtual void allocTrailers() PURE; /** * Called in order to complete an in progress header decode. * @return A status representing success. */ Status completeLastHeader(); /** * Check if header name contains underscore character. * Underscore character is allowed in header names by the RFC-7230 and this check is implemented * as a security measure due to systems that treat '_' and '-' as interchangeable. * The ServerConnectionImpl may drop header or reject request based on the * `common_http_protocol_options.headers_with_underscores_action` configuration option in the * HttpConnectionManager. */ virtual bool shouldDropHeaderWithUnderscoresInNames(absl::string_view /* header_name */) const { return false; } /** * An inner dispatch call that executes the dispatching logic. While exception removal is in * migration (#10878), this function may either throw an exception or return an error status. * Exceptions are caught and translated to their corresponding statuses in the outer level * dispatch. * TODO(#10878): Remove this when exception removal is complete. */ Http::Status innerDispatch(Buffer::Instance& data); /** * Dispatch a memory span. * @param slice supplies the start address. * @len supplies the length of the span. */ Envoy::StatusOr dispatchSlice(const char* slice, size_t len); /** * Called by the http_parser when body data is received. * @param data supplies the start address. * @param length supplies the length. */ void bufferBody(const char* data, size_t length); /** * Push the accumulated body through the filter pipeline. */ void dispatchBufferedBody(); /** * Called when a request/response is beginning. A base routine happens first then a virtual * dispatch is invoked. */ virtual Status onMessageBegin() PURE; /** * Called when URL data is received. * @param data supplies the start address. * @param length supplies the length. */ virtual Status onUrl(const char* data, size_t length) PURE; /** * Called when header field data is received. * @param data supplies the start address. * @param length supplies the length. * @return A status representing success. */ Status onHeaderField(const char* data, size_t length); /** * Called when header value data is received. * @param data supplies the start address. * @param length supplies the length. * @return A status representing success. */ Status onHeaderValue(const char* data, size_t length); /** * Called when headers are complete. A base routine happens first then a virtual dispatch is * invoked. Note that this only applies to headers and NOT trailers. End of * trailers are signaled via onMessageCompleteBase(). * @return An error status or an integer representing 0 if no error, 1 if there should be no body. */ Envoy::StatusOr onHeadersCompleteBase(); virtual Envoy::StatusOr onHeadersComplete() PURE; /** * Called to see if upgrade transition is allowed. */ virtual bool upgradeAllowed() const PURE; /** * Called with body data is available for processing when either: * - There is an accumulated partial body after the parser is done processing bytes read from the * socket * - The parser encounters the last byte of the body * - The codec does a direct dispatch from the read buffer * For performance reasons there is at most one call to onBody per call to HTTP/1 * ConnectionImpl::dispatch call. * @param data supplies the body data */ virtual void onBody(Buffer::Instance& data) PURE; /** * Called when the request/response is complete. * @return A status representing success. */ Status onMessageCompleteBase(); virtual void onMessageComplete() PURE; /** * Called when accepting a chunk header. */ void onChunkHeader(bool is_final_chunk); /** * @see onResetStreamBase(). */ virtual void onResetStream(StreamResetReason reason) PURE; /** * Send a protocol error response to remote. */ virtual Status sendProtocolError(absl::string_view details) PURE; /** * Called when output_buffer_ or the underlying connection go from below a low watermark to over * a high watermark. */ virtual void onAboveHighWatermark() PURE; /** * Called when output_buffer_ or the underlying connection go from above a high watermark to * below a low watermark. */ virtual void onBelowLowWatermark() PURE; /** * Check if header name contains underscore character. * The ServerConnectionImpl may drop header or reject request based on configuration. * @return A status representing whether the request is rejected. */ virtual Status checkHeaderNameForUnderscores() { return okStatus(); } static http_parser_settings settings_; HeaderParsingState header_parsing_state_{HeaderParsingState::Field}; // Used to accumulate the HTTP message body during the current dispatch call. The accumulated body // is pushed through the filter pipeline either at the end of the current dispatch call, or when // the last byte of the body is processed (whichever happens first). Buffer::OwnedImpl buffered_body_; Buffer::WatermarkBuffer output_buffer_; Protocol protocol_{Protocol::Http11}; const uint32_t max_headers_kb_; const uint32_t max_headers_count_; }; /** * Implementation of Http::ServerConnection for HTTP/1.1. */ class ServerConnectionImpl : public ServerConnection, public ConnectionImpl { public: ServerConnectionImpl(Network::Connection& connection, CodecStats& stats, ServerConnectionCallbacks& callbacks, const Http1Settings& settings, uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); bool supportsHttp10() override { return codec_settings_.accept_http_10_; } protected: /** * An active HTTP/1.1 request. */ struct ActiveRequest { ActiveRequest(ServerConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter) : response_encoder_(connection, header_key_formatter, connection.codec_settings_.stream_error_on_invalid_http_message_) {} HeaderString request_url_; RequestDecoder* request_decoder_{}; ResponseEncoderImpl response_encoder_; bool remote_complete_{}; }; absl::optional& activeRequest() { return active_request_; } // ConnectionImpl void onMessageComplete() override; // Add the size of the request_url to the reported header size when processing request headers. uint32_t getHeadersSize() override; private: /** * Manipulate the request's first line, parsing the url and converting to a relative path if * necessary. Compute Host / :authority headers based on 7230#5.7 and 7230#6 * * @param is_connect true if the request has the CONNECT method * @param headers the request's headers * @return Status representing success or failure. This will fail if there is an invalid url in * the request line. */ Status handlePath(RequestHeaderMap& headers, unsigned int method); // ConnectionImpl void onEncodeComplete() override; Status onMessageBegin() override; Status onUrl(const char* data, size_t length) override; Envoy::StatusOr onHeadersComplete() override; // If upgrade behavior is not allowed, the HCM will have sanitized the headers out. bool upgradeAllowed() const override { return true; } void onBody(Buffer::Instance& data) override; void onResetStream(StreamResetReason reason) override; Status sendProtocolError(absl::string_view details) override; void onAboveHighWatermark() override; void onBelowLowWatermark() override; HeaderMap& headersOrTrailers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } RequestOrResponseHeaderMap& requestOrResponseHeaders() override { return *absl::get(headers_or_trailers_); } void allocHeaders() override { ASSERT(nullptr == absl::get(headers_or_trailers_)); ASSERT(!processing_trailers_); headers_or_trailers_.emplace(RequestHeaderMapImpl::create()); } void allocTrailers() override { ASSERT(processing_trailers_); if (!absl::holds_alternative(headers_or_trailers_)) { headers_or_trailers_.emplace(RequestTrailerMapImpl::create()); } } void sendProtocolErrorOld(absl::string_view details); void releaseOutboundResponse(const Buffer::OwnedBufferFragmentImpl* fragment); void maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer& output_buffer) override; Status doFloodProtectionChecks() const; Status checkHeaderNameForUnderscores() override; ServerConnectionCallbacks& callbacks_; absl::optional active_request_; const Buffer::OwnedBufferFragmentImpl::Releasor response_buffer_releasor_; uint32_t outbound_responses_{}; // This defaults to 2, which functionally disables pipelining. If any users // of Envoy wish to enable pipelining (which is dangerous and ill supported) // we could make this configurable. uint32_t max_outbound_responses_{}; bool flood_protection_{}; // TODO(mattklein123): This should be a member of ActiveRequest but this change needs dedicated // thought as some of the reset and no header code paths make this difficult. Headers are // populated on message begin. Trailers are populated on the first parsed trailer field (if // trailers are enabled). The variant is reset to null headers on message complete for assertion // purposes. absl::variant headers_or_trailers_; // The action to take when a request header name contains underscore characters. const envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; }; /** * Implementation of Http::ClientConnection for HTTP/1.1. */ class ClientConnectionImpl : public ClientConnection, public ConnectionImpl { public: ClientConnectionImpl(Network::Connection& connection, CodecStats& stats, ConnectionCallbacks& callbacks, const Http1Settings& settings, const uint32_t max_response_headers_count); // Http::ClientConnection RequestEncoder& newStream(ResponseDecoder& response_decoder) override; private: struct PendingResponse { PendingResponse(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter, ResponseDecoder* decoder) : encoder_(connection, header_key_formatter), decoder_(decoder) {} RequestEncoderImpl encoder_; ResponseDecoder* decoder_; }; bool cannotHaveBody(); // ConnectionImpl void onEncodeComplete() override {} Status onMessageBegin() override { return okStatus(); } Status onUrl(const char*, size_t) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Envoy::StatusOr onHeadersComplete() override; bool upgradeAllowed() const override; void onBody(Buffer::Instance& data) override; void onMessageComplete() override; void onResetStream(StreamResetReason reason) override; Status sendProtocolError(absl::string_view details) override; void onAboveHighWatermark() override; void onBelowLowWatermark() override; HeaderMap& headersOrTrailers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } RequestOrResponseHeaderMap& requestOrResponseHeaders() override { return *absl::get(headers_or_trailers_); } void allocHeaders() override { ASSERT(nullptr == absl::get(headers_or_trailers_)); ASSERT(!processing_trailers_); headers_or_trailers_.emplace(ResponseHeaderMapImpl::create()); } void allocTrailers() override { ASSERT(processing_trailers_); if (!absl::holds_alternative(headers_or_trailers_)) { headers_or_trailers_.emplace(ResponseTrailerMapImpl::create()); } } absl::optional pending_response_; // TODO(mattklein123): The following bool tracks whether a pending response is complete before // dispatching callbacks. This is needed so that pending_response_ stays valid during callbacks // in order to access the stream, but to avoid invoking callbacks that shouldn't be called once // the response is complete. The existence of this variable is hard to reason about and it should // be combined with pending_response_ somehow in a follow up cleanup. bool pending_response_done_{true}; // Set true between receiving non-101 1xx headers and receiving the spurious onMessageComplete. bool ignore_message_complete_for_1xx_{}; // TODO(mattklein123): This should be a member of PendingResponse but this change needs dedicated // thought as some of the reset and no header code paths make this difficult. Headers are // populated on message begin. Trailers are populated when the switch to trailer processing is // detected while parsing the first trailer field (if trailers are enabled). The variant is reset // to null headers on message complete for assertion purposes. absl::variant headers_or_trailers_; // The default limit of 80 KiB is the vanilla http_parser behaviour. static constexpr uint32_t MAX_RESPONSE_HEADERS_KB = 80; }; } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/codec_impl_legacy.cc ================================================ #include "common/http/http1/codec_impl_legacy.h" #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/http/codec.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "common/common/enum_to_int.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/exception.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http1/header_formatter.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" #include "absl/strings/ascii.h" namespace Envoy { namespace Http { namespace Legacy { namespace Http1 { namespace { struct Http1ResponseCodeDetailValues { const absl::string_view TooManyHeaders = "http1.too_many_headers"; const absl::string_view HeadersTooLarge = "http1.headers_too_large"; const absl::string_view HttpCodecError = "http1.codec_error"; const absl::string_view InvalidCharacters = "http1.invalid_characters"; const absl::string_view ConnectionHeaderSanitization = "http1.connection_header_rejected"; const absl::string_view InvalidUrl = "http1.invalid_url"; const absl::string_view InvalidTransferEncoding = "http1.invalid_transfer_encoding"; const absl::string_view BodyDisallowed = "http1.body_disallowed"; const absl::string_view TransferEncodingNotAllowed = "http1.transfer_encoding_not_allowed"; const absl::string_view ContentLengthNotAllowed = "http1.content_length_not_allowed"; const absl::string_view InvalidUnderscore = "http1.unexpected_underscore"; const absl::string_view ChunkedContentLength = "http1.content_length_and_chunked_not_allowed"; }; struct Http1HeaderTypesValues { const absl::string_view Headers = "headers"; const absl::string_view Trailers = "trailers"; }; using Http1ResponseCodeDetails = ConstSingleton; using Http1HeaderTypes = ConstSingleton; using Http::Http1::CodecStats; using Http::Http1::HeaderKeyFormatter; using Http::Http1::HeaderKeyFormatterPtr; using Http::Http1::ProperCaseHeaderKeyFormatter; const StringUtil::CaseUnorderedSet& caseUnorderdSetContainingUpgradeAndHttp2Settings() { CONSTRUCT_ON_FIRST_USE(StringUtil::CaseUnorderedSet, Http::Headers::get().ConnectionValues.Upgrade, Http::Headers::get().ConnectionValues.Http2Settings); } HeaderKeyFormatterPtr formatter(const Http::Http1Settings& settings) { if (settings.header_key_format_ == Http1Settings::HeaderKeyFormat::ProperCase) { return std::make_unique(); } return nullptr; } } // namespace const std::string StreamEncoderImpl::CRLF = "\r\n"; // Last chunk as defined here https://tools.ietf.org/html/rfc7230#section-4.1 const std::string StreamEncoderImpl::LAST_CHUNK = "0\r\n"; StreamEncoderImpl::StreamEncoderImpl(ConnectionImpl& connection, HeaderKeyFormatter* header_key_formatter) : connection_(connection), disable_chunk_encoding_(false), chunk_encoding_(true), is_response_to_head_request_(false), is_response_to_connect_request_(false), header_key_formatter_(header_key_formatter) { if (connection_.connection().aboveHighWatermark()) { runHighWatermarkCallbacks(); } } void StreamEncoderImpl::encodeHeader(const char* key, uint32_t key_size, const char* value, uint32_t value_size) { ASSERT(key_size > 0); connection_.copyToBuffer(key, key_size); connection_.addCharToBuffer(':'); connection_.addCharToBuffer(' '); connection_.copyToBuffer(value, value_size); connection_.addToBuffer(CRLF); } void StreamEncoderImpl::encodeHeader(absl::string_view key, absl::string_view value) { this->encodeHeader(key.data(), key.size(), value.data(), value.size()); } void StreamEncoderImpl::encodeFormattedHeader(absl::string_view key, absl::string_view value) { if (header_key_formatter_ != nullptr) { encodeHeader(header_key_formatter_->format(key), value); } else { encodeHeader(key, value); } } void ResponseEncoderImpl::encode100ContinueHeaders(const ResponseHeaderMap& headers) { ASSERT(headers.Status()->value() == "100"); encodeHeaders(headers, false); } void StreamEncoderImpl::encodeHeadersBase(const RequestOrResponseHeaderMap& headers, absl::optional status, bool end_stream) { bool saw_content_length = false; headers.iterate([this](const HeaderEntry& header) -> HeaderMap::Iterate { absl::string_view key_to_use = header.key().getStringView(); uint32_t key_size_to_use = header.key().size(); // Translate :authority -> host so that upper layers do not need to deal with this. if (key_size_to_use > 1 && key_to_use[0] == ':' && key_to_use[1] == 'a') { key_to_use = absl::string_view(Headers::get().HostLegacy.get()); key_size_to_use = Headers::get().HostLegacy.get().size(); } // Skip all headers starting with ':' that make it here. if (key_to_use[0] == ':') { return HeaderMap::Iterate::Continue; } encodeFormattedHeader(key_to_use, header.value().getStringView()); return HeaderMap::Iterate::Continue; }); if (headers.ContentLength()) { saw_content_length = true; } ASSERT(!headers.TransferEncoding()); // Assume we are chunk encoding unless we are passed a content length or this is a header only // response. Upper layers generally should strip transfer-encoding since it only applies to // HTTP/1.1. The codec will infer it based on the type of response. // for streaming (e.g. SSE stream sent to hystrix dashboard), we do not want // chunk transfer encoding but we don't have a content-length so disable_chunk_encoding_ is // consulted before enabling chunk encoding. // // Note that for HEAD requests Envoy does best-effort guessing when there is no // content-length. If a client makes a HEAD request for an upstream resource // with no bytes but the upstream response doesn't include "Content-length: 0", // Envoy will incorrectly assume a subsequent response to GET will be chunk encoded. if (saw_content_length || disable_chunk_encoding_) { chunk_encoding_ = false; } else { if (status && *status == 100) { // Make sure we don't serialize chunk information with 100-Continue headers. chunk_encoding_ = false; } else if (end_stream && !is_response_to_head_request_) { // If this is a headers-only stream, append an explicit "Content-Length: 0" unless it's a // response to a HEAD request. // For 204s and 1xx where content length is disallowed, don't append the content length but // also don't chunk encode. if (!status || (*status >= 200 && *status != 204)) { encodeFormattedHeader(Headers::get().ContentLength.get(), "0"); } chunk_encoding_ = false; } else if (connection_.protocol() == Protocol::Http10) { chunk_encoding_ = false; } else if (status && (*status < 200 || *status == 204) && connection_.strict1xxAnd204Headers()) { // TODO(zuercher): when the "envoy.reloadable_features.strict_1xx_and_204_response_headers" // feature flag is removed, this block can be coalesced with the 100 Continue logic above. // For 1xx and 204 responses, do not send the chunked encoding header or enable chunked // encoding: https://tools.ietf.org/html/rfc7230#section-3.3.1 chunk_encoding_ = false; } else { // For responses to connect requests, do not send the chunked encoding header: // https://tools.ietf.org/html/rfc7231#section-4.3.6. if (!is_response_to_connect_request_) { encodeFormattedHeader(Headers::get().TransferEncoding.get(), Headers::get().TransferEncodingValues.Chunked); } // We do not apply chunk encoding for HTTP upgrades, including CONNECT style upgrades. // If there is a body in a response on the upgrade path, the chunks will be // passed through via maybeDirectDispatch so we need to avoid appending // extra chunk boundaries. // // When sending a response to a HEAD request Envoy may send an informational // "Transfer-Encoding: chunked" header, but should not send a chunk encoded body. chunk_encoding_ = !Utility::isUpgrade(headers) && !is_response_to_head_request_ && !is_response_to_connect_request_; } } connection_.addToBuffer(CRLF); if (end_stream) { endEncode(); } else { connection_.flushOutput(); } } void StreamEncoderImpl::encodeData(Buffer::Instance& data, bool end_stream) { // end_stream may be indicated with a zero length data buffer. If that is the case, so not // actually write the zero length buffer out. if (data.length() > 0) { if (chunk_encoding_) { connection_.buffer().add(absl::StrCat(absl::Hex(data.length()), CRLF)); } connection_.buffer().move(data); if (chunk_encoding_) { connection_.buffer().add(CRLF); } } if (end_stream) { endEncode(); } else { connection_.flushOutput(); } } void StreamEncoderImpl::encodeTrailersBase(const HeaderMap& trailers) { if (!connection_.enableTrailers()) { return endEncode(); } // Trailers only matter if it is a chunk transfer encoding // https://tools.ietf.org/html/rfc7230#section-4.4 if (chunk_encoding_) { // Finalize the body connection_.buffer().add(LAST_CHUNK); trailers.iterate([this](const HeaderEntry& header) -> HeaderMap::Iterate { encodeFormattedHeader(header.key().getStringView(), header.value().getStringView()); return HeaderMap::Iterate::Continue; }); connection_.flushOutput(); connection_.buffer().add(CRLF); } connection_.flushOutput(); connection_.onEncodeComplete(); } void StreamEncoderImpl::encodeMetadata(const MetadataMapVector&) { connection_.stats().metadata_not_supported_error_.inc(); } void StreamEncoderImpl::endEncode() { if (chunk_encoding_) { connection_.buffer().add(LAST_CHUNK); connection_.buffer().add(CRLF); } connection_.flushOutput(true); connection_.onEncodeComplete(); } void ServerConnectionImpl::maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer& output_buffer) { if (!flood_protection_) { return; } // It's messy and complicated to try to tag the final write of an HTTP response for response // tracking for flood protection. Instead, write an empty buffer fragment after the response, // to allow for tracking. // When the response is written out, the fragment will be deleted and the counter will be updated // by ServerConnectionImpl::releaseOutboundResponse() auto fragment = Buffer::OwnedBufferFragmentImpl::create(absl::string_view("", 0), response_buffer_releasor_); output_buffer.addBufferFragment(*fragment.release()); ASSERT(outbound_responses_ < max_outbound_responses_); outbound_responses_++; } void ServerConnectionImpl::doFloodProtectionChecks() const { if (!flood_protection_) { return; } // Before processing another request, make sure that we are below the response flood protection // threshold. if (outbound_responses_ >= max_outbound_responses_) { ENVOY_CONN_LOG(trace, "error accepting request: too many pending responses queued", connection_); stats_.response_flood_.inc(); throw FrameFloodException("Too many responses queued."); } } void ConnectionImpl::flushOutput(bool end_encode) { if (end_encode) { // If this is an HTTP response in ServerConnectionImpl, track outbound responses for flood // protection maybeAddSentinelBufferFragment(output_buffer_); } connection().write(output_buffer_, false); ASSERT(0UL == output_buffer_.length()); } void ConnectionImpl::addToBuffer(absl::string_view data) { output_buffer_.add(data); } void ConnectionImpl::addCharToBuffer(char c) { output_buffer_.add(&c, 1); } void ConnectionImpl::addIntToBuffer(uint64_t i) { output_buffer_.add(absl::StrCat(i)); } void ConnectionImpl::copyToBuffer(const char* data, uint64_t length) { output_buffer_.add(data, length); } void StreamEncoderImpl::resetStream(StreamResetReason reason) { connection_.onResetStreamBase(reason); } void StreamEncoderImpl::readDisable(bool disable) { if (disable) { ++read_disable_calls_; } else { ASSERT(read_disable_calls_ != 0); if (read_disable_calls_ != 0) { --read_disable_calls_; } } connection_.readDisable(disable); } uint32_t StreamEncoderImpl::bufferLimit() { return connection_.bufferLimit(); } const Network::Address::InstanceConstSharedPtr& StreamEncoderImpl::connectionLocalAddress() { return connection_.connection().localAddress(); } static const char RESPONSE_PREFIX[] = "HTTP/1.1 "; static const char HTTP_10_RESPONSE_PREFIX[] = "HTTP/1.0 "; void ResponseEncoderImpl::encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) { started_response_ = true; // The contract is that client codecs must ensure that :status is present. ASSERT(headers.Status() != nullptr); uint64_t numeric_status = Utility::getResponseStatus(headers); if (connection_.protocol() == Protocol::Http10 && connection_.supportsHttp10()) { connection_.copyToBuffer(HTTP_10_RESPONSE_PREFIX, sizeof(HTTP_10_RESPONSE_PREFIX) - 1); } else { connection_.copyToBuffer(RESPONSE_PREFIX, sizeof(RESPONSE_PREFIX) - 1); } connection_.addIntToBuffer(numeric_status); connection_.addCharToBuffer(' '); const char* status_string = CodeUtility::toString(static_cast(numeric_status)); uint32_t status_string_len = strlen(status_string); connection_.copyToBuffer(status_string, status_string_len); connection_.addCharToBuffer('\r'); connection_.addCharToBuffer('\n'); if (numeric_status >= 300) { // Don't do special CONNECT logic if the CONNECT was rejected. is_response_to_connect_request_ = false; } encodeHeadersBase(headers, absl::make_optional(numeric_status), end_stream); } static const char REQUEST_POSTFIX[] = " HTTP/1.1\r\n"; void RequestEncoderImpl::encodeHeaders(const RequestHeaderMap& headers, bool end_stream) { const HeaderEntry* method = headers.Method(); const HeaderEntry* path = headers.Path(); const HeaderEntry* host = headers.Host(); bool is_connect = HeaderUtility::isConnect(headers); if (!method || (!path && !is_connect)) { // TODO(#10878): This exception does not occur during dispatch and would not be triggered under // normal circumstances since inputs would fail parsing at ingress. Replace with proper error // handling when exceptions are removed. Include missing host header for CONNECT. throw CodecClientException(":method and :path must be specified"); } if (method->value() == Headers::get().MethodValues.Head) { head_request_ = true; } else if (method->value() == Headers::get().MethodValues.Connect) { disableChunkEncoding(); connect_request_ = true; } if (Utility::isUpgrade(headers)) { upgrade_request_ = true; } connection_.copyToBuffer(method->value().getStringView().data(), method->value().size()); connection_.addCharToBuffer(' '); if (is_connect) { connection_.copyToBuffer(host->value().getStringView().data(), host->value().size()); } else { connection_.copyToBuffer(path->value().getStringView().data(), path->value().size()); } connection_.copyToBuffer(REQUEST_POSTFIX, sizeof(REQUEST_POSTFIX) - 1); encodeHeadersBase(headers, absl::nullopt, end_stream); } http_parser_settings ConnectionImpl::settings_{ [](http_parser* parser) -> int { static_cast(parser->data)->onMessageBeginBase(); return 0; }, [](http_parser* parser, const char* at, size_t length) -> int { static_cast(parser->data)->onUrl(at, length); return 0; }, nullptr, // on_status [](http_parser* parser, const char* at, size_t length) -> int { static_cast(parser->data)->onHeaderField(at, length); return 0; }, [](http_parser* parser, const char* at, size_t length) -> int { static_cast(parser->data)->onHeaderValue(at, length); return 0; }, [](http_parser* parser) -> int { return static_cast(parser->data)->onHeadersCompleteBase(); }, [](http_parser* parser, const char* at, size_t length) -> int { static_cast(parser->data)->bufferBody(at, length); return 0; }, [](http_parser* parser) -> int { static_cast(parser->data)->onMessageCompleteBase(); return 0; }, [](http_parser* parser) -> int { // A 0-byte chunk header is used to signal the end of the chunked body. // When this function is called, http-parser holds the size of the chunk in // parser->content_length. See // https://github.com/nodejs/http-parser/blob/v2.9.3/http_parser.h#L336 const bool is_final_chunk = (parser->content_length == 0); static_cast(parser->data)->onChunkHeader(is_final_chunk); return 0; }, nullptr // on_chunk_complete }; ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stats, const Http1Settings& settings, http_parser_type type, uint32_t max_headers_kb, const uint32_t max_headers_count, HeaderKeyFormatterPtr&& header_key_formatter) : connection_(connection), stats_(stats), codec_settings_(settings), header_key_formatter_(std::move(header_key_formatter)), processing_trailers_(false), handling_upgrade_(false), reset_stream_called_(false), deferred_end_stream_headers_(false), strict_1xx_and_204_headers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.strict_1xx_and_204_response_headers")), output_buffer_([&]() -> void { this->onBelowLowWatermark(); }, [&]() -> void { this->onAboveHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }), max_headers_kb_(max_headers_kb), max_headers_count_(max_headers_count) { output_buffer_.setWatermarks(connection.bufferLimit()); http_parser_init(&parser_, type); parser_.allow_chunked_length = 1; parser_.data = this; } void ConnectionImpl::completeLastHeader() { ENVOY_CONN_LOG(trace, "completed header: key={} value={}", connection_, current_header_field_.getStringView(), current_header_value_.getStringView()); checkHeaderNameForUnderscores(); auto& headers_or_trailers = headersOrTrailers(); if (!current_header_field_.empty()) { current_header_field_.inlineTransform([](char c) { return absl::ascii_tolower(c); }); // Strip trailing whitespace of the current header value if any. Leading whitespace was trimmed // in ConnectionImpl::onHeaderValue. http_parser does not strip leading or trailing whitespace // as the spec requires: https://tools.ietf.org/html/rfc7230#section-3.2.4 current_header_value_.rtrim(); headers_or_trailers.addViaMove(std::move(current_header_field_), std::move(current_header_value_)); } // Check if the number of headers exceeds the limit. if (headers_or_trailers.size() > max_headers_count_) { error_code_ = Http::Code::RequestHeaderFieldsTooLarge; sendProtocolError(Http1ResponseCodeDetails::get().TooManyHeaders); const absl::string_view header_type = processing_trailers_ ? Http1HeaderTypes::get().Trailers : Http1HeaderTypes::get().Headers; throw CodecProtocolException(absl::StrCat(header_type, " size exceeds limit")); } header_parsing_state_ = HeaderParsingState::Field; ASSERT(current_header_field_.empty()); ASSERT(current_header_value_.empty()); } uint32_t ConnectionImpl::getHeadersSize() { return current_header_field_.size() + current_header_value_.size() + headersOrTrailers().byteSize(); } void ConnectionImpl::checkMaxHeadersSize() { const uint32_t total = getHeadersSize(); if (total > (max_headers_kb_ * 1024)) { const absl::string_view header_type = processing_trailers_ ? Http1HeaderTypes::get().Trailers : Http1HeaderTypes::get().Headers; error_code_ = Http::Code::RequestHeaderFieldsTooLarge; sendProtocolError(Http1ResponseCodeDetails::get().HeadersTooLarge); throw CodecProtocolException(absl::StrCat(header_type, " size exceeds limit")); } } bool ConnectionImpl::maybeDirectDispatch(Buffer::Instance& data) { if (!handling_upgrade_) { // Only direct dispatch for Upgrade requests. return false; } ENVOY_CONN_LOG(trace, "direct-dispatched {} bytes", connection_, data.length()); onBody(data); data.drain(data.length()); return true; } Http::Status ConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ConnectionImpl::innerDispatch(Buffer::Instance& data) { ENVOY_CONN_LOG(trace, "parsing {} bytes", connection_, data.length()); ASSERT(buffered_body_.length() == 0); if (maybeDirectDispatch(data)) { return Http::okStatus(); } // Always unpause before dispatch. http_parser_pause(&parser_, 0); ssize_t total_parsed = 0; if (data.length() > 0) { for (const Buffer::RawSlice& slice : data.getRawSlices()) { total_parsed += dispatchSlice(static_cast(slice.mem_), slice.len_); if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK) { // Parse errors trigger an exception in dispatchSlice so we are guaranteed to be paused at // this point. ASSERT(HTTP_PARSER_ERRNO(&parser_) == HPE_PAUSED); break; } } dispatchBufferedBody(); } else { dispatchSlice(nullptr, 0); } ASSERT(buffered_body_.length() == 0); ENVOY_CONN_LOG(trace, "parsed {} bytes", connection_, total_parsed); data.drain(total_parsed); // If an upgrade has been handled and there is body data or early upgrade // payload to send on, send it on. maybeDirectDispatch(data); return Http::okStatus(); } size_t ConnectionImpl::dispatchSlice(const char* slice, size_t len) { ssize_t rc = http_parser_execute(&parser_, &settings_, slice, len); if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK && HTTP_PARSER_ERRNO(&parser_) != HPE_PAUSED) { sendProtocolError(Http1ResponseCodeDetails::get().HttpCodecError); throw CodecProtocolException("http/1.1 protocol error: " + std::string(http_errno_name(HTTP_PARSER_ERRNO(&parser_)))); } return rc; } void ConnectionImpl::onHeaderField(const char* data, size_t length) { // We previously already finished up the headers, these headers are // now trailers. if (header_parsing_state_ == HeaderParsingState::Done) { if (!enableTrailers()) { // Ignore trailers. return; } processing_trailers_ = true; header_parsing_state_ = HeaderParsingState::Field; allocTrailers(); } if (header_parsing_state_ == HeaderParsingState::Value) { completeLastHeader(); } current_header_field_.append(data, length); checkMaxHeadersSize(); } void ConnectionImpl::onHeaderValue(const char* data, size_t length) { if (header_parsing_state_ == HeaderParsingState::Done && !enableTrailers()) { // Ignore trailers. return; } absl::string_view header_value{data, length}; if (!Http::HeaderUtility::headerValueIsValid(header_value)) { ENVOY_CONN_LOG(debug, "invalid header value: {}", connection_, header_value); error_code_ = Http::Code::BadRequest; sendProtocolError(Http1ResponseCodeDetails::get().InvalidCharacters); throw CodecProtocolException("http/1.1 protocol error: header value contains invalid chars"); } header_parsing_state_ = HeaderParsingState::Value; if (current_header_value_.empty()) { // Strip leading whitespace if the current header value input contains the first bytes of the // encoded header value. Trailing whitespace is stripped once the full header value is known in // ConnectionImpl::completeLastHeader. http_parser does not strip leading or trailing whitespace // as the spec requires: https://tools.ietf.org/html/rfc7230#section-3.2.4 . header_value = StringUtil::ltrim(header_value); } current_header_value_.append(header_value.data(), header_value.length()); checkMaxHeadersSize(); } int ConnectionImpl::onHeadersCompleteBase() { ASSERT(!processing_trailers_); ENVOY_CONN_LOG(trace, "onHeadersCompleteBase", connection_); completeLastHeader(); if (!(parser_.http_major == 1 && parser_.http_minor == 1)) { // This is not necessarily true, but it's good enough since higher layers only care if this is // HTTP/1.1 or not. protocol_ = Protocol::Http10; } RequestOrResponseHeaderMap& request_or_response_headers = requestOrResponseHeaders(); if (Utility::isUpgrade(request_or_response_headers) && upgradeAllowed()) { // Ignore h2c upgrade requests until we support them. // See https://github.com/envoyproxy/envoy/issues/7161 for details. if (absl::EqualsIgnoreCase(request_or_response_headers.getUpgradeValue(), Http::Headers::get().UpgradeValues.H2c)) { ENVOY_CONN_LOG(trace, "removing unsupported h2c upgrade headers.", connection_); request_or_response_headers.removeUpgrade(); if (request_or_response_headers.Connection()) { const auto& tokens_to_remove = caseUnorderdSetContainingUpgradeAndHttp2Settings(); std::string new_value = StringUtil::removeTokens( request_or_response_headers.getConnectionValue(), ",", tokens_to_remove, ","); if (new_value.empty()) { request_or_response_headers.removeConnection(); } else { request_or_response_headers.setConnection(new_value); } } request_or_response_headers.remove(Headers::get().Http2Settings); } else { ENVOY_CONN_LOG(trace, "codec entering upgrade mode.", connection_); handling_upgrade_ = true; } } if (parser_.method == HTTP_CONNECT) { if (request_or_response_headers.ContentLength()) { if (request_or_response_headers.getContentLengthValue() == "0") { request_or_response_headers.removeContentLength(); } else { // Per https://tools.ietf.org/html/rfc7231#section-4.3.6 a payload with a // CONNECT request has no defined semantics, and may be rejected. error_code_ = Http::Code::BadRequest; sendProtocolError(Http1ResponseCodeDetails::get().BodyDisallowed); throw CodecProtocolException("http/1.1 protocol error: unsupported content length"); } } ENVOY_CONN_LOG(trace, "codec entering upgrade mode for CONNECT request.", connection_); handling_upgrade_ = true; } // https://tools.ietf.org/html/rfc7230#section-3.3.3 // If a message is received with both a Transfer-Encoding and a // Content-Length header field, the Transfer-Encoding overrides the // Content-Length. Such a message might indicate an attempt to // perform request smuggling (Section 9.5) or response splitting // (Section 9.4) and ought to be handled as an error. A sender MUST // remove the received Content-Length field prior to forwarding such // a message. // Reject message with Http::Code::BadRequest if both Transfer-Encoding and Content-Length // headers are present or if allowed by http1 codec settings and 'Transfer-Encoding' // is chunked - remove Content-Length and serve request. if (parser_.uses_transfer_encoding != 0 && request_or_response_headers.ContentLength()) { if ((parser_.flags & F_CHUNKED) && codec_settings_.allow_chunked_length_) { request_or_response_headers.removeContentLength(); } else { error_code_ = Http::Code::BadRequest; sendProtocolError(Http1ResponseCodeDetails::get().ChunkedContentLength); throw CodecProtocolException( "http/1.1 protocol error: both 'Content-Length' and 'Transfer-Encoding' are set."); } } // Per https://tools.ietf.org/html/rfc7230#section-3.3.1 Envoy should reject // transfer-codings it does not understand. // Per https://tools.ietf.org/html/rfc7231#section-4.3.6 a payload with a // CONNECT request has no defined semantics, and may be rejected. if (request_or_response_headers.TransferEncoding()) { const absl::string_view encoding = request_or_response_headers.getTransferEncodingValue(); if (!absl::EqualsIgnoreCase(encoding, Headers::get().TransferEncodingValues.Chunked) || parser_.method == HTTP_CONNECT) { error_code_ = Http::Code::NotImplemented; sendProtocolError(Http1ResponseCodeDetails::get().InvalidTransferEncoding); throw CodecProtocolException("http/1.1 protocol error: unsupported transfer encoding"); } } int rc = onHeadersComplete(); header_parsing_state_ = HeaderParsingState::Done; // Returning 2 informs http_parser to not expect a body or further data on this connection. return handling_upgrade_ ? 2 : rc; } void ConnectionImpl::bufferBody(const char* data, size_t length) { buffered_body_.add(data, length); } void ConnectionImpl::dispatchBufferedBody() { ASSERT(HTTP_PARSER_ERRNO(&parser_) == HPE_OK || HTTP_PARSER_ERRNO(&parser_) == HPE_PAUSED); if (buffered_body_.length() > 0) { onBody(buffered_body_); buffered_body_.drain(buffered_body_.length()); } } void ConnectionImpl::onChunkHeader(bool is_final_chunk) { if (is_final_chunk) { // Dispatch body before parsing trailers, so body ends up dispatched even if an error is found // while processing trailers. dispatchBufferedBody(); } } void ConnectionImpl::onMessageCompleteBase() { ENVOY_CONN_LOG(trace, "message complete", connection_); dispatchBufferedBody(); if (handling_upgrade_) { // If this is an upgrade request, swallow the onMessageComplete. The // upgrade payload will be treated as stream body. ASSERT(!deferred_end_stream_headers_); ENVOY_CONN_LOG(trace, "Pausing parser due to upgrade.", connection_); http_parser_pause(&parser_, 1); return; } // If true, this indicates we were processing trailers and must // move the last header into current_header_map_ if (header_parsing_state_ == HeaderParsingState::Value) { completeLastHeader(); } onMessageComplete(); } void ConnectionImpl::onMessageBeginBase() { ENVOY_CONN_LOG(trace, "message begin", connection_); // Make sure that if HTTP/1.0 and HTTP/1.1 requests share a connection Envoy correctly sets // protocol for each request. Envoy defaults to 1.1 but sets the protocol to 1.0 where applicable // in onHeadersCompleteBase protocol_ = Protocol::Http11; processing_trailers_ = false; header_parsing_state_ = HeaderParsingState::Field; allocHeaders(); onMessageBegin(); } void ConnectionImpl::onResetStreamBase(StreamResetReason reason) { ASSERT(!reset_stream_called_); reset_stream_called_ = true; onResetStream(reason); } ServerConnectionImpl::ServerConnectionImpl( Network::Connection& connection, CodecStats& stats, ServerConnectionCallbacks& callbacks, const Http1Settings& settings, uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) : ConnectionImpl(connection, stats, settings, HTTP_REQUEST, max_request_headers_kb, max_request_headers_count, formatter(settings)), callbacks_(callbacks), response_buffer_releasor_([this](const Buffer::OwnedBufferFragmentImpl* fragment) { releaseOutboundResponse(fragment); }), // Pipelining is generally not well supported on the internet and has a series of dangerous // overflow bugs. As such we are disabling it for now, and removing this temporary override if // no one objects. If you use this integer to restore prior behavior, contact the // maintainer team as it will otherwise be removed entirely soon. max_outbound_responses_( Runtime::getInteger("envoy.do_not_use_going_away_max_http2_outbound_responses", 2)), flood_protection_( Runtime::runtimeFeatureEnabled("envoy.reloadable_features.http1_flood_protection")), headers_with_underscores_action_(headers_with_underscores_action) {} uint32_t ServerConnectionImpl::getHeadersSize() { // Add in the size of the request URL if processing request headers. const uint32_t url_size = (!processing_trailers_ && active_request_.has_value()) ? active_request_.value().request_url_.size() : 0; return url_size + ConnectionImpl::getHeadersSize(); } void ServerConnectionImpl::onEncodeComplete() { if (active_request_.value().remote_complete_) { // Only do this if remote is complete. If we are replying before the request is complete the // only logical thing to do is for higher level code to reset() / close the connection so we // leave the request around so that it can fire reset callbacks. active_request_.reset(); } } void ServerConnectionImpl::handlePath(RequestHeaderMap& headers, unsigned int method) { HeaderString path(Headers::get().Path); bool is_connect = (method == HTTP_CONNECT); // The url is relative or a wildcard when the method is OPTIONS. Nothing to do here. auto& active_request = active_request_.value(); if (!is_connect && !active_request.request_url_.getStringView().empty() && (active_request.request_url_.getStringView()[0] == '/' || ((method == HTTP_OPTIONS) && active_request.request_url_.getStringView()[0] == '*'))) { headers.addViaMove(std::move(path), std::move(active_request.request_url_)); return; } // If absolute_urls and/or connect are not going be handled, copy the url and return. // This forces the behavior to be backwards compatible with the old codec behavior. // CONNECT "urls" are actually host:port so look like absolute URLs to the above checks. // Absolute URLS in CONNECT requests will be rejected below by the URL class validation. if (!codec_settings_.allow_absolute_url_ && !is_connect) { headers.addViaMove(std::move(path), std::move(active_request.request_url_)); return; } Utility::Url absolute_url; if (!absolute_url.initialize(active_request.request_url_.getStringView(), is_connect)) { sendProtocolError(Http1ResponseCodeDetails::get().InvalidUrl); throw CodecProtocolException("http/1.1 protocol error: invalid url in request line"); } // RFC7230#5.7 // When a proxy receives a request with an absolute-form of // request-target, the proxy MUST ignore the received Host header field // (if any) and instead replace it with the host information of the // request-target. A proxy that forwards such a request MUST generate a // new Host field-value based on the received request-target rather than // forward the received Host field-value. headers.setHost(absolute_url.hostAndPort()); if (!absolute_url.pathAndQueryParams().empty()) { headers.setPath(absolute_url.pathAndQueryParams()); } active_request.request_url_.clear(); } int ServerConnectionImpl::onHeadersComplete() { // Handle the case where response happens prior to request complete. It's up to upper layer code // to disconnect the connection but we shouldn't fire any more events since it doesn't make // sense. if (active_request_.has_value()) { auto& active_request = active_request_.value(); auto& headers = absl::get(headers_or_trailers_); ENVOY_CONN_LOG(trace, "Server: onHeadersComplete size={}", connection_, headers->size()); const char* method_string = http_method_str(static_cast(parser_.method)); if (!handling_upgrade_ && headers->Connection()) { // If we fail to sanitize the request, return a 400 to the client if (!Utility::sanitizeConnectionHeader(*headers)) { absl::string_view header_value = headers->getConnectionValue(); ENVOY_CONN_LOG(debug, "Invalid nominated headers in Connection: {}", connection_, header_value); error_code_ = Http::Code::BadRequest; sendProtocolError(Http1ResponseCodeDetails::get().ConnectionHeaderSanitization); throw CodecProtocolException("Invalid nominated headers in Connection."); } } // Inform the response encoder about any HEAD method, so it can set content // length and transfer encoding headers correctly. active_request.response_encoder_.setIsResponseToHeadRequest(parser_.method == HTTP_HEAD); active_request.response_encoder_.setIsResponseToConnectRequest(parser_.method == HTTP_CONNECT); handlePath(*headers, parser_.method); ASSERT(active_request.request_url_.empty()); headers->setMethod(method_string); // Make sure the host is valid. auto details = HeaderUtility::requestHeadersValid(*headers); if (details.has_value()) { sendProtocolError(details.value().get()); throw CodecProtocolException( "http/1.1 protocol error: request headers failed spec compliance checks"); } // Determine here whether we have a body or not. This uses the new RFC semantics where the // presence of content-length or chunked transfer-encoding indicates a body vs. a particular // method. If there is no body, we defer raising decodeHeaders() until the parser is flushed // with message complete. This allows upper layers to behave like HTTP/2 and prevents a proxy // scenario where the higher layers stream through and implicitly switch to chunked transfer // encoding because end stream with zero body length has not yet been indicated. if (parser_.flags & F_CHUNKED || (parser_.content_length > 0 && parser_.content_length != ULLONG_MAX) || handling_upgrade_) { active_request.request_decoder_->decodeHeaders(std::move(headers), false); // If the connection has been closed (or is closing) after decoding headers, pause the parser // so we return control to the caller. if (connection_.state() != Network::Connection::State::Open) { http_parser_pause(&parser_, 1); } } else { deferred_end_stream_headers_ = true; } } return 0; } void ServerConnectionImpl::onMessageBegin() { if (!resetStreamCalled()) { ASSERT(!active_request_.has_value()); active_request_.emplace(*this, header_key_formatter_.get()); auto& active_request = active_request_.value(); active_request.request_decoder_ = &callbacks_.newStream(active_request.response_encoder_); // Check for pipelined request flood as we prepare to accept a new request. // Parse errors that happen prior to onMessageBegin result in stream termination, it is not // possible to overflow output buffers with early parse errors. doFloodProtectionChecks(); } } void ServerConnectionImpl::onUrl(const char* data, size_t length) { if (active_request_.has_value()) { active_request_.value().request_url_.append(data, length); checkMaxHeadersSize(); } } void ServerConnectionImpl::onBody(Buffer::Instance& data) { ASSERT(!deferred_end_stream_headers_); if (active_request_.has_value()) { ENVOY_CONN_LOG(trace, "body size={}", connection_, data.length()); active_request_.value().request_decoder_->decodeData(data, false); } } void ServerConnectionImpl::onMessageComplete() { ASSERT(!handling_upgrade_); if (active_request_.has_value()) { auto& active_request = active_request_.value(); if (active_request.request_decoder_) { active_request.response_encoder_.readDisable(true); } active_request.remote_complete_ = true; if (deferred_end_stream_headers_) { active_request.request_decoder_->decodeHeaders( std::move(absl::get(headers_or_trailers_)), true); deferred_end_stream_headers_ = false; } else if (processing_trailers_) { active_request.request_decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } else { Buffer::OwnedImpl buffer; active_request.request_decoder_->decodeData(buffer, true); } // Reset to ensure no information from one requests persists to the next. headers_or_trailers_.emplace(nullptr); } // Always pause the parser so that the calling code can process 1 request at a time and apply // back pressure. However this means that the calling code needs to detect if there is more data // in the buffer and dispatch it again. http_parser_pause(&parser_, 1); } void ServerConnectionImpl::onResetStream(StreamResetReason reason) { active_request_.value().response_encoder_.runResetCallbacks(reason); active_request_.reset(); } void ServerConnectionImpl::sendProtocolErrorOld(absl::string_view details) { if (active_request_.has_value()) { active_request_.value().response_encoder_.setDetails(details); } // We do this here because we may get a protocol error before we have a logical stream. Higher // layers can only operate on streams, so there is no coherent way to allow them to send an error // "out of band." On one hand this is kind of a hack but on the other hand it normalizes HTTP/1.1 // to look more like HTTP/2 to higher layers. if (!active_request_.has_value() || !active_request_.value().response_encoder_.startedResponse()) { Buffer::OwnedImpl bad_request_response( absl::StrCat("HTTP/1.1 ", error_code_, " ", CodeUtility::toString(error_code_), "\r\ncontent-length: 0\r\nconnection: close\r\n\r\n")); connection_.write(bad_request_response, false); } } void ServerConnectionImpl::sendProtocolError(absl::string_view details) { if (!Runtime::runtimeFeatureEnabled("envoy.reloadable_features.early_errors_via_hcm")) { sendProtocolErrorOld(details); return; } // We do this here because we may get a protocol error before we have a logical stream. if (!active_request_.has_value()) { onMessageBeginBase(); } ASSERT(active_request_.has_value()); active_request_.value().response_encoder_.setDetails(details); if (!active_request_.value().response_encoder_.startedResponse()) { // Note that the correctness of is_grpc_request and is_head_request is best-effort. // If headers have not been fully parsed they may not be inferred correctly. bool is_grpc_request = false; if (absl::holds_alternative(headers_or_trailers_) && absl::get(headers_or_trailers_) != nullptr) { is_grpc_request = Grpc::Common::isGrpcRequestHeaders(*absl::get(headers_or_trailers_)); } active_request_->request_decoder_->sendLocalReply(is_grpc_request, error_code_, CodeUtility::toString(error_code_), nullptr, absl::nullopt, details); return; } } void ServerConnectionImpl::onAboveHighWatermark() { if (active_request_.has_value()) { active_request_.value().response_encoder_.runHighWatermarkCallbacks(); } } void ServerConnectionImpl::onBelowLowWatermark() { if (active_request_.has_value()) { active_request_.value().response_encoder_.runLowWatermarkCallbacks(); } } void ServerConnectionImpl::releaseOutboundResponse( const Buffer::OwnedBufferFragmentImpl* fragment) { ASSERT(outbound_responses_ >= 1); --outbound_responses_; delete fragment; } void ServerConnectionImpl::checkHeaderNameForUnderscores() { if (headers_with_underscores_action_ != envoy::config::core::v3::HttpProtocolOptions::ALLOW && Http::HeaderUtility::headerNameContainsUnderscore(current_header_field_.getStringView())) { if (headers_with_underscores_action_ == envoy::config::core::v3::HttpProtocolOptions::DROP_HEADER) { ENVOY_CONN_LOG(debug, "Dropping header with invalid characters in its name: {}", connection_, current_header_field_.getStringView()); stats_.dropped_headers_with_underscores_.inc(); current_header_field_.clear(); current_header_value_.clear(); } else { ENVOY_CONN_LOG(debug, "Rejecting request due to header name with underscores: {}", connection_, current_header_field_.getStringView()); error_code_ = Http::Code::BadRequest; sendProtocolError(Http1ResponseCodeDetails::get().InvalidUnderscore); stats_.requests_rejected_with_underscores_in_headers_.inc(); throw CodecProtocolException("http/1.1 protocol error: header name contains underscores"); } } } ClientConnectionImpl::ClientConnectionImpl(Network::Connection& connection, CodecStats& stats, ConnectionCallbacks&, const Http1Settings& settings, const uint32_t max_response_headers_count) : ConnectionImpl(connection, stats, settings, HTTP_RESPONSE, MAX_RESPONSE_HEADERS_KB, max_response_headers_count, formatter(settings)) {} bool ClientConnectionImpl::cannotHaveBody() { if (pending_response_.has_value() && pending_response_.value().encoder_.headRequest()) { ASSERT(!pending_response_done_); return true; } else if (parser_.status_code == 204 || parser_.status_code == 304 || (parser_.status_code >= 200 && parser_.content_length == 0 && !(parser_.flags & F_CHUNKED))) { return true; } else { return false; } } RequestEncoder& ClientConnectionImpl::newStream(ResponseDecoder& response_decoder) { if (resetStreamCalled()) { throw CodecClientException("cannot create new streams after calling reset"); } // If reads were disabled due to flow control, we expect reads to always be enabled again before // reusing this connection. This is done when the response is received. ASSERT(connection_.readEnabled()); ASSERT(!pending_response_.has_value()); ASSERT(pending_response_done_); pending_response_.emplace(*this, header_key_formatter_.get(), &response_decoder); pending_response_done_ = false; return pending_response_.value().encoder_; } int ClientConnectionImpl::onHeadersComplete() { ENVOY_CONN_LOG(trace, "status_code {}", connection_, parser_.status_code); // Handle the case where the client is closing a kept alive connection (by sending a 408 // with a 'Connection: close' header). In this case we just let response flush out followed // by the remote close. if (!pending_response_.has_value() && !resetStreamCalled()) { throw PrematureResponseException(static_cast(parser_.status_code)); } else if (pending_response_.has_value()) { ASSERT(!pending_response_done_); auto& headers = absl::get(headers_or_trailers_); ENVOY_CONN_LOG(trace, "Client: onHeadersComplete size={}", connection_, headers->size()); headers->setStatus(parser_.status_code); if (parser_.status_code >= 200 && parser_.status_code < 300 && pending_response_.value().encoder_.connectRequest()) { ENVOY_CONN_LOG(trace, "codec entering upgrade mode for CONNECT response.", connection_); handling_upgrade_ = true; // For responses to connect requests, do not accept the chunked // encoding header: https://tools.ietf.org/html/rfc7231#section-4.3.6 if (headers->TransferEncoding() && absl::EqualsIgnoreCase(headers->TransferEncoding()->value().getStringView(), Headers::get().TransferEncodingValues.Chunked)) { sendProtocolError(Http1ResponseCodeDetails::get().InvalidTransferEncoding); throw CodecProtocolException("http/1.1 protocol error: unsupported transfer encoding"); } } if (strict_1xx_and_204_headers_ && (parser_.status_code < 200 || parser_.status_code == 204)) { if (headers->TransferEncoding()) { sendProtocolError(Http1ResponseCodeDetails::get().TransferEncodingNotAllowed); throw CodecProtocolException( "http/1.1 protocol error: transfer encoding not allowed in 1xx or 204"); } if (headers->ContentLength()) { // Report a protocol error for non-zero Content-Length, but paper over zero Content-Length. if (headers->ContentLength()->value().getStringView() != "0") { sendProtocolError(Http1ResponseCodeDetails::get().ContentLengthNotAllowed); throw CodecProtocolException( "http/1.1 protocol error: content length not allowed in 1xx or 204"); } headers->removeContentLength(); } } if (parser_.status_code == enumToInt(Http::Code::Continue)) { pending_response_.value().decoder_->decode100ContinueHeaders(std::move(headers)); } else if (cannotHaveBody() && !handling_upgrade_) { deferred_end_stream_headers_ = true; } else { pending_response_.value().decoder_->decodeHeaders(std::move(headers), false); } // http-parser treats 1xx headers as their own complete response. Swallow the spurious // onMessageComplete and continue processing for purely informational headers. // 101-SwitchingProtocols is exempt as all data after the header is proxied through after // upgrading. if (CodeUtility::is1xx(parser_.status_code) && parser_.status_code != enumToInt(Http::Code::SwitchingProtocols)) { ignore_message_complete_for_1xx_ = true; // Reset to ensure no information from the 1xx headers is used for the response headers. headers_or_trailers_.emplace(nullptr); } } // Here we deal with cases where the response cannot have a body, but http_parser does not deal // with it for us. return cannotHaveBody() ? 1 : 0; } bool ClientConnectionImpl::upgradeAllowed() const { if (pending_response_.has_value()) { return pending_response_->encoder_.upgradeRequest(); } return false; } void ClientConnectionImpl::onBody(Buffer::Instance& data) { ASSERT(!deferred_end_stream_headers_); if (pending_response_.has_value()) { ASSERT(!pending_response_done_); pending_response_.value().decoder_->decodeData(data, false); } } void ClientConnectionImpl::onMessageComplete() { ENVOY_CONN_LOG(trace, "message complete", connection_); if (ignore_message_complete_for_1xx_) { ignore_message_complete_for_1xx_ = false; return; } if (pending_response_.has_value()) { ASSERT(!pending_response_done_); // After calling decodeData() with end stream set to true, we should no longer be able to reset. PendingResponse& response = pending_response_.value(); // Encoder is used as part of decode* calls later in this function so pending_response_ can not // be reset just yet. Preserve the state in pending_response_done_ instead. pending_response_done_ = true; if (deferred_end_stream_headers_) { response.decoder_->decodeHeaders( std::move(absl::get(headers_or_trailers_)), true); deferred_end_stream_headers_ = false; } else if (processing_trailers_) { response.decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } else { Buffer::OwnedImpl buffer; response.decoder_->decodeData(buffer, true); } // Reset to ensure no information from one requests persists to the next. pending_response_.reset(); headers_or_trailers_.emplace(nullptr); } } void ClientConnectionImpl::onResetStream(StreamResetReason reason) { // Only raise reset if we did not already dispatch a complete response. if (pending_response_.has_value() && !pending_response_done_) { pending_response_.value().encoder_.runResetCallbacks(reason); pending_response_done_ = true; pending_response_.reset(); } } void ClientConnectionImpl::sendProtocolError(absl::string_view details) { if (pending_response_.has_value()) { ASSERT(!pending_response_done_); pending_response_.value().encoder_.setDetails(details); } } void ClientConnectionImpl::onAboveHighWatermark() { // This should never happen without an active stream/request. pending_response_.value().encoder_.runHighWatermarkCallbacks(); } void ClientConnectionImpl::onBelowLowWatermark() { // This can get called without an active stream/request when the response completion causes us to // close the connection, but in doing so go below low watermark. if (pending_response_.has_value() && !pending_response_done_) { pending_response_.value().encoder_.runLowWatermarkCallbacks(); } } } // namespace Http1 } // namespace Legacy } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/codec_impl_legacy.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "common/buffer/watermark_buffer.h" #include "common/common/assert.h" #include "common/common/statusor.h" #include "common/http/codec_helper.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/http1/codec_stats.h" #include "common/http/http1/header_formatter.h" #include "common/http/status.h" namespace Envoy { namespace Http { namespace Legacy { namespace Http1 { class ConnectionImpl; /** * Base class for HTTP/1.1 request and response encoders. */ class StreamEncoderImpl : public virtual StreamEncoder, public Stream, Logger::Loggable, public StreamCallbackHelper, public Http1StreamEncoderOptions { public: ~StreamEncoderImpl() override { // When the stream goes away, undo any read blocks to resume reading. while (read_disable_calls_ != 0) { StreamEncoderImpl::readDisable(false); } } // Http::StreamEncoder void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeMetadata(const MetadataMapVector&) override; Stream& getStream() override { return *this; } Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return *this; } // Http::Http1StreamEncoderOptions void disableChunkEncoding() override { disable_chunk_encoding_ = true; } // Http::Stream void addCallbacks(StreamCallbacks& callbacks) override { addCallbacksHelper(callbacks); } void removeCallbacks(StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } // After this is called, for the HTTP/1 codec, the connection should be closed, i.e. no further // progress may be made with the codec. void resetStream(StreamResetReason reason) override; void readDisable(bool disable) override; uint32_t bufferLimit() override; absl::string_view responseDetails() override { return details_; } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override; void setFlushTimeout(std::chrono::milliseconds) override { // HTTP/1 has one stream per connection, thus any data encoded is immediately written to the // connection, invoking any watermarks as necessary. There is no internal buffering that would // require a flush timeout not already covered by other timeouts. } void setIsResponseToHeadRequest(bool value) { is_response_to_head_request_ = value; } void setIsResponseToConnectRequest(bool value) { is_response_to_connect_request_ = value; } void setDetails(absl::string_view details) { details_ = details; } void clearReadDisableCallsForTests() { read_disable_calls_ = 0; } protected: StreamEncoderImpl(ConnectionImpl& connection, Http::Http1::HeaderKeyFormatter* header_key_formatter); void encodeHeadersBase(const RequestOrResponseHeaderMap& headers, absl::optional status, bool end_stream); void encodeTrailersBase(const HeaderMap& headers); static const std::string CRLF; static const std::string LAST_CHUNK; ConnectionImpl& connection_; uint32_t read_disable_calls_{}; bool disable_chunk_encoding_ : 1; bool chunk_encoding_ : 1; bool is_response_to_head_request_ : 1; bool is_response_to_connect_request_ : 1; private: /** * Called to encode an individual header. * @param key supplies the header to encode. * @param key_size supplies the byte size of the key. * @param value supplies the value to encode. * @param value_size supplies the byte size of the value. */ void encodeHeader(const char* key, uint32_t key_size, const char* value, uint32_t value_size); /** * Called to encode an individual header. * @param key supplies the header to encode as a string_view. * @param value supplies the value to encode as a string_view. */ void encodeHeader(absl::string_view key, absl::string_view value); /** * Called to finalize a stream encode. */ void endEncode(); void encodeFormattedHeader(absl::string_view key, absl::string_view value); const Http::Http1::HeaderKeyFormatter* const header_key_formatter_; absl::string_view details_; }; /** * HTTP/1.1 response encoder. */ class ResponseEncoderImpl : public StreamEncoderImpl, public ResponseEncoder { public: ResponseEncoderImpl(ConnectionImpl& connection, Http::Http1::HeaderKeyFormatter* header_key_formatter, bool stream_error_on_invalid_http_message) : StreamEncoderImpl(connection, header_key_formatter), stream_error_on_invalid_http_message_(stream_error_on_invalid_http_message) {} bool startedResponse() { return started_response_; } // Http::ResponseEncoder void encode100ContinueHeaders(const ResponseHeaderMap& headers) override; void encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) override; void encodeTrailers(const ResponseTrailerMap& trailers) override { encodeTrailersBase(trailers); } bool streamErrorOnInvalidHttpMessage() const override { return stream_error_on_invalid_http_message_; } private: bool started_response_{}; const bool stream_error_on_invalid_http_message_; }; /** * HTTP/1.1 request encoder. */ class RequestEncoderImpl : public StreamEncoderImpl, public RequestEncoder { public: RequestEncoderImpl(ConnectionImpl& connection, Http::Http1::HeaderKeyFormatter* header_key_formatter) : StreamEncoderImpl(connection, header_key_formatter) {} bool upgradeRequest() const { return upgrade_request_; } bool headRequest() const { return head_request_; } bool connectRequest() const { return connect_request_; } // Http::RequestEncoder void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) override; void encodeTrailers(const RequestTrailerMap& trailers) override { encodeTrailersBase(trailers); } private: bool upgrade_request_{}; bool head_request_{}; bool connect_request_{}; }; /** * Base class for HTTP/1.1 client and server connections. * Handles the callbacks of http_parser with its own base routine and then * virtual dispatches to its subclasses. */ class ConnectionImpl : public virtual Connection, protected Logger::Loggable { public: /** * @return Network::Connection& the backing network connection. */ Network::Connection& connection() { return connection_; } /** * Called when the active encoder has completed encoding the outbound half of the stream. */ virtual void onEncodeComplete() PURE; /** * Called when resetStream() has been called on an active stream. In HTTP/1.1 the only * valid operation after this point is for the connection to get blown away, but we will not * fire any more callbacks in case some stack has to unwind. */ void onResetStreamBase(StreamResetReason reason); /** * Flush all pending output from encoding. */ void flushOutput(bool end_encode = false); void addToBuffer(absl::string_view data); void addCharToBuffer(char c); void addIntToBuffer(uint64_t i); Buffer::WatermarkBuffer& buffer() { return output_buffer_; } uint64_t bufferRemainingSize(); void copyToBuffer(const char* data, uint64_t length); void reserveBuffer(uint64_t size); void readDisable(bool disable) { if (connection_.state() == Network::Connection::State::Open) { connection_.readDisable(disable); } } uint32_t bufferLimit() { return connection_.bufferLimit(); } virtual bool supportsHttp10() { return false; } bool maybeDirectDispatch(Buffer::Instance& data); virtual void maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer&) {} Http::Http1::CodecStats& stats() { return stats_; } bool enableTrailers() const { return codec_settings_.enable_trailers_; } // Http::Connection Http::Status dispatch(Buffer::Instance& data) override; void goAway() override {} // Called during connection manager drain flow Protocol protocol() override { return protocol_; } void shutdownNotice() override {} // Called during connection manager drain flow bool wantsToWrite() override { return false; } void onUnderlyingConnectionAboveWriteBufferHighWatermark() override { onAboveHighWatermark(); } void onUnderlyingConnectionBelowWriteBufferLowWatermark() override { onBelowLowWatermark(); } bool strict1xxAnd204Headers() { return strict_1xx_and_204_headers_; } protected: ConnectionImpl(Network::Connection& connection, Http::Http1::CodecStats& stats, const Http1Settings& settings, http_parser_type type, uint32_t max_headers_kb, const uint32_t max_headers_count, Http::Http1::HeaderKeyFormatterPtr&& header_key_formatter); bool resetStreamCalled() { return reset_stream_called_; } void onMessageBeginBase(); /** * Get memory used to represent HTTP headers or trailers currently being parsed. * Computed by adding the partial header field and value that is currently being parsed and the * estimated header size for previous header lines provided by HeaderMap::byteSize(). */ virtual uint32_t getHeadersSize(); /** * Called from onUrl, onHeaderField and onHeaderValue to verify that the headers do not exceed the * configured max header size limit. Throws a CodecProtocolException if headers exceed the size * limit. */ void checkMaxHeadersSize(); Network::Connection& connection_; Http::Http1::CodecStats& stats_; const Http1Settings codec_settings_; http_parser parser_; Http::Code error_code_{Http::Code::BadRequest}; const Http::Http1::HeaderKeyFormatterPtr header_key_formatter_; HeaderString current_header_field_; HeaderString current_header_value_; bool processing_trailers_ : 1; bool handling_upgrade_ : 1; bool reset_stream_called_ : 1; // Deferred end stream headers indicate that we are not going to raise headers until the full // HTTP/1 message has been flushed from the parser. This allows raising an HTTP/2 style headers // block with end stream set to true with no further protocol data remaining. bool deferred_end_stream_headers_ : 1; const bool strict_1xx_and_204_headers_ : 1; private: enum class HeaderParsingState { Field, Value, Done }; virtual HeaderMap& headersOrTrailers() PURE; virtual RequestOrResponseHeaderMap& requestOrResponseHeaders() PURE; virtual void allocHeaders() PURE; virtual void allocTrailers() PURE; /** * Called in order to complete an in progress header decode. */ void completeLastHeader(); /** * Check if header name contains underscore character. * Underscore character is allowed in header names by the RFC-7230 and this check is implemented * as a security measure due to systems that treat '_' and '-' as interchangeable. * The ServerConnectionImpl may drop header or reject request based on the * `common_http_protocol_options.headers_with_underscores_action` configuration option in the * HttpConnectionManager. */ virtual bool shouldDropHeaderWithUnderscoresInNames(absl::string_view /* header_name */) const { return false; } /** * An inner dispatch call that executes the dispatching logic. While exception removal is in * migration (#10878), this function may either throw an exception or return an error status. * Exceptions are caught and translated to their corresponding statuses in the outer level * dispatch. * TODO(#10878): Remove this when exception removal is complete. */ Http::Status innerDispatch(Buffer::Instance& data); /** * Dispatch a memory span. * @param slice supplies the start address. * @len supplies the length of the span. */ size_t dispatchSlice(const char* slice, size_t len); /** * Called by the http_parser when body data is received. * @param data supplies the start address. * @param length supplies the length. */ void bufferBody(const char* data, size_t length); /** * Push the accumulated body through the filter pipeline. */ void dispatchBufferedBody(); /** * Called when a request/response is beginning. A base routine happens first then a virtual * dispatch is invoked. */ virtual void onMessageBegin() PURE; /** * Called when URL data is received. * @param data supplies the start address. * @param length supplies the length. */ virtual void onUrl(const char* data, size_t length) PURE; /** * Called when header field data is received. * @param data supplies the start address. * @param length supplies the length. */ void onHeaderField(const char* data, size_t length); /** * Called when header value data is received. * @param data supplies the start address. * @param length supplies the length. */ void onHeaderValue(const char* data, size_t length); /** * Called when headers are complete. A base routine happens first then a virtual dispatch is * invoked. Note that this only applies to headers and NOT trailers. End of * trailers are signaled via onMessageCompleteBase(). * @return 0 if no error, 1 if there should be no body. */ int onHeadersCompleteBase(); virtual int onHeadersComplete() PURE; /** * Called to see if upgrade transition is allowed. */ virtual bool upgradeAllowed() const PURE; /** * Called with body data is available for processing when either: * - There is an accumulated partial body after the parser is done processing bytes read from the * socket * - The parser encounters the last byte of the body * - The codec does a direct dispatch from the read buffer * For performance reasons there is at most one call to onBody per call to HTTP/1 * ConnectionImpl::dispatch call. * @param data supplies the body data */ virtual void onBody(Buffer::Instance& data) PURE; /** * Called when the request/response is complete. */ void onMessageCompleteBase(); virtual void onMessageComplete() PURE; /** * Called when accepting a chunk header. */ void onChunkHeader(bool is_final_chunk); /** * @see onResetStreamBase(). */ virtual void onResetStream(StreamResetReason reason) PURE; /** * Send a protocol error response to remote. */ virtual void sendProtocolError(absl::string_view details) PURE; /** * Called when output_buffer_ or the underlying connection go from below a low watermark to over * a high watermark. */ virtual void onAboveHighWatermark() PURE; /** * Called when output_buffer_ or the underlying connection go from above a high watermark to * below a low watermark. */ virtual void onBelowLowWatermark() PURE; /** * Check if header name contains underscore character. * The ServerConnectionImpl may drop header or reject request based on configuration. */ virtual void checkHeaderNameForUnderscores() {} static http_parser_settings settings_; HeaderParsingState header_parsing_state_{HeaderParsingState::Field}; // Used to accumulate the HTTP message body during the current dispatch call. The accumulated body // is pushed through the filter pipeline either at the end of the current dispatch call, or when // the last byte of the body is processed (whichever happens first). Buffer::OwnedImpl buffered_body_; Buffer::WatermarkBuffer output_buffer_; Protocol protocol_{Protocol::Http11}; const uint32_t max_headers_kb_; const uint32_t max_headers_count_; }; /** * Implementation of Http::ServerConnection for HTTP/1.1. */ class ServerConnectionImpl : public ServerConnection, public ConnectionImpl { public: ServerConnectionImpl(Network::Connection& connection, Http::Http1::CodecStats& stats, ServerConnectionCallbacks& callbacks, const Http1Settings& settings, uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); bool supportsHttp10() override { return codec_settings_.accept_http_10_; } protected: /** * An active HTTP/1.1 request. */ struct ActiveRequest { ActiveRequest(ServerConnectionImpl& connection, Http::Http1::HeaderKeyFormatter* header_key_formatter) : response_encoder_(connection, header_key_formatter, connection.codec_settings_.stream_error_on_invalid_http_message_) {} HeaderString request_url_; RequestDecoder* request_decoder_{}; ResponseEncoderImpl response_encoder_; bool remote_complete_{}; }; absl::optional& activeRequest() { return active_request_; } // ConnectionImpl void onMessageComplete() override; // Add the size of the request_url to the reported header size when processing request headers. uint32_t getHeadersSize() override; private: /** * Manipulate the request's first line, parsing the url and converting to a relative path if * necessary. Compute Host / :authority headers based on 7230#5.7 and 7230#6 * * @param is_connect true if the request has the CONNECT method * @param headers the request's headers * @throws CodecProtocolException on an invalid url in the request line */ void handlePath(RequestHeaderMap& headers, unsigned int method); // ConnectionImpl void onEncodeComplete() override; void onMessageBegin() override; void onUrl(const char* data, size_t length) override; int onHeadersComplete() override; // If upgrade behavior is not allowed, the HCM will have sanitized the headers out. bool upgradeAllowed() const override { return true; } void onBody(Buffer::Instance& data) override; void onResetStream(StreamResetReason reason) override; void sendProtocolError(absl::string_view details) override; void onAboveHighWatermark() override; void onBelowLowWatermark() override; HeaderMap& headersOrTrailers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } RequestOrResponseHeaderMap& requestOrResponseHeaders() override { return *absl::get(headers_or_trailers_); } void allocHeaders() override { ASSERT(nullptr == absl::get(headers_or_trailers_)); ASSERT(!processing_trailers_); headers_or_trailers_.emplace(RequestHeaderMapImpl::create()); } void allocTrailers() override { ASSERT(processing_trailers_); if (!absl::holds_alternative(headers_or_trailers_)) { headers_or_trailers_.emplace(RequestTrailerMapImpl::create()); } } void sendProtocolErrorOld(absl::string_view details); void releaseOutboundResponse(const Buffer::OwnedBufferFragmentImpl* fragment); void maybeAddSentinelBufferFragment(Buffer::WatermarkBuffer& output_buffer) override; void doFloodProtectionChecks() const; void checkHeaderNameForUnderscores() override; ServerConnectionCallbacks& callbacks_; absl::optional active_request_; const Buffer::OwnedBufferFragmentImpl::Releasor response_buffer_releasor_; uint32_t outbound_responses_{}; // This defaults to 2, which functionally disables pipelining. If any users // of Envoy wish to enable pipelining (which is dangerous and ill supported) // we could make this configurable. uint32_t max_outbound_responses_{}; bool flood_protection_{}; // TODO(mattklein123): This should be a member of ActiveRequest but this change needs dedicated // thought as some of the reset and no header code paths make this difficult. Headers are // populated on message begin. Trailers are populated on the first parsed trailer field (if // trailers are enabled). The variant is reset to null headers on message complete for assertion // purposes. absl::variant headers_or_trailers_; // The action to take when a request header name contains underscore characters. const envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; }; /** * Implementation of Http::ClientConnection for HTTP/1.1. */ class ClientConnectionImpl : public ClientConnection, public ConnectionImpl { public: ClientConnectionImpl(Network::Connection& connection, Http::Http1::CodecStats& stats, ConnectionCallbacks& callbacks, const Http1Settings& settings, const uint32_t max_response_headers_count); // Http::ClientConnection RequestEncoder& newStream(ResponseDecoder& response_decoder) override; private: struct PendingResponse { PendingResponse(ConnectionImpl& connection, Http::Http1::HeaderKeyFormatter* header_key_formatter, ResponseDecoder* decoder) : encoder_(connection, header_key_formatter), decoder_(decoder) {} RequestEncoderImpl encoder_; ResponseDecoder* decoder_; }; bool cannotHaveBody(); // ConnectionImpl void onEncodeComplete() override {} void onMessageBegin() override {} void onUrl(const char*, size_t) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } int onHeadersComplete() override; bool upgradeAllowed() const override; void onBody(Buffer::Instance& data) override; void onMessageComplete() override; void onResetStream(StreamResetReason reason) override; void sendProtocolError(absl::string_view details) override; void onAboveHighWatermark() override; void onBelowLowWatermark() override; HeaderMap& headersOrTrailers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } RequestOrResponseHeaderMap& requestOrResponseHeaders() override { return *absl::get(headers_or_trailers_); } void allocHeaders() override { ASSERT(nullptr == absl::get(headers_or_trailers_)); ASSERT(!processing_trailers_); headers_or_trailers_.emplace(ResponseHeaderMapImpl::create()); } void allocTrailers() override { ASSERT(processing_trailers_); if (!absl::holds_alternative(headers_or_trailers_)) { headers_or_trailers_.emplace(ResponseTrailerMapImpl::create()); } } absl::optional pending_response_; // TODO(mattklein123): The following bool tracks whether a pending response is complete before // dispatching callbacks. This is needed so that pending_response_ stays valid during callbacks // in order to access the stream, but to avoid invoking callbacks that shouldn't be called once // the response is complete. The existence of this variable is hard to reason about and it should // be combined with pending_response_ somehow in a follow up cleanup. bool pending_response_done_{true}; // Set true between receiving non-101 1xx headers and receiving the spurious onMessageComplete. bool ignore_message_complete_for_1xx_{}; // TODO(mattklein123): This should be a member of PendingResponse but this change needs dedicated // thought as some of the reset and no header code paths make this difficult. Headers are // populated on message begin. Trailers are populated when the switch to trailer processing is // detected while parsing the first trailer field (if trailers are enabled). The variant is reset // to null headers on message complete for assertion purposes. absl::variant headers_or_trailers_; // The default limit of 80 KiB is the vanilla http_parser behaviour. static constexpr uint32_t MAX_RESPONSE_HEADERS_KB = 80; }; } // namespace Http1 } // namespace Legacy } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/codec_stats.h ================================================ #pragma once #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/thread.h" namespace Envoy { namespace Http { namespace Http1 { /** * All stats for the HTTP/1 codec. @see stats_macros.h */ #define ALL_HTTP1_CODEC_STATS(COUNTER) \ COUNTER(dropped_headers_with_underscores) \ COUNTER(metadata_not_supported_error) \ COUNTER(requests_rejected_with_underscores_in_headers) \ COUNTER(response_flood) /** * Wrapper struct for the HTTP/1 codec stats. @see stats_macros.h */ struct CodecStats { using AtomicPtr = Thread::AtomicPtr; static CodecStats& atomicGet(AtomicPtr& ptr, Stats::Scope& scope) { return *ptr.get([&scope]() -> CodecStats* { return new CodecStats{ALL_HTTP1_CODEC_STATS(POOL_COUNTER_PREFIX(scope, "http1."))}; }); } ALL_HTTP1_CODEC_STATS(GENERATE_COUNTER_STRUCT) }; } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/conn_pool.cc ================================================ #include "common/http/http1/conn_pool.h" #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/schedulable_cb.h" #include "envoy/event/timer.h" #include "envoy/http/codec.h" #include "envoy/http/header_map.h" #include "envoy/upstream/upstream.h" #include "common/http/codec_client.h" #include "common/http/codes.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/runtime/runtime_features.h" #include "absl/strings/match.h" namespace Envoy { namespace Http { namespace Http1 { ConnPoolImpl::ConnPoolImpl(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) : HttpConnPoolImplBase(std::move(host), std::move(priority), dispatcher, options, transport_socket_options, Protocol::Http11), upstream_ready_cb_(dispatcher_.createSchedulableCallback([this]() { upstream_ready_enabled_ = false; onUpstreamReady(); })), random_generator_(random_generator) {} ConnPoolImpl::~ConnPoolImpl() { destructAllConnections(); } Envoy::ConnectionPool::ActiveClientPtr ConnPoolImpl::instantiateActiveClient() { return std::make_unique(*this); } void ConnPoolImpl::onDownstreamReset(ActiveClient& client) { // If we get a downstream reset to an attached client, we just blow it away. client.codec_client_->close(); } void ConnPoolImpl::onResponseComplete(ActiveClient& client) { ENVOY_CONN_LOG(debug, "response complete", *client.codec_client_); if (!client.stream_wrapper_->encode_complete_) { ENVOY_CONN_LOG(debug, "response before request complete", *client.codec_client_); onDownstreamReset(client); } else if (client.stream_wrapper_->close_connection_ || client.codec_client_->remoteClosed()) { ENVOY_CONN_LOG(debug, "saw upstream close connection", *client.codec_client_); onDownstreamReset(client); } else { client.stream_wrapper_.reset(); if (!pending_streams_.empty() && !upstream_ready_enabled_) { upstream_ready_enabled_ = true; upstream_ready_cb_->scheduleCallbackCurrentIteration(); } checkForDrained(); } } ConnPoolImpl::StreamWrapper::StreamWrapper(ResponseDecoder& response_decoder, ActiveClient& parent) : RequestEncoderWrapper(parent.codec_client_->newStream(*this)), ResponseDecoderWrapper(response_decoder), parent_(parent) { RequestEncoderWrapper::inner_.getStream().addCallbacks(*this); } ConnPoolImpl::StreamWrapper::~StreamWrapper() { // Upstream connection might be closed right after response is complete. Setting delay=true // here to attach pending requests in next dispatcher loop to handle that case. // https://github.com/envoyproxy/envoy/issues/2715 parent_.parent().onStreamClosed(parent_, true); } void ConnPoolImpl::StreamWrapper::onEncodeComplete() { encode_complete_ = true; } void ConnPoolImpl::StreamWrapper::decodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) { if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.fixed_connection_close")) { close_connection_ = HeaderUtility::shouldCloseConnection(parent_.codec_client_->protocol(), *headers); if (close_connection_) { parent_.parent_.host()->cluster().stats().upstream_cx_close_notify_.inc(); } } else { // If Connection: close OR // Http/1.0 and not Connection: keep-alive OR // Proxy-Connection: close if ((absl::EqualsIgnoreCase(headers->getConnectionValue(), Headers::get().ConnectionValues.Close)) || (parent_.codec_client_->protocol() == Protocol::Http10 && !absl::EqualsIgnoreCase(headers->getConnectionValue(), Headers::get().ConnectionValues.KeepAlive)) || (absl::EqualsIgnoreCase(headers->getProxyConnectionValue(), Headers::get().ConnectionValues.Close))) { parent_.parent_.host()->cluster().stats().upstream_cx_close_notify_.inc(); close_connection_ = true; } } ResponseDecoderWrapper::decodeHeaders(std::move(headers), end_stream); } void ConnPoolImpl::StreamWrapper::onDecodeComplete() { decode_complete_ = encode_complete_; parent_.parent().onResponseComplete(parent_); } ConnPoolImpl::ActiveClient::ActiveClient(ConnPoolImpl& parent) : Envoy::Http::ActiveClient( parent, parent.host_->cluster().maxRequestsPerConnection(), 1 // HTTP1 always has a concurrent-request-limit of 1 per connection. ) { parent.host_->cluster().stats().upstream_cx_http1_total_.inc(); } bool ConnPoolImpl::ActiveClient::closingWithIncompleteStream() const { return (stream_wrapper_ != nullptr) && (!stream_wrapper_->decode_complete_); } RequestEncoder& ConnPoolImpl::ActiveClient::newStreamEncoder(ResponseDecoder& response_decoder) { ASSERT(!stream_wrapper_); stream_wrapper_ = std::make_unique(response_decoder, *this); return *stream_wrapper_; } CodecClientPtr ProdConnPoolImpl::createCodecClient(Upstream::Host::CreateConnectionData& data) { CodecClientPtr codec{new CodecClientProd(CodecClient::Type::HTTP1, std::move(data.connection_), data.host_description_, dispatcher_, random_generator_)}; return codec; } ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) { return std::make_unique( dispatcher, random_generator, host, priority, options, transport_socket_options); } } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/conn_pool.h ================================================ #pragma once #include "envoy/event/timer.h" #include "envoy/http/codec.h" #include "envoy/upstream/upstream.h" #include "common/http/codec_wrappers.h" #include "common/http/conn_pool_base.h" namespace Envoy { namespace Http { namespace Http1 { /** * A connection pool implementation for HTTP/1.1 connections. * NOTE: The connection pool does NOT do DNS resolution. It assumes it is being given a numeric IP * address. Higher layer code should handle resolving DNS on error and creating a new pool * bound to a different IP address. */ class ConnPoolImpl : public Http::HttpConnPoolImplBase { public: ConnPoolImpl(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options); ~ConnPoolImpl() override; // ConnectionPool::Instance Http::Protocol protocol() const override { return Http::Protocol::Http11; } // ConnPoolImplBase Envoy::ConnectionPool::ActiveClientPtr instantiateActiveClient() override; protected: class ActiveClient; struct StreamWrapper : public RequestEncoderWrapper, public ResponseDecoderWrapper, public StreamCallbacks { StreamWrapper(ResponseDecoder& response_decoder, ActiveClient& parent); ~StreamWrapper() override; // StreamEncoderWrapper void onEncodeComplete() override; // StreamDecoderWrapper void decodeHeaders(ResponseHeaderMapPtr&& headers, bool end_stream) override; void onPreDecodeComplete() override {} void onDecodeComplete() override; // Http::StreamCallbacks void onResetStream(StreamResetReason, absl::string_view) override { parent_.parent().onDownstreamReset(parent_); } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} ActiveClient& parent_; bool encode_complete_{}; bool close_connection_{}; bool decode_complete_{}; }; using StreamWrapperPtr = std::unique_ptr; class ActiveClient : public Envoy::Http::ActiveClient { public: ActiveClient(ConnPoolImpl& parent); ConnPoolImpl& parent() { return static_cast(parent_); } // ConnPoolImplBase::ActiveClient bool closingWithIncompleteStream() const override; RequestEncoder& newStreamEncoder(ResponseDecoder& response_decoder) override; StreamWrapperPtr stream_wrapper_; }; void onDownstreamReset(ActiveClient& client); void onResponseComplete(ActiveClient& client); Event::SchedulableCallbackPtr upstream_ready_cb_; bool upstream_ready_enabled_{false}; Random::RandomGenerator& random_generator_; }; /** * Production implementation of the ConnPoolImpl. */ class ProdConnPoolImpl : public ConnPoolImpl { public: using ConnPoolImpl::ConnPoolImpl; // ConnPoolImpl CodecClientPtr createCodecClient(Upstream::Host::CreateConnectionData& data) override; }; ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options); } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/header_formatter.cc ================================================ #include "common/http/http1/header_formatter.h" #include namespace Envoy { namespace Http { namespace Http1 { std::string ProperCaseHeaderKeyFormatter::format(absl::string_view key) const { auto copy = std::string(key); bool should_capitalize = true; for (char& c : copy) { if (should_capitalize && isalpha(c)) { c = static_cast(toupper(c)); } should_capitalize = !isalpha(c) && !isdigit(c); } return copy; } } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http1/header_formatter.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Http { namespace Http1 { class HeaderKeyFormatter { public: virtual ~HeaderKeyFormatter() = default; virtual std::string format(absl::string_view key) const PURE; }; using HeaderKeyFormatterPtr = std::unique_ptr; /** * A HeaderKeyFormatter that upper cases the first character in each word: The * first character as well as any alpha character following a special * character is upper cased. */ class ProperCaseHeaderKeyFormatter : public HeaderKeyFormatter { public: std::string format(absl::string_view key) const override; }; } // namespace Http1 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "codec_stats_lib", hdrs = ["codec_stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/common:thread_lib", ], ) CODEC_LIB_DEPS = [ ":codec_stats_lib", ":metadata_decoder_lib", ":metadata_encoder_lib", ":protocol_constraints_lib", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:header_map_interface", "//include/envoy/network:connection_interface", "//include/envoy/stats:stats_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/common:linked_object", "//source/common/common:minimal_logger_lib", "//source/common/common:statusor_lib", "//source/common/common:utility_lib", "//source/common/http:codec_helper_lib", "//source/common/http:codes_lib", "//source/common/http:exception_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:status_lib", "//source/common/http:utility_lib", "//source/common/runtime:runtime_features_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ] envoy_cc_library( name = "codec_lib", srcs = ["codec_impl.cc"], hdrs = ["codec_impl.h"], external_deps = [ "nghttp2", "abseil_optional", "abseil_inlined_vector", "abseil_algorithm", ], deps = CODEC_LIB_DEPS, ) envoy_cc_library( name = "codec_legacy_lib", srcs = ["codec_impl_legacy.cc"], hdrs = [ "codec_impl.h", "codec_impl_legacy.h", ], external_deps = [ "nghttp2", "abseil_optional", "abseil_inlined_vector", "abseil_algorithm", ], deps = CODEC_LIB_DEPS, ) # Separate library for some nghttp2 setup stuff to avoid having tests take a # dependency on everything in codec_lib. envoy_cc_library( name = "nghttp2_lib", srcs = ["nghttp2.cc"], hdrs = ["nghttp2.h"], external_deps = ["nghttp2"], deps = [ "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "conn_pool_lib", srcs = ["conn_pool.cc"], hdrs = ["conn_pool.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/upstream:upstream_interface", "//source/common/http:codec_client_lib", "//source/common/http:conn_pool_base_lib", ], ) envoy_cc_library( name = "metadata_encoder_lib", srcs = ["metadata_encoder.cc"], hdrs = ["metadata_encoder.h"], external_deps = [ "nghttp2", ], deps = [ "//include/envoy/http:codec_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "metadata_decoder_lib", srcs = ["metadata_decoder.cc"], hdrs = ["metadata_decoder.h"], external_deps = [ "nghttp2", ], deps = [ "//include/envoy/http:codec_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "protocol_constraints_lib", srcs = ["protocol_constraints.cc"], hdrs = ["protocol_constraints.h"], deps = [ ":codec_stats_lib", "//bazel/foreign_cc:nghttp2", "//include/envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/http:status_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/http/http2/codec_impl.cc ================================================ #include "common/http/http2/codec_impl.h" #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/http/exception.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http2/codec_stats.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Http { namespace Http2 { // Changes or additions to details should be reflected in // docs/root/configuration/http/http_conn_man/response_code_details_details.rst class Http2ResponseCodeDetailValues { public: // Invalid HTTP header field was received and stream is going to be // closed. const absl::string_view ng_http2_err_http_header_ = "http2.invalid.header.field"; // Violation in HTTP messaging rule. const absl::string_view ng_http2_err_http_messaging_ = "http2.violation.of.messaging.rule"; // none of the above const absl::string_view ng_http2_err_unknown_ = "http2.unknown.nghttp2.error"; // The number of headers (or trailers) exceeded the configured limits const absl::string_view too_many_headers = "http2.too_many_headers"; // Envoy detected an HTTP/2 frame flood from the server. const absl::string_view outbound_frame_flood = "http2.outbound_frames_flood"; // Envoy detected an inbound HTTP/2 frame flood. const absl::string_view inbound_empty_frame_flood = "http2.inbound_empty_frames_flood"; // Envoy was configured to drop requests with header keys beginning with underscores. const absl::string_view invalid_underscore = "http2.unexpected_underscore"; // The peer refused the stream. const absl::string_view remote_refused = "http2.remote_refuse"; // The peer reset the stream. const absl::string_view remote_reset = "http2.remote_reset"; const absl::string_view errorDetails(int error_code) const { switch (error_code) { case NGHTTP2_ERR_HTTP_HEADER: return ng_http2_err_http_header_; case NGHTTP2_ERR_HTTP_MESSAGING: return ng_http2_err_http_messaging_; default: return ng_http2_err_unknown_; } } }; using Http2ResponseCodeDetails = ConstSingleton; bool Utility::reconstituteCrumbledCookies(const HeaderString& key, const HeaderString& value, HeaderString& cookies) { if (key != Headers::get().Cookie.get().c_str()) { return false; } if (!cookies.empty()) { cookies.append("; ", 2); } const absl::string_view value_view = value.getStringView(); cookies.append(value_view.data(), value_view.size()); return true; } ConnectionImpl::Http2Callbacks ConnectionImpl::http2_callbacks_; nghttp2_session* ProdNghttp2SessionFactory::create(const nghttp2_session_callbacks* callbacks, ConnectionImpl* connection, const nghttp2_option* options) { nghttp2_session* session; nghttp2_session_client_new2(&session, callbacks, connection, options); return session; } void ProdNghttp2SessionFactory::init(nghttp2_session*, ConnectionImpl* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) { connection->sendSettings(options, true); } /** * Helper to remove const during a cast. nghttp2 takes non-const pointers for headers even though * it copies them. */ template static T* removeConst(const void* object) { return const_cast(reinterpret_cast(object)); } ConnectionImpl::StreamImpl::StreamImpl(ConnectionImpl& parent, uint32_t buffer_limit) : parent_(parent), local_end_stream_sent_(false), remote_end_stream_(false), data_deferred_(false), received_noninformational_headers_(false), pending_receive_buffer_high_watermark_called_(false), pending_send_buffer_high_watermark_called_(false), reset_due_to_messaging_error_(false) { parent_.stats_.streams_active_.inc(); if (buffer_limit > 0) { setWriteBufferWatermarks(buffer_limit / 2, buffer_limit); } } ConnectionImpl::StreamImpl::~StreamImpl() { ASSERT(stream_idle_timer_ == nullptr); } void ConnectionImpl::StreamImpl::destroy() { disarmStreamIdleTimer(); parent_.stats_.streams_active_.dec(); parent_.stats_.pending_send_bytes_.sub(pending_send_data_.length()); } static void insertHeader(std::vector& headers, const HeaderEntry& header) { uint8_t flags = 0; if (header.key().isReference()) { flags |= NGHTTP2_NV_FLAG_NO_COPY_NAME; } if (header.value().isReference()) { flags |= NGHTTP2_NV_FLAG_NO_COPY_VALUE; } const absl::string_view header_key = header.key().getStringView(); const absl::string_view header_value = header.value().getStringView(); headers.push_back({removeConst(header_key.data()), removeConst(header_value.data()), header_key.size(), header_value.size(), flags}); } void ConnectionImpl::StreamImpl::buildHeaders(std::vector& final_headers, const HeaderMap& headers) { final_headers.reserve(headers.size()); headers.iterate([&final_headers](const HeaderEntry& header) -> HeaderMap::Iterate { insertHeader(final_headers, header); return HeaderMap::Iterate::Continue; }); } void ConnectionImpl::ServerStreamImpl::encode100ContinueHeaders(const ResponseHeaderMap& headers) { ASSERT(headers.Status()->value() == "100"); encodeHeaders(headers, false); } void ConnectionImpl::StreamImpl::encodeHeadersBase(const std::vector& final_headers, bool end_stream) { nghttp2_data_provider provider; if (!end_stream) { provider.source.ptr = this; provider.read_callback = [](nghttp2_session*, int32_t, uint8_t*, size_t length, uint32_t* data_flags, nghttp2_data_source* source, void*) -> ssize_t { return static_cast(source->ptr)->onDataSourceRead(length, data_flags); }; } local_end_stream_ = end_stream; submitHeaders(final_headers, end_stream ? nullptr : &provider); auto status = parent_.sendPendingFrames(); // The RELEASE_ASSERT below does not change the existing behavior of `sendPendingFrames()`. // The `sendPendingFrames()` used to throw on errors and the only method that was catching // these exceptions was the `dispatch()`. The `dispatch()` method still checks and handles // errors returned by the `sendPendingFrames()`. // Other callers of `sendPendingFrames()` do not catch exceptions from this method and // would cause abnormal process termination in error cases. This change replaces abnormal // process termination from unhandled exception with the RELEASE_ASSERT. // Further work will replace this RELEASE_ASSERT with proper error handling. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); parent_.checkProtocolConstraintViolation(); } void ConnectionImpl::ClientStreamImpl::encodeHeaders(const RequestHeaderMap& headers, bool end_stream) { // This must exist outside of the scope of isUpgrade as the underlying memory is // needed until encodeHeadersBase has been called. std::vector final_headers; Http::RequestHeaderMapPtr modified_headers; if (Http::Utility::isUpgrade(headers)) { modified_headers = createHeaderMap(headers); upgrade_type_ = std::string(headers.getUpgradeValue()); Http::Utility::transformUpgradeRequestFromH1toH2(*modified_headers); buildHeaders(final_headers, *modified_headers); } else if (headers.Method() && headers.Method()->value() == "CONNECT") { // If this is not an upgrade style connect (above branch) it is a bytestream // connect and should have :path and :protocol set accordingly // As HTTP/1.1 does not require a path for CONNECT, we may have to add one // if shifting codecs. For now, default to "/" - this can be made // configurable if necessary. // https://tools.ietf.org/html/draft-kinnear-httpbis-http2-transport-02 modified_headers = createHeaderMap(headers); modified_headers->setProtocol(Headers::get().ProtocolValues.Bytestream); if (!headers.Path()) { modified_headers->setPath("/"); } buildHeaders(final_headers, *modified_headers); } else { buildHeaders(final_headers, headers); } encodeHeadersBase(final_headers, end_stream); } void ConnectionImpl::ServerStreamImpl::encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) { // The contract is that client codecs must ensure that :status is present. ASSERT(headers.Status() != nullptr); // This must exist outside of the scope of isUpgrade as the underlying memory is // needed until encodeHeadersBase has been called. std::vector final_headers; Http::ResponseHeaderMapPtr modified_headers; if (Http::Utility::isUpgrade(headers)) { modified_headers = createHeaderMap(headers); Http::Utility::transformUpgradeResponseFromH1toH2(*modified_headers); buildHeaders(final_headers, *modified_headers); } else { buildHeaders(final_headers, headers); } encodeHeadersBase(final_headers, end_stream); } void ConnectionImpl::StreamImpl::encodeTrailersBase(const HeaderMap& trailers) { ASSERT(!local_end_stream_); local_end_stream_ = true; if (pending_send_data_.length() > 0) { // In this case we want trailers to come after we release all pending body data that is // waiting on window updates. We need to save the trailers so that we can emit them later. // However, for empty trailers, we don't need to to save the trailers. ASSERT(!pending_trailers_to_encode_); const bool skip_encoding_empty_trailers = trailers.empty() && parent_.skip_encoding_empty_trailers_; if (!skip_encoding_empty_trailers) { pending_trailers_to_encode_ = cloneTrailers(trailers); createPendingFlushTimer(); } } else { submitTrailers(trailers); auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } } void ConnectionImpl::StreamImpl::encodeMetadata(const MetadataMapVector& metadata_map_vector) { ASSERT(parent_.allow_metadata_); MetadataEncoder& metadata_encoder = getMetadataEncoder(); if (!metadata_encoder.createPayload(metadata_map_vector)) { return; } for (uint8_t flags : metadata_encoder.payloadFrameFlagBytes()) { submitMetadata(flags); } auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } void ConnectionImpl::StreamImpl::readDisable(bool disable) { ENVOY_CONN_LOG(debug, "Stream {} {}, unconsumed_bytes {} read_disable_count {}", parent_.connection_, stream_id_, (disable ? "disabled" : "enabled"), unconsumed_bytes_, read_disable_count_); if (disable) { ++read_disable_count_; } else { ASSERT(read_disable_count_ > 0); --read_disable_count_; if (!buffersOverrun()) { nghttp2_session_consume(parent_.session_, stream_id_, unconsumed_bytes_); unconsumed_bytes_ = 0; auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } } } void ConnectionImpl::StreamImpl::pendingRecvBufferHighWatermark() { ENVOY_CONN_LOG(debug, "recv buffer over limit ", parent_.connection_); ASSERT(!pending_receive_buffer_high_watermark_called_); pending_receive_buffer_high_watermark_called_ = true; readDisable(true); } void ConnectionImpl::StreamImpl::pendingRecvBufferLowWatermark() { ENVOY_CONN_LOG(debug, "recv buffer under limit ", parent_.connection_); ASSERT(pending_receive_buffer_high_watermark_called_); pending_receive_buffer_high_watermark_called_ = false; readDisable(false); } void ConnectionImpl::ClientStreamImpl::decodeHeaders() { auto& headers = absl::get(headers_or_trailers_); const uint64_t status = Http::Utility::getResponseStatus(*headers); if (!upgrade_type_.empty() && headers->Status()) { Http::Utility::transformUpgradeResponseFromH2toH1(*headers, upgrade_type_); } // Non-informational headers are non-1xx OR 101-SwitchingProtocols, since 101 implies that further // proxying is on an upgrade path. received_noninformational_headers_ = !CodeUtility::is1xx(status) || status == enumToInt(Http::Code::SwitchingProtocols); if (status == enumToInt(Http::Code::Continue)) { ASSERT(!remote_end_stream_); response_decoder_.decode100ContinueHeaders(std::move(headers)); } else { response_decoder_.decodeHeaders(std::move(headers), remote_end_stream_); } } void ConnectionImpl::ClientStreamImpl::decodeTrailers() { response_decoder_.decodeTrailers( std::move(absl::get(headers_or_trailers_))); } void ConnectionImpl::ServerStreamImpl::decodeHeaders() { auto& headers = absl::get(headers_or_trailers_); if (Http::Utility::isH2UpgradeRequest(*headers)) { Http::Utility::transformUpgradeRequestFromH2toH1(*headers); } request_decoder_->decodeHeaders(std::move(headers), remote_end_stream_); } void ConnectionImpl::ServerStreamImpl::decodeTrailers() { request_decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } void ConnectionImpl::StreamImpl::pendingSendBufferHighWatermark() { ENVOY_CONN_LOG(debug, "send buffer over limit ", parent_.connection_); ASSERT(!pending_send_buffer_high_watermark_called_); pending_send_buffer_high_watermark_called_ = true; runHighWatermarkCallbacks(); } void ConnectionImpl::StreamImpl::pendingSendBufferLowWatermark() { ENVOY_CONN_LOG(debug, "send buffer under limit ", parent_.connection_); ASSERT(pending_send_buffer_high_watermark_called_); pending_send_buffer_high_watermark_called_ = false; runLowWatermarkCallbacks(); } void ConnectionImpl::StreamImpl::saveHeader(HeaderString&& name, HeaderString&& value) { if (!Utility::reconstituteCrumbledCookies(name, value, cookies_)) { headers().addViaMove(std::move(name), std::move(value)); } } void ConnectionImpl::StreamImpl::submitTrailers(const HeaderMap& trailers) { ASSERT(local_end_stream_); const bool skip_encoding_empty_trailers = trailers.empty() && parent_.skip_encoding_empty_trailers_; if (skip_encoding_empty_trailers) { ENVOY_CONN_LOG(debug, "skipping submitting trailers", parent_.connection_); // Instead of submitting empty trailers, we send empty data instead. Buffer::OwnedImpl empty_buffer; encodeDataHelper(empty_buffer, /*end_stream=*/true, skip_encoding_empty_trailers); return; } std::vector final_headers; buildHeaders(final_headers, trailers); int rc = nghttp2_submit_trailer(parent_.session_, stream_id_, final_headers.data(), final_headers.size()); ASSERT(rc == 0); } void ConnectionImpl::StreamImpl::submitMetadata(uint8_t flags) { ASSERT(stream_id_ > 0); const int result = nghttp2_submit_extension(parent_.session_, METADATA_FRAME_TYPE, flags, stream_id_, nullptr); ASSERT(result == 0); } ssize_t ConnectionImpl::StreamImpl::onDataSourceRead(uint64_t length, uint32_t* data_flags) { if (pending_send_data_.length() == 0 && !local_end_stream_) { ASSERT(!data_deferred_); data_deferred_ = true; return NGHTTP2_ERR_DEFERRED; } else { *data_flags |= NGHTTP2_DATA_FLAG_NO_COPY; if (local_end_stream_ && pending_send_data_.length() <= length) { *data_flags |= NGHTTP2_DATA_FLAG_EOF; if (pending_trailers_to_encode_) { // We need to tell the library to not set end stream so that we can emit the trailers. *data_flags |= NGHTTP2_DATA_FLAG_NO_END_STREAM; submitTrailers(*pending_trailers_to_encode_); pending_trailers_to_encode_.reset(); } } return std::min(length, pending_send_data_.length()); } } Status ConnectionImpl::StreamImpl::onDataSourceSend(const uint8_t* framehd, size_t length) { // In this callback we are writing out a raw DATA frame without copying. nghttp2 assumes that we // "just know" that the frame header is 9 bytes. // https://nghttp2.org/documentation/types.html#c.nghttp2_send_data_callback static const uint64_t FRAME_HEADER_SIZE = 9; parent_.protocol_constraints_.incrementOutboundDataFrameCount(); Buffer::OwnedImpl output; auto status = parent_.addOutboundFrameFragment(output, framehd, FRAME_HEADER_SIZE); if (!status.ok()) { ENVOY_CONN_LOG(debug, "error sending data frame: Too many frames in the outbound queue", parent_.connection_); setDetails(Http2ResponseCodeDetails::get().outbound_frame_flood); return status; } parent_.stats_.pending_send_bytes_.sub(length); output.move(pending_send_data_, length); parent_.connection_.write(output, false); return status; } void ConnectionImpl::ClientStreamImpl::submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) { ASSERT(stream_id_ == -1); stream_id_ = nghttp2_submit_request(parent_.session_, nullptr, final_headers.data(), final_headers.size(), provider, base()); ASSERT(stream_id_ > 0); } void ConnectionImpl::ServerStreamImpl::submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) { ASSERT(stream_id_ != -1); int rc = nghttp2_submit_response(parent_.session_, stream_id_, final_headers.data(), final_headers.size(), provider); ASSERT(rc == 0); } void ConnectionImpl::ServerStreamImpl::createPendingFlushTimer() { ASSERT(stream_idle_timer_ == nullptr); if (stream_idle_timeout_.count() > 0) { stream_idle_timer_ = parent_.connection_.dispatcher().createTimer([this] { onPendingFlushTimer(); }); stream_idle_timer_->enableTimer(stream_idle_timeout_); } } void ConnectionImpl::StreamImpl::onPendingFlushTimer() { ENVOY_CONN_LOG(debug, "pending stream flush timeout", parent_.connection_); stream_idle_timer_.reset(); parent_.stats_.tx_flush_timeout_.inc(); ASSERT(local_end_stream_ && !local_end_stream_sent_); // This will emit a reset frame for this stream and close the stream locally. No reset callbacks // will be run because higher layers think the stream is already finished. resetStreamWorker(StreamResetReason::LocalReset); auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } void ConnectionImpl::StreamImpl::encodeData(Buffer::Instance& data, bool end_stream) { ASSERT(!local_end_stream_); encodeDataHelper(data, end_stream, /*skip_encoding_empty_trailers=*/false); } void ConnectionImpl::StreamImpl::encodeDataHelper(Buffer::Instance& data, bool end_stream, bool skip_encoding_empty_trailers) { if (skip_encoding_empty_trailers) { ASSERT(data.length() == 0 && end_stream); } local_end_stream_ = end_stream; parent_.stats_.pending_send_bytes_.add(data.length()); pending_send_data_.move(data); if (data_deferred_) { int rc = nghttp2_session_resume_data(parent_.session_, stream_id_); ASSERT(rc == 0); data_deferred_ = false; } auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); parent_.checkProtocolConstraintViolation(); if (local_end_stream_ && pending_send_data_.length() > 0) { createPendingFlushTimer(); } } void ConnectionImpl::StreamImpl::resetStream(StreamResetReason reason) { // Higher layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(reason); // If we submit a reset, nghttp2 will cancel outbound frames that have not yet been sent. // We want these frames to go out so we defer the reset until we send all of the frames that // end the local stream. if (local_end_stream_ && !local_end_stream_sent_) { parent_.pending_deferred_reset_ = true; deferred_reset_ = reason; ENVOY_CONN_LOG(trace, "deferred reset stream", parent_.connection_); } else { resetStreamWorker(reason); } // We must still call sendPendingFrames() in both the deferred and not deferred path. This forces // the cleanup logic to run which will reset the stream in all cases if all data frames could not // be sent. auto status = parent_.sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } void ConnectionImpl::StreamImpl::resetStreamWorker(StreamResetReason reason) { int rc = nghttp2_submit_rst_stream(parent_.session_, NGHTTP2_FLAG_NONE, stream_id_, reason == StreamResetReason::LocalRefusedStreamReset ? NGHTTP2_REFUSED_STREAM : NGHTTP2_NO_ERROR); ASSERT(rc == 0); } MetadataEncoder& ConnectionImpl::StreamImpl::getMetadataEncoder() { if (metadata_encoder_ == nullptr) { metadata_encoder_ = std::make_unique(); } return *metadata_encoder_; } MetadataDecoder& ConnectionImpl::StreamImpl::getMetadataDecoder() { if (metadata_decoder_ == nullptr) { auto cb = [this](MetadataMapPtr&& metadata_map_ptr) { this->onMetadataDecoded(std::move(metadata_map_ptr)); }; metadata_decoder_ = std::make_unique(cb); } return *metadata_decoder_; } void ConnectionImpl::StreamImpl::onMetadataDecoded(MetadataMapPtr&& metadata_map_ptr) { decoder().decodeMetadata(std::move(metadata_map_ptr)); } ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_headers_kb, const uint32_t max_headers_count) : stats_(stats), connection_(connection), max_headers_kb_(max_headers_kb), max_headers_count_(max_headers_count), per_stream_buffer_limit_(http2_options.initial_stream_window_size().value()), stream_error_on_invalid_http_messaging_( http2_options.override_stream_error_on_invalid_http_message().value()), protocol_constraints_(stats, http2_options), skip_encoding_empty_trailers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http2_skip_encoding_empty_trailers")), dispatching_(false), raised_goaway_(false), pending_deferred_reset_(false), random_(random_generator) { if (http2_options.has_connection_keepalive()) { keepalive_interval_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), interval)); keepalive_timeout_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), timeout)); keepalive_interval_jitter_percent_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( http2_options.connection_keepalive(), interval_jitter, 15.0); keepalive_send_timer_ = connection.dispatcher().createTimer([this]() { sendKeepalive(); }); keepalive_timeout_timer_ = connection.dispatcher().createTimer([this]() { onKeepaliveResponseTimeout(); }); // This call schedules the initial interval, with jitter. onKeepaliveResponse(); } } ConnectionImpl::~ConnectionImpl() { for (const auto& stream : active_streams_) { stream->destroy(); } nghttp2_session_del(session_); } void ConnectionImpl::sendKeepalive() { // Include the current time as the payload to help with debugging. SystemTime now = connection_.dispatcher().timeSource().systemTime(); uint64_t ms_since_epoch = std::chrono::duration_cast(now.time_since_epoch()).count(); ENVOY_CONN_LOG(trace, "Sending keepalive PING {}", connection_, ms_since_epoch); // The last parameter is an opaque 8-byte buffer, so this cast is safe. int rc = nghttp2_submit_ping(session_, 0 /*flags*/, reinterpret_cast(&ms_since_epoch)); ASSERT(rc == 0); auto status = sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); keepalive_timeout_timer_->enableTimer(keepalive_timeout_); } void ConnectionImpl::onKeepaliveResponse() { // Check the timers for nullptr in case the peer sent an unsolicited PING ACK. if (keepalive_timeout_timer_ != nullptr) { keepalive_timeout_timer_->disableTimer(); } if (keepalive_send_timer_ != nullptr) { uint64_t interval_ms = keepalive_interval_.count(); const uint64_t jitter_percent_mod = keepalive_interval_jitter_percent_ * interval_ms / 100; if (jitter_percent_mod > 0) { interval_ms += random_.random() % jitter_percent_mod; } keepalive_send_timer_->enableTimer(std::chrono::milliseconds(interval_ms)); } } void ConnectionImpl::onKeepaliveResponseTimeout() { ENVOY_CONN_LOG(debug, "Closing connection due to keepalive timeout", connection_); stats_.keepalive_timeout_.inc(); connection_.close(Network::ConnectionCloseType::NoFlush); } Http::Status ConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Http::Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ConnectionImpl::innerDispatch(Buffer::Instance& data) { ENVOY_CONN_LOG(trace, "dispatching {} bytes", connection_, data.length()); // Make sure that dispatching_ is set to false after dispatching, even when // ConnectionImpl::dispatch returns early or throws an exception (consider removing if there is a // single return after exception removal (#10878)). Cleanup cleanup([this]() { dispatching_ = false; }); for (const Buffer::RawSlice& slice : data.getRawSlices()) { dispatching_ = true; ssize_t rc = nghttp2_session_mem_recv(session_, static_cast(slice.mem_), slice.len_); if (!nghttp2_callback_status_.ok()) { return nghttp2_callback_status_; } // This error is returned when nghttp2 library detected a frame flood by one of its // internal mechanisms. Most flood protection is done by Envoy's codec and this error // should never be returned. However it is handled here in case nghttp2 has some flood // protections that Envoy's codec does not have. if (rc == NGHTTP2_ERR_FLOODED) { return bufferFloodError( "Flooding was detected in this HTTP/2 session, and it must be closed"); } if (rc != static_cast(slice.len_)) { return codecProtocolError(nghttp2_strerror(rc)); } dispatching_ = false; } ENVOY_CONN_LOG(trace, "dispatched {} bytes", connection_, data.length()); data.drain(data.length()); // Decoding incoming frames can generate outbound frames so flush pending. return sendPendingFrames(); } ConnectionImpl::StreamImpl* ConnectionImpl::getStream(int32_t stream_id) { return static_cast(nghttp2_session_get_stream_user_data(session_, stream_id)); } int ConnectionImpl::onData(int32_t stream_id, const uint8_t* data, size_t len) { StreamImpl* stream = getStream(stream_id); // If this results in buffering too much data, the watermark buffer will call // pendingRecvBufferHighWatermark, resulting in ++read_disable_count_ stream->pending_recv_data_.add(data, len); // Update the window to the peer unless some consumer of this stream's data has hit a flow control // limit and disabled reads on this stream if (!stream->buffersOverrun()) { nghttp2_session_consume(session_, stream_id, len); } else { stream->unconsumed_bytes_ += len; } return 0; } void ConnectionImpl::goAway() { int rc = nghttp2_submit_goaway(session_, NGHTTP2_FLAG_NONE, nghttp2_session_get_last_proc_stream_id(session_), NGHTTP2_NO_ERROR, nullptr, 0); ASSERT(rc == 0); auto status = sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } void ConnectionImpl::shutdownNotice() { int rc = nghttp2_submit_shutdown_notice(session_); ASSERT(rc == 0); auto status = sendPendingFrames(); // See comment in the `encodeHeadersBase()` method about this RELEASE_ASSERT. RELEASE_ASSERT(status.ok(), "sendPendingFrames() failure in non dispatching context"); } Status ConnectionImpl::onBeforeFrameReceived(const nghttp2_frame_hd* hd) { ENVOY_CONN_LOG(trace, "about to recv frame type={}, flags={}", connection_, static_cast(hd->type), static_cast(hd->flags)); // Track all the frames without padding here, since this is the only callback we receive // for some of them (e.g. CONTINUATION frame, frames sent on closed streams, etc.). // HEADERS frame is tracked in onBeginHeaders(), DATA frame is tracked in onFrameReceived(). auto status = okStatus(); if (hd->type != NGHTTP2_HEADERS && hd->type != NGHTTP2_DATA) { status = trackInboundFrames(hd, 0); } return status; } ABSL_MUST_USE_RESULT enum GoAwayErrorCode ngHttp2ErrorCodeToErrorCode(uint32_t code) noexcept { switch (code) { case NGHTTP2_NO_ERROR: return GoAwayErrorCode::NoError; default: return GoAwayErrorCode::Other; } } Status ConnectionImpl::onFrameReceived(const nghttp2_frame* frame) { ENVOY_CONN_LOG(trace, "recv frame type={}", connection_, static_cast(frame->hd.type)); // onFrameReceived() is called with a complete HEADERS frame assembled from all the HEADERS // and CONTINUATION frames, but we track them separately: HEADERS frames in onBeginHeaders() // and CONTINUATION frames in onBeforeFrameReceived(). ASSERT(frame->hd.type != NGHTTP2_CONTINUATION); if ((frame->hd.type == NGHTTP2_PING) && (frame->ping.hd.flags & NGHTTP2_FLAG_ACK)) { // The ``opaque_data`` should be exactly what was sent in the ping, which is // was the current time when the ping was sent. This can be useful while debugging // to match the ping and ack. uint64_t data; static_assert(sizeof(data) == sizeof(frame->ping.opaque_data), "Sizes are equal"); memcpy(&data, frame->ping.opaque_data, sizeof(data)); ENVOY_CONN_LOG(trace, "recv PING ACK {}", connection_, data); onKeepaliveResponse(); return okStatus(); } if (frame->hd.type == NGHTTP2_DATA) { RETURN_IF_ERROR(trackInboundFrames(&frame->hd, frame->data.padlen)); } // Only raise GOAWAY once, since we don't currently expose stream information. Shutdown // notifications are the same as a normal GOAWAY. // TODO: handle multiple GOAWAY frames. if (frame->hd.type == NGHTTP2_GOAWAY && !raised_goaway_) { ASSERT(frame->hd.stream_id == 0); raised_goaway_ = true; callbacks().onGoAway(ngHttp2ErrorCodeToErrorCode(frame->goaway.error_code)); return okStatus(); } if (frame->hd.type == NGHTTP2_SETTINGS && frame->hd.flags == NGHTTP2_FLAG_NONE) { onSettingsForTest(frame->settings); } StreamImpl* stream = getStream(frame->hd.stream_id); if (!stream) { return okStatus(); } switch (frame->hd.type) { case NGHTTP2_HEADERS: { stream->remote_end_stream_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; if (!stream->cookies_.empty()) { HeaderString key(Headers::get().Cookie); stream->headers().addViaMove(std::move(key), std::move(stream->cookies_)); } switch (frame->headers.cat) { case NGHTTP2_HCAT_RESPONSE: case NGHTTP2_HCAT_REQUEST: { stream->decodeHeaders(); break; } case NGHTTP2_HCAT_HEADERS: { // It's possible that we are waiting to send a deferred reset, so only raise headers/trailers // if local is not complete. if (!stream->deferred_reset_) { if (nghttp2_session_check_server_session(session_) || stream->received_noninformational_headers_) { ASSERT(stream->remote_end_stream_); stream->decodeTrailers(); } else { // We're a client session and still waiting for non-informational headers. stream->decodeHeaders(); } } break; } default: // We do not currently support push. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } break; } case NGHTTP2_DATA: { stream->remote_end_stream_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; // It's possible that we are waiting to send a deferred reset, so only raise data if local // is not complete. if (!stream->deferred_reset_) { stream->decoder().decodeData(stream->pending_recv_data_, stream->remote_end_stream_); } stream->pending_recv_data_.drain(stream->pending_recv_data_.length()); break; } case NGHTTP2_RST_STREAM: { ENVOY_CONN_LOG(trace, "remote reset: {}", connection_, frame->rst_stream.error_code); stats_.rx_reset_.inc(); break; } } return okStatus(); } int ConnectionImpl::onFrameSend(const nghttp2_frame* frame) { // The nghttp2 library does not cleanly give us a way to determine whether we received invalid // data from our peer. Sometimes it raises the invalid frame callback, and sometimes it does not. // In all cases however it will attempt to send a GOAWAY frame with an error status. If we see // an outgoing frame of this type, we will return an error code so that we can abort execution. ENVOY_CONN_LOG(trace, "sent frame type={}", connection_, static_cast(frame->hd.type)); switch (frame->hd.type) { case NGHTTP2_GOAWAY: { ENVOY_CONN_LOG(debug, "sent goaway code={}", connection_, frame->goaway.error_code); if (frame->goaway.error_code != NGHTTP2_NO_ERROR) { // TODO(mattklein123): Returning this error code abandons standard nghttp2 frame accounting. // As such, it is not reliable to call sendPendingFrames() again after this and we assume // that the connection is going to get torn down immediately. One byproduct of this is that // we need to cancel all pending flush stream timeouts since they can race with connection // teardown. As part of the work to remove exceptions we should aim to clean up all of this // error handling logic and only handle this type of case at the end of dispatch. for (auto& stream : active_streams_) { stream->disarmStreamIdleTimer(); } return NGHTTP2_ERR_CALLBACK_FAILURE; } break; } case NGHTTP2_RST_STREAM: { ENVOY_CONN_LOG(debug, "sent reset code={}", connection_, frame->rst_stream.error_code); stats_.tx_reset_.inc(); break; } case NGHTTP2_HEADERS: case NGHTTP2_DATA: { StreamImpl* stream = getStream(frame->hd.stream_id); stream->local_end_stream_sent_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; break; } } return 0; } int ConnectionImpl::onError(absl::string_view error) { ENVOY_CONN_LOG(debug, "invalid http2: {}", connection_, error); return 0; } int ConnectionImpl::onInvalidFrame(int32_t stream_id, int error_code) { ENVOY_CONN_LOG(debug, "invalid frame: {} on stream {}", connection_, nghttp2_strerror(error_code), stream_id); // Set details of error_code in the stream whenever we have one. StreamImpl* stream = getStream(stream_id); if (stream != nullptr) { stream->setDetails(Http2ResponseCodeDetails::get().errorDetails(error_code)); } if (error_code == NGHTTP2_ERR_HTTP_HEADER || error_code == NGHTTP2_ERR_HTTP_MESSAGING) { stats_.rx_messaging_error_.inc(); if (stream_error_on_invalid_http_messaging_) { // The stream is about to be closed due to an invalid header or messaging. Don't kill the // entire connection if one stream has bad headers or messaging. if (stream != nullptr) { // See comment below in onStreamClose() for why we do this. stream->reset_due_to_messaging_error_ = true; } return 0; } } // Cause dispatch to return with an error code. return NGHTTP2_ERR_CALLBACK_FAILURE; } int ConnectionImpl::onBeforeFrameSend(const nghttp2_frame* frame) { ENVOY_CONN_LOG(trace, "about to send frame type={}, flags={}", connection_, static_cast(frame->hd.type), static_cast(frame->hd.flags)); ASSERT(!is_outbound_flood_monitored_control_frame_); // Flag flood monitored outbound control frames. is_outbound_flood_monitored_control_frame_ = ((frame->hd.type == NGHTTP2_PING || frame->hd.type == NGHTTP2_SETTINGS) && frame->hd.flags & NGHTTP2_FLAG_ACK) || frame->hd.type == NGHTTP2_RST_STREAM; return 0; } Status ConnectionImpl::addOutboundFrameFragment(Buffer::OwnedImpl& output, const uint8_t* data, size_t length) { // Reset the outbound frame type (set in the onBeforeFrameSend callback) since the // onBeforeFrameSend callback is not called for DATA frames. bool is_outbound_flood_monitored_control_frame = false; std::swap(is_outbound_flood_monitored_control_frame, is_outbound_flood_monitored_control_frame_); auto status_or_releasor = trackOutboundFrames(is_outbound_flood_monitored_control_frame); if (!status_or_releasor.ok()) { return status_or_releasor.status(); } output.add(data, length); output.addDrainTracker(status_or_releasor.value()); return okStatus(); } StatusOr ConnectionImpl::onSend(const uint8_t* data, size_t length) { ENVOY_CONN_LOG(trace, "send data: bytes={}", connection_, length); Buffer::OwnedImpl buffer; auto status = addOutboundFrameFragment(buffer, data, length); if (!status.ok()) { ENVOY_CONN_LOG(debug, "error sending frame: Too many frames in the outbound queue.", connection_); return status; } // While the buffer is transient the fragment it contains will be moved into the // write_buffer_ of the underlying connection_ by the write method below. // This creates lifetime dependency between the write_buffer_ of the underlying connection // and the codec object. Specifically the write_buffer_ MUST be either fully drained or // deleted before the codec object is deleted. This is presently guaranteed by the // destruction order of the Network::ConnectionImpl object where write_buffer_ is // destroyed before the filter_manager_ which owns the codec through Http::ConnectionManagerImpl. connection_.write(buffer, false); return length; } int ConnectionImpl::onStreamClose(int32_t stream_id, uint32_t error_code) { StreamImpl* stream = getStream(stream_id); if (stream) { ENVOY_CONN_LOG(debug, "stream closed: {}", connection_, error_code); if (!stream->remote_end_stream_ || !stream->local_end_stream_) { StreamResetReason reason; if (stream->reset_due_to_messaging_error_) { // Unfortunately, the nghttp2 API makes it incredibly difficult to clearly understand // the flow of resets. I.e., did the reset originate locally? Was it remote? Here, // we attempt to track cases in which we sent a reset locally due to an invalid frame // received from the remote. We only do that in two cases currently (HTTP messaging layer // errors from https://tools.ietf.org/html/rfc7540#section-8 which nghttp2 is very strict // about). In other cases we treat invalid frames as a protocol error and just kill // the connection. reason = StreamResetReason::LocalReset; } else { if (error_code == NGHTTP2_REFUSED_STREAM) { reason = StreamResetReason::RemoteRefusedStreamReset; stream->setDetails(Http2ResponseCodeDetails::get().remote_refused); } else { reason = StreamResetReason::RemoteReset; stream->setDetails(Http2ResponseCodeDetails::get().remote_reset); } } stream->runResetCallbacks(reason); } stream->destroy(); connection_.dispatcher().deferredDelete(stream->removeFromList(active_streams_)); // Any unconsumed data must be consumed before the stream is deleted. // nghttp2 does not appear to track this internally, and any stream deleted // with outstanding window will contribute to a slow connection-window leak. nghttp2_session_consume(session_, stream_id, stream->unconsumed_bytes_); stream->unconsumed_bytes_ = 0; nghttp2_session_set_stream_user_data(session_, stream->stream_id_, nullptr); } return 0; } int ConnectionImpl::onMetadataReceived(int32_t stream_id, const uint8_t* data, size_t len) { ENVOY_CONN_LOG(trace, "recv {} bytes METADATA", connection_, len); StreamImpl* stream = getStream(stream_id); if (!stream) { return 0; } bool success = stream->getMetadataDecoder().receiveMetadata(data, len); return success ? 0 : NGHTTP2_ERR_CALLBACK_FAILURE; } int ConnectionImpl::onMetadataFrameComplete(int32_t stream_id, bool end_metadata) { ENVOY_CONN_LOG(trace, "recv METADATA frame on stream {}, end_metadata: {}", connection_, stream_id, end_metadata); StreamImpl* stream = getStream(stream_id); if (stream == nullptr) { return 0; } bool result = stream->getMetadataDecoder().onMetadataFrameComplete(end_metadata); return result ? 0 : NGHTTP2_ERR_CALLBACK_FAILURE; } ssize_t ConnectionImpl::packMetadata(int32_t stream_id, uint8_t* buf, size_t len) { ENVOY_CONN_LOG(trace, "pack METADATA frame on stream {}", connection_, stream_id); StreamImpl* stream = getStream(stream_id); if (stream == nullptr) { return 0; } MetadataEncoder& encoder = stream->getMetadataEncoder(); return encoder.packNextFramePayload(buf, len); } int ConnectionImpl::saveHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { StreamImpl* stream = getStream(frame->hd.stream_id); if (!stream) { // We have seen 1 or 2 crashes where we get a headers callback but there is no associated // stream data. I honestly am not sure how this can happen. However, from reading the nghttp2 // code it looks possible that inflate_header_block() can safely inflate headers for an already // closed stream, but will still call the headers callback. Since that seems possible, we should // ignore this case here. // TODO(mattklein123): Figure out a test case that can hit this. stats_.headers_cb_no_stream_.inc(); return 0; } auto should_return = checkHeaderNameForUnderscores(name.getStringView()); if (should_return) { stream->setDetails(Http2ResponseCodeDetails::get().invalid_underscore); name.clear(); value.clear(); return should_return.value(); } stream->saveHeader(std::move(name), std::move(value)); if (stream->headers().byteSize() > max_headers_kb_ * 1024 || stream->headers().size() > max_headers_count_) { stream->setDetails(Http2ResponseCodeDetails::get().too_many_headers); stats_.header_overflow_.inc(); // This will cause the library to reset/close the stream. return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; } else { return 0; } } Status ConnectionImpl::sendPendingFrames() { if (dispatching_ || connection_.state() == Network::Connection::State::Closed) { return okStatus(); } const int rc = nghttp2_session_send(session_); if (rc != 0) { ASSERT(rc == NGHTTP2_ERR_CALLBACK_FAILURE); if (!nghttp2_callback_status_.ok()) { return nghttp2_callback_status_; } // Protocol constrain violations should set the nghttp2_callback_status_ error, and return at // the statement above. ASSERT(protocol_constraints_.status().ok()); return codecProtocolError(nghttp2_strerror(rc)); } // See ConnectionImpl::StreamImpl::resetStream() for why we do this. This is an uncommon event, // so iterating through every stream to find the ones that have a deferred reset is not a big // deal. Furthermore, queueing a reset frame does not actually invoke the close stream callback. // This is only done when the reset frame is sent. Thus, it's safe to work directly with the // stream map. // NOTE: The way we handle deferred reset is essentially best effort. If we intend to do a // deferred reset, we try to finish the stream, including writing any pending data frames. // If we cannot do this (potentially due to not enough window), we just reset the stream. // In general this behavior occurs only when we are trying to send immediate error messages // to short circuit requests. In the best effort case, we complete the stream before // resetting. In other cases, we just do the reset now which will blow away pending data // frames and release any memory associated with the stream. if (pending_deferred_reset_) { pending_deferred_reset_ = false; for (auto& stream : active_streams_) { if (stream->deferred_reset_) { stream->resetStreamWorker(stream->deferred_reset_.value()); } } RETURN_IF_ERROR(sendPendingFrames()); } return okStatus(); } void ConnectionImpl::sendSettings( const envoy::config::core::v3::Http2ProtocolOptions& http2_options, bool disable_push) { absl::InlinedVector settings; auto insertParameter = [&settings](const nghttp2_settings_entry& entry) mutable -> bool { const auto it = std::find_if(settings.cbegin(), settings.cend(), [&entry](const nghttp2_settings_entry& existing) { return entry.settings_id == existing.settings_id; }); if (it != settings.end()) { return false; } settings.push_back(entry); return true; }; // Universally disable receiving push promise frames as we don't currently support // them. nghttp2 will fail the connection if the other side still sends them. // TODO(mattklein123): Remove this when we correctly proxy push promise. // NOTE: This is a special case with respect to custom parameter overrides in that server push is // not supported and therefore not end user configurable. if (disable_push) { settings.push_back( {static_cast(NGHTTP2_SETTINGS_ENABLE_PUSH), disable_push ? 0U : 1U}); } for (const auto& it : http2_options.custom_settings_parameters()) { ASSERT(it.identifier().value() <= std::numeric_limits::max()); const bool result = insertParameter({static_cast(it.identifier().value()), it.value().value()}); ASSERT(result); ENVOY_CONN_LOG(debug, "adding custom settings parameter with id {:#x} to {}", connection_, it.identifier().value(), it.value().value()); } // Insert named parameters. settings.insert( settings.end(), {{NGHTTP2_SETTINGS_HEADER_TABLE_SIZE, http2_options.hpack_table_size().value()}, {NGHTTP2_SETTINGS_ENABLE_CONNECT_PROTOCOL, http2_options.allow_connect()}, {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, http2_options.max_concurrent_streams().value()}, {NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE, http2_options.initial_stream_window_size().value()}}); if (!settings.empty()) { int rc = nghttp2_submit_settings(session_, NGHTTP2_FLAG_NONE, settings.data(), settings.size()); ASSERT(rc == 0); } else { // nghttp2_submit_settings need to be called at least once int rc = nghttp2_submit_settings(session_, NGHTTP2_FLAG_NONE, nullptr, 0); ASSERT(rc == 0); } const uint32_t initial_connection_window_size = http2_options.initial_connection_window_size().value(); // Increase connection window size up to our default size. if (initial_connection_window_size != NGHTTP2_INITIAL_CONNECTION_WINDOW_SIZE) { ENVOY_CONN_LOG(debug, "updating connection-level initial window size to {}", connection_, initial_connection_window_size); int rc = nghttp2_submit_window_update(session_, NGHTTP2_FLAG_NONE, 0, initial_connection_window_size - NGHTTP2_INITIAL_CONNECTION_WINDOW_SIZE); ASSERT(rc == 0); } } int ConnectionImpl::setAndCheckNghttp2CallbackStatus(Status&& status) { // Keep the error status that caused the original failure. Subsequent // error statuses are silently discarded. nghttp2_callback_status_.Update(std::move(status)); return nghttp2_callback_status_.ok() ? 0 : NGHTTP2_ERR_CALLBACK_FAILURE; } void ConnectionImpl::scheduleProtocolConstraintViolationCallback() { if (!protocol_constraint_violation_callback_) { protocol_constraint_violation_callback_ = connection_.dispatcher().createSchedulableCallback( [this]() { onProtocolConstraintViolation(); }); protocol_constraint_violation_callback_->scheduleCallbackCurrentIteration(); } } void ConnectionImpl::onProtocolConstraintViolation() { // Flooded outbound queue implies that peer is not reading and it does not // make sense to try to flush pending bytes. connection_.close(Envoy::Network::ConnectionCloseType::NoFlush); } ConnectionImpl::Http2Callbacks::Http2Callbacks() { nghttp2_session_callbacks_new(&callbacks_); nghttp2_session_callbacks_set_send_callback( callbacks_, [](nghttp2_session*, const uint8_t* data, size_t length, int, void* user_data) -> ssize_t { auto status_or_len = static_cast(user_data)->onSend(data, length); if (status_or_len.ok()) { return status_or_len.value(); } auto status = status_or_len.status(); return static_cast(user_data)->setAndCheckNghttp2CallbackStatus( std::move(status)); }); nghttp2_session_callbacks_set_send_data_callback( callbacks_, [](nghttp2_session*, nghttp2_frame* frame, const uint8_t* framehd, size_t length, nghttp2_data_source* source, void*) -> int { ASSERT(frame->data.padlen == 0); auto status = static_cast(source->ptr)->onDataSourceSend(framehd, length); return static_cast(source->ptr) ->parent_.setAndCheckNghttp2CallbackStatus(std::move(status)); }); nghttp2_session_callbacks_set_on_begin_headers_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { auto status = static_cast(user_data)->onBeginHeaders(frame); return static_cast(user_data)->setAndCheckNghttp2CallbackStatus( std::move(status)); }); nghttp2_session_callbacks_set_on_header_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, const uint8_t* raw_name, size_t name_length, const uint8_t* raw_value, size_t value_length, uint8_t, void* user_data) -> int { // TODO PERF: Can reference count here to avoid copies. HeaderString name; name.setCopy(reinterpret_cast(raw_name), name_length); HeaderString value; value.setCopy(reinterpret_cast(raw_value), value_length); return static_cast(user_data)->onHeader(frame, std::move(name), std::move(value)); }); nghttp2_session_callbacks_set_on_data_chunk_recv_callback( callbacks_, [](nghttp2_session*, uint8_t, int32_t stream_id, const uint8_t* data, size_t len, void* user_data) -> int { return static_cast(user_data)->onData(stream_id, data, len); }); nghttp2_session_callbacks_set_on_begin_frame_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame_hd* hd, void* user_data) -> int { auto status = static_cast(user_data)->onBeforeFrameReceived(hd); return static_cast(user_data)->setAndCheckNghttp2CallbackStatus( std::move(status)); }); nghttp2_session_callbacks_set_on_frame_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { auto status = static_cast(user_data)->onFrameReceived(frame); return static_cast(user_data)->setAndCheckNghttp2CallbackStatus( std::move(status)); }); nghttp2_session_callbacks_set_on_stream_close_callback( callbacks_, [](nghttp2_session*, int32_t stream_id, uint32_t error_code, void* user_data) -> int { return static_cast(user_data)->onStreamClose(stream_id, error_code); }); nghttp2_session_callbacks_set_on_frame_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onFrameSend(frame); }); nghttp2_session_callbacks_set_before_frame_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onBeforeFrameSend(frame); }); nghttp2_session_callbacks_set_on_frame_not_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame*, int, void*) -> int { // We used to always return failure here but it looks now this can get called if the other // side sends GOAWAY and we are trying to send a SETTINGS ACK. Just ignore this for now. return 0; }); nghttp2_session_callbacks_set_on_invalid_frame_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, int error_code, void* user_data) -> int { return static_cast(user_data)->onInvalidFrame(frame->hd.stream_id, error_code); }); nghttp2_session_callbacks_set_on_extension_chunk_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame_hd* hd, const uint8_t* data, size_t len, void* user_data) -> int { ASSERT(hd->length >= len); return static_cast(user_data)->onMetadataReceived(hd->stream_id, data, len); }); nghttp2_session_callbacks_set_unpack_extension_callback( callbacks_, [](nghttp2_session*, void**, const nghttp2_frame_hd* hd, void* user_data) -> int { return static_cast(user_data)->onMetadataFrameComplete( hd->stream_id, hd->flags == END_METADATA_FLAG); }); nghttp2_session_callbacks_set_pack_extension_callback( callbacks_, [](nghttp2_session*, uint8_t* buf, size_t len, const nghttp2_frame* frame, void* user_data) -> ssize_t { ASSERT(frame->hd.length <= len); return static_cast(user_data)->packMetadata(frame->hd.stream_id, buf, len); }); nghttp2_session_callbacks_set_error_callback2( callbacks_, [](nghttp2_session*, int, const char* msg, size_t len, void* user_data) -> int { return static_cast(user_data)->onError(absl::string_view(msg, len)); }); } ConnectionImpl::Http2Callbacks::~Http2Callbacks() { nghttp2_session_callbacks_del(callbacks_); } ConnectionImpl::Http2Options::Http2Options( const envoy::config::core::v3::Http2ProtocolOptions& http2_options) { nghttp2_option_new(&options_); // Currently we do not do anything with stream priority. Setting the following option prevents // nghttp2 from keeping around closed streams for use during stream priority dependency graph // calculations. This saves a tremendous amount of memory in cases where there are a large // number of kept alive HTTP/2 connections. nghttp2_option_set_no_closed_streams(options_, 1); nghttp2_option_set_no_auto_window_update(options_, 1); // The max send header block length is configured to an arbitrarily high number so as to never // trigger the check within nghttp2, as we check request headers length in // codec_impl::saveHeader. nghttp2_option_set_max_send_header_block_length(options_, 0x2000000); if (http2_options.hpack_table_size().value() != NGHTTP2_DEFAULT_HEADER_TABLE_SIZE) { nghttp2_option_set_max_deflate_dynamic_table_size(options_, http2_options.hpack_table_size().value()); } if (http2_options.allow_metadata()) { nghttp2_option_set_user_recv_extension_type(options_, METADATA_FRAME_TYPE); } else { ENVOY_LOG(trace, "Codec does not have Metadata frame support."); } // nghttp2 v1.39.2 lowered the internal flood protection limit from 10K to 1K of ACK frames. // This new limit may cause the internal nghttp2 mitigation to trigger more often (as it // requires just 9K of incoming bytes for smallest 9 byte SETTINGS frame), bypassing the same // mitigation and its associated behavior in the envoy HTTP/2 codec. Since envoy does not rely // on this mitigation, set back to the old 10K number to avoid any changes in the HTTP/2 codec // behavior. nghttp2_option_set_max_outbound_ack(options_, 10000); } ConnectionImpl::Http2Options::~Http2Options() { nghttp2_option_del(options_); } ConnectionImpl::ClientHttp2Options::ClientHttp2Options( const envoy::config::core::v3::Http2ProtocolOptions& http2_options) : Http2Options(http2_options) { // Temporarily disable initial max streams limit/protection, since we might want to create // more than 100 streams before receiving the HTTP/2 SETTINGS frame from the server. // // TODO(PiotrSikora): remove this once multiple upstream connections or queuing are implemented. nghttp2_option_set_peer_max_concurrent_streams( options_, ::Envoy::Http2::Utility::OptionsLimits::DEFAULT_MAX_CONCURRENT_STREAMS); } ClientConnectionImpl::ClientConnectionImpl( Network::Connection& connection, Http::ConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_response_headers_kb, const uint32_t max_response_headers_count, Nghttp2SessionFactory& http2_session_factory) : ConnectionImpl(connection, stats, random_generator, http2_options, max_response_headers_kb, max_response_headers_count), callbacks_(callbacks) { ClientHttp2Options client_http2_options(http2_options); session_ = http2_session_factory.create(http2_callbacks_.callbacks(), base(), client_http2_options.options()); http2_session_factory.init(session_, base(), http2_options); allow_metadata_ = http2_options.allow_metadata(); } RequestEncoder& ClientConnectionImpl::newStream(ResponseDecoder& decoder) { ClientStreamImplPtr stream(new ClientStreamImpl(*this, per_stream_buffer_limit_, decoder)); // If the connection is currently above the high watermark, make sure to inform the new stream. // The connection can not pass this on automatically as it has no awareness that a new stream is // created. if (connection_.aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } ClientStreamImpl& stream_ref = *stream; LinkedList::moveIntoList(std::move(stream), active_streams_); return stream_ref; } Status ClientConnectionImpl::onBeginHeaders(const nghttp2_frame* frame) { // The client code explicitly does not currently support push promise. RELEASE_ASSERT(frame->hd.type == NGHTTP2_HEADERS, ""); RELEASE_ASSERT(frame->headers.cat == NGHTTP2_HCAT_RESPONSE || frame->headers.cat == NGHTTP2_HCAT_HEADERS, ""); if (frame->headers.cat == NGHTTP2_HCAT_HEADERS) { StreamImpl* stream = getStream(frame->hd.stream_id); stream->allocTrailers(); } return okStatus(); } int ClientConnectionImpl::onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { // The client code explicitly does not currently support push promise. ASSERT(frame->hd.type == NGHTTP2_HEADERS); ASSERT(frame->headers.cat == NGHTTP2_HCAT_RESPONSE || frame->headers.cat == NGHTTP2_HCAT_HEADERS); return saveHeader(frame, std::move(name), std::move(value)); } ServerConnectionImpl::ServerConnectionImpl( Network::Connection& connection, Http::ServerConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) : ConnectionImpl(connection, stats, random_generator, http2_options, max_request_headers_kb, max_request_headers_count), callbacks_(callbacks), headers_with_underscores_action_(headers_with_underscores_action) { Http2Options h2_options(http2_options); nghttp2_session_server_new2(&session_, http2_callbacks_.callbacks(), base(), h2_options.options()); sendSettings(http2_options, false); allow_metadata_ = http2_options.allow_metadata(); } Status ServerConnectionImpl::onBeginHeaders(const nghttp2_frame* frame) { // For a server connection, we should never get push promise frames. ASSERT(frame->hd.type == NGHTTP2_HEADERS); RETURN_IF_ERROR(trackInboundFrames(&frame->hd, frame->headers.padlen)); if (frame->headers.cat != NGHTTP2_HCAT_REQUEST) { stats_.trailers_.inc(); ASSERT(frame->headers.cat == NGHTTP2_HCAT_HEADERS); StreamImpl* stream = getStream(frame->hd.stream_id); stream->allocTrailers(); return okStatus(); } ServerStreamImplPtr stream(new ServerStreamImpl(*this, per_stream_buffer_limit_)); if (connection_.aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } stream->request_decoder_ = &callbacks_.newStream(*stream); stream->stream_id_ = frame->hd.stream_id; LinkedList::moveIntoList(std::move(stream), active_streams_); nghttp2_session_set_stream_user_data(session_, frame->hd.stream_id, active_streams_.front().get()); return okStatus(); } int ServerConnectionImpl::onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { // For a server connection, we should never get push promise frames. ASSERT(frame->hd.type == NGHTTP2_HEADERS); ASSERT(frame->headers.cat == NGHTTP2_HCAT_REQUEST || frame->headers.cat == NGHTTP2_HCAT_HEADERS); return saveHeader(frame, std::move(name), std::move(value)); } Status ServerConnectionImpl::trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) { ENVOY_CONN_LOG(trace, "track inbound frame type={} flags={} length={} padding_length={}", connection_, static_cast(hd->type), static_cast(hd->flags), static_cast(hd->length), padding_length); auto result = protocol_constraints_.trackInboundFrames(hd, padding_length); if (!result.ok()) { ENVOY_CONN_LOG(trace, "error reading frame: {} received in this HTTP/2 session.", connection_, result.message()); if (isInboundFramesWithEmptyPayloadError(result)) { ConnectionImpl::StreamImpl* stream = getStream(hd->stream_id); if (stream) { stream->setDetails(Http2ResponseCodeDetails::get().inbound_empty_frame_flood); } } } return result; } StatusOr ServerConnectionImpl::trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) { auto releasor = protocol_constraints_.incrementOutboundFrameCount(is_outbound_flood_monitored_control_frame); if (dispatching_downstream_data_ && !protocol_constraints_.checkOutboundFrameLimits().ok()) { return protocol_constraints_.status(); } return releasor; } void ServerConnectionImpl::checkProtocolConstraintViolation() { if (!protocol_constraints_.checkOutboundFrameLimits().ok()) { scheduleProtocolConstraintViolationCallback(); } } Http::Status ServerConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Http::Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ServerConnectionImpl::innerDispatch(Buffer::Instance& data) { ASSERT(!dispatching_downstream_data_); dispatching_downstream_data_ = true; // Make sure the dispatching_downstream_data_ is set to false when innerDispatch ends. Cleanup cleanup([this]() { dispatching_downstream_data_ = false; }); // Make sure downstream outbound queue was not flooded by the upstream frames. RETURN_IF_ERROR(protocol_constraints_.checkOutboundFrameLimits()); return ConnectionImpl::innerDispatch(data); } absl::optional ServerConnectionImpl::checkHeaderNameForUnderscores(absl::string_view header_name) { if (headers_with_underscores_action_ != envoy::config::core::v3::HttpProtocolOptions::ALLOW && Http::HeaderUtility::headerNameContainsUnderscore(header_name)) { if (headers_with_underscores_action_ == envoy::config::core::v3::HttpProtocolOptions::DROP_HEADER) { ENVOY_CONN_LOG(debug, "Dropping header with invalid characters in its name: {}", connection_, header_name); stats_.dropped_headers_with_underscores_.inc(); return 0; } ENVOY_CONN_LOG(debug, "Rejecting request due to header name with underscores: {}", connection_, header_name); stats_.requests_rejected_with_underscores_in_headers_.inc(); return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; } return absl::nullopt; } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/codec_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/event/deferred_deletable.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "common/buffer/buffer_impl.h" #include "common/buffer/watermark_buffer.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/common/statusor.h" #include "common/common/thread.h" #include "common/http/codec_helper.h" #include "common/http/header_map_impl.h" #include "common/http/http2/codec_stats.h" #include "common/http/http2/metadata_decoder.h" #include "common/http/http2/metadata_encoder.h" #include "common/http/http2/protocol_constraints.h" #include "common/http/status.h" #include "common/http/utility.h" #include "absl/types/optional.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { // This is not the full client magic, but it's the smallest size that should be able to // differentiate between HTTP/1 and HTTP/2. const std::string CLIENT_MAGIC_PREFIX = "PRI * HTTP/2"; class Utility { public: /** * Deal with https://tools.ietf.org/html/rfc7540#section-8.1.2.5 * @param key supplies the incoming header key. * @param value supplies the incoming header value. * @param cookies supplies the header string to fill if this is a cookie header that needs to be * rebuilt. */ static bool reconstituteCrumbledCookies(const HeaderString& key, const HeaderString& value, HeaderString& cookies); }; class ConnectionImpl; // Abstract nghttp2_session factory. Used to enable injection of factories for testing. class Nghttp2SessionFactory { public: using ConnectionImplType = ConnectionImpl; virtual ~Nghttp2SessionFactory() = default; // Returns a new nghttp2_session to be used with |connection|. virtual nghttp2_session* create(const nghttp2_session_callbacks* callbacks, ConnectionImplType* connection, const nghttp2_option* options) PURE; // Initializes the |session|. virtual void init(nghttp2_session* session, ConnectionImplType* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) PURE; }; class ProdNghttp2SessionFactory : public Nghttp2SessionFactory { public: nghttp2_session* create(const nghttp2_session_callbacks* callbacks, ConnectionImpl* connection, const nghttp2_option* options) override; void init(nghttp2_session* session, ConnectionImpl* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) override; // Returns a global factory instance. Note that this is possible because no internal state is // maintained; the thread safety of create() and init()'s side effects is guaranteed by Envoy's // worker based threading model. static ProdNghttp2SessionFactory& get() { static ProdNghttp2SessionFactory* instance = new ProdNghttp2SessionFactory(); return *instance; } }; /** * Base class for HTTP/2 client and server codecs. */ class ConnectionImpl : public virtual Connection, protected Logger::Loggable { public: ConnectionImpl(Network::Connection& connection, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_headers_kb, const uint32_t max_headers_count); ~ConnectionImpl() override; // Http::Connection // NOTE: the `dispatch` method is also overridden in the ServerConnectionImpl class Http::Status dispatch(Buffer::Instance& data) override; void goAway() override; Protocol protocol() override { return Protocol::Http2; } void shutdownNotice() override; bool wantsToWrite() override { return nghttp2_session_want_write(session_); } // Propagate network connection watermark events to each stream on the connection. void onUnderlyingConnectionAboveWriteBufferHighWatermark() override { for (auto& stream : active_streams_) { stream->runHighWatermarkCallbacks(); } } void onUnderlyingConnectionBelowWriteBufferLowWatermark() override { for (auto& stream : active_streams_) { stream->runLowWatermarkCallbacks(); } } /** * An inner dispatch call that executes the dispatching logic. While exception removal is in * migration (#10878), this function may either throw an exception or return an error status. * Exceptions are caught and translated to their corresponding statuses in the outer level * dispatch. * This needs to be virtual so that ServerConnectionImpl can override. * TODO(#10878): Remove this when exception removal is complete. */ virtual Http::Status innerDispatch(Buffer::Instance& data); protected: friend class ProdNghttp2SessionFactory; /** * Wrapper for static nghttp2 callback dispatchers. */ class Http2Callbacks { public: Http2Callbacks(); ~Http2Callbacks(); const nghttp2_session_callbacks* callbacks() { return callbacks_; } private: nghttp2_session_callbacks* callbacks_; }; /** * Wrapper for static nghttp2 session options. */ class Http2Options { public: Http2Options(const envoy::config::core::v3::Http2ProtocolOptions& http2_options); ~Http2Options(); const nghttp2_option* options() { return options_; } protected: nghttp2_option* options_; }; class ClientHttp2Options : public Http2Options { public: ClientHttp2Options(const envoy::config::core::v3::Http2ProtocolOptions& http2_options); }; /** * Base class for client and server side streams. */ struct StreamImpl : public virtual StreamEncoder, public Stream, public LinkedObject, public Event::DeferredDeletable, public StreamCallbackHelper { StreamImpl(ConnectionImpl& parent, uint32_t buffer_limit); ~StreamImpl() override; // TODO(mattklein123): Optimally this would be done in the destructor but there are currently // deferred delete lifetime issues that need sorting out if the destructor of the stream is // going to be able to refer to the parent connection. void destroy(); void disarmStreamIdleTimer() { if (stream_idle_timer_ != nullptr) { // To ease testing and the destructor assertion. stream_idle_timer_->disableTimer(); stream_idle_timer_.reset(); } } StreamImpl* base() { return this; } ssize_t onDataSourceRead(uint64_t length, uint32_t* data_flags); Status onDataSourceSend(const uint8_t* framehd, size_t length); void resetStreamWorker(StreamResetReason reason); static void buildHeaders(std::vector& final_headers, const HeaderMap& headers); void saveHeader(HeaderString&& name, HeaderString&& value); void encodeHeadersBase(const std::vector& final_headers, bool end_stream); virtual void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) PURE; void encodeTrailersBase(const HeaderMap& headers); void submitTrailers(const HeaderMap& trailers); void submitMetadata(uint8_t flags); virtual StreamDecoder& decoder() PURE; virtual HeaderMap& headers() PURE; virtual void allocTrailers() PURE; virtual HeaderMapPtr cloneTrailers(const HeaderMap& trailers) PURE; virtual void createPendingFlushTimer() PURE; void onPendingFlushTimer(); // Http::StreamEncoder void encodeData(Buffer::Instance& data, bool end_stream) override; Stream& getStream() override { return *this; } void encodeMetadata(const MetadataMapVector& metadata_map_vector) override; Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return absl::nullopt; } // Http::Stream void addCallbacks(StreamCallbacks& callbacks) override { addCallbacksHelper(callbacks); } void removeCallbacks(StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } void resetStream(StreamResetReason reason) override; void readDisable(bool disable) override; uint32_t bufferLimit() override { return pending_recv_data_.highWatermark(); } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override { return parent_.connection_.localAddress(); } absl::string_view responseDetails() override { return details_; } void setFlushTimeout(std::chrono::milliseconds timeout) override { stream_idle_timeout_ = timeout; } // This code assumes that details is a static string, so that we // can avoid copying it. void setDetails(absl::string_view details) { // TODO(asraa): In some cases nghttp2's error handling may cause processing of multiple // invalid frames for a single stream. If a temporal stream error is returned from a callback, // remaining frames in the buffer will still be partially processed. For example, remaining // frames will still parse through nghttp2's push promise error handling and in // onBeforeFrame(Send/Received) callbacks, which may return invalid frame errors and attempt // to set details again. In these cases, we simply do not overwrite details. When internal // error latching is implemented in the codec for exception removal, we should prevent calling // setDetails in an error state. if (details_.empty()) { details_ = details; } } void setWriteBufferWatermarks(uint32_t low_watermark, uint32_t high_watermark) { pending_recv_data_.setWatermarks(low_watermark, high_watermark); pending_send_data_.setWatermarks(low_watermark, high_watermark); } // If the receive buffer encounters watermark callbacks, enable/disable reads on this stream. void pendingRecvBufferHighWatermark(); void pendingRecvBufferLowWatermark(); // If the send buffer encounters watermark callbacks, propagate this information to the streams. // The router and connection manager will propagate them on as appropriate. void pendingSendBufferHighWatermark(); void pendingSendBufferLowWatermark(); // Does any necessary WebSocket/Upgrade conversion, then passes the headers // to the decoder_. virtual void decodeHeaders() PURE; virtual void decodeTrailers() PURE; // Get MetadataEncoder for this stream. MetadataEncoder& getMetadataEncoder(); // Get MetadataDecoder for this stream. MetadataDecoder& getMetadataDecoder(); // Callback function for MetadataDecoder. void onMetadataDecoded(MetadataMapPtr&& metadata_map_ptr); bool buffersOverrun() const { return read_disable_count_ > 0; } void encodeDataHelper(Buffer::Instance& data, bool end_stream, bool skip_encoding_empty_trailers); ConnectionImpl& parent_; int32_t stream_id_{-1}; uint32_t unconsumed_bytes_{0}; uint32_t read_disable_count_{0}; Buffer::WatermarkBuffer pending_recv_data_{ [this]() -> void { this->pendingRecvBufferLowWatermark(); }, [this]() -> void { this->pendingRecvBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; Buffer::WatermarkBuffer pending_send_data_{ [this]() -> void { this->pendingSendBufferLowWatermark(); }, [this]() -> void { this->pendingSendBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; HeaderMapPtr pending_trailers_to_encode_; std::unique_ptr metadata_decoder_; std::unique_ptr metadata_encoder_; absl::optional deferred_reset_; HeaderString cookies_; bool local_end_stream_sent_ : 1; bool remote_end_stream_ : 1; bool data_deferred_ : 1; bool received_noninformational_headers_ : 1; bool pending_receive_buffer_high_watermark_called_ : 1; bool pending_send_buffer_high_watermark_called_ : 1; bool reset_due_to_messaging_error_ : 1; absl::string_view details_; // See HttpConnectionManager.stream_idle_timeout. std::chrono::milliseconds stream_idle_timeout_{}; Event::TimerPtr stream_idle_timer_; }; using StreamImplPtr = std::unique_ptr; /** * Client side stream (request). */ struct ClientStreamImpl : public StreamImpl, public RequestEncoder { ClientStreamImpl(ConnectionImpl& parent, uint32_t buffer_limit, ResponseDecoder& response_decoder) : StreamImpl(parent, buffer_limit), response_decoder_(response_decoder), headers_or_trailers_(ResponseHeaderMapImpl::create()) {} // StreamImpl void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) override; StreamDecoder& decoder() override { return response_decoder_; } void decodeHeaders() override; void decodeTrailers() override; HeaderMap& headers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } void allocTrailers() override { // If we are waiting for informational headers, make a new response header map, otherwise // we are about to receive trailers. The codec makes sure this is the only valid sequence. if (received_noninformational_headers_) { headers_or_trailers_.emplace(ResponseTrailerMapImpl::create()); } else { headers_or_trailers_.emplace(ResponseHeaderMapImpl::create()); } } HeaderMapPtr cloneTrailers(const HeaderMap& trailers) override { return createHeaderMap(trailers); } void createPendingFlushTimer() override { // Client streams do not create a flush timer because we currently assume that any failure // to flush would be covered by a request/stream/etc. timeout. } // RequestEncoder void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) override; void encodeTrailers(const RequestTrailerMap& trailers) override { encodeTrailersBase(trailers); } ResponseDecoder& response_decoder_; absl::variant headers_or_trailers_; std::string upgrade_type_; }; using ClientStreamImplPtr = std::unique_ptr; /** * Server side stream (response). */ struct ServerStreamImpl : public StreamImpl, public ResponseEncoder { ServerStreamImpl(ConnectionImpl& parent, uint32_t buffer_limit) : StreamImpl(parent, buffer_limit), headers_or_trailers_(RequestHeaderMapImpl::create()) {} // StreamImpl void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) override; StreamDecoder& decoder() override { return *request_decoder_; } void decodeHeaders() override; void decodeTrailers() override; HeaderMap& headers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } void allocTrailers() override { headers_or_trailers_.emplace(RequestTrailerMapImpl::create()); } HeaderMapPtr cloneTrailers(const HeaderMap& trailers) override { return createHeaderMap(trailers); } void createPendingFlushTimer() override; // ResponseEncoder void encode100ContinueHeaders(const ResponseHeaderMap& headers) override; void encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) override; void encodeTrailers(const ResponseTrailerMap& trailers) override { encodeTrailersBase(trailers); } RequestDecoder* request_decoder_{}; absl::variant headers_or_trailers_; bool streamErrorOnInvalidHttpMessage() const override { return parent_.stream_error_on_invalid_http_messaging_; } }; using ServerStreamImplPtr = std::unique_ptr; ConnectionImpl* base() { return this; } // NOTE: Always use non debug nullptr checks against the return value of this function. There are // edge cases (such as for METADATA frames) where nghttp2 will issue a callback for a stream_id // that is not associated with an existing stream. StreamImpl* getStream(int32_t stream_id); int saveHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value); /** * Copies any frames pending internally by nghttp2 into outbound buffer. * The `sendPendingFrames()` can be called in 4 different contexts: * 1. dispatching_ == true, aka the dispatching context. The `sendPendingFrames()` is no-op and * always returns success to avoid reentering nghttp2 library. * 2. dispatching_ == false and ServerConnectionImpl::dispatching_downstream_data_ == true. * The `sendPendingFrames()` returns the status of the protocol constraint checks. Outbound * frame accounting is performed. Applies to server codec only. * 3. dispatching_ == false and ServerConnectionImpl::dispatching_downstream_data_ == false. * The `sendPendingFrames()` always returns success. Outbound frame accounting is performed. * Applies to server codec only. * 4. dispatching_ == false. The `sendPendingFrames()` always returns success. No outbound * frame accounting. * * TODO(yanavlasov): harmonize behavior for cases 2, 3 and 4. */ Status sendPendingFrames(); void sendSettings(const envoy::config::core::v3::Http2ProtocolOptions& http2_options, bool disable_push); // Callback triggered when the peer's SETTINGS frame is received. // NOTE: This is only used for tests. virtual void onSettingsForTest(const nghttp2_settings&) {} /** * Check if header name contains underscore character. * Underscore character is allowed in header names by the RFC-7230 and this check is implemented * as a security measure due to systems that treat '_' and '-' as interchangeable. * The ServerConnectionImpl may drop header or reject request based on the * `common_http_protocol_options.headers_with_underscores_action` configuration option in the * HttpConnectionManager. */ virtual absl::optional checkHeaderNameForUnderscores(absl::string_view /* header_name */) { return absl::nullopt; } /** * Save `status` into nghttp2_callback_status_. * Return nghttp2 callback return code corresponding to `status`. */ int setAndCheckNghttp2CallbackStatus(Status&& status); /** * This method checks if a protocol constraint had been violated in the sendPendingFrames() call. * This method is a stop-gap solution for harmonizing sendPendingFrames() behavior in contexts 2 * and 3 (see comments for the sendPendingFrames() method). It allows each case where * sendPendingFrames() is called outside of the dispatch context to be fixed in its own PR so it * is easier to review and reason about. Once all error handling is implemented this method will * be removed and the `sendPendingFrames()` will be changed to return error in both contexts 2 * and 3. At the same time the RELEASE_ASSERTs will be removed as well. The implementation in the * ClientConnectionImpl is a no-op as client connections do not check protocol constraints. The * implementation in the ServerConnectionImpl schedules callback to terminate connection if the * protocol constraint was violated. */ virtual void checkProtocolConstraintViolation() PURE; /** * Callback for terminating connection when protocol constrain has been violated * outside of the dispatch context. */ void scheduleProtocolConstraintViolationCallback(); void onProtocolConstraintViolation(); static Http2Callbacks http2_callbacks_; std::list active_streams_; nghttp2_session* session_{}; CodecStats& stats_; Network::Connection& connection_; const uint32_t max_headers_kb_; const uint32_t max_headers_count_; uint32_t per_stream_buffer_limit_; bool allow_metadata_; const bool stream_error_on_invalid_http_messaging_; // Status for any errors encountered by the nghttp2 callbacks. // nghttp2 library uses single return code to indicate callback failure and // `nghttp2_callback_status_` is used to save right error information returned by a callback. The // `nghttp2_callback_status_` is valid iff nghttp call returned NGHTTP2_ERR_CALLBACK_FAILURE. Status nghttp2_callback_status_; // Set if the type of frame that is about to be sent is PING or SETTINGS with the ACK flag set, or // RST_STREAM. bool is_outbound_flood_monitored_control_frame_ = 0; ProtocolConstraints protocol_constraints_; // For the flood mitigation to work the onSend callback must be called once for each outbound // frame. This is what the nghttp2 library is doing, however this is not documented. The // Http2FloodMitigationTest.* tests in test/integration/http2_integration_test.cc will break if // this changes in the future. Also it is important that onSend does not do partial writes, as the // nghttp2 library will keep calling this callback to write the rest of the frame. StatusOr onSend(const uint8_t* data, size_t length); // Some browsers (e.g. WebKit-based browsers: https://bugs.webkit.org/show_bug.cgi?id=210108) have // a problem with processing empty trailers (END_STREAM | END_HEADERS with zero length HEADERS) of // an HTTP/2 response as reported here: https://github.com/envoyproxy/envoy/issues/10514. This is // controlled by "envoy.reloadable_features.http2_skip_encoding_empty_trailers" runtime feature // flag. const bool skip_encoding_empty_trailers_; private: virtual ConnectionCallbacks& callbacks() PURE; virtual Status onBeginHeaders(const nghttp2_frame* frame) PURE; int onData(int32_t stream_id, const uint8_t* data, size_t len); Status onBeforeFrameReceived(const nghttp2_frame_hd* hd); Status onFrameReceived(const nghttp2_frame* frame); int onBeforeFrameSend(const nghttp2_frame* frame); int onFrameSend(const nghttp2_frame* frame); int onError(absl::string_view error); virtual int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) PURE; int onInvalidFrame(int32_t stream_id, int error_code); int onStreamClose(int32_t stream_id, uint32_t error_code); int onMetadataReceived(int32_t stream_id, const uint8_t* data, size_t len); int onMetadataFrameComplete(int32_t stream_id, bool end_metadata); ssize_t packMetadata(int32_t stream_id, uint8_t* buf, size_t len); // Adds buffer fragment for a new outbound frame to the supplied Buffer::OwnedImpl. // Returns Ok Status on success or error if outbound queue limits were exceeded. Status addOutboundFrameFragment(Buffer::OwnedImpl& output, const uint8_t* data, size_t length); virtual StatusOr trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) PURE; virtual Status trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) PURE; void sendKeepalive(); void onKeepaliveResponse(); void onKeepaliveResponseTimeout(); bool dispatching_ : 1; bool raised_goaway_ : 1; bool pending_deferred_reset_ : 1; Event::SchedulableCallbackPtr protocol_constraint_violation_callback_; Random::RandomGenerator& random_; Event::TimerPtr keepalive_send_timer_; Event::TimerPtr keepalive_timeout_timer_; std::chrono::milliseconds keepalive_interval_; std::chrono::milliseconds keepalive_timeout_; uint32_t keepalive_interval_jitter_percent_; }; /** * HTTP/2 client connection codec. */ class ClientConnectionImpl : public ClientConnection, public ConnectionImpl { public: using SessionFactory = Nghttp2SessionFactory; ClientConnectionImpl(Network::Connection& connection, ConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_response_headers_kb, const uint32_t max_response_headers_count, SessionFactory& http2_session_factory); // Http::ClientConnection RequestEncoder& newStream(ResponseDecoder& response_decoder) override; private: // ConnectionImpl ConnectionCallbacks& callbacks() override { return callbacks_; } Status onBeginHeaders(const nghttp2_frame* frame) override; int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) override; // Presently client connections do not track or check queue limits for outbound frames and do not // terminate connections when queue limits are exceeded. The primary reason is the complexity of // the clean-up of upstream connections. The clean-up of upstream connection causes RST_STREAM // messages to be sent on corresponding downstream connections. This may actually trigger flood // mitigation on the downstream connections, however there is currently no mechanism for // handling these types of errors. // TODO(yanavlasov): add flood mitigation for upstream connections as well. StatusOr trackOutboundFrames(bool) override { return ProtocolConstraints::ReleasorProc([]() {}); } Status trackInboundFrames(const nghttp2_frame_hd*, uint32_t) override { return okStatus(); } void checkProtocolConstraintViolation() override {} Http::ConnectionCallbacks& callbacks_; }; /** * HTTP/2 server connection codec. */ class ServerConnectionImpl : public ServerConnection, public ConnectionImpl { public: ServerConnectionImpl(Network::Connection& connection, ServerConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); private: // ConnectionImpl ConnectionCallbacks& callbacks() override { return callbacks_; } Status onBeginHeaders(const nghttp2_frame* frame) override; int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) override; StatusOr trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) override; Status trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) override; absl::optional checkHeaderNameForUnderscores(absl::string_view header_name) override; /** * Check protocol constraint violations outside of the dispatching context. * This method ASSERTs if it is called in the dispatching context. */ void checkProtocolConstraintViolation() override; // Http::Connection // The reason for overriding the dispatch method is to do flood mitigation only when // processing data from downstream client. Doing flood mitigation when processing upstream // responses makes clean-up tricky, which needs to be improved (see comments for the // ClientConnectionImpl::checkProtocolConstraintsStatus method). The dispatch method on the // ServerConnectionImpl objects is called only when processing data from the downstream client in // the ConnectionManagerImpl::onData method. Http::Status dispatch(Buffer::Instance& data) override; Http::Status innerDispatch(Buffer::Instance& data) override; ServerConnectionCallbacks& callbacks_; // This flag indicates that downstream data is being dispatched and turns on flood mitigation // in the checkMaxOutbound*Framed methods. bool dispatching_downstream_data_{false}; // The action to take when a request header name contains underscore characters. envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; }; } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/codec_impl_legacy.cc ================================================ #include "common/http/http2/codec_impl_legacy.h" #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/http/exception.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/http2/codec_stats.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Http { namespace Legacy { namespace Http2 { class Http2ResponseCodeDetailValues { public: // Invalid HTTP header field was received and stream is going to be // closed. const absl::string_view ng_http2_err_http_header_ = "http2.invalid.header.field"; // Violation in HTTP messaging rule. const absl::string_view ng_http2_err_http_messaging_ = "http2.violation.of.messaging.rule"; // none of the above const absl::string_view ng_http2_err_unknown_ = "http2.unknown.nghttp2.error"; // The number of headers (or trailers) exceeded the configured limits const absl::string_view too_many_headers = "http2.too_many_headers"; // Envoy detected an HTTP/2 frame flood from the server. const absl::string_view outbound_frame_flood = "http2.outbound_frames_flood"; // Envoy detected an inbound HTTP/2 frame flood. const absl::string_view inbound_empty_frame_flood = "http2.inbound_empty_frames_flood"; // Envoy was configured to drop requests with header keys beginning with underscores. const absl::string_view invalid_underscore = "http2.unexpected_underscore"; // The upstream refused the stream. const absl::string_view remote_refused = "http2.remote_refuse"; // The upstream reset the stream. const absl::string_view remote_reset = "http2.remote_reset"; const absl::string_view errorDetails(int error_code) const { switch (error_code) { case NGHTTP2_ERR_HTTP_HEADER: return ng_http2_err_http_header_; case NGHTTP2_ERR_HTTP_MESSAGING: return ng_http2_err_http_messaging_; default: return ng_http2_err_unknown_; } } }; using Http2ResponseCodeDetails = ConstSingleton; using Http::Http2::CodecStats; using Http::Http2::MetadataDecoder; using Http::Http2::MetadataEncoder; bool Utility::reconstituteCrumbledCookies(const HeaderString& key, const HeaderString& value, HeaderString& cookies) { if (key != Headers::get().Cookie.get().c_str()) { return false; } if (!cookies.empty()) { cookies.append("; ", 2); } const absl::string_view value_view = value.getStringView(); cookies.append(value_view.data(), value_view.size()); return true; } ConnectionImpl::Http2Callbacks ConnectionImpl::http2_callbacks_; nghttp2_session* ProdNghttp2SessionFactory::create(const nghttp2_session_callbacks* callbacks, ConnectionImpl* connection, const nghttp2_option* options) { nghttp2_session* session; nghttp2_session_client_new2(&session, callbacks, connection, options); return session; } void ProdNghttp2SessionFactory::init(nghttp2_session*, ConnectionImpl* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) { connection->sendSettings(options, true); } /** * Helper to remove const during a cast. nghttp2 takes non-const pointers for headers even though * it copies them. */ template static T* removeConst(const void* object) { return const_cast(reinterpret_cast(object)); } ConnectionImpl::StreamImpl::StreamImpl(ConnectionImpl& parent, uint32_t buffer_limit) : parent_(parent), local_end_stream_sent_(false), remote_end_stream_(false), data_deferred_(false), received_noninformational_headers_(false), pending_receive_buffer_high_watermark_called_(false), pending_send_buffer_high_watermark_called_(false), reset_due_to_messaging_error_(false) { parent_.stats_.streams_active_.inc(); if (buffer_limit > 0) { setWriteBufferWatermarks(buffer_limit / 2, buffer_limit); } } ConnectionImpl::StreamImpl::~StreamImpl() { ASSERT(stream_idle_timer_ == nullptr); } void ConnectionImpl::StreamImpl::destroy() { disarmStreamIdleTimer(); parent_.stats_.streams_active_.dec(); parent_.stats_.pending_send_bytes_.sub(pending_send_data_.length()); } static void insertHeader(std::vector& headers, const HeaderEntry& header) { uint8_t flags = 0; if (header.key().isReference()) { flags |= NGHTTP2_NV_FLAG_NO_COPY_NAME; } if (header.value().isReference()) { flags |= NGHTTP2_NV_FLAG_NO_COPY_VALUE; } const absl::string_view header_key = header.key().getStringView(); const absl::string_view header_value = header.value().getStringView(); headers.push_back({removeConst(header_key.data()), removeConst(header_value.data()), header_key.size(), header_value.size(), flags}); } void ConnectionImpl::StreamImpl::buildHeaders(std::vector& final_headers, const HeaderMap& headers) { final_headers.reserve(headers.size()); headers.iterate([&final_headers](const HeaderEntry& header) -> HeaderMap::Iterate { insertHeader(final_headers, header); return HeaderMap::Iterate::Continue; }); } void ConnectionImpl::ServerStreamImpl::encode100ContinueHeaders(const ResponseHeaderMap& headers) { ASSERT(headers.Status()->value() == "100"); encodeHeaders(headers, false); } void ConnectionImpl::StreamImpl::encodeHeadersBase(const std::vector& final_headers, bool end_stream) { nghttp2_data_provider provider; if (!end_stream) { provider.source.ptr = this; provider.read_callback = [](nghttp2_session*, int32_t, uint8_t*, size_t length, uint32_t* data_flags, nghttp2_data_source* source, void*) -> ssize_t { return static_cast(source->ptr)->onDataSourceRead(length, data_flags); }; } local_end_stream_ = end_stream; submitHeaders(final_headers, end_stream ? nullptr : &provider); parent_.sendPendingFrames(); parent_.checkProtocolConstraintViolation(); } void ConnectionImpl::ClientStreamImpl::encodeHeaders(const RequestHeaderMap& headers, bool end_stream) { // This must exist outside of the scope of isUpgrade as the underlying memory is // needed until encodeHeadersBase has been called. std::vector final_headers; Http::RequestHeaderMapPtr modified_headers; if (Http::Utility::isUpgrade(headers)) { modified_headers = createHeaderMap(headers); upgrade_type_ = std::string(headers.getUpgradeValue()); Http::Utility::transformUpgradeRequestFromH1toH2(*modified_headers); buildHeaders(final_headers, *modified_headers); } else if (headers.Method() && headers.Method()->value() == "CONNECT") { // If this is not an upgrade style connect (above branch) it is a bytestream // connect and should have :path and :protocol set accordingly // As HTTP/1.1 does not require a path for CONNECT, we may have to add one // if shifting codecs. For now, default to "/" - this can be made // configurable if necessary. // https://tools.ietf.org/html/draft-kinnear-httpbis-http2-transport-02 modified_headers = createHeaderMap(headers); modified_headers->setProtocol(Headers::get().ProtocolValues.Bytestream); if (!headers.Path()) { modified_headers->setPath("/"); } buildHeaders(final_headers, *modified_headers); } else { buildHeaders(final_headers, headers); } encodeHeadersBase(final_headers, end_stream); } void ConnectionImpl::ServerStreamImpl::encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) { // The contract is that client codecs must ensure that :status is present. ASSERT(headers.Status() != nullptr); // This must exist outside of the scope of isUpgrade as the underlying memory is // needed until encodeHeadersBase has been called. std::vector final_headers; Http::ResponseHeaderMapPtr modified_headers; if (Http::Utility::isUpgrade(headers)) { modified_headers = createHeaderMap(headers); Http::Utility::transformUpgradeResponseFromH1toH2(*modified_headers); buildHeaders(final_headers, *modified_headers); } else { buildHeaders(final_headers, headers); } encodeHeadersBase(final_headers, end_stream); } void ConnectionImpl::StreamImpl::encodeTrailersBase(const HeaderMap& trailers) { ASSERT(!local_end_stream_); local_end_stream_ = true; if (pending_send_data_.length() > 0) { // In this case we want trailers to come after we release all pending body data that is // waiting on window updates. We need to save the trailers so that we can emit them later. // However, for empty trailers, we don't need to to save the trailers. ASSERT(!pending_trailers_to_encode_); const bool skip_encoding_empty_trailers = trailers.empty() && parent_.skip_encoding_empty_trailers_; if (!skip_encoding_empty_trailers) { pending_trailers_to_encode_ = cloneTrailers(trailers); createPendingFlushTimer(); } } else { submitTrailers(trailers); parent_.sendPendingFrames(); } } void ConnectionImpl::StreamImpl::encodeMetadata(const MetadataMapVector& metadata_map_vector) { ASSERT(parent_.allow_metadata_); MetadataEncoder& metadata_encoder = getMetadataEncoder(); if (!metadata_encoder.createPayload(metadata_map_vector)) { return; } for (uint8_t flags : metadata_encoder.payloadFrameFlagBytes()) { submitMetadata(flags); } parent_.sendPendingFrames(); } void ConnectionImpl::StreamImpl::readDisable(bool disable) { ENVOY_CONN_LOG(debug, "Stream {} {}, unconsumed_bytes {} read_disable_count {}", parent_.connection_, stream_id_, (disable ? "disabled" : "enabled"), unconsumed_bytes_, read_disable_count_); if (disable) { ++read_disable_count_; } else { ASSERT(read_disable_count_ > 0); --read_disable_count_; if (!buffersOverrun()) { nghttp2_session_consume(parent_.session_, stream_id_, unconsumed_bytes_); unconsumed_bytes_ = 0; parent_.sendPendingFrames(); } } } void ConnectionImpl::StreamImpl::pendingRecvBufferHighWatermark() { ENVOY_CONN_LOG(debug, "recv buffer over limit ", parent_.connection_); ASSERT(!pending_receive_buffer_high_watermark_called_); pending_receive_buffer_high_watermark_called_ = true; readDisable(true); } void ConnectionImpl::StreamImpl::pendingRecvBufferLowWatermark() { ENVOY_CONN_LOG(debug, "recv buffer under limit ", parent_.connection_); ASSERT(pending_receive_buffer_high_watermark_called_); pending_receive_buffer_high_watermark_called_ = false; readDisable(false); } void ConnectionImpl::ClientStreamImpl::decodeHeaders() { auto& headers = absl::get(headers_or_trailers_); const uint64_t status = Http::Utility::getResponseStatus(*headers); if (!upgrade_type_.empty() && headers->Status()) { Http::Utility::transformUpgradeResponseFromH2toH1(*headers, upgrade_type_); } // Non-informational headers are non-1xx OR 101-SwitchingProtocols, since 101 implies that further // proxying is on an upgrade path. received_noninformational_headers_ = !CodeUtility::is1xx(status) || status == enumToInt(Http::Code::SwitchingProtocols); if (status == enumToInt(Http::Code::Continue)) { ASSERT(!remote_end_stream_); response_decoder_.decode100ContinueHeaders(std::move(headers)); } else { response_decoder_.decodeHeaders(std::move(headers), remote_end_stream_); } } void ConnectionImpl::ClientStreamImpl::decodeTrailers() { response_decoder_.decodeTrailers( std::move(absl::get(headers_or_trailers_))); } void ConnectionImpl::ServerStreamImpl::decodeHeaders() { auto& headers = absl::get(headers_or_trailers_); if (Http::Utility::isH2UpgradeRequest(*headers)) { Http::Utility::transformUpgradeRequestFromH2toH1(*headers); } request_decoder_->decodeHeaders(std::move(headers), remote_end_stream_); } void ConnectionImpl::ServerStreamImpl::decodeTrailers() { request_decoder_->decodeTrailers( std::move(absl::get(headers_or_trailers_))); } void ConnectionImpl::StreamImpl::pendingSendBufferHighWatermark() { ENVOY_CONN_LOG(debug, "send buffer over limit ", parent_.connection_); ASSERT(!pending_send_buffer_high_watermark_called_); pending_send_buffer_high_watermark_called_ = true; runHighWatermarkCallbacks(); } void ConnectionImpl::StreamImpl::pendingSendBufferLowWatermark() { ENVOY_CONN_LOG(debug, "send buffer under limit ", parent_.connection_); ASSERT(pending_send_buffer_high_watermark_called_); pending_send_buffer_high_watermark_called_ = false; runLowWatermarkCallbacks(); } void ConnectionImpl::StreamImpl::saveHeader(HeaderString&& name, HeaderString&& value) { if (!Utility::reconstituteCrumbledCookies(name, value, cookies_)) { headers().addViaMove(std::move(name), std::move(value)); } } void ConnectionImpl::StreamImpl::submitTrailers(const HeaderMap& trailers) { ASSERT(local_end_stream_); const bool skip_encoding_empty_trailers = trailers.empty() && parent_.skip_encoding_empty_trailers_; if (skip_encoding_empty_trailers) { ENVOY_CONN_LOG(debug, "skipping submitting trailers", parent_.connection_); // Instead of submitting empty trailers, we send empty data instead. Buffer::OwnedImpl empty_buffer; encodeDataHelper(empty_buffer, /*end_stream=*/true, skip_encoding_empty_trailers); return; } std::vector final_headers; buildHeaders(final_headers, trailers); int rc = nghttp2_submit_trailer(parent_.session_, stream_id_, final_headers.data(), final_headers.size()); ASSERT(rc == 0); } void ConnectionImpl::StreamImpl::submitMetadata(uint8_t flags) { ASSERT(stream_id_ > 0); const int result = nghttp2_submit_extension(parent_.session_, METADATA_FRAME_TYPE, flags, stream_id_, nullptr); ASSERT(result == 0); } ssize_t ConnectionImpl::StreamImpl::onDataSourceRead(uint64_t length, uint32_t* data_flags) { if (pending_send_data_.length() == 0 && !local_end_stream_) { ASSERT(!data_deferred_); data_deferred_ = true; return NGHTTP2_ERR_DEFERRED; } else { *data_flags |= NGHTTP2_DATA_FLAG_NO_COPY; if (local_end_stream_ && pending_send_data_.length() <= length) { *data_flags |= NGHTTP2_DATA_FLAG_EOF; if (pending_trailers_to_encode_) { // We need to tell the library to not set end stream so that we can emit the trailers. *data_flags |= NGHTTP2_DATA_FLAG_NO_END_STREAM; submitTrailers(*pending_trailers_to_encode_); pending_trailers_to_encode_.reset(); } } return std::min(length, pending_send_data_.length()); } } int ConnectionImpl::StreamImpl::onDataSourceSend(const uint8_t* framehd, size_t length) { // In this callback we are writing out a raw DATA frame without copying. nghttp2 assumes that we // "just know" that the frame header is 9 bytes. // https://nghttp2.org/documentation/types.html#c.nghttp2_send_data_callback static const uint64_t FRAME_HEADER_SIZE = 9; parent_.protocol_constraints_.incrementOutboundDataFrameCount(); Buffer::OwnedImpl output; if (!parent_.addOutboundFrameFragment(output, framehd, FRAME_HEADER_SIZE)) { ENVOY_CONN_LOG(debug, "error sending data frame: Too many frames in the outbound queue", parent_.connection_); setDetails(Http2ResponseCodeDetails::get().outbound_frame_flood); return NGHTTP2_ERR_FLOODED; } parent_.stats_.pending_send_bytes_.sub(length); output.move(pending_send_data_, length); parent_.connection_.write(output, false); return 0; } void ConnectionImpl::ClientStreamImpl::submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) { ASSERT(stream_id_ == -1); stream_id_ = nghttp2_submit_request(parent_.session_, nullptr, final_headers.data(), final_headers.size(), provider, base()); ASSERT(stream_id_ > 0); } void ConnectionImpl::ServerStreamImpl::submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) { ASSERT(stream_id_ != -1); int rc = nghttp2_submit_response(parent_.session_, stream_id_, final_headers.data(), final_headers.size(), provider); ASSERT(rc == 0); } void ConnectionImpl::ServerStreamImpl::createPendingFlushTimer() { ASSERT(stream_idle_timer_ == nullptr); if (stream_idle_timeout_.count() > 0) { stream_idle_timer_ = parent_.connection_.dispatcher().createTimer([this] { onPendingFlushTimer(); }); stream_idle_timer_->enableTimer(stream_idle_timeout_); } } void ConnectionImpl::StreamImpl::onPendingFlushTimer() { ENVOY_CONN_LOG(debug, "pending stream flush timeout", parent_.connection_); stream_idle_timer_.reset(); parent_.stats_.tx_flush_timeout_.inc(); ASSERT(local_end_stream_ && !local_end_stream_sent_); // This will emit a reset frame for this stream and close the stream locally. No reset callbacks // will be run because higher layers think the stream is already finished. resetStreamWorker(StreamResetReason::LocalReset); parent_.sendPendingFrames(); } void ConnectionImpl::StreamImpl::encodeData(Buffer::Instance& data, bool end_stream) { ASSERT(!local_end_stream_); encodeDataHelper(data, end_stream, /*skip_encoding_empty_trailers=*/false); } void ConnectionImpl::StreamImpl::encodeDataHelper(Buffer::Instance& data, bool end_stream, bool skip_encoding_empty_trailers) { if (skip_encoding_empty_trailers) { ASSERT(data.length() == 0 && end_stream); } local_end_stream_ = end_stream; parent_.stats_.pending_send_bytes_.add(data.length()); pending_send_data_.move(data); if (data_deferred_) { int rc = nghttp2_session_resume_data(parent_.session_, stream_id_); ASSERT(rc == 0); data_deferred_ = false; } parent_.sendPendingFrames(); parent_.checkProtocolConstraintViolation(); if (local_end_stream_ && pending_send_data_.length() > 0) { createPendingFlushTimer(); } } void ConnectionImpl::StreamImpl::resetStream(StreamResetReason reason) { // Higher layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(reason); // If we submit a reset, nghttp2 will cancel outbound frames that have not yet been sent. // We want these frames to go out so we defer the reset until we send all of the frames that // end the local stream. if (local_end_stream_ && !local_end_stream_sent_) { parent_.pending_deferred_reset_ = true; deferred_reset_ = reason; ENVOY_CONN_LOG(trace, "deferred reset stream", parent_.connection_); } else { resetStreamWorker(reason); } // We must still call sendPendingFrames() in both the deferred and not deferred path. This forces // the cleanup logic to run which will reset the stream in all cases if all data frames could not // be sent. parent_.sendPendingFrames(); } void ConnectionImpl::StreamImpl::resetStreamWorker(StreamResetReason reason) { int rc = nghttp2_submit_rst_stream(parent_.session_, NGHTTP2_FLAG_NONE, stream_id_, reason == StreamResetReason::LocalRefusedStreamReset ? NGHTTP2_REFUSED_STREAM : NGHTTP2_NO_ERROR); ASSERT(rc == 0); } MetadataEncoder& ConnectionImpl::StreamImpl::getMetadataEncoder() { if (metadata_encoder_ == nullptr) { metadata_encoder_ = std::make_unique(); } return *metadata_encoder_; } MetadataDecoder& ConnectionImpl::StreamImpl::getMetadataDecoder() { if (metadata_decoder_ == nullptr) { auto cb = [this](MetadataMapPtr&& metadata_map_ptr) { this->onMetadataDecoded(std::move(metadata_map_ptr)); }; metadata_decoder_ = std::make_unique(cb); } return *metadata_decoder_; } void ConnectionImpl::StreamImpl::onMetadataDecoded(MetadataMapPtr&& metadata_map_ptr) { decoder().decodeMetadata(std::move(metadata_map_ptr)); } ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_headers_kb, const uint32_t max_headers_count) : stats_(stats), connection_(connection), max_headers_kb_(max_headers_kb), max_headers_count_(max_headers_count), per_stream_buffer_limit_(http2_options.initial_stream_window_size().value()), stream_error_on_invalid_http_messaging_( http2_options.override_stream_error_on_invalid_http_message().value()), flood_detected_(false), protocol_constraints_(stats, http2_options), skip_encoding_empty_trailers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http2_skip_encoding_empty_trailers")), dispatching_(false), raised_goaway_(false), pending_deferred_reset_(false), random_(random) { if (http2_options.has_connection_keepalive()) { keepalive_interval_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), interval)); keepalive_timeout_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), timeout)); keepalive_interval_jitter_percent_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( http2_options.connection_keepalive(), interval_jitter, 15.0); keepalive_send_timer_ = connection.dispatcher().createTimer([this]() { sendKeepalive(); }); keepalive_timeout_timer_ = connection.dispatcher().createTimer([this]() { onKeepaliveResponseTimeout(); }); // This call schedules the initial interval, with jitter. onKeepaliveResponse(); } } ConnectionImpl::~ConnectionImpl() { for (const auto& stream : active_streams_) { stream->destroy(); } nghttp2_session_del(session_); } void ConnectionImpl::sendKeepalive() { // Include the current time as the payload to help with debugging. SystemTime now = connection_.dispatcher().timeSource().systemTime(); uint64_t ms_since_epoch = std::chrono::duration_cast(now.time_since_epoch()).count(); ENVOY_CONN_LOG(trace, "Sending keepalive PING {}", connection_, ms_since_epoch); // The last parameter is an opaque 8-byte buffer, so this cast is safe. int rc = nghttp2_submit_ping(session_, 0 /*flags*/, reinterpret_cast(&ms_since_epoch)); ASSERT(rc == 0); sendPendingFrames(); keepalive_timeout_timer_->enableTimer(keepalive_timeout_); } void ConnectionImpl::onKeepaliveResponse() { // Check the timers for nullptr in case the peer sent an unsolicited PING ACK. if (keepalive_timeout_timer_ != nullptr) { keepalive_timeout_timer_->disableTimer(); } if (keepalive_send_timer_ != nullptr) { uint64_t interval_ms = keepalive_interval_.count(); const uint64_t jitter_percent_mod = keepalive_interval_jitter_percent_ * interval_ms / 100; if (jitter_percent_mod > 0) { interval_ms += random_.random() % jitter_percent_mod; } keepalive_send_timer_->enableTimer(std::chrono::milliseconds(interval_ms)); } } void ConnectionImpl::onKeepaliveResponseTimeout() { ENVOY_CONN_LOG(debug, "Closing connection due to keepalive timeout", connection_); stats_.keepalive_timeout_.inc(); connection_.close(Network::ConnectionCloseType::NoFlush); } Http::Status ConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Http::Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ConnectionImpl::innerDispatch(Buffer::Instance& data) { ENVOY_CONN_LOG(trace, "dispatching {} bytes", connection_, data.length()); // Make sure that dispatching_ is set to false after dispatching, even when // ConnectionImpl::dispatch returns early or throws an exception (consider removing if there is a // single return after exception removal (#10878)). Cleanup cleanup([this]() { dispatching_ = false; }); for (const Buffer::RawSlice& slice : data.getRawSlices()) { dispatching_ = true; ssize_t rc = nghttp2_session_mem_recv(session_, static_cast(slice.mem_), slice.len_); if (rc == NGHTTP2_ERR_FLOODED || flood_detected_) { throw FrameFloodException( "Flooding was detected in this HTTP/2 session, and it must be closed"); } if (rc != static_cast(slice.len_)) { throw CodecProtocolException(fmt::format("{}", nghttp2_strerror(rc))); } dispatching_ = false; } ENVOY_CONN_LOG(trace, "dispatched {} bytes", connection_, data.length()); data.drain(data.length()); // Decoding incoming frames can generate outbound frames so flush pending. sendPendingFrames(); return Http::okStatus(); } ConnectionImpl::StreamImpl* ConnectionImpl::getStream(int32_t stream_id) { return static_cast(nghttp2_session_get_stream_user_data(session_, stream_id)); } int ConnectionImpl::onData(int32_t stream_id, const uint8_t* data, size_t len) { StreamImpl* stream = getStream(stream_id); // If this results in buffering too much data, the watermark buffer will call // pendingRecvBufferHighWatermark, resulting in ++read_disable_count_ stream->pending_recv_data_.add(data, len); // Update the window to the peer unless some consumer of this stream's data has hit a flow control // limit and disabled reads on this stream if (!stream->buffersOverrun()) { nghttp2_session_consume(session_, stream_id, len); } else { stream->unconsumed_bytes_ += len; } return 0; } void ConnectionImpl::goAway() { int rc = nghttp2_submit_goaway(session_, NGHTTP2_FLAG_NONE, nghttp2_session_get_last_proc_stream_id(session_), NGHTTP2_NO_ERROR, nullptr, 0); ASSERT(rc == 0); sendPendingFrames(); } void ConnectionImpl::shutdownNotice() { int rc = nghttp2_submit_shutdown_notice(session_); ASSERT(rc == 0); sendPendingFrames(); } int ConnectionImpl::onBeforeFrameReceived(const nghttp2_frame_hd* hd) { ENVOY_CONN_LOG(trace, "about to recv frame type={}, flags={}", connection_, static_cast(hd->type), static_cast(hd->flags)); // Track all the frames without padding here, since this is the only callback we receive // for some of them (e.g. CONTINUATION frame, frames sent on closed streams, etc.). // HEADERS frame is tracked in onBeginHeaders(), DATA frame is tracked in onFrameReceived(). if (hd->type != NGHTTP2_HEADERS && hd->type != NGHTTP2_DATA) { if (!trackInboundFrames(hd, 0)) { return NGHTTP2_ERR_FLOODED; } } return 0; } ABSL_MUST_USE_RESULT enum GoAwayErrorCode ngHttp2ErrorCodeToErrorCode(uint32_t code) noexcept { switch (code) { case NGHTTP2_NO_ERROR: return GoAwayErrorCode::NoError; default: return GoAwayErrorCode::Other; } } int ConnectionImpl::onFrameReceived(const nghttp2_frame* frame) { ENVOY_CONN_LOG(trace, "recv frame type={}", connection_, static_cast(frame->hd.type)); // onFrameReceived() is called with a complete HEADERS frame assembled from all the HEADERS // and CONTINUATION frames, but we track them separately: HEADERS frames in onBeginHeaders() // and CONTINUATION frames in onBeforeFrameReceived(). ASSERT(frame->hd.type != NGHTTP2_CONTINUATION); if ((frame->hd.type == NGHTTP2_PING) && (frame->ping.hd.flags & NGHTTP2_FLAG_ACK)) { // The ``opaque_data`` should be exactly what was sent in the ping, which is // was the current time when the ping was sent. This can be useful while debugging // to match the ping and ack. uint64_t data; static_assert(sizeof(data) == sizeof(frame->ping.opaque_data), "Sizes are equal"); memcpy(&data, frame->ping.opaque_data, sizeof(data)); ENVOY_CONN_LOG(trace, "recv PING ACK {}", connection_, data); onKeepaliveResponse(); return 0; } if (frame->hd.type == NGHTTP2_DATA) { if (!trackInboundFrames(&frame->hd, frame->data.padlen)) { return NGHTTP2_ERR_FLOODED; } } // Only raise GOAWAY once, since we don't currently expose stream information. Shutdown // notifications are the same as a normal GOAWAY. // TODO: handle multiple GOAWAY frames. if (frame->hd.type == NGHTTP2_GOAWAY && !raised_goaway_) { ASSERT(frame->hd.stream_id == 0); raised_goaway_ = true; callbacks().onGoAway(ngHttp2ErrorCodeToErrorCode(frame->goaway.error_code)); return 0; } if (frame->hd.type == NGHTTP2_SETTINGS && frame->hd.flags == NGHTTP2_FLAG_NONE) { onSettingsForTest(frame->settings); } StreamImpl* stream = getStream(frame->hd.stream_id); if (!stream) { return 0; } switch (frame->hd.type) { case NGHTTP2_HEADERS: { stream->remote_end_stream_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; if (!stream->cookies_.empty()) { HeaderString key(Headers::get().Cookie); stream->headers().addViaMove(std::move(key), std::move(stream->cookies_)); } switch (frame->headers.cat) { case NGHTTP2_HCAT_RESPONSE: case NGHTTP2_HCAT_REQUEST: { stream->decodeHeaders(); break; } case NGHTTP2_HCAT_HEADERS: { // It's possible that we are waiting to send a deferred reset, so only raise headers/trailers // if local is not complete. if (!stream->deferred_reset_) { if (nghttp2_session_check_server_session(session_) || stream->received_noninformational_headers_) { ASSERT(stream->remote_end_stream_); stream->decodeTrailers(); } else { // We're a client session and still waiting for non-informational headers. stream->decodeHeaders(); } } break; } default: // We do not currently support push. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } break; } case NGHTTP2_DATA: { stream->remote_end_stream_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; // It's possible that we are waiting to send a deferred reset, so only raise data if local // is not complete. if (!stream->deferred_reset_) { stream->decoder().decodeData(stream->pending_recv_data_, stream->remote_end_stream_); } stream->pending_recv_data_.drain(stream->pending_recv_data_.length()); break; } case NGHTTP2_RST_STREAM: { ENVOY_CONN_LOG(trace, "remote reset: {}", connection_, frame->rst_stream.error_code); stats_.rx_reset_.inc(); break; } } return 0; } int ConnectionImpl::onFrameSend(const nghttp2_frame* frame) { // The nghttp2 library does not cleanly give us a way to determine whether we received invalid // data from our peer. Sometimes it raises the invalid frame callback, and sometimes it does not. // In all cases however it will attempt to send a GOAWAY frame with an error status. If we see // an outgoing frame of this type, we will return an error code so that we can abort execution. ENVOY_CONN_LOG(trace, "sent frame type={}", connection_, static_cast(frame->hd.type)); switch (frame->hd.type) { case NGHTTP2_GOAWAY: { ENVOY_CONN_LOG(debug, "sent goaway code={}", connection_, frame->goaway.error_code); if (frame->goaway.error_code != NGHTTP2_NO_ERROR) { // TODO(mattklein123): Returning this error code abandons standard nghttp2 frame accounting. // As such, it is not reliable to call sendPendingFrames() again after this and we assume // that the connection is going to get torn down immediately. One byproduct of this is that // we need to cancel all pending flush stream timeouts since they can race with connection // teardown. As part of the work to remove exceptions we should aim to clean up all of this // error handling logic and only handle this type of case at the end of dispatch. for (auto& stream : active_streams_) { stream->disarmStreamIdleTimer(); } return NGHTTP2_ERR_CALLBACK_FAILURE; } break; } case NGHTTP2_RST_STREAM: { ENVOY_CONN_LOG(debug, "sent reset code={}", connection_, frame->rst_stream.error_code); stats_.tx_reset_.inc(); break; } case NGHTTP2_HEADERS: case NGHTTP2_DATA: { StreamImpl* stream = getStream(frame->hd.stream_id); stream->local_end_stream_sent_ = frame->hd.flags & NGHTTP2_FLAG_END_STREAM; break; } } return 0; } int ConnectionImpl::onError(absl::string_view error) { ENVOY_CONN_LOG(debug, "invalid http2: {}", connection_, error); return 0; } int ConnectionImpl::onInvalidFrame(int32_t stream_id, int error_code) { ENVOY_CONN_LOG(debug, "invalid frame: {} on stream {}", connection_, nghttp2_strerror(error_code), stream_id); // Set details of error_code in the stream whenever we have one. StreamImpl* stream = getStream(stream_id); if (stream != nullptr) { stream->setDetails(Http2ResponseCodeDetails::get().errorDetails(error_code)); } if (error_code == NGHTTP2_ERR_HTTP_HEADER || error_code == NGHTTP2_ERR_HTTP_MESSAGING) { stats_.rx_messaging_error_.inc(); if (stream_error_on_invalid_http_messaging_) { // The stream is about to be closed due to an invalid header or messaging. Don't kill the // entire connection if one stream has bad headers or messaging. if (stream != nullptr) { // See comment below in onStreamClose() for why we do this. stream->reset_due_to_messaging_error_ = true; } return 0; } } // Cause dispatch to return with an error code. return NGHTTP2_ERR_CALLBACK_FAILURE; } int ConnectionImpl::onBeforeFrameSend(const nghttp2_frame* frame) { ENVOY_CONN_LOG(trace, "about to send frame type={}, flags={}", connection_, static_cast(frame->hd.type), static_cast(frame->hd.flags)); ASSERT(!is_outbound_flood_monitored_control_frame_); // Flag flood monitored outbound control frames. is_outbound_flood_monitored_control_frame_ = ((frame->hd.type == NGHTTP2_PING || frame->hd.type == NGHTTP2_SETTINGS) && frame->hd.flags & NGHTTP2_FLAG_ACK) || frame->hd.type == NGHTTP2_RST_STREAM; return 0; } bool ConnectionImpl::addOutboundFrameFragment(Buffer::OwnedImpl& output, const uint8_t* data, size_t length) { // Reset the outbound frame type (set in the onBeforeFrameSend callback) since the // onBeforeFrameSend callback is not called for DATA frames. bool is_outbound_flood_monitored_control_frame = false; std::swap(is_outbound_flood_monitored_control_frame, is_outbound_flood_monitored_control_frame_); try { auto releasor = trackOutboundFrames(is_outbound_flood_monitored_control_frame); output.add(data, length); output.addDrainTracker(releasor); } catch (const FrameFloodException&) { return false; } return true; } ssize_t ConnectionImpl::onSend(const uint8_t* data, size_t length) { ENVOY_CONN_LOG(trace, "send data: bytes={}", connection_, length); Buffer::OwnedImpl buffer; if (!addOutboundFrameFragment(buffer, data, length)) { ENVOY_CONN_LOG(debug, "error sending frame: Too many frames in the outbound queue.", connection_); return NGHTTP2_ERR_FLOODED; } // While the buffer is transient the fragment it contains will be moved into the // write_buffer_ of the underlying connection_ by the write method below. // This creates lifetime dependency between the write_buffer_ of the underlying connection // and the codec object. Specifically the write_buffer_ MUST be either fully drained or // deleted before the codec object is deleted. This is presently guaranteed by the // destruction order of the Network::ConnectionImpl object where write_buffer_ is // destroyed before the filter_manager_ which owns the codec through Http::ConnectionManagerImpl. connection_.write(buffer, false); return length; } int ConnectionImpl::onStreamClose(int32_t stream_id, uint32_t error_code) { StreamImpl* stream = getStream(stream_id); if (stream) { ENVOY_CONN_LOG(debug, "stream closed: {}", connection_, error_code); if (!stream->remote_end_stream_ || !stream->local_end_stream_) { StreamResetReason reason; if (stream->reset_due_to_messaging_error_) { // Unfortunately, the nghttp2 API makes it incredibly difficult to clearly understand // the flow of resets. I.e., did the reset originate locally? Was it remote? Here, // we attempt to track cases in which we sent a reset locally due to an invalid frame // received from the remote. We only do that in two cases currently (HTTP messaging layer // errors from https://tools.ietf.org/html/rfc7540#section-8 which nghttp2 is very strict // about). In other cases we treat invalid frames as a protocol error and just kill // the connection. reason = StreamResetReason::LocalReset; } else { if (error_code == NGHTTP2_REFUSED_STREAM) { reason = StreamResetReason::RemoteRefusedStreamReset; stream->setDetails(Http2ResponseCodeDetails::get().remote_refused); } else { reason = StreamResetReason::RemoteReset; stream->setDetails(Http2ResponseCodeDetails::get().remote_reset); } } stream->runResetCallbacks(reason); } stream->destroy(); connection_.dispatcher().deferredDelete(stream->removeFromList(active_streams_)); // Any unconsumed data must be consumed before the stream is deleted. // nghttp2 does not appear to track this internally, and any stream deleted // with outstanding window will contribute to a slow connection-window leak. nghttp2_session_consume(session_, stream_id, stream->unconsumed_bytes_); stream->unconsumed_bytes_ = 0; nghttp2_session_set_stream_user_data(session_, stream->stream_id_, nullptr); } return 0; } int ConnectionImpl::onMetadataReceived(int32_t stream_id, const uint8_t* data, size_t len) { ENVOY_CONN_LOG(trace, "recv {} bytes METADATA", connection_, len); StreamImpl* stream = getStream(stream_id); if (!stream) { return 0; } bool success = stream->getMetadataDecoder().receiveMetadata(data, len); return success ? 0 : NGHTTP2_ERR_CALLBACK_FAILURE; } int ConnectionImpl::onMetadataFrameComplete(int32_t stream_id, bool end_metadata) { ENVOY_CONN_LOG(trace, "recv METADATA frame on stream {}, end_metadata: {}", connection_, stream_id, end_metadata); StreamImpl* stream = getStream(stream_id); if (stream == nullptr) { return 0; } bool result = stream->getMetadataDecoder().onMetadataFrameComplete(end_metadata); return result ? 0 : NGHTTP2_ERR_CALLBACK_FAILURE; } ssize_t ConnectionImpl::packMetadata(int32_t stream_id, uint8_t* buf, size_t len) { ENVOY_CONN_LOG(trace, "pack METADATA frame on stream {}", connection_, stream_id); StreamImpl* stream = getStream(stream_id); if (stream == nullptr) { return 0; } MetadataEncoder& encoder = stream->getMetadataEncoder(); return encoder.packNextFramePayload(buf, len); } int ConnectionImpl::saveHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { StreamImpl* stream = getStream(frame->hd.stream_id); if (!stream) { // We have seen 1 or 2 crashes where we get a headers callback but there is no associated // stream data. I honestly am not sure how this can happen. However, from reading the nghttp2 // code it looks possible that inflate_header_block() can safely inflate headers for an already // closed stream, but will still call the headers callback. Since that seems possible, we should // ignore this case here. // TODO(mattklein123): Figure out a test case that can hit this. stats_.headers_cb_no_stream_.inc(); return 0; } auto should_return = checkHeaderNameForUnderscores(name.getStringView()); if (should_return) { stream->setDetails(Http2ResponseCodeDetails::get().invalid_underscore); name.clear(); value.clear(); return should_return.value(); } stream->saveHeader(std::move(name), std::move(value)); if (stream->headers().byteSize() > max_headers_kb_ * 1024 || stream->headers().size() > max_headers_count_) { stream->setDetails(Http2ResponseCodeDetails::get().too_many_headers); stats_.header_overflow_.inc(); // This will cause the library to reset/close the stream. return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; } else { return 0; } } void ConnectionImpl::sendPendingFrames() { if (dispatching_ || connection_.state() == Network::Connection::State::Closed) { return; } const int rc = nghttp2_session_send(session_); if (rc != 0) { ASSERT(rc == NGHTTP2_ERR_CALLBACK_FAILURE); // For errors caused by the pending outbound frame flood the FrameFloodException has // to be thrown. However the nghttp2 library returns only the generic error code for // all failure types. Check queue limits and throw FrameFloodException if they were // exceeded. if (!protocol_constraints_.status().ok()) { throw FrameFloodException("Too many frames in the outbound queue."); } throw CodecProtocolException(std::string(nghttp2_strerror(rc))); } // See ConnectionImpl::StreamImpl::resetStream() for why we do this. This is an uncommon event, // so iterating through every stream to find the ones that have a deferred reset is not a big // deal. Furthermore, queueing a reset frame does not actually invoke the close stream callback. // This is only done when the reset frame is sent. Thus, it's safe to work directly with the // stream map. // NOTE: The way we handle deferred reset is essentially best effort. If we intend to do a // deferred reset, we try to finish the stream, including writing any pending data frames. // If we cannot do this (potentially due to not enough window), we just reset the stream. // In general this behavior occurs only when we are trying to send immediate error messages // to short circuit requests. In the best effort case, we complete the stream before // resetting. In other cases, we just do the reset now which will blow away pending data // frames and release any memory associated with the stream. if (pending_deferred_reset_) { pending_deferred_reset_ = false; for (auto& stream : active_streams_) { if (stream->deferred_reset_) { stream->resetStreamWorker(stream->deferred_reset_.value()); } } sendPendingFrames(); } } void ConnectionImpl::sendSettings( const envoy::config::core::v3::Http2ProtocolOptions& http2_options, bool disable_push) { absl::InlinedVector settings; auto insertParameter = [&settings](const nghttp2_settings_entry& entry) mutable -> bool { const auto it = std::find_if(settings.cbegin(), settings.cend(), [&entry](const nghttp2_settings_entry& existing) { return entry.settings_id == existing.settings_id; }); if (it != settings.end()) { return false; } settings.push_back(entry); return true; }; // Universally disable receiving push promise frames as we don't currently support // them. nghttp2 will fail the connection if the other side still sends them. // TODO(mattklein123): Remove this when we correctly proxy push promise. // NOTE: This is a special case with respect to custom parameter overrides in that server push is // not supported and therefore not end user configurable. if (disable_push) { settings.push_back( {static_cast(NGHTTP2_SETTINGS_ENABLE_PUSH), disable_push ? 0U : 1U}); } for (const auto& it : http2_options.custom_settings_parameters()) { ASSERT(it.identifier().value() <= std::numeric_limits::max()); const bool result = insertParameter({static_cast(it.identifier().value()), it.value().value()}); ASSERT(result); ENVOY_CONN_LOG(debug, "adding custom settings parameter with id {:#x} to {}", connection_, it.identifier().value(), it.value().value()); } // Insert named parameters. settings.insert( settings.end(), {{NGHTTP2_SETTINGS_HEADER_TABLE_SIZE, http2_options.hpack_table_size().value()}, {NGHTTP2_SETTINGS_ENABLE_CONNECT_PROTOCOL, http2_options.allow_connect()}, {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, http2_options.max_concurrent_streams().value()}, {NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE, http2_options.initial_stream_window_size().value()}}); if (!settings.empty()) { int rc = nghttp2_submit_settings(session_, NGHTTP2_FLAG_NONE, settings.data(), settings.size()); ASSERT(rc == 0); } else { // nghttp2_submit_settings need to be called at least once int rc = nghttp2_submit_settings(session_, NGHTTP2_FLAG_NONE, nullptr, 0); ASSERT(rc == 0); } const uint32_t initial_connection_window_size = http2_options.initial_connection_window_size().value(); // Increase connection window size up to our default size. if (initial_connection_window_size != NGHTTP2_INITIAL_CONNECTION_WINDOW_SIZE) { ENVOY_CONN_LOG(debug, "updating connection-level initial window size to {}", connection_, initial_connection_window_size); int rc = nghttp2_submit_window_update(session_, NGHTTP2_FLAG_NONE, 0, initial_connection_window_size - NGHTTP2_INITIAL_CONNECTION_WINDOW_SIZE); ASSERT(rc == 0); } } void ConnectionImpl::scheduleProtocolConstraintViolationCallback() { if (!protocol_constraint_violation_callback_) { protocol_constraint_violation_callback_ = connection_.dispatcher().createSchedulableCallback( [this]() { onProtocolConstraintViolation(); }); protocol_constraint_violation_callback_->scheduleCallbackCurrentIteration(); } } void ConnectionImpl::onProtocolConstraintViolation() { // Flooded outbound queue implies that peer is not reading and it does not // make sense to try to flush pending bytes. connection_.close(Envoy::Network::ConnectionCloseType::NoFlush); } ConnectionImpl::Http2Callbacks::Http2Callbacks() { nghttp2_session_callbacks_new(&callbacks_); nghttp2_session_callbacks_set_send_callback( callbacks_, [](nghttp2_session*, const uint8_t* data, size_t length, int, void* user_data) -> ssize_t { return static_cast(user_data)->onSend(data, length); }); nghttp2_session_callbacks_set_send_data_callback( callbacks_, [](nghttp2_session*, nghttp2_frame* frame, const uint8_t* framehd, size_t length, nghttp2_data_source* source, void*) -> int { ASSERT(frame->data.padlen == 0); return static_cast(source->ptr)->onDataSourceSend(framehd, length); }); nghttp2_session_callbacks_set_on_begin_headers_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onBeginHeaders(frame); }); nghttp2_session_callbacks_set_on_header_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, const uint8_t* raw_name, size_t name_length, const uint8_t* raw_value, size_t value_length, uint8_t, void* user_data) -> int { // TODO PERF: Can reference count here to avoid copies. HeaderString name; name.setCopy(reinterpret_cast(raw_name), name_length); HeaderString value; value.setCopy(reinterpret_cast(raw_value), value_length); return static_cast(user_data)->onHeader(frame, std::move(name), std::move(value)); }); nghttp2_session_callbacks_set_on_data_chunk_recv_callback( callbacks_, [](nghttp2_session*, uint8_t, int32_t stream_id, const uint8_t* data, size_t len, void* user_data) -> int { return static_cast(user_data)->onData(stream_id, data, len); }); nghttp2_session_callbacks_set_on_begin_frame_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame_hd* hd, void* user_data) -> int { return static_cast(user_data)->onBeforeFrameReceived(hd); }); nghttp2_session_callbacks_set_on_frame_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onFrameReceived(frame); }); nghttp2_session_callbacks_set_on_stream_close_callback( callbacks_, [](nghttp2_session*, int32_t stream_id, uint32_t error_code, void* user_data) -> int { return static_cast(user_data)->onStreamClose(stream_id, error_code); }); nghttp2_session_callbacks_set_on_frame_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onFrameSend(frame); }); nghttp2_session_callbacks_set_before_frame_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, void* user_data) -> int { return static_cast(user_data)->onBeforeFrameSend(frame); }); nghttp2_session_callbacks_set_on_frame_not_send_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame*, int, void*) -> int { // We used to always return failure here but it looks now this can get called if the other // side sends GOAWAY and we are trying to send a SETTINGS ACK. Just ignore this for now. return 0; }); nghttp2_session_callbacks_set_on_invalid_frame_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame* frame, int error_code, void* user_data) -> int { return static_cast(user_data)->onInvalidFrame(frame->hd.stream_id, error_code); }); nghttp2_session_callbacks_set_on_extension_chunk_recv_callback( callbacks_, [](nghttp2_session*, const nghttp2_frame_hd* hd, const uint8_t* data, size_t len, void* user_data) -> int { ASSERT(hd->length >= len); return static_cast(user_data)->onMetadataReceived(hd->stream_id, data, len); }); nghttp2_session_callbacks_set_unpack_extension_callback( callbacks_, [](nghttp2_session*, void**, const nghttp2_frame_hd* hd, void* user_data) -> int { return static_cast(user_data)->onMetadataFrameComplete( hd->stream_id, hd->flags == END_METADATA_FLAG); }); nghttp2_session_callbacks_set_pack_extension_callback( callbacks_, [](nghttp2_session*, uint8_t* buf, size_t len, const nghttp2_frame* frame, void* user_data) -> ssize_t { ASSERT(frame->hd.length <= len); return static_cast(user_data)->packMetadata(frame->hd.stream_id, buf, len); }); nghttp2_session_callbacks_set_error_callback2( callbacks_, [](nghttp2_session*, int, const char* msg, size_t len, void* user_data) -> int { return static_cast(user_data)->onError(absl::string_view(msg, len)); }); } ConnectionImpl::Http2Callbacks::~Http2Callbacks() { nghttp2_session_callbacks_del(callbacks_); } ConnectionImpl::Http2Options::Http2Options( const envoy::config::core::v3::Http2ProtocolOptions& http2_options) { nghttp2_option_new(&options_); // Currently we do not do anything with stream priority. Setting the following option prevents // nghttp2 from keeping around closed streams for use during stream priority dependency graph // calculations. This saves a tremendous amount of memory in cases where there are a large // number of kept alive HTTP/2 connections. nghttp2_option_set_no_closed_streams(options_, 1); nghttp2_option_set_no_auto_window_update(options_, 1); // The max send header block length is configured to an arbitrarily high number so as to never // trigger the check within nghttp2, as we check request headers length in // codec_impl::saveHeader. nghttp2_option_set_max_send_header_block_length(options_, 0x2000000); if (http2_options.hpack_table_size().value() != NGHTTP2_DEFAULT_HEADER_TABLE_SIZE) { nghttp2_option_set_max_deflate_dynamic_table_size(options_, http2_options.hpack_table_size().value()); } if (http2_options.allow_metadata()) { nghttp2_option_set_user_recv_extension_type(options_, METADATA_FRAME_TYPE); } else { ENVOY_LOG(trace, "Codec does not have Metadata frame support."); } // nghttp2 v1.39.2 lowered the internal flood protection limit from 10K to 1K of ACK frames. // This new limit may cause the internal nghttp2 mitigation to trigger more often (as it // requires just 9K of incoming bytes for smallest 9 byte SETTINGS frame), bypassing the same // mitigation and its associated behavior in the envoy HTTP/2 codec. Since envoy does not rely // on this mitigation, set back to the old 10K number to avoid any changes in the HTTP/2 codec // behavior. nghttp2_option_set_max_outbound_ack(options_, 10000); } ConnectionImpl::Http2Options::~Http2Options() { nghttp2_option_del(options_); } ConnectionImpl::ClientHttp2Options::ClientHttp2Options( const envoy::config::core::v3::Http2ProtocolOptions& http2_options) : Http2Options(http2_options) { // Temporarily disable initial max streams limit/protection, since we might want to create // more than 100 streams before receiving the HTTP/2 SETTINGS frame from the server. // // TODO(PiotrSikora): remove this once multiple upstream connections or queuing are implemented. nghttp2_option_set_peer_max_concurrent_streams( options_, ::Envoy::Http2::Utility::OptionsLimits::DEFAULT_MAX_CONCURRENT_STREAMS); } ClientConnectionImpl::ClientConnectionImpl( Network::Connection& connection, Http::ConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_response_headers_kb, const uint32_t max_response_headers_count, Nghttp2SessionFactory& http2_session_factory) : ConnectionImpl(connection, stats, random, http2_options, max_response_headers_kb, max_response_headers_count), callbacks_(callbacks) { ClientHttp2Options client_http2_options(http2_options); session_ = http2_session_factory.create(http2_callbacks_.callbacks(), base(), client_http2_options.options()); http2_session_factory.init(session_, base(), http2_options); allow_metadata_ = http2_options.allow_metadata(); } RequestEncoder& ClientConnectionImpl::newStream(ResponseDecoder& decoder) { ClientStreamImplPtr stream(new ClientStreamImpl(*this, per_stream_buffer_limit_, decoder)); // If the connection is currently above the high watermark, make sure to inform the new stream. // The connection can not pass this on automatically as it has no awareness that a new stream is // created. if (connection_.aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } ClientStreamImpl& stream_ref = *stream; LinkedList::moveIntoList(std::move(stream), active_streams_); return stream_ref; } int ClientConnectionImpl::onBeginHeaders(const nghttp2_frame* frame) { // The client code explicitly does not currently support push promise. RELEASE_ASSERT(frame->hd.type == NGHTTP2_HEADERS, ""); RELEASE_ASSERT(frame->headers.cat == NGHTTP2_HCAT_RESPONSE || frame->headers.cat == NGHTTP2_HCAT_HEADERS, ""); if (frame->headers.cat == NGHTTP2_HCAT_HEADERS) { StreamImpl* stream = getStream(frame->hd.stream_id); stream->allocTrailers(); } return 0; } int ClientConnectionImpl::onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { // The client code explicitly does not currently support push promise. ASSERT(frame->hd.type == NGHTTP2_HEADERS); ASSERT(frame->headers.cat == NGHTTP2_HCAT_RESPONSE || frame->headers.cat == NGHTTP2_HCAT_HEADERS); return saveHeader(frame, std::move(name), std::move(value)); } ServerConnectionImpl::ServerConnectionImpl( Network::Connection& connection, Http::ServerConnectionCallbacks& callbacks, CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) : ConnectionImpl(connection, stats, random, http2_options, max_request_headers_kb, max_request_headers_count), callbacks_(callbacks), headers_with_underscores_action_(headers_with_underscores_action) { Http2Options h2_options(http2_options); nghttp2_session_server_new2(&session_, http2_callbacks_.callbacks(), base(), h2_options.options()); sendSettings(http2_options, false); allow_metadata_ = http2_options.allow_metadata(); } int ServerConnectionImpl::onBeginHeaders(const nghttp2_frame* frame) { // For a server connection, we should never get push promise frames. ASSERT(frame->hd.type == NGHTTP2_HEADERS); if (!trackInboundFrames(&frame->hd, frame->headers.padlen)) { return NGHTTP2_ERR_FLOODED; } if (frame->headers.cat != NGHTTP2_HCAT_REQUEST) { stats_.trailers_.inc(); ASSERT(frame->headers.cat == NGHTTP2_HCAT_HEADERS); StreamImpl* stream = getStream(frame->hd.stream_id); stream->allocTrailers(); return 0; } ServerStreamImplPtr stream(new ServerStreamImpl(*this, per_stream_buffer_limit_)); if (connection_.aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } stream->request_decoder_ = &callbacks_.newStream(*stream); stream->stream_id_ = frame->hd.stream_id; LinkedList::moveIntoList(std::move(stream), active_streams_); nghttp2_session_set_stream_user_data(session_, frame->hd.stream_id, active_streams_.front().get()); return 0; } int ServerConnectionImpl::onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) { // For a server connection, we should never get push promise frames. ASSERT(frame->hd.type == NGHTTP2_HEADERS); ASSERT(frame->headers.cat == NGHTTP2_HCAT_REQUEST || frame->headers.cat == NGHTTP2_HCAT_HEADERS); return saveHeader(frame, std::move(name), std::move(value)); } bool ServerConnectionImpl::trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) { ENVOY_CONN_LOG(trace, "track inbound frame type={} flags={} length={} padding_length={}", connection_, static_cast(hd->type), static_cast(hd->flags), static_cast(hd->length), padding_length); auto result = protocol_constraints_.trackInboundFrames(hd, padding_length); if (!result.ok()) { ENVOY_CONN_LOG(trace, "error reading frame: {} received in this HTTP/2 session.", connection_, result.message()); if (isInboundFramesWithEmptyPayloadError(result)) { ConnectionImpl::StreamImpl* stream = getStream(hd->stream_id); if (stream) { stream->setDetails(Http2ResponseCodeDetails::get().inbound_empty_frame_flood); } } // NGHTTP2_ERR_FLOODED is overridden within nghttp2 library and it doesn't propagate // all the way to nghttp2_session_mem_recv() where we need it. flood_detected_ = true; return false; } return true; } Envoy::Http::Http2::ProtocolConstraints::ReleasorProc ServerConnectionImpl::trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) { auto releasor = protocol_constraints_.incrementOutboundFrameCount(is_outbound_flood_monitored_control_frame); if (dispatching_downstream_data_ && !protocol_constraints_.checkOutboundFrameLimits().ok()) { throw FrameFloodException(std::string(protocol_constraints_.status().message())); } return releasor; } void ServerConnectionImpl::checkProtocolConstraintViolation() { if (!protocol_constraints_.checkOutboundFrameLimits().ok()) { scheduleProtocolConstraintViolationCallback(); } } Http::Status ServerConnectionImpl::dispatch(Buffer::Instance& data) { // TODO(#10878): Remove this wrapper when exception removal is complete. innerDispatch may either // throw an exception or return an error status. The utility wrapper catches exceptions and // converts them to error statuses. return Http::Utility::exceptionToStatus( [&](Buffer::Instance& data) -> Http::Status { return innerDispatch(data); }, data); } Http::Status ServerConnectionImpl::innerDispatch(Buffer::Instance& data) { ASSERT(!dispatching_downstream_data_); dispatching_downstream_data_ = true; // Make sure the dispatching_downstream_data_ is set to false even // when ConnectionImpl::dispatch throws an exception. Cleanup cleanup([this]() { dispatching_downstream_data_ = false; }); // Make sure downstream outbound queue was not flooded by the upstream frames. if (!protocol_constraints_.checkOutboundFrameLimits().ok()) { throw FrameFloodException(std::string(protocol_constraints_.status().message())); } return ConnectionImpl::innerDispatch(data); } absl::optional ServerConnectionImpl::checkHeaderNameForUnderscores(absl::string_view header_name) { if (headers_with_underscores_action_ != envoy::config::core::v3::HttpProtocolOptions::ALLOW && Http::HeaderUtility::headerNameContainsUnderscore(header_name)) { if (headers_with_underscores_action_ == envoy::config::core::v3::HttpProtocolOptions::DROP_HEADER) { ENVOY_CONN_LOG(debug, "Dropping header with invalid characters in its name: {}", connection_, header_name); stats_.dropped_headers_with_underscores_.inc(); return 0; } ENVOY_CONN_LOG(debug, "Rejecting request due to header name with underscores: {}", connection_, header_name); stats_.requests_rejected_with_underscores_in_headers_.inc(); return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; } return absl::nullopt; } } // namespace Http2 } // namespace Legacy } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/codec_impl_legacy.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/event/deferred_deletable.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" #include "common/buffer/buffer_impl.h" #include "common/buffer/watermark_buffer.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/http/codec_helper.h" #include "common/http/header_map_impl.h" #include "common/http/http2/codec_stats.h" #include "common/http/http2/metadata_decoder.h" #include "common/http/http2/metadata_encoder.h" #include "common/http/http2/protocol_constraints.h" #include "common/http/status.h" #include "common/http/utility.h" #include "absl/types/optional.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Legacy { namespace Http2 { // This is not the full client magic, but it's the smallest size that should be able to // differentiate between HTTP/1 and HTTP/2. const std::string CLIENT_MAGIC_PREFIX = "PRI * HTTP/2"; class Utility { public: /** * Deal with https://tools.ietf.org/html/rfc7540#section-8.1.2.5 * @param key supplies the incoming header key. * @param value supplies the incoming header value. * @param cookies supplies the header string to fill if this is a cookie header that needs to be * rebuilt. */ static bool reconstituteCrumbledCookies(const HeaderString& key, const HeaderString& value, HeaderString& cookies); }; class ConnectionImpl; // Abstract nghttp2_session factory. Used to enable injection of factories for testing. class Nghttp2SessionFactory { public: using ConnectionImplType = ConnectionImpl; virtual ~Nghttp2SessionFactory() = default; // Returns a new nghttp2_session to be used with |connection|. virtual nghttp2_session* create(const nghttp2_session_callbacks* callbacks, ConnectionImplType* connection, const nghttp2_option* options) PURE; // Initializes the |session|. virtual void init(nghttp2_session* session, ConnectionImplType* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) PURE; }; class ProdNghttp2SessionFactory : public Nghttp2SessionFactory { public: nghttp2_session* create(const nghttp2_session_callbacks* callbacks, ConnectionImpl* connection, const nghttp2_option* options) override; void init(nghttp2_session* session, ConnectionImpl* connection, const envoy::config::core::v3::Http2ProtocolOptions& options) override; // Returns a global factory instance. Note that this is possible because no internal state is // maintained; the thread safety of create() and init()'s side effects is guaranteed by Envoy's // worker based threading model. static ProdNghttp2SessionFactory& get() { static ProdNghttp2SessionFactory* instance = new ProdNghttp2SessionFactory(); return *instance; } }; /** * Base class for HTTP/2 client and server codecs. */ class ConnectionImpl : public virtual Connection, protected Logger::Loggable { public: ConnectionImpl(Network::Connection& connection, Http::Http2::CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_headers_kb, const uint32_t max_headers_count); ~ConnectionImpl() override; // Http::Connection // NOTE: the `dispatch` method is also overridden in the ServerConnectionImpl class Http::Status dispatch(Buffer::Instance& data) override; void goAway() override; Protocol protocol() override { return Protocol::Http2; } void shutdownNotice() override; bool wantsToWrite() override { return nghttp2_session_want_write(session_); } // Propagate network connection watermark events to each stream on the connection. void onUnderlyingConnectionAboveWriteBufferHighWatermark() override { for (auto& stream : active_streams_) { stream->runHighWatermarkCallbacks(); } } void onUnderlyingConnectionBelowWriteBufferLowWatermark() override { for (auto& stream : active_streams_) { stream->runLowWatermarkCallbacks(); } } /** * An inner dispatch call that executes the dispatching logic. While exception removal is in * migration (#10878), this function may either throw an exception or return an error status. * Exceptions are caught and translated to their corresponding statuses in the outer level * dispatch. * This needs to be virtual so that ServerConnectionImpl can override. * TODO(#10878): Remove this when exception removal is complete. */ virtual Http::Status innerDispatch(Buffer::Instance& data); protected: friend class ProdNghttp2SessionFactory; /** * Wrapper for static nghttp2 callback dispatchers. */ class Http2Callbacks { public: Http2Callbacks(); ~Http2Callbacks(); const nghttp2_session_callbacks* callbacks() { return callbacks_; } private: nghttp2_session_callbacks* callbacks_; }; /** * Wrapper for static nghttp2 session options. */ class Http2Options { public: Http2Options(const envoy::config::core::v3::Http2ProtocolOptions& http2_options); ~Http2Options(); const nghttp2_option* options() { return options_; } protected: nghttp2_option* options_; }; class ClientHttp2Options : public Http2Options { public: ClientHttp2Options(const envoy::config::core::v3::Http2ProtocolOptions& http2_options); }; /** * Base class for client and server side streams. */ struct StreamImpl : public virtual StreamEncoder, public Stream, public LinkedObject, public Event::DeferredDeletable, public StreamCallbackHelper { StreamImpl(ConnectionImpl& parent, uint32_t buffer_limit); ~StreamImpl() override; // TODO(mattklein123): Optimally this would be done in the destructor but there are currently // deferred delete lifetime issues that need sorting out if the destructor of the stream is // going to be able to refer to the parent connection. void destroy(); void disarmStreamIdleTimer() { if (stream_idle_timer_ != nullptr) { // To ease testing and the destructor assertion. stream_idle_timer_->disableTimer(); stream_idle_timer_.reset(); } } StreamImpl* base() { return this; } ssize_t onDataSourceRead(uint64_t length, uint32_t* data_flags); int onDataSourceSend(const uint8_t* framehd, size_t length); void resetStreamWorker(StreamResetReason reason); static void buildHeaders(std::vector& final_headers, const HeaderMap& headers); void saveHeader(HeaderString&& name, HeaderString&& value); void encodeHeadersBase(const std::vector& final_headers, bool end_stream); virtual void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) PURE; void encodeTrailersBase(const HeaderMap& headers); void submitTrailers(const HeaderMap& trailers); void submitMetadata(uint8_t flags); virtual StreamDecoder& decoder() PURE; virtual HeaderMap& headers() PURE; virtual void allocTrailers() PURE; virtual HeaderMapPtr cloneTrailers(const HeaderMap& trailers) PURE; virtual void createPendingFlushTimer() PURE; void onPendingFlushTimer(); // Http::StreamEncoder void encodeData(Buffer::Instance& data, bool end_stream) override; Stream& getStream() override { return *this; } void encodeMetadata(const MetadataMapVector& metadata_map_vector) override; Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return absl::nullopt; } // Http::Stream void addCallbacks(StreamCallbacks& callbacks) override { addCallbacksHelper(callbacks); } void removeCallbacks(StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } void resetStream(StreamResetReason reason) override; void readDisable(bool disable) override; uint32_t bufferLimit() override { return pending_recv_data_.highWatermark(); } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override { return parent_.connection_.localAddress(); } absl::string_view responseDetails() override { return details_; } void setFlushTimeout(std::chrono::milliseconds timeout) override { stream_idle_timeout_ = timeout; } // This code assumes that details is a static string, so that we // can avoid copying it. void setDetails(absl::string_view details) { // TODO(asraa): In some cases nghttp2's error handling may cause processing of multiple // invalid frames for a single stream. If a temporal stream error is returned from a callback, // remaining frames in the buffer will still be partially processed. For example, remaining // frames will still parse through nghttp2's push promise error handling and in // onBeforeFrame(Send/Received) callbacks, which may return invalid frame errors and attempt // to set details again. In these cases, we simply do not overwrite details. When internal // error latching is implemented in the codec for exception removal, we should prevent calling // setDetails in an error state. if (details_.empty()) { details_ = details; } } void setWriteBufferWatermarks(uint32_t low_watermark, uint32_t high_watermark) { pending_recv_data_.setWatermarks(low_watermark, high_watermark); pending_send_data_.setWatermarks(low_watermark, high_watermark); } // If the receive buffer encounters watermark callbacks, enable/disable reads on this stream. void pendingRecvBufferHighWatermark(); void pendingRecvBufferLowWatermark(); // If the send buffer encounters watermark callbacks, propagate this information to the streams. // The router and connection manager will propagate them on as appropriate. void pendingSendBufferHighWatermark(); void pendingSendBufferLowWatermark(); // Does any necessary WebSocket/Upgrade conversion, then passes the headers // to the decoder_. virtual void decodeHeaders() PURE; virtual void decodeTrailers() PURE; // Get MetadataEncoder for this stream. Http::Http2::MetadataEncoder& getMetadataEncoder(); // Get MetadataDecoder for this stream. Http::Http2::MetadataDecoder& getMetadataDecoder(); // Callback function for MetadataDecoder. void onMetadataDecoded(MetadataMapPtr&& metadata_map_ptr); bool buffersOverrun() const { return read_disable_count_ > 0; } void encodeDataHelper(Buffer::Instance& data, bool end_stream, bool skip_encoding_empty_trailers); ConnectionImpl& parent_; int32_t stream_id_{-1}; uint32_t unconsumed_bytes_{0}; uint32_t read_disable_count_{0}; Buffer::WatermarkBuffer pending_recv_data_{ [this]() -> void { this->pendingRecvBufferLowWatermark(); }, [this]() -> void { this->pendingRecvBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; Buffer::WatermarkBuffer pending_send_data_{ [this]() -> void { this->pendingSendBufferLowWatermark(); }, [this]() -> void { this->pendingSendBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; HeaderMapPtr pending_trailers_to_encode_; std::unique_ptr metadata_decoder_; std::unique_ptr metadata_encoder_; absl::optional deferred_reset_; HeaderString cookies_; bool local_end_stream_sent_ : 1; bool remote_end_stream_ : 1; bool data_deferred_ : 1; bool received_noninformational_headers_ : 1; bool pending_receive_buffer_high_watermark_called_ : 1; bool pending_send_buffer_high_watermark_called_ : 1; bool reset_due_to_messaging_error_ : 1; absl::string_view details_; // See HttpConnectionManager.stream_idle_timeout. std::chrono::milliseconds stream_idle_timeout_{}; Event::TimerPtr stream_idle_timer_; }; using StreamImplPtr = std::unique_ptr; /** * Client side stream (request). */ struct ClientStreamImpl : public StreamImpl, public RequestEncoder { ClientStreamImpl(ConnectionImpl& parent, uint32_t buffer_limit, ResponseDecoder& response_decoder) : StreamImpl(parent, buffer_limit), response_decoder_(response_decoder), headers_or_trailers_(ResponseHeaderMapImpl::create()) {} // StreamImpl void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) override; StreamDecoder& decoder() override { return response_decoder_; } void decodeHeaders() override; void decodeTrailers() override; HeaderMap& headers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } void allocTrailers() override { // If we are waiting for informational headers, make a new response header map, otherwise // we are about to receive trailers. The codec makes sure this is the only valid sequence. if (received_noninformational_headers_) { headers_or_trailers_.emplace(ResponseTrailerMapImpl::create()); } else { headers_or_trailers_.emplace(ResponseHeaderMapImpl::create()); } } HeaderMapPtr cloneTrailers(const HeaderMap& trailers) override { return createHeaderMap(trailers); } void createPendingFlushTimer() override { // Client streams do not create a flush timer because we currently assume that any failure // to flush would be covered by a request/stream/etc. timeout. } // RequestEncoder void encodeHeaders(const RequestHeaderMap& headers, bool end_stream) override; void encodeTrailers(const RequestTrailerMap& trailers) override { encodeTrailersBase(trailers); } ResponseDecoder& response_decoder_; absl::variant headers_or_trailers_; std::string upgrade_type_; }; using ClientStreamImplPtr = std::unique_ptr; /** * Server side stream (response). */ struct ServerStreamImpl : public StreamImpl, public ResponseEncoder { ServerStreamImpl(ConnectionImpl& parent, uint32_t buffer_limit) : StreamImpl(parent, buffer_limit), headers_or_trailers_(RequestHeaderMapImpl::create()) { stream_error_on_invalid_http_message_ = parent.stream_error_on_invalid_http_messaging_; } // StreamImpl void submitHeaders(const std::vector& final_headers, nghttp2_data_provider* provider) override; StreamDecoder& decoder() override { return *request_decoder_; } void decodeHeaders() override; void decodeTrailers() override; HeaderMap& headers() override { if (absl::holds_alternative(headers_or_trailers_)) { return *absl::get(headers_or_trailers_); } else { return *absl::get(headers_or_trailers_); } } void allocTrailers() override { headers_or_trailers_.emplace(RequestTrailerMapImpl::create()); } HeaderMapPtr cloneTrailers(const HeaderMap& trailers) override { return createHeaderMap(trailers); } void createPendingFlushTimer() override; // ResponseEncoder void encode100ContinueHeaders(const ResponseHeaderMap& headers) override; void encodeHeaders(const ResponseHeaderMap& headers, bool end_stream) override; void encodeTrailers(const ResponseTrailerMap& trailers) override { encodeTrailersBase(trailers); } RequestDecoder* request_decoder_{}; absl::variant headers_or_trailers_; bool stream_error_on_invalid_http_message_; bool streamErrorOnInvalidHttpMessage() const override { return stream_error_on_invalid_http_message_; } }; using ServerStreamImplPtr = std::unique_ptr; ConnectionImpl* base() { return this; } // NOTE: Always use non debug nullptr checks against the return value of this function. There are // edge cases (such as for METADATA frames) where nghttp2 will issue a callback for a stream_id // that is not associated with an existing stream. StreamImpl* getStream(int32_t stream_id); int saveHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value); void sendPendingFrames(); void sendSettings(const envoy::config::core::v3::Http2ProtocolOptions& http2_options, bool disable_push); // Callback triggered when the peer's SETTINGS frame is received. // NOTE: This is only used for tests. virtual void onSettingsForTest(const nghttp2_settings&) {} /** * Check if header name contains underscore character. * Underscore character is allowed in header names by the RFC-7230 and this check is implemented * as a security measure due to systems that treat '_' and '-' as interchangeable. * The ServerConnectionImpl may drop header or reject request based on the * `common_http_protocol_options.headers_with_underscores_action` configuration option in the * HttpConnectionManager. */ virtual absl::optional checkHeaderNameForUnderscores(absl::string_view /* header_name */) { return absl::nullopt; } /** * This method checks if a protocol constraint had been violated in the sendPendingFrames() call * outside of the dispatch context. * This method is a stop-gap solution for implementing checking of protocol constraint violations * outside of the dispatch context (where at this point the sendPendingFrames() method always * returns success). It allows each case where sendPendingFrames() is called outside of the * dispatch context to be fixed in its own PR so it is easier to review and reason about. Once all * error handling is implemented this method will be removed and the `sendPendingFrames()` will be * changed to return error in both dispatching and non-dispatching contexts. At the same time the * RELEASE_ASSERTs will be removed as well. * The implementation in the ClientConnectionImpl is a no-op as client connections to not check * protocol constraints. * The implementation in the ServerConnectionImpl schedules callback to terminate connection if * the protocol constraint was violated. */ virtual void checkProtocolConstraintViolation() PURE; /** * Callback for terminating connection when protocol constrain has been violated * outside of the dispatch context. */ void scheduleProtocolConstraintViolationCallback(); void onProtocolConstraintViolation(); static Http2Callbacks http2_callbacks_; std::list active_streams_; nghttp2_session* session_{}; Http::Http2::CodecStats& stats_; Network::Connection& connection_; const uint32_t max_headers_kb_; const uint32_t max_headers_count_; uint32_t per_stream_buffer_limit_; bool allow_metadata_; const bool stream_error_on_invalid_http_messaging_; bool flood_detected_; // Set if the type of frame that is about to be sent is PING or SETTINGS with the ACK flag set, or // RST_STREAM. bool is_outbound_flood_monitored_control_frame_ = 0; ::Envoy::Http::Http2::ProtocolConstraints protocol_constraints_; // For the flood mitigation to work the onSend callback must be called once for each outbound // frame. This is what the nghttp2 library is doing, however this is not documented. The // Http2FloodMitigationTest.* tests in test/integration/http2_integration_test.cc will break if // this changes in the future. Also it is important that onSend does not do partial writes, as the // nghttp2 library will keep calling this callback to write the rest of the frame. ssize_t onSend(const uint8_t* data, size_t length); // Some browsers (e.g. WebKit-based browsers: https://bugs.webkit.org/show_bug.cgi?id=210108) have // a problem with processing empty trailers (END_STREAM | END_HEADERS with zero length HEADERS) of // an HTTP/2 response as reported here: https://github.com/envoyproxy/envoy/issues/10514. This is // controlled by "envoy.reloadable_features.http2_skip_encoding_empty_trailers" runtime feature // flag. const bool skip_encoding_empty_trailers_; private: virtual ConnectionCallbacks& callbacks() PURE; virtual int onBeginHeaders(const nghttp2_frame* frame) PURE; int onData(int32_t stream_id, const uint8_t* data, size_t len); int onBeforeFrameReceived(const nghttp2_frame_hd* hd); int onFrameReceived(const nghttp2_frame* frame); int onBeforeFrameSend(const nghttp2_frame* frame); int onFrameSend(const nghttp2_frame* frame); int onError(absl::string_view error); virtual int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) PURE; int onInvalidFrame(int32_t stream_id, int error_code); int onStreamClose(int32_t stream_id, uint32_t error_code); int onMetadataReceived(int32_t stream_id, const uint8_t* data, size_t len); int onMetadataFrameComplete(int32_t stream_id, bool end_metadata); ssize_t packMetadata(int32_t stream_id, uint8_t* buf, size_t len); // Adds buffer fragment for a new outbound frame to the supplied Buffer::OwnedImpl. // Returns true on success or false if outbound queue limits were exceeded. bool addOutboundFrameFragment(Buffer::OwnedImpl& output, const uint8_t* data, size_t length); virtual Envoy::Http::Http2::ProtocolConstraints::ReleasorProc trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) PURE; virtual bool trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) PURE; void sendKeepalive(); void onKeepaliveResponse(); void onKeepaliveResponseTimeout(); bool dispatching_ : 1; bool raised_goaway_ : 1; bool pending_deferred_reset_ : 1; Event::SchedulableCallbackPtr protocol_constraint_violation_callback_; Random::RandomGenerator& random_; Event::TimerPtr keepalive_send_timer_; Event::TimerPtr keepalive_timeout_timer_; std::chrono::milliseconds keepalive_interval_; std::chrono::milliseconds keepalive_timeout_; uint32_t keepalive_interval_jitter_percent_; }; /** * HTTP/2 client connection codec. */ class ClientConnectionImpl : public ClientConnection, public ConnectionImpl { public: using SessionFactory = Nghttp2SessionFactory; ClientConnectionImpl(Network::Connection& connection, ConnectionCallbacks& callbacks, Http::Http2::CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_response_headers_kb, const uint32_t max_response_headers_count, SessionFactory& http2_session_factory); // Http::ClientConnection RequestEncoder& newStream(ResponseDecoder& response_decoder) override; private: // ConnectionImpl ConnectionCallbacks& callbacks() override { return callbacks_; } int onBeginHeaders(const nghttp2_frame* frame) override; int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) override; // Presently client connections do not track or check queue limits for outbound frames and do not // terminate connections when queue limits are exceeded. The primary reason is the complexity of // the clean-up of upstream connections. The clean-up of upstream connection causes RST_STREAM // messages to be sent on corresponding downstream connections. This may actually trigger flood // mitigation on the downstream connections, which causes an exception to be thrown in the middle // of the clean-up loop, leaving resources in a half cleaned up state. // TODO(yanavlasov): add flood mitigation for upstream connections as well. Envoy::Http::Http2::ProtocolConstraints::ReleasorProc trackOutboundFrames(bool) override { return Envoy::Http::Http2::ProtocolConstraints::ReleasorProc([]() {}); } bool trackInboundFrames(const nghttp2_frame_hd*, uint32_t) override { return true; } void checkProtocolConstraintViolation() override {} Http::ConnectionCallbacks& callbacks_; }; /** * HTTP/2 server connection codec. */ class ServerConnectionImpl : public ServerConnection, public ConnectionImpl { public: ServerConnectionImpl(Network::Connection& connection, ServerConnectionCallbacks& callbacks, Http::Http2::CodecStats& stats, Random::RandomGenerator& random, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, const uint32_t max_request_headers_kb, const uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); private: // ConnectionImpl ConnectionCallbacks& callbacks() override { return callbacks_; } int onBeginHeaders(const nghttp2_frame* frame) override; int onHeader(const nghttp2_frame* frame, HeaderString&& name, HeaderString&& value) override; Envoy::Http::Http2::ProtocolConstraints::ReleasorProc trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) override; bool trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) override; absl::optional checkHeaderNameForUnderscores(absl::string_view header_name) override; /** * Check protocol constraint violations outside of the dispatching context. * This method ASSERTs if it is called in the dispatching context. */ void checkProtocolConstraintViolation() override; // Http::Connection // The reason for overriding the dispatch method is to do flood mitigation only when // processing data from downstream client. Doing flood mitigation when processing upstream // responses makes clean-up tricky, which needs to be improved (see comments for the // ClientConnectionImpl::checkProtocolConstraintsStatus method). The dispatch method on the // ServerConnectionImpl objects is called only when processing data from the downstream client in // the ConnectionManagerImpl::onData method. Http::Status dispatch(Buffer::Instance& data) override; Http::Status innerDispatch(Buffer::Instance& data) override; ServerConnectionCallbacks& callbacks_; // This flag indicates that downstream data is being dispatched and turns on flood mitigation // in the checkMaxOutbound*Framed methods. bool dispatching_downstream_data_{false}; // The action to take when a request header name contains underscore characters. envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; }; } // namespace Http2 } // namespace Legacy } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/codec_stats.h ================================================ #pragma once #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/thread.h" namespace Envoy { namespace Http { namespace Http2 { /** * All stats for the HTTP/2 codec. @see stats_macros.h */ #define ALL_HTTP2_CODEC_STATS(COUNTER, GAUGE) \ COUNTER(dropped_headers_with_underscores) \ COUNTER(header_overflow) \ COUNTER(headers_cb_no_stream) \ COUNTER(inbound_empty_frames_flood) \ COUNTER(inbound_priority_frames_flood) \ COUNTER(inbound_window_update_frames_flood) \ COUNTER(outbound_control_flood) \ COUNTER(outbound_flood) \ COUNTER(requests_rejected_with_underscores_in_headers) \ COUNTER(rx_messaging_error) \ COUNTER(rx_reset) \ COUNTER(trailers) \ COUNTER(tx_flush_timeout) \ COUNTER(tx_reset) \ COUNTER(keepalive_timeout) \ GAUGE(streams_active, Accumulate) \ GAUGE(pending_send_bytes, Accumulate) /** * Wrapper struct for the HTTP/2 codec stats. @see stats_macros.h */ struct CodecStats { using AtomicPtr = Thread::AtomicPtr; static CodecStats& atomicGet(AtomicPtr& ptr, Stats::Scope& scope) { return *ptr.get([&scope]() -> CodecStats* { return new CodecStats{ALL_HTTP2_CODEC_STATS(POOL_COUNTER_PREFIX(scope, "http2."), POOL_GAUGE_PREFIX(scope, "http2."))}; }); } ALL_HTTP2_CODEC_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/conn_pool.cc ================================================ #include "common/http/http2/conn_pool.h" #include #include "envoy/event/dispatcher.h" #include "envoy/upstream/upstream.h" #include "common/http/http2/codec_impl.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Http { namespace Http2 { ConnPoolImpl::ConnPoolImpl(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) : HttpConnPoolImplBase(std::move(host), std::move(priority), dispatcher, options, transport_socket_options, Protocol::Http2), random_generator_(random_generator) {} ConnPoolImpl::~ConnPoolImpl() { destructAllConnections(); } Envoy::ConnectionPool::ActiveClientPtr ConnPoolImpl::instantiateActiveClient() { return std::make_unique(*this); } void ConnPoolImpl::onGoAway(ActiveClient& client, Http::GoAwayErrorCode) { ENVOY_CONN_LOG(debug, "remote goaway", *client.codec_client_); host_->cluster().stats().upstream_cx_close_notify_.inc(); if (client.state_ != ActiveClient::State::DRAINING) { if (client.codec_client_->numActiveRequests() == 0) { client.codec_client_->close(); } else { transitionActiveClientState(client, ActiveClient::State::DRAINING); } } } void ConnPoolImpl::onStreamDestroy(ActiveClient& client) { onStreamClosed(client, false); // If we are destroying this stream because of a disconnect, do not check for drain here. We will // wait until the connection has been fully drained of streams and then check in the connection // event callback. if (!client.closed_with_active_rq_) { checkForDrained(); } } void ConnPoolImpl::onStreamReset(ActiveClient& client, Http::StreamResetReason reason) { if (reason == StreamResetReason::ConnectionTermination || reason == StreamResetReason::ConnectionFailure) { host_->cluster().stats().upstream_rq_pending_failure_eject_.inc(); client.closed_with_active_rq_ = true; } else if (reason == StreamResetReason::LocalReset) { host_->cluster().stats().upstream_rq_tx_reset_.inc(); } else if (reason == StreamResetReason::RemoteReset) { host_->cluster().stats().upstream_rq_rx_reset_.inc(); } } uint64_t ConnPoolImpl::maxStreamsPerConnection() { uint64_t max_streams_config = host_->cluster().maxRequestsPerConnection(); return (max_streams_config != 0) ? max_streams_config : DEFAULT_MAX_STREAMS; } ConnPoolImpl::ActiveClient::ActiveClient(ConnPoolImpl& parent) : Envoy::Http::ActiveClient( parent, parent.maxStreamsPerConnection(), parent.host_->cluster().http2Options().max_concurrent_streams().value()) { codec_client_->setCodecClientCallbacks(*this); codec_client_->setCodecConnectionCallbacks(*this); parent.host_->cluster().stats().upstream_cx_http2_total_.inc(); } bool ConnPoolImpl::ActiveClient::closingWithIncompleteStream() const { return closed_with_active_rq_; } RequestEncoder& ConnPoolImpl::ActiveClient::newStreamEncoder(ResponseDecoder& response_decoder) { return codec_client_->newStream(response_decoder); } CodecClientPtr ProdConnPoolImpl::createCodecClient(Upstream::Host::CreateConnectionData& data) { CodecClientPtr codec{new CodecClientProd(CodecClient::Type::HTTP2, std::move(data.connection_), data.host_description_, dispatcher_, random_generator_)}; return codec; } ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) { return std::make_unique( dispatcher, random_generator, host, priority, options, transport_socket_options); } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/conn_pool.h ================================================ #pragma once #include #include "envoy/upstream/upstream.h" #include "common/http/codec_client.h" #include "common/http/conn_pool_base.h" namespace Envoy { namespace Http { namespace Http2 { /** * Implementation of a "connection pool" for HTTP/2. This mainly handles stats as well as * shifting to a new connection if we reach max streams on the primary. This is a base class * used for both the prod implementation as well as the testing one. */ class ConnPoolImpl : public Envoy::Http::HttpConnPoolImplBase { public: ConnPoolImpl(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options); ~ConnPoolImpl() override; // Http::ConnectionPool::Instance Http::Protocol protocol() const override { return Http::Protocol::Http2; } // ConnPoolImplBase Envoy::ConnectionPool::ActiveClientPtr instantiateActiveClient() override; protected: class ActiveClient : public CodecClientCallbacks, public Http::ConnectionCallbacks, public Envoy::Http::ActiveClient { public: ActiveClient(ConnPoolImpl& parent); ~ActiveClient() override = default; ConnPoolImpl& parent() { return static_cast(parent_); } // ConnPoolImpl::ActiveClient bool closingWithIncompleteStream() const override; RequestEncoder& newStreamEncoder(ResponseDecoder& response_decoder) override; // CodecClientCallbacks void onStreamDestroy() override { parent().onStreamDestroy(*this); } void onStreamReset(Http::StreamResetReason reason) override { parent().onStreamReset(*this, reason); } // Http::ConnectionCallbacks void onGoAway(Http::GoAwayErrorCode error_code) override { parent().onGoAway(*this, error_code); } bool closed_with_active_rq_{}; }; uint64_t maxStreamsPerConnection(); void movePrimaryClientToDraining(); void onGoAway(ActiveClient& client, Http::GoAwayErrorCode error_code); void onStreamDestroy(ActiveClient& client); void onStreamReset(ActiveClient& client, Http::StreamResetReason reason); // All streams are 2^31. Client streams are half that, minus stream 0. Just to be on the safe // side we do 2^29. static const uint64_t DEFAULT_MAX_STREAMS = (1 << 29); Random::RandomGenerator& random_generator_; }; /** * Production implementation of the HTTP/2 connection pool. */ class ProdConnPoolImpl : public ConnPoolImpl { public: using ConnPoolImpl::ConnPoolImpl; private: CodecClientPtr createCodecClient(Upstream::Host::CreateConnectionData& data) override; }; ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options); } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/metadata_decoder.cc ================================================ #include "common/http/http2/metadata_decoder.h" #include "common/common/assert.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Http { namespace Http2 { MetadataDecoder::MetadataDecoder(MetadataCallback cb) : metadata_map_(new MetadataMap()) { nghttp2_hd_inflater* inflater; int rv = nghttp2_hd_inflate_new(&inflater); ASSERT(rv == 0); inflater_ = Inflater(inflater); ASSERT(cb != nullptr); callback_ = std::move(cb); } bool MetadataDecoder::receiveMetadata(const uint8_t* data, size_t len) { ASSERT(data != nullptr && len != 0); payload_.add(data, len); total_payload_size_ += payload_.length(); return total_payload_size_ <= max_payload_size_bound_; } bool MetadataDecoder::onMetadataFrameComplete(bool end_metadata) { bool success = decodeMetadataPayloadUsingNghttp2(end_metadata); if (!success) { return false; } if (end_metadata) { callback_(std::move(metadata_map_)); metadata_map_ = std::make_unique(); } return true; } bool MetadataDecoder::decodeMetadataPayloadUsingNghttp2(bool end_metadata) { Buffer::RawSliceVector slices = payload_.getRawSlices(); const int num_slices = slices.size(); // Data consumed by nghttp2 so far. ssize_t payload_size_consumed = 0; // Decodes header block using nghttp2. for (int i = 0; i < num_slices; i++) { nghttp2_nv nv; int inflate_flags = 0; auto slice = slices[i]; // is_end indicates if the data in slice is the last data in the current // header block. bool is_end = i == (num_slices - 1) && end_metadata; // Feeds data to nghttp2 to decode. while (slice.len_ > 0) { ssize_t result = nghttp2_hd_inflate_hd2(inflater_.get(), &nv, &inflate_flags, reinterpret_cast(slice.mem_), slice.len_, is_end); if (result < 0 || (result == 0 && slice.len_ > 0)) { // If decoding fails, or there is data left in slice, but no data can be consumed by // nghttp2, return false. ENVOY_LOG(error, "Failed to decode payload."); return false; } slice.mem_ = reinterpret_cast(reinterpret_cast(slice.mem_) + result); slice.len_ -= result; payload_size_consumed += result; if (inflate_flags & NGHTTP2_HD_INFLATE_EMIT) { // One header key value pair has been successfully decoded. metadata_map_->emplace(std::string(reinterpret_cast(nv.name), nv.namelen), std::string(reinterpret_cast(nv.value), nv.valuelen)); } } if (slice.len_ == 0 && is_end) { // After one header block is decoded, reset inflater. ASSERT(end_metadata); nghttp2_hd_inflate_end_headers(inflater_.get()); } } payload_.drain(payload_size_consumed); return true; } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/metadata_decoder.h ================================================ #pragma once #include #include #include "envoy/http/codec.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { class MetadataEncoderDecoderTest_VerifyEncoderDecoderOnMultipleMetadataMaps_Test; // A class that decodes METADATA payload in the format of HTTP/2 header block into MetadataMap, a // map of string key value pairs. class MetadataDecoder : Logger::Loggable { public: /** * @param cb is the decoder's callback function. The callback function is called when the decoder * finishes decoding metadata. */ MetadataDecoder(MetadataCallback cb); /** * Calls this function when METADATA frame payload is received. The payload doesn't need to be * complete. * @param data is the pointer to the start of the payload. * @param len is the size of the received payload. * @return whether Metadata is received successfully. */ bool receiveMetadata(const uint8_t* data, size_t len); /** * Calls when a complete METADATA frame is received. The function will decode METADATA received. * If the frame is the last one in the group, the function triggers the registered callback * function callback_. * @param end_metadata indicates if all the METADATA has been received. * @return whether the operation succeeds. */ bool onMetadataFrameComplete(bool end_metadata); private: friend class MetadataEncoderDecoderTest_VerifyEncoderDecoderOnMultipleMetadataMaps_Test; friend class MetadataEncoderDecoderTest_VerifyEncoderDecoderMultipleMetadataReachSizeLimit_Test; /** * Decodes METADATA payload using nghttp2. * @param end_metadata indicates is END_METADATA is true. * @return if decoding succeeds. */ bool decodeMetadataPayloadUsingNghttp2(bool end_metadata); // Metadata that is currently being decoded. MetadataMapPtr metadata_map_; // Metadata event callback function. MetadataCallback callback_; // Payload received. Buffer::OwnedImpl payload_; // Payload size limit. If the total payload received exceeds the limit, fails the connection. const uint64_t max_payload_size_bound_ = 1024 * 1024; uint64_t total_payload_size_ = 0; // TODO(soya3129): consider sharing the inflater with all streams in a connection. Caveat: // inflater failure on one stream can impact other streams. using Inflater = CSmartPtr; Inflater inflater_; }; } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/metadata_encoder.cc ================================================ #include "common/http/http2/metadata_encoder.h" #include "common/common/assert.h" #include "absl/container/fixed_array.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { MetadataEncoder::MetadataEncoder() { nghttp2_hd_deflater* deflater; const int rv = nghttp2_hd_deflate_new(&deflater, header_table_size_); ASSERT(rv == 0); deflater_ = Deflater(deflater); } bool MetadataEncoder::createPayloadMetadataMap(const MetadataMap& metadata_map) { ASSERT(!metadata_map.empty()); const uint64_t payload_size_before = payload_.length(); const bool success = createHeaderBlockUsingNghttp2(metadata_map); const uint64_t payload_size_after = payload_.length(); if (!success || payload_size_after == payload_size_before) { ENVOY_LOG(error, "Failed to create payload."); return false; } payload_size_queue_.push_back(payload_size_after - payload_size_before); return true; } bool MetadataEncoder::createPayload(const MetadataMapVector& metadata_map_vector) { ASSERT(payload_.length() == 0); ASSERT(payload_size_queue_.empty()); for (const auto& metadata_map : metadata_map_vector) { if (!createPayloadMetadataMap(*metadata_map)) { return false; } } return true; } bool MetadataEncoder::createHeaderBlockUsingNghttp2(const MetadataMap& metadata_map) { // Constructs input for nghttp2 deflater (encoder). Encoding method used is // "HPACK Literal Header Field Never Indexed". const size_t nvlen = metadata_map.size(); absl::FixedArray nva(nvlen); size_t i = 0; for (const auto& header : metadata_map) { nva[i++] = {const_cast(reinterpret_cast(header.first.data())), const_cast(reinterpret_cast(header.second.data())), header.first.size(), header.second.size(), NGHTTP2_NV_FLAG_NO_INDEX}; } // Estimates the upper bound of output payload. const size_t buflen = nghttp2_hd_deflate_bound(deflater_.get(), nva.begin(), nvlen); if (buflen + payload_.length() > max_payload_size_bound_) { ENVOY_LOG(error, "Payload size {} exceeds the max bound.", buflen); return false; } Buffer::RawSlice iovec; payload_.reserve(buflen, &iovec, 1); ASSERT(iovec.len_ >= buflen); // Creates payload using nghttp2. uint8_t* buf = reinterpret_cast(iovec.mem_); const ssize_t result = nghttp2_hd_deflate_hd(deflater_.get(), buf, buflen, nva.begin(), nvlen); RELEASE_ASSERT(result > 0, fmt::format("Failed to deflate metadata payload, with result {}.", result)); iovec.len_ = result; payload_.commit(&iovec, 1); return true; } bool MetadataEncoder::hasNextFrame() { return payload_.length() > 0; } ssize_t MetadataEncoder::packNextFramePayload(uint8_t* buf, const size_t len) { // If this RELEASE_ASSERT fires, nghttp2 has requested that we pack more // METADATA frames than we have payload to pack. This could mean that the // HTTP/2 codec has submitted too many METADATA frames to nghttp2, or it could // mean that nghttp2 has called its pack_extension_callback more than once per // METADATA frame the codec submitted. RELEASE_ASSERT(!payload_size_queue_.empty(), "No payload remaining to pack into a METADATA frame."); const uint64_t current_payload_size = std::min(METADATA_MAX_PAYLOAD_SIZE, payload_size_queue_.front()); // nghttp2 guarantees len is at least 16KiB. If the check fails, please verify // NGHTTP2_MAX_PAYLOADLEN is consistent with METADATA_MAX_PAYLOAD_SIZE. RELEASE_ASSERT(len >= current_payload_size, fmt::format("METADATA payload buffer is too small ({}, expected at least {}).", len, METADATA_MAX_PAYLOAD_SIZE)); // Copies payload to the destination memory. payload_.copyOut(0, current_payload_size, buf); // Updates the remaining size of the current metadata_map. If no data left, removes the size entry // from the queue. payload_size_queue_.front() -= current_payload_size; if (payload_size_queue_.front() == 0) { payload_size_queue_.pop_front(); } // Releases the payload that has been copied out. payload_.drain(current_payload_size); return current_payload_size; } std::vector MetadataEncoder::payloadFrameFlagBytes() { std::vector flags; flags.reserve(payload_size_queue_.size()); for (uint64_t payload_size : payload_size_queue_) { uint64_t frame_count = payload_size / METADATA_MAX_PAYLOAD_SIZE + ((payload_size % METADATA_MAX_PAYLOAD_SIZE) == 0 ? 0 : 1); for (uint64_t i = 0; i < frame_count - 1; ++i) { flags.push_back(0); } flags.push_back(END_METADATA_FLAG); } return flags; } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/metadata_encoder.h ================================================ #pragma once #include #include #include #include "envoy/http/codec.h" #include "common/buffer/buffer_impl.h" #include "common/common/c_smart_ptr.h" #include "common/common/logger.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { /** * A class that creates and sends METADATA payload. The METADATA payload is a group of string key * value pairs encoded in HTTP/2 header blocks. METADATA frames are constructed in two steps: first, * the stream submits the frames' headers to nghttp2, and later, when nghttp2 prepares to send the * frames, it calls back into this class in order to construct their payloads. */ class MetadataEncoder : Logger::Loggable { public: MetadataEncoder(); /** * Creates wire format HTTP/2 header block from a vector of metadata maps. * @param metadata_map_vector supplies the metadata map vector to encode. * @return whether encoding is successful. */ bool createPayload(const MetadataMapVector& metadata_map_vector); /** * @return true if there is payload left to be packed. */ bool hasNextFrame(); /** * Creates the metadata frame payload for the next metadata frame. * @param buf is the pointer to the destination memory where the payload should be copied to. len * is the largest length the memory can hold. * @return the size of frame payload, or -1 for failure. */ ssize_t packNextFramePayload(uint8_t* buf, const size_t len); /** * Returns a vector denoting the sequence of METADATA frames that this encoder expects to pack, * and the flags to be set in each frame. This counts only frames that the encoder has not already * packed; to get the full sequence of frames corresponding to the metadata map vector, call this * before submitting any frames to nghttp2. * @return A vector indicating the header byte in each METADATA frame, in sequence. */ std::vector payloadFrameFlagBytes(); private: /** * Creates wire format HTTP/2 header block from metadata_map. * @param metadata_map supplies METADATA to encode. * @return whether encoding is successful. */ bool createPayloadMetadataMap(const MetadataMap& metadata_map); /** * Creates wired format header blocks using nghttp2. * @param metadata_map supplies METADATA to encode. * @return true if the creation succeeds. */ bool createHeaderBlockUsingNghttp2(const MetadataMap& metadata_map); // The METADATA payload to be sent. Buffer::OwnedImpl payload_; // Max payload size bound. const uint64_t max_payload_size_bound_ = 1024 * 1024; // Default HPACK table size. const size_t header_table_size_ = 4096; // TODO(soya3129): share deflater among all encoders in the same connection. The benefit is less // memory, and the caveat is encoding error on one stream can impact other streams. using Deflater = CSmartPtr; Deflater deflater_; // Stores the remaining payload size of each metadata_map to be packed. The payload size is needed // so that we know where to delineate between different metadata_maps in the payload_ buffer. The // payload size gets updated when the payload is packed into metadata frames. std::deque payload_size_queue_; }; } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/nghttp2.cc ================================================ #include "common/http/http2/nghttp2.h" #include "common/common/logger.h" // nghttp2 fails to convey the POSIX ssize_t declaration // that Microsoft declines to implement. Pick up a valid // ssize_t declaration for win32 in our platform.h #include "envoy/common/platform.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { void initializeNghttp2Logging() { // Event when ENVOY_NGHTTP2_TRACE is not set, we install a debug logger, to prevent nghttp2 // logging directly to stdout at -l trace. nghttp2_set_debug_vprintf_callback([](const char* format, va_list args) { if (std::getenv("ENVOY_NGHTTP2_TRACE") != nullptr) { char buf[2048]; const int n = ::vsnprintf(buf, sizeof(buf), format, args); // nghttp2 inserts new lines, but we also insert a new line in the ENVOY_LOG // below, so avoid double \n. if (n >= 1 && static_cast(n) < sizeof(buf) && buf[n - 1] == '\n') { buf[n - 1] = '\0'; } ENVOY_LOG_TO_LOGGER(Logger::Registry::getLog(Logger::Id::http2), trace, "nghttp2: {}", buf); } }); } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/nghttp2.h ================================================ #pragma once namespace Envoy { namespace Http { namespace Http2 { /** * Setup nghttp2 trace-level logging for when debugging. */ void initializeNghttp2Logging(); } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/protocol_constraints.cc ================================================ #include "common/http/http2/protocol_constraints.h" #include "common/common/assert.h" namespace Envoy { namespace Http { namespace Http2 { ProtocolConstraints::ProtocolConstraints( CodecStats& stats, const envoy::config::core::v3::Http2ProtocolOptions& http2_options) : stats_(stats), max_outbound_frames_(http2_options.max_outbound_frames().value()), frame_buffer_releasor_([this]() { releaseOutboundFrame(); }), max_outbound_control_frames_(http2_options.max_outbound_control_frames().value()), control_frame_buffer_releasor_([this]() { releaseOutboundControlFrame(); }), max_consecutive_inbound_frames_with_empty_payload_( http2_options.max_consecutive_inbound_frames_with_empty_payload().value()), max_inbound_priority_frames_per_stream_( http2_options.max_inbound_priority_frames_per_stream().value()), max_inbound_window_update_frames_per_data_frame_sent_( http2_options.max_inbound_window_update_frames_per_data_frame_sent().value()) {} ProtocolConstraints::ReleasorProc ProtocolConstraints::incrementOutboundFrameCount(bool is_outbound_flood_monitored_control_frame) { ++outbound_frames_; if (is_outbound_flood_monitored_control_frame) { ++outbound_control_frames_; } return is_outbound_flood_monitored_control_frame ? control_frame_buffer_releasor_ : frame_buffer_releasor_; } void ProtocolConstraints::releaseOutboundFrame() { ASSERT(outbound_frames_ >= 1); --outbound_frames_; } void ProtocolConstraints::releaseOutboundControlFrame() { ASSERT(outbound_control_frames_ >= 1); --outbound_control_frames_; releaseOutboundFrame(); } Status ProtocolConstraints::checkOutboundFrameLimits() { // Stop checking for further violations after the first failure. if (!status_.ok()) { return status_; } if (outbound_frames_ > max_outbound_frames_) { stats_.outbound_flood_.inc(); return status_ = bufferFloodError("Too many frames in the outbound queue."); } if (outbound_control_frames_ > max_outbound_control_frames_) { stats_.outbound_control_flood_.inc(); return status_ = bufferFloodError("Too many control frames in the outbound queue."); } return okStatus(); } Status ProtocolConstraints::trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) { switch (hd->type) { case NGHTTP2_HEADERS: case NGHTTP2_CONTINUATION: // Track new streams. if (hd->flags & NGHTTP2_FLAG_END_HEADERS) { inbound_streams_++; } FALLTHRU; case NGHTTP2_DATA: // Track frames with an empty payload and no end stream flag. if (hd->length - padding_length == 0 && !(hd->flags & NGHTTP2_FLAG_END_STREAM)) { consecutive_inbound_frames_with_empty_payload_++; } else { consecutive_inbound_frames_with_empty_payload_ = 0; } break; case NGHTTP2_PRIORITY: inbound_priority_frames_++; break; case NGHTTP2_WINDOW_UPDATE: inbound_window_update_frames_++; break; default: break; } status_.Update(checkInboundFrameLimits()); return status_; } Status ProtocolConstraints::checkInboundFrameLimits() { // Stop checking for further violations after the first failure. if (!status_.ok()) { return status_; } if (consecutive_inbound_frames_with_empty_payload_ > max_consecutive_inbound_frames_with_empty_payload_) { stats_.inbound_empty_frames_flood_.inc(); return inboundFramesWithEmptyPayloadError(); } if (inbound_priority_frames_ > static_cast(max_inbound_priority_frames_per_stream_) * (1 + inbound_streams_)) { stats_.inbound_priority_frames_flood_.inc(); return bufferFloodError("Too many PRIORITY frames"); } if (inbound_window_update_frames_ > 1 + 2 * (inbound_streams_ + max_inbound_window_update_frames_per_data_frame_sent_ * outbound_data_frames_)) { stats_.inbound_window_update_frames_flood_.inc(); return bufferFloodError("Too many WINDOW_UPDATE frames"); } return okStatus(); } } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http2/protocol_constraints.h ================================================ #pragma once #include #include #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/network/connection.h" #include "common/http/http2/codec_stats.h" #include "common/http/status.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Http2 { // Class for detecting abusive peers and validating additional constraints imposed by Envoy. // This class does not check protocol compliance with the H/2 standard, as this is checked by // protocol framer/codec. Currently implemented constraints: // 1. detection of control frame (i.e. PING) initiated floods. // 2. detection of outbound DATA or HEADER frame floods. // 4. zero length, PRIORITY and WINDOW_UPDATE floods. class ProtocolConstraints { public: using ReleasorProc = std::function; explicit ProtocolConstraints(CodecStats& stats, const envoy::config::core::v3::Http2ProtocolOptions& http2_options); // Return ok status if no protocol constraints were violated. // Return error status of the first detected violation. Subsequent violations of constraints // do not reset the error status or increment stat counters. const Status& status() const { return status_; } // Increment counters of pending (buffered for sending to the peer) outbound frames. // If the `is_outbound_flood_monitored_control_frame` is false only the counter for all frame // types is incremented. If the `is_outbound_flood_monitored_control_frame` is true, both the // control frame and all frame types counters are incremented. // Returns callable for decrementing frame counters when frames was successfully written to // the underlying transport socket object. // To check if outbound frame constraints were violated call the `status()` method. // TODO(yanavlasov): return StatusOr when flood checks are implemented for both // directions. ReleasorProc incrementOutboundFrameCount(bool is_outbound_flood_monitored_control_frame); // Track received frames of various types. // Return an error status if inbound frame constraints were violated. Status trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length); // Increment the number of DATA frames sent to the peer. void incrementOutboundDataFrameCount() { ++outbound_data_frames_; } Status checkOutboundFrameLimits(); private: void releaseOutboundFrame(); void releaseOutboundControlFrame(); Status checkInboundFrameLimits(); Status status_; CodecStats& stats_; // This counter keeps track of the number of outbound frames of all types (these that were // buffered in the underlying connection but not yet written into the socket). If this counter // exceeds the `max_outbound_frames_' value the connection is terminated. uint32_t outbound_frames_ = 0; // Maximum number of outbound frames. Initialized from corresponding http2_protocol_options. // Default value is 10000. const uint32_t max_outbound_frames_; ReleasorProc frame_buffer_releasor_; // This counter keeps track of the number of outbound frames of types PING, SETTINGS and // RST_STREAM (these that were buffered in the underlying connection but not yet written into the // socket). If this counter exceeds the `max_outbound_control_frames_' value the connection is // terminated. uint32_t outbound_control_frames_ = 0; // Maximum number of outbound frames of types PING, SETTINGS and RST_STREAM. Initialized from // corresponding http2_protocol_options. Default value is 1000. const uint32_t max_outbound_control_frames_; ReleasorProc control_frame_buffer_releasor_; // This counter keeps track of the number of consecutive inbound frames of types HEADERS, // CONTINUATION and DATA with an empty payload and no end stream flag. If this counter exceeds // the `max_consecutive_inbound_frames_with_empty_payload_` value the connection is terminated. uint32_t consecutive_inbound_frames_with_empty_payload_ = 0; // Maximum number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA without // a payload. Initialized from corresponding http2_protocol_options. Default value is 1. const uint32_t max_consecutive_inbound_frames_with_empty_payload_; // This counter keeps track of the number of inbound streams. uint32_t inbound_streams_ = 0; // This counter keeps track of the number of inbound PRIORITY frames. If this counter exceeds // the value calculated using this formula: // // max_inbound_priority_frames_per_stream_ * (1 + inbound_streams_) // // the connection is terminated. uint64_t inbound_priority_frames_ = 0; // Maximum number of inbound PRIORITY frames per stream. Initialized from corresponding // http2_protocol_options. Default value is 100. const uint32_t max_inbound_priority_frames_per_stream_; // This counter keeps track of the number of inbound WINDOW_UPDATE frames. If this counter exceeds // the value calculated using this formula: // // 1 + 2 * (inbound_streams_ + // max_inbound_window_update_frames_per_data_frame_sent_ * outbound_data_frames_) // // the connection is terminated. uint64_t inbound_window_update_frames_ = 0; // This counter keeps track of the number of outbound DATA frames. uint64_t outbound_data_frames_ = 0; // Maximum number of inbound WINDOW_UPDATE frames per outbound DATA frame sent. Initialized // from corresponding http2_protocol_options. Default value is 10. const uint32_t max_inbound_window_update_frames_per_data_frame_sent_; }; } // namespace Http2 } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http3/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "quic_codec_factory_lib", hdrs = ["quic_codec_factory.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/http:codec_interface", "//include/envoy/network:connection_interface", ], ) envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = ["//source/common/singleton:const_singleton"], ) ================================================ FILE: source/common/http/http3/quic_codec_factory.h ================================================ #pragma once #include #include "envoy/config/typed_config.h" #include "envoy/http/codec.h" #include "envoy/network/connection.h" namespace Envoy { namespace Http { // A factory to create Http::ServerConnection instance for QUIC. class QuicHttpServerConnectionFactory : public Config::UntypedFactory { public: ~QuicHttpServerConnectionFactory() override = default; virtual std::unique_ptr createQuicServerConnection(Network::Connection& connection, ConnectionCallbacks& callbacks) PURE; std::string category() const override { return "envoy.quic_client_codec"; } }; // A factory to create Http::ClientConnection instance for QUIC. class QuicHttpClientConnectionFactory : public Config::UntypedFactory { public: ~QuicHttpClientConnectionFactory() override = default; virtual std::unique_ptr createQuicClientConnection(Network::Connection& connection, ConnectionCallbacks& callbacks) PURE; std::string category() const override { return "envoy.quic_server_codec"; } }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/http3/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Http { class QuicCodecNameValues { public: // QUICHE is the only QUIC implementation for now. const std::string Quiche = "quiche"; }; using QuicCodecNames = ConstSingleton; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/message_impl.h ================================================ #pragma once #include #include "envoy/http/header_map.h" #include "envoy/http/message.h" #include "common/buffer/buffer_impl.h" #include "common/common/non_copyable.h" #include "common/http/header_map_impl.h" namespace Envoy { namespace Http { /** * Implementation of Http::Message. This implementation does not support streaming. */ template class MessageImpl : public Message { public: MessageImpl() : headers_(HeadersImplType::create()) {} MessageImpl(std::unique_ptr&& headers) : headers_(std::move(headers)) {} // Http::Message HeadersInterfaceType& headers() override { return *headers_; } Buffer::Instance& body() override { return body_; } TrailersInterfaceType* trailers() override { return trailers_.get(); } void trailers(std::unique_ptr&& trailers) override { trailers_ = std::move(trailers); } std::string bodyAsString() const override { return body_.toString(); } private: std::unique_ptr headers_; Buffer::OwnedImpl body_; std::unique_ptr trailers_; }; using RequestMessageImpl = MessageImpl; using ResponseMessageImpl = MessageImpl; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/path_utility.cc ================================================ #include "common/http/path_utility.h" #include "common/chromium_url/url_canon.h" #include "common/chromium_url/url_canon_stdstring.h" #include "common/common/logger.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "absl/types/optional.h" namespace Envoy { namespace Http { namespace { absl::optional canonicalizePath(absl::string_view original_path) { std::string canonical_path; chromium_url::Component in_component(0, original_path.size()); chromium_url::Component out_component; chromium_url::StdStringCanonOutput output(&canonical_path); if (!chromium_url::CanonicalizePath(original_path.data(), in_component, &output, &out_component)) { return absl::nullopt; } else { output.Complete(); return absl::make_optional(std::move(canonical_path)); } } } // namespace /* static */ bool PathUtil::canonicalPath(RequestHeaderMap& headers) { ASSERT(headers.Path()); const auto original_path = headers.getPathValue(); // canonicalPath is supposed to apply on path component in URL instead of :path header const auto query_pos = original_path.find('?'); auto normalized_path_opt = canonicalizePath( query_pos == original_path.npos ? original_path : absl::string_view(original_path.data(), query_pos) // '?' is not included ); if (!normalized_path_opt.has_value()) { return false; } auto& normalized_path = normalized_path_opt.value(); const absl::string_view query_suffix = query_pos == original_path.npos ? absl::string_view{} : absl::string_view{original_path.data() + query_pos, original_path.size() - query_pos}; if (!query_suffix.empty()) { normalized_path.insert(normalized_path.end(), query_suffix.begin(), query_suffix.end()); } headers.setPath(normalized_path); return true; } void PathUtil::mergeSlashes(RequestHeaderMap& headers) { ASSERT(headers.Path()); const auto original_path = headers.getPathValue(); // Only operate on path component in URL. const absl::string_view::size_type query_start = original_path.find('?'); const absl::string_view path = original_path.substr(0, query_start); const absl::string_view query = absl::ClippedSubstr(original_path, query_start); if (path.find("//") == absl::string_view::npos) { return; } const absl::string_view path_prefix = absl::StartsWith(path, "/") ? "/" : absl::string_view(); const absl::string_view path_suffix = absl::EndsWith(path, "/") ? "/" : absl::string_view(); headers.setPath(absl::StrCat(path_prefix, absl::StrJoin(absl::StrSplit(path, '/', absl::SkipEmpty()), "/"), path_suffix, query)); } absl::string_view PathUtil::removeQueryAndFragment(const absl::string_view path) { absl::string_view ret = path; // Trim query parameters and/or fragment if present. size_t offset = ret.find_first_of("?#"); if (offset != absl::string_view::npos) { ret.remove_suffix(ret.length() - offset); } return ret; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/path_utility.h ================================================ #pragma once #include "envoy/http/header_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Http { /** * Path helper extracted from chromium project. */ class PathUtil { public: // Returns if the normalization succeeds. // If it is successful, the path header in header path will be updated with the normalized path. // Requires the Path header be present. static bool canonicalPath(RequestHeaderMap& headers); // Merges two or more adjacent slashes in path part of URI into one. // Requires the Path header be present. static void mergeSlashes(RequestHeaderMap& headers); // Removes the query and/or fragment string (if present) from the input path. // For example, this function returns "/data" for the input path "/data#fragment?param=value". static absl::string_view removeQueryAndFragment(const absl::string_view path); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/request_id_extension_impl.cc ================================================ #include "common/http/request_id_extension_impl.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/http/request_id_extension_uuid_impl.h" namespace Envoy { namespace Http { namespace { // NoopRequestIDExtension is the implementation used outside of HTTP context. class NoopRequestIDExtension : public RequestIDExtension { public: void set(RequestHeaderMap&, bool) override {} void setInResponse(ResponseHeaderMap&, const RequestHeaderMap&) override {} bool modBy(const RequestHeaderMap&, uint64_t&, uint64_t) override { return false; } TraceStatus getTraceStatus(const RequestHeaderMap&) override { return TraceStatus::NoTrace; } void setTraceStatus(RequestHeaderMap&, TraceStatus) override {} }; } // namespace RequestIDExtensionSharedPtr RequestIDExtensionFactory::fromProto( const envoy::extensions::filters::network::http_connection_manager::v3::RequestIDExtension& config, Server::Configuration::FactoryContext& context) { const std::string type{TypeUtil::typeUrlToDescriptorFullName(config.typed_config().type_url())}; auto* factory = Registry::FactoryRegistry::getFactoryByType( type); if (factory == nullptr) { throw EnvoyException( fmt::format("Didn't find a registered implementation for type: '{}'", type)); } ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( config.typed_config(), context.messageValidationVisitor(), *factory); return factory->createExtensionInstance(*message, context); } RequestIDExtensionSharedPtr RequestIDExtensionFactory::defaultInstance(Envoy::Random::RandomGenerator& random) { return std::make_shared(random); } RequestIDExtensionSharedPtr RequestIDExtensionFactory::noopInstance() { MUTABLE_CONSTRUCT_ON_FIRST_USE(std::shared_ptr, std::make_shared()); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/request_id_extension_impl.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/http/request_id_extension.h" #include "envoy/server/request_id_extension_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Http { /** * Request ID Utilities factory that reads the configuration from proto. */ class RequestIDExtensionFactory { public: /** * Return a newly created instance of the default RequestIDExtension implementation. */ static RequestIDExtensionSharedPtr defaultInstance(Envoy::Random::RandomGenerator& random); /** * Return a globally shared instance of the noop RequestIDExtension implementation. */ static RequestIDExtensionSharedPtr noopInstance(); /** * Read a RequestIDExtension definition from proto and create it. */ static RequestIDExtensionSharedPtr fromProto( const envoy::extensions::filters::network::http_connection_manager::v3::RequestIDExtension& config, Server::Configuration::FactoryContext& context); }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/request_id_extension_uuid_impl.cc ================================================ #include "common/http/request_id_extension_uuid_impl.h" #include #include #include "envoy/http/header_map.h" #include "common/common/random_generator.h" #include "common/common/utility.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Http { void UUIDRequestIDExtension::set(RequestHeaderMap& request_headers, bool force) { if (!force && request_headers.RequestId()) { return; } // TODO(PiotrSikora) PERF: Write UUID directly to the header map. std::string uuid = random_.uuid(); ASSERT(!uuid.empty()); request_headers.setRequestId(uuid); } void UUIDRequestIDExtension::setInResponse(ResponseHeaderMap& response_headers, const RequestHeaderMap& request_headers) { if (request_headers.RequestId()) { response_headers.setRequestId(request_headers.getRequestIdValue()); } } bool UUIDRequestIDExtension::modBy(const RequestHeaderMap& request_headers, uint64_t& out, uint64_t mod) { if (request_headers.RequestId() == nullptr) { return false; } const std::string uuid(request_headers.getRequestIdValue()); if (uuid.length() < 8) { return false; } uint64_t value; if (!StringUtil::atoull(uuid.substr(0, 8).c_str(), value, 16)) { return false; } out = value % mod; return true; } TraceStatus UUIDRequestIDExtension::getTraceStatus(const RequestHeaderMap& request_headers) { if (request_headers.RequestId() == nullptr) { return TraceStatus::NoTrace; } absl::string_view uuid = request_headers.getRequestIdValue(); if (uuid.length() != Random::RandomGeneratorImpl::UUID_LENGTH) { return TraceStatus::NoTrace; } switch (uuid[TRACE_BYTE_POSITION]) { case TRACE_FORCED: return TraceStatus::Forced; case TRACE_SAMPLED: return TraceStatus::Sampled; case TRACE_CLIENT: return TraceStatus::Client; default: return TraceStatus::NoTrace; } } void UUIDRequestIDExtension::setTraceStatus(RequestHeaderMap& request_headers, TraceStatus status) { if (request_headers.RequestId() == nullptr) { return; } absl::string_view uuid_view = request_headers.getRequestIdValue(); if (uuid_view.length() != Random::RandomGeneratorImpl::UUID_LENGTH) { return; } std::string uuid(uuid_view); switch (status) { case TraceStatus::Forced: uuid[TRACE_BYTE_POSITION] = TRACE_FORCED; break; case TraceStatus::Client: uuid[TRACE_BYTE_POSITION] = TRACE_CLIENT; break; case TraceStatus::Sampled: uuid[TRACE_BYTE_POSITION] = TRACE_SAMPLED; break; case TraceStatus::NoTrace: uuid[TRACE_BYTE_POSITION] = NO_TRACE; break; } request_headers.setRequestId(uuid); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/request_id_extension_uuid_impl.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/http/request_id_extension.h" #include "common/runtime/runtime_impl.h" namespace Envoy { namespace Http { // UUIDRequestIDExtension is the default implementation if no other extension is explicitly // configured. class UUIDRequestIDExtension : public RequestIDExtension { public: explicit UUIDRequestIDExtension(Envoy::Random::RandomGenerator& random) : random_(random) {} void set(RequestHeaderMap& request_headers, bool force) override; void setInResponse(ResponseHeaderMap& response_headers, const RequestHeaderMap& request_headers) override; bool modBy(const RequestHeaderMap& request_headers, uint64_t& out, uint64_t mod) override; TraceStatus getTraceStatus(const RequestHeaderMap& request_headers) override; void setTraceStatus(RequestHeaderMap& request_headers, TraceStatus status) override; private: // Reference to the random generator used to generate new request IDs Envoy::Random::RandomGenerator& random_; // Byte on this position has predefined value of 4 for UUID4. static const int TRACE_BYTE_POSITION = 14; // Value of '9' is chosen randomly to distinguish between freshly generated uuid4 and the // one modified because we sample trace. static const char TRACE_SAMPLED = '9'; // Value of 'a' is chosen randomly to distinguish between freshly generated uuid4 and the // one modified because we force trace. static const char TRACE_FORCED = 'a'; // Value of 'b' is chosen randomly to distinguish between freshly generated uuid4 and the // one modified because of client trace. static const char TRACE_CLIENT = 'b'; // Initial value for freshly generated uuid4. static const char NO_TRACE = '4'; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/rest_api_fetcher.cc ================================================ #include "common/http/rest_api_fetcher.h" #include #include #include #include "common/common/enum_to_int.h" #include "common/config/utility.h" #include "common/http/message_impl.h" #include "common/http/utility.h" namespace Envoy { namespace Http { RestApiFetcher::RestApiFetcher(Upstream::ClusterManager& cm, const std::string& remote_cluster_name, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, std::chrono::milliseconds refresh_interval, std::chrono::milliseconds request_timeout) : remote_cluster_name_(remote_cluster_name), cm_(cm), random_(random), refresh_interval_(refresh_interval), request_timeout_(request_timeout), refresh_timer_(dispatcher.createTimer([this]() -> void { refresh(); })) {} RestApiFetcher::~RestApiFetcher() { if (active_request_) { active_request_->cancel(); } } void RestApiFetcher::initialize() { refresh(); } void RestApiFetcher::onSuccess(const Http::AsyncClient::Request& request, Http::ResponseMessagePtr&& response) { uint64_t response_code = Http::Utility::getResponseStatus(response->headers()); if (response_code == enumToInt(Http::Code::NotModified)) { requestComplete(); return; } else if (response_code != enumToInt(Http::Code::OK)) { onFailure(request, Http::AsyncClient::FailureReason::Reset); return; } try { parseResponse(*response); } catch (EnvoyException& e) { onFetchFailure(Config::ConfigUpdateFailureReason::UpdateRejected, &e); } requestComplete(); } void RestApiFetcher::onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) { // Currently Http::AsyncClient::FailureReason only has one value: "Reset". ASSERT(reason == Http::AsyncClient::FailureReason::Reset); onFetchFailure(Config::ConfigUpdateFailureReason::ConnectionFailure, nullptr); requestComplete(); } void RestApiFetcher::refresh() { RequestMessagePtr message(new RequestMessageImpl()); createRequest(*message); message->headers().setHost(remote_cluster_name_); active_request_ = cm_.httpAsyncClientForCluster(remote_cluster_name_) .send(std::move(message), *this, AsyncClient::RequestOptions().setTimeout(request_timeout_)); } void RestApiFetcher::requestComplete() { onFetchComplete(); active_request_ = nullptr; // Add refresh jitter based on the configured interval. std::chrono::milliseconds final_delay = refresh_interval_ + std::chrono::milliseconds(random_.random() % refresh_interval_.count()); refresh_timer_->enableTimer(final_delay); } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/rest_api_fetcher.h ================================================ #pragma once #include #include #include "envoy/common/random_generator.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Http { /** * A helper base class used to fetch a REST API at a jittered periodic interval. Once initialize() * is called, the API will be fetched and events raised. */ class RestApiFetcher : public Http::AsyncClient::Callbacks { protected: RestApiFetcher(Upstream::ClusterManager& cm, const std::string& remote_cluster_name, Event::Dispatcher& dispatcher, Random::RandomGenerator& random, std::chrono::milliseconds refresh_interval, std::chrono::milliseconds request_timeout); ~RestApiFetcher() override; /** * Start the fetch sequence. This should be called once. */ void initialize(); /** * This will be called when a fetch is about to happen. It should be overridden to fill the * request message with a valid request. */ virtual void createRequest(RequestMessage& request) PURE; /** * This will be called when a 200 response is returned by the API with the response message. */ virtual void parseResponse(const ResponseMessage& response) PURE; /** * This will be called either in the success case or in the failure case for each fetch. It can * be used to hold common post request logic. */ virtual void onFetchComplete() PURE; /** * This will be called if the fetch fails (either due to non-200 response, network error, etc.). * @param reason supplies the fetch failure reason. * @param e supplies any exception data on why the fetch failed. May be nullptr. */ virtual void onFetchFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e) PURE; protected: const std::string remote_cluster_name_; Upstream::ClusterManager& cm_; private: void refresh(); void requestComplete(); // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) override; void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span&, const Http::ResponseHeaderMap*) override {} Random::RandomGenerator& random_; const std::chrono::milliseconds refresh_interval_; const std::chrono::milliseconds request_timeout_; Event::TimerPtr refresh_timer_; Http::AsyncClient::Request* active_request_{}; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/status.cc ================================================ #include "common/http/status.h" #include "common/common/assert.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Http { namespace { constexpr absl::string_view EnvoyPayloadUrl = "Envoy"; absl::string_view statusCodeToString(StatusCode code) { switch (code) { case StatusCode::Ok: return "OK"; case StatusCode::CodecProtocolError: return "CodecProtocolError"; case StatusCode::BufferFloodError: return "BufferFloodError"; case StatusCode::PrematureResponseError: return "PrematureResponseError"; case StatusCode::CodecClientError: return "CodecClientError"; case StatusCode::InboundFramesWithEmptyPayload: return "InboundFramesWithEmptyPayloadError"; } NOT_REACHED_GCOVR_EXCL_LINE; } struct EnvoyStatusPayload { EnvoyStatusPayload(StatusCode status_code) : status_code_(status_code) {} const StatusCode status_code_; }; struct PrematureResponsePayload : public EnvoyStatusPayload { PrematureResponsePayload(Http::Code http_code) : EnvoyStatusPayload(StatusCode::PrematureResponseError), http_code_(http_code) {} const Http::Code http_code_; }; template void storePayload(absl::Status& status, const T& payload) { absl::Cord cord(absl::string_view(reinterpret_cast(&payload), sizeof(payload))); cord.Flatten(); // Flatten ahead of time for easier access later. status.SetPayload(EnvoyPayloadUrl, std::move(cord)); } template const T& getPayload(const absl::Status& status) { // The only way to get a reference to the payload owned by the absl::Status is through the // ForEachPayload method. All other methods create a copy of the payload, which is not convenient // for peeking at the payload value. const T* payload = nullptr; status.ForEachPayload([&payload](absl::string_view url, const absl::Cord& cord) { if (url == EnvoyPayloadUrl) { ASSERT(!payload); // Status API guarantees to have one payload with given URL auto data = cord.TryFlat(); ASSERT(data.has_value()); // EnvoyPayloadUrl cords are flattened ahead of time ASSERT(data.value().length() >= sizeof(T), "Invalid payload length"); payload = reinterpret_cast(data.value().data()); } }); ASSERT(payload); return *payload; } } // namespace std::string toString(const Status& status) { if (status.ok()) { return status.ToString(); } std::string text; auto status_code = getStatusCode(status); if (status_code != StatusCode::PrematureResponseError) { absl::StrAppend(&text, statusCodeToString(status_code), ": ", status.message()); } else { auto http_code = getPrematureResponseHttpCode(status); absl::StrAppend(&text, "PrematureResponseError: HTTP code: ", http_code, ": ", status.message()); } return text; } Status codecProtocolError(absl::string_view message) { absl::Status status(absl::StatusCode::kInternal, message); storePayload(status, EnvoyStatusPayload(StatusCode::CodecProtocolError)); return status; } Status bufferFloodError(absl::string_view message) { absl::Status status(absl::StatusCode::kInternal, message); storePayload(status, EnvoyStatusPayload(StatusCode::BufferFloodError)); return status; } Status prematureResponseError(absl::string_view message, Http::Code http_code) { absl::Status status(absl::StatusCode::kInternal, message); storePayload(status, PrematureResponsePayload(http_code)); return status; } Status codecClientError(absl::string_view message) { absl::Status status(absl::StatusCode::kInternal, message); storePayload(status, EnvoyStatusPayload(StatusCode::CodecClientError)); return status; } Status inboundFramesWithEmptyPayloadError() { absl::Status status(absl::StatusCode::kInternal, "Too many consecutive frames with an empty payload"); storePayload(status, EnvoyStatusPayload(StatusCode::InboundFramesWithEmptyPayload)); return status; } // Methods for checking and extracting error information StatusCode getStatusCode(const Status& status) { return status.ok() ? StatusCode::Ok : getPayload(status).status_code_; } bool isCodecProtocolError(const Status& status) { return getStatusCode(status) == StatusCode::CodecProtocolError; } bool isBufferFloodError(const Status& status) { return getStatusCode(status) == StatusCode::BufferFloodError; } bool isPrematureResponseError(const Status& status) { return getStatusCode(status) == StatusCode::PrematureResponseError; } Http::Code getPrematureResponseHttpCode(const Status& status) { const auto& payload = getPayload(status); ASSERT(payload.status_code_ == StatusCode::PrematureResponseError, "Must be PrematureResponseError"); return payload.http_code_; } bool isCodecClientError(const Status& status) { return getStatusCode(status) == StatusCode::CodecClientError; } bool isInboundFramesWithEmptyPayloadError(const Status& status) { return getStatusCode(status) == StatusCode::InboundFramesWithEmptyPayload; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/status.h ================================================ #pragma once #include #include #include "envoy/http/codes.h" #include "absl/status/status.h" #include "absl/strings/string_view.h" /** * Facility for returning rich error information. * This facility is to be used in place of exceptions, in components where * exceptions safety is not guaranteed (i.e. codecs). * * Envoy::Status is an alias of absl::Status. * IMPORTANT: `absl::Status` constructor `absl::Status::code()` and absl::Status::ToString()` * methods must not be used as they will not return correct error information. Instead the error * value creating and corresponding error checking functions defined below must be used. * TODO(yanavlasov): add clang-tidy or lint check to enforce this. * * Usage example: * * Envoy::Status Foo() { * ... * if (codec_error) { * return CodecProtocolError("Invalid protocol"); * } * return Envoy::OkStatus(); * } * * void Bar() { * auto status = Foo(); * if (status.ok()) { * ... * } else { * ASSERT(IsCodecProtocolError(status)); * ENVOY_LOG(debug, "Codec error encountered: {}", status.message()); * } * } */ namespace Envoy { namespace Http { /** * Status codes for representing classes of Envoy errors. */ enum class StatusCode : int { Ok = 0, /** * Indicates a non-recoverable protocol error that should result in connection termination. */ CodecProtocolError = 1, /** * Indicates detection of outbound frame queue flood. */ BufferFloodError = 2, /** * Indicates a response is received on a connection that did not send a request. In practice * this can only happen on HTTP/1.1 connections. */ PrematureResponseError = 3, /** * Indicates a client (local) side error which should not happen. */ CodecClientError = 4, /** * Indicates that peer sent too many consecutive DATA frames with empty payload. */ InboundFramesWithEmptyPayload = 5, }; using Status = absl::Status; inline Status okStatus() { return absl::OkStatus(); } /** * Returns the combination of the error code name, message and any additional error attributes. */ std::string toString(const Status& status); /** * Functions for creating error values. The error code of the returned status object matches the * name of the function. */ Status codecProtocolError(absl::string_view message); Status bufferFloodError(absl::string_view message); Status prematureResponseError(absl::string_view message, Http::Code http_code); Status codecClientError(absl::string_view message); Status inboundFramesWithEmptyPayloadError(); /** * Returns Envoy::StatusCode of the given status object. * If the status object does not contain valid Envoy::Status value the function will ASSERT. */ StatusCode getStatusCode(const Status& status); /** * Returns true if the given status matches error code implied by the name of the function. */ ABSL_MUST_USE_RESULT bool isCodecProtocolError(const Status& status); ABSL_MUST_USE_RESULT bool isBufferFloodError(const Status& status); ABSL_MUST_USE_RESULT bool isPrematureResponseError(const Status& status); ABSL_MUST_USE_RESULT bool isCodecClientError(const Status& status); ABSL_MUST_USE_RESULT bool isInboundFramesWithEmptyPayloadError(const Status& status); /** * Returns Http::Code value of the PrematureResponseError status. * IsPrematureResponseError(status) must be true which is checked by ASSERT. */ Http::Code getPrematureResponseHttpCode(const Status& status); /** * Macro that checks return value of expression that results in Status and returns from * the current function is status is not OK. * * Example usage: * Status foo() { * RETURN_IF_ERROR(bar()); * return okStatus(); * } */ #define RETURN_IF_ERROR(expr) \ do { \ if (::Envoy::Http::Details::StatusAdapter adapter{(expr)}) { \ } else { \ return std::move(adapter.status_); \ } \ } while (false) namespace Details { // Helper class to convert `Status` to `bool` so it can be used inside `if` statements. struct StatusAdapter { StatusAdapter(const Status& status) : status_(status) {} StatusAdapter(Status&& status) : status_(std::move(status)) {} StatusAdapter(const StatusAdapter&) = delete; StatusAdapter& operator=(const StatusAdapter&) = delete; explicit operator bool() const { return status_.ok(); } Status status_; }; } // namespace Details } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/user_agent.cc ================================================ #include "common/http/user_agent.h" #include #include #include #include "envoy/network/connection.h" #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" #include "common/http/headers.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" namespace Envoy { namespace Http { UserAgentContext::UserAgentContext(Stats::SymbolTable& symbol_table) : symbol_table_(symbol_table), pool_(symbol_table), downstream_cx_length_ms_(pool_.add("downstream_cx_length_ms")), ios_(pool_.add("user_agent.ios")), android_(pool_.add("user_agent.android")), downstream_cx_total_(pool_.add("downstream_cx_total")), downstream_cx_destroy_remote_active_rq_(pool_.add("downstream_cx_destroy_remote_active_rq")), downstream_rq_total_(pool_.add("downstream_rq_total")) {} void UserAgent::completeConnectionLength(Stats::Timespan& span) { if (stats_ != nullptr) { stats_->downstream_cx_length_ms_.recordValue(span.elapsed().count()); } } UserAgentStats::UserAgentStats(Stats::StatName prefix, Stats::StatName device, Stats::Scope& scope, const UserAgentContext& context) : downstream_cx_total_(Stats::Utility::counterFromElements( scope, {prefix, device, context.downstream_cx_total_})), downstream_cx_destroy_remote_active_rq_(Stats::Utility::counterFromElements( scope, {prefix, device, context.downstream_cx_destroy_remote_active_rq_})), downstream_rq_total_(Stats::Utility::counterFromElements( scope, {prefix, device, context.downstream_rq_total_})), downstream_cx_length_ms_(Stats::Utility::histogramFromElements( scope, {prefix, device, context.downstream_cx_length_ms_}, Stats::Histogram::Unit::Milliseconds)) { downstream_cx_total_.inc(); downstream_rq_total_.inc(); } void UserAgent::initializeFromHeaders(const RequestHeaderMap& headers, Stats::StatName prefix, Stats::Scope& scope) { // We assume that the user-agent is consistent based on the first request. if (stats_ == nullptr && !initialized_) { initialized_ = true; const absl::string_view user_agent = headers.getUserAgentValue(); if (!user_agent.empty()) { if (user_agent.find("iOS") != absl::string_view::npos) { stats_ = std::make_unique(prefix, context_.ios_, scope, context_); } else if (user_agent.find("android") != absl::string_view::npos) { stats_ = std::make_unique(prefix, context_.android_, scope, context_); } } } } void UserAgent::onConnectionDestroy(Network::ConnectionEvent event, bool active_streams) { if (stats_ != nullptr && active_streams && event == Network::ConnectionEvent::RemoteClose) { stats_->downstream_cx_destroy_remote_active_rq_.inc(); } } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/user_agent.h ================================================ #pragma once #include #include #include #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { /** * Captures the stat tokens used for recording user-agent stats. These are * independent of scope. */ struct UserAgentContext { UserAgentContext(Stats::SymbolTable& symbol_table); Stats::SymbolTable& symbol_table_; Stats::StatNamePool pool_; Stats::StatName downstream_cx_length_ms_; Stats::StatName ios_; Stats::StatName android_; Stats::StatName downstream_cx_total_; Stats::StatName downstream_cx_destroy_remote_active_rq_; Stats::StatName downstream_rq_total_; }; /** * Captures the stats (counters and histograms) for user-agents. These are * established within a stats scope. You must supply a UserAgentContext so that * none of the symbols have to be looked up in the symbol-table in the * request-path. */ struct UserAgentStats { UserAgentStats(Stats::StatName prefix, Stats::StatName device, Stats::Scope& scope, const UserAgentContext& context); Stats::Counter& downstream_cx_total_; Stats::Counter& downstream_cx_destroy_remote_active_rq_; Stats::Counter& downstream_rq_total_; Stats::Histogram& downstream_cx_length_ms_; }; /** * Stats support for specific user agents. */ class UserAgent { public: UserAgent(const UserAgentContext& context) : context_(context) {} /** * Complete a connection length timespan for the target user agent. * @param span supplies the timespan to complete. */ void completeConnectionLength(Stats::Timespan& span); /** * Initialize the user agent from request headers. This is only done once and the user-agent * is assumed to be the same for further requests. * @param headers supplies the request headers. * @param prefix supplies the stat prefix for the UA stats. * @param scope supplies the backing stat scope. */ void initializeFromHeaders(const RequestHeaderMap& headers, Stats::StatName prefix, Stats::Scope& scope); /** * Called when a connection is being destroyed. * @param event supplies the network event that caused destruction. * @param active_streams supplies whether there are still active streams at the time of closing. */ void onConnectionDestroy(Network::ConnectionEvent event, bool active_streams); void initStats(Stats::StatName prefix, Stats::StatName device, Stats::Scope& scope); private: const UserAgentContext& context_; bool initialized_{false}; std::unique_ptr stats_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/utility.cc ================================================ #include "common/http/utility.h" #include #include #include #include #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/http/header_map.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/grpc/status.h" #include "common/http/exception.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" #include "absl/strings/numbers.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Utility { Http::Status exceptionToStatus(std::function dispatch, Buffer::Instance& data) { Http::Status status; try { status = dispatch(data); // TODO(#10878): Remove this when exception removal is complete. It is currently in migration, // so dispatch may either return an error status or throw an exception. Soon we won't need to // catch these exceptions, as all codec errors will be migrated to using error statuses that are // returned from dispatch. } catch (FrameFloodException& e) { status = bufferFloodError(e.what()); } catch (CodecProtocolException& e) { status = codecProtocolError(e.what()); } catch (PrematureResponseException& e) { status = prematureResponseError(e.what(), e.responseCode()); } return status; } } // namespace Utility } // namespace Http namespace Http2 { namespace Utility { namespace { void validateCustomSettingsParameters( const envoy::config::core::v3::Http2ProtocolOptions& options) { std::vector parameter_collisions, custom_parameter_collisions; absl::node_hash_set custom_parameters; // User defined and named parameters with the same SETTINGS identifier can not both be set. for (const auto& it : options.custom_settings_parameters()) { ASSERT(it.identifier().value() <= std::numeric_limits::max()); // Check for custom parameter inconsistencies. const auto result = custom_parameters.insert( {static_cast(it.identifier().value()), it.value().value()}); if (!result.second) { if (result.first->value != it.value().value()) { custom_parameter_collisions.push_back( absl::StrCat("0x", absl::Hex(it.identifier().value(), absl::kZeroPad2))); // Fall through to allow unbatched exceptions to throw first. } } switch (it.identifier().value()) { case NGHTTP2_SETTINGS_ENABLE_PUSH: if (it.value().value() == 1) { throw EnvoyException("server push is not supported by Envoy and can not be enabled via a " "SETTINGS parameter."); } break; case NGHTTP2_SETTINGS_ENABLE_CONNECT_PROTOCOL: // An exception is made for `allow_connect` which can't be checked for presence due to the // use of a primitive type (bool). throw EnvoyException("the \"allow_connect\" SETTINGS parameter must only be configured " "through the named field"); case NGHTTP2_SETTINGS_HEADER_TABLE_SIZE: if (options.has_hpack_table_size()) { parameter_collisions.push_back("hpack_table_size"); } break; case NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS: if (options.has_max_concurrent_streams()) { parameter_collisions.push_back("max_concurrent_streams"); } break; case NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE: if (options.has_initial_stream_window_size()) { parameter_collisions.push_back("initial_stream_window_size"); } break; default: // Ignore unknown parameters. break; } } if (!custom_parameter_collisions.empty()) { throw EnvoyException(fmt::format( "inconsistent HTTP/2 custom SETTINGS parameter(s) detected; identifiers = {{{}}}", absl::StrJoin(custom_parameter_collisions, ","))); } if (!parameter_collisions.empty()) { throw EnvoyException(fmt::format( "the {{{}}} HTTP/2 SETTINGS parameter(s) can not be configured through both named and " "custom parameters", absl::StrJoin(parameter_collisions, ","))); } } } // namespace const uint32_t OptionsLimits::MIN_HPACK_TABLE_SIZE; const uint32_t OptionsLimits::DEFAULT_HPACK_TABLE_SIZE; const uint32_t OptionsLimits::MAX_HPACK_TABLE_SIZE; const uint32_t OptionsLimits::MIN_MAX_CONCURRENT_STREAMS; const uint32_t OptionsLimits::DEFAULT_MAX_CONCURRENT_STREAMS; const uint32_t OptionsLimits::MAX_MAX_CONCURRENT_STREAMS; const uint32_t OptionsLimits::MIN_INITIAL_STREAM_WINDOW_SIZE; const uint32_t OptionsLimits::DEFAULT_INITIAL_STREAM_WINDOW_SIZE; const uint32_t OptionsLimits::MAX_INITIAL_STREAM_WINDOW_SIZE; const uint32_t OptionsLimits::MIN_INITIAL_CONNECTION_WINDOW_SIZE; const uint32_t OptionsLimits::DEFAULT_INITIAL_CONNECTION_WINDOW_SIZE; const uint32_t OptionsLimits::MAX_INITIAL_CONNECTION_WINDOW_SIZE; const uint32_t OptionsLimits::DEFAULT_MAX_OUTBOUND_FRAMES; const uint32_t OptionsLimits::DEFAULT_MAX_OUTBOUND_CONTROL_FRAMES; const uint32_t OptionsLimits::DEFAULT_MAX_CONSECUTIVE_INBOUND_FRAMES_WITH_EMPTY_PAYLOAD; const uint32_t OptionsLimits::DEFAULT_MAX_INBOUND_PRIORITY_FRAMES_PER_STREAM; const uint32_t OptionsLimits::DEFAULT_MAX_INBOUND_WINDOW_UPDATE_FRAMES_PER_DATA_FRAME_SENT; envoy::config::core::v3::Http2ProtocolOptions initializeAndValidateOptions(const envoy::config::core::v3::Http2ProtocolOptions& options, bool hcm_stream_error_set, const Protobuf::BoolValue& hcm_stream_error) { auto ret = initializeAndValidateOptions(options); if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.hcm_stream_error_on_invalid_message") && !options.has_override_stream_error_on_invalid_http_message() && hcm_stream_error_set) { ret.mutable_override_stream_error_on_invalid_http_message()->set_value( hcm_stream_error.value()); } return ret; } envoy::config::core::v3::Http2ProtocolOptions initializeAndValidateOptions(const envoy::config::core::v3::Http2ProtocolOptions& options) { envoy::config::core::v3::Http2ProtocolOptions options_clone(options); // This will throw an exception when a custom parameter and a named parameter collide. validateCustomSettingsParameters(options); if (!options.has_override_stream_error_on_invalid_http_message()) { options_clone.mutable_override_stream_error_on_invalid_http_message()->set_value( options.stream_error_on_invalid_http_messaging()); } if (!options_clone.has_hpack_table_size()) { options_clone.mutable_hpack_table_size()->set_value(OptionsLimits::DEFAULT_HPACK_TABLE_SIZE); } ASSERT(options_clone.hpack_table_size().value() <= OptionsLimits::MAX_HPACK_TABLE_SIZE); if (!options_clone.has_max_concurrent_streams()) { options_clone.mutable_max_concurrent_streams()->set_value( OptionsLimits::DEFAULT_MAX_CONCURRENT_STREAMS); } ASSERT( options_clone.max_concurrent_streams().value() >= OptionsLimits::MIN_MAX_CONCURRENT_STREAMS && options_clone.max_concurrent_streams().value() <= OptionsLimits::MAX_MAX_CONCURRENT_STREAMS); if (!options_clone.has_initial_stream_window_size()) { options_clone.mutable_initial_stream_window_size()->set_value( OptionsLimits::DEFAULT_INITIAL_STREAM_WINDOW_SIZE); } ASSERT(options_clone.initial_stream_window_size().value() >= OptionsLimits::MIN_INITIAL_STREAM_WINDOW_SIZE && options_clone.initial_stream_window_size().value() <= OptionsLimits::MAX_INITIAL_STREAM_WINDOW_SIZE); if (!options_clone.has_initial_connection_window_size()) { options_clone.mutable_initial_connection_window_size()->set_value( OptionsLimits::DEFAULT_INITIAL_CONNECTION_WINDOW_SIZE); } ASSERT(options_clone.initial_connection_window_size().value() >= OptionsLimits::MIN_INITIAL_CONNECTION_WINDOW_SIZE && options_clone.initial_connection_window_size().value() <= OptionsLimits::MAX_INITIAL_CONNECTION_WINDOW_SIZE); if (!options_clone.has_max_outbound_frames()) { options_clone.mutable_max_outbound_frames()->set_value( OptionsLimits::DEFAULT_MAX_OUTBOUND_FRAMES); } if (!options_clone.has_max_outbound_control_frames()) { options_clone.mutable_max_outbound_control_frames()->set_value( OptionsLimits::DEFAULT_MAX_OUTBOUND_CONTROL_FRAMES); } if (!options_clone.has_max_consecutive_inbound_frames_with_empty_payload()) { options_clone.mutable_max_consecutive_inbound_frames_with_empty_payload()->set_value( OptionsLimits::DEFAULT_MAX_CONSECUTIVE_INBOUND_FRAMES_WITH_EMPTY_PAYLOAD); } if (!options_clone.has_max_inbound_priority_frames_per_stream()) { options_clone.mutable_max_inbound_priority_frames_per_stream()->set_value( OptionsLimits::DEFAULT_MAX_INBOUND_PRIORITY_FRAMES_PER_STREAM); } if (!options_clone.has_max_inbound_window_update_frames_per_data_frame_sent()) { options_clone.mutable_max_inbound_window_update_frames_per_data_frame_sent()->set_value( OptionsLimits::DEFAULT_MAX_INBOUND_WINDOW_UPDATE_FRAMES_PER_DATA_FRAME_SENT); } return options_clone; } } // namespace Utility } // namespace Http2 namespace Http { static const char kDefaultPath[] = "/"; bool Utility::Url::initialize(absl::string_view absolute_url, bool is_connect) { struct http_parser_url u; http_parser_url_init(&u); const int result = http_parser_parse_url(absolute_url.data(), absolute_url.length(), is_connect, &u); if (result != 0) { return false; } if ((u.field_set & (1 << UF_HOST)) != (1 << UF_HOST) && (u.field_set & (1 << UF_SCHEMA)) != (1 << UF_SCHEMA)) { return false; } scheme_ = absl::string_view(absolute_url.data() + u.field_data[UF_SCHEMA].off, u.field_data[UF_SCHEMA].len); uint16_t authority_len = u.field_data[UF_HOST].len; if ((u.field_set & (1 << UF_PORT)) == (1 << UF_PORT)) { authority_len = authority_len + u.field_data[UF_PORT].len + 1; } host_and_port_ = absl::string_view(absolute_url.data() + u.field_data[UF_HOST].off, authority_len); // RFC allows the absolute-uri to not end in /, but the absolute path form // must start with uint64_t path_len = absolute_url.length() - (u.field_data[UF_HOST].off + hostAndPort().length()); if (path_len > 0) { uint64_t path_beginning = u.field_data[UF_HOST].off + hostAndPort().length(); path_and_query_params_ = absl::string_view(absolute_url.data() + path_beginning, path_len); } else if (!is_connect) { path_and_query_params_ = absl::string_view(kDefaultPath, 1); } return true; } void Utility::appendXff(RequestHeaderMap& headers, const Network::Address::Instance& remote_address) { if (remote_address.type() != Network::Address::Type::Ip) { return; } headers.appendForwardedFor(remote_address.ip()->addressAsString(), ","); } void Utility::appendVia(RequestOrResponseHeaderMap& headers, const std::string& via) { // TODO(asraa): Investigate whether it is necessary to append with whitespace here by: // (a) Validating we do not expect whitespace in via headers // (b) Add runtime guarding in case users have upstreams which expect it. headers.appendVia(via, ", "); } std::string Utility::createSslRedirectPath(const RequestHeaderMap& headers) { ASSERT(headers.Host()); ASSERT(headers.Path()); return fmt::format("https://{}{}", headers.getHostValue(), headers.getPathValue()); } Utility::QueryParams Utility::parseQueryString(absl::string_view url) { size_t start = url.find('?'); if (start == std::string::npos) { QueryParams params; return params; } start++; return parseParameters(url, start, /*decode_params=*/false); } Utility::QueryParams Utility::parseAndDecodeQueryString(absl::string_view url) { size_t start = url.find('?'); if (start == std::string::npos) { QueryParams params; return params; } start++; return parseParameters(url, start, /*decode_params=*/true); } Utility::QueryParams Utility::parseFromBody(absl::string_view body) { return parseParameters(body, 0, /*decode_params=*/true); } Utility::QueryParams Utility::parseParameters(absl::string_view data, size_t start, bool decode_params) { QueryParams params; while (start < data.size()) { size_t end = data.find('&', start); if (end == std::string::npos) { end = data.size(); } absl::string_view param(data.data() + start, end - start); const size_t equal = param.find('='); if (equal != std::string::npos) { const auto param_name = StringUtil::subspan(data, start, start + equal); const auto param_value = StringUtil::subspan(data, start + equal + 1, end); params.emplace(decode_params ? PercentEncoding::decode(param_name) : param_name, decode_params ? PercentEncoding::decode(param_value) : param_value); } else { params.emplace(StringUtil::subspan(data, start, end), ""); } start = end + 1; } return params; } absl::string_view Utility::findQueryStringStart(const HeaderString& path) { absl::string_view path_str = path.getStringView(); size_t query_offset = path_str.find('?'); if (query_offset == absl::string_view::npos) { query_offset = path_str.length(); } path_str.remove_prefix(query_offset); return path_str; } std::string Utility::parseCookieValue(const HeaderMap& headers, const std::string& key) { std::string ret; headers.iterateReverse([&key, &ret](const HeaderEntry& header) -> HeaderMap::Iterate { // Find the cookie headers in the request (typically, there's only one). if (header.key() == Http::Headers::get().Cookie.get()) { // Split the cookie header into individual cookies. for (const auto& s : StringUtil::splitToken(header.value().getStringView(), ";")) { // Find the key part of the cookie (i.e. the name of the cookie). size_t first_non_space = s.find_first_not_of(" "); size_t equals_index = s.find('='); if (equals_index == absl::string_view::npos) { // The cookie is malformed if it does not have an `=`. Continue // checking other cookies in this header. continue; } const absl::string_view k = s.substr(first_non_space, equals_index - first_non_space); // If the key matches, parse the value from the rest of the cookie string. if (k == key) { absl::string_view v = s.substr(equals_index + 1, s.size() - 1); // Cookie values may be wrapped in double quotes. // https://tools.ietf.org/html/rfc6265#section-4.1.1 if (v.size() >= 2 && v.back() == '"' && v[0] == '"') { v = v.substr(1, v.size() - 2); } ret = std::string{v}; return HeaderMap::Iterate::Break; } } } return HeaderMap::Iterate::Continue; }); return ret; } std::string Utility::makeSetCookieValue(const std::string& key, const std::string& value, const std::string& path, const std::chrono::seconds max_age, bool httponly) { std::string cookie_value; // Best effort attempt to avoid numerous string copies. cookie_value.reserve(value.size() + path.size() + 30); cookie_value = absl::StrCat(key, "=\"", value, "\""); if (max_age != std::chrono::seconds::zero()) { absl::StrAppend(&cookie_value, "; Max-Age=", max_age.count()); } if (!path.empty()) { absl::StrAppend(&cookie_value, "; Path=", path); } if (httponly) { absl::StrAppend(&cookie_value, "; HttpOnly"); } return cookie_value; } uint64_t Utility::getResponseStatus(const ResponseHeaderMap& headers) { const HeaderEntry* header = headers.Status(); uint64_t response_code; if (!header || !absl::SimpleAtoi(headers.getStatusValue(), &response_code)) { throw CodecClientException(":status must be specified and a valid unsigned long"); } return response_code; } bool Utility::isUpgrade(const RequestOrResponseHeaderMap& headers) { // In firefox the "Connection" request header value is "keep-alive, Upgrade", // we should check if it contains the "Upgrade" token. return (headers.Upgrade() && Envoy::StringUtil::caseFindToken(headers.getConnectionValue(), ",", Http::Headers::get().ConnectionValues.Upgrade.c_str())); } bool Utility::isH2UpgradeRequest(const RequestHeaderMap& headers) { return headers.getMethodValue() == Http::Headers::get().MethodValues.Connect && headers.Protocol() && !headers.Protocol()->value().empty() && headers.Protocol()->value() != Headers::get().ProtocolValues.Bytestream; } bool Utility::isWebSocketUpgradeRequest(const RequestHeaderMap& headers) { return (isUpgrade(headers) && absl::EqualsIgnoreCase(headers.getUpgradeValue(), Http::Headers::get().UpgradeValues.WebSocket)); } Http1Settings Utility::parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOptions& config) { Http1Settings ret; ret.allow_absolute_url_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, allow_absolute_url, true); ret.accept_http_10_ = config.accept_http_10(); ret.default_host_for_http_10_ = config.default_host_for_http_10(); ret.enable_trailers_ = config.enable_trailers(); ret.allow_chunked_length_ = config.allow_chunked_length(); if (config.header_key_format().has_proper_case_words()) { ret.header_key_format_ = Http1Settings::HeaderKeyFormat::ProperCase; } else { ret.header_key_format_ = Http1Settings::HeaderKeyFormat::Default; } return ret; } Http1Settings Utility::parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOptions& config, const Protobuf::BoolValue& hcm_stream_error) { Http1Settings ret = parseHttp1Settings(config); if (config.has_override_stream_error_on_invalid_http_message()) { // override_stream_error_on_invalid_http_message, if set, takes precedence over any HCM // stream_error_on_invalid_http_message ret.stream_error_on_invalid_http_message_ = config.override_stream_error_on_invalid_http_message().value(); } else { // fallback to HCM value ret.stream_error_on_invalid_http_message_ = hcm_stream_error.value(); } return ret; } void Utility::sendLocalReply(const bool& is_reset, StreamDecoderFilterCallbacks& callbacks, const LocalReplyData& local_reply_data) { absl::string_view details; if (callbacks.streamInfo().responseCodeDetails().has_value()) { details = callbacks.streamInfo().responseCodeDetails().value(); }; sendLocalReply( is_reset, Utility::EncodeFunctions{nullptr, nullptr, [&](ResponseHeaderMapPtr&& headers, bool end_stream) -> void { callbacks.encodeHeaders(std::move(headers), end_stream, details); }, [&](Buffer::Instance& data, bool end_stream) -> void { callbacks.encodeData(data, end_stream); }}, local_reply_data); } void Utility::sendLocalReply(const bool& is_reset, const EncodeFunctions& encode_functions, const LocalReplyData& local_reply_data) { // encode_headers() may reset the stream, so the stream must not be reset before calling it. ASSERT(!is_reset); // rewrite_response will rewrite response code and body text. Code response_code = local_reply_data.response_code_; std::string body_text(local_reply_data.body_text_); absl::string_view content_type(Headers::get().ContentTypeValues.Text); ResponseHeaderMapPtr response_headers{createHeaderMap( {{Headers::get().Status, std::to_string(enumToInt(response_code))}})}; if (encode_functions.modify_headers_) { encode_functions.modify_headers_(*response_headers); } if (encode_functions.rewrite_) { encode_functions.rewrite_(*response_headers, response_code, body_text, content_type); } // Respond with a gRPC trailers-only response if the request is gRPC if (local_reply_data.is_grpc_) { response_headers->setStatus(std::to_string(enumToInt(Code::OK))); response_headers->setReferenceContentType(Headers::get().ContentTypeValues.Grpc); response_headers->setGrpcStatus( std::to_string(enumToInt(local_reply_data.grpc_status_ ? local_reply_data.grpc_status_.value() : Grpc::Utility::httpToGrpcStatus(enumToInt(response_code))))); if (!body_text.empty() && !local_reply_data.is_head_request_) { // TODO(dio): Probably it is worth to consider caching the encoded message based on gRPC // status. // JsonFormatter adds a '\n' at the end. For header value, it should be removed. // https://github.com/envoyproxy/envoy/blob/master/source/common/formatter/substitution_formatter.cc#L129 if (body_text[body_text.length() - 1] == '\n') { body_text = body_text.substr(0, body_text.length() - 1); } response_headers->setGrpcMessage(PercentEncoding::encode(body_text)); } // The `modify_headers` function may have added content-length, remove it. response_headers->removeContentLength(); encode_functions.encode_headers_(std::move(response_headers), true); // Trailers only response return; } if (!body_text.empty()) { response_headers->setContentLength(body_text.size()); // If the `rewrite` function has changed body_text or content-type is not set, set it. // This allows `modify_headers` function to set content-type for the body. For example, // router.direct_response is calling sendLocalReply and may need to set content-type for // the body. if (body_text != local_reply_data.body_text_ || response_headers->ContentType() == nullptr) { response_headers->setReferenceContentType(content_type); } } else { response_headers->removeContentLength(); response_headers->removeContentType(); } if (local_reply_data.is_head_request_) { encode_functions.encode_headers_(std::move(response_headers), true); return; } encode_functions.encode_headers_(std::move(response_headers), body_text.empty()); // encode_headers() may have changed the referenced is_reset so we need to test it if (!body_text.empty() && !is_reset) { Buffer::OwnedImpl buffer(body_text); encode_functions.encode_data_(buffer, true); } } Utility::GetLastAddressFromXffInfo Utility::getLastAddressFromXFF(const Http::RequestHeaderMap& request_headers, uint32_t num_to_skip) { const auto xff_header = request_headers.ForwardedFor(); if (xff_header == nullptr) { return {nullptr, false}; } absl::string_view xff_string(xff_header->value().getStringView()); static const std::string separator(","); // Ignore the last num_to_skip addresses at the end of XFF. for (uint32_t i = 0; i < num_to_skip; i++) { const std::string::size_type last_comma = xff_string.rfind(separator); if (last_comma == std::string::npos) { return {nullptr, false}; } xff_string = xff_string.substr(0, last_comma); } // The text after the last remaining comma, or the entirety of the string if there // is no comma, is the requested IP address. const std::string::size_type last_comma = xff_string.rfind(separator); if (last_comma != std::string::npos && last_comma + separator.size() < xff_string.size()) { xff_string = xff_string.substr(last_comma + separator.size()); } // Ignore the whitespace, since they are allowed in HTTP lists (see RFC7239#section-7.1). xff_string = StringUtil::ltrim(xff_string); xff_string = StringUtil::rtrim(xff_string); try { // This technically requires a copy because inet_pton takes a null terminated string. In // practice, we are working with a view at the end of the owning string, and could pass the // raw pointer. // TODO(mattklein123) PERF: Avoid the copy here. return { Network::Utility::parseInternetAddress(std::string(xff_string.data(), xff_string.size())), last_comma == std::string::npos && num_to_skip == 0}; } catch (const EnvoyException&) { return {nullptr, false}; } } bool Utility::sanitizeConnectionHeader(Http::RequestHeaderMap& headers) { static const size_t MAX_ALLOWED_NOMINATED_HEADERS = 10; static const size_t MAX_ALLOWED_TE_VALUE_SIZE = 256; // Remove any headers nominated by the Connection header. The TE header // is sanitized and removed only if it's empty after removing unsupported values // See https://github.com/envoyproxy/envoy/issues/8623 const auto& cv = Http::Headers::get().ConnectionValues; const auto& connection_header_value = headers.Connection()->value(); StringUtil::CaseUnorderedSet headers_to_remove{}; std::vector connection_header_tokens = StringUtil::splitToken(connection_header_value.getStringView(), ",", false); // If we have 10 or more nominated headers, fail this request if (connection_header_tokens.size() >= MAX_ALLOWED_NOMINATED_HEADERS) { ENVOY_LOG_MISC(trace, "Too many nominated headers in request"); return false; } // Split the connection header and evaluate each nominated header for (const auto& token : connection_header_tokens) { const auto token_sv = StringUtil::trim(token); // Build the LowerCaseString for header lookup const LowerCaseString lcs_header_to_remove{std::string(token_sv)}; // If the Connection token value is not a nominated header, ignore it here since // the connection header is removed elsewhere when the H1 request is upgraded to H2 if ((lcs_header_to_remove.get() == cv.Close) || (lcs_header_to_remove.get() == cv.Http2Settings) || (lcs_header_to_remove.get() == cv.KeepAlive) || (lcs_header_to_remove.get() == cv.Upgrade)) { continue; } // By default we will remove any nominated headers bool keep_header = false; // Determine whether the nominated header contains invalid values const HeaderEntry* nominated_header = nullptr; if (lcs_header_to_remove == Http::Headers::get().Connection) { // Remove the connection header from the nominated tokens if it's self nominated // The connection header itself is *not removed* ENVOY_LOG_MISC(trace, "Skipping self nominated header [{}]", token_sv); keep_header = true; headers_to_remove.emplace(token_sv); } else if ((lcs_header_to_remove == Http::Headers::get().ForwardedFor) || (lcs_header_to_remove == Http::Headers::get().ForwardedHost) || (lcs_header_to_remove == Http::Headers::get().ForwardedProto) || !token_sv.find(':')) { // An attacker could nominate an X-Forwarded* header, and its removal may mask // the origin of the incoming request and potentially alter its handling. // Additionally, pseudo headers should never be nominated. In both cases, we // should fail the request. // See: https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers ENVOY_LOG_MISC(trace, "Invalid nomination of {} header", token_sv); return false; } else { // Examine the value of all other nominated headers nominated_header = headers.get(lcs_header_to_remove); } if (nominated_header) { auto nominated_header_value_sv = nominated_header->value().getStringView(); const bool is_te_header = (lcs_header_to_remove == Http::Headers::get().TE); // reject the request if the TE header is too large if (is_te_header && (nominated_header_value_sv.size() >= MAX_ALLOWED_TE_VALUE_SIZE)) { ENVOY_LOG_MISC(trace, "TE header contains a value that exceeds the allowable length"); return false; } if (is_te_header) { for (const auto& header_value : StringUtil::splitToken(nominated_header_value_sv, ",", false)) { const absl::string_view header_sv = StringUtil::trim(header_value); // If trailers exist in the TE value tokens, keep the header, removing any other values // that may exist if (StringUtil::CaseInsensitiveCompare()(header_sv, Http::Headers::get().TEValues.Trailers)) { keep_header = true; break; } } if (keep_header) { headers.setTE(Http::Headers::get().TEValues.Trailers); } } } if (!keep_header) { ENVOY_LOG_MISC(trace, "Removing nominated header [{}]", token_sv); headers.remove(lcs_header_to_remove); headers_to_remove.emplace(token_sv); } } // Lastly remove extra nominated headers from the Connection header if (!headers_to_remove.empty()) { const std::string new_value = StringUtil::removeTokens(connection_header_value.getStringView(), ",", headers_to_remove, ","); if (new_value.empty()) { headers.removeConnection(); } else { headers.setConnection(new_value); } } return true; } const std::string& Utility::getProtocolString(const Protocol protocol) { switch (protocol) { case Protocol::Http10: return Headers::get().ProtocolStrings.Http10String; case Protocol::Http11: return Headers::get().ProtocolStrings.Http11String; case Protocol::Http2: return Headers::get().ProtocolStrings.Http2String; case Protocol::Http3: return Headers::get().ProtocolStrings.Http3String; } NOT_REACHED_GCOVR_EXCL_LINE; } void Utility::extractHostPathFromUri(const absl::string_view& uri, absl::string_view& host, absl::string_view& path) { /** * URI RFC: https://www.ietf.org/rfc/rfc2396.txt * * Example: * uri = "https://example.com:8443/certs" * pos: ^ * host_pos: ^ * path_pos: ^ * host = "example.com:8443" * path = "/certs" */ const auto pos = uri.find("://"); // Start position of the host const auto host_pos = (pos == std::string::npos) ? 0 : pos + 3; // Start position of the path const auto path_pos = uri.find("/", host_pos); if (path_pos == std::string::npos) { // If uri doesn't have "/", the whole string is treated as host. host = uri.substr(host_pos); path = "/"; } else { host = uri.substr(host_pos, path_pos - host_pos); path = uri.substr(path_pos); } } std::string Utility::localPathFromFilePath(const absl::string_view& file_path) { if (file_path.size() >= 3 && file_path[1] == ':' && file_path[2] == '/' && std::isalpha(file_path[0])) { return std::string(file_path); } return absl::StrCat("/", file_path); } RequestMessagePtr Utility::prepareHeaders(const envoy::config::core::v3::HttpUri& http_uri) { absl::string_view host, path; extractHostPathFromUri(http_uri.uri(), host, path); RequestMessagePtr message(new RequestMessageImpl()); message->headers().setPath(path); message->headers().setHost(host); return message; } // TODO(jmarantz): make QueryParams a real class and put this serializer there, // along with proper URL escaping of the name and value. std::string Utility::queryParamsToString(const QueryParams& params) { std::string out; std::string delim = "?"; for (const auto& p : params) { absl::StrAppend(&out, delim, p.first, "=", p.second); delim = "&"; } return out; } const std::string Utility::resetReasonToString(const Http::StreamResetReason reset_reason) { switch (reset_reason) { case Http::StreamResetReason::ConnectionFailure: return "connection failure"; case Http::StreamResetReason::ConnectionTermination: return "connection termination"; case Http::StreamResetReason::LocalReset: return "local reset"; case Http::StreamResetReason::LocalRefusedStreamReset: return "local refused stream reset"; case Http::StreamResetReason::Overflow: return "overflow"; case Http::StreamResetReason::RemoteReset: return "remote reset"; case Http::StreamResetReason::RemoteRefusedStreamReset: return "remote refused stream reset"; } NOT_REACHED_GCOVR_EXCL_LINE; } void Utility::transformUpgradeRequestFromH1toH2(RequestHeaderMap& headers) { ASSERT(Utility::isUpgrade(headers)); headers.setReferenceMethod(Http::Headers::get().MethodValues.Connect); headers.setProtocol(headers.getUpgradeValue()); headers.removeUpgrade(); headers.removeConnection(); // nghttp2 rejects upgrade requests/responses with content length, so strip // any unnecessary content length header. if (headers.getContentLengthValue() == "0") { headers.removeContentLength(); } } void Utility::transformUpgradeResponseFromH1toH2(ResponseHeaderMap& headers) { if (getResponseStatus(headers) == 101) { headers.setStatus(200); } headers.removeUpgrade(); headers.removeConnection(); if (headers.getContentLengthValue() == "0") { headers.removeContentLength(); } } void Utility::transformUpgradeRequestFromH2toH1(RequestHeaderMap& headers) { ASSERT(Utility::isH2UpgradeRequest(headers)); headers.setReferenceMethod(Http::Headers::get().MethodValues.Get); headers.setUpgrade(headers.getProtocolValue()); headers.setReferenceConnection(Http::Headers::get().ConnectionValues.Upgrade); headers.removeProtocol(); } void Utility::transformUpgradeResponseFromH2toH1(ResponseHeaderMap& headers, absl::string_view upgrade) { if (getResponseStatus(headers) == 200) { headers.setUpgrade(upgrade); headers.setReferenceConnection(Http::Headers::get().ConnectionValues.Upgrade); headers.setStatus(101); } } const Router::RouteSpecificFilterConfig* Utility::resolveMostSpecificPerFilterConfigGeneric(const std::string& filter_name, const Router::RouteConstSharedPtr& route) { const Router::RouteSpecificFilterConfig* maybe_filter_config{}; traversePerFilterConfigGeneric( filter_name, route, [&maybe_filter_config](const Router::RouteSpecificFilterConfig& cfg) { maybe_filter_config = &cfg; }); return maybe_filter_config; } void Utility::traversePerFilterConfigGeneric( const std::string& filter_name, const Router::RouteConstSharedPtr& route, std::function cb) { if (!route) { return; } const Router::RouteEntry* routeEntry = route->routeEntry(); if (routeEntry != nullptr) { auto maybe_vhost_config = routeEntry->virtualHost().perFilterConfig(filter_name); if (maybe_vhost_config != nullptr) { cb(*maybe_vhost_config); } } auto maybe_route_config = route->perFilterConfig(filter_name); if (maybe_route_config != nullptr) { cb(*maybe_route_config); } if (routeEntry != nullptr) { auto maybe_weighted_cluster_config = routeEntry->perFilterConfig(filter_name); if (maybe_weighted_cluster_config != nullptr) { cb(*maybe_weighted_cluster_config); } } } std::string Utility::PercentEncoding::encode(absl::string_view value, absl::string_view reserved_chars) { absl::flat_hash_set reserved_char_set{reserved_chars.begin(), reserved_chars.end()}; for (size_t i = 0; i < value.size(); ++i) { const char& ch = value[i]; // The escaping characters are defined in // https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#responses. // // We do checking for each char in the string. If the current char is included in the defined // escaping characters, we jump to "the slow path" (append the char [encoded or not encoded] // to the returned string one by one) started from the current index. if (ch < ' ' || ch >= '~' || reserved_char_set.find(ch) != reserved_char_set.end()) { return PercentEncoding::encode(value, i, reserved_char_set); } } return std::string(value); } std::string Utility::PercentEncoding::encode(absl::string_view value, const size_t index, const absl::flat_hash_set& reserved_char_set) { std::string encoded; if (index > 0) { absl::StrAppend(&encoded, value.substr(0, index)); } for (size_t i = index; i < value.size(); ++i) { const char& ch = value[i]; if (ch < ' ' || ch >= '~' || reserved_char_set.find(ch) != reserved_char_set.end()) { // For consistency, URI producers should use uppercase hexadecimal digits for all // percent-encodings. https://tools.ietf.org/html/rfc3986#section-2.1. absl::StrAppend(&encoded, fmt::format("%{:02X}", ch)); } else { encoded.push_back(ch); } } return encoded; } std::string Utility::PercentEncoding::decode(absl::string_view encoded) { std::string decoded; decoded.reserve(encoded.size()); for (size_t i = 0; i < encoded.size(); ++i) { char ch = encoded[i]; if (ch == '%' && i + 2 < encoded.size()) { const char& hi = encoded[i + 1]; const char& lo = encoded[i + 2]; if (absl::ascii_isdigit(hi)) { ch = hi - '0'; } else { ch = absl::ascii_toupper(hi) - 'A' + 10; } ch *= 16; if (absl::ascii_isdigit(lo)) { ch += lo - '0'; } else { ch += absl::ascii_toupper(lo) - 'A' + 10; } i += 2; } decoded.push_back(ch); } return decoded; } Utility::AuthorityAttributes Utility::parseAuthority(absl::string_view host) { // First try to see if there is a port included. This also checks to see that there is not a ']' // as the last character which is indicative of an IPv6 address without a port. This is a best // effort attempt. const auto colon_pos = host.rfind(':'); absl::string_view host_to_resolve = host; absl::optional port; if (colon_pos != absl::string_view::npos && host_to_resolve.back() != ']') { const absl::string_view string_view_host = host; host_to_resolve = string_view_host.substr(0, colon_pos); const auto port_str = string_view_host.substr(colon_pos + 1); uint64_t port64; if (port_str.empty() || !absl::SimpleAtoi(port_str, &port64) || port64 > 65535) { // Just attempt to resolve whatever we were given. This will very likely fail. host_to_resolve = host; } else { port = static_cast(port64); } } // Now see if this is an IP address. We need to know this because some things (such as setting // SNI) are special cased if this is an IP address. Either way, we still go through the normal // resolver flow. We could short-circuit the DNS resolver in this case, but the extra code to do // so is not worth it since the DNS resolver should handle it for us. bool is_ip_address = false; try { absl::string_view potential_ip_address = host_to_resolve; // TODO(mattklein123): Optimally we would support bracket parsing in parseInternetAddress(), // but we still need to trim the brackets to send the IPv6 address into the DNS resolver. For // now, just do all the trimming here, but in the future we should consider whether we can // have unified [] handling as low as possible in the stack. if (!potential_ip_address.empty() && potential_ip_address.front() == '[' && potential_ip_address.back() == ']') { potential_ip_address.remove_prefix(1); potential_ip_address.remove_suffix(1); } Network::Utility::parseInternetAddress(std::string(potential_ip_address)); is_ip_address = true; host_to_resolve = potential_ip_address; } catch (const EnvoyException&) { } return {is_ip_address, host_to_resolve, port}; } } // namespace Http } // namespace Envoy ================================================ FILE: source/common/http/utility.h ================================================ #pragma once #include #include #include #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/grpc/status.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/message.h" #include "envoy/http/metadata_interface.h" #include "envoy/http/query_params.h" #include "common/http/exception.h" #include "common/http/status.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "nghttp2/nghttp2.h" namespace Envoy { namespace Http { namespace Utility { // This is a wrapper around dispatch calls that may throw an exception or may return an error status // while exception removal is in migration. // TODO(#10878): Remove this. Http::Status exceptionToStatus(std::function dispatch, Buffer::Instance& data); /** * Well-known HTTP ALPN values. */ class AlpnNameValues { public: const std::string Http10 = "http/1.0"; const std::string Http11 = "http/1.1"; const std::string Http2 = "h2"; const std::string Http2c = "h2c"; }; using AlpnNames = ConstSingleton; } // namespace Utility } // namespace Http namespace Http2 { namespace Utility { struct SettingsEntryHash { size_t operator()(const nghttp2_settings_entry& entry) const { return absl::Hash()(entry.settings_id); } }; struct SettingsEntryEquals { bool operator()(const nghttp2_settings_entry& lhs, const nghttp2_settings_entry& rhs) const { return lhs.settings_id == rhs.settings_id; } }; // Limits and defaults for `envoy::config::core::v3::Http2ProtocolOptions` protos. struct OptionsLimits { // disable HPACK compression static const uint32_t MIN_HPACK_TABLE_SIZE = 0; // initial value from HTTP/2 spec, same as NGHTTP2_DEFAULT_HEADER_TABLE_SIZE from nghttp2 static const uint32_t DEFAULT_HPACK_TABLE_SIZE = (1 << 12); // no maximum from HTTP/2 spec, use unsigned 32-bit maximum static const uint32_t MAX_HPACK_TABLE_SIZE = std::numeric_limits::max(); // TODO(jwfang): make this 0, the HTTP/2 spec minimum static const uint32_t MIN_MAX_CONCURRENT_STREAMS = 1; // defaults to maximum, same as nghttp2 static const uint32_t DEFAULT_MAX_CONCURRENT_STREAMS = (1U << 31) - 1; // no maximum from HTTP/2 spec, total streams is unsigned 32-bit maximum, // one-side (client/server) is half that, and we need to exclude stream 0. // same as NGHTTP2_INITIAL_MAX_CONCURRENT_STREAMS from nghttp2 static const uint32_t MAX_MAX_CONCURRENT_STREAMS = (1U << 31) - 1; // initial value from HTTP/2 spec, same as NGHTTP2_INITIAL_WINDOW_SIZE from nghttp2 // NOTE: we only support increasing window size now, so this is also the minimum // TODO(jwfang): make this 0 to support decrease window size static const uint32_t MIN_INITIAL_STREAM_WINDOW_SIZE = (1 << 16) - 1; // initial value from HTTP/2 spec is 65535, but we want more (256MiB) static const uint32_t DEFAULT_INITIAL_STREAM_WINDOW_SIZE = 256 * 1024 * 1024; // maximum from HTTP/2 spec, same as NGHTTP2_MAX_WINDOW_SIZE from nghttp2 static const uint32_t MAX_INITIAL_STREAM_WINDOW_SIZE = (1U << 31) - 1; // CONNECTION_WINDOW_SIZE is similar to STREAM_WINDOW_SIZE, but for connection-level window // TODO(jwfang): make this 0 to support decrease window size static const uint32_t MIN_INITIAL_CONNECTION_WINDOW_SIZE = (1 << 16) - 1; // nghttp2's default connection-level window equals to its stream-level, // our default connection-level window also equals to our stream-level static const uint32_t DEFAULT_INITIAL_CONNECTION_WINDOW_SIZE = 256 * 1024 * 1024; static const uint32_t MAX_INITIAL_CONNECTION_WINDOW_SIZE = (1U << 31) - 1; // Default limit on the number of outbound frames of all types. static const uint32_t DEFAULT_MAX_OUTBOUND_FRAMES = 10000; // Default limit on the number of outbound frames of types PING, SETTINGS and RST_STREAM. static const uint32_t DEFAULT_MAX_OUTBOUND_CONTROL_FRAMES = 1000; // Default limit on the number of consecutive inbound frames with an empty payload // and no end stream flag. static const uint32_t DEFAULT_MAX_CONSECUTIVE_INBOUND_FRAMES_WITH_EMPTY_PAYLOAD = 1; // Default limit on the number of inbound frames of type PRIORITY (per stream). static const uint32_t DEFAULT_MAX_INBOUND_PRIORITY_FRAMES_PER_STREAM = 100; // Default limit on the number of inbound frames of type WINDOW_UPDATE (per DATA frame sent). static const uint32_t DEFAULT_MAX_INBOUND_WINDOW_UPDATE_FRAMES_PER_DATA_FRAME_SENT = 10; }; /** * Validates settings/options already set in |options| and initializes any remaining fields with * defaults. */ envoy::config::core::v3::Http2ProtocolOptions initializeAndValidateOptions(const envoy::config::core::v3::Http2ProtocolOptions& options); envoy::config::core::v3::Http2ProtocolOptions initializeAndValidateOptions(const envoy::config::core::v3::Http2ProtocolOptions& options, bool hcm_stream_error_set, const Protobuf::BoolValue& hcm_stream_error); } // namespace Utility } // namespace Http2 namespace Http { namespace Utility { /** * Given a fully qualified URL, splits the string_view provided into scheme, * host and path with query parameters components. */ class Url { public: bool initialize(absl::string_view absolute_url, bool is_connect_request); absl::string_view scheme() { return scheme_; } absl::string_view hostAndPort() { return host_and_port_; } absl::string_view pathAndQueryParams() { return path_and_query_params_; } private: absl::string_view scheme_; absl::string_view host_and_port_; absl::string_view path_and_query_params_; }; class PercentEncoding { public: /** * Encodes string view to its percent encoded representation. Non-visible ASCII is always escaped, * in addition to a given list of reserved chars. * * @param value supplies string to be encoded. * @param reserved_chars list of reserved chars to escape. By default the escaped chars in * https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#responses are used. * @return std::string percent-encoded string. */ static std::string encode(absl::string_view value, absl::string_view reserved_chars = "%"); /** * Decodes string view from its percent encoded representation. * @param encoded supplies string to be decoded. * @return std::string decoded string https://tools.ietf.org/html/rfc3986#section-2.1. */ static std::string decode(absl::string_view value); private: // Encodes string view to its percent encoded representation, with start index. static std::string encode(absl::string_view value, const size_t index, const absl::flat_hash_set& reserved_char_set); }; /** * Append to x-forwarded-for header. * @param headers supplies the headers to append to. * @param remote_address supplies the remote address to append. */ void appendXff(RequestHeaderMap& headers, const Network::Address::Instance& remote_address); /** * Append to via header. * @param headers supplies the headers to append to. * @param via supplies the via header to append. */ void appendVia(RequestOrResponseHeaderMap& headers, const std::string& via); /** * Creates an SSL (https) redirect path based on the input host and path headers. * @param headers supplies the request headers. * @return std::string the redirect path. */ std::string createSslRedirectPath(const RequestHeaderMap& headers); /** * Parse a URL into query parameters. * @param url supplies the url to parse. * @return QueryParams the parsed parameters, if any. */ QueryParams parseQueryString(absl::string_view url); /** * Parse a URL into query parameters. * @param url supplies the url to parse. * @return QueryParams the parsed and percent-decoded parameters, if any. */ QueryParams parseAndDecodeQueryString(absl::string_view url); /** * Parse a a request body into query parameters. * @param body supplies the body to parse. * @return QueryParams the parsed parameters, if any. */ QueryParams parseFromBody(absl::string_view body); /** * Parse query parameters from a URL or body. * @param data supplies the data to parse. * @param start supplies the offset within the data. * @param decode_params supplies the flag whether to percent-decode the parsed parameters (both name * and value). Set to false to keep the parameters encoded. * @return QueryParams the parsed parameters, if any. */ QueryParams parseParameters(absl::string_view data, size_t start, bool decode_params); /** * Finds the start of the query string in a path * @param path supplies a HeaderString& to search for the query string * @return absl::string_view starting at the beginning of the query string, * or a string_view starting at the end of the path if there was * no query string. */ absl::string_view findQueryStringStart(const HeaderString& path); /** * Parse a particular value out of a cookie * @param headers supplies the headers to get the cookie from. * @param key the key for the particular cookie value to return * @return std::string the parsed cookie value, or "" if none exists **/ std::string parseCookieValue(const HeaderMap& headers, const std::string& key); /** * Produce the value for a Set-Cookie header with the given parameters. * @param key is the name of the cookie that is being set. * @param value the value to set the cookie to; this value is trusted. * @param path the path for the cookie, or the empty string to not set a path. * @param max_age the length of time for which the cookie is valid, or zero * @param httponly true if the cookie should have HttpOnly appended. * to create a session cookie. * @return std::string a valid Set-Cookie header value string */ std::string makeSetCookieValue(const std::string& key, const std::string& value, const std::string& path, const std::chrono::seconds max_age, bool httponly); /** * Get the response status from the response headers. * @param headers supplies the headers to get the status from. * @return uint64_t the response code or throws an exception if the headers are invalid. */ uint64_t getResponseStatus(const ResponseHeaderMap& headers); /** * Determine whether these headers are a valid Upgrade request or response. * This function returns true if the following HTTP headers and values are present: * - Connection: Upgrade * - Upgrade: [any value] */ bool isUpgrade(const RequestOrResponseHeaderMap& headers); /** * @return true if this is a CONNECT request with a :protocol header present, false otherwise. */ bool isH2UpgradeRequest(const RequestHeaderMap& headers); /** * Determine whether this is a WebSocket Upgrade request. * This function returns true if the following HTTP headers and values are present: * - Connection: Upgrade * - Upgrade: websocket */ bool isWebSocketUpgradeRequest(const RequestHeaderMap& headers); /** * @return Http1Settings An Http1Settings populated from the * envoy::config::core::v3::Http1ProtocolOptions config. */ Http1Settings parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOptions& config); Http1Settings parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOptions& config, const Protobuf::BoolValue& hcm_stream_error); struct EncodeFunctions { // Function to modify locally generated response headers. std::function modify_headers_; // Function to rewrite locally generated response. std::function rewrite_; // Function to encode response headers. std::function encode_headers_; // Function to encode the response body. std::function encode_data_; }; struct LocalReplyData { // Tells if this is a response to a gRPC request. bool is_grpc_; // Supplies the HTTP response code. Code response_code_; // Supplies the optional body text which is returned. absl::string_view body_text_; // gRPC status code to override the httpToGrpcStatus mapping with. const absl::optional grpc_status_; // Tells if this is a response to a HEAD request. bool is_head_request_ = false; }; /** * Create a locally generated response using filter callbacks. * @param is_reset boolean reference that indicates whether a stream has been reset. It is the * responsibility of the caller to ensure that this is set to false if onDestroy() * is invoked in the context of sendLocalReply(). * @param callbacks supplies the filter callbacks to use. * @param local_reply_data struct which keeps data related to generate reply. */ void sendLocalReply(const bool& is_reset, StreamDecoderFilterCallbacks& callbacks, const LocalReplyData& local_reply_data); /** * Create a locally generated response using the provided lambdas. * @param is_reset boolean reference that indicates whether a stream has been reset. It is the * responsibility of the caller to ensure that this is set to false if onDestroy() * is invoked in the context of sendLocalReply(). * @param encode_functions supplies the functions to encode response body and headers. * @param local_reply_data struct which keeps data related to generate reply. */ void sendLocalReply(const bool& is_reset, const EncodeFunctions& encode_functions, const LocalReplyData& local_reply_data); struct GetLastAddressFromXffInfo { // Last valid address pulled from the XFF header. Network::Address::InstanceConstSharedPtr address_; // Whether this is the only address in the XFF header. bool single_address_; }; /** * Retrieves the last IPv4/IPv6 address in the x-forwarded-for header. * @param request_headers supplies the request headers. * @param num_to_skip specifies the number of addresses at the end of the XFF header * to ignore when identifying the "last" address. * @return GetLastAddressFromXffInfo information about the last address in the XFF header. * @see GetLastAddressFromXffInfo for more information. */ GetLastAddressFromXffInfo getLastAddressFromXFF(const Http::RequestHeaderMap& request_headers, uint32_t num_to_skip = 0); /** * Remove any headers nominated by the Connection header * Sanitize the TE header if it contains unsupported values * * @param headers the client request headers * @return whether the headers were sanitized successfully */ bool sanitizeConnectionHeader(Http::RequestHeaderMap& headers); /** * Get the string for the given http protocol. * @param protocol for which to return the string representation. * @return string representation of the protocol. */ const std::string& getProtocolString(const Protocol p); /** * Extract host and path from a URI. The host may contain port. * This function doesn't validate if the URI is valid. It only parses the URI with following * format: scheme://host/path. * @param the input URI string * @param the output host string. * @param the output path string. */ void extractHostPathFromUri(const absl::string_view& uri, absl::string_view& host, absl::string_view& path); /** * Takes a the path component from a file:/// URI and returns a local path for file access. * @param file_path if we have file:///foo/bar, the file_path is foo/bar. For file:///c:/foo/bar * it is c:/foo/bar. This is not prefixed with /. * @return std::string with absolute path for local access, e.g. /foo/bar, c:/foo/bar. */ std::string localPathFromFilePath(const absl::string_view& file_path); /** * Prepare headers for a HttpUri. */ RequestMessagePtr prepareHeaders(const envoy::config::core::v3::HttpUri& http_uri); /** * Serialize query-params into a string. */ std::string queryParamsToString(const QueryParams& query_params); /** * Returns string representation of StreamResetReason. */ const std::string resetReasonToString(const Http::StreamResetReason reset_reason); /** * Transforms the supplied headers from an HTTP/1 Upgrade request to an H2 style upgrade. * Changes the method to connection, moves the Upgrade to a :protocol header, * @param headers the headers to convert. */ void transformUpgradeRequestFromH1toH2(RequestHeaderMap& headers); /** * Transforms the supplied headers from an HTTP/1 Upgrade response to an H2 style upgrade response. * Changes the 101 upgrade response to a 200 for the CONNECT response. * @param headers the headers to convert. */ void transformUpgradeResponseFromH1toH2(ResponseHeaderMap& headers); /** * Transforms the supplied headers from an H2 "CONNECT"-with-:protocol-header to an HTTP/1 style * Upgrade response. * @param headers the headers to convert. */ void transformUpgradeRequestFromH2toH1(RequestHeaderMap& headers); /** * Transforms the supplied headers from an H2 "CONNECT success" to an HTTP/1 style Upgrade response. * The caller is responsible for ensuring this only happens on upgraded streams. * @param headers the headers to convert. */ void transformUpgradeResponseFromH2toH1(ResponseHeaderMap& headers, absl::string_view upgrade); /** * The non template implementation of resolveMostSpecificPerFilterConfig. see * resolveMostSpecificPerFilterConfig for docs. */ const Router::RouteSpecificFilterConfig* resolveMostSpecificPerFilterConfigGeneric(const std::string& filter_name, const Router::RouteConstSharedPtr& route); /** * Retrieves the route specific config. Route specific config can be in a few * places, that are checked in order. The first config found is returned. The * order is: * - the routeEntry() (for config that's applied on weighted clusters) * - the route * - and finally from the virtual host object (routeEntry()->virtualhost()). * * To use, simply: * * const auto* config = * Utility::resolveMostSpecificPerFilterConfig(FILTER_NAME, * stream_callbacks_.route()); * * See notes about config's lifetime below. * * @param filter_name The name of the filter who's route config should be * fetched. * @param route The route to check for route configs. nullptr routes will * result in nullptr being returned. * * @return The route config if found. nullptr if not found. The returned * pointer's lifetime is the same as the route parameter. */ template const ConfigType* resolveMostSpecificPerFilterConfig(const std::string& filter_name, const Router::RouteConstSharedPtr& route) { static_assert(std::is_base_of::value, "ConfigType must be a subclass of Router::RouteSpecificFilterConfig"); const Router::RouteSpecificFilterConfig* generic_config = resolveMostSpecificPerFilterConfigGeneric(filter_name, route); return dynamic_cast(generic_config); } /** * The non template implementation of traversePerFilterConfig. see * traversePerFilterConfig for docs. */ void traversePerFilterConfigGeneric( const std::string& filter_name, const Router::RouteConstSharedPtr& route, std::function cb); /** * Fold all the available per route filter configs, invoking the callback with each config (if * it is present). Iteration of the configs is in order of specificity. That means that the callback * will be called first for a config on a Virtual host, then a route, and finally a route entry * (weighted cluster). If a config is not present, the callback will not be invoked. */ template void traversePerFilterConfig(const std::string& filter_name, const Router::RouteConstSharedPtr& route, std::function cb) { static_assert(std::is_base_of::value, "ConfigType must be a subclass of Router::RouteSpecificFilterConfig"); traversePerFilterConfigGeneric( filter_name, route, [&cb](const Router::RouteSpecificFilterConfig& cfg) { const ConfigType* typed_cfg = dynamic_cast(&cfg); if (typed_cfg != nullptr) { cb(*typed_cfg); } }); } /** * Merge all the available per route filter configs into one. To perform the merge, * the reduce function will be called on each two configs until a single merged config is left. * * @param reduce The first argument for this function will be the config from the previous level * and the second argument is the config from the current level (the more specific one). The * function should merge the second argument into the first argument. * * @return The merged config. */ template absl::optional getMergedPerFilterConfig(const std::string& filter_name, const Router::RouteConstSharedPtr& route, std::function reduce) { static_assert(std::is_copy_constructible::value, "ConfigType must be copy constructible"); absl::optional merged; traversePerFilterConfig(filter_name, route, [&reduce, &merged](const ConfigType& cfg) { if (!merged) { merged.emplace(cfg); } else { reduce(merged.value(), cfg); } }); return merged; } struct AuthorityAttributes { // whether parsed authority is pure ip address(IPv4/IPv6), if it is true // passed that are not FQDN bool is_ip_address_{}; // If parsed authority has host, that is stored here. absl::string_view host_; // If parsed authority has port, that is stored here. absl::optional port_; }; /** * Parse passed authority, and get that is valid FQDN or IPv4/IPv6 address, hostname and port-name. * @param host host/authority * @param default_port If passed authority does not have port, this value is returned * @return hostname parse result. that includes whether host is IP Address, hostname and port-name */ AuthorityAttributes parseAuthority(absl::string_view host); } // namespace Utility } // namespace Http } // namespace Envoy ================================================ FILE: source/common/init/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "watcher_lib", srcs = ["watcher_impl.cc"], hdrs = ["watcher_impl.h"], deps = [ "//include/envoy/init:watcher_interface", "//source/common/common:logger_lib", ], ) envoy_cc_library( name = "target_lib", srcs = ["target_impl.cc"], hdrs = ["target_impl.h"], deps = [ "//include/envoy/init:target_interface", "//source/common/common:logger_lib", ], ) envoy_cc_library( name = "manager_lib", srcs = ["manager_impl.cc"], hdrs = ["manager_impl.h"], deps = [ ":watcher_lib", "//include/envoy/init:manager_interface", "//source/common/common:logger_lib", ], ) ================================================ FILE: source/common/init/manager_impl.cc ================================================ #include "common/init/manager_impl.h" #include #include "common/common/assert.h" #include "common/init/watcher_impl.h" namespace Envoy { namespace Init { ManagerImpl::ManagerImpl(absl::string_view name) : name_(fmt::format("init manager {}", name)), state_(State::Uninitialized), count_(0), watcher_(name_, [this](absl::string_view target_name) { onTargetReady(target_name); }) {} Manager::State ManagerImpl::state() const { return state_; } void ManagerImpl::add(const Target& target) { ++count_; TargetHandlePtr target_handle(target.createHandle(name_)); ++target_names_count_[target.name()]; switch (state_) { case State::Uninitialized: // If the manager isn't initialized yet, save the target handle to be initialized later. ENVOY_LOG(debug, "added {} to {}", target.name(), name_); target_handles_.push_back(std::move(target_handle)); return; case State::Initializing: // If the manager is already initializing, initialize the new target immediately. Note that // it's important in this case that count_ was incremented above before calling the target, // because if the target calls the init manager back immediately, count_ will be decremented // here (see the definition of watcher_ above). target_handle->initialize(watcher_); return; case State::Initialized: // If the manager has already completed initialization, consider this a programming error. ASSERT(false, fmt::format("attempted to add {} to initialized {}", target.name(), name_)); } } void ManagerImpl::initialize(const Watcher& watcher) { // If the manager is already initializing or initialized, consider this a programming error. ASSERT(state_ == State::Uninitialized, fmt::format("attempted to initialize {} twice", name_)); // Create a handle to notify when initialization is complete. watcher_handle_ = watcher.createHandle(name_); if (count_ == 0) { // If we have no targets, initialization trivially completes. This can happen, and is fine. ENVOY_LOG(debug, "{} contains no targets", name_); ready(); } else { // If we have some targets, start initialization... ENVOY_LOG(debug, "{} initializing", name_); state_ = State::Initializing; // Attempt to initialize each target. If a target is unavailable, treat it as though it // completed immediately. for (const auto& target_handle : target_handles_) { if (!target_handle->initialize(watcher_)) { onTargetReady(target_handle->name()); } } } } const absl::flat_hash_map& ManagerImpl::unreadyTargets() const { return target_names_count_; } void ManagerImpl::dumpUnreadyTargets(envoy::admin::v3::UnreadyTargetsDumps& unready_targets_dumps) { auto& message = *unready_targets_dumps.mutable_unready_targets_dumps()->Add(); message.set_name(name_); for (const auto& [target_name, count] : target_names_count_) { message.add_target_names(target_name); } } void ManagerImpl::onTargetReady(absl::string_view target_name) { // If there are no remaining targets and one mysteriously calls us back, this manager is haunted. ASSERT(count_ != 0, fmt::format("{} called back by target after initialization complete", target_name)); // Decrease target_name count by 1. ASSERT(target_names_count_.find(target_name) != target_names_count_.end()); if (--target_names_count_[target_name] == 0) { target_names_count_.erase(target_name); } // If there are no uninitialized targets remaining when called back by a target, that means it was // the last. Signal `ready` to the handle we saved in `initialize`. if (--count_ == 0) { ready(); } } void ManagerImpl::ready() { state_ = State::Initialized; watcher_handle_->ready(); } } // namespace Init } // namespace Envoy ================================================ FILE: source/common/init/manager_impl.h ================================================ #pragma once #include #include "envoy/init/manager.h" #include "common/common/logger.h" #include "common/init/watcher_impl.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Init { /** * Init::ManagerImpl coordinates initialization of one or more "targets." See comments in * include/envoy/init/manager.h for an overview. * * When the logging level is set to "debug" or "trace," the log will contain entries for all * significant events in the initialization flow: * * - Targets added to the manager * - Initialization started for the manager and for each target * - Initialization completed for each target and for the manager * - Destruction of targets and watchers * - Callbacks to "unavailable" (deleted) targets, manager, or watchers */ class ManagerImpl : public Manager, Logger::Loggable { public: /** * @param name a human-readable manager name, for logging / debugging. */ ManagerImpl(absl::string_view name); // Init::Manager State state() const override; void add(const Target& target) override; void initialize(const Watcher& watcher) override; const absl::flat_hash_map& unreadyTargets() const override; void dumpUnreadyTargets(envoy::admin::v3::UnreadyTargetsDumps& dumps) override; private: // Callback function with an additional target_name parameter, decrease unready targets count by // 1, update target_names_count_ hash map. void onTargetReady(absl::string_view target_name); void ready(); // Human-readable name for logging. const std::string name_; // Current state. State state_; // Current number of registered targets that have not yet initialized. uint32_t count_; // Handle to the watcher passed in `initialize`, to be called when initialization completes. WatcherHandlePtr watcher_handle_; // Watcher to receive ready notifications from each target. We restrict the watcher_ inside // ManagerImpl to be constructed with the 'TargetAwareReadyFn' fn so that the init manager will // get target name information when the watcher_ calls 'onTargetSendName(target_name)' For any // other purpose, a watcher can be constructed with either TargetAwareReadyFn or ReadyFn. const WatcherImpl watcher_; // All registered targets. std::list target_handles_; // Count of target_name of unready targets. absl::flat_hash_map target_names_count_; }; } // namespace Init } // namespace Envoy ================================================ FILE: source/common/init/target_impl.cc ================================================ #include "common/init/target_impl.h" namespace Envoy { namespace Init { TargetHandleImpl::TargetHandleImpl(absl::string_view handle_name, absl::string_view name, std::weak_ptr fn) : handle_name_(handle_name), name_(name), fn_(std::move(fn)) {} bool TargetHandleImpl::initialize(const Watcher& watcher) const { auto locked_fn(fn_.lock()); if (locked_fn) { // If we can "lock" a shared pointer to the target's callback function, call it // with a new handle to the ManagerImpl's watcher that was passed in. ENVOY_LOG(debug, "{} initializing {}", handle_name_, name_); (*locked_fn)(watcher.createHandle(name_)); return true; } else { // If not, the target was already destroyed. ENVOY_LOG(debug, "{} can't initialize {} (unavailable)", handle_name_, name_); return false; } } absl::string_view TargetHandleImpl::name() const { return name_; } TargetImpl::TargetImpl(absl::string_view name, InitializeFn fn) : name_(fmt::format("target {}", name)), fn_(std::make_shared([this, fn](WatcherHandlePtr watcher_handle) { watcher_handle_ = std::move(watcher_handle); fn(); })) {} TargetImpl::~TargetImpl() { ENVOY_LOG(debug, "{} destroyed", name_); } absl::string_view TargetImpl::name() const { return name_; } TargetHandlePtr TargetImpl::createHandle(absl::string_view handle_name) const { // Note: can't use std::make_unique here because TargetHandleImpl ctor is private. return TargetHandlePtr( new TargetHandleImpl(handle_name, name_, std::weak_ptr(fn_))); } bool TargetImpl::ready() { if (watcher_handle_) { // If we have a handle for the ManagerImpl's watcher, signal it and then reset so it can't be // accidentally signaled again. const bool result = watcher_handle_->ready(); watcher_handle_.reset(); return result; } return false; } SharedTargetImpl::SharedTargetImpl(absl::string_view name, InitializeFn fn) : name_(fmt::format("shared target {}", name)), fn_(std::make_shared([this, fn](WatcherHandlePtr watcher_handle) { if (initialized_) { watcher_handle->ready(); } else { watcher_handles_.push_back(std::move(watcher_handle)); std::call_once(once_flag_, fn); } })) {} SharedTargetImpl::~SharedTargetImpl() { ENVOY_LOG(debug, "{} destroyed", name_); } absl::string_view SharedTargetImpl::name() const { return name_; } TargetHandlePtr SharedTargetImpl::createHandle(absl::string_view handle_name) const { // Note: can't use std::make_unique here because TargetHandleImpl ctor is private. return TargetHandlePtr( new TargetHandleImpl(handle_name, name_, std::weak_ptr(fn_))); } bool SharedTargetImpl::ready() { initialized_ = true; bool all_notified = !watcher_handles_.empty(); for (auto& watcher_handle : watcher_handles_) { all_notified = watcher_handle->ready() && all_notified; } // save heap and avoid repeatedly invoke watcher_handles_.clear(); return all_notified; } } // namespace Init } // namespace Envoy ================================================ FILE: source/common/init/target_impl.h ================================================ #pragma once #include #include "envoy/init/target.h" #include "common/common/logger.h" namespace Envoy { namespace Init { /** * A target is just a glorified callback function, called by the manager it was registered with. */ using InitializeFn = std::function; /** * Internally, the callback is slightly more sophisticated: it actually takes a WatcherHandlePtr * that it uses to notify the manager when the target is ready. It saves this pointer when invoked * and resets it later in `ready`. Users needn't care about this implementation detail, they only * need to provide an `InitializeFn` above when constructing a target. */ using InternalInitalizeFn = std::function; /** * A TargetHandleImpl functions as a weak reference to a TargetImpl. It is how a ManagerImpl safely * tells a target to `initialize` with no guarantees about the target's lifetime. */ class TargetHandleImpl : public TargetHandle, Logger::Loggable { private: friend class TargetImpl; friend class SharedTargetImpl; TargetHandleImpl(absl::string_view handle_name, absl::string_view name, std::weak_ptr fn); public: // Init::TargetHandle bool initialize(const Watcher& watcher) const override; absl::string_view name() const override; private: // Name of the handle (almost always the name of the ManagerImpl calling the target) const std::string handle_name_; // Name of the target const std::string name_; // The target's callback function, only called if the weak pointer can be "locked" const std::weak_ptr fn_; }; /** * A TargetImpl is an entity that can be registered with a Manager for initialization. It can only * be invoked through a TargetHandle. */ class TargetImpl : public Target, Logger::Loggable { public: /** * @param name a human-readable target name, for logging / debugging * @fn a callback function to invoke when `initialize` is called on the handle. Note that this * doesn't take a WatcherHandlePtr (like TargetFn does). Managing the watcher handle is done * internally to simplify usage. */ TargetImpl(absl::string_view name, InitializeFn fn); ~TargetImpl() override; // Init::Target absl::string_view name() const override; TargetHandlePtr createHandle(absl::string_view handle_name) const override; /** * Signal to the init manager that this target has finished initializing. This is safe to call * any time. Calling it before initialization begins or after initialization has already ended * will have no effect. * @return true if the init manager received this call, false otherwise. */ bool ready(); private: // Human-readable name for logging const std::string name_; // Handle to the ManagerImpl's internal watcher, to call when this target is initialized WatcherHandlePtr watcher_handle_; // The callback function, called via TargetHandleImpl by the manager const std::shared_ptr fn_; }; /** * A specialized Target which can be added by multiple Managers. * The initialization will be triggered only once. */ class SharedTargetImpl : public Target, Logger::Loggable { public: /** * @param name a human-readable target name, for logging / debugging * @fn a callback function to invoke when `initialize` is called on the handle. Note that this * doesn't take a WatcherHandlePtr (like TargetFn does). Managing the watcher handle is done * internally to simplify usage. */ SharedTargetImpl(absl::string_view name, InitializeFn fn); ~SharedTargetImpl() override; // Init::Target absl::string_view name() const override; TargetHandlePtr createHandle(absl::string_view handle_name) const override; /** * Signal to the init manager(s) that this target has finished initializing. This is safe to call * any time. Calling it before initialization begins or after initialization has already ended * will have no effect. * @return true if all init managers received this call, false otherwise. */ bool ready(); private: // Human-readable name for logging const std::string name_; // Handle to all the ManagerImpl's internal watcher, to call when this target is initialized. std::vector watcher_handles_; // The callback function, called via TargetHandleImpl by the manager const std::shared_ptr fn_; // The state so as to signal the manager when a ready target is added. bool initialized_{false}; // To guarantee the initialization function is called once. std::once_flag once_flag_; }; } // namespace Init } // namespace Envoy ================================================ FILE: source/common/init/watcher_impl.cc ================================================ #include "common/init/watcher_impl.h" namespace Envoy { namespace Init { WatcherHandleImpl::WatcherHandleImpl(absl::string_view handle_name, absl::string_view name, std::weak_ptr fn) : handle_name_(handle_name), name_(name), fn_(std::move(fn)) {} bool WatcherHandleImpl::ready() const { auto locked_fn(fn_.lock()); if (locked_fn) { // If we can "lock" a shared pointer to the watcher's callback function, call it. ENVOY_LOG(debug, "{} initialized, notifying {}", handle_name_, name_); (*locked_fn)(handle_name_); return true; } else { // If not, the watcher was already destroyed. ENVOY_LOG(debug, "{} initialized, but can't notify {}", handle_name_, name_); return false; } } WatcherImpl::WatcherImpl(absl::string_view name, ReadyFn fn) : name_(name), fn_(std::make_shared( [callback = std::move(fn)](absl::string_view) { callback(); })) {} WatcherImpl::WatcherImpl(absl::string_view name, TargetAwareReadyFn fn) : name_(name), fn_(std::make_shared(std::move(fn))) {} WatcherImpl::~WatcherImpl() { ENVOY_LOG(debug, "{} destroyed", name_); } absl::string_view WatcherImpl::name() const { return name_; } WatcherHandlePtr WatcherImpl::createHandle(absl::string_view handle_name) const { // Note: can't use std::make_unique because WatcherHandleImpl ctor is private. return std::unique_ptr( new WatcherHandleImpl(handle_name, name_, std::weak_ptr(fn_))); } } // namespace Init } // namespace Envoy ================================================ FILE: source/common/init/watcher_impl.h ================================================ #pragma once #include #include "envoy/init/watcher.h" #include "common/common/logger.h" namespace Envoy { namespace Init { /** * A watcher is just a glorified callback function, called by a target or a manager when * initialization completes. */ using ReadyFn = std::function; using TargetAwareReadyFn = std::function; /** * A WatcherHandleImpl functions as a weak reference to a Watcher. It is how a TargetImpl safely * notifies a ManagerImpl that it has initialized, and likewise it's how ManagerImpl safely tells * its client that all registered targets have initialized, with no guarantees about the lifetimes * of the manager or client. */ class WatcherHandleImpl : public WatcherHandle, Logger::Loggable { private: friend class WatcherImpl; WatcherHandleImpl(absl::string_view handle_name, absl::string_view name, std::weak_ptr fn); public: // Init::WatcherHandle. bool ready() const override; private: // Name of the handle (either the name of the target calling the manager, or the name of the // manager calling the client). const std::string handle_name_; // Name of the watcher (either the name of the manager, or the name of the client). const std::string name_; // The watcher's callback function, only called if the weak pointer can be "locked". const std::weak_ptr fn_; }; /** * A WatcherImpl is an entity that listens for notifications that either an initialization target or * all targets registered with a manager have initialized. It can only be invoked through a * WatcherHandleImpl. */ class WatcherImpl : public Watcher, Logger::Loggable { public: /** * @param name a human-readable watcher name, for logging / debugging. * @param fn a callback function to invoke when `ready` is called on the handle. */ WatcherImpl(absl::string_view name, ReadyFn fn); WatcherImpl(absl::string_view name, TargetAwareReadyFn fn); ~WatcherImpl() override; // Init::Watcher. absl::string_view name() const override; WatcherHandlePtr createHandle(absl::string_view handle_name) const override; private: // Human-readable name for logging. const std::string name_; // The callback function, called via WatcherHandleImpl by either the target or the manager. const std::shared_ptr fn_; }; } // namespace Init } // namespace Envoy ================================================ FILE: source/common/json/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "json_loader_lib", srcs = ["json_loader.cc"], hdrs = ["json_loader.h"], external_deps = [ "rapidjson", ], deps = [ "//include/envoy/json:json_object_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:utility_lib", "//source/common/protobuf:utility_lib", ], ) ================================================ FILE: source/common/json/json_loader.cc ================================================ #include "common/json/json_loader.h" #include #include #include #include #include #include #include #include #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/hash.h" #include "common/common/utility.h" #include "common/protobuf/utility.h" // Do not let RapidJson leak outside of this file. #include "rapidjson/document.h" #include "rapidjson/error/en.h" #include "rapidjson/reader.h" #include "rapidjson/schema.h" #include "rapidjson/stream.h" #include "rapidjson/stringbuffer.h" #include "rapidjson/writer.h" #include "absl/strings/match.h" namespace Envoy { namespace Json { namespace { /** * Internal representation of Object. */ class Field; using FieldSharedPtr = std::shared_ptr; class Field : public Object { public: void setLineNumberStart(uint64_t line_number) { line_number_start_ = line_number; } void setLineNumberEnd(uint64_t line_number) { line_number_end_ = line_number; } // Container factories for handler. static FieldSharedPtr createObject() { return FieldSharedPtr{new Field(Type::Object)}; } static FieldSharedPtr createArray() { return FieldSharedPtr{new Field(Type::Array)}; } static FieldSharedPtr createNull() { return FieldSharedPtr{new Field(Type::Null)}; } bool isNull() const override { return type_ == Type::Null; } bool isArray() const override { return type_ == Type::Array; } bool isObject() const override { return type_ == Type::Object; } // Value factory. template static FieldSharedPtr createValue(T value) { return FieldSharedPtr{new Field(value)}; // NOLINT(modernize-make-shared) } void append(FieldSharedPtr field_ptr) { checkType(Type::Array); value_.array_value_.push_back(field_ptr); } void insert(const std::string& key, FieldSharedPtr field_ptr) { checkType(Type::Object); value_.object_value_[key] = field_ptr; } uint64_t hash() const override; bool getBoolean(const std::string& name) const override; bool getBoolean(const std::string& name, bool default_value) const override; double getDouble(const std::string& name) const override; double getDouble(const std::string& name, double default_value) const override; int64_t getInteger(const std::string& name) const override; int64_t getInteger(const std::string& name, int64_t default_value) const override; ObjectSharedPtr getObject(const std::string& name, bool allow_empty) const override; std::vector getObjectArray(const std::string& name, bool allow_empty) const override; std::string getString(const std::string& name) const override; std::string getString(const std::string& name, const std::string& default_value) const override; std::vector getStringArray(const std::string& name, bool allow_empty) const override; std::vector asObjectArray() const override; std::string asString() const override { return stringValue(); } bool asBoolean() const override { return booleanValue(); } double asDouble() const override { return doubleValue(); } int64_t asInteger() const override { return integerValue(); } std::string asJsonString() const override; bool empty() const override; bool hasObject(const std::string& name) const override; void iterate(const ObjectCallback& callback) const override; void validateSchema(const std::string& schema) const override; private: enum class Type { Array, Boolean, Double, Integer, Null, Object, String, }; static const char* typeAsString(Type t) { switch (t) { case Type::Array: return "Array"; case Type::Boolean: return "Boolean"; case Type::Double: return "Double"; case Type::Integer: return "Integer"; case Type::Null: return "Null"; case Type::Object: return "Object"; case Type::String: return "String"; } NOT_REACHED_GCOVR_EXCL_LINE; } struct Value { std::vector array_value_; bool boolean_value_; double double_value_; int64_t integer_value_; std::map object_value_; std::string string_value_; }; explicit Field(Type type) : type_(type) {} explicit Field(const std::string& value) : type_(Type::String) { value_.string_value_ = value; } explicit Field(int64_t value) : type_(Type::Integer) { value_.integer_value_ = value; } explicit Field(double value) : type_(Type::Double) { value_.double_value_ = value; } explicit Field(bool value) : type_(Type::Boolean) { value_.boolean_value_ = value; } bool isType(Type type) const { return type == type_; } void checkType(Type type) const { if (!isType(type)) { throw Exception(fmt::format( "JSON field from line {} accessed with type '{}' does not match actual type '{}'.", line_number_start_, typeAsString(type), typeAsString(type_))); } } // Value return type functions. std::string stringValue() const { checkType(Type::String); return value_.string_value_; } std::vector arrayValue() const { checkType(Type::Array); return value_.array_value_; } bool booleanValue() const { checkType(Type::Boolean); return value_.boolean_value_; } double doubleValue() const { checkType(Type::Double); return value_.double_value_; } int64_t integerValue() const { checkType(Type::Integer); return value_.integer_value_; } rapidjson::Document asRapidJsonDocument() const; static void buildRapidJsonDocument(const Field& field, rapidjson::Value& value, rapidjson::Document::AllocatorType& allocator); uint64_t line_number_start_ = 0; uint64_t line_number_end_ = 0; const Type type_; Value value_; }; /** * Custom stream to allow access to the line number for each object. */ class LineCountingStringStream : public rapidjson::StringStream { // Ch is typedef in parent class to handle character encoding. public: LineCountingStringStream(const Ch* src) : rapidjson::StringStream(src), line_number_(1) {} Ch Take() { Ch ret = rapidjson::StringStream::Take(); if (ret == '\n') { line_number_++; } return ret; } uint64_t getLineNumber() const { return line_number_; } private: uint64_t line_number_; }; /** * Consume events from SAX callbacks to build JSON Field. */ class ObjectHandler : public rapidjson::BaseReaderHandler, ObjectHandler> { public: ObjectHandler(LineCountingStringStream& stream) : state_(State::ExpectRoot), stream_(stream){}; bool StartObject(); bool EndObject(rapidjson::SizeType); bool Key(const char* value, rapidjson::SizeType size, bool); bool StartArray(); bool EndArray(rapidjson::SizeType); bool Bool(bool value); bool Double(double value); bool Int(int value); bool Uint(unsigned value); bool Int64(int64_t value); bool Uint64(uint64_t value); bool Null(); bool String(const char* value, rapidjson::SizeType size, bool); bool RawNumber(const char*, rapidjson::SizeType, bool); ObjectSharedPtr getRoot() { return root_; } private: bool handleValueEvent(FieldSharedPtr ptr); enum class State { ExpectRoot, ExpectKeyOrEndObject, ExpectValueOrStartObjectArray, ExpectArrayValueOrEndArray, ExpectFinished, }; State state_; LineCountingStringStream& stream_; std::stack stack_; std::string key_; FieldSharedPtr root_; }; void Field::buildRapidJsonDocument(const Field& field, rapidjson::Value& value, rapidjson::Document::AllocatorType& allocator) { switch (field.type_) { case Type::Array: { value.SetArray(); value.Reserve(field.value_.array_value_.size(), allocator); for (const auto& element : field.value_.array_value_) { switch (element->type_) { case Type::Array: case Type::Object: { rapidjson::Value nested_value; buildRapidJsonDocument(*element, nested_value, allocator); value.PushBack(nested_value, allocator); break; } case Type::Boolean: value.PushBack(element->value_.boolean_value_, allocator); break; case Type::Double: value.PushBack(element->value_.double_value_, allocator); break; case Type::Integer: value.PushBack(element->value_.integer_value_, allocator); break; case Type::Null: value.PushBack(rapidjson::Value(), allocator); break; case Type::String: value.PushBack(rapidjson::StringRef(element->value_.string_value_.c_str()), allocator); } } break; } case Type::Object: { value.SetObject(); for (const auto& item : field.value_.object_value_) { auto name = rapidjson::StringRef(item.first.c_str()); switch (item.second->type_) { case Type::Array: case Type::Object: { rapidjson::Value nested_value; buildRapidJsonDocument(*item.second, nested_value, allocator); value.AddMember(name, nested_value, allocator); break; } case Type::Boolean: value.AddMember(name, item.second->value_.boolean_value_, allocator); break; case Type::Double: value.AddMember(name, item.second->value_.double_value_, allocator); break; case Type::Integer: value.AddMember(name, item.second->value_.integer_value_, allocator); break; case Type::Null: value.AddMember(name, rapidjson::Value(), allocator); break; case Type::String: value.AddMember(name, rapidjson::StringRef(item.second->value_.string_value_.c_str()), allocator); break; } } break; } case Type::Null: { value.SetNull(); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } rapidjson::Document Field::asRapidJsonDocument() const { rapidjson::Document document; rapidjson::Document::AllocatorType& allocator = document.GetAllocator(); buildRapidJsonDocument(*this, document, allocator); return document; } uint64_t Field::hash() const { rapidjson::StringBuffer buffer; rapidjson::Writer writer(buffer); asRapidJsonDocument().Accept(writer); return HashUtil::xxHash64(buffer.GetString()); } bool Field::getBoolean(const std::string& name) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::Boolean)) { throw Exception(fmt::format("key '{}' missing or not a boolean from lines {}-{}", name, line_number_start_, line_number_end_)); } return value_itr->second->booleanValue(); } bool Field::getBoolean(const std::string& name, bool default_value) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr != value_.object_value_.end()) { return getBoolean(name); } else { return default_value; } } double Field::getDouble(const std::string& name) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::Double)) { throw Exception(fmt::format("key '{}' missing or not a double from lines {}-{}", name, line_number_start_, line_number_end_)); } return value_itr->second->doubleValue(); } double Field::getDouble(const std::string& name, double default_value) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr != value_.object_value_.end()) { return getDouble(name); } else { return default_value; } } int64_t Field::getInteger(const std::string& name) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::Integer)) { throw Exception(fmt::format("key '{}' missing or not an integer from lines {}-{}", name, line_number_start_, line_number_end_)); } return value_itr->second->integerValue(); } int64_t Field::getInteger(const std::string& name, int64_t default_value) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr != value_.object_value_.end()) { return getInteger(name); } else { return default_value; } } ObjectSharedPtr Field::getObject(const std::string& name, bool allow_empty) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end()) { if (allow_empty) { return createObject(); } else { throw Exception(fmt::format("key '{}' missing from lines {}-{}", name, line_number_start_, line_number_end_)); } } else if (!value_itr->second->isType(Type::Object)) { throw Exception(fmt::format("key '{}' not an object from line {}", name, value_itr->second->line_number_start_)); } else { return value_itr->second; } } std::vector Field::getObjectArray(const std::string& name, bool allow_empty) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::Array)) { if (allow_empty && value_itr == value_.object_value_.end()) { return std::vector(); } throw Exception(fmt::format("key '{}' missing or not an array from lines {}-{}", name, line_number_start_, line_number_end_)); } std::vector array_value = value_itr->second->arrayValue(); return {array_value.begin(), array_value.end()}; } std::string Field::getString(const std::string& name) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::String)) { throw Exception(fmt::format("key '{}' missing or not a string from lines {}-{}", name, line_number_start_, line_number_end_)); } return value_itr->second->stringValue(); } std::string Field::getString(const std::string& name, const std::string& default_value) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); if (value_itr != value_.object_value_.end()) { return getString(name); } else { return default_value; } } std::vector Field::getStringArray(const std::string& name, bool allow_empty) const { checkType(Type::Object); std::vector string_array; auto value_itr = value_.object_value_.find(name); if (value_itr == value_.object_value_.end() || !value_itr->second->isType(Type::Array)) { if (allow_empty && value_itr == value_.object_value_.end()) { return string_array; } throw Exception(fmt::format("key '{}' missing or not an array from lines {}-{}", name, line_number_start_, line_number_end_)); } std::vector array = value_itr->second->arrayValue(); string_array.reserve(array.size()); for (const auto& element : array) { if (!element->isType(Type::String)) { throw Exception(fmt::format("JSON array '{}' from line {} does not contain all strings", name, line_number_start_)); } string_array.push_back(element->stringValue()); } return string_array; } std::vector Field::asObjectArray() const { checkType(Type::Array); return {value_.array_value_.begin(), value_.array_value_.end()}; } std::string Field::asJsonString() const { rapidjson::StringBuffer buffer; rapidjson::Writer writer(buffer); rapidjson::Document document = asRapidJsonDocument(); document.Accept(writer); return buffer.GetString(); } bool Field::empty() const { if (isType(Type::Object)) { return value_.object_value_.empty(); } else if (isType(Type::Array)) { return value_.array_value_.empty(); } else { throw Exception( fmt::format("Json does not support empty() on types other than array and object")); } } bool Field::hasObject(const std::string& name) const { checkType(Type::Object); auto value_itr = value_.object_value_.find(name); return value_itr != value_.object_value_.end(); } void Field::iterate(const ObjectCallback& callback) const { checkType(Type::Object); for (const auto& item : value_.object_value_) { bool stop_iteration = !callback(item.first, *item.second); if (stop_iteration) { break; } } } void Field::validateSchema(const std::string& schema) const { rapidjson::Document schema_document; if (schema_document.Parse<0>(schema.c_str()).HasParseError()) { throw std::invalid_argument(fmt::format( "Schema supplied to validateSchema is not valid JSON\n Error(offset {}) : {}\n", schema_document.GetErrorOffset(), GetParseError_En(schema_document.GetParseError()))); } rapidjson::SchemaDocument schema_document_for_validator(schema_document); rapidjson::SchemaValidator schema_validator(schema_document_for_validator); if (!asRapidJsonDocument().Accept(schema_validator)) { rapidjson::StringBuffer schema_string_buffer; rapidjson::StringBuffer document_string_buffer; schema_validator.GetInvalidSchemaPointer().StringifyUriFragment(schema_string_buffer); schema_validator.GetInvalidDocumentPointer().StringifyUriFragment(document_string_buffer); throw Exception(fmt::format( "JSON at lines {}-{} does not conform to schema.\n Invalid schema: {}\n" " Schema violation: {}\n" " Offending document key: {}", line_number_start_, line_number_end_, schema_string_buffer.GetString(), schema_validator.GetInvalidSchemaKeyword(), document_string_buffer.GetString())); } } bool ObjectHandler::StartObject() { FieldSharedPtr object = Field::createObject(); object->setLineNumberStart(stream_.getLineNumber()); switch (state_) { case State::ExpectValueOrStartObjectArray: stack_.top()->insert(key_, object); stack_.push(object); state_ = State::ExpectKeyOrEndObject; return true; case State::ExpectArrayValueOrEndArray: stack_.top()->append(object); stack_.push(object); state_ = State::ExpectKeyOrEndObject; return true; case State::ExpectRoot: root_ = object; stack_.push(object); state_ = State::ExpectKeyOrEndObject; return true; default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool ObjectHandler::EndObject(rapidjson::SizeType) { switch (state_) { case State::ExpectKeyOrEndObject: stack_.top()->setLineNumberEnd(stream_.getLineNumber()); stack_.pop(); if (stack_.empty()) { state_ = State::ExpectFinished; } else if (stack_.top()->isObject()) { state_ = State::ExpectKeyOrEndObject; } else if (stack_.top()->isArray()) { state_ = State::ExpectArrayValueOrEndArray; } return true; default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool ObjectHandler::Key(const char* value, rapidjson::SizeType size, bool) { switch (state_) { case State::ExpectKeyOrEndObject: key_ = std::string(value, size); state_ = State::ExpectValueOrStartObjectArray; return true; default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool ObjectHandler::StartArray() { FieldSharedPtr array = Field::createArray(); array->setLineNumberStart(stream_.getLineNumber()); switch (state_) { case State::ExpectValueOrStartObjectArray: stack_.top()->insert(key_, array); stack_.push(array); state_ = State::ExpectArrayValueOrEndArray; return true; case State::ExpectArrayValueOrEndArray: stack_.top()->append(array); stack_.push(array); return true; case State::ExpectRoot: root_ = array; stack_.push(array); state_ = State::ExpectArrayValueOrEndArray; return true; default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool ObjectHandler::EndArray(rapidjson::SizeType) { switch (state_) { case State::ExpectArrayValueOrEndArray: stack_.top()->setLineNumberEnd(stream_.getLineNumber()); stack_.pop(); if (stack_.empty()) { state_ = State::ExpectFinished; } else if (stack_.top()->isObject()) { state_ = State::ExpectKeyOrEndObject; } else if (stack_.top()->isArray()) { state_ = State::ExpectArrayValueOrEndArray; } return true; default: NOT_REACHED_GCOVR_EXCL_LINE; } } // Value handlers bool ObjectHandler::Bool(bool value) { return handleValueEvent(Field::createValue(value)); } bool ObjectHandler::Double(double value) { return handleValueEvent(Field::createValue(value)); } bool ObjectHandler::Int(int value) { return handleValueEvent(Field::createValue(static_cast(value))); } bool ObjectHandler::Uint(unsigned value) { return handleValueEvent(Field::createValue(static_cast(value))); } bool ObjectHandler::Int64(int64_t value) { return handleValueEvent(Field::createValue(value)); } bool ObjectHandler::Uint64(uint64_t value) { if (value > static_cast(std::numeric_limits::max())) { throw Exception(fmt::format("JSON value from line {} is larger than int64_t (not supported)", stream_.getLineNumber())); } return handleValueEvent(Field::createValue(static_cast(value))); } bool ObjectHandler::Null() { return handleValueEvent(Field::createNull()); } bool ObjectHandler::String(const char* value, rapidjson::SizeType size, bool) { return handleValueEvent(Field::createValue(std::string(value, size))); } bool ObjectHandler::RawNumber(const char*, rapidjson::SizeType, bool) { // Only called if kParseNumbersAsStrings is set as a parse flag, which it is not. NOT_REACHED_GCOVR_EXCL_LINE; } bool ObjectHandler::handleValueEvent(FieldSharedPtr ptr) { ptr->setLineNumberStart(stream_.getLineNumber()); switch (state_) { case State::ExpectValueOrStartObjectArray: state_ = State::ExpectKeyOrEndObject; stack_.top()->insert(key_, ptr); return true; case State::ExpectArrayValueOrEndArray: stack_.top()->append(ptr); return true; default: return false; } } } // namespace ObjectSharedPtr Factory::loadFromString(const std::string& json) { LineCountingStringStream json_stream(json.c_str()); ObjectHandler handler(json_stream); rapidjson::Reader reader; reader.Parse(json_stream, handler); if (reader.HasParseError()) { throw Exception(fmt::format("JSON supplied is not valid. Error(offset {}, line {}): {}\n", reader.GetErrorOffset(), json_stream.getLineNumber(), GetParseError_En(reader.GetParseErrorCode()))); } return handler.getRoot(); } } // namespace Json } // namespace Envoy ================================================ FILE: source/common/json/json_loader.h ================================================ #pragma once #include #include #include "envoy/json/json_object.h" namespace Envoy { namespace Json { class Factory { public: /** * Constructs a Json Object from a string. */ static ObjectSharedPtr loadFromString(const std::string& json); }; } // namespace Json } // namespace Envoy ================================================ FILE: source/common/local_info/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "local_info_lib", hdrs = ["local_info_impl.h"], deps = [ "//include/envoy/local_info:local_info_interface", "//source/common/config:version_converter_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/local_info/local_info_impl.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/local_info/local_info.h" #include "common/config/version_converter.h" namespace Envoy { namespace LocalInfo { class LocalInfoImpl : public LocalInfo { public: LocalInfoImpl(const envoy::config::core::v3::Node& node, const Network::Address::InstanceConstSharedPtr& address, absl::string_view zone_name, absl::string_view cluster_name, absl::string_view node_name) : node_(node), address_(address) { if (!zone_name.empty()) { node_.mutable_locality()->set_zone(std::string(zone_name)); } if (!cluster_name.empty()) { node_.set_cluster(std::string(cluster_name)); } if (!node_name.empty()) { node_.set_id(std::string(node_name)); } } Network::Address::InstanceConstSharedPtr address() const override { return address_; } const std::string& zoneName() const override { return node_.locality().zone(); } const std::string& clusterName() const override { return node_.cluster(); } const std::string& nodeName() const override { return node_.id(); } const envoy::config::core::v3::Node& node() const override { return node_; } private: envoy::config::core::v3::Node node_; Network::Address::InstanceConstSharedPtr address_; }; } // namespace LocalInfo } // namespace Envoy ================================================ FILE: source/common/local_reply/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "local_reply_lib", srcs = ["local_reply.cc"], hdrs = ["local_reply.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:header_map_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/access_log:access_log_lib", "//source/common/common:enum_to_int", "//source/common/config:datasource_lib", "//source/common/formatter:substitution_format_string_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/http:header_map_lib", "//source/common/router:header_parser_lib", "//source/common/stream_info:stream_info_lib", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/local_reply/local_reply.cc ================================================ #include "common/local_reply/local_reply.h" #include #include #include "common/access_log/access_log_impl.h" #include "common/common/enum_to_int.h" #include "common/config/datasource.h" #include "common/formatter/substitution_format_string.h" #include "common/formatter/substitution_formatter.h" #include "common/http/header_map_impl.h" #include "common/router/header_parser.h" namespace Envoy { namespace LocalReply { class BodyFormatter { public: BodyFormatter() : formatter_(std::make_unique("%LOCAL_REPLY_BODY%")), content_type_(Http::Headers::get().ContentTypeValues.Text) {} BodyFormatter(const envoy::config::core::v3::SubstitutionFormatString& config) : formatter_(Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config)), content_type_( !config.content_type().empty() ? config.content_type() : config.format_case() == envoy::config::core::v3::SubstitutionFormatString::FormatCase::kJsonFormat ? Http::Headers::get().ContentTypeValues.Json : Http::Headers::get().ContentTypeValues.Text) {} void format(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info, std::string& body, absl::string_view& content_type) const { body = formatter_->format(request_headers, response_headers, response_trailers, stream_info, body); content_type = content_type_; } private: const Formatter::FormatterPtr formatter_; const std::string content_type_; }; using BodyFormatterPtr = std::unique_ptr; using HeaderParserPtr = std::unique_ptr; class ResponseMapper { public: ResponseMapper( const envoy::extensions::filters::network::http_connection_manager::v3::ResponseMapper& config, Server::Configuration::FactoryContext& context) : filter_(AccessLog::FilterFactory::fromProto(config.filter(), context.runtime(), context.api().randomGenerator(), context.messageValidationVisitor())) { if (config.has_status_code()) { status_code_ = static_cast(config.status_code().value()); } if (config.has_body()) { body_ = Config::DataSource::read(config.body(), true, context.api()); } if (config.has_body_format_override()) { body_formatter_ = std::make_unique(config.body_format_override()); } header_parser_ = Envoy::Router::HeaderParser::configure(config.headers_to_add()); } bool matchAndRewrite(const Http::RequestHeaderMap& request_headers, Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, StreamInfo::StreamInfoImpl& stream_info, Http::Code& code, std::string& body, BodyFormatter*& final_formatter) const { // If not matched, just bail out. if (!filter_->evaluate(stream_info, request_headers, response_headers, response_trailers)) { return false; } if (body_.has_value()) { body = body_.value(); } header_parser_->evaluateHeaders(response_headers, stream_info); if (status_code_.has_value() && code != status_code_.value()) { code = status_code_.value(); response_headers.setStatus(std::to_string(enumToInt(code))); stream_info.response_code_ = static_cast(code); } if (body_formatter_) { final_formatter = body_formatter_.get(); } return true; } private: const AccessLog::FilterPtr filter_; absl::optional status_code_; absl::optional body_; HeaderParserPtr header_parser_; BodyFormatterPtr body_formatter_; }; using ResponseMapperPtr = std::unique_ptr; class LocalReplyImpl : public LocalReply { public: LocalReplyImpl() : body_formatter_(std::make_unique()) {} LocalReplyImpl( const envoy::extensions::filters::network::http_connection_manager::v3::LocalReplyConfig& config, Server::Configuration::FactoryContext& context) : body_formatter_(config.has_body_format() ? std::make_unique(config.body_format()) : std::make_unique()) { for (const auto& mapper : config.mappers()) { mappers_.emplace_back(std::make_unique(mapper, context)); } } void rewrite(const Http::RequestHeaderMap* request_headers, Http::ResponseHeaderMap& response_headers, StreamInfo::StreamInfoImpl& stream_info, Http::Code& code, std::string& body, absl::string_view& content_type) const override { // Set response code to stream_info and response_headers due to: // 1) StatusCode filter is using response_code from stream_info, // 2) %RESP(:status)% is from Status() in response_headers. response_headers.setStatus(std::to_string(enumToInt(code))); stream_info.response_code_ = static_cast(code); if (request_headers == nullptr) { request_headers = Http::StaticEmptyHeaders::get().request_headers.get(); } BodyFormatter* final_formatter{}; for (const auto& mapper : mappers_) { if (mapper->matchAndRewrite(*request_headers, response_headers, *Http::StaticEmptyHeaders::get().response_trailers, stream_info, code, body, final_formatter)) { break; } } if (!final_formatter) { final_formatter = body_formatter_.get(); } return final_formatter->format(*request_headers, response_headers, *Http::StaticEmptyHeaders::get().response_trailers, stream_info, body, content_type); } private: std::list mappers_; const BodyFormatterPtr body_formatter_; }; LocalReplyPtr Factory::createDefault() { return std::make_unique(); } LocalReplyPtr Factory::create( const envoy::extensions::filters::network::http_connection_manager::v3::LocalReplyConfig& config, Server::Configuration::FactoryContext& context) { return std::make_unique(config, context); } } // namespace LocalReply } // namespace Envoy ================================================ FILE: source/common/local_reply/local_reply.h ================================================ #pragma once #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/filter_config.h" #include "common/stream_info/stream_info_impl.h" namespace Envoy { namespace LocalReply { class LocalReply { public: virtual ~LocalReply() = default; /** * rewrite the response status code, body and content_type. * @param request_headers supplies the information about request headers required by filters. * @param stream_info supplies the information about streams required by filters. * @param code status code. * @param body response body. * @param content_type response content_type. */ virtual void rewrite(const Http::RequestHeaderMap* request_headers, Http::ResponseHeaderMap& response_headers, StreamInfo::StreamInfoImpl& stream_info, Http::Code& code, std::string& body, absl::string_view& content_type) const PURE; }; using LocalReplyPtr = std::unique_ptr; /** * Access log filter factory that reads from proto. */ class Factory { public: /** * Create a LocalReply object from ProtoConfig */ static LocalReplyPtr create(const envoy::extensions::filters::network::http_connection_manager::v3::LocalReplyConfig& config, Server::Configuration::FactoryContext& context); /** * Create a default LocalReply object with empty config. * It is used at places without Server::Configuration::FactoryContext. */ static LocalReplyPtr createDefault(); }; } // namespace LocalReply } // namespace Envoy ================================================ FILE: source/common/memory/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "stats_lib", srcs = ["stats.cc"], hdrs = ["stats.h"], tcmalloc_dep = 1, deps = [ "//source/common/common:logger_lib", ], ) envoy_cc_library( name = "utils_lib", srcs = ["utils.cc"], hdrs = ["utils.h"], tcmalloc_dep = 1, deps = [ ":stats_lib", ], ) envoy_cc_library( name = "heap_shrinker_lib", srcs = ["heap_shrinker.cc"], hdrs = ["heap_shrinker.h"], deps = [ ":utils_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/server:overload_manager_interface", "//include/envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", ], ) ================================================ FILE: source/common/memory/heap_shrinker.cc ================================================ #include "common/memory/heap_shrinker.h" #include "common/memory/utils.h" #include "common/stats/symbol_table_impl.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Memory { // TODO(eziskind): make this configurable constexpr std::chrono::milliseconds kTimerInterval = std::chrono::milliseconds(10000); HeapShrinker::HeapShrinker(Event::Dispatcher& dispatcher, Server::OverloadManager& overload_manager, Stats::Scope& stats) : active_(false) { const auto action_name = Server::OverloadActionNames::get().ShrinkHeap; if (overload_manager.registerForAction( action_name, dispatcher, [this](Server::OverloadActionState state) { active_ = state.isSaturated(); })) { Envoy::Stats::StatNameManagedStorage stat_name( absl::StrCat("overload.", action_name, ".shrink_count"), stats.symbolTable()); shrink_counter_ = &stats.counterFromStatName(stat_name.statName()); timer_ = dispatcher.createTimer([this] { shrinkHeap(); timer_->enableTimer(kTimerInterval); }); timer_->enableTimer(kTimerInterval); } } void HeapShrinker::shrinkHeap() { if (active_) { Utils::releaseFreeMemory(); shrink_counter_->inc(); } } } // namespace Memory } // namespace Envoy ================================================ FILE: source/common/memory/heap_shrinker.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/server/overload_manager.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" namespace Envoy { namespace Memory { /** * A utility class to periodically attempt to shrink the heap by releasing free memory * to the system if the "shrink heap" overload action has been configured and triggered. */ class HeapShrinker { public: HeapShrinker(Event::Dispatcher& dispatcher, Server::OverloadManager& overload_manager, Envoy::Stats::Scope& stats); private: void shrinkHeap(); bool active_; Envoy::Stats::Counter* shrink_counter_; Envoy::Event::TimerPtr timer_; }; } // namespace Memory } // namespace Envoy ================================================ FILE: source/common/memory/stats.cc ================================================ #include "common/memory/stats.h" #include #include "common/common/logger.h" #if defined(TCMALLOC) #include "tcmalloc/malloc_extension.h" namespace Envoy { namespace Memory { uint64_t Stats::totalCurrentlyAllocated() { return tcmalloc::MallocExtension::GetNumericProperty("generic.current_allocated_bytes") .value_or(0); } uint64_t Stats::totalCurrentlyReserved() { // In Google's tcmalloc the semantics of generic.heap_size has // changed: it doesn't include unmapped bytes. return tcmalloc::MallocExtension::GetNumericProperty("generic.heap_size").value_or(0) + tcmalloc::MallocExtension::GetNumericProperty("tcmalloc.pageheap_unmapped_bytes") .value_or(0); } uint64_t Stats::totalThreadCacheBytes() { return tcmalloc::MallocExtension::GetNumericProperty("tcmalloc.current_total_thread_cache_bytes") .value_or(0); } uint64_t Stats::totalPageHeapFree() { return tcmalloc::MallocExtension::GetNumericProperty("tcmalloc.pageheap_free_bytes").value_or(0); } uint64_t Stats::totalPageHeapUnmapped() { return tcmalloc::MallocExtension::GetNumericProperty("tcmalloc.pageheap_unmapped_bytes") .value_or(0); } uint64_t Stats::totalPhysicalBytes() { return tcmalloc::MallocExtension::GetProperties()["generic.physical_memory_used"].value; } void Stats::dumpStatsToLog() { ENVOY_LOG_MISC(debug, "TCMalloc stats:\n{}", tcmalloc::MallocExtension::GetStats()); } } // namespace Memory } // namespace Envoy #elif defined(GPERFTOOLS_TCMALLOC) #include "gperftools/malloc_extension.h" namespace Envoy { namespace Memory { uint64_t Stats::totalCurrentlyAllocated() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("generic.current_allocated_bytes", &value); return value; } uint64_t Stats::totalCurrentlyReserved() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("generic.heap_size", &value); return value; } uint64_t Stats::totalThreadCacheBytes() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("tcmalloc.current_total_thread_cache_bytes", &value); return value; } uint64_t Stats::totalPageHeapFree() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("tcmalloc.pageheap_free_bytes", &value); return value; } uint64_t Stats::totalPageHeapUnmapped() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("tcmalloc.pageheap_unmapped_bytes", &value); return value; } uint64_t Stats::totalPhysicalBytes() { size_t value = 0; MallocExtension::instance()->GetNumericProperty("generic.total_physical_bytes", &value); return value; } void Stats::dumpStatsToLog() { constexpr int buffer_size = 100000; auto buffer = std::make_unique(buffer_size); MallocExtension::instance()->GetStats(buffer.get(), buffer_size); ENVOY_LOG_MISC(debug, "TCMalloc stats:\n{}", buffer.get()); } } // namespace Memory } // namespace Envoy #else namespace Envoy { namespace Memory { uint64_t Stats::totalCurrentlyAllocated() { return 0; } uint64_t Stats::totalThreadCacheBytes() { return 0; } uint64_t Stats::totalCurrentlyReserved() { return 0; } uint64_t Stats::totalPageHeapUnmapped() { return 0; } uint64_t Stats::totalPageHeapFree() { return 0; } uint64_t Stats::totalPhysicalBytes() { return 0; } void Stats::dumpStatsToLog() {} } // namespace Memory } // namespace Envoy #endif // #if defined(TCMALLOC) ================================================ FILE: source/common/memory/stats.h ================================================ #pragma once #include namespace Envoy { namespace Memory { /** * Runtime stats for process memory usage. */ class Stats { public: /** * @return uint64_t the total memory currently allocated. */ static uint64_t totalCurrentlyAllocated(); /** * @return uint64_t the total memory reserved for the process by the heap but not necessarily * allocated. */ static uint64_t totalCurrentlyReserved(); /** * @return uint64_t the amount of memory used by the TCMalloc thread caches (for small objects). */ static uint64_t totalThreadCacheBytes(); /** * @return uint64_t the number of bytes in free, unmapped pages in the page heap. These bytes * always count towards virtual memory usage, and depending on the OS, typically * do not count towards physical memory usage. */ static uint64_t totalPageHeapUnmapped(); /** * @return uint64_t the number of bytes in free, mapped pages in the page heap. These bytes always * count towards virtual memory usage, and unless the underlying memory is * swapped out by the OS, they also count towards physical memory usage. */ static uint64_t totalPageHeapFree(); /** * @return uint64_t estimate of total bytes of the physical memory usage by the allocator */ static uint64_t totalPhysicalBytes(); /** * Log detailed stats about current memory allocation. Intended for debugging purposes. */ static void dumpStatsToLog(); }; } // namespace Memory } // namespace Envoy ================================================ FILE: source/common/memory/utils.cc ================================================ #include "common/memory/utils.h" #include "common/common/assert.h" #include "common/memory/stats.h" #if defined(TCMALLOC) #include "tcmalloc/malloc_extension.h" #elif defined(GPERFTOOLS_TCMALLOC) #include "gperftools/malloc_extension.h" #endif namespace Envoy { namespace Memory { namespace { #if defined(TCMALLOC) || defined(GPERFTOOLS_TCMALLOC) // TODO(zyfjeff): Make max unfreed memory byte configurable constexpr uint64_t MAX_UNFREED_MEMORY_BYTE = 100 * 1024 * 1024; #endif } // namespace void Utils::releaseFreeMemory() { #if defined(TCMALLOC) tcmalloc::MallocExtension::ReleaseMemoryToSystem(MAX_UNFREED_MEMORY_BYTE); #elif defined(GPERFTOOLS_TCMALLOC) MallocExtension::instance()->ReleaseFreeMemory(); #endif } /* The purpose of this function is to release the cache introduced by tcmalloc, mainly in xDS config updates, admin handler, and so on. all work on the main thread, so the overall impact on performance is small. Ref: https://github.com/envoyproxy/envoy/pull/9471#discussion_r363825985 */ void Utils::tryShrinkHeap() { #if defined(TCMALLOC) || defined(GPERFTOOLS_TCMALLOC) auto total_physical_bytes = Stats::totalPhysicalBytes(); auto allocated_size_by_app = Stats::totalCurrentlyAllocated(); ASSERT(total_physical_bytes >= allocated_size_by_app); if ((total_physical_bytes - allocated_size_by_app) >= MAX_UNFREED_MEMORY_BYTE) { Utils::releaseFreeMemory(); } #endif } } // namespace Memory } // namespace Envoy ================================================ FILE: source/common/memory/utils.h ================================================ #pragma once namespace Envoy { namespace Memory { class Utils { public: static void releaseFreeMemory(); static void tryShrinkHeap(); }; } // namespace Memory } // namespace Envoy ================================================ FILE: source/common/network/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "address_lib", srcs = ["address_impl.cc"], hdrs = ["address_impl.h"], deps = [ ":socket_interface_lib", "//include/envoy/network:address_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "application_protocol_lib", srcs = ["application_protocol.cc"], hdrs = ["application_protocol.h"], deps = [ "//include/envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "cidr_range_lib", srcs = ["cidr_range.cc"], hdrs = ["cidr_range.h"], deps = [ ":address_lib", ":utility_lib", "//include/envoy/network:address_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "connection_balancer_lib", srcs = ["connection_balancer_impl.cc"], hdrs = ["connection_balancer_impl.h"], deps = [ "//include/envoy/network:connection_balancer_interface", ], ) envoy_cc_library( name = "connection_base_lib", srcs = ["connection_impl_base.cc"], hdrs = ["connection_impl_base.h"], deps = [ ":filter_manager_lib", "//include/envoy/event:dispatcher_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "connection_lib", srcs = ["connection_impl.cc"], hdrs = ["connection_impl.h"], external_deps = ["abseil_optional"], deps = [ ":address_lib", ":connection_base_lib", ":raw_buffer_socket_lib", ":utility_lib", "//include/envoy/event:timer_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:minimal_logger_lib", "//source/common/event:libevent_lib", "//source/common/network:listen_socket_lib", "//source/common/stream_info:stream_info_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "apple_dns_lib", srcs = select({ "//bazel:apple": ["apple_dns_impl.cc"], "//conditions:default": [], }), hdrs = select({ "//bazel:apple": ["apple_dns_impl.h"], "//conditions:default": [], }), deps = [ ":address_lib", ":utility_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/network:dns_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", ], ) envoy_cc_library( name = "dns_lib", srcs = ["dns_impl.cc"], hdrs = ["dns_impl.h"], external_deps = ["ares"], deps = [ ":address_lib", ":utility_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/network:dns_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", ], ) envoy_cc_library( name = "filter_lib", hdrs = ["filter_impl.h"], deps = [ "//include/envoy/network:filter_interface", ], ) envoy_cc_library( name = "filter_manager_lib", srcs = ["filter_manager_impl.cc"], hdrs = ["filter_manager_impl.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", ], ) envoy_cc_library( name = "hash_policy_lib", srcs = ["hash_policy.cc"], hdrs = ["hash_policy.h"], deps = [ "//include/envoy/network:hash_policy_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "io_socket_error_lib", srcs = ["io_socket_error_impl.cc"], hdrs = ["io_socket_error_impl.h"], deps = [ "//include/envoy/api:io_error_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "lc_trie_lib", hdrs = ["lc_trie.h"], external_deps = [ "abseil_node_hash_set", "abseil_int128", ], deps = [ ":address_lib", ":cidr_range_lib", ":utility_lib", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "socket_interface_lib", hdrs = ["socket_interface.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/network:socket_interface_interface", "//include/envoy/registry", "//include/envoy/server:bootstrap_extension_config_interface", ], ) envoy_cc_library( name = "default_socket_interface_lib", srcs = [ "io_socket_handle_impl.cc", "socket_interface_impl.cc", ], hdrs = [ "io_socket_handle_impl.h", "socket_interface_impl.h", ], deps = [ ":address_lib", ":io_socket_error_lib", ":socket_interface_lib", ":socket_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:io_handle_interface", "//source/common/api:os_sys_calls_lib", "//source/common/event:dispatcher_includes", "@envoy_api//envoy/extensions/network/socket_interface/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "socket_lib", srcs = ["socket_impl.cc"], hdrs = ["socket_impl.h"], deps = [ "//include/envoy/network:socket_interface", "//include/envoy/network:socket_interface_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "listen_socket_lib", srcs = ["listen_socket_impl.cc"], hdrs = ["listen_socket_impl.h"], deps = [ ":socket_lib", ":utility_lib", "//include/envoy/network:exception_interface", "//include/envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "listener_lib", srcs = [ "base_listener_impl.cc", "tcp_listener_impl.cc", "udp_listener_impl.cc", ], hdrs = [ "base_listener_impl.h", "tcp_listener_impl.h", "udp_listener_impl.h", ], deps = [ ":address_lib", ":default_socket_interface_lib", ":listen_socket_lib", ":udp_default_writer_config", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/network:exception_interface", "//include/envoy/network:listener_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:linked_object", "//source/common/event:dispatcher_includes", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "raw_buffer_socket_lib", srcs = ["raw_buffer_socket.cc"], hdrs = ["raw_buffer_socket.h"], deps = [ ":utility_lib", "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:headers_lib", ], ) envoy_cc_library( name = "resolver_lib", srcs = ["resolver_impl.cc"], hdrs = ["resolver_impl.h"], deps = [ ":utility_lib", "//include/envoy/network:address_interface", "//include/envoy/network:resolver_interface", "//include/envoy/registry", "//source/common/config:well_known_names", "//source/common/network:address_lib", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "socket_option_lib", srcs = ["socket_option_impl.cc"], hdrs = ["socket_option_impl.h"], external_deps = ["abseil_optional"], deps = [ ":address_lib", ":listen_socket_lib", "//include/envoy/api:os_sys_calls_interface", "//include/envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "addr_family_aware_socket_option_lib", srcs = ["addr_family_aware_socket_option_impl.cc"], hdrs = ["addr_family_aware_socket_option_impl.h"], external_deps = ["abseil_optional"], deps = [ ":address_lib", ":socket_lib", ":socket_option_lib", "//include/envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:logger_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "socket_option_factory_lib", srcs = ["socket_option_factory.cc"], hdrs = ["socket_option_factory.h"], external_deps = ["abseil_optional"], deps = [ ":addr_family_aware_socket_option_lib", ":address_lib", ":socket_option_lib", "//include/envoy/network:listen_socket_interface", "//source/common/common:logger_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [ ":address_lib", ":default_socket_interface_lib", ":socket_lib", "//include/envoy/network:connection_interface", "//include/envoy/network:listener_interface", "//include/envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:utility_lib", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "transport_socket_options_lib", srcs = ["transport_socket_options_impl.cc"], hdrs = ["transport_socket_options_impl.h"], deps = [ ":application_protocol_lib", ":proxy_protocol_filter_state_lib", ":upstream_server_name_lib", ":upstream_subject_alt_names_lib", "//include/envoy/network:proxy_protocol_options_lib", "//include/envoy/network:transport_socket_interface", "//include/envoy/stream_info:filter_state_interface", "//source/common/common:scalar_to_byte_vector_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "upstream_server_name_lib", srcs = ["upstream_server_name.cc"], hdrs = ["upstream_server_name.h"], deps = [ "//include/envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "upstream_subject_alt_names_lib", srcs = ["upstream_subject_alt_names.cc"], hdrs = ["upstream_subject_alt_names.h"], deps = [ "//include/envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "filter_matcher_lib", srcs = [ "filter_matcher.cc", ], hdrs = ["filter_matcher.h"], external_deps = [ "abseil_str_format", ], deps = [ "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "udp_packet_writer_handler_lib", srcs = ["udp_packet_writer_handler_impl.cc"], hdrs = ["udp_packet_writer_handler_impl.h"], deps = [ ":io_socket_error_lib", ":utility_lib", "//include/envoy/network:socket_interface", "//include/envoy/network:udp_packet_writer_config_interface", "//include/envoy/network:udp_packet_writer_handler_interface", "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "udp_default_writer_config", srcs = ["udp_default_writer_config.cc"], hdrs = ["udp_default_writer_config.h"], deps = [ ":udp_packet_writer_handler_lib", "//include/envoy/network:udp_packet_writer_config_interface", "//include/envoy/registry", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "proxy_protocol_filter_state_lib", srcs = ["proxy_protocol_filter_state.cc"], hdrs = ["proxy_protocol_filter_state.h"], deps = [ "//include/envoy/network:proxy_protocol_options_lib", "//include/envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) ================================================ FILE: source/common/network/addr_family_aware_socket_option_impl.cc ================================================ #include "common/network/addr_family_aware_socket_option_impl.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/network/address_impl.h" #include "common/network/socket_option_impl.h" namespace Envoy { namespace Network { namespace { SocketOptionImplOptRef getOptionForSocket(const Socket& socket, SocketOptionImpl& ipv4_option, SocketOptionImpl& ipv6_option) { auto version = socket.ipVersion(); if (!version.has_value()) { return absl::nullopt; } // If the FD is v4, we can only try the IPv4 variant. if (*version == Network::Address::IpVersion::v4) { return {ipv4_option}; } // If the FD is v6, we first try the IPv6 variant if the platform supports it and fallback to the // IPv4 variant otherwise. ASSERT(*version == Network::Address::IpVersion::v6); if (ipv6_option.isSupported()) { return {ipv6_option}; } return {ipv4_option}; } } // namespace bool AddrFamilyAwareSocketOptionImpl::setOption( Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const { return setIpSocketOption(socket, state, ipv4_option_, ipv6_option_); } absl::optional AddrFamilyAwareSocketOptionImpl::getOptionDetails( const Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const { auto option = getOptionForSocket(socket, *ipv4_option_, *ipv6_option_); if (!option.has_value()) { return absl::nullopt; } return option->get().getOptionDetails(socket, state); } bool AddrFamilyAwareSocketOptionImpl::setIpSocketOption( Socket& socket, envoy::config::core::v3::SocketOption::SocketState state, const std::unique_ptr& ipv4_option, const std::unique_ptr& ipv6_option) { auto option = getOptionForSocket(socket, *ipv4_option, *ipv6_option); if (!option.has_value()) { ENVOY_LOG(warn, "Failed to set IP socket option on non-IP socket"); return false; } return option->get().setOption(socket, state); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/addr_family_aware_socket_option_impl.h ================================================ #pragma once #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/listen_socket.h" #include "common/common/logger.h" #include "common/network/socket_option_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { class AddrFamilyAwareSocketOptionImpl : public Socket::Option, Logger::Loggable { public: AddrFamilyAwareSocketOptionImpl(envoy::config::core::v3::SocketOption::SocketState in_state, SocketOptionName ipv4_optname, SocketOptionName ipv6_optname, int value) : ipv4_option_(std::make_unique(in_state, ipv4_optname, value)), ipv6_option_(std::make_unique(in_state, ipv6_optname, value)) {} // Socket::Option bool setOption(Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; // The common socket options don't require a hash key. void hashKey(std::vector&) const override {} absl::optional
    getOptionDetails(const Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; /** * Set a socket option that applies at both IPv4 and IPv6 socket levels. When the underlying FD * is IPv6, this function will attempt to set at IPv6 unless the platform only supports the * option at the IPv4 level. * @param socket. * @param ipv4_optname SocketOptionName for IPv4 level. Set to empty if not supported on * platform. * @param ipv6_optname SocketOptionName for IPv6 level. Set to empty if not supported on * platform. * @param optval as per setsockopt(2). * @param optlen as per setsockopt(2). * @return int as per setsockopt(2). ENOTSUP is returned if the option is not supported on the * platform for fd after the above option level fallback semantics are taken into account or the * socket is non-IP. */ static bool setIpSocketOption(Socket& socket, envoy::config::core::v3::SocketOption::SocketState state, const std::unique_ptr& ipv4_option, const std::unique_ptr& ipv6_option); private: const std::unique_ptr ipv4_option_; const std::unique_ptr ipv6_option_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/address_impl.cc ================================================ #include "common/network/address_impl.h" #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/network/socket_interface.h" namespace Envoy { namespace Network { namespace Address { namespace { // Validate that IPv4 is supported on this platform, raise an exception for the // given address if not. void validateIpv4Supported(const std::string& address) { static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET); if (!supported) { throw EnvoyException( fmt::format("IPv4 addresses are not supported on this machine: {}", address)); } } // Validate that IPv6 is supported on this platform, raise an exception for the // given address if not. void validateIpv6Supported(const std::string& address) { static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET6); if (!supported) { throw EnvoyException( fmt::format("IPv6 addresses are not supported on this machine: {}", address)); } } // Constructs a readable string with the embedded nulls in the abstract path replaced with '@'. std::string friendlyNameFromAbstractPath(absl::string_view path) { std::string friendly_name(path.data(), path.size()); std::replace(friendly_name.begin(), friendly_name.end(), '\0', '@'); return friendly_name; } const SocketInterface* sockInterfaceOrDefault(const SocketInterface* sock_interface) { return sock_interface == nullptr ? &SocketInterfaceSingleton::get() : sock_interface; } } // namespace Address::InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, socklen_t ss_len, bool v6only) { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) >= sizeof(sa_family_t), ""); switch (ss.ss_family) { case AF_INET: { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) == sizeof(sockaddr_in), ""); const struct sockaddr_in* sin = reinterpret_cast(&ss); ASSERT(AF_INET == sin->sin_family); return std::make_shared(sin); } case AF_INET6: { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) == sizeof(sockaddr_in6), ""); const struct sockaddr_in6* sin6 = reinterpret_cast(&ss); ASSERT(AF_INET6 == sin6->sin6_family); if (!v6only && IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { #if defined(__APPLE__) struct sockaddr_in sin = { {}, AF_INET, sin6->sin6_port, {sin6->sin6_addr.__u6_addr.__u6_addr32[3]}, {}}; #elif defined(WIN32) struct in_addr in_v4 = {}; in_v4.S_un.S_addr = reinterpret_cast(sin6->sin6_addr.u.Byte)[3]; struct sockaddr_in sin = {AF_INET, sin6->sin6_port, in_v4, {}}; #else struct sockaddr_in sin = {AF_INET, sin6->sin6_port, {sin6->sin6_addr.s6_addr32[3]}, {}}; #endif return std::make_shared(&sin); } else { return std::make_shared(*sin6, v6only); } } case AF_UNIX: { const struct sockaddr_un* sun = reinterpret_cast(&ss); ASSERT(AF_UNIX == sun->sun_family); RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) >= offsetof(struct sockaddr_un, sun_path) + 1, ""); return std::make_shared(sun, ss_len); } default: throw EnvoyException(fmt::format("Unexpected sockaddr family: {}", ss.ss_family)); } NOT_REACHED_GCOVR_EXCL_LINE; } Ipv4Instance::Ipv4Instance(const sockaddr_in* address, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); ip_.ipv4_.address_ = *address; ip_.friendly_address_ = sockaddrToString(*address); // Based on benchmark testing, this reserve+append implementation runs faster than absl::StrCat. fmt::format_int port(ntohs(address->sin_port)); friendly_name_.reserve(ip_.friendly_address_.size() + 1 + port.size()); friendly_name_.append(ip_.friendly_address_); friendly_name_.push_back(':'); friendly_name_.append(port.data(), port.size()); validateIpv4Supported(friendly_name_); } Ipv4Instance::Ipv4Instance(const std::string& address, const SocketInterface* sock_interface) : Ipv4Instance(address, 0, sockInterfaceOrDefault(sock_interface)) {} Ipv4Instance::Ipv4Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); ip_.ipv4_.address_.sin_family = AF_INET; ip_.ipv4_.address_.sin_port = htons(port); int rc = inet_pton(AF_INET, address.c_str(), &ip_.ipv4_.address_.sin_addr); if (1 != rc) { throw EnvoyException(fmt::format("invalid ipv4 address '{}'", address)); } friendly_name_ = absl::StrCat(address, ":", port); validateIpv4Supported(friendly_name_); ip_.friendly_address_ = address; } Ipv4Instance::Ipv4Instance(uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); ip_.ipv4_.address_.sin_family = AF_INET; ip_.ipv4_.address_.sin_port = htons(port); ip_.ipv4_.address_.sin_addr.s_addr = INADDR_ANY; friendly_name_ = absl::StrCat("0.0.0.0:", port); validateIpv4Supported(friendly_name_); ip_.friendly_address_ = "0.0.0.0"; } bool Ipv4Instance::operator==(const Instance& rhs) const { const Ipv4Instance* rhs_casted = dynamic_cast(&rhs); return (rhs_casted && (ip_.ipv4_.address() == rhs_casted->ip_.ipv4_.address()) && (ip_.port() == rhs_casted->ip_.port())); } std::string Ipv4Instance::sockaddrToString(const sockaddr_in& addr) { static constexpr size_t BufferSize = 16; // enough space to hold an IPv4 address in string form char str[BufferSize]; // Write backwards from the end of the buffer for simplicity. char* start = str + BufferSize; uint32_t ipv4_addr = ntohl(addr.sin_addr.s_addr); for (unsigned i = 4; i != 0; i--, ipv4_addr >>= 8) { uint32_t octet = ipv4_addr & 0xff; if (octet == 0) { ASSERT(start > str); *--start = '0'; } else { do { ASSERT(start > str); *--start = '0' + (octet % 10); octet /= 10; } while (octet != 0); } if (i != 1) { ASSERT(start > str); *--start = '.'; } } return std::string(start, str + BufferSize - start); } absl::uint128 Ipv6Instance::Ipv6Helper::address() const { absl::uint128 result{0}; static_assert(sizeof(absl::uint128) == 16, "The size of asbl::uint128 is not 16."); memcpy(static_cast(&result), static_cast(&address_.sin6_addr.s6_addr), sizeof(absl::uint128)); return result; } uint32_t Ipv6Instance::Ipv6Helper::port() const { return ntohs(address_.sin6_port); } bool Ipv6Instance::Ipv6Helper::v6only() const { return v6only_; }; std::string Ipv6Instance::Ipv6Helper::makeFriendlyAddress() const { char str[INET6_ADDRSTRLEN]; const char* ptr = inet_ntop(AF_INET6, &address_.sin6_addr, str, INET6_ADDRSTRLEN); ASSERT(str == ptr); return ptr; } Ipv6Instance::Ipv6Instance(const sockaddr_in6& address, bool v6only, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { ip_.ipv6_.address_ = address; ip_.friendly_address_ = ip_.ipv6_.makeFriendlyAddress(); ip_.ipv6_.v6only_ = v6only; friendly_name_ = fmt::format("[{}]:{}", ip_.friendly_address_, ip_.port()); validateIpv6Supported(friendly_name_); } Ipv6Instance::Ipv6Instance(const std::string& address, const SocketInterface* sock_interface) : Ipv6Instance(address, 0, sockInterfaceOrDefault(sock_interface)) {} Ipv6Instance::Ipv6Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { ip_.ipv6_.address_.sin6_family = AF_INET6; ip_.ipv6_.address_.sin6_port = htons(port); if (!address.empty()) { if (1 != inet_pton(AF_INET6, address.c_str(), &ip_.ipv6_.address_.sin6_addr)) { throw EnvoyException(fmt::format("invalid ipv6 address '{}'", address)); } } else { ip_.ipv6_.address_.sin6_addr = in6addr_any; } // Just in case address is in a non-canonical format, format from network address. ip_.friendly_address_ = ip_.ipv6_.makeFriendlyAddress(); friendly_name_ = fmt::format("[{}]:{}", ip_.friendly_address_, ip_.port()); validateIpv6Supported(friendly_name_); } Ipv6Instance::Ipv6Instance(uint32_t port, const SocketInterface* sock_interface) : Ipv6Instance("", port, sockInterfaceOrDefault(sock_interface)) {} bool Ipv6Instance::operator==(const Instance& rhs) const { const auto* rhs_casted = dynamic_cast(&rhs); return (rhs_casted && (ip_.ipv6_.address() == rhs_casted->ip_.ipv6_.address()) && (ip_.port() == rhs_casted->ip_.port())); } PipeInstance::PipeInstance(const sockaddr_un* address, socklen_t ss_len, mode_t mode, const SocketInterface* sock_interface) : InstanceBase(Type::Pipe, sockInterfaceOrDefault(sock_interface)) { if (address->sun_path[0] == '\0') { #if !defined(__linux__) throw EnvoyException("Abstract AF_UNIX sockets are only supported on linux."); #endif RELEASE_ASSERT(static_cast(ss_len) >= offsetof(struct sockaddr_un, sun_path) + 1, ""); pipe_.abstract_namespace_ = true; pipe_.address_length_ = ss_len - offsetof(struct sockaddr_un, sun_path); } pipe_.address_ = *address; if (pipe_.abstract_namespace_) { if (mode != 0) { throw EnvoyException("Cannot set mode for Abstract AF_UNIX sockets"); } // Replace all null characters with '@' in friendly_name_. friendly_name_ = friendlyNameFromAbstractPath( absl::string_view(pipe_.address_.sun_path, pipe_.address_length_)); } else { friendly_name_ = address->sun_path; } pipe_.mode_ = mode; } PipeInstance::PipeInstance(const std::string& pipe_path, mode_t mode, const SocketInterface* sock_interface) : InstanceBase(Type::Pipe, sockInterfaceOrDefault(sock_interface)) { if (pipe_path.size() >= sizeof(pipe_.address_.sun_path)) { throw EnvoyException( fmt::format("Path \"{}\" exceeds maximum UNIX domain socket path size of {}.", pipe_path, sizeof(pipe_.address_.sun_path))); } memset(&pipe_.address_, 0, sizeof(pipe_.address_)); pipe_.address_.sun_family = AF_UNIX; if (pipe_path[0] == '@') { // This indicates an abstract namespace. // In this case, null bytes in the name have no special significance, and so we copy all // characters of pipe_path to sun_path, including null bytes in the name. The pathname must also // be null terminated. The friendly name is the address path with embedded nulls replaced with // '@' for consistency with the first character. #if !defined(__linux__) throw EnvoyException("Abstract AF_UNIX sockets are only supported on linux."); #endif if (mode != 0) { throw EnvoyException("Cannot set mode for Abstract AF_UNIX sockets"); } pipe_.abstract_namespace_ = true; pipe_.address_length_ = pipe_path.size(); memcpy(&pipe_.address_.sun_path[0], pipe_path.data(), pipe_path.size()); pipe_.address_.sun_path[0] = '\0'; pipe_.address_.sun_path[pipe_path.size()] = '\0'; friendly_name_ = friendlyNameFromAbstractPath( absl::string_view(pipe_.address_.sun_path, pipe_.address_length_)); } else { // Throw an error if the pipe path has an embedded null character. if (pipe_path.size() != strlen(pipe_path.c_str())) { throw EnvoyException("UNIX domain socket pathname contains embedded null characters"); } StringUtil::strlcpy(&pipe_.address_.sun_path[0], pipe_path.c_str(), sizeof(pipe_.address_.sun_path)); friendly_name_ = pipe_.address_.sun_path; } pipe_.mode_ = mode; } bool PipeInstance::operator==(const Instance& rhs) const { return asString() == rhs.asString(); } EnvoyInternalInstance::EnvoyInternalInstance(const std::string& address_id, const SocketInterface* sock_interface) : InstanceBase(Type::EnvoyInternal, sockInterfaceOrDefault(sock_interface)), internal_address_(address_id) { friendly_name_ = absl::StrCat("envoy://", address_id); } bool EnvoyInternalInstance::operator==(const Instance& rhs) const { return rhs.type() == Type::EnvoyInternal && asString() == rhs.asString(); } } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/address_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/common/platform.h" #include "envoy/network/address.h" #include "envoy/network/socket.h" #include "common/common/assert.h" namespace Envoy { namespace Network { namespace Address { /** * Convert an address in the form of the socket address struct defined by Posix, Linux, etc. into * a Network::Address::Instance and return a pointer to it. Raises an EnvoyException on failure. * @param ss a valid address with family AF_INET, AF_INET6 or AF_UNIX. * @param len length of the address (e.g. from accept, getsockname or getpeername). If len > 0, * it is used to validate the structure contents; else if len == 0, it is ignored. * @param v6only disable IPv4-IPv6 mapping for IPv6 addresses? * @return InstanceConstSharedPtr the address. */ InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, socklen_t len, bool v6only = true); /** * Base class for all address types. */ class InstanceBase : public Instance { public: // Network::Address::Instance const std::string& asString() const override { return friendly_name_; } absl::string_view asStringView() const override { return friendly_name_; } // Default logical name is the human-readable name. const std::string& logicalName() const override { return asString(); } Type type() const override { return type_; } const SocketInterface& socketInterface() const override { return socket_interface_; } protected: InstanceBase(Type type, const SocketInterface* sock_interface) : socket_interface_(*sock_interface), type_(type) {} std::string friendly_name_; const SocketInterface& socket_interface_; private: const Type type_; }; /** * Implementation of an IPv4 address. */ class Ipv4Instance : public InstanceBase { public: /** * Construct from an existing unix IPv4 socket address (IP v4 address and port). */ explicit Ipv4Instance(const sockaddr_in* address, const SocketInterface* sock_interface = nullptr); /** * Construct from a string IPv4 address such as "1.2.3.4". Port will be unset/0. */ explicit Ipv4Instance(const std::string& address, const SocketInterface* sock_interface = nullptr); /** * Construct from a string IPv4 address such as "1.2.3.4" as well as a port. */ Ipv4Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface = nullptr); /** * Construct from a port. The IPv4 address will be set to "any" and is suitable for binding * a port to any available address. */ explicit Ipv4Instance(uint32_t port, const SocketInterface* sock_interface = nullptr); // Network::Address::Instance bool operator==(const Instance& rhs) const override; const Ip* ip() const override { return &ip_; } const Pipe* pipe() const override { return nullptr; } const EnvoyInternalAddress* envoyInternalAddress() const override { return nullptr; } const sockaddr* sockAddr() const override { return reinterpret_cast(&ip_.ipv4_.address_); } socklen_t sockAddrLen() const override { return sizeof(sockaddr_in); } /** * Convenience function to convert an IPv4 address to canonical string format. * @note This works similarly to inet_ntop() but is faster. * @param addr address to format. * @return the address in dotted-decimal string format. */ static std::string sockaddrToString(const sockaddr_in& addr); private: struct Ipv4Helper : public Ipv4 { uint32_t address() const override { return address_.sin_addr.s_addr; } sockaddr_in address_; }; struct IpHelper : public Ip { const std::string& addressAsString() const override { return friendly_address_; } bool isAnyAddress() const override { return ipv4_.address_.sin_addr.s_addr == INADDR_ANY; } bool isUnicastAddress() const override { return !isAnyAddress() && (ipv4_.address_.sin_addr.s_addr != INADDR_BROADCAST) && // inlined IN_MULTICAST() to avoid byte swapping !((ipv4_.address_.sin_addr.s_addr & htonl(0xf0000000)) == htonl(0xe0000000)); } const Ipv4* ipv4() const override { return &ipv4_; } const Ipv6* ipv6() const override { return nullptr; } uint32_t port() const override { return ntohs(ipv4_.address_.sin_port); } IpVersion version() const override { return IpVersion::v4; } Ipv4Helper ipv4_; std::string friendly_address_; }; IpHelper ip_; }; /** * Implementation of an IPv6 address. */ class Ipv6Instance : public InstanceBase { public: /** * Construct from an existing unix IPv6 socket address (IP v6 address and port). */ Ipv6Instance(const sockaddr_in6& address, bool v6only = true, const SocketInterface* sock_interface = nullptr); /** * Construct from a string IPv6 address such as "12:34::5". Port will be unset/0. */ explicit Ipv6Instance(const std::string& address, const SocketInterface* sock_interface = nullptr); /** * Construct from a string IPv6 address such as "12:34::5" as well as a port. */ Ipv6Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface = nullptr); /** * Construct from a port. The IPv6 address will be set to "any" and is suitable for binding * a port to any available address. */ explicit Ipv6Instance(uint32_t port, const SocketInterface* sock_interface = nullptr); // Network::Address::Instance bool operator==(const Instance& rhs) const override; const Ip* ip() const override { return &ip_; } const Pipe* pipe() const override { return nullptr; } const EnvoyInternalAddress* envoyInternalAddress() const override { return nullptr; } const sockaddr* sockAddr() const override { return reinterpret_cast(&ip_.ipv6_.address_); } socklen_t sockAddrLen() const override { return sizeof(sockaddr_in6); } private: struct Ipv6Helper : public Ipv6 { Ipv6Helper() { memset(&address_, 0, sizeof(address_)); } absl::uint128 address() const override; bool v6only() const override; uint32_t port() const; std::string makeFriendlyAddress() const; sockaddr_in6 address_; // Is IPv4 compatibility (https://tools.ietf.org/html/rfc3493#page-11) disabled? // Default initialized to true to preserve extant Envoy behavior where we don't explicitly set // this in the constructor. bool v6only_{true}; }; struct IpHelper : public Ip { const std::string& addressAsString() const override { return friendly_address_; } bool isAnyAddress() const override { return 0 == memcmp(&ipv6_.address_.sin6_addr, &in6addr_any, sizeof(struct in6_addr)); } bool isUnicastAddress() const override { return !isAnyAddress() && !IN6_IS_ADDR_MULTICAST(&ipv6_.address_.sin6_addr); } const Ipv4* ipv4() const override { return nullptr; } const Ipv6* ipv6() const override { return &ipv6_; } uint32_t port() const override { return ipv6_.port(); } IpVersion version() const override { return IpVersion::v6; } Ipv6Helper ipv6_; std::string friendly_address_; }; IpHelper ip_; }; /** * Implementation of a pipe address (unix domain socket on unix). */ class PipeInstance : public InstanceBase { public: /** * Construct from an existing unix address. */ explicit PipeInstance(const sockaddr_un* address, socklen_t ss_len, mode_t mode = 0, const SocketInterface* sock_interface = nullptr); /** * Construct from a string pipe path. */ explicit PipeInstance(const std::string& pipe_path, mode_t mode = 0, const SocketInterface* sock_interface = nullptr); // Network::Address::Instance bool operator==(const Instance& rhs) const override; const Ip* ip() const override { return nullptr; } const Pipe* pipe() const override { return &pipe_; } const EnvoyInternalAddress* envoyInternalAddress() const override { return nullptr; } const sockaddr* sockAddr() const override { return reinterpret_cast(&pipe_.address_); } socklen_t sockAddrLen() const override { if (pipe_.abstract_namespace_) { return offsetof(struct sockaddr_un, sun_path) + pipe_.address_length_; } return sizeof(pipe_.address_); } private: struct PipeHelper : public Pipe { bool abstractNamespace() const override { return abstract_namespace_; } mode_t mode() const override { return mode_; } sockaddr_un address_; // For abstract namespaces. bool abstract_namespace_{false}; uint32_t address_length_{0}; mode_t mode_{0}; }; PipeHelper pipe_; }; class EnvoyInternalInstance : public InstanceBase { public: /** * Construct from a string name. */ explicit EnvoyInternalInstance(const std::string& address_id, const SocketInterface* sock_interface = nullptr); // Network::Address::Instance bool operator==(const Instance& rhs) const override; const Ip* ip() const override { return nullptr; } const Pipe* pipe() const override { return nullptr; } const EnvoyInternalAddress* envoyInternalAddress() const override { return &internal_address_; } // TODO(lambdai): Verify all callers accepts nullptr. const sockaddr* sockAddr() const override { return nullptr; } socklen_t sockAddrLen() const override { return 0; } private: struct EnvoyInternalAddressImpl : public EnvoyInternalAddress { explicit EnvoyInternalAddressImpl(const std::string& address_id) : address_id_(address_id) {} ~EnvoyInternalAddressImpl() override = default; const std::string& addressId() const override { return address_id_; } const std::string address_id_; }; EnvoyInternalAddressImpl internal_address_; }; } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/apple_dns_impl.cc ================================================ #include "common/network/apple_dns_impl.h" #include #include #include #include #include #include #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Network { AppleDnsResolverImpl::AppleDnsResolverImpl(Event::Dispatcher& dispatcher) : dispatcher_(dispatcher) { ENVOY_LOG(debug, "Constructing DNS resolver"); initializeMainSdRef(); } AppleDnsResolverImpl::~AppleDnsResolverImpl() { ENVOY_LOG(debug, "Destructing DNS resolver"); deallocateMainSdRef(); } void AppleDnsResolverImpl::deallocateMainSdRef() { ENVOY_LOG(debug, "DNSServiceRefDeallocate main sd ref"); // dns_sd.h says: // If the reference's underlying socket is used in a run loop or select() call, it should // be removed BEFORE DNSServiceRefDeallocate() is called, as this function closes the // reference's socket. sd_ref_event_.reset(); DNSServiceRefDeallocate(main_sd_ref_); } void AppleDnsResolverImpl::initializeMainSdRef() { // This implementation uses a shared connection for three main reasons: // 1. Efficiency of concurrent resolutions by sharing the same underlying UDS to the DNS // server. // 2. An error on a connection to the DNS server is good indication that other connections, // even if not shared, would not succeed. So it is better to share one connection and // promptly cancel all outstanding queries, rather than individually wait for all // connections to error out. // 3. It follows the precedent set in dns_impl with the c-ares library, for consistency of // style, performance, and expectations between the two implementations. // However, using a shared connection brings some complexities detailed in the inline comments // for kDNSServiceFlagsShareConnection in dns_sd.h, and copied (and edited) in this implementation // where relevant. auto error = DNSServiceCreateConnection(&main_sd_ref_); RELEASE_ASSERT(!error, "error in DNSServiceCreateConnection"); auto fd = DNSServiceRefSockFD(main_sd_ref_); RELEASE_ASSERT(fd != -1, "error in DNSServiceRefSockFD"); ENVOY_LOG(debug, "DNS resolver has fd={}", fd); sd_ref_event_ = dispatcher_.createFileEvent( fd, // note: Event::FileTriggerType::Level is used here to closely resemble the c-ares // implementation in dns_impl.cc. [this](uint32_t events) { onEventCallback(events); }, Event::FileTriggerType::Level, Event::FileReadyType::Read); sd_ref_event_->setEnabled(Event::FileReadyType::Read); } void AppleDnsResolverImpl::onEventCallback(uint32_t events) { ENVOY_LOG(debug, "DNS resolver file event"); ASSERT(events & Event::FileReadyType::Read); DNSServiceProcessResult(main_sd_ref_); } ActiveDnsQuery* AppleDnsResolverImpl::resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) { ENVOY_LOG(debug, "DNS resolver resolve={}", dns_name); std::unique_ptr pending_resolution( new PendingResolution(*this, callback, dispatcher_, main_sd_ref_, dns_name)); DNSServiceErrorType error = pending_resolution->dnsServiceGetAddrInfo(dns_lookup_family); if (error != kDNSServiceErr_NoError) { ENVOY_LOG(warn, "DNS resolver error in dnsServiceGetAddrInfo for {}", dns_name); return nullptr; } // If the query was synchronously resolved, there is no need to return the query. if (pending_resolution->synchronously_completed_) { return nullptr; } pending_resolution->owned_ = true; return pending_resolution.release(); } void AppleDnsResolverImpl::addPendingQuery(PendingResolution* query) { ASSERT(queries_with_pending_cb_.count(query) == 0); queries_with_pending_cb_.insert(query); } void AppleDnsResolverImpl::removePendingQuery(PendingResolution* query) { auto erased = queries_with_pending_cb_.erase(query); ASSERT(erased == 1); } void AppleDnsResolverImpl::flushPendingQueries(const bool with_error) { ENVOY_LOG(debug, "DNS Resolver flushing {} queries", queries_with_pending_cb_.size()); for (std::set::iterator it = queries_with_pending_cb_.begin(); it != queries_with_pending_cb_.end(); ++it) { auto query = *it; try { ASSERT(query->pending_cb_); query->callback_(query->pending_cb_->status_, std::move(query->pending_cb_->responses_)); } catch (const std::exception& e) { ENVOY_LOG(warn, "std::exception in DNSService callback: {}", e.what()); throw EnvoyException(e.what()); } catch (...) { ENVOY_LOG(warn, "Unknown exception in DNSService callback"); throw EnvoyException("unknown"); } if (query->owned_) { ENVOY_LOG(debug, "Resolution for {} completed (async)", query->dns_name_); delete *it; } else { ENVOY_LOG(debug, "Resolution for {} completed (synchronously)", query->dns_name_); query->synchronously_completed_ = true; } } // Purge the contents so no one tries to delete them again. queries_with_pending_cb_.clear(); if (with_error) { // The main sd ref is destroyed here because a callback with an error is good indication that // the connection to the DNS server is faulty and needs to be torn down. // // Deallocation of the MainSdRef __has__ to happen __after__ flushing queries. Flushing queries // de-allocates individual refs, so deallocating the main ref ahead would cause deallocation of // invalid individual refs per dns_sd.h deallocateMainSdRef(); initializeMainSdRef(); } } AppleDnsResolverImpl::PendingResolution::~PendingResolution() { ENVOY_LOG(debug, "Destroying PendingResolution for {}", dns_name_); DNSServiceRefDeallocate(individual_sd_ref_); } void AppleDnsResolverImpl::PendingResolution::cancel() { ENVOY_LOG(debug, "Cancelling PendingResolution for {}", dns_name_); ASSERT(owned_); if (pending_cb_) { /* (taken and edited from dns_sd.h) * Canceling operations and kDNSServiceFlagsMoreComing * Whenever you cancel any operation for which you had deferred [resolution] * because of a kDNSServiceFlagsMoreComing flag, you should [flush]. This is because, after * cancelling the operation, you can no longer wait for a callback *without* MoreComing set, to * tell you [to flush] (the operation has been canceled, so there will be no more callbacks). * * [FURTHER] An implication of the collective * kDNSServiceFlagsMoreComing flag for shared connections is that this * guideline applies more broadly -- any time you cancel an operation on * a shared connection, you should perform all deferred updates for all * operations sharing that connection. This is because the MoreComing flag * might have been referring to events coming for the operation you canceled, * which will now not be coming because the operation has been canceled. */ // First, get rid of the current query, because if it is canceled, its callback should not be // executed during the subsequent flush. parent_.removePendingQuery(this); // Then, flush all other queries. parent_.flushPendingQueries(false /* with_error */); } // Because the query is self-owned, delete now. delete this; } void AppleDnsResolverImpl::PendingResolution::onDNSServiceGetAddrInfoReply( DNSServiceFlags flags, uint32_t interface_index, DNSServiceErrorType error_code, const char* hostname, const struct sockaddr* address, uint32_t ttl) { ENVOY_LOG(debug, "DNS for {} resolved with: flags={}[MoreComing={}, Add={}], interface_index={}, " "error_code={}, hostname={}", dns_name_, flags, flags & kDNSServiceFlagsMoreComing ? "yes" : "no", flags & kDNSServiceFlagsAdd ? "yes" : "no", interface_index, error_code, hostname); ASSERT(interface_index == 0); // Generic error handling. if (error_code != kDNSServiceErr_NoError) { // TODO(junr03): consider creating stats for known error types (timeout, refused connection, // etc.). Currently a bit challenging because there is no scope access wired through. Current // query gets a failure status if (!pending_cb_) { ENVOY_LOG(warn, "[Error path] Adding to queries pending callback"); pending_cb_ = {ResolutionStatus::Failure, {}}; parent_.addPendingQuery(this); } else { ENVOY_LOG(warn, "[Error path] Changing status for query already pending flush"); pending_cb_->status_ = ResolutionStatus::Failure; } ENVOY_LOG(warn, "[Error path] DNS Resolver flushing queries pending callback"); parent_.flushPendingQueries(true /* with_error */); // Note: Nothing can follow this call to flushPendingQueries due to deletion of this // object upon resolution. return; } // Only add this address to the list if kDNSServiceFlagsAdd is set. Callback targets are purely // additive. if (flags & kDNSServiceFlagsAdd) { auto dns_response = buildDnsResponse(address, ttl); ENVOY_LOG(debug, "Address to add address={}, ttl={}", dns_response.address_->ip()->addressAsString(), ttl); if (!pending_cb_) { ENVOY_LOG(debug, "Adding to queries pending callback"); pending_cb_ = {ResolutionStatus::Success, {dns_response}}; parent_.addPendingQuery(this); } else { ENVOY_LOG(debug, "New address for query already pending flush"); pending_cb_->responses_.push_back(dns_response); } } if (!(flags & kDNSServiceFlagsMoreComing)) { /* (taken and edited from dns_sd.h) * Collective kDNSServiceFlagsMoreComing flag: * When [DNSServiceGetAddrInfoReply] are invoked using a shared DNSServiceRef, the * kDNSServiceFlagsMoreComing flag applies collectively to *all* active * operations sharing the same [main_sd_ref]. If the MoreComing flag is * set it means that there are more results queued on this parent DNSServiceRef, * but not necessarily more results for this particular callback function. * The implication of this for client programmers is that when a callback * is invoked with the MoreComing flag set, the code should update its * internal data structures with the new result (as is done above when calling * parent_.addPendingQuery(this))...Then, later when a callback is eventually invoked with the * MoreComing flag not set, the code should update *all* [pending queries] related to that * shared parent DNSServiceRef that need updating (i.e that have had DNSServiceGetAddrInfoReply * called on them since the last flush), not just the [queries] related to the particular * callback that happened to be the last one to be invoked. */ ENVOY_LOG(debug, "DNS Resolver flushing queries pending callback"); parent_.flushPendingQueries(false /* with_error */); // Note: Nothing can follow this call to flushPendingQueries due to deletion of this // object upon resolution. return; } } DNSServiceErrorType AppleDnsResolverImpl::PendingResolution::dnsServiceGetAddrInfo(DnsLookupFamily dns_lookup_family) { DNSServiceProtocol protocol; switch (dns_lookup_family) { case DnsLookupFamily::V4Only: protocol = kDNSServiceProtocol_IPv4; break; case DnsLookupFamily::V6Only: protocol = kDNSServiceProtocol_IPv6; break; case DnsLookupFamily::Auto: protocol = kDNSServiceProtocol_IPv4 | kDNSServiceProtocol_IPv6; break; } // TODO: explore caching: there are caching flags in the dns_sd.h flags, allow expired answers // from the cache? // TODO: explore validation via DNSSEC? return DNSServiceGetAddrInfo( &individual_sd_ref_, kDNSServiceFlagsShareConnection | kDNSServiceFlagsTimeout, 0, protocol, dns_name_.c_str(), /* * About Thread Safety (taken from inline documentation there): * The dns_sd.h API does not presuppose any particular threading model, and consequently * does no locking internally (which would require linking with a specific threading library). * If the client concurrently, from multiple threads (or contexts), calls API routines using * the same DNSServiceRef, it is the client's responsibility to provide mutual exclusion for * that DNSServiceRef. */ // Therefore, much like the c-ares implementation All calls and callbacks to the API need to // happen on the thread that owns the creating dispatcher. This is the case as callbacks are // driven by processing bytes in onEventCallback which run on the passed in dispatcher's event // loop. [](DNSServiceRef, DNSServiceFlags flags, uint32_t interface_index, DNSServiceErrorType error_code, const char* hostname, const struct sockaddr* address, uint32_t ttl, void* context) { static_cast(context)->onDNSServiceGetAddrInfoReply( flags, interface_index, error_code, hostname, address, ttl); }, this); } DnsResponse AppleDnsResolverImpl::PendingResolution::buildDnsResponse(const struct sockaddr* address, uint32_t ttl) { switch (address->sa_family) { case AF_INET: sockaddr_in address_in; memset(&address_in, 0, sizeof(address_in)); address_in.sin_family = AF_INET; address_in.sin_port = 0; address_in.sin_addr = reinterpret_cast(address)->sin_addr; return {std::make_shared(&address_in), std::chrono::seconds(ttl)}; case AF_INET6: sockaddr_in6 address_in6; memset(&address_in6, 0, sizeof(address_in6)); address_in6.sin6_family = AF_INET6; address_in6.sin6_port = 0; address_in6.sin6_addr = reinterpret_cast(address)->sin6_addr; return {std::make_shared(address_in6), std::chrono::seconds(ttl)}; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/apple_dns_impl.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" #include "envoy/network/dns.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Network { /** * Implementation of DnsResolver that uses Apple dns_sd.h APIs. All calls and callbacks are assumed * to happen on the thread that owns the creating dispatcher. */ class AppleDnsResolverImpl : public DnsResolver, protected Logger::Loggable { public: AppleDnsResolverImpl(Event::Dispatcher& dispatcher); ~AppleDnsResolverImpl() override; // Network::DnsResolver ActiveDnsQuery* resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) override; private: struct PendingResolution : public ActiveDnsQuery { PendingResolution(AppleDnsResolverImpl& parent, ResolveCb callback, Event::Dispatcher& dispatcher, DNSServiceRef sd_ref, const std::string& dns_name) : parent_(parent), callback_(callback), dispatcher_(dispatcher), /* (taken and edited from dns_sd.h): * For efficiency, clients that perform many concurrent operations may want to use a * single Unix Domain Socket connection with the background daemon, instead of having a * separate connection for each independent operation. To use this mode, clients first * call DNSServiceCreateConnection(&SharedRef) to initialize the main DNSServiceRef. * For each subsequent operation that is to share that same connection, the client copies * the SharedRef, and then passes the address of that copy, setting the ShareConnection * flag to tell the library that this DNSServiceRef is not a typical uninitialized * DNSServiceRef; it's a copy of an existing DNSServiceRef whose connection information * should be reused. */ individual_sd_ref_(sd_ref), dns_name_(dns_name) {} ~PendingResolution(); // Network::ActiveDnsQuery void cancel() override; static DnsResponse buildDnsResponse(const struct sockaddr* address, uint32_t ttl); // Wrapper for the API call. DNSServiceErrorType dnsServiceGetAddrInfo(DnsLookupFamily dns_lookup_family); // Wrapper for the API callback. void onDNSServiceGetAddrInfoReply(DNSServiceFlags flags, uint32_t interface_index, DNSServiceErrorType error_code, const char* hostname, const struct sockaddr* address, uint32_t ttl); // Small wrapping struct to accumulate addresses from firings of the // onDNSServiceGetAddrInfoReply callback. struct FinalResponse { ResolutionStatus status_; std::list responses_; }; AppleDnsResolverImpl& parent_; // Caller supplied callback to invoke on query completion or error. const ResolveCb callback_; // Dispatcher to post any callback_ exceptions to. Event::Dispatcher& dispatcher_; DNSServiceRef individual_sd_ref_; const std::string dns_name_; bool synchronously_completed_{}; bool owned_{}; // DNSServiceGetAddrInfo fires one callback DNSServiceGetAddrInfoReply callback per IP address, // and informs via flags if more IP addresses are incoming. Therefore, these addresses need to // be accumulated before firing callback_. absl::optional pending_cb_{}; }; void initializeMainSdRef(); void deallocateMainSdRef(); void onEventCallback(uint32_t events); void addPendingQuery(PendingResolution* query); void removePendingQuery(PendingResolution* query); void flushPendingQueries(const bool with_error); Event::Dispatcher& dispatcher_; DNSServiceRef main_sd_ref_; Event::FileEventPtr sd_ref_event_; // When using a shared sd ref via DNSServiceCreateConnection, the DNSServiceGetAddrInfoReply // callback with the kDNSServiceFlagsMoreComing flag might refer to addresses for various // PendingResolutions. Therefore, the resolver needs to have a container of queries pending // calling their own callback_s until a DNSServiceGetAddrInfoReply is called with // kDNSServiceFlagsMoreComing not set or an error status is received in // DNSServiceGetAddrInfoReply. std::set queries_with_pending_cb_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/application_protocol.cc ================================================ #include "common/network/application_protocol.h" #include "common/common/macros.h" namespace Envoy { namespace Network { const std::string& ApplicationProtocols::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.network.application_protocols"); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/application_protocol.h ================================================ #pragma once #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace Network { /** * ALPN to set in the upstream connection. Filters can use this one to override the ALPN in TLS * context. */ class ApplicationProtocols : public StreamInfo::FilterState::Object { public: explicit ApplicationProtocols(const std::vector& application_protocols) : application_protocols_(application_protocols) {} const std::vector& value() const { return application_protocols_; } static const std::string& key(); private: const std::vector application_protocols_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/base_listener_impl.cc ================================================ #include "common/network/base_listener_impl.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/event/dispatcher_impl.h" #include "common/event/file_event_impl.h" #include "common/network/address_impl.h" #include "common/network/socket_impl.h" #include "event2/listener.h" namespace Envoy { namespace Network { BaseListenerImpl::BaseListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket) : local_address_(nullptr), dispatcher_(dispatcher), socket_(std::move(socket)) { const auto ip = socket_->localAddress()->ip(); // Only use the listen socket's local address for new connections if it is not the all hosts // address (e.g., 0.0.0.0 for IPv4). if (!(ip && ip->isAnyAddress())) { local_address_ = socket_->localAddress(); } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/base_listener_impl.h ================================================ #pragma once #include "envoy/network/listener.h" #include "common/event/dispatcher_impl.h" #include "common/network/listen_socket_impl.h" namespace Envoy { namespace Network { /** * Base libevent implementation of Network::Listener. */ class BaseListenerImpl : public virtual Listener { public: /** * @param socket the listening socket for this listener. It might be shared * with other listeners if all listeners use single listen socket. */ BaseListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket); protected: Address::InstanceConstSharedPtr local_address_; Event::DispatcherImpl& dispatcher_; const SocketSharedPtr socket_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/cidr_range.cc ================================================ #include "common/network/cidr_range.h" #include #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/address.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/network/utility.h" namespace Envoy { namespace Network { namespace Address { CidrRange::CidrRange() : length_(-1) {} CidrRange::CidrRange(InstanceConstSharedPtr address, int length) : address_(std::move(address)), length_(length) { // This is a private ctor, so only checking these asserts in debug builds. if (address_ == nullptr) { ASSERT(length_ == -1); } else { ASSERT(address_->type() == Type::Ip); ASSERT(length_ >= 0); } } CidrRange::CidrRange(const CidrRange& other) = default; CidrRange& CidrRange::operator=(const CidrRange& other) = default; bool CidrRange::operator==(const CidrRange& other) const { // Lengths must be the same, and must be valid (i.e. not -1). if (length_ != other.length_ || length_ == -1) { return false; } if (address_ == nullptr || other.address_ == nullptr) { return false; } if (address_->ip()->version() == IpVersion::v4) { return other.address_->ip()->version() == IpVersion::v4 && address_->ip()->ipv4()->address() == other.address_->ip()->ipv4()->address(); } else { return other.address_->ip()->version() == IpVersion::v6 && address_->ip()->ipv6()->address() == other.address_->ip()->ipv6()->address(); } } const Ip* CidrRange::ip() const { if (address_ != nullptr) { return address_->ip(); } return nullptr; } int CidrRange::length() const { return length_; } bool CidrRange::isInRange(const Instance& address) const { if (address_ == nullptr || !isValid() || address.type() != Type::Ip || address_->ip()->version() != address.ip()->version()) { return false; } // All addresses in range. if (length_ == 0) { return true; } switch (address.ip()->version()) { case IpVersion::v4: if (ntohl(address.ip()->ipv4()->address()) >> (32 - length_) == ntohl(address_->ip()->ipv4()->address()) >> (32 - length_)) { return true; } break; case IpVersion::v6: if ((Utility::Ip6ntohl(address_->ip()->ipv6()->address()) >> (128 - length_)) == (Utility::Ip6ntohl(address.ip()->ipv6()->address()) >> (128 - length_))) { return true; } break; } return false; } std::string CidrRange::asString() const { if (address_ == nullptr) { return "/-1"; } else { return fmt::format("{}/{}", address_->ip()->addressAsString(), length_); } } // static CidrRange CidrRange::create(InstanceConstSharedPtr address, int length) { InstanceConstSharedPtr ptr = truncateIpAddressAndLength(std::move(address), &length); return CidrRange(std::move(ptr), length); } // static CidrRange CidrRange::create(const std::string& address, int length) { return create(Utility::parseInternetAddress(address), length); } CidrRange CidrRange::create(const envoy::config::core::v3::CidrRange& cidr) { return create(Utility::parseInternetAddress(cidr.address_prefix()), cidr.prefix_len().value()); } // static CidrRange CidrRange::create(const std::string& range) { const auto parts = StringUtil::splitToken(range, "/"); if (parts.size() == 2) { InstanceConstSharedPtr ptr = Utility::parseInternetAddress(std::string{parts[0]}); if (ptr->type() == Type::Ip) { uint64_t length64; if (absl::SimpleAtoi(parts[1], &length64)) { if ((ptr->ip()->version() == IpVersion::v6 && length64 <= 128) || (ptr->ip()->version() == IpVersion::v4 && length64 <= 32)) { return create(std::move(ptr), static_cast(length64)); } } } } return CidrRange(nullptr, -1); } // static InstanceConstSharedPtr CidrRange::truncateIpAddressAndLength(InstanceConstSharedPtr address, int* length_io) { int length = *length_io; if (address == nullptr || length < 0 || address->type() != Type::Ip) { *length_io = -1; return nullptr; } switch (address->ip()->version()) { case IpVersion::v4: { if (length >= 32) { // We're using all of the bits, so don't need to create a new address instance. *length_io = 32; return address; } else if (length == 0) { // Create an Ipv4Instance with only a port, which will thus have the any address. return std::make_shared(uint32_t(0)); } // Need to mask out the unused bits, and create an Ipv4Instance with this address. uint32_t ip4 = ntohl(address->ip()->ipv4()->address()); ip4 &= ~0U << (32 - length); sockaddr_in sa4; sa4.sin_family = AF_INET; sa4.sin_port = htons(0); sa4.sin_addr.s_addr = htonl(ip4); return std::make_shared(&sa4); } case IpVersion::v6: { if (length >= 128) { // We're using all of the bits, so don't need to create a new address instance. *length_io = 128; return address; } else if (length == 0) { // Create an Ipv6Instance with only a port, which will thus have the any address. return std::make_shared(uint32_t(0)); } sockaddr_in6 sa6; sa6.sin6_family = AF_INET6; sa6.sin6_port = htons(0); // The maximum number stored in absl::uint128 has every bit set to 1. absl::uint128 mask = absl::Uint128Max(); // Shifting the value to the left sets all bits between 128-length and 128 to zero. mask <<= (128 - length); // This will mask out the unused bits of the address. absl::uint128 ip6 = Utility::Ip6ntohl(address->ip()->ipv6()->address()) & mask; absl::uint128 ip6_htonl = Utility::Ip6htonl(ip6); static_assert(sizeof(absl::uint128) == 16, "The size of asbl::uint128 is not 16."); memcpy(&sa6.sin6_addr.s6_addr, &ip6_htonl, sizeof(absl::uint128)); return std::make_shared(sa6); } } NOT_REACHED_GCOVR_EXCL_LINE; } IpList::IpList(const Protobuf::RepeatedPtrField& cidrs) { for (const envoy::config::core::v3::CidrRange& entry : cidrs) { CidrRange list_entry = CidrRange::create(entry); if (list_entry.isValid()) { ip_list_.push_back(list_entry); } else { throw EnvoyException( fmt::format("invalid ip/mask combo '{}/{}' (format is /<# mask bits>)", entry.address_prefix(), entry.prefix_len().value())); } } } bool IpList::contains(const Instance& address) const { for (const CidrRange& entry : ip_list_) { if (entry.isInRange(address)) { return true; } } return false; } } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/cidr_range.h ================================================ #pragma once #include #include #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/address.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Network { namespace Address { /** * A "Classless Inter-Domain Routing" range of internet addresses, aka a CIDR range, consisting * of an Ip address and a count of leading bits included in the mask. Other than those leading * bits, all of the other bits of the Ip address are zero. For more info, see RFC1519 or * https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing. */ class CidrRange { public: /** * Constructs an uninitialized range: length == -1, and there is no associated address. */ CidrRange(); /** * Copies an existing CidrRange. */ CidrRange(const CidrRange& other); /** * Overwrites this with other. */ CidrRange& operator=(const CidrRange& other); /** * @return true if the ranges are identical. */ bool operator==(const CidrRange& other) const; /** * @return Ip address data IFF length >= 0, otherwise nullptr. */ const Ip* ip() const; /** * TODO(jamessynge) Consider making this absl::optional length, or modifying the create() * methods below to return absl::optional (the latter is probably better). * @return the number of bits of the address that are included in the mask. -1 if uninitialized * or invalid, else in the range 0 to 32 for IPv4, and 0 to 128 for IPv6. */ int length() const; /** * @return true if the address argument is in the range of this object, false if not, including if the range is uninitialized or if the argument is not of the same IpVersion. */ bool isInRange(const Instance& address) const; /** * @return a human readable string for the range. This string will be in the following format: * - For IPv4 ranges: "1.2.3.4/32" or "10.240.0.0/16" * - For IPv6 ranges: "1234:5678::f/128" or "1234:5678::/64" */ std::string asString() const; /** * @return true if this instance is valid; address != nullptr && length is appropriate for the * IP version (these are checked during construction, and reduced down to a check of * the length). */ bool isValid() const { return length_ >= 0; } /** * TODO(ccaraman): Update CidrRange::create to support only constructing valid ranges. * @return a CidrRange instance with the specified address and length, modified so that the only * bits that might be non-zero are in the high-order length bits, and so that length is * in the appropriate range (0 to 32 for IPv4, 0 to 128 for IPv6). If the address or * length is invalid, then the range will be invalid (i.e. length == -1). */ static CidrRange create(InstanceConstSharedPtr address, int length); static CidrRange create(const std::string& address, int length); /** * Constructs an CidrRange from a string with this format (same as returned * by CidrRange::asString above): *
    / e.g. "10.240.0.0/16" or "1234:5678::/64" * TODO(ccaraman): Update CidrRange::create to support only constructing valid ranges. * @return a CidrRange instance with the specified address and length if parsed successfully, * else with no address and a length of -1. */ static CidrRange create(const std::string& range); /** * Constructs a CidrRange from envoy::config::core::v3::CidrRange. * TODO(ccaraman): Update CidrRange::create to support only constructing valid ranges. */ static CidrRange create(const envoy::config::core::v3::CidrRange& cidr); /** * Given an IP address and a length of high order bits to keep, returns an address * where those high order bits are unmodified, and the remaining bits are all zero. * length_io is reduced to be at most 32 for IPv4 address and at most 128 for IPv6 * addresses. If the address is invalid or the length is less than zero, then *length_io * is set to -1 and nullptr is returned. * @return a pointer to an address where the high order *length_io bits are unmodified * from address, and *length_io is in the range 0 to N, where N is the number of bits * in an address of the IP version (i.e. address->ip()->version()). */ static InstanceConstSharedPtr truncateIpAddressAndLength(InstanceConstSharedPtr address, int* length_io); private: CidrRange(InstanceConstSharedPtr address, int length); InstanceConstSharedPtr address_; int length_; }; /** * Class for keeping a list of CidrRanges, and then determining whether an * IP address is in the CidrRange list. */ class IpList { public: explicit IpList(const Protobuf::RepeatedPtrField& cidrs); IpList() = default; bool contains(const Instance& address) const; bool empty() const { return ip_list_.empty(); } private: std::vector ip_list_; }; } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_balancer_impl.cc ================================================ #include "common/network/connection_balancer_impl.h" namespace Envoy { namespace Network { void ExactConnectionBalancerImpl::registerHandler(BalancedConnectionHandler& handler) { absl::MutexLock lock(&lock_); handlers_.push_back(&handler); } void ExactConnectionBalancerImpl::unregisterHandler(BalancedConnectionHandler& handler) { absl::MutexLock lock(&lock_); // This could be made more efficient in various ways, but the number of listeners is generally // small and this is a rare operation so we can start with this and optimize later if this // becomes a perf bottleneck. handlers_.erase(std::find(handlers_.begin(), handlers_.end(), &handler)); } BalancedConnectionHandler& ExactConnectionBalancerImpl::pickTargetHandler(BalancedConnectionHandler&) { BalancedConnectionHandler* min_connection_handler = nullptr; { absl::MutexLock lock(&lock_); for (BalancedConnectionHandler* handler : handlers_) { if (min_connection_handler == nullptr || handler->numConnections() < min_connection_handler->numConnections()) { min_connection_handler = handler; } } min_connection_handler->incNumConnections(); } return *min_connection_handler; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_balancer_impl.h ================================================ #pragma once #include "envoy/network/connection_balancer.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Network { /** * Implementation of connection balancer that does exact balancing. This means that a lock is held * during balancing so that connection counts are nearly exactly balanced between handlers. This * is "nearly" exact in the sense that a connection might close in parallel thus making the counts * incorrect, but this should be rectified on the next accept. This balancer sacrifices accept * throughput for accuracy and should be used when there are a small number of connections that * rarely cycle (e.g., service mesh gRPC egress). */ class ExactConnectionBalancerImpl : public ConnectionBalancer { public: // ConnectionBalancer void registerHandler(BalancedConnectionHandler& handler) override; void unregisterHandler(BalancedConnectionHandler& handler) override; BalancedConnectionHandler& pickTargetHandler(BalancedConnectionHandler& current_handler) override; private: absl::Mutex lock_; std::vector handlers_ ABSL_GUARDED_BY(lock_); }; /** * A NOP connection balancer implementation that always continues execution after incrementing * the handler's connection count. */ class NopConnectionBalancerImpl : public ConnectionBalancer { public: // ConnectionBalancer void registerHandler(BalancedConnectionHandler&) override {} void unregisterHandler(BalancedConnectionHandler&) override {} BalancedConnectionHandler& pickTargetHandler(BalancedConnectionHandler& current_handler) override { // In the NOP case just increment the connection count and return the current handler. current_handler.incNumConnections(); return current_handler; } }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_impl.cc ================================================ #include "common/network/connection_impl.h" #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/event/timer.h" #include "envoy/network/filter.h" #include "envoy/network/socket.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/network/address_impl.h" #include "common/network/listen_socket_impl.h" #include "common/network/raw_buffer_socket.h" #include "common/network/utility.h" namespace Envoy { namespace Network { void ConnectionImplUtility::updateBufferStats(uint64_t delta, uint64_t new_total, uint64_t& previous_total, Stats::Counter& stat_total, Stats::Gauge& stat_current) { if (delta) { stat_total.add(delta); } if (new_total != previous_total) { if (new_total > previous_total) { stat_current.add(new_total - previous_total); } else { stat_current.sub(previous_total - new_total); } previous_total = new_total; } } std::atomic ConnectionImpl::next_global_id_; ConnectionImpl::ConnectionImpl(Event::Dispatcher& dispatcher, ConnectionSocketPtr&& socket, TransportSocketPtr&& transport_socket, StreamInfo::StreamInfo& stream_info, bool connected) : ConnectionImplBase(dispatcher, next_global_id_++), transport_socket_(std::move(transport_socket)), socket_(std::move(socket)), stream_info_(stream_info), filter_manager_(*this), read_buffer_([this]() -> void { this->onReadBufferLowWatermark(); }, [this]() -> void { this->onReadBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }), write_buffer_(dispatcher.getWatermarkFactory().create( [this]() -> void { this->onWriteBufferLowWatermark(); }, [this]() -> void { this->onWriteBufferHighWatermark(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ })), write_buffer_above_high_watermark_(false), detect_early_close_(true), enable_half_close_(false), read_end_stream_raised_(false), read_end_stream_(false), write_end_stream_(false), current_write_end_stream_(false), dispatch_buffered_data_(false) { if (!connected) { connecting_ = true; } Event::FileTriggerType trigger = Event::PlatformDefaultTriggerType; // We never ask for both early close and read at the same time. If we are reading, we want to // consume all available data. file_event_ = socket_->ioHandle().createFileEvent( dispatcher_, [this](uint32_t events) -> void { onFileEvent(events); }, trigger, Event::FileReadyType::Read | Event::FileReadyType::Write); transport_socket_->setTransportSocketCallbacks(*this); } ConnectionImpl::~ConnectionImpl() { ASSERT(!ioHandle().isOpen() && delayed_close_timer_ == nullptr, "ConnectionImpl was unexpectedly torn down without being closed."); // In general we assume that owning code has called close() previously to the destructor being // run. This generally must be done so that callbacks run in the correct context (vs. deferred // deletion). Hence the assert above. However, call close() here just to be completely sure that // the fd is closed and make it more likely that we crash from a bad close callback. close(ConnectionCloseType::NoFlush); } void ConnectionImpl::addWriteFilter(WriteFilterSharedPtr filter) { filter_manager_.addWriteFilter(filter); } void ConnectionImpl::addFilter(FilterSharedPtr filter) { filter_manager_.addFilter(filter); } void ConnectionImpl::addReadFilter(ReadFilterSharedPtr filter) { filter_manager_.addReadFilter(filter); } bool ConnectionImpl::initializeReadFilters() { return filter_manager_.initializeReadFilters(); } void ConnectionImpl::close(ConnectionCloseType type) { if (!ioHandle().isOpen()) { return; } uint64_t data_to_write = write_buffer_->length(); ENVOY_CONN_LOG(debug, "closing data_to_write={} type={}", *this, data_to_write, enumToInt(type)); const bool delayed_close_timeout_set = delayed_close_timeout_.count() > 0; if (data_to_write == 0 || type == ConnectionCloseType::NoFlush || !transport_socket_->canFlushClose()) { if (data_to_write > 0) { // We aren't going to wait to flush, but try to write as much as we can if there is pending // data. transport_socket_->doWrite(*write_buffer_, true); } if (type == ConnectionCloseType::FlushWriteAndDelay && delayed_close_timeout_set) { // The socket is being closed and either there is no more data to write or the data can not be // flushed (!transport_socket_->canFlushClose()). Since a delayed close has been requested, // start the delayed close timer if it hasn't been done already by a previous close(). // NOTE: Even though the delayed_close_state_ is being set to CloseAfterFlushAndWait, since // a write event is not being registered for the socket, this logic is simply setting the // timer and waiting for it to trigger to close the socket. if (!inDelayedClose()) { initializeDelayedCloseTimer(); delayed_close_state_ = DelayedCloseState::CloseAfterFlushAndWait; // Monitor for the peer closing the connection. file_event_->setEnabled(enable_half_close_ ? 0 : Event::FileReadyType::Closed); } } else { closeConnectionImmediately(); } } else { ASSERT(type == ConnectionCloseType::FlushWrite || type == ConnectionCloseType::FlushWriteAndDelay); // If there is a pending delayed close, simply update the delayed close state. // // An example of this condition manifests when a downstream connection is closed early by Envoy, // such as when a route can't be matched: // In ConnectionManagerImpl::onData() // 1) Via codec_->dispatch(), a local reply with a 404 is sent to the client // a) ConnectionManagerImpl::doEndStream() issues the first connection close() via // ConnectionManagerImpl::checkForDeferredClose() // 2) A second close is issued by a subsequent call to // ConnectionManagerImpl::checkForDeferredClose() prior to returning from onData() if (inDelayedClose()) { // Validate that a delayed close timer is already enabled unless it was disabled via // configuration. ASSERT(!delayed_close_timeout_set || delayed_close_timer_ != nullptr); if (type == ConnectionCloseType::FlushWrite || !delayed_close_timeout_set) { delayed_close_state_ = DelayedCloseState::CloseAfterFlush; } else { delayed_close_state_ = DelayedCloseState::CloseAfterFlushAndWait; } return; } // NOTE: At this point, it's already been validated that the connection is not already in // delayed close processing and therefore the timer has not yet been created. if (delayed_close_timeout_set) { initializeDelayedCloseTimer(); delayed_close_state_ = (type == ConnectionCloseType::FlushWrite) ? DelayedCloseState::CloseAfterFlush : DelayedCloseState::CloseAfterFlushAndWait; } else { delayed_close_state_ = DelayedCloseState::CloseAfterFlush; } file_event_->setEnabled(Event::FileReadyType::Write | (enable_half_close_ ? 0 : Event::FileReadyType::Closed)); } } Connection::State ConnectionImpl::state() const { if (!ioHandle().isOpen()) { return State::Closed; } else if (inDelayedClose()) { return State::Closing; } else { return State::Open; } } void ConnectionImpl::closeConnectionImmediately() { closeSocket(ConnectionEvent::LocalClose); } bool ConnectionImpl::consumerWantsToRead() { return read_disable_count_ == 0 || (read_disable_count_ == 1 && read_buffer_.highWatermarkTriggered()); } void ConnectionImpl::closeSocket(ConnectionEvent close_type) { if (!ConnectionImpl::ioHandle().isOpen()) { return; } // No need for a delayed close (if pending) now that the socket is being closed. if (delayed_close_timer_) { delayed_close_timer_->disableTimer(); delayed_close_timer_ = nullptr; } ENVOY_CONN_LOG(debug, "closing socket: {}", *this, static_cast(close_type)); transport_socket_->closeSocket(close_type); // Drain input and output buffers. updateReadBufferStats(0, 0); updateWriteBufferStats(0, 0); // As the socket closes, drain any remaining data. // The data won't be written out at this point, and where there are reference // counted buffer fragments, it helps avoid lifetime issues with the // connection outlasting the subscriber. write_buffer_->drain(write_buffer_->length()); connection_stats_.reset(); file_event_.reset(); socket_->close(); // Call the base class directly as close() is called in the destructor. ConnectionImpl::raiseEvent(close_type); } void ConnectionImpl::noDelay(bool enable) { // There are cases where a connection to localhost can immediately fail (e.g., if the other end // does not have enough fds, reaches a backlog limit, etc.). Because we run with deferred error // events, the calling code may not yet know that the connection has failed. This is one call // where we go outside of libevent and hit the fd directly and this case can fail if the fd is // invalid. For this call instead of plumbing through logic that will immediately indicate that a // connect failed, we will just ignore the noDelay() call if the socket is invalid since error is // going to be raised shortly anyway and it makes the calling code simpler. if (!ioHandle().isOpen()) { return; } // Don't set NODELAY for unix domain sockets if (socket_->addressType() == Address::Type::Pipe) { return; } // Set NODELAY int new_value = enable; Api::SysCallIntResult result = socket_->setSocketOption(IPPROTO_TCP, TCP_NODELAY, &new_value, sizeof(new_value)); #if defined(__APPLE__) if (SOCKET_FAILURE(result.rc_) && result.errno_ == SOCKET_ERROR_INVAL) { // Sometimes occurs when the connection is not yet fully formed. Empirically, TCP_NODELAY is // enabled despite this result. return; } #elif defined(WIN32) if (SOCKET_FAILURE(result.rc_) && (result.errno_ == SOCKET_ERROR_AGAIN || result.errno_ == SOCKET_ERROR_INVAL)) { // Sometimes occurs when the connection is not yet fully formed. Empirically, TCP_NODELAY is // enabled despite this result. return; } #endif RELEASE_ASSERT(result.rc_ == 0, fmt::format("Failed to set TCP_NODELAY with error {}, {}", result.errno_, errorDetails(result.errno_))); } void ConnectionImpl::onRead(uint64_t read_buffer_size) { if (inDelayedClose() || !consumerWantsToRead()) { return; } ASSERT(ioHandle().isOpen()); if (read_buffer_size == 0 && !read_end_stream_) { return; } if (read_end_stream_) { // read() on a raw socket will repeatedly return 0 (EOF) once EOF has // occurred, so filter out the repeats so that filters don't have // to handle repeats. // // I don't know of any cases where this actually happens (we should stop // reading the socket after EOF), but this check guards against any bugs // in ConnectionImpl or strangeness in the OS events (epoll, kqueue, etc) // and maintains the guarantee for filters. if (read_end_stream_raised_) { // No further data can be delivered after end_stream ASSERT(read_buffer_size == 0); return; } read_end_stream_raised_ = true; } filter_manager_.onRead(); } void ConnectionImpl::enableHalfClose(bool enabled) { // This code doesn't correctly ensure that EV_CLOSE isn't set if reading is disabled // when enabling half-close. This could be fixed, but isn't needed right now, so just // ASSERT that it doesn't happen. ASSERT(!enabled || read_disable_count_ == 0); enable_half_close_ = enabled; } void ConnectionImpl::readDisable(bool disable) { // Calls to readEnabled on a closed socket are considered to be an error. ASSERT(state() == State::Open); ASSERT(file_event_ != nullptr); ENVOY_CONN_LOG(trace, "readDisable: disable={} disable_count={} state={} buffer_length={}", *this, disable, read_disable_count_, static_cast(state()), read_buffer_.length()); // When we disable reads, we still allow for early close notifications (the equivalent of // EPOLLRDHUP for an epoll backend). For backends that support it, this allows us to apply // back pressure at the kernel layer, but still get timely notification of a FIN. Note that // we are not guaranteed to get notified, so even if the remote has closed, we may not know // until we try to write. Further note that currently we optionally don't correctly handle half // closed TCP connections in the sense that we assume that a remote FIN means the remote intends a // full close. if (disable) { ++read_disable_count_; if (state() != State::Open || file_event_ == nullptr) { // If readDisable is called on a closed connection, do not crash. return; } if (read_disable_count_ > 1) { // The socket has already been read disabled. return; } // If half-close semantics are enabled, we never want early close notifications; we // always want to read all available data, even if the other side has closed. if (detect_early_close_ && !enable_half_close_) { file_event_->setEnabled(Event::FileReadyType::Write | Event::FileReadyType::Closed); } else { file_event_->setEnabled(Event::FileReadyType::Write); } } else { ASSERT(read_disable_count_ != 0); --read_disable_count_; if (state() != State::Open || file_event_ == nullptr) { // If readDisable is called on a closed connection, do not crash. return; } if (read_disable_count_ == 0) { // We never ask for both early close and read at the same time. If we are reading, we want to // consume all available data. file_event_->setEnabled(Event::FileReadyType::Read | Event::FileReadyType::Write); } if (consumerWantsToRead() && read_buffer_.length() > 0) { // If the connection has data buffered there's no guarantee there's also data in the kernel // which will kick off the filter chain. Alternately if the read buffer has data the fd could // be read disabled. To handle these cases, fake an event to make sure the buffered data gets // processed regardless and ensure that we dispatch it via onRead. dispatch_buffered_data_ = true; setReadBufferReady(); } } } void ConnectionImpl::raiseEvent(ConnectionEvent event) { ConnectionImplBase::raiseConnectionEvent(event); // We may have pending data in the write buffer on transport handshake // completion, which may also have completed in the context of onReadReady(), // where no check of the write buffer is made. Provide an opportunity to flush // here. If connection write is not ready, this is harmless. We should only do // this if we're still open (the above callbacks may have closed). if (event == ConnectionEvent::Connected) { flushWriteBuffer(); } } bool ConnectionImpl::readEnabled() const { // Calls to readEnabled on a closed socket are considered to be an error. ASSERT(state() == State::Open); ASSERT(file_event_ != nullptr); return read_disable_count_ == 0; } void ConnectionImpl::addBytesSentCallback(BytesSentCb cb) { bytes_sent_callbacks_.emplace_back(cb); } void ConnectionImpl::rawWrite(Buffer::Instance& data, bool end_stream) { write(data, end_stream, false); } void ConnectionImpl::write(Buffer::Instance& data, bool end_stream) { write(data, end_stream, true); } void ConnectionImpl::write(Buffer::Instance& data, bool end_stream, bool through_filter_chain) { ASSERT(!end_stream || enable_half_close_); if (write_end_stream_) { // It is an API violation to write more data after writing end_stream, but a duplicate // end_stream with no data is harmless. This catches misuse of the API that could result in data // being lost. ASSERT(data.length() == 0 && end_stream); return; } if (through_filter_chain) { // NOTE: This is kind of a hack, but currently we don't support restart/continue on the write // path, so we just pass around the buffer passed to us in this function. If we ever // support buffer/restart/continue on the write path this needs to get more complicated. current_write_buffer_ = &data; current_write_end_stream_ = end_stream; FilterStatus status = filter_manager_.onWrite(); current_write_buffer_ = nullptr; if (FilterStatus::StopIteration == status) { return; } } write_end_stream_ = end_stream; if (data.length() > 0 || end_stream) { ENVOY_CONN_LOG(trace, "writing {} bytes, end_stream {}", *this, data.length(), end_stream); // TODO(mattklein123): All data currently gets moved from the source buffer to the write buffer. // This can lead to inefficient behavior if writing a bunch of small chunks. In this case, it // would likely be more efficient to copy data below a certain size. VERY IMPORTANT: If this is // ever changed, read the comment in SslSocket::doWrite() VERY carefully. That code assumes that // we never change existing write_buffer_ chain elements between calls to SSL_write(). That code // might need to change if we ever copy here. write_buffer_->move(data); // Activating a write event before the socket is connected has the side-effect of tricking // doWriteReady into thinking the socket is connected. On macOS, the underlying write may fail // with a connection error if a call to write(2) occurs before the connection is completed. if (!connecting_) { ASSERT(file_event_ != nullptr, "ConnectionImpl file event was unexpectedly reset"); file_event_->activate(Event::FileReadyType::Write); } } } void ConnectionImpl::setBufferLimits(uint32_t limit) { read_buffer_limit_ = limit; // Due to the fact that writes to the connection and flushing data from the connection are done // asynchronously, we have the option of either setting the watermarks aggressively, and regularly // enabling/disabling reads from the socket, or allowing more data, but then not triggering // based on watermarks until 2x the data is buffered in the common case. Given these are all soft // limits we err on the side of buffering more triggering watermark callbacks less often. // // Given the current implementation for straight up TCP proxying, the common case is reading // |limit| bytes through the socket, passing |limit| bytes to the connection (triggering the high // watermarks) and the immediately draining |limit| bytes to the socket (triggering the low // watermarks). We avoid this by setting the high watermark to limit + 1 so a single read will // not trigger watermarks if the socket is not blocked. // // If the connection class is changed to write to the buffer and flush to the socket in the same // stack then instead of checking watermarks after the write and again after the flush it can // check once after both operations complete. At that point it would be better to change the high // watermark from |limit + 1| to |limit| as the common case (move |limit| bytes, flush |limit| // bytes) would not trigger watermarks but a blocked socket (move |limit| bytes, flush 0 bytes) // would result in respecting the exact buffer limit. if (limit > 0) { static_cast(write_buffer_.get())->setWatermarks(limit + 1); read_buffer_.setWatermarks(limit + 1); } } void ConnectionImpl::onReadBufferLowWatermark() { ENVOY_CONN_LOG(debug, "onBelowReadBufferLowWatermark", *this); if (state() == State::Open) { readDisable(false); } } void ConnectionImpl::onReadBufferHighWatermark() { ENVOY_CONN_LOG(debug, "onAboveReadBufferHighWatermark", *this); if (state() == State::Open) { readDisable(true); } } void ConnectionImpl::onWriteBufferLowWatermark() { ENVOY_CONN_LOG(debug, "onBelowWriteBufferLowWatermark", *this); ASSERT(write_buffer_above_high_watermark_); write_buffer_above_high_watermark_ = false; for (ConnectionCallbacks* callback : callbacks_) { callback->onBelowWriteBufferLowWatermark(); } } void ConnectionImpl::onWriteBufferHighWatermark() { ENVOY_CONN_LOG(debug, "onAboveWriteBufferHighWatermark", *this); ASSERT(!write_buffer_above_high_watermark_); write_buffer_above_high_watermark_ = true; for (ConnectionCallbacks* callback : callbacks_) { callback->onAboveWriteBufferHighWatermark(); } } void ConnectionImpl::onFileEvent(uint32_t events) { ENVOY_CONN_LOG(trace, "socket event: {}", *this, events); if (immediate_error_event_ != ConnectionEvent::Connected) { if (bind_error_) { ENVOY_CONN_LOG(debug, "raising bind error", *this); // Update stats here, rather than on bind failure, to give the caller a chance to // setConnectionStats. if (connection_stats_ && connection_stats_->bind_errors_) { connection_stats_->bind_errors_->inc(); } } else { ENVOY_CONN_LOG(debug, "raising immediate error", *this); } closeSocket(immediate_error_event_); return; } if (events & Event::FileReadyType::Closed) { // We never ask for both early close and read at the same time. If we are reading, we want to // consume all available data. ASSERT(!(events & Event::FileReadyType::Read)); ENVOY_CONN_LOG(debug, "remote early close", *this); closeSocket(ConnectionEvent::RemoteClose); return; } if (events & Event::FileReadyType::Write) { onWriteReady(); } // It's possible for a write event callback to close the socket (which will cause fd_ to be -1). // In this case ignore write event processing. if (ioHandle().isOpen() && (events & Event::FileReadyType::Read)) { onReadReady(); } } void ConnectionImpl::onReadReady() { ENVOY_CONN_LOG(trace, "read ready. dispatch_buffered_data={}", *this, dispatch_buffered_data_); const bool latched_dispatch_buffered_data = dispatch_buffered_data_; dispatch_buffered_data_ = false; ASSERT(!connecting_); // We get here while read disabled in two ways. // 1) There was a call to setReadBufferReady(), for example if a raw buffer socket ceded due to // shouldDrainReadBuffer(). In this case we defer the event until the socket is read enabled. // 2) The consumer of connection data called readDisable(true), and instead of reading from the // socket we simply need to dispatch already read data. if (read_disable_count_ != 0) { if (latched_dispatch_buffered_data && consumerWantsToRead()) { onRead(read_buffer_.length()); } return; } IoResult result = transport_socket_->doRead(read_buffer_); uint64_t new_buffer_size = read_buffer_.length(); updateReadBufferStats(result.bytes_processed_, new_buffer_size); // If this connection doesn't have half-close semantics, translate end_stream into // a connection close. if ((!enable_half_close_ && result.end_stream_read_)) { result.end_stream_read_ = false; result.action_ = PostIoAction::Close; } read_end_stream_ |= result.end_stream_read_; if (result.bytes_processed_ != 0 || result.end_stream_read_ || (latched_dispatch_buffered_data && read_buffer_.length() > 0)) { // Skip onRead if no bytes were processed unless we explicitly want to force onRead for // buffered data. For instance, skip onRead if the connection was closed without producing // more data. onRead(new_buffer_size); } // The read callback may have already closed the connection. if (result.action_ == PostIoAction::Close || bothSidesHalfClosed()) { ENVOY_CONN_LOG(debug, "remote close", *this); closeSocket(ConnectionEvent::RemoteClose); } } absl::optional ConnectionImpl::unixSocketPeerCredentials() const { // TODO(snowp): Support non-linux platforms. #ifndef SO_PEERCRED return absl::nullopt; #else struct ucred ucred; socklen_t ucred_size = sizeof(ucred); int rc = socket_->getSocketOption(SOL_SOCKET, SO_PEERCRED, &ucred, &ucred_size).rc_; if (SOCKET_FAILURE(rc)) { return absl::nullopt; } return {{ucred.pid, ucred.uid, ucred.gid}}; #endif } void ConnectionImpl::onWriteReady() { ENVOY_CONN_LOG(trace, "write ready", *this); if (connecting_) { int error; socklen_t error_size = sizeof(error); RELEASE_ASSERT(socket_->getSocketOption(SOL_SOCKET, SO_ERROR, &error, &error_size).rc_ == 0, ""); if (error == 0) { ENVOY_CONN_LOG(debug, "connected", *this); connecting_ = false; transport_socket_->onConnected(); // It's possible that we closed during the connect callback. if (state() != State::Open) { ENVOY_CONN_LOG(debug, "close during connected callback", *this); return; } } else { ENVOY_CONN_LOG(debug, "delayed connection error: {}", *this, error); closeSocket(ConnectionEvent::RemoteClose); return; } } IoResult result = transport_socket_->doWrite(*write_buffer_, write_end_stream_); ASSERT(!result.end_stream_read_); // The interface guarantees that only read operations set this. uint64_t new_buffer_size = write_buffer_->length(); updateWriteBufferStats(result.bytes_processed_, new_buffer_size); // NOTE: If the delayed_close_timer_ is set, it must only trigger after a delayed_close_timeout_ // period of inactivity from the last write event. Therefore, the timer must be reset to its // original timeout value unless the socket is going to be closed as a result of the doWrite(). if (result.action_ == PostIoAction::Close) { // It is possible (though unlikely) for the connection to have already been closed during the // write callback. This can happen if we manage to complete the SSL handshake in the write // callback, raise a connected event, and close the connection. closeSocket(ConnectionEvent::RemoteClose); } else if ((inDelayedClose() && new_buffer_size == 0) || bothSidesHalfClosed()) { ENVOY_CONN_LOG(debug, "write flush complete", *this); if (delayed_close_state_ == DelayedCloseState::CloseAfterFlushAndWait) { ASSERT(delayed_close_timer_ != nullptr && delayed_close_timer_->enabled()); if (result.bytes_processed_ > 0) { delayed_close_timer_->enableTimer(delayed_close_timeout_); } } else { ASSERT(bothSidesHalfClosed() || delayed_close_state_ == DelayedCloseState::CloseAfterFlush); closeConnectionImmediately(); } } else { ASSERT(result.action_ == PostIoAction::KeepOpen); ASSERT(!delayed_close_timer_ || delayed_close_timer_->enabled()); if (delayed_close_timer_ != nullptr && result.bytes_processed_ > 0) { delayed_close_timer_->enableTimer(delayed_close_timeout_); } if (result.bytes_processed_ > 0) { for (BytesSentCb& cb : bytes_sent_callbacks_) { cb(result.bytes_processed_); // If a callback closes the socket, stop iterating. if (!ioHandle().isOpen()) { return; } } } } } void ConnectionImpl::updateReadBufferStats(uint64_t num_read, uint64_t new_size) { if (!connection_stats_) { return; } ConnectionImplUtility::updateBufferStats(num_read, new_size, last_read_buffer_size_, connection_stats_->read_total_, connection_stats_->read_current_); } void ConnectionImpl::updateWriteBufferStats(uint64_t num_written, uint64_t new_size) { if (!connection_stats_) { return; } ConnectionImplUtility::updateBufferStats(num_written, new_size, last_write_buffer_size_, connection_stats_->write_total_, connection_stats_->write_current_); } bool ConnectionImpl::bothSidesHalfClosed() { // If the write_buffer_ is not empty, then the end_stream has not been sent to the transport yet. return read_end_stream_ && write_end_stream_ && write_buffer_->length() == 0; } absl::string_view ConnectionImpl::transportFailureReason() const { return transport_socket_->failureReason(); } absl::optional ConnectionImpl::lastRoundTripTime() const { return socket_->lastRoundTripTime(); }; void ConnectionImpl::flushWriteBuffer() { if (state() == State::Open && write_buffer_->length() > 0) { onWriteReady(); } } ClientConnectionImpl::ClientConnectionImpl( Event::Dispatcher& dispatcher, const Address::InstanceConstSharedPtr& remote_address, const Network::Address::InstanceConstSharedPtr& source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) : ConnectionImpl(dispatcher, std::make_unique(remote_address, options), std::move(transport_socket), stream_info_, false), stream_info_(dispatcher.timeSource()) { // There are no meaningful socket options or source address semantics for // non-IP sockets, so skip. if (remote_address->ip() != nullptr) { if (!Network::Socket::applyOptions(options, *socket_, envoy::config::core::v3::SocketOption::STATE_PREBIND)) { // Set a special error state to ensure asynchronous close to give the owner of the // ConnectionImpl a chance to add callbacks and detect the "disconnect". immediate_error_event_ = ConnectionEvent::LocalClose; // Trigger a write event to close this connection out-of-band. file_event_->activate(Event::FileReadyType::Write); return; } const Network::Address::InstanceConstSharedPtr* source = &source_address; if (socket_->localAddress()) { source = &socket_->localAddress(); } if (*source != nullptr) { Api::SysCallIntResult result = socket_->bind(*source); if (result.rc_ < 0) { // TODO(lizan): consider add this error into transportFailureReason. ENVOY_LOG_MISC(debug, "Bind failure. Failed to bind to {}: {}", source->get()->asString(), errorDetails(result.errno_)); bind_error_ = true; // Set a special error state to ensure asynchronous close to give the owner of the // ConnectionImpl a chance to add callbacks and detect the "disconnect". immediate_error_event_ = ConnectionEvent::LocalClose; // Trigger a write event to close this connection out-of-band. file_event_->activate(Event::FileReadyType::Write); } } } } void ClientConnectionImpl::connect() { ENVOY_CONN_LOG(debug, "connecting to {}", *this, socket_->remoteAddress()->asString()); const Api::SysCallIntResult result = socket_->connect(socket_->remoteAddress()); if (result.rc_ == 0) { // write will become ready. ASSERT(connecting_); } else { ASSERT(SOCKET_FAILURE(result.rc_)); #ifdef WIN32 // winsock2 connect returns EWOULDBLOCK if the socket is non-blocking and the connection // cannot be completed immediately. We do not check for EINPROGRESS as that error is for // blocking operations. if (result.errno_ == SOCKET_ERROR_AGAIN) { #else if (result.errno_ == SOCKET_ERROR_IN_PROGRESS) { #endif ASSERT(connecting_); ENVOY_CONN_LOG(debug, "connection in progress", *this); } else { immediate_error_event_ = ConnectionEvent::RemoteClose; connecting_ = false; ENVOY_CONN_LOG(debug, "immediate connection error: {}", *this, result.errno_); // Trigger a write event. This is needed on macOS and seems harmless on Linux. file_event_->activate(Event::FileReadyType::Write); } } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/network/transport_socket.h" #include "common/buffer/watermark_buffer.h" #include "common/event/libevent.h" #include "common/network/connection_impl_base.h" #include "common/stream_info/stream_info_impl.h" #include "absl/types/optional.h" namespace Envoy { class RandomPauseFilter; class TestPauseFilter; namespace Network { /** * Utility functions for the connection implementation. */ class ConnectionImplUtility { public: /** * Update the buffer stats for a connection. * @param delta supplies the data read/written. * @param new_total supplies the final total buffer size. * @param previous_total supplies the previous final total buffer size. previous_total will be * updated to new_total when the call is complete. * @param stat_total supplies the counter to increment with the delta. * @param stat_current supplies the gauge that should be updated with the delta of previous_total * and new_total. */ static void updateBufferStats(uint64_t delta, uint64_t new_total, uint64_t& previous_total, Stats::Counter& stat_total, Stats::Gauge& stat_current); }; /** * Implementation of Network::Connection and Network::FilterManagerConnection. */ class ConnectionImpl : public ConnectionImplBase, public TransportSocketCallbacks { public: ConnectionImpl(Event::Dispatcher& dispatcher, ConnectionSocketPtr&& socket, TransportSocketPtr&& transport_socket, StreamInfo::StreamInfo& stream_info, bool connected); ~ConnectionImpl() override; // Network::FilterManager void addWriteFilter(WriteFilterSharedPtr filter) override; void addFilter(FilterSharedPtr filter) override; void addReadFilter(ReadFilterSharedPtr filter) override; bool initializeReadFilters() override; // Network::Connection void addBytesSentCallback(BytesSentCb cb) override; void enableHalfClose(bool enabled) override; void close(ConnectionCloseType type) final; std::string nextProtocol() const override { return transport_socket_->protocol(); } void noDelay(bool enable) override; void readDisable(bool disable) override; void detectEarlyCloseWhenReadDisabled(bool value) override { detect_early_close_ = value; } bool readEnabled() const override; const Address::InstanceConstSharedPtr& remoteAddress() const override { return socket_->remoteAddress(); } const Address::InstanceConstSharedPtr& directRemoteAddress() const override { return socket_->directRemoteAddress(); } const Address::InstanceConstSharedPtr& localAddress() const override { return socket_->localAddress(); } absl::optional unixSocketPeerCredentials() const override; Ssl::ConnectionInfoConstSharedPtr ssl() const override { return transport_socket_->ssl(); } State state() const override; void write(Buffer::Instance& data, bool end_stream) override; void setBufferLimits(uint32_t limit) override; uint32_t bufferLimit() const override { return read_buffer_limit_; } bool localAddressRestored() const override { return socket_->localAddressRestored(); } bool aboveHighWatermark() const override { return write_buffer_above_high_watermark_; } const ConnectionSocket::OptionsSharedPtr& socketOptions() const override { return socket_->options(); } absl::string_view requestedServerName() const override { return socket_->requestedServerName(); } StreamInfo::StreamInfo& streamInfo() override { return stream_info_; } const StreamInfo::StreamInfo& streamInfo() const override { return stream_info_; } absl::string_view transportFailureReason() const override; absl::optional lastRoundTripTime() const override; // Network::FilterManagerConnection void rawWrite(Buffer::Instance& data, bool end_stream) override; // Network::ReadBufferSource StreamBuffer getReadBuffer() override { return {read_buffer_, read_end_stream_}; } // Network::WriteBufferSource StreamBuffer getWriteBuffer() override { return {*current_write_buffer_, current_write_end_stream_}; } // Network::TransportSocketCallbacks IoHandle& ioHandle() final { return socket_->ioHandle(); } const IoHandle& ioHandle() const override { return socket_->ioHandle(); } Connection& connection() override { return *this; } void raiseEvent(ConnectionEvent event) final; // Should the read buffer be drained? bool shouldDrainReadBuffer() override { return read_buffer_limit_ > 0 && read_buffer_.length() >= read_buffer_limit_; } // Mark read buffer ready to read in the event loop. This is used when yielding following // shouldDrainReadBuffer(). // TODO(htuch): While this is the basis for also yielding to other connections to provide some // fair sharing of CPU resources, the underlying event loop does not make any fairness guarantees. // Reconsider how to make fairness happen. void setReadBufferReady() override { file_event_->activate(Event::FileReadyType::Read); } void flushWriteBuffer() override; // Obtain global next connection ID. This should only be used in tests. static uint64_t nextGlobalIdForTest() { return next_global_id_; } protected: // A convenience function which returns true if // 1) The read disable count is zero or // 2) The read disable count is one due to the read buffer being overrun. // In either case the consumer of the data would like to read from the buffer. // If the read count is greater than one, or equal to one when the buffer is // not overrun, then the consumer of the data has called readDisable, and does // not want to read. bool consumerWantsToRead(); // Network::ConnectionImplBase void closeConnectionImmediately() final; void closeSocket(ConnectionEvent close_type); void onReadBufferLowWatermark(); void onReadBufferHighWatermark(); void onWriteBufferLowWatermark(); void onWriteBufferHighWatermark(); TransportSocketPtr transport_socket_; ConnectionSocketPtr socket_; StreamInfo::StreamInfo& stream_info_; FilterManagerImpl filter_manager_; // Ensure that if the consumer of the data from this connection isn't // consuming, that the connection eventually stops reading from the wire. Buffer::WatermarkBuffer read_buffer_; // This must be a WatermarkBuffer, but as it is created by a factory the ConnectionImpl only has // a generic pointer. // It MUST be defined after the filter_manager_ as some filters may have callbacks that // write_buffer_ invokes during its clean up. Buffer::InstancePtr write_buffer_; uint32_t read_buffer_limit_ = 0; bool connecting_{false}; ConnectionEvent immediate_error_event_{ConnectionEvent::Connected}; bool bind_error_{false}; Event::FileEventPtr file_event_; private: friend class Envoy::RandomPauseFilter; friend class Envoy::TestPauseFilter; void onFileEvent(uint32_t events); void onRead(uint64_t read_buffer_size); void onReadReady(); void onWriteReady(); void updateReadBufferStats(uint64_t num_read, uint64_t new_size); void updateWriteBufferStats(uint64_t num_written, uint64_t new_size); // Write data to the connection bypassing filter chain (optionally). void write(Buffer::Instance& data, bool end_stream, bool through_filter_chain); // Returns true iff end of stream has been both written and read. bool bothSidesHalfClosed(); static std::atomic next_global_id_; std::list bytes_sent_callbacks_; // Tracks the number of times reads have been disabled. If N different components call // readDisabled(true) this allows the connection to only resume reads when readDisabled(false) // has been called N times. uint64_t last_read_buffer_size_{}; uint64_t last_write_buffer_size_{}; Buffer::Instance* current_write_buffer_{}; uint32_t read_disable_count_{0}; bool write_buffer_above_high_watermark_ : 1; bool detect_early_close_ : 1; bool enable_half_close_ : 1; bool read_end_stream_raised_ : 1; bool read_end_stream_ : 1; bool write_end_stream_ : 1; bool current_write_end_stream_ : 1; bool dispatch_buffered_data_ : 1; }; /** * libevent implementation of Network::ClientConnection. */ class ClientConnectionImpl : public ConnectionImpl, virtual public ClientConnection { public: ClientConnectionImpl(Event::Dispatcher& dispatcher, const Address::InstanceConstSharedPtr& remote_address, const Address::InstanceConstSharedPtr& source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options); // Network::ClientConnection void connect() override; private: StreamInfo::StreamInfoImpl stream_info_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_impl_base.cc ================================================ #include "common/network/connection_impl_base.h" namespace Envoy { namespace Network { void ConnectionImplBase::addIdToHashKey(std::vector& hash_key, uint64_t connection_id) { // Pack the connection_id into sizeof(connection_id) uint8_t entries in the hash_key vector. hash_key.reserve(hash_key.size() + sizeof(connection_id)); for (unsigned i = 0; i < sizeof(connection_id); ++i) { hash_key.push_back(0xFF & (connection_id >> (8 * i))); } } ConnectionImplBase::ConnectionImplBase(Event::Dispatcher& dispatcher, uint64_t id) : dispatcher_(dispatcher), id_(id) {} void ConnectionImplBase::addConnectionCallbacks(ConnectionCallbacks& cb) { callbacks_.push_back(&cb); } void ConnectionImplBase::hashKey(std::vector& hash) const { addIdToHashKey(hash, id()); } void ConnectionImplBase::setConnectionStats(const ConnectionStats& stats) { ASSERT(!connection_stats_, "Two network filters are attempting to set connection stats. This indicates an issue " "with the configured filter chain."); connection_stats_ = std::make_unique(stats); } void ConnectionImplBase::setDelayedCloseTimeout(std::chrono::milliseconds timeout) { // Validate that this is only called prior to issuing a close() or closeSocket(). ASSERT(delayed_close_timer_ == nullptr && state() == State::Open); delayed_close_timeout_ = timeout; } void ConnectionImplBase::initializeDelayedCloseTimer() { const auto timeout = delayed_close_timeout_.count(); ASSERT(delayed_close_timer_ == nullptr && timeout > 0); delayed_close_timer_ = dispatcher_.createTimer([this]() -> void { onDelayedCloseTimeout(); }); ENVOY_CONN_LOG(debug, "setting delayed close timer with timeout {} ms", *this, timeout); delayed_close_timer_->enableTimer(delayed_close_timeout_); } void ConnectionImplBase::raiseConnectionEvent(ConnectionEvent event) { for (ConnectionCallbacks* callback : callbacks_) { // TODO(mattklein123): If we close while raising a connected event we should not raise further // connected events. callback->onEvent(event); } } void ConnectionImplBase::onDelayedCloseTimeout() { delayed_close_timer_.reset(); ENVOY_CONN_LOG(debug, "triggered delayed close", *this); if (connection_stats_ != nullptr && connection_stats_->delayed_close_timeouts_ != nullptr) { connection_stats_->delayed_close_timeouts_->inc(); } closeConnectionImmediately(); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/connection_impl_base.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "common/common/logger.h" #include "common/network/filter_manager_impl.h" namespace Envoy { namespace Network { class ConnectionImplBase : public FilterManagerConnection, protected Logger::Loggable { public: /** * Add a connection id to a hash key * @param hash_key the current hash key -- the function will only append to this vector * @param connection_id the 64-bit connection id */ static void addIdToHashKey(std::vector& hash_key, uint64_t connection_id); ConnectionImplBase(Event::Dispatcher& dispatcher, uint64_t id); // Network::Connection void addConnectionCallbacks(ConnectionCallbacks& cb) override; Event::Dispatcher& dispatcher() override { return dispatcher_; } uint64_t id() const override { return id_; } void hashKey(std::vector& hash) const override; void setConnectionStats(const ConnectionStats& stats) override; void setDelayedCloseTimeout(std::chrono::milliseconds timeout) override; protected: void initializeDelayedCloseTimer(); bool inDelayedClose() const { return delayed_close_state_ != DelayedCloseState::None; } void raiseConnectionEvent(ConnectionEvent event); virtual void closeConnectionImmediately() PURE; // States associated with delayed closing of the connection (i.e., when the underlying socket is // not immediately close()d as a result of a ConnectionImpl::close()). enum class DelayedCloseState { None, // The socket will be closed immediately after the buffer is flushed _or_ if a period of // inactivity after the last write event greater than or equal to delayed_close_timeout_ has // elapsed. CloseAfterFlush, // The socket will be closed after a grace period of delayed_close_timeout_ has elapsed after // the socket is flushed _or_ if a period of inactivity after the last write event greater than // or equal to delayed_close_timeout_ has elapsed. CloseAfterFlushAndWait }; DelayedCloseState delayed_close_state_{DelayedCloseState::None}; Event::TimerPtr delayed_close_timer_; std::chrono::milliseconds delayed_close_timeout_{0}; Event::Dispatcher& dispatcher_; const uint64_t id_; std::list callbacks_; std::unique_ptr connection_stats_; private: // Callback issued when a delayed close timeout triggers. void onDelayedCloseTimeout(); }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/dns_impl.cc ================================================ #include "common/network/dns_impl.h" #include #include #include #include #include #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "absl/strings/str_join.h" #include "ares.h" namespace Envoy { namespace Network { DnsResolverImpl::DnsResolverImpl( Event::Dispatcher& dispatcher, const std::vector& resolvers, const bool use_tcp_for_dns_lookups) : dispatcher_(dispatcher), timer_(dispatcher.createTimer([this] { onEventCallback(ARES_SOCKET_BAD, 0); })), use_tcp_for_dns_lookups_(use_tcp_for_dns_lookups) { AresOptions options = defaultAresOptions(); initializeChannel(&options.options_, options.optmask_); if (!resolvers.empty()) { std::vector resolver_addrs; resolver_addrs.reserve(resolvers.size()); for (const auto& resolver : resolvers) { // This should be an IP address (i.e. not a pipe). if (resolver->ip() == nullptr) { ares_destroy(channel_); throw EnvoyException( fmt::format("DNS resolver '{}' is not an IP address", resolver->asString())); } // Note that the ip()->port() may be zero if the port is not fully specified by the // Address::Instance. // resolver->asString() is avoided as that format may be modified by custom // Address::Instance implementations in ways that make the not a simple // integer. See https://github.com/envoyproxy/envoy/pull/3366. resolver_addrs.push_back(fmt::format(resolver->ip()->ipv6() ? "[{}]:{}" : "{}:{}", resolver->ip()->addressAsString(), resolver->ip()->port())); } const std::string resolvers_csv = absl::StrJoin(resolver_addrs, ","); int result = ares_set_servers_ports_csv(channel_, resolvers_csv.c_str()); RELEASE_ASSERT(result == ARES_SUCCESS, ""); } } DnsResolverImpl::~DnsResolverImpl() { timer_->disableTimer(); ares_destroy(channel_); } DnsResolverImpl::AresOptions DnsResolverImpl::defaultAresOptions() { AresOptions options{}; if (use_tcp_for_dns_lookups_) { options.optmask_ |= ARES_OPT_FLAGS; options.options_.flags |= ARES_FLAG_USEVC; } return options; } void DnsResolverImpl::initializeChannel(ares_options* options, int optmask) { options->sock_state_cb = [](void* arg, os_fd_t fd, int read, int write) { static_cast(arg)->onAresSocketStateChange(fd, read, write); }; options->sock_state_cb_data = this; ares_init_options(&channel_, options, optmask | ARES_OPT_SOCK_STATE_CB); } void DnsResolverImpl::PendingResolution::onAresGetAddrInfoCallback(int status, int timeouts, ares_addrinfo* addrinfo) { // We receive ARES_EDESTRUCTION when destructing with pending queries. if (status == ARES_EDESTRUCTION) { ASSERT(owned_); // This destruction might have been triggered by a peer PendingResolution that received a // ARES_ECONNREFUSED. If the PendingResolution has not been cancelled that means that the // callback_ target _should_ still be around. In that case, raise the callback_ so the target // can be done with this query and initiate a new one. if (!cancelled_) { callback_(ResolutionStatus::Failure, {}); } delete this; return; } if (!fallback_if_failed_) { completed_ = true; // If c-ares returns ARES_ECONNREFUSED and there is no fallback we assume that the channel_ is // broken. Mark the channel dirty so that it is destroyed and reinitialized on a subsequent call // to DnsResolver::resolve(). The optimal solution would be for c-ares to reinitialize the // channel, and not have Envoy track side effects. // context: https://github.com/envoyproxy/envoy/issues/4543 and // https://github.com/c-ares/c-ares/issues/301. // // The channel cannot be destroyed and reinitialized here because that leads to a c-ares // segfault. if (status == ARES_ECONNREFUSED) { parent_.dirty_channel_ = true; } } std::list address_list; ResolutionStatus resolution_status; if (status == ARES_SUCCESS) { resolution_status = ResolutionStatus::Success; if (addrinfo != nullptr && addrinfo->nodes != nullptr) { if (addrinfo->nodes->ai_family == AF_INET) { for (const ares_addrinfo_node* ai = addrinfo->nodes; ai != nullptr; ai = ai->ai_next) { sockaddr_in address; memset(&address, 0, sizeof(address)); address.sin_family = AF_INET; address.sin_port = 0; address.sin_addr = reinterpret_cast(ai->ai_addr)->sin_addr; address_list.emplace_back( DnsResponse(std::make_shared(&address), std::chrono::seconds(ai->ai_ttl))); } } else if (addrinfo->nodes->ai_family == AF_INET6) { for (const ares_addrinfo_node* ai = addrinfo->nodes; ai != nullptr; ai = ai->ai_next) { sockaddr_in6 address; memset(&address, 0, sizeof(address)); address.sin6_family = AF_INET6; address.sin6_port = 0; address.sin6_addr = reinterpret_cast(ai->ai_addr)->sin6_addr; address_list.emplace_back( DnsResponse(std::make_shared(address), std::chrono::seconds(ai->ai_ttl))); } } } if (!address_list.empty()) { completed_ = true; } ASSERT(addrinfo != nullptr); ares_freeaddrinfo(addrinfo); } else { resolution_status = ResolutionStatus::Failure; } if (timeouts > 0) { ENVOY_LOG(debug, "DNS request timed out {} times", timeouts); } if (completed_) { if (!cancelled_) { try { callback_(resolution_status, std::move(address_list)); } catch (const EnvoyException& e) { ENVOY_LOG(critical, "EnvoyException in c-ares callback: {}", e.what()); dispatcher_.post([s = std::string(e.what())] { throw EnvoyException(s); }); } catch (const std::exception& e) { ENVOY_LOG(critical, "std::exception in c-ares callback: {}", e.what()); dispatcher_.post([s = std::string(e.what())] { throw EnvoyException(s); }); } catch (...) { ENVOY_LOG(critical, "Unknown exception in c-ares callback"); dispatcher_.post([] { throw EnvoyException("unknown"); }); } } if (owned_) { delete this; return; } } if (!completed_ && fallback_if_failed_) { fallback_if_failed_ = false; getAddrInfo(AF_INET); // Note: Nothing can follow this call to getAddrInfo due to deletion of this // object upon synchronous resolution. return; } } void DnsResolverImpl::updateAresTimer() { // Update the timeout for events. timeval timeout; timeval* timeout_result = ares_timeout(channel_, nullptr, &timeout); if (timeout_result != nullptr) { const auto ms = std::chrono::milliseconds(timeout_result->tv_sec * 1000 + timeout_result->tv_usec / 1000); ENVOY_LOG(trace, "Setting DNS resolution timer for {} milliseconds", ms.count()); timer_->enableTimer(ms); } else { timer_->disableTimer(); } } void DnsResolverImpl::onEventCallback(os_fd_t fd, uint32_t events) { const ares_socket_t read_fd = events & Event::FileReadyType::Read ? fd : ARES_SOCKET_BAD; const ares_socket_t write_fd = events & Event::FileReadyType::Write ? fd : ARES_SOCKET_BAD; ares_process_fd(channel_, read_fd, write_fd); updateAresTimer(); } void DnsResolverImpl::onAresSocketStateChange(os_fd_t fd, int read, int write) { updateAresTimer(); auto it = events_.find(fd); // Stop tracking events for fd if no more state change events. if (read == 0 && write == 0) { if (it != events_.end()) { events_.erase(it); } return; } // If we weren't tracking the fd before, create a new FileEvent. if (it == events_.end()) { events_[fd] = dispatcher_.createFileEvent( fd, [this, fd](uint32_t events) { onEventCallback(fd, events); }, Event::FileTriggerType::Level, Event::FileReadyType::Read | Event::FileReadyType::Write); } events_[fd]->setEnabled((read ? Event::FileReadyType::Read : 0) | (write ? Event::FileReadyType::Write : 0)); } ActiveDnsQuery* DnsResolverImpl::resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) { // TODO(hennna): Add DNS caching which will allow testing the edge case of a // failed initial call to getAddrInfo followed by a synchronous IPv4 // resolution. // @see DnsResolverImpl::PendingResolution::onAresGetAddrInfoCallback for why this is done. if (dirty_channel_) { dirty_channel_ = false; ares_destroy(channel_); AresOptions options = defaultAresOptions(); initializeChannel(&options.options_, options.optmask_); } std::unique_ptr pending_resolution( new PendingResolution(*this, callback, dispatcher_, channel_, dns_name)); if (dns_lookup_family == DnsLookupFamily::Auto) { pending_resolution->fallback_if_failed_ = true; } if (dns_lookup_family == DnsLookupFamily::V4Only) { pending_resolution->getAddrInfo(AF_INET); } else { pending_resolution->getAddrInfo(AF_INET6); } if (pending_resolution->completed_) { // Resolution does not need asynchronous behavior or network events. For // example, localhost lookup. return nullptr; } else { // Enable timer to wake us up if the request times out. updateAresTimer(); // The PendingResolution will self-delete when the request completes (including if cancelled or // if ~DnsResolverImpl() happens via ares_destroy() and subsequent handling of ARES_EDESTRUCTION // in DnsResolverImpl::PendingResolution::onAresGetAddrInfoCallback()). pending_resolution->owned_ = true; return pending_resolution.release(); } } void DnsResolverImpl::PendingResolution::getAddrInfo(int family) { struct ares_addrinfo_hints hints = {}; hints.ai_family = family; /** * ARES_AI_NOSORT result addresses will not be sorted and no connections to resolved addresses * will be attempted */ hints.ai_flags = ARES_AI_NOSORT; ares_getaddrinfo( channel_, dns_name_.c_str(), /* service */ nullptr, &hints, [](void* arg, int status, int timeouts, ares_addrinfo* addrinfo) { static_cast(arg)->onAresGetAddrInfoCallback(status, timeouts, addrinfo); }, this); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/dns_impl.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" #include "envoy/network/dns.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "absl/container/node_hash_map.h" #include "ares.h" namespace Envoy { namespace Network { class DnsResolverImplPeer; /** * Implementation of DnsResolver that uses c-ares. All calls and callbacks are assumed to * happen on the thread that owns the creating dispatcher. */ class DnsResolverImpl : public DnsResolver, protected Logger::Loggable { public: DnsResolverImpl(Event::Dispatcher& dispatcher, const std::vector& resolvers, const bool use_tcp_for_dns_lookups); ~DnsResolverImpl() override; // Network::DnsResolver ActiveDnsQuery* resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) override; private: friend class DnsResolverImplPeer; struct PendingResolution : public ActiveDnsQuery { // Network::ActiveDnsQuery PendingResolution(DnsResolverImpl& parent, ResolveCb callback, Event::Dispatcher& dispatcher, ares_channel channel, const std::string& dns_name) : parent_(parent), callback_(callback), dispatcher_(dispatcher), channel_(channel), dns_name_(dns_name) {} void cancel() override { // c-ares only supports channel-wide cancellation, so we just allow the // network events to continue but don't invoke the callback on completion. cancelled_ = true; } /** * ares_getaddrinfo query callback. * @param status return status of call to ares_getaddrinfo. * @param timeouts the number of times the request timed out. * @param addrinfo structure to store address info. */ void onAresGetAddrInfoCallback(int status, int timeouts, ares_addrinfo* addrinfo); /** * wrapper function of call to ares_getaddrinfo. * @param family currently AF_INET and AF_INET6 are supported. */ void getAddrInfo(int family); DnsResolverImpl& parent_; // Caller supplied callback to invoke on query completion or error. const ResolveCb callback_; // Dispatcher to post any callback_ exceptions to. Event::Dispatcher& dispatcher_; // Does the object own itself? Resource reclamation occurs via self-deleting // on query completion or error. bool owned_ = false; // Has the query completed? Only meaningful if !owned_; bool completed_ = false; // Was the query cancelled via cancel()? bool cancelled_ = false; // If dns_lookup_family is "fallback", fallback to v4 address if v6 // resolution failed. bool fallback_if_failed_ = false; const ares_channel channel_; const std::string dns_name_; }; struct AresOptions { ares_options options_; int optmask_; }; // Callback for events on sockets tracked in events_. void onEventCallback(os_fd_t fd, uint32_t events); // c-ares callback when a socket state changes, indicating that libevent // should listen for read/write events. void onAresSocketStateChange(os_fd_t fd, int read, int write); // Initialize the channel. void initializeChannel(ares_options* options, int optmask); // Update timer for c-ares timeouts. void updateAresTimer(); // Return default AresOptions. AresOptions defaultAresOptions(); Event::Dispatcher& dispatcher_; Event::TimerPtr timer_; ares_channel channel_; bool dirty_channel_{}; const bool use_tcp_for_dns_lookups_; absl::node_hash_map events_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/filter_impl.h ================================================ #pragma once #include "envoy/network/filter.h" namespace Envoy { namespace Network { /** * Implementation of Network::ReadFilter that discards read callbacks. */ class ReadFilterBaseImpl : public ReadFilter { public: void initializeReadFilterCallbacks(ReadFilterCallbacks&) override {} Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } }; /** * Implementation of Network::Filter that discards read callbacks. */ class FilterBaseImpl : public Filter { public: void initializeReadFilterCallbacks(ReadFilterCallbacks&) override {} Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/filter_manager_impl.cc ================================================ #include "common/network/filter_manager_impl.h" #include #include "envoy/network/connection.h" #include "common/common/assert.h" namespace Envoy { namespace Network { void FilterManagerImpl::addWriteFilter(WriteFilterSharedPtr filter) { ASSERT(connection_.state() == Connection::State::Open); ActiveWriteFilterPtr new_filter(new ActiveWriteFilter{*this, filter}); filter->initializeWriteFilterCallbacks(*new_filter); LinkedList::moveIntoList(std::move(new_filter), downstream_filters_); } void FilterManagerImpl::addFilter(FilterSharedPtr filter) { addReadFilter(filter); addWriteFilter(filter); } void FilterManagerImpl::addReadFilter(ReadFilterSharedPtr filter) { ASSERT(connection_.state() == Connection::State::Open); ActiveReadFilterPtr new_filter(new ActiveReadFilter{*this, filter}); filter->initializeReadFilterCallbacks(*new_filter); LinkedList::moveIntoListBack(std::move(new_filter), upstream_filters_); } bool FilterManagerImpl::initializeReadFilters() { if (upstream_filters_.empty()) { return false; } onContinueReading(nullptr, connection_); return true; } void FilterManagerImpl::onContinueReading(ActiveReadFilter* filter, ReadBufferSource& buffer_source) { // Filter could return status == FilterStatus::StopIteration immediately, close the connection and // use callback to call this function. if (connection_.state() != Connection::State::Open) { return; } std::list::iterator entry; if (!filter) { connection_.streamInfo().addBytesReceived(buffer_source.getReadBuffer().buffer.length()); entry = upstream_filters_.begin(); } else { entry = std::next(filter->entry()); } for (; entry != upstream_filters_.end(); entry++) { if (!(*entry)->initialized_) { (*entry)->initialized_ = true; FilterStatus status = (*entry)->filter_->onNewConnection(); if (status == FilterStatus::StopIteration || connection_.state() != Connection::State::Open) { return; } } StreamBuffer read_buffer = buffer_source.getReadBuffer(); if (read_buffer.buffer.length() > 0 || read_buffer.end_stream) { FilterStatus status = (*entry)->filter_->onData(read_buffer.buffer, read_buffer.end_stream); if (status == FilterStatus::StopIteration || connection_.state() != Connection::State::Open) { return; } } } } void FilterManagerImpl::onRead() { ASSERT(!upstream_filters_.empty()); onContinueReading(nullptr, connection_); } FilterStatus FilterManagerImpl::onWrite() { return onWrite(nullptr, connection_); } FilterStatus FilterManagerImpl::onWrite(ActiveWriteFilter* filter, WriteBufferSource& buffer_source) { // Filter could return status == FilterStatus::StopIteration immediately, close the connection and // use callback to call this function. if (connection_.state() != Connection::State::Open) { return FilterStatus::StopIteration; } std::list::iterator entry; if (!filter) { entry = downstream_filters_.begin(); } else { entry = std::next(filter->entry()); } for (; entry != downstream_filters_.end(); entry++) { StreamBuffer write_buffer = buffer_source.getWriteBuffer(); FilterStatus status = (*entry)->filter_->onWrite(write_buffer.buffer, write_buffer.end_stream); if (status == FilterStatus::StopIteration || connection_.state() != Connection::State::Open) { return FilterStatus::StopIteration; } } // Report the final bytes written to the wire connection_.streamInfo().addBytesSent(buffer_source.getWriteBuffer().buffer.length()); return FilterStatus::Continue; } void FilterManagerImpl::onResumeWriting(ActiveWriteFilter* filter, WriteBufferSource& buffer_source) { auto status = onWrite(filter, buffer_source); if (status == FilterStatus::Continue) { StreamBuffer write_buffer = buffer_source.getWriteBuffer(); connection_.rawWrite(write_buffer.buffer, write_buffer.end_stream); } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/filter_manager_impl.h ================================================ #pragma once #include #include #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "common/common/linked_object.h" namespace Envoy { namespace Network { struct StreamBuffer { Buffer::Instance& buffer; const bool end_stream; }; /** * Interface used to obtain read buffers. */ class ReadBufferSource { public: virtual ~ReadBufferSource() = default; /** * Fetch the read buffer for the source. */ virtual StreamBuffer getReadBuffer() PURE; }; /** * Interface used to obtain write buffers. */ class WriteBufferSource { public: virtual ~WriteBufferSource() = default; /** * Fetch the write buffer for the source. */ virtual StreamBuffer getWriteBuffer() PURE; }; /** * Adapter that masquerades a given buffer instance as a ReadBufferSource. */ class FixedReadBufferSource : public ReadBufferSource { public: FixedReadBufferSource(Buffer::Instance& data, bool end_stream) : data_(data), end_stream_(end_stream) {} StreamBuffer getReadBuffer() override { return {data_, end_stream_}; } private: Buffer::Instance& data_; const bool end_stream_; }; /** * Adapter that masquerades a given buffer instance as a WriteBufferSource. */ class FixedWriteBufferSource : public WriteBufferSource { public: FixedWriteBufferSource(Buffer::Instance& data, bool end_stream) : data_(data), end_stream_(end_stream) {} StreamBuffer getWriteBuffer() override { return {data_, end_stream_}; } private: Buffer::Instance& data_; const bool end_stream_; }; /** * Connection enriched with methods for advanced cases, i.e. write data bypassing filter chain. * * Since FilterManager is only user of those methods for now, the class is named after it. */ class FilterManagerConnection : public virtual Connection, public ReadBufferSource, public WriteBufferSource { public: ~FilterManagerConnection() override = default; /** * Write data to the connection bypassing filter chain. * * I.e., consider a scenario where iteration over the filter chain is stopped at some point * and later is resumed via a call to WriteFilterCallbacks::injectWriteDataToFilterChain(). * * @param data supplies the data to write to the connection. * @param end_stream supplies whether this is the last byte to write on the connection. */ virtual void rawWrite(Buffer::Instance& data, bool end_stream) PURE; }; /** * This is a filter manager for TCP (L4) filters. It is split out for ease of testing. */ class FilterManagerImpl { public: FilterManagerImpl(FilterManagerConnection& connection) : connection_(connection) {} void addWriteFilter(WriteFilterSharedPtr filter); void addFilter(FilterSharedPtr filter); void addReadFilter(ReadFilterSharedPtr filter); bool initializeReadFilters(); void onRead(); FilterStatus onWrite(); private: struct ActiveReadFilter : public ReadFilterCallbacks, LinkedObject { ActiveReadFilter(FilterManagerImpl& parent, ReadFilterSharedPtr filter) : parent_(parent), filter_(filter) {} Connection& connection() override { return parent_.connection_; } void continueReading() override { parent_.onContinueReading(this, parent_.connection_); } void injectReadDataToFilterChain(Buffer::Instance& data, bool end_stream) override { FixedReadBufferSource buffer_source{data, end_stream}; parent_.onContinueReading(this, buffer_source); } Upstream::HostDescriptionConstSharedPtr upstreamHost() override { return parent_.host_description_; } void upstreamHost(Upstream::HostDescriptionConstSharedPtr host) override { parent_.host_description_ = host; } FilterManagerImpl& parent_; ReadFilterSharedPtr filter_; bool initialized_{}; }; using ActiveReadFilterPtr = std::unique_ptr; struct ActiveWriteFilter : public WriteFilterCallbacks, LinkedObject { ActiveWriteFilter(FilterManagerImpl& parent, WriteFilterSharedPtr filter) : parent_(parent), filter_(std::move(filter)) {} Connection& connection() override { return parent_.connection_; } void injectWriteDataToFilterChain(Buffer::Instance& data, bool end_stream) override { FixedWriteBufferSource buffer_source{data, end_stream}; parent_.onResumeWriting(this, buffer_source); } FilterManagerImpl& parent_; WriteFilterSharedPtr filter_; }; using ActiveWriteFilterPtr = std::unique_ptr; void onContinueReading(ActiveReadFilter* filter, ReadBufferSource& buffer_source); FilterStatus onWrite(ActiveWriteFilter* filter, WriteBufferSource& buffer_source); void onResumeWriting(ActiveWriteFilter* filter, WriteBufferSource& buffer_source); FilterManagerConnection& connection_; Upstream::HostDescriptionConstSharedPtr host_description_; std::list upstream_filters_; std::list downstream_filters_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/filter_matcher.cc ================================================ #include "common/network/filter_matcher.h" #include "envoy/network/filter.h" #include "common/common/assert.h" #include "absl/strings/str_format.h" namespace Envoy { namespace Network { ListenerFilterMatcherPtr ListenerFilterMatcherBuilder::buildListenerFilterMatcher( const envoy::config::listener::v3::ListenerFilterChainMatchPredicate& match_config) { switch (match_config.rule_case()) { case envoy::config::listener::v3::ListenerFilterChainMatchPredicate::RuleCase::kAnyMatch: return std::make_unique(); case envoy::config::listener::v3::ListenerFilterChainMatchPredicate::RuleCase::kNotMatch: { return std::make_unique(match_config.not_match()); } case envoy::config::listener::v3::ListenerFilterChainMatchPredicate::RuleCase::kAndMatch: { return std::make_unique(match_config.and_match().rules()); } case envoy::config::listener::v3::ListenerFilterChainMatchPredicate::RuleCase::kOrMatch: { return std::make_unique(match_config.or_match().rules()); } case envoy::config::listener::v3::ListenerFilterChainMatchPredicate::RuleCase:: kDestinationPortRange: { return std::make_unique(match_config.destination_port_range()); } default: NOT_REACHED_GCOVR_EXCL_LINE; } } ListenerFilterSetLogicMatcher::ListenerFilterSetLogicMatcher( absl::Span predicates) : sub_matchers_(predicates.length()) { std::transform(predicates.begin(), predicates.end(), sub_matchers_.begin(), [](const auto* pred) { return ListenerFilterMatcherBuilder::buildListenerFilterMatcher(*pred); }); } bool ListenerFilterOrMatcher::matches(ListenerFilterCallbacks& cb) const { return std::any_of(sub_matchers_.begin(), sub_matchers_.end(), [&cb](const auto& matcher) { return matcher->matches(cb); }); } bool ListenerFilterAndMatcher::matches(ListenerFilterCallbacks& cb) const { return std::all_of(sub_matchers_.begin(), sub_matchers_.end(), [&cb](const auto& matcher) { return matcher->matches(cb); }); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/filter_matcher.h ================================================ #pragma once #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Network { /** * The helper to transform ListenerFilterChainMatchPredicate message to single matcher. */ class ListenerFilterMatcherBuilder { public: static ListenerFilterMatcherPtr buildListenerFilterMatcher( const envoy::config::listener::v3::ListenerFilterChainMatchPredicate& match_config); }; /** * Any matcher (always matches). */ class ListenerFilterAnyMatcher final : public ListenerFilterMatcher { public: bool matches(ListenerFilterCallbacks&) const override { return true; } }; class ListenerFilterNotMatcher final : public ListenerFilterMatcher { public: ListenerFilterNotMatcher( const envoy::config::listener::v3::ListenerFilterChainMatchPredicate& match_config) : sub_matcher_(ListenerFilterMatcherBuilder::buildListenerFilterMatcher(match_config)) {} bool matches(ListenerFilterCallbacks& cb) const override { return !sub_matcher_->matches(cb); } private: const ListenerFilterMatcherPtr sub_matcher_; }; /** * Destination port matcher. */ class ListenerFilterDstPortMatcher final : public ListenerFilterMatcher { public: explicit ListenerFilterDstPortMatcher(const ::envoy::type::v3::Int32Range& range) : start_(range.start()), end_(range.end()) {} bool matches(ListenerFilterCallbacks& cb) const override { const auto& address = cb.socket().localAddress(); // Match on destination port (only for IP addresses). if (address->type() == Address::Type::Ip) { const auto port = address->ip()->port(); return start_ <= port && port < end_; } else { return true; } } private: const uint32_t start_; const uint32_t end_; }; /** * Matcher for implementing set logic. */ class ListenerFilterSetLogicMatcher : public ListenerFilterMatcher { public: explicit ListenerFilterSetLogicMatcher( absl::Span predicates); protected: absl::FixedArray sub_matchers_; }; class ListenerFilterAndMatcher final : public ListenerFilterSetLogicMatcher { public: ListenerFilterAndMatcher( absl::Span predicates) : ListenerFilterSetLogicMatcher(predicates) {} bool matches(ListenerFilterCallbacks& cb) const override; }; class ListenerFilterOrMatcher final : public ListenerFilterSetLogicMatcher { public: ListenerFilterOrMatcher( absl::Span predicates) : ListenerFilterSetLogicMatcher(predicates) {} bool matches(ListenerFilterCallbacks& cb) const override; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/hash_policy.cc ================================================ #include "common/network/hash_policy.h" #include "envoy/common/exception.h" #include "envoy/type/v3/hash_policy.pb.h" #include "common/common/assert.h" namespace Envoy { namespace Network { class SourceIpHashMethod : public HashPolicyImpl::HashMethod { public: absl::optional evaluate(const Network::Address::Instance* downstream_addr, const Network::Address::Instance*) const override { if (downstream_addr && downstream_addr->ip()) { ASSERT(!downstream_addr->ip()->addressAsString().empty()); return HashUtil::xxHash64(downstream_addr->ip()->addressAsString()); } return absl::nullopt; } }; HashPolicyImpl::HashPolicyImpl( const absl::Span& hash_policies) { ASSERT(hash_policies.size() == 1); switch (hash_policies[0]->policy_specifier_case()) { case envoy::type::v3::HashPolicy::PolicySpecifierCase::kSourceIp: hash_impl_ = std::make_unique(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional HashPolicyImpl::generateHash(const Network::Address::Instance* downstream_addr, const Network::Address::Instance* upstream_addr) const { return hash_impl_->evaluate(downstream_addr, upstream_addr); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/hash_policy.h ================================================ #pragma once #include "envoy/network/hash_policy.h" #include "envoy/type/v3/hash_policy.pb.h" #include "common/common/hash.h" namespace Envoy { namespace Network { /** * Implementation of HashPolicy that reads from the proto TCP proxy config. */ class HashPolicyImpl : public Network::HashPolicy { public: explicit HashPolicyImpl(const absl::Span& hash_policy); // Network::HashPolicy absl::optional generateHash(const Network::Address::Instance* downstream_addr, const Network::Address::Instance* upstream_addr) const override; class HashMethod { public: virtual ~HashMethod() = default; virtual absl::optional evaluate(const Network::Address::Instance* downstream_addr, const Network::Address::Instance* upstream_addr) const PURE; }; using HashMethodPtr = std::unique_ptr; private: HashMethodPtr hash_impl_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/io_socket_error_impl.cc ================================================ #include "common/network/io_socket_error_impl.h" #include "common/common/assert.h" #include "common/common/utility.h" namespace Envoy { namespace Network { Api::IoError::IoErrorCode IoSocketError::getErrorCode() const { switch (errno_) { case SOCKET_ERROR_AGAIN: ASSERT(this == IoSocketError::getIoSocketEagainInstance(), "Didn't use getIoSocketEagainInstance() to generate `Again`."); return IoErrorCode::Again; case SOCKET_ERROR_NOT_SUP: return IoErrorCode::NoSupport; case SOCKET_ERROR_AF_NO_SUP: return IoErrorCode::AddressFamilyNoSupport; case SOCKET_ERROR_IN_PROGRESS: return IoErrorCode::InProgress; case SOCKET_ERROR_PERM: return IoErrorCode::Permission; case SOCKET_ERROR_MSG_SIZE: return IoErrorCode::MessageTooBig; case SOCKET_ERROR_INTR: return IoErrorCode::Interrupt; case SOCKET_ERROR_ADDR_NOT_AVAIL: return IoErrorCode::AddressNotAvailable; default: ENVOY_LOG_MISC(debug, "Unknown error code {} details {}", errno_, getErrorDetails()); return IoErrorCode::UnknownError; } } std::string IoSocketError::getErrorDetails() const { return errorDetails(errno_); } IoSocketError* IoSocketError::getIoSocketEagainInstance() { static auto* instance = new IoSocketError(SOCKET_ERROR_AGAIN); return instance; } void IoSocketError::deleteIoError(Api::IoError* err) { ASSERT(err != nullptr); if (err != getIoSocketEagainInstance()) { delete err; } } inline IoSocketError* getIoSocketInvalidAddressInstance() { static auto* instance = new IoSocketError(SOCKET_ERROR_NOT_SUP); return instance; } Api::IoCallUint64Result IoSocketError::ioResultSocketInvalidAddress() { return Api::IoCallUint64Result( 0, Api::IoErrorPtr(getIoSocketInvalidAddressInstance(), [](IoError*) {})); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/io_socket_error_impl.h ================================================ #pragma once #include "envoy/api/io_error.h" #include "common/common/assert.h" namespace Envoy { namespace Network { class IoSocketError : public Api::IoError { public: explicit IoSocketError(int sys_errno) : errno_(sys_errno) {} ~IoSocketError() override = default; Api::IoError::IoErrorCode getErrorCode() const override; std::string getErrorDetails() const override; // IoErrorCode::Again is used frequently. Define it to be a singleton to avoid frequent memory // allocation of such instance. If this is used, IoHandleCallResult has to be instantiated with // deleter deleteIoError() below to avoid deallocating memory for this error. static IoSocketError* getIoSocketEagainInstance(); // This error is introduced when Envoy create socket for unsupported address. It is either a bug, // or this Envoy instance received config which is not yet supported. This should not be fatal // error. static Api::IoCallUint64Result ioResultSocketInvalidAddress(); // Deallocate memory only if the error is not Again. static void deleteIoError(Api::IoError* err); private: int errno_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/io_socket_handle_impl.cc ================================================ #include "common/network/io_socket_handle_impl.h" #include "envoy/buffer/buffer.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/utility.h" #include "common/event/file_event_impl.h" #include "common/network/address_impl.h" #include "absl/container/fixed_array.h" #include "absl/types/optional.h" using Envoy::Api::SysCallIntResult; using Envoy::Api::SysCallSizeResult; namespace Envoy { namespace { /** * On different platforms the sockaddr struct for unix domain * sockets is different. We use this function to get the * length of the platform specific struct. */ constexpr socklen_t udsAddressLength() { #if defined(__APPLE__) return sizeof(sockaddr); #elif defined(WIN32) return sizeof(sockaddr_un); #else return sizeof(sa_family_t); #endif } constexpr int messageTypeContainsIP() { #ifdef IP_RECVDSTADDR return IP_RECVDSTADDR; #else return IP_PKTINFO; #endif } in_addr addressFromMessage(const cmsghdr& cmsg) { #ifdef IP_RECVDSTADDR return *reinterpret_cast(CMSG_DATA(&cmsg)); #else auto info = reinterpret_cast(CMSG_DATA(&cmsg)); return info->ipi_addr; #endif } } // namespace namespace Network { IoSocketHandleImpl::~IoSocketHandleImpl() { if (SOCKET_VALID(fd_)) { IoSocketHandleImpl::close(); } } Api::IoCallUint64Result IoSocketHandleImpl::close() { ASSERT(SOCKET_VALID(fd_)); const int rc = Api::OsSysCallsSingleton::get().close(fd_).rc_; SET_SOCKET_INVALID(fd_); return Api::IoCallUint64Result(rc, Api::IoErrorPtr(nullptr, IoSocketError::deleteIoError)); } bool IoSocketHandleImpl::isOpen() const { return SOCKET_VALID(fd_); } Api::IoCallUint64Result IoSocketHandleImpl::readv(uint64_t max_length, Buffer::RawSlice* slices, uint64_t num_slice) { absl::FixedArray iov(num_slice); uint64_t num_slices_to_read = 0; uint64_t num_bytes_to_read = 0; for (; num_slices_to_read < num_slice && num_bytes_to_read < max_length; num_slices_to_read++) { iov[num_slices_to_read].iov_base = slices[num_slices_to_read].mem_; const size_t slice_length = std::min(slices[num_slices_to_read].len_, static_cast(max_length - num_bytes_to_read)); iov[num_slices_to_read].iov_len = slice_length; num_bytes_to_read += slice_length; } ASSERT(num_bytes_to_read <= max_length); return sysCallResultToIoCallResult(Api::OsSysCallsSingleton::get().readv( fd_, iov.begin(), static_cast(num_slices_to_read))); } Api::IoCallUint64Result IoSocketHandleImpl::read(Buffer::Instance& buffer, uint64_t max_length) { if (max_length == 0) { return Api::ioCallUint64ResultNoError(); } constexpr uint64_t MaxSlices = 2; Buffer::RawSlice slices[MaxSlices]; const uint64_t num_slices = buffer.reserve(max_length, slices, MaxSlices); Api::IoCallUint64Result result = readv(max_length, slices, num_slices); uint64_t bytes_to_commit = result.ok() ? result.rc_ : 0; ASSERT(bytes_to_commit <= max_length); for (uint64_t i = 0; i < num_slices; i++) { slices[i].len_ = std::min(slices[i].len_, static_cast(bytes_to_commit)); bytes_to_commit -= slices[i].len_; } buffer.commit(slices, num_slices); return result; } Api::IoCallUint64Result IoSocketHandleImpl::writev(const Buffer::RawSlice* slices, uint64_t num_slice) { absl::FixedArray iov(num_slice); uint64_t num_slices_to_write = 0; for (uint64_t i = 0; i < num_slice; i++) { if (slices[i].mem_ != nullptr && slices[i].len_ != 0) { iov[num_slices_to_write].iov_base = slices[i].mem_; iov[num_slices_to_write].iov_len = slices[i].len_; num_slices_to_write++; } } if (num_slices_to_write == 0) { return Api::ioCallUint64ResultNoError(); } return sysCallResultToIoCallResult( Api::OsSysCallsSingleton::get().writev(fd_, iov.begin(), num_slices_to_write)); } Api::IoCallUint64Result IoSocketHandleImpl::write(Buffer::Instance& buffer) { constexpr uint64_t MaxSlices = 16; Buffer::RawSliceVector slices = buffer.getRawSlices(MaxSlices); Api::IoCallUint64Result result = writev(slices.begin(), slices.size()); if (result.ok() && result.rc_ > 0) { buffer.drain(static_cast(result.rc_)); } return result; } Api::IoCallUint64Result IoSocketHandleImpl::sendmsg(const Buffer::RawSlice* slices, uint64_t num_slice, int flags, const Address::Ip* self_ip, const Address::Instance& peer_address) { const auto* address_base = dynamic_cast(&peer_address); sockaddr* sock_addr = const_cast(address_base->sockAddr()); if (sock_addr == nullptr) { // Unlikely to happen unless the wrong peer address is passed. return IoSocketError::ioResultSocketInvalidAddress(); } absl::FixedArray iov(num_slice); uint64_t num_slices_to_write = 0; for (uint64_t i = 0; i < num_slice; i++) { if (slices[i].mem_ != nullptr && slices[i].len_ != 0) { iov[num_slices_to_write].iov_base = slices[i].mem_; iov[num_slices_to_write].iov_len = slices[i].len_; num_slices_to_write++; } } if (num_slices_to_write == 0) { return Api::ioCallUint64ResultNoError(); } msghdr message; message.msg_name = reinterpret_cast(sock_addr); message.msg_namelen = address_base->sockAddrLen(); message.msg_iov = iov.begin(); message.msg_iovlen = num_slices_to_write; message.msg_flags = 0; auto& os_syscalls = Api::OsSysCallsSingleton::get(); if (self_ip == nullptr) { message.msg_control = nullptr; message.msg_controllen = 0; const Api::SysCallSizeResult result = os_syscalls.sendmsg(fd_, &message, flags); return sysCallResultToIoCallResult(result); } else { const size_t space_v6 = CMSG_SPACE(sizeof(in6_pktinfo)); const size_t space_v4 = CMSG_SPACE(sizeof(in_pktinfo)); // FreeBSD only needs in_addr size, but allocates more to unify code in two platforms. const size_t cmsg_space = (self_ip->version() == Address::IpVersion::v4) ? space_v4 : space_v6; // kSpaceForIp should be big enough to hold both IPv4 and IPv6 packet info. absl::FixedArray cbuf(cmsg_space); memset(cbuf.begin(), 0, cmsg_space); message.msg_control = cbuf.begin(); message.msg_controllen = cmsg_space; cmsghdr* const cmsg = CMSG_FIRSTHDR(&message); RELEASE_ASSERT(cmsg != nullptr, fmt::format("cbuf with size {} is not enough, cmsghdr size {}", sizeof(cbuf), sizeof(cmsghdr))); if (self_ip->version() == Address::IpVersion::v4) { cmsg->cmsg_level = IPPROTO_IP; #ifndef IP_SENDSRCADDR cmsg->cmsg_len = CMSG_LEN(sizeof(in_pktinfo)); cmsg->cmsg_type = IP_PKTINFO; auto pktinfo = reinterpret_cast(CMSG_DATA(cmsg)); pktinfo->ipi_ifindex = 0; #ifdef WIN32 pktinfo->ipi_addr.s_addr = self_ip->ipv4()->address(); #else pktinfo->ipi_spec_dst.s_addr = self_ip->ipv4()->address(); #endif #else cmsg->cmsg_type = IP_SENDSRCADDR; cmsg->cmsg_len = CMSG_LEN(sizeof(in_addr)); *(reinterpret_cast(CMSG_DATA(cmsg))).s_addr = self_ip->ipv4()->address(); #endif } else if (self_ip->version() == Address::IpVersion::v6) { cmsg->cmsg_len = CMSG_LEN(sizeof(in6_pktinfo)); cmsg->cmsg_level = IPPROTO_IPV6; cmsg->cmsg_type = IPV6_PKTINFO; auto pktinfo = reinterpret_cast(CMSG_DATA(cmsg)); pktinfo->ipi6_ifindex = 0; *(reinterpret_cast(pktinfo->ipi6_addr.s6_addr)) = self_ip->ipv6()->address(); } const Api::SysCallSizeResult result = os_syscalls.sendmsg(fd_, &message, flags); return sysCallResultToIoCallResult(result); } } Address::InstanceConstSharedPtr getAddressFromSockAddrOrDie(const sockaddr_storage& ss, socklen_t ss_len, os_fd_t fd) { try { // Set v6only to false so that mapped-v6 address can be normalize to v4 // address. Though dual stack may be disabled, it's still okay to assume the // address is from a dual stack socket. This is because mapped-v6 address // must come from a dual stack socket. An actual v6 address can come from // both dual stack socket and v6 only socket. If |peer_addr| is an actual v6 // address and the socket is actually v6 only, the returned address will be // regarded as a v6 address from dual stack socket. However, this address is not going to be // used to create socket. Wrong knowledge of dual stack support won't hurt. return Address::addressFromSockAddr(ss, ss_len, /*v6only=*/false); } catch (const EnvoyException& e) { PANIC(fmt::format("Invalid address for fd: {}, error: {}", fd, e.what())); } } Address::InstanceConstSharedPtr maybeGetDstAddressFromHeader(const cmsghdr& cmsg, uint32_t self_port, os_fd_t fd) { if (cmsg.cmsg_type == IPV6_PKTINFO) { auto info = reinterpret_cast(CMSG_DATA(&cmsg)); sockaddr_storage ss; auto ipv6_addr = reinterpret_cast(&ss); memset(ipv6_addr, 0, sizeof(sockaddr_in6)); ipv6_addr->sin6_family = AF_INET6; ipv6_addr->sin6_addr = info->ipi6_addr; ipv6_addr->sin6_port = htons(self_port); return getAddressFromSockAddrOrDie(ss, sizeof(sockaddr_in6), fd); } if (cmsg.cmsg_type == messageTypeContainsIP()) { sockaddr_storage ss; auto ipv4_addr = reinterpret_cast(&ss); memset(ipv4_addr, 0, sizeof(sockaddr_in)); ipv4_addr->sin_family = AF_INET; ipv4_addr->sin_addr = addressFromMessage(cmsg); ipv4_addr->sin_port = htons(self_port); return getAddressFromSockAddrOrDie(ss, sizeof(sockaddr_in), fd); } return nullptr; } absl::optional maybeGetPacketsDroppedFromHeader([[maybe_unused]] const cmsghdr& cmsg) { #ifdef SO_RXQ_OVFL if (cmsg.cmsg_type == SO_RXQ_OVFL) { return *reinterpret_cast(CMSG_DATA(&cmsg)); } #endif return absl::nullopt; } Api::IoCallUint64Result IoSocketHandleImpl::recvmsg(Buffer::RawSlice* slices, const uint64_t num_slice, uint32_t self_port, RecvMsgOutput& output) { ASSERT(!output.msg_.empty()); absl::FixedArray cbuf(cmsg_space_); memset(cbuf.begin(), 0, cmsg_space_); absl::FixedArray iov(num_slice); uint64_t num_slices_for_read = 0; for (uint64_t i = 0; i < num_slice; i++) { if (slices[i].mem_ != nullptr && slices[i].len_ != 0) { iov[num_slices_for_read].iov_base = slices[i].mem_; iov[num_slices_for_read].iov_len = slices[i].len_; ++num_slices_for_read; } } if (num_slices_for_read == 0) { return Api::ioCallUint64ResultNoError(); } sockaddr_storage peer_addr; msghdr hdr; hdr.msg_name = &peer_addr; hdr.msg_namelen = sizeof(sockaddr_storage); hdr.msg_iov = iov.begin(); hdr.msg_iovlen = num_slices_for_read; hdr.msg_flags = 0; hdr.msg_control = cbuf.begin(); hdr.msg_controllen = cmsg_space_; const Api::SysCallSizeResult result = Api::OsSysCallsSingleton::get().recvmsg(fd_, &hdr, 0); if (result.rc_ < 0) { return sysCallResultToIoCallResult(result); } RELEASE_ASSERT((hdr.msg_flags & MSG_CTRUNC) == 0, fmt::format("Incorrectly set control message length: {}", hdr.msg_controllen)); RELEASE_ASSERT(hdr.msg_namelen > 0, fmt::format("Unable to get remote address from recvmsg() for fd: {}", fd_)); output.msg_[0].peer_address_ = getAddressFromSockAddrOrDie(peer_addr, hdr.msg_namelen, fd_); output.msg_[0].gso_size_ = 0; if (hdr.msg_controllen > 0) { // Get overflow, local address and gso_size from control message. for (struct cmsghdr* cmsg = CMSG_FIRSTHDR(&hdr); cmsg != nullptr; cmsg = CMSG_NXTHDR(&hdr, cmsg)) { if (output.msg_[0].local_address_ == nullptr) { Address::InstanceConstSharedPtr addr = maybeGetDstAddressFromHeader(*cmsg, self_port, fd_); if (addr != nullptr) { // This is a IP packet info message. output.msg_[0].local_address_ = std::move(addr); continue; } } if (output.dropped_packets_ != nullptr) { absl::optional maybe_dropped = maybeGetPacketsDroppedFromHeader(*cmsg); if (maybe_dropped) { *output.dropped_packets_ = *maybe_dropped; continue; } } #ifdef UDP_GRO if (cmsg->cmsg_level == SOL_UDP && cmsg->cmsg_type == UDP_GRO) { output.msg_[0].gso_size_ = *reinterpret_cast(CMSG_DATA(cmsg)); } #endif } } return sysCallResultToIoCallResult(result); } Api::IoCallUint64Result IoSocketHandleImpl::recvmmsg(RawSliceArrays& slices, uint32_t self_port, RecvMsgOutput& output) { ASSERT(output.msg_.size() == slices.size()); if (slices.empty()) { return sysCallResultToIoCallResult(Api::SysCallIntResult{0, SOCKET_ERROR_AGAIN}); } const uint32_t num_packets_per_mmsg_call = slices.size(); absl::FixedArray mmsg_hdr(num_packets_per_mmsg_call); absl::FixedArray> iovs( num_packets_per_mmsg_call, absl::FixedArray(slices[0].size())); absl::FixedArray raw_addresses(num_packets_per_mmsg_call); absl::FixedArray> cbufs(num_packets_per_mmsg_call, absl::FixedArray(cmsg_space_)); for (uint32_t i = 0; i < num_packets_per_mmsg_call; ++i) { memset(&raw_addresses[i], 0, sizeof(sockaddr_storage)); memset(cbufs[i].data(), 0, cbufs[i].size()); mmsg_hdr[i].msg_len = 0; msghdr* hdr = &mmsg_hdr[i].msg_hdr; hdr->msg_name = &raw_addresses[i]; hdr->msg_namelen = sizeof(sockaddr_storage); ASSERT(!slices[i].empty()); for (size_t j = 0; j < slices[i].size(); ++j) { iovs[i][j].iov_base = slices[i][j].mem_; iovs[i][j].iov_len = slices[i][j].len_; } hdr->msg_iov = iovs[i].data(); hdr->msg_iovlen = slices[i].size(); hdr->msg_control = cbufs[i].data(); hdr->msg_controllen = cbufs[i].size(); } // Set MSG_WAITFORONE so that recvmmsg will not waiting for // |num_packets_per_mmsg_call| packets to arrive before returning when the // socket is a blocking socket. const Api::SysCallIntResult result = Api::OsSysCallsSingleton::get().recvmmsg( fd_, mmsg_hdr.data(), num_packets_per_mmsg_call, MSG_TRUNC | MSG_WAITFORONE, nullptr); if (result.rc_ <= 0) { return sysCallResultToIoCallResult(result); } int num_packets_read = result.rc_; for (int i = 0; i < num_packets_read; ++i) { if (mmsg_hdr[i].msg_len == 0) { continue; } msghdr& hdr = mmsg_hdr[i].msg_hdr; RELEASE_ASSERT((hdr.msg_flags & MSG_CTRUNC) == 0, fmt::format("Incorrectly set control message length: {}", hdr.msg_controllen)); RELEASE_ASSERT(hdr.msg_namelen > 0, fmt::format("Unable to get remote address from recvmmsg() for fd: {}", fd_)); if ((hdr.msg_flags & MSG_TRUNC) != 0) { ENVOY_LOG_MISC(warn, "Dropping truncated UDP packet with size: {}.", mmsg_hdr[i].msg_len); continue; } output.msg_[i].msg_len_ = mmsg_hdr[i].msg_len; // Get local and peer addresses for each packet. output.msg_[i].peer_address_ = getAddressFromSockAddrOrDie(raw_addresses[i], hdr.msg_namelen, fd_); if (hdr.msg_controllen > 0) { struct cmsghdr* cmsg; for (cmsg = CMSG_FIRSTHDR(&hdr); cmsg != nullptr; cmsg = CMSG_NXTHDR(&hdr, cmsg)) { Address::InstanceConstSharedPtr addr = maybeGetDstAddressFromHeader(*cmsg, self_port, fd_); if (addr != nullptr) { // This is a IP packet info message. output.msg_[i].local_address_ = std::move(addr); break; } } } } // Get overflow from first packet header. if (output.dropped_packets_ != nullptr) { msghdr& hdr = mmsg_hdr[0].msg_hdr; if (hdr.msg_controllen > 0) { struct cmsghdr* cmsg; for (cmsg = CMSG_FIRSTHDR(&hdr); cmsg != nullptr; cmsg = CMSG_NXTHDR(&hdr, cmsg)) { absl::optional maybe_dropped = maybeGetPacketsDroppedFromHeader(*cmsg); if (maybe_dropped) { *output.dropped_packets_ = *maybe_dropped; } } } } return sysCallResultToIoCallResult(result); } Api::IoCallUint64Result IoSocketHandleImpl::recv(void* buffer, size_t length, int flags) { const Api::SysCallSizeResult result = Api::OsSysCallsSingleton::get().recv(fd_, buffer, length, flags); return sysCallResultToIoCallResult(result); } bool IoSocketHandleImpl::supportsMmsg() const { return Api::OsSysCallsSingleton::get().supportsMmsg(); } bool IoSocketHandleImpl::supportsUdpGro() const { return Api::OsSysCallsSingleton::get().supportsUdpGro(); } Api::SysCallIntResult IoSocketHandleImpl::bind(Address::InstanceConstSharedPtr address) { return Api::OsSysCallsSingleton::get().bind(fd_, address->sockAddr(), address->sockAddrLen()); } Api::SysCallIntResult IoSocketHandleImpl::listen(int backlog) { return Api::OsSysCallsSingleton::get().listen(fd_, backlog); } IoHandlePtr IoSocketHandleImpl::accept(struct sockaddr* addr, socklen_t* addrlen) { auto result = Api::OsSysCallsSingleton::get().accept(fd_, addr, addrlen); if (SOCKET_INVALID(result.rc_)) { return nullptr; } return std::make_unique(result.rc_, socket_v6only_, domain_); } Api::SysCallIntResult IoSocketHandleImpl::connect(Address::InstanceConstSharedPtr address) { return Api::OsSysCallsSingleton::get().connect(fd_, address->sockAddr(), address->sockAddrLen()); } Api::SysCallIntResult IoSocketHandleImpl::setOption(int level, int optname, const void* optval, socklen_t optlen) { return Api::OsSysCallsSingleton::get().setsockopt(fd_, level, optname, optval, optlen); } Api::SysCallIntResult IoSocketHandleImpl::getOption(int level, int optname, void* optval, socklen_t* optlen) { return Api::OsSysCallsSingleton::get().getsockopt(fd_, level, optname, optval, optlen); } Api::SysCallIntResult IoSocketHandleImpl::setBlocking(bool blocking) { return Api::OsSysCallsSingleton::get().setsocketblocking(fd_, blocking); } absl::optional IoSocketHandleImpl::domain() { return domain_; } Address::InstanceConstSharedPtr IoSocketHandleImpl::localAddress() { sockaddr_storage ss; socklen_t ss_len = sizeof(ss); auto& os_sys_calls = Api::OsSysCallsSingleton::get(); Api::SysCallIntResult result = os_sys_calls.getsockname(fd_, reinterpret_cast(&ss), &ss_len); if (result.rc_ != 0) { throw EnvoyException(fmt::format("getsockname failed for '{}': ({}) {}", fd_, result.errno_, errorDetails(result.errno_))); } return Address::addressFromSockAddr(ss, ss_len, socket_v6only_); } Address::InstanceConstSharedPtr IoSocketHandleImpl::peerAddress() { sockaddr_storage ss; socklen_t ss_len = sizeof ss; auto& os_sys_calls = Api::OsSysCallsSingleton::get(); Api::SysCallIntResult result = os_sys_calls.getpeername(fd_, reinterpret_cast(&ss), &ss_len); if (result.rc_ != 0) { throw EnvoyException( fmt::format("getpeername failed for '{}': {}", fd_, errorDetails(result.errno_))); } if (ss_len == udsAddressLength() && ss.ss_family == AF_UNIX) { // For Unix domain sockets, can't find out the peer name, but it should match our own // name for the socket (i.e. the path should match, barring any namespace or other // mechanisms to hide things, of which there are many). ss_len = sizeof ss; result = os_sys_calls.getsockname(fd_, reinterpret_cast(&ss), &ss_len); if (result.rc_ != 0) { throw EnvoyException( fmt::format("getsockname failed for '{}': {}", fd_, errorDetails(result.errno_))); } } return Address::addressFromSockAddr(ss, ss_len); } Event::FileEventPtr IoSocketHandleImpl::createFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, Event::FileTriggerType trigger, uint32_t events) { return dispatcher.createFileEvent(fd_, cb, trigger, events); } Api::SysCallIntResult IoSocketHandleImpl::shutdown(int how) { return Api::OsSysCallsSingleton::get().shutdown(fd_, how); } absl::optional IoSocketHandleImpl::lastRoundTripTime() { #ifdef TCP_INFO struct tcp_info ti; socklen_t len = sizeof(ti); if (!SOCKET_FAILURE( Api::OsSysCallsSingleton::get().getsockopt(fd_, IPPROTO_TCP, TCP_INFO, &ti, &len).rc_)) { return std::chrono::milliseconds(ti.tcpi_rtt); } #endif return {}; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/io_socket_handle_impl.h ================================================ #pragma once #include "envoy/api/io_error.h" #include "envoy/api/os_sys_calls.h" #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/network/io_handle.h" #include "common/common/logger.h" #include "common/network/io_socket_error_impl.h" namespace Envoy { namespace Network { /** * IoHandle derivative for sockets. */ class IoSocketHandleImpl : public IoHandle, protected Logger::Loggable { public: explicit IoSocketHandleImpl(os_fd_t fd = INVALID_SOCKET, bool socket_v6only = false, absl::optional domain = absl::nullopt) : fd_(fd), socket_v6only_(socket_v6only), domain_(domain) {} // Close underlying socket if close() hasn't been call yet. ~IoSocketHandleImpl() override; // TODO(sbelair2) To be removed when the fd is fully abstracted from clients. os_fd_t fdDoNotUse() const override { return fd_; } Api::IoCallUint64Result close() override; bool isOpen() const override; Api::IoCallUint64Result readv(uint64_t max_length, Buffer::RawSlice* slices, uint64_t num_slice) override; Api::IoCallUint64Result read(Buffer::Instance& buffer, uint64_t max_length) override; Api::IoCallUint64Result writev(const Buffer::RawSlice* slices, uint64_t num_slice) override; Api::IoCallUint64Result write(Buffer::Instance& buffer) override; Api::IoCallUint64Result sendmsg(const Buffer::RawSlice* slices, uint64_t num_slice, int flags, const Address::Ip* self_ip, const Address::Instance& peer_address) override; Api::IoCallUint64Result recvmsg(Buffer::RawSlice* slices, const uint64_t num_slice, uint32_t self_port, RecvMsgOutput& output) override; Api::IoCallUint64Result recvmmsg(RawSliceArrays& slices, uint32_t self_port, RecvMsgOutput& output) override; Api::IoCallUint64Result recv(void* buffer, size_t length, int flags) override; bool supportsMmsg() const override; bool supportsUdpGro() const override; Api::SysCallIntResult bind(Address::InstanceConstSharedPtr address) override; Api::SysCallIntResult listen(int backlog) override; IoHandlePtr accept(struct sockaddr* addr, socklen_t* addrlen) override; Api::SysCallIntResult connect(Address::InstanceConstSharedPtr address) override; Api::SysCallIntResult setOption(int level, int optname, const void* optval, socklen_t optlen) override; Api::SysCallIntResult getOption(int level, int optname, void* optval, socklen_t* optlen) override; Api::SysCallIntResult setBlocking(bool blocking) override; absl::optional domain() override; Address::InstanceConstSharedPtr localAddress() override; Address::InstanceConstSharedPtr peerAddress() override; Event::FileEventPtr createFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, Event::FileTriggerType trigger, uint32_t events) override; Api::SysCallIntResult shutdown(int how) override; absl::optional lastRoundTripTime() override; protected: // Converts a SysCallSizeResult to IoCallUint64Result. template Api::IoCallUint64Result sysCallResultToIoCallResult(const Api::SysCallResult& result) { if (result.rc_ >= 0) { // Return nullptr as IoError upon success. return Api::IoCallUint64Result(result.rc_, Api::IoErrorPtr(nullptr, IoSocketError::deleteIoError)); } RELEASE_ASSERT(result.errno_ != SOCKET_ERROR_INVAL, "Invalid argument passed in."); return Api::IoCallUint64Result( /*rc=*/0, (result.errno_ == SOCKET_ERROR_AGAIN // EAGAIN is frequent enough that its memory allocation should be avoided. ? Api::IoErrorPtr(IoSocketError::getIoSocketEagainInstance(), IoSocketError::deleteIoError) : Api::IoErrorPtr(new IoSocketError(result.errno_), IoSocketError::deleteIoError))); } os_fd_t fd_; int socket_v6only_{false}; const absl::optional domain_; // The minimum cmsg buffer size to filled in destination address, packets dropped and gso // size when receiving a packet. It is possible for a received packet to contain both IPv4 // and IPV6 addresses. const size_t cmsg_space_{CMSG_SPACE(sizeof(int)) + CMSG_SPACE(sizeof(struct in_pktinfo)) + CMSG_SPACE(sizeof(struct in6_pktinfo)) + CMSG_SPACE(sizeof(uint16_t))}; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/lc_trie.h ================================================ #pragma once #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/network/address.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/network/cidr_range.h" #include "common/network/utility.h" #include "absl/container/node_hash_set.h" #include "absl/numeric/int128.h" #include "fmt/format.h" namespace Envoy { namespace Network { namespace LcTrie { /** * Maximum number of nodes an LC trie can hold. * @note If the size of LcTrieInternal::LcNode::address_ ever changes, this constant * should be changed to match. */ constexpr size_t MaxLcTrieNodes = (1 << 20); /** * Level Compressed Trie for associating data with CIDR ranges. Both IPv4 and IPv6 addresses are * supported within this class with no calling pattern changes. * * The algorithm to build the LC-Trie is described in the paper 'IP-address lookup using LC-tries' * by 'S. Nilsson' and 'G. Karlsson'. The paper and reference C implementation can be found here: * https://www.nada.kth.se/~snilsson/publications/IP-address-lookup-using-LC-tries/ * * Refer to LcTrieInternal for implementation and algorithm details. */ template class LcTrie { public: /** * @param data supplies a vector of data and CIDR ranges. * @param exclusive if true then only data for the most specific subnet will be returned (i.e. data isn't inherited from wider ranges). * @param fill_factor supplies the fraction of completeness to use when calculating the branch * value for a sub-trie. * @param root_branching_factor supplies the branching factor at the root. * * TODO(ccaraman): Investigate if a non-zero root branching factor should be the default. The * paper suggests for large LC-Tries to use the value '16'. It reduces the depth of the trie. * However, there is no suggested values for smaller LC-Tries. With perf tests, it is possible to * get this data for smaller LC-Tries. Another option is to expose this in the configuration and * let consumers decide. */ LcTrie(const std::vector>>& data, bool exclusive = false, double fill_factor = 0.5, uint32_t root_branching_factor = 0) { // The LcTrie implementation uses 20-bit "pointers" in its compact internal representation, // so it cannot hold more than 2^20 nodes. But the number of nodes can be greater than the // number of supported prefixes. Given N prefixes in the data input list, step 2 below can // produce a new list of up to 2*N prefixes to insert in the LC trie. And the LC trie can // use up to 2*N/fill_factor nodes. size_t num_prefixes = 0; for (const auto& pair_data : data) { num_prefixes += pair_data.second.size(); } const size_t max_prefixes = MaxLcTrieNodes * fill_factor / 2; if (num_prefixes > max_prefixes) { ExceptionUtil::throwEnvoyException( fmt::format("The input vector has '{0}' CIDR range entries. LC-Trie " "can only support '{1}' CIDR ranges with the specified " "fill factor.", num_prefixes, max_prefixes)); } // Step 1: separate the provided prefixes by protocol (IPv4 vs IPv6), // and build a Binary Trie per protocol. // // For example, if the input prefixes are // A: 0.0.0.0/0 // B: 128.0.0.0/2 (10000000.0.0.0/2 in binary) // C: 192.0.0.0/2 (11000000.0.0.0/2) // the Binary Trie for IPv4 will look like this at the end of step 1: // +---+ // | A | // +---+ // \ 1 // +---+ // | | // +---+ // 0/ \1 // +---+ +---+ // | B | | C | // +---+ +---+ // // Note that the prefixes in this example are nested: any IPv4 address // that matches B or C will also match A. Unfortunately, the classic LC Trie // algorithm does not support nested prefixes. The next step will solve that // problem. BinaryTrie ipv4_temp(exclusive); BinaryTrie ipv6_temp(exclusive); for (const auto& pair_data : data) { for (const auto& cidr_range : pair_data.second) { if (cidr_range.ip()->version() == Address::IpVersion::v4) { IpPrefix ip_prefix(ntohl(cidr_range.ip()->ipv4()->address()), cidr_range.length(), pair_data.first); ipv4_temp.insert(ip_prefix); } else { IpPrefix ip_prefix(Utility::Ip6ntohl(cidr_range.ip()->ipv6()->address()), cidr_range.length(), pair_data.first); ipv6_temp.insert(ip_prefix); } } } // Step 2: push each Binary Trie's prefixes to its leaves. // // Continuing the previous example, the Binary Trie will look like this // at the end of step 2: // +---+ // | | // +---+ // 0/ \ 1 // +---+ +---+ // | A | | | // +---+ +---+ // 0/ \1 // +---+ +---+ // |A,B| |A,C| // +---+ +---+ // // This trie yields the same match results as the original trie from // step 1. But it has a useful new property: now that all the prefixes // are at the leaves, they are disjoint: no prefix is nested under another. std::vector> ipv4_prefixes = ipv4_temp.push_leaves(); std::vector> ipv6_prefixes = ipv6_temp.push_leaves(); // Step 3: take the disjoint prefixes from the leaves of each Binary Trie // and use them to construct an LC Trie. // // Example inputs (from the leaves of the Binary Trie at the end of step 2) // A: 0.0.0.0/1 // A,B: 128.0.0.0/2 // A,C: 192.0.0.0/2 // // The LC Trie generated from these inputs with fill_factor=0.5 and root_branching_factor=0 // will be: // // +---------------------------+ // | branch_factor=2, skip = 0 | // +---------------------------+ // 00/ 01| |10 \11 // +---+ +---+ +---+ +---+ // | A | | A | |A,B| |A,C| // +---+ +---+ +---+ +---+ // // Or, in the internal vector form that the LcTrie class uses for memory-efficiency, // # | branch | skip | first_child | data | note // ---+--------+------+-------------+------+-------------------------------------------------- // 0 | 2 | 0 | 1 | - | (1 << branch) == 4 children, starting at offset 1 // 1 | - | 0 | - | A | 1st child of node 0, reached if next bits are 00 // 2 | - | 0 | - | A | . // 3 | - | 0 | - | A,B | . // 4 | - | 0 | - | A,C | 4th child of node 0, reached if next bits are 11 // // The Nilsson and Karlsson paper linked in lc_trie.h has a more thorough example. ipv4_trie_.reset(new LcTrieInternal(ipv4_prefixes, fill_factor, root_branching_factor)); ipv6_trie_.reset(new LcTrieInternal(ipv6_prefixes, fill_factor, root_branching_factor)); } /** * Retrieve data associated with the CIDR range that contains `ip_address`. Both IPv4 and IPv6 * addresses are supported. * @param ip_address supplies the IP address. * @return a vector of data from the CIDR ranges and IP addresses that contains 'ip_address'. An * empty vector is returned if no prefix contains 'ip_address' or there is no data for the IP * version of the ip_address. */ std::vector getData(const Network::Address::InstanceConstSharedPtr& ip_address) const { if (ip_address->ip()->version() == Address::IpVersion::v4) { Ipv4 ip = ntohl(ip_address->ip()->ipv4()->address()); return ipv4_trie_->getData(ip); } else { Ipv6 ip = Utility::Ip6ntohl(ip_address->ip()->ipv6()->address()); return ipv6_trie_->getData(ip); } } private: /** * Extract n bits from input starting at position p. * @param p supplies the position. * @param n supplies the number of bits to extract. * @param input supplies the IP address to extract bits from. The IP address is stored in host * byte order. * @return extracted bits in the format of IpType. */ template static IpType extractBits(uint32_t p, uint32_t n, IpType input) { // The IP's are stored in host byte order. // By shifting the value to the left by p bits(and back), the bits between 0 and p-1 are // zero'd out. Then to get the n bits, shift the IP back by the address_size minus the number // of desired bits. if (n == 0) { return IpType(0); } return input << p >> (address_size - n); } /** * Removes n bits from input starting at 0. * @param n supplies the number of bits to remove. * @param input supplies the IP address to remove bits from. The IP address is stored in host * byte order. * @return input with 0 through n-1 bits cleared. */ template static IpType removeBits(uint32_t n, IpType input) { // The IP's are stored in host byte order. // By shifting the value to the left by n bits and back, the bits between 0 and n-1 // (inclusively) are zero'd out. return input << n >> n; } // IP addresses are stored in host byte order to simplify using Ipv4 = uint32_t; using Ipv6 = absl::uint128; using DataSet = absl::node_hash_set; using DataSetSharedPtr = std::shared_ptr; /** * Structure to hold a CIDR range and the data associated with it. */ template struct IpPrefix { IpPrefix() = default; IpPrefix(const IpType& ip, uint32_t length, const T& data) : ip_(ip), length_(length) { data_.insert(data); } IpPrefix(const IpType& ip, int length, const DataSet& data) : ip_(ip), length_(length), data_(data) {} /** * @return -1 if the current object is less than other. 0 if they are the same. 1 * if other is smaller than the current object. */ int compare(const IpPrefix& other) const { { if (ip_ < other.ip_) { return -1; } else if (ip_ > other.ip_) { return 1; } else if (length_ < other.length_) { return -1; } else if (length_ > other.length_) { return 1; } else { return 0; } } } bool operator<(const IpPrefix& other) const { return (this->compare(other) == -1); } bool operator!=(const IpPrefix& other) const { return (this->compare(other) != 0); } /** * @return true if other is a prefix of this. */ bool isPrefix(const IpPrefix& other) { return (length_ == 0 || (length_ <= other.length_ && contains(other.ip_))); } /** * @param address supplies an IP address to check against this prefix. * @return bool true if this prefix contains the address. */ bool contains(const IpType& address) const { return (extractBits(0, length_, ip_) == extractBits(0, length_, address)); } std::string asString() { return fmt::format("{}/{}", toString(ip_), length_); } // The address represented either in Ipv4(uint32_t) or Ipv6(absl::uint128). IpType ip_{0}; // Length of the cidr range. uint32_t length_{0}; // Data for this entry. DataSet data_; }; /** * Binary trie used to simplify the construction of Level Compressed Tries. * This data type supports two operations: * 1. Add a prefix to the trie. * 2. Push the prefixes to the leaves of the trie. * That second operation produces a new set of prefixes that yield the same * match results as the original set of prefixes from which the BinaryTrie * was constructed, but with an important difference: the new prefixes are * guaranteed not to be nested within each other. That allows the use of the * classic LC Trie construction algorithm, which is fast and (relatively) * simple but does not work properly with nested prefixes. */ template class BinaryTrie { public: BinaryTrie(bool exclusive) : root_(std::make_unique()), exclusive_(exclusive) {} /** * Add a CIDR prefix and associated data to the binary trie. If an entry already * exists for the prefix, merge the data into the existing entry. */ void insert(const IpPrefix& prefix) { Node* node = root_.get(); for (uint32_t i = 0; i < prefix.length_; i++) { auto bit = static_cast(extractBits(i, 1, prefix.ip_)); NodePtr& next_node = node->children[bit]; if (next_node == nullptr) { next_node = std::make_unique(); } node = next_node.get(); } if (node->data == nullptr) { node->data = std::make_shared(); } node->data->insert(prefix.data_.begin(), prefix.data_.end()); } /** * Update each node in the trie to inherit/override its ancestors' data, * and then push the prefixes in the binary trie to the leaves so that: * 1) each leaf contains a prefix, and * 2) given the set of prefixes now located at the leaves, a useful * new property applies: no prefix in that set is nested under any * other prefix in the set (since, by definition, no leaf of the * trie can be nested under another leaf) * @return the prefixes associated with the leaf nodes. */ std::vector> push_leaves() { std::vector> prefixes; std::function visit = [&](Node* node, DataSetSharedPtr data, unsigned depth, IpType prefix) { // Inherit any data set by ancestor nodes. if (data != nullptr) { if (node->data == nullptr) { node->data = data; } else if (!exclusive_) { node->data->insert(data->begin(), data->end()); } } // If a node has exactly one child, create a second child node // that inherits the union of all data set by any ancestor nodes. // This gives the trie an important new property: all the configured // prefixes end up at the leaves of the trie. As no leaf is nested // under another leaf (or one of them would not be a leaf!), the // leaves of the trie upon completion of this leaf-push operation // will form a set of disjoint prefixes (no nesting) that can be // used to build an LC trie. if (node->children[0] != nullptr && node->children[1] == nullptr) { node->children[1] = std::make_unique(); } else if (node->children[0] == nullptr && node->children[1] != nullptr) { node->children[0] = std::make_unique(); } if (node->children[0] != nullptr) { visit(node->children[0].get(), node->data, depth + 1, (prefix << 1) + IpType(0)); visit(node->children[1].get(), node->data, depth + 1, (prefix << 1) + IpType(1)); } else { if (node->data != nullptr) { // Compute the CIDR prefix from the path we've taken to get to this point in the // tree. IpType ip = prefix; if (depth != 0) { ip <<= (address_size - depth); } prefixes.emplace_back(IpPrefix(ip, depth, *node->data)); } } }; visit(root_.get(), nullptr, 0, IpType(0)); return prefixes; } private: struct Node { std::unique_ptr children[2]; DataSetSharedPtr data; }; using NodePtr = std::unique_ptr; NodePtr root_; bool exclusive_; }; /** * Level Compressed Trie (LC-Trie) that contains CIDR ranges and its corresponding data. * * The following is an implementation of the algorithm described in the paper * 'IP-address lookup using LC-tries' by'S. Nilsson' and 'G. Karlsson'. * * 'https://github.com/beevek/libkrb/blob/master/krb/lc_trie.hpp' and * 'http://www.csc.kth.se/~snilsson/software/router/C/' were used as reference during * implementation. * * Note: The trie can only support up 524288(2^19) prefixes with a fill_factor of 1 and * root_branching_factor not set. Refer to LcTrieInternal::build() method for more details. */ template class LcTrieInternal { public: /** * Construct a LC-Trie for IpType. * @param data supplies a vector of data and CIDR ranges (in IpPrefix format). * @param fill_factor supplies the fraction of completeness to use when calculating the branch * value for a sub-trie. * @param root_branching_factor supplies the branching factor at the root. The paper suggests * for large LC-Tries to use the value '16' for the root * branching factor. It reduces the depth of the trie. */ LcTrieInternal(std::vector>& data, double fill_factor, uint32_t root_branching_factor); /** * Retrieve the data associated with the CIDR range that contains `ip_address`. * @param ip_address supplies the IP address in host byte order. * @return a vector of data from the CIDR ranges and IP addresses that encompasses the input. * An empty vector is returned if the LC Trie is empty. */ std::vector getData(const IpType& ip_address) const; private: /** * Builds the Level Compressed Trie, by first sorting the data, removing duplicated * prefixes and invoking buildRecursive() to build the trie. */ void build(std::vector>& data) { if (data.empty()) { return; } ip_prefixes_ = data; std::sort(ip_prefixes_.begin(), ip_prefixes_.end()); // Build the trie_. trie_.reserve(static_cast(ip_prefixes_.size() / fill_factor_)); uint32_t next_free_index = 1; buildRecursive(0u, 0u, ip_prefixes_.size(), 0u, next_free_index); // The value of next_free_index is the final size of the trie_. ASSERT(next_free_index <= trie_.size()); trie_.resize(next_free_index); trie_.shrink_to_fit(); } // Thin wrapper around computeBranch output to facilitate code readability. struct ComputePair { ComputePair(int branch, int prefix) : branch_(branch), prefix_(prefix) {} uint32_t branch_; // The total number of bits that have the same prefix for subset of ip_prefixes_. uint32_t prefix_; }; /** * Compute the branch and skip values for the trie starting at position 'first' through * 'first+n-1' while disregarding the prefix. * @param prefix supplies the common prefix in the ip_prefixes_ array. * @param first supplies the index where computing the branch should begin with. * @param n supplies the number of nodes to use while computing the branch. * @return pair of integers for the branching factor and the skip. */ ComputePair computeBranchAndSkip(uint32_t prefix, uint32_t first, uint32_t n) const { ComputePair compute(0, 0); // Compute the new prefix for the range between ip_prefixes_[first] and // ip_prefixes_[first + n - 1]. IpType high = removeBits(prefix, ip_prefixes_[first].ip_); IpType low = removeBits(prefix, ip_prefixes_[first + n - 1].ip_); uint32_t index = prefix; // Find the index at which low and high diverge to get the skip. while (extractBits(index, 1, low) == extractBits(index, 1, high)) { ++index; } compute.prefix_ = index; // For 2 elements, use a branching factor of 2(2^1). if (n == 2) { compute.branch_ = 1; return compute; } // According to the original LC-Trie paper, a large branching factor(suggested value: 16) // at the root increases performance. if (root_branching_factor_ > 0 && prefix == 0 && first == 0) { compute.branch_ = root_branching_factor_; return compute; } // Compute the number of bits required for branching by checking all patterns in the set are // covered. Ex (b=2 {00, 01, 10, 11}; b=3 {000,001,010,011,100,101,110,111}, etc) uint32_t branch = 1; uint32_t count; do { ++branch; // Check if the current branch factor with the fill factor can contain all of the nodes // in the current range or if the current branching factor is larger than the // IP address_size. if (n < fill_factor_ * (1 << branch) || static_cast(compute.prefix_ + branch) > address_size) { break; } // Start by checking the bit patterns at ip_prefixes_[first] through // ip_prefixes_[first + n-1]. index = first; // Pattern to search for. uint32_t pattern = 0; // Number of patterns found while looping through the list. count = 0; // Search for all patterns(values) within 1<(1 << branch)) { bool pattern_found = false; // Keep on looping until either all nodes in the range have been visited or // an IP prefix doesn't match the pattern. while (index < first + n && static_cast(extractBits( compute.prefix_, branch, ip_prefixes_[index].ip_)) == pattern) { ++index; pattern_found = true; } if (pattern_found) { ++count; } ++pattern; } // Stop iterating once the size of the branch (with the fill factor ratio) // can no longer contain all of the prefixes within the current range of // ip_prefixes_[first] to ip_prefixes_[first+n-1]. } while (count >= fill_factor_ * (1 << branch)); // The branching factor is decremented because the algorithm requires the largest branching // factor that covers all(most when a fill factor is specified) of the CIDR ranges in the // current sub-trie. When the loops above exits, the branch factor value is // 1. greater than the address size with the prefix. // 2. greater than the number of entries. // 3. less than the total number of patterns seen in the range. // In all of the cases above, branch - 1 is guaranteed to cover all of CIDR // ranges in the sub-trie. compute.branch_ = branch - 1; return compute; } /** * Recursively build a trie for IP prefixes from position 'first' to 'first+n-1'. * @param prefix supplies the prefix to ignore when building the sub-trie. * @param first supplies the index into ip_prefixes_ for this sub-trie. * @param n supplies the number of entries for the sub-trie. * @param position supplies the root for this sub-trie. * @param next_free_index supplies the next available index in the trie_. */ void buildRecursive(uint32_t prefix, uint32_t first, uint32_t n, uint32_t position, uint32_t& next_free_index) { if (position >= trie_.size()) { // There is no way to predictably determine the number of trie nodes required to build a // LC-Trie. If while building the trie the position that is being set exceeds the maximum // number of supported trie_ entries, throw an Envoy Exception. if (position >= MaxLcTrieNodes) { // Adding 1 to the position to count how many nodes are trying to be set. ExceptionUtil::throwEnvoyException( fmt::format("The number of internal nodes required for the LC-Trie " "exceeded the maximum number of " "supported nodes. Minimum number of internal nodes required: " "'{0}'. Maximum number of supported nodes: '{1}'.", (position + 1), MaxLcTrieNodes)); } trie_.resize(position + 1); } // Setting a leaf, the branch and skip are 0. if (n == 1) { trie_[position].address_ = first; return; } ComputePair output = computeBranchAndSkip(prefix, first, n); uint32_t address = next_free_index; trie_[position].branch_ = output.branch_; // The skip value is the number of bits between the newly calculated prefix(output.prefix_) // and the previous prefix(prefix). trie_[position].skip_ = output.prefix_ - prefix; trie_[position].address_ = address; // The next available free index to populate in the trie_ is at next_free_index + // 2^(branching factor). next_free_index += 1 << output.branch_; uint32_t new_position = first; // Build the subtrees. for (uint32_t bit_pattern = 0; bit_pattern < static_cast(1 << output.branch_); ++bit_pattern) { // count is the number of entries in the ip_prefixes_ vector that have the same bit // pattern as the ip_prefixes_[new_position]. int count = 0; while (new_position + count < first + n && static_cast(extractBits( output.prefix_, output.branch_, ip_prefixes_[new_position + count].ip_)) == bit_pattern) { ++count; } // This logic was taken from // https://github.com/beevek/libkrb/blob/24a224d3ea840e2e7d2926e17d8849aefecc1101/krb/lc_trie.hpp#L396. // When there are no entries that match the current pattern, set a leaf at trie_[address + // bit_pattern]. if (count == 0) { // This case is hit when the last CIDR range(ip_prefixes_[first+n-1]) is being inserted // into the trie_. new_position is decremented by one because the count added to // new_position at line 445 are the number of entries already visited. if (new_position == first + n) { buildRecursive(output.prefix_ + output.branch_, new_position - 1, 1, address + bit_pattern, next_free_index); } else { buildRecursive(output.prefix_ + output.branch_, new_position, 1, address + bit_pattern, next_free_index); } } else if (count == 1 && ip_prefixes_[new_position].length_ - output.prefix_ < output.branch_) { // All Ip address that have the prefix of `bit_pattern` will map to the only CIDR range // with the bit_pattern as a prefix. uint32_t bits = output.branch_ + output.prefix_ - ip_prefixes_[new_position].length_; for (uint32_t i = bit_pattern; i < bit_pattern + (1 << bits); ++i) { buildRecursive(output.prefix_ + output.branch_, new_position, 1, address + i, next_free_index); } // Update the bit_pattern to skip over the trie_ entries initialized above. bit_pattern += (1 << bits) - 1; } else { // Recursively build sub-tries for ip_prefixes_[new_position] to // ip_prefixes_[new_position+count-1]. buildRecursive(output.prefix_ + output.branch_, new_position, count, address + bit_pattern, next_free_index); } new_position += count; } } /** * LcNode is a uint32_t. A wrapper is provided to simplify getting/setting the branch, the * skip and the address values held within the structure. * * The LcNode has three parts to it * - Branch: the first 5 bits represent the branching factor. The branching factor is used to * determine the number of descendants for the current node. The number represents a power of * 2, so there can be at most 2^31 descendant nodes. * - Skip: the next 7 bits represent the number of bits to skip when looking at an IP address. * This value can be between 0 and 127, so IPv6 is supported. * - Address: the remaining 20 bits represent an index either into the trie_ or the * ip_prefixes_. If branch_ != 0, the index is for the trie_. If branch == zero, the index is * for the ip_prefixes_. * * Note: If more than 2^19-1 CIDR ranges are to be stored in trie_, uint64_t should be used * instead. */ struct LcNode { uint32_t branch_ : 5; uint32_t skip_ : 7; uint32_t address_ : 20; // If this 20-bit size changes, please change MaxLcTrieNodes too. }; // The CIDR range and data needs to be maintained separately from the LC-Trie. A LC-Trie skips // chunks of data while searching for a match. This means that the node found in the LC-Trie // is not guaranteed to have the IP address in range. The last step prior to returning // associated data is to check the CIDR range pointed to by the node in the LC-Trie has // the IP address in range. std::vector> ip_prefixes_; // Main trie search structure. std::vector trie_; const double fill_factor_; const uint32_t root_branching_factor_; }; std::unique_ptr> ipv4_trie_; std::unique_ptr> ipv6_trie_; }; template template LcTrie::LcTrieInternal::LcTrieInternal(std::vector>& data, double fill_factor, uint32_t root_branching_factor) : fill_factor_(fill_factor), root_branching_factor_(root_branching_factor) { build(data); } template template std::vector LcTrie::LcTrieInternal::getData(const IpType& ip_address) const { std::vector return_vector; if (trie_.empty()) { return return_vector; } LcNode node = trie_[0]; uint32_t branch = node.branch_; uint32_t position = node.skip_; uint32_t address = node.address_; // branch == 0 is a leaf node. while (branch != 0) { // branch is at most 2^5-1= 31 bits to extract, so we can safely cast the // output of extractBits to uint32_t without any data loss. node = trie_[address + static_cast( extractBits(position, branch, ip_address))]; position += branch + node.skip_; branch = node.branch_; address = node.address_; } // The path taken through the trie to match the ip_address may have contained skips, // so it is necessary to check whether the matched prefix really contains the // ip_address. const auto& prefix = ip_prefixes_[address]; if (prefix.contains(ip_address)) { return std::vector(prefix.data_.begin(), prefix.data_.end()); } return std::vector(); } } // namespace LcTrie } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/listen_socket_impl.cc ================================================ #include "common/network/listen_socket_impl.h" #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/network/utility.h" namespace Envoy { namespace Network { Api::SysCallIntResult ListenSocketImpl::bind(Network::Address::InstanceConstSharedPtr address) { local_address_ = address; const Api::SysCallIntResult result = SocketImpl::bind(local_address_); if (SOCKET_FAILURE(result.rc_)) { close(); throw SocketBindException(fmt::format("cannot bind '{}': {}", local_address_->asString(), errorDetails(result.errno_)), result.errno_); } return {0, 0}; } void ListenSocketImpl::setListenSocketOptions(const Network::Socket::OptionsSharedPtr& options) { if (!Network::Socket::applyOptions(options, *this, envoy::config::core::v3::SocketOption::STATE_PREBIND)) { throw CreateListenerException("ListenSocket: Setting socket options failed"); } } void ListenSocketImpl::setupSocket(const Network::Socket::OptionsSharedPtr& options, bool bind_to_port) { setListenSocketOptions(options); if (bind_to_port) { bind(local_address_); } } template <> void NetworkListenSocket>::setPrebindSocketOptions() { // On Windows, SO_REUSEADDR does not restrict subsequent bind calls when there is a listener as on // Linux and later BSD socket stacks #ifndef WIN32 int on = 1; auto status = setSocketOption(SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); RELEASE_ASSERT(status.rc_ != -1, "failed to set SO_REUSEADDR socket option"); #endif } template <> void NetworkListenSocket>::setPrebindSocketOptions() {} UdsListenSocket::UdsListenSocket(const Address::InstanceConstSharedPtr& address) : ListenSocketImpl(ioHandleForAddr(Socket::Type::Stream, address), address) { RELEASE_ASSERT(io_handle_->isOpen(), ""); bind(local_address_); } UdsListenSocket::UdsListenSocket(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& address) : ListenSocketImpl(std::move(io_handle), address) {} std::atomic AcceptedSocketImpl::global_accepted_socket_count_; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/listen_socket_impl.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "envoy/network/connection.h" #include "envoy/network/listen_socket.h" #include "envoy/network/socket.h" #include "envoy/network/socket_interface.h" #include "common/common/assert.h" #include "common/network/socket_impl.h" namespace Envoy { namespace Network { class ListenSocketImpl : public SocketImpl { protected: ListenSocketImpl(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& local_address) : SocketImpl(std::move(io_handle), local_address) {} void setupSocket(const Network::Socket::OptionsSharedPtr& options, bool bind_to_port); void setListenSocketOptions(const Network::Socket::OptionsSharedPtr& options); Api::SysCallIntResult bind(Network::Address::InstanceConstSharedPtr address) override; }; /** * Wraps a unix socket. */ template struct NetworkSocketTrait {}; template <> struct NetworkSocketTrait { static constexpr Socket::Type type = Socket::Type::Stream; }; template <> struct NetworkSocketTrait { static constexpr Socket::Type type = Socket::Type::Datagram; }; template class NetworkListenSocket : public ListenSocketImpl { public: NetworkListenSocket(const Address::InstanceConstSharedPtr& address, const Network::Socket::OptionsSharedPtr& options, bool bind_to_port) : ListenSocketImpl(Network::ioHandleForAddr(T::type, address), address) { RELEASE_ASSERT(io_handle_->isOpen(), ""); setPrebindSocketOptions(); setupSocket(options, bind_to_port); } NetworkListenSocket(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& address, const Network::Socket::OptionsSharedPtr& options) : ListenSocketImpl(std::move(io_handle), address) { setListenSocketOptions(options); } Socket::Type socketType() const override { return T::type; } protected: void setPrebindSocketOptions(); }; using TcpListenSocket = NetworkListenSocket>; using TcpListenSocketPtr = std::unique_ptr; using UdpListenSocket = NetworkListenSocket>; using UdpListenSocketPtr = std::unique_ptr; class UdsListenSocket : public ListenSocketImpl { public: UdsListenSocket(const Address::InstanceConstSharedPtr& address); UdsListenSocket(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& address); Socket::Type socketType() const override { return Socket::Type::Stream; } }; class ConnectionSocketImpl : public SocketImpl, public ConnectionSocket { public: ConnectionSocketImpl(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& local_address, const Address::InstanceConstSharedPtr& remote_address) : SocketImpl(std::move(io_handle), local_address), remote_address_(remote_address), direct_remote_address_(remote_address) {} ConnectionSocketImpl(Socket::Type type, const Address::InstanceConstSharedPtr& local_address, const Address::InstanceConstSharedPtr& remote_address) : SocketImpl(type, local_address), remote_address_(remote_address), direct_remote_address_(remote_address) { setLocalAddress(local_address); } // Network::Socket Socket::Type socketType() const override { return Socket::Type::Stream; } // Network::ConnectionSocket const Address::InstanceConstSharedPtr& remoteAddress() const override { return remote_address_; } const Address::InstanceConstSharedPtr& directRemoteAddress() const override { return direct_remote_address_; } void restoreLocalAddress(const Address::InstanceConstSharedPtr& local_address) override { setLocalAddress(local_address); local_address_restored_ = true; } void setRemoteAddress(const Address::InstanceConstSharedPtr& remote_address) override { remote_address_ = remote_address; } bool localAddressRestored() const override { return local_address_restored_; } void setDetectedTransportProtocol(absl::string_view protocol) override { transport_protocol_ = std::string(protocol); } absl::string_view detectedTransportProtocol() const override { return transport_protocol_; } void setRequestedApplicationProtocols(const std::vector& protocols) override { application_protocols_.clear(); for (const auto& protocol : protocols) { application_protocols_.emplace_back(protocol); } } const std::vector& requestedApplicationProtocols() const override { return application_protocols_; } void setRequestedServerName(absl::string_view server_name) override { server_name_ = std::string(server_name); } absl::string_view requestedServerName() const override { return server_name_; } absl::optional lastRoundTripTime() override { return ioHandle().lastRoundTripTime(); } protected: Address::InstanceConstSharedPtr remote_address_; const Address::InstanceConstSharedPtr direct_remote_address_; bool local_address_restored_{false}; std::string transport_protocol_; std::vector application_protocols_; std::string server_name_; }; // ConnectionSocket used with server connections. class AcceptedSocketImpl : public ConnectionSocketImpl { public: AcceptedSocketImpl(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& local_address, const Address::InstanceConstSharedPtr& remote_address) : ConnectionSocketImpl(std::move(io_handle), local_address, remote_address) { ++global_accepted_socket_count_; } ~AcceptedSocketImpl() override { ASSERT(global_accepted_socket_count_.load() > 0); --global_accepted_socket_count_; } // TODO (tonya11en): Global connection count tracking is temporarily performed via a static // variable until the logic is moved into the overload manager. static uint64_t acceptedSocketCount() { return global_accepted_socket_count_.load(); } private: static std::atomic global_accepted_socket_count_; }; // ConnectionSocket used with client connections. class ClientSocketImpl : public ConnectionSocketImpl { public: ClientSocketImpl(const Address::InstanceConstSharedPtr& remote_address, const OptionsSharedPtr& options) : ConnectionSocketImpl(Network::ioHandleForAddr(Socket::Type::Stream, remote_address), nullptr, remote_address) { if (options) { addOptions(options); } } }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/proxy_protocol_filter_state.cc ================================================ #include "common/network/proxy_protocol_filter_state.h" #include "common/common/macros.h" namespace Envoy { namespace Network { const std::string& ProxyProtocolFilterState::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.network.proxy_protocol_options"); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/proxy_protocol_filter_state.h ================================================ #pragma once #include "envoy/network/proxy_protocol.h" #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace Network { /** * PROXY protocol info to be used in connections. */ class ProxyProtocolFilterState : public StreamInfo::FilterState::Object { public: ProxyProtocolFilterState(Network::ProxyProtocolData options) : options_(options) {} const Network::ProxyProtocolData& value() const { return options_; } static const std::string& key(); private: const Network::ProxyProtocolData options_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/raw_buffer_socket.cc ================================================ #include "common/network/raw_buffer_socket.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/http/headers.h" namespace Envoy { namespace Network { void RawBufferSocket::setTransportSocketCallbacks(TransportSocketCallbacks& callbacks) { ASSERT(!callbacks_); callbacks_ = &callbacks; } IoResult RawBufferSocket::doRead(Buffer::Instance& buffer) { PostIoAction action = PostIoAction::KeepOpen; uint64_t bytes_read = 0; bool end_stream = false; do { // 16K read is arbitrary. TODO(mattklein123) PERF: Tune the read size. Api::IoCallUint64Result result = callbacks_->ioHandle().read(buffer, 16384); if (result.ok()) { ENVOY_CONN_LOG(trace, "read returns: {}", callbacks_->connection(), result.rc_); if (result.rc_ == 0) { // Remote close. end_stream = true; break; } bytes_read += result.rc_; if (callbacks_->shouldDrainReadBuffer()) { callbacks_->setReadBufferReady(); break; } } else { // Remote error (might be no data). ENVOY_CONN_LOG(trace, "read error: {}", callbacks_->connection(), result.err_->getErrorDetails()); if (result.err_->getErrorCode() != Api::IoError::IoErrorCode::Again) { action = PostIoAction::Close; } break; } } while (true); return {action, bytes_read, end_stream}; } IoResult RawBufferSocket::doWrite(Buffer::Instance& buffer, bool end_stream) { PostIoAction action; uint64_t bytes_written = 0; ASSERT(!shutdown_ || buffer.length() == 0); do { if (buffer.length() == 0) { if (end_stream && !shutdown_) { // Ignore the result. This can only fail if the connection failed. In that case, the // error will be detected on the next read, and dealt with appropriately. callbacks_->ioHandle().shutdown(ENVOY_SHUT_WR); shutdown_ = true; } action = PostIoAction::KeepOpen; break; } Api::IoCallUint64Result result = callbacks_->ioHandle().write(buffer); if (result.ok()) { ENVOY_CONN_LOG(trace, "write returns: {}", callbacks_->connection(), result.rc_); bytes_written += result.rc_; } else { ENVOY_CONN_LOG(trace, "write error: {}", callbacks_->connection(), result.err_->getErrorDetails()); if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { action = PostIoAction::KeepOpen; } else { action = PostIoAction::Close; } break; } } while (true); return {action, bytes_written, false}; } std::string RawBufferSocket::protocol() const { return EMPTY_STRING; } absl::string_view RawBufferSocket::failureReason() const { return EMPTY_STRING; } void RawBufferSocket::onConnected() { callbacks_->raiseEvent(ConnectionEvent::Connected); } TransportSocketPtr RawBufferSocketFactory::createTransportSocket(TransportSocketOptionsSharedPtr) const { return std::make_unique(); } bool RawBufferSocketFactory::implementsSecureTransport() const { return false; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/raw_buffer_socket.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "common/common/logger.h" namespace Envoy { namespace Network { class RawBufferSocket : public TransportSocket, protected Logger::Loggable { public: // Network::TransportSocket void setTransportSocketCallbacks(TransportSocketCallbacks& callbacks) override; std::string protocol() const override; absl::string_view failureReason() const override; bool canFlushClose() override { return true; } void closeSocket(Network::ConnectionEvent) override {} void onConnected() override; IoResult doRead(Buffer::Instance& buffer) override; IoResult doWrite(Buffer::Instance& buffer, bool end_stream) override; Ssl::ConnectionInfoConstSharedPtr ssl() const override { return nullptr; } private: TransportSocketCallbacks* callbacks_{}; bool shutdown_{}; }; class RawBufferSocketFactory : public TransportSocketFactory { public: // Network::TransportSocketFactory TransportSocketPtr createTransportSocket(TransportSocketOptionsSharedPtr options) const override; bool implementsSecureTransport() const override; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/resolver_impl.cc ================================================ #include "common/network/resolver_impl.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/address.h" #include "envoy/network/resolver.h" #include "envoy/registry/registry.h" #include "common/config/well_known_names.h" #include "common/network/address_impl.h" #include "common/network/utility.h" namespace Envoy { namespace Network { namespace Address { /** * Implementation of a resolver for IP addresses. */ class IpResolver : public Resolver { public: InstanceConstSharedPtr resolve(const envoy::config::core::v3::SocketAddress& socket_address) override { switch (socket_address.port_specifier_case()) { case envoy::config::core::v3::SocketAddress::PortSpecifierCase::kPortValue: // Default to port 0 if no port value is specified. case envoy::config::core::v3::SocketAddress::PortSpecifierCase::PORT_SPECIFIER_NOT_SET: return Network::Utility::parseInternetAddress( socket_address.address(), socket_address.port_value(), !socket_address.ipv4_compat()); default: throw EnvoyException(fmt::format("IP resolver can't handle port specifier type {}", socket_address.port_specifier_case())); } } std::string name() const override { return Config::AddressResolverNames::get().IP; } }; /** * Static registration for the IP resolver. @see RegisterFactory. */ REGISTER_FACTORY(IpResolver, Resolver); InstanceConstSharedPtr resolveProtoAddress(const envoy::config::core::v3::Address& address) { switch (address.address_case()) { case envoy::config::core::v3::Address::AddressCase::kSocketAddress: return resolveProtoSocketAddress(address.socket_address()); case envoy::config::core::v3::Address::AddressCase::kPipe: return std::make_shared(address.pipe().path()); case envoy::config::core::v3::Address::AddressCase::kEnvoyInternalAddress: switch (address.envoy_internal_address().address_name_specifier_case()) { case envoy::config::core::v3::EnvoyInternalAddress::AddressNameSpecifierCase:: kServerListenerName: return std::make_shared( address.envoy_internal_address().server_listener_name()); default: NOT_REACHED_GCOVR_EXCL_LINE; } default: throw EnvoyException("Address must be set: " + address.DebugString()); } } InstanceConstSharedPtr resolveProtoSocketAddress(const envoy::config::core::v3::SocketAddress& socket_address) { Resolver* resolver = nullptr; const std::string& resolver_name = socket_address.resolver_name(); if (resolver_name.empty()) { resolver = Registry::FactoryRegistry::getFactory(Config::AddressResolverNames::get().IP); } else { resolver = Registry::FactoryRegistry::getFactory(resolver_name); } if (resolver == nullptr) { throw EnvoyException(fmt::format("Unknown address resolver: {}", resolver_name)); } return resolver->resolve(socket_address); } } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/resolver_impl.h ================================================ #pragma once #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/address.h" #include "envoy/network/connection.h" #include "envoy/network/resolver.h" #include "common/network/address_impl.h" namespace Envoy { namespace Network { namespace Address { /** * Create an Instance from a envoy::config::core::v3::Address. * @param address supplies the address proto to resolve. * @return pointer to the Instance. */ Address::InstanceConstSharedPtr resolveProtoAddress(const envoy::config::core::v3::Address& address); /** * Create an Instance from a envoy::config::core::v3::SocketAddress. * @param address supplies the socket address proto to resolve. * @return pointer to the Instance. */ Address::InstanceConstSharedPtr resolveProtoSocketAddress(const envoy::config::core::v3::SocketAddress& address); } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_impl.cc ================================================ #include "common/network/socket_impl.h" #include "envoy/common/exception.h" #include "envoy/network/socket_interface.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/utility.h" namespace Envoy { namespace Network { SocketImpl::SocketImpl(Socket::Type sock_type, const Address::InstanceConstSharedPtr addr) : io_handle_(ioHandleForAddr(sock_type, addr)), sock_type_(sock_type), addr_type_(addr->type()) {} SocketImpl::SocketImpl(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& local_address) : io_handle_(std::move(io_handle)), local_address_(local_address) { if (local_address_ != nullptr) { addr_type_ = local_address_->type(); return; } // Should not happen but some tests inject -1 fds if (!io_handle_->isOpen()) { return; } auto domain = io_handle_->domain(); // This should never happen in practice but too many tests inject fake fds ... if (!domain.has_value()) { return; } addr_type_ = *domain == AF_UNIX ? Address::Type::Pipe : Address::Type::Ip; } Api::SysCallIntResult SocketImpl::bind(Network::Address::InstanceConstSharedPtr address) { Api::SysCallIntResult bind_result; if (address->type() == Address::Type::Pipe) { const Address::Pipe* pipe = address->pipe(); const auto* pipe_sa = reinterpret_cast(address->sockAddr()); bool abstract_namespace = address->pipe()->abstractNamespace(); if (!abstract_namespace) { // Try to unlink an existing filesystem object at the requested path. Ignore // errors -- it's fine if the path doesn't exist, and if it exists but can't // be unlinked then `::bind()` will generate a reasonable errno. unlink(pipe_sa->sun_path); } // Not storing a reference to syscalls singleton because of unit test mocks bind_result = io_handle_->bind(address); if (pipe->mode() != 0 && !abstract_namespace && bind_result.rc_ == 0) { auto set_permissions = Api::OsSysCallsSingleton::get().chmod(pipe_sa->sun_path, pipe->mode()); if (set_permissions.rc_ != 0) { throw EnvoyException(fmt::format("Failed to create socket with mode {}: {}", std::to_string(pipe->mode()), errorDetails(set_permissions.errno_))); } } return bind_result; } bind_result = io_handle_->bind(address); if (bind_result.rc_ == 0 && address->ip()->port() == 0) { local_address_ = io_handle_->localAddress(); } return bind_result; } Api::SysCallIntResult SocketImpl::listen(int backlog) { return io_handle_->listen(backlog); } Api::SysCallIntResult SocketImpl::connect(const Network::Address::InstanceConstSharedPtr address) { auto result = io_handle_->connect(address); if (address->type() == Address::Type::Ip) { local_address_ = io_handle_->localAddress(); } return result; } Api::SysCallIntResult SocketImpl::setSocketOption(int level, int optname, const void* optval, socklen_t optlen) { return io_handle_->setOption(level, optname, optval, optlen); } Api::SysCallIntResult SocketImpl::getSocketOption(int level, int optname, void* optval, socklen_t* optlen) const { return io_handle_->getOption(level, optname, optval, optlen); } Api::SysCallIntResult SocketImpl::setBlockingForTest(bool blocking) { return io_handle_->setBlocking(blocking); } absl::optional SocketImpl::ipVersion() const { if (addr_type_ == Address::Type::Ip) { // Always hit after socket is initialized, i.e., accepted or connected if (local_address_ != nullptr) { return local_address_->ip()->version(); } else { auto domain = io_handle_->domain(); if (!domain.has_value()) { return absl::nullopt; } if (*domain == AF_INET) { return Address::IpVersion::v4; } else if (*domain == AF_INET6) { return Address::IpVersion::v6; } else { return absl::nullopt; } } } return absl::nullopt; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_impl.h ================================================ #pragma once #include "envoy/network/socket.h" #include "common/common/assert.h" namespace Envoy { namespace Network { class SocketImpl : public virtual Socket { public: SocketImpl(Socket::Type socket_type, const Address::InstanceConstSharedPtr addr); // Network::Socket const Address::InstanceConstSharedPtr& localAddress() const override { return local_address_; } void setLocalAddress(const Address::InstanceConstSharedPtr& local_address) override { local_address_ = local_address; } IoHandle& ioHandle() override { return *io_handle_; } const IoHandle& ioHandle() const override { return *io_handle_; } void close() override { if (io_handle_->isOpen()) { io_handle_->close(); } } bool isOpen() const override { return io_handle_->isOpen(); } void ensureOptions() { if (!options_) { options_ = std::make_shared>(); } } void addOption(const OptionConstSharedPtr& option) override { ensureOptions(); options_->emplace_back(std::move(option)); } void addOptions(const OptionsSharedPtr& options) override { ensureOptions(); Network::Socket::appendOptions(options_, options); } Api::SysCallIntResult bind(Network::Address::InstanceConstSharedPtr address) override; Api::SysCallIntResult listen(int backlog) override; Api::SysCallIntResult connect(const Address::InstanceConstSharedPtr addr) override; Api::SysCallIntResult setSocketOption(int level, int optname, const void* optval, socklen_t optlen) override; Api::SysCallIntResult getSocketOption(int level, int optname, void* optval, socklen_t* optlen) const override; Api::SysCallIntResult setBlockingForTest(bool blocking) override; const OptionsSharedPtr& options() const override { return options_; } Socket::Type socketType() const override { return sock_type_; } Address::Type addressType() const override { return addr_type_; } absl::optional ipVersion() const override; protected: SocketImpl(IoHandlePtr&& io_handle, const Address::InstanceConstSharedPtr& local_address); const IoHandlePtr io_handle_; Address::InstanceConstSharedPtr local_address_; OptionsSharedPtr options_; Socket::Type sock_type_; Address::Type addr_type_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_interface.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/network/socket_interface.h" #include "envoy/registry/registry.h" #include "envoy/server/bootstrap_extension_config.h" #include "common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Network { // Wrapper for SocketInterface instances returned by createBootstrapExtension() which must be // implemented by all factories that derive SocketInterfaceBase class SocketInterfaceExtension : public Server::BootstrapExtension { public: SocketInterfaceExtension(SocketInterface& sock_interface) : sock_interface_(sock_interface) {} SocketInterface& socketInterface() { return sock_interface_; } private: SocketInterface& sock_interface_; }; // Class to be derived by all SocketInterface implementations. // // It acts both as a SocketInterface and as a BootstrapExtensionFactory. The latter is used, on the // one hand, to configure and initialize the interface and, on the other, for SocketInterface lookup // by leveraging the FactoryRegistry. As required for all bootstrap extensions, all derived classes // should register via the REGISTER_FACTORY() macro as BootstrapExtensionFactory. // // SocketInterface instances can be retrieved using the factory name, i.e., string returned by // name() function implemented by all classes that derive SocketInterfaceBase, via // Network::socketInterface(). When instantiating addresses, address resolvers should // set the socket interface field to the name of the socket interface implementation that should // be used to create sockets for said addresses. class SocketInterfaceBase : public SocketInterface, public Server::Configuration::BootstrapExtensionFactory {}; /** * Lookup SocketInterface instance by name * @param name Name of the socket interface to be looked up * @return Pointer to @ref SocketInterface instance that registered using the name of nullptr */ static inline const SocketInterface* socketInterface(std::string name) { auto factory = Registry::FactoryRegistry::getFactory(name); return dynamic_cast(factory); } using SocketInterfaceSingleton = InjectableSingleton; using SocketInterfaceLoader = ScopedInjectableLoader; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_interface_impl.cc ================================================ #include "common/network/socket_interface_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/network/socket_interface/v3/default_socket_interface.pb.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/network/io_socket_handle_impl.h" namespace Envoy { namespace Network { IoHandlePtr SocketInterfaceImpl::makeSocket(int socket_fd, bool socket_v6only, absl::optional domain) const { return std::make_unique(socket_fd, socket_v6only, domain); } IoHandlePtr SocketInterfaceImpl::socket(Socket::Type socket_type, Address::Type addr_type, Address::IpVersion version, bool socket_v6only) const { #if defined(__APPLE__) || defined(WIN32) int flags = 0; #else int flags = SOCK_NONBLOCK; #endif if (socket_type == Socket::Type::Stream) { flags |= SOCK_STREAM; } else { flags |= SOCK_DGRAM; } int domain; if (addr_type == Address::Type::Ip) { if (version == Address::IpVersion::v6) { domain = AF_INET6; } else { ASSERT(version == Address::IpVersion::v4); domain = AF_INET; } } else if (addr_type == Address::Type::Pipe) { domain = AF_UNIX; } else { ASSERT(addr_type == Address::Type::EnvoyInternal); // TODO(lambdai): Add InternalIoSocketHandleImpl to support internal address. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } const Api::SysCallSocketResult result = Api::OsSysCallsSingleton::get().socket(domain, flags, 0); RELEASE_ASSERT(SOCKET_VALID(result.rc_), fmt::format("socket(2) failed, got error: {}", errorDetails(result.errno_))); IoHandlePtr io_handle = makeSocket(result.rc_, socket_v6only, domain); #if defined(__APPLE__) || defined(WIN32) // Cannot set SOCK_NONBLOCK as a ::socket flag. const int rc = io_handle->setBlocking(false).rc_; RELEASE_ASSERT(!SOCKET_FAILURE(rc), ""); #endif return io_handle; } IoHandlePtr SocketInterfaceImpl::socket(Socket::Type socket_type, const Address::InstanceConstSharedPtr addr) const { Address::IpVersion ip_version = addr->ip() ? addr->ip()->version() : Address::IpVersion::v4; int v6only = 0; if (addr->type() == Address::Type::Ip && ip_version == Address::IpVersion::v6) { v6only = addr->ip()->ipv6()->v6only(); } IoHandlePtr io_handle = SocketInterfaceImpl::socket(socket_type, addr->type(), ip_version, v6only); if (addr->type() == Address::Type::Ip && ip_version == Address::IpVersion::v6) { // Setting IPV6_V6ONLY restricts the IPv6 socket to IPv6 connections only. const Api::SysCallIntResult result = io_handle->setOption( IPPROTO_IPV6, IPV6_V6ONLY, reinterpret_cast(&v6only), sizeof(v6only)); RELEASE_ASSERT(!SOCKET_FAILURE(result.rc_), ""); } return io_handle; } IoHandlePtr SocketInterfaceImpl::socket(os_fd_t fd) { return std::make_unique(fd); } bool SocketInterfaceImpl::ipFamilySupported(int domain) { Api::OsSysCalls& os_sys_calls = Api::OsSysCallsSingleton::get(); const Api::SysCallSocketResult result = os_sys_calls.socket(domain, SOCK_STREAM, 0); if (SOCKET_VALID(result.rc_)) { RELEASE_ASSERT(os_sys_calls.close(result.rc_).rc_ == 0, fmt::format("Fail to close fd: response code {}", errorDetails(result.rc_))); } return SOCKET_VALID(result.rc_); } Server::BootstrapExtensionPtr SocketInterfaceImpl::createBootstrapExtension(const Protobuf::Message&, Server::Configuration::ServerFactoryContext&) { return std::make_unique(*this); } ProtobufTypes::MessagePtr SocketInterfaceImpl::createEmptyConfigProto() { return std::make_unique< envoy::extensions::network::socket_interface::v3::DefaultSocketInterface>(); } REGISTER_FACTORY(SocketInterfaceImpl, Server::Configuration::BootstrapExtensionFactory); static SocketInterfaceLoader* socket_interface_ = new SocketInterfaceLoader(std::make_unique()); } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_interface_impl.h ================================================ #pragma once #include "envoy/network/socket.h" #include "common/network/socket_interface.h" namespace Envoy { namespace Network { class SocketInterfaceImpl : public SocketInterfaceBase { public: // SocketInterface IoHandlePtr socket(Socket::Type socket_type, Address::Type addr_type, Address::IpVersion version, bool socket_v6only) const override; IoHandlePtr socket(Socket::Type socket_type, const Address::InstanceConstSharedPtr addr) const override; IoHandlePtr socket(os_fd_t fd) override; bool ipFamilySupported(int domain) override; // Server::Configuration::BootstrapExtensionFactory Server::BootstrapExtensionPtr createBootstrapExtension(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override { return "envoy.extensions.network.socket_interface.default_socket_interface"; }; protected: virtual IoHandlePtr makeSocket(int socket_fd, bool socket_v6only, absl::optional domain) const; }; DECLARE_FACTORY(SocketInterfaceImpl); } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_option_factory.cc ================================================ #include "common/network/socket_option_factory.h" #include "envoy/config/core/v3/base.pb.h" #include "common/common/fmt.h" #include "common/network/addr_family_aware_socket_option_impl.h" #include "common/network/socket_option_impl.h" namespace Envoy { namespace Network { std::unique_ptr SocketOptionFactory::buildTcpKeepaliveOptions(Network::TcpKeepaliveConfig keepalive_config) { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_SO_KEEPALIVE, 1)); if (keepalive_config.keepalive_probes_.has_value()) { options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_TCP_KEEPCNT, keepalive_config.keepalive_probes_.value())); } if (keepalive_config.keepalive_interval_.has_value()) { options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_TCP_KEEPINTVL, keepalive_config.keepalive_interval_.value())); } if (keepalive_config.keepalive_time_.has_value()) { options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_TCP_KEEPIDLE, keepalive_config.keepalive_time_.value())); } return options; } std::unique_ptr SocketOptionFactory::buildIpFreebindOptions() { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_IP_FREEBIND, ENVOY_SOCKET_IPV6_FREEBIND, 1)); return options; } std::unique_ptr SocketOptionFactory::buildIpTransparentOptions() { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_IP_TRANSPARENT, ENVOY_SOCKET_IPV6_TRANSPARENT, 1)); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_BOUND, ENVOY_SOCKET_IP_TRANSPARENT, ENVOY_SOCKET_IPV6_TRANSPARENT, 1)); return options; } std::unique_ptr SocketOptionFactory::buildSocketMarkOptions(uint32_t mark) { std::unique_ptr options = std::make_unique(); // we need this to happen prior to binding or prior to connecting. In both cases, PREBIND will // fire. options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_SO_MARK, mark)); return options; } std::unique_ptr SocketOptionFactory::buildSocketNoSigpipeOptions() { // Provide additional handling for `SIGPIPE` at the socket layer by converting it to `EPIPE`. std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_SO_NOSIGPIPE, 1)); return options; } std::unique_ptr SocketOptionFactory::buildLiteralOptions( const Protobuf::RepeatedPtrField& socket_options) { auto options = std::make_unique(); for (const auto& socket_option : socket_options) { std::string buf; int int_value; switch (socket_option.value_case()) { case envoy::config::core::v3::SocketOption::ValueCase::kIntValue: int_value = socket_option.int_value(); buf.append(reinterpret_cast(&int_value), sizeof(int_value)); break; case envoy::config::core::v3::SocketOption::ValueCase::kBufValue: buf.append(socket_option.buf_value()); break; default: ENVOY_LOG(warn, "Socket option specified with no or unknown value: {}", socket_option.DebugString()); continue; } options->emplace_back(std::make_shared( socket_option.state(), Network::SocketOptionName( socket_option.level(), socket_option.name(), fmt::format("{}/{}", socket_option.level(), socket_option.name())), buf)); } return options; } std::unique_ptr SocketOptionFactory::buildTcpFastOpenOptions(uint32_t queue_length) { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_LISTENING, ENVOY_SOCKET_TCP_FASTOPEN, queue_length)); return options; } std::unique_ptr SocketOptionFactory::buildIpPacketInfoOptions() { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_BOUND, ENVOY_SELF_IP_ADDR, ENVOY_SELF_IPV6_ADDR, 1)); return options; } std::unique_ptr SocketOptionFactory::buildRxQueueOverFlowOptions() { std::unique_ptr options = std::make_unique(); #ifdef SO_RXQ_OVFL options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_BOUND, ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_RXQ_OVFL), 1)); #endif return options; } std::unique_ptr SocketOptionFactory::buildReusePortOptions() { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_SO_REUSEPORT, 1)); return options; } std::unique_ptr SocketOptionFactory::buildUdpGroOptions() { std::unique_ptr options = std::make_unique(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_BOUND, ENVOY_SOCKET_UDP_GRO, 1)); return options; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_option_factory.h ================================================ #pragma once #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/socket.h" #include "common/common/logger.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Network { struct TcpKeepaliveConfig { absl::optional keepalive_probes_; // Number of unanswered probes before the connection is dropped absl::optional keepalive_time_; // Connection idle time before probing will start, in ms absl::optional keepalive_interval_; // Interval between probes, in ms }; class SocketOptionFactory : Logger::Loggable { public: static std::unique_ptr buildTcpKeepaliveOptions(Network::TcpKeepaliveConfig keepalive_config); static std::unique_ptr buildIpFreebindOptions(); static std::unique_ptr buildIpTransparentOptions(); static std::unique_ptr buildSocketMarkOptions(uint32_t mark); static std::unique_ptr buildSocketNoSigpipeOptions(); static std::unique_ptr buildTcpFastOpenOptions(uint32_t queue_length); static std::unique_ptr buildLiteralOptions( const Protobuf::RepeatedPtrField& socket_options); static std::unique_ptr buildIpPacketInfoOptions(); static std::unique_ptr buildRxQueueOverFlowOptions(); static std::unique_ptr buildReusePortOptions(); static std::unique_ptr buildUdpGroOptions(); }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_option_impl.cc ================================================ #include "common/network/socket_option_impl.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/network/address_impl.h" namespace Envoy { namespace Network { // Socket::Option bool SocketOptionImpl::setOption(Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const { if (in_state_ == state) { if (!optname_.hasValue()) { ENVOY_LOG(warn, "Failed to set unsupported option on socket"); return false; } const Api::SysCallIntResult result = SocketOptionImpl::setSocketOption(socket, optname_, value_.data(), value_.size()); if (result.rc_ != 0) { ENVOY_LOG(warn, "Setting {} option on socket failed: {}", optname_.name(), errorDetails(result.errno_)); return false; } } return true; } absl::optional SocketOptionImpl::getOptionDetails(const Socket&, envoy::config::core::v3::SocketOption::SocketState state) const { if (state != in_state_ || !isSupported()) { return absl::nullopt; } Socket::Option::Details info; info.name_ = optname_; info.value_ = {value_.begin(), value_.end()}; return absl::make_optional(std::move(info)); } bool SocketOptionImpl::isSupported() const { return optname_.hasValue(); } Api::SysCallIntResult SocketOptionImpl::setSocketOption(Socket& socket, const Network::SocketOptionName& optname, const void* value, size_t size) { if (!optname.hasValue()) { return {-1, SOCKET_ERROR_NOT_SUP}; } return socket.setSocketOption(optname.level(), optname.option(), value, size); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/socket_option_impl.h ================================================ #pragma once #include "envoy/api/os_sys_calls.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/listen_socket.h" #include "common/common/assert.h" #include "common/common/logger.h" namespace Envoy { namespace Network { #ifdef IP_TRANSPARENT #define ENVOY_SOCKET_IP_TRANSPARENT ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IP, IP_TRANSPARENT) #else #define ENVOY_SOCKET_IP_TRANSPARENT Network::SocketOptionName() #endif #ifdef IPV6_TRANSPARENT #define ENVOY_SOCKET_IPV6_TRANSPARENT ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IPV6, IPV6_TRANSPARENT) #else #define ENVOY_SOCKET_IPV6_TRANSPARENT Network::SocketOptionName() #endif #ifdef IP_FREEBIND #define ENVOY_SOCKET_IP_FREEBIND ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IP, IP_FREEBIND) #else #define ENVOY_SOCKET_IP_FREEBIND Network::SocketOptionName() #endif #ifdef IPV6_FREEBIND #define ENVOY_SOCKET_IPV6_FREEBIND ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IPV6, IPV6_FREEBIND) #else #define ENVOY_SOCKET_IPV6_FREEBIND Network::SocketOptionName() #endif #ifdef SO_KEEPALIVE #define ENVOY_SOCKET_SO_KEEPALIVE ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_KEEPALIVE) #else #define ENVOY_SOCKET_SO_KEEPALIVE Network::SocketOptionName() #endif #ifdef SO_MARK #define ENVOY_SOCKET_SO_MARK ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_MARK) #else #define ENVOY_SOCKET_SO_MARK Network::SocketOptionName() #endif #ifdef SO_NOSIGPIPE #define ENVOY_SOCKET_SO_NOSIGPIPE ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_NOSIGPIPE) #else #define ENVOY_SOCKET_SO_NOSIGPIPE Network::SocketOptionName() #endif #ifdef SO_REUSEPORT #define ENVOY_SOCKET_SO_REUSEPORT ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_REUSEPORT) #else #define ENVOY_SOCKET_SO_REUSEPORT Network::SocketOptionName() #endif #ifdef UDP_GRO #define ENVOY_SOCKET_UDP_GRO ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_UDP, UDP_GRO) #else #define ENVOY_SOCKET_UDP_GRO Network::SocketOptionName() #endif #ifdef TCP_KEEPCNT #define ENVOY_SOCKET_TCP_KEEPCNT ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_TCP, TCP_KEEPCNT) #else #define ENVOY_SOCKET_TCP_KEEPCNT Network::SocketOptionName() #endif #ifdef TCP_KEEPIDLE #define ENVOY_SOCKET_TCP_KEEPIDLE ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_TCP, TCP_KEEPIDLE) #elif TCP_KEEPALIVE // macOS uses a different name from Linux for just this option. #define ENVOY_SOCKET_TCP_KEEPIDLE ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_TCP, TCP_KEEPALIVE) #else #define ENVOY_SOCKET_TCP_KEEPIDLE Network::SocketOptionName() #endif #ifdef TCP_KEEPINTVL #define ENVOY_SOCKET_TCP_KEEPINTVL ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_TCP, TCP_KEEPINTVL) #else #define ENVOY_SOCKET_TCP_KEEPINTVL Network::SocketOptionName() #endif #ifdef TCP_FASTOPEN #define ENVOY_SOCKET_TCP_FASTOPEN ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_TCP, TCP_FASTOPEN) #else #define ENVOY_SOCKET_TCP_FASTOPEN Network::SocketOptionName() #endif // Linux uses IP_PKTINFO for both sending source address and receiving destination // address. // FreeBSD uses IP_RECVDSTADDR for receiving destination address and IP_SENDSRCADDR for sending // source address. And these two have same value for convenience purpose. #ifdef IP_RECVDSTADDR #ifdef IP_SENDSRCADDR static_assert(IP_RECVDSTADDR == IP_SENDSRCADDR); #endif #define ENVOY_IP_PKTINFO IP_RECVDSTADDR #elif IP_PKTINFO #define ENVOY_IP_PKTINFO IP_PKTINFO #endif #define ENVOY_SELF_IP_ADDR ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IP, ENVOY_IP_PKTINFO) // Both Linux and FreeBSD use IPV6_RECVPKTINFO for both sending source address and // receiving destination address. #define ENVOY_SELF_IPV6_ADDR ENVOY_MAKE_SOCKET_OPTION_NAME(IPPROTO_IPV6, IPV6_RECVPKTINFO) #ifdef SO_ATTACH_REUSEPORT_CBPF #define ENVOY_ATTACH_REUSEPORT_CBPF \ ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_ATTACH_REUSEPORT_CBPF) #else #define ENVOY_ATTACH_REUSEPORT_CBPF Network::SocketOptionName() #endif class SocketOptionImpl : public Socket::Option, Logger::Loggable { public: SocketOptionImpl(envoy::config::core::v3::SocketOption::SocketState in_state, Network::SocketOptionName optname, int value) // Yup, int. See setsockopt(2). : SocketOptionImpl(in_state, optname, absl::string_view(reinterpret_cast(&value), sizeof(value))) {} SocketOptionImpl(envoy::config::core::v3::SocketOption::SocketState in_state, Network::SocketOptionName optname, absl::string_view value) : in_state_(in_state), optname_(optname), value_(value.begin(), value.end()) { ASSERT(reinterpret_cast(value_.data()) % alignof(void*) == 0); } // Socket::Option bool setOption(Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; // The common socket options don't require a hash key. void hashKey(std::vector&) const override {} absl::optional
    getOptionDetails(const Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; bool isSupported() const; /** * Set the option on the given socket. * @param socket the socket on which to apply the option. * @param optname the option name. * @param value the option value. * @param size the option value size. * @return a Api::SysCallIntResult with rc_ = 0 for success and rc = -1 for failure. If the call * is successful, errno_ shouldn't be used. */ static Api::SysCallIntResult setSocketOption(Socket& socket, const Network::SocketOptionName& optname, const void* value, size_t size); private: const envoy::config::core::v3::SocketOption::SocketState in_state_; const Network::SocketOptionName optname_; // This has to be a std::vector but not std::string because std::string might inline // the buffer so its data() is not aligned in to alignof(void*). const std::vector value_; }; using SocketOptionImplOptRef = absl::optional>; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/tcp_listener_impl.cc ================================================ #include "common/network/tcp_listener_impl.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/event/dispatcher_impl.h" #include "common/event/file_event_impl.h" #include "common/network/address_impl.h" #include "common/network/io_socket_handle_impl.h" namespace Envoy { namespace Network { const absl::string_view TcpListenerImpl::GlobalMaxCxRuntimeKey = "overload.global_downstream_max_connections"; bool TcpListenerImpl::rejectCxOverGlobalLimit() { // Enforce the global connection limit if necessary, immediately closing the accepted connection. Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting(); if (runtime == nullptr) { // The runtime singleton won't exist in most unit tests that do not need global downstream limit // enforcement. Therefore, there is no need to enforce limits if the singleton doesn't exist. // TODO(tonya11en): Revisit this once runtime is made globally available. return false; } // If the connection limit is not set, don't limit the connections, but still track them. // TODO(tonya11en): In integration tests, threadsafeSnapshot is necessary since the FakeUpstreams // use a listener and do not run in a worker thread. In practice, this code path will always be // run on a worker thread, but to prevent failed assertions in test environments, threadsafe // snapshots must be used. This must be revisited. const uint64_t global_cx_limit = runtime->threadsafeSnapshot()->getInteger( GlobalMaxCxRuntimeKey, std::numeric_limits::max()); return AcceptedSocketImpl::acceptedSocketCount() >= global_cx_limit; } void TcpListenerImpl::onSocketEvent(short flags) { ASSERT(flags & (Event::FileReadyType::Read)); // TODO(fcoras): Add limit on number of accepted calls per wakeup while (1) { if (!socket_->ioHandle().isOpen()) { PANIC(fmt::format("listener accept failure: {}", errorDetails(errno))); } sockaddr_storage remote_addr; socklen_t remote_addr_len = sizeof(remote_addr); IoHandlePtr io_handle = socket_->ioHandle().accept(reinterpret_cast(&remote_addr), &remote_addr_len); if (io_handle == nullptr) { break; } if (rejectCxOverGlobalLimit()) { // The global connection limit has been reached. io_handle->close(); cb_.onReject(); continue; } // Get the local address from the new socket if the listener is listening on IP ANY // (e.g., 0.0.0.0 for IPv4) (local_address_ is nullptr in this case). const Address::InstanceConstSharedPtr& local_address = local_address_ ? local_address_ : io_handle->localAddress(); // The accept() call that filled in remote_addr doesn't fill in more than the sa_family field // for Unix domain sockets; apparently there isn't a mechanism in the kernel to get the // `sockaddr_un` associated with the client socket when starting from the server socket. // We work around this by using our own name for the socket in this case. // Pass the 'v6only' parameter as true if the local_address is an IPv6 address. This has no // effect if the socket is a v4 socket, but for v6 sockets this will create an IPv4 remote // address if an IPv4 local_address was created from an IPv6 mapped IPv4 address. const Address::InstanceConstSharedPtr& remote_address = (remote_addr.ss_family == AF_UNIX) ? io_handle->peerAddress() : Address::addressFromSockAddr(remote_addr, remote_addr_len, local_address->ip()->version() == Address::IpVersion::v6); cb_.onAccept( std::make_unique(std::move(io_handle), local_address, remote_address)); } } void TcpListenerImpl::setupServerSocket(Event::DispatcherImpl& dispatcher, Socket& socket) { socket.ioHandle().listen(backlog_size_); // Although onSocketEvent drains to completion, use level triggered mode to avoid potential // loss of the trigger due to transient accept errors. file_event_ = socket.ioHandle().createFileEvent( dispatcher, [this](uint32_t events) -> void { onSocketEvent(events); }, Event::FileTriggerType::Level, Event::FileReadyType::Read); if (!Network::Socket::applyOptions(socket.options(), socket, envoy::config::core::v3::SocketOption::STATE_LISTENING)) { throw CreateListenerException(fmt::format("cannot set post-listen socket option on socket: {}", socket.localAddress()->asString())); } } TcpListenerImpl::TcpListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket, TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size) : BaseListenerImpl(dispatcher, std::move(socket)), cb_(cb), backlog_size_(backlog_size) { if (bind_to_port) { setupServerSocket(dispatcher, *socket_); } } void TcpListenerImpl::enable() { file_event_->setEnabled(Event::FileReadyType::Read); } void TcpListenerImpl::disable() { file_event_->setEnabled(0); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/tcp_listener_impl.h ================================================ #pragma once #include "envoy/runtime/runtime.h" #include "absl/strings/string_view.h" #include "base_listener_impl.h" namespace Envoy { namespace Network { /** * libevent implementation of Network::Listener for TCP. */ class TcpListenerImpl : public BaseListenerImpl { public: TcpListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket, TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size); void disable() override; void enable() override; static const absl::string_view GlobalMaxCxRuntimeKey; protected: void setupServerSocket(Event::DispatcherImpl& dispatcher, Socket& socket); TcpListenerCallbacks& cb_; const uint32_t backlog_size_; private: void onSocketEvent(short flags); // Returns true if global connection limit has been reached and the accepted socket should be // rejected/closed. If the accepted socket is to be admitted, false is returned. static bool rejectCxOverGlobalLimit(); Event::FileEventPtr file_event_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/transport_socket_options_impl.cc ================================================ #include "common/network/transport_socket_options_impl.h" #include #include #include #include #include #include "common/common/scalar_to_byte_vector.h" #include "common/common/utility.h" #include "common/network/application_protocol.h" #include "common/network/proxy_protocol_filter_state.h" #include "common/network/upstream_server_name.h" #include "common/network/upstream_subject_alt_names.h" namespace Envoy { namespace Network { namespace { void commonHashKey(const TransportSocketOptions& options, std::vector& key) { const auto& server_name_overide = options.serverNameOverride(); if (server_name_overide.has_value()) { pushScalarToByteVector(StringUtil::CaseInsensitiveHash()(server_name_overide.value()), key); } const auto& verify_san_list = options.verifySubjectAltNameListOverride(); if (!verify_san_list.empty()) { for (const auto& san : verify_san_list) { pushScalarToByteVector(StringUtil::CaseInsensitiveHash()(san), key); } } const auto& alpn_list = options.applicationProtocolListOverride(); if (!alpn_list.empty()) { for (const auto& protocol : alpn_list) { pushScalarToByteVector(StringUtil::CaseInsensitiveHash()(protocol), key); } } const auto& alpn_fallback = options.applicationProtocolFallback(); if (alpn_fallback.has_value()) { pushScalarToByteVector(StringUtil::CaseInsensitiveHash()(*alpn_fallback), key); } } } // namespace void AlpnDecoratingTransportSocketOptions::hashKey(std::vector& key) const { commonHashKey(*this, key); } void TransportSocketOptionsImpl::hashKey(std::vector& key) const { commonHashKey(*this, key); } TransportSocketOptionsSharedPtr TransportSocketOptionsUtility::fromFilterState(const StreamInfo::FilterState& filter_state) { absl::string_view server_name; std::vector application_protocols; std::vector subject_alt_names; absl::optional proxy_protocol_options; bool needs_transport_socket_options = false; if (filter_state.hasData(UpstreamServerName::key())) { const auto& upstream_server_name = filter_state.getDataReadOnly(UpstreamServerName::key()); server_name = upstream_server_name.value(); needs_transport_socket_options = true; } if (filter_state.hasData(Network::ApplicationProtocols::key())) { const auto& alpn = filter_state.getDataReadOnly( Network::ApplicationProtocols::key()); application_protocols = alpn.value(); needs_transport_socket_options = true; } if (filter_state.hasData(UpstreamSubjectAltNames::key())) { const auto& upstream_subject_alt_names = filter_state.getDataReadOnly(UpstreamSubjectAltNames::key()); subject_alt_names = upstream_subject_alt_names.value(); needs_transport_socket_options = true; } if (filter_state.hasData(ProxyProtocolFilterState::key())) { const auto& proxy_protocol_filter_state = filter_state.getDataReadOnly(ProxyProtocolFilterState::key()); proxy_protocol_options.emplace(proxy_protocol_filter_state.value()); needs_transport_socket_options = true; } if (needs_transport_socket_options) { return std::make_shared( server_name, std::move(subject_alt_names), std::move(application_protocols), absl::nullopt, proxy_protocol_options); } else { return nullptr; } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/transport_socket_options_impl.h ================================================ #pragma once #include "envoy/network/proxy_protocol.h" #include "envoy/network/transport_socket.h" #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace Network { // A wrapper around another TransportSocketOptions that overrides the ALPN fallback. class AlpnDecoratingTransportSocketOptions : public TransportSocketOptions { public: AlpnDecoratingTransportSocketOptions(std::string&& alpn, TransportSocketOptionsSharedPtr inner_options) : alpn_fallback_(std::move(alpn)), inner_options_(std::move(inner_options)) {} // Network::TransportSocketOptions const absl::optional& serverNameOverride() const override { return inner_options_->serverNameOverride(); } const std::vector& verifySubjectAltNameListOverride() const override { return inner_options_->verifySubjectAltNameListOverride(); } const std::vector& applicationProtocolListOverride() const override { return inner_options_->applicationProtocolListOverride(); } const absl::optional& applicationProtocolFallback() const override { return alpn_fallback_; } absl::optional proxyProtocolOptions() const override { return inner_options_->proxyProtocolOptions(); } void hashKey(std::vector& key) const override; private: const absl::optional alpn_fallback_; const TransportSocketOptionsSharedPtr inner_options_; }; class TransportSocketOptionsImpl : public TransportSocketOptions { public: TransportSocketOptionsImpl( absl::string_view override_server_name = "", std::vector&& override_verify_san_list = {}, std::vector&& override_alpn = {}, absl::optional&& fallback_alpn = {}, absl::optional proxy_proto_options = absl::nullopt) : override_server_name_(override_server_name.empty() ? absl::nullopt : absl::optional(override_server_name)), override_verify_san_list_{std::move(override_verify_san_list)}, override_alpn_list_{std::move(override_alpn)}, alpn_fallback_{std::move(fallback_alpn)}, proxy_protocol_options_(proxy_proto_options) {} // Network::TransportSocketOptions const absl::optional& serverNameOverride() const override { return override_server_name_; } const std::vector& verifySubjectAltNameListOverride() const override { return override_verify_san_list_; } const std::vector& applicationProtocolListOverride() const override { return override_alpn_list_; } const absl::optional& applicationProtocolFallback() const override { return alpn_fallback_; } absl::optional proxyProtocolOptions() const override { return proxy_protocol_options_; } void hashKey(std::vector& key) const override; private: const absl::optional override_server_name_; const std::vector override_verify_san_list_; const std::vector override_alpn_list_; const absl::optional alpn_fallback_; const absl::optional proxy_protocol_options_; }; class TransportSocketOptionsUtility { public: /** * Construct TransportSocketOptions from StreamInfo::FilterState, using UpstreamServerName * and ApplicationProtocols key in the filter state. * @returns TransportSocketOptionsSharedPtr a shared pointer to the transport socket options, * nullptr if nothing is in the filter state. */ static TransportSocketOptionsSharedPtr fromFilterState(const StreamInfo::FilterState& stream_info); }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_default_writer_config.cc ================================================ #include "common/network/udp_default_writer_config.h" #include #include #include "envoy/config/listener/v3/udp_default_writer_config.pb.h" #include "common/network/udp_packet_writer_handler_impl.h" namespace Envoy { namespace Network { UdpPacketWriterPtr UdpDefaultWriterFactory::createUdpPacketWriter(Network::IoHandle& io_handle, Stats::Scope& /*scope*/) { return std::make_unique(io_handle); } ProtobufTypes::MessagePtr UdpDefaultWriterConfigFactory::createEmptyConfigProto() { return std::make_unique(); } UdpPacketWriterFactoryPtr UdpDefaultWriterConfigFactory::createUdpPacketWriterFactory(const Protobuf::Message& /*message*/) { return std::make_unique(); } std::string UdpDefaultWriterConfigFactory::name() const { return "udp_default_writer"; } REGISTER_FACTORY(UdpDefaultWriterConfigFactory, Network::UdpPacketWriterConfigFactory); } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_default_writer_config.h ================================================ #pragma once #include "envoy/network/udp_packet_writer_config.h" #include "envoy/network/udp_packet_writer_handler.h" #include "envoy/registry/registry.h" namespace Envoy { namespace Network { class UdpDefaultWriterFactory : public Network::UdpPacketWriterFactory { public: Network::UdpPacketWriterPtr createUdpPacketWriter(Network::IoHandle& io_handle, Stats::Scope& scope) override; }; // UdpPacketWriterConfigFactory to create UdpDefaultWriterFactory based on given protobuf // This is the default UdpPacketWriterConfigFactory if not specified in config. class UdpDefaultWriterConfigFactory : public UdpPacketWriterConfigFactory { public: // UdpPacketWriterConfigFactory ProtobufTypes::MessagePtr createEmptyConfigProto() override; Network::UdpPacketWriterFactoryPtr createUdpPacketWriterFactory(const Protobuf::Message&) override; std::string name() const override; }; DECLARE_FACTORY(UdpDefaultWriterConfigFactory); } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_listener_impl.cc ================================================ #include "common/network/udp_listener_impl.h" #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/event/dispatcher_impl.h" #include "common/network/address_impl.h" #include "common/network/io_socket_error_impl.h" #include "absl/container/fixed_array.h" #include "event2/listener.h" #define ENVOY_UDP_LOG(LEVEL, FORMAT, ...) \ ENVOY_LOG_TO_LOGGER(ENVOY_LOGGER(), LEVEL, "Listener at {} :" FORMAT, \ this->localAddress()->asString(), ##__VA_ARGS__) namespace Envoy { namespace Network { UdpListenerImpl::UdpListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket, UdpListenerCallbacks& cb, TimeSource& time_source) : BaseListenerImpl(dispatcher, std::move(socket)), cb_(cb), time_source_(time_source) { file_event_ = socket_->ioHandle().createFileEvent( dispatcher, [this](uint32_t events) -> void { onSocketEvent(events); }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read | Event::FileReadyType::Write); ASSERT(file_event_); if (!Network::Socket::applyOptions(socket_->options(), *socket_, envoy::config::core::v3::SocketOption::STATE_BOUND)) { throw CreateListenerException(fmt::format("cannot set post-bound socket option on socket: {}", socket_->localAddress()->asString())); } } UdpListenerImpl::~UdpListenerImpl() { disableEvent(); file_event_.reset(); } void UdpListenerImpl::disable() { disableEvent(); } void UdpListenerImpl::enable() { file_event_->setEnabled(Event::FileReadyType::Read | Event::FileReadyType::Write); } void UdpListenerImpl::disableEvent() { file_event_->setEnabled(0); } void UdpListenerImpl::onSocketEvent(short flags) { ASSERT((flags & (Event::FileReadyType::Read | Event::FileReadyType::Write))); ENVOY_UDP_LOG(trace, "socket event: {}", flags); if (flags & Event::FileReadyType::Read) { handleReadCallback(); } if (flags & Event::FileReadyType::Write) { handleWriteCallback(); } } void UdpListenerImpl::handleReadCallback() { ENVOY_UDP_LOG(trace, "handleReadCallback"); cb_.onReadReady(); const Api::IoErrorPtr result = Utility::readPacketsFromSocket( socket_->ioHandle(), *socket_->localAddress(), *this, time_source_, packets_dropped_); // TODO(mattklein123): Handle no error when we limit the number of packets read. if (result->getErrorCode() != Api::IoError::IoErrorCode::Again) { // TODO(mattklein123): When rate limited logging is implemented log this at error level // on a periodic basis. ENVOY_UDP_LOG(debug, "recvmsg result {}: {}", static_cast(result->getErrorCode()), result->getErrorDetails()); cb_.onReceiveError(result->getErrorCode()); } } void UdpListenerImpl::processPacket(Address::InstanceConstSharedPtr local_address, Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) { // UDP listeners are always configured with the socket option that allows pulling the local // address. This should never be null. ASSERT(local_address != nullptr); UdpRecvData recvData{ {std::move(local_address), std::move(peer_address)}, std::move(buffer), receive_time}; cb_.onData(std::move(recvData)); } void UdpListenerImpl::handleWriteCallback() { ENVOY_UDP_LOG(trace, "handleWriteCallback"); cb_.onWriteReady(*socket_); } Event::Dispatcher& UdpListenerImpl::dispatcher() { return dispatcher_; } const Address::InstanceConstSharedPtr& UdpListenerImpl::localAddress() const { return socket_->localAddress(); } Api::IoCallUint64Result UdpListenerImpl::send(const UdpSendData& send_data) { ENVOY_UDP_LOG(trace, "send"); Buffer::Instance& buffer = send_data.buffer_; Api::IoCallUint64Result send_result = cb_.udpPacketWriter().writePacket(buffer, send_data.local_ip_, send_data.peer_address_); // The send_result normalizes the rc_ value to 0 in error conditions. // The drain call is hence 'safe' in success and failure cases. buffer.drain(send_result.rc_); return send_result; } Api::IoCallUint64Result UdpListenerImpl::flush() { ENVOY_UDP_LOG(trace, "flush"); return cb_.udpPacketWriter().flush(); } void UdpListenerImpl::activateRead() { file_event_->activate(Event::FileReadyType::Read); } UdpListenerWorkerRouterImpl::UdpListenerWorkerRouterImpl(uint32_t concurrency) : workers_(concurrency) {} void UdpListenerWorkerRouterImpl::registerWorkerForListener(UdpListenerCallbacks& listener) { absl::WriterMutexLock lock(&mutex_); ASSERT(listener.workerIndex() < workers_.size()); ASSERT(workers_.at(listener.workerIndex()) == nullptr); workers_.at(listener.workerIndex()) = &listener; } void UdpListenerWorkerRouterImpl::unregisterWorkerForListener(UdpListenerCallbacks& listener) { absl::WriterMutexLock lock(&mutex_); ASSERT(workers_.at(listener.workerIndex()) == &listener); workers_.at(listener.workerIndex()) = nullptr; } void UdpListenerWorkerRouterImpl::deliver(uint32_t dest_worker_index, UdpRecvData&& data) { absl::ReaderMutexLock lock(&mutex_); ASSERT(dest_worker_index < workers_.size(), "UdpListenerCallbacks::destination returned out-of-range value"); auto* worker = workers_[dest_worker_index]; // When a listener is being removed, packets could be processed on some workers after the // listener is removed from other workers, which could result in a nullptr for that worker. if (worker != nullptr) { worker->post(std::move(data)); } } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_listener_impl.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "common/buffer/buffer_impl.h" #include "common/event/event_impl_base.h" #include "common/event/file_event_impl.h" #include "common/network/utility.h" #include "base_listener_impl.h" namespace Envoy { namespace Network { /** * libevent implementation of Network::Listener for UDP. */ class UdpListenerImpl : public BaseListenerImpl, public virtual UdpListener, public UdpPacketProcessor, protected Logger::Loggable { public: UdpListenerImpl(Event::DispatcherImpl& dispatcher, SocketSharedPtr socket, UdpListenerCallbacks& cb, TimeSource& time_source); ~UdpListenerImpl() override; // Network::Listener Interface void disable() override; void enable() override; // Network::UdpListener Interface Event::Dispatcher& dispatcher() override; const Address::InstanceConstSharedPtr& localAddress() const override; Api::IoCallUint64Result send(const UdpSendData& data) override; Api::IoCallUint64Result flush() override; void activateRead() override; void processPacket(Address::InstanceConstSharedPtr local_address, Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) override; uint64_t maxPacketSize() const override { // TODO(danzh) make this variable configurable to support jumbo frames. return MAX_UDP_PACKET_SIZE; } protected: void handleWriteCallback(); void handleReadCallback(); UdpListenerCallbacks& cb_; uint32_t packets_dropped_{0}; private: void onSocketEvent(short flags); void disableEvent(); TimeSource& time_source_; Event::FileEventPtr file_event_; }; class UdpListenerWorkerRouterImpl : public UdpListenerWorkerRouter { public: UdpListenerWorkerRouterImpl(uint32_t concurrency); // UdpListenerWorkerRouter void registerWorkerForListener(UdpListenerCallbacks& listener) override; void unregisterWorkerForListener(UdpListenerCallbacks& listener) override; void deliver(uint32_t dest_worker_index, UdpRecvData&& data) override; private: absl::Mutex mutex_; std::vector workers_ ABSL_GUARDED_BY(mutex_); }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_packet_writer_handler_impl.cc ================================================ #include "common/network/udp_packet_writer_handler_impl.h" #include "common/buffer/buffer_impl.h" #include "common/network/utility.h" namespace Envoy { namespace Network { UdpDefaultWriter::UdpDefaultWriter(Network::IoHandle& io_handle) : write_blocked_(false), io_handle_(io_handle) {} UdpDefaultWriter::~UdpDefaultWriter() = default; Api::IoCallUint64Result UdpDefaultWriter::writePacket(const Buffer::Instance& buffer, const Address::Ip* local_ip, const Address::Instance& peer_address) { ASSERT(!write_blocked_, "Cannot write while IO handle is blocked."); Api::IoCallUint64Result result = Utility::writeToSocket(io_handle_, buffer, local_ip, peer_address); if (result.err_ && result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { // Writer is blocked when error code received is EWOULDBLOCK/EAGAIN write_blocked_ = true; } return result; } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/udp_packet_writer_handler_impl.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/network/socket.h" #include "envoy/network/udp_packet_writer_handler.h" #include "common/network/io_socket_error_impl.h" namespace Envoy { namespace Network { class UdpDefaultWriter : public UdpPacketWriter { public: UdpDefaultWriter(Network::IoHandle& io_handle); ~UdpDefaultWriter() override; // Following writePacket utilizes Utility::writeToSocket() implementation Api::IoCallUint64Result writePacket(const Buffer::Instance& buffer, const Address::Ip* local_ip, const Address::Instance& peer_address) override; bool isWriteBlocked() const override { return write_blocked_; } void setWritable() override { write_blocked_ = false; } uint64_t getMaxPacketSize(const Address::Instance& /*peer_address*/) const override { return Network::UdpMaxOutgoingPacketSize; } bool isBatchMode() const override { return false; } Network::UdpPacketWriterBuffer getNextWriteLocation(const Address::Ip* /*local_ip*/, const Address::Instance& /*peer_address*/) override { return {nullptr, 0, nullptr}; } Api::IoCallUint64Result flush() override { return Api::IoCallUint64Result( /*rc=*/0, /*err=*/Api::IoErrorPtr(nullptr, Network::IoSocketError::deleteIoError)); } private: bool write_blocked_; Network::IoHandle& io_handle_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/upstream_server_name.cc ================================================ #include "common/network/upstream_server_name.h" #include "common/common/macros.h" namespace Envoy { namespace Network { const std::string& UpstreamServerName::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.network.upstream_server_name"); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/upstream_server_name.h ================================================ #pragma once #include "envoy/stream_info/filter_state.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Network { /** * Server name to set in the upstream connection. The filters like tcp_proxy should use this * value to override the server name specified in the upstream cluster, for example to override * the SNI value in the upstream TLS context. */ class UpstreamServerName : public StreamInfo::FilterState::Object { public: UpstreamServerName(absl::string_view server_name) : server_name_(server_name) {} const std::string& value() const { return server_name_; } static const std::string& key(); private: const std::string server_name_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/upstream_subject_alt_names.cc ================================================ #include "common/network/upstream_subject_alt_names.h" #include "common/common/macros.h" namespace Envoy { namespace Network { const std::string& UpstreamSubjectAltNames::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.network.upstream_subject_alt_names"); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/upstream_subject_alt_names.h ================================================ #pragma once #include "envoy/stream_info/filter_state.h" namespace Envoy { namespace Network { /** * SANs to validate certificate to set in the upstream connection. Filters can use this one to * override the SAN in TLS context. */ class UpstreamSubjectAltNames : public StreamInfo::FilterState::Object { public: explicit UpstreamSubjectAltNames(const std::vector& upstream_subject_alt_names) : upstream_subject_alt_names_(upstream_subject_alt_names) {} const std::vector& value() const { return upstream_subject_alt_names_; } static const std::string& key(); private: const std::vector upstream_subject_alt_names_; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/utility.cc ================================================ #include "common/network/utility.h" #include #include #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/connection.h" #include "common/api/os_sys_calls_impl.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/network/io_socket_error_impl.h" #include "common/protobuf/protobuf.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Network { // TODO(lambdai): Remove below re-declare in C++17. constexpr absl::string_view Utility::TCP_SCHEME; constexpr absl::string_view Utility::UDP_SCHEME; constexpr absl::string_view Utility::UNIX_SCHEME; Address::InstanceConstSharedPtr Utility::resolveUrl(const std::string& url) { if (urlIsTcpScheme(url)) { return parseInternetAddressAndPort(url.substr(TCP_SCHEME.size())); } else if (urlIsUdpScheme(url)) { return parseInternetAddressAndPort(url.substr(UDP_SCHEME.size())); } else if (urlIsUnixScheme(url)) { return Address::InstanceConstSharedPtr{ new Address::PipeInstance(url.substr(UNIX_SCHEME.size()))}; } else { throw EnvoyException(absl::StrCat("unknown protocol scheme: ", url)); } } bool Utility::urlIsTcpScheme(absl::string_view url) { return absl::StartsWith(url, TCP_SCHEME); } bool Utility::urlIsUdpScheme(absl::string_view url) { return absl::StartsWith(url, UDP_SCHEME); } bool Utility::urlIsUnixScheme(absl::string_view url) { return absl::StartsWith(url, UNIX_SCHEME); } namespace { std::string hostFromUrl(const std::string& url, absl::string_view scheme, absl::string_view scheme_name) { if (!absl::StartsWith(url, scheme)) { throw EnvoyException(fmt::format("expected {} scheme, got: {}", scheme_name, url)); } const size_t colon_index = url.find(':', scheme.size()); if (colon_index == std::string::npos) { throw EnvoyException(absl::StrCat("malformed url: ", url)); } return url.substr(scheme.size(), colon_index - scheme.size()); } uint32_t portFromUrl(const std::string& url, absl::string_view scheme, absl::string_view scheme_name) { if (!absl::StartsWith(url, scheme)) { throw EnvoyException(fmt::format("expected {} scheme, got: {}", scheme_name, url)); } const size_t colon_index = url.find(':', scheme.size()); if (colon_index == std::string::npos) { throw EnvoyException(absl::StrCat("malformed url: ", url)); } const size_t rcolon_index = url.rfind(':'); if (colon_index != rcolon_index) { throw EnvoyException(absl::StrCat("malformed url: ", url)); } try { return std::stoi(url.substr(colon_index + 1)); } catch (const std::invalid_argument& e) { throw EnvoyException(e.what()); } catch (const std::out_of_range& e) { throw EnvoyException(e.what()); } } Api::IoCallUint64Result receiveMessage(uint64_t max_packet_size, Buffer::InstancePtr& buffer, IoHandle::RecvMsgOutput& output, IoHandle& handle, const Address::Instance& local_address) { Buffer::RawSlice slice; const uint64_t num_slices = buffer->reserve(max_packet_size, &slice, 1); ASSERT(num_slices == 1u); Api::IoCallUint64Result result = handle.recvmsg(&slice, num_slices, local_address.ip()->port(), output); if (!result.ok()) { return result; } // Adjust memory length and commit slice to buffer slice.len_ = std::min(slice.len_, static_cast(result.rc_)); buffer->commit(&slice, 1); return result; } } // namespace std::string Utility::hostFromTcpUrl(const std::string& url) { return hostFromUrl(url, TCP_SCHEME, "TCP"); } uint32_t Utility::portFromTcpUrl(const std::string& url) { return portFromUrl(url, TCP_SCHEME, "TCP"); } std::string Utility::hostFromUdpUrl(const std::string& url) { return hostFromUrl(url, UDP_SCHEME, "UDP"); } uint32_t Utility::portFromUdpUrl(const std::string& url) { return portFromUrl(url, UDP_SCHEME, "UDP"); } Address::InstanceConstSharedPtr Utility::parseInternetAddress(const std::string& ip_address, uint16_t port, bool v6only) { sockaddr_in sa4; if (inet_pton(AF_INET, ip_address.c_str(), &sa4.sin_addr) == 1) { sa4.sin_family = AF_INET; sa4.sin_port = htons(port); return std::make_shared(&sa4); } sockaddr_in6 sa6; memset(&sa6, 0, sizeof(sa6)); if (inet_pton(AF_INET6, ip_address.c_str(), &sa6.sin6_addr) == 1) { sa6.sin6_family = AF_INET6; sa6.sin6_port = htons(port); return std::make_shared(sa6, v6only); } throwWithMalformedIp(ip_address); NOT_REACHED_GCOVR_EXCL_LINE; } Address::InstanceConstSharedPtr Utility::parseInternetAddressAndPort(const std::string& ip_address, bool v6only) { if (ip_address.empty()) { throwWithMalformedIp(ip_address); } if (ip_address[0] == '[') { // Appears to be an IPv6 address. Find the "]:" that separates the address from the port. const auto pos = ip_address.rfind("]:"); if (pos == std::string::npos) { throwWithMalformedIp(ip_address); } const auto ip_str = ip_address.substr(1, pos - 1); const auto port_str = ip_address.substr(pos + 2); uint64_t port64 = 0; if (port_str.empty() || !absl::SimpleAtoi(port_str, &port64) || port64 > 65535) { throwWithMalformedIp(ip_address); } sockaddr_in6 sa6; memset(&sa6, 0, sizeof(sa6)); if (ip_str.empty() || inet_pton(AF_INET6, ip_str.c_str(), &sa6.sin6_addr) != 1) { throwWithMalformedIp(ip_address); } sa6.sin6_family = AF_INET6; sa6.sin6_port = htons(port64); return std::make_shared(sa6, v6only); } // Treat it as an IPv4 address followed by a port. const auto pos = ip_address.rfind(':'); if (pos == std::string::npos) { throwWithMalformedIp(ip_address); } const auto ip_str = ip_address.substr(0, pos); const auto port_str = ip_address.substr(pos + 1); uint64_t port64 = 0; if (port_str.empty() || !absl::SimpleAtoi(port_str, &port64) || port64 > 65535) { throwWithMalformedIp(ip_address); } sockaddr_in sa4; memset(&sa4, 0, sizeof(sa4)); if (ip_str.empty() || inet_pton(AF_INET, ip_str.c_str(), &sa4.sin_addr) != 1) { throwWithMalformedIp(ip_address); } sa4.sin_family = AF_INET; sa4.sin_port = htons(port64); return std::make_shared(&sa4); } Address::InstanceConstSharedPtr Utility::copyInternetAddressAndPort(const Address::Ip& ip) { if (ip.version() == Address::IpVersion::v4) { return std::make_shared(ip.addressAsString(), ip.port()); } return std::make_shared(ip.addressAsString(), ip.port()); } void Utility::throwWithMalformedIp(absl::string_view ip_address) { throw EnvoyException(absl::StrCat("malformed IP address: ", ip_address)); } // TODO(hennna): Currently getLocalAddress does not support choosing between // multiple interfaces and addresses not returned by getifaddrs. In addition, // the default is to return a loopback address of type version. This function may // need to be updated in the future. Discussion can be found at Github issue #939. Address::InstanceConstSharedPtr Utility::getLocalAddress(const Address::IpVersion version) { Address::InstanceConstSharedPtr ret; #ifdef SUPPORTS_GETIFADDRS struct ifaddrs* ifaddr; struct ifaddrs* ifa; const int rc = getifaddrs(&ifaddr); RELEASE_ASSERT(!rc, ""); // man getifaddrs(3) for (ifa = ifaddr; ifa != nullptr; ifa = ifa->ifa_next) { if (ifa->ifa_addr == nullptr) { continue; } if ((ifa->ifa_addr->sa_family == AF_INET && version == Address::IpVersion::v4) || (ifa->ifa_addr->sa_family == AF_INET6 && version == Address::IpVersion::v6)) { const struct sockaddr_storage* addr = reinterpret_cast(ifa->ifa_addr); ret = Address::addressFromSockAddr( *addr, (version == Address::IpVersion::v4) ? sizeof(sockaddr_in) : sizeof(sockaddr_in6)); if (!isLoopbackAddress(*ret)) { break; } } } if (ifaddr) { freeifaddrs(ifaddr); } #endif // If the local address is not found above, then return the loopback address by default. if (ret == nullptr) { if (version == Address::IpVersion::v4) { ret = std::make_shared("127.0.0.1"); } else if (version == Address::IpVersion::v6) { ret = std::make_shared("::1"); } } return ret; } bool Utility::isSameIpOrLoopback(const ConnectionSocket& socket) { // These are local: // - Pipes // - Sockets to a loopback address // - Sockets where the local and remote address (ignoring port) are the same const auto& remote_address = socket.remoteAddress(); if (remote_address->type() == Address::Type::Pipe || isLoopbackAddress(*remote_address)) { return true; } const auto local_ip = socket.localAddress()->ip(); const auto remote_ip = remote_address->ip(); if (remote_ip != nullptr && local_ip != nullptr && remote_ip->addressAsString() == local_ip->addressAsString()) { return true; } return false; } bool Utility::isInternalAddress(const Address::Instance& address) { if (address.type() != Address::Type::Ip) { return false; } if (address.ip()->version() == Address::IpVersion::v4) { // Handle the RFC1918 space for IPV4. Also count loopback as internal. const uint32_t address4 = address.ip()->ipv4()->address(); const uint8_t* address4_bytes = reinterpret_cast(&address4); if ((address4_bytes[0] == 10) || (address4_bytes[0] == 192 && address4_bytes[1] == 168) || (address4_bytes[0] == 172 && address4_bytes[1] >= 16 && address4_bytes[1] <= 31) || address4 == htonl(INADDR_LOOPBACK)) { return true; } else { return false; } } // Local IPv6 address prefix defined in RFC4193. Local addresses have prefix FC00::/7. // Currently, the FD00::/8 prefix is locally assigned and FC00::/8 may be defined in the // future. static_assert(sizeof(absl::uint128) == sizeof(in6addr_loopback), "sizeof(absl::uint128) != sizeof(in6addr_loopback)"); const absl::uint128 address6 = address.ip()->ipv6()->address(); const uint8_t* address6_bytes = reinterpret_cast(&address6); if (address6_bytes[0] == 0xfd || memcmp(&address6, &in6addr_loopback, sizeof(in6addr_loopback)) == 0) { return true; } return false; } bool Utility::isLoopbackAddress(const Address::Instance& address) { if (address.type() != Address::Type::Ip) { return false; } if (address.ip()->version() == Address::IpVersion::v4) { // Compare to the canonical v4 loopback address: 127.0.0.1. return address.ip()->ipv4()->address() == htonl(INADDR_LOOPBACK); } else if (address.ip()->version() == Address::IpVersion::v6) { static_assert(sizeof(absl::uint128) == sizeof(in6addr_loopback), "sizeof(absl::uint128) != sizeof(in6addr_loopback)"); absl::uint128 addr = address.ip()->ipv6()->address(); return 0 == memcmp(&addr, &in6addr_loopback, sizeof(in6addr_loopback)); } NOT_REACHED_GCOVR_EXCL_LINE; } Address::InstanceConstSharedPtr Utility::getCanonicalIpv4LoopbackAddress() { CONSTRUCT_ON_FIRST_USE(Address::InstanceConstSharedPtr, new Address::Ipv4Instance("127.0.0.1", 0, nullptr)); } Address::InstanceConstSharedPtr Utility::getIpv6LoopbackAddress() { CONSTRUCT_ON_FIRST_USE(Address::InstanceConstSharedPtr, new Address::Ipv6Instance("::1", 0, nullptr)); } Address::InstanceConstSharedPtr Utility::getIpv4AnyAddress() { CONSTRUCT_ON_FIRST_USE(Address::InstanceConstSharedPtr, new Address::Ipv4Instance(static_cast(0))); } Address::InstanceConstSharedPtr Utility::getIpv6AnyAddress() { CONSTRUCT_ON_FIRST_USE(Address::InstanceConstSharedPtr, new Address::Ipv6Instance(static_cast(0))); } const std::string& Utility::getIpv4CidrCatchAllAddress() { CONSTRUCT_ON_FIRST_USE(std::string, "0.0.0.0/0"); } const std::string& Utility::getIpv6CidrCatchAllAddress() { CONSTRUCT_ON_FIRST_USE(std::string, "::/0"); } Address::InstanceConstSharedPtr Utility::getAddressWithPort(const Address::Instance& address, uint32_t port) { switch (address.ip()->version()) { case Address::IpVersion::v4: return std::make_shared(address.ip()->addressAsString(), port); case Address::IpVersion::v6: return std::make_shared(address.ip()->addressAsString(), port); } NOT_REACHED_GCOVR_EXCL_LINE; } Address::InstanceConstSharedPtr Utility::getOriginalDst(Socket& sock) { #ifdef SOL_IP if (sock.addressType() != Address::Type::Ip) { return nullptr; } auto ipVersion = sock.ipVersion(); if (!ipVersion.has_value()) { return nullptr; } sockaddr_storage orig_addr; memset(&orig_addr, 0, sizeof(orig_addr)); socklen_t addr_len = sizeof(sockaddr_storage); int status; if (*ipVersion == Address::IpVersion::v4) { status = sock.getSocketOption(SOL_IP, SO_ORIGINAL_DST, &orig_addr, &addr_len).rc_; } else { status = sock.getSocketOption(SOL_IPV6, IP6T_SO_ORIGINAL_DST, &orig_addr, &addr_len).rc_; } if (status != 0) { return nullptr; } return Address::addressFromSockAddr(orig_addr, 0, true /* default for v6 constructor */); #else // TODO(zuercher): determine if connection redirection is possible under macOS (c.f. pfctl and // divert), and whether it's possible to find the learn destination address. UNREFERENCED_PARAMETER(sock); return nullptr; #endif } void Utility::parsePortRangeList(absl::string_view string, std::list& list) { const auto ranges = StringUtil::splitToken(string, ","); for (const auto& s : ranges) { const std::string s_string{s}; std::stringstream ss(s_string); uint32_t min = 0; uint32_t max = 0; if (s.find("-") != std::string::npos) { char dash = 0; ss >> min; ss >> dash; ss >> max; } else { ss >> min; max = min; } if (s.empty() || (min > 65535) || (max > 65535) || ss.fail() || !ss.eof()) { throw EnvoyException(fmt::format("invalid port number or range '{}'", s_string)); } list.emplace_back(PortRange(min, max)); } } bool Utility::portInRangeList(const Address::Instance& address, const std::list& list) { if (address.type() != Address::Type::Ip) { return false; } for (const PortRange& p : list) { if (p.contains(address.ip()->port())) { return true; } } return false; } absl::uint128 Utility::Ip6ntohl(const absl::uint128& address) { #ifdef ABSL_IS_LITTLE_ENDIAN return flipOrder(address); #else return address; #endif } absl::uint128 Utility::Ip6htonl(const absl::uint128& address) { #ifdef ABSL_IS_LITTLE_ENDIAN return flipOrder(address); #else return address; #endif } absl::uint128 Utility::flipOrder(const absl::uint128& input) { absl::uint128 result{0}; absl::uint128 data = input; for (int i = 0; i < 16; i++) { result <<= 8; result |= (data & 0x000000000000000000000000000000FF); data >>= 8; } return result; } Address::InstanceConstSharedPtr Utility::protobufAddressToAddress(const envoy::config::core::v3::Address& proto_address) { switch (proto_address.address_case()) { case envoy::config::core::v3::Address::AddressCase::kSocketAddress: return Utility::parseInternetAddress(proto_address.socket_address().address(), proto_address.socket_address().port_value(), !proto_address.socket_address().ipv4_compat()); case envoy::config::core::v3::Address::AddressCase::kPipe: return std::make_shared(proto_address.pipe().path(), proto_address.pipe().mode()); default: NOT_REACHED_GCOVR_EXCL_LINE; } } void Utility::addressToProtobufAddress(const Address::Instance& address, envoy::config::core::v3::Address& proto_address) { if (address.type() == Address::Type::Pipe) { proto_address.mutable_pipe()->set_path(address.asString()); } else { ASSERT(address.type() == Address::Type::Ip); auto* socket_address = proto_address.mutable_socket_address(); socket_address->set_address(address.ip()->addressAsString()); socket_address->set_port_value(address.ip()->port()); } } Socket::Type Utility::protobufAddressSocketType(const envoy::config::core::v3::Address& proto_address) { switch (proto_address.address_case()) { case envoy::config::core::v3::Address::AddressCase::kSocketAddress: { const auto protocol = proto_address.socket_address().protocol(); switch (protocol) { case envoy::config::core::v3::SocketAddress::TCP: return Socket::Type::Stream; case envoy::config::core::v3::SocketAddress::UDP: return Socket::Type::Datagram; default: NOT_REACHED_GCOVR_EXCL_LINE; } } case envoy::config::core::v3::Address::AddressCase::kPipe: return Socket::Type::Stream; default: NOT_REACHED_GCOVR_EXCL_LINE; } } Api::IoCallUint64Result Utility::writeToSocket(IoHandle& handle, const Buffer::Instance& buffer, const Address::Ip* local_ip, const Address::Instance& peer_address) { Buffer::RawSliceVector slices = buffer.getRawSlices(); return writeToSocket(handle, slices.data(), slices.size(), local_ip, peer_address); } Api::IoCallUint64Result Utility::writeToSocket(IoHandle& handle, Buffer::RawSlice* slices, uint64_t num_slices, const Address::Ip* local_ip, const Address::Instance& peer_address) { Api::IoCallUint64Result send_result( /*rc=*/0, /*err=*/Api::IoErrorPtr(nullptr, IoSocketError::deleteIoError)); do { send_result = handle.sendmsg(slices, num_slices, 0, local_ip, peer_address); } while (!send_result.ok() && // Send again if interrupted. send_result.err_->getErrorCode() == Api::IoError::IoErrorCode::Interrupt); if (send_result.ok()) { ENVOY_LOG_MISC(trace, "sendmsg bytes {}", send_result.rc_); } else { ENVOY_LOG_MISC(debug, "sendmsg failed with error code {}: {}", static_cast(send_result.err_->getErrorCode()), send_result.err_->getErrorDetails()); } return send_result; } void passPayloadToProcessor(uint64_t bytes_read, Buffer::InstancePtr buffer, Address::InstanceConstSharedPtr peer_addess, Address::InstanceConstSharedPtr local_address, UdpPacketProcessor& udp_packet_processor, MonotonicTime receive_time) { RELEASE_ASSERT( peer_addess != nullptr, fmt::format("Unable to get remote address on the socket bount to local address: {} ", local_address->asString())); // Unix domain sockets are not supported RELEASE_ASSERT(peer_addess->type() == Address::Type::Ip, fmt::format("Unsupported remote address: {} local address: {}, receive size: " "{}", peer_addess->asString(), local_address->asString(), bytes_read)); udp_packet_processor.processPacket(std::move(local_address), std::move(peer_addess), std::move(buffer), receive_time); } Api::IoCallUint64Result Utility::readFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, MonotonicTime receive_time, uint32_t* packets_dropped) { if (handle.supportsUdpGro()) { Buffer::InstancePtr buffer = std::make_unique(); IoHandle::RecvMsgOutput output(1, packets_dropped); // TODO(yugant): Avoid allocating 24k for each read by getting memory from UdpPacketProcessor const uint64_t max_packet_size_with_gro = 16 * udp_packet_processor.maxPacketSize(); Api::IoCallUint64Result result = receiveMessage(max_packet_size_with_gro, buffer, output, handle, local_address); if (!result.ok()) { return result; } const uint64_t gso_size = output.msg_[0].gso_size_; ENVOY_LOG_MISC(trace, "recvmsg bytes {} with gso_size as {}", result.rc_, gso_size); // Skip gso segmentation and proceed as a single payload. if (gso_size == 0u) { passPayloadToProcessor(result.rc_, std::move(buffer), std::move(output.msg_[0].peer_address_), std::move(output.msg_[0].local_address_), udp_packet_processor, receive_time); return result; } // Segment the buffer read by the recvmsg syscall into gso_sized sub buffers. while (buffer->length() > 0) { const uint64_t bytes_to_copy = std::min(buffer->length(), gso_size); Buffer::InstancePtr sub_buffer = std::make_unique(); sub_buffer->move(*buffer, bytes_to_copy); passPayloadToProcessor(bytes_to_copy, std::move(sub_buffer), output.msg_[0].peer_address_, output.msg_[0].local_address_, udp_packet_processor, receive_time); } return result; } if (handle.supportsMmsg()) { const uint32_t num_packets_per_mmsg_call = 16u; const uint32_t num_slices_per_packet = 1u; absl::FixedArray buffers(num_packets_per_mmsg_call); RawSliceArrays slices(num_packets_per_mmsg_call, absl::FixedArray(num_slices_per_packet)); for (uint32_t i = 0; i < num_packets_per_mmsg_call; ++i) { buffers[i] = std::make_unique(); const uint64_t num_slices = buffers[i]->reserve(udp_packet_processor.maxPacketSize(), slices[i].data(), num_slices_per_packet); ASSERT(num_slices == num_slices_per_packet); } IoHandle::RecvMsgOutput output(num_packets_per_mmsg_call, packets_dropped); Api::IoCallUint64Result result = handle.recvmmsg(slices, local_address.ip()->port(), output); if (!result.ok()) { return result; } uint64_t packets_read = result.rc_; ENVOY_LOG_MISC(trace, "recvmmsg read {} packets", packets_read); for (uint64_t i = 0; i < packets_read; ++i) { Buffer::RawSlice* slice = slices[i].data(); const uint64_t msg_len = output.msg_[i].msg_len_; ASSERT(msg_len <= slice->len_); ENVOY_LOG_MISC(debug, "Receive a packet with {} bytes from {}", msg_len, output.msg_[i].peer_address_->asString()); // Adjust used memory length and commit slice to buffer slice->len_ = std::min(slice->len_, static_cast(msg_len)); buffers[i]->commit(slice, 1); passPayloadToProcessor(msg_len, std::move(buffers[i]), output.msg_[i].peer_address_, output.msg_[i].local_address_, udp_packet_processor, receive_time); } return result; } Buffer::InstancePtr buffer = std::make_unique(); IoHandle::RecvMsgOutput output(1, packets_dropped); Api::IoCallUint64Result result = receiveMessage(udp_packet_processor.maxPacketSize(), buffer, output, handle, local_address); if (!result.ok()) { return result; } ENVOY_LOG_MISC(trace, "recvmsg bytes {}", result.rc_); passPayloadToProcessor(result.rc_, std::move(buffer), std::move(output.msg_[0].peer_address_), std::move(output.msg_[0].local_address_), udp_packet_processor, receive_time); return result; } Api::IoErrorPtr Utility::readPacketsFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, TimeSource& time_source, uint32_t& packets_dropped) { do { const uint32_t old_packets_dropped = packets_dropped; const MonotonicTime receive_time = time_source.monotonicTime(); Api::IoCallUint64Result result = Utility::readFromSocket( handle, local_address, udp_packet_processor, receive_time, &packets_dropped); if (!result.ok()) { // No more to read or encountered a system error. return std::move(result.err_); } if (result.rc_ == 0) { // TODO(conqerAtapple): Is zero length packet interesting? If so add stats // for it. Otherwise remove the warning log below. ENVOY_LOG_MISC(trace, "received 0-length packet"); } if (packets_dropped != old_packets_dropped) { // The kernel tracks SO_RXQ_OVFL as a uint32 which can overflow to a smaller // value. So as long as this count differs from previously recorded value, // more packets are dropped by kernel. const uint32_t delta = (packets_dropped > old_packets_dropped) ? (packets_dropped - old_packets_dropped) : (packets_dropped + (std::numeric_limits::max() - old_packets_dropped) + 1); // TODO(danzh) add stats for this. ENVOY_LOG_MISC( debug, "Kernel dropped {} more packets. Consider increase receive buffer size.", delta); } } while (true); } } // namespace Network } // namespace Envoy ================================================ FILE: source/common/network/utility.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/connection.h" #include "envoy/network/listener.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Network { /** * Utility class to represent TCP/UDP port range */ class PortRange { public: PortRange(uint32_t min, uint32_t max) : min_(min), max_(max) {} bool contains(uint32_t port) const { return (port >= min_ && port <= max_); } private: const uint32_t min_; const uint32_t max_; }; using PortRangeList = std::list; /** * A callback interface used by readFromSocket() to pass packets read from * socket. */ class UdpPacketProcessor { public: virtual ~UdpPacketProcessor() = default; /** * Consume the packet read out of the socket with the information from UDP * header. * @param local_address is the destination address in the UDP header. * @param peer_address is the source address in the UDP header. * @param buffer contains the packet read. * @param receive_time is the time when the packet is read. */ virtual void processPacket(Address::InstanceConstSharedPtr local_address, Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) PURE; /** * The expected max size of the packet to be read. If it's smaller than * actually packets received, the payload will be truncated. */ virtual uint64_t maxPacketSize() const PURE; }; static const uint64_t MAX_UDP_PACKET_SIZE = 1500; /** * Common network utility routines. */ class Utility { public: static constexpr absl::string_view TCP_SCHEME{"tcp://"}; static constexpr absl::string_view UDP_SCHEME{"udp://"}; static constexpr absl::string_view UNIX_SCHEME{"unix://"}; /** * Resolve a URL. * @param url supplies the url to resolve. * @return Address::InstanceConstSharedPtr the resolved address. */ static Address::InstanceConstSharedPtr resolveUrl(const std::string& url); /** * Match a URL to the TCP scheme * @param url supplies the URL to match. * @return bool true if the URL matches the TCP scheme, false otherwise. */ static bool urlIsTcpScheme(absl::string_view url); /** * Match a URL to the UDP scheme * @param url supplies the URL to match. * @return bool true if the URL matches the UDP scheme, false otherwise. */ static bool urlIsUdpScheme(absl::string_view url); /** * Match a URL to the Unix scheme * @param url supplies the Unix to match. * @return bool true if the URL matches the Unix scheme, false otherwise. */ static bool urlIsUnixScheme(absl::string_view url); /** * Parses the host from a TCP URL * @param the URL to parse host from * @return std::string the parsed host */ static std::string hostFromTcpUrl(const std::string& url); /** * Parses the port from a TCP URL * @param the URL to parse port from * @return uint32_t the parsed port */ static uint32_t portFromTcpUrl(const std::string& url); /** * Parses the host from a UDP URL * @param the URL to parse host from * @return std::string the parsed host */ static std::string hostFromUdpUrl(const std::string& url); /** * Parses the port from a UDP URL * @param the URL to parse port from * @return uint32_t the parsed port */ static uint32_t portFromUdpUrl(const std::string& url); /** * Parse an internet host address (IPv4 or IPv6) and create an Instance from it. The address must * not include a port number. Throws EnvoyException if unable to parse the address. * @param ip_address string to be parsed as an internet address. * @param port optional port to include in Instance created from ip_address, 0 by default. * @param v6only disable IPv4-IPv6 mapping for IPv6 addresses? * @return pointer to the Instance, or nullptr if unable to parse the address. */ static Address::InstanceConstSharedPtr parseInternetAddress(const std::string& ip_address, uint16_t port = 0, bool v6only = true); /** * Parse an internet host address (IPv4 or IPv6) AND port, and create an Instance from it. Throws * EnvoyException if unable to parse the address. This is needed when a shared pointer is needed * but only a raw instance is available. * @param Address::Ip& to be copied to the new instance. * @return pointer to the Instance. */ static Address::InstanceConstSharedPtr copyInternetAddressAndPort(const Address::Ip& ip); /** * Create a new Instance from an internet host address (IPv4 or IPv6) and port. * @param ip_addr string to be parsed as an internet address and port. Examples: * - "1.2.3.4:80" * - "[1234:5678::9]:443" * @param v6only disable IPv4-IPv6 mapping for IPv6 addresses? * @return pointer to the Instance. */ static Address::InstanceConstSharedPtr parseInternetAddressAndPort(const std::string& ip_address, bool v6only = true); /** * Get the local address of the first interface address that is of type * version and is not a loopback address. If no matches are found, return the * loopback address of type version. * @param the local address IP version. * @return the local IP address of the server */ static Address::InstanceConstSharedPtr getLocalAddress(const Address::IpVersion version); /** * Determine whether this is a local connection. * @return bool the address is a local connection. */ static bool isSameIpOrLoopback(const ConnectionSocket& socket); /** * Determine whether this is an internal (RFC1918) address. * @return bool the address is an RFC1918 address. */ static bool isInternalAddress(const Address::Instance& address); /** * Check if address is loopback address. * @param address IP address to check. * @return true if so, otherwise false */ static bool isLoopbackAddress(const Address::Instance& address); /** * @return Address::InstanceConstSharedPtr an address that represents the canonical IPv4 loopback * address (i.e. "127.0.0.1"). Note that the range "127.0.0.0/8" is all defined as the * loopback range, but the address typically used (e.g. in tests) is "127.0.0.1". */ static Address::InstanceConstSharedPtr getCanonicalIpv4LoopbackAddress(); /** * @return Address::InstanceConstSharedPtr an address that represents the IPv6 loopback address * (i.e. "::1"). */ static Address::InstanceConstSharedPtr getIpv6LoopbackAddress(); /** * @return Address::InstanceConstSharedPtr an address that represents the IPv4 wildcard address * (i.e. "0.0.0.0"). Used during binding to indicate that incoming connections to any * local IPv4 address are to be accepted. */ static Address::InstanceConstSharedPtr getIpv4AnyAddress(); /** * @return Address::InstanceConstSharedPtr an address that represents the IPv6 wildcard address * (i.e. "::"). Used during binding to indicate that incoming connections to any local * IPv6 address are to be accepted. */ static Address::InstanceConstSharedPtr getIpv6AnyAddress(); /** * @return the IPv4 CIDR catch-all address (0.0.0.0/0). */ static const std::string& getIpv4CidrCatchAllAddress(); /** * @return the IPv6 CIDR catch-all address (::/0). */ static const std::string& getIpv6CidrCatchAllAddress(); /** * @param address IP address instance. * @param port to update. * @return Address::InstanceConstSharedPtr a new address instance with updated port. */ static Address::InstanceConstSharedPtr getAddressWithPort(const Address::Instance& address, uint32_t port); /** * Retrieve the original destination address from an accepted socket. * The address (IP and port) may be not local and the port may differ from * the listener port if the packets were redirected using iptables * @param sock is accepted socket * @return the original destination or nullptr if not available. */ static Address::InstanceConstSharedPtr getOriginalDst(Socket& sock); /** * Parses a string containing a comma-separated list of port numbers and/or * port ranges and appends the values to a caller-provided list of PortRange structures. * For example, the string "1-1024,2048-4096,12345" causes 3 PortRange structures * to be appended to the supplied list. * @param str is the string containing the port numbers and ranges * @param list is the list to append the new data structures to */ static void parsePortRangeList(absl::string_view string, std::list& list); /** * Checks whether a given port number appears in at least one of the port ranges in a list * @param address supplies the IP address to compare. * @param list the list of port ranges in which the port may appear * @return whether the port appears in at least one of the ranges in the list */ static bool portInRangeList(const Address::Instance& address, const std::list& list); /** * Converts IPv6 absl::uint128 in network byte order to host byte order. * @param address supplies the IPv6 address in network byte order. * @return the absl::uint128 IPv6 address in host byte order. */ static absl::uint128 Ip6ntohl(const absl::uint128& address); /** * Converts IPv6 absl::uint128 in host byte order to network byte order. * @param address supplies the IPv6 address in host byte order. * @return the absl::uint128 IPv6 address in network byte order. */ static absl::uint128 Ip6htonl(const absl::uint128& address); static Address::InstanceConstSharedPtr protobufAddressToAddress(const envoy::config::core::v3::Address& proto_address); /** * Copies the address instance into the protobuf representation of an address. * @param address is the address to be copied into the protobuf representation of this address. * @param proto_address is the protobuf address to which the address instance is copied into. */ static void addressToProtobufAddress(const Address::Instance& address, envoy::config::core::v3::Address& proto_address); /** * Returns socket type corresponding to SocketAddress.protocol value of the * given address, or SocketType::Stream if the address is a pipe address. * @param proto_address the address protobuf * @return socket type */ static Socket::Type protobufAddressSocketType(const envoy::config::core::v3::Address& proto_address); /** * Send a packet via given UDP socket with specific source address. * @param handle is the UDP socket used to send. * @param slices points to the buffers containing the packet. * @param num_slices is the number of buffers. * @param local_ip is the source address to be used to send. * @param peer_address is the destination address to send to. */ static Api::IoCallUint64Result writeToSocket(IoHandle& handle, Buffer::RawSlice* slices, uint64_t num_slices, const Address::Ip* local_ip, const Address::Instance& peer_address); static Api::IoCallUint64Result writeToSocket(IoHandle& handle, const Buffer::Instance& buffer, const Address::Ip* local_ip, const Address::Instance& peer_address); /** * Read a packet from a given UDP socket and pass the packet to given UdpPacketProcessor. * @param handle is the UDP socket to read from. * @param local_address is the socket's local address used to populate port. * @param udp_packet_processor is the callback to receive the packet. * @param receive_time is the timestamp passed to udp_packet_processor for the * receive time of the packet. * @param packets_dropped is the output parameter for number of packets dropped in kernel. If the * caller is not interested in it, nullptr can be passed in. */ static Api::IoCallUint64Result readFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, MonotonicTime receive_time, uint32_t* packets_dropped); /** * Read available packets from a given UDP socket and pass the packet to a given * UdpPacketProcessor. * @param handle is the UDP socket to read from. * @param local_address is the socket's local address used to populate port. * @param udp_packet_processor is the callback to receive the packets. * @param time_source is the time source used to generate the time stamp of the received packets. * @param packets_dropped is the output parameter for number of packets dropped in kernel. * * TODO(mattklein123): Allow the number of packets read to be limited for fairness. Currently * this function will always return an error, even if EAGAIN. In the future * we can return no error if we limited the number of packets read and have * to fake another read event. * TODO(mattklein123): Can we potentially share this with the TCP stack somehow? Similar code * exists there. */ static Api::IoErrorPtr readPacketsFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, TimeSource& time_source, uint32_t& packets_dropped); private: static void throwWithMalformedIp(absl::string_view ip_address); /** * Takes a number and flips the order in byte chunks. The last byte of the input will be the * first byte in the output. The second to last byte will be the second to first byte in the * output. Etc.. * @param input supplies the input to have the bytes flipped. * @return the absl::uint128 of the input having the bytes flipped. */ static absl::uint128 flipOrder(const absl::uint128& input); }; } // namespace Network } // namespace Envoy ================================================ FILE: source/common/profiler/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "profiler_lib", srcs = ["profiler.cc"], hdrs = ["profiler.h"], tcmalloc_dep = 1, ) ================================================ FILE: source/common/profiler/profiler.cc ================================================ #include "common/profiler/profiler.h" #include #ifdef PROFILER_AVAILABLE #include "gperftools/heap-profiler.h" #include "gperftools/profiler.h" namespace Envoy { namespace Profiler { bool Cpu::profilerEnabled() { return ProfilingIsEnabledForAllThreads(); } bool Cpu::startProfiler(const std::string& output_path) { return ProfilerStart(output_path.c_str()); } void Cpu::stopProfiler() { ProfilerStop(); } bool Heap::profilerEnabled() { // determined by PROFILER_AVAILABLE return true; } bool Heap::isProfilerStarted() { return IsHeapProfilerRunning(); } bool Heap::startProfiler(const std::string& output_file_name_prefix) { HeapProfilerStart(output_file_name_prefix.c_str()); return true; } bool Heap::stopProfiler() { if (!IsHeapProfilerRunning()) { return false; } HeapProfilerDump("stop and dump"); HeapProfilerStop(); return true; } } // namespace Profiler } // namespace Envoy #else namespace Envoy { namespace Profiler { bool Cpu::profilerEnabled() { return false; } bool Cpu::startProfiler(const std::string&) { return false; } void Cpu::stopProfiler() {} bool Heap::profilerEnabled() { return false; } bool Heap::isProfilerStarted() { return false; } bool Heap::startProfiler(const std::string&) { return false; } bool Heap::stopProfiler() { return false; } } // namespace Profiler } // namespace Envoy #endif // #ifdef TCMALLOC ================================================ FILE: source/common/profiler/profiler.h ================================================ #pragma once #include // Profiling support is provided in the release tcmalloc of `gperftools`, but not in the library // that supplies the debug tcmalloc. So all the profiling code must be ifdef'd // on PROFILER_AVAILABLE which is dependent on those two settings. #if defined(GPERFTOOLS_TCMALLOC) && !defined(ENVOY_MEMORY_DEBUG_ENABLED) #define PROFILER_AVAILABLE #endif namespace Envoy { namespace Profiler { /** * Process wide CPU profiling. */ class Cpu { public: /** * @return whether the profiler is enabled or not. */ static bool profilerEnabled(); /** * Start the profiler and write to the specified path. * @return bool whether the call to start the profiler succeeded. */ static bool startProfiler(const std::string& output_path); /** * Stop the profiler. */ static void stopProfiler(); }; /** * Process wide heap profiling */ class Heap { public: /** * @return whether the profiler is enabled in this build or not. */ static bool profilerEnabled(); /** * @return whether the profiler is started or not */ static bool isProfilerStarted(); /** * Start the profiler and write to the specified path. * @return bool whether the call to start the profiler succeeded. */ static bool startProfiler(const std::string& output_path); /** * Stop the profiler. * @return bool whether the file is dumped */ static bool stopProfiler(); }; } // namespace Profiler } // namespace Envoy ================================================ FILE: source/common/protobuf/BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_proto_library") load("@rules_proto//proto:defs.bzl", "proto_library") load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() proto_library( name = "wkt_protos", deps = [ "@com_google_protobuf//:any_proto", "@com_google_protobuf//:descriptor_proto", "@com_google_protobuf//:empty_proto", "@com_google_protobuf//:struct_proto", "@com_google_protobuf//:wrappers_proto", ], ) cc_proto_library( name = "cc_wkt_protos", deps = [":wkt_protos"], ) envoy_cc_library( name = "message_validator_lib", srcs = ["message_validator_impl.cc"], hdrs = ["message_validator_impl.h"], external_deps = ["protobuf"], deps = [ "//include/envoy/protobuf:message_validator_interface", "//include/envoy/stats:stats_interface", "//source/common/common:documentation_url_lib", "//source/common/common:hash_lib", "//source/common/common:logger_lib", "//source/common/common:macros", ], ) envoy_cc_library( name = "protobuf", hdrs = ["protobuf.h"], external_deps = [ "protobuf", ], deps = [":cc_wkt_protos"], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = [ "protobuf", "yaml_cpp", ], deps = [ ":message_validator_lib", ":protobuf", ":type_util_lib", ":well_known_lib", "//include/envoy/api:api_interface", "//include/envoy/protobuf:message_validator_interface", "//include/envoy/runtime:runtime_interface", "//source/common/common:assert_lib", "//source/common/common:documentation_url_lib", "//source/common/common:hash_lib", "//source/common/common:utility_lib", "//source/common/config:api_type_oracle_lib", "//source/common/config:version_converter_lib", "//source/common/protobuf:visitor_lib", "@com_github_cncf_udpa//udpa/annotations:pkg_cc_proto", "@envoy_api//envoy/annotations:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "type_util_lib", srcs = ["type_util.cc"], hdrs = ["type_util.h"], deps = [ "//source/common/protobuf", "@com_github_cncf_udpa//udpa/annotations:pkg_cc_proto", ], ) envoy_cc_library( name = "visitor_lib", srcs = ["visitor.cc"], hdrs = ["visitor.h"], deps = [":protobuf"], ) envoy_cc_library( name = "well_known_lib", hdrs = ["well_known.h"], ) ================================================ FILE: source/common/protobuf/message_validator_impl.cc ================================================ #include "common/protobuf/message_validator_impl.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/hash.h" #include "common/common/macros.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace ProtobufMessage { namespace { const char deprecation_error[] = " If continued use of this field is absolutely necessary, " "see " ENVOY_DOC_URL_RUNTIME_OVERRIDE_DEPRECATED " for " "how to apply a temporary and highly discouraged override."; void onDeprecatedFieldCommon(absl::string_view description, bool soft_deprecation) { if (soft_deprecation) { ENVOY_LOG_MISC(warn, "Deprecated field: {}", absl::StrCat(description, deprecation_error)); } else { throw DeprecatedProtoFieldException(absl::StrCat(description, deprecation_error)); } } } // namespace void WarningValidationVisitorImpl::setUnknownCounter(Stats::Counter& counter) { ASSERT(unknown_counter_ == nullptr); unknown_counter_ = &counter; counter.add(prestats_unknown_count_); } void WarningValidationVisitorImpl::onUnknownField(absl::string_view description) { const uint64_t hash = HashUtil::xxHash64(description); auto it = descriptions_.insert(hash); // If we've seen this before, skip. if (!it.second) { return; } // It's a new field, log and bump stat. ENVOY_LOG(warn, "Unknown field: {}", description); if (unknown_counter_ == nullptr) { ++prestats_unknown_count_; } else { unknown_counter_->inc(); } } void WarningValidationVisitorImpl::onDeprecatedField(absl::string_view description, bool soft_deprecation) { onDeprecatedFieldCommon(description, soft_deprecation); } void StrictValidationVisitorImpl::onUnknownField(absl::string_view description) { throw UnknownProtoFieldException( absl::StrCat("Protobuf message (", description, ") has unknown fields")); } void StrictValidationVisitorImpl::onDeprecatedField(absl::string_view description, bool soft_deprecation) { onDeprecatedFieldCommon(description, soft_deprecation); } ValidationVisitor& getNullValidationVisitor() { MUTABLE_CONSTRUCT_ON_FIRST_USE(NullValidationVisitorImpl); } ValidationVisitor& getStrictValidationVisitor() { MUTABLE_CONSTRUCT_ON_FIRST_USE(StrictValidationVisitorImpl); } } // namespace ProtobufMessage } // namespace Envoy ================================================ FILE: source/common/protobuf/message_validator_impl.h ================================================ #pragma once #include "envoy/protobuf/message_validator.h" #include "envoy/stats/stats.h" #include "common/common/documentation_url.h" #include "common/common/logger.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace ProtobufMessage { class NullValidationVisitorImpl : public ValidationVisitor { public: // Envoy::ProtobufMessage::ValidationVisitor void onUnknownField(absl::string_view) override {} void onDeprecatedField(absl::string_view, bool) override {} // Envoy::ProtobufMessage::ValidationVisitor bool skipValidation() override { return true; } }; ValidationVisitor& getNullValidationVisitor(); class WarningValidationVisitorImpl : public ValidationVisitor, public Logger::Loggable { public: void setUnknownCounter(Stats::Counter& counter); // Envoy::ProtobufMessage::ValidationVisitor void onUnknownField(absl::string_view description) override; void onDeprecatedField(absl::string_view description, bool soft_deprecation) override; // Envoy::ProtobufMessage::ValidationVisitor bool skipValidation() override { return false; } private: // Track hashes of descriptions we've seen, to avoid log spam. A hash is used here to avoid // wasting memory with unused strings. absl::flat_hash_set descriptions_; // This can be late initialized via setUnknownCounter(), enabling the server bootstrap loading // which occurs prior to the initialization of the stats subsystem. Stats::Counter* unknown_counter_{}; uint64_t prestats_unknown_count_{}; }; class StrictValidationVisitorImpl : public ValidationVisitor { public: // Envoy::ProtobufMessage::ValidationVisitor void onUnknownField(absl::string_view description) override; // Envoy::ProtobufMessage::ValidationVisitor bool skipValidation() override { return false; } void onDeprecatedField(absl::string_view description, bool soft_deprecation) override; }; ValidationVisitor& getStrictValidationVisitor(); class ValidationContextImpl : public ValidationContext { public: ValidationContextImpl(ValidationVisitor& static_validation_visitor, ValidationVisitor& dynamic_validation_visitor) : static_validation_visitor_(static_validation_visitor), dynamic_validation_visitor_(dynamic_validation_visitor) {} // Envoy::ProtobufMessage::ValidationContext ValidationVisitor& staticValidationVisitor() override { return static_validation_visitor_; } ValidationVisitor& dynamicValidationVisitor() override { return dynamic_validation_visitor_; } private: ValidationVisitor& static_validation_visitor_; ValidationVisitor& dynamic_validation_visitor_; }; class ProdValidationContextImpl : public ValidationContextImpl { public: ProdValidationContextImpl(bool allow_unknown_static_fields, bool allow_unknown_dynamic_fields, bool ignore_unknown_dynamic_fields) : ValidationContextImpl(allow_unknown_static_fields ? static_warning_validation_visitor_ : getStrictValidationVisitor(), allow_unknown_dynamic_fields ? (ignore_unknown_dynamic_fields ? ProtobufMessage::getNullValidationVisitor() : dynamic_warning_validation_visitor_) : ProtobufMessage::getStrictValidationVisitor()) {} ProtobufMessage::WarningValidationVisitorImpl& staticWarningValidationVisitor() { return static_warning_validation_visitor_; } ProtobufMessage::WarningValidationVisitorImpl& dynamicWarningValidationVisitor() { return dynamic_warning_validation_visitor_; } private: ProtobufMessage::WarningValidationVisitorImpl static_warning_validation_visitor_; ProtobufMessage::WarningValidationVisitorImpl dynamic_warning_validation_visitor_; }; } // namespace ProtobufMessage } // namespace Envoy ================================================ FILE: source/common/protobuf/protobuf.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "google/protobuf/any.pb.h" #include "google/protobuf/descriptor.h" #include "google/protobuf/descriptor.pb.h" #include "google/protobuf/descriptor_database.h" #include "google/protobuf/dynamic_message.h" #include "google/protobuf/empty.pb.h" #include "google/protobuf/io/coded_stream.h" #include "google/protobuf/io/zero_copy_stream.h" #include "google/protobuf/io/zero_copy_stream_impl.h" #include "google/protobuf/map.h" #include "google/protobuf/message.h" #include "google/protobuf/repeated_field.h" #include "google/protobuf/service.h" #include "google/protobuf/struct.pb.h" #include "google/protobuf/stubs/status.h" #include "google/protobuf/text_format.h" #include "google/protobuf/util/field_mask_util.h" #include "google/protobuf/util/json_util.h" #include "google/protobuf/util/message_differencer.h" #include "google/protobuf/util/time_util.h" #include "google/protobuf/util/type_resolver.h" #include "google/protobuf/util/type_resolver_util.h" #include "google/protobuf/wrappers.pb.h" namespace Envoy { // All references to google::protobuf in Envoy need to be made via the // Envoy::Protobuf namespace. This is required to allow remapping of protobuf to // alternative implementations during import into other repositories. E.g. at // Google we have more than one protobuf implementation. namespace Protobuf = google::protobuf; // Allows mapping from google::protobuf::util to other util libraries. namespace ProtobufUtil = google::protobuf::util; // Protobuf well-known types (WKT) should be referenced via the ProtobufWkt // namespace. namespace ProtobufWkt = google::protobuf; // Alternative protobuf implementations might not have the same basic types. // Below we provide wrappers to facilitate remapping of the type during import. namespace ProtobufTypes { using MessagePtr = std::unique_ptr; using ConstMessagePtrVector = std::vector>; using Int64 = int64_t; } // namespace ProtobufTypes } // namespace Envoy ================================================ FILE: source/common/protobuf/type_util.cc ================================================ #include "common/protobuf/type_util.h" namespace Envoy { absl::string_view TypeUtil::typeUrlToDescriptorFullName(absl::string_view type_url) { const size_t pos = type_url.rfind('/'); if (pos != absl::string_view::npos) { type_url = type_url.substr(pos + 1); } return type_url; } std::string TypeUtil::descriptorFullNameToTypeUrl(absl::string_view type) { return "type.googleapis.com/" + std::string(type); } } // namespace Envoy ================================================ FILE: source/common/protobuf/type_util.h ================================================ #pragma once #include "common/protobuf/protobuf.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { class TypeUtil { public: static absl::string_view typeUrlToDescriptorFullName(absl::string_view type_url); static std::string descriptorFullNameToTypeUrl(absl::string_view type); }; } // namespace Envoy ================================================ FILE: source/common/protobuf/utility.cc ================================================ #include "common/protobuf/utility.h" #include #include #include "envoy/annotations/deprecation.pb.h" #include "envoy/protobuf/message_validator.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/assert.h" #include "common/common/documentation_url.h" #include "common/common/fmt.h" #include "common/config/api_type_oracle.h" #include "common/config/version_converter.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/visitor.h" #include "common/protobuf/well_known.h" #include "absl/strings/match.h" #include "udpa/annotations/sensitive.pb.h" #include "yaml-cpp/yaml.h" using namespace std::chrono_literals; namespace Envoy { namespace { absl::string_view filenameFromPath(absl::string_view full_path) { size_t index = full_path.rfind("/"); if (index == std::string::npos || index == full_path.size()) { return full_path; } return full_path.substr(index + 1, full_path.size()); } void blockFormat(YAML::Node node) { node.SetStyle(YAML::EmitterStyle::Block); if (node.Type() == YAML::NodeType::Sequence) { for (const auto& it : node) { blockFormat(it); } } if (node.Type() == YAML::NodeType::Map) { for (const auto& it : node) { blockFormat(it.second); } } } ProtobufWkt::Value parseYamlNode(const YAML::Node& node) { ProtobufWkt::Value value; switch (node.Type()) { case YAML::NodeType::Null: value.set_null_value(ProtobufWkt::NULL_VALUE); break; case YAML::NodeType::Scalar: { if (node.Tag() == "!") { value.set_string_value(node.as()); break; } bool bool_value; if (YAML::convert::decode(node, bool_value)) { value.set_bool_value(bool_value); break; } int64_t int_value; if (YAML::convert::decode(node, int_value)) { if (std::numeric_limits::min() <= int_value && std::numeric_limits::max() >= int_value) { // We could convert all integer values to string but it will break some stuff relying on // ProtobufWkt::Struct itself, only convert small numbers into number_value here. value.set_number_value(int_value); } else { // Proto3 JSON mapping allows use string for integer, this still has to be converted from // int_value to support hexadecimal and octal literals. value.set_string_value(std::to_string(int_value)); } break; } // Fall back on string, including float/double case. When protobuf parse the JSON into a message // it will convert based on the type in the message definition. value.set_string_value(node.as()); break; } case YAML::NodeType::Sequence: { auto& list_values = *value.mutable_list_value()->mutable_values(); for (const auto& it : node) { *list_values.Add() = parseYamlNode(it); } break; } case YAML::NodeType::Map: { auto& struct_fields = *value.mutable_struct_value()->mutable_fields(); for (const auto& it : node) { struct_fields[it.first.as()] = parseYamlNode(it.second); } break; } case YAML::NodeType::Undefined: throw EnvoyException("Undefined YAML value"); } return value; } void jsonConvertInternal(const Protobuf::Message& source, ProtobufMessage::ValidationVisitor& validation_visitor, Protobuf::Message& dest, bool do_boosting = true) { Protobuf::util::JsonPrintOptions json_options; json_options.preserve_proto_field_names = true; std::string json; const auto status = Protobuf::util::MessageToJsonString(source, &json, json_options); if (!status.ok()) { throw EnvoyException(fmt::format("Unable to convert protobuf message to JSON string: {} {}", status.ToString(), source.DebugString())); } MessageUtil::loadFromJson(json, dest, validation_visitor, do_boosting); } enum class MessageVersion { // This is an earlier version of a message, a later one exists. EarlierVersion, // This is the latest version of a message. LatestVersion, // Validating to see if the latest version will also be accepted; only apply message validators // without side effects, validations should be strict. LatestVersionValidate, }; using MessageXformFn = std::function; class ApiBoostRetryException : public EnvoyException { public: ApiBoostRetryException(const std::string& message) : EnvoyException(message) {} }; // Apply a function transforming a message (e.g. loading JSON into the message). // First we try with the message's earlier type, and if unsuccessful (or no // earlier) type, then the current type. This allows us to take a v3 Envoy // internal proto and ingest both v2 and v3 in methods such as loadFromJson. // This relies on the property that any v3 configuration that is readable as // v2 has the same semantics in v2/v3, which holds due to the highly structured // vN/v(N+1) mechanical transforms. void tryWithApiBoosting(MessageXformFn f, Protobuf::Message& message) { const Protobuf::Descriptor* earlier_version_desc = Config::ApiTypeOracle::getEarlierVersionDescriptor(message.GetDescriptor()->full_name()); // If there is no earlier version of a message, just apply f directly. if (earlier_version_desc == nullptr) { f(message, MessageVersion::LatestVersion); return; } Protobuf::DynamicMessageFactory dmf; auto earlier_message = ProtobufTypes::MessagePtr(dmf.GetPrototype(earlier_version_desc)->New()); ASSERT(earlier_message != nullptr); try { // Try apply f with an earlier version of the message, then upgrade the // result. f(*earlier_message, MessageVersion::EarlierVersion); // If we succeed at the earlier version, we ask the counterfactual, would this have worked at a // later version? If not, this is v2 only and we need to warn. This is a waste of CPU cycles but // we expect that JSON/YAML fragments will not be in use by any CPU limited use cases. try { f(message, MessageVersion::LatestVersionValidate); } catch (EnvoyException& e) { MessageUtil::onVersionUpgradeWarn(e.what()); } // Now we do the real work of upgrading. Config::VersionConverter::upgrade(*earlier_message, message); } catch (ApiBoostRetryException&) { // If we fail at the earlier version, try f at the current version of the // message. f(message, MessageVersion::LatestVersion); } } // Logs a warning for use of a deprecated field or runtime-overridden use of an // otherwise fatal field. Throws a warning on use of a fatal by default field. void deprecatedFieldHelper(Runtime::Loader* runtime, bool proto_annotated_as_deprecated, bool proto_annotated_as_disallowed, const std::string& feature_name, std::string error, const Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor) { // This option is for Envoy builds with --define deprecated_features=disabled // The build options CI then verifies that as Envoy developers deprecate fields, // that they update canonical configs and unit tests to not use those deprecated // fields, by making their use fatal in the build options CI. #ifdef ENVOY_DISABLE_DEPRECATED_FEATURES bool warn_only = false; #else bool warn_only = true; #endif bool warn_default = warn_only; // Allow runtime to be null both to not crash if this is called before server initialization, // and so proto validation works in context where runtime singleton is not set up (e.g. // standalone config validation utilities) if (runtime && proto_annotated_as_deprecated) { // This is set here, rather than above, so that in the absence of a // registry (i.e. test) the default for if a feature is allowed or not is // based on ENVOY_DISABLE_DEPRECATED_FEATURES. warn_only &= !proto_annotated_as_disallowed; warn_default = warn_only; warn_only = runtime->snapshot().deprecatedFeatureEnabled(feature_name, warn_only); } // Note this only checks if the runtime override has an actual effect. It // does not change the logged warning if someone "allows" a deprecated but not // yet fatal field. const bool runtime_overridden = (warn_default == false && warn_only == true); std::string with_overridden = fmt::format( error, (runtime_overridden ? "runtime overrides to continue using now fatal-by-default " : "")); validation_visitor.onDeprecatedField("type " + message.GetTypeName() + " " + with_overridden, warn_only); } } // namespace namespace ProtobufPercentHelper { uint64_t checkAndReturnDefault(uint64_t default_value, uint64_t max_value) { ASSERT(default_value <= max_value); return default_value; } uint64_t convertPercent(double percent, uint64_t max_value) { // Checked by schema. ASSERT(percent >= 0.0 && percent <= 100.0); return max_value * (percent / 100.0); } bool evaluateFractionalPercent(envoy::type::v3::FractionalPercent percent, uint64_t random_value) { return random_value % fractionalPercentDenominatorToInt(percent.denominator()) < percent.numerator(); } uint64_t fractionalPercentDenominatorToInt( const envoy::type::v3::FractionalPercent::DenominatorType& denominator) { switch (denominator) { case envoy::type::v3::FractionalPercent::HUNDRED: return 100; case envoy::type::v3::FractionalPercent::TEN_THOUSAND: return 10000; case envoy::type::v3::FractionalPercent::MILLION: return 1000000; default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace ProtobufPercentHelper MissingFieldException::MissingFieldException(const std::string& field_name, const Protobuf::Message& message) : EnvoyException( fmt::format("Field '{}' is missing in: {}", field_name, message.DebugString())) {} ProtoValidationException::ProtoValidationException(const std::string& validation_error, const Protobuf::Message& message) : EnvoyException(fmt::format("Proto constraint validation failed ({}): {}", validation_error, message.DebugString())) { ENVOY_LOG_MISC(debug, "Proto validation error; throwing {}", what()); } void ProtoExceptionUtil::throwMissingFieldException(const std::string& field_name, const Protobuf::Message& message) { throw MissingFieldException(field_name, message); } void ProtoExceptionUtil::throwProtoValidationException(const std::string& validation_error, const Protobuf::Message& message) { throw ProtoValidationException(validation_error, message); } // TODO(htuch): this is where we will also reject v2 configs by default. void MessageUtil::onVersionUpgradeWarn(absl::string_view desc) { const std::string& warning_str = fmt::format("Configuration does not parse cleanly as v3. v2 configuration is " "deprecated and will be removed from Envoy at the start of Q1 2021: {}", desc); // Always log at trace level. This is useful for tests that don't want to rely on possible // elision. ENVOY_LOG_MISC(trace, warning_str); // Log each distinct message at warn level once every 5s. We use a static map here, which is fine // as we are always on the main thread. static auto* last_warned = new absl::flat_hash_map(); const auto now = t_logclock::now().time_since_epoch().count(); const auto it = last_warned->find(warning_str); if (it == last_warned->end() || (now - it->second) > std::chrono::duration_cast(5s).count()) { ENVOY_LOG_MISC(warn, warning_str); (*last_warned)[warning_str] = now; } Runtime::Loader* loader = Runtime::LoaderSingleton::getExisting(); // We only log, and don't bump stats, if we're sufficiently early in server initialization (i.e. // bootstrap). if (loader != nullptr) { loader->countDeprecatedFeatureUse(); } } size_t MessageUtil::hash(const Protobuf::Message& message) { std::string text_format; { Protobuf::TextFormat::Printer printer; printer.SetExpandAny(true); printer.SetUseFieldNumber(true); printer.SetSingleLineMode(true); printer.SetHideUnknownFields(true); printer.PrintToString(message, &text_format); } return HashUtil::xxHash64(text_format); } void MessageUtil::loadFromJson(const std::string& json, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, bool do_boosting) { auto load_json = [&json, &validation_visitor](Protobuf::Message& message, MessageVersion message_version) { Protobuf::util::JsonParseOptions options; options.case_insensitive_enum_parsing = true; // Let's first try and get a clean parse when checking for unknown fields; // this should be the common case. options.ignore_unknown_fields = false; const auto strict_status = Protobuf::util::JsonStringToMessage(json, &message, options); if (strict_status.ok()) { // Success, no need to do any extra work. return; } // If we fail, we see if we get a clean parse when allowing unknown fields. // This is essentially a workaround // for https://github.com/protocolbuffers/protobuf/issues/5967. // TODO(htuch): clean this up when protobuf supports JSON/YAML unknown field // detection directly. options.ignore_unknown_fields = true; const auto relaxed_status = Protobuf::util::JsonStringToMessage(json, &message, options); // If we still fail with relaxed unknown field checking, the error has nothing // to do with unknown fields. if (!relaxed_status.ok()) { throw EnvoyException("Unable to parse JSON as proto (" + relaxed_status.ToString() + "): " + json); } // We know it's an unknown field at this point. If we're at the latest // version, then it's definitely an unknown field, otherwise we try to // load again at a later version. if (message_version == MessageVersion::LatestVersion) { validation_visitor.onUnknownField("type " + message.GetTypeName() + " reason " + strict_status.ToString()); } else if (message_version == MessageVersion::LatestVersionValidate) { throw ProtobufMessage::UnknownProtoFieldException(absl::StrCat("Unknown field in: ", json)); } else { throw ApiBoostRetryException("Unknown field, possibly a rename, try again."); } }; if (do_boosting) { tryWithApiBoosting(load_json, message); } else { load_json(message, MessageVersion::LatestVersion); } } void MessageUtil::loadFromJson(const std::string& json, ProtobufWkt::Struct& message) { // No need to validate if converting to a Struct, since there are no unknown // fields possible. loadFromJson(json, message, ProtobufMessage::getNullValidationVisitor()); } void MessageUtil::loadFromYaml(const std::string& yaml, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, bool do_boosting) { ProtobufWkt::Value value = ValueUtil::loadFromYaml(yaml); if (value.kind_case() == ProtobufWkt::Value::kStructValue || value.kind_case() == ProtobufWkt::Value::kListValue) { jsonConvertInternal(value, validation_visitor, message, do_boosting); return; } throw EnvoyException("Unable to convert YAML as JSON: " + yaml); } void MessageUtil::loadFromYaml(const std::string& yaml, ProtobufWkt::Struct& message) { // No need to validate if converting to a Struct, since there are no unknown // fields possible. return loadFromYaml(yaml, message, ProtobufMessage::getNullValidationVisitor()); } void MessageUtil::loadFromFile(const std::string& path, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api, bool do_boosting) { const std::string contents = api.fileSystem().fileReadToEnd(path); // If the filename ends with .pb, attempt to parse it as a binary proto. if (absl::EndsWith(path, FileExtensions::get().ProtoBinary)) { // Attempt to parse the binary format. auto read_proto_binary = [&contents, &validation_visitor](Protobuf::Message& message, MessageVersion message_version) { try { if (message.ParseFromString(contents)) { MessageUtil::checkForUnexpectedFields( message, message_version == MessageVersion::LatestVersionValidate ? ProtobufMessage::getStrictValidationVisitor() : validation_visitor); } return; } catch (EnvoyException& ex) { if (message_version == MessageVersion::LatestVersion || message_version == MessageVersion::LatestVersionValidate) { // Failed reading the latest version - pass the same error upwards throw ex; } } throw ApiBoostRetryException( "Failed to parse at earlier version, trying again at later version."); }; if (do_boosting) { // Attempts to read as the previous version and upgrade, and if it fails // attempts to read as latest version. tryWithApiBoosting(read_proto_binary, message); } else { read_proto_binary(message, MessageVersion::LatestVersion); } return; } // If the filename ends with .pb_text, attempt to parse it as a text proto. if (absl::EndsWith(path, FileExtensions::get().ProtoText)) { auto read_proto_text = [&contents, &path](Protobuf::Message& message, MessageVersion message_version) { if (Protobuf::TextFormat::ParseFromString(contents, &message)) { return; } if (message_version == MessageVersion::LatestVersion || message_version == MessageVersion::LatestVersionValidate) { throw EnvoyException("Unable to parse file \"" + path + "\" as a text protobuf (type " + message.GetTypeName() + ")"); } else { throw ApiBoostRetryException( "Failed to parse at earlier version, trying again at later version."); } }; if (do_boosting) { tryWithApiBoosting(read_proto_text, message); } else { read_proto_text(message, MessageVersion::LatestVersion); } return; } if (absl::EndsWith(path, FileExtensions::get().Yaml)) { loadFromYaml(contents, message, validation_visitor, do_boosting); } else { loadFromJson(contents, message, validation_visitor, do_boosting); } } namespace { void checkForDeprecatedNonRepeatedEnumValue( const Protobuf::Message& message, absl::string_view filename, const Protobuf::FieldDescriptor* field, const Protobuf::Reflection* reflection, Runtime::Loader* runtime, ProtobufMessage::ValidationVisitor& validation_visitor) { // Repeated fields will be handled by recursion in checkForUnexpectedFields. if (field->is_repeated() || field->cpp_type() != Protobuf::FieldDescriptor::CPPTYPE_ENUM) { return; } bool default_value = !reflection->HasField(message, field); const Protobuf::EnumValueDescriptor* enum_value_descriptor = reflection->GetEnum(message, field); if (!enum_value_descriptor->options().deprecated()) { return; } const std::string error = absl::StrCat("Using {}", (default_value ? "the default now-" : ""), "deprecated value ", enum_value_descriptor->name(), " for enum '", field->full_name(), "' from file ", filename, ". This enum value will be removed from Envoy soon", (default_value ? " so a non-default value must now be explicitly set" : ""), ". Please see " ENVOY_DOC_URL_VERSION_HISTORY " for details."); deprecatedFieldHelper( runtime, true /*deprecated*/, enum_value_descriptor->options().GetExtension(envoy::annotations::disallowed_by_default_enum), absl::StrCat("envoy.deprecated_features:", enum_value_descriptor->full_name()), error, message, validation_visitor); } class UnexpectedFieldProtoVisitor : public ProtobufMessage::ConstProtoVisitor { public: UnexpectedFieldProtoVisitor(ProtobufMessage::ValidationVisitor& validation_visitor, Runtime::Loader* runtime) : validation_visitor_(validation_visitor), runtime_(runtime) {} const void* onField(const Protobuf::Message& message, const Protobuf::FieldDescriptor& field, const void*) override { const Protobuf::Reflection* reflection = message.GetReflection(); absl::string_view filename = filenameFromPath(field.file()->name()); // Before we check to see if the field is in use, see if there's a // deprecated default enum value. checkForDeprecatedNonRepeatedEnumValue(message, filename, &field, reflection, runtime_, validation_visitor_); // If this field is not in use, continue. if ((field.is_repeated() && reflection->FieldSize(message, &field) == 0) || (!field.is_repeated() && !reflection->HasField(message, &field))) { return nullptr; } // If this field is deprecated, warn or throw an error. if (field.options().deprecated()) { if (absl::StartsWith(field.name(), Config::VersionUtil::DeprecatedFieldShadowPrefix)) { // The field was marked as hidden_envoy_deprecated and an error must be thrown, // unless it is part of an explicit test that needs access to the deprecated field // when we enable runtime deprecation override to allow point field overrides for tests. if (!runtime_ || !runtime_->snapshot().deprecatedFeatureEnabled( absl::StrCat("envoy.deprecated_features:", field.full_name()), false)) { const std::string fatal_error = absl::StrCat( "Illegal use of hidden_envoy_deprecated_ V2 field '", field.full_name(), "' from file ", filename, " while using the latest V3 configuration. This field has been removed from the " "current Envoy API. Please see " ENVOY_DOC_URL_VERSION_HISTORY " for details."); throw ProtoValidationException(fatal_error, message); } } const std::string warning = absl::StrCat("Using {}deprecated option '", field.full_name(), "' from file ", filename, ". This configuration will be removed from " "Envoy soon. Please see " ENVOY_DOC_URL_VERSION_HISTORY " for details."); deprecatedFieldHelper(runtime_, true /*deprecated*/, field.options().GetExtension(envoy::annotations::disallowed_by_default), absl::StrCat("envoy.deprecated_features:", field.full_name()), warning, message, validation_visitor_); } return nullptr; } void onMessage(const Protobuf::Message& message, const void*) override { // Reject unknown fields. const auto& unknown_fields = message.GetReflection()->GetUnknownFields(message); if (!unknown_fields.empty()) { std::string error_msg; for (int n = 0; n < unknown_fields.field_count(); ++n) { if (unknown_fields.field(n).number() == ProtobufWellKnown::OriginalTypeFieldNumber) { continue; } error_msg += absl::StrCat(n > 0 ? ", " : "", unknown_fields.field(n).number()); } // We use the validation visitor but have hard coded behavior below for deprecated fields. // TODO(htuch): Unify the deprecated and unknown visitor handling behind the validation // visitor pattern. https://github.com/envoyproxy/envoy/issues/8092. if (!error_msg.empty()) { validation_visitor_.onUnknownField("type " + message.GetTypeName() + " with unknown field set {" + error_msg + "}"); } } } private: ProtobufMessage::ValidationVisitor& validation_visitor_; Runtime::Loader* runtime_; }; } // namespace void MessageUtil::checkForUnexpectedFields(const Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, Runtime::Loader* runtime) { UnexpectedFieldProtoVisitor unexpected_field_visitor(validation_visitor, runtime); ProtobufMessage::traverseMessage(unexpected_field_visitor, API_RECOVER_ORIGINAL(message), nullptr); } std::string MessageUtil::getYamlStringFromMessage(const Protobuf::Message& message, const bool block_print, const bool always_print_primitive_fields) { std::string json = getJsonStringFromMessage(message, false, always_print_primitive_fields); YAML::Node node; try { node = YAML::Load(json); } catch (YAML::ParserException& e) { throw EnvoyException(e.what()); } catch (YAML::BadConversion& e) { throw EnvoyException(e.what()); } catch (std::exception& e) { // There is a potentially wide space of exceptions thrown by the YAML parser, // and enumerating them all may be difficult. Envoy doesn't work well with // unhandled exceptions, so we capture them and record the exception name in // the Envoy Exception text. throw EnvoyException(fmt::format("Unexpected YAML exception: {}", +e.what())); } if (block_print) { blockFormat(node); } YAML::Emitter out; out << node; return out.c_str(); } std::string MessageUtil::getJsonStringFromMessage(const Protobuf::Message& message, const bool pretty_print, const bool always_print_primitive_fields) { Protobuf::util::JsonPrintOptions json_options; // By default, proto field names are converted to camelCase when the message is converted to JSON. // Setting this option makes debugging easier because it keeps field names consistent in JSON // printouts. json_options.preserve_proto_field_names = true; if (pretty_print) { json_options.add_whitespace = true; } // Primitive types such as int32s and enums will not be serialized if they have the default value. // This flag disables that behavior. if (always_print_primitive_fields) { json_options.always_print_primitive_fields = true; } std::string json; const auto status = Protobuf::util::MessageToJsonString(message, &json, json_options); // This should always succeed unless something crash-worthy such as out-of-memory. RELEASE_ASSERT(status.ok(), ""); return json; } void MessageUtil::unpackTo(const ProtobufWkt::Any& any_message, Protobuf::Message& message) { // If we don't have a type URL match, try an earlier version. const absl::string_view any_full_name = TypeUtil::typeUrlToDescriptorFullName(any_message.type_url()); if (any_full_name != message.GetDescriptor()->full_name()) { const Protobuf::Descriptor* earlier_version_desc = Config::ApiTypeOracle::getEarlierVersionDescriptor(message.GetDescriptor()->full_name()); // If the earlier version matches, unpack and upgrade. if (earlier_version_desc != nullptr && any_full_name == earlier_version_desc->full_name()) { // Take the Any message but adjust its type URL, since earlier/later versions are wire // compatible. ProtobufWkt::Any any_message_with_fixup; any_message_with_fixup.MergeFrom(any_message); any_message_with_fixup.set_type_url("type.googleapis.com/" + message.GetDescriptor()->full_name()); if (!any_message_with_fixup.UnpackTo(&message)) { throw EnvoyException(fmt::format("Unable to unpack as {}: {}", earlier_version_desc->full_name(), any_message_with_fixup.DebugString())); } Config::VersionConverter::annotateWithOriginalType(*earlier_version_desc, message); MessageUtil::onVersionUpgradeWarn(any_full_name); return; } } // Otherwise, just unpack to the message. Type URL mismatches will be signaled // by UnpackTo failure. if (!any_message.UnpackTo(&message)) { throw EnvoyException(fmt::format("Unable to unpack as {}: {}", message.GetDescriptor()->full_name(), any_message.DebugString())); } } void MessageUtil::jsonConvert(const Protobuf::Message& source, ProtobufWkt::Struct& dest) { // Any proto3 message can be transformed to Struct, so there is no need to check for unknown // fields. There is one catch; Duration/Timestamp etc. which have non-object canonical JSON // representations don't work. jsonConvertInternal(source, ProtobufMessage::getNullValidationVisitor(), dest); } void MessageUtil::jsonConvert(const ProtobufWkt::Struct& source, ProtobufMessage::ValidationVisitor& validation_visitor, Protobuf::Message& dest) { jsonConvertInternal(source, validation_visitor, dest); } void MessageUtil::jsonConvertValue(const Protobuf::Message& source, ProtobufWkt::Value& dest) { jsonConvertInternal(source, ProtobufMessage::getNullValidationVisitor(), dest); } ProtobufWkt::Struct MessageUtil::keyValueStruct(const std::string& key, const std::string& value) { ProtobufWkt::Struct struct_obj; ProtobufWkt::Value val; val.set_string_value(value); (*struct_obj.mutable_fields())[key] = val; return struct_obj; } ProtobufWkt::Struct MessageUtil::keyValueStruct(const std::map& fields) { ProtobufWkt::Struct struct_obj; ProtobufWkt::Value val; for (const auto& pair : fields) { val.set_string_value(pair.second); (*struct_obj.mutable_fields())[pair.first] = val; } return struct_obj; } std::string MessageUtil::CodeEnumToString(ProtobufUtil::error::Code code) { return ProtobufUtil::Status(code, "").ToString(); } namespace { // Forward declaration for mutually-recursive helper functions. void redact(Protobuf::Message* message, bool ancestor_is_sensitive); using Transform = std::function; // To redact opaque types, namely `Any` and `TypedStruct`, we have to reify them to the concrete // message types specified by their `type_url` before we can redact their contents. This is mostly // identical between `Any` and `TypedStruct`, the only difference being how they are packed and // unpacked. Note that we have to use reflection on the opaque type here, rather than downcasting // to `Any` or `TypedStruct`, because any message we might be handling could have originated from // a `DynamicMessageFactory`. bool redactOpaque(Protobuf::Message* message, bool ancestor_is_sensitive, absl::string_view opaque_type_name, Transform unpack, Transform repack) { // Ensure this message has the opaque type we're expecting. const auto* opaque_descriptor = message->GetDescriptor(); if (opaque_descriptor->full_name() != opaque_type_name) { return false; } // Find descriptors for the `type_url` and `value` fields. The `type_url` field must not be // empty, but `value` may be (in which case our work is done). const auto* reflection = message->GetReflection(); const auto* type_url_field_descriptor = opaque_descriptor->FindFieldByName("type_url"); const auto* value_field_descriptor = opaque_descriptor->FindFieldByName("value"); ASSERT(type_url_field_descriptor != nullptr && value_field_descriptor != nullptr && reflection->HasField(*message, type_url_field_descriptor)); if (!reflection->HasField(*message, value_field_descriptor)) { return true; } // Try to find a descriptor for `type_url` in the pool and instantiate a new message of the // correct concrete type. const std::string type_url(reflection->GetString(*message, type_url_field_descriptor)); const std::string concrete_type_name(TypeUtil::typeUrlToDescriptorFullName(type_url)); const auto* concrete_descriptor = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(concrete_type_name); if (concrete_descriptor == nullptr) { // If the type URL doesn't correspond to a known proto, don't try to reify it, just treat it // like any other message. See the documented limitation on `MessageUtil::redact()` for more // context. ENVOY_LOG_MISC(warn, "Could not reify {} with unknown type URL {}", opaque_type_name, type_url); return false; } Protobuf::DynamicMessageFactory message_factory; std::unique_ptr typed_message( message_factory.GetPrototype(concrete_descriptor)->New()); // Finally we can unpack, redact, and repack the opaque message using the provided callbacks. unpack(typed_message.get(), reflection, value_field_descriptor); redact(typed_message.get(), ancestor_is_sensitive); repack(typed_message.get(), reflection, value_field_descriptor); return true; } bool redactAny(Protobuf::Message* message, bool ancestor_is_sensitive) { return redactOpaque( message, ancestor_is_sensitive, "google.protobuf.Any", [message](Protobuf::Message* typed_message, const Protobuf::Reflection* reflection, const Protobuf::FieldDescriptor* field_descriptor) { // To unpack an `Any`, parse the serialized proto. typed_message->ParseFromString(reflection->GetString(*message, field_descriptor)); }, [message](Protobuf::Message* typed_message, const Protobuf::Reflection* reflection, const Protobuf::FieldDescriptor* field_descriptor) { // To repack an `Any`, reserialize its proto. reflection->SetString(message, field_descriptor, typed_message->SerializeAsString()); }); } // To redact a `TypedStruct`, we have to reify it based on its `type_url` to redact it. bool redactTypedStruct(Protobuf::Message* message, bool ancestor_is_sensitive) { return redactOpaque( message, ancestor_is_sensitive, "udpa.type.v1.TypedStruct", [message](Protobuf::Message* typed_message, const Protobuf::Reflection* reflection, const Protobuf::FieldDescriptor* field_descriptor) { // To unpack a `TypedStruct`, convert the struct from JSON. jsonConvertInternal(reflection->GetMessage(*message, field_descriptor), ProtobufMessage::getNullValidationVisitor(), *typed_message); }, [message](Protobuf::Message* typed_message, const Protobuf::Reflection* reflection, const Protobuf::FieldDescriptor* field_descriptor) { // To repack a `TypedStruct`, convert the message back to JSON. jsonConvertInternal(*typed_message, ProtobufMessage::getNullValidationVisitor(), *(reflection->MutableMessage(message, field_descriptor))); }); } // Recursive helper method for MessageUtil::redact() below. void redact(Protobuf::Message* message, bool ancestor_is_sensitive) { if (redactAny(message, ancestor_is_sensitive) || redactTypedStruct(message, ancestor_is_sensitive)) { return; } const auto* descriptor = message->GetDescriptor(); const auto* reflection = message->GetReflection(); for (int i = 0; i < descriptor->field_count(); ++i) { const auto* field_descriptor = descriptor->field(i); // Redact if this field or any of its ancestors have the `sensitive` option set. const bool sensitive = ancestor_is_sensitive || field_descriptor->options().GetExtension(udpa::annotations::sensitive); if (field_descriptor->type() == Protobuf::FieldDescriptor::TYPE_MESSAGE) { // Recursive case: traverse message fields. if (field_descriptor->is_repeated()) { const int field_size = reflection->FieldSize(*message, field_descriptor); for (int i = 0; i < field_size; ++i) { redact(reflection->MutableRepeatedMessage(message, field_descriptor, i), sensitive); } } else if (reflection->HasField(*message, field_descriptor)) { redact(reflection->MutableMessage(message, field_descriptor), sensitive); } } else if (sensitive) { // Base case: replace strings and bytes with "[redacted]" and clear all others. if (field_descriptor->type() == Protobuf::FieldDescriptor::TYPE_STRING || field_descriptor->type() == Protobuf::FieldDescriptor::TYPE_BYTES) { if (field_descriptor->is_repeated()) { const int field_size = reflection->FieldSize(*message, field_descriptor); for (int i = 0; i < field_size; ++i) { reflection->SetRepeatedString(message, field_descriptor, i, "[redacted]"); } } else if (reflection->HasField(*message, field_descriptor)) { reflection->SetString(message, field_descriptor, "[redacted]"); } } else { reflection->ClearField(message, field_descriptor); } } } } } // namespace void MessageUtil::redact(Protobuf::Message& message) { ::Envoy::redact(&message, /* ancestor_is_sensitive = */ false); } ProtobufWkt::Value ValueUtil::loadFromYaml(const std::string& yaml) { try { return parseYamlNode(YAML::Load(yaml)); } catch (YAML::ParserException& e) { throw EnvoyException(e.what()); } catch (YAML::BadConversion& e) { throw EnvoyException(e.what()); } catch (std::exception& e) { // There is a potentially wide space of exceptions thrown by the YAML parser, // and enumerating them all may be difficult. Envoy doesn't work well with // unhandled exceptions, so we capture them and record the exception name in // the Envoy Exception text. throw EnvoyException(fmt::format("Unexpected YAML exception: {}", +e.what())); } } bool ValueUtil::equal(const ProtobufWkt::Value& v1, const ProtobufWkt::Value& v2) { ProtobufWkt::Value::KindCase kind = v1.kind_case(); if (kind != v2.kind_case()) { return false; } switch (kind) { case ProtobufWkt::Value::KIND_NOT_SET: return v2.kind_case() == ProtobufWkt::Value::KIND_NOT_SET; case ProtobufWkt::Value::kNullValue: return true; case ProtobufWkt::Value::kNumberValue: return v1.number_value() == v2.number_value(); case ProtobufWkt::Value::kStringValue: return v1.string_value() == v2.string_value(); case ProtobufWkt::Value::kBoolValue: return v1.bool_value() == v2.bool_value(); case ProtobufWkt::Value::kStructValue: { const ProtobufWkt::Struct& s1 = v1.struct_value(); const ProtobufWkt::Struct& s2 = v2.struct_value(); if (s1.fields_size() != s2.fields_size()) { return false; } for (const auto& it1 : s1.fields()) { const auto& it2 = s2.fields().find(it1.first); if (it2 == s2.fields().end()) { return false; } if (!equal(it1.second, it2->second)) { return false; } } return true; } case ProtobufWkt::Value::kListValue: { const ProtobufWkt::ListValue& l1 = v1.list_value(); const ProtobufWkt::ListValue& l2 = v2.list_value(); if (l1.values_size() != l2.values_size()) { return false; } for (int i = 0; i < l1.values_size(); i++) { if (!equal(l1.values(i), l2.values(i))) { return false; } } return true; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } const ProtobufWkt::Value& ValueUtil::nullValue() { static const auto* v = []() -> ProtobufWkt::Value* { auto* vv = new ProtobufWkt::Value(); vv->set_null_value(ProtobufWkt::NULL_VALUE); return vv; }(); return *v; } ProtobufWkt::Value ValueUtil::stringValue(const std::string& str) { ProtobufWkt::Value val; val.set_string_value(str); return val; } ProtobufWkt::Value ValueUtil::optionalStringValue(const absl::optional& str) { if (str.has_value()) { return ValueUtil::stringValue(str.value()); } return ValueUtil::nullValue(); } ProtobufWkt::Value ValueUtil::boolValue(bool b) { ProtobufWkt::Value val; val.set_bool_value(b); return val; } ProtobufWkt::Value ValueUtil::structValue(const ProtobufWkt::Struct& obj) { ProtobufWkt::Value val; (*val.mutable_struct_value()) = obj; return val; } ProtobufWkt::Value ValueUtil::listValue(const std::vector& values) { auto list = std::make_unique(); for (const auto& value : values) { *list->add_values() = value; } ProtobufWkt::Value val; val.set_allocated_list_value(list.release()); return val; } namespace { void validateDuration(const ProtobufWkt::Duration& duration) { if (duration.seconds() < 0 || duration.nanos() < 0) { throw DurationUtil::OutOfRangeException( fmt::format("Expected positive duration: {}", duration.DebugString())); } if (duration.nanos() > 999999999 || duration.seconds() > Protobuf::util::TimeUtil::kDurationMaxSeconds) { throw DurationUtil::OutOfRangeException( fmt::format("Duration out-of-range: {}", duration.DebugString())); } } } // namespace uint64_t DurationUtil::durationToMilliseconds(const ProtobufWkt::Duration& duration) { validateDuration(duration); return Protobuf::util::TimeUtil::DurationToMilliseconds(duration); } uint64_t DurationUtil::durationToSeconds(const ProtobufWkt::Duration& duration) { validateDuration(duration); return Protobuf::util::TimeUtil::DurationToSeconds(duration); } void TimestampUtil::systemClockToTimestamp(const SystemTime system_clock_time, ProtobufWkt::Timestamp& timestamp) { // Converts to millisecond-precision Timestamp by explicitly casting to millisecond-precision // time_point. timestamp.MergeFrom(Protobuf::util::TimeUtil::MillisecondsToTimestamp( std::chrono::time_point_cast(system_clock_time) .time_since_epoch() .count())); } } // namespace Envoy ================================================ FILE: source/common/protobuf/utility.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/common/exception.h" #include "envoy/protobuf/message_validator.h" #include "envoy/runtime/runtime.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/hash.h" #include "common/common/utility.h" #include "common/config/version_converter.h" #include "common/protobuf/protobuf.h" #include "common/singleton/const_singleton.h" #include "absl/strings/str_join.h" // Obtain the value of a wrapped field (e.g. google.protobuf.UInt32Value) if set. Otherwise, return // the default value. #define PROTOBUF_GET_WRAPPED_OR_DEFAULT(message, field_name, default_value) \ ((message).has_##field_name() ? (message).field_name().value() : (default_value)) // Obtain the value of a wrapped field (e.g. google.protobuf.UInt32Value) if set. Otherwise, throw // a MissingFieldException. #define PROTOBUF_GET_WRAPPED_REQUIRED(message, field_name) \ ([](const auto& msg) { \ if (!msg.has_##field_name()) { \ ::Envoy::ProtoExceptionUtil::throwMissingFieldException(#field_name, msg); \ } \ return msg.field_name().value(); \ }((message))) // Obtain the milliseconds value of a google.protobuf.Duration field if set. Otherwise, return the // default value. #define PROTOBUF_GET_MS_OR_DEFAULT(message, field_name, default_value) \ ((message).has_##field_name() ? DurationUtil::durationToMilliseconds((message).field_name()) \ : (default_value)) // Obtain the string value if the field is set. Otherwise, return the default value. #define PROTOBUF_GET_STRING_OR_DEFAULT(message, field_name, default_value) \ (!(message).field_name().empty() ? (message).field_name() : (default_value)) // Obtain the milliseconds value of a google.protobuf.Duration field if set. Otherwise, return // absl::nullopt. #define PROTOBUF_GET_OPTIONAL_MS(message, field_name) \ ((message).has_##field_name() \ ? absl::optional( \ DurationUtil::durationToMilliseconds((message).field_name())) \ : absl::nullopt) // Obtain the milliseconds value of a google.protobuf.Duration field if set. Otherwise, throw a // MissingFieldException. #define PROTOBUF_GET_MS_REQUIRED(message, field_name) \ ([](const auto& msg) { \ if (!msg.has_##field_name()) { \ ::Envoy::ProtoExceptionUtil::throwMissingFieldException(#field_name, msg); \ } \ return DurationUtil::durationToMilliseconds(msg.field_name()); \ }((message))) // Obtain the seconds value of a google.protobuf.Duration field if set. Otherwise, throw a // MissingFieldException. #define PROTOBUF_GET_SECONDS_REQUIRED(message, field_name) \ ([](const auto& msg) { \ if (!msg.has_##field_name()) { \ ::Envoy::ProtoExceptionUtil::throwMissingFieldException(#field_name, msg); \ } \ return DurationUtil::durationToSeconds(msg.field_name()); \ }((message))) namespace Envoy { namespace ProtobufPercentHelper { // The following are helpers used in the PROTOBUF_PERCENT_TO_ROUNDED_INTEGER_OR_DEFAULT macro. // This avoids a giant macro mess when trying to do asserts, casts, etc. uint64_t checkAndReturnDefault(uint64_t default_value, uint64_t max_value); uint64_t convertPercent(double percent, uint64_t max_value); /** * Given a fractional percent chance of a given event occurring, evaluate to a yes/no decision * based on a provided random value. * @param percent the chance of a given event happening. * @param random_value supplies a numerical value to use to evaluate the event. * @return bool decision about whether the event should occur. */ bool evaluateFractionalPercent(envoy::type::v3::FractionalPercent percent, uint64_t random_value); /** * Convert a fractional percent denominator enum into an integer. * @param denominator supplies denominator to convert. * @return the converted denominator. */ uint64_t fractionalPercentDenominatorToInt( const envoy::type::v3::FractionalPercent::DenominatorType& denominator); } // namespace ProtobufPercentHelper } // namespace Envoy // Convert an envoy::type::v3::Percent to a double or a default. // @param message supplies the proto message containing the field. // @param field_name supplies the field name in the message. // @param default_value supplies the default if the field is not present. #define PROTOBUF_PERCENT_TO_DOUBLE_OR_DEFAULT(message, field_name, default_value) \ ([](const auto& msg) -> double { \ if (std::isnan(msg.field_name().value())) { \ ::Envoy::ExceptionUtil::throwEnvoyException( \ fmt::format("Value not in the range of 0..100 range.")); \ } \ return (msg).has_##field_name() ? (msg).field_name().value() : default_value; \ }((message))) // Convert an envoy::type::v3::Percent to a rounded integer or a default. // @param message supplies the proto message containing the field. // @param field_name supplies the field name in the message. // @param max_value supplies the maximum allowed integral value (e.g., 100, 10000, etc.). // @param default_value supplies the default if the field is not present. // // TODO(anirudhmurali): Recommended to capture and validate NaN values in PGV // Issue: https://github.com/envoyproxy/protoc-gen-validate/issues/85 #define PROTOBUF_PERCENT_TO_ROUNDED_INTEGER_OR_DEFAULT(message, field_name, max_value, \ default_value) \ ([](const auto& msg) { \ if (std::isnan(msg.field_name().value())) { \ ::Envoy::ExceptionUtil::throwEnvoyException( \ fmt::format("Value not in the range of 0..100 range.")); \ } \ return (msg).has_##field_name() \ ? ProtobufPercentHelper::convertPercent((msg).field_name().value(), max_value) \ : ProtobufPercentHelper::checkAndReturnDefault(default_value, max_value); \ }((message))) namespace Envoy { class MissingFieldException : public EnvoyException { public: MissingFieldException(const std::string& field_name, const Protobuf::Message& message); }; class RepeatedPtrUtil { public: static std::string join(const Protobuf::RepeatedPtrField& source, const std::string& delimiter) { return absl::StrJoin(std::vector(source.begin(), source.end()), delimiter); } template static std::string debugString(const Protobuf::RepeatedPtrField& source) { if (source.empty()) { return "[]"; } return std::accumulate(std::next(source.begin()), source.end(), "[" + source[0].DebugString(), [](std::string debug_string, const Protobuf::Message& message) { return debug_string + ", " + message.DebugString(); }) + "]"; } // Based on MessageUtil::hash() defined below. template static std::size_t hash(const Protobuf::RepeatedPtrField& source) { // Use Protobuf::io::CodedOutputStream to force deterministic serialization, so that the same // message doesn't hash to different values. std::string text; { // For memory safety, the StringOutputStream needs to be destroyed before // we read the string. Protobuf::io::StringOutputStream string_stream(&text); Protobuf::io::CodedOutputStream coded_stream(&string_stream); coded_stream.SetSerializationDeterministic(true); for (const auto& message : source) { message.SerializeToCodedStream(&coded_stream); } } return HashUtil::xxHash64(text); } /** * Converts a proto repeated field into a container of const Protobuf::Message unique_ptr's. * * @param repeated_field the proto repeated field to convert. * @return ReturnType the container of const Message pointers. */ template static ReturnType convertToConstMessagePtrContainer(const Protobuf::RepeatedPtrField& repeated_field) { ReturnType ret_container; std::transform(repeated_field.begin(), repeated_field.end(), std::back_inserter(ret_container), [](const ProtoType& proto_message) -> std::unique_ptr { Protobuf::Message* clone = proto_message.New(); clone->MergeFrom(proto_message); return std::unique_ptr(clone); }); return ret_container; } }; class ProtoValidationException : public EnvoyException { public: ProtoValidationException(const std::string& validation_error, const Protobuf::Message& message); }; /** * utility functions to call when throwing exceptions in header files */ class ProtoExceptionUtil { public: static void throwMissingFieldException(const std::string& field_name, const Protobuf::Message& message); static void throwProtoValidationException(const std::string& validation_error, const Protobuf::Message& message); }; class MessageUtil { public: // std::hash std::size_t operator()(const Protobuf::Message& message) const { return hash(message); } // std::equals_to bool operator()(const Protobuf::Message& lhs, const Protobuf::Message& rhs) const { return Protobuf::util::MessageDifferencer::Equivalent(lhs, rhs); } class FileExtensionValues { public: const std::string ProtoBinary = ".pb"; const std::string ProtoBinaryLengthDelimited = ".pb_length_delimited"; const std::string ProtoText = ".pb_text"; const std::string Json = ".json"; const std::string Yaml = ".yaml"; }; using FileExtensions = ConstSingleton; /** * A hash function uses Protobuf::TextFormat to force deterministic serialization recursively * including known types in google.protobuf.Any. See * https://github.com/protocolbuffers/protobuf/issues/5731 for the context. * Using this function is discouraged, see discussion in * https://github.com/envoyproxy/envoy/issues/8301. */ static std::size_t hash(const Protobuf::Message& message); static void loadFromJson(const std::string& json, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, bool do_boosting = true); static void loadFromJson(const std::string& json, ProtobufWkt::Struct& message); static void loadFromYaml(const std::string& yaml, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, bool do_boosting = true); static void loadFromYaml(const std::string& yaml, ProtobufWkt::Struct& message); static void loadFromFile(const std::string& path, Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api, bool do_boosting = true); /** * Checks for use of deprecated fields in message and all sub-messages. * @param message message to validate. * @param loader optional a pointer to the runtime loader for live deprecation status. * @throw ProtoValidationException if deprecated fields are used and listed * in disallowed_features in runtime_features.h */ static void checkForUnexpectedFields(const Protobuf::Message& message, ProtobufMessage::ValidationVisitor& validation_visitor, Runtime::Loader* loader = Runtime::LoaderSingleton::getExisting()); /** * Validate protoc-gen-validate constraints on a given protobuf. * Note the corresponding `.pb.validate.h` for the message has to be included in the source file * of caller. * @param message message to validate. * @throw ProtoValidationException if the message does not satisfy its type constraints. */ template static void validate(const MessageType& message, ProtobufMessage::ValidationVisitor& validation_visitor) { // Log warnings or throw errors if deprecated fields or unknown fields are in use. if (!validation_visitor.skipValidation()) { checkForUnexpectedFields(message, validation_visitor); } std::string err; if (!Validate(message, &err)) { ProtoExceptionUtil::throwProtoValidationException(err, API_RECOVER_ORIGINAL(message)); } } template static void loadFromYamlAndValidate(const std::string& yaml, MessageType& message, ProtobufMessage::ValidationVisitor& validation_visitor, bool avoid_boosting = false) { loadFromYaml(yaml, message, validation_visitor, !avoid_boosting); validate(message, validation_visitor); } /** * Downcast and validate protoc-gen-validate constraints on a given protobuf. * Note the corresponding `.pb.validate.h` for the message has to be included in the source file * of caller. * @param message const Protobuf::Message& to downcast and validate. * @return const MessageType& the concrete message type downcasted to on success. * @throw ProtoValidationException if the message does not satisfy its type constraints. */ template static const MessageType& downcastAndValidate(const Protobuf::Message& config, ProtobufMessage::ValidationVisitor& validation_visitor) { const auto& typed_config = dynamic_cast(config); validate(typed_config, validation_visitor); return typed_config; } /** * Convert from google.protobuf.Any to a typed message. This should be used * instead of the inbuilt UnpackTo as it performs validation of results. * * @param any_message source google.protobuf.Any message. * @param message destination to unpack to. * * @throw EnvoyException if the message does not unpack. */ static void unpackTo(const ProtobufWkt::Any& any_message, Protobuf::Message& message); /** * Convert from google.protobuf.Any to a typed message. * @param message source google.protobuf.Any message. * * @return MessageType the typed message inside the Any. */ template static inline void anyConvert(const ProtobufWkt::Any& message, MessageType& typed_message) { unpackTo(message, typed_message); }; template static inline MessageType anyConvert(const ProtobufWkt::Any& message) { MessageType typed_message; anyConvert(message, typed_message); return typed_message; }; /** * Convert and validate from google.protobuf.Any to a typed message. * @param message source google.protobuf.Any message. * * @return MessageType the typed message inside the Any. * @throw ProtoValidationException if the message does not satisfy its type constraints. */ template static inline void anyConvertAndValidate(const ProtobufWkt::Any& message, MessageType& typed_message, ProtobufMessage::ValidationVisitor& validation_visitor) { anyConvert(message, typed_message); validate(typed_message, validation_visitor); }; template static inline MessageType anyConvertAndValidate(const ProtobufWkt::Any& message, ProtobufMessage::ValidationVisitor& validation_visitor) { MessageType typed_message; anyConvertAndValidate(message, typed_message, validation_visitor); return typed_message; }; /** * Invoke when a version upgrade (e.g. v2 -> v3) is detected. This may warn or throw * depending on where we are in the major version deprecation cycle. * @param desc description of upgrade to include in warning or exception. */ static void onVersionUpgradeWarn(absl::string_view desc); /** * Obtain a string field from a protobuf message dynamically. * * @param message message to extract from. * @param field_name field name. * * @return std::string with field value. */ static inline std::string getStringField(const Protobuf::Message& message, const std::string& field_name) { const Protobuf::Descriptor* descriptor = message.GetDescriptor(); const Protobuf::FieldDescriptor* name_field = descriptor->FindFieldByName(field_name); const Protobuf::Reflection* reflection = message.GetReflection(); return reflection->GetString(message, name_field); } /** * Convert between two protobufs via a JSON round-trip. This is used to translate arbitrary * messages to/from google.protobuf.Struct. * TODO(htuch): Avoid round-tripping via JSON strings by doing whatever * Protobuf::util::MessageToJsonString does but generating a google.protobuf.Struct instead. * @param source message. * @param dest message. */ static void jsonConvert(const Protobuf::Message& source, ProtobufWkt::Struct& dest); static void jsonConvert(const ProtobufWkt::Struct& source, ProtobufMessage::ValidationVisitor& validation_visitor, Protobuf::Message& dest); static void jsonConvertValue(const Protobuf::Message& source, ProtobufWkt::Value& dest); /** * Extract YAML as string from a google.protobuf.Message. * @param message message of type type.googleapis.com/google.protobuf.Message. * @param block_print whether the returned JSON should be in block style rather than flow style. * @param always_print_primitive_fields whether to include primitive fields set to their default * values, e.g. an int32 set to 0 or a bool set to false. * @return std::string of formatted YAML object. */ static std::string getYamlStringFromMessage(const Protobuf::Message& message, const bool block_print = true, const bool always_print_primitive_fields = false); /** * Extract JSON as string from a google.protobuf.Message. * @param message message of type type.googleapis.com/google.protobuf.Message. * @param pretty_print whether the returned JSON should be formatted. * @param always_print_primitive_fields whether to include primitive fields set to their default * values, e.g. an int32 set to 0 or a bool set to false. * @return std::string of formatted JSON object. */ static std::string getJsonStringFromMessage(const Protobuf::Message& message, bool pretty_print = false, bool always_print_primitive_fields = false); /** * Utility method to create a Struct containing the passed in key/value strings. * * @param key the key to use to set the value * @param value the string value to associate with the key */ static ProtobufWkt::Struct keyValueStruct(const std::string& key, const std::string& value); /** * Utility method to create a Struct containing the passed in key/value map. * * @param fields the key/value pairs to initialize the Struct proto */ static ProtobufWkt::Struct keyValueStruct(const std::map& fields); /** * Utility method to print a human readable string of the code passed in. * * @param code the protobuf error code */ static std::string CodeEnumToString(ProtobufUtil::error::Code code); /** * Modifies a message such that all sensitive data (that is, fields annotated as * `udpa.annotations.sensitive`) is redacted for display. String-typed fields annotated as * `sensitive` will be replaced with the string "[redacted]", bytes-typed fields will be replaced * with the bytes `5B72656461637465645D` (the ASCII / UTF-8 encoding of the string "[redacted]"), * primitive-typed fields (including enums) will be cleared, and message-typed fields will be * traversed recursively to redact their contents. * * LIMITATION: This works properly for strongly-typed messages, as well as for messages packed in * a `ProtobufWkt::Any` with a `type_url` corresponding to a proto that was compiled into the * Envoy binary. However it does not work for messages encoded as `ProtobufWkt::Struct`, since * structs are missing the "sensitive" annotations that this function expects. Similarly, it fails * for messages encoded as `ProtobufWkt::Any` with a `type_url` that isn't registered with the * binary. If you're working with struct-typed messages, including those that might be hiding * within strongly-typed messages, please reify them to strongly-typed messages using * `MessageUtil::jsonConvert()` before calling `MessageUtil::redact()`. * * @param message message to redact. */ static void redact(Protobuf::Message& message); }; class ValueUtil { public: static std::size_t hash(const ProtobufWkt::Value& value) { return MessageUtil::hash(value); } /** * Load YAML string into ProtobufWkt::Value. */ static ProtobufWkt::Value loadFromYaml(const std::string& yaml); /** * Compare two ProtobufWkt::Values for equality. * @param v1 message of type type.googleapis.com/google.protobuf.Value * @param v2 message of type type.googleapis.com/google.protobuf.Value * @return true if v1 and v2 are identical */ static bool equal(const ProtobufWkt::Value& v1, const ProtobufWkt::Value& v2); /** * @return wrapped ProtobufWkt::NULL_VALUE. */ static const ProtobufWkt::Value& nullValue(); /** * Wrap std::string into ProtobufWkt::Value string value. * @param str string to be wrapped. * @return wrapped string. */ static ProtobufWkt::Value stringValue(const std::string& str); /** * Wrap optional std::string into ProtobufWkt::Value string value. * If the argument contains a null optional, return ProtobufWkt::NULL_VALUE. * @param str string to be wrapped. * @return wrapped string. */ static ProtobufWkt::Value optionalStringValue(const absl::optional& str); /** * Wrap boolean into ProtobufWkt::Value boolean value. * @param str boolean to be wrapped. * @return wrapped boolean. */ static ProtobufWkt::Value boolValue(bool b); /** * Wrap ProtobufWkt::Struct into ProtobufWkt::Value struct value. * @param obj struct to be wrapped. * @return wrapped struct. */ static ProtobufWkt::Value structValue(const ProtobufWkt::Struct& obj); /** * Wrap number into ProtobufWkt::Value double value. * @param num number to be wrapped. * @return wrapped number. */ template static ProtobufWkt::Value numberValue(const T num) { ProtobufWkt::Value val; val.set_number_value(static_cast(num)); return val; } /** * Wrap a collection of ProtobufWkt::Values into ProtobufWkt::Value list value. * @param values collection of ProtobufWkt::Values to be wrapped. * @return wrapped list value. */ static ProtobufWkt::Value listValue(const std::vector& values); }; /** * HashedValue is a wrapper around ProtobufWkt::Value that computes * and stores a hash code for the Value at construction. */ class HashedValue { public: HashedValue(const ProtobufWkt::Value& value) : value_(value), hash_(ValueUtil::hash(value)){}; HashedValue(const HashedValue& v) = default; const ProtobufWkt::Value& value() const { return value_; } std::size_t hash() const { return hash_; } bool operator==(const HashedValue& rhs) const { return hash_ == rhs.hash_ && ValueUtil::equal(value_, rhs.value_); } bool operator!=(const HashedValue& rhs) const { return !(*this == rhs); } private: const ProtobufWkt::Value value_; const std::size_t hash_; }; class DurationUtil { public: class OutOfRangeException : public EnvoyException { public: OutOfRangeException(const std::string& error) : EnvoyException(error) {} }; /** * Same as DurationUtil::durationToMilliseconds but with extra validation logic. * Same as Protobuf::util::TimeUtil::DurationToSeconds but with extra validation logic. * Specifically, we ensure that the duration is positive. * @param duration protobuf. * @return duration in milliseconds. * @throw OutOfRangeException when duration is out-of-range. */ static uint64_t durationToMilliseconds(const ProtobufWkt::Duration& duration); /** * Same as Protobuf::util::TimeUtil::DurationToSeconds but with extra validation logic. * Specifically, we ensure that the duration is positive. * @param duration protobuf. * @return duration in seconds. * @throw OutOfRangeException when duration is out-of-range. */ static uint64_t durationToSeconds(const ProtobufWkt::Duration& duration); }; class TimestampUtil { public: /** * Writes a time_point (SystemTime) to a protobuf Timestamp, by way of time_t. * @param system_clock_time the time to write * @param timestamp a pointer to the mutable protobuf member to be written into. */ static void systemClockToTimestamp(const SystemTime system_clock_time, ProtobufWkt::Timestamp& timestamp); }; } // namespace Envoy namespace std { // Inject an implementation of std::hash for Envoy::HashedValue into the std namespace. template <> struct hash { std::size_t operator()(Envoy::HashedValue const& v) const { return v.hash(); } }; } // namespace std ================================================ FILE: source/common/protobuf/visitor.cc ================================================ #include "common/protobuf/visitor.h" namespace Envoy { namespace ProtobufMessage { void traverseMutableMessage(ProtoVisitor& visitor, Protobuf::Message& message, const void* ctxt) { visitor.onMessage(message, ctxt); const Protobuf::Descriptor* descriptor = message.GetDescriptor(); const Protobuf::Reflection* reflection = message.GetReflection(); for (int i = 0; i < descriptor->field_count(); ++i) { const Protobuf::FieldDescriptor* field = descriptor->field(i); const void* field_ctxt = visitor.onField(message, *field, ctxt); // If this is a message, recurse to visit fields in the sub-message. if (field->cpp_type() == Protobuf::FieldDescriptor::CPPTYPE_MESSAGE) { if (field->is_repeated()) { const int size = reflection->FieldSize(message, field); for (int j = 0; j < size; ++j) { traverseMutableMessage(visitor, *reflection->MutableRepeatedMessage(&message, field, j), field_ctxt); } } else if (reflection->HasField(message, field)) { traverseMutableMessage(visitor, *reflection->MutableMessage(&message, field), field_ctxt); } } } } void traverseMessage(ConstProtoVisitor& visitor, const Protobuf::Message& message, const void* ctxt) { visitor.onMessage(message, ctxt); const Protobuf::Descriptor* descriptor = message.GetDescriptor(); const Protobuf::Reflection* reflection = message.GetReflection(); for (int i = 0; i < descriptor->field_count(); ++i) { const Protobuf::FieldDescriptor* field = descriptor->field(i); const void* field_ctxt = visitor.onField(message, *field, ctxt); // If this is a message, recurse to scrub deprecated fields in the sub-message. if (field->cpp_type() == Protobuf::FieldDescriptor::CPPTYPE_MESSAGE) { if (field->is_repeated()) { const int size = reflection->FieldSize(message, field); for (int j = 0; j < size; ++j) { traverseMessage(visitor, reflection->GetRepeatedMessage(message, field, j), field_ctxt); } } else if (reflection->HasField(message, field)) { traverseMessage(visitor, reflection->GetMessage(message, field), field_ctxt); } } } } } // namespace ProtobufMessage } // namespace Envoy ================================================ FILE: source/common/protobuf/visitor.h ================================================ #pragma once #include "common/protobuf/protobuf.h" namespace Envoy { namespace ProtobufMessage { class ProtoVisitor { public: virtual ~ProtoVisitor() = default; // Invoked when a field is visited, with the message, field descriptor and context. Returns a new // context for use when traversing the sub-message in a field. virtual const void* onField(Protobuf::Message&, const Protobuf::FieldDescriptor&, const void* ctxt) { return ctxt; } // Invoked when a message is visited, with the message and a context. virtual void onMessage(Protobuf::Message&, const void*){}; }; class ConstProtoVisitor { public: virtual ~ConstProtoVisitor() = default; // Invoked when a field is visited, with the message, field descriptor and context. Returns a new // context for use when traversing the sub-message in a field. virtual const void* onField(const Protobuf::Message&, const Protobuf::FieldDescriptor&, const void* ctxt) { return ctxt; } // Invoked when a message is visited, with the message and a context. virtual void onMessage(const Protobuf::Message&, const void*){}; }; void traverseMutableMessage(ProtoVisitor& visitor, Protobuf::Message& message, const void* ctxt); void traverseMessage(ConstProtoVisitor& visitor, const Protobuf::Message& message, const void* ctxt); } // namespace ProtobufMessage } // namespace Envoy ================================================ FILE: source/common/protobuf/well_known.h ================================================ #pragma once #include namespace Envoy { namespace ProtobufWellKnown { // Used by VersionConverter to track the original type of an upgraded message. // Magic number in this file derived from top 28bit of SHA256 digest of // "original type". constexpr uint32_t OriginalTypeFieldNumber = 183412668; } // namespace ProtobufWellKnown } // namespace Envoy ================================================ FILE: source/common/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "metadatamatchcriteria_lib", srcs = ["metadatamatchcriteria_impl.cc"], hdrs = ["metadatamatchcriteria_impl.h"], deps = [ "//include/envoy/router:router_interface", ], ) envoy_cc_library( name = "tls_context_match_criteria_lib", srcs = ["tls_context_match_criteria_impl.cc"], hdrs = ["tls_context_match_criteria_impl.h"], deps = [ "//include/envoy/router:router_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config_lib", srcs = ["config_impl.cc"], hdrs = ["config_impl.h"], external_deps = ["abseil_optional"], deps = [ ":config_utility_lib", ":header_formatter_lib", ":header_parser_lib", ":metadatamatchcriteria_lib", ":reset_header_parser_lib", ":retry_state_lib", ":router_ratelimit_lib", ":tls_context_match_criteria_lib", "//include/envoy/config:typed_metadata_interface", "//include/envoy/http:header_map_interface", "//include/envoy/router:router_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:filter_config_interface", # TODO(rodaine): break dependency on server "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:hash_lib", "//source/common/common:matchers_lib", "//source/common/common:utility_lib", "//source/common/config:metadata_lib", "//source/common/config:utility_lib", "//source/common/config:well_known_names", "//source/common/http:hash_policy_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:path_utility_lib", "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config_utility_lib", srcs = ["config_utility.cc"], hdrs = ["config_utility.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/upstream:resource_manager_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:matchers_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "debug_config_lib", srcs = ["debug_config.cc"], hdrs = ["debug_config.h"], deps = [ "//include/envoy/http:header_map_interface", "//include/envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "route_config_update_impl_lib", srcs = ["route_config_update_receiver_impl.cc"], hdrs = ["route_config_update_receiver_impl.h"], deps = [ ":config_lib", "//include/envoy/router:rds_interface", "//include/envoy/router:route_config_update_info_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "vhds_lib", srcs = ["vhds.cc"], hdrs = ["vhds.h"], deps = [ ":config_lib", "//include/envoy/config:subscription_interface", "//include/envoy/http:codes_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/router:rds_interface", "//include/envoy/router:route_config_provider_manager_interface", "//include/envoy/router:route_config_update_info_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/config:utility_lib", "//source/common/init:target_lib", "//source/common/protobuf:utility_lib", "//source/common/router:route_config_update_impl_lib", "@envoy_api//envoy/api/v2/route:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "rds_lib", srcs = ["rds_impl.cc"], hdrs = ["rds_impl.h"], deps = [ ":config_lib", "//include/envoy/config:subscription_interface", "//include/envoy/http:codes_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/router:rds_interface", "//include/envoy/router:route_config_provider_manager_interface", "//include/envoy/router:route_config_update_info_interface", "//include/envoy/server:admin_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:callback_impl_lib", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/config:subscription_factory_lib", "//source/common/config:utility_lib", "//source/common/config:version_converter_lib", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/init:watcher_lib", "//source/common/protobuf:utility_lib", "//source/common/router:route_config_update_impl_lib", "//source/common/router:vhds_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "scoped_config_lib", srcs = ["scoped_config_impl.cc"], hdrs = ["scoped_config_impl.h"], external_deps = [ "abseil_str_format", ], deps = [ ":config_lib", "//include/envoy/router:rds_interface", "//include/envoy/router:scopes_interface", "//include/envoy/thread_local:thread_local_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "scoped_rds_lib", srcs = ["scoped_rds.cc"], hdrs = ["scoped_rds.h"], deps = [ ":rds_lib", ":scoped_config_lib", "//include/envoy/config:config_provider_interface", "//include/envoy/config:subscription_interface", "//include/envoy/router:route_config_provider_manager_interface", "//include/envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:api_version_lib", "//source/common/config:config_provider_lib", "//source/common/config:resource_name_lib", "//source/common/config:subscription_base_interface", "//source/common/config:version_converter_lib", "//source/common/init:manager_lib", "//source/common/init:watcher_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "retry_state_lib", srcs = ["retry_state_impl.cc"], hdrs = ["retry_state_impl.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/event:timer_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:header_map_interface", "//include/envoy/router:router_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:utility_lib", "//source/common/grpc:common_lib", "//source/common/http:codes_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/runtime:runtime_features_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_lib", srcs = [ "router.cc", "upstream_request.cc", ], hdrs = [ "router.h", "upstream_request.h", ], deps = [ ":config_lib", ":debug_config_lib", ":header_parser_lib", ":retry_state_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/grpc:status", "//include/envoy/http:codec_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:conn_pool_interface", "//include/envoy/http:filter_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/router:shadow_writer_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/access_log:access_log_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:hash_lib", "//source/common/common:hex_lib", "//source/common/common:linked_object", "//source/common/common:minimal_logger_lib", "//source/common/common:scope_tracker", "//source/common/common:utility_lib", "//source/common/grpc:common_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/network:application_protocol_lib", "//source/common/network:transport_socket_options_lib", "//source/common/stream_info:stream_info_lib", "//source/common/stream_info:uint32_accessor_lib", "//source/common/tracing:http_tracer_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", "@envoy_api//envoy/extensions/filters/http/router/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_ratelimit_lib", srcs = ["router_ratelimit.cc"], hdrs = ["router_ratelimit.h"], deps = [ ":config_utility_lib", "//include/envoy/router:router_interface", "//include/envoy/router:router_ratelimit_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:metadata_lib", "//source/common/http:header_utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "shadow_writer_lib", srcs = ["shadow_writer_impl.cc"], hdrs = ["shadow_writer_impl.h"], deps = [ "//include/envoy/router:shadow_writer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/http:headers_lib", ], ) envoy_cc_library( name = "header_parser_lib", srcs = ["header_parser.cc"], hdrs = ["header_parser.h"], deps = [ ":header_formatter_lib", "//include/envoy/http:header_map_interface", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "header_formatter_lib", srcs = ["header_formatter.cc"], hdrs = ["header_formatter.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/router:string_accessor_interface", "//include/envoy/stream_info:filter_state_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:metadata_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/http:header_map_lib", "//source/common/json:json_loader_lib", ], ) envoy_cc_library( name = "reset_header_parser_lib", srcs = ["reset_header_parser.cc"], hdrs = ["reset_header_parser.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/http:header_map_interface", "//include/envoy/router:router_interface", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "string_accessor_lib", hdrs = ["string_accessor_impl.h"], deps = [ "//include/envoy/router:string_accessor_interface", ], ) ================================================ FILE: source/common/router/config_impl.cc ================================================ #include "common/router/config_impl.h" #include #include #include #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/header_map.h" #include "envoy/runtime/runtime.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/common/hash.h" #include "common/common/logger.h" #include "common/common/regex.h" #include "common/common/utility.h" #include "common/config/metadata.h" #include "common/config/utility.h" #include "common/config/well_known_names.h" #include "common/http/headers.h" #include "common/http/path_utility.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/router/reset_header_parser.h" #include "common/router/retry_state_impl.h" #include "common/runtime/runtime_features.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/filters/http/common/utility.h" #include "extensions/filters/http/well_known_names.h" #include "absl/strings/match.h" namespace Envoy { namespace Router { namespace { const std::string DEPRECATED_ROUTER_NAME = "envoy.router"; } // namespace std::string SslRedirector::newPath(const Http::RequestHeaderMap& headers) const { return Http::Utility::createSslRedirectPath(headers); } HedgePolicyImpl::HedgePolicyImpl(const envoy::config::route::v3::HedgePolicy& hedge_policy) : initial_requests_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(hedge_policy, initial_requests, 1)), additional_request_chance_(hedge_policy.additional_request_chance()), hedge_on_per_try_timeout_(hedge_policy.hedge_on_per_try_timeout()) {} HedgePolicyImpl::HedgePolicyImpl() : initial_requests_(1), hedge_on_per_try_timeout_(false) {} RetryPolicyImpl::RetryPolicyImpl(const envoy::config::route::v3::RetryPolicy& retry_policy, ProtobufMessage::ValidationVisitor& validation_visitor) : retriable_headers_( Http::HeaderUtility::buildHeaderMatcherVector(retry_policy.retriable_headers())), retriable_request_headers_( Http::HeaderUtility::buildHeaderMatcherVector(retry_policy.retriable_request_headers())), validation_visitor_(&validation_visitor) { per_try_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(retry_policy, per_try_timeout, 0)); num_retries_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(retry_policy, num_retries, 1); retry_on_ = RetryStateImpl::parseRetryOn(retry_policy.retry_on()).first; retry_on_ |= RetryStateImpl::parseRetryGrpcOn(retry_policy.retry_on()).first; for (const auto& host_predicate : retry_policy.retry_host_predicate()) { auto& factory = Envoy::Config::Utility::getAndCheckFactory( host_predicate); auto config = Envoy::Config::Utility::translateToFactoryConfig(host_predicate, validation_visitor, factory); retry_host_predicate_configs_.emplace_back(factory, std::move(config)); } const auto& retry_priority = retry_policy.retry_priority(); if (!retry_priority.name().empty()) { auto& factory = Envoy::Config::Utility::getAndCheckFactory(retry_priority); retry_priority_config_ = std::make_pair(&factory, Envoy::Config::Utility::translateToFactoryConfig( retry_priority, validation_visitor, factory)); } auto host_selection_attempts = retry_policy.host_selection_retry_max_attempts(); if (host_selection_attempts) { host_selection_attempts_ = host_selection_attempts; } for (auto code : retry_policy.retriable_status_codes()) { retriable_status_codes_.emplace_back(code); } if (retry_policy.has_retry_back_off()) { base_interval_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(retry_policy.retry_back_off(), base_interval)); if ((*base_interval_).count() < 1) { base_interval_ = std::chrono::milliseconds(1); } max_interval_ = PROTOBUF_GET_OPTIONAL_MS(retry_policy.retry_back_off(), max_interval); if (max_interval_) { // Apply the same rounding to max interval in case both are set to sub-millisecond values. if ((*max_interval_).count() < 1) { max_interval_ = std::chrono::milliseconds(1); } if ((*max_interval_).count() < (*base_interval_).count()) { throw EnvoyException( "retry_policy.max_interval must greater than or equal to the base_interval"); } } } if (retry_policy.has_rate_limited_retry_back_off()) { reset_headers_ = ResetHeaderParserImpl::buildResetHeaderParserVector( retry_policy.rate_limited_retry_back_off().reset_headers()); absl::optional reset_max_interval = PROTOBUF_GET_OPTIONAL_MS(retry_policy.rate_limited_retry_back_off(), max_interval); if (reset_max_interval.has_value()) { std::chrono::milliseconds max_interval = reset_max_interval.value(); if (max_interval.count() < 1) { max_interval = std::chrono::milliseconds(1); } reset_max_interval_ = max_interval; } } } std::vector RetryPolicyImpl::retryHostPredicates() const { std::vector predicates; for (const auto& config : retry_host_predicate_configs_) { predicates.emplace_back(config.first.createHostPredicate(*config.second, num_retries_)); } return predicates; } Upstream::RetryPrioritySharedPtr RetryPolicyImpl::retryPriority() const { if (retry_priority_config_.first == nullptr) { return nullptr; } return retry_priority_config_.first->createRetryPriority(*retry_priority_config_.second, *validation_visitor_, num_retries_); } InternalRedirectPolicyImpl::InternalRedirectPolicyImpl( const envoy::config::route::v3::InternalRedirectPolicy& policy_config, ProtobufMessage::ValidationVisitor& validator, absl::string_view current_route_name) : current_route_name_(current_route_name), redirect_response_codes_(buildRedirectResponseCodes(policy_config)), max_internal_redirects_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(policy_config, max_internal_redirects, 1)), enabled_(true), allow_cross_scheme_redirect_(policy_config.allow_cross_scheme_redirect()) { for (const auto& predicate : policy_config.predicates()) { auto& factory = Envoy::Config::Utility::getAndCheckFactory(predicate); auto config = factory.createEmptyConfigProto(); Envoy::Config::Utility::translateOpaqueConfig(predicate.typed_config(), {}, validator, *config); predicate_factories_.emplace_back(&factory, std::move(config)); } } std::vector InternalRedirectPolicyImpl::predicates() const { std::vector predicates; for (const auto& predicate_factory : predicate_factories_) { predicates.emplace_back(predicate_factory.first->createInternalRedirectPredicate( *predicate_factory.second, current_route_name_)); } return predicates; } absl::flat_hash_set InternalRedirectPolicyImpl::buildRedirectResponseCodes( const envoy::config::route::v3::InternalRedirectPolicy& policy_config) const { if (policy_config.redirect_response_codes_size() == 0) { return absl::flat_hash_set{Http::Code::Found}; } absl::flat_hash_set ret; std::for_each(policy_config.redirect_response_codes().begin(), policy_config.redirect_response_codes().end(), [&ret](uint32_t response_code) { const absl::flat_hash_set valid_redirect_response_code = {301, 302, 303, 307, 308}; if (valid_redirect_response_code.contains(response_code)) { ret.insert(static_cast(response_code)); } }); return ret; } CorsPolicyImpl::CorsPolicyImpl(const envoy::config::route::v3::CorsPolicy& config, Runtime::Loader& loader) : config_(config), loader_(loader), allow_methods_(config.allow_methods()), allow_headers_(config.allow_headers()), expose_headers_(config.expose_headers()), max_age_(config.max_age()), legacy_enabled_(config.has_hidden_envoy_deprecated_enabled() ? config.hidden_envoy_deprecated_enabled().value() : true) { for (const auto& origin : config.hidden_envoy_deprecated_allow_origin()) { envoy::type::matcher::v3::StringMatcher matcher_config; matcher_config.set_exact(origin); allow_origins_.push_back(std::make_unique(matcher_config)); } for (const auto& regex : config.hidden_envoy_deprecated_allow_origin_regex()) { envoy::type::matcher::v3::StringMatcher matcher_config; matcher_config.set_hidden_envoy_deprecated_regex(regex); allow_origins_.push_back(std::make_unique(matcher_config)); } for (const auto& string_match : config.allow_origin_string_match()) { allow_origins_.push_back(std::make_unique(string_match)); } if (config.has_allow_credentials()) { allow_credentials_ = PROTOBUF_GET_WRAPPED_REQUIRED(config, allow_credentials); } } ShadowPolicyImpl::ShadowPolicyImpl(const RequestMirrorPolicy& config) { cluster_ = config.cluster(); if (config.has_runtime_fraction()) { runtime_key_ = config.runtime_fraction().runtime_key(); default_value_ = config.runtime_fraction().default_value(); } else { runtime_key_ = config.hidden_envoy_deprecated_runtime_key(); default_value_.set_numerator(0); } trace_sampled_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, trace_sampled, true); } DecoratorImpl::DecoratorImpl(const envoy::config::route::v3::Decorator& decorator) : operation_(decorator.operation()), propagate_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(decorator, propagate, true)) {} void DecoratorImpl::apply(Tracing::Span& span) const { if (!operation_.empty()) { span.setOperation(operation_); } } const std::string& DecoratorImpl::getOperation() const { return operation_; } bool DecoratorImpl::propagate() const { return propagate_; } RouteTracingImpl::RouteTracingImpl(const envoy::config::route::v3::Tracing& tracing) { if (!tracing.has_client_sampling()) { client_sampling_.set_numerator(100); client_sampling_.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); } else { client_sampling_ = tracing.client_sampling(); } if (!tracing.has_random_sampling()) { random_sampling_.set_numerator(100); random_sampling_.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); } else { random_sampling_ = tracing.random_sampling(); } if (!tracing.has_overall_sampling()) { overall_sampling_.set_numerator(100); overall_sampling_.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); } else { overall_sampling_ = tracing.overall_sampling(); } for (const auto& tag : tracing.custom_tags()) { custom_tags_.emplace(tag.tag(), Tracing::HttpTracerUtility::createCustomTag(tag)); } } const envoy::type::v3::FractionalPercent& RouteTracingImpl::getClientSampling() const { return client_sampling_; } const envoy::type::v3::FractionalPercent& RouteTracingImpl::getRandomSampling() const { return random_sampling_; } const envoy::type::v3::FractionalPercent& RouteTracingImpl::getOverallSampling() const { return overall_sampling_; } const Tracing::CustomTagMap& RouteTracingImpl::getCustomTags() const { return custom_tags_; } RouteEntryImplBase::RouteEntryImplBase(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) : case_sensitive_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(route.match(), case_sensitive, true)), prefix_rewrite_(route.route().prefix_rewrite()), host_rewrite_(route.route().host_rewrite_literal()), vhost_(vhost), auto_host_rewrite_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(route.route(), auto_host_rewrite, false)), auto_host_rewrite_header_(!route.route().host_rewrite_header().empty() ? absl::optional(Http::LowerCaseString( route.route().host_rewrite_header())) : absl::nullopt), host_rewrite_path_regex_( route.route().has_host_rewrite_path_regex() ? Regex::Utility::parseRegex(route.route().host_rewrite_path_regex().pattern()) : nullptr), host_rewrite_path_regex_substitution_( route.route().has_host_rewrite_path_regex() ? route.route().host_rewrite_path_regex().substitution() : ""), cluster_name_(route.route().cluster()), cluster_header_name_(route.route().cluster_header()), cluster_not_found_response_code_(ConfigUtility::parseClusterNotFoundResponseCode( route.route().cluster_not_found_response_code())), timeout_(PROTOBUF_GET_MS_OR_DEFAULT(route.route(), timeout, DEFAULT_ROUTE_TIMEOUT_MS)), idle_timeout_(PROTOBUF_GET_OPTIONAL_MS(route.route(), idle_timeout)), max_stream_duration_( PROTOBUF_GET_OPTIONAL_MS(route.route().max_stream_duration(), max_stream_duration)), grpc_timeout_header_max_( PROTOBUF_GET_OPTIONAL_MS(route.route().max_stream_duration(), grpc_timeout_header_max)), grpc_timeout_header_offset_(PROTOBUF_GET_OPTIONAL_MS(route.route().max_stream_duration(), grpc_timeout_header_offset)), max_grpc_timeout_(PROTOBUF_GET_OPTIONAL_MS(route.route(), max_grpc_timeout)), grpc_timeout_offset_(PROTOBUF_GET_OPTIONAL_MS(route.route(), grpc_timeout_offset)), loader_(factory_context.runtime()), runtime_(loadRuntimeData(route.match())), scheme_redirect_(route.redirect().scheme_redirect()), host_redirect_(route.redirect().host_redirect()), port_redirect_(route.redirect().port_redirect() ? ":" + std::to_string(route.redirect().port_redirect()) : ""), path_redirect_(route.redirect().path_redirect()), path_redirect_has_query_(path_redirect_.find('?') != absl::string_view::npos), enable_preserve_query_in_path_redirects_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.preserve_query_string_in_path_redirects")), https_redirect_(route.redirect().https_redirect()), prefix_rewrite_redirect_(route.redirect().prefix_rewrite()), strip_query_(route.redirect().strip_query()), hedge_policy_(buildHedgePolicy(vhost.hedgePolicy(), route.route())), retry_policy_(buildRetryPolicy(vhost.retryPolicy(), route.route(), validator)), internal_redirect_policy_( buildInternalRedirectPolicy(route.route(), validator, route.name())), rate_limit_policy_(route.route().rate_limits()), priority_(ConfigUtility::parsePriority(route.route().priority())), config_headers_(Http::HeaderUtility::buildHeaderDataVector(route.match().headers())), total_cluster_weight_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(route.route().weighted_clusters(), total_weight, 100UL)), request_headers_parser_(HeaderParser::configure(route.request_headers_to_add(), route.request_headers_to_remove())), response_headers_parser_(HeaderParser::configure(route.response_headers_to_add(), route.response_headers_to_remove())), retry_shadow_buffer_limit_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( route, per_request_buffer_limit_bytes, vhost.retryShadowBufferLimit())), metadata_(route.metadata()), typed_metadata_(route.metadata()), match_grpc_(route.match().has_grpc()), opaque_config_(parseOpaqueConfig(route)), decorator_(parseDecorator(route)), route_tracing_(parseRouteTracing(route)), direct_response_code_(ConfigUtility::parseDirectResponseCode(route)), direct_response_body_(ConfigUtility::parseDirectResponseBody(route, factory_context.api())), per_filter_configs_(route.typed_per_filter_config(), route.hidden_envoy_deprecated_per_filter_config(), factory_context, validator), route_name_(route.name()), time_source_(factory_context.dispatcher().timeSource()) { if (route.route().has_metadata_match()) { const auto filter_it = route.route().metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != route.route().metadata_match().filter_metadata().end()) { metadata_match_criteria_ = std::make_unique(filter_it->second); } } if (!route.route().request_mirror_policies().empty()) { if (route.route().has_hidden_envoy_deprecated_request_mirror_policy()) { // protobuf does not allow `oneof` to contain a field labeled `repeated`, so we do our own // xor-like check. // https://github.com/protocolbuffers/protobuf/issues/2592 // The alternative solution suggested (wrapping the oneof in a repeated message) would still // break wire compatibility. // (see https://github.com/envoyproxy/envoy/issues/439#issuecomment-383622723) throw EnvoyException("Cannot specify both request_mirror_policy and request_mirror_policies"); } for (const auto& mirror_policy_config : route.route().request_mirror_policies()) { shadow_policies_.push_back(std::make_unique(mirror_policy_config)); } } else if (route.route().has_hidden_envoy_deprecated_request_mirror_policy()) { shadow_policies_.push_back(std::make_unique( route.route().hidden_envoy_deprecated_request_mirror_policy())); } // If this is a weighted_cluster, we create N internal route entries // (called WeightedClusterEntry), such that each object is a simple // single cluster, pointing back to the parent. Metadata criteria // from the weighted cluster (if any) are merged with and override // the criteria from the route. if (route.route().cluster_specifier_case() == envoy::config::route::v3::RouteAction::ClusterSpecifierCase::kWeightedClusters) { ASSERT(total_cluster_weight_ > 0); uint64_t total_weight = 0UL; const std::string& runtime_key_prefix = route.route().weighted_clusters().runtime_key_prefix(); for (const auto& cluster : route.route().weighted_clusters().clusters()) { auto cluster_entry = std::make_unique( this, runtime_key_prefix + "." + cluster.name(), factory_context, validator, cluster); weighted_clusters_.emplace_back(std::move(cluster_entry)); total_weight += weighted_clusters_.back()->clusterWeight(); } if (total_weight != total_cluster_weight_) { throw EnvoyException(fmt::format("Sum of weights in the weighted_cluster should add up to {}", total_cluster_weight_)); } } for (const auto& query_parameter : route.match().query_parameters()) { config_query_parameters_.push_back( std::make_unique(query_parameter)); } if (!route.route().hash_policy().empty()) { hash_policy_ = std::make_unique(route.route().hash_policy()); } if (route.match().has_tls_context()) { tls_context_match_criteria_ = std::make_unique(route.match().tls_context()); } // Returns true if include_vh_rate_limits is explicitly set to true otherwise it defaults to false // which is similar to VhRateLimitOptions::Override and will only use virtual host rate limits if // the route is empty include_vh_rate_limits_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(route.route(), include_vh_rate_limits, false); if (route.route().has_cors()) { cors_policy_ = std::make_unique(route.route().cors(), factory_context.runtime()); } for (const auto& upgrade_config : route.route().upgrade_configs()) { const bool enabled = upgrade_config.has_enabled() ? upgrade_config.enabled().value() : true; const bool success = upgrade_map_ .emplace(std::make_pair( Envoy::Http::LowerCaseString(upgrade_config.upgrade_type()).get(), enabled)) .second; if (!success) { throw EnvoyException(absl::StrCat("Duplicate upgrade ", upgrade_config.upgrade_type())); } if (upgrade_config.upgrade_type() == Http::Headers::get().MethodValues.Connect) { connect_config_ = upgrade_config.connect_config(); } else if (upgrade_config.has_connect_config()) { throw EnvoyException(absl::StrCat("Non-CONNECT upgrade type ", upgrade_config.upgrade_type(), " has ConnectConfig")); } } if (route.route().has_regex_rewrite()) { if (!prefix_rewrite_.empty()) { throw EnvoyException("Cannot specify both prefix_rewrite and regex_rewrite"); } auto rewrite_spec = route.route().regex_rewrite(); regex_rewrite_ = Regex::Utility::parseRegex(rewrite_spec.pattern()); regex_rewrite_substitution_ = rewrite_spec.substitution(); } if (enable_preserve_query_in_path_redirects_ && path_redirect_has_query_ && strip_query_) { ENVOY_LOG(warn, "`strip_query` is set to true, but `path_redirect` contains query string and it will " "not be stripped: {}", path_redirect_); } } bool RouteEntryImplBase::evaluateRuntimeMatch(const uint64_t random_value) const { return !runtime_ ? true : loader_.snapshot().featureEnabled(runtime_->fractional_runtime_key_, runtime_->fractional_runtime_default_, random_value); } bool RouteEntryImplBase::evaluateTlsContextMatch(const StreamInfo::StreamInfo& stream_info) const { bool matches = true; if (!tlsContextMatchCriteria()) { return matches; } const TlsContextMatchCriteria& criteria = *tlsContextMatchCriteria(); if (criteria.presented().has_value()) { const bool peer_presented = stream_info.downstreamSslConnection() && stream_info.downstreamSslConnection()->peerCertificatePresented(); matches &= criteria.presented().value() == peer_presented; } if (criteria.validated().has_value()) { const bool peer_validated = stream_info.downstreamSslConnection() && stream_info.downstreamSslConnection()->peerCertificateValidated(); matches &= criteria.validated().value() == peer_validated; } return matches; } bool RouteEntryImplBase::matchRoute(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { bool matches = true; matches &= evaluateRuntimeMatch(random_value); if (!matches) { // No need to waste further cycles calculating a route match. return false; } if (match_grpc_) { matches &= Grpc::Common::isGrpcRequestHeaders(headers); } matches &= Http::HeaderUtility::matchHeaders(headers, config_headers_); if (!config_query_parameters_.empty()) { Http::Utility::QueryParams query_parameters = Http::Utility::parseQueryString(headers.getPathValue()); matches &= ConfigUtility::matchQueryParams(query_parameters, config_query_parameters_); } matches &= evaluateTlsContextMatch(stream_info); return matches; } const std::string& RouteEntryImplBase::clusterName() const { return cluster_name_; } void RouteEntryImplBase::finalizeRequestHeaders(Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, bool insert_envoy_original_path) const { if (!vhost_.globalRouteConfig().mostSpecificHeaderMutationsWins()) { // Append user-specified request headers from most to least specific: route-level headers, // virtual host level headers and finally global connection manager level headers. request_headers_parser_->evaluateHeaders(headers, stream_info); vhost_.requestHeaderParser().evaluateHeaders(headers, stream_info); vhost_.globalRouteConfig().requestHeaderParser().evaluateHeaders(headers, stream_info); } else { // Most specific mutations take precedence. vhost_.globalRouteConfig().requestHeaderParser().evaluateHeaders(headers, stream_info); vhost_.requestHeaderParser().evaluateHeaders(headers, stream_info); request_headers_parser_->evaluateHeaders(headers, stream_info); } if (!host_rewrite_.empty()) { headers.setHost(host_rewrite_); } else if (auto_host_rewrite_header_) { const Http::HeaderEntry* header = headers.get(*auto_host_rewrite_header_); if (header != nullptr) { absl::string_view header_value = header->value().getStringView(); if (!header_value.empty()) { headers.setHost(header_value); } } } else if (host_rewrite_path_regex_ != nullptr) { const std::string path(headers.getPathValue()); absl::string_view just_path(Http::PathUtil::removeQueryAndFragment(path)); headers.setHost( host_rewrite_path_regex_->replaceAll(just_path, host_rewrite_path_regex_substitution_)); } // Handle path rewrite if (!getPathRewrite().empty() || regex_rewrite_ != nullptr) { rewritePathHeader(headers, insert_envoy_original_path); } } void RouteEntryImplBase::finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const { if (!vhost_.globalRouteConfig().mostSpecificHeaderMutationsWins()) { // Append user-specified request headers from most to least specific: route-level headers, // virtual host level headers and finally global connection manager level headers. response_headers_parser_->evaluateHeaders(headers, stream_info); vhost_.responseHeaderParser().evaluateHeaders(headers, stream_info); vhost_.globalRouteConfig().responseHeaderParser().evaluateHeaders(headers, stream_info); } else { // Most specific mutations take precedence. vhost_.globalRouteConfig().responseHeaderParser().evaluateHeaders(headers, stream_info); vhost_.responseHeaderParser().evaluateHeaders(headers, stream_info); response_headers_parser_->evaluateHeaders(headers, stream_info); } } absl::optional RouteEntryImplBase::loadRuntimeData(const envoy::config::route::v3::RouteMatch& route_match) { absl::optional runtime; RuntimeData runtime_data; if (route_match.has_runtime_fraction()) { runtime_data.fractional_runtime_default_ = route_match.runtime_fraction().default_value(); runtime_data.fractional_runtime_key_ = route_match.runtime_fraction().runtime_key(); return runtime_data; } return runtime; } // finalizePathHeaders does the "standard" path rewriting, meaning that it // handles the "prefix_rewrite" and "regex_rewrite" route actions, only one of // which can be specified. The "matched_path" argument applies only to the // prefix rewriting, and describes the portion of the path (excluding query // parameters) that should be replaced by the rewrite. A "regex_rewrite" // applies to the entire path (excluding query parameters), regardless of what // portion was matched. void RouteEntryImplBase::finalizePathHeader(Http::RequestHeaderMap& headers, absl::string_view matched_path, bool insert_envoy_original_path) const { const auto& rewrite = getPathRewrite(); if (rewrite.empty() && regex_rewrite_ == nullptr) { // There are no rewrites configured. Just return. return; } // TODO(perf): can we avoid the string copy for the common case? std::string path(headers.getPathValue()); if (insert_envoy_original_path) { headers.setEnvoyOriginalPath(path); } if (!rewrite.empty()) { ASSERT(case_sensitive_ ? absl::StartsWith(path, matched_path) : absl::StartsWithIgnoreCase(path, matched_path)); headers.setPath(path.replace(0, matched_path.size(), rewrite)); return; } if (regex_rewrite_ != nullptr) { // Replace the entire path, but preserve the query parameters auto just_path(Http::PathUtil::removeQueryAndFragment(path)); headers.setPath(path.replace( 0, just_path.size(), regex_rewrite_->replaceAll(just_path, regex_rewrite_substitution_))); return; } } absl::string_view RouteEntryImplBase::processRequestHost(const Http::RequestHeaderMap& headers, absl::string_view new_scheme, absl::string_view new_port) const { absl::string_view request_host = headers.getHostValue(); size_t host_end; if (request_host.empty()) { return request_host; } // Detect if IPv6 URI if (request_host[0] == '[') { host_end = request_host.rfind("]:"); if (host_end != absl::string_view::npos) { host_end += 1; // advance to : } } else { host_end = request_host.rfind(":"); } if (host_end != absl::string_view::npos) { absl::string_view request_port = request_host.substr(host_end); absl::string_view request_protocol = headers.getForwardedProtoValue(); bool remove_port = !new_port.empty(); if (new_scheme != request_protocol) { remove_port |= (request_protocol == Http::Headers::get().SchemeValues.Https.c_str()) && request_port == ":443"; remove_port |= (request_protocol == Http::Headers::get().SchemeValues.Http.c_str()) && request_port == ":80"; } if (remove_port) { return request_host.substr(0, host_end); } } return request_host; } std::string RouteEntryImplBase::newPath(const Http::RequestHeaderMap& headers) const { ASSERT(isDirectResponse()); absl::string_view final_scheme; absl::string_view final_host; absl::string_view final_port; absl::string_view final_path; if (!scheme_redirect_.empty()) { final_scheme = scheme_redirect_.c_str(); } else if (https_redirect_) { final_scheme = Http::Headers::get().SchemeValues.Https; } else { ASSERT(headers.ForwardedProto()); final_scheme = headers.getForwardedProtoValue(); } if (!port_redirect_.empty()) { final_port = port_redirect_.c_str(); } else { final_port = ""; } if (!host_redirect_.empty()) { final_host = host_redirect_.c_str(); } else { ASSERT(headers.Host()); final_host = processRequestHost(headers, final_scheme, final_port); } std::string final_path_value; if (enable_preserve_query_in_path_redirects_) { if (!path_redirect_.empty()) { // The path_redirect query string, if any, takes precedence over the request's query string, // and it will not be stripped regardless of `strip_query`. if (path_redirect_has_query_) { final_path = path_redirect_.c_str(); } else { const absl::string_view current_path = headers.getPathValue(); const size_t path_end = current_path.find('?'); const bool current_path_has_query = path_end != absl::string_view::npos; if (current_path_has_query) { final_path_value = path_redirect_; final_path_value.append(current_path.data() + path_end, current_path.length() - path_end); final_path = final_path_value; } else { final_path = path_redirect_.c_str(); } } } else { final_path = headers.getPathValue(); } if (!path_redirect_has_query_ && strip_query_) { const size_t path_end = final_path.find('?'); if (path_end != absl::string_view::npos) { final_path = final_path.substr(0, path_end); } } } else { if (!path_redirect_.empty()) { final_path = path_redirect_.c_str(); } else { final_path = headers.getPathValue(); if (strip_query_) { const size_t path_end = final_path.find("?"); if (path_end != absl::string_view::npos) { final_path = final_path.substr(0, path_end); } } } } return fmt::format("{}://{}{}{}", final_scheme, final_host, final_port, final_path); } std::multimap RouteEntryImplBase::parseOpaqueConfig(const envoy::config::route::v3::Route& route) { std::multimap ret; if (route.has_metadata()) { auto filter_metadata = route.metadata().filter_metadata().find( Extensions::HttpFilters::HttpFilterNames::get().Router); if (filter_metadata == route.metadata().filter_metadata().end()) { // TODO(zuercher): simply return `ret` when deprecated filter names are removed. filter_metadata = route.metadata().filter_metadata().find(DEPRECATED_ROUTER_NAME); if (filter_metadata == route.metadata().filter_metadata().end()) { return ret; } Extensions::Common::Utility::ExtensionNameUtil::checkDeprecatedExtensionName( "http filter", DEPRECATED_ROUTER_NAME, Extensions::HttpFilters::HttpFilterNames::get().Router); } for (const auto& it : filter_metadata->second.fields()) { if (it.second.kind_case() == ProtobufWkt::Value::kStringValue) { ret.emplace(it.first, it.second.string_value()); } } } return ret; } HedgePolicyImpl RouteEntryImplBase::buildHedgePolicy( const absl::optional& vhost_hedge_policy, const envoy::config::route::v3::RouteAction& route_config) const { // Route specific policy wins, if available. if (route_config.has_hedge_policy()) { return HedgePolicyImpl(route_config.hedge_policy()); } // If not, we fall back to the virtual host policy if there is one. if (vhost_hedge_policy) { return HedgePolicyImpl(vhost_hedge_policy.value()); } // Otherwise, an empty policy will do. return HedgePolicyImpl(); } RetryPolicyImpl RouteEntryImplBase::buildRetryPolicy( const absl::optional& vhost_retry_policy, const envoy::config::route::v3::RouteAction& route_config, ProtobufMessage::ValidationVisitor& validation_visitor) const { // Route specific policy wins, if available. if (route_config.has_retry_policy()) { return RetryPolicyImpl(route_config.retry_policy(), validation_visitor); } // If not, we fallback to the virtual host policy if there is one. if (vhost_retry_policy) { return RetryPolicyImpl(vhost_retry_policy.value(), validation_visitor); } // Otherwise, an empty policy will do. return RetryPolicyImpl(); } InternalRedirectPolicyImpl RouteEntryImplBase::buildInternalRedirectPolicy( const envoy::config::route::v3::RouteAction& route_config, ProtobufMessage::ValidationVisitor& validator, absl::string_view current_route_name) const { if (route_config.has_internal_redirect_policy()) { return InternalRedirectPolicyImpl(route_config.internal_redirect_policy(), validator, current_route_name); } envoy::config::route::v3::InternalRedirectPolicy policy_config; switch (route_config.internal_redirect_action()) { case envoy::config::route::v3::RouteAction::HANDLE_INTERNAL_REDIRECT: break; case envoy::config::route::v3::RouteAction::PASS_THROUGH_INTERNAL_REDIRECT: FALLTHRU; default: return InternalRedirectPolicyImpl(); } if (route_config.has_max_internal_redirects()) { *policy_config.mutable_max_internal_redirects() = route_config.max_internal_redirects(); } return InternalRedirectPolicyImpl(policy_config, validator, current_route_name); } DecoratorConstPtr RouteEntryImplBase::parseDecorator(const envoy::config::route::v3::Route& route) { DecoratorConstPtr ret; if (route.has_decorator()) { ret = DecoratorConstPtr(new DecoratorImpl(route.decorator())); } return ret; } RouteTracingConstPtr RouteEntryImplBase::parseRouteTracing(const envoy::config::route::v3::Route& route) { RouteTracingConstPtr ret; if (route.has_tracing()) { ret = RouteTracingConstPtr(new RouteTracingImpl(route.tracing())); } return ret; } const DirectResponseEntry* RouteEntryImplBase::directResponseEntry() const { // A route for a request can exclusively be a route entry, a direct response entry, // or a redirect entry. if (isDirectResponse()) { return this; } else { return nullptr; } } const RouteEntry* RouteEntryImplBase::routeEntry() const { // A route for a request can exclusively be a route entry, a direct response entry, // or a redirect entry. if (isDirectResponse()) { return nullptr; } else { return this; } } RouteConstSharedPtr RouteEntryImplBase::clusterEntry(const Http::HeaderMap& headers, uint64_t random_value) const { // Gets the route object chosen from the list of weighted clusters // (if there is one) or returns self. if (weighted_clusters_.empty()) { if (!cluster_name_.empty() || isDirectResponse()) { return shared_from_this(); } else { ASSERT(!cluster_header_name_.get().empty()); const Http::HeaderEntry* entry = headers.get(cluster_header_name_); std::string final_cluster_name; if (entry) { final_cluster_name = std::string(entry->value().getStringView()); } // NOTE: Though we return a shared_ptr here, the current ownership model assumes that // the route table sticks around. See snapped_route_config_ in // ConnectionManagerImpl::ActiveStream. return std::make_shared(this, final_cluster_name); } } return WeightedClusterUtil::pickCluster(weighted_clusters_, total_cluster_weight_, random_value, true); } void RouteEntryImplBase::validateClusters(Upstream::ClusterManager& cm) const { if (isDirectResponse()) { return; } // Currently, we verify that the cluster exists in the CM if we have an explicit cluster or // weighted cluster rule. We obviously do not verify a cluster_header rule. This means that // trying to use all CDS clusters with a static route table will not work. In the upcoming RDS // change we will make it so that dynamically loaded route tables do *not* perform CM checks. // In the future we might decide to also have a config option that turns off checks for static // route tables. This would enable the all CDS with static route table case. if (!cluster_name_.empty()) { if (!cm.get(cluster_name_)) { throw EnvoyException(fmt::format("route: unknown cluster '{}'", cluster_name_)); } } else if (!weighted_clusters_.empty()) { for (const WeightedClusterEntrySharedPtr& cluster : weighted_clusters_) { if (!cm.get(cluster->clusterName())) { throw EnvoyException( fmt::format("route: unknown weighted cluster '{}'", cluster->clusterName())); } } } } const RouteSpecificFilterConfig* RouteEntryImplBase::perFilterConfig(const std::string& name) const { return per_filter_configs_.get(name); } RouteEntryImplBase::WeightedClusterEntry::WeightedClusterEntry( const RouteEntryImplBase* parent, const std::string& runtime_key, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, const envoy::config::route::v3::WeightedCluster::ClusterWeight& cluster) : DynamicRouteEntry(parent, cluster.name()), runtime_key_(runtime_key), loader_(factory_context.runtime()), cluster_weight_(PROTOBUF_GET_WRAPPED_REQUIRED(cluster, weight)), request_headers_parser_(HeaderParser::configure(cluster.request_headers_to_add(), cluster.request_headers_to_remove())), response_headers_parser_(HeaderParser::configure(cluster.response_headers_to_add(), cluster.response_headers_to_remove())), per_filter_configs_(cluster.typed_per_filter_config(), cluster.hidden_envoy_deprecated_per_filter_config(), factory_context, validator) { if (cluster.has_metadata_match()) { const auto filter_it = cluster.metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != cluster.metadata_match().filter_metadata().end()) { if (parent->metadata_match_criteria_) { cluster_metadata_match_criteria_ = parent->metadata_match_criteria_->mergeMatchCriteria(filter_it->second); } else { cluster_metadata_match_criteria_ = std::make_unique(filter_it->second); } } } } const RouteSpecificFilterConfig* RouteEntryImplBase::WeightedClusterEntry::perFilterConfig(const std::string& name) const { const auto cfg = per_filter_configs_.get(name); return cfg != nullptr ? cfg : DynamicRouteEntry::perFilterConfig(name); } PrefixRouteEntryImpl::PrefixRouteEntryImpl( const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) : RouteEntryImplBase(vhost, route, factory_context, validator), prefix_(route.match().prefix()), path_matcher_(Matchers::PathMatcher::createPrefix(prefix_, !case_sensitive_)) {} void PrefixRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const { finalizePathHeader(headers, prefix_, insert_envoy_original_path); } RouteConstSharedPtr PrefixRouteEntryImpl::matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { if (RouteEntryImplBase::matchRoute(headers, stream_info, random_value) && path_matcher_->match(headers.getPathValue())) { return clusterEntry(headers, random_value); } return nullptr; } PathRouteEntryImpl::PathRouteEntryImpl(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) : RouteEntryImplBase(vhost, route, factory_context, validator), path_(route.match().path()), path_matcher_(Matchers::PathMatcher::createExact(path_, !case_sensitive_)) {} void PathRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const { finalizePathHeader(headers, path_, insert_envoy_original_path); } RouteConstSharedPtr PathRouteEntryImpl::matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { if (RouteEntryImplBase::matchRoute(headers, stream_info, random_value) && path_matcher_->match(headers.getPathValue())) { return clusterEntry(headers, random_value); } return nullptr; } RegexRouteEntryImpl::RegexRouteEntryImpl( const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) : RouteEntryImplBase(vhost, route, factory_context, validator) { // TODO(yangminzhu): Use PathMatcher once hidden_envoy_deprecated_regex is removed. if (route.match().path_specifier_case() == envoy::config::route::v3::RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex) { regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( route.match().hidden_envoy_deprecated_regex()); regex_str_ = route.match().hidden_envoy_deprecated_regex(); } else { ASSERT(route.match().path_specifier_case() == envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); regex_ = Regex::Utility::parseRegex(route.match().safe_regex()); regex_str_ = route.match().safe_regex().regex(); } } void RegexRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const { const absl::string_view path = Http::PathUtil::removeQueryAndFragment(headers.getPathValue()); // TODO(yuval-k): This ASSERT can happen if the path was changed by a filter without clearing the // route cache. We should consider if ASSERT-ing is the desired behavior in this case. ASSERT(regex_->match(path)); finalizePathHeader(headers, path, insert_envoy_original_path); } RouteConstSharedPtr RegexRouteEntryImpl::matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { if (RouteEntryImplBase::matchRoute(headers, stream_info, random_value)) { const absl::string_view path = Http::PathUtil::removeQueryAndFragment(headers.getPathValue()); if (regex_->match(path)) { return clusterEntry(headers, random_value); } } return nullptr; } ConnectRouteEntryImpl::ConnectRouteEntryImpl( const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) : RouteEntryImplBase(vhost, route, factory_context, validator) {} void ConnectRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const { const absl::string_view path = Http::PathUtil::removeQueryAndFragment(headers.getPathValue()); finalizePathHeader(headers, path, insert_envoy_original_path); } RouteConstSharedPtr ConnectRouteEntryImpl::matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { if (Http::HeaderUtility::isConnect(headers) && RouteEntryImplBase::matchRoute(headers, stream_info, random_value)) { return clusterEntry(headers, random_value); } return nullptr; } VirtualHostImpl::VirtualHostImpl(const envoy::config::route::v3::VirtualHost& virtual_host, const ConfigImpl& global_route_config, Server::Configuration::ServerFactoryContext& factory_context, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters) : stat_name_pool_(factory_context.scope().symbolTable()), stat_name_(stat_name_pool_.add(virtual_host.name())), vcluster_scope_(scope.createScope(virtual_host.name() + ".vcluster")), rate_limit_policy_(virtual_host.rate_limits()), global_route_config_(global_route_config), request_headers_parser_(HeaderParser::configure(virtual_host.request_headers_to_add(), virtual_host.request_headers_to_remove())), response_headers_parser_(HeaderParser::configure(virtual_host.response_headers_to_add(), virtual_host.response_headers_to_remove())), per_filter_configs_(virtual_host.typed_per_filter_config(), virtual_host.hidden_envoy_deprecated_per_filter_config(), factory_context, validator), retry_shadow_buffer_limit_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( virtual_host, per_request_buffer_limit_bytes, std::numeric_limits::max())), include_attempt_count_in_request_(virtual_host.include_request_attempt_count()), include_attempt_count_in_response_(virtual_host.include_attempt_count_in_response()), virtual_cluster_catch_all_(stat_name_pool_, *vcluster_scope_) { switch (virtual_host.require_tls()) { case envoy::config::route::v3::VirtualHost::NONE: ssl_requirements_ = SslRequirements::None; break; case envoy::config::route::v3::VirtualHost::EXTERNAL_ONLY: ssl_requirements_ = SslRequirements::ExternalOnly; break; case envoy::config::route::v3::VirtualHost::ALL: ssl_requirements_ = SslRequirements::All; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } // Retry and Hedge policies must be set before routes, since they may use them. if (virtual_host.has_retry_policy()) { retry_policy_ = virtual_host.retry_policy(); } if (virtual_host.has_hedge_policy()) { hedge_policy_ = virtual_host.hedge_policy(); } for (const auto& route : virtual_host.routes()) { switch (route.match().path_specifier_case()) { case envoy::config::route::v3::RouteMatch::PathSpecifierCase::kPrefix: { routes_.emplace_back(new PrefixRouteEntryImpl(*this, route, factory_context, validator)); break; } case envoy::config::route::v3::RouteMatch::PathSpecifierCase::kPath: { routes_.emplace_back(new PathRouteEntryImpl(*this, route, factory_context, validator)); break; } case envoy::config::route::v3::RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex: case envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex: { routes_.emplace_back(new RegexRouteEntryImpl(*this, route, factory_context, validator)); break; } case envoy::config::route::v3::RouteMatch::PathSpecifierCase::kConnectMatcher: { routes_.emplace_back(new ConnectRouteEntryImpl(*this, route, factory_context, validator)); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } if (validate_clusters) { routes_.back()->validateClusters(factory_context.clusterManager()); for (const auto& shadow_policy : routes_.back()->shadowPolicies()) { ASSERT(!shadow_policy->cluster().empty()); if (!factory_context.clusterManager().get(shadow_policy->cluster())) { throw EnvoyException( fmt::format("route: unknown shadow cluster '{}'", shadow_policy->cluster())); } } } } for (const auto& virtual_cluster : virtual_host.virtual_clusters()) { virtual_clusters_.push_back( VirtualClusterEntry(virtual_cluster, stat_name_pool_, *vcluster_scope_)); } if (virtual_host.has_cors()) { cors_policy_ = std::make_unique(virtual_host.cors(), factory_context.runtime()); } } VirtualHostImpl::VirtualClusterEntry::VirtualClusterEntry( const envoy::config::route::v3::VirtualCluster& virtual_cluster, Stats::StatNamePool& pool, Stats::Scope& scope) : VirtualClusterBase(pool.add(virtual_cluster.name()), scope.createScope(virtual_cluster.name())) { if (virtual_cluster.hidden_envoy_deprecated_pattern().empty() == virtual_cluster.headers().empty()) { throw EnvoyException("virtual clusters must define either 'pattern' or 'headers'"); } if (!virtual_cluster.hidden_envoy_deprecated_pattern().empty()) { envoy::config::route::v3::HeaderMatcher matcher_config; matcher_config.set_name(Http::Headers::get().Path.get()); matcher_config.set_hidden_envoy_deprecated_regex_match( virtual_cluster.hidden_envoy_deprecated_pattern()); headers_.push_back(std::make_unique(matcher_config)); } else { ASSERT(!virtual_cluster.headers().empty()); headers_ = Http::HeaderUtility::buildHeaderDataVector(virtual_cluster.headers()); } if (virtual_cluster.hidden_envoy_deprecated_method() != envoy::config::core::v3::METHOD_UNSPECIFIED) { envoy::config::route::v3::HeaderMatcher matcher_config; matcher_config.set_name(Http::Headers::get().Method.get()); matcher_config.set_exact_match(envoy::config::core::v3::RequestMethod_Name( virtual_cluster.hidden_envoy_deprecated_method())); headers_.push_back(std::make_unique(matcher_config)); } } const Config& VirtualHostImpl::routeConfig() const { return global_route_config_; } const RouteSpecificFilterConfig* VirtualHostImpl::perFilterConfig(const std::string& name) const { return per_filter_configs_.get(name); } const VirtualHostImpl* RouteMatcher::findWildcardVirtualHost( const std::string& host, const RouteMatcher::WildcardVirtualHosts& wildcard_virtual_hosts, RouteMatcher::SubstringFunction substring_function) const { // We do a longest wildcard match against the host that's passed in // (e.g. "foo-bar.baz.com" should match "*-bar.baz.com" before matching "*.baz.com" for suffix // wildcards). This is done by scanning the length => wildcards map looking for every wildcard // whose size is < length. for (const auto& iter : wildcard_virtual_hosts) { const uint32_t wildcard_length = iter.first; const auto& wildcard_map = iter.second; // >= because *.foo.com shouldn't match .foo.com. if (wildcard_length >= host.size()) { continue; } const auto& match = wildcard_map.find(substring_function(host, wildcard_length)); if (match != wildcard_map.end()) { return match->second.get(); } } return nullptr; } RouteMatcher::RouteMatcher(const envoy::config::route::v3::RouteConfiguration& route_config, const ConfigImpl& global_route_config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters) : vhost_scope_(factory_context.scope().createScope("vhost")) { for (const auto& virtual_host_config : route_config.virtual_hosts()) { VirtualHostSharedPtr virtual_host(new VirtualHostImpl(virtual_host_config, global_route_config, factory_context, *vhost_scope_, validator, validate_clusters)); for (const std::string& domain_name : virtual_host_config.domains()) { const std::string domain = Http::LowerCaseString(domain_name).get(); bool duplicate_found = false; if ("*" == domain) { if (default_virtual_host_) { throw EnvoyException(fmt::format("Only a single wildcard domain is permitted in route {}", route_config.name())); } default_virtual_host_ = virtual_host; } else if (!domain.empty() && '*' == domain[0]) { duplicate_found = !wildcard_virtual_host_suffixes_[domain.size() - 1] .emplace(domain.substr(1), virtual_host) .second; } else if (!domain.empty() && '*' == domain[domain.size() - 1]) { duplicate_found = !wildcard_virtual_host_prefixes_[domain.size() - 1] .emplace(domain.substr(0, domain.size() - 1), virtual_host) .second; } else { duplicate_found = !virtual_hosts_.emplace(domain, virtual_host).second; } if (duplicate_found) { throw EnvoyException(fmt::format("Only unique values for domains are permitted. Duplicate " "entry of domain {} in route {}", domain, route_config.name())); } } } } RouteConstSharedPtr VirtualHostImpl::getRouteFromEntries(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { // No x-forwarded-proto header. This normally only happens when ActiveStream::decodeHeaders // bails early (as it rejects a request), so there is no routing is going to happen anyway. const auto* forwarded_proto_header = headers.ForwardedProto(); if (forwarded_proto_header == nullptr) { return nullptr; } // First check for ssl redirect. if (ssl_requirements_ == SslRequirements::All && forwarded_proto_header->value() != "https") { return SSL_REDIRECT_ROUTE; } else if (ssl_requirements_ == SslRequirements::ExternalOnly && forwarded_proto_header->value() != "https" && !Http::HeaderUtility::isEnvoyInternalRequest(headers)) { return SSL_REDIRECT_ROUTE; } // Check for a route that matches the request. for (auto route = routes_.begin(); route != routes_.end(); ++route) { if (!headers.Path() && !(*route)->supportsPathlessHeaders()) { continue; } RouteConstSharedPtr route_entry = (*route)->matches(headers, stream_info, random_value); if (nullptr == route_entry) { continue; } if (cb) { RouteEvalStatus eval_status = (std::next(route) == routes_.end()) ? RouteEvalStatus::NoMoreRoutes : RouteEvalStatus::HasMoreRoutes; RouteMatchStatus match_status = cb(route_entry, eval_status); if (match_status == RouteMatchStatus::Accept) { return route_entry; } if (match_status == RouteMatchStatus::Continue && eval_status == RouteEvalStatus::NoMoreRoutes) { return nullptr; } continue; } return route_entry; } return nullptr; } const VirtualHostImpl* RouteMatcher::findVirtualHost(const Http::RequestHeaderMap& headers) const { // Fast path the case where we only have a default virtual host. if (virtual_hosts_.empty() && wildcard_virtual_host_suffixes_.empty() && wildcard_virtual_host_prefixes_.empty()) { return default_virtual_host_.get(); } // There may be no authority in early reply paths in the HTTP connection manager. if (headers.Host() == nullptr) { return nullptr; } // TODO (@rshriram) Match Origin header in WebSocket // request with VHost, using wildcard match // Lower-case the value of the host header, as hostnames are case insensitive. const std::string host = absl::AsciiStrToLower(headers.getHostValue()); const auto& iter = virtual_hosts_.find(host); if (iter != virtual_hosts_.end()) { return iter->second.get(); } if (!wildcard_virtual_host_suffixes_.empty()) { const VirtualHostImpl* vhost = findWildcardVirtualHost( host, wildcard_virtual_host_suffixes_, [](const std::string& h, int l) -> std::string { return h.substr(h.size() - l); }); if (vhost != nullptr) { return vhost; } } if (!wildcard_virtual_host_prefixes_.empty()) { const VirtualHostImpl* vhost = findWildcardVirtualHost( host, wildcard_virtual_host_prefixes_, [](const std::string& h, int l) -> std::string { return h.substr(0, l); }); if (vhost != nullptr) { return vhost; } } return default_virtual_host_.get(); } RouteConstSharedPtr RouteMatcher::route(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { const VirtualHostImpl* virtual_host = findVirtualHost(headers); if (virtual_host) { return virtual_host->getRouteFromEntries(cb, headers, stream_info, random_value); } else { return nullptr; } } const SslRedirector SslRedirectRoute::SSL_REDIRECTOR; const std::shared_ptr VirtualHostImpl::SSL_REDIRECT_ROUTE{ new SslRedirectRoute()}; const VirtualCluster* VirtualHostImpl::virtualClusterFromEntries(const Http::HeaderMap& headers) const { for (const VirtualClusterEntry& entry : virtual_clusters_) { if (Http::HeaderUtility::matchHeaders(headers, entry.headers_)) { return &entry; } } if (!virtual_clusters_.empty()) { return &virtual_cluster_catch_all_; } return nullptr; } ConfigImpl::ConfigImpl(const envoy::config::route::v3::RouteConfiguration& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters_default) : name_(config.name()), symbol_table_(factory_context.scope().symbolTable()), uses_vhds_(config.has_vhds()), most_specific_header_mutations_wins_(config.most_specific_header_mutations_wins()) { route_matcher_ = std::make_unique( config, *this, factory_context, validator, PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, validate_clusters, validate_clusters_default)); for (const std::string& header : config.internal_only_headers()) { internal_only_headers_.push_back(Http::LowerCaseString(header)); } request_headers_parser_ = HeaderParser::configure(config.request_headers_to_add(), config.request_headers_to_remove()); response_headers_parser_ = HeaderParser::configure(config.response_headers_to_add(), config.response_headers_to_remove()); } RouteConstSharedPtr ConfigImpl::route(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const { return route_matcher_->route(cb, headers, stream_info, random_value); } namespace { RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfig(const std::string& name, const ProtobufWkt::Any& typed_config, const ProtobufWkt::Struct& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) { auto& factory = Envoy::Config::Utility::getAndCheckFactoryByName< Server::Configuration::NamedHttpFilterConfigFactory>(name); ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); Envoy::Config::Utility::translateOpaqueConfig(typed_config, config, validator, *proto_config); return factory.createRouteSpecificFilterConfig(*proto_config, factory_context, validator); } } // namespace PerFilterConfigs::PerFilterConfigs( const Protobuf::Map& typed_configs, const Protobuf::Map& configs, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) { if (!typed_configs.empty() && !configs.empty()) { throw EnvoyException("Only one of typed_configs or configs can be specified"); } for (const auto& it : typed_configs) { // TODO(zuercher): canonicalization may be removed when deprecated filter names are removed const auto& name = Extensions::HttpFilters::Common::FilterNameUtil::canonicalFilterName(it.first); auto object = createRouteSpecificFilterConfig( name, it.second, ProtobufWkt::Struct::default_instance(), factory_context, validator); if (object != nullptr) { configs_[name] = std::move(object); } } for (const auto& it : configs) { // TODO(zuercher): canonicalization may be removed when deprecated filter names are removed const auto& name = Extensions::HttpFilters::Common::FilterNameUtil::canonicalFilterName(it.first); auto object = createRouteSpecificFilterConfig(name, ProtobufWkt::Any::default_instance(), it.second, factory_context, validator); if (object != nullptr) { configs_[name] = std::move(object); } } } const RouteSpecificFilterConfig* PerFilterConfigs::get(const std::string& name) const { auto it = configs_.find(name); return it == configs_.end() ? nullptr : it->second.get(); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/config_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/router/router.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/matchers.h" #include "common/config/metadata.h" #include "common/http/hash_policy.h" #include "common/http/header_utility.h" #include "common/router/config_utility.h" #include "common/router/header_formatter.h" #include "common/router/header_parser.h" #include "common/router/metadatamatchcriteria_impl.h" #include "common/router/router_ratelimit.h" #include "common/router/tls_context_match_criteria_impl.h" #include "common/stats/symbol_table_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * Base interface for something that matches a header. */ class Matchable { public: virtual ~Matchable() = default; /** * See if this object matches the incoming headers. * @param headers supplies the headers to match. * @param random_value supplies the random seed to use if a runtime choice is required. This * allows stable choices between calls if desired. * @return true if input headers match this object. */ virtual RouteConstSharedPtr matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const PURE; // By default, matchers do not support null Path headers. virtual bool supportsPathlessHeaders() const { return false; } }; class PerFilterConfigs { public: PerFilterConfigs(const Protobuf::Map& typed_configs, const Protobuf::Map& configs, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); const RouteSpecificFilterConfig* get(const std::string& name) const; private: absl::node_hash_map configs_; }; class RouteEntryImplBase; using RouteEntryImplBaseConstSharedPtr = std::shared_ptr; /** * Direct response entry that does an SSL redirect. */ class SslRedirector : public DirectResponseEntry { public: // Router::DirectResponseEntry void finalizeResponseHeaders(Http::ResponseHeaderMap&, const StreamInfo::StreamInfo&) const override {} std::string newPath(const Http::RequestHeaderMap& headers) const override; void rewritePathHeader(Http::RequestHeaderMap&, bool) const override {} Http::Code responseCode() const override { return Http::Code::MovedPermanently; } const std::string& responseBody() const override { return EMPTY_STRING; } const std::string& routeName() const override { return route_name_; } private: const std::string route_name_; }; class SslRedirectRoute : public Route { public: // Router::Route const DirectResponseEntry* directResponseEntry() const override { return &SSL_REDIRECTOR; } const RouteEntry* routeEntry() const override { return nullptr; } const Decorator* decorator() const override { return nullptr; } const RouteTracing* tracingConfig() const override { return nullptr; } const RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override { return nullptr; } private: static const SslRedirector SSL_REDIRECTOR; }; /** * Implementation of CorsPolicy that reads from the proto route and virtual host config. */ class CorsPolicyImpl : public CorsPolicy { public: CorsPolicyImpl(const envoy::config::route::v3::CorsPolicy& config, Runtime::Loader& loader); // Router::CorsPolicy const std::vector& allowOrigins() const override { return allow_origins_; }; const std::string& allowMethods() const override { return allow_methods_; }; const std::string& allowHeaders() const override { return allow_headers_; }; const std::string& exposeHeaders() const override { return expose_headers_; }; const std::string& maxAge() const override { return max_age_; }; const absl::optional& allowCredentials() const override { return allow_credentials_; }; bool enabled() const override { if (config_.has_filter_enabled()) { const auto& filter_enabled = config_.filter_enabled(); return loader_.snapshot().featureEnabled(filter_enabled.runtime_key(), filter_enabled.default_value()); } return legacy_enabled_; }; bool shadowEnabled() const override { if (config_.has_shadow_enabled()) { const auto& shadow_enabled = config_.shadow_enabled(); return loader_.snapshot().featureEnabled(shadow_enabled.runtime_key(), shadow_enabled.default_value()); } return false; }; private: const envoy::config::route::v3::CorsPolicy config_; Runtime::Loader& loader_; std::vector allow_origins_; const std::string allow_methods_; const std::string allow_headers_; const std::string expose_headers_; const std::string max_age_; absl::optional allow_credentials_{}; const bool legacy_enabled_; }; class ConfigImpl; /** * Holds all routing configuration for an entire virtual host. */ class VirtualHostImpl : public VirtualHost { public: VirtualHostImpl(const envoy::config::route::v3::VirtualHost& virtual_host, const ConfigImpl& global_route_config, Server::Configuration::ServerFactoryContext& factory_context, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters); RouteConstSharedPtr getRouteFromEntries(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const; const VirtualCluster* virtualClusterFromEntries(const Http::HeaderMap& headers) const; const ConfigImpl& globalRouteConfig() const { return global_route_config_; } const HeaderParser& requestHeaderParser() const { return *request_headers_parser_; } const HeaderParser& responseHeaderParser() const { return *response_headers_parser_; } // Router::VirtualHost const CorsPolicy* corsPolicy() const override { return cors_policy_.get(); } Stats::StatName statName() const override { return stat_name_; } const RateLimitPolicy& rateLimitPolicy() const override { return rate_limit_policy_; } const Config& routeConfig() const override; const RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override; bool includeAttemptCountInRequest() const override { return include_attempt_count_in_request_; } bool includeAttemptCountInResponse() const override { return include_attempt_count_in_response_; } const absl::optional& retryPolicy() const { return retry_policy_; } const absl::optional& hedgePolicy() const { return hedge_policy_; } uint32_t retryShadowBufferLimit() const override { return retry_shadow_buffer_limit_; } private: enum class SslRequirements { None, ExternalOnly, All }; struct VirtualClusterBase : public VirtualCluster { public: VirtualClusterBase(Stats::StatName stat_name, Stats::ScopePtr&& scope) : stat_name_(stat_name), scope_(std::move(scope)), stats_(generateStats(*scope_)) {} // Router::VirtualCluster Stats::StatName statName() const override { return stat_name_; } VirtualClusterStats& stats() const override { return stats_; } private: const Stats::StatName stat_name_; Stats::ScopePtr scope_; mutable VirtualClusterStats stats_; }; struct VirtualClusterEntry : public VirtualClusterBase { VirtualClusterEntry(const envoy::config::route::v3::VirtualCluster& virtual_cluster, Stats::StatNamePool& pool, Stats::Scope& scope); std::vector headers_; }; struct CatchAllVirtualCluster : public VirtualClusterBase { explicit CatchAllVirtualCluster(Stats::StatNamePool& pool, Stats::Scope& scope) : VirtualClusterBase(pool.add("other"), scope.createScope("other")) {} }; static const std::shared_ptr SSL_REDIRECT_ROUTE; Stats::StatNamePool stat_name_pool_; const Stats::StatName stat_name_; Stats::ScopePtr vcluster_scope_; std::vector routes_; std::vector virtual_clusters_; SslRequirements ssl_requirements_; const RateLimitPolicyImpl rate_limit_policy_; std::unique_ptr cors_policy_; const ConfigImpl& global_route_config_; // See note in RouteEntryImplBase::clusterEntry() on why // raw ref to the top level config is currently safe. HeaderParserPtr request_headers_parser_; HeaderParserPtr response_headers_parser_; PerFilterConfigs per_filter_configs_; uint32_t retry_shadow_buffer_limit_{std::numeric_limits::max()}; const bool include_attempt_count_in_request_; const bool include_attempt_count_in_response_; absl::optional retry_policy_; absl::optional hedge_policy_; const CatchAllVirtualCluster virtual_cluster_catch_all_; }; using VirtualHostSharedPtr = std::shared_ptr; /** * Implementation of RetryPolicy that reads from the proto route or virtual host config. */ class RetryPolicyImpl : public RetryPolicy { public: RetryPolicyImpl(const envoy::config::route::v3::RetryPolicy& retry_policy, ProtobufMessage::ValidationVisitor& validation_visitor); RetryPolicyImpl() = default; // Router::RetryPolicy std::chrono::milliseconds perTryTimeout() const override { return per_try_timeout_; } uint32_t numRetries() const override { return num_retries_; } uint32_t retryOn() const override { return retry_on_; } std::vector retryHostPredicates() const override; Upstream::RetryPrioritySharedPtr retryPriority() const override; uint32_t hostSelectionMaxAttempts() const override { return host_selection_attempts_; } const std::vector& retriableStatusCodes() const override { return retriable_status_codes_; } const std::vector& retriableHeaders() const override { return retriable_headers_; } const std::vector& retriableRequestHeaders() const override { return retriable_request_headers_; } absl::optional baseInterval() const override { return base_interval_; } absl::optional maxInterval() const override { return max_interval_; } const std::vector& resetHeaders() const override { return reset_headers_; } std::chrono::milliseconds resetMaxInterval() const override { return reset_max_interval_; } private: std::chrono::milliseconds per_try_timeout_{0}; // We set the number of retries to 1 by default (i.e. when no route or vhost level retry policy is // set) so that when retries get enabled through the x-envoy-retry-on header we default to 1 // retry. uint32_t num_retries_{1}; uint32_t retry_on_{}; // Each pair contains the name and config proto to be used to create the RetryHostPredicates // that should be used when with this policy. std::vector> retry_host_predicate_configs_; Upstream::RetryPrioritySharedPtr retry_priority_; // Name and config proto to use to create the RetryPriority to use with this policy. Default // initialized when no RetryPriority should be used. std::pair retry_priority_config_; uint32_t host_selection_attempts_{1}; std::vector retriable_status_codes_; std::vector retriable_headers_; std::vector retriable_request_headers_; absl::optional base_interval_; absl::optional max_interval_; std::vector reset_headers_{}; std::chrono::milliseconds reset_max_interval_{300000}; ProtobufMessage::ValidationVisitor* validation_visitor_{}; }; /** * Implementation of ShadowPolicy that reads from the proto route config. */ class ShadowPolicyImpl : public ShadowPolicy { public: using RequestMirrorPolicy = envoy::config::route::v3::RouteAction::RequestMirrorPolicy; explicit ShadowPolicyImpl(const RequestMirrorPolicy& config); // Router::ShadowPolicy const std::string& cluster() const override { return cluster_; } const std::string& runtimeKey() const override { return runtime_key_; } const envoy::type::v3::FractionalPercent& defaultValue() const override { return default_value_; } bool traceSampled() const override { return trace_sampled_; } private: std::string cluster_; std::string runtime_key_; envoy::type::v3::FractionalPercent default_value_; bool trace_sampled_; }; /** * Implementation of HedgePolicy that reads from the proto route or virtual host config. */ class HedgePolicyImpl : public HedgePolicy { public: explicit HedgePolicyImpl(const envoy::config::route::v3::HedgePolicy& hedge_policy); HedgePolicyImpl(); // Router::HedgePolicy uint32_t initialRequests() const override { return initial_requests_; } const envoy::type::v3::FractionalPercent& additionalRequestChance() const override { return additional_request_chance_; } bool hedgeOnPerTryTimeout() const override { return hedge_on_per_try_timeout_; } private: const uint32_t initial_requests_; const envoy::type::v3::FractionalPercent additional_request_chance_; const bool hedge_on_per_try_timeout_; }; /** * Implementation of Decorator that reads from the proto route decorator. */ class DecoratorImpl : public Decorator { public: explicit DecoratorImpl(const envoy::config::route::v3::Decorator& decorator); // Decorator::apply void apply(Tracing::Span& span) const override; // Decorator::getOperation const std::string& getOperation() const override; // Decorator::getOperation bool propagate() const override; private: const std::string operation_; const bool propagate_; }; /** * Implementation of RouteTracing that reads from the proto route tracing. */ class RouteTracingImpl : public RouteTracing { public: explicit RouteTracingImpl(const envoy::config::route::v3::Tracing& tracing); // Tracing::getClientSampling const envoy::type::v3::FractionalPercent& getClientSampling() const override; // Tracing::getRandomSampling const envoy::type::v3::FractionalPercent& getRandomSampling() const override; // Tracing::getOverallSampling const envoy::type::v3::FractionalPercent& getOverallSampling() const override; const Tracing::CustomTagMap& getCustomTags() const override; private: envoy::type::v3::FractionalPercent client_sampling_; envoy::type::v3::FractionalPercent random_sampling_; envoy::type::v3::FractionalPercent overall_sampling_; Tracing::CustomTagMap custom_tags_; }; /** * Implementation of InternalRedirectPolicy that reads from the proto * InternalRedirectPolicy of the RouteAction. */ class InternalRedirectPolicyImpl : public InternalRedirectPolicy { public: // Constructor that enables internal redirect with policy_config controlling the configurable // behaviors. explicit InternalRedirectPolicyImpl( const envoy::config::route::v3::InternalRedirectPolicy& policy_config, ProtobufMessage::ValidationVisitor& validator, absl::string_view current_route_name); // Default constructor that disables internal redirect. InternalRedirectPolicyImpl() = default; bool enabled() const override { return enabled_; } bool shouldRedirectForResponseCode(const Http::Code& response_code) const override { return redirect_response_codes_.contains(response_code); } std::vector predicates() const override; uint32_t maxInternalRedirects() const override { return max_internal_redirects_; } bool isCrossSchemeRedirectAllowed() const override { return allow_cross_scheme_redirect_; } private: absl::flat_hash_set buildRedirectResponseCodes( const envoy::config::route::v3::InternalRedirectPolicy& policy_config) const; const std::string current_route_name_; const absl::flat_hash_set redirect_response_codes_; const uint32_t max_internal_redirects_{1}; const bool enabled_{false}; const bool allow_cross_scheme_redirect_{false}; std::vector> predicate_factories_; }; /** * Base implementation for all route entries. */ class RouteEntryImplBase : public RouteEntry, public Matchable, public DirectResponseEntry, public Route, public PathMatchCriterion, public std::enable_shared_from_this, Logger::Loggable { public: /** * @throw EnvoyException with reason if the route configuration contains any errors */ RouteEntryImplBase(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); bool isDirectResponse() const { return direct_response_code_.has_value(); } bool isRedirect() const { if (!isDirectResponse()) { return false; } return !host_redirect_.empty() || !path_redirect_.empty() || !prefix_rewrite_redirect_.empty(); } bool matchRoute(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const; void validateClusters(Upstream::ClusterManager& cm) const; // Router::RouteEntry const std::string& clusterName() const override; Http::Code clusterNotFoundResponseCode() const override { return cluster_not_found_response_code_; } const std::string& routeName() const override { return route_name_; } const CorsPolicy* corsPolicy() const override { return cors_policy_.get(); } void finalizeRequestHeaders(Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, bool insert_envoy_original_path) const override; void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const override; const Http::HashPolicy* hashPolicy() const override { return hash_policy_.get(); } const HedgePolicy& hedgePolicy() const override { return hedge_policy_; } const MetadataMatchCriteria* metadataMatchCriteria() const override { return metadata_match_criteria_.get(); } const TlsContextMatchCriteria* tlsContextMatchCriteria() const override { return tls_context_match_criteria_.get(); } Upstream::ResourcePriority priority() const override { return priority_; } const RateLimitPolicy& rateLimitPolicy() const override { return rate_limit_policy_; } const RetryPolicy& retryPolicy() const override { return retry_policy_; } const InternalRedirectPolicy& internalRedirectPolicy() const override { return internal_redirect_policy_; } uint32_t retryShadowBufferLimit() const override { return retry_shadow_buffer_limit_; } const std::vector& shadowPolicies() const override { return shadow_policies_; } const VirtualCluster* virtualCluster(const Http::HeaderMap& headers) const override { return vhost_.virtualClusterFromEntries(headers); } std::chrono::milliseconds timeout() const override { return timeout_; } absl::optional idleTimeout() const override { return idle_timeout_; } absl::optional maxStreamDuration() const override { return max_stream_duration_; } absl::optional grpcTimeoutHeaderMax() const override { return grpc_timeout_header_max_; } absl::optional grpcTimeoutHeaderOffset() const override { return grpc_timeout_header_offset_; } absl::optional maxGrpcTimeout() const override { return max_grpc_timeout_; } absl::optional grpcTimeoutOffset() const override { return grpc_timeout_offset_; } const VirtualHost& virtualHost() const override { return vhost_; } bool autoHostRewrite() const override { return auto_host_rewrite_; } const std::multimap& opaqueConfig() const override { return opaque_config_; } bool includeVirtualHostRateLimits() const override { return include_vh_rate_limits_; } const envoy::config::core::v3::Metadata& metadata() const override { return metadata_; } const Envoy::Config::TypedMetadata& typedMetadata() const override { return typed_metadata_; } const PathMatchCriterion& pathMatchCriterion() const override { return *this; } bool includeAttemptCountInRequest() const override { return vhost_.includeAttemptCountInRequest(); } bool includeAttemptCountInResponse() const override { return vhost_.includeAttemptCountInResponse(); } const absl::optional& connectConfig() const override { return connect_config_; } const UpgradeMap& upgradeMap() const override { return upgrade_map_; } // Router::DirectResponseEntry std::string newPath(const Http::RequestHeaderMap& headers) const override; absl::string_view processRequestHost(const Http::RequestHeaderMap& headers, absl::string_view new_scheme, absl::string_view new_port) const; void rewritePathHeader(Http::RequestHeaderMap&, bool) const override {} Http::Code responseCode() const override { return direct_response_code_.value(); } const std::string& responseBody() const override { return direct_response_body_; } // Router::Route const DirectResponseEntry* directResponseEntry() const override; const RouteEntry* routeEntry() const override; const Decorator* decorator() const override { return decorator_.get(); } const RouteTracing* tracingConfig() const override { return route_tracing_.get(); } const RouteSpecificFilterConfig* perFilterConfig(const std::string&) const override; protected: const bool case_sensitive_; const std::string prefix_rewrite_; Regex::CompiledMatcherPtr regex_rewrite_; std::string regex_rewrite_substitution_; const std::string host_rewrite_; bool include_vh_rate_limits_; absl::optional connect_config_; RouteConstSharedPtr clusterEntry(const Http::HeaderMap& headers, uint64_t random_value) const; /** * returns the correct path rewrite string for this route. */ const std::string& getPathRewrite() const { return (isRedirect()) ? prefix_rewrite_redirect_ : prefix_rewrite_; } void finalizePathHeader(Http::RequestHeaderMap& headers, absl::string_view matched_path, bool insert_envoy_original_path) const; private: struct RuntimeData { std::string fractional_runtime_key_{}; envoy::type::v3::FractionalPercent fractional_runtime_default_{}; }; class DynamicRouteEntry : public RouteEntry, public Route { public: DynamicRouteEntry(const RouteEntryImplBase* parent, const std::string& name) : parent_(parent), cluster_name_(name) {} const std::string& routeName() const override { return parent_->routeName(); } // Router::RouteEntry const std::string& clusterName() const override { return cluster_name_; } Http::Code clusterNotFoundResponseCode() const override { return parent_->clusterNotFoundResponseCode(); } void finalizeRequestHeaders(Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, bool insert_envoy_original_path) const override { return parent_->finalizeRequestHeaders(headers, stream_info, insert_envoy_original_path); } void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const override { return parent_->finalizeResponseHeaders(headers, stream_info); } const CorsPolicy* corsPolicy() const override { return parent_->corsPolicy(); } const Http::HashPolicy* hashPolicy() const override { return parent_->hashPolicy(); } const HedgePolicy& hedgePolicy() const override { return parent_->hedgePolicy(); } Upstream::ResourcePriority priority() const override { return parent_->priority(); } const RateLimitPolicy& rateLimitPolicy() const override { return parent_->rateLimitPolicy(); } const RetryPolicy& retryPolicy() const override { return parent_->retryPolicy(); } const InternalRedirectPolicy& internalRedirectPolicy() const override { return parent_->internalRedirectPolicy(); } uint32_t retryShadowBufferLimit() const override { return parent_->retryShadowBufferLimit(); } const std::vector& shadowPolicies() const override { return parent_->shadowPolicies(); } std::chrono::milliseconds timeout() const override { return parent_->timeout(); } absl::optional idleTimeout() const override { return parent_->idleTimeout(); } absl::optional maxStreamDuration() const override { return parent_->max_stream_duration_; } absl::optional grpcTimeoutHeaderMax() const override { return parent_->grpc_timeout_header_max_; } absl::optional grpcTimeoutHeaderOffset() const override { return parent_->grpc_timeout_header_offset_; } absl::optional maxGrpcTimeout() const override { return parent_->maxGrpcTimeout(); } absl::optional grpcTimeoutOffset() const override { return parent_->grpcTimeoutOffset(); } const MetadataMatchCriteria* metadataMatchCriteria() const override { return parent_->metadataMatchCriteria(); } const TlsContextMatchCriteria* tlsContextMatchCriteria() const override { return parent_->tlsContextMatchCriteria(); } const VirtualCluster* virtualCluster(const Http::HeaderMap& headers) const override { return parent_->virtualCluster(headers); } const std::multimap& opaqueConfig() const override { return parent_->opaqueConfig(); } const VirtualHost& virtualHost() const override { return parent_->virtualHost(); } bool autoHostRewrite() const override { return parent_->autoHostRewrite(); } bool includeVirtualHostRateLimits() const override { return parent_->includeVirtualHostRateLimits(); } const envoy::config::core::v3::Metadata& metadata() const override { return parent_->metadata(); } const Envoy::Config::TypedMetadata& typedMetadata() const override { return parent_->typedMetadata(); } const PathMatchCriterion& pathMatchCriterion() const override { return parent_->pathMatchCriterion(); } bool includeAttemptCountInRequest() const override { return parent_->includeAttemptCountInRequest(); } bool includeAttemptCountInResponse() const override { return parent_->includeAttemptCountInResponse(); } const absl::optional& connectConfig() const override { return parent_->connectConfig(); } const UpgradeMap& upgradeMap() const override { return parent_->upgradeMap(); } // Router::Route const DirectResponseEntry* directResponseEntry() const override { return nullptr; } const RouteEntry* routeEntry() const override { return this; } const Decorator* decorator() const override { return parent_->decorator(); } const RouteTracing* tracingConfig() const override { return parent_->tracingConfig(); } const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const override { return parent_->perFilterConfig(name); }; private: const RouteEntryImplBase* parent_; const std::string cluster_name_; }; /** * Route entry implementation for weighted clusters. The RouteEntryImplBase object holds * one or more weighted cluster objects, where each object has a back pointer to the parent * RouteEntryImplBase object. Almost all functions in this class forward calls back to the * parent, with the exception of clusterName, routeEntry, and metadataMatchCriteria. */ class WeightedClusterEntry : public DynamicRouteEntry { public: WeightedClusterEntry(const RouteEntryImplBase* parent, const std::string& rutime_key, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, const envoy::config::route::v3::WeightedCluster::ClusterWeight& cluster); uint64_t clusterWeight() const { return loader_.snapshot().getInteger(runtime_key_, cluster_weight_); } const MetadataMatchCriteria* metadataMatchCriteria() const override { if (cluster_metadata_match_criteria_) { return cluster_metadata_match_criteria_.get(); } return DynamicRouteEntry::metadataMatchCriteria(); } void finalizeRequestHeaders(Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, bool insert_envoy_original_path) const override { request_headers_parser_->evaluateHeaders(headers, stream_info); DynamicRouteEntry::finalizeRequestHeaders(headers, stream_info, insert_envoy_original_path); } void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const override { response_headers_parser_->evaluateHeaders(headers, stream_info); DynamicRouteEntry::finalizeResponseHeaders(headers, stream_info); } const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const override; private: const std::string runtime_key_; Runtime::Loader& loader_; const uint64_t cluster_weight_; MetadataMatchCriteriaConstPtr cluster_metadata_match_criteria_; HeaderParserPtr request_headers_parser_; HeaderParserPtr response_headers_parser_; PerFilterConfigs per_filter_configs_; }; using WeightedClusterEntrySharedPtr = std::shared_ptr; absl::optional loadRuntimeData(const envoy::config::route::v3::RouteMatch& route); static std::multimap parseOpaqueConfig(const envoy::config::route::v3::Route& route); static DecoratorConstPtr parseDecorator(const envoy::config::route::v3::Route& route); static RouteTracingConstPtr parseRouteTracing(const envoy::config::route::v3::Route& route); bool evaluateRuntimeMatch(const uint64_t random_value) const; bool evaluateTlsContextMatch(const StreamInfo::StreamInfo& stream_info) const; HedgePolicyImpl buildHedgePolicy(const absl::optional& vhost_hedge_policy, const envoy::config::route::v3::RouteAction& route_config) const; RetryPolicyImpl buildRetryPolicy(const absl::optional& vhost_retry_policy, const envoy::config::route::v3::RouteAction& route_config, ProtobufMessage::ValidationVisitor& validation_visitor) const; InternalRedirectPolicyImpl buildInternalRedirectPolicy(const envoy::config::route::v3::RouteAction& route_config, ProtobufMessage::ValidationVisitor& validator, absl::string_view current_route_name) const; // Default timeout is 15s if nothing is specified in the route config. static const uint64_t DEFAULT_ROUTE_TIMEOUT_MS = 15000; std::unique_ptr cors_policy_; const VirtualHostImpl& vhost_; // See note in RouteEntryImplBase::clusterEntry() on why raw ref // to virtual host is currently safe. const bool auto_host_rewrite_; const absl::optional auto_host_rewrite_header_; const Regex::CompiledMatcherPtr host_rewrite_path_regex_; const std::string host_rewrite_path_regex_substitution_; const std::string cluster_name_; const Http::LowerCaseString cluster_header_name_; const Http::Code cluster_not_found_response_code_; const std::chrono::milliseconds timeout_; const absl::optional idle_timeout_; const absl::optional max_stream_duration_; const absl::optional grpc_timeout_header_max_; const absl::optional grpc_timeout_header_offset_; const absl::optional max_grpc_timeout_; const absl::optional grpc_timeout_offset_; Runtime::Loader& loader_; const absl::optional runtime_; const std::string scheme_redirect_; const std::string host_redirect_; const std::string port_redirect_; const std::string path_redirect_; const bool path_redirect_has_query_; const bool enable_preserve_query_in_path_redirects_; const bool https_redirect_; const std::string prefix_rewrite_redirect_; const bool strip_query_; const HedgePolicyImpl hedge_policy_; const RetryPolicyImpl retry_policy_; const InternalRedirectPolicyImpl internal_redirect_policy_; const RateLimitPolicyImpl rate_limit_policy_; std::vector shadow_policies_; const Upstream::ResourcePriority priority_; std::vector config_headers_; std::vector config_query_parameters_; std::vector weighted_clusters_; UpgradeMap upgrade_map_; const uint64_t total_cluster_weight_; std::unique_ptr hash_policy_; MetadataMatchCriteriaConstPtr metadata_match_criteria_; TlsContextMatchCriteriaConstPtr tls_context_match_criteria_; HeaderParserPtr request_headers_parser_; HeaderParserPtr response_headers_parser_; uint32_t retry_shadow_buffer_limit_{std::numeric_limits::max()}; envoy::config::core::v3::Metadata metadata_; Envoy::Config::TypedMetadataImpl typed_metadata_; const bool match_grpc_; // TODO(danielhochman): refactor multimap into unordered_map since JSON is unordered map. const std::multimap opaque_config_; const DecoratorConstPtr decorator_; const RouteTracingConstPtr route_tracing_; const absl::optional direct_response_code_; std::string direct_response_body_; PerFilterConfigs per_filter_configs_; const std::string route_name_; TimeSource& time_source_; }; /** * Route entry implementation for prefix path match routing. */ class PrefixRouteEntryImpl : public RouteEntryImplBase { public: PrefixRouteEntryImpl(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); // Router::PathMatchCriterion const std::string& matcher() const override { return prefix_; } PathMatchType matchType() const override { return PathMatchType::Prefix; } // Router::Matchable RouteConstSharedPtr matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override; // Router::DirectResponseEntry void rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const override; private: const std::string prefix_; const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** * Route entry implementation for exact path match routing. */ class PathRouteEntryImpl : public RouteEntryImplBase { public: PathRouteEntryImpl(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); // Router::PathMatchCriterion const std::string& matcher() const override { return path_; } PathMatchType matchType() const override { return PathMatchType::Exact; } // Router::Matchable RouteConstSharedPtr matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override; // Router::DirectResponseEntry void rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const override; private: const std::string path_; const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** * Route entry implementation for regular expression match routing. */ class RegexRouteEntryImpl : public RouteEntryImplBase { public: RegexRouteEntryImpl(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); // Router::PathMatchCriterion const std::string& matcher() const override { return regex_str_; } PathMatchType matchType() const override { return PathMatchType::Regex; } // Router::Matchable RouteConstSharedPtr matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override; // Router::DirectResponseEntry void rewritePathHeader(Http::RequestHeaderMap& headers, bool insert_envoy_original_path) const override; private: Regex::CompiledMatcherPtr regex_; std::string regex_str_; }; /** * Route entry implementation for CONNECT requests. */ class ConnectRouteEntryImpl : public RouteEntryImplBase { public: ConnectRouteEntryImpl(const VirtualHostImpl& vhost, const envoy::config::route::v3::Route& route, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator); // Router::PathMatchCriterion const std::string& matcher() const override { return EMPTY_STRING; } PathMatchType matchType() const override { return PathMatchType::None; } // Router::Matchable RouteConstSharedPtr matches(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override; // Router::DirectResponseEntry void rewritePathHeader(Http::RequestHeaderMap&, bool) const override; bool supportsPathlessHeaders() const override { return true; } }; /** * Wraps the route configuration which matches an incoming request headers to a backend cluster. * This is split out mainly to help with unit testing. */ class RouteMatcher { public: RouteMatcher(const envoy::config::route::v3::RouteConfiguration& config, const ConfigImpl& global_http_config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters); RouteConstSharedPtr route(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const; const VirtualHostImpl* findVirtualHost(const Http::RequestHeaderMap& headers) const; private: using WildcardVirtualHosts = std::map, std::greater<>>; using SubstringFunction = std::function; const VirtualHostImpl* findWildcardVirtualHost(const std::string& host, const WildcardVirtualHosts& wildcard_virtual_hosts, SubstringFunction substring_function) const; Stats::ScopePtr vhost_scope_; absl::node_hash_map virtual_hosts_; // std::greater as a minor optimization to iterate from more to less specific // // A note on using an unordered_map versus a vector of (string, VirtualHostSharedPtr) pairs: // // Based on local benchmarks, each vector entry costs around 20ns for recall and (string) // comparison with a fixed cost of about 25ns. For unordered_map, the empty map costs about 65ns // and climbs to about 110ns once there are any entries. // // The break-even is 4 entries. WildcardVirtualHosts wildcard_virtual_host_suffixes_; WildcardVirtualHosts wildcard_virtual_host_prefixes_; VirtualHostSharedPtr default_virtual_host_; }; /** * Implementation of Config that reads from a proto file. */ class ConfigImpl : public Config { public: ConfigImpl(const envoy::config::route::v3::RouteConfiguration& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, bool validate_clusters_default); const HeaderParser& requestHeaderParser() const { return *request_headers_parser_; }; const HeaderParser& responseHeaderParser() const { return *response_headers_parser_; }; bool virtualHostExists(const Http::RequestHeaderMap& headers) const { return route_matcher_->findVirtualHost(headers) != nullptr; } // Router::Config RouteConstSharedPtr route(const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override { return route(nullptr, headers, stream_info, random_value); } RouteConstSharedPtr route(const RouteCallback& cb, const Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& stream_info, uint64_t random_value) const override; const std::list& internalOnlyHeaders() const override { return internal_only_headers_; } const std::string& name() const override { return name_; } bool usesVhds() const override { return uses_vhds_; } bool mostSpecificHeaderMutationsWins() const override { return most_specific_header_mutations_wins_; } private: std::unique_ptr route_matcher_; std::list internal_only_headers_; HeaderParserPtr request_headers_parser_; HeaderParserPtr response_headers_parser_; const std::string name_; Stats::SymbolTable& symbol_table_; const bool uses_vhds_; const bool most_specific_header_mutations_wins_; }; /** * Implementation of Config that is empty. */ class NullConfigImpl : public Config { public: // Router::Config RouteConstSharedPtr route(const Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, uint64_t) const override { return nullptr; } RouteConstSharedPtr route(const RouteCallback&, const Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, uint64_t) const override { return nullptr; } const std::list& internalOnlyHeaders() const override { return internal_only_headers_; } const std::string& name() const override { return name_; } bool usesVhds() const override { return false; } bool mostSpecificHeaderMutationsWins() const override { return false; } private: std::list internal_only_headers_; const std::string name_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/config_utility.cc ================================================ #include "common/router/config_utility.h" #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "common/common/assert.h" #include "common/common/regex.h" namespace Envoy { namespace Router { namespace { absl::optional maybeCreateStringMatcher(const envoy::config::route::v3::QueryParameterMatcher& config) { switch (config.query_parameter_match_specifier_case()) { case envoy::config::route::v3::QueryParameterMatcher::QueryParameterMatchSpecifierCase:: kStringMatch: { return Matchers::StringMatcherImpl(config.string_match()); } case envoy::config::route::v3::QueryParameterMatcher::QueryParameterMatchSpecifierCase:: kPresentMatch: { return absl::nullopt; } case envoy::config::route::v3::QueryParameterMatcher::QueryParameterMatchSpecifierCase:: QUERY_PARAMETER_MATCH_SPECIFIER_NOT_SET: { if (config.hidden_envoy_deprecated_value().empty()) { // Present match. return absl::nullopt; } envoy::type::matcher::v3::StringMatcher matcher_config; if (config.has_hidden_envoy_deprecated_regex() ? config.hidden_envoy_deprecated_regex().value() : false) { matcher_config.set_hidden_envoy_deprecated_regex(config.hidden_envoy_deprecated_value()); } else { matcher_config.set_exact(config.hidden_envoy_deprecated_value()); } return Matchers::StringMatcherImpl(matcher_config); } } NOT_REACHED_GCOVR_EXCL_LINE; // Needed for gcc } } // namespace ConfigUtility::QueryParameterMatcher::QueryParameterMatcher( const envoy::config::route::v3::QueryParameterMatcher& config) : name_(config.name()), matcher_(maybeCreateStringMatcher(config)) {} bool ConfigUtility::QueryParameterMatcher::matches( const Http::Utility::QueryParams& request_query_params) const { auto query_param = request_query_params.find(name_); if (query_param == request_query_params.end()) { return false; } else if (!matcher_.has_value()) { // Present match. return true; } else { return matcher_.value().match(query_param->second); } } Upstream::ResourcePriority ConfigUtility::parsePriority(const envoy::config::core::v3::RoutingPriority& priority) { switch (priority) { case envoy::config::core::v3::DEFAULT: return Upstream::ResourcePriority::Default; case envoy::config::core::v3::HIGH: return Upstream::ResourcePriority::High; default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool ConfigUtility::matchQueryParams( const Http::Utility::QueryParams& query_params, const std::vector& config_query_params) { for (const auto& config_query_param : config_query_params) { if (!config_query_param->matches(query_params)) { return false; } } return true; } Http::Code ConfigUtility::parseRedirectResponseCode( const envoy::config::route::v3::RedirectAction::RedirectResponseCode& code) { switch (code) { case envoy::config::route::v3::RedirectAction::MOVED_PERMANENTLY: return Http::Code::MovedPermanently; case envoy::config::route::v3::RedirectAction::FOUND: return Http::Code::Found; case envoy::config::route::v3::RedirectAction::SEE_OTHER: return Http::Code::SeeOther; case envoy::config::route::v3::RedirectAction::TEMPORARY_REDIRECT: return Http::Code::TemporaryRedirect; case envoy::config::route::v3::RedirectAction::PERMANENT_REDIRECT: return Http::Code::PermanentRedirect; default: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional ConfigUtility::parseDirectResponseCode(const envoy::config::route::v3::Route& route) { if (route.has_redirect()) { return parseRedirectResponseCode(route.redirect().response_code()); } else if (route.has_direct_response()) { return static_cast(route.direct_response().status()); } return {}; } std::string ConfigUtility::parseDirectResponseBody(const envoy::config::route::v3::Route& route, Api::Api& api) { static const ssize_t MaxBodySize = 4096; if (!route.has_direct_response() || !route.direct_response().has_body()) { return EMPTY_STRING; } const auto& body = route.direct_response().body(); const std::string& filename = body.filename(); if (!filename.empty()) { if (!api.fileSystem().fileExists(filename)) { throw EnvoyException(fmt::format("response body file {} does not exist", filename)); } const ssize_t size = api.fileSystem().fileSize(filename); if (size < 0) { throw EnvoyException(absl::StrCat("cannot determine size of response body file ", filename)); } if (size > MaxBodySize) { throw EnvoyException(fmt::format("response body file {} size is {} bytes; maximum is {}", filename, size, MaxBodySize)); } return api.fileSystem().fileReadToEnd(filename); } const std::string inline_body(body.inline_bytes().empty() ? body.inline_string() : body.inline_bytes()); if (inline_body.length() > MaxBodySize) { throw EnvoyException(fmt::format("response body size is {} bytes; maximum is {}", inline_body.length(), MaxBodySize)); } return inline_body; } Http::Code ConfigUtility::parseClusterNotFoundResponseCode( const envoy::config::route::v3::RouteAction::ClusterNotFoundResponseCode& code) { switch (code) { case envoy::config::route::v3::RouteAction::SERVICE_UNAVAILABLE: return Http::Code::ServiceUnavailable; case envoy::config::route::v3::RouteAction::NOT_FOUND: return Http::Code::NotFound; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/config_utility.h ================================================ #pragma once #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/codes.h" #include "envoy/upstream/resource_manager.h" #include "common/common/empty_string.h" #include "common/common/matchers.h" #include "common/common/utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * Utility routines for loading route configuration and matching runtime request headers. */ class ConfigUtility { public: // A QueryParameterMatcher specifies one "name" or "name=value" element // to match in a request's query string. It is the optimized, runtime // equivalent of the QueryParameterMatcher proto in the RDS v2 API. class QueryParameterMatcher { public: QueryParameterMatcher(const envoy::config::route::v3::QueryParameterMatcher& config); /** * Check if the query parameters for a request contain a match for this * QueryParameterMatcher. * @param request_query_params supplies the parsed query parameters from a request. * @return bool true if a match for this QueryParameterMatcher exists in request_query_params. */ bool matches(const Http::Utility::QueryParams& request_query_params) const; private: const std::string name_; const absl::optional matcher_; }; using QueryParameterMatcherPtr = std::unique_ptr; /** * @return the resource priority parsed from proto. */ static Upstream::ResourcePriority parsePriority(const envoy::config::core::v3::RoutingPriority& priority); /** * See if the query parameters specified in the config are present in a request. * @param query_params supplies the query parameters from the request's query string. * @param config_params supplies the list of configured query param conditions on which to match. * @return bool true if all the query params (and values) in the config_params are found in the * query_params */ static bool matchQueryParams(const Http::Utility::QueryParams& query_params, const std::vector& config_query_params); /** * Returns the redirect HTTP Status Code enum parsed from proto. * @param code supplies the RedirectResponseCode enum. * @return Returns the Http::Code version of the RedirectResponseCode. */ static Http::Code parseRedirectResponseCode( const envoy::config::route::v3::RedirectAction::RedirectResponseCode& code); /** * Returns the HTTP Status Code enum parsed from the route's redirect or direct_response. * @param route supplies the Route configuration. * @return absl::optional the HTTP status from the route's direct_response if * specified, or the HTTP status code from the route's redirect if specified, or an empty * absl::optional otherwise. */ static absl::optional parseDirectResponseCode(const envoy::config::route::v3::Route& route); /** * Returns the content of the response body to send with direct responses from a route. * @param route supplies the Route configuration. * @param api reference to the Api object * @return absl::optional the response body provided inline in the route's * direct_response if specified, or the contents of the file named in the * route's direct_response if specified, or an empty string otherwise. * @throw EnvoyException if the route configuration contains an error. */ static std::string parseDirectResponseBody(const envoy::config::route::v3::Route& route, Api::Api& api); /** * Returns the HTTP Status Code enum parsed from proto. * @param code supplies the ClusterNotFoundResponseCode enum. * @return Returns the Http::Code version of the ClusterNotFoundResponseCode enum. */ static Http::Code parseClusterNotFoundResponseCode( const envoy::config::route::v3::RouteAction::ClusterNotFoundResponseCode& code); }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/debug_config.cc ================================================ #include "common/router/debug_config.h" #include "common/common/macros.h" namespace Envoy { namespace Router { DebugConfig::DebugConfig(bool append_cluster, absl::optional cluster_header, bool append_upstream_host, absl::optional hostname_header, absl::optional host_address_header, bool do_not_forward, absl::optional not_forwarded_header) : append_cluster_(append_cluster), cluster_header_(std::move(cluster_header)), append_upstream_host_(append_upstream_host), hostname_header_(std::move(hostname_header)), host_address_header_(std::move(host_address_header)), do_not_forward_(do_not_forward), not_forwarded_header_(std::move(not_forwarded_header)) {} const std::string& DebugConfig::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.router.debug_config"); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/debug_config.h ================================================ #pragma once #include #include "envoy/http/header_map.h" #include "envoy/stream_info/filter_state.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * Configuration for debugging router behavior. The router tries to look up an instance of this * class by its `key`, in FilterState (via StreamInfo). If it's not present, debugging features are * not enabled. * * There is currently no public API for populating this configuration -- neither globally nor * per-request -- users desiring to use the router debugging features should create and install * their own custom StreamDecoderFilter to set DebugConfig as desired before the router consumes * it. * * This is intended to be temporary, and should be replaced by some proper configuration (e.g. in * router.proto) when we get unified matchers. See https://github.com/envoyproxy/envoy/issues/5569. * * TODO(mergeconflict): Keep this promise. */ struct DebugConfig : public StreamInfo::FilterState::Object { DebugConfig(bool append_cluster, absl::optional cluster_header, bool append_upstream_host, absl::optional hostname_header, absl::optional host_address_header, bool do_not_forward, absl::optional not_forwarded_header); /** * @return the string key for finding DebugConfig, if present, in FilterState. */ static const std::string& key(); /** * Append cluster information as a response header if `append_cluster_` is true. The router will * use `cluster_header_` as the header name, if specified, or 'x-envoy-cluster' by default. */ bool append_cluster_{}; absl::optional cluster_header_; /** * Append upstream host name and address as response headers, if `append_upstream_host_` is true. * The router will use `hostname_header_` and `host_address_header_` as the header names, if * specified, or 'x-envoy-upstream-hostname' and 'x-envoy-upstream-host-address' by default. */ bool append_upstream_host_{}; absl::optional hostname_header_; absl::optional host_address_header_; /** * Do not forward the associated request to the upstream cluster, if `do_not_forward_` is true. * If the router would have forwarded it (assuming all other preconditions are met), it will * instead respond with a 204 "no content." Append `not_forwarded_header_`, if specified, or * 'x-envoy-not-forwarded' by default. Any debug headers specified above (or others introduced by * other filters) will be appended to this empty response. */ bool do_not_forward_{}; absl::optional not_forwarded_header_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/header_formatter.cc ================================================ #include "common/router/header_formatter.h" #include #include "envoy/router/string_accessor.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/config/metadata.h" #include "common/formatter/substitution_formatter.h" #include "common/http/header_map_impl.h" #include "common/json/json_loader.h" #include "common/stream_info/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { namespace { std::string formatUpstreamMetadataParseException(absl::string_view params, const EnvoyException* cause = nullptr) { std::string reason; if (cause != nullptr) { reason = absl::StrCat(", because ", cause->what()); } return absl::StrCat("Invalid header configuration. Expected format " "UPSTREAM_METADATA([\"namespace\", \"k\", ...]), actual format " "UPSTREAM_METADATA", params, reason); } std::string formatPerRequestStateParseException(absl::string_view params) { return absl::StrCat("Invalid header configuration. Expected format " "PER_REQUEST_STATE(), actual format " "PER_REQUEST_STATE", params); } // Parses the parameters for UPSTREAM_METADATA and returns a function suitable for accessing the // specified metadata from an StreamInfo::StreamInfo. Expects a string formatted as: // (["a", "b", "c"]) // There must be at least 2 array elements (a metadata namespace and at least 1 key). std::function parseMetadataField(absl::string_view params_str, bool upstream = true) { params_str = StringUtil::trim(params_str); if (params_str.empty() || params_str.front() != '(' || params_str.back() != ')') { throw EnvoyException(formatUpstreamMetadataParseException(params_str)); } absl::string_view json = params_str.substr(1, params_str.size() - 2); // trim parens std::vector params; try { Json::ObjectSharedPtr parsed_params = Json::Factory::loadFromString(std::string(json)); for (const auto& param : parsed_params->asObjectArray()) { params.emplace_back(param->asString()); } } catch (Json::Exception& e) { throw EnvoyException(formatUpstreamMetadataParseException(params_str, &e)); } // Minimum parameters are a metadata namespace (e.g. "envoy.lb") and a metadata key. if (params.size() < 2) { throw EnvoyException(formatUpstreamMetadataParseException(params_str)); } return [upstream, params](const Envoy::StreamInfo::StreamInfo& stream_info) -> std::string { const envoy::config::core::v3::Metadata* metadata = nullptr; if (upstream) { Upstream::HostDescriptionConstSharedPtr host = stream_info.upstreamHost(); if (!host) { return std::string(); } metadata = host->metadata().get(); } else { metadata = &(stream_info.dynamicMetadata()); } const ProtobufWkt::Value* value = &::Envoy::Config::Metadata::metadataValue(metadata, params[0], params[1]); if (value->kind_case() == ProtobufWkt::Value::KIND_NOT_SET) { // No kind indicates default ProtobufWkt::Value which means namespace or key not // found. return std::string(); } size_t i = 2; while (i < params.size()) { if (!value->has_struct_value()) { break; } const auto field_it = value->struct_value().fields().find(params[i]); if (field_it == value->struct_value().fields().end()) { return std::string(); } value = &field_it->second; i++; } if (i < params.size()) { // Didn't find all the keys. return std::string(); } switch (value->kind_case()) { case ProtobufWkt::Value::kNumberValue: return fmt::format("{:g}", value->number_value()); case ProtobufWkt::Value::kStringValue: return value->string_value(); case ProtobufWkt::Value::kBoolValue: return value->bool_value() ? "true" : "false"; default: // Unsupported type or null value. ENVOY_LOG_MISC(debug, "unsupported value type for metadata [{}]", absl::StrJoin(params, ", ")); return std::string(); } }; } // Parses the parameters for PER_REQUEST_STATE and returns a function suitable for accessing the // specified metadata from an StreamInfo::StreamInfo. Expects a string formatted as: // () // The state name is expected to be in reverse DNS format, though this is not enforced by // this function. std::function parsePerRequestStateField(absl::string_view param_str) { absl::string_view modified_param_str = StringUtil::trim(param_str); if (modified_param_str.empty() || modified_param_str.front() != '(' || modified_param_str.back() != ')') { throw EnvoyException(formatPerRequestStateParseException(param_str)); } modified_param_str = modified_param_str.substr(1, modified_param_str.size() - 2); // trim parens if (modified_param_str.empty()) { throw EnvoyException(formatPerRequestStateParseException(param_str)); } std::string param(modified_param_str); return [param](const Envoy::StreamInfo::StreamInfo& stream_info) -> std::string { const Envoy::StreamInfo::FilterState& filter_state = stream_info.filterState(); // No such value means don't output anything. if (!filter_state.hasDataWithName(param)) { return std::string(); } // Value exists but isn't string accessible is a contract violation; throw an error. if (!filter_state.hasData(param)) { ENVOY_LOG_MISC(debug, "Invalid header information: PER_REQUEST_STATE value \"{}\" " "exists but is not string accessible", param); return std::string(); } return std::string(filter_state.getDataReadOnly(param).asString()); }; } // Parses the parameter for REQ and returns a function suitable for accessing the specified // request header from an StreamInfo::StreamInfo. Expects a string formatted as: // () std::function parseRequestHeader(absl::string_view param) { param = StringUtil::trim(param); if (param.empty() || param.front() != '(') { throw EnvoyException(fmt::format("Invalid header configuration. Expected format " "REQ(), actual format REQ{}", param)); } ASSERT(param.back() == ')'); // Ensured by header_parser. param = param.substr(1, param.size() - 2); // Trim parens. Http::LowerCaseString header_name{std::string(param)}; return [header_name](const Envoy::StreamInfo::StreamInfo& stream_info) -> std::string { if (const auto* request_headers = stream_info.getRequestHeaders()) { if (const auto* entry = request_headers->get(header_name)) { return std::string(entry->value().getStringView()); } } return std::string(); }; } // Helper that handles the case when the ConnectionInfo is missing or if the desired value is // empty. StreamInfoHeaderFormatter::FieldExtractor sslConnectionInfoStringHeaderExtractor( std::function string_extractor) { return [string_extractor](const StreamInfo::StreamInfo& stream_info) { if (stream_info.downstreamSslConnection() == nullptr) { return std::string(); } return string_extractor(*stream_info.downstreamSslConnection()); }; } // Helper that handles the case when the desired time field is empty. StreamInfoHeaderFormatter::FieldExtractor sslConnectionInfoStringTimeHeaderExtractor( std::function(const Ssl::ConnectionInfo& connection_info)> time_extractor) { return sslConnectionInfoStringHeaderExtractor( [time_extractor](const Ssl::ConnectionInfo& connection_info) { absl::optional time = time_extractor(connection_info); if (!time.has_value()) { return std::string(); } return AccessLogDateTimeFormatter::fromTime(time.value()); }); } } // namespace StreamInfoHeaderFormatter::StreamInfoHeaderFormatter(absl::string_view field_name, bool append) : append_(append) { if (field_name == "PROTOCOL") { field_extractor_ = [](const Envoy::StreamInfo::StreamInfo& stream_info) { return Envoy::Formatter::SubstitutionFormatUtils::protocolToStringOrDefault( stream_info.protocol()); }; } else if (field_name == "DOWNSTREAM_REMOTE_ADDRESS") { field_extractor_ = [](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamRemoteAddress()->asString(); }; } else if (field_name == "DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT") { field_extractor_ = [](const Envoy::StreamInfo::StreamInfo& stream_info) { return StreamInfo::Utility::formatDownstreamAddressNoPort( *stream_info.downstreamRemoteAddress()); }; } else if (field_name == "DOWNSTREAM_LOCAL_ADDRESS") { field_extractor_ = [](const StreamInfo::StreamInfo& stream_info) { return stream_info.downstreamLocalAddress()->asString(); }; } else if (field_name == "DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT") { field_extractor_ = [](const Envoy::StreamInfo::StreamInfo& stream_info) { return StreamInfo::Utility::formatDownstreamAddressNoPort( *stream_info.downstreamLocalAddress()); }; } else if (field_name == "DOWNSTREAM_LOCAL_PORT") { field_extractor_ = [](const Envoy::StreamInfo::StreamInfo& stream_info) { return StreamInfo::Utility::formatDownstreamAddressJustPort( *stream_info.downstreamLocalAddress()); }; } else if (field_name == "DOWNSTREAM_PEER_URI_SAN") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return absl::StrJoin(connection_info.uriSanPeerCertificate(), ","); }); } else if (field_name == "DOWNSTREAM_LOCAL_URI_SAN") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return absl::StrJoin(connection_info.uriSanLocalCertificate(), ","); }); } else if (field_name == "DOWNSTREAM_PEER_ISSUER") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.issuerPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_SUBJECT") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.subjectPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_LOCAL_SUBJECT") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.subjectLocalCertificate(); }); } else if (field_name == "DOWNSTREAM_TLS_SESSION_ID") { field_extractor_ = sslConnectionInfoStringHeaderExtractor( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.sessionId(); }); } else if (field_name == "DOWNSTREAM_TLS_CIPHER") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.ciphersuiteString(); }); } else if (field_name == "DOWNSTREAM_TLS_VERSION") { field_extractor_ = sslConnectionInfoStringHeaderExtractor( [](const Ssl::ConnectionInfo& connection_info) { return connection_info.tlsVersion(); }); } else if (field_name == "DOWNSTREAM_PEER_FINGERPRINT_256") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.sha256PeerCertificateDigest(); }); } else if (field_name == "DOWNSTREAM_PEER_FINGERPRINT_1") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.sha1PeerCertificateDigest(); }); } else if (field_name == "DOWNSTREAM_PEER_SERIAL") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.serialNumberPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_CERT") { field_extractor_ = sslConnectionInfoStringHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.urlEncodedPemEncodedPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_CERT_V_START") { field_extractor_ = sslConnectionInfoStringTimeHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.validFromPeerCertificate(); }); } else if (field_name == "DOWNSTREAM_PEER_CERT_V_END") { field_extractor_ = sslConnectionInfoStringTimeHeaderExtractor([](const Ssl::ConnectionInfo& connection_info) { return connection_info.expirationPeerCertificate(); }); } else if (field_name == "UPSTREAM_REMOTE_ADDRESS") { field_extractor_ = [](const Envoy::StreamInfo::StreamInfo& stream_info) -> std::string { if (stream_info.upstreamHost()) { return stream_info.upstreamHost()->address()->asString(); } return ""; }; } else if (absl::StartsWith(field_name, "START_TIME")) { const std::string pattern = fmt::format("%{}%", field_name); if (start_time_formatters_.find(pattern) == start_time_formatters_.end()) { start_time_formatters_.emplace( std::make_pair(pattern, Formatter::SubstitutionFormatParser::parse(pattern))); } field_extractor_ = [this, pattern](const Envoy::StreamInfo::StreamInfo& stream_info) { const auto& formatters = start_time_formatters_.at(pattern); std::string formatted; for (const auto& formatter : formatters) { const auto bit = formatter->format(*Http::StaticEmptyHeaders::get().request_headers, *Http::StaticEmptyHeaders::get().response_headers, *Http::StaticEmptyHeaders::get().response_trailers, stream_info, absl::string_view()); absl::StrAppend(&formatted, bit.value_or("-")); } return formatted; }; } else if (absl::StartsWith(field_name, "UPSTREAM_METADATA")) { field_extractor_ = parseMetadataField(field_name.substr(STATIC_STRLEN("UPSTREAM_METADATA"))); } else if (absl::StartsWith(field_name, "DYNAMIC_METADATA")) { field_extractor_ = parseMetadataField(field_name.substr(STATIC_STRLEN("DYNAMIC_METADATA")), false); } else if (absl::StartsWith(field_name, "PER_REQUEST_STATE")) { field_extractor_ = parsePerRequestStateField(field_name.substr(STATIC_STRLEN("PER_REQUEST_STATE"))); } else if (absl::StartsWith(field_name, "REQ")) { field_extractor_ = parseRequestHeader(field_name.substr(STATIC_STRLEN("REQ"))); } else if (field_name == "HOSTNAME") { std::string hostname = Envoy::Formatter::SubstitutionFormatUtils::getHostnameOrDefault(); field_extractor_ = [hostname](const StreamInfo::StreamInfo&) { return hostname; }; } else if (field_name == "RESPONSE_FLAGS") { field_extractor_ = [](const StreamInfo::StreamInfo& stream_info) { return StreamInfo::ResponseFlagUtils::toShortString(stream_info); }; } else if (field_name == "RESPONSE_CODE_DETAILS") { field_extractor_ = [](const StreamInfo::StreamInfo& stream_info) -> std::string { if (stream_info.responseCodeDetails().has_value()) { return stream_info.responseCodeDetails().value(); } return ""; }; } else { throw EnvoyException(fmt::format("field '{}' not supported as custom header", field_name)); } } const std::string StreamInfoHeaderFormatter::format(const Envoy::StreamInfo::StreamInfo& stream_info) const { return field_extractor_(stream_info); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/header_formatter.h ================================================ #pragma once #include #include #include #include "envoy/formatter/substitution_formatter.h" #include "absl/container/node_hash_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Router { /** * Interface for all types of header formatters used for custom request headers. */ class HeaderFormatter { public: virtual ~HeaderFormatter() = default; virtual const std::string format(const Envoy::StreamInfo::StreamInfo& stream_info) const PURE; /** * @return bool indicating whether the formatted header should be appended to the existing * headers or replace any existing values for the header */ virtual bool append() const PURE; }; using HeaderFormatterPtr = std::unique_ptr; /** * A formatter that expands the request header variable to a value based on info in StreamInfo. */ class StreamInfoHeaderFormatter : public HeaderFormatter { public: StreamInfoHeaderFormatter(absl::string_view field_name, bool append); // HeaderFormatter::format const std::string format(const Envoy::StreamInfo::StreamInfo& stream_info) const override; bool append() const override { return append_; } using FieldExtractor = std::function; private: FieldExtractor field_extractor_; const bool append_; absl::node_hash_map> start_time_formatters_; }; /** * A formatter that returns back the same static header value. */ class PlainHeaderFormatter : public HeaderFormatter { public: PlainHeaderFormatter(const std::string& static_header_value, bool append) : static_value_(static_header_value), append_(append) {} // HeaderFormatter::format const std::string format(const Envoy::StreamInfo::StreamInfo&) const override { return static_value_; }; bool append() const override { return append_; } private: const std::string static_value_; const bool append_; }; /** * A formatter that produces a value by concatenating the results of multiple HeaderFormatters. */ class CompoundHeaderFormatter : public HeaderFormatter { public: CompoundHeaderFormatter(std::vector&& formatters, bool append) : formatters_(std::move(formatters)), append_(append) {} // HeaderFormatter::format const std::string format(const Envoy::StreamInfo::StreamInfo& stream_info) const override { std::string buf; for (const auto& formatter : formatters_) { buf += formatter->format(stream_info); } return buf; }; bool append() const override { return append_; } private: const std::vector formatters_; const bool append_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/header_parser.cc ================================================ #include "common/router/header_parser.h" #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "common/common/assert.h" #include "common/http/headers.h" #include "common/protobuf/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_replace.h" namespace Envoy { namespace Router { namespace { enum class ParserState { Literal, // processing literal data VariableName, // consuming a %VAR% name ExpectArray, // expect starting [ in %VAR([...])% ExpectString, // expect starting " in array of strings String, // consuming an array element string ExpectArrayDelimiterOrEnd, // expect array delimiter (,) or end of array (]) ExpectArgsEnd, // expect closing ) in %VAR(...)% ExpectVariableEnd // expect closing % in %VAR(...)% }; std::string unescape(absl::string_view sv) { return absl::StrReplaceAll(sv, {{"%%", "%"}}); } // Implements a state machine to parse custom headers. Each character of the custom header format // is either literal text (with % escaped as %%) or part of a %VAR% or %VAR(["args"])% expression. // The statement machine does minimal validation of the arguments (if any) and does not know the // names of valid variables. Interpretation of the variable name and arguments is delegated to // StreamInfoHeaderFormatter. HeaderFormatterPtr parseInternal(const envoy::config::core::v3::HeaderValue& header_value, bool append) { const std::string& key = header_value.key(); // PGV constraints provide this guarantee. ASSERT(!key.empty()); // We reject :path/:authority rewriting, there is already a well defined mechanism to // perform this in the RouteAction, and doing this via request_headers_to_add // will cause us to have to worry about interaction with other aspects of the // RouteAction, e.g. prefix rewriting. We also reject other :-prefixed // headers, since it seems dangerous and there doesn't appear a use case. if (key[0] == ':') { throw EnvoyException(":-prefixed headers may not be modified"); } absl::string_view format(header_value.value()); if (format.empty()) { return std::make_unique("", append); } std::vector formatters; size_t pos = 0, start = 0; ParserState state = ParserState::Literal; do { const char ch = format[pos]; const bool has_next_ch = (pos + 1) < format.size(); switch (state) { case ParserState::Literal: // Searching for start of %VARIABLE% expression. if (ch != '%') { break; } if (!has_next_ch) { throw EnvoyException( fmt::format("Invalid header configuration. Un-escaped % at position {}", pos)); } if (format[pos + 1] == '%') { // Escaped %, skip next character. pos++; break; } // Un-escaped %: start of variable name. Create a formatter for preceding characters, if // any. state = ParserState::VariableName; if (pos > start) { absl::string_view literal = format.substr(start, pos - start); formatters.emplace_back(new PlainHeaderFormatter(unescape(literal), append)); } start = pos + 1; break; case ParserState::VariableName: // Consume "VAR" from "%VAR%" or "%VAR(...)%" if (ch == '%') { // Found complete variable name, add formatter. formatters.emplace_back( new StreamInfoHeaderFormatter(format.substr(start, pos - start), append)); start = pos + 1; state = ParserState::Literal; break; } if (ch == '(') { // Variable with arguments, search for start of arg array. state = ParserState::ExpectArray; } break; case ParserState::ExpectArray: // Skip over whitespace searching for the start of JSON array args. if (ch == '[') { // Search for first argument string state = ParserState::ExpectString; } else if (!isspace(ch)) { // Consume it as a string argument. state = ParserState::String; } break; case ParserState::ExpectArrayDelimiterOrEnd: // Skip over whitespace searching for a comma or close bracket. if (ch == ',') { state = ParserState::ExpectString; } else if (ch == ']') { state = ParserState::ExpectArgsEnd; } else if (!isspace(ch)) { throw EnvoyException(fmt::format( "Invalid header configuration. Expecting ',', ']', or whitespace after '{}', but " "found '{}'", absl::StrCat(format.substr(start, pos - start)), ch)); } break; case ParserState::ExpectString: // Skip over whitespace looking for the starting quote of a JSON string. if (ch == '"') { state = ParserState::String; } else if (!isspace(ch)) { throw EnvoyException(fmt::format( "Invalid header configuration. Expecting '\"' or whitespace after '{}', but found '{}'", absl::StrCat(format.substr(start, pos - start)), ch)); } break; case ParserState::String: // Consume a JSON string (ignoring backslash-escaped chars). if (ch == '\\') { if (!has_next_ch) { throw EnvoyException(fmt::format( "Invalid header configuration. Un-terminated backslash in JSON string after '{}'", absl::StrCat(format.substr(start, pos - start)))); } // Skip escaped char. pos++; } else if (ch == ')') { state = ParserState::ExpectVariableEnd; } else if (ch == '"') { state = ParserState::ExpectArrayDelimiterOrEnd; } break; case ParserState::ExpectArgsEnd: // Search for the closing paren of a %VAR(...)% expression. if (ch == ')') { state = ParserState::ExpectVariableEnd; } else if (!isspace(ch)) { throw EnvoyException(fmt::format( "Invalid header configuration. Expecting ')' or whitespace after '{}', but found '{}'", absl::StrCat(format.substr(start, pos - start)), ch)); } break; case ParserState::ExpectVariableEnd: // Search for closing % of a %VAR(...)% expression if (ch == '%') { formatters.emplace_back( new StreamInfoHeaderFormatter(format.substr(start, pos - start), append)); start = pos + 1; state = ParserState::Literal; break; } if (!isspace(ch)) { throw EnvoyException(fmt::format( "Invalid header configuration. Expecting '%' or whitespace after '{}', but found '{}'", absl::StrCat(format.substr(start, pos - start)), ch)); } break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } while (++pos < format.size()); if (state != ParserState::Literal) { // Parsing terminated mid-variable. throw EnvoyException( fmt::format("Invalid header configuration. Un-terminated variable expression '{}'", absl::StrCat(format.substr(start, pos - start)))); } if (pos > start) { // Trailing constant data. absl::string_view literal = format.substr(start, pos - start); formatters.emplace_back(new PlainHeaderFormatter(unescape(literal), append)); } ASSERT(!formatters.empty()); if (formatters.size() == 1) { return std::move(formatters[0]); } return std::make_unique(std::move(formatters), append); } } // namespace HeaderParserPtr HeaderParser::configure( const Protobuf::RepeatedPtrField& headers_to_add) { HeaderParserPtr header_parser(new HeaderParser()); for (const auto& header_value_option : headers_to_add) { const bool append = PROTOBUF_GET_WRAPPED_OR_DEFAULT(header_value_option, append, true); HeaderFormatterPtr header_formatter = parseInternal(header_value_option.header(), append); header_parser->headers_to_add_.emplace_back( Http::LowerCaseString(header_value_option.header().key()), std::move(header_formatter)); } return header_parser; } HeaderParserPtr HeaderParser::configure( const Protobuf::RepeatedPtrField& headers_to_add, bool append) { HeaderParserPtr header_parser(new HeaderParser()); for (const auto& header_value : headers_to_add) { HeaderFormatterPtr header_formatter = parseInternal(header_value, append); header_parser->headers_to_add_.emplace_back(Http::LowerCaseString(header_value.key()), std::move(header_formatter)); } return header_parser; } HeaderParserPtr HeaderParser::configure( const Protobuf::RepeatedPtrField& headers_to_add, const Protobuf::RepeatedPtrField& headers_to_remove) { HeaderParserPtr header_parser = configure(headers_to_add); for (const auto& header : headers_to_remove) { // We reject :-prefix (e.g. :path) removal here. This is dangerous, since other aspects of // request finalization assume their existence and they are needed for well-formedness in most // cases. if (header[0] == ':' || Http::LowerCaseString(header).get() == "host") { throw EnvoyException(":-prefixed or host headers may not be removed"); } header_parser->headers_to_remove_.emplace_back(header); } return header_parser; } void HeaderParser::evaluateHeaders(Http::HeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const { // Removing headers in the headers_to_remove_ list first makes // remove-before-add the default behavior as expected by users. for (const auto& header : headers_to_remove_) { headers.remove(header); } for (const auto& formatter : headers_to_add_) { const std::string value = formatter.second->format(stream_info); if (!value.empty()) { if (formatter.second->append()) { headers.addReferenceKey(formatter.first, value); } else { headers.setReferenceKey(formatter.first, value); } } } } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/header_parser.h ================================================ #pragma once #include #include #include "envoy/access_log/access_log.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/header_map.h" #include "common/protobuf/protobuf.h" #include "common/router/header_formatter.h" namespace Envoy { namespace Router { class HeaderParser; using HeaderParserPtr = std::unique_ptr; /** * HeaderParser manipulates Http::HeaderMap instances. Headers to be added are pre-parsed to select * between a constant value implementation and a dynamic value implementation based on * StreamInfo::StreamInfo fields. */ class HeaderParser { public: /* * @param headers_to_add defines the headers to add during calls to evaluateHeaders * @return HeaderParserPtr a configured HeaderParserPtr */ static HeaderParserPtr configure( const Protobuf::RepeatedPtrField& headers_to_add); /* * @param headers_to_add defines headers to add during calls to evaluateHeaders. * @param append defines whether headers will be appended or replaced. * @return HeaderParserPtr a configured HeaderParserPtr. */ static HeaderParserPtr configure(const Protobuf::RepeatedPtrField& headers_to_add, bool append); /* * @param headers_to_add defines headers to add during calls to evaluateHeaders * @param headers_to_remove defines headers to remove during calls to evaluateHeaders * @return HeaderParserPtr a configured HeaderParserPtr */ static HeaderParserPtr configure( const Protobuf::RepeatedPtrField& headers_to_add, const Protobuf::RepeatedPtrField& headers_to_remove); void evaluateHeaders(Http::HeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const; protected: HeaderParser() = default; private: std::vector> headers_to_add_; std::vector headers_to_remove_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/metadatamatchcriteria_impl.cc ================================================ #include "common/router/metadatamatchcriteria_impl.h" namespace Envoy { namespace Router { std::vector MetadataMatchCriteriaImpl::extractMetadataMatchCriteria(const MetadataMatchCriteriaImpl* parent, const ProtobufWkt::Struct& matches) { std::vector v; // Track locations of each name (from the parent) in v to make it // easier to replace them when the same name exists in matches. absl::node_hash_map existing; if (parent) { for (const auto& it : parent->metadata_match_criteria_) { // v.size() is the index of the emplaced name. existing.emplace(it->name(), v.size()); v.emplace_back(it); } } // Add values from matches, replacing name/values copied from parent. for (const auto& it : matches.fields()) { const auto index_it = existing.find(it.first); if (index_it != existing.end()) { v[index_it->second] = std::make_shared(it.first, it.second); } else { v.emplace_back(std::make_shared(it.first, it.second)); } } // Sort criteria by name to speed matching in the subset load balancer. // See source/docs/subset_load_balancer.md. std::sort( v.begin(), v.end(), [](const MetadataMatchCriterionConstSharedPtr& a, const MetadataMatchCriterionConstSharedPtr& b) -> bool { return a->name() < b->name(); }); return v; } MetadataMatchCriteriaConstPtr MetadataMatchCriteriaImpl::filterMatchCriteria(const std::set& names) const { std::vector v; // iterating over metadata_match_criteria_ ensures correct order without sorting for (const auto& it : metadata_match_criteria_) { if (names.count(it->name()) == 1) { v.emplace_back(it); } } if (v.empty()) { return nullptr; } return MetadataMatchCriteriaImplConstPtr(new MetadataMatchCriteriaImpl(v)); }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/metadatamatchcriteria_impl.h ================================================ #pragma once #include "envoy/router/router.h" namespace Envoy { namespace Router { class MetadataMatchCriteriaImpl; using MetadataMatchCriteriaImplConstPtr = std::unique_ptr; class MetadataMatchCriteriaImpl : public MetadataMatchCriteria { public: MetadataMatchCriteriaImpl(const ProtobufWkt::Struct& metadata_matches) : metadata_match_criteria_(extractMetadataMatchCriteria(nullptr, metadata_matches)){}; // MetadataMatchCriteria const std::vector& metadataMatchCriteria() const override { return metadata_match_criteria_; } MetadataMatchCriteriaConstPtr mergeMatchCriteria(const ProtobufWkt::Struct& metadata_matches) const override { return MetadataMatchCriteriaImplConstPtr( new MetadataMatchCriteriaImpl(extractMetadataMatchCriteria(this, metadata_matches))); } MetadataMatchCriteriaConstPtr filterMatchCriteria(const std::set& names) const override; private: MetadataMatchCriteriaImpl(const std::vector& criteria) : metadata_match_criteria_(criteria){}; static std::vector extractMetadataMatchCriteria(const MetadataMatchCriteriaImpl* parent, const ProtobufWkt::Struct& metadata_matches); const std::vector metadata_match_criteria_; }; class MetadataMatchCriterionImpl : public MetadataMatchCriterion { public: MetadataMatchCriterionImpl(const std::string& name, const HashedValue& value) : name_(name), value_(value) {} const std::string& name() const override { return name_; } const HashedValue& value() const override { return value_; } private: const std::string name_; const HashedValue value_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/rds_impl.cc ================================================ #include "common/router/rds_impl.h" #include #include #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/api/v2/route.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/api_version.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/http/header_map_impl.h" #include "common/protobuf/utility.h" #include "common/router/config_impl.h" namespace Envoy { namespace Router { RouteConfigProviderSharedPtr RouteConfigProviderUtil::create( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, Init::Manager& init_manager, const std::string& stat_prefix, RouteConfigProviderManager& route_config_provider_manager) { switch (config.route_specifier_case()) { case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kRouteConfig: return route_config_provider_manager.createStaticRouteConfigProvider( config.route_config(), factory_context, validator); case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kRds: return route_config_provider_manager.createRdsRouteConfigProvider( // At the creation of a RDS route config provider, the factory_context's initManager is // always valid, though the init manager may go away later when the listener goes away. config.rds(), factory_context, stat_prefix, init_manager); default: NOT_REACHED_GCOVR_EXCL_LINE; } } StaticRouteConfigProviderImpl::StaticRouteConfigProviderImpl( const envoy::config::route::v3::RouteConfiguration& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, RouteConfigProviderManagerImpl& route_config_provider_manager) : config_(new ConfigImpl(config, factory_context, validator, true)), route_config_proto_{config}, last_updated_(factory_context.timeSource().systemTime()), route_config_provider_manager_(route_config_provider_manager) { route_config_provider_manager_.static_route_config_providers_.insert(this); } StaticRouteConfigProviderImpl::~StaticRouteConfigProviderImpl() { route_config_provider_manager_.static_route_config_providers_.erase(this); } // TODO(htuch): If support for multiple clusters is added per #1170 cluster_name_ RdsRouteConfigSubscription::RdsRouteConfigSubscription( const envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, Envoy::Router::RouteConfigProviderManagerImpl& route_config_provider_manager) : Envoy::Config::SubscriptionBase( rds.config_source().resource_api_version(), factory_context.messageValidationContext().dynamicValidationVisitor(), "name"), route_config_name_(rds.route_config_name()), scope_(factory_context.scope().createScope(stat_prefix + "rds." + route_config_name_ + ".")), factory_context_(factory_context), parent_init_target_(fmt::format("RdsRouteConfigSubscription init {}", route_config_name_), [this]() { local_init_manager_.initialize(local_init_watcher_); }), local_init_watcher_(fmt::format("RDS local-init-watcher {}", rds.route_config_name()), [this]() { parent_init_target_.ready(); }), local_init_target_( fmt::format("RdsRouteConfigSubscription local-init-target {}", route_config_name_), [this]() { subscription_->start({route_config_name_}); }), local_init_manager_(fmt::format("RDS local-init-manager {}", route_config_name_)), stat_prefix_(stat_prefix), stats_({ALL_RDS_STATS(POOL_COUNTER(*scope_))}), route_config_provider_manager_(route_config_provider_manager), manager_identifier_(manager_identifier) { const auto resource_name = getResourceName(); subscription_ = factory_context.clusterManager().subscriptionFactory().subscriptionFromConfigSource( rds.config_source(), Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); local_init_manager_.add(local_init_target_); config_update_info_ = std::make_unique(factory_context.timeSource()); } RdsRouteConfigSubscription::~RdsRouteConfigSubscription() { // If we get destroyed during initialization, make sure we signal that we "initialized". local_init_target_.ready(); // The ownership of RdsRouteConfigProviderImpl is shared among all HttpConnectionManagers that // hold a shared_ptr to it. The RouteConfigProviderManager holds weak_ptrs to the // RdsRouteConfigProviders. Therefore, the map entry for the RdsRouteConfigProvider has to get // cleaned by the RdsRouteConfigProvider's destructor. route_config_provider_manager_.dynamic_route_config_providers_.erase(manager_identifier_); } void RdsRouteConfigSubscription::onConfigUpdate( const std::vector& resources, const std::string& version_info) { if (!validateUpdateSize(resources.size())) { return; } const auto& route_config = dynamic_cast( resources[0].get().resource()); if (route_config.name() != route_config_name_) { throw EnvoyException(fmt::format("Unexpected RDS configuration (expecting {}): {}", route_config_name_, route_config.name())); } for (auto* provider : route_config_providers_) { // This seems inefficient, though it is necessary to validate config in each context, // especially when it comes with per_filter_config, provider->validateConfig(route_config); } std::unique_ptr noop_init_manager; std::unique_ptr resume_rds; if (config_update_info_->onRdsUpdate(route_config, version_info)) { stats_.config_reload_.inc(); if (config_update_info_->routeConfiguration().has_vhds() && config_update_info_->vhdsConfigurationChanged()) { ENVOY_LOG( debug, "rds: vhds configuration present/changed, (re)starting vhds: config_name={} hash={}", route_config_name_, config_update_info_->configHash()); maybeCreateInitManager(version_info, noop_init_manager, resume_rds); vhds_subscription_ = std::make_unique( config_update_info_, factory_context_, stat_prefix_, route_config_providers_, config_update_info_->routeConfiguration().vhds().config_source().resource_api_version()); vhds_subscription_->registerInitTargetWithInitManager( noop_init_manager == nullptr ? local_init_manager_ : *noop_init_manager); } ENVOY_LOG(debug, "rds: loading new configuration: config_name={} hash={}", route_config_name_, config_update_info_->configHash()); for (auto* provider : route_config_providers_) { provider->onConfigUpdate(); } // RDS update removed VHDS configuration if (!config_update_info_->routeConfiguration().has_vhds()) { vhds_subscription_.release(); } update_callback_manager_.runCallbacks(); } local_init_target_.ready(); } // Initialize a no-op InitManager in case the one in the factory_context has completed // initialization. This can happen if an RDS config update for an already established RDS // subscription contains VHDS configuration. void RdsRouteConfigSubscription::maybeCreateInitManager( const std::string& version_info, std::unique_ptr& init_manager, std::unique_ptr& init_vhds) { if (local_init_manager_.state() == Init::Manager::State::Initialized) { init_manager = std::make_unique( fmt::format("VHDS {}:{}", route_config_name_, version_info)); init_vhds = std::make_unique([this, &init_manager, version_info] { // For new RDS subscriptions created after listener warming up, we don't wait for them to warm // up. Init::WatcherImpl noop_watcher( // Note: we just throw it away. fmt::format("VHDS ConfigUpdate watcher {}:{}", route_config_name_, version_info), []() { /*Do nothing.*/ }); init_manager->initialize(noop_watcher); }); } } void RdsRouteConfigSubscription::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string&) { if (!removed_resources.empty()) { // TODO(#2500) when on-demand resource loading is supported, an RDS removal may make sense // (see discussion in #6879), and so we should do something other than ignoring here. ENVOY_LOG( error, "Server sent a delta RDS update attempting to remove a resource (name: {}). Ignoring.", removed_resources[0]); } if (!added_resources.empty()) { onConfigUpdate(added_resources, added_resources[0].get().version()); } } void RdsRouteConfigSubscription::onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad // config. local_init_target_.ready(); } void RdsRouteConfigSubscription::updateOnDemand(const std::string& aliases) { if (vhds_subscription_.get() == nullptr) { return; } vhds_subscription_->updateOnDemand(aliases); } bool RdsRouteConfigSubscription::validateUpdateSize(int num_resources) { if (num_resources == 0) { ENVOY_LOG(debug, "Missing RouteConfiguration for {} in onConfigUpdate()", route_config_name_); stats_.update_empty_.inc(); local_init_target_.ready(); return false; } if (num_resources != 1) { throw EnvoyException(fmt::format("Unexpected RDS resource length: {}", num_resources)); // (would be a return false here) } return true; } RdsRouteConfigProviderImpl::RdsRouteConfigProviderImpl( RdsRouteConfigSubscriptionSharedPtr&& subscription, Server::Configuration::ServerFactoryContext& factory_context) : subscription_(std::move(subscription)), config_update_info_(subscription_->routeConfigUpdate()), factory_context_(factory_context), validator_(factory_context.messageValidationContext().dynamicValidationVisitor()), tls_(factory_context.threadLocal().allocateSlot()) { ConfigConstSharedPtr initial_config; if (config_update_info_->configInfo().has_value()) { initial_config = std::make_shared(config_update_info_->routeConfiguration(), factory_context_, validator_, false); } else { initial_config = std::make_shared(); } tls_->set([initial_config](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(initial_config); }); // It should be 1:1 mapping due to shared rds config. ASSERT(subscription_->routeConfigProviders().empty()); subscription_->routeConfigProviders().insert(this); } RdsRouteConfigProviderImpl::~RdsRouteConfigProviderImpl() { subscription_->routeConfigProviders().erase(this); // It should be 1:1 mapping due to shared rds config. ASSERT(subscription_->routeConfigProviders().empty()); } Router::ConfigConstSharedPtr RdsRouteConfigProviderImpl::config() { return tls_->getTyped().config_; } void RdsRouteConfigProviderImpl::onConfigUpdate() { ConfigConstSharedPtr new_config(new ConfigImpl(config_update_info_->routeConfiguration(), factory_context_, validator_, false)); tls_->runOnAllThreads([new_config](ThreadLocal::ThreadLocalObjectSharedPtr previous) -> ThreadLocal::ThreadLocalObjectSharedPtr { auto prev_config = std::dynamic_pointer_cast(previous); prev_config->config_ = new_config; return previous; }); const auto aliases = config_update_info_->resourceIdsInLastVhdsUpdate(); // Regular (non-VHDS) RDS updates don't populate aliases fields in resources. if (aliases.empty()) { return; } const auto config = std::static_pointer_cast(new_config); // Notifies connections that RouteConfiguration update has been propagated. // Callbacks processing is performed in FIFO order. The callback is skipped if alias used in // the VHDS update request do not match the aliases in the update response for (auto it = config_update_callbacks_.begin(); it != config_update_callbacks_.end();) { auto found = aliases.find(it->alias_); if (found != aliases.end()) { // TODO(dmitri-d) HeaderMapImpl is expensive, need to profile this auto host_header = Http::RequestHeaderMapImpl::create(); host_header->setHost(VhdsSubscription::aliasToDomainName(it->alias_)); const bool host_exists = config->virtualHostExists(*host_header); std::weak_ptr current_cb(it->cb_); it->thread_local_dispatcher_.post([current_cb, host_exists] { if (auto cb = current_cb.lock()) { (*cb)(host_exists); } }); it = config_update_callbacks_.erase(it); } else { it++; } } } void RdsRouteConfigProviderImpl::validateConfig( const envoy::config::route::v3::RouteConfiguration& config) const { // TODO(lizan): consider cache the config here until onConfigUpdate. ConfigImpl validation_config(config, factory_context_, validator_, false); } // Schedules a VHDS request on the main thread and queues up the callback to use when the VHDS // response has been propagated to the worker thread that was the request origin. void RdsRouteConfigProviderImpl::requestVirtualHostsUpdate( const std::string& for_domain, Event::Dispatcher& thread_local_dispatcher, std::weak_ptr route_config_updated_cb) { auto alias = VhdsSubscription::domainNameToAlias(config_update_info_->routeConfigName(), for_domain); // The RdsRouteConfigProviderImpl instance can go away before the dispatcher has a chance to // execute the callback. still_alive shared_ptr will be deallocated when the current instance of // the RdsRouteConfigProviderImpl is deallocated; we rely on a weak_ptr to still_alive flag to // determine if the RdsRouteConfigProviderImpl instance is still valid. factory_context_.dispatcher().post([this, maybe_still_alive = std::weak_ptr(still_alive_), alias, &thread_local_dispatcher, route_config_updated_cb]() -> void { if (maybe_still_alive.lock()) { subscription_->updateOnDemand(alias); config_update_callbacks_.push_back({alias, thread_local_dispatcher, route_config_updated_cb}); } }); } RouteConfigProviderManagerImpl::RouteConfigProviderManagerImpl(Server::Admin& admin) { config_tracker_entry_ = admin.getConfigTracker().add("routes", [this] { return dumpRouteConfigs(); }); // ConfigTracker keys must be unique. We are asserting that no one has stolen the "routes" key // from us, since the returned entry will be nullptr if the key already exists. RELEASE_ASSERT(config_tracker_entry_, ""); } Router::RouteConfigProviderSharedPtr RouteConfigProviderManagerImpl::createRdsRouteConfigProvider( const envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, Init::Manager& init_manager) { // RdsRouteConfigSubscriptions are unique based on their serialized RDS config. const uint64_t manager_identifier = MessageUtil::hash(rds); auto it = dynamic_route_config_providers_.find(manager_identifier); if (it == dynamic_route_config_providers_.end()) { // std::make_shared does not work for classes with private constructors. There are ways // around it. However, since this is not a performance critical path we err on the side // of simplicity. RdsRouteConfigSubscriptionSharedPtr subscription(new RdsRouteConfigSubscription( rds, manager_identifier, factory_context, stat_prefix, *this)); init_manager.add(subscription->parent_init_target_); RdsRouteConfigProviderImplSharedPtr new_provider{ new RdsRouteConfigProviderImpl(std::move(subscription), factory_context)}; dynamic_route_config_providers_.insert( {manager_identifier, std::weak_ptr(new_provider)}); return new_provider; } else { // Because the RouteConfigProviderManager's weak_ptrs only get cleaned up // in the RdsRouteConfigSubscription destructor, and the single threaded nature // of this code, locking the weak_ptr will not fail. auto existing_provider = it->second.lock(); RELEASE_ASSERT(existing_provider != nullptr, absl::StrCat("cannot find subscribed rds resource ", rds.route_config_name())); init_manager.add(existing_provider->subscription_->parent_init_target_); return existing_provider; } } RouteConfigProviderPtr RouteConfigProviderManagerImpl::createStaticRouteConfigProvider( const envoy::config::route::v3::RouteConfiguration& route_config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) { auto provider = std::make_unique(route_config, factory_context, validator, *this); static_route_config_providers_.insert(provider.get()); return provider; } std::unique_ptr RouteConfigProviderManagerImpl::dumpRouteConfigs() const { auto config_dump = std::make_unique(); for (const auto& element : dynamic_route_config_providers_) { const auto& subscription = element.second.lock()->subscription_; // Because the RouteConfigProviderManager's weak_ptrs only get cleaned up // in the RdsRouteConfigSubscription destructor, and the single threaded nature // of this code, locking the weak_ptr will not fail. ASSERT(subscription); ASSERT(!subscription->route_config_providers_.empty()); if (subscription->routeConfigUpdate()->configInfo()) { auto* dynamic_config = config_dump->mutable_dynamic_route_configs()->Add(); dynamic_config->set_version_info(subscription->routeConfigUpdate()->configVersion()); dynamic_config->mutable_route_config()->PackFrom( API_RECOVER_ORIGINAL(subscription->routeConfigUpdate()->routeConfiguration())); TimestampUtil::systemClockToTimestamp(subscription->routeConfigUpdate()->lastUpdated(), *dynamic_config->mutable_last_updated()); } } for (const auto& provider : static_route_config_providers_) { ASSERT(provider->configInfo()); auto* static_config = config_dump->mutable_static_route_configs()->Add(); static_config->mutable_route_config()->PackFrom( API_RECOVER_ORIGINAL(provider->configInfo().value().config_)); TimestampUtil::systemClockToTimestamp(provider->lastUpdated(), *static_config->mutable_last_updated()); } return config_dump; } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/rds_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/http/codes.h" #include "envoy/local_info/local_info.h" #include "envoy/router/rds.h" #include "envoy/router/route_config_provider_manager.h" #include "envoy/router/route_config_update_receiver.h" #include "envoy/server/admin.h" #include "envoy/server/filter_config.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/singleton/instance.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "common/common/callback_impl.h" #include "common/common/cleanup.h" #include "common/common/logger.h" #include "common/init/manager_impl.h" #include "common/init/target_impl.h" #include "common/init/watcher_impl.h" #include "common/protobuf/utility.h" #include "common/router/route_config_update_receiver_impl.h" #include "common/router/vhds.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Router { // For friend class declaration in RdsRouteConfigSubscription. class ScopedRdsConfigSubscription; /** * Route configuration provider utilities. */ class RouteConfigProviderUtil { public: /** * @return RouteConfigProviderSharedPtr a new route configuration provider based on the supplied * proto configuration. Notes the provider object could be shared among multiple listeners. */ static RouteConfigProviderSharedPtr create( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, Init::Manager& init_manager, const std::string& stat_prefix, RouteConfigProviderManager& route_config_provider_manager); }; class RouteConfigProviderManagerImpl; /** * Implementation of RouteConfigProvider that holds a static route configuration. */ class StaticRouteConfigProviderImpl : public RouteConfigProvider { public: StaticRouteConfigProviderImpl(const envoy::config::route::v3::RouteConfiguration& config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator, RouteConfigProviderManagerImpl& route_config_provider_manager); ~StaticRouteConfigProviderImpl() override; // Router::RouteConfigProvider Router::ConfigConstSharedPtr config() override { return config_; } absl::optional configInfo() const override { return ConfigInfo{route_config_proto_, ""}; } SystemTime lastUpdated() const override { return last_updated_; } void onConfigUpdate() override {} void validateConfig(const envoy::config::route::v3::RouteConfiguration&) const override {} void requestVirtualHostsUpdate(const std::string&, Event::Dispatcher&, std::weak_ptr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } private: ConfigConstSharedPtr config_; envoy::config::route::v3::RouteConfiguration route_config_proto_; SystemTime last_updated_; RouteConfigProviderManagerImpl& route_config_provider_manager_; }; /** * All RDS stats. @see stats_macros.h */ #define ALL_RDS_STATS(COUNTER) \ COUNTER(config_reload) \ COUNTER(update_empty) /** * Struct definition for all RDS stats. @see stats_macros.h */ struct RdsStats { ALL_RDS_STATS(GENERATE_COUNTER_STRUCT) }; class RdsRouteConfigProviderImpl; /** * A class that fetches the route configuration dynamically using the RDS API and updates them to * RDS config providers. */ class RdsRouteConfigSubscription : Envoy::Config::SubscriptionBase, Logger::Loggable { public: ~RdsRouteConfigSubscription() override; absl::node_hash_set& routeConfigProviders() { ASSERT(route_config_providers_.size() == 1 || route_config_providers_.empty()); return route_config_providers_; } RouteConfigUpdatePtr& routeConfigUpdate() { return config_update_info_; } void updateOnDemand(const std::string& aliases); void maybeCreateInitManager(const std::string& version_info, std::unique_ptr& init_manager, std::unique_ptr& resume_rds); private: // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; Common::CallbackHandle* addUpdateCallback(std::function callback) { return update_callback_manager_.add(callback); } RdsRouteConfigSubscription( const envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, RouteConfigProviderManagerImpl& route_config_provider_manager); bool validateUpdateSize(int num_resources); const std::string route_config_name_; // This scope must outlive the subscription_ below as the subscription has derived stats. Stats::ScopePtr scope_; Envoy::Config::SubscriptionPtr subscription_; Server::Configuration::ServerFactoryContext& factory_context_; // Init target used to notify the parent init manager that the subscription [and its sub resource] // is ready. Init::SharedTargetImpl parent_init_target_; // Init watcher on RDS and VHDS ready event. This watcher marks parent_init_target_ ready. Init::WatcherImpl local_init_watcher_; // Target which starts the RDS subscription. Init::TargetImpl local_init_target_; Init::ManagerImpl local_init_manager_; std::string stat_prefix_; RdsStats stats_; RouteConfigProviderManagerImpl& route_config_provider_manager_; const uint64_t manager_identifier_; // TODO(lambdai): Prove that a subscription has exactly one provider and remove the container. absl::node_hash_set route_config_providers_; VhdsSubscriptionPtr vhds_subscription_; RouteConfigUpdatePtr config_update_info_; Common::CallbackManager<> update_callback_manager_; friend class RouteConfigProviderManagerImpl; // Access to addUpdateCallback friend class ScopedRdsConfigSubscription; }; using RdsRouteConfigSubscriptionSharedPtr = std::shared_ptr; struct UpdateOnDemandCallback { const std::string alias_; Event::Dispatcher& thread_local_dispatcher_; std::weak_ptr cb_; }; /** * Implementation of RouteConfigProvider that fetches the route configuration dynamically using * the subscription. */ class RdsRouteConfigProviderImpl : public RouteConfigProvider, Logger::Loggable { public: ~RdsRouteConfigProviderImpl() override; RdsRouteConfigSubscription& subscription() { return *subscription_; } // Router::RouteConfigProvider Router::ConfigConstSharedPtr config() override; absl::optional configInfo() const override { return config_update_info_->configInfo(); } SystemTime lastUpdated() const override { return config_update_info_->lastUpdated(); } void onConfigUpdate() override; void requestVirtualHostsUpdate( const std::string& for_domain, Event::Dispatcher& thread_local_dispatcher, std::weak_ptr route_config_updated_cb) override; void validateConfig(const envoy::config::route::v3::RouteConfiguration& config) const override; private: struct ThreadLocalConfig : public ThreadLocal::ThreadLocalObject { ThreadLocalConfig(ConfigConstSharedPtr initial_config) : config_(std::move(initial_config)) {} ConfigConstSharedPtr config_; }; RdsRouteConfigProviderImpl(RdsRouteConfigSubscriptionSharedPtr&& subscription, Server::Configuration::ServerFactoryContext& factory_context); RdsRouteConfigSubscriptionSharedPtr subscription_; RouteConfigUpdatePtr& config_update_info_; Server::Configuration::ServerFactoryContext& factory_context_; ProtobufMessage::ValidationVisitor& validator_; ThreadLocal::SlotPtr tls_; std::list config_update_callbacks_; // A flag used to determine if this instance of RdsRouteConfigProviderImpl hasn't been // deallocated. Please also see a comment in requestVirtualHostsUpdate() method implementation. std::shared_ptr still_alive_{std::make_shared(true)}; friend class RouteConfigProviderManagerImpl; }; using RdsRouteConfigProviderImplSharedPtr = std::shared_ptr; class RouteConfigProviderManagerImpl : public RouteConfigProviderManager, public Singleton::Instance { public: RouteConfigProviderManagerImpl(Server::Admin& admin); std::unique_ptr dumpRouteConfigs() const; // RouteConfigProviderManager RouteConfigProviderSharedPtr createRdsRouteConfigProvider( const envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, Init::Manager& init_manager) override; RouteConfigProviderPtr createStaticRouteConfigProvider(const envoy::config::route::v3::RouteConfiguration& route_config, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) override; private: // TODO(jsedgwick) These two members are prime candidates for the owned-entry list/map // as in ConfigTracker. I.e. the ProviderImpls would have an EntryOwner for these lists // Then the lifetime management stuff is centralized and opaque. absl::node_hash_map> dynamic_route_config_providers_; absl::node_hash_set static_route_config_providers_; Server::ConfigTracker::EntryOwnerPtr config_tracker_entry_; friend class RdsRouteConfigSubscription; friend class StaticRouteConfigProviderImpl; }; using RouteConfigProviderManagerImplPtr = std::unique_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/reset_header_parser.cc ================================================ #include "common/router/reset_header_parser.h" #include #include "common/common/assert.h" #include "absl/strings/numbers.h" namespace Envoy { namespace Router { ResetHeaderParserImpl::ResetHeaderParserImpl( const envoy::config::route::v3::RetryPolicy::ResetHeader& config) : name_(config.name()) { switch (config.format()) { case envoy::config::route::v3::RetryPolicy::SECONDS: format_ = ResetHeaderFormat::Seconds; break; case envoy::config::route::v3::RetryPolicy::UNIX_TIMESTAMP: format_ = ResetHeaderFormat::UnixTimestamp; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional ResetHeaderParserImpl::parseInterval(TimeSource& time_source, const Http::HeaderMap& headers) const { const Http::HeaderEntry* header = headers.get(name_); if (header == nullptr) { return absl::nullopt; } const auto& header_value = header->value().getStringView(); uint64_t num_seconds{}; switch (format_) { case ResetHeaderFormat::Seconds: if (absl::SimpleAtoi(header_value, &num_seconds)) { return absl::optional(num_seconds * 1000UL); } break; case ResetHeaderFormat::UnixTimestamp: if (absl::SimpleAtoi(header_value, &num_seconds)) { const auto time_now = time_source.systemTime().time_since_epoch(); const uint64_t timestamp = std::chrono::duration_cast(time_now).count(); if (num_seconds < timestamp) { return absl::nullopt; } const uint64_t interval = num_seconds - timestamp; return absl::optional(interval * 1000UL); } break; default: NOT_REACHED_GCOVR_EXCL_LINE; } return absl::nullopt; } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/reset_header_parser.h ================================================ #pragma once #include #include #include #include "envoy/common/time.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/header_map.h" #include "envoy/router/router.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { enum class ResetHeaderFormat { Seconds, UnixTimestamp }; /** * A ResetHeaderParser specifies a header name and a format to match against * response headers that are used to signal a rate limit interval reset, such * as Retry-After or X-RateLimit-Reset. */ class ResetHeaderParserImpl : public ResetHeaderParser { public: /** * Build a vector of ResetHeaderParserSharedPtr given input config. */ static std::vector buildResetHeaderParserVector( const Protobuf::RepeatedPtrField& reset_headers) { std::vector ret; for (const auto& reset_header : reset_headers) { ret.emplace_back(std::make_shared(reset_header)); } return ret; } ResetHeaderParserImpl(const envoy::config::route::v3::RetryPolicy::ResetHeader& config); const Http::LowerCaseString& name() const { return name_; } ResetHeaderFormat format() const { return format_; } /** * Iterate over the headers, choose the first one that matches by name, and try to parse its * value. */ absl::optional parseInterval(TimeSource& time_source, const Http::HeaderMap& headers) const override; private: const Http::LowerCaseString name_; ResetHeaderFormat format_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/retry_state_impl.cc ================================================ #include "common/router/retry_state_impl.h" #include #include #include #include #include "envoy/config/route/v3/route_components.pb.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/codes.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Router { // These are defined in envoy/router/router.h, however during certain cases the compiler is // refusing to use the header version so allocate space here. const uint32_t RetryPolicy::RETRY_ON_5XX; const uint32_t RetryPolicy::RETRY_ON_GATEWAY_ERROR; const uint32_t RetryPolicy::RETRY_ON_CONNECT_FAILURE; const uint32_t RetryPolicy::RETRY_ON_ENVOY_RATE_LIMITED; const uint32_t RetryPolicy::RETRY_ON_RETRIABLE_4XX; const uint32_t RetryPolicy::RETRY_ON_RETRIABLE_HEADERS; const uint32_t RetryPolicy::RETRY_ON_RETRIABLE_STATUS_CODES; const uint32_t RetryPolicy::RETRY_ON_RESET; const uint32_t RetryPolicy::RETRY_ON_GRPC_CANCELLED; const uint32_t RetryPolicy::RETRY_ON_GRPC_DEADLINE_EXCEEDED; const uint32_t RetryPolicy::RETRY_ON_GRPC_RESOURCE_EXHAUSTED; const uint32_t RetryPolicy::RETRY_ON_GRPC_UNAVAILABLE; RetryStatePtr RetryStateImpl::create(const RetryPolicy& route_policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority) { RetryStatePtr ret; // We short circuit here and do not bother with an allocation if there is no chance we will retry. if (request_headers.EnvoyRetryOn() || request_headers.EnvoyRetryGrpcOn() || route_policy.retryOn()) { ret.reset(new RetryStateImpl(route_policy, request_headers, cluster, vcluster, runtime, random, dispatcher, time_source, priority)); } // Consume all retry related headers to avoid them being propagated to the upstream request_headers.removeEnvoyRetryOn(); request_headers.removeEnvoyRetryGrpcOn(); request_headers.removeEnvoyMaxRetries(); if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.consume_all_retry_headers")) { request_headers.removeEnvoyHedgeOnPerTryTimeout(); request_headers.removeEnvoyRetriableHeaderNames(); request_headers.removeEnvoyRetriableStatusCodes(); request_headers.removeEnvoyUpstreamRequestPerTryTimeoutMs(); } return ret; } RetryStateImpl::RetryStateImpl(const RetryPolicy& route_policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority) : cluster_(cluster), vcluster_(vcluster), runtime_(runtime), random_(random), dispatcher_(dispatcher), time_source_(time_source), retry_on_(route_policy.retryOn()), retries_remaining_(route_policy.numRetries()), priority_(priority), retry_host_predicates_(route_policy.retryHostPredicates()), retry_priority_(route_policy.retryPriority()), retriable_status_codes_(route_policy.retriableStatusCodes()), retriable_headers_(route_policy.retriableHeaders()), reset_headers_(route_policy.resetHeaders()), reset_max_interval_(route_policy.resetMaxInterval()) { std::chrono::milliseconds base_interval( runtime_.snapshot().getInteger("upstream.base_retry_backoff_ms", 25)); if (route_policy.baseInterval()) { base_interval = *route_policy.baseInterval(); } // By default, cap the max interval to 10 times the base interval to ensure reasonable back-off // intervals. std::chrono::milliseconds max_interval = base_interval * 10; if (route_policy.maxInterval()) { max_interval = *route_policy.maxInterval(); } backoff_strategy_ = std::make_unique( base_interval.count(), max_interval.count(), random_); host_selection_max_attempts_ = route_policy.hostSelectionMaxAttempts(); // Merge in the headers. if (request_headers.EnvoyRetryOn()) { retry_on_ |= parseRetryOn(request_headers.getEnvoyRetryOnValue()).first; } if (request_headers.EnvoyRetryGrpcOn()) { retry_on_ |= parseRetryGrpcOn(request_headers.getEnvoyRetryGrpcOnValue()).first; } const auto& retriable_request_headers = route_policy.retriableRequestHeaders(); if (!retriable_request_headers.empty()) { // If this route limits retries by request headers, make sure there is a match. bool request_header_match = false; for (const auto& retriable_header : retriable_request_headers) { if (retriable_header->matchesHeaders(request_headers)) { request_header_match = true; break; } } if (!request_header_match) { retry_on_ = 0; } } if (retry_on_ != 0 && request_headers.EnvoyMaxRetries()) { uint64_t temp; if (absl::SimpleAtoi(request_headers.getEnvoyMaxRetriesValue(), &temp)) { // The max retries header takes precedence if set. retries_remaining_ = temp; } } if (request_headers.EnvoyRetriableStatusCodes()) { for (const auto& code : StringUtil::splitToken(request_headers.getEnvoyRetriableStatusCodesValue(), ",")) { unsigned int out; if (absl::SimpleAtoi(code, &out)) { retriable_status_codes_.emplace_back(out); } } } if (request_headers.EnvoyRetriableHeaderNames()) { // Retriable headers in the configuration are specified via HeaderMatcher. // Giving the same flexibility via request header would require the user // to provide HeaderMatcher serialized into a string. To avoid this extra // complexity we only support name-only header matchers via request // header. Anything more sophisticated needs to be provided via config. for (const auto& header_name : StringUtil::splitToken( request_headers.EnvoyRetriableHeaderNames()->value().getStringView(), ",")) { envoy::config::route::v3::HeaderMatcher header_matcher; header_matcher.set_name(std::string(absl::StripAsciiWhitespace(header_name))); retriable_headers_.emplace_back( std::make_shared(header_matcher)); } } } RetryStateImpl::~RetryStateImpl() { resetRetry(); } void RetryStateImpl::enableBackoffTimer() { if (!retry_timer_) { retry_timer_ = dispatcher_.createTimer([this]() -> void { callback_(); }); } if (ratelimited_backoff_strategy_ != nullptr) { // If we have a backoff strategy based on rate limit feedback from the response we use it. retry_timer_->enableTimer( std::chrono::milliseconds(ratelimited_backoff_strategy_->nextBackOffMs())); // The strategy is only valid for the response that sent the ratelimit reset header and cannot // be reused. ratelimited_backoff_strategy_.reset(); cluster_.stats().upstream_rq_retry_backoff_ratelimited_.inc(); } else { // Otherwise we use a fully jittered exponential backoff algorithm. retry_timer_->enableTimer(std::chrono::milliseconds(backoff_strategy_->nextBackOffMs())); cluster_.stats().upstream_rq_retry_backoff_exponential_.inc(); } } std::pair RetryStateImpl::parseRetryOn(absl::string_view config) { uint32_t ret = 0; bool all_fields_valid = true; for (const auto& retry_on : StringUtil::splitToken(config, ",", false, true)) { if (retry_on == Http::Headers::get().EnvoyRetryOnValues._5xx) { ret |= RetryPolicy::RETRY_ON_5XX; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.GatewayError) { ret |= RetryPolicy::RETRY_ON_GATEWAY_ERROR; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.ConnectFailure) { ret |= RetryPolicy::RETRY_ON_CONNECT_FAILURE; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.EnvoyRateLimited) { ret |= RetryPolicy::RETRY_ON_ENVOY_RATE_LIMITED; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.Retriable4xx) { ret |= RetryPolicy::RETRY_ON_RETRIABLE_4XX; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.RefusedStream) { ret |= RetryPolicy::RETRY_ON_REFUSED_STREAM; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.RetriableStatusCodes) { ret |= RetryPolicy::RETRY_ON_RETRIABLE_STATUS_CODES; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.RetriableHeaders) { ret |= RetryPolicy::RETRY_ON_RETRIABLE_HEADERS; } else if (retry_on == Http::Headers::get().EnvoyRetryOnValues.Reset) { ret |= RetryPolicy::RETRY_ON_RESET; } else { all_fields_valid = false; } } return {ret, all_fields_valid}; } std::pair RetryStateImpl::parseRetryGrpcOn(absl::string_view retry_grpc_on_header) { uint32_t ret = 0; bool all_fields_valid = true; for (const auto& retry_on : StringUtil::splitToken(retry_grpc_on_header, ",", false, true)) { if (retry_on == Http::Headers::get().EnvoyRetryOnGrpcValues.Cancelled) { ret |= RetryPolicy::RETRY_ON_GRPC_CANCELLED; } else if (retry_on == Http::Headers::get().EnvoyRetryOnGrpcValues.DeadlineExceeded) { ret |= RetryPolicy::RETRY_ON_GRPC_DEADLINE_EXCEEDED; } else if (retry_on == Http::Headers::get().EnvoyRetryOnGrpcValues.ResourceExhausted) { ret |= RetryPolicy::RETRY_ON_GRPC_RESOURCE_EXHAUSTED; } else if (retry_on == Http::Headers::get().EnvoyRetryOnGrpcValues.Unavailable) { ret |= RetryPolicy::RETRY_ON_GRPC_UNAVAILABLE; } else if (retry_on == Http::Headers::get().EnvoyRetryOnGrpcValues.Internal) { ret |= RetryPolicy::RETRY_ON_GRPC_INTERNAL; } else { all_fields_valid = false; } } return {ret, all_fields_valid}; } absl::optional RetryStateImpl::parseResetInterval(const Http::ResponseHeaderMap& response_headers) const { for (const auto& reset_header : reset_headers_) { const auto& interval = reset_header->parseInterval(time_source_, response_headers); if (interval.has_value() && interval.value() <= reset_max_interval_) { return interval; } } return absl::nullopt; } void RetryStateImpl::resetRetry() { if (callback_) { cluster_.resourceManager(priority_).retries().dec(); callback_ = nullptr; } } RetryStatus RetryStateImpl::shouldRetry(bool would_retry, DoRetryCallback callback) { // If a callback is armed from a previous shouldRetry and we don't need to // retry this particular request, we can infer that we did a retry earlier // and it was successful. if (callback_ && !would_retry) { cluster_.stats().upstream_rq_retry_success_.inc(); if (vcluster_) { vcluster_->stats().upstream_rq_retry_success_.inc(); } } resetRetry(); if (!would_retry) { return RetryStatus::No; } // The request has exhausted the number of retries allotted to it by the retry policy configured // (or the x-envoy-max-retries header). if (retries_remaining_ == 0) { cluster_.stats().upstream_rq_retry_limit_exceeded_.inc(); if (vcluster_) { vcluster_->stats().upstream_rq_retry_limit_exceeded_.inc(); } return RetryStatus::NoRetryLimitExceeded; } retries_remaining_--; if (!cluster_.resourceManager(priority_).retries().canCreate()) { cluster_.stats().upstream_rq_retry_overflow_.inc(); if (vcluster_) { vcluster_->stats().upstream_rq_retry_overflow_.inc(); } return RetryStatus::NoOverflow; } if (!runtime_.snapshot().featureEnabled("upstream.use_retry", 100)) { return RetryStatus::No; } ASSERT(!callback_); callback_ = callback; cluster_.resourceManager(priority_).retries().inc(); cluster_.stats().upstream_rq_retry_.inc(); if (vcluster_) { vcluster_->stats().upstream_rq_retry_.inc(); } enableBackoffTimer(); return RetryStatus::Yes; } RetryStatus RetryStateImpl::shouldRetryHeaders(const Http::ResponseHeaderMap& response_headers, DoRetryCallback callback) { const bool would_retry = wouldRetryFromHeaders(response_headers); // Yes, we will retry based on the headers - try to parse a rate limited reset interval from the // response. if (would_retry && !reset_headers_.empty()) { const auto backoff_interval = parseResetInterval(response_headers); if (backoff_interval.has_value() && (backoff_interval.value().count() > 1L)) { ratelimited_backoff_strategy_ = std::make_unique( backoff_interval.value().count(), random_); } } return shouldRetry(would_retry, callback); } RetryStatus RetryStateImpl::shouldRetryReset(Http::StreamResetReason reset_reason, DoRetryCallback callback) { return shouldRetry(wouldRetryFromReset(reset_reason), callback); } RetryStatus RetryStateImpl::shouldHedgeRetryPerTryTimeout(DoRetryCallback callback) { // A hedged retry on per try timeout is always retried if there are retries // left. NOTE: this is a bit different than non-hedged per try timeouts which // are only retried if the applicable retry policy specifies either // RETRY_ON_5XX or RETRY_ON_GATEWAY_ERROR. This is because these types of // retries are associated with a stream reset which is analogous to a gateway // error. When hedging on per try timeout is enabled, however, there is no // stream reset. return shouldRetry(true, callback); } bool RetryStateImpl::wouldRetryFromHeaders(const Http::ResponseHeaderMap& response_headers) { // A response that contains the x-envoy-ratelimited header comes from an upstream envoy. // We retry these only when the envoy-ratelimited policy is in effect. if (response_headers.EnvoyRateLimited() != nullptr) { return retry_on_ & RetryPolicy::RETRY_ON_ENVOY_RATE_LIMITED; } if (retry_on_ & RetryPolicy::RETRY_ON_5XX) { if (Http::CodeUtility::is5xx(Http::Utility::getResponseStatus(response_headers))) { return true; } } if (retry_on_ & RetryPolicy::RETRY_ON_GATEWAY_ERROR) { if (Http::CodeUtility::isGatewayError(Http::Utility::getResponseStatus(response_headers))) { return true; } } if ((retry_on_ & RetryPolicy::RETRY_ON_RETRIABLE_4XX)) { Http::Code code = static_cast(Http::Utility::getResponseStatus(response_headers)); if (code == Http::Code::Conflict) { return true; } } if ((retry_on_ & RetryPolicy::RETRY_ON_RETRIABLE_STATUS_CODES)) { for (auto code : retriable_status_codes_) { if (Http::Utility::getResponseStatus(response_headers) == code) { return true; } } } if (retry_on_ & RetryPolicy::RETRY_ON_RETRIABLE_HEADERS) { for (const auto& retriable_header : retriable_headers_) { if (retriable_header->matchesHeaders(response_headers)) { return true; } } } if (retry_on_ & (RetryPolicy::RETRY_ON_GRPC_CANCELLED | RetryPolicy::RETRY_ON_GRPC_DEADLINE_EXCEEDED | RetryPolicy::RETRY_ON_GRPC_RESOURCE_EXHAUSTED | RetryPolicy::RETRY_ON_GRPC_UNAVAILABLE | RetryPolicy::RETRY_ON_GRPC_INTERNAL)) { absl::optional status = Grpc::Common::getGrpcStatus(response_headers); if (status) { if ((status.value() == Grpc::Status::Canceled && (retry_on_ & RetryPolicy::RETRY_ON_GRPC_CANCELLED)) || (status.value() == Grpc::Status::DeadlineExceeded && (retry_on_ & RetryPolicy::RETRY_ON_GRPC_DEADLINE_EXCEEDED)) || (status.value() == Grpc::Status::ResourceExhausted && (retry_on_ & RetryPolicy::RETRY_ON_GRPC_RESOURCE_EXHAUSTED)) || (status.value() == Grpc::Status::Unavailable && (retry_on_ & RetryPolicy::RETRY_ON_GRPC_UNAVAILABLE)) || (status.value() == Grpc::Status::Internal && (retry_on_ & RetryPolicy::RETRY_ON_GRPC_INTERNAL))) { return true; } } } return false; } bool RetryStateImpl::wouldRetryFromReset(const Http::StreamResetReason reset_reason) { // First check "never retry" conditions so we can short circuit (we never // retry if the reset reason is overflow). if (reset_reason == Http::StreamResetReason::Overflow) { return false; } if (retry_on_ & RetryPolicy::RETRY_ON_RESET) { return true; } if (retry_on_ & (RetryPolicy::RETRY_ON_5XX | RetryPolicy::RETRY_ON_GATEWAY_ERROR)) { // Currently we count an upstream reset as a "5xx" (since it will result in // one). With RETRY_ON_RESET we may eventually remove these policies. return true; } if ((retry_on_ & RetryPolicy::RETRY_ON_REFUSED_STREAM) && reset_reason == Http::StreamResetReason::RemoteRefusedStreamReset) { return true; } if ((retry_on_ & RetryPolicy::RETRY_ON_CONNECT_FAILURE) && reset_reason == Http::StreamResetReason::ConnectionFailure) { return true; } return false; } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/retry_state_impl.h ================================================ #pragma once #include #include #include "envoy/common/random_generator.h" #include "envoy/event/timer.h" #include "envoy/http/codec.h" #include "envoy/http/header_map.h" #include "envoy/router/router.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" #include "common/common/backoff_strategy.h" #include "common/http/header_utility.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * Wraps retry state for the router. */ class RetryStateImpl : public RetryState { public: static RetryStatePtr create(const RetryPolicy& route_policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority); ~RetryStateImpl() override; /** * Returns the RetryPolicy extracted from the x-envoy-retry-on header. * @param config is the value of the header. * @return std::pair the uint32_t is a bitset representing the * valid retry policies in @param config. The bool is TRUE iff all the * policies specified in @param config are valid. */ static std::pair parseRetryOn(absl::string_view config); /** * Returns the RetryPolicy extracted from the x-envoy-retry-grpc-on header. * @param config is the value of the header. * @return std::pair the uint32_t is a bitset representing the * valid retry policies in @param config. The bool is TRUE iff all the * policies specified in @param config are valid. */ static std::pair parseRetryGrpcOn(absl::string_view retry_grpc_on_header); // Router::RetryState bool enabled() override { return retry_on_ != 0; } absl::optional parseResetInterval(const Http::ResponseHeaderMap& response_headers) const override; RetryStatus shouldRetryHeaders(const Http::ResponseHeaderMap& response_headers, DoRetryCallback callback) override; // Returns true if the retry policy would retry the passed headers. Does not // take into account circuit breaking or remaining tries. bool wouldRetryFromHeaders(const Http::ResponseHeaderMap& response_headers) override; RetryStatus shouldRetryReset(const Http::StreamResetReason reset_reason, DoRetryCallback callback) override; RetryStatus shouldHedgeRetryPerTryTimeout(DoRetryCallback callback) override; void onHostAttempted(Upstream::HostDescriptionConstSharedPtr host) override { std::for_each(retry_host_predicates_.begin(), retry_host_predicates_.end(), [&host](auto predicate) { predicate->onHostAttempted(host); }); if (retry_priority_) { retry_priority_->onHostAttempted(host); } } bool shouldSelectAnotherHost(const Upstream::Host& host) override { return std::any_of( retry_host_predicates_.begin(), retry_host_predicates_.end(), [&host](auto predicate) { return predicate->shouldSelectAnotherHost(host); }); } const Upstream::HealthyAndDegradedLoad& priorityLoadForRetry( const Upstream::PrioritySet& priority_set, const Upstream::HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc& priority_mapping_func) override { if (!retry_priority_) { return original_priority_load; } return retry_priority_->determinePriorityLoad(priority_set, original_priority_load, priority_mapping_func); } uint32_t hostSelectionMaxAttempts() const override { return host_selection_max_attempts_; } private: RetryStateImpl(const RetryPolicy& route_policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority); void enableBackoffTimer(); void resetRetry(); bool wouldRetryFromReset(const Http::StreamResetReason reset_reason); RetryStatus shouldRetry(bool would_retry, DoRetryCallback callback); const Upstream::ClusterInfo& cluster_; const VirtualCluster* vcluster_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; Event::Dispatcher& dispatcher_; TimeSource& time_source_; uint32_t retry_on_{}; uint32_t retries_remaining_{}; DoRetryCallback callback_; Event::TimerPtr retry_timer_; Upstream::ResourcePriority priority_; BackOffStrategyPtr backoff_strategy_; BackOffStrategyPtr ratelimited_backoff_strategy_{}; std::vector retry_host_predicates_; Upstream::RetryPrioritySharedPtr retry_priority_; uint32_t host_selection_max_attempts_; std::vector retriable_status_codes_; std::vector retriable_headers_; std::vector reset_headers_{}; std::chrono::milliseconds reset_max_interval_{}; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/route_config_update_receiver_impl.cc ================================================ #include "common/router/route_config_update_receiver_impl.h" #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/protobuf/utility.h" #include "common/router/config_impl.h" namespace Envoy { namespace Router { bool RouteConfigUpdateReceiverImpl::onRdsUpdate( const envoy::config::route::v3::RouteConfiguration& rc, const std::string& version_info) { const uint64_t new_hash = MessageUtil::hash(rc); if (new_hash == last_config_hash_) { return false; } route_config_proto_ = rc; last_config_hash_ = new_hash; const uint64_t new_vhds_config_hash = rc.has_vhds() ? MessageUtil::hash(rc.vhds()) : 0ul; vhds_configuration_changed_ = new_vhds_config_hash != last_vhds_config_hash_; last_vhds_config_hash_ = new_vhds_config_hash; initializeRdsVhosts(route_config_proto_); onUpdateCommon(route_config_proto_, version_info); return true; } void RouteConfigUpdateReceiverImpl::onUpdateCommon( const envoy::config::route::v3::RouteConfiguration& rc, const std::string& version_info) { last_config_version_ = version_info; last_updated_ = time_source_.systemTime(); rebuildRouteConfig(rds_virtual_hosts_, vhds_virtual_hosts_, route_config_proto_); config_info_.emplace(RouteConfigProvider::ConfigInfo{rc, last_config_version_}); } bool RouteConfigUpdateReceiverImpl::onVhdsUpdate( const VirtualHostRefVector& added_vhosts, const std::set& added_resource_ids, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info) { resource_ids_in_last_update_ = added_resource_ids; const bool removed = removeVhosts(vhds_virtual_hosts_, removed_resources); const bool updated = updateVhosts(vhds_virtual_hosts_, added_vhosts); onUpdateCommon(route_config_proto_, version_info); return removed || updated || !resource_ids_in_last_update_.empty(); } void RouteConfigUpdateReceiverImpl::initializeRdsVhosts( const envoy::config::route::v3::RouteConfiguration& route_configuration) { rds_virtual_hosts_.clear(); for (const auto& vhost : route_configuration.virtual_hosts()) { rds_virtual_hosts_.emplace(vhost.name(), vhost); } } bool RouteConfigUpdateReceiverImpl::removeVhosts( std::map& vhosts, const Protobuf::RepeatedPtrField& removed_vhost_names) { bool vhosts_removed = false; for (const auto& vhost_name : removed_vhost_names) { auto found = vhosts.find(vhost_name); if (found != vhosts.end()) { vhosts_removed = true; vhosts.erase(vhost_name); } } return vhosts_removed; } bool RouteConfigUpdateReceiverImpl::updateVhosts( std::map& vhosts, const VirtualHostRefVector& added_vhosts) { bool vhosts_added = false; for (const auto& vhost : added_vhosts) { auto found = vhosts.find(vhost.get().name()); if (found != vhosts.end()) { vhosts.erase(found); } vhosts.emplace(vhost.get().name(), vhost.get()); vhosts_added = true; } return vhosts_added; } void RouteConfigUpdateReceiverImpl::rebuildRouteConfig( const std::map& rds_vhosts, const std::map& vhds_vhosts, envoy::config::route::v3::RouteConfiguration& route_config) { route_config.clear_virtual_hosts(); for (const auto& vhost : rds_vhosts) { route_config.mutable_virtual_hosts()->Add()->CopyFrom(vhost.second); } for (const auto& vhost : vhds_vhosts) { route_config.mutable_virtual_hosts()->Add()->CopyFrom(vhost.second); } } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/route_config_update_receiver_impl.h ================================================ #pragma once #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/router/rds.h" #include "envoy/router/route_config_update_receiver.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/logger.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Router { class RouteConfigUpdateReceiverImpl : public RouteConfigUpdateReceiver { public: RouteConfigUpdateReceiverImpl(TimeSource& time_source) : time_source_(time_source), last_config_hash_(0ull), last_vhds_config_hash_(0ul), vhds_configuration_changed_(true) {} void initializeRdsVhosts(const envoy::config::route::v3::RouteConfiguration& route_configuration); bool removeVhosts(std::map& vhosts, const Protobuf::RepeatedPtrField& removed_vhost_names); bool updateVhosts(std::map& vhosts, const VirtualHostRefVector& added_vhosts); void rebuildRouteConfig( const std::map& rds_vhosts, const std::map& vhds_vhosts, envoy::config::route::v3::RouteConfiguration& route_config); bool onDemandFetchFailed(const envoy::service::discovery::v3::Resource& resource) const; void onUpdateCommon(const envoy::config::route::v3::RouteConfiguration& rc, const std::string& version_info); // Router::RouteConfigUpdateReceiver bool onRdsUpdate(const envoy::config::route::v3::RouteConfiguration& rc, const std::string& version_info) override; bool onVhdsUpdate(const VirtualHostRefVector& added_vhosts, const std::set& added_resource_ids, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info) override; const std::string& routeConfigName() const override { return route_config_proto_.name(); } const std::string& configVersion() const override { return last_config_version_; } uint64_t configHash() const override { return last_config_hash_; } absl::optional configInfo() const override { return config_info_; } bool vhdsConfigurationChanged() const override { return vhds_configuration_changed_; } const envoy::config::route::v3::RouteConfiguration& routeConfiguration() override { return route_config_proto_; } SystemTime lastUpdated() const override { return last_updated_; } const std::set& resourceIdsInLastVhdsUpdate() override { return resource_ids_in_last_update_; } private: TimeSource& time_source_; envoy::config::route::v3::RouteConfiguration route_config_proto_; uint64_t last_config_hash_; uint64_t last_vhds_config_hash_; std::string last_config_version_; SystemTime last_updated_; std::map rds_virtual_hosts_; std::map vhds_virtual_hosts_; absl::optional config_info_; std::set resource_ids_in_last_update_; bool vhds_configuration_changed_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/router.cc ================================================ #include "common/router/router.h" #include #include #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/grpc/status.h" #include "envoy/http/conn_pool.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/scope_tracker.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/grpc/common.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/network/application_protocol.h" #include "common/network/transport_socket_options_impl.h" #include "common/network/upstream_server_name.h" #include "common/network/upstream_subject_alt_names.h" #include "common/router/config_impl.h" #include "common/router/debug_config.h" #include "common/router/retry_state_impl.h" #include "common/router/upstream_request.h" #include "common/runtime/runtime_features.h" #include "common/runtime/runtime_impl.h" #include "common/stream_info/uint32_accessor_impl.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Router { namespace { constexpr char NumInternalRedirectsFilterStateName[] = "num_internal_redirects"; uint32_t getLength(const Buffer::Instance* instance) { return instance ? instance->length() : 0; } bool schemeIsHttp(const Http::RequestHeaderMap& downstream_headers, const Network::Connection& connection) { if (downstream_headers.getForwardedProtoValue() == Http::Headers::get().SchemeValues.Http) { return true; } if (!connection.ssl()) { return true; } return false; } constexpr uint64_t TimeoutPrecisionFactor = 100; } // namespace // Express percentage as [0, TimeoutPrecisionFactor] because stats do not accept floating point // values, and getting multiple significant figures on the histogram would be nice. uint64_t FilterUtility::percentageOfTimeout(const std::chrono::milliseconds response_time, const std::chrono::milliseconds timeout) { // Timeouts of 0 are considered infinite. Any portion of an infinite timeout used is still // none of it. if (timeout.count() == 0) { return 0; } return static_cast(response_time.count() * TimeoutPrecisionFactor / timeout.count()); } void FilterUtility::setUpstreamScheme(Http::RequestHeaderMap& headers, bool use_secure_transport) { if (use_secure_transport) { headers.setReferenceScheme(Http::Headers::get().SchemeValues.Https); } else { headers.setReferenceScheme(Http::Headers::get().SchemeValues.Http); } } bool FilterUtility::shouldShadow(const ShadowPolicy& policy, Runtime::Loader& runtime, uint64_t stable_random) { if (policy.cluster().empty()) { return false; } if (policy.defaultValue().numerator() > 0) { return runtime.snapshot().featureEnabled(policy.runtimeKey(), policy.defaultValue(), stable_random); } if (!policy.runtimeKey().empty() && !runtime.snapshot().featureEnabled(policy.runtimeKey(), 0, stable_random, 10000UL)) { return false; } return true; } FilterUtility::TimeoutData FilterUtility::finalTimeout(const RouteEntry& route, Http::RequestHeaderMap& request_headers, bool insert_envoy_expected_request_timeout_ms, bool grpc_request, bool per_try_timeout_hedging_enabled, bool respect_expected_rq_timeout) { // See if there is a user supplied timeout in a request header. If there is we take that. // Otherwise if the request is gRPC and a maximum gRPC timeout is configured we use the timeout // in the gRPC headers (or infinity when gRPC headers have no timeout), but cap that timeout to // the configured maximum gRPC timeout (which may also be infinity, represented by a 0 value), // or the default from the route config otherwise. TimeoutData timeout; if (grpc_request && route.maxGrpcTimeout()) { const std::chrono::milliseconds max_grpc_timeout = route.maxGrpcTimeout().value(); auto header_timeout = Grpc::Common::getGrpcTimeout(request_headers); std::chrono::milliseconds grpc_timeout = header_timeout ? header_timeout.value() : std::chrono::milliseconds(0); if (route.grpcTimeoutOffset()) { // We only apply the offset if it won't result in grpc_timeout hitting 0 or below, as // setting it to 0 means infinity and a negative timeout makes no sense. const auto offset = *route.grpcTimeoutOffset(); if (offset < grpc_timeout) { grpc_timeout -= offset; } } // Cap gRPC timeout to the configured maximum considering that 0 means infinity. if (max_grpc_timeout != std::chrono::milliseconds(0) && (grpc_timeout == std::chrono::milliseconds(0) || grpc_timeout > max_grpc_timeout)) { grpc_timeout = max_grpc_timeout; } timeout.global_timeout_ = grpc_timeout; } else { timeout.global_timeout_ = route.timeout(); } timeout.per_try_timeout_ = route.retryPolicy().perTryTimeout(); uint64_t header_timeout; if (respect_expected_rq_timeout) { // Check if there is timeout set by egress Envoy. // If present, use that value as route timeout and don't override // *x-envoy-expected-rq-timeout-ms* header. At this point *x-envoy-upstream-rq-timeout-ms* // header should have been sanitized by egress Envoy. const Http::HeaderEntry* header_expected_timeout_entry = request_headers.EnvoyExpectedRequestTimeoutMs(); if (header_expected_timeout_entry) { trySetGlobalTimeout(header_expected_timeout_entry, timeout); } else { const Http::HeaderEntry* header_timeout_entry = request_headers.EnvoyUpstreamRequestTimeoutMs(); if (trySetGlobalTimeout(header_timeout_entry, timeout)) { request_headers.removeEnvoyUpstreamRequestTimeoutMs(); } } } else { const Http::HeaderEntry* header_timeout_entry = request_headers.EnvoyUpstreamRequestTimeoutMs(); if (trySetGlobalTimeout(header_timeout_entry, timeout)) { request_headers.removeEnvoyUpstreamRequestTimeoutMs(); } } // See if there is a per try/retry timeout. If it's >= global we just ignore it. const absl::string_view per_try_timeout_entry = request_headers.getEnvoyUpstreamRequestPerTryTimeoutMsValue(); if (!per_try_timeout_entry.empty()) { if (absl::SimpleAtoi(per_try_timeout_entry, &header_timeout)) { timeout.per_try_timeout_ = std::chrono::milliseconds(header_timeout); } request_headers.removeEnvoyUpstreamRequestPerTryTimeoutMs(); } if (timeout.per_try_timeout_ >= timeout.global_timeout_ && timeout.global_timeout_.count() != 0) { timeout.per_try_timeout_ = std::chrono::milliseconds(0); } // See if there is any timeout to write in the expected timeout header. uint64_t expected_timeout = timeout.per_try_timeout_.count(); // Use the global timeout if no per try timeout was specified or if we're // doing hedging when there are per try timeouts. Either of these scenarios // mean that the upstream server can use the full global timeout. if (per_try_timeout_hedging_enabled || expected_timeout == 0) { expected_timeout = timeout.global_timeout_.count(); } if (insert_envoy_expected_request_timeout_ms && expected_timeout > 0) { request_headers.setEnvoyExpectedRequestTimeoutMs(expected_timeout); } // If we've configured max_grpc_timeout, override the grpc-timeout header with // the expected timeout. This ensures that the optional per try timeout is reflected // in grpc-timeout, ensuring that the upstream gRPC server is aware of the actual timeout. // If the expected timeout is 0 set no timeout, as Envoy treats 0 as infinite timeout. if (grpc_request && route.maxGrpcTimeout() && expected_timeout != 0) { Grpc::Common::toGrpcTimeout(std::chrono::milliseconds(expected_timeout), request_headers); } return timeout; } bool FilterUtility::trySetGlobalTimeout(const Http::HeaderEntry* header_timeout_entry, TimeoutData& timeout) { if (header_timeout_entry) { uint64_t header_timeout; if (absl::SimpleAtoi(header_timeout_entry->value().getStringView(), &header_timeout)) { timeout.global_timeout_ = std::chrono::milliseconds(header_timeout); } return true; } return false; } FilterUtility::HedgingParams FilterUtility::finalHedgingParams(const RouteEntry& route, Http::RequestHeaderMap& request_headers) { HedgingParams hedging_params; hedging_params.hedge_on_per_try_timeout_ = route.hedgePolicy().hedgeOnPerTryTimeout(); const Http::HeaderEntry* hedge_on_per_try_timeout_entry = request_headers.EnvoyHedgeOnPerTryTimeout(); if (hedge_on_per_try_timeout_entry) { if (hedge_on_per_try_timeout_entry->value() == "true") { hedging_params.hedge_on_per_try_timeout_ = true; } if (hedge_on_per_try_timeout_entry->value() == "false") { hedging_params.hedge_on_per_try_timeout_ = false; } request_headers.removeEnvoyHedgeOnPerTryTimeout(); } return hedging_params; } Filter::~Filter() { // Upstream resources should already have been cleaned. ASSERT(upstream_requests_.empty()); ASSERT(!retry_state_); } const FilterUtility::StrictHeaderChecker::HeaderCheckResult FilterUtility::StrictHeaderChecker::checkHeader(Http::RequestHeaderMap& headers, const Http::LowerCaseString& target_header) { if (target_header == Http::Headers::get().EnvoyUpstreamRequestTimeoutMs) { return isInteger(headers.EnvoyUpstreamRequestTimeoutMs()); } else if (target_header == Http::Headers::get().EnvoyUpstreamRequestPerTryTimeoutMs) { return isInteger(headers.EnvoyUpstreamRequestPerTryTimeoutMs()); } else if (target_header == Http::Headers::get().EnvoyMaxRetries) { return isInteger(headers.EnvoyMaxRetries()); } else if (target_header == Http::Headers::get().EnvoyRetryOn) { return hasValidRetryFields(headers.EnvoyRetryOn(), &Router::RetryStateImpl::parseRetryOn); } else if (target_header == Http::Headers::get().EnvoyRetryGrpcOn) { return hasValidRetryFields(headers.EnvoyRetryGrpcOn(), &Router::RetryStateImpl::parseRetryGrpcOn); } // Should only validate headers for which we have implemented a validator. NOT_REACHED_GCOVR_EXCL_LINE; } Stats::StatName Filter::upstreamZone(Upstream::HostDescriptionConstSharedPtr upstream_host) { return upstream_host ? upstream_host->localityZoneStatName() : config_.empty_stat_name_; } void Filter::chargeUpstreamCode(uint64_t response_status_code, const Http::ResponseHeaderMap& response_headers, Upstream::HostDescriptionConstSharedPtr upstream_host, bool dropped) { // Passing the response_status_code explicitly is an optimization to avoid // multiple calls to slow Http::Utility::getResponseStatus. ASSERT(response_status_code == Http::Utility::getResponseStatus(response_headers)); if (config_.emit_dynamic_stats_ && !callbacks_->streamInfo().healthCheck()) { const Http::HeaderEntry* upstream_canary_header = response_headers.EnvoyUpstreamCanary(); const bool is_canary = (upstream_canary_header && upstream_canary_header->value() == "true") || (upstream_host ? upstream_host->canary() : false); const bool internal_request = Http::HeaderUtility::isEnvoyInternalRequest(*downstream_headers_); Stats::StatName upstream_zone = upstreamZone(upstream_host); Http::CodeStats::ResponseStatInfo info{config_.scope_, cluster_->statsScope(), config_.empty_stat_name_, response_status_code, internal_request, route_entry_->virtualHost().statName(), request_vcluster_ ? request_vcluster_->statName() : config_.empty_stat_name_, config_.zone_name_, upstream_zone, is_canary}; Http::CodeStats& code_stats = httpContext().codeStats(); code_stats.chargeResponseStat(info); if (alt_stat_prefix_ != nullptr) { Http::CodeStats::ResponseStatInfo alt_info{config_.scope_, cluster_->statsScope(), alt_stat_prefix_->statName(), response_status_code, internal_request, config_.empty_stat_name_, config_.empty_stat_name_, config_.zone_name_, upstream_zone, is_canary}; code_stats.chargeResponseStat(alt_info); } if (dropped) { cluster_->loadReportStats().upstream_rq_dropped_.inc(); } if (upstream_host && Http::CodeUtility::is5xx(response_status_code)) { upstream_host->stats().rq_error_.inc(); } } } void Filter::chargeUpstreamCode(Http::Code code, Upstream::HostDescriptionConstSharedPtr upstream_host, bool dropped) { const uint64_t response_status_code = enumToInt(code); const auto fake_response_headers = Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(response_status_code)}}); chargeUpstreamCode(response_status_code, *fake_response_headers, upstream_host, dropped); } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { // Do a common header check. We make sure that all outgoing requests have all HTTP/2 headers. // These get stripped by HTTP/1 codec where applicable. ASSERT(headers.Method()); ASSERT(headers.Host()); downstream_headers_ = &headers; // Extract debug configuration from filter state. This is used further along to determine whether // we should append cluster and host headers to the response, and whether to forward the request // upstream. const StreamInfo::FilterStateSharedPtr& filter_state = callbacks_->streamInfo().filterState(); const DebugConfig* debug_config = filter_state->hasData(DebugConfig::key()) ? &(filter_state->getDataReadOnly(DebugConfig::key())) : nullptr; // TODO: Maybe add a filter API for this. grpc_request_ = Grpc::Common::isGrpcRequestHeaders(headers); // Only increment rq total stat if we actually decode headers here. This does not count requests // that get handled by earlier filters. config_.stats_.rq_total_.inc(); // Initialize the `modify_headers` function as a no-op (so we don't have to remember to check it // against nullptr before calling it), and feed it behavior later if/when we have cluster info // headers to append. std::function modify_headers = [](Http::ResponseHeaderMap&) {}; // Determine if there is a route entry or a direct response for the request. route_ = callbacks_->route(); if (!route_) { config_.stats_.no_route_.inc(); ENVOY_STREAM_LOG(debug, "no cluster match for URL '{}'", *callbacks_, headers.getPathValue()); callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); callbacks_->sendLocalReply(Http::Code::NotFound, "", modify_headers, absl::nullopt, StreamInfo::ResponseCodeDetails::get().RouteNotFound); return Http::FilterHeadersStatus::StopIteration; } // Determine if there is a direct response for the request. const auto* direct_response = route_->directResponseEntry(); if (direct_response != nullptr) { config_.stats_.rq_direct_response_.inc(); direct_response->rewritePathHeader(headers, !config_.suppress_envoy_headers_); callbacks_->sendLocalReply( direct_response->responseCode(), direct_response->responseBody(), [this, direct_response, &request_headers = headers](Http::ResponseHeaderMap& response_headers) -> void { std::string new_path; if (request_headers.Path()) { new_path = direct_response->newPath(request_headers); } // See https://tools.ietf.org/html/rfc7231#section-7.1.2. const auto add_location = direct_response->responseCode() == Http::Code::Created || Http::CodeUtility::is3xx(enumToInt(direct_response->responseCode())); if (!new_path.empty() && add_location) { response_headers.addReferenceKey(Http::Headers::get().Location, new_path); } direct_response->finalizeResponseHeaders(response_headers, callbacks_->streamInfo()); }, absl::nullopt, StreamInfo::ResponseCodeDetails::get().DirectResponse); callbacks_->streamInfo().setRouteName(direct_response->routeName()); return Http::FilterHeadersStatus::StopIteration; } // A route entry matches for the request. route_entry_ = route_->routeEntry(); // If there's a route specific limit and it's smaller than general downstream // limits, apply the new cap. retry_shadow_buffer_limit_ = std::min(retry_shadow_buffer_limit_, route_entry_->retryShadowBufferLimit()); callbacks_->streamInfo().setRouteName(route_entry_->routeName()); if (debug_config && debug_config->append_cluster_) { // The cluster name will be appended to any local or upstream responses from this point. modify_headers = [this, debug_config](Http::ResponseHeaderMap& headers) { headers.addCopy(debug_config->cluster_header_.value_or(Http::Headers::get().EnvoyCluster), route_entry_->clusterName()); }; } Upstream::ThreadLocalCluster* cluster = config_.cm_.get(route_entry_->clusterName()); if (!cluster) { config_.stats_.no_cluster_.inc(); ENVOY_STREAM_LOG(debug, "unknown cluster '{}'", *callbacks_, route_entry_->clusterName()); callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); callbacks_->sendLocalReply(route_entry_->clusterNotFoundResponseCode(), "", modify_headers, absl::nullopt, StreamInfo::ResponseCodeDetails::get().ClusterNotFound); return Http::FilterHeadersStatus::StopIteration; } cluster_ = cluster->info(); // Set up stat prefixes, etc. request_vcluster_ = route_entry_->virtualCluster(headers); ENVOY_STREAM_LOG(debug, "cluster '{}' match for URL '{}'", *callbacks_, route_entry_->clusterName(), headers.getPathValue()); if (config_.strict_check_headers_ != nullptr) { for (const auto& header : *config_.strict_check_headers_) { const auto res = FilterUtility::StrictHeaderChecker::checkHeader(headers, header); if (!res.valid_) { callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::InvalidEnvoyRequestHeaders); const std::string body = fmt::format("invalid header '{}' with value '{}'", std::string(res.entry_->key().getStringView()), std::string(res.entry_->value().getStringView())); const std::string details = absl::StrCat(StreamInfo::ResponseCodeDetails::get().InvalidEnvoyRequestHeaders, "{", res.entry_->key().getStringView(), "}"); callbacks_->sendLocalReply(Http::Code::BadRequest, body, nullptr, absl::nullopt, details); return Http::FilterHeadersStatus::StopIteration; } } } const Http::HeaderEntry* request_alt_name = headers.EnvoyUpstreamAltStatName(); if (request_alt_name) { alt_stat_prefix_ = std::make_unique( request_alt_name->value().getStringView(), config_.scope_.symbolTable()); headers.removeEnvoyUpstreamAltStatName(); } // See if we are supposed to immediately kill some percentage of this cluster's traffic. if (cluster_->maintenanceMode()) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); chargeUpstreamCode(Http::Code::ServiceUnavailable, nullptr, true); callbacks_->sendLocalReply( Http::Code::ServiceUnavailable, "maintenance mode", [modify_headers, this](Http::ResponseHeaderMap& headers) { if (!config_.suppress_envoy_headers_) { headers.addReference(Http::Headers::get().EnvoyOverloaded, Http::Headers::get().EnvoyOverloadedValues.True); } // Note: append_cluster_info does not respect suppress_envoy_headers. modify_headers(headers); }, absl::nullopt, StreamInfo::ResponseCodeDetails::get().MaintenanceMode); cluster_->stats().upstream_rq_maintenance_mode_.inc(); return Http::FilterHeadersStatus::StopIteration; } // Fetch a connection pool for the upstream cluster. const auto& upstream_http_protocol_options = cluster_->upstreamHttpProtocolOptions(); if (upstream_http_protocol_options.has_value()) { const auto parsed_authority = Http::Utility::parseAuthority(headers.getHostValue()); if (!parsed_authority.is_ip_address_ && upstream_http_protocol_options.value().auto_sni()) { callbacks_->streamInfo().filterState()->setData( Network::UpstreamServerName::key(), std::make_unique(parsed_authority.host_), StreamInfo::FilterState::StateType::Mutable); } if (upstream_http_protocol_options.value().auto_san_validation()) { callbacks_->streamInfo().filterState()->setData( Network::UpstreamSubjectAltNames::key(), std::make_unique( std::vector{std::string(parsed_authority.host_)}), StreamInfo::FilterState::StateType::Mutable); } } transport_socket_options_ = Network::TransportSocketOptionsUtility::fromFilterState( *callbacks_->streamInfo().filterState()); std::unique_ptr generic_conn_pool = createConnPool(); if (!generic_conn_pool) { sendNoHealthyUpstreamResponse(); return Http::FilterHeadersStatus::StopIteration; } Upstream::HostDescriptionConstSharedPtr host = generic_conn_pool->host(); if (debug_config && debug_config->append_upstream_host_) { // The hostname and address will be appended to any local or upstream responses from this point, // possibly in addition to the cluster name. modify_headers = [modify_headers, debug_config, host](Http::ResponseHeaderMap& headers) { modify_headers(headers); headers.addCopy( debug_config->hostname_header_.value_or(Http::Headers::get().EnvoyUpstreamHostname), host->hostname()); headers.addCopy(debug_config->host_address_header_.value_or( Http::Headers::get().EnvoyUpstreamHostAddress), host->address()->asString()); }; } // If we've been instructed not to forward the request upstream, send an empty local response. if (debug_config && debug_config->do_not_forward_) { modify_headers = [modify_headers, debug_config](Http::ResponseHeaderMap& headers) { modify_headers(headers); headers.addCopy( debug_config->not_forwarded_header_.value_or(Http::Headers::get().EnvoyNotForwarded), "true"); }; callbacks_->sendLocalReply(Http::Code::NoContent, "", modify_headers, absl::nullopt, ""); return Http::FilterHeadersStatus::StopIteration; } hedging_params_ = FilterUtility::finalHedgingParams(*route_entry_, headers); timeout_ = FilterUtility::finalTimeout(*route_entry_, headers, !config_.suppress_envoy_headers_, grpc_request_, hedging_params_.hedge_on_per_try_timeout_, config_.respect_expected_rq_timeout_); // If this header is set with any value, use an alternate response code on timeout if (headers.EnvoyUpstreamRequestTimeoutAltResponse()) { timeout_response_code_ = Http::Code::NoContent; headers.removeEnvoyUpstreamRequestTimeoutAltResponse(); } include_attempt_count_in_request_ = route_entry_->includeAttemptCountInRequest(); if (include_attempt_count_in_request_) { headers.setEnvoyAttemptCount(attempt_count_); } // The router has reached a point where it is going to try to send a request upstream, // so now modify_headers should attach x-envoy-attempt-count to the downstream response if the // config flag is true. if (route_entry_->includeAttemptCountInResponse()) { modify_headers = [modify_headers, this](Http::ResponseHeaderMap& headers) { modify_headers(headers); // This header is added without checking for config_.suppress_envoy_headers_ to mirror what is // done for upstream requests. headers.setEnvoyAttemptCount(attempt_count_); }; } // Inject the active span's tracing context into the request headers. callbacks_->activeSpan().injectContext(headers); route_entry_->finalizeRequestHeaders(headers, callbacks_->streamInfo(), !config_.suppress_envoy_headers_); FilterUtility::setUpstreamScheme(headers, host->transportSocketFactory().implementsSecureTransport()); // Ensure an http transport scheme is selected before continuing with decoding. ASSERT(headers.Scheme()); retry_state_ = createRetryState( route_entry_->retryPolicy(), headers, *cluster_, request_vcluster_, config_.runtime_, config_.random_, callbacks_->dispatcher(), config_.timeSource(), route_entry_->priority()); // Determine which shadow policies to use. It's possible that we don't do any shadowing due to // runtime keys. for (const auto& shadow_policy : route_entry_->shadowPolicies()) { const auto& policy_ref = *shadow_policy; if (FilterUtility::shouldShadow(policy_ref, config_.runtime_, callbacks_->streamId())) { active_shadow_policies_.push_back(std::cref(policy_ref)); } } ENVOY_STREAM_LOG(debug, "router decoding headers:\n{}", *callbacks_, headers); // Hang onto the modify_headers function for later use in handling upstream responses. modify_headers_ = modify_headers; UpstreamRequestPtr upstream_request = std::make_unique(*this, std::move(generic_conn_pool)); LinkedList::moveIntoList(std::move(upstream_request), upstream_requests_); upstream_requests_.front()->encodeHeaders(end_stream); if (end_stream) { onRequestComplete(); } return Http::FilterHeadersStatus::StopIteration; } std::unique_ptr Filter::createConnPool() { GenericConnPoolFactory* factory = nullptr; if (cluster_->upstreamConfig().has_value()) { factory = &Envoy::Config::Utility::getAndCheckFactory( cluster_->upstreamConfig().value()); } else { factory = &Envoy::Config::Utility::getAndCheckFactoryByName( "envoy.filters.connection_pools.http.generic"); } const bool should_tcp_proxy = route_entry_->connectConfig().has_value() && downstream_headers_->getMethodValue() == Http::Headers::get().MethodValues.Connect; return factory->createGenericConnPool(config_.cm_, should_tcp_proxy, *route_entry_, callbacks_->streamInfo().protocol(), this); } void Filter::sendNoHealthyUpstreamResponse() { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoHealthyUpstream); chargeUpstreamCode(Http::Code::ServiceUnavailable, nullptr, false); callbacks_->sendLocalReply(Http::Code::ServiceUnavailable, "no healthy upstream", modify_headers_, absl::nullopt, StreamInfo::ResponseCodeDetails::get().NoHealthyUpstream); } Http::FilterDataStatus Filter::decodeData(Buffer::Instance& data, bool end_stream) { // upstream_requests_.size() cannot be > 1 because that only happens when a per // try timeout occurs with hedge_on_per_try_timeout enabled but the per // try timeout timer is not started until onRequestComplete(). It could be zero // if the first request attempt has already failed and a retry is waiting for // a backoff timer. ASSERT(upstream_requests_.size() <= 1); bool buffering = (retry_state_ && retry_state_->enabled()) || !active_shadow_policies_.empty(); if (buffering && getLength(callbacks_->decodingBuffer()) + data.length() > retry_shadow_buffer_limit_) { // The request is larger than we should buffer. Give up on the retry/shadow cluster_->stats().retry_or_shadow_abandoned_.inc(); retry_state_.reset(); buffering = false; active_shadow_policies_.clear(); // If we had to abandon buffering and there's no request in progress, abort the request and // clean up. This happens if the initial upstream request failed, and we are currently waiting // for a backoff timer before starting the next upstream attempt. if (upstream_requests_.empty()) { cleanup(); callbacks_->sendLocalReply( Http::Code::InsufficientStorage, "exceeded request buffer limit while retrying upstream", modify_headers_, absl::nullopt, StreamInfo::ResponseCodeDetails::get().RequestPayloadExceededRetryBufferLimit); return Http::FilterDataStatus::StopIterationNoBuffer; } } // If we aren't buffering and there is no active request, an abort should have occurred // already. ASSERT(buffering || !upstream_requests_.empty()); if (buffering) { // If we are going to buffer for retries or shadowing, we need to make a copy before encoding // since it's all moves from here on. if (!upstream_requests_.empty()) { Buffer::OwnedImpl copy(data); upstream_requests_.front()->encodeData(copy, end_stream); } // If we are potentially going to retry or shadow this request we need to buffer. // This will not cause the connection manager to 413 because before we hit the // buffer limit we give up on retries and buffering. We must buffer using addDecodedData() // so that all buffered data is available by the time we do request complete processing and // potentially shadow. callbacks_->addDecodedData(data, true); } else { upstream_requests_.front()->encodeData(data, end_stream); } if (end_stream) { onRequestComplete(); } return Http::FilterDataStatus::StopIterationNoBuffer; } Http::FilterTrailersStatus Filter::decodeTrailers(Http::RequestTrailerMap& trailers) { ENVOY_STREAM_LOG(debug, "router decoding trailers:\n{}", *callbacks_, trailers); // upstream_requests_.size() cannot be > 1 because that only happens when a per // try timeout occurs with hedge_on_per_try_timeout enabled but the per // try timeout timer is not started until onRequestComplete(). It could be zero // if the first request attempt has already failed and a retry is waiting for // a backoff timer. ASSERT(upstream_requests_.size() <= 1); downstream_trailers_ = &trailers; for (auto& upstream_request : upstream_requests_) { upstream_request->encodeTrailers(trailers); } onRequestComplete(); return Http::FilterTrailersStatus::StopIteration; } Http::FilterMetadataStatus Filter::decodeMetadata(Http::MetadataMap& metadata_map) { Http::MetadataMapPtr metadata_map_ptr = std::make_unique(metadata_map); if (!upstream_requests_.empty()) { // TODO(soya3129): Save metadata for retry, redirect and shadowing case. upstream_requests_.front()->encodeMetadata(std::move(metadata_map_ptr)); } return Http::FilterMetadataStatus::Continue; } void Filter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; // As the decoder filter only pushes back via watermarks once data has reached // it, it can latch the current buffer limit and does not need to update the // limit if another filter increases it. // // The default is "do not limit". If there are configured (non-zero) buffer // limits, apply them here. if (callbacks_->decoderBufferLimit() != 0) { retry_shadow_buffer_limit_ = callbacks_->decoderBufferLimit(); } } void Filter::cleanup() { // All callers of cleanup() should have cleaned out the upstream_requests_ // list as appropriate. ASSERT(upstream_requests_.empty()); retry_state_.reset(); if (response_timeout_) { response_timeout_->disableTimer(); response_timeout_.reset(); } } void Filter::maybeDoShadowing() { for (const auto& shadow_policy_wrapper : active_shadow_policies_) { const auto& shadow_policy = shadow_policy_wrapper.get(); ASSERT(!shadow_policy.cluster().empty()); Http::RequestMessagePtr request(new Http::RequestMessageImpl( Http::createHeaderMap(*downstream_headers_))); if (callbacks_->decodingBuffer()) { request->body().add(*callbacks_->decodingBuffer()); } if (downstream_trailers_) { request->trailers(Http::createHeaderMap(*downstream_trailers_)); } auto options = Http::AsyncClient::RequestOptions() .setTimeout(timeout_.global_timeout_) .setParentSpan(callbacks_->activeSpan()) .setChildSpanName("mirror") .setSampled(shadow_policy.traceSampled()); config_.shadowWriter().shadow(shadow_policy.cluster(), std::move(request), options); } } void Filter::onRequestComplete() { // This should be called exactly once, when the downstream request has been received in full. ASSERT(!downstream_end_stream_); downstream_end_stream_ = true; Event::Dispatcher& dispatcher = callbacks_->dispatcher(); downstream_request_complete_time_ = dispatcher.timeSource().monotonicTime(); // Possible that we got an immediate reset. if (!upstream_requests_.empty()) { // Even if we got an immediate reset, we could still shadow, but that is a riskier change and // seems unnecessary right now. maybeDoShadowing(); if (timeout_.global_timeout_.count() > 0) { response_timeout_ = dispatcher.createTimer([this]() -> void { onResponseTimeout(); }); response_timeout_->enableTimer(timeout_.global_timeout_); } for (auto& upstream_request : upstream_requests_) { if (upstream_request->createPerTryTimeoutOnRequestComplete()) { upstream_request->setupPerTryTimeout(); } } } } void Filter::onDestroy() { // Reset any in-flight upstream requests. resetAll(); cleanup(); } void Filter::onResponseTimeout() { ENVOY_STREAM_LOG(debug, "upstream timeout", *callbacks_); // If we had an upstream request that got a "good" response, save its // upstream timing information into the downstream stream info. if (final_upstream_request_) { callbacks_->streamInfo().setUpstreamTiming(final_upstream_request_->upstreamTiming()); } // Reset any upstream requests that are still in flight. while (!upstream_requests_.empty()) { UpstreamRequestPtr upstream_request = upstream_requests_.back()->removeFromList(upstream_requests_); // Don't do work for upstream requests we've already seen headers for. if (upstream_request->awaitingHeaders()) { cluster_->stats().upstream_rq_timeout_.inc(); if (request_vcluster_) { request_vcluster_->stats().upstream_rq_timeout_.inc(); } if (cluster_->timeoutBudgetStats().has_value()) { // Cancel firing per-try timeout information, because the per-try timeout did not come into // play when the global timeout was hit. upstream_request->recordTimeoutBudget(false); } if (upstream_request->upstreamHost()) { upstream_request->upstreamHost()->stats().rq_timeout_.inc(); } // If this upstream request already hit a "soft" timeout, then it // already recorded a timeout into outlier detection. Don't do it again. if (!upstream_request->outlierDetectionTimeoutRecorded()) { updateOutlierDetection(Upstream::Outlier::Result::LocalOriginTimeout, *upstream_request, absl::optional(enumToInt(timeout_response_code_))); } chargeUpstreamAbort(timeout_response_code_, false, *upstream_request); } upstream_request->resetStream(); } onUpstreamTimeoutAbort(StreamInfo::ResponseFlag::UpstreamRequestTimeout, StreamInfo::ResponseCodeDetails::get().UpstreamTimeout); } // Called when the per try timeout is hit but we didn't reset the request // (hedge_on_per_try_timeout enabled). void Filter::onSoftPerTryTimeout(UpstreamRequest& upstream_request) { // Track this as a timeout for outlier detection purposes even though we didn't // cancel the request yet and might get a 2xx later. updateOutlierDetection(Upstream::Outlier::Result::LocalOriginTimeout, upstream_request, absl::optional(enumToInt(timeout_response_code_))); upstream_request.outlierDetectionTimeoutRecorded(true); if (!downstream_response_started_ && retry_state_) { RetryStatus retry_status = retry_state_->shouldHedgeRetryPerTryTimeout([this]() -> void { doRetry(); }); if (retry_status == RetryStatus::Yes) { pending_retries_++; // Don't increment upstream_host->stats().rq_error_ here, we'll do that // later if 1) we hit global timeout or 2) we get bad response headers // back. upstream_request.retried(true); // TODO: cluster stat for hedge attempted. } else if (retry_status == RetryStatus::NoOverflow) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); } else if (retry_status == RetryStatus::NoRetryLimitExceeded) { callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded); } } } void Filter::onPerTryTimeout(UpstreamRequest& upstream_request) { if (hedging_params_.hedge_on_per_try_timeout_) { onSoftPerTryTimeout(upstream_request); return; } cluster_->stats().upstream_rq_per_try_timeout_.inc(); if (upstream_request.upstreamHost()) { upstream_request.upstreamHost()->stats().rq_timeout_.inc(); } upstream_request.resetStream(); updateOutlierDetection(Upstream::Outlier::Result::LocalOriginTimeout, upstream_request, absl::optional(enumToInt(timeout_response_code_))); if (maybeRetryReset(Http::StreamResetReason::LocalReset, upstream_request)) { return; } chargeUpstreamAbort(timeout_response_code_, false, upstream_request); // Remove this upstream request from the list now that we're done with it. upstream_request.removeFromList(upstream_requests_); onUpstreamTimeoutAbort(StreamInfo::ResponseFlag::UpstreamRequestTimeout, StreamInfo::ResponseCodeDetails::get().UpstreamPerTryTimeout); } void Filter::onStreamMaxDurationReached(UpstreamRequest& upstream_request) { upstream_request.resetStream(); if (maybeRetryReset(Http::StreamResetReason::LocalReset, upstream_request)) { return; } upstream_request.removeFromList(upstream_requests_); cleanup(); if (downstream_response_started_ && !Runtime::runtimeFeatureEnabled("envoy.reloadable_features.allow_500_after_100")) { callbacks_->streamInfo().setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().UpstreamMaxStreamDurationReached); callbacks_->resetStream(); } else { callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::UpstreamMaxStreamDurationReached); // sendLocalReply may instead reset the stream if downstream_response_started_ is true. callbacks_->sendLocalReply( Http::Code::RequestTimeout, "upstream max stream duration reached", modify_headers_, absl::nullopt, StreamInfo::ResponseCodeDetails::get().UpstreamMaxStreamDurationReached); } } void Filter::updateOutlierDetection(Upstream::Outlier::Result result, UpstreamRequest& upstream_request, absl::optional code) { if (upstream_request.upstreamHost()) { upstream_request.upstreamHost()->outlierDetector().putResult(result, code); } } void Filter::chargeUpstreamAbort(Http::Code code, bool dropped, UpstreamRequest& upstream_request) { if (downstream_response_started_) { if (upstream_request.grpcRqSuccessDeferred()) { upstream_request.upstreamHost()->stats().rq_error_.inc(); config_.stats_.rq_reset_after_downstream_response_started_.inc(); } } else { Upstream::HostDescriptionConstSharedPtr upstream_host = upstream_request.upstreamHost(); chargeUpstreamCode(code, upstream_host, dropped); // If we had non-5xx but still have been reset by backend or timeout before // starting response, we treat this as an error. We only get non-5xx when // timeout_response_code_ is used for code above, where this member can // assume values such as 204 (NoContent). if (upstream_host != nullptr && !Http::CodeUtility::is5xx(enumToInt(code))) { upstream_host->stats().rq_error_.inc(); } } } void Filter::onUpstreamTimeoutAbort(StreamInfo::ResponseFlag response_flags, absl::string_view details) { Upstream::ClusterTimeoutBudgetStatsOptRef tb_stats = cluster()->timeoutBudgetStats(); if (tb_stats.has_value()) { Event::Dispatcher& dispatcher = callbacks_->dispatcher(); std::chrono::milliseconds response_time = std::chrono::duration_cast( dispatcher.timeSource().monotonicTime() - downstream_request_complete_time_); tb_stats->get().upstream_rq_timeout_budget_percent_used_.recordValue( FilterUtility::percentageOfTimeout(response_time, timeout_.global_timeout_)); } const absl::string_view body = timeout_response_code_ == Http::Code::GatewayTimeout ? "upstream request timeout" : ""; onUpstreamAbort(timeout_response_code_, response_flags, body, false, details); } void Filter::onUpstreamAbort(Http::Code code, StreamInfo::ResponseFlag response_flags, absl::string_view body, bool dropped, absl::string_view details) { // If we have not yet sent anything downstream, send a response with an appropriate status code. // Otherwise just reset the ongoing response. if (downstream_response_started_ && !Runtime::runtimeFeatureEnabled("envoy.reloadable_features.allow_500_after_100")) { // This will destroy any created retry timers. callbacks_->streamInfo().setResponseCodeDetails(details); cleanup(); callbacks_->resetStream(); } else { // This will destroy any created retry timers. cleanup(); callbacks_->streamInfo().setResponseFlag(response_flags); // sendLocalReply may instead reset the stream if downstream_response_started_ is true. callbacks_->sendLocalReply( code, body, [dropped, this](Http::ResponseHeaderMap& headers) { if (dropped && !config_.suppress_envoy_headers_) { headers.addReference(Http::Headers::get().EnvoyOverloaded, Http::Headers::get().EnvoyOverloadedValues.True); } modify_headers_(headers); }, absl::nullopt, details); } } bool Filter::maybeRetryReset(Http::StreamResetReason reset_reason, UpstreamRequest& upstream_request) { // We don't retry if we already started the response, don't have a retry policy defined, // or if we've already retried this upstream request (currently only possible if a per // try timeout occurred and hedge_on_per_try_timeout is enabled). if (downstream_response_started_ || !retry_state_ || upstream_request.retried()) { return false; } const RetryStatus retry_status = retry_state_->shouldRetryReset(reset_reason, [this]() -> void { doRetry(); }); if (retry_status == RetryStatus::Yes) { pending_retries_++; if (upstream_request.upstreamHost()) { upstream_request.upstreamHost()->stats().rq_error_.inc(); } upstream_request.removeFromList(upstream_requests_); return true; } else if (retry_status == RetryStatus::NoOverflow) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); } else if (retry_status == RetryStatus::NoRetryLimitExceeded) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded); } return false; } void Filter::onUpstreamReset(Http::StreamResetReason reset_reason, absl::string_view transport_failure_reason, UpstreamRequest& upstream_request) { ENVOY_STREAM_LOG(debug, "upstream reset: reset reason: {}, transport failure reason: {}", *callbacks_, Http::Utility::resetReasonToString(reset_reason), transport_failure_reason); // TODO: The reset may also come from upstream over the wire. In this case it should be // treated as external origin error and distinguished from local origin error. // This matters only when running OutlierDetection with split_external_local_origin_errors // config param set to true. updateOutlierDetection(Upstream::Outlier::Result::LocalOriginConnectFailed, upstream_request, absl::nullopt); if (maybeRetryReset(reset_reason, upstream_request)) { return; } const bool dropped = reset_reason == Http::StreamResetReason::Overflow; chargeUpstreamAbort(Http::Code::ServiceUnavailable, dropped, upstream_request); upstream_request.removeFromList(upstream_requests_); // If there are other in-flight requests that might see an upstream response, // don't return anything downstream. if (numRequestsAwaitingHeaders() > 0 || pending_retries_ > 0) { return; } const StreamInfo::ResponseFlag response_flags = streamResetReasonToResponseFlag(reset_reason); const std::string body = absl::StrCat("upstream connect error or disconnect/reset before headers. reset reason: ", Http::Utility::resetReasonToString(reset_reason), Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http_transport_failure_reason_in_body") && !transport_failure_reason.empty() ? ", transport failure reason: " : "", transport_failure_reason); callbacks_->streamInfo().setUpstreamTransportFailureReason(transport_failure_reason); const std::string& basic_details = downstream_response_started_ ? StreamInfo::ResponseCodeDetails::get().LateUpstreamReset : StreamInfo::ResponseCodeDetails::get().EarlyUpstreamReset; const std::string details = absl::StrCat( basic_details, "{", Http::Utility::resetReasonToString(reset_reason), transport_failure_reason.empty() ? "" : absl::StrCat(",", transport_failure_reason), "}"); onUpstreamAbort(Http::Code::ServiceUnavailable, response_flags, body, dropped, details); } void Filter::onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) { if (retry_state_ && host) { retry_state_->onHostAttempted(host); } } StreamInfo::ResponseFlag Filter::streamResetReasonToResponseFlag(Http::StreamResetReason reset_reason) { switch (reset_reason) { case Http::StreamResetReason::ConnectionFailure: return StreamInfo::ResponseFlag::UpstreamConnectionFailure; case Http::StreamResetReason::ConnectionTermination: return StreamInfo::ResponseFlag::UpstreamConnectionTermination; case Http::StreamResetReason::LocalReset: case Http::StreamResetReason::LocalRefusedStreamReset: return StreamInfo::ResponseFlag::LocalReset; case Http::StreamResetReason::Overflow: return StreamInfo::ResponseFlag::UpstreamOverflow; case Http::StreamResetReason::RemoteReset: case Http::StreamResetReason::RemoteRefusedStreamReset: return StreamInfo::ResponseFlag::UpstreamRemoteReset; } NOT_REACHED_GCOVR_EXCL_LINE; } void Filter::handleNon5xxResponseHeaders(absl::optional grpc_status, UpstreamRequest& upstream_request, bool end_stream, uint64_t grpc_to_http_status) { // We need to defer gRPC success until after we have processed grpc-status in // the trailers. if (grpc_request_) { if (end_stream) { if (grpc_status && !Http::CodeUtility::is5xx(grpc_to_http_status)) { upstream_request.upstreamHost()->stats().rq_success_.inc(); } else { upstream_request.upstreamHost()->stats().rq_error_.inc(); } } else { upstream_request.grpcRqSuccessDeferred(true); } } else { upstream_request.upstreamHost()->stats().rq_success_.inc(); } } void Filter::onUpstream100ContinueHeaders(Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request) { chargeUpstreamCode(100, *headers, upstream_request.upstreamHost(), false); ENVOY_STREAM_LOG(debug, "upstream 100 continue", *callbacks_); downstream_response_started_ = true; final_upstream_request_ = &upstream_request; resetOtherUpstreams(upstream_request); // Don't send retries after 100-Continue has been sent on. Arguably we could attempt to do a // retry, assume the next upstream would also send an 100-Continue and swallow the second one // but it's sketchy (as the subsequent upstream might not send a 100-Continue) and not worth // the complexity until someone asks for it. retry_state_.reset(); // We coalesce 100-continue headers here, to prevent encoder filters and HCM from having to worry // about this. This is done in the router filter, rather than UpstreamRequest, since we want to // potentially coalesce across retries and multiple upstream requests in the future, even though // we currently don't support retry after 100. // It's plausible that this functionality might need to move to HCM in the future for internal // redirects, but we would need to maintain the "only call encode100ContinueHeaders() once" // invariant. if (!downstream_100_continue_headers_encoded_) { downstream_100_continue_headers_encoded_ = true; callbacks_->encode100ContinueHeaders(std::move(headers)); } } void Filter::resetAll() { while (!upstream_requests_.empty()) { upstream_requests_.back()->removeFromList(upstream_requests_)->resetStream(); } } void Filter::resetOtherUpstreams(UpstreamRequest& upstream_request) { // Pop each upstream request on the list and reset it if it's not the one // provided. At the end we'll move it back into the list. UpstreamRequestPtr final_upstream_request; while (!upstream_requests_.empty()) { UpstreamRequestPtr upstream_request_tmp = upstream_requests_.back()->removeFromList(upstream_requests_); if (upstream_request_tmp.get() != &upstream_request) { upstream_request_tmp->resetStream(); // TODO: per-host stat for hedge abandoned. // TODO: cluster stat for hedge abandoned. } else { final_upstream_request = std::move(upstream_request_tmp); } } ASSERT(final_upstream_request); // Now put the final request back on this list. LinkedList::moveIntoList(std::move(final_upstream_request), upstream_requests_); } void Filter::onUpstreamHeaders(uint64_t response_code, Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request, bool end_stream) { ENVOY_STREAM_LOG(debug, "upstream headers complete: end_stream={}", *callbacks_, end_stream); modify_headers_(*headers); // When grpc-status appears in response headers, convert grpc-status to HTTP status code // for outlier detection. This does not currently change any stats or logging and does not // handle the case when an error grpc-status is sent as a trailer. absl::optional grpc_status; uint64_t grpc_to_http_status = 0; if (grpc_request_) { grpc_status = Grpc::Common::getGrpcStatus(*headers); if (grpc_status.has_value()) { grpc_to_http_status = Grpc::Utility::grpcToHttpStatus(grpc_status.value()); } } if (grpc_status.has_value()) { upstream_request.upstreamHost()->outlierDetector().putHttpResponseCode(grpc_to_http_status); } else { upstream_request.upstreamHost()->outlierDetector().putHttpResponseCode(response_code); } if (headers->EnvoyImmediateHealthCheckFail() != nullptr) { upstream_request.upstreamHost()->healthChecker().setUnhealthy(); } bool could_not_retry = false; // Check if this upstream request was already retried, for instance after // hitting a per try timeout. Don't retry it if we already have. if (retry_state_) { if (upstream_request.retried()) { // We already retried this request (presumably for a per try timeout) so // we definitely won't retry it again. Check if we would have retried it // if we could. could_not_retry = retry_state_->wouldRetryFromHeaders(*headers); } else { const RetryStatus retry_status = retry_state_->shouldRetryHeaders(*headers, [this]() -> void { doRetry(); }); if (retry_status == RetryStatus::Yes) { pending_retries_++; upstream_request.upstreamHost()->stats().rq_error_.inc(); Http::CodeStats& code_stats = httpContext().codeStats(); code_stats.chargeBasicResponseStat(cluster_->statsScope(), config_.retry_, static_cast(response_code)); if (!end_stream || !upstream_request.encodeComplete()) { upstream_request.resetStream(); } upstream_request.removeFromList(upstream_requests_); return; } else if (retry_status == RetryStatus::NoOverflow) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); could_not_retry = true; } else if (retry_status == RetryStatus::NoRetryLimitExceeded) { callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded); could_not_retry = true; } } } if (route_entry_->internalRedirectPolicy().enabled() && route_entry_->internalRedirectPolicy().shouldRedirectForResponseCode( static_cast(response_code)) && setupRedirect(*headers, upstream_request)) { return; // If the redirect could not be handled, fail open and let it pass to the // next downstream. } // Check if we got a "bad" response, but there are still upstream requests in // flight awaiting headers or scheduled retries. If so, exit to give them a // chance to return before returning a response downstream. if (could_not_retry && (numRequestsAwaitingHeaders() > 0 || pending_retries_ > 0)) { upstream_request.upstreamHost()->stats().rq_error_.inc(); // Reset the stream because there are other in-flight requests that we'll // wait around for and we're not interested in consuming any body/trailers. upstream_request.removeFromList(upstream_requests_)->resetStream(); return; } // Make sure any retry timers are destroyed since we may not call cleanup() if end_stream is // false. if (retry_state_) { retry_state_.reset(); } // Only send upstream service time if we received the complete request and this is not a // premature response. if (DateUtil::timePointValid(downstream_request_complete_time_)) { Event::Dispatcher& dispatcher = callbacks_->dispatcher(); MonotonicTime response_received_time = dispatcher.timeSource().monotonicTime(); std::chrono::milliseconds ms = std::chrono::duration_cast( response_received_time - downstream_request_complete_time_); if (!config_.suppress_envoy_headers_) { headers->setEnvoyUpstreamServiceTime(ms.count()); } } upstream_request.upstreamCanary( (headers->EnvoyUpstreamCanary() && headers->EnvoyUpstreamCanary()->value() == "true") || upstream_request.upstreamHost()->canary()); chargeUpstreamCode(response_code, *headers, upstream_request.upstreamHost(), false); if (!Http::CodeUtility::is5xx(response_code)) { handleNon5xxResponseHeaders(grpc_status, upstream_request, end_stream, grpc_to_http_status); } // Append routing cookies for (const auto& header_value : downstream_set_cookies_) { headers->addReferenceKey(Http::Headers::get().SetCookie, header_value); } // TODO(zuercher): If access to response_headers_to_add (at any level) is ever needed outside // Router::Filter we'll need to find a better location for this work. One possibility is to // provide finalizeResponseHeaders functions on the Router::Config and VirtualHost interfaces. route_entry_->finalizeResponseHeaders(*headers, callbacks_->streamInfo()); downstream_response_started_ = true; final_upstream_request_ = &upstream_request; resetOtherUpstreams(upstream_request); if (end_stream) { onUpstreamComplete(upstream_request); } callbacks_->encodeHeaders(std::move(headers), end_stream, StreamInfo::ResponseCodeDetails::get().ViaUpstream); } void Filter::onUpstreamData(Buffer::Instance& data, UpstreamRequest& upstream_request, bool end_stream) { // This should be true because when we saw headers we either reset the stream // (hence wouldn't have made it to onUpstreamData) or all other in-flight // streams. ASSERT(upstream_requests_.size() == 1); if (end_stream) { // gRPC request termination without trailers is an error. if (upstream_request.grpcRqSuccessDeferred()) { upstream_request.upstreamHost()->stats().rq_error_.inc(); } onUpstreamComplete(upstream_request); } callbacks_->encodeData(data, end_stream); } void Filter::onUpstreamTrailers(Http::ResponseTrailerMapPtr&& trailers, UpstreamRequest& upstream_request) { // This should be true because when we saw headers we either reset the stream // (hence wouldn't have made it to onUpstreamTrailers) or all other in-flight // streams. ASSERT(upstream_requests_.size() == 1); if (upstream_request.grpcRqSuccessDeferred()) { absl::optional grpc_status = Grpc::Common::getGrpcStatus(*trailers); if (grpc_status && !Http::CodeUtility::is5xx(Grpc::Utility::grpcToHttpStatus(grpc_status.value()))) { upstream_request.upstreamHost()->stats().rq_success_.inc(); } else { upstream_request.upstreamHost()->stats().rq_error_.inc(); } } onUpstreamComplete(upstream_request); callbacks_->encodeTrailers(std::move(trailers)); } void Filter::onUpstreamMetadata(Http::MetadataMapPtr&& metadata_map) { callbacks_->encodeMetadata(std::move(metadata_map)); } void Filter::onUpstreamComplete(UpstreamRequest& upstream_request) { if (!downstream_end_stream_) { upstream_request.resetStream(); } callbacks_->streamInfo().setUpstreamTiming(final_upstream_request_->upstreamTiming()); Event::Dispatcher& dispatcher = callbacks_->dispatcher(); std::chrono::milliseconds response_time = std::chrono::duration_cast( dispatcher.timeSource().monotonicTime() - downstream_request_complete_time_); Upstream::ClusterTimeoutBudgetStatsOptRef tb_stats = cluster()->timeoutBudgetStats(); if (tb_stats.has_value()) { tb_stats->get().upstream_rq_timeout_budget_percent_used_.recordValue( FilterUtility::percentageOfTimeout(response_time, timeout_.global_timeout_)); } if (config_.emit_dynamic_stats_ && !callbacks_->streamInfo().healthCheck() && DateUtil::timePointValid(downstream_request_complete_time_)) { upstream_request.upstreamHost()->outlierDetector().putResponseTime(response_time); const bool internal_request = Http::HeaderUtility::isEnvoyInternalRequest(*downstream_headers_); Http::CodeStats& code_stats = httpContext().codeStats(); Http::CodeStats::ResponseTimingInfo info{config_.scope_, cluster_->statsScope(), config_.empty_stat_name_, response_time, upstream_request.upstreamCanary(), internal_request, route_entry_->virtualHost().statName(), request_vcluster_ ? request_vcluster_->statName() : config_.empty_stat_name_, config_.zone_name_, upstreamZone(upstream_request.upstreamHost())}; code_stats.chargeResponseTiming(info); if (alt_stat_prefix_ != nullptr) { Http::CodeStats::ResponseTimingInfo info{config_.scope_, cluster_->statsScope(), alt_stat_prefix_->statName(), response_time, upstream_request.upstreamCanary(), internal_request, config_.empty_stat_name_, config_.empty_stat_name_, config_.zone_name_, upstreamZone(upstream_request.upstreamHost())}; code_stats.chargeResponseTiming(info); } } upstream_request.removeFromList(upstream_requests_); cleanup(); } bool Filter::setupRedirect(const Http::ResponseHeaderMap& headers, UpstreamRequest& upstream_request) { ENVOY_STREAM_LOG(debug, "attempting internal redirect", *callbacks_); const Http::HeaderEntry* location = headers.Location(); // If the internal redirect succeeds, callbacks_->recreateStream() will result in the // destruction of this filter before the stream is marked as complete, and onDestroy will reset // the stream. // // Normally when a stream is complete we signal this by resetting the upstream but this cam not // be done in this case because if recreateStream fails, the "failure" path continues to call // code in onUpstreamHeaders which requires the upstream *not* be reset. To avoid onDestroy // performing a spurious stream reset in the case recreateStream() succeeds, we explicitly track // stream completion here and check it in onDestroy. This is annoyingly complicated but is // better than needlessly resetting streams. attempting_internal_redirect_with_complete_stream_ = upstream_request.upstreamTiming().last_upstream_rx_byte_received_ && downstream_end_stream_; // Redirects are not supported for streaming requests yet. if (downstream_end_stream_ && !callbacks_->decodingBuffer() && // Redirects with body not yet supported. location != nullptr && convertRequestHeadersForInternalRedirect(*downstream_headers_, *location) && callbacks_->recreateStream()) { cluster_->stats().upstream_internal_redirect_succeeded_total_.inc(); return true; } attempting_internal_redirect_with_complete_stream_ = false; ENVOY_STREAM_LOG(debug, "Internal redirect failed", *callbacks_); cluster_->stats().upstream_internal_redirect_failed_total_.inc(); return false; } bool Filter::convertRequestHeadersForInternalRedirect(Http::RequestHeaderMap& downstream_headers, const Http::HeaderEntry& internal_redirect) { if (!downstream_headers.Path()) { ENVOY_STREAM_LOG(trace, "no path in downstream_headers", *callbacks_); return false; } // Make sure the redirect response contains a URL to redirect to. if (internal_redirect.value().getStringView().empty()) { config_.stats_.passthrough_internal_redirect_bad_location_.inc(); return false; } Http::Utility::Url absolute_url; if (!absolute_url.initialize(internal_redirect.value().getStringView(), false)) { config_.stats_.passthrough_internal_redirect_bad_location_.inc(); return false; } const auto& policy = route_entry_->internalRedirectPolicy(); // Don't allow serving TLS responses over plaintext unless allowed by policy. const bool scheme_is_http = schemeIsHttp(downstream_headers, *callbacks_->connection()); const bool target_is_http = absolute_url.scheme() == Http::Headers::get().SchemeValues.Http; if (!policy.isCrossSchemeRedirectAllowed() && scheme_is_http != target_is_http) { config_.stats_.passthrough_internal_redirect_unsafe_scheme_.inc(); return false; } const StreamInfo::FilterStateSharedPtr& filter_state = callbacks_->streamInfo().filterState(); // Make sure that performing the redirect won't result in exceeding the configured number of // redirects allowed for this route. if (!filter_state->hasData(NumInternalRedirectsFilterStateName)) { filter_state->setData( NumInternalRedirectsFilterStateName, std::make_shared(0), StreamInfo::FilterState::StateType::Mutable, StreamInfo::FilterState::LifeSpan::Request); } StreamInfo::UInt32Accessor& num_internal_redirect = filter_state->getDataMutable(NumInternalRedirectsFilterStateName); if (num_internal_redirect.value() >= policy.maxInternalRedirects()) { config_.stats_.passthrough_internal_redirect_too_many_redirects_.inc(); return false; } // Copy the old values, so they can be restored if the redirect fails. const std::string original_host(downstream_headers.getHostValue()); const std::string original_path(downstream_headers.getPathValue()); const bool scheme_is_set = (downstream_headers.Scheme() != nullptr); Cleanup restore_original_headers( [&downstream_headers, original_host, original_path, scheme_is_set, scheme_is_http]() { downstream_headers.setHost(original_host); downstream_headers.setPath(original_path); if (scheme_is_set) { downstream_headers.setScheme(scheme_is_http ? Http::Headers::get().SchemeValues.Http : Http::Headers::get().SchemeValues.Https); } }); // Replace the original host, scheme and path. downstream_headers.setScheme(absolute_url.scheme()); downstream_headers.setHost(absolute_url.hostAndPort()); downstream_headers.setPath(absolute_url.pathAndQueryParams()); callbacks_->clearRouteCache(); const auto route = callbacks_->route(); // Don't allow a redirect to a non existing route. if (!route) { config_.stats_.passthrough_internal_redirect_no_route_.inc(); return false; } const auto& route_name = route->routeEntry()->routeName(); for (const auto& predicate : policy.predicates()) { if (!predicate->acceptTargetRoute(*filter_state, route_name, !scheme_is_http, !target_is_http)) { config_.stats_.passthrough_internal_redirect_predicate_.inc(); ENVOY_STREAM_LOG(trace, "rejecting redirect targeting {}, by {} predicate", *callbacks_, route_name, predicate->name()); return false; } } num_internal_redirect.increment(); restore_original_headers.cancel(); // Preserve the original request URL for the second pass. downstream_headers.setEnvoyOriginalUrl(absl::StrCat(scheme_is_http ? Http::Headers::get().SchemeValues.Http : Http::Headers::get().SchemeValues.Https, "://", original_host, original_path)); return true; } void Filter::doRetry() { ENVOY_STREAM_LOG(debug, "performing retry", *callbacks_); is_retry_ = true; attempt_count_++; ASSERT(pending_retries_ > 0); pending_retries_--; std::unique_ptr generic_conn_pool = createConnPool(); if (!generic_conn_pool) { sendNoHealthyUpstreamResponse(); cleanup(); return; } UpstreamRequestPtr upstream_request = std::make_unique(*this, std::move(generic_conn_pool)); if (include_attempt_count_in_request_) { downstream_headers_->setEnvoyAttemptCount(attempt_count_); } UpstreamRequest* upstream_request_tmp = upstream_request.get(); LinkedList::moveIntoList(std::move(upstream_request), upstream_requests_); upstream_requests_.front()->encodeHeaders(!callbacks_->decodingBuffer() && !downstream_trailers_ && downstream_end_stream_); // It's possible we got immediately reset which means the upstream request we just // added to the front of the list might have been removed, so we need to check to make // sure we don't encodeData on the wrong request. if (!upstream_requests_.empty() && (upstream_requests_.front().get() == upstream_request_tmp)) { if (callbacks_->decodingBuffer()) { // If we are doing a retry we need to make a copy. Buffer::OwnedImpl copy(*callbacks_->decodingBuffer()); upstream_requests_.front()->encodeData(copy, !downstream_trailers_ && downstream_end_stream_); } if (downstream_trailers_) { upstream_requests_.front()->encodeTrailers(*downstream_trailers_); } } } uint32_t Filter::numRequestsAwaitingHeaders() { return std::count_if(upstream_requests_.begin(), upstream_requests_.end(), [](const auto& req) -> bool { return req->awaitingHeaders(); }); } RetryStatePtr ProdFilter::createRetryState(const RetryPolicy& policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority) { return RetryStateImpl::create(policy, request_headers, cluster, vcluster, runtime, random, dispatcher, time_source, priority); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/router.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/extensions/filters/http/router/v3/router.pb.h" #include "envoy/http/codec.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/local_info/local_info.h" #include "envoy/router/shadow_writer.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" #include "common/access_log/access_log_impl.h" #include "common/buffer/watermark_buffer.h" #include "common/common/cleanup.h" #include "common/common/hash.h" #include "common/common/hex.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/config/well_known_names.h" #include "common/http/utility.h" #include "common/router/config_impl.h" #include "common/router/upstream_request.h" #include "common/stats/symbol_table_impl.h" #include "common/stream_info/stream_info_impl.h" #include "common/upstream/load_balancer_impl.h" namespace Envoy { namespace Router { /** * All router filter stats. @see stats_macros.h */ // clang-format off #define ALL_ROUTER_STATS(COUNTER) \ COUNTER(passthrough_internal_redirect_bad_location) \ COUNTER(passthrough_internal_redirect_unsafe_scheme) \ COUNTER(passthrough_internal_redirect_too_many_redirects) \ COUNTER(passthrough_internal_redirect_no_route) \ COUNTER(passthrough_internal_redirect_predicate) \ COUNTER(no_route) \ COUNTER(no_cluster) \ COUNTER(rq_redirect) \ COUNTER(rq_direct_response) \ COUNTER(rq_total) \ COUNTER(rq_reset_after_downstream_response_started) // clang-format on /** * Struct definition for all router filter stats. @see stats_macros.h */ struct FilterStats { ALL_ROUTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Router filter utilities split out for ease of testing. */ class FilterUtility { public: struct TimeoutData { std::chrono::milliseconds global_timeout_{0}; std::chrono::milliseconds per_try_timeout_{0}; }; struct HedgingParams { bool hedge_on_per_try_timeout_; }; class StrictHeaderChecker { public: struct HeaderCheckResult { bool valid_ = true; const Http::HeaderEntry* entry_; }; /** * Determine whether a given header's value passes the strict validation * defined for that header. * @param headers supplies the headers from which to get the target header. * @param target_header is the header to be validated. * @return HeaderCheckResult containing the entry for @param target_header * and valid_ set to FALSE if @param target_header is set to an * invalid value. If @param target_header doesn't appear in * @param headers, return a result with valid_ set to TRUE. */ static const HeaderCheckResult checkHeader(Http::RequestHeaderMap& headers, const Http::LowerCaseString& target_header); using ParseRetryFlagsFunc = std::function(absl::string_view)>; private: static HeaderCheckResult hasValidRetryFields(const Http::HeaderEntry* header_entry, const ParseRetryFlagsFunc& parse_fn) { HeaderCheckResult r; if (header_entry) { const auto flags_and_validity = parse_fn(header_entry->value().getStringView()); r.valid_ = flags_and_validity.second; r.entry_ = header_entry; } return r; } static HeaderCheckResult isInteger(const Http::HeaderEntry* header_entry) { HeaderCheckResult r; if (header_entry) { uint64_t out; r.valid_ = absl::SimpleAtoi(header_entry->value().getStringView(), &out); r.entry_ = header_entry; } return r; } }; /** * Returns response_time / timeout, as a percentage as [0, 100]. Returns 0 * if there is no timeout. * @param response_time supplies the response time thus far. * @param timeout supplies the timeout to get the percentage of. * @return the percentage of timeout [0, 100] for stats use. */ static uint64_t percentageOfTimeout(const std::chrono::milliseconds response_time, const std::chrono::milliseconds timeout); /** * Set the :scheme header based on whether the underline transport is secure. */ static void setUpstreamScheme(Http::RequestHeaderMap& headers, bool use_secure_transport); /** * Determine whether a request should be shadowed. * @param policy supplies the route's shadow policy. * @param runtime supplies the runtime to lookup the shadow key in. * @param stable_random supplies the random number to use when determining whether shadowing * should take place. * @return TRUE if shadowing should take place. */ static bool shouldShadow(const ShadowPolicy& policy, Runtime::Loader& runtime, uint64_t stable_random); /** * Determine the final timeout to use based on the route as well as the request headers. * @param route supplies the request route. * @param request_headers supplies the request headers. * @param insert_envoy_expected_request_timeout_ms insert * x-envoy-expected-request-timeout-ms? * @param grpc_request tells if the request is a gRPC request. * @return TimeoutData for both the global and per try timeouts. */ static TimeoutData finalTimeout(const RouteEntry& route, Http::RequestHeaderMap& request_headers, bool insert_envoy_expected_request_timeout_ms, bool grpc_request, bool per_try_timeout_hedging_enabled, bool respect_expected_rq_timeout); static bool trySetGlobalTimeout(const Http::HeaderEntry* header_timeout_entry, TimeoutData& timeout); /** * Determine the final hedging settings after applying randomized behavior. * @param route supplies the request route. * @param request_headers supplies the request headers. * @return HedgingParams the final parameters to use for request hedging. */ static HedgingParams finalHedgingParams(const RouteEntry& route, Http::RequestHeaderMap& request_headers); }; /** * Configuration for the router filter. */ class FilterConfig { public: FilterConfig(const std::string& stat_prefix, const LocalInfo::LocalInfo& local_info, Stats::Scope& scope, Upstream::ClusterManager& cm, Runtime::Loader& runtime, Random::RandomGenerator& random, ShadowWriterPtr&& shadow_writer, bool emit_dynamic_stats, bool start_child_span, bool suppress_envoy_headers, bool respect_expected_rq_timeout, const Protobuf::RepeatedPtrField& strict_check_headers, TimeSource& time_source, Http::Context& http_context) : scope_(scope), local_info_(local_info), cm_(cm), runtime_(runtime), random_(random), stats_{ALL_ROUTER_STATS(POOL_COUNTER_PREFIX(scope, stat_prefix))}, emit_dynamic_stats_(emit_dynamic_stats), start_child_span_(start_child_span), suppress_envoy_headers_(suppress_envoy_headers), respect_expected_rq_timeout_(respect_expected_rq_timeout), http_context_(http_context), stat_name_pool_(scope_.symbolTable()), retry_(stat_name_pool_.add("retry")), zone_name_(stat_name_pool_.add(local_info_.zoneName())), empty_stat_name_(stat_name_pool_.add("")), shadow_writer_(std::move(shadow_writer)), time_source_(time_source) { if (!strict_check_headers.empty()) { strict_check_headers_ = std::make_unique(); for (const auto& header : strict_check_headers) { strict_check_headers_->emplace_back(Http::LowerCaseString(header)); } } } FilterConfig(const std::string& stat_prefix, Server::Configuration::FactoryContext& context, ShadowWriterPtr&& shadow_writer, const envoy::extensions::filters::http::router::v3::Router& config) : FilterConfig(stat_prefix, context.localInfo(), context.scope(), context.clusterManager(), context.runtime(), context.api().randomGenerator(), std::move(shadow_writer), PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, dynamic_stats, true), config.start_child_span(), config.suppress_envoy_headers(), config.respect_expected_rq_timeout(), config.strict_check_headers(), context.api().timeSource(), context.httpContext()) { for (const auto& upstream_log : config.upstream_log()) { upstream_logs_.push_back(AccessLog::AccessLogFactory::fromProto(upstream_log, context)); } } using HeaderVector = std::vector; using HeaderVectorPtr = std::unique_ptr; ShadowWriter& shadowWriter() { return *shadow_writer_; } TimeSource& timeSource() { return time_source_; } Stats::Scope& scope_; const LocalInfo::LocalInfo& local_info_; Upstream::ClusterManager& cm_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; FilterStats stats_; const bool emit_dynamic_stats_; const bool start_child_span_; const bool suppress_envoy_headers_; const bool respect_expected_rq_timeout_; // TODO(xyu-stripe): Make this a bitset to keep cluster memory footprint down. HeaderVectorPtr strict_check_headers_; std::list upstream_logs_; Http::Context& http_context_; Stats::StatNamePool stat_name_pool_; Stats::StatName retry_; Stats::StatName zone_name_; Stats::StatName empty_stat_name_; private: ShadowWriterPtr shadow_writer_; TimeSource& time_source_; }; using FilterConfigSharedPtr = std::shared_ptr; class UpstreamRequest; using UpstreamRequestPtr = std::unique_ptr; // The interface the UpstreamRequest has to interact with the router filter. // Split out primarily for unit test mocks. class RouterFilterInterface { public: virtual ~RouterFilterInterface() = default; virtual void onUpstream100ContinueHeaders(Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request) PURE; virtual void onUpstreamHeaders(uint64_t response_code, Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request, bool end_stream) PURE; virtual void onUpstreamData(Buffer::Instance& data, UpstreamRequest& upstream_request, bool end_stream) PURE; virtual void onUpstreamTrailers(Http::ResponseTrailerMapPtr&& trailers, UpstreamRequest& upstream_request) PURE; virtual void onUpstreamMetadata(Http::MetadataMapPtr&& metadata_map) PURE; virtual void onUpstreamReset(Http::StreamResetReason reset_reason, absl::string_view transport_failure, UpstreamRequest& upstream_request) PURE; virtual void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) PURE; virtual void onPerTryTimeout(UpstreamRequest& upstream_request) PURE; virtual void onStreamMaxDurationReached(UpstreamRequest& upstream_request) PURE; virtual Http::StreamDecoderFilterCallbacks* callbacks() PURE; virtual Upstream::ClusterInfoConstSharedPtr cluster() PURE; virtual FilterConfig& config() PURE; virtual FilterUtility::TimeoutData timeout() PURE; virtual Http::RequestHeaderMap* downstreamHeaders() PURE; virtual Http::RequestTrailerMap* downstreamTrailers() PURE; virtual bool downstreamResponseStarted() const PURE; virtual bool downstreamEndStream() const PURE; virtual uint32_t attemptCount() const PURE; virtual const VirtualCluster* requestVcluster() const PURE; virtual const RouteEntry* routeEntry() const PURE; virtual const std::list& upstreamRequests() const PURE; virtual const UpstreamRequest* finalUpstreamRequest() const PURE; virtual TimeSource& timeSource() PURE; }; /** * Service routing filter. */ class Filter : Logger::Loggable, public Http::StreamDecoderFilter, public Upstream::LoadBalancerContextBase, public RouterFilterInterface { public: Filter(FilterConfig& config) : config_(config), final_upstream_request_(nullptr), downstream_100_continue_headers_encoded_(false), downstream_response_started_(false), downstream_end_stream_(false), is_retry_(false), attempting_internal_redirect_with_complete_stream_(false) {} ~Filter() override; static StreamInfo::ResponseFlag streamResetReasonToResponseFlag(Http::StreamResetReason reset_reason); // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; Http::FilterMetadataStatus decodeMetadata(Http::MetadataMap& metadata_map) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // Upstream::LoadBalancerContext absl::optional computeHashKey() override { if (route_entry_ && downstream_headers_) { auto hash_policy = route_entry_->hashPolicy(); if (hash_policy) { return hash_policy->generateHash( callbacks_->streamInfo().downstreamRemoteAddress().get(), *downstream_headers_, [this](const std::string& key, const std::string& path, std::chrono::seconds max_age) { return addDownstreamSetCookie(key, path, max_age); }, callbacks_->streamInfo().filterState()); } } return {}; } const Router::MetadataMatchCriteria* metadataMatchCriteria() override { if (route_entry_) { // Have we been called before? If so, there's no need to recompute because // by the time this method is called for the first time, route_entry_ should // not change anymore. if (metadata_match_ != nullptr) { return metadata_match_.get(); } // The request's metadata, if present, takes precedence over the route's. const auto& request_metadata = callbacks_->streamInfo().dynamicMetadata().filter_metadata(); const auto filter_it = request_metadata.find(Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != request_metadata.end()) { if (route_entry_->metadataMatchCriteria() != nullptr) { metadata_match_ = route_entry_->metadataMatchCriteria()->mergeMatchCriteria(filter_it->second); } else { metadata_match_ = std::make_unique(filter_it->second); } return metadata_match_.get(); } return route_entry_->metadataMatchCriteria(); } return nullptr; } const Network::Connection* downstreamConnection() const override { return callbacks_->connection(); } const Http::RequestHeaderMap* downstreamHeaders() const override { return downstream_headers_; } bool shouldSelectAnotherHost(const Upstream::Host& host) override { // We only care about host selection when performing a retry, at which point we consult the // RetryState to see if we're configured to avoid certain hosts during retries. if (!is_retry_) { return false; } ASSERT(retry_state_); return retry_state_->shouldSelectAnotherHost(host); } const Upstream::HealthyAndDegradedLoad& determinePriorityLoad( const Upstream::PrioritySet& priority_set, const Upstream::HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc& priority_mapping_func) override { // We only modify the priority load on retries. if (!is_retry_) { return original_priority_load; } return retry_state_->priorityLoadForRetry(priority_set, original_priority_load, priority_mapping_func); } uint32_t hostSelectionRetryCount() const override { if (!is_retry_) { return 1; } return retry_state_->hostSelectionMaxAttempts(); } Network::Socket::OptionsSharedPtr upstreamSocketOptions() const override { return callbacks_->getUpstreamSocketOptions(); } Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const override { return transport_socket_options_; } /** * Set a computed cookie to be sent with the downstream headers. * @param key supplies the size of the cookie * @param max_age the lifetime of the cookie * @param path the path of the cookie, or "" * @return std::string the value of the new cookie */ std::string addDownstreamSetCookie(const std::string& key, const std::string& path, std::chrono::seconds max_age) { // The cookie value should be the same per connection so that if multiple // streams race on the same path, they all receive the same cookie. // Since the downstream port is part of the hashed value, multiple HTTP1 // connections can receive different cookies if they race on requests. std::string value; const Network::Connection* conn = downstreamConnection(); // Need to check for null conn if this is ever used by Http::AsyncClient in the future. value = conn->remoteAddress()->asString() + conn->localAddress()->asString(); const std::string cookie_value = Hex::uint64ToHex(HashUtil::xxHash64(value)); downstream_set_cookies_.emplace_back( Http::Utility::makeSetCookieValue(key, cookie_value, path, max_age, true)); return cookie_value; } // RouterFilterInterface void onUpstream100ContinueHeaders(Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request) override; void onUpstreamHeaders(uint64_t response_code, Http::ResponseHeaderMapPtr&& headers, UpstreamRequest& upstream_request, bool end_stream) override; void onUpstreamData(Buffer::Instance& data, UpstreamRequest& upstream_request, bool end_stream) override; void onUpstreamTrailers(Http::ResponseTrailerMapPtr&& trailers, UpstreamRequest& upstream_request) override; void onUpstreamMetadata(Http::MetadataMapPtr&& metadata_map) override; void onUpstreamReset(Http::StreamResetReason reset_reason, absl::string_view transport_failure, UpstreamRequest& upstream_request) override; void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) override; void onPerTryTimeout(UpstreamRequest& upstream_request) override; void onStreamMaxDurationReached(UpstreamRequest& upstream_request) override; Http::StreamDecoderFilterCallbacks* callbacks() override { return callbacks_; } Upstream::ClusterInfoConstSharedPtr cluster() override { return cluster_; } FilterConfig& config() override { return config_; } FilterUtility::TimeoutData timeout() override { return timeout_; } Http::RequestHeaderMap* downstreamHeaders() override { return downstream_headers_; } Http::RequestTrailerMap* downstreamTrailers() override { return downstream_trailers_; } bool downstreamResponseStarted() const override { return downstream_response_started_; } bool downstreamEndStream() const override { return downstream_end_stream_; } uint32_t attemptCount() const override { return attempt_count_; } const VirtualCluster* requestVcluster() const override { return request_vcluster_; } const RouteEntry* routeEntry() const override { return route_entry_; } const std::list& upstreamRequests() const override { return upstream_requests_; } const UpstreamRequest* finalUpstreamRequest() const override { return final_upstream_request_; } TimeSource& timeSource() override { return config_.timeSource(); } private: friend class UpstreamRequest; RetryStatePtr retry_state_; Stats::StatName upstreamZone(Upstream::HostDescriptionConstSharedPtr upstream_host); void chargeUpstreamCode(uint64_t response_status_code, const Http::ResponseHeaderMap& response_headers, Upstream::HostDescriptionConstSharedPtr upstream_host, bool dropped); void chargeUpstreamCode(Http::Code code, Upstream::HostDescriptionConstSharedPtr upstream_host, bool dropped); void chargeUpstreamAbort(Http::Code code, bool dropped, UpstreamRequest& upstream_request); void cleanup(); virtual RetryStatePtr createRetryState(const RetryPolicy& policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority) PURE; std::unique_ptr createConnPool(); UpstreamRequestPtr createUpstreamRequest(); void maybeDoShadowing(); bool maybeRetryReset(Http::StreamResetReason reset_reason, UpstreamRequest& upstream_request); uint32_t numRequestsAwaitingHeaders(); void onGlobalTimeout(); void onRequestComplete(); void onResponseTimeout(); // Handle an upstream request aborted due to a local timeout. void onSoftPerTryTimeout(); void onSoftPerTryTimeout(UpstreamRequest& upstream_request); void onUpstreamTimeoutAbort(StreamInfo::ResponseFlag response_flag, absl::string_view details); // Handle an "aborted" upstream request, meaning we didn't see response // headers (e.g. due to a reset). Handles recording stats and responding // downstream if appropriate. void onUpstreamAbort(Http::Code code, StreamInfo::ResponseFlag response_flag, absl::string_view body, bool dropped, absl::string_view details); void onUpstreamComplete(UpstreamRequest& upstream_request); // Reset all in-flight upstream requests. void resetAll(); // Reset all in-flight upstream requests that do NOT match the passed argument. This is used // if a "good" response comes back and we return downstream, so there is no point in waiting // for the remaining upstream requests to return. void resetOtherUpstreams(UpstreamRequest& upstream_request); void sendNoHealthyUpstreamResponse(); bool setupRedirect(const Http::ResponseHeaderMap& headers, UpstreamRequest& upstream_request); bool convertRequestHeadersForInternalRedirect(Http::RequestHeaderMap& downstream_headers, const Http::HeaderEntry& internal_redirect); void updateOutlierDetection(Upstream::Outlier::Result result, UpstreamRequest& upstream_request, absl::optional code); void doRetry(); // Called immediately after a non-5xx header is received from upstream, performs stats accounting // and handle difference between gRPC and non-gRPC requests. void handleNon5xxResponseHeaders(absl::optional grpc_status, UpstreamRequest& upstream_request, bool end_stream, uint64_t grpc_to_http_status); Http::Context& httpContext() { return config_.http_context_; } FilterConfig& config_; Http::StreamDecoderFilterCallbacks* callbacks_{}; RouteConstSharedPtr route_; const RouteEntry* route_entry_{}; Upstream::ClusterInfoConstSharedPtr cluster_; std::unique_ptr alt_stat_prefix_; const VirtualCluster* request_vcluster_; Event::TimerPtr response_timeout_; FilterUtility::TimeoutData timeout_; FilterUtility::HedgingParams hedging_params_; Http::Code timeout_response_code_ = Http::Code::GatewayTimeout; std::list upstream_requests_; // Tracks which upstream request "wins" and will have the corresponding // response forwarded downstream UpstreamRequest* final_upstream_request_; bool grpc_request_{}; Http::RequestHeaderMap* downstream_headers_{}; Http::RequestTrailerMap* downstream_trailers_{}; MonotonicTime downstream_request_complete_time_; uint32_t retry_shadow_buffer_limit_{std::numeric_limits::max()}; MetadataMatchCriteriaConstPtr metadata_match_; std::function modify_headers_; std::vector> active_shadow_policies_{}; // list of cookies to add to upstream headers std::vector downstream_set_cookies_; bool downstream_100_continue_headers_encoded_ : 1; bool downstream_response_started_ : 1; bool downstream_end_stream_ : 1; bool is_retry_ : 1; bool include_attempt_count_in_request_ : 1; bool attempting_internal_redirect_with_complete_stream_ : 1; uint32_t attempt_count_{1}; uint32_t pending_retries_{0}; Network::TransportSocketOptionsSharedPtr transport_socket_options_; }; class ProdFilter : public Filter { public: using Filter::Filter; private: // Filter RetryStatePtr createRetryState(const RetryPolicy& policy, Http::RequestHeaderMap& request_headers, const Upstream::ClusterInfo& cluster, const VirtualCluster* vcluster, Runtime::Loader& runtime, Random::RandomGenerator& random, Event::Dispatcher& dispatcher, TimeSource& time_source, Upstream::ResourcePriority priority) override; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/router_ratelimit.cc ================================================ #include "common/router/router_ratelimit.h" #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/config/metadata.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Router { const uint64_t RateLimitPolicyImpl::MAX_STAGE_NUMBER = 10UL; bool DynamicMetadataRateLimitOverride::populateOverride( RateLimit::Descriptor& descriptor, const envoy::config::core::v3::Metadata* metadata) const { const ProtobufWkt::Value& metadata_value = Envoy::Config::Metadata::metadataValue(metadata, metadata_key_); if (metadata_value.kind_case() != ProtobufWkt::Value::kStructValue) { return false; } const auto& override_value = metadata_value.struct_value().fields(); const auto& limit_it = override_value.find("requests_per_unit"); const auto& unit_it = override_value.find("unit"); if (limit_it != override_value.end() && limit_it->second.kind_case() == ProtobufWkt::Value::kNumberValue && unit_it != override_value.end() && unit_it->second.kind_case() == ProtobufWkt::Value::kStringValue) { envoy::type::v3::RateLimitUnit unit; if (envoy::type::v3::RateLimitUnit_Parse(unit_it->second.string_value(), &unit)) { descriptor.limit_.emplace(RateLimit::RateLimitOverride{ static_cast(limit_it->second.number_value()), unit}); return true; } } return false; } bool SourceClusterAction::populateDescriptor(const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap&, const Network::Address::Instance&, const envoy::config::core::v3::Metadata*) const { descriptor.entries_.push_back({"source_cluster", local_service_cluster}); return true; } bool DestinationClusterAction::populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap&, const Network::Address::Instance&, const envoy::config::core::v3::Metadata*) const { descriptor.entries_.push_back({"destination_cluster", route.clusterName()}); return true; } bool RequestHeadersAction::populateDescriptor(const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap& headers, const Network::Address::Instance&, const envoy::config::core::v3::Metadata*) const { const Http::HeaderEntry* header_value = headers.get(header_name_); // If header is not present in the request and if skip_if_absent is true skip this descriptor, // while calling rate limiting service. If skip_if_absent is false, do not call rate limiting // service. if (!header_value) { return skip_if_absent_; } descriptor.entries_.push_back( {descriptor_key_, std::string(header_value->value().getStringView())}); return true; } bool RemoteAddressAction::populateDescriptor(const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap&, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata*) const { if (remote_address.type() != Network::Address::Type::Ip) { return false; } descriptor.entries_.push_back({"remote_address", remote_address.ip()->addressAsString()}); return true; } bool GenericKeyAction::populateDescriptor(const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap&, const Network::Address::Instance&, const envoy::config::core::v3::Metadata*) const { descriptor.entries_.push_back({descriptor_key_, descriptor_value_}); return true; } DynamicMetaDataAction::DynamicMetaDataAction( const envoy::config::route::v3::RateLimit::Action::DynamicMetaData& action) : metadata_key_(action.metadata_key()), descriptor_key_(action.descriptor_key()), default_value_(action.default_value()) {} bool DynamicMetaDataAction::populateDescriptor( const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap&, const Network::Address::Instance&, const envoy::config::core::v3::Metadata* dynamic_metadata) const { const ProtobufWkt::Value& metadata_value = Envoy::Config::Metadata::metadataValue(dynamic_metadata, metadata_key_); if (!metadata_value.string_value().empty()) { descriptor.entries_.push_back({descriptor_key_, metadata_value.string_value()}); return true; } else if (metadata_value.string_value().empty() && !default_value_.empty()) { descriptor.entries_.push_back({descriptor_key_, default_value_}); return true; } return false; } HeaderValueMatchAction::HeaderValueMatchAction( const envoy::config::route::v3::RateLimit::Action::HeaderValueMatch& action) : descriptor_value_(action.descriptor_value()), expect_match_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(action, expect_match, true)), action_headers_(Http::HeaderUtility::buildHeaderDataVector(action.headers())) {} bool HeaderValueMatchAction::populateDescriptor(const Router::RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const Http::HeaderMap& headers, const Network::Address::Instance&, const envoy::config::core::v3::Metadata*) const { if (expect_match_ == Http::HeaderUtility::matchHeaders(headers, action_headers_)) { descriptor.entries_.push_back({"header_match", descriptor_value_}); return true; } else { return false; } } RateLimitPolicyEntryImpl::RateLimitPolicyEntryImpl( const envoy::config::route::v3::RateLimit& config) : disable_key_(config.disable_key()), stage_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, stage, 0))) { for (const auto& action : config.actions()) { switch (action.action_specifier_case()) { case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kSourceCluster: actions_.emplace_back(new SourceClusterAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kDestinationCluster: actions_.emplace_back(new DestinationClusterAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kRequestHeaders: actions_.emplace_back(new RequestHeadersAction(action.request_headers())); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kRemoteAddress: actions_.emplace_back(new RemoteAddressAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kGenericKey: actions_.emplace_back(new GenericKeyAction(action.generic_key())); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kDynamicMetadata: actions_.emplace_back(new DynamicMetaDataAction(action.dynamic_metadata())); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kHeaderValueMatch: actions_.emplace_back(new HeaderValueMatchAction(action.header_value_match())); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } if (config.has_limit()) { switch (config.limit().override_specifier_case()) { case envoy::config::route::v3::RateLimit_Override::OverrideSpecifierCase::kDynamicMetadata: limit_override_.emplace( new DynamicMetadataRateLimitOverride(config.limit().dynamic_metadata())); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } void RateLimitPolicyEntryImpl::populateDescriptors( const Router::RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const { RateLimit::Descriptor descriptor; bool result = true; for (const RateLimitActionPtr& action : actions_) { result = result && action->populateDescriptor(route, descriptor, local_service_cluster, headers, remote_address, dynamic_metadata); if (!result) { break; } } if (limit_override_) { limit_override_.value()->populateOverride(descriptor, dynamic_metadata); } if (result) { descriptors.emplace_back(descriptor); } } RateLimitPolicyImpl::RateLimitPolicyImpl( const Protobuf::RepeatedPtrField& rate_limits) : rate_limit_entries_reference_(RateLimitPolicyImpl::MAX_STAGE_NUMBER + 1) { for (const auto& rate_limit : rate_limits) { std::unique_ptr rate_limit_policy_entry( new RateLimitPolicyEntryImpl(rate_limit)); uint64_t stage = rate_limit_policy_entry->stage(); ASSERT(stage < rate_limit_entries_reference_.size()); rate_limit_entries_reference_[stage].emplace_back(*rate_limit_policy_entry); rate_limit_entries_.emplace_back(std::move(rate_limit_policy_entry)); } } const std::vector>& RateLimitPolicyImpl::getApplicableRateLimit(uint64_t stage) const { ASSERT(stage < rate_limit_entries_reference_.size()); return rate_limit_entries_reference_[stage]; } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/router_ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/router/router.h" #include "envoy/router/router_ratelimit.h" #include "common/config/metadata.h" #include "common/http/header_utility.h" #include "absl/types/optional.h" namespace Envoy { namespace Router { /** * Populate rate limit override from dynamic metadata. */ class DynamicMetadataRateLimitOverride : public RateLimitOverrideAction { public: DynamicMetadataRateLimitOverride( const envoy::config::route::v3::RateLimit::Override::DynamicMetadata& config) : metadata_key_(config.metadata_key()) {} // Router::RateLimitOverrideAction bool populateOverride(RateLimit::Descriptor& descriptor, const envoy::config::core::v3::Metadata* metadata) const override; private: const Envoy::Config::MetadataKey metadata_key_; }; /** * Action for source cluster rate limiting. */ class SourceClusterAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; }; /** * Action for destination cluster rate limiting. */ class DestinationClusterAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; }; /** * Action for request headers rate limiting. */ class RequestHeadersAction : public RateLimitAction { public: RequestHeadersAction(const envoy::config::route::v3::RateLimit::Action::RequestHeaders& action) : header_name_(action.header_name()), descriptor_key_(action.descriptor_key()), skip_if_absent_(action.skip_if_absent()) {} // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; private: const Http::LowerCaseString header_name_; const std::string descriptor_key_; const bool skip_if_absent_; }; /** * Action for remote address rate limiting. */ class RemoteAddressAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; }; /** * Action for generic key rate limiting. */ class GenericKeyAction : public RateLimitAction { public: GenericKeyAction(const envoy::config::route::v3::RateLimit::Action::GenericKey& action) : descriptor_value_(action.descriptor_value()), descriptor_key_(!action.descriptor_key().empty() ? action.descriptor_key() : "generic_key") {} // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; private: const std::string descriptor_value_; const std::string descriptor_key_; }; /** * Action for dynamic metadata rate limiting. */ class DynamicMetaDataAction : public RateLimitAction { public: DynamicMetaDataAction(const envoy::config::route::v3::RateLimit::Action::DynamicMetaData& action); // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; private: const Envoy::Config::MetadataKey metadata_key_; const std::string descriptor_key_; const std::string default_value_; }; /** * Action for header value match rate limiting. */ class HeaderValueMatchAction : public RateLimitAction { public: HeaderValueMatchAction( const envoy::config::route::v3::RateLimit::Action::HeaderValueMatch& action); // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const Http::HeaderMap& headers, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; private: const std::string descriptor_value_; const bool expect_match_; const std::vector action_headers_; }; /* * Implementation of RateLimitPolicyEntry that holds the action for the configuration. */ class RateLimitPolicyEntryImpl : public RateLimitPolicyEntry { public: RateLimitPolicyEntryImpl(const envoy::config::route::v3::RateLimit& config); // Router::RateLimitPolicyEntry uint64_t stage() const override { return stage_; } const std::string& disableKey() const override { return disable_key_; } void populateDescriptors(const Router::RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const Http::HeaderMap&, const Network::Address::Instance& remote_address, const envoy::config::core::v3::Metadata* dynamic_metadata) const override; private: const std::string disable_key_; uint64_t stage_; std::vector actions_; absl::optional limit_override_ = absl::nullopt; }; /** * Implementation of RateLimitPolicy that reads from the JSON route config. */ class RateLimitPolicyImpl : public RateLimitPolicy { public: RateLimitPolicyImpl( const Protobuf::RepeatedPtrField& rate_limits); // Router::RateLimitPolicy const std::vector>& getApplicableRateLimit(uint64_t stage = 0) const override; bool empty() const override { return rate_limit_entries_.empty(); } private: std::vector> rate_limit_entries_; std::vector>> rate_limit_entries_reference_; // The maximum stage number supported. This value should match the maximum stage number in // Json::Schema::HTTP_RATE_LIMITS_CONFIGURATION_SCHEMA and // Json::Schema::RATE_LIMIT_HTTP_FILTER_SCHEMA from common/json/config_schemas.cc. static const uint64_t MAX_STAGE_NUMBER; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/scoped_config_impl.cc ================================================ #include "common/router/scoped_config_impl.h" #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" namespace Envoy { namespace Router { bool ScopeKey::operator!=(const ScopeKey& other) const { return !(*this == other); } bool ScopeKey::operator==(const ScopeKey& other) const { if (fragments_.empty() || other.fragments_.empty()) { // An empty key equals to nothing, "NULL" != "NULL". return false; } return this->hash() == other.hash(); } HeaderValueExtractorImpl::HeaderValueExtractorImpl( ScopedRoutes::ScopeKeyBuilder::FragmentBuilder&& config) : FragmentBuilderBase(std::move(config)), header_value_extractor_config_(config_.header_value_extractor()) { ASSERT(config_.type_case() == ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::kHeaderValueExtractor, "header_value_extractor is not set."); if (header_value_extractor_config_.extract_type_case() == ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::HeaderValueExtractor::kIndex) { if (header_value_extractor_config_.index() != 0 && header_value_extractor_config_.element_separator().empty()) { throw ProtoValidationException("Index > 0 for empty string element separator.", header_value_extractor_config_); } } if (header_value_extractor_config_.extract_type_case() == ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::HeaderValueExtractor::EXTRACT_TYPE_NOT_SET) { throw ProtoValidationException("HeaderValueExtractor extract_type not set.", header_value_extractor_config_); } } std::unique_ptr HeaderValueExtractorImpl::computeFragment(const Http::HeaderMap& headers) const { const Envoy::Http::HeaderEntry* header_entry = headers.get(Envoy::Http::LowerCaseString(header_value_extractor_config_.name())); if (header_entry == nullptr) { return nullptr; } std::vector elements{header_entry->value().getStringView()}; if (header_value_extractor_config_.element_separator().length() > 0) { elements = absl::StrSplit(header_entry->value().getStringView(), header_value_extractor_config_.element_separator()); } switch (header_value_extractor_config_.extract_type_case()) { case ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::HeaderValueExtractor::kElement: for (const auto& element : elements) { std::pair key_value = absl::StrSplit( element, absl::MaxSplits(header_value_extractor_config_.element().separator(), 1)); if (key_value.first == header_value_extractor_config_.element().key()) { return std::make_unique(key_value.second); } } break; case ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::HeaderValueExtractor::kIndex: if (header_value_extractor_config_.index() < elements.size()) { return std::make_unique(elements[header_value_extractor_config_.index()]); } break; default: // EXTRACT_TYPE_NOT_SET NOT_REACHED_GCOVR_EXCL_LINE; // Caught in constructor already. } return nullptr; } ScopedRouteInfo::ScopedRouteInfo(envoy::config::route::v3::ScopedRouteConfiguration&& config_proto, ConfigConstSharedPtr&& route_config) : config_proto_(std::move(config_proto)), route_config_(std::move(route_config)) { // TODO(stevenzzzz): Maybe worth a KeyBuilder abstraction when there are more than one type of // Fragment. for (const auto& fragment : config_proto_.key().fragments()) { switch (fragment.type_case()) { case envoy::config::route::v3::ScopedRouteConfiguration::Key::Fragment::TypeCase::kStringKey: scope_key_.addFragment(std::make_unique(fragment.string_key())); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } ScopeKeyBuilderImpl::ScopeKeyBuilderImpl(ScopedRoutes::ScopeKeyBuilder&& config) : ScopeKeyBuilderBase(std::move(config)) { for (const auto& fragment_builder : config_.fragments()) { switch (fragment_builder.type_case()) { case ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::kHeaderValueExtractor: fragment_builders_.emplace_back(std::make_unique( ScopedRoutes::ScopeKeyBuilder::FragmentBuilder(fragment_builder))); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } ScopeKeyPtr ScopeKeyBuilderImpl::computeScopeKey(const Http::HeaderMap& headers) const { ScopeKey key; for (const auto& builder : fragment_builders_) { // returns nullopt if a null fragment is found. std::unique_ptr fragment = builder->computeFragment(headers); if (fragment == nullptr) { return nullptr; } key.addFragment(std::move(fragment)); } return std::make_unique(std::move(key)); } void ScopedConfigImpl::addOrUpdateRoutingScopes( const std::vector& scoped_route_infos) { for (auto& scoped_route_info : scoped_route_infos) { const auto iter = scoped_route_info_by_name_.find(scoped_route_info->scopeName()); if (iter != scoped_route_info_by_name_.end()) { ASSERT(scoped_route_info_by_key_.contains(iter->second->scopeKey().hash())); scoped_route_info_by_key_.erase(iter->second->scopeKey().hash()); } scoped_route_info_by_name_[scoped_route_info->scopeName()] = scoped_route_info; scoped_route_info_by_key_[scoped_route_info->scopeKey().hash()] = scoped_route_info; } } void ScopedConfigImpl::removeRoutingScopes(const std::vector& scope_names) { for (std::string const& scope_name : scope_names) { const auto iter = scoped_route_info_by_name_.find(scope_name); if (iter != scoped_route_info_by_name_.end()) { ASSERT(scoped_route_info_by_key_.contains(iter->second->scopeKey().hash())); scoped_route_info_by_key_.erase(iter->second->scopeKey().hash()); scoped_route_info_by_name_.erase(iter); } } } Router::ConfigConstSharedPtr ScopedConfigImpl::getRouteConfig(const Http::HeaderMap& headers) const { ScopeKeyPtr scope_key = scope_key_builder_.computeScopeKey(headers); if (scope_key == nullptr) { return nullptr; } auto iter = scoped_route_info_by_key_.find(scope_key->hash()); if (iter != scoped_route_info_by_key_.end()) { return iter->second->routeConfig(); } return nullptr; } ScopeKeyPtr ScopedConfigImpl::computeScopeKey(const Http::HeaderMap& headers) const { ScopeKeyPtr scope_key = scope_key_builder_.computeScopeKey(headers); if (scope_key && scoped_route_info_by_key_.find(scope_key->hash()) != scoped_route_info_by_key_.end()) { return scope_key; } return nullptr; } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/scoped_config_impl.h ================================================ #pragma once #include #include #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/router/rds.h" #include "envoy/router/router.h" #include "envoy/router/scopes.h" #include "envoy/thread_local/thread_local.h" #include "common/common/hash.h" #include "common/protobuf/utility.h" #include "common/router/config_impl.h" #include "absl/numeric/int128.h" #include "absl/strings/str_format.h" namespace Envoy { namespace Router { using envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes; /** * Base class for fragment builders. */ class FragmentBuilderBase { public: explicit FragmentBuilderBase(ScopedRoutes::ScopeKeyBuilder::FragmentBuilder&& config) : config_(std::move(config)) {} virtual ~FragmentBuilderBase() = default; // Returns a fragment if the fragment rule applies, a nullptr indicates no fragment could be // generated from the headers. virtual std::unique_ptr computeFragment(const Http::HeaderMap& headers) const PURE; protected: const ScopedRoutes::ScopeKeyBuilder::FragmentBuilder config_; }; class HeaderValueExtractorImpl : public FragmentBuilderBase { public: explicit HeaderValueExtractorImpl(ScopedRoutes::ScopeKeyBuilder::FragmentBuilder&& config); std::unique_ptr computeFragment(const Http::HeaderMap& headers) const override; private: const ScopedRoutes::ScopeKeyBuilder::FragmentBuilder::HeaderValueExtractor& header_value_extractor_config_; }; /** * Base class for ScopeKeyBuilder implementations. */ class ScopeKeyBuilderBase { public: explicit ScopeKeyBuilderBase(ScopedRoutes::ScopeKeyBuilder&& config) : config_(std::move(config)) {} virtual ~ScopeKeyBuilderBase() = default; // Computes scope key for given headers, returns nullptr if a key can't be computed. virtual ScopeKeyPtr computeScopeKey(const Http::HeaderMap& headers) const PURE; protected: const ScopedRoutes::ScopeKeyBuilder config_; }; class ScopeKeyBuilderImpl : public ScopeKeyBuilderBase { public: explicit ScopeKeyBuilderImpl(ScopedRoutes::ScopeKeyBuilder&& config); ScopeKeyPtr computeScopeKey(const Http::HeaderMap& headers) const override; private: std::vector> fragment_builders_; }; // ScopedRouteConfiguration and corresponding RouteConfigProvider. class ScopedRouteInfo { public: ScopedRouteInfo(envoy::config::route::v3::ScopedRouteConfiguration&& config_proto, ConfigConstSharedPtr&& route_config); const ConfigConstSharedPtr& routeConfig() const { return route_config_; } const ScopeKey& scopeKey() const { return scope_key_; } const envoy::config::route::v3::ScopedRouteConfiguration& configProto() const { return config_proto_; } const std::string& scopeName() const { return config_proto_.name(); } private: envoy::config::route::v3::ScopedRouteConfiguration config_proto_; ScopeKey scope_key_; ConfigConstSharedPtr route_config_; }; using ScopedRouteInfoConstSharedPtr = std::shared_ptr; // Ordered map for consistent config dumping. using ScopedRouteMap = std::map; /** * Each Envoy worker is assigned an instance of this type. When config updates are received, * addOrUpdateRoutingScope() and removeRoutingScope() are called to update the set of scoped routes. * * ConnectionManagerImpl::refreshCachedRoute() will call getRouterConfig() to obtain the * Router::ConfigConstSharedPtr to use for route selection. */ class ScopedConfigImpl : public ScopedConfig { public: ScopedConfigImpl(ScopedRoutes::ScopeKeyBuilder&& scope_key_builder) : scope_key_builder_(std::move(scope_key_builder)) {} void addOrUpdateRoutingScopes(const std::vector& scoped_route_infos); void removeRoutingScopes(const std::vector& scope_names); // Envoy::Router::ScopedConfig Router::ConfigConstSharedPtr getRouteConfig(const Http::HeaderMap& headers) const override; // The return value is not null only if the scope corresponding to the header exists. ScopeKeyPtr computeScopeKey(const Http::HeaderMap& headers) const override; private: ScopeKeyBuilderImpl scope_key_builder_; // From scope name to cached ScopedRouteInfo. absl::flat_hash_map scoped_route_info_by_name_; // Hash by ScopeKey hash to lookup in constant time. absl::flat_hash_map scoped_route_info_by_key_; }; /** * A NULL implementation of the scoped routing configuration. */ class NullScopedConfigImpl : public ScopedConfig { public: Router::ConfigConstSharedPtr getRouteConfig(const Http::HeaderMap&) const override { return std::make_shared(); } }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/scoped_rds.cc ================================================ #include "common/router/scoped_rds.h" #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/api/v2/scoped_route.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/config/api_version.h" #include "common/config/resource_name.h" #include "common/config/version_converter.h" #include "common/init/manager_impl.h" #include "common/init/watcher_impl.h" #include "common/router/rds_impl.h" #include "common/router/scoped_config_impl.h" #include "absl/strings/str_join.h" // Types are deeply nested under Envoy::Config::ConfigProvider; use 'using-directives' across all // ConfigProvider related types for consistency. using Envoy::Config::ConfigProvider; using Envoy::Config::ConfigProviderInstanceType; using Envoy::Config::ConfigProviderManager; using Envoy::Config::ConfigProviderPtr; using Envoy::Config::ScopedResume; namespace Envoy { namespace Router { namespace ScopedRoutesConfigProviderUtil { ConfigProviderPtr create( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string& stat_prefix, ConfigProviderManager& scoped_routes_config_provider_manager) { ASSERT(config.route_specifier_case() == envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kScopedRoutes); switch (config.scoped_routes().config_specifier_case()) { case envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ConfigSpecifierCase::kScopedRouteConfigurationsList: { const envoy::extensions::filters::network::http_connection_manager::v3:: ScopedRouteConfigurationsList& scoped_route_list = config.scoped_routes().scoped_route_configurations_list(); return scoped_routes_config_provider_manager.createStaticConfigProvider( RepeatedPtrUtil::convertToConstMessagePtrContainer< envoy::config::route::v3::ScopedRouteConfiguration, ProtobufTypes::ConstMessagePtrVector>(scoped_route_list.scoped_route_configurations()), factory_context, ScopedRoutesConfigProviderManagerOptArg(config.scoped_routes().name(), config.scoped_routes().rds_config_source(), config.scoped_routes().scope_key_builder())); } case envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ConfigSpecifierCase::kScopedRds: return scoped_routes_config_provider_manager.createXdsConfigProvider( config.scoped_routes().scoped_rds(), factory_context, init_manager, stat_prefix, ScopedRoutesConfigProviderManagerOptArg(config.scoped_routes().name(), config.scoped_routes().rds_config_source(), config.scoped_routes().scope_key_builder())); default: // Proto validation enforces that is not reached. NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace ScopedRoutesConfigProviderUtil InlineScopedRoutesConfigProvider::InlineScopedRoutesConfigProvider( ProtobufTypes::ConstMessagePtrVector&& config_protos, std::string name, Server::Configuration::ServerFactoryContext& factory_context, ScopedRoutesConfigProviderManager& config_provider_manager, envoy::config::core::v3::ConfigSource rds_config_source, envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes::ScopeKeyBuilder scope_key_builder) : Envoy::Config::ImmutableConfigProviderBase(factory_context, config_provider_manager, ConfigProviderInstanceType::Inline, ConfigProvider::ApiType::Delta), name_(std::move(name)), config_(std::make_shared(std::move(scope_key_builder))), config_protos_(std::make_move_iterator(config_protos.begin()), std::make_move_iterator(config_protos.end())), rds_config_source_(std::move(rds_config_source)) {} ScopedRdsConfigSubscription::ScopedRdsConfigSubscription( const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRds& scoped_rds, const uint64_t manager_identifier, const std::string& name, const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder& scope_key_builder, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, envoy::config::core::v3::ConfigSource rds_config_source, RouteConfigProviderManager& route_config_provider_manager, ScopedRoutesConfigProviderManager& config_provider_manager) : DeltaConfigSubscriptionInstance("SRDS", manager_identifier, config_provider_manager, factory_context), Envoy::Config::SubscriptionBase( scoped_rds.scoped_rds_config_source().resource_api_version(), factory_context.messageValidationContext().dynamicValidationVisitor(), "name"), factory_context_(factory_context), name_(name), scope_key_builder_(scope_key_builder), scope_(factory_context.scope().createScope(stat_prefix + "scoped_rds." + name + ".")), stats_({ALL_SCOPED_RDS_STATS(POOL_COUNTER(*scope_), POOL_GAUGE(*scope_))}), rds_config_source_(std::move(rds_config_source)), stat_prefix_(stat_prefix), route_config_provider_manager_(route_config_provider_manager) { const auto resource_name = getResourceName(); subscription_ = factory_context.clusterManager().subscriptionFactory().subscriptionFromConfigSource( scoped_rds.scoped_rds_config_source(), Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); initialize([scope_key_builder]() -> Envoy::Config::ConfigProvider::ConfigConstSharedPtr { return std::make_shared( envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder(scope_key_builder)); }); } // Constructor for RdsRouteConfigProviderHelper when scope is eager loading. // Initialize RdsRouteConfigProvider by default. ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::RdsRouteConfigProviderHelper( ScopedRdsConfigSubscription& parent, std::string scope_name, envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Init::Manager& init_manager) : parent_(parent), scope_name_(scope_name), on_demand_(false) { initRdsConfigProvider(rds, init_manager); } // Constructor for RdsRouteConfigProviderHelper when scope is on demand. // Leave the RdsRouteConfigProvider uninitialized. ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::RdsRouteConfigProviderHelper( ScopedRdsConfigSubscription& parent, std::string scope_name) : parent_(parent), scope_name_(scope_name), on_demand_(true) { parent_.stats_.on_demand_scopes_.inc(); } // When on demand callback is received from main thread, there are 4 cases. // 1. Scope is not found, post a scope not found callback back to worker thread. // 2. Scope is found but route provider has not been initialized, create route provider. // 3. After route provider has been initialized, if RouteConfiguration has been fetched, // post scope found callback to worker thread. // 4. After route provider has been initialized, if RouteConfiguration is null, // cache the callback and wait for RouteConfiguration to come. void ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::addOnDemandUpdateCallback( std::function callback) { // If RouteConfiguration has been initialized, run the callback to continue in filter chain, // otherwise cache it and wait for the route table to be initialized. If RouteConfiguration hasn't // been initialized, routeConfig() return a shared_ptr to NullConfigImpl. The name of // NullConfigImpl is an empty string. if (route_provider_ != nullptr && !routeConfig()->name().empty()) { callback(); return; } on_demand_update_callbacks_.push_back(callback); // Initialize the rds provider if it has not been initialized. There is potential race here // because other worker threads may also post callback to on demand update the RouteConfiguration // associated with this scope. If rds provider has been initialized, just wait for // RouteConfiguration to be updated. maybeInitRdsConfigProvider(); } void ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::runOnDemandUpdateCallback() { for (auto& callback : on_demand_update_callbacks_) { callback(); } on_demand_update_callbacks_.clear(); } void ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::initRdsConfigProvider( envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Init::Manager& init_manager) { route_provider_ = std::dynamic_pointer_cast( parent_.route_config_provider_manager_.createRdsRouteConfigProvider( rds, parent_.factory_context_, parent_.stat_prefix_, init_manager)); rds_update_callback_handle_ = route_provider_->subscription().addUpdateCallback([this]() { // Subscribe to RDS update. parent_.onRdsConfigUpdate(scope_name_, route_provider_->subscription()); }); parent_.stats_.active_scopes_.inc(); } void ScopedRdsConfigSubscription::RdsRouteConfigProviderHelper::maybeInitRdsConfigProvider() { // If the route provider have been initialized, return and wait for rds config update. if (route_provider_ != nullptr) { return; } // Create a init_manager to create a rds provider. // No transitive warming dependency here because only on demand update reach this point. std::unique_ptr srds_init_mgr = std::make_unique(fmt::format("SRDS on demand init manager.")); std::unique_ptr srds_initialization_continuation = std::make_unique([this, &srds_init_mgr] { Init::WatcherImpl noop_watcher( fmt::format("SRDS on demand ConfigUpdate watcher: {}", scope_name_), []() { /*Do nothing.*/ }); srds_init_mgr->initialize(noop_watcher); }); // Create route provider. envoy::extensions::filters::network::http_connection_manager::v3::Rds rds; rds.mutable_config_source()->MergeFrom(parent_.rds_config_source_); rds.set_route_config_name( parent_.scoped_route_map_[scope_name_]->configProto().route_configuration_name()); initRdsConfigProvider(rds, *srds_init_mgr); ENVOY_LOG(debug, fmt::format("Scope on demand update: {}", scope_name_)); // If RouteConfiguration hasn't been initialized, routeConfig() return a shared_ptr to // NullConfigImpl. The name of NullConfigImpl is an empty string. if (routeConfig()->name().empty()) { return; } // If RouteConfiguration has been initialized, apply update to all the threads. parent_.onRdsConfigUpdate(scope_name_, route_provider_->subscription()); } bool ScopedRdsConfigSubscription::addOrUpdateScopes( const std::vector& resources, Init::Manager& init_manager, const std::string& version_info) { bool any_applied = false; envoy::extensions::filters::network::http_connection_manager::v3::Rds rds; rds.mutable_config_source()->MergeFrom(rds_config_source_); std::vector updated_scopes; for (const auto& resource : resources) { // Explicit copy so that we can std::move later. envoy::config::route::v3::ScopedRouteConfiguration scoped_route_config = dynamic_cast( resource.get().resource()); const std::string scope_name = scoped_route_config.name(); rds.set_route_config_name(scoped_route_config.route_configuration_name()); std::unique_ptr rds_config_provider_helper; std::shared_ptr scoped_route_info = nullptr; if (scoped_route_config.on_demand() == false) { // For default scopes, create a rds helper with rds provider initialized. rds_config_provider_helper = std::make_unique(*this, scope_name, rds, init_manager); scoped_route_info = std::make_shared( std::move(scoped_route_config), rds_config_provider_helper->routeConfig()); } else { // For on demand scopes, create a rds helper with rds provider uninitialized. rds_config_provider_helper = std::make_unique(*this, scope_name); // scope_route_info->routeConfig() will be nullptr, because RouteConfiguration is not loaded. scoped_route_info = std::make_shared(std::move(scoped_route_config), nullptr); } route_provider_by_scope_[scope_name] = std::move(rds_config_provider_helper); scope_name_by_hash_[scoped_route_info->scopeKey().hash()] = scoped_route_info->scopeName(); scoped_route_map_[scoped_route_info->scopeName()] = scoped_route_info; updated_scopes.push_back(scoped_route_info); any_applied = true; ENVOY_LOG(debug, "srds: queueing add/update of scoped_route '{}', version: {}", scoped_route_info->scopeName(), version_info); } // scoped_route_info of both eager loading and on demand scopes will be propagated to work // threads. Upon a scoped RouteConfiguration miss, if the scope exists, an on demand update // callback will be posted to main thread. if (!updated_scopes.empty()) { applyConfigUpdate([updated_scopes](ConfigProvider::ConfigConstSharedPtr config) -> ConfigProvider::ConfigConstSharedPtr { auto* thread_local_scoped_config = const_cast(static_cast(config.get())); thread_local_scoped_config->addOrUpdateRoutingScopes(updated_scopes); return config; }); } return any_applied; } std::list ScopedRdsConfigSubscription::removeScopes( const Protobuf::RepeatedPtrField& scope_names, const std::string& version_info) { std::list to_be_removed_rds_providers; std::vector removed_scope_names; for (const auto& scope_name : scope_names) { auto iter = scoped_route_map_.find(scope_name); if (iter != scoped_route_map_.end()) { auto rds_config_provider_helper_iter = route_provider_by_scope_.find(scope_name); if (rds_config_provider_helper_iter != route_provider_by_scope_.end()) { to_be_removed_rds_providers.emplace_back( std::move(rds_config_provider_helper_iter->second)); route_provider_by_scope_.erase(rds_config_provider_helper_iter); } scope_name_by_hash_.erase(iter->second->scopeKey().hash()); scoped_route_map_.erase(iter); removed_scope_names.push_back(scope_name); ENVOY_LOG(debug, "srds: queueing removal of scoped route '{}', version: {}", scope_name, version_info); } } if (!removed_scope_names.empty()) { applyConfigUpdate([removed_scope_names](ConfigProvider::ConfigConstSharedPtr config) -> ConfigProvider::ConfigConstSharedPtr { auto* thread_local_scoped_config = const_cast(static_cast(config.get())); thread_local_scoped_config->removeRoutingScopes(removed_scope_names); return config; }); } return to_be_removed_rds_providers; } void ScopedRdsConfigSubscription::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info) { // NOTE: deletes are done before adds/updates. absl::flat_hash_map to_be_removed_scopes; // Destruction of resume_rds will lift the floodgate for new RDS subscriptions. // Note in the case of partial acceptance, accepted RDS subscriptions should be started // despite of any error. ScopedResume resume_rds; // If new route config sources come after the local init manager's initialize() been // called, the init manager can't accept new targets. Instead we use a local override which will // start new subscriptions but not wait on them to be ready. std::unique_ptr srds_init_mgr; // NOTE: This should be defined after srds_init_mgr and resume_rds, as it depends on the // srds_init_mgr, and we want a single RDS discovery request to be sent to management // server. std::unique_ptr srds_initialization_continuation; ASSERT(localInitManager().state() > Init::Manager::State::Uninitialized); const auto type_urls = Envoy::Config::getAllVersionTypeUrls(); // Pause RDS to not send a burst of RDS requests until we start all the new subscriptions. // In the case that localInitManager is uninitialized, RDS is already paused // either by Server init or LDS init. if (factory_context_.clusterManager().adsMux()) { resume_rds = factory_context_.clusterManager().adsMux()->pause(type_urls); } // if local init manager is initialized, the parent init manager may have gone away. if (localInitManager().state() == Init::Manager::State::Initialized) { srds_init_mgr = std::make_unique(fmt::format("SRDS {}:{}", name_, version_info)); srds_initialization_continuation = std::make_unique([this, &srds_init_mgr, version_info] { // For new RDS subscriptions created after listener warming up, we don't wait for them to // warm up. Init::WatcherImpl noop_watcher( // Note: we just throw it away. fmt::format("SRDS ConfigUpdate watcher {}:{}", name_, version_info), []() { /*Do nothing.*/ }); srds_init_mgr->initialize(noop_watcher); }); } std::string exception_msg; Protobuf::RepeatedPtrField clean_removed_resources = detectUpdateConflictAndCleanupRemoved(added_resources, removed_resources, exception_msg); if (!exception_msg.empty()) { throw EnvoyException(fmt::format("Error adding/updating scoped route(s): {}", exception_msg)); } // Do not delete RDS config providers just yet, in case the to be deleted RDS subscriptions could // be reused by some to be added scopes. std::list to_be_removed_rds_providers = removeScopes(clean_removed_resources, version_info); bool any_applied = addOrUpdateScopes(added_resources, (srds_init_mgr == nullptr ? localInitManager() : *srds_init_mgr), version_info) || !to_be_removed_rds_providers.empty(); ConfigSubscriptionCommonBase::onConfigUpdate(); if (any_applied) { setLastConfigInfo(absl::optional({absl::nullopt, version_info})); } stats_.all_scopes_.set(scoped_route_map_.size()); stats_.config_reload_.inc(); } void ScopedRdsConfigSubscription::onRdsConfigUpdate(const std::string& scope_name, RdsRouteConfigSubscription& rds_subscription) { auto iter = scoped_route_map_.find(scope_name); ASSERT(iter != scoped_route_map_.end(), fmt::format("trying to update route config for non-existing scope {}", scope_name)); auto new_scoped_route_info = std::make_shared( envoy::config::route::v3::ScopedRouteConfiguration(iter->second->configProto()), std::make_shared( rds_subscription.routeConfigUpdate()->routeConfiguration(), factory_context_, factory_context_.messageValidationContext().dynamicValidationVisitor(), false)); applyConfigUpdate([new_scoped_route_info](ConfigProvider::ConfigConstSharedPtr config) -> ConfigProvider::ConfigConstSharedPtr { auto* thread_local_scoped_config = const_cast(static_cast(config.get())); thread_local_scoped_config->addOrUpdateRoutingScopes({new_scoped_route_info}); return config; }); // The data plane may wait for the route configuration to come back. route_provider_by_scope_[scope_name]->runOnDemandUpdateCallback(); } // TODO(stevenzzzz): see issue #7508, consider generalizing this function as it overlaps with // CdsApiImpl::onConfigUpdate. void ScopedRdsConfigSubscription::onConfigUpdate( const std::vector& resources, const std::string& version_info) { Protobuf::RepeatedPtrField to_remove_repeated; for (const auto& scoped_route : scoped_route_map_) { *to_remove_repeated.Add() = scoped_route.first; } onConfigUpdate(resources, to_remove_repeated, version_info); } Protobuf::RepeatedPtrField ScopedRdsConfigSubscription::detectUpdateConflictAndCleanupRemoved( const std::vector& resources, const Protobuf::RepeatedPtrField& removed_resources, std::string& exception_msg) { Protobuf::RepeatedPtrField clean_removed_resources; // All the scope names to be removed or updated. absl::flat_hash_set updated_or_removed_scopes; for (const std::string& removed_resource : removed_resources) { updated_or_removed_scopes.insert(removed_resource); } for (const auto& resource : resources) { const auto& scoped_route = dynamic_cast( resource.get().resource()); updated_or_removed_scopes.insert(scoped_route.name()); } absl::flat_hash_map scope_name_by_hash = scope_name_by_hash_; absl::erase_if(scope_name_by_hash, [&updated_or_removed_scopes](const auto& key_name) { auto const& [key, name] = key_name; return updated_or_removed_scopes.contains(name); }); absl::flat_hash_map scoped_routes; for (const auto& resource : resources) { // Throws (thus rejects all) on any error. const auto& scoped_route = dynamic_cast( resource.get().resource()); const std::string& scope_name = scoped_route.name(); auto scope_config_inserted = scoped_routes.try_emplace(scope_name, std::move(scoped_route)); if (!scope_config_inserted.second) { exception_msg = fmt::format("duplicate scoped route configuration '{}' found", scope_name); return clean_removed_resources; } const envoy::config::route::v3::ScopedRouteConfiguration& scoped_route_config = scope_config_inserted.first->second; const uint64_t key_fingerprint = MessageUtil::hash(scoped_route_config.key()); if (!scope_name_by_hash.try_emplace(key_fingerprint, scope_name).second) { exception_msg = fmt::format("scope key conflict found, first scope is '{}', second scope is '{}'", scope_name_by_hash[key_fingerprint], scope_name); return clean_removed_resources; } } // only remove resources that is not going to be updated. for (const std::string& removed_resource : removed_resources) { if (!scoped_routes.contains(removed_resource)) { *clean_removed_resources.Add() = removed_resource; } } return clean_removed_resources; } void ScopedRdsConfigSubscription::onDemandRdsUpdate( std::shared_ptr scope_key, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallback&& route_config_updated_cb, std::weak_ptr weak_subscription) { factory_context_.dispatcher().post([this, &thread_local_dispatcher, scope_key, route_config_updated_cb, weak_subscription]() { // If the subscription has been destroyed, return immediately. if (!weak_subscription.lock()) { thread_local_dispatcher.post([route_config_updated_cb] { route_config_updated_cb(false); }); return; } auto iter = scope_name_by_hash_.find(scope_key->hash()); // Return to filter chain if we can't find the scope. // The scope may have been destroyed when callback reach the main thread. if (iter == scope_name_by_hash_.end()) { thread_local_dispatcher.post([route_config_updated_cb] { route_config_updated_cb(false); }); return; } // Wrap the thread local dispatcher inside the callback. std::function thread_local_updated_callback = [route_config_updated_cb, &thread_local_dispatcher]() { thread_local_dispatcher.post([route_config_updated_cb] { route_config_updated_cb(true); }); }; std::string scope_name = iter->second; // On demand initialization inside main thread. route_provider_by_scope_[scope_name]->addOnDemandUpdateCallback(thread_local_updated_callback); }); } ScopedRdsConfigProvider::ScopedRdsConfigProvider( ScopedRdsConfigSubscriptionSharedPtr&& subscription) : MutableConfigProviderCommonBase(std::move(subscription), ConfigProvider::ApiType::Delta) {} ProtobufTypes::MessagePtr ScopedRoutesConfigProviderManager::dumpConfigs() const { auto config_dump = std::make_unique(); for (const auto& element : configSubscriptions()) { auto subscription = element.second.lock(); ASSERT(subscription); if (subscription->configInfo()) { auto* dynamic_config = config_dump->mutable_dynamic_scoped_route_configs()->Add(); dynamic_config->set_version_info(subscription->configInfo().value().last_config_version_); const ScopedRdsConfigSubscription* typed_subscription = static_cast(subscription.get()); dynamic_config->set_name(typed_subscription->name()); const ScopedRouteMap& scoped_route_map = typed_subscription->scopedRouteMap(); for (const auto& it : scoped_route_map) { dynamic_config->mutable_scoped_route_configs()->Add()->PackFrom( API_RECOVER_ORIGINAL(it.second->configProto())); } TimestampUtil::systemClockToTimestamp(subscription->lastUpdated(), *dynamic_config->mutable_last_updated()); } } for (const auto& provider : immutableConfigProviders(ConfigProviderInstanceType::Inline)) { const auto protos_info = provider->configProtoInfoVector(); ASSERT(protos_info != absl::nullopt); auto* inline_config = config_dump->mutable_inline_scoped_route_configs()->Add(); inline_config->set_name(static_cast(provider)->name()); for (const auto& config_proto : protos_info.value().config_protos_) { inline_config->mutable_scoped_route_configs()->Add()->PackFrom( API_RECOVER_ORIGINAL(*config_proto)); } TimestampUtil::systemClockToTimestamp(provider->lastUpdated(), *inline_config->mutable_last_updated()); } return config_dump; } ConfigProviderPtr ScopedRoutesConfigProviderManager::createXdsConfigProvider( const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string& stat_prefix, const ConfigProviderManager::OptionalArg& optarg) { const auto& typed_optarg = static_cast(optarg); ScopedRdsConfigSubscriptionSharedPtr subscription = ConfigProviderManagerImplBase::getSubscription( config_source_proto, init_manager, [&config_source_proto, &factory_context, &stat_prefix, &typed_optarg](const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager) -> Envoy::Config::ConfigSubscriptionCommonBaseSharedPtr { const auto& scoped_rds_config_source = dynamic_cast< const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRds&>( config_source_proto); return std::make_shared( scoped_rds_config_source, manager_identifier, typed_optarg.scoped_routes_name_, typed_optarg.scope_key_builder_, factory_context, stat_prefix, typed_optarg.rds_config_source_, static_cast(config_provider_manager) .routeConfigProviderPanager(), static_cast(config_provider_manager)); }); return std::make_unique(std::move(subscription)); } ConfigProviderPtr ScopedRoutesConfigProviderManager::createStaticConfigProvider( ProtobufTypes::ConstMessagePtrVector&& config_protos, Server::Configuration::ServerFactoryContext& factory_context, const ConfigProviderManager::OptionalArg& optarg) { const auto& typed_optarg = static_cast(optarg); return std::make_unique( std::move(config_protos), typed_optarg.scoped_routes_name_, factory_context, *this, typed_optarg.rds_config_source_, typed_optarg.scope_key_builder_); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/scoped_rds.h ================================================ #pragma once #include #include #include "envoy/common/callback.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/config/route/v3/scoped_route.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/router/route_config_provider_manager.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/config/config_provider_impl.h" #include "common/config/subscription_base.h" #include "common/init/manager_impl.h" #include "common/router/rds_impl.h" #include "common/router/scoped_config_impl.h" namespace Envoy { namespace Router { // Scoped routing configuration utilities. namespace ScopedRoutesConfigProviderUtil { // If enabled in the HttpConnectionManager config, returns a ConfigProvider for scoped routing // configuration. Envoy::Config::ConfigProviderPtr create( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string& stat_prefix, Envoy::Config::ConfigProviderManager& scoped_routes_config_provider_manager); } // namespace ScopedRoutesConfigProviderUtil class ScopedRoutesConfigProviderManager; // A ConfigProvider for inline scoped routing configuration. // InlineScopedRoutesConfigProvider is not fully implemented at this point. It doesn't load // ScopedRouteConfigurations and propagate them to worker threads. If // InlineScopedRoutesConfigProvider is fully implemented, when it is loading // ScopedRouteConfiguration, the on demand field should be ignored and all scopes should be loaded // eagerly. class InlineScopedRoutesConfigProvider : public Envoy::Config::ImmutableConfigProviderBase { public: InlineScopedRoutesConfigProvider(ProtobufTypes::ConstMessagePtrVector&& config_protos, std::string name, Server::Configuration::ServerFactoryContext& factory_context, ScopedRoutesConfigProviderManager& config_provider_manager, envoy::config::core::v3::ConfigSource rds_config_source, envoy::extensions::filters::network::http_connection_manager:: v3::ScopedRoutes::ScopeKeyBuilder scope_key_builder); ~InlineScopedRoutesConfigProvider() override = default; const std::string& name() const { return name_; } // Envoy::Config::ConfigProvider Envoy::Config::ConfigProvider::ConfigProtoVector getConfigProtos() const override { Envoy::Config::ConfigProvider::ConfigProtoVector out_protos; std::for_each(config_protos_.begin(), config_protos_.end(), [&out_protos](const std::unique_ptr& message) { out_protos.push_back(message.get()); }); return out_protos; } std::string getConfigVersion() const override { return ""; } ConfigConstSharedPtr getConfig() const override { return config_; } private: const std::string name_; ConfigConstSharedPtr config_; const std::vector> config_protos_; const envoy::config::core::v3::ConfigSource rds_config_source_; }; /** * All SRDS stats. @see stats_macros.h */ // clang-format off #define ALL_SCOPED_RDS_STATS(COUNTER, GAUGE) \ COUNTER(config_reload) \ COUNTER(update_empty) \ GAUGE(all_scopes, Accumulate) \ GAUGE(on_demand_scopes, Accumulate) \ GAUGE(active_scopes, Accumulate) // clang-format on struct ScopedRdsStats { ALL_SCOPED_RDS_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) static ScopedRdsStats generateStats(const std::string& prefix, Stats::Scope& scope) { return ScopedRdsStats{ ALL_SCOPED_RDS_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix))}; } }; // A scoped RDS subscription to be used with the dynamic scoped RDS ConfigProvider. class ScopedRdsConfigSubscription : public Envoy::Config::DeltaConfigSubscriptionInstance, Envoy::Config::SubscriptionBase { public: using ScopedRouteConfigurationMap = std::map; ScopedRdsConfigSubscription( const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRds& scoped_rds, const uint64_t manager_identifier, const std::string& name, const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder& scope_key_builder, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, envoy::config::core::v3::ConfigSource rds_config_source, RouteConfigProviderManager& route_config_provider_manager, ScopedRoutesConfigProviderManager& config_provider_manager); ~ScopedRdsConfigSubscription() override = default; const std::string& name() const { return name_; } const ScopedRouteMap& scopedRouteMap() const { return scoped_route_map_; } void onDemandRdsUpdate(std::shared_ptr scope_key, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallback&& route_config_updated_cb, std::weak_ptr weak_subscription); private: // A helper class that takes care of the life cycle management of a RDS route provider and the // update callback handle. struct RdsRouteConfigProviderHelper { RdsRouteConfigProviderHelper( ScopedRdsConfigSubscription& parent, std::string scope_name, envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Init::Manager& init_manager); RdsRouteConfigProviderHelper(ScopedRdsConfigSubscription& parent, std::string scope_name); ~RdsRouteConfigProviderHelper() { // Only remove the rds update when the rds provider has been initialized. if (route_provider_) { rds_update_callback_handle_->remove(); parent_.stats_.active_scopes_.dec(); } if (on_demand_) { parent_.stats_.on_demand_scopes_.dec(); } } ConfigConstSharedPtr routeConfig() { return route_provider_->config(); } void addOnDemandUpdateCallback(std::function callback); // Runs all the callback from worker thread to continue filter chain. void runOnDemandUpdateCallback(); // If route provider has not been initialized, initialize it. void maybeInitRdsConfigProvider(); // Initialize route provider and register for rds update. void initRdsConfigProvider( envoy::extensions::filters::network::http_connection_manager::v3::Rds& rds, Init::Manager& init_manager); ScopedRdsConfigSubscription& parent_; std::string scope_name_; bool on_demand_; RdsRouteConfigProviderImplSharedPtr route_provider_; // This handle_ is owned by the route config provider's RDS subscription, when the helper // destructs, the handle is deleted as well. Common::CallbackHandle* rds_update_callback_handle_; std::vector> on_demand_update_callbacks_; }; using RdsRouteConfigProviderHelperPtr = std::unique_ptr; // Adds or updates scopes, create a new RDS provider for each resource, if an exception is thrown // during updating, the exception message is collected via the exception messages vector. // Returns true if any scope updated, false otherwise. bool addOrUpdateScopes(const std::vector& resources, Init::Manager& init_manager, const std::string& version_info); // Removes given scopes from the managed set of scopes. // Returns a list of to be removed helpers which is temporally held in the onConfigUpdate method, // to make sure new scopes sharing the same RDS source configs could reuse the subscriptions. std::list removeScopes(const Protobuf::RepeatedPtrField& scope_names, const std::string& version_info); // Envoy::Config::DeltaConfigSubscriptionInstance void start() override { subscription_->start({}); } // Detect scope name and scope key conflict between added scopes or between added scopes and old // scopes. Some removed scopes may be in added resources list, instead of being removed, they // should be updated, so only return scope names that will disappear after update. If conflict // detected, fill exception_msg with information about scope conflict and return. Protobuf::RepeatedPtrField detectUpdateConflictAndCleanupRemoved( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, std::string& exception_msg); // Envoy::Config::SubscriptionCallbacks // NOTE: both delta form and state-of-the-world form onConfigUpdate(resources, version_info) will // throw an EnvoyException on any error and essentially reject an update. void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) override { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); DeltaConfigSubscriptionInstance::onConfigUpdateFailed(); } // Propagate RDS updates to ScopeConfigImpl in workers. void onRdsConfigUpdate(const std::string& scope_name, RdsRouteConfigSubscription& rds_subscription); // ScopedRouteInfo by scope name. ScopedRouteMap scoped_route_map_; // For creating RDS subscriptions. Server::Configuration::ServerFactoryContext& factory_context_; const std::string name_; Envoy::Config::SubscriptionPtr subscription_; const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder scope_key_builder_; Stats::ScopePtr scope_; ScopedRdsStats stats_; const envoy::config::core::v3::ConfigSource rds_config_source_; const std::string stat_prefix_; RouteConfigProviderManager& route_config_provider_manager_; // RdsRouteConfigProvider by scope name. absl::flat_hash_map route_provider_by_scope_; // A map of (hash, scope-name), used to detect the key conflict between scopes. absl::flat_hash_map scope_name_by_hash_; }; using ScopedRdsConfigSubscriptionSharedPtr = std::shared_ptr; // A ConfigProvider for scoped RDS that dynamically fetches scoped routing configuration via a // subscription. class ScopedRdsConfigProvider : public Envoy::Config::MutableConfigProviderCommonBase { public: ScopedRdsConfigProvider(ScopedRdsConfigSubscriptionSharedPtr&& subscription); ScopedRdsConfigSubscription& subscription() const { return *static_cast(subscription_.get()); } void onDemandRdsUpdate(std::shared_ptr scope_key, Event::Dispatcher& thread_local_dispatcher, Http::RouteConfigUpdatedCallback&& route_config_updated_cb) const { subscription().onDemandRdsUpdate( std::move(scope_key), thread_local_dispatcher, std::move(route_config_updated_cb), std::weak_ptr(subscription_)); } }; // A ConfigProviderManager for scoped routing configuration that creates static/inline and dynamic // (xds) config providers. class ScopedRoutesConfigProviderManager : public Envoy::Config::ConfigProviderManagerImplBase { public: ScopedRoutesConfigProviderManager( Server::Admin& admin, Router::RouteConfigProviderManager& route_config_provider_manager) : Envoy::Config::ConfigProviderManagerImplBase(admin, "route_scopes"), route_config_provider_manager_(route_config_provider_manager) {} ~ScopedRoutesConfigProviderManager() override = default; // Envoy::Config::ConfigProviderManagerImplBase ProtobufTypes::MessagePtr dumpConfigs() const override; // Envoy::Config::ConfigProviderManager Envoy::Config::ConfigProviderPtr createXdsConfigProvider(const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string& stat_prefix, const Envoy::Config::ConfigProviderManager::OptionalArg& optarg) override; Envoy::Config::ConfigProviderPtr createStaticConfigProvider(const Protobuf::Message&, Server::Configuration::ServerFactoryContext&, const Envoy::Config::ConfigProviderManager::OptionalArg&) override { ASSERT(false, "SRDS supports delta updates and requires the use of the createStaticConfigProvider() " "overload that accepts a config proto set as an argument."); NOT_REACHED_GCOVR_EXCL_LINE; } Envoy::Config::ConfigProviderPtr createStaticConfigProvider( std::vector>&& config_protos, Server::Configuration::ServerFactoryContext& factory_context, const Envoy::Config::ConfigProviderManager::OptionalArg& optarg) override; RouteConfigProviderManager& routeConfigProviderPanager() { return route_config_provider_manager_; } private: RouteConfigProviderManager& route_config_provider_manager_; }; using ScopedRoutesConfigProviderManagerPtr = std::unique_ptr; using ScopedRoutesConfigProviderManagerSharedPtr = std::shared_ptr; // The optional argument passed to the ConfigProviderManager::create*() functions. class ScopedRoutesConfigProviderManagerOptArg : public Envoy::Config::ConfigProviderManager::OptionalArg { public: ScopedRoutesConfigProviderManagerOptArg( std::string scoped_routes_name, const envoy::config::core::v3::ConfigSource& rds_config_source, const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder& scope_key_builder) : scoped_routes_name_(std::move(scoped_routes_name)), rds_config_source_(rds_config_source), scope_key_builder_(scope_key_builder) {} const std::string scoped_routes_name_; const envoy::config::core::v3::ConfigSource& rds_config_source_; const envoy::extensions::filters::network::http_connection_manager::v3::ScopedRoutes:: ScopeKeyBuilder& scope_key_builder_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/shadow_writer_impl.cc ================================================ #include "common/router/shadow_writer_impl.h" #include #include #include "common/common/assert.h" #include "common/http/headers.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Router { void ShadowWriterImpl::shadow(const std::string& cluster, Http::RequestMessagePtr&& request, const Http::AsyncClient::RequestOptions& options) { // It's possible that the cluster specified in the route configuration no longer exists due // to a CDS removal. Check that it still exists before shadowing. // TODO(mattklein123): Optimally we would have a stat but for now just fix the crashing issue. if (!cm_.get(cluster)) { ENVOY_LOG(debug, "shadow cluster '{}' does not exist", cluster); return; } ASSERT(!request->headers().getHostValue().empty()); // Switch authority to add a shadow postfix. This allows upstream logging to make more sense. auto parts = StringUtil::splitToken(request->headers().getHostValue(), ":"); ASSERT(!parts.empty() && parts.size() <= 2); request->headers().setHost(parts.size() == 2 ? absl::StrJoin(parts, "-shadow:") : absl::StrCat(request->headers().getHostValue(), "-shadow")); // This is basically fire and forget. We don't handle cancelling. cm_.httpAsyncClientForCluster(cluster).send(std::move(request), *this, options); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/shadow_writer_impl.h ================================================ #pragma once #include #include #include "envoy/router/shadow_writer.h" #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Router { /** * Implementation of ShadowWriter that takes incoming requests to shadow and implements "fire and * forget" behavior using an async client. */ class ShadowWriterImpl : Logger::Loggable, public ShadowWriter, public Http::AsyncClient::Callbacks { public: ShadowWriterImpl(Upstream::ClusterManager& cm) : cm_(cm) {} // Router::ShadowWriter void shadow(const std::string& cluster, Http::RequestMessagePtr&& request, const Http::AsyncClient::RequestOptions& options) override; // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&&) override {} void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) override {} void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: Upstream::ClusterManager& cm_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/string_accessor_impl.h ================================================ #pragma once #include "envoy/router/string_accessor.h" namespace Envoy { namespace Router { class StringAccessorImpl : public StringAccessor { public: StringAccessorImpl(absl::string_view value) : value_(value) {} // StringAccessor absl::string_view asString() const override { return value_; } // FilterState::Object ProtobufTypes::MessagePtr serializeAsProto() const override { auto message = std::make_unique(); message->set_value(value_); return message; } absl::optional serializeAsString() const override { return value_; } private: std::string value_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/tls_context_match_criteria_impl.cc ================================================ #include "common/router/tls_context_match_criteria_impl.h" #include "envoy/config/route/v3/route_components.pb.h" namespace Envoy { namespace Router { TlsContextMatchCriteriaImpl::TlsContextMatchCriteriaImpl( const envoy::config::route::v3::RouteMatch::TlsContextMatchOptions& options) { if (options.has_presented()) { presented_ = options.presented().value(); } if (options.has_validated()) { validated_ = options.validated().value(); } } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/tls_context_match_criteria_impl.h ================================================ #pragma once #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/router/router.h" namespace Envoy { namespace Router { class TlsContextMatchCriteriaImpl : public TlsContextMatchCriteria { public: TlsContextMatchCriteriaImpl( const envoy::config::route::v3::RouteMatch::TlsContextMatchOptions& options); const absl::optional& presented() const override { return presented_; } const absl::optional& validated() const override { return validated_; } private: absl::optional presented_; absl::optional validated_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/upstream_request.cc ================================================ #include "common/router/upstream_request.h" #include #include #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/grpc/status.h" #include "envoy/http/conn_pool.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/scope_tracker.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/network/application_protocol.h" #include "common/network/transport_socket_options_impl.h" #include "common/network/upstream_server_name.h" #include "common/network/upstream_subject_alt_names.h" #include "common/router/config_impl.h" #include "common/router/debug_config.h" #include "common/router/router.h" #include "common/stream_info/uint32_accessor_impl.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/common/proxy_protocol/proxy_protocol_header.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Router { UpstreamRequest::UpstreamRequest(RouterFilterInterface& parent, std::unique_ptr&& conn_pool) : parent_(parent), conn_pool_(std::move(conn_pool)), grpc_rq_success_deferred_(false), stream_info_(parent_.callbacks()->dispatcher().timeSource()), start_time_(parent_.callbacks()->dispatcher().timeSource().monotonicTime()), calling_encode_headers_(false), upstream_canary_(false), decode_complete_(false), encode_complete_(false), encode_trailers_(false), retried_(false), awaiting_headers_(true), outlier_detection_timeout_recorded_(false), create_per_try_timeout_on_request_complete_(false), paused_for_connect_(false), record_timeout_budget_(parent_.cluster()->timeoutBudgetStats().has_value()) { if (parent_.config().start_child_span_) { span_ = parent_.callbacks()->activeSpan().spawnChild( parent_.callbacks()->tracingConfig(), "router " + parent.cluster()->name() + " egress", parent.timeSource().systemTime()); if (parent.attemptCount() != 1) { // This is a retry request, add this metadata to span. span_->setTag(Tracing::Tags::get().RetryCount, std::to_string(parent.attemptCount() - 1)); } } stream_info_.healthCheck(parent_.callbacks()->streamInfo().healthCheck()); if (conn_pool_->protocol().has_value()) { stream_info_.protocol(conn_pool_->protocol().value()); } } UpstreamRequest::~UpstreamRequest() { if (span_ != nullptr) { Tracing::HttpTracerUtility::finalizeUpstreamSpan(*span_, upstream_headers_.get(), upstream_trailers_.get(), stream_info_, Tracing::EgressConfig::get()); } if (per_try_timeout_ != nullptr) { // Allows for testing. per_try_timeout_->disableTimer(); } if (max_stream_duration_timer_ != nullptr) { max_stream_duration_timer_->disableTimer(); } clearRequestEncoder(); // If desired, fire the per-try histogram when the UpstreamRequest // completes. if (record_timeout_budget_) { Event::Dispatcher& dispatcher = parent_.callbacks()->dispatcher(); const MonotonicTime end_time = dispatcher.timeSource().monotonicTime(); const std::chrono::milliseconds response_time = std::chrono::duration_cast(end_time - start_time_); Upstream::ClusterTimeoutBudgetStatsOptRef tb_stats = parent_.cluster()->timeoutBudgetStats(); tb_stats->get().upstream_rq_timeout_budget_per_try_percent_used_.recordValue( FilterUtility::percentageOfTimeout(response_time, parent_.timeout().per_try_timeout_)); } stream_info_.setUpstreamTiming(upstream_timing_); stream_info_.onRequestComplete(); for (const auto& upstream_log : parent_.config().upstream_logs_) { upstream_log->log(parent_.downstreamHeaders(), upstream_headers_.get(), upstream_trailers_.get(), stream_info_); } while (downstream_data_disabled_ != 0) { parent_.callbacks()->onDecoderFilterBelowWriteBufferLowWatermark(); parent_.cluster()->stats().upstream_flow_control_drained_total_.inc(); --downstream_data_disabled_; } } void UpstreamRequest::decode100ContinueHeaders(Http::ResponseHeaderMapPtr&& headers) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); ASSERT(100 == Http::Utility::getResponseStatus(*headers)); parent_.onUpstream100ContinueHeaders(std::move(headers), *this); } void UpstreamRequest::decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); // We drop 1xx other than 101 on the floor; 101 upgrade headers need to be passed to the client as // part of the final response. 100-continue headers are handled in onUpstream100ContinueHeaders. // // We could in principle handle other headers here, but this might result in the double invocation // of decodeHeaders() (once for informational, again for non-informational), which is likely an // easy to miss corner case in the filter and HCM contract. // // This filtering is done early in upstream request, unlike 100 coalescing which is performed in // the router filter, since the filtering only depends on the state of a single upstream, and we // don't want to confuse accounting such as onFirstUpstreamRxByteReceived() with informational // headers. const uint64_t response_code = Http::Utility::getResponseStatus(*headers); if (Http::CodeUtility::is1xx(response_code) && response_code != enumToInt(Http::Code::SwitchingProtocols)) { return; } // TODO(rodaine): This is actually measuring after the headers are parsed and not the first // byte. upstream_timing_.onFirstUpstreamRxByteReceived(parent_.callbacks()->dispatcher().timeSource()); maybeEndDecode(end_stream); awaiting_headers_ = false; if (!parent_.config().upstream_logs_.empty()) { upstream_headers_ = Http::createHeaderMap(*headers); } stream_info_.response_code_ = static_cast(response_code); if (paused_for_connect_ && response_code == 200) { encodeBodyAndTrailers(); paused_for_connect_ = false; } parent_.onUpstreamHeaders(response_code, std::move(headers), *this, end_stream); } void UpstreamRequest::decodeData(Buffer::Instance& data, bool end_stream) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); maybeEndDecode(end_stream); stream_info_.addBytesReceived(data.length()); parent_.onUpstreamData(data, *this, end_stream); } void UpstreamRequest::decodeTrailers(Http::ResponseTrailerMapPtr&& trailers) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); maybeEndDecode(true); if (!parent_.config().upstream_logs_.empty()) { upstream_trailers_ = Http::createHeaderMap(*trailers); } parent_.onUpstreamTrailers(std::move(trailers), *this); } const RouteEntry& UpstreamRequest::routeEntry() const { return *parent_.routeEntry(); } const Network::Connection& UpstreamRequest::connection() const { return *parent_.callbacks()->connection(); } void UpstreamRequest::decodeMetadata(Http::MetadataMapPtr&& metadata_map) { parent_.onUpstreamMetadata(std::move(metadata_map)); } void UpstreamRequest::maybeEndDecode(bool end_stream) { if (end_stream) { upstream_timing_.onLastUpstreamRxByteReceived(parent_.callbacks()->dispatcher().timeSource()); decode_complete_ = true; } } void UpstreamRequest::onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) { stream_info_.onUpstreamHostSelected(host); upstream_host_ = host; parent_.callbacks()->streamInfo().onUpstreamHostSelected(host); parent_.onUpstreamHostSelected(host); } void UpstreamRequest::encodeHeaders(bool end_stream) { ASSERT(!encode_complete_); encode_complete_ = end_stream; conn_pool_->newStream(this); } void UpstreamRequest::encodeData(Buffer::Instance& data, bool end_stream) { ASSERT(!encode_complete_); encode_complete_ = end_stream; if (!upstream_ || paused_for_connect_) { ENVOY_STREAM_LOG(trace, "buffering {} bytes", *parent_.callbacks(), data.length()); if (!buffered_request_body_) { buffered_request_body_ = std::make_unique( [this]() -> void { this->enableDataFromDownstreamForFlowControl(); }, [this]() -> void { this->disableDataFromDownstreamForFlowControl(); }, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }); buffered_request_body_->setWatermarks(parent_.callbacks()->decoderBufferLimit()); } buffered_request_body_->move(data); } else { ASSERT(downstream_metadata_map_vector_.empty()); ENVOY_STREAM_LOG(trace, "proxying {} bytes", *parent_.callbacks(), data.length()); stream_info_.addBytesSent(data.length()); upstream_->encodeData(data, end_stream); if (end_stream) { upstream_timing_.onLastUpstreamTxByteSent(parent_.callbacks()->dispatcher().timeSource()); } } } void UpstreamRequest::encodeTrailers(const Http::RequestTrailerMap& trailers) { ASSERT(!encode_complete_); encode_complete_ = true; encode_trailers_ = true; if (!upstream_) { ENVOY_STREAM_LOG(trace, "buffering trailers", *parent_.callbacks()); } else { ASSERT(downstream_metadata_map_vector_.empty()); ENVOY_STREAM_LOG(trace, "proxying trailers", *parent_.callbacks()); upstream_->encodeTrailers(trailers); upstream_timing_.onLastUpstreamTxByteSent(parent_.callbacks()->dispatcher().timeSource()); } } void UpstreamRequest::encodeMetadata(Http::MetadataMapPtr&& metadata_map_ptr) { if (!upstream_) { ENVOY_STREAM_LOG(trace, "upstream_ not ready. Store metadata_map to encode later: {}", *parent_.callbacks(), *metadata_map_ptr); downstream_metadata_map_vector_.emplace_back(std::move(metadata_map_ptr)); } else { ENVOY_STREAM_LOG(trace, "Encode metadata: {}", *parent_.callbacks(), *metadata_map_ptr); Http::MetadataMapVector metadata_map_vector; metadata_map_vector.emplace_back(std::move(metadata_map_ptr)); upstream_->encodeMetadata(metadata_map_vector); } } void UpstreamRequest::onResetStream(Http::StreamResetReason reason, absl::string_view transport_failure_reason) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); if (span_ != nullptr) { // Add tags about reset. span_->setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); span_->setTag(Tracing::Tags::get().ErrorReason, Http::Utility::resetReasonToString(reason)); } clearRequestEncoder(); awaiting_headers_ = false; if (!calling_encode_headers_) { stream_info_.setResponseFlag(Filter::streamResetReasonToResponseFlag(reason)); parent_.onUpstreamReset(reason, transport_failure_reason, *this); } else { deferred_reset_reason_ = reason; } } void UpstreamRequest::resetStream() { // Don't reset the stream if we're already done with it. if (encode_complete_ && decode_complete_) { return; } if (span_ != nullptr) { // Add tags about the cancellation. span_->setTag(Tracing::Tags::get().Canceled, Tracing::Tags::get().True); } if (conn_pool_->cancelAnyPendingStream()) { ENVOY_STREAM_LOG(debug, "canceled pool request", *parent_.callbacks()); ASSERT(!upstream_); } if (upstream_) { ENVOY_STREAM_LOG(debug, "resetting pool request", *parent_.callbacks()); upstream_->resetStream(); clearRequestEncoder(); } } void UpstreamRequest::setupPerTryTimeout() { ASSERT(!per_try_timeout_); if (parent_.timeout().per_try_timeout_.count() > 0) { per_try_timeout_ = parent_.callbacks()->dispatcher().createTimer([this]() -> void { onPerTryTimeout(); }); per_try_timeout_->enableTimer(parent_.timeout().per_try_timeout_); } } void UpstreamRequest::onPerTryTimeout() { // If we've sent anything downstream, ignore the per try timeout and let the response continue // up to the global timeout if (!parent_.downstreamResponseStarted()) { ENVOY_STREAM_LOG(debug, "upstream per try timeout", *parent_.callbacks()); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::UpstreamRequestTimeout); parent_.onPerTryTimeout(*this); } else { ENVOY_STREAM_LOG(debug, "ignored upstream per try timeout due to already started downstream response", *parent_.callbacks()); } } void UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) { Http::StreamResetReason reset_reason = Http::StreamResetReason::ConnectionFailure; switch (reason) { case ConnectionPool::PoolFailureReason::Overflow: reset_reason = Http::StreamResetReason::Overflow; break; case ConnectionPool::PoolFailureReason::RemoteConnectionFailure: FALLTHRU; case ConnectionPool::PoolFailureReason::LocalConnectionFailure: reset_reason = Http::StreamResetReason::ConnectionFailure; break; case ConnectionPool::PoolFailureReason::Timeout: reset_reason = Http::StreamResetReason::LocalReset; } // Mimic an upstream reset. onUpstreamHostSelected(host); onResetStream(reset_reason, transport_failure_reason); } void UpstreamRequest::onPoolReady( std::unique_ptr&& upstream, Upstream::HostDescriptionConstSharedPtr host, const Network::Address::InstanceConstSharedPtr& upstream_local_address, const StreamInfo::StreamInfo& info) { // This may be called under an existing ScopeTrackerScopeState but it will unwind correctly. ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); ENVOY_STREAM_LOG(debug, "pool ready", *parent_.callbacks()); upstream_ = std::move(upstream); if (parent_.requestVcluster()) { // The cluster increases its upstream_rq_total_ counter right before firing this onPoolReady // callback. Hence, the upstream request increases the virtual cluster's upstream_rq_total_ stat // here. parent_.requestVcluster()->stats().upstream_rq_total_.inc(); } host->outlierDetector().putResult(Upstream::Outlier::Result::LocalOriginConnectSuccess); onUpstreamHostSelected(host); stream_info_.setUpstreamFilterState(std::make_shared( info.filterState().parent()->parent(), StreamInfo::FilterState::LifeSpan::Request)); stream_info_.setUpstreamLocalAddress(upstream_local_address); parent_.callbacks()->streamInfo().setUpstreamLocalAddress(upstream_local_address); stream_info_.setUpstreamSslConnection(info.downstreamSslConnection()); parent_.callbacks()->streamInfo().setUpstreamSslConnection(info.downstreamSslConnection()); if (parent_.downstreamEndStream()) { setupPerTryTimeout(); } else { create_per_try_timeout_on_request_complete_ = true; } // Make sure the connection manager will inform the downstream watermark manager when the // downstream buffers are overrun. This may result in immediate watermark callbacks referencing // the encoder. parent_.callbacks()->addDownstreamWatermarkCallbacks(downstream_watermark_manager_); calling_encode_headers_ = true; auto* headers = parent_.downstreamHeaders(); if (parent_.routeEntry()->autoHostRewrite() && !host->hostname().empty()) { parent_.downstreamHeaders()->setHost(host->hostname()); } if (span_ != nullptr) { span_->injectContext(*parent_.downstreamHeaders()); } upstream_timing_.onFirstUpstreamTxByteSent(parent_.callbacks()->dispatcher().timeSource()); // Make sure that when we are forwarding CONNECT payload we do not do so until // the upstream has accepted the CONNECT request. if (conn_pool_->protocol().has_value() && headers->getMethodValue() == Http::Headers::get().MethodValues.Connect) { paused_for_connect_ = true; } if (upstream_host_->cluster().commonHttpProtocolOptions().has_max_stream_duration()) { const auto max_stream_duration = std::chrono::milliseconds(DurationUtil::durationToMilliseconds( upstream_host_->cluster().commonHttpProtocolOptions().max_stream_duration())); if (max_stream_duration.count()) { max_stream_duration_timer_ = parent_.callbacks()->dispatcher().createTimer( [this]() -> void { onStreamMaxDurationReached(); }); max_stream_duration_timer_->enableTimer(max_stream_duration); } } upstream_->encodeHeaders(*parent_.downstreamHeaders(), shouldSendEndStream()); calling_encode_headers_ = false; if (!paused_for_connect_) { encodeBodyAndTrailers(); } } void UpstreamRequest::encodeBodyAndTrailers() { // It is possible to get reset in the middle of an encodeHeaders() call. This happens for // example in the HTTP/2 codec if the frame cannot be encoded for some reason. This should never // happen but it's unclear if we have covered all cases so protect against it and test for it. // One specific example of a case where this happens is if we try to encode a total header size // that is too big in HTTP/2 (64K currently). if (deferred_reset_reason_) { onResetStream(deferred_reset_reason_.value(), absl::string_view()); } else { // Encode metadata after headers and before any other frame type. if (!downstream_metadata_map_vector_.empty()) { ENVOY_STREAM_LOG(debug, "Send metadata onPoolReady. {}", *parent_.callbacks(), downstream_metadata_map_vector_); upstream_->encodeMetadata(downstream_metadata_map_vector_); downstream_metadata_map_vector_.clear(); if (shouldSendEndStream()) { Buffer::OwnedImpl empty_data(""); upstream_->encodeData(empty_data, true); } } if (buffered_request_body_) { stream_info_.addBytesSent(buffered_request_body_->length()); upstream_->encodeData(*buffered_request_body_, encode_complete_ && !encode_trailers_); } if (encode_trailers_) { upstream_->encodeTrailers(*parent_.downstreamTrailers()); } if (encode_complete_) { upstream_timing_.onLastUpstreamTxByteSent(parent_.callbacks()->dispatcher().timeSource()); } } } void UpstreamRequest::onStreamMaxDurationReached() { upstream_host_->cluster().stats().upstream_rq_max_duration_reached_.inc(); // The upstream had closed then try to retry along with retry policy. parent_.onStreamMaxDurationReached(*this); } void UpstreamRequest::clearRequestEncoder() { // Before clearing the encoder, unsubscribe from callbacks. if (upstream_) { parent_.callbacks()->removeDownstreamWatermarkCallbacks(downstream_watermark_manager_); } upstream_.reset(); } void UpstreamRequest::DownstreamWatermarkManager::onAboveWriteBufferHighWatermark() { ASSERT(parent_.upstream_); // There are two states we should get this callback in: 1) the watermark was // hit due to writes from a different filter instance over a shared // downstream connection, or 2) the watermark was hit due to THIS filter // instance writing back the "winning" upstream request. In either case we // can disable reads from upstream. ASSERT(!parent_.parent_.finalUpstreamRequest() || &parent_ == parent_.parent_.finalUpstreamRequest()); // The downstream connection is overrun. Pause reads from upstream. // If there are multiple calls to readDisable either the codec (H2) or the underlying // Network::Connection (H1) will handle reference counting. parent_.parent_.cluster()->stats().upstream_flow_control_paused_reading_total_.inc(); parent_.upstream_->readDisable(true); } void UpstreamRequest::DownstreamWatermarkManager::onBelowWriteBufferLowWatermark() { ASSERT(parent_.upstream_); // One source of connection blockage has buffer available. Pass this on to the stream, which // will resume reads if this was the last remaining high watermark. parent_.parent_.cluster()->stats().upstream_flow_control_resumed_reading_total_.inc(); parent_.upstream_->readDisable(false); } void UpstreamRequest::disableDataFromDownstreamForFlowControl() { // If there is only one upstream request, we can be assured that // disabling reads will not slow down other upstream requests. If we've // already seen the full downstream request (downstream_end_stream_) then // disabling reads is a noop. // This assert condition must be true because // parent_.upstreamRequests().size() can only be greater than 1 in the // case of a per-try-timeout with hedge_on_per_try_timeout enabled, and // the per try timeout timer is started only after downstream_end_stream_ // is true. ASSERT(parent_.upstreamRequests().size() == 1 || parent_.downstreamEndStream()); parent_.cluster()->stats().upstream_flow_control_backed_up_total_.inc(); parent_.callbacks()->onDecoderFilterAboveWriteBufferHighWatermark(); ++downstream_data_disabled_; } void UpstreamRequest::enableDataFromDownstreamForFlowControl() { // If there is only one upstream request, we can be assured that // disabling reads will not overflow any write buffers in other upstream // requests. If we've already seen the full downstream request // (downstream_end_stream_) then enabling reads is a noop. // This assert condition must be true because // parent_.upstreamRequests().size() can only be greater than 1 in the // case of a per-try-timeout with hedge_on_per_try_timeout enabled, and // the per try timeout timer is started only after downstream_end_stream_ // is true. ASSERT(parent_.upstreamRequests().size() == 1 || parent_.downstreamEndStream()); parent_.cluster()->stats().upstream_flow_control_drained_total_.inc(); parent_.callbacks()->onDecoderFilterBelowWriteBufferLowWatermark(); ASSERT(downstream_data_disabled_ != 0); if (downstream_data_disabled_ > 0) { --downstream_data_disabled_; } } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/upstream_request.h ================================================ #pragma once #include #include #include #include #include #include "envoy/http/codec.h" #include "envoy/http/codes.h" #include "envoy/http/conn_pool.h" #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/tcp/conn_pool.h" #include "common/buffer/watermark_buffer.h" #include "common/common/cleanup.h" #include "common/common/hash.h" #include "common/common/hex.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/config/well_known_names.h" #include "common/stream_info/stream_info_impl.h" namespace Envoy { namespace Router { class GenericUpstream; class GenericConnectionPoolCallbacks; class RouterFilterInterface; class UpstreamRequest; // The base request for Upstream. class UpstreamRequest : public Logger::Loggable, public UpstreamToDownstream, public LinkedObject, public GenericConnectionPoolCallbacks { public: UpstreamRequest(RouterFilterInterface& parent, std::unique_ptr&& conn_pool); ~UpstreamRequest() override; void encodeHeaders(bool end_stream); void encodeData(Buffer::Instance& data, bool end_stream); void encodeTrailers(const Http::RequestTrailerMap& trailers); void encodeMetadata(Http::MetadataMapPtr&& metadata_map_ptr); void resetStream(); void setupPerTryTimeout(); void onPerTryTimeout(); void maybeEndDecode(bool end_stream); void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host); // Http::StreamDecoder void decodeData(Buffer::Instance& data, bool end_stream) override; void decodeMetadata(Http::MetadataMapPtr&& metadata_map) override; // UpstreamToDownstream (Http::ResponseDecoder) void decode100ContinueHeaders(Http::ResponseHeaderMapPtr&& headers) override; void decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) override; void decodeTrailers(Http::ResponseTrailerMapPtr&& trailers) override; // UpstreamToDownstream (Http::StreamCallbacks) void onResetStream(Http::StreamResetReason reason, absl::string_view transport_failure_reason) override; void onAboveWriteBufferHighWatermark() override { disableDataFromDownstreamForFlowControl(); } void onBelowWriteBufferLowWatermark() override { enableDataFromDownstreamForFlowControl(); } // UpstreamToDownstream const RouteEntry& routeEntry() const override; const Network::Connection& connection() const override; void disableDataFromDownstreamForFlowControl(); void enableDataFromDownstreamForFlowControl(); // GenericConnPool void onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(std::unique_ptr&& upstream, Upstream::HostDescriptionConstSharedPtr host, const Network::Address::InstanceConstSharedPtr& upstream_local_address, const StreamInfo::StreamInfo& info) override; UpstreamToDownstream& upstreamToDownstream() override { return *this; } void clearRequestEncoder(); void onStreamMaxDurationReached(); struct DownstreamWatermarkManager : public Http::DownstreamWatermarkCallbacks { DownstreamWatermarkManager(UpstreamRequest& parent) : parent_(parent) {} // Http::DownstreamWatermarkCallbacks void onBelowWriteBufferLowWatermark() override; void onAboveWriteBufferHighWatermark() override; UpstreamRequest& parent_; }; void readEnable(); void encodeBodyAndTrailers(); // Getters and setters Upstream::HostDescriptionConstSharedPtr& upstreamHost() { return upstream_host_; } void outlierDetectionTimeoutRecorded(bool recorded) { outlier_detection_timeout_recorded_ = recorded; } bool outlierDetectionTimeoutRecorded() { return outlier_detection_timeout_recorded_; } const StreamInfo::UpstreamTiming& upstreamTiming() { return upstream_timing_; } void retried(bool value) { retried_ = value; } bool retried() { return retried_; } bool grpcRqSuccessDeferred() { return grpc_rq_success_deferred_; } void grpcRqSuccessDeferred(bool deferred) { grpc_rq_success_deferred_ = deferred; } void upstreamCanary(bool value) { upstream_canary_ = value; } bool upstreamCanary() { return upstream_canary_; } bool awaitingHeaders() { return awaiting_headers_; } void recordTimeoutBudget(bool value) { record_timeout_budget_ = value; } bool createPerTryTimeoutOnRequestComplete() { return create_per_try_timeout_on_request_complete_; } bool encodeComplete() const { return encode_complete_; } RouterFilterInterface& parent() { return parent_; } private: bool shouldSendEndStream() { // Only encode end stream if the full request has been received, the body // has been sent, and any trailers or metadata have also been sent. return encode_complete_ && !buffered_request_body_ && !encode_trailers_ && downstream_metadata_map_vector_.empty(); } RouterFilterInterface& parent_; std::unique_ptr conn_pool_; bool grpc_rq_success_deferred_; Event::TimerPtr per_try_timeout_; std::unique_ptr upstream_; absl::optional deferred_reset_reason_; Buffer::WatermarkBufferPtr buffered_request_body_; Upstream::HostDescriptionConstSharedPtr upstream_host_; DownstreamWatermarkManager downstream_watermark_manager_{*this}; Tracing::SpanPtr span_; StreamInfo::StreamInfoImpl stream_info_; StreamInfo::UpstreamTiming upstream_timing_; const MonotonicTime start_time_; // Copies of upstream headers/trailers. These are only set if upstream // access logging is configured. Http::ResponseHeaderMapPtr upstream_headers_; Http::ResponseTrailerMapPtr upstream_trailers_; Http::MetadataMapVector downstream_metadata_map_vector_; // Tracks the number of times the flow of data from downstream has been disabled. uint32_t downstream_data_disabled_{}; bool calling_encode_headers_ : 1; bool upstream_canary_ : 1; bool decode_complete_ : 1; bool encode_complete_ : 1; bool encode_trailers_ : 1; bool retried_ : 1; bool awaiting_headers_ : 1; bool outlier_detection_timeout_recorded_ : 1; // Tracks whether we deferred a per try timeout because the downstream request // had not been completed yet. bool create_per_try_timeout_on_request_complete_ : 1; // True if the CONNECT headers have been sent but proxying payload is paused // waiting for response headers. bool paused_for_connect_ : 1; // Sentinel to indicate if timeout budget tracking is configured for the cluster, // and if so, if the per-try histogram should record a value. bool record_timeout_budget_ : 1; Event::TimerPtr max_stream_duration_timer_; }; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/vhds.cc ================================================ #include "common/router/vhds.h" #include #include #include #include #include "envoy/api/v2/route/route_components.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/api_version.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "common/router/config_impl.h" namespace Envoy { namespace Router { // Implements callbacks to handle DeltaDiscovery protocol for VirtualHostDiscoveryService VhdsSubscription::VhdsSubscription( RouteConfigUpdatePtr& config_update_info, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, absl::node_hash_set& route_config_providers, envoy::config::core::v3::ApiVersion resource_api_version) : Envoy::Config::SubscriptionBase( resource_api_version, factory_context.messageValidationContext().dynamicValidationVisitor(), "name"), config_update_info_(config_update_info), scope_(factory_context.scope().createScope(stat_prefix + "vhds." + config_update_info_->routeConfigName() + ".")), stats_({ALL_VHDS_STATS(POOL_COUNTER(*scope_))}), init_target_( fmt::format("VhdsConfigSubscription {}", config_update_info_->routeConfigName()), [this]() { subscription_->start({config_update_info_->routeConfigName()}, true); }), route_config_providers_(route_config_providers) { const auto& config_source = config_update_info_->routeConfiguration() .vhds() .config_source() .api_config_source() .api_type(); if (config_source != envoy::config::core::v3::ApiConfigSource::DELTA_GRPC) { throw EnvoyException("vhds: only 'DELTA_GRPC' is supported as an api_type."); } const auto resource_name = getResourceName(); subscription_ = factory_context.clusterManager().subscriptionFactory().subscriptionFromConfigSource( config_update_info_->routeConfiguration().vhds().config_source(), Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); } void VhdsSubscription::updateOnDemand(const std::string& with_route_config_name_prefix) { subscription_->requestOnDemandUpdate({with_route_config_name_prefix}); } void VhdsSubscription::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad // config. init_target_.ready(); } void VhdsSubscription::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info) { RouteConfigUpdateReceiver::VirtualHostRefVector added_vhosts; std::set added_resource_ids; for (const auto& resource : added_resources) { added_resource_ids.emplace(resource.get().name()); std::copy(resource.get().aliases().begin(), resource.get().aliases().end(), std::inserter(added_resource_ids, added_resource_ids.end())); // the management server returns empty resources (they contain no virtual hosts in this case) // for aliases that it couldn't resolve. if (!resource.get().hasResource()) { continue; } added_vhosts.emplace_back( dynamic_cast(resource.get().resource())); } if (config_update_info_->onVhdsUpdate(added_vhosts, added_resource_ids, removed_resources, version_info)) { stats_.config_reload_.inc(); ENVOY_LOG(debug, "vhds: loading new configuration: config_name={} hash={}", config_update_info_->routeConfigName(), config_update_info_->configHash()); for (auto* provider : route_config_providers_) { provider->onConfigUpdate(); } } init_target_.ready(); } } // namespace Router } // namespace Envoy ================================================ FILE: source/common/router/vhds.h ================================================ #pragma once #include #include #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/config/route/v3/route_components.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/http/codes.h" #include "envoy/local_info/local_info.h" #include "envoy/router/rds.h" #include "envoy/router/route_config_update_receiver.h" #include "envoy/server/filter_config.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/singleton/instance.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "common/common/logger.h" #include "common/config/subscription_base.h" #include "common/init/target_impl.h" #include "common/protobuf/utility.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Router { #define ALL_VHDS_STATS(COUNTER) \ COUNTER(config_reload) \ COUNTER(update_empty) struct VhdsStats { ALL_VHDS_STATS(GENERATE_COUNTER_STRUCT) }; class VhdsSubscription : Envoy::Config::SubscriptionBase, Logger::Loggable { public: VhdsSubscription(RouteConfigUpdatePtr& config_update_info, Server::Configuration::ServerFactoryContext& factory_context, const std::string& stat_prefix, absl::node_hash_set& route_config_providers, const envoy::config::core::v3::ApiVersion resource_api_version = envoy::config::core::v3::ApiVersion::AUTO); ~VhdsSubscription() override { init_target_.ready(); } void registerInitTargetWithInitManager(Init::Manager& m) { m.add(init_target_); } void updateOnDemand(const std::string& with_route_config_name_prefix); static std::string domainNameToAlias(const std::string& route_config_name, const std::string& domain) { return route_config_name + "/" + domain; } static std::string aliasToDomainName(const std::string& alias) { const auto pos = alias.find_last_of('/'); return pos == std::string::npos ? alias : alias.substr(pos + 1); } private: // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector&, const std::string&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void onConfigUpdate(const std::vector&, const Protobuf::RepeatedPtrField&, const std::string&) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; RouteConfigUpdatePtr& config_update_info_; Stats::ScopePtr scope_; VhdsStats stats_; Envoy::Config::SubscriptionPtr subscription_; Init::TargetImpl init_target_; absl::node_hash_set& route_config_providers_; }; using VhdsSubscriptionPtr = std::unique_ptr; } // namespace Router } // namespace Envoy ================================================ FILE: source/common/runtime/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "runtime_features_lib", srcs = [ "runtime_features.cc", ], hdrs = [ "runtime_features.h", ], deps = [ # AVOID ADDING TO THESE DEPENDENCIES IF POSSIBLE # Any code using runtime guards depends on this library, and the more dependencies there are, # the harder it is to runtime-guard without dependency loops. "//include/envoy/runtime:runtime_interface", "//source/common/common:hash_lib", "//source/common/singleton:const_singleton", "//source/common/singleton:threadsafe_singleton", ], ) envoy_cc_library( name = "runtime_protos_lib", hdrs = [ "runtime_protos.h", ], deps = [ "//include/envoy/runtime:runtime_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "runtime_lib", srcs = [ "runtime_impl.cc", ], hdrs = [ "runtime_impl.h", ], deps = [ ":runtime_features_lib", ":runtime_protos_lib", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/init:manager_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//source/common/common:utility_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/filesystem:directory_lib", "//source/common/grpc:common_lib", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/init:watcher_lib", "//source/common/protobuf:message_validator_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", "@envoy_api//envoy/service/runtime/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/runtime/runtime_features.cc ================================================ #include "common/runtime/runtime_features.h" #include "absl/strings/match.h" namespace Envoy { namespace Runtime { bool isRuntimeFeature(absl::string_view feature) { return RuntimeFeaturesDefaults::get().enabledByDefault(feature) || RuntimeFeaturesDefaults::get().existsButDisabled(feature); } bool runtimeFeatureEnabled(absl::string_view feature) { ASSERT(isRuntimeFeature(feature)); if (Runtime::LoaderSingleton::getExisting()) { return Runtime::LoaderSingleton::getExisting()->threadsafeSnapshot()->runtimeFeatureEnabled( feature); } ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::runtime), warn, "Unable to use runtime singleton for feature {}", feature); return RuntimeFeaturesDefaults::get().enabledByDefault(feature); } uint64_t getInteger(absl::string_view feature, uint64_t default_value) { ASSERT(absl::StartsWith(feature, "envoy.")); if (Runtime::LoaderSingleton::getExisting()) { return Runtime::LoaderSingleton::getExisting()->threadsafeSnapshot()->getInteger( std::string(feature), default_value); } ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::runtime), warn, "Unable to use runtime singleton for feature {}", feature); return default_value; } // Add additional features here to enable the new code paths by default. // // Per documentation in CONTRIBUTING.md is expected that new high risk code paths be guarded // by runtime feature guards, i.e // // if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.my_feature_name")) { // [new code path] // else { // [old_code_path] // } // // Runtime features are false by default, so the old code path is exercised. // To make a runtime feature true by default, add it to the array below. // New features should be true-by-default for an Envoy release cycle before the // old code path is removed. // // If issues are found that require a runtime feature to be disabled, it should be reported // ASAP by filing a bug on github. Overriding non-buggy code is strongly discouraged to avoid the // problem of the bugs being found after the old code path has been removed. constexpr const char* runtime_features[] = { // Enabled "envoy.reloadable_features.http1_flood_protection", "envoy.reloadable_features.test_feature_true", // Begin alphabetically sorted section. "envoy.deprecated_features.allow_deprecated_extension_names", "envoy.reloadable_features.always_apply_route_header_rules", "envoy.reloadable_features.activate_fds_next_event_loop", "envoy.reloadable_features.activate_timers_next_event_loop", "envoy.reloadable_features.allow_500_after_100", "envoy.reloadable_features.allow_prefetch", "envoy.reloadable_features.allow_response_for_timeout", "envoy.reloadable_features.consume_all_retry_headers", "envoy.reloadable_features.check_ocsp_policy", "envoy.reloadable_features.disallow_unbounded_access_logs", "envoy.reloadable_features.early_errors_via_hcm", "envoy.reloadable_features.enable_deprecated_v2_api_warning", "envoy.reloadable_features.enable_dns_cache_circuit_breakers", "envoy.reloadable_features.ext_authz_http_service_enable_case_sensitive_string_matcher", "envoy.reloadable_features.ext_authz_measure_timeout_on_check_created", "envoy.reloadable_features.fix_upgrade_response", "envoy.reloadable_features.fix_wildcard_matching", "envoy.reloadable_features.fixed_connection_close", "envoy.reloadable_features.hcm_stream_error_on_invalid_message", "envoy.reloadable_features.http_default_alpn", "envoy.reloadable_features.http_match_on_all_headers", "envoy.reloadable_features.http_set_copy_replace_all_headers", "envoy.reloadable_features.http_transport_failure_reason_in_body", "envoy.reloadable_features.http2_skip_encoding_empty_trailers", "envoy.reloadable_features.listener_in_place_filterchain_update", "envoy.reloadable_features.overload_manager_disable_keepalive_drain_http2", "envoy.reloadable_features.prefer_quic_kernel_bpf_packet_routing", "envoy.reloadable_features.preserve_query_string_in_path_redirects", "envoy.reloadable_features.preserve_upstream_date", "envoy.reloadable_features.require_ocsp_response_for_must_staple_certs", "envoy.reloadable_features.stop_faking_paths", "envoy.reloadable_features.strict_1xx_and_204_response_headers", "envoy.reloadable_features.tls_use_io_handle_bio", "envoy.reloadable_features.unify_grpc_handling", "envoy.restart_features.use_apple_api_for_dns_lookups", }; // This is a section for officially sanctioned runtime features which are too // high risk to be enabled by default. Examples where we have opted to land // features without enabling by default are swapping the underlying buffer // implementation or the HTTP/1.1 codec implementation. Most features should be // enabled by default. // // When features are added here, there should be a tracking bug assigned to the // code owner to flip the default after sufficient testing. constexpr const char* disabled_runtime_features[] = { // Allow Envoy to upgrade or downgrade version of type url, should be removed when support for // v2 url is removed from codebase. "envoy.reloadable_features.enable_type_url_downgrade_and_upgrade", // TODO(asraa) flip this feature after codec errors are handled "envoy.reloadable_features.new_codec_behavior", // TODO(alyssawilk) flip true after the release. "envoy.reloadable_features.new_tcp_connection_pool", // Sentinel and test flag. "envoy.reloadable_features.test_feature_false", }; RuntimeFeatures::RuntimeFeatures() { for (auto& feature : runtime_features) { enabled_features_.insert(feature); } for (auto& feature : disabled_runtime_features) { disabled_features_.insert(feature); } } } // namespace Runtime } // namespace Envoy ================================================ FILE: source/common/runtime/runtime_features.h ================================================ #pragma once #include #include "envoy/runtime/runtime.h" #include "common/singleton/const_singleton.h" #include "common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Runtime { bool isRuntimeFeature(absl::string_view feature); bool runtimeFeatureEnabled(absl::string_view feature); uint64_t getInteger(absl::string_view feature, uint64_t default_value); class RuntimeFeatures { public: RuntimeFeatures(); // This tracks config-guarded code paths, to determine if a given // runtime-guarded-code-path has the new code run by default or the old code. bool enabledByDefault(absl::string_view feature) const { return enabled_features_.find(feature) != enabled_features_.end(); } bool existsButDisabled(absl::string_view feature) const { return disabled_features_.find(feature) != disabled_features_.end(); } private: friend class RuntimeFeaturesPeer; absl::flat_hash_set enabled_features_; absl::flat_hash_set disabled_features_; }; using RuntimeFeaturesDefaults = ConstSingleton; } // namespace Runtime } // namespace Envoy ================================================ FILE: source/common/runtime/runtime_impl.cc ================================================ #include "common/runtime/runtime_impl.h" #include #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/service/discovery/v2/rtds.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/thread_local/thread_local.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/type/v3/percent.pb.validate.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/api_version.h" #include "common/filesystem/directory.h" #include "common/grpc/common.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" #include "absl/strings/numbers.h" namespace Envoy { namespace Runtime { namespace { void countDeprecatedFeatureUseInternal(const RuntimeStats& stats) { stats.deprecated_feature_use_.inc(); // Similar to the above, but a gauge that isn't imported during a hot restart. stats.deprecated_feature_seen_since_process_start_.inc(); } } // namespace bool SnapshotImpl::deprecatedFeatureEnabled(absl::string_view key, bool default_value) const { // If the value is not explicitly set as a runtime boolean, trust the proto annotations passed as // default_value. if (!getBoolean(key, default_value)) { // If either disallowed by default or configured off, the feature is not enabled. return false; } // The feature is allowed. It is assumed this check is called when the feature // is about to be used, so increment the feature use stat. countDeprecatedFeatureUseInternal(stats_); #ifdef ENVOY_DISABLE_DEPRECATED_FEATURES return false; #endif return true; } bool SnapshotImpl::runtimeFeatureEnabled(absl::string_view key) const { // If the value is not explicitly set as a runtime boolean, the default value is based on // enabledByDefault. return getBoolean(key, RuntimeFeaturesDefaults::get().enabledByDefault(key)); } bool SnapshotImpl::featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value, uint64_t num_buckets) const { return random_value % num_buckets < std::min(getInteger(key, default_value), num_buckets); } bool SnapshotImpl::featureEnabled(absl::string_view key, uint64_t default_value) const { // Avoid PRNG if we know we don't need it. uint64_t cutoff = std::min(getInteger(key, default_value), static_cast(100)); if (cutoff == 0) { return false; } else if (cutoff == 100) { return true; } else { return generator_.random() % 100 < cutoff; } } bool SnapshotImpl::featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value) const { return featureEnabled(key, default_value, random_value, 100); } Snapshot::ConstStringOptRef SnapshotImpl::get(absl::string_view key) const { ASSERT(!isRuntimeFeature(key)); // Make sure runtime guarding is only used for getBoolean auto entry = key.empty() ? values_.end() : values_.find(key); if (entry == values_.end()) { return absl::nullopt; } else { return entry->second.raw_string_value_; } } bool SnapshotImpl::featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value) const { return featureEnabled(key, default_value, generator_.random()); } bool SnapshotImpl::featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value, uint64_t random_value) const { const auto& entry = key.empty() ? values_.end() : values_.find(key); envoy::type::v3::FractionalPercent percent; if (entry != values_.end() && entry->second.fractional_percent_value_.has_value()) { percent = entry->second.fractional_percent_value_.value(); } else if (entry != values_.end() && entry->second.uint_value_.has_value()) { // Check for > 100 because the runtime value is assumed to be specified as // an integer, and it also ensures that truncating the uint64_t runtime // value into a uint32_t percent numerator later is safe if (entry->second.uint_value_.value() > 100) { return true; } // The runtime value was specified as an integer rather than a fractional // percent proto. To preserve legacy semantics, we treat it as a percentage // (i.e. denominator of 100). percent.set_numerator(entry->second.uint_value_.value()); percent.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); } else { percent = default_value; } // When numerator > denominator condition is always evaluates to TRUE // It becomes hard to debug why configuration does not work in case of wrong numerator. // Log debug message that numerator is invalid. uint64_t denominator_value = ProtobufPercentHelper::fractionalPercentDenominatorToInt(percent.denominator()); if (percent.numerator() > denominator_value) { ENVOY_LOG(debug, "WARNING runtime key '{}': numerator ({}) > denominator ({}), condition always " "evaluates to true", key, percent.numerator(), denominator_value); } return ProtobufPercentHelper::evaluateFractionalPercent(percent, random_value); } uint64_t SnapshotImpl::getInteger(absl::string_view key, uint64_t default_value) const { ASSERT(!isRuntimeFeature(key)); const auto& entry = key.empty() ? values_.end() : values_.find(key); if (entry == values_.end() || !entry->second.uint_value_) { return default_value; } else { return entry->second.uint_value_.value(); } } double SnapshotImpl::getDouble(absl::string_view key, double default_value) const { ASSERT(!isRuntimeFeature(key)); // Make sure runtime guarding is only used for getBoolean const auto& entry = key.empty() ? values_.end() : values_.find(key); if (entry == values_.end() || !entry->second.double_value_) { return default_value; } else { return entry->second.double_value_.value(); } } bool SnapshotImpl::getBoolean(absl::string_view key, bool default_value) const { const auto& entry = key.empty() ? values_.end() : values_.find(key); if (entry == values_.end() || !entry->second.bool_value_.has_value()) { return default_value; } else { return entry->second.bool_value_.value(); } } const std::vector& SnapshotImpl::getLayers() const { return layers_; } SnapshotImpl::SnapshotImpl(Random::RandomGenerator& generator, RuntimeStats& stats, std::vector&& layers) : layers_{std::move(layers)}, generator_{generator}, stats_{stats} { for (const auto& layer : layers_) { for (const auto& kv : layer->values()) { values_.erase(kv.first); values_.emplace(kv.first, kv.second); } } stats.num_keys_.set(values_.size()); } SnapshotImpl::Entry SnapshotImpl::createEntry(const std::string& value) { Entry entry; entry.raw_string_value_ = value; // As a perf optimization, attempt to parse the entry's string and store it inside the struct. If // we don't succeed that's fine. resolveEntryType(entry); return entry; } SnapshotImpl::Entry SnapshotImpl::createEntry(const ProtobufWkt::Value& value) { // This isn't the smartest way to do it; we're round-tripping via YAML, this should be optimized // if runtime parsing becomes performance sensitive. return createEntry(MessageUtil::getYamlStringFromMessage(value, false, false)); } bool SnapshotImpl::parseEntryBooleanValue(Entry& entry) { absl::string_view stripped = entry.raw_string_value_; stripped = absl::StripAsciiWhitespace(stripped); uint64_t parse_int; if (absl::SimpleAtoi(stripped, &parse_int)) { entry.bool_value_ = (parse_int != 0); // This is really an integer, so return false here not because of failure, but so we continue to // parse doubles/int. return false; } else if (absl::EqualsIgnoreCase(stripped, "true")) { entry.bool_value_ = true; return true; } else if (absl::EqualsIgnoreCase(stripped, "false")) { entry.bool_value_ = false; return true; } return false; } bool SnapshotImpl::parseEntryDoubleValue(Entry& entry) { double converted_double; if (absl::SimpleAtod(entry.raw_string_value_, &converted_double)) { entry.double_value_ = converted_double; return true; } return false; } void SnapshotImpl::parseEntryFractionalPercentValue(Entry& entry) { envoy::type::v3::FractionalPercent converted_fractional_percent; try { MessageUtil::loadFromYamlAndValidate(entry.raw_string_value_, converted_fractional_percent, ProtobufMessage::getStrictValidationVisitor()); } catch (const ProtoValidationException& ex) { ENVOY_LOG(error, "unable to validate fraction percent runtime proto: {}", ex.what()); return; } catch (const EnvoyException& ex) { // An EnvoyException is thrown when we try to parse a bogus string as a protobuf. This is fine, // since there was no expectation that the raw string was a valid proto. return; } entry.fractional_percent_value_ = converted_fractional_percent; } void AdminLayer::mergeValues(const absl::node_hash_map& values) { for (const auto& kv : values) { values_.erase(kv.first); if (!kv.second.empty()) { values_.emplace(kv.first, SnapshotImpl::createEntry(kv.second)); } } stats_.admin_overrides_active_.set(values_.empty() ? 0 : 1); } DiskLayer::DiskLayer(absl::string_view name, const std::string& path, Api::Api& api) : OverrideLayerImpl{name} { walkDirectory(path, "", 1, api); } void DiskLayer::walkDirectory(const std::string& path, const std::string& prefix, uint32_t depth, Api::Api& api) { // Maximum recursion depth for walkDirectory(). static constexpr uint32_t MaxWalkDepth = 16; ENVOY_LOG(debug, "walking directory: {}", path); if (depth > MaxWalkDepth) { throw EnvoyException(absl::StrCat("Walk recursion depth exceeded ", MaxWalkDepth)); } // Check if this is an obviously bad path. if (api.fileSystem().illegalPath(path)) { throw EnvoyException(absl::StrCat("Invalid path: ", path)); } Filesystem::Directory directory(path); for (const Filesystem::DirectoryEntry& entry : directory) { std::string full_path = path + "/" + entry.name_; std::string full_prefix; if (prefix.empty()) { full_prefix = entry.name_; } else { full_prefix = prefix + "." + entry.name_; } if (entry.type_ == Filesystem::FileType::Directory && entry.name_ != "." && entry.name_ != "..") { walkDirectory(full_path, full_prefix, depth + 1, api); } else if (entry.type_ == Filesystem::FileType::Regular) { // Suck the file into a string. This is not very efficient but it should be good enough // for small files. Also, as noted elsewhere, none of this is non-blocking which could // theoretically lead to issues. ENVOY_LOG(debug, "reading file: {}", full_path); std::string value; // Read the file and remove any comments. A comment is a line starting with a '#' character. // Comments are useful for placeholder files with no value. const std::string text_file{api.fileSystem().fileReadToEnd(full_path)}; const auto lines = StringUtil::splitToken(text_file, "\n"); for (const auto& line : lines) { if (!line.empty() && line.front() == '#') { continue; } if (line == lines.back()) { const absl::string_view trimmed = StringUtil::rtrim(line); value.append(trimmed.data(), trimmed.size()); } else { value.append(std::string{line} + "\n"); } } // Separate erase/insert calls required due to the value type being constant; this prevents // the use of the [] operator. Can leverage insert_or_assign in C++17 in the future. values_.erase(full_prefix); values_.insert({full_prefix, SnapshotImpl::createEntry(value)}); } } } ProtoLayer::ProtoLayer(absl::string_view name, const ProtobufWkt::Struct& proto) : OverrideLayerImpl{name} { for (const auto& f : proto.fields()) { walkProtoValue(f.second, f.first); } } void ProtoLayer::walkProtoValue(const ProtobufWkt::Value& v, const std::string& prefix) { switch (v.kind_case()) { case ProtobufWkt::Value::KIND_NOT_SET: case ProtobufWkt::Value::kListValue: case ProtobufWkt::Value::kNullValue: throw EnvoyException(absl::StrCat("Invalid runtime entry value for ", prefix)); break; case ProtobufWkt::Value::kStringValue: values_.emplace(prefix, SnapshotImpl::createEntry(v.string_value())); break; case ProtobufWkt::Value::kNumberValue: case ProtobufWkt::Value::kBoolValue: values_.emplace(prefix, SnapshotImpl::createEntry(v)); break; case ProtobufWkt::Value::kStructValue: { const ProtobufWkt::Struct& s = v.struct_value(); if (s.fields().empty() || s.fields().find("numerator") != s.fields().end() || s.fields().find("denominator") != s.fields().end()) { values_.emplace(prefix, SnapshotImpl::createEntry(v)); break; } for (const auto& f : s.fields()) { walkProtoValue(f.second, prefix + "." + f.first); } break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } LoaderImpl::LoaderImpl(Event::Dispatcher& dispatcher, ThreadLocal::SlotAllocator& tls, const envoy::config::bootstrap::v3::LayeredRuntime& config, const LocalInfo::LocalInfo& local_info, Stats::Store& store, Random::RandomGenerator& generator, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : generator_(generator), stats_(generateStats(store)), tls_(tls.allocateSlot()), config_(config), service_cluster_(local_info.clusterName()), api_(api), init_watcher_("RTDS", [this]() { onRtdsReady(); }), store_(store) { absl::node_hash_set layer_names; for (const auto& layer : config_.layers()) { auto ret = layer_names.insert(layer.name()); if (!ret.second) { throw EnvoyException(absl::StrCat("Duplicate layer name: ", layer.name())); } switch (layer.layer_specifier_case()) { case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kStaticLayer: // Nothing needs to be done here. break; case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kAdminLayer: if (admin_layer_ != nullptr) { throw EnvoyException( "Too many admin layers specified in LayeredRuntime, at most one may be specified"); } admin_layer_ = std::make_unique(layer.name(), stats_); break; case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kDiskLayer: if (watcher_ == nullptr) { watcher_ = dispatcher.createFilesystemWatcher(); } watcher_->addWatch(layer.disk_layer().symlink_root(), Filesystem::Watcher::Events::MovedTo, [this](uint32_t) -> void { loadNewSnapshot(); }); break; case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kRtdsLayer: subscriptions_.emplace_back( std::make_unique(*this, layer.rtds_layer(), store, validation_visitor)); init_manager_.add(subscriptions_.back()->init_target_); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } loadNewSnapshot(); } void LoaderImpl::initialize(Upstream::ClusterManager& cm) { cm_ = &cm; for (const auto& s : subscriptions_) { s->createSubscription(); } } void LoaderImpl::startRtdsSubscriptions(ReadyCallback on_done) { on_rtds_initialized_ = on_done; init_manager_.initialize(init_watcher_); } void LoaderImpl::onRtdsReady() { ENVOY_LOG(info, "RTDS has finished initialization"); on_rtds_initialized_(); } RtdsSubscription::RtdsSubscription( LoaderImpl& parent, const envoy::config::bootstrap::v3::RuntimeLayer::RtdsLayer& rtds_layer, Stats::Store& store, ProtobufMessage::ValidationVisitor& validation_visitor) : Envoy::Config::SubscriptionBase( rtds_layer.rtds_config().resource_api_version(), validation_visitor, "name"), parent_(parent), config_source_(rtds_layer.rtds_config()), store_(store), resource_name_(rtds_layer.name()), init_target_("RTDS " + resource_name_, [this]() { start(); }) {} void RtdsSubscription::createSubscription() { const auto resource_name = getResourceName(); subscription_ = parent_.cm_->subscriptionFactory().subscriptionFromConfigSource( config_source_, Grpc::Common::typeUrl(resource_name), store_, *this, resource_decoder_); } void RtdsSubscription::onConfigUpdate(const std::vector& resources, const std::string&) { validateUpdateSize(resources.size()); const auto& runtime = dynamic_cast(resources[0].get().resource()); if (runtime.name() != resource_name_) { throw EnvoyException( fmt::format("Unexpected RTDS runtime (expecting {}): {}", resource_name_, runtime.name())); } ENVOY_LOG(debug, "Reloading RTDS snapshot for onConfigUpdate"); proto_.CopyFrom(runtime.layer()); parent_.loadNewSnapshot(); init_target_.ready(); } void RtdsSubscription::onConfigUpdate( const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { validateUpdateSize(added_resources.size()); onConfigUpdate(added_resources, added_resources[0].get().version()); } void RtdsSubscription::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad // config. init_target_.ready(); } void RtdsSubscription::start() { subscription_->start({resource_name_}); } void RtdsSubscription::validateUpdateSize(uint32_t num_resources) { if (num_resources != 1) { init_target_.ready(); throw EnvoyException(fmt::format("Unexpected RTDS resource length: {}", num_resources)); // (would be a return false here) } } void LoaderImpl::loadNewSnapshot() { std::shared_ptr ptr = createNewSnapshot(); tls_->set([ptr](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::static_pointer_cast(ptr); }); { absl::MutexLock lock(&snapshot_mutex_); thread_safe_snapshot_ = ptr; } } const Snapshot& LoaderImpl::snapshot() { ASSERT(tls_->currentThreadRegistered(), "snapshot can only be called from a worker thread or after the main thread is registered"); return tls_->getTyped(); } SnapshotConstSharedPtr LoaderImpl::threadsafeSnapshot() { if (tls_->currentThreadRegistered()) { return std::dynamic_pointer_cast(tls_->get()); } { absl::ReaderMutexLock lock(&snapshot_mutex_); return thread_safe_snapshot_; } } void LoaderImpl::mergeValues(const absl::node_hash_map& values) { if (admin_layer_ == nullptr) { throw EnvoyException("No admin layer specified"); } admin_layer_->mergeValues(values); loadNewSnapshot(); } Stats::Scope& LoaderImpl::getRootScope() { return store_; } void LoaderImpl::countDeprecatedFeatureUse() const { countDeprecatedFeatureUseInternal(stats_); } RuntimeStats LoaderImpl::generateStats(Stats::Store& store) { std::string prefix = "runtime."; RuntimeStats stats{ ALL_RUNTIME_STATS(POOL_COUNTER_PREFIX(store, prefix), POOL_GAUGE_PREFIX(store, prefix))}; return stats; } SnapshotImplPtr LoaderImpl::createNewSnapshot() { std::vector layers; uint32_t disk_layers = 0; uint32_t error_layers = 0; uint32_t rtds_layer = 0; for (const auto& layer : config_.layers()) { switch (layer.layer_specifier_case()) { case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kStaticLayer: layers.emplace_back(std::make_unique(layer.name(), layer.static_layer())); break; case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kDiskLayer: { std::string path = layer.disk_layer().symlink_root() + "/" + layer.disk_layer().subdirectory(); if (layer.disk_layer().append_service_cluster()) { path += "/" + service_cluster_; } if (api_.fileSystem().directoryExists(path)) { try { layers.emplace_back(std::make_unique(layer.name(), path, api_)); ++disk_layers; } catch (EnvoyException& e) { // TODO(htuch): Consider latching here, rather than ignoring the // layer. This would be consistent with filesystem RTDS. ++error_layers; ENVOY_LOG(debug, "error loading runtime values for layer {} from disk: {}", layer.DebugString(), e.what()); } } break; } case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kAdminLayer: layers.push_back(std::make_unique(*admin_layer_)); break; case envoy::config::bootstrap::v3::RuntimeLayer::LayerSpecifierCase::kRtdsLayer: { auto* subscription = subscriptions_[rtds_layer++].get(); layers.emplace_back(std::make_unique(layer.name(), subscription->proto_)); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } stats_.num_layers_.set(layers.size()); if (error_layers == 0) { stats_.load_success_.inc(); } else { stats_.load_error_.inc(); } if (disk_layers > 1) { stats_.override_dir_exists_.inc(); } else { stats_.override_dir_not_exists_.inc(); } return std::make_unique(generator_, stats_, std::move(layers)); } } // namespace Runtime } // namespace Envoy ================================================ FILE: source/common/runtime/runtime_impl.h ================================================ #pragma once #include #include #include #include "envoy/api/api.h" #include "envoy/common/exception.h" #include "envoy/common/random_generator.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/subscription.h" #include "envoy/init/manager.h" #include "envoy/runtime/runtime.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/service/runtime/v3/rtds.pb.h" #include "envoy/service/runtime/v3/rtds.pb.validate.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/store.h" #include "envoy/thread_local/thread_local.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/config/subscription_base.h" #include "common/init/manager_impl.h" #include "common/init/target_impl.h" #include "common/singleton/threadsafe_singleton.h" #include "absl/container/node_hash_map.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Runtime { using RuntimeSingleton = ThreadSafeSingleton; /** * All runtime stats. @see stats_macros.h */ #define ALL_RUNTIME_STATS(COUNTER, GAUGE) \ COUNTER(deprecated_feature_use) \ COUNTER(load_error) \ COUNTER(load_success) \ COUNTER(override_dir_exists) \ COUNTER(override_dir_not_exists) \ GAUGE(admin_overrides_active, NeverImport) \ GAUGE(deprecated_feature_seen_since_process_start, NeverImport) \ GAUGE(num_keys, NeverImport) \ GAUGE(num_layers, NeverImport) /** * Struct definition for all runtime stats. @see stats_macros.h */ struct RuntimeStats { ALL_RUNTIME_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Implementation of Snapshot whose source is the vector of layers passed to the constructor. */ class SnapshotImpl : public Snapshot, Logger::Loggable { public: SnapshotImpl(Random::RandomGenerator& generator, RuntimeStats& stats, std::vector&& layers); // Runtime::Snapshot bool deprecatedFeatureEnabled(absl::string_view key, bool default_value) const override; bool runtimeFeatureEnabled(absl::string_view key) const override; bool featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value, uint64_t num_buckets) const override; bool featureEnabled(absl::string_view key, uint64_t default_value) const override; bool featureEnabled(absl::string_view key, uint64_t default_value, uint64_t random_value) const override; bool featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value) const override; bool featureEnabled(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value, uint64_t random_value) const override; ConstStringOptRef get(absl::string_view key) const override; uint64_t getInteger(absl::string_view key, uint64_t default_value) const override; double getDouble(absl::string_view key, double default_value) const override; bool getBoolean(absl::string_view key, bool value) const override; const std::vector& getLayers() const override; static Entry createEntry(const std::string& value); static Entry createEntry(const ProtobufWkt::Value& value); private: static void resolveEntryType(Entry& entry) { if (parseEntryBooleanValue(entry)) { return; } if (parseEntryDoubleValue(entry) && entry.double_value_ >= 0 && entry.double_value_ <= std::numeric_limits::max()) { // Valid uint values will always be parseable as doubles, so we assign the value to both the // uint and double fields. In cases where the value is something like "3.1", we will floor the // number by casting it to a uint and assigning the uint value. entry.uint_value_ = entry.double_value_; return; } parseEntryFractionalPercentValue(entry); } static bool parseEntryBooleanValue(Entry& entry); static bool parseEntryDoubleValue(Entry& entry); static void parseEntryFractionalPercentValue(Entry& entry); const std::vector layers_; EntryMap values_; Random::RandomGenerator& generator_; RuntimeStats& stats_; }; using SnapshotImplPtr = std::unique_ptr; /** * Base implementation of OverrideLayer that by itself provides an empty values map. */ class OverrideLayerImpl : public Snapshot::OverrideLayer { public: explicit OverrideLayerImpl(absl::string_view name) : name_{name} {} const Snapshot::EntryMap& values() const override { return values_; } const std::string& name() const override { return name_; } protected: Snapshot::EntryMap values_; const std::string name_; }; /** * Extension of OverrideLayerImpl that maintains an in-memory set of values. These values can be * modified programmatically via mergeValues(). AdminLayer is so named because it can be accessed * and manipulated by Envoy's admin interface. */ class AdminLayer : public OverrideLayerImpl { public: explicit AdminLayer(absl::string_view name, RuntimeStats& stats) : OverrideLayerImpl{name}, stats_{stats} {} /** * Copy-constructible so that it can snapshotted. */ AdminLayer(const AdminLayer& admin_layer) : AdminLayer{admin_layer.name_, admin_layer.stats_} { values_ = admin_layer.values(); } /** * Merge the provided values into our entry map. An empty value indicates that a key should be * removed from our map. */ void mergeValues(const absl::node_hash_map& values); private: RuntimeStats& stats_; }; using AdminLayerPtr = std::unique_ptr; /** * Extension of OverrideLayerImpl that loads values from the file system upon construction. */ class DiskLayer : public OverrideLayerImpl, Logger::Loggable { public: DiskLayer(absl::string_view name, const std::string& path, Api::Api& api); private: void walkDirectory(const std::string& path, const std::string& prefix, uint32_t depth, Api::Api& api); const std::string path_; const Filesystem::WatcherPtr watcher_; }; /** * Extension of OverrideLayerImpl that loads values from a proto Struct representation. */ class ProtoLayer : public OverrideLayerImpl, Logger::Loggable { public: ProtoLayer(absl::string_view name, const ProtobufWkt::Struct& proto); private: void walkProtoValue(const ProtobufWkt::Value& v, const std::string& prefix); }; class LoaderImpl; struct RtdsSubscription : Envoy::Config::SubscriptionBase, Logger::Loggable { RtdsSubscription(LoaderImpl& parent, const envoy::config::bootstrap::v3::RuntimeLayer::RtdsLayer& rtds_layer, Stats::Store& store, ProtobufMessage::ValidationVisitor& validation_visitor); // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string&) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; void start(); void validateUpdateSize(uint32_t num_resources); void createSubscription(); LoaderImpl& parent_; const envoy::config::core::v3::ConfigSource config_source_; Stats::Store& store_; Config::SubscriptionPtr subscription_; std::string resource_name_; Init::TargetImpl init_target_; ProtobufWkt::Struct proto_; }; using RtdsSubscriptionPtr = std::unique_ptr; /** * Implementation of Loader that provides Snapshots of values added via mergeValues(). * A single snapshot is shared among all threads and referenced by shared_ptr such that * a new runtime can be swapped in by the main thread while workers are still using the previous * version. */ class LoaderImpl : public Loader, Logger::Loggable { public: LoaderImpl(Event::Dispatcher& dispatcher, ThreadLocal::SlotAllocator& tls, const envoy::config::bootstrap::v3::LayeredRuntime& config, const LocalInfo::LocalInfo& local_info, Stats::Store& store, Random::RandomGenerator& generator, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); // Runtime::Loader void initialize(Upstream::ClusterManager& cm) override; const Snapshot& snapshot() override; SnapshotConstSharedPtr threadsafeSnapshot() override; void mergeValues(const absl::node_hash_map& values) override; void startRtdsSubscriptions(ReadyCallback on_done) override; Stats::Scope& getRootScope() override; void countDeprecatedFeatureUse() const override; private: friend RtdsSubscription; // Create a new Snapshot SnapshotImplPtr createNewSnapshot(); // Load a new Snapshot into TLS void loadNewSnapshot(); RuntimeStats generateStats(Stats::Store& store); void onRtdsReady(); Random::RandomGenerator& generator_; RuntimeStats stats_; AdminLayerPtr admin_layer_; ThreadLocal::SlotPtr tls_; const envoy::config::bootstrap::v3::LayeredRuntime config_; const std::string service_cluster_; Filesystem::WatcherPtr watcher_; Api::Api& api_; ReadyCallback on_rtds_initialized_; Init::WatcherImpl init_watcher_; Init::ManagerImpl init_manager_{"RTDS"}; std::vector subscriptions_; Upstream::ClusterManager* cm_{}; Stats::Store& store_; absl::Mutex snapshot_mutex_; SnapshotConstSharedPtr thread_safe_snapshot_ ABSL_GUARDED_BY(snapshot_mutex_); }; } // namespace Runtime } // namespace Envoy ================================================ FILE: source/common/runtime/runtime_protos.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/type/v3/percent.pb.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Runtime { // Helper class for runtime-derived boolean feature flags. class FeatureFlag { public: FeatureFlag(const envoy::config::core::v3::RuntimeFeatureFlag& feature_flag_proto, Runtime::Loader& runtime) : runtime_key_(feature_flag_proto.runtime_key()), default_value_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(feature_flag_proto, default_value, true)), runtime_(runtime) {} bool enabled() const { return runtime_.snapshot().getBoolean(runtime_key_, default_value_); } private: const std::string runtime_key_; const bool default_value_; Runtime::Loader& runtime_; }; // Helper class for runtime-derived doubles. class Double { public: Double(const envoy::config::core::v3::RuntimeDouble& double_proto, Runtime::Loader& runtime) : runtime_key_(double_proto.runtime_key()), default_value_(double_proto.default_value()), runtime_(runtime) {} Double(std::string runtime_key, double default_value, Runtime::Loader& runtime) : runtime_key_(std::move(runtime_key)), default_value_(default_value), runtime_(runtime) {} virtual ~Double() = default; const std::string& runtimeKey() const { return runtime_key_; } virtual double value() const { return runtime_.snapshot().getDouble(runtime_key_, default_value_); } protected: const std::string runtime_key_; const double default_value_; Runtime::Loader& runtime_; }; // Helper class for runtime-derived fractional percent flags. class FractionalPercent { public: FractionalPercent( const envoy::config::core::v3::RuntimeFractionalPercent& fractional_percent_proto, Runtime::Loader& runtime) : runtime_key_(fractional_percent_proto.runtime_key()), default_value_(fractional_percent_proto.default_value()), runtime_(runtime) {} bool enabled() const { return runtime_.snapshot().featureEnabled(runtime_key_, default_value_); } private: const std::string runtime_key_; const envoy::type::v3::FractionalPercent default_value_; Runtime::Loader& runtime_; }; // Helper class for runtime-derived percentages. class Percentage : public Double { public: Percentage(const envoy::config::core::v3::RuntimePercent& percent_proto, Runtime::Loader& runtime) : Double(percent_proto.runtime_key(), percent_proto.default_value().value(), runtime) {} double value() const override { const auto val = Double::value(); if (val <= 100.0 && val >= 0.0) { return val; } return default_value_; } }; } // namespace Runtime } // namespace Envoy ================================================ FILE: source/common/secret/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "secret_manager_impl_lib", srcs = ["secret_manager_impl.cc"], hdrs = ["secret_manager_impl.h"], deps = [ ":sds_api_lib", ":secret_provider_impl_lib", "//include/envoy/secret:secret_manager_interface", "//include/envoy/server:transport_socket_config_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:version_converter_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "secret_provider_impl_lib", srcs = ["secret_provider_impl.cc"], hdrs = ["secret_provider_impl.h"], deps = [ "//include/envoy/secret:secret_provider_interface", "//source/common/ssl:certificate_validation_context_config_impl_lib", "//source/common/ssl:tls_certificate_config_impl_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "sds_api_lib", srcs = ["sds_api.cc"], hdrs = ["sds_api.h"], deps = [ "//include/envoy/config:subscription_factory_interface", "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/init:manager_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/secret:secret_provider_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/stats:stats_interface", "//source/common/common:callback_impl_lib", "//source/common/common:cleanup_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/config:utility_lib", "//source/common/init:target_lib", "//source/common/protobuf:utility_lib", "//source/common/ssl:certificate_validation_context_config_impl_lib", "//source/common/ssl:tls_certificate_config_impl_lib", "@envoy_api//envoy/api/v2/auth:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/secret/sds_api.cc ================================================ #include "common/secret/sds_api.h" #include "envoy/api/v2/auth/cert.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/config/api_version.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Secret { SdsApi::SdsApi(envoy::config::core::v3::ConfigSource sds_config, absl::string_view sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api) : Envoy::Config::SubscriptionBase( sds_config.resource_api_version(), validation_visitor, "name"), init_target_(fmt::format("SdsApi {}", sds_config_name), [this] { initialize(); }), stats_(stats), sds_config_(std::move(sds_config)), sds_config_name_(sds_config_name), secret_hash_(0), clean_up_(std::move(destructor_cb)), subscription_factory_(subscription_factory), time_source_(time_source), secret_data_{sds_config_name_, "uninitialized", time_source_.systemTime()}, dispatcher_(dispatcher), api_(api) { const auto resource_name = getResourceName(); // This has to happen here (rather than in initialize()) as it can throw exceptions. subscription_ = subscription_factory_.subscriptionFromConfigSource( sds_config_, Grpc::Common::typeUrl(resource_name), stats_, *this, resource_decoder_); // TODO(JimmyCYJ): Implement chained_init_manager, so that multiple init_manager // can be chained together to behave as one init_manager. In that way, we let // two listeners which share same SdsApi to register at separate init managers, and // each init manager has a chance to initialize its targets. } void SdsApi::onConfigUpdate(const std::vector& resources, const std::string& version_info) { validateUpdateSize(resources.size()); const auto& secret = dynamic_cast( resources[0].get().resource()); if (secret.name() != sds_config_name_) { throw EnvoyException( fmt::format("Unexpected SDS secret (expecting {}): {}", sds_config_name_, secret.name())); } uint64_t new_hash = MessageUtil::hash(secret); if (new_hash != secret_hash_) { validateConfig(secret); secret_hash_ = new_hash; setSecret(secret); update_callback_manager_.runCallbacks(); // List DataSources that refer to files auto files = getDataSourceFilenames(); if (!files.empty()) { // Create new watch, also destroys the old watch if any. watcher_ = dispatcher_.createFilesystemWatcher(); files_hash_ = getHashForFiles(); for (auto const& filename : files) { // Watch for directory instead of file. This allows users to do atomic renames // on directory level (e.g. Kubernetes secret update). const auto result = api_.fileSystem().splitPathFromFilename(filename); watcher_->addWatch(absl::StrCat(result.directory_, "/"), Filesystem::Watcher::Events::MovedTo, [this](uint32_t) { uint64_t new_hash = getHashForFiles(); if (new_hash != files_hash_) { update_callback_manager_.runCallbacks(); files_hash_ = new_hash; } }); } } else { watcher_.reset(); // Destroy the old watch if any } } secret_data_.last_updated_ = time_source_.systemTime(); secret_data_.version_info_ = version_info; init_target_.ready(); } void SdsApi::onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { validateUpdateSize(added_resources.size()); onConfigUpdate(added_resources, added_resources[0].get().version()); } void SdsApi::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad config. init_target_.ready(); } void SdsApi::validateUpdateSize(int num_resources) { if (num_resources == 0) { throw EnvoyException( fmt::format("Missing SDS resources for {} in onConfigUpdate()", sds_config_name_)); } if (num_resources != 1) { throw EnvoyException(fmt::format("Unexpected SDS secrets length: {}", num_resources)); } } void SdsApi::initialize() { // Don't put any code here that can throw exceptions, this has been the cause of multiple // hard-to-diagnose regressions. subscription_->start({sds_config_name_}); } SdsApi::SecretData SdsApi::secretData() { return secret_data_; } uint64_t SdsApi::getHashForFiles() { uint64_t hash = 0; for (auto const& filename : getDataSourceFilenames()) { hash = HashUtil::xxHash64(api_.fileSystem().fileReadToEnd(filename), hash); } return hash; } std::vector TlsCertificateSdsApi::getDataSourceFilenames() { std::vector files; if (tls_certificate_secrets_ && tls_certificate_secrets_->has_certificate_chain() && tls_certificate_secrets_->certificate_chain().specifier_case() == envoy::config::core::v3::DataSource::SpecifierCase::kFilename) { files.push_back(tls_certificate_secrets_->certificate_chain().filename()); } if (tls_certificate_secrets_ && tls_certificate_secrets_->has_private_key() && tls_certificate_secrets_->private_key().specifier_case() == envoy::config::core::v3::DataSource::SpecifierCase::kFilename) { files.push_back(tls_certificate_secrets_->private_key().filename()); } return files; } std::vector CertificateValidationContextSdsApi::getDataSourceFilenames() { std::vector files; if (certificate_validation_context_secrets_ && certificate_validation_context_secrets_->has_trusted_ca() && certificate_validation_context_secrets_->trusted_ca().specifier_case() == envoy::config::core::v3::DataSource::SpecifierCase::kFilename) { files.push_back(certificate_validation_context_secrets_->trusted_ca().filename()); } return files; } std::vector TlsSessionTicketKeysSdsApi::getDataSourceFilenames() { return {}; } std::vector GenericSecretSdsApi::getDataSourceFilenames() { return {}; } } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/secret/sds_api.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/subscription.h" #include "envoy/config/subscription_factory.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/secret.pb.validate.h" #include "envoy/init/manager.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_callbacks.h" #include "envoy/secret/secret_provider.h" #include "envoy/server/transport_socket_config.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/callback_impl.h" #include "common/common/cleanup.h" #include "common/config/subscription_base.h" #include "common/config/utility.h" #include "common/init/target_impl.h" #include "common/ssl/certificate_validation_context_config_impl.h" #include "common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { /** * SDS API implementation that fetches secrets from SDS server via Subscription. */ class SdsApi : public Envoy::Config::SubscriptionBase< envoy::extensions::transport_sockets::tls::v3::Secret> { public: struct SecretData { const std::string resource_name_; std::string version_info_; SystemTime last_updated_; }; SdsApi(envoy::config::core::v3::ConfigSource sds_config, absl::string_view sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api); ~SdsApi() override { RELEASE_ASSERT(registered_init_target_, "Init target was not registered with an init manager. registerInitTarget() must " "be called after Sds api concrete class instantiation."); }; SecretData secretData(); void registerInitTarget(Init::Manager& init_manager) { init_manager.add(init_target_); registered_init_target_ = true; } protected: // Creates new secrets. virtual void setSecret(const envoy::extensions::transport_sockets::tls::v3::Secret&) PURE; virtual void validateConfig(const envoy::extensions::transport_sockets::tls::v3::Secret&) PURE; Common::CallbackManager<> update_callback_manager_; // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; virtual std::vector getDataSourceFilenames() PURE; Init::TargetImpl init_target_; private: void validateUpdateSize(int num_resources); void initialize(); uint64_t getHashForFiles(); Stats::Store& stats_; const envoy::config::core::v3::ConfigSource sds_config_; Config::SubscriptionPtr subscription_; const std::string sds_config_name_; uint64_t secret_hash_; uint64_t files_hash_; Cleanup clean_up_; Config::SubscriptionFactory& subscription_factory_; TimeSource& time_source_; SecretData secret_data_; Event::Dispatcher& dispatcher_; Api::Api& api_; std::unique_ptr watcher_; bool registered_init_target_{false}; }; class TlsCertificateSdsApi; class CertificateValidationContextSdsApi; class TlsSessionTicketKeysSdsApi; class GenericSecretSdsApi; using TlsCertificateSdsApiSharedPtr = std::shared_ptr; using CertificateValidationContextSdsApiSharedPtr = std::shared_ptr; using TlsSessionTicketKeysSdsApiSharedPtr = std::shared_ptr; using GenericSecretSdsApiSharedPtr = std::shared_ptr; /** * TlsCertificateSdsApi implementation maintains and updates dynamic TLS certificate secrets. */ class TlsCertificateSdsApi : public SdsApi, public TlsCertificateConfigProvider { public: static TlsCertificateSdsApiSharedPtr create(Server::Configuration::TransportSocketFactoryContext& secret_provider_context, const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, std::function destructor_cb) { // We need to do this early as we invoke the subscription factory during initialization, which // is too late to throw. Config::Utility::checkLocalInfo("TlsCertificateSdsApi", secret_provider_context.localInfo()); auto ret = std::make_shared( sds_config, sds_config_name, secret_provider_context.clusterManager().subscriptionFactory(), secret_provider_context.dispatcher().timeSource(), secret_provider_context.messageValidationVisitor(), secret_provider_context.stats(), destructor_cb, secret_provider_context.dispatcher(), secret_provider_context.api()); ret->registerInitTarget(secret_provider_context.initManager()); return ret; } TlsCertificateSdsApi(const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api) : SdsApi(sds_config, sds_config_name, subscription_factory, time_source, validation_visitor, stats, std::move(destructor_cb), dispatcher, api) {} // SecretProvider const envoy::extensions::transport_sockets::tls::v3::TlsCertificate* secret() const override { return tls_certificate_secrets_.get(); } Common::CallbackHandle* addValidationCallback( std::function) override { return nullptr; } Common::CallbackHandle* addUpdateCallback(std::function callback) override { if (secret()) { callback(); } return update_callback_manager_.add(callback); } protected: void setSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { tls_certificate_secrets_ = std::make_unique( secret.tls_certificate()); } void validateConfig(const envoy::extensions::transport_sockets::tls::v3::Secret&) override {} std::vector getDataSourceFilenames() override; private: TlsCertificatePtr tls_certificate_secrets_; }; /** * CertificateValidationContextSdsApi implementation maintains and updates dynamic certificate * validation context secrets. */ class CertificateValidationContextSdsApi : public SdsApi, public CertificateValidationContextConfigProvider { public: static CertificateValidationContextSdsApiSharedPtr create(Server::Configuration::TransportSocketFactoryContext& secret_provider_context, const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, std::function destructor_cb) { // We need to do this early as we invoke the subscription factory during initialization, which // is too late to throw. Config::Utility::checkLocalInfo("CertificateValidationContextSdsApi", secret_provider_context.localInfo()); auto ret = std::make_shared( sds_config, sds_config_name, secret_provider_context.clusterManager().subscriptionFactory(), secret_provider_context.dispatcher().timeSource(), secret_provider_context.messageValidationVisitor(), secret_provider_context.stats(), destructor_cb, secret_provider_context.dispatcher(), secret_provider_context.api()); ret->registerInitTarget(secret_provider_context.initManager()); return ret; } CertificateValidationContextSdsApi(const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api) : SdsApi(sds_config, sds_config_name, subscription_factory, time_source, validation_visitor, stats, std::move(destructor_cb), dispatcher, api) {} // SecretProvider const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext* secret() const override { return certificate_validation_context_secrets_.get(); } Common::CallbackHandle* addUpdateCallback(std::function callback) override { if (secret()) { callback(); } return update_callback_manager_.add(callback); } Common::CallbackHandle* addValidationCallback( std::function< void(const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext&)> callback) override { return validation_callback_manager_.add(callback); } protected: void setSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { certificate_validation_context_secrets_ = std::make_unique< envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext>( secret.validation_context()); } void validateConfig(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { validation_callback_manager_.runCallbacks(secret.validation_context()); } std::vector getDataSourceFilenames() override; private: CertificateValidationContextPtr certificate_validation_context_secrets_; Common::CallbackManager< const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext&> validation_callback_manager_; }; /** * TlsSessionTicketKeysSdsApi implementation maintains and updates dynamic tls session ticket keys * secrets. */ class TlsSessionTicketKeysSdsApi : public SdsApi, public TlsSessionTicketKeysConfigProvider { public: static TlsSessionTicketKeysSdsApiSharedPtr create(Server::Configuration::TransportSocketFactoryContext& secret_provider_context, const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, std::function destructor_cb) { // We need to do this early as we invoke the subscription factory during initialization, which // is too late to throw. Config::Utility::checkLocalInfo("TlsSessionTicketKeysSdsApi", secret_provider_context.localInfo()); auto ret = std::make_shared( sds_config, sds_config_name, secret_provider_context.clusterManager().subscriptionFactory(), secret_provider_context.dispatcher().timeSource(), secret_provider_context.messageValidationVisitor(), secret_provider_context.stats(), destructor_cb, secret_provider_context.dispatcher(), secret_provider_context.api()); ret->registerInitTarget(secret_provider_context.initManager()); return ret; } TlsSessionTicketKeysSdsApi(const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api) : SdsApi(sds_config, sds_config_name, subscription_factory, time_source, validation_visitor, stats, std::move(destructor_cb), dispatcher, api) {} // SecretProvider const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys* secret() const override { return tls_session_ticket_keys_.get(); } Common::CallbackHandle* addUpdateCallback(std::function callback) override { if (secret()) { callback(); } return update_callback_manager_.add(callback); } Common::CallbackHandle* addValidationCallback( std::function< void(const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys&)> callback) override { return validation_callback_manager_.add(callback); } protected: void setSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { tls_session_ticket_keys_ = std::make_unique( secret.session_ticket_keys()); } void validateConfig(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { validation_callback_manager_.runCallbacks(secret.session_ticket_keys()); } std::vector getDataSourceFilenames() override; private: Secret::TlsSessionTicketKeysPtr tls_session_ticket_keys_; Common::CallbackManager< const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys&> validation_callback_manager_; }; /** * GenericSecretSdsApi implementation maintains and updates dynamic generic secret. */ class GenericSecretSdsApi : public SdsApi, public GenericSecretConfigProvider { public: static GenericSecretSdsApiSharedPtr create(Server::Configuration::TransportSocketFactoryContext& secret_provider_context, const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, std::function destructor_cb) { // We need to do this early as we invoke the subscription factory during initialization, which // is too late to throw. Config::Utility::checkLocalInfo("GenericSecretSdsApi", secret_provider_context.localInfo()); auto ret = std::make_shared( sds_config, sds_config_name, secret_provider_context.clusterManager().subscriptionFactory(), secret_provider_context.dispatcher().timeSource(), secret_provider_context.messageValidationVisitor(), secret_provider_context.stats(), destructor_cb, secret_provider_context.dispatcher(), secret_provider_context.api()); ret->registerInitTarget(secret_provider_context.initManager()); return ret; } GenericSecretSdsApi(const envoy::config::core::v3::ConfigSource& sds_config, const std::string& sds_config_name, Config::SubscriptionFactory& subscription_factory, TimeSource& time_source, ProtobufMessage::ValidationVisitor& validation_visitor, Stats::Store& stats, std::function destructor_cb, Event::Dispatcher& dispatcher, Api::Api& api) : SdsApi(sds_config, sds_config_name, subscription_factory, time_source, validation_visitor, stats, std::move(destructor_cb), dispatcher, api) {} // SecretProvider const envoy::extensions::transport_sockets::tls::v3::GenericSecret* secret() const override { return generic_secret.get(); } Common::CallbackHandle* addUpdateCallback(std::function callback) override { return update_callback_manager_.add(callback); } Common::CallbackHandle* addValidationCallback( std::function callback) override { return validation_callback_manager_.add(callback); } protected: void setSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { generic_secret = std::make_unique( secret.generic_secret()); } void validateConfig(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override { validation_callback_manager_.runCallbacks(secret.generic_secret()); } std::vector getDataSourceFilenames() override; private: GenericSecretPtr generic_secret; Common::CallbackManager validation_callback_manager_; }; } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/secret/secret_manager_impl.cc ================================================ #include "common/secret/secret_manager_impl.h" #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/config/version_converter.h" #include "common/protobuf/utility.h" #include "common/secret/sds_api.h" #include "common/secret/secret_provider_impl.h" #include "common/ssl/certificate_validation_context_config_impl.h" #include "common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { SecretManagerImpl::SecretManagerImpl(Server::ConfigTracker& config_tracker) : config_tracker_entry_(config_tracker.add("secrets", [this] { return dumpSecretConfigs(); })) { } void SecretManagerImpl::addStaticSecret( const envoy::extensions::transport_sockets::tls::v3::Secret& secret) { switch (secret.type_case()) { case envoy::extensions::transport_sockets::tls::v3::Secret::TypeCase::kTlsCertificate: { auto secret_provider = std::make_shared(secret.tls_certificate()); if (!static_tls_certificate_providers_.insert(std::make_pair(secret.name(), secret_provider)) .second) { throw EnvoyException( absl::StrCat("Duplicate static TlsCertificate secret name ", secret.name())); } break; } case envoy::extensions::transport_sockets::tls::v3::Secret::TypeCase::kValidationContext: { auto secret_provider = std::make_shared( secret.validation_context()); if (!static_certificate_validation_context_providers_ .insert(std::make_pair(secret.name(), secret_provider)) .second) { throw EnvoyException(absl::StrCat( "Duplicate static CertificateValidationContext secret name ", secret.name())); } break; } case envoy::extensions::transport_sockets::tls::v3::Secret::TypeCase::kSessionTicketKeys: { auto secret_provider = std::make_shared(secret.session_ticket_keys()); if (!static_session_ticket_keys_providers_ .insert(std::make_pair(secret.name(), secret_provider)) .second) { throw EnvoyException( absl::StrCat("Duplicate static TlsSessionTicketKeys secret name ", secret.name())); } break; } case envoy::extensions::transport_sockets::tls::v3::Secret::TypeCase::kGenericSecret: { auto secret_provider = std::make_shared(secret.generic_secret()); if (!static_generic_secret_providers_.insert(std::make_pair(secret.name(), secret_provider)) .second) { throw EnvoyException( absl::StrCat("Duplicate static GenericSecret secret name ", secret.name())); } break; } default: throw EnvoyException("Secret type not implemented"); } } TlsCertificateConfigProviderSharedPtr SecretManagerImpl::findStaticTlsCertificateProvider(const std::string& name) const { auto secret = static_tls_certificate_providers_.find(name); return (secret != static_tls_certificate_providers_.end()) ? secret->second : nullptr; } CertificateValidationContextConfigProviderSharedPtr SecretManagerImpl::findStaticCertificateValidationContextProvider(const std::string& name) const { auto secret = static_certificate_validation_context_providers_.find(name); return (secret != static_certificate_validation_context_providers_.end()) ? secret->second : nullptr; } TlsSessionTicketKeysConfigProviderSharedPtr SecretManagerImpl::findStaticTlsSessionTicketKeysContextProvider(const std::string& name) const { auto secret = static_session_ticket_keys_providers_.find(name); return (secret != static_session_ticket_keys_providers_.end()) ? secret->second : nullptr; } GenericSecretConfigProviderSharedPtr SecretManagerImpl::findStaticGenericSecretProvider(const std::string& name) const { auto secret = static_generic_secret_providers_.find(name); return (secret != static_generic_secret_providers_.end()) ? secret->second : nullptr; } TlsCertificateConfigProviderSharedPtr SecretManagerImpl::createInlineTlsCertificateProvider( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate) { return std::make_shared(tls_certificate); } CertificateValidationContextConfigProviderSharedPtr SecretManagerImpl::createInlineCertificateValidationContextProvider( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& certificate_validation_context) { return std::make_shared( certificate_validation_context); } TlsSessionTicketKeysConfigProviderSharedPtr SecretManagerImpl::createInlineTlsSessionTicketKeysProvider( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_session_ticket_keys) { return std::make_shared(tls_session_ticket_keys); } GenericSecretConfigProviderSharedPtr SecretManagerImpl::createInlineGenericSecretProvider( const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret) { return std::make_shared(generic_secret); } TlsCertificateConfigProviderSharedPtr SecretManagerImpl::findOrCreateTlsCertificateProvider( const envoy::config::core::v3::ConfigSource& sds_config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { return certificate_providers_.findOrCreate(sds_config_source, config_name, secret_provider_context); } CertificateValidationContextConfigProviderSharedPtr SecretManagerImpl::findOrCreateCertificateValidationContextProvider( const envoy::config::core::v3::ConfigSource& sds_config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { return validation_context_providers_.findOrCreate(sds_config_source, config_name, secret_provider_context); } TlsSessionTicketKeysConfigProviderSharedPtr SecretManagerImpl::findOrCreateTlsSessionTicketKeysContextProvider( const envoy::config::core::v3::ConfigSource& sds_config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { return session_ticket_keys_providers_.findOrCreate(sds_config_source, config_name, secret_provider_context); } GenericSecretConfigProviderSharedPtr SecretManagerImpl::findOrCreateGenericSecretProvider( const envoy::config::core::v3::ConfigSource& sds_config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { return generic_secret_providers_.findOrCreate(sds_config_source, config_name, secret_provider_context); } ProtobufTypes::MessagePtr SecretManagerImpl::dumpSecretConfigs() { // TODO(htuch): unlike other config providers, we're recreating the original // Secrets below. This makes it hard to support API_RECOVER_ORIGINAL()-style // recovery of the original config message. As a result, for now we're // providing v3 config dumps. For Secrets, the main deprecation of interest // are the use of v2 Struct config() and verify_subject_alt_name. auto config_dump = std::make_unique(); // Handle static tls key/cert providers. for (const auto& cert_iter : static_tls_certificate_providers_) { const auto& tls_cert = cert_iter.second; auto static_secret = config_dump->mutable_static_secrets()->Add(); static_secret->set_name(cert_iter.first); ASSERT(tls_cert != nullptr); envoy::extensions::transport_sockets::tls::v3::Secret dump_secret; dump_secret.set_name(cert_iter.first); dump_secret.mutable_tls_certificate()->MergeFrom(*tls_cert->secret()); MessageUtil::redact(dump_secret); static_secret->mutable_secret()->PackFrom(dump_secret); } // Handle static certificate validation context providers. for (const auto& context_iter : static_certificate_validation_context_providers_) { const auto& validation_context = context_iter.second; auto static_secret = config_dump->mutable_static_secrets()->Add(); static_secret->set_name(context_iter.first); ASSERT(validation_context != nullptr); envoy::extensions::transport_sockets::tls::v3::Secret dump_secret; dump_secret.set_name(context_iter.first); dump_secret.mutable_validation_context()->MergeFrom(*validation_context->secret()); static_secret->mutable_secret()->PackFrom(dump_secret); } // Handle static session keys providers. for (const auto& context_iter : static_session_ticket_keys_providers_) { const auto& session_ticket_keys = context_iter.second; auto static_secret = config_dump->mutable_static_secrets()->Add(); static_secret->set_name(context_iter.first); ASSERT(session_ticket_keys != nullptr); envoy::extensions::transport_sockets::tls::v3::Secret dump_secret; dump_secret.set_name(context_iter.first); for (const auto& key : session_ticket_keys->secret()->keys()) { dump_secret.mutable_session_ticket_keys()->add_keys()->MergeFrom(key); } MessageUtil::redact(dump_secret); static_secret->mutable_secret()->PackFrom(dump_secret); } // Handle static generic secret providers. for (const auto& secret_iter : static_generic_secret_providers_) { const auto& generic_secret = secret_iter.second; auto static_secret = config_dump->mutable_static_secrets()->Add(); static_secret->set_name(secret_iter.first); ASSERT(generic_secret != nullptr); envoy::extensions::transport_sockets::tls::v3::Secret dump_secret; dump_secret.set_name(secret_iter.first); dump_secret.mutable_generic_secret()->MergeFrom(*generic_secret->secret()); MessageUtil::redact(dump_secret); static_secret->mutable_secret()->PackFrom(dump_secret); } // Handle dynamic tls_certificate providers. const auto providers = certificate_providers_.allSecretProviders(); for (const auto& cert_secrets : providers) { const auto& secret_data = cert_secrets->secretData(); const auto& tls_cert = cert_secrets->secret(); envoy::admin::v3::SecretsConfigDump::DynamicSecret* dump_secret; const bool secret_ready = tls_cert != nullptr; if (secret_ready) { dump_secret = config_dump->mutable_dynamic_active_secrets()->Add(); } else { dump_secret = config_dump->mutable_dynamic_warming_secrets()->Add(); } dump_secret->set_name(secret_data.resource_name_); envoy::extensions::transport_sockets::tls::v3::Secret secret; secret.set_name(secret_data.resource_name_); ProtobufWkt::Timestamp last_updated_ts; TimestampUtil::systemClockToTimestamp(secret_data.last_updated_, last_updated_ts); dump_secret->set_version_info(secret_data.version_info_); *dump_secret->mutable_last_updated() = last_updated_ts; secret.set_name(secret_data.resource_name_); if (secret_ready) { secret.mutable_tls_certificate()->MergeFrom(*tls_cert); } MessageUtil::redact(secret); dump_secret->mutable_secret()->PackFrom(secret); } // Handling dynamic cert validation context providers. const auto context_secret_provider = validation_context_providers_.allSecretProviders(); for (const auto& validation_context_secret : context_secret_provider) { const auto& secret_data = validation_context_secret->secretData(); const auto& validation_context = validation_context_secret->secret(); envoy::admin::v3::SecretsConfigDump::DynamicSecret* dump_secret; const bool secret_ready = validation_context != nullptr; if (secret_ready) { dump_secret = config_dump->mutable_dynamic_active_secrets()->Add(); } else { dump_secret = config_dump->mutable_dynamic_warming_secrets()->Add(); } dump_secret->set_name(secret_data.resource_name_); envoy::extensions::transport_sockets::tls::v3::Secret secret; secret.set_name(secret_data.resource_name_); ProtobufWkt::Timestamp last_updated_ts; TimestampUtil::systemClockToTimestamp(secret_data.last_updated_, last_updated_ts); dump_secret->set_version_info(secret_data.version_info_); *dump_secret->mutable_last_updated() = last_updated_ts; if (secret_ready) { secret.mutable_validation_context()->MergeFrom(*validation_context); } dump_secret->mutable_secret()->PackFrom(secret); } // Handle dynamic session keys providers providers. const auto stek_providers = session_ticket_keys_providers_.allSecretProviders(); for (const auto& stek_secrets : stek_providers) { const auto& secret_data = stek_secrets->secretData(); const auto& tls_stek = stek_secrets->secret(); envoy::admin::v3::SecretsConfigDump::DynamicSecret* dump_secret; const bool secret_ready = tls_stek != nullptr; if (secret_ready) { dump_secret = config_dump->mutable_dynamic_active_secrets()->Add(); } else { dump_secret = config_dump->mutable_dynamic_warming_secrets()->Add(); } dump_secret->set_name(secret_data.resource_name_); envoy::extensions::transport_sockets::tls::v3::Secret secret; secret.set_name(secret_data.resource_name_); ProtobufWkt::Timestamp last_updated_ts; TimestampUtil::systemClockToTimestamp(secret_data.last_updated_, last_updated_ts); dump_secret->set_version_info(secret_data.version_info_); *dump_secret->mutable_last_updated() = last_updated_ts; if (secret_ready) { secret.mutable_session_ticket_keys()->MergeFrom(*tls_stek); } MessageUtil::redact(secret); dump_secret->mutable_secret()->PackFrom(secret); } // Handle dynamic generic secret providers. const auto generic_secret_providers = generic_secret_providers_.allSecretProviders(); for (const auto& provider : generic_secret_providers) { const auto& secret_data = provider->secretData(); const auto& generic_secret = provider->secret(); envoy::admin::v3::SecretsConfigDump::DynamicSecret* dump_secret; const bool secret_ready = generic_secret != nullptr; if (secret_ready) { dump_secret = config_dump->mutable_dynamic_active_secrets()->Add(); } else { dump_secret = config_dump->mutable_dynamic_warming_secrets()->Add(); } dump_secret->set_name(secret_data.resource_name_); envoy::extensions::transport_sockets::tls::v3::Secret secret; secret.set_name(secret_data.resource_name_); ProtobufWkt::Timestamp last_updated_ts; TimestampUtil::systemClockToTimestamp(secret_data.last_updated_, last_updated_ts); dump_secret->set_version_info(secret_data.version_info_); *dump_secret->mutable_last_updated() = last_updated_ts; if (secret_ready) { secret.mutable_generic_secret()->MergeFrom(*generic_secret); } MessageUtil::redact(secret); dump_secret->mutable_secret()->PackFrom(secret); } return config_dump; } } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/secret/secret_manager_impl.h ================================================ #pragma once #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/secret/secret_manager.h" #include "envoy/secret/secret_provider.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/ssl/tls_certificate_config.h" #include "common/common/logger.h" #include "common/secret/sds_api.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Secret { class SecretManagerImpl : public SecretManager { public: SecretManagerImpl(Server::ConfigTracker& config_tracker); void addStaticSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) override; TlsCertificateConfigProviderSharedPtr findStaticTlsCertificateProvider(const std::string& name) const override; CertificateValidationContextConfigProviderSharedPtr findStaticCertificateValidationContextProvider(const std::string& name) const override; TlsSessionTicketKeysConfigProviderSharedPtr findStaticTlsSessionTicketKeysContextProvider(const std::string& name) const override; GenericSecretConfigProviderSharedPtr findStaticGenericSecretProvider(const std::string& name) const override; TlsCertificateConfigProviderSharedPtr createInlineTlsCertificateProvider( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate) override; CertificateValidationContextConfigProviderSharedPtr createInlineCertificateValidationContextProvider( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& certificate_validation_context) override; TlsSessionTicketKeysConfigProviderSharedPtr createInlineTlsSessionTicketKeysProvider( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_session_ticket_keys) override; GenericSecretConfigProviderSharedPtr createInlineGenericSecretProvider( const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret) override; TlsCertificateConfigProviderSharedPtr findOrCreateTlsCertificateProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) override; CertificateValidationContextConfigProviderSharedPtr findOrCreateCertificateValidationContextProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) override; TlsSessionTicketKeysConfigProviderSharedPtr findOrCreateTlsSessionTicketKeysContextProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) override; GenericSecretConfigProviderSharedPtr findOrCreateGenericSecretProvider( const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) override; private: ProtobufTypes::MessagePtr dumpSecretConfigs(); template class DynamicSecretProviders : public Logger::Loggable { public: // Finds or creates SdsApi object. std::shared_ptr findOrCreate(const envoy::config::core::v3::ConfigSource& sds_config_source, const std::string& config_name, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { const std::string map_key = absl::StrCat(MessageUtil::hash(sds_config_source), ".", config_name); std::shared_ptr secret_provider = dynamic_secret_providers_[map_key].lock(); if (!secret_provider) { // SdsApi is owned by ListenerImpl and ClusterInfo which are destroyed before // SecretManagerImpl. It is safe to invoke this callback at the destructor of SdsApi. std::function unregister_secret_provider = [map_key, this]() { removeDynamicSecretProvider(map_key); }; secret_provider = SecretType::create(secret_provider_context, sds_config_source, config_name, unregister_secret_provider); dynamic_secret_providers_[map_key] = secret_provider; } return secret_provider; } std::vector> allSecretProviders() { std::vector> providers; for (const auto& secret_entry : dynamic_secret_providers_) { std::shared_ptr secret_provider = secret_entry.second.lock(); if (secret_provider) { providers.push_back(std::move(secret_provider)); } } return providers; } private: // Removes dynamic secret provider which has been deleted. void removeDynamicSecretProvider(const std::string& map_key) { ENVOY_LOG(debug, "Unregister secret provider. hash key: {}", map_key); auto num_deleted = dynamic_secret_providers_.erase(map_key); ASSERT(num_deleted == 1, ""); } absl::node_hash_map> dynamic_secret_providers_; }; // Manages pairs of secret name and TlsCertificateConfigProviderSharedPtr. absl::node_hash_map static_tls_certificate_providers_; // Manages pairs of secret name and CertificateValidationContextConfigProviderSharedPtr. absl::node_hash_map static_certificate_validation_context_providers_; absl::node_hash_map static_session_ticket_keys_providers_; // Manages pairs of secret name and GenericSecretConfigProviderSharedPtr. absl::node_hash_map static_generic_secret_providers_; // map hash code of SDS config source and SdsApi object. DynamicSecretProviders certificate_providers_; DynamicSecretProviders validation_context_providers_; DynamicSecretProviders session_ticket_keys_providers_; DynamicSecretProviders generic_secret_providers_; Server::ConfigTracker::EntryOwnerPtr config_tracker_entry_; }; } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/secret/secret_provider_impl.cc ================================================ #include "common/secret/secret_provider_impl.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "common/common/assert.h" #include "common/ssl/certificate_validation_context_config_impl.h" #include "common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { TlsCertificateConfigProviderImpl::TlsCertificateConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate) : tls_certificate_( std::make_unique( tls_certificate)) {} CertificateValidationContextConfigProviderImpl::CertificateValidationContextConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& certificate_validation_context) : certificate_validation_context_( std::make_unique< envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext>( certificate_validation_context)) {} TlsSessionTicketKeysConfigProviderImpl::TlsSessionTicketKeysConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_session_ticket_keys) : tls_session_ticket_keys_( std::make_unique( tls_session_ticket_keys)) {} GenericSecretConfigProviderImpl::GenericSecretConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret) : generic_secret_( std::make_unique( generic_secret)) {} } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/secret/secret_provider_impl.h ================================================ #pragma once #include #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/secret/secret_provider.h" #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/ssl/tls_certificate_config.h" namespace Envoy { namespace Secret { class TlsCertificateConfigProviderImpl : public TlsCertificateConfigProvider { public: TlsCertificateConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate); const envoy::extensions::transport_sockets::tls::v3::TlsCertificate* secret() const override { return tls_certificate_.get(); } Common::CallbackHandle* addValidationCallback( std::function) override { return nullptr; } Common::CallbackHandle* addUpdateCallback(std::function) override { return nullptr; } private: Secret::TlsCertificatePtr tls_certificate_; }; class CertificateValidationContextConfigProviderImpl : public CertificateValidationContextConfigProvider { public: CertificateValidationContextConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& certificate_validation_context); const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext* secret() const override { return certificate_validation_context_.get(); } Common::CallbackHandle* addValidationCallback( std::function< void(const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext&)>) override { return nullptr; } Common::CallbackHandle* addUpdateCallback(std::function) override { return nullptr; } private: Secret::CertificateValidationContextPtr certificate_validation_context_; }; class TlsSessionTicketKeysConfigProviderImpl : public TlsSessionTicketKeysConfigProvider { public: TlsSessionTicketKeysConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_session_ticket_keys); const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys* secret() const override { return tls_session_ticket_keys_.get(); } Common::CallbackHandle* addValidationCallback( std::function) override { return nullptr; } Common::CallbackHandle* addUpdateCallback(std::function) override { return nullptr; } private: Secret::TlsSessionTicketKeysPtr tls_session_ticket_keys_; }; class GenericSecretConfigProviderImpl : public GenericSecretConfigProvider { public: GenericSecretConfigProviderImpl( const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret); const envoy::extensions::transport_sockets::tls::v3::GenericSecret* secret() const override { return generic_secret_.get(); } Common::CallbackHandle* addValidationCallback( std::function) override { return nullptr; } Common::CallbackHandle* addUpdateCallback(std::function) override { return nullptr; } private: Secret::GenericSecretPtr generic_secret_; }; } // namespace Secret } // namespace Envoy ================================================ FILE: source/common/shared_pool/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "shared_pool_lib", hdrs = [ "shared_pool.h", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/singleton:instance_interface", "//source/common/common:assert_lib", "//source/common/common:non_copyable", "//source/common/common:thread_synchronizer_lib", ], ) ================================================ FILE: source/common/shared_pool/shared_pool.h ================================================ #pragma once #include #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/singleton/instance.h" #include "common/common/assert.h" #include "common/common/non_copyable.h" #include "common/common/thread_synchronizer.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace SharedPool { /** * Used to share objects that have the same content. * control the life cycle of shared objects by reference counting * * Note: ObjectSharedPool needs to be created in the main thread, * all the member methods can only be called in the main thread, * it does not have the ownership of object stored internally, the internal storage is weak_ptr, * when the internal storage object destructor executes the custom deleter to remove its own * weak_ptr from the ObjectSharedPool. * * There is also a need to ensure that the thread where ObjectSharedPool's destructor is also in the * main thread, or that ObjectSharedPool destruct before the program exit */ template , class = typename std::enable_if::value>::type> class ObjectSharedPool : public Singleton::Instance, public std::enable_shared_from_this>, NonCopyable { public: ObjectSharedPool(Event::Dispatcher& dispatcher) : thread_id_(std::this_thread::get_id()), dispatcher_(dispatcher) {} void deleteObject(const size_t hash_key) { if (std::this_thread::get_id() == thread_id_) { // There may be new inserts with the same hash value before deleting the old element, // so there is no need to delete it at this time. if (object_pool_.find(hash_key) != object_pool_.end() && object_pool_[hash_key].use_count() == 0) { object_pool_.erase(hash_key); } } else { // Most of the time, the object's destructor occurs in the main thread, but with some // exceptions, it is destructed in the worker thread. In order to keep the object_pool_ thread // safe, the deleteObject needs to be delivered to the main thread. auto this_shared_ptr = this->shared_from_this(); // Used for testing to simulate some race condition scenarios sync_.syncPoint(DeleteObjectOnMainThread); dispatcher_.post([hash_key, this_shared_ptr] { this_shared_ptr->deleteObject(hash_key); }); } } std::shared_ptr getObject(const T& obj) { ASSERT(std::this_thread::get_id() == thread_id_); auto hashed_value = HashFunc{}(obj); auto object_it = object_pool_.find(hashed_value); if (object_it != object_pool_.end()) { auto lock_object = object_it->second.lock(); if (lock_object) { return lock_object; } } auto this_shared_ptr = this->shared_from_this(); std::shared_ptr obj_shared(new T(obj), [hashed_value, this_shared_ptr](T* ptr) { this_shared_ptr->sync().syncPoint(ObjectSharedPool::ObjectDeleterEntry); // release ptr as early as possible to avoid exposure of ptr, resulting in undefined behavior. delete ptr; this_shared_ptr->deleteObject(hashed_value); }); // When inserted, it is possible that the old elements still exist before they can be deleted, // and the insertion will fail and therefore need to be overwritten. auto ret = object_pool_.try_emplace(hashed_value, obj_shared); if (!ret.second) { ASSERT(ret.first->second.use_count() == 0); ret.first->second = obj_shared; } return obj_shared; } std::size_t poolSize() const { ASSERT(std::this_thread::get_id() == thread_id_); return object_pool_.size(); } /** * @return a thread synchronizer object used for reproducing a race-condition in tests. */ Thread::ThreadSynchronizer& sync() { return sync_; } static const char DeleteObjectOnMainThread[]; static const char ObjectDeleterEntry[]; private: const std::thread::id thread_id_; absl::flat_hash_map> object_pool_; Event::Dispatcher& dispatcher_; Thread::ThreadSynchronizer sync_; }; template const char ObjectSharedPool::DeleteObjectOnMainThread[] = "delete-object-on-main"; template const char ObjectSharedPool::ObjectDeleterEntry[] = "deleter-entry"; } // namespace SharedPool } // namespace Envoy ================================================ FILE: source/common/signal/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "fatal_error_handler_lib", srcs = ["fatal_error_handler.cc"], hdrs = ["fatal_error_handler.h"], deps = [ "//source/common/common:macros", ], ) envoy_cc_library( name = "sigaction_lib", srcs = ["signal_action.cc"], hdrs = ["signal_action.h"], tags = ["backtrace"], deps = [ ":fatal_error_handler_lib", "//source/common/common:assert_lib", "//source/common/common:non_copyable", "//source/common/singleton:threadsafe_singleton", "//source/server:backtrace_lib", ], ) ================================================ FILE: source/common/signal/fatal_error_handler.cc ================================================ #include "common/signal/fatal_error_handler.h" #include #include "common/common/macros.h" #include "absl/base/attributes.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace FatalErrorHandler { namespace { ABSL_CONST_INIT static absl::Mutex failure_mutex(absl::kConstInit); // Since we can't grab the failure mutex on fatal error (snagging locks under // fatal crash causing potential deadlocks) access the handler list as an atomic // operation, which is async-signal-safe. If the crash handler runs at the same // time as another thread tries to modify the list, one of them will get the // list and the other will get nullptr instead. If the crash handler loses the // race and gets nullptr, it won't run any of the registered error handlers. using FailureFunctionList = std::list; ABSL_CONST_INIT std::atomic fatal_error_handlers{nullptr}; } // namespace void registerFatalErrorHandler(const FatalErrorHandlerInterface& handler) { #ifdef ENVOY_OBJECT_TRACE_ON_DUMP absl::MutexLock l(&failure_mutex); FailureFunctionList* list = fatal_error_handlers.exchange(nullptr, std::memory_order_relaxed); if (list == nullptr) { list = new FailureFunctionList; } list->push_back(&handler); fatal_error_handlers.store(list, std::memory_order_release); #else UNREFERENCED_PARAMETER(handler); #endif } void removeFatalErrorHandler(const FatalErrorHandlerInterface& handler) { #ifdef ENVOY_OBJECT_TRACE_ON_DUMP absl::MutexLock l(&failure_mutex); FailureFunctionList* list = fatal_error_handlers.exchange(nullptr, std::memory_order_relaxed); if (list == nullptr) { // removeFatalErrorHandler() may see an empty list of fatal error handlers // if it's called at the same time as callFatalErrorHandlers(). In that case // Envoy is in the middle of crashing anyway, but don't add a segfault on // top of the crash. return; } list->remove(&handler); if (list->empty()) { delete list; } else { fatal_error_handlers.store(list, std::memory_order_release); } #else UNREFERENCED_PARAMETER(handler); #endif } void callFatalErrorHandlers(std::ostream& os) { FailureFunctionList* list = fatal_error_handlers.exchange(nullptr, std::memory_order_relaxed); if (list != nullptr) { for (const auto* handler : *list) { handler->onFatalError(os); } delete list; } } } // namespace FatalErrorHandler } // namespace Envoy ================================================ FILE: source/common/signal/fatal_error_handler.h ================================================ #pragma once #include #include "envoy/common/pure.h" namespace Envoy { // A simple class which allows registering functions to be called when Envoy // receives one of the fatal signals, documented in signal_action.h. class FatalErrorHandlerInterface { public: virtual ~FatalErrorHandlerInterface() = default; // Called when Envoy receives a fatal signal. Must be async-signal-safe: in // particular, it can't allocate memory. virtual void onFatalError(std::ostream& os) const PURE; }; namespace FatalErrorHandler { /** * Add this handler to the list of functions which will be called if Envoy * receives a fatal signal. */ void registerFatalErrorHandler(const FatalErrorHandlerInterface& handler); /** * Removes this handler from the list of functions which will be called if Envoy * receives a fatal signal. */ void removeFatalErrorHandler(const FatalErrorHandlerInterface& handler); /** * Calls and unregisters the fatal error handlers registered with * registerFatalErrorHandler. This is async-signal-safe and intended to be * called from a fatal signal handler. */ void callFatalErrorHandlers(std::ostream& os); } // namespace FatalErrorHandler } // namespace Envoy ================================================ FILE: source/common/signal/signal_action.cc ================================================ #include "common/signal/signal_action.h" #include #include #include "common/common/assert.h" #include "common/version/version.h" namespace Envoy { constexpr int SignalAction::FATAL_SIGS[]; void SignalAction::sigHandler(int sig, siginfo_t* info, void* context) { BackwardsTrace tracer; tracer.logFault(strsignal(sig), info->si_addr); if (context != nullptr) { tracer.captureFrom(context); } else { tracer.capture(); } tracer.logTrace(); // Finally after logging the stack trace, call any registered crash handlers. FatalErrorHandler::callFatalErrorHandlers(std::cerr); signal(sig, SIG_DFL); raise(sig); } void SignalAction::installSigHandlers() { stack_t stack; stack.ss_sp = altstack_ + guard_size_; // Guard page at one end ... stack.ss_size = altstack_size_; // ... guard page at the other stack.ss_flags = 0; RELEASE_ASSERT(sigaltstack(&stack, &previous_altstack_) == 0, ""); // Make sure VersionInfo::version() is initialized so we don't allocate std::string in signal // handlers. RELEASE_ASSERT(!VersionInfo::version().empty(), ""); int hidx = 0; for (const auto& sig : FATAL_SIGS) { struct sigaction saction; std::memset(&saction, 0, sizeof(saction)); sigemptyset(&saction.sa_mask); saction.sa_flags = (SA_SIGINFO | SA_ONSTACK | SA_RESETHAND | SA_NODEFER); saction.sa_sigaction = sigHandler; auto* handler = &previous_handlers_[hidx++]; RELEASE_ASSERT(sigaction(sig, &saction, handler) == 0, ""); } } void SignalAction::removeSigHandlers() { #if defined(__APPLE__) // ss_flags contains SS_DISABLE, but Darwin still checks the size, contrary to the man page if (previous_altstack_.ss_size < MINSIGSTKSZ) { previous_altstack_.ss_size = MINSIGSTKSZ; } #endif RELEASE_ASSERT(sigaltstack(&previous_altstack_, nullptr) == 0, ""); int hidx = 0; for (const auto& sig : FATAL_SIGS) { auto* handler = &previous_handlers_[hidx++]; RELEASE_ASSERT(sigaction(sig, handler, nullptr) == 0, ""); } } #if defined(__APPLE__) && !defined(MAP_STACK) #define MAP_STACK (0) #endif void SignalAction::mapAndProtectStackMemory() { // Per docs MAP_STACK doesn't actually do anything today but provides a // library hint that might be used in the future. altstack_ = static_cast(mmap(nullptr, mapSizeWithGuards(), PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0)); RELEASE_ASSERT(altstack_, ""); RELEASE_ASSERT(mprotect(altstack_, guard_size_, PROT_NONE) == 0, ""); RELEASE_ASSERT(mprotect(altstack_ + guard_size_ + altstack_size_, guard_size_, PROT_NONE) == 0, ""); } void SignalAction::unmapStackMemory() { munmap(altstack_, mapSizeWithGuards()); } void SignalAction::doGoodAccessForTest() { volatile char* altaltstack = altstack_; for (size_t i = 0; i < altstack_size_; ++i) { *(altaltstack + guard_size_ + i) = 42; } for (size_t i = 0; i < altstack_size_; ++i) { ASSERT(*(altaltstack + guard_size_ + i) == 42); } } void SignalAction::tryEvilAccessForTest(bool end) { volatile char* altaltstack = altstack_; if (end) { // One byte past the valid region // http://oeis.org/A001969 *(altaltstack + guard_size_ + altstack_size_) = 43; } else { // One byte before the valid region *(altaltstack + guard_size_ - 1) = 43; } } } // namespace Envoy ================================================ FILE: source/common/signal/signal_action.h ================================================ #pragma once #include #include #include #include #include "common/common/non_copyable.h" #include "common/signal/fatal_error_handler.h" #include "server/backtrace.h" namespace Envoy { /** * This class installs signal handlers for fatal signal types. * * These signals are handled: * SIGABRT * SIGBUS * SIGFPE * SIGILL * SIGSEGV * * Upon intercepting the signal the following actions are taken: * * A Backtrace is printed from the address the signal was encountered at, if * it is possible to retrieve. * * The signal handler is reset to the default handler (which is expected to * terminate the process). * * The signal is raised again (which ultimately kills the process) * * The signal handler must run on an alternative stack so that we can do the * stack unwind on the original stack. Memory is allocated for this purpose when * this object is constructed. When this object goes out of scope the memory * used for the alternate signal stack is destroyed and the previous signal handler * and alt stack if previously used are restored. * * Note that we do NOT restore the previously saved sigaction and alt stack in * the signal handler itself. This is fraught with complexity and has little * benefit. The inner most scope SignalAction will terminate the process by * re-raising the fatal signal with default handler. * * It is recommended that this object be instantiated at the highest possible * scope, e.g., in main(). This enables fatal signal handling for almost all code * executed. Because of the save-and-restore behavior it is possible for * SignalAction to be used at both wider and tighter scopes without issue. */ class SignalAction : NonCopyable { public: SignalAction() : guard_size_(sysconf(_SC_PAGE_SIZE)), altstack_size_(std::max(guard_size_ * 4, static_cast(MINSIGSTKSZ))) { mapAndProtectStackMemory(); installSigHandlers(); } ~SignalAction() { removeSigHandlers(); unmapStackMemory(); } /** * Helpers for testing guarded stack memory */ void doGoodAccessForTest(); void tryEvilAccessForTest(bool end); /** * The actual signal handler function with prototype matching signal.h * * Public so that we can exercise it directly from a test. */ static void sigHandler(int sig, siginfo_t* info, void* context); private: /** * Allocate this many bytes on each side of the area used for alt stack. * * Set to system page size. * * The memory will be protected from read and write. */ const size_t guard_size_; /** * Use this many bytes for the alternate signal handling stack. * * Initialized as a multiple of page size (although signalstack will * do alignment as needed). * * Additionally, two guard pages will be allocated to bookend the usable area. */ const size_t altstack_size_; /** * This constant array defines the signals we will insert handlers for. * * Essentially this is the list of signals that would cause a core dump. * The object will contain an array of struct sigactions with the same number * of elements that are in this array. */ static constexpr int FATAL_SIGS[] = {SIGABRT, SIGBUS, SIGFPE, SIGILL, SIGSEGV}; /** * Return the memory size we actually map including two guard pages. */ size_t mapSizeWithGuards() const { return altstack_size_ + guard_size_ * 2; } /** * Install all signal handlers and setup signal handling stack. */ void installSigHandlers(); /** * Remove all signal handlers. * * Must be executed before the alt stack memory goes away. * * Signal handlers will be reset to the default, NOT back to any signal * handler existing before InstallSigHandlers(). */ void removeSigHandlers(); /** * Use mmap to map anonymous memory for the alternative stack. * * GUARD_SIZE on either end of the memory will be marked PROT_NONE, protected * from all access. */ void mapAndProtectStackMemory(); /** * Unmap alternative stack memory. */ void unmapStackMemory(); char* altstack_{}; std::array previous_handlers_; stack_t previous_altstack_; }; } // namespace Envoy ================================================ FILE: source/common/singleton/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "const_singleton", hdrs = ["const_singleton.h"], ) envoy_cc_library( name = "manager_impl_lib", srcs = ["manager_impl.cc"], hdrs = ["manager_impl.h"], deps = [ "//include/envoy/registry", "//include/envoy/singleton:manager_interface", "//source/common/common:assert_lib", "//source/common/common:non_copyable", "//source/common/common:thread_lib", ], ) envoy_cc_library( name = "threadsafe_singleton", hdrs = ["threadsafe_singleton.h"], external_deps = ["abseil_base"], deps = ["//source/common/common:assert_lib"], ) ================================================ FILE: source/common/singleton/const_singleton.h ================================================ #pragma once namespace Envoy { /** * ConstSingleton allows easy global cross-thread access to a const object. * * This singleton should be used for data which is initialized once at * start-up and then be treated as immutable const data thereafter. */ template class ConstSingleton { public: /** * Obtain an instance of the singleton for class T. * @return const T& a reference to the singleton for class T. */ static const T& get() { static T* instance = new T(); return *instance; } }; } // namespace Envoy ================================================ FILE: source/common/singleton/manager_impl.cc ================================================ #include "common/singleton/manager_impl.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "common/common/fmt.h" namespace Envoy { namespace Singleton { InstanceSharedPtr ManagerImpl::get(const std::string& name, SingletonFactoryCb cb) { ASSERT(run_tid_ == thread_factory_.currentThreadId()); if (nullptr == Registry::FactoryRegistry::getFactory(name)) { PANIC(fmt::format("invalid singleton name '{}'. Make sure it is registered.", name)); } if (nullptr == singletons_[name].lock()) { InstanceSharedPtr singleton = cb(); singletons_[name] = singleton; return singleton; } else { return singletons_[name].lock(); } } } // namespace Singleton } // namespace Envoy ================================================ FILE: source/common/singleton/manager_impl.h ================================================ #pragma once #include "envoy/singleton/manager.h" #include "envoy/thread/thread.h" #include "common/common/non_copyable.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Singleton { /** * Implementation of the singleton manager that checks the registry for name validity. It is * assumed the singleton manager is only used on the main thread so it is not thread safe. Asserts * verify that. */ class ManagerImpl : public Manager, NonCopyable { public: explicit ManagerImpl(Thread::ThreadFactory& thread_factory) : thread_factory_(thread_factory), run_tid_(thread_factory.currentThreadId()) {} // Singleton::Manager InstanceSharedPtr get(const std::string& name, SingletonFactoryCb cb) override; private: absl::node_hash_map> singletons_; Thread::ThreadFactory& thread_factory_; const Thread::ThreadId run_tid_; }; } // namespace Singleton } // namespace Envoy ================================================ FILE: source/common/singleton/threadsafe_singleton.h ================================================ #pragma once #include #include "common/common/assert.h" #include "absl/base/call_once.h" namespace Envoy { /** * ThreadSafeSingleton allows easy global cross-thread access to a non-const object. * * This singleton class should be used for singletons which must be globally * accessible but can not be marked as const. All functions in the singleton class * *must* be threadsafe. * * Note that there is heavy resistance in Envoy to adding this type of singleton * if data will persist with state changes across tests, as it becomes difficult * to write clean unit tests if a state change in one test will persist into * another test. Be wary of using it. A example of acceptable usage is OsSyscallsImpl, * where the functions are not strictly speaking const, but affect the OS rather than the * class itself. An example of unacceptable usage upstream would be for * globally accessible stat counters, it would have the aforementioned problem * where state "leaks" across tests. * * */ template class TestThreadsafeSingletonInjector; template class ThreadSafeSingleton { public: static T& get() { absl::call_once(ThreadSafeSingleton::create_once_, &ThreadSafeSingleton::Create); return *ThreadSafeSingleton::instance_; } protected: template friend class TestThreadsafeSingletonInjector; static void Create() { instance_ = new T(); } static absl::once_flag create_once_; static T* instance_; }; template absl::once_flag ThreadSafeSingleton::create_once_; template T* ThreadSafeSingleton::instance_ = nullptr; // An instance of a singleton class which has the same thread safety properties // as ThreadSafeSingleton, but must be created via initialize prior to access. // // As with ThreadSafeSingleton the use of this class is generally discouraged. template class InjectableSingleton { public: static T& get() { RELEASE_ASSERT(loader_ != nullptr, "InjectableSingleton used prior to initialization"); return *loader_; } static T* getExisting() { return loader_; } static void initialize(T* value) { RELEASE_ASSERT(value != nullptr, "InjectableSingleton initialized with non-null value."); RELEASE_ASSERT(loader_ == nullptr, "InjectableSingleton initialized multiple times."); loader_ = value; } static void clear() { loader_ = nullptr; } protected: static T* loader_; }; template T* InjectableSingleton::loader_ = nullptr; template class ScopedInjectableLoader { public: ScopedInjectableLoader(std::unique_ptr&& instance) { instance_ = std::move(instance); InjectableSingleton::initialize(instance_.get()); } ~ScopedInjectableLoader() { InjectableSingleton::clear(); } private: std::unique_ptr instance_; }; } // namespace Envoy ================================================ FILE: source/common/ssl/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "tls_certificate_config_impl_lib", srcs = ["tls_certificate_config_impl.cc"], hdrs = ["tls_certificate_config_impl.h"], deps = [ "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:tls_certificate_config_interface", "//include/envoy/ssl/private_key:private_key_interface", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "certificate_validation_context_config_impl_lib", srcs = ["certificate_validation_context_config_impl.cc"], hdrs = ["certificate_validation_context_config_impl.h"], deps = [ "//include/envoy/api:api_interface", "//include/envoy/ssl:certificate_validation_context_config_interface", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/ssl/certificate_validation_context_config_impl.cc ================================================ #include "common/ssl/certificate_validation_context_config_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/config/datasource.h" namespace Envoy { namespace Ssl { static const std::string INLINE_STRING = ""; CertificateValidationContextConfigImpl::CertificateValidationContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& config, Api::Api& api) : ca_cert_(Config::DataSource::read(config.trusted_ca(), true, api)), ca_cert_path_(Config::DataSource::getPath(config.trusted_ca()) .value_or(ca_cert_.empty() ? EMPTY_STRING : INLINE_STRING)), certificate_revocation_list_(Config::DataSource::read(config.crl(), true, api)), certificate_revocation_list_path_( Config::DataSource::getPath(config.crl()) .value_or(certificate_revocation_list_.empty() ? EMPTY_STRING : INLINE_STRING)), verify_subject_alt_name_list_( config.hidden_envoy_deprecated_verify_subject_alt_name().begin(), config.hidden_envoy_deprecated_verify_subject_alt_name().end()), subject_alt_name_matchers_(config.match_subject_alt_names().begin(), config.match_subject_alt_names().end()), verify_certificate_hash_list_(config.verify_certificate_hash().begin(), config.verify_certificate_hash().end()), verify_certificate_spki_list_(config.verify_certificate_spki().begin(), config.verify_certificate_spki().end()), allow_expired_certificate_(config.allow_expired_certificate()), trust_chain_verification_(config.trust_chain_verification()) { if (ca_cert_.empty()) { if (!certificate_revocation_list_.empty()) { throw EnvoyException(fmt::format("Failed to load CRL from {} without trusted CA", certificateRevocationListPath())); } if (!subject_alt_name_matchers_.empty() || !verify_subject_alt_name_list_.empty()) { throw EnvoyException("SAN-based verification of peer certificates without " "trusted CA is insecure and not allowed"); } if (allow_expired_certificate_) { throw EnvoyException("Certificate validity period is always ignored without trusted CA"); } } } } // namespace Ssl } // namespace Envoy ================================================ FILE: source/common/ssl/certificate_validation_context_config_impl.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/type/matcher/v3/string.pb.h" namespace Envoy { namespace Ssl { class CertificateValidationContextConfigImpl : public CertificateValidationContextConfig { public: CertificateValidationContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& config, Api::Api& api); const std::string& caCert() const override { return ca_cert_; } const std::string& caCertPath() const override { return ca_cert_path_; } const std::string& certificateRevocationList() const override { return certificate_revocation_list_; } const std::string& certificateRevocationListPath() const final { return certificate_revocation_list_path_; } const std::vector& verifySubjectAltNameList() const override { return verify_subject_alt_name_list_; } const std::vector& subjectAltNameMatchers() const override { return subject_alt_name_matchers_; } const std::vector& verifyCertificateHashList() const override { return verify_certificate_hash_list_; } const std::vector& verifyCertificateSpkiList() const override { return verify_certificate_spki_list_; } bool allowExpiredCertificate() const override { return allow_expired_certificate_; } envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext:: TrustChainVerification trustChainVerification() const override { return trust_chain_verification_; } private: const std::string ca_cert_; const std::string ca_cert_path_; const std::string certificate_revocation_list_; const std::string certificate_revocation_list_path_; const std::vector verify_subject_alt_name_list_; const std::vector subject_alt_name_matchers_; const std::vector verify_certificate_hash_list_; const std::vector verify_certificate_spki_list_; const bool allow_expired_certificate_; const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext:: TrustChainVerification trust_chain_verification_; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: source/common/ssl/tls_certificate_config_impl.cc ================================================ #include "common/ssl/tls_certificate_config_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/server/transport_socket_config.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/config/datasource.h" namespace Envoy { namespace Ssl { namespace { std::vector readOcspStaple(const envoy::config::core::v3::DataSource& source, Api::Api& api) { std::string staple = Config::DataSource::read(source, true, api); if (source.specifier_case() == envoy::config::core::v3::DataSource::SpecifierCase::kInlineString) { throw EnvoyException("OCSP staple cannot be provided via inline_string"); } return {staple.begin(), staple.end()}; } } // namespace static const std::string INLINE_STRING = ""; TlsCertificateConfigImpl::TlsCertificateConfigImpl( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& config, Server::Configuration::TransportSocketFactoryContext* factory_context, Api::Api& api) : certificate_chain_(Config::DataSource::read(config.certificate_chain(), true, api)), certificate_chain_path_( Config::DataSource::getPath(config.certificate_chain()) .value_or(certificate_chain_.empty() ? EMPTY_STRING : INLINE_STRING)), private_key_(Config::DataSource::read(config.private_key(), true, api)), private_key_path_(Config::DataSource::getPath(config.private_key()) .value_or(private_key_.empty() ? EMPTY_STRING : INLINE_STRING)), password_(Config::DataSource::read(config.password(), true, api)), password_path_(Config::DataSource::getPath(config.password()) .value_or(password_.empty() ? EMPTY_STRING : INLINE_STRING)), ocsp_staple_(readOcspStaple(config.ocsp_staple(), api)), ocsp_staple_path_(Config::DataSource::getPath(config.ocsp_staple()) .value_or(ocsp_staple_.empty() ? EMPTY_STRING : INLINE_STRING)), private_key_method_( factory_context != nullptr && config.has_private_key_provider() ? factory_context->sslContextManager() .privateKeyMethodManager() .createPrivateKeyMethodProvider(config.private_key_provider(), *factory_context) : nullptr) { if (config.has_private_key_provider() && config.has_private_key()) { throw EnvoyException(fmt::format( "Certificate configuration can't have both private_key and private_key_provider")); } if (certificate_chain_.empty() || (private_key_.empty() && private_key_method_ == nullptr)) { throw EnvoyException(fmt::format("Failed to load incomplete certificate from {}, {}", certificate_chain_path_, private_key_path_)); } } } // namespace Ssl } // namespace Envoy ================================================ FILE: source/common/ssl/tls_certificate_config_impl.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/tls_certificate_config.h" namespace Envoy { namespace Ssl { class TlsCertificateConfigImpl : public TlsCertificateConfig { public: TlsCertificateConfigImpl( const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& config, Server::Configuration::TransportSocketFactoryContext* factory_context, Api::Api& api); const std::string& certificateChain() const override { return certificate_chain_; } const std::string& certificateChainPath() const override { return certificate_chain_path_; } const std::string& privateKey() const override { return private_key_; } const std::string& privateKeyPath() const override { return private_key_path_; } const std::string& password() const override { return password_; } const std::string& passwordPath() const override { return password_path_; } const std::vector& ocspStaple() const override { return ocsp_staple_; } const std::string& ocspStaplePath() const override { return ocsp_staple_path_; } Envoy::Ssl::PrivateKeyMethodProviderSharedPtr privateKeyMethod() const override { return private_key_method_; } private: const std::string certificate_chain_; const std::string certificate_chain_path_; const std::string private_key_; const std::string private_key_path_; const std::string password_; const std::string password_path_; const std::vector ocsp_staple_; const std::string ocsp_staple_path_; Envoy::Ssl::PrivateKeyMethodProviderSharedPtr private_key_method_{}; }; } // namespace Ssl } // namespace Envoy ================================================ FILE: source/common/stats/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "allocator_lib", srcs = ["allocator_impl.cc"], hdrs = ["allocator_impl.h"], deps = [ ":metric_impl_lib", ":stat_merger_lib", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:thread_annotations", "//source/common/common:thread_lib", "//source/common/common:thread_synchronizer_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "histogram_lib", srcs = ["histogram_impl.cc"], hdrs = ["histogram_impl.h"], external_deps = [ "libcircllhist", ], deps = [ ":metric_impl_lib", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:matchers_lib", "//source/common/common:utility_lib", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "isolated_store_lib", srcs = ["isolated_store_impl.cc"], hdrs = ["isolated_store_impl.h"], deps = [ ":histogram_lib", ":null_counter_lib", ":null_gauge_lib", ":null_text_readout_lib", ":scope_prefixer_lib", ":stats_lib", ":store_impl_lib", ":tag_utility_lib", "//include/envoy/stats:stats_macros", "//source/common/stats:allocator_lib", ], ) envoy_cc_library( name = "metric_impl_lib", srcs = ["metric_impl.cc"], hdrs = ["metric_impl.h"], deps = [ ":symbol_table_lib", "//include/envoy/stats:stats_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "tag_utility_lib", srcs = ["tag_utility.cc"], hdrs = ["tag_utility.h"], deps = [ ":symbol_table_lib", "//include/envoy/stats:stats_interface", "//include/envoy/stats:symbol_table_interface", ], ) envoy_cc_library( name = "null_counter_lib", hdrs = ["null_counter.h"], deps = [ ":metric_impl_lib", ":symbol_table_lib", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "null_gauge_lib", hdrs = ["null_gauge.h"], deps = [ ":metric_impl_lib", ":symbol_table_lib", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "null_text_readout_lib", hdrs = ["null_text_readout.h"], deps = [ ":metric_impl_lib", ":symbol_table_lib", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "recent_lookups_lib", srcs = ["recent_lookups.cc"], hdrs = ["recent_lookups.h"], deps = [ "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "store_impl_lib", hdrs = ["store_impl.h"], deps = [ ":symbol_table_lib", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "scope_prefixer_lib", srcs = ["scope_prefixer.cc"], hdrs = ["scope_prefixer.h"], deps = [ ":symbol_table_lib", ":utility_lib", "//include/envoy/stats:stats_interface", ], ) envoy_cc_library( name = "stat_merger_lib", srcs = ["stat_merger.cc"], hdrs = ["stat_merger.h"], deps = [ ":symbol_table_lib", "//include/envoy/stats:stats_interface", "//source/common/protobuf", ], ) envoy_cc_library( name = "stats_lib", deps = [ ":histogram_lib", ":metric_impl_lib", ":symbol_table_lib", ":tag_extractor_lib", ":utility_lib", "//include/envoy/common:time_interface", "//include/envoy/server:options_interface", "//include/envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:non_copyable", "//source/common/common:perf_annotation_lib", "//source/common/common:thread_annotations", "//source/common/common:utility_lib", "//source/common/protobuf", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "symbol_table_lib", srcs = ["symbol_table_impl.cc"], hdrs = ["symbol_table_impl.h"], external_deps = ["abseil_base"], deps = [ ":recent_lookups_lib", "//include/envoy/stats:symbol_table_interface", "//source/common/common:assert_lib", "//source/common/common:logger_lib", "//source/common/common:mem_block_builder_lib", "//source/common/common:thread_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "tag_extractor_lib", srcs = ["tag_extractor_impl.cc"], hdrs = ["tag_extractor_impl.h"], deps = [ "//include/envoy/stats:stats_interface", "//source/common/common:perf_annotation_lib", "//source/common/common:regex_lib", ], ) envoy_cc_library( name = "tag_producer_lib", srcs = ["tag_producer_impl.cc"], hdrs = ["tag_producer_impl.h"], external_deps = ["abseil_node_hash_set"], deps = [ ":tag_extractor_lib", "//include/envoy/stats:stats_interface", "//source/common/common:perf_annotation_lib", "//source/common/config:well_known_names", "//source/common/protobuf", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "stats_matcher_lib", srcs = ["stats_matcher_impl.cc"], hdrs = ["stats_matcher_impl.h"], deps = [ "//include/envoy/stats:stats_interface", "//source/common/common:matchers_lib", "//source/common/protobuf", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "thread_local_store_lib", srcs = ["thread_local_store.cc"], hdrs = ["thread_local_store.h"], deps = [ ":allocator_lib", ":histogram_lib", ":null_counter_lib", ":null_gauge_lib", ":null_text_readout_lib", ":scope_prefixer_lib", ":stats_lib", ":stats_matcher_lib", ":tag_producer_lib", ":tag_utility_lib", "//include/envoy/thread_local:thread_local_interface", ], ) envoy_cc_library( name = "timespan_lib", srcs = ["timespan_impl.cc"], hdrs = ["timespan_impl.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:timespan_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [":symbol_table_lib"], ) ================================================ FILE: source/common/stats/allocator_impl.cc ================================================ #include "common/stats/allocator_impl.h" #include #include "envoy/stats/stats.h" #include "envoy/stats/symbol_table.h" #include "common/common/hash.h" #include "common/common/lock_guard.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/common/thread_annotations.h" #include "common/common/utility.h" #include "common/stats/metric_impl.h" #include "common/stats/stat_merger.h" #include "common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Stats { const char AllocatorImpl::DecrementToZeroSyncPoint[] = "decrement-zero"; AllocatorImpl::~AllocatorImpl() { ASSERT(counters_.empty()); ASSERT(gauges_.empty()); } #ifndef ENVOY_CONFIG_COVERAGE void AllocatorImpl::debugPrint() { Thread::LockGuard lock(mutex_); for (Counter* counter : counters_) { ENVOY_LOG_MISC(info, "counter: {}", symbolTable().toString(counter->statName())); } for (Gauge* gauge : gauges_) { ENVOY_LOG_MISC(info, "gauge: {}", symbolTable().toString(gauge->statName())); } } #endif // Counter, Gauge and TextReadout inherit from RefcountInterface and // Metric. MetricImpl takes care of most of the Metric API, but we need to cover // symbolTable() here, which we don't store directly, but get it via the alloc, // which we need in order to clean up the counter and gauge maps in that class // when they are destroyed. // // We implement the RefcountInterface API, using 16 bits that would otherwise be // wasted in the alignment padding next to flags_. template class StatsSharedImpl : public MetricImpl { public: StatsSharedImpl(StatName name, AllocatorImpl& alloc, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) : MetricImpl(name, tag_extracted_name, stat_name_tags, alloc.symbolTable()), alloc_(alloc) {} ~StatsSharedImpl() override { // MetricImpl must be explicitly cleared() before destruction, otherwise it // will not be able to access the SymbolTable& to free the symbols. An RAII // alternative would be to store the SymbolTable reference in the // MetricImpl, costing 8 bytes per stat. this->clear(symbolTable()); } // Metric SymbolTable& symbolTable() final { return alloc_.symbolTable(); } bool used() const override { return flags_ & Metric::Flags::Used; } // RefcountInterface void incRefCount() override { ++ref_count_; } bool decRefCount() override { // We must, unfortunately, hold the allocator's lock when decrementing the // refcount. Otherwise another thread may simultaneously try to allocate the // same name'd stat after we decrement it, and we'll wind up with a // dtor/update race. To avoid this we must hold the lock until the stat is // removed from the map. // // It might be worth thinking about a race-free way to decrement ref-counts // without a lock, for the case where ref_count > 2, and we don't need to // destruct anything. But it seems preferable at to be conservative here, // as stats will only go out of scope when a scope is destructed (during // xDS) or during admin stats operations. Thread::LockGuard lock(alloc_.mutex_); ASSERT(ref_count_ >= 1); if (--ref_count_ == 0) { alloc_.sync().syncPoint(AllocatorImpl::DecrementToZeroSyncPoint); removeFromSetLockHeld(); return true; } return false; } uint32_t use_count() const override { return ref_count_; } /** * We must atomically remove the counter/gauges from the allocator's sets when * our ref-count decrement hits zero. The counters and gauges are held in * distinct sets so we virtualize this removal helper. */ virtual void removeFromSetLockHeld() ABSL_EXCLUSIVE_LOCKS_REQUIRED(alloc_.mutex_) PURE; protected: AllocatorImpl& alloc_; // ref_count_ can be incremented as an atomic, without taking a new lock, as // the critical 0->1 transition occurs in makeCounter and makeGauge, which // already hold the lock. Increment also occurs when copying shared pointers, // but these are always in transition to ref-count 2 or higher, and thus // cannot race with a decrement to zero. // // However, we must hold alloc_.mutex_ when decrementing ref_count_ so that // when it hits zero we can atomically remove it from alloc_.counters_ or // alloc_.gauges_. We leave it atomic to avoid taking the lock on increment. std::atomic ref_count_{0}; std::atomic flags_{0}; }; class CounterImpl : public StatsSharedImpl { public: CounterImpl(StatName name, AllocatorImpl& alloc, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) : StatsSharedImpl(name, alloc, tag_extracted_name, stat_name_tags) {} void removeFromSetLockHeld() ABSL_EXCLUSIVE_LOCKS_REQUIRED(alloc_.mutex_) override { const size_t count = alloc_.counters_.erase(statName()); ASSERT(count == 1); } // Stats::Counter void add(uint64_t amount) override { // Note that a reader may see a new value but an old pending_increment_ or // used(). From a system perspective this should be eventually consistent. value_ += amount; pending_increment_ += amount; flags_ |= Flags::Used; } void inc() override { add(1); } uint64_t latch() override { return pending_increment_.exchange(0); } void reset() override { value_ = 0; } uint64_t value() const override { return value_; } private: std::atomic value_{0}; std::atomic pending_increment_{0}; }; class GaugeImpl : public StatsSharedImpl { public: GaugeImpl(StatName name, AllocatorImpl& alloc, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, ImportMode import_mode) : StatsSharedImpl(name, alloc, tag_extracted_name, stat_name_tags) { switch (import_mode) { case ImportMode::Accumulate: flags_ |= Flags::LogicAccumulate; break; case ImportMode::NeverImport: flags_ |= Flags::NeverImport; break; case ImportMode::Uninitialized: // Note that we don't clear any flag bits for import_mode==Uninitialized, // as we may have an established import_mode when this stat was created in // an alternate scope. See // https://github.com/envoyproxy/envoy/issues/7227. break; } } void removeFromSetLockHeld() override ABSL_EXCLUSIVE_LOCKS_REQUIRED(alloc_.mutex_) { const size_t count = alloc_.gauges_.erase(statName()); ASSERT(count == 1); } // Stats::Gauge void add(uint64_t amount) override { child_value_ += amount; flags_ |= Flags::Used; } void dec() override { sub(1); } void inc() override { add(1); } void set(uint64_t value) override { child_value_ = value; flags_ |= Flags::Used; } void sub(uint64_t amount) override { ASSERT(child_value_ >= amount); ASSERT(used() || amount == 0); child_value_ -= amount; } uint64_t value() const override { return child_value_ + parent_value_; } ImportMode importMode() const override { if (flags_ & Flags::NeverImport) { return ImportMode::NeverImport; } else if (flags_ & Flags::LogicAccumulate) { return ImportMode::Accumulate; } return ImportMode::Uninitialized; } void mergeImportMode(ImportMode import_mode) override { ImportMode current = importMode(); if (current == import_mode) { return; } switch (import_mode) { case ImportMode::Uninitialized: // mergeImportNode(ImportMode::Uninitialized) is called when merging an // existing stat with importMode() == Accumulate or NeverImport. break; case ImportMode::Accumulate: ASSERT(current == ImportMode::Uninitialized); flags_ |= Flags::LogicAccumulate; break; case ImportMode::NeverImport: ASSERT(current == ImportMode::Uninitialized); // A previous revision of Envoy may have transferred a gauge that it // thought was Accumulate. But the new version thinks it's NeverImport, so // we clear the accumulated value. parent_value_ = 0; flags_ &= ~Flags::Used; flags_ |= Flags::NeverImport; break; } } void setParentValue(uint64_t value) override { parent_value_ = value; } private: std::atomic parent_value_{0}; std::atomic child_value_{0}; }; class TextReadoutImpl : public StatsSharedImpl { public: TextReadoutImpl(StatName name, AllocatorImpl& alloc, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) : StatsSharedImpl(name, alloc, tag_extracted_name, stat_name_tags) {} void removeFromSetLockHeld() ABSL_EXCLUSIVE_LOCKS_REQUIRED(alloc_.mutex_) override { const size_t count = alloc_.text_readouts_.erase(statName()); ASSERT(count == 1); } // Stats::TextReadout void set(absl::string_view value) override { std::string value_copy(value); absl::MutexLock lock(&mutex_); value_ = std::move(value_copy); } std::string value() const override { absl::MutexLock lock(&mutex_); return value_; } private: mutable absl::Mutex mutex_; std::string value_ ABSL_GUARDED_BY(mutex_); }; CounterSharedPtr AllocatorImpl::makeCounter(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) { Thread::LockGuard lock(mutex_); ASSERT(gauges_.find(name) == gauges_.end()); ASSERT(text_readouts_.find(name) == text_readouts_.end()); auto iter = counters_.find(name); if (iter != counters_.end()) { return CounterSharedPtr(*iter); } auto counter = CounterSharedPtr(makeCounterInternal(name, tag_extracted_name, stat_name_tags)); counters_.insert(counter.get()); return counter; } GaugeSharedPtr AllocatorImpl::makeGauge(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, Gauge::ImportMode import_mode) { Thread::LockGuard lock(mutex_); ASSERT(counters_.find(name) == counters_.end()); ASSERT(text_readouts_.find(name) == text_readouts_.end()); auto iter = gauges_.find(name); if (iter != gauges_.end()) { return GaugeSharedPtr(*iter); } auto gauge = GaugeSharedPtr(new GaugeImpl(name, *this, tag_extracted_name, stat_name_tags, import_mode)); gauges_.insert(gauge.get()); return gauge; } TextReadoutSharedPtr AllocatorImpl::makeTextReadout(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) { Thread::LockGuard lock(mutex_); ASSERT(counters_.find(name) == counters_.end()); ASSERT(gauges_.find(name) == gauges_.end()); auto iter = text_readouts_.find(name); if (iter != text_readouts_.end()) { return TextReadoutSharedPtr(*iter); } auto text_readout = TextReadoutSharedPtr(new TextReadoutImpl(name, *this, tag_extracted_name, stat_name_tags)); text_readouts_.insert(text_readout.get()); return text_readout; } bool AllocatorImpl::isMutexLockedForTest() { bool locked = mutex_.tryLock(); if (locked) { mutex_.unlock(); } return !locked; } Counter* AllocatorImpl::makeCounterInternal(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) { return new CounterImpl(name, *this, tag_extracted_name, stat_name_tags); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/allocator_impl.h ================================================ #pragma once #include #include "envoy/stats/allocator.h" #include "envoy/stats/stats.h" #include "envoy/stats/symbol_table.h" #include "common/common/thread_synchronizer.h" #include "common/stats/metric_impl.h" #include "absl/container/flat_hash_set.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { class AllocatorImpl : public Allocator { public: static const char DecrementToZeroSyncPoint[]; AllocatorImpl(SymbolTable& symbol_table) : symbol_table_(symbol_table) {} ~AllocatorImpl() override; // Allocator CounterSharedPtr makeCounter(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) override; GaugeSharedPtr makeGauge(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, Gauge::ImportMode import_mode) override; TextReadoutSharedPtr makeTextReadout(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) override; SymbolTable& symbolTable() override { return symbol_table_; } const SymbolTable& constSymbolTable() const override { return symbol_table_; } #ifndef ENVOY_CONFIG_COVERAGE void debugPrint(); #endif /** * @return a thread synchronizer object used for reproducing a race-condition in tests. */ Thread::ThreadSynchronizer& sync() { return sync_; } /** * @return whether the allocator's mutex is locked, exposed for testing purposes. */ bool isMutexLockedForTest(); protected: virtual Counter* makeCounterInternal(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags); private: template friend class StatsSharedImpl; friend class CounterImpl; friend class GaugeImpl; friend class TextReadoutImpl; friend class NotifyingAllocatorImpl; void removeCounterFromSetLockHeld(Counter* counter) ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); void removeGaugeFromSetLockHeld(Gauge* gauge) ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); void removeTextReadoutFromSetLockHeld(Counter* counter) ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); StatSet counters_ ABSL_GUARDED_BY(mutex_); StatSet gauges_ ABSL_GUARDED_BY(mutex_); StatSet text_readouts_ ABSL_GUARDED_BY(mutex_); SymbolTable& symbol_table_; // A mutex is needed here to protect both the stats_ object from both // alloc() and free() operations. Although alloc() operations are called under existing locking, // free() operations are made from the destructors of the individual stat objects, which are not // protected by locks. Thread::MutexBasicLockable mutex_; Thread::ThreadSynchronizer sync_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/histogram_impl.cc ================================================ #include "common/stats/histogram_impl.h" #include #include #include "common/common/utility.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Stats { namespace { const ConstSupportedBuckets default_buckets{}; } HistogramStatisticsImpl::HistogramStatisticsImpl() : supported_buckets_(default_buckets), computed_quantiles_(supportedQuantiles().size(), 0.0) {} HistogramStatisticsImpl::HistogramStatisticsImpl(const histogram_t* histogram_ptr, ConstSupportedBuckets& supported_buckets) : supported_buckets_(supported_buckets), computed_quantiles_(HistogramStatisticsImpl::supportedQuantiles().size(), 0.0) { hist_approx_quantile(histogram_ptr, supportedQuantiles().data(), HistogramStatisticsImpl::supportedQuantiles().size(), computed_quantiles_.data()); sample_count_ = hist_sample_count(histogram_ptr); sample_sum_ = hist_approx_sum(histogram_ptr); computed_buckets_.reserve(supported_buckets_.size()); for (const auto bucket : supported_buckets_) { computed_buckets_.emplace_back(hist_approx_count_below(histogram_ptr, bucket)); } } const std::vector& HistogramStatisticsImpl::supportedQuantiles() const { CONSTRUCT_ON_FIRST_USE(std::vector, {0, 0.25, 0.5, 0.75, 0.90, 0.95, 0.99, 0.995, 0.999, 1}); } std::string HistogramStatisticsImpl::quantileSummary() const { std::vector summary; const std::vector& supported_quantiles = supportedQuantiles(); summary.reserve(supported_quantiles.size()); for (size_t i = 0; i < supported_quantiles.size(); ++i) { summary.push_back( fmt::format("P{:g}: {:g}", 100 * supported_quantiles[i], computed_quantiles_[i])); } return absl::StrJoin(summary, ", "); } std::string HistogramStatisticsImpl::bucketSummary() const { std::vector bucket_summary; ConstSupportedBuckets& supported_buckets = supportedBuckets(); bucket_summary.reserve(supported_buckets.size()); for (size_t i = 0; i < supported_buckets.size(); ++i) { bucket_summary.push_back(fmt::format("B{:g}: {}", supported_buckets[i], computed_buckets_[i])); } return absl::StrJoin(bucket_summary, ", "); } /** * Clears the old computed values and refreshes it with values computed from passed histogram. */ void HistogramStatisticsImpl::refresh(const histogram_t* new_histogram_ptr) { std::fill(computed_quantiles_.begin(), computed_quantiles_.end(), 0.0); ASSERT(supportedQuantiles().size() == computed_quantiles_.size()); hist_approx_quantile(new_histogram_ptr, supportedQuantiles().data(), supportedQuantiles().size(), computed_quantiles_.data()); sample_count_ = hist_sample_count(new_histogram_ptr); sample_sum_ = hist_approx_sum(new_histogram_ptr); ASSERT(supportedBuckets().size() == computed_buckets_.size()); computed_buckets_.clear(); ConstSupportedBuckets& supported_buckets = supportedBuckets(); computed_buckets_.reserve(supported_buckets.size()); for (const auto bucket : supported_buckets) { computed_buckets_.emplace_back(hist_approx_count_below(new_histogram_ptr, bucket)); } } HistogramSettingsImpl::HistogramSettingsImpl(const envoy::config::metrics::v3::StatsConfig& config) : configs_([&config]() { std::vector configs; for (const auto& matcher : config.histogram_bucket_settings()) { std::vector buckets{matcher.buckets().begin(), matcher.buckets().end()}; std::sort(buckets.begin(), buckets.end()); configs.emplace_back(matcher.match(), std::move(buckets)); } return configs; }()) {} const ConstSupportedBuckets& HistogramSettingsImpl::buckets(absl::string_view stat_name) const { for (const auto& config : configs_) { if (config.first.match(stat_name)) { return config.second; } } return defaultBuckets(); } const ConstSupportedBuckets& HistogramSettingsImpl::defaultBuckets() { CONSTRUCT_ON_FIRST_USE(ConstSupportedBuckets, {0.5, 1, 5, 10, 25, 50, 100, 250, 500, 1000, 2500, 5000, 10000, 30000, 60000, 300000, 600000, 1800000, 3600000}); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/histogram_impl.h ================================================ #pragma once #include #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" #include "envoy/stats/store.h" #include "common/common/matchers.h" #include "common/common/non_copyable.h" #include "common/stats/metric_impl.h" #include "circllhist.h" namespace Envoy { namespace Stats { class HistogramSettingsImpl : public HistogramSettings { public: HistogramSettingsImpl() = default; HistogramSettingsImpl(const envoy::config::metrics::v3::StatsConfig& config); // HistogramSettings const ConstSupportedBuckets& buckets(absl::string_view stat_name) const override; static ConstSupportedBuckets& defaultBuckets(); private: using Config = std::pair; const std::vector configs_{}; }; /** * Implementation of HistogramStatistics for circllhist. */ class HistogramStatisticsImpl : public HistogramStatistics, NonCopyable { public: HistogramStatisticsImpl(); /** * HistogramStatisticsImpl object is constructed using the passed in histogram. * @param histogram_ptr pointer to the histogram for which stats will be calculated. This pointer * will not be retained. */ HistogramStatisticsImpl( const histogram_t* histogram_ptr, ConstSupportedBuckets& supported_buckets = HistogramSettingsImpl::defaultBuckets()); static ConstSupportedBuckets& defaultSupportedBuckets(); void refresh(const histogram_t* new_histogram_ptr); // HistogramStatistics std::string quantileSummary() const override; std::string bucketSummary() const override; const std::vector& supportedQuantiles() const final; const std::vector& computedQuantiles() const override { return computed_quantiles_; } ConstSupportedBuckets& supportedBuckets() const override { return supported_buckets_; } const std::vector& computedBuckets() const override { return computed_buckets_; } uint64_t sampleCount() const override { return sample_count_; } double sampleSum() const override { return sample_sum_; } private: ConstSupportedBuckets& supported_buckets_; std::vector computed_quantiles_; std::vector computed_buckets_; uint64_t sample_count_; double sample_sum_; }; class HistogramImplHelper : public MetricImpl { public: HistogramImplHelper(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table) : MetricImpl(name, tag_extracted_name, stat_name_tags, symbol_table) {} HistogramImplHelper(SymbolTable& symbol_table) : MetricImpl(symbol_table) {} // RefcountInterface void incRefCount() override { refcount_helper_.incRefCount(); } bool decRefCount() override { return refcount_helper_.decRefCount(); } uint32_t use_count() const override { return refcount_helper_.use_count(); } private: RefcountHelper refcount_helper_; }; /** * Histogram implementation for the heap. */ class HistogramImpl : public HistogramImplHelper { public: HistogramImpl(StatName name, Unit unit, Store& parent, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags) : HistogramImplHelper(name, tag_extracted_name, stat_name_tags, parent.symbolTable()), unit_(unit), parent_(parent) {} ~HistogramImpl() override { // We must explicitly free the StatName here in order to supply the // SymbolTable reference. An RAII alternative would be to store a // reference to the SymbolTable in MetricImpl, which would cost 8 bytes // per stat. MetricImpl::clear(symbolTable()); } // Stats::Histogram Unit unit() const override { return unit_; }; void recordValue(uint64_t value) override { parent_.deliverHistogramToSinks(*this, value); } bool used() const override { return true; } SymbolTable& symbolTable() final { return parent_.symbolTable(); } private: Unit unit_; // This is used for delivering the histogram data to sinks. Store& parent_; }; /** * Null histogram implementation. * No-ops on all calls and requires no underlying metric or data. */ class NullHistogramImpl : public HistogramImplHelper { public: explicit NullHistogramImpl(SymbolTable& symbol_table) : HistogramImplHelper(symbol_table), symbol_table_(symbol_table) {} ~NullHistogramImpl() override { MetricImpl::clear(symbol_table_); } bool used() const override { return false; } SymbolTable& symbolTable() override { return symbol_table_; } Unit unit() const override { return Unit::Null; }; void recordValue(uint64_t) override {} private: SymbolTable& symbol_table_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/isolated_store_impl.cc ================================================ #include "common/stats/isolated_store_impl.h" #include #include #include #include "common/common/utility.h" #include "common/stats/histogram_impl.h" #include "common/stats/scope_prefixer.h" #include "common/stats/utility.h" namespace Envoy { namespace Stats { IsolatedStoreImpl::IsolatedStoreImpl() : IsolatedStoreImpl(std::make_unique()) {} IsolatedStoreImpl::IsolatedStoreImpl(std::unique_ptr&& symbol_table) : IsolatedStoreImpl(*symbol_table) { symbol_table_storage_ = std::move(symbol_table); } IsolatedStoreImpl::IsolatedStoreImpl(SymbolTable& symbol_table) : StoreImpl(symbol_table), alloc_(symbol_table), counters_([this](StatName name) -> CounterSharedPtr { return alloc_.makeCounter(name, name, StatNameTagVector{}); }), gauges_([this](StatName name, Gauge::ImportMode import_mode) -> GaugeSharedPtr { return alloc_.makeGauge(name, name, StatNameTagVector{}, import_mode); }), histograms_([this](StatName name, Histogram::Unit unit) -> HistogramSharedPtr { return HistogramSharedPtr(new HistogramImpl(name, unit, *this, name, StatNameTagVector{})); }), text_readouts_([this](StatName name, TextReadout::Type) -> TextReadoutSharedPtr { return alloc_.makeTextReadout(name, name, StatNameTagVector{}); }), null_counter_(new NullCounterImpl(symbol_table)), null_gauge_(new NullGaugeImpl(symbol_table)) {} ScopePtr IsolatedStoreImpl::createScope(const std::string& name) { return std::make_unique(name, *this); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/isolated_store_impl.h ================================================ #pragma once #include #include #include #include "envoy/stats/stats.h" #include "envoy/stats/store.h" #include "common/common/utility.h" #include "common/stats/allocator_impl.h" #include "common/stats/null_counter.h" #include "common/stats/null_gauge.h" #include "common/stats/store_impl.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/tag_utility.h" #include "common/stats/utility.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Stats { /** * A stats cache template that is used by the isolated store. */ template class IsolatedStatsCache { public: using CounterAllocator = std::function(StatName name)>; using GaugeAllocator = std::function(StatName, Gauge::ImportMode)>; using HistogramAllocator = std::function(StatName, Histogram::Unit)>; using TextReadoutAllocator = std::function(StatName name, TextReadout::Type)>; using BaseOptConstRef = absl::optional>; IsolatedStatsCache(CounterAllocator alloc) : counter_alloc_(alloc) {} IsolatedStatsCache(GaugeAllocator alloc) : gauge_alloc_(alloc) {} IsolatedStatsCache(HistogramAllocator alloc) : histogram_alloc_(alloc) {} IsolatedStatsCache(TextReadoutAllocator alloc) : text_readout_alloc_(alloc) {} Base& get(StatName name) { auto stat = stats_.find(name); if (stat != stats_.end()) { return *stat->second; } RefcountPtr new_stat = counter_alloc_(name); stats_.emplace(new_stat->statName(), new_stat); return *new_stat; } Base& get(StatName name, Gauge::ImportMode import_mode) { auto stat = stats_.find(name); if (stat != stats_.end()) { return *stat->second; } RefcountPtr new_stat = gauge_alloc_(name, import_mode); stats_.emplace(new_stat->statName(), new_stat); return *new_stat; } Base& get(StatName name, Histogram::Unit unit) { auto stat = stats_.find(name); if (stat != stats_.end()) { return *stat->second; } RefcountPtr new_stat = histogram_alloc_(name, unit); stats_.emplace(new_stat->statName(), new_stat); return *new_stat; } Base& get(StatName name, TextReadout::Type type) { auto stat = stats_.find(name); if (stat != stats_.end()) { return *stat->second; } RefcountPtr new_stat = text_readout_alloc_(name, type); stats_.emplace(new_stat->statName(), new_stat); return *new_stat; } std::vector> toVector() const { std::vector> vec; vec.reserve(stats_.size()); for (auto& stat : stats_) { vec.push_back(stat.second); } return vec; } bool iterate(const IterateFn& fn) const { for (auto& stat : stats_) { if (!fn(stat.second)) { return false; } } return true; } private: friend class IsolatedStoreImpl; BaseOptConstRef find(StatName name) const { auto stat = stats_.find(name); if (stat == stats_.end()) { return absl::nullopt; } return std::cref(*stat->second); } StatNameHashMap> stats_; CounterAllocator counter_alloc_; GaugeAllocator gauge_alloc_; HistogramAllocator histogram_alloc_; TextReadoutAllocator text_readout_alloc_; }; class IsolatedStoreImpl : public StoreImpl { public: IsolatedStoreImpl(); explicit IsolatedStoreImpl(SymbolTable& symbol_table); // Stats::Scope Counter& counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override { TagUtility::TagStatNameJoiner joiner(name, tags, symbolTable()); Counter& counter = counters_.get(joiner.nameWithTags()); return counter; } ScopePtr createScope(const std::string& name) override; void deliverHistogramToSinks(const Histogram&, uint64_t) override {} Gauge& gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) override { TagUtility::TagStatNameJoiner joiner(name, tags, symbolTable()); Gauge& gauge = gauges_.get(joiner.nameWithTags(), import_mode); gauge.mergeImportMode(import_mode); return gauge; } NullCounterImpl& nullCounter() { return *null_counter_; } NullGaugeImpl& nullGauge(const std::string&) override { return *null_gauge_; } Histogram& histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) override { TagUtility::TagStatNameJoiner joiner(name, tags, symbolTable()); Histogram& histogram = histograms_.get(joiner.nameWithTags(), unit); return histogram; } TextReadout& textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override { TagUtility::TagStatNameJoiner joiner(name, tags, symbolTable()); TextReadout& text_readout = text_readouts_.get(joiner.nameWithTags(), TextReadout::Type::Default); return text_readout; } CounterOptConstRef findCounter(StatName name) const override { return counters_.find(name); } GaugeOptConstRef findGauge(StatName name) const override { return gauges_.find(name); } HistogramOptConstRef findHistogram(StatName name) const override { return histograms_.find(name); } TextReadoutOptConstRef findTextReadout(StatName name) const override { return text_readouts_.find(name); } bool iterate(const IterateFn& fn) const override { return counters_.iterate(fn); } bool iterate(const IterateFn& fn) const override { return gauges_.iterate(fn); } bool iterate(const IterateFn& fn) const override { return histograms_.iterate(fn); } bool iterate(const IterateFn& fn) const override { return text_readouts_.iterate(fn); } // Stats::Store std::vector counters() const override { return counters_.toVector(); } std::vector gauges() const override { // TODO(jmarantz): should we filter out gauges where // gauge.importMode() != Gauge::ImportMode::Uninitialized ? // I don't think this matters because that should only occur for gauges // received in a hot-restart transfer, and isolated-store gauges should // never be transmitted that way. return gauges_.toVector(); } std::vector histograms() const override { return std::vector{}; } std::vector textReadouts() const override { return text_readouts_.toVector(); } Counter& counterFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return counterFromStatName(storage.statName()); } Gauge& gaugeFromString(const std::string& name, Gauge::ImportMode import_mode) override { StatNameManagedStorage storage(name, symbolTable()); return gaugeFromStatName(storage.statName(), import_mode); } Histogram& histogramFromString(const std::string& name, Histogram::Unit unit) override { StatNameManagedStorage storage(name, symbolTable()); return histogramFromStatName(storage.statName(), unit); } TextReadout& textReadoutFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return textReadoutFromStatName(storage.statName()); } private: IsolatedStoreImpl(std::unique_ptr&& symbol_table); SymbolTablePtr symbol_table_storage_; AllocatorImpl alloc_; IsolatedStatsCache counters_; IsolatedStatsCache gauges_; IsolatedStatsCache histograms_; IsolatedStatsCache text_readouts_; RefcountPtr null_counter_; RefcountPtr null_gauge_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/metric_impl.cc ================================================ #include "common/stats/metric_impl.h" #include "envoy/stats/tag.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { MetricHelper::~MetricHelper() { // The storage must be cleaned by a subclass of MetricHelper in its // destructor, because the symbol-table is owned by the subclass. // Simply call MetricHelper::clear() in the subclass dtor. ASSERT(!stat_names_.populated()); } MetricHelper::MetricHelper(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table) { // Encode all the names and tags into transient storage so we can count the // required bytes. 2 is added to account for the name and tag_extracted_name, // and we multiply the number of tags by 2 to account for the name and value // of each tag. const uint32_t num_names = 2 + 2 * stat_name_tags.size(); absl::FixedArray names(num_names); names[0] = name; names[1] = tag_extracted_name; int index = 1; for (auto& stat_name_tag : stat_name_tags) { names[++index] = stat_name_tag.first; names[++index] = stat_name_tag.second; } symbol_table.populateList(names.begin(), num_names, stat_names_); } StatName MetricHelper::statName() const { StatName stat_name; stat_names_.iterate([&stat_name](StatName s) -> bool { stat_name = s; return false; // Returning 'false' stops the iteration. }); return stat_name; } StatName MetricHelper::tagExtractedStatName() const { // The name is the first element in stat_names_. The second is the // tag-extracted-name. We don't have random access in that format, // so we iterate through them, skipping the first element (name), // and terminating the iteration after capturing the tag-extracted // name by returning false from the lambda. StatName tag_extracted_stat_name; bool skip = true; stat_names_.iterate([&tag_extracted_stat_name, &skip](StatName s) -> bool { if (skip) { skip = false; return true; } tag_extracted_stat_name = s; return false; // Returning 'false' stops the iteration. }); return tag_extracted_stat_name; } void MetricHelper::iterateTagStatNames(const Metric::TagStatNameIterFn& fn) const { enum { Name, TagExtractedName, TagName, TagValue } state = Name; StatName tag_name; // StatNameList maintains a linear ordered collection of StatNames, and we // are mapping that into a tag-extracted name (the first element), followed // by alternating TagName and TagValue. So we use a little state machine // as we iterate through the stat_names_. stat_names_.iterate([&state, &tag_name, &fn](StatName stat_name) -> bool { switch (state) { case Name: state = TagExtractedName; break; case TagExtractedName: state = TagName; break; case TagName: tag_name = stat_name; state = TagValue; break; case TagValue: state = TagName; if (!fn(tag_name, stat_name)) { return false; // early exit. } break; } return true; }); ASSERT(state != TagValue); } TagVector MetricHelper::tags(const SymbolTable& symbol_table) const { TagVector tags; iterateTagStatNames([&tags, &symbol_table](StatName name, StatName value) -> bool { tags.emplace_back(Tag{symbol_table.toString(name), symbol_table.toString(value)}); return true; }); return tags; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/metric_impl.h ================================================ #pragma once #include #include #include "envoy/stats/allocator.h" #include "envoy/stats/stats.h" #include "envoy/stats/tag.h" #include "common/common/assert.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { /** * Helper class for implementing Metrics. This does not participate in any * inheritance chains, but can be instantiated by classes that do. It just * implements the mechanics of representing the name, tag-extracted-name, * and all tags as a StatNameList. */ class MetricHelper { public: MetricHelper(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table); ~MetricHelper(); StatName statName() const; std::string name(const SymbolTable& symbol_table) const; TagVector tags(const SymbolTable& symbol_table) const; StatName tagExtractedStatName() const; void iterateTagStatNames(const Metric::TagStatNameIterFn& fn) const; void clear(SymbolTable& symbol_table) { stat_names_.clear(symbol_table); } // Hasher for metrics. struct Hash { using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(const Metric* a) const { return a->statName().hash(); } size_t operator()(StatName a) const { return a.hash(); } }; // Comparator for metrics. struct Compare { using is_transparent = void; // NOLINT(readability-identifier-naming) bool operator()(const Metric* a, const Metric* b) const { return a->statName() == b->statName(); } bool operator()(const Metric* a, StatName b) const { return a->statName() == b; } }; private: StatNameList stat_names_; }; // An unordered set of stat pointers. which keys off Metric::statName(). // This necessitates a custom comparator and hasher, using the StatNamePtr's // own StatNamePtrHash and StatNamePtrCompare operators. // // This is used by AllocatorImpl for counters, gauges, and text-readouts, and // is also used by thread_local_store.h for histograms. template using StatSet = absl::flat_hash_set; /** * Partial implementation of the Metric interface on behalf of Counters, Gauges, * and Histograms. It leaves symbolTable() unimplemented so that implementations * of stats managed by an allocator, specifically Counters and Gauges, can keep * a reference to the allocator instead, and derive the symbolTable() from that. * * We templatize on the base class (Counter, Gauge, or Histogram), rather than * using multiple virtual inheritance, as this avoids the overhead of an extra * vptr per instance. This is important for stats because there can be many * stats in systems with large numbers of clusters and hosts, and a few 8-byte * pointers per-stat here and there can add up to significant amounts of memory. * * Note the delegation of the implementation to a helper class, which is neither * templatized nor virtual. This avoids having the compiler elaborate complete * copies of the underlying implementation for each base class during template * expansion. */ template class MetricImpl : public BaseClass { public: MetricImpl(StatName name, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table) : helper_(name, tag_extracted_name, stat_name_tags, symbol_table) {} // Empty construction of a MetricImpl; used for null stats. explicit MetricImpl(SymbolTable& symbol_table) : MetricImpl(StatName(), StatName(), StatNameTagVector(), symbol_table) {} TagVector tags() const override { return helper_.tags(constSymbolTable()); } StatName statName() const override { return helper_.statName(); } StatName tagExtractedStatName() const override { return helper_.tagExtractedStatName(); } void iterateTagStatNames(const Metric::TagStatNameIterFn& fn) const override { helper_.iterateTagStatNames(fn); } const SymbolTable& constSymbolTable() const override { // Cast our 'this', which is of type `const MetricImpl*` to a non-const // pointer, so we can use it to call the subclass implementation of // symbolTable(). That will be returned as a non-const SymbolTable&, // which will become const on return. // // This pattern is used to share a single non-trivial implementation to // provide const and non-const variants of a method. return const_cast(this)->symbolTable(); } std::string name() const override { return constSymbolTable().toString(this->statName()); } std::string tagExtractedName() const override { return constSymbolTable().toString(this->tagExtractedStatName()); } protected: void clear(SymbolTable& symbol_table) { helper_.clear(symbol_table); } private: MetricHelper helper_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/null_counter.h ================================================ #pragma once #include "envoy/stats/stats.h" #include "common/stats/metric_impl.h" namespace Envoy { namespace Stats { /** * Null counter implementation. * No-ops on all calls and requires no underlying metric or data. */ class NullCounterImpl : public MetricImpl { public: explicit NullCounterImpl(SymbolTable& symbol_table) : MetricImpl(symbol_table), symbol_table_(symbol_table) {} ~NullCounterImpl() override { // MetricImpl must be explicitly cleared() before destruction, otherwise it // will not be able to access the SymbolTable& to free the symbols. An RAII // alternative would be to store the SymbolTable reference in the // MetricImpl, costing 8 bytes per stat. MetricImpl::clear(symbol_table_); } void add(uint64_t) override {} void inc() override {} uint64_t latch() override { return 0; } void reset() override {} uint64_t value() const override { return 0; } // Metric bool used() const override { return false; } SymbolTable& symbolTable() override { return symbol_table_; } // RefcountInterface void incRefCount() override { refcount_helper_.incRefCount(); } bool decRefCount() override { return refcount_helper_.decRefCount(); } uint32_t use_count() const override { return refcount_helper_.use_count(); } private: RefcountHelper refcount_helper_; SymbolTable& symbol_table_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/null_gauge.h ================================================ #pragma once #include "envoy/stats/stats.h" #include "common/stats/metric_impl.h" namespace Envoy { namespace Stats { /** * Null gauge implementation. * No-ops on all calls and requires no underlying metric or data. */ class NullGaugeImpl : public MetricImpl { public: explicit NullGaugeImpl(SymbolTable& symbol_table) : MetricImpl(symbol_table), symbol_table_(symbol_table) {} ~NullGaugeImpl() override { // MetricImpl must be explicitly cleared() before destruction, otherwise it // will not be able to access the SymbolTable& to free the symbols. An RAII // alternative would be to store the SymbolTable reference in the // MetricImpl, costing 8 bytes per stat. MetricImpl::clear(symbol_table_); } void add(uint64_t) override {} void inc() override {} void dec() override {} void set(uint64_t) override {} void setParentValue(uint64_t) override {} void sub(uint64_t) override {} uint64_t value() const override { return 0; } ImportMode importMode() const override { return ImportMode::NeverImport; } void mergeImportMode(ImportMode /* import_mode */) override {} // Metric bool used() const override { return false; } SymbolTable& symbolTable() override { return symbol_table_; } // RefcountInterface void incRefCount() override { refcount_helper_.incRefCount(); } bool decRefCount() override { return refcount_helper_.decRefCount(); } uint32_t use_count() const override { return refcount_helper_.use_count(); } private: RefcountHelper refcount_helper_; SymbolTable& symbol_table_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/null_text_readout.h ================================================ #pragma once #include "envoy/stats/stats.h" #include "common/stats/metric_impl.h" namespace Envoy { namespace Stats { /** * Null text readout implementation. * No-ops on all calls and requires no underlying metric or data. */ class NullTextReadoutImpl : public MetricImpl { public: explicit NullTextReadoutImpl(SymbolTable& symbol_table) : MetricImpl(symbol_table), symbol_table_(symbol_table) {} ~NullTextReadoutImpl() override { // MetricImpl must be explicitly cleared() before destruction, otherwise it // will not be able to access the SymbolTable& to free the symbols. An RAII // alternative would be to store the SymbolTable reference in the // MetricImpl, costing 8 bytes per stat. MetricImpl::clear(symbol_table_); } void set(absl::string_view) override {} std::string value() const override { return std::string(); } // Metric bool used() const override { return false; } SymbolTable& symbolTable() override { return symbol_table_; } // RefcountInterface void incRefCount() override { refcount_helper_.incRefCount(); } bool decRefCount() override { return refcount_helper_.decRefCount(); } uint32_t use_count() const override { return refcount_helper_.use_count(); } private: RefcountHelper refcount_helper_; SymbolTable& symbol_table_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/recent_lookups.cc ================================================ #include "common/stats/recent_lookups.h" #include "common/common/assert.h" namespace Envoy { namespace Stats { void RecentLookups::lookup(absl::string_view str) { ++total_; if (capacity_ == 0) { return; } auto map_iter = map_.find(str); if (map_iter != map_.end()) { // The item is already in the list. Bump its reference-count and move it to // the front of the list. auto list_iter = map_iter->second; ++list_iter->count_; if (list_iter != list_.begin()) { list_.splice(list_.begin(), list_, list_iter); } } else { ASSERT(list_.size() <= capacity_); // Evict oldest item if needed. if (list_.size() >= capacity_) { evictOne(); } // The string storage is in the list entry. list_.push_front(ItemCount{std::string(str), 1}); auto list_iter = list_.begin(); map_[list_iter->item_] = list_iter; } ASSERT(list_.size() == map_.size()); } void RecentLookups::forEach(const IterFn& fn) const { for (const ItemCount& item_count : list_) { fn(item_count.item_, item_count.count_); } } void RecentLookups::setCapacity(uint64_t capacity) { capacity_ = capacity; while (capacity_ < list_.size()) { evictOne(); } } void RecentLookups::evictOne() { ASSERT(!list_.empty()); ASSERT(!map_.empty()); const ItemCount& item_count = list_.back(); int erased = map_.erase(item_count.item_); ASSERT(erased == 1); list_.pop_back(); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/recent_lookups.h ================================================ #pragma once #include #include #include #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { // Remembers the last 'Capacity' items passed to lookup(). class RecentLookups { public: /** * Records a lookup of a string. Only the last 'Capacity' lookups are remembered. * * @param str the item being looked up. */ void lookup(absl::string_view str); using IterFn = std::function; /** * Calls fn(item, count) for each of the remembered lookups. * * @param fn The function to call for every recently looked up item. */ void forEach(const IterFn& fn) const; /** * @return the total number of lookups since tracking began. */ uint64_t total() const { return total_; } /** * Clears out all contents. */ void clear() { total_ = 0; map_.clear(); list_.clear(); } /** * Controls the maximum number of recent lookups to remember. If set to 0, * then only lookup counts is tracked. * @param capacity The number of lookups to remember. */ void setCapacity(uint64_t capacity); /** * @return The configured capacity. */ uint64_t capacity() const { return capacity_; } private: void evictOne(); struct ItemCount { std::string item_; uint64_t count_; }; using List = std::list; List list_; // TODO(jmarantz): we could make this more compact by making this a set of // list-iterators with heterogeneous hash/compare functors. using Map = absl::flat_hash_map; Map map_; uint64_t total_{0}; uint64_t capacity_{0}; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/scope_prefixer.cc ================================================ #include "common/stats/scope_prefixer.h" #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" namespace Envoy { namespace Stats { ScopePrefixer::ScopePrefixer(absl::string_view prefix, Scope& scope) : scope_(scope), prefix_(Utility::sanitizeStatsName(prefix), symbolTable()) {} ScopePrefixer::ScopePrefixer(StatName prefix, Scope& scope) : scope_(scope), prefix_(prefix, symbolTable()) {} ScopePrefixer::~ScopePrefixer() { prefix_.free(symbolTable()); } ScopePtr ScopePrefixer::createScopeFromStatName(StatName name) { SymbolTable::StoragePtr joined = symbolTable().join({prefix_.statName(), name}); return std::make_unique(StatName(joined.get()), scope_); } ScopePtr ScopePrefixer::createScope(const std::string& name) { StatNameManagedStorage stat_name_storage(Utility::sanitizeStatsName(name), symbolTable()); return createScopeFromStatName(stat_name_storage.statName()); } Counter& ScopePrefixer::counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) { Stats::SymbolTable::StoragePtr stat_name_storage = scope_.symbolTable().join({prefix_.statName(), name}); return scope_.counterFromStatNameWithTags(StatName(stat_name_storage.get()), tags); } Gauge& ScopePrefixer::gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) { Stats::SymbolTable::StoragePtr stat_name_storage = scope_.symbolTable().join({prefix_.statName(), name}); return scope_.gaugeFromStatNameWithTags(StatName(stat_name_storage.get()), tags, import_mode); } Histogram& ScopePrefixer::histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) { Stats::SymbolTable::StoragePtr stat_name_storage = scope_.symbolTable().join({prefix_.statName(), name}); return scope_.histogramFromStatNameWithTags(StatName(stat_name_storage.get()), tags, unit); } TextReadout& ScopePrefixer::textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) { Stats::SymbolTable::StoragePtr stat_name_storage = scope_.symbolTable().join({prefix_.statName(), name}); return scope_.textReadoutFromStatNameWithTags(StatName(stat_name_storage.get()), tags); } CounterOptConstRef ScopePrefixer::findCounter(StatName name) const { return scope_.findCounter(name); } GaugeOptConstRef ScopePrefixer::findGauge(StatName name) const { return scope_.findGauge(name); } HistogramOptConstRef ScopePrefixer::findHistogram(StatName name) const { return scope_.findHistogram(name); } TextReadoutOptConstRef ScopePrefixer::findTextReadout(StatName name) const { return scope_.findTextReadout(name); } void ScopePrefixer::deliverHistogramToSinks(const Histogram& histograms, uint64_t val) { scope_.deliverHistogramToSinks(histograms, val); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/scope_prefixer.h ================================================ #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { // Implements a Scope that delegates to a passed-in scope, prefixing all names // prior to creation. class ScopePrefixer : public Scope { public: ScopePrefixer(absl::string_view prefix, Scope& scope); ScopePrefixer(StatName prefix, Scope& scope); ~ScopePrefixer() override; ScopePtr createScopeFromStatName(StatName name); // Scope ScopePtr createScope(const std::string& name) override; Counter& counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override; Gauge& gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) override; Histogram& histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) override; TextReadout& textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override; void deliverHistogramToSinks(const Histogram& histograms, uint64_t val) override; Counter& counterFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return Scope::counterFromStatName(storage.statName()); } Gauge& gaugeFromString(const std::string& name, Gauge::ImportMode import_mode) override { StatNameManagedStorage storage(name, symbolTable()); return Scope::gaugeFromStatName(storage.statName(), import_mode); } Histogram& histogramFromString(const std::string& name, Histogram::Unit unit) override { StatNameManagedStorage storage(name, symbolTable()); return Scope::histogramFromStatName(storage.statName(), unit); } TextReadout& textReadoutFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return Scope::textReadoutFromStatName(storage.statName()); } CounterOptConstRef findCounter(StatName name) const override; GaugeOptConstRef findGauge(StatName name) const override; HistogramOptConstRef findHistogram(StatName name) const override; TextReadoutOptConstRef findTextReadout(StatName name) const override; const SymbolTable& constSymbolTable() const final { return scope_.constSymbolTable(); } SymbolTable& symbolTable() final { return scope_.symbolTable(); } NullGaugeImpl& nullGauge(const std::string& str) override { return scope_.nullGauge(str); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } private: template bool iterHelper(const IterateFn& fn) const { // We determine here what's in the scope by looking at name // prefixes. Strictly speaking this is not correct, as a stat name can be in // different scopes. But there is no data in `ScopePrefixer` to resurrect // actual membership of a stat in a scope, so we go by name matching. Note // that `ScopePrefixer` is not used in `ThreadLocalStore`, which has // accurate maps describing which stats are in which scopes. // // TODO(jmarantz): In the scope of this limited implementation, it would be // faster to match on the StatName prefix. This would be possible if // SymbolTable exposed a split() method. std::string prefix_str = scope_.symbolTable().toString(prefix_.statName()); if (!prefix_str.empty() && !absl::EndsWith(prefix_str, ".")) { prefix_str += "."; } IterateFn filter_scope = [&fn, &prefix_str](const RefcountPtr& stat) -> bool { return !absl::StartsWith(stat->name(), prefix_str) || fn(stat); }; return scope_.iterate(filter_scope); } Scope& scope_; StatNameStorage prefix_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/stat_merger.cc ================================================ #include "common/stats/stat_merger.h" #include namespace Envoy { namespace Stats { StatMerger::StatMerger(Store& target_store) : temp_scope_(target_store.createScope("")) {} StatMerger::~StatMerger() { // By the time a parent exits, all its contributions to accumulated gauges // should be zero. But depending on the timing of the stat-merger // communication shutdown and other shutdown activities on the parent, the // gauges may not all be zero yet. So simply erase all the parent // contributions. for (StatName stat_name : parent_gauges_) { Gauge& gauge = temp_scope_->gaugeFromStatName(stat_name, Gauge::ImportMode::Uninitialized); gauge.setParentValue(0); } } StatName StatMerger::DynamicContext::makeDynamicStatName(const std::string& name, const DynamicsMap& map) { auto iter = map.find(name); if (iter == map.end()) { return symbolic_pool_.add(name); } const DynamicSpans& dynamic_spans = iter->second; auto dynamic = dynamic_spans.begin(); auto dynamic_end = dynamic_spans.end(); // Name has embedded dynamic segments; we'll need to join together the // static/dynamic StatName segments. StatNameVec segments; uint32_t segment_index = 0; std::vector dynamic_segments; for (auto segment : absl::StrSplit(name, '.')) { if (dynamic != dynamic_end && dynamic->first == segment_index) { // Handle start of dynamic span. We note that we are in a dynamic // span by adding to dynamic_segments, which should of course be // non-empty. ASSERT(dynamic_segments.empty()); if (dynamic->second == segment_index) { // Handle start==end (a one-segment span). segments.push_back(dynamic_pool_.add(segment)); ++dynamic; } else { // Handle startsecond == segment_index) { // Handle that this dynamic segment is the last one, and we're flipping // back to symbolic mode. segments.push_back(dynamic_pool_.add(absl::StrJoin(dynamic_segments, "."))); dynamic_segments.clear(); ++dynamic; } } ++segment_index; } ASSERT(dynamic_segments.empty()); ASSERT(dynamic == dynamic_end); storage_ptr_ = symbol_table_.join(segments); return StatName(storage_ptr_.get()); } void StatMerger::mergeCounters(const Protobuf::Map& counter_deltas, const DynamicsMap& dynamic_map) { for (const auto& counter : counter_deltas) { const std::string& name = counter.first; StatMerger::DynamicContext dynamic_context(temp_scope_->symbolTable()); StatName stat_name = dynamic_context.makeDynamicStatName(name, dynamic_map); temp_scope_->counterFromStatName(stat_name).add(counter.second); } } void StatMerger::mergeGauges(const Protobuf::Map& gauges, const DynamicsMap& dynamic_map) { for (const auto& gauge : gauges) { // Merging gauges via RPC from the parent has 3 cases; case 1 and 3b are the // most common. // // 1. Child thinks gauge is Accumulate : data is combined in // gauge_ref.add() below. // 2. Child thinks gauge is NeverImport: we skip this loop entry via // 'continue'. // 3. Child has not yet initialized gauge yet -- this merge is the // first time the child learns of the gauge. It's possible the child // will think the gauge is NeverImport due to a code change. But for // now we will leave the gauge in the child process as // import_mode==Uninitialized, and accumulate the parent value in // gauge_ref.add(). Gauges in this mode will not be included in // stats-sinks or the admin /stats calls, until the child initializes // the gauge, in which case: // 3a. Child later initializes gauges as NeverImport: the parent value is // cleared during the mergeImportMode call. // 3b. Child later initializes gauges as Accumulate: the parent value is // retained. StatMerger::DynamicContext dynamic_context(temp_scope_->symbolTable()); StatName stat_name = dynamic_context.makeDynamicStatName(gauge.first, dynamic_map); GaugeOptConstRef gauge_opt = temp_scope_->findGauge(stat_name); Gauge::ImportMode import_mode = Gauge::ImportMode::Uninitialized; if (gauge_opt) { import_mode = gauge_opt->get().importMode(); if (import_mode == Gauge::ImportMode::NeverImport) { continue; } } // TODO(snowp): Propagate tag values during hot restarts. auto& gauge_ref = temp_scope_->gaugeFromStatName(stat_name, import_mode); if (gauge_ref.importMode() == Gauge::ImportMode::NeverImport) { // On the first iteration through the loop, the gauge will not be loaded into the scope // cache even though it might exist in another scope. Thus, we need to check again for // the import status to see if we should skip this gauge. // // TODO(mattklein123): There is a race condition here. It's technically possible that // between the time we created this stat, the stat might be created by the child as a // never import stat, making the below math invalid. A follow up solution is to take the // store lock starting from gaugeFromStatName() to the end of this function, but this will // require adding some type of mergeGauge() function to the scope and dealing with recursive // lock acquisition, etc. so we will leave this as a follow up. This race should be incredibly // rare. continue; } const uint64_t new_parent_value = gauge.second; parent_gauges_.insert(gauge_ref.statName()); gauge_ref.setParentValue(new_parent_value); } } void StatMerger::retainParentGaugeValue(Stats::StatName gauge_name) { parent_gauges_.erase(gauge_name); } void StatMerger::mergeStats(const Protobuf::Map& counter_deltas, const Protobuf::Map& gauges, const DynamicsMap& dynamics) { mergeCounters(counter_deltas, dynamics); mergeGauges(gauges, dynamics); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/stat_merger.h ================================================ #pragma once #include "envoy/stats/store.h" #include "common/protobuf/protobuf.h" #include "common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Stats { // Responsible for the sensible merging of two instances of the same stat from two different // (typically hot restart parent+child) Envoy processes. class StatMerger { public: using DynamicsMap = absl::flat_hash_map; // Holds state needed to construct StatName with mixed dynamic/symbolic // components, based on a map. class DynamicContext { public: DynamicContext(SymbolTable& symbol_table) : symbol_table_(symbol_table), symbolic_pool_(symbol_table), dynamic_pool_(symbol_table) {} /** * Generates a StatName with mixed dynamic/symbolic components based on * the string and the dynamic_map obtained from encodeSegments. * * @param name The string corresponding to the desired StatName. * @param map a map indicating which spans of tokens in the stat-name are dynamic. * @return the generated StatName, valid as long as the DynamicContext. */ StatName makeDynamicStatName(const std::string& name, const DynamicsMap& map); private: SymbolTable& symbol_table_; StatNamePool symbolic_pool_; StatNameDynamicPool dynamic_pool_; SymbolTable::StoragePtr storage_ptr_; }; StatMerger(Stats::Store& target_store); ~StatMerger(); /** * Merge the values of stats_proto into stats_store. Counters are always * straightforward addition, while gauges default to addition but have * exceptions. * * @param counter_deltas map of counter changes from parent * @param gauges map of gauge changes from parent * @param dynamics information about which segments of the names are dynamic. */ void mergeStats(const Protobuf::Map& counter_deltas, const Protobuf::Map& gauges, const DynamicsMap& dynamics = DynamicsMap()); /** * Indicates that a gauge's value from the hot-restart parent should be * retained, combining it with the child data. By default, data is transferred * from parent gauges only during the hot-restart process, but the parent * contribution is subtracted from the child when the parent terminates. This * makes sense for gauges such as active connection counts, but is not * appropriate for server.hot_restart_generation. * * This function must be called immediately prior to destruction of the * StatMerger instance. * * @param gauge_name The gauge to be retained. */ void retainParentGaugeValue(Stats::StatName gauge_name); private: void mergeCounters(const Protobuf::Map& counter_deltas, const DynamicsMap& dynamics_map); void mergeGauges(const Protobuf::Map& gauges, const DynamicsMap& dynamics_map); StatNameHashSet parent_gauges_; // A stats Scope for our in-the-merging-process counters to live in. Scopes conceptually hold // shared_ptrs to the stats that live in them, with the question of which stats are living in a // given scope determined by which stat names have been accessed via that scope. E.g., if you // access a stat named "some.shared" directly through the ordinary store, and then access a // stat named "shared" in a scope configured with the prefix "some.", there is now a single // stat named some.shared pointed to by both. As another example, if you access the stat // "single" in the "some" scope, there will be a stat named "some.single" pointed to by just // that scope. Now, if you delete the scope, some.shared will stick around, but some.single // will be destroyed. // // All of that is relevant here because it is used to get a certain desired behavior. // Specifically, stats must be kept up to date with values from the parent throughout hot // restart, but once the restart completes, they must be dropped without a trace if the child has // not taken action (independent of the hot restart stat merging) that would lead to them getting // created in the store. By storing these stats in a scope (with an empty prefix), we can // preserve all stats throughout the hot restart. Then, when the restart completes, dropping // the scope will drop exactly those stats whose names have not already been accessed through // another store/scope. ScopePtr temp_scope_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/stats_matcher_impl.cc ================================================ #include "common/stats/stats_matcher_impl.h" #include #include #include "envoy/config/metrics/v3/stats.pb.h" #include "common/common/utility.h" namespace Envoy { namespace Stats { // TODO(ambuc): Refactor this into common/matchers.cc, since StatsMatcher is really just a thin // wrapper around what might be called a StringMatcherList. StatsMatcherImpl::StatsMatcherImpl(const envoy::config::metrics::v3::StatsConfig& config) { switch (config.stats_matcher().stats_matcher_case()) { case envoy::config::metrics::v3::StatsMatcher::StatsMatcherCase::kRejectAll: // In this scenario, there are no matchers to store. is_inclusive_ = !config.stats_matcher().reject_all(); break; case envoy::config::metrics::v3::StatsMatcher::StatsMatcherCase::kInclusionList: // If we have an inclusion list, we are being default-exclusive. for (const auto& stats_matcher : config.stats_matcher().inclusion_list().patterns()) { matchers_.push_back(Matchers::StringMatcherImpl(stats_matcher)); } is_inclusive_ = false; break; case envoy::config::metrics::v3::StatsMatcher::StatsMatcherCase::kExclusionList: // If we have an exclusion list, we are being default-inclusive. for (const auto& stats_matcher : config.stats_matcher().exclusion_list().patterns()) { matchers_.push_back(Matchers::StringMatcherImpl(stats_matcher)); } FALLTHRU; default: // No matcher was supplied, so we default to inclusion. is_inclusive_ = true; break; } } bool StatsMatcherImpl::rejects(const std::string& name) const { // // is_inclusive_ | match | return // ---------------+-------+-------- // T | T | T Default-inclusive and matching an (exclusion) matcher, deny. // T | F | F Otherwise, allow. // F | T | F Default-exclusive and matching an (inclusion) matcher, allow. // F | F | T Otherwise, deny. // // This is an XNOR, which can be evaluated by checking for equality. return (is_inclusive_ == std::any_of(matchers_.begin(), matchers_.end(), [&name](auto& matcher) { return matcher.match(name); })); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/stats_matcher_impl.h ================================================ #pragma once #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/stats/stats_matcher.h" #include "common/common/matchers.h" #include "common/protobuf/protobuf.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Supplies a stats matcher. */ class StatsMatcherImpl : public StatsMatcher { public: explicit StatsMatcherImpl(const envoy::config::metrics::v3::StatsConfig& config); // Default constructor simply allows everything. StatsMatcherImpl() = default; // StatsMatcher bool rejects(const std::string& name) const override; bool acceptsAll() const override { return is_inclusive_ && matchers_.empty(); } bool rejectsAll() const override { return !is_inclusive_ && matchers_.empty(); } private: // Bool indicating whether or not the StatsMatcher is including or excluding stats by default. See // StatsMatcherImpl::rejects() for much more detail. bool is_inclusive_{true}; std::vector matchers_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/store_impl.h ================================================ #pragma once #include "envoy/stats/stats.h" #include "envoy/stats/store.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { /** * Implements common parts of the Store API needed by multiple derivations of Store. */ class StoreImpl : public Store { public: explicit StoreImpl(SymbolTable& symbol_table) : symbol_table_(symbol_table) {} SymbolTable& symbolTable() override { return symbol_table_; } const SymbolTable& constSymbolTable() const override { return symbol_table_; } private: SymbolTable& symbol_table_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/symbol_table_impl.cc ================================================ #include "common/stats/symbol_table_impl.h" #include #include #include #include #include "common/common/assert.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Stats { // Masks used for variable-length encoding of arbitrary-sized integers into a // uint8-array. The integers are typically small, so we try to store them in as // few bytes as possible. The bottom 7 bits hold values, and the top bit is used // to determine whether another byte is needed for more data. static constexpr uint32_t SpilloverMask = 0x80; static constexpr uint32_t Low7Bits = 0x7f; // When storing Symbol arrays, we disallow Symbol 0, which is the only Symbol // that will decode into uint8_t array starting (and ending) with {0}. Thus we // can use a leading 0 in the first byte to indicate that what follows is // literal char data, rather than symbol-table entries. Literal char data is // used for dynamically discovered stat-name tokens where you don't want to take // a symbol table lock, and would rather pay extra memory overhead to store the // tokens as fully elaborated strings. static constexpr Symbol FirstValidSymbol = 1; static constexpr uint8_t LiteralStringIndicator = 0; size_t StatName::dataSize() const { if (size_and_data_ == nullptr) { return 0; } return SymbolTableImpl::Encoding::decodeNumber(size_and_data_).first; } #ifndef ENVOY_CONFIG_COVERAGE void StatName::debugPrint() { // TODO(jmarantz): capture this functionality (always prints regardless of // loglevel) in an ENVOY_LOG macro variant or similar, perhaps // ENVOY_LOG_MISC(stderr, ...); if (size_and_data_ == nullptr) { std::cerr << "Null StatName" << std::endl; } else { const size_t nbytes = dataSize(); std::cerr << "dataSize=" << nbytes << ":"; for (size_t i = 0; i < nbytes; ++i) { std::cerr << " " << static_cast(data()[i]); } const SymbolVec encoding = SymbolTableImpl::Encoding::decodeSymbols(data(), dataSize()); std::cerr << ", numSymbols=" << encoding.size() << ":"; for (Symbol symbol : encoding) { std::cerr << " " << symbol; } std::cerr << std::endl; } } #endif SymbolTableImpl::Encoding::~Encoding() { // Verifies that moveToMemBlock() was called on this encoding. Failure // to call moveToMemBlock() will result in leaks symbols. ASSERT(mem_block_.capacity() == 0); } size_t SymbolTableImpl::Encoding::encodingSizeBytes(uint64_t number) { size_t num_bytes = 0; do { ++num_bytes; number >>= 7; } while (number != 0); return num_bytes; } void SymbolTableImpl::Encoding::appendEncoding(uint64_t number, MemBlockBuilder& mem_block) { // UTF-8-like encoding where a value 127 or less gets written as a single // byte. For higher values we write the low-order 7 bits with a 1 in // the high-order bit. Then we right-shift 7 bits and keep adding more bytes // until we have consumed all the non-zero bits in symbol. // // When decoding, we stop consuming uint8_t when we see a uint8_t with // high-order bit 0. do { if (number < (1 << 7)) { mem_block.appendOne(number); // number <= 127 gets encoded in one byte. } else { mem_block.appendOne((number & Low7Bits) | SpilloverMask); // >= 128 need spillover bytes. } number >>= 7; } while (number != 0); } void SymbolTableImpl::Encoding::addSymbols(const std::vector& symbols) { ASSERT(data_bytes_required_ == 0); for (Symbol symbol : symbols) { data_bytes_required_ += encodingSizeBytes(symbol); } mem_block_.setCapacity(data_bytes_required_); for (Symbol symbol : symbols) { appendEncoding(symbol, mem_block_); } } std::pair SymbolTableImpl::Encoding::decodeNumber(const uint8_t* encoding) { uint64_t number = 0; uint64_t uc = SpilloverMask; const uint8_t* start = encoding; for (uint32_t shift = 0; (uc & SpilloverMask) != 0; ++encoding, shift += 7) { uc = static_cast(*encoding); number |= (uc & Low7Bits) << shift; } return std::make_pair(number, encoding - start); } SymbolVec SymbolTableImpl::Encoding::decodeSymbols(const SymbolTable::Storage array, size_t size) { SymbolVec symbol_vec; symbol_vec.reserve(size); decodeTokens( array, size, [&symbol_vec](Symbol symbol) { symbol_vec.push_back(symbol); }, [](absl::string_view) {}); return symbol_vec; } void SymbolTableImpl::Encoding::decodeTokens( const SymbolTable::Storage array, size_t size, const std::function& symbol_token_fn, const std::function& string_view_token_fn) { while (size > 0) { if (*array == LiteralStringIndicator) { // To avoid scanning memory to find the literal size during decode, we // var-length encode the size of the literal string prior to the data. ASSERT(size > 1); ++array; --size; std::pair length_consumed = decodeNumber(array); uint64_t length = length_consumed.first; array += length_consumed.second; size -= length_consumed.second; ASSERT(size >= length); string_view_token_fn(absl::string_view(reinterpret_cast(array), length)); size -= length; array += length; } else { std::pair symbol_consumed = decodeNumber(array); symbol_token_fn(symbol_consumed.first); size -= symbol_consumed.second; array += symbol_consumed.second; } } } std::vector SymbolTableImpl::decodeStrings(const SymbolTable::Storage array, size_t size) const { std::vector strings; Thread::LockGuard lock(lock_); Encoding::decodeTokens( array, size, [this, &strings](Symbol symbol) ABSL_NO_THREAD_SAFETY_ANALYSIS { strings.push_back(fromSymbol(symbol)); }, [&strings](absl::string_view str) { strings.push_back(str); }); return strings; } void SymbolTableImpl::Encoding::moveToMemBlock(MemBlockBuilder& mem_block) { appendEncoding(data_bytes_required_, mem_block); mem_block.appendBlock(mem_block_); mem_block_.reset(); // Logically transfer ownership, enabling empty assert on destruct. } void SymbolTableImpl::Encoding::appendToMemBlock(StatName stat_name, MemBlockBuilder& mem_block) { const uint8_t* data = stat_name.dataIncludingSize(); if (data == nullptr) { mem_block.appendOne(0); } else { mem_block.appendData(absl::MakeSpan(data, stat_name.size())); } } SymbolTableImpl::SymbolTableImpl() // Have to be explicitly initialized, if we want to use the ABSL_GUARDED_BY macro. : next_symbol_(FirstValidSymbol), monotonic_counter_(FirstValidSymbol) {} SymbolTableImpl::~SymbolTableImpl() { // To avoid leaks into the symbol table, we expect all StatNames to be freed. // Note: this could potentially be short-circuited if we decide a fast exit // is needed in production. But it would be good to ensure clean up during // tests. ASSERT(numSymbols() == 0); } // TODO(ambuc): There is a possible performance optimization here for avoiding // the encoding of IPs / numbers if they appear in stat names. We don't want to // waste time symbolizing an integer as an integer, if we can help it. void SymbolTableImpl::addTokensToEncoding(const absl::string_view name, Encoding& encoding) { if (name.empty()) { return; } // We want to hold the lock for the minimum amount of time, so we do the // string-splitting and prepare a temp vector of Symbol first. const std::vector tokens = absl::StrSplit(name, '.'); std::vector symbols; symbols.reserve(tokens.size()); // Now take the lock and populate the Symbol objects, which involves bumping // ref-counts in this. { Thread::LockGuard lock(lock_); recent_lookups_.lookup(name); for (auto& token : tokens) { // TODO(jmarantz): consider using StatNameDynamicStorage for tokens with // length below some threshold, say 4 bytes. It might be preferable not to // reserve Symbols for every 3 digit number found (for example) in ipv4 // addresses. symbols.push_back(toSymbol(token)); } } // Now efficiently encode the array of 32-bit symbols into a uint8_t array. encoding.addSymbols(symbols); } uint64_t SymbolTableImpl::numSymbols() const { Thread::LockGuard lock(lock_); ASSERT(encode_map_.size() == decode_map_.size()); return encode_map_.size(); } std::string SymbolTableImpl::toString(const StatName& stat_name) const { return absl::StrJoin(decodeStrings(stat_name.data(), stat_name.dataSize()), "."); } void SymbolTableImpl::callWithStringView(StatName stat_name, const std::function& fn) const { fn(toString(stat_name)); } void SymbolTableImpl::incRefCount(const StatName& stat_name) { // Before taking the lock, decode the array of symbols from the SymbolTable::Storage. const SymbolVec symbols = Encoding::decodeSymbols(stat_name.data(), stat_name.dataSize()); Thread::LockGuard lock(lock_); for (Symbol symbol : symbols) { auto decode_search = decode_map_.find(symbol); ASSERT(decode_search != decode_map_.end()); auto encode_search = encode_map_.find(decode_search->second->toStringView()); ASSERT(encode_search != encode_map_.end()); ++encode_search->second.ref_count_; } } void SymbolTableImpl::free(const StatName& stat_name) { // Before taking the lock, decode the array of symbols from the SymbolTable::Storage. const SymbolVec symbols = Encoding::decodeSymbols(stat_name.data(), stat_name.dataSize()); Thread::LockGuard lock(lock_); for (Symbol symbol : symbols) { auto decode_search = decode_map_.find(symbol); ASSERT(decode_search != decode_map_.end()); auto encode_search = encode_map_.find(decode_search->second->toStringView()); ASSERT(encode_search != encode_map_.end()); // If that was the last remaining client usage of the symbol, erase the // current mappings and add the now-unused symbol to the reuse pool. // // The "if (--EXPR.ref_count_)" pattern speeds up BM_CreateRace by 20% in // symbol_table_speed_test.cc, relative to breaking out the decrement into a // separate step, likely due to the non-trivial dereferences in EXPR. if (--encode_search->second.ref_count_ == 0) { decode_map_.erase(decode_search); encode_map_.erase(encode_search); pool_.push(symbol); } } } uint64_t SymbolTableImpl::getRecentLookups(const RecentLookupsFn& iter) const { uint64_t total = 0; absl::flat_hash_map name_count_map; // We don't want to hold lock_ while calling the iterator, but we need it to // access recent_lookups_, so we buffer in name_count_map. { Thread::LockGuard lock(lock_); recent_lookups_.forEach( [&name_count_map](absl::string_view str, uint64_t count) ABSL_NO_THREAD_SAFETY_ANALYSIS { name_count_map[std::string(str)] += count; }); total += recent_lookups_.total(); } // Now we have the collated name-count map data: we need to vectorize and // sort. We define the pair with the count first as std::pair::operator< // prioritizes its first element over its second. using LookupCount = std::pair; std::vector lookup_data; lookup_data.reserve(name_count_map.size()); for (const auto& iter : name_count_map) { lookup_data.emplace_back(LookupCount(iter.second, iter.first)); } std::sort(lookup_data.begin(), lookup_data.end()); for (const LookupCount& lookup_count : lookup_data) { iter(lookup_count.second, lookup_count.first); } return total; } DynamicSpans SymbolTableImpl::getDynamicSpans(StatName stat_name) const { DynamicSpans dynamic_spans; uint32_t index = 0; auto record_dynamic = [&dynamic_spans, &index](absl::string_view str) { DynamicSpan span; span.first = index; index += std::count(str.begin(), str.end(), '.'); span.second = index; ++index; dynamic_spans.push_back(span); }; // Use decodeTokens to suss out which components of stat_name are // symbolic vs dynamic. The lambda that takes a Symbol is called // for symbolic components. The lambda called with a string_view // is called for dynamic components. // // Note that with fake symbol tables, the Symbol lambda is called // once for each character in the string, and no dynamics will // be recorded. Encoding::decodeTokens( stat_name.data(), stat_name.dataSize(), [&index](Symbol) { ++index; }, record_dynamic); return dynamic_spans; } void SymbolTableImpl::setRecentLookupCapacity(uint64_t capacity) { Thread::LockGuard lock(lock_); recent_lookups_.setCapacity(capacity); } void SymbolTableImpl::clearRecentLookups() { Thread::LockGuard lock(lock_); recent_lookups_.clear(); } uint64_t SymbolTableImpl::recentLookupCapacity() const { Thread::LockGuard lock(lock_); return recent_lookups_.capacity(); } StatNameSetPtr SymbolTableImpl::makeSet(absl::string_view name) { // make_unique does not work with private ctor, even though SymbolTableImpl is a friend. StatNameSetPtr stat_name_set(new StatNameSet(*this, name)); return stat_name_set; } Symbol SymbolTableImpl::toSymbol(absl::string_view sv) { Symbol result; auto encode_find = encode_map_.find(sv); // If the string segment doesn't already exist, if (encode_find == encode_map_.end()) { // We create the actual string, place it in the decode_map_, and then insert // a string_view pointing to it in the encode_map_. This allows us to only // store the string once. We use unique_ptr so copies are not made as // flat_hash_map moves values around. InlineStringPtr str = InlineString::create(sv); auto encode_insert = encode_map_.insert({str->toStringView(), SharedSymbol(next_symbol_)}); ASSERT(encode_insert.second); auto decode_insert = decode_map_.insert({next_symbol_, std::move(str)}); ASSERT(decode_insert.second); result = next_symbol_; newSymbol(); } else { // If the insertion didn't take place, return the actual value at that location and up the // refcount at that location result = encode_find->second.symbol_; ++(encode_find->second.ref_count_); } return result; } absl::string_view SymbolTableImpl::fromSymbol(const Symbol symbol) const ABSL_EXCLUSIVE_LOCKS_REQUIRED(lock_) { auto search = decode_map_.find(symbol); RELEASE_ASSERT(search != decode_map_.end(), "no such symbol"); return search->second->toStringView(); } void SymbolTableImpl::newSymbol() ABSL_EXCLUSIVE_LOCKS_REQUIRED(lock_) { if (pool_.empty()) { next_symbol_ = ++monotonic_counter_; } else { next_symbol_ = pool_.top(); pool_.pop(); } // This should catch integer overflow for the new symbol. ASSERT(monotonic_counter_ != 0); } bool SymbolTableImpl::lessThan(const StatName& a, const StatName& b) const { // Constructing two temp vectors during lessThan is not strictly necessary. // If this becomes a performance bottleneck (e.g. during sorting), we could // provide an iterator-like interface for incrementally comparing the tokens // without allocating memory. const std::vector av = decodeStrings(a.data(), a.dataSize()); const std::vector bv = decodeStrings(b.data(), b.dataSize()); for (uint64_t i = 0, n = std::min(av.size(), bv.size()); i < n; ++i) { if (av[i] != bv[i]) { const bool ret = av[i] < bv[i]; return ret; } } return av.size() < bv.size(); } #ifndef ENVOY_CONFIG_COVERAGE void SymbolTableImpl::debugPrint() const { Thread::LockGuard lock(lock_); std::vector symbols; for (const auto& p : decode_map_) { symbols.push_back(p.first); } std::sort(symbols.begin(), symbols.end()); for (Symbol symbol : symbols) { const InlineString& token = *decode_map_.find(symbol)->second; const SharedSymbol& shared_symbol = encode_map_.find(token.toStringView())->second; ENVOY_LOG_MISC(info, "{}: '{}' ({})", symbol, token.toStringView(), shared_symbol.ref_count_); } } #endif SymbolTable::StoragePtr SymbolTableImpl::encode(absl::string_view name) { name = StringUtil::removeTrailingCharacters(name, '.'); Encoding encoding; addTokensToEncoding(name, encoding); MemBlockBuilder mem_block(Encoding::totalSizeBytes(encoding.bytesRequired())); encoding.moveToMemBlock(mem_block); return mem_block.release(); } StatNameStorage::StatNameStorage(absl::string_view name, SymbolTable& table) : StatNameStorageBase(table.encode(name)) {} StatNameStorage::StatNameStorage(StatName src, SymbolTable& table) { const size_t size = src.size(); MemBlockBuilder storage(size); // Note: MemBlockBuilder takes uint64_t. src.copyToMemBlock(storage); setBytes(storage.release()); table.incRefCount(statName()); } SymbolTable::StoragePtr SymbolTableImpl::makeDynamicStorage(absl::string_view name) { name = StringUtil::removeTrailingCharacters(name, '.'); // For all StatName objects, we first have the total number of bytes in the // representation. But for inlined dynamic string StatName variants, we must // store the length of the payload separately, so that if this token gets // joined with others, we'll know much space it consumes until the next token. // So the layout is // [ length-of-whole-StatName, LiteralStringIndicator, length-of-name, name ] // So we need to figure out how many bytes we need to represent length-of-name // and name. // payload_bytes is the total number of bytes needed to represent the // characters in name, plus their encoded size, plus the literal indicator. const size_t payload_bytes = SymbolTableImpl::Encoding::totalSizeBytes(name.size()) + 1; // total_bytes includes the payload_bytes, plus the LiteralStringIndicator, and // the length of those. const size_t total_bytes = SymbolTableImpl::Encoding::totalSizeBytes(payload_bytes); MemBlockBuilder mem_block(total_bytes); SymbolTableImpl::Encoding::appendEncoding(payload_bytes, mem_block); mem_block.appendOne(LiteralStringIndicator); SymbolTableImpl::Encoding::appendEncoding(name.size(), mem_block); mem_block.appendData(absl::MakeSpan(reinterpret_cast(name.data()), name.size())); ASSERT(mem_block.capacityRemaining() == 0); return mem_block.release(); } StatNameStorage::~StatNameStorage() { // StatNameStorage is not fully RAII: you must call free(SymbolTable&) to // decrement the reference counts held by the SymbolTable on behalf of // this StatName. This saves 8 bytes of storage per stat, relative to // holding a SymbolTable& in each StatNameStorage object. ASSERT(bytes() == nullptr); } void StatNameStorage::free(SymbolTable& table) { table.free(statName()); clear(); } void StatNamePool::clear() { for (StatNameStorage& storage : storage_vector_) { storage.free(symbol_table_); } storage_vector_.clear(); } const uint8_t* StatNamePool::addReturningStorage(absl::string_view str) { storage_vector_.push_back(Stats::StatNameStorage(str, symbol_table_)); return storage_vector_.back().bytes(); } StatName StatNamePool::add(absl::string_view str) { return StatName(addReturningStorage(str)); } StatName StatNameDynamicPool::add(absl::string_view str) { storage_vector_.push_back(Stats::StatNameDynamicStorage(str, symbol_table_)); return StatName(storage_vector_.back().bytes()); } StatNameStorageSet::~StatNameStorageSet() { // free() must be called before destructing StatNameStorageSet to decrement // references to all symbols. ASSERT(hash_set_.empty()); } void StatNameStorageSet::free(SymbolTable& symbol_table) { // We must free() all symbols referenced in the set, otherwise the symbols // will leak when the flat_hash_map superclass is destructed. They cannot // self-destruct without an explicit free() as each individual StatNameStorage // object does not have a reference to the symbol table, which would waste 8 // bytes per stat-name. The easiest way to safely free all the contents of the // symbol table set is to use flat_hash_map::extract(), which removes and // returns an element from the set without destructing the element // immediately. This gives us a chance to call free() on each one before they // are destroyed. // // There's a performance risk here, if removing elements via // flat_hash_set::begin() is inefficient to use in a loop like this. One can // imagine a hash-table implementation where the performance of this // usage-model would be poor. However, tests with 100k elements appeared to // run quickly when compiled for optimization, so at present this is not a // performance issue. while (!hash_set_.empty()) { auto storage = hash_set_.extract(hash_set_.begin()); storage.value().free(symbol_table); } } SymbolTable::StoragePtr SymbolTableImpl::join(const StatNameVec& stat_names) const { size_t num_bytes = 0; for (StatName stat_name : stat_names) { if (!stat_name.empty()) { num_bytes += stat_name.dataSize(); } } MemBlockBuilder mem_block(Encoding::totalSizeBytes(num_bytes)); Encoding::appendEncoding(num_bytes, mem_block); for (StatName stat_name : stat_names) { stat_name.appendDataToMemBlock(mem_block); } ASSERT(mem_block.capacityRemaining() == 0); return mem_block.release(); } void SymbolTableImpl::populateList(const StatName* names, uint32_t num_names, StatNameList& list) { RELEASE_ASSERT(num_names < 256, "Maximum number elements in a StatNameList exceeded"); // First encode all the names. size_t total_size_bytes = 1; /* one byte for holding the number of names */ for (uint32_t i = 0; i < num_names; ++i) { total_size_bytes += names[i].size(); } // Now allocate the exact number of bytes required and move the encodings // into storage. MemBlockBuilder mem_block(total_size_bytes); mem_block.appendOne(num_names); for (uint32_t i = 0; i < num_names; ++i) { const StatName stat_name = names[i]; Encoding::appendToMemBlock(stat_name, mem_block); incRefCount(stat_name); } // This assertion double-checks the arithmetic where we computed // total_size_bytes. After appending all the encoded data into the // allocated byte array, we should have exhausted all the memory // we though we needed. ASSERT(mem_block.capacityRemaining() == 0); list.moveStorageIntoList(mem_block.release()); } StatNameList::~StatNameList() { ASSERT(!populated()); } void StatNameList::iterate(const std::function& f) const { const uint8_t* p = &storage_[0]; const uint32_t num_elements = *p++; for (uint32_t i = 0; i < num_elements; ++i) { const StatName stat_name(p); p += stat_name.size(); if (!f(stat_name)) { break; } } } void StatNameList::clear(SymbolTable& symbol_table) { iterate([&symbol_table](StatName stat_name) -> bool { symbol_table.free(stat_name); return true; }); storage_.reset(); } StatNameSet::StatNameSet(SymbolTable& symbol_table, absl::string_view name) : name_(std::string(name)), symbol_table_(symbol_table), pool_(symbol_table) { builtin_stat_names_[""] = StatName(); } void StatNameSet::rememberBuiltin(absl::string_view str) { StatName stat_name; { absl::MutexLock lock(&mutex_); stat_name = pool_.add(str); } builtin_stat_names_[str] = stat_name; } StatName StatNameSet::getBuiltin(absl::string_view token, StatName fallback) const { // If token was recorded as a built-in during initialization, we can // service this request lock-free. const auto iter = builtin_stat_names_.find(token); if (iter != builtin_stat_names_.end()) { return iter->second; } return fallback; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/symbol_table_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/stats/symbol_table.h" #include "common/common/assert.h" #include "common/common/hash.h" #include "common/common/lock_guard.h" #include "common/common/mem_block_builder.h" #include "common/common/non_copyable.h" #include "common/common/thread.h" #include "common/common/utility.h" #include "common/stats/recent_lookups.h" #include "absl/container/fixed_array.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Stats { /** A Symbol represents a string-token with a small index. */ using Symbol = uint32_t; /** Transient representations of a vector of 32-bit symbols */ using SymbolVec = std::vector; /** * SymbolTableImpl manages a namespace optimized for stats, which are typically * composed of arrays of "."-separated tokens, with a significant overlap * between the tokens. Each token is mapped to a Symbol (uint32_t) and * reference-counted so that no-longer-used symbols can be reclaimed. * * We use a uint8_t array to encode a "."-deliminated stat-name into arrays of * integer symbol IDs in order to conserve space, as in practice the * majority of token instances in stat names draw from a fairly small set of * common names, typically less than 100. The format is somewhat similar to * UTF-8, with a variable-length array of uint8_t. See the implementation for * details. * * StatNameStorage can be used to manage memory for the byte-encoding. Not all * StatNames are backed by StatNameStorage -- the storage may be inlined into * another object such as HeapStatData. StaNameStorage is not fully RAII -- * instead the owner must call free(SymbolTable&) explicitly before * StatNameStorage is destructed. This saves 8 bytes of storage per stat, * relative to holding a SymbolTable& in each StatNameStorage object. * * A StatName is a copyable and assignable reference to this storage. It does * not own the storage or keep it alive via reference counts; the owner must * ensure the backing store lives as long as the StatName. * * The underlying Symbol / SymbolVec data structures are private to the * impl. One side effect of the non-monotonically-increasing symbol counter is * that if a string is encoded, the resulting stat is destroyed, and then that * same string is re-encoded, it may or may not encode to the same underlying * symbol. */ class SymbolTableImpl : public SymbolTable { public: /** * Intermediate representation for a stat-name. This helps store multiple * names in a single packed allocation. First we encode each desired name, * then sum their sizes for the single packed allocation. This is used to * store MetricImpl's tags and tagExtractedName. */ class Encoding { public: /** * Before destructing SymbolEncoding, you must call moveToMemBlock. This * transfers ownership, and in particular, the responsibility to call * SymbolTable::clear() on all referenced symbols. If we ever wanted to be * able to destruct a SymbolEncoding without transferring it we could add a * clear(SymbolTable&) method. */ ~Encoding(); /** * Encodes a token into the vec. * * @param symbol the symbol to encode. */ void addSymbols(const SymbolVec& symbols); /** * Decodes a uint8_t array into a SymbolVec. */ static SymbolVec decodeSymbols(const SymbolTable::Storage array, size_t size); /** * Decodes a uint8_t array into a sequence of symbols and literal strings. * There are distinct lambdas for these two options. Calls to these lambdas * will be interleaved based on the sequencing of literal strings and * symbols held in the data. * * @param array the StatName encoded as a uint8_t array. * @param size the size of the array in bytes. * @param symbol_token_fn a function to be called whenever a symbol is encountered in the array. * @param string_view_token_fn a function to be called whenever a string literal is encountered. */ static void decodeTokens(const SymbolTable::Storage array, size_t size, const std::function& symbol_token_fn, const std::function& string_view_token_fn); /** * Returns the number of bytes required to represent StatName as a uint8_t * array, including the encoded size. */ size_t bytesRequired() const { return data_bytes_required_ + encodingSizeBytes(data_bytes_required_); } /** * Moves the contents of the vector into an allocated array. The array * must have been allocated with bytesRequired() bytes. * * @param mem_block_builder memory block to receive the encoded bytes. */ void moveToMemBlock(MemBlockBuilder& mem_block_builder); /** * @param number A number to encode in a variable length byte-array. * @return The number of bytes it would take to encode the number. */ static size_t encodingSizeBytes(uint64_t number); /** * @param num_data_bytes The number of bytes in a data-block. * @return The total number of bytes required for the data-block and its encoded size. */ static size_t totalSizeBytes(size_t num_data_bytes) { return encodingSizeBytes(num_data_bytes) + num_data_bytes; } /** * Saves the specified number into the byte array, returning the next byte. * There is no guarantee that bytes will be aligned, so we can't cast to a * uint16_t* and assign, but must individually copy the bytes. * * Requires that the buffer be sized to accommodate encodingSizeBytes(number). * * @param number the number to write. * @param mem_block the memory into which to append the number. */ static void appendEncoding(uint64_t number, MemBlockBuilder& mem_block); /** * Appends stat_name's bytes into mem_block, which must have been allocated to * allow for stat_name.size() bytes. * * @param stat_name the stat_name to append. * @param mem_block the block of memory to append to. */ static void appendToMemBlock(StatName stat_name, MemBlockBuilder& mem_block); /** * Decodes a byte-array containing a variable-length number. * * @param The encoded byte array, written previously by appendEncoding. * @return A pair containing the decoded number, and the number of bytes consumed from encoding. */ static std::pair decodeNumber(const uint8_t* encoding); private: size_t data_bytes_required_{0}; MemBlockBuilder mem_block_; }; SymbolTableImpl(); ~SymbolTableImpl() override; // SymbolTable std::string toString(const StatName& stat_name) const override; uint64_t numSymbols() const override; bool lessThan(const StatName& a, const StatName& b) const override; void free(const StatName& stat_name) override; void incRefCount(const StatName& stat_name) override; StoragePtr join(const StatNameVec& stat_names) const override; void populateList(const StatName* names, uint32_t num_names, StatNameList& list) override; StoragePtr encode(absl::string_view name) override; StoragePtr makeDynamicStorage(absl::string_view name) override; void callWithStringView(StatName stat_name, const std::function& fn) const override; #ifndef ENVOY_CONFIG_COVERAGE void debugPrint() const override; #endif StatNameSetPtr makeSet(absl::string_view name) override; uint64_t getRecentLookups(const RecentLookupsFn&) const override; void clearRecentLookups() override; void setRecentLookupCapacity(uint64_t capacity) override; uint64_t recentLookupCapacity() const override; DynamicSpans getDynamicSpans(StatName stat_name) const override; private: friend class StatName; friend class StatNameTest; friend class StatNameDeathTest; struct SharedSymbol { SharedSymbol(Symbol symbol) : symbol_(symbol), ref_count_(1) {} Symbol symbol_; uint32_t ref_count_; }; // This must be held during both encode() and free(). mutable Thread::MutexBasicLockable lock_; /** * Decodes a uint8_t array into an array of period-delimited strings. Note * that some of the strings may have periods in them, in the case where * StatNameDynamicStorage was used. * * If decoding fails on any part of the encoding, we RELEASE_ASSERT and crash, * since this should never happen, and we don't want to continue running with * corrupt stat names. * * @param array the uint8_t array of encoded symbols and dynamic strings. * @param size the size of the array in bytes. * @return std::string the retrieved stat name. */ std::vector decodeStrings(const Storage array, size_t size) const; /** * Convenience function for encode(), symbolizing one string segment at a time. * * @param sv the individual string to be encoded as a symbol. * @return Symbol the encoded string. */ Symbol toSymbol(absl::string_view sv) ABSL_EXCLUSIVE_LOCKS_REQUIRED(lock_); /** * Convenience function for decode(), decoding one symbol at a time. * * @param symbol the individual symbol to be decoded. * @return absl::string_view the decoded string. */ absl::string_view fromSymbol(Symbol symbol) const ABSL_EXCLUSIVE_LOCKS_REQUIRED(lock_); /** * Stages a new symbol for use. To be called after a successful insertion. */ void newSymbol(); /** * Tokenizes name, finds or allocates symbols for each token, and adds them * to encoding. * * @param name The name to tokenize. * @param encoding The encoding to write to. */ void addTokensToEncoding(absl::string_view name, Encoding& encoding); Symbol monotonicCounter() { Thread::LockGuard lock(lock_); return monotonic_counter_; } // Stores the symbol to be used at next insertion. This should exist ahead of insertion time so // that if insertion succeeds, the value written is the correct one. Symbol next_symbol_ ABSL_GUARDED_BY(lock_); // If the free pool is exhausted, we monotonically increase this counter. Symbol monotonic_counter_; // Bitmap implementation. // The encode map stores both the symbol and the ref count of that symbol. // Using absl::string_view lets us only store the complete string once, in the decode map. using EncodeMap = absl::flat_hash_map; using DecodeMap = absl::flat_hash_map; EncodeMap encode_map_ ABSL_GUARDED_BY(lock_); DecodeMap decode_map_ ABSL_GUARDED_BY(lock_); // Free pool of symbols for re-use. // TODO(ambuc): There might be an optimization here relating to storing ranges of freed symbols // using an Envoy::IntervalSet. std::stack pool_ ABSL_GUARDED_BY(lock_); RecentLookups recent_lookups_ ABSL_GUARDED_BY(lock_); }; // Base class for holding the backing-storing for a StatName. The two derived // classes, StatNameStorage and StatNameDynamicStorage, share a need to hold an // array of bytes, but use different representations. class StatNameStorageBase { public: StatNameStorageBase(SymbolTable::StoragePtr&& bytes) : bytes_(std::move(bytes)) {} StatNameStorageBase() = default; /** * @return a reference to the owned storage. */ inline StatName statName() const; /** * @return the encoded data as a const pointer. */ const uint8_t* bytes() const { return bytes_.get(); } protected: void setBytes(SymbolTable::StoragePtr&& bytes) { bytes_ = std::move(bytes); } void clear() { bytes_.reset(); } private: SymbolTable::StoragePtr bytes_; }; /** * Holds backing storage for a StatName. Usage of this is not required, as some * applications may want to hold multiple StatName objects in one contiguous * uint8_t array, or embed the characters directly in another structure. * * This is intended for embedding in other data structures that have access * to a SymbolTable. StatNameStorage::free(symbol_table) must be called prior * to allowing the StatNameStorage object to be destructed, otherwise an assert * will fire to guard against symbol-table leaks. * * Thus this class is inconvenient to directly use as temp storage for building * a StatName from a string. Instead it should be used via StatNameManagedStorage. */ class StatNameStorage : public StatNameStorageBase { public: // Basic constructor for when you have a name as a string, and need to // generate symbols for it. StatNameStorage(absl::string_view name, SymbolTable& table); // Move constructor; needed for using StatNameStorage as an // absl::flat_hash_map value. StatNameStorage(StatNameStorage&& src) noexcept : StatNameStorageBase(std::move(src)) {} // Obtains new backing storage for an already existing StatName. Used to // record a computed StatName held in a temp into a more persistent data // structure. StatNameStorage(StatName src, SymbolTable& table); /** * Before allowing a StatNameStorage to be destroyed, you must call free() * on it, to drop the references to the symbols, allowing the SymbolTable * to shrink. */ ~StatNameStorage(); /** * Decrements the reference counts in the SymbolTable. * * @param table the symbol table. */ void free(SymbolTable& table); }; /** * Efficiently represents a stat name using a variable-length array of uint8_t. * This class does not own the backing store for this array; the backing-store * can be held in StatNameStorage, or it can be packed more tightly into another * object. * * When Envoy is configured with a large numbers of clusters, there are a huge * number of StatNames, so avoiding extra per-stat pointers has a significant * memory impact. */ class StatName { public: // Constructs a StatName object directly referencing the storage of another // StatName. explicit StatName(const SymbolTable::Storage size_and_data) : size_and_data_(size_and_data) {} // Constructs an empty StatName object. StatName() = default; /** * Defines default hash function so StatName can be used as a key in an absl * hash-table without specifying a functor. See * https://abseil.io/docs/cpp/guides/hash for details. */ template friend H AbslHashValue(H h, StatName stat_name) { if (stat_name.empty()) { return H::combine(std::move(h), absl::string_view()); } return H::combine(std::move(h), stat_name.dataAsStringView()); } /** * Note that this hash function will return a different hash than that of * the elaborated string. * * @return uint64_t a hash of the underlying representation. */ uint64_t hash() const { return absl::Hash()(*this); } bool operator==(const StatName& rhs) const { return dataAsStringView() == rhs.dataAsStringView(); } bool operator!=(const StatName& rhs) const { return !(*this == rhs); } /** * @return size_t the number of bytes in the symbol array, excluding the * overhead for the size itself. */ size_t dataSize() const; /** * @return size_t the number of bytes in the symbol array, including the * overhead for the size itself. */ size_t size() const { return SymbolTableImpl::Encoding::totalSizeBytes(dataSize()); } /** * Copies the entire StatName representation into a MemBlockBuilder, including * the length metadata at the beginning. The MemBlockBuilder must not have * any other data in it. * * @param mem_block_builder the builder to receive the storage. */ void copyToMemBlock(MemBlockBuilder& mem_block_builder) { ASSERT(mem_block_builder.size() == 0); mem_block_builder.appendData(absl::MakeSpan(size_and_data_, size())); } /** * Appends the data portion of the StatName representation into a * MemBlockBuilder, excluding the length metadata. This is appropriate for * join(), where several stat-names are combined, and we only need the * aggregated length metadata. * * @param mem_block_builder the builder to receive the storage. */ void appendDataToMemBlock(MemBlockBuilder& storage) { storage.appendData(absl::MakeSpan(data(), dataSize())); } #ifndef ENVOY_CONFIG_COVERAGE void debugPrint(); #endif /** * @return A pointer to the first byte of data (skipping over size bytes). */ const uint8_t* data() const { if (size_and_data_ == nullptr) { return nullptr; } return size_and_data_ + SymbolTableImpl::Encoding::encodingSizeBytes(dataSize()); } const uint8_t* dataIncludingSize() const { return size_and_data_; } /** * @return whether this is empty. */ bool empty() const { return size_and_data_ == nullptr || dataSize() == 0; } private: /** * Casts the raw data as a string_view. Note that this string_view will not * be in human-readable form, but it will be compatible with a string-view * hasher and comparator. */ absl::string_view dataAsStringView() const { return {reinterpret_cast(data()), static_cast(dataSize())}; } const uint8_t* size_and_data_{nullptr}; }; StatName StatNameStorageBase::statName() const { return StatName(bytes_.get()); } /** * Contains the backing store for a StatName and enough context so it can * self-delete through RAII. This works by augmenting StatNameStorage with a * reference to the SymbolTable&, so it has an extra 8 bytes of footprint. It * is intended to be used in cases where simplicity of implementation is more * important than byte-savings, for example: * - outside the stats system * - in tests * - as a scoped temp in a function * Due to the extra 8 bytes per instance, scalability should be taken into * account before using this as (say) a value or key in a map. In those * scenarios, it would be better to store the SymbolTable reference once * for the entire map. * * In the stat structures, we generally use StatNameStorage to avoid the * per-stat overhead. */ class StatNameManagedStorage : public StatNameStorage { public: // Basic constructor for when you have a name as a string, and need to // generate symbols for it. StatNameManagedStorage(absl::string_view name, SymbolTable& table) : StatNameStorage(name, table), symbol_table_(table) {} StatNameManagedStorage(StatNameManagedStorage&& src) noexcept : StatNameStorage(std::move(src)), symbol_table_(src.symbol_table_) {} ~StatNameManagedStorage() { free(symbol_table_); } private: SymbolTable& symbol_table_; }; /** * Holds backing-store for a dynamic stat, where are no global locks needed * to create a StatName from a string, but there is no sharing of token data * between names, so there may be more memory consumed. */ class StatNameDynamicStorage : public StatNameStorageBase { public: // Basic constructor based on a name. Note the table is used for // a virtual-function call to encode the name, but no locks are taken // in either implementation of the SymbolTable api. StatNameDynamicStorage(absl::string_view name, SymbolTable& table) : StatNameStorageBase(table.makeDynamicStorage(name)) {} // Move constructor. StatNameDynamicStorage(StatNameDynamicStorage&& src) noexcept : StatNameStorageBase(std::move(src)) {} }; /** * Maintains storage for a collection of StatName objects. Like * StatNameManagedStorage, this has an RAII usage model, taking * care of decrementing ref-counts in the SymbolTable for all * contained StatNames on destruction or on clear(); * * Example usage: * StatNamePool pool(symbol_table); * StatName name1 = pool.add("name1"); * StatName name2 = pool.add("name2"); * const uint8_t* storage = pool.addReturningStorage("name3"); * StatName name3(storage); */ class StatNamePool { public: explicit StatNamePool(SymbolTable& symbol_table) : symbol_table_(symbol_table) {} ~StatNamePool() { clear(); } /** * Removes all StatNames from the pool. */ void clear(); /** * @param name the name to add the container. * @return the StatName held in the container for this name. */ StatName add(absl::string_view name); /** * Does essentially the same thing as add(), but returns the storage as a * pointer which can later be used to create a StatName. This can be used * to accumulate a vector of uint8_t* which can later be used to create * StatName objects on demand. * * The use-case for this is in source/common/http/codes.cc, where we have a * fixed sized array of atomic pointers, indexed by HTTP code. This API * enables storing the allocated stat-name in that array of atomics, which * enables content-avoidance when finding StatNames for frequently used HTTP * codes. * * @param name the name to add the container. * @return a pointer to the bytes held in the container for this name, suitable for * using to construct a StatName. */ const uint8_t* addReturningStorage(absl::string_view name); private: // We keep the stat names in a vector of StatNameStorage, storing the // SymbolTable reference separately. This saves 8 bytes per StatName, // at the cost of having a destructor that calls clear(). SymbolTable& symbol_table_; std::vector storage_vector_; }; /** * Maintains storage for a collection of StatName objects constructed from * dynamically discovered strings. Like StatNameDynamicStorage, this has an RAII * usage model. Creating StatNames with this interface do not incur a * SymbolTable lock, but tokens are not shared across StatNames. * * The SymbolTable is required as a constructor argument to assist in encoding * the stat-names, which differs between FakeSymbolTableImpl and SymbolTableImpl. * * Example usage: * StatNameDynamicPool pool(symbol_table); * StatName name1 = pool.add("name1"); * StatName name2 = pool.add("name2"); * * Note; StatNameDynamicPool::add("foo") != StatNamePool::add("foo"), even * though their string representations are identical. They also will not match * in map lookups. Tests for StatName with dynamic components must therefore * be looked up by string, via Stats::TestUtil::TestStore. */ class StatNameDynamicPool { public: explicit StatNameDynamicPool(SymbolTable& symbol_table) : symbol_table_(symbol_table) {} /** * @param name the name to add the container. * @return the StatName held in the container for this name. */ StatName add(absl::string_view name); private: // We keep the stat names in a vector of StatNameStorage, storing the // SymbolTable reference separately. This saves 8 bytes per StatName, // at the cost of having a destructor that calls clear(). SymbolTable& symbol_table_; std::vector storage_vector_; }; // Represents an ordered container of StatNames. The encoding for each StatName // is byte-packed together, so this carries less overhead than allocating the // storage separately. The trade-off is there is no random access; you can only // iterate through the StatNames. // // The maximum size of the list is 255 elements, so the length can fit in a // byte. It would not be difficult to increase this, but there does not appear // to be a current need. class StatNameList { public: ~StatNameList(); /** * @return true if populate() has been called on this list. */ bool populated() const { return storage_ != nullptr; } /** * Iterates over each StatName in the list, calling f(StatName). f() should * return true to keep iterating, or false to end the iteration. * * @param f The function to call on each stat. */ void iterate(const std::function& f) const; /** * Frees each StatName in the list. Failure to call this before destruction * results in an ASSERT at destruction of the list and the SymbolTable. * * This is not done as part of destruction as the SymbolTable may already * be destroyed. * * @param symbol_table the symbol table. */ void clear(SymbolTable& symbol_table); private: friend class FakeSymbolTableImpl; friend class SymbolTableImpl; /** * Moves the specified storage into the list. The storage format is an * array of bytes, organized like this: * * [0] The number of elements in the list (must be < 256). * [1] low order 8 bits of the number of symbols in the first element. * [2] high order 8 bits of the number of symbols in the first element. * [3...] the symbols in the first element. * ... * * * For FakeSymbolTableImpl, each symbol is a single char, casted into a * uint8_t. For SymbolTableImpl, each symbol is 1 or more bytes, in a * variable-length encoding. See SymbolTableImpl::Encoding::addSymbol for * details. */ void moveStorageIntoList(SymbolTable::StoragePtr&& storage) { storage_ = std::move(storage); } SymbolTable::StoragePtr storage_; }; // Value-templatized hash-map with StatName key. template using StatNameHashMap = absl::flat_hash_map; // Hash-set of StatNames using StatNameHashSet = absl::flat_hash_set; // Helper class for sorting StatNames. struct StatNameLessThan { StatNameLessThan(const SymbolTable& symbol_table) : symbol_table_(symbol_table) {} bool operator()(const StatName& a, const StatName& b) const { return symbol_table_.lessThan(a, b); } const SymbolTable& symbol_table_; }; struct HeterogeneousStatNameHash { // Specifying is_transparent indicates to the library infrastructure that // type-conversions should not be applied when calling find(), but instead // pass the actual types of the contained and searched-for objects directly to // these functors. See // https://en.cppreference.com/w/cpp/utility/functional/less_void for an // official reference, and https://abseil.io/tips/144 for a description of // using it in the context of absl. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(StatName a) const { return a.hash(); } size_t operator()(const StatNameStorage& a) const { return a.statName().hash(); } }; struct HeterogeneousStatNameEqual { // See description for HeterogeneousStatNameHash::is_transparent. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(StatName a, StatName b) const { return a == b; } size_t operator()(const StatNameStorage& a, const StatNameStorage& b) const { return a.statName() == b.statName(); } size_t operator()(StatName a, const StatNameStorage& b) const { return a == b.statName(); } size_t operator()(const StatNameStorage& a, StatName b) const { return a.statName() == b; } }; // Encapsulates a set. We use containment here rather than a // 'using' alias because we need to ensure that when the set is destructed, // StatNameStorage::free(symbol_table) is called on each entry. It is a little // easier at the call-sites in thread_local_store.cc to implement this an // explicit free() method, analogous to StatNameStorage::free(), compared to // storing a SymbolTable reference in the class and doing the free in the // destructor, like StatNameManagedStorage. class StatNameStorageSet { public: using HashSet = absl::flat_hash_set; using Iterator = HashSet::iterator; ~StatNameStorageSet(); /** * Releases all symbols held in this set. Must be called prior to destruction. * * @param symbol_table The symbol table that owns the symbols. */ void free(SymbolTable& symbol_table); /** * @param storage The StatNameStorage to add to the set. */ std::pair insert(StatNameStorage&& storage) { return hash_set_.insert(std::move(storage)); } /** * @param stat_name The stat_name to find. * @return the iterator pointing to the stat_name, or end() if not found. */ Iterator find(StatName stat_name) { return hash_set_.find(stat_name); } /** * @return the end-marker. */ Iterator end() { return hash_set_.end(); } /** * @return the number of elements in the set. */ size_t size() const { return hash_set_.size(); } private: HashSet hash_set_; }; // Captures StatNames for lookup by string, keeping a map of 'built-ins' that is // expected to be populated during initialization. // // Ideally, builtins should be added during process initialization, in the // outermost relevant context. And as the builtins map is not mutex protected, // builtins must *not* be added to an existing StatNameSet in the request-path. // // It is fine to populate a new StatNameSet when (for example) an xDS // message reveals a new set of names to be used as stats. The population must // be completed prior to exposing the new StatNameSet to worker threads. // // To create stats using names discovered in the request path, dynamic stat // names must be used (see StatNameDynamicStorage). Consider using helper // methods such as Stats::Utility::counterFromElements in common/stats/utility.h // to simplify the process of allocating and combining stat names and creating // counters, gauges, and histograms from them. class StatNameSet { public: // This object must be instantiated via SymbolTable::makeSet(), thus constructor is private. /** * Adds a string to the builtin map, which is not mutex protected. This map is * always consulted first as a hit there means no lock is required. * * Builtins can only be added immediately after construction, as the builtins * map is not mutex-protected. */ void rememberBuiltin(absl::string_view str); /** * Remembers every string in a container as builtins. */ template void rememberBuiltins(const StringContainer& container) { for (const auto& str : container) { rememberBuiltin(str); } } void rememberBuiltins(const std::vector& container) { rememberBuiltins>(container); } /** * Finds a builtin StatName by name. If the builtin has not been registered, * then the fallback is returned. * * @return the StatName or fallback. */ StatName getBuiltin(absl::string_view token, StatName fallback) const; /** * Adds a StatName using the pool, but without remembering it in any maps. * * For convenience, StatNameSet offers pass-through thread-safe access to * its mutex-protected pool. This is useful in constructor initializers, when * StatNames are needed both from compile-time constants, as well as from * other constructor args, e.g. * MyClass(const std::vector& strings, Stats::SymbolTable& symbol_table) * : stat_name_set_(symbol_table), * known_const_(stat_name_set_.add("known_const")) { // unmapped constants from pool * stat_name_set_.rememberBuiltins(strings); // mapped builtins. * } * This avoids the need to make two different pools; one backing the * StatNameSet mapped entries, and the other backing the set passed in via the * constructor. * * @param str The string to add as a StatName * @return The StatName for str. */ StatName add(absl::string_view str) { absl::MutexLock lock(&mutex_); return pool_.add(str); } private: friend class FakeSymbolTableImpl; friend class SymbolTableImpl; StatNameSet(SymbolTable& symbol_table, absl::string_view name); const std::string name_; Stats::SymbolTable& symbol_table_; Stats::StatNamePool pool_ ABSL_GUARDED_BY(mutex_); mutable absl::Mutex mutex_; using StringStatNameMap = absl::flat_hash_map; StringStatNameMap builtin_stat_names_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_extractor_impl.cc ================================================ #include "common/stats/tag_extractor_impl.h" #include #include #include "envoy/common/exception.h" #include "common/common/fmt.h" #include "common/common/perf_annotation.h" #include "common/common/regex.h" #include "absl/strings/ascii.h" #include "absl/strings/match.h" namespace Envoy { namespace Stats { namespace { bool regexStartsWithDot(absl::string_view regex) { return absl::StartsWith(regex, "\\.") || absl::StartsWith(regex, "(?=\\.)"); } } // namespace TagExtractorImpl::TagExtractorImpl(const std::string& name, const std::string& regex, const std::string& substr) : name_(name), prefix_(std::string(extractRegexPrefix(regex))), substr_(substr), regex_(Regex::Utility::parseStdRegex(regex)) {} std::string TagExtractorImpl::extractRegexPrefix(absl::string_view regex) { std::string prefix; if (absl::StartsWith(regex, "^")) { for (absl::string_view::size_type i = 1; i < regex.size(); ++i) { if (!absl::ascii_isalnum(regex[i]) && (regex[i] != '_')) { if (i > 1) { const bool last_char = i == regex.size() - 1; if ((!last_char && regexStartsWithDot(regex.substr(i))) || (last_char && (regex[i] == '$'))) { prefix.append(regex.data() + 1, i - 1); } } break; } } } return prefix; } TagExtractorPtr TagExtractorImpl::createTagExtractor(const std::string& name, const std::string& regex, const std::string& substr) { if (name.empty()) { throw EnvoyException("tag_name cannot be empty"); } if (regex.empty()) { throw EnvoyException(fmt::format( "No regex specified for tag specifier and no default regex for name: '{}'", name)); } return TagExtractorPtr{new TagExtractorImpl(name, regex, substr)}; } bool TagExtractorImpl::substrMismatch(absl::string_view stat_name) const { return !substr_.empty() && stat_name.find(substr_) == absl::string_view::npos; } bool TagExtractorImpl::extractTag(absl::string_view stat_name, TagVector& tags, IntervalSet& remove_characters) const { PERF_OPERATION(perf); if (substrMismatch(stat_name)) { PERF_RECORD(perf, "re-skip-substr", name_); return false; } std::match_results match; // The regex must match and contain one or more subexpressions (all after the first are ignored). if (std::regex_search(stat_name.begin(), stat_name.end(), match, regex_) && match.size() > 1) { // remove_subexpr is the first submatch. It represents the portion of the string to be removed. const auto& remove_subexpr = match[1]; // value_subexpr is the optional second submatch. It is usually inside the first submatch // (remove_subexpr) to allow the expression to strip off extra characters that should be removed // from the string but also not necessary in the tag value ("." for example). If there is no // second submatch, then the value_subexpr is the same as the remove_subexpr. const auto& value_subexpr = match.size() > 2 ? match[2] : remove_subexpr; tags.emplace_back(); Tag& tag = tags.back(); tag.name_ = name_; tag.value_ = value_subexpr.str(); // Determines which characters to remove from stat_name to elide remove_subexpr. std::string::size_type start = remove_subexpr.first - stat_name.begin(); std::string::size_type end = remove_subexpr.second - stat_name.begin(); remove_characters.insert(start, end); PERF_RECORD(perf, "re-match", name_); return true; } PERF_RECORD(perf, "re-miss", name_); return false; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_extractor_impl.h ================================================ #pragma once #include #include #include #include "envoy/stats/tag_extractor.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { class TagExtractorImpl : public TagExtractor { public: /** * Creates a tag extractor from the regex provided. name and regex must be non-empty. * @param name name for tag extractor. * @param regex regex expression. * @param substr a substring that -- if provided -- must be present in a stat name * in order to match the regex. This is an optional performance tweak * to avoid large numbers of failed regex lookups. * @return TagExtractorPtr newly constructed TagExtractor. */ static TagExtractorPtr createTagExtractor(const std::string& name, const std::string& regex, const std::string& substr = ""); TagExtractorImpl(const std::string& name, const std::string& regex, const std::string& substr = ""); std::string name() const override { return name_; } bool extractTag(absl::string_view tag_extracted_name, TagVector& tags, IntervalSet& remove_characters) const override; absl::string_view prefixToken() const override { return prefix_; } /** * @param stat_name The stat name * @return bool indicates whether tag extraction should be skipped for this stat_name due * to a substring mismatch. */ bool substrMismatch(absl::string_view stat_name) const; private: /** * Examines a regex string, looking for the pattern: ^alphanumerics_with_underscores\. * Returns "alphanumerics_with_underscores" if that pattern is found, empty-string otherwise. * @param regex absl::string_view the regex to scan for prefixes. * @return std::string the prefix, or "" if no prefix found. */ static std::string extractRegexPrefix(absl::string_view regex); const std::string name_; const std::string prefix_; const std::string substr_; const std::regex regex_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_producer_impl.cc ================================================ #include "common/stats/tag_producer_impl.h" #include #include "envoy/common/exception.h" #include "envoy/config/metrics/v3/stats.pb.h" #include "common/common/utility.h" #include "common/stats/tag_extractor_impl.h" namespace Envoy { namespace Stats { TagProducerImpl::TagProducerImpl(const envoy::config::metrics::v3::StatsConfig& config) { // To check name conflict. reserveResources(config); absl::node_hash_set names = addDefaultExtractors(config); for (const auto& tag_specifier : config.stats_tags()) { const std::string& name = tag_specifier.tag_name(); if (!names.emplace(name).second) { throw EnvoyException(fmt::format("Tag name '{}' specified twice.", name)); } // If no tag value is found, fallback to default regex to keep backward compatibility. if (tag_specifier.tag_value_case() == envoy::config::metrics::v3::TagSpecifier::TagValueCase::TAG_VALUE_NOT_SET || tag_specifier.tag_value_case() == envoy::config::metrics::v3::TagSpecifier::TagValueCase::kRegex) { if (tag_specifier.regex().empty()) { if (addExtractorsMatching(name) == 0) { throw EnvoyException(fmt::format( "No regex specified for tag specifier and no default regex for name: '{}'", name)); } } else { addExtractor(Stats::TagExtractorImpl::createTagExtractor(name, tag_specifier.regex())); } } else if (tag_specifier.tag_value_case() == envoy::config::metrics::v3::TagSpecifier::TagValueCase::kFixedValue) { default_tags_.emplace_back(Stats::Tag{name, tag_specifier.fixed_value()}); } } } int TagProducerImpl::addExtractorsMatching(absl::string_view name) { int num_found = 0; for (const auto& desc : Config::TagNames::get().descriptorVec()) { if (desc.name_ == name) { addExtractor( Stats::TagExtractorImpl::createTagExtractor(desc.name_, desc.regex_, desc.substr_)); ++num_found; } } return num_found; } void TagProducerImpl::addExtractor(TagExtractorPtr extractor) { const absl::string_view prefix = extractor->prefixToken(); if (prefix.empty()) { tag_extractors_without_prefix_.emplace_back(std::move(extractor)); } else { tag_extractor_prefix_map_[prefix].emplace_back(std::move(extractor)); } } void TagProducerImpl::forEachExtractorMatching( absl::string_view stat_name, std::function f) const { IntervalSetImpl remove_characters; for (const TagExtractorPtr& tag_extractor : tag_extractors_without_prefix_) { f(tag_extractor); } const absl::string_view::size_type dot = stat_name.find('.'); if (dot != std::string::npos) { const absl::string_view token = absl::string_view(stat_name.data(), dot); const auto iter = tag_extractor_prefix_map_.find(token); if (iter != tag_extractor_prefix_map_.end()) { for (const TagExtractorPtr& tag_extractor : iter->second) { f(tag_extractor); } } } } std::string TagProducerImpl::produceTags(absl::string_view metric_name, TagVector& tags) const { // TODO(jmarantz): Skip the creation of string-based tags, creating a StatNameTagVector instead. tags.insert(tags.end(), default_tags_.begin(), default_tags_.end()); IntervalSetImpl remove_characters; forEachExtractorMatching( metric_name, [&remove_characters, &tags, &metric_name](const TagExtractorPtr& tag_extractor) { tag_extractor->extractTag(metric_name, tags, remove_characters); }); return StringUtil::removeCharacters(metric_name, remove_characters); } void TagProducerImpl::reserveResources(const envoy::config::metrics::v3::StatsConfig& config) { default_tags_.reserve(config.stats_tags().size()); } absl::node_hash_set TagProducerImpl::addDefaultExtractors(const envoy::config::metrics::v3::StatsConfig& config) { absl::node_hash_set names; if (!config.has_use_all_default_tags() || config.use_all_default_tags().value()) { for (const auto& desc : Config::TagNames::get().descriptorVec()) { names.emplace(desc.name_); addExtractor( Stats::TagExtractorImpl::createTagExtractor(desc.name_, desc.regex_, desc.substr_)); } } return names; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_producer_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/stats/tag_extractor.h" #include "envoy/stats/tag_producer.h" #include "common/common/hash.h" #include "common/common/utility.h" #include "common/config/well_known_names.h" #include "common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_set.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Stats { /** * Organizes a collection of TagExtractors so that stat-names can be processed without * iterating through all extractors. */ class TagProducerImpl : public TagProducer { public: TagProducerImpl(const envoy::config::metrics::v3::StatsConfig& config); TagProducerImpl() = default; /** * Take a metric name and a vector then add proper tags into the vector and * return an extracted metric name. * @param metric_name std::string a name of Stats::Metric (Counter, Gauge, Histogram). * @param tags std::vector a set of Stats::Tag. */ std::string produceTags(absl::string_view metric_name, TagVector& tags) const override; private: friend class DefaultTagRegexTester; /** * Adds a TagExtractor to the collection of tags, tracking prefixes to help make * produceTags run efficiently by trying only extractors that have a chance to match. * @param extractor TagExtractorPtr the extractor to add. */ void addExtractor(TagExtractorPtr extractor); /** * Adds all default extractors matching the specified tag name. In this model, * more than one TagExtractor can be used to generate a given tag. The default * extractors are specified in common/config/well_known_names.cc. * @param name absl::string_view the extractor to add. * @return int the number of matching extractors. */ int addExtractorsMatching(absl::string_view name); /** * Roughly estimate the size of the vectors. * @param config const envoy::config::metrics::v2::StatsConfig& the config. */ void reserveResources(const envoy::config::metrics::v3::StatsConfig& config); /** * Adds all default extractors from well_known_names.cc into the * collection. Returns a set of names of all default extractors * into a string-set for dup-detection against new stat names * specified in the configuration. * @param config const envoy::config::metrics::v2::StatsConfig& the config. * @return names absl::node_hash_set the set of names to populate */ absl::node_hash_set addDefaultExtractors(const envoy::config::metrics::v3::StatsConfig& config); /** * Iterates over every tag extractor that might possibly match stat_name, calling * callback f for each one. This is broken out this way to reduce code redundancy * during testing, where we want to verify that extraction is order-independent. * The possibly-matching-extractors list is computed by: * 1. Finding the first '.' separated token in stat_name. * 2. Collecting the TagExtractors whose regexes have that same prefix "^prefix\\." * 3. Collecting also the TagExtractors whose regexes don't start with any prefix. * In the future, we may also do substring searches in some cases. * See DefaultTagRegexTester::produceTagsReverse in test/common/stats/stats_impl_test.cc. * * @param stat_name const std::string& the stat name. * @param f std::function function to call for each extractor. */ void forEachExtractorMatching(absl::string_view stat_name, std::function f) const; std::vector tag_extractors_without_prefix_; // Maps a prefix word extracted out of a regex to a vector of TagExtractors. Note that // the storage for the prefix string is owned by the TagExtractor, which, depending on // implementation, may need make a copy of the prefix. absl::flat_hash_map> tag_extractor_prefix_map_; TagVector default_tags_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_utility.cc ================================================ #include "common/stats/tag_utility.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { namespace TagUtility { TagStatNameJoiner::TagStatNameJoiner(StatName prefix, StatName stat_name, StatNameTagVectorOptConstRef stat_name_tags, SymbolTable& symbol_table) { prefix_storage_ = symbol_table.join({prefix, stat_name}); tag_extracted_name_ = StatName(prefix_storage_.get()); if (stat_name_tags) { full_name_storage_ = joinNameAndTags(StatName(prefix_storage_.get()), *stat_name_tags, symbol_table); name_with_tags_ = StatName(full_name_storage_.get()); } else { name_with_tags_ = StatName(prefix_storage_.get()); } } TagStatNameJoiner::TagStatNameJoiner(StatName stat_name, StatNameTagVectorOptConstRef stat_name_tags, SymbolTable& symbol_table) { tag_extracted_name_ = stat_name; if (stat_name_tags) { full_name_storage_ = joinNameAndTags(stat_name, *stat_name_tags, symbol_table); name_with_tags_ = StatName(full_name_storage_.get()); } else { name_with_tags_ = stat_name; } } SymbolTable::StoragePtr TagStatNameJoiner::joinNameAndTags(StatName name, const StatNameTagVector& tags, SymbolTable& symbol_table) { StatNameVec stat_names; stat_names.reserve(1 + 2 * tags.size()); stat_names.emplace_back(name); for (const auto& tag : tags) { stat_names.emplace_back(tag.first); stat_names.emplace_back(tag.second); } return symbol_table.join(stat_names); } } // namespace TagUtility } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/tag_utility.h ================================================ #pragma once #include "envoy/stats/symbol_table.h" #include "envoy/stats/tag.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { namespace TagUtility { /** * Combines a stat name with an optional set of tag to create the final stat name to use. The * resulting StatNames will be valid through the lifetime of this object and all provided stat * names. */ class TagStatNameJoiner { public: /** * Combines a prefix, stat name and tags into a single stat name. * @param prefix StaName the stat prefix to use. * @param name StaName the stat name to use. * @param stat_name_tags optionally StatNameTagVector the stat name tags to add to the stat name. */ TagStatNameJoiner(StatName prefix, StatName stat_name, StatNameTagVectorOptConstRef stat_name_tags, SymbolTable& symbol_table); /** * Combines a stat name and tags into a single stat name. * @param name StaName the stat name to use. * @param stat_name_tags StatNameTagVector the stat name tags to optionally add to the stat name. */ TagStatNameJoiner(StatName stat_name, StatNameTagVectorOptConstRef stat_name_tags, SymbolTable& symbol_table); /** * @return StatName the full stat name, including the tag suffix. */ StatName nameWithTags() const { return name_with_tags_; } /** * @return StatName the stat name without the tags appended. */ StatName tagExtractedName() const { return tag_extracted_name_; } private: // TODO(snowp): This isn't really "tag extracted", but we'll use this for the sake of consistency // until we can change the naming convention throughout. StatName tag_extracted_name_; SymbolTable::StoragePtr prefix_storage_; SymbolTable::StoragePtr full_name_storage_; StatName name_with_tags_; SymbolTable::StoragePtr joinNameAndTags(StatName name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table); }; } // namespace TagUtility } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/thread_local_store.cc ================================================ #include "common/stats/thread_local_store.h" #include #include #include #include #include #include "envoy/stats/allocator.h" #include "envoy/stats/histogram.h" #include "envoy/stats/sink.h" #include "envoy/stats/stats.h" #include "common/common/lock_guard.h" #include "common/stats/histogram_impl.h" #include "common/stats/stats_matcher_impl.h" #include "common/stats/tag_producer_impl.h" #include "common/stats/tag_utility.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Stats { const char ThreadLocalStoreImpl::MainDispatcherCleanupSync[] = "main-dispatcher-cleanup"; ThreadLocalStoreImpl::ThreadLocalStoreImpl(Allocator& alloc) : alloc_(alloc), default_scope_(ThreadLocalStoreImpl::createScope("")), tag_producer_(std::make_unique()), stats_matcher_(std::make_unique()), histogram_settings_(std::make_unique()), heap_allocator_(alloc.symbolTable()), null_counter_(alloc.symbolTable()), null_gauge_(alloc.symbolTable()), null_histogram_(alloc.symbolTable()), null_text_readout_(alloc.symbolTable()), well_known_tags_(alloc.symbolTable().makeSet("well_known_tags")) { for (const auto& desc : Config::TagNames::get().descriptorVec()) { well_known_tags_->rememberBuiltin(desc.name_); } } ThreadLocalStoreImpl::~ThreadLocalStoreImpl() { ASSERT(shutting_down_ || !threading_ever_initialized_); default_scope_.reset(); ASSERT(scopes_.empty()); } void ThreadLocalStoreImpl::setHistogramSettings(HistogramSettingsConstPtr&& histogram_settings) { Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { ASSERT(scope->central_cache_->histograms_.empty()); } histogram_settings_ = std::move(histogram_settings); } void ThreadLocalStoreImpl::setStatsMatcher(StatsMatcherPtr&& stats_matcher) { stats_matcher_ = std::move(stats_matcher); if (stats_matcher_->acceptsAll()) { return; } // The Filesystem and potentially other stat-registering objects are // constructed prior to the stat-matcher, and those add stats // in the default_scope. There should be no requests, so there will // be no copies in TLS caches. Thread::LockGuard lock(lock_); const uint32_t first_histogram_index = deleted_histograms_.size(); for (ScopeImpl* scope : scopes_) { removeRejectedStats(scope->central_cache_->counters_, deleted_counters_); removeRejectedStats(scope->central_cache_->gauges_, deleted_gauges_); removeRejectedStats(scope->central_cache_->histograms_, deleted_histograms_); removeRejectedStats(scope->central_cache_->text_readouts_, deleted_text_readouts_); } // Remove any newly rejected histograms from histogram_set_. { Thread::LockGuard hist_lock(hist_mutex_); for (uint32_t i = first_histogram_index; i < deleted_histograms_.size(); ++i) { uint32_t erased = histogram_set_.erase(deleted_histograms_[i].get()); ASSERT(erased == 1); } } } template void ThreadLocalStoreImpl::removeRejectedStats(StatMapClass& map, StatListClass& list) { StatNameVec remove_list; for (auto& stat : map) { if (rejects(stat.first)) { remove_list.push_back(stat.first); } } for (StatName stat_name : remove_list) { auto iter = map.find(stat_name); ASSERT(iter != map.end()); list.push_back(iter->second); // Save SharedPtr to the list to avoid invalidating refs to stat. map.erase(iter); } } bool ThreadLocalStoreImpl::rejects(StatName stat_name) const { ASSERT(!stats_matcher_->acceptsAll()); // TODO(ambuc): If stats_matcher_ depends on regexes, this operation (on the // hot path) could become prohibitively expensive. Revisit this usage in the // future. // // Also note that the elaboration of the stat-name into a string is expensive, // so I think it might be better to move the matcher test until after caching, // unless its acceptsAll/rejectsAll. return stats_matcher_->rejectsAll() || stats_matcher_->rejects(constSymbolTable().toString(stat_name)); } std::vector ThreadLocalStoreImpl::counters() const { // Handle de-dup due to overlapping scopes. std::vector ret; StatNameHashSet names; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { for (auto& counter : scope->central_cache_->counters_) { if (names.insert(counter.first).second) { ret.push_back(counter.second); } } } return ret; } ScopePtr ThreadLocalStoreImpl::createScope(const std::string& name) { auto new_scope = std::make_unique(*this, name); Thread::LockGuard lock(lock_); scopes_.emplace(new_scope.get()); return new_scope; } std::vector ThreadLocalStoreImpl::gauges() const { // Handle de-dup due to overlapping scopes. std::vector ret; StatNameHashSet names; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { for (auto& gauge_iter : scope->central_cache_->gauges_) { const GaugeSharedPtr& gauge = gauge_iter.second; if (gauge->importMode() != Gauge::ImportMode::Uninitialized && names.insert(gauge_iter.first).second) { ret.push_back(gauge); } } } return ret; } std::vector ThreadLocalStoreImpl::textReadouts() const { // Handle de-dup due to overlapping scopes. std::vector ret; StatNameHashSet names; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { for (auto& text_readout : scope->central_cache_->text_readouts_) { if (names.insert(text_readout.first).second) { ret.push_back(text_readout.second); } } } return ret; } std::vector ThreadLocalStoreImpl::histograms() const { std::vector ret; Thread::LockGuard lock(hist_mutex_); { ret.reserve(histogram_set_.size()); for (const auto& histogram_ptr : histogram_set_) { ret.emplace_back(histogram_ptr); } } return ret; } void ThreadLocalStoreImpl::initializeThreading(Event::Dispatcher& main_thread_dispatcher, ThreadLocal::Instance& tls) { threading_ever_initialized_ = true; main_thread_dispatcher_ = &main_thread_dispatcher; tls_ = tls.allocateSlot(); tls_->set([](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(); }); } void ThreadLocalStoreImpl::shutdownThreading() { // This will block both future cache fills as well as cache flushes. shutting_down_ = true; Thread::LockGuard lock(hist_mutex_); for (ParentHistogramImpl* histogram : histogram_set_) { histogram->setShuttingDown(true); } histogram_set_.clear(); } void ThreadLocalStoreImpl::mergeHistograms(PostMergeCb merge_complete_cb) { if (!shutting_down_) { ASSERT(!merge_in_progress_); merge_in_progress_ = true; tls_->runOnAllThreads( [](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { for (const auto& id_hist : object->asType().tls_histogram_cache_) { const TlsHistogramSharedPtr& tls_hist = id_hist.second; tls_hist->beginMerge(); } return object; }, [this, merge_complete_cb]() -> void { mergeInternal(merge_complete_cb); }); } else { // If server is shutting down, just call the callback to allow flush to continue. merge_complete_cb(); } } void ThreadLocalStoreImpl::mergeInternal(PostMergeCb merge_complete_cb) { if (!shutting_down_) { for (const ParentHistogramSharedPtr& histogram : histograms()) { histogram->merge(); } merge_complete_cb(); merge_in_progress_ = false; } } ThreadLocalStoreImpl::CentralCacheEntry::~CentralCacheEntry() { // Assert that the symbol-table is valid, so we get good test coverage of // the validity of the symbol table at the time this destructor runs. This // is because many tests will not populate rejected_stats_. ASSERT(symbol_table_.toString(StatNameManagedStorage("Hello.world", symbol_table_).statName()) == "Hello.world"); rejected_stats_.free(symbol_table_); } void ThreadLocalStoreImpl::releaseScopeCrossThread(ScopeImpl* scope) { Thread::ReleasableLockGuard lock(lock_); ASSERT(scopes_.count(scope) == 1); scopes_.erase(scope); // This method is called directly from the ScopeImpl destructor, but we can't // destroy scope->central_cache_ until all the TLS caches are be destroyed, as // the TLS caches reference the Counters and Gauges owned by the central // cache. We don't want the maps in the TLS caches to bump the // reference-count, as decrementing the count requires an allocator lock, // which would cause a storm of contention during scope destruction. // // So instead we have a 2-phase destroy: // 1. destroy all the TLS caches // 2. destroy the central cache. // // Since this is called from ScopeImpl's destructor, we must bump the // ref-count of the central-cache by copying to a local scoped pointer, and // keep that reference alive until all the TLS caches are clear. CentralCacheEntrySharedPtr central_cache = scope->central_cache_; // This can happen from any thread. We post() back to the main thread which will initiate the // cache flush operation. if (!shutting_down_ && main_thread_dispatcher_) { const uint64_t scope_id = scope->scope_id_; lock.release(); // TODO(jmarantz): consider batching all the scope IDs that should be // cleared from TLS caches to reduce bursts of runOnAllThreads on a large // config update. See the pattern below used for histograms. main_thread_dispatcher_->post([this, central_cache, scope_id]() { sync_.syncPoint(MainDispatcherCleanupSync); clearScopeFromCaches(scope_id, central_cache); }); } } void ThreadLocalStoreImpl::releaseHistogramCrossThread(uint64_t histogram_id) { // This can happen from any thread. We post() back to the main thread which will initiate the // cache flush operation. if (!shutting_down_ && main_thread_dispatcher_) { main_thread_dispatcher_->post( [this, histogram_id]() { clearHistogramFromCaches(histogram_id); }); } } ThreadLocalStoreImpl::TlsCacheEntry& ThreadLocalStoreImpl::TlsCache::insertScope(uint64_t scope_id) { return scope_cache_[scope_id]; } void ThreadLocalStoreImpl::TlsCache::eraseScope(uint64_t scope_id) { scope_cache_.erase(scope_id); } void ThreadLocalStoreImpl::TlsCache::eraseHistogram(uint64_t histogram_id) { // This is called for every histogram in every thread, even though the // histogram may not have been cached in each thread yet. So we don't // want to check whether the erase() call erased anything. tls_histogram_cache_.erase(histogram_id); } void ThreadLocalStoreImpl::clearScopeFromCaches(uint64_t scope_id, CentralCacheEntrySharedPtr central_cache) { // If we are shutting down we no longer perform cache flushes as workers may be shutting down // at the same time. if (!shutting_down_) { // Perform a cache flush on all threads. tls_->runOnAllThreads( [scope_id](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().eraseScope(scope_id); return object; }, [central_cache]() { /* Holds onto central_cache until all tls caches are clear */ }); } } void ThreadLocalStoreImpl::clearHistogramFromCaches(uint64_t histogram_id) { // If we are shutting down we no longer perform cache flushes as workers may be shutting down // at the same time. if (!shutting_down_) { // Perform a cache flush on all threads. // // TODO(jmarantz): If this cross-thread posting proves to be a performance // bottleneck, // https://gist.github.com/jmarantz/838cb6de7e74c0970ea6b63eded0139a // contains a patch that will implement batching together to clear multiple // histograms. tls_->runOnAllThreads([histogram_id](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().eraseHistogram(histogram_id); return object; }); } } ThreadLocalStoreImpl::ScopeImpl::ScopeImpl(ThreadLocalStoreImpl& parent, const std::string& prefix) : scope_id_(parent.next_scope_id_++), parent_(parent), prefix_(Utility::sanitizeStatsName(prefix), parent.alloc_.symbolTable()), central_cache_(new CentralCacheEntry(parent.alloc_.symbolTable())) {} ThreadLocalStoreImpl::ScopeImpl::~ScopeImpl() { parent_.releaseScopeCrossThread(this); prefix_.free(symbolTable()); } // Helper for managing the potential truncation of tags from the metric names and // converting them to StatName. Making the tag extraction optional within this class simplifies the // RAII ergonomics (as opposed to making the construction of this object conditional). // // The StatNameTagVector returned by this object will be valid as long as this object is in scope // and the provided stat_name_tags are valid. // // When tag extraction is not done, this class is just a passthrough for the provided name/tags. class StatNameTagHelper { public: StatNameTagHelper(ThreadLocalStoreImpl& tls, StatName name, const absl::optional& stat_name_tags) : pool_(tls.symbolTable()), stat_name_tags_(stat_name_tags.value_or(StatNameTagVector())) { if (!stat_name_tags) { TagVector tags; tls.symbolTable().callWithStringView(name, [&tags, &tls, this](absl::string_view name_str) { tag_extracted_name_ = pool_.add(tls.tagProducer().produceTags(name_str, tags)); }); StatName empty; for (const auto& tag : tags) { StatName tag_name = tls.wellKnownTags().getBuiltin(tag.name_, empty); if (tag_name.empty()) { tag_name = pool_.add(tag.name_); } stat_name_tags_.emplace_back(tag_name, pool_.add(tag.value_)); } } else { tag_extracted_name_ = name; } } const StatNameTagVector& statNameTags() const { return stat_name_tags_; } StatName tagExtractedName() const { return tag_extracted_name_; } private: StatNamePool pool_; StatNameTagVector stat_name_tags_; StatName tag_extracted_name_; }; bool ThreadLocalStoreImpl::checkAndRememberRejection(StatName name, StatNameStorageSet& central_rejected_stats, StatNameHashSet* tls_rejected_stats) { if (stats_matcher_->acceptsAll()) { return false; } auto iter = central_rejected_stats.find(name); const StatNameStorage* rejected_name = nullptr; if (iter != central_rejected_stats.end()) { rejected_name = &(*iter); } else { if (rejects(name)) { auto insertion = central_rejected_stats.insert(StatNameStorage(name, symbolTable())); const StatNameStorage& rejected_name_ref = *(insertion.first); rejected_name = &rejected_name_ref; } } if (rejected_name != nullptr) { if (tls_rejected_stats != nullptr) { tls_rejected_stats->insert(rejected_name->statName()); } return true; } return false; } template StatType& ThreadLocalStoreImpl::ScopeImpl::safeMakeStat( StatName full_stat_name, StatName name_no_tags, const absl::optional& stat_name_tags, StatNameHashMap>& central_cache_map, StatNameStorageSet& central_rejected_stats, MakeStatFn make_stat, StatRefMap* tls_cache, StatNameHashSet* tls_rejected_stats, StatType& null_stat) { if (tls_rejected_stats != nullptr && tls_rejected_stats->find(full_stat_name) != tls_rejected_stats->end()) { return null_stat; } // If we have a valid cache entry, return it. if (tls_cache) { auto pos = tls_cache->find(full_stat_name); if (pos != tls_cache->end()) { return pos->second; } } // We must now look in the central store so we must be locked. We grab a reference to the // central store location. It might contain nothing. In this case, we allocate a new stat. Thread::LockGuard lock(parent_.lock_); auto iter = central_cache_map.find(full_stat_name); RefcountPtr* central_ref = nullptr; if (iter != central_cache_map.end()) { central_ref = &(iter->second); } else if (parent_.checkAndRememberRejection(full_stat_name, central_rejected_stats, tls_rejected_stats)) { return null_stat; } else { StatNameTagHelper tag_helper(parent_, name_no_tags, stat_name_tags); RefcountPtr stat = make_stat( parent_.alloc_, full_stat_name, tag_helper.tagExtractedName(), tag_helper.statNameTags()); ASSERT(stat != nullptr); central_ref = ¢ral_cache_map[stat->statName()]; *central_ref = stat; } // If we have a TLS cache, insert the stat. StatType& ret = **central_ref; if (tls_cache) { tls_cache->insert(std::make_pair(ret.statName(), std::reference_wrapper(ret))); } // Finally we return the reference. return ret; } template using StatTypeOptConstRef = absl::optional>; template StatTypeOptConstRef ThreadLocalStoreImpl::ScopeImpl::findStatLockHeld( StatName name, StatNameHashMap>& central_cache_map) const { auto iter = central_cache_map.find(name); if (iter == central_cache_map.end()) { return absl::nullopt; } return std::cref(*iter->second); } Counter& ThreadLocalStoreImpl::ScopeImpl::counterFromStatNameWithTags( const StatName& name, StatNameTagVectorOptConstRef stat_name_tags) { if (parent_.rejectsAll()) { return parent_.null_counter_; } // Determine the final name based on the prefix and the passed name. // // Note that we can do map.find(final_name.c_str()), but we cannot do // map[final_name.c_str()] as the char*-keyed maps would then save the pointer // to a temporary, and address sanitization errors would follow. Instead we // must do a find() first, using the value if it succeeds. If it fails, then // after we construct the stat we can insert it into the required maps. This // strategy costs an extra hash lookup for each miss, but saves time // re-copying the string and significant memory overhead. TagUtility::TagStatNameJoiner joiner(prefix_.statName(), name, stat_name_tags, symbolTable()); Stats::StatName final_stat_name = joiner.nameWithTags(); // We now find the TLS cache. This might remain null if we don't have TLS // initialized currently. StatRefMap* tls_cache = nullptr; StatNameHashSet* tls_rejected_stats = nullptr; if (!parent_.shutting_down_ && parent_.tls_) { TlsCacheEntry& entry = parent_.tls_->getTyped().insertScope(this->scope_id_); tls_cache = &entry.counters_; tls_rejected_stats = &entry.rejected_stats_; } return safeMakeStat( final_stat_name, joiner.tagExtractedName(), stat_name_tags, central_cache_->counters_, central_cache_->rejected_stats_, [](Allocator& allocator, StatName name, StatName tag_extracted_name, const StatNameTagVector& tags) -> CounterSharedPtr { return allocator.makeCounter(name, tag_extracted_name, tags); }, tls_cache, tls_rejected_stats, parent_.null_counter_); } void ThreadLocalStoreImpl::ScopeImpl::deliverHistogramToSinks(const Histogram& histogram, uint64_t value) { // Thread local deliveries must be blocked outright for histograms and timers during shutdown. // This is because the sinks may end up trying to create new connections via the thread local // cluster manager which may already be destroyed (there is no way to sequence this because the // cluster manager destroying can create deliveries). We special case this explicitly to avoid // having to implement a shutdown() method (or similar) on every TLS object. if (parent_.shutting_down_) { return; } for (Sink& sink : parent_.timer_sinks_) { sink.onHistogramComplete(histogram, value); } } Gauge& ThreadLocalStoreImpl::ScopeImpl::gaugeFromStatNameWithTags( const StatName& name, StatNameTagVectorOptConstRef stat_name_tags, Gauge::ImportMode import_mode) { if (parent_.rejectsAll()) { return parent_.null_gauge_; } // See comments in counter(). There is no super clean way (via templates or otherwise) to // share this code so I'm leaving it largely duplicated for now. // // Note that we can do map.find(final_name.c_str()), but we cannot do // map[final_name.c_str()] as the char*-keyed maps would then save the pointer to // a temporary, and address sanitization errors would follow. Instead we must // do a find() first, using that if it succeeds. If it fails, then after we // construct the stat we can insert it into the required maps. TagUtility::TagStatNameJoiner joiner(prefix_.statName(), name, stat_name_tags, symbolTable()); StatName final_stat_name = joiner.nameWithTags(); StatRefMap* tls_cache = nullptr; StatNameHashSet* tls_rejected_stats = nullptr; if (!parent_.shutting_down_ && parent_.tls_) { TlsCacheEntry& entry = parent_.tls_->getTyped().scope_cache_[this->scope_id_]; tls_cache = &entry.gauges_; tls_rejected_stats = &entry.rejected_stats_; } Gauge& gauge = safeMakeStat( final_stat_name, joiner.tagExtractedName(), stat_name_tags, central_cache_->gauges_, central_cache_->rejected_stats_, [import_mode](Allocator& allocator, StatName name, StatName tag_extracted_name, const StatNameTagVector& tags) -> GaugeSharedPtr { return allocator.makeGauge(name, tag_extracted_name, tags, import_mode); }, tls_cache, tls_rejected_stats, parent_.null_gauge_); gauge.mergeImportMode(import_mode); return gauge; } Histogram& ThreadLocalStoreImpl::ScopeImpl::histogramFromStatNameWithTags( const StatName& name, StatNameTagVectorOptConstRef stat_name_tags, Histogram::Unit unit) { if (parent_.rejectsAll()) { return parent_.null_histogram_; } // See comments in counter(). There is no super clean way (via templates or otherwise) to // share this code so I'm leaving it largely duplicated for now. // // Note that we can do map.find(final_name.c_str()), but we cannot do // map[final_name.c_str()] as the char*-keyed maps would then save the pointer to // a temporary, and address sanitization errors would follow. Instead we must // do a find() first, using that if it succeeds. If it fails, then after we // construct the stat we can insert it into the required maps. TagUtility::TagStatNameJoiner joiner(prefix_.statName(), name, stat_name_tags, symbolTable()); StatName final_stat_name = joiner.nameWithTags(); StatNameHashMap* tls_cache = nullptr; StatNameHashSet* tls_rejected_stats = nullptr; if (!parent_.shutting_down_ && parent_.tls_) { TlsCacheEntry& entry = parent_.tls_->getTyped().scope_cache_[this->scope_id_]; tls_cache = &entry.parent_histograms_; auto iter = tls_cache->find(final_stat_name); if (iter != tls_cache->end()) { return *iter->second; } tls_rejected_stats = &entry.rejected_stats_; if (tls_rejected_stats->find(final_stat_name) != tls_rejected_stats->end()) { return parent_.null_histogram_; } } Thread::LockGuard lock(parent_.lock_); auto iter = central_cache_->histograms_.find(final_stat_name); ParentHistogramImplSharedPtr* central_ref = nullptr; if (iter != central_cache_->histograms_.end()) { central_ref = &iter->second; } else if (parent_.checkAndRememberRejection(final_stat_name, central_cache_->rejected_stats_, tls_rejected_stats)) { return parent_.null_histogram_; } else { StatNameTagHelper tag_helper(parent_, joiner.tagExtractedName(), stat_name_tags); ConstSupportedBuckets* buckets = nullptr; symbolTable().callWithStringView(final_stat_name, [&buckets, this](absl::string_view stat_name) { buckets = &parent_.histogram_settings_->buckets(stat_name); }); RefcountPtr stat; { Thread::LockGuard lock(parent_.hist_mutex_); auto iter = parent_.histogram_set_.find(final_stat_name); if (iter != parent_.histogram_set_.end()) { stat = RefcountPtr(*iter); } else { stat = new ParentHistogramImpl(final_stat_name, unit, parent_, tag_helper.tagExtractedName(), tag_helper.statNameTags(), *buckets, parent_.next_histogram_id_++); if (!parent_.shutting_down_) { parent_.histogram_set_.insert(stat.get()); } } } central_ref = ¢ral_cache_->histograms_[stat->statName()]; *central_ref = stat; } if (tls_cache != nullptr) { tls_cache->insert(std::make_pair((*central_ref)->statName(), *central_ref)); } return **central_ref; } TextReadout& ThreadLocalStoreImpl::ScopeImpl::textReadoutFromStatNameWithTags( const StatName& name, StatNameTagVectorOptConstRef stat_name_tags) { if (parent_.rejectsAll()) { return parent_.null_text_readout_; } // Determine the final name based on the prefix and the passed name. // // Note that we can do map.find(final_name.c_str()), but we cannot do // map[final_name.c_str()] as the char*-keyed maps would then save the pointer // to a temporary, and address sanitization errors would follow. Instead we // must do a find() first, using the value if it succeeds. If it fails, then // after we construct the stat we can insert it into the required maps. This // strategy costs an extra hash lookup for each miss, but saves time // re-copying the string and significant memory overhead. TagUtility::TagStatNameJoiner joiner(prefix_.statName(), name, stat_name_tags, symbolTable()); Stats::StatName final_stat_name = joiner.nameWithTags(); // We now find the TLS cache. This might remain null if we don't have TLS // initialized currently. StatRefMap* tls_cache = nullptr; StatNameHashSet* tls_rejected_stats = nullptr; if (!parent_.shutting_down_ && parent_.tls_) { TlsCacheEntry& entry = parent_.tls_->getTyped().insertScope(this->scope_id_); tls_cache = &entry.text_readouts_; tls_rejected_stats = &entry.rejected_stats_; } return safeMakeStat( final_stat_name, joiner.tagExtractedName(), stat_name_tags, central_cache_->text_readouts_, central_cache_->rejected_stats_, [](Allocator& allocator, StatName name, StatName tag_extracted_name, const StatNameTagVector& tags) -> TextReadoutSharedPtr { return allocator.makeTextReadout(name, tag_extracted_name, tags); }, tls_cache, tls_rejected_stats, parent_.null_text_readout_); } CounterOptConstRef ThreadLocalStoreImpl::ScopeImpl::findCounter(StatName name) const { return findStatLockHeld(name, central_cache_->counters_); } GaugeOptConstRef ThreadLocalStoreImpl::ScopeImpl::findGauge(StatName name) const { return findStatLockHeld(name, central_cache_->gauges_); } HistogramOptConstRef ThreadLocalStoreImpl::ScopeImpl::findHistogram(StatName name) const { auto iter = central_cache_->histograms_.find(name); if (iter == central_cache_->histograms_.end()) { return absl::nullopt; } RefcountPtr histogram_ref(iter->second); return std::cref(*histogram_ref); } TextReadoutOptConstRef ThreadLocalStoreImpl::ScopeImpl::findTextReadout(StatName name) const { return findStatLockHeld(name, central_cache_->text_readouts_); } Histogram& ThreadLocalStoreImpl::tlsHistogram(ParentHistogramImpl& parent, uint64_t id) { // tlsHistogram() is generally not called for a histogram that is rejected by // the matcher, so no further rejection-checking is needed at this level. // TlsHistogram inherits its reject/accept status from ParentHistogram. // See comments in counterFromStatName() which explains the logic here. TlsHistogramSharedPtr* tls_histogram = nullptr; if (!shutting_down_ && tls_ != nullptr) { TlsCache& tls_cache = tls_->getTyped(); tls_histogram = &tls_cache.tls_histogram_cache_[id]; if (*tls_histogram != nullptr) { return **tls_histogram; } } StatNameTagHelper tag_helper(*this, parent.statName(), absl::nullopt); TlsHistogramSharedPtr hist_tls_ptr( new ThreadLocalHistogramImpl(parent.statName(), parent.unit(), tag_helper.tagExtractedName(), tag_helper.statNameTags(), symbolTable())); parent.addTlsHistogram(hist_tls_ptr); if (tls_histogram != nullptr) { *tls_histogram = hist_tls_ptr; } return *hist_tls_ptr; } ThreadLocalHistogramImpl::ThreadLocalHistogramImpl(StatName name, Histogram::Unit unit, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table) : HistogramImplHelper(name, tag_extracted_name, stat_name_tags, symbol_table), unit_(unit), current_active_(0), used_(false), created_thread_id_(std::this_thread::get_id()), symbol_table_(symbol_table) { histograms_[0] = hist_alloc(); histograms_[1] = hist_alloc(); } ThreadLocalHistogramImpl::~ThreadLocalHistogramImpl() { MetricImpl::clear(symbol_table_); hist_free(histograms_[0]); hist_free(histograms_[1]); } void ThreadLocalHistogramImpl::recordValue(uint64_t value) { ASSERT(std::this_thread::get_id() == created_thread_id_); hist_insert_intscale(histograms_[current_active_], value, 0, 1); used_ = true; } void ThreadLocalHistogramImpl::merge(histogram_t* target) { histogram_t** other_histogram = &histograms_[otherHistogramIndex()]; hist_accumulate(target, other_histogram, 1); hist_clear(*other_histogram); } ParentHistogramImpl::ParentHistogramImpl(StatName name, Histogram::Unit unit, ThreadLocalStoreImpl& thread_local_store, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, ConstSupportedBuckets& supported_buckets, uint64_t id) : MetricImpl(name, tag_extracted_name, stat_name_tags, thread_local_store.symbolTable()), unit_(unit), thread_local_store_(thread_local_store), interval_histogram_(hist_alloc()), cumulative_histogram_(hist_alloc()), interval_statistics_(interval_histogram_, supported_buckets), cumulative_statistics_(cumulative_histogram_, supported_buckets), merged_(false), id_(id) {} ParentHistogramImpl::~ParentHistogramImpl() { thread_local_store_.releaseHistogramCrossThread(id_); ASSERT(ref_count_ == 0); MetricImpl::clear(thread_local_store_.symbolTable()); hist_free(interval_histogram_); hist_free(cumulative_histogram_); } void ParentHistogramImpl::incRefCount() { ++ref_count_; } bool ParentHistogramImpl::decRefCount() { bool ret; if (shutting_down_) { // When shutting down, we cannot reference thread_local_store_, as // histograms can outlive the store. So we decrement the ref-count without // the stores' lock. We will not be removing the object from the store's // histogram map in this scenario, as the set was cleared during shutdown, // and will not be repopulated in histogramFromStatNameWithTags after // initiating shutdown. ret = --ref_count_ == 0; } else { // We delegate to the Store object to decrement the ref-count so it can hold // the lock to the map. If we don't hold a lock, another thread may // simultaneously try to allocate the same name'd histogram after we // decrement it, and we'll wind up with a dtor/update race. To avoid this we // must hold the lock until the histogram is removed from the map. // // See also StatsSharedImpl::decRefCount() in allocator_impl.cc, which has // the same issue. ret = thread_local_store_.decHistogramRefCount(*this, ref_count_); } return ret; } bool ThreadLocalStoreImpl::decHistogramRefCount(ParentHistogramImpl& hist, std::atomic& ref_count) { // We must hold the store's histogram lock when decrementing the // refcount. Otherwise another thread may simultaneously try to allocate the // same name'd stat after we decrement it, and we'll wind up with a // dtor/update race. To avoid this we must hold the lock until the stat is // removed from the map. Thread::LockGuard lock(hist_mutex_); ASSERT(ref_count >= 1); if (--ref_count == 0) { if (!shutting_down_) { const size_t count = histogram_set_.erase(hist.statName()); ASSERT(shutting_down_ || count == 1); } return true; } return false; } SymbolTable& ParentHistogramImpl::symbolTable() { return thread_local_store_.symbolTable(); } Histogram::Unit ParentHistogramImpl::unit() const { return unit_; } void ParentHistogramImpl::recordValue(uint64_t value) { Histogram& tls_histogram = thread_local_store_.tlsHistogram(*this, id_); tls_histogram.recordValue(value); thread_local_store_.deliverHistogramToSinks(*this, value); } bool ParentHistogramImpl::used() const { // Consider ParentHistogram used only if has ever been merged. return merged_; } void ParentHistogramImpl::merge() { Thread::ReleasableLockGuard lock(merge_lock_); if (merged_ || usedLockHeld()) { hist_clear(interval_histogram_); // Here we could copy all the pointers to TLS histograms in the tls_histogram_ list, // then release the lock before we do the actual merge. However it is not a big deal // because the tls_histogram merge is not that expensive as it is a single histogram // merge and adding TLS histograms is rare. for (const TlsHistogramSharedPtr& tls_histogram : tls_histograms_) { tls_histogram->merge(interval_histogram_); } // Since TLS merge is done, we can release the lock here. lock.release(); hist_accumulate(cumulative_histogram_, &interval_histogram_, 1); cumulative_statistics_.refresh(cumulative_histogram_); interval_statistics_.refresh(interval_histogram_); merged_ = true; } } const std::string ParentHistogramImpl::quantileSummary() const { if (used()) { std::vector summary; const std::vector& supported_quantiles_ref = interval_statistics_.supportedQuantiles(); summary.reserve(supported_quantiles_ref.size()); for (size_t i = 0; i < supported_quantiles_ref.size(); ++i) { summary.push_back(fmt::format("P{:g}({},{})", 100 * supported_quantiles_ref[i], interval_statistics_.computedQuantiles()[i], cumulative_statistics_.computedQuantiles()[i])); } return absl::StrJoin(summary, " "); } else { return std::string("No recorded values"); } } const std::string ParentHistogramImpl::bucketSummary() const { if (used()) { std::vector bucket_summary; ConstSupportedBuckets& supported_buckets = interval_statistics_.supportedBuckets(); bucket_summary.reserve(supported_buckets.size()); for (size_t i = 0; i < supported_buckets.size(); ++i) { bucket_summary.push_back(fmt::format("B{:g}({},{})", supported_buckets[i], interval_statistics_.computedBuckets()[i], cumulative_statistics_.computedBuckets()[i])); } return absl::StrJoin(bucket_summary, " "); } else { return std::string("No recorded values"); } } void ParentHistogramImpl::addTlsHistogram(const TlsHistogramSharedPtr& hist_ptr) { Thread::LockGuard lock(merge_lock_); tls_histograms_.emplace_back(hist_ptr); } bool ParentHistogramImpl::usedLockHeld() const { for (const TlsHistogramSharedPtr& tls_histogram : tls_histograms_) { if (tls_histogram->used()) { return true; } } return false; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/thread_local_store.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/stats/tag.h" #include "envoy/thread_local/thread_local.h" #include "common/common/hash.h" #include "common/common/thread_synchronizer.h" #include "common/stats/allocator_impl.h" #include "common/stats/histogram_impl.h" #include "common/stats/null_counter.h" #include "common/stats/null_gauge.h" #include "common/stats/null_text_readout.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" #include "circllhist.h" namespace Envoy { namespace Stats { /** * A histogram that is stored in TLS and used to record values per thread. This holds two * histograms, one to collect the values and other as backup that is used for merge process. The * swap happens during the merge process. */ class ThreadLocalHistogramImpl : public HistogramImplHelper { public: ThreadLocalHistogramImpl(StatName name, Histogram::Unit unit, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, SymbolTable& symbol_table); ~ThreadLocalHistogramImpl() override; void merge(histogram_t* target); /** * Called in the beginning of merge process. Swaps the histogram used for collection so that we do * not have to lock the histogram in high throughput TLS writes. */ void beginMerge() { // This switches the current_active_ between 1 and 0. ASSERT(std::this_thread::get_id() == created_thread_id_); current_active_ = otherHistogramIndex(); } // Stats::Histogram Histogram::Unit unit() const override { // If at some point ThreadLocalHistogramImpl will hold a pointer to its parent we can just // return parent's unit here and not store it separately. return unit_; } void recordValue(uint64_t value) override; // Stats::Metric SymbolTable& symbolTable() final { return symbol_table_; } bool used() const override { return used_; } private: Histogram::Unit unit_; uint64_t otherHistogramIndex() const { return 1 - current_active_; } uint64_t current_active_; histogram_t* histograms_[2]; std::atomic used_; std::thread::id created_thread_id_; SymbolTable& symbol_table_; }; using TlsHistogramSharedPtr = RefcountPtr; class ThreadLocalStoreImpl; /** * Log Linear Histogram implementation that is stored in the main thread. */ class ParentHistogramImpl : public MetricImpl { public: ParentHistogramImpl(StatName name, Histogram::Unit unit, ThreadLocalStoreImpl& parent, StatName tag_extracted_name, const StatNameTagVector& stat_name_tags, ConstSupportedBuckets& supported_buckets, uint64_t id); ~ParentHistogramImpl() override; void addTlsHistogram(const TlsHistogramSharedPtr& hist_ptr); // Stats::Histogram Histogram::Unit unit() const override; void recordValue(uint64_t value) override; /** * This method is called during the main stats flush process for each of the histograms. It * iterates through the TLS histograms and collects the histogram data of all of them * in to "interval_histogram". Then the collected "interval_histogram" is merged to a * "cumulative_histogram". */ void merge() override; const HistogramStatistics& intervalStatistics() const override { return interval_statistics_; } const HistogramStatistics& cumulativeStatistics() const override { return cumulative_statistics_; } const std::string quantileSummary() const override; const std::string bucketSummary() const override; // Stats::Metric SymbolTable& symbolTable() override; bool used() const override; // RefcountInterface void incRefCount() override; bool decRefCount() override; uint32_t use_count() const override { return ref_count_; } // Indicates that the ThreadLocalStore is shutting down, so no need to clear its histogram_set_. void setShuttingDown(bool shutting_down) { shutting_down_ = shutting_down; } bool shuttingDown() const { return shutting_down_; } private: bool usedLockHeld() const ABSL_EXCLUSIVE_LOCKS_REQUIRED(merge_lock_); Histogram::Unit unit_; ThreadLocalStoreImpl& thread_local_store_; histogram_t* interval_histogram_; histogram_t* cumulative_histogram_; HistogramStatisticsImpl interval_statistics_; HistogramStatisticsImpl cumulative_statistics_; mutable Thread::MutexBasicLockable merge_lock_; std::list tls_histograms_ ABSL_GUARDED_BY(merge_lock_); bool merged_; std::atomic shutting_down_{false}; std::atomic ref_count_{0}; const uint64_t id_; // Index into TlsCache::histogram_cache_. }; using ParentHistogramImplSharedPtr = RefcountPtr; /** * Store implementation with thread local caching. For design details see * https://github.com/envoyproxy/envoy/blob/master/source/docs/stats.md */ class ThreadLocalStoreImpl : Logger::Loggable, public StoreRoot { public: static const char MainDispatcherCleanupSync[]; ThreadLocalStoreImpl(Allocator& alloc); ~ThreadLocalStoreImpl() override; // Stats::Scope Counter& counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override { return default_scope_->counterFromStatNameWithTags(name, tags); } Counter& counterFromString(const std::string& name) override { return default_scope_->counterFromString(name); } ScopePtr createScope(const std::string& name) override; void deliverHistogramToSinks(const Histogram& histogram, uint64_t value) override { return default_scope_->deliverHistogramToSinks(histogram, value); } Gauge& gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) override { return default_scope_->gaugeFromStatNameWithTags(name, tags, import_mode); } Gauge& gaugeFromString(const std::string& name, Gauge::ImportMode import_mode) override { return default_scope_->gaugeFromString(name, import_mode); } Histogram& histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) override { return default_scope_->histogramFromStatNameWithTags(name, tags, unit); } Histogram& histogramFromString(const std::string& name, Histogram::Unit unit) override { return default_scope_->histogramFromString(name, unit); } TextReadout& textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override { return default_scope_->textReadoutFromStatNameWithTags(name, tags); } TextReadout& textReadoutFromString(const std::string& name) override { return default_scope_->textReadoutFromString(name); } NullGaugeImpl& nullGauge(const std::string&) override { return null_gauge_; } const SymbolTable& constSymbolTable() const override { return alloc_.constSymbolTable(); } SymbolTable& symbolTable() override { return alloc_.symbolTable(); } const TagProducer& tagProducer() const { return *tag_producer_; } CounterOptConstRef findCounter(StatName name) const override { CounterOptConstRef found_counter; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { found_counter = scope->findCounter(name); if (found_counter.has_value()) { return found_counter; } } return absl::nullopt; } GaugeOptConstRef findGauge(StatName name) const override { GaugeOptConstRef found_gauge; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { found_gauge = scope->findGauge(name); if (found_gauge.has_value()) { return found_gauge; } } return absl::nullopt; } HistogramOptConstRef findHistogram(StatName name) const override { HistogramOptConstRef found_histogram; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { found_histogram = scope->findHistogram(name); if (found_histogram.has_value()) { return found_histogram; } } return absl::nullopt; } TextReadoutOptConstRef findTextReadout(StatName name) const override { TextReadoutOptConstRef found_text_readout; Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { found_text_readout = scope->findTextReadout(name); if (found_text_readout.has_value()) { return found_text_readout; } } return absl::nullopt; } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn); } // Stats::Store std::vector counters() const override; std::vector gauges() const override; std::vector textReadouts() const override; std::vector histograms() const override; // Stats::StoreRoot void addSink(Sink& sink) override { timer_sinks_.push_back(sink); } void setTagProducer(TagProducerPtr&& tag_producer) override { tag_producer_ = std::move(tag_producer); } void setStatsMatcher(StatsMatcherPtr&& stats_matcher) override; void setHistogramSettings(HistogramSettingsConstPtr&& histogram_settings) override; void initializeThreading(Event::Dispatcher& main_thread_dispatcher, ThreadLocal::Instance& tls) override; void shutdownThreading() override; void mergeHistograms(PostMergeCb merge_cb) override; Histogram& tlsHistogram(ParentHistogramImpl& parent, uint64_t id); /** * @return a thread synchronizer object used for controlling thread behavior in tests. */ Thread::ThreadSynchronizer& sync() { return sync_; } /** * @return a set of well known tag names; used to reduce symbol table churn. */ const StatNameSet& wellKnownTags() const { return *well_known_tags_; } bool decHistogramRefCount(ParentHistogramImpl& histogram, std::atomic& ref_count); void releaseHistogramCrossThread(uint64_t histogram_id); private: friend class ThreadLocalStoreTestingPeer; template using StatRefMap = StatNameHashMap>; struct TlsCacheEntry { // The counters, gauges and text readouts in the TLS cache are stored by reference, // depending on the CentralCache for backing store. This avoids a potential // contention-storm when destructing a scope, as the counter/gauge ref-count // decrement in allocator_impl.cc needs to hold the single allocator mutex. StatRefMap counters_; StatRefMap gauges_; StatRefMap text_readouts_; // Histograms also require holding a mutex while decrementing reference // counts. The only difference from other stats is that the histogram_set_ // lives in the ThreadLocalStore object, rather than in // AllocatorImpl. Histograms are removed from that set when all scopes // referencing the histogram are dropped. Each ParentHistogram has a unique // index, which is not re-used during the process lifetime. // // There is also a tls_histogram_cache_ in the TlsCache object, which is // not tied to a scope. It maps from parent histogram's unique index to // a TlsHistogram. This enables continuity between same-named histograms // in same-named scopes. That scenario is common when re-creating scopes in // response to xDS. StatNameHashMap parent_histograms_; // We keep a TLS cache of rejected stat names. This costs memory, but // reduces runtime overhead running the matcher. Moreover, once symbol // tables are integrated, rejection will need the fully elaborated string, // and it we need to take a global symbol-table lock to run. We keep this // StatName set here in the TLS cache to avoid taking a lock to compute // rejection. StatNameHashSet rejected_stats_; }; struct CentralCacheEntry : public RefcountHelper { explicit CentralCacheEntry(SymbolTable& symbol_table) : symbol_table_(symbol_table) {} ~CentralCacheEntry(); StatNameHashMap counters_; StatNameHashMap gauges_; StatNameHashMap histograms_; StatNameHashMap text_readouts_; StatNameStorageSet rejected_stats_; SymbolTable& symbol_table_; }; using CentralCacheEntrySharedPtr = RefcountPtr; struct ScopeImpl : public Scope { ScopeImpl(ThreadLocalStoreImpl& parent, const std::string& prefix); ~ScopeImpl() override; // Stats::Scope Counter& counterFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override; void deliverHistogramToSinks(const Histogram& histogram, uint64_t value) override; Gauge& gaugeFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Gauge::ImportMode import_mode) override; Histogram& histogramFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags, Histogram::Unit unit) override; TextReadout& textReadoutFromStatNameWithTags(const StatName& name, StatNameTagVectorOptConstRef tags) override; ScopePtr createScope(const std::string& name) override { return parent_.createScope(symbolTable().toString(prefix_.statName()) + "." + name); } const SymbolTable& constSymbolTable() const final { return parent_.constSymbolTable(); } SymbolTable& symbolTable() final { return parent_.symbolTable(); } Counter& counterFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return counterFromStatName(storage.statName()); } Gauge& gaugeFromString(const std::string& name, Gauge::ImportMode import_mode) override { StatNameManagedStorage storage(name, symbolTable()); return gaugeFromStatName(storage.statName(), import_mode); } Histogram& histogramFromString(const std::string& name, Histogram::Unit unit) override { StatNameManagedStorage storage(name, symbolTable()); return histogramFromStatName(storage.statName(), unit); } TextReadout& textReadoutFromString(const std::string& name) override { StatNameManagedStorage storage(name, symbolTable()); return textReadoutFromStatName(storage.statName()); } NullGaugeImpl& nullGauge(const std::string&) override { return parent_.null_gauge_; } template bool iterHelper(StatFn fn, const StatMap& map) const { for (auto& iter : map) { if (!fn(iter.second)) { return false; } } return true; } bool iterate(const IterateFn& fn) const override { return iterHelper(fn, central_cache_->counters_); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn, central_cache_->gauges_); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn, central_cache_->histograms_); } bool iterate(const IterateFn& fn) const override { return iterHelper(fn, central_cache_->text_readouts_); } // NOTE: The find methods assume that `name` is fully-qualified. // Implementations will not add the scope prefix. CounterOptConstRef findCounter(StatName name) const override; GaugeOptConstRef findGauge(StatName name) const override; HistogramOptConstRef findHistogram(StatName name) const override; TextReadoutOptConstRef findTextReadout(StatName name) const override; template using MakeStatFn = std::function( Allocator&, StatName name, StatName tag_extracted_name, const StatNameTagVector& tags)>; /** * Makes a stat either by looking it up in the central cache, * generating it from the parent allocator, or as a last * result, creating it with the heap allocator. * * @param full_stat_name the full name of the stat with appended tags. * @param name_no_tags the full name of the stat (not tag extracted) without appended tags. * @param stat_name_tags the tags provided at creation time. If empty, tag extraction occurs. * @param central_cache_map a map from name to the desired object in the central cache. * @param make_stat a function to generate the stat object, called if it's not in cache. * @param tls_ref possibly null reference to a cache entry for this stat, which will be * used if non-empty, or filled in if empty (and non-null). */ template StatType& safeMakeStat(StatName full_stat_name, StatName name_no_tags, const absl::optional& stat_name_tags, StatNameHashMap>& central_cache_map, StatNameStorageSet& central_rejected_stats, MakeStatFn make_stat, StatRefMap* tls_cache, StatNameHashSet* tls_rejected_stats, StatType& null_stat); template using StatTypeOptConstRef = absl::optional>; /** * Looks up an existing stat, populating the local cache if necessary. Does * not check the TLS or rejects, and does not create a stat if it does not * exist. * * @param name the full name of the stat (not tag extracted). * @param central_cache_map a map from name to the desired object in the central cache. * @return a reference to the stat, if it exists. */ template StatTypeOptConstRef findStatLockHeld(StatName name, StatNameHashMap>& central_cache_map) const; const uint64_t scope_id_; ThreadLocalStoreImpl& parent_; StatNameStorage prefix_; mutable CentralCacheEntrySharedPtr central_cache_; }; struct TlsCache : public ThreadLocal::ThreadLocalObject { TlsCacheEntry& insertScope(uint64_t scope_id); void eraseScope(uint64_t scope_id); void eraseHistogram(uint64_t histogram); // The TLS scope cache is keyed by scope ID. This is used to avoid complex circular references // during scope destruction. An ID is required vs. using the address of the scope pointer // because it's possible that the memory allocator will recycle the scope pointer immediately // upon destruction, leading to a situation in which a new scope with the same address is used // to reference the cache, and then subsequently cache flushed, leaving nothing in the central // store. See the overview for more information. This complexity is required for lockless // operation in the fast path. absl::flat_hash_map scope_cache_; // Maps from histogram ID (monotonically increasing) to a TLS histogram. absl::flat_hash_map tls_histogram_cache_; }; template bool iterHelper(StatFn fn) const { Thread::LockGuard lock(lock_); for (ScopeImpl* scope : scopes_) { if (!scope->iterate(fn)) { return false; } } return true; } std::string getTagsForName(const std::string& name, TagVector& tags) const; void clearScopeFromCaches(uint64_t scope_id, CentralCacheEntrySharedPtr central_cache); void clearHistogramFromCaches(uint64_t histogram_id); void releaseScopeCrossThread(ScopeImpl* scope); void mergeInternal(PostMergeCb merge_cb); bool rejects(StatName name) const; bool rejectsAll() const { return stats_matcher_->rejectsAll(); } template void removeRejectedStats(StatMapClass& map, StatListClass& list); bool checkAndRememberRejection(StatName name, StatNameStorageSet& central_rejected_stats, StatNameHashSet* tls_rejected_stats); Allocator& alloc_; Event::Dispatcher* main_thread_dispatcher_{}; ThreadLocal::SlotPtr tls_; mutable Thread::MutexBasicLockable lock_; absl::flat_hash_set scopes_ ABSL_GUARDED_BY(lock_); ScopePtr default_scope_; std::list> timer_sinks_; TagProducerPtr tag_producer_; StatsMatcherPtr stats_matcher_; HistogramSettingsConstPtr histogram_settings_; std::atomic threading_ever_initialized_{}; std::atomic shutting_down_{}; std::atomic merge_in_progress_{}; AllocatorImpl heap_allocator_; NullCounterImpl null_counter_; NullGaugeImpl null_gauge_; NullHistogramImpl null_histogram_; NullTextReadoutImpl null_text_readout_; Thread::ThreadSynchronizer sync_; std::atomic next_scope_id_{}; uint64_t next_histogram_id_ ABSL_GUARDED_BY(hist_mutex_) = 0; StatNameSetPtr well_known_tags_; mutable Thread::MutexBasicLockable hist_mutex_; StatSet histogram_set_ ABSL_GUARDED_BY(hist_mutex_); // Retain storage for deleted stats; these are no longer in maps because the // matcher-pattern was established after they were created. Since the stats // are held by reference in code that expects them to be there, we can't // actually delete the stats. // // It seems like it would be better to have each client that expects a stat // to exist to hold it as (e.g.) a CounterSharedPtr rather than a Counter& // but that would be fairly complex to change. std::vector deleted_counters_ ABSL_GUARDED_BY(lock_); std::vector deleted_gauges_ ABSL_GUARDED_BY(lock_); std::vector deleted_histograms_ ABSL_GUARDED_BY(lock_); std::vector deleted_text_readouts_ ABSL_GUARDED_BY(lock_); }; using ThreadLocalStoreImplPtr = std::unique_ptr; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/timespan_impl.cc ================================================ #include "common/stats/timespan_impl.h" #include "common/common/assert.h" #include "common/common/fmt.h" namespace Envoy { namespace Stats { HistogramCompletableTimespanImpl::HistogramCompletableTimespanImpl(Histogram& histogram, TimeSource& time_source) : time_source_(time_source), histogram_(histogram), start_(time_source.monotonicTime()) { ensureTimeHistogram(histogram); } std::chrono::milliseconds HistogramCompletableTimespanImpl::elapsed() const { return HistogramCompletableTimespanImpl::elapsedDuration(); } void HistogramCompletableTimespanImpl::complete() { histogram_.recordValue(tickCount()); } void HistogramCompletableTimespanImpl::ensureTimeHistogram(const Histogram& histogram) const { switch (histogram.unit()) { case Histogram::Unit::Null: case Histogram::Unit::Microseconds: case Histogram::Unit::Milliseconds: return; case Histogram::Unit::Unspecified: case Histogram::Unit::Bytes: RELEASE_ASSERT( false, fmt::format("Cannot create a timespan flushing the duration to histogram '{}' because " "it does not measure time. This is a programming error, either pass a " "histogram measuring time or fix the unit of the passed histogram.", histogram.name())); } NOT_REACHED_GCOVR_EXCL_LINE; } uint64_t HistogramCompletableTimespanImpl::tickCount() const { switch (histogram_.unit()) { case Histogram::Unit::Null: return 0; case Histogram::Unit::Microseconds: return HistogramCompletableTimespanImpl::elapsedDuration().count(); case Histogram::Unit::Milliseconds: return HistogramCompletableTimespanImpl::elapsedDuration().count(); case Histogram::Unit::Unspecified: case Histogram::Unit::Bytes: NOT_REACHED_GCOVR_EXCL_LINE; } NOT_REACHED_GCOVR_EXCL_LINE; } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/timespan_impl.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" #include "envoy/stats/timespan.h" namespace Envoy { namespace Stats { /** * An individual timespan that flushes its measured value to the histogram on completion. * The start time is captured on construction. The timespan must be * completed via complete() for it to be stored. If the timespan is deleted this will be treated as * a cancellation. The target histogram must represent a quantity of time. */ class HistogramCompletableTimespanImpl : public CompletableTimespan { public: HistogramCompletableTimespanImpl(Histogram& histogram, TimeSource& time_source); // Stats::CompletableTimespan std::chrono::milliseconds elapsed() const override; void complete() override; private: void ensureTimeHistogram(const Histogram& histogram) const; template TimeUnit elapsedDuration() const { return std::chrono::duration_cast(time_source_.monotonicTime() - start_); } uint64_t tickCount() const; TimeSource& time_source_; Histogram& histogram_; const MonotonicTime start_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/utility.cc ================================================ #include "common/stats/utility.h" #include #include #include "absl/strings/match.h" #include "absl/types/optional.h" namespace Envoy { namespace Stats { std::string Utility::sanitizeStatsName(absl::string_view name) { if (absl::EndsWith(name, ".")) { name.remove_suffix(1); } if (absl::StartsWith(name, ".")) { name.remove_prefix(1); } std::string stats_name = std::string(name); std::replace(stats_name.begin(), stats_name.end(), ':', '_'); std::replace(stats_name.begin(), stats_name.end(), '\0', '_'); return stats_name; } absl::optional Utility::findTag(const Metric& metric, StatName find_tag_name) { absl::optional value; metric.iterateTagStatNames( [&value, &find_tag_name](Stats::StatName tag_name, Stats::StatName tag_value) -> bool { if (tag_name == find_tag_name) { value = tag_value; return false; } return true; }); return value; } namespace { // Helper class for the three Utility::*FromElements implementations to build up // a joined StatName from a mix of StatName and string_view. struct ElementVisitor { ElementVisitor(SymbolTable& symbol_table, const ElementVec& elements) : symbol_table_(symbol_table), pool_(symbol_table) { stat_names_.resize(elements.size()); for (const Element& element : elements) { absl::visit(*this, element); } joined_ = symbol_table_.join(stat_names_); } // Overloads provides for absl::visit to call. void operator()(StatName stat_name) { stat_names_.push_back(stat_name); } void operator()(absl::string_view name) { stat_names_.push_back(pool_.add(name)); } /** * @return the StatName constructed by joining the elements. */ StatName statName() { return StatName(joined_.get()); } SymbolTable& symbol_table_; StatNameVec stat_names_; StatNameDynamicPool pool_; SymbolTable::StoragePtr joined_; }; } // namespace Counter& Utility::counterFromElements(Scope& scope, const ElementVec& elements, StatNameTagVectorOptConstRef tags) { ElementVisitor visitor(scope.symbolTable(), elements); return scope.counterFromStatNameWithTags(visitor.statName(), tags); } Counter& Utility::counterFromStatNames(Scope& scope, const StatNameVec& elements, StatNameTagVectorOptConstRef tags) { SymbolTable::StoragePtr joined = scope.symbolTable().join(elements); return scope.counterFromStatNameWithTags(StatName(joined.get()), tags); } Gauge& Utility::gaugeFromElements(Scope& scope, const ElementVec& elements, Gauge::ImportMode import_mode, StatNameTagVectorOptConstRef tags) { ElementVisitor visitor(scope.symbolTable(), elements); return scope.gaugeFromStatNameWithTags(visitor.statName(), tags, import_mode); } Gauge& Utility::gaugeFromStatNames(Scope& scope, const StatNameVec& elements, Gauge::ImportMode import_mode, StatNameTagVectorOptConstRef tags) { SymbolTable::StoragePtr joined = scope.symbolTable().join(elements); return scope.gaugeFromStatNameWithTags(StatName(joined.get()), tags, import_mode); } Histogram& Utility::histogramFromElements(Scope& scope, const ElementVec& elements, Histogram::Unit unit, StatNameTagVectorOptConstRef tags) { ElementVisitor visitor(scope.symbolTable(), elements); return scope.histogramFromStatNameWithTags(visitor.statName(), tags, unit); } Histogram& Utility::histogramFromStatNames(Scope& scope, const StatNameVec& elements, Histogram::Unit unit, StatNameTagVectorOptConstRef tags) { SymbolTable::StoragePtr joined = scope.symbolTable().join(elements); return scope.histogramFromStatNameWithTags(StatName(joined.get()), tags, unit); } TextReadout& Utility::textReadoutFromElements(Scope& scope, const ElementVec& elements, StatNameTagVectorOptConstRef tags) { ElementVisitor visitor(scope.symbolTable(), elements); return scope.textReadoutFromStatNameWithTags(visitor.statName(), tags); } TextReadout& Utility::textReadoutFromStatNames(Scope& scope, const StatNameVec& elements, StatNameTagVectorOptConstRef tags) { SymbolTable::StoragePtr joined = scope.symbolTable().join(elements); return scope.textReadoutFromStatNameWithTags(StatName(joined.get()), tags); } } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stats/utility.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "common/common/thread.h" #include "common/stats/symbol_table_impl.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Stats { /** * Represents a dynamically created stat name token based on absl::string_view. * This class wrapper is used in the 'Element' variant so that call-sites * can express explicit intent to create dynamic stat names, which are more * expensive than symbolic stat names. We use dynamic stat names only for * building stats based on names discovered in the line of a request. */ class DynamicName : public absl::string_view { public: // This is intentionally left as an implicit conversion from string_view to // make call-sites easier to read, e.g. // Utility::counterFromElements(*scope, {DynamicName("a"), DynamicName("b")}); explicit DynamicName(absl::string_view str) : absl::string_view(str) {} }; /** * Holds either a symbolic StatName or a dynamic string, for the purpose of * composing a vector to pass to Utility::counterFromElements, etc. This is * a programming convenience to create joined stat names. It is easier to * call the above helpers than to use SymbolTable::join(), because the helpers * hide the memory management of the joined storage, and they allow easier * co-mingling of symbolic and dynamic stat-name components. */ using Element = absl::variant; using ElementVec = absl::InlinedVector; /** * Common stats utility routines. */ class Utility { public: /** * ':' is a reserved char in statsd. Do a character replacement to avoid * costly inline translations later. * * @param name the stat name to sanitize. * @return the sanitized stat name. */ static std::string sanitizeStatsName(absl::string_view name); /** * Finds a metric tag with the specified name. * * @param metric The metric in which the tag is expected to exist. * @param find_tag_name The name of the tag to search for. * @return The value of the tag, if found. */ static absl::optional findTag(const Metric& metric, StatName find_tag_name); /** * Creates a counter from a vector of tokens which are used to create the * name. The tokens can be specified as DynamicName or StatName. For * tokens specified as DynamicName, a dynamic StatName will be created. See * https://github.com/envoyproxy/envoy/blob/master/source/docs/stats.md#dynamic-stat-tokens * for more detail on why symbolic StatNames are preferred when possible. * * See also counterFromStatNames, which is slightly faster but does not allow * passing DynamicName(string)s as names. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param tags optionally specified tags. * @return A counter named using the joined elements. */ static Counter& counterFromElements(Scope& scope, const ElementVec& elements, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a counter from a vector of tokens which are used to create the * name. The tokens must be of type StatName. * * See also counterFromElements, which is slightly slower, but allows * passing DynamicName(string)s as elements. * * @param scope The scope in which to create the counter. * @param names The vector of StatNames * @param tags optionally specified tags. * @return A counter named using the joined elements. */ static Counter& counterFromStatNames(Scope& scope, const StatNameVec& names, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a gauge from a vector of tokens which are used to create the * name. The tokens can be specified as DynamicName or StatName. For * tokens specified as DynamicName, a dynamic StatName will be created. See * https://github.com/envoyproxy/envoy/blob/master/source/docs/stats.md#dynamic-stat-tokens * for more detail on why symbolic StatNames are preferred when possible. * * See also gaugeFromStatNames, which is slightly faster but does not allow * passing DynamicName(string)s as names. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param import_mode Whether hot-restart should accumulate this value. * @param tags optionally specified tags. * @return A gauge named using the joined elements. */ static Gauge& gaugeFromElements(Scope& scope, const ElementVec& elements, Gauge::ImportMode import_mode, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a gauge from a vector of tokens which are used to create the * name. The tokens must be of type StatName. * * See also gaugeFromElements, which is slightly slower, but allows * passing DynamicName(string)s as elements. * * @param scope The scope in which to create the counter. * @param names The vector of StatNames * @param import_mode Whether hot-restart should accumulate this value. * @param tags optionally specified tags. * @return A gauge named using the joined elements. */ static Gauge& gaugeFromStatNames(Scope& scope, const StatNameVec& elements, Gauge::ImportMode import_mode, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a histogram from a vector of tokens which are used to create the * name. The tokens can be specified as DynamicName or StatName. For * tokens specified as DynamicName, a dynamic StatName will be created. See * https://github.com/envoyproxy/envoy/blob/master/source/docs/stats.md#dynamic-stat-tokens * for more detail on why symbolic StatNames are preferred when possible. * * See also histogramFromStatNames, which is slightly faster but does not allow * passing DynamicName(string)s as names. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param unit The unit of measurement. * @param tags optionally specified tags. * @return A histogram named using the joined elements. */ static Histogram& histogramFromElements(Scope& scope, const ElementVec& elements, Histogram::Unit unit, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a histogram from a vector of tokens which are used to create the * name. The tokens must be of type StatName. * * See also histogramFromElements, which is slightly slower, but allows * passing DynamicName(string)s as elements. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param unit The unit of measurement. * @param tags optionally specified tags. * @return A histogram named using the joined elements. */ static Histogram& histogramFromStatNames(Scope& scope, const StatNameVec& elements, Histogram::Unit unit, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a TextReadout from a vector of tokens which are used to create the * name. The tokens can be specified as DynamicName or StatName. For * tokens specified as DynamicName, a dynamic StatName will be created. See * https://github.com/envoyproxy/envoy/blob/master/source/docs/stats.md#dynamic-stat-tokens * for more detail on why symbolic StatNames are preferred when possible. * * See also TextReadoutFromStatNames, which is slightly faster but does not allow * passing DynamicName(string)s as names. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param unit The unit of measurement. * @param tags optionally specified tags. * @return A TextReadout named using the joined elements. */ static TextReadout& textReadoutFromElements(Scope& scope, const ElementVec& elements, StatNameTagVectorOptConstRef tags = absl::nullopt); /** * Creates a TextReadout from a vector of tokens which are used to create the * name. The tokens must be of type StatName. * * See also TextReadoutFromElements, which is slightly slower, but allows * passing DynamicName(string)s as elements. * * @param scope The scope in which to create the counter. * @param elements The vector of mixed DynamicName and StatName * @param unit The unit of measurement. * @param tags optionally specified tags. * @return A TextReadout named using the joined elements. */ static TextReadout& textReadoutFromStatNames(Scope& scope, const StatNameVec& elements, StatNameTagVectorOptConstRef tags = absl::nullopt); }; /** * Holds a reference to a stat by name. Note that the stat may not be created * yet at the time CachedReference is created. Calling get() then does a lazy * lookup, potentially returning absl::nullopt if the stat doesn't exist yet. * StatReference works whether the name was constructed symbolically, or with * StatNameDynamicStorage. * * Lookups are very slow, taking time proportional to the size of the scope, * holding mutexes during the lookup. However once the lookup succeeds, the * result is cached atomically, and further calls to get() are thus fast and * mutex-free. The implementation may be faster for stats that are named * symbolically. * * CachedReference is valid for the lifetime of the Scope. When the Scope * becomes invalid, CachedReferences must also be dropped as they will hold * pointers into the scope. */ template class CachedReference { public: CachedReference(Scope& scope, absl::string_view name) : scope_(scope), name_(std::string(name)) {} /** * Finds the named stat, if it exists, returning it as an optional. */ absl::optional> get() { StatType* stat = stat_.get([this]() -> StatType* { StatType* stat = nullptr; IterateFn check_stat = [this, &stat](const RefcountPtr& shared_stat) -> bool { if (shared_stat->name() == name_) { stat = shared_stat.get(); return false; // Stop iteration. } return true; }; scope_.iterate(check_stat); return stat; }); if (stat == nullptr) { return absl::nullopt; } return *stat; } private: Scope& scope_; const std::string name_; Thread::AtomicPtr stat_; }; } // namespace Stats } // namespace Envoy ================================================ FILE: source/common/stream_info/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "stream_info_lib", hdrs = ["stream_info_impl.h"], deps = [ ":filter_state_lib", "//include/envoy/http:request_id_extension_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/http:request_id_extension_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_state_lib", srcs = ["filter_state_impl.cc"], hdrs = ["filter_state_impl.h"], deps = [ "//include/envoy/stream_info:filter_state_interface", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/stream_info:stream_info_interface", ], ) envoy_cc_library( name = "uint32_accessor_lib", hdrs = ["uint32_accessor_impl.h"], deps = [ "//include/envoy/stream_info:uint32_accessor_interface", ], ) ================================================ FILE: source/common/stream_info/filter_state_impl.cc ================================================ #include "common/stream_info/filter_state_impl.h" #include "envoy/common/exception.h" namespace Envoy { namespace StreamInfo { void FilterStateImpl::setData(absl::string_view data_name, std::shared_ptr data, FilterState::StateType state_type, FilterState::LifeSpan life_span) { if (life_span > life_span_) { if (hasDataWithNameInternally(data_name)) { throw EnvoyException( "FilterState::setData called twice with conflicting life_span on the same data_name."); } maybeCreateParent(ParentAccessMode::ReadWrite); parent_->setData(data_name, data, state_type, life_span); return; } if (parent_ && parent_->hasDataWithName(data_name)) { throw EnvoyException( "FilterState::setData called twice with conflicting life_span on the same data_name."); } const auto& it = data_storage_.find(data_name); if (it != data_storage_.end()) { // We have another object with same data_name. Check for mutability // violations namely: readonly data cannot be overwritten. mutable data // cannot be overwritten by readonly data. const FilterStateImpl::FilterObject* current = it->second.get(); if (current->state_type_ == FilterState::StateType::ReadOnly) { throw EnvoyException("FilterState::setData called twice on same ReadOnly state."); } if (current->state_type_ != state_type) { throw EnvoyException("FilterState::setData called twice with different state types."); } } std::unique_ptr filter_object(new FilterStateImpl::FilterObject()); filter_object->data_ = data; filter_object->state_type_ = state_type; data_storage_[data_name] = std::move(filter_object); } bool FilterStateImpl::hasDataWithName(absl::string_view data_name) const { return hasDataWithNameInternally(data_name) || (parent_ && parent_->hasDataWithName(data_name)); } const FilterState::Object* FilterStateImpl::getDataReadOnlyGeneric(absl::string_view data_name) const { const auto& it = data_storage_.find(data_name); if (it == data_storage_.end()) { if (parent_) { return &(parent_->getDataReadOnly(data_name)); } throw EnvoyException("FilterState::getDataReadOnly called for unknown data name."); } const FilterStateImpl::FilterObject* current = it->second.get(); return current->data_.get(); } FilterState::Object* FilterStateImpl::getDataMutableGeneric(absl::string_view data_name) { const auto& it = data_storage_.find(data_name); if (it == data_storage_.end()) { if (parent_) { return &(parent_->getDataMutable(data_name)); } throw EnvoyException("FilterState::getDataMutable called for unknown data name."); } FilterStateImpl::FilterObject* current = it->second.get(); if (current->state_type_ == FilterState::StateType::ReadOnly) { throw EnvoyException( "FilterState::getDataMutable tried to access immutable data as mutable."); } return current->data_.get(); } bool FilterStateImpl::hasDataAtOrAboveLifeSpan(FilterState::LifeSpan life_span) const { if (life_span > life_span_) { return parent_ && parent_->hasDataAtOrAboveLifeSpan(life_span); } return !data_storage_.empty() || (parent_ && parent_->hasDataAtOrAboveLifeSpan(life_span)); } bool FilterStateImpl::hasDataWithNameInternally(absl::string_view data_name) const { return data_storage_.count(data_name) > 0; } void FilterStateImpl::maybeCreateParent(ParentAccessMode parent_access_mode) { if (parent_ != nullptr) { return; } if (life_span_ >= FilterState::LifeSpan::TopSpan) { return; } if (absl::holds_alternative(ancestor_)) { FilterStateSharedPtr ancestor = absl::get(ancestor_); if (ancestor == nullptr || ancestor->lifeSpan() != life_span_ + 1) { parent_ = std::make_shared(ancestor, FilterState::LifeSpan(life_span_ + 1)); } else { parent_ = ancestor; } return; } auto lazy_create_ancestor = absl::get(ancestor_); // If we're only going to read data from our parent, we don't need to create lazy ancestor, // because they're empty anyways. if (parent_access_mode == ParentAccessMode::ReadOnly && lazy_create_ancestor.first == nullptr) { return; } // Lazy ancestor is not our immediate parent. if (lazy_create_ancestor.second != life_span_ + 1) { parent_ = std::make_shared(lazy_create_ancestor, FilterState::LifeSpan(life_span_ + 1)); return; } // Lazy parent is our immediate parent. if (lazy_create_ancestor.first == nullptr) { lazy_create_ancestor.first = std::make_shared(FilterState::LifeSpan(life_span_ + 1)); } parent_ = lazy_create_ancestor.first; } } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/stream_info/filter_state_impl.h ================================================ #pragma once #include #include #include #include "envoy/stream_info/filter_state.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace StreamInfo { class FilterStateImpl : public FilterState { public: FilterStateImpl(FilterState::LifeSpan life_span) : life_span_(life_span) { maybeCreateParent(ParentAccessMode::ReadOnly); } /** * @param ancestor a std::shared_ptr storing an already created ancestor. * @param life_span the life span this is handling. */ FilterStateImpl(FilterStateSharedPtr ancestor, FilterState::LifeSpan life_span) : ancestor_(ancestor), life_span_(life_span) { maybeCreateParent(ParentAccessMode::ReadOnly); } using LazyCreateAncestor = std::pair; /** * @param ancestor a std::pair storing an ancestor, that can be passed in as a way to lazy * initialize a FilterState that's owned by an object with bigger scope than this. This is to * avoid creating a FilterState that's empty in most cases. * @param life_span the life span this is handling. */ FilterStateImpl(LazyCreateAncestor lazy_create_ancestor, FilterState::LifeSpan life_span) : ancestor_(lazy_create_ancestor), life_span_(life_span) { maybeCreateParent(ParentAccessMode::ReadOnly); } // FilterState void setData(absl::string_view data_name, std::shared_ptr data, FilterState::StateType state_type, FilterState::LifeSpan life_span = FilterState::LifeSpan::FilterChain) override; bool hasDataWithName(absl::string_view) const override; const Object* getDataReadOnlyGeneric(absl::string_view data_name) const override; Object* getDataMutableGeneric(absl::string_view data_name) override; bool hasDataAtOrAboveLifeSpan(FilterState::LifeSpan life_span) const override; FilterState::LifeSpan lifeSpan() const override { return life_span_; } FilterStateSharedPtr parent() const override { return parent_; } private: // This only checks the local data_storage_ for data_name existence. bool hasDataWithNameInternally(absl::string_view data_name) const; enum class ParentAccessMode { ReadOnly, ReadWrite }; void maybeCreateParent(ParentAccessMode parent_access_mode); struct FilterObject { std::shared_ptr data_; FilterState::StateType state_type_; }; absl::variant ancestor_; FilterStateSharedPtr parent_; const FilterState::LifeSpan life_span_; absl::flat_hash_map> data_storage_; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/stream_info/stream_info_impl.h ================================================ #pragma once #include #include #include "envoy/common/time.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/header_map.h" #include "envoy/http/request_id_extension.h" #include "envoy/stream_info/stream_info.h" #include "common/common/assert.h" #include "common/common/dump_state_utils.h" #include "common/http/request_id_extension_impl.h" #include "common/stream_info/filter_state_impl.h" namespace Envoy { namespace StreamInfo { struct StreamInfoImpl : public StreamInfo { StreamInfoImpl(TimeSource& time_source, FilterState::LifeSpan life_span = FilterState::LifeSpan::FilterChain) : StreamInfoImpl(absl::nullopt, time_source, std::make_shared(life_span)) {} StreamInfoImpl(Http::Protocol protocol, TimeSource& time_source) : StreamInfoImpl(protocol, time_source, std::make_shared(FilterState::LifeSpan::FilterChain)) {} StreamInfoImpl(Http::Protocol protocol, TimeSource& time_source, FilterStateSharedPtr parent_filter_state, FilterState::LifeSpan life_span) : StreamInfoImpl( protocol, time_source, std::make_shared( FilterStateImpl::LazyCreateAncestor(std::move(parent_filter_state), life_span), FilterState::LifeSpan::FilterChain)) {} SystemTime startTime() const override { return start_time_; } MonotonicTime startTimeMonotonic() const override { return start_time_monotonic_; } absl::optional duration(absl::optional time) const { if (!time) { return {}; } return std::chrono::duration_cast(time.value() - start_time_monotonic_); } absl::optional lastDownstreamRxByteReceived() const override { return duration(last_downstream_rx_byte_received); } void onLastDownstreamRxByteReceived() override { ASSERT(!last_downstream_rx_byte_received); last_downstream_rx_byte_received = time_source_.monotonicTime(); } void setUpstreamTiming(const UpstreamTiming& upstream_timing) override { upstream_timing_ = upstream_timing; } absl::optional firstUpstreamTxByteSent() const override { return duration(upstream_timing_.first_upstream_tx_byte_sent_); } absl::optional lastUpstreamTxByteSent() const override { return duration(upstream_timing_.last_upstream_tx_byte_sent_); } absl::optional firstUpstreamRxByteReceived() const override { return duration(upstream_timing_.first_upstream_rx_byte_received_); } absl::optional lastUpstreamRxByteReceived() const override { return duration(upstream_timing_.last_upstream_rx_byte_received_); } absl::optional firstDownstreamTxByteSent() const override { return duration(first_downstream_tx_byte_sent_); } void onFirstDownstreamTxByteSent() override { ASSERT(!first_downstream_tx_byte_sent_); first_downstream_tx_byte_sent_ = time_source_.monotonicTime(); } absl::optional lastDownstreamTxByteSent() const override { return duration(last_downstream_tx_byte_sent_); } void onLastDownstreamTxByteSent() override { ASSERT(!last_downstream_tx_byte_sent_); last_downstream_tx_byte_sent_ = time_source_.monotonicTime(); } absl::optional requestComplete() const override { return duration(final_time_); } void onRequestComplete() override { ASSERT(!final_time_); final_time_ = time_source_.monotonicTime(); } void addBytesReceived(uint64_t bytes_received) override { bytes_received_ += bytes_received; } uint64_t bytesReceived() const override { return bytes_received_; } absl::optional protocol() const override { return protocol_; } void protocol(Http::Protocol protocol) override { protocol_ = protocol; } absl::optional responseCode() const override { return response_code_; } const absl::optional& responseCodeDetails() const override { return response_code_details_; } void setResponseCodeDetails(absl::string_view rc_details) override { response_code_details_.emplace(rc_details); } const absl::optional& connectionTerminationDetails() const override { return connection_termination_details_; } void setConnectionTerminationDetails(absl::string_view connection_termination_details) override { connection_termination_details_.emplace(connection_termination_details); } void addBytesSent(uint64_t bytes_sent) override { bytes_sent_ += bytes_sent; } uint64_t bytesSent() const override { return bytes_sent_; } void setResponseFlag(ResponseFlag response_flag) override { response_flags_ |= response_flag; } bool intersectResponseFlags(uint64_t response_flags) const override { return (response_flags_ & response_flags) != 0; } bool hasResponseFlag(ResponseFlag flag) const override { return response_flags_ & flag; } bool hasAnyResponseFlag() const override { return response_flags_ != 0; } uint64_t responseFlags() const override { return response_flags_; } void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) override { upstream_host_ = host; } Upstream::HostDescriptionConstSharedPtr upstreamHost() const override { return upstream_host_; } void setRouteName(absl::string_view route_name) override { route_name_ = std::string(route_name); } const std::string& getRouteName() const override { return route_name_; } void setUpstreamLocalAddress( const Network::Address::InstanceConstSharedPtr& upstream_local_address) override { upstream_local_address_ = upstream_local_address; } const Network::Address::InstanceConstSharedPtr& upstreamLocalAddress() const override { return upstream_local_address_; } bool healthCheck() const override { return health_check_request_; } void healthCheck(bool is_health_check) override { health_check_request_ = is_health_check; } void setDownstreamLocalAddress( const Network::Address::InstanceConstSharedPtr& downstream_local_address) override { downstream_local_address_ = downstream_local_address; } const Network::Address::InstanceConstSharedPtr& downstreamLocalAddress() const override { return downstream_local_address_; } void setDownstreamDirectRemoteAddress( const Network::Address::InstanceConstSharedPtr& downstream_direct_remote_address) override { downstream_direct_remote_address_ = downstream_direct_remote_address; } const Network::Address::InstanceConstSharedPtr& downstreamDirectRemoteAddress() const override { return downstream_direct_remote_address_; } void setDownstreamRemoteAddress( const Network::Address::InstanceConstSharedPtr& downstream_remote_address) override { downstream_remote_address_ = downstream_remote_address; } const Network::Address::InstanceConstSharedPtr& downstreamRemoteAddress() const override { return downstream_remote_address_; } void setDownstreamSslConnection(const Ssl::ConnectionInfoConstSharedPtr& connection_info) override { downstream_ssl_info_ = connection_info; } Ssl::ConnectionInfoConstSharedPtr downstreamSslConnection() const override { return downstream_ssl_info_; } void setUpstreamSslConnection(const Ssl::ConnectionInfoConstSharedPtr& connection_info) override { upstream_ssl_info_ = connection_info; } Ssl::ConnectionInfoConstSharedPtr upstreamSslConnection() const override { return upstream_ssl_info_; } const Router::RouteEntry* routeEntry() const override { return route_entry_; } envoy::config::core::v3::Metadata& dynamicMetadata() override { return metadata_; }; const envoy::config::core::v3::Metadata& dynamicMetadata() const override { return metadata_; }; void setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) override { (*metadata_.mutable_filter_metadata())[name].MergeFrom(value); }; const FilterStateSharedPtr& filterState() override { return filter_state_; } const FilterState& filterState() const override { return *filter_state_; } const FilterStateSharedPtr& upstreamFilterState() const override { return upstream_filter_state_; } void setUpstreamFilterState(const FilterStateSharedPtr& filter_state) override { upstream_filter_state_ = filter_state; } void setRequestedServerName(absl::string_view requested_server_name) override { requested_server_name_ = std::string(requested_server_name); } const std::string& requestedServerName() const override { return requested_server_name_; } void setUpstreamTransportFailureReason(absl::string_view failure_reason) override { upstream_transport_failure_reason_ = std::string(failure_reason); } const std::string& upstreamTransportFailureReason() const override { return upstream_transport_failure_reason_; } void setRequestHeaders(const Http::RequestHeaderMap& headers) override { request_headers_ = &headers; } const Http::RequestHeaderMap* getRequestHeaders() const override { return request_headers_; } void setRequestIDExtension(Http::RequestIDExtensionSharedPtr utils) override { request_id_extension_ = utils; } Http::RequestIDExtensionSharedPtr getRequestIDExtension() const override { return request_id_extension_; } void dumpState(std::ostream& os, int indent_level = 0) const { const char* spaces = spacesForLevel(indent_level); os << spaces << "StreamInfoImpl " << this << DUMP_OPTIONAL_MEMBER(protocol_) << DUMP_OPTIONAL_MEMBER(response_code_) << DUMP_OPTIONAL_MEMBER(response_code_details_) << DUMP_MEMBER(health_check_request_) << DUMP_MEMBER(route_name_) << "\n"; } void setUpstreamClusterInfo( const Upstream::ClusterInfoConstSharedPtr& upstream_cluster_info) override { upstream_cluster_info_ = upstream_cluster_info; } absl::optional upstreamClusterInfo() const override { return upstream_cluster_info_; } void setConnectionID(uint64_t id) override { connection_id_ = id; } absl::optional connectionID() const override { return connection_id_; } TimeSource& time_source_; const SystemTime start_time_; const MonotonicTime start_time_monotonic_; absl::optional last_downstream_rx_byte_received; absl::optional first_downstream_tx_byte_sent_; absl::optional last_downstream_tx_byte_sent_; absl::optional final_time_; absl::optional protocol_; absl::optional response_code_; absl::optional response_code_details_; absl::optional connection_termination_details_; uint64_t response_flags_{}; Upstream::HostDescriptionConstSharedPtr upstream_host_{}; bool health_check_request_{}; const Router::RouteEntry* route_entry_{}; envoy::config::core::v3::Metadata metadata_{}; FilterStateSharedPtr filter_state_; FilterStateSharedPtr upstream_filter_state_; std::string route_name_; private: StreamInfoImpl(absl::optional protocol, TimeSource& time_source, FilterStateSharedPtr filter_state) : time_source_(time_source), start_time_(time_source.systemTime()), start_time_monotonic_(time_source.monotonicTime()), protocol_(protocol), filter_state_(std::move(filter_state)), request_id_extension_(Http::RequestIDExtensionFactory::noopInstance()) {} uint64_t bytes_received_{}; uint64_t bytes_sent_{}; Network::Address::InstanceConstSharedPtr upstream_local_address_; Network::Address::InstanceConstSharedPtr downstream_local_address_; Network::Address::InstanceConstSharedPtr downstream_direct_remote_address_; Network::Address::InstanceConstSharedPtr downstream_remote_address_; Ssl::ConnectionInfoConstSharedPtr downstream_ssl_info_; Ssl::ConnectionInfoConstSharedPtr upstream_ssl_info_; std::string requested_server_name_; const Http::RequestHeaderMap* request_headers_{}; Http::RequestIDExtensionSharedPtr request_id_extension_; UpstreamTiming upstream_timing_; std::string upstream_transport_failure_reason_; absl::optional upstream_cluster_info_; absl::optional connection_id_; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/stream_info/uint32_accessor_impl.h ================================================ #pragma once #include "envoy/stream_info/uint32_accessor.h" namespace Envoy { namespace StreamInfo { /* * A FilterState object that tracks a single uint32_t value. */ class UInt32AccessorImpl : public UInt32Accessor { public: UInt32AccessorImpl(uint32_t value) : value_(value) {} // From FilterState::Object ProtobufTypes::MessagePtr serializeAsProto() const override { auto message = std::make_unique(); message->set_value(value_); return message; } // From UInt32Accessor. void increment() override { value_++; } uint32_t value() const override { return value_; } private: uint32_t value_; }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/stream_info/utility.cc ================================================ #include "common/stream_info/utility.h" #include namespace Envoy { namespace StreamInfo { const std::string ResponseFlagUtils::NONE = "-"; const std::string ResponseFlagUtils::DOWNSTREAM_CONNECTION_TERMINATION = "DC"; const std::string ResponseFlagUtils::FAILED_LOCAL_HEALTH_CHECK = "LH"; const std::string ResponseFlagUtils::NO_HEALTHY_UPSTREAM = "UH"; const std::string ResponseFlagUtils::UPSTREAM_REQUEST_TIMEOUT = "UT"; const std::string ResponseFlagUtils::LOCAL_RESET = "LR"; const std::string ResponseFlagUtils::UPSTREAM_REMOTE_RESET = "UR"; const std::string ResponseFlagUtils::UPSTREAM_CONNECTION_FAILURE = "UF"; const std::string ResponseFlagUtils::UPSTREAM_CONNECTION_TERMINATION = "UC"; const std::string ResponseFlagUtils::UPSTREAM_OVERFLOW = "UO"; const std::string ResponseFlagUtils::UPSTREAM_RETRY_LIMIT_EXCEEDED = "URX"; const std::string ResponseFlagUtils::NO_ROUTE_FOUND = "NR"; const std::string ResponseFlagUtils::DELAY_INJECTED = "DI"; const std::string ResponseFlagUtils::FAULT_INJECTED = "FI"; const std::string ResponseFlagUtils::RATE_LIMITED = "RL"; const std::string ResponseFlagUtils::UNAUTHORIZED_EXTERNAL_SERVICE = "UAEX"; const std::string ResponseFlagUtils::RATELIMIT_SERVICE_ERROR = "RLSE"; const std::string ResponseFlagUtils::STREAM_IDLE_TIMEOUT = "SI"; const std::string ResponseFlagUtils::INVALID_ENVOY_REQUEST_HEADERS = "IH"; const std::string ResponseFlagUtils::DOWNSTREAM_PROTOCOL_ERROR = "DPE"; const std::string ResponseFlagUtils::UPSTREAM_MAX_STREAM_DURATION_REACHED = "UMSDR"; const std::string ResponseFlagUtils::RESPONSE_FROM_CACHE_FILTER = "RFCF"; const std::string ResponseFlagUtils::NO_FILTER_CONFIG_FOUND = "NFCF"; const std::string ResponseFlagUtils::DURATION_TIMEOUT = "DT"; void ResponseFlagUtils::appendString(std::string& result, const std::string& append) { if (result.empty()) { result = append; } else { result += "," + append; } } const std::string ResponseFlagUtils::toShortString(const StreamInfo& stream_info) { std::string result; static_assert(ResponseFlag::LastFlag == 0x400000, "A flag has been added. Fix this code."); if (stream_info.hasResponseFlag(ResponseFlag::FailedLocalHealthCheck)) { appendString(result, FAILED_LOCAL_HEALTH_CHECK); } if (stream_info.hasResponseFlag(ResponseFlag::NoHealthyUpstream)) { appendString(result, NO_HEALTHY_UPSTREAM); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamRequestTimeout)) { appendString(result, UPSTREAM_REQUEST_TIMEOUT); } if (stream_info.hasResponseFlag(ResponseFlag::LocalReset)) { appendString(result, LOCAL_RESET); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamRemoteReset)) { appendString(result, UPSTREAM_REMOTE_RESET); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamConnectionFailure)) { appendString(result, UPSTREAM_CONNECTION_FAILURE); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamConnectionTermination)) { appendString(result, UPSTREAM_CONNECTION_TERMINATION); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamOverflow)) { appendString(result, UPSTREAM_OVERFLOW); } if (stream_info.hasResponseFlag(ResponseFlag::NoRouteFound)) { appendString(result, NO_ROUTE_FOUND); } if (stream_info.hasResponseFlag(ResponseFlag::DelayInjected)) { appendString(result, DELAY_INJECTED); } if (stream_info.hasResponseFlag(ResponseFlag::FaultInjected)) { appendString(result, FAULT_INJECTED); } if (stream_info.hasResponseFlag(ResponseFlag::RateLimited)) { appendString(result, RATE_LIMITED); } if (stream_info.hasResponseFlag(ResponseFlag::UnauthorizedExternalService)) { appendString(result, UNAUTHORIZED_EXTERNAL_SERVICE); } if (stream_info.hasResponseFlag(ResponseFlag::RateLimitServiceError)) { appendString(result, RATELIMIT_SERVICE_ERROR); } if (stream_info.hasResponseFlag(ResponseFlag::DownstreamConnectionTermination)) { appendString(result, DOWNSTREAM_CONNECTION_TERMINATION); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamRetryLimitExceeded)) { appendString(result, UPSTREAM_RETRY_LIMIT_EXCEEDED); } if (stream_info.hasResponseFlag(ResponseFlag::StreamIdleTimeout)) { appendString(result, STREAM_IDLE_TIMEOUT); } if (stream_info.hasResponseFlag(ResponseFlag::InvalidEnvoyRequestHeaders)) { appendString(result, INVALID_ENVOY_REQUEST_HEADERS); } if (stream_info.hasResponseFlag(ResponseFlag::DownstreamProtocolError)) { appendString(result, DOWNSTREAM_PROTOCOL_ERROR); } if (stream_info.hasResponseFlag(ResponseFlag::UpstreamMaxStreamDurationReached)) { appendString(result, UPSTREAM_MAX_STREAM_DURATION_REACHED); } if (stream_info.hasResponseFlag(ResponseFlag::ResponseFromCacheFilter)) { appendString(result, RESPONSE_FROM_CACHE_FILTER); } if (stream_info.hasResponseFlag(ResponseFlag::NoFilterConfigFound)) { appendString(result, NO_FILTER_CONFIG_FOUND); } if (stream_info.hasResponseFlag(ResponseFlag::DurationTimeout)) { appendString(result, DURATION_TIMEOUT); } return result.empty() ? NONE : result; } absl::optional ResponseFlagUtils::toResponseFlag(const std::string& flag) { static const std::map map = { {ResponseFlagUtils::FAILED_LOCAL_HEALTH_CHECK, ResponseFlag::FailedLocalHealthCheck}, {ResponseFlagUtils::NO_HEALTHY_UPSTREAM, ResponseFlag::NoHealthyUpstream}, {ResponseFlagUtils::UPSTREAM_REQUEST_TIMEOUT, ResponseFlag::UpstreamRequestTimeout}, {ResponseFlagUtils::LOCAL_RESET, ResponseFlag::LocalReset}, {ResponseFlagUtils::UPSTREAM_REMOTE_RESET, ResponseFlag::UpstreamRemoteReset}, {ResponseFlagUtils::UPSTREAM_CONNECTION_FAILURE, ResponseFlag::UpstreamConnectionFailure}, {ResponseFlagUtils::UPSTREAM_CONNECTION_TERMINATION, ResponseFlag::UpstreamConnectionTermination}, {ResponseFlagUtils::UPSTREAM_OVERFLOW, ResponseFlag::UpstreamOverflow}, {ResponseFlagUtils::NO_ROUTE_FOUND, ResponseFlag::NoRouteFound}, {ResponseFlagUtils::DELAY_INJECTED, ResponseFlag::DelayInjected}, {ResponseFlagUtils::FAULT_INJECTED, ResponseFlag::FaultInjected}, {ResponseFlagUtils::RATE_LIMITED, ResponseFlag::RateLimited}, {ResponseFlagUtils::UNAUTHORIZED_EXTERNAL_SERVICE, ResponseFlag::UnauthorizedExternalService}, {ResponseFlagUtils::RATELIMIT_SERVICE_ERROR, ResponseFlag::RateLimitServiceError}, {ResponseFlagUtils::DOWNSTREAM_CONNECTION_TERMINATION, ResponseFlag::DownstreamConnectionTermination}, {ResponseFlagUtils::UPSTREAM_RETRY_LIMIT_EXCEEDED, ResponseFlag::UpstreamRetryLimitExceeded}, {ResponseFlagUtils::STREAM_IDLE_TIMEOUT, ResponseFlag::StreamIdleTimeout}, {ResponseFlagUtils::INVALID_ENVOY_REQUEST_HEADERS, ResponseFlag::InvalidEnvoyRequestHeaders}, {ResponseFlagUtils::DOWNSTREAM_PROTOCOL_ERROR, ResponseFlag::DownstreamProtocolError}, {ResponseFlagUtils::UPSTREAM_MAX_STREAM_DURATION_REACHED, ResponseFlag::UpstreamMaxStreamDurationReached}, {ResponseFlagUtils::RESPONSE_FROM_CACHE_FILTER, ResponseFlag::ResponseFromCacheFilter}, {ResponseFlagUtils::NO_FILTER_CONFIG_FOUND, ResponseFlag::NoFilterConfigFound}, {ResponseFlagUtils::DURATION_TIMEOUT, ResponseFlag::DurationTimeout}, }; const auto& it = map.find(flag); if (it != map.end()) { return absl::make_optional(it->second); } return absl::nullopt; } const std::string& Utility::formatDownstreamAddressNoPort(const Network::Address::Instance& address) { if (address.type() == Network::Address::Type::Ip) { return address.ip()->addressAsString(); } else { return address.asString(); } } const std::string Utility::formatDownstreamAddressJustPort(const Network::Address::Instance& address) { std::string port; if (address.type() == Network::Address::Type::Ip) { port = std::to_string(address.ip()->port()); } return port; } } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/stream_info/utility.h ================================================ #pragma once #include #include #include "envoy/stream_info/stream_info.h" namespace Envoy { namespace StreamInfo { /** * Util class for ResponseFlags. */ class ResponseFlagUtils { public: static const std::string toShortString(const StreamInfo& stream_info); static absl::optional toResponseFlag(const std::string& response_flag); private: ResponseFlagUtils(); static void appendString(std::string& result, const std::string& append); const static std::string NONE; const static std::string DOWNSTREAM_CONNECTION_TERMINATION; const static std::string FAILED_LOCAL_HEALTH_CHECK; const static std::string NO_HEALTHY_UPSTREAM; const static std::string UPSTREAM_REQUEST_TIMEOUT; const static std::string LOCAL_RESET; const static std::string UPSTREAM_REMOTE_RESET; const static std::string UPSTREAM_CONNECTION_FAILURE; const static std::string UPSTREAM_CONNECTION_TERMINATION; const static std::string UPSTREAM_OVERFLOW; const static std::string UPSTREAM_RETRY_LIMIT_EXCEEDED; const static std::string NO_ROUTE_FOUND; const static std::string DELAY_INJECTED; const static std::string FAULT_INJECTED; const static std::string RATE_LIMITED; const static std::string UNAUTHORIZED_EXTERNAL_SERVICE; const static std::string RATELIMIT_SERVICE_ERROR; const static std::string STREAM_IDLE_TIMEOUT; const static std::string INVALID_ENVOY_REQUEST_HEADERS; const static std::string DOWNSTREAM_PROTOCOL_ERROR; const static std::string UPSTREAM_MAX_STREAM_DURATION_REACHED; const static std::string RESPONSE_FROM_CACHE_FILTER; const static std::string NO_FILTER_CONFIG_FOUND; const static std::string DURATION_TIMEOUT; }; /** * Utility class for StreamInfo. */ class Utility { public: /** * @param address supplies the downstream address. * @return a properly formatted address for logs, header expansion, etc. */ static const std::string& formatDownstreamAddressNoPort(const Network::Address::Instance& address); /** * @param address supplies the downstream address. * @return a port, extracted from the provided downstream address for logs, header expansion, etc. */ static const std::string formatDownstreamAddressJustPort(const Network::Address::Instance& address); }; } // namespace StreamInfo } // namespace Envoy ================================================ FILE: source/common/tcp/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "conn_pool_lib", srcs = [ "conn_pool.cc", "original_conn_pool.cc", ], hdrs = [ "conn_pool.h", "original_conn_pool.h", ], external_deps = ["abseil_optional"], deps = [ "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:connection_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:timespan_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:linked_object", "//source/common/common:utility_lib", "//source/common/http:conn_pool_base_lib", "//source/common/network:filter_lib", "//source/common/network:utility_lib", "//source/common/stats:timespan_lib", "//source/common/upstream:upstream_lib", ], ) ================================================ FILE: source/common/tcp/conn_pool.cc ================================================ #include "common/tcp/conn_pool.h" #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/upstream/upstream.h" #include "common/stats/timespan_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Tcp { ActiveTcpClient::ActiveTcpClient(ConnPoolImpl& parent, const Upstream::HostConstSharedPtr& host, uint64_t concurrent_stream_limit) : Envoy::ConnectionPool::ActiveClient(parent, host->cluster().maxRequestsPerConnection(), concurrent_stream_limit), parent_(parent) { Upstream::Host::CreateConnectionData data = host->createConnection( parent_.dispatcher(), parent_.socketOptions(), parent_.transportSocketOptions()); real_host_description_ = data.host_description_; connection_ = std::move(data.connection_); connection_->addConnectionCallbacks(*this); connection_->detectEarlyCloseWhenReadDisabled(false); connection_->addReadFilter(std::make_shared(*this)); connection_->connect(); } ActiveTcpClient::~ActiveTcpClient() { // Handle the case where deferred delete results in the ActiveClient being destroyed before // TcpConnectionData. Make sure the TcpConnectionData will not refer to this ActiveTcpClient // and handle clean up normally done in clearCallbacks() if (tcp_connection_data_) { ASSERT(state_ == ActiveClient::State::CLOSED); tcp_connection_data_->release(); parent_.onStreamClosed(*this, true); parent_.checkForDrained(); } parent_.onConnDestroyed(); } void ActiveTcpClient::clearCallbacks() { if (state_ == Envoy::ConnectionPool::ActiveClient::State::BUSY || state_ == Envoy::ConnectionPool::ActiveClient::State::DRAINING) { parent_.onConnReleased(*this); } callbacks_ = nullptr; tcp_connection_data_ = nullptr; parent_.onStreamClosed(*this, true); parent_.checkForDrained(); } void ActiveTcpClient::onEvent(Network::ConnectionEvent event) { Envoy::ConnectionPool::ActiveClient::onEvent(event); // Do not pass the Connected event to any session which registered during onEvent above. // Consumers of connection pool connections assume they are receiving already connected // connections. if (callbacks_ && event != Network::ConnectionEvent::Connected) { callbacks_->onEvent(event); // After receiving a disconnect event, the owner of callbacks_ will likely self-destruct. // Clear the pointer to avoid using it again. callbacks_ = nullptr; } } } // namespace Tcp } // namespace Envoy ================================================ FILE: source/common/tcp/conn_pool.h ================================================ #pragma once #include #include #include "envoy/event/deferred_deletable.h" #include "envoy/event/timer.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/upstream.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/http/conn_pool_base.h" #include "common/network/filter_impl.h" namespace Envoy { namespace Tcp { class ConnPoolImpl; struct TcpAttachContext : public Envoy::ConnectionPool::AttachContext { TcpAttachContext(Tcp::ConnectionPool::Callbacks* callbacks) : callbacks_(callbacks) {} Tcp::ConnectionPool::Callbacks* callbacks_; }; class TcpPendingStream : public Envoy::ConnectionPool::PendingStream { public: TcpPendingStream(Envoy::ConnectionPool::ConnPoolImplBase& parent, TcpAttachContext& context) : Envoy::ConnectionPool::PendingStream(parent), context_(context) {} Envoy::ConnectionPool::AttachContext& context() override { return context_; } TcpAttachContext context_; }; class ActiveTcpClient : public Envoy::ConnectionPool::ActiveClient { public: struct ConnReadFilter : public Network::ReadFilterBaseImpl { ConnReadFilter(ActiveTcpClient& parent) : parent_(parent) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override { parent_.onUpstreamData(data, end_stream); return Network::FilterStatus::StopIteration; } ActiveTcpClient& parent_; }; // This acts as the bridge between the ActiveTcpClient and an individual TCP connection. class TcpConnectionData : public Envoy::Tcp::ConnectionPool::ConnectionData { public: TcpConnectionData(ActiveTcpClient& parent, Network::ClientConnection& connection) : parent_(&parent), connection_(connection) { parent_->tcp_connection_data_ = this; } ~TcpConnectionData() override { // Generally it is the case that TcpConnectionData will be destroyed before the // ActiveTcpClient. Because ordering on the deferred delete list is not guaranteed in the // case of a disconnect, make sure parent_ is valid before doing clean-up. if (parent_) { parent_->clearCallbacks(); } } Network::ClientConnection& connection() override { return connection_; } void setConnectionState(ConnectionPool::ConnectionStatePtr&& state) override { parent_->connection_state_ = std::move(state); } void addUpstreamCallbacks(ConnectionPool::UpstreamCallbacks& callbacks) override { parent_->callbacks_ = &callbacks; } void release() { parent_ = nullptr; } protected: ConnectionPool::ConnectionState* connectionState() override { return parent_->connection_state_.get(); } private: ActiveTcpClient* parent_; Network::ClientConnection& connection_; }; ActiveTcpClient(ConnPoolImpl& parent, const Upstream::HostConstSharedPtr& host, uint64_t concurrent_stream_limit); ~ActiveTcpClient() override; // Override the default's of Envoy::ConnectionPool::ActiveClient for class-specific functions. // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override { callbacks_->onAboveWriteBufferHighWatermark(); } void onBelowWriteBufferLowWatermark() override { callbacks_->onBelowWriteBufferLowWatermark(); } void close() override { connection_->close(Network::ConnectionCloseType::NoFlush); } size_t numActiveStreams() const override { return callbacks_ ? 1 : 0; } bool closingWithIncompleteStream() const override { return false; } uint64_t id() const override { return connection_->id(); } void onUpstreamData(Buffer::Instance& data, bool end_stream) { if (callbacks_) { callbacks_->onUpstreamData(data, end_stream); } else { close(); } } void clearCallbacks(); ConnPoolImpl& parent_; ConnectionPool::UpstreamCallbacks* callbacks_{}; Network::ClientConnectionPtr connection_; ConnectionPool::ConnectionStatePtr connection_state_; TcpConnectionData* tcp_connection_data_{}; }; class ConnPoolImpl : public Envoy::ConnectionPool::ConnPoolImplBase, public Tcp::ConnectionPool::Instance { public: ConnPoolImpl(Event::Dispatcher& dispatcher, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) : Envoy::ConnectionPool::ConnPoolImplBase(host, priority, dispatcher, options, transport_socket_options), upstream_ready_cb_(dispatcher.createSchedulableCallback([this]() { upstream_ready_enabled_ = false; onUpstreamReady(); })) {} ~ConnPoolImpl() override { destructAllConnections(); } void addDrainedCallback(DrainedCb cb) override { addDrainedCallbackImpl(cb); } void drainConnections() override { drainConnectionsImpl(); // Legacy behavior for the TCP connection pool marks all connecting clients // as draining. for (auto& connecting_client : connecting_clients_) { if (connecting_client->remaining_streams_ > 1) { uint64_t old_limit = connecting_client->effectiveConcurrentStreamLimit(); connecting_client->remaining_streams_ = 1; if (connecting_client->effectiveConcurrentStreamLimit() < old_limit) { connecting_stream_capacity_ -= (old_limit - connecting_client->effectiveConcurrentStreamLimit()); } } } } void closeConnections() override { for (auto* list : {&ready_clients_, &busy_clients_, &connecting_clients_}) { while (!list->empty()) { list->front()->close(); } } } ConnectionPool::Cancellable* newConnection(Tcp::ConnectionPool::Callbacks& callbacks) override { TcpAttachContext context(&callbacks); return Envoy::ConnectionPool::ConnPoolImplBase::newStream(context); } bool maybePrefetch(float prefetch_ratio) override { return Envoy::ConnectionPool::ConnPoolImplBase::maybePrefetch(prefetch_ratio); } ConnectionPool::Cancellable* newPendingStream(Envoy::ConnectionPool::AttachContext& context) override { Envoy::ConnectionPool::PendingStreamPtr pending_stream = std::make_unique(*this, typedContext(context)); LinkedList::moveIntoList(std::move(pending_stream), pending_streams_); return pending_streams_.front().get(); } Upstream::HostDescriptionConstSharedPtr host() const override { return Envoy::ConnectionPool::ConnPoolImplBase::host(); } Envoy::ConnectionPool::ActiveClientPtr instantiateActiveClient() override { return std::make_unique(*this, Envoy::ConnectionPool::ConnPoolImplBase::host(), 1); } void onPoolReady(Envoy::ConnectionPool::ActiveClient& client, Envoy::ConnectionPool::AttachContext& context) override { ActiveTcpClient* tcp_client = static_cast(&client); auto* callbacks = typedContext(context).callbacks_; std::unique_ptr connection_data = std::make_unique(*tcp_client, *tcp_client->connection_); callbacks->onPoolReady(std::move(connection_data), tcp_client->real_host_description_); } void onPoolFailure(const Upstream::HostDescriptionConstSharedPtr& host_description, absl::string_view, ConnectionPool::PoolFailureReason reason, Envoy::ConnectionPool::AttachContext& context) override { auto* callbacks = typedContext(context).callbacks_; callbacks->onPoolFailure(reason, host_description); } // These two functions exist for testing parity between old and new Tcp Connection Pools. virtual void onConnReleased(Envoy::ConnectionPool::ActiveClient& client) { if (client.state_ == Envoy::ConnectionPool::ActiveClient::State::BUSY) { if (!pending_streams_.empty() && !upstream_ready_enabled_) { upstream_ready_cb_->scheduleCallbackCurrentIteration(); } } } virtual void onConnDestroyed() {} protected: Event::SchedulableCallbackPtr upstream_ready_cb_; bool upstream_ready_enabled_{}; }; } // namespace Tcp } // namespace Envoy ================================================ FILE: source/common/tcp/original_conn_pool.cc ================================================ #include "common/tcp/original_conn_pool.h" #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/upstream/upstream.h" #include "common/stats/timespan_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Tcp { OriginalConnPoolImpl::OriginalConnPoolImpl( Event::Dispatcher& dispatcher, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) : dispatcher_(dispatcher), host_(host), priority_(priority), socket_options_(options), transport_socket_options_(transport_socket_options), upstream_ready_cb_(dispatcher_.createSchedulableCallback([this]() { onUpstreamReady(); })) {} OriginalConnPoolImpl::~OriginalConnPoolImpl() { while (!ready_conns_.empty()) { ready_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } while (!busy_conns_.empty()) { busy_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } while (!pending_conns_.empty()) { pending_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } // Make sure all connections are destroyed before we are destroyed. dispatcher_.clearDeferredDeleteList(); } void OriginalConnPoolImpl::drainConnections() { while (!ready_conns_.empty()) { ready_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } // We drain busy and pending connections by manually setting remaining requests to 1. Thus, when // the next response completes the connection will be destroyed. for (const auto& conn : busy_conns_) { conn->remaining_requests_ = 1; } for (const auto& conn : pending_conns_) { conn->remaining_requests_ = 1; } } void OriginalConnPoolImpl::closeConnections() { while (!ready_conns_.empty()) { ready_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } while (!busy_conns_.empty()) { busy_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } while (!pending_conns_.empty()) { pending_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } } void OriginalConnPoolImpl::addDrainedCallback(DrainedCb cb) { drained_callbacks_.push_back(cb); checkForDrained(); } void OriginalConnPoolImpl::assignConnection(ActiveConn& conn, ConnectionPool::Callbacks& callbacks) { ASSERT(conn.wrapper_ == nullptr); conn.wrapper_ = std::make_shared(conn); callbacks.onPoolReady(std::make_unique(conn.wrapper_), conn.real_host_description_); } void OriginalConnPoolImpl::checkForDrained() { if (!drained_callbacks_.empty() && pending_requests_.empty() && busy_conns_.empty() && pending_conns_.empty()) { while (!ready_conns_.empty()) { ready_conns_.front()->conn_->close(Network::ConnectionCloseType::NoFlush); } for (const DrainedCb& cb : drained_callbacks_) { cb(); } } } void OriginalConnPoolImpl::createNewConnection() { ENVOY_LOG(debug, "creating a new connection"); ActiveConnPtr conn(new ActiveConn(*this)); LinkedList::moveIntoList(std::move(conn), pending_conns_); } ConnectionPool::Cancellable* OriginalConnPoolImpl::newConnection(ConnectionPool::Callbacks& callbacks) { if (!ready_conns_.empty()) { ready_conns_.front()->moveBetweenLists(ready_conns_, busy_conns_); ENVOY_CONN_LOG(debug, "using existing connection", *busy_conns_.front()->conn_); assignConnection(*busy_conns_.front(), callbacks); return nullptr; } if (host_->cluster().resourceManager(priority_).pendingRequests().canCreate()) { bool can_create_connection = host_->cluster().resourceManager(priority_).connections().canCreate(); if (!can_create_connection) { host_->cluster().stats().upstream_cx_overflow_.inc(); } // If we have no connections at all, make one no matter what so we don't starve. if ((ready_conns_.empty() && busy_conns_.empty() && pending_conns_.empty()) || can_create_connection) { createNewConnection(); } ENVOY_LOG(debug, "queueing request due to no available connections"); PendingRequestPtr pending_request(new PendingRequest(*this, callbacks)); LinkedList::moveIntoList(std::move(pending_request), pending_requests_); return pending_requests_.front().get(); } else { ENVOY_LOG(debug, "max pending requests overflow"); callbacks.onPoolFailure(ConnectionPool::PoolFailureReason::Overflow, nullptr); host_->cluster().stats().upstream_rq_pending_overflow_.inc(); return nullptr; } } void OriginalConnPoolImpl::onConnectionEvent(ActiveConn& conn, Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { ENVOY_CONN_LOG(debug, "client disconnected", *conn.conn_); Envoy::Upstream::reportUpstreamCxDestroy(host_, event); ActiveConnPtr removed; bool check_for_drained = true; if (conn.wrapper_ != nullptr) { if (!conn.wrapper_->released_) { Envoy::Upstream::reportUpstreamCxDestroyActiveRequest(host_, event); conn.wrapper_->release(true); } removed = conn.removeFromList(busy_conns_); } else if (!conn.connect_timer_) { // The connect timer is destroyed on connect. The lack of a connect timer means that this // connection is idle and in the ready pool. removed = conn.removeFromList(ready_conns_); check_for_drained = false; } else { // The only time this happens is if we actually saw a connect failure. host_->cluster().stats().upstream_cx_connect_fail_.inc(); host_->stats().cx_connect_fail_.inc(); removed = conn.removeFromList(pending_conns_); // Raw connect failures should never happen under normal circumstances. If we have an upstream // that is behaving badly, requests can get stuck here in the pending state. If we see a // connect failure, we purge all pending requests so that calling code can determine what to // do with the request. // NOTE: We move the existing pending requests to a temporary list. This is done so that // if retry logic submits a new request to the pool, we don't fail it inline. // TODO(lizan): If pool failure due to transport socket, propagate the reason to access log. ConnectionPool::PoolFailureReason reason; if (conn.timed_out_) { reason = ConnectionPool::PoolFailureReason::Timeout; } else if (event == Network::ConnectionEvent::RemoteClose) { reason = ConnectionPool::PoolFailureReason::RemoteConnectionFailure; } else { reason = ConnectionPool::PoolFailureReason::LocalConnectionFailure; } std::list pending_requests_to_purge; pending_requests_to_purge.swap(pending_requests_); while (!pending_requests_to_purge.empty()) { PendingRequestPtr request = pending_requests_to_purge.front()->removeFromList(pending_requests_to_purge); host_->cluster().stats().upstream_rq_pending_failure_eject_.inc(); request->callbacks_.onPoolFailure(reason, conn.real_host_description_); } } dispatcher_.deferredDelete(std::move(removed)); // If we have pending requests and we just lost a connection we should make a new one. if (pending_requests_.size() > (ready_conns_.size() + busy_conns_.size() + pending_conns_.size())) { createNewConnection(); } if (check_for_drained) { checkForDrained(); } } if (conn.connect_timer_) { conn.connect_timer_->disableTimer(); conn.connect_timer_.reset(); } // Note that the order in this function is important. Concretely, we must destroy the connect // timer before we process an idle connection, because if this results in an immediate // drain/destruction event, we key off of the existence of the connect timer above to determine // whether the connection is in the ready list (connected) or the pending list (failed to // connect). if (event == Network::ConnectionEvent::Connected) { conn.conn_->streamInfo().setDownstreamSslConnection(conn.conn_->ssl()); conn_connect_ms_->complete(); processIdleConnection(conn, true, false); } } void OriginalConnPoolImpl::onPendingRequestCancel(PendingRequest& request, ConnectionPool::CancelPolicy cancel_policy) { ENVOY_LOG(debug, "canceling pending request"); request.removeFromList(pending_requests_); host_->cluster().stats().upstream_rq_cancelled_.inc(); // If the cancel requests closure of excess connections and there are more pending connections // than requests, close the most recently created pending connection. if (cancel_policy == ConnectionPool::CancelPolicy::CloseExcess && pending_requests_.size() < pending_conns_.size()) { ENVOY_LOG(debug, "canceling pending connection"); pending_conns_.back()->conn_->close(Network::ConnectionCloseType::NoFlush); } checkForDrained(); } void OriginalConnPoolImpl::onConnReleased(ActiveConn& conn) { ENVOY_CONN_LOG(debug, "connection released", *conn.conn_); if (conn.remaining_requests_ > 0 && --conn.remaining_requests_ == 0) { ENVOY_CONN_LOG(debug, "maximum requests per connection", *conn.conn_); host_->cluster().stats().upstream_cx_max_requests_.inc(); conn.conn_->close(Network::ConnectionCloseType::NoFlush); } else { // Upstream connection might be closed right after response is complete. Setting delay=true // here to assign pending requests in next dispatcher loop to handle that case. // https://github.com/envoyproxy/envoy/issues/2715 processIdleConnection(conn, false, true); } } void OriginalConnPoolImpl::onConnDestroyed(ActiveConn& conn) { ENVOY_CONN_LOG(debug, "connection destroyed", *conn.conn_); } void OriginalConnPoolImpl::onUpstreamReady() { upstream_ready_enabled_ = false; while (!pending_requests_.empty() && !ready_conns_.empty()) { ActiveConn& conn = *ready_conns_.front(); ENVOY_CONN_LOG(debug, "assigning connection", *conn.conn_); // There is work to do so bind a connection to the caller and move it to the busy list. Pending // requests are pushed onto the front, so pull from the back. conn.moveBetweenLists(ready_conns_, busy_conns_); assignConnection(conn, pending_requests_.back()->callbacks_); pending_requests_.pop_back(); } } void OriginalConnPoolImpl::processIdleConnection(ActiveConn& conn, bool new_connection, bool delay) { if (conn.wrapper_) { conn.wrapper_->invalidate(); conn.wrapper_.reset(); } // TODO(zuercher): As a future improvement, we may wish to close extra connections when there are // no pending requests rather than moving them to ready_conns_. For conn pool callers that re-use // connections it is possible that a busy connection may be re-assigned to a pending request // while a new connection is pending. The current behavior is to move the pending connection to // the ready list to await a future request. For some protocols, e.g. mysql which has the server // transmit handshake data on connect, it may be desirable to close the connection if no pending // request is available. The CloseExcess flag for cancel is related: if we close pending // connections without requests here it becomes superfluous (instead of closing connections at // cancel time we'd wait until they completed and close them here). Finally, we want to avoid // requiring operators to correct configure clusters to get the necessary pending connection // behavior (e.g. we want to find a way to enable the new behavior without having to configure // it on a cluster). if (pending_requests_.empty() || delay) { // There is nothing to service or delayed processing is requested, so just move the connection // into the ready list. ENVOY_CONN_LOG(debug, "moving to ready", *conn.conn_); if (new_connection) { conn.moveBetweenLists(pending_conns_, ready_conns_); } else { conn.moveBetweenLists(busy_conns_, ready_conns_); } } else { // There is work to do immediately so bind a request to the caller and move it to the busy list. // Pending requests are pushed onto the front, so pull from the back. ENVOY_CONN_LOG(debug, "assigning connection", *conn.conn_); if (new_connection) { conn.moveBetweenLists(pending_conns_, busy_conns_); } assignConnection(conn, pending_requests_.back()->callbacks_); pending_requests_.pop_back(); } if (delay && !pending_requests_.empty() && !upstream_ready_enabled_) { upstream_ready_enabled_ = true; upstream_ready_cb_->scheduleCallbackCurrentIteration(); } checkForDrained(); } OriginalConnPoolImpl::ConnectionWrapper::ConnectionWrapper(ActiveConn& parent) : parent_(parent) { parent_.parent_.host_->cluster().stats().upstream_rq_total_.inc(); parent_.parent_.host_->cluster().stats().upstream_rq_active_.inc(); parent_.parent_.host_->stats().rq_total_.inc(); parent_.parent_.host_->stats().rq_active_.inc(); } Network::ClientConnection& OriginalConnPoolImpl::ConnectionWrapper::connection() { ASSERT(conn_valid_); return *parent_.conn_; } void OriginalConnPoolImpl::ConnectionWrapper::addUpstreamCallbacks( ConnectionPool::UpstreamCallbacks& cb) { ASSERT(!released_); callbacks_ = &cb; } void OriginalConnPoolImpl::ConnectionWrapper::release(bool closed) { // Allow multiple calls: connection close and destruction of ConnectionDataImplPtr will both // result in this call. if (!released_) { released_ = true; callbacks_ = nullptr; if (!closed) { parent_.parent_.onConnReleased(parent_); } parent_.parent_.host_->cluster().stats().upstream_rq_active_.dec(); parent_.parent_.host_->stats().rq_active_.dec(); } } OriginalConnPoolImpl::PendingRequest::PendingRequest(OriginalConnPoolImpl& parent, ConnectionPool::Callbacks& callbacks) : parent_(parent), callbacks_(callbacks) { parent_.host_->cluster().stats().upstream_rq_pending_total_.inc(); parent_.host_->cluster().stats().upstream_rq_pending_active_.inc(); parent_.host_->cluster().resourceManager(parent_.priority_).pendingRequests().inc(); } OriginalConnPoolImpl::PendingRequest::~PendingRequest() { parent_.host_->cluster().stats().upstream_rq_pending_active_.dec(); parent_.host_->cluster().resourceManager(parent_.priority_).pendingRequests().dec(); } OriginalConnPoolImpl::ActiveConn::ActiveConn(OriginalConnPoolImpl& parent) : parent_(parent), connect_timer_(parent_.dispatcher_.createTimer([this]() -> void { onConnectTimeout(); })), remaining_requests_(parent_.host_->cluster().maxRequestsPerConnection()), timed_out_(false) { parent_.conn_connect_ms_ = std::make_unique( parent_.host_->cluster().stats().upstream_cx_connect_ms_, parent_.dispatcher_.timeSource()); Upstream::Host::CreateConnectionData data = parent_.host_->createConnection( parent_.dispatcher_, parent_.socket_options_, parent_.transport_socket_options_); real_host_description_ = data.host_description_; conn_ = std::move(data.connection_); conn_->detectEarlyCloseWhenReadDisabled(false); conn_->addConnectionCallbacks(*this); conn_->addReadFilter(Network::ReadFilterSharedPtr{new ConnReadFilter(*this)}); ENVOY_CONN_LOG(debug, "connecting", *conn_); conn_->connect(); parent_.host_->cluster().stats().upstream_cx_total_.inc(); parent_.host_->cluster().stats().upstream_cx_active_.inc(); parent_.host_->stats().cx_total_.inc(); parent_.host_->stats().cx_active_.inc(); conn_length_ = std::make_unique( parent_.host_->cluster().stats().upstream_cx_length_ms_, parent_.dispatcher_.timeSource()); connect_timer_->enableTimer(parent_.host_->cluster().connectTimeout()); parent_.host_->cluster().resourceManager(parent_.priority_).connections().inc(); conn_->setConnectionStats({parent_.host_->cluster().stats().upstream_cx_rx_bytes_total_, parent_.host_->cluster().stats().upstream_cx_rx_bytes_buffered_, parent_.host_->cluster().stats().upstream_cx_tx_bytes_total_, parent_.host_->cluster().stats().upstream_cx_tx_bytes_buffered_, &parent_.host_->cluster().stats().bind_errors_, nullptr}); // We just universally set no delay on connections. Theoretically we might at some point want // to make this configurable. conn_->noDelay(true); } OriginalConnPoolImpl::ActiveConn::~ActiveConn() { if (wrapper_) { wrapper_->invalidate(); } parent_.host_->cluster().stats().upstream_cx_active_.dec(); parent_.host_->stats().cx_active_.dec(); conn_length_->complete(); parent_.host_->cluster().resourceManager(parent_.priority_).connections().dec(); parent_.onConnDestroyed(*this); } void OriginalConnPoolImpl::ActiveConn::onConnectTimeout() { // We just close the connection at this point. This will result in both a timeout and a connect // failure and will fold into all the normal connect failure logic. ENVOY_CONN_LOG(debug, "connect timeout", *conn_); timed_out_ = true; parent_.host_->cluster().stats().upstream_cx_connect_timeout_.inc(); conn_->close(Network::ConnectionCloseType::NoFlush); } void OriginalConnPoolImpl::ActiveConn::onUpstreamData(Buffer::Instance& data, bool end_stream) { if (wrapper_ != nullptr && wrapper_->callbacks_ != nullptr) { // Delegate to the connection owner. wrapper_->callbacks_->onUpstreamData(data, end_stream); } else { // Unexpected data from upstream, close down the connection. ENVOY_CONN_LOG(debug, "unexpected data from upstream, closing connection", *conn_); conn_->close(Network::ConnectionCloseType::NoFlush); } } void OriginalConnPoolImpl::ActiveConn::onEvent(Network::ConnectionEvent event) { ConnectionPool::UpstreamCallbacks* cb = nullptr; if (wrapper_ != nullptr && wrapper_->callbacks_ != nullptr) { cb = wrapper_->callbacks_; } // In the event of a close event, we want to update the pool's state before triggering callbacks, // preventing the case where we attempt to return a closed connection to the ready pool. parent_.onConnectionEvent(*this, event); if (cb) { cb->onEvent(event); } } void OriginalConnPoolImpl::ActiveConn::onAboveWriteBufferHighWatermark() { if (wrapper_ != nullptr && wrapper_->callbacks_ != nullptr) { wrapper_->callbacks_->onAboveWriteBufferHighWatermark(); } } void OriginalConnPoolImpl::ActiveConn::onBelowWriteBufferLowWatermark() { if (wrapper_ != nullptr && wrapper_->callbacks_ != nullptr) { wrapper_->callbacks_->onBelowWriteBufferLowWatermark(); } } } // namespace Tcp } // namespace Envoy ================================================ FILE: source/common/tcp/original_conn_pool.h ================================================ #pragma once #include #include #include "envoy/event/deferred_deletable.h" #include "envoy/event/schedulable_cb.h" #include "envoy/event/timer.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/upstream.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/network/filter_impl.h" namespace Envoy { namespace Tcp { class OriginalConnPoolImpl : Logger::Loggable, public ConnectionPool::Instance { public: OriginalConnPoolImpl(Event::Dispatcher& dispatcher, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options); ~OriginalConnPoolImpl() override; // ConnectionPool::Instance void addDrainedCallback(DrainedCb cb) override; void drainConnections() override; void closeConnections() override; ConnectionPool::Cancellable* newConnection(ConnectionPool::Callbacks& callbacks) override; // The old pool does not implement prefetching. bool maybePrefetch(float) override { return false; } Upstream::HostDescriptionConstSharedPtr host() const override { return host_; } protected: struct ActiveConn; struct ConnectionWrapper { ConnectionWrapper(ActiveConn& parent); Network::ClientConnection& connection(); void addUpstreamCallbacks(ConnectionPool::UpstreamCallbacks& callbacks); void setConnectionState(ConnectionPool::ConnectionStatePtr&& state) { parent_.setConnectionState(std::move(state)); }; ConnectionPool::ConnectionState* connectionState() { return parent_.connectionState(); } void release(bool closed); void invalidate() { conn_valid_ = false; } ActiveConn& parent_; ConnectionPool::UpstreamCallbacks* callbacks_{}; bool released_{false}; bool conn_valid_{true}; }; using ConnectionWrapperSharedPtr = std::shared_ptr; struct ConnectionDataImpl : public ConnectionPool::ConnectionData { ConnectionDataImpl(ConnectionWrapperSharedPtr wrapper) : wrapper_(std::move(wrapper)) {} ~ConnectionDataImpl() override { wrapper_->release(false); } // ConnectionPool::ConnectionData Network::ClientConnection& connection() override { return wrapper_->connection(); } void addUpstreamCallbacks(ConnectionPool::UpstreamCallbacks& callbacks) override { wrapper_->addUpstreamCallbacks(callbacks); }; void setConnectionState(ConnectionPool::ConnectionStatePtr&& state) override { wrapper_->setConnectionState(std::move(state)); } ConnectionPool::ConnectionState* connectionState() override { return wrapper_->connectionState(); } ConnectionWrapperSharedPtr wrapper_; }; struct ConnReadFilter : public Network::ReadFilterBaseImpl { ConnReadFilter(ActiveConn& parent) : parent_(parent) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override { parent_.onUpstreamData(data, end_stream); return Network::FilterStatus::StopIteration; } ActiveConn& parent_; }; struct ActiveConn : LinkedObject, public Network::ConnectionCallbacks, public Event::DeferredDeletable { ActiveConn(OriginalConnPoolImpl& parent); ~ActiveConn() override; void onConnectTimeout(); void onUpstreamData(Buffer::Instance& data, bool end_stream); // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; void setConnectionState(ConnectionPool::ConnectionStatePtr&& state) { conn_state_ = std::move(state); } ConnectionPool::ConnectionState* connectionState() { return conn_state_.get(); } OriginalConnPoolImpl& parent_; Upstream::HostDescriptionConstSharedPtr real_host_description_; ConnectionWrapperSharedPtr wrapper_; Network::ClientConnectionPtr conn_; ConnectionPool::ConnectionStatePtr conn_state_; Event::TimerPtr connect_timer_; Stats::TimespanPtr conn_length_; uint64_t remaining_requests_; bool timed_out_; }; using ActiveConnPtr = std::unique_ptr; struct PendingRequest : LinkedObject, public ConnectionPool::Cancellable { PendingRequest(OriginalConnPoolImpl& parent, ConnectionPool::Callbacks& callbacks); ~PendingRequest() override; // ConnectionPool::Cancellable void cancel(ConnectionPool::CancelPolicy cancel_policy) override { parent_.onPendingRequestCancel(*this, cancel_policy); } OriginalConnPoolImpl& parent_; ConnectionPool::Callbacks& callbacks_; }; using PendingRequestPtr = std::unique_ptr; void assignConnection(ActiveConn& conn, ConnectionPool::Callbacks& callbacks); void createNewConnection(); void onConnectionEvent(ActiveConn& conn, Network::ConnectionEvent event); void onPendingRequestCancel(PendingRequest& request, ConnectionPool::CancelPolicy cancel_policy); virtual void onConnReleased(ActiveConn& conn); virtual void onConnDestroyed(ActiveConn& conn); void onUpstreamReady(); void processIdleConnection(ActiveConn& conn, bool new_connection, bool delay); void checkForDrained(); Event::Dispatcher& dispatcher_; Upstream::HostConstSharedPtr host_; Upstream::ResourcePriority priority_; const Network::ConnectionSocket::OptionsSharedPtr socket_options_; Network::TransportSocketOptionsSharedPtr transport_socket_options_; std::list pending_conns_; // conns awaiting connected event std::list ready_conns_; // conns ready for assignment std::list busy_conns_; // conns assigned std::list pending_requests_; std::list drained_callbacks_; Stats::TimespanPtr conn_connect_ms_; Event::SchedulableCallbackPtr upstream_ready_cb_; bool upstream_ready_enabled_{false}; }; } // namespace Tcp } // namespace Envoy ================================================ FILE: source/common/tcp_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "tcp_proxy", srcs = [ "tcp_proxy.cc", "upstream.cc", ], hdrs = [ "tcp_proxy.h", "upstream.h", ], deps = [ "//include/envoy/access_log:access_log_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/common:time_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/router:router_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//include/envoy/stats:timespan_interface", "//include/envoy/stream_info:filter_state_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/access_log:access_log_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:macros", "//source/common/common:minimal_logger_lib", "//source/common/http:headers_lib", "//source/common/network:application_protocol_lib", "//source/common/network:cidr_range_lib", "//source/common/network:filter_lib", "//source/common/network:hash_policy_lib", "//source/common/network:proxy_protocol_filter_state_lib", "//source/common/network:transport_socket_options_lib", "//source/common/network:upstream_server_name_lib", "//source/common/network:utility_lib", "//source/common/router:metadatamatchcriteria_lib", "//source/common/stream_info:stream_info_lib", "//source/common/upstream:load_balancer_lib", "@envoy_api//envoy/config/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/tcp_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/tcp_proxy/tcp_proxy.cc ================================================ #include "common/tcp_proxy/tcp_proxy.h" #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/config/accesslog/v3/accesslog.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/access_log/access_log_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/config/well_known_names.h" #include "common/network/application_protocol.h" #include "common/network/proxy_protocol_filter_state.h" #include "common/network/transport_socket_options_impl.h" #include "common/network/upstream_server_name.h" #include "common/router/metadatamatchcriteria_impl.h" namespace Envoy { namespace TcpProxy { const std::string& PerConnectionCluster::key() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.tcp_proxy.cluster"); } Config::RouteImpl::RouteImpl( const Config& parent, const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::DeprecatedV1::TCPRoute& config) : parent_(parent) { cluster_name_ = config.cluster(); source_ips_ = Network::Address::IpList(config.source_ip_list()); destination_ips_ = Network::Address::IpList(config.destination_ip_list()); if (!config.source_ports().empty()) { Network::Utility::parsePortRangeList(config.source_ports(), source_port_ranges_); } if (!config.destination_ports().empty()) { Network::Utility::parsePortRangeList(config.destination_ports(), destination_port_ranges_); } } bool Config::RouteImpl::matches(Network::Connection& connection) const { if (!source_port_ranges_.empty() && !Network::Utility::portInRangeList(*connection.remoteAddress(), source_port_ranges_)) { return false; } if (!source_ips_.empty() && !source_ips_.contains(*connection.remoteAddress())) { return false; } if (!destination_port_ranges_.empty() && !Network::Utility::portInRangeList(*connection.localAddress(), destination_port_ranges_)) { return false; } if (!destination_ips_.empty() && !destination_ips_.contains(*connection.localAddress())) { return false; } // if we made it past all checks, the route matches return true; } Config::WeightedClusterEntry::WeightedClusterEntry( const Config& parent, const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy:: WeightedCluster::ClusterWeight& config) : parent_(parent), cluster_name_(config.name()), cluster_weight_(config.weight()) { if (config.has_metadata_match()) { const auto filter_it = config.metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != config.metadata_match().filter_metadata().end()) { if (parent.cluster_metadata_match_criteria_) { metadata_match_criteria_ = parent.cluster_metadata_match_criteria_->mergeMatchCriteria(filter_it->second); } else { metadata_match_criteria_ = std::make_unique(filter_it->second); } } } } Config::SharedConfig::SharedConfig( const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& config, Server::Configuration::FactoryContext& context) : stats_scope_(context.scope().createScope(fmt::format("tcp.{}", config.stat_prefix()))), stats_(generateStats(*stats_scope_)) { if (config.has_idle_timeout()) { const uint64_t timeout = DurationUtil::durationToMilliseconds(config.idle_timeout()); if (timeout > 0) { idle_timeout_ = std::chrono::milliseconds(timeout); } } else { idle_timeout_ = std::chrono::hours(1); } if (config.has_tunneling_config()) { tunneling_config_ = config.tunneling_config(); } if (config.has_max_downstream_connection_duration()) { const uint64_t connection_duration = DurationUtil::durationToMilliseconds(config.max_downstream_connection_duration()); max_downstream_connection_duration_ = std::chrono::milliseconds(connection_duration); } } Config::Config(const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& config, Server::Configuration::FactoryContext& context) : max_connect_attempts_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_connect_attempts, 1)), upstream_drain_manager_slot_(context.threadLocal().allocateSlot()), shared_config_(std::make_shared(config, context)), random_generator_(context.api().randomGenerator()) { upstream_drain_manager_slot_->set([](Event::Dispatcher&) { ThreadLocal::ThreadLocalObjectSharedPtr drain_manager = std::make_shared(); return drain_manager; }); if (config.has_hidden_envoy_deprecated_deprecated_v1()) { for (const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::DeprecatedV1::TCPRoute& route_desc : config.hidden_envoy_deprecated_deprecated_v1().routes()) { routes_.emplace_back(std::make_shared(*this, route_desc)); } } if (!config.cluster().empty()) { envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::DeprecatedV1::TCPRoute default_route; default_route.set_cluster(config.cluster()); routes_.emplace_back(std::make_shared(*this, default_route)); } if (config.has_metadata_match()) { const auto& filter_metadata = config.metadata_match().filter_metadata(); const auto filter_it = filter_metadata.find(Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != filter_metadata.end()) { cluster_metadata_match_criteria_ = std::make_unique(filter_it->second); } } // Weighted clusters will be enabled only if both the default cluster and // deprecated v1 routes are absent. if (routes_.empty() && config.has_weighted_clusters()) { total_cluster_weight_ = 0; for (const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::WeightedCluster:: ClusterWeight& cluster_desc : config.weighted_clusters().clusters()) { WeightedClusterEntryConstSharedPtr cluster_entry( std::make_shared(*this, cluster_desc)); weighted_clusters_.emplace_back(std::move(cluster_entry)); total_cluster_weight_ += weighted_clusters_.back()->clusterWeight(); } } for (const envoy::config::accesslog::v3::AccessLog& log_config : config.access_log()) { access_logs_.emplace_back(AccessLog::AccessLogFactory::fromProto(log_config, context)); } if (!config.hash_policy().empty()) { hash_policy_ = std::make_unique(config.hash_policy()); } } RouteConstSharedPtr Config::getRegularRouteFromEntries(Network::Connection& connection) { // First check if the per-connection state to see if we need to route to a pre-selected cluster if (connection.streamInfo().filterState()->hasData( PerConnectionCluster::key())) { const PerConnectionCluster& per_connection_cluster = connection.streamInfo().filterState()->getDataReadOnly( PerConnectionCluster::key()); envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::DeprecatedV1::TCPRoute per_connection_route; per_connection_route.set_cluster(per_connection_cluster.value()); return std::make_shared(*this, per_connection_route); } for (const RouteConstSharedPtr& route : routes_) { if (route->matches(connection)) { return route; } } // no match, no more routes to try return nullptr; } RouteConstSharedPtr Config::getRouteFromEntries(Network::Connection& connection) { if (weighted_clusters_.empty()) { return getRegularRouteFromEntries(connection); } return WeightedClusterUtil::pickCluster(weighted_clusters_, total_cluster_weight_, random_generator_.random(), false); } UpstreamDrainManager& Config::drainManager() { return upstream_drain_manager_slot_->getTyped(); } Filter::Filter(ConfigSharedPtr config, Upstream::ClusterManager& cluster_manager) : config_(config), cluster_manager_(cluster_manager), downstream_callbacks_(*this), upstream_callbacks_(new UpstreamCallbacks(this)) { ASSERT(config != nullptr); } Filter::~Filter() { for (const auto& access_log : config_->accessLogs()) { access_log->log(nullptr, nullptr, nullptr, getStreamInfo()); } ASSERT(upstream_handle_ == nullptr); ASSERT(upstream_ == nullptr); } TcpProxyStats Config::SharedConfig::generateStats(Stats::Scope& scope) { return {ALL_TCP_PROXY_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope))}; } void Filter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { initialize(callbacks, true); } void Filter::initialize(Network::ReadFilterCallbacks& callbacks, bool set_connection_stats) { read_callbacks_ = &callbacks; ENVOY_CONN_LOG(debug, "new tcp proxy session", read_callbacks_->connection()); read_callbacks_->connection().addConnectionCallbacks(downstream_callbacks_); read_callbacks_->connection().enableHalfClose(true); // Need to disable reads so that we don't write to an upstream that might fail // in onData(). This will get re-enabled when the upstream connection is // established. read_callbacks_->connection().readDisable(true); config_->stats().downstream_cx_total_.inc(); if (set_connection_stats) { read_callbacks_->connection().setConnectionStats( {config_->stats().downstream_cx_rx_bytes_total_, config_->stats().downstream_cx_rx_bytes_buffered_, config_->stats().downstream_cx_tx_bytes_total_, config_->stats().downstream_cx_tx_bytes_buffered_, nullptr, nullptr}); } } void Filter::readDisableUpstream(bool disable) { bool success = false; if (upstream_) { success = upstream_->readDisable(disable); } if (!success) { return; } if (disable) { read_callbacks_->upstreamHost() ->cluster() .stats() .upstream_flow_control_paused_reading_total_.inc(); } else { read_callbacks_->upstreamHost() ->cluster() .stats() .upstream_flow_control_resumed_reading_total_.inc(); } } void Filter::readDisableDownstream(bool disable) { if (read_callbacks_->connection().state() != Network::Connection::State::Open) { // During idle timeouts, we close both upstream and downstream with NoFlush. // Envoy still does a best-effort flush which can case readDisableDownstream to be called // despite the downstream connection being closed. return; } read_callbacks_->connection().readDisable(disable); if (disable) { config_->stats().downstream_flow_control_paused_reading_total_.inc(); } else { config_->stats().downstream_flow_control_resumed_reading_total_.inc(); } } StreamInfo::StreamInfo& Filter::getStreamInfo() { return read_callbacks_->connection().streamInfo(); } void Filter::DownstreamCallbacks::onAboveWriteBufferHighWatermark() { ASSERT(!on_high_watermark_called_); on_high_watermark_called_ = true; // If downstream has too much data buffered, stop reading on the upstream connection. parent_.readDisableUpstream(true); } void Filter::DownstreamCallbacks::onBelowWriteBufferLowWatermark() { ASSERT(on_high_watermark_called_); on_high_watermark_called_ = false; // The downstream buffer has been drained. Resume reading from upstream. parent_.readDisableUpstream(false); } void Filter::UpstreamCallbacks::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::Connected) { return; } if (drainer_ == nullptr) { parent_->onUpstreamEvent(event); } else { drainer_->onEvent(event); } } void Filter::UpstreamCallbacks::onAboveWriteBufferHighWatermark() { ASSERT(!on_high_watermark_called_); on_high_watermark_called_ = true; if (parent_ != nullptr) { // There's too much data buffered in the upstream write buffer, so stop reading. parent_->readDisableDownstream(true); } } void Filter::UpstreamCallbacks::onBelowWriteBufferLowWatermark() { ASSERT(on_high_watermark_called_); on_high_watermark_called_ = false; if (parent_ != nullptr) { // The upstream write buffer is drained. Resume reading. parent_->readDisableDownstream(false); } } void Filter::UpstreamCallbacks::onUpstreamData(Buffer::Instance& data, bool end_stream) { if (parent_) { parent_->onUpstreamData(data, end_stream); } else { drainer_->onData(data, end_stream); } } void Filter::UpstreamCallbacks::onBytesSent() { if (drainer_ == nullptr) { parent_->resetIdleTimer(); } else { drainer_->onBytesSent(); } } void Filter::UpstreamCallbacks::onIdleTimeout() { if (drainer_ == nullptr) { parent_->onIdleTimeout(); } else { drainer_->onIdleTimeout(); } } void Filter::UpstreamCallbacks::drain(Drainer& drainer) { ASSERT(drainer_ == nullptr); // This should only get set once. drainer_ = &drainer; parent_ = nullptr; } Network::FilterStatus Filter::initializeUpstreamConnection() { ASSERT(upstream_ == nullptr); route_ = pickRoute(); const std::string& cluster_name = route_ ? route_->clusterName() : EMPTY_STRING; Upstream::ThreadLocalCluster* thread_local_cluster = cluster_manager_.get(cluster_name); if (thread_local_cluster) { ENVOY_CONN_LOG(debug, "Creating connection to cluster {}", read_callbacks_->connection(), cluster_name); } else { config_->stats().downstream_cx_no_route_.inc(); getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); onInitFailure(UpstreamFailureReason::NoRoute); return Network::FilterStatus::StopIteration; } Upstream::ClusterInfoConstSharedPtr cluster = thread_local_cluster->info(); getStreamInfo().setUpstreamClusterInfo(cluster); // Check this here because the TCP conn pool will queue our request waiting for a connection that // will never be released. if (!cluster->resourceManager(Upstream::ResourcePriority::Default).connections().canCreate()) { getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); cluster->stats().upstream_cx_overflow_.inc(); onInitFailure(UpstreamFailureReason::ResourceLimitExceeded); return Network::FilterStatus::StopIteration; } const uint32_t max_connect_attempts = config_->maxConnectAttempts(); if (connect_attempts_ >= max_connect_attempts) { getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded); cluster->stats().upstream_cx_connect_attempts_exceeded_.inc(); onInitFailure(UpstreamFailureReason::ConnectFailed); return Network::FilterStatus::StopIteration; } if (downstreamConnection()) { if (!read_callbacks_->connection() .streamInfo() .filterState() ->hasData( Network::ProxyProtocolFilterState::key())) { read_callbacks_->connection().streamInfo().filterState()->setData( Network::ProxyProtocolFilterState::key(), std::make_unique(Network::ProxyProtocolData{ downstreamConnection()->remoteAddress(), downstreamConnection()->localAddress()}), StreamInfo::FilterState::StateType::ReadOnly, StreamInfo::FilterState::LifeSpan::Connection); } transport_socket_options_ = Network::TransportSocketOptionsUtility::fromFilterState( downstreamConnection()->streamInfo().filterState()); } if (!maybeTunnel(cluster_name)) { // Either cluster is unknown or there are no healthy hosts. tcpConnPoolForCluster() increments // cluster->stats().upstream_cx_none_healthy in the latter case. getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoHealthyUpstream); onInitFailure(UpstreamFailureReason::NoHealthyUpstream); } return Network::FilterStatus::StopIteration; } bool Filter::maybeTunnel(const std::string& cluster_name) { if (!config_->tunnelingConfig()) { Tcp::ConnectionPool::Instance* conn_pool = cluster_manager_.tcpConnPoolForCluster( cluster_name, Upstream::ResourcePriority::Default, this); if (conn_pool) { connecting_ = true; connect_attempts_++; // Given this function is reentrant, make sure we only reset the upstream_handle_ if given a // valid connection handle. If newConnection fails inline it may result in attempting to // select a new host, and a recursive call to initializeUpstreamConnection. In this case the // first call to newConnection will return null and the inner call will persist. Tcp::ConnectionPool::Cancellable* handle = conn_pool->newConnection(*this); if (handle) { ASSERT(upstream_handle_.get() == nullptr); upstream_handle_ = std::make_shared(handle); } // Because we never return open connections to the pool, this either has a handle waiting on // connection completion, or onPoolFailure has been invoked. Either way, stop iteration. return true; } } else { auto* cluster = cluster_manager_.get(cluster_name); if (!cluster) { return false; } // TODO(snowp): Ideally we should prevent this from being configured, but that's tricky to get // right since whether a cluster is invalid depends on both the tcp_proxy config + cluster // config. if ((cluster->info()->features() & Upstream::ClusterInfo::Features::HTTP2) == 0) { ENVOY_LOG(error, "Attempted to tunnel over HTTP/1.1, this is not supported. Set " "http2_protocol_options on the cluster."); return false; } Http::ConnectionPool::Instance* conn_pool = cluster_manager_.httpConnPoolForCluster( cluster_name, Upstream::ResourcePriority::Default, absl::nullopt, this); if (conn_pool) { upstream_ = std::make_unique(*upstream_callbacks_, config_->tunnelingConfig()->hostname()); HttpUpstream* http_upstream = static_cast(upstream_.get()); Http::ConnectionPool::Cancellable* cancellable = conn_pool->newStream(http_upstream->responseDecoder(), *this); if (cancellable) { ASSERT(upstream_handle_.get() == nullptr); upstream_handle_ = std::make_shared(cancellable); } return true; } } return false; } void Filter::onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) { upstream_handle_.reset(); read_callbacks_->upstreamHost(host); getStreamInfo().onUpstreamHostSelected(host); switch (reason) { case ConnectionPool::PoolFailureReason::Overflow: case ConnectionPool::PoolFailureReason::LocalConnectionFailure: upstream_callbacks_->onEvent(Network::ConnectionEvent::LocalClose); break; case ConnectionPool::PoolFailureReason::RemoteConnectionFailure: upstream_callbacks_->onEvent(Network::ConnectionEvent::RemoteClose); break; case ConnectionPool::PoolFailureReason::Timeout: onConnectTimeout(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void Filter::onPoolReadyBase(Upstream::HostDescriptionConstSharedPtr& host, const Network::Address::InstanceConstSharedPtr& local_address, Ssl::ConnectionInfoConstSharedPtr ssl_info) { upstream_handle_.reset(); read_callbacks_->upstreamHost(host); getStreamInfo().onUpstreamHostSelected(host); getStreamInfo().setUpstreamLocalAddress(local_address); getStreamInfo().setUpstreamSslConnection(ssl_info); onUpstreamConnection(); read_callbacks_->continueReading(); } void Filter::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) { Tcp::ConnectionPool::ConnectionData* latched_data = conn_data.get(); upstream_ = std::make_unique(std::move(conn_data), *upstream_callbacks_); onPoolReadyBase(host, latched_data->connection().localAddress(), latched_data->connection().streamInfo().downstreamSslConnection()); read_callbacks_->connection().streamInfo().setUpstreamFilterState( latched_data->connection().streamInfo().filterState()); } void Filter::onPoolFailure(ConnectionPool::PoolFailureReason failure, absl::string_view, Upstream::HostDescriptionConstSharedPtr host) { onPoolFailure(failure, host); } void Filter::onPoolReady(Http::RequestEncoder& request_encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info) { Http::RequestEncoder* latched_encoder = &request_encoder; HttpUpstream* http_upstream = static_cast(upstream_.get()); http_upstream->setRequestEncoder(request_encoder, host->transportSocketFactory().implementsSecureTransport()); onPoolReadyBase(host, latched_encoder->getStream().connectionLocalAddress(), info.downstreamSslConnection()); } const Router::MetadataMatchCriteria* Filter::metadataMatchCriteria() { const Router::MetadataMatchCriteria* route_criteria = (route_ != nullptr) ? route_->metadataMatchCriteria() : nullptr; const auto& request_metadata = getStreamInfo().dynamicMetadata().filter_metadata(); const auto filter_it = request_metadata.find(Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != request_metadata.end() && route_criteria != nullptr) { metadata_match_criteria_ = route_criteria->mergeMatchCriteria(filter_it->second); return metadata_match_criteria_.get(); } else if (filter_it != request_metadata.end()) { metadata_match_criteria_ = std::make_unique(filter_it->second); return metadata_match_criteria_.get(); } else { return route_criteria; } } void Filter::onConnectTimeout() { ENVOY_CONN_LOG(debug, "connect timeout", read_callbacks_->connection()); read_callbacks_->upstreamHost()->outlierDetector().putResult( Upstream::Outlier::Result::LocalOriginTimeout); getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamConnectionFailure); // Raise LocalClose, which will trigger a reconnect if needed/configured. upstream_callbacks_->onEvent(Network::ConnectionEvent::LocalClose); } Network::FilterStatus Filter::onData(Buffer::Instance& data, bool end_stream) { ENVOY_CONN_LOG(trace, "downstream connection received {} bytes, end_stream={}", read_callbacks_->connection(), data.length(), end_stream); if (upstream_) { upstream_->encodeData(data, end_stream); } // The upstream should consume all of the data. // Before there is an upstream the connection should be readDisabled. If the upstream is // destroyed, there should be no further reads as well. ASSERT(0 == data.length()); resetIdleTimer(); // TODO(ggreenway) PERF: do we need to reset timer on both send and receive? return Network::FilterStatus::StopIteration; } Network::FilterStatus Filter::onNewConnection() { if (config_->maxDownstreamConnectionDuration()) { connection_duration_timer_ = read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { onMaxDownstreamConnectionDuration(); }); connection_duration_timer_->enableTimer(config_->maxDownstreamConnectionDuration().value()); } return initializeUpstreamConnection(); } void Filter::onDownstreamEvent(Network::ConnectionEvent event) { if (upstream_) { Tcp::ConnectionPool::ConnectionDataPtr conn_data(upstream_->onDownstreamEvent(event)); if (conn_data != nullptr && conn_data->connection().state() != Network::Connection::State::Closed) { config_->drainManager().add(config_->sharedConfig(), std::move(conn_data), std::move(upstream_callbacks_), std::move(idle_timer_), read_callbacks_->upstreamHost()); } if (event != Network::ConnectionEvent::Connected) { upstream_.reset(); disableIdleTimer(); } } if (upstream_handle_) { if (event == Network::ConnectionEvent::LocalClose || event == Network::ConnectionEvent::RemoteClose) { // Cancel the conn pool request and close any excess pending requests. upstream_handle_->cancel(); upstream_handle_.reset(); } } } void Filter::onUpstreamData(Buffer::Instance& data, bool end_stream) { ENVOY_CONN_LOG(trace, "upstream connection received {} bytes, end_stream={}", read_callbacks_->connection(), data.length(), end_stream); read_callbacks_->connection().write(data, end_stream); ASSERT(0 == data.length()); resetIdleTimer(); // TODO(ggreenway) PERF: do we need to reset timer on both send and receive? } void Filter::onUpstreamEvent(Network::ConnectionEvent event) { // Update the connecting flag before processing the event because we may start a new connection // attempt in initializeUpstreamConnection. bool connecting = connecting_; connecting_ = false; if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { upstream_.reset(); disableIdleTimer(); if (connecting) { if (event == Network::ConnectionEvent::RemoteClose) { getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::UpstreamConnectionFailure); read_callbacks_->upstreamHost()->outlierDetector().putResult( Upstream::Outlier::Result::LocalOriginConnectFailed); } initializeUpstreamConnection(); } else { if (read_callbacks_->connection().state() == Network::Connection::State::Open) { read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } } } } void Filter::onUpstreamConnection() { connecting_ = false; // Re-enable downstream reads now that the upstream connection is established // so we have a place to send downstream data to. read_callbacks_->connection().readDisable(false); read_callbacks_->upstreamHost()->outlierDetector().putResult( Upstream::Outlier::Result::LocalOriginConnectSuccessFinal); getStreamInfo().setRequestedServerName(read_callbacks_->connection().requestedServerName()); ENVOY_LOG(debug, "TCP:onUpstreamEvent(), requestedServerName: {}", getStreamInfo().requestedServerName()); if (config_->idleTimeout()) { // The idle_timer_ can be moved to a Drainer, so related callbacks call into // the UpstreamCallbacks, which has the same lifetime as the timer, and can dispatch // the call to either TcpProxy or to Drainer, depending on the current state. idle_timer_ = read_callbacks_->connection().dispatcher().createTimer( [upstream_callbacks = upstream_callbacks_]() { upstream_callbacks->onIdleTimeout(); }); resetIdleTimer(); read_callbacks_->connection().addBytesSentCallback([this](uint64_t) { resetIdleTimer(); }); if (upstream_) { upstream_->addBytesSentCallback([upstream_callbacks = upstream_callbacks_](uint64_t) { upstream_callbacks->onBytesSent(); }); } } } void Filter::onIdleTimeout() { ENVOY_CONN_LOG(debug, "Session timed out", read_callbacks_->connection()); config_->stats().idle_timeout_.inc(); // This results in also closing the upstream connection. read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } void Filter::onMaxDownstreamConnectionDuration() { ENVOY_CONN_LOG(debug, "max connection duration reached", read_callbacks_->connection()); getStreamInfo().setResponseFlag(StreamInfo::ResponseFlag::DurationTimeout); config_->stats().max_downstream_connection_duration_.inc(); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } void Filter::resetIdleTimer() { if (idle_timer_ != nullptr) { ASSERT(config_->idleTimeout()); idle_timer_->enableTimer(config_->idleTimeout().value()); } } void Filter::disableIdleTimer() { if (idle_timer_ != nullptr) { idle_timer_->disableTimer(); idle_timer_.reset(); } } UpstreamDrainManager::~UpstreamDrainManager() { // If connections aren't closed before they are destructed an ASSERT fires, // so cancel all pending drains, which causes the connections to be closed. while (!drainers_.empty()) { auto begin = drainers_.begin(); Drainer* key = begin->first; begin->second->cancelDrain(); // cancelDrain() should cause that drainer to be removed from drainers_. // ASSERT so that we don't end up in an infinite loop. ASSERT(drainers_.find(key) == drainers_.end()); } } void UpstreamDrainManager::add(const Config::SharedConfigSharedPtr& config, Tcp::ConnectionPool::ConnectionDataPtr&& upstream_conn_data, const std::shared_ptr& callbacks, Event::TimerPtr&& idle_timer, const Upstream::HostDescriptionConstSharedPtr& upstream_host) { DrainerPtr drainer(new Drainer(*this, config, callbacks, std::move(upstream_conn_data), std::move(idle_timer), upstream_host)); callbacks->drain(*drainer); // Use temporary to ensure we get the pointer before we move it out of drainer Drainer* ptr = drainer.get(); drainers_[ptr] = std::move(drainer); } void UpstreamDrainManager::remove(Drainer& drainer, Event::Dispatcher& dispatcher) { auto it = drainers_.find(&drainer); ASSERT(it != drainers_.end()); dispatcher.deferredDelete(std::move(it->second)); drainers_.erase(it); } Drainer::Drainer(UpstreamDrainManager& parent, const Config::SharedConfigSharedPtr& config, const std::shared_ptr& callbacks, Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Event::TimerPtr&& idle_timer, const Upstream::HostDescriptionConstSharedPtr& upstream_host) : parent_(parent), callbacks_(callbacks), upstream_conn_data_(std::move(conn_data)), timer_(std::move(idle_timer)), upstream_host_(upstream_host), config_(config) { config_->stats().upstream_flush_total_.inc(); config_->stats().upstream_flush_active_.inc(); } void Drainer::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (timer_ != nullptr) { timer_->disableTimer(); } config_->stats().upstream_flush_active_.dec(); parent_.remove(*this, upstream_conn_data_->connection().dispatcher()); } } void Drainer::onData(Buffer::Instance& data, bool) { if (data.length() > 0) { // There is no downstream connection to send any data to, but the upstream // sent some data. Try to behave similar to what the kernel would do // when it receives data on a connection where the application has closed // the socket or ::shutdown(fd, SHUT_RD), and close/reset the connection. cancelDrain(); } } void Drainer::onIdleTimeout() { config_->stats().idle_timeout_.inc(); cancelDrain(); } void Drainer::onBytesSent() { if (timer_ != nullptr) { timer_->enableTimer(config_->idleTimeout().value()); } } void Drainer::cancelDrain() { // This sends onEvent(LocalClose). upstream_conn_data_->connection().close(Network::ConnectionCloseType::NoFlush); } } // namespace TcpProxy } // namespace Envoy ================================================ FILE: source/common/tcp_proxy/tcp_proxy.h ================================================ #pragma once #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/random_generator.h" #include "envoy/event/timer.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "envoy/stream_info/filter_state.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/logger.h" #include "common/network/cidr_range.h" #include "common/network/filter_impl.h" #include "common/network/hash_policy.h" #include "common/network/utility.h" #include "common/stream_info/stream_info_impl.h" #include "common/tcp_proxy/upstream.h" #include "common/upstream/load_balancer_impl.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace TcpProxy { /** * All tcp proxy stats. @see stats_macros.h */ #define ALL_TCP_PROXY_STATS(COUNTER, GAUGE) \ COUNTER(downstream_cx_no_route) \ COUNTER(downstream_cx_rx_bytes_total) \ COUNTER(downstream_cx_total) \ COUNTER(downstream_cx_tx_bytes_total) \ COUNTER(downstream_flow_control_paused_reading_total) \ COUNTER(downstream_flow_control_resumed_reading_total) \ COUNTER(idle_timeout) \ COUNTER(max_downstream_connection_duration) \ COUNTER(upstream_flush_total) \ GAUGE(downstream_cx_rx_bytes_buffered, Accumulate) \ GAUGE(downstream_cx_tx_bytes_buffered, Accumulate) \ GAUGE(upstream_flush_active, Accumulate) /** * Struct definition for all tcp proxy stats. @see stats_macros.h */ struct TcpProxyStats { ALL_TCP_PROXY_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; class Drainer; class UpstreamDrainManager; /** * Route is an individual resolved route for a connection. */ class Route { public: virtual ~Route() = default; /** * Check whether this route matches a given connection. * @param connection supplies the connection to test against. * @return bool true if this route matches a given connection. */ virtual bool matches(Network::Connection& connection) const PURE; /** * @return const std::string& the upstream cluster that owns the route. */ virtual const std::string& clusterName() const PURE; /** * @return MetadataMatchCriteria* the metadata that a subset load balancer should match when * selecting an upstream host */ virtual const Router::MetadataMatchCriteria* metadataMatchCriteria() const PURE; }; using RouteConstSharedPtr = std::shared_ptr; using TunnelingConfig = envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy_TunnelingConfig; /** * Filter configuration. * * This configuration holds a TLS slot, and therefore it must be destructed * on the main thread. */ class Config { public: /** * Configuration that can be shared and have an arbitrary lifetime safely. */ class SharedConfig { public: SharedConfig(const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& config, Server::Configuration::FactoryContext& context); const TcpProxyStats& stats() { return stats_; } const absl::optional& idleTimeout() { return idle_timeout_; } const absl::optional tunnelingConfig() { return tunneling_config_; } const absl::optional& maxDownstreamConnectinDuration() const { return max_downstream_connection_duration_; } private: static TcpProxyStats generateStats(Stats::Scope& scope); // Hold a Scope for the lifetime of the configuration because connections in // the UpstreamDrainManager can live longer than the listener. const Stats::ScopePtr stats_scope_; const TcpProxyStats stats_; absl::optional idle_timeout_; absl::optional tunneling_config_; absl::optional max_downstream_connection_duration_; }; using SharedConfigSharedPtr = std::shared_ptr; Config(const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& config, Server::Configuration::FactoryContext& context); /** * Find out which cluster an upstream connection should be opened to based on the * parameters of a downstream connection. * @param connection supplies the parameters of the downstream connection for * which the proxy needs to open the corresponding upstream. * @return the route to be used for the upstream connection. * If no route applies, returns nullptr. */ RouteConstSharedPtr getRouteFromEntries(Network::Connection& connection); RouteConstSharedPtr getRegularRouteFromEntries(Network::Connection& connection); const TcpProxyStats& stats() { return shared_config_->stats(); } const std::vector& accessLogs() { return access_logs_; } uint32_t maxConnectAttempts() const { return max_connect_attempts_; } const absl::optional& idleTimeout() { return shared_config_->idleTimeout(); } const absl::optional& maxDownstreamConnectionDuration() const { return shared_config_->maxDownstreamConnectinDuration(); } const absl::optional tunnelingConfig() { return shared_config_->tunnelingConfig(); } UpstreamDrainManager& drainManager(); SharedConfigSharedPtr sharedConfig() { return shared_config_; } const Router::MetadataMatchCriteria* metadataMatchCriteria() const { return cluster_metadata_match_criteria_.get(); } const Network::HashPolicy* hashPolicy() { return hash_policy_.get(); } private: struct RouteImpl : public Route { RouteImpl( const Config& parent, const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy::DeprecatedV1::TCPRoute& config); // Route bool matches(Network::Connection& connection) const override; const std::string& clusterName() const override { return cluster_name_; } const Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return parent_.metadataMatchCriteria(); } const Config& parent_; Network::Address::IpList source_ips_; Network::PortRangeList source_port_ranges_; Network::Address::IpList destination_ips_; Network::PortRangeList destination_port_ranges_; std::string cluster_name_; }; class WeightedClusterEntry : public Route { public: WeightedClusterEntry(const Config& parent, const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy:: WeightedCluster::ClusterWeight& config); uint64_t clusterWeight() const { return cluster_weight_; } // Route bool matches(Network::Connection&) const override { return false; } const std::string& clusterName() const override { return cluster_name_; } const Router::MetadataMatchCriteria* metadataMatchCriteria() const override { if (metadata_match_criteria_) { return metadata_match_criteria_.get(); } return parent_.metadataMatchCriteria(); } private: const Config& parent_; const std::string cluster_name_; const uint64_t cluster_weight_; Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; }; using WeightedClusterEntryConstSharedPtr = std::shared_ptr; std::vector routes_; std::vector weighted_clusters_; uint64_t total_cluster_weight_; std::vector access_logs_; const uint32_t max_connect_attempts_; ThreadLocal::SlotPtr upstream_drain_manager_slot_; SharedConfigSharedPtr shared_config_; std::unique_ptr cluster_metadata_match_criteria_; Random::RandomGenerator& random_generator_; std::unique_ptr hash_policy_; }; using ConfigSharedPtr = std::shared_ptr; /** * Per-connection TCP Proxy Cluster configuration. */ class PerConnectionCluster : public StreamInfo::FilterState::Object { public: PerConnectionCluster(absl::string_view cluster) : cluster_(cluster) {} const std::string& value() const { return cluster_; } static const std::string& key(); private: const std::string cluster_; }; /** * An implementation of a TCP (L3/L4) proxy. This filter will instantiate a new outgoing TCP * connection using the defined load balancing proxy for the configured cluster. All data will * be proxied back and forth between the two connections. */ class Filter : public Network::ReadFilter, public Upstream::LoadBalancerContextBase, Tcp::ConnectionPool::Callbacks, public Http::ConnectionPool::Callbacks, protected Logger::Loggable { public: Filter(ConfigSharedPtr config, Upstream::ClusterManager& cluster_manager); ~Filter() override; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) override; // Http::ConnectionPool::Callbacks, void onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Http::RequestEncoder& request_encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info) override; void onPoolReadyBase(Upstream::HostDescriptionConstSharedPtr& host, const Network::Address::InstanceConstSharedPtr& local_address, Ssl::ConnectionInfoConstSharedPtr ssl_info); // Upstream::LoadBalancerContext const Router::MetadataMatchCriteria* metadataMatchCriteria() override; absl::optional computeHashKey() override { auto hash_policy = config_->hashPolicy(); if (hash_policy) { return hash_policy->generateHash(downstreamConnection()->remoteAddress().get(), downstreamConnection()->localAddress().get()); } return {}; } const Network::Connection* downstreamConnection() const override { return &read_callbacks_->connection(); } Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const override { return transport_socket_options_; } // These two functions allow enabling/disabling reads on the upstream and downstream connections. // They are called by the Downstream/Upstream Watermark callbacks to limit buffering. void readDisableUpstream(bool disable); void readDisableDownstream(bool disable); struct UpstreamCallbacks : public Tcp::ConnectionPool::UpstreamCallbacks { UpstreamCallbacks(Filter* parent) : parent_(parent) {} // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; void onBytesSent(); void onIdleTimeout(); void drain(Drainer& drainer); // Either parent_ or drainer_ will be non-NULL, but never both. This could be // logically be represented as a union, but saving one pointer of memory is // outweighed by more type safety/better error handling. // // Parent starts out as non-NULL. If the downstream connection is closed while // the upstream connection still has buffered data to flush, drainer_ becomes // non-NULL and parent_ is set to NULL. Filter* parent_{}; Drainer* drainer_{}; bool on_high_watermark_called_{false}; }; StreamInfo::StreamInfo& getStreamInfo(); protected: struct DownstreamCallbacks : public Network::ConnectionCallbacks { DownstreamCallbacks(Filter& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { parent_.onDownstreamEvent(event); } void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; Filter& parent_; bool on_high_watermark_called_{false}; }; enum class UpstreamFailureReason { ConnectFailed, NoHealthyUpstream, ResourceLimitExceeded, NoRoute, }; // Callbacks for different error and success states during connection establishment virtual RouteConstSharedPtr pickRoute() { return config_->getRouteFromEntries(read_callbacks_->connection()); } virtual void onInitFailure(UpstreamFailureReason) { read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } void initialize(Network::ReadFilterCallbacks& callbacks, bool set_connection_stats); Network::FilterStatus initializeUpstreamConnection(); bool maybeTunnel(const std::string& cluster_name); void onConnectTimeout(); void onDownstreamEvent(Network::ConnectionEvent event); void onUpstreamData(Buffer::Instance& data, bool end_stream); void onUpstreamEvent(Network::ConnectionEvent event); void onUpstreamConnection(); void onIdleTimeout(); void resetIdleTimer(); void disableIdleTimer(); void onMaxDownstreamConnectionDuration(); const ConfigSharedPtr config_; Upstream::ClusterManager& cluster_manager_; Network::ReadFilterCallbacks* read_callbacks_{}; DownstreamCallbacks downstream_callbacks_; Event::TimerPtr idle_timer_; Event::TimerPtr connection_duration_timer_; std::shared_ptr upstream_handle_; std::shared_ptr upstream_callbacks_; // shared_ptr required for passing as a // read filter. std::unique_ptr upstream_; RouteConstSharedPtr route_; Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; Network::TransportSocketOptionsSharedPtr transport_socket_options_; uint32_t connect_attempts_{}; bool connecting_{}; }; // This class deals with an upstream connection that needs to finish flushing, when the downstream // connection has been closed. The TcpProxy is destroyed when the downstream connection is closed, // so handling the upstream connection here allows it to finish draining or timeout. class Drainer : public Event::DeferredDeletable { public: Drainer(UpstreamDrainManager& parent, const Config::SharedConfigSharedPtr& config, const std::shared_ptr& callbacks, Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Event::TimerPtr&& idle_timer, const Upstream::HostDescriptionConstSharedPtr& upstream_host); void onEvent(Network::ConnectionEvent event); void onData(Buffer::Instance& data, bool end_stream); void onIdleTimeout(); void onBytesSent(); void cancelDrain(); private: UpstreamDrainManager& parent_; std::shared_ptr callbacks_; Tcp::ConnectionPool::ConnectionDataPtr upstream_conn_data_; Event::TimerPtr timer_; Upstream::HostDescriptionConstSharedPtr upstream_host_; Config::SharedConfigSharedPtr config_; }; using DrainerPtr = std::unique_ptr; class UpstreamDrainManager : public ThreadLocal::ThreadLocalObject { public: ~UpstreamDrainManager() override; void add(const Config::SharedConfigSharedPtr& config, Tcp::ConnectionPool::ConnectionDataPtr&& upstream_conn_data, const std::shared_ptr& callbacks, Event::TimerPtr&& idle_timer, const Upstream::HostDescriptionConstSharedPtr& upstream_host); void remove(Drainer& drainer, Event::Dispatcher& dispatcher); private: // This must be a map instead of set because there is no way to move elements // out of a set, and these elements get passed to deferredDelete() instead of // being deleted in-place. The key and value will always be equal. absl::node_hash_map drainers_; }; } // namespace TcpProxy } // namespace Envoy ================================================ FILE: source/common/tcp_proxy/upstream.cc ================================================ #include "common/tcp_proxy/upstream.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" namespace Envoy { namespace TcpProxy { TcpUpstream::TcpUpstream(Tcp::ConnectionPool::ConnectionDataPtr&& data, Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks) : upstream_conn_data_(std::move(data)) { Network::ClientConnection& connection = upstream_conn_data_->connection(); connection.enableHalfClose(true); upstream_conn_data_->addUpstreamCallbacks(upstream_callbacks); } bool TcpUpstream::readDisable(bool disable) { if (upstream_conn_data_ == nullptr || upstream_conn_data_->connection().state() != Network::Connection::State::Open) { // Because we flush write downstream, we can have a case where upstream has already disconnected // and we are waiting to flush. If we had a watermark event during this time we should no // longer touch the upstream connection. return false; } upstream_conn_data_->connection().readDisable(disable); return true; } void TcpUpstream::encodeData(Buffer::Instance& data, bool end_stream) { upstream_conn_data_->connection().write(data, end_stream); } void TcpUpstream::addBytesSentCallback(Network::Connection::BytesSentCb cb) { upstream_conn_data_->connection().addBytesSentCallback(cb); } Tcp::ConnectionPool::ConnectionData* TcpUpstream::onDownstreamEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose) { // The close call may result in this object being deleted. Latch the // connection locally so it can be returned for potential draining. auto* conn_data = upstream_conn_data_.release(); conn_data->connection().close(Network::ConnectionCloseType::FlushWrite); return conn_data; } else if (event == Network::ConnectionEvent::LocalClose) { upstream_conn_data_->connection().close(Network::ConnectionCloseType::NoFlush); } return nullptr; } HttpUpstream::HttpUpstream(Tcp::ConnectionPool::UpstreamCallbacks& callbacks, const std::string& hostname) : upstream_callbacks_(callbacks), response_decoder_(*this), hostname_(hostname) {} HttpUpstream::~HttpUpstream() { resetEncoder(Network::ConnectionEvent::LocalClose); } bool HttpUpstream::isValidBytestreamResponse(const Http::ResponseHeaderMap& headers) { if (Http::Utility::getResponseStatus(headers) != 200) { return false; } return true; } bool HttpUpstream::readDisable(bool disable) { if (!request_encoder_) { return false; } request_encoder_->getStream().readDisable(disable); return true; } void HttpUpstream::encodeData(Buffer::Instance& data, bool end_stream) { if (!request_encoder_) { return; } request_encoder_->encodeData(data, end_stream); if (end_stream) { doneWriting(); } } void HttpUpstream::addBytesSentCallback(Network::Connection::BytesSentCb) { // The HTTP tunneling mode does not tickle the idle timeout when bytes are // sent to the kernel. // This can be implemented if any user cares about the difference in time // between it being sent to the HTTP/2 stack and out to the kernel. } Tcp::ConnectionPool::ConnectionData* HttpUpstream::onDownstreamEvent(Network::ConnectionEvent event) { if (event != Network::ConnectionEvent::Connected) { resetEncoder(Network::ConnectionEvent::LocalClose, false); } return nullptr; } void HttpUpstream::onResetStream(Http::StreamResetReason, absl::string_view) { read_half_closed_ = true; write_half_closed_ = true; resetEncoder(Network::ConnectionEvent::LocalClose); } void HttpUpstream::onAboveWriteBufferHighWatermark() { upstream_callbacks_.onAboveWriteBufferHighWatermark(); } void HttpUpstream::onBelowWriteBufferLowWatermark() { upstream_callbacks_.onBelowWriteBufferLowWatermark(); } void HttpUpstream::setRequestEncoder(Http::RequestEncoder& request_encoder, bool is_ssl) { request_encoder_ = &request_encoder; request_encoder_->getStream().addCallbacks(*this); const std::string& scheme = is_ssl ? Http::Headers::get().SchemeValues.Https : Http::Headers::get().SchemeValues.Http; auto headers = Http::createHeaderMap( {{Http::Headers::get().Method, "CONNECT"}, {Http::Headers::get().Protocol, Http::Headers::get().ProtocolValues.Bytestream}, {Http::Headers::get().Scheme, scheme}, {Http::Headers::get().Path, "/"}, {Http::Headers::get().Host, hostname_}}); request_encoder_->encodeHeaders(*headers, false); } void HttpUpstream::resetEncoder(Network::ConnectionEvent event, bool inform_downstream) { if (!request_encoder_) { return; } request_encoder_->getStream().removeCallbacks(*this); if (!write_half_closed_ || !read_half_closed_) { request_encoder_->getStream().resetStream(Http::StreamResetReason::LocalReset); } request_encoder_ = nullptr; if (inform_downstream) { upstream_callbacks_.onEvent(event); } } void HttpUpstream::doneReading() { read_half_closed_ = true; if (write_half_closed_) { resetEncoder(Network::ConnectionEvent::LocalClose); } } void HttpUpstream::doneWriting() { write_half_closed_ = true; if (read_half_closed_) { resetEncoder(Network::ConnectionEvent::LocalClose); } } } // namespace TcpProxy } // namespace Envoy ================================================ FILE: source/common/tcp_proxy/upstream.h ================================================ #pragma once #include "envoy/http/conn_pool.h" #include "envoy/network/connection.h" #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/upstream.h" namespace Envoy { namespace TcpProxy { // Interface for a generic ConnectionHandle, which can wrap a TcpConnectionHandle // or an HttpConnectionHandle class ConnectionHandle { public: virtual ~ConnectionHandle() = default; // Cancel the conn pool request and close any excess pending requests. virtual void cancel() PURE; }; // An implementation of ConnectionHandle which works with the Tcp::ConnectionPool. class TcpConnectionHandle : public ConnectionHandle { public: TcpConnectionHandle(Tcp::ConnectionPool::Cancellable* handle) : upstream_handle_(handle) {} void cancel() override { upstream_handle_->cancel(Tcp::ConnectionPool::CancelPolicy::CloseExcess); } private: Tcp::ConnectionPool::Cancellable* upstream_handle_{}; }; class HttpConnectionHandle : public ConnectionHandle { public: HttpConnectionHandle(Http::ConnectionPool::Cancellable* handle) : upstream_http_handle_(handle) {} void cancel() override { upstream_http_handle_->cancel(Tcp::ConnectionPool::CancelPolicy::Default); } private: Http::ConnectionPool::Cancellable* upstream_http_handle_{}; }; // Interface for a generic Upstream, which can communicate with a TCP or HTTP // upstream. class GenericUpstream { public: virtual ~GenericUpstream() = default; // Calls readDisable on the upstream connection. Returns false if readDisable could not be // performed (e.g. if the connection is closed) virtual bool readDisable(bool disable) PURE; // Encodes data upstream. virtual void encodeData(Buffer::Instance& data, bool end_stream) PURE; // Adds a callback to be called when the data is sent to the kernel. virtual void addBytesSentCallback(Network::Connection::BytesSentCb cb) PURE; // Called when a Network::ConnectionEvent is received on the downstream connection, to allow the // upstream to do any cleanup. virtual Tcp::ConnectionPool::ConnectionData* onDownstreamEvent(Network::ConnectionEvent event) PURE; }; class TcpUpstream : public GenericUpstream { public: TcpUpstream(Tcp::ConnectionPool::ConnectionDataPtr&& data, Tcp::ConnectionPool::UpstreamCallbacks& callbacks); // GenericUpstream bool readDisable(bool disable) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void addBytesSentCallback(Network::Connection::BytesSentCb cb) override; Tcp::ConnectionPool::ConnectionData* onDownstreamEvent(Network::ConnectionEvent event) override; private: Tcp::ConnectionPool::ConnectionDataPtr upstream_conn_data_; }; class HttpUpstream : public GenericUpstream, Http::StreamCallbacks { public: HttpUpstream(Tcp::ConnectionPool::UpstreamCallbacks& callbacks, const std::string& hostname); ~HttpUpstream() override; static bool isValidBytestreamResponse(const Http::ResponseHeaderMap& headers); void doneReading(); void doneWriting(); // GenericUpstream bool readDisable(bool disable) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void addBytesSentCallback(Network::Connection::BytesSentCb cb) override; Tcp::ConnectionPool::ConnectionData* onDownstreamEvent(Network::ConnectionEvent event) override; // Http::StreamCallbacks void onResetStream(Http::StreamResetReason reason, absl::string_view transport_failure_reason) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; void setRequestEncoder(Http::RequestEncoder& request_encoder, bool is_ssl); Http::ResponseDecoder& responseDecoder() { return response_decoder_; } private: void resetEncoder(Network::ConnectionEvent event, bool inform_downstream = true); class DecoderShim : public Http::ResponseDecoder { public: DecoderShim(HttpUpstream& parent) : parent_(parent) {} // Http::ResponseDecoder void decode100ContinueHeaders(Http::ResponseHeaderMapPtr&&) override {} void decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) override { if (!isValidBytestreamResponse(*headers) || end_stream) { parent_.resetEncoder(Network::ConnectionEvent::LocalClose); } } void decodeData(Buffer::Instance& data, bool end_stream) override { parent_.upstream_callbacks_.onUpstreamData(data, end_stream); if (end_stream) { parent_.doneReading(); } } void decodeTrailers(Http::ResponseTrailerMapPtr&&) override {} void decodeMetadata(Http::MetadataMapPtr&&) override {} private: HttpUpstream& parent_; }; Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks_; DecoderShim response_decoder_; Http::RequestEncoder* request_encoder_{}; const std::string hostname_; bool read_half_closed_{}; bool write_half_closed_{}; }; } // namespace TcpProxy } // namespace Envoy ================================================ FILE: source/common/thread_local/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "thread_local_lib", srcs = ["thread_local_impl.cc"], hdrs = ["thread_local_impl.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:stl_helpers", ], ) ================================================ FILE: source/common/thread_local/thread_local_impl.cc ================================================ #include "common/thread_local/thread_local_impl.h" #include #include #include #include #include "envoy/event/dispatcher.h" #include "common/common/assert.h" #include "common/common/stl_helpers.h" namespace Envoy { namespace ThreadLocal { thread_local InstanceImpl::ThreadLocalData InstanceImpl::thread_local_data_; InstanceImpl::~InstanceImpl() { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(shutdown_); thread_local_data_.data_.clear(); } SlotPtr InstanceImpl::allocateSlot() { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(!shutdown_); if (free_slot_indexes_.empty()) { SlotPtr slot = std::make_unique(*this, slots_.size()); slots_.push_back(slot.get()); return slot; } const uint32_t idx = free_slot_indexes_.front(); free_slot_indexes_.pop_front(); ASSERT(idx < slots_.size()); SlotPtr slot = std::make_unique(*this, idx); slots_[idx] = slot.get(); return slot; } InstanceImpl::SlotImpl::SlotImpl(InstanceImpl& parent, uint32_t index) : parent_(parent), index_(index), still_alive_guard_(std::make_shared(true)) {} Event::PostCb InstanceImpl::SlotImpl::wrapCallback(Event::PostCb&& cb) { // See the header file comments for still_alive_guard_ for the purpose of this capture and the // expired check below. return [still_alive_guard = std::weak_ptr(still_alive_guard_), cb] { if (!still_alive_guard.expired()) { cb(); } }; } bool InstanceImpl::SlotImpl::currentThreadRegisteredWorker(uint32_t index) { return thread_local_data_.data_.size() > index; } bool InstanceImpl::SlotImpl::currentThreadRegistered() { return currentThreadRegisteredWorker(index_); } ThreadLocalObjectSharedPtr InstanceImpl::SlotImpl::getWorker(uint32_t index) { ASSERT(currentThreadRegisteredWorker(index)); return thread_local_data_.data_[index]; } ThreadLocalObjectSharedPtr InstanceImpl::SlotImpl::get() { return getWorker(index_); } void InstanceImpl::SlotImpl::runOnAllThreads(const UpdateCb& cb, Event::PostCb complete_cb) { // See the header file comments for still_alive_guard_ for why we capture index_. parent_.runOnAllThreads( wrapCallback([cb, index = index_]() { setThreadLocal(index, cb(getWorker(index))); }), complete_cb); } void InstanceImpl::SlotImpl::runOnAllThreads(const UpdateCb& cb) { // See the header file comments for still_alive_guard_ for why we capture index_. parent_.runOnAllThreads( wrapCallback([cb, index = index_]() { setThreadLocal(index, cb(getWorker(index))); })); } void InstanceImpl::SlotImpl::set(InitializeCb cb) { ASSERT(std::this_thread::get_id() == parent_.main_thread_id_); ASSERT(!parent_.shutdown_); for (Event::Dispatcher& dispatcher : parent_.registered_threads_) { // See the header file comments for still_alive_guard_ for why we capture index_. dispatcher.post(wrapCallback( [index = index_, cb, &dispatcher]() -> void { setThreadLocal(index, cb(dispatcher)); })); } // Handle main thread. setThreadLocal(index_, cb(*parent_.main_thread_dispatcher_)); } void InstanceImpl::registerThread(Event::Dispatcher& dispatcher, bool main_thread) { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(!shutdown_); if (main_thread) { main_thread_dispatcher_ = &dispatcher; thread_local_data_.dispatcher_ = &dispatcher; } else { ASSERT(!containsReference(registered_threads_, dispatcher)); registered_threads_.push_back(dispatcher); dispatcher.post([&dispatcher] { thread_local_data_.dispatcher_ = &dispatcher; }); } } void InstanceImpl::removeSlot(uint32_t slot) { ASSERT(std::this_thread::get_id() == main_thread_id_); // When shutting down, we do not post slot removals to other threads. This is because the other // threads have already shut down and the dispatcher is no longer alive. There is also no reason // to do removal, because no allocations happen during shutdown and shutdownThread() will clean // things up on the other thread. if (shutdown_) { return; } slots_[slot] = nullptr; ASSERT(std::find(free_slot_indexes_.begin(), free_slot_indexes_.end(), slot) == free_slot_indexes_.end(), fmt::format("slot index {} already in free slot set!", slot)); free_slot_indexes_.push_back(slot); runOnAllThreads([slot]() -> void { // This runs on each thread and clears the slot, making it available for a new allocations. // This is safe even if a new allocation comes in, because everything happens with post() and // will be sequenced after this removal. It is also safe if there are callbacks pending on // other threads because they will run first. if (slot < thread_local_data_.data_.size()) { thread_local_data_.data_[slot] = nullptr; } }); } void InstanceImpl::runOnAllThreads(Event::PostCb cb) { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(!shutdown_); for (Event::Dispatcher& dispatcher : registered_threads_) { dispatcher.post(cb); } // Handle main thread. cb(); } void InstanceImpl::runOnAllThreads(Event::PostCb cb, Event::PostCb all_threads_complete_cb) { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(!shutdown_); // Handle main thread first so that when the last worker thread wins, we could just call the // all_threads_complete_cb method. Parallelism of main thread execution is being traded off // for programming simplicity here. cb(); Event::PostCbSharedPtr cb_guard(new Event::PostCb(cb), [this, all_threads_complete_cb](Event::PostCb* cb) { main_thread_dispatcher_->post(all_threads_complete_cb); delete cb; }); for (Event::Dispatcher& dispatcher : registered_threads_) { dispatcher.post([cb_guard]() -> void { (*cb_guard)(); }); } } void InstanceImpl::setThreadLocal(uint32_t index, ThreadLocalObjectSharedPtr object) { if (thread_local_data_.data_.size() <= index) { thread_local_data_.data_.resize(index + 1); } thread_local_data_.data_[index] = object; } void InstanceImpl::shutdownGlobalThreading() { ASSERT(std::this_thread::get_id() == main_thread_id_); ASSERT(!shutdown_); shutdown_ = true; } void InstanceImpl::shutdownThread() { ASSERT(shutdown_); // Destruction of slots is done in *reverse* order. This is so that filters and higher layer // things that are built on top of the cluster manager, stats, etc. will be destroyed before // more base layer things. The reason reverse ordering is done is to deal with the case that leaf // objects depend in some way on "persistent" objects (particularly the cluster manager) that are // created very early on with a known slot number and never destroyed until shutdown. For example, // if we chose to create persistent per-thread gRPC clients we would potentially run into shutdown // issues if that thing got destroyed after the cluster manager. This happens in practice // currently when a redis connection pool is destroyed and removes its member update callback from // the backing cluster. Examples of things with TLS that are created early on and are never // destroyed until server shutdown are stats, runtime, and the cluster manager (see server.cc). // // It's possible this might need to become more complicated later but it's OK for now. Note that // this is always safe to do because: // 1) All slot updates come in via post(). // 2) No updates or removals will come in during shutdown(). // // TODO(mattklein123): Deletion should really be in reverse *allocation* order. This could be // implemented relatively easily by keeping a parallel list of slot #s. This // would fix the case where something allocates two slots, but is interleaved // with a deletion, such that the second allocation is actually a lower slot // number than the first. This is an edge case that does not exist anywhere // in the code today, but we can keep this in mind if things become more // complicated in the future. for (auto it = thread_local_data_.data_.rbegin(); it != thread_local_data_.data_.rend(); ++it) { it->reset(); } thread_local_data_.data_.clear(); } Event::Dispatcher& InstanceImpl::dispatcher() { ASSERT(thread_local_data_.dispatcher_ != nullptr); return *thread_local_data_.dispatcher_; } } // namespace ThreadLocal } // namespace Envoy ================================================ FILE: source/common/thread_local/thread_local_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/thread_local/thread_local.h" #include "common/common/logger.h" #include "common/common/non_copyable.h" namespace Envoy { namespace ThreadLocal { /** * Implementation of ThreadLocal that relies on static thread_local objects. */ class InstanceImpl : Logger::Loggable, public NonCopyable, public Instance { public: InstanceImpl() : main_thread_id_(std::this_thread::get_id()) {} ~InstanceImpl() override; // ThreadLocal::Instance SlotPtr allocateSlot() override; void registerThread(Event::Dispatcher& dispatcher, bool main_thread) override; void shutdownGlobalThreading() override; void shutdownThread() override; Event::Dispatcher& dispatcher() override; private: // On destruction returns the slot index to the deferred delete queue (detaches it). This allows // a slot to be destructed on the main thread while controlling the lifetime of the underlying // slot as callbacks drain from workers. struct SlotImpl : public Slot { SlotImpl(InstanceImpl& parent, uint32_t index); ~SlotImpl() override { parent_.removeSlot(index_); } Event::PostCb wrapCallback(Event::PostCb&& cb); static bool currentThreadRegisteredWorker(uint32_t index); static ThreadLocalObjectSharedPtr getWorker(uint32_t index); // ThreadLocal::Slot ThreadLocalObjectSharedPtr get() override; void runOnAllThreads(const UpdateCb& cb) override; void runOnAllThreads(const UpdateCb& cb, Event::PostCb complete_cb) override; bool currentThreadRegistered() override; void set(InitializeCb cb) override; InstanceImpl& parent_; const uint32_t index_; // The following is used to safely verify via weak_ptr that this slot is still alive. This // does not prevent all races if a callback does not capture appropriately, but it does fix // the common case of a slot destroyed immediately before anything is posted to a worker. // NOTE: The general safety model of a slot is that it is destroyed immediately on the main // thread. This means that *all* captures must not reference the slot object directly. // this is why index_ is captured manually in callbacks that require it. // NOTE: When the slot is destroyed, the index is immediately recycled. This is safe because // any new posts for a recycled index must come after any previous callbacks for the // previous owner of the index. // TODO(mattklein123): Add clang-tidy analysis rule to check that "this" is not captured by // a TLS function call. This check will not prevent all bad captures, but it will at least // make the programmer more aware of potential issues. std::shared_ptr still_alive_guard_; }; struct ThreadLocalData { Event::Dispatcher* dispatcher_{}; std::vector data_; }; void removeSlot(uint32_t slot); void runOnAllThreads(Event::PostCb cb); void runOnAllThreads(Event::PostCb cb, Event::PostCb main_callback); static void setThreadLocal(uint32_t index, ThreadLocalObjectSharedPtr object); static thread_local ThreadLocalData thread_local_data_; std::vector slots_; // A list of index of freed slots. std::list free_slot_indexes_; std::list> registered_threads_; std::thread::id main_thread_id_; Event::Dispatcher* main_thread_dispatcher_{}; std::atomic shutdown_{}; // Test only. friend class ThreadLocalInstanceImplTest; }; using InstanceImplPtr = std::unique_ptr; } // namespace ThreadLocal } // namespace Envoy ================================================ FILE: source/common/tracing/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "http_tracer_lib", srcs = [ "http_tracer_impl.cc", ], hdrs = [ "http_tracer_impl.h", ], deps = [ "//include/envoy/http:request_id_extension_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/common:base64_lib", "//source/common/common:macros", "//source/common/common:utility_lib", "//source/common/config:metadata_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/grpc:common_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/json:json_loader_lib", "//source/common/protobuf:utility_lib", "//source/common/stream_info:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/metadata/v3:pkg_cc_proto", "@envoy_api//envoy/type/tracing/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "http_tracer_config_lib", hdrs = [ "http_tracer_config_impl.h", ], deps = [ "//include/envoy/server:tracer_config_interface", ], ) envoy_cc_library( name = "http_tracer_manager_lib", srcs = [ "http_tracer_manager_impl.cc", ], hdrs = [ "http_tracer_manager_impl.h", ], deps = [ "//include/envoy/server:tracer_config_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/tracing:http_tracer_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/tracing:http_tracer_lib", ], ) ================================================ FILE: source/common/tracing/http_tracer_config_impl.h ================================================ #pragma once #include "envoy/protobuf/message_validator.h" #include "envoy/server/tracer_config.h" namespace Envoy { namespace Tracing { class TracerFactoryContextImpl : public Server::Configuration::TracerFactoryContext { public: TracerFactoryContextImpl(Server::Configuration::ServerFactoryContext& server_factory_context, ProtobufMessage::ValidationVisitor& validation_visitor) : server_factory_context_(server_factory_context), validation_visitor_(validation_visitor) {} Server::Configuration::ServerFactoryContext& serverFactoryContext() override { return server_factory_context_; } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { return validation_visitor_; } private: Server::Configuration::ServerFactoryContext& server_factory_context_; ProtobufMessage::ValidationVisitor& validation_visitor_; }; } // namespace Tracing } // namespace Envoy ================================================ FILE: source/common/tracing/http_tracer_impl.cc ================================================ #include "common/tracing/http_tracer_impl.h" #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" #include "envoy/type/metadata/v3/metadata.pb.h" #include "envoy/type/tracing/v3/custom_tag.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/formatter/substitution_formatter.h" #include "common/grpc/common.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "common/stream_info/utility.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Tracing { // TODO(perf): Avoid string creations/copies in this entire file. static std::string buildResponseCode(const StreamInfo::StreamInfo& info) { return info.responseCode() ? std::to_string(info.responseCode().value()) : "0"; } static absl::string_view valueOrDefault(const Http::HeaderEntry* header, const char* default_value) { return header ? header->value().getStringView() : default_value; } static std::string buildUrl(const Http::RequestHeaderMap& request_headers, const uint32_t max_path_length) { if (!request_headers.Path()) { return ""; } absl::string_view path(request_headers.EnvoyOriginalPath() ? request_headers.getEnvoyOriginalPathValue() : request_headers.getPathValue()); if (path.length() > max_path_length) { path = path.substr(0, max_path_length); } return absl::StrCat(request_headers.getForwardedProtoValue(), "://", request_headers.getHostValue(), path); } const std::string HttpTracerUtility::IngressOperation = "ingress"; const std::string HttpTracerUtility::EgressOperation = "egress"; const std::string& HttpTracerUtility::toString(OperationName operation_name) { switch (operation_name) { case OperationName::Ingress: return IngressOperation; case OperationName::Egress: return EgressOperation; } NOT_REACHED_GCOVR_EXCL_LINE; } Decision HttpTracerUtility::isTracing(const StreamInfo::StreamInfo& stream_info, const Http::RequestHeaderMap& request_headers) { // Exclude health check requests immediately. if (stream_info.healthCheck()) { return {Reason::HealthCheck, false}; } Http::TraceStatus trace_status = stream_info.getRequestIDExtension()->getTraceStatus(request_headers); switch (trace_status) { case Http::TraceStatus::Client: return {Reason::ClientForced, true}; case Http::TraceStatus::Forced: return {Reason::ServiceForced, true}; case Http::TraceStatus::Sampled: return {Reason::Sampling, true}; case Http::TraceStatus::NoTrace: return {Reason::NotTraceableRequestId, false}; } NOT_REACHED_GCOVR_EXCL_LINE; } static void addTagIfNotNull(Span& span, const std::string& tag, const Http::HeaderEntry* entry) { if (entry != nullptr) { span.setTag(tag, entry->value().getStringView()); } } static void addGrpcRequestTags(Span& span, const Http::RequestHeaderMap& headers) { addTagIfNotNull(span, Tracing::Tags::get().GrpcPath, headers.Path()); addTagIfNotNull(span, Tracing::Tags::get().GrpcAuthority, headers.Host()); addTagIfNotNull(span, Tracing::Tags::get().GrpcContentType, headers.ContentType()); addTagIfNotNull(span, Tracing::Tags::get().GrpcTimeout, headers.GrpcTimeout()); } template static void addGrpcResponseTags(Span& span, const T& headers) { addTagIfNotNull(span, Tracing::Tags::get().GrpcStatusCode, headers.GrpcStatus()); addTagIfNotNull(span, Tracing::Tags::get().GrpcMessage, headers.GrpcMessage()); // Set error tag when status is not OK. absl::optional grpc_status_code = Grpc::Common::getGrpcStatus(headers); if (grpc_status_code && grpc_status_code.value() != Grpc::Status::WellKnownGrpcStatus::Ok) { span.setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); } } static void annotateVerbose(Span& span, const StreamInfo::StreamInfo& stream_info) { const auto start_time = stream_info.startTime(); if (stream_info.lastDownstreamRxByteReceived()) { span.log(start_time + std::chrono::duration_cast( *stream_info.lastDownstreamRxByteReceived()), Tracing::Logs::get().LastDownstreamRxByteReceived); } if (stream_info.firstUpstreamTxByteSent()) { span.log(start_time + std::chrono::duration_cast( *stream_info.firstUpstreamTxByteSent()), Tracing::Logs::get().FirstUpstreamTxByteSent); } if (stream_info.lastUpstreamTxByteSent()) { span.log(start_time + std::chrono::duration_cast( *stream_info.lastUpstreamTxByteSent()), Tracing::Logs::get().LastUpstreamTxByteSent); } if (stream_info.firstUpstreamRxByteReceived()) { span.log(start_time + std::chrono::duration_cast( *stream_info.firstUpstreamRxByteReceived()), Tracing::Logs::get().FirstUpstreamRxByteReceived); } if (stream_info.lastUpstreamRxByteReceived()) { span.log(start_time + std::chrono::duration_cast( *stream_info.lastUpstreamRxByteReceived()), Tracing::Logs::get().LastUpstreamRxByteReceived); } if (stream_info.firstDownstreamTxByteSent()) { span.log(start_time + std::chrono::duration_cast( *stream_info.firstDownstreamTxByteSent()), Tracing::Logs::get().FirstDownstreamTxByteSent); } if (stream_info.lastDownstreamTxByteSent()) { span.log(start_time + std::chrono::duration_cast( *stream_info.lastDownstreamTxByteSent()), Tracing::Logs::get().LastDownstreamTxByteSent); } } void HttpTracerUtility::finalizeDownstreamSpan(Span& span, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config) { // Pre response data. if (request_headers) { if (request_headers->RequestId()) { span.setTag(Tracing::Tags::get().GuidXRequestId, request_headers->getRequestIdValue()); } span.setTag(Tracing::Tags::get().HttpUrl, buildUrl(*request_headers, tracing_config.maxPathTagLength())); span.setTag(Tracing::Tags::get().HttpMethod, request_headers->getMethodValue()); span.setTag(Tracing::Tags::get().DownstreamCluster, valueOrDefault(request_headers->EnvoyDownstreamServiceCluster(), "-")); span.setTag(Tracing::Tags::get().UserAgent, valueOrDefault(request_headers->UserAgent(), "-")); span.setTag( Tracing::Tags::get().HttpProtocol, Formatter::SubstitutionFormatUtils::protocolToStringOrDefault(stream_info.protocol())); const auto& remote_address = stream_info.downstreamDirectRemoteAddress(); if (remote_address->type() == Network::Address::Type::Ip) { const auto remote_ip = remote_address->ip(); span.setTag(Tracing::Tags::get().PeerAddress, remote_ip->addressAsString()); } else { span.setTag(Tracing::Tags::get().PeerAddress, remote_address->logicalName()); } if (request_headers->ClientTraceId()) { span.setTag(Tracing::Tags::get().GuidXClientTraceId, request_headers->getClientTraceIdValue()); } if (Grpc::Common::isGrpcRequestHeaders(*request_headers)) { addGrpcRequestTags(span, *request_headers); } } CustomTagContext ctx{request_headers, stream_info}; const CustomTagMap* custom_tag_map = tracing_config.customTags(); if (custom_tag_map) { for (const auto& it : *custom_tag_map) { it.second->apply(span, ctx); } } span.setTag(Tracing::Tags::get().RequestSize, std::to_string(stream_info.bytesReceived())); span.setTag(Tracing::Tags::get().ResponseSize, std::to_string(stream_info.bytesSent())); setCommonTags(span, response_headers, response_trailers, stream_info, tracing_config); span.finishSpan(); } void HttpTracerUtility::finalizeUpstreamSpan(Span& span, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config) { span.setTag( Tracing::Tags::get().HttpProtocol, Formatter::SubstitutionFormatUtils::protocolToStringOrDefault(stream_info.protocol())); if (stream_info.upstreamHost()) { span.setTag(Tracing::Tags::get().UpstreamAddress, stream_info.upstreamHost()->address()->asStringView()); } setCommonTags(span, response_headers, response_trailers, stream_info, tracing_config); span.finishSpan(); } void HttpTracerUtility::setCommonTags(Span& span, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config) { span.setTag(Tracing::Tags::get().Component, Tracing::Tags::get().Proxy); if (nullptr != stream_info.upstreamHost()) { span.setTag(Tracing::Tags::get().UpstreamCluster, stream_info.upstreamHost()->cluster().name()); } // Post response data. span.setTag(Tracing::Tags::get().HttpStatusCode, buildResponseCode(stream_info)); span.setTag(Tracing::Tags::get().ResponseFlags, StreamInfo::ResponseFlagUtils::toShortString(stream_info)); // GRPC data. if (response_trailers && response_trailers->GrpcStatus() != nullptr) { addGrpcResponseTags(span, *response_trailers); } else if (response_headers && response_headers->GrpcStatus() != nullptr) { addGrpcResponseTags(span, *response_headers); } if (tracing_config.verbose()) { annotateVerbose(span, stream_info); } if (!stream_info.responseCode() || Http::CodeUtility::is5xx(stream_info.responseCode().value())) { span.setTag(Tracing::Tags::get().Error, Tracing::Tags::get().True); } } CustomTagConstSharedPtr HttpTracerUtility::createCustomTag(const envoy::type::tracing::v3::CustomTag& tag) { switch (tag.type_case()) { case envoy::type::tracing::v3::CustomTag::TypeCase::kLiteral: return std::make_shared(tag.tag(), tag.literal()); case envoy::type::tracing::v3::CustomTag::TypeCase::kEnvironment: return std::make_shared(tag.tag(), tag.environment()); case envoy::type::tracing::v3::CustomTag::TypeCase::kRequestHeader: return std::make_shared(tag.tag(), tag.request_header()); case envoy::type::tracing::v3::CustomTag::TypeCase::kMetadata: return std::make_shared(tag.tag(), tag.metadata()); default: NOT_REACHED_GCOVR_EXCL_LINE; } } HttpTracerImpl::HttpTracerImpl(DriverPtr&& driver, const LocalInfo::LocalInfo& local_info) : driver_(std::move(driver)), local_info_(local_info) {} SpanPtr HttpTracerImpl::startSpan(const Config& config, Http::RequestHeaderMap& request_headers, const StreamInfo::StreamInfo& stream_info, const Tracing::Decision tracing_decision) { std::string span_name = HttpTracerUtility::toString(config.operationName()); if (config.operationName() == OperationName::Egress) { span_name.append(" "); span_name.append(std::string(request_headers.getHostValue())); } SpanPtr active_span = driver_->startSpan(config, request_headers, span_name, stream_info.startTime(), tracing_decision); // Set tags related to the local environment if (active_span) { active_span->setTag(Tracing::Tags::get().NodeId, local_info_.nodeName()); active_span->setTag(Tracing::Tags::get().Zone, local_info_.zoneName()); } return active_span; } void CustomTagBase::apply(Span& span, const CustomTagContext& ctx) const { absl::string_view tag_value = value(ctx); if (!tag_value.empty()) { span.setTag(tag(), tag_value); } } EnvironmentCustomTag::EnvironmentCustomTag( const std::string& tag, const envoy::type::tracing::v3::CustomTag::Environment& environment) : CustomTagBase(tag), name_(environment.name()), default_value_(environment.default_value()) { const char* env = std::getenv(name_.data()); final_value_ = env ? env : default_value_; } RequestHeaderCustomTag::RequestHeaderCustomTag( const std::string& tag, const envoy::type::tracing::v3::CustomTag::Header& request_header) : CustomTagBase(tag), name_(Http::LowerCaseString(request_header.name())), default_value_(request_header.default_value()) {} absl::string_view RequestHeaderCustomTag::value(const CustomTagContext& ctx) const { if (!ctx.request_headers) { return default_value_; } const Http::HeaderEntry* entry = ctx.request_headers->get(name_); return entry ? entry->value().getStringView() : default_value_; } MetadataCustomTag::MetadataCustomTag(const std::string& tag, const envoy::type::tracing::v3::CustomTag::Metadata& metadata) : CustomTagBase(tag), kind_(metadata.kind().kind_case()), metadata_key_(metadata.metadata_key()), default_value_(metadata.default_value()) {} void MetadataCustomTag::apply(Span& span, const CustomTagContext& ctx) const { const envoy::config::core::v3::Metadata* meta = metadata(ctx); if (!meta) { if (!default_value_.empty()) { span.setTag(tag(), default_value_); } return; } const ProtobufWkt::Value& value = Envoy::Config::Metadata::metadataValue(meta, metadata_key_); switch (value.kind_case()) { case ProtobufWkt::Value::kBoolValue: span.setTag(tag(), value.bool_value() ? "true" : "false"); return; case ProtobufWkt::Value::kNumberValue: span.setTag(tag(), absl::StrCat("", value.number_value())); return; case ProtobufWkt::Value::kStringValue: span.setTag(tag(), value.string_value()); return; case ProtobufWkt::Value::kListValue: span.setTag(tag(), MessageUtil::getJsonStringFromMessage(value.list_value())); return; case ProtobufWkt::Value::kStructValue: span.setTag(tag(), MessageUtil::getJsonStringFromMessage(value.struct_value())); return; default: break; } if (!default_value_.empty()) { span.setTag(tag(), default_value_); } } const envoy::config::core::v3::Metadata* MetadataCustomTag::metadata(const CustomTagContext& ctx) const { const StreamInfo::StreamInfo& info = ctx.stream_info; switch (kind_) { case envoy::type::metadata::v3::MetadataKind::KindCase::kRequest: return &info.dynamicMetadata(); case envoy::type::metadata::v3::MetadataKind::KindCase::kRoute: { const Router::RouteEntry* route_entry = info.routeEntry(); return route_entry ? &route_entry->metadata() : nullptr; } case envoy::type::metadata::v3::MetadataKind::KindCase::kCluster: { const auto& hostPtr = info.upstreamHost(); return hostPtr ? &hostPtr->cluster().metadata() : nullptr; } case envoy::type::metadata::v3::MetadataKind::KindCase::kHost: { const auto& hostPtr = info.upstreamHost(); return hostPtr ? hostPtr->metadata().get() : nullptr; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Tracing } // namespace Envoy ================================================ FILE: source/common/tracing/http_tracer_impl.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/request_id_extension.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/metadata/v3/metadata.pb.h" #include "envoy/type/tracing/v3/custom_tag.pb.h" #include "envoy/upstream/cluster_manager.h" #include "common/config/metadata.h" #include "common/http/header_map_impl.h" #include "common/json/json_loader.h" namespace Envoy { namespace Tracing { /** * Tracing tag names. */ class TracingTagValues { public: // OpenTracing standard tag names. const std::string Component = "component"; const std::string DbInstance = "db.instance"; const std::string DbStatement = "db.statement"; const std::string DbUser = "db.user"; const std::string DbType = "db.type"; const std::string Error = "error"; const std::string HttpMethod = "http.method"; const std::string HttpStatusCode = "http.status_code"; const std::string HttpUrl = "http.url"; const std::string MessageBusDestination = "message_bus.destination"; const std::string PeerAddress = "peer.address"; const std::string PeerHostname = "peer.hostname"; const std::string PeerIpv4 = "peer.ipv4"; const std::string PeerIpv6 = "peer.ipv6"; const std::string PeerPort = "peer.port"; const std::string PeerService = "peer.service"; const std::string SpanKind = "span.kind"; // Non-standard tag names. const std::string DownstreamCluster = "downstream_cluster"; const std::string ErrorReason = "error.reason"; const std::string GrpcAuthority = "grpc.authority"; const std::string GrpcContentType = "grpc.content_type"; const std::string GrpcMessage = "grpc.message"; const std::string GrpcPath = "grpc.path"; const std::string GrpcStatusCode = "grpc.status_code"; const std::string GrpcTimeout = "grpc.timeout"; const std::string GuidXClientTraceId = "guid:x-client-trace-id"; const std::string GuidXRequestId = "guid:x-request-id"; const std::string HttpProtocol = "http.protocol"; const std::string NodeId = "node_id"; const std::string RequestSize = "request_size"; const std::string ResponseFlags = "response_flags"; const std::string ResponseSize = "response_size"; const std::string RetryCount = "retry.count"; const std::string Status = "status"; const std::string UpstreamAddress = "upstream_address"; const std::string UpstreamCluster = "upstream_cluster"; const std::string UserAgent = "user_agent"; const std::string Zone = "zone"; // Tag values. const std::string Canceled = "canceled"; const std::string Proxy = "proxy"; const std::string True = "true"; }; using Tags = ConstSingleton; class TracingLogValues { public: // OpenTracing standard key names. const std::string EventKey = "event"; // Event names const std::string LastDownstreamRxByteReceived = "last_downstream_rx_byte_received"; const std::string FirstUpstreamTxByteSent = "first_upstream_tx_byte_sent"; const std::string LastUpstreamTxByteSent = "last_upstream_tx_byte_sent"; const std::string FirstUpstreamRxByteReceived = "first_upstream_rx_byte_received"; const std::string LastUpstreamRxByteReceived = "last_upstream_rx_byte_received"; const std::string FirstDownstreamTxByteSent = "first_downstream_tx_byte_sent"; const std::string LastDownstreamTxByteSent = "last_downstream_tx_byte_sent"; }; using Logs = ConstSingleton; class HttpTracerUtility { public: /** * Get string representation of the operation. * @param operation name to convert. * @return string representation of the operation. */ static const std::string& toString(OperationName operation_name); /** * Request might be traceable if x-request-id is traceable uuid or we do sampling tracing. * Note: there is a global switch which turns off tracing completely on server side. * * @return decision if request is traceable or not and Reason why. **/ static Decision isTracing(const StreamInfo::StreamInfo& stream_info, const Http::RequestHeaderMap& request_headers); /** * Adds information obtained from the downstream request headers as tags to the active span. * Then finishes the span. */ static void finalizeDownstreamSpan(Span& span, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config); /** * Adds information obtained from the upstream request headers as tags to the active span. * Then finishes the span. */ static void finalizeUpstreamSpan(Span& span, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config); /** * Create a custom tag according to the configuration. * @param tag a tracing custom tag configuration. */ static CustomTagConstSharedPtr createCustomTag(const envoy::type::tracing::v3::CustomTag& tag); private: static void setCommonTags(Span& span, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info, const Config& tracing_config); static const std::string IngressOperation; static const std::string EgressOperation; }; class EgressConfigImpl : public Config { public: // Tracing::Config Tracing::OperationName operationName() const override { return Tracing::OperationName::Egress; } const CustomTagMap* customTags() const override { return nullptr; } bool verbose() const override { return false; } uint32_t maxPathTagLength() const override { return Tracing::DefaultMaxPathTagLength; } }; using EgressConfig = ConstSingleton; class NullSpan : public Span { public: static NullSpan& instance() { static NullSpan* instance = new NullSpan(); return *instance; } // Tracing::Span void setOperation(absl::string_view) override {} void setTag(absl::string_view, absl::string_view) override {} void log(SystemTime, const std::string&) override {} void finishSpan() override {} void injectContext(Http::RequestHeaderMap&) override {} void setBaggage(absl::string_view, absl::string_view) override {} std::string getBaggage(absl::string_view) override { return std::string(); } SpanPtr spawnChild(const Config&, const std::string&, SystemTime) override { return SpanPtr{new NullSpan()}; } void setSampled(bool) override {} }; class HttpNullTracer : public HttpTracer { public: // Tracing::HttpTracer SpanPtr startSpan(const Config&, Http::RequestHeaderMap&, const StreamInfo::StreamInfo&, const Tracing::Decision) override { return SpanPtr{new NullSpan()}; } }; class HttpTracerImpl : public HttpTracer { public: HttpTracerImpl(DriverPtr&& driver, const LocalInfo::LocalInfo& local_info); // Tracing::HttpTracer SpanPtr startSpan(const Config& config, Http::RequestHeaderMap& request_headers, const StreamInfo::StreamInfo& stream_info, const Tracing::Decision tracing_decision) override; private: DriverPtr driver_; const LocalInfo::LocalInfo& local_info_; }; class CustomTagBase : public CustomTag { public: explicit CustomTagBase(const std::string& tag) : tag_(tag) {} absl::string_view tag() const override { return tag_; } void apply(Span& span, const CustomTagContext& ctx) const override; virtual absl::string_view value(const CustomTagContext& ctx) const PURE; protected: const std::string tag_; }; class LiteralCustomTag : public CustomTagBase { public: LiteralCustomTag(const std::string& tag, const envoy::type::tracing::v3::CustomTag::Literal& literal) : CustomTagBase(tag), value_(literal.value()) {} absl::string_view value(const CustomTagContext&) const override { return value_; } private: const std::string value_; }; class EnvironmentCustomTag : public CustomTagBase { public: EnvironmentCustomTag(const std::string& tag, const envoy::type::tracing::v3::CustomTag::Environment& environment); absl::string_view value(const CustomTagContext&) const override { return final_value_; } private: const std::string name_; const std::string default_value_; std::string final_value_; }; class RequestHeaderCustomTag : public CustomTagBase { public: RequestHeaderCustomTag(const std::string& tag, const envoy::type::tracing::v3::CustomTag::Header& request_header); absl::string_view value(const CustomTagContext& ctx) const override; private: const Http::LowerCaseString name_; const std::string default_value_; }; class MetadataCustomTag : public CustomTagBase { public: MetadataCustomTag(const std::string& tag, const envoy::type::tracing::v3::CustomTag::Metadata& metadata); void apply(Span& span, const CustomTagContext& ctx) const override; absl::string_view value(const CustomTagContext&) const override { return default_value_; } const envoy::config::core::v3::Metadata* metadata(const CustomTagContext& ctx) const; protected: const envoy::type::metadata::v3::MetadataKind::KindCase kind_; const Envoy::Config::MetadataKey metadata_key_; const std::string default_value_; }; } // namespace Tracing } // namespace Envoy ================================================ FILE: source/common/tracing/http_tracer_manager_impl.cc ================================================ #include "common/tracing/http_tracer_manager_impl.h" #include "common/config/utility.h" namespace Envoy { namespace Tracing { HttpTracerManagerImpl::HttpTracerManagerImpl( Server::Configuration::TracerFactoryContextPtr factory_context) : factory_context_(std::move(factory_context)) {} HttpTracerSharedPtr HttpTracerManagerImpl::getOrCreateHttpTracer(const envoy::config::trace::v3::Tracing_Http* config) { if (!config) { return null_tracer_; } const auto cache_key = MessageUtil::hash(*config); const auto it = http_tracers_.find(cache_key); if (it != http_tracers_.end()) { auto http_tracer = it->second.lock(); if (http_tracer) { // HttpTracer might have been released since it's a weak reference return http_tracer; } } // Free memory held by expired weak references. // // Given that: // // * HttpTracer is obtained only once per listener lifecycle // * in a typical case, all listeners will have identical tracing configuration and, consequently, // will share the same HttpTracer instance // * amount of memory held by an expired weak reference is minimal // // it seems reasonable to avoid introducing an external sweeper and only reclaim memory at // the moment when a new HttpTracer instance is about to be created. removeExpiredCacheEntries(); // Initialize a new tracer. ENVOY_LOG(info, "instantiating a new tracer: {}", config->name()); // Now see if there is a factory that will accept the config. auto& factory = Envoy::Config::Utility::getAndCheckFactory(*config); ProtobufTypes::MessagePtr message = Envoy::Config::Utility::translateToFactoryConfig( *config, factory_context_->messageValidationVisitor(), factory); HttpTracerSharedPtr http_tracer = factory.createHttpTracer(*message, *factory_context_); http_tracers_.emplace(cache_key, http_tracer); // cache a weak reference return http_tracer; } void HttpTracerManagerImpl::removeExpiredCacheEntries() { absl::erase_if(http_tracers_, [](const std::pair>& entry) { return entry.second.expired(); }); } } // namespace Tracing } // namespace Envoy ================================================ FILE: source/common/tracing/http_tracer_manager_impl.h ================================================ #pragma once #include "envoy/server/tracer_config.h" #include "envoy/singleton/instance.h" #include "envoy/tracing/http_tracer_manager.h" #include "common/common/logger.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Tracing { class HttpTracerManagerImpl : public HttpTracerManager, public Singleton::Instance, Logger::Loggable { public: HttpTracerManagerImpl(Server::Configuration::TracerFactoryContextPtr factory_context); // HttpTracerManager HttpTracerSharedPtr getOrCreateHttpTracer(const envoy::config::trace::v3::Tracing_Http* config) override; // Take a peek into the cache of HttpTracers. This should only be used in tests. const absl::flat_hash_map>& peekCachedTracersForTest() const { return http_tracers_; } private: void removeExpiredCacheEntries(); Server::Configuration::TracerFactoryContextPtr factory_context_; const HttpTracerSharedPtr null_tracer_{std::make_shared()}; // HttpTracers indexed by the hash of their configuration. absl::flat_hash_map> http_tracers_; }; } // namespace Tracing } // namespace Envoy ================================================ FILE: source/common/upstream/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "cds_api_lib", srcs = ["cds_api_impl.cc"], hdrs = ["cds_api_impl.h"], deps = [ "//include/envoy/config:subscription_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/local_info:local_info_interface", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "cluster_manager_lib", srcs = ["cluster_manager_impl.cc"], hdrs = ["cluster_manager_impl.h"], deps = [ ":cds_api_lib", ":load_balancer_lib", ":load_stats_reporter_lib", ":ring_hash_lb_lib", ":subset_lb_lib", "//include/envoy/api:api_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/http:codes_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:dns_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:cleanup_lib", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/config:grpc_mux_lib", "//source/common/config:subscription_factory_lib", "//source/common/config:utility_lib", "//source/common/config:version_converter_lib", "//source/common/grpc:async_client_manager_lib", "//source/common/http:async_client_lib", "//source/common/http/http1:conn_pool_lib", "//source/common/http/http2:conn_pool_lib", "//source/common/network:resolver_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/router:shadow_writer_lib", "//source/common/shared_pool:shared_pool_lib", "//source/common/tcp:conn_pool_lib", "//source/common/upstream:priority_conn_pool_map_impl_lib", "//source/common/upstream:upstream_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "cluster_update_tracker_lib", srcs = ["cluster_update_tracker.cc"], hdrs = ["cluster_update_tracker.h"], deps = [ "//include/envoy/upstream:cluster_manager_interface", ], ) envoy_cc_library( name = "conn_pool_map", hdrs = ["conn_pool_map.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/upstream:resource_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:debug_recursion_checker_lib", ], ) envoy_cc_library( name = "conn_pool_map_impl_lib", hdrs = ["conn_pool_map_impl.h"], deps = [ ":conn_pool_map", ], ) envoy_cc_library( name = "priority_conn_pool_map", hdrs = ["priority_conn_pool_map.h"], deps = [ ":conn_pool_map", "//include/envoy/event:dispatcher_interface", "//include/envoy/upstream:resource_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:debug_recursion_checker_lib", ], ) envoy_cc_library( name = "priority_conn_pool_map_impl_lib", hdrs = ["priority_conn_pool_map_impl.h"], deps = [ ":conn_pool_map_impl_lib", ":priority_conn_pool_map", ], ) envoy_cc_library( name = "edf_scheduler_lib", hdrs = ["edf_scheduler.h"], deps = ["//source/common/common:assert_lib"], ) envoy_cc_library( name = "health_checker_base_lib", srcs = ["health_checker_base_impl.cc"], hdrs = ["health_checker_base_impl.h"], deps = [ "//include/envoy/upstream:health_checker_interface", "//source/common/router:router_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher:pkg_cc_proto", ], ) envoy_cc_library( name = "health_checker_lib", srcs = ["health_checker_impl.cc"], hdrs = ["health_checker_impl.h"], external_deps = [ "grpc_health_proto", ], deps = [ ":health_checker_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", # TODO(dio): Remove dependency to server. "//include/envoy/server:health_checker_config_interface", "//source/common/grpc:codec_lib", "//source/common/http:codec_client_lib", "//source/common/upstream:host_utility_lib", ], ) envoy_cc_library( name = "host_utility_lib", srcs = ["host_utility.cc"], hdrs = ["host_utility.h"], deps = ["//include/envoy/upstream:upstream_interface"], ) envoy_cc_library( name = "load_balancer_lib", srcs = ["load_balancer_impl.cc"], hdrs = ["load_balancer_impl.h"], deps = [ ":edf_scheduler_lib", "//include/envoy/common:random_generator_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_interface", "//include/envoy/upstream:load_balancer_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_protos_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "load_stats_reporter_lib", srcs = ["load_stats_reporter.cc"], hdrs = ["load_stats_reporter.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/stats:stats_macros", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:version_converter_lib", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/service/load_stats/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "health_discovery_service_lib", srcs = ["health_discovery_service.cc"], hdrs = ["health_discovery_service.h"], deps = [ ":health_checker_lib", ":upstream_includes", "//include/envoy/api:api_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/stats:stats_macros", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/config:version_converter_lib", "//source/common/grpc:async_client_lib", "//source/common/network:resolver_lib", "//source/common/protobuf:message_validator_lib", "//source/common/protobuf:utility_lib", "//source/extensions/transport_sockets:well_known_names", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/health/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "logical_host_lib", srcs = ["logical_host.cc"], hdrs = ["logical_host.h"], deps = [ ":upstream_includes", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "logical_dns_cluster_lib", srcs = ["logical_dns_cluster.cc"], hdrs = ["logical_dns_cluster.h"], deps = [ ":cluster_factory_lib", ":logical_host_lib", ":upstream_includes", "//include/envoy/upstream:cluster_factory_interface", "//source/common/common:empty_string", "//source/common/config:utility_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "original_dst_cluster_lib", srcs = ["original_dst_cluster.cc"], hdrs = ["original_dst_cluster.h"], deps = [ ":cluster_factory_lib", ":upstream_includes", "//include/envoy/secret:secret_manager_interface", "//include/envoy/upstream:cluster_factory_interface", "//source/common/common:empty_string", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "outlier_detection_lib", srcs = ["outlier_detection_impl.cc"], hdrs = ["outlier_detection_impl.h"], deps = [ "//include/envoy/access_log:access_log_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/upstream:outlier_detection_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/http:codes_lib", "//source/common/protobuf", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/data/cluster/v2alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "resource_manager_lib", hdrs = ["resource_manager_impl.h"], deps = [ "//include/envoy/runtime:runtime_interface", "//include/envoy/upstream:resource_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:basic_resource_lib", ], ) envoy_cc_library( name = "thread_aware_lb_lib", srcs = ["thread_aware_lb_impl.cc"], hdrs = ["thread_aware_lb_impl.h"], external_deps = ["abseil_synchronization"], deps = [ ":load_balancer_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "maglev_lb_lib", srcs = ["maglev_lb.cc"], hdrs = ["maglev_lb.h"], deps = [ ":thread_aware_lb_lib", ":upstream_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ring_hash_lb_lib", srcs = ["ring_hash_lb.cc"], hdrs = ["ring_hash_lb.h"], external_deps = [ "abseil_inlined_vector", ], deps = [ ":thread_aware_lb_lib", "//source/common/common:minimal_logger_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "eds_lib", srcs = ["eds.cc"], hdrs = ["eds.h"], deps = [ ":cluster_factory_lib", ":upstream_includes", "//include/envoy/config:grpc_mux_interface", "//include/envoy/config:subscription_factory_interface", "//include/envoy/config:subscription_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/secret:secret_manager_interface", "//include/envoy/upstream:cluster_factory_interface", "//include/envoy/upstream:locality_lib", "//source/common/config:api_version_lib", "//source/common/config:decoded_resource_lib", "//source/common/config:metadata_lib", "//source/common/config:subscription_base_interface", "//source/common/config:subscription_factory_lib", "//source/common/config:utility_lib", "//source/common/config:version_converter_lib", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "subset_lb_lib", srcs = ["subset_lb.cc"], hdrs = ["subset_lb.h"], deps = [ ":load_balancer_lib", ":maglev_lb_lib", ":ring_hash_lb_lib", ":upstream_lib", "//include/envoy/runtime:runtime_interface", "//include/envoy/upstream:load_balancer_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:metadata_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "upstream_lib", srcs = ["upstream_impl.cc"], deps = [ ":eds_lib", ":health_checker_lib", # TODO(mattklein123): Move the clusters to extensions so they can be compiled out. ":logical_dns_cluster_lib", ":original_dst_cluster_lib", ":static_cluster_lib", ":strict_dns_cluster_lib", ":upstream_includes", ":transport_socket_match_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:dns_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/ssl:context_interface", "//include/envoy/upstream:health_checker_interface", "//source/common/common:enum_to_int", "//source/common/common:thread_lib", "//source/common/common:utility_lib", "//source/common/http/http1:codec_stats_lib", "//source/common/http/http2:codec_stats_lib", "//source/common/http:utility_lib", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:socket_option_lib", "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/network/common:utility_lib", "//source/extensions/transport_sockets:well_known_names", "//source/server:transport_socket_config_lib", ], ) envoy_cc_library( name = "transport_socket_match_lib", srcs = ["transport_socket_match_impl.cc"], deps = [ ":upstream_includes", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "static_cluster_lib", srcs = ["static_cluster.cc"], hdrs = ["static_cluster.h"], deps = [ ":cluster_factory_includes", ":upstream_includes", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "strict_dns_cluster_lib", srcs = ["strict_dns_cluster.cc"], hdrs = ["strict_dns_cluster.h"], deps = [ ":cluster_factory_includes", ":upstream_includes", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "upstream_includes", hdrs = [ "transport_socket_match_impl.h", "upstream_impl.h", ], external_deps = ["abseil_synchronization"], deps = [ ":load_balancer_lib", ":outlier_detection_lib", ":resource_manager_lib", "//include/envoy/event:timer_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:dns_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:health_checker_interface", "//include/envoy/upstream:load_balancer_interface", "//include/envoy/upstream:locality_lib", "//include/envoy/upstream:upstream_interface", "//source/common/common:callback_impl_lib", "//source/common/common:enum_to_int", "//source/common/common:minimal_logger_lib", "//source/common/config:metadata_lib", "//source/common/config:well_known_names", "//source/common/http/http1:codec_stats_lib", "//source/common/http/http2:codec_stats_lib", "//source/common/init:manager_lib", "//source/common/shared_pool:shared_pool_lib", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "cluster_factory_lib", srcs = ["cluster_factory_impl.cc"], deps = [ ":cluster_factory_includes", ":health_checker_lib", ":upstream_includes", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:dns_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/ssl:context_interface", "//include/envoy/upstream:health_checker_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/http:utility_lib", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "//source/extensions/clusters:well_known_names", "//source/extensions/transport_sockets:well_known_names", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "cluster_factory_includes", hdrs = ["cluster_factory_impl.h"], deps = [ ":load_balancer_lib", ":outlier_detection_lib", ":resource_manager_lib", ":upstream_includes", "//include/envoy/event:timer_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:dns_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_factory_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:health_checker_interface", "//include/envoy/upstream:load_balancer_interface", "//include/envoy/upstream:locality_lib", "//include/envoy/upstream:upstream_interface", "//source/common/common:callback_impl_lib", "//source/common/common:enum_to_int", "//source/common/common:minimal_logger_lib", "//source/common/config:metadata_lib", "//source/common/config:subscription_factory_lib", "//source/common/config:utility_lib", "//source/common/config:well_known_names", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", "//source/extensions/clusters:well_known_names", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) ================================================ FILE: source/common/upstream/cds_api_impl.cc ================================================ #include "common/upstream/cds_api_impl.h" #include #include "envoy/api/v2/cluster.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/utility.h" #include "common/config/api_version.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Upstream { CdsApiPtr CdsApiImpl::create(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validation_visitor) { return CdsApiPtr{new CdsApiImpl(cds_config, cm, scope, validation_visitor)}; } CdsApiImpl::CdsApiImpl(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validation_visitor) : Envoy::Config::SubscriptionBase( cds_config.resource_api_version(), validation_visitor, "name"), cm_(cm), scope_(scope.createScope("cluster_manager.cds.")) { const auto resource_name = getResourceName(); subscription_ = cm_.subscriptionFactory().subscriptionFromConfigSource( cds_config, Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); } void CdsApiImpl::onConfigUpdate(const std::vector& resources, const std::string& version_info) { ClusterManager::ClusterInfoMap clusters_to_remove = cm_.clusters(); std::vector clusters; for (const auto& resource : resources) { clusters_to_remove.erase(resource.get().name()); } Protobuf::RepeatedPtrField to_remove_repeated; for (const auto& [cluster_name, _] : clusters_to_remove) { *to_remove_repeated.Add() = cluster_name; } onConfigUpdate(resources, to_remove_repeated, version_info); } void CdsApiImpl::onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) { Config::ScopedResume maybe_resume_eds; if (cm_.adsMux()) { const auto type_urls = Config::getAllVersionTypeUrls(); maybe_resume_eds = cm_.adsMux()->pause(type_urls); } ENVOY_LOG(info, "cds: add {} cluster(s), remove {} cluster(s)", added_resources.size(), removed_resources.size()); std::vector exception_msgs; absl::node_hash_set cluster_names; bool any_applied = false; for (const auto& resource : added_resources) { envoy::config::cluster::v3::Cluster cluster; try { cluster = dynamic_cast(resource.get().resource()); if (!cluster_names.insert(cluster.name()).second) { // NOTE: at this point, the first of these duplicates has already been successfully applied. throw EnvoyException(fmt::format("duplicate cluster {} found", cluster.name())); } if (cm_.addOrUpdateCluster(cluster, resource.get().version())) { any_applied = true; ENVOY_LOG(info, "cds: add/update cluster '{}'", cluster.name()); } else { ENVOY_LOG(debug, "cds: add/update cluster '{}' skipped", cluster.name()); } } catch (const EnvoyException& e) { exception_msgs.push_back(fmt::format("{}: {}", cluster.name(), e.what())); } } for (const auto& resource_name : removed_resources) { if (cm_.removeCluster(resource_name)) { any_applied = true; ENVOY_LOG(info, "cds: remove cluster '{}'", resource_name); } } if (any_applied) { system_version_info_ = system_version_info; } runInitializeCallbackIfAny(); if (!exception_msgs.empty()) { throw EnvoyException( fmt::format("Error adding/updating cluster(s) {}", absl::StrJoin(exception_msgs, ", "))); } } void CdsApiImpl::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad // config. runInitializeCallbackIfAny(); } void CdsApiImpl::runInitializeCallbackIfAny() { if (initialize_callback_) { initialize_callback_(); initialize_callback_ = nullptr; } } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cds_api_impl.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/cluster/v3/cluster.pb.validate.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" #include "envoy/local_info/local_info.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/config/subscription_base.h" namespace Envoy { namespace Upstream { /** * CDS API implementation that fetches via Subscription. */ class CdsApiImpl : public CdsApi, Envoy::Config::SubscriptionBase, Logger::Loggable { public: static CdsApiPtr create(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validation_visitor); // Upstream::CdsApi void initialize() override { subscription_->start({}); } void setInitializedCb(std::function callback) override { initialize_callback_ = callback; } const std::string versionInfo() const override { return system_version_info_; } private: // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; CdsApiImpl(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm, Stats::Scope& scope, ProtobufMessage::ValidationVisitor& validation_visitor); void runInitializeCallbackIfAny(); ClusterManager& cm_; Config::SubscriptionPtr subscription_; std::string system_version_info_; std::function initialize_callback_; Stats::ScopePtr scope_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_factory_impl.cc ================================================ #include "common/upstream/cluster_factory_impl.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "common/http/utility.h" #include "common/network/address_impl.h" #include "common/network/resolver_impl.h" #include "common/network/socket_option_factory.h" #include "common/upstream/health_checker_impl.h" #include "server/transport_socket_config_impl.h" namespace Envoy { namespace Upstream { namespace { Stats::ScopePtr generateStatsScope(const envoy::config::cluster::v3::Cluster& config, Stats::Store& stats) { return stats.createScope(fmt::format( "cluster.{}.", config.alt_stat_name().empty() ? config.name() : config.alt_stat_name())); } } // namespace std::pair ClusterFactoryImplBase::create( const envoy::config::cluster::v3::Cluster& cluster, ClusterManager& cluster_manager, Stats::Store& stats, ThreadLocal::Instance& tls, Network::DnsResolverSharedPtr dns_resolver, Ssl::ContextManager& ssl_context_manager, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, AccessLog::AccessLogManager& log_manager, const LocalInfo::LocalInfo& local_info, Server::Admin& admin, Singleton::Manager& singleton_manager, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) { std::string cluster_type; if (!cluster.has_cluster_type()) { switch (cluster.type()) { case envoy::config::cluster::v3::Cluster::STATIC: cluster_type = Extensions::Clusters::ClusterTypes::get().Static; break; case envoy::config::cluster::v3::Cluster::STRICT_DNS: cluster_type = Extensions::Clusters::ClusterTypes::get().StrictDns; break; case envoy::config::cluster::v3::Cluster::LOGICAL_DNS: cluster_type = Extensions::Clusters::ClusterTypes::get().LogicalDns; break; case envoy::config::cluster::v3::Cluster::ORIGINAL_DST: cluster_type = Extensions::Clusters::ClusterTypes::get().OriginalDst; break; case envoy::config::cluster::v3::Cluster::EDS: cluster_type = Extensions::Clusters::ClusterTypes::get().Eds; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } else { cluster_type = cluster.cluster_type().name(); } if (cluster.common_lb_config().has_consistent_hashing_lb_config() && cluster.common_lb_config().consistent_hashing_lb_config().use_hostname_for_hashing() && cluster.type() != envoy::config::cluster::v3::Cluster::STRICT_DNS) { throw EnvoyException(fmt::format( "Cannot use hostname for consistent hashing loadbalancing for cluster of type: '{}'", cluster_type)); } ClusterFactory* factory = Registry::FactoryRegistry::getFactory(cluster_type); if (factory == nullptr) { throw EnvoyException(fmt::format( "Didn't find a registered cluster factory implementation for name: '{}'", cluster_type)); } ClusterFactoryContextImpl context( cluster_manager, stats, tls, std::move(dns_resolver), ssl_context_manager, runtime, dispatcher, log_manager, local_info, admin, singleton_manager, std::move(outlier_event_logger), added_via_api, validation_visitor, api); return factory->create(cluster, context); } Network::DnsResolverSharedPtr ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context) { // We make this a shared pointer to deal with the distinct ownership // scenarios that can exist: in one case, we pass in the "default" // DNS resolver that is owned by the Server::Instance. In the case // where 'dns_resolvers' is specified, we have per-cluster DNS // resolvers that are created here but ownership resides with // StrictDnsClusterImpl/LogicalDnsCluster. if (!cluster.dns_resolvers().empty()) { const auto& resolver_addrs = cluster.dns_resolvers(); std::vector resolvers; resolvers.reserve(resolver_addrs.size()); for (const auto& resolver_addr : resolver_addrs) { resolvers.push_back(Network::Address::resolveProtoAddress(resolver_addr)); } const bool use_tcp_for_dns_lookups = cluster.use_tcp_for_dns_lookups(); return context.dispatcher().createDnsResolver(resolvers, use_tcp_for_dns_lookups); } return context.dnsResolver(); } std::pair ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context) { auto stats_scope = generateStatsScope(cluster, context.stats()); Server::Configuration::TransportSocketFactoryContextImpl factory_context( context.admin(), context.sslContextManager(), *stats_scope, context.clusterManager(), context.localInfo(), context.dispatcher(), context.stats(), context.singletonManager(), context.tls(), context.messageValidationVisitor(), context.api()); std::pair new_cluster_pair = createClusterImpl(cluster, context, factory_context, std::move(stats_scope)); if (!cluster.health_checks().empty()) { // TODO(htuch): Need to support multiple health checks in v2. if (cluster.health_checks().size() != 1) { throw EnvoyException("Multiple health checks not supported"); } else { new_cluster_pair.first->setHealthChecker(HealthCheckerFactory::create( cluster.health_checks()[0], *new_cluster_pair.first, context.runtime(), context.dispatcher(), context.logManager(), context.messageValidationVisitor(), context.api())); } } new_cluster_pair.first->setOutlierDetector(Outlier::DetectorImplFactory::createForCluster( *new_cluster_pair.first, cluster, context.dispatcher(), context.runtime(), context.outlierEventLogger())); return new_cluster_pair; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_factory_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/event/timer.h" #include "envoy/local_info/local_info.h" #include "envoy/network/dns.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_factory.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/health_checker.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" #include "common/common/callback_impl.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/config/metadata.h" #include "common/config/utility.h" #include "common/config/well_known_names.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "common/stats/isolated_store_impl.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/outlier_detection_impl.h" #include "common/upstream/resource_manager_impl.h" #include "common/upstream/upstream_impl.h" #include "extensions/clusters/well_known_names.h" namespace Envoy { namespace Upstream { class ClusterFactoryContextImpl : public ClusterFactoryContext { public: ClusterFactoryContextImpl(ClusterManager& cluster_manager, Stats::Store& stats, ThreadLocal::SlotAllocator& tls, Network::DnsResolverSharedPtr dns_resolver, Ssl::ContextManager& ssl_context_manager, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, AccessLog::AccessLogManager& log_manager, const LocalInfo::LocalInfo& local_info, Server::Admin& admin, Singleton::Manager& singleton_manager, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : cluster_manager_(cluster_manager), stats_(stats), tls_(tls), dns_resolver_(std::move(dns_resolver)), ssl_context_manager_(ssl_context_manager), runtime_(runtime), dispatcher_(dispatcher), log_manager_(log_manager), local_info_(local_info), admin_(admin), singleton_manager_(singleton_manager), outlier_event_logger_(std::move(outlier_event_logger)), added_via_api_(added_via_api), validation_visitor_(validation_visitor), api_(api) {} ClusterManager& clusterManager() override { return cluster_manager_; } Stats::Store& stats() override { return stats_; } ThreadLocal::SlotAllocator& tls() override { return tls_; } Network::DnsResolverSharedPtr dnsResolver() override { return dns_resolver_; } Ssl::ContextManager& sslContextManager() override { return ssl_context_manager_; } Runtime::Loader& runtime() override { return runtime_; } Event::Dispatcher& dispatcher() override { return dispatcher_; } AccessLog::AccessLogManager& logManager() override { return log_manager_; } const LocalInfo::LocalInfo& localInfo() override { return local_info_; } Server::Admin& admin() override { return admin_; } Singleton::Manager& singletonManager() override { return singleton_manager_; } Outlier::EventLoggerSharedPtr outlierEventLogger() override { return outlier_event_logger_; } bool addedViaApi() override { return added_via_api_; } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { return validation_visitor_; } Api::Api& api() override { return api_; } private: ClusterManager& cluster_manager_; Stats::Store& stats_; ThreadLocal::SlotAllocator& tls_; Network::DnsResolverSharedPtr dns_resolver_; Ssl::ContextManager& ssl_context_manager_; Runtime::Loader& runtime_; Event::Dispatcher& dispatcher_; AccessLog::AccessLogManager& log_manager_; const LocalInfo::LocalInfo& local_info_; Server::Admin& admin_; Singleton::Manager& singleton_manager_; Outlier::EventLoggerSharedPtr outlier_event_logger_; const bool added_via_api_; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; }; /** * Base class for all cluster factory implementation. This class can be directly extended if the * custom cluster does not have any custom configuration. For custom cluster with custom * configuration, use ConfigurableClusterFactoryBase instead. */ class ClusterFactoryImplBase : public ClusterFactory { public: /** * Static method to get the registered cluster factory and create an instance of cluster. */ static std::pair create(const envoy::config::cluster::v3::Cluster& cluster, ClusterManager& cluster_manager, Stats::Store& stats, ThreadLocal::Instance& tls, Network::DnsResolverSharedPtr dns_resolver, Ssl::ContextManager& ssl_context_manager, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, AccessLog::AccessLogManager& log_manager, const LocalInfo::LocalInfo& local_info, Server::Admin& admin, Singleton::Manager& singleton_manager, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); /** * Create a dns resolver to be used by the cluster. */ Network::DnsResolverSharedPtr selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context); // Upstream::ClusterFactory std::pair create(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context) override; std::string name() const override { return name_; } protected: ClusterFactoryImplBase(const std::string& name) : name_(name) {} private: /** * Create an instance of ClusterImplBase. */ virtual std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) PURE; const std::string name_; }; /** * Common base class for custom cluster factory with custom configuration. * @param ConfigProto is the configuration protobuf. */ template class ConfigurableClusterFactoryBase : public ClusterFactoryImplBase { public: /** * @return ProtobufTypes::MessagePtr create empty config proto message. */ virtual ProtobufTypes::MessagePtr createEmptyConfigProto() { return std::make_unique(); } protected: ConfigurableClusterFactoryBase(const std::string& name) : ClusterFactoryImplBase(name) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override { ProtobufTypes::MessagePtr config = createEmptyConfigProto(); Config::Utility::translateOpaqueConfig( cluster.cluster_type().typed_config(), ProtobufWkt::Struct::default_instance(), socket_factory_context.messageValidationVisitor(), *config); return createClusterWithConfig(cluster, MessageUtil::downcastAndValidate( *config, context.messageValidationVisitor()), context, socket_factory_context, std::move(stats_scope)); } virtual std::pair createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const ConfigProto& proto_config, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) PURE; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_manager_impl.cc ================================================ #include "common/upstream/cluster_manager_impl.h" #include #include #include #include #include #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/network/dns.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/new_grpc_mux_impl.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/grpc/async_client_manager_impl.h" #include "common/http/async_client_impl.h" #include "common/http/http1/conn_pool.h" #include "common/http/http2/conn_pool.h" #include "common/network/resolver_impl.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "common/router/shadow_writer_impl.h" #include "common/runtime/runtime_features.h" #include "common/tcp/conn_pool.h" #include "common/tcp/original_conn_pool.h" #include "common/upstream/cds_api_impl.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/maglev_lb.h" #include "common/upstream/original_dst_cluster.h" #include "common/upstream/priority_conn_pool_map_impl.h" #include "common/upstream/ring_hash_lb.h" #include "common/upstream/subset_lb.h" namespace Envoy { namespace Upstream { namespace { void addOptionsIfNotNull(Network::Socket::OptionsSharedPtr& options, const Network::Socket::OptionsSharedPtr& to_add) { if (to_add != nullptr) { Network::Socket::appendOptions(options, to_add); } } } // namespace void ClusterManagerInitHelper::addCluster(Cluster& cluster) { // See comments in ClusterManagerImpl::addOrUpdateCluster() for why this is only called during // server initialization. ASSERT(state_ != State::AllClustersInitialized); const auto initialize_cb = [&cluster, this] { onClusterInit(cluster); }; if (cluster.initializePhase() == Cluster::InitializePhase::Primary) { primary_init_clusters_.push_back(&cluster); cluster.initialize(initialize_cb); } else { ASSERT(cluster.initializePhase() == Cluster::InitializePhase::Secondary); secondary_init_clusters_.push_back(&cluster); if (started_secondary_initialize_) { // This can happen if we get a second CDS update that adds new clusters after we have // already started secondary init. In this case, just immediately initialize. cluster.initialize(initialize_cb); } } ENVOY_LOG(debug, "cm init: adding: cluster={} primary={} secondary={}", cluster.info()->name(), primary_init_clusters_.size(), secondary_init_clusters_.size()); } void ClusterManagerInitHelper::onClusterInit(Cluster& cluster) { ASSERT(state_ != State::AllClustersInitialized); per_cluster_init_callback_(cluster); removeCluster(cluster); } void ClusterManagerInitHelper::removeCluster(Cluster& cluster) { if (state_ == State::AllClustersInitialized) { return; } // There is a remote edge case where we can remove a cluster via CDS that has not yet been // initialized. When called via the remove cluster API this code catches that case. std::list* cluster_list; if (cluster.initializePhase() == Cluster::InitializePhase::Primary) { cluster_list = &primary_init_clusters_; } else { ASSERT(cluster.initializePhase() == Cluster::InitializePhase::Secondary); cluster_list = &secondary_init_clusters_; } // It is possible that the cluster we are removing has already been initialized, and is not // present in the initializer list. If so, this is fine. cluster_list->remove(&cluster); ENVOY_LOG(debug, "cm init: init complete: cluster={} primary={} secondary={}", cluster.info()->name(), primary_init_clusters_.size(), secondary_init_clusters_.size()); maybeFinishInitialize(); } void ClusterManagerInitHelper::initializeSecondaryClusters() { started_secondary_initialize_ = true; // Cluster::initialize() method can modify the list of secondary_init_clusters_ to remove // the item currently being initialized, so we eschew range-based-for and do this complicated // dance to increment the iterator before calling initialize. for (auto iter = secondary_init_clusters_.begin(); iter != secondary_init_clusters_.end();) { Cluster* cluster = *iter; ++iter; ENVOY_LOG(debug, "initializing secondary cluster {}", cluster->info()->name()); cluster->initialize([cluster, this] { onClusterInit(*cluster); }); } } void ClusterManagerInitHelper::maybeFinishInitialize() { // Do not do anything if we are still doing the initial static load or if we are waiting for // CDS initialize. ENVOY_LOG(debug, "maybe finish initialize state: {}", enumToInt(state_)); if (state_ == State::Loading || state_ == State::WaitingToStartCdsInitialization) { return; } ASSERT(state_ == State::WaitingToStartSecondaryInitialization || state_ == State::CdsInitialized || state_ == State::WaitingForPrimaryInitializationToComplete); ENVOY_LOG(debug, "maybe finish initialize primary init clusters empty: {}", primary_init_clusters_.empty()); // If we are still waiting for primary clusters to initialize, do nothing. if (!primary_init_clusters_.empty()) { return; } else if (state_ == State::WaitingForPrimaryInitializationToComplete) { state_ = State::WaitingToStartSecondaryInitialization; if (primary_clusters_initialized_callback_) { primary_clusters_initialized_callback_(); } return; } // If we are still waiting for secondary clusters to initialize, see if we need to first call // initialize on them. This is only done once. ENVOY_LOG(debug, "maybe finish initialize secondary init clusters empty: {}", secondary_init_clusters_.empty()); if (!secondary_init_clusters_.empty()) { if (!started_secondary_initialize_) { ENVOY_LOG(info, "cm init: initializing secondary clusters"); // If the first CDS response doesn't have any primary cluster, ClusterLoadAssignment // should be already paused by CdsApiImpl::onConfigUpdate(). Need to check that to // avoid double pause ClusterLoadAssignment. Config::ScopedResume maybe_resume_eds; if (cm_.adsMux()) { const auto type_urls = Config::getAllVersionTypeUrls(); maybe_resume_eds = cm_.adsMux()->pause(type_urls); } initializeSecondaryClusters(); } return; } // At this point, if we are doing static init, and we have CDS, start CDS init. Otherwise, move // directly to initialized. started_secondary_initialize_ = false; ENVOY_LOG(debug, "maybe finish initialize cds api ready: {}", cds_ != nullptr); if (state_ == State::WaitingToStartSecondaryInitialization && cds_) { ENVOY_LOG(info, "cm init: initializing cds"); state_ = State::WaitingToStartCdsInitialization; cds_->initialize(); } else { ENVOY_LOG(info, "cm init: all clusters initialized"); state_ = State::AllClustersInitialized; if (initialized_callback_) { initialized_callback_(); } } } void ClusterManagerInitHelper::onStaticLoadComplete() { ASSERT(state_ == State::Loading); // After initialization of primary clusters has completed, transition to // waiting for signal to initialize secondary clusters and then CDS. state_ = State::WaitingForPrimaryInitializationToComplete; maybeFinishInitialize(); } void ClusterManagerInitHelper::startInitializingSecondaryClusters() { ASSERT(state_ == State::WaitingToStartSecondaryInitialization); ENVOY_LOG(debug, "continue initializing secondary clusters"); maybeFinishInitialize(); } void ClusterManagerInitHelper::setCds(CdsApi* cds) { ASSERT(state_ == State::Loading); cds_ = cds; if (cds_) { cds_->setInitializedCb([this]() -> void { ASSERT(state_ == State::WaitingToStartCdsInitialization); state_ = State::CdsInitialized; maybeFinishInitialize(); }); } } void ClusterManagerInitHelper::setInitializedCb( ClusterManager::InitializationCompleteCallback callback) { if (state_ == State::AllClustersInitialized) { callback(); } else { initialized_callback_ = callback; } } void ClusterManagerInitHelper::setPrimaryClustersInitializedCb( ClusterManager::PrimaryClustersReadyCallback callback) { // The callback must be set before or at the `WaitingToStartSecondaryInitialization` state. ASSERT(state_ == State::WaitingToStartSecondaryInitialization || state_ == State::WaitingForPrimaryInitializationToComplete || state_ == State::Loading); if (state_ == State::WaitingToStartSecondaryInitialization) { // This is the case where all clusters are STATIC and without health checking. callback(); } else { primary_clusters_initialized_callback_ = callback; } } ClusterManagerImpl::ClusterManagerImpl( const envoy::config::bootstrap::v3::Bootstrap& bootstrap, ClusterManagerFactory& factory, Stats::Store& stats, ThreadLocal::Instance& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, AccessLog::AccessLogManager& log_manager, Event::Dispatcher& main_thread_dispatcher, Server::Admin& admin, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context) : factory_(factory), runtime_(runtime), stats_(stats), tls_(tls.allocateSlot()), random_(api.randomGenerator()), bind_config_(bootstrap.cluster_manager().upstream_bind_config()), local_info_(local_info), cm_stats_(generateStats(stats)), init_helper_(*this, [this](Cluster& cluster) { onClusterInit(cluster); }), config_tracker_entry_( admin.getConfigTracker().add("clusters", [this] { return dumpClusterConfigs(); })), time_source_(main_thread_dispatcher.timeSource()), dispatcher_(main_thread_dispatcher), http_context_(http_context), subscription_factory_(local_info, main_thread_dispatcher, *this, validation_context.dynamicValidationVisitor(), api, runtime_) { async_client_manager_ = std::make_unique( *this, tls, time_source_, api, grpc_context.statNames()); const auto& cm_config = bootstrap.cluster_manager(); if (cm_config.has_outlier_detection()) { const std::string event_log_file_path = cm_config.outlier_detection().event_log_path(); if (!event_log_file_path.empty()) { outlier_event_logger_ = std::make_shared( log_manager, event_log_file_path, time_source_); } } // We need to know whether we're zone aware early on, so make sure we do this lookup // before we load any clusters. if (!cm_config.local_cluster_name().empty()) { local_cluster_name_ = cm_config.local_cluster_name(); } const auto& dyn_resources = bootstrap.dynamic_resources(); // Cluster loading happens in two phases: first all the primary clusters are loaded, and then all // the secondary clusters are loaded. As it currently stands all non-EDS clusters and EDS which // load endpoint definition from file are primary and // (REST,GRPC,DELTA_GRPC) EDS clusters are secondary. This two phase // loading is done because in v2 configuration each EDS cluster individually sets up a // subscription. When this subscription is an API source the cluster will depend on a non-EDS // cluster, so the non-EDS clusters must be loaded first. auto is_primary_cluster = [](const envoy::config::cluster::v3::Cluster& cluster) -> bool { return cluster.type() != envoy::config::cluster::v3::Cluster::EDS || (cluster.type() == envoy::config::cluster::v3::Cluster::EDS && cluster.eds_cluster_config().eds_config().config_source_specifier_case() == envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kPath); }; // Build book-keeping for which clusters are primary. This is useful when we // invoke loadCluster() below and it needs the complete set of primaries. for (const auto& cluster : bootstrap.static_resources().clusters()) { if (is_primary_cluster(cluster)) { primary_clusters_.insert(cluster.name()); } } // Load all the primary clusters. for (const auto& cluster : bootstrap.static_resources().clusters()) { if (is_primary_cluster(cluster)) { loadCluster(cluster, "", false, active_clusters_); } } // Now setup ADS if needed, this might rely on a primary cluster. // This is the only point where distinction between delta ADS and state-of-the-world ADS is made. // After here, we just have a GrpcMux interface held in ads_mux_, which hides // whether the backing implementation is delta or SotW. if (dyn_resources.has_ads_config()) { if (dyn_resources.ads_config().api_type() == envoy::config::core::v3::ApiConfigSource::DELTA_GRPC) { ads_mux_ = std::make_shared( Config::Utility::factoryForGrpcApiConfigSource(*async_client_manager_, dyn_resources.ads_config(), stats, false) ->create(), main_thread_dispatcher, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( dyn_resources.ads_config().transport_api_version() == envoy::config::core::v3::ApiVersion::V3 // TODO(htuch): consolidate with type_to_endpoint.cc, once we sort out the future // direction of that module re: https://github.com/envoyproxy/envoy/issues/10650. ? "envoy.service.discovery.v3.AggregatedDiscoveryService.DeltaAggregatedResources" : "envoy.service.discovery.v2.AggregatedDiscoveryService." "DeltaAggregatedResources"), dyn_resources.ads_config().transport_api_version(), random_, stats_, Envoy::Config::Utility::parseRateLimitSettings(dyn_resources.ads_config()), local_info); } else { ads_mux_ = std::make_shared( local_info, Config::Utility::factoryForGrpcApiConfigSource(*async_client_manager_, dyn_resources.ads_config(), stats, false) ->create(), main_thread_dispatcher, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( dyn_resources.ads_config().transport_api_version() == envoy::config::core::v3::ApiVersion::V3 // TODO(htuch): consolidate with type_to_endpoint.cc, once we sort out the future // direction of that module re: https://github.com/envoyproxy/envoy/issues/10650. ? "envoy.service.discovery.v3.AggregatedDiscoveryService." "StreamAggregatedResources" : "envoy.service.discovery.v2.AggregatedDiscoveryService." "StreamAggregatedResources"), dyn_resources.ads_config().transport_api_version(), random_, stats_, Envoy::Config::Utility::parseRateLimitSettings(dyn_resources.ads_config()), bootstrap.dynamic_resources().ads_config().set_node_on_first_message_only()); } } else { ads_mux_ = std::make_unique(); } // After ADS is initialized, load EDS static clusters as EDS config may potentially need ADS. for (const auto& cluster : bootstrap.static_resources().clusters()) { // Now load all the secondary clusters. if (cluster.type() == envoy::config::cluster::v3::Cluster::EDS && cluster.eds_cluster_config().eds_config().config_source_specifier_case() != envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kPath) { loadCluster(cluster, "", false, active_clusters_); } } cm_stats_.cluster_added_.add(bootstrap.static_resources().clusters().size()); updateClusterCounts(); if (local_cluster_name_ && (active_clusters_.find(local_cluster_name_.value()) == active_clusters_.end())) { throw EnvoyException( fmt::format("local cluster '{}' must be defined", local_cluster_name_.value())); } // Once the initial set of static bootstrap clusters are created (including the local cluster), // we can instantiate the thread local cluster manager. tls_->set([this, local_cluster_name = local_cluster_name_]( Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(*this, dispatcher, local_cluster_name); }); // We can now potentially create the CDS API once the backing cluster exists. if (dyn_resources.has_cds_config()) { cds_api_ = factory_.createCds(dyn_resources.cds_config(), *this); init_helper_.setCds(cds_api_.get()); } else { init_helper_.setCds(nullptr); } // Proceed to add all static bootstrap clusters to the init manager. This will immediately // initialize any primary clusters. Post-init processing further initializes any thread // aware load balancer and sets up the per-worker host set updates. for (auto& cluster : active_clusters_) { init_helper_.addCluster(*cluster.second->cluster_); } // Potentially move to secondary initialization on the static bootstrap clusters if all primary // clusters have already initialized. (E.g., if all static). init_helper_.onStaticLoadComplete(); ads_mux_->start(); } void ClusterManagerImpl::initializeSecondaryClusters( const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { init_helper_.startInitializingSecondaryClusters(); const auto& cm_config = bootstrap.cluster_manager(); if (cm_config.has_load_stats_config()) { const auto& load_stats_config = cm_config.load_stats_config(); load_stats_reporter_ = std::make_unique( local_info_, *this, stats_, Config::Utility::factoryForGrpcApiConfigSource(*async_client_manager_, load_stats_config, stats_, false) ->create(), load_stats_config.transport_api_version(), dispatcher_); } } ClusterManagerStats ClusterManagerImpl::generateStats(Stats::Scope& scope) { const std::string final_prefix = "cluster_manager."; return {ALL_CLUSTER_MANAGER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; } void ClusterManagerImpl::onClusterInit(Cluster& cluster) { // This routine is called when a cluster has finished initializing. The cluster has not yet // been setup for cross-thread updates to avoid needless updates during initialization. The order // of operations here is important. We start by initializing the thread aware load balancer if // needed. This must happen first so cluster updates are heard first by the load balancer. auto cluster_data = active_clusters_.find(cluster.info()->name()); if (cluster_data->second->thread_aware_lb_ != nullptr) { cluster_data->second->thread_aware_lb_->initialize(); } // Now setup for cross-thread updates. cluster.prioritySet().addMemberUpdateCb( [&cluster, this](const HostVector&, const HostVector& hosts_removed) -> void { if (cluster.info()->lbConfig().close_connections_on_host_set_change()) { for (const auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { // This will drain all tcp and http connection pools. postThreadLocalDrainConnections(cluster, host_set->hosts()); } } else { // TODO(snowp): Should this be subject to merge windows? // Whenever hosts are removed from the cluster, we make each TLS cluster drain it's // connection pools for the removed hosts. If `close_connections_on_host_set_change` is // enabled, this case will be covered by first `if` statement, where all // connection pools are drained. if (!hosts_removed.empty()) { postThreadLocalDrainConnections(cluster, hosts_removed); } } }); cluster.prioritySet().addPriorityUpdateCb([&cluster, this](uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { // This fires when a cluster is about to have an updated member set. We need to send this // out to all of the thread local configurations. // Should we save this update and merge it with other updates? // // Note that we can only _safely_ merge updates that have no added/removed hosts. That is, // only those updates that signal a change in host healthcheck state, weight or metadata. // // We've discussed merging updates related to hosts being added/removed, but it's really // tricky to merge those given that downstream consumers of these updates expect to see the // full list of updates, not a condensed one. This is because they use the broadcasted // HostSharedPtrs within internal maps to track hosts. If we fail to broadcast the entire list // of removals, these maps will leak those HostSharedPtrs. // // See https://github.com/envoyproxy/envoy/pull/3941 for more context. bool scheduled = false; const auto merge_timeout = PROTOBUF_GET_MS_OR_DEFAULT(cluster.info()->lbConfig(), update_merge_window, 1000); // Remember: we only merge updates with no adds/removes — just hc/weight/metadata changes. const bool is_mergeable = hosts_added.empty() && hosts_removed.empty(); if (merge_timeout > 0) { // If this is not mergeable, we should cancel any scheduled updates since // we'll deliver it immediately. scheduled = scheduleUpdate(cluster, priority, is_mergeable, merge_timeout); } // If an update was not scheduled for later, deliver it immediately. if (!scheduled) { cm_stats_.cluster_updated_.inc(); postThreadLocalClusterUpdate(cluster, priority, hosts_added, hosts_removed); } }); // Finally, if the cluster has any hosts, post updates cross-thread so the per-thread load // balancers are ready. for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { if (host_set->hosts().empty()) { continue; } postThreadLocalClusterUpdate(cluster, host_set->priority(), host_set->hosts(), HostVector{}); } } bool ClusterManagerImpl::scheduleUpdate(const Cluster& cluster, uint32_t priority, bool mergeable, const uint64_t timeout) { // Find pending updates for this cluster. auto& updates_by_prio = updates_map_[cluster.info()->name()]; if (!updates_by_prio) { updates_by_prio = std::make_unique(); } // Find pending updates for this priority. auto& updates = (*updates_by_prio)[priority]; if (!updates) { updates = std::make_unique(); } // Has an update_merge_window gone by since the last update? If so, don't schedule // the update so it can be applied immediately. Ditto if this is not a mergeable update. const auto delta = time_source_.monotonicTime() - updates->last_updated_; const uint64_t delta_ms = std::chrono::duration_cast(delta).count(); const bool out_of_merge_window = delta_ms > timeout; if (out_of_merge_window || !mergeable) { // If there was a pending update, we cancel the pending merged update. // // Note: it's possible that even though we are outside of a merge window (delta_ms > timeout), // a timer is enabled. This race condition is fine, since we'll disable the timer here and // deliver the update immediately. // Why wasn't the update scheduled for later delivery? We keep some stats that are helpful // to understand why merging did not happen. There's 2 things we are tracking here: // 1) Was this update out of a merge window? if (mergeable && out_of_merge_window) { cm_stats_.update_out_of_merge_window_.inc(); } // 2) Were there previous updates that we are cancelling (and delivering immediately)? if (updates->disableTimer()) { cm_stats_.update_merge_cancelled_.inc(); } updates->last_updated_ = time_source_.monotonicTime(); return false; } // If there's no timer, create one. if (updates->timer_ == nullptr) { updates->timer_ = dispatcher_.createTimer([this, &cluster, priority, &updates]() -> void { applyUpdates(cluster, priority, *updates); }); } // Ensure there's a timer set to deliver these updates. if (!updates->timer_->enabled()) { updates->enableTimer(timeout); } return true; } void ClusterManagerImpl::applyUpdates(const Cluster& cluster, uint32_t priority, PendingUpdates& updates) { // Deliver pending updates. // Remember that these merged updates are _only_ for updates related to // HC/weight/metadata changes. That's why added/removed are empty. All // adds/removals were already immediately broadcasted. static const HostVector hosts_added; static const HostVector hosts_removed; postThreadLocalClusterUpdate(cluster, priority, hosts_added, hosts_removed); cm_stats_.cluster_updated_via_merge_.inc(); updates.last_updated_ = time_source_.monotonicTime(); } bool ClusterManagerImpl::addOrUpdateCluster(const envoy::config::cluster::v3::Cluster& cluster, const std::string& version_info) { // First we need to see if this new config is new or an update to an existing dynamic cluster. // We don't allow updates to statically configured clusters in the main configuration. We check // both the warming clusters and the active clusters to see if we need an update or the update // should be blocked. const std::string& cluster_name = cluster.name(); const auto existing_active_cluster = active_clusters_.find(cluster_name); const auto existing_warming_cluster = warming_clusters_.find(cluster_name); const uint64_t new_hash = MessageUtil::hash(cluster); if ((existing_active_cluster != active_clusters_.end() && existing_active_cluster->second->blockUpdate(new_hash)) || (existing_warming_cluster != warming_clusters_.end() && existing_warming_cluster->second->blockUpdate(new_hash))) { return false; } if (existing_active_cluster != active_clusters_.end() || existing_warming_cluster != warming_clusters_.end()) { if (existing_active_cluster != active_clusters_.end()) { // The following init manager remove call is a NOP in the case we are already initialized. // It's just kept here to avoid additional logic. init_helper_.removeCluster(*existing_active_cluster->second->cluster_); } else { // Validate that warming clusters are not added to the init_helper_. // NOTE: This loop is compiled out in optimized builds. for (const std::list& cluster_list : {std::cref(init_helper_.primary_init_clusters_), std::cref(init_helper_.secondary_init_clusters_)}) { ASSERT(!std::any_of(cluster_list.begin(), cluster_list.end(), [&existing_warming_cluster](Cluster* cluster) { return existing_warming_cluster->second->cluster_.get() == cluster; })); } } cm_stats_.cluster_modified_.inc(); } else { cm_stats_.cluster_added_.inc(); } // There are two discrete paths here depending on when we are adding/updating a cluster. // 1) During initial server load we use the init manager which handles complex logic related to // primary/secondary init, static/CDS init, warming all clusters, etc. // 2) After initial server load, we handle warming independently for each cluster in the warming // map. // Note: It's likely possible that all warming logic could be centralized in the init manager, but // a decision was made to split the logic given how complex the init manager already is. In // the future we may decide to undergo a refactor to unify the logic but the effort/risk to // do that right now does not seem worth it given that the logic is generally pretty clean // and easy to understand. const bool use_active_map = init_helper_.state() != ClusterManagerInitHelper::State::AllClustersInitialized; loadCluster(cluster, version_info, true, use_active_map ? active_clusters_ : warming_clusters_); if (use_active_map) { ENVOY_LOG(debug, "add/update cluster {} during init", cluster_name); auto& cluster_entry = active_clusters_.at(cluster_name); createOrUpdateThreadLocalCluster(*cluster_entry); init_helper_.addCluster(*cluster_entry->cluster_); } else { auto& cluster_entry = warming_clusters_.at(cluster_name); ENVOY_LOG(debug, "add/update cluster {} starting warming", cluster_name); cluster_entry->cluster_->initialize([this, cluster_name] { auto warming_it = warming_clusters_.find(cluster_name); auto& cluster_entry = *warming_it->second; // If the cluster is being updated, we need to cancel any pending merged updates. // Otherwise, applyUpdates() will fire with a dangling cluster reference. updates_map_.erase(cluster_name); active_clusters_[cluster_name] = std::move(warming_it->second); warming_clusters_.erase(warming_it); ENVOY_LOG(debug, "warming cluster {} complete", cluster_name); createOrUpdateThreadLocalCluster(cluster_entry); onClusterInit(*cluster_entry.cluster_); updateClusterCounts(); }); } updateClusterCounts(); return true; } void ClusterManagerImpl::createOrUpdateThreadLocalCluster(ClusterData& cluster) { tls_->runOnAllThreads([new_cluster = cluster.cluster_->info(), thread_aware_lb_factory = cluster.loadBalancerFactory()]( ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { ThreadLocalClusterManagerImpl& cluster_manager = object->asType(); if (cluster_manager.thread_local_clusters_.count(new_cluster->name()) > 0) { ENVOY_LOG(debug, "updating TLS cluster {}", new_cluster->name()); } else { ENVOY_LOG(debug, "adding TLS cluster {}", new_cluster->name()); } auto thread_local_cluster = new ThreadLocalClusterManagerImpl::ClusterEntry( cluster_manager, new_cluster, thread_aware_lb_factory); cluster_manager.thread_local_clusters_[new_cluster->name()].reset(thread_local_cluster); for (auto& cb : cluster_manager.update_callbacks_) { cb->onClusterAddOrUpdate(*thread_local_cluster); } return object; }); } bool ClusterManagerImpl::removeCluster(const std::string& cluster_name) { bool removed = false; auto existing_active_cluster = active_clusters_.find(cluster_name); if (existing_active_cluster != active_clusters_.end() && existing_active_cluster->second->added_via_api_) { removed = true; init_helper_.removeCluster(*existing_active_cluster->second->cluster_); active_clusters_.erase(existing_active_cluster); ENVOY_LOG(info, "removing cluster {}", cluster_name); tls_->runOnAllThreads([cluster_name](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { ThreadLocalClusterManagerImpl& cluster_manager = object->asType(); ASSERT(cluster_manager.thread_local_clusters_.count(cluster_name) == 1); ENVOY_LOG(debug, "removing TLS cluster {}", cluster_name); for (auto& cb : cluster_manager.update_callbacks_) { cb->onClusterRemoval(cluster_name); } cluster_manager.thread_local_clusters_.erase(cluster_name); return object; }); } auto existing_warming_cluster = warming_clusters_.find(cluster_name); if (existing_warming_cluster != warming_clusters_.end() && existing_warming_cluster->second->added_via_api_) { removed = true; warming_clusters_.erase(existing_warming_cluster); ENVOY_LOG(info, "removing warming cluster {}", cluster_name); } if (removed) { cm_stats_.cluster_removed_.inc(); updateClusterCounts(); // Cancel any pending merged updates. updates_map_.erase(cluster_name); } return removed; } void ClusterManagerImpl::loadCluster(const envoy::config::cluster::v3::Cluster& cluster, const std::string& version_info, bool added_via_api, ClusterMap& cluster_map) { std::pair new_cluster_pair = factory_.clusterFromProto(cluster, *this, outlier_event_logger_, added_via_api); auto& new_cluster = new_cluster_pair.first; Cluster& cluster_reference = *new_cluster; if (!added_via_api) { if (cluster_map.find(new_cluster->info()->name()) != cluster_map.end()) { throw EnvoyException( fmt::format("cluster manager: duplicate cluster '{}'", new_cluster->info()->name())); } } if (cluster_reference.info()->lbType() == LoadBalancerType::ClusterProvided && new_cluster_pair.second == nullptr) { throw EnvoyException(fmt::format("cluster manager: cluster provided LB specified but cluster " "'{}' did not provide one. Check cluster documentation.", new_cluster->info()->name())); } if (cluster_reference.info()->lbType() != LoadBalancerType::ClusterProvided && new_cluster_pair.second != nullptr) { throw EnvoyException( fmt::format("cluster manager: cluster provided LB not specified but cluster " "'{}' provided one. Check cluster documentation.", new_cluster->info()->name())); } if (new_cluster->healthChecker() != nullptr) { new_cluster->healthChecker()->addHostCheckCompleteCb( [this](HostSharedPtr host, HealthTransition changed_state) { if (changed_state == HealthTransition::Changed && host->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { postThreadLocalHealthFailure(host); } }); } if (new_cluster->outlierDetector() != nullptr) { new_cluster->outlierDetector()->addChangedStateCb([this](HostSharedPtr host) { if (host->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { postThreadLocalHealthFailure(host); } }); } cluster_map[cluster_reference.info()->name()] = std::make_unique( cluster, version_info, added_via_api, std::move(new_cluster), time_source_); const auto cluster_entry_it = cluster_map.find(cluster_reference.info()->name()); // If an LB is thread aware, create it here. The LB is not initialized until cluster pre-init // finishes. For RingHash/Maglev don't create the LB here if subset balancing is enabled, // because the thread_aware_lb_ field takes precedence over the subset lb). if (cluster_reference.info()->lbType() == LoadBalancerType::RingHash) { if (!cluster_reference.info()->lbSubsetInfo().isEnabled()) { cluster_entry_it->second->thread_aware_lb_ = std::make_unique( cluster_reference.prioritySet(), cluster_reference.info()->stats(), cluster_reference.info()->statsScope(), runtime_, random_, cluster_reference.info()->lbRingHashConfig(), cluster_reference.info()->lbConfig()); } } else if (cluster_reference.info()->lbType() == LoadBalancerType::Maglev) { if (!cluster_reference.info()->lbSubsetInfo().isEnabled()) { cluster_entry_it->second->thread_aware_lb_ = std::make_unique( cluster_reference.prioritySet(), cluster_reference.info()->stats(), cluster_reference.info()->statsScope(), runtime_, random_, cluster_reference.info()->lbMaglevConfig(), cluster_reference.info()->lbConfig()); } } else if (cluster_reference.info()->lbType() == LoadBalancerType::ClusterProvided) { cluster_entry_it->second->thread_aware_lb_ = std::move(new_cluster_pair.second); } updateClusterCounts(); } void ClusterManagerImpl::updateClusterCounts() { // This if/else block implements a control flow mechanism that can be used by an ADS // implementation to properly sequence CDS and RDS updates. It is not enforcing on ADS. ADS can // use it to detect when a previously sent cluster becomes warm before sending routes that depend // on it. This can improve incidence of HTTP 503 responses from Envoy when a route is used before // it's supporting cluster is ready. // // We achieve that by leaving CDS in the paused state as long as there is at least // one cluster in the warming state. This prevents CDS ACK from being sent to ADS. // Once cluster is warmed up, CDS is resumed, and ACK is sent to ADS, providing a // signal to ADS to proceed with RDS updates. // If we're in the middle of shutting down (ads_mux_ already gone) then this is irrelevant. if (ads_mux_) { const auto type_urls = Config::getAllVersionTypeUrls(); const uint64_t previous_warming = cm_stats_.warming_clusters_.value(); if (previous_warming == 0 && !warming_clusters_.empty()) { resume_cds_ = ads_mux_->pause(type_urls); } else if (previous_warming > 0 && warming_clusters_.empty()) { ASSERT(resume_cds_ != nullptr); resume_cds_.reset(); } } cm_stats_.active_clusters_.set(active_clusters_.size()); cm_stats_.warming_clusters_.set(warming_clusters_.size()); } ThreadLocalCluster* ClusterManagerImpl::get(absl::string_view cluster) { auto& cluster_manager = tls_->getTyped(); auto entry = cluster_manager.thread_local_clusters_.find(cluster); if (entry != cluster_manager.thread_local_clusters_.end()) { return entry->second.get(); } else { return nullptr; } } void ClusterManagerImpl::maybePrefetch( ThreadLocalClusterManagerImpl::ClusterEntryPtr& cluster_entry, std::function pick_prefetch_pool) { // TODO(alyssawilk) As currently implemented, this will always just prefetch // one connection ahead of actually needed connections. // // Instead we want to track the following metrics across the entire connection // pool and use the same algorithm we do for per-upstream prefetch: // ((pending_streams_ + num_active_streams_) * global_prefetch_ratio > // (connecting_stream_capacity_ + num_active_streams_))) // and allow multiple prefetches per pick. // Also cap prefetches such that // num_unused_prefetch < num hosts // since if we have more prefetches than hosts, we should consider kicking into // per-upstream prefetch. // // Once we do this, this should loop capped number of times while shouldPrefetch is true. if (cluster_entry->cluster_info_->peekaheadRatio() > 1.0) { ConnectionPool::Instance* prefetch_pool = pick_prefetch_pool(); if (prefetch_pool) { prefetch_pool->maybePrefetch(cluster_entry->cluster_info_->peekaheadRatio()); } } } Http::ConnectionPool::Instance* ClusterManagerImpl::httpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, absl::optional protocol, LoadBalancerContext* context) { ThreadLocalClusterManagerImpl& cluster_manager = tls_->getTyped(); auto entry = cluster_manager.thread_local_clusters_.find(cluster); if (entry == cluster_manager.thread_local_clusters_.end()) { return nullptr; } // Select a host and create a connection pool for it if it does not already exist. auto ret = entry->second->connPool(priority, protocol, context, false); // Now see if another host should be prefetched. // httpConnPoolForCluster is called immediately before a call for newStream. newStream doesn't // have the load balancer context needed to make selection decisions so prefetching must be // performed here in anticipation of the new stream. // TODO(alyssawilk) refactor to have one function call and return a pair, so this invariant is // code-enforced. maybePrefetch(entry->second, [&entry, &priority, &protocol, &context]() { return entry->second->connPool(priority, protocol, context, true); }); return ret; } Tcp::ConnectionPool::Instance* ClusterManagerImpl::tcpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, LoadBalancerContext* context) { ThreadLocalClusterManagerImpl& cluster_manager = tls_->getTyped(); auto entry = cluster_manager.thread_local_clusters_.find(cluster); if (entry == cluster_manager.thread_local_clusters_.end()) { return nullptr; } // Select a host and create a connection pool for it if it does not already exist. auto ret = entry->second->tcpConnPool(priority, context, false); // tcpConnPoolForCluster is called immediately before a call for newConnection. newConnection // doesn't have the load balancer context needed to make selection decisions so prefetching must // be performed here in anticipation of the new connection. // TODO(alyssawilk) refactor to have one function call and return a pair, so this invariant is // code-enforced. // Now see if another host should be prefetched. maybePrefetch(entry->second, [&entry, &priority, &context]() { return entry->second->tcpConnPool(priority, context, true); }); return ret; } void ClusterManagerImpl::postThreadLocalDrainConnections(const Cluster& cluster, const HostVector& hosts_removed) { tls_->runOnAllThreads( [name = cluster.info()->name(), hosts_removed](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().removeHosts(name, hosts_removed); return object; }); } void ClusterManagerImpl::postThreadLocalClusterUpdate(const Cluster& cluster, uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { const auto& host_set = cluster.prioritySet().hostSetsPerPriority()[priority]; tls_->runOnAllThreads([name = cluster.info()->name(), priority, update_params = HostSetImpl::updateHostsParams(*host_set), locality_weights = host_set->localityWeights(), hosts_added, hosts_removed, overprovisioning_factor = host_set->overprovisioningFactor()]( ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().updateClusterMembership( name, priority, update_params, locality_weights, hosts_added, hosts_removed, overprovisioning_factor); return object; }); } void ClusterManagerImpl::postThreadLocalHealthFailure(const HostSharedPtr& host) { tls_->runOnAllThreads([host](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().onHostHealthFailure(host); return object; }); } Host::CreateConnectionData ClusterManagerImpl::tcpConnForCluster(const std::string& cluster, LoadBalancerContext* context) { ThreadLocalClusterManagerImpl& cluster_manager = tls_->getTyped(); auto entry = cluster_manager.thread_local_clusters_.find(cluster); if (entry == cluster_manager.thread_local_clusters_.end()) { throw EnvoyException(fmt::format("unknown cluster '{}'", cluster)); } HostConstSharedPtr logical_host = entry->second->lb_->chooseHost(context); if (logical_host) { auto conn_info = logical_host->createConnection( cluster_manager.thread_local_dispatcher_, nullptr, context == nullptr ? nullptr : context->upstreamTransportSocketOptions()); if ((entry->second->cluster_info_->features() & ClusterInfo::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE) && conn_info.connection_ != nullptr) { auto& conn_map = cluster_manager.host_tcp_conn_map_[logical_host]; conn_map.emplace(conn_info.connection_.get(), std::make_unique( cluster_manager, logical_host, *conn_info.connection_)); } return conn_info; } else { entry->second->cluster_info_->stats().upstream_cx_none_healthy_.inc(); return {nullptr, nullptr}; } } Http::AsyncClient& ClusterManagerImpl::httpAsyncClientForCluster(const std::string& cluster) { ThreadLocalClusterManagerImpl& cluster_manager = tls_->getTyped(); auto entry = cluster_manager.thread_local_clusters_.find(cluster); if (entry != cluster_manager.thread_local_clusters_.end()) { return entry->second->http_async_client_; } else { throw EnvoyException(fmt::format("unknown cluster '{}'", cluster)); } } ClusterUpdateCallbacksHandlePtr ClusterManagerImpl::addThreadLocalClusterUpdateCallbacks(ClusterUpdateCallbacks& cb) { ThreadLocalClusterManagerImpl& cluster_manager = tls_->getTyped(); return std::make_unique(cb, cluster_manager.update_callbacks_); } ProtobufTypes::MessagePtr ClusterManagerImpl::dumpClusterConfigs() { auto config_dump = std::make_unique(); config_dump->set_version_info(cds_api_ != nullptr ? cds_api_->versionInfo() : ""); for (const auto& active_cluster_pair : active_clusters_) { const auto& cluster = *active_cluster_pair.second; if (!cluster.added_via_api_) { auto& static_cluster = *config_dump->mutable_static_clusters()->Add(); static_cluster.mutable_cluster()->PackFrom(API_RECOVER_ORIGINAL(cluster.cluster_config_)); TimestampUtil::systemClockToTimestamp(cluster.last_updated_, *(static_cluster.mutable_last_updated())); } else { auto& dynamic_cluster = *config_dump->mutable_dynamic_active_clusters()->Add(); dynamic_cluster.set_version_info(cluster.version_info_); dynamic_cluster.mutable_cluster()->PackFrom(API_RECOVER_ORIGINAL(cluster.cluster_config_)); TimestampUtil::systemClockToTimestamp(cluster.last_updated_, *(dynamic_cluster.mutable_last_updated())); } } for (const auto& warming_cluster_pair : warming_clusters_) { const auto& cluster = *warming_cluster_pair.second; auto& dynamic_cluster = *config_dump->mutable_dynamic_warming_clusters()->Add(); dynamic_cluster.set_version_info(cluster.version_info_); dynamic_cluster.mutable_cluster()->PackFrom(API_RECOVER_ORIGINAL(cluster.cluster_config_)); TimestampUtil::systemClockToTimestamp(cluster.last_updated_, *(dynamic_cluster.mutable_last_updated())); } return config_dump; } ClusterManagerImpl::ThreadLocalClusterManagerImpl::ThreadLocalClusterManagerImpl( ClusterManagerImpl& parent, Event::Dispatcher& dispatcher, const absl::optional& local_cluster_name) : parent_(parent), thread_local_dispatcher_(dispatcher) { // If local cluster is defined then we need to initialize it first. if (local_cluster_name) { ENVOY_LOG(debug, "adding TLS local cluster {}", local_cluster_name.value()); auto& local_cluster = parent.active_clusters_.at(local_cluster_name.value()); thread_local_clusters_[local_cluster_name.value()] = std::make_unique( *this, local_cluster->cluster_->info(), local_cluster->loadBalancerFactory()); } local_priority_set_ = local_cluster_name ? &thread_local_clusters_[local_cluster_name.value()]->priority_set_ : nullptr; for (auto& cluster : parent.active_clusters_) { // If local cluster name is set then we already initialized this cluster. if (local_cluster_name && local_cluster_name.value() == cluster.first) { continue; } ENVOY_LOG(debug, "adding TLS initial cluster {}", cluster.first); ASSERT(thread_local_clusters_.count(cluster.first) == 0); thread_local_clusters_[cluster.first] = std::make_unique( *this, cluster.second->cluster_->info(), cluster.second->loadBalancerFactory()); } } ClusterManagerImpl::ThreadLocalClusterManagerImpl::~ThreadLocalClusterManagerImpl() { // Clear out connection pools as well as the thread local cluster map so that we release all // cluster pointers. Currently we have to free all non-local clusters before we free // the local cluster. This is because non-local clusters with a zone aware load balancer have a // member update callback registered with the local cluster. ENVOY_LOG(debug, "shutting down thread local cluster manager"); destroying_ = true; host_http_conn_pool_map_.clear(); host_tcp_conn_pool_map_.clear(); ASSERT(host_tcp_conn_map_.empty()); for (auto& cluster : thread_local_clusters_) { if (&cluster.second->priority_set_ != local_priority_set_) { cluster.second.reset(); } } thread_local_clusters_.clear(); } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::drainConnPools(const HostVector& hosts) { for (const HostSharedPtr& host : hosts) { { auto container = getHttpConnPoolsContainer(host); if (container != nullptr) { drainConnPools(host, *container); } } { auto container = host_tcp_conn_pool_map_.find(host); if (container != host_tcp_conn_pool_map_.end()) { drainTcpConnPools(host, container->second); } } } } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::drainConnPools( HostSharedPtr old_host, ConnPoolsContainer& container) { container.drains_remaining_ += container.pools_->size(); // Make a copy to protect against erasure in the callback. std::shared_ptr pools = container.pools_; pools->addDrainedCallback([this, old_host]() -> void { if (destroying_) { // It is possible for a connection pool to fire drain callbacks during destruction. Instead // of checking if old_host actually exists in the map, it's clearer and cleaner to keep // track of destruction as a separate state and check for it here. This also allows us to // do this check here versus inside every different connection pool implementation. return; } ConnPoolsContainer* to_clear = getHttpConnPoolsContainer(old_host); if (to_clear == nullptr) { // This could happen if we have cleaned out the host before iterating through every connection // pool. Handle it by just continuing. return; } ASSERT(to_clear->drains_remaining_ > 0); to_clear->drains_remaining_--; if (to_clear->drains_remaining_ == 0 && to_clear->ready_to_drain_) { clearContainer(old_host, *to_clear); } }); // We need to hold off on actually emptying out the container until we have finished processing // `addDrainedCallback`. If we do not, then it's possible that the container could be erased in // the middle of its iteration, which leads to undefined behaviour. We handle that case by // checking here to see if the drains have completed. container.ready_to_drain_ = true; if (container.drains_remaining_ == 0) { clearContainer(old_host, container); } } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::clearContainer( HostSharedPtr old_host, ConnPoolsContainer& container) { container.pools_->clear(); host_http_conn_pool_map_.erase(old_host); } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::drainTcpConnPools( HostSharedPtr old_host, TcpConnPoolsContainer& container) { container.drains_remaining_ += container.pools_.size(); for (const auto& pair : container.pools_) { pair.second->addDrainedCallback([this, old_host]() -> void { if (destroying_) { // It is possible for a connection pool to fire drain callbacks during destruction. Instead // of checking if old_host actually exists in the map, it's clearer and cleaner to keep // track of destruction as a separate state and check for it here. This also allows us to // do this check here versus inside every different connection pool implementation. return; } TcpConnPoolsContainer& container = host_tcp_conn_pool_map_[old_host]; ASSERT(container.drains_remaining_ > 0); container.drains_remaining_--; if (container.drains_remaining_ == 0) { for (auto& pair : container.pools_) { thread_local_dispatcher_.deferredDelete(std::move(pair.second)); } host_tcp_conn_pool_map_.erase(old_host); } }); // The above addDrainedCallback() drain completion callback might execute immediately. This can // then effectively nuke 'container', which means we can't continue to loop on its contents // (we're done here). if (host_tcp_conn_pool_map_.count(old_host) == 0) { break; } } } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::removeTcpConn( const HostConstSharedPtr& host, Network::ClientConnection& connection) { auto host_tcp_conn_map_it = host_tcp_conn_map_.find(host); ASSERT(host_tcp_conn_map_it != host_tcp_conn_map_.end()); TcpConnectionsMap& connections_map = host_tcp_conn_map_it->second; auto it = connections_map.find(&connection); ASSERT(it != connections_map.end()); connection.dispatcher().deferredDelete(std::move(it->second)); connections_map.erase(it); if (connections_map.empty()) { host_tcp_conn_map_.erase(host_tcp_conn_map_it); } } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::removeHosts( const std::string& name, const HostVector& hosts_removed) { ASSERT(thread_local_clusters_.find(name) != thread_local_clusters_.end()); const auto& cluster_entry = thread_local_clusters_[name]; ENVOY_LOG(debug, "removing hosts for TLS cluster {} removed {}", name, hosts_removed.size()); // We need to go through and purge any connection pools for hosts that got deleted. // Even if two hosts actually point to the same address this will be safe, since if a // host is readded it will be a different physical HostSharedPtr. cluster_entry->parent_.drainConnPools(hosts_removed); } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::updateClusterMembership( const std::string& name, uint32_t priority, PrioritySet::UpdateHostsParams update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, uint64_t overprovisioning_factor) { ASSERT(thread_local_clusters_.find(name) != thread_local_clusters_.end()); const auto& cluster_entry = thread_local_clusters_[name]; ENVOY_LOG(debug, "membership update for TLS cluster {} added {} removed {}", name, hosts_added.size(), hosts_removed.size()); cluster_entry->priority_set_.updateHosts(priority, std::move(update_hosts_params), std::move(locality_weights), hosts_added, hosts_removed, overprovisioning_factor); // If an LB is thread aware, create a new worker local LB on membership changes. if (cluster_entry->lb_factory_ != nullptr) { ENVOY_LOG(debug, "re-creating local LB for TLS cluster {}", name); cluster_entry->lb_ = cluster_entry->lb_factory_->create(); } } void ClusterManagerImpl::ThreadLocalClusterManagerImpl::onHostHealthFailure( const HostSharedPtr& host) { // Drain all HTTP connection pool connections in the case of a host health failure. If outlier/ // health is due to ECMP flow hashing issues for example, a new set of connections might do // better. // TODO(mattklein123): This function is currently very specific, but in the future when we do // more granular host set changes, we should be able to capture single host changes and make them // more targeted. { const auto container = getHttpConnPoolsContainer(host); if (container != nullptr) { container->pools_->drainConnections(); } } { // Drain or close any TCP connection pool for the host. Draining a TCP pool doesn't lead to // connections being closed, it only prevents new connections through the pool. The // CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE can be used to make the pool close any // active connections. const auto& container = host_tcp_conn_pool_map_.find(host); if (container != host_tcp_conn_pool_map_.end()) { for (const auto& pair : container->second.pools_) { const Tcp::ConnectionPool::InstancePtr& pool = pair.second; if (host->cluster().features() & ClusterInfo::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE) { pool->closeConnections(); } else { pool->drainConnections(); } } } } if (host->cluster().features() & ClusterInfo::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE) { // Close non connection pool TCP connections obtained from tcpConnForCluster() // // TODO(jono): The only remaining user of the non-pooled connections seems to be the statsd // TCP client. Perhaps it could be rewritten to use a connection pool, and this code deleted. // // Each connection will remove itself from the TcpConnectionsMap when it closes, via its // Network::ConnectionCallbacks. The last removed tcp conn will remove the TcpConnectionsMap // from host_tcp_conn_map_, so do not cache it between iterations. // // TODO(ggreenway) PERF: If there are a large number of connections, this could take a long time // and halt other useful work. Consider breaking up this work. Note that this behavior is noted // in the configuration documentation in cluster setting // "close_connections_on_host_health_failure". Update the docs if this if this changes. while (true) { const auto& it = host_tcp_conn_map_.find(host); if (it == host_tcp_conn_map_.end()) { break; } TcpConnectionsMap& container = it->second; container.begin()->first->close(Network::ConnectionCloseType::NoFlush); } } } ClusterManagerImpl::ThreadLocalClusterManagerImpl::ConnPoolsContainer* ClusterManagerImpl::ThreadLocalClusterManagerImpl::getHttpConnPoolsContainer( const HostConstSharedPtr& host, bool allocate) { auto container_iter = host_http_conn_pool_map_.find(host); if (container_iter == host_http_conn_pool_map_.end()) { if (!allocate) { return nullptr; } ConnPoolsContainer container{thread_local_dispatcher_, host}; container_iter = host_http_conn_pool_map_.emplace(host, std::move(container)).first; } return &container_iter->second; } ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::ClusterEntry( ThreadLocalClusterManagerImpl& parent, ClusterInfoConstSharedPtr cluster, const LoadBalancerFactorySharedPtr& lb_factory) : parent_(parent), lb_factory_(lb_factory), cluster_info_(cluster), http_async_client_(cluster, parent.parent_.stats_, parent.thread_local_dispatcher_, parent.parent_.local_info_, parent.parent_, parent.parent_.runtime_, parent.parent_.random_, Router::ShadowWriterPtr{new Router::ShadowWriterImpl(parent.parent_)}, parent_.parent_.http_context_) { priority_set_.getOrCreateHostSet(0); // TODO(mattklein123): Consider converting other LBs over to thread local. All of them could // benefit given the healthy panic, locality, and priority calculations that take place. if (cluster->lbSubsetInfo().isEnabled()) { lb_ = std::make_unique( cluster->lbType(), priority_set_, parent_.local_priority_set_, cluster->stats(), cluster->statsScope(), parent.parent_.runtime_, parent.parent_.random_, cluster->lbSubsetInfo(), cluster->lbRingHashConfig(), cluster->lbMaglevConfig(), cluster->lbLeastRequestConfig(), cluster->lbConfig()); } else { switch (cluster->lbType()) { case LoadBalancerType::LeastRequest: { ASSERT(lb_factory_ == nullptr); lb_ = std::make_unique( priority_set_, parent_.local_priority_set_, cluster->stats(), parent.parent_.runtime_, parent.parent_.random_, cluster->lbConfig(), cluster->lbLeastRequestConfig()); break; } case LoadBalancerType::Random: { ASSERT(lb_factory_ == nullptr); lb_ = std::make_unique(priority_set_, parent_.local_priority_set_, cluster->stats(), parent.parent_.runtime_, parent.parent_.random_, cluster->lbConfig()); break; } case LoadBalancerType::RoundRobin: { ASSERT(lb_factory_ == nullptr); lb_ = std::make_unique(priority_set_, parent_.local_priority_set_, cluster->stats(), parent.parent_.runtime_, parent.parent_.random_, cluster->lbConfig()); break; } case LoadBalancerType::ClusterProvided: case LoadBalancerType::RingHash: case LoadBalancerType::Maglev: case LoadBalancerType::OriginalDst: { ASSERT(lb_factory_ != nullptr); lb_ = lb_factory_->create(); break; } } } } ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::~ClusterEntry() { // We need to drain all connection pools for the cluster being removed. Then we can remove the // cluster. // // TODO(mattklein123): Optimally, we would just fire member changed callbacks and remove all of // the hosts inside of the HostImpl destructor. That is a change with wide implications, so we are // going with a more targeted approach for now. for (auto& host_set : priority_set_.hostSetsPerPriority()) { parent_.drainConnPools(host_set->hosts()); } } Http::ConnectionPool::Instance* ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::connPool( ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context, bool peek) { HostConstSharedPtr host = (peek ? lb_->peekAnotherHost(context) : lb_->chooseHost(context)); if (!host) { ENVOY_LOG(debug, "no healthy host for HTTP connection pool"); cluster_info_->stats().upstream_cx_none_healthy_.inc(); return nullptr; } auto upstream_protocol = host->cluster().upstreamHttpProtocol(downstream_protocol); std::vector hash_key = {uint8_t(upstream_protocol)}; Network::Socket::OptionsSharedPtr upstream_options(std::make_shared()); if (context) { // Inherit socket options from downstream connection, if set. if (context->downstreamConnection()) { addOptionsIfNotNull(upstream_options, context->downstreamConnection()->socketOptions()); } addOptionsIfNotNull(upstream_options, context->upstreamSocketOptions()); } // Use the socket options for computing connection pool hash key, if any. // This allows socket options to control connection pooling so that connections with // different options are not pooled together. for (const auto& option : *upstream_options) { option->hashKey(hash_key); } bool have_transport_socket_options = false; if (context && context->upstreamTransportSocketOptions()) { context->upstreamTransportSocketOptions()->hashKey(hash_key); have_transport_socket_options = true; } // If configured, use the downstream connection id in pool hash key if (cluster_info_->connectionPoolPerDownstreamConnection() && context && context->downstreamConnection()) { context->downstreamConnection()->hashKey(hash_key); } ConnPoolsContainer& container = *parent_.getHttpConnPoolsContainer(host, true); // Note: to simplify this, we assume that the factory is only called in the scope of this // function. Otherwise, we'd need to capture a few of these variables by value. ConnPoolsContainer::ConnPools::PoolOptRef pool = container.pools_->getPool(priority, hash_key, [&]() { return parent_.parent_.factory_.allocateConnPool( parent_.thread_local_dispatcher_, host, priority, upstream_protocol, !upstream_options->empty() ? upstream_options : nullptr, have_transport_socket_options ? context->upstreamTransportSocketOptions() : nullptr); }); if (pool.has_value()) { return &(pool.value().get()); } else { return nullptr; } } Tcp::ConnectionPool::Instance* ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::tcpConnPool( ResourcePriority priority, LoadBalancerContext* context, bool peek) { HostConstSharedPtr host = (peek ? lb_->peekAnotherHost(context) : lb_->chooseHost(context)); if (!host) { ENVOY_LOG(debug, "no healthy host for TCP connection pool"); cluster_info_->stats().upstream_cx_none_healthy_.inc(); return nullptr; } // Inherit socket options from downstream connection, if set. std::vector hash_key = {uint8_t(priority)}; // Use downstream connection socket options for computing connection pool hash key, if any. // This allows socket options to control connection pooling so that connections with // different options are not pooled together. bool have_options = false; if (context != nullptr && context->downstreamConnection()) { const Network::ConnectionSocket::OptionsSharedPtr& options = context->downstreamConnection()->socketOptions(); if (options) { for (const auto& option : *options) { have_options = true; option->hashKey(hash_key); } } } bool have_transport_socket_options = false; if (context != nullptr && context->upstreamTransportSocketOptions() != nullptr) { have_transport_socket_options = true; context->upstreamTransportSocketOptions()->hashKey(hash_key); } TcpConnPoolsContainer& container = parent_.host_tcp_conn_pool_map_[host]; if (!container.pools_[hash_key]) { container.pools_[hash_key] = parent_.parent_.factory_.allocateTcpConnPool( parent_.thread_local_dispatcher_, host, priority, have_options ? context->downstreamConnection()->socketOptions() : nullptr, have_transport_socket_options ? context->upstreamTransportSocketOptions() : nullptr); } return container.pools_[hash_key].get(); } ClusterManagerPtr ProdClusterManagerFactory::clusterManagerFromProto( const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { return ClusterManagerPtr{new ClusterManagerImpl( bootstrap, *this, stats_, tls_, runtime_, local_info_, log_manager_, main_thread_dispatcher_, admin_, validation_context_, api_, http_context_, grpc_context_)}; } Http::ConnectionPool::InstancePtr ProdClusterManagerFactory::allocateConnPool( Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, Http::Protocol protocol, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) { if (protocol == Http::Protocol::Http2 && runtime_.snapshot().featureEnabled("upstream.use_http2", 100)) { return Http::Http2::allocateConnPool(dispatcher, api_.randomGenerator(), host, priority, options, transport_socket_options); } else if (protocol == Http::Protocol::Http3) { // Quic connection pool is not implemented. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } else { return Http::Http1::allocateConnPool(dispatcher, api_.randomGenerator(), host, priority, options, transport_socket_options); } } Tcp::ConnectionPool::InstancePtr ProdClusterManagerFactory::allocateTcpConnPool( Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) { if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.new_tcp_connection_pool")) { return std::make_unique(dispatcher, host, priority, options, transport_socket_options); } else { return Tcp::ConnectionPool::InstancePtr{new Tcp::OriginalConnPoolImpl( dispatcher, host, priority, options, transport_socket_options)}; } } std::pair ProdClusterManagerFactory::clusterFromProto( const envoy::config::cluster::v3::Cluster& cluster, ClusterManager& cm, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api) { return ClusterFactoryImplBase::create( cluster, cm, stats_, tls_, dns_resolver_, ssl_context_manager_, runtime_, main_thread_dispatcher_, log_manager_, local_info_, admin_, singleton_manager_, outlier_event_logger, added_via_api, added_via_api ? validation_context_.dynamicValidationVisitor() : validation_context_.staticValidationVisitor(), api_); } CdsApiPtr ProdClusterManagerFactory::createCds(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm) { // TODO(htuch): Differentiate static vs. dynamic validation visitors. return CdsApiImpl::create(cds_config, cm, stats_, validation_context_.dynamicValidationVisitor()); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_manager_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/http/codes.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/cleanup.h" #include "common/config/grpc_mux_impl.h" #include "common/config/subscription_factory_impl.h" #include "common/http/async_client_impl.h" #include "common/upstream/load_stats_reporter.h" #include "common/upstream/priority_conn_pool_map.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * Production implementation of ClusterManagerFactory. */ class ProdClusterManagerFactory : public ClusterManagerFactory { public: ProdClusterManagerFactory(Server::Admin& admin, Runtime::Loader& runtime, Stats::Store& stats, ThreadLocal::Instance& tls, Network::DnsResolverSharedPtr dns_resolver, Ssl::ContextManager& ssl_context_manager, Event::Dispatcher& main_thread_dispatcher, const LocalInfo::LocalInfo& local_info, Secret::SecretManager& secret_manager, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context, AccessLog::AccessLogManager& log_manager, Singleton::Manager& singleton_manager) : main_thread_dispatcher_(main_thread_dispatcher), validation_context_(validation_context), api_(api), http_context_(http_context), grpc_context_(grpc_context), admin_(admin), runtime_(runtime), stats_(stats), tls_(tls), dns_resolver_(dns_resolver), ssl_context_manager_(ssl_context_manager), local_info_(local_info), secret_manager_(secret_manager), log_manager_(log_manager), singleton_manager_(singleton_manager) {} // Upstream::ClusterManagerFactory ClusterManagerPtr clusterManagerFromProto(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) override; Http::ConnectionPool::InstancePtr allocateConnPool( Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, Http::Protocol protocol, const Network::ConnectionSocket::OptionsSharedPtr& options, const Network::TransportSocketOptionsSharedPtr& transport_socket_options) override; Tcp::ConnectionPool::InstancePtr allocateTcpConnPool(Event::Dispatcher& dispatcher, HostConstSharedPtr host, ResourcePriority priority, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) override; std::pair clusterFromProto(const envoy::config::cluster::v3::Cluster& cluster, ClusterManager& cm, Outlier::EventLoggerSharedPtr outlier_event_logger, bool added_via_api) override; CdsApiPtr createCds(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm) override; Secret::SecretManager& secretManager() override { return secret_manager_; } protected: Event::Dispatcher& main_thread_dispatcher_; ProtobufMessage::ValidationContext& validation_context_; Api::Api& api_; Http::Context& http_context_; Grpc::Context& grpc_context_; Server::Admin& admin_; Runtime::Loader& runtime_; Stats::Store& stats_; ThreadLocal::Instance& tls_; Network::DnsResolverSharedPtr dns_resolver_; Ssl::ContextManager& ssl_context_manager_; const LocalInfo::LocalInfo& local_info_; Secret::SecretManager& secret_manager_; AccessLog::AccessLogManager& log_manager_; Singleton::Manager& singleton_manager_; }; // For friend declaration in ClusterManagerInitHelper. class ClusterManagerImpl; /** * This is a helper class used during cluster management initialization. Dealing with primary * clusters, secondary clusters, and CDS, is quite complicated, so this makes it easier to test. */ class ClusterManagerInitHelper : Logger::Loggable { public: /** * @param per_cluster_init_callback supplies the callback to call when a cluster has itself * initialized. The cluster manager can use this for post-init processing. */ ClusterManagerInitHelper(ClusterManager& cm, const std::function& per_cluster_init_callback) : cm_(cm), per_cluster_init_callback_(per_cluster_init_callback) {} enum class State { // Initial state. During this state all static clusters are loaded. Any primary clusters // immediately begin initialization. Loading, // In this state cluster manager waits for all primary clusters to finish initialization. // This state may immediately transition to the next state iff all clusters are STATIC and // without health checks enabled or health checks have failed immediately, since their // initialization completes immediately. WaitingForPrimaryInitializationToComplete, // During this state cluster manager waits to start initializing secondary clusters. In this // state all primary clusters have completed initialization. Initialization of the // secondary clusters is started by the `initializeSecondaryClusters` method. WaitingToStartSecondaryInitialization, // In this state cluster manager waits for all secondary clusters (if configured) to finish // initialization. Then, if CDS is configured, this state tracks waiting for the first CDS // response to populate dynamically configured clusters. WaitingToStartCdsInitialization, // During this state, all CDS populated clusters are undergoing either phase 1 or phase 2 // initialization. CdsInitialized, // All clusters are fully initialized. AllClustersInitialized }; void addCluster(Cluster& cluster); void onStaticLoadComplete(); void removeCluster(Cluster& cluster); void setCds(CdsApi* cds); void setPrimaryClustersInitializedCb(ClusterManager::PrimaryClustersReadyCallback callback); void setInitializedCb(ClusterManager::InitializationCompleteCallback callback); State state() const { return state_; } void startInitializingSecondaryClusters(); private: // To enable invariant assertions on the cluster lists. friend ClusterManagerImpl; void initializeSecondaryClusters(); void maybeFinishInitialize(); void onClusterInit(Cluster& cluster); ClusterManager& cm_; std::function per_cluster_init_callback_; CdsApi* cds_{}; ClusterManager::PrimaryClustersReadyCallback primary_clusters_initialized_callback_; ClusterManager::InitializationCompleteCallback initialized_callback_; std::list primary_init_clusters_; std::list secondary_init_clusters_; State state_{State::Loading}; bool started_secondary_initialize_{}; }; /** * All cluster manager stats. @see stats_macros.h */ #define ALL_CLUSTER_MANAGER_STATS(COUNTER, GAUGE) \ COUNTER(cluster_added) \ COUNTER(cluster_modified) \ COUNTER(cluster_removed) \ COUNTER(cluster_updated) \ COUNTER(cluster_updated_via_merge) \ COUNTER(update_merge_cancelled) \ COUNTER(update_out_of_merge_window) \ GAUGE(active_clusters, NeverImport) \ GAUGE(warming_clusters, NeverImport) /** * Struct definition for all cluster manager stats. @see stats_macros.h */ struct ClusterManagerStats { ALL_CLUSTER_MANAGER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Implementation of ClusterManager that reads from a proto configuration, maintains a central * cluster list, as well as thread local caches of each cluster and associated connection pools. */ class ClusterManagerImpl : public ClusterManager, Logger::Loggable { public: ClusterManagerImpl(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, ClusterManagerFactory& factory, Stats::Store& stats, ThreadLocal::Instance& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, AccessLog::AccessLogManager& log_manager, Event::Dispatcher& main_thread_dispatcher, Server::Admin& admin, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context); std::size_t warmingClusterCount() const { return warming_clusters_.size(); } // Upstream::ClusterManager bool addOrUpdateCluster(const envoy::config::cluster::v3::Cluster& cluster, const std::string& version_info) override; void setPrimaryClustersInitializedCb(PrimaryClustersReadyCallback callback) override { init_helper_.setPrimaryClustersInitializedCb(callback); } void setInitializedCb(InitializationCompleteCallback callback) override { init_helper_.setInitializedCb(callback); } ClusterInfoMap clusters() override { // TODO(mattklein123): Add ability to see warming clusters in admin output. ClusterInfoMap clusters_map; for (auto& cluster : active_clusters_) { clusters_map.emplace(cluster.first, *cluster.second->cluster_); } return clusters_map; } const ClusterSet& primaryClusters() override { return primary_clusters_; } ThreadLocalCluster* get(absl::string_view cluster) override; using ClusterManager::httpConnPoolForCluster; Http::ConnectionPool::Instance* httpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context) override; Tcp::ConnectionPool::Instance* tcpConnPoolForCluster(const std::string& cluster, ResourcePriority priority, LoadBalancerContext* context) override; Host::CreateConnectionData tcpConnForCluster(const std::string& cluster, LoadBalancerContext* context) override; Http::AsyncClient& httpAsyncClientForCluster(const std::string& cluster) override; bool removeCluster(const std::string& cluster) override; void shutdown() override { if (resume_cds_ != nullptr) { resume_cds_->cancel(); } // Make sure we destroy all potential outgoing connections before this returns. cds_api_.reset(); ads_mux_.reset(); active_clusters_.clear(); warming_clusters_.clear(); updateClusterCounts(); } const envoy::config::core::v3::BindConfig& bindConfig() const override { return bind_config_; } Config::GrpcMuxSharedPtr adsMux() override { return ads_mux_; } Grpc::AsyncClientManager& grpcAsyncClientManager() override { return *async_client_manager_; } const absl::optional& localClusterName() const override { return local_cluster_name_; } ClusterUpdateCallbacksHandlePtr addThreadLocalClusterUpdateCallbacks(ClusterUpdateCallbacks&) override; ClusterManagerFactory& clusterManagerFactory() override { return factory_; } Config::SubscriptionFactory& subscriptionFactory() override { return subscription_factory_; } void initializeSecondaryClusters(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) override; protected: virtual void postThreadLocalDrainConnections(const Cluster& cluster, const HostVector& hosts_removed); virtual void postThreadLocalClusterUpdate(const Cluster& cluster, uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed); private: /** * Thread local cached cluster data. Each thread local cluster gets updates from the parent * central dynamic cluster (if applicable). It maintains load balancer state and any created * connection pools. */ struct ThreadLocalClusterManagerImpl : public ThreadLocal::ThreadLocalObject { struct ConnPoolsContainer { ConnPoolsContainer(Event::Dispatcher& dispatcher, const HostConstSharedPtr& host) : pools_{std::make_shared(dispatcher, host)} {} using ConnPools = PriorityConnPoolMap, Http::ConnectionPool::Instance>; // This is a shared_ptr so we can keep it alive while cleaning up. std::shared_ptr pools_; bool ready_to_drain_{false}; uint64_t drains_remaining_{}; }; struct TcpConnPoolsContainer { using ConnPools = std::map, Tcp::ConnectionPool::InstancePtr>; ConnPools pools_; uint64_t drains_remaining_{}; }; // Holds an unowned reference to a connection, and watches for Closed events. If the connection // is closed, this container removes itself from the container that owns it. struct TcpConnContainer : public Network::ConnectionCallbacks, public Event::DeferredDeletable { public: TcpConnContainer(ThreadLocalClusterManagerImpl& parent, const HostConstSharedPtr& host, Network::ClientConnection& connection) : parent_(parent), host_(host), connection_(connection) { connection_.addConnectionCallbacks(*this); } // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { if (event == Network::ConnectionEvent::LocalClose || event == Network::ConnectionEvent::RemoteClose) { parent_.removeTcpConn(host_, connection_); } } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} ThreadLocalClusterManagerImpl& parent_; HostConstSharedPtr host_; Network::ClientConnection& connection_; }; using TcpConnectionsMap = absl::node_hash_map>; struct ClusterEntry : public ThreadLocalCluster { ClusterEntry(ThreadLocalClusterManagerImpl& parent, ClusterInfoConstSharedPtr cluster, const LoadBalancerFactorySharedPtr& lb_factory); ~ClusterEntry() override; Http::ConnectionPool::Instance* connPool(ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context, bool peek); Tcp::ConnectionPool::Instance* tcpConnPool(ResourcePriority priority, LoadBalancerContext* context, bool peek); // Upstream::ThreadLocalCluster const PrioritySet& prioritySet() override { return priority_set_; } ClusterInfoConstSharedPtr info() override { return cluster_info_; } LoadBalancer& loadBalancer() override { return *lb_; } ThreadLocalClusterManagerImpl& parent_; PrioritySetImpl priority_set_; // LB factory if applicable. Not all load balancer types have a factory. LB types that have // a factory will create a new LB on every membership update. LB types that don't have a // factory will create an LB on construction and use it forever. LoadBalancerFactorySharedPtr lb_factory_; // Current active LB. LoadBalancerPtr lb_; ClusterInfoConstSharedPtr cluster_info_; Http::AsyncClientImpl http_async_client_; }; using ClusterEntryPtr = std::unique_ptr; ThreadLocalClusterManagerImpl(ClusterManagerImpl& parent, Event::Dispatcher& dispatcher, const absl::optional& local_cluster_name); ~ThreadLocalClusterManagerImpl() override; void drainConnPools(const HostVector& hosts); void drainConnPools(HostSharedPtr old_host, ConnPoolsContainer& container); void clearContainer(HostSharedPtr old_host, ConnPoolsContainer& container); void drainTcpConnPools(HostSharedPtr old_host, TcpConnPoolsContainer& container); void removeTcpConn(const HostConstSharedPtr& host, Network::ClientConnection& connection); void removeHosts(const std::string& name, const HostVector& hosts_removed); void updateClusterMembership(const std::string& name, uint32_t priority, PrioritySet::UpdateHostsParams update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, uint64_t overprovisioning_factor); void onHostHealthFailure(const HostSharedPtr& host); ConnPoolsContainer* getHttpConnPoolsContainer(const HostConstSharedPtr& host, bool allocate = false); ClusterManagerImpl& parent_; Event::Dispatcher& thread_local_dispatcher_; absl::flat_hash_map thread_local_clusters_; // These maps are owned by the ThreadLocalClusterManagerImpl instead of the ClusterEntry // to prevent lifetime/ownership issues when a cluster is dynamically removed. absl::node_hash_map host_http_conn_pool_map_; absl::node_hash_map host_tcp_conn_pool_map_; absl::node_hash_map host_tcp_conn_map_; std::list update_callbacks_; const PrioritySet* local_priority_set_{}; bool destroying_{}; }; struct ClusterData { ClusterData(const envoy::config::cluster::v3::Cluster& cluster_config, const std::string& version_info, bool added_via_api, ClusterSharedPtr&& cluster, TimeSource& time_source) : cluster_config_(cluster_config), config_hash_(MessageUtil::hash(cluster_config)), version_info_(version_info), added_via_api_(added_via_api), cluster_(std::move(cluster)), last_updated_(time_source.systemTime()) {} bool blockUpdate(uint64_t hash) { return !added_via_api_ || config_hash_ == hash; } LoadBalancerFactorySharedPtr loadBalancerFactory() { if (thread_aware_lb_ != nullptr) { return thread_aware_lb_->factory(); } else { return nullptr; } } const envoy::config::cluster::v3::Cluster cluster_config_; const uint64_t config_hash_; const std::string version_info_; const bool added_via_api_; ClusterSharedPtr cluster_; // Optional thread aware LB depending on the LB type. Not all clusters have one. ThreadAwareLoadBalancerPtr thread_aware_lb_; SystemTime last_updated_; }; struct ClusterUpdateCallbacksHandleImpl : public ClusterUpdateCallbacksHandle, RaiiListElement { ClusterUpdateCallbacksHandleImpl(ClusterUpdateCallbacks& cb, std::list& parent) : RaiiListElement(parent, &cb) {} }; using ClusterDataPtr = std::unique_ptr; // This map is ordered so that config dumping is consistent. using ClusterMap = std::map; struct PendingUpdates { ~PendingUpdates() { disableTimer(); } void enableTimer(const uint64_t timeout) { if (timer_ != nullptr) { ASSERT(!timer_->enabled()); timer_->enableTimer(std::chrono::milliseconds(timeout)); } } bool disableTimer() { if (timer_ == nullptr) { return false; } const bool was_enabled = timer_->enabled(); timer_->disableTimer(); return was_enabled; } Event::TimerPtr timer_; // This is default constructed to the clock's epoch: // https://en.cppreference.com/w/cpp/chrono/time_point/time_point // // Depending on your execution environment this value can be different. // When running as host process: This will usually be the computer's boot time, which means that // given a not very large `Cluster.CommonLbConfig.update_merge_window`, the first update will // trigger immediately (the expected behavior). When running in some sandboxed environment this // value can be set to the start time of the sandbox, which means that the delta calculated // between now and the start time may fall within the // `Cluster.CommonLbConfig.update_merge_window`, with the side effect to delay the first update. MonotonicTime last_updated_; }; using PendingUpdatesPtr = std::unique_ptr; using PendingUpdatesByPriorityMap = absl::node_hash_map; using PendingUpdatesByPriorityMapPtr = std::unique_ptr; using ClusterUpdatesMap = absl::node_hash_map; void applyUpdates(const Cluster& cluster, uint32_t priority, PendingUpdates& updates); bool scheduleUpdate(const Cluster& cluster, uint32_t priority, bool mergeable, const uint64_t timeout); void createOrUpdateThreadLocalCluster(ClusterData& cluster); ProtobufTypes::MessagePtr dumpClusterConfigs(); static ClusterManagerStats generateStats(Stats::Scope& scope); void loadCluster(const envoy::config::cluster::v3::Cluster& cluster, const std::string& version_info, bool added_via_api, ClusterMap& cluster_map); void onClusterInit(Cluster& cluster); void postThreadLocalHealthFailure(const HostSharedPtr& host); void updateClusterCounts(); void maybePrefetch(ThreadLocalClusterManagerImpl::ClusterEntryPtr& cluster_entry, std::function prefetch_pool); ClusterManagerFactory& factory_; Runtime::Loader& runtime_; Stats::Store& stats_; ThreadLocal::SlotPtr tls_; Random::RandomGenerator& random_; protected: ClusterMap active_clusters_; private: ClusterMap warming_clusters_; envoy::config::core::v3::BindConfig bind_config_; Outlier::EventLoggerSharedPtr outlier_event_logger_; const LocalInfo::LocalInfo& local_info_; CdsApiPtr cds_api_; ClusterManagerStats cm_stats_; ClusterManagerInitHelper init_helper_; Config::GrpcMuxSharedPtr ads_mux_; // Temporarily saved resume cds callback from updateClusterCounts invocation. Config::ScopedResume resume_cds_; LoadStatsReporterPtr load_stats_reporter_; // The name of the local cluster of this Envoy instance if defined. absl::optional local_cluster_name_; Grpc::AsyncClientManagerPtr async_client_manager_; Server::ConfigTracker::EntryOwnerPtr config_tracker_entry_; TimeSource& time_source_; ClusterUpdatesMap updates_map_; Event::Dispatcher& dispatcher_; Http::Context& http_context_; Config::SubscriptionFactoryImpl subscription_factory_; ClusterSet primary_clusters_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_update_tracker.cc ================================================ #include "common/upstream/cluster_update_tracker.h" namespace Envoy { namespace Upstream { ClusterUpdateTracker::ClusterUpdateTracker(ClusterManager& cm, const std::string& cluster_name) : cluster_name_(cluster_name), cluster_update_callbacks_handle_(cm.addThreadLocalClusterUpdateCallbacks(*this)) { Upstream::ThreadLocalCluster* cluster = cm.get(cluster_name_); cluster_info_ = cluster ? cluster->info() : nullptr; } void ClusterUpdateTracker::onClusterAddOrUpdate(ThreadLocalCluster& cluster) { if (cluster.info()->name() != cluster_name_) { return; } cluster_info_ = cluster.info(); } void ClusterUpdateTracker::onClusterRemoval(const std::string& cluster) { if (cluster != cluster_name_) { return; } cluster_info_.reset(); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/cluster_update_tracker.h ================================================ #pragma once #include "envoy/upstream/cluster_manager.h" namespace Envoy { namespace Upstream { /** * Keeps track of cluster updates in order to spot addition and removal. * * Use this class as a performance optimization to avoid going through ClusterManager::get() * on the hot path. */ class ClusterUpdateTracker : public ClusterUpdateCallbacks { public: ClusterUpdateTracker(ClusterManager& cm, const std::string& cluster_name); bool exists() { return cluster_info_ != nullptr; } ClusterInfoConstSharedPtr info() { return cluster_info_; } // ClusterUpdateCallbacks void onClusterAddOrUpdate(ThreadLocalCluster& cluster) override; void onClusterRemoval(const std::string& cluster) override; private: const std::string cluster_name_; const ClusterUpdateCallbacksHandlePtr cluster_update_callbacks_handle_; ClusterInfoConstSharedPtr cluster_info_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/conn_pool_map.h ================================================ #pragma once #include #include #include "envoy/event/dispatcher.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/debug_recursion_checker.h" #include "absl/container/flat_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { /** * A class mapping keys to connection pools, with some recycling logic built in. */ template class ConnPoolMap { public: using PoolFactory = std::function()>; using DrainedCb = std::function; using PoolOptRef = absl::optional>; ConnPoolMap(Event::Dispatcher& dispatcher, const HostConstSharedPtr& host, ResourcePriority priority); ~ConnPoolMap(); /** * Returns an existing pool for `key`, or creates a new one using `factory`. Note that it is * possible for this to fail if a limit on the number of pools allowed is reached. * @return The pool corresponding to `key`, or `absl::nullopt`. */ PoolOptRef getPool(KEY_TYPE key, const PoolFactory& factory); /** * @return the number of pools. */ size_t size() const; /** * Destroys all mapped pools. */ void clear(); /** * Adds a drain callback to all mapped pools. Any future mapped pools with have the callback * automatically added. Be careful with the callback. If it itself calls into `this`, modifying * the state of `this`, there is a good chance it will cause corruption due to the callback firing * immediately. */ void addDrainedCallback(const DrainedCb& cb); /** * Instructs each connection pool to drain its connections. */ void drainConnections(); private: /** * Frees the first idle pool in `active_pools_`. * @return false if no pool was freed. */ bool freeOnePool(); /** * Cleans up the active_pools_ map and updates resource tracking **/ void clearActivePools(); absl::flat_hash_map> active_pools_; Event::Dispatcher& thread_local_dispatcher_; std::vector cached_callbacks_; Common::DebugRecursionChecker recursion_checker_; const HostConstSharedPtr host_; const ResourcePriority priority_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/conn_pool_map_impl.h ================================================ #pragma once #include "common/upstream/conn_pool_map.h" namespace Envoy { namespace Upstream { template ConnPoolMap::ConnPoolMap(Envoy::Event::Dispatcher& dispatcher, const HostConstSharedPtr& host, ResourcePriority priority) : thread_local_dispatcher_(dispatcher), host_(host), priority_(priority) {} template ConnPoolMap::~ConnPoolMap() { // Clean up the pools to ensure resource tracking is kept up to date. Note that we do not call // `clear()` here to avoid doing a deferred delete. This triggers some unwanted race conditions // on shutdown where deleted resources end up putting stuff on the deferred delete list after the // worker threads have shut down. clearActivePools(); } template typename ConnPoolMap::PoolOptRef ConnPoolMap::getPool(KEY_TYPE key, const PoolFactory& factory) { Common::AutoDebugRecursionChecker assert_not_in(recursion_checker_); // TODO(klarose): Consider how we will change the connection pool's configuration in the future. // The plan is to change the downstream socket options... We may want to take those as a parameter // here. Maybe we'll pass them to the factory function? auto pool_iter = active_pools_.find(key); if (pool_iter != active_pools_.end()) { return std::ref(*(pool_iter->second)); } ResourceLimit& connPoolResource = host_->cluster().resourceManager(priority_).connectionPools(); // We need a new pool. Check if we have room. if (!connPoolResource.canCreate()) { // We're full. Try to free up a pool. If we can't, bail out. if (!freeOnePool()) { host_->cluster().stats().upstream_cx_pool_overflow_.inc(); return absl::nullopt; } ASSERT(size() < connPoolResource.max(), "Freeing a pool should reduce the size to below the max."); // TODO(klarose): Consider some simple hysteresis here. How can we prevent iterating over all // pools when we're at the limit every time we want to allocate a new one, even if most of the // pools are not busy, while balancing that with not unnecessarily freeing all pools? If we // start freeing once we cross a threshold, then stop after we cross another, we could // achieve that balance. } // We have room for a new pool. Allocate one and let it know about any cached callbacks. auto new_pool = factory(); connPoolResource.inc(); for (const auto& cb : cached_callbacks_) { new_pool->addDrainedCallback(cb); } auto inserted = active_pools_.emplace(key, std::move(new_pool)); return std::ref(*inserted.first->second); } template size_t ConnPoolMap::size() const { return active_pools_.size(); } template void ConnPoolMap::clear() { Common::AutoDebugRecursionChecker assert_not_in(recursion_checker_); for (auto& pool_pair : active_pools_) { thread_local_dispatcher_.deferredDelete(std::move(pool_pair.second)); } clearActivePools(); } template void ConnPoolMap::addDrainedCallback(const DrainedCb& cb) { Common::AutoDebugRecursionChecker assert_not_in(recursion_checker_); for (auto& pool_pair : active_pools_) { pool_pair.second->addDrainedCallback(cb); } cached_callbacks_.emplace_back(std::move(cb)); } template void ConnPoolMap::drainConnections() { Common::AutoDebugRecursionChecker assert_not_in(recursion_checker_); for (auto& pool_pair : active_pools_) { pool_pair.second->drainConnections(); } } template bool ConnPoolMap::freeOnePool() { // Try to find a pool that isn't doing anything. auto pool_iter = active_pools_.begin(); while (pool_iter != active_pools_.end()) { if (!pool_iter->second->hasActiveConnections()) { break; } ++pool_iter; } if (pool_iter != active_pools_.end()) { // We found one. Free it up, and let the caller know. active_pools_.erase(pool_iter); host_->cluster().resourceManager(priority_).connectionPools().dec(); return true; } return false; } template void ConnPoolMap::clearActivePools() { host_->cluster().resourceManager(priority_).connectionPools().decBy(active_pools_.size()); active_pools_.clear(); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/edf_scheduler.h ================================================ #pragma once #include #include #include #include "common/common/assert.h" namespace Envoy { namespace Upstream { // It's not sufficient to use trace level logging, since it becomes far too noisy for a number of // tests, so we can kill trace debug here. #define EDF_DEBUG 0 #if EDF_DEBUG #define EDF_TRACE(...) ENVOY_LOG_MISC(trace, __VA_ARGS__) #else #define EDF_TRACE(...) #endif // Earliest Deadline First (EDF) scheduler // (https://en.wikipedia.org/wiki/Earliest_deadline_first_scheduling) used for weighted round robin. // Each pick from the schedule has the earliest deadline entry selected. Entries have deadlines set // at current time + 1 / weight, providing weighted round robin behavior with floating point // weights and an O(log n) pick time. template class EdfScheduler { public: // Each time peekAgain is called, it will return the best-effort subsequent // pick, popping and reinserting the entry as if it had been picked, and // inserting it into the pre-picked queue. // The first time peekAgain is called, it will return the // first item which will be picked, the second time it is called it will // return the second item which will be picked. As picks occur, that window // will shrink. std::shared_ptr peekAgain(std::function calculate_weight) { if (hasEntry()) { prepick_list_.push_back(std::move(queue_.top().entry_)); std::shared_ptr ret{prepick_list_.back()}; add(calculate_weight(*ret), ret); queue_.pop(); return ret; } return nullptr; } /** * Pick queue entry with closest deadline and adds it back using the weight * from calculate_weight. * @return std::shared_ptr to next valid the queue entry if or nullptr if none exists. */ std::shared_ptr pickAndAdd(std::function calculate_weight) { while (!prepick_list_.empty()) { // In this case the entry was added back during peekAgain so don't re-add. if (prepick_list_.front().expired()) { prepick_list_.pop_front(); continue; } std::shared_ptr ret{prepick_list_.front()}; prepick_list_.pop_front(); return ret; } if (hasEntry()) { std::shared_ptr ret{queue_.top().entry_}; queue_.pop(); add(calculate_weight(*ret), ret); return ret; } return nullptr; } /** * Insert entry into queue with a given weight. The deadline will be current_time_ + 1 / weight. * @param weight floating point weight. * @param entry shared pointer to entry, only a weak reference will be retained. */ void add(double weight, std::shared_ptr entry) { ASSERT(weight > 0); const double deadline = current_time_ + 1.0 / weight; EDF_TRACE("Insertion {} in queue with deadline {} and weight {}.", static_cast(entry.get()), deadline, weight); queue_.push({deadline, order_offset_++, entry}); ASSERT(queue_.top().deadline_ >= current_time_); } /** * Implements empty() on the internal queue. Does not attempt to discard expired elements. * @return bool whether or not the internal queue is empty. */ bool empty() const { return queue_.empty(); } private: /** * Clears expired entries, and returns true if there's still entries in the queue. */ bool hasEntry() { EDF_TRACE("Queue pick: queue_.size()={}, current_time_={}.", queue_.size(), current_time_); while (true) { if (queue_.empty()) { EDF_TRACE("Queue is empty."); return false; } const EdfEntry& edf_entry = queue_.top(); // Entry has been removed, let's see if there's another one. if (edf_entry.entry_.expired()) { EDF_TRACE("Entry has expired, repick."); queue_.pop(); continue; } std::shared_ptr ret{edf_entry.entry_}; ASSERT(edf_entry.deadline_ >= current_time_); current_time_ = edf_entry.deadline_; EDF_TRACE("Picked {}, current_time_={}.", static_cast(ret.get()), current_time_); return true; } } struct EdfEntry { double deadline_; // Tie breaker for entries with the same deadline. This is used to provide FIFO behavior. uint64_t order_offset_; // We only hold a weak pointer, since we don't support a remove operator. This allows entries to // be lazily unloaded from the queue. std::weak_ptr entry_; // Flip < direction to make this a min queue. bool operator<(const EdfEntry& other) const { return deadline_ > other.deadline_ || (deadline_ == other.deadline_ && order_offset_ > other.order_offset_); } }; // Current time in EDF scheduler. // TODO(htuch): Is it worth the small extra complexity to use integer time for performance // reasons? double current_time_{}; // Offset used during addition to break ties when entries have the same weight but should reflect // FIFO insertion order in picks. uint64_t order_offset_{}; // Min priority queue for EDF. std::priority_queue queue_; std::list> prepick_list_; }; #undef EDF_DEBUG } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/eds.cc ================================================ #include "common/upstream/eds.h" #include "envoy/api/v2/endpoint.pb.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/config/api_version.h" #include "common/config/decoded_resource_impl.h" #include "common/config/version_converter.h" namespace Envoy { namespace Upstream { EdsClusterImpl::EdsClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : BaseDynamicClusterImpl(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), Envoy::Config::SubscriptionBase( cluster.eds_cluster_config().eds_config().resource_api_version(), factory_context.messageValidationVisitor(), "cluster_name"), local_info_(factory_context.localInfo()), cluster_name_(cluster.eds_cluster_config().service_name().empty() ? cluster.name() : cluster.eds_cluster_config().service_name()) { Event::Dispatcher& dispatcher = factory_context.dispatcher(); assignment_timeout_ = dispatcher.createTimer([this]() -> void { onAssignmentTimeout(); }); const auto& eds_config = cluster.eds_cluster_config().eds_config(); if (eds_config.config_source_specifier_case() == envoy::config::core::v3::ConfigSource::ConfigSourceSpecifierCase::kPath) { initialize_phase_ = InitializePhase::Primary; } else { initialize_phase_ = InitializePhase::Secondary; } const auto resource_name = getResourceName(); subscription_ = factory_context.clusterManager().subscriptionFactory().subscriptionFromConfigSource( eds_config, Grpc::Common::typeUrl(resource_name), info_->statsScope(), *this, resource_decoder_); } void EdsClusterImpl::startPreInit() { subscription_->start({cluster_name_}); } void EdsClusterImpl::BatchUpdateHelper::batchUpdate(PrioritySet::HostUpdateCb& host_update_cb) { absl::node_hash_map updated_hosts; PriorityStateManager priority_state_manager(parent_, parent_.local_info_, &host_update_cb); for (const auto& locality_lb_endpoint : cluster_load_assignment_.endpoints()) { parent_.validateEndpointsForZoneAwareRouting(locality_lb_endpoint); priority_state_manager.initializePriorityFor(locality_lb_endpoint); for (const auto& lb_endpoint : locality_lb_endpoint.lb_endpoints()) { priority_state_manager.registerHostForPriority( lb_endpoint.endpoint().hostname(), parent_.resolveProtoAddress(lb_endpoint.endpoint().address()), locality_lb_endpoint, lb_endpoint); } } // Track whether we rebuilt any LB structures. bool cluster_rebuilt = false; const uint32_t overprovisioning_factor = PROTOBUF_GET_WRAPPED_OR_DEFAULT( cluster_load_assignment_.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor); LocalityWeightsMap empty_locality_map; // Loop over all priorities that exist in the new configuration. auto& priority_state = priority_state_manager.priorityState(); for (size_t i = 0; i < priority_state.size(); ++i) { if (parent_.locality_weights_map_.size() <= i) { parent_.locality_weights_map_.resize(i + 1); } if (priority_state[i].first != nullptr) { cluster_rebuilt |= parent_.updateHostsPerLocality( i, overprovisioning_factor, *priority_state[i].first, parent_.locality_weights_map_[i], priority_state[i].second, priority_state_manager, updated_hosts); } else { // If the new update contains a priority with no hosts, call the update function with an empty // set of hosts. cluster_rebuilt |= parent_.updateHostsPerLocality( i, overprovisioning_factor, {}, parent_.locality_weights_map_[i], empty_locality_map, priority_state_manager, updated_hosts); } } // Loop over all priorities not present in the config that already exists. This will // empty out any remaining priority that the config update did not refer to. for (size_t i = priority_state.size(); i < parent_.priority_set_.hostSetsPerPriority().size(); ++i) { if (parent_.locality_weights_map_.size() <= i) { parent_.locality_weights_map_.resize(i + 1); } cluster_rebuilt |= parent_.updateHostsPerLocality( i, overprovisioning_factor, {}, parent_.locality_weights_map_[i], empty_locality_map, priority_state_manager, updated_hosts); } parent_.all_hosts_ = std::move(updated_hosts); if (!cluster_rebuilt) { parent_.info_->stats().update_no_rebuild_.inc(); } // If we didn't setup to initialize when our first round of health checking is complete, just // do it now. parent_.onPreInitComplete(); } void EdsClusterImpl::onConfigUpdate(const std::vector& resources, const std::string&) { if (!validateUpdateSize(resources.size())) { return; } envoy::config::endpoint::v3::ClusterLoadAssignment cluster_load_assignment = dynamic_cast( resources[0].get().resource()); if (cluster_load_assignment.cluster_name() != cluster_name_) { throw EnvoyException(fmt::format("Unexpected EDS cluster (expecting {}): {}", cluster_name_, cluster_load_assignment.cluster_name())); } // Scrub original type information; we don't config dump endpoints today and // this is significant memory overhead. Config::VersionConverter::eraseOriginalTypeInformation(cluster_load_assignment); // Disable timer (if enabled) as we have received new assignment. if (assignment_timeout_->enabled()) { assignment_timeout_->disableTimer(); } // Check if endpoint_stale_after is set. const uint64_t stale_after_ms = PROTOBUF_GET_MS_OR_DEFAULT(cluster_load_assignment.policy(), endpoint_stale_after, 0); if (stale_after_ms > 0) { // Stat to track how often we receive valid assignment_timeout in response. info_->stats().assignment_timeout_received_.inc(); assignment_timeout_->enableTimer(std::chrono::milliseconds(stale_after_ms)); } BatchUpdateHelper helper(*this, cluster_load_assignment); priority_set_.batchHostUpdate(helper); } void EdsClusterImpl::onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { if (!validateUpdateSize(added_resources.size())) { return; } onConfigUpdate(added_resources, added_resources[0].get().version()); } bool EdsClusterImpl::validateUpdateSize(int num_resources) { if (num_resources == 0) { ENVOY_LOG(debug, "Missing ClusterLoadAssignment for {} in onConfigUpdate()", cluster_name_); info_->stats().update_empty_.inc(); onPreInitComplete(); return false; } if (num_resources != 1) { throw EnvoyException(fmt::format("Unexpected EDS resource length: {}", num_resources)); // (would be a return false here) } return true; } void EdsClusterImpl::onAssignmentTimeout() { // We can no longer use the assignments, remove them. // TODO(vishalpowar) This is not going to work for incremental updates, and we // need to instead change the health status to indicate the assignments are // stale. envoy::config::endpoint::v3::ClusterLoadAssignment resource; resource.set_cluster_name(cluster_name_); ProtobufWkt::Any any_resource; any_resource.PackFrom(resource); Config::DecodedResourceImpl decoded_resource(resource_decoder_, any_resource, ""); std::vector resource_refs = {decoded_resource}; onConfigUpdate(resource_refs, ""); // Stat to track how often we end up with stale assignments. info_->stats().assignment_stale_.inc(); } void EdsClusterImpl::reloadHealthyHostsHelper(const HostSharedPtr& host) { // Here we will see if we have a host that has been marked for deletion by service discovery // but has been stabilized due to passing active health checking. If such a host is now // failing active health checking we can remove it during this health check update. HostSharedPtr host_to_exclude = host; if (host_to_exclude != nullptr && host_to_exclude->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC) && host_to_exclude->healthFlagGet(Host::HealthFlag::PENDING_DYNAMIC_REMOVAL)) { // Empty for clarity. } else { // Do not exclude and remove the host during the update. host_to_exclude = nullptr; } const auto& host_sets = prioritySet().hostSetsPerPriority(); for (size_t priority = 0; priority < host_sets.size(); ++priority) { const auto& host_set = host_sets[priority]; // Filter current hosts in case we need to exclude a host. HostVectorSharedPtr hosts_copy(new HostVector()); std::copy_if(host_set->hosts().begin(), host_set->hosts().end(), std::back_inserter(*hosts_copy), [&host_to_exclude](const HostSharedPtr& host) { return host_to_exclude != host; }); // Setup a hosts to remove vector in case we need to exclude a host. HostVector hosts_to_remove; if (hosts_copy->size() != host_set->hosts().size()) { ASSERT(hosts_copy->size() == host_set->hosts().size() - 1); hosts_to_remove.emplace_back(host_to_exclude); } // Filter hosts per locality in case we need to exclude a host. HostsPerLocalityConstSharedPtr hosts_per_locality_copy = host_set->hostsPerLocality().filter( {[&host_to_exclude](const Host& host) { return &host != host_to_exclude.get(); }})[0]; prioritySet().updateHosts(priority, HostSetImpl::partitionHosts(hosts_copy, hosts_per_locality_copy), host_set->localityWeights(), {}, hosts_to_remove, absl::nullopt); } if (host_to_exclude != nullptr) { ASSERT(all_hosts_.find(host_to_exclude->address()->asString()) != all_hosts_.end()); all_hosts_.erase(host_to_exclude->address()->asString()); } } bool EdsClusterImpl::updateHostsPerLocality( const uint32_t priority, const uint32_t overprovisioning_factor, const HostVector& new_hosts, LocalityWeightsMap& locality_weights_map, LocalityWeightsMap& new_locality_weights_map, PriorityStateManager& priority_state_manager, absl::node_hash_map& updated_hosts) { const auto& host_set = priority_set_.getOrCreateHostSet(priority, overprovisioning_factor); HostVectorSharedPtr current_hosts_copy(new HostVector(host_set.hosts())); HostVector hosts_added; HostVector hosts_removed; // We need to trigger updateHosts with the new host vectors if they have changed. We also do this // when the locality weight map or the overprovisioning factor. Note calling updateDynamicHostList // is responsible for both determining whether there was a change and to perform the actual update // to current_hosts_copy, so it must be called even if we know that we need to update (e.g. if the // overprovisioning factor changes). // TODO(htuch): We eagerly update all the host sets here on weight changes, which isn't great, // since this has the knock on effect that we rebuild the load balancers and locality scheduler. // We could make this happen lazily, as we do for host-level weight updates, where as things age // out of the locality scheduler, we discover their new weights. We don't currently have a shared // object for locality weights that we can update here, we should add something like this to // improve performance and scalability of locality weight updates. const bool hosts_updated = updateDynamicHostList(new_hosts, *current_hosts_copy, hosts_added, hosts_removed, updated_hosts, all_hosts_); if (hosts_updated || host_set.overprovisioningFactor() != overprovisioning_factor || locality_weights_map != new_locality_weights_map) { ASSERT(std::all_of(current_hosts_copy->begin(), current_hosts_copy->end(), [&](const auto& host) { return host->priority() == priority; })); locality_weights_map = new_locality_weights_map; ENVOY_LOG(debug, "EDS hosts or locality weights changed for cluster: {} current hosts {} priority {}", info_->name(), host_set.hosts().size(), host_set.priority()); priority_state_manager.updateClusterPrioritySet(priority, std::move(current_hosts_copy), hosts_added, hosts_removed, absl::nullopt, overprovisioning_factor); return true; } return false; } void EdsClusterImpl::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad config. onPreInitComplete(); } std::pair EdsClusterFactory::createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { if (!cluster.has_eds_cluster_config()) { throw EnvoyException("cannot create an EDS cluster without an EDS config"); } return std::make_pair( std::make_unique(cluster, context.runtime(), socket_factory_context, std::move(stats_scope), context.addedViaApi()), nullptr); } /** * Static registration for the Eds cluster factory. @see RegisterFactory. */ REGISTER_FACTORY(EdsClusterFactory, ClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/eds.h ================================================ #pragma once #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/config/subscription_factory.h" #include "envoy/local_info/local_info.h" #include "envoy/secret/secret_manager.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "envoy/upstream/locality.h" #include "common/config/subscription_base.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/upstream_impl.h" #include "extensions/clusters/well_known_names.h" namespace Envoy { namespace Upstream { /** * Cluster implementation that reads host information from the Endpoint Discovery Service. */ class EdsClusterImpl : public BaseDynamicClusterImpl, Envoy::Config::SubscriptionBase { public: EdsClusterImpl(const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); // Upstream::Cluster InitializePhase initializePhase() const override { return initialize_phase_; } private: // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; using LocalityWeightsMap = absl::node_hash_map; bool updateHostsPerLocality(const uint32_t priority, const uint32_t overprovisioning_factor, const HostVector& new_hosts, LocalityWeightsMap& locality_weights_map, LocalityWeightsMap& new_locality_weights_map, PriorityStateManager& priority_state_manager, absl::node_hash_map& updated_hosts); bool validateUpdateSize(int num_resources); // ClusterImplBase void reloadHealthyHostsHelper(const HostSharedPtr& host) override; void startPreInit() override; void onAssignmentTimeout(); class BatchUpdateHelper : public PrioritySet::BatchUpdateCb { public: BatchUpdateHelper( EdsClusterImpl& parent, const envoy::config::endpoint::v3::ClusterLoadAssignment& cluster_load_assignment) : parent_(parent), cluster_load_assignment_(cluster_load_assignment) {} // Upstream::PrioritySet::BatchUpdateCb void batchUpdate(PrioritySet::HostUpdateCb& host_update_cb) override; private: EdsClusterImpl& parent_; const envoy::config::endpoint::v3::ClusterLoadAssignment& cluster_load_assignment_; }; Config::SubscriptionPtr subscription_; const LocalInfo::LocalInfo& local_info_; const std::string cluster_name_; std::vector locality_weights_map_; HostMap all_hosts_; Event::TimerPtr assignment_timeout_; InitializePhase initialize_phase_; }; using EdsClusterImplSharedPtr = std::shared_ptr; class EdsClusterFactory : public ClusterFactoryImplBase { public: EdsClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().Eds) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_checker_base_impl.cc ================================================ #include "common/upstream/health_checker_base_impl.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/stats/scope.h" #include "common/network/utility.h" #include "common/router/router.h" namespace Envoy { namespace Upstream { HealthCheckerImplBase::HealthCheckerImplBase(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger) : always_log_health_check_failures_(config.always_log_health_check_failures()), cluster_(cluster), dispatcher_(dispatcher), timeout_(PROTOBUF_GET_MS_REQUIRED(config, timeout)), unhealthy_threshold_(PROTOBUF_GET_WRAPPED_REQUIRED(config, unhealthy_threshold)), healthy_threshold_(PROTOBUF_GET_WRAPPED_REQUIRED(config, healthy_threshold)), stats_(generateStats(cluster.info()->statsScope())), runtime_(runtime), random_(random), reuse_connection_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, reuse_connection, true)), event_logger_(std::move(event_logger)), interval_(PROTOBUF_GET_MS_REQUIRED(config, interval)), no_traffic_interval_(PROTOBUF_GET_MS_OR_DEFAULT(config, no_traffic_interval, 60000)), initial_jitter_(PROTOBUF_GET_MS_OR_DEFAULT(config, initial_jitter, 0)), interval_jitter_(PROTOBUF_GET_MS_OR_DEFAULT(config, interval_jitter, 0)), interval_jitter_percent_(config.interval_jitter_percent()), unhealthy_interval_( PROTOBUF_GET_MS_OR_DEFAULT(config, unhealthy_interval, interval_.count())), unhealthy_edge_interval_( PROTOBUF_GET_MS_OR_DEFAULT(config, unhealthy_edge_interval, unhealthy_interval_.count())), healthy_edge_interval_( PROTOBUF_GET_MS_OR_DEFAULT(config, healthy_edge_interval, interval_.count())), transport_socket_options_(initTransportSocketOptions(config)), transport_socket_match_metadata_(initTransportSocketMatchMetadata(config)) { cluster_.prioritySet().addMemberUpdateCb( [this](const HostVector& hosts_added, const HostVector& hosts_removed) -> void { onClusterMemberUpdate(hosts_added, hosts_removed); }); } std::shared_ptr HealthCheckerImplBase::initTransportSocketOptions( const envoy::config::core::v3::HealthCheck& config) { if (config.has_tls_options()) { std::vector protocols{config.tls_options().alpn_protocols().begin(), config.tls_options().alpn_protocols().end()}; return std::make_shared( "", std::vector{}, std::move(protocols)); } return std::make_shared(); } MetadataConstSharedPtr HealthCheckerImplBase::initTransportSocketMatchMetadata( const envoy::config::core::v3::HealthCheck& config) { if (config.has_transport_socket_match_criteria()) { std::shared_ptr metadata = std::make_shared(); (*metadata->mutable_filter_metadata())[Envoy::Config::MetadataFilters::get() .ENVOY_TRANSPORT_SOCKET_MATCH] = config.transport_socket_match_criteria(); return metadata; } return nullptr; } HealthCheckerImplBase::~HealthCheckerImplBase() { // ASSERTs inside the session destructor check to make sure we have been previously deferred // deleted. Unify that logic here before actual destruction happens. for (auto& session : active_sessions_) { session.second->onDeferredDeleteBase(); } } void HealthCheckerImplBase::decHealthy() { stats_.healthy_.sub(1); } void HealthCheckerImplBase::decDegraded() { stats_.degraded_.sub(1); } HealthCheckerStats HealthCheckerImplBase::generateStats(Stats::Scope& scope) { std::string prefix("health_check."); return {ALL_HEALTH_CHECKER_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix))}; } void HealthCheckerImplBase::incHealthy() { stats_.healthy_.add(1); } void HealthCheckerImplBase::incDegraded() { stats_.degraded_.add(1); } std::chrono::milliseconds HealthCheckerImplBase::interval(HealthState state, HealthTransition changed_state) const { // See if the cluster has ever made a connection. If not, we use a much slower interval to keep // the host info relatively up to date in case we suddenly start sending traffic to this cluster. // In general host updates are rare and this should greatly smooth out needless health checking. // If a connection has been established, we choose an interval based on the host's health. Please // refer to the HealthCheck API documentation for more details. uint64_t base_time_ms; if (cluster_.info()->stats().upstream_cx_total_.used()) { // When healthy/unhealthy threshold is configured the health transition of a host will be // delayed. In this situation Envoy should use the edge interval settings between health checks. // // Example scenario for an unhealthy host with healthy_threshold set to 3: // - check fails, host is still unhealthy and next check happens after unhealthy_interval; // - check succeeds, host is still unhealthy and next check happens after healthy_edge_interval; // - check succeeds, host is still unhealthy and next check happens after healthy_edge_interval; // - check succeeds, host is now healthy and next check happens after interval; // - check succeeds, host is still healthy and next check happens after interval. switch (state) { case HealthState::Unhealthy: base_time_ms = changed_state == HealthTransition::ChangePending ? unhealthy_edge_interval_.count() : unhealthy_interval_.count(); break; default: base_time_ms = changed_state == HealthTransition::ChangePending ? healthy_edge_interval_.count() : interval_.count(); break; } } else { base_time_ms = no_traffic_interval_.count(); } return intervalWithJitter(base_time_ms, interval_jitter_); } std::chrono::milliseconds HealthCheckerImplBase::intervalWithJitter(uint64_t base_time_ms, std::chrono::milliseconds interval_jitter) const { const uint64_t jitter_percent_mod = interval_jitter_percent_ * base_time_ms / 100; if (jitter_percent_mod > 0) { base_time_ms += random_.random() % jitter_percent_mod; } if (interval_jitter.count() > 0) { base_time_ms += (random_.random() % interval_jitter.count()); } const uint64_t min_interval = runtime_.snapshot().getInteger("health_check.min_interval", 0); const uint64_t max_interval = runtime_.snapshot().getInteger( "health_check.max_interval", std::numeric_limits::max()); uint64_t final_ms = std::min(base_time_ms, max_interval); // We force a non-zero final MS, to prevent live lock. final_ms = std::max(uint64_t(1), std::max(final_ms, min_interval)); return std::chrono::milliseconds(final_ms); } void HealthCheckerImplBase::addHosts(const HostVector& hosts) { for (const HostSharedPtr& host : hosts) { active_sessions_[host] = makeSession(host); host->setActiveHealthFailureType(Host::ActiveHealthFailureType::UNKNOWN); host->setHealthChecker( HealthCheckHostMonitorPtr{new HealthCheckHostMonitorImpl(shared_from_this(), host)}); active_sessions_[host]->start(); } } void HealthCheckerImplBase::onClusterMemberUpdate(const HostVector& hosts_added, const HostVector& hosts_removed) { addHosts(hosts_added); for (const HostSharedPtr& host : hosts_removed) { auto session_iter = active_sessions_.find(host); ASSERT(active_sessions_.end() != session_iter); // This deletion can happen inline in response to a host failure, so we deferred delete. session_iter->second->onDeferredDeleteBase(); dispatcher_.deferredDelete(std::move(session_iter->second)); active_sessions_.erase(session_iter); } } void HealthCheckerImplBase::runCallbacks(HostSharedPtr host, HealthTransition changed_state) { for (const HostStatusCb& cb : callbacks_) { cb(host, changed_state); } } void HealthCheckerImplBase::HealthCheckHostMonitorImpl::setUnhealthy() { // This is called cross thread. The cluster/health checker might already be gone. std::shared_ptr health_checker = health_checker_.lock(); if (health_checker) { health_checker->setUnhealthyCrossThread(host_.lock()); } } void HealthCheckerImplBase::setUnhealthyCrossThread(const HostSharedPtr& host) { // The threading here is complex. The cluster owns the only strong reference to the health // checker. It might go away when we post to the main thread from a worker thread. To deal with // this we use the following sequence of events: // 1) We capture a weak reference to the health checker and post it from worker thread to main // thread. // 2) On the main thread, we make sure it is still valid (as the cluster may have been destroyed). // 3) Additionally, the host/session may also be gone by then so we check that also. std::weak_ptr weak_this = shared_from_this(); dispatcher_.post([weak_this, host]() -> void { std::shared_ptr shared_this = weak_this.lock(); if (shared_this == nullptr) { return; } const auto session = shared_this->active_sessions_.find(host); if (session == shared_this->active_sessions_.end()) { return; } session->second->setUnhealthy(envoy::data::core::v3::PASSIVE); }); } void HealthCheckerImplBase::start() { for (auto& host_set : cluster_.prioritySet().hostSetsPerPriority()) { addHosts(host_set->hosts()); } } HealthCheckerImplBase::ActiveHealthCheckSession::ActiveHealthCheckSession( HealthCheckerImplBase& parent, HostSharedPtr host) : host_(host), parent_(parent), interval_timer_(parent.dispatcher_.createTimer([this]() -> void { onIntervalBase(); })), timeout_timer_(parent.dispatcher_.createTimer([this]() -> void { onTimeoutBase(); })) { if (!host->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { parent.incHealthy(); } if (host->healthFlagGet(Host::HealthFlag::DEGRADED_ACTIVE_HC)) { parent.incDegraded(); } } HealthCheckerImplBase::ActiveHealthCheckSession::~ActiveHealthCheckSession() { // Make sure onDeferredDeleteBase() has been called. We should not reference our parent at this // point since we may have been deferred deleted. ASSERT(interval_timer_ == nullptr && timeout_timer_ == nullptr); } void HealthCheckerImplBase::ActiveHealthCheckSession::onDeferredDeleteBase() { // The session is about to be deferred deleted. Make sure all timers are gone and any // implementation specific state is destroyed. interval_timer_.reset(); timeout_timer_.reset(); if (!host_->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { parent_.decHealthy(); } if (host_->healthFlagGet(Host::HealthFlag::DEGRADED_ACTIVE_HC)) { parent_.decDegraded(); } onDeferredDelete(); } void HealthCheckerImplBase::ActiveHealthCheckSession::handleSuccess(bool degraded) { // If we are healthy, reset the # of unhealthy to zero. num_unhealthy_ = 0; HealthTransition changed_state = HealthTransition::Unchanged; if (host_->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { // If this is the first time we ever got a check result on this host, we immediately move // it to healthy. This makes startup faster with a small reduction in overall reliability // depending on the HC settings. if (first_check_ || ++num_healthy_ == parent_.healthy_threshold_) { host_->healthFlagClear(Host::HealthFlag::FAILED_ACTIVE_HC); parent_.incHealthy(); changed_state = HealthTransition::Changed; if (parent_.event_logger_) { parent_.event_logger_->logAddHealthy(parent_.healthCheckerType(), host_, first_check_); } } else { changed_state = HealthTransition::ChangePending; } } changed_state = clearPendingFlag(changed_state); if (degraded != host_->healthFlagGet(Host::HealthFlag::DEGRADED_ACTIVE_HC)) { if (degraded) { host_->healthFlagSet(Host::HealthFlag::DEGRADED_ACTIVE_HC); parent_.incDegraded(); if (parent_.event_logger_) { parent_.event_logger_->logDegraded(parent_.healthCheckerType(), host_); } } else { if (parent_.event_logger_) { parent_.event_logger_->logNoLongerDegraded(parent_.healthCheckerType(), host_); } host_->healthFlagClear(Host::HealthFlag::DEGRADED_ACTIVE_HC); } // This check ensures that we honor the decision made about Changed vs ChangePending in the // above block. // TODO(snowp): should there be degraded_threshold? if (changed_state == HealthTransition::Unchanged) { changed_state = HealthTransition::Changed; } } parent_.stats_.success_.inc(); first_check_ = false; parent_.runCallbacks(host_, changed_state); timeout_timer_->disableTimer(); interval_timer_->enableTimer(parent_.interval(HealthState::Healthy, changed_state)); } HealthTransition HealthCheckerImplBase::ActiveHealthCheckSession::setUnhealthy( envoy::data::core::v3::HealthCheckFailureType type) { // If we are unhealthy, reset the # of healthy to zero. num_healthy_ = 0; HealthTransition changed_state = HealthTransition::Unchanged; if (!host_->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { if (type != envoy::data::core::v3::NETWORK || ++num_unhealthy_ == parent_.unhealthy_threshold_) { host_->healthFlagSet(Host::HealthFlag::FAILED_ACTIVE_HC); parent_.decHealthy(); changed_state = HealthTransition::Changed; if (parent_.event_logger_) { parent_.event_logger_->logEjectUnhealthy(parent_.healthCheckerType(), host_, type); } } else { changed_state = HealthTransition::ChangePending; } } changed_state = clearPendingFlag(changed_state); if ((first_check_ || parent_.always_log_health_check_failures_) && parent_.event_logger_) { parent_.event_logger_->logUnhealthy(parent_.healthCheckerType(), host_, type, first_check_); } parent_.stats_.failure_.inc(); if (type == envoy::data::core::v3::NETWORK) { parent_.stats_.network_failure_.inc(); } else if (type == envoy::data::core::v3::PASSIVE) { parent_.stats_.passive_failure_.inc(); } first_check_ = false; parent_.runCallbacks(host_, changed_state); return changed_state; } void HealthCheckerImplBase::ActiveHealthCheckSession::handleFailure( envoy::data::core::v3::HealthCheckFailureType type) { HealthTransition changed_state = setUnhealthy(type); // It's possible that the previous call caused this session to be deferred deleted. if (timeout_timer_ != nullptr) { timeout_timer_->disableTimer(); } if (interval_timer_ != nullptr) { interval_timer_->enableTimer(parent_.interval(HealthState::Unhealthy, changed_state)); } } HealthTransition HealthCheckerImplBase::ActiveHealthCheckSession::clearPendingFlag(HealthTransition changed_state) { if (host_->healthFlagGet(Host::HealthFlag::PENDING_ACTIVE_HC)) { host_->healthFlagClear(Host::HealthFlag::PENDING_ACTIVE_HC); // Even though the health value of the host might have not changed, we set this to Changed to // that the cluster can update its list of excluded hosts. return HealthTransition::Changed; } return changed_state; } void HealthCheckerImplBase::ActiveHealthCheckSession::onIntervalBase() { onInterval(); timeout_timer_->enableTimer(parent_.timeout_); parent_.stats_.attempt_.inc(); } void HealthCheckerImplBase::ActiveHealthCheckSession::onTimeoutBase() { onTimeout(); handleFailure(envoy::data::core::v3::NETWORK); } void HealthCheckerImplBase::ActiveHealthCheckSession::onInitialInterval() { if (parent_.initial_jitter_.count() == 0) { onIntervalBase(); } else { interval_timer_->enableTimer( std::chrono::milliseconds(parent_.intervalWithJitter(0, parent_.initial_jitter_))); } } void HealthCheckEventLoggerImpl::logEjectUnhealthy( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type) { createHealthCheckEvent(health_checker_type, *host, [&failure_type](auto& event) { event.mutable_eject_unhealthy_event()->set_failure_type(failure_type); }); } void HealthCheckEventLoggerImpl::logUnhealthy( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type, bool first_check) { createHealthCheckEvent(health_checker_type, *host, [&first_check, &failure_type](auto& event) { event.mutable_health_check_failure_event()->set_failure_type(failure_type); event.mutable_health_check_failure_event()->set_first_check(first_check); }); } void HealthCheckEventLoggerImpl::logAddHealthy( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, bool first_check) { createHealthCheckEvent(health_checker_type, *host, [&first_check](auto& event) { event.mutable_add_healthy_event()->set_first_check(first_check); }); } void HealthCheckEventLoggerImpl::logDegraded( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) { createHealthCheckEvent(health_checker_type, *host, [](auto& event) { event.mutable_degraded_healthy_host(); }); } void HealthCheckEventLoggerImpl::logNoLongerDegraded( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) { createHealthCheckEvent(health_checker_type, *host, [](auto& event) { event.mutable_no_longer_degraded_host(); }); } void HealthCheckEventLoggerImpl::createHealthCheckEvent( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescription& host, std::function callback) const { envoy::data::core::v3::HealthCheckEvent event; event.set_cluster_name(host.cluster().name()); event.set_health_checker_type(health_checker_type); envoy::config::core::v3::Address address; Network::Utility::addressToProtobufAddress(*host.address(), address); *event.mutable_host() = std::move(address); TimestampUtil::systemClockToTimestamp(time_source_.systemTime(), *event.mutable_timestamp()); callback(event); // Make sure the type enums make it into the JSON const auto json = MessageUtil::getJsonStringFromMessage(event, /* pretty_print */ false, /* always_print_primitive_fields */ true); file_->write(fmt::format("{}\n", json)); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_checker_base_impl.h ================================================ #pragma once #include "envoy/access_log/access_log.h" #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/event/timer.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/type/matcher/string.pb.h" #include "envoy/upstream/health_checker.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/network/transport_socket_options_impl.h" namespace Envoy { namespace Upstream { /** * All health checker stats. @see stats_macros.h */ #define ALL_HEALTH_CHECKER_STATS(COUNTER, GAUGE) \ COUNTER(attempt) \ COUNTER(failure) \ COUNTER(network_failure) \ COUNTER(passive_failure) \ COUNTER(success) \ COUNTER(verify_cluster) \ GAUGE(degraded, Accumulate) \ GAUGE(healthy, Accumulate) /** * Definition of all health checker stats. @see stats_macros.h */ struct HealthCheckerStats { ALL_HEALTH_CHECKER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Base implementation for all health checkers. */ class HealthCheckerImplBase : public HealthChecker, protected Logger::Loggable, public std::enable_shared_from_this { public: // Upstream::HealthChecker void addHostCheckCompleteCb(HostStatusCb callback) override { callbacks_.push_back(callback); } void start() override; std::shared_ptr transportSocketOptions() const { return transport_socket_options_; } MetadataConstSharedPtr transportSocketMatchMetadata() const { return transport_socket_match_metadata_; } protected: class ActiveHealthCheckSession : public Event::DeferredDeletable { public: ~ActiveHealthCheckSession() override; HealthTransition setUnhealthy(envoy::data::core::v3::HealthCheckFailureType type); void onDeferredDeleteBase(); void start() { onInitialInterval(); } protected: ActiveHealthCheckSession(HealthCheckerImplBase& parent, HostSharedPtr host); void handleSuccess(bool degraded = false); void handleDegraded(); void handleFailure(envoy::data::core::v3::HealthCheckFailureType type); HostSharedPtr host_; private: // Clears the pending flag if it is set. By clearing this flag we're marking the host as having // been health checked. // Returns the changed state to use following the flag update. HealthTransition clearPendingFlag(HealthTransition changed_state); virtual void onInterval() PURE; void onIntervalBase(); virtual void onTimeout() PURE; void onTimeoutBase(); virtual void onDeferredDelete() PURE; void onInitialInterval(); HealthCheckerImplBase& parent_; Event::TimerPtr interval_timer_; Event::TimerPtr timeout_timer_; uint32_t num_unhealthy_{}; uint32_t num_healthy_{}; bool first_check_{true}; }; using ActiveHealthCheckSessionPtr = std::unique_ptr; HealthCheckerImplBase(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger); ~HealthCheckerImplBase() override; virtual ActiveHealthCheckSessionPtr makeSession(HostSharedPtr host) PURE; virtual envoy::data::core::v3::HealthCheckerType healthCheckerType() const PURE; const bool always_log_health_check_failures_; const Cluster& cluster_; Event::Dispatcher& dispatcher_; const std::chrono::milliseconds timeout_; const uint32_t unhealthy_threshold_; const uint32_t healthy_threshold_; HealthCheckerStats stats_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; const bool reuse_connection_; HealthCheckEventLoggerPtr event_logger_; private: struct HealthCheckHostMonitorImpl : public HealthCheckHostMonitor { HealthCheckHostMonitorImpl(const std::shared_ptr& health_checker, const HostSharedPtr& host) : health_checker_(health_checker), host_(host) {} // Upstream::HealthCheckHostMonitor void setUnhealthy() override; std::weak_ptr health_checker_; std::weak_ptr host_; }; void addHosts(const HostVector& hosts); void decHealthy(); void decDegraded(); HealthCheckerStats generateStats(Stats::Scope& scope); void incHealthy(); void incDegraded(); std::chrono::milliseconds interval(HealthState state, HealthTransition changed_state) const; std::chrono::milliseconds intervalWithJitter(uint64_t base_time_ms, std::chrono::milliseconds interval_jitter) const; void onClusterMemberUpdate(const HostVector& hosts_added, const HostVector& hosts_removed); void runCallbacks(HostSharedPtr host, HealthTransition changed_state); void setUnhealthyCrossThread(const HostSharedPtr& host); static std::shared_ptr initTransportSocketOptions(const envoy::config::core::v3::HealthCheck& config); static MetadataConstSharedPtr initTransportSocketMatchMetadata(const envoy::config::core::v3::HealthCheck& config); static const std::chrono::milliseconds NO_TRAFFIC_INTERVAL; std::list callbacks_; const std::chrono::milliseconds interval_; const std::chrono::milliseconds no_traffic_interval_; const std::chrono::milliseconds initial_jitter_; const std::chrono::milliseconds interval_jitter_; const uint32_t interval_jitter_percent_; const std::chrono::milliseconds unhealthy_interval_; const std::chrono::milliseconds unhealthy_edge_interval_; const std::chrono::milliseconds healthy_edge_interval_; absl::node_hash_map active_sessions_; const std::shared_ptr transport_socket_options_; const MetadataConstSharedPtr transport_socket_match_metadata_; }; class HealthCheckEventLoggerImpl : public HealthCheckEventLogger { public: HealthCheckEventLoggerImpl(AccessLog::AccessLogManager& log_manager, TimeSource& time_source, const std::string& file_name) : time_source_(time_source), file_(log_manager.createAccessLog(file_name)) {} void logEjectUnhealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type) override; void logAddHealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, bool first_check) override; void logUnhealthy(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host, envoy::data::core::v3::HealthCheckFailureType failure_type, bool first_check) override; void logDegraded(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) override; void logNoLongerDegraded(envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescriptionConstSharedPtr& host) override; private: void createHealthCheckEvent( envoy::data::core::v3::HealthCheckerType health_checker_type, const HostDescription& host, std::function callback) const; TimeSource& time_source_; AccessLog::AccessLogFileSharedPtr file_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_checker_impl.cc ================================================ #include "common/upstream/health_checker_impl.h" #include #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/server/health_checker_config.h" #include "envoy/type/v3/http.pb.h" #include "envoy/type/v3/range.pb.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/macros.h" #include "common/config/utility.h" #include "common/config/well_known_names.h" #include "common/grpc/common.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/network/address_impl.h" #include "common/router/router.h" #include "common/runtime/runtime_features.h" #include "common/runtime/runtime_impl.h" #include "common/upstream/host_utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Upstream { namespace { // Helper functions to get the correct hostname for an L7 health check. const std::string& getHostname(const HostSharedPtr& host, const std::string& config_hostname, const ClusterInfoConstSharedPtr& cluster) { if (!host->hostnameForHealthChecks().empty()) { return host->hostnameForHealthChecks(); } if (!config_hostname.empty()) { return config_hostname; } return cluster->name(); } const std::string& getHostname(const HostSharedPtr& host, const absl::optional& config_hostname, const ClusterInfoConstSharedPtr& cluster) { if (config_hostname.has_value()) { return getHostname(host, config_hostname.value(), cluster); } return getHostname(host, EMPTY_STRING, cluster); } } // namespace class HealthCheckerFactoryContextImpl : public Server::Configuration::HealthCheckerFactoryContext { public: HealthCheckerFactoryContextImpl(Upstream::Cluster& cluster, Envoy::Runtime::Loader& runtime, Event::Dispatcher& dispatcher, HealthCheckEventLoggerPtr&& event_logger, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : cluster_(cluster), runtime_(runtime), dispatcher_(dispatcher), event_logger_(std::move(event_logger)), validation_visitor_(validation_visitor), api_(api) { } Upstream::Cluster& cluster() override { return cluster_; } Envoy::Runtime::Loader& runtime() override { return runtime_; } Event::Dispatcher& dispatcher() override { return dispatcher_; } HealthCheckEventLoggerPtr eventLogger() override { return std::move(event_logger_); } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { return validation_visitor_; } Api::Api& api() override { return api_; } private: Upstream::Cluster& cluster_; Envoy::Runtime::Loader& runtime_; Event::Dispatcher& dispatcher_; HealthCheckEventLoggerPtr event_logger_; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; }; HealthCheckerSharedPtr HealthCheckerFactory::create( const envoy::config::core::v3::HealthCheck& health_check_config, Upstream::Cluster& cluster, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, AccessLog::AccessLogManager& log_manager, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) { HealthCheckEventLoggerPtr event_logger; if (!health_check_config.event_log_path().empty()) { event_logger = std::make_unique( log_manager, dispatcher.timeSource(), health_check_config.event_log_path()); } switch (health_check_config.health_checker_case()) { case envoy::config::core::v3::HealthCheck::HealthCheckerCase::kHttpHealthCheck: return std::make_shared(cluster, health_check_config, dispatcher, runtime, api.randomGenerator(), std::move(event_logger)); case envoy::config::core::v3::HealthCheck::HealthCheckerCase::kTcpHealthCheck: return std::make_shared(cluster, health_check_config, dispatcher, runtime, api.randomGenerator(), std::move(event_logger)); case envoy::config::core::v3::HealthCheck::HealthCheckerCase::kGrpcHealthCheck: if (!(cluster.info()->features() & Upstream::ClusterInfo::Features::HTTP2)) { throw EnvoyException(fmt::format("{} cluster must support HTTP/2 for gRPC healthchecking", cluster.info()->name())); } return std::make_shared(cluster, health_check_config, dispatcher, runtime, api.randomGenerator(), std::move(event_logger)); case envoy::config::core::v3::HealthCheck::HealthCheckerCase::kCustomHealthCheck: { auto& factory = Config::Utility::getAndCheckFactory( health_check_config.custom_health_check()); std::unique_ptr context( new HealthCheckerFactoryContextImpl(cluster, runtime, dispatcher, std::move(event_logger), validation_visitor, api)); return factory.createCustomHealthChecker(health_check_config, *context); } default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } HttpHealthCheckerImpl::HttpHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger) : HealthCheckerImplBase(cluster, config, dispatcher, runtime, random, std::move(event_logger)), path_(config.http_health_check().path()), host_value_(config.http_health_check().host()), request_headers_parser_( Router::HeaderParser::configure(config.http_health_check().request_headers_to_add(), config.http_health_check().request_headers_to_remove())), http_status_checker_(config.http_health_check().expected_statuses(), static_cast(Http::Code::OK)), codec_client_type_( codecClientType(config.http_health_check().hidden_envoy_deprecated_use_http2() ? envoy::type::v3::HTTP2 : config.http_health_check().codec_client_type())), random_generator_(random) { // The deprecated service_name field was previously being used to compare with the health checked // cluster name using a StartsWith comparison. Since StartsWith is essentially a prefix // comparison, representing the intent by using a StringMatcher prefix is a more natural way. if (!config.http_health_check().hidden_envoy_deprecated_service_name().empty()) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_prefix(config.http_health_check().hidden_envoy_deprecated_service_name()); service_name_matcher_.emplace(matcher); } else if (config.http_health_check().has_service_name_matcher()) { service_name_matcher_.emplace(config.http_health_check().service_name_matcher()); } } HttpHealthCheckerImpl::HttpStatusChecker::HttpStatusChecker( const Protobuf::RepeatedPtrField& expected_statuses, uint64_t default_expected_status) { for (const auto& status_range : expected_statuses) { const auto start = status_range.start(); const auto end = status_range.end(); if (start >= end) { throw EnvoyException(fmt::format( "Invalid http status range: expecting start < end, but found start={} and end={}", start, end)); } if (start < 100) { throw EnvoyException(fmt::format( "Invalid http status range: expecting start >= 100, but found start={}", start)); } if (end > 600) { throw EnvoyException( fmt::format("Invalid http status range: expecting end <= 600, but found end={}", end)); } ranges_.emplace_back(std::make_pair(static_cast(start), static_cast(end))); } if (ranges_.empty()) { ranges_.emplace_back(std::make_pair(default_expected_status, default_expected_status + 1)); } } bool HttpHealthCheckerImpl::HttpStatusChecker::inRange(uint64_t http_status) const { for (const auto& range : ranges_) { if (http_status >= range.first && http_status < range.second) { return true; } } return false; } Http::Protocol codecClientTypeToProtocol(Http::CodecClient::Type codec_client_type) { switch (codec_client_type) { case Http::CodecClient::Type::HTTP1: return Http::Protocol::Http11; case Http::CodecClient::Type::HTTP2: return Http::Protocol::Http2; case Http::CodecClient::Type::HTTP3: return Http::Protocol::Http3; default: NOT_REACHED_GCOVR_EXCL_LINE; } } HttpHealthCheckerImpl::HttpActiveHealthCheckSession::HttpActiveHealthCheckSession( HttpHealthCheckerImpl& parent, const HostSharedPtr& host) : ActiveHealthCheckSession(parent, host), parent_(parent), hostname_(getHostname(host, parent_.host_value_, parent_.cluster_.info())), protocol_(codecClientTypeToProtocol(parent_.codec_client_type_)), local_address_(std::make_shared("127.0.0.1")) {} HttpHealthCheckerImpl::HttpActiveHealthCheckSession::~HttpActiveHealthCheckSession() { ASSERT(client_ == nullptr); } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onDeferredDelete() { if (client_) { // If there is an active request it will get reset, so make sure we ignore the reset. expect_reset_ = true; client_->close(); } } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::decodeHeaders( Http::ResponseHeaderMapPtr&& headers, bool end_stream) { ASSERT(!response_headers_); response_headers_ = std::move(headers); if (end_stream) { onResponseComplete(); } } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { // For the raw disconnect event, we are either between intervals in which case we already have // a timer setup, or we did the close or got a reset, in which case we already setup a new // timer. There is nothing to do here other than blow away the client. response_headers_.reset(); parent_.dispatcher_.deferredDelete(std::move(client_)); } } // TODO(lilika) : Support connection pooling void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onInterval() { if (!client_) { Upstream::Host::CreateConnectionData conn = host_->createHealthCheckConnection(parent_.dispatcher_, parent_.transportSocketOptions(), parent_.transportSocketMatchMetadata().get()); client_.reset(parent_.createCodecClient(conn)); client_->addConnectionCallbacks(connection_callback_impl_); expect_reset_ = false; } Http::RequestEncoder* request_encoder = &client_->newStream(*this); request_encoder->getStream().addCallbacks(*this); const auto request_headers = Http::createHeaderMap( {{Http::Headers::get().Method, "GET"}, {Http::Headers::get().Host, hostname_}, {Http::Headers::get().Path, parent_.path_}, {Http::Headers::get().UserAgent, Http::Headers::get().UserAgentValues.EnvoyHealthChecker}}); Router::FilterUtility::setUpstreamScheme( *request_headers, host_->transportSocketFactory().implementsSecureTransport()); StreamInfo::StreamInfoImpl stream_info(protocol_, parent_.dispatcher_.timeSource()); stream_info.setDownstreamLocalAddress(local_address_); stream_info.setDownstreamRemoteAddress(local_address_); stream_info.onUpstreamHostSelected(host_); parent_.request_headers_parser_->evaluateHeaders(*request_headers, stream_info); request_encoder->encodeHeaders(*request_headers, true); } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onResetStream(Http::StreamResetReason, absl::string_view) { if (expect_reset_) { return; } ENVOY_CONN_LOG(debug, "connection/stream error health_flags={}", *client_, HostUtility::healthFlagsToString(*host_)); handleFailure(envoy::data::core::v3::NETWORK); } HttpHealthCheckerImpl::HttpActiveHealthCheckSession::HealthCheckResult HttpHealthCheckerImpl::HttpActiveHealthCheckSession::healthCheckResult() { uint64_t response_code = Http::Utility::getResponseStatus(*response_headers_); ENVOY_CONN_LOG(debug, "hc response={} health_flags={}", *client_, response_code, HostUtility::healthFlagsToString(*host_)); if (!parent_.http_status_checker_.inRange(response_code)) { return HealthCheckResult::Failed; } const auto degraded = response_headers_->EnvoyDegraded() != nullptr; if (parent_.service_name_matcher_.has_value() && parent_.runtime_.snapshot().featureEnabled("health_check.verify_cluster", 100UL)) { parent_.stats_.verify_cluster_.inc(); std::string service_cluster_healthchecked = response_headers_->EnvoyUpstreamHealthCheckedCluster() ? std::string(response_headers_->getEnvoyUpstreamHealthCheckedClusterValue()) : EMPTY_STRING; if (parent_.service_name_matcher_->match(service_cluster_healthchecked)) { return degraded ? HealthCheckResult::Degraded : HealthCheckResult::Succeeded; } else { return HealthCheckResult::Failed; } } return degraded ? HealthCheckResult::Degraded : HealthCheckResult::Succeeded; } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onResponseComplete() { switch (healthCheckResult()) { case HealthCheckResult::Succeeded: handleSuccess(false); break; case HealthCheckResult::Degraded: handleSuccess(true); break; case HealthCheckResult::Failed: host_->setActiveHealthFailureType(Host::ActiveHealthFailureType::UNHEALTHY); handleFailure(envoy::data::core::v3::ACTIVE); break; } if (shouldClose()) { client_->close(); } response_headers_.reset(); } // It is possible for this session to have been deferred destroyed inline in handleFailure() // above so make sure we still have a connection that we might need to close. bool HttpHealthCheckerImpl::HttpActiveHealthCheckSession::shouldClose() const { if (client_ == nullptr) { return false; } if (!parent_.reuse_connection_) { return true; } if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.fixed_connection_close")) { return Http::HeaderUtility::shouldCloseConnection(client_->protocol(), *response_headers_); } if (response_headers_->Connection()) { const bool close = absl::EqualsIgnoreCase(response_headers_->Connection()->value().getStringView(), Http::Headers::get().ConnectionValues.Close); if (close) { return true; } } if (response_headers_->ProxyConnection() && protocol_ < Http::Protocol::Http2) { const bool close = absl::EqualsIgnoreCase(response_headers_->ProxyConnection()->value().getStringView(), Http::Headers::get().ConnectionValues.Close); if (close) { return true; } } return false; } void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onTimeout() { if (client_) { host_->setActiveHealthFailureType(Host::ActiveHealthFailureType::TIMEOUT); ENVOY_CONN_LOG(debug, "connection/stream timeout health_flags={}", *client_, HostUtility::healthFlagsToString(*host_)); // If there is an active request it will get reset, so make sure we ignore the reset. expect_reset_ = true; client_->close(); } } Http::CodecClient::Type HttpHealthCheckerImpl::codecClientType(const envoy::type::v3::CodecClientType& type) { switch (type) { case envoy::type::v3::HTTP3: return Http::CodecClient::Type::HTTP3; case envoy::type::v3::HTTP2: return Http::CodecClient::Type::HTTP2; case envoy::type::v3::HTTP1: return Http::CodecClient::Type::HTTP1; default: NOT_REACHED_GCOVR_EXCL_LINE; } } Http::CodecClient* ProdHttpHealthCheckerImpl::createCodecClient(Upstream::Host::CreateConnectionData& data) { return new Http::CodecClientProd(codec_client_type_, std::move(data.connection_), data.host_description_, dispatcher_, random_generator_); } TcpHealthCheckMatcher::MatchSegments TcpHealthCheckMatcher::loadProtoBytes( const Protobuf::RepeatedPtrField& byte_array) { MatchSegments result; for (const auto& entry : byte_array) { const auto decoded = Hex::decode(entry.text()); if (decoded.empty()) { throw EnvoyException(fmt::format("invalid hex string '{}'", entry.text())); } result.push_back(decoded); } return result; } bool TcpHealthCheckMatcher::match(const MatchSegments& expected, const Buffer::Instance& buffer) { uint64_t start_index = 0; for (const std::vector& segment : expected) { ssize_t search_result = buffer.search(segment.data(), segment.size(), start_index); if (search_result == -1) { return false; } start_index = search_result + segment.size(); } return true; } TcpHealthCheckerImpl::TcpHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger) : HealthCheckerImplBase(cluster, config, dispatcher, runtime, random, std::move(event_logger)), send_bytes_([&config] { Protobuf::RepeatedPtrField send_repeated; if (!config.tcp_health_check().send().text().empty()) { send_repeated.Add()->CopyFrom(config.tcp_health_check().send()); } return TcpHealthCheckMatcher::loadProtoBytes(send_repeated); }()), receive_bytes_(TcpHealthCheckMatcher::loadProtoBytes(config.tcp_health_check().receive())) {} TcpHealthCheckerImpl::TcpActiveHealthCheckSession::~TcpActiveHealthCheckSession() { ASSERT(client_ == nullptr); } void TcpHealthCheckerImpl::TcpActiveHealthCheckSession::onDeferredDelete() { if (client_) { expect_close_ = true; client_->close(Network::ConnectionCloseType::NoFlush); } } void TcpHealthCheckerImpl::TcpActiveHealthCheckSession::onData(Buffer::Instance& data) { ENVOY_CONN_LOG(trace, "total pending buffer={}", *client_, data.length()); if (TcpHealthCheckMatcher::match(parent_.receive_bytes_, data)) { ENVOY_CONN_LOG(trace, "healthcheck passed", *client_); data.drain(data.length()); handleSuccess(false); if (!parent_.reuse_connection_) { expect_close_ = true; client_->close(Network::ConnectionCloseType::NoFlush); } } else { host_->setActiveHealthFailureType(Host::ActiveHealthFailureType::UNHEALTHY); } } void TcpHealthCheckerImpl::TcpActiveHealthCheckSession::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (!expect_close_) { handleFailure(envoy::data::core::v3::NETWORK); } parent_.dispatcher_.deferredDelete(std::move(client_)); } if (event == Network::ConnectionEvent::Connected && parent_.receive_bytes_.empty()) { // In this case we are just testing that we can connect, so immediately succeed. Also, since // we are just doing a connection test, close the connection. // NOTE(mattklein123): I've seen cases where the kernel will report a successful connection, and // then proceed to fail subsequent calls (so the connection did not actually succeed). I'm not // sure what situations cause this. If this turns into a problem, we may need to introduce a // timer and see if the connection stays alive for some period of time while waiting to read. // (Though we may never get a FIN and won't know until if/when we try to write). In short, this // may need to get more complicated but we can start here. // TODO(mattklein123): If we had a way on the connection interface to do an immediate read (vs. // evented), that would be a good check to run here to make sure it returns the equivalent of // EAGAIN. Need to think through how that would look from an interface perspective. // TODO(mattklein123): In the case that a user configured bytes to write, they will not be // be written, since we currently have no way to know if the bytes actually get written via // the connection interface. We might want to figure out how to handle this better later. expect_close_ = true; client_->close(Network::ConnectionCloseType::NoFlush); handleSuccess(false); } } // TODO(lilika) : Support connection pooling void TcpHealthCheckerImpl::TcpActiveHealthCheckSession::onInterval() { if (!client_) { client_ = host_ ->createHealthCheckConnection(parent_.dispatcher_, parent_.transportSocketOptions(), parent_.transportSocketMatchMetadata().get()) .connection_; session_callbacks_ = std::make_shared(*this); client_->addConnectionCallbacks(*session_callbacks_); client_->addReadFilter(session_callbacks_); expect_close_ = false; client_->connect(); client_->noDelay(true); } if (!parent_.send_bytes_.empty()) { Buffer::OwnedImpl data; for (const std::vector& segment : parent_.send_bytes_) { data.add(segment.data(), segment.size()); } client_->write(data, false); } } void TcpHealthCheckerImpl::TcpActiveHealthCheckSession::onTimeout() { expect_close_ = true; host_->setActiveHealthFailureType(Host::ActiveHealthFailureType::TIMEOUT); client_->close(Network::ConnectionCloseType::NoFlush); } GrpcHealthCheckerImpl::GrpcHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger) : HealthCheckerImplBase(cluster, config, dispatcher, runtime, random, std::move(event_logger)), random_generator_(random), service_method_(*Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "grpc.health.v1.Health.Check")) { if (!config.grpc_health_check().service_name().empty()) { service_name_ = config.grpc_health_check().service_name(); } if (!config.grpc_health_check().authority().empty()) { authority_value_ = config.grpc_health_check().authority(); } } GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::GrpcActiveHealthCheckSession( GrpcHealthCheckerImpl& parent, const HostSharedPtr& host) : ActiveHealthCheckSession(parent, host), parent_(parent) {} GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::~GrpcActiveHealthCheckSession() { ASSERT(client_ == nullptr); } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onDeferredDelete() { if (client_) { // If there is an active request it will get reset, so make sure we ignore the reset. expect_reset_ = true; client_->close(); } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::decodeHeaders( Http::ResponseHeaderMapPtr&& headers, bool end_stream) { const auto http_response_status = Http::Utility::getResponseStatus(*headers); if (http_response_status != enumToInt(Http::Code::OK)) { // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md requires that // grpc-status be used if available. if (end_stream) { const auto grpc_status = Grpc::Common::getGrpcStatus(*headers); if (grpc_status) { onRpcComplete(grpc_status.value(), Grpc::Common::getGrpcMessage(*headers), true); return; } } onRpcComplete(Grpc::Utility::httpToGrpcStatus(http_response_status), "non-200 HTTP response", end_stream); return; } if (!Grpc::Common::isGrpcResponseHeaders(*headers, end_stream)) { onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "not a gRPC request", false); return; } if (end_stream) { // This is how, for instance, grpc-go signals about missing service - HTTP/2 200 OK with // 'unimplemented' gRPC status. const auto grpc_status = Grpc::Common::getGrpcStatus(*headers); if (grpc_status) { onRpcComplete(grpc_status.value(), Grpc::Common::getGrpcMessage(*headers), true); return; } onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "gRPC protocol violation: unexpected stream end", true); } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::decodeData(Buffer::Instance& data, bool end_stream) { if (end_stream) { onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "gRPC protocol violation: unexpected stream end", true); return; } // We should end up with only one frame here. std::vector decoded_frames; if (!decoder_.decode(data, decoded_frames)) { onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "gRPC wire protocol decode error", false); } for (auto& frame : decoded_frames) { if (frame.length_ > 0) { if (health_check_response_) { // grpc.health.v1.Health.Check is unary RPC, so only one message is allowed. onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "unexpected streaming", false); return; } health_check_response_ = std::make_unique(); Buffer::ZeroCopyInputStreamImpl stream(std::move(frame.data_)); if (frame.flags_ != Grpc::GRPC_FH_DEFAULT || !health_check_response_->ParseFromZeroCopyStream(&stream)) { onRpcComplete(Grpc::Status::WellKnownGrpcStatus::Internal, "invalid grpc.health.v1 RPC payload", false); return; } } } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::decodeTrailers( Http::ResponseTrailerMapPtr&& trailers) { auto maybe_grpc_status = Grpc::Common::getGrpcStatus(*trailers); auto grpc_status = maybe_grpc_status ? maybe_grpc_status.value() : static_cast(Grpc::Status::WellKnownGrpcStatus::Internal); const std::string grpc_message = maybe_grpc_status ? Grpc::Common::getGrpcMessage(*trailers) : "invalid gRPC status"; onRpcComplete(grpc_status, grpc_message, true); } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { // For the raw disconnect event, we are either between intervals in which case we already have // a timer setup, or we did the close or got a reset, in which case we already setup a new // timer. There is nothing to do here other than blow away the client. parent_.dispatcher_.deferredDelete(std::move(client_)); } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onInterval() { if (!client_) { Upstream::Host::CreateConnectionData conn = host_->createHealthCheckConnection(parent_.dispatcher_, parent_.transportSocketOptions(), parent_.transportSocketMatchMetadata().get()); client_ = parent_.createCodecClient(conn); client_->addConnectionCallbacks(connection_callback_impl_); client_->setCodecConnectionCallbacks(http_connection_callback_impl_); } request_encoder_ = &client_->newStream(*this); request_encoder_->getStream().addCallbacks(*this); const std::string& authority = getHostname(host_, parent_.authority_value_, parent_.cluster_.info()); auto headers_message = Grpc::Common::prepareHeaders(authority, parent_.service_method_.service()->full_name(), parent_.service_method_.name(), absl::nullopt); headers_message->headers().setReferenceUserAgent( Http::Headers::get().UserAgentValues.EnvoyHealthChecker); Grpc::Common::toGrpcTimeout(parent_.timeout_, headers_message->headers()); Router::FilterUtility::setUpstreamScheme( headers_message->headers(), host_->transportSocketFactory().implementsSecureTransport()); request_encoder_->encodeHeaders(headers_message->headers(), false); grpc::health::v1::HealthCheckRequest request; if (parent_.service_name_.has_value()) { request.set_service(parent_.service_name_.value()); } request_encoder_->encodeData(*Grpc::Common::serializeToGrpcFrame(request), true); } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onResetStream(Http::StreamResetReason, absl::string_view) { const bool expected_reset = expect_reset_; const bool goaway = received_no_error_goaway_; resetState(); if (expected_reset) { // Stream reset was initiated by us (bogus gRPC response, timeout or cluster host is going // away). In these cases health check failure has already been reported and a GOAWAY (if any) // has already been handled, so just return. return; } ENVOY_CONN_LOG(debug, "connection/stream error health_flags={}", *client_, HostUtility::healthFlagsToString(*host_)); if (goaway || !parent_.reuse_connection_) { // Stream reset was unexpected, so we haven't closed the connection // yet in response to a GOAWAY or due to disabled connection reuse. client_->close(); } // TODO(baranov1ch): according to all HTTP standards, we should check if reason is one of // Http::StreamResetReason::RemoteRefusedStreamReset (which may mean GOAWAY), // Http::StreamResetReason::RemoteReset or Http::StreamResetReason::ConnectionTermination (both // mean connection close), check if connection is not fresh (was used for at least 1 request) // and silently retry request on the fresh connection. This is also true for HTTP/1.1 healthcheck. handleFailure(envoy::data::core::v3::NETWORK); } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onGoAway( Http::GoAwayErrorCode error_code) { ENVOY_CONN_LOG(debug, "connection going away health_flags={}", *client_, HostUtility::healthFlagsToString(*host_)); // If we have an active health check probe and receive a GOAWAY indicating // graceful shutdown, allow the probe to complete before closing the connection. // The connection will be closed when the active check completes or another // terminal condition occurs, such as a timeout or stream reset. if (request_encoder_ && error_code == Http::GoAwayErrorCode::NoError) { received_no_error_goaway_ = true; return; } // Even if we have active health check probe, fail it on GOAWAY and schedule new one. if (request_encoder_) { handleFailure(envoy::data::core::v3::NETWORK); expect_reset_ = true; request_encoder_->getStream().resetStream(Http::StreamResetReason::LocalReset); } client_->close(); } bool GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::isHealthCheckSucceeded( Grpc::Status::GrpcStatus grpc_status) const { if (grpc_status != Grpc::Status::WellKnownGrpcStatus::Ok) { return false; } if (!health_check_response_ || health_check_response_->status() != grpc::health::v1::HealthCheckResponse::SERVING) { return false; } return true; } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onRpcComplete( Grpc::Status::GrpcStatus grpc_status, const std::string& grpc_message, bool end_stream) { logHealthCheckStatus(grpc_status, grpc_message); if (isHealthCheckSucceeded(grpc_status)) { handleSuccess(false); } else { handleFailure(envoy::data::core::v3::ACTIVE); } // Read the value as we may call resetState() and clear it. const bool goaway = received_no_error_goaway_; // |end_stream| will be false if we decided to stop healthcheck before HTTP stream has ended - // invalid gRPC payload, unexpected message stream or wrong content-type. if (end_stream) { resetState(); } else { // resetState() will be called by onResetStream(). expect_reset_ = true; request_encoder_->getStream().resetStream(Http::StreamResetReason::LocalReset); } if (!parent_.reuse_connection_ || goaway) { client_->close(); } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::resetState() { expect_reset_ = false; request_encoder_ = nullptr; decoder_ = Grpc::Decoder(); health_check_response_.reset(); received_no_error_goaway_ = false; } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::onTimeout() { ENVOY_CONN_LOG(debug, "connection/stream timeout health_flags={}", *client_, HostUtility::healthFlagsToString(*host_)); expect_reset_ = true; if (received_no_error_goaway_ || !parent_.reuse_connection_) { client_->close(); } else { request_encoder_->getStream().resetStream(Http::StreamResetReason::LocalReset); } } void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::logHealthCheckStatus( Grpc::Status::GrpcStatus grpc_status, const std::string& grpc_message) { const char* service_status; if (!health_check_response_) { service_status = "rpc_error"; } else { switch (health_check_response_->status()) { case grpc::health::v1::HealthCheckResponse::SERVING: service_status = "serving"; break; case grpc::health::v1::HealthCheckResponse::NOT_SERVING: service_status = "not_serving"; break; case grpc::health::v1::HealthCheckResponse::UNKNOWN: service_status = "unknown"; break; case grpc::health::v1::HealthCheckResponse::SERVICE_UNKNOWN: service_status = "service_unknown"; break; default: service_status = "unknown_healthcheck_response"; break; } } std::string grpc_status_message; if (grpc_status != Grpc::Status::WellKnownGrpcStatus::Ok && !grpc_message.empty()) { grpc_status_message = fmt::format("{} ({})", grpc_status, grpc_message); } else { grpc_status_message = absl::StrCat("", grpc_status); } ENVOY_CONN_LOG(debug, "hc grpc_status={} service_status={} health_flags={}", *client_, grpc_status_message, service_status, HostUtility::healthFlagsToString(*host_)); } Http::CodecClientPtr ProdGrpcHealthCheckerImpl::createCodecClient(Upstream::Host::CreateConnectionData& data) { return std::make_unique( Http::CodecClient::Type::HTTP2, std::move(data.connection_), data.host_description_, dispatcher_, random_generator_); } std::ostream& operator<<(std::ostream& out, HealthState state) { switch (state) { case HealthState::Unhealthy: out << "Unhealthy"; break; case HealthState::Healthy: out << "Healthy"; break; } return out; } std::ostream& operator<<(std::ostream& out, HealthTransition changed_state) { switch (changed_state) { case HealthTransition::Unchanged: out << "Unchanged"; break; case HealthTransition::Changed: out << "Changed"; break; case HealthTransition::ChangePending: out << "ChangePending"; break; } return out; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_checker_impl.h ================================================ #pragma once #include "envoy/access_log/access_log.h" #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/grpc/status.h" #include "envoy/type/v3/http.pb.h" #include "envoy/type/v3/range.pb.h" #include "common/common/logger.h" #include "common/grpc/codec.h" #include "common/http/codec_client.h" #include "common/router/header_parser.h" #include "common/stream_info/stream_info_impl.h" #include "common/upstream/health_checker_base_impl.h" #include "src/proto/grpc/health/v1/health.pb.h" namespace Envoy { namespace Upstream { /** * Factory for creating health checker implementations. */ class HealthCheckerFactory : public Logger::Loggable { public: /** * Create a health checker. * @param health_check_config supplies the health check proto. * @param cluster supplies the owning cluster. * @param runtime supplies the runtime loader. * @param dispatcher supplies the dispatcher. * @param log_manager supplies the log_manager. * @param validation_visitor message validation visitor instance. * @param api reference to the Api object * @return a health checker. */ static HealthCheckerSharedPtr create(const envoy::config::core::v3::HealthCheck& health_check_config, Upstream::Cluster& cluster, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, AccessLog::AccessLogManager& log_manager, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); }; /** * HTTP health checker implementation. Connection keep alive is used where possible. */ class HttpHealthCheckerImpl : public HealthCheckerImplBase { public: HttpHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger); /** * Utility class checking if given http status matches configured expectations. */ class HttpStatusChecker { public: HttpStatusChecker( const Protobuf::RepeatedPtrField& expected_statuses, uint64_t default_expected_status); bool inRange(uint64_t http_status) const; private: std::vector> ranges_; }; private: struct HttpActiveHealthCheckSession : public ActiveHealthCheckSession, public Http::ResponseDecoder, public Http::StreamCallbacks { HttpActiveHealthCheckSession(HttpHealthCheckerImpl& parent, const HostSharedPtr& host); ~HttpActiveHealthCheckSession() override; void onResponseComplete(); enum class HealthCheckResult { Succeeded, Degraded, Failed }; HealthCheckResult healthCheckResult(); bool shouldClose() const; // ActiveHealthCheckSession void onInterval() override; void onTimeout() override; void onDeferredDelete() final; // Http::StreamDecoder void decodeData(Buffer::Instance&, bool end_stream) override { if (end_stream) { onResponseComplete(); } } void decodeMetadata(Http::MetadataMapPtr&&) override {} // Http::ResponseDecoder void decode100ContinueHeaders(Http::ResponseHeaderMapPtr&&) override {} void decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) override; void decodeTrailers(Http::ResponseTrailerMapPtr&&) override { onResponseComplete(); } // Http::StreamCallbacks void onResetStream(Http::StreamResetReason reason, absl::string_view transport_failure_reason) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} void onEvent(Network::ConnectionEvent event); class ConnectionCallbackImpl : public Network::ConnectionCallbacks { public: ConnectionCallbackImpl(HttpActiveHealthCheckSession& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { parent_.onEvent(event); } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} private: HttpActiveHealthCheckSession& parent_; }; ConnectionCallbackImpl connection_callback_impl_{*this}; HttpHealthCheckerImpl& parent_; Http::CodecClientPtr client_; Http::ResponseHeaderMapPtr response_headers_; const std::string& hostname_; const Http::Protocol protocol_; Network::Address::InstanceConstSharedPtr local_address_; bool expect_reset_{}; }; using HttpActiveHealthCheckSessionPtr = std::unique_ptr; virtual Http::CodecClient* createCodecClient(Upstream::Host::CreateConnectionData& data) PURE; // HealthCheckerImplBase ActiveHealthCheckSessionPtr makeSession(HostSharedPtr host) override { return std::make_unique(*this, host); } envoy::data::core::v3::HealthCheckerType healthCheckerType() const override { return envoy::data::core::v3::HTTP; } Http::CodecClient::Type codecClientType(const envoy::type::v3::CodecClientType& type); const std::string path_; const std::string host_value_; absl::optional service_name_matcher_; Router::HeaderParserPtr request_headers_parser_; const HttpStatusChecker http_status_checker_; protected: const Http::CodecClient::Type codec_client_type_; Random::RandomGenerator& random_generator_; }; /** * Production implementation of the HTTP health checker that allocates a real codec client. */ class ProdHttpHealthCheckerImpl : public HttpHealthCheckerImpl { public: using HttpHealthCheckerImpl::HttpHealthCheckerImpl; // HttpHealthCheckerImpl Http::CodecClient* createCodecClient(Upstream::Host::CreateConnectionData& data) override; }; /** * Utility class for loading a binary health checking config and matching it against a buffer. * Split out for ease of testing. The type of matching performed is the following (this is the * MongoDB health check request and response): * * "send": [ {"binary": "39000000"}, {"binary": "EEEEEEEE"}, {"binary": "00000000"}, {"binary": "d4070000"}, {"binary": "00000000"}, {"binary": "746573742e"}, {"binary": "24636d6400"}, {"binary": "00000000"}, {"binary": "FFFFFFFF"}, {"binary": "13000000"}, {"binary": "01"}, {"binary": "70696e6700"}, {"binary": "000000000000f03f"}, {"binary": "00"} ], "receive": [ {"binary": "EEEEEEEE"}, {"binary": "01000000"}, {"binary": "00000000"}, {"binary": "0000000000000000"}, {"binary": "00000000"}, {"binary": "11000000"}, {"binary": "01"}, {"binary": "6f6b"}, {"binary": "00000000000000f03f"}, {"binary": "00"} ] * * During each health check cycle, all of the "send" bytes are sent to the target server. Each * binary block can be of arbitrary length and is just concatenated together when sent. * * On the receive side, "fuzzy" matching is performed such that each binary block must be found, * and in the order specified, but not necessary contiguous. Thus, in the example above, * "FFFFFFFF" could be inserted in the response between "EEEEEEEE" and "01000000" and the check * would still pass. */ class TcpHealthCheckMatcher { public: using MatchSegments = std::list>; static MatchSegments loadProtoBytes( const Protobuf::RepeatedPtrField& byte_array); static bool match(const MatchSegments& expected, const Buffer::Instance& buffer); }; /** * TCP health checker implementation. */ class TcpHealthCheckerImpl : public HealthCheckerImplBase { public: TcpHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger); private: struct TcpActiveHealthCheckSession; struct TcpSessionCallbacks : public Network::ConnectionCallbacks, public Network::ReadFilterBaseImpl { TcpSessionCallbacks(TcpActiveHealthCheckSession& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { parent_.onEvent(event); } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool) override { parent_.onData(data); return Network::FilterStatus::StopIteration; } TcpActiveHealthCheckSession& parent_; }; struct TcpActiveHealthCheckSession : public ActiveHealthCheckSession { TcpActiveHealthCheckSession(TcpHealthCheckerImpl& parent, const HostSharedPtr& host) : ActiveHealthCheckSession(parent, host), parent_(parent) {} ~TcpActiveHealthCheckSession() override; void onData(Buffer::Instance& data); void onEvent(Network::ConnectionEvent event); // ActiveHealthCheckSession void onInterval() override; void onTimeout() override; void onDeferredDelete() final; TcpHealthCheckerImpl& parent_; Network::ClientConnectionPtr client_; std::shared_ptr session_callbacks_; // If true, stream close was initiated by us, not e.g. remote close or TCP reset. // In this case healthcheck status already reported, only state cleanup required. bool expect_close_{}; }; using TcpActiveHealthCheckSessionPtr = std::unique_ptr; // HealthCheckerImplBase ActiveHealthCheckSessionPtr makeSession(HostSharedPtr host) override { return std::make_unique(*this, host); } envoy::data::core::v3::HealthCheckerType healthCheckerType() const override { return envoy::data::core::v3::TCP; } const TcpHealthCheckMatcher::MatchSegments send_bytes_; const TcpHealthCheckMatcher::MatchSegments receive_bytes_; }; /** * gRPC health checker implementation. */ class GrpcHealthCheckerImpl : public HealthCheckerImplBase { public: GrpcHealthCheckerImpl(const Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Random::RandomGenerator& random, HealthCheckEventLoggerPtr&& event_logger); private: struct GrpcActiveHealthCheckSession : public ActiveHealthCheckSession, public Http::ResponseDecoder, public Http::StreamCallbacks { GrpcActiveHealthCheckSession(GrpcHealthCheckerImpl& parent, const HostSharedPtr& host); ~GrpcActiveHealthCheckSession() override; void onRpcComplete(Grpc::Status::GrpcStatus grpc_status, const std::string& grpc_message, bool end_stream); bool isHealthCheckSucceeded(Grpc::Status::GrpcStatus grpc_status) const; void resetState(); void logHealthCheckStatus(Grpc::Status::GrpcStatus grpc_status, const std::string& grpc_message); // ActiveHealthCheckSession void onInterval() override; void onTimeout() override; void onDeferredDelete() final; // Http::StreamDecoder void decodeData(Buffer::Instance&, bool end_stream) override; void decodeMetadata(Http::MetadataMapPtr&&) override {} // Http::ResponseDecoder void decode100ContinueHeaders(Http::ResponseHeaderMapPtr&&) override {} void decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) override; void decodeTrailers(Http::ResponseTrailerMapPtr&&) override; // Http::StreamCallbacks void onResetStream(Http::StreamResetReason reason, absl::string_view transport_failure_reason) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} void onEvent(Network::ConnectionEvent event); void onGoAway(Http::GoAwayErrorCode error_code); class ConnectionCallbackImpl : public Network::ConnectionCallbacks { public: ConnectionCallbackImpl(GrpcActiveHealthCheckSession& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { parent_.onEvent(event); } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} private: GrpcActiveHealthCheckSession& parent_; }; class HttpConnectionCallbackImpl : public Http::ConnectionCallbacks { public: HttpConnectionCallbackImpl(GrpcActiveHealthCheckSession& parent) : parent_(parent) {} // Http::ConnectionCallbacks void onGoAway(Http::GoAwayErrorCode error_code) override { parent_.onGoAway(error_code); } private: GrpcActiveHealthCheckSession& parent_; }; ConnectionCallbackImpl connection_callback_impl_{*this}; HttpConnectionCallbackImpl http_connection_callback_impl_{*this}; GrpcHealthCheckerImpl& parent_; Http::CodecClientPtr client_; Http::RequestEncoder* request_encoder_; Grpc::Decoder decoder_; std::unique_ptr health_check_response_; // If true, stream reset was initiated by us (GrpcActiveHealthCheckSession), not by HTTP stack, // e.g. remote reset. In this case healthcheck status has already been reported, only state // cleanup is required. bool expect_reset_ = false; // If true, we received a GOAWAY (NO_ERROR code) and are deferring closing the connection // until the active probe completes. bool received_no_error_goaway_ = false; }; virtual Http::CodecClientPtr createCodecClient(Upstream::Host::CreateConnectionData& data) PURE; // HealthCheckerImplBase ActiveHealthCheckSessionPtr makeSession(HostSharedPtr host) override { return std::make_unique(*this, host); } envoy::data::core::v3::HealthCheckerType healthCheckerType() const override { return envoy::data::core::v3::GRPC; } protected: Random::RandomGenerator& random_generator_; private: const Protobuf::MethodDescriptor& service_method_; absl::optional service_name_; absl::optional authority_value_; }; /** * Production implementation of the gRPC health checker that allocates a real codec client. */ class ProdGrpcHealthCheckerImpl : public GrpcHealthCheckerImpl { public: using GrpcHealthCheckerImpl::GrpcHealthCheckerImpl; // GrpcHealthCheckerImpl Http::CodecClientPtr createCodecClient(Upstream::Host::CreateConnectionData& data) override; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_discovery_service.cc ================================================ #include "common/upstream/health_discovery_service.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/service/health/v3/hds.pb.h" #include "envoy/service/health/v3/hds.pb.validate.h" #include "envoy/stats/scope.h" #include "common/config/version_converter.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * TODO(lilika): Add API knob for RetryInitialDelayMilliseconds * and RetryMaxDelayMilliseconds, instead of hardcoding them. * * Parameters of the jittered backoff strategy that defines how often * we retry to establish a stream to the management server */ static constexpr uint32_t RetryInitialDelayMilliseconds = 1000; static constexpr uint32_t RetryMaxDelayMilliseconds = 30000; HdsDelegate::HdsDelegate(Stats::Scope& scope, Grpc::RawAsyncClientPtr async_client, envoy::config::core::v3::ApiVersion transport_api_version, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Envoy::Stats::Store& stats, Ssl::ContextManager& ssl_context_manager, ClusterInfoFactory& info_factory, AccessLog::AccessLogManager& access_log_manager, ClusterManager& cm, const LocalInfo::LocalInfo& local_info, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : stats_{ALL_HDS_STATS(POOL_COUNTER_PREFIX(scope, "hds_delegate."))}, service_method_(Grpc::VersionedMethods( "envoy.service.health.v3.HealthDiscoveryService.StreamHealthCheck", "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck") .getMethodDescriptorForVersion(transport_api_version)), async_client_(std::move(async_client)), transport_api_version_(transport_api_version), dispatcher_(dispatcher), runtime_(runtime), store_stats_(stats), ssl_context_manager_(ssl_context_manager), info_factory_(info_factory), access_log_manager_(access_log_manager), cm_(cm), local_info_(local_info), admin_(admin), singleton_manager_(singleton_manager), tls_(tls), validation_visitor_(validation_visitor), api_(api) { health_check_request_.mutable_health_check_request()->mutable_node()->MergeFrom( local_info_.node()); backoff_strategy_ = std::make_unique( RetryInitialDelayMilliseconds, RetryMaxDelayMilliseconds, api_.randomGenerator()); hds_retry_timer_ = dispatcher.createTimer([this]() -> void { establishNewStream(); }); hds_stream_response_timer_ = dispatcher.createTimer([this]() -> void { sendResponse(); }); // TODO(lilika): Add support for other types of healthchecks health_check_request_.mutable_health_check_request() ->mutable_capability() ->add_health_check_protocols(envoy::service::health::v3::Capability::HTTP); health_check_request_.mutable_health_check_request() ->mutable_capability() ->add_health_check_protocols(envoy::service::health::v3::Capability::TCP); establishNewStream(); } void HdsDelegate::setHdsRetryTimer() { const auto retry_ms = std::chrono::milliseconds(backoff_strategy_->nextBackOffMs()); ENVOY_LOG(warn, "HdsDelegate stream/connection failure, will retry in {} ms.", retry_ms.count()); hds_retry_timer_->enableTimer(retry_ms); } void HdsDelegate::setHdsStreamResponseTimer() { hds_stream_response_timer_->enableTimer(std::chrono::milliseconds(server_response_ms_)); } void HdsDelegate::establishNewStream() { ENVOY_LOG(debug, "Establishing new gRPC bidi stream for {}", service_method_.DebugString()); stream_ = async_client_->start(service_method_, *this, Http::AsyncClient::StreamOptions()); if (stream_ == nullptr) { ENVOY_LOG(warn, "Unable to establish new stream"); handleFailure(); return; } Config::VersionConverter::prepareMessageForGrpcWire(health_check_request_, transport_api_version_); ENVOY_LOG(debug, "Sending HealthCheckRequest {} ", health_check_request_.DebugString()); stream_->sendMessage(health_check_request_, false); stats_.responses_.inc(); backoff_strategy_->reset(); } void HdsDelegate::handleFailure() { stats_.errors_.inc(); setHdsRetryTimer(); } // TODO(lilika): Add support for the same endpoint in different clusters/ports envoy::service::health::v3::HealthCheckRequestOrEndpointHealthResponse HdsDelegate::sendResponse() { envoy::service::health::v3::HealthCheckRequestOrEndpointHealthResponse response; for (const auto& cluster : hds_clusters_) { // Add cluster health response and set name. auto* cluster_health = response.mutable_endpoint_health_response()->add_cluster_endpoints_health(); cluster_health->set_cluster_name(cluster->info()->name()); // Iterate through all hosts in our priority set. for (const auto& hosts : cluster->prioritySet().hostSetsPerPriority()) { // Get a grouping of hosts by locality. for (const auto& locality_hosts : hosts->hostsPerLocality().get()) { // For this locality, add the response grouping. envoy::service::health::v3::LocalityEndpointsHealth* locality_health = cluster_health->add_locality_endpoints_health(); locality_health->mutable_locality()->MergeFrom(locality_hosts[0]->locality()); // Add all hosts to this locality. for (const auto& host : locality_hosts) { // Add this endpoint's health status to this locality grouping. auto* endpoint = locality_health->add_endpoints_health(); Network::Utility::addressToProtobufAddress( *host->address(), *endpoint->mutable_endpoint()->mutable_address()); // TODO(lilika): Add support for more granular options of // envoy::config::core::v3::HealthStatus if (host->health() == Host::Health::Healthy) { endpoint->set_health_status(envoy::config::core::v3::HEALTHY); } else { switch (host->getActiveHealthFailureType()) { case Host::ActiveHealthFailureType::TIMEOUT: endpoint->set_health_status(envoy::config::core::v3::TIMEOUT); break; case Host::ActiveHealthFailureType::UNHEALTHY: case Host::ActiveHealthFailureType::UNKNOWN: endpoint->set_health_status(envoy::config::core::v3::UNHEALTHY); break; default: NOT_REACHED_GCOVR_EXCL_LINE; break; } } // TODO(drewsortega): remove this once we are on v4 and endpoint_health_response is // removed. Copy this endpoint's health info to the legacy flat-list. response.mutable_endpoint_health_response()->add_endpoints_health()->MergeFrom(*endpoint); } } } } ENVOY_LOG(debug, "Sending EndpointHealthResponse to server {}", response.DebugString()); stream_->sendMessage(response, false); stats_.responses_.inc(); setHdsStreamResponseTimer(); return response; } void HdsDelegate::onCreateInitialMetadata(Http::RequestHeaderMap& metadata) { UNREFERENCED_PARAMETER(metadata); } void HdsDelegate::onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) { UNREFERENCED_PARAMETER(metadata); } void HdsDelegate::processMessage( std::unique_ptr&& message) { ENVOY_LOG(debug, "New health check response message {} ", message->DebugString()); ASSERT(message); for (const auto& cluster_health_check : message->cluster_health_checks()) { // Create HdsCluster config static const envoy::config::core::v3::BindConfig bind_config; envoy::config::cluster::v3::Cluster cluster_config; cluster_config.set_name(cluster_health_check.cluster_name()); cluster_config.mutable_connect_timeout()->set_seconds(ClusterTimeoutSeconds); cluster_config.mutable_per_connection_buffer_limit_bytes()->set_value( ClusterConnectionBufferLimitBytes); // Add endpoints to cluster for (const auto& locality_endpoints : cluster_health_check.locality_endpoints()) { // add endpoint group by locality to config auto* endpoints = cluster_config.mutable_load_assignment()->add_endpoints(); // if this group contains locality information, save it. if (locality_endpoints.has_locality()) { endpoints->mutable_locality()->MergeFrom(locality_endpoints.locality()); } // add all endpoints for this locality group to the config for (const auto& endpoint : locality_endpoints.endpoints()) { endpoints->add_lb_endpoints()->mutable_endpoint()->mutable_address()->MergeFrom( endpoint.address()); } } // TODO(lilika): Add support for optional per-endpoint health checks // Add healthchecks to cluster for (auto& health_check : cluster_health_check.health_checks()) { cluster_config.add_health_checks()->MergeFrom(health_check); } // Add transport_socket_match to cluster for use in host connections. cluster_config.mutable_transport_socket_matches()->MergeFrom( cluster_health_check.transport_socket_matches()); ENVOY_LOG(debug, "New HdsCluster config {} ", cluster_config.DebugString()); // Create HdsCluster hds_clusters_.emplace_back(new HdsCluster(admin_, runtime_, std::move(cluster_config), bind_config, store_stats_, ssl_context_manager_, false, info_factory_, cm_, local_info_, dispatcher_, singleton_manager_, tls_, validation_visitor_, api_)); hds_clusters_.back()->initialize([] {}); hds_clusters_.back()->startHealthchecks(access_log_manager_, runtime_, dispatcher_, api_); } } // TODO(lilika): Add support for subsequent HealthCheckSpecifier messages that // might modify the HdsClusters void HdsDelegate::onReceiveMessage( std::unique_ptr&& message) { stats_.requests_.inc(); ENVOY_LOG(debug, "New health check response message {} ", message->DebugString()); // Validate message fields try { MessageUtil::validate(*message, validation_visitor_); } catch (const ProtoValidationException& ex) { // Increment error count stats_.errors_.inc(); ENVOY_LOG(warn, "Unable to validate health check specifier: {}", ex.what()); // Do not continue processing message return; } // Reset hds_clusters_.clear(); // Set response auto server_response_ms = PROTOBUF_GET_MS_OR_DEFAULT(*message, interval, 1000); // Process the HealthCheckSpecifier message. processMessage(std::move(message)); if (server_response_ms_ != server_response_ms) { server_response_ms_ = server_response_ms; setHdsStreamResponseTimer(); } } void HdsDelegate::onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) { UNREFERENCED_PARAMETER(metadata); } void HdsDelegate::onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) { ENVOY_LOG(warn, "{} gRPC config stream closed: {}, {}", service_method_.name(), status, message); hds_stream_response_timer_->disableTimer(); stream_ = nullptr; server_response_ms_ = 0; handleFailure(); } HdsCluster::HdsCluster(Server::Admin& admin, Runtime::Loader& runtime, envoy::config::cluster::v3::Cluster cluster, const envoy::config::core::v3::BindConfig& bind_config, Stats::Store& stats, Ssl::ContextManager& ssl_context_manager, bool added_via_api, ClusterInfoFactory& info_factory, ClusterManager& cm, const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : runtime_(runtime), cluster_(std::move(cluster)), bind_config_(bind_config), stats_(stats), ssl_context_manager_(ssl_context_manager), added_via_api_(added_via_api), initial_hosts_(new HostVector()), validation_visitor_(validation_visitor) { ENVOY_LOG(debug, "Creating an HdsCluster"); priority_set_.getOrCreateHostSet(0); info_ = info_factory.createClusterInfo( {admin, runtime_, cluster_, bind_config_, stats_, ssl_context_manager_, added_via_api_, cm, local_info, dispatcher, singleton_manager, tls, validation_visitor, api}); // Temporary structure to hold Host pointers grouped by locality, to build // initial_hosts_per_locality_. std::vector hosts_by_locality; hosts_by_locality.reserve(cluster_.load_assignment().endpoints_size()); // Iterate over every endpoint in every cluster. for (const auto& locality_endpoints : cluster_.load_assignment().endpoints()) { // Add a locality grouping to the hosts sorted by locality. hosts_by_locality.emplace_back(); hosts_by_locality.back().reserve(locality_endpoints.lb_endpoints_size()); for (const auto& host : locality_endpoints.lb_endpoints()) { // Initialize an endpoint host object. HostSharedPtr endpoint = std::make_shared( info_, "", Network::Address::resolveProtoAddress(host.endpoint().address()), nullptr, 1, locality_endpoints.locality(), envoy::config::endpoint::v3::Endpoint::HealthCheckConfig().default_instance(), 0, envoy::config::core::v3::UNKNOWN); // Add this host/endpoint pointer to our flat list of endpoints for health checking. initial_hosts_->push_back(endpoint); // Add this host/endpoint pointer to our structured list by locality so results can be // requested by locality. hosts_by_locality.back().push_back(endpoint); } } // Create the HostsPerLocality. initial_hosts_per_locality_ = std::make_shared(std::move(hosts_by_locality), false); } ClusterSharedPtr HdsCluster::create() { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } ClusterInfoConstSharedPtr ProdClusterInfoFactory::createClusterInfo(const CreateClusterInfoParams& params) { Envoy::Stats::ScopePtr scope = params.stats_.createScope(fmt::format("cluster.{}.", params.cluster_.name())); Envoy::Server::Configuration::TransportSocketFactoryContextImpl factory_context( params.admin_, params.ssl_context_manager_, *scope, params.cm_, params.local_info_, params.dispatcher_, params.stats_, params.singleton_manager_, params.tls_, params.validation_visitor_, params.api_); // TODO(JimmyCYJ): Support SDS for HDS cluster. Network::TransportSocketFactoryPtr socket_factory = Upstream::createTransportSocketFactory(params.cluster_, factory_context); auto socket_matcher = std::make_unique( params.cluster_.transport_socket_matches(), factory_context, socket_factory, *scope); return std::make_unique(params.cluster_, params.bind_config_, params.runtime_, std::move(socket_matcher), std::move(scope), params.added_via_api_, factory_context); } void HdsCluster::startHealthchecks(AccessLog::AccessLogManager& access_log_manager, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, Api::Api& api) { for (auto& health_check : cluster_.health_checks()) { health_checkers_.push_back(Upstream::HealthCheckerFactory::create( health_check, *this, runtime, dispatcher, access_log_manager, validation_visitor_, api)); health_checkers_.back()->start(); } } void HdsCluster::initialize(std::function callback) { initialization_complete_callback_ = callback; for (const auto& host : *initial_hosts_) { host->healthFlagSet(Host::HealthFlag::FAILED_ACTIVE_HC); } // Use the ungrouped and grouped hosts lists to retain locality structure in the priority set. priority_set_.updateHosts( 0, HostSetImpl::partitionHosts(initial_hosts_, initial_hosts_per_locality_), {}, *initial_hosts_, {}, absl::nullopt); } void HdsCluster::setOutlierDetector(const Outlier::DetectorSharedPtr&) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/health_discovery_service.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/server/transport_socket_config.h" #include "envoy/service/health/v3/hds.pb.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/upstream.h" #include "common/common/backoff_strategy.h" #include "common/common/logger.h" #include "common/common/macros.h" #include "common/config/utility.h" #include "common/grpc/async_client_impl.h" #include "common/network/resolver_impl.h" #include "common/upstream/health_checker_impl.h" #include "common/upstream/upstream_impl.h" #include "server/transport_socket_config_impl.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Upstream { class ProdClusterInfoFactory : public ClusterInfoFactory, Logger::Loggable { public: ClusterInfoConstSharedPtr createClusterInfo(const CreateClusterInfoParams& params) override; }; // TODO(lilika): Add HdsClusters to the /clusters endpoint to get detailed stats about each HC host. /** * Implementation of Upstream::Cluster for hds clusters, clusters that are used * by HdsDelegates */ class HdsCluster : public Cluster, Logger::Loggable { public: static ClusterSharedPtr create(); HdsCluster(Server::Admin& admin, Runtime::Loader& runtime, envoy::config::cluster::v3::Cluster cluster, const envoy::config::core::v3::BindConfig& bind_config, Stats::Store& stats, Ssl::ContextManager& ssl_context_manager, bool added_via_api, ClusterInfoFactory& info_factory, ClusterManager& cm, const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); // Upstream::Cluster InitializePhase initializePhase() const override { return InitializePhase::Primary; } PrioritySet& prioritySet() override { return priority_set_; } const PrioritySet& prioritySet() const override { return priority_set_; } void setOutlierDetector(const Outlier::DetectorSharedPtr& outlier_detector); HealthChecker* healthChecker() override { return health_checker_.get(); } ClusterInfoConstSharedPtr info() const override { return info_; } Outlier::Detector* outlierDetector() override { return outlier_detector_.get(); } const Outlier::Detector* outlierDetector() const override { return outlier_detector_.get(); } void initialize(std::function callback) override; // Creates and starts healthcheckers to its endpoints void startHealthchecks(AccessLog::AccessLogManager& access_log_manager, Runtime::Loader& runtime, Event::Dispatcher& dispatcher, Api::Api& api); std::vector healthCheckers() { return health_checkers_; }; protected: PrioritySetImpl priority_set_; HealthCheckerSharedPtr health_checker_; Outlier::DetectorSharedPtr outlier_detector_; private: std::function initialization_complete_callback_; Runtime::Loader& runtime_; const envoy::config::cluster::v3::Cluster cluster_; const envoy::config::core::v3::BindConfig& bind_config_; Stats::Store& stats_; Ssl::ContextManager& ssl_context_manager_; bool added_via_api_; HostVectorSharedPtr initial_hosts_; HostsPerLocalitySharedPtr initial_hosts_per_locality_; ClusterInfoConstSharedPtr info_; std::vector health_checkers_; ProtobufMessage::ValidationVisitor& validation_visitor_; }; using HdsClusterPtr = std::shared_ptr; /** * All hds stats. @see stats_macros.h */ #define ALL_HDS_STATS(COUNTER) \ COUNTER(requests) \ COUNTER(responses) \ COUNTER(errors) /** * Struct definition for all hds stats. @see stats_macros.h */ struct HdsDelegateStats { ALL_HDS_STATS(GENERATE_COUNTER_STRUCT) }; // TODO(lilika): Add /config_dump support for HdsDelegate /** * The HdsDelegate class is responsible for receiving requests from a management * server with a set of hosts to healthcheck, healthchecking them, and reporting * back the results. */ class HdsDelegate : Grpc::AsyncStreamCallbacks, Logger::Loggable { public: HdsDelegate(Stats::Scope& scope, Grpc::RawAsyncClientPtr async_client, envoy::config::core::v3::ApiVersion transport_api_version, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Envoy::Stats::Store& stats, Ssl::ContextManager& ssl_context_manager, ClusterInfoFactory& info_factory, AccessLog::AccessLogManager& access_log_manager, ClusterManager& cm, const LocalInfo::LocalInfo& local_info, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) override; void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) override; void onReceiveMessage( std::unique_ptr&& message) override; void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) override; void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; envoy::service::health::v3::HealthCheckRequestOrEndpointHealthResponse sendResponse(); std::vector hdsClusters() { return hds_clusters_; }; private: friend class HdsDelegateFriend; void setHdsRetryTimer(); void setHdsStreamResponseTimer(); void handleFailure(); // Establishes a connection with the management server void establishNewStream(); void processMessage(std::unique_ptr&& message); HdsDelegateStats stats_; const Protobuf::MethodDescriptor& service_method_; Grpc::AsyncClient async_client_; const envoy::config::core::v3::ApiVersion transport_api_version_; Grpc::AsyncStream stream_{}; Event::Dispatcher& dispatcher_; Runtime::Loader& runtime_; Envoy::Stats::Store& store_stats_; Ssl::ContextManager& ssl_context_manager_; ClusterInfoFactory& info_factory_; AccessLog::AccessLogManager& access_log_manager_; ClusterManager& cm_; const LocalInfo::LocalInfo& local_info_; Server::Admin& admin_; Singleton::Manager& singleton_manager_; ThreadLocal::SlotAllocator& tls_; envoy::service::health::v3::HealthCheckRequestOrEndpointHealthResponse health_check_request_; std::unique_ptr health_check_message_; std::vector clusters_; std::vector hds_clusters_; Event::TimerPtr hds_stream_response_timer_; Event::TimerPtr hds_retry_timer_; BackOffStrategyPtr backoff_strategy_; // Soft limit on size of the cluster’s connections read and write buffers. static constexpr uint32_t ClusterConnectionBufferLimitBytes = 32768; // TODO(lilika): Add API knob for ClusterTimeoutSeconds, instead of // hardcoding it. // The timeout for new network connections to hosts in the cluster. static constexpr uint32_t ClusterTimeoutSeconds = 1; // How often envoy reports the healthcheck results to the server uint32_t server_response_ms_ = 0; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; }; using HdsDelegatePtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/host_utility.cc ================================================ #include "common/upstream/host_utility.h" #include namespace Envoy { namespace Upstream { namespace { void setHealthFlag(Upstream::Host::HealthFlag flag, const Host& host, std::string& health_status) { switch (flag) { case Host::HealthFlag::FAILED_ACTIVE_HC: { if (host.healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC)) { health_status += "/failed_active_hc"; } break; } case Host::HealthFlag::FAILED_OUTLIER_CHECK: { if (host.healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { health_status += "/failed_outlier_check"; } break; } case Host::HealthFlag::FAILED_EDS_HEALTH: { if (host.healthFlagGet(Host::HealthFlag::FAILED_EDS_HEALTH)) { health_status += "/failed_eds_health"; } break; } case Host::HealthFlag::DEGRADED_ACTIVE_HC: { if (host.healthFlagGet(Host::HealthFlag::DEGRADED_ACTIVE_HC)) { health_status += "/degraded_active_hc"; } break; } case Host::HealthFlag::DEGRADED_EDS_HEALTH: { if (host.healthFlagGet(Host::HealthFlag::DEGRADED_EDS_HEALTH)) { health_status += "/degraded_eds_health"; } break; } case Host::HealthFlag::PENDING_DYNAMIC_REMOVAL: { if (host.healthFlagGet(Host::HealthFlag::PENDING_DYNAMIC_REMOVAL)) { health_status += "/pending_dynamic_removal"; } break; } case Host::HealthFlag::PENDING_ACTIVE_HC: { if (host.healthFlagGet(Host::HealthFlag::PENDING_ACTIVE_HC)) { health_status += "/pending_active_hc"; } break; } } } } // namespace std::string HostUtility::healthFlagsToString(const Host& host) { std::string health_status; // Invokes setHealthFlag for each health flag. #define SET_HEALTH_FLAG(name, notused) \ setHealthFlag(Upstream::Host::HealthFlag::name, host, health_status); HEALTH_FLAG_ENUM_VALUES(SET_HEALTH_FLAG) #undef SET_HEALTH_FLAG if (health_status.empty()) { return "healthy"; } else { return health_status; } } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/host_utility.h ================================================ #pragma once #include #include "envoy/upstream/upstream.h" namespace Envoy { namespace Upstream { /** * Utility functions for hosts. */ class HostUtility { public: /** * Convert a host's health flags into a debug string. */ static std::string healthFlagsToString(const Host& host); }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/load_balancer_impl.cc ================================================ #include "common/upstream/load_balancer_impl.h" #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/protobuf/utility.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Upstream { namespace { static const std::string RuntimeZoneEnabled = "upstream.zone_routing.enabled"; static const std::string RuntimeMinClusterSize = "upstream.zone_routing.min_cluster_size"; static const std::string RuntimePanicThreshold = "upstream.healthy_panic_threshold"; // Distributes load between priorities based on the per priority availability and the normalized // total availability. Load is assigned to each priority according to how available each priority is // adjusted for the normalized total availability. // // @param per_priority_load vector of loads that should be populated. // @param per_priority_availability the percentage availability of each priority, used to determine // how much load each priority can handle. // @param total_load the amount of load that may be distributed. Will be updated with the amount of // load remaining after distribution. // @param normalized_total_availability the total availability, up to a max of 100. Used to // scale the load when the total availability is less than 100%. // @return the first available priority and the remaining load std::pair distributeLoad(PriorityLoad& per_priority_load, const PriorityAvailability& per_priority_availability, size_t total_load, size_t normalized_total_availability) { int32_t first_available_priority = -1; for (size_t i = 0; i < per_priority_availability.get().size(); ++i) { if (first_available_priority < 0 && per_priority_availability.get()[i] > 0) { first_available_priority = i; } // Now assign as much load as possible to the high priority levels and cease assigning load // when total_load runs out. per_priority_load.get()[i] = std::min( total_load, per_priority_availability.get()[i] * 100 / normalized_total_availability); total_load -= per_priority_load.get()[i]; } return {first_available_priority, total_load}; } // Returns true if the weights of all the hosts in the HostVector are equal. bool hostWeightsAreEqual(const HostVector& hosts) { if (hosts.size() <= 1) { return true; } const uint32_t weight = hosts[0]->weight(); for (size_t i = 1; i < hosts.size(); ++i) { if (hosts[i]->weight() != weight) { return false; } } return true; } } // namespace std::pair LoadBalancerBase::choosePriority(uint64_t hash, const HealthyLoad& healthy_per_priority_load, const DegradedLoad& degraded_per_priority_load) { hash = hash % 100 + 1; // 1-100 uint32_t aggregate_percentage_load = 0; // As with tryChooseLocalLocalityHosts, this can be refactored for efficiency // but O(N) is good enough for now given the expected number of priorities is // small. // We first attempt to select a priority based on healthy availability. for (size_t priority = 0; priority < healthy_per_priority_load.get().size(); ++priority) { aggregate_percentage_load += healthy_per_priority_load.get()[priority]; if (hash <= aggregate_percentage_load) { return {static_cast(priority), HostAvailability::Healthy}; } } // If no priorities were selected due to health, we'll select a priority based degraded // availability. for (size_t priority = 0; priority < degraded_per_priority_load.get().size(); ++priority) { aggregate_percentage_load += degraded_per_priority_load.get()[priority]; if (hash <= aggregate_percentage_load) { return {static_cast(priority), HostAvailability::Degraded}; } } // The percentages should always add up to 100 but we have to have a return for the compiler. NOT_REACHED_GCOVR_EXCL_LINE; } LoadBalancerBase::LoadBalancerBase( const PrioritySet& priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : stats_(stats), runtime_(runtime), random_(random), default_healthy_panic_percent_(PROTOBUF_PERCENT_TO_ROUNDED_INTEGER_OR_DEFAULT( common_config, healthy_panic_threshold, 100, 50)), priority_set_(priority_set) { for (auto& host_set : priority_set_.hostSetsPerPriority()) { recalculatePerPriorityState(host_set->priority(), priority_set_, per_priority_load_, per_priority_health_, per_priority_degraded_); } // Recalculate panic mode for all levels. recalculatePerPriorityPanic(); priority_set_.addPriorityUpdateCb( [this](uint32_t priority, const HostVector&, const HostVector&) -> void { recalculatePerPriorityState(priority, priority_set_, per_priority_load_, per_priority_health_, per_priority_degraded_); }); priority_set_.addPriorityUpdateCb( [this](uint32_t priority, const HostVector&, const HostVector&) -> void { UNREFERENCED_PARAMETER(priority); recalculatePerPriorityPanic(); stashed_random_.clear(); }); } // The following cases are handled by // recalculatePerPriorityState and recalculatePerPriorityPanic methods (normalized total health is // sum of all priorities' health values and capped at 100). // - normalized total health is = 100%. It means there are enough healthy hosts to handle the load. // Do not enter panic mode, even if a specific priority has low number of healthy hosts. // - normalized total health is < 100%. There are not enough healthy hosts to handle the load. // Continue distributing the load among priority sets, but turn on panic mode for a given priority // if # of healthy hosts in priority set is low. // - all host sets are in panic mode. Situation called TotalPanic. Load distribution is // calculated based on the number of hosts in each priority regardless of their health. // - all hosts in all priorities are down (normalized total health is 0%). If panic // threshold > 0% the cluster is in TotalPanic (see above). If panic threshold == 0 // then priorities are not in panic, but there are no healthy hosts to route to. // In this case just mark P=0 as recipient of 100% of the traffic (nothing will be routed // to P=0 anyways as there are no healthy hosts there). void LoadBalancerBase::recalculatePerPriorityState(uint32_t priority, const PrioritySet& priority_set, HealthyAndDegradedLoad& per_priority_load, HealthyAvailability& per_priority_health, DegradedAvailability& per_priority_degraded) { per_priority_load.healthy_priority_load_.get().resize(priority_set.hostSetsPerPriority().size()); per_priority_load.degraded_priority_load_.get().resize(priority_set.hostSetsPerPriority().size()); per_priority_health.get().resize(priority_set.hostSetsPerPriority().size()); per_priority_degraded.get().resize(priority_set.hostSetsPerPriority().size()); // Determine the health of the newly modified priority level. // Health ranges from 0-100, and is the ratio of healthy/degraded hosts to total hosts, modified // by the overprovisioning factor. HostSet& host_set = *priority_set.hostSetsPerPriority()[priority]; per_priority_health.get()[priority] = 0; per_priority_degraded.get()[priority] = 0; const auto host_count = host_set.hosts().size() - host_set.excludedHosts().size(); if (host_count > 0) { // Each priority level's health is ratio of healthy hosts to total number of hosts in a priority // multiplied by overprovisioning factor of 1.4 and capped at 100%. It means that if all // hosts are healthy that priority's health is 100%*1.4=140% and is capped at 100% which results // in 100%. If 80% of hosts are healthy, that priority's health is still 100% (80%*1.4=112% and // capped at 100%). per_priority_health.get()[priority] = std::min( 100, (host_set.overprovisioningFactor() * host_set.healthyHosts().size() / host_count)); // We perform the same computation for degraded hosts. per_priority_degraded.get()[priority] = std::min( 100, (host_set.overprovisioningFactor() * host_set.degradedHosts().size() / host_count)); } // Now that we've updated health for the changed priority level, we need to calculate percentage // load for all priority levels. // First, determine if the load needs to be scaled relative to availability (healthy + degraded). // For example if there are 3 host sets with 10% / 20% / 10% health and 20% / 10% / 0% degraded // they will get 16% / 28% / 14% load to healthy hosts and 28% / 14% / 0% load to degraded hosts // to ensure total load adds up to 100. Note the first healthy priority is receiving 2% additional // load due to rounding. // // Sum of priority levels' health and degraded values may exceed 100, so it is capped at 100 and // referred as normalized total availability. const uint32_t normalized_total_availability = calculateNormalizedTotalAvailability(per_priority_health, per_priority_degraded); if (normalized_total_availability == 0) { // Everything is terrible. There is nothing to calculate here. // Let recalculatePerPriorityPanic and recalculateLoadInTotalPanic deal with // load calculation. return; } // We start of with a total load of 100 and distribute it between priorities based on // availability. We first attempt to distribute this load to healthy priorities based on healthy // availability. const auto first_healthy_and_remaining = distributeLoad(per_priority_load.healthy_priority_load_, per_priority_health, 100, normalized_total_availability); // Using the remaining load after allocating load to healthy priorities, distribute it based on // degraded availability. const auto remaining_load_for_degraded = first_healthy_and_remaining.second; const auto first_degraded_and_remaining = distributeLoad(per_priority_load.degraded_priority_load_, per_priority_degraded, remaining_load_for_degraded, normalized_total_availability); // Anything that remains should just be rounding errors, so allocate that to the first available // priority, either as healthy or degraded. const auto remaining_load = first_degraded_and_remaining.second; if (remaining_load != 0) { const auto first_healthy = first_healthy_and_remaining.first; const auto first_degraded = first_degraded_and_remaining.first; ASSERT(first_healthy != -1 || first_degraded != -1); // Attempt to allocate the remainder to the first healthy priority first. If no such priority // exist, allocate to the first degraded priority. ASSERT(remaining_load < per_priority_load.healthy_priority_load_.get().size() + per_priority_load.degraded_priority_load_.get().size()); if (first_healthy != -1) { per_priority_load.healthy_priority_load_.get()[first_healthy] += remaining_load; } else { per_priority_load.degraded_priority_load_.get()[first_degraded] += remaining_load; } } // The allocated load between healthy and degraded should be exactly 100. ASSERT(100 == std::accumulate(per_priority_load.healthy_priority_load_.get().begin(), per_priority_load.healthy_priority_load_.get().end(), 0) + std::accumulate(per_priority_load.degraded_priority_load_.get().begin(), per_priority_load.degraded_priority_load_.get().end(), 0)); } // Method iterates through priority levels and turns on/off panic mode. void LoadBalancerBase::recalculatePerPriorityPanic() { per_priority_panic_.resize(priority_set_.hostSetsPerPriority().size()); const uint32_t normalized_total_availability = calculateNormalizedTotalAvailability(per_priority_health_, per_priority_degraded_); const uint64_t panic_threshold = std::min( 100, runtime_.snapshot().getInteger(RuntimePanicThreshold, default_healthy_panic_percent_)); // This is corner case when panic is disabled and there is no hosts available. // LoadBalancerBase::choosePriority method expects that the sum of // load percentages always adds up to 100. // To satisfy that requirement 100% is assigned to P=0. // In reality no traffic will be routed to P=0 priority, because // the panic mode is disabled and LoadBalancer will try to find // a healthy node and none is available. if (panic_threshold == 0 && normalized_total_availability == 0) { per_priority_load_.healthy_priority_load_.get()[0] = 100; return; } bool total_panic = true; for (size_t i = 0; i < per_priority_health_.get().size(); ++i) { // For each level check if it should run in panic mode. Never set panic mode if // normalized total health is 100%, even when individual priority level has very low # of // healthy hosts. const HostSet& priority_host_set = *priority_set_.hostSetsPerPriority()[i]; per_priority_panic_[i] = (normalized_total_availability == 100 ? false : isHostSetInPanic(priority_host_set)); total_panic = total_panic && per_priority_panic_[i]; } // If all priority levels are in panic mode, load distribution // is done differently. if (total_panic) { recalculateLoadInTotalPanic(); } } // recalculateLoadInTotalPanic method is called when all priority levels // are in panic mode. The load distribution is done NOT based on number // of healthy hosts in the priority, but based on number of hosts // in each priority regardless of its health. void LoadBalancerBase::recalculateLoadInTotalPanic() { // First calculate total number of hosts across all priorities regardless // whether they are healthy or not. const uint32_t total_hosts_count = std::accumulate(priority_set_.hostSetsPerPriority().begin(), priority_set_.hostSetsPerPriority().end(), static_cast(0), [](size_t acc, const std::unique_ptr& host_set) { return acc + host_set->hosts().size(); }); if (0 == total_hosts_count) { // Backend is empty, but load must be distributed somewhere. per_priority_load_.healthy_priority_load_.get()[0] = 100; return; } // Now iterate through all priority levels and calculate how much // load is supposed to go to each priority. In panic mode the calculation // is based not on the number of healthy hosts but based on the number of // total hosts in the priority. uint32_t total_load = 100; int32_t first_noempty = -1; for (size_t i = 0; i < per_priority_panic_.size(); i++) { const HostSet& host_set = *priority_set_.hostSetsPerPriority()[i]; const auto hosts_num = host_set.hosts().size(); if ((-1 == first_noempty) && (0 != hosts_num)) { first_noempty = i; } const uint32_t priority_load = 100 * hosts_num / total_hosts_count; per_priority_load_.healthy_priority_load_.get()[i] = priority_load; per_priority_load_.degraded_priority_load_.get()[i] = 0; total_load -= priority_load; } // Add the remaining load to the first not empty load. per_priority_load_.healthy_priority_load_.get()[first_noempty] += total_load; // The total load should come up to 100%. ASSERT(100 == std::accumulate(per_priority_load_.healthy_priority_load_.get().begin(), per_priority_load_.healthy_priority_load_.get().end(), 0)); } std::pair LoadBalancerBase::chooseHostSet(LoadBalancerContext* context, uint64_t hash) const { if (context) { const auto priority_loads = context->determinePriorityLoad( priority_set_, per_priority_load_, Upstream::RetryPriority::defaultPriorityMapping); const auto priority_and_source = choosePriority(hash, priority_loads.healthy_priority_load_, priority_loads.degraded_priority_load_); return {*priority_set_.hostSetsPerPriority()[priority_and_source.first], priority_and_source.second}; } const auto priority_and_source = choosePriority(hash, per_priority_load_.healthy_priority_load_, per_priority_load_.degraded_priority_load_); return {*priority_set_.hostSetsPerPriority()[priority_and_source.first], priority_and_source.second}; } ZoneAwareLoadBalancerBase::ZoneAwareLoadBalancerBase( const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : LoadBalancerBase(priority_set, stats, runtime, random, common_config), local_priority_set_(local_priority_set), routing_enabled_(PROTOBUF_PERCENT_TO_ROUNDED_INTEGER_OR_DEFAULT( common_config.zone_aware_lb_config(), routing_enabled, 100, 100)), min_cluster_size_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(common_config.zone_aware_lb_config(), min_cluster_size, 6U)), fail_traffic_on_panic_(common_config.zone_aware_lb_config().fail_traffic_on_panic()) { ASSERT(!priority_set.hostSetsPerPriority().empty()); resizePerPriorityState(); priority_set_.addPriorityUpdateCb( [this](uint32_t priority, const HostVector&, const HostVector&) -> void { // Make sure per_priority_state_ is as large as priority_set_.hostSetsPerPriority() resizePerPriorityState(); // If P=0 changes, regenerate locality routing structures. Locality based routing is // disabled at all other levels. if (local_priority_set_ && priority == 0) { regenerateLocalityRoutingStructures(); } }); if (local_priority_set_) { // Multiple priorities are unsupported for local priority sets. // In order to support priorities correctly, one would have to make some assumptions about // routing (all local Envoys fail over at the same time) and use all priorities when computing // the locality routing structure. ASSERT(local_priority_set_->hostSetsPerPriority().size() == 1); local_priority_set_member_update_cb_handle_ = local_priority_set_->addPriorityUpdateCb( [this](uint32_t priority, const HostVector&, const HostVector&) -> void { ASSERT(priority == 0); // If the set of local Envoys changes, regenerate routing for P=0 as it does priority // based routing. regenerateLocalityRoutingStructures(); }); } } ZoneAwareLoadBalancerBase::~ZoneAwareLoadBalancerBase() { if (local_priority_set_member_update_cb_handle_ != nullptr) { local_priority_set_member_update_cb_handle_->remove(); } } void ZoneAwareLoadBalancerBase::regenerateLocalityRoutingStructures() { ASSERT(local_priority_set_); stats_.lb_recalculate_zone_structures_.inc(); // resizePerPriorityState should ensure these stay in sync. ASSERT(per_priority_state_.size() == priority_set_.hostSetsPerPriority().size()); // We only do locality routing for P=0 uint32_t priority = 0; PerPriorityState& state = *per_priority_state_[priority]; // Do not perform any calculations if we cannot perform locality routing based on non runtime // params. if (earlyExitNonLocalityRouting()) { state.locality_routing_state_ = LocalityRoutingState::NoLocalityRouting; return; } HostSet& host_set = *priority_set_.hostSetsPerPriority()[priority]; ASSERT(host_set.healthyHostsPerLocality().hasLocalLocality()); const size_t num_localities = host_set.healthyHostsPerLocality().get().size(); ASSERT(num_localities > 0); // It is worth noting that all of the percentages calculated are orthogonal from // how much load this priority level receives, percentageLoad(priority). // // If the host sets are such that 20% of load is handled locally and 80% is residual, and then // half the hosts in all host sets go unhealthy, this priority set will // still send half of the incoming load to the local locality and 80% to residual. // // Basically, fairness across localities within a priority is guaranteed. Fairness across // localities across priorities is not. absl::FixedArray local_percentage(num_localities); calculateLocalityPercentage(localHostSet().healthyHostsPerLocality(), local_percentage.begin()); absl::FixedArray upstream_percentage(num_localities); calculateLocalityPercentage(host_set.healthyHostsPerLocality(), upstream_percentage.begin()); // If we have lower percent of hosts in the local cluster in the same locality, // we can push all of the requests directly to upstream cluster in the same locality. if (upstream_percentage[0] >= local_percentage[0]) { state.locality_routing_state_ = LocalityRoutingState::LocalityDirect; return; } state.locality_routing_state_ = LocalityRoutingState::LocalityResidual; // If we cannot route all requests to the same locality, calculate what percentage can be routed. // For example, if local percentage is 20% and upstream is 10% // we can route only 50% of requests directly. state.local_percent_to_route_ = upstream_percentage[0] * 10000 / local_percentage[0]; // Local locality does not have additional capacity (we have already routed what we could). // Now we need to figure out how much traffic we can route cross locality and to which exact // locality we should route. Percentage of requests routed cross locality to a specific locality // needed be proportional to the residual capacity upstream locality has. // // residual_capacity contains capacity left in a given locality, we keep accumulating residual // capacity to make search for sampled value easier. // For example, if we have the following upstream and local percentage: // local_percentage: 40000 40000 20000 // upstream_percentage: 25000 50000 25000 // Residual capacity would look like: 0 10000 5000. Now we need to sample proportionally to // bucket sizes (residual capacity). For simplicity of finding where specific // sampled value is, we accumulate values in residual capacity. This is what it will look like: // residual_capacity: 0 10000 15000 // Now to find a locality to route (bucket) we could simply iterate over residual_capacity // searching where sampled value is placed. state.residual_capacity_.resize(num_localities); // Local locality (index 0) does not have residual capacity as we have routed all we could. state.residual_capacity_[0] = 0; for (size_t i = 1; i < num_localities; ++i) { // Only route to the localities that have additional capacity. if (upstream_percentage[i] > local_percentage[i]) { state.residual_capacity_[i] = state.residual_capacity_[i - 1] + upstream_percentage[i] - local_percentage[i]; } else { // Locality with index "i" does not have residual capacity, but we keep accumulating previous // values to make search easier on the next step. state.residual_capacity_[i] = state.residual_capacity_[i - 1]; } } } void ZoneAwareLoadBalancerBase::resizePerPriorityState() { const uint32_t size = priority_set_.hostSetsPerPriority().size(); while (per_priority_state_.size() < size) { // Note for P!=0, PerPriorityState is created with NoLocalityRouting and never changed. per_priority_state_.push_back(std::make_unique()); } } bool ZoneAwareLoadBalancerBase::earlyExitNonLocalityRouting() { // We only do locality routing for P=0. HostSet& host_set = *priority_set_.hostSetsPerPriority()[0]; if (host_set.healthyHostsPerLocality().get().size() < 2) { return true; } // lb_local_cluster_not_ok is bumped for "Local host set is not set or it is // panic mode for local cluster". if (!host_set.healthyHostsPerLocality().hasLocalLocality() || host_set.healthyHostsPerLocality().get()[0].empty()) { stats_.lb_local_cluster_not_ok_.inc(); return true; } // Same number of localities should be for local and upstream cluster. if (host_set.healthyHostsPerLocality().get().size() != localHostSet().healthyHostsPerLocality().get().size()) { stats_.lb_zone_number_differs_.inc(); return true; } // Do not perform locality routing for small clusters. const uint64_t min_cluster_size = runtime_.snapshot().getInteger(RuntimeMinClusterSize, min_cluster_size_); if (host_set.healthyHosts().size() < min_cluster_size) { stats_.lb_zone_cluster_too_small_.inc(); return true; } return false; } HostConstSharedPtr LoadBalancerBase::chooseHost(LoadBalancerContext* context) { HostConstSharedPtr host; const size_t max_attempts = context ? context->hostSelectionRetryCount() + 1 : 1; for (size_t i = 0; i < max_attempts; ++i) { host = chooseHostOnce(context); // If host selection failed or the host is accepted by the filter, return. // Otherwise, try again. // Note: in the future we might want to allow retrying when chooseHostOnce returns nullptr. if (!host || !context || !context->shouldSelectAnotherHost(*host)) { return host; } } // If we didn't find anything, return the last host. return host; } bool LoadBalancerBase::isHostSetInPanic(const HostSet& host_set) const { uint64_t global_panic_threshold = std::min( 100, runtime_.snapshot().getInteger(RuntimePanicThreshold, default_healthy_panic_percent_)); const auto host_count = host_set.hosts().size() - host_set.excludedHosts().size(); double healthy_percent = host_count == 0 ? 0.0 : 100.0 * host_set.healthyHosts().size() / host_count; double degraded_percent = host_count == 0 ? 0.0 : 100.0 * host_set.degradedHosts().size() / host_count; // If the % of healthy hosts in the cluster is less than our panic threshold, we use all hosts. if ((healthy_percent + degraded_percent) < global_panic_threshold) { return true; } return false; } void ZoneAwareLoadBalancerBase::calculateLocalityPercentage( const HostsPerLocality& hosts_per_locality, uint64_t* ret) { uint64_t total_hosts = 0; for (const auto& locality_hosts : hosts_per_locality.get()) { total_hosts += locality_hosts.size(); } // TODO(snowp): Should we ignore excluded hosts here too? size_t i = 0; for (const auto& locality_hosts : hosts_per_locality.get()) { ret[i++] = total_hosts > 0 ? 10000ULL * locality_hosts.size() / total_hosts : 0; } } uint32_t ZoneAwareLoadBalancerBase::tryChooseLocalLocalityHosts(const HostSet& host_set) const { PerPriorityState& state = *per_priority_state_[host_set.priority()]; ASSERT(state.locality_routing_state_ != LocalityRoutingState::NoLocalityRouting); // At this point it's guaranteed to be at least 2 localities & local exists. const size_t number_of_localities = host_set.healthyHostsPerLocality().get().size(); ASSERT(number_of_localities >= 2U); ASSERT(host_set.healthyHostsPerLocality().hasLocalLocality()); // Try to push all of the requests to the same locality first. if (state.locality_routing_state_ == LocalityRoutingState::LocalityDirect) { stats_.lb_zone_routing_all_directly_.inc(); return 0; } ASSERT(state.locality_routing_state_ == LocalityRoutingState::LocalityResidual); // If we cannot route all requests to the same locality, we already calculated how much we can // push to the local locality, check if we can push to local locality on current iteration. if (random_.random() % 10000 < state.local_percent_to_route_) { stats_.lb_zone_routing_sampled_.inc(); return 0; } // At this point we must route cross locality as we cannot route to the local locality. stats_.lb_zone_routing_cross_zone_.inc(); // This is *extremely* unlikely but possible due to rounding errors when calculating // locality percentages. In this case just select random locality. if (state.residual_capacity_[number_of_localities - 1] == 0) { stats_.lb_zone_no_capacity_left_.inc(); return random_.random() % number_of_localities; } // Random sampling to select specific locality for cross locality traffic based on the additional // capacity in localities. uint64_t threshold = random_.random() % state.residual_capacity_[number_of_localities - 1]; // This potentially can be optimized to be O(log(N)) where N is the number of localities. // Linear scan should be faster for smaller N, in most of the scenarios N will be small. // TODO(htuch): is there a bug here when threshold == 0? Seems like we pick // local locality in that situation. Probably should start iterating at 1. int i = 0; while (threshold > state.residual_capacity_[i]) { i++; } return i; } absl::optional ZoneAwareLoadBalancerBase::hostSourceToUse(LoadBalancerContext* context, uint64_t hash) const { auto host_set_and_source = chooseHostSet(context, hash); // The second argument tells us which availability we should target from the selected host set. const auto host_availability = host_set_and_source.second; auto& host_set = host_set_and_source.first; HostsSource hosts_source; hosts_source.priority_ = host_set.priority(); // If the selected host set has insufficient healthy hosts, return all hosts (unless we should // fail traffic on panic, in which case return no host). if (per_priority_panic_[hosts_source.priority_]) { stats_.lb_healthy_panic_.inc(); if (fail_traffic_on_panic_) { return absl::nullopt; } else { hosts_source.source_type_ = HostsSource::SourceType::AllHosts; return hosts_source; } } // If we're doing locality weighted balancing, pick locality. absl::optional locality; if (host_availability == HostAvailability::Degraded) { locality = host_set.chooseDegradedLocality(); } else { locality = host_set.chooseHealthyLocality(); } if (locality.has_value()) { hosts_source.source_type_ = localitySourceType(host_availability); hosts_source.locality_index_ = locality.value(); return hosts_source; } // If we've latched that we can't do priority-based routing, return healthy or degraded hosts // for the selected host set. if (per_priority_state_[host_set.priority()]->locality_routing_state_ == LocalityRoutingState::NoLocalityRouting) { hosts_source.source_type_ = sourceType(host_availability); return hosts_source; } // Determine if the load balancer should do zone based routing for this pick. if (!runtime_.snapshot().featureEnabled(RuntimeZoneEnabled, routing_enabled_)) { hosts_source.source_type_ = sourceType(host_availability); return hosts_source; } if (isHostSetInPanic(localHostSet())) { stats_.lb_local_cluster_not_ok_.inc(); // If the local Envoy instances are in global panic, and we should not fail traffic, do // not do locality based routing. if (fail_traffic_on_panic_) { return absl::nullopt; } else { hosts_source.source_type_ = sourceType(host_availability); return hosts_source; } } hosts_source.source_type_ = localitySourceType(host_availability); hosts_source.locality_index_ = tryChooseLocalLocalityHosts(host_set); return hosts_source; } const HostVector& ZoneAwareLoadBalancerBase::hostSourceToHosts(HostsSource hosts_source) const { const HostSet& host_set = *priority_set_.hostSetsPerPriority()[hosts_source.priority_]; switch (hosts_source.source_type_) { case HostsSource::SourceType::AllHosts: return host_set.hosts(); case HostsSource::SourceType::HealthyHosts: return host_set.healthyHosts(); case HostsSource::SourceType::DegradedHosts: return host_set.degradedHosts(); case HostsSource::SourceType::LocalityHealthyHosts: return host_set.healthyHostsPerLocality().get()[hosts_source.locality_index_]; case HostsSource::SourceType::LocalityDegradedHosts: return host_set.degradedHostsPerLocality().get()[hosts_source.locality_index_]; default: NOT_REACHED_GCOVR_EXCL_LINE; } } EdfLoadBalancerBase::EdfLoadBalancerBase( const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : ZoneAwareLoadBalancerBase(priority_set, local_priority_set, stats, runtime, random, common_config), seed_(random_.random()) { // We fully recompute the schedulers for a given host set here on membership change, which is // consistent with what other LB implementations do (e.g. thread aware). // The downside of a full recompute is that time complexity is O(n * log n), // so we will need to do better at delta tracking to scale (see // https://github.com/envoyproxy/envoy/issues/2874). priority_set.addPriorityUpdateCb( [this](uint32_t priority, const HostVector&, const HostVector&) { refresh(priority); }); } void EdfLoadBalancerBase::initialize() { for (uint32_t priority = 0; priority < priority_set_.hostSetsPerPriority().size(); ++priority) { refresh(priority); } } void EdfLoadBalancerBase::refresh(uint32_t priority) { const auto add_hosts_source = [this](HostsSource source, const HostVector& hosts) { // Nuke existing scheduler if it exists. auto& scheduler = scheduler_[source] = Scheduler{}; refreshHostSource(source); // Check if the original host weights are equal and skip EDF creation if they are. When all // original weights are equal we can rely on unweighted host pick to do optimal round robin and // least-loaded host selection with lower memory and CPU overhead. if (hostWeightsAreEqual(hosts)) { // Skip edf creation. return; } scheduler.edf_ = std::make_unique>(); // Populate scheduler with host list. // TODO(mattklein123): We must build the EDF schedule even if all of the hosts are currently // weighted 1. This is because currently we don't refresh host sets if only weights change. // We should probably change this to refresh at all times. See the comment in // BaseDynamicClusterImpl::updateDynamicHostList about this. for (const auto& host : hosts) { // We use a fixed weight here. While the weight may change without // notification, this will only be stale until this host is next picked, // at which point it is reinserted into the EdfScheduler with its new // weight in chooseHost(). scheduler.edf_->add(hostWeight(*host), host); } // Cycle through hosts to achieve the intended offset behavior. // TODO(htuch): Consider how we can avoid biasing towards earlier hosts in the schedule across // refreshes for the weighted case. if (!hosts.empty()) { for (uint32_t i = 0; i < seed_ % hosts.size(); ++i) { auto host = scheduler.edf_->pickAndAdd([this](const Host& host) { return hostWeight(host); }); } } }; // Populate EdfSchedulers for each valid HostsSource value for the host set at this priority. const auto& host_set = priority_set_.hostSetsPerPriority()[priority]; add_hosts_source(HostsSource(priority, HostsSource::SourceType::AllHosts), host_set->hosts()); add_hosts_source(HostsSource(priority, HostsSource::SourceType::HealthyHosts), host_set->healthyHosts()); add_hosts_source(HostsSource(priority, HostsSource::SourceType::DegradedHosts), host_set->degradedHosts()); for (uint32_t locality_index = 0; locality_index < host_set->healthyHostsPerLocality().get().size(); ++locality_index) { add_hosts_source( HostsSource(priority, HostsSource::SourceType::LocalityHealthyHosts, locality_index), host_set->healthyHostsPerLocality().get()[locality_index]); } for (uint32_t locality_index = 0; locality_index < host_set->degradedHostsPerLocality().get().size(); ++locality_index) { add_hosts_source( HostsSource(priority, HostsSource::SourceType::LocalityDegradedHosts, locality_index), host_set->degradedHostsPerLocality().get()[locality_index]); } } HostConstSharedPtr EdfLoadBalancerBase::peekAnotherHost(LoadBalancerContext* context) { const absl::optional hosts_source = hostSourceToUse(context, random(true)); if (!hosts_source) { return nullptr; } auto scheduler_it = scheduler_.find(*hosts_source); // We should always have a scheduler for any return value from // hostSourceToUse() via the construction in refresh(); ASSERT(scheduler_it != scheduler_.end()); auto& scheduler = scheduler_it->second; // As has been commented in both EdfLoadBalancerBase::refresh and // BaseDynamicClusterImpl::updateDynamicHostList, we must do a runtime pivot here to determine // whether to use EDF or do unweighted (fast) selection. EDF is non-null iff the original weights // of 2 or more hosts differ. if (scheduler.edf_ != nullptr) { return scheduler.edf_->peekAgain([this](const Host& host) { return hostWeight(host); }); } else { const HostVector& hosts_to_use = hostSourceToHosts(*hosts_source); if (hosts_to_use.empty()) { return nullptr; } return unweightedHostPeek(hosts_to_use, *hosts_source); } } HostConstSharedPtr EdfLoadBalancerBase::chooseHostOnce(LoadBalancerContext* context) { const absl::optional hosts_source = hostSourceToUse(context, random(false)); if (!hosts_source) { return nullptr; } auto scheduler_it = scheduler_.find(*hosts_source); // We should always have a scheduler for any return value from // hostSourceToUse() via the construction in refresh(); ASSERT(scheduler_it != scheduler_.end()); auto& scheduler = scheduler_it->second; // As has been commented in both EdfLoadBalancerBase::refresh and // BaseDynamicClusterImpl::updateDynamicHostList, we must do a runtime pivot here to determine // whether to use EDF or do unweighted (fast) selection. EDF is non-null iff the original weights // of 2 or more hosts differ. if (scheduler.edf_ != nullptr) { auto host = scheduler.edf_->pickAndAdd([this](const Host& host) { return hostWeight(host); }); return host; } else { const HostVector& hosts_to_use = hostSourceToHosts(*hosts_source); if (hosts_to_use.empty()) { return nullptr; } return unweightedHostPick(hosts_to_use, *hosts_source); } } HostConstSharedPtr LeastRequestLoadBalancer::unweightedHostPeek(const HostVector&, const HostsSource&) { // LeastRequestLoadBalancer can not do deterministic prefetching, because // any other thread might select the least-requested-host between prefetch and // host-pick, and change the rq_active checks. return nullptr; } HostConstSharedPtr LeastRequestLoadBalancer::unweightedHostPick(const HostVector& hosts_to_use, const HostsSource&) { HostSharedPtr candidate_host = nullptr; for (uint32_t choice_idx = 0; choice_idx < choice_count_; ++choice_idx) { const int rand_idx = random_.random() % hosts_to_use.size(); HostSharedPtr sampled_host = hosts_to_use[rand_idx]; if (candidate_host == nullptr) { // Make a first choice to start the comparisons. candidate_host = sampled_host; continue; } const auto candidate_active_rq = candidate_host->stats().rq_active_.value(); const auto sampled_active_rq = sampled_host->stats().rq_active_.value(); if (sampled_active_rq < candidate_active_rq) { candidate_host = sampled_host; } } return candidate_host; } HostConstSharedPtr RandomLoadBalancer::peekAnotherHost(LoadBalancerContext* context) { return peekOrChoose(context, true); } HostConstSharedPtr RandomLoadBalancer::chooseHostOnce(LoadBalancerContext* context) { return peekOrChoose(context, false); } HostConstSharedPtr RandomLoadBalancer::peekOrChoose(LoadBalancerContext* context, bool peek) { uint64_t random_hash = random(peek); const absl::optional hosts_source = hostSourceToUse(context, random_hash); if (!hosts_source) { return nullptr; } const HostVector& hosts_to_use = hostSourceToHosts(*hosts_source); if (hosts_to_use.empty()) { return nullptr; } return hosts_to_use[random_hash % hosts_to_use.size()]; } SubsetSelectorImpl::SubsetSelectorImpl( const Protobuf::RepeatedPtrField& selector_keys, envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallback_policy, const Protobuf::RepeatedPtrField& fallback_keys_subset, bool single_host_per_subset) : selector_keys_(selector_keys.begin(), selector_keys.end()), fallback_policy_(fallback_policy), fallback_keys_subset_(fallback_keys_subset.begin(), fallback_keys_subset.end()), single_host_per_subset_(single_host_per_subset) { if (fallback_policy_ != envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::KEYS_SUBSET) { // defining fallback_keys_subset_ for a fallback policy other than KEYS_SUBSET doesn't have // any effect and it is probably a user mistake. We should let the user know about it. if (!fallback_keys_subset_.empty()) { throw EnvoyException("fallback_keys_subset can be set only for KEYS_SUBSET fallback_policy"); } return; } // if KEYS_SUBSET fallback policy is selected, fallback_keys_subset must not be empty, because // it would be the same as not defining fallback policy at all (global fallback policy would be // used) if (fallback_keys_subset_.empty()) { throw EnvoyException("fallback_keys_subset cannot be empty"); } // We allow only for a fallback to a subset of the selector keys because this is probably the // only use case that makes sense (fallback from more specific selector to less specific // selector). Potentially we can relax this constraint in the future if there will be a use case // for this. if (!std::includes(selector_keys_.begin(), selector_keys_.end(), fallback_keys_subset_.begin(), fallback_keys_subset_.end())) { throw EnvoyException("fallback_keys_subset must be a subset of selector keys"); } // Enforce that the fallback_keys_subset_ set is smaller than the selector_keys_ set. Otherwise // we could end up with a infinite recursion of SubsetLoadBalancer::chooseHost(). if (selector_keys_.size() == fallback_keys_subset_.size()) { throw EnvoyException("fallback_keys_subset cannot be equal to keys"); } } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/load_balancer_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_protos.h" #include "common/upstream/edf_scheduler.h" namespace Envoy { namespace Upstream { // Priority levels and localities are considered overprovisioned with this factor. static constexpr uint32_t kDefaultOverProvisioningFactor = 140; /** * Base class for all LB implementations. */ class LoadBalancerBase : public LoadBalancer { public: enum class HostAvailability { Healthy, Degraded }; // A utility function to chose a priority level based on a precomputed hash and // two PriorityLoad vectors, one for healthy load and one for degraded. // // Returns the priority, a number between 0 and per_priority_load.size()-1 as well as which host // availability level was chosen. static std::pair choosePriority(uint64_t hash, const HealthyLoad& healthy_per_priority_load, const DegradedLoad& degraded_per_priority_load); HostConstSharedPtr chooseHost(LoadBalancerContext* context) override; protected: /** * By implementing this method instead of chooseHost, host selection will * be subject to host filters specified by LoadBalancerContext. * * Host selection will be retried up to the number specified by * hostSelectionRetryCount on LoadBalancerContext, and if no hosts are found * within the allowed attempts, the host that was selected during the last * attempt will be returned. * * If host selection is idempotent (i.e. retrying will not change the outcome), * sub classes should override chooseHost to avoid the unnecessary overhead of * retrying host selection. */ virtual HostConstSharedPtr chooseHostOnce(LoadBalancerContext* context) PURE; /** * For the given host_set @return if we should be in a panic mode or not. For example, if the * majority of hosts are unhealthy we'll be likely in a panic mode. In this case we'll route * requests to hosts regardless of whether they are healthy or not. */ bool isHostSetInPanic(const HostSet& host_set) const; /** * Method is called when all host sets are in panic mode. * In such state the load is distributed based on the number of hosts * in given priority regardless of their health. */ void recalculateLoadInTotalPanic(); LoadBalancerBase(const PrioritySet& priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); // Choose host set randomly, based on the healthy_per_priority_load_ and // degraded_per_priority_load_. per_priority_load_ is consulted first, spilling over to // degraded_per_priority_load_ if necessary. When a host set is selected based on // degraded_per_priority_load_, only degraded hosts should be selected from that host set. // // @return host set to use and which availability to target. std::pair chooseHostSet(LoadBalancerContext* context, uint64_t hash) const; uint32_t percentageLoad(uint32_t priority) const { return per_priority_load_.healthy_priority_load_.get()[priority]; } uint32_t percentageDegradedLoad(uint32_t priority) const { return per_priority_load_.degraded_priority_load_.get()[priority]; } bool isInPanic(uint32_t priority) const { return per_priority_panic_[priority]; } uint64_t random(bool peeking) { if (peeking) { stashed_random_.push_back(random_.random()); return stashed_random_.back(); } else { if (!stashed_random_.empty()) { auto random = stashed_random_.front(); stashed_random_.pop_front(); return random; } else { return random_.random(); } } } ClusterStats& stats_; Runtime::Loader& runtime_; std::deque stashed_random_; Random::RandomGenerator& random_; const uint32_t default_healthy_panic_percent_; // The priority-ordered set of hosts to use for load balancing. const PrioritySet& priority_set_; public: // Called when a host set at the given priority level is updated. This updates // per_priority_health for that priority level, and may update per_priority_load for all // priority levels. void static recalculatePerPriorityState(uint32_t priority, const PrioritySet& priority_set, HealthyAndDegradedLoad& priority_load, HealthyAvailability& per_priority_health, DegradedAvailability& per_priority_degraded); void recalculatePerPriorityPanic(); protected: // Method calculates normalized total availability. // // The availability of a priority is ratio of available (healthy/degraded) hosts over the total // number of hosts multiplied by 100 and the overprovisioning factor. The total availability is // the sum of the availability of each priority, up to a maximum of 100. // // For example, using the default overprovisioning factor of 1.4, a if priority A has 4 hosts, // of which 1 is degraded and 1 is healthy, it will have availability of 2/4 * 100 * 1.4 = 70. // // Assuming two priorities with availability 60 and 70, the total availability would be 100. static uint32_t calculateNormalizedTotalAvailability(HealthyAvailability& per_priority_health, DegradedAvailability& per_priority_degraded) { const auto health = std::accumulate(per_priority_health.get().begin(), per_priority_health.get().end(), 0); const auto degraded = std::accumulate(per_priority_degraded.get().begin(), per_priority_degraded.get().end(), 0); return std::min(health + degraded, 100); } // The percentage load (0-100) for each priority level when targeting healthy hosts and // the percentage load (0-100) for each priority level when targeting degraded hosts. HealthyAndDegradedLoad per_priority_load_; // The health percentage (0-100) for each priority level. HealthyAvailability per_priority_health_; // The degraded percentage (0-100) for each priority level. DegradedAvailability per_priority_degraded_; // Levels which are in panic std::vector per_priority_panic_; }; class LoadBalancerContextBase : public LoadBalancerContext { public: absl::optional computeHashKey() override { return {}; } const Network::Connection* downstreamConnection() const override { return nullptr; } const Router::MetadataMatchCriteria* metadataMatchCriteria() override { return nullptr; } const Http::RequestHeaderMap* downstreamHeaders() const override { return nullptr; } const HealthyAndDegradedLoad& determinePriorityLoad(const PrioritySet&, const HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc&) override { return original_priority_load; } bool shouldSelectAnotherHost(const Host&) override { return false; } uint32_t hostSelectionRetryCount() const override { return 1; } Network::Socket::OptionsSharedPtr upstreamSocketOptions() const override { return nullptr; } Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const override { return nullptr; } }; /** * Base class for zone aware load balancers */ class ZoneAwareLoadBalancerBase : public LoadBalancerBase { protected: // Both priority_set and local_priority_set if non-null must have at least one host set. ZoneAwareLoadBalancerBase( const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); ~ZoneAwareLoadBalancerBase() override; // When deciding which hosts to use on an LB decision, we need to know how to index into the // priority_set. This priority_set cursor is used by ZoneAwareLoadBalancerBase subclasses, e.g. // RoundRobinLoadBalancer, to index into auxiliary data structures specific to the LB for // a given host set selection. struct HostsSource { enum class SourceType { // All hosts in the host set. AllHosts, // All healthy hosts in the host set. HealthyHosts, // All degraded hosts in the host set. DegradedHosts, // Healthy hosts for locality @ locality_index. LocalityHealthyHosts, // Degraded hosts for locality @ locality_index. LocalityDegradedHosts, }; HostsSource() = default; HostsSource(uint32_t priority, SourceType source_type) : priority_(priority), source_type_(source_type) { ASSERT(source_type == SourceType::AllHosts || source_type == SourceType::HealthyHosts || source_type == SourceType::DegradedHosts); } HostsSource(uint32_t priority, SourceType source_type, uint32_t locality_index) : priority_(priority), source_type_(source_type), locality_index_(locality_index) { ASSERT(source_type == SourceType::LocalityHealthyHosts || source_type == SourceType::LocalityDegradedHosts); } // Priority in PrioritySet. uint32_t priority_{}; // How to index into HostSet for a given priority. SourceType source_type_{}; // Locality index into HostsPerLocality for SourceType::LocalityHealthyHosts. uint32_t locality_index_{}; bool operator==(const HostsSource& other) const { return priority_ == other.priority_ && source_type_ == other.source_type_ && locality_index_ == other.locality_index_; } }; struct HostsSourceHash { size_t operator()(const HostsSource& hs) const { // This is only used for absl::node_hash_map keys, so we don't need a deterministic hash. size_t hash = std::hash()(hs.priority_); hash = 37 * hash + std::hash()(static_cast(hs.source_type_)); hash = 37 * hash + std::hash()(hs.locality_index_); return hash; } }; /** * Pick the host source to use, doing zone aware routing when the hosts are sufficiently healthy. * If no host is chosen (due to fail_traffic_on_panic being set), return absl::nullopt. */ absl::optional hostSourceToUse(LoadBalancerContext* context, uint64_t hash) const; /** * Index into priority_set via hosts source descriptor. */ const HostVector& hostSourceToHosts(HostsSource hosts_source) const; private: enum class LocalityRoutingState { // Locality based routing is off. NoLocalityRouting, // All queries can be routed to the local locality. LocalityDirect, // The local locality can not handle the anticipated load. Residual load will be spread across // various other localities. LocalityResidual }; /** * Increase per_priority_state_ to at least priority_set.hostSetsPerPriority().size() */ void resizePerPriorityState(); /** * @return decision on quick exit from locality aware routing based on cluster configuration. * This gets recalculated on update callback. */ bool earlyExitNonLocalityRouting(); /** * Try to select upstream hosts from the same locality. * @param host_set the last host set returned by chooseHostSet() */ uint32_t tryChooseLocalLocalityHosts(const HostSet& host_set) const; /** * @return (number of hosts in a given locality)/(total number of hosts) in `ret` param. * The result is stored as integer number and scaled by 10000 multiplier for better precision. * Caller is responsible for allocation/de-allocation of `ret`. */ void calculateLocalityPercentage(const HostsPerLocality& hosts_per_locality, uint64_t* ret); /** * Regenerate locality aware routing structures for fast decisions on upstream locality selection. */ void regenerateLocalityRoutingStructures(); HostSet& localHostSet() const { return *local_priority_set_->hostSetsPerPriority()[0]; } static HostsSource::SourceType localitySourceType(HostAvailability host_availability) { switch (host_availability) { case HostAvailability::Healthy: return HostsSource::SourceType::LocalityHealthyHosts; case HostAvailability::Degraded: return HostsSource::SourceType::LocalityDegradedHosts; default: NOT_REACHED_GCOVR_EXCL_LINE; } } static HostsSource::SourceType sourceType(HostAvailability host_availability) { switch (host_availability) { case HostAvailability::Healthy: return HostsSource::SourceType::HealthyHosts; case HostAvailability::Degraded: return HostsSource::SourceType::DegradedHosts; default: NOT_REACHED_GCOVR_EXCL_LINE; } } // The set of local Envoy instances which are load balancing across priority_set_. const PrioritySet* local_priority_set_; const uint32_t routing_enabled_; const uint64_t min_cluster_size_; const bool fail_traffic_on_panic_; struct PerPriorityState { // The percent of requests which can be routed to the local locality. uint64_t local_percent_to_route_{}; // Tracks the current state of locality based routing. LocalityRoutingState locality_routing_state_{LocalityRoutingState::NoLocalityRouting}; // When locality_routing_state_ == LocalityResidual this tracks the capacity // for each of the non-local localities to determine what traffic should be // routed where. std::vector residual_capacity_; }; using PerPriorityStatePtr = std::unique_ptr; // Routing state broken out for each priority level in priority_set_. std::vector per_priority_state_; Common::CallbackHandle* local_priority_set_member_update_cb_handle_{}; }; /** * Base implementation of LoadBalancer that performs weighted RR selection across the hosts in the * cluster. This scheduler respects host weighting and utilizes an EdfScheduler to achieve O(log * n) pick and insertion time complexity, O(n) memory use. The key insight is that if we schedule * with 1 / weight deadline, we will achieve the desired pick frequency for weighted RR in a given * interval. Naive implementations of weighted RR are either O(n) pick time or O(m * n) memory use, * where m is the weight range. We also explicitly check for the unweighted special case and use a * simple index to achieve O(1) scheduling in that case. * TODO(htuch): We use EDF at Google, but the EDF scheduler may be overkill if we don't want to * support large ranges of weights or arbitrary precision floating weights, we could construct an * explicit schedule, since m will be a small constant factor in O(m * n). This * could also be done on a thread aware LB, avoiding creating multiple EDF * instances. * * This base class also supports unweighted selection which derived classes can use to customize * behavior. Derived classes can also override how host weight is determined when in weighted mode. */ class EdfLoadBalancerBase : public ZoneAwareLoadBalancerBase { public: EdfLoadBalancerBase(const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); // Upstream::LoadBalancerBase HostConstSharedPtr peekAnotherHost(LoadBalancerContext* context) override; HostConstSharedPtr chooseHostOnce(LoadBalancerContext* context) override; protected: struct Scheduler { // EdfScheduler for weighted LB. The edf_ is only created when the original // host weights of 2 or more hosts differ. When not present, the // implementation of chooseHostOnce falls back to unweightedHostPick. std::unique_ptr> edf_; }; void initialize(); virtual void refresh(uint32_t priority); // Seed to allow us to desynchronize load balancers across a fleet. If we don't // do this, multiple Envoys that receive an update at the same time (or even // multiple load balancers on the same host) will send requests to // backends in roughly lock step, causing significant imbalance and potential // overload. const uint64_t seed_; private: virtual void refreshHostSource(const HostsSource& source) PURE; virtual double hostWeight(const Host& host) PURE; virtual HostConstSharedPtr unweightedHostPeek(const HostVector& hosts_to_use, const HostsSource& source) PURE; virtual HostConstSharedPtr unweightedHostPick(const HostVector& hosts_to_use, const HostsSource& source) PURE; // Scheduler for each valid HostsSource. absl::node_hash_map scheduler_; }; /** * A round robin load balancer. When in weighted mode, EDF scheduling is used. When in not * weighted mode, simple RR index selection is used. */ class RoundRobinLoadBalancer : public EdfLoadBalancerBase { public: RoundRobinLoadBalancer(const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : EdfLoadBalancerBase(priority_set, local_priority_set, stats, runtime, random, common_config) { initialize(); } private: void refreshHostSource(const HostsSource& source) override { // insert() is used here on purpose so that we don't overwrite the index if the host source // already exists. Note that host sources will never be removed, but given how uncommon this // is it probably doesn't matter. rr_indexes_.insert({source, seed_}); // If the list of hosts changes, the order of picks change. Discard the // index. peekahead_index_ = 0; } double hostWeight(const Host& host) override { return host.weight(); } HostConstSharedPtr unweightedHostPeek(const HostVector& hosts_to_use, const HostsSource& source) override { auto i = rr_indexes_.find(source); if (i == rr_indexes_.end()) { return nullptr; } return hosts_to_use[(i->second + (peekahead_index_)++) % hosts_to_use.size()]; } HostConstSharedPtr unweightedHostPick(const HostVector& hosts_to_use, const HostsSource& source) override { if (peekahead_index_ > 0) { --peekahead_index_; } // To avoid storing the RR index in the base class, we end up using a second map here with // host source as the key. This means that each LB decision will require two map lookups in // the unweighted case. We might consider trying to optimize this in the future. ASSERT(rr_indexes_.find(source) != rr_indexes_.end()); return hosts_to_use[rr_indexes_[source]++ % hosts_to_use.size()]; } uint64_t peekahead_index_{}; absl::node_hash_map rr_indexes_; }; /** * Weighted Least Request load balancer. * * In a normal setup when all hosts have the same weight it randomly picks up N healthy hosts * (where N is specified in the LB configuration) and compares number of active requests. Technique * is based on http://www.eecs.harvard.edu/~michaelm/postscripts/mythesis.pdf and is known as P2C * (power of two choices). * * When hosts have different weights, an RR EDF schedule is used. Host weight is scaled * by the number of active requests at pick/insert time. Thus, hosts will never fully drain as * they would in normal P2C, though they will get picked less and less often. In the future, we * can consider two alternate algorithms: * 1) Expand out all hosts by weight (using more memory) and do standard P2C. * 2) Use a weighted Maglev table, and perform P2C on two random hosts selected from the table. * The benefit of the Maglev table is at the expense of resolution, memory usage is capped. * Additionally, the Maglev table can be shared amongst all threads. */ class LeastRequestLoadBalancer : public EdfLoadBalancerBase, Logger::Loggable { public: LeastRequestLoadBalancer( const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config, const absl::optional least_request_config) : EdfLoadBalancerBase(priority_set, local_priority_set, stats, runtime, random, common_config), choice_count_( least_request_config.has_value() ? PROTOBUF_GET_WRAPPED_OR_DEFAULT(least_request_config.value(), choice_count, 2) : 2), active_request_bias_runtime_( least_request_config.has_value() && least_request_config->has_active_request_bias() ? std::make_unique(least_request_config->active_request_bias(), runtime) : nullptr) { initialize(); } protected: void refresh(uint32_t priority) override { active_request_bias_ = active_request_bias_runtime_ != nullptr ? active_request_bias_runtime_->value() : 1.0; if (active_request_bias_ < 0.0) { ENVOY_LOG(warn, "upstream: invalid active request bias supplied (runtime key {}), using 1.0", active_request_bias_runtime_->runtimeKey()); active_request_bias_ = 1.0; } EdfLoadBalancerBase::refresh(priority); } private: void refreshHostSource(const HostsSource&) override {} double hostWeight(const Host& host) override { // This method is called to calculate the dynamic weight as following when all load balancing // weights are not equal: // // `weight = load_balancing_weight / (active_requests + 1)^active_request_bias` // // `active_request_bias` can be configured via runtime and its value is cached in // `active_request_bias_` to avoid having to do a runtime lookup each time a host weight is // calculated. // // When `active_request_bias == 0.0` we behave like `RoundRobinLoadBalancer` and return the // host weight without considering the number of active requests at the time we do the pick. // // When `active_request_bias > 0.0` we scale the host weight by the number of active // requests at the time we do the pick. We always add 1 to avoid division by 0. // // It might be possible to do better by picking two hosts off of the schedule, and selecting the // one with fewer active requests at the time of selection. if (active_request_bias_ == 0.0) { return host.weight(); } if (active_request_bias_ == 1.0) { return static_cast(host.weight()) / (host.stats().rq_active_.value() + 1); } return static_cast(host.weight()) / std::pow(host.stats().rq_active_.value() + 1, active_request_bias_); } HostConstSharedPtr unweightedHostPeek(const HostVector& hosts_to_use, const HostsSource& source) override; HostConstSharedPtr unweightedHostPick(const HostVector& hosts_to_use, const HostsSource& source) override; const uint32_t choice_count_; // The exponent used to calculate host weights can be configured via runtime. We cache it for // performance reasons and refresh it in `LeastRequestLoadBalancer::refresh(uint32_t priority)` // whenever a `HostSet` is updated. double active_request_bias_{}; const std::unique_ptr active_request_bias_runtime_; }; /** * Random load balancer that picks a random host out of all hosts. */ class RandomLoadBalancer : public ZoneAwareLoadBalancerBase { public: RandomLoadBalancer(const PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : ZoneAwareLoadBalancerBase(priority_set, local_priority_set, stats, runtime, random, common_config) {} // Upstream::LoadBalancerBase HostConstSharedPtr chooseHostOnce(LoadBalancerContext* context) override; HostConstSharedPtr peekAnotherHost(LoadBalancerContext* context) override; protected: HostConstSharedPtr peekOrChoose(LoadBalancerContext* context, bool peek); }; /** * Implementation of SubsetSelector */ class SubsetSelectorImpl : public SubsetSelector { public: SubsetSelectorImpl(const Protobuf::RepeatedPtrField& selector_keys, envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallback_policy, const Protobuf::RepeatedPtrField& fallback_keys_subset, bool single_host_per_subset); // SubsetSelector const std::set& selectorKeys() const override { return selector_keys_; } envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallbackPolicy() const override { return fallback_policy_; } const std::set& fallbackKeysSubset() const override { return fallback_keys_subset_; } bool singleHostPerSubset() const override { return single_host_per_subset_; } private: const std::set selector_keys_; const envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallback_policy_; const std::set fallback_keys_subset_; const bool single_host_per_subset_; }; /** * Implementation of LoadBalancerSubsetInfo. */ class LoadBalancerSubsetInfoImpl : public LoadBalancerSubsetInfo { public: LoadBalancerSubsetInfoImpl( const envoy::config::cluster::v3::Cluster::LbSubsetConfig& subset_config) : enabled_(!subset_config.subset_selectors().empty()), fallback_policy_(subset_config.fallback_policy()), default_subset_(subset_config.default_subset()), locality_weight_aware_(subset_config.locality_weight_aware()), scale_locality_weight_(subset_config.scale_locality_weight()), panic_mode_any_(subset_config.panic_mode_any()), list_as_any_(subset_config.list_as_any()) { for (const auto& subset : subset_config.subset_selectors()) { if (!subset.keys().empty()) { subset_selectors_.emplace_back(std::make_shared( subset.keys(), subset.fallback_policy(), subset.fallback_keys_subset(), subset.single_host_per_subset())); } } } // Upstream::LoadBalancerSubsetInfo bool isEnabled() const override { return enabled_; } envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetFallbackPolicy fallbackPolicy() const override { return fallback_policy_; } const ProtobufWkt::Struct& defaultSubset() const override { return default_subset_; } const std::vector& subsetSelectors() const override { return subset_selectors_; } bool localityWeightAware() const override { return locality_weight_aware_; } bool scaleLocalityWeight() const override { return scale_locality_weight_; } bool panicModeAny() const override { return panic_mode_any_; } bool listAsAny() const override { return list_as_any_; } private: const bool enabled_; const envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetFallbackPolicy fallback_policy_; const ProtobufWkt::Struct default_subset_; std::vector subset_selectors_; const bool locality_weight_aware_; const bool scale_locality_weight_; const bool panic_mode_any_; const bool list_as_any_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/load_stats_reporter.cc ================================================ #include "common/upstream/load_stats_reporter.h" #include "envoy/service/load_stats/v3/lrs.pb.h" #include "envoy/stats/scope.h" #include "common/config/version_converter.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { LoadStatsReporter::LoadStatsReporter(const LocalInfo::LocalInfo& local_info, ClusterManager& cluster_manager, Stats::Scope& scope, Grpc::RawAsyncClientPtr async_client, envoy::config::core::v3::ApiVersion transport_api_version, Event::Dispatcher& dispatcher) : cm_(cluster_manager), stats_{ALL_LOAD_REPORTER_STATS( POOL_COUNTER_PREFIX(scope, "load_reporter."))}, async_client_(std::move(async_client)), transport_api_version_(transport_api_version), service_method_( Grpc::VersionedMethods("envoy.service.load_stats.v3.LoadReportingService.StreamLoadStats", "envoy.service.load_stats.v2.LoadReportingService.StreamLoadStats") .getMethodDescriptorForVersion(transport_api_version)), time_source_(dispatcher.timeSource()) { request_.mutable_node()->MergeFrom(local_info.node()); request_.mutable_node()->add_client_features("envoy.lrs.supports_send_all_clusters"); retry_timer_ = dispatcher.createTimer([this]() -> void { establishNewStream(); }); response_timer_ = dispatcher.createTimer([this]() -> void { sendLoadStatsRequest(); }); establishNewStream(); } void LoadStatsReporter::setRetryTimer() { retry_timer_->enableTimer(std::chrono::milliseconds(RETRY_DELAY_MS)); } void LoadStatsReporter::establishNewStream() { ENVOY_LOG(debug, "Establishing new gRPC bidi stream for {}", service_method_.DebugString()); stream_ = async_client_->start(service_method_, *this, Http::AsyncClient::StreamOptions()); if (stream_ == nullptr) { ENVOY_LOG(warn, "Unable to establish new stream"); handleFailure(); return; } request_.mutable_cluster_stats()->Clear(); sendLoadStatsRequest(); } void LoadStatsReporter::sendLoadStatsRequest() { // TODO(htuch): This sends load reports for only the set of clusters in clusters_, which // was initialized in startLoadReportPeriod() the last time we either sent a load report // or received a new LRS response (whichever happened more recently). The code in // startLoadReportPeriod() adds to clusters_ only those clusters that exist in the // ClusterManager at the moment when startLoadReportPeriod() runs. This means that if // a cluster is selected by the LRS server (either by being explicitly listed or by using // the send_all_clusters field), if that cluster was added to the ClusterManager since the // last time startLoadReportPeriod() was invoked, we will not report its load here. In // practice, this means that for any newly created cluster, we will always drop the data for // the initial load report period. This seems sub-optimal. // // One possible way to deal with this would be to get a notification whenever a new cluster is // added to the cluster manager. When we get the notification, we record the current time in // clusters_ as the start time for the load reporting window for that cluster. request_.mutable_cluster_stats()->Clear(); for (const auto& cluster_name_and_timestamp : clusters_) { const std::string& cluster_name = cluster_name_and_timestamp.first; auto cluster_info_map = cm_.clusters(); auto it = cluster_info_map.find(cluster_name); if (it == cluster_info_map.end()) { ENVOY_LOG(debug, "Cluster {} does not exist", cluster_name); continue; } auto& cluster = it->second.get(); auto* cluster_stats = request_.add_cluster_stats(); cluster_stats->set_cluster_name(cluster_name); if (cluster.info()->edsServiceName().has_value()) { cluster_stats->set_cluster_service_name(cluster.info()->edsServiceName().value()); } for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { ENVOY_LOG(trace, "Load report locality count {}", host_set->hostsPerLocality().get().size()); for (auto& hosts : host_set->hostsPerLocality().get()) { ASSERT(!hosts.empty()); uint64_t rq_success = 0; uint64_t rq_error = 0; uint64_t rq_active = 0; uint64_t rq_issued = 0; for (const auto& host : hosts) { rq_success += host->stats().rq_success_.latch(); rq_error += host->stats().rq_error_.latch(); rq_active += host->stats().rq_active_.value(); rq_issued += host->stats().rq_total_.latch(); } if (rq_success + rq_error + rq_active != 0) { auto* locality_stats = cluster_stats->add_upstream_locality_stats(); locality_stats->mutable_locality()->MergeFrom(hosts[0]->locality()); locality_stats->set_priority(host_set->priority()); locality_stats->set_total_successful_requests(rq_success); locality_stats->set_total_error_requests(rq_error); locality_stats->set_total_requests_in_progress(rq_active); locality_stats->set_total_issued_requests(rq_issued); } } } cluster_stats->set_total_dropped_requests( cluster.info()->loadReportStats().upstream_rq_dropped_.latch()); const auto now = time_source_.monotonicTime().time_since_epoch(); const auto measured_interval = now - cluster_name_and_timestamp.second; cluster_stats->mutable_load_report_interval()->MergeFrom( Protobuf::util::TimeUtil::MicrosecondsToDuration( std::chrono::duration_cast(measured_interval).count())); clusters_[cluster_name] = now; } Config::VersionConverter::prepareMessageForGrpcWire(request_, transport_api_version_); ENVOY_LOG(trace, "Sending LoadStatsRequest: {}", request_.DebugString()); stream_->sendMessage(request_, false); stats_.responses_.inc(); // When the connection is established, the message has not yet been read so we // will not have a load reporting period. if (message_) { startLoadReportPeriod(); } } void LoadStatsReporter::handleFailure() { ENVOY_LOG(warn, "Load reporter stats stream/connection failure, will retry in {} ms.", RETRY_DELAY_MS); stats_.errors_.inc(); setRetryTimer(); } void LoadStatsReporter::onCreateInitialMetadata(Http::RequestHeaderMap& metadata) { UNREFERENCED_PARAMETER(metadata); } void LoadStatsReporter::onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) { UNREFERENCED_PARAMETER(metadata); } void LoadStatsReporter::onReceiveMessage( std::unique_ptr&& message) { ENVOY_LOG(debug, "New load report epoch: {}", message->DebugString()); message_ = std::move(message); startLoadReportPeriod(); stats_.requests_.inc(); } void LoadStatsReporter::startLoadReportPeriod() { // Once a cluster is tracked, we don't want to reset its stats between reports // to avoid racing between request/response. // TODO(htuch): They key here could be absl::string_view, but this causes // problems due to referencing of temporaries in the below loop with Google's // internal string type. Consider this optimization when the string types // converge. absl::node_hash_map existing_clusters; if (message_->send_all_clusters()) { for (const auto& p : cm_.clusters()) { const std::string& cluster_name = p.first; if (clusters_.count(cluster_name) > 0) { existing_clusters.emplace(cluster_name, clusters_[cluster_name]); } } } else { for (const std::string& cluster_name : message_->clusters()) { if (clusters_.count(cluster_name) > 0) { existing_clusters.emplace(cluster_name, clusters_[cluster_name]); } } } clusters_.clear(); // Reset stats for all hosts in clusters we are tracking. auto handle_cluster_func = [this, &existing_clusters](const std::string& cluster_name) { clusters_.emplace(cluster_name, existing_clusters.count(cluster_name) > 0 ? existing_clusters[cluster_name] : time_source_.monotonicTime().time_since_epoch()); auto cluster_info_map = cm_.clusters(); auto it = cluster_info_map.find(cluster_name); if (it == cluster_info_map.end()) { return; } // Don't reset stats for existing tracked clusters. if (existing_clusters.count(cluster_name) > 0) { return; } auto& cluster = it->second.get(); for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { for (const auto& host : host_set->hosts()) { host->stats().rq_success_.latch(); host->stats().rq_error_.latch(); host->stats().rq_total_.latch(); } } cluster.info()->loadReportStats().upstream_rq_dropped_.latch(); }; if (message_->send_all_clusters()) { for (const auto& p : cm_.clusters()) { const std::string& cluster_name = p.first; handle_cluster_func(cluster_name); } } else { for (const std::string& cluster_name : message_->clusters()) { handle_cluster_func(cluster_name); } } response_timer_->enableTimer(std::chrono::milliseconds( DurationUtil::durationToMilliseconds(message_->load_reporting_interval()))); } void LoadStatsReporter::onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) { UNREFERENCED_PARAMETER(metadata); } void LoadStatsReporter::onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) { ENVOY_LOG(warn, "{} gRPC config stream closed: {}, {}", service_method_.name(), status, message); response_timer_->disableTimer(); stream_ = nullptr; handleFailure(); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/load_stats_reporter.h ================================================ #include "envoy/event/dispatcher.h" #include "envoy/service/load_stats/v3/lrs.pb.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/grpc/async_client_impl.h" #include "common/grpc/typed_async_client.h" namespace Envoy { namespace Upstream { /** * All load reporter stats. @see stats_macros.h */ #define ALL_LOAD_REPORTER_STATS(COUNTER) \ COUNTER(requests) \ COUNTER(responses) \ COUNTER(errors) /** * Struct definition for all load reporter stats. @see stats_macros.h */ struct LoadReporterStats { ALL_LOAD_REPORTER_STATS(GENERATE_COUNTER_STRUCT) }; class LoadStatsReporter : Grpc::AsyncStreamCallbacks, Logger::Loggable { public: LoadStatsReporter(const LocalInfo::LocalInfo& local_info, ClusterManager& cluster_manager, Stats::Scope& scope, Grpc::RawAsyncClientPtr async_client, envoy::config::core::v3::ApiVersion transport_api_version, Event::Dispatcher& dispatcher); // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& metadata) override; void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) override; void onReceiveMessage( std::unique_ptr&& message) override; void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) override; void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; // TODO(htuch): Make this configurable or some static. const uint32_t RETRY_DELAY_MS = 5000; private: void setRetryTimer(); void establishNewStream(); void sendLoadStatsRequest(); void handleFailure(); void startLoadReportPeriod(); ClusterManager& cm_; LoadReporterStats stats_; Grpc::AsyncClient async_client_; const envoy::config::core::v3::ApiVersion transport_api_version_; Grpc::AsyncStream stream_{}; const Protobuf::MethodDescriptor& service_method_; Event::TimerPtr retry_timer_; Event::TimerPtr response_timer_; envoy::service::load_stats::v3::LoadStatsRequest request_; std::unique_ptr message_; // Map from cluster name to start of measurement interval. absl::node_hash_map clusters_; TimeSource& time_source_; }; using LoadStatsReporterPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/logical_dns_cluster.cc ================================================ #include "common/upstream/logical_dns_cluster.h" #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/stats/scope.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Upstream { namespace { envoy::config::endpoint::v3::ClusterLoadAssignment convertPriority(const envoy::config::endpoint::v3::ClusterLoadAssignment& load_assignment) { envoy::config::endpoint::v3::ClusterLoadAssignment converted; converted.MergeFrom(load_assignment); // We convert the priority set by the configuration back to zero. This helps // ensure that we don't blow up later on when using zone aware routing due // to a check that all priorities are zero. // // Since LOGICAL_DNS is limited to exactly one host declared per load_assignment // (checked in the ctor in this file), we can safely just rewrite the priority // to zero. for (auto& endpoint : *converted.mutable_endpoints()) { endpoint.set_priority(0); } return converted; } } // namespace LogicalDnsCluster::LogicalDnsCluster( const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : ClusterImplBase(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), dns_resolver_(dns_resolver), dns_refresh_rate_ms_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000))), respect_dns_ttl_(cluster.respect_dns_ttl()), resolve_timer_( factory_context.dispatcher().createTimer([this]() -> void { startResolve(); })), local_info_(factory_context.localInfo()), load_assignment_( cluster.has_load_assignment() ? convertPriority(cluster.load_assignment()) : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())) { failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy( cluster, dns_refresh_rate_ms_.count(), factory_context.api().randomGenerator()); const auto& locality_lb_endpoints = load_assignment_.endpoints(); if (locality_lb_endpoints.size() != 1 || locality_lb_endpoints[0].lb_endpoints().size() != 1) { if (cluster.has_load_assignment()) { throw EnvoyException( "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint"); } else { throw EnvoyException("LOGICAL_DNS clusters must have a single host"); } } const envoy::config::core::v3::SocketAddress& socket_address = lbEndpoint().endpoint().address().socket_address(); if (!socket_address.resolver_name().empty()) { throw EnvoyException("LOGICAL_DNS clusters must NOT have a custom resolver name set"); } dns_url_ = fmt::format("tcp://{}:{}", socket_address.address(), socket_address.port_value()); hostname_ = Network::Utility::hostFromTcpUrl(dns_url_); Network::Utility::portFromTcpUrl(dns_url_); dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster); } void LogicalDnsCluster::startPreInit() { startResolve(); } LogicalDnsCluster::~LogicalDnsCluster() { if (active_dns_query_) { active_dns_query_->cancel(); } } void LogicalDnsCluster::startResolve() { std::string dns_address = Network::Utility::hostFromTcpUrl(dns_url_); ENVOY_LOG(debug, "starting async DNS resolution for {}", dns_address); info_->stats().update_attempt_.inc(); active_dns_query_ = dns_resolver_->resolve( dns_address, dns_lookup_family_, [this, dns_address](Network::DnsResolver::ResolutionStatus status, std::list&& response) -> void { active_dns_query_ = nullptr; ENVOY_LOG(debug, "async DNS resolution complete for {}", dns_address); std::chrono::milliseconds final_refresh_rate = dns_refresh_rate_ms_; // If the DNS resolver successfully resolved with an empty response list, the logical DNS // cluster does not update. This ensures that a potentially previously resolved address does // not stabilize back to 0 hosts. if (status == Network::DnsResolver::ResolutionStatus::Success && !response.empty()) { info_->stats().update_success_.inc(); // TODO(mattklein123): Move port handling into the DNS interface. ASSERT(response.front().address_ != nullptr); Network::Address::InstanceConstSharedPtr new_address = Network::Utility::getAddressWithPort(*(response.front().address_), Network::Utility::portFromTcpUrl(dns_url_)); if (!logical_host_) { logical_host_ = std::make_shared( info_, hostname_, new_address, localityLbEndpoint(), lbEndpoint(), nullptr); const auto& locality_lb_endpoint = localityLbEndpoint(); PriorityStateManager priority_state_manager(*this, local_info_, nullptr); priority_state_manager.initializePriorityFor(locality_lb_endpoint); priority_state_manager.registerHostForPriority(logical_host_, locality_lb_endpoint); const uint32_t priority = locality_lb_endpoint.priority(); priority_state_manager.updateClusterPrioritySet( priority, std::move(priority_state_manager.priorityState()[priority].first), absl::nullopt, absl::nullopt, absl::nullopt); } if (!current_resolved_address_ || !(*new_address == *current_resolved_address_)) { current_resolved_address_ = new_address; // Make sure that we have an updated address for admin display, health // checking, and creating real host connections. logical_host_->setNewAddress(new_address, lbEndpoint()); } // reset failure backoff strategy because there was a success. failure_backoff_strategy_->reset(); if (respect_dns_ttl_ && response.front().ttl_ != std::chrono::seconds(0)) { final_refresh_rate = response.front().ttl_; } ENVOY_LOG(debug, "DNS refresh rate reset for {}, refresh rate {} ms", dns_address, final_refresh_rate.count()); } else { info_->stats().update_failure_.inc(); final_refresh_rate = std::chrono::milliseconds(failure_backoff_strategy_->nextBackOffMs()); ENVOY_LOG(debug, "DNS refresh rate reset for {}, (failure) refresh rate {} ms", dns_address, final_refresh_rate.count()); } onPreInitComplete(); resolve_timer_->enableTimer(final_refresh_rate); }); } std::pair LogicalDnsClusterFactory::createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { auto selected_dns_resolver = selectDnsResolver(cluster, context); return std::make_pair(std::make_shared( cluster, context.runtime(), selected_dns_resolver, socket_factory_context, std::move(stats_scope), context.addedViaApi()), nullptr); } /** * Static registration for the strict dns cluster factory. @see RegisterFactory. */ REGISTER_FACTORY(LogicalDnsClusterFactory, ClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/logical_dns_cluster.h ================================================ #pragma once #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" #include "common/common/empty_string.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/logical_host.h" #include "common/upstream/upstream_impl.h" #include "extensions/clusters/well_known_names.h" namespace Envoy { namespace Upstream { /** * The LogicalDnsCluster is a type of cluster that creates a single logical host that wraps * an async DNS resolver. The DNS resolver will continuously resolve, and swap in the first IP * address in the resolution set. However the logical owning host will not change. Any created * connections against this host will use the currently resolved IP. This means that a connection * pool using the logical host may end up with connections to many different real IPs. * * This cluster type is useful for large web services that use DNS in a round robin fashion, such * that DNS resolution may repeatedly return different results. A single connection pool can be * created that will internally have connections to different backends, while still allowing long * connection lengths and keep alive. The cluster type should only be used when an IP address change * means that connections using the IP should not drain. */ class LogicalDnsCluster : public ClusterImplBase { public: LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); ~LogicalDnsCluster() override; // Upstream::Cluster InitializePhase initializePhase() const override { return InitializePhase::Primary; } private: const envoy::config::endpoint::v3::LocalityLbEndpoints& localityLbEndpoint() const { // This is checked in the constructor, i.e. at config load time. ASSERT(load_assignment_.endpoints().size() == 1); return load_assignment_.endpoints()[0]; } const envoy::config::endpoint::v3::LbEndpoint& lbEndpoint() const { // This is checked in the constructor, i.e. at config load time. ASSERT(localityLbEndpoint().lb_endpoints().size() == 1); return localityLbEndpoint().lb_endpoints()[0]; } void startResolve(); // ClusterImplBase void startPreInit() override; Network::DnsResolverSharedPtr dns_resolver_; const std::chrono::milliseconds dns_refresh_rate_ms_; BackOffStrategyPtr failure_backoff_strategy_; const bool respect_dns_ttl_; Network::DnsLookupFamily dns_lookup_family_; Event::TimerPtr resolve_timer_; std::string dns_url_; std::string hostname_; Network::Address::InstanceConstSharedPtr current_resolved_address_; LogicalHostSharedPtr logical_host_; Network::ActiveDnsQuery* active_dns_query_{}; const LocalInfo::LocalInfo& local_info_; const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_; }; class LogicalDnsClusterFactory : public ClusterFactoryImplBase { public: LogicalDnsClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().LogicalDns) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; DECLARE_FACTORY(LogicalDnsClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/logical_host.cc ================================================ #include "common/upstream/logical_host.h" namespace Envoy { namespace Upstream { Upstream::Host::CreateConnectionData LogicalHost::createConnection( Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) const { const auto current_address = address(); return {HostImpl::createConnection( dispatcher, cluster(), current_address, transportSocketFactory(), options, override_transport_socket_options_ != nullptr ? override_transport_socket_options_ : transport_socket_options), std::make_shared(current_address, shared_from_this())}; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/logical_host.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * A host implementation that can have its address changed in order to create temporal "real" * hosts. */ class LogicalHost : public HostImpl { public: LogicalHost(const ClusterInfoConstSharedPtr& cluster, const std::string& hostname, const Network::Address::InstanceConstSharedPtr& address, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint, const Network::TransportSocketOptionsSharedPtr& override_transport_socket_options) : HostImpl(cluster, hostname, address, // TODO(zyfjeff): Created through metadata shared pool std::make_shared(lb_endpoint.metadata()), lb_endpoint.load_balancing_weight().value(), locality_lb_endpoint.locality(), lb_endpoint.endpoint().health_check_config(), locality_lb_endpoint.priority(), lb_endpoint.health_status()), override_transport_socket_options_(override_transport_socket_options) {} // Set the new address. Updates are typically rare so a R/W lock is used for address updates. // Note that the health check address update requires no lock to be held since it is only // used on the main thread, but we do so anyway since it shouldn't be perf critical and will // future proof the code. void setNewAddress(const Network::Address::InstanceConstSharedPtr& address, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint) { const auto& port_value = lb_endpoint.endpoint().health_check_config().port_value(); auto health_check_address = port_value == 0 ? address : Network::Utility::getAddressWithPort(*address, port_value); absl::WriterMutexLock lock(&address_lock_); address_ = address; health_check_address_ = health_check_address; } // Upstream::Host CreateConnectionData createConnection( Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) const override; // Upstream::HostDescription Network::Address::InstanceConstSharedPtr address() const override { absl::ReaderMutexLock lock(&address_lock_); return HostImpl::address(); } Network::Address::InstanceConstSharedPtr healthCheckAddress() const override { absl::ReaderMutexLock lock(&address_lock_); return HostImpl::healthCheckAddress(); } private: const Network::TransportSocketOptionsSharedPtr override_transport_socket_options_; mutable absl::Mutex address_lock_; }; using LogicalHostSharedPtr = std::shared_ptr; /** * A real host that forwards most of its calls to a logical host, but returns a snapped address. */ class RealHostDescription : public HostDescription { public: RealHostDescription(Network::Address::InstanceConstSharedPtr address, HostConstSharedPtr logical_host) : address_(address), logical_host_(logical_host) {} // Upstream:HostDescription bool canary() const override { return logical_host_->canary(); } void canary(bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } MetadataConstSharedPtr metadata() const override { return logical_host_->metadata(); } void metadata(MetadataConstSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Network::TransportSocketFactory& transportSocketFactory() const override { return logical_host_->transportSocketFactory(); } const ClusterInfo& cluster() const override { return logical_host_->cluster(); } HealthCheckHostMonitor& healthChecker() const override { return logical_host_->healthChecker(); } Outlier::DetectorHostMonitor& outlierDetector() const override { return logical_host_->outlierDetector(); } HostStats& stats() const override { return logical_host_->stats(); } const std::string& hostnameForHealthChecks() const override { return logical_host_->hostnameForHealthChecks(); } const std::string& hostname() const override { return logical_host_->hostname(); } Network::Address::InstanceConstSharedPtr address() const override { return address_; } const envoy::config::core::v3::Locality& locality() const override { return logical_host_->locality(); } Stats::StatName localityZoneStatName() const override { return logical_host_->localityZoneStatName(); } Network::Address::InstanceConstSharedPtr healthCheckAddress() const override { // Should never be called since real hosts are used only for forwarding and not health // checking. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } uint32_t priority() const override { return logical_host_->priority(); } void priority(uint32_t) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } private: const Network::Address::InstanceConstSharedPtr address_; const HostConstSharedPtr logical_host_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/maglev_lb.cc ================================================ #include "common/upstream/maglev_lb.h" #include "envoy/config/cluster/v3/cluster.pb.h" namespace Envoy { namespace Upstream { MaglevTable::MaglevTable(const NormalizedHostWeightVector& normalized_host_weights, double max_normalized_weight, uint64_t table_size, bool use_hostname_for_hashing, MaglevLoadBalancerStats& stats) : table_size_(table_size), stats_(stats) { // We can't do anything sensible with no hosts. if (normalized_host_weights.empty()) { return; } // Implementation of pseudocode listing 1 in the paper (see header file for more info). std::vector table_build_entries; table_build_entries.reserve(normalized_host_weights.size()); for (const auto& host_weight : normalized_host_weights) { const auto& host = host_weight.first; const std::string& address = use_hostname_for_hashing ? host->hostname() : host->address()->asString(); ASSERT(!address.empty()); table_build_entries.emplace_back(host, HashUtil::xxHash64(address) % table_size_, (HashUtil::xxHash64(address, 1) % (table_size_ - 1)) + 1, host_weight.second); } table_.resize(table_size_); // Iterate through the table build entries as many times as it takes to fill up the table. uint64_t table_index = 0; for (uint32_t iteration = 1; table_index < table_size_; ++iteration) { for (uint64_t i = 0; i < table_build_entries.size() && table_index < table_size; i++) { TableBuildEntry& entry = table_build_entries[i]; // To understand how target_weight_ and weight_ are used below, consider a host with weight // equal to max_normalized_weight. This would be picked on every single iteration. If it had // weight equal to max_normalized_weight / 3, then it would only be picked every 3 iterations, // etc. if (iteration * entry.weight_ < entry.target_weight_) { continue; } entry.target_weight_ += max_normalized_weight; uint64_t c = permutation(entry); while (table_[c] != nullptr) { entry.next_++; c = permutation(entry); } table_[c] = entry.host_; entry.next_++; entry.count_++; table_index++; } } uint64_t min_entries_per_host = table_size_; uint64_t max_entries_per_host = 0; for (const auto& entry : table_build_entries) { min_entries_per_host = std::min(entry.count_, min_entries_per_host); max_entries_per_host = std::max(entry.count_, max_entries_per_host); } stats_.min_entries_per_host_.set(min_entries_per_host); stats_.max_entries_per_host_.set(max_entries_per_host); if (ENVOY_LOG_CHECK_LEVEL(trace)) { for (uint64_t i = 0; i < table_.size(); i++) { ENVOY_LOG(trace, "maglev: i={} host={}", i, use_hostname_for_hashing ? table_[i]->hostname() : table_[i]->address()->asString()); } } } HostConstSharedPtr MaglevTable::chooseHost(uint64_t hash, uint32_t attempt) const { if (table_.empty()) { return nullptr; } if (attempt > 0) { // If a retry host predicate is being applied, mutate the hash to choose an alternate host. // By using value with most bits set for the retry attempts, we achieve a larger change in // the hash, thereby reducing the likelihood that all retries are directed to a single host. hash ^= ~0ULL - attempt + 1; } return table_[hash % table_size_]; } uint64_t MaglevTable::permutation(const TableBuildEntry& entry) { return (entry.offset_ + (entry.skip_ * entry.next_)) % table_size_; } MaglevLoadBalancer::MaglevLoadBalancer( const PrioritySet& priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const absl::optional& config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : ThreadAwareLoadBalancerBase(priority_set, stats, runtime, random, common_config), scope_(scope.createScope("maglev_lb.")), stats_(generateStats(*scope_)), table_size_(config ? PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.value(), table_size, MaglevTable::DefaultTableSize) : MaglevTable::DefaultTableSize), use_hostname_for_hashing_( common_config.has_consistent_hashing_lb_config() ? common_config.consistent_hashing_lb_config().use_hostname_for_hashing() : false), hash_balance_factor_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( common_config.consistent_hashing_lb_config(), hash_balance_factor, 0)) { ENVOY_LOG(debug, "maglev table size: {}", table_size_); // The table size must be prime number. if (!Primes::isPrime(table_size_)) { throw EnvoyException("The table size of maglev must be prime number"); } } MaglevLoadBalancerStats MaglevLoadBalancer::generateStats(Stats::Scope& scope) { return {ALL_MAGLEV_LOAD_BALANCER_STATS(POOL_GAUGE(scope))}; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/maglev_lb.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/upstream/thread_aware_lb_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * All Maglev load balancer stats. @see stats_macros.h */ #define ALL_MAGLEV_LOAD_BALANCER_STATS(GAUGE) \ GAUGE(max_entries_per_host, Accumulate) \ GAUGE(min_entries_per_host, Accumulate) /** * Struct definition for all Maglev load balancer stats. @see stats_macros.h */ struct MaglevLoadBalancerStats { ALL_MAGLEV_LOAD_BALANCER_STATS(GENERATE_GAUGE_STRUCT) }; /** * This is an implementation of Maglev consistent hashing as described in: * https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/44824.pdf * section 3.4. Specifically, the algorithm shown in pseudocode listing 1 is implemented with a * fixed table size of 65537. This is the recommended table size in section 5.3. */ class MaglevTable : public ThreadAwareLoadBalancerBase::HashingLoadBalancer, Logger::Loggable { public: MaglevTable(const NormalizedHostWeightVector& normalized_host_weights, double max_normalized_weight, uint64_t table_size, bool use_hostname_for_hashing, MaglevLoadBalancerStats& stats); // ThreadAwareLoadBalancerBase::HashingLoadBalancer HostConstSharedPtr chooseHost(uint64_t hash, uint32_t attempt) const override; // Recommended table size in section 5.3 of the paper. static const uint64_t DefaultTableSize = 65537; private: struct TableBuildEntry { TableBuildEntry(const HostConstSharedPtr& host, uint64_t offset, uint64_t skip, double weight) : host_(host), offset_(offset), skip_(skip), weight_(weight) {} HostConstSharedPtr host_; const uint64_t offset_; const uint64_t skip_; const double weight_; double target_weight_{}; uint64_t next_{}; uint64_t count_{}; }; uint64_t permutation(const TableBuildEntry& entry); const uint64_t table_size_; std::vector table_; MaglevLoadBalancerStats& stats_; }; /** * Thread aware load balancer implementation for Maglev. */ class MaglevLoadBalancer : public ThreadAwareLoadBalancerBase, Logger::Loggable { public: MaglevLoadBalancer( const PrioritySet& priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const absl::optional& config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); const MaglevLoadBalancerStats& stats() const { return stats_; } uint64_t tableSize() const { return table_size_; } private: // ThreadAwareLoadBalancerBase HashingLoadBalancerSharedPtr createLoadBalancer(const NormalizedHostWeightVector& normalized_host_weights, double /* min_normalized_weight */, double max_normalized_weight) override { HashingLoadBalancerSharedPtr maglev_lb = std::make_shared(normalized_host_weights, max_normalized_weight, table_size_, use_hostname_for_hashing_, stats_); if (hash_balance_factor_ == 0) { return maglev_lb; } return std::make_shared( maglev_lb, std::move(normalized_host_weights), hash_balance_factor_); } static MaglevLoadBalancerStats generateStats(Stats::Scope& scope); Stats::ScopePtr scope_; MaglevLoadBalancerStats stats_; const uint64_t table_size_; const bool use_hostname_for_hashing_; const uint32_t hash_balance_factor_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/original_dst_cluster.cc ================================================ #include "common/upstream/original_dst_cluster.h" #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" #include "common/http/headers.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Upstream { HostConstSharedPtr OriginalDstCluster::LoadBalancer::chooseHost(LoadBalancerContext* context) { if (context) { // Check if override host header is present, if yes use it otherwise check local address. Network::Address::InstanceConstSharedPtr dst_host = nullptr; if (parent_->use_http_header_) { dst_host = requestOverrideHost(context); } if (dst_host == nullptr) { const Network::Connection* connection = context->downstreamConnection(); // The local address of the downstream connection is the original destination address, // if localAddressRestored() returns 'true'. if (connection && connection->localAddressRestored()) { dst_host = connection->localAddress(); } } if (dst_host) { const Network::Address::Instance& dst_addr = *dst_host.get(); // Check if a host with the destination address is already in the host set. auto it = host_map_->find(dst_addr.asString()); if (it != host_map_->end()) { HostSharedPtr host(it->second); // takes a reference ENVOY_LOG(debug, "Using existing host {}.", host->address()->asString()); host->used(true); // Mark as used. return host; } // Add a new host const Network::Address::Ip* dst_ip = dst_addr.ip(); if (dst_ip) { Network::Address::InstanceConstSharedPtr host_ip_port( Network::Utility::copyInternetAddressAndPort(*dst_ip)); // Create a host we can use immediately. auto info = parent_->info(); HostSharedPtr host(std::make_shared( info, info->name() + dst_addr.asString(), std::move(host_ip_port), nullptr, 1, envoy::config::core::v3::Locality().default_instance(), envoy::config::endpoint::v3::Endpoint::HealthCheckConfig().default_instance(), 0, envoy::config::core::v3::UNKNOWN)); ENVOY_LOG(debug, "Created host {}.", host->address()->asString()); // Tell the cluster about the new host // lambda cannot capture a member by value. std::weak_ptr post_parent = parent_; parent_->dispatcher_.post([post_parent, host]() mutable { // The main cluster may have disappeared while this post was queued. if (std::shared_ptr parent = post_parent.lock()) { parent->addHost(host); } }); return host; } else { ENVOY_LOG(debug, "Failed to create host for {}.", dst_addr.asString()); } } } // TODO(ramaraochavali): add a stat and move this log line to debug. ENVOY_LOG(warn, "original_dst_load_balancer: No downstream connection or no original_dst."); return nullptr; } Network::Address::InstanceConstSharedPtr OriginalDstCluster::LoadBalancer::requestOverrideHost(LoadBalancerContext* context) { Network::Address::InstanceConstSharedPtr request_host; const Http::HeaderMap* downstream_headers = context->downstreamHeaders(); if (downstream_headers && downstream_headers->get(Http::Headers::get().EnvoyOriginalDstHost) != nullptr) { const std::string request_override_host( downstream_headers->get(Http::Headers::get().EnvoyOriginalDstHost) ->value() .getStringView()); try { request_host = Network::Utility::parseInternetAddressAndPort(request_override_host, false); ENVOY_LOG(debug, "Using request override host {}.", request_override_host); } catch (const Envoy::EnvoyException& e) { ENVOY_LOG(debug, "original_dst_load_balancer: invalid override header value. {}", e.what()); parent_->info()->stats().original_dst_host_invalid_.inc(); } } return request_host; } OriginalDstCluster::OriginalDstCluster( const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : ClusterImplBase(config, runtime, factory_context, std::move(stats_scope), added_via_api), dispatcher_(factory_context.dispatcher()), cleanup_interval_ms_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, cleanup_interval, 5000))), cleanup_timer_(dispatcher_.createTimer([this]() -> void { cleanup(); })), use_http_header_(info_->lbOriginalDstConfig() ? info_->lbOriginalDstConfig().value().use_http_header() : false), host_map_(std::make_shared()) { // TODO(dio): Remove hosts check once the hosts field is removed. if (config.has_load_assignment() || !config.hidden_envoy_deprecated_hosts().empty()) { throw EnvoyException("ORIGINAL_DST clusters must have no load assignment or hosts configured"); } cleanup_timer_->enableTimer(cleanup_interval_ms_); } void OriginalDstCluster::addHost(HostSharedPtr& host) { HostMapSharedPtr new_host_map = std::make_shared(*getCurrentHostMap()); auto pair = new_host_map->emplace(host->address()->asString(), host); bool added = pair.second; if (added) { ENVOY_LOG(debug, "addHost() adding {}", host->address()->asString()); setHostMap(new_host_map); // Given the current config, only EDS clusters support multiple priorities. ASSERT(priority_set_.hostSetsPerPriority().size() == 1); const auto& first_host_set = priority_set_.getOrCreateHostSet(0); HostVectorSharedPtr all_hosts(new HostVector(first_host_set.hosts())); all_hosts->emplace_back(host); priority_set_.updateHosts(0, HostSetImpl::partitionHosts(all_hosts, HostsPerLocalityImpl::empty()), {}, {std::move(host)}, {}, absl::nullopt); } } void OriginalDstCluster::cleanup() { HostVectorSharedPtr keeping_hosts(new HostVector); HostVector to_be_removed; ENVOY_LOG(trace, "Stale original dst hosts cleanup triggered."); auto host_map = getCurrentHostMap(); if (!host_map->empty()) { ENVOY_LOG(trace, "Cleaning up stale original dst hosts."); for (const auto& pair : *host_map) { const std::string& addr = pair.first; const HostSharedPtr& host = pair.second; if (host->used()) { ENVOY_LOG(trace, "Keeping active host {}.", addr); keeping_hosts->emplace_back(host); host->used(false); // Mark to be removed during the next round. } else { ENVOY_LOG(trace, "Removing stale host {}.", addr); to_be_removed.emplace_back(host); } } } if (!to_be_removed.empty()) { HostMapSharedPtr new_host_map = std::make_shared(*host_map); for (const HostSharedPtr& host : to_be_removed) { new_host_map->erase(host->address()->asString()); } setHostMap(new_host_map); priority_set_.updateHosts( 0, HostSetImpl::partitionHosts(keeping_hosts, HostsPerLocalityImpl::empty()), {}, {}, to_be_removed, absl::nullopt); } cleanup_timer_->enableTimer(cleanup_interval_ms_); } std::pair OriginalDstClusterFactory::createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { if (cluster.lb_policy() != envoy::config::cluster::v3::Cluster::hidden_envoy_deprecated_ORIGINAL_DST_LB && cluster.lb_policy() != envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED) { throw EnvoyException(fmt::format( "cluster: LB policy {} is not valid for Cluster type {}. Only 'CLUSTER_PROVIDED' or " "'ORIGINAL_DST_LB' is allowed with cluster type 'ORIGINAL_DST'", envoy::config::cluster::v3::Cluster::LbPolicy_Name(cluster.lb_policy()), envoy::config::cluster::v3::Cluster::DiscoveryType_Name(cluster.type()))); } // TODO(mattklein123): The original DST load balancer type should be deprecated and instead // the cluster should directly supply the load balancer. This will remove // a special case and allow this cluster to be compiled out as an extension. auto new_cluster = std::make_shared(cluster, context.runtime(), socket_factory_context, std::move(stats_scope), context.addedViaApi()); auto lb = std::make_unique(new_cluster); return std::make_pair(new_cluster, std::move(lb)); } /** * Static registration for the original dst cluster factory. @see RegisterFactory. */ REGISTER_FACTORY(OriginalDstClusterFactory, ClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/original_dst_cluster.h ================================================ #pragma once #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "common/common/empty_string.h" #include "common/common/logger.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/upstream_impl.h" #include "extensions/clusters/well_known_names.h" namespace Envoy { namespace Upstream { using HostMapSharedPtr = std::shared_ptr; using HostMapConstSharedPtr = std::shared_ptr; /** * The OriginalDstCluster is a dynamic cluster that automatically adds hosts as needed based on the * original destination address of the downstream connection. These hosts are also automatically * cleaned up after they have not seen traffic for a configurable cleanup interval time * ("cleanup_interval_ms"). */ class OriginalDstCluster : public ClusterImplBase { public: OriginalDstCluster(const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); // Upstream::Cluster InitializePhase initializePhase() const override { return InitializePhase::Primary; } /** * Special Load Balancer for Original Dst Cluster. * * Load balancer gets called with the downstream context which can be used to make sure the * Original Dst cluster has a Host for the original destination. Normally load balancers can't * modify clusters, but in this case we access a singleton OriginalDstCluster that we can ask to * add hosts on demand. Additions are synced with all other threads so that the host set in the * cluster remains (eventually) consistent. If multiple threads add a host to the same upstream * address then two distinct HostSharedPtr's (with the same upstream IP address) will be added, * and both of them will eventually time out. */ class LoadBalancer : public Upstream::LoadBalancer { public: LoadBalancer(const std::shared_ptr& parent) : parent_(parent), host_map_(parent->getCurrentHostMap()) {} // Upstream::LoadBalancer HostConstSharedPtr chooseHost(LoadBalancerContext* context) override; // Prefetching is not implemented for OriginalDstCluster HostConstSharedPtr peekAnotherHost(LoadBalancerContext*) override { return nullptr; } private: Network::Address::InstanceConstSharedPtr requestOverrideHost(LoadBalancerContext* context); const std::shared_ptr parent_; HostMapConstSharedPtr host_map_; }; private: struct LoadBalancerFactory : public Upstream::LoadBalancerFactory { LoadBalancerFactory(const std::shared_ptr& cluster) : cluster_(cluster) {} // Upstream::LoadBalancerFactory Upstream::LoadBalancerPtr create() override { return std::make_unique(cluster_); } const std::shared_ptr cluster_; }; struct ThreadAwareLoadBalancer : public Upstream::ThreadAwareLoadBalancer { ThreadAwareLoadBalancer(const std::shared_ptr& cluster) : cluster_(cluster) {} // Upstream::ThreadAwareLoadBalancer Upstream::LoadBalancerFactorySharedPtr factory() override { return std::make_shared(cluster_); } void initialize() override {} const std::shared_ptr cluster_; }; HostMapConstSharedPtr getCurrentHostMap() { absl::ReaderMutexLock lock(&host_map_lock_); return host_map_; } void setHostMap(const HostMapConstSharedPtr& new_host_map) { absl::WriterMutexLock lock(&host_map_lock_); host_map_ = new_host_map; } void addHost(HostSharedPtr&); void cleanup(); // ClusterImplBase void startPreInit() override { onPreInitComplete(); } Event::Dispatcher& dispatcher_; const std::chrono::milliseconds cleanup_interval_ms_; Event::TimerPtr cleanup_timer_; const bool use_http_header_; absl::Mutex host_map_lock_; HostMapConstSharedPtr host_map_ ABSL_GUARDED_BY(host_map_lock_); friend class OriginalDstClusterFactory; }; using OriginalDstClusterSharedPtr = std::shared_ptr; class OriginalDstClusterFactory : public ClusterFactoryImplBase { public: OriginalDstClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().OriginalDst) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/outlier_detection_impl.cc ================================================ #include "common/upstream/outlier_detection_impl.h" #include #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/cluster/v3/outlier_detection.pb.h" #include "envoy/data/cluster/v2alpha/outlier_detection_event.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Upstream { namespace Outlier { DetectorSharedPtr DetectorImplFactory::createForCluster( Cluster& cluster, const envoy::config::cluster::v3::Cluster& cluster_config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, EventLoggerSharedPtr event_logger) { if (cluster_config.has_outlier_detection()) { return DetectorImpl::create(cluster, cluster_config.outlier_detection(), dispatcher, runtime, dispatcher.timeSource(), std::move(event_logger)); } else { return nullptr; } } DetectorHostMonitorImpl::DetectorHostMonitorImpl(std::shared_ptr detector, HostSharedPtr host) : detector_(detector), host_(host), // add Success Rate monitors external_origin_sr_monitor_(envoy::data::cluster::v2alpha::SUCCESS_RATE), local_origin_sr_monitor_(envoy::data::cluster::v2alpha::SUCCESS_RATE_LOCAL_ORIGIN) { // Setup method to call when putResult is invoked. Depending on the config's // split_external_local_origin_errors_ boolean value different method is called. put_result_func_ = detector->config().splitExternalLocalOriginErrors() ? &DetectorHostMonitorImpl::putResultWithLocalExternalSplit : &DetectorHostMonitorImpl::putResultNoLocalExternalSplit; } void DetectorHostMonitorImpl::eject(MonotonicTime ejection_time) { ASSERT(!host_.lock()->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)); host_.lock()->healthFlagSet(Host::HealthFlag::FAILED_OUTLIER_CHECK); num_ejections_++; last_ejection_time_ = ejection_time; } void DetectorHostMonitorImpl::uneject(MonotonicTime unejection_time) { last_unejection_time_ = (unejection_time); } void DetectorHostMonitorImpl::updateCurrentSuccessRateBucket() { external_origin_sr_monitor_.updateCurrentSuccessRateBucket(); local_origin_sr_monitor_.updateCurrentSuccessRateBucket(); } void DetectorHostMonitorImpl::putHttpResponseCode(uint64_t response_code) { external_origin_sr_monitor_.incTotalReqCounter(); if (Http::CodeUtility::is5xx(response_code)) { std::shared_ptr detector = detector_.lock(); if (!detector) { // It's possible for the cluster/detector to go away while we still have a host in use. return; } if (Http::CodeUtility::isGatewayError(response_code)) { if (++consecutive_gateway_failure_ == detector->runtime().snapshot().getInteger( "outlier_detection.consecutive_gateway_failure", detector->config().consecutiveGatewayFailure())) { detector->onConsecutiveGatewayFailure(host_.lock()); } } else { consecutive_gateway_failure_ = 0; } if (++consecutive_5xx_ == detector->runtime().snapshot().getInteger("outlier_detection.consecutive_5xx", detector->config().consecutive5xx())) { detector->onConsecutive5xx(host_.lock()); } } else { external_origin_sr_monitor_.incSuccessReqCounter(); consecutive_5xx_ = 0; consecutive_gateway_failure_ = 0; } } absl::optional DetectorHostMonitorImpl::resultToHttpCode(Result result) { Http::Code http_code = Http::Code::InternalServerError; switch (result) { case Result::ExtOriginRequestSuccess: case Result::LocalOriginConnectSuccessFinal: http_code = Http::Code::OK; break; case Result::LocalOriginTimeout: http_code = Http::Code::GatewayTimeout; break; case Result::LocalOriginConnectFailed: http_code = Http::Code::ServiceUnavailable; break; case Result::ExtOriginRequestFailed: http_code = Http::Code::InternalServerError; break; // LOCAL_ORIGIN_CONNECT_SUCCESS is used is 2-layer protocols, like HTTP. // First connection is established and then higher level protocol runs. // If error happens in higher layer protocol, it will be mapped to // HTTP code indicating error. In order not to intervene with result of // higher layer protocol, this code is not mapped to HTTP code. case Result::LocalOriginConnectSuccess: return absl::nullopt; } return {http_code}; } // Method is called by putResult when external and local origin errors // are not treated differently. All errors are mapped to HTTP codes. // Depending on the value of the parameter *code* the function behaves differently: // - if the *code* is not defined, mapping uses resultToHttpCode method to do mapping. // - if *code* is defined, it is taken as HTTP code and reported as such to outlier detector. void DetectorHostMonitorImpl::putResultNoLocalExternalSplit(Result result, absl::optional code) { if (code) { putHttpResponseCode(code.value()); } else { absl::optional http_code = resultToHttpCode(result); if (http_code) { putHttpResponseCode(enumToInt(http_code.value())); } } } // Method is called by putResult when external and local origin errors // are treated separately. Local origin errors have separate counters and // separate success rate monitor. void DetectorHostMonitorImpl::putResultWithLocalExternalSplit(Result result, absl::optional) { switch (result) { // SUCCESS is used to report success for connection level. Server may still respond with // error, but connection to server was OK. case Result::LocalOriginConnectSuccess: case Result::LocalOriginConnectSuccessFinal: return localOriginNoFailure(); // Connectivity related errors. case Result::LocalOriginTimeout: case Result::LocalOriginConnectFailed: return localOriginFailure(); // EXT_ORIGIN_REQUEST_FAILED is used when connection to server was successful, but transaction on // server level failed. Since it it similar to HTTP 5xx, map it to 5xx handler. case Result::ExtOriginRequestFailed: // map it to http code and call http handler. return putHttpResponseCode(enumToInt(Http::Code::ServiceUnavailable)); // EXT_ORIGIN_REQUEST_SUCCESS is used to report that transaction with non-http server was // completed successfully. This means that connection and server level transactions were // successful. Map it to http code 200 OK and indicate that there was no errors on connection // level. case Result::ExtOriginRequestSuccess: putHttpResponseCode(enumToInt(Http::Code::OK)); localOriginNoFailure(); break; } } // Method is used by other components to reports success or error. // It calls putResultWithLocalExternalSplit or put putResultNoLocalExternalSplit via // std::function. The setting happens in constructor based on split_external_local_origin_errors // config parameter. void DetectorHostMonitorImpl::putResult(Result result, absl::optional code) { put_result_func_(this, result, code); } void DetectorHostMonitorImpl::localOriginFailure() { std::shared_ptr detector = detector_.lock(); if (!detector) { // It's possible for the cluster/detector to go away while we still have a host in use. return; } local_origin_sr_monitor_.incTotalReqCounter(); if (++consecutive_local_origin_failure_ == detector->runtime().snapshot().getInteger( "outlier_detection.consecutive_local_origin_failure", detector->config().consecutiveLocalOriginFailure())) { detector->onConsecutiveLocalOriginFailure(host_.lock()); } } void DetectorHostMonitorImpl::localOriginNoFailure() { std::shared_ptr detector = detector_.lock(); if (!detector) { // It's possible for the cluster/detector to go away while we still have a host in use. return; } local_origin_sr_monitor_.incTotalReqCounter(); local_origin_sr_monitor_.incSuccessReqCounter(); resetConsecutiveLocalOriginFailure(); } DetectorConfig::DetectorConfig(const envoy::config::cluster::v3::OutlierDetection& config) : interval_ms_( static_cast(PROTOBUF_GET_MS_OR_DEFAULT(config, interval, DEFAULT_INTERVAL_MS))), base_ejection_time_ms_(static_cast( PROTOBUF_GET_MS_OR_DEFAULT(config, base_ejection_time, DEFAULT_BASE_EJECTION_TIME_MS))), consecutive_5xx_(static_cast( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, consecutive_5xx, DEFAULT_CONSECUTIVE_5XX))), consecutive_gateway_failure_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, consecutive_gateway_failure, DEFAULT_CONSECUTIVE_GATEWAY_FAILURE))), max_ejection_percent_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, max_ejection_percent, DEFAULT_MAX_EJECTION_PERCENT))), success_rate_minimum_hosts_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, success_rate_minimum_hosts, DEFAULT_SUCCESS_RATE_MINIMUM_HOSTS))), success_rate_request_volume_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, success_rate_request_volume, DEFAULT_SUCCESS_RATE_REQUEST_VOLUME))), success_rate_stdev_factor_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, success_rate_stdev_factor, DEFAULT_SUCCESS_RATE_STDEV_FACTOR))), failure_percentage_threshold_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, failure_percentage_threshold, DEFAULT_FAILURE_PERCENTAGE_THRESHOLD))), failure_percentage_minimum_hosts_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, failure_percentage_minimum_hosts, DEFAULT_FAILURE_PERCENTAGE_MINIMUM_HOSTS))), failure_percentage_request_volume_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, failure_percentage_request_volume, DEFAULT_FAILURE_PERCENTAGE_REQUEST_VOLUME))), enforcing_consecutive_5xx_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, enforcing_consecutive_5xx, DEFAULT_ENFORCING_CONSECUTIVE_5XX))), enforcing_consecutive_gateway_failure_(static_cast( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, enforcing_consecutive_gateway_failure, DEFAULT_ENFORCING_CONSECUTIVE_GATEWAY_FAILURE))), enforcing_success_rate_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, enforcing_success_rate, DEFAULT_ENFORCING_SUCCESS_RATE))), enforcing_failure_percentage_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, enforcing_failure_percentage, DEFAULT_ENFORCING_FAILURE_PERCENTAGE))), enforcing_failure_percentage_local_origin_(static_cast( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, enforcing_failure_percentage_local_origin, DEFAULT_ENFORCING_FAILURE_PERCENTAGE_LOCAL_ORIGIN))), split_external_local_origin_errors_(config.split_external_local_origin_errors()), consecutive_local_origin_failure_(static_cast(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, consecutive_local_origin_failure, DEFAULT_CONSECUTIVE_LOCAL_ORIGIN_FAILURE))), enforcing_consecutive_local_origin_failure_(static_cast( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, enforcing_consecutive_local_origin_failure, DEFAULT_ENFORCING_CONSECUTIVE_LOCAL_ORIGIN_FAILURE))), enforcing_local_origin_success_rate_(static_cast( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, enforcing_local_origin_success_rate, DEFAULT_ENFORCING_LOCAL_ORIGIN_SUCCESS_RATE))) {} DetectorImpl::DetectorImpl(const Cluster& cluster, const envoy::config::cluster::v3::OutlierDetection& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, TimeSource& time_source, EventLoggerSharedPtr event_logger) : config_(config), dispatcher_(dispatcher), runtime_(runtime), time_source_(time_source), stats_(generateStats(cluster.info()->statsScope())), interval_timer_(dispatcher.createTimer([this]() -> void { onIntervalTimer(); })), event_logger_(event_logger) { // Insert success rate initial numbers for each type of SR detector external_origin_sr_num_ = {-1, -1}; local_origin_sr_num_ = {-1, -1}; } DetectorImpl::~DetectorImpl() { for (const auto& host : host_monitors_) { if (host.first->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { ASSERT(ejections_active_helper_.value() > 0); ejections_active_helper_.dec(); } } } std::shared_ptr DetectorImpl::create(const Cluster& cluster, const envoy::config::cluster::v3::OutlierDetection& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, TimeSource& time_source, EventLoggerSharedPtr event_logger) { std::shared_ptr detector( new DetectorImpl(cluster, config, dispatcher, runtime, time_source, event_logger)); detector->initialize(cluster); return detector; } void DetectorImpl::initialize(const Cluster& cluster) { for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { for (const HostSharedPtr& host : host_set->hosts()) { addHostMonitor(host); } } cluster.prioritySet().addMemberUpdateCb( [this](const HostVector& hosts_added, const HostVector& hosts_removed) -> void { for (const HostSharedPtr& host : hosts_added) { addHostMonitor(host); } for (const HostSharedPtr& host : hosts_removed) { ASSERT(host_monitors_.count(host) == 1); if (host->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { ASSERT(ejections_active_helper_.value() > 0); ejections_active_helper_.dec(); } host_monitors_.erase(host); } }); armIntervalTimer(); } void DetectorImpl::addHostMonitor(HostSharedPtr host) { ASSERT(host_monitors_.count(host) == 0); DetectorHostMonitorImpl* monitor = new DetectorHostMonitorImpl(shared_from_this(), host); host_monitors_[host] = monitor; host->setOutlierDetector(DetectorHostMonitorPtr{monitor}); } void DetectorImpl::armIntervalTimer() { interval_timer_->enableTimer(std::chrono::milliseconds( runtime_.snapshot().getInteger("outlier_detection.interval_ms", config_.intervalMs()))); } void DetectorImpl::checkHostForUneject(HostSharedPtr host, DetectorHostMonitorImpl* monitor, MonotonicTime now) { if (!host->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { return; } std::chrono::milliseconds base_eject_time = std::chrono::milliseconds(runtime_.snapshot().getInteger( "outlier_detection.base_ejection_time_ms", config_.baseEjectionTimeMs())); ASSERT(monitor->numEjections() > 0); if ((base_eject_time * monitor->numEjections()) <= (now - monitor->lastEjectionTime().value())) { ejections_active_helper_.dec(); host->healthFlagClear(Host::HealthFlag::FAILED_OUTLIER_CHECK); // Reset the consecutive failure counters to avoid re-ejection on very few new errors due // to the non-triggering counter being close to its trigger value. host_monitors_[host]->resetConsecutive5xx(); host_monitors_[host]->resetConsecutiveGatewayFailure(); monitor->uneject(now); runCallbacks(host); if (event_logger_) { event_logger_->logUneject(host); } } } bool DetectorImpl::enforceEjection(envoy::data::cluster::v2alpha::OutlierEjectionType type) { switch (type) { case envoy::data::cluster::v2alpha::CONSECUTIVE_5XX: return runtime_.snapshot().featureEnabled("outlier_detection.enforcing_consecutive_5xx", config_.enforcingConsecutive5xx()); case envoy::data::cluster::v2alpha::CONSECUTIVE_GATEWAY_FAILURE: return runtime_.snapshot().featureEnabled( "outlier_detection.enforcing_consecutive_gateway_failure", config_.enforcingConsecutiveGatewayFailure()); case envoy::data::cluster::v2alpha::SUCCESS_RATE: return runtime_.snapshot().featureEnabled("outlier_detection.enforcing_success_rate", config_.enforcingSuccessRate()); case envoy::data::cluster::v2alpha::CONSECUTIVE_LOCAL_ORIGIN_FAILURE: return runtime_.snapshot().featureEnabled( "outlier_detection.enforcing_consecutive_local_origin_failure", config_.enforcingConsecutiveLocalOriginFailure()); case envoy::data::cluster::v2alpha::SUCCESS_RATE_LOCAL_ORIGIN: return runtime_.snapshot().featureEnabled( "outlier_detection.enforcing_local_origin_success_rate", config_.enforcingLocalOriginSuccessRate()); case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE: return runtime_.snapshot().featureEnabled("outlier_detection.enforcing_failure_percentage", config_.enforcingFailurePercentage()); case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE_LOCAL_ORIGIN: return runtime_.snapshot().featureEnabled( "outlier_detection.enforcing_failure_percentage_local_origin", config_.enforcingFailurePercentageLocalOrigin()); default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } NOT_REACHED_GCOVR_EXCL_LINE; } void DetectorImpl::updateEnforcedEjectionStats( envoy::data::cluster::v2alpha::OutlierEjectionType type) { stats_.ejections_enforced_total_.inc(); switch (type) { case envoy::data::cluster::v2alpha::SUCCESS_RATE: stats_.ejections_enforced_success_rate_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_5XX: stats_.ejections_enforced_consecutive_5xx_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_GATEWAY_FAILURE: stats_.ejections_enforced_consecutive_gateway_failure_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_LOCAL_ORIGIN_FAILURE: stats_.ejections_enforced_consecutive_local_origin_failure_.inc(); break; case envoy::data::cluster::v2alpha::SUCCESS_RATE_LOCAL_ORIGIN: stats_.ejections_enforced_local_origin_success_rate_.inc(); break; case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE: stats_.ejections_enforced_failure_percentage_.inc(); break; case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE_LOCAL_ORIGIN: stats_.ejections_enforced_local_origin_failure_percentage_.inc(); break; default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } void DetectorImpl::updateDetectedEjectionStats( envoy::data::cluster::v2alpha::OutlierEjectionType type) { switch (type) { case envoy::data::cluster::v2alpha::SUCCESS_RATE: stats_.ejections_detected_success_rate_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_5XX: stats_.ejections_detected_consecutive_5xx_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_GATEWAY_FAILURE: stats_.ejections_detected_consecutive_gateway_failure_.inc(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_LOCAL_ORIGIN_FAILURE: stats_.ejections_detected_consecutive_local_origin_failure_.inc(); break; case envoy::data::cluster::v2alpha::SUCCESS_RATE_LOCAL_ORIGIN: stats_.ejections_detected_local_origin_success_rate_.inc(); break; case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE: stats_.ejections_detected_failure_percentage_.inc(); break; case envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE_LOCAL_ORIGIN: stats_.ejections_detected_local_origin_failure_percentage_.inc(); break; default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } void DetectorImpl::ejectHost(HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type) { uint64_t max_ejection_percent = std::min( 100, runtime_.snapshot().getInteger("outlier_detection.max_ejection_percent", config_.maxEjectionPercent())); double ejected_percent = 100.0 * ejections_active_helper_.value() / host_monitors_.size(); // Note this is not currently checked per-priority level, so it is possible // for outlier detection to eject all hosts at any given priority level. if (ejected_percent < max_ejection_percent) { if (type == envoy::data::cluster::v2alpha::CONSECUTIVE_5XX || type == envoy::data::cluster::v2alpha::SUCCESS_RATE) { // Deprecated counter, preserving old behaviour until it's removed. stats_.ejections_total_.inc(); } if (enforceEjection(type)) { ejections_active_helper_.inc(); updateEnforcedEjectionStats(type); host_monitors_[host]->eject(time_source_.monotonicTime()); runCallbacks(host); if (event_logger_) { event_logger_->logEject(host, *this, type, true); } } else { if (event_logger_) { event_logger_->logEject(host, *this, type, false); } } } else { stats_.ejections_overflow_.inc(); } } DetectionStats DetectorImpl::generateStats(Stats::Scope& scope) { std::string prefix("outlier_detection."); return {ALL_OUTLIER_DETECTION_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix))}; } void DetectorImpl::notifyMainThreadConsecutiveError( HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type) { // This event will come from all threads, so we synchronize with a post to the main thread. // NOTE: Unfortunately consecutive errors are complicated from a threading perspective because // we catch consecutive errors on worker threads and then post back to the main thread. // Clusters can get removed, and this means there is a race condition with this // reverse post. The way we handle this is as follows: // 1) The only strong pointer to the detector is owned by the cluster. // 2) We post a weak pointer to the main thread. // 3) If when running on the main thread the weak pointer can be converted to a strong // pointer, the detector/cluster must still exist so we can safely fire callbacks. // Otherwise we do nothing since the detector/cluster is already gone. std::weak_ptr weak_this = shared_from_this(); dispatcher_.post([weak_this, host, type]() -> void { std::shared_ptr shared_this = weak_this.lock(); if (shared_this) { shared_this->onConsecutiveErrorWorker(host, type); } }); } void DetectorImpl::onConsecutive5xx(HostSharedPtr host) { notifyMainThreadConsecutiveError(host, envoy::data::cluster::v2alpha::CONSECUTIVE_5XX); } void DetectorImpl::onConsecutiveGatewayFailure(HostSharedPtr host) { notifyMainThreadConsecutiveError(host, envoy::data::cluster::v2alpha::CONSECUTIVE_GATEWAY_FAILURE); } void DetectorImpl::onConsecutiveLocalOriginFailure(HostSharedPtr host) { notifyMainThreadConsecutiveError(host, envoy::data::cluster::v2alpha::CONSECUTIVE_LOCAL_ORIGIN_FAILURE); } void DetectorImpl::onConsecutiveErrorWorker( HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type) { // Ejections come in cross thread. There is a chance that the host has already been removed from // the set. If so, just ignore it. if (host_monitors_.count(host) == 0) { return; } if (host->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { return; } // We also reset the appropriate counter here to allow the monitor to detect a bout of consecutive // error responses even if the monitor is not charged with an interleaved non-error code. updateDetectedEjectionStats(type); ejectHost(host, type); // reset counters switch (type) { case envoy::data::cluster::v2alpha::CONSECUTIVE_5XX: stats_.ejections_consecutive_5xx_.inc(); // Deprecated host_monitors_[host]->resetConsecutive5xx(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_GATEWAY_FAILURE: host_monitors_[host]->resetConsecutiveGatewayFailure(); break; case envoy::data::cluster::v2alpha::CONSECUTIVE_LOCAL_ORIGIN_FAILURE: host_monitors_[host]->resetConsecutiveLocalOriginFailure(); break; default: // Checked by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } DetectorImpl::EjectionPair DetectorImpl::successRateEjectionThreshold( double success_rate_sum, const std::vector& valid_success_rate_hosts, double success_rate_stdev_factor) { // This function is using mean and standard deviation as statistical measures for outlier // detection. First the mean is calculated by dividing the sum of success rate data over the // number of data points. Then variance is calculated by taking the mean of the // squared difference of data points to the mean of the data. Then standard deviation is // calculated by taking the square root of the variance. Then the outlier threshold is // calculated as the difference between the mean and the product of the standard // deviation and a constant factor. // // For example with a data set that looks like success_rate_data = {50, 100, 100, 100, 100} the // math would work as follows: // success_rate_sum = 450 // mean = 90 // variance = 400 // stdev = 20 // threshold returned = 52 double mean = success_rate_sum / valid_success_rate_hosts.size(); double variance = 0; std::for_each(valid_success_rate_hosts.begin(), valid_success_rate_hosts.end(), [&variance, mean](HostSuccessRatePair v) { variance += std::pow(v.success_rate_ - mean, 2); }); variance /= valid_success_rate_hosts.size(); double stdev = std::sqrt(variance); return {mean, (mean - (success_rate_stdev_factor * stdev))}; } void DetectorImpl::processSuccessRateEjections( DetectorHostMonitor::SuccessRateMonitorType monitor_type) { uint64_t success_rate_minimum_hosts = runtime_.snapshot().getInteger( "outlier_detection.success_rate_minimum_hosts", config_.successRateMinimumHosts()); uint64_t success_rate_request_volume = runtime_.snapshot().getInteger( "outlier_detection.success_rate_request_volume", config_.successRateRequestVolume()); uint64_t failure_percentage_minimum_hosts = runtime_.snapshot().getInteger("outlier_detection.failure_percentage_minimum_hosts", config_.failurePercentageMinimumHosts()); uint64_t failure_percentage_request_volume = runtime_.snapshot().getInteger("outlier_detection.failure_percentage_request_volume", config_.failurePercentageRequestVolume()); std::vector valid_success_rate_hosts; std::vector valid_failure_percentage_hosts; double success_rate_sum = 0; // Reset the Detector's success rate mean and stdev. getSRNums(monitor_type) = {-1, -1}; // Exit early if there are not enough hosts. if (host_monitors_.size() < success_rate_minimum_hosts && host_monitors_.size() < failure_percentage_minimum_hosts) { return; } // reserve upper bound of vector size to avoid reallocation. valid_success_rate_hosts.reserve(host_monitors_.size()); valid_failure_percentage_hosts.reserve(host_monitors_.size()); for (const auto& host : host_monitors_) { // Don't do work if the host is already ejected. if (!host.first->healthFlagGet(Host::HealthFlag::FAILED_OUTLIER_CHECK)) { absl::optional> host_success_rate_and_volume = host.second->getSRMonitor(monitor_type) .successRateAccumulator() .getSuccessRateAndVolume(); if (!host_success_rate_and_volume) { continue; } double success_rate = host_success_rate_and_volume.value().first; double request_volume = host_success_rate_and_volume.value().second; if (request_volume >= std::min(success_rate_request_volume, failure_percentage_request_volume)) { host.second->successRate(monitor_type, success_rate); } if (request_volume >= success_rate_request_volume) { valid_success_rate_hosts.emplace_back(HostSuccessRatePair(host.first, success_rate)); success_rate_sum += success_rate; } if (request_volume >= failure_percentage_request_volume) { valid_failure_percentage_hosts.emplace_back(HostSuccessRatePair(host.first, success_rate)); } } } if (!valid_success_rate_hosts.empty() && valid_success_rate_hosts.size() >= success_rate_minimum_hosts) { const double success_rate_stdev_factor = runtime_.snapshot().getInteger("outlier_detection.success_rate_stdev_factor", config_.successRateStdevFactor()) / 1000.0; getSRNums(monitor_type) = successRateEjectionThreshold( success_rate_sum, valid_success_rate_hosts, success_rate_stdev_factor); const double success_rate_ejection_threshold = getSRNums(monitor_type).ejection_threshold_; for (const auto& host_success_rate_pair : valid_success_rate_hosts) { if (host_success_rate_pair.success_rate_ < success_rate_ejection_threshold) { stats_.ejections_success_rate_.inc(); // Deprecated. const envoy::data::cluster::v2alpha::OutlierEjectionType type = host_monitors_[host_success_rate_pair.host_] ->getSRMonitor(monitor_type) .getEjectionType(); updateDetectedEjectionStats(type); ejectHost(host_success_rate_pair.host_, type); } } } if (!valid_failure_percentage_hosts.empty() && valid_failure_percentage_hosts.size() >= failure_percentage_minimum_hosts) { const double failure_percentage_threshold = runtime_.snapshot().getInteger( "outlier_detection.failure_percentage_threshold", config_.failurePercentageThreshold()); for (const auto& host_success_rate_pair : valid_failure_percentage_hosts) { if ((100.0 - host_success_rate_pair.success_rate_) >= failure_percentage_threshold) { // We should eject. // The ejection type returned by the SuccessRateMonitor's getEjectionType() will be a // SUCCESS_RATE type, so we need to figure it out for ourselves. const envoy::data::cluster::v2alpha::OutlierEjectionType type = (monitor_type == DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin) ? envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE : envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE_LOCAL_ORIGIN; updateDetectedEjectionStats(type); ejectHost(host_success_rate_pair.host_, type); } } } } void DetectorImpl::onIntervalTimer() { MonotonicTime now = time_source_.monotonicTime(); for (auto host : host_monitors_) { checkHostForUneject(host.first, host.second, now); // Need to update the writer bucket to keep the data valid. host.second->updateCurrentSuccessRateBucket(); // Refresh host success rate stat for the /clusters endpoint. If there is a new valid value, it // will get updated in processSuccessRateEjections(). host.second->successRate(DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin, -1); host.second->successRate(DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin, -1); } processSuccessRateEjections(DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin); processSuccessRateEjections(DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin); armIntervalTimer(); } void DetectorImpl::runCallbacks(HostSharedPtr host) { for (const ChangeStateCb& cb : callbacks_) { cb(host); } } void EventLoggerImpl::logEject(const HostDescriptionConstSharedPtr& host, Detector& detector, envoy::data::cluster::v2alpha::OutlierEjectionType type, bool enforced) { envoy::data::cluster::v2alpha::OutlierDetectionEvent event; event.set_type(type); absl::optional time = host->outlierDetector().lastUnejectionTime(); setCommonEventParams(event, host, time); event.set_action(envoy::data::cluster::v2alpha::EJECT); event.set_enforced(enforced); if ((type == envoy::data::cluster::v2alpha::SUCCESS_RATE) || (type == envoy::data::cluster::v2alpha::SUCCESS_RATE_LOCAL_ORIGIN)) { const DetectorHostMonitor::SuccessRateMonitorType monitor_type = (type == envoy::data::cluster::v2alpha::SUCCESS_RATE) ? DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin : DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin; event.mutable_eject_success_rate_event()->set_cluster_average_success_rate( detector.successRateAverage(monitor_type)); event.mutable_eject_success_rate_event()->set_cluster_success_rate_ejection_threshold( detector.successRateEjectionThreshold(monitor_type)); event.mutable_eject_success_rate_event()->set_host_success_rate( host->outlierDetector().successRate(monitor_type)); } else if ((type == envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE) || (type == envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE_LOCAL_ORIGIN)) { const DetectorHostMonitor::SuccessRateMonitorType monitor_type = (type == envoy::data::cluster::v2alpha::FAILURE_PERCENTAGE) ? DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin : DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin; event.mutable_eject_failure_percentage_event()->set_host_success_rate( host->outlierDetector().successRate(monitor_type)); } else { event.mutable_eject_consecutive_event(); } const auto json = MessageUtil::getJsonStringFromMessage(event, /* pretty_print */ false, /* always_print_primitive_fields */ true); file_->write(fmt::format("{}\n", json)); } void EventLoggerImpl::logUneject(const HostDescriptionConstSharedPtr& host) { envoy::data::cluster::v2alpha::OutlierDetectionEvent event; absl::optional time = host->outlierDetector().lastEjectionTime(); setCommonEventParams(event, host, time); event.set_action(envoy::data::cluster::v2alpha::UNEJECT); const auto json = MessageUtil::getJsonStringFromMessage(event, /* pretty_print */ false, /* always_print_primitive_fields */ true); file_->write(fmt::format("{}\n", json)); } void EventLoggerImpl::setCommonEventParams( envoy::data::cluster::v2alpha::OutlierDetectionEvent& event, const HostDescriptionConstSharedPtr& host, absl::optional time) { MonotonicTime monotonic_now = time_source_.monotonicTime(); if (time) { std::chrono::seconds secsFromLastAction = std::chrono::duration_cast(monotonic_now - time.value()); event.mutable_secs_since_last_action()->set_value(secsFromLastAction.count()); } event.set_cluster_name(host->cluster().name()); event.set_upstream_url(host->address()->asString()); event.set_num_ejections(host->outlierDetector().numEjections()); TimestampUtil::systemClockToTimestamp(time_source_.systemTime(), *event.mutable_timestamp()); } SuccessRateAccumulatorBucket* SuccessRateAccumulator::updateCurrentWriter() { // Right now current is being written to and backup is not. Flush the backup and swap. backup_success_rate_bucket_->success_request_counter_ = 0; backup_success_rate_bucket_->total_request_counter_ = 0; current_success_rate_bucket_.swap(backup_success_rate_bucket_); return current_success_rate_bucket_.get(); } absl::optional> SuccessRateAccumulator::getSuccessRateAndVolume() { if (!backup_success_rate_bucket_->total_request_counter_) { return absl::nullopt; } double success_rate = backup_success_rate_bucket_->success_request_counter_ * 100.0 / backup_success_rate_bucket_->total_request_counter_; return {{success_rate, backup_success_rate_bucket_->total_request_counter_}}; } } // namespace Outlier } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/outlier_detection_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/time.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/cluster/v3/outlier_detection.pb.h" #include "envoy/data/cluster/v2alpha/outlier_detection_event.pb.h" #include "envoy/event/timer.h" #include "envoy/http/codes.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/upstream.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Upstream { namespace Outlier { /** * Null host monitor implementation. */ class DetectorHostMonitorNullImpl : public DetectorHostMonitor { public: // Upstream::Outlier::DetectorHostMonitor uint32_t numEjections() override { return 0; } void putHttpResponseCode(uint64_t) override {} void putResult(Result, absl::optional) override {} void putResponseTime(std::chrono::milliseconds) override {} const absl::optional& lastEjectionTime() override { return time_; } const absl::optional& lastUnejectionTime() override { return time_; } double successRate(SuccessRateMonitorType) const override { return -1; } private: const absl::optional time_{}; }; /** * Factory for creating a detector from a proto configuration. */ class DetectorImplFactory { public: static DetectorSharedPtr createForCluster(Cluster& cluster, const envoy::config::cluster::v3::Cluster& cluster_config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, EventLoggerSharedPtr event_logger); }; /** * Thin struct to facilitate calculations for success rate outlier detection. */ struct HostSuccessRatePair { HostSuccessRatePair(HostSharedPtr host, double success_rate) : host_(host), success_rate_(success_rate) {} HostSharedPtr host_; double success_rate_; }; struct SuccessRateAccumulatorBucket { std::atomic success_request_counter_; std::atomic total_request_counter_; }; /** * The SuccessRateAccumulator uses the SuccessRateAccumulatorBucket to get per host success rate * stats. This implementation has a fixed window size of time, and thus only needs a * bucket to write to, and a bucket to accumulate/run stats over. */ class SuccessRateAccumulator { public: SuccessRateAccumulator() : current_success_rate_bucket_(new SuccessRateAccumulatorBucket()), backup_success_rate_bucket_(new SuccessRateAccumulatorBucket()) {} /** * This function updates the bucket to write data to. * @return a pointer to the SuccessRateAccumulatorBucket. */ SuccessRateAccumulatorBucket* updateCurrentWriter(); /** * This function returns the success rate of a host over a window of time if the request volume is * high enough. The underlying window of time could be dynamically adjusted. In the current * implementation it is a fixed time window. * @param success_rate_request_volume the threshold of requests an accumulator has to have in * order to be able to return a significant success rate value. * @return a valid absl::optional with the success rate. If there were not enough * requests, an invalid absl::optional is returned. */ absl::optional> getSuccessRateAndVolume(); private: std::unique_ptr current_success_rate_bucket_; std::unique_ptr backup_success_rate_bucket_; }; class SuccessRateMonitor { public: SuccessRateMonitor(envoy::data::cluster::v2alpha::OutlierEjectionType ejection_type) : ejection_type_(ejection_type), success_rate_(-1) { // Point the success_rate_accumulator_bucket_ pointer to a bucket. updateCurrentSuccessRateBucket(); } double getSuccessRate() const { return success_rate_; } SuccessRateAccumulator& successRateAccumulator() { return success_rate_accumulator_; } void setSuccessRate(double new_success_rate) { success_rate_ = new_success_rate; } void updateCurrentSuccessRateBucket() { success_rate_accumulator_bucket_.store(success_rate_accumulator_.updateCurrentWriter()); } void incTotalReqCounter() { success_rate_accumulator_bucket_.load()->total_request_counter_++; } void incSuccessReqCounter() { success_rate_accumulator_bucket_.load()->success_request_counter_++; } envoy::data::cluster::v2alpha::OutlierEjectionType getEjectionType() const { return ejection_type_; } private: SuccessRateAccumulator success_rate_accumulator_; std::atomic success_rate_accumulator_bucket_; envoy::data::cluster::v2alpha::OutlierEjectionType ejection_type_; double success_rate_; }; class DetectorImpl; /** * Implementation of DetectorHostMonitor for the generic detector. */ class DetectorHostMonitorImpl : public DetectorHostMonitor { public: DetectorHostMonitorImpl(std::shared_ptr detector, HostSharedPtr host); void eject(MonotonicTime ejection_time); void uneject(MonotonicTime ejection_time); void resetConsecutive5xx() { consecutive_5xx_ = 0; } void resetConsecutiveGatewayFailure() { consecutive_gateway_failure_ = 0; } void resetConsecutiveLocalOriginFailure() { consecutive_local_origin_failure_ = 0; } static absl::optional resultToHttpCode(Result result); // Upstream::Outlier::DetectorHostMonitor uint32_t numEjections() override { return num_ejections_; } void putHttpResponseCode(uint64_t response_code) override; void putResult(Result result, absl::optional code) override; void putResponseTime(std::chrono::milliseconds) override {} const absl::optional& lastEjectionTime() override { return last_ejection_time_; } const absl::optional& lastUnejectionTime() override { return last_unejection_time_; } const SuccessRateMonitor& getSRMonitor(SuccessRateMonitorType type) const { return (SuccessRateMonitorType::ExternalOrigin == type) ? external_origin_sr_monitor_ : local_origin_sr_monitor_; } SuccessRateMonitor& getSRMonitor(SuccessRateMonitorType type) { // Call const version of the same method return const_cast( const_cast(this)->getSRMonitor(type)); } double successRate(SuccessRateMonitorType type) const override { return getSRMonitor(type).getSuccessRate(); } void updateCurrentSuccessRateBucket(); void successRate(SuccessRateMonitorType type, double new_success_rate) { getSRMonitor(type).setSuccessRate(new_success_rate); } // handlers for reporting local origin errors void localOriginFailure(); void localOriginNoFailure(); private: std::weak_ptr detector_; std::weak_ptr host_; absl::optional last_ejection_time_; absl::optional last_unejection_time_; uint32_t num_ejections_{}; // counters for externally generated failures std::atomic consecutive_5xx_{0}; std::atomic consecutive_gateway_failure_{0}; // counters for local origin failures std::atomic consecutive_local_origin_failure_{0}; // success rate monitors: // - external_origin: for all events when external/local are not split // and for external origin failures when external/local events are split // - local origin: for local events when external/local events are split and // not used when external/local events are not split. SuccessRateMonitor external_origin_sr_monitor_; SuccessRateMonitor local_origin_sr_monitor_; void putResultNoLocalExternalSplit(Result result, absl::optional code); void putResultWithLocalExternalSplit(Result result, absl::optional code); std::function code)> put_result_func_; }; /** * All outlier detection stats. @see stats_macros.h */ #define ALL_OUTLIER_DETECTION_STATS(COUNTER, GAUGE) \ COUNTER(ejections_consecutive_5xx) \ COUNTER(ejections_detected_consecutive_5xx) \ COUNTER(ejections_detected_consecutive_gateway_failure) \ COUNTER(ejections_detected_success_rate) \ COUNTER(ejections_detected_failure_percentage) \ COUNTER(ejections_enforced_consecutive_5xx) \ COUNTER(ejections_enforced_consecutive_gateway_failure) \ COUNTER(ejections_enforced_success_rate) \ COUNTER(ejections_enforced_failure_percentage) \ COUNTER(ejections_detected_consecutive_local_origin_failure) \ COUNTER(ejections_enforced_consecutive_local_origin_failure) \ COUNTER(ejections_detected_local_origin_success_rate) \ COUNTER(ejections_enforced_local_origin_success_rate) \ COUNTER(ejections_detected_local_origin_failure_percentage) \ COUNTER(ejections_enforced_local_origin_failure_percentage) \ COUNTER(ejections_enforced_total) \ COUNTER(ejections_overflow) \ COUNTER(ejections_success_rate) \ COUNTER(ejections_total) \ GAUGE(ejections_active, Accumulate) /** * Struct definition for all outlier detection stats. @see stats_macros.h */ struct DetectionStats { ALL_OUTLIER_DETECTION_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Configuration for the outlier detection. */ class DetectorConfig { public: DetectorConfig(const envoy::config::cluster::v3::OutlierDetection& config); uint64_t intervalMs() const { return interval_ms_; } uint64_t baseEjectionTimeMs() const { return base_ejection_time_ms_; } uint64_t consecutive5xx() const { return consecutive_5xx_; } uint64_t consecutiveGatewayFailure() const { return consecutive_gateway_failure_; } uint64_t maxEjectionPercent() const { return max_ejection_percent_; } uint64_t successRateMinimumHosts() const { return success_rate_minimum_hosts_; } uint64_t successRateRequestVolume() const { return success_rate_request_volume_; } uint64_t successRateStdevFactor() const { return success_rate_stdev_factor_; } uint64_t failurePercentageThreshold() const { return failure_percentage_threshold_; } uint64_t failurePercentageMinimumHosts() const { return failure_percentage_minimum_hosts_; } uint64_t failurePercentageRequestVolume() const { return failure_percentage_request_volume_; } uint64_t enforcingConsecutive5xx() const { return enforcing_consecutive_5xx_; } uint64_t enforcingConsecutiveGatewayFailure() const { return enforcing_consecutive_gateway_failure_; } uint64_t enforcingSuccessRate() const { return enforcing_success_rate_; } uint64_t enforcingFailurePercentage() const { return enforcing_failure_percentage_; } uint64_t enforcingFailurePercentageLocalOrigin() const { return enforcing_failure_percentage_local_origin_; } bool splitExternalLocalOriginErrors() const { return split_external_local_origin_errors_; } uint64_t consecutiveLocalOriginFailure() const { return consecutive_local_origin_failure_; } uint64_t enforcingConsecutiveLocalOriginFailure() const { return enforcing_consecutive_local_origin_failure_; } uint64_t enforcingLocalOriginSuccessRate() const { return enforcing_local_origin_success_rate_; } private: const uint64_t interval_ms_; const uint64_t base_ejection_time_ms_; const uint64_t consecutive_5xx_; const uint64_t consecutive_gateway_failure_; const uint64_t max_ejection_percent_; const uint64_t success_rate_minimum_hosts_; const uint64_t success_rate_request_volume_; const uint64_t success_rate_stdev_factor_; const uint64_t failure_percentage_threshold_; const uint64_t failure_percentage_minimum_hosts_; const uint64_t failure_percentage_request_volume_; const uint64_t enforcing_consecutive_5xx_; const uint64_t enforcing_consecutive_gateway_failure_; const uint64_t enforcing_success_rate_; const uint64_t enforcing_failure_percentage_; const uint64_t enforcing_failure_percentage_local_origin_; const bool split_external_local_origin_errors_; const uint64_t consecutive_local_origin_failure_; const uint64_t enforcing_consecutive_local_origin_failure_; const uint64_t enforcing_local_origin_success_rate_; static const uint64_t DEFAULT_INTERVAL_MS = 10000; static const uint64_t DEFAULT_BASE_EJECTION_TIME_MS = 30000; static const uint64_t DEFAULT_CONSECUTIVE_5XX = 5; static const uint64_t DEFAULT_CONSECUTIVE_GATEWAY_FAILURE = 5; static const uint64_t DEFAULT_MAX_EJECTION_PERCENT = 10; static const uint64_t DEFAULT_SUCCESS_RATE_MINIMUM_HOSTS = 5; static const uint64_t DEFAULT_SUCCESS_RATE_REQUEST_VOLUME = 100; static const uint64_t DEFAULT_SUCCESS_RATE_STDEV_FACTOR = 1900; static const uint64_t DEFAULT_FAILURE_PERCENTAGE_THRESHOLD = 85; static const uint64_t DEFAULT_FAILURE_PERCENTAGE_MINIMUM_HOSTS = 5; static const uint64_t DEFAULT_FAILURE_PERCENTAGE_REQUEST_VOLUME = 50; static const uint64_t DEFAULT_ENFORCING_CONSECUTIVE_5XX = 100; static const uint64_t DEFAULT_ENFORCING_CONSECUTIVE_GATEWAY_FAILURE = 0; static const uint64_t DEFAULT_ENFORCING_SUCCESS_RATE = 100; static const uint64_t DEFAULT_ENFORCING_FAILURE_PERCENTAGE = 0; static const uint64_t DEFAULT_ENFORCING_FAILURE_PERCENTAGE_LOCAL_ORIGIN = 0; static const uint64_t DEFAULT_CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 5; static const uint64_t DEFAULT_ENFORCING_CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 100; static const uint64_t DEFAULT_ENFORCING_LOCAL_ORIGIN_SUCCESS_RATE = 100; }; /** * An implementation of an outlier detector. In the future we may support multiple outlier detection * implementations with different configuration. For now, as we iterate everything is contained * within this implementation. */ class DetectorImpl : public Detector, public std::enable_shared_from_this { public: static std::shared_ptr create(const Cluster& cluster, const envoy::config::cluster::v3::OutlierDetection& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, TimeSource& time_source, EventLoggerSharedPtr event_logger); ~DetectorImpl() override; void onConsecutive5xx(HostSharedPtr host); void onConsecutiveGatewayFailure(HostSharedPtr host); void onConsecutiveLocalOriginFailure(HostSharedPtr host); Runtime::Loader& runtime() { return runtime_; } DetectorConfig& config() { return config_; } // Upstream::Outlier::Detector void addChangedStateCb(ChangeStateCb cb) override { callbacks_.push_back(cb); } double successRateAverage(DetectorHostMonitor::SuccessRateMonitorType monitor_type) const override { return getSRNums(monitor_type).success_rate_average_; } double successRateEjectionThreshold( DetectorHostMonitor::SuccessRateMonitorType monitor_type) const override { return getSRNums(monitor_type).ejection_threshold_; } /** * This function returns pair of double values for success rate outlier detection. The pair * contains the average success rate of all valid hosts in the cluster and the ejection threshold. * If a host's success rate is under this threshold, the host is an outlier. * @param success_rate_sum is the sum of the data in the success_rate_data vector. * @param valid_success_rate_hosts is the vector containing the individual success rate data * points. * @return EjectionPair */ struct EjectionPair { double success_rate_average_; // average success rate of all valid hosts in the cluster double ejection_threshold_; // ejection threshold for the cluster }; static EjectionPair successRateEjectionThreshold(double success_rate_sum, const std::vector& valid_success_rate_hosts, double success_rate_stdev_factor); private: DetectorImpl(const Cluster& cluster, const envoy::config::cluster::v3::OutlierDetection& config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, TimeSource& time_source, EventLoggerSharedPtr event_logger); void addHostMonitor(HostSharedPtr host); void armIntervalTimer(); void checkHostForUneject(HostSharedPtr host, DetectorHostMonitorImpl* monitor, MonotonicTime now); void ejectHost(HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type); static DetectionStats generateStats(Stats::Scope& scope); void initialize(const Cluster& cluster); void onConsecutiveErrorWorker(HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type); void notifyMainThreadConsecutiveError(HostSharedPtr host, envoy::data::cluster::v2alpha::OutlierEjectionType type); void onIntervalTimer(); void runCallbacks(HostSharedPtr host); bool enforceEjection(envoy::data::cluster::v2alpha::OutlierEjectionType type); void updateEnforcedEjectionStats(envoy::data::cluster::v2alpha::OutlierEjectionType type); void updateDetectedEjectionStats(envoy::data::cluster::v2alpha::OutlierEjectionType type); void processSuccessRateEjections(DetectorHostMonitor::SuccessRateMonitorType monitor_type); // The helper to double write value and gauge. The gauge could be null value since because any // stat might be deactivated. class EjectionsActiveHelper { public: EjectionsActiveHelper(Envoy::Stats::Gauge& gauge) : ejections_active_ref_(gauge) {} void inc() { ejections_active_ref_.inc(); ++ejections_active_value_; } void dec() { ejections_active_ref_.dec(); --ejections_active_value_; } uint64_t value() { return ejections_active_value_.load(); } Envoy::Stats::Gauge& ejections_active_ref_; std::atomic ejections_active_value_{0}; }; DetectorConfig config_; Event::Dispatcher& dispatcher_; Runtime::Loader& runtime_; TimeSource& time_source_; DetectionStats stats_; EjectionsActiveHelper ejections_active_helper_{stats_.ejections_active_}; Event::TimerPtr interval_timer_; std::list callbacks_; absl::node_hash_map host_monitors_; EventLoggerSharedPtr event_logger_; // EjectionPair for external and local origin events. // When external/local origin events are not split, external_origin_sr_num_ are used for // both types of events: external and local. local_origin_sr_num_ is not used. // When external/local origin events are split, external_origin_sr_num_ are used only // for external events and local_origin_sr_num_ is used for local origin events. EjectionPair external_origin_sr_num_; EjectionPair local_origin_sr_num_; const EjectionPair& getSRNums(DetectorHostMonitor::SuccessRateMonitorType monitor_type) const { return (DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin == monitor_type) ? external_origin_sr_num_ : local_origin_sr_num_; } EjectionPair& getSRNums(DetectorHostMonitor::SuccessRateMonitorType monitor_type) { return const_cast( static_cast(*this).getSRNums(monitor_type)); } }; class EventLoggerImpl : public EventLogger { public: EventLoggerImpl(AccessLog::AccessLogManager& log_manager, const std::string& file_name, TimeSource& time_source) : file_(log_manager.createAccessLog(file_name)), time_source_(time_source) {} // Upstream::Outlier::EventLogger void logEject(const HostDescriptionConstSharedPtr& host, Detector& detector, envoy::data::cluster::v2alpha::OutlierEjectionType type, bool enforced) override; void logUneject(const HostDescriptionConstSharedPtr& host) override; private: void setCommonEventParams(envoy::data::cluster::v2alpha::OutlierDetectionEvent& event, const HostDescriptionConstSharedPtr& host, absl::optional time); AccessLog::AccessLogFileSharedPtr file_; TimeSource& time_source_; }; } // namespace Outlier } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/priority_conn_pool_map.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" #include "common/upstream/conn_pool_map.h" namespace Envoy { namespace Upstream { /** * A class mapping keys to connection pools, with some recycling logic built in. */ template class PriorityConnPoolMap { public: using ConnPoolMapType = ConnPoolMap; using PoolFactory = typename ConnPoolMapType::PoolFactory; using DrainedCb = typename ConnPoolMapType::DrainedCb; using PoolOptRef = typename ConnPoolMapType::PoolOptRef; PriorityConnPoolMap(Event::Dispatcher& dispatcher, const HostConstSharedPtr& host); ~PriorityConnPoolMap(); /** * Returns an existing pool for the given priority and `key`, or creates a new one using * `factory`. Note that it is possible for this to fail if a limit on the number of pools allowed * is reached. * @return The pool corresponding to `key`, or `absl::nullopt`. */ PoolOptRef getPool(ResourcePriority priority, KEY_TYPE key, const PoolFactory& factory); /** * @return the number of pools across all priorities. */ size_t size() const; /** * Destroys all mapped pools. */ void clear(); /** * Adds a drain callback to all mapped pools. Any future mapped pools with have the callback * automatically added. Be careful with the callback. If it itself calls into `this`, modifying * the state of `this`, there is a good chance it will cause corruption due to the callback firing * immediately. */ void addDrainedCallback(const DrainedCb& cb); /** * Instructs each connection pool to drain its connections. */ void drainConnections(); private: std::array, NumResourcePriorities> conn_pool_maps_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/priority_conn_pool_map_impl.h ================================================ #pragma once #include "common/upstream/conn_pool_map_impl.h" #include "common/upstream/priority_conn_pool_map.h" namespace Envoy { namespace Upstream { template PriorityConnPoolMap::PriorityConnPoolMap(Envoy::Event::Dispatcher& dispatcher, const HostConstSharedPtr& host) { for (size_t pool_map_index = 0; pool_map_index < NumResourcePriorities; ++pool_map_index) { auto priority = static_cast(pool_map_index); conn_pool_maps_[pool_map_index].reset(new ConnPoolMapType(dispatcher, host, priority)); } } template PriorityConnPoolMap::~PriorityConnPoolMap() = default; template typename PriorityConnPoolMap::PoolOptRef PriorityConnPoolMap::getPool(ResourcePriority priority, KEY_TYPE key, const PoolFactory& factory) { size_t index = static_cast(priority); ASSERT(index < conn_pool_maps_.size()); return conn_pool_maps_[index]->getPool(key, factory); } template size_t PriorityConnPoolMap::size() const { size_t size = 0; for (const auto& pool_map : conn_pool_maps_) { size += pool_map->size(); } return size; } template void PriorityConnPoolMap::clear() { for (auto& pool_map : conn_pool_maps_) { pool_map->clear(); } } template void PriorityConnPoolMap::addDrainedCallback(const DrainedCb& cb) { for (auto& pool_map : conn_pool_maps_) { pool_map->addDrainedCallback(cb); } } template void PriorityConnPoolMap::drainConnections() { for (auto& pool_map : conn_pool_maps_) { pool_map->drainConnections(); } } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/resource_manager_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/common/resource.h" #include "envoy/runtime/runtime.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/basic_resource_impl.h" namespace Envoy { namespace Upstream { struct ManagedResourceImpl : public BasicResourceLimitImpl { ManagedResourceImpl(uint64_t max, Runtime::Loader& runtime, const std::string& runtime_key, Stats::Gauge& open_gauge, Stats::Gauge& remaining) : BasicResourceLimitImpl(max, runtime, runtime_key), open_gauge_(open_gauge), remaining_(remaining) { remaining_.set(max); } // Upstream::Resource bool canCreate() override { return current_ < max(); } void inc() override { BasicResourceLimitImpl::inc(); updateRemaining(); open_gauge_.set(BasicResourceLimitImpl::canCreate() ? 0 : 1); } void decBy(uint64_t amount) override { BasicResourceLimitImpl::decBy(amount); updateRemaining(); open_gauge_.set(BasicResourceLimitImpl::canCreate() ? 0 : 1); } /** * We set the gauge instead of incrementing and decrementing because, * though atomics are used, it is possible for the current resource count * to be greater than the supplied max. */ void updateRemaining() { /** * We cannot use std::max here because max() and current_ are * unsigned and subtracting them may overflow. */ const uint64_t current_copy = current_; remaining_.set(max() > current_copy ? max() - current_copy : 0); } /** * A gauge to notify the live circuit breaker state. The gauge is set to 0 * to notify that the circuit breaker is not yet triggered. */ Stats::Gauge& open_gauge_; /** * The number of resources remaining before the circuit breaker opens. */ Stats::Gauge& remaining_; }; /** * Implementation of ResourceManager. * NOTE: This implementation makes some assumptions which favor simplicity over correctness. * 1) Primarily, it assumes that traffic will be mostly balanced over all the worker threads since * no attempt is made to balance resources between them. It is possible that starvation can * occur during high contention. * 2) Though atomics are used, it is possible for resources to temporarily go above the supplied * maximums. This should not effect overall behavior. */ class ResourceManagerImpl : public ResourceManager { public: ResourceManagerImpl(Runtime::Loader& runtime, const std::string& runtime_key, uint64_t max_connections, uint64_t max_pending_requests, uint64_t max_requests, uint64_t max_retries, uint64_t max_connection_pools, ClusterCircuitBreakersStats cb_stats, absl::optional budget_percent, absl::optional min_retry_concurrency) : connections_(max_connections, runtime, runtime_key + "max_connections", cb_stats.cx_open_, cb_stats.remaining_cx_), pending_requests_(max_pending_requests, runtime, runtime_key + "max_pending_requests", cb_stats.rq_pending_open_, cb_stats.remaining_pending_), requests_(max_requests, runtime, runtime_key + "max_requests", cb_stats.rq_open_, cb_stats.remaining_rq_), connection_pools_(max_connection_pools, runtime, runtime_key + "max_connection_pools", cb_stats.cx_pool_open_, cb_stats.remaining_cx_pools_), retries_(budget_percent, min_retry_concurrency, max_retries, runtime, runtime_key + "retry_budget.", runtime_key + "max_retries", cb_stats.rq_retry_open_, cb_stats.remaining_retries_, requests_, pending_requests_) {} // Upstream::ResourceManager ResourceLimit& connections() override { return connections_; } ResourceLimit& pendingRequests() override { return pending_requests_; } ResourceLimit& requests() override { return requests_; } ResourceLimit& retries() override { return retries_; } ResourceLimit& connectionPools() override { return connection_pools_; } private: class RetryBudgetImpl : public ResourceLimit { public: RetryBudgetImpl(absl::optional budget_percent, absl::optional min_retry_concurrency, uint64_t max_retries, Runtime::Loader& runtime, const std::string& retry_budget_runtime_key, const std::string& max_retries_runtime_key, Stats::Gauge& open_gauge, Stats::Gauge& remaining, const ResourceLimit& requests, const ResourceLimit& pending_requests) : runtime_(runtime), max_retry_resource_(max_retries, runtime, max_retries_runtime_key, open_gauge, remaining), budget_percent_(budget_percent), min_retry_concurrency_(min_retry_concurrency), budget_percent_key_(retry_budget_runtime_key + "budget_percent"), min_retry_concurrency_key_(retry_budget_runtime_key + "min_retry_concurrency"), requests_(requests), pending_requests_(pending_requests), remaining_(remaining) {} // Envoy::ResourceLimit bool canCreate() override { if (!useRetryBudget()) { return max_retry_resource_.canCreate(); } clearRemainingGauge(); return count() < max(); } void inc() override { max_retry_resource_.inc(); clearRemainingGauge(); } void dec() override { max_retry_resource_.dec(); clearRemainingGauge(); } void decBy(uint64_t amount) override { max_retry_resource_.decBy(amount); clearRemainingGauge(); } uint64_t max() override { if (!useRetryBudget()) { return max_retry_resource_.max(); } const uint64_t current_active = requests_.count() + pending_requests_.count(); const double budget_percent = runtime_.snapshot().getDouble( budget_percent_key_, budget_percent_ ? *budget_percent_ : 20.0); const uint32_t min_retry_concurrency = runtime_.snapshot().getInteger( min_retry_concurrency_key_, min_retry_concurrency_ ? *min_retry_concurrency_ : 3); clearRemainingGauge(); // We enforce that the retry concurrency is never allowed to go below the // min_retry_concurrency, even if the configured percent of the current active requests // yields a value that is smaller. return std::max(budget_percent / 100.0 * current_active, min_retry_concurrency); } uint64_t count() const override { return max_retry_resource_.count(); } private: bool useRetryBudget() const { return runtime_.snapshot().get(budget_percent_key_).has_value() || runtime_.snapshot().get(min_retry_concurrency_key_).has_value() || budget_percent_ || min_retry_concurrency_; } // If the retry budget is in use, the stats tracking remaining retries do not make sense since // they would dependent on other resources that can change without a call to this object. // Therefore, the gauge should just be reset to 0. void clearRemainingGauge() { if (useRetryBudget()) { remaining_.set(0); } } Runtime::Loader& runtime_; // The max_retry resource is nested within the budget to maintain state if the retry budget is // toggled. ManagedResourceImpl max_retry_resource_; const absl::optional budget_percent_; const absl::optional min_retry_concurrency_; const std::string budget_percent_key_; const std::string min_retry_concurrency_key_; const ResourceLimit& requests_; const ResourceLimit& pending_requests_; Stats::Gauge& remaining_; }; ManagedResourceImpl connections_; ManagedResourceImpl pending_requests_; ManagedResourceImpl requests_; ManagedResourceImpl connection_pools_; RetryBudgetImpl retries_; }; using ResourceManagerImplPtr = std::unique_ptr; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/ring_hash_lb.cc ================================================ #include "common/upstream/ring_hash_lb.h" #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "common/common/assert.h" #include "common/upstream/load_balancer_impl.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Upstream { RingHashLoadBalancer::RingHashLoadBalancer( const PrioritySet& priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const absl::optional& config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : ThreadAwareLoadBalancerBase(priority_set, stats, runtime, random, common_config), scope_(scope.createScope("ring_hash_lb.")), stats_(generateStats(*scope_)), min_ring_size_(config ? PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.value(), minimum_ring_size, DefaultMinRingSize) : DefaultMinRingSize), max_ring_size_(config ? PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.value(), maximum_ring_size, DefaultMaxRingSize) : DefaultMaxRingSize), hash_function_(config ? config.value().hash_function() : HashFunction::Cluster_RingHashLbConfig_HashFunction_XX_HASH), use_hostname_for_hashing_( common_config.has_consistent_hashing_lb_config() ? common_config.consistent_hashing_lb_config().use_hostname_for_hashing() : false), hash_balance_factor_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( common_config.consistent_hashing_lb_config(), hash_balance_factor, 0)) { // It's important to do any config validation here, rather than deferring to Ring's ctor, // because any exceptions thrown here will be caught and handled properly. if (min_ring_size_ > max_ring_size_) { throw EnvoyException(fmt::format("ring hash: minimum_ring_size ({}) > maximum_ring_size ({})", min_ring_size_, max_ring_size_)); } } RingHashLoadBalancerStats RingHashLoadBalancer::generateStats(Stats::Scope& scope) { return {ALL_RING_HASH_LOAD_BALANCER_STATS(POOL_GAUGE(scope))}; } HostConstSharedPtr RingHashLoadBalancer::Ring::chooseHost(uint64_t h, uint32_t attempt) const { if (ring_.empty()) { return nullptr; } // Ported from https://github.com/RJ/ketama/blob/master/libketama/ketama.c (ketama_get_server) // I've generally kept the variable names to make the code easier to compare. // NOTE: The algorithm depends on using signed integers for lowp, midp, and highp. Do not // change them! int64_t lowp = 0; int64_t highp = ring_.size(); int64_t midp = 0; while (true) { midp = (lowp + highp) / 2; if (midp == static_cast(ring_.size())) { midp = 0; break; } uint64_t midval = ring_[midp].hash_; uint64_t midval1 = midp == 0 ? 0 : ring_[midp - 1].hash_; if (h <= midval && h > midval1) { break; } if (midval < h) { lowp = midp + 1; } else { highp = midp - 1; } if (lowp > highp) { midp = 0; break; } } // If a retry host predicate is being applied, behave as if this host was not in the ring. // Note that this does not guarantee a different host: e.g., attempt == ring_.size() or // when the offset causes us to select the same host at another location in the ring. if (attempt > 0) { midp = (midp + attempt) % ring_.size(); } return ring_[midp].host_; } using HashFunction = envoy::config::cluster::v3::Cluster::RingHashLbConfig::HashFunction; RingHashLoadBalancer::Ring::Ring(const NormalizedHostWeightVector& normalized_host_weights, double min_normalized_weight, uint64_t min_ring_size, uint64_t max_ring_size, HashFunction hash_function, bool use_hostname_for_hashing, RingHashLoadBalancerStats& stats) : stats_(stats) { ENVOY_LOG(trace, "ring hash: building ring"); // We can't do anything sensible with no hosts. if (normalized_host_weights.empty()) { return; } // Scale up the number of hashes per host such that the least-weighted host gets a whole number // of hashes on the ring. Other hosts might not end up with whole numbers, and that's fine (the // ring-building algorithm below can handle this). This preserves the original implementation's // behavior: when weights aren't provided, all hosts should get an equal number of hashes. In // the case where this number exceeds the max_ring_size, it's scaled back down to fit. const double scale = std::min(std::ceil(min_normalized_weight * min_ring_size) / min_normalized_weight, static_cast(max_ring_size)); // Reserve memory for the entire ring up front. const uint64_t ring_size = std::ceil(scale); ring_.reserve(ring_size); // Populate the hash ring by walking through the (host, weight) pairs in // normalized_host_weights, and generating (scale * weight) hashes for each host. Since these // aren't necessarily whole numbers, we maintain running sums -- current_hashes and // target_hashes -- which allows us to populate the ring in a mostly stable way. // // For example, suppose we have 4 hosts, each with a normalized weight of 0.25, and a scale of // 6.0 (because the max_ring_size is 6). That means we want to generate 1.5 hashes per host. // We start the outer loop with current_hashes = 0 and target_hashes = 0. // - For the first host, we set target_hashes = 1.5. After one run of the inner loop, // current_hashes = 1. After another run, current_hashes = 2, so the inner loop ends. // - For the second host, target_hashes becomes 3.0, and current_hashes is 2 from before. // After only one run of the inner loop, current_hashes = 3, so the inner loop ends. // - Likewise, the third host gets two hashes, and the fourth host gets one hash. // // For stats reporting, keep track of the minimum and maximum actual number of hashes per host. // Users should hopefully pay attention to these numbers and alert if min_hashes_per_host is too // low, since that implies an inaccurate request distribution. absl::InlinedVector hash_key_buffer; double current_hashes = 0.0; double target_hashes = 0.0; uint64_t min_hashes_per_host = ring_size; uint64_t max_hashes_per_host = 0; for (const auto& entry : normalized_host_weights) { const auto& host = entry.first; const std::string& address_string = use_hostname_for_hashing ? host->hostname() : host->address()->asString(); ASSERT(!address_string.empty()); hash_key_buffer.assign(address_string.begin(), address_string.end()); hash_key_buffer.emplace_back('_'); auto offset_start = hash_key_buffer.end(); // As noted above: maintain current_hashes and target_hashes as running sums across the entire // host set. `i` is needed only to construct the hash key, and tally min/max hashes per host. target_hashes += scale * entry.second; uint64_t i = 0; while (current_hashes < target_hashes) { const std::string i_str = absl::StrCat("", i); hash_key_buffer.insert(offset_start, i_str.begin(), i_str.end()); absl::string_view hash_key(static_cast(hash_key_buffer.data()), hash_key_buffer.size()); const uint64_t hash = (hash_function == HashFunction::Cluster_RingHashLbConfig_HashFunction_MURMUR_HASH_2) ? MurmurHash::murmurHash2(hash_key, MurmurHash::STD_HASH_SEED) : HashUtil::xxHash64(hash_key); ENVOY_LOG(trace, "ring hash: hash_key={} hash={}", hash_key.data(), hash); ring_.push_back({hash, host}); ++i; ++current_hashes; hash_key_buffer.erase(offset_start, hash_key_buffer.end()); } min_hashes_per_host = std::min(i, min_hashes_per_host); max_hashes_per_host = std::max(i, max_hashes_per_host); } std::sort(ring_.begin(), ring_.end(), [](const RingEntry& lhs, const RingEntry& rhs) -> bool { return lhs.hash_ < rhs.hash_; }); if (ENVOY_LOG_CHECK_LEVEL(trace)) { for (const auto& entry : ring_) { ENVOY_LOG(trace, "ring hash: host={} hash={}", use_hostname_for_hashing ? entry.host_->hostname() : entry.host_->address()->asString(), entry.hash_); } } stats_.size_.set(ring_size); stats_.min_hashes_per_host_.set(min_hashes_per_host); stats_.max_hashes_per_host_.set(max_hashes_per_host); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/ring_hash_lb.h ================================================ #pragma once #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "common/upstream/thread_aware_lb_impl.h" namespace Envoy { namespace Upstream { /** * All ring hash load balancer stats. @see stats_macros.h */ #define ALL_RING_HASH_LOAD_BALANCER_STATS(GAUGE) \ GAUGE(max_hashes_per_host, Accumulate) \ GAUGE(min_hashes_per_host, Accumulate) \ GAUGE(size, Accumulate) /** * Struct definition for all ring hash load balancer stats. @see stats_macros.h */ struct RingHashLoadBalancerStats { ALL_RING_HASH_LOAD_BALANCER_STATS(GENERATE_GAUGE_STRUCT) }; /** * A load balancer that implements consistent modulo hashing ("ketama"). Currently, zone aware * routing is not supported. A ring is kept for all hosts as well as a ring for healthy hosts. * Unless we are in panic mode, the healthy host ring is used. * In the future it would be nice to support: * 1) Weighting. * 2) Per-zone rings and optional zone aware routing (not all applications will want this). * 3) Max request fallback to support hot shards (not all applications will want this). */ class RingHashLoadBalancer : public ThreadAwareLoadBalancerBase, Logger::Loggable { public: RingHashLoadBalancer( const PrioritySet& priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const absl::optional& config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); const RingHashLoadBalancerStats& stats() const { return stats_; } private: using HashFunction = envoy::config::cluster::v3::Cluster::RingHashLbConfig::HashFunction; struct RingEntry { uint64_t hash_; HostConstSharedPtr host_; }; struct Ring : public HashingLoadBalancer { Ring(const NormalizedHostWeightVector& normalized_host_weights, double min_normalized_weight, uint64_t min_ring_size, uint64_t max_ring_size, HashFunction hash_function, bool use_hostname_for_hashing, RingHashLoadBalancerStats& stats); // ThreadAwareLoadBalancerBase::HashingLoadBalancer HostConstSharedPtr chooseHost(uint64_t hash, uint32_t attempt) const override; std::vector ring_; RingHashLoadBalancerStats& stats_; }; using RingConstSharedPtr = std::shared_ptr; // ThreadAwareLoadBalancerBase HashingLoadBalancerSharedPtr createLoadBalancer(const NormalizedHostWeightVector& normalized_host_weights, double min_normalized_weight, double /* max_normalized_weight */) override { HashingLoadBalancerSharedPtr ring_hash_lb = std::make_shared(normalized_host_weights, min_normalized_weight, min_ring_size_, max_ring_size_, hash_function_, use_hostname_for_hashing_, stats_); if (hash_balance_factor_ == 0) { return ring_hash_lb; } return std::make_shared( ring_hash_lb, std::move(normalized_host_weights), hash_balance_factor_); } static RingHashLoadBalancerStats generateStats(Stats::Scope& scope); Stats::ScopePtr scope_; RingHashLoadBalancerStats stats_; static const uint64_t DefaultMinRingSize = 1024; static const uint64_t DefaultMaxRingSize = 1024 * 1024 * 8; const uint64_t min_ring_size_; const uint64_t max_ring_size_; const HashFunction hash_function_; const bool use_hostname_for_hashing_; const uint32_t hash_balance_factor_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/static_cluster.cc ================================================ #include "common/upstream/static_cluster.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" namespace Envoy { namespace Upstream { StaticClusterImpl::StaticClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : ClusterImplBase(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), priority_state_manager_( new PriorityStateManager(*this, factory_context.localInfo(), nullptr)) { // TODO(dio): Use by-reference when cluster.hosts() is removed. const envoy::config::endpoint::v3::ClusterLoadAssignment cluster_load_assignment( cluster.has_load_assignment() ? cluster.load_assignment() : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())); overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( cluster_load_assignment.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor); for (const auto& locality_lb_endpoint : cluster_load_assignment.endpoints()) { validateEndpointsForZoneAwareRouting(locality_lb_endpoint); priority_state_manager_->initializePriorityFor(locality_lb_endpoint); for (const auto& lb_endpoint : locality_lb_endpoint.lb_endpoints()) { priority_state_manager_->registerHostForPriority( lb_endpoint.endpoint().hostname(), resolveProtoAddress(lb_endpoint.endpoint().address()), locality_lb_endpoint, lb_endpoint); } } } void StaticClusterImpl::startPreInit() { // At this point see if we have a health checker. If so, mark all the hosts unhealthy and // then fire update callbacks to start the health checking process. const auto& health_checker_flag = health_checker_ != nullptr ? absl::optional(Host::HealthFlag::FAILED_ACTIVE_HC) : absl::nullopt; auto& priority_state = priority_state_manager_->priorityState(); for (size_t i = 0; i < priority_state.size(); ++i) { if (priority_state[i].first == nullptr) { priority_state[i].first = std::make_unique(); } priority_state_manager_->updateClusterPrioritySet( i, std::move(priority_state[i].first), absl::nullopt, absl::nullopt, health_checker_flag, overprovisioning_factor_); } priority_state_manager_.reset(); onPreInitComplete(); } std::pair StaticClusterFactory::createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { return std::make_pair( std::make_shared(cluster, context.runtime(), socket_factory_context, std::move(stats_scope), context.addedViaApi()), nullptr); } /** * Static registration for the static cluster factory. @see RegisterFactory. */ REGISTER_FACTORY(StaticClusterFactory, ClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/static_cluster.h ================================================ #pragma once #include "envoy/config/cluster/v3/cluster.pb.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * Implementation of Upstream::Cluster for static clusters (clusters that have a fixed number of * hosts with resolved IP addresses). */ class StaticClusterImpl : public ClusterImplBase { public: StaticClusterImpl(const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); // Upstream::Cluster InitializePhase initializePhase() const override { return InitializePhase::Primary; } private: // ClusterImplBase void startPreInit() override; PriorityStateManagerPtr priority_state_manager_; uint32_t overprovisioning_factor_; }; /** * Factory for StaticClusterImpl cluster. */ class StaticClusterFactory : public ClusterFactoryImplBase { public: StaticClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().Static) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; DECLARE_FACTORY(StaticClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/strict_dns_cluster.cc ================================================ #include "common/upstream/strict_dns_cluster.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" namespace Envoy { namespace Upstream { StrictDnsClusterImpl::StrictDnsClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : BaseDynamicClusterImpl(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), local_info_(factory_context.localInfo()), dns_resolver_(dns_resolver), dns_refresh_rate_ms_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000))), respect_dns_ttl_(cluster.respect_dns_ttl()) { failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy( cluster, dns_refresh_rate_ms_.count(), factory_context.api().randomGenerator()); std::list resolve_targets; const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment( cluster.has_load_assignment() ? cluster.load_assignment() : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())); const auto& locality_lb_endpoints = load_assignment.endpoints(); for (const auto& locality_lb_endpoint : locality_lb_endpoints) { validateEndpointsForZoneAwareRouting(locality_lb_endpoint); for (const auto& lb_endpoint : locality_lb_endpoint.lb_endpoints()) { const auto& socket_address = lb_endpoint.endpoint().address().socket_address(); if (!socket_address.resolver_name().empty()) { throw EnvoyException("STRICT_DNS clusters must NOT have a custom resolver name set"); } const std::string& url = fmt::format("tcp://{}:{}", socket_address.address(), socket_address.port_value()); resolve_targets.emplace_back(new ResolveTarget(*this, factory_context.dispatcher(), url, locality_lb_endpoint, lb_endpoint)); } } resolve_targets_ = std::move(resolve_targets); dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster); overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( load_assignment.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor); } void StrictDnsClusterImpl::startPreInit() { for (const ResolveTargetPtr& target : resolve_targets_) { target->startResolve(); } // If the config provides no endpoints, the cluster is initialized immediately as if all hosts are // resolved in failure. if (resolve_targets_.empty()) { onPreInitComplete(); } } void StrictDnsClusterImpl::updateAllHosts(const HostVector& hosts_added, const HostVector& hosts_removed, uint32_t current_priority) { PriorityStateManager priority_state_manager(*this, local_info_, nullptr); // At this point we know that we are different so make a new host list and notify. // // TODO(dio): The uniqueness of a host address resolved in STRICT_DNS cluster per priority is not // guaranteed. Need a clear agreement on the behavior here, whether it is allowable to have // duplicated hosts inside a priority. And if we want to enforce this behavior, it should be done // inside the priority state manager. for (const ResolveTargetPtr& target : resolve_targets_) { priority_state_manager.initializePriorityFor(target->locality_lb_endpoint_); for (const HostSharedPtr& host : target->hosts_) { if (target->locality_lb_endpoint_.priority() == current_priority) { priority_state_manager.registerHostForPriority(host, target->locality_lb_endpoint_); } } } // TODO(dio): Add assertion in here. priority_state_manager.updateClusterPrioritySet( current_priority, std::move(priority_state_manager.priorityState()[current_priority].first), hosts_added, hosts_removed, absl::nullopt, overprovisioning_factor_); } StrictDnsClusterImpl::ResolveTarget::ResolveTarget( StrictDnsClusterImpl& parent, Event::Dispatcher& dispatcher, const std::string& url, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint) : parent_(parent), dns_address_(Network::Utility::hostFromTcpUrl(url)), port_(Network::Utility::portFromTcpUrl(url)), resolve_timer_(dispatcher.createTimer([this]() -> void { startResolve(); })), locality_lb_endpoint_(locality_lb_endpoint), lb_endpoint_(lb_endpoint) {} StrictDnsClusterImpl::ResolveTarget::~ResolveTarget() { if (active_query_) { active_query_->cancel(); } } void StrictDnsClusterImpl::ResolveTarget::startResolve() { ENVOY_LOG(trace, "starting async DNS resolution for {}", dns_address_); parent_.info_->stats().update_attempt_.inc(); active_query_ = parent_.dns_resolver_->resolve( dns_address_, parent_.dns_lookup_family_, [this](Network::DnsResolver::ResolutionStatus status, std::list&& response) -> void { active_query_ = nullptr; ENVOY_LOG(trace, "async DNS resolution complete for {}", dns_address_); std::chrono::milliseconds final_refresh_rate = parent_.dns_refresh_rate_ms_; if (status == Network::DnsResolver::ResolutionStatus::Success) { parent_.info_->stats().update_success_.inc(); absl::node_hash_map updated_hosts; HostVector new_hosts; std::chrono::seconds ttl_refresh_rate = std::chrono::seconds::max(); for (const auto& resp : response) { // TODO(mattklein123): Currently the DNS interface does not consider port. We need to // make a new address that has port in it. We need to both support IPv6 as well as // potentially move port handling into the DNS interface itself, which would work better // for SRV. ASSERT(resp.address_ != nullptr); new_hosts.emplace_back(new HostImpl( parent_.info_, dns_address_, Network::Utility::getAddressWithPort(*(resp.address_), port_), // TODO(zyfjeff): Created through metadata shared pool std::make_shared(lb_endpoint_.metadata()), lb_endpoint_.load_balancing_weight().value(), locality_lb_endpoint_.locality(), lb_endpoint_.endpoint().health_check_config(), locality_lb_endpoint_.priority(), lb_endpoint_.health_status())); ttl_refresh_rate = min(ttl_refresh_rate, resp.ttl_); } HostVector hosts_added; HostVector hosts_removed; if (parent_.updateDynamicHostList(new_hosts, hosts_, hosts_added, hosts_removed, updated_hosts, all_hosts_)) { ENVOY_LOG(debug, "DNS hosts have changed for {}", dns_address_); ASSERT(std::all_of(hosts_.begin(), hosts_.end(), [&](const auto& host) { return host->priority() == locality_lb_endpoint_.priority(); })); parent_.updateAllHosts(hosts_added, hosts_removed, locality_lb_endpoint_.priority()); } else { parent_.info_->stats().update_no_rebuild_.inc(); } all_hosts_ = std::move(updated_hosts); // reset failure backoff strategy because there was a success. parent_.failure_backoff_strategy_->reset(); if (!response.empty() && parent_.respect_dns_ttl_ && ttl_refresh_rate != std::chrono::seconds(0)) { final_refresh_rate = ttl_refresh_rate; ASSERT(ttl_refresh_rate != std::chrono::seconds::max() && final_refresh_rate.count() > 0); } ENVOY_LOG(debug, "DNS refresh rate reset for {}, refresh rate {} ms", dns_address_, final_refresh_rate.count()); } else { parent_.info_->stats().update_failure_.inc(); final_refresh_rate = std::chrono::milliseconds(parent_.failure_backoff_strategy_->nextBackOffMs()); ENVOY_LOG(debug, "DNS refresh rate reset for {}, (failure) refresh rate {} ms", dns_address_, final_refresh_rate.count()); } // If there is an initialize callback, fire it now. Note that if the cluster refers to // multiple DNS names, this will return initialized after a single DNS resolution // completes. This is not perfect but is easier to code and unclear if the extra // complexity is needed so will start with this. parent_.onPreInitComplete(); resolve_timer_->enableTimer(final_refresh_rate); }); } std::pair StrictDnsClusterFactory::createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { auto selected_dns_resolver = selectDnsResolver(cluster, context); return std::make_pair(std::make_shared( cluster, context.runtime(), selected_dns_resolver, socket_factory_context, std::move(stats_scope), context.addedViaApi()), nullptr); } /** * Static registration for the strict dns cluster factory. @see RegisterFactory. */ REGISTER_FACTORY(StrictDnsClusterFactory, ClusterFactory); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/strict_dns_cluster.h ================================================ #pragma once #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { /** * Implementation of Upstream::Cluster that does periodic DNS resolution and updates the host * member set if the DNS members change. */ class StrictDnsClusterImpl : public BaseDynamicClusterImpl { public: StrictDnsClusterImpl(const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); // Upstream::Cluster InitializePhase initializePhase() const override { return InitializePhase::Primary; } private: struct ResolveTarget { ResolveTarget(StrictDnsClusterImpl& parent, Event::Dispatcher& dispatcher, const std::string& url, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint); ~ResolveTarget(); void startResolve(); StrictDnsClusterImpl& parent_; Network::ActiveDnsQuery* active_query_{}; std::string dns_address_; uint32_t port_; Event::TimerPtr resolve_timer_; HostVector hosts_; const envoy::config::endpoint::v3::LocalityLbEndpoints locality_lb_endpoint_; const envoy::config::endpoint::v3::LbEndpoint lb_endpoint_; HostMap all_hosts_; }; using ResolveTargetPtr = std::unique_ptr; void updateAllHosts(const HostVector& hosts_added, const HostVector& hosts_removed, uint32_t priority); // ClusterImplBase void startPreInit() override; const LocalInfo::LocalInfo& local_info_; Network::DnsResolverSharedPtr dns_resolver_; std::list resolve_targets_; const std::chrono::milliseconds dns_refresh_rate_ms_; BackOffStrategyPtr failure_backoff_strategy_; const bool respect_dns_ttl_; Network::DnsLookupFamily dns_lookup_family_; uint32_t overprovisioning_factor_; }; /** * Factory for StrictDnsClusterImpl */ class StrictDnsClusterFactory : public ClusterFactoryImplBase { public: StrictDnsClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().StrictDns) {} private: std::pair createClusterImpl( const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/subset_lb.cc ================================================ #include "common/upstream/subset_lb.h" #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/runtime/runtime.h" #include "common/common/assert.h" #include "common/config/metadata.h" #include "common/config/well_known_names.h" #include "common/protobuf/utility.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/maglev_lb.h" #include "common/upstream/ring_hash_lb.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Upstream { SubsetLoadBalancer::SubsetLoadBalancer( LoadBalancerType lb_type, PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const LoadBalancerSubsetInfo& subsets, const absl::optional& lb_ring_hash_config, const absl::optional& lb_maglev_config, const absl::optional& least_request_config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : lb_type_(lb_type), lb_ring_hash_config_(lb_ring_hash_config), lb_maglev_config_(lb_maglev_config), least_request_config_(least_request_config), common_config_(common_config), stats_(stats), scope_(scope), runtime_(runtime), random_(random), fallback_policy_(subsets.fallbackPolicy()), default_subset_metadata_(subsets.defaultSubset().fields().begin(), subsets.defaultSubset().fields().end()), subset_selectors_(subsets.subsetSelectors()), original_priority_set_(priority_set), original_local_priority_set_(local_priority_set), locality_weight_aware_(subsets.localityWeightAware()), scale_locality_weight_(subsets.scaleLocalityWeight()), list_as_any_(subsets.listAsAny()) { ASSERT(subsets.isEnabled()); if (fallback_policy_ != envoy::config::cluster::v3::Cluster::LbSubsetConfig::NO_FALLBACK) { HostPredicate predicate; if (fallback_policy_ == envoy::config::cluster::v3::Cluster::LbSubsetConfig::ANY_ENDPOINT) { ENVOY_LOG(debug, "subset lb: creating any-endpoint fallback load balancer"); initSubsetAnyOnce(); fallback_subset_ = subset_any_; } else { predicate = [this](const Host& host) -> bool { return hostMatches(default_subset_metadata_, host); }; ENVOY_LOG(debug, "subset lb: creating fallback load balancer for {}", describeMetadata(default_subset_metadata_)); fallback_subset_ = std::make_shared(); fallback_subset_->priority_subset_ = std::make_shared( *this, predicate, locality_weight_aware_, scale_locality_weight_); } } if (subsets.panicModeAny()) { initSubsetAnyOnce(); panic_mode_subset_ = subset_any_; } initSubsetSelectorMap(); // Create filtered default subset (if necessary) and other subsets based on current hosts. refreshSubsets(); // This must happen after `initSubsetSelectorMap()` because that initializes `single_`. rebuildSingle(); // Configure future updates. original_priority_set_callback_handle_ = priority_set.addPriorityUpdateCb( [this](uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { // TODO(ggreenway) PERF: This is currently an O(n^2) operation in the edge case of // many priorities and only one host per priority. This could be improved by either // updating in a single pass across all priorities, or by having the callback give a // list of modified hosts so that an incremental update of the data structure can be // performed. rebuildSingle(); if (hosts_added.empty() && hosts_removed.empty()) { // It's possible that metadata changed, without hosts being added nor removed. // If so we need to add any new subsets, remove unused ones, and regroup hosts into // the right subsets. // // Note, note, note: if metadata for existing endpoints changed _and_ hosts were also // added or removed, we don't need to hit this path. That's fine, given that // findOrCreateSubset() will be called from processSubsets because it'll be triggered by // either hosts_added or hosts_removed. That's where the new subsets will be created. refreshSubsets(priority); } else { // This is a regular update with deltas. update(priority, hosts_added, hosts_removed); } purgeEmptySubsets(subsets_); }); } SubsetLoadBalancer::~SubsetLoadBalancer() { original_priority_set_callback_handle_->remove(); // Ensure gauges reflect correct values. forEachSubset(subsets_, [&](LbSubsetEntryPtr entry) { if (entry->active()) { stats_.lb_subsets_removed_.inc(); stats_.lb_subsets_active_.dec(); } }); } void SubsetLoadBalancer::rebuildSingle() { if (single_key_.empty()) { return; } // Because PriorityUpdateCb doesn't give a modified list (only added and removed), it is // faster to just rebuild this map than try to figure out if any hosts had their metadata // changed, and then figure out the old and new value (to remove from the old key in this map // and insert in the new key). single_host_per_subset_map_.clear(); uint32_t collision_count = 0; for (const auto& host_set : original_priority_set_.hostSetsPerPriority()) { for (const auto& host : host_set->hosts()) { MetadataConstSharedPtr metadata = host->metadata(); const auto& filter_metadata = metadata->filter_metadata(); auto filter_it = filter_metadata.find(Config::MetadataFilters::get().ENVOY_LB); if (filter_it != filter_metadata.end()) { const auto& fields = filter_it->second.fields(); auto fields_it = fields.find(single_key_); if (fields_it != fields.end()) { auto [iterator, did_insert] = single_host_per_subset_map_.try_emplace(fields_it->second, host); if (!did_insert) { // Two hosts with the same metadata value were found. Ignore all but one of them, and // set a metric for how many times this happened. collision_count++; } } } } } // This stat isn't added to `ClusterStats` because it wouldn't be used // for nearly all clusters, and is only set during configuration updates, // not in the data path, so performance of looking up the stat isn't critical. if (single_duplicate_stat_ == nullptr) { Stats::StatNameManagedStorage name_storage("lb_subsets_single_host_per_subset_duplicate", scope_.symbolTable()); single_duplicate_stat_ = &Stats::Utility::gaugeFromElements( scope_, {name_storage.statName()}, Stats::Gauge::ImportMode::Accumulate); } single_duplicate_stat_->set(collision_count); } // When in `single_host_per_subset` mode, select a host based on the provided match_criteria. // Set `host_chosen` to false if there is not a match. HostConstSharedPtr SubsetLoadBalancer::tryChooseHostFromMetadataMatchCriteriaSingle( const Router::MetadataMatchCriteria& match_criteria, bool& host_chosen) { ASSERT(!single_key_.empty()); for (const auto& entry : match_criteria.metadataMatchCriteria()) { if (entry->name() == single_key_) { auto it = single_host_per_subset_map_.find(entry->value()); if (it != single_host_per_subset_map_.end()) { if (it->second->health() != Host::Health::Unhealthy) { host_chosen = true; stats_.lb_subsets_selected_.inc(); return it->second; } } break; } } return nullptr; } void SubsetLoadBalancer::refreshSubsets() { for (auto& host_set : original_priority_set_.hostSetsPerPriority()) { update(host_set->priority(), host_set->hosts(), {}); } } void SubsetLoadBalancer::refreshSubsets(uint32_t priority) { const auto& host_sets = original_priority_set_.hostSetsPerPriority(); ASSERT(priority < host_sets.size()); update(priority, host_sets[priority]->hosts(), {}); } void SubsetLoadBalancer::initSubsetAnyOnce() { if (!subset_any_) { HostPredicate predicate = [](const Host&) -> bool { return true; }; subset_any_ = std::make_shared(); subset_any_->priority_subset_ = std::make_shared( *this, predicate, locality_weight_aware_, scale_locality_weight_); } } void SubsetLoadBalancer::initSubsetSelectorMap() { selectors_ = std::make_shared(); SubsetSelectorMapPtr selectors; for (const auto& subset_selector : subset_selectors_) { const auto& selector_keys = subset_selector->selectorKeys(); const auto& selector_fallback_policy = subset_selector->fallbackPolicy(); const auto& selector_fallback_keys_subset = subset_selector->fallbackKeysSubset(); if (subset_selector->singleHostPerSubset()) { if (subset_selectors_.size() > 1) { throw EnvoyException("subset_lb selector: single_host_per_subset cannot be set when there " "are multiple subset selectors."); } if (selector_keys.size() != 1 || selector_keys.begin()->empty()) { throw EnvoyException("subset_lb selector: single_host_per_subset cannot bet set when there " "isn't exactly 1 key or if that key is empty."); } single_key_ = *selector_keys.begin(); subset_selectors_.clear(); return; } if (selector_fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::NOT_DEFINED) { continue; } uint32_t pos = 0; selectors = selectors_; for (const auto& key : selector_keys) { const auto& selector_it = selectors->subset_keys_.find(key); pos++; if (selector_it == selectors->subset_keys_.end()) { selectors->subset_keys_.emplace(std::make_pair(key, std::make_shared())); const auto& child_selector = selectors->subset_keys_.find(key); // if this is last key for given selector, check if it has fallback specified if (pos == selector_keys.size()) { child_selector->second->fallback_params_.fallback_policy_ = selector_fallback_policy; child_selector->second->fallback_params_.fallback_keys_subset_ = &selector_fallback_keys_subset; initSelectorFallbackSubset(selector_fallback_policy); } selectors = child_selector->second; } else { selectors = selector_it->second; } } selectors = selectors_; } } void SubsetLoadBalancer::initSelectorFallbackSubset( const envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy& fallback_policy) { if (fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::ANY_ENDPOINT && subset_any_ == nullptr) { ENVOY_LOG(debug, "subset lb: creating any-endpoint fallback load balancer for selector"); initSubsetAnyOnce(); } else if (fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig:: LbSubsetSelector::DEFAULT_SUBSET && selector_fallback_subset_default_ == nullptr) { ENVOY_LOG(debug, "subset lb: creating default subset fallback load balancer for selector"); HostPredicate predicate = std::bind(&SubsetLoadBalancer::hostMatches, this, default_subset_metadata_, std::placeholders::_1); selector_fallback_subset_default_ = std::make_shared(); selector_fallback_subset_default_->priority_subset_ = std::make_shared( *this, predicate, locality_weight_aware_, scale_locality_weight_); } } HostConstSharedPtr SubsetLoadBalancer::chooseHost(LoadBalancerContext* context) { if (context) { bool host_chosen; HostConstSharedPtr host = tryChooseHostFromContext(context, host_chosen); if (host_chosen) { // Subset lookup succeeded, return this result even if it's nullptr. return host; } // otherwise check if there is fallback policy configured for given route metadata absl::optional selector_fallback_params = tryFindSelectorFallbackParams(context); if (selector_fallback_params && selector_fallback_params->get().fallback_policy_ != envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::NOT_DEFINED) { // return result according to configured fallback policy return chooseHostForSelectorFallbackPolicy(*selector_fallback_params, context); } } if (fallback_subset_ == nullptr) { return nullptr; } HostConstSharedPtr host = fallback_subset_->priority_subset_->lb_->chooseHost(context); if (host != nullptr) { stats_.lb_subsets_fallback_.inc(); return host; } if (panic_mode_subset_ != nullptr) { HostConstSharedPtr host = panic_mode_subset_->priority_subset_->lb_->chooseHost(context); if (host != nullptr) { stats_.lb_subsets_fallback_panic_.inc(); return host; } } return nullptr; } absl::optional SubsetLoadBalancer::tryFindSelectorFallbackParams(LoadBalancerContext* context) { const Router::MetadataMatchCriteria* match_criteria = context->metadataMatchCriteria(); if (!match_criteria) { return absl::nullopt; } const auto match_criteria_vec = match_criteria->metadataMatchCriteria(); SubsetSelectorMapPtr selectors = selectors_; if (selectors == nullptr) { return absl::nullopt; } for (uint32_t i = 0; i < match_criteria_vec.size(); i++) { const Router::MetadataMatchCriterion& match_criterion = *match_criteria_vec[i]; const auto& subset_it = selectors->subset_keys_.find(match_criterion.name()); if (subset_it == selectors->subset_keys_.end()) { // No subsets with this key (at this level in the hierarchy). break; } if (i + 1 == match_criteria_vec.size()) { // We've reached the end of the criteria, and they all matched. return subset_it->second->fallback_params_; } selectors = subset_it->second; } return absl::nullopt; } HostConstSharedPtr SubsetLoadBalancer::chooseHostForSelectorFallbackPolicy( const SubsetSelectorFallbackParams& fallback_params, LoadBalancerContext* context) { const auto& fallback_policy = fallback_params.fallback_policy_; if (fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::ANY_ENDPOINT && subset_any_ != nullptr) { return subset_any_->priority_subset_->lb_->chooseHost(context); } else if (fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig:: LbSubsetSelector::DEFAULT_SUBSET && selector_fallback_subset_default_ != nullptr) { return selector_fallback_subset_default_->priority_subset_->lb_->chooseHost(context); } else if (fallback_policy == envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector::KEYS_SUBSET) { ASSERT(fallback_params.fallback_keys_subset_); auto filtered_context = std::make_unique( context, *fallback_params.fallback_keys_subset_); // Perform whole subset load balancing again with reduced metadata match criteria return chooseHost(filtered_context.get()); } else { return nullptr; } } // Find a host from the subsets. Sets host_chosen to false and returns nullptr if the context has // no metadata match criteria, if there is no matching subset, or if the matching subset contains // no hosts (ignoring health). Otherwise, host_chosen is true and the returns HostConstSharedPtr is // from the subset's load balancer (technically, it may still be nullptr). HostConstSharedPtr SubsetLoadBalancer::tryChooseHostFromContext(LoadBalancerContext* context, bool& host_chosen) { host_chosen = false; const Router::MetadataMatchCriteria* match_criteria = context->metadataMatchCriteria(); if (!match_criteria) { return nullptr; } if (!single_key_.empty()) { return tryChooseHostFromMetadataMatchCriteriaSingle(*match_criteria, host_chosen); } // Route has metadata match criteria defined, see if we have a matching subset. LbSubsetEntryPtr entry = findSubset(match_criteria->metadataMatchCriteria()); if (entry == nullptr || !entry->active()) { // No matching subset or subset not active: use fallback policy. return nullptr; } host_chosen = true; stats_.lb_subsets_selected_.inc(); return entry->priority_subset_->lb_->chooseHost(context); } // Iterates over the given metadata match criteria (which must be lexically sorted by key) and find // a matching LbSubsetEntryPtr, if any. SubsetLoadBalancer::LbSubsetEntryPtr SubsetLoadBalancer::findSubset( const std::vector& match_criteria) { const LbSubsetMap* subsets = &subsets_; // Because the match_criteria and the host metadata used to populate subsets_ are sorted in the // same order, we can iterate over the criteria and perform a lookup for each key and value, // starting with the root LbSubsetMap and using the previous iteration's LbSubsetMap thereafter // (tracked in subsets). If ever a criterion's key or value is not found, there is no subset for // this criteria. If we reach the last criterion, we've found the LbSubsetEntry for the criteria, // which may or may not have a subset attached to it. for (uint32_t i = 0; i < match_criteria.size(); i++) { const Router::MetadataMatchCriterion& match_criterion = *match_criteria[i]; const auto& subset_it = subsets->find(match_criterion.name()); if (subset_it == subsets->end()) { // No subsets with this key (at this level in the hierarchy). break; } const ValueSubsetMap& vs_map = subset_it->second; const auto& vs_it = vs_map.find(match_criterion.value()); if (vs_it == vs_map.end()) { // No subsets with this value. break; } const LbSubsetEntryPtr& entry = vs_it->second; if (i + 1 == match_criteria.size()) { // We've reached the end of the criteria, and they all matched. return entry; } subsets = &entry->children_; } return nullptr; } void SubsetLoadBalancer::updateFallbackSubset(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { if (subset_any_ != nullptr) { subset_any_->priority_subset_->update(priority, hosts_added, hosts_removed); } if (selector_fallback_subset_default_ != nullptr) { selector_fallback_subset_default_->priority_subset_->update(priority, hosts_added, hosts_removed); } if (fallback_subset_ == nullptr) { ENVOY_LOG(debug, "subset lb: fallback load balancer disabled"); return; } if (fallback_subset_ != subset_any_) { // Add/remove hosts. fallback_subset_->priority_subset_->update(priority, hosts_added, hosts_removed); } // Same thing for the panic mode subset. ASSERT(panic_mode_subset_ == nullptr || panic_mode_subset_ == subset_any_); } // Iterates over the added and removed hosts, looking up an LbSubsetEntryPtr for each. For every // unique LbSubsetEntryPtr found, it either invokes new_cb or update_cb depending on whether the // LbSubsetEntryPtr is already initialized (update_cb) or not (new_cb). In addition, update_cb is // invoked for any otherwise unmodified but active and initialized LbSubsetEntryPtr to allow host // health to be updated. void SubsetLoadBalancer::processSubsets( const HostVector& hosts_added, const HostVector& hosts_removed, std::function update_cb, std::function new_cb) { absl::node_hash_set subsets_modified; std::pair steps[] = {{hosts_added, true}, {hosts_removed, false}}; for (const auto& step : steps) { const auto& hosts = step.first; const bool adding_hosts = step.second; for (const auto& host : hosts) { for (const auto& subset_selector : subset_selectors_) { const auto& keys = subset_selector->selectorKeys(); // For each host, for each subset key, attempt to extract the metadata corresponding to the // key from the host. std::vector all_kvs = extractSubsetMetadata(keys, *host); for (const auto& kvs : all_kvs) { // The host has metadata for each key, find or create its subset. auto entry = findOrCreateSubset(subsets_, kvs, 0); if (entry != nullptr) { if (subsets_modified.find(entry) != subsets_modified.end()) { // We've already invoked the callback for this entry. continue; } subsets_modified.emplace(entry); if (entry->initialized()) { update_cb(entry); } else { HostPredicate predicate = [this, kvs](const Host& host) -> bool { return hostMatches(kvs, host); }; if (adding_hosts) { new_cb(entry, predicate, kvs); } } } } } } } forEachSubset(subsets_, [&](LbSubsetEntryPtr entry) { if (subsets_modified.find(entry) != subsets_modified.end()) { // Already handled due to hosts being added or removed. return; } if (entry->initialized() && entry->active()) { update_cb(entry); } }); } // Given the addition and/or removal of hosts, update all subsets for this priority level, creating // new subsets as necessary. void SubsetLoadBalancer::update(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { updateFallbackSubset(priority, hosts_added, hosts_removed); processSubsets( hosts_added, hosts_removed, [&](LbSubsetEntryPtr entry) { entry->priority_subset_->update(priority, hosts_added, hosts_removed); }, [&](LbSubsetEntryPtr entry, HostPredicate predicate, const SubsetMetadata& kvs) { ENVOY_LOG(debug, "subset lb: creating load balancer for {}", describeMetadata(kvs)); // Initialize new entry with hosts and update stats. (An uninitialized entry // with only removed hosts is a degenerate case and we leave the entry // uninitialized.) entry->priority_subset_ = std::make_shared( *this, predicate, locality_weight_aware_, scale_locality_weight_); stats_.lb_subsets_active_.inc(); stats_.lb_subsets_created_.inc(); }); } bool SubsetLoadBalancer::hostMatches(const SubsetMetadata& kvs, const Host& host) { return Config::Metadata::metadataLabelMatch( kvs, host.metadata().get(), Config::MetadataFilters::get().ENVOY_LB, list_as_any_); } // Iterates over subset_keys looking up values from the given host's metadata. Each key-value pair // is appended to kvs. Returns a non-empty value if the host has a value for each key. std::vector SubsetLoadBalancer::extractSubsetMetadata(const std::set& subset_keys, const Host& host) { std::vector all_kvs; if (!host.metadata()) { return all_kvs; } const envoy::config::core::v3::Metadata& metadata = *host.metadata(); const auto& filter_it = metadata.filter_metadata().find(Config::MetadataFilters::get().ENVOY_LB); if (filter_it == metadata.filter_metadata().end()) { return all_kvs; } const auto& fields = filter_it->second.fields(); for (const auto& key : subset_keys) { const auto it = fields.find(key); if (it == fields.end()) { all_kvs.clear(); break; } if (list_as_any_ && it->second.kind_case() == ProtobufWkt::Value::kListValue) { // If the list of kvs is empty, we initialize one kvs for each value in the list. // Otherwise, we branch the list of kvs by generating one new kvs per old kvs per // new value. // // For example, two kvs (, ) joined with the kv foo=[bar,baz] results in four kvs: // // // // if (all_kvs.empty()) { for (const auto& v : it->second.list_value().values()) { all_kvs.emplace_back(SubsetMetadata({make_pair(key, v)})); } } else { std::vector new_kvs; for (const auto& kvs : all_kvs) { for (const auto& v : it->second.list_value().values()) { auto kv_copy = kvs; kv_copy.emplace_back(make_pair(key, v)); new_kvs.emplace_back(kv_copy); } } all_kvs = new_kvs; } } else { if (all_kvs.empty()) { all_kvs.emplace_back(SubsetMetadata({std::make_pair(key, it->second)})); } else { for (auto& kvs : all_kvs) { kvs.emplace_back(std::make_pair(key, it->second)); } } } } return all_kvs; } std::string SubsetLoadBalancer::describeMetadata(const SubsetLoadBalancer::SubsetMetadata& kvs) { if (kvs.empty()) { return ""; } std::ostringstream buf; bool first = true; for (const auto& it : kvs) { if (!first) { buf << ", "; } else { first = false; } buf << it.first << "=" << MessageUtil::getJsonStringFromMessage(it.second); } return buf.str(); } // Given a vector of key-values (from extractSubsetMetadata), recursively finds the matching // LbSubsetEntryPtr. SubsetLoadBalancer::LbSubsetEntryPtr SubsetLoadBalancer::findOrCreateSubset(LbSubsetMap& subsets, const SubsetMetadata& kvs, uint32_t idx) { ASSERT(idx < kvs.size()); const std::string& name = kvs[idx].first; const ProtobufWkt::Value& pb_value = kvs[idx].second; const HashedValue value(pb_value); LbSubsetEntryPtr entry; const auto& kv_it = subsets.find(name); if (kv_it != subsets.end()) { ValueSubsetMap& value_subset_map = kv_it->second; const auto vs_it = value_subset_map.find(value); if (vs_it != value_subset_map.end()) { entry = vs_it->second; } } if (!entry) { // Not found. Create an uninitialized entry. entry = std::make_shared(); if (kv_it != subsets.end()) { ValueSubsetMap& value_subset_map = kv_it->second; value_subset_map.emplace(value, entry); } else { ValueSubsetMap value_subset_map = {{value, entry}}; subsets.emplace(name, value_subset_map); } } idx++; if (idx == kvs.size()) { // We've matched all the key-values, return the entry. return entry; } return findOrCreateSubset(entry->children_, kvs, idx); } // Invokes cb for each LbSubsetEntryPtr in subsets. void SubsetLoadBalancer::forEachSubset(LbSubsetMap& subsets, std::function cb) { for (auto& vsm : subsets) { for (auto& em : vsm.second) { LbSubsetEntryPtr entry = em.second; cb(entry); forEachSubset(entry->children_, cb); } } } void SubsetLoadBalancer::purgeEmptySubsets(LbSubsetMap& subsets) { for (auto subset_it = subsets.begin(); subset_it != subsets.end();) { for (auto it = subset_it->second.begin(); it != subset_it->second.end();) { LbSubsetEntryPtr entry = it->second; purgeEmptySubsets(entry->children_); if (entry->active() || entry->hasChildren()) { it++; continue; } // If it wasn't initialized, it wasn't accounted for. if (entry->initialized()) { stats_.lb_subsets_active_.dec(); stats_.lb_subsets_removed_.inc(); } auto next_it = std::next(it); subset_it->second.erase(it); it = next_it; } if (subset_it->second.empty()) { auto next_subset_it = std::next(subset_it); subsets.erase(subset_it); subset_it = next_subset_it; } else { subset_it++; } } } // Initialize a new HostSubsetImpl and LoadBalancer from the SubsetLoadBalancer, filtering hosts // with the given predicate. SubsetLoadBalancer::PrioritySubsetImpl::PrioritySubsetImpl(const SubsetLoadBalancer& subset_lb, HostPredicate predicate, bool locality_weight_aware, bool scale_locality_weight) : original_priority_set_(subset_lb.original_priority_set_), predicate_(predicate), locality_weight_aware_(locality_weight_aware), scale_locality_weight_(scale_locality_weight) { for (size_t i = 0; i < original_priority_set_.hostSetsPerPriority().size(); ++i) { empty_ &= getOrCreateHostSet(i).hosts().empty(); } for (size_t i = 0; i < subset_lb.original_priority_set_.hostSetsPerPriority().size(); ++i) { update(i, subset_lb.original_priority_set_.hostSetsPerPriority()[i]->hosts(), {}); } switch (subset_lb.lb_type_) { case LoadBalancerType::LeastRequest: lb_ = std::make_unique( *this, subset_lb.original_local_priority_set_, subset_lb.stats_, subset_lb.runtime_, subset_lb.random_, subset_lb.common_config_, subset_lb.least_request_config_); break; case LoadBalancerType::Random: lb_ = std::make_unique(*this, subset_lb.original_local_priority_set_, subset_lb.stats_, subset_lb.runtime_, subset_lb.random_, subset_lb.common_config_); break; case LoadBalancerType::RoundRobin: lb_ = std::make_unique(*this, subset_lb.original_local_priority_set_, subset_lb.stats_, subset_lb.runtime_, subset_lb.random_, subset_lb.common_config_); break; case LoadBalancerType::RingHash: // TODO(mattklein123): The ring hash LB is thread aware, but currently the subset LB is not. // We should make the subset LB thread aware since the calculations are costly, and then we // can also use a thread aware sub-LB properly. The following works fine but is not optimal. thread_aware_lb_ = std::make_unique( *this, subset_lb.stats_, subset_lb.scope_, subset_lb.runtime_, subset_lb.random_, subset_lb.lb_ring_hash_config_, subset_lb.common_config_); thread_aware_lb_->initialize(); lb_ = thread_aware_lb_->factory()->create(); break; case LoadBalancerType::Maglev: // TODO(mattklein123): The Maglev LB is thread aware, but currently the subset LB is not. // We should make the subset LB thread aware since the calculations are costly, and then we // can also use a thread aware sub-LB properly. The following works fine but is not optimal. thread_aware_lb_ = std::make_unique( *this, subset_lb.stats_, subset_lb.scope_, subset_lb.runtime_, subset_lb.random_, subset_lb.lb_maglev_config_, subset_lb.common_config_); thread_aware_lb_->initialize(); lb_ = thread_aware_lb_->factory()->create(); break; case LoadBalancerType::OriginalDst: case LoadBalancerType::ClusterProvided: // LoadBalancerType::OriginalDst is blocked in the factory. LoadBalancerType::ClusterProvided // is impossible because the subset LB returns a null load balancer from its factory. NOT_REACHED_GCOVR_EXCL_LINE; } triggerCallbacks(); } // Given hosts_added and hosts_removed, update the underlying HostSet. The hosts_added Hosts must // be filtered to match hosts that belong in this subset. The hosts_removed Hosts are ignored if // they are not currently a member of this subset. void SubsetLoadBalancer::HostSubsetImpl::update(const HostVector& hosts_added, const HostVector& hosts_removed, std::function predicate) { // We cache the result of matching the host against the predicate. This ensures // that we maintain a consistent view of the metadata and saves on computation // since metadata lookups can be expensive. // // We use an unordered container because this can potentially be in the tens of thousands. absl::node_hash_set matching_hosts; auto cached_predicate = [&matching_hosts](const auto& host) { return matching_hosts.count(&host) == 1; }; // TODO(snowp): If we had a unhealthyHosts() function we could avoid potentially traversing // the list of hosts twice. auto hosts = std::make_shared(); hosts->reserve(original_host_set_.hosts().size()); for (const auto& host : original_host_set_.hosts()) { if (predicate(*host)) { matching_hosts.insert(host.get()); hosts->emplace_back(host); } } auto healthy_hosts = std::make_shared(); healthy_hosts->get().reserve(original_host_set_.healthyHosts().size()); for (const auto& host : original_host_set_.healthyHosts()) { if (cached_predicate(*host)) { healthy_hosts->get().emplace_back(host); } } auto degraded_hosts = std::make_shared(); degraded_hosts->get().reserve(original_host_set_.degradedHosts().size()); for (const auto& host : original_host_set_.degradedHosts()) { if (cached_predicate(*host)) { degraded_hosts->get().emplace_back(host); } } auto excluded_hosts = std::make_shared(); excluded_hosts->get().reserve(original_host_set_.excludedHosts().size()); for (const auto& host : original_host_set_.excludedHosts()) { if (cached_predicate(*host)) { excluded_hosts->get().emplace_back(host); } } // If we only have one locality we can avoid the first call to filter() by // just creating a new HostsPerLocality from the list of all hosts. HostsPerLocalityConstSharedPtr hosts_per_locality; if (original_host_set_.hostsPerLocality().get().size() == 1) { hosts_per_locality = std::make_shared( *hosts, original_host_set_.hostsPerLocality().hasLocalLocality()); } else { hosts_per_locality = original_host_set_.hostsPerLocality().filter({cached_predicate})[0]; } auto healthy_hosts_per_locality = original_host_set_.healthyHostsPerLocality().filter({cached_predicate})[0]; auto degraded_hosts_per_locality = original_host_set_.degradedHostsPerLocality().filter({cached_predicate})[0]; auto excluded_hosts_per_locality = original_host_set_.excludedHostsPerLocality().filter({cached_predicate})[0]; // We can use the cached predicate here, since we trust that the hosts in hosts_added were also // present in the list of all hosts. HostVector filtered_added; for (const auto& host : hosts_added) { if (cached_predicate(*host)) { filtered_added.emplace_back(host); } } // Since the removed hosts would not be present in the list of all hosts, we need to evaluate // the predicate directly for these hosts. HostVector filtered_removed; for (const auto& host : hosts_removed) { if (predicate(*host)) { filtered_removed.emplace_back(host); } } HostSetImpl::updateHosts(HostSetImpl::updateHostsParams( hosts, hosts_per_locality, healthy_hosts, healthy_hosts_per_locality, degraded_hosts, degraded_hosts_per_locality, excluded_hosts, excluded_hosts_per_locality), determineLocalityWeights(*hosts_per_locality), filtered_added, filtered_removed, absl::nullopt); } LocalityWeightsConstSharedPtr SubsetLoadBalancer::HostSubsetImpl::determineLocalityWeights( const HostsPerLocality& hosts_per_locality) const { if (locality_weight_aware_) { if (scale_locality_weight_) { const auto& original_hosts_per_locality = original_host_set_.hostsPerLocality().get(); // E.g. we can be here in static clusters with actual locality weighting before pre-init // completes. if (!original_host_set_.localityWeights()) { return {}; } const auto& original_weights = *original_host_set_.localityWeights(); auto scaled_locality_weights = std::make_shared(original_weights.size()); for (uint32_t i = 0; i < original_weights.size(); ++i) { // If the original locality has zero hosts, skip it. This leaves the weight at zero. if (original_hosts_per_locality[i].empty()) { continue; } // Otherwise, scale it proportionally to the number of hosts removed by the subset // predicate. (*scaled_locality_weights)[i] = std::round(float((original_weights[i] * hosts_per_locality.get()[i].size())) / original_hosts_per_locality[i].size()); } return scaled_locality_weights; } else { return original_host_set_.localityWeights(); } } return {}; } HostSetImplPtr SubsetLoadBalancer::PrioritySubsetImpl::createHostSet( uint32_t priority, absl::optional overprovisioning_factor) { // Use original hostset's overprovisioning_factor. RELEASE_ASSERT(priority < original_priority_set_.hostSetsPerPriority().size(), ""); const HostSetPtr& host_set = original_priority_set_.hostSetsPerPriority()[priority]; ASSERT(!overprovisioning_factor.has_value() || overprovisioning_factor.value() == host_set->overprovisioningFactor()); return HostSetImplPtr{ new HostSubsetImpl(*host_set, locality_weight_aware_, scale_locality_weight_)}; } void SubsetLoadBalancer::PrioritySubsetImpl::update(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { const auto& host_subset = getOrCreateHostSet(priority); updateSubset(priority, hosts_added, hosts_removed, predicate_); if (host_subset.hosts().empty() != empty_) { empty_ = true; for (auto& host_set : hostSetsPerPriority()) { empty_ &= host_set->hosts().empty(); } } // Create a new worker local LB if needed. // TODO(mattklein123): See the PrioritySubsetImpl constructor for additional comments on how // we can do better here. if (thread_aware_lb_ != nullptr) { lb_ = thread_aware_lb_->factory()->create(); } } SubsetLoadBalancer::LoadBalancerContextWrapper::LoadBalancerContextWrapper( LoadBalancerContext* wrapped, const std::set& filtered_metadata_match_criteria_names) : wrapped_(wrapped) { ASSERT(wrapped->metadataMatchCriteria()); metadata_match_ = wrapped->metadataMatchCriteria()->filterMatchCriteria(filtered_metadata_match_criteria_names); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/subset_lb.h ================================================ #pragma once #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/upstream/load_balancer.h" #include "common/common/macros.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/upstream/upstream_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Upstream { class SubsetLoadBalancer : public LoadBalancer, Logger::Loggable { public: SubsetLoadBalancer( LoadBalancerType lb_type, PrioritySet& priority_set, const PrioritySet* local_priority_set, ClusterStats& stats, Stats::Scope& scope, Runtime::Loader& runtime, Random::RandomGenerator& random, const LoadBalancerSubsetInfo& subsets, const absl::optional& lb_ring_hash_config, const absl::optional& lb_maglev_config, const absl::optional& least_request_config, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config); ~SubsetLoadBalancer() override; // Upstream::LoadBalancer HostConstSharedPtr chooseHost(LoadBalancerContext* context) override; // TODO(alyssawilk) implement for non-metadata match. HostConstSharedPtr peekAnotherHost(LoadBalancerContext*) override { return nullptr; } private: using HostPredicate = std::function; struct SubsetSelectorFallbackParams; void initSubsetAnyOnce(); void initSubsetSelectorMap(); void initSelectorFallbackSubset(const envoy::config::cluster::v3::Cluster::LbSubsetConfig:: LbSubsetSelector::LbSubsetSelectorFallbackPolicy&); HostConstSharedPtr chooseHostForSelectorFallbackPolicy(const SubsetSelectorFallbackParams& fallback_params, LoadBalancerContext* context); // Represents a subset of an original HostSet. class HostSubsetImpl : public HostSetImpl { public: HostSubsetImpl(const HostSet& original_host_set, bool locality_weight_aware, bool scale_locality_weight) : HostSetImpl(original_host_set.priority(), original_host_set.overprovisioningFactor()), original_host_set_(original_host_set), locality_weight_aware_(locality_weight_aware), scale_locality_weight_(scale_locality_weight) {} void update(const HostVector& hosts_added, const HostVector& hosts_removed, HostPredicate predicate); LocalityWeightsConstSharedPtr determineLocalityWeights(const HostsPerLocality& hosts_per_locality) const; private: const HostSet& original_host_set_; const bool locality_weight_aware_; const bool scale_locality_weight_; }; // Represents a subset of an original PrioritySet. class PrioritySubsetImpl : public PrioritySetImpl { public: PrioritySubsetImpl(const SubsetLoadBalancer& subset_lb, HostPredicate predicate, bool locality_weight_aware, bool scale_locality_weight); void update(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed); bool empty() { return empty_; } void triggerCallbacks() { for (size_t i = 0; i < hostSetsPerPriority().size(); ++i) { runReferenceUpdateCallbacks(i, {}, {}); } } void updateSubset(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed, HostPredicate predicate) { reinterpret_cast(host_sets_[priority].get()) ->update(hosts_added, hosts_removed, predicate); runUpdateCallbacks(hosts_added, hosts_removed); } // Thread aware LB if applicable. ThreadAwareLoadBalancerPtr thread_aware_lb_; // Current active LB. LoadBalancerPtr lb_; protected: HostSetImplPtr createHostSet(uint32_t priority, absl::optional overprovisioning_factor) override; private: const PrioritySet& original_priority_set_; const HostPredicate predicate_; const bool locality_weight_aware_; const bool scale_locality_weight_; bool empty_ = true; }; using HostSubsetImplPtr = std::shared_ptr; using PrioritySubsetImplPtr = std::shared_ptr; using SubsetMetadata = std::vector>; class LbSubsetEntry; struct SubsetSelectorMap; using LbSubsetEntryPtr = std::shared_ptr; using SubsetSelectorMapPtr = std::shared_ptr; using ValueSubsetMap = absl::node_hash_map; using LbSubsetMap = absl::node_hash_map; using SubsetSelectorFallbackParamsRef = std::reference_wrapper; class LoadBalancerContextWrapper : public LoadBalancerContext { public: LoadBalancerContextWrapper(LoadBalancerContext* wrapped, const std::set& filtered_metadata_match_criteria_names); // LoadBalancerContext absl::optional computeHashKey() override { return wrapped_->computeHashKey(); } const Router::MetadataMatchCriteria* metadataMatchCriteria() override { return metadata_match_.get(); } const Network::Connection* downstreamConnection() const override { return wrapped_->downstreamConnection(); } const Http::RequestHeaderMap* downstreamHeaders() const override { return wrapped_->downstreamHeaders(); } const HealthyAndDegradedLoad& determinePriorityLoad( const PrioritySet& priority_set, const HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc& priority_mapping_func) override { return wrapped_->determinePriorityLoad(priority_set, original_priority_load, priority_mapping_func); } bool shouldSelectAnotherHost(const Host& host) override { return wrapped_->shouldSelectAnotherHost(host); } uint32_t hostSelectionRetryCount() const override { return wrapped_->hostSelectionRetryCount(); } Network::Socket::OptionsSharedPtr upstreamSocketOptions() const override { return wrapped_->upstreamSocketOptions(); } Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const override { return wrapped_->upstreamTransportSocketOptions(); } private: LoadBalancerContext* wrapped_; Router::MetadataMatchCriteriaConstPtr metadata_match_; }; struct SubsetSelectorFallbackParams { envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetSelector:: LbSubsetSelectorFallbackPolicy fallback_policy_; const std::set* fallback_keys_subset_ = nullptr; }; struct SubsetSelectorMap { absl::node_hash_map subset_keys_; SubsetSelectorFallbackParams fallback_params_; }; // Entry in the subset hierarchy. class LbSubsetEntry { public: LbSubsetEntry() = default; bool initialized() const { return priority_subset_ != nullptr; } bool active() const { return initialized() && !priority_subset_->empty(); } bool hasChildren() const { return !children_.empty(); } LbSubsetMap children_; // Only initialized if a match exists at this level. PrioritySubsetImplPtr priority_subset_; }; // Create filtered default subset (if necessary) and other subsets based on current hosts. void refreshSubsets(); void refreshSubsets(uint32_t priority); // Called by HostSet::MemberUpdateCb void update(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed); // Rebuild the map for single_host_per_subset mode. void rebuildSingle(); void updateFallbackSubset(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed); void processSubsets(const HostVector& hosts_added, const HostVector& hosts_removed, std::function update_cb, std::function cb); HostConstSharedPtr tryChooseHostFromContext(LoadBalancerContext* context, bool& host_chosen); HostConstSharedPtr tryChooseHostFromMetadataMatchCriteriaSingle(const Router::MetadataMatchCriteria& match_criteria, bool& host_chosen); absl::optional tryFindSelectorFallbackParams(LoadBalancerContext* context); bool hostMatches(const SubsetMetadata& kvs, const Host& host); LbSubsetEntryPtr findSubset(const std::vector& matches); LbSubsetEntryPtr findOrCreateSubset(LbSubsetMap& subsets, const SubsetMetadata& kvs, uint32_t idx); void forEachSubset(LbSubsetMap& subsets, std::function cb); void purgeEmptySubsets(LbSubsetMap& subsets); std::vector extractSubsetMetadata(const std::set& subset_keys, const Host& host); std::string describeMetadata(const SubsetMetadata& kvs); const LoadBalancerType lb_type_; const absl::optional lb_ring_hash_config_; const absl::optional lb_maglev_config_; const absl::optional least_request_config_; const envoy::config::cluster::v3::Cluster::CommonLbConfig common_config_; ClusterStats& stats_; Stats::Scope& scope_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; const envoy::config::cluster::v3::Cluster::LbSubsetConfig::LbSubsetFallbackPolicy fallback_policy_; const SubsetMetadata default_subset_metadata_; std::vector subset_selectors_; const PrioritySet& original_priority_set_; const PrioritySet* original_local_priority_set_; Common::CallbackHandle* original_priority_set_callback_handle_; LbSubsetEntryPtr subset_any_; LbSubsetEntryPtr fallback_subset_; LbSubsetEntryPtr panic_mode_subset_; LbSubsetEntryPtr selector_fallback_subset_default_; // Forms a trie-like structure. Requires lexically sorted Host and Route metadata. LbSubsetMap subsets_; // Forms a trie-like structure of lexically sorted keys+fallback policy from subset // selectors configuration SubsetSelectorMapPtr selectors_; std::string single_key_; absl::flat_hash_map single_host_per_subset_map_; Stats::Gauge* single_duplicate_stat_{}; const bool locality_weight_aware_; const bool scale_locality_weight_; const bool list_as_any_; friend class SubsetLoadBalancerDescribeMetadataTester; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/thread_aware_lb_impl.cc ================================================ #include "common/upstream/thread_aware_lb_impl.h" #include #include namespace Envoy { namespace Upstream { // TODO(mergeconflict): Adjust locality weights for partial availability, as is done in // HostSetImpl::effectiveLocalityWeight. namespace { void normalizeHostWeights(const HostVector& hosts, double normalized_locality_weight, NormalizedHostWeightVector& normalized_host_weights, double& min_normalized_weight, double& max_normalized_weight) { // sum should be at most uint32_t max value, so we can validate it by accumulating into unit64_t // and making sure there was no overflow uint64_t sum = 0; for (const auto& host : hosts) { sum += host->weight(); if (sum > std::numeric_limits::max()) { throw EnvoyException( fmt::format("The sum of weights of all upstream hosts in a locality exceeds {}", std::numeric_limits::max())); } } for (const auto& host : hosts) { const double weight = host->weight() * normalized_locality_weight / sum; normalized_host_weights.push_back({host, weight}); min_normalized_weight = std::min(min_normalized_weight, weight); max_normalized_weight = std::max(max_normalized_weight, weight); } } void normalizeLocalityWeights(const HostsPerLocality& hosts_per_locality, const LocalityWeights& locality_weights, NormalizedHostWeightVector& normalized_host_weights, double& min_normalized_weight, double& max_normalized_weight) { ASSERT(locality_weights.size() == hosts_per_locality.get().size()); // sum should be at most uint32_t max value, so we can validate it by accumulating into unit64_t // and making sure there was no overflow uint64_t sum = 0; for (const auto weight : locality_weights) { sum += weight; if (sum > std::numeric_limits::max()) { throw EnvoyException( fmt::format("The sum of weights of all localities at the same priority exceeds {}", std::numeric_limits::max())); } } // Locality weights (unlike host weights) may be 0. If _all_ locality weights were 0, bail out. if (sum == 0) { return; } // Compute normalized weights for all hosts in each locality. If a locality was assigned zero // weight, all hosts in that locality will be skipped. for (LocalityWeights::size_type i = 0; i < locality_weights.size(); ++i) { if (locality_weights[i] != 0) { const HostVector& hosts = hosts_per_locality.get()[i]; const double normalized_locality_weight = static_cast(locality_weights[i]) / sum; normalizeHostWeights(hosts, normalized_locality_weight, normalized_host_weights, min_normalized_weight, max_normalized_weight); } } } void normalizeWeights(const HostSet& host_set, bool in_panic, NormalizedHostWeightVector& normalized_host_weights, double& min_normalized_weight, double& max_normalized_weight) { if (host_set.localityWeights() == nullptr || host_set.localityWeights()->empty()) { // If we're not dealing with locality weights, just normalize weights for the flat set of hosts. const auto& hosts = in_panic ? host_set.hosts() : host_set.healthyHosts(); normalizeHostWeights(hosts, 1.0, normalized_host_weights, min_normalized_weight, max_normalized_weight); } else { // Otherwise, normalize weights across all localities. const auto& hosts_per_locality = in_panic ? host_set.hostsPerLocality() : host_set.healthyHostsPerLocality(); normalizeLocalityWeights(hosts_per_locality, *(host_set.localityWeights()), normalized_host_weights, min_normalized_weight, max_normalized_weight); } } } // namespace void ThreadAwareLoadBalancerBase::initialize() { // TODO(mattklein123): In the future, once initialized and the initial LB is built, it would be // better to use a background thread for computing LB updates. This has the substantial benefit // that if the LB computation thread falls behind, host set updates can be trivially collapsed. // I will look into doing this in a follow up. Doing everything using a background thread heavily // complicated initialization as the load balancer would need its own initialized callback. I // think the synchronous/asynchronous split is probably the best option. priority_set_.addPriorityUpdateCb( [this](uint32_t, const HostVector&, const HostVector&) -> void { refresh(); }); refresh(); } void ThreadAwareLoadBalancerBase::refresh() { auto per_priority_state_vector = std::make_shared>( priority_set_.hostSetsPerPriority().size()); auto healthy_per_priority_load = std::make_shared(per_priority_load_.healthy_priority_load_); auto degraded_per_priority_load = std::make_shared(per_priority_load_.degraded_priority_load_); for (const auto& host_set : priority_set_.hostSetsPerPriority()) { const uint32_t priority = host_set->priority(); (*per_priority_state_vector)[priority] = std::make_unique(); const auto& per_priority_state = (*per_priority_state_vector)[priority]; // Copy panic flag from LoadBalancerBase. It is calculated when there is a change // in hosts set or hosts' health. per_priority_state->global_panic_ = per_priority_panic_[priority]; // Normalize host and locality weights such that the sum of all normalized weights is 1. NormalizedHostWeightVector normalized_host_weights; double min_normalized_weight = 1.0; double max_normalized_weight = 0.0; normalizeWeights(*host_set, per_priority_state->global_panic_, normalized_host_weights, min_normalized_weight, max_normalized_weight); per_priority_state->current_lb_ = createLoadBalancer( std::move(normalized_host_weights), min_normalized_weight, max_normalized_weight); } { absl::WriterMutexLock lock(&factory_->mutex_); factory_->healthy_per_priority_load_ = healthy_per_priority_load; factory_->degraded_per_priority_load_ = degraded_per_priority_load; factory_->per_priority_state_ = per_priority_state_vector; } } HostConstSharedPtr ThreadAwareLoadBalancerBase::LoadBalancerImpl::chooseHost(LoadBalancerContext* context) { // Make sure we correctly return nullptr for any early chooseHost() calls. if (per_priority_state_ == nullptr) { return nullptr; } // If there is no hash in the context, just choose a random value (this effectively becomes // the random LB but it won't crash if someone configures it this way). // computeHashKey() may be computed on demand, so get it only once. absl::optional hash; if (context) { hash = context->computeHashKey(); } const uint64_t h = hash ? hash.value() : random_.random(); const uint32_t priority = LoadBalancerBase::choosePriority(h, *healthy_per_priority_load_, *degraded_per_priority_load_) .first; const auto& per_priority_state = (*per_priority_state_)[priority]; if (per_priority_state->global_panic_) { stats_.lb_healthy_panic_.inc(); } HostConstSharedPtr host; const uint32_t max_attempts = context ? context->hostSelectionRetryCount() + 1 : 1; for (uint32_t i = 0; i < max_attempts; ++i) { host = per_priority_state->current_lb_->chooseHost(h, i); // If host selection failed or the host is accepted by the filter, return. // Otherwise, try again. if (!host || !context || !context->shouldSelectAnotherHost(*host)) { return host; } } return host; } LoadBalancerPtr ThreadAwareLoadBalancerBase::LoadBalancerFactoryImpl::create() { auto lb = std::make_unique(stats_, random_); // We must protect current_lb_ via a RW lock since it is accessed and written to by multiple // threads. All complex processing has already been precalculated however. absl::ReaderMutexLock lock(&mutex_); lb->healthy_per_priority_load_ = healthy_per_priority_load_; lb->degraded_per_priority_load_ = degraded_per_priority_load_; lb->per_priority_state_ = per_priority_state_; return lb; } double ThreadAwareLoadBalancerBase::BoundedLoadHashingLoadBalancer::hostOverloadFactor( const Host& host, double weight) const { // TODO(scheler): This will not work if rq_active cluster stat is disabled, need to detect // and alert the user if that's the case. const uint32_t overall_active = host.cluster().stats().upstream_rq_active_.value(); const uint32_t host_active = host.stats().rq_active_.value(); const uint32_t total_slots = ((overall_active + 1) * hash_balance_factor_ + 99) / 100; const uint32_t slots = std::max(static_cast(std::ceil(total_slots * weight)), static_cast(1)); if (host.stats().rq_active_.value() > slots) { ENVOY_LOG_MISC( debug, "ThreadAwareLoadBalancerBase::BoundedLoadHashingLoadBalancer::chooseHost: " "host {} overloaded; overall_active {}, host_weight {}, host_active {} > slots {}", host.address()->asString(), overall_active, weight, host_active, slots); } return static_cast(host.stats().rq_active_.value()) / slots; } HostConstSharedPtr ThreadAwareLoadBalancerBase::BoundedLoadHashingLoadBalancer::chooseHost(uint64_t hash, uint32_t attempt) const { // This is implemented based on the method described in the paper // https://arxiv.org/abs/1608.01350. For the specified `hash_balance_factor`, requests to any // upstream host are capped at `hash_balance_factor/100` times the average number of requests // across the cluster. When a request arrives for an upstream host that is currently serving at // its max capacity, linear probing is used to identify an eligible host. Further, the linear // probe is implemented using a random jump on hosts ring/table to identify the eligible host // (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump // avoids the cascading overflow effect when choosing the next host on the ring/table). // // If weights are specified on the hosts, they are respected. // // This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` // results in more hosts being probed, so use a higher value if you require better performance. if (normalized_host_weights_.empty()) { return nullptr; } HostConstSharedPtr host = hashing_lb_ptr_->chooseHost(hash, attempt); if (host == nullptr) { return nullptr; } const double weight = normalized_host_weights_map_.at(host); double overload_factor = hostOverloadFactor(*host, weight); if (overload_factor <= 1.0) { ENVOY_LOG_MISC(debug, "ThreadAwareLoadBalancerBase::BoundedLoadHashingLoadBalancer::chooseHost: " "selected host #{} (attempt:1)", host->address()->asString()); return host; } // When a host is overloaded, we choose the next host in a random manner rather than picking the // next one in the ring. The random sequence is seeded by the hash, so the same input gets the // same sequence of hosts all the time. const uint32_t num_hosts = normalized_host_weights_.size(); auto host_index = std::vector(num_hosts); for (uint32_t i = 0; i < num_hosts; i++) { host_index[i] = i; } // Not using Random::RandomGenerator as it does not take a seed. Seeded RNG is a requirement // here as we need the same shuffle sequence for the same hash every time. // Further, not using std::default_random_engine and std::uniform_int_distribution as they // are not consistent across Linux and Windows platforms. const uint64_t seed = hash; std::mt19937 random(seed); // generates a random number in the range [0,k) uniformly. auto uniform_int = [](std::mt19937& random, uint32_t k) -> uint32_t { uint32_t x = k; while (x >= k) { x = random() / ((static_cast(random.max()) + 1u) / k); } return x; }; HostConstSharedPtr alt_host, least_overloaded_host = host; double least_overload_factor = overload_factor; for (uint32_t i = 0; i < num_hosts; i++) { // The random shuffle algorithm const uint32_t j = uniform_int(random, num_hosts - i); std::swap(host_index[i], host_index[i + j]); const uint32_t k = host_index[i]; alt_host = normalized_host_weights_[k].first; if (alt_host == host) { continue; } const double alt_host_weight = normalized_host_weights_[k].second; overload_factor = hostOverloadFactor(*alt_host, alt_host_weight); if (overload_factor <= 1.0) { ENVOY_LOG_MISC(debug, "ThreadAwareLoadBalancerBase::BoundedLoadHashingLoadBalancer::chooseHost: " "selected host #{}:{} (attempt:{})", k, alt_host->address()->asString(), i + 2); return alt_host; } if (least_overload_factor > overload_factor) { least_overloaded_host = alt_host; least_overload_factor = overload_factor; } } return least_overloaded_host; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/thread_aware_lb_impl.h ================================================ #pragma once #include "envoy/config/cluster/v3/cluster.pb.h" #include "common/upstream/load_balancer_impl.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Upstream { using NormalizedHostWeightVector = std::vector>; using NormalizedHostWeightMap = std::map; class ThreadAwareLoadBalancerBase : public LoadBalancerBase, public ThreadAwareLoadBalancer { public: /** * Base class for a hashing load balancer implemented for use in a thread aware load balancer. * TODO(mattklein123): Currently only RingHash and Maglev use the thread aware load balancer. * The hash is pre-computed prior to getting to the real load balancer for * use in priority selection. In the future we likely we will want to pass * through the full load balancer context in case a future implementation * wants to use it. */ class HashingLoadBalancer { public: virtual ~HashingLoadBalancer() = default; virtual HostConstSharedPtr chooseHost(uint64_t hash, uint32_t attempt) const PURE; }; using HashingLoadBalancerSharedPtr = std::shared_ptr; /** * Class for consistent hashing load balancer (CH-LB) with bounded loads. * It is common to both RingHash and Maglev load balancers, because the logic of selecting the * next host when one is overloaded is independent of the CH-LB type. */ class BoundedLoadHashingLoadBalancer : public HashingLoadBalancer { public: BoundedLoadHashingLoadBalancer(HashingLoadBalancerSharedPtr hashing_lb_ptr, NormalizedHostWeightVector normalized_host_weights, uint32_t hash_balance_factor) : normalized_host_weights_map_(initNormalizedHostWeightMap(normalized_host_weights)), hashing_lb_ptr_(std::move(hashing_lb_ptr)), normalized_host_weights_(std::move(normalized_host_weights)), hash_balance_factor_(hash_balance_factor) { ASSERT(hashing_lb_ptr_ != nullptr); ASSERT(hash_balance_factor > 0); } HostConstSharedPtr chooseHost(uint64_t hash, uint32_t attempt) const override; protected: virtual double hostOverloadFactor(const Host& host, double weight) const; const NormalizedHostWeightMap normalized_host_weights_map_; private: const NormalizedHostWeightMap initNormalizedHostWeightMap(const NormalizedHostWeightVector& normalized_host_weights) { NormalizedHostWeightMap normalized_host_weights_map; for (auto const& item : normalized_host_weights) { normalized_host_weights_map[item.first] = item.second; } return normalized_host_weights_map; } const HashingLoadBalancerSharedPtr hashing_lb_ptr_; const NormalizedHostWeightVector normalized_host_weights_; const uint32_t hash_balance_factor_; }; // Upstream::ThreadAwareLoadBalancer LoadBalancerFactorySharedPtr factory() override { return factory_; } void initialize() override; // Upstream::LoadBalancerBase HostConstSharedPtr chooseHostOnce(LoadBalancerContext*) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // Prefetch not implemented for hash based load balancing HostConstSharedPtr peekAnotherHost(LoadBalancerContext*) override { return nullptr; } protected: ThreadAwareLoadBalancerBase( const PrioritySet& priority_set, ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : LoadBalancerBase(priority_set, stats, runtime, random, common_config), factory_(new LoadBalancerFactoryImpl(stats, random)) {} private: struct PerPriorityState { std::shared_ptr current_lb_; bool global_panic_{}; }; using PerPriorityStatePtr = std::unique_ptr; struct LoadBalancerImpl : public LoadBalancer { LoadBalancerImpl(ClusterStats& stats, Random::RandomGenerator& random) : stats_(stats), random_(random) {} // Upstream::LoadBalancer HostConstSharedPtr chooseHost(LoadBalancerContext* context) override; // Prefetch not implemented for hash based load balancing HostConstSharedPtr peekAnotherHost(LoadBalancerContext*) override { return nullptr; } ClusterStats& stats_; Random::RandomGenerator& random_; std::shared_ptr> per_priority_state_; std::shared_ptr healthy_per_priority_load_; std::shared_ptr degraded_per_priority_load_; }; struct LoadBalancerFactoryImpl : public LoadBalancerFactory { LoadBalancerFactoryImpl(ClusterStats& stats, Random::RandomGenerator& random) : stats_(stats), random_(random) {} // Upstream::LoadBalancerFactory LoadBalancerPtr create() override; ClusterStats& stats_; Random::RandomGenerator& random_; absl::Mutex mutex_; std::shared_ptr> per_priority_state_ ABSL_GUARDED_BY(mutex_); // This is split out of PerPriorityState so LoadBalancerBase::ChoosePriority can be reused. std::shared_ptr healthy_per_priority_load_ ABSL_GUARDED_BY(mutex_); std::shared_ptr degraded_per_priority_load_ ABSL_GUARDED_BY(mutex_); }; virtual HashingLoadBalancerSharedPtr createLoadBalancer(const NormalizedHostWeightVector& normalized_host_weights, double min_normalized_weight, double max_normalized_weight) PURE; void refresh(); std::shared_ptr factory_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/transport_socket_match_impl.cc ================================================ #include "common/upstream/transport_socket_match_impl.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/server/transport_socket_config.h" #include "common/config/utility.h" namespace Envoy { namespace Upstream { TransportSocketMatcherImpl::TransportSocketMatcherImpl( const Protobuf::RepeatedPtrField& socket_matches, Server::Configuration::TransportSocketFactoryContext& factory_context, Network::TransportSocketFactoryPtr& default_factory, Stats::Scope& stats_scope) : stats_scope_(stats_scope), default_match_("default", std::move(default_factory), generateStats("default")) { for (const auto& socket_match : socket_matches) { const auto& socket_config = socket_match.transport_socket(); auto& config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::UpstreamTransportSocketConfigFactory>(socket_config); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( socket_config, factory_context.messageValidationVisitor(), config_factory); FactoryMatch factory_match( socket_match.name(), config_factory.createTransportSocketFactory(*message, factory_context), generateStats(absl::StrCat(socket_match.name(), "."))); for (const auto& kv : socket_match.match().fields()) { factory_match.label_set.emplace_back(kv.first, kv.second); } matches_.emplace_back(std::move(factory_match)); } } TransportSocketMatchStats TransportSocketMatcherImpl::generateStats(const std::string& prefix) { return {ALL_TRANSPORT_SOCKET_MATCH_STATS(POOL_COUNTER_PREFIX(stats_scope_, prefix))}; } TransportSocketMatcher::MatchData TransportSocketMatcherImpl::resolve(const envoy::config::core::v3::Metadata* metadata) const { for (const auto& match : matches_) { if (Config::Metadata::metadataLabelMatch( match.label_set, metadata, Envoy::Config::MetadataFilters::get().ENVOY_TRANSPORT_SOCKET_MATCH, false)) { return MatchData(*match.factory, match.stats, match.name); } } return MatchData(*default_match_.factory, default_match_.stats, default_match_.name); } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/transport_socket_match_impl.h ================================================ #pragma once #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" #include "envoy/upstream/host_description.h" #include "envoy/upstream/upstream.h" #include "common/common/logger.h" #include "common/config/metadata.h" #include "common/config/well_known_names.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { class TransportSocketMatcherImpl : public Logger::Loggable, public TransportSocketMatcher { public: struct FactoryMatch { FactoryMatch(std::string match_name, Network::TransportSocketFactoryPtr socket_factory, TransportSocketMatchStats match_stats) : name(std::move(match_name)), factory(std::move(socket_factory)), stats(match_stats) {} const std::string name; Network::TransportSocketFactoryPtr factory; Config::Metadata::LabelSet label_set; mutable TransportSocketMatchStats stats; }; TransportSocketMatcherImpl( const Protobuf::RepeatedPtrField& socket_matches, Server::Configuration::TransportSocketFactoryContext& factory_context, Network::TransportSocketFactoryPtr& default_factory, Stats::Scope& stats_scope); MatchData resolve(const envoy::config::core::v3::Metadata* metadata) const override; protected: TransportSocketMatchStats generateStats(const std::string& prefix); Stats::Scope& stats_scope_; FactoryMatch default_match_; std::vector matches_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/upstream_impl.cc ================================================ #include "common/upstream/upstream_impl.h" #include #include #include #include #include #include #include #include "envoy/config/cluster/v3/circuit_breaker.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/network/dns.h" #include "envoy/network/transport_socket.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/filter_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/upstream/health_checker.h" #include "envoy/upstream/upstream.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/http/http1/codec_stats.h" #include "common/http/http2/codec_stats.h" #include "common/http/utility.h" #include "common/network/address_impl.h" #include "common/network/resolver_impl.h" #include "common/network/socket_option_factory.h" #include "common/network/socket_option_impl.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/router/config_utility.h" #include "common/runtime/runtime_impl.h" #include "common/upstream/eds.h" #include "common/upstream/health_checker_impl.h" #include "common/upstream/logical_dns_cluster.h" #include "common/upstream/original_dst_cluster.h" #include "server/transport_socket_config_impl.h" #include "extensions/filters/network/common/utility.h" #include "extensions/transport_sockets/well_known_names.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Upstream { namespace { const Network::Address::InstanceConstSharedPtr getSourceAddress(const envoy::config::cluster::v3::Cluster& cluster, const envoy::config::core::v3::BindConfig& bind_config) { // The source address from cluster config takes precedence. if (cluster.upstream_bind_config().has_source_address()) { return Network::Address::resolveProtoSocketAddress( cluster.upstream_bind_config().source_address()); } // If there's no source address in the cluster config, use any default from the bootstrap proto. if (bind_config.has_source_address()) { return Network::Address::resolveProtoSocketAddress(bind_config.source_address()); } return nullptr; } uint64_t parseFeatures(const envoy::config::cluster::v3::Cluster& config) { uint64_t features = 0; if (config.has_http2_protocol_options()) { features |= ClusterInfoImpl::Features::HTTP2; } if (config.protocol_selection() == envoy::config::cluster::v3::Cluster::USE_DOWNSTREAM_PROTOCOL) { features |= ClusterInfoImpl::Features::USE_DOWNSTREAM_PROTOCOL; } if (config.close_connections_on_host_health_failure()) { features |= ClusterInfoImpl::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE; } return features; } Network::TcpKeepaliveConfig parseTcpKeepaliveConfig(const envoy::config::cluster::v3::Cluster& config) { const envoy::config::core::v3::TcpKeepalive& options = config.upstream_connection_options().tcp_keepalive(); return Network::TcpKeepaliveConfig{ PROTOBUF_GET_WRAPPED_OR_DEFAULT(options, keepalive_probes, absl::optional()), PROTOBUF_GET_WRAPPED_OR_DEFAULT(options, keepalive_time, absl::optional()), PROTOBUF_GET_WRAPPED_OR_DEFAULT(options, keepalive_interval, absl::optional())}; } const Network::ConnectionSocket::OptionsSharedPtr parseClusterSocketOptions(const envoy::config::cluster::v3::Cluster& config, const envoy::config::core::v3::BindConfig bind_config) { Network::ConnectionSocket::OptionsSharedPtr cluster_options = std::make_shared(); // The process-wide `signal()` handling may fail to handle SIGPIPE if overridden // in the process (i.e., on a mobile client). Some OSes support handling it at the socket layer: if (ENVOY_SOCKET_SO_NOSIGPIPE.hasValue()) { Network::Socket::appendOptions(cluster_options, Network::SocketOptionFactory::buildSocketNoSigpipeOptions()); } // Cluster IP_FREEBIND settings, when set, will override the cluster manager wide settings. if ((bind_config.freebind().value() && !config.upstream_bind_config().has_freebind()) || config.upstream_bind_config().freebind().value()) { Network::Socket::appendOptions(cluster_options, Network::SocketOptionFactory::buildIpFreebindOptions()); } if (config.upstream_connection_options().has_tcp_keepalive()) { Network::Socket::appendOptions( cluster_options, Network::SocketOptionFactory::buildTcpKeepaliveOptions(parseTcpKeepaliveConfig(config))); } // Cluster socket_options trump cluster manager wide. if (bind_config.socket_options().size() + config.upstream_bind_config().socket_options().size() > 0) { auto socket_options = !config.upstream_bind_config().socket_options().empty() ? config.upstream_bind_config().socket_options() : bind_config.socket_options(); Network::Socket::appendOptions( cluster_options, Network::SocketOptionFactory::buildLiteralOptions(socket_options)); } if (cluster_options->empty()) { return nullptr; } return cluster_options; } ProtocolOptionsConfigConstSharedPtr createProtocolOptionsConfig(const std::string& name, const ProtobufWkt::Any& typed_config, const ProtobufWkt::Struct& config, Server::Configuration::ProtocolOptionsFactoryContext& factory_context) { Server::Configuration::ProtocolOptionsFactory* factory = Registry::FactoryRegistry::getFactory( name); if (factory == nullptr) { factory = Registry::FactoryRegistry::getFactory( name); } if (factory == nullptr) { throw EnvoyException(fmt::format( "Didn't find a registered network or http filter implementation for name: '{}'", name)); } ProtobufTypes::MessagePtr proto_config = factory->createEmptyProtocolOptionsProto(); if (proto_config == nullptr) { throw EnvoyException(fmt::format("filter {} does not support protocol options", name)); } Envoy::Config::Utility::translateOpaqueConfig( typed_config, config, factory_context.messageValidationVisitor(), *proto_config); return factory->createProtocolOptionsConfig(*proto_config, factory_context); } std::map parseExtensionProtocolOptions( const envoy::config::cluster::v3::Cluster& config, Server::Configuration::ProtocolOptionsFactoryContext& factory_context) { if (!config.typed_extension_protocol_options().empty() && !config.hidden_envoy_deprecated_extension_protocol_options().empty()) { throw EnvoyException("Only one of typed_extension_protocol_options or " "extension_protocol_options can be specified"); } std::map options; for (const auto& it : config.typed_extension_protocol_options()) { // TODO(zuercher): canonicalization may be removed when deprecated filter names are removed // We only handle deprecated network filter names here because no existing HTTP filter has // protocol options. auto& name = Extensions::NetworkFilters::Common::FilterNameUtil::canonicalFilterName(it.first); auto object = createProtocolOptionsConfig( name, it.second, ProtobufWkt::Struct::default_instance(), factory_context); if (object != nullptr) { options[name] = std::move(object); } } for (const auto& it : config.hidden_envoy_deprecated_extension_protocol_options()) { // TODO(zuercher): canonicalization may be removed when deprecated filter names are removed // We only handle deprecated network filter names here because no existing HTTP filter has // protocol options. auto& name = Extensions::NetworkFilters::Common::FilterNameUtil::canonicalFilterName(it.first); auto object = createProtocolOptionsConfig(name, ProtobufWkt::Any::default_instance(), it.second, factory_context); if (object != nullptr) { options[name] = std::move(object); } } return options; } // Updates the health flags for an existing host to match the new host. // @param updated_host the new host to read health flag values from. // @param existing_host the host to update. // @param flag the health flag to update. // @return bool whether the flag update caused the host health to change. bool updateHealthFlag(const Host& updated_host, Host& existing_host, Host::HealthFlag flag) { // Check if the health flag has changed. if (existing_host.healthFlagGet(flag) != updated_host.healthFlagGet(flag)) { // Keep track of the previous health value of the host. const auto previous_health = existing_host.health(); if (updated_host.healthFlagGet(flag)) { existing_host.healthFlagSet(flag); } else { existing_host.healthFlagClear(flag); } // Rebuild if changing the flag affected the host health. return previous_health != existing_host.health(); } return false; } // Converts a set of hosts into a HostVector, excluding certain hosts. // @param hosts hosts to convert // @param excluded_hosts hosts to exclude from the resulting vector. HostVector filterHosts(const absl::node_hash_set& hosts, const absl::node_hash_set& excluded_hosts) { HostVector net_hosts; net_hosts.reserve(hosts.size()); for (const auto& host : hosts) { if (excluded_hosts.find(host) == excluded_hosts.end()) { net_hosts.emplace_back(host); } } return net_hosts; } } // namespace HostDescriptionImpl::HostDescriptionImpl( ClusterInfoConstSharedPtr cluster, const std::string& hostname, Network::Address::InstanceConstSharedPtr dest_address, MetadataConstSharedPtr metadata, const envoy::config::core::v3::Locality& locality, const envoy::config::endpoint::v3::Endpoint::HealthCheckConfig& health_check_config, uint32_t priority) : cluster_(cluster), hostname_(hostname), health_checks_hostname_(health_check_config.hostname()), address_(dest_address), canary_(Config::Metadata::metadataValue(metadata.get(), Config::MetadataFilters::get().ENVOY_LB, Config::MetadataEnvoyLbKeys::get().CANARY) .bool_value()), metadata_(metadata), locality_(locality), locality_zone_stat_name_(locality.zone(), cluster->statsScope().symbolTable()), priority_(priority), socket_factory_(resolveTransportSocketFactory(dest_address, metadata_.get())) { if (health_check_config.port_value() != 0 && dest_address->type() != Network::Address::Type::Ip) { // Setting the health check port to non-0 only works for IP-type addresses. Setting the port // for a pipe address is a misconfiguration. Throw an exception. throw EnvoyException( fmt::format("Invalid host configuration: non-zero port for non-IP address")); } health_check_address_ = health_check_config.port_value() == 0 ? dest_address : Network::Utility::getAddressWithPort(*dest_address, health_check_config.port_value()); } Network::TransportSocketFactory& HostDescriptionImpl::resolveTransportSocketFactory( const Network::Address::InstanceConstSharedPtr& dest_address, const envoy::config::core::v3::Metadata* metadata) const { auto match = cluster_->transportSocketMatcher().resolve(metadata); match.stats_.total_match_count_.inc(); ENVOY_LOG(debug, "transport socket match, socket {} selected for host with address {}", match.name_, dest_address ? dest_address->asString() : "empty"); return match.factory_; } Host::CreateConnectionData HostImpl::createConnection( Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) const { return {createConnection(dispatcher, *cluster_, address_, socket_factory_, options, transport_socket_options), shared_from_this()}; } void HostImpl::setEdsHealthFlag(envoy::config::core::v3::HealthStatus health_status) { switch (health_status) { case envoy::config::core::v3::UNHEALTHY: FALLTHRU; case envoy::config::core::v3::DRAINING: FALLTHRU; case envoy::config::core::v3::TIMEOUT: healthFlagSet(Host::HealthFlag::FAILED_EDS_HEALTH); break; case envoy::config::core::v3::DEGRADED: healthFlagSet(Host::HealthFlag::DEGRADED_EDS_HEALTH); break; default:; break; // No health flags should be set. } } Host::CreateConnectionData HostImpl::createHealthCheckConnection( Event::Dispatcher& dispatcher, Network::TransportSocketOptionsSharedPtr transport_socket_options, const envoy::config::core::v3::Metadata* metadata) const { Network::TransportSocketFactory& factory = (metadata != nullptr) ? resolveTransportSocketFactory(healthCheckAddress(), metadata) : socket_factory_; return {createConnection(dispatcher, *cluster_, healthCheckAddress(), factory, nullptr, transport_socket_options), shared_from_this()}; } Network::ClientConnectionPtr HostImpl::createConnection(Event::Dispatcher& dispatcher, const ClusterInfo& cluster, const Network::Address::InstanceConstSharedPtr& address, Network::TransportSocketFactory& socket_factory, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) { Network::ConnectionSocket::OptionsSharedPtr connection_options; if (cluster.clusterSocketOptions() != nullptr) { if (options) { connection_options = std::make_shared(); *connection_options = *options; std::copy(cluster.clusterSocketOptions()->begin(), cluster.clusterSocketOptions()->end(), std::back_inserter(*connection_options)); } else { connection_options = cluster.clusterSocketOptions(); } } else { connection_options = options; } ASSERT(!address->envoyInternalAddress()); Network::ClientConnectionPtr connection = dispatcher.createClientConnection( address, cluster.sourceAddress(), socket_factory.createTransportSocket(std::move(transport_socket_options)), connection_options); connection->setBufferLimits(cluster.perConnectionBufferLimitBytes()); cluster.createNetworkFilterChain(*connection); return connection; } void HostImpl::weight(uint32_t new_weight) { weight_ = std::max(1U, new_weight); } std::vector HostsPerLocalityImpl::filter( const std::vector>& predicates) const { // We keep two lists: one for being able to mutate the clone and one for returning to the caller. // Creating them both at the start avoids iterating over the mutable values at the end to convert // them to a const pointer. std::vector> mutable_clones; std::vector filtered_clones; for (size_t i = 0; i < predicates.size(); ++i) { mutable_clones.emplace_back(std::make_shared()); filtered_clones.emplace_back(mutable_clones.back()); mutable_clones.back()->local_ = local_; } for (const auto& hosts_locality : hosts_per_locality_) { std::vector current_locality_hosts; current_locality_hosts.resize(predicates.size()); // Since # of hosts >> # of predicates, we iterate over the hosts in the outer loop. for (const auto& host : hosts_locality) { for (size_t i = 0; i < predicates.size(); ++i) { if (predicates[i](*host)) { current_locality_hosts[i].emplace_back(host); } } } for (size_t i = 0; i < predicates.size(); ++i) { mutable_clones[i]->hosts_per_locality_.push_back(std::move(current_locality_hosts[i])); } } return filtered_clones; } void HostSetImpl::updateHosts(PrioritySet::UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) { if (overprovisioning_factor.has_value()) { ASSERT(overprovisioning_factor.value() > 0); overprovisioning_factor_ = overprovisioning_factor.value(); } hosts_ = std::move(update_hosts_params.hosts); healthy_hosts_ = std::move(update_hosts_params.healthy_hosts); degraded_hosts_ = std::move(update_hosts_params.degraded_hosts); excluded_hosts_ = std::move(update_hosts_params.excluded_hosts); hosts_per_locality_ = std::move(update_hosts_params.hosts_per_locality); healthy_hosts_per_locality_ = std::move(update_hosts_params.healthy_hosts_per_locality); degraded_hosts_per_locality_ = std::move(update_hosts_params.degraded_hosts_per_locality); excluded_hosts_per_locality_ = std::move(update_hosts_params.excluded_hosts_per_locality); locality_weights_ = std::move(locality_weights); rebuildLocalityScheduler(healthy_locality_scheduler_, healthy_locality_entries_, *healthy_hosts_per_locality_, healthy_hosts_->get(), hosts_per_locality_, excluded_hosts_per_locality_, locality_weights_, overprovisioning_factor_); rebuildLocalityScheduler(degraded_locality_scheduler_, degraded_locality_entries_, *degraded_hosts_per_locality_, degraded_hosts_->get(), hosts_per_locality_, excluded_hosts_per_locality_, locality_weights_, overprovisioning_factor_); runUpdateCallbacks(hosts_added, hosts_removed); } void HostSetImpl::rebuildLocalityScheduler( std::unique_ptr>& locality_scheduler, std::vector>& locality_entries, const HostsPerLocality& eligible_hosts_per_locality, const HostVector& eligible_hosts, HostsPerLocalityConstSharedPtr all_hosts_per_locality, HostsPerLocalityConstSharedPtr excluded_hosts_per_locality, LocalityWeightsConstSharedPtr locality_weights, uint32_t overprovisioning_factor) { // Rebuild the locality scheduler by computing the effective weight of each // locality in this priority. The scheduler is reset by default, and is rebuilt only if we have // locality weights (i.e. using EDS) and there is at least one eligible host in this priority. // // We omit building a scheduler when there are zero eligible hosts in the priority as // all the localities will have zero effective weight. At selection time, we'll either select // from a different scheduler or there will be no available hosts in the priority. At that point // we'll rely on other mechanisms such as panic mode to select a host, none of which rely on the // scheduler. // // TODO(htuch): if the underlying locality index -> // envoy::config::core::v3::Locality hasn't changed in hosts_/healthy_hosts_/degraded_hosts_, we // could just update locality_weight_ without rebuilding. Similar to how host // level WRR works, we would age out the existing entries via picks and lazily // apply the new weights. locality_scheduler = nullptr; if (all_hosts_per_locality != nullptr && locality_weights != nullptr && !locality_weights->empty() && !eligible_hosts.empty()) { locality_scheduler = std::make_unique>(); locality_entries.clear(); for (uint32_t i = 0; i < all_hosts_per_locality->get().size(); ++i) { const double effective_weight = effectiveLocalityWeight( i, eligible_hosts_per_locality, *excluded_hosts_per_locality, *all_hosts_per_locality, *locality_weights, overprovisioning_factor); if (effective_weight > 0) { locality_entries.emplace_back(std::make_shared(i, effective_weight)); locality_scheduler->add(effective_weight, locality_entries.back()); } } // If all effective weights were zero, reset the scheduler. if (locality_scheduler->empty()) { locality_scheduler = nullptr; } } } absl::optional HostSetImpl::chooseHealthyLocality() { return chooseLocality(healthy_locality_scheduler_.get()); } absl::optional HostSetImpl::chooseDegradedLocality() { return chooseLocality(degraded_locality_scheduler_.get()); } absl::optional HostSetImpl::chooseLocality(EdfScheduler* locality_scheduler) { if (locality_scheduler == nullptr) { return {}; } const std::shared_ptr locality = locality_scheduler->pickAndAdd( [](const LocalityEntry& locality) { return locality.effective_weight_; }); // We don't build a schedule if there are no weighted localities, so we should always succeed. ASSERT(locality != nullptr); // If we picked it before, its weight must have been positive. ASSERT(locality->effective_weight_ > 0); return locality->index_; } PrioritySet::UpdateHostsParams HostSetImpl::updateHostsParams(HostVectorConstSharedPtr hosts, HostsPerLocalityConstSharedPtr hosts_per_locality, HealthyHostVectorConstSharedPtr healthy_hosts, HostsPerLocalityConstSharedPtr healthy_hosts_per_locality, DegradedHostVectorConstSharedPtr degraded_hosts, HostsPerLocalityConstSharedPtr degraded_hosts_per_locality, ExcludedHostVectorConstSharedPtr excluded_hosts, HostsPerLocalityConstSharedPtr excluded_hosts_per_locality) { return PrioritySet::UpdateHostsParams{std::move(hosts), std::move(healthy_hosts), std::move(degraded_hosts), std::move(excluded_hosts), std::move(hosts_per_locality), std::move(healthy_hosts_per_locality), std::move(degraded_hosts_per_locality), std::move(excluded_hosts_per_locality)}; } PrioritySet::UpdateHostsParams HostSetImpl::updateHostsParams(const HostSet& host_set) { return updateHostsParams(host_set.hostsPtr(), host_set.hostsPerLocalityPtr(), host_set.healthyHostsPtr(), host_set.healthyHostsPerLocalityPtr(), host_set.degradedHostsPtr(), host_set.degradedHostsPerLocalityPtr(), host_set.excludedHostsPtr(), host_set.excludedHostsPerLocalityPtr()); } PrioritySet::UpdateHostsParams HostSetImpl::partitionHosts(HostVectorConstSharedPtr hosts, HostsPerLocalityConstSharedPtr hosts_per_locality) { auto partitioned_hosts = ClusterImplBase::partitionHostList(*hosts); auto healthy_degraded_excluded_hosts_per_locality = ClusterImplBase::partitionHostsPerLocality(*hosts_per_locality); return updateHostsParams(std::move(hosts), std::move(hosts_per_locality), std::move(std::get<0>(partitioned_hosts)), std::move(std::get<0>(healthy_degraded_excluded_hosts_per_locality)), std::move(std::get<1>(partitioned_hosts)), std::move(std::get<1>(healthy_degraded_excluded_hosts_per_locality)), std::move(std::get<2>(partitioned_hosts)), std::move(std::get<2>(healthy_degraded_excluded_hosts_per_locality))); } double HostSetImpl::effectiveLocalityWeight(uint32_t index, const HostsPerLocality& eligible_hosts_per_locality, const HostsPerLocality& excluded_hosts_per_locality, const HostsPerLocality& all_hosts_per_locality, const LocalityWeights& locality_weights, uint32_t overprovisioning_factor) { const auto& locality_eligible_hosts = eligible_hosts_per_locality.get()[index]; const uint32_t excluded_count = excluded_hosts_per_locality.get().size() > index ? excluded_hosts_per_locality.get()[index].size() : 0; const auto host_count = all_hosts_per_locality.get()[index].size() - excluded_count; if (host_count == 0) { return 0.0; } const double locality_availability_ratio = 1.0 * locality_eligible_hosts.size() / host_count; const uint32_t weight = locality_weights[index]; // Availability ranges from 0-1.0, and is the ratio of eligible hosts to total hosts, modified by // the overprovisioning factor. const double effective_locality_availability_ratio = std::min(1.0, (overprovisioning_factor / 100.0) * locality_availability_ratio); return weight * effective_locality_availability_ratio; } const HostSet& PrioritySetImpl::getOrCreateHostSet(uint32_t priority, absl::optional overprovisioning_factor) { if (host_sets_.size() < priority + 1) { for (size_t i = host_sets_.size(); i <= priority; ++i) { HostSetImplPtr host_set = createHostSet(i, overprovisioning_factor); host_set->addPriorityUpdateCb([this](uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { runReferenceUpdateCallbacks(priority, hosts_added, hosts_removed); }); host_sets_.push_back(std::move(host_set)); } } return *host_sets_[priority]; } void PrioritySetImpl::updateHosts(uint32_t priority, UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) { // Ensure that we have a HostSet for the given priority. getOrCreateHostSet(priority, overprovisioning_factor); static_cast(host_sets_[priority].get()) ->updateHosts(std::move(update_hosts_params), std::move(locality_weights), hosts_added, hosts_removed, overprovisioning_factor); if (!batch_update_) { runUpdateCallbacks(hosts_added, hosts_removed); } } void PrioritySetImpl::batchHostUpdate(BatchUpdateCb& callback) { BatchUpdateScope scope(*this); // We wrap the update call with a lambda that tracks all the hosts that have been added/removed. callback.batchUpdate(scope); // Now that all the updates have been complete, we can compute the diff. HostVector net_hosts_added = filterHosts(scope.all_hosts_added_, scope.all_hosts_removed_); HostVector net_hosts_removed = filterHosts(scope.all_hosts_removed_, scope.all_hosts_added_); runUpdateCallbacks(net_hosts_added, net_hosts_removed); } void PrioritySetImpl::BatchUpdateScope::updateHosts( uint32_t priority, PrioritySet::UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) { // We assume that each call updates a different priority. ASSERT(priorities_.find(priority) == priorities_.end()); priorities_.insert(priority); for (const auto& host : hosts_added) { all_hosts_added_.insert(host); } for (const auto& host : hosts_removed) { all_hosts_removed_.insert(host); } parent_.updateHosts(priority, std::move(update_hosts_params), locality_weights, hosts_added, hosts_removed, overprovisioning_factor); } ClusterStats ClusterInfoImpl::generateStats(Stats::Scope& scope) { return {ALL_CLUSTER_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope), POOL_HISTOGRAM(scope))}; } ClusterRequestResponseSizeStats ClusterInfoImpl::generateRequestResponseSizeStats(Stats::Scope& scope) { return {ALL_CLUSTER_REQUEST_RESPONSE_SIZE_STATS(POOL_HISTOGRAM(scope))}; } ClusterLoadReportStats ClusterInfoImpl::generateLoadReportStats(Stats::Scope& scope) { return {ALL_CLUSTER_LOAD_REPORT_STATS(POOL_COUNTER(scope))}; } ClusterTimeoutBudgetStats ClusterInfoImpl::generateTimeoutBudgetStats(Stats::Scope& scope) { return {ALL_CLUSTER_TIMEOUT_BUDGET_STATS(POOL_HISTOGRAM(scope))}; } // Implements the FactoryContext interface required by network filters. class FactoryContextImpl : public Server::Configuration::CommonFactoryContext { public: // Create from a TransportSocketFactoryContext using parent stats_scope and runtime // other contexts taken from TransportSocketFactoryContext. FactoryContextImpl(Stats::Scope& stats_scope, Envoy::Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContext& c) : admin_(c.admin()), stats_scope_(stats_scope), cluster_manager_(c.clusterManager()), local_info_(c.localInfo()), dispatcher_(c.dispatcher()), runtime_(runtime), singleton_manager_(c.singletonManager()), tls_(c.threadLocal()), api_(c.api()) {} Upstream::ClusterManager& clusterManager() override { return cluster_manager_; } Event::Dispatcher& dispatcher() override { return dispatcher_; } const LocalInfo::LocalInfo& localInfo() const override { return local_info_; } Envoy::Runtime::Loader& runtime() override { return runtime_; } Stats::Scope& scope() override { return stats_scope_; } Singleton::Manager& singletonManager() override { return singleton_manager_; } ThreadLocal::SlotAllocator& threadLocal() override { return tls_; } Server::Admin& admin() override { return admin_; } TimeSource& timeSource() override { return api().timeSource(); } ProtobufMessage::ValidationContext& messageValidationContext() override { // Not used. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Api::Api& api() override { return api_; } private: Server::Admin& admin_; Stats::Scope& stats_scope_; Upstream::ClusterManager& cluster_manager_; const LocalInfo::LocalInfo& local_info_; Event::Dispatcher& dispatcher_; Envoy::Runtime::Loader& runtime_; Singleton::Manager& singleton_manager_; ThreadLocal::SlotAllocator& tls_; Api::Api& api_; }; ClusterInfoImpl::ClusterInfoImpl( const envoy::config::cluster::v3::Cluster& config, const envoy::config::core::v3::BindConfig& bind_config, Runtime::Loader& runtime, TransportSocketMatcherPtr&& socket_matcher, Stats::ScopePtr&& stats_scope, bool added_via_api, Server::Configuration::TransportSocketFactoryContext& factory_context) : runtime_(runtime), name_(config.name()), type_(config.type()), max_requests_per_connection_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_requests_per_connection, 0)), max_response_headers_count_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config.common_http_protocol_options(), max_headers_count, runtime_.snapshot().getInteger(Http::MaxResponseHeadersCountOverrideKey, Http::DEFAULT_MAX_HEADERS_COUNT))), connect_timeout_( std::chrono::milliseconds(PROTOBUF_GET_MS_REQUIRED(config, connect_timeout))), per_upstream_prefetch_ratio_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config.prefetch_policy(), per_upstream_prefetch_ratio, 1.0)), peekahead_ratio_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.prefetch_policy(), predictive_prefetch_ratio, 0)), per_connection_buffer_limit_bytes_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, per_connection_buffer_limit_bytes, 1024 * 1024)), socket_matcher_(std::move(socket_matcher)), stats_scope_(std::move(stats_scope)), stats_(generateStats(*stats_scope_)), load_report_stats_store_(stats_scope_->symbolTable()), load_report_stats_(generateLoadReportStats(load_report_stats_store_)), optional_cluster_stats_((config.has_track_cluster_stats() || config.track_timeout_budgets()) ? std::make_unique(config, *stats_scope_) : nullptr), features_(parseFeatures(config)), http1_settings_(Http::Utility::parseHttp1Settings(config.http_protocol_options())), http2_options_(Http2::Utility::initializeAndValidateOptions(config.http2_protocol_options())), common_http_protocol_options_(config.common_http_protocol_options()), extension_protocol_options_(parseExtensionProtocolOptions(config, factory_context)), resource_managers_(config, runtime, name_, *stats_scope_), maintenance_mode_runtime_key_(absl::StrCat("upstream.maintenance_mode.", name_)), source_address_(getSourceAddress(config, bind_config)), lb_least_request_config_(config.least_request_lb_config()), lb_ring_hash_config_(config.ring_hash_lb_config()), lb_maglev_config_(config.maglev_lb_config()), lb_original_dst_config_(config.original_dst_lb_config()), upstream_config_(config.has_upstream_config() ? absl::make_optional( config.upstream_config()) : absl::nullopt), added_via_api_(added_via_api), lb_subset_(LoadBalancerSubsetInfoImpl(config.lb_subset_config())), metadata_(config.metadata()), typed_metadata_(config.metadata()), common_lb_config_(config.common_lb_config()), cluster_socket_options_(parseClusterSocketOptions(config, bind_config)), drain_connections_on_host_removal_(config.ignore_health_on_host_removal()), connection_pool_per_downstream_connection_( config.connection_pool_per_downstream_connection()), warm_hosts_(!config.health_checks().empty() && common_lb_config_.ignore_new_hosts_until_first_hc()), upstream_http_protocol_options_( config.has_upstream_http_protocol_options() ? absl::make_optional( config.upstream_http_protocol_options()) : absl::nullopt), cluster_type_( config.has_cluster_type() ? absl::make_optional( config.cluster_type()) : absl::nullopt), factory_context_( std::make_unique(*stats_scope_, runtime, factory_context)) { switch (config.lb_policy()) { case envoy::config::cluster::v3::Cluster::ROUND_ROBIN: lb_type_ = LoadBalancerType::RoundRobin; break; case envoy::config::cluster::v3::Cluster::LEAST_REQUEST: lb_type_ = LoadBalancerType::LeastRequest; break; case envoy::config::cluster::v3::Cluster::RANDOM: lb_type_ = LoadBalancerType::Random; break; case envoy::config::cluster::v3::Cluster::RING_HASH: lb_type_ = LoadBalancerType::RingHash; break; case envoy::config::cluster::v3::Cluster::hidden_envoy_deprecated_ORIGINAL_DST_LB: if (config.type() != envoy::config::cluster::v3::Cluster::ORIGINAL_DST) { throw EnvoyException( fmt::format("cluster: LB policy {} is not valid for Cluster type {}. 'ORIGINAL_DST_LB' " "is allowed only with cluster type 'ORIGINAL_DST'", envoy::config::cluster::v3::Cluster::LbPolicy_Name(config.lb_policy()), envoy::config::cluster::v3::Cluster::DiscoveryType_Name(config.type()))); } if (config.has_lb_subset_config()) { throw EnvoyException( fmt::format("cluster: LB policy {} cannot be combined with lb_subset_config", envoy::config::cluster::v3::Cluster::LbPolicy_Name(config.lb_policy()))); } lb_type_ = LoadBalancerType::ClusterProvided; break; case envoy::config::cluster::v3::Cluster::MAGLEV: lb_type_ = LoadBalancerType::Maglev; break; case envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED: if (config.has_lb_subset_config()) { throw EnvoyException( fmt::format("cluster: LB policy {} cannot be combined with lb_subset_config", envoy::config::cluster::v3::Cluster::LbPolicy_Name(config.lb_policy()))); } lb_type_ = LoadBalancerType::ClusterProvided; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } if (config.lb_subset_config().locality_weight_aware() && !config.common_lb_config().has_locality_weighted_lb_config()) { throw EnvoyException(fmt::format( "Locality weight aware subset LB requires that a locality_weighted_lb_config be set in {}", name_)); } if (config.protocol_selection() == envoy::config::cluster::v3::Cluster::USE_CONFIGURED_PROTOCOL) { // Make sure multiple protocol configurations are not present if (config.has_http_protocol_options() && config.has_http2_protocol_options()) { throw EnvoyException(fmt::format("cluster: Both HTTP1 and HTTP2 options may only be " "configured with non-default 'protocol_selection' values")); } } if (config.common_http_protocol_options().has_idle_timeout()) { idle_timeout_ = std::chrono::milliseconds( DurationUtil::durationToMilliseconds(config.common_http_protocol_options().idle_timeout())); if (idle_timeout_.value().count() == 0) { idle_timeout_ = absl::nullopt; } } else { idle_timeout_ = std::chrono::hours(1); } if (config.has_eds_cluster_config()) { if (config.type() != envoy::config::cluster::v3::Cluster::EDS) { throw EnvoyException("eds_cluster_config set in a non-EDS cluster"); } eds_service_name_ = config.eds_cluster_config().service_name(); } // TODO(htuch): Remove this temporary workaround when we have // https://github.com/envoyproxy/protoc-gen-validate/issues/97 resolved. This just provides // early validation of sanity of fields that we should catch at config ingestion. DurationUtil::durationToMilliseconds(common_lb_config_.update_merge_window()); // Create upstream filter factories auto filters = config.filters(); for (ssize_t i = 0; i < filters.size(); i++) { const auto& proto_config = filters[i]; ENVOY_LOG(debug, " upstream filter #{}:", i); ENVOY_LOG(debug, " name: {}", proto_config.name()); auto& factory = Config::Utility::getAndCheckFactory< Server::Configuration::NamedUpstreamNetworkFilterConfigFactory>(proto_config); auto message = factory.createEmptyConfigProto(); Config::Utility::translateOpaqueConfig(proto_config.typed_config(), ProtobufWkt::Struct(), factory_context.messageValidationVisitor(), *message); Network::FilterFactoryCb callback = factory.createFilterFactoryFromProto(*message, *factory_context_); filter_factories_.push_back(callback); } } ProtocolOptionsConfigConstSharedPtr ClusterInfoImpl::extensionProtocolOptions(const std::string& name) const { auto i = extension_protocol_options_.find(name); if (i != extension_protocol_options_.end()) { return i->second; } return nullptr; } Network::TransportSocketFactoryPtr createTransportSocketFactory( const envoy::config::cluster::v3::Cluster& config, Server::Configuration::TransportSocketFactoryContext& factory_context) { // If the cluster config doesn't have a transport socket configured, override with the default // transport socket implementation based on the tls_context. We copy by value first then override // if necessary. auto transport_socket = config.transport_socket(); if (!config.has_transport_socket()) { if (config.has_hidden_envoy_deprecated_tls_context()) { transport_socket.set_name(Extensions::TransportSockets::TransportSocketNames::get().Tls); transport_socket.mutable_typed_config()->PackFrom( config.hidden_envoy_deprecated_tls_context()); } else { transport_socket.set_name( Extensions::TransportSockets::TransportSocketNames::get().RawBuffer); } } auto& config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::UpstreamTransportSocketConfigFactory>(transport_socket); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( transport_socket, factory_context.messageValidationVisitor(), config_factory); return config_factory.createTransportSocketFactory(*message, factory_context); } void ClusterInfoImpl::createNetworkFilterChain(Network::Connection& connection) const { for (const auto& factory : filter_factories_) { factory(connection); } } Http::Protocol ClusterInfoImpl::upstreamHttpProtocol(absl::optional downstream_protocol) const { if (downstream_protocol.has_value() && features_ & Upstream::ClusterInfo::Features::USE_DOWNSTREAM_PROTOCOL) { return downstream_protocol.value(); } else { return (features_ & Upstream::ClusterInfo::Features::HTTP2) ? Http::Protocol::Http2 : Http::Protocol::Http11; } } ClusterImplBase::ClusterImplBase( const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : init_manager_(fmt::format("Cluster {}", cluster.name())), init_watcher_("ClusterImplBase", [this]() { onInitDone(); }), runtime_(runtime), local_cluster_(factory_context.clusterManager().localClusterName().value_or("") == cluster.name()), const_metadata_shared_pool_(Config::Metadata::getConstMetadataSharedPool( factory_context.singletonManager(), factory_context.dispatcher())) { factory_context.setInitManager(init_manager_); auto socket_factory = createTransportSocketFactory(cluster, factory_context); auto socket_matcher = std::make_unique( cluster.transport_socket_matches(), factory_context, socket_factory, *stats_scope); info_ = std::make_unique(cluster, factory_context.clusterManager().bindConfig(), runtime, std::move(socket_matcher), std::move(stats_scope), added_via_api, factory_context); // Create the default (empty) priority set before registering callbacks to // avoid getting an update the first time it is accessed. priority_set_.getOrCreateHostSet(0); priority_set_.addPriorityUpdateCb( [this](uint32_t, const HostVector& hosts_added, const HostVector& hosts_removed) { if (!hosts_added.empty() || !hosts_removed.empty()) { info_->stats().membership_change_.inc(); } uint32_t healthy_hosts = 0; uint32_t degraded_hosts = 0; uint32_t excluded_hosts = 0; uint32_t hosts = 0; for (const auto& host_set : prioritySet().hostSetsPerPriority()) { hosts += host_set->hosts().size(); healthy_hosts += host_set->healthyHosts().size(); degraded_hosts += host_set->degradedHosts().size(); excluded_hosts += host_set->excludedHosts().size(); } info_->stats().membership_total_.set(hosts); info_->stats().membership_healthy_.set(healthy_hosts); info_->stats().membership_degraded_.set(degraded_hosts); info_->stats().membership_excluded_.set(excluded_hosts); }); } std::tuple ClusterImplBase::partitionHostList(const HostVector& hosts) { auto healthy_list = std::make_shared(); auto degraded_list = std::make_shared(); auto excluded_list = std::make_shared(); for (const auto& host : hosts) { if (host->health() == Host::Health::Healthy) { healthy_list->get().emplace_back(host); } if (host->health() == Host::Health::Degraded) { degraded_list->get().emplace_back(host); } if (host->healthFlagGet(Host::HealthFlag::PENDING_ACTIVE_HC)) { excluded_list->get().emplace_back(host); } } return std::make_tuple(healthy_list, degraded_list, excluded_list); } std::tuple ClusterImplBase::partitionHostsPerLocality(const HostsPerLocality& hosts) { auto filtered_clones = hosts.filter( {[](const Host& host) { return host.health() == Host::Health::Healthy; }, [](const Host& host) { return host.health() == Host::Health::Degraded; }, [](const Host& host) { return host.healthFlagGet(Host::HealthFlag::PENDING_ACTIVE_HC); }}); return std::make_tuple(std::move(filtered_clones[0]), std::move(filtered_clones[1]), std::move(filtered_clones[2])); } bool ClusterInfoImpl::maintenanceMode() const { return runtime_.snapshot().featureEnabled(maintenance_mode_runtime_key_, 0); } ResourceManager& ClusterInfoImpl::resourceManager(ResourcePriority priority) const { ASSERT(enumToInt(priority) < resource_managers_.managers_.size()); return *resource_managers_.managers_[enumToInt(priority)]; } void ClusterImplBase::initialize(std::function callback) { ASSERT(!initialization_started_); ASSERT(initialization_complete_callback_ == nullptr); initialization_complete_callback_ = callback; startPreInit(); } void ClusterImplBase::onPreInitComplete() { // Protect against multiple calls. if (initialization_started_) { return; } initialization_started_ = true; ENVOY_LOG(debug, "initializing {} cluster {} completed", initializePhase() == InitializePhase::Primary ? "Primary" : "Secondary", info()->name()); init_manager_.initialize(init_watcher_); } void ClusterImplBase::onInitDone() { if (health_checker_ && pending_initialize_health_checks_ == 0) { for (auto& host_set : prioritySet().hostSetsPerPriority()) { pending_initialize_health_checks_ += host_set->hosts().size(); } // TODO(mattklein123): Remove this callback when done. health_checker_->addHostCheckCompleteCb([this](HostSharedPtr, HealthTransition) -> void { if (pending_initialize_health_checks_ > 0 && --pending_initialize_health_checks_ == 0) { finishInitialization(); } }); } if (pending_initialize_health_checks_ == 0) { finishInitialization(); } } void ClusterImplBase::finishInitialization() { ASSERT(initialization_complete_callback_ != nullptr); ASSERT(initialization_started_); // Snap a copy of the completion callback so that we can set it to nullptr to unblock // reloadHealthyHosts(). See that function for more info on why we do this. auto snapped_callback = initialization_complete_callback_; initialization_complete_callback_ = nullptr; if (health_checker_ != nullptr) { reloadHealthyHosts(nullptr); } if (snapped_callback != nullptr) { snapped_callback(); } } void ClusterImplBase::setHealthChecker(const HealthCheckerSharedPtr& health_checker) { ASSERT(!health_checker_); health_checker_ = health_checker; health_checker_->start(); health_checker_->addHostCheckCompleteCb( [this](const HostSharedPtr& host, HealthTransition changed_state) -> void { // If we get a health check completion that resulted in a state change, signal to // update the host sets on all threads. if (changed_state == HealthTransition::Changed) { reloadHealthyHosts(host); } }); } void ClusterImplBase::setOutlierDetector(const Outlier::DetectorSharedPtr& outlier_detector) { if (!outlier_detector) { return; } outlier_detector_ = outlier_detector; outlier_detector_->addChangedStateCb( [this](const HostSharedPtr& host) -> void { reloadHealthyHosts(host); }); } void ClusterImplBase::reloadHealthyHosts(const HostSharedPtr& host) { // Every time a host changes Health Check state we cause a full healthy host recalculation which // for expensive LBs (ring, subset, etc.) can be quite time consuming. During startup, this // can also block worker threads by doing this repeatedly. There is no reason to do this // as we will not start taking traffic until we are initialized. By blocking Health Check updates // while initializing we can avoid this. if (initialization_complete_callback_ != nullptr) { return; } reloadHealthyHostsHelper(host); } void ClusterImplBase::reloadHealthyHostsHelper(const HostSharedPtr&) { const auto& host_sets = prioritySet().hostSetsPerPriority(); for (size_t priority = 0; priority < host_sets.size(); ++priority) { const auto& host_set = host_sets[priority]; // TODO(htuch): Can we skip these copies by exporting out const shared_ptr from HostSet? HostVectorConstSharedPtr hosts_copy(new HostVector(host_set->hosts())); HostsPerLocalityConstSharedPtr hosts_per_locality_copy = host_set->hostsPerLocality().clone(); prioritySet().updateHosts(priority, HostSetImpl::partitionHosts(hosts_copy, hosts_per_locality_copy), host_set->localityWeights(), {}, {}, absl::nullopt); } } const Network::Address::InstanceConstSharedPtr ClusterImplBase::resolveProtoAddress(const envoy::config::core::v3::Address& address) { try { return Network::Address::resolveProtoAddress(address); } catch (EnvoyException& e) { if (info_->type() == envoy::config::cluster::v3::Cluster::STATIC || info_->type() == envoy::config::cluster::v3::Cluster::EDS) { throw EnvoyException(fmt::format("{}. Consider setting resolver_name or setting cluster type " "to 'STRICT_DNS' or 'LOGICAL_DNS'", e.what())); } throw e; } } void ClusterImplBase::validateEndpointsForZoneAwareRouting( const envoy::config::endpoint::v3::LocalityLbEndpoints& endpoints) const { if (local_cluster_ && endpoints.priority() > 0) { throw EnvoyException( fmt::format("Unexpected non-zero priority for local cluster '{}'.", info()->name())); } } ClusterInfoImpl::OptionalClusterStats::OptionalClusterStats( const envoy::config::cluster::v3::Cluster& config, Stats::Scope& stats_scope) : timeout_budget_stats_( (config.track_cluster_stats().timeout_budgets() || config.track_timeout_budgets()) ? std::make_unique(generateTimeoutBudgetStats(stats_scope)) : nullptr), request_response_size_stats_(config.track_cluster_stats().request_response_sizes() ? std::make_unique( generateRequestResponseSizeStats(stats_scope)) : nullptr) {} ClusterInfoImpl::ResourceManagers::ResourceManagers( const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, const std::string& cluster_name, Stats::Scope& stats_scope) { managers_[enumToInt(ResourcePriority::Default)] = load(config, runtime, cluster_name, stats_scope, envoy::config::core::v3::DEFAULT); managers_[enumToInt(ResourcePriority::High)] = load(config, runtime, cluster_name, stats_scope, envoy::config::core::v3::HIGH); } ClusterCircuitBreakersStats ClusterInfoImpl::generateCircuitBreakersStats(Stats::Scope& scope, const std::string& stat_prefix, bool track_remaining) { std::string prefix(fmt::format("circuit_breakers.{}.", stat_prefix)); if (track_remaining) { return {ALL_CLUSTER_CIRCUIT_BREAKERS_STATS(POOL_GAUGE_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix))}; } else { return {ALL_CLUSTER_CIRCUIT_BREAKERS_STATS(POOL_GAUGE_PREFIX(scope, prefix), NULL_POOL_GAUGE(scope))}; } } Http::Http1::CodecStats& ClusterInfoImpl::http1CodecStats() const { return Http::Http1::CodecStats::atomicGet(http1_codec_stats_, *stats_scope_); } Http::Http2::CodecStats& ClusterInfoImpl::http2CodecStats() const { return Http::Http2::CodecStats::atomicGet(http2_codec_stats_, *stats_scope_); } ResourceManagerImplPtr ClusterInfoImpl::ResourceManagers::load(const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, const std::string& cluster_name, Stats::Scope& stats_scope, const envoy::config::core::v3::RoutingPriority& priority) { uint64_t max_connections = 1024; uint64_t max_pending_requests = 1024; uint64_t max_requests = 1024; uint64_t max_retries = 3; uint64_t max_connection_pools = std::numeric_limits::max(); bool track_remaining = false; std::string priority_name; switch (priority) { case envoy::config::core::v3::DEFAULT: priority_name = "default"; break; case envoy::config::core::v3::HIGH: priority_name = "high"; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } const std::string runtime_prefix = fmt::format("circuit_breakers.{}.{}.", cluster_name, priority_name); const auto& thresholds = config.circuit_breakers().thresholds(); const auto it = std::find_if( thresholds.cbegin(), thresholds.cend(), [priority](const envoy::config::cluster::v3::CircuitBreakers::Thresholds& threshold) { return threshold.priority() == priority; }); absl::optional budget_percent; absl::optional min_retry_concurrency; if (it != thresholds.cend()) { max_connections = PROTOBUF_GET_WRAPPED_OR_DEFAULT(*it, max_connections, max_connections); max_pending_requests = PROTOBUF_GET_WRAPPED_OR_DEFAULT(*it, max_pending_requests, max_pending_requests); max_requests = PROTOBUF_GET_WRAPPED_OR_DEFAULT(*it, max_requests, max_requests); max_retries = PROTOBUF_GET_WRAPPED_OR_DEFAULT(*it, max_retries, max_retries); track_remaining = it->track_remaining(); max_connection_pools = PROTOBUF_GET_WRAPPED_OR_DEFAULT(*it, max_connection_pools, max_connection_pools); if (it->has_retry_budget()) { // The budget_percent and min_retry_concurrency values do not set defaults like the other // members of the 'threshold' message, because the behavior of the retry circuit breaker // changes depending on whether it has been configured. Therefore, it's necessary to manually // check if the threshold message has a retry budget configured and only set the values if so. budget_percent = it->retry_budget().has_budget_percent() ? PROTOBUF_GET_WRAPPED_REQUIRED(it->retry_budget(), budget_percent) : budget_percent; min_retry_concurrency = it->retry_budget().has_min_retry_concurrency() ? PROTOBUF_GET_WRAPPED_REQUIRED(it->retry_budget(), min_retry_concurrency) : min_retry_concurrency; } } return std::make_unique( runtime, runtime_prefix, max_connections, max_pending_requests, max_requests, max_retries, max_connection_pools, ClusterInfoImpl::generateCircuitBreakersStats(stats_scope, priority_name, track_remaining), budget_percent, min_retry_concurrency); } PriorityStateManager::PriorityStateManager(ClusterImplBase& cluster, const LocalInfo::LocalInfo& local_info, PrioritySet::HostUpdateCb* update_cb) : parent_(cluster), local_info_node_(local_info.node()), update_cb_(update_cb) {} void PriorityStateManager::initializePriorityFor( const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint) { const uint32_t priority = locality_lb_endpoint.priority(); if (priority_state_.size() <= priority) { priority_state_.resize(priority + 1); } if (priority_state_[priority].first == nullptr) { priority_state_[priority].first = std::make_unique(); } if (locality_lb_endpoint.has_locality() && locality_lb_endpoint.has_load_balancing_weight()) { priority_state_[priority].second[locality_lb_endpoint.locality()] = locality_lb_endpoint.load_balancing_weight().value(); } } void PriorityStateManager::registerHostForPriority( const std::string& hostname, Network::Address::InstanceConstSharedPtr address, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint) { auto metadata = lb_endpoint.has_metadata() ? parent_.constMetadataSharedPool()->getObject(lb_endpoint.metadata()) : nullptr; const HostSharedPtr host(new HostImpl( parent_.info(), hostname, address, metadata, lb_endpoint.load_balancing_weight().value(), locality_lb_endpoint.locality(), lb_endpoint.endpoint().health_check_config(), locality_lb_endpoint.priority(), lb_endpoint.health_status())); registerHostForPriority(host, locality_lb_endpoint); } void PriorityStateManager::registerHostForPriority( const HostSharedPtr& host, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint) { const uint32_t priority = locality_lb_endpoint.priority(); // Should be called after initializePriorityFor. ASSERT(priority_state_[priority].first); priority_state_[priority].first->emplace_back(host); } void PriorityStateManager::updateClusterPrioritySet( const uint32_t priority, HostVectorSharedPtr&& current_hosts, const absl::optional& hosts_added, const absl::optional& hosts_removed, const absl::optional health_checker_flag, absl::optional overprovisioning_factor) { // If local locality is not defined then skip populating per locality hosts. const auto& local_locality = local_info_node_.locality(); ENVOY_LOG(trace, "Local locality: {}", local_locality.DebugString()); // For non-EDS, most likely the current hosts are from priority_state_[priority].first. HostVectorSharedPtr hosts(std::move(current_hosts)); LocalityWeightsMap empty_locality_map; LocalityWeightsMap& locality_weights_map = priority_state_.size() > priority ? priority_state_[priority].second : empty_locality_map; ASSERT(priority_state_.size() > priority || locality_weights_map.empty()); LocalityWeightsSharedPtr locality_weights; std::vector per_locality; // If we are configured for locality weighted LB we populate the locality weights. const bool locality_weighted_lb = parent_.info()->lbConfig().has_locality_weighted_lb_config(); if (locality_weighted_lb) { locality_weights = std::make_shared(); } // We use std::map to guarantee a stable ordering for zone aware routing. std::map hosts_per_locality; for (const HostSharedPtr& host : *hosts) { // Take into consideration when a non-EDS cluster has active health checking, i.e. to mark all // the hosts unhealthy (host->healthFlagSet(Host::HealthFlag::FAILED_ACTIVE_HC)) and then fire // update callbacks to start the health checking process. if (health_checker_flag.has_value()) { host->healthFlagSet(health_checker_flag.value()); } hosts_per_locality[host->locality()].push_back(host); } // Do we have hosts for the local locality? const bool non_empty_local_locality = local_info_node_.has_locality() && hosts_per_locality.find(local_locality) != hosts_per_locality.end(); // As per HostsPerLocality::get(), the per_locality vector must have the local locality hosts // first if non_empty_local_locality. if (non_empty_local_locality) { per_locality.emplace_back(hosts_per_locality[local_locality]); if (locality_weighted_lb) { locality_weights->emplace_back(locality_weights_map[local_locality]); } } // After the local locality hosts (if any), we place the remaining locality host groups in // lexicographic order. This provides a stable ordering for zone aware routing. for (auto& entry : hosts_per_locality) { if (!non_empty_local_locality || !LocalityEqualTo()(local_locality, entry.first)) { per_locality.emplace_back(entry.second); if (locality_weighted_lb) { locality_weights->emplace_back(locality_weights_map[entry.first]); } } } auto per_locality_shared = std::make_shared(std::move(per_locality), non_empty_local_locality); // If a batch update callback was provided, use that. Otherwise directly update // the PrioritySet. if (update_cb_ != nullptr) { update_cb_->updateHosts(priority, HostSetImpl::partitionHosts(hosts, per_locality_shared), std::move(locality_weights), hosts_added.value_or(*hosts), hosts_removed.value_or({}), overprovisioning_factor); } else { parent_.prioritySet().updateHosts( priority, HostSetImpl::partitionHosts(hosts, per_locality_shared), std::move(locality_weights), hosts_added.value_or(*hosts), hosts_removed.value_or({}), overprovisioning_factor); } } bool BaseDynamicClusterImpl::updateDynamicHostList(const HostVector& new_hosts, HostVector& current_priority_hosts, HostVector& hosts_added_to_current_priority, HostVector& hosts_removed_from_current_priority, HostMap& updated_hosts, const HostMap& all_hosts) { uint64_t max_host_weight = 1; // Did hosts change? // // Has the EDS health status changed the health of any endpoint? If so, we // rebuild the hosts vectors. We only do this if the health status of an // endpoint has materially changed (e.g. if previously failing active health // checks, we just note it's now failing EDS health status but don't rebuild). // // Likewise, if metadata for an endpoint changed we rebuild the hosts vectors. // // TODO(htuch): We can be smarter about this potentially, and not force a full // host set update on health status change. The way this would work is to // implement a HealthChecker subclass that provides thread local health // updates to the Cluster object. This will probably make sense to do in // conjunction with https://github.com/envoyproxy/envoy/issues/2874. bool hosts_changed = false; // Go through and see if the list we have is different from what we just got. If it is, we make a // new host list and raise a change notification. We also check for duplicates here. It's // possible for DNS to return the same address multiple times, and a bad EDS implementation could // do the same thing. // Keep track of hosts we see in new_hosts that we are able to match up with an existing host. absl::node_hash_set existing_hosts_for_current_priority( current_priority_hosts.size()); HostVector final_hosts; for (const HostSharedPtr& host : new_hosts) { if (updated_hosts.count(host->address()->asString())) { continue; } // To match a new host with an existing host means comparing their addresses. auto existing_host = all_hosts.find(host->address()->asString()); const bool existing_host_found = existing_host != all_hosts.end(); // Clear any pending deletion flag on an existing host in case it came back while it was // being stabilized. We will set it again below if needed. if (existing_host_found) { existing_host->second->healthFlagClear(Host::HealthFlag::PENDING_DYNAMIC_REMOVAL); } // Check if in-place host update should be skipped, i.e. when the following criteria are met // (currently there is only one criterion, but we might add more in the future): // - The cluster health checker is activated and a new host is matched with the existing one, // but the health check address is different. const bool skip_inplace_host_update = health_checker_ != nullptr && existing_host_found && *existing_host->second->healthCheckAddress() != *host->healthCheckAddress(); // When there is a match and we decided to do in-place update, we potentially update the host's // health check flag and metadata. Afterwards, the host is pushed back into the final_hosts, // i.e. hosts that should be preserved in the current priority. if (existing_host_found && !skip_inplace_host_update) { existing_hosts_for_current_priority.emplace(existing_host->first); // If we find a host matched based on address, we keep it. However we do change weight inline // so do that here. if (host->weight() > max_host_weight) { max_host_weight = host->weight(); } hosts_changed |= updateHealthFlag(*host, *existing_host->second, Host::HealthFlag::FAILED_EDS_HEALTH); hosts_changed |= updateHealthFlag(*host, *existing_host->second, Host::HealthFlag::DEGRADED_EDS_HEALTH); // Did metadata change? bool metadata_changed = true; if (host->metadata() && existing_host->second->metadata()) { metadata_changed = !Protobuf::util::MessageDifferencer::Equivalent( *host->metadata(), *existing_host->second->metadata()); } else if (!host->metadata() && !existing_host->second->metadata()) { metadata_changed = false; } if (metadata_changed) { // First, update the entire metadata for the endpoint. existing_host->second->metadata(host->metadata()); // Also, given that the canary attribute of an endpoint is derived from its metadata // (e.g.: from envoy.lb/canary), we do a blind update here since it's cheaper than testing // to see if it actually changed. We must update this besides just updating the metadata, // because it'll be used by the router filter to compute upstream stats. existing_host->second->canary(host->canary()); // If metadata changed, we need to rebuild. See github issue #3810. hosts_changed = true; } // Did the priority change? if (host->priority() != existing_host->second->priority()) { existing_host->second->priority(host->priority()); hosts_added_to_current_priority.emplace_back(existing_host->second); } existing_host->second->weight(host->weight()); final_hosts.push_back(existing_host->second); updated_hosts[existing_host->second->address()->asString()] = existing_host->second; } else { if (host->weight() > max_host_weight) { max_host_weight = host->weight(); } // If we are depending on a health checker, we initialize to unhealthy. if (health_checker_ != nullptr) { host->healthFlagSet(Host::HealthFlag::FAILED_ACTIVE_HC); // If we want to exclude hosts until they have been health checked, mark them with // a flag to indicate that they have not been health checked yet. if (info_->warmHosts()) { host->healthFlagSet(Host::HealthFlag::PENDING_ACTIVE_HC); } } updated_hosts[host->address()->asString()] = host; final_hosts.push_back(host); hosts_added_to_current_priority.push_back(host); } } // Remove hosts from current_priority_hosts that were matched to an existing host in the previous // loop. auto erase_from = std::remove_if(current_priority_hosts.begin(), current_priority_hosts.end(), [&existing_hosts_for_current_priority](const HostSharedPtr& p) { auto existing_itr = existing_hosts_for_current_priority.find(p->address()->asString()); if (existing_itr != existing_hosts_for_current_priority.end()) { existing_hosts_for_current_priority.erase(existing_itr); return true; } return false; }); current_priority_hosts.erase(erase_from, current_priority_hosts.end()); // If we saw existing hosts during this iteration from a different priority, then we've moved // a host from another priority into this one, so we should mark the priority as having changed. if (!existing_hosts_for_current_priority.empty()) { hosts_changed = true; } // The remaining hosts are hosts that are not referenced in the config update. We remove them from // the priority if any of the following is true: // - Active health checking is not enabled. // - The removed hosts are failing active health checking OR have been explicitly marked as // unhealthy by a previous EDS update. We do not count outlier as a reason to remove a host // or any other future health condition that may be added so we do not use the health() API. // - We have explicitly configured the cluster to remove hosts regardless of active health status. const bool dont_remove_healthy_hosts = health_checker_ != nullptr && !info()->drainConnectionsOnHostRemoval(); if (!current_priority_hosts.empty() && dont_remove_healthy_hosts) { erase_from = std::remove_if(current_priority_hosts.begin(), current_priority_hosts.end(), [&updated_hosts, &final_hosts, &max_host_weight](const HostSharedPtr& p) { if (!(p->healthFlagGet(Host::HealthFlag::FAILED_ACTIVE_HC) || p->healthFlagGet(Host::HealthFlag::FAILED_EDS_HEALTH))) { if (p->weight() > max_host_weight) { max_host_weight = p->weight(); } final_hosts.push_back(p); updated_hosts[p->address()->asString()] = p; p->healthFlagSet(Host::HealthFlag::PENDING_DYNAMIC_REMOVAL); return true; } return false; }); current_priority_hosts.erase(erase_from, current_priority_hosts.end()); } // At this point we've accounted for all the new hosts as well the hosts that previously // existed in this priority. info_->stats().max_host_weight_.set(max_host_weight); // Whatever remains in current_priority_hosts should be removed. if (!hosts_added_to_current_priority.empty() || !current_priority_hosts.empty()) { hosts_removed_from_current_priority = std::move(current_priority_hosts); hosts_changed = true; } // During the update we populated final_hosts with all the hosts that should remain // in the current priority, so move them back into current_priority_hosts. current_priority_hosts = std::move(final_hosts); // We return false here in the absence of EDS health status or metadata changes, because we // have no changes to host vector status (modulo weights). When we have EDS // health status or metadata changed, we return true, causing updateHosts() to fire in the // caller. return hosts_changed; } Network::DnsLookupFamily getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster) { return getDnsLookupFamilyFromEnum(cluster.dns_lookup_family()); } Network::DnsLookupFamily getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) { switch (family) { case envoy::config::cluster::v3::Cluster::V6_ONLY: return Network::DnsLookupFamily::V6Only; case envoy::config::cluster::v3::Cluster::V4_ONLY: return Network::DnsLookupFamily::V4Only; case envoy::config::cluster::v3::Cluster::AUTO: return Network::DnsLookupFamily::Auto; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void reportUpstreamCxDestroy(const Upstream::HostDescriptionConstSharedPtr& host, Network::ConnectionEvent event) { host->cluster().stats().upstream_cx_destroy_.inc(); if (event == Network::ConnectionEvent::RemoteClose) { host->cluster().stats().upstream_cx_destroy_remote_.inc(); } else { host->cluster().stats().upstream_cx_destroy_local_.inc(); } } void reportUpstreamCxDestroyActiveRequest(const Upstream::HostDescriptionConstSharedPtr& host, Network::ConnectionEvent event) { host->cluster().stats().upstream_cx_destroy_with_active_rq_.inc(); if (event == Network::ConnectionEvent::RemoteClose) { host->cluster().stats().upstream_cx_destroy_remote_with_active_rq_.inc(); } else { host->cluster().stats().upstream_cx_destroy_local_with_active_rq_.inc(); } } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/upstream/upstream_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include #include #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/event/timer.h" #include "envoy/local_info/local_info.h" #include "envoy/network/dns.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/filter_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/health_checker.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" #include "common/common/callback_impl.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/config/metadata.h" #include "common/config/well_known_names.h" #include "common/http/http1/codec_stats.h" #include "common/http/http2/codec_stats.h" #include "common/init/manager_impl.h" #include "common/network/utility.h" #include "common/shared_pool/shared_pool.h" #include "common/stats/isolated_store_impl.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/outlier_detection_impl.h" #include "common/upstream/resource_manager_impl.h" #include "common/upstream/transport_socket_match_impl.h" #include "server/transport_socket_config_impl.h" #include "absl/container/node_hash_set.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Upstream { /** * Null implementation of HealthCheckHostMonitor. */ class HealthCheckHostMonitorNullImpl : public HealthCheckHostMonitor { public: // Upstream::HealthCheckHostMonitor void setUnhealthy() override {} }; /** * Implementation of Upstream::HostDescription. */ class HostDescriptionImpl : virtual public HostDescription, protected Logger::Loggable { public: HostDescriptionImpl( ClusterInfoConstSharedPtr cluster, const std::string& hostname, Network::Address::InstanceConstSharedPtr dest_address, MetadataConstSharedPtr metadata, const envoy::config::core::v3::Locality& locality, const envoy::config::endpoint::v3::Endpoint::HealthCheckConfig& health_check_config, uint32_t priority); Network::TransportSocketFactory& transportSocketFactory() const override { return socket_factory_; } bool canary() const override { return canary_; } void canary(bool is_canary) override { canary_ = is_canary; } // Metadata getter/setter. // // It's possible that the lock that guards the metadata will become highly contended (e.g.: // endpoints churning during a deploy of a large cluster). A possible improvement // would be to use TLS and post metadata updates from the main thread. This model would // possibly benefit other related and expensive computations too (e.g.: updating subsets). MetadataConstSharedPtr metadata() const override { absl::ReaderMutexLock lock(&metadata_mutex_); return metadata_; } void metadata(MetadataConstSharedPtr new_metadata) override { absl::WriterMutexLock lock(&metadata_mutex_); metadata_ = new_metadata; } const ClusterInfo& cluster() const override { return *cluster_; } HealthCheckHostMonitor& healthChecker() const override { if (health_checker_) { return *health_checker_; } else { static HealthCheckHostMonitorNullImpl* null_health_checker = new HealthCheckHostMonitorNullImpl(); return *null_health_checker; } } Outlier::DetectorHostMonitor& outlierDetector() const override { if (outlier_detector_) { return *outlier_detector_; } else { static Outlier::DetectorHostMonitorNullImpl* null_outlier_detector = new Outlier::DetectorHostMonitorNullImpl(); return *null_outlier_detector; } } HostStats& stats() const override { return stats_; } const std::string& hostnameForHealthChecks() const override { return health_checks_hostname_; } const std::string& hostname() const override { return hostname_; } Network::Address::InstanceConstSharedPtr address() const override { return address_; } Network::Address::InstanceConstSharedPtr healthCheckAddress() const override { return health_check_address_; } const envoy::config::core::v3::Locality& locality() const override { return locality_; } Stats::StatName localityZoneStatName() const override { return locality_zone_stat_name_.statName(); } uint32_t priority() const override { return priority_; } void priority(uint32_t priority) override { priority_ = priority; } Network::TransportSocketFactory& resolveTransportSocketFactory(const Network::Address::InstanceConstSharedPtr& dest_address, const envoy::config::core::v3::Metadata* metadata) const; protected: ClusterInfoConstSharedPtr cluster_; const std::string hostname_; const std::string health_checks_hostname_; Network::Address::InstanceConstSharedPtr address_; Network::Address::InstanceConstSharedPtr health_check_address_; std::atomic canary_; mutable absl::Mutex metadata_mutex_; MetadataConstSharedPtr metadata_ ABSL_GUARDED_BY(metadata_mutex_); const envoy::config::core::v3::Locality locality_; Stats::StatNameDynamicStorage locality_zone_stat_name_; mutable HostStats stats_; Outlier::DetectorHostMonitorPtr outlier_detector_; HealthCheckHostMonitorPtr health_checker_; std::atomic priority_; Network::TransportSocketFactory& socket_factory_; }; /** * Implementation of Upstream::Host. */ class HostImpl : public HostDescriptionImpl, public Host, public std::enable_shared_from_this { public: HostImpl(ClusterInfoConstSharedPtr cluster, const std::string& hostname, Network::Address::InstanceConstSharedPtr address, MetadataConstSharedPtr metadata, uint32_t initial_weight, const envoy::config::core::v3::Locality& locality, const envoy::config::endpoint::v3::Endpoint::HealthCheckConfig& health_check_config, uint32_t priority, const envoy::config::core::v3::HealthStatus health_status) : HostDescriptionImpl(cluster, hostname, address, metadata, locality, health_check_config, priority), used_(true) { setEdsHealthFlag(health_status); HostImpl::weight(initial_weight); } // Upstream::Host std::vector> counters() const override { return stats_.counters(); } CreateConnectionData createConnection( Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options) const override; CreateConnectionData createHealthCheckConnection(Event::Dispatcher& dispatcher, Network::TransportSocketOptionsSharedPtr transport_socket_options, const envoy::config::core::v3::Metadata* metadata) const override; std::vector> gauges() const override { return stats_.gauges(); } void healthFlagClear(HealthFlag flag) override { health_flags_ &= ~enumToInt(flag); } bool healthFlagGet(HealthFlag flag) const override { return health_flags_ & enumToInt(flag); } void healthFlagSet(HealthFlag flag) final { health_flags_ |= enumToInt(flag); } ActiveHealthFailureType getActiveHealthFailureType() const override { return active_health_failure_type_; } void setActiveHealthFailureType(ActiveHealthFailureType type) override { active_health_failure_type_ = type; } void setHealthChecker(HealthCheckHostMonitorPtr&& health_checker) override { health_checker_ = std::move(health_checker); } void setOutlierDetector(Outlier::DetectorHostMonitorPtr&& outlier_detector) override { outlier_detector_ = std::move(outlier_detector); } Host::Health health() const override { // If any of the unhealthy flags are set, host is unhealthy. if (healthFlagGet(HealthFlag::FAILED_ACTIVE_HC) || healthFlagGet(HealthFlag::FAILED_OUTLIER_CHECK) || healthFlagGet(HealthFlag::FAILED_EDS_HEALTH)) { return Host::Health::Unhealthy; } // If any of the degraded flags are set, host is degraded. if (healthFlagGet(HealthFlag::DEGRADED_ACTIVE_HC) || healthFlagGet(HealthFlag::DEGRADED_EDS_HEALTH)) { return Host::Health::Degraded; } // The host must have no flags or be pending removal. ASSERT(health_flags_ == 0 || healthFlagGet(HealthFlag::PENDING_DYNAMIC_REMOVAL)); return Host::Health::Healthy; } uint32_t weight() const override { return weight_; } void weight(uint32_t new_weight) override; bool used() const override { return used_; } void used(bool new_used) override { used_ = new_used; } protected: static Network::ClientConnectionPtr createConnection(Event::Dispatcher& dispatcher, const ClusterInfo& cluster, const Network::Address::InstanceConstSharedPtr& address, Network::TransportSocketFactory& socket_factory, const Network::ConnectionSocket::OptionsSharedPtr& options, Network::TransportSocketOptionsSharedPtr transport_socket_options); private: void setEdsHealthFlag(envoy::config::core::v3::HealthStatus health_status); std::atomic health_flags_{}; ActiveHealthFailureType active_health_failure_type_{}; std::atomic weight_; std::atomic used_; }; class HostsPerLocalityImpl : public HostsPerLocality { public: HostsPerLocalityImpl() : HostsPerLocalityImpl(std::vector(), false) {} // Single locality constructor HostsPerLocalityImpl(const HostVector& hosts, bool has_local_locality = false) : HostsPerLocalityImpl(std::vector({hosts}), has_local_locality) {} HostsPerLocalityImpl(std::vector&& locality_hosts, bool has_local_locality) : local_(has_local_locality), hosts_per_locality_(std::move(locality_hosts)) { ASSERT(!has_local_locality || !hosts_per_locality_.empty()); } bool hasLocalLocality() const override { return local_; } const std::vector& get() const override { return hosts_per_locality_; } std::vector filter(const std::vector>& predicate) const override; // The const shared pointer for the empty HostsPerLocalityImpl. static HostsPerLocalityConstSharedPtr empty() { static HostsPerLocalityConstSharedPtr empty = std::make_shared(); return empty; } private: // Does an entry exist for the local locality? bool local_{}; // The first entry is for local hosts in the local locality. std::vector hosts_per_locality_; }; /** * A class for management of the set of hosts for a given priority level. */ class HostSetImpl : public HostSet { public: HostSetImpl(uint32_t priority, absl::optional overprovisioning_factor) : priority_(priority), overprovisioning_factor_(overprovisioning_factor.has_value() ? overprovisioning_factor.value() : kDefaultOverProvisioningFactor), hosts_(new HostVector()), healthy_hosts_(new HealthyHostVector()), degraded_hosts_(new DegradedHostVector()), excluded_hosts_(new ExcludedHostVector()) {} /** * Install a callback that will be invoked when the host set membership changes. * @param callback supplies the callback to invoke. * @return Common::CallbackHandle* the callback handle. */ Common::CallbackHandle* addPriorityUpdateCb(PrioritySet::PriorityUpdateCb callback) const { return member_update_cb_helper_.add(callback); } // Upstream::HostSet const HostVector& hosts() const override { return *hosts_; } HostVectorConstSharedPtr hostsPtr() const override { return hosts_; } const HostVector& healthyHosts() const override { return healthy_hosts_->get(); } HealthyHostVectorConstSharedPtr healthyHostsPtr() const override { return healthy_hosts_; } const HostVector& degradedHosts() const override { return degraded_hosts_->get(); } DegradedHostVectorConstSharedPtr degradedHostsPtr() const override { return degraded_hosts_; } const HostVector& excludedHosts() const override { return excluded_hosts_->get(); } ExcludedHostVectorConstSharedPtr excludedHostsPtr() const override { return excluded_hosts_; } const HostsPerLocality& hostsPerLocality() const override { return *hosts_per_locality_; } HostsPerLocalityConstSharedPtr hostsPerLocalityPtr() const override { return hosts_per_locality_; } const HostsPerLocality& healthyHostsPerLocality() const override { return *healthy_hosts_per_locality_; } HostsPerLocalityConstSharedPtr healthyHostsPerLocalityPtr() const override { return healthy_hosts_per_locality_; } const HostsPerLocality& degradedHostsPerLocality() const override { return *degraded_hosts_per_locality_; } HostsPerLocalityConstSharedPtr degradedHostsPerLocalityPtr() const override { return degraded_hosts_per_locality_; } const HostsPerLocality& excludedHostsPerLocality() const override { return *excluded_hosts_per_locality_; } HostsPerLocalityConstSharedPtr excludedHostsPerLocalityPtr() const override { return excluded_hosts_per_locality_; } LocalityWeightsConstSharedPtr localityWeights() const override { return locality_weights_; } absl::optional chooseHealthyLocality() override; absl::optional chooseDegradedLocality() override; uint32_t priority() const override { return priority_; } uint32_t overprovisioningFactor() const override { return overprovisioning_factor_; } static PrioritySet::UpdateHostsParams updateHostsParams(HostVectorConstSharedPtr hosts, HostsPerLocalityConstSharedPtr hosts_per_locality, HealthyHostVectorConstSharedPtr healthy_hosts, HostsPerLocalityConstSharedPtr healthy_hosts_per_locality, DegradedHostVectorConstSharedPtr degraded_hosts, HostsPerLocalityConstSharedPtr degraded_hosts_per_locality, ExcludedHostVectorConstSharedPtr excluded_hosts, HostsPerLocalityConstSharedPtr excluded_hosts_per_locality); static PrioritySet::UpdateHostsParams updateHostsParams(const HostSet& host_set); static PrioritySet::UpdateHostsParams partitionHosts(HostVectorConstSharedPtr hosts, HostsPerLocalityConstSharedPtr hosts_per_locality); void updateHosts(PrioritySet::UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor = absl::nullopt); protected: virtual void runUpdateCallbacks(const HostVector& hosts_added, const HostVector& hosts_removed) { member_update_cb_helper_.runCallbacks(priority_, hosts_added, hosts_removed); } private: // Weight for a locality taking into account health status using the provided eligible hosts per // locality. static double effectiveLocalityWeight(uint32_t index, const HostsPerLocality& eligible_hosts_per_locality, const HostsPerLocality& excluded_hosts_per_locality, const HostsPerLocality& all_hosts_per_locality, const LocalityWeights& locality_weights, uint32_t overprovisioning_factor); uint32_t priority_; uint32_t overprovisioning_factor_; HostVectorConstSharedPtr hosts_; HealthyHostVectorConstSharedPtr healthy_hosts_; DegradedHostVectorConstSharedPtr degraded_hosts_; ExcludedHostVectorConstSharedPtr excluded_hosts_; HostsPerLocalityConstSharedPtr hosts_per_locality_{HostsPerLocalityImpl::empty()}; HostsPerLocalityConstSharedPtr healthy_hosts_per_locality_{HostsPerLocalityImpl::empty()}; HostsPerLocalityConstSharedPtr degraded_hosts_per_locality_{HostsPerLocalityImpl::empty()}; HostsPerLocalityConstSharedPtr excluded_hosts_per_locality_{HostsPerLocalityImpl::empty()}; // TODO(mattklein123): Remove mutable. mutable Common::CallbackManager member_update_cb_helper_; // Locality weights (used to build WRR locality_scheduler_); LocalityWeightsConstSharedPtr locality_weights_; // WRR locality scheduler state. struct LocalityEntry { LocalityEntry(uint32_t index, double effective_weight) : index_(index), effective_weight_(effective_weight) {} const uint32_t index_; const double effective_weight_; }; // Rebuilds the provided locality scheduler with locality entries based on the locality weights // and eligible hosts. // // @param locality_scheduler the locality scheduler to rebuild. Will be set to nullptr if no // localities are eligible. // @param locality_entries the vector that holds locality entries. Will be reset and populated // with entries corresponding to the new scheduler. // @param eligible_hosts_per_locality eligible hosts for this scheduler grouped by locality. // @param eligible_hosts all eligible hosts for this scheduler. // @param all_hosts_per_locality all hosts for this HostSet grouped by locality. // @param locality_weights the weighting of each locality. // @param overprovisioning_factor the overprovisioning factor to use when computing the effective // weight of a locality. static void rebuildLocalityScheduler( std::unique_ptr>& locality_scheduler, std::vector>& locality_entries, const HostsPerLocality& eligible_hosts_per_locality, const HostVector& eligible_hosts, HostsPerLocalityConstSharedPtr all_hosts_per_locality, HostsPerLocalityConstSharedPtr excluded_hosts_per_locality, LocalityWeightsConstSharedPtr locality_weights, uint32_t overprovisioning_factor); static absl::optional chooseLocality(EdfScheduler* locality_scheduler); std::vector> healthy_locality_entries_; std::unique_ptr> healthy_locality_scheduler_; std::vector> degraded_locality_entries_; std::unique_ptr> degraded_locality_scheduler_; }; using HostSetImplPtr = std::unique_ptr; /** * A class for management of the set of hosts in a given cluster. */ class PrioritySetImpl : public PrioritySet { public: PrioritySetImpl() : batch_update_(false) {} // From PrioritySet Common::CallbackHandle* addMemberUpdateCb(MemberUpdateCb callback) const override { return member_update_cb_helper_.add(callback); } Common::CallbackHandle* addPriorityUpdateCb(PriorityUpdateCb callback) const override { return priority_update_cb_helper_.add(callback); } const std::vector>& hostSetsPerPriority() const override { return host_sets_; } // Get the host set for this priority level, creating it if necessary. const HostSet& getOrCreateHostSet(uint32_t priority, absl::optional overprovisioning_factor = absl::nullopt); void updateHosts(uint32_t priority, UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor = absl::nullopt) override; void batchHostUpdate(BatchUpdateCb& callback) override; protected: // Allows subclasses of PrioritySetImpl to create their own type of HostSetImpl. virtual HostSetImplPtr createHostSet(uint32_t priority, absl::optional overprovisioning_factor) { return std::make_unique(priority, overprovisioning_factor); } protected: virtual void runUpdateCallbacks(const HostVector& hosts_added, const HostVector& hosts_removed) { member_update_cb_helper_.runCallbacks(hosts_added, hosts_removed); } virtual void runReferenceUpdateCallbacks(uint32_t priority, const HostVector& hosts_added, const HostVector& hosts_removed) { priority_update_cb_helper_.runCallbacks(priority, hosts_added, hosts_removed); } // This vector will generally have at least one member, for priority level 0. // It will expand as host sets are added but currently does not shrink to // avoid any potential lifetime issues. std::vector> host_sets_; private: // TODO(mattklein123): Remove mutable. mutable Common::CallbackManager member_update_cb_helper_; mutable Common::CallbackManager priority_update_cb_helper_; bool batch_update_ : 1; // Helper class to maintain state as we perform multiple host updates. Keeps track of all hosts // that have been added/removed throughout the batch update, and ensures that we properly manage // the batch_update_ flag. class BatchUpdateScope : public HostUpdateCb { public: explicit BatchUpdateScope(PrioritySetImpl& parent) : parent_(parent) { ASSERT(!parent_.batch_update_); parent_.batch_update_ = true; } ~BatchUpdateScope() override { parent_.batch_update_ = false; } void updateHosts(uint32_t priority, PrioritySet::UpdateHostsParams&& update_hosts_params, LocalityWeightsConstSharedPtr locality_weights, const HostVector& hosts_added, const HostVector& hosts_removed, absl::optional overprovisioning_factor) override; absl::node_hash_set all_hosts_added_; absl::node_hash_set all_hosts_removed_; private: PrioritySetImpl& parent_; absl::node_hash_set priorities_; }; }; /** * Implementation of ClusterInfo that reads from JSON. */ class ClusterInfoImpl : public ClusterInfo, protected Logger::Loggable { public: ClusterInfoImpl(const envoy::config::cluster::v3::Cluster& config, const envoy::config::core::v3::BindConfig& bind_config, Runtime::Loader& runtime, TransportSocketMatcherPtr&& socket_matcher, Stats::ScopePtr&& stats_scope, bool added_via_api, Server::Configuration::TransportSocketFactoryContext&); static ClusterStats generateStats(Stats::Scope& scope); static ClusterLoadReportStats generateLoadReportStats(Stats::Scope& scope); static ClusterCircuitBreakersStats generateCircuitBreakersStats(Stats::Scope& scope, const std::string& stat_prefix, bool track_remaining); static ClusterRequestResponseSizeStats generateRequestResponseSizeStats(Stats::Scope&); static ClusterTimeoutBudgetStats generateTimeoutBudgetStats(Stats::Scope&); // Upstream::ClusterInfo bool addedViaApi() const override { return added_via_api_; } const envoy::config::cluster::v3::Cluster::CommonLbConfig& lbConfig() const override { return common_lb_config_; } std::chrono::milliseconds connectTimeout() const override { return connect_timeout_; } const absl::optional idleTimeout() const override { return idle_timeout_; } float perUpstreamPrefetchRatio() const override { return per_upstream_prefetch_ratio_; } float peekaheadRatio() const override { return peekahead_ratio_; } uint32_t perConnectionBufferLimitBytes() const override { return per_connection_buffer_limit_bytes_; } uint64_t features() const override { return features_; } const Http::Http1Settings& http1Settings() const override { return http1_settings_; } const envoy::config::core::v3::Http2ProtocolOptions& http2Options() const override { return http2_options_; } const envoy::config::core::v3::HttpProtocolOptions& commonHttpProtocolOptions() const override { return common_http_protocol_options_; } ProtocolOptionsConfigConstSharedPtr extensionProtocolOptions(const std::string& name) const override; LoadBalancerType lbType() const override { return lb_type_; } envoy::config::cluster::v3::Cluster::DiscoveryType type() const override { return type_; } const absl::optional& clusterType() const override { return cluster_type_; } const absl::optional& lbLeastRequestConfig() const override { return lb_least_request_config_; } const absl::optional& lbRingHashConfig() const override { return lb_ring_hash_config_; } const absl::optional& lbMaglevConfig() const override { return lb_maglev_config_; } const absl::optional& lbOriginalDstConfig() const override { return lb_original_dst_config_; } const absl::optional& upstreamConfig() const override { return upstream_config_; } bool maintenanceMode() const override; uint64_t maxRequestsPerConnection() const override { return max_requests_per_connection_; } uint32_t maxResponseHeadersCount() const override { return max_response_headers_count_; } const std::string& name() const override { return name_; } ResourceManager& resourceManager(ResourcePriority priority) const override; TransportSocketMatcher& transportSocketMatcher() const override { return *socket_matcher_; } ClusterStats& stats() const override { return stats_; } Stats::Scope& statsScope() const override { return *stats_scope_; } ClusterRequestResponseSizeStatsOptRef requestResponseSizeStats() const override { if (optional_cluster_stats_ == nullptr || optional_cluster_stats_->request_response_size_stats_ == nullptr) { return absl::nullopt; } return std::ref(*(optional_cluster_stats_->request_response_size_stats_)); } ClusterLoadReportStats& loadReportStats() const override { return load_report_stats_; } ClusterTimeoutBudgetStatsOptRef timeoutBudgetStats() const override { if (optional_cluster_stats_ == nullptr || optional_cluster_stats_->timeout_budget_stats_ == nullptr) { return absl::nullopt; } return std::ref(*(optional_cluster_stats_->timeout_budget_stats_)); } const Network::Address::InstanceConstSharedPtr& sourceAddress() const override { return source_address_; }; const LoadBalancerSubsetInfo& lbSubsetInfo() const override { return lb_subset_; } const envoy::config::core::v3::Metadata& metadata() const override { return metadata_; } const Envoy::Config::TypedMetadata& typedMetadata() const override { return typed_metadata_; } const Network::ConnectionSocket::OptionsSharedPtr& clusterSocketOptions() const override { return cluster_socket_options_; }; bool drainConnectionsOnHostRemoval() const override { return drain_connections_on_host_removal_; } bool connectionPoolPerDownstreamConnection() const override { return connection_pool_per_downstream_connection_; } bool warmHosts() const override { return warm_hosts_; } const absl::optional& upstreamHttpProtocolOptions() const override { return upstream_http_protocol_options_; } absl::optional edsServiceName() const override { return eds_service_name_; } void createNetworkFilterChain(Network::Connection&) const override; Http::Protocol upstreamHttpProtocol(absl::optional downstream_protocol) const override; Http::Http1::CodecStats& http1CodecStats() const override; Http::Http2::CodecStats& http2CodecStats() const override; private: struct ResourceManagers { ResourceManagers(const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, const std::string& cluster_name, Stats::Scope& stats_scope); ResourceManagerImplPtr load(const envoy::config::cluster::v3::Cluster& config, Runtime::Loader& runtime, const std::string& cluster_name, Stats::Scope& stats_scope, const envoy::config::core::v3::RoutingPriority& priority); using Managers = std::array; Managers managers_; }; struct OptionalClusterStats { OptionalClusterStats(const envoy::config::cluster::v3::Cluster& config, Stats::Scope& stats_scope); const ClusterTimeoutBudgetStatsPtr timeout_budget_stats_; const ClusterRequestResponseSizeStatsPtr request_response_size_stats_; }; Runtime::Loader& runtime_; const std::string name_; const envoy::config::cluster::v3::Cluster::DiscoveryType type_; const uint64_t max_requests_per_connection_; const uint32_t max_response_headers_count_; const std::chrono::milliseconds connect_timeout_; absl::optional idle_timeout_; const float per_upstream_prefetch_ratio_; const float peekahead_ratio_; const uint32_t per_connection_buffer_limit_bytes_; TransportSocketMatcherPtr socket_matcher_; Stats::ScopePtr stats_scope_; mutable ClusterStats stats_; Stats::IsolatedStoreImpl load_report_stats_store_; mutable ClusterLoadReportStats load_report_stats_; const std::unique_ptr optional_cluster_stats_; const uint64_t features_; const Http::Http1Settings http1_settings_; const envoy::config::core::v3::Http2ProtocolOptions http2_options_; const envoy::config::core::v3::HttpProtocolOptions common_http_protocol_options_; const std::map extension_protocol_options_; mutable ResourceManagers resource_managers_; const std::string maintenance_mode_runtime_key_; const Network::Address::InstanceConstSharedPtr source_address_; LoadBalancerType lb_type_; absl::optional lb_least_request_config_; absl::optional lb_ring_hash_config_; absl::optional lb_maglev_config_; absl::optional lb_original_dst_config_; absl::optional upstream_config_; const bool added_via_api_; LoadBalancerSubsetInfoImpl lb_subset_; const envoy::config::core::v3::Metadata metadata_; Envoy::Config::TypedMetadataImpl typed_metadata_; const envoy::config::cluster::v3::Cluster::CommonLbConfig common_lb_config_; const Network::ConnectionSocket::OptionsSharedPtr cluster_socket_options_; const bool drain_connections_on_host_removal_; const bool connection_pool_per_downstream_connection_; const bool warm_hosts_; const absl::optional upstream_http_protocol_options_; absl::optional eds_service_name_; const absl::optional cluster_type_; const std::unique_ptr factory_context_; std::vector filter_factories_; mutable Http::Http1::CodecStats::AtomicPtr http1_codec_stats_; mutable Http::Http2::CodecStats::AtomicPtr http2_codec_stats_; }; /** * Function that creates a Network::TransportSocketFactoryPtr * given a cluster configuration and transport socket factory * context. */ Network::TransportSocketFactoryPtr createTransportSocketFactory(const envoy::config::cluster::v3::Cluster& config, Server::Configuration::TransportSocketFactoryContext& factory_context); /** * Base class all primary clusters. */ class ClusterImplBase : public Cluster, protected Logger::Loggable { public: // Upstream::Cluster PrioritySet& prioritySet() override { return priority_set_; } const PrioritySet& prioritySet() const override { return priority_set_; } /** * Optionally set the health checker for the primary cluster. This is done after cluster * creation since the health checker assumes that the cluster has already been fully initialized * so there is a cyclic dependency. However we want the cluster to own the health checker. */ void setHealthChecker(const HealthCheckerSharedPtr& health_checker); /** * Optionally set the outlier detector for the primary cluster. Done for the same reason as * documented in setHealthChecker(). */ void setOutlierDetector(const Outlier::DetectorSharedPtr& outlier_detector); /** * Wrapper around Network::Address::resolveProtoAddress() that provides improved error message * based on the cluster's type. * @param address supplies the address proto to resolve. * @return Network::Address::InstanceConstSharedPtr the resolved address. */ const Network::Address::InstanceConstSharedPtr resolveProtoAddress(const envoy::config::core::v3::Address& address); // Partitions the provided list of hosts into three new lists containing the healthy, degraded // and excluded hosts respectively. static std::tuple partitionHostList(const HostVector& hosts); // Partitions the provided list of hosts per locality into three new lists containing the healthy, // degraded and excluded hosts respectively. static std::tuple partitionHostsPerLocality(const HostsPerLocality& hosts); Config::ConstMetadataSharedPoolSharedPtr constMetadataSharedPool() { return const_metadata_shared_pool_; } // Upstream::Cluster HealthChecker* healthChecker() override { return health_checker_.get(); } ClusterInfoConstSharedPtr info() const override { return info_; } Outlier::Detector* outlierDetector() override { return outlier_detector_.get(); } const Outlier::Detector* outlierDetector() const override { return outlier_detector_.get(); } void initialize(std::function callback) override; protected: ClusterImplBase(const envoy::config::cluster::v3::Cluster& cluster, Runtime::Loader& runtime, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); /** * Overridden by every concrete cluster. The cluster should do whatever pre-init is needed. E.g., * query DNS, contact EDS, etc. */ virtual void startPreInit() PURE; /** * Called by every concrete cluster when pre-init is complete. At this point, * shared init starts init_manager_ initialization and determines if there * is an initial health check pass needed, etc. */ void onPreInitComplete(); /** * Called by every concrete cluster after all targets registered at init manager are * initialized. At this point, shared init takes over and determines if there is an initial health * check pass needed, etc. */ void onInitDone(); virtual void reloadHealthyHostsHelper(const HostSharedPtr& host); // This init manager is shared via TransportSocketFactoryContext. The initialization targets that // register with this init manager are expected to be for implementations of SdsApi (see // SdsApi::init_target_). Init::ManagerImpl init_manager_; // Once all targets are initialized (i.e. once all dynamic secrets are loaded), this watcher calls // onInitDone() above. Init::WatcherImpl init_watcher_; Runtime::Loader& runtime_; ClusterInfoConstSharedPtr info_; // This cluster info stores the stats scope so it must be // initialized first and destroyed last. HealthCheckerSharedPtr health_checker_; Outlier::DetectorSharedPtr outlier_detector_; protected: PrioritySetImpl priority_set_; void validateEndpointsForZoneAwareRouting( const envoy::config::endpoint::v3::LocalityLbEndpoints& endpoints) const; private: void finishInitialization(); void reloadHealthyHosts(const HostSharedPtr& host); bool initialization_started_{}; std::function initialization_complete_callback_; uint64_t pending_initialize_health_checks_{}; const bool local_cluster_; Config::ConstMetadataSharedPoolSharedPtr const_metadata_shared_pool_; }; using ClusterImplBaseSharedPtr = std::shared_ptr; /** * Manages PriorityState of a cluster. PriorityState is a per-priority binding of a set of hosts * with its corresponding locality weight map. This is useful to store priorities/hosts/localities * before updating the cluster priority set. */ class PriorityStateManager : protected Logger::Loggable { public: PriorityStateManager(ClusterImplBase& cluster, const LocalInfo::LocalInfo& local_info, PrioritySet::HostUpdateCb* update_cb); // Initializes the PriorityState vector based on the priority specified in locality_lb_endpoint. void initializePriorityFor( const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint); // Registers a host based on its address to the PriorityState based on the specified priority (the // priority is specified by locality_lb_endpoint.priority()). // // The specified health_checker_flag is used to set the registered-host's health-flag when the // lb_endpoint health status is unhealthy, draining or timeout. void registerHostForPriority( const std::string& hostname, Network::Address::InstanceConstSharedPtr address, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint, const envoy::config::endpoint::v3::LbEndpoint& lb_endpoint); void registerHostForPriority( const HostSharedPtr& host, const envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint); void updateClusterPrioritySet(const uint32_t priority, HostVectorSharedPtr&& current_hosts, const absl::optional& hosts_added, const absl::optional& hosts_removed, const absl::optional health_checker_flag, absl::optional overprovisioning_factor = absl::nullopt); // Returns the saved priority state. PriorityState& priorityState() { return priority_state_; } private: ClusterImplBase& parent_; PriorityState priority_state_; const envoy::config::core::v3::Node& local_info_node_; PrioritySet::HostUpdateCb* update_cb_; }; using PriorityStateManagerPtr = std::unique_ptr; /** * Base for all dynamic cluster types. */ class BaseDynamicClusterImpl : public ClusterImplBase { protected: using ClusterImplBase::ClusterImplBase; /** * Updates the host list of a single priority by reconciling the list of new hosts * with existing hosts. * * @param new_hosts the full lists of hosts in the new configuration. * @param current_priority_hosts the full lists of hosts for the priority to be updated. The list * will be modified to contain the updated list of hosts. * @param hosts_added_to_current_priority will be populated with hosts added to the priority. * @param hosts_removed_from_current_priority will be populated with hosts removed from the * priority. * @param updated_hosts is used to aggregate the new state of all hosts across priority, and will * be updated with the hosts that remain in this priority after the update. * @param all_hosts all known hosts prior to this host update. * @return whether the hosts for the priority changed. */ bool updateDynamicHostList(const HostVector& new_hosts, HostVector& current_priority_hosts, HostVector& hosts_added_to_current_priority, HostVector& hosts_removed_from_current_priority, HostMap& updated_hosts, const HostMap& all_hosts); }; /** * Utility function to get Dns from cluster/enum. */ Network::DnsLookupFamily getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster); Network::DnsLookupFamily getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family); /** * Utility function to report upstream cx destroy metrics */ void reportUpstreamCxDestroy(const Upstream::HostDescriptionConstSharedPtr& host, Network::ConnectionEvent event); /** * Utility function to report upstream cx destroy active request metrics */ void reportUpstreamCxDestroyActiveRequest(const Upstream::HostDescriptionConstSharedPtr& host, Network::ConnectionEvent event); } // namespace Upstream } // namespace Envoy ================================================ FILE: source/common/version/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_basic_cc_library", "envoy_cc_library", "envoy_package", "envoy_select_boringssl", ) licenses(["notice"]) # Apache 2 envoy_package() genrule( name = "generate_version_number", srcs = ["//:VERSION"], outs = ["version_number.h"], cmd = """echo "#define BUILD_VERSION_NUMBER \\"$$(cat $<)\\"" >$@""", visibility = ["//visibility:private"], ) genrule( name = "generate_version_linkstamp", outs = ["manual_linkstamp.cc"], cmd = select({ # Only iOS builds typically follow this logic, OS/X is built as a normal binary "//bazel:apple": "$(location :generate_version_linkstamp.sh) Library >> $@", "//conditions:default": "$(location :generate_version_linkstamp.sh) >> $@", }), # Undocumented attr to depend on workspace status files. # https://github.com/bazelbuild/bazel/issues/4942 # Used here because generate_version_linkstamp.sh depends on the workspace status files. stamp = 1, tools = [":generate_version_linkstamp.sh"], visibility = ["//visibility:private"], ) envoy_cc_library( name = "version_includes", hdrs = [ "version.h", ":generate_version_number", ], deps = [ "//source/common/singleton:const_singleton", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "version_lib", srcs = ["version.cc"], copts = envoy_select_boringssl( ["-DENVOY_SSL_VERSION=\\\"BoringSSL-FIPS\\\""], ["-DENVOY_SSL_VERSION=\\\"BoringSSL\\\""], ), deps = [ ":version_includes", "//source/common/common:macros", "//source/common/protobuf:utility_lib", ], ) envoy_basic_cc_library( name = "manual_version_linkstamp", srcs = [":generate_version_linkstamp"], visibility = ["//visibility:private"], ) envoy_basic_cc_library( name = "version_linkstamp", linkstamp = select({ "//bazel:manual_stamp": None, "//conditions:default": "version_linkstamp.cc", }), # Linking this library makes build cache inefficient, limiting this to //source/exe package only. # Tests are linked with //test/test_common:test_version_linkstamp. visibility = ["//source/exe:__pkg__"], deps = select({ "//bazel:manual_stamp": [":manual_version_linkstamp"], "//conditions:default": [], }), alwayslink = 1, ) ================================================ FILE: source/common/version/generate_version_linkstamp.sh ================================================ #!/bin/bash # This script generates a header file that is used by version_lib whenever linkstamp is not allowed. # linkstamp is used to link in version_linkstamp.cc into the version_lib. # However, linkstamp is not available to non-binary bazel targets. # This means that if the topmost target being used to compile version_lib is a envoy_cc_library or related, linkstamp will not be in effect. # In turn this means that version_linkstamp.cc is not linked, and the build_scm_revision and build_scm_status are unknown symbols to the linker. # Unfortunately linkstamp is not well documented (https://github.com/bazelbuild/bazel/issues/2893). # But following the implicit trail one can deduce that linkstamp is in effect when "stamping" (https://github.com/bazelbuild/bazel/issues/2893) is on. # envoy_cc_library -- and the underlying cc_library rule -- does not support "stamping". # This makes sense as stamping mainly makes sense in the context of binaries for production releases, not static libraries. build_scm_revision=$(sed -n -E 's/^BUILD_SCM_REVISION ([0-9a-f]{40})$/\1/p' < bazel-out/volatile-status.txt) if [ -z "$1" ]; then build_scm_status=$(sed -n -E 's/^BUILD_SCM_STATUS ([a-zA-Z]*)$/\1/p' < bazel-out/volatile-status.txt) else build_scm_status=$1 fi echo "extern const char build_scm_revision[];" echo "extern const char build_scm_status[];" echo "const char build_scm_revision[] = \"$build_scm_revision\";" echo "const char build_scm_status[] = \"$build_scm_status\";" ================================================ FILE: source/common/version/version.cc ================================================ #include "common/version/version.h" #include #include #include #include "common/common/fmt.h" #include "common/common/macros.h" #include "common/protobuf/utility.h" #include "absl/strings/numbers.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" extern const char build_scm_revision[]; extern const char build_scm_status[]; namespace Envoy { const std::string& VersionInfo::revision() { CONSTRUCT_ON_FIRST_USE(std::string, build_scm_revision); } const std::string& VersionInfo::revisionStatus() { CONSTRUCT_ON_FIRST_USE(std::string, build_scm_status); } const std::string& VersionInfo::version() { CONSTRUCT_ON_FIRST_USE(std::string, fmt::format("{}/{}/{}/{}/{}", revision(), BUILD_VERSION_NUMBER, revisionStatus(), buildType(), sslVersion())); } const envoy::config::core::v3::BuildVersion& VersionInfo::buildVersion() { static const auto* result = new envoy::config::core::v3::BuildVersion(makeBuildVersion(BUILD_VERSION_NUMBER)); return *result; } const std::string& VersionInfo::buildType() { #ifdef NDEBUG static const std::string release_type = "RELEASE"; #else static const std::string release_type = "DEBUG"; #endif return release_type; } const std::string& VersionInfo::sslVersion() { #ifdef ENVOY_SSL_VERSION static const std::string ssl_version = ENVOY_SSL_VERSION; #else static const std::string ssl_version = "no-ssl"; #endif return ssl_version; } envoy::config::core::v3::BuildVersion VersionInfo::makeBuildVersion(const char* version) { envoy::config::core::v3::BuildVersion result; // Split BUILD_VERSION_NUMBER into version and an optional build label after the '-' std::regex ver_regex("([\\d]+)\\.([\\d]+)\\.([\\d]+)(-(.*))?"); // Match indexes, given the regex above constexpr std::cmatch::size_type major = 1; constexpr std::cmatch::size_type minor = 2; constexpr std::cmatch::size_type patch = 3; constexpr std::cmatch::size_type label = 5; std::cmatch match; if (std::regex_match(version, match, ver_regex)) { int value = 0; if (absl::SimpleAtoi(match.str(major), &value)) { result.mutable_version()->set_major_number(value); } if (absl::SimpleAtoi(match.str(minor), &value)) { result.mutable_version()->set_minor_number(value); } if (absl::SimpleAtoi(match.str(patch), &value)) { result.mutable_version()->set_patch(value); } } std::map fields; if (!match.str(label).empty()) { fields[BuildVersionMetadataKeys::get().BuildLabel] = match.str(label); } fields[BuildVersionMetadataKeys::get().BuildType] = buildType(); fields[BuildVersionMetadataKeys::get().SslVersion] = sslVersion(); fields[BuildVersionMetadataKeys::get().RevisionSHA] = revision(); fields[BuildVersionMetadataKeys::get().RevisionStatus] = revisionStatus(); *result.mutable_metadata() = MessageUtil::keyValueStruct(fields); return result; } } // namespace Envoy ================================================ FILE: source/common/version/version.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "common/singleton/const_singleton.h" #include "common/version/version_number.h" namespace Envoy { class VersionInfoTestPeer; /** * Wraps compiled in code versioning. */ class VersionInfo { public: // Repository revision (e.g. git SHA1). static const std::string& revision(); // Repository status (e.g. clean, modified). static const std::string& revisionStatus(); // Repository information and build type. static const std::string& version(); static const envoy::config::core::v3::BuildVersion& buildVersion(); private: friend class Envoy::VersionInfoTestPeer; // RELEASE or DEBUG static const std::string& buildType(); static const std::string& sslVersion(); static envoy::config::core::v3::BuildVersion makeBuildVersion(const char* version); }; class BuildVersionMetadata { public: // Type of build: RELEASE or DEBUG const std::string BuildType = "build.type"; // Build label from the VERSION file const std::string BuildLabel = "build.label"; // Version of the SSL implementation const std::string SslVersion = "ssl.version"; // SCM revision of the source tree const std::string RevisionSHA = "revision.sha"; // SCM status of the source tree const std::string RevisionStatus = "revision.status"; }; using BuildVersionMetadataKeys = ConstSingleton; } // namespace Envoy ================================================ FILE: source/common/version/version_linkstamp.cc ================================================ // NOLINT(namespace-envoy) extern const char build_scm_revision[]; extern const char build_scm_status[]; const char build_scm_revision[] = BUILD_SCM_REVISION; const char build_scm_status[] = BUILD_SCM_STATUS; ================================================ FILE: source/docs/fancy_logger.md ================================================ ## Fancy Logger: Flexible Granularity Log Control in Envoy ### Overview Fancy Logger is a logger with finer grained log level control and runtime logger update using administration interface. Compared to the existing logger in Envoy, Fancy Logger provides file level control which can be easily extended to finer grained logger with function or line level control, and it is completely automatic and never requires developers to explicitly specify the logging component. Besides, it has a comparable speed as Envoy's logger. ### Basic Usage The basic usage of Fancy Logger is to explicitly call its macros: ``` FANCY_LOG(info, "Hello world! Here's a line of fancy log!"); FANCY_LOG(error, "Fancy Error! Here's the second message!"); ``` If the level of log message is higher than that of the file, macros above will print messages with the file name like this: ``` [2020-07-29 22:27:02.594][15][error][test/common/common/log_macros_test.cc:149] Fancy Error! Here\'s the second message! ``` More macros with connection and stream information: ``` NiceMock connection_; NiceMock stream_; FANCY_CONN_LOG(warn, "Fake info {} of connection", connection_, 1); FANCY_STREAM_LOG(warn, "Fake warning {} of stream", stream_, 1); ``` To flush a logger, `FANCY_FLUSH_LOG()` can be used. ### Enable Fancy Logger using Command Line Option A command line option is provided to enable Fancy Logger: `--enable-fine-grain-logging`. It enables Fancy Logger for Envoy, i.e. replaces most Envoy's log macros (`ENVOY_LOG, ENVOY_FLUSH_LOG, ENVOY_CONN_LOG, ENVOY_STREAM_LOG`) with corresponding Fancy Logger's macros. If Fancy Logger is enabled, the default log format is `"[%Y-%m-%d %T.%e][%t][%l] [%g:%#] %v"`, where the logger name is omitted compared to Envoy's default as it's the same as file name. The default log level is info, if not specidfied by user of any logging context. Note that Envoy's logger can still be used in Fancy mode. These macros are not replaced: `GET_MISC_LOGGER, ENVOY_LOG_MISC, ENVOY_LOGGER, ENVOY_LOG_TO_LOGGER, ENVOY_CONN_LOG_TO_LOGGER, ENVOY_STREAM_LOG_TO_LOGGER`. For example, `ENVOY_LOG_LOGGER(ENVOY_LOGGER(), LEVEL, ...)` is equivalent to `ENVOY_LOG` in Envoy mode. If Fancy Logger is not enabled, existing Envoy's logger is used. In this mode, basic macros like `FANCY_LOG` can be used but the main part of `ENVOY_LOG` will keep the same. One limitation is that logger update in admin page is not supported by default as it detects Envoy mode. The reason is: Envoy mode is designed only to be back compatible. To address it, developers can use `Logger::Context::enableFancyLogger()` to manually enable Fancy Logger. ### Runtime Update Runtime update of Fancy Logger is supported with administration interface, i.e. admin page, and Fancy mode needs to be enabled to use it. Same as Envoy's logger, the following functionalities are provided: 1. `POST /logging`: List all names (i.e. file paths) of all active loggers and their levels; 2. `POST /logging?=`: Given the current file path, change the log level of the file; 3. `POST /logging?level=`: Change levels of all loggers. Users can view and change the log level in a granularity of file in runtime through admin page. Note that `file_path` is determined by `__FILE__` macro, which is the path seen by preprocessor. ### Implementation Details Fancy Logger can be divided into two parts: 1. Core part: file level logger without explicit inheriting `Envoy::Logger::Loggable`; 2. Hook part: control interfaces, such as command line and admin page. #### Core Part The core of Fancy Logger is implemented in `class FancyContext`, which is a singleton class. Filenames (i.e. keys) and logger pointers are stored in `FancyContext::fancy_log_map_`. There are several code paths when `FANCY_LOG` is called. 1. Slow path: if `FANCY_LOG` is first called in a file, `FancyContext::initFancyLogger(key, local_logger_ptr)` is called to create a new logger globally and store the `` pair in `fancy_log_map_`. Then local logger pointer is updated and will never be changed. 2. Medium path: if `FANCY_LOG` is first called at the call site but not in the file, `FancyContext::initFancyLogger(key, local_logger_ptr)` is still called but local logger pointer is quickly set to the global logger, as there is already global record of the given filename. 3. Fast path: if `FANCY_LOG` is called after first call at the site, the log is directly printed using local logger pointer. #### Hook Part Fancy Logger provides control interfaces through command line and admin page. To pass the arguments such as log format and default log level to Fancy Logger, `fancy_log_format` and `fancy_default_level` are added in `class Context` and they are updated when a new logging context is activated. `getFancyContext().setDefaultFancyLevelFormat(level, format)` is called in `Context::activate()` to set log format and update loggers' previous default level to the new level. To support the runtime update in admin page, log handler in admin page uses `getFancyContext().listFancyLoggers()` to show all Fancy Loggers, `getFancyContext().setFancyLogger(name, level)` to set a specific logger and `getFancyContext().setAllFancyLoggers(level)` to set all loggers. ================================================ FILE: source/docs/filters/http/cache/cache_filter.md ================================================ ### HTTP Cache Filter Work in Progress--not ready for deployment HTTP caching can improve system throughput, latency, and network/backend load levels when the same content is requested multiple times. Caching is particularly valuable for edge proxies and browser-based traffic, which typically include many cacheable static resources, but it can be useful any time there is enough repeatedly served cacheable content. ## Configuration CacheFilter is configured with envoy.config.filter.http.cache.v2alpha.CacheConfig. The only required configuration field is typed_config. The type of this message will select what HttpCache plugin to use, and will be passed to the selected plugin. HttpCache plugins are located in subdirectories of source/extensions/filters/http/cache. Specifying a message of type envoy.source.extensions.filters.http.cache.SimpleHttpCacheConfig will select a proof-of-concept implementation included in the Envoy source. More implementations can be provided by implementing Envoy::Extensions::HttpFilters::Cache::HttpCache. To write a cache storage implementation, see [Writing Cache Filter Implementations](cache_filter_plugins.md). TODO(toddmgreer) Describe other fields as they get implemented. The remaining configuration fields control caching behavior and limits. By default, this filter will cache almost all responses that are considered cacheable by [RFC7234](https://httpwg.org/specs/rfc7234.html), with handling of conditional ([RFC7232](https://httpwg.org/specs/rfc7232.html)), and *range* [RFC7233](https://httpwg.org/specs/rfc7233.html) requests. Those RFC define which request methods and response codes are cacheable, subject to the cache-related headers they also define: *cache-control*, *range*, *if-match*, *if-none-match*, *if-modified-since*, *if-unmodified-since*, *if-range*, *authorization*, *date*, *age*, *expires*, and *vary*. Responses with a *vary* header will only be cached if the named headers are accepted by one of the matching rules in *allowed_vary_headers*. ## Status * ready for developers to write cache storage plugins; please contribute them to the Envoy repository if possible. * ready for contributions to help finish its implementation of HTTP caching semantics. * *not* ready for actual use. Please see TODOs in the code. ================================================ FILE: source/docs/filters/http/cache/cache_filter_plugins.md ================================================ ### Overview The HTTP Cache Filter handles most of the complexity of HTTP caching semantics, but delegates the actual storage of HTTP responses to implementations of the HttpCache interface. These implementations can cover all points on the spectrum of persistence, performance, and distribution, from local RAM caches to globally distributed persistent caches. They can be fully custom caches, or wrappers/adapters around local or remote open-source or proprietary caches. If you write a new cache storage implementation, please add it to the Envoy repository if possible. This is the only way to make sure it stays up-to-date with Envoy changes, and lets other developers contribute fixes and improvements. As you read this, also read the example implementation in `simple_http_cache.h/.cc`. You need to write implementations of four small interfaces: ## HttpCache * Example Implementation: `SimpleHttpCache` * `HttpCache` represents an actual cache of responses stored somewhere. It provides methods to set up cache lookups and inserts, and to update the headers of cached responses. ## HttpCacheFactory * Example Implementation: `SimpleHttpCacheFactory` * `HttpCacheFactory` does what it sounds like: it creates HttpCache implementations, based on a name that came from the cache filter's config. ## LookupContext * Example Implementation: `SimpleLookupContext` * `LookupContext` represents a single lookup operation; this is a good place to store whatever per-lookup state you may need during the lookup process. ## InsertContext * Example Implementation: `SimpleInsertContext` * `LookupContext` represents a single insert operation; this is a good place to store whatever per-insert state you may need during the lookup process. ### Flow To initiate a lookup on an HttpCache implementation, the cache filter calls `HttpCache::makeLookupContext`, which should return a `LookupContextPtr`. The cache filter will call `LookupContext::getHeaders` to find out if there's a cached response. If a result is found, the `LookupContext` implementation must call `LookupRequest::makeLookupResult`, and pass the result to the callback. The cache filter will then make a series of `getBody` requests followed by `getTrailers` (if needed). If the `LookupResult` in the callback indicates that a response wasn't found, the cache filter will let the request pass upstream. If the origin replies with a cacheable response, the filter will call `HttpCache::makeInsertContext`, and use its methods to insert the response. The following diagram shows a potential GET request for a 5M resource that is present and fresh in the cache, with no trailers. In the case of a synchronous in-memory cache, this all happens within `CacheFilter::decodeHeaders`. Solid arrows denote synchronous function calls, while dashed arrows denote asynchronous function calls or their callbacks. Objects that are part of the cache implementation (`HttpCache` and `LookupContext`) are blue. (Other objects are part of the cache filter, or of Envoy. ![Cache Filter flow diagram](cache_filter_flow.png) ================================================ FILE: source/docs/flow_control.md ================================================ ### Overview Flow control in Envoy is done by having limits on each buffer, and watermark callbacks. When a buffer contains more data than the configured limit, the high watermark callback will fire, kicking off a chain of events which eventually informs the data source to stop sending data. This back-off may be immediate (stop reading from a socket) or gradual (stop HTTP/2 window updates) so all buffer limits in Envoy are considered soft limits. When the buffer eventually drains (generally to half of the high watermark to avoid thrashing back and forth) the low watermark callback will fire, informing the sender it can resume sending data. ### TCP implementation details Flow control for TCP and TCP-with-TLS-termination are handled by coordination between the `Network::ConnectionImpl` write buffer, and the `Network::TcpProxy` filter. The downstream flow control goes as follows. * The downstream `Network::ConnectionImpl::write_buffer_` buffers too much data. It calls `Network::ConnectionCallbacks::onAboveWriteBufferHighWatermark()`. * The `Network::TcpProxy::DownstreamCallbacks` receives `onAboveWriteBufferHighWatermark()` and calls `readDisable(true)` on the upstream connection. * When the downstream buffer is drained, it calls `Network::ConnectionCallbacks::onBelowWriteBufferLowWatermark()` * The `Network::TcpProxy::DownstreamCallbacks` receives `onBelowWriteBufferLowWatermark()` and calls `readDisable(false)` on the upstream connection. Flow control for the upstream path is much the same. * The upstream `Network::ConnectionImpl::write_buffer_` buffers too much data. It calls `Network::ConnectionCallbacks::onAboveWriteBufferHighWatermark()`. * The `Network::TcpProxy::UpstreamCallbacks` receives `onAboveWriteBufferHighWatermark()` and calls `readDisable(true)` on the downstream connection. * When the upstream buffer is drained, it calls `Network::ConnectionCallbacks::onBelowWriteBufferLowWatermark()` * The `Network::TcpProxy::UpstreamCallbacks` receives `onBelowWriteBufferLowWatermark()` and calls `readDisable(false)` on the downstream connection. ### HTTP2 implementation details Because the various buffers in the HTTP/2 stack are fairly complicated, each path from a buffer going over the watermark limit to disabling data from the data source is documented separately. ![HTTP2 data flow diagram](h2_buffers.png) For HTTP/2, when filters, streams, or connections back up, the end result is `readDisable(true)` being called on the source stream. This results in the stream ceasing to consume window, and so not sending further flow control window updates to the peer. This will result in the peer eventually stopping sending data when the available window is consumed (or nghttp2 closing the connection if the peer violates the flow control limit) and so limiting the amount of data Envoy will buffer for each stream. When `readDisable(false)` is called, any outstanding unconsumed data is immediately consumed, which results in resuming window updates to the peer and the resumption of data. Note that `readDisable(true)` on a stream may be called by multiple entities. It is called when any filter buffers too much, when the stream backs up and has too much data buffered, or the connection has too much data buffered. Because of this, `readDisable()` maintains a count of the number of times it has been called to both enable and disable the stream, resuming reads when each caller has called the equivalent low watermark callback. For example, if the TCP window upstream fills up and results in the network buffer backing up, all the streams associated with that connection will `readDisable(true)` their downstream data sources. When the HTTP/2 flow control window fills up an individual stream may use all of the window available and call a second `readDisable(true)` on its downstream data source. When the upstream TCP socket drains, the connection will go below its low watermark and each stream will call `readDisable(false)` to resume the flow of data. The stream which had both a network level block and a H2 flow control block will still not be fully enabled. Once the upstream peer sends window updates, the stream buffer will drain and the second `readDisable(false)` will be called on the downstream data source, which will finally result in data flowing from downstream again. The two main parties involved in flow control are the router filter (`Envoy::Router::Filter`) and the connection manager (`Envoy::Http::ConnectionManagerImpl`). The router is responsible for intercepting watermark events for its own buffers, the individual upstream streams (if codec buffers fill up) and the upstream connection (if the network buffer fills up). It passes any events to the connection manager, which has the ability to call `readDisable()` to enable and disable further data from downstream. On the reverse path, when the downstream connection backs up, the connection manager collects events for the downstream streams and the downstream connection. It passes events to the router filter via `Envoy::Http::DownstreamWatermarkCallbacks` and the router can then call `readDisable()` on the upstream stream. Filters opt into subscribing to `DownstreamWatermarkCallbacks` as a performance optimization to avoid each watermark event on a downstream HTTP/2 connection resulting in "number of streams * number of filters" callbacks. Instead, only the router filter is notified and only the "number of streams" multiplier applies. Because the router filter only subscribes to notifications when it has an upstream connection, the connection manager tracks how many outstanding high watermark events have occurred and passes any on to the router filter when it subscribes. It is worth noting that the router does not unwind `readDisable(true)` calls on destruction. In the case of HTTP/2 the `Envoy::Http::Http2::ConnectionImpl` will consume any outstanding flow control window on stream deletion to avoid leaking the connection-level window. In the case of HTTP/1, the Envoy::Http::ConnectionManagerImpl unwinds any readDisable() calls downstream to ensure that pipelined requests will be read. For HTTP/1 upstream connections, the `readDisable(true)` calls are unwound in ClientConnectionImpl::onMessageComplete() to make sure that as connections are returned to the connection pool they are ready to read. ## HTTP/2 codec recv buffer Given the HTTP/2 `Envoy::Http::Http2::ConnectionImpl::StreamImpl::pending_recv_data_` is processed immediately there's no real need for buffer limits, but for consistency and to future-proof the implementation, it is a WatermarkBuffer. The high watermark path goes as follows: * When `pending_recv_data_` has too much data it calls `ConnectionImpl::StreamImpl::pendingRecvBufferHighWatermark()`. * `pendingRecvBufferHighWatermark` calls `readDisable(true)` on the stream. The low watermark path is similar * When `pending_recv_data_` is drained, it calls `ConnectionImpl::StreamImpl::pendingRecvBufferLowWatermark`. * `pendingRecvBufferLowWatermarkwhich` calls `readDisable(false)` on the stream. ## HTTP/1 and HTTP/2 filters Each HTTP and HTTP/2 filter has an opportunity to call `decoderBufferLimit()` or `encoderBufferLimit()` on creation. No filter should buffer more than the configured bytes without calling the appropriate watermark callbacks or sending an error response. Filters may override the default limit with calls to `setDecoderBufferLimit()` and `setEncoderBufferLimit()`. These limits are applied as filters are created so filters later in the chain can override the limits set by prior filters. Most filters do not buffer internally, but instead push back on data by returning a FilterDataStatus on `encodeData()`/`decodeData()` calls. If a buffer is a streaming buffer, i.e. the buffered data will resolve over time, it should return `FilterDataStatus::StopIterationAndWatermark` to pause further data processing, which will cause the `ConnectionManagerImpl` to trigger watermark callbacks on behalf of the filter. If a filter can not make forward progress without the complete body, it should return `FilterDataStatus::StopIterationAndBuffer`. In this case if the `ConnectionManagerImpl` buffers more than the allowed data it will return an error downstream: a 413 on the request path, 500 or `resetStream()` on the response path. # Decoder filters For filters which do their own internal buffering, filters buffering more than the buffer limit should call `onDecoderFilterAboveWriteBufferHighWatermark` if they are streaming filters, i.e. filters which can process more bytes as the underlying buffer is drained. This causes the downstream stream to be readDisabled and the flow of downstream data to be halted. The filter is then responsible for calling `onDecoderFilterBelowWriteBufferLowWatermark` when the buffer is drained to resume the flow of data. Decoder filters which must buffer the full response should respond with a 413 (Payload Too Large) when encountering a response body too large to buffer. The decoder high watermark path for streaming filters is as follows: * When an instance of `Envoy::Router::StreamDecoderFilter` buffers too much data it should call `StreamDecoderFilterCallback::onDecoderFilterAboveWriteBufferHighWatermark()`. * When `Envoy::Http::ConnectionManagerImpl::ActiveStreamDecoderFilter` receives `onDecoderFilterAboveWriteBufferHighWatermark()` it calls `readDisable(true)` on the downstream stream to pause data. And the low watermark path: * When the buffer of the `Envoy::Router::StreamDecoderFilter` drains should call `StreamDecoderFilterCallback::onDecoderFilterBelowWriteBufferLowWatermark()`. * When `Envoy::Http::ConnectionManagerImpl` receives `onDecoderFilterAboveWriteBufferHighWatermark()` it calls `readDisable(false)` on the downstream stream to resume data. # Encoder filters Encoder filters buffering more than the buffer limit should call `onEncoderFilterAboveWriteBufferHighWatermark` if they are streaming filters, i.e. filters which can process more bytes as the underlying buffer is drained. The high watermark call will be passed from the `Envoy::Http::ConnectionManagerImpl` to the `Envoy::Router::Filter` which will `readDisable(true)` to stop the flow of upstream data. Streaming filters which call `onEncoderFilterAboveWriteBufferHighWatermark` should call `onEncoderFilterBelowWriteBufferLowWatermark` when the underlying buffer drains. Filters which must buffer a full request body before processing further, should respond with a 500 (Server Error) if encountering a request body which is larger than the buffer limits. The encoder high watermark path for streaming filters is as follows: * When an instance of `Envoy::Router::StreamEncoderFilter` buffers too much data it should call `StreamEncoderFilterCallback::onEncodeFilterAboveWriteBufferHighWatermark()`. * When `Envoy::Http::ConnectionManagerImpl::ActiveStreamEncoderFilter` receives `onEncoderFilterAboveWriteBufferHighWatermark()` it calls `ConnectionManagerImpl::ActiveStream::callHighWatermarkCallbacks()` * `callHighWatermarkCallbacks()` then in turn calls `DownstreamWatermarkCallbacks::onAboveWriteBufferHighWatermark()` for all filters which registered to receive watermark events * `Envoy::Router::Filter` receives `onAboveWriteBufferHighWatermark()` and calls `readDisable(true)` on the upstream request. The encoder low watermark path for streaming filters is as follows: * When an instance of `Envoy::Router::StreamEncoderFilter` buffers drains it should call `StreamEncoderFilterCallback::onEncodeFilterBelowWriteBufferLowWatermark()`. * When `Envoy::Http::ConnectionManagerImpl::ActiveStreamEncoderFilter` receives `onEncoderFilterBelowWriteBufferLowWatermark()` it calls `ConnectionManagerImpl::ActiveStream::callLowWatermarkCallbacks()` * `callLowWatermarkCallbacks()` then in turn calls `DownstreamWatermarkCallbacks::onBelowWriteBufferLowWatermark()` for all filters which registered to receive watermark events * `Envoy::Router::Filter` receives `onBelowWriteBufferLowWatermark()` and calls `readDisable(false)` on the upstream request. # HTTP and HTTP/2 codec upstream send buffer The upstream send buffer `Envoy::Http::Http2::ConnectionImpl::StreamImpl::pending_send_data_` is H2 stream data destined for an Envoy backend. Data is added to this buffer after each filter in the chain is done processing, and it backs up if there is insufficient connection or stream window to send the data. The high watermark path goes as follows: * When `pending_send_data_` has too much data it calls `ConnectionImpl::StreamImpl::pendingSendBufferHighWatermark()`. * `pendingSendBufferHighWatermark()` calls `StreamCallbackHelper::runHighWatermarkCallbacks()` * `runHighWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onAboveWriteBufferHighWatermark()` callback. * When `Envoy::Router::Filter` receives `onAboveWriteBufferHighWatermark()` it calls `StreamDecoderFilterCallback::onDecoderFilterAboveWriteBufferHighWatermark()`. * When `Envoy::Http::ConnectionManagerImpl` receives `onDecoderFilterAboveWriteBufferHighWatermark()` it calls `readDisable(true)` on the downstream stream to pause data. For the low watermark path: * When `pending_send_data_` drains it calls `ConnectionImpl::StreamImpl::pendingSendBufferLowWatermark()` * `pendingSendBufferLowWatermark()` calls `StreamCallbackHelper::runLowWatermarkCallbacks()` * `runLowWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallbacks` receiving a `onBelowWriteBufferLowWatermark()` callback. * When `Envoy::Router::Filter` receives `onBelowWriteBufferLowWatermark()` it calls `StreamDecoderFilterCallback::onDecoderFilterBelowWriteBufferLowWatermark()`. * When `Envoy::Http::ConnectionManagerImpl` receives `onDecoderFilterBelowWriteBufferLowWatermark()` it calls `readDisable(false)` on the downstream stream to resume data. # HTTP and HTTP/2 network upstream network buffer The upstream network buffer is HTTP/2 data for all streams destined for the Envoy backend. If the network buffer fills up, all streams associated with the underlying TCP connection will be informed of the back-up, and the data sources (HTTP/2 streams or HTTP connections) feeding into those streams will be readDisabled. The high watermark path is as follows: * When `Envoy::Network::ConnectionImpl::write_buffer_` has too much data it calls `Network::ConnectionCallbacks::onAboveWriteBufferHighWatermark()`. * When `Envoy::Http::CodecClient` receives `onAboveWriteBufferHighWatermark()` it calls `onUnderlyingConnectionAboveWriteBufferHighWatermark()` on `codec_`. * When `Envoy::Http::ConnectionManagerImpl` receives `onAboveWriteBufferHighWatermark()` it calls `runHighWatermarkCallbacks()` for each stream of the connection. * `runHighWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallback` receiving an `onAboveWriteBufferHighWatermark()` callback. * When `Envoy::Router::Filter` receives `onAboveWriteBufferHighWatermark()` it calls `StreamDecoderFilterCallback::onDecoderFilterAboveWriteBufferHighWatermark()`. * When `Envoy::Http::ConnectionManagerImpl` receives `onDecoderFilterAboveWriteBufferHighWatermark()` it calls `readDisable(true)` on the downstream stream to pause data. The low watermark path is as follows: * When `Envoy::Network::ConnectionImpl::write_buffer_` is drained it calls `Network::ConnectionCallbacks::onBelowWriteBufferLowWatermark()`. * When `Envoy::Http::CodecClient` receives `onBelowWriteBufferLowWatermark()` it calls `onUnderlyingConnectionBelowWriteBufferLowWatermark()` on `codec_`. * When `Envoy::Http::ConnectionManagerImpl` receives `onBelowWriteBufferLowWatermark()` it calls `runLowWatermarkCallbacks()` for each stream of the connection. * `runLowWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallback` receiving a `onBelowWriteBufferLowWatermark()` callback. * When `Envoy::Router::Filter` receives `onBelowWriteBufferLowWatermark()` it calls `StreamDecoderFilterCallback::onDecoderFilterBelowWriteBufferLowWatermark()`. * When `Envoy::Http::ConnectionManagerImpl` receives `onDecoderFilterBelowWriteBufferLowWatermark()` it calls `readDisable(false)` on the downstream stream to resume data. As with the downstream network buffer, it is important that as new upstream streams are associated with an existing upstream connection over its buffer limits that the new streams are created in the correct state. To handle this, the `Envoy::Http::Http2::ClientConnectionImpl` tracks the state of the underlying `Network::Connection` in `underlying_connection_above_watermark_`. If a new stream is created when the connection is above the high watermark the new stream has `runHighWatermarkCallbacks()` called on it immediately. # HTTP/2 codec downstream send buffer On filter creation, all filters have the opportunity to subscribe to downstream watermark events sent by the connection manager, and the router filter takes advantage of this. When a particular downstream stream gets backed up, the router filter gets notified and can then `readDisable()` the upstream data source. The high watermark path is as follows: * When `ConnectionImpl::StreamImpl::pending_send_data_` has too much data, it calls `ConnectionImpl::StreamImpl::pendingSendBufferHighWatermark()` * `pendingSendBufferHighWatermark()` calls `StreamCallbackHelper::runHighWatermarkCallbacks()` * `runHighWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onAboveWriteBufferHighWatermark()` callback. Currently, ConnectionManagerImpl::ActiveStream is the only subscriber. * `ConnectionManagerImpl::ActiveStream::onAboveWriteBufferHighWatermark()` calls `ConnectionManagerImpl::ActiveStream::callHighWatermarkCallbacks()` * `callHighWatermarkCallbacks()` then in turn calls `DownstreamWatermarkCallbacks::onAboveWriteBufferHighWatermark()` for all filters which registered to receive watermark events * `Envoy::Router::Filter` receives `onAboveWriteBufferHighWatermark()` and calls `readDisable(true)` on the upstream request. The low watermark path is as follows: * When `ConnectionImpl::StreamImpl::pending_send_data_` drains, it calls `ConnectionImpl::StreamImpl::pendingSendBufferLowWatermark()`. * `pendingSendBufferLowWatermark()` calls `StreamCallbackHelper::runLowWatermarkCallbacks()` * `runLowWatermarkCallbacks()` results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onBelowWriteBufferLowWatermark()` callback. * `ConnectionManagerImpl::ActiveStream::onBelowWriteBufferLowWatermark()` calls `ConnectionManagerImpl::ActiveStream::callLowWatermarkCallbacks()` * `callLowWatermarkCallbacks()` then in turn calls `DownstreamWatermarkCallbacks::onBelowWriteBufferLowWatermark()` for all filters which registered to receive watermark events. * `Envoy::Router::Filter` receives `onBelowWriteBufferLowWatermark()` and calls `readDisable(false)` on the upstream request. # HTTP/2 network downstream network buffer When a downstream network connection buffers too much data, it informs the connection manager which passes the high watermark event to all of the streams on the connection. They pass the watermark event to the router, which calls `readDisable()` on the upstream streams. The high watermark path is as follows: * The downstream `Network::ConnectionImpl::write_buffer_` buffers too much data. It calls `Network::ConnectionCallbacks::onAboveWriteBufferHighWatermark()`. * `Envoy::Http::Http2::ConnectionManagerImpl::onAboveWriteBufferHighWatermark()` calls `ConnectionImpl::onUnderlyingConnectionAboveWriteBufferHighWatermark()` on `codec_`. * When `Envoy::Http::Http2::ConnectionImpl` receives `onAboveWriteBufferHighWatermark()` it calls `runHighWatermarkCallbacks()` for each stream of the connection. * When `ConnectionManagerImpl::ActiveStream::onAboveWriteBufferHighWatermark()` is called it calls `ConnectionImpl::ActiveStream::callHighWatermarkCallbacks()` From this point on, the flow is the same as when the downstream codec buffer goes over its high watermark. The low watermark path is as follows: * The downstream `Network::ConnectionImpl::write_buffer_` drains. It calls `Network::ConnectionCallbacks::onBelowWriteBufferLowWatermark()`. * `Envoy::Http::Http2::ConnectionManagerImpl::onBelowWriteBufferLowWatermark()` calls `ConnectionImpl::onUnderlyingConnectionBelowWriteBufferLowWatermark()` on `codec_`. * When `Envoy::Http::Http2::ConnectionImpl` receives `onBelowWriteBufferLowWatermark()` it calls `runLowWatermarkCallbacks()` for each stream of the connection. * When `ConnectionManagerImpl::ActiveStream::onBelowWriteBufferLowWatermark()` is called it calls `ConnectionImpl::ActiveStream::callLowWatermarkCallbacks()` From this point on, the flow is the same as when the downstream codec buffer goes under its low watermark. When the downstream buffer is overrun each new stream should be informed of this on stream creation. This is handled by the connection manager latching the state of the underlying connection in `ConnectionManagerImpl::underlying_connection_above_high_watermark_` and if a new stream is created while the underlying connection is above the high watermark, the new stream has watermark callbacks called on creation. ### HTTP implementation details HTTP flow control is extremely similar to HTTP/2 flow control, with the main exception being that the method used to halt the flow of downstream/upstream data is to disable reads on the underlying Network::Connection. As the TCP data stops being consumed the peer will eventually fill their congestion window and stop sending. As with HTTP/2, a given stream may end in a state where the connection has had `readDisable(true)` called. When a new stream is created on that connection for a subsequent request, any outstanding `readDisable(true)` calls are unwound in `Http::Http1::ConnectionImpl::newStream()`. Filter and network backups are identical in the HTTP and HTTP/2 cases and are documented above. Codec backup is slightly different and is documented below. # HTTP codec downstream send buffer As with the HTTP/2 codec recv buffer, the HTTP codec send buffer is only expected to have data pass through it. It should never back up. Still, in the event it does, the high watermark path is as follows: * When `Http::Http1::ConnectionImpl::output_buffer_` has too much data buffered it calls `onOutputBufferAboveHighWatermark()` * Http::Http1::ConnectionImpl::ServerConnectionImpl::onOutputBufferAboveHighWatermark() calls `runHighWatermarkCallbacks()` which results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onAboveWriteBufferHighWatermark()` callback. From this point the `ConnectionManagerImpl` takes over and the code path is the same as for the HTTP/2 codec downstream send buffer. The low watermark path is as follows: * When `Http::Http1::ConnectionImpl::output_buffer_` drains it calls `onOutputBufferBelowLowWatermark()` * Http::Http1::ConnectionImpl::ServerConnectionImpl::onOutputBufferBelowLowWatermark() calls `runLowWatermarkCallbacks()` which results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onBelowWriteBufferLowWatermark()` callback. From this point the `ConnectionManagerImpl` takes over and the code path is the same as for the HTTP/2 codec downstream send buffer. # HTTP codec upstream send buffer As with the HTTP downstream send buffer, the HTTP codec send buffer is only expected to have data pass through it. It should never back up. Still, in the event it does, the high watermark path is as follows: * When `Http::Http1::ConnectionImpl::output_buffer_` has too much data buffered it calls `onOutputBufferAboveHighWatermark()` * Http::Http1::ConnectionImpl::ClientConnectionImpl::onOutputBufferAboveHighWatermark() calls `runHighWatermarkCallbacks()` which results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onAboveWriteBufferHighWatermark()` callback. From this point on the `Envoy::Router::Filter` picks up the event and the code path is the same as for the HTTP/2 codec upstream send buffer. The low watermark path is as follows: * When `Http::Http1::ConnectionImpl::output_buffer_` drains it calls `onOutputBufferBelowLowWatermark()` * Http::Http1::ConnectionImpl::ClientConnectionImpl::onOutputBufferBelowLowWatermark() calls `runLowWatermarkCallbacks()` which results in all subscribers of `Envoy::Http::StreamCallbacks` receiving an `onBelowWriteBufferLowWatermark()` callback. From this point on the `Envoy::Router::Filter` picks up the event and the code path is the same as for the HTTP/2 codec upstream send buffer. ### HTTP3 implementation details HTTP3 network buffer and stream send buffer works differently from HTTP2 and HTTP. See quiche_integration.md. ================================================ FILE: source/docs/h2_metadata.md ================================================ ### Overview Envoy provides a way for users to communicate extra information associating with a stream that is not carried in the standard HTTP(s) and HTTP/2 headers and payloads. The information is represented by a string key-value pair. For example, users can pass along RTT information associated with a stream using a key of "rtt info", and a value of "100ms". In Envoy, we call this type of information metadata. A stream can be associated with multiple metadata, and the multiple metadata are represented by a map. Note: the metadata implementation is still in progress, and the doc is in draft version. ### Limitation and conditions For ease of implementation and compatibility purposes, metadata will only be supported in HTTP/2. Metadata sent in any other protocol should result in protocol errors or be ignored. To simplify the implementation, we don't allow metadata frames to carry end of stream flag. Because metadata frames must be associated with an existing frame, users must ensure metadata frames to be received before the end of stream is received by the peer. Metadata associated with a stream can be sent before headers, after headers, between data or after data. If metadata frames have to be sent last, users must put the end of stream in an empty data frame and send the empty data frame after metadata frames. Envoy only allows up to 1M metadata to be sent per stream. If the accumulated metadata size exceeds the limit, the stream will be reset. ### Envoy metadata handling Envoy provides the functionality to proxy, process and add metadata. ## Proxying metadata If not specified, all the metadata received by Envoy is proxied to the next hop unmodified. Note that, we do not guarantee the same frame order will be preserved from hop by hop. That is, metadata from upstream at the beginning of a stream can be received by the downstream at the end of the stream. ## Consuming metadata If Envoy needs to take actions when a metadata frame is received, users should create a new filter. If Envoy needs to parse a metadata sent on a request from downstream to upstream, a StreamDecodeFilter should be created. The interface to override is FilterMetadataStatus StreamDecoderFilter::decodeMetadata(MetadataMapPtr&& metadata); The metadata passed in is a map of the metadata associated with the request stream. After metadata have been parsed, the filter can choose to remove metadata from the map, or keep it untouched. If Envoy needs to parse a metadata sent on a response from upstream to downstream, a StreamEncoderFilter should be created. The interface to override is FilterMetadatasStatus StreamEncoderFilter::encodeMetadata(MetadataMap& metadata); The metadata passed in is a map of the metadata associated with the response stream. After metadata have been parsed, the filter can choose to remove metadata from the map, or keep it untouched. Note that, if the metadata in a request or a response is removed from the map after consuming, the metadata will not be passed to the next hop. An empty map means no metadata will be sent to the next hop. If the metadata is left in the map, it will be passed to the next hop. ## Inserting metadata Envoy filters can be used to add new metadata to a stream. If users need to add new metadata for a request from downstream to upstream, a StreamDecoderFilter should be created. The StreamDecoderFilterCallbacks object that Envoy passes to the StreamDecoderFilter has an interface MetadataMapVector& StreamDecoderFilterCallbacks::addDecodedMetadata(). By calling the interface, users get a reference to a vector of metadata map associated with the request stream. Users can insert new metadata map to the metadata map vector, and Envoy will proxy the new metadata map to the upstream. StreamDecoderFilterCallbacks::addDecodedMetadata() can be called in StreamDecoderFilter::decodeHeaders(), StreamDecoderFilter::decodeData() and StreamDecoderFilter::decodeTrailers(). Do not call StreamDecoderFilterCallbacks::addDecodedMetadata() in StreamDecoderFilter::decodeMetadata(MetadataMap metadata\_map). New metadata can be added directly to metadata\_map. If users need to add new metadata for a response to downstream, a StreamEncoderFilter should be created. Users pass the metadata to be added to StreamEncoderFilterCallbacks::addEncodedMetadata(MetadataMapPtr&& metadata\_map\_ptr). This function can be called in StreamEncoderFilter::encode100ContinueHeaders(HeaderMap& headers), StreamEncoderFilter::encodeHeaders(HeaderMap& headers, bool end\_stream), StreamEncoderFilter::encodeData(Buffer::Instance& data, bool end\_stream), StreamEncoderFilter::encodeTrailers(HeaderMap& trailers). Consequently, the new metadata will be passed through all the encoding filters that follow the filter where the new metadata are added. If users receive metadata from upstream, new metadata can be added directly to the input argument metadata\_map in StreamFilter::encodeMetadata(MetadataMap& metadata\_map). ### Metadata implementation ## Metadata as extension HTTP/2 frames Envoy supports metadata by utilizing nghttp2 extension frames. Envoy defines a new extension frame type METADATA frame in nghttp2: type = 0x4D The METADATA frame uses a standard frame header, as described in the [HTTP/2 spec](https://httpwg.github.io/specs/rfc7540.html#FrameHeader.) The payload of the METADATA frame is a block of key-value pairs encoded using the [HPACK Literal Header Field Never Indexed representation]( https://httpwg.org/specs/rfc7541.html#literal.header.never.indexed). Each key-value pair represents one piece of metadata. The METADATA frame defines the following flags: END\_METADATA (0x4). If the flag is set, it indicates that this frame ends a metadata payload. The METADATA frame payload is not subject to HTTP/2 flow control, but the size of the payload is bounded by the maximum frame size negotiated in SETTINGS. There are no restrictions on the set of octets that may be used in keys or values. We do not allow METADATA frame to terminate a stream. DATA, HEADERS or RST\_STREAM must be used for that purpose. ## Response metadata handling We call metadata that need to be forwarded to downstream the response metadata. Response metadata can be received from upstream or generated locally. Response metadata is generally a hop by hop message, so Envoy doesn't need to hold response metadata locally to wait for some events or data. As a result, filters handling response metadata don't need to stop the filter iteration and wait. Instead response metadata can be forwarded through targeted filters and sequentially to the next hop as soon as they are available, no matter if the metadata are locally generated or received from upstream. The same statement is also true for metadata from downstream to upstream (request metadata). However, request metadata may need to wait for the upstream connection to be ready before going to the next hop. In this section, we focus on response metadata handling. We first explain how response metadata get consumed or proxied. In function EnvoyConnectionManagerImpl::ActiveStream::encodeMetadata(ActiveStreamEncoderFilter\* filter, MetadataMapPtr&& metadata\_map\_ptr), Envoy passes response metadata received from upstream to filters by calling the following filter interface: FilterMetadatasStatus StreamEncoderFilter::encodeMetadata(MetadataMapVector& metadata\_map). Filters, by implementing the interface, can consume response metadata. After going through the filter chain, function EnvoyConnectionManagerImpl::ActiveStream::encodeMetadata(ActiveStreamEncoderFilter\* filter, MetadataMapPtr&& metadata\_map\_ptr) immediately forwards the updated or remaining response metadata to the next hop by calling the metadata encoding function in codec: ConnectionManagerImpl::ActiveStream::response\_encoder\_-\>encodeMetadata(MetadataMapVector& metadata\_map\_vector). If no filter consumes the response metadata, the response metadata is proxied to the downstream untouched. Envoy can also add new response metadata through filters's encoding interfaces (See section [Inserting metadata](#inserting-metadata) for detailed interfaces). Filters can add new metadata by calling StreamDecoderFilterCallbacks::encodeMetadata(MetadataMapPtr&& metadata\_map\_ptr), which triggers ConnectionManagerImpl::ActiveStream::encodeMetadata(ActiveStreamEncoderFilter\* filter, MetadataMapPtr&& metadata\_map) to go through all the encoding filters. Or new metadata can be added to metadata\_map in StreamFilter::encodeMetadata(MetadataMap& metadata\_map) directly. ## Request metadata handling We first explain how request metadata get consumed or proxied. In function EnvoyConnectionManagerImpl::ActiveStream::decodeMetadata(ActiveStreamDecoderFilter\* filter, MetadataMap& metadata\_map), Envoy passes request metadata received from downstream to filters by calling the following filter interface: FilterMetadatasStatus StreamDecoderFilter::decodeMetadata(MetadataMap& metadata\_map). Filters, by implementing the interface, can consume or modify request metadata. If no filter touches the metadata, it is proxied to upstream unchanged. The last filter in the filter chain is router filter. The router filter calls Filter::request\_encoder\_-\>encodeMetadata(const MetadataMapVector& metadata\_map\_vector) to pass the metadata to codec, and codec encodes and forwards the metadata to the upstream. If the connection to the upstream has not been established when metadata is received, the metadata is temporarily stored in Filter::downstream\_metadata\_map\_vector\_. When the connection is ready (Filter::UpstreamRequest::onPoolReady()), the metadata is then passed to codec, and forwarded to the upstream. Envoy can also add new request metadata through filters's decoding interfaces (See section [Inserting metadata](#inserting-metadata) for detailed interfaces). Filters can add new metadata to ActiveStream::request\_metadata\_map\_vector\_ by calling StreamDecoderFilterCallbacks::addDecodedMetadata(). After calling each filter's decoding function, Envoy checks if new metadata is added to ActiveStream::request\_metadata\_map\_vector\_. If so, then Envoy calls ConnectionManagerImpl::ActiveStream::decodeMetadata(ActiveStreamEncoderFilter\* filter, MetadataMapPtr&& metadata\_map) to go through all the filters. Note that, because metadata frames do not carry end\_stream, if new metadata is added to a headers only request, Envoy moves end\_stream from headers to an empty data frame which is sent after the new metadata. In addition, Envoy drains metadata in router filter before any other types of frames except headers to make sure end\_stream is handled correctly. ================================================ FILE: source/docs/header_map.md ================================================ # Header map implementation overview The Envoy header map implementation (`HeaderMapImpl`) has the following properties: * Headers are stored in a linked list (`HeaderList`) in the order they are added, with pseudo headers kept at the front of the list. * O(1) direct access is possible for common headers needed during data plane processing. This is provided by a table of pointers that reach directly into a linked list that is populated when headers are added or removed from the map. When O(1) headers are accessed by direct method (`DEFINE_INLINE_HEADER` and `CustomInlineHeaderBase`) they use direct pointer access to see whether a header is present, add it, modify it, etc. When headers are added by name a trie is used to lookup the pointer in the table (`StaticLookupTable`). * Custom headers can be registered statically against a specific implementation (request headers, request trailers, response headers, and response trailers) via core code and extensions (`CustomInlineHeaderRegistry`). Each registered header increases the size of the table by the size of a single pointer. * Operations that search, replace, etc. for a header by name that is not one of the O(1) headers will incur an O(N) search through the linked list. This is an implementation deficiency for certain usage patterns that will be improved in future changes. ## Implementation details * O(1) registered headers are tracked during static initialization via the `CustomInlineHeaderBase` class. * The first time a header map is constructed (in practice this is after bootstrap load and the Envoy header prefix is finalized when `getAllHeaderMapImplInfo` is called), the `StaticLookupTable` is finalized for each header map type. No further changes are possible after this point. The `StaticLookupTable` defines the amount of variable pointer table space that is require for each header map type. * Each concrete header map type derives from `InlineStorage` with a variable length member at the end of the definition. * Each concrete header map type uses a factory function and a provide constructor. The required size is determined via the `inlineHeadersSize` function. ================================================ FILE: source/docs/network_filter_fuzzing.md ================================================ # Generic network-level filter fuzzers overview Network filters need to be fuzzed. Filters come in two flavors, each with their own fuzzer. Read filters should be added into the [Generic ReadFilter Fuzzer](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc). Write Filters should added into the [Generic WriteFilter Fuzzer](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc). Some filters are both raed and write filters: They should be added into both fuzzers. Before adding the new filter into the fuzzers, please make sure the filter is designed to accept untrusted inputs, or ready to be hardened to accept untrusted inputs. # Add a new ReadFilter into Generic Readfilter Fuzzer ## Step1. Make sure the filter can be linked into the fuzzer There are two ways to link it into the fuzzer. * [Recommended] In the file [extensions_build_config.bzl](https://github.com/envoyproxy/envoy/blob/master/source/extensions/extensions_build_config.bzl), the name of the filter should have a prefix `envoy.filters.network`. If it has such a prefix, the filter will be automatically linked into Generic ReadFilter Fuzzer. * [Not recommended]If for some reasons the filter's name doesn't have such a prefix, the config of the filter must be added into the `deps` field of `network_readfilter_fuzz_test` module in the file [BUILD](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/BUILD). ### Step2. Add the filter name into supported_filter_names In [uber_per_readfilter.cc](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc), add the filter name into the vector `supported_filter_names` in method `UberFilterFuzzer::filterNames()`. ``` const std::vector supported_filter_names = { ... NetworkFilterNames::get().ExtAuthorization, NetworkFilterNames::get().TheNewFilterCreatedByYou, ... }; ``` # Add a new WriteFilter into Generic Writefilter Fuzzer ## Step 1. Make sure the filter can be linked into the fuzzer For WriteFilter, the config of the filter must be added into the `deps` field of `network_writefilter_fuzz_test` module in the file [BUILD](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/BUILD). ``` envoy_cc_fuzz_test( name = "network_writefilter_fuzz_test", srcs = ["network_writefilter_fuzz_test.cc"], corpus = "network_writefilter_corpus", # All Envoy network filters must be linked to the test in order for the fuzzer to pick # these up via the NamedNetworkFilterConfigFactory. deps = [ ":uber_writefilter_lib", "//source/common/config:utility_lib", "//source/extensions/filters/network/kafka:kafka_broker_config_lib", "//source/extensions/filters/network/mongo_proxy:config", "//source/extensions/filters/network/mysql_proxy:config", "//source/extensions/filters/network/zookeeper_proxy:config", "//source/extensions/filters/network/the_new_filter_created_by_you:config", // <---Add the filter config module here "//test/config:utility_lib", ], ) ``` ## Step 2. Add the filter name into supported_filter_names In [uber_per_writefilter.cc](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/uber_per_writefilter.cc), add the filter name into the vector `supported_filter_names` in method `UberWriteFilterFuzzer::filterNames()`. ``` const std::vector supported_filter_names = { ... NetworkFilterNames::get().ExtAuthorization, NetworkFilterNames::get().TheNewFilterCreatedByYou, ... }; ``` # Add test cases into corpus Good test cases can provide good examples for fuzzers to find more paths in the code, increase the coverage and help find bugs more efficiently. Each test case is a file under the folder [network_readfilter_corpus](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_readfilter_corpus) or [network_writefilter_corpus](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_writefilter_corpus). It consists of two parts: `config` and `actions`. `config` is the protobuf to instantiate a filter, and `actions` are sequences of actions to take in order to test the filter. An example for testing MongoProxy filter: ``` config { name: "envoy.filters.network.mongo_proxy" typed_config { type_url: "type.googleapis.com/envoy.extensions.filters.network.mongo_proxy.v3.MongoProxy" value: "\n\001\\\032\t\032\002\020\010\"\003\010\200t \001" } } actions { on_new_connection { } } actions { on_data { data: "\120\0\0\0\1\0\0\0\1\0\0\0\324\7\0\0\4\0\0\0\164\145\163\164\56\164\145\163\164\0\24\0\0\0\377\377\377\377\52\0\0\0\2\163\164\162\151\156\147\137\156\145\145\144\137\145\163\143\0\20\0\0\0\173\42\146\157\157\42\72\40\42\142\141\162\12\42\175\0\0" } } actions { advance_time { milliseconds: 10000 } } ``` * `config.name` is the name of the filter. * `config.typed_config.type_url` is the type url of the filter config API. * `config.typed_config.value` is the serialized string of the config protobuf, and in C++ we can call`config.SerializeAsString()` to obtain this. This string may contain special characters. Recommend using octal or hexadecimal sequence for the string. * `actions.on_data.data` (or `actions.on_write.data`) is the buffer parameter `data`(in string format) for testing ReadFilter's method onData() (or for testing WriteFilter's method onWrite()). This string may contain special characters. Recommend using octal or hexadecimal sequence for the string. * `actions.on_data.end_stream` (or `actions.on_write.end_stream`) is the bool parameter `end_stream` for testing ReadFilter's method onData() (or for testing WriteFilter's method onWrite()). * `actions.on_new_connection` is an action to call `onNewConnection` method of a ReadFilter. * `actions.advance_time.milliseconds` is the duration in milliseconds for the simulatedSystemTime to advance by. For more details, see the APIs for [ReadFilter Fuzz Testcase](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz.proto) and [WriteFilter Fuzz Testcase](https://github.com/envoyproxy/envoy/blob/master/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz.proto). ## Convert a unit test case to a fuzz test case manually This section explains an approach to generate a corpus from unit tests. It is an optional step for users who want to generate the highest possible coverage. Unit test cases usually leads the filter into interesting states. Currently there is no automatic way to convert a unit test case into a fuzz test case. However, there is a way to convert it manually. We can write a utility function like this and use it to print the `buffer` and `protobuf` as a octal sequence to avoid invisible characters: ``` static std::string toOct(const std::string& source, const std::string& info) { std::stringstream ss; for (unsigned char c : source) { int n=c-'\0'; ss<<'\\'< [RepoKitteh](https://repokitteh.io) is a [GitHub application](https://developer.github.com/apps/) that provides an easy way to create, integrate and maintain GitHub bots. It is deployed in GCP and supplied to Envoy under a contract with the CNCF. The application is installed on specific GitHub repositories and interacts with these by receiving webhooks and making GitHub API calls. A root `repokitteh.star` script tells the application what to do based on the webhook received. ## Integration with Envoy The file [repokitteh.star](https://github.com/envoyproxy/envoy/blob/master/repokitteh.star), which resides in the root of the Envoy repository tells RepoKitteh what functionality to use. The file is written in the [Starlark language](https://github.com/bazelbuild/starlark/), which is a Python dialect with well defined threading and hermeticity guarantees. For example, the statement ``` use("github.com/repokitteh/modules/assign.star") ``` tells RepoKitteh to use the [assign.star](https://github.com/repokitteh/modules/blob/master/assign.star) module. Similar modules can be integrated in the future into Envoy in the same way. ## Current Functionality ### [Assign](https://github.com/repokitteh/modules/blob/master/assign.star) Set assignees to issues or pull requests. Examples: ``` /assign @someone ``` Adds `@someone` as an assignee to the issue or pull request that this comment is made on. ``` /unassign @someone ``` Removes `@someone` as an assignee. Only organization members can assign or unassign other users, who must be organization members as well. [Demo PR](https://github.com/envoyproxy/envoybot/pull/6) ### [Review](https://github.com/repokitteh/modules/blob/master/review.star) Requests a user to review a pull request. Examples: ``` /review @someone ``` Asks `@someone` to review the pull requests that this comment is made on. ``` /unreview @someone ``` Removes `@someone` from the reviewers list. Only organization members can request a review from other users or cancel it, who must be organization members as well. [Demo PR](https://github.com/envoyproxy/envoybot/pull/7) ### [Wait](https://github.com/repokitteh/modules/blob/master/wait.star) Wait for activity on an issue or a PR. Example: ``` /wait ``` Sets the label `waiting` on a PR. When a new commit is pushed the label will be removed. [Demo PR](https://github.com/envoyproxy/envoybot/pull/14) It is also possible to wait until any comment is submitted and/or a new commit is pushed. Example: ``` /wait-any ``` Sets the label `waiting:any` on a PR. When a new commit is pushed or any comment is submitted the label will be removed. [Demo PR](https://github.com/envoyproxy/envoybot/pull/15) ### [CircleCI Retest](https://github.com/repokitteh/modules/blob/master/circleci.star) Restart failed CircleCI tests. Example: ``` /retest-circle ``` Restarts all failed CircleCI tests, as reported in the commit statuses. [Demo PR](https://github.com/envoyproxy/envoy/pull/12613#issuecomment-676141200) ### [Azure Pipelines Retest](https://github.com/envoyproxy/envoy/blob/master/ci/repokitteh/modules/azure_pipelines.star) Restart failed Azure pipelines. Example: ``` /retest ``` Restarts all failed Azure pipelines. [Demo PR](https://github.com/envoyproxy/envoy/pull/12860#issuecomment-684832313) ### [Granular Ownerscheck](https://github.com/repokitteh/modules/blob/master/ownerscheck.star) Two types of approvals: 1. Global approvals, done by approving the PR using Github's review approval feature. 2. Partial approval, done by commenting "/lgtm [label]" where label is the label associated with the path. This does not affect GitHub's PR approve status, only this module's maintained commit status. This approval is automatically revoked if any further changes are done to the relevant files in this spec. #### Backport labeling ``` /backport ``` will labels the PR commented on with `backport/review`. ================================================ FILE: source/docs/stats.md ================================================ # Envoy Stats System Envoy statistics track numeric metrics on an Envoy instance, optionally spanning binary program restarts. The metrics are tracked as: * Counters: strictly increasing 64-bit integers. * Gauges: 64-bit integers that can rise and fall. * Histograms: mapping ranges of values to frequency. The ranges are auto-adjusted as data accumulates. Unlike counters and gauges, histogram data is not retained across binary program restarts. * TextReadouts: Unicode strings. Unlike counters and gauges, text readout data is not retained across binary program restarts. In order to support restarting the Envoy binary program without losing counter and gauge values, they are passed from parent to child in an RPC protocol. They were previously held in shared memory, which imposed various restrictions. Unlike the shared memory implementation, the RPC passing *requires a mode-bit specified when constructing gauges indicating whether it should be accumulated across hot-restarts*. ## Performance and Thread Local Storage A key tenant of the Envoy architecture is high performance on machines with large numbers of cores. See https://blog.envoyproxy.io/envoy-threading-model-a8d44b922310 for details. This requires lock-free access to stats on the fast path -- when proxying requests. For stats, this is implemented in [ThreadLocalStore](https://github.com/envoyproxy/envoy/blob/master/source/common/stats/thread_local_store.h), supporting the following features: * Thread local per scope stat caching. * Overlapping scopes with proper reference counting (2 scopes with the same name will point to the same backing stats). * Scope deletion. * Lockless in the fast path. This implementation is complicated so here is a rough overview of the threading model. * The store can be used before threading is initialized. This is needed during server init. * Scopes can be created from any thread, though in practice they are only created from the main thread. * Scopes can be deleted from any thread, and they are in practice as scopes are likely to be shared across all worker threads. * Per thread caches are checked, and if empty, they are populated from the central cache. * Scopes are entirely owned by the caller. The store only keeps weak pointers. * When a scope is destroyed, a cache flush operation is posted on all threads to flush any cached data owned by the destroyed scope. * Scopes use a unique incrementing ID for the cache key. This ensures that if a new scope is created at the same address as a recently deleted scope, cache references will not accidentally reference the old scope which may be about to be cache flushed. * Since it's possible to have overlapping scopes, we de-dup stats when counters() or gauges() is called since these are very uncommon operations. * Overlapping scopes will not share the same backing store. This is to keep things simple, it could be done in the future if needed. ### Histogram threading model Each Histogram implementation will have 2 parts. * *main* thread parent which is called `ParentHistogram`. * *per-thread* collector which is called `ThreadLocalHistogram`. Worker threads will write to ParentHistogram which checks whether a TLS histogram is available. If there is one it will write to it, otherwise creates new one and writes to it. During the flush process the following sequence is followed. * The main thread starts the flush process by posting a message to every worker which tells the worker to swap its *active* histogram with its *backup* histogram. This is achieved via a call to the `beginMerge` method. * Each TLS histogram has 2 histograms it makes use of, swapping back and forth. It manages a current_active index via which it writes to the correct histogram. * When all workers have done, the main thread continues with the flush process where the *actual* merging happens. * As the active histograms are swapped in TLS histograms, on the main thread, we can be sure that no worker is writing into the *backup* histogram. * The main thread now goes through all histograms, collect them across each worker and accumulates in to *interval* histograms. * Finally the main *interval* histogram is merged to *cumulative* histogram. `ParentHistogram`s are held weakly a set in ThreadLocalStore. Like other stats, they keep an embedded reference count and are removed from the set and destroyed when the last strong reference disappears. Consequently, we must hold a lock for the set when decrementing histogram reference counts. A similar process occurs for other types of stats, but in those cases it is taken care of in `AllocatorImpl`. There are strong references to `ParentHistograms` in TlsCacheEntry::parent_histograms_. Thread-local `TlsHistogram`s are created on behalf of a `ParentHistogram` whenever accessed from a worker thread. They are strongly referenced in the `ParentHistogram` as well as in a cache in the `ThreadLocalStore`, to help maintain data continuity as scopes are re-created during operation. ## Stat naming infrastructure and memory consumption Stat names are replicated in several places in various forms. * Held with the stat values, in `CounterImpl`, `GaugeImpl` and `TextReadoutImpl`, which are defined in [allocator_impl.cc](https://github.com/envoyproxy/envoy/blob/master/source/common/stats/allocator_impl.cc) * In [MetricImpl](https://github.com/envoyproxy/envoy/blob/master/source/common/stats/metric_impl.h) in a transformed state, with tags extracted into vectors of name/value strings. * In static strings across the codebase where stats are referenced * In a [set of regexes](https://github.com/envoyproxy/envoy/blob/master/source/common/config/well_known_names.cc) used to perform tag extraction. There are stat maps in `ThreadLocalStore` for capturing all stats in a scope, and each per-thread caches. However, they don't duplicate the stat names. Instead, they reference the `StatName` held in the `CounterImpl` or `GaugeImpl`, and thus are relatively cheap; effectively those maps are all pointer-to-pointer. For this to be safe, cache lookups from locally scoped strings must use `.find` rather than `operator[]`, as the latter would insert a pointer to a temporary as the key. If the `.find` fails, the actual stat must be constructed first, and then inserted into the map using its key storage. This strategy saves duplication of the keys, but costs an extra map lookup on each miss. ### Naming Representation When stored as flat strings, stat names can dominate Envoy memory usage when there are a large number of clusters. Stat names typically combine a small number of keywords, cluster names, host names, and response codes, separated by `.`. For example `CLUSTER.upstream_cx_connect_attempts_exceeded`. There may be thousands of clusters, and roughly 100 stats per cluster. Thus, the number of combinations can be large. It is significantly more efficient to symbolize each `.`-delimited token and represent stats as arrays of symbols. The transformation between flattened string and symbolized form is CPU-intensive at scale. It requires parsing, encoding, and lookups in a shared map, which must be mutex-protected. To avoid adding latency and CPU overhead while serving requests, the tokens can be symbolized and saved in context classes, such as [Http::CodeStatsImpl](https://github.com/envoyproxy/envoy/blob/master/source/common/http/codes.h). Symbolization can occur on startup or when new hosts or clusters are configured dynamically. Users of stats that are allocated dynamically per cluster, host, etc, must explicitly store partial stat-names their class instances, which later can be composed dynamically at runtime in order to fully elaborate counters, gauges, etc, without taking symbol-table locks, via `SymbolTable::join()`. ### `StatNamePool` and `StatNameSet` These two helper classes evolved to make it easy to deploy the symbol table API across the codebase. `StatNamePool` provides pooled allocation for any number of `StatName` objects, and is intended to be held in a data structure alongside the `const StatName` member variables. Most names should be established during process initializion or in response to xDS updates. `StatNameSet` provides some associative lookups at runtime. The associations should be created before the set is used for requests, via `StatNameSet::rememberBuiltin`. This is useful in scenarios where stat-names are derived from data in a request, but there are limited set of known tokens, such as SSL ciphers or Redis commands. ### Dynamic stat tokens While stats are usually composed of tokens that are known at compile-time, there are scenarios where the names are newly discovered from data in requests. To avoid taking locks in this case, tokens can be formed dynamically using `StatNameDynamicStorage` or `StatNameDynamicPool`. In this case we lose substring sharing but we avoid taking locks. Dynamically generated tokens can be combined with symbolized tokens from `StatNameSet` or `StatNamePool` using `SymbolTable::join()`. Relative to using symbolized tokens, The cost of using dynamic tokens is: * the StatName must be allocated and populated from the string data every time `StatNameDynamicPool::add()` is called or `StatNameDynamicStorage` is constructed. * the resulting `StatName`s are as long as the string, rather than benefiting from a symbolized representation, which is typically 4 bytes or less per token. However, the cost of using dynamic tokens is on par with the cost of not using a StatName system at all, only adding one re-encoding. And it is hard to quantify the benefit of avoiding mutex contention when there are large numbers of threads. ### Symbol Table Memory Layout Below is a diagram [(source)](https://docs.google.com/drawings/d/1eG6CHSUFQ5zkk-j-kcFCUay2-D_ktF39Tbzql5ypUDc/edit) showing the memory layout for a few scenarios of constructing and joining symbolized `StatName` and dynamic `StatName`. ![Symbol Table Memory Diagram](symtab.png) ### Symbol Contention Risk There are several ways to create hot-path contention looking up stats by name, and there is no bulletproof way to prevent it from occurring. * The [stats macros](https://github.com/envoyproxy/envoy/blob/master/include/envoy/stats/stats_macros.h) may be used in a data structure which is constructed in response to requests. * An explicit symbol-table lookup, via `StatNamePool` or `StatNameSet` can be made in the hot path. It is difficult to search for those scenarios in the source code or prevent them with a format-check, but we can determine whether symbol-table lookups are occurring during via an admin endpoint that shows 20 recent lookups by name, at `ENVOY_HOST:ADMIN_PORT/stats?recentlookups`. As of October 6, 2020, the "fake" symbol table implementation has been removed from the system, and the "--use-fake-symbol-table" option is now a no-op, triggering a warning if set to "1". The option will be removed in a later release. ### Symbol Table Class Overview Class | Superclass | Description -----| ---------- | --------- SymbolTable | | Abstract class providing an interface for symbol tables SymbolTableImpl | SymbolTable | Implementation of SymbolTable API where StatName share symbols held in a table SymbolTableImpl::Encoding | | Helper class for incrementally encoding strings into symbols StatName | | Provides an API and a view into a StatName (dynamic orsymbolized). Like absl::string_view, the backing store must be separately maintained. StatNameStorageBase | | Holds storage (an array of bytes) for a dynamic or symbolized StatName StatNameStorage | StatNameStorageBase | Holds storage for a symbolized StatName. Must be explicitly freed (not just destructed). StatNameManagedStorage | StatNameStorage | Like StatNameStorage, but is 8 bytes larger, and can be destructed without free(). StatNameDynamicStorage | StatNameStorageBase | Holds StatName storage for a dynamic (not symbolized) StatName. StatNamePool | | Holds backing store for any number of symbolized StatNames. StatNameDynamicPool | | Holds backing store for any number of dynamic StatNames. StatNameList | | Provides packed backing store for an ordered collection of StatNames, that are only accessed sequentially. Used for MetricImpl. StatNameStorageSet | | Implements a set of StatName with lookup via StatName. Used for rejected stats. StatNameSet | | Implements a set of StatName with lookup via string_view. Used to remember well-known names during startup, e.g. Redis commands. ### Hot Restart Continuity of stat counters and gauges over hot-restart is supported. This occurs via a sequence of RPCs from parent to child, issued while child is in lame-duck. These RPCs contain a map of stat-name strings to values. One implementation complexity is that when decoding these names in the child, we must know which segments of the stat names were encoded dynamically. This is implemented by sending an auxiliary map of stat-name strings to lists of spans, where the spans identify dynamic segments. Dynamic segments are rare, used only by Dynamo, Mongo, IP Tagging Filter, Fault Filter, and `x-envoy-upstream-alt-stat-name` as of this writing. So in most cases this dynamic-segment map is empty. ## Tags and Tag Extraction TBD ## Disabling statistics by substring or regex TBD ## Stats Memory Tests Regardless of the underlying data structures used to implement statistics, memory usage will grow with the number of hosts and clusters. When a PR is issued that adds new per-host or per-cluster stats, this will have a multiplicative effect on consumed memory. This can become significant for deployments with O(10k) clusters or hosts. To improve visibility for this memory growth, there are [memory-usage integration tests](https://github.com/envoyproxy/envoy/blob/master/test/integration/stats_integration_test.cc). If a PR fails the tests in that file due to unexpected memory consumption, it gives the author and reviewer an opportunity to consider the cost/value of the new stats. If the test fails because the new byte-count is lower, then all that's needed is to lock in the improvement by updating the expected values. If the new per-cluster or per-host memory consumption is higher, then we must decide whether the value from the added stats justify the overhead for all Envoy deployments. In either case, we must update the golden values and add a comment to the table in the test indicating the memory impact of each PR. Developers trying to can iterate through changes in these tests locally with: ```bash bazel test -c opt --test_env=ENVOY_MEMORY_TEST_EXACT=true \ test/integration:stats_integration_test ``` ================================================ FILE: source/docs/subset_load_balancer.md ================================================ ### Overview The subset load balancer (SLB) divides the upstream hosts in a cluster into one or more subsets. At request time the SLB uses information from the `LoadBalancerContext` to choose one of its subsets. Choosing a host is then delegated to the subset's load balancer. If no subset matches the context, the SLB falls back (depending on configuration) to balancing over a default subset, balancing over any upstream host in the cluster, or returning no host. Load balancing within a subset is accomplished by constructing one of the existing load balancer types with `Upstream::HostSet` that presents a filtered copy of the upstream hosts. All load balancer types except the Original DST load balancer may be used for subset load balancing. ### Fallback The SLB can be configured with one of three fallback policies. If no subset matching the `LoadBalancerContext` is found: 1. `NO_FALLBACK` specifies that `chooseHost` returns `nullptr` and load balancing fails. 2. `ANY_ENDPOINT` specifies that load balancing occurs over the entire set of upstream hosts. 3. `DEFAULT_SUBSET` specifies that load balancing occurs over a specific subset of upstream hosts. If the default subset is empty, `chooseHost` returns `nullptr` and load balancing fails. During construction, if the fallback policy is `ANY_ENDPOINT`, a default subset is constructed using the original `Upstream::HostSet`. If the fallback policy is `DEFAULT_SUBSET`, but the configuration does not specify any metadata (e.g. all hosts match), the SLB changes the fallback policy to `ANY_ENDPOINT`. ### Selecting Subsets The initial implementation supports selecting subsets by endpoint metadata provided via EDS. The configuration specifies a list of subset selectors. Each selector is used, in turn, to create subsets of hosts. The selectors exist to limit the combinations of endpoint metadata used for creating subsets. We precompute the subsets outside the load balancing path to avoid locking. Currently the only mechanism for specifying a selector is to provide a list of metadata keys: ``` json { "subset_selectors": [ { "keys": [ "a", "b" ] }, { "keys": [ "x" ] } ] } ``` For each selector, the SLB iterates over the hosts and inspects the host's metadata for the `"envoy.lb"` filter. If a host's metadata provides values for each key, a subset is created for the metadata. For example, given the selectors above, if a host's metadata contains `{a=1, b=2}`, a subset is created for `{a=1, b=2}`. Other hosts with `{a=1, b=2}` are also included in the subset. A host with metadata like `{a=1, b=2, x=3}` is included in two subsets (`{a=1, b=2}` and {`x=3`}). The same keys may appear in multiple selector entries: it is feasible to have both an `{a=1, b=2}` subset and an `{a=1}` subset. On update, the SLB divides the hosts added into the appropriate subset(s) and triggers update events on the filtered host sets. The SLB also manages the optional "local HostSet" used for zone-aware routing. The CDS configuration for the subset selectors is meant to allow future extension. For example: 1. Selecting endpoint metadata keys by a prefix or other string matching algorithm, or 2. Using a list-typed metadata value to allow a single endpoint to have multiple values for a metadata key. Subsets are stored in a trie-like fashion. Keys in the selectors are lexically sorted. An `LbSubsetMap` is an `unordered_map` of string keys to `ValueSubsetMap`. `ValueSubsetMap` is an `unordered_map` of (wrapped, see below) `ProtobufWkt::Value` to `LbSubsetEntry`. The `LbSubsetEntry` may contain an `LbSubsetMap` of additional keys or a `Subset`. `Subset` encapsulates the filtered `Upstream::HostSet` and `Upstream::LoadBalancer` for a subset. `ProtobufWkt::Value` is wrapped to provide a cached hash value for the value. Currently, `ProtobufWkt::Value` is hashed by first encoding the value as a string and then hashing the string. By wrapping it, we can compute the hash value outside the request path for both the metadata values provided in `LoadBalancerContext` and those used internally by the SLB. ### Subset Lookup Currently we require the metadata provided in `LoadBalancerContext` to match a subset exactly in order to select the subset for load balancing. Changing this behavior has implications for the performance of the subset selection algorithm. The current algorithm, described below, runs in `O(N)` time with respect to the number of metadata key-value pairs in the `LoadBalancerContext`. The metadata key-value pairs from `LoadBalancerContext` must be sorted by key for the algorithm to work. Currently we expect lexical order, but the sort order doesn't matter as long as both the context and load balancer use the same ordering. Sorting of the `LoadBalancerContext` keys is currently handled by `Router::RouteEntryImplBase`. Given a sequence of N metadata keys and values (previously sorted lexically by key) from `LoadBalancerContext`, we can look up the appropriate subset in `O(N)` time as follows. It may be helpful to look at the [diagram](#diagram) provided in the example. 1. Initialize `subsets` to refer to the root `LbSubsetMap` and `entry` to point at a null `LbSubsetEntryPtr`. 2. For each key-value in the metadata: 1. Lookup the key in `subsets` to find a `ValueSubsetMap`. (Average constant time.) If not found, exit the loop. 2. Lookup the value in the `ValueSubsetMap` to find an `LbSubsetEntry`. (Average constant time.) If not found, exit the loop. 3. Assign the `LbSubsetEntry`'s `LbSubsetMap` to `subsets`. (It may be empty.) 4. If this is the last key-value pair, assign the `LbSubsetEntry` to `entry`. 3. If `entry` has been set and has a `Subset` value, we found a matching subset, delegate balancing to the subset's load balancer. 4. Otherwise, execute the fallback policy. N.B. `O(N)` complexity presumes that the delegate load balancer executes in constant time. ### Example Assume a set of hosts from EDS with the following metadata, assigned to a single cluster. Endpoint | stage | version | type | xlarge ---------|-------|---------|--------|------- e1 | prod | 1.0 | std | true e2 | prod | 1.0 | std | e3 | prod | 1.1 | std | e4 | prod | 1.1 | std | e5 | prod | 1.0 | bigmem | e6 | prod | 1.1 | bigmem | e7 | dev | 1.2-pre | std | Note: Only e1 has the "xlarge" metadata key. Given this CDS `envoy::config::cluster::v3::Cluster`: ``` json { "name": "c1", "lb_policy": "ROUND_ROBIN", "lb_subset_config": { "fallback_policy": "DEFAULT_SUBSET", "default_subset": { "stage": "prod", "version": "1.0", "type": "std" }, "subset_selectors": [ { "keys": [ "stage", "type" ] }, { "keys": [ "stage", "version" ] }, { "keys": [ "version" ] }, { "keys": [ "xlarge", "version" ] }, ] } } ``` The following subsets are created: `stage=prod, type=std` (e1, e2, e3, e4) `stage=prod, type=bigmem` (e5, e6) `stage=dev, type=std` (e7) `stage=prod, version=1.0` (e1, e2, e5) `stage=prod, version=1.1` (e3, e4, e6) `stage=dev, version=1.2-pre` (e7) `version=1.0` (e1, e2, e5) `version=1.1` (e3, e4, e6) `version=1.2-pre` (e7) `version=1.0, xlarge=true` (e1) In addition, a default subset is created: `stage=prod, type=std, version=1.0` (e1, e2) After loading this configuration, the SLB's `LbSubsetMap` looks like this: ![LbSubsetMap Diagram](subset_load_balancer_diagram.svg) Given these `envoy::config::route::v3::Route` entries: ``` json "routes": [ { "match": { "prefix": "/", "headers": [ { "name": "x-custom-version", "value": "pre-release" } ] }, "route": { "cluster": "c1", "metadata_match": { "filter_metadata": { "envoy.lb": { "version": "1.2-pre", "stage": "dev" } } } } }, { "match": { "prefix": "/", "headers": [ { "name": "x-hardware-test", "value": "memory" } ] }, "route": { "cluster": "c1", "metadata_match": { "filter_metadata": { "envoy.lb": { "type": "bigmem", "stage": "prod" } } } } }, { "match": { "prefix": "/" }, "route": { "weighted_clusters": { "clusters": [ { "name": "c1", "weight": 90, "metadata_match": { "filter_metadata": { "envoy.lb": { "version": "1.0" } } } }, { "name": "c1", "weight": 10, "metadata_match": { "filter_metadata": { "envoy.lb": { "version": "1.1" } } } } ] }, "metadata_match": { "filter_metadata": { "envoy.lb": { "stage": "prod", } } } } } ] ``` The following headers may then be used to select subsets: `x-custom-version: pre-release` causes requests to be routed e7. This is an example of routing requests to a developer launched instance for pre-release testing. If the e7 upstream leaves the cluster, the subset is removed and further requests with this header are routed to the default subset (containing e1 and e2). `x-hardware-test: memory` causes requests to be load balanced over the e5 and e6 endpoints. This is an example of routing requests to upstreams running on a particular class of hardware, perhaps for load testing. If the bigmem hosts are removed from service, further requests with this header are routed to the default subset. Otherwise, requests without those headers are split between two subsets. 90% of the requests are routed to `stage=prod, version=1.0` (e1, e2, e5). 10% of the requests are routed to `stage=prod, version=1.1` (e3, e4, e6). This is an example of gradually shifting traffic to a new version. ================================================ FILE: source/exe/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_binary", "envoy_cc_library", "envoy_cc_platform_dep", "envoy_cc_posix_library", "envoy_cc_win32_library", "envoy_package", ) load("//source/extensions:all_extensions.bzl", "envoy_all_core_extensions", "envoy_all_extensions") load("//bazel:repositories.bzl", "PPC_SKIP_TARGETS", "WINDOWS_SKIP_TARGETS") licenses(["notice"]) # Apache 2 envoy_package() alias( name = "envoy", actual = ":envoy-static", ) envoy_cc_binary( name = "envoy-static", stamped = True, deps = [":envoy_main_entry_lib"], ) envoy_cc_library( name = "envoy_common_lib", deps = [ "//source/common/event:libevent_lib", "//source/common/network:utility_lib", "//source/common/stats:stats_lib", "//source/common/stats:thread_local_store_lib", "//source/server:drain_manager_lib", "//source/server:options_lib", "//source/server:server_lib", "//source/server:listener_hooks_lib", ] + select({ "//bazel:windows_x86_64": envoy_all_extensions(WINDOWS_SKIP_TARGETS), "//bazel:linux_ppc": envoy_all_extensions(PPC_SKIP_TARGETS), "//conditions:default": envoy_all_extensions(), }), ) envoy_cc_library( name = "envoy_main_entry_lib", srcs = ["main.cc"], external_deps = [ "abseil_symbolize", ], deps = [ ":envoy_main_common_lib", ":platform_impl_lib", ], ) envoy_cc_library( name = "main_common_lib", srcs = ["main_common.cc"], hdrs = ["main_common.h"], deps = [ ":envoy_common_lib", ":platform_impl_lib", ":process_wide_lib", "//source/common/api:os_sys_calls_lib", "//source/common/common:compiler_requirements_lib", "//source/common/common:perf_annotation_lib", "//source/common/grpc:google_grpc_context_lib", "//source/server:hot_restart_lib", "//source/server:hot_restart_nop_lib", "//source/server/config_validation:server_lib", ] + select({ "//bazel:disable_signal_trace": [], "//conditions:default": [ "//source/common/signal:sigaction_lib", ":terminate_handler_lib", ], }), ) envoy_cc_library( name = "envoy_main_common_lib", deps = [ ":main_common_lib", "//source/common/version:version_linkstamp", ], ) envoy_cc_library( name = "envoy_common_with_core_extensions_lib", deps = [ "//source/common/event:libevent_lib", "//source/common/network:utility_lib", "//source/common/stats:stats_lib", "//source/common/stats:thread_local_store_lib", "//source/server:drain_manager_lib", "//source/server:options_lib", "//source/server:server_lib", "//source/server:listener_hooks_lib", ] + envoy_all_core_extensions(), ) envoy_cc_library( name = "envoy_main_common_with_core_extensions_lib", srcs = ["main_common.cc"], hdrs = ["main_common.h"], deps = [ ":envoy_common_with_core_extensions_lib", ":platform_impl_lib", ":process_wide_lib", "//source/common/api:os_sys_calls_lib", "//source/common/common:compiler_requirements_lib", "//source/common/common:perf_annotation_lib", "//source/common/grpc:google_grpc_context_lib", "//source/server:hot_restart_lib", "//source/server:hot_restart_nop_lib", "//source/server/config_validation:server_lib", ] + select({ "//bazel:disable_signal_trace": [], "//conditions:default": [ "//source/common/signal:sigaction_lib", ":terminate_handler_lib", ], }), ) envoy_cc_library( name = "process_wide_lib", srcs = ["process_wide.cc"], hdrs = ["process_wide.h"], external_deps = ["ares"], deps = [ "//source/common/common:assert_lib", "//source/common/event:libevent_lib", "//source/common/http/http2:nghttp2_lib", "//source/server:proto_descriptors_lib", ], ) envoy_cc_library( name = "platform_impl_lib", deps = [":platform_header_lib"] + envoy_cc_platform_dep("platform_impl_lib"), ) envoy_cc_library( name = "platform_header_lib", hdrs = ["platform_impl.h"], deps = [ "//include/envoy/filesystem:filesystem_interface", "//include/envoy/thread:thread_interface", ], ) envoy_cc_posix_library( name = "platform_impl_lib", srcs = ["posix/platform_impl.cc"], deps = [ ":platform_header_lib", "//source/common/common:thread_lib", "//source/common/filesystem:filesystem_lib", ], ) envoy_cc_win32_library( name = "platform_impl_lib", srcs = ["win32/platform_impl.cc"], deps = [ ":platform_header_lib", "//source/common/common:assert_lib", "//source/common/common:thread_lib", "//source/common/filesystem:filesystem_lib", ], ) envoy_cc_library( name = "terminate_handler_lib", srcs = ["terminate_handler.cc"], hdrs = ["terminate_handler.h"], tags = ["backtrace"], deps = [ "//source/common/common:minimal_logger_lib", "//source/common/common:non_copyable", "//source/server:backtrace_lib", ], ) ================================================ FILE: source/exe/main.cc ================================================ #include "exe/main_common.h" // NOLINT(namespace-envoy) /** * Basic Site-Specific main() * * This should be used to do setup tasks specific to a particular site's * deployment such as initializing signal handling. It calls main_common * after setting up command line options. */ int main(int argc, char** argv) { return Envoy::MainCommon::main(argc, argv); } ================================================ FILE: source/exe/main_common.cc ================================================ #include "exe/main_common.h" #include #include #include #include #include "envoy/config/listener/v3/listener.pb.h" #include "common/common/compiler_requirements.h" #include "common/common/logger.h" #include "common/common/perf_annotation.h" #include "common/network/utility.h" #include "common/stats/thread_local_store.h" #include "server/config_validation/server.h" #include "server/drain_manager_impl.h" #include "server/hot_restart_nop_impl.h" #include "server/listener_hooks.h" #include "server/options_impl.h" #include "server/server.h" #include "absl/debugging/symbolize.h" #include "absl/strings/str_split.h" #ifdef ENVOY_HOT_RESTART #include "server/hot_restart_impl.h" #endif namespace Envoy { Server::DrainManagerPtr ProdComponentFactory::createDrainManager(Server::Instance& server) { // The global drain manager only triggers on listener modification, which effectively is // hot restart at the global level. The per-listener drain managers decide whether to // to include /healthcheck/fail status. return std::make_unique( server, envoy::config::listener::v3::Listener::MODIFY_ONLY); } Runtime::LoaderPtr ProdComponentFactory::createRuntime(Server::Instance& server, Server::Configuration::Initial& config) { return Server::InstanceUtil::createRuntime(server, config); } MainCommonBase::MainCommonBase(const OptionsImpl& options, Event::TimeSystem& time_system, ListenerHooks& listener_hooks, Server::ComponentFactory& component_factory, std::unique_ptr&& random_generator, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system, std::unique_ptr process_context) : options_(options), component_factory_(component_factory), thread_factory_(thread_factory), file_system_(file_system), stats_allocator_(symbol_table_) { // Process the option to disable extensions as early as possible, // before we do any configuration loading. OptionsImpl::disableExtensions(options.disabledExtensions()); switch (options_.mode()) { case Server::Mode::InitOnly: case Server::Mode::Serve: { configureHotRestarter(*random_generator); tls_ = std::make_unique(); Thread::BasicLockable& log_lock = restarter_->logLock(); Thread::BasicLockable& access_log_lock = restarter_->accessLogLock(); auto local_address = Network::Utility::getLocalAddress(options_.localAddressIpVersion()); logging_context_ = std::make_unique(options_.logLevel(), options_.logFormat(), log_lock, options_.logFormatEscaped(), options_.enableFineGrainLogging()); configureComponentLogLevels(); // Provide consistent behavior for out-of-memory, regardless of whether it occurs in a try/catch // block or not. std::set_new_handler([]() { PANIC("out of memory"); }); stats_store_ = std::make_unique(stats_allocator_); server_ = std::make_unique( *init_manager_, options_, time_system, local_address, listener_hooks, *restarter_, *stats_store_, access_log_lock, component_factory, std::move(random_generator), *tls_, thread_factory_, file_system_, std::move(process_context)); break; } case Server::Mode::Validate: restarter_ = std::make_unique(); logging_context_ = std::make_unique(options_.logLevel(), options_.logFormat(), restarter_->logLock(), options_.logFormatEscaped()); break; } } void MainCommonBase::configureComponentLogLevels() { for (auto& component_log_level : options_.componentLogLevels()) { Logger::Logger* logger_to_change = Logger::Registry::logger(component_log_level.first); ASSERT(logger_to_change); logger_to_change->setLevel(component_log_level.second); } } void MainCommonBase::configureHotRestarter(Random::RandomGenerator& random_generator) { #ifdef ENVOY_HOT_RESTART if (!options_.hotRestartDisabled()) { uint32_t base_id = options_.baseId(); if (options_.useDynamicBaseId()) { ASSERT(options_.restartEpoch() == 0, "cannot use dynamic base id during hot restart"); std::unique_ptr restarter; // Try 100 times to get an unused base ID and then give up under the assumption // that some other problem has occurred to prevent binding the domain socket. for (int i = 0; i < 100 && restarter == nullptr; i++) { // HotRestartImpl is going to multiply this value by 10, so leave head room. base_id = static_cast(random_generator.random()) & 0x0FFFFFFF; try { restarter = std::make_unique(base_id, 0, options_.socketPath(), options_.socketMode()); } catch (Server::HotRestartDomainSocketInUseException& ex) { // No luck, try again. ENVOY_LOG_MISC(debug, "dynamic base id: {}", ex.what()); } } if (restarter == nullptr) { throw EnvoyException("unable to select a dynamic base id"); } restarter_.swap(restarter); } else { restarter_ = std::make_unique( base_id, options_.restartEpoch(), options_.socketPath(), options_.socketMode()); } // Write the base-id to the requested path whether we selected it // dynamically or not. if (!options_.baseIdPath().empty()) { std::ofstream base_id_out_file(options_.baseIdPath()); if (!base_id_out_file) { ENVOY_LOG_MISC(critical, "cannot open base id output file {} for writing.", options_.baseIdPath()); } else { base_id_out_file << base_id; } } } #else UNREFERENCED_PARAMETER(random_generator); #endif if (restarter_ == nullptr) { restarter_ = std::make_unique(); } } bool MainCommonBase::run() { switch (options_.mode()) { case Server::Mode::Serve: server_->run(); return true; case Server::Mode::Validate: { auto local_address = Network::Utility::getLocalAddress(options_.localAddressIpVersion()); return Server::validateConfig(options_, local_address, component_factory_, thread_factory_, file_system_); } case Server::Mode::InitOnly: PERF_DUMP(); return true; } NOT_REACHED_GCOVR_EXCL_LINE; } void MainCommonBase::adminRequest(absl::string_view path_and_query, absl::string_view method, const AdminRequestFn& handler) { std::string path_and_query_buf = std::string(path_and_query); std::string method_buf = std::string(method); server_->dispatcher().post([this, path_and_query_buf, method_buf, handler]() { auto response_headers = Http::ResponseHeaderMapImpl::create(); std::string body; server_->admin().request(path_and_query_buf, method_buf, *response_headers, body); handler(*response_headers, body); }); } MainCommon::MainCommon(int argc, const char* const* argv) : options_(argc, argv, &MainCommon::hotRestartVersion, spdlog::level::info), base_(options_, real_time_system_, default_listener_hooks_, prod_component_factory_, std::make_unique(), platform_impl_.threadFactory(), platform_impl_.fileSystem(), nullptr) {} std::string MainCommon::hotRestartVersion(bool hot_restart_enabled) { #ifdef ENVOY_HOT_RESTART if (hot_restart_enabled) { return Server::HotRestartImpl::hotRestartVersion(); } #else UNREFERENCED_PARAMETER(hot_restart_enabled); #endif return "disabled"; } int MainCommon::main(int argc, char** argv, PostServerHook hook) { #ifndef __APPLE__ // absl::Symbolize mostly works without this, but this improves corner case // handling, such as running in a chroot jail. absl::InitializeSymbolizer(argv[0]); #endif std::unique_ptr main_common; // Initialize the server's main context under a try/catch loop and simply return EXIT_FAILURE // as needed. Whatever code in the initialization path that fails is expected to log an error // message so the user can diagnose. try { main_common = std::make_unique(argc, argv); Envoy::Server::Instance* server = main_common->server(); if (server != nullptr && hook != nullptr) { hook(*server); } } catch (const Envoy::NoServingException& e) { return EXIT_SUCCESS; } catch (const Envoy::MalformedArgvException& e) { std::cerr << e.what() << std::endl; return EXIT_FAILURE; } catch (const Envoy::EnvoyException& e) { std::cerr << e.what() << std::endl; return EXIT_FAILURE; } // Run the server listener loop outside try/catch blocks, so that unexpected exceptions // show up as a core-dumps for easier diagnostics. return main_common->run() ? EXIT_SUCCESS : EXIT_FAILURE; } } // namespace Envoy ================================================ FILE: source/exe/main_common.h ================================================ #pragma once #include "envoy/event/timer.h" #include "envoy/runtime/runtime.h" #include "common/common/thread.h" #include "common/event/real_time_system.h" #include "common/grpc/google_grpc_context.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/thread_local_store.h" #include "common/thread_local/thread_local_impl.h" #include "exe/platform_impl.h" #include "exe/process_wide.h" #include "server/listener_hooks.h" #include "server/options_impl.h" #include "server/server.h" #ifdef ENVOY_HANDLE_SIGNALS #include "common/signal/signal_action.h" #include "exe/terminate_handler.h" #endif namespace Envoy { class ProdComponentFactory : public Server::ComponentFactory { public: // Server::DrainManagerFactory Server::DrainManagerPtr createDrainManager(Server::Instance& server) override; Runtime::LoaderPtr createRuntime(Server::Instance& server, Server::Configuration::Initial& config) override; }; class MainCommonBase { public: // Consumer must guarantee that all passed references are alive until this object is // destructed. MainCommonBase(const OptionsImpl& options, Event::TimeSystem& time_system, ListenerHooks& listener_hooks, Server::ComponentFactory& component_factory, std::unique_ptr&& random_generator, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system, std::unique_ptr process_context); bool run(); // Will be null if options.mode() == Server::Mode::Validate Server::Instance* server() { return server_.get(); } using AdminRequestFn = std::function; // Makes an admin-console request by path, calling handler() when complete. // The caller can initiate this from any thread, but it posts the request // onto the main thread, so the handler is called asynchronously. // // This is designed to be called from downstream consoles, so they can access // the admin console information stream without opening up a network port. // // This should only be called while run() is active; ensuring this is the // responsibility of the caller. // // TODO(jmarantz): consider std::future for encapsulating this delayed request // semantics, rather than a handler callback. void adminRequest(absl::string_view path_and_query, absl::string_view method, const AdminRequestFn& handler); protected: ProcessWide process_wide_; // Process-wide state setup/teardown (excluding grpc). // We instantiate this class regardless of ENVOY_GOOGLE_GRPC, to avoid having // an ifdef in a header file exposed in a C++ library. It is too easy to have // the ifdef be inconsistent across build-system boundaries. Grpc::GoogleGrpcContext google_grpc_context_; const Envoy::OptionsImpl& options_; Server::ComponentFactory& component_factory_; Thread::ThreadFactory& thread_factory_; Filesystem::Instance& file_system_; Stats::SymbolTableImpl symbol_table_; Stats::AllocatorImpl stats_allocator_; ThreadLocal::InstanceImplPtr tls_; std::unique_ptr restarter_; Stats::ThreadLocalStoreImplPtr stats_store_; std::unique_ptr logging_context_; std::unique_ptr init_manager_{std::make_unique("Server")}; std::unique_ptr server_; private: void configureComponentLogLevels(); void configureHotRestarter(Random::RandomGenerator& random_generator); }; // TODO(jmarantz): consider removing this class; I think it'd be more useful to // go through MainCommonBase directly. class MainCommon { public: // Hook to run after a server is created. using PostServerHook = std::function; MainCommon(int argc, const char* const* argv); bool run() { return base_.run(); } // Only tests have a legitimate need for this today. Event::Dispatcher& dispatcherForTest() { return base_.server()->dispatcher(); } // Makes an admin-console request by path, calling handler() when complete. // The caller can initiate this from any thread, but it posts the request // onto the main thread, so the handler is called asynchronously. // // This is designed to be called from downstream consoles, so they can access // the admin console information stream without opening up a network port. // // This should only be called while run() is active; ensuring this is the // responsibility of the caller. void adminRequest(absl::string_view path_and_query, absl::string_view method, const MainCommonBase::AdminRequestFn& handler) { base_.adminRequest(path_and_query, method, handler); } static std::string hotRestartVersion(bool hot_restart_enabled); /** * @return a pointer to the server instance, or nullptr if initialized into * validation mode. */ Server::Instance* server() { return base_.server(); } /** * Instantiates a MainCommon using default factory implements, parses args, * and runs an event loop depending on the mode. * * Note that MainCommonBase can also be directly instantiated, providing the * opportunity to override subsystem implementations for custom * implementations. * * @param argc number of command-line args * @param argv command-line argument array * @param hook optional hook to run after a server is created */ static int main(int argc, char** argv, PostServerHook hook = nullptr); private: #ifdef ENVOY_HANDLE_SIGNALS Envoy::SignalAction handle_sigs_; Envoy::TerminateHandler log_on_terminate_; #endif PlatformImpl platform_impl_; Envoy::OptionsImpl options_; Event::RealTimeSystem real_time_system_; DefaultListenerHooks default_listener_hooks_; ProdComponentFactory prod_component_factory_; MainCommonBase base_; }; } // namespace Envoy ================================================ FILE: source/exe/platform_impl.h ================================================ #pragma once #include "envoy/filesystem/filesystem.h" #include "envoy/thread/thread.h" namespace Envoy { class PlatformImpl { public: PlatformImpl(); ~PlatformImpl(); Thread::ThreadFactory& threadFactory() { return *thread_factory_; } Filesystem::Instance& fileSystem() { return *file_system_; } private: Thread::ThreadFactoryPtr thread_factory_; Filesystem::InstancePtr file_system_; }; } // namespace Envoy ================================================ FILE: source/exe/posix/platform_impl.cc ================================================ #include "common/common/thread_impl.h" #include "common/filesystem/filesystem_impl.h" #include "exe/platform_impl.h" namespace Envoy { PlatformImpl::PlatformImpl() : thread_factory_(std::make_unique()), file_system_(std::make_unique()) {} PlatformImpl::~PlatformImpl() = default; } // namespace Envoy ================================================ FILE: source/exe/process_wide.cc ================================================ #include "exe/process_wide.h" #include "common/common/assert.h" #include "common/event/libevent.h" #include "common/http/http2/nghttp2.h" #include "server/proto_descriptors.h" #include "ares.h" namespace Envoy { namespace { // Static variable to count initialization pairs. For tests like // main_common_test, we need to count to avoid double initialization or // shutdown. uint32_t process_wide_initialized; } // namespace ProcessWide::ProcessWide() : initialization_depth_(process_wide_initialized) { if (process_wide_initialized++ == 0) { ares_library_init(ARES_LIB_INIT_ALL); Event::Libevent::Global::initialize(); Envoy::Server::validateProtoDescriptors(); Http::Http2::initializeNghttp2Logging(); // We do not initialize Google gRPC here -- we instead instantiate // Grpc::GoogleGrpcContext in MainCommon immediately after instantiating // ProcessWide. This is because ProcessWide is instantiated in the unit-test // flow in test/test_runner.h, and grpc_init() instantiates threads which // allocate memory asynchronous to running tests, making it hard to // accurately measure memory consumption, and making unit-test debugging // non-deterministic. See https://github.com/envoyproxy/envoy/issues/8282 // for details. Of course we also need grpc_init called in unit-tests that // test Google gRPC, and the relevant classes must also instantiate // Grpc::GoogleGrpcContext, which allows for nested instantiation. // // It appears that grpc_init() started instantiating threads in grpc 1.22.1, // which was integrated in https://github.com/envoyproxy/envoy/pull/8196, // around the time the flakes in #8282 started being reported. } } ProcessWide::~ProcessWide() { ASSERT(process_wide_initialized > 0); if (--process_wide_initialized == 0) { process_wide_initialized = false; ares_library_cleanup(); } ASSERT(process_wide_initialized == initialization_depth_); } } // namespace Envoy ================================================ FILE: source/exe/process_wide.h ================================================ #pragma once #include namespace Envoy { // Process-wide lifecycle events for global state in third-party dependencies, // e.g. c-ares. There should only ever be a single instance of this. class ProcessWide { public: ProcessWide(); ~ProcessWide(); private: uint32_t initialization_depth_; }; } // namespace Envoy ================================================ FILE: source/exe/terminate_handler.cc ================================================ #include "exe/terminate_handler.h" #include #include "common/common/logger.h" #include "server/backtrace.h" namespace Envoy { std::terminate_handler TerminateHandler::logOnTerminate() const { return std::set_terminate([]() { ENVOY_LOG(critical, "std::terminate called! (possible uncaught exception, see trace)"); BACKTRACE_LOG(); std::abort(); }); } } // namespace Envoy ================================================ FILE: source/exe/terminate_handler.h ================================================ #pragma once #include #include "common/common/logger.h" #include "common/common/non_copyable.h" namespace Envoy { class TerminateHandler : NonCopyable, protected Logger::Loggable { public: TerminateHandler() : previous_terminate_(logOnTerminate()) {} ~TerminateHandler() { std::set_terminate(previous_terminate_); } private: /** * Sets the std::terminate to a function which will log as much of a backtrace as * possible, then call abort. Returns the previous handler. */ std::terminate_handler logOnTerminate() const; const std::terminate_handler previous_terminate_; }; } // namespace Envoy ================================================ FILE: source/exe/win32/platform_impl.cc ================================================ #include "common/common/assert.h" #include "common/common/thread_impl.h" #include "common/filesystem/filesystem_impl.h" #include "exe/platform_impl.h" namespace Envoy { PlatformImpl::PlatformImpl() : thread_factory_(std::make_unique()), file_system_(std::make_unique()) { WSADATA wsa_data; const WORD version_requested = MAKEWORD(2, 2); RELEASE_ASSERT(WSAStartup(version_requested, &wsa_data) == 0, "WSAStartup failed with error"); } PlatformImpl::~PlatformImpl() { ::WSACleanup(); } } // namespace Envoy ================================================ FILE: source/extensions/BUILD ================================================ licenses(["notice"]) # Apache 2 ================================================ FILE: source/extensions/access_loggers/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/access_loggers/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Base class for implementations of AccessLog::Instance. envoy_extension_package() envoy_cc_library( name = "access_log_base", srcs = ["access_log_base.cc"], hdrs = ["access_log_base.h"], deps = [ "//include/envoy/access_log:access_log_interface", "//source/common/access_log:access_log_lib", "//source/common/http:header_map_lib", "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/access_loggers/common/access_log_base.cc ================================================ #include "extensions/access_loggers/common/access_log_base.h" #include "common/http/header_map_impl.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace Common { void ImplBase::log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) { if (!request_headers) { request_headers = Http::StaticEmptyHeaders::get().request_headers.get(); } if (!response_headers) { response_headers = Http::StaticEmptyHeaders::get().response_headers.get(); } if (!response_trailers) { response_trailers = Http::StaticEmptyHeaders::get().response_trailers.get(); } if (filter_ && !filter_->evaluate(stream_info, *request_headers, *response_headers, *response_trailers)) { return; } return emitLog(*request_headers, *response_headers, *response_trailers, stream_info); } } // namespace Common } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/common/access_log_base.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/runtime/runtime.h" #include "envoy/server/access_log_config.h" #include "common/http/header_utility.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace Common { /** * Base implementation of Accesslog::Instance handles common filter logic. */ class ImplBase : public AccessLog::Instance { public: ImplBase(AccessLog::FilterPtr filter) : filter_(std::move(filter)) {} /** * Log a completed request if the underlying AccessLog `filter_` allows it. */ void log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) override; private: /** * Log a completed request. * @param request_headers supplies the incoming request headers after filtering. * @param response_headers supplies response headers. * @param response_trailers supplies response trailers. * @param stream_info supplies additional information about the request not * contained in the request headers. */ virtual void emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) PURE; AccessLog::FilterPtr filter_; }; } // namespace Common } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/file/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Access log implementation that writes to a file. # Public docs: docs/root/configuration/access_log.rst envoy_extension_package() envoy_cc_library( name = "file_access_log_lib", srcs = ["file_access_log_impl.cc"], hdrs = ["file_access_log_impl.h"], # The file based access logger is core code. visibility = ["//visibility:public"], deps = [ "//source/extensions/access_loggers/common:access_log_base", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) determine if this is core or should be cleaned up. extra_visibility = [ "//test:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ ":file_access_log_lib", "//include/envoy/registry", "//source/common/formatter:substitution_format_string_lib", "//source/common/protobuf", "//source/extensions/access_loggers:well_known_names", "@envoy_api//envoy/extensions/access_loggers/file/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/access_loggers/file/config.cc ================================================ #include "extensions/access_loggers/file/config.h" #include #include "envoy/extensions/access_loggers/file/v3/file.pb.h" #include "envoy/extensions/access_loggers/file/v3/file.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "common/formatter/substitution_format_string.h" #include "common/formatter/substitution_formatter.h" #include "common/protobuf/protobuf.h" #include "extensions/access_loggers/file/file_access_log_impl.h" #include "extensions/access_loggers/well_known_names.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace File { AccessLog::InstanceSharedPtr FileAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) { const auto& fal_config = MessageUtil::downcastAndValidate< const envoy::extensions::access_loggers::file::v3::FileAccessLog&>( config, context.messageValidationVisitor()); Formatter::FormatterPtr formatter; switch (fal_config.access_log_format_case()) { case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kFormat: if (fal_config.format().empty()) { formatter = Formatter::SubstitutionFormatUtils::defaultSubstitutionFormatter(); } else { envoy::config::core::v3::SubstitutionFormatString sff_config; sff_config.set_text_format(fal_config.format()); formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config); } break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kJsonFormat: formatter = Formatter::SubstitutionFormatStringUtils::createJsonFormatter( fal_config.json_format(), false, false); break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: kTypedJsonFormat: { envoy::config::core::v3::SubstitutionFormatString sff_config; *sff_config.mutable_json_format() = fal_config.typed_json_format(); formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config); break; } case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kLogFormat: formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format()); break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: ACCESS_LOG_FORMAT_NOT_SET: formatter = Formatter::SubstitutionFormatUtils::defaultSubstitutionFormatter(); break; } return std::make_shared(fal_config.path(), std::move(filter), std::move(formatter), context.accessLogManager()); } ProtobufTypes::MessagePtr FileAccessLogFactory::createEmptyConfigProto() { return ProtobufTypes::MessagePtr{ new envoy::extensions::access_loggers::file::v3::FileAccessLog()}; } std::string FileAccessLogFactory::name() const { return AccessLogNames::get().File; } /** * Static registration for the file access log. @see RegisterFactory. */ REGISTER_FACTORY(FileAccessLogFactory, Server::Configuration::AccessLogInstanceFactory){"envoy.file_access_log"}; } // namespace File } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/file/config.h ================================================ #pragma once #include "envoy/server/access_log_config.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace File { /** * Config registration for the file access log. @see AccessLogInstanceFactory. */ class FileAccessLogFactory : public Server::Configuration::AccessLogInstanceFactory { public: AccessLog::InstanceSharedPtr createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace File } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/file/file_access_log_impl.cc ================================================ #include "extensions/access_loggers/file/file_access_log_impl.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace File { FileAccessLog::FileAccessLog(const std::string& access_log_path, AccessLog::FilterPtr&& filter, Formatter::FormatterPtr&& formatter, AccessLog::AccessLogManager& log_manager) : ImplBase(std::move(filter)), formatter_(std::move(formatter)) { log_file_ = log_manager.createAccessLog(access_log_path); } void FileAccessLog::emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) { log_file_->write(formatter_->format(request_headers, response_headers, response_trailers, stream_info, absl::string_view())); } } // namespace File } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/file/file_access_log_impl.h ================================================ #pragma once #include "common/formatter/substitution_formatter.h" #include "extensions/access_loggers/common/access_log_base.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace File { /** * Access log Instance that writes logs to a file. */ class FileAccessLog : public Common::ImplBase { public: FileAccessLog(const std::string& access_log_path, AccessLog::FilterPtr&& filter, Formatter::FormatterPtr&& formatter, AccessLog::AccessLogManager& log_manager); private: // Common::ImplBase void emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) override; AccessLog::AccessLogFileSharedPtr log_file_; Formatter::FormatterPtr formatter_; }; } // namespace File } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Access log implementation that writes to a gRPC service. # Public docs: TODO(rodaine): Docs needed. envoy_extension_package() envoy_cc_library( name = "config_utils", srcs = ["config_utils.cc"], hdrs = ["config_utils.h"], deps = [ ":grpc_access_log_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//include/envoy/singleton:instance_interface", ], ) envoy_cc_library( name = "grpc_access_log_lib", srcs = ["grpc_access_log_impl.cc"], hdrs = ["grpc_access_log_impl.h"], deps = [ "//include/envoy/grpc:async_client_interface", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/grpc:async_client_lib", "//source/common/grpc:typed_async_client_lib", "//source/common/runtime:runtime_features_lib", "//source/extensions/access_loggers/common:access_log_base", "@envoy_api//envoy/data/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", "@envoy_api//envoy/service/accesslog/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "grpc_access_log_utils", srcs = ["grpc_access_log_utils.cc"], hdrs = ["grpc_access_log_utils.h"], deps = [ "//include/envoy/upstream:upstream_interface", "//source/common/network:utility_lib", "//source/common/stream_info:stream_info_lib", "//source/common/stream_info:utility_lib", "@envoy_api//envoy/data/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "http_grpc_access_log_lib", srcs = ["http_grpc_access_log_impl.cc"], hdrs = ["http_grpc_access_log_impl.h"], deps = [ ":grpc_access_log_lib", ":grpc_access_log_utils", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/data/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "tcp_grpc_access_log_lib", srcs = ["tcp_grpc_access_log_impl.cc"], hdrs = ["tcp_grpc_access_log_impl.h"], deps = [ ":grpc_access_log_lib", ":grpc_access_log_utils", "@envoy_api//envoy/data/accesslog/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "grpc_access_log_proto_descriptors_lib", srcs = ["grpc_access_log_proto_descriptors.cc"], hdrs = ["grpc_access_log_proto_descriptors.h"], deps = [ "//source/common/common:assert_lib", "//source/common/protobuf", ], ) envoy_cc_extension( name = "http_config", srcs = ["http_config.cc"], hdrs = ["http_config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ ":config_utils", "//include/envoy/server:access_log_config_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/grpc:grpc_access_log_proto_descriptors_lib", "//source/extensions/access_loggers/grpc:http_grpc_access_log_lib", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "tcp_config", srcs = ["tcp_config.cc"], hdrs = ["tcp_config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ ":config_utils", "//include/envoy/server:access_log_config_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/grpc:grpc_access_log_proto_descriptors_lib", "//source/extensions/access_loggers/grpc:tcp_grpc_access_log_lib", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/access_loggers/grpc/config_utils.cc ================================================ #include "extensions/access_loggers/grpc/config_utils.h" #include "envoy/singleton/manager.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { // Singleton registration via macro defined in envoy/singleton/manager.h SINGLETON_MANAGER_REGISTRATION(grpc_access_logger_cache); GrpcCommon::GrpcAccessLoggerCacheSharedPtr getGrpcAccessLoggerCacheSingleton(Server::Configuration::FactoryContext& context) { return context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(grpc_access_logger_cache), [&context] { return std::make_shared( context.clusterManager().grpcAsyncClientManager(), context.scope(), context.threadLocal(), context.localInfo()); }); } } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/config_utils.h ================================================ #pragma once #include "envoy/server/filter_config.h" #include "extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { GrpcAccessLoggerCacheSharedPtr getGrpcAccessLoggerCacheSingleton(Server::Configuration::FactoryContext& context); } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_impl.cc ================================================ #include "extensions/access_loggers/grpc/grpc_access_log_impl.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/grpc/typed_async_client.h" #include "common/network/utility.h" #include "common/runtime/runtime_features.h" #include "common/stream_info/utility.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { void GrpcAccessLoggerImpl::LocalStream::onRemoteClose(Grpc::Status::GrpcStatus, const std::string&) { ASSERT(parent_.stream_ != absl::nullopt); if (parent_.stream_->stream_ != nullptr) { // Only reset if we have a stream. Otherwise we had an inline failure and we will clear the // stream data in send(). parent_.stream_.reset(); } } GrpcAccessLoggerImpl::GrpcAccessLoggerImpl( Grpc::RawAsyncClientPtr&& client, std::string log_name, std::chrono::milliseconds buffer_flush_interval_msec, uint64_t max_buffer_size_bytes, Event::Dispatcher& dispatcher, const LocalInfo::LocalInfo& local_info, Stats::Scope& scope, envoy::config::core::v3::ApiVersion transport_api_version) : stats_({ALL_GRPC_ACCESS_LOGGER_STATS( POOL_COUNTER_PREFIX(scope, "access_logs.grpc_access_log."))}), client_(std::move(client)), log_name_(log_name), buffer_flush_interval_msec_(buffer_flush_interval_msec), flush_timer_(dispatcher.createTimer([this]() { flush(); flush_timer_->enableTimer(buffer_flush_interval_msec_); })), max_buffer_size_bytes_(max_buffer_size_bytes), local_info_(local_info), service_method_( Grpc::VersionedMethods("envoy.service.accesslog.v3.AccessLogService.StreamAccessLogs", "envoy.service.accesslog.v2.AccessLogService.StreamAccessLogs") .getMethodDescriptorForVersion(transport_api_version)), transport_api_version_(transport_api_version) { flush_timer_->enableTimer(buffer_flush_interval_msec_); } bool GrpcAccessLoggerImpl::canLogMore() { if (max_buffer_size_bytes_ == 0 || approximate_message_size_bytes_ < max_buffer_size_bytes_) { stats_.logs_written_.inc(); return true; } flush(); if (approximate_message_size_bytes_ < max_buffer_size_bytes_) { stats_.logs_written_.inc(); return true; } if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.disallow_unbounded_access_logs")) { stats_.logs_dropped_.inc(); return false; } stats_.logs_written_.inc(); return true; } void GrpcAccessLoggerImpl::log(envoy::data::accesslog::v3::HTTPAccessLogEntry&& entry) { if (!canLogMore()) { return; } approximate_message_size_bytes_ += entry.ByteSizeLong(); message_.mutable_http_logs()->mutable_log_entry()->Add(std::move(entry)); if (approximate_message_size_bytes_ >= max_buffer_size_bytes_) { flush(); } } void GrpcAccessLoggerImpl::log(envoy::data::accesslog::v3::TCPAccessLogEntry&& entry) { approximate_message_size_bytes_ += entry.ByteSizeLong(); message_.mutable_tcp_logs()->mutable_log_entry()->Add(std::move(entry)); if (approximate_message_size_bytes_ >= max_buffer_size_bytes_) { flush(); } } void GrpcAccessLoggerImpl::flush() { if (!message_.has_http_logs() && !message_.has_tcp_logs()) { // Nothing to flush. return; } if (stream_ == absl::nullopt) { stream_.emplace(*this); } if (stream_->stream_ == nullptr) { stream_->stream_ = client_->start(service_method_, *stream_, Http::AsyncClient::StreamOptions()); auto* identifier = message_.mutable_identifier(); *identifier->mutable_node() = local_info_.node(); identifier->set_log_name(log_name_); } if (stream_->stream_ != nullptr) { if (stream_->stream_->isAboveWriteBufferHighWatermark()) { return; } stream_->stream_->sendMessage(message_, transport_api_version_, false); } else { // Clear out the stream data due to stream creation failure. stream_.reset(); } // Clear the message regardless of the success. approximate_message_size_bytes_ = 0; message_.Clear(); } GrpcAccessLoggerCacheImpl::GrpcAccessLoggerCacheImpl(Grpc::AsyncClientManager& async_client_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, const LocalInfo::LocalInfo& local_info) : async_client_manager_(async_client_manager), scope_(scope), tls_slot_(tls.allocateSlot()), local_info_(local_info) { tls_slot_->set( [](Event::Dispatcher& dispatcher) { return std::make_shared(dispatcher); }); } GrpcAccessLoggerSharedPtr GrpcAccessLoggerCacheImpl::getOrCreateLogger( const envoy::extensions::access_loggers::grpc::v3::CommonGrpcAccessLogConfig& config, GrpcAccessLoggerType logger_type, Stats::Scope& scope) { // TODO(euroelessar): Consider cleaning up loggers. auto& cache = tls_slot_->getTyped(); const auto cache_key = std::make_pair(MessageUtil::hash(config), logger_type); const auto it = cache.access_loggers_.find(cache_key); if (it != cache.access_loggers_.end()) { return it->second; } const Grpc::AsyncClientFactoryPtr factory = async_client_manager_.factoryForGrpcService(config.grpc_service(), scope_, false); const GrpcAccessLoggerSharedPtr logger = std::make_shared( factory->create(), config.log_name(), std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, buffer_flush_interval, 1000)), PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, buffer_size_bytes, 16384), cache.dispatcher_, local_info_, scope, config.transport_api_version()); cache.access_loggers_.emplace(cache_key, logger); return logger; } } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_impl.h ================================================ #pragma once #include #include #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/local_info/local_info.h" #include "envoy/service/accesslog/v3/als.pb.h" #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" #include "common/grpc/typed_async_client.h" #include "extensions/access_loggers/common/access_log_base.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { /** * All stats for the grpc access logger. @see stats_macros.h */ #define ALL_GRPC_ACCESS_LOGGER_STATS(COUNTER) \ COUNTER(logs_written) \ COUNTER(logs_dropped) /** * Wrapper struct for the access log stats. @see stats_macros.h */ struct GrpcAccessLoggerStats { ALL_GRPC_ACCESS_LOGGER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Interface for an access logger. The logger provides abstraction on top of gRPC stream, deals with * reconnects and performs batching. */ class GrpcAccessLogger { public: virtual ~GrpcAccessLogger() = default; /** * Log http access entry. * @param entry supplies the access log to send. */ virtual void log(envoy::data::accesslog::v3::HTTPAccessLogEntry&& entry) PURE; /** * Log tcp access entry. * @param entry supplies the access log to send. */ virtual void log(envoy::data::accesslog::v3::TCPAccessLogEntry&& entry) PURE; }; using GrpcAccessLoggerSharedPtr = std::shared_ptr; enum class GrpcAccessLoggerType { TCP, HTTP }; /** * Interface for an access logger cache. The cache deals with threading and de-duplicates loggers * for the same configuration. */ class GrpcAccessLoggerCache { public: virtual ~GrpcAccessLoggerCache() = default; /** * Get existing logger or create a new one for the given configuration. * @param config supplies the configuration for the logger. * @return GrpcAccessLoggerSharedPtr ready for logging requests. */ virtual GrpcAccessLoggerSharedPtr getOrCreateLogger( const envoy::extensions::access_loggers::grpc::v3::CommonGrpcAccessLogConfig& config, GrpcAccessLoggerType logger_type, Stats::Scope& scope) PURE; }; using GrpcAccessLoggerCacheSharedPtr = std::shared_ptr; class GrpcAccessLoggerImpl : public GrpcAccessLogger { public: GrpcAccessLoggerImpl(Grpc::RawAsyncClientPtr&& client, std::string log_name, std::chrono::milliseconds buffer_flush_interval_msec, uint64_t max_buffer_size_bytes, Event::Dispatcher& dispatcher, const LocalInfo::LocalInfo& local_info, Stats::Scope& scope, envoy::config::core::v3::ApiVersion transport_api_version); // Extensions::AccessLoggers::GrpcCommon::GrpcAccessLogger void log(envoy::data::accesslog::v3::HTTPAccessLogEntry&& entry) override; void log(envoy::data::accesslog::v3::TCPAccessLogEntry&& entry) override; private: struct LocalStream : public Grpc::AsyncStreamCallbacks { LocalStream(GrpcAccessLoggerImpl& parent) : parent_(parent) {} // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) override {} void onReceiveMessage( std::unique_ptr&&) override {} void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) override {} void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; GrpcAccessLoggerImpl& parent_; Grpc::AsyncStream stream_{}; }; void flush(); bool canLogMore(); GrpcAccessLoggerStats stats_; Grpc::AsyncClient client_; const std::string log_name_; const std::chrono::milliseconds buffer_flush_interval_msec_; const Event::TimerPtr flush_timer_; const uint64_t max_buffer_size_bytes_; uint64_t approximate_message_size_bytes_ = 0; envoy::service::accesslog::v3::StreamAccessLogsMessage message_; absl::optional stream_; const LocalInfo::LocalInfo& local_info_; const Protobuf::MethodDescriptor& service_method_; const envoy::config::core::v3::ApiVersion transport_api_version_; }; using GrpcAccessLoggerImplPtr = std::unique_ptr; class GrpcAccessLoggerCacheImpl : public Singleton::Instance, public GrpcAccessLoggerCache { public: GrpcAccessLoggerCacheImpl(Grpc::AsyncClientManager& async_client_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, const LocalInfo::LocalInfo& local_info); GrpcAccessLoggerSharedPtr getOrCreateLogger( const envoy::extensions::access_loggers::grpc::v3::CommonGrpcAccessLogConfig& config, GrpcAccessLoggerType logger_type, Stats::Scope& scope) override; private: /** * Per-thread cache. */ struct ThreadLocalCache : public ThreadLocal::ThreadLocalObject { ThreadLocalCache(Event::Dispatcher& dispatcher) : dispatcher_(dispatcher) {} Event::Dispatcher& dispatcher_; // Access loggers indexed by the hash of logger's configuration and logger type. absl::flat_hash_map, GrpcAccessLoggerSharedPtr> access_loggers_; }; Grpc::AsyncClientManager& async_client_manager_; Stats::Scope& scope_; ThreadLocal::SlotPtr tls_slot_; const LocalInfo::LocalInfo& local_info_; }; using GrpcAccessLoggerCacheImplPtr = std::unique_ptr; } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.cc ================================================ #include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { void validateProtoDescriptors() { const auto method = "envoy.service.accesslog.v2.AccessLogService.StreamAccessLogs"; RELEASE_ASSERT(Protobuf::DescriptorPool::generated_pool()->FindMethodByName(method) != nullptr, ""); }; } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h ================================================ #pragma once namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { // This function validates that the method descriptors for gRPC services and type descriptors that // are referenced in Any messages are available in the descriptor pool. void validateProtoDescriptors(); } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_utils.cc ================================================ #include "extensions/access_loggers/grpc/grpc_access_log_utils.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/upstream/upstream.h" #include "common/network/utility.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { namespace { using namespace envoy::data::accesslog::v3; // Helper function to convert from a BoringSSL textual representation of the // TLS version to the corresponding enum value used in gRPC access logs. TLSProperties_TLSVersion tlsVersionStringToEnum(const std::string& tls_version) { if (tls_version == "TLSv1") { return TLSProperties::TLSv1; } else if (tls_version == "TLSv1.1") { return TLSProperties::TLSv1_1; } else if (tls_version == "TLSv1.2") { return TLSProperties::TLSv1_2; } else if (tls_version == "TLSv1.3") { return TLSProperties::TLSv1_3; } return TLSProperties::VERSION_UNSPECIFIED; } } // namespace void Utility::responseFlagsToAccessLogResponseFlags( envoy::data::accesslog::v3::AccessLogCommon& common_access_log, const StreamInfo::StreamInfo& stream_info) { static_assert(StreamInfo::ResponseFlag::LastFlag == 0x400000, "A flag has been added. Fix this code."); if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::FailedLocalHealthCheck)) { common_access_log.mutable_response_flags()->set_failed_local_healthcheck(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::NoHealthyUpstream)) { common_access_log.mutable_response_flags()->set_no_healthy_upstream(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamRequestTimeout)) { common_access_log.mutable_response_flags()->set_upstream_request_timeout(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::LocalReset)) { common_access_log.mutable_response_flags()->set_local_reset(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamRemoteReset)) { common_access_log.mutable_response_flags()->set_upstream_remote_reset(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamConnectionFailure)) { common_access_log.mutable_response_flags()->set_upstream_connection_failure(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamConnectionTermination)) { common_access_log.mutable_response_flags()->set_upstream_connection_termination(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow)) { common_access_log.mutable_response_flags()->set_upstream_overflow(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::NoRouteFound)) { common_access_log.mutable_response_flags()->set_no_route_found(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::DelayInjected)) { common_access_log.mutable_response_flags()->set_delay_injected(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::FaultInjected)) { common_access_log.mutable_response_flags()->set_fault_injected(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::RateLimited)) { common_access_log.mutable_response_flags()->set_rate_limited(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UnauthorizedExternalService)) { common_access_log.mutable_response_flags()->mutable_unauthorized_details()->set_reason( envoy::data::accesslog::v3::ResponseFlags::Unauthorized::EXTERNAL_SERVICE); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::RateLimitServiceError)) { common_access_log.mutable_response_flags()->set_rate_limit_service_error(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::DownstreamConnectionTermination)) { common_access_log.mutable_response_flags()->set_downstream_connection_termination(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded)) { common_access_log.mutable_response_flags()->set_upstream_retry_limit_exceeded(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::StreamIdleTimeout)) { common_access_log.mutable_response_flags()->set_stream_idle_timeout(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::InvalidEnvoyRequestHeaders)) { common_access_log.mutable_response_flags()->set_invalid_envoy_request_headers(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::DownstreamProtocolError)) { common_access_log.mutable_response_flags()->set_downstream_protocol_error(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::UpstreamMaxStreamDurationReached)) { common_access_log.mutable_response_flags()->set_upstream_max_stream_duration_reached(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::ResponseFromCacheFilter)) { common_access_log.mutable_response_flags()->set_response_from_cache_filter(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::NoFilterConfigFound)) { common_access_log.mutable_response_flags()->set_no_filter_config_found(true); } if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::DurationTimeout)) { common_access_log.mutable_response_flags()->set_duration_timeout(true); } } void Utility::extractCommonAccessLogProperties( envoy::data::accesslog::v3::AccessLogCommon& common_access_log, const StreamInfo::StreamInfo& stream_info, const envoy::extensions::access_loggers::grpc::v3::CommonGrpcAccessLogConfig& config) { // TODO(mattklein123): Populate sample_rate field. if (stream_info.downstreamRemoteAddress() != nullptr) { Network::Utility::addressToProtobufAddress( *stream_info.downstreamRemoteAddress(), *common_access_log.mutable_downstream_remote_address()); } if (stream_info.downstreamDirectRemoteAddress() != nullptr) { Network::Utility::addressToProtobufAddress( *stream_info.downstreamDirectRemoteAddress(), *common_access_log.mutable_downstream_direct_remote_address()); } if (stream_info.downstreamLocalAddress() != nullptr) { Network::Utility::addressToProtobufAddress( *stream_info.downstreamLocalAddress(), *common_access_log.mutable_downstream_local_address()); } if (stream_info.downstreamSslConnection() != nullptr) { auto* tls_properties = common_access_log.mutable_tls_properties(); const Ssl::ConnectionInfoConstSharedPtr downstream_ssl_connection = stream_info.downstreamSslConnection(); tls_properties->set_tls_sni_hostname(stream_info.requestedServerName()); auto* local_properties = tls_properties->mutable_local_certificate_properties(); for (const auto& uri_san : downstream_ssl_connection->uriSanLocalCertificate()) { auto* local_san = local_properties->add_subject_alt_name(); local_san->set_uri(uri_san); } local_properties->set_subject(downstream_ssl_connection->subjectLocalCertificate()); auto* peer_properties = tls_properties->mutable_peer_certificate_properties(); for (const auto& uri_san : downstream_ssl_connection->uriSanPeerCertificate()) { auto* peer_san = peer_properties->add_subject_alt_name(); peer_san->set_uri(uri_san); } peer_properties->set_subject(downstream_ssl_connection->subjectPeerCertificate()); tls_properties->set_tls_session_id(downstream_ssl_connection->sessionId()); tls_properties->set_tls_version( tlsVersionStringToEnum(downstream_ssl_connection->tlsVersion())); auto* local_tls_cipher_suite = tls_properties->mutable_tls_cipher_suite(); local_tls_cipher_suite->set_value(downstream_ssl_connection->ciphersuiteId()); } common_access_log.mutable_start_time()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToTimestamp( std::chrono::duration_cast( stream_info.startTime().time_since_epoch()) .count())); absl::optional dur = stream_info.lastDownstreamRxByteReceived(); if (dur) { common_access_log.mutable_time_to_last_rx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.firstUpstreamTxByteSent(); if (dur) { common_access_log.mutable_time_to_first_upstream_tx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.lastUpstreamTxByteSent(); if (dur) { common_access_log.mutable_time_to_last_upstream_tx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.firstUpstreamRxByteReceived(); if (dur) { common_access_log.mutable_time_to_first_upstream_rx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.lastUpstreamRxByteReceived(); if (dur) { common_access_log.mutable_time_to_last_upstream_rx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.firstDownstreamTxByteSent(); if (dur) { common_access_log.mutable_time_to_first_downstream_tx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } dur = stream_info.lastDownstreamTxByteSent(); if (dur) { common_access_log.mutable_time_to_last_downstream_tx_byte()->MergeFrom( Protobuf::util::TimeUtil::NanosecondsToDuration(dur.value().count())); } if (stream_info.upstreamHost() != nullptr) { Network::Utility::addressToProtobufAddress( *stream_info.upstreamHost()->address(), *common_access_log.mutable_upstream_remote_address()); common_access_log.set_upstream_cluster(stream_info.upstreamHost()->cluster().name()); } if (!stream_info.getRouteName().empty()) { common_access_log.set_route_name(stream_info.getRouteName()); } if (stream_info.upstreamLocalAddress() != nullptr) { Network::Utility::addressToProtobufAddress(*stream_info.upstreamLocalAddress(), *common_access_log.mutable_upstream_local_address()); } responseFlagsToAccessLogResponseFlags(common_access_log, stream_info); if (!stream_info.upstreamTransportFailureReason().empty()) { common_access_log.set_upstream_transport_failure_reason( stream_info.upstreamTransportFailureReason()); } if (stream_info.dynamicMetadata().filter_metadata_size() > 0) { common_access_log.mutable_metadata()->MergeFrom(stream_info.dynamicMetadata()); } for (const auto& key : config.filter_state_objects_to_log()) { if (stream_info.filterState().hasDataWithName(key)) { const auto& obj = stream_info.filterState().getDataReadOnly(key); ProtobufTypes::MessagePtr serialized_proto = obj.serializeAsProto(); if (serialized_proto != nullptr) { auto& filter_state_objects = *common_access_log.mutable_filter_state_objects(); ProtobufWkt::Any& any = filter_state_objects[key]; if (dynamic_cast(serialized_proto.get()) != nullptr) { any.Swap(dynamic_cast(serialized_proto.get())); } else { any.PackFrom(*serialized_proto); } } } } } } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/grpc_access_log_utils.h ================================================ #pragma once #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/stream_info/stream_info.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace GrpcCommon { class Utility { public: static void extractCommonAccessLogProperties( envoy::data::accesslog::v3::AccessLogCommon& common_access_log, const StreamInfo::StreamInfo& stream_info, const envoy::extensions::access_loggers::grpc::v3::CommonGrpcAccessLogConfig& filter_states_to_log); static void responseFlagsToAccessLogResponseFlags( envoy::data::accesslog::v3::AccessLogCommon& common_access_log, const StreamInfo::StreamInfo& stream_info); }; } // namespace GrpcCommon } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/http_config.cc ================================================ #include "extensions/access_loggers/grpc/http_config.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/grpc/async_client_impl.h" #include "common/protobuf/protobuf.h" #include "extensions/access_loggers/grpc/config_utils.h" #include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" #include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "extensions/access_loggers/well_known_names.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace HttpGrpc { AccessLog::InstanceSharedPtr HttpGrpcAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) { GrpcCommon::validateProtoDescriptors(); const auto& proto_config = MessageUtil::downcastAndValidate< const envoy::extensions::access_loggers::grpc::v3::HttpGrpcAccessLogConfig&>( config, context.messageValidationVisitor()); return std::make_shared(std::move(filter), proto_config, context.threadLocal(), GrpcCommon::getGrpcAccessLoggerCacheSingleton(context), context.scope()); } ProtobufTypes::MessagePtr HttpGrpcAccessLogFactory::createEmptyConfigProto() { return std::make_unique(); } std::string HttpGrpcAccessLogFactory::name() const { return AccessLogNames::get().HttpGrpc; } /** * Static registration for the HTTP gRPC access log. @see RegisterFactory. */ REGISTER_FACTORY(HttpGrpcAccessLogFactory, Server::Configuration::AccessLogInstanceFactory){"envoy.http_grpc_access_log"}; } // namespace HttpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/http_config.h ================================================ #pragma once #include #include "envoy/server/access_log_config.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace HttpGrpc { /** * Config registration for the HTTP gRPC access log. @see AccessLogInstanceFactory. */ class HttpGrpcAccessLogFactory : public Server::Configuration::AccessLogInstanceFactory { public: AccessLog::InstanceSharedPtr createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace HttpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/http_grpc_access_log_impl.cc ================================================ #include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "common/common/assert.h" #include "common/http/headers.h" #include "common/network/utility.h" #include "common/stream_info/utility.h" #include "extensions/access_loggers/grpc/grpc_access_log_utils.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace HttpGrpc { Http::RegisterCustomInlineHeader referer_handle(Http::CustomHeaders::get().Referer); HttpGrpcAccessLog::ThreadLocalLogger::ThreadLocalLogger( GrpcCommon::GrpcAccessLoggerSharedPtr logger) : logger_(std::move(logger)) {} HttpGrpcAccessLog::HttpGrpcAccessLog( AccessLog::FilterPtr&& filter, envoy::extensions::access_loggers::grpc::v3::HttpGrpcAccessLogConfig config, ThreadLocal::SlotAllocator& tls, GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache, Stats::Scope& scope) : Common::ImplBase(std::move(filter)), scope_(scope), config_(std::move(config)), tls_slot_(tls.allocateSlot()), access_logger_cache_(std::move(access_logger_cache)) { for (const auto& header : config_.additional_request_headers_to_log()) { request_headers_to_log_.emplace_back(header); } for (const auto& header : config_.additional_response_headers_to_log()) { response_headers_to_log_.emplace_back(header); } for (const auto& header : config_.additional_response_trailers_to_log()) { response_trailers_to_log_.emplace_back(header); } tls_slot_->set([this](Event::Dispatcher&) { return std::make_shared(access_logger_cache_->getOrCreateLogger( config_.common_config(), GrpcCommon::GrpcAccessLoggerType::HTTP, scope_)); }); } void HttpGrpcAccessLog::emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) { // Common log properties. // TODO(mattklein123): Populate sample_rate field. envoy::data::accesslog::v3::HTTPAccessLogEntry log_entry; GrpcCommon::Utility::extractCommonAccessLogProperties(*log_entry.mutable_common_properties(), stream_info, config_.common_config()); if (stream_info.protocol()) { switch (stream_info.protocol().value()) { case Http::Protocol::Http10: log_entry.set_protocol_version(envoy::data::accesslog::v3::HTTPAccessLogEntry::HTTP10); break; case Http::Protocol::Http11: log_entry.set_protocol_version(envoy::data::accesslog::v3::HTTPAccessLogEntry::HTTP11); break; case Http::Protocol::Http2: log_entry.set_protocol_version(envoy::data::accesslog::v3::HTTPAccessLogEntry::HTTP2); break; case Http::Protocol::Http3: log_entry.set_protocol_version(envoy::data::accesslog::v3::HTTPAccessLogEntry::HTTP3); break; } } // HTTP request properties. // TODO(mattklein123): Populate port field. auto* request_properties = log_entry.mutable_request(); if (request_headers.Scheme() != nullptr) { request_properties->set_scheme(std::string(request_headers.getSchemeValue())); } if (request_headers.Host() != nullptr) { request_properties->set_authority(std::string(request_headers.getHostValue())); } if (request_headers.Path() != nullptr) { request_properties->set_path(std::string(request_headers.getPathValue())); } if (request_headers.UserAgent() != nullptr) { request_properties->set_user_agent(std::string(request_headers.getUserAgentValue())); } if (request_headers.getInline(referer_handle.handle()) != nullptr) { request_properties->set_referer( std::string(request_headers.getInlineValue(referer_handle.handle()))); } if (request_headers.ForwardedFor() != nullptr) { request_properties->set_forwarded_for(std::string(request_headers.getForwardedForValue())); } if (request_headers.RequestId() != nullptr) { request_properties->set_request_id(std::string(request_headers.getRequestIdValue())); } if (request_headers.EnvoyOriginalPath() != nullptr) { request_properties->set_original_path(std::string(request_headers.getEnvoyOriginalPathValue())); } request_properties->set_request_headers_bytes(request_headers.byteSize()); request_properties->set_request_body_bytes(stream_info.bytesReceived()); if (request_headers.Method() != nullptr) { envoy::config::core::v3::RequestMethod method = envoy::config::core::v3::METHOD_UNSPECIFIED; envoy::config::core::v3::RequestMethod_Parse(std::string(request_headers.getMethodValue()), &method); request_properties->set_request_method(method); } if (!request_headers_to_log_.empty()) { auto* logged_headers = request_properties->mutable_request_headers(); for (const auto& header : request_headers_to_log_) { const Http::HeaderEntry* entry = request_headers.get(header); if (entry != nullptr) { logged_headers->insert({header.get(), std::string(entry->value().getStringView())}); } } } // HTTP response properties. auto* response_properties = log_entry.mutable_response(); if (stream_info.responseCode()) { response_properties->mutable_response_code()->set_value(stream_info.responseCode().value()); } if (stream_info.responseCodeDetails()) { response_properties->set_response_code_details(stream_info.responseCodeDetails().value()); } response_properties->set_response_headers_bytes(response_headers.byteSize()); response_properties->set_response_body_bytes(stream_info.bytesSent()); if (!response_headers_to_log_.empty()) { auto* logged_headers = response_properties->mutable_response_headers(); for (const auto& header : response_headers_to_log_) { const Http::HeaderEntry* entry = response_headers.get(header); if (entry != nullptr) { logged_headers->insert({header.get(), std::string(entry->value().getStringView())}); } } } if (!response_trailers_to_log_.empty()) { auto* logged_headers = response_properties->mutable_response_trailers(); for (const auto& header : response_trailers_to_log_) { const Http::HeaderEntry* entry = response_trailers.get(header); if (entry != nullptr) { logged_headers->insert({header.get(), std::string(entry->value().getStringView())}); } } } tls_slot_->getTyped().logger_->log(std::move(log_entry)); } } // namespace HttpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h ================================================ #pragma once #include #include #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/local_info/local_info.h" #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" #include "common/grpc/typed_async_client.h" #include "extensions/access_loggers/common/access_log_base.h" #include "extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace HttpGrpc { // TODO(mattklein123): Stats /** * Access log Instance that streams HTTP logs over gRPC. */ class HttpGrpcAccessLog : public Common::ImplBase { public: HttpGrpcAccessLog(AccessLog::FilterPtr&& filter, envoy::extensions::access_loggers::grpc::v3::HttpGrpcAccessLogConfig config, ThreadLocal::SlotAllocator& tls, GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache, Stats::Scope& scope); private: /** * Per-thread cached logger. */ struct ThreadLocalLogger : public ThreadLocal::ThreadLocalObject { ThreadLocalLogger(GrpcCommon::GrpcAccessLoggerSharedPtr logger); const GrpcCommon::GrpcAccessLoggerSharedPtr logger_; }; // Common::ImplBase void emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) override; Stats::Scope& scope_; const envoy::extensions::access_loggers::grpc::v3::HttpGrpcAccessLogConfig config_; const ThreadLocal::SlotPtr tls_slot_; const GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache_; std::vector request_headers_to_log_; std::vector response_headers_to_log_; std::vector response_trailers_to_log_; std::vector filter_states_to_log_; }; using HttpGrpcAccessLogPtr = std::unique_ptr; } // namespace HttpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/tcp_config.cc ================================================ #include "extensions/access_loggers/grpc/tcp_config.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/grpc/async_client_impl.h" #include "common/protobuf/protobuf.h" #include "extensions/access_loggers/grpc/config_utils.h" #include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" #include "extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" #include "extensions/access_loggers/well_known_names.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace TcpGrpc { AccessLog::InstanceSharedPtr TcpGrpcAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) { GrpcCommon::validateProtoDescriptors(); const auto& proto_config = MessageUtil::downcastAndValidate< const envoy::extensions::access_loggers::grpc::v3::TcpGrpcAccessLogConfig&>( config, context.messageValidationVisitor()); return std::make_shared(std::move(filter), proto_config, context.threadLocal(), GrpcCommon::getGrpcAccessLoggerCacheSingleton(context), context.scope()); } ProtobufTypes::MessagePtr TcpGrpcAccessLogFactory::createEmptyConfigProto() { return std::make_unique(); } std::string TcpGrpcAccessLogFactory::name() const { return AccessLogNames::get().TcpGrpc; } /** * Static registration for the TCP gRPC access log. @see RegisterFactory. */ REGISTER_FACTORY(TcpGrpcAccessLogFactory, Server::Configuration::AccessLogInstanceFactory){"envoy.tcp_grpc_access_log"}; } // namespace TcpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/tcp_config.h ================================================ #pragma once #include #include "envoy/server/access_log_config.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace TcpGrpc { /** * Config registration for the TCP gRPC access log. @see AccessLogInstanceFactory. */ class TcpGrpcAccessLogFactory : public Server::Configuration::AccessLogInstanceFactory { public: AccessLog::InstanceSharedPtr createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace TcpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.cc ================================================ #include "extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "common/common/assert.h" #include "common/network/utility.h" #include "common/stream_info/utility.h" #include "extensions/access_loggers/grpc/grpc_access_log_utils.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace TcpGrpc { TcpGrpcAccessLog::ThreadLocalLogger::ThreadLocalLogger(GrpcCommon::GrpcAccessLoggerSharedPtr logger) : logger_(std::move(logger)) {} TcpGrpcAccessLog::TcpGrpcAccessLog( AccessLog::FilterPtr&& filter, envoy::extensions::access_loggers::grpc::v3::TcpGrpcAccessLogConfig config, ThreadLocal::SlotAllocator& tls, GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache, Stats::Scope& scope) : Common::ImplBase(std::move(filter)), scope_(scope), config_(std::move(config)), tls_slot_(tls.allocateSlot()), access_logger_cache_(std::move(access_logger_cache)) { tls_slot_->set([this](Event::Dispatcher&) { return std::make_shared(access_logger_cache_->getOrCreateLogger( config_.common_config(), GrpcCommon::GrpcAccessLoggerType::TCP, scope_)); }); } void TcpGrpcAccessLog::emitLog(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo& stream_info) { // Common log properties. envoy::data::accesslog::v3::TCPAccessLogEntry log_entry; GrpcCommon::Utility::extractCommonAccessLogProperties(*log_entry.mutable_common_properties(), stream_info, config_.common_config()); envoy::data::accesslog::v3::ConnectionProperties& connection_properties = *log_entry.mutable_connection_properties(); connection_properties.set_received_bytes(stream_info.bytesReceived()); connection_properties.set_sent_bytes(stream_info.bytesSent()); // request_properties->set_request_body_bytes(stream_info.bytesReceived()); tls_slot_->getTyped().logger_->log(std::move(log_entry)); } } // namespace TcpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h ================================================ #pragma once #include #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/local_info/local_info.h" #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" #include "common/grpc/typed_async_client.h" #include "extensions/access_loggers/common/access_log_base.h" #include "extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace TcpGrpc { // TODO(mattklein123): Stats /** * Access log Instance that streams TCP logs over gRPC. */ class TcpGrpcAccessLog : public Common::ImplBase { public: TcpGrpcAccessLog(AccessLog::FilterPtr&& filter, envoy::extensions::access_loggers::grpc::v3::TcpGrpcAccessLogConfig config, ThreadLocal::SlotAllocator& tls, GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache, Stats::Scope& scope); private: /** * Per-thread cached logger. */ struct ThreadLocalLogger : public ThreadLocal::ThreadLocalObject { ThreadLocalLogger(GrpcCommon::GrpcAccessLoggerSharedPtr logger); const GrpcCommon::GrpcAccessLoggerSharedPtr logger_; }; // Common::ImplBase void emitLog(const Http::RequestHeaderMap& request_headers, const Http::ResponseHeaderMap& response_headers, const Http::ResponseTrailerMap& response_trailers, const StreamInfo::StreamInfo& stream_info) override; Stats::Scope& scope_; const envoy::extensions::access_loggers::grpc::v3::TcpGrpcAccessLogConfig config_; const ThreadLocal::SlotPtr tls_slot_; const GrpcCommon::GrpcAccessLoggerCacheSharedPtr access_logger_cache_; }; } // namespace TcpGrpc } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # Access log implementation that calls into a WASM VM. envoy_cc_library( name = "wasm_access_log_lib", hdrs = ["wasm_access_log_impl.h"], deps = [ "//include/envoy/access_log:access_log_interface", "//source/common/http:header_map_lib", "//source/extensions/access_loggers:well_known_names", "//source/extensions/common/wasm:wasm_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":wasm_access_log_lib", "//include/envoy/registry", "//include/envoy/server:access_log_config_interface", "//source/common/config:datasource_lib", "//source/common/protobuf", "//source/extensions/access_loggers:well_known_names", "//source/extensions/common/wasm:wasm_lib", "@envoy_api//envoy/extensions/access_loggers/wasm/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/access_loggers/wasm/config.cc ================================================ #include "extensions/access_loggers/wasm/config.h" #include "envoy/extensions/access_loggers/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "common/protobuf/protobuf.h" #include "extensions/access_loggers/wasm/wasm_access_log_impl.h" #include "extensions/access_loggers/well_known_names.h" #include "extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace Wasm { AccessLog::InstanceSharedPtr WasmAccessLogFactory::createAccessLogInstance(const Protobuf::Message& proto_config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) { const auto& config = MessageUtil::downcastAndValidate< const envoy::extensions::access_loggers::wasm::v3::WasmAccessLog&>( proto_config, context.messageValidationVisitor()); auto access_log = std::make_shared(config.config().root_id(), nullptr, std::move(filter)); // Create a base WASM to verify that the code loads before setting/cloning the for the // individual threads. auto plugin = std::make_shared( config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), config.config().vm_config().runtime(), Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr /* listener_metadata */); auto callback = [access_log, &context, plugin](Common::Wasm::WasmHandleSharedPtr base_wasm) { auto tls_slot = context.threadLocal().allocateSlot(); // NB: the Slot set() call doesn't complete inline, so all arguments must outlive this call. tls_slot->set( [base_wasm, plugin](Event::Dispatcher& dispatcher) -> std::shared_ptr { if (!base_wasm) { // There is no way to prevent the connection at this point. The user could choose to use // an HTTP Wasm plugin and only handle onLog() which would correctly close the // connection in onRequestHeaders(). if (!plugin->fail_open_) { ENVOY_LOG(critical, "Plugin configured to fail closed failed to load"); } return nullptr; } return std::static_pointer_cast( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, dispatcher)); }); access_log->setTlsSlot(std::move(tls_slot)); }; if (!Common::Wasm::createWasm( config.config().vm_config(), plugin, context.scope().createScope(""), context.clusterManager(), context.initManager(), context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm access log {}", plugin->name_)); } return access_log; } ProtobufTypes::MessagePtr WasmAccessLogFactory::createEmptyConfigProto() { return ProtobufTypes::MessagePtr{ new envoy::extensions::access_loggers::wasm::v3::WasmAccessLog()}; } std::string WasmAccessLogFactory::name() const { return AccessLogNames::get().Wasm; } /** * Static registration for the wasm access log. @see RegisterFactory. */ REGISTER_FACTORY(WasmAccessLogFactory, Server::Configuration::AccessLogInstanceFactory){"envoy.wasm_access_log"}; } // namespace Wasm } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/wasm/config.h ================================================ #pragma once #include "envoy/server/access_log_config.h" #include "common/config/datasource.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace Wasm { /** * Config registration for the file access log. @see AccessLogInstanceFactory. */ class WasmAccessLogFactory : public Server::Configuration::AccessLogInstanceFactory, Logger::Loggable { public: AccessLog::InstanceSharedPtr createAccessLogInstance(const Protobuf::Message& config, AccessLog::FilterPtr&& filter, Server::Configuration::FactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; private: absl::flat_hash_map convertJsonFormatToMap(ProtobufWkt::Struct config); Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; } // namespace Wasm } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/wasm/wasm_access_log_impl.h ================================================ #pragma once #include "envoy/access_log/access_log.h" #include "common/common/logger.h" #include "extensions/access_loggers/well_known_names.h" #include "extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { namespace Wasm { using Envoy::Extensions::Common::Wasm::WasmHandle; class WasmAccessLog : public AccessLog::Instance { public: WasmAccessLog(absl::string_view root_id, ThreadLocal::SlotPtr tls_slot, AccessLog::FilterPtr filter) : root_id_(root_id), tls_slot_(std::move(tls_slot)), filter_(std::move(filter)) {} void log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) override { if (filter_ && request_headers && response_headers && response_trailers) { if (!filter_->evaluate(stream_info, *request_headers, *response_headers, *response_trailers)) { return; } } if (tls_slot_->get()) { tls_slot_->getTyped().wasm()->log(root_id_, request_headers, response_headers, response_trailers, stream_info); } } void setTlsSlot(ThreadLocal::SlotPtr tls_slot) { ASSERT(tls_slot_ == nullptr); tls_slot_ = std::move(tls_slot); } private: std::string root_id_; ThreadLocal::SlotPtr tls_slot_; AccessLog::FilterPtr filter_; }; } // namespace Wasm } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/access_loggers/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace AccessLoggers { /** * Well-known access logger names. * NOTE: New access loggers should use the well known name: envoy.access_loggers.name. */ class AccessLogNameValues { public: // File access log const std::string File = "envoy.access_loggers.file"; // HTTP gRPC access log const std::string HttpGrpc = "envoy.access_loggers.http_grpc"; // TCP gRPC access log const std::string TcpGrpc = "envoy.access_loggers.tcp_grpc"; // WASM access log const std::string Wasm = "envoy.access_loggers.wasm"; }; using AccessLogNames = ConstSingleton; } // namespace AccessLoggers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/all_extensions.bzl ================================================ load("@bazel_skylib//lib:dicts.bzl", "dicts") load("@envoy_build_config//:extensions_build_config.bzl", "EXTENSIONS") # These extensions are registered using the extension system but are required for the core Envoy build. # The map may be overridden by extensions specified in envoy_build_config. _required_extensions = { "envoy.common.crypto.utility_lib": "//source/extensions/common/crypto:utility_lib", "envoy.transport_sockets.tls": "//source/extensions/transport_sockets/tls:config", } # Return all extensions to be compiled into Envoy. def envoy_all_extensions(denylist = []): all_extensions = dicts.add(_required_extensions, EXTENSIONS) # These extensions can be removed on a site specific basis. return [v for k, v in all_extensions.items() if not k in denylist] # Core extensions needed to run Envoy's integration tests. _core_extensions = [ "envoy.access_loggers.file", "envoy.filters.http.router", "envoy.filters.http.health_check", "envoy.filters.network.http_connection_manager", "envoy.stat_sinks.statsd", "envoy.transport_sockets.raw_buffer", ] # Return all core extensions to be compiled into Envoy. def envoy_all_core_extensions(): all_extensions = dicts.add(_required_extensions, EXTENSIONS) # These extensions can be removed on a site specific basis. return [v for k, v in all_extensions.items() if k in _core_extensions] _http_filter_prefix = "envoy.filters.http" def envoy_all_http_filters(): all_extensions = dicts.add(_required_extensions, EXTENSIONS) return [v for k, v in all_extensions.items() if k.startswith(_http_filter_prefix)] # All network-layer filters are extensions with names that have the following prefix. _network_filter_prefix = "envoy.filters.network" # All thrift filters are extensions with names that have the following prefix. _thrift_filter_prefix = "envoy.filters.thrift" # Return all network-layer filter extensions to be compiled into network-layer filter generic fuzzer. def envoy_all_network_filters(): all_extensions = dicts.add(_required_extensions, EXTENSIONS) return [v for k, v in all_extensions.items() if k.startswith(_network_filter_prefix) or k.startswith(_thrift_filter_prefix)] ================================================ FILE: source/extensions/bootstrap/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # WASM service. envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = [ "config.h", ], security_posture = "unknown", status = "alpha", deps = [ "//include/envoy/registry", "//include/envoy/server:bootstrap_extension_config_interface", "//include/envoy/server:factory_context_interface", "//include/envoy/server:instance_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/common/protobuf:utility_lib", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/bootstrap/wasm/config.cc ================================================ #include "extensions/bootstrap/wasm/config.h" #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "common/protobuf/utility.h" #include "extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { namespace Bootstrap { namespace Wasm { static const std::string INLINE_STRING = ""; void WasmFactory::createWasm(const envoy::extensions::wasm::v3::WasmService& config, Server::Configuration::ServerFactoryContext& context, CreateWasmServiceCallback&& cb) { auto plugin = std::make_shared( config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), config.config().vm_config().runtime(), Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr); bool singleton = config.singleton(); auto callback = [&context, singleton, plugin, cb](Common::Wasm::WasmHandleSharedPtr base_wasm) { if (!base_wasm) { if (plugin->fail_open_) { ENVOY_LOG(error, "Unable to create Wasm service {}", plugin->name_); } else { ENVOY_LOG(critical, "Unable to create Wasm service {}", plugin->name_); } return; } if (singleton) { // Return a Wasm VM which will be stored as a singleton by the Server. cb(std::make_unique( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, context.dispatcher()))); return; } // Per-thread WASM VM. // NB: the Slot set() call doesn't complete inline, so all arguments must outlive this call. auto tls_slot = context.threadLocal().allocateSlot(); tls_slot->set([base_wasm, plugin](Event::Dispatcher& dispatcher) { return std::static_pointer_cast( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, dispatcher)); }); cb(std::make_unique(std::move(tls_slot))); }; if (!Common::Wasm::createWasm( config.config().vm_config(), plugin, context.scope().createScope(""), context.clusterManager(), context.initManager(), context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, std::move(callback))) { // NB: throw if we get a synchronous configuration failures as this is how such failures are // reported to xDS. throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm service {}", plugin->name_)); } } Server::BootstrapExtensionPtr WasmFactory::createBootstrapExtension(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& context) { auto typed_config = MessageUtil::downcastAndValidate( config, context.messageValidationContext().staticValidationVisitor()); auto wasm_service_extension = std::make_unique(); createWasm(typed_config, context, [extension = wasm_service_extension.get()](WasmServicePtr wasm) { extension->wasm_service_ = std::move(wasm); }); return wasm_service_extension; } // /** // * Static registration for the wasm factory. @see RegistryFactory. // */ REGISTER_FACTORY(WasmFactory, Server::Configuration::BootstrapExtensionFactory); } // namespace Wasm } // namespace Bootstrap } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/bootstrap/wasm/config.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/extensions/wasm/v3/wasm.pb.h" #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/server/bootstrap_extension_config.h" #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" #include "common/protobuf/protobuf.h" #include "extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { namespace Bootstrap { namespace Wasm { class WasmService { public: WasmService(Common::Wasm::WasmHandleSharedPtr singleton) : singleton_(std::move(singleton)) {} WasmService(ThreadLocal::SlotPtr tls_slot) : tls_slot_(std::move(tls_slot)) {} private: Common::Wasm::WasmHandleSharedPtr singleton_; ThreadLocal::SlotPtr tls_slot_; }; using WasmServicePtr = std::unique_ptr; using CreateWasmServiceCallback = std::function; class WasmFactory : public Server::Configuration::BootstrapExtensionFactory, Logger::Loggable { public: ~WasmFactory() override = default; std::string name() const override { return "envoy.bootstrap.wasm"; } void createWasm(const envoy::extensions::wasm::v3::WasmService& config, Server::Configuration::ServerFactoryContext& context, CreateWasmServiceCallback&& cb); Server::BootstrapExtensionPtr createBootstrapExtension(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } private: Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; class WasmServiceExtension : public Server::BootstrapExtension { public: WasmService& wasmService() { ASSERT(wasm_service_ != nullptr); return *wasm_service_; } private: WasmServicePtr wasm_service_; friend class WasmFactory; }; } // namespace Wasm } // namespace Bootstrap } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/config:well_known_names", "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/clusters/aggregate/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "cluster", srcs = ["cluster.cc"], hdrs = [ "cluster.h", "lb_context.h", ], security_posture = "requires_trusted_downstream_and_upstream", deps = [ "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:upstream_includes", "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/clusters/aggregate/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/clusters/aggregate/cluster.cc ================================================ #include "extensions/clusters/aggregate/cluster.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Aggregate { Cluster::Cluster(const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::aggregate::v3::ClusterConfig& config, Upstream::ClusterManager& cluster_manager, Runtime::Loader& runtime, Random::RandomGenerator& random, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, ThreadLocal::SlotAllocator& tls, bool added_via_api) : Upstream::ClusterImplBase(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), cluster_manager_(cluster_manager), runtime_(runtime), random_(random), tls_(tls.allocateSlot()), clusters_(config.clusters().begin(), config.clusters().end()) {} PriorityContextPtr Cluster::linearizePrioritySet(const std::function& skip_predicate) { PriorityContextPtr priority_context = std::make_unique(); uint32_t next_priority_after_linearizing = 0; // Linearize the priority set. e.g. for clusters [C_0, C_1, C_2] referred in aggregate cluster // C_0 [P_0, P_1, P_2] // C_1 [P_0, P_1] // C_2 [P_0, P_1, P_2, P_3] // The linearization result is: // [C_0.P_0, C_0.P_1, C_0.P_2, C_1.P_0, C_1.P_1, C_2.P_0, C_2.P_1, C_2.P_2, C_2.P_3] // and the traffic will be distributed among these priorities. for (const auto& cluster : clusters_) { if (skip_predicate(cluster)) { continue; } auto tlc = cluster_manager_.get(cluster); // It is possible that the cluster doesn't exist, e.g., the cluster cloud be deleted or the // cluster hasn't been added by xDS. if (tlc == nullptr) { continue; } uint32_t priority_in_current_cluster = 0; for (const auto& host_set : tlc->prioritySet().hostSetsPerPriority()) { if (!host_set->hosts().empty()) { priority_context->priority_set_.updateHosts( next_priority_after_linearizing, Upstream::HostSetImpl::updateHostsParams(*host_set), host_set->localityWeights(), host_set->hosts(), {}, host_set->overprovisioningFactor()); priority_context->priority_to_cluster_.emplace_back( std::make_pair(priority_in_current_cluster, tlc)); priority_context->cluster_and_priority_to_linearized_priority_[std::make_pair( cluster, priority_in_current_cluster)] = next_priority_after_linearizing; next_priority_after_linearizing++; } priority_in_current_cluster++; } } return priority_context; } void Cluster::startPreInit() { for (const auto& cluster : clusters_) { auto tlc = cluster_manager_.get(cluster); // It is possible when initializing the cluster, the included cluster doesn't exist. e.g., the // cluster could be added dynamically by xDS. if (tlc == nullptr) { continue; } // Add callback for clusters initialized before aggregate cluster. tlc->prioritySet().addMemberUpdateCb( [this, cluster](const Upstream::HostVector&, const Upstream::HostVector&) { ENVOY_LOG(debug, "member update for cluster '{}' in aggregate cluster '{}'", cluster, this->info()->name()); refresh(); }); } refresh(); handle_ = cluster_manager_.addThreadLocalClusterUpdateCallbacks(*this); onPreInitComplete(); } void Cluster::refresh(const std::function& skip_predicate) { // Post the priority set to worker threads. // TODO(mattklein123): Remove "this" capture. tls_->runOnAllThreads([this, skip_predicate, cluster_name = this->info()->name()]( ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { PriorityContextPtr priority_context = linearizePrioritySet(skip_predicate); Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(cluster_name); ASSERT(cluster != nullptr); dynamic_cast(cluster->loadBalancer()) .refresh(std::move(priority_context)); return object; }); } void Cluster::onClusterAddOrUpdate(Upstream::ThreadLocalCluster& cluster) { if (std::find(clusters_.begin(), clusters_.end(), cluster.info()->name()) != clusters_.end()) { ENVOY_LOG(debug, "adding or updating cluster '{}' for aggregate cluster '{}'", cluster.info()->name(), info()->name()); refresh(); cluster.prioritySet().addMemberUpdateCb( [this](const Upstream::HostVector&, const Upstream::HostVector&) { refresh(); }); } } void Cluster::onClusterRemoval(const std::string& cluster_name) { // The onClusterRemoval callback is called before the thread local cluster is removed. There // will be a dangling pointer to the thread local cluster if the deleted cluster is not skipped // when we refresh the load balancer. if (std::find(clusters_.begin(), clusters_.end(), cluster_name) != clusters_.end()) { ENVOY_LOG(debug, "removing cluster '{}' from aggreagte cluster '{}'", cluster_name, info()->name()); refresh([cluster_name](const std::string& c) { return cluster_name == c; }); } } absl::optional AggregateClusterLoadBalancer::LoadBalancerImpl::hostToLinearizedPriority( const Upstream::HostDescription& host) const { auto it = priority_context_.cluster_and_priority_to_linearized_priority_.find( std::make_pair(host.cluster().name(), host.priority())); if (it != priority_context_.cluster_and_priority_to_linearized_priority_.end()) { return it->second; } else { // The HostSet can change due to CDS/EDS updates between retries. return absl::nullopt; } } Upstream::HostConstSharedPtr AggregateClusterLoadBalancer::LoadBalancerImpl::chooseHost(Upstream::LoadBalancerContext* context) { const Upstream::HealthyAndDegradedLoad* priority_loads = nullptr; if (context != nullptr) { priority_loads = &context->determinePriorityLoad( priority_set_, per_priority_load_, [this](const auto& host) { return hostToLinearizedPriority(host); }); } else { priority_loads = &per_priority_load_; } const auto priority_pair = choosePriority(random_.random(), priority_loads->healthy_priority_load_, priority_loads->degraded_priority_load_); AggregateLoadBalancerContext aggregate_context( context, priority_pair.second, priority_context_.priority_to_cluster_[priority_pair.first].first); Upstream::ThreadLocalCluster* cluster = priority_context_.priority_to_cluster_[priority_pair.first].second; return cluster->loadBalancer().chooseHost(&aggregate_context); } Upstream::HostConstSharedPtr AggregateClusterLoadBalancer::chooseHost(Upstream::LoadBalancerContext* context) { if (load_balancer_) { return load_balancer_->chooseHost(context); } return nullptr; } std::pair ClusterFactory::createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::aggregate::v3::ClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { auto new_cluster = std::make_shared(cluster, proto_config, context.clusterManager(), context.runtime(), context.api().randomGenerator(), socket_factory_context, std::move(stats_scope), context.tls(), context.addedViaApi()); auto lb = std::make_unique(*new_cluster); return std::make_pair(new_cluster, std::move(lb)); } REGISTER_FACTORY(ClusterFactory, Upstream::ClusterFactory); } // namespace Aggregate } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/aggregate/cluster.h ================================================ #pragma once #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/upstream_impl.h" #include "extensions/clusters/aggregate/lb_context.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Aggregate { using PriorityToClusterVector = std::vector>; // Maps pair(host_cluster_name, host_priority) to the linearized priority of the Aggregate cluster. using ClusterAndPriorityToLinearizedPriorityMap = absl::flat_hash_map, uint32_t>; struct PriorityContext { Upstream::PrioritySetImpl priority_set_; PriorityToClusterVector priority_to_cluster_; ClusterAndPriorityToLinearizedPriorityMap cluster_and_priority_to_linearized_priority_; }; using PriorityContextPtr = std::unique_ptr; class Cluster : public Upstream::ClusterImplBase, Upstream::ClusterUpdateCallbacks { public: Cluster(const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::aggregate::v3::ClusterConfig& config, Upstream::ClusterManager& cluster_manager, Runtime::Loader& runtime, Random::RandomGenerator& random, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, ThreadLocal::SlotAllocator& tls, bool added_via_api); // Upstream::Cluster Upstream::Cluster::InitializePhase initializePhase() const override { return Upstream::Cluster::InitializePhase::Secondary; } // Upstream::ClusterUpdateCallbacks void onClusterAddOrUpdate(Upstream::ThreadLocalCluster& cluster) override; void onClusterRemoval(const std::string& cluster_name) override; void refresh() { refresh([](const std::string&) { return false; }); } Upstream::ClusterUpdateCallbacksHandlePtr handle_; Upstream::ClusterManager& cluster_manager_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; ThreadLocal::SlotPtr tls_; const std::vector clusters_; private: // Upstream::ClusterImplBase void startPreInit() override; void refresh(const std::function& skip_predicate); PriorityContextPtr linearizePrioritySet(const std::function& skip_predicate); }; // Load balancer used by each worker thread. It will be refreshed when clusters, hosts or priorities // are updated. class AggregateClusterLoadBalancer : public Upstream::LoadBalancer { public: AggregateClusterLoadBalancer( Upstream::ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : stats_(stats), runtime_(runtime), random_(random), common_config_(common_config) {} // Upstream::LoadBalancer Upstream::HostConstSharedPtr chooseHost(Upstream::LoadBalancerContext* context) override; // Prefetching not yet implemented for extensions. Upstream::HostConstSharedPtr peekAnotherHost(Upstream::LoadBalancerContext*) override { return nullptr; } private: // Use inner class to extend LoadBalancerBase. When initializing AggregateClusterLoadBalancer, the // priority set could be empty, we cannot initialize LoadBalancerBase when priority set is empty. class LoadBalancerImpl : public Upstream::LoadBalancerBase { public: LoadBalancerImpl(const PriorityContext& priority_context, Upstream::ClusterStats& stats, Runtime::Loader& runtime, Random::RandomGenerator& random, const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config) : Upstream::LoadBalancerBase(priority_context.priority_set_, stats, runtime, random, common_config), priority_context_(priority_context) {} // Upstream::LoadBalancer Upstream::HostConstSharedPtr chooseHost(Upstream::LoadBalancerContext* context) override; // Prefetching not yet implemented for extensions. Upstream::HostConstSharedPtr peekAnotherHost(Upstream::LoadBalancerContext*) override { return nullptr; } // Upstream::LoadBalancerBase Upstream::HostConstSharedPtr chooseHostOnce(Upstream::LoadBalancerContext*) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } absl::optional hostToLinearizedPriority(const Upstream::HostDescription& host) const; private: const PriorityContext& priority_context_; }; using LoadBalancerImplPtr = std::unique_ptr; LoadBalancerImplPtr load_balancer_; Upstream::ClusterStats& stats_; Runtime::Loader& runtime_; Random::RandomGenerator& random_; const envoy::config::cluster::v3::Cluster::CommonLbConfig& common_config_; PriorityContextPtr priority_context_; public: void refresh(PriorityContextPtr priority_context) { if (!priority_context->priority_set_.hostSetsPerPriority().empty()) { load_balancer_ = std::make_unique(*priority_context, stats_, runtime_, random_, common_config_); } else { load_balancer_ = nullptr; } priority_context_ = std::move(priority_context); } }; // Load balancer factory created by the main thread and will be called in each worker thread to // create the thread local load balancer. struct AggregateLoadBalancerFactory : public Upstream::LoadBalancerFactory { AggregateLoadBalancerFactory(const Cluster& cluster) : cluster_(cluster) {} // Upstream::LoadBalancerFactory Upstream::LoadBalancerPtr create() override { return std::make_unique( cluster_.info()->stats(), cluster_.runtime_, cluster_.random_, cluster_.info()->lbConfig()); } const Cluster& cluster_; }; // Thread aware load balancer created by the main thread. struct AggregateThreadAwareLoadBalancer : public Upstream::ThreadAwareLoadBalancer { AggregateThreadAwareLoadBalancer(const Cluster& cluster) : cluster_(cluster) {} // Upstream::ThreadAwareLoadBalancer Upstream::LoadBalancerFactorySharedPtr factory() override { return std::make_shared(cluster_); } void initialize() override {} const Cluster& cluster_; }; class ClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::extensions::clusters::aggregate::v3::ClusterConfig> { public: ClusterFactory() : ConfigurableClusterFactoryBase(Extensions::Clusters::ClusterTypes::get().Aggregate) {} private: std::pair createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::aggregate::v3::ClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; DECLARE_FACTORY(ClusterFactory); } // namespace Aggregate } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/aggregate/lb_context.h ================================================ #pragma once #include "common/upstream/load_balancer_impl.h" #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Aggregate { // AggregateLoadBalancerContext wraps the load balancer context to re-assign priority load // according the to host priority selected by the aggregate load balancer. class AggregateLoadBalancerContext : public Upstream::LoadBalancerContext { public: AggregateLoadBalancerContext(Upstream::LoadBalancerContext* context, Upstream::LoadBalancerBase::HostAvailability host_availability, uint32_t host_priority) : host_availability_(host_availability), host_priority_(host_priority) { if (context == nullptr) { owned_context_ = std::make_unique(); context_ = owned_context_.get(); } else { context_ = context; } } // Upstream::LoadBalancerContext absl::optional computeHashKey() override { return context_->computeHashKey(); } const Network::Connection* downstreamConnection() const override { return context_->downstreamConnection(); } const Router::MetadataMatchCriteria* metadataMatchCriteria() override { return context_->metadataMatchCriteria(); } const Http::RequestHeaderMap* downstreamHeaders() const override { return context_->downstreamHeaders(); } const Upstream::HealthyAndDegradedLoad& determinePriorityLoad(const Upstream::PrioritySet&, const Upstream::HealthyAndDegradedLoad& original_priority_load, const Upstream::RetryPriority::PriorityMappingFunc&) override { // Re-assign load. Set all traffic to the priority and availability selected in aggregate // cluster. // // Note: context_->determinePriorityLoad() was already called and its result handled in // AggregateClusterLoadBalancer::LoadBalancerImpl::chooseHost(). const size_t priorities = original_priority_load.healthy_priority_load_.get().size(); priority_load_.healthy_priority_load_.get().assign(priorities, 0); priority_load_.degraded_priority_load_.get().assign(priorities, 0); if (host_availability_ == Upstream::LoadBalancerBase::HostAvailability::Healthy) { priority_load_.healthy_priority_load_.get()[host_priority_] = 100; } else { priority_load_.degraded_priority_load_.get()[host_priority_] = 100; } return priority_load_; } bool shouldSelectAnotherHost(const Upstream::Host& host) override { return context_->shouldSelectAnotherHost(host); } uint32_t hostSelectionRetryCount() const override { return context_->hostSelectionRetryCount(); } Network::Socket::OptionsSharedPtr upstreamSocketOptions() const override { return context_->upstreamSocketOptions(); } Network::TransportSocketOptionsSharedPtr upstreamTransportSocketOptions() const override { return context_->upstreamTransportSocketOptions(); } private: Upstream::HealthyAndDegradedLoad priority_load_; std::unique_ptr owned_context_; Upstream::LoadBalancerContext* context_{nullptr}; const Upstream::LoadBalancerBase::HostAvailability host_availability_; const uint32_t host_priority_; }; } // namespace Aggregate } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/dynamic_forward_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "cluster", srcs = ["cluster.cc"], hdrs = ["cluster.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//source/common/network:transport_socket_options_lib", "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:logical_host_lib", "//source/extensions/clusters:well_known_names", "//source/extensions/common/dynamic_forward_proxy:dns_cache_interface", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/clusters/dynamic_forward_proxy/cluster.cc ================================================ #include "extensions/clusters/dynamic_forward_proxy/cluster.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.validate.h" #include "common/network/transport_socket_options_impl.h" #include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace DynamicForwardProxy { Cluster::Cluster( const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig& config, Runtime::Loader& runtime, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, const LocalInfo::LocalInfo& local_info, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api) : Upstream::BaseDynamicClusterImpl(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), dns_cache_manager_(cache_manager_factory.get()), dns_cache_(dns_cache_manager_->getCache(config.dns_cache_config())), update_callbacks_handle_(dns_cache_->addUpdateCallbacks(*this)), local_info_(local_info), host_map_(std::make_shared()) { // Block certain TLS context parameters that don't make sense on a cluster-wide scale. We will // support these parameters dynamically in the future. This is not an exhaustive list of // parameters that don't make sense but should be the most obvious ones that a user might set // in error. if (!cluster.hidden_envoy_deprecated_tls_context().sni().empty() || !cluster.hidden_envoy_deprecated_tls_context() .common_tls_context() .validation_context() .hidden_envoy_deprecated_verify_subject_alt_name() .empty()) { throw EnvoyException( "dynamic_forward_proxy cluster cannot configure 'sni' or 'verify_subject_alt_name'"); } } void Cluster::startPreInit() { // If we are attaching to a pre-populated cache we need to initialize our hosts. auto existing_hosts = dns_cache_->hosts(); if (!existing_hosts.empty()) { std::shared_ptr new_host_map; std::unique_ptr hosts_added; for (const auto& existing_host : existing_hosts) { addOrUpdateWorker(existing_host.first, existing_host.second, new_host_map, hosts_added); } swapAndUpdateMap(new_host_map, *hosts_added, {}); } onPreInitComplete(); } void Cluster::addOrUpdateWorker( const std::string& host, const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr& host_info, std::shared_ptr& new_host_map, std::unique_ptr& hosts_added) { // We should never get a host with no address from the cache. ASSERT(host_info->address() != nullptr); // NOTE: Right now we allow a DNS cache to be shared between multiple clusters. Though we have // connection/request circuit breakers on the cluster, we don't have any way to control the // maximum hosts on a cluster. We currently assume that host data shared via shared pointer is a // marginal memory cost above that already used by connections and requests, so relying on // connection/request circuit breakers is sufficient. We may have to revisit this in the future. HostInfoMapSharedPtr current_map = getCurrentHostMap(); const auto host_map_it = current_map->find(host); if (host_map_it != current_map->end()) { // If we only have an address change, we can do that swap inline without any other updates. // The appropriate R/W locking is in place to allow this. The details of this locking are: // - Hosts are not thread local, they are global. // - We take a read lock when reading the address and a write lock when changing it. // - Address updates are very rare. // - Address reads are only done when a connection is being made and a "real" host // description is created or the host is queried via the admin endpoint. Both of // these operations are relatively rare and the read lock is held for a short period // of time. // // TODO(mattklein123): Right now the dynamic forward proxy / DNS cache works similar to how // logical DNS works, meaning that we only store a single address per // resolution. It would not be difficult to also expose strict DNS // semantics, meaning the cache would expose multiple addresses and the // cluster would create multiple logical hosts based on those addresses. // We will leave this is a follow up depending on need. ASSERT(host_info == host_map_it->second.shared_host_info_); ASSERT(host_map_it->second.shared_host_info_->address() != host_map_it->second.logical_host_->address()); ENVOY_LOG(debug, "updating dfproxy cluster host address '{}'", host); host_map_it->second.logical_host_->setNewAddress(host_info->address(), dummy_lb_endpoint_); return; } ENVOY_LOG(debug, "adding new dfproxy cluster host '{}'", host); if (new_host_map == nullptr) { new_host_map = std::make_shared(*current_map); } const auto emplaced = new_host_map->try_emplace(host, host_info, std::make_shared( info(), host, host_info->address(), dummy_locality_lb_endpoint_, dummy_lb_endpoint_, nullptr)); if (hosts_added == nullptr) { hosts_added = std::make_unique(); } hosts_added->emplace_back(emplaced.first->second.logical_host_); } void Cluster::onDnsHostAddOrUpdate( const std::string& host, const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr& host_info) { std::shared_ptr new_host_map; std::unique_ptr hosts_added; addOrUpdateWorker(host, host_info, new_host_map, hosts_added); if (hosts_added != nullptr) { ASSERT(!new_host_map->empty()); ASSERT(!hosts_added->empty()); // Swap in the new map. This will be picked up when the per-worker LBs are recreated via // the host set update. swapAndUpdateMap(new_host_map, *hosts_added, {}); } } void Cluster::swapAndUpdateMap(const HostInfoMapSharedPtr& new_hosts_map, const Upstream::HostVector& hosts_added, const Upstream::HostVector& hosts_removed) { { absl::WriterMutexLock lock(&host_map_lock_); host_map_ = new_hosts_map; } Upstream::PriorityStateManager priority_state_manager(*this, local_info_, nullptr); priority_state_manager.initializePriorityFor(dummy_locality_lb_endpoint_); for (const auto& host : (*new_hosts_map)) { priority_state_manager.registerHostForPriority(host.second.logical_host_, dummy_locality_lb_endpoint_); } priority_state_manager.updateClusterPrioritySet( 0, std::move(priority_state_manager.priorityState()[0].first), hosts_added, hosts_removed, absl::nullopt, absl::nullopt); } void Cluster::onDnsHostRemove(const std::string& host) { HostInfoMapSharedPtr current_map = getCurrentHostMap(); const auto host_map_it = current_map->find(host); ASSERT(host_map_it != current_map->end()); const auto new_host_map = std::make_shared(*current_map); Upstream::HostVector hosts_removed; hosts_removed.emplace_back(host_map_it->second.logical_host_); new_host_map->erase(host); ENVOY_LOG(debug, "removing dfproxy cluster host '{}'", host); // Swap in the new map. This will be picked up when the per-worker LBs are recreated via // the host set update. swapAndUpdateMap(new_host_map, {}, hosts_removed); } Upstream::HostConstSharedPtr Cluster::LoadBalancer::chooseHost(Upstream::LoadBalancerContext* context) { if (!context) { return nullptr; } absl::string_view host; if (context->downstreamHeaders()) { host = context->downstreamHeaders()->getHostValue(); } else if (context->downstreamConnection()) { host = context->downstreamConnection()->requestedServerName(); } if (host.empty()) { return nullptr; } const auto host_it = host_map_->find(host); if (host_it == host_map_->end()) { return nullptr; } else { host_it->second.shared_host_info_->touch(); return host_it->second.logical_host_; } } std::pair ClusterFactory::createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) { Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactoryImpl cache_manager_factory( context.singletonManager(), context.dispatcher(), context.tls(), context.api().randomGenerator(), context.runtime(), context.stats()); envoy::config::cluster::v3::Cluster cluster_config = cluster; if (cluster_config.has_upstream_http_protocol_options()) { if (!proto_config.allow_insecure_cluster_options() && (!cluster_config.upstream_http_protocol_options().auto_sni() || !cluster_config.upstream_http_protocol_options().auto_san_validation())) { throw EnvoyException( "dynamic_forward_proxy cluster must have auto_sni and auto_san_validation true when " "configured with upstream_http_protocol_options"); } } else { cluster_config.mutable_upstream_http_protocol_options()->set_auto_sni(true); cluster_config.mutable_upstream_http_protocol_options()->set_auto_san_validation(true); } auto new_cluster = std::make_shared( cluster_config, proto_config, context.runtime(), cache_manager_factory, context.localInfo(), socket_factory_context, std::move(stats_scope), context.addedViaApi()); auto lb = std::make_unique(*new_cluster); return std::make_pair(new_cluster, std::move(lb)); } REGISTER_FACTORY(ClusterFactory, Upstream::ClusterFactory); } // namespace DynamicForwardProxy } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/dynamic_forward_proxy/cluster.h ================================================ #pragma once #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.validate.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/logical_host.h" #include "extensions/clusters/well_known_names.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace DynamicForwardProxy { class Cluster : public Upstream::BaseDynamicClusterImpl, public Extensions::Common::DynamicForwardProxy::DnsCache::UpdateCallbacks { public: Cluster(const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig& config, Runtime::Loader& runtime, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, const LocalInfo::LocalInfo& local_info, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api); // Upstream::Cluster Upstream::Cluster::InitializePhase initializePhase() const override { return Upstream::Cluster::InitializePhase::Primary; } // Upstream::ClusterImplBase void startPreInit() override; // Extensions::Common::DynamicForwardProxy::DnsCache::UpdateCallbacks void onDnsHostAddOrUpdate( const std::string& host, const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr& host_info) override; void onDnsHostRemove(const std::string& host) override; private: struct HostInfo { HostInfo(const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr& shared_host_info, const Upstream::LogicalHostSharedPtr& logical_host) : shared_host_info_(shared_host_info), logical_host_(logical_host) {} const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr shared_host_info_; const Upstream::LogicalHostSharedPtr logical_host_; }; using HostInfoMap = absl::flat_hash_map; using HostInfoMapSharedPtr = std::shared_ptr; struct LoadBalancer : public Upstream::LoadBalancer { LoadBalancer(const HostInfoMapSharedPtr& host_map) : host_map_(host_map) {} // Upstream::LoadBalancer Upstream::HostConstSharedPtr chooseHost(Upstream::LoadBalancerContext* context) override; // Prefetching not implemented. Upstream::HostConstSharedPtr peekAnotherHost(Upstream::LoadBalancerContext*) override { return nullptr; } const HostInfoMapSharedPtr host_map_; }; struct LoadBalancerFactory : public Upstream::LoadBalancerFactory { LoadBalancerFactory(Cluster& cluster) : cluster_(cluster) {} // Upstream::LoadBalancerFactory Upstream::LoadBalancerPtr create() override { return std::make_unique(cluster_.getCurrentHostMap()); } Cluster& cluster_; }; struct ThreadAwareLoadBalancer : public Upstream::ThreadAwareLoadBalancer { ThreadAwareLoadBalancer(Cluster& cluster) : cluster_(cluster) {} // Upstream::ThreadAwareLoadBalancer Upstream::LoadBalancerFactorySharedPtr factory() override { return std::make_shared(cluster_); } void initialize() override {} Cluster& cluster_; }; HostInfoMapSharedPtr getCurrentHostMap() { absl::ReaderMutexLock lock(&host_map_lock_); return host_map_; } void addOrUpdateWorker(const std::string& host, const Extensions::Common::DynamicForwardProxy::DnsHostInfoSharedPtr& host_info, std::shared_ptr& new_host_map, std::unique_ptr& hosts_added); void swapAndUpdateMap(const HostInfoMapSharedPtr& new_hosts_map, const Upstream::HostVector& hosts_added, const Upstream::HostVector& hosts_removed); const Extensions::Common::DynamicForwardProxy::DnsCacheManagerSharedPtr dns_cache_manager_; const Extensions::Common::DynamicForwardProxy::DnsCacheSharedPtr dns_cache_; const Extensions::Common::DynamicForwardProxy::DnsCache::AddUpdateCallbacksHandlePtr update_callbacks_handle_; const envoy::config::endpoint::v3::LocalityLbEndpoints dummy_locality_lb_endpoint_; const envoy::config::endpoint::v3::LbEndpoint dummy_lb_endpoint_; const LocalInfo::LocalInfo& local_info_; absl::Mutex host_map_lock_; HostInfoMapSharedPtr host_map_ ABSL_GUARDED_BY(host_map_lock_); friend class ClusterFactory; friend class ClusterTest; }; class ClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig> { public: ClusterFactory() : ConfigurableClusterFactoryBase( Extensions::Clusters::ClusterTypes::get().DynamicForwardProxy) {} private: std::pair createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; DECLARE_FACTORY(ClusterFactory); } // namespace DynamicForwardProxy } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "crc16_lib", srcs = [ "crc16.cc", "crc16.h", ], ) envoy_cc_library( name = "redis_cluster_lb", srcs = [ "redis_cluster_lb.cc", "redis_cluster_lb.h", ], deps = [ ":crc16_lib", "//include/envoy/upstream:thread_local_cluster_interface", "//include/envoy/upstream:upstream_interface", "//source/common/upstream:upstream_includes", "//source/common/upstream:upstream_lib", "//source/extensions/clusters:well_known_names", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:codec_interface", "//source/extensions/filters/network/common/redis:supported_commands_lib", ], ) envoy_cc_extension( name = "redis_cluster", srcs = [ "redis_cluster.cc", "redis_cluster.h", ], security_posture = "requires_trusted_downstream_and_upstream", deps = [ "redis_cluster_lb", "//include/envoy/api:api_interface", "//include/envoy/http:codec_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/upstream:cluster_factory_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/config:datasource_lib", "//source/common/config:metadata_lib", "//source/common/event:dispatcher_lib", "//source/common/json:json_loader_lib", "//source/common/network:utility_lib", "//source/common/singleton:manager_impl_lib", "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:upstream_includes", "//source/common/upstream:upstream_lib", "//source/extensions/clusters:well_known_names", "//source/extensions/common/redis:cluster_refresh_manager_lib", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:client_lib", "//source/extensions/filters/network/common/redis:codec_interface", "//source/extensions/filters/network/common/redis:utility_lib", "//source/extensions/filters/network/redis_proxy:config", "//source/extensions/transport_sockets/raw_buffer:config", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/redis:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/clusters/redis/crc16.cc ================================================ #include "crc16.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { /** * XMODEM CRC16 implementation according to CITT standards. Based on * https://github.com/antirez/redis/blob/unstable/src/crc16.c * Based on (F). * @param key The string to hash. * @return The CRC16 hash code. */ static const uint16_t crc16tab[256] = { 0x0000, 0x1021, 0x2042, 0x3063, 0x4084, 0x50a5, 0x60c6, 0x70e7, 0x8108, 0x9129, 0xa14a, 0xb16b, 0xc18c, 0xd1ad, 0xe1ce, 0xf1ef, 0x1231, 0x0210, 0x3273, 0x2252, 0x52b5, 0x4294, 0x72f7, 0x62d6, 0x9339, 0x8318, 0xb37b, 0xa35a, 0xd3bd, 0xc39c, 0xf3ff, 0xe3de, 0x2462, 0x3443, 0x0420, 0x1401, 0x64e6, 0x74c7, 0x44a4, 0x5485, 0xa56a, 0xb54b, 0x8528, 0x9509, 0xe5ee, 0xf5cf, 0xc5ac, 0xd58d, 0x3653, 0x2672, 0x1611, 0x0630, 0x76d7, 0x66f6, 0x5695, 0x46b4, 0xb75b, 0xa77a, 0x9719, 0x8738, 0xf7df, 0xe7fe, 0xd79d, 0xc7bc, 0x48c4, 0x58e5, 0x6886, 0x78a7, 0x0840, 0x1861, 0x2802, 0x3823, 0xc9cc, 0xd9ed, 0xe98e, 0xf9af, 0x8948, 0x9969, 0xa90a, 0xb92b, 0x5af5, 0x4ad4, 0x7ab7, 0x6a96, 0x1a71, 0x0a50, 0x3a33, 0x2a12, 0xdbfd, 0xcbdc, 0xfbbf, 0xeb9e, 0x9b79, 0x8b58, 0xbb3b, 0xab1a, 0x6ca6, 0x7c87, 0x4ce4, 0x5cc5, 0x2c22, 0x3c03, 0x0c60, 0x1c41, 0xedae, 0xfd8f, 0xcdec, 0xddcd, 0xad2a, 0xbd0b, 0x8d68, 0x9d49, 0x7e97, 0x6eb6, 0x5ed5, 0x4ef4, 0x3e13, 0x2e32, 0x1e51, 0x0e70, 0xff9f, 0xefbe, 0xdfdd, 0xcffc, 0xbf1b, 0xaf3a, 0x9f59, 0x8f78, 0x9188, 0x81a9, 0xb1ca, 0xa1eb, 0xd10c, 0xc12d, 0xf14e, 0xe16f, 0x1080, 0x00a1, 0x30c2, 0x20e3, 0x5004, 0x4025, 0x7046, 0x6067, 0x83b9, 0x9398, 0xa3fb, 0xb3da, 0xc33d, 0xd31c, 0xe37f, 0xf35e, 0x02b1, 0x1290, 0x22f3, 0x32d2, 0x4235, 0x5214, 0x6277, 0x7256, 0xb5ea, 0xa5cb, 0x95a8, 0x8589, 0xf56e, 0xe54f, 0xd52c, 0xc50d, 0x34e2, 0x24c3, 0x14a0, 0x0481, 0x7466, 0x6447, 0x5424, 0x4405, 0xa7db, 0xb7fa, 0x8799, 0x97b8, 0xe75f, 0xf77e, 0xc71d, 0xd73c, 0x26d3, 0x36f2, 0x0691, 0x16b0, 0x6657, 0x7676, 0x4615, 0x5634, 0xd94c, 0xc96d, 0xf90e, 0xe92f, 0x99c8, 0x89e9, 0xb98a, 0xa9ab, 0x5844, 0x4865, 0x7806, 0x6827, 0x18c0, 0x08e1, 0x3882, 0x28a3, 0xcb7d, 0xdb5c, 0xeb3f, 0xfb1e, 0x8bf9, 0x9bd8, 0xabbb, 0xbb9a, 0x4a75, 0x5a54, 0x6a37, 0x7a16, 0x0af1, 0x1ad0, 0x2ab3, 0x3a92, 0xfd2e, 0xed0f, 0xdd6c, 0xcd4d, 0xbdaa, 0xad8b, 0x9de8, 0x8dc9, 0x7c26, 0x6c07, 0x5c64, 0x4c45, 0x3ca2, 0x2c83, 0x1ce0, 0x0cc1, 0xef1f, 0xff3e, 0xcf5d, 0xdf7c, 0xaf9b, 0xbfba, 0x8fd9, 0x9ff8, 0x6e17, 0x7e36, 0x4e55, 0x5e74, 0x2e93, 0x3eb2, 0x0ed1, 0x1ef0}; uint16_t Crc16::crc16(absl::string_view key) { const char* buf = static_cast(key.data()); uint64_t len = key.size(); uint64_t counter; uint16_t crc = 0; for (counter = 0; counter < len; counter++) { crc = (crc << 8) ^ crc16tab[((crc >> 8) ^ *buf++) & 0x00FF]; } return crc; } } // namespace Redis } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/crc16.h ================================================ #pragma once #include #include "absl/strings/ascii.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { class Crc16 { public: /** * XMODEM CRC16 implementation according to CITT standards. * Based on (https://github.com/antirez/redis/blob/unstable/src/crc16.c). * @param key The string to hash. * @return The CRC16 hash code. */ static uint16_t crc16(absl::string_view key); }; } // namespace Redis } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/redis_cluster.cc ================================================ #include "redis_cluster.h" #include "envoy/config/cluster/redis/redis_cluster.pb.h" #include "envoy/config/cluster/redis/redis_cluster.pb.validate.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { namespace { Extensions::NetworkFilters::Common::Redis::Client::DoNothingPoolCallbacks null_pool_callbacks; } // namespace RedisCluster::RedisCluster( const envoy::config::cluster::v3::Cluster& cluster, const envoy::config::cluster::redis::RedisClusterConfig& redis_cluster, NetworkFilters::Common::Redis::Client::ClientFactory& redis_client_factory, Upstream::ClusterManager& cluster_manager, Runtime::Loader& runtime, Api::Api& api, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api, ClusterSlotUpdateCallBackSharedPtr lb_factory) : Upstream::BaseDynamicClusterImpl(cluster, runtime, factory_context, std::move(stats_scope), added_via_api), cluster_manager_(cluster_manager), cluster_refresh_rate_(std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(redis_cluster, cluster_refresh_rate, 5000))), cluster_refresh_timeout_(std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(redis_cluster, cluster_refresh_timeout, 3000))), redirect_refresh_interval_(std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(redis_cluster, redirect_refresh_interval, 5000))), redirect_refresh_threshold_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(redis_cluster, redirect_refresh_threshold, 5)), failure_refresh_threshold_(redis_cluster.failure_refresh_threshold()), host_degraded_refresh_threshold_(redis_cluster.host_degraded_refresh_threshold()), dispatcher_(factory_context.dispatcher()), dns_resolver_(std::move(dns_resolver)), dns_lookup_family_(Upstream::getDnsLookupFamilyFromCluster(cluster)), load_assignment_( cluster.has_load_assignment() ? cluster.load_assignment() : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())), local_info_(factory_context.localInfo()), random_(api.randomGenerator()), redis_discovery_session_(*this, redis_client_factory), lb_factory_(std::move(lb_factory)), auth_username_( NetworkFilters::RedisProxy::ProtocolOptionsConfigImpl::authUsername(info(), api)), auth_password_( NetworkFilters::RedisProxy::ProtocolOptionsConfigImpl::authPassword(info(), api)), cluster_name_(cluster.name()), refresh_manager_(Common::Redis::getClusterRefreshManager( factory_context.singletonManager(), factory_context.dispatcher(), factory_context.clusterManager(), factory_context.api().timeSource())), registration_handle_(refresh_manager_->registerCluster( cluster_name_, redirect_refresh_interval_, redirect_refresh_threshold_, failure_refresh_threshold_, host_degraded_refresh_threshold_, [&]() { redis_discovery_session_.resolve_timer_->enableTimer(std::chrono::milliseconds(0)); })) { const auto& locality_lb_endpoints = load_assignment_.endpoints(); for (const auto& locality_lb_endpoint : locality_lb_endpoints) { for (const auto& lb_endpoint : locality_lb_endpoint.lb_endpoints()) { const auto& host = lb_endpoint.endpoint().address(); dns_discovery_resolve_targets_.emplace_back(new DnsDiscoveryResolveTarget( *this, host.socket_address().address(), host.socket_address().port_value())); } } } void RedisCluster::startPreInit() { for (const DnsDiscoveryResolveTargetPtr& target : dns_discovery_resolve_targets_) { target->startResolveDns(); } } void RedisCluster::updateAllHosts(const Upstream::HostVector& hosts_added, const Upstream::HostVector& hosts_removed, uint32_t current_priority) { Upstream::PriorityStateManager priority_state_manager(*this, local_info_, nullptr); auto locality_lb_endpoint = localityLbEndpoint(); priority_state_manager.initializePriorityFor(locality_lb_endpoint); for (const Upstream::HostSharedPtr& host : hosts_) { if (locality_lb_endpoint.priority() == current_priority) { priority_state_manager.registerHostForPriority(host, locality_lb_endpoint); } } priority_state_manager.updateClusterPrioritySet( current_priority, std::move(priority_state_manager.priorityState()[current_priority].first), hosts_added, hosts_removed, absl::nullopt); } void RedisCluster::onClusterSlotUpdate(ClusterSlotsPtr&& slots) { Upstream::HostVector new_hosts; for (const ClusterSlot& slot : *slots) { new_hosts.emplace_back(new RedisHost(info(), "", slot.primary(), *this, true)); for (auto const& replica : slot.replicas()) { new_hosts.emplace_back(new RedisHost(info(), "", replica, *this, false)); } } absl::node_hash_map updated_hosts; Upstream::HostVector hosts_added; Upstream::HostVector hosts_removed; const bool host_updated = updateDynamicHostList(new_hosts, hosts_, hosts_added, hosts_removed, updated_hosts, all_hosts_); const bool slot_updated = lb_factory_ ? lb_factory_->onClusterSlotUpdate(std::move(slots), updated_hosts) : false; // If slot is updated, call updateAllHosts regardless of if there's new hosts to force // update of the thread local load balancers. if (host_updated || slot_updated) { ASSERT(std::all_of(hosts_.begin(), hosts_.end(), [&](const auto& host) { return host->priority() == localityLbEndpoint().priority(); })); updateAllHosts(hosts_added, hosts_removed, localityLbEndpoint().priority()); } else { info_->stats().update_no_rebuild_.inc(); } all_hosts_ = std::move(updated_hosts); // TODO(hyang): If there is an initialize callback, fire it now. Note that if the // cluster refers to multiple DNS names, this will return initialized after a single // DNS resolution completes. This is not perfect but is easier to code and it is unclear // if the extra complexity is needed so will start with this. onPreInitComplete(); } void RedisCluster::reloadHealthyHostsHelper(const Upstream::HostSharedPtr& host) { if (lb_factory_) { lb_factory_->onHostHealthUpdate(); } if (host && (host->health() == Upstream::Host::Health::Degraded || host->health() == Upstream::Host::Health::Unhealthy)) { refresh_manager_->onHostDegraded(cluster_name_); } ClusterImplBase::reloadHealthyHostsHelper(host); } // DnsDiscoveryResolveTarget RedisCluster::DnsDiscoveryResolveTarget::DnsDiscoveryResolveTarget(RedisCluster& parent, const std::string& dns_address, const uint32_t port) : parent_(parent), dns_address_(dns_address), port_(port) {} RedisCluster::DnsDiscoveryResolveTarget::~DnsDiscoveryResolveTarget() { if (active_query_) { active_query_->cancel(); } // Disable timer for mock tests. if (resolve_timer_) { resolve_timer_->disableTimer(); } } void RedisCluster::DnsDiscoveryResolveTarget::startResolveDns() { ENVOY_LOG(trace, "starting async DNS resolution for {}", dns_address_); active_query_ = parent_.dns_resolver_->resolve( dns_address_, parent_.dns_lookup_family_, [this](Network::DnsResolver::ResolutionStatus status, std::list&& response) -> void { active_query_ = nullptr; ENVOY_LOG(trace, "async DNS resolution complete for {}", dns_address_); if (status == Network::DnsResolver::ResolutionStatus::Failure || response.empty()) { if (status == Network::DnsResolver::ResolutionStatus::Failure) { parent_.info_->stats().update_failure_.inc(); } else { parent_.info_->stats().update_empty_.inc(); } if (!resolve_timer_) { resolve_timer_ = parent_.dispatcher_.createTimer([this]() -> void { startResolveDns(); }); } // if the initial dns resolved to empty, we'll skip the redis discovery phase and // treat it as an empty cluster. parent_.onPreInitComplete(); resolve_timer_->enableTimer(parent_.cluster_refresh_rate_); } else { // Once the DNS resolve the initial set of addresses, call startResolveRedis on // the RedisDiscoverySession. The RedisDiscoverySession will using the "cluster // slots" command for service discovery and slot allocation. All subsequent // discoveries are handled by RedisDiscoverySession and will not use DNS // resolution again. parent_.redis_discovery_session_.registerDiscoveryAddress(std::move(response), port_); parent_.redis_discovery_session_.startResolveRedis(); } }); } // RedisCluster RedisCluster::RedisDiscoverySession::RedisDiscoverySession( Envoy::Extensions::Clusters::Redis::RedisCluster& parent, NetworkFilters::Common::Redis::Client::ClientFactory& client_factory) : parent_(parent), dispatcher_(parent.dispatcher_), resolve_timer_(parent.dispatcher_.createTimer([this]() -> void { startResolveRedis(); })), client_factory_(client_factory), buffer_timeout_(0), redis_command_stats_( NetworkFilters::Common::Redis::RedisCommandStats::createRedisCommandStats( parent_.info()->statsScope().symbolTable())) {} // Convert the cluster slot IP/Port response to and address, return null if the response // does not match the expected type. Network::Address::InstanceConstSharedPtr RedisCluster::RedisDiscoverySession::RedisDiscoverySession::ProcessCluster( const NetworkFilters::Common::Redis::RespValue& value) { if (value.type() != NetworkFilters::Common::Redis::RespType::Array) { return nullptr; } auto& array = value.asArray(); if (array.size() < 2 || array[0].type() != NetworkFilters::Common::Redis::RespType::BulkString || array[1].type() != NetworkFilters::Common::Redis::RespType::Integer) { return nullptr; } try { return Network::Utility::parseInternetAddress(array[0].asString(), array[1].asInteger(), false); } catch (const EnvoyException& ex) { ENVOY_LOG(debug, "Invalid ip address in CLUSTER SLOTS response: {}", ex.what()); return nullptr; } } RedisCluster::RedisDiscoverySession::~RedisDiscoverySession() { if (current_request_) { current_request_->cancel(); current_request_ = nullptr; } // Disable timer for mock tests. if (resolve_timer_) { resolve_timer_->disableTimer(); } while (!client_map_.empty()) { client_map_.begin()->second->client_->close(); } } void RedisCluster::RedisDiscoveryClient::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { auto client_to_delete = parent_.client_map_.find(host_); ASSERT(client_to_delete != parent_.client_map_.end()); parent_.dispatcher_.deferredDelete(std::move(client_to_delete->second->client_)); parent_.client_map_.erase(client_to_delete); } } void RedisCluster::RedisDiscoverySession::registerDiscoveryAddress( std::list&& response, const uint32_t port) { // Since the address from DNS does not have port, we need to make a new address that has // port in it. for (const Network::DnsResponse& res : response) { ASSERT(res.address_ != nullptr); discovery_address_list_.push_back(Network::Utility::getAddressWithPort(*(res.address_), port)); } } void RedisCluster::RedisDiscoverySession::startResolveRedis() { parent_.info_->stats().update_attempt_.inc(); // If a resolution is currently in progress, skip it. if (current_request_) { return; } // If hosts is empty, we haven't received a successful result from the CLUSTER SLOTS call // yet. So, pick a random discovery address from dns and make a request. Upstream::HostSharedPtr host; if (parent_.hosts_.empty()) { const int rand_idx = parent_.random_.random() % discovery_address_list_.size(); auto it = discovery_address_list_.begin(); std::next(it, rand_idx); host = Upstream::HostSharedPtr{new RedisHost(parent_.info(), "", *it, parent_, true)}; } else { const int rand_idx = parent_.random_.random() % parent_.hosts_.size(); host = parent_.hosts_[rand_idx]; } current_host_address_ = host->address()->asString(); RedisDiscoveryClientPtr& client = client_map_[current_host_address_]; if (!client) { client = std::make_unique(*this); client->host_ = current_host_address_; client->client_ = client_factory_.create(host, dispatcher_, *this, redis_command_stats_, parent_.info()->statsScope(), parent_.auth_username_, parent_.auth_password_); client->client_->addConnectionCallbacks(*client); } current_request_ = client->client_->makeRequest(ClusterSlotsRequest::instance_, *this); } void RedisCluster::RedisDiscoverySession::onResponse( NetworkFilters::Common::Redis::RespValuePtr&& value) { current_request_ = nullptr; const uint32_t SlotRangeStart = 0; const uint32_t SlotRangeEnd = 1; const uint32_t SlotPrimary = 2; const uint32_t SlotReplicaStart = 3; // Do nothing if the cluster is empty. if (value->type() != NetworkFilters::Common::Redis::RespType::Array || value->asArray().empty()) { onUnexpectedResponse(value); return; } auto slots = std::make_unique>(); // Loop through the cluster slot response and error checks for each field. for (const NetworkFilters::Common::Redis::RespValue& part : value->asArray()) { if (part.type() != NetworkFilters::Common::Redis::RespType::Array) { onUnexpectedResponse(value); return; } const std::vector& slot_range = part.asArray(); if (slot_range.size() < 3 || slot_range[SlotRangeStart].type() != NetworkFilters::Common::Redis::RespType::Integer || // Start slot range is an // integer. slot_range[SlotRangeEnd].type() != NetworkFilters::Common::Redis::RespType::Integer) { // End slot range is an // integer. onUnexpectedResponse(value); return; } // Field 2: Primary address for slot range auto primary_address = ProcessCluster(slot_range[SlotPrimary]); if (!primary_address) { onUnexpectedResponse(value); return; } slots->emplace_back(slot_range[SlotRangeStart].asInteger(), slot_range[SlotRangeEnd].asInteger(), primary_address); for (auto replica = std::next(slot_range.begin(), SlotReplicaStart); replica != slot_range.end(); ++replica) { auto replica_address = ProcessCluster(*replica); if (!replica_address) { onUnexpectedResponse(value); return; } slots->back().addReplica(std::move(replica_address)); } } parent_.onClusterSlotUpdate(std::move(slots)); resolve_timer_->enableTimer(parent_.cluster_refresh_rate_); } void RedisCluster::RedisDiscoverySession::onUnexpectedResponse( const NetworkFilters::Common::Redis::RespValuePtr& value) { ENVOY_LOG(warn, "Unexpected response to cluster slot command: {}", value->toString()); this->parent_.info_->stats().update_failure_.inc(); resolve_timer_->enableTimer(parent_.cluster_refresh_rate_); } void RedisCluster::RedisDiscoverySession::onFailure() { current_request_ = nullptr; if (!current_host_address_.empty()) { auto client_to_delete = client_map_.find(current_host_address_); client_to_delete->second->client_->close(); } parent_.info()->stats().update_failure_.inc(); resolve_timer_->enableTimer(parent_.cluster_refresh_rate_); } RedisCluster::ClusterSlotsRequest RedisCluster::ClusterSlotsRequest::instance_; std::pair RedisClusterFactory::createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::config::cluster::redis::RedisClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Envoy::Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Envoy::Stats::ScopePtr&& stats_scope) { if (!cluster.has_cluster_type() || cluster.cluster_type().name() != Extensions::Clusters::ClusterTypes::get().Redis) { throw EnvoyException("Redis cluster can only created with redis cluster type."); } // TODO(hyang): This is needed to migrate existing cluster, disallow using other lb_policy // in the future if (cluster.lb_policy() != envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED) { return std::make_pair(std::make_shared( cluster, proto_config, NetworkFilters::Common::Redis::Client::ClientFactoryImpl::instance_, context.clusterManager(), context.runtime(), context.api(), selectDnsResolver(cluster, context), socket_factory_context, std::move(stats_scope), context.addedViaApi(), nullptr), nullptr); } auto lb_factory = std::make_shared(context.api().randomGenerator()); return std::make_pair(std::make_shared( cluster, proto_config, NetworkFilters::Common::Redis::Client::ClientFactoryImpl::instance_, context.clusterManager(), context.runtime(), context.api(), selectDnsResolver(cluster, context), socket_factory_context, std::move(stats_scope), context.addedViaApi(), lb_factory), std::make_unique(lb_factory)); } REGISTER_FACTORY(RedisClusterFactory, Upstream::ClusterFactory); } // namespace Redis } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/redis_cluster.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/config/cluster/redis/redis_cluster.pb.h" #include "envoy/config/cluster/redis/redis_cluster.pb.validate.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/config/typed_metadata.h" #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/http/codec.h" #include "envoy/local_info/local_info.h" #include "envoy/network/dns.h" #include "envoy/runtime/runtime.h" #include "envoy/secret/secret_manager.h" #include "envoy/server/transport_socket_config.h" #include "envoy/singleton/manager.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/health_checker.h" #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" #include "common/common/callback_impl.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/config/datasource.h" #include "common/config/metadata.h" #include "common/config/well_known_names.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "common/stats/isolated_store_impl.h" #include "common/upstream/cluster_factory_impl.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/outlier_detection_impl.h" #include "common/upstream/resource_manager_impl.h" #include "common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/redis_cluster_lb.h" #include "server/transport_socket_config_impl.h" #include "extensions/clusters/well_known_names.h" #include "extensions/common/redis/cluster_refresh_manager_impl.h" #include "extensions/filters/network/common/redis/client.h" #include "extensions/filters/network/common/redis/client_impl.h" #include "extensions/filters/network/common/redis/codec.h" #include "extensions/filters/network/common/redis/utility.h" #include "extensions/filters/network/redis_proxy/config.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { /* * This class implements support for the topology part of `Redis Cluster * `_. Specifically, it allows Envoy to maintain an internal * representation of the topology of a Redis Cluster, and how often the topology should be * refreshed. * * The target Redis Cluster is obtained from the yaml config file as usual, and we choose a random * discovery address from DNS if there are no existing hosts (our startup condition). Otherwise, we * choose a random host from our known set of hosts. Then, against this host we make a topology * request. * * Topology requests are handled by RedisDiscoverySession, which handles the initialization of * the `CLUSTER SLOTS command `_, and the responses and * failure cases. * * Once the topology is fetched from Redis, the cluster will update the * RedisClusterLoadBalancerFactory, which will be used by the redis proxy filter for load balancing * purpose. */ class RedisCluster : public Upstream::BaseDynamicClusterImpl { public: RedisCluster(const envoy::config::cluster::v3::Cluster& cluster, const envoy::config::cluster::redis::RedisClusterConfig& redis_cluster, NetworkFilters::Common::Redis::Client::ClientFactory& client_factory, Upstream::ClusterManager& cluster_manager, Runtime::Loader& runtime, Api::Api& api, Network::DnsResolverSharedPtr dns_resolver, Server::Configuration::TransportSocketFactoryContextImpl& factory_context, Stats::ScopePtr&& stats_scope, bool added_via_api, ClusterSlotUpdateCallBackSharedPtr factory); struct ClusterSlotsRequest : public Extensions::NetworkFilters::Common::Redis::RespValue { public: ClusterSlotsRequest() { type(Extensions::NetworkFilters::Common::Redis::RespType::Array); std::vector values(2); values[0].type(NetworkFilters::Common::Redis::RespType::BulkString); values[0].asString() = "CLUSTER"; values[1].type(NetworkFilters::Common::Redis::RespType::BulkString); values[1].asString() = "SLOTS"; asArray().swap(values); } static ClusterSlotsRequest instance_; }; InitializePhase initializePhase() const override { return InitializePhase::Primary; } private: friend class RedisClusterTest; void startPreInit() override; void updateAllHosts(const Upstream::HostVector& hosts_added, const Upstream::HostVector& hosts_removed, uint32_t priority); void onClusterSlotUpdate(ClusterSlotsPtr&&); void reloadHealthyHostsHelper(const Upstream::HostSharedPtr& host) override; const envoy::config::endpoint::v3::LocalityLbEndpoints& localityLbEndpoint() const { // Always use the first endpoint. return load_assignment_.endpoints()[0]; } const envoy::config::endpoint::v3::LbEndpoint& lbEndpoint() const { // Always use the first endpoint. return localityLbEndpoint().lb_endpoints()[0]; } // A redis node in the Redis cluster. class RedisHost : public Upstream::HostImpl { public: RedisHost(Upstream::ClusterInfoConstSharedPtr cluster, const std::string& hostname, Network::Address::InstanceConstSharedPtr address, RedisCluster& parent, bool primary) : Upstream::HostImpl( cluster, hostname, address, // TODO(zyfjeff): Created through metadata shared pool std::make_shared(parent.lbEndpoint().metadata()), parent.lbEndpoint().load_balancing_weight().value(), parent.localityLbEndpoint().locality(), parent.lbEndpoint().endpoint().health_check_config(), parent.localityLbEndpoint().priority(), parent.lbEndpoint().health_status()), primary_(primary) {} bool isPrimary() const { return primary_; } private: const bool primary_; }; // Resolves the discovery endpoint. struct DnsDiscoveryResolveTarget { DnsDiscoveryResolveTarget(RedisCluster& parent, const std::string& dns_address, const uint32_t port); ~DnsDiscoveryResolveTarget(); void startResolveDns(); RedisCluster& parent_; Network::ActiveDnsQuery* active_query_{}; const std::string dns_address_; const uint32_t port_; Event::TimerPtr resolve_timer_; }; using DnsDiscoveryResolveTargetPtr = std::unique_ptr; struct RedisDiscoverySession; struct RedisDiscoveryClient : public Network::ConnectionCallbacks { RedisDiscoveryClient(RedisDiscoverySession& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} RedisDiscoverySession& parent_; std::string host_; Extensions::NetworkFilters::Common::Redis::Client::ClientPtr client_; }; using RedisDiscoveryClientPtr = std::unique_ptr; struct RedisDiscoverySession : public Extensions::NetworkFilters::Common::Redis::Client::Config, public Extensions::NetworkFilters::Common::Redis::Client::ClientCallbacks { RedisDiscoverySession(RedisCluster& parent, NetworkFilters::Common::Redis::Client::ClientFactory& client_factory); ~RedisDiscoverySession() override; void registerDiscoveryAddress(std::list&& response, const uint32_t port); // Start discovery against a random host from existing hosts void startResolveRedis(); // Extensions::NetworkFilters::Common::Redis::Client::Config bool disableOutlierEvents() const override { return true; } std::chrono::milliseconds opTimeout() const override { // Allow the main Health Check infra to control timeout. return parent_.cluster_refresh_timeout_; } bool enableHashtagging() const override { return false; } bool enableRedirection() const override { return false; } uint32_t maxBufferSizeBeforeFlush() const override { return 0; } std::chrono::milliseconds bufferFlushTimeoutInMs() const override { return buffer_timeout_; } uint32_t maxUpstreamUnknownConnections() const override { return 0; } bool enableCommandStats() const override { return false; } // For any readPolicy other than Primary, the RedisClientFactory will send a READONLY command // when establishing a new connection. Since we're only using this for making the "cluster // slots" commands, the READONLY command is not relevant in this context. We're setting it to // Primary to avoid the additional READONLY command. Extensions::NetworkFilters::Common::Redis::Client::ReadPolicy readPolicy() const override { return Extensions::NetworkFilters::Common::Redis::Client::ReadPolicy::Primary; } // Extensions::NetworkFilters::Common::Redis::Client::ClientCallbacks void onResponse(NetworkFilters::Common::Redis::RespValuePtr&& value) override; void onFailure() override; // Note: Below callback isn't used in topology updates bool onRedirection(NetworkFilters::Common::Redis::RespValuePtr&&, const std::string&, bool) override { return true; } void onUnexpectedResponse(const NetworkFilters::Common::Redis::RespValuePtr&); Network::Address::InstanceConstSharedPtr ProcessCluster(const NetworkFilters::Common::Redis::RespValue& value); RedisCluster& parent_; Event::Dispatcher& dispatcher_; std::string current_host_address_; Extensions::NetworkFilters::Common::Redis::Client::PoolRequest* current_request_{}; absl::node_hash_map client_map_; std::list discovery_address_list_; Event::TimerPtr resolve_timer_; NetworkFilters::Common::Redis::Client::ClientFactory& client_factory_; const std::chrono::milliseconds buffer_timeout_; NetworkFilters::Common::Redis::RedisCommandStatsSharedPtr redis_command_stats_; }; Upstream::ClusterManager& cluster_manager_; const std::chrono::milliseconds cluster_refresh_rate_; const std::chrono::milliseconds cluster_refresh_timeout_; const std::chrono::milliseconds redirect_refresh_interval_; const uint32_t redirect_refresh_threshold_; const uint32_t failure_refresh_threshold_; const uint32_t host_degraded_refresh_threshold_; std::list dns_discovery_resolve_targets_; Event::Dispatcher& dispatcher_; Network::DnsResolverSharedPtr dns_resolver_; Network::DnsLookupFamily dns_lookup_family_; const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_; const LocalInfo::LocalInfo& local_info_; Random::RandomGenerator& random_; RedisDiscoverySession redis_discovery_session_; const ClusterSlotUpdateCallBackSharedPtr lb_factory_; Upstream::HostVector hosts_; Upstream::HostMap all_hosts_; const std::string auth_username_; const std::string auth_password_; const std::string cluster_name_; const Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager_; const Common::Redis::ClusterRefreshManager::HandlePtr registration_handle_; }; class RedisClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::config::cluster::redis::RedisClusterConfig> { public: RedisClusterFactory() : ConfigurableClusterFactoryBase(Extensions::Clusters::ClusterTypes::get().Redis) {} private: friend class RedisClusterTest; std::pair createClusterWithConfig( const envoy::config::cluster::v3::Cluster& cluster, const envoy::config::cluster::redis::RedisClusterConfig& proto_config, Upstream::ClusterFactoryContext& context, Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Stats::ScopePtr&& stats_scope) override; }; } // namespace Redis } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/redis_cluster_lb.cc ================================================ #include "redis_cluster_lb.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { bool ClusterSlot::operator==(const Envoy::Extensions::Clusters::Redis::ClusterSlot& rhs) const { return start_ == rhs.start_ && end_ == rhs.end_ && primary_ == rhs.primary_ && replicas_ == rhs.replicas_; } // RedisClusterLoadBalancerFactory bool RedisClusterLoadBalancerFactory::onClusterSlotUpdate(ClusterSlotsPtr&& slots, Envoy::Upstream::HostMap all_hosts) { // The slots is sorted, allowing for a quick comparison to make sure we need to update the slot // array sort based on start and end to enable efficient comparison std::sort( slots->begin(), slots->end(), [](const ClusterSlot& lhs, const ClusterSlot& rhs) -> bool { return lhs.start() < rhs.start() || (!(lhs.start() < rhs.start()) && lhs.end() < rhs.end()); }); if (current_cluster_slot_ && *current_cluster_slot_ == *slots) { return false; } auto updated_slots = std::make_shared(); auto shard_vector = std::make_shared>(); absl::flat_hash_map shards; for (const ClusterSlot& slot : *slots) { // look in the updated map const std::string primary_address = slot.primary()->asString(); auto result = shards.try_emplace(primary_address, shard_vector->size()); if (result.second) { auto primary_host = all_hosts.find(primary_address); ASSERT(primary_host != all_hosts.end(), "we expect all address to be found in the updated_hosts"); Upstream::HostVectorSharedPtr primary_and_replicas = std::make_shared(); Upstream::HostVectorSharedPtr replicas = std::make_shared(); primary_and_replicas->push_back(primary_host->second); for (auto const& replica : slot.replicas()) { auto replica_host = all_hosts.find(replica->asString()); ASSERT(replica_host != all_hosts.end(), "we expect all address to be found in the updated_hosts"); replicas->push_back(replica_host->second); primary_and_replicas->push_back(replica_host->second); } shard_vector->emplace_back( std::make_shared(primary_host->second, replicas, primary_and_replicas)); } for (auto i = slot.start(); i <= slot.end(); ++i) { updated_slots->at(i) = result.first->second; } } { absl::WriterMutexLock lock(&mutex_); current_cluster_slot_ = std::move(slots); slot_array_ = std::move(updated_slots); shard_vector_ = std::move(shard_vector); } return true; } void RedisClusterLoadBalancerFactory::onHostHealthUpdate() { ShardVectorSharedPtr current_shard_vector; { absl::ReaderMutexLock lock(&mutex_); current_shard_vector = shard_vector_; } // This can get called by cluster initialization before the Redis Cluster topology is resolved. if (!current_shard_vector) { return; } auto shard_vector = std::make_shared>(); for (auto const& shard : *current_shard_vector) { shard_vector->emplace_back(std::make_shared( shard->primary(), shard->replicas().hostsPtr(), shard->allHosts().hostsPtr())); } { absl::WriterMutexLock lock(&mutex_); shard_vector_ = std::move(shard_vector); } } Upstream::LoadBalancerPtr RedisClusterLoadBalancerFactory::create() { absl::ReaderMutexLock lock(&mutex_); return std::make_unique(slot_array_, shard_vector_, random_); } namespace { Upstream::HostConstSharedPtr chooseRandomHost(const Upstream::HostSetImpl& host_set, Random::RandomGenerator& random) { auto hosts = host_set.healthyHosts(); if (hosts.empty()) { hosts = host_set.degradedHosts(); } if (hosts.empty()) { hosts = host_set.hosts(); } if (!hosts.empty()) { return hosts[random.random() % hosts.size()]; } else { return nullptr; } } } // namespace Upstream::HostConstSharedPtr RedisClusterLoadBalancerFactory::RedisClusterLoadBalancer::chooseHost( Envoy::Upstream::LoadBalancerContext* context) { if (!slot_array_) { return nullptr; } absl::optional hash; if (context) { hash = context->computeHashKey(); } if (!hash) { return nullptr; } auto shard = shard_vector_->at( slot_array_->at(hash.value() % Envoy::Extensions::Clusters::Redis::MaxSlot)); auto redis_context = dynamic_cast(context); if (redis_context && redis_context->isReadCommand()) { switch (redis_context->readPolicy()) { case NetworkFilters::Common::Redis::Client::ReadPolicy::Primary: return shard->primary(); case NetworkFilters::Common::Redis::Client::ReadPolicy::PreferPrimary: if (shard->primary()->health() == Upstream::Host::Health::Healthy) { return shard->primary(); } else { return chooseRandomHost(shard->allHosts(), random_); } case NetworkFilters::Common::Redis::Client::ReadPolicy::Replica: return chooseRandomHost(shard->replicas(), random_); case NetworkFilters::Common::Redis::Client::ReadPolicy::PreferReplica: if (!shard->replicas().healthyHosts().empty()) { return chooseRandomHost(shard->replicas(), random_); } else { return chooseRandomHost(shard->allHosts(), random_); } case NetworkFilters::Common::Redis::Client::ReadPolicy::Any: return chooseRandomHost(shard->allHosts(), random_); } } return shard->primary(); } bool RedisLoadBalancerContextImpl::isReadRequest( const NetworkFilters::Common::Redis::RespValue& request) { const NetworkFilters::Common::Redis::RespValue* command = nullptr; if (request.type() == NetworkFilters::Common::Redis::RespType::Array) { command = &(request.asArray()[0]); } else if (request.type() == NetworkFilters::Common::Redis::RespType::CompositeArray) { command = request.asCompositeArray().command(); } if (!command) { return false; } if (command->type() != NetworkFilters::Common::Redis::RespType::SimpleString && command->type() != NetworkFilters::Common::Redis::RespType::BulkString) { return false; } std::string to_lower_string = absl::AsciiStrToLower(command->asString()); return NetworkFilters::Common::Redis::SupportedCommands::isReadCommand(to_lower_string); } RedisLoadBalancerContextImpl::RedisLoadBalancerContextImpl( const std::string& key, bool enabled_hashtagging, bool is_redis_cluster, const NetworkFilters::Common::Redis::RespValue& request, NetworkFilters::Common::Redis::Client::ReadPolicy read_policy) : hash_key_(is_redis_cluster ? Crc16::crc16(hashtag(key, true)) : MurmurHash::murmurHash2(hashtag(key, enabled_hashtagging))), is_read_(isReadRequest(request)), read_policy_(read_policy) {} // Inspired by the redis-cluster hashtagging algorithm // https://redis.io/topics/cluster-spec#keys-hash-tags absl::string_view RedisLoadBalancerContextImpl::hashtag(absl::string_view v, bool enabled) { if (!enabled) { return v; } auto start = v.find('{'); if (start == std::string::npos) { return v; } auto end = v.find('}', start); if (end == std::string::npos || end == start + 1) { return v; } return v.substr(start + 1, end - start - 1); } } // namespace Redis } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/clusters/redis/redis_cluster_lb.h ================================================ #pragma once #include #include #include #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" #include "common/network/address_impl.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/crc16.h" #include "extensions/clusters/well_known_names.h" #include "extensions/filters/network/common/redis/client.h" #include "extensions/filters/network/common/redis/codec.h" #include "extensions/filters/network/common/redis/supported_commands.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Extensions { namespace Clusters { namespace Redis { static const uint64_t MaxSlot = 16384; class ClusterSlot { public: ClusterSlot(int64_t start, int64_t end, Network::Address::InstanceConstSharedPtr primary) : start_(start), end_(end), primary_(std::move(primary)) {} int64_t start() const { return start_; } int64_t end() const { return end_; } Network::Address::InstanceConstSharedPtr primary() const { return primary_; } const absl::flat_hash_set& replicas() const { return replicas_; } void addReplica(Network::Address::InstanceConstSharedPtr replica_address) { replicas_.insert(std::move(replica_address)); } bool operator==(const ClusterSlot& rhs) const; private: int64_t start_; int64_t end_; Network::Address::InstanceConstSharedPtr primary_; absl::flat_hash_set replicas_; }; using ClusterSlotsPtr = std::unique_ptr>; using ClusterSlotsSharedPtr = std::shared_ptr>; class RedisLoadBalancerContext { public: virtual ~RedisLoadBalancerContext() = default; virtual bool isReadCommand() const PURE; virtual NetworkFilters::Common::Redis::Client::ReadPolicy readPolicy() const PURE; }; class RedisLoadBalancerContextImpl : public RedisLoadBalancerContext, public Upstream::LoadBalancerContextBase { public: /** * The load balancer context for Redis requests. Note that is_redis_cluster implies using Redis * cluster which require us to always enable hashtagging. * @param key specify the key for the Redis request. * @param enabled_hashtagging specify whether to enable hashtagging, this will always be true if * is_redis_cluster is true. * @param is_redis_cluster specify whether this is a request for redis cluster, if true the key * will be hashed using crc16. * @param request specify the Redis request. * @param read_policy specify the read policy. */ RedisLoadBalancerContextImpl(const std::string& key, bool enabled_hashtagging, bool is_redis_cluster, const NetworkFilters::Common::Redis::RespValue& request, NetworkFilters::Common::Redis::Client::ReadPolicy read_policy = NetworkFilters::Common::Redis::Client::ReadPolicy::Primary); // Upstream::LoadBalancerContextBase absl::optional computeHashKey() override { return hash_key_; } bool isReadCommand() const override { return is_read_; } NetworkFilters::Common::Redis::Client::ReadPolicy readPolicy() const override { return read_policy_; } private: absl::string_view hashtag(absl::string_view v, bool enabled); static bool isReadRequest(const NetworkFilters::Common::Redis::RespValue& request); const absl::optional hash_key_; const bool is_read_; const NetworkFilters::Common::Redis::Client::ReadPolicy read_policy_; }; class ClusterSlotUpdateCallBack { public: virtual ~ClusterSlotUpdateCallBack() = default; /** * Callback when cluster slot is updated * @param slots provides the updated cluster slots. * @param all_hosts provides the updated hosts. * @return indicate if the cluster slot is updated or not. */ virtual bool onClusterSlotUpdate(ClusterSlotsPtr&& slots, Upstream::HostMap all_hosts) PURE; /** * Callback when a host's health status is updated */ virtual void onHostHealthUpdate() PURE; }; using ClusterSlotUpdateCallBackSharedPtr = std::shared_ptr; /** * This factory is created and returned by RedisCluster's factory() method, the create() method will * be called on each thread to create a thread local RedisClusterLoadBalancer. */ class RedisClusterLoadBalancerFactory : public ClusterSlotUpdateCallBack, public Upstream::LoadBalancerFactory { public: RedisClusterLoadBalancerFactory(Random::RandomGenerator& random) : random_(random) {} // ClusterSlotUpdateCallBack bool onClusterSlotUpdate(ClusterSlotsPtr&& slots, Upstream::HostMap all_hosts) override; void onHostHealthUpdate() override; // Upstream::LoadBalancerFactory Upstream::LoadBalancerPtr create() override; private: class RedisShard { public: RedisShard(Upstream::HostConstSharedPtr primary, Upstream::HostVectorConstSharedPtr replicas, Upstream::HostVectorConstSharedPtr all_hosts) : primary_(std::move(primary)) { replicas_.updateHosts(Upstream::HostSetImpl::partitionHosts( std::move(replicas), Upstream::HostsPerLocalityImpl::empty()), nullptr, {}, {}); all_hosts_.updateHosts(Upstream::HostSetImpl::partitionHosts( std::move(all_hosts), Upstream::HostsPerLocalityImpl::empty()), nullptr, {}, {}); } const Upstream::HostConstSharedPtr primary() const { return primary_; } const Upstream::HostSetImpl& replicas() const { return replicas_; } const Upstream::HostSetImpl& allHosts() const { return all_hosts_; } private: const Upstream::HostConstSharedPtr primary_; Upstream::HostSetImpl replicas_{0, absl::nullopt}; Upstream::HostSetImpl all_hosts_{0, absl::nullopt}; }; using RedisShardSharedPtr = std::shared_ptr; using ShardVectorSharedPtr = std::shared_ptr>; using SlotArray = std::array; using SlotArraySharedPtr = std::shared_ptr; /* * This class implements load balancing according to `Redis Cluster * `_. This load balancer is thread local and created * through the RedisClusterLoadBalancerFactory by the cluster manager. * * The topology is stored in slot_array_ and shard_vector_. According to the * `Redis Cluster Spec ; } // namespace Clusters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "utility_lib", hdrs = ["utility.h"], # Legacy. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ "//include/envoy/runtime:runtime_interface", "//source/common/common:documentation_url_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", ], ) ================================================ FILE: source/extensions/common/aws/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "signer_interface", hdrs = ["signer.h"], deps = [ "//include/envoy/http:message_interface", ], ) envoy_cc_library( name = "signer_impl_lib", srcs = ["signer_impl.cc"], hdrs = ["signer_impl.h"], deps = [ ":credentials_provider_interface", ":signer_interface", ":utility_lib", "//source/common/buffer:buffer_lib", "//source/common/common:hex_lib", "//source/common/common:logger_lib", "//source/common/common:utility_lib", "//source/common/crypto:utility_lib", "//source/common/http:headers_lib", "//source/common/singleton:const_singleton", "//source/extensions/common/crypto:utility_lib", ], ) envoy_cc_library( name = "credentials_provider_interface", hdrs = ["credentials_provider.h"], external_deps = ["abseil_optional"], ) envoy_cc_library( name = "credentials_provider_impl_lib", srcs = ["credentials_provider_impl.cc"], hdrs = ["credentials_provider_impl.h"], external_deps = ["abseil_time"], deps = [ ":credentials_provider_interface", "//include/envoy/api:api_interface", "//source/common/common:logger_lib", "//source/common/common:thread_lib", "//source/common/http:utility_lib", "//source/common/json:json_loader_lib", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = ["curl"], deps = [ "//source/common/common:utility_lib", "//source/common/http:headers_lib", ], ) envoy_cc_library( name = "region_provider_interface", hdrs = ["region_provider.h"], external_deps = ["abseil_optional"], ) envoy_cc_library( name = "region_provider_impl_lib", srcs = ["region_provider_impl.cc"], hdrs = ["region_provider_impl.h"], deps = [ ":region_provider_interface", "//source/common/common:logger_lib", ], ) ================================================ FILE: source/extensions/common/aws/credentials_provider.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { /** * AWS credentials container * * If a credential component was not found in the execution environment, it's getter method will * return absl::nullopt. Credential components with the empty string value are treated as not found. */ class Credentials { public: Credentials(absl::string_view access_key_id = absl::string_view(), absl::string_view secret_access_key = absl::string_view(), absl::string_view session_token = absl::string_view()) { if (!access_key_id.empty()) { access_key_id_ = std::string(access_key_id); if (!secret_access_key.empty()) { secret_access_key_ = std::string(secret_access_key); if (!session_token.empty()) { session_token_ = std::string(session_token); } } } } const absl::optional& accessKeyId() const { return access_key_id_; } const absl::optional& secretAccessKey() const { return secret_access_key_; } const absl::optional& sessionToken() const { return session_token_; } bool operator==(const Credentials& other) const { return access_key_id_ == other.access_key_id_ && secret_access_key_ == other.secret_access_key_ && session_token_ == other.session_token_; } private: absl::optional access_key_id_; absl::optional secret_access_key_; absl::optional session_token_; }; /** * Interface for classes able to fetch AWS credentials from the execution environment. */ class CredentialsProvider { public: virtual ~CredentialsProvider() = default; /** * Get credentials from the environment. * * @return AWS credentials */ virtual Credentials getCredentials() PURE; }; using CredentialsProviderSharedPtr = std::shared_ptr; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/credentials_provider_impl.cc ================================================ #include "extensions/common/aws/credentials_provider_impl.h" #include "envoy/common/exception.h" #include "common/common/lock_guard.h" #include "common/http/utility.h" #include "common/json/json_loader.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { namespace { constexpr char AWS_ACCESS_KEY_ID[] = "AWS_ACCESS_KEY_ID"; constexpr char AWS_SECRET_ACCESS_KEY[] = "AWS_SECRET_ACCESS_KEY"; constexpr char AWS_SESSION_TOKEN[] = "AWS_SESSION_TOKEN"; constexpr char ACCESS_KEY_ID[] = "AccessKeyId"; constexpr char SECRET_ACCESS_KEY[] = "SecretAccessKey"; constexpr char TOKEN[] = "Token"; constexpr char EXPIRATION[] = "Expiration"; constexpr char EXPIRATION_FORMAT[] = "%E4Y%m%dT%H%M%S%z"; constexpr char TRUE[] = "true"; constexpr char AWS_CONTAINER_CREDENTIALS_RELATIVE_URI[] = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; constexpr char AWS_CONTAINER_CREDENTIALS_FULL_URI[] = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; constexpr char AWS_CONTAINER_AUTHORIZATION_TOKEN[] = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; constexpr char AWS_EC2_METADATA_DISABLED[] = "AWS_EC2_METADATA_DISABLED"; constexpr std::chrono::hours REFRESH_INTERVAL{1}; constexpr std::chrono::seconds REFRESH_GRACE_PERIOD{5}; constexpr char EC2_METADATA_HOST[] = "169.254.169.254:80"; constexpr char CONTAINER_METADATA_HOST[] = "169.254.170.2:80"; constexpr char SECURITY_CREDENTIALS_PATH[] = "/latest/meta-data/iam/security-credentials"; } // namespace Credentials EnvironmentCredentialsProvider::getCredentials() { ENVOY_LOG(debug, "Getting AWS credentials from the environment"); const auto access_key_id = absl::NullSafeStringView(std::getenv(AWS_ACCESS_KEY_ID)); if (access_key_id.empty()) { return Credentials(); } const auto secret_access_key = absl::NullSafeStringView(std::getenv(AWS_SECRET_ACCESS_KEY)); const auto session_token = absl::NullSafeStringView(std::getenv(AWS_SESSION_TOKEN)); ENVOY_LOG(debug, "Found following AWS credentials in the environment: {}={}, {}={}, {}={}", AWS_ACCESS_KEY_ID, access_key_id, AWS_SECRET_ACCESS_KEY, secret_access_key.empty() ? "" : "*****", AWS_SESSION_TOKEN, session_token.empty() ? "" : "*****"); return Credentials(access_key_id, secret_access_key, session_token); } void MetadataCredentialsProviderBase::refreshIfNeeded() { const Thread::LockGuard lock(lock_); if (needsRefresh()) { refresh(); } } bool InstanceProfileCredentialsProvider::needsRefresh() { return api_.timeSource().systemTime() - last_updated_ > REFRESH_INTERVAL; } void InstanceProfileCredentialsProvider::refresh() { ENVOY_LOG(debug, "Getting AWS credentials from the instance metadata"); // First discover the Role of this instance const auto instance_role_string = metadata_fetcher_(EC2_METADATA_HOST, SECURITY_CREDENTIALS_PATH, ""); if (!instance_role_string) { ENVOY_LOG(error, "Could not retrieve credentials listing from the instance metadata"); return; } const auto instance_role_list = StringUtil::splitToken(StringUtil::trim(instance_role_string.value()), "\n"); if (instance_role_list.empty()) { ENVOY_LOG(error, "No AWS credentials were found in the instance metadata"); return; } ENVOY_LOG(debug, "AWS credentials list:\n{}", instance_role_string.value()); // Only one Role can be associated with an instance: // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html const auto credential_path = std::string(SECURITY_CREDENTIALS_PATH) + "/" + std::string(instance_role_list[0].data(), instance_role_list[0].size()); ENVOY_LOG(debug, "AWS credentials path: {}", credential_path); // Then fetch and parse the credentials const auto credential_document = metadata_fetcher_(EC2_METADATA_HOST, credential_path, ""); if (!credential_document) { ENVOY_LOG(error, "Could not load AWS credentials document from the instance metadata"); return; } Json::ObjectSharedPtr document_json; try { document_json = Json::Factory::loadFromString(credential_document.value()); } catch (EnvoyException& e) { ENVOY_LOG(error, "Could not parse AWS credentials document: {}", e.what()); return; } const auto access_key_id = document_json->getString(ACCESS_KEY_ID, ""); const auto secret_access_key = document_json->getString(SECRET_ACCESS_KEY, ""); const auto session_token = document_json->getString(TOKEN, ""); ENVOY_LOG(debug, "Found following AWS credentials in the instance metadata: {}={}, {}={}, {}={}", AWS_ACCESS_KEY_ID, access_key_id, AWS_SECRET_ACCESS_KEY, secret_access_key.empty() ? "" : "*****", AWS_SESSION_TOKEN, session_token.empty() ? "" : "*****"); cached_credentials_ = Credentials(access_key_id, secret_access_key, session_token); last_updated_ = api_.timeSource().systemTime(); } bool TaskRoleCredentialsProvider::needsRefresh() { const auto now = api_.timeSource().systemTime(); return (now - last_updated_ > REFRESH_INTERVAL) || (expiration_time_ - now < REFRESH_GRACE_PERIOD); } void TaskRoleCredentialsProvider::refresh() { ENVOY_LOG(debug, "Getting AWS credentials from the task role at URI: {}", credential_uri_); absl::string_view host; absl::string_view path; Http::Utility::extractHostPathFromUri(credential_uri_, host, path); const auto credential_document = metadata_fetcher_(std::string(host.data(), host.size()), std::string(path.data(), path.size()), authorization_token_); if (!credential_document) { ENVOY_LOG(error, "Could not load AWS credentials document from the task role"); return; } Json::ObjectSharedPtr document_json; try { document_json = Json::Factory::loadFromString(credential_document.value()); } catch (EnvoyException& e) { ENVOY_LOG(error, "Could not parse AWS credentials document from the task role: {}", e.what()); return; } const auto access_key_id = document_json->getString(ACCESS_KEY_ID, ""); const auto secret_access_key = document_json->getString(SECRET_ACCESS_KEY, ""); const auto session_token = document_json->getString(TOKEN, ""); ENVOY_LOG(debug, "Found following AWS credentials in the task role: {}={}, {}={}, {}={}", AWS_ACCESS_KEY_ID, access_key_id, AWS_SECRET_ACCESS_KEY, secret_access_key.empty() ? "" : "*****", AWS_SESSION_TOKEN, session_token.empty() ? "" : "*****"); const auto expiration_str = document_json->getString(EXPIRATION, ""); if (!expiration_str.empty()) { absl::Time expiration_time; if (absl::ParseTime(EXPIRATION_FORMAT, expiration_str, &expiration_time, nullptr)) { ENVOY_LOG(debug, "Task role AWS credentials expiration time: {}", expiration_str); expiration_time_ = absl::ToChronoTime(expiration_time); } } last_updated_ = api_.timeSource().systemTime(); cached_credentials_ = Credentials(access_key_id, secret_access_key, session_token); } Credentials CredentialsProviderChain::getCredentials() { for (auto& provider : providers_) { const auto credentials = provider->getCredentials(); if (credentials.accessKeyId() && credentials.secretAccessKey()) { return credentials; } } ENVOY_LOG(debug, "No AWS credentials found, using anonymous credentials"); return Credentials(); } DefaultCredentialsProviderChain::DefaultCredentialsProviderChain( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher, const CredentialsProviderChainFactories& factories) { ENVOY_LOG(debug, "Using environment credentials provider"); add(factories.createEnvironmentCredentialsProvider()); const auto relative_uri = absl::NullSafeStringView(std::getenv(AWS_CONTAINER_CREDENTIALS_RELATIVE_URI)); const auto full_uri = absl::NullSafeStringView(std::getenv(AWS_CONTAINER_CREDENTIALS_FULL_URI)); const auto metadata_disabled = absl::NullSafeStringView(std::getenv(AWS_EC2_METADATA_DISABLED)); if (!relative_uri.empty()) { const auto uri = absl::StrCat(CONTAINER_METADATA_HOST, relative_uri); ENVOY_LOG(debug, "Using task role credentials provider with URI: {}", uri); add(factories.createTaskRoleCredentialsProvider(api, metadata_fetcher, uri)); } else if (!full_uri.empty()) { const auto authorization_token = absl::NullSafeStringView(std::getenv(AWS_CONTAINER_AUTHORIZATION_TOKEN)); if (!authorization_token.empty()) { ENVOY_LOG(debug, "Using task role credentials provider with URI: " "{} and authorization token", full_uri); add(factories.createTaskRoleCredentialsProvider(api, metadata_fetcher, full_uri, authorization_token)); } else { ENVOY_LOG(debug, "Using task role credentials provider with URI: {}", full_uri); add(factories.createTaskRoleCredentialsProvider(api, metadata_fetcher, full_uri)); } } else if (metadata_disabled != TRUE) { ENVOY_LOG(debug, "Using instance profile credentials provider"); add(factories.createInstanceProfileCredentialsProvider(api, metadata_fetcher)); } } } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/credentials_provider_impl.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/event/timer.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "extensions/common/aws/credentials_provider.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { /** * Retrieve AWS credentials from the environment variables. * * Adheres to conventions specified in: * https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html */ class EnvironmentCredentialsProvider : public CredentialsProvider, public Logger::Loggable { public: Credentials getCredentials() override; }; class MetadataCredentialsProviderBase : public CredentialsProvider, public Logger::Loggable { public: using MetadataFetcher = std::function( const std::string& host, const std::string& path, const std::string& auth_token)>; MetadataCredentialsProviderBase(Api::Api& api, const MetadataFetcher& metadata_fetcher) : api_(api), metadata_fetcher_(metadata_fetcher) {} Credentials getCredentials() override { refreshIfNeeded(); return cached_credentials_; } protected: Api::Api& api_; MetadataFetcher metadata_fetcher_; SystemTime last_updated_; Credentials cached_credentials_; Thread::MutexBasicLockable lock_; void refreshIfNeeded(); virtual bool needsRefresh() PURE; virtual void refresh() PURE; }; /** * Retrieve AWS credentials from the instance metadata. * * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials */ class InstanceProfileCredentialsProvider : public MetadataCredentialsProviderBase { public: InstanceProfileCredentialsProvider(Api::Api& api, const MetadataFetcher& metadata_fetcher) : MetadataCredentialsProviderBase(api, metadata_fetcher) {} private: bool needsRefresh() override; void refresh() override; }; /** * Retrieve AWS credentials from the task metadata. * * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html#enable_task_iam_roles */ class TaskRoleCredentialsProvider : public MetadataCredentialsProviderBase { public: TaskRoleCredentialsProvider(Api::Api& api, const MetadataFetcher& metadata_fetcher, absl::string_view credential_uri, absl::string_view authorization_token = {}) : MetadataCredentialsProviderBase(api, metadata_fetcher), credential_uri_(credential_uri), authorization_token_(authorization_token) {} private: SystemTime expiration_time_; std::string credential_uri_; std::string authorization_token_; bool needsRefresh() override; void refresh() override; }; /** * AWS credentials provider chain, able to fallback between multiple credential providers. */ class CredentialsProviderChain : public CredentialsProvider, public Logger::Loggable { public: ~CredentialsProviderChain() override = default; void add(const CredentialsProviderSharedPtr& credentials_provider) { providers_.emplace_back(credentials_provider); } Credentials getCredentials() override; protected: std::list providers_; }; class CredentialsProviderChainFactories { public: virtual ~CredentialsProviderChainFactories() = default; virtual CredentialsProviderSharedPtr createEnvironmentCredentialsProvider() const PURE; virtual CredentialsProviderSharedPtr createTaskRoleCredentialsProvider( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher, absl::string_view credential_uri, absl::string_view authorization_token = {}) const PURE; virtual CredentialsProviderSharedPtr createInstanceProfileCredentialsProvider( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher) const PURE; }; /** * Default AWS credentials provider chain. * * Reference implementation: * https://github.com/aws/aws-sdk-cpp/blob/master/aws-cpp-sdk-core/source/auth/AWSCredentialsProviderChain.cpp#L44 */ class DefaultCredentialsProviderChain : public CredentialsProviderChain, public CredentialsProviderChainFactories { public: DefaultCredentialsProviderChain( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher) : DefaultCredentialsProviderChain(api, metadata_fetcher, *this) {} DefaultCredentialsProviderChain( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher, const CredentialsProviderChainFactories& factories); private: CredentialsProviderSharedPtr createEnvironmentCredentialsProvider() const override { return std::make_shared(); } CredentialsProviderSharedPtr createTaskRoleCredentialsProvider( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher, absl::string_view credential_uri, absl::string_view authorization_token = {}) const override { return std::make_shared(api, metadata_fetcher, credential_uri, authorization_token); } CredentialsProviderSharedPtr createInstanceProfileCredentialsProvider( Api::Api& api, const MetadataCredentialsProviderBase::MetadataFetcher& metadata_fetcher) const override { return std::make_shared(api, metadata_fetcher); } }; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/region_provider.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { /** * Interface for classes capable of discovering the AWS region from the execution environment. */ class RegionProvider { public: virtual ~RegionProvider() = default; /** * Discover and return the AWS region. * @return AWS region, or nullopt if unable to discover the region. */ virtual absl::optional getRegion() PURE; }; using RegionProviderPtr = std::unique_ptr; using RegionProviderSharedPtr = std::shared_ptr; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/region_provider_impl.cc ================================================ #include "extensions/common/aws/region_provider_impl.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { static const char AWS_REGION[] = "AWS_REGION"; StaticRegionProvider::StaticRegionProvider(const std::string& region) : region_(region) {} absl::optional StaticRegionProvider::getRegion() { return absl::optional(region_); } absl::optional EnvironmentRegionProvider::getRegion() { const auto region = std::getenv(AWS_REGION); if (region == nullptr) { return absl::nullopt; } ENVOY_LOG(debug, "Found environment region {}={}", AWS_REGION, region); return absl::optional(region); } } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/region_provider_impl.h ================================================ #pragma once #include "common/common/logger.h" #include "extensions/common/aws/region_provider.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { /** * Retrieve AWS region name from the environment */ class EnvironmentRegionProvider : public RegionProvider, public Logger::Loggable { public: absl::optional getRegion() override; }; /** * Return statically configured AWS region name */ class StaticRegionProvider : public RegionProvider { public: StaticRegionProvider(const std::string& region); absl::optional getRegion() override; private: const std::string region_; }; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/signer.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/http/message.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { class Signer { public: virtual ~Signer() = default; /** * Sign an AWS request. * @param message an AWS API request message. * @param sign_body include the message body in the signature. The body must be fully buffered. * @throws EnvoyException if the request cannot be signed. */ virtual void sign(Http::RequestMessage& message, bool sign_body) PURE; /** * Sign an AWS request. * @param headers AWS API request headers. * @throws EnvoyException if the request cannot be signed. */ virtual void sign(Http::RequestHeaderMap& headers) PURE; /** * Sign an AWS request. * @param headers AWS API request headers. * @param content_hash The Hex encoded SHA-256 of the body of the AWS API request. * @throws EnvoyException if the request cannot be signed. */ virtual void sign(Http::RequestHeaderMap& headers, const std::string& content_hash) PURE; }; using SignerPtr = std::unique_ptr; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/signer_impl.cc ================================================ #include "extensions/common/aws/signer_impl.h" #include "envoy/common/exception.h" #include "common/buffer/buffer_impl.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/crypto/utility.h" #include "common/http/headers.h" #include "extensions/common/aws/utility.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { void SignerImpl::sign(Http::RequestMessage& message, bool sign_body) { const auto content_hash = createContentHash(message, sign_body); auto& headers = message.headers(); sign(headers, content_hash); } void SignerImpl::sign(Http::RequestHeaderMap& headers) { if (require_content_hash_) { headers.setReference(SignatureHeaders::get().ContentSha256, SignatureConstants::get().UnsignedPayload); sign(headers, SignatureConstants::get().UnsignedPayload); } else { headers.setReference(SignatureHeaders::get().ContentSha256, SignatureConstants::get().HashedEmptyString); sign(headers, SignatureConstants::get().HashedEmptyString); } } void SignerImpl::sign(Http::RequestHeaderMap& headers, const std::string& content_hash) { headers.setReferenceKey(SignatureHeaders::get().ContentSha256, content_hash); const auto& credentials = credentials_provider_->getCredentials(); if (!credentials.accessKeyId() || !credentials.secretAccessKey()) { // Empty or "anonymous" credentials are a valid use-case for non-production environments. // This behavior matches what the AWS SDK would do. return; } const auto* method_header = headers.Method(); if (method_header == nullptr) { throw EnvoyException("Message is missing :method header"); } const auto* path_header = headers.Path(); if (path_header == nullptr) { throw EnvoyException("Message is missing :path header"); } if (credentials.sessionToken()) { headers.addCopy(SignatureHeaders::get().SecurityToken, credentials.sessionToken().value()); } const auto long_date = long_date_formatter_.now(time_source_); const auto short_date = short_date_formatter_.now(time_source_); headers.addCopy(SignatureHeaders::get().Date, long_date); // Phase 1: Create a canonical request const auto canonical_headers = Utility::canonicalizeHeaders(headers); const auto canonical_request = Utility::createCanonicalRequest( method_header->value().getStringView(), path_header->value().getStringView(), canonical_headers, content_hash); ENVOY_LOG(debug, "Canonical request:\n{}", canonical_request); // Phase 2: Create a string to sign const auto credential_scope = createCredentialScope(short_date); const auto string_to_sign = createStringToSign(canonical_request, long_date, credential_scope); ENVOY_LOG(debug, "String to sign:\n{}", string_to_sign); // Phase 3: Create a signature const auto signature = createSignature(credentials.secretAccessKey().value(), short_date, string_to_sign); // Phase 4: Sign request const auto authorization_header = createAuthorizationHeader( credentials.accessKeyId().value(), credential_scope, canonical_headers, signature); ENVOY_LOG(debug, "Signing request with: {}", authorization_header); headers.addCopy(Http::CustomHeaders::get().Authorization, authorization_header); } std::string SignerImpl::createContentHash(Http::RequestMessage& message, bool sign_body) const { if (!sign_body) { return SignatureConstants::get().HashedEmptyString; } auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); const auto content_hash = message.body().length() > 0 ? Hex::encode(crypto_util.getSha256Digest(message.body())) : SignatureConstants::get().HashedEmptyString; return content_hash; } std::string SignerImpl::createCredentialScope(absl::string_view short_date) const { return fmt::format(SignatureConstants::get().CredentialScopeFormat, short_date, region_, service_name_); } std::string SignerImpl::createStringToSign(absl::string_view canonical_request, absl::string_view long_date, absl::string_view credential_scope) const { auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); return fmt::format( SignatureConstants::get().StringToSignFormat, long_date, credential_scope, Hex::encode(crypto_util.getSha256Digest(Buffer::OwnedImpl(canonical_request)))); } std::string SignerImpl::createSignature(absl::string_view secret_access_key, absl::string_view short_date, absl::string_view string_to_sign) const { auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); const auto secret_key = absl::StrCat(SignatureConstants::get().SignatureVersion, secret_access_key); const auto date_key = crypto_util.getSha256Hmac( std::vector(secret_key.begin(), secret_key.end()), short_date); const auto region_key = crypto_util.getSha256Hmac(date_key, region_); const auto service_key = crypto_util.getSha256Hmac(region_key, service_name_); const auto signing_key = crypto_util.getSha256Hmac(service_key, SignatureConstants::get().Aws4Request); return Hex::encode(crypto_util.getSha256Hmac(signing_key, string_to_sign)); } std::string SignerImpl::createAuthorizationHeader(absl::string_view access_key_id, absl::string_view credential_scope, const std::map& canonical_headers, absl::string_view signature) const { const auto signed_headers = Utility::joinCanonicalHeaderNames(canonical_headers); return fmt::format(SignatureConstants::get().AuthorizationHeaderFormat, access_key_id, credential_scope, signed_headers, signature); } } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/signer_impl.h ================================================ #pragma once #include "common/common/logger.h" #include "common/common/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/common/aws/credentials_provider.h" #include "extensions/common/aws/signer.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { class SignatureHeaderValues { public: const Http::LowerCaseString ContentSha256{"x-amz-content-sha256"}; const Http::LowerCaseString Date{"x-amz-date"}; const Http::LowerCaseString SecurityToken{"x-amz-security-token"}; }; using SignatureHeaders = ConstSingleton; class SignatureConstantValues { public: const std::string Aws4Request{"aws4_request"}; const std::string AuthorizationHeaderFormat{ "AWS4-HMAC-SHA256 Credential={}/{}, SignedHeaders={}, Signature={}"}; const std::string CredentialScopeFormat{"{}/{}/{}/aws4_request"}; const std::string HashedEmptyString{ "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"}; const std::string SignatureVersion{"AWS4"}; const std::string StringToSignFormat{"AWS4-HMAC-SHA256\n{}\n{}\n{}"}; const std::string LongDateFormat{"%Y%m%dT%H%M00Z"}; const std::string ShortDateFormat{"%Y%m%d"}; const std::string UnsignedPayload{"UNSIGNED-PAYLOAD"}; }; using SignatureConstants = ConstSingleton; /** * Implementation of the Signature V4 signing process. * See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html */ class SignerImpl : public Signer, public Logger::Loggable { public: SignerImpl(absl::string_view service_name, absl::string_view region, const CredentialsProviderSharedPtr& credentials_provider, TimeSource& time_source) : service_name_(service_name), region_(region), // S3, Glacier, ES payloads require special treatment. // S3: // https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html. // ES: // https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-request-signing.html. // Glacier: // https://docs.aws.amazon.com/amazonglacier/latest/dev/amazon-glacier-signing-requests.html. require_content_hash_{service_name_ == "s3" || service_name_ == "glacier" || service_name_ == "es"}, credentials_provider_(credentials_provider), time_source_(time_source), long_date_formatter_(SignatureConstants::get().LongDateFormat), short_date_formatter_(SignatureConstants::get().ShortDateFormat) {} void sign(Http::RequestMessage& message, bool sign_body = false) override; void sign(Http::RequestHeaderMap& headers) override; private: std::string createContentHash(Http::RequestMessage& message, bool sign_body) const; std::string createCredentialScope(absl::string_view short_date) const; std::string createStringToSign(absl::string_view canonical_request, absl::string_view long_date, absl::string_view credential_scope) const; std::string createSignature(absl::string_view secret_access_key, absl::string_view short_date, absl::string_view string_to_sign) const; std::string createAuthorizationHeader(absl::string_view access_key_id, absl::string_view credential_scope, const std::map& canonical_headers, absl::string_view signature) const; void sign(Http::RequestHeaderMap& headers, const std::string& content_hash) override; const std::string service_name_; const std::string region_; const bool require_content_hash_; CredentialsProviderSharedPtr credentials_provider_; TimeSource& time_source_; DateFormatter long_date_formatter_; DateFormatter short_date_formatter_; }; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/utility.cc ================================================ #include "extensions/common/aws/utility.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "absl/strings/str_join.h" #include "curl/curl.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { std::map Utility::canonicalizeHeaders(const Http::RequestHeaderMap& headers) { std::map out; headers.iterate([&out](const Http::HeaderEntry& entry) -> Http::HeaderMap::Iterate { // Skip empty headers if (entry.key().empty() || entry.value().empty()) { return Http::HeaderMap::Iterate::Continue; } // Pseudo-headers should not be canonicalized if (!entry.key().getStringView().empty() && entry.key().getStringView()[0] == ':') { return Http::HeaderMap::Iterate::Continue; } // Skip headers that are likely to mutate, when crossing proxies const auto key = entry.key().getStringView(); if (key == Http::Headers::get().ForwardedFor.get() || key == Http::Headers::get().ForwardedProto.get() || key == "x-amzn-trace-id") { return Http::HeaderMap::Iterate::Continue; } std::string value(entry.value().getStringView()); // Remove leading, trailing, and deduplicate repeated ascii spaces absl::RemoveExtraAsciiWhitespace(&value); const auto iter = out.find(std::string(entry.key().getStringView())); // If the entry already exists, append the new value to the end if (iter != out.end()) { iter->second += fmt::format(",{}", value); } else { out.emplace(std::string(entry.key().getStringView()), value); } return Http::HeaderMap::Iterate::Continue; }); // The AWS SDK has a quirk where it removes "default ports" (80, 443) from the host headers // Additionally, we canonicalize the :authority header as "host" // TODO(lavignes): This may need to be tweaked to canonicalize :authority for HTTP/2 requests const absl::string_view authority_header = headers.getHostValue(); if (!authority_header.empty()) { const auto parts = StringUtil::splitToken(authority_header, ":"); if (parts.size() > 1 && (parts[1] == "80" || parts[1] == "443")) { // Has default port, so use only the host part out.emplace(Http::Headers::get().HostLegacy.get(), std::string(parts[0])); } else { out.emplace(Http::Headers::get().HostLegacy.get(), std::string(authority_header)); } } return out; } std::string Utility::createCanonicalRequest(absl::string_view method, absl::string_view path, const std::map& canonical_headers, absl::string_view content_hash) { std::vector parts; parts.emplace_back(method); // don't include the query part of the path const auto path_part = StringUtil::cropRight(path, "?"); parts.emplace_back(path_part.empty() ? "/" : path_part); const auto query_part = StringUtil::cropLeft(path, "?"); // if query_part == path_part, then there is no query parts.emplace_back(query_part == path_part ? "" : query_part); std::vector formatted_headers; formatted_headers.reserve(canonical_headers.size()); for (const auto& header : canonical_headers) { formatted_headers.emplace_back(fmt::format("{}:{}", header.first, header.second)); parts.emplace_back(formatted_headers.back()); } // need an extra blank space after the canonical headers parts.emplace_back(""); const auto signed_headers = Utility::joinCanonicalHeaderNames(canonical_headers); parts.emplace_back(signed_headers); parts.emplace_back(content_hash); return absl::StrJoin(parts, "\n"); } std::string Utility::joinCanonicalHeaderNames(const std::map& canonical_headers) { return absl::StrJoin(canonical_headers, ";", [](auto* out, const auto& pair) { return absl::StrAppend(out, pair.first); }); } static size_t curlCallback(char* ptr, size_t, size_t nmemb, void* data) { auto buf = static_cast(data); buf->append(ptr, nmemb); return nmemb; } absl::optional Utility::metadataFetcher(const std::string& host, const std::string& path, const std::string& auth_token) { static const size_t MAX_RETRIES = 4; static const std::chrono::milliseconds RETRY_DELAY{1000}; static const std::chrono::seconds TIMEOUT{5}; CURL* const curl = curl_easy_init(); if (!curl) { return absl::nullopt; }; const std::string url = fmt::format("http://{}/{}", host, path); curl_easy_setopt(curl, CURLOPT_URL, url.c_str()); curl_easy_setopt(curl, CURLOPT_TIMEOUT, TIMEOUT.count()); curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); std::string buffer; curl_easy_setopt(curl, CURLOPT_WRITEDATA, &buffer); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, curlCallback); struct curl_slist* headers = nullptr; if (!auth_token.empty()) { const std::string auth = fmt::format("Authorization: {}", auth_token); headers = curl_slist_append(headers, auth.c_str()); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); } for (size_t retry = 0; retry < MAX_RETRIES; retry++) { const CURLcode res = curl_easy_perform(curl); if (res == CURLE_OK) { break; } ENVOY_LOG_MISC(debug, "Could not fetch AWS metadata: {}", curl_easy_strerror(res)); buffer.clear(); std::this_thread::sleep_for(RETRY_DELAY); } curl_easy_cleanup(curl); curl_slist_free_all(headers); return buffer.empty() ? absl::nullopt : absl::optional(buffer); } } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/aws/utility.h ================================================ #pragma once #include "common/http/headers.h" namespace Envoy { namespace Extensions { namespace Common { namespace Aws { class Utility { public: /** * Creates a canonicalized header map used in creating a AWS Signature V4 canonical request. * See https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html * @param headers a header map to canonicalize. * @return a std::map of canonicalized headers to be used in building a canonical request. */ static std::map canonicalizeHeaders(const Http::RequestHeaderMap& headers); /** * Creates an AWS Signature V4 canonical request string. * See https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html * @param method the HTTP request method. * @param path the request path. * @param canonical_headers the pre-canonicalized request headers. * @param content_hash the hashed request body. * @return the canonicalized request string. */ static std::string createCanonicalRequest(absl::string_view method, absl::string_view path, const std::map& canonical_headers, absl::string_view content_hash); /** * Get the semicolon-delimited string of canonical header names. * @param canonical_headers the pre-canonicalized request headers. * @return the header names as a semicolon-delimited string. */ static std::string joinCanonicalHeaderNames(const std::map& canonical_headers); /** * Fetch AWS instance or task metadata. * * @param host host or ip address of the metadata endpoint. * @param path path of the metadata document. * @auth_token authentication token to pass in the request, empty string indicates no auth. * @return Metadata document or nullopt in case if unable to fetch it. * * @note In case of an error, function will log ENVOY_LOG_MISC(debug) message. * * @note This is not main loop safe method as it is blocking. It is intended to be used from the * gRPC auth plugins that are able to schedule blocking plugins on a different thread. */ static absl::optional metadataFetcher(const std::string& host, const std::string& path, const std::string& auth_token); }; } // namespace Aws } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/crypto/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "utility_lib", srcs = [ "crypto_impl.cc", "utility_impl.cc", ], hdrs = [ "crypto_impl.h", "utility_impl.h", ], external_deps = [ "ssl", ], # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//test/common/config:__subpackages__", "//test/common/crypto:__subpackages__", ], security_posture = "unknown", undocumented = True, deps = [ "//include/envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/crypto:utility_lib", ], ) ================================================ FILE: source/extensions/common/crypto/crypto_impl.cc ================================================ #include "extensions/common/crypto/crypto_impl.h" namespace Envoy { namespace Common { namespace Crypto { EVP_PKEY* PublicKeyObject::getEVP_PKEY() const { return pkey_.get(); } void PublicKeyObject::setEVP_PKEY(EVP_PKEY* pkey) { pkey_.reset(pkey); } } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: source/extensions/common/crypto/crypto_impl.h ================================================ #pragma once #include "envoy/common/crypto/crypto.h" #include "openssl/base.h" #include "openssl/evp.h" namespace Envoy { namespace Common { namespace Crypto { class PublicKeyObject : public Envoy::Common::Crypto::CryptoObject { public: PublicKeyObject() = default; PublicKeyObject(EVP_PKEY* pkey) : pkey_(pkey) {} PublicKeyObject(const PublicKeyObject& pkey_wrapper); EVP_PKEY* getEVP_PKEY() const; void setEVP_PKEY(EVP_PKEY* pkey); private: bssl::UniquePtr pkey_; }; } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: source/extensions/common/crypto/utility_impl.cc ================================================ #include "extensions/common/crypto/utility_impl.h" #include "common/common/assert.h" #include "extensions/common/crypto/crypto_impl.h" #include "absl/container/fixed_array.h" #include "absl/strings/ascii.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Common { namespace Crypto { std::vector UtilityImpl::getSha256Digest(const Buffer::Instance& buffer) { std::vector digest(SHA256_DIGEST_LENGTH); bssl::ScopedEVP_MD_CTX ctx; auto rc = EVP_DigestInit(ctx.get(), EVP_sha256()); RELEASE_ASSERT(rc == 1, "Failed to init digest context"); for (const auto& slice : buffer.getRawSlices()) { rc = EVP_DigestUpdate(ctx.get(), slice.mem_, slice.len_); RELEASE_ASSERT(rc == 1, "Failed to update digest"); } rc = EVP_DigestFinal(ctx.get(), digest.data(), nullptr); RELEASE_ASSERT(rc == 1, "Failed to finalize digest"); return digest; } std::vector UtilityImpl::getSha256Hmac(const std::vector& key, absl::string_view message) { std::vector hmac(SHA256_DIGEST_LENGTH); const auto ret = HMAC(EVP_sha256(), key.data(), key.size(), reinterpret_cast(message.data()), message.size(), hmac.data(), nullptr); RELEASE_ASSERT(ret != nullptr, "Failed to create HMAC"); return hmac; } const VerificationOutput UtilityImpl::verifySignature(absl::string_view hash, CryptoObject& key, const std::vector& signature, const std::vector& text) { // Step 1: initialize EVP_MD_CTX bssl::ScopedEVP_MD_CTX ctx; // Step 2: initialize EVP_MD const EVP_MD* md = getHashFunction(hash); if (md == nullptr) { return {false, absl::StrCat(hash, " is not supported.")}; } // Step 3: initialize EVP_DigestVerify auto pkey_wrapper = Common::Crypto::Access::getTyped(key); EVP_PKEY* pkey = pkey_wrapper->getEVP_PKEY(); if (pkey == nullptr) { return {false, "Failed to initialize digest verify."}; } int ok = EVP_DigestVerifyInit(ctx.get(), nullptr, md, nullptr, pkey); if (!ok) { return {false, "Failed to initialize digest verify."}; } // Step 4: verify signature ok = EVP_DigestVerify(ctx.get(), signature.data(), signature.size(), text.data(), text.size()); // Step 5: check result if (ok == 1) { return {true, ""}; } return {false, absl::StrCat("Failed to verify digest. Error code: ", ok)}; } CryptoObjectPtr UtilityImpl::importPublicKey(const std::vector& key) { CBS cbs({key.data(), key.size()}); return std::make_unique(EVP_parse_public_key(&cbs)); } const EVP_MD* UtilityImpl::getHashFunction(absl::string_view name) { const std::string hash = absl::AsciiStrToLower(name); // Hash algorithms set refers // https://github.com/google/boringssl/blob/master/include/openssl/digest.h if (hash == "sha1") { return EVP_sha1(); } else if (hash == "sha224") { return EVP_sha224(); } else if (hash == "sha256") { return EVP_sha256(); } else if (hash == "sha384") { return EVP_sha384(); } else if (hash == "sha512") { return EVP_sha512(); } else { return nullptr; } } // Register the crypto utility singleton. static Crypto::ScopedUtilitySingleton* utility_ = new Crypto::ScopedUtilitySingleton(std::make_unique()); } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: source/extensions/common/crypto/utility_impl.h ================================================ #pragma once #include "common/crypto/utility.h" #include "openssl/bytestring.h" #include "openssl/hmac.h" #include "openssl/sha.h" namespace Envoy { namespace Common { namespace Crypto { class UtilityImpl : public Envoy::Common::Crypto::Utility { public: std::vector getSha256Digest(const Buffer::Instance& buffer) override; std::vector getSha256Hmac(const std::vector& key, absl::string_view message) override; const VerificationOutput verifySignature(absl::string_view hash, CryptoObject& key, const std::vector& signature, const std::vector& text) override; CryptoObjectPtr importPublicKey(const std::vector& key) override; private: const EVP_MD* getHashFunction(absl::string_view name); }; } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "dns_cache_interface", hdrs = ["dns_cache.h"], deps = [ "//include/envoy/common:backoff_strategy_interface", "//include/envoy/common:random_generator_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:resource_manager_interface", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "dns_cache_manager_impl", srcs = ["dns_cache_manager_impl.cc"], hdrs = ["dns_cache_manager_impl.h"], deps = [ ":dns_cache_impl", "//source/common/protobuf", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "dns_cache_impl", srcs = ["dns_cache_impl.cc"], hdrs = ["dns_cache_impl.h"], deps = [ ":dns_cache_interface", ":dns_cache_resource_manager", "//include/envoy/network:dns_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:cleanup_lib", "//source/common/config:utility_lib", "//source/common/network:utility_lib", "//source/common/upstream:upstream_lib", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "dns_cache_resource_manager", srcs = ["dns_cache_resource_manager.cc"], hdrs = ["dns_cache_resource_manager.h"], deps = [ ":dns_cache_interface", "//include/envoy/common:resource_interface", "//include/envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:basic_resource_lib", "//source/common/runtime:runtime_lib", "//source/common/upstream:resource_manager_lib", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "envoy/singleton/manager.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/resource_manager.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { /** * A cached DNS host. */ class DnsHostInfo { public: virtual ~DnsHostInfo() = default; /** * Returns the host's currently resolved address. This address may change periodically due to * async re-resolution. */ virtual Network::Address::InstanceConstSharedPtr address() PURE; /** * Returns the host that was actually resolved via DNS. If port was originally specified it will * be stripped from this return value. */ virtual const std::string& resolvedHost() const PURE; /** * Returns whether the original host is an IP address. */ virtual bool isIpAddress() const PURE; /** * Indicates that the host has been used and should not be purged depending on any configured * TTL policy */ virtual void touch() PURE; }; using DnsHostInfoSharedPtr = std::shared_ptr; #define ALL_DNS_CACHE_CIRCUIT_BREAKERS_STATS(OPEN_GAUGE, REMAINING_GAUGE) \ OPEN_GAUGE(rq_pending_open, Accumulate) \ REMAINING_GAUGE(rq_pending_remaining, Accumulate) struct DnsCacheCircuitBreakersStats { ALL_DNS_CACHE_CIRCUIT_BREAKERS_STATS(GENERATE_GAUGE_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * A resource manager of DNS Cache. */ class DnsCacheResourceManager { public: virtual ~DnsCacheResourceManager() = default; /** * Returns the resource limit of pending requests to DNS. */ virtual ResourceLimit& pendingRequests() PURE; /** * Returns the reference of stats for dns cache circuit breakers. */ virtual DnsCacheCircuitBreakersStats& stats() PURE; }; /** * A cache of DNS hosts. Hosts will re-resolve their addresses or be automatically purged * depending on configured policy. */ class DnsCache { public: /** * Callbacks used in the loadDnsCacheEntry() method. */ class LoadDnsCacheEntryCallbacks { public: virtual ~LoadDnsCacheEntryCallbacks() = default; /** * Called when the DNS cache load is complete (or failed). */ virtual void onLoadDnsCacheComplete() PURE; }; /** * Handle returned from loadDnsCacheEntry(). Destruction of the handle will cancel any future * callback. */ class LoadDnsCacheEntryHandle { public: virtual ~LoadDnsCacheEntryHandle() = default; }; using LoadDnsCacheEntryHandlePtr = std::unique_ptr; /** * Update callbacks that can be registered in the addUpdateCallbacks() method. */ class UpdateCallbacks { public: virtual ~UpdateCallbacks() = default; /** * Called when a host has been added or has had its address updated. * @param host supplies the added/updated host. * @param host_info supplies the associated host info. */ virtual void onDnsHostAddOrUpdate(const std::string& host, const DnsHostInfoSharedPtr& host_info) PURE; /** * Called when a host has been removed. * @param host supplies the removed host. */ virtual void onDnsHostRemove(const std::string& host) PURE; }; /** * Handle returned from addUpdateCallbacks(). Destruction of the handle will remove the * registered callbacks. */ class AddUpdateCallbacksHandle { public: virtual ~AddUpdateCallbacksHandle() = default; }; using AddUpdateCallbacksHandlePtr = std::unique_ptr; virtual ~DnsCache() = default; /** * Initiate a DNS cache load. * @param host supplies the host to load. Hosts are cached inclusive of port, even though the * port will be stripped during resolution. This means that 'a.b.c' and 'a.b.c:9001' * will both resolve 'a.b.c' but will generate different host entries with different * target ports. * @param default_port supplies the port to use if the host does not have a port embedded in it. * @param callbacks supplies the cache load callbacks to invoke if async processing is needed. * @return a cache load result which includes both a status and handle. If the handle is non-null * the callbacks will be invoked at a later time, otherwise consult the status for the * reason the cache is not loading. In this case, callbacks will never be called. */ enum class LoadDnsCacheEntryStatus { // The cache entry is already loaded. Callbacks will not be called. InCache, // The cache entry is loading. Callbacks will be called at a later time unless cancelled. Loading, // The cache is full and the requested host is not in cache. Callbacks will not be called. Overflow }; struct LoadDnsCacheEntryResult { LoadDnsCacheEntryStatus status_; LoadDnsCacheEntryHandlePtr handle_; }; virtual LoadDnsCacheEntryResult loadDnsCacheEntry(absl::string_view host, uint16_t default_port, LoadDnsCacheEntryCallbacks& callbacks) PURE; /** * Add update callbacks to the cache. * @param callbacks supplies the callbacks to add. * @return a handle that on destruction will de-register the callbacks. */ virtual AddUpdateCallbacksHandlePtr addUpdateCallbacks(UpdateCallbacks& callbacks) PURE; /** * @return all hosts currently stored in the cache. */ virtual absl::flat_hash_map hosts() PURE; /** * Check if a DNS request is allowed given resource limits. * @param pending_request optional pending request resource limit. If no resource limit is * provided the internal DNS cache limit is used. * @return RAII handle for pending request circuit breaker if the request was allowed. */ virtual Upstream::ResourceAutoIncDecPtr canCreateDnsRequest(ResourceLimitOptRef pending_request) PURE; }; using DnsCacheSharedPtr = std::shared_ptr; /** * A manager for multiple DNS caches. */ class DnsCacheManager { public: virtual ~DnsCacheManager() = default; /** * Get a DNS cache. * @param config supplies the cache parameters. If a cache exists with the same parameters it * will be returned, otherwise a new one will be created. */ virtual DnsCacheSharedPtr getCache(const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config) PURE; }; using DnsCacheManagerSharedPtr = std::shared_ptr; /** * Get the singleton cache manager for the entire server. */ DnsCacheManagerSharedPtr getCacheManager(Singleton::Manager& manager, Event::Dispatcher& main_thread_dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope); /** * Factory for getting a DNS cache manager. */ class DnsCacheManagerFactory { public: virtual ~DnsCacheManagerFactory() = default; /** * Get a DNS cache manager. */ virtual DnsCacheManagerSharedPtr get() PURE; }; } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_impl.cc ================================================ #include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "common/config/utility.h" #include "common/http/utility.h" #include "common/network/utility.h" // TODO(mattklein123): Move DNS family helpers to a smaller include. #include "common/upstream/upstream_impl.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { DnsCacheImpl::DnsCacheImpl( Event::Dispatcher& main_thread_dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope, const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config) : main_thread_dispatcher_(main_thread_dispatcher), dns_lookup_family_(Upstream::getDnsLookupFamilyFromEnum(config.dns_lookup_family())), resolver_(main_thread_dispatcher.createDnsResolver({}, config.use_tcp_for_dns_lookups())), tls_slot_(tls.allocateSlot()), scope_(root_scope.createScope(fmt::format("dns_cache.{}.", config.name()))), stats_(generateDnsCacheStats(*scope_)), resource_manager_(*scope_, loader, config.name(), config.dns_cache_circuit_breaker()), refresh_interval_(PROTOBUF_GET_MS_OR_DEFAULT(config, dns_refresh_rate, 60000)), failure_backoff_strategy_( Config::Utility::prepareDnsRefreshStrategy< envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig>( config, refresh_interval_.count(), random)), host_ttl_(PROTOBUF_GET_MS_OR_DEFAULT(config, host_ttl, 300000)), max_hosts_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_hosts, 1024)) { tls_slot_->set([](Event::Dispatcher&) { return std::make_shared(); }); updateTlsHostsMap(); } DnsCacheImpl::~DnsCacheImpl() { for (const auto& primary_host : primary_hosts_) { if (primary_host.second->active_query_ != nullptr) { primary_host.second->active_query_->cancel(); } } for (auto update_callbacks : update_callbacks_) { update_callbacks->cancel(); } } DnsCacheStats DnsCacheImpl::generateDnsCacheStats(Stats::Scope& scope) { return {ALL_DNS_CACHE_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope))}; } DnsCacheImpl::LoadDnsCacheEntryResult DnsCacheImpl::loadDnsCacheEntry(absl::string_view host, uint16_t default_port, LoadDnsCacheEntryCallbacks& callbacks) { ENVOY_LOG(debug, "thread local lookup for host '{}'", host); auto& tls_host_info = tls_slot_->getTyped(); auto tls_host = tls_host_info.host_map_->find(host); if (tls_host != tls_host_info.host_map_->end()) { ENVOY_LOG(debug, "thread local hit for host '{}'", host); return {LoadDnsCacheEntryStatus::InCache, nullptr}; } else if (tls_host_info.host_map_->size() >= max_hosts_) { // Given that we do this check in thread local context, it's possible for two threads to race // and potentially go slightly above the configured max hosts. This is an OK given compromise // given how much simpler the implementation is. ENVOY_LOG(debug, "DNS cache overflow for host '{}'", host); stats_.host_overflow_.inc(); return {LoadDnsCacheEntryStatus::Overflow, nullptr}; } else { ENVOY_LOG(debug, "thread local miss for host '{}', posting to main thread", host); main_thread_dispatcher_.post( [this, host = std::string(host), default_port]() { startCacheLoad(host, default_port); }); return {LoadDnsCacheEntryStatus::Loading, std::make_unique(tls_host_info.pending_resolutions_, host, callbacks)}; } } Upstream::ResourceAutoIncDecPtr DnsCacheImpl::canCreateDnsRequest(ResourceLimitOptRef pending_requests) { const auto has_pending_requests = pending_requests.has_value(); auto& current_pending_requests = has_pending_requests ? pending_requests->get() : resource_manager_.pendingRequests(); if (!current_pending_requests.canCreate()) { if (!has_pending_requests) { stats_.dns_rq_pending_overflow_.inc(); } return nullptr; } return std::make_unique(current_pending_requests); } absl::flat_hash_map DnsCacheImpl::hosts() { absl::flat_hash_map ret; for (const auto& host : primary_hosts_) { // Only include hosts that have ever resolved to an address. if (host.second->host_info_->address_ != nullptr) { ret.emplace(host.first, host.second->host_info_); } } return ret; } DnsCacheImpl::AddUpdateCallbacksHandlePtr DnsCacheImpl::addUpdateCallbacks(UpdateCallbacks& callbacks) { return std::make_unique(update_callbacks_, callbacks); } void DnsCacheImpl::startCacheLoad(const std::string& host, uint16_t default_port) { // It's possible for multiple requests to race trying to start a resolution. If a host is // already in the map it's either in the process of being resolved or the resolution is already // heading out to the worker threads. Either way the pending resolution will be completed. const auto primary_host_it = primary_hosts_.find(host); if (primary_host_it != primary_hosts_.end()) { ENVOY_LOG(debug, "main thread resolve for host '{}' skipped. Entry present", host); return; } const auto host_attributes = Http::Utility::parseAuthority(host); // TODO(mattklein123): Right now, the same host with different ports will become two // independent primary hosts with independent DNS resolutions. I'm not sure how much this will // matter, but we could consider collapsing these down and sharing the underlying DNS resolution. auto& primary_host = *primary_hosts_ // try_emplace() is used here for direct argument forwarding. .try_emplace(host, std::make_unique( *this, std::string(host_attributes.host_), host_attributes.port_.value_or(default_port), host_attributes.is_ip_address_, [this, host]() { onReResolve(host); })) .first->second; startResolve(host, primary_host); } void DnsCacheImpl::onReResolve(const std::string& host) { const auto primary_host_it = primary_hosts_.find(host); ASSERT(primary_host_it != primary_hosts_.end()); const std::chrono::steady_clock::duration now_duration = main_thread_dispatcher_.timeSource().monotonicTime().time_since_epoch(); ENVOY_LOG(debug, "host='{}' TTL check: now={} last_used={}", primary_host_it->first, now_duration.count(), primary_host_it->second->host_info_->last_used_time_.load().count()); if (now_duration - primary_host_it->second->host_info_->last_used_time_.load() > host_ttl_) { ENVOY_LOG(debug, "host='{}' TTL expired, removing", host); // If the host has no address then that means that the DnsCacheImpl has never // runAddUpdateCallbacks for this host, and thus the callback targets are not aware of it. // Therefore, runRemoveCallbacks should only be ran if the host's address != nullptr. if (primary_host_it->second->host_info_->address_) { runRemoveCallbacks(host); } primary_hosts_.erase(primary_host_it); updateTlsHostsMap(); } else { startResolve(host, *primary_host_it->second); } } void DnsCacheImpl::startResolve(const std::string& host, PrimaryHostInfo& host_info) { ENVOY_LOG(debug, "starting main thread resolve for host='{}' dns='{}' port='{}'", host, host_info.host_info_->resolved_host_, host_info.port_); ASSERT(host_info.active_query_ == nullptr); stats_.dns_query_attempt_.inc(); host_info.active_query_ = resolver_->resolve(host_info.host_info_->resolved_host_, dns_lookup_family_, [this, host](Network::DnsResolver::ResolutionStatus status, std::list&& response) { finishResolve(host, status, std::move(response)); }); } void DnsCacheImpl::finishResolve(const std::string& host, Network::DnsResolver::ResolutionStatus status, std::list&& response) { ENVOY_LOG(debug, "main thread resolve complete for host '{}'. {} results", host, response.size()); const auto primary_host_it = primary_hosts_.find(host); ASSERT(primary_host_it != primary_hosts_.end()); auto& primary_host_info = *primary_host_it->second; primary_host_info.active_query_ = nullptr; const bool first_resolve = !primary_host_info.host_info_->first_resolve_complete_; primary_host_info.host_info_->first_resolve_complete_ = true; // If the DNS resolver successfully resolved with an empty response list, the dns cache does not // update. This ensures that a potentially previously resolved address does not stabilize back to // 0 hosts. const auto new_address = !response.empty() ? Network::Utility::getAddressWithPort(*(response.front().address_), primary_host_info.port_) : nullptr; if (status == Network::DnsResolver::ResolutionStatus::Failure) { stats_.dns_query_failure_.inc(); } else { stats_.dns_query_success_.inc(); } // Only the change the address if: // 1) The new address is valid && // 2a) The host doesn't yet have an address || // 2b) The host has a changed address. // // This means that once a host gets an address it will stick even in the case of a subsequent // resolution failure. bool address_changed = false; if (new_address != nullptr && (primary_host_info.host_info_->address_ == nullptr || *primary_host_info.host_info_->address_ != *new_address)) { ENVOY_LOG(debug, "host '{}' address has changed", host); primary_host_info.host_info_->address_ = new_address; runAddUpdateCallbacks(host, primary_host_info.host_info_); address_changed = true; stats_.host_address_changed_.inc(); } if (first_resolve || address_changed) { updateTlsHostsMap(); } // Kick off the refresh timer. // TODO(mattklein123): Consider jitter here. It may not be necessary since the initial host // is populated dynamically. if (status == Network::DnsResolver::ResolutionStatus::Success) { failure_backoff_strategy_->reset(); primary_host_info.refresh_timer_->enableTimer(refresh_interval_); ENVOY_LOG(debug, "DNS refresh rate reset for host '{}', refresh rate {} ms", host, refresh_interval_.count()); } else { const uint64_t refresh_interval = failure_backoff_strategy_->nextBackOffMs(); primary_host_info.refresh_timer_->enableTimer(std::chrono::milliseconds(refresh_interval)); ENVOY_LOG(debug, "DNS refresh rate reset for host '{}', (failure) refresh rate {} ms", host, refresh_interval); } } void DnsCacheImpl::runAddUpdateCallbacks(const std::string& host, const DnsHostInfoSharedPtr& host_info) { for (auto callbacks : update_callbacks_) { callbacks->callbacks_.onDnsHostAddOrUpdate(host, host_info); } } void DnsCacheImpl::runRemoveCallbacks(const std::string& host) { for (auto callbacks : update_callbacks_) { callbacks->callbacks_.onDnsHostRemove(host); } } void DnsCacheImpl::updateTlsHostsMap() { TlsHostMapSharedPtr new_host_map = std::make_shared(); for (const auto& primary_host : primary_hosts_) { // Do not include hosts that have not resolved at least once. if (primary_host.second->host_info_->first_resolve_complete_) { new_host_map->emplace(primary_host.first, primary_host.second->host_info_); } } tls_slot_->runOnAllThreads([new_host_map](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().updateHostMap(new_host_map); return object; }); } DnsCacheImpl::ThreadLocalHostInfo::~ThreadLocalHostInfo() { // Make sure we cancel any handles that still exist. for (auto pending_resolution : pending_resolutions_) { pending_resolution->cancel(); } } void DnsCacheImpl::ThreadLocalHostInfo::updateHostMap(const TlsHostMapSharedPtr& new_host_map) { host_map_ = new_host_map; for (auto pending_resolution_it = pending_resolutions_.begin(); pending_resolution_it != pending_resolutions_.end();) { auto& pending_resolution = **pending_resolution_it; if (host_map_->count(pending_resolution.host_) != 0) { auto& callbacks = pending_resolution.callbacks_; pending_resolution.cancel(); pending_resolution_it = pending_resolutions_.erase(pending_resolution_it); callbacks.onLoadDnsCacheComplete(); } else { ++pending_resolution_it; } } } DnsCacheImpl::PrimaryHostInfo::PrimaryHostInfo(DnsCacheImpl& parent, absl::string_view host_to_resolve, uint16_t port, bool is_ip_address, const Event::TimerCb& timer_cb) : parent_(parent), port_(port), refresh_timer_(parent.main_thread_dispatcher_.createTimer(timer_cb)), host_info_(std::make_shared(parent.main_thread_dispatcher_.timeSource(), host_to_resolve, is_ip_address)) { parent_.stats_.host_added_.inc(); parent_.stats_.num_hosts_.inc(); } DnsCacheImpl::PrimaryHostInfo::~PrimaryHostInfo() { parent_.stats_.host_removed_.inc(); parent_.stats_.num_hosts_.dec(); } } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h ================================================ #pragma once #include "envoy/common/backoff_strategy.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "envoy/http/filter.h" #include "envoy/network/dns.h" #include "envoy/thread_local/thread_local.h" #include "common/common/cleanup.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" #include "extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { /** * All DNS cache stats. @see stats_macros.h */ #define ALL_DNS_CACHE_STATS(COUNTER, GAUGE) \ COUNTER(dns_query_attempt) \ COUNTER(dns_query_failure) \ COUNTER(dns_query_success) \ COUNTER(host_added) \ COUNTER(host_address_changed) \ COUNTER(host_overflow) \ COUNTER(host_removed) \ COUNTER(dns_rq_pending_overflow) \ GAUGE(num_hosts, NeverImport) /** * Struct definition for all DNS cache stats. @see stats_macros.h */ struct DnsCacheStats { ALL_DNS_CACHE_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; class DnsCacheImpl : public DnsCache, Logger::Loggable { public: DnsCacheImpl(Event::Dispatcher& main_thread_dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope, const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config); ~DnsCacheImpl() override; static DnsCacheStats generateDnsCacheStats(Stats::Scope& scope); // DnsCache LoadDnsCacheEntryResult loadDnsCacheEntry(absl::string_view host, uint16_t default_port, LoadDnsCacheEntryCallbacks& callbacks) override; AddUpdateCallbacksHandlePtr addUpdateCallbacks(UpdateCallbacks& callbacks) override; absl::flat_hash_map hosts() override; Upstream::ResourceAutoIncDecPtr canCreateDnsRequest(ResourceLimitOptRef pending_requests) override; private: using TlsHostMap = absl::flat_hash_map; using TlsHostMapSharedPtr = std::shared_ptr; struct LoadDnsCacheEntryHandleImpl : public LoadDnsCacheEntryHandle, RaiiListElement { LoadDnsCacheEntryHandleImpl(std::list& parent, absl::string_view host, LoadDnsCacheEntryCallbacks& callbacks) : RaiiListElement(parent, this), host_(host), callbacks_(callbacks) {} const std::string host_; LoadDnsCacheEntryCallbacks& callbacks_; }; // Per-thread DNS cache info including the currently known hosts as well as any pending callbacks. struct ThreadLocalHostInfo : public ThreadLocal::ThreadLocalObject { ~ThreadLocalHostInfo() override; void updateHostMap(const TlsHostMapSharedPtr& new_host_map); TlsHostMapSharedPtr host_map_; std::list pending_resolutions_; }; struct DnsHostInfoImpl : public DnsHostInfo { DnsHostInfoImpl(TimeSource& time_source, absl::string_view resolved_host, bool is_ip_address) : time_source_(time_source), resolved_host_(resolved_host), is_ip_address_(is_ip_address) { touch(); } // DnsHostInfo Network::Address::InstanceConstSharedPtr address() override { return address_; } const std::string& resolvedHost() const override { return resolved_host_; } bool isIpAddress() const override { return is_ip_address_; } void touch() final { last_used_time_ = time_source_.monotonicTime().time_since_epoch(); } TimeSource& time_source_; const std::string resolved_host_; const bool is_ip_address_; bool first_resolve_complete_{}; Network::Address::InstanceConstSharedPtr address_; // Using std::chrono::steady_clock::duration is required for compilation within an atomic vs. // using MonotonicTime. std::atomic last_used_time_; }; using DnsHostInfoImplSharedPtr = std::shared_ptr; // Primary host information that accounts for TTL, re-resolution, etc. struct PrimaryHostInfo { PrimaryHostInfo(DnsCacheImpl& parent, absl::string_view host_to_resolve, uint16_t port, bool is_ip_address, const Event::TimerCb& timer_cb); ~PrimaryHostInfo(); DnsCacheImpl& parent_; const uint16_t port_; const Event::TimerPtr refresh_timer_; const DnsHostInfoImplSharedPtr host_info_; Network::ActiveDnsQuery* active_query_{}; }; using PrimaryHostInfoPtr = std::unique_ptr; struct AddUpdateCallbacksHandleImpl : public AddUpdateCallbacksHandle, RaiiListElement { AddUpdateCallbacksHandleImpl(std::list& parent, UpdateCallbacks& callbacks) : RaiiListElement(parent, this), callbacks_(callbacks) {} UpdateCallbacks& callbacks_; }; void startCacheLoad(const std::string& host, uint16_t default_port); void startResolve(const std::string& host, PrimaryHostInfo& host_info); void finishResolve(const std::string& host, Network::DnsResolver::ResolutionStatus status, std::list&& response); void runAddUpdateCallbacks(const std::string& host, const DnsHostInfoSharedPtr& host_info); void runRemoveCallbacks(const std::string& host); void updateTlsHostsMap(); void onReResolve(const std::string& host); Event::Dispatcher& main_thread_dispatcher_; const Network::DnsLookupFamily dns_lookup_family_; const Network::DnsResolverSharedPtr resolver_; const ThreadLocal::SlotPtr tls_slot_; Stats::ScopePtr scope_; DnsCacheStats stats_; std::list update_callbacks_; absl::flat_hash_map primary_hosts_; DnsCacheResourceManagerImpl resource_manager_; const std::chrono::milliseconds refresh_interval_; const BackOffStrategyPtr failure_backoff_strategy_; const std::chrono::milliseconds host_ttl_; const uint32_t max_hosts_; }; } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.cc ================================================ #include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "common/protobuf/protobuf.h" #include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { SINGLETON_MANAGER_REGISTRATION(dns_cache_manager); DnsCacheSharedPtr DnsCacheManagerImpl::getCache( const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config) { const auto& existing_cache = caches_.find(config.name()); if (existing_cache != caches_.end()) { if (!Protobuf::util::MessageDifferencer::Equivalent(config, existing_cache->second.config_)) { throw EnvoyException( fmt::format("config specified DNS cache '{}' with different settings", config.name())); } return existing_cache->second.cache_; } DnsCacheSharedPtr new_cache = std::make_shared( main_thread_dispatcher_, tls_, random_, loader_, root_scope_, config); caches_.emplace(config.name(), ActiveCache{config, new_cache}); return new_cache; } DnsCacheManagerSharedPtr getCacheManager(Singleton::Manager& singleton_manager, Event::Dispatcher& main_thread_dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope) { return singleton_manager.getTyped( SINGLETON_MANAGER_REGISTERED_NAME(dns_cache_manager), [&main_thread_dispatcher, &tls, &random, &loader, &root_scope] { return std::make_shared(main_thread_dispatcher, tls, random, loader, root_scope); }); } } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h ================================================ #pragma once #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { class DnsCacheManagerImpl : public DnsCacheManager, public Singleton::Instance { public: DnsCacheManagerImpl(Event::Dispatcher& main_thread_dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope) : main_thread_dispatcher_(main_thread_dispatcher), tls_(tls), random_(random), loader_(loader), root_scope_(root_scope) {} // DnsCacheManager DnsCacheSharedPtr getCache( const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config) override; private: struct ActiveCache { ActiveCache(const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config, DnsCacheSharedPtr cache) : config_(config), cache_(cache) {} const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config_; DnsCacheSharedPtr cache_; }; Event::Dispatcher& main_thread_dispatcher_; ThreadLocal::SlotAllocator& tls_; Random::RandomGenerator& random_; Runtime::Loader& loader_; Stats::Scope& root_scope_; absl::flat_hash_map caches_; }; class DnsCacheManagerFactoryImpl : public DnsCacheManagerFactory { public: DnsCacheManagerFactoryImpl(Singleton::Manager& singleton_manager, Event::Dispatcher& dispatcher, ThreadLocal::SlotAllocator& tls, Random::RandomGenerator& random, Runtime::Loader& loader, Stats::Scope& root_scope) : singleton_manager_(singleton_manager), dispatcher_(dispatcher), tls_(tls), random_(random), loader_(loader), root_scope_(root_scope) {} DnsCacheManagerSharedPtr get() override { return getCacheManager(singleton_manager_, dispatcher_, tls_, random_, loader_, root_scope_); } private: Singleton::Manager& singleton_manager_; Event::Dispatcher& dispatcher_; ThreadLocal::SlotAllocator& tls_; Random::RandomGenerator& random_; Runtime::Loader& loader_; Stats::Scope& root_scope_; }; } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.cc ================================================ #include "extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { DnsCacheResourceManagerImpl::DnsCacheResourceManagerImpl( Stats::Scope& scope, Runtime::Loader& loader, const std::string& config_name, const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheCircuitBreakers& cb_config) : cb_stats_(generateDnsCacheCircuitBreakersStats(scope)), pending_requests_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(cb_config, max_pending_requests, 1024), loader, fmt::format("dns_cache.{}.circuit_breakers", config_name), cb_stats_.rq_pending_open_, cb_stats_.rq_pending_remaining_) {} DnsCacheCircuitBreakersStats DnsCacheResourceManagerImpl::generateDnsCacheCircuitBreakersStats(Stats::Scope& scope) { std::string stat_prefix = "circuit_breakers"; return {ALL_DNS_CACHE_CIRCUIT_BREAKERS_STATS(POOL_GAUGE_PREFIX(scope, stat_prefix), POOL_GAUGE_PREFIX(scope, stat_prefix))}; } } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h ================================================ #pragma once #include #include #include #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/resource_manager.h" #include "common/common/assert.h" #include "common/common/basic_resource_impl.h" #include "common/upstream/resource_manager_impl.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { namespace Common { namespace DynamicForwardProxy { class DnsCacheResourceManagerImpl : public DnsCacheResourceManager { public: DnsCacheResourceManagerImpl( Stats::Scope& scope, Runtime::Loader& loader, const std::string& config_name, const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheCircuitBreakers& cb_config); static DnsCacheCircuitBreakersStats generateDnsCacheCircuitBreakersStats(Stats::Scope& scope); // Envoy::Upstream::DnsCacheResourceManager ResourceLimit& pendingRequests() override { return pending_requests_; } DnsCacheCircuitBreakersStats& stats() override { return cb_stats_; } private: DnsCacheCircuitBreakersStats cb_stats_; Upstream::ManagedResourceImpl pending_requests_; }; } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/matcher/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "matcher_lib", srcs = ["matcher.cc"], hdrs = ["matcher.h"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:header_utility_lib", "@envoy_api//envoy/config/common/matcher/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/common/matcher/matcher.cc ================================================ #include "extensions/common/matcher/matcher.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace Common { namespace Matcher { void buildMatcher(const envoy::config::common::matcher::v3::MatchPredicate& match_config, std::vector& matchers) { // In order to store indexes and build our matcher tree inline, we must reserve a slot where // the matcher we are about to create will go. This allows us to know its future index and still // construct more of the tree in each called constructor (e.g., multiple OR/AND conditions). // Once fully constructed, we move the matcher into its position below. See the matcher // overview in matcher.h for more information. matchers.emplace_back(nullptr); MatcherPtr new_matcher; switch (match_config.rule_case()) { case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kOrMatch: new_matcher = std::make_unique(match_config.or_match(), matchers, SetLogicMatcher::Type::Or); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kAndMatch: new_matcher = std::make_unique(match_config.and_match(), matchers, SetLogicMatcher::Type::And); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kNotMatch: new_matcher = std::make_unique(match_config.not_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kAnyMatch: new_matcher = std::make_unique(matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpRequestHeadersMatch: new_matcher = std::make_unique( match_config.http_request_headers_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpRequestTrailersMatch: new_matcher = std::make_unique( match_config.http_request_trailers_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpResponseHeadersMatch: new_matcher = std::make_unique( match_config.http_response_headers_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpResponseTrailersMatch: new_matcher = std::make_unique( match_config.http_response_trailers_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpRequestGenericBodyMatch: new_matcher = std::make_unique( match_config.http_request_generic_body_match(), matchers); break; case envoy::config::common::matcher::v3::MatchPredicate::RuleCase::kHttpResponseGenericBodyMatch: new_matcher = std::make_unique( match_config.http_response_generic_body_match(), matchers); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } // Per above, move the matcher into its position. matchers[new_matcher->index()] = std::move(new_matcher); } SetLogicMatcher::SetLogicMatcher( const envoy::config::common::matcher::v3::MatchPredicate::MatchSet& configs, std::vector& matchers, Type type) : LogicMatcherBase(matchers), matchers_(matchers), type_(type) { for (const auto& config : configs.rules()) { indexes_.push_back(matchers_.size()); buildMatcher(config, matchers_); } } void SetLogicMatcher::updateLocalStatus(MatchStatusVector& statuses, const UpdateFunctor& functor) const { if (!statuses[my_index_].might_change_status_) { return; } for (size_t index : indexes_) { functor(*matchers_[index], statuses); } auto predicate = [&statuses](size_t index) { return statuses[index].matches_; }; if (type_ == Type::And) { statuses[my_index_].matches_ = std::all_of(indexes_.begin(), indexes_.end(), predicate); } else { ASSERT(type_ == Type::Or); statuses[my_index_].matches_ = std::any_of(indexes_.begin(), indexes_.end(), predicate); } // TODO(mattklein123): We can potentially short circuit this even further if we git a single false // in an AND set or a single true in an OR set. statuses[my_index_].might_change_status_ = std::any_of(indexes_.begin(), indexes_.end(), [&statuses](size_t index) { return statuses[index].might_change_status_; }); } NotMatcher::NotMatcher(const envoy::config::common::matcher::v3::MatchPredicate& config, std::vector& matchers) : LogicMatcherBase(matchers), matchers_(matchers), not_index_(matchers.size()) { buildMatcher(config, matchers); } void NotMatcher::updateLocalStatus(MatchStatusVector& statuses, const UpdateFunctor& functor) const { if (!statuses[my_index_].might_change_status_) { return; } functor(*matchers_[not_index_], statuses); statuses[my_index_].matches_ = !statuses[not_index_].matches_; statuses[my_index_].might_change_status_ = statuses[not_index_].might_change_status_; } HttpHeaderMatcherBase::HttpHeaderMatcherBase( const envoy::config::common::matcher::v3::HttpHeadersMatch& config, const std::vector& matchers) : SimpleMatcher(matchers), headers_to_match_(Http::HeaderUtility::buildHeaderDataVector(config.headers())) {} void HttpHeaderMatcherBase::matchHeaders(const Http::HeaderMap& headers, MatchStatusVector& statuses) const { ASSERT(statuses[my_index_].might_change_status_); statuses[my_index_].matches_ = Http::HeaderUtility::matchHeaders(headers, headers_to_match_); statuses[my_index_].might_change_status_ = false; } // HttpGenericBodyMatcher // Scans the HTTP body and looks for patterns. // HTTP body may be passed to the matcher in chunks. The search logic buffers // only as many bytes as is the length of the longest pattern to be found. HttpGenericBodyMatcher::HttpGenericBodyMatcher( const envoy::config::common::matcher::v3::HttpGenericBodyMatch& config, const std::vector& matchers) : HttpBodyMatcherBase(matchers) { patterns_ = std::make_shared>(); for (const auto& i : config.patterns()) { switch (i.rule_case()) { // For binary match 'i' contains sequence of bytes to locate in the body. case envoy::config::common::matcher::v3::HttpGenericBodyMatch::GenericTextMatch::kBinaryMatch: { patterns_->push_back(i.binary_match()); } break; // For string match 'i' contains exact string to locate in the body. case envoy::config::common::matcher::v3::HttpGenericBodyMatch::GenericTextMatch::kStringMatch: patterns_->push_back(i.string_match()); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } // overlap_size_ indicates how many bytes from previous data chunk(s) are buffered. overlap_size_ = std::max(overlap_size_, patterns_->back().length() - 1); } limit_ = config.bytes_limit(); } void HttpGenericBodyMatcher::onBody(const Buffer::Instance& data, MatchStatusVector& statuses) { // Get the context associated with this stream. HttpGenericBodyMatcherCtx* ctx = static_cast(statuses[my_index_].ctx_.get()); if (statuses[my_index_].might_change_status_ == false) { // End of search limit has been already reached or all patterns have been found. // Status is not going to change. ASSERT(((0 != limit_) && (limit_ == ctx->processed_bytes_)) || (ctx->patterns_index_.empty())); return; } // Iterate through all patterns to be found and check if they are located across body // chunks: part of the pattern was in previous body chunk and remaining of the pattern // is in the current body chunk on in the current body chunk. bool resize_required = false; auto body_search_limit = limit_ - ctx->processed_bytes_; auto it = ctx->patterns_index_.begin(); while (it != ctx->patterns_index_.end()) { const auto& pattern = patterns_->at(*it); if ((!ctx->overlap_.empty() && (locatePatternAcrossChunks(pattern, data, ctx))) || (-1 != data.search(static_cast(pattern.data()), pattern.length(), 0, body_search_limit))) { // Pattern found. Remove it from the list of patterns to be found. // If the longest pattern has been found, resize of overlap buffer may be // required. resize_required = resize_required || (ctx->capacity_ == (pattern.length() - 1)); it = ctx->patterns_index_.erase(it); } else { it++; } } if (ctx->patterns_index_.empty()) { // All patterns were found. statuses[my_index_].matches_ = true; statuses[my_index_].might_change_status_ = false; return; } // Check if next body chunks should be searched for patterns. If the search limit // ends on the current body chunk, there is no need to check next chunks. if (0 != limit_) { ctx->processed_bytes_ = std::min(uint64_t(limit_), ctx->processed_bytes_ + data.length()); if (limit_ == ctx->processed_bytes_) { // End of search limit has been reached and not all patterns have been found. statuses[my_index_].matches_ = false; statuses[my_index_].might_change_status_ = false; return; } } // If longest pattern has been located, there is possibility that overlap_ // buffer size may be reduced. if (resize_required) { resizeOverlapBuffer(ctx); } bufferLastBytes(data, ctx); } // Here we handle a situation when a pattern is spread across multiple body buffers. // overlap_ stores number of bytes from previous body chunks equal to longest pattern yet to be // found minus one byte (-1). The logic below tries to find the beginning of the pattern in // overlap_ buffer and the pattern should continue at the beginning of the next buffer. bool HttpGenericBodyMatcher::locatePatternAcrossChunks(const std::string& pattern, const Buffer::Instance& data, const HttpGenericBodyMatcherCtx* ctx) { // Take the first character from the pattern and locate it in overlap_. auto pattern_index = 0; // Start position in overlap_. overlap_ size was calculated based on the longest pattern to be // found, but search for shorter patterns may start from some offset, not the beginning of the // buffer. size_t start_index = (ctx->overlap_.size() > (pattern.size() - 1)) ? ctx->overlap_.size() - (pattern.size() - 1) : 0; auto match_iter = std::find(std::begin(ctx->overlap_) + start_index, std::end(ctx->overlap_), pattern.at(pattern_index)); if (match_iter == std::end(ctx->overlap_)) { return false; } // Continue checking characters until end of overlap_ buffer. while (match_iter != std::end(ctx->overlap_)) { if (pattern[pattern_index] != *match_iter) { return false; } pattern_index++; match_iter++; } // Now check if the remaining of the pattern matches the beginning of the body // buffer.i Do it only if there is sufficient number of bytes in the data buffer. auto pattern_remainder = pattern.substr(pattern_index); if ((0 != limit_) && (pattern_remainder.length() > (limit_ - ctx->processed_bytes_))) { // Even if we got match it would be outside the search limit return false; } return ((pattern_remainder.length() <= data.length()) && data.startsWith(pattern_remainder)); } // Method buffers last bytes from the currently processed body in overlap_. // This is required to find patterns which spans across multiple body chunks. void HttpGenericBodyMatcher::bufferLastBytes(const Buffer::Instance& data, HttpGenericBodyMatcherCtx* ctx) { // The matcher buffers the last seen X bytes where X is equal to the length of the // longest pattern - 1. With the arrival of the new 'data' the following situations // are possible: // 1. The new data's length is larger or equal to X. In this case just copy last X bytes // from the data to overlap_ buffer. // 2. The new data length is smaller than X and there is enough room in overlap buffer to just // copy the bytes from data. // 3. The new data length is smaller than X and there is not enough room in overlap buffer. if (data.length() >= ctx->capacity_) { // Case 1: // Just overwrite the entire overlap_ buffer with new data. ctx->overlap_.resize(ctx->capacity_); data.copyOut(data.length() - ctx->capacity_, ctx->capacity_, ctx->overlap_.data()); } else { if (data.length() <= (ctx->capacity_ - ctx->overlap_.size())) { // Case 2. Just add the new data on top of already buffered. const auto size = ctx->overlap_.size(); ctx->overlap_.resize(ctx->overlap_.size() + data.length()); data.copyOut(0, data.length(), ctx->overlap_.data() + size); } else { // Case 3. First shift data to make room for new data and then copy // entire new buffer. const size_t shift = ctx->overlap_.size() - (ctx->capacity_ - data.length()); for (size_t i = 0; i < (ctx->overlap_.size() - shift); i++) { ctx->overlap_[i] = ctx->overlap_[i + shift]; } const auto size = ctx->overlap_.size(); ctx->overlap_.resize(ctx->capacity_); data.copyOut(0, data.length(), ctx->overlap_.data() + (size - shift)); } } } // Method takes list of indexes of patterns not yet located in the http body and returns the // length of the longest pattern. // This is used by matcher to buffer as minimum bytes as possible. size_t HttpGenericBodyMatcher::calcLongestPatternSize(const std::list& indexes) const { ASSERT(!indexes.empty()); size_t max_len = 0; for (const auto& i : indexes) { max_len = std::max(max_len, patterns_->at(i).length()); } return max_len; } // Method checks if it is possible to reduce the size of overlap_ buffer. void HttpGenericBodyMatcher::resizeOverlapBuffer(HttpGenericBodyMatcherCtx* ctx) { // Check if we need to resize overlap_ buffer. Since it was initialized to size of the longest // pattern, it will be shrunk only and memory allocations do not happen. // Depending on how many bytes were already in the buffer, shift may be required if // the new size is smaller than number of already buffered bytes. const size_t max_len = calcLongestPatternSize(ctx->patterns_index_); if (ctx->capacity_ != (max_len - 1)) { const size_t new_size = max_len - 1; const size_t shift = (ctx->overlap_.size() > new_size) ? (ctx->overlap_.size() - new_size) : 0; // Copy the last new_size bytes to the beginning of the buffer. for (size_t i = 0; (i < new_size) && (shift > 0); i++) { ctx->overlap_[i] = ctx->overlap_[i + shift]; } ctx->capacity_ = new_size; if (shift > 0) { ctx->overlap_.resize(new_size); } } } } // namespace Matcher } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/matcher/matcher.h ================================================ #pragma once #include "envoy/config/common/matcher/v3/matcher.pb.h" #include "common/buffer/buffer_impl.h" #include "common/http/header_utility.h" namespace Envoy { namespace Extensions { namespace Common { namespace Matcher { class Matcher; using MatcherPtr = std::unique_ptr; /** * Base class for context used by individual matchers. * The context may be required by matchers which are called multiple times * and need to carry state between the calls. For example body matchers may * store information how any bytes of the body have been already processed * or what what has been already found in the body and what has yet to be found. */ class MatcherCtx { public: virtual ~MatcherCtx() = default; }; /** * Base class for all matchers. * * A high level note on the design of matching which is different from other matching in Envoy * due to a requirement to support streaming matching (match as new data arrives versus * calculating the match given all available data at once). * - The matching system is composed of a constant matching configuration. This is essentially * a tree of matchers given logical AND, OR, NOT, etc. * - A per-stream/request matching status must be kept in order to compute interim match status. * - In order to make this computationally efficient, the matching tree is kept in a vector, with * all references to other matchers implemented using an index into the vector. The vector is * effectively a preorder traversal flattened N-ary tree. * - The previous point allows the creation of a per-stream/request vector of match statuses of * the same size as the matcher vector. Then, when match status is updated given new * information, the vector of match statuses can be easily updated using the same indexes as in * the constant match configuration. * - Finally, a matches() function can be trivially implemented by looking in the status vector at * the index position that the current matcher is located in. */ class Matcher { public: struct MatchStatus { bool operator==(const MatchStatus& rhs) const { return matches_ == rhs.matches_ && might_change_status_ == rhs.might_change_status_; } bool matches_{false}; // Does the matcher currently match? bool might_change_status_{true}; // Is it possible for matches_ to change in subsequent updates? std::unique_ptr ctx_{}; // Context used by matchers to save interim context. }; using MatchStatusVector = std::vector; /** * Base class constructor for a matcher. * @param matchers supplies the match tree vector being built. */ Matcher(const std::vector& matchers) // NOTE: This code assumes that the index for the matcher being constructed has already been // allocated, which is why my_index_ is set to size() - 1. See buildMatcher() in // matcher.cc. : my_index_(matchers.size() - 1) {} virtual ~Matcher() = default; /** * @return the matcher's index in the match tree vector (see above). */ size_t index() { return my_index_; } /** * Update match status when a stream is created. This might be an HTTP stream, a TCP connection, * etc. This allows any matchers to flip to an initial state of true if applicable. */ virtual void onNewStream(MatchStatusVector& statuses) const PURE; /** * Update match status given HTTP request headers. * @param request_headers supplies the request headers. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onHttpRequestHeaders(const Http::RequestHeaderMap& request_headers, MatchStatusVector& statuses) const PURE; /** * Update match status given HTTP request trailers. * @param request_trailers supplies the request trailers. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onHttpRequestTrailers(const Http::RequestTrailerMap& request_trailers, MatchStatusVector& statuses) const PURE; /** * Update match status given HTTP response headers. * @param response_headers supplies the response headers. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onHttpResponseHeaders(const Http::ResponseHeaderMap& response_headers, MatchStatusVector& statuses) const PURE; /** * Update match status given HTTP response trailers. * @param response_headers supplies the response trailers. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onHttpResponseTrailers(const Http::ResponseTrailerMap& response_trailers, MatchStatusVector& statuses) const PURE; /** * Update match status given HTTP request body. * @param data supplies the request body. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onRequestBody(const Buffer::Instance& data, MatchStatusVector& statuses) PURE; /** * Update match status given HTTP response body. * @param data supplies the response body. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ virtual void onResponseBody(const Buffer::Instance& data, MatchStatusVector& statuses) PURE; /** * @return whether given currently available information, the matcher matches. * @param statuses supplies the per-stream-request match status vector which must be the same * size as the match tree vector (see above). */ const MatchStatus& matchStatus(const MatchStatusVector& statuses) const { return statuses[my_index_]; } protected: const size_t my_index_; }; /** * Factory method to build a matcher given a match config. Calling this function may end * up recursively building many matchers, which will all be added to the passed in vector * of matchers. See the comments in matcher.h for the general structure of how matchers work. */ void buildMatcher(const envoy::config::common::matcher::v3::MatchPredicate& match_config, std::vector& matchers); /** * Base class for logic matchers that need to forward update calls to child matchers. */ class LogicMatcherBase : public Matcher { public: using Matcher::Matcher; void onNewStream(MatchStatusVector& statuses) const override { updateLocalStatus(statuses, [](Matcher& m, MatchStatusVector& statuses) { m.onNewStream(statuses); }); } void onHttpRequestHeaders(const Http::RequestHeaderMap& request_headers, MatchStatusVector& statuses) const override { updateLocalStatus(statuses, [&request_headers](Matcher& m, MatchStatusVector& statuses) { m.onHttpRequestHeaders(request_headers, statuses); }); } void onHttpRequestTrailers(const Http::RequestTrailerMap& request_trailers, MatchStatusVector& statuses) const override { updateLocalStatus(statuses, [&request_trailers](Matcher& m, MatchStatusVector& statuses) { m.onHttpRequestTrailers(request_trailers, statuses); }); } void onHttpResponseHeaders(const Http::ResponseHeaderMap& response_headers, MatchStatusVector& statuses) const override { updateLocalStatus(statuses, [&response_headers](Matcher& m, MatchStatusVector& statuses) { m.onHttpResponseHeaders(response_headers, statuses); }); } void onHttpResponseTrailers(const Http::ResponseTrailerMap& response_trailers, MatchStatusVector& statuses) const override { updateLocalStatus(statuses, [&response_trailers](Matcher& m, MatchStatusVector& statuses) { m.onHttpResponseTrailers(response_trailers, statuses); }); } void onRequestBody(const Buffer::Instance& data, MatchStatusVector& statuses) override { updateLocalStatus(statuses, [&data](Matcher& m, MatchStatusVector& statuses) { m.onRequestBody(data, statuses); }); } void onResponseBody(const Buffer::Instance& data, MatchStatusVector& statuses) override { updateLocalStatus(statuses, [&data](Matcher& m, MatchStatusVector& statuses) { m.onResponseBody(data, statuses); }); } protected: using UpdateFunctor = std::function; virtual void updateLocalStatus(MatchStatusVector& statuses, const UpdateFunctor& functor) const PURE; }; /** * Matcher for implementing set logic. */ class SetLogicMatcher : public LogicMatcherBase { public: enum class Type { And, Or }; SetLogicMatcher(const envoy::config::common::matcher::v3::MatchPredicate::MatchSet& configs, std::vector& matchers, Type type); private: void updateLocalStatus(MatchStatusVector& statuses, const UpdateFunctor& functor) const override; std::vector& matchers_; std::vector indexes_; const Type type_; }; /** * Not matcher. */ class NotMatcher : public LogicMatcherBase { public: NotMatcher(const envoy::config::common::matcher::v3::MatchPredicate& config, std::vector& matchers); private: void updateLocalStatus(MatchStatusVector& statuses, const UpdateFunctor& functor) const override; std::vector& matchers_; const size_t not_index_; }; /** * A base class for a matcher that generally wants to return default values, but might override * a single update function. */ class SimpleMatcher : public Matcher { public: using Matcher::Matcher; void onNewStream(MatchStatusVector&) const override {} void onHttpRequestHeaders(const Http::RequestHeaderMap&, MatchStatusVector&) const override {} void onHttpRequestTrailers(const Http::RequestTrailerMap&, MatchStatusVector&) const override {} void onHttpResponseHeaders(const Http::ResponseHeaderMap&, MatchStatusVector&) const override {} void onHttpResponseTrailers(const Http::ResponseTrailerMap&, MatchStatusVector&) const override {} void onRequestBody(const Buffer::Instance&, MatchStatusVector&) override {} void onResponseBody(const Buffer::Instance&, MatchStatusVector&) override {} }; /** * Any matcher (always matches). */ class AnyMatcher : public SimpleMatcher { public: using SimpleMatcher::SimpleMatcher; void onNewStream(MatchStatusVector& statuses) const override { statuses[my_index_].matches_ = true; statuses[my_index_].might_change_status_ = false; } }; /** * Base class for the various HTTP header matchers. */ class HttpHeaderMatcherBase : public SimpleMatcher { public: HttpHeaderMatcherBase(const envoy::config::common::matcher::v3::HttpHeadersMatch& config, const std::vector& matchers); protected: void matchHeaders(const Http::HeaderMap& headers, MatchStatusVector& statuses) const; const std::vector headers_to_match_; }; /** * HTTP request headers matcher. */ class HttpRequestHeadersMatcher : public HttpHeaderMatcherBase { public: using HttpHeaderMatcherBase::HttpHeaderMatcherBase; void onHttpRequestHeaders(const Http::RequestHeaderMap& request_headers, MatchStatusVector& statuses) const override { matchHeaders(request_headers, statuses); } }; /** * HTTP request trailers matcher. */ class HttpRequestTrailersMatcher : public HttpHeaderMatcherBase { public: using HttpHeaderMatcherBase::HttpHeaderMatcherBase; void onHttpRequestTrailers(const Http::RequestTrailerMap& request_trailers, MatchStatusVector& statuses) const override { matchHeaders(request_trailers, statuses); } }; /** * HTTP response headers matcher. */ class HttpResponseHeadersMatcher : public HttpHeaderMatcherBase { public: using HttpHeaderMatcherBase::HttpHeaderMatcherBase; void onHttpResponseHeaders(const Http::ResponseHeaderMap& response_headers, MatchStatusVector& statuses) const override { matchHeaders(response_headers, statuses); } }; /** * HTTP response trailers matcher. */ class HttpResponseTrailersMatcher : public HttpHeaderMatcherBase { public: using HttpHeaderMatcherBase::HttpHeaderMatcherBase; void onHttpResponseTrailers(const Http::ResponseTrailerMap& response_trailers, MatchStatusVector& statuses) const override { matchHeaders(response_trailers, statuses); } }; /** * Base class for body matchers. */ class HttpBodyMatcherBase : public SimpleMatcher { public: HttpBodyMatcherBase(const std::vector& matchers) : SimpleMatcher(matchers) {} protected: // Limit search to specified number of bytes. // Value equal to zero means no limit. uint32_t limit_{}; }; /** * Context is used by HttpGenericBodyMatcher to: * - track how many bytes has been processed * - track patterns which have been found * - store last several seen bytes of the HTTP body (when pattern starts at the end of previous body * chunk and continues at the beginning of the next body chunk) */ class HttpGenericBodyMatcherCtx : public MatcherCtx { public: HttpGenericBodyMatcherCtx(const std::shared_ptr>& patterns, size_t overlap_size) : patterns_(patterns) { // Initialize overlap_ buffer's capacity to fit the longest pattern - 1. // The length of the longest pattern is known and passed here as overlap_size. patterns_index_.resize(patterns_->size()); std::iota(patterns_index_.begin(), patterns_index_.end(), 0); overlap_.reserve(overlap_size); capacity_ = overlap_size; } ~HttpGenericBodyMatcherCtx() override = default; // The context is initialized per each http request. The patterns_ // shared pointer attaches to matcher's list of patterns, so patterns // can be referenced without copying data. const std::shared_ptr> patterns_; // List stores indexes of patterns in patterns_ shared memory which // still need to be located in the body. When a pattern is found // its index is removed from the list. // When all patterns have been found, the list is empty. std::list patterns_index_; // Buffer to store the last bytes from previous body chunk(s). // It will store only as many bytes as is the length of the longest // pattern to be found minus 1. // It is necessary to locate patterns which are spread across 2 or more // body chunks. std::vector overlap_; // capacity_ tells how many bytes should be buffered. overlap_'s initial // capacity is set to the length of the longest pattern - 1. As patterns // are found, there is a possibility that not as many bytes are required to be buffered. // It must be tracked outside of vector, because vector::reserve does not // change capacity when new value is lower than current capacity. uint32_t capacity_{}; // processed_bytes_ tracks how many bytes of HTTP body have been processed. uint32_t processed_bytes_{}; }; class HttpGenericBodyMatcher : public HttpBodyMatcherBase { public: HttpGenericBodyMatcher(const envoy::config::common::matcher::v3::HttpGenericBodyMatch& config, const std::vector& matchers); protected: void onBody(const Buffer::Instance&, MatchStatusVector&); void onNewStream(MatchStatusVector& statuses) const override { // Allocate a new context used for the new stream. statuses[my_index_].ctx_ = std::make_unique(patterns_, overlap_size_); statuses[my_index_].matches_ = false; statuses[my_index_].might_change_status_ = true; } bool locatePatternAcrossChunks(const std::string& pattern, const Buffer::Instance& data, const HttpGenericBodyMatcherCtx* ctx); void bufferLastBytes(const Buffer::Instance& data, HttpGenericBodyMatcherCtx* ctx); size_t calcLongestPatternSize(const std::list& indexes) const; void resizeOverlapBuffer(HttpGenericBodyMatcherCtx* ctx); private: // The following fields are initialized based on matcher config and are used // by all HTTP matchers. // List of strings which body must contain to get match. std::shared_ptr> patterns_; // Stores the length of the longest pattern. size_t overlap_size_{}; }; class HttpRequestGenericBodyMatcher : public HttpGenericBodyMatcher { public: using HttpGenericBodyMatcher::HttpGenericBodyMatcher; void onRequestBody(const Buffer::Instance& data, MatchStatusVector& statuses) override { onBody(data, statuses); } }; class HttpResponseGenericBodyMatcher : public HttpGenericBodyMatcher { public: using HttpGenericBodyMatcher::HttpGenericBodyMatcher; void onResponseBody(const Buffer::Instance& data, MatchStatusVector& statuses) override { onBody(data, statuses); } }; } // namespace Matcher } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/proxy_protocol/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "proxy_protocol_header_lib", srcs = ["proxy_protocol_header.cc"], hdrs = ["proxy_protocol_header.h"], # This is used by the router, so considered core code. visibility = ["//visibility:public"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:address_interface", "//include/envoy/network:connection_interface", "//source/common/network:address_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/common/proxy_protocol/proxy_protocol_header.cc ================================================ #include "extensions/common/proxy_protocol/proxy_protocol_header.h" #include #include "envoy/buffer/buffer.h" #include "envoy/network/address.h" #include "common/network/address_impl.h" namespace Envoy { namespace Extensions { namespace Common { namespace ProxyProtocol { void generateV1Header(const std::string& src_addr, const std::string& dst_addr, uint32_t src_port, uint32_t dst_port, Network::Address::IpVersion ip_version, Buffer::Instance& out) { std::ostringstream stream; stream << PROXY_PROTO_V1_SIGNATURE; switch (ip_version) { case Network::Address::IpVersion::v4: stream << PROXY_PROTO_V1_AF_INET << " "; break; case Network::Address::IpVersion::v6: stream << PROXY_PROTO_V1_AF_INET6 << " "; break; } stream << src_addr << " "; stream << dst_addr << " "; stream << src_port << " "; stream << dst_port << "\r\n"; out.add(stream.str()); } void generateV1Header(const Network::Address::Ip& source_address, const Network::Address::Ip& dest_address, Buffer::Instance& out) { generateV1Header(source_address.addressAsString(), dest_address.addressAsString(), source_address.port(), dest_address.port(), source_address.version(), out); } void generateV2Header(const std::string& src_addr, const std::string& dst_addr, uint32_t src_port, uint32_t dst_port, Network::Address::IpVersion ip_version, Buffer::Instance& out) { out.add(PROXY_PROTO_V2_SIGNATURE, PROXY_PROTO_V2_SIGNATURE_LEN); const uint8_t version_and_command = PROXY_PROTO_V2_VERSION << 4 | PROXY_PROTO_V2_ONBEHALF_OF; out.add(&version_and_command, 1); uint8_t address_family_and_protocol; switch (ip_version) { case Network::Address::IpVersion::v4: address_family_and_protocol = PROXY_PROTO_V2_AF_INET << 4; break; case Network::Address::IpVersion::v6: address_family_and_protocol = PROXY_PROTO_V2_AF_INET6 << 4; break; } address_family_and_protocol |= PROXY_PROTO_V2_TRANSPORT_STREAM; out.add(&address_family_and_protocol, 1); uint8_t addr_length[2]{0, 0}; switch (ip_version) { case Network::Address::IpVersion::v4: { addr_length[1] = PROXY_PROTO_V2_ADDR_LEN_INET; out.add(addr_length, 2); uint8_t addrs[8]; const auto net_src_addr = Network::Address::Ipv4Instance(src_addr, src_port).ip()->ipv4()->address(); const auto net_dst_addr = Network::Address::Ipv4Instance(dst_addr, dst_port).ip()->ipv4()->address(); memcpy(addrs, &net_src_addr, 4); memcpy(&addrs[4], &net_dst_addr, 4); out.add(addrs, 8); break; } case Network::Address::IpVersion::v6: { addr_length[1] = PROXY_PROTO_V2_ADDR_LEN_INET6; out.add(addr_length, 2); uint8_t addrs[32]; const auto net_src_addr = Network::Address::Ipv6Instance(src_addr, src_port).ip()->ipv6()->address(); const auto net_dst_addr = Network::Address::Ipv6Instance(dst_addr, dst_port).ip()->ipv6()->address(); memcpy(addrs, &net_src_addr, 16); memcpy(&addrs[16], &net_dst_addr, 16); out.add(addrs, 32); break; } } uint8_t ports[4]; const auto net_src_port = htons(static_cast(src_port)); const auto net_dst_port = htons(static_cast(dst_port)); memcpy(ports, &net_src_port, 2); memcpy(&ports[2], &net_dst_port, 2); out.add(ports, 4); } void generateV2Header(const Network::Address::Ip& source_address, const Network::Address::Ip& dest_address, Buffer::Instance& out) { generateV2Header(source_address.addressAsString(), dest_address.addressAsString(), source_address.port(), dest_address.port(), source_address.version(), out); } void generateProxyProtoHeader(const envoy::config::core::v3::ProxyProtocolConfig& config, const Network::Connection& connection, Buffer::Instance& out) { const Network::Address::Ip& dest_address = *connection.localAddress()->ip(); const Network::Address::Ip& source_address = *connection.remoteAddress()->ip(); if (config.version() == envoy::config::core::v3::ProxyProtocolConfig::V1) { generateV1Header(source_address, dest_address, out); } else if (config.version() == envoy::config::core::v3::ProxyProtocolConfig::V2) { generateV2Header(source_address, dest_address, out); } } void generateV2LocalHeader(Buffer::Instance& out) { out.add(PROXY_PROTO_V2_SIGNATURE, PROXY_PROTO_V2_SIGNATURE_LEN); const uint8_t addr_fam_protocol_and_length[4]{PROXY_PROTO_V2_VERSION << 4, 0, 0, 0}; out.add(addr_fam_protocol_and_length, 4); } } // namespace ProxyProtocol } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/proxy_protocol/proxy_protocol_header.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/network/address.h" #include "envoy/network/connection.h" namespace Envoy { namespace Extensions { namespace Common { namespace ProxyProtocol { // See https://github.com/haproxy/haproxy/blob/master/doc/proxy-protocol.txt for definitions constexpr char PROXY_PROTO_V1_SIGNATURE[] = "PROXY "; constexpr auto PROXY_PROTO_V1_AF_INET = "TCP4"; constexpr auto PROXY_PROTO_V1_AF_INET6 = "TCP6"; constexpr auto PROXY_PROTO_V1_UNKNOWN = "UNKNOWN"; constexpr char PROXY_PROTO_V2_SIGNATURE[] = "\x0d\x0a\x0d\x0a\x00\x0d\x0a\x51\x55\x49\x54\x0a"; constexpr uint32_t PROXY_PROTO_V1_SIGNATURE_LEN = 6; constexpr uint32_t PROXY_PROTO_V2_SIGNATURE_LEN = 12; constexpr uint32_t PROXY_PROTO_V2_HEADER_LEN = 16; constexpr uint32_t PROXY_PROTO_V2_VERSION = 0x2; constexpr uint32_t PROXY_PROTO_V2_ONBEHALF_OF = 0x1; constexpr uint32_t PROXY_PROTO_V2_LOCAL = 0x0; constexpr uint32_t PROXY_PROTO_V2_AF_INET = 0x1; constexpr uint32_t PROXY_PROTO_V2_AF_INET6 = 0x2; constexpr uint32_t PROXY_PROTO_V2_AF_UNIX = 0x3; constexpr uint8_t PROXY_PROTO_V2_TRANSPORT_STREAM = 0x1; constexpr uint8_t PROXY_PROTO_V2_TRANSPORT_DGRAM = 0x2; constexpr uint32_t PROXY_PROTO_V2_ADDR_LEN_UNSPEC = 0; constexpr uint32_t PROXY_PROTO_V2_ADDR_LEN_INET = 12; constexpr uint32_t PROXY_PROTO_V2_ADDR_LEN_INET6 = 36; constexpr uint32_t PROXY_PROTO_V2_ADDR_LEN_UNIX = 216; // Generates the v1 PROXY protocol header and adds it to the specified buffer void generateV1Header(const std::string& src_addr, const std::string& dst_addr, uint32_t src_port, uint32_t dst_port, Network::Address::IpVersion ip_version, Buffer::Instance& out); void generateV1Header(const Network::Address::Ip& source_address, const Network::Address::Ip& dest_address, Buffer::Instance& out); // Generates the v2 PROXY protocol header and adds it to the specified buffer // TCP is assumed as the transport protocol void generateV2Header(const std::string& src_addr, const std::string& dst_addr, uint32_t src_port, uint32_t dst_port, Network::Address::IpVersion ip_version, Buffer::Instance& out); void generateV2Header(const Network::Address::Ip& source_address, const Network::Address::Ip& dest_address, Buffer::Instance& out); // Generates the appropriate proxy proto header and appends it to the supplied buffer. void generateProxyProtoHeader(const envoy::config::core::v3::ProxyProtocolConfig& config, const Network::Connection& connection, Buffer::Instance& out); // Generates the v2 PROXY protocol local command header and adds it to the specified buffer void generateV2LocalHeader(Buffer::Instance& out); } // namespace ProxyProtocol } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/redis/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Redis proxy L4 network filter. Implements consistent hashing and observability for large redis # clusters. # Public docs: docs/root/configuration/network_filters/redis_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "cluster_refresh_manager_interface", hdrs = ["cluster_refresh_manager.h"], deps = [ ], ) envoy_cc_library( name = "cluster_refresh_manager_lib", srcs = ["cluster_refresh_manager_impl.cc"], hdrs = ["cluster_refresh_manager_impl.h"], deps = [ ":cluster_refresh_manager_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:lock_guard_lib", "//source/common/common:thread_annotations", "//source/common/common:thread_lib", ], ) ================================================ FILE: source/extensions/common/redis/cluster_refresh_manager.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Extensions { namespace Common { namespace Redis { using RefreshCB = std::function; /** * A manager for tracking events that would trigger a cluster refresh, and calling registered * callbacks when the error rate exceeds a configurable threshold (while ensuring that a minimum * time passes between calling the callback). */ class ClusterRefreshManager { public: class Handle { public: virtual ~Handle() = default; }; using HandlePtr = std::unique_ptr; virtual ~ClusterRefreshManager() = default; /** * Notifies the manager that a redirection error has been received for a given cluster. * @param cluster_name is the name of the cluster. * @return bool true if a cluster's registered callback is scheduled on the main thread, false * otherwise. */ virtual bool onRedirection(const std::string& cluster_name) PURE; /** * Notifies the manager that a failure has been received for a given cluster. * @param cluster_name is the name of the cluster. * @return bool true if a cluster's registered callback is scheduled on the main thread, false * otherwise. */ virtual bool onFailure(const std::string& cluster_name) PURE; /** * Notifies the manager that a degraded host has been used for a given cluster. * @param cluster_name is the name of the cluster. * @return bool true if a cluster's registered callback is scheduled on the main thread, false * otherwise. */ virtual bool onHostDegraded(const std::string& cluster_name) PURE; /** * Register a cluster to be tracked by the manager (called by main thread only). * @param cluster_name is the name of the cluster. * @param min_time_between_triggering is the minimum amount of time that must pass between * callback invocations (redirects ignored and not counted during this time). * @param redirects_threshold is the number of redirects that must be reached to consider * calling the callback. * @param cb is the cluster callback function. * @return HandlePtr is a smart pointer to an opaque Handle that will unregister the cluster upon * destruction. */ virtual HandlePtr registerCluster(const std::string& cluster_name, std::chrono::milliseconds min_time_between_triggering, const uint32_t redirects_threshold, const uint32_t failure_threshold, const uint32_t host_degraded_threshold, const RefreshCB& cb) PURE; }; using ClusterRefreshManagerSharedPtr = std::shared_ptr; } // namespace Redis } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/redis/cluster_refresh_manager_impl.cc ================================================ #include "extensions/common/redis/cluster_refresh_manager_impl.h" #include "envoy/singleton/manager.h" namespace Envoy { namespace Extensions { namespace Common { namespace Redis { SINGLETON_MANAGER_REGISTRATION(redis_refresh_manager); ClusterRefreshManagerSharedPtr getClusterRefreshManager(Singleton::Manager& manager, Event::Dispatcher& main_thread_dispatcher, Upstream::ClusterManager& cm, TimeSource& time_source) { return manager.getTyped( SINGLETON_MANAGER_REGISTERED_NAME(redis_refresh_manager), [&] { return std::make_shared(main_thread_dispatcher, cm, time_source); }); } bool ClusterRefreshManagerImpl::onFailure(const std::string& cluster_name) { return onEvent(cluster_name, EventType::Failure); } bool ClusterRefreshManagerImpl::onHostDegraded(const std::string& cluster_name) { return onEvent(cluster_name, EventType::DegradedHost); } bool ClusterRefreshManagerImpl::onRedirection(const std::string& cluster_name) { return onEvent(cluster_name, EventType::Redirection); } bool ClusterRefreshManagerImpl::onEvent(const std::string& cluster_name, EventType event_type) { ClusterInfoSharedPtr info; { // Hold the map lock to avoid a race condition with calls to unregisterCluster // on the main thread. Thread::LockGuard lock(map_mutex_); auto it = info_map_.find(cluster_name); if (it != info_map_.end()) { info = it->second; } } // No locks needed for thread safety while accessing clusterInfoSharedPtr members as // all potentially modified members are atomic (redirects_count_, last_callback_time_ms_). if (info.get()) { const uint64_t now = std::chrono::duration_cast( time_source_.monotonicTime().time_since_epoch()) .count(); uint64_t last_callback_time_ms = info->last_callback_time_ms_.load(); if (!last_callback_time_ms || (now >= (last_callback_time_ms + info->min_time_between_triggering_.count()))) { std::atomic* count; uint32_t threshold; switch (event_type) { case EventType::Redirection: { count = &(info->redirects_count_); threshold = info->redirects_threshold_; break; } case EventType::DegradedHost: { count = &(info->host_degraded_count_); threshold = info->host_degraded_threshold_; break; } case EventType::Failure: { count = &(info->failures_count_); threshold = info->failure_threshold_; break; } } if (threshold <= 0) { return false; } // There're 3 updates to atomic values cross threads in this section of code // a) ++(*count) >= threshold // b) info->last_callback_time_ms_.compare_exchange_strong(last_callback_time_ms, now) // c) *count = 0 // Let's say there're 2 threads T1 and T2, for all legal permutation of execution order a, b, // c we need to ensure that post_callback is true for only 1 thread and if both a) and b) are // true in 1 thread the count is 0 after this section. Here's a few different sequence that // can potentially result in race conditions to consider // Sequence 1: // starting condition: threshold:2, count:1, T1.last_call_back = T2.last_call_back = // info.last_call_back // * T1.a (count: 2) // * T1.b succeed (info.last_call_back: T1.now, T1.post_callback: true) // * T1.c (count:0) // * T2.a (count: 1, T2.post_callback: false) // * T2.b is skip since T2.a is false // * T2.c will still be triggered since info.last_call_back is now changed by T1 (count: 0) // // Sequence 2: // starting condition: threshold:2, count:1, T1.last_call_back = T2.last_call_back = // info.last_call_back // * T1.a (count: 2) // * T2.a (count: 3) // * T1.b succeed (info.last_call_back: T1.now, post_callback: true) // * T2.b failed due since info.last_call_back is now T1.now // * T1.c (count:0) // * T2.c (count:0) note we can't use count.decrement here since count is already 0 // // Sequence 3: // starting condition: threshold:2, count:1, T1.last_call_back == T2.last_call_back == // info.last_call_back // * T1.a (count: 1, T1.post_callback: false) // * T1.b skip since T1.a is false // * T2.a (count: 2, T2.post_callback: true) // * T2.b succeed (info.last_call_back = T2.now) // * T2.c (count: 0) // * T1.c will be triggered since info.last_call_back is changed by T2 (count: 0) bool post_callback = false; // ignore redirects during min time between triggering if ((++(*count) >= threshold) && (info->last_callback_time_ms_.compare_exchange_strong(last_callback_time_ms, now))) { // last_callback_time_ms_ successfully updated without any changes since it was // initially read. This thread is allowed to post a call to the registered callback // on the main thread. Otherwise, the thread would be ignored to prevent over-triggering // cluster callbacks. post_callback = true; } // If a callback should be triggered(in this or some other thread) signaled by the changed // last callback time, we reset the count to 0 if (post_callback || info->last_callback_time_ms_.load() != last_callback_time_ms) { *count = 0; } if (post_callback) { main_thread_dispatcher_.post([this, cluster_name, info]() { // Ensure that cluster is still active before calling callback. auto map = cm_.clusters(); auto it = map.find(cluster_name); if (it != map.end()) { info->cb_(); } }); return true; } } } return false; } ClusterRefreshManagerImpl::HandlePtr ClusterRefreshManagerImpl::registerCluster( const std::string& cluster_name, std::chrono::milliseconds min_time_between_triggering, const uint32_t redirects_threshold, const uint32_t failure_threshold, const uint32_t host_degraded_threshold, const RefreshCB& cb) { Thread::LockGuard lock(map_mutex_); ClusterInfoSharedPtr info = std::make_shared(cluster_name, min_time_between_triggering, redirects_threshold, failure_threshold, host_degraded_threshold, cb); info_map_[cluster_name] = info; return std::make_unique(this, info); } void ClusterRefreshManagerImpl::unregisterCluster(const ClusterInfoSharedPtr& cluster_info) { Thread::LockGuard lock(map_mutex_); info_map_.erase(cluster_info->cluster_name_); } } // namespace Redis } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/redis/cluster_refresh_manager_impl.h ================================================ #pragma once #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/singleton/instance.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/lock_guard.h" #include "common/common/thread.h" #include "extensions/common/redis/cluster_refresh_manager.h" namespace Envoy { namespace Extensions { namespace Common { namespace Redis { class ClusterRefreshManagerImpl : public ClusterRefreshManager, public Envoy::Singleton::Instance, public std::enable_shared_from_this { public: friend class ClusterRefreshManagerTest; /** * The information that the manager keeps for each cluster upon registration. */ struct ClusterInfo { ClusterInfo(std::string cluster_name, std::chrono::milliseconds min_time_between_triggering, const uint32_t redirects_threshold, const uint32_t failure_threshold, const uint32_t host_degraded_threshold, RefreshCB cb) : cluster_name_(std::move(cluster_name)), min_time_between_triggering_(min_time_between_triggering), redirects_threshold_(redirects_threshold), failure_threshold_(failure_threshold), host_degraded_threshold_(host_degraded_threshold), cb_(std::move(cb)) {} std::string cluster_name_; std::atomic last_callback_time_ms_{}; std::atomic redirects_count_{}; std::atomic failures_count_{}; std::atomic host_degraded_count_{}; std::chrono::milliseconds min_time_between_triggering_; const uint32_t redirects_threshold_; const uint32_t failure_threshold_; const uint32_t host_degraded_threshold_; RefreshCB cb_; }; using ClusterInfoSharedPtr = std::shared_ptr; class HandleImpl : public Handle { public: HandleImpl(ClusterRefreshManagerImpl* mgr, ClusterInfoSharedPtr& cluster_info) : manager_(mgr->shared_from_this()), cluster_info_(cluster_info) {} ~HandleImpl() override { manager_->unregisterCluster(cluster_info_); } private: const std::shared_ptr manager_; const std::shared_ptr cluster_info_; }; ClusterRefreshManagerImpl(Event::Dispatcher& main_thread_dispatcher, Upstream::ClusterManager& cm, TimeSource& time_source) : main_thread_dispatcher_(main_thread_dispatcher), cm_(cm), time_source_(time_source) {} bool onRedirection(const std::string& cluster_name) override; bool onFailure(const std::string& cluster_name) override; bool onHostDegraded(const std::string& cluster_name) override; HandlePtr registerCluster(const std::string& cluster_name, std::chrono::milliseconds min_time_between_triggering, const uint32_t redirects_threshold, const uint32_t failure_threshold, const uint32_t host_degraded_threshold, const RefreshCB& cb) override; private: void unregisterCluster(const ClusterInfoSharedPtr& cluster_info); /** * The type of events that can trigger discovery */ enum EventType { // MOVE or ASK redirection Redirection, // Failure Failure, // Sending request to degraded/unhealthy host DegradedHost }; bool onEvent(const std::string& cluster_name, EventType event_type); Event::Dispatcher& main_thread_dispatcher_; Upstream::ClusterManager& cm_; TimeSource& time_source_; std::map info_map_ ABSL_GUARDED_BY(map_mutex_); Thread::MutexBasicLockable map_mutex_; }; ClusterRefreshManagerSharedPtr getClusterRefreshManager(Singleton::Manager& manager, Event::Dispatcher& main_thread_dispatcher, Upstream::ClusterManager& cm, TimeSource& time_source); } // namespace Redis } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/sqlutils/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "sqlutils_lib", srcs = ["sqlutils.cc"], hdrs = ["sqlutils.h"], external_deps = ["sqlparser"], deps = [ "//source/common/protobuf:utility_lib", ], ) ================================================ FILE: source/extensions/common/sqlutils/sqlutils.cc ================================================ #include "extensions/common/sqlutils/sqlutils.h" namespace Envoy { namespace Extensions { namespace Common { namespace SQLUtils { bool SQLUtils::setMetadata(const std::string& query, const DecoderAttributes& attr, ProtobufWkt::Struct& metadata) { hsql::SQLParserResult result; hsql::SQLParser::parse(query, &result); if (!result.isValid()) { return false; } std::string database; // Check if the attributes map contains database name. const auto it = attr.find("database"); if (it != attr.end()) { database = absl::StrCat(".", it->second); } auto& fields = *metadata.mutable_fields(); for (auto i = 0u; i < result.size(); ++i) { if (result.getStatement(i)->type() == hsql::StatementType::kStmtShow) { continue; } hsql::TableAccessMap table_access_map; // Get names of accessed tables. result.getStatement(i)->tablesAccessed(table_access_map); for (auto& it : table_access_map) { auto& operations = *fields[it.first + database].mutable_list_value(); // For each table get names of operations performed on that table. for (const auto& ot : it.second) { operations.add_values()->set_string_value(ot); } } } return true; } } // namespace SQLUtils } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/sqlutils/sqlutils.h ================================================ #include "common/protobuf/utility.h" #include "include/sqlparser/SQLParser.h" namespace Envoy { namespace Extensions { namespace Common { namespace SQLUtils { class SQLUtils { public: using DecoderAttributes = std::map; /** * Method parses SQL query string and writes output to metadata. * @param query supplies SQL statement. * @param attr supplies attributes which cannot be extracted from SQL query but are * required to create proper metadata. For example database name may be sent * by a client when it initially connects to the server, not along each SQL query. * @param metadata supplies placeholder where metadata should be written. * @return True if parsing was successful and False if parsing failed. * If True was returned the metadata contains result of parsing. The results are * stored in metadata.mutable_fields. **/ static bool setMetadata(const std::string& query, const DecoderAttributes& attr, ProtobufWkt::Struct& metadata); }; } // namespace SQLUtils } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "tap_interface", hdrs = ["tap.h"], deps = [ "//include/envoy/http:header_map_interface", "//source/extensions/common/matcher:matcher_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "tap_config_base", srcs = ["tap_config_base.cc"], hdrs = ["tap_config_base.h"], deps = [ ":tap_interface", "//source/common/common:assert_lib", "//source/common/common:hex_lib", "//source/extensions/common/matcher:matcher_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "admin", srcs = ["admin.cc"], hdrs = ["admin.h"], deps = [ ":tap_interface", "//include/envoy/server:admin_interface", "//include/envoy/singleton:manager_interface", "//source/common/buffer:buffer_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "extension_config_base", srcs = ["extension_config_base.cc"], hdrs = ["extension_config_base.h"], deps = [ "//include/envoy/thread_local:thread_local_interface", "//source/extensions/common/tap:admin", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/common/tap/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/common/tap/admin.cc ================================================ #include "extensions/common/tap/admin.h" #include "envoy/admin/v3/tap.pb.h" #include "envoy/admin/v3/tap.pb.validate.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" #include "common/buffer/buffer_impl.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { // Singleton registration via macro defined in envoy/singleton/manager.h SINGLETON_MANAGER_REGISTRATION(tap_admin_handler); AdminHandlerSharedPtr AdminHandler::getSingleton(Server::Admin& admin, Singleton::Manager& singleton_manager, Event::Dispatcher& main_thread_dispatcher) { return singleton_manager.getTyped( SINGLETON_MANAGER_REGISTERED_NAME(tap_admin_handler), [&admin, &main_thread_dispatcher] { return std::make_shared(admin, main_thread_dispatcher); }); } AdminHandler::AdminHandler(Server::Admin& admin, Event::Dispatcher& main_thread_dispatcher) : admin_(admin), main_thread_dispatcher_(main_thread_dispatcher) { const bool rc = admin_.addHandler("/tap", "tap filter control", MAKE_ADMIN_HANDLER(handler), true, true); RELEASE_ASSERT(rc, "/tap admin endpoint is taken"); } AdminHandler::~AdminHandler() { const bool rc = admin_.removeHandler("/tap"); ASSERT(rc); } Http::Code AdminHandler::handler(absl::string_view, Http::HeaderMap&, Buffer::Instance& response, Server::AdminStream& admin_stream) { if (attached_request_.has_value()) { // TODO(mattlklein123): Consider supporting concurrent admin /tap streams. Right now we support // a single stream as a simplification. return badRequest(response, "An attached /tap admin stream already exists. Detach it."); } if (admin_stream.getRequestBody() == nullptr) { return badRequest(response, "/tap requires a JSON/YAML body"); } envoy::admin::v3::TapRequest tap_request; try { MessageUtil::loadFromYamlAndValidate(admin_stream.getRequestBody()->toString(), tap_request, ProtobufMessage::getStrictValidationVisitor()); } catch (EnvoyException& e) { return badRequest(response, e.what()); } ENVOY_LOG(debug, "tap admin request for config_id={}", tap_request.config_id()); if (config_id_map_.count(tap_request.config_id()) == 0) { return badRequest( response, fmt::format("Unknown config id '{}'. No extension has registered with this id.", tap_request.config_id())); } for (auto config : config_id_map_[tap_request.config_id()]) { config->newTapConfig(std::move(*tap_request.mutable_tap_config()), this); } admin_stream.setEndStreamOnComplete(false); admin_stream.addOnDestroyCallback([this] { for (auto config : config_id_map_[attached_request_.value().config_id_]) { ENVOY_LOG(debug, "detach tap admin request for config_id={}", attached_request_.value().config_id_); config->clearTapConfig(); attached_request_ = absl::nullopt; } }); attached_request_.emplace(tap_request.config_id(), &admin_stream); return Http::Code::OK; } Http::Code AdminHandler::badRequest(Buffer::Instance& response, absl::string_view error) { ENVOY_LOG(debug, "handler bad request: {}", error); response.add(error); return Http::Code::BadRequest; } void AdminHandler::registerConfig(ExtensionConfig& config, const std::string& config_id) { ASSERT(!config_id.empty()); ASSERT(config_id_map_[config_id].count(&config) == 0); config_id_map_[config_id].insert(&config); } void AdminHandler::unregisterConfig(ExtensionConfig& config) { ASSERT(!config.adminId().empty()); std::string admin_id(config.adminId()); ASSERT(config_id_map_[admin_id].count(&config) == 1); config_id_map_[admin_id].erase(&config); if (config_id_map_[admin_id].empty()) { config_id_map_.erase(admin_id); } } void AdminHandler::AdminPerTapSinkHandle::submitTrace( TraceWrapperPtr&& trace, envoy::config::tap::v3::OutputSink::Format format) { ENVOY_LOG(debug, "admin submitting buffered trace to main thread"); // Convert to a shared_ptr, so we can send it to the main thread. std::shared_ptr shared_trace{std::move(trace)}; // The handle can be destroyed before the cross thread post is complete. Thus, we capture a // reference to our parent. parent_.main_thread_dispatcher_.post([&parent = parent_, trace = shared_trace, format]() { if (!parent.attached_request_.has_value()) { return; } std::string output_string; switch (format) { case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_STRING: case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_BYTES: output_string = MessageUtil::getJsonStringFromMessage(*trace, true, true); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } ENVOY_LOG(debug, "admin writing buffered trace to response"); Buffer::OwnedImpl output_buffer{output_string}; parent.attached_request_.value().admin_stream_->getDecoderFilterCallbacks().encodeData( output_buffer, false); }); } } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/admin.h ================================================ #pragma once #include "envoy/server/admin.h" #include "envoy/singleton/manager.h" #include "extensions/common/tap/tap.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { class AdminHandler; using AdminHandlerSharedPtr = std::shared_ptr; /** * Singleton /tap admin handler for admin management of tap configurations and output. This * handler is not installed and active unless the tap configuration specifically configures it. * TODO(mattklein123): We should allow the admin handler to always be installed in read only mode * so it's easier to debug the active tap configuration. */ class AdminHandler : public Singleton::Instance, public Extensions::Common::Tap::Sink, Logger::Loggable { public: AdminHandler(Server::Admin& admin, Event::Dispatcher& main_thread_dispatcher); ~AdminHandler() override; /** * Get the singleton admin handler. The handler will be created if it doesn't already exist, * otherwise the existing handler will be returned. */ static AdminHandlerSharedPtr getSingleton(Server::Admin& admin, Singleton::Manager& singleton_manager, Event::Dispatcher& main_thread_dispatcher); /** * Register a new extension config to the handler so that it can be admin managed. * @param config supplies the config to register. * @param config_id supplies the ID to use for managing the configuration. Multiple extensions * can use the same ID so they can be managed in aggregate (e.g., an HTTP filter on * many listeners). */ void registerConfig(ExtensionConfig& config, const std::string& config_id); /** * Unregister an extension config from the handler. * @param config supplies the previously registered config. */ void unregisterConfig(ExtensionConfig& config); // Extensions::Common::Tap::Sink PerTapSinkHandlePtr createPerTapSinkHandle(uint64_t) override { return std::make_unique(*this); } private: struct AdminPerTapSinkHandle : public PerTapSinkHandle { AdminPerTapSinkHandle(AdminHandler& parent) : parent_(parent) {} // Extensions::Common::Tap::PerTapSinkHandle void submitTrace(TraceWrapperPtr&& trace, envoy::config::tap::v3::OutputSink::Format format) override; AdminHandler& parent_; }; struct AttachedRequest { AttachedRequest(std::string config_id, Server::AdminStream* admin_stream) : config_id_(std::move(config_id)), admin_stream_(admin_stream) {} const std::string config_id_; const Server::AdminStream* admin_stream_; }; Http::Code handler(absl::string_view path_and_query, Http::HeaderMap& response_headers, Buffer::Instance& response, Server::AdminStream& admin_stream); Http::Code badRequest(Buffer::Instance& response, absl::string_view error); Server::Admin& admin_; Event::Dispatcher& main_thread_dispatcher_; absl::node_hash_map> config_id_map_; absl::optional attached_request_; }; } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/extension_config_base.cc ================================================ #include "extensions/common/tap/extension_config_base.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/common/tap/v3/common.pb.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { ExtensionConfigBase::ExtensionConfigBase( const envoy::extensions::common::tap::v3::CommonExtensionConfig proto_config, TapConfigFactoryPtr&& config_factory, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher) : proto_config_(proto_config), config_factory_(std::move(config_factory)), tls_slot_(tls.allocateSlot()) { tls_slot_->set([](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(); }); switch (proto_config_.config_type_case()) { case envoy::extensions::common::tap::v3::CommonExtensionConfig::ConfigTypeCase::kAdminConfig: { admin_handler_ = AdminHandler::getSingleton(admin, singleton_manager, main_thread_dispatcher); admin_handler_->registerConfig(*this, proto_config_.admin_config().config_id()); ENVOY_LOG(debug, "initializing tap extension with admin endpoint (config_id={})", proto_config_.admin_config().config_id()); break; } case envoy::extensions::common::tap::v3::CommonExtensionConfig::ConfigTypeCase::kStaticConfig: { // Right now only one sink is supported. ASSERT(proto_config_.static_config().output_config().sinks().size() == 1); if (proto_config_.static_config().output_config().sinks()[0].output_sink_type_case() == envoy::config::tap::v3::OutputSink::OutputSinkTypeCase::kStreamingAdmin) { // Require that users do not specify a streaming admin with static configuration. throw EnvoyException( fmt::format("Error: Specifying admin streaming output without configuring admin.")); } installNewTap(envoy::config::tap::v3::TapConfig(proto_config_.static_config()), nullptr); ENVOY_LOG(debug, "initializing tap extension with static config"); break; } case envoy::extensions::common::tap::v3::CommonExtensionConfig::ConfigTypeCase::kTapdsConfig: { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } default: { NOT_REACHED_GCOVR_EXCL_LINE; } } } ExtensionConfigBase::~ExtensionConfigBase() { if (admin_handler_) { admin_handler_->unregisterConfig(*this); } } const absl::string_view ExtensionConfigBase::adminId() { // It is only possible to get here if we had an admin config and registered with the admin // handler. ASSERT(proto_config_.has_admin_config()); return proto_config_.admin_config().config_id(); } void ExtensionConfigBase::clearTapConfig() { tls_slot_->runOnAllThreads([](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().config_ = nullptr; return object; }); } void ExtensionConfigBase::installNewTap(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer) { TapConfigSharedPtr new_config = config_factory_->createConfigFromProto(std::move(proto_config), admin_streamer); tls_slot_->runOnAllThreads([new_config](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { object->asType().config_ = new_config; return object; }); } void ExtensionConfigBase::newTapConfig(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer) { installNewTap(envoy::config::tap::v3::TapConfig(proto_config), admin_streamer); } } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/extension_config_base.h ================================================ #pragma once #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/common/tap/v3/common.pb.h" #include "envoy/thread_local/thread_local.h" #include "extensions/common/tap/admin.h" #include "extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { /** * Base class for tap extension configuration. Used by all tap extensions. */ class ExtensionConfigBase : public ExtensionConfig, Logger::Loggable { public: // Extensions::Common::Tap::ExtensionConfig void clearTapConfig() override; const absl::string_view adminId() override; void newTapConfig(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer) override; protected: ExtensionConfigBase(const envoy::extensions::common::tap::v3::CommonExtensionConfig proto_config, TapConfigFactoryPtr&& config_factory, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher); ~ExtensionConfigBase() override; // All tap configurations derive from TapConfig for type safety. In order to use a common // extension base class (with TLS logic, etc.) we must dynamic cast to the actual tap // configuration type that the extension expects (and is created by the configuration factory). template std::shared_ptr currentConfigHelper() const { return std::dynamic_pointer_cast(tls_slot_->getTyped().config_); } private: // Holds the functionality of installing a new tap config. This is the underlying method to the // virtual method newTapConfig. void installNewTap(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer); struct TlsFilterConfig : public ThreadLocal::ThreadLocalObject { TapConfigSharedPtr config_; }; const envoy::extensions::common::tap::v3::CommonExtensionConfig proto_config_; TapConfigFactoryPtr config_factory_; ThreadLocal::SlotPtr tls_slot_; AdminHandlerSharedPtr admin_handler_; }; } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/tap.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" #include "envoy/http/header_map.h" #include "extensions/common/matcher/matcher.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { using Matcher = Envoy::Extensions::Common::Matcher::Matcher; using TraceWrapperPtr = std::unique_ptr; inline TraceWrapperPtr makeTraceWrapper() { return std::make_unique(); } /** * A handle for a per-tap sink. This allows submitting either a single buffered trace, or a series * of trace segments that the sink can aggregate in whatever way it chooses. */ class PerTapSinkHandle { public: virtual ~PerTapSinkHandle() = default; /** * Send a trace wrapper to the sink. This may be a fully buffered trace or a segment of a larger * trace depending on the contents of the wrapper. * @param trace supplies the trace to send. * @param format supplies the output format to use. */ virtual void submitTrace(TraceWrapperPtr&& trace, envoy::config::tap::v3::OutputSink::Format format) PURE; }; using PerTapSinkHandlePtr = std::unique_ptr; /** * Wraps potentially multiple PerTapSinkHandle instances and any common pre-submit functionality. * Each active tap will have a reference to one of these, which in turn may have references to * one or more PerTapSinkHandle. */ class PerTapSinkHandleManager { public: virtual ~PerTapSinkHandleManager() = default; /** * Submit a buffered or streamed trace segment to all managed per-tap sink handles. */ virtual void submitTrace(TraceWrapperPtr&& trace) PURE; }; using PerTapSinkHandleManagerPtr = std::unique_ptr; /** * Sink for sending tap messages. */ class Sink { public: virtual ~Sink() = default; /** * Create a per tap sink handle for use in submitting either buffered traces or trace segments. * @param trace_id supplies a locally unique trace ID. Some sinks use this for output generation. */ virtual PerTapSinkHandlePtr createPerTapSinkHandle(uint64_t trace_id) PURE; }; using SinkPtr = std::unique_ptr; /** * Generic configuration for a tap extension (filter, transport socket, etc.). */ class ExtensionConfig { public: virtual ~ExtensionConfig() = default; /** * @return the ID to use for admin extension configuration tracking (if applicable). */ virtual const absl::string_view adminId() PURE; /** * Clear any active tap configuration. */ virtual void clearTapConfig() PURE; /** * Install a new tap configuration. * @param proto_config supplies the generic tap config to install. Not all configuration fields * may be applicable to an extension (e.g. HTTP fields). The extension is free to fail * the configuration load via exception if it wishes. * @param admin_streamer supplies the singleton admin sink to use for output if the configuration * specifies that output type. May not be used if the configuration does not specify * admin output. May be nullptr if admin is not used to supply the config. */ virtual void newTapConfig(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer) PURE; }; /** * Abstract tap configuration base class. */ class TapConfig { public: virtual ~TapConfig() = default; /** * Return a per-tap sink handle manager for use by a tap session. * @param trace_id supplies a locally unique trace ID. Some sinks use this for output generation. */ virtual PerTapSinkHandleManagerPtr createPerTapSinkHandleManager(uint64_t trace_id) PURE; /** * Return the maximum received bytes that can be buffered in memory. Streaming taps are still * subject to this limit depending on match status. */ virtual uint32_t maxBufferedRxBytes() const PURE; /** * Return the maximum transmitted bytes that can be buffered in memory. Streaming taps are still * subject to this limit depending on match status. */ virtual uint32_t maxBufferedTxBytes() const PURE; /** * Return a new match status vector that is correctly sized for the number of matchers that are in * the configuration. */ virtual Matcher::MatchStatusVector createMatchStatusVector() const PURE; /** * Return the root matcher for use in updating a match status vector. */ virtual const Matcher& rootMatcher() const PURE; /** * Non-const version of rootMatcher method. */ Matcher& rootMatcher() { return const_cast(static_cast(*this).rootMatcher()); } /** * Return whether the tap session should run in streaming or buffering mode. */ virtual bool streaming() const PURE; }; using TapConfigSharedPtr = std::shared_ptr; /** * Abstract tap configuration factory. Given a new generic tap configuration, produces an * extension specific tap configuration. */ class TapConfigFactory { public: virtual ~TapConfigFactory() = default; /** * @return a new configuration given a raw tap service config proto. See * ExtensionConfig::newTapConfig() for param info. */ virtual TapConfigSharedPtr createConfigFromProto(envoy::config::tap::v3::TapConfig&& proto_config, Sink* admin_streamer) PURE; }; using TapConfigFactoryPtr = std::unique_ptr; } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/tap_config_base.cc ================================================ #include "extensions/common/tap/tap_config_base.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/version_converter.h" #include "common/protobuf/utility.h" #include "extensions/common/matcher/matcher.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { using namespace Matcher; bool Utility::addBufferToProtoBytes(envoy::data::tap::v3::Body& output_body, uint32_t max_buffered_bytes, const Buffer::Instance& data, uint32_t buffer_start_offset, uint32_t buffer_length_to_copy) { // TODO(mattklein123): Figure out if we can use the buffer API here directly in some way. This is // is not trivial if we want to avoid extra copies since we end up appending to the existing // protobuf string. // Note that max_buffered_bytes is assumed to include any data already contained in output_bytes. // This is to account for callers that may be tracking this over multiple body objects. ASSERT(buffer_start_offset + buffer_length_to_copy <= data.length()); const uint32_t final_bytes_to_copy = std::min(max_buffered_bytes, buffer_length_to_copy); Buffer::RawSliceVector slices = data.getRawSlices(); trimSlices(slices, buffer_start_offset, final_bytes_to_copy); for (const Buffer::RawSlice& slice : slices) { output_body.mutable_as_bytes()->append(static_cast(slice.mem_), slice.len_); } if (final_bytes_to_copy < buffer_length_to_copy) { output_body.set_truncated(true); return true; } else { return false; } } TapConfigBaseImpl::TapConfigBaseImpl(envoy::config::tap::v3::TapConfig&& proto_config, Common::Tap::Sink* admin_streamer) : max_buffered_rx_bytes_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( proto_config.output_config(), max_buffered_rx_bytes, DefaultMaxBufferedBytes)), max_buffered_tx_bytes_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( proto_config.output_config(), max_buffered_tx_bytes, DefaultMaxBufferedBytes)), streaming_(proto_config.output_config().streaming()) { ASSERT(proto_config.output_config().sinks().size() == 1); // TODO(mattklein123): Add per-sink checks to make sure format makes sense. I.e., when using // streaming, we should require the length delimited version of binary proto, etc. sink_format_ = proto_config.output_config().sinks()[0].format(); switch (proto_config.output_config().sinks()[0].output_sink_type_case()) { case envoy::config::tap::v3::OutputSink::OutputSinkTypeCase::kStreamingAdmin: ASSERT(admin_streamer != nullptr, "admin output must be configured via admin"); // TODO(mattklein123): Graceful failure, error message, and test if someone specifies an // admin stream output with the wrong format. RELEASE_ASSERT(sink_format_ == envoy::config::tap::v3::OutputSink::JSON_BODY_AS_BYTES || sink_format_ == envoy::config::tap::v3::OutputSink::JSON_BODY_AS_STRING, "admin output only supports JSON formats"); sink_to_use_ = admin_streamer; break; case envoy::config::tap::v3::OutputSink::OutputSinkTypeCase::kFilePerTap: sink_ = std::make_unique(proto_config.output_config().sinks()[0].file_per_tap()); sink_to_use_ = sink_.get(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } envoy::config::common::matcher::v3::MatchPredicate match; if (proto_config.has_match()) { // Use the match field whenever it is set. match = proto_config.match(); } else if (proto_config.has_match_config()) { // Fallback to use the deprecated match_config field and upgrade (wire cast) it to the new // MatchPredicate which is backward compatible with the old MatchPredicate originally // introduced in the Tap filter. Config::VersionConverter::upgrade(proto_config.match_config(), match); } else { throw EnvoyException(fmt::format("Neither match nor match_config is set in TapConfig: {}", proto_config.DebugString())); } buildMatcher(match, matchers_); } const Matcher& TapConfigBaseImpl::rootMatcher() const { ASSERT(!matchers_.empty()); return *matchers_[0]; } namespace { void swapBytesToString(envoy::data::tap::v3::Body& body) { body.set_allocated_as_string(body.release_as_bytes()); } } // namespace void Utility::bodyBytesToString(envoy::data::tap::v3::TraceWrapper& trace, envoy::config::tap::v3::OutputSink::Format sink_format) { // Swap the "bytes" string into the "string" string. This is done purely so that JSON // serialization will serialize as a string vs. doing base64 encoding. if (sink_format != envoy::config::tap::v3::OutputSink::JSON_BODY_AS_STRING) { return; } switch (trace.trace_case()) { case envoy::data::tap::v3::TraceWrapper::TraceCase::kHttpBufferedTrace: { auto* http_trace = trace.mutable_http_buffered_trace(); if (http_trace->has_request() && http_trace->request().has_body()) { swapBytesToString(*http_trace->mutable_request()->mutable_body()); } if (http_trace->has_response() && http_trace->response().has_body()) { swapBytesToString(*http_trace->mutable_response()->mutable_body()); } break; } case envoy::data::tap::v3::TraceWrapper::TraceCase::kHttpStreamedTraceSegment: { auto* http_trace = trace.mutable_http_streamed_trace_segment(); if (http_trace->has_request_body_chunk()) { swapBytesToString(*http_trace->mutable_request_body_chunk()); } if (http_trace->has_response_body_chunk()) { swapBytesToString(*http_trace->mutable_response_body_chunk()); } break; } case envoy::data::tap::v3::TraceWrapper::TraceCase::kSocketBufferedTrace: { auto* socket_trace = trace.mutable_socket_buffered_trace(); for (auto& event : *socket_trace->mutable_events()) { if (event.has_read()) { swapBytesToString(*event.mutable_read()->mutable_data()); } else { ASSERT(event.has_write()); swapBytesToString(*event.mutable_write()->mutable_data()); } } break; } case envoy::data::tap::v3::TraceWrapper::TraceCase::kSocketStreamedTraceSegment: { auto& event = *trace.mutable_socket_streamed_trace_segment()->mutable_event(); if (event.has_read()) { swapBytesToString(*event.mutable_read()->mutable_data()); } else if (event.has_write()) { swapBytesToString(*event.mutable_write()->mutable_data()); } break; } case envoy::data::tap::v3::TraceWrapper::TraceCase::TRACE_NOT_SET: NOT_REACHED_GCOVR_EXCL_LINE; } } void TapConfigBaseImpl::PerTapSinkHandleManagerImpl::submitTrace(TraceWrapperPtr&& trace) { Utility::bodyBytesToString(*trace, parent_.sink_format_); handle_->submitTrace(std::move(trace), parent_.sink_format_); } void FilePerTapSink::FilePerTapSinkHandle::submitTrace( TraceWrapperPtr&& trace, envoy::config::tap::v3::OutputSink::Format format) { if (!output_file_.is_open()) { std::string path = fmt::format("{}_{}", parent_.config_.path_prefix(), trace_id_); switch (format) { case envoy::config::tap::v3::OutputSink::PROTO_BINARY: path += MessageUtil::FileExtensions::get().ProtoBinary; break; case envoy::config::tap::v3::OutputSink::PROTO_BINARY_LENGTH_DELIMITED: path += MessageUtil::FileExtensions::get().ProtoBinaryLengthDelimited; break; case envoy::config::tap::v3::OutputSink::PROTO_TEXT: path += MessageUtil::FileExtensions::get().ProtoText; break; case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_BYTES: case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_STRING: path += MessageUtil::FileExtensions::get().Json; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } ENVOY_LOG_MISC(debug, "Opening tap file for [id={}] to {}", trace_id_, path); // When reading and writing binary files, we need to be sure std::ios_base::binary // is set, otherwise we will not get the expected results on Windows output_file_.open(path, std::ios_base::binary); } ENVOY_LOG_MISC(trace, "Tap for [id={}]: {}", trace_id_, trace->DebugString()); switch (format) { case envoy::config::tap::v3::OutputSink::PROTO_BINARY: trace->SerializeToOstream(&output_file_); break; case envoy::config::tap::v3::OutputSink::PROTO_BINARY_LENGTH_DELIMITED: { Protobuf::io::OstreamOutputStream stream(&output_file_); Protobuf::io::CodedOutputStream coded_stream(&stream); coded_stream.WriteVarint32(trace->ByteSize()); trace->SerializeWithCachedSizes(&coded_stream); break; } case envoy::config::tap::v3::OutputSink::PROTO_TEXT: output_file_ << trace->DebugString(); break; case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_BYTES: case envoy::config::tap::v3::OutputSink::JSON_BODY_AS_STRING: output_file_ << MessageUtil::getJsonStringFromMessage(*trace, true, true); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/tap/tap_config_base.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" #include "extensions/common/matcher/matcher.h" #include "extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { namespace Common { namespace Tap { using Matcher = Envoy::Extensions::Common::Matcher::Matcher; using MatcherPtr = Envoy::Extensions::Common::Matcher::MatcherPtr; /** * Common utilities for tapping. */ class Utility { public: /** * Add body data to a tapped body message, taking into account the maximum bytes to buffer. * @param output_body supplies the body message to buffer to. * @param max_buffered_bytes supplies the maximum bytes to store, if truncation occurs the * truncation flag will be set. * @param data supplies the data to buffer. * @param buffer_start_offset supplies the offset within data to start buffering. * @param buffer_length_to_copy supplies the length of the data to buffer. * @return whether the buffered data was truncated or not. */ static bool addBufferToProtoBytes(envoy::data::tap::v3::Body& output_body, uint32_t max_buffered_bytes, const Buffer::Instance& data, uint32_t buffer_start_offset, uint32_t buffer_length_to_copy); /** * Swap body as bytes to body as string if necessary in a trace wrapper. */ static void bodyBytesToString(envoy::data::tap::v3::TraceWrapper& trace, envoy::config::tap::v3::OutputSink::Format sink_format); /** * Trim a container that contains buffer raw slices so that the slices start at an offset and * only contain a specific length. No slices are removed from the container, but their length * may be reduced to 0. * TODO(mattklein123): This is split out to ease testing and also because we should ultimately * move this directly into the buffer API. I would rather wait until the new buffer code merges * before we do that. */ template static void trimSlices(T& slices, uint32_t start_offset, uint32_t length) { for (auto& slice : slices) { const uint32_t start_offset_trim = std::min(start_offset, slice.len_); slice.len_ -= start_offset_trim; start_offset -= start_offset_trim; if (slice.mem_ != nullptr) { slice.mem_ = static_cast(slice.mem_) + start_offset_trim; } const uint32_t final_length = std::min(length, slice.len_); slice.len_ = final_length; length -= final_length; } } }; /** * Base class for all tap configurations. * TODO(mattklein123): This class will handle common functionality such as rate limiting, etc. */ class TapConfigBaseImpl : public virtual TapConfig { public: // A wrapper for a per tap sink handle and trace submission. If in the future we support // multiple sinks we can easily do it here. class PerTapSinkHandleManagerImpl : public PerTapSinkHandleManager { public: PerTapSinkHandleManagerImpl(TapConfigBaseImpl& parent, uint64_t trace_id) : parent_(parent), handle_(parent.sink_to_use_->createPerTapSinkHandle(trace_id)) {} // PerTapSinkHandleManager void submitTrace(TraceWrapperPtr&& trace) override; private: TapConfigBaseImpl& parent_; PerTapSinkHandlePtr handle_; }; // TapConfig PerTapSinkHandleManagerPtr createPerTapSinkHandleManager(uint64_t trace_id) override { return std::make_unique(*this, trace_id); } uint32_t maxBufferedRxBytes() const override { return max_buffered_rx_bytes_; } uint32_t maxBufferedTxBytes() const override { return max_buffered_tx_bytes_; } Matcher::MatchStatusVector createMatchStatusVector() const override { return Matcher::MatchStatusVector(matchers_.size()); } const Matcher& rootMatcher() const override; bool streaming() const override { return streaming_; } protected: TapConfigBaseImpl(envoy::config::tap::v3::TapConfig&& proto_config, Common::Tap::Sink* admin_streamer); private: // This is the default setting for both RX/TX max buffered bytes. (This means that per tap, the // maximum amount that can be buffered is 2x this value). static constexpr uint32_t DefaultMaxBufferedBytes = 1024; const uint32_t max_buffered_rx_bytes_; const uint32_t max_buffered_tx_bytes_; const bool streaming_; Sink* sink_to_use_; SinkPtr sink_; envoy::config::tap::v3::OutputSink::Format sink_format_; std::vector matchers_; }; /** * A tap sink that writes each tap trace to a discrete output file. */ class FilePerTapSink : public Sink { public: FilePerTapSink(const envoy::config::tap::v3::FilePerTapSink& config) : config_(config) {} // Sink PerTapSinkHandlePtr createPerTapSinkHandle(uint64_t trace_id) override { return std::make_unique(*this, trace_id); } private: struct FilePerTapSinkHandle : public PerTapSinkHandle { FilePerTapSinkHandle(FilePerTapSink& parent, uint64_t trace_id) : parent_(parent), trace_id_(trace_id) {} // PerTapSinkHandle void submitTrace(TraceWrapperPtr&& trace, envoy::config::tap::v3::OutputSink::Format format) override; FilePerTapSink& parent_; const uint64_t trace_id_; std::ofstream output_file_; }; const envoy::config::tap::v3::FilePerTapSink config_; }; } // namespace Tap } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/utility.h ================================================ #pragma once #include "envoy/common/exception.h" #include "envoy/runtime/runtime.h" #include "common/common/documentation_url.h" #include "common/common/logger.h" #include "common/common/utility.h" namespace Envoy { namespace Extensions { namespace Common { namespace Utility { /** * ExtensionNameUtil provides utilities for extension names. */ class ExtensionNameUtil { public: enum class Status { Warn, Block }; /** * Checks the status of deprecated extension names and increments the deprecated feature stats * counter if deprecated names are allowed. * * @param runtime Runtime::Loader used to determine if deprecated extension names are allowed. * @return Status::Warn (allowed, warn) or Status::Block (disallowed, error) */ static Status deprecatedExtensionNameStatus( Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting()) { #ifdef ENVOY_DISABLE_DEPRECATED_FEATURES UNREFERENCED_PARAMETER(runtime); return Status::Block; #else bool warn_only = true; if (runtime && !runtime->snapshot().deprecatedFeatureEnabled( "envoy.deprecated_features.allow_deprecated_extension_names", true)) { warn_only = false; } return warn_only ? Status::Warn : Status::Block; #endif } /** * Checks the status of deprecated extension names. If deprecated extension names are allowed, * it increments the deprecated feature stats counter. Generates a warning or error log message * based on whether the name is allowed (warning) or not (error). The string parameters are used * only to generate the log message. * * @param extension_type absl::string_view that contains the extension type, for logging * @param deprecated_name absl::string_view that contains the deprecated name, for logging * @param canonical_name absl::string_view that contains the canonical name, for logging * @param runtime Runtime::Loader used to determine if deprecated extension names are allowed. * @return true if deprecated extensions are allowed, false otherwise. */ static bool allowDeprecatedExtensionName(absl::string_view extension_type, absl::string_view deprecated_name, absl::string_view canonical_name, Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting()) { auto status = deprecatedExtensionNameStatus(runtime); if (status == Status::Warn) { ENVOY_LOG_MISC(warn, "{}", message(extension_type, deprecated_name, canonical_name)); return true; } ENVOY_LOG_MISC(error, "{}", fatalMessage(extension_type, deprecated_name, canonical_name)); return false; } /** * Checks the status of deprecated extension names. If deprecated extension names are allowed, * it increments the deprecated feature stats counter and generates a log message. If not allowed, * an exception is thrown. The passed strings are used only to generate the log or exception * message. * * @param extension_type absl::string_view that contains the extension type, for logging * @param deprecated_name absl::string_view that contains the deprecated name, for logging * @param canonical_name absl::string_view that contains the canonical name, for logging * @param runtime Runtime::Loader used to determine if deprecated extension names are allowed. * @throw EnvoyException if the use of deprecated extension names is not allowed. */ static void checkDeprecatedExtensionName(absl::string_view extension_type, absl::string_view deprecated_name, absl::string_view canonical_name, Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting()) { auto status = deprecatedExtensionNameStatus(runtime); if (status == Status::Warn) { ENVOY_LOG_MISC(warn, "{}", message(extension_type, deprecated_name, canonical_name)); return; } ExceptionUtil::throwEnvoyException( fatalMessage(extension_type, deprecated_name, canonical_name)); } private: static std::string message(absl::string_view extension_type, absl::string_view deprecated_name, absl::string_view canonical_name) { absl::string_view spacing = extension_type.empty() ? "" : " "; return fmt::format( "Using deprecated {}{}extension name '{}' for '{}'. This name will be removed from Envoy " "soon. Please see {} for details.", extension_type, spacing, deprecated_name, canonical_name, ENVOY_DOC_URL_VERSION_HISTORY); } static std::string fatalMessage(absl::string_view extension_type, absl::string_view deprecated_name, absl::string_view canonical_name) { std::string err = message(extension_type, deprecated_name, canonical_name); const char fatal_error[] = " If continued use of this filter name is absolutely necessary, " "see " ENVOY_DOC_URL_RUNTIME_OVERRIDE_DEPRECATED " for " "how to apply a temporary and highly discouraged override."; return err + fatal_error; } }; } // namespace Utility } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = [ "//source/common/singleton:const_singleton", ], ) # NB: Used to break the circular dependency between wasm_lib and null_plugin_lib. envoy_cc_library( name = "wasm_hdr", hdrs = [ "context.h", "wasm.h", "wasm_extension.h", "wasm_state.h", "wasm_vm.h", ], visibility = ["//visibility:public"], deps = [ ":well_known_names", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/server:lifecycle_notifier_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/config:datasource_lib", "//source/common/singleton:const_singleton", "//source/common/stats:stats_lib", "//source/common/version:version_includes", "//source/extensions/filters/common/expr:evaluator_lib", "//source/extensions/filters/http:well_known_names", "@com_google_cel_cpp//eval/public:activation", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", "@proxy_wasm_cpp_host//:include", "@proxy_wasm_cpp_sdk//:common_lib", ], ) envoy_cc_library( name = "wasm_interoperation_lib", srcs = [ "wasm_state.cc", ], hdrs = [ "wasm_state.h", ], visibility = ["//visibility:public"], deps = [ "//include/envoy/stream_info:filter_state_interface", "//source/common/protobuf", "//source/common/singleton:const_singleton", "@com_github_google_flatbuffers//:flatbuffers", "@com_google_cel_cpp//eval/public:cel_value", "@com_google_cel_cpp//tools:flatbuffers_backed_impl", ], ) envoy_cc_library( name = "wasm_lib", srcs = [ "context.cc", "foreign.cc", "wasm.cc", "wasm_extension.cc", "wasm_vm.cc", ], copts = select({ "//bazel:windows_x86_64": [], # TODO: fix the windows ANTLR build "//conditions:default": [ "-DWASM_USE_CEL_PARSER", ], }), visibility = ["//visibility:public"], deps = [ ":wasm_hdr", ":wasm_interoperation_lib", "//external:abseil_base", "//external:abseil_node_hash_map", "//include/envoy/server:lifecycle_notifier_interface", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/config:remote_data_fetcher_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/common/wasm/ext:declare_property_cc_proto", "//source/extensions/common/wasm/ext:envoy_null_vm_wasm_api", "//source/extensions/filters/common/expr:context_lib", "@com_google_cel_cpp//eval/eval:field_access", "@com_google_cel_cpp//eval/eval:field_backed_list_impl", "@com_google_cel_cpp//eval/eval:field_backed_map_impl", "@com_google_cel_cpp//eval/public:builtin_func_registrar", "@com_google_cel_cpp//eval/public:cel_expr_builder_factory", "@com_google_cel_cpp//eval/public:cel_value", "@com_google_cel_cpp//eval/public:value_export_util", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", "@proxy_wasm_cpp_host//:lib", ] + select( { "//bazel:windows_x86_64": [], "//conditions:default": [ "@com_google_cel_cpp//parser", ], }, ), ) ================================================ FILE: source/extensions/common/wasm/context.cc ================================================ #include #include #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/grpc/status.h" #include "envoy/http/codes.h" #include "envoy/local_info/local_info.h" #include "envoy/network/filter.h" #include "envoy/stats/sink.h" #include "envoy/thread_local/thread_local.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/http/header_map_impl.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/common/wasm/wasm.h" #include "extensions/common/wasm/well_known_names.h" #include "extensions/filters/common/expr/context.h" #include "absl/base/casts.h" #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" #include "absl/synchronization/mutex.h" #include "eval/eval/field_access.h" #include "eval/eval/field_backed_list_impl.h" #include "eval/eval/field_backed_map_impl.h" #include "eval/public/cel_value.h" #include "openssl/bytestring.h" #include "openssl/hmac.h" #include "openssl/sha.h" using proxy_wasm::MetricType; using proxy_wasm::Word; namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { namespace { using HashPolicy = envoy::config::route::v3::RouteAction::HashPolicy; Http::RequestTrailerMapPtr buildRequestTrailerMapFromPairs(const Pairs& pairs) { auto map = Http::RequestTrailerMapImpl::create(); for (auto& p : pairs) { // Note: because of the lack of a string_view interface for addCopy and // the lack of an interface to add an entry with an empty value and return // the entry, there is no efficient way to prevent either a double copy // of the value or a double lookup of the entry. map->addCopy(Http::LowerCaseString(std::string(p.first)), std::string(p.second)); } return map; } Http::RequestHeaderMapPtr buildRequestHeaderMapFromPairs(const Pairs& pairs) { auto map = Http::RequestHeaderMapImpl::create(); for (auto& p : pairs) { // Note: because of the lack of a string_view interface for addCopy and // the lack of an interface to add an entry with an empty value and return // the entry, there is no efficient way to prevent either a double copy // of the value or a double lookup of the entry. map->addCopy(Http::LowerCaseString(std::string(p.first)), std::string(p.second)); } return map; } template static uint32_t headerSize(const P& p) { return p ? p->size() : 0; } constexpr absl::string_view FailStreamResponseDetails = "wasm_fail_stream"; } // namespace // Test support. size_t Buffer::size() const { if (const_buffer_instance_) { return const_buffer_instance_->length(); } return proxy_wasm::BufferBase::size(); } WasmResult Buffer::copyTo(WasmBase* wasm, size_t start, size_t length, uint64_t ptr_ptr, uint64_t size_ptr) const { if (const_buffer_instance_) { uint64_t pointer; auto p = wasm->allocMemory(length, &pointer); if (!p) { return WasmResult::InvalidMemoryAccess; } const_buffer_instance_->copyOut(start, length, p); if (!wasm->wasm_vm()->setWord(ptr_ptr, Word(pointer))) { return WasmResult::InvalidMemoryAccess; } if (!wasm->wasm_vm()->setWord(size_ptr, Word(length))) { return WasmResult::InvalidMemoryAccess; } return WasmResult::Ok; } return proxy_wasm::BufferBase::copyTo(wasm, start, length, ptr_ptr, size_ptr); } WasmResult Buffer::copyFrom(size_t start, size_t length, absl::string_view data) { if (buffer_instance_) { if (start == 0) { if (length == 0) { buffer_instance_->prepend(data); return WasmResult::Ok; } else if (length >= buffer_instance_->length()) { buffer_instance_->drain(buffer_instance_->length()); buffer_instance_->add(data); return WasmResult::Ok; } else { return WasmResult::BadArgument; } } else if (start >= buffer_instance_->length()) { buffer_instance_->add(data); return WasmResult::Ok; } else { return WasmResult::BadArgument; } } if (const_buffer_instance_) { // This buffer is immutable. return WasmResult::BadArgument; } return proxy_wasm::BufferBase::copyFrom(start, length, data); } Context::Context() = default; Context::Context(Wasm* wasm) : ContextBase(wasm) {} Context::Context(Wasm* wasm, const PluginSharedPtr& plugin) : ContextBase(wasm, plugin) { root_local_info_ = &std::static_pointer_cast(plugin)->local_info_; } Context::Context(Wasm* wasm, uint32_t root_context_id, const PluginSharedPtr& plugin) : ContextBase(wasm, root_context_id, plugin) {} Wasm* Context::wasm() const { return static_cast(wasm_); } Plugin* Context::plugin() const { return static_cast(plugin_.get()); } Context* Context::rootContext() const { return static_cast(root_context()); } Upstream::ClusterManager& Context::clusterManager() const { return wasm()->clusterManager(); } void Context::error(absl::string_view message) { ENVOY_LOG(trace, message); } uint64_t Context::getCurrentTimeNanoseconds() { return std::chrono::duration_cast( wasm()->time_source_.systemTime().time_since_epoch()) .count(); } void Context::onCloseTCP() { if (tcp_connection_closed_ || !in_vm_context_created_) { return; } tcp_connection_closed_ = true; onDone(); onLog(); onDelete(); } void Context::onResolveDns(uint32_t token, Envoy::Network::DnsResolver::ResolutionStatus status, std::list&& response) { proxy_wasm::DeferAfterCallActions actions(this); if (wasm()->isFailed() || !wasm()->on_resolve_dns_) { return; } if (status != Network::DnsResolver::ResolutionStatus::Success) { buffer_.set(""); wasm()->on_resolve_dns_(this, id_, token, 0); return; } // buffer format: // 4 bytes number of entries = N // N * 4 bytes TTL for each entry // N * null-terminated addresses uint32_t s = 4; // length for (auto& e : response) { s += 4; // for TTL s += e.address_->asStringView().size() + 1; // null terminated. } auto buffer = std::unique_ptr(new char[s]); char* b = buffer.get(); uint32_t n = response.size(); memcpy(b, &n, sizeof(uint32_t)); b += sizeof(uint32_t); for (auto& e : response) { uint32_t ttl = e.ttl_.count(); memcpy(b, &ttl, sizeof(uint32_t)); b += sizeof(uint32_t); }; for (auto& e : response) { memcpy(b, e.address_->asStringView().data(), e.address_->asStringView().size()); b += e.address_->asStringView().size(); *b++ = 0; }; buffer_.set(std::move(buffer), s); wasm()->on_resolve_dns_(this, id_, token, s); } template inline uint32_t align(uint32_t i) { return (i + sizeof(I) - 1) & ~(sizeof(I) - 1); } template inline char* align(char* p) { return reinterpret_cast((reinterpret_cast(p) + sizeof(I) - 1) & ~(sizeof(I) - 1)); } void Context::onStatsUpdate(Envoy::Stats::MetricSnapshot& snapshot) { proxy_wasm::DeferAfterCallActions actions(this); if (wasm()->isFailed() || !wasm()->on_stats_update_) { return; } // buffer format: // uint32 size of block of this type // uint32 type // uint32 count // uint32 length of name // name // 8 byte alignment padding // 8 bytes of absolute value // 8 bytes of delta (if appropriate, e.g. for counters) // uint32 size of block of this type uint32_t counter_block_size = 3 * sizeof(uint32_t); // type of stat uint32_t num_counters = snapshot.counters().size(); uint32_t counter_type = 1; uint32_t gauge_block_size = 3 * sizeof(uint32_t); // type of stat uint32_t num_gauges = snapshot.gauges().size(); uint32_t gauge_type = 2; uint32_t n = 0; uint64_t v = 0; for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { counter_block_size += sizeof(uint32_t) + counter.counter_.get().name().size(); counter_block_size = align(counter_block_size + 2 * sizeof(uint64_t)); } } for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { gauge_block_size += sizeof(uint32_t) + gauge.get().name().size(); gauge_block_size += align(gauge_block_size + sizeof(uint64_t)); } } auto buffer = std::unique_ptr(new char[counter_block_size + gauge_block_size]); char* b = buffer.get(); memcpy(b, &counter_block_size, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, &counter_type, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, &num_counters, sizeof(uint32_t)); b += sizeof(uint32_t); for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { n = counter.counter_.get().name().size(); memcpy(b, &n, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, counter.counter_.get().name().data(), counter.counter_.get().name().size()); b = align(b + counter.counter_.get().name().size()); v = counter.counter_.get().value(); memcpy(b, &v, sizeof(uint64_t)); b += sizeof(uint64_t); v = counter.delta_; memcpy(b, &v, sizeof(uint64_t)); b += sizeof(uint64_t); } } memcpy(b, &gauge_block_size, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, &gauge_type, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, &num_gauges, sizeof(uint32_t)); b += sizeof(uint32_t); for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { n = gauge.get().name().size(); memcpy(b, &n, sizeof(uint32_t)); b += sizeof(uint32_t); memcpy(b, gauge.get().name().data(), gauge.get().name().size()); b = align(b + gauge.get().name().size()); v = gauge.get().value(); memcpy(b, &v, sizeof(uint64_t)); b += sizeof(uint64_t); } } buffer_.set(std::move(buffer), counter_block_size + gauge_block_size); wasm()->on_stats_update_(this, id_, counter_block_size + gauge_block_size); } // Native serializer carrying over bit representation from CEL value to the extension. // This implementation assumes that the value type is static and known to the consumer. WasmResult serializeValue(Filters::Common::Expr::CelValue value, std::string* result) { using Filters::Common::Expr::CelValue; int64_t out_int64; uint64_t out_uint64; double out_double; bool out_bool; const Protobuf::Message* out_message; switch (value.type()) { case CelValue::Type::kString: result->assign(value.StringOrDie().value().data(), value.StringOrDie().value().size()); return WasmResult::Ok; case CelValue::Type::kBytes: result->assign(value.BytesOrDie().value().data(), value.BytesOrDie().value().size()); return WasmResult::Ok; case CelValue::Type::kInt64: out_int64 = value.Int64OrDie(); result->assign(reinterpret_cast(&out_int64), sizeof(int64_t)); return WasmResult::Ok; case CelValue::Type::kUint64: out_uint64 = value.Uint64OrDie(); result->assign(reinterpret_cast(&out_uint64), sizeof(uint64_t)); return WasmResult::Ok; case CelValue::Type::kDouble: out_double = value.DoubleOrDie(); result->assign(reinterpret_cast(&out_double), sizeof(double)); return WasmResult::Ok; case CelValue::Type::kBool: out_bool = value.BoolOrDie(); result->assign(reinterpret_cast(&out_bool), sizeof(bool)); return WasmResult::Ok; case CelValue::Type::kDuration: // Warning: loss of precision to nanoseconds out_int64 = absl::ToInt64Nanoseconds(value.DurationOrDie()); result->assign(reinterpret_cast(&out_int64), sizeof(int64_t)); return WasmResult::Ok; case CelValue::Type::kTimestamp: // Warning: loss of precision to nanoseconds out_int64 = absl::ToUnixNanos(value.TimestampOrDie()); result->assign(reinterpret_cast(&out_int64), sizeof(int64_t)); return WasmResult::Ok; case CelValue::Type::kMessage: out_message = value.MessageOrDie(); result->clear(); if (!out_message || out_message->SerializeToString(result)) { return WasmResult::Ok; } return WasmResult::SerializationFailure; case CelValue::Type::kMap: { const auto& map = *value.MapOrDie(); const auto& keys = *map.ListKeys(); std::vector> pairs(map.size(), std::make_pair("", "")); for (auto i = 0; i < map.size(); i++) { if (serializeValue(keys[i], &pairs[i].first) != WasmResult::Ok) { return WasmResult::SerializationFailure; } if (serializeValue(map[keys[i]].value(), &pairs[i].second) != WasmResult::Ok) { return WasmResult::SerializationFailure; } } auto size = proxy_wasm::exports::pairsSize(pairs); // prevent string inlining which violates byte alignment result->resize(std::max(size, static_cast(30))); proxy_wasm::exports::marshalPairs(pairs, result->data()); result->resize(size); return WasmResult::Ok; } case CelValue::Type::kList: { const auto& list = *value.ListOrDie(); std::vector> pairs(list.size(), std::make_pair("", "")); for (auto i = 0; i < list.size(); i++) { if (serializeValue(list[i], &pairs[i].first) != WasmResult::Ok) { return WasmResult::SerializationFailure; } } auto size = proxy_wasm::exports::pairsSize(pairs); // prevent string inlining which violates byte alignment if (size < 30) { result->reserve(30); } result->resize(size); proxy_wasm::exports::marshalPairs(pairs, result->data()); return WasmResult::Ok; } default: break; } return WasmResult::SerializationFailure; } #define PROPERTY_TOKENS(_f) \ _f(METADATA) _f(REQUEST) _f(RESPONSE) _f(CONNECTION) _f(UPSTREAM) _f(NODE) _f(SOURCE) \ _f(DESTINATION) _f(LISTENER_DIRECTION) _f(LISTENER_METADATA) _f(CLUSTER_NAME) \ _f(CLUSTER_METADATA) _f(ROUTE_NAME) _f(ROUTE_METADATA) _f(PLUGIN_NAME) \ _f(PLUGIN_ROOT_ID) _f(PLUGIN_VM_ID) _f(CONNECTION_ID) _f(FILTER_STATE) static inline std::string downCase(std::string s) { std::transform(s.begin(), s.end(), s.begin(), [](unsigned char c) { return std::tolower(c); }); return s; } #define _DECLARE(_t) _t, enum class PropertyToken { PROPERTY_TOKENS(_DECLARE) }; #undef _DECLARE #define _PAIR(_t) {downCase(#_t), PropertyToken::_t}, static absl::flat_hash_map property_tokens = {PROPERTY_TOKENS(_PAIR)}; #undef _PAIR absl::optional Context::findValue(absl::string_view name, Protobuf::Arena* arena, bool last) const { using google::api::expr::runtime::CelValue; const StreamInfo::StreamInfo* info = getConstRequestStreamInfo(); // Convert into a dense token to enable a jump table implementation. auto part_token = property_tokens.find(name); if (part_token == property_tokens.end()) { if (info) { std::string key; absl::StrAppend(&key, WasmStateKeyPrefix, name); const WasmState* state; if (info->filterState().hasData(key)) { state = &info->filterState().getDataReadOnly(key); } else if (info->upstreamFilterState() && info->upstreamFilterState()->hasData(key)) { state = &info->upstreamFilterState()->getDataReadOnly(key); } else { return {}; } return state->exprValue(arena, last); } return {}; } switch (part_token->second) { case PropertyToken::METADATA: if (info) { return CelValue::CreateMessage(&info->dynamicMetadata(), arena); } break; case PropertyToken::REQUEST: if (info) { return CelValue::CreateMap(Protobuf::Arena::Create( arena, *arena, request_headers_ ? request_headers_ : access_log_request_headers_, *info)); } break; case PropertyToken::RESPONSE: if (info) { return CelValue::CreateMap(Protobuf::Arena::Create( arena, *arena, response_headers_ ? response_headers_ : access_log_response_headers_, response_trailers_ ? response_trailers_ : access_log_response_trailers_, *info)); } break; case PropertyToken::CONNECTION: if (info) { return CelValue::CreateMap( Protobuf::Arena::Create(arena, *info)); } break; case PropertyToken::CONNECTION_ID: { auto conn = getConnection(); if (conn) { return CelValue::CreateUint64(conn->id()); } break; } case PropertyToken::UPSTREAM: if (info) { return CelValue::CreateMap( Protobuf::Arena::Create(arena, *info)); } break; case PropertyToken::NODE: if (root_local_info_) { return CelValue::CreateMessage(&root_local_info_->node(), arena); } else if (plugin_) { return CelValue::CreateMessage(&plugin()->local_info_.node(), arena); } break; case PropertyToken::SOURCE: if (info) { return CelValue::CreateMap( Protobuf::Arena::Create(arena, *info, false)); } break; case PropertyToken::DESTINATION: if (info) { return CelValue::CreateMap( Protobuf::Arena::Create(arena, *info, true)); } break; case PropertyToken::LISTENER_DIRECTION: if (plugin_) { return CelValue::CreateInt64(plugin()->direction_); } break; case PropertyToken::LISTENER_METADATA: if (plugin_) { return CelValue::CreateMessage(plugin()->listener_metadata_, arena); } break; case PropertyToken::CLUSTER_NAME: if (info && info->upstreamHost()) { return CelValue::CreateString(&info->upstreamHost()->cluster().name()); } else if (info && info->routeEntry()) { return CelValue::CreateString(&info->routeEntry()->clusterName()); } else if (info && info->upstreamClusterInfo().has_value() && info->upstreamClusterInfo().value()) { return CelValue::CreateString(&info->upstreamClusterInfo().value()->name()); } break; case PropertyToken::CLUSTER_METADATA: if (info && info->upstreamHost()) { return CelValue::CreateMessage(&info->upstreamHost()->cluster().metadata(), arena); } break; case PropertyToken::ROUTE_NAME: if (info) { return CelValue::CreateString(&info->getRouteName()); } break; case PropertyToken::ROUTE_METADATA: if (info && info->routeEntry()) { return CelValue::CreateMessage(&info->routeEntry()->metadata(), arena); } break; case PropertyToken::PLUGIN_NAME: if (plugin_) { return CelValue::CreateStringView(plugin()->name_); } break; case PropertyToken::PLUGIN_ROOT_ID: return CelValue::CreateStringView(root_id()); case PropertyToken::PLUGIN_VM_ID: return CelValue::CreateStringView(wasm()->vm_id()); case PropertyToken::FILTER_STATE: return Protobuf::Arena::Create(arena, info->filterState()) ->Produce(arena); } return {}; } WasmResult Context::getProperty(absl::string_view path, std::string* result) { using google::api::expr::runtime::CelValue; bool first = true; CelValue value; Protobuf::Arena arena; size_t start = 0; while (true) { if (start >= path.size()) { break; } size_t end = path.find('\0', start); if (end == absl::string_view::npos) { end = start + path.size(); } auto part = path.substr(start, end - start); start = end + 1; if (first) { // top-level identifier first = false; auto top_value = findValue(part, &arena, start >= path.size()); if (!top_value.has_value()) { return WasmResult::NotFound; } value = top_value.value(); } else if (value.IsMap()) { auto& map = *value.MapOrDie(); auto field = map[CelValue::CreateStringView(part)]; if (!field.has_value()) { return WasmResult::NotFound; } value = field.value(); } else if (value.IsMessage()) { auto msg = value.MessageOrDie(); if (msg == nullptr) { return WasmResult::NotFound; } const Protobuf::Descriptor* desc = msg->GetDescriptor(); const Protobuf::FieldDescriptor* field_desc = desc->FindFieldByName(std::string(part)); if (field_desc == nullptr) { return WasmResult::NotFound; } if (field_desc->is_map()) { value = CelValue::CreateMap( Protobuf::Arena::Create( &arena, msg, field_desc, &arena)); } else if (field_desc->is_repeated()) { value = CelValue::CreateList( Protobuf::Arena::Create( &arena, msg, field_desc, &arena)); } else { auto status = google::api::expr::runtime::CreateValueFromSingleField(msg, field_desc, &arena, &value); if (!status.ok()) { return WasmResult::InternalFailure; } } } else { return WasmResult::NotFound; } } return serializeValue(value, result); } // Header/Trailer/Metadata Maps. Http::HeaderMap* Context::getMap(WasmHeaderMapType type) { switch (type) { case WasmHeaderMapType::RequestHeaders: return request_headers_; case WasmHeaderMapType::RequestTrailers: return request_trailers_; case WasmHeaderMapType::ResponseHeaders: return response_headers_; case WasmHeaderMapType::ResponseTrailers: return response_trailers_; default: return nullptr; } } const Http::HeaderMap* Context::getConstMap(WasmHeaderMapType type) { switch (type) { case WasmHeaderMapType::RequestHeaders: if (access_log_request_headers_) { return access_log_request_headers_; } return request_headers_; case WasmHeaderMapType::RequestTrailers: return request_trailers_; case WasmHeaderMapType::ResponseHeaders: if (access_log_response_headers_) { return access_log_response_headers_; } return response_headers_; case WasmHeaderMapType::ResponseTrailers: if (access_log_response_trailers_) { return access_log_response_trailers_; } return response_trailers_; case WasmHeaderMapType::GrpcReceiveInitialMetadata: return rootContext()->grpc_receive_initial_metadata_.get(); case WasmHeaderMapType::GrpcReceiveTrailingMetadata: return rootContext()->grpc_receive_trailing_metadata_.get(); case WasmHeaderMapType::HttpCallResponseHeaders: { Envoy::Http::ResponseMessagePtr* response = rootContext()->http_call_response_; if (response) { return &(*response)->headers(); } return nullptr; } case WasmHeaderMapType::HttpCallResponseTrailers: { Envoy::Http::ResponseMessagePtr* response = rootContext()->http_call_response_; if (response) { return (*response)->trailers(); } return nullptr; } } NOT_REACHED_GCOVR_EXCL_LINE; } WasmResult Context::addHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view value) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } const Http::LowerCaseString lower_key{std::string(key)}; map->addCopy(lower_key, std::string(value)); return WasmResult::Ok; } WasmResult Context::getHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view* value) { auto map = getConstMap(type); if (!map) { return WasmResult::BadArgument; } const Http::LowerCaseString lower_key{std::string(key)}; auto entry = map->get(lower_key); if (!entry) { if (wasm()->abiVersion() == proxy_wasm::AbiVersion::ProxyWasm_0_1_0) { *value = ""; return WasmResult::Ok; } else { return WasmResult::NotFound; } } *value = entry->value().getStringView(); return WasmResult::Ok; } Pairs headerMapToPairs(const Http::HeaderMap* map) { if (!map) { return {}; } Pairs pairs; pairs.reserve(map->size()); map->iterate([&pairs](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { pairs.push_back(std::make_pair(header.key().getStringView(), header.value().getStringView())); return Http::HeaderMap::Iterate::Continue; }); return pairs; } WasmResult Context::getHeaderMapPairs(WasmHeaderMapType type, Pairs* result) { *result = headerMapToPairs(getConstMap(type)); return WasmResult::Ok; } WasmResult Context::setHeaderMapPairs(WasmHeaderMapType type, const Pairs& pairs) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } std::vector keys; map->iterate([&keys](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { keys.push_back(std::string(header.key().getStringView())); return Http::HeaderMap::Iterate::Continue; }); for (auto& k : keys) { const Http::LowerCaseString lower_key{k}; map->remove(lower_key); } for (auto& p : pairs) { const Http::LowerCaseString lower_key{std::string(p.first)}; map->addCopy(lower_key, std::string(p.second)); } return WasmResult::Ok; } WasmResult Context::removeHeaderMapValue(WasmHeaderMapType type, absl::string_view key) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } const Http::LowerCaseString lower_key{std::string(key)}; map->remove(lower_key); return WasmResult::Ok; } WasmResult Context::replaceHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view value) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } const Http::LowerCaseString lower_key{std::string(key)}; map->setCopy(lower_key, value); return WasmResult::Ok; } WasmResult Context::getHeaderMapSize(WasmHeaderMapType type, uint32_t* result) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } *result = map->byteSize(); return WasmResult::Ok; } // Buffer BufferInterface* Context::getBuffer(WasmBufferType type) { Envoy::Http::ResponseMessagePtr* response = nullptr; switch (type) { case WasmBufferType::CallData: // Set before the call. return &buffer_; case WasmBufferType::VmConfiguration: return buffer_.set(wasm()->vm_configuration()); case WasmBufferType::PluginConfiguration: if (plugin_) { return buffer_.set(plugin_->plugin_configuration_); } return nullptr; case WasmBufferType::HttpRequestBody: if (buffering_request_body_) { // We need the mutable version, so capture it using a callback. // TODO: consider adding a mutableDecodingBuffer() interface. ::Envoy::Buffer::Instance* buffer_instance{}; decoder_callbacks_->modifyDecodingBuffer( [&buffer_instance](::Envoy::Buffer::Instance& buffer) { buffer_instance = &buffer; }); return buffer_.set(buffer_instance); } return buffer_.set(request_body_buffer_); case WasmBufferType::HttpResponseBody: if (buffering_response_body_) { // TODO: consider adding a mutableDecodingBuffer() interface. ::Envoy::Buffer::Instance* buffer_instance{}; encoder_callbacks_->modifyEncodingBuffer( [&buffer_instance](::Envoy::Buffer::Instance& buffer) { buffer_instance = &buffer; }); return buffer_.set(buffer_instance); } return buffer_.set(response_body_buffer_); case WasmBufferType::NetworkDownstreamData: return buffer_.set(network_downstream_data_buffer_); case WasmBufferType::NetworkUpstreamData: return buffer_.set(network_upstream_data_buffer_); case WasmBufferType::HttpCallResponseBody: response = rootContext()->http_call_response_; if (response) { auto& body = (*response)->body(); return buffer_.set(absl::string_view(static_cast(body.linearize(body.length())), body.length())); } return nullptr; case WasmBufferType::GrpcReceiveBuffer: return buffer_.set(rootContext()->grpc_receive_buffer_.get()); default: return nullptr; } } void Context::onDownstreamConnectionClose(CloseType close_type) { ContextBase::onDownstreamConnectionClose(close_type); downstream_closed_ = true; // Call close on TCP connection, if upstream connection closed or there was a failure seen in // this connection. if (upstream_closed_ || getRequestStreamInfo()->hasAnyResponseFlag()) { onCloseTCP(); } } void Context::onUpstreamConnectionClose(CloseType close_type) { ContextBase::onUpstreamConnectionClose(close_type); upstream_closed_ = true; if (downstream_closed_) { onCloseTCP(); } } uint32_t Context::nextHttpCallToken() { uint32_t token = next_http_call_token_++; // Handle rollover. for (;;) { if (token == 0) { token = next_http_call_token_++; } if (!http_request_.count(token)) { break; } token = next_http_call_token_++; } return token; } // Async call via HTTP WasmResult Context::httpCall(absl::string_view cluster, const Pairs& request_headers, absl::string_view request_body, const Pairs& request_trailers, int timeout_milliseconds, uint32_t* token_ptr) { if (timeout_milliseconds < 0) { return WasmResult::BadArgument; } auto cluster_string = std::string(cluster); if (clusterManager().get(cluster_string) == nullptr) { return WasmResult::BadArgument; } Http::RequestMessagePtr message( new Http::RequestMessageImpl(buildRequestHeaderMapFromPairs(request_headers))); // Check that we were provided certain headers. if (message->headers().Path() == nullptr || message->headers().Method() == nullptr || message->headers().Host() == nullptr) { return WasmResult::BadArgument; } if (!request_body.empty()) { message->body().add(request_body); message->headers().setContentLength(request_body.size()); } if (!request_trailers.empty()) { message->trailers(buildRequestTrailerMapFromPairs(request_trailers)); } absl::optional timeout; if (timeout_milliseconds > 0) { timeout = std::chrono::milliseconds(timeout_milliseconds); } uint32_t token = nextHttpCallToken(); auto& handler = http_request_[token]; // set default hash policy to be based on :authority to enable consistent hash Http::AsyncClient::RequestOptions options; options.setTimeout(timeout); Protobuf::RepeatedPtrField hash_policy; hash_policy.Add()->mutable_header()->set_header_name(Http::Headers::get().Host.get()); options.setHashPolicy(hash_policy); auto http_request = clusterManager() .httpAsyncClientForCluster(cluster_string) .send(std::move(message), handler, options); if (!http_request) { http_request_.erase(token); return WasmResult::InternalFailure; } handler.context_ = this; handler.token_ = token; handler.request_ = http_request; *token_ptr = token; return WasmResult::Ok; } uint32_t Context::nextGrpcCallToken() { uint32_t token = next_grpc_token_++; if (isGrpcStreamToken(token)) { token = next_grpc_token_++; } // Handle rollover. Note: token is always odd. for (;;) { if (!grpc_call_request_.count(token)) { break; } next_grpc_token_++; // Skip stream token. token = next_grpc_token_++; } return token; } WasmResult Context::grpcCall(absl::string_view grpc_service, absl::string_view service_name, absl::string_view method_name, const Pairs& initial_metadata, absl::string_view request, std::chrono::milliseconds timeout, uint32_t* token_ptr) { GrpcService service_proto; if (!service_proto.ParseFromArray(grpc_service.data(), grpc_service.size())) { return WasmResult::ParseFailure; } uint32_t token = nextGrpcCallToken(); auto& handler = grpc_call_request_[token]; handler.context_ = this; handler.token_ = token; auto grpc_client = clusterManager() .grpcAsyncClientManager() .factoryForGrpcService(service_proto, *wasm()->scope_, true /* skip_cluster_check */) ->create(); grpc_initial_metadata_ = buildRequestHeaderMapFromPairs(initial_metadata); // set default hash policy to be based on :authority to enable consistent hash Http::AsyncClient::RequestOptions options; options.setTimeout(timeout); Protobuf::RepeatedPtrField hash_policy; hash_policy.Add()->mutable_header()->set_header_name(Http::Headers::get().Host.get()); options.setHashPolicy(hash_policy); auto grpc_request = grpc_client->sendRaw(service_name, method_name, std::make_unique<::Envoy::Buffer::OwnedImpl>(request), handler, Tracing::NullSpan::instance(), options); if (!grpc_request) { grpc_call_request_.erase(token); return WasmResult::InternalFailure; } handler.client_ = std::move(grpc_client); handler.request_ = grpc_request; *token_ptr = token; return WasmResult::Ok; } uint32_t Context::nextGrpcStreamToken() { uint32_t token = next_grpc_token_++; if (isGrpcCallToken(token)) { token = next_grpc_token_++; } // Handle rollover. Note: token is always even. for (;;) { if (token == 0) { next_grpc_token_++; // Skip call token. token = next_grpc_token_++; } if (!grpc_stream_.count(token)) { break; } next_grpc_token_++; // Skip call token. token = next_grpc_token_++; } return token; } WasmResult Context::grpcStream(absl::string_view grpc_service, absl::string_view service_name, absl::string_view method_name, const Pairs& initial_metadata, uint32_t* token_ptr) { GrpcService service_proto; if (!service_proto.ParseFromArray(grpc_service.data(), grpc_service.size())) { return WasmResult::ParseFailure; } uint32_t token = nextGrpcStreamToken(); auto& handler = grpc_stream_[token]; handler.context_ = this; handler.token_ = token; auto grpc_client = clusterManager() .grpcAsyncClientManager() .factoryForGrpcService(service_proto, *wasm()->scope_, true /* skip_cluster_check */) ->create(); grpc_initial_metadata_ = buildRequestHeaderMapFromPairs(initial_metadata); // set default hash policy to be based on :authority to enable consistent hash Http::AsyncClient::StreamOptions options; Protobuf::RepeatedPtrField hash_policy; hash_policy.Add()->mutable_header()->set_header_name(Http::Headers::get().Host.get()); options.setHashPolicy(hash_policy); auto grpc_stream = grpc_client->startRaw(service_name, method_name, handler, options); if (!grpc_stream) { grpc_stream_.erase(token); return WasmResult::InternalFailure; } handler.client_ = std::move(grpc_client); handler.stream_ = grpc_stream; *token_ptr = token; return WasmResult::Ok; } // NB: this is currently called inline, so the token is known to be that of the currently // executing grpcCall or grpcStream. void Context::onGrpcCreateInitialMetadata(uint32_t /* token */, Http::RequestHeaderMap& initial_metadata) { if (grpc_initial_metadata_) { initial_metadata = std::move(*grpc_initial_metadata_); grpc_initial_metadata_.reset(); } } // StreamInfo const StreamInfo::StreamInfo* Context::getConstRequestStreamInfo() const { if (encoder_callbacks_) { return &encoder_callbacks_->streamInfo(); } else if (decoder_callbacks_) { return &decoder_callbacks_->streamInfo(); } else if (access_log_stream_info_) { return access_log_stream_info_; } else if (network_read_filter_callbacks_) { return &network_read_filter_callbacks_->connection().streamInfo(); } else if (network_write_filter_callbacks_) { return &network_write_filter_callbacks_->connection().streamInfo(); } return nullptr; } StreamInfo::StreamInfo* Context::getRequestStreamInfo() const { if (encoder_callbacks_) { return &encoder_callbacks_->streamInfo(); } else if (decoder_callbacks_) { return &decoder_callbacks_->streamInfo(); } else if (network_read_filter_callbacks_) { return &network_read_filter_callbacks_->connection().streamInfo(); } else if (network_write_filter_callbacks_) { return &network_write_filter_callbacks_->connection().streamInfo(); } return nullptr; } const Network::Connection* Context::getConnection() const { if (encoder_callbacks_) { return encoder_callbacks_->connection(); } else if (decoder_callbacks_) { return decoder_callbacks_->connection(); } else if (network_read_filter_callbacks_) { return &network_read_filter_callbacks_->connection(); } else if (network_write_filter_callbacks_) { return &network_write_filter_callbacks_->connection(); } return nullptr; } WasmResult Context::setProperty(absl::string_view path, absl::string_view value) { auto* stream_info = getRequestStreamInfo(); if (!stream_info) { return WasmResult::NotFound; } std::string key; absl::StrAppend(&key, WasmStateKeyPrefix, path); WasmState* state; if (stream_info->filterState()->hasData(key)) { state = &stream_info->filterState()->getDataMutable(key); } else { const auto& it = rootContext()->state_prototypes_.find(path); const WasmStatePrototype& prototype = it == rootContext()->state_prototypes_.end() ? DefaultWasmStatePrototype::get() : *it->second.get(); // NOLINT auto state_ptr = std::make_unique(prototype); state = state_ptr.get(); stream_info->filterState()->setData(key, std::move(state_ptr), StreamInfo::FilterState::StateType::Mutable, prototype.life_span_); } if (!state->setValue(value)) { return WasmResult::BadArgument; } return WasmResult::Ok; } WasmResult Context::declareProperty(absl::string_view path, std::unique_ptr state_prototype) { // Do not delete existing schema since it can be referenced by state objects. if (state_prototypes_.find(path) == state_prototypes_.end()) { state_prototypes_[path] = std::move(state_prototype); return WasmResult::Ok; } return WasmResult::BadArgument; } WasmResult Context::log(uint32_t level, absl::string_view message) { switch (static_cast(level)) { case spdlog::level::trace: ENVOY_LOG(trace, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; case spdlog::level::debug: ENVOY_LOG(debug, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; case spdlog::level::info: ENVOY_LOG(info, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; case spdlog::level::warn: ENVOY_LOG(warn, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; case spdlog::level::err: ENVOY_LOG(error, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; case spdlog::level::critical: ENVOY_LOG(critical, "wasm log{}: {}", log_prefix(), message); return WasmResult::Ok; default: NOT_REACHED_GCOVR_EXCL_LINE; } } uint32_t Context::getLogLevel() { // Like the "log" call above, assume that spdlog level as an int // matches the enum in the SDK return static_cast(ENVOY_LOGGER().level()); } // // Calls into the Wasm code. // bool Context::validateConfiguration(absl::string_view configuration, const std::shared_ptr& plugin_base) { auto plugin = std::static_pointer_cast(plugin_base); if (!wasm()->validate_configuration_) { return true; } plugin_ = plugin_base; auto result = wasm() ->validate_configuration_(this, id_, static_cast(configuration.size())) .u64_ != 0; plugin_.reset(); return result; } absl::string_view Context::getConfiguration() { if (plugin_) { return plugin_->plugin_configuration_; } else { return wasm()->vm_configuration(); } }; std::pair Context::getStatus() { return std::make_pair(status_code_, status_message_); } void Context::onGrpcReceiveInitialMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata) { grpc_receive_initial_metadata_ = std::move(metadata); onGrpcReceiveInitialMetadata(token, headerSize(grpc_receive_initial_metadata_)); grpc_receive_initial_metadata_ = nullptr; } void Context::onGrpcReceiveTrailingMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata) { grpc_receive_trailing_metadata_ = std::move(metadata); onGrpcReceiveTrailingMetadata(token, headerSize(grpc_receive_trailing_metadata_)); grpc_receive_trailing_metadata_ = nullptr; } WasmResult Context::defineMetric(uint32_t metric_type, absl::string_view name, uint32_t* metric_id_ptr) { if (metric_type > static_cast(MetricType::Max)) { return WasmResult::BadArgument; } auto type = static_cast(metric_type); // TODO: Consider rethinking the scoping policy as it does not help in this case. Stats::StatNameManagedStorage storage(name, wasm()->scope_->symbolTable()); Stats::StatName stat_name = storage.statName(); if (type == MetricType::Counter) { auto id = wasm()->nextCounterMetricId(); auto c = &wasm()->scope_->counterFromStatName(stat_name); wasm()->counters_.emplace(id, c); *metric_id_ptr = id; return WasmResult::Ok; } if (type == MetricType::Gauge) { auto id = wasm()->nextGaugeMetricId(); auto g = &wasm()->scope_->gaugeFromStatName(stat_name, Stats::Gauge::ImportMode::Accumulate); wasm()->gauges_.emplace(id, g); *metric_id_ptr = id; return WasmResult::Ok; } // (type == MetricType::Histogram) { auto id = wasm()->nextHistogramMetricId(); auto h = &wasm()->scope_->histogramFromStatName(stat_name, Stats::Histogram::Unit::Unspecified); wasm()->histograms_.emplace(id, h); *metric_id_ptr = id; return WasmResult::Ok; } WasmResult Context::incrementMetric(uint32_t metric_id, int64_t offset) { auto type = static_cast(metric_id & Wasm::kMetricTypeMask); if (type == MetricType::Counter) { auto it = wasm()->counters_.find(metric_id); if (it != wasm()->counters_.end()) { if (offset > 0) { it->second->add(offset); return WasmResult::Ok; } else { return WasmResult::BadArgument; } } return WasmResult::NotFound; } else if (type == MetricType::Gauge) { auto it = wasm()->gauges_.find(metric_id); if (it != wasm()->gauges_.end()) { if (offset > 0) { it->second->add(offset); return WasmResult::Ok; } else { it->second->sub(-offset); return WasmResult::Ok; } } return WasmResult::NotFound; } return WasmResult::BadArgument; } WasmResult Context::recordMetric(uint32_t metric_id, uint64_t value) { auto type = static_cast(metric_id & Wasm::kMetricTypeMask); if (type == MetricType::Counter) { auto it = wasm()->counters_.find(metric_id); if (it != wasm()->counters_.end()) { it->second->add(value); return WasmResult::Ok; } } else if (type == MetricType::Gauge) { auto it = wasm()->gauges_.find(metric_id); if (it != wasm()->gauges_.end()) { it->second->set(value); return WasmResult::Ok; } } else if (type == MetricType::Histogram) { auto it = wasm()->histograms_.find(metric_id); if (it != wasm()->histograms_.end()) { it->second->recordValue(value); return WasmResult::Ok; } } return WasmResult::NotFound; } WasmResult Context::getMetric(uint32_t metric_id, uint64_t* result_uint64_ptr) { auto type = static_cast(metric_id & Wasm::kMetricTypeMask); if (type == MetricType::Counter) { auto it = wasm()->counters_.find(metric_id); if (it != wasm()->counters_.end()) { *result_uint64_ptr = it->second->value(); return WasmResult::Ok; } return WasmResult::NotFound; } else if (type == MetricType::Gauge) { auto it = wasm()->gauges_.find(metric_id); if (it != wasm()->gauges_.end()) { *result_uint64_ptr = it->second->value(); return WasmResult::Ok; } return WasmResult::NotFound; } return WasmResult::BadArgument; } Context::~Context() { // Cancel any outstanding requests. for (auto& p : http_request_) { p.second.request_->cancel(); } for (auto& p : grpc_call_request_) { p.second.request_->cancel(); } for (auto& p : grpc_stream_) { p.second.stream_->resetStream(); } } Network::FilterStatus convertNetworkFilterStatus(proxy_wasm::FilterStatus status) { switch (status) { default: case proxy_wasm::FilterStatus::Continue: return Network::FilterStatus::Continue; case proxy_wasm::FilterStatus::StopIteration: return Network::FilterStatus::StopIteration; } }; Http::FilterHeadersStatus convertFilterHeadersStatus(proxy_wasm::FilterHeadersStatus status) { switch (status) { default: case proxy_wasm::FilterHeadersStatus::Continue: return Http::FilterHeadersStatus::Continue; case proxy_wasm::FilterHeadersStatus::StopIteration: return Http::FilterHeadersStatus::StopIteration; case proxy_wasm::FilterHeadersStatus::StopAllIterationAndBuffer: return Http::FilterHeadersStatus::StopAllIterationAndBuffer; case proxy_wasm::FilterHeadersStatus::StopAllIterationAndWatermark: return Http::FilterHeadersStatus::StopAllIterationAndWatermark; } }; Http::FilterTrailersStatus convertFilterTrailersStatus(proxy_wasm::FilterTrailersStatus status) { switch (status) { default: case proxy_wasm::FilterTrailersStatus::Continue: return Http::FilterTrailersStatus::Continue; case proxy_wasm::FilterTrailersStatus::StopIteration: return Http::FilterTrailersStatus::StopIteration; } }; Http::FilterMetadataStatus convertFilterMetadataStatus(proxy_wasm::FilterMetadataStatus status) { switch (status) { default: case proxy_wasm::FilterMetadataStatus::Continue: return Http::FilterMetadataStatus::Continue; } }; Http::FilterDataStatus convertFilterDataStatus(proxy_wasm::FilterDataStatus status) { switch (status) { default: case proxy_wasm::FilterDataStatus::Continue: return Http::FilterDataStatus::Continue; case proxy_wasm::FilterDataStatus::StopIterationAndBuffer: return Http::FilterDataStatus::StopIterationAndBuffer; case proxy_wasm::FilterDataStatus::StopIterationAndWatermark: return Http::FilterDataStatus::StopIterationAndWatermark; case proxy_wasm::FilterDataStatus::StopIterationNoBuffer: return Http::FilterDataStatus::StopIterationNoBuffer; } }; Network::FilterStatus Context::onNewConnection() { onCreate(); return convertNetworkFilterStatus(onNetworkNewConnection()); }; Network::FilterStatus Context::onData(::Envoy::Buffer::Instance& data, bool end_stream) { if (!in_vm_context_created_) { return Network::FilterStatus::Continue; } network_downstream_data_buffer_ = &data; end_of_stream_ = end_stream; auto result = convertNetworkFilterStatus(onDownstreamData(data.length(), end_stream)); if (result == Network::FilterStatus::Continue) { network_downstream_data_buffer_ = nullptr; } return result; } Network::FilterStatus Context::onWrite(::Envoy::Buffer::Instance& data, bool end_stream) { if (!in_vm_context_created_) { return Network::FilterStatus::Continue; } network_upstream_data_buffer_ = &data; end_of_stream_ = end_stream; auto result = convertNetworkFilterStatus(onUpstreamData(data.length(), end_stream)); if (result == Network::FilterStatus::Continue) { network_upstream_data_buffer_ = nullptr; } if (end_stream) { // This is called when seeing end_stream=true and not on an upstream connection event, // because registering for latter requires replicating the whole TCP proxy extension. onUpstreamConnectionClose(CloseType::Unknown); } return result; } void Context::onEvent(Network::ConnectionEvent event) { if (!in_vm_context_created_) { return; } switch (event) { case Network::ConnectionEvent::LocalClose: onDownstreamConnectionClose(CloseType::Local); break; case Network::ConnectionEvent::RemoteClose: onDownstreamConnectionClose(CloseType::Remote); break; default: break; } } void Context::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { network_read_filter_callbacks_ = &callbacks; network_read_filter_callbacks_->connection().addConnectionCallbacks(*this); } void Context::initializeWriteFilterCallbacks(Network::WriteFilterCallbacks& callbacks) { network_write_filter_callbacks_ = &callbacks; } void Context::log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) { if (!in_vm_context_created_) { // If the request is invalid then onRequestHeaders() will not be called and neither will // onCreate() in cases like sendLocalReply who short-circuits envoy // lifecycle. This is because Envoy does not have a well defined lifetime for the combined // HTTP // + AccessLog filter. Thus, to log these scenarios, we call onCreate() in log function below. onCreate(); } access_log_request_headers_ = request_headers; // ? request_trailers ? access_log_response_headers_ = response_headers; access_log_response_trailers_ = response_trailers; access_log_stream_info_ = &stream_info; onLog(); access_log_request_headers_ = nullptr; // ? request_trailers ? access_log_response_headers_ = nullptr; access_log_response_trailers_ = nullptr; access_log_stream_info_ = nullptr; } void Context::onDestroy() { if (destroyed_ || !in_vm_context_created_) { return; } destroyed_ = true; onDone(); onDelete(); } WasmResult Context::continueStream(WasmStreamType stream_type) { switch (stream_type) { case WasmStreamType::Request: if (decoder_callbacks_) { decoder_callbacks_->continueDecoding(); } break; case WasmStreamType::Response: if (encoder_callbacks_) { encoder_callbacks_->continueEncoding(); } break; default: return WasmResult::BadArgument; } request_headers_ = nullptr; request_body_buffer_ = nullptr; request_trailers_ = nullptr; request_metadata_ = nullptr; return WasmResult::Ok; } WasmResult Context::closeStream(WasmStreamType stream_type) { switch (stream_type) { case WasmStreamType::Request: if (decoder_callbacks_) { if (!decoder_callbacks_->streamInfo().responseCodeDetails().has_value()) { decoder_callbacks_->streamInfo().setResponseCodeDetails(FailStreamResponseDetails); } decoder_callbacks_->resetStream(); } return WasmResult::Ok; case WasmStreamType::Response: if (encoder_callbacks_) { if (!encoder_callbacks_->streamInfo().responseCodeDetails().has_value()) { encoder_callbacks_->streamInfo().setResponseCodeDetails(FailStreamResponseDetails); } encoder_callbacks_->resetStream(); } return WasmResult::Ok; case WasmStreamType::Downstream: if (network_read_filter_callbacks_) { network_read_filter_callbacks_->connection().close( Envoy::Network::ConnectionCloseType::FlushWrite); } return WasmResult::Ok; case WasmStreamType::Upstream: network_write_filter_callbacks_->connection().close( Envoy::Network::ConnectionCloseType::FlushWrite); return WasmResult::Ok; } return WasmResult::BadArgument; } WasmResult Context::sendLocalResponse(uint32_t response_code, absl::string_view body_text, Pairs additional_headers, uint32_t grpc_status, absl::string_view details) { // "additional_headers" is a collection of string_views. These will no longer // be valid when "modify_headers" is finally called below, so we must // make copies of all the headers. std::vector> additional_headers_copy; for (auto& p : additional_headers) { const Http::LowerCaseString lower_key{std::string(p.first)}; additional_headers_copy.emplace_back(lower_key, std::string(p.second)); } auto modify_headers = [additional_headers_copy](Http::HeaderMap& headers) { for (auto& p : additional_headers_copy) { headers.addCopy(p.first, p.second); } }; if (decoder_callbacks_) { // This is a bit subtle because proxy_on_delete() does call DeferAfterCallActions(), // so in theory it could call this and the Context in the VM would be invalid, // but because it only gets called after the connections have drained, the call to // sendLocalReply() will fail. Net net, this is safe. wasm()->addAfterVmCallAction([this, response_code, body_text = std::string(body_text), modify_headers = std::move(modify_headers), grpc_status, details = std::string(details)] { decoder_callbacks_->sendLocalReply(static_cast(response_code), body_text, modify_headers, grpc_status, details); }); } return WasmResult::Ok; } Http::FilterHeadersStatus Context::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { onCreate(); http_request_started_ = true; request_headers_ = &headers; end_of_stream_ = end_stream; auto result = convertFilterHeadersStatus(onRequestHeaders(headerSize(&headers), end_stream)); if (result == Http::FilterHeadersStatus::Continue) { request_headers_ = nullptr; } return result; } Http::FilterDataStatus Context::decodeData(::Envoy::Buffer::Instance& data, bool end_stream) { if (!http_request_started_) { return Http::FilterDataStatus::Continue; } request_body_buffer_ = &data; end_of_stream_ = end_stream; const auto buffer = getBuffer(WasmBufferType::HttpRequestBody); const auto buffer_size = (buffer == nullptr) ? 0 : buffer->size(); auto result = convertFilterDataStatus(onRequestBody(buffer_size, end_stream)); buffering_request_body_ = false; switch (result) { case Http::FilterDataStatus::Continue: request_body_buffer_ = nullptr; break; case Http::FilterDataStatus::StopIterationAndBuffer: buffering_request_body_ = true; break; case Http::FilterDataStatus::StopIterationAndWatermark: case Http::FilterDataStatus::StopIterationNoBuffer: break; } return result; } Http::FilterTrailersStatus Context::decodeTrailers(Http::RequestTrailerMap& trailers) { if (!http_request_started_) { return Http::FilterTrailersStatus::Continue; } request_trailers_ = &trailers; auto result = convertFilterTrailersStatus(onRequestTrailers(headerSize(&trailers))); if (result == Http::FilterTrailersStatus::Continue) { request_trailers_ = nullptr; } return result; } Http::FilterMetadataStatus Context::decodeMetadata(Http::MetadataMap& request_metadata) { if (!http_request_started_) { return Http::FilterMetadataStatus::Continue; } request_metadata_ = &request_metadata; auto result = convertFilterMetadataStatus(onRequestMetadata(headerSize(&request_metadata))); if (result == Http::FilterMetadataStatus::Continue) { request_metadata_ = nullptr; } return result; } void Context::setDecoderFilterCallbacks(Envoy::Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; } Http::FilterHeadersStatus Context::encode100ContinueHeaders(Http::ResponseHeaderMap&) { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus Context::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { if (!http_request_started_) { return Http::FilterHeadersStatus::Continue; } response_headers_ = &headers; end_of_stream_ = end_stream; auto result = convertFilterHeadersStatus(onResponseHeaders(headerSize(&headers), end_stream)); if (result == Http::FilterHeadersStatus::Continue) { response_headers_ = nullptr; } return result; } Http::FilterDataStatus Context::encodeData(::Envoy::Buffer::Instance& data, bool end_stream) { if (!http_request_started_) { return Http::FilterDataStatus::Continue; } response_body_buffer_ = &data; end_of_stream_ = end_stream; const auto buffer = getBuffer(WasmBufferType::HttpResponseBody); const auto buffer_size = (buffer == nullptr) ? 0 : buffer->size(); auto result = convertFilterDataStatus(onResponseBody(buffer_size, end_stream)); buffering_response_body_ = false; switch (result) { case Http::FilterDataStatus::Continue: request_body_buffer_ = nullptr; break; case Http::FilterDataStatus::StopIterationAndBuffer: buffering_response_body_ = true; break; case Http::FilterDataStatus::StopIterationAndWatermark: case Http::FilterDataStatus::StopIterationNoBuffer: break; } return result; } Http::FilterTrailersStatus Context::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (!http_request_started_) { return Http::FilterTrailersStatus::Continue; } response_trailers_ = &trailers; auto result = convertFilterTrailersStatus(onResponseTrailers(headerSize(&trailers))); if (result == Http::FilterTrailersStatus::Continue) { response_trailers_ = nullptr; } return result; } Http::FilterMetadataStatus Context::encodeMetadata(Http::MetadataMap& response_metadata) { if (!http_request_started_) { return Http::FilterMetadataStatus::Continue; } response_metadata_ = &response_metadata; auto result = convertFilterMetadataStatus(onResponseMetadata(headerSize(&response_metadata))); if (result == Http::FilterMetadataStatus::Continue) { response_metadata_ = nullptr; } return result; } // Http::FilterMetadataStatus::Continue; void Context::setEncoderFilterCallbacks(Envoy::Http::StreamEncoderFilterCallbacks& callbacks) { encoder_callbacks_ = &callbacks; } void Context::onHttpCallSuccess(uint32_t token, Envoy::Http::ResponseMessagePtr&& response) { // TODO: convert this into a function in proxy-wasm-cpp-host and use here. if (proxy_wasm::current_context_ != nullptr) { // We are in a reentrant call, so defer. wasm()->addAfterVmCallAction([this, token, response = response.release()] { onHttpCallSuccess(token, std::unique_ptr(response)); }); return; } http_call_response_ = &response; uint32_t body_size = response->body().length(); onHttpCallResponse(token, response->headers().size(), body_size, headerSize(response->trailers())); http_call_response_ = nullptr; http_request_.erase(token); } void Context::onHttpCallFailure(uint32_t token, Http::AsyncClient::FailureReason reason) { if (proxy_wasm::current_context_ != nullptr) { // We are in a reentrant call, so defer. wasm()->addAfterVmCallAction([this, token, reason] { onHttpCallFailure(token, reason); }); return; } status_code_ = static_cast(WasmResult::BrokenConnection); // This is the only value currently. ASSERT(reason == Http::AsyncClient::FailureReason::Reset); status_message_ = "reset"; onHttpCallResponse(token, 0, 0, 0); status_message_ = ""; http_request_.erase(token); } void Context::onGrpcReceiveWrapper(uint32_t token, ::Envoy::Buffer::InstancePtr response) { ASSERT(proxy_wasm::current_context_ == nullptr); // Non-reentrant. if (wasm()->on_grpc_receive_) { grpc_receive_buffer_ = std::move(response); uint32_t response_size = grpc_receive_buffer_->length(); ContextBase::onGrpcReceive(token, response_size); grpc_receive_buffer_.reset(); } if (isGrpcCallToken(token)) { grpc_call_request_.erase(token); } } void Context::onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& status, const absl::string_view message) { if (proxy_wasm::current_context_ != nullptr) { // We are in a reentrant call, so defer. wasm()->addAfterVmCallAction([this, token, status, message = std::string(message)] { onGrpcCloseWrapper(token, status, message); }); return; } if (wasm()->on_grpc_close_) { status_code_ = static_cast(status); status_message_ = message; onGrpcClose(token, status_code_); status_message_ = ""; } if (isGrpcCallToken(token)) { grpc_call_request_.erase(token); } else { auto it = grpc_stream_.find(token); if (it != grpc_stream_.end()) { if (it->second.local_closed_) { grpc_stream_.erase(token); } } } } WasmResult Context::grpcSend(uint32_t token, absl::string_view message, bool end_stream) { if (isGrpcCallToken(token)) { return WasmResult::BadArgument; } auto it = grpc_stream_.find(token); if (it == grpc_stream_.end()) { return WasmResult::NotFound; } if (it->second.stream_) { it->second.stream_->sendMessageRaw(::Envoy::Buffer::InstancePtr(new ::Envoy::Buffer::OwnedImpl( message.data(), message.size())), end_stream); } return WasmResult::Ok; } WasmResult Context::grpcClose(uint32_t token) { if (isGrpcCallToken(token)) { auto it = grpc_call_request_.find(token); if (it == grpc_call_request_.end()) { return WasmResult::NotFound; } if (it->second.request_) { it->second.request_->cancel(); } grpc_call_request_.erase(token); } else { auto it = grpc_stream_.find(token); if (it == grpc_stream_.end()) { return WasmResult::NotFound; } if (it->second.stream_) { it->second.stream_->closeStream(); } if (it->second.remote_closed_) { grpc_stream_.erase(token); } else { it->second.local_closed_ = true; } } return WasmResult::Ok; } WasmResult Context::grpcCancel(uint32_t token) { if (isGrpcCallToken(token)) { auto it = grpc_call_request_.find(token); if (it == grpc_call_request_.end()) { return WasmResult::NotFound; } if (it->second.request_) { it->second.request_->cancel(); } grpc_call_request_.erase(token); } else { auto it = grpc_stream_.find(token); if (it == grpc_stream_.end()) { return WasmResult::NotFound; } if (it->second.stream_) { it->second.stream_->resetStream(); } grpc_stream_.erase(token); } return WasmResult::Ok; } } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/context.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/buffer/buffer.h" #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/http/filter.h" #include "envoy/stats/sink.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "extensions/common/wasm/wasm_state.h" #include "extensions/filters/common/expr/evaluator.h" #include "eval/public/activation.h" #include "include/proxy-wasm/wasm.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { using proxy_wasm::BufferInterface; using proxy_wasm::CloseType; using proxy_wasm::ContextBase; using proxy_wasm::Pairs; using proxy_wasm::PairsWithStringValues; using proxy_wasm::PluginBase; using proxy_wasm::SharedQueueDequeueToken; using proxy_wasm::SharedQueueEnqueueToken; using proxy_wasm::WasmBase; using proxy_wasm::WasmBufferType; using proxy_wasm::WasmHandleBase; using proxy_wasm::WasmHeaderMapType; using proxy_wasm::WasmResult; using proxy_wasm::WasmStreamType; using VmConfig = envoy::extensions::wasm::v3::VmConfig; using GrpcService = envoy::config::core::v3::GrpcService; class Wasm; using WasmHandleBaseSharedPtr = std::shared_ptr; // Opaque context object. class StorageObject { public: virtual ~StorageObject() = default; }; class Buffer : public proxy_wasm::BufferBase { public: Buffer() = default; // proxy_wasm::BufferInterface size_t size() const override; WasmResult copyTo(WasmBase* wasm, size_t start, size_t length, uint64_t ptr_ptr, uint64_t size_ptr) const override; WasmResult copyFrom(size_t start, size_t length, absl::string_view data) override; // proxy_wasm::BufferBase void clear() override { proxy_wasm::BufferBase::clear(); const_buffer_instance_ = nullptr; buffer_instance_ = nullptr; } Buffer* set(absl::string_view data) { return static_cast(proxy_wasm::BufferBase::set(data)); } Buffer* set(std::unique_ptr owned_data, uint32_t owned_data_size) { return static_cast( proxy_wasm::BufferBase::set(std::move(owned_data), owned_data_size)); } Buffer* set(::Envoy::Buffer::Instance* buffer_instance) { clear(); buffer_instance_ = buffer_instance; const_buffer_instance_ = buffer_instance; return this; } Buffer* set(const ::Envoy::Buffer::Instance* buffer_instance) { clear(); const_buffer_instance_ = buffer_instance; return this; } private: const ::Envoy::Buffer::Instance* const_buffer_instance_{}; ::Envoy::Buffer::Instance* buffer_instance_{}; }; // Plugin contains the information for a filter/service. struct Plugin : public PluginBase { Plugin(absl::string_view name, absl::string_view root_id, absl::string_view vm_id, absl::string_view runtime, absl::string_view plugin_configuration, bool fail_open, envoy::config::core::v3::TrafficDirection direction, const LocalInfo::LocalInfo& local_info, const envoy::config::core::v3::Metadata* listener_metadata) : PluginBase(name, root_id, vm_id, runtime, plugin_configuration, fail_open), direction_(direction), local_info_(local_info), listener_metadata_(listener_metadata) {} envoy::config::core::v3::TrafficDirection direction_; const LocalInfo::LocalInfo& local_info_; const envoy::config::core::v3::Metadata* listener_metadata_; }; using PluginSharedPtr = std::shared_ptr; // A context which will be the target of callbacks for a particular session // e.g. a handler of a stream. class Context : public proxy_wasm::ContextBase, public Logger::Loggable, public AccessLog::Instance, public Http::StreamFilter, public Network::ConnectionCallbacks, public Network::Filter, public google::api::expr::runtime::BaseActivation, public std::enable_shared_from_this { public: Context(); // Testing. Context(Wasm* wasm); // Vm Context. Context(Wasm* wasm, const PluginSharedPtr& plugin); // Root Context. Context(Wasm* wasm, uint32_t root_context_id, const PluginSharedPtr& plugin); // Stream context. ~Context() override; Wasm* wasm() const; Plugin* plugin() const; Context* rootContext() const; Upstream::ClusterManager& clusterManager() const; // proxy_wasm::ContextBase void error(absl::string_view message) override; // Retrieves the stream info associated with the request (a.k.a active stream). // It selects a value based on the following order: encoder callback, decoder // callback, log callback, network read filter callback, network write filter // callback. As long as any one of the callbacks is invoked, the value should be // available. const StreamInfo::StreamInfo* getConstRequestStreamInfo() const; StreamInfo::StreamInfo* getRequestStreamInfo() const; // Retrieves the connection object associated with the request (a.k.a active stream). // It selects a value based on the following order: encoder callback, decoder // callback. As long as any one of the callbacks is invoked, the value should be // available. const Network::Connection* getConnection() const; // // VM level down-calls into the Wasm code on Context(id == 0). // virtual bool validateConfiguration(absl::string_view configuration, const std::shared_ptr& plugin); // deprecated // AccessLog::Instance void log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) override; uint32_t getLogLevel() override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // Network::ReadFilter Network::FilterStatus onNewConnection() override; Network::FilterStatus onData(::Envoy::Buffer::Instance& data, bool end_stream) override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Network::WriteFilter Network::FilterStatus onWrite(::Envoy::Buffer::Instance& data, bool end_stream) override; void initializeWriteFilterCallbacks(Network::WriteFilterCallbacks& callbacks) override; // proxy_wasm::ContextBase void onDownstreamConnectionClose(CloseType) override; void onUpstreamConnectionClose(CloseType) override; // Http::StreamFilterBase. Note: This calls onDone() in Wasm. void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(::Envoy::Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; Http::FilterMetadataStatus decodeMetadata(Http::MetadataMap& metadata_map) override; void setDecoderFilterCallbacks(Envoy::Http::StreamDecoderFilterCallbacks& callbacks) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override; Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(::Envoy::Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap& metadata_map) override; void setEncoderFilterCallbacks(Envoy::Http::StreamEncoderFilterCallbacks& callbacks) override; // VM calls out to host. // proxy_wasm::ContextBase // General WasmResult log(uint32_t level, absl::string_view message) override; uint64_t getCurrentTimeNanoseconds() override; absl::string_view getConfiguration() override; std::pair getStatus() override; // State accessors WasmResult getProperty(absl::string_view path, std::string* result) override; WasmResult setProperty(absl::string_view path, absl::string_view value) override; WasmResult declareProperty(absl::string_view path, std::unique_ptr state_prototype); // Continue WasmResult continueStream(WasmStreamType stream_type) override; WasmResult closeStream(WasmStreamType stream_type) override; WasmResult sendLocalResponse(uint32_t response_code, absl::string_view body_text, Pairs additional_headers, uint32_t grpc_status, absl::string_view details) override; void clearRouteCache() override { if (decoder_callbacks_) { decoder_callbacks_->clearRouteCache(); } } // Header/Trailer/Metadata Maps WasmResult addHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view value) override; WasmResult getHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view* value) override; WasmResult getHeaderMapPairs(WasmHeaderMapType type, Pairs* result) override; WasmResult setHeaderMapPairs(WasmHeaderMapType type, const Pairs& pairs) override; WasmResult removeHeaderMapValue(WasmHeaderMapType type, absl::string_view key) override; WasmResult replaceHeaderMapValue(WasmHeaderMapType type, absl::string_view key, absl::string_view value) override; WasmResult getHeaderMapSize(WasmHeaderMapType type, uint32_t* size) override; // Buffer BufferInterface* getBuffer(WasmBufferType type) override; // TODO: use stream_type. bool endOfStream(WasmStreamType /* stream_type */) override { return end_of_stream_; } // HTTP WasmResult httpCall(absl::string_view cluster, const Pairs& request_headers, absl::string_view request_body, const Pairs& request_trailers, int timeout_millisconds, uint32_t* token_ptr) override; // Stats/Metrics WasmResult defineMetric(uint32_t type, absl::string_view name, uint32_t* metric_id_ptr) override; WasmResult incrementMetric(uint32_t metric_id, int64_t offset) override; WasmResult recordMetric(uint32_t metric_id, uint64_t value) override; WasmResult getMetric(uint32_t metric_id, uint64_t* value_ptr) override; // gRPC WasmResult grpcCall(absl::string_view grpc_service, absl::string_view service_name, absl::string_view method_name, const Pairs& initial_metadata, absl::string_view request, std::chrono::milliseconds timeout, uint32_t* token_ptr) override; WasmResult grpcStream(absl::string_view grpc_service, absl::string_view service_name, absl::string_view method_name, const Pairs& initial_metadat, uint32_t* token_ptr) override; WasmResult grpcClose(uint32_t token) override; WasmResult grpcCancel(uint32_t token) override; WasmResult grpcSend(uint32_t token, absl::string_view message, bool end_stream) override; // Envoy specific ABI void onResolveDns(uint32_t token, Envoy::Network::DnsResolver::ResolutionStatus status, std::list&& response); void onStatsUpdate(Envoy::Stats::MetricSnapshot& snapshot); // CEL evaluation std::vector FindFunctionOverloads(absl::string_view) const override { return {}; } absl::optional findValue(absl::string_view name, Protobuf::Arena* arena, bool last) const; absl::optional FindValue(absl::string_view name, Protobuf::Arena* arena) const override { return findValue(name, arena, false); } bool IsPathUnknown(absl::string_view) const override { return false; } const std::vector& unknown_attribute_patterns() const override { static const std::vector empty; return empty; } const Protobuf::FieldMask& unknown_paths() const override { return Protobuf::FieldMask::default_instance(); } // Foreign function state virtual void setForeignData(absl::string_view data_name, std::unique_ptr data) { data_storage_[data_name] = std::move(data); } template T* getForeignData(absl::string_view data_name) { const auto& it = data_storage_.find(data_name); if (it == data_storage_.end()) { return nullptr; } return dynamic_cast(it->second.get()); } uint32_t nextGrpcCallToken(); uint32_t nextGrpcStreamToken(); uint32_t nextHttpCallToken(); void setNextGrpcTokenForTesting(uint32_t token) { next_grpc_token_ = token; } void setNextHttpCallTokenForTesting(uint32_t token) { next_http_call_token_ = token; } protected: friend class Wasm; void addAfterVmCallAction(std::function f); void onCloseTCP(); struct AsyncClientHandler : public Http::AsyncClient::Callbacks { // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Envoy::Http::ResponseMessagePtr&& response) override { context_->onHttpCallSuccess(token_, std::move(response)); } void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) override { context_->onHttpCallFailure(token_, reason); } void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span& /* span */, const Http::ResponseHeaderMap* /* response_headers */) override {} Context* context_; uint32_t token_; Http::AsyncClient::Request* request_; }; struct GrpcCallClientHandler : public Grpc::RawAsyncRequestCallbacks { // Grpc::AsyncRequestCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap& initial_metadata) override { context_->onGrpcCreateInitialMetadata(token_, initial_metadata); } void onSuccessRaw(::Envoy::Buffer::InstancePtr&& response, Tracing::Span& /* span */) override { context_->onGrpcReceiveWrapper(token_, std::move(response)); } void onFailure(Grpc::Status::GrpcStatus status, const std::string& message, Tracing::Span& /* span */) override { context_->onGrpcCloseWrapper(token_, status, message); } Context* context_; uint32_t token_; Grpc::RawAsyncClientPtr client_; Grpc::AsyncRequest* request_; }; struct GrpcStreamClientHandler : public Grpc::RawAsyncStreamCallbacks { // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) override { context_->onGrpcReceiveInitialMetadataWrapper(token_, std::move(metadata)); } bool onReceiveMessageRaw(::Envoy::Buffer::InstancePtr&& response) override { context_->onGrpcReceiveWrapper(token_, std::move(response)); return true; } void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&& metadata) override { context_->onGrpcReceiveTrailingMetadataWrapper(token_, std::move(metadata)); } void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override { remote_closed_ = true; context_->onGrpcCloseWrapper(token_, status, message); } Context* context_; uint32_t token_; Grpc::RawAsyncClientPtr client_; Grpc::RawAsyncStream* stream_; bool local_closed_ = false; bool remote_closed_ = false; }; void onHttpCallSuccess(uint32_t token, Envoy::Http::ResponseMessagePtr&& response); void onHttpCallFailure(uint32_t token, Http::AsyncClient::FailureReason reason); void onGrpcCreateInitialMetadata(uint32_t token, Http::RequestHeaderMap& metadata); void onGrpcReceiveInitialMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata); void onGrpcReceiveWrapper(uint32_t token, ::Envoy::Buffer::InstancePtr response); void onGrpcReceiveTrailingMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata); void onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& status, const absl::string_view message); bool isGrpcStreamToken(uint32_t token) { return (token & 1) == 0; } bool isGrpcCallToken(uint32_t token) { return (token & 1) == 1; } Http::HeaderMap* getMap(WasmHeaderMapType type); const Http::HeaderMap* getConstMap(WasmHeaderMapType type); const LocalInfo::LocalInfo* root_local_info_{nullptr}; // set only for root_context. uint32_t next_http_call_token_ = 1; uint32_t next_grpc_token_ = 1; // Odd tokens are for Calls even for Streams. // Network callbacks. Network::ReadFilterCallbacks* network_read_filter_callbacks_{}; Network::WriteFilterCallbacks* network_write_filter_callbacks_{}; // HTTP callbacks. Envoy::Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Envoy::Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; // Status. uint32_t status_code_{0}; absl::string_view status_message_; // Network filter state. ::Envoy::Buffer::Instance* network_downstream_data_buffer_{}; ::Envoy::Buffer::Instance* network_upstream_data_buffer_{}; // HTTP filter state. bool http_request_started_ = false; // When decodeHeaders() is called the request is "started". Http::RequestHeaderMap* request_headers_{}; Http::ResponseHeaderMap* response_headers_{}; ::Envoy::Buffer::Instance* request_body_buffer_{}; ::Envoy::Buffer::Instance* response_body_buffer_{}; Http::RequestTrailerMap* request_trailers_{}; Http::ResponseTrailerMap* response_trailers_{}; Http::MetadataMap* request_metadata_{}; Http::MetadataMap* response_metadata_{}; // Only available during onHttpCallResponse. Envoy::Http::ResponseMessagePtr* http_call_response_{}; Http::HeaderMapPtr grpc_receive_initial_metadata_{}; Http::HeaderMapPtr grpc_receive_trailing_metadata_{}; // Only available (non-nullptr) during onGrpcReceive. ::Envoy::Buffer::InstancePtr grpc_receive_buffer_; // Only available (non-nullptr) during grpcCall and grpcStream. Http::RequestHeaderMapPtr grpc_initial_metadata_; // Access log state. const StreamInfo::StreamInfo* access_log_stream_info_{}; const Http::RequestHeaderMap* access_log_request_headers_{}; const Http::ResponseHeaderMap* access_log_response_headers_{}; const Http::ResponseTrailerMap* access_log_response_trailers_{}; // Temporary state. ProtobufWkt::Struct temporary_metadata_; bool end_of_stream_; bool buffering_request_body_ = false; bool buffering_response_body_ = false; Buffer buffer_; // MB: must be a node-type map as we take persistent references to the entries. std::map http_request_; std::map grpc_call_request_; std::map grpc_stream_; // Opaque state. absl::flat_hash_map> data_storage_; // TCP State. bool upstream_closed_ = false; bool downstream_closed_ = false; bool tcp_connection_closed_ = false; // Filter state prototype declaration. absl::flat_hash_map> state_prototypes_; }; using ContextSharedPtr = std::shared_ptr; WasmResult serializeValue(Filters::Common::Expr::CelValue value, std::string* result); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/ext/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") load("@rules_cc//cc:defs.bzl", "cc_library", "cc_proto_library") load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "envoy_null_vm_wasm_api", hdrs = [ "envoy_null_vm_wasm_api.h", "envoy_proxy_wasm_api.h", ], visibility = ["//visibility:public"], deps = [ "@proxy_wasm_cpp_sdk//:api_lib", "@proxy_wasm_cpp_sdk//:common_lib", ], ) envoy_cc_library( name = "envoy_null_plugin", hdrs = [ "envoy_null_plugin.h", "envoy_proxy_wasm_api.h", ], visibility = ["//visibility:public"], deps = [ ":declare_property_cc_proto", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) # NB: this target is compiled to Wasm. Hence the generic rule. cc_library( name = "envoy_proxy_wasm_api_lib", srcs = ["envoy_proxy_wasm_api.cc"], hdrs = ["envoy_proxy_wasm_api.h"], tags = ["manual"], visibility = ["//visibility:public"], deps = [ ":declare_property_cc_proto", ":node_subset_cc_proto", "@proxy_wasm_cpp_sdk//:proxy_wasm_intrinsics", ], alwayslink = 1, ) # NB: this target is compiled both to native code and to Wasm. Hence the generic rule. proto_library( name = "declare_property_proto", srcs = ["declare_property.proto"], visibility = ["//visibility:public"], ) # NB: this target is compiled both to native code and to Wasm. Hence the generic rule. cc_proto_library( name = "declare_property_cc_proto", visibility = ["//visibility:public"], deps = [":declare_property_proto"], ) # NB: this target is compiled both to native code and to Wasm. Hence the generic rule. proto_library( name = "node_subset_proto", srcs = ["node_subset.proto"], visibility = ["//visibility:public"], deps = [ "@com_google_protobuf//:struct_proto", ], ) # NB: this target is compiled both to native code and to Wasm. Hence the generic rule. cc_proto_library( name = "node_subset_cc_proto", visibility = ["//visibility:public"], deps = [ ":node_subset_proto", # "//external:protobuf_clib", ], ) filegroup( name = "jslib", srcs = [ "envoy_wasm_intrinsics.js", ], visibility = ["//visibility:public"], ) ================================================ FILE: source/extensions/common/wasm/ext/README.md ================================================ # Envoy specific extensions to the proxy-wasm SDK ================================================ FILE: source/extensions/common/wasm/ext/declare_property.proto ================================================ syntax = "proto3"; package envoy.source.extensions.common.wasm; enum WasmType { Bytes = 0; String = 1; FlatBuffers = 2; Protobuf = 3; }; enum LifeSpan { FilterChain = 0; DownstreamRequest = 1; DownstreamConnection = 2; }; message DeclarePropertyArguments { string name = 1; bool readonly = 2; WasmType type = 3; bytes schema = 4; LifeSpan span = 5; }; ================================================ FILE: source/extensions/common/wasm/ext/envoy_null_plugin.h ================================================ // NOLINT(namespace-envoy) #pragma once #define PROXY_WASM_PROTOBUF 1 #define PROXY_WASM_PROTOBUF_FULL 1 #include "envoy/config/core/v3/grpc_service.pb.h" #include "source/extensions/common/wasm/ext/declare_property.pb.h" #include "include/proxy-wasm/null_plugin.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { proxy_wasm::Word resolve_dns(void* raw_context, proxy_wasm::Word dns_address, proxy_wasm::Word dns_address_size, proxy_wasm::Word token_ptr); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy namespace proxy_wasm { namespace null_plugin { #include "extensions/common/wasm/ext/envoy_proxy_wasm_api.h" using GrpcService = envoy::config::core::v3::GrpcService; using namespace proxy_wasm::null_plugin; #define WS(_x) Word(static_cast(_x)) #define WR(_x) Word(reinterpret_cast(_x)) inline WasmResult envoy_resolve_dns(const char* dns_address, size_t dns_address_size, uint32_t* token) { return static_cast( ::Envoy::Extensions::Common::Wasm::resolve_dns(proxy_wasm::current_context_, WR(dns_address), WS(dns_address_size), WR(token)) .u64_); } #undef WS #undef WR } // namespace null_plugin } // namespace proxy_wasm ================================================ FILE: source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h ================================================ // NOLINT(namespace-envoy) #pragma once namespace proxy_wasm { namespace null_plugin { #include "proxy_wasm_common.h" #include "proxy_wasm_enums.h" #include "proxy_wasm_externs.h" /* * The following headers are used in two different environments, in the Null VM and in Wasm code * which require different headers to precede these such that they can not include the above * headers directly. These macros prevent header reordering */ #define _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ 1 #include "proxy_wasm_api.h" #undef _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ #define _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ 1 #include "extensions/common/wasm/ext/envoy_proxy_wasm_api.h" #undef _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ } // namespace null_plugin } // namespace proxy_wasm ================================================ FILE: source/extensions/common/wasm/ext/envoy_proxy_wasm_api.cc ================================================ // NOLINT(namespace-envoy) #include "proxy_wasm_intrinsics.h" /* * These headers span repositories and therefor the following header can not include the above * header to enforce the required order. This macros prevent header reordering. */ #define _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ 1 #include "source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h" #undef _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ EnvoyContextBase* getEnvoyContextBase(uint32_t context_id) { auto context_base = getContextBase(context_id); if (auto root = context_base->asRoot()) { return static_cast(static_cast(root)); } else { return static_cast(static_cast(context_base->asContext())); } } EnvoyContext* getEnvoyContext(uint32_t context_id) { auto context_base = getContextBase(context_id); return static_cast(context_base->asContext()); } EnvoyRootContext* getEnvoyRootContext(uint32_t context_id) { auto context_base = getContextBase(context_id); return static_cast(context_base->asRoot()); } extern "C" PROXY_WASM_KEEPALIVE void envoy_on_resolve_dns(uint32_t context_id, uint32_t token, uint32_t data_size) { getEnvoyRootContext(context_id)->onResolveDns(token, data_size); } extern "C" PROXY_WASM_KEEPALIVE void envoy_on_stats_update(uint32_t context_id, uint32_t data_size) { getEnvoyRootContext(context_id)->onStatsUpdate(data_size); } ================================================ FILE: source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h ================================================ // NOLINT(namespace-envoy) #pragma once // Note that this file is included in emscripten and NullVM environments and thus depends on // the context in which it is included, hence we need to disable clang-tidy warnings. extern "C" WasmResult envoy_resolve_dns(const char* dns_address, size_t dns_address_size, uint32_t* token); class EnvoyContextBase { public: virtual ~EnvoyContextBase() = default; }; class EnvoyRootContext : public RootContext, public EnvoyContextBase { public: EnvoyRootContext(uint32_t id, std::string_view root_id) : RootContext(id, root_id) {} ~EnvoyRootContext() override = default; virtual void onResolveDns(uint32_t /* token */, uint32_t /* result_size */) {} virtual void onStatsUpdate(uint32_t /* result_size */) {} }; class EnvoyContext : public Context, public EnvoyContextBase { public: EnvoyContext(uint32_t id, RootContext* root) : Context(id, root) {} ~EnvoyContext() override = default; }; struct DnsResult { uint32_t ttl_seconds; std::string address; }; struct CounterResult { uint64_t delta; std::string_view name; uint64_t value; }; struct GaugeResult { uint64_t value; std::string_view name; }; struct StatResult { std::vector counters; std::vector gauges; }; enum class StatType : uint32_t { Counter = 1, Gauge = 2, }; inline std::vector parseDnsResults(std::string_view data) { if (data.size() < 4) { return {}; } const uint32_t* pn = reinterpret_cast(data.data()); uint32_t n = *pn++; std::vector results; results.resize(n); const char* pa = data.data() + (1 + n) * sizeof(uint32_t); // skip n + n TTLs for (uint32_t i = 0; i < n; i++) { auto& e = results[i]; e.ttl_seconds = *pn++; auto alen = strlen(pa); e.address.assign(pa, alen); pa += alen + 1; } return results; } template inline uint32_t align(uint32_t i) { return (i + sizeof(I) - 1) & ~(sizeof(I) - 1); } inline StatResult parseStatResults(std::string_view data) { StatResult results; uint32_t data_len = 0; while (data_len < data.length()) { const uint32_t* n = reinterpret_cast(data.data() + data_len); uint32_t block_size = *n++; uint32_t block_type = *n++; uint32_t num_stats = *n++; if (static_cast(block_type) == StatType::Counter) { // counter std::vector counters(num_stats); uint32_t stat_index = data_len + 3 * sizeof(uint32_t); for (uint32_t i = 0; i < num_stats; i++) { const uint32_t* stat_name = reinterpret_cast(data.data() + stat_index); uint32_t name_len = *stat_name; stat_index += sizeof(uint32_t); auto& e = counters[i]; e.name = {data.data() + stat_index, name_len}; stat_index = align(stat_index + name_len); const uint64_t* stat_vals = reinterpret_cast(data.data() + stat_index); e.value = *stat_vals++; e.delta = *stat_vals++; stat_index += 2 * sizeof(uint64_t); } results.counters = counters; } else if (static_cast(block_type) == StatType::Gauge) { // gauge std::vector gauges(num_stats); uint32_t stat_index = data_len + 3 * sizeof(uint32_t); for (uint32_t i = 0; i < num_stats; i++) { const uint32_t* stat_name = reinterpret_cast(data.data() + stat_index); uint32_t name_len = *stat_name; stat_index += sizeof(uint32_t); auto& e = gauges[i]; e.name = {data.data() + stat_index, name_len}; stat_index = align(stat_index + name_len); const uint64_t* stat_vals = reinterpret_cast(data.data() + stat_index); e.value = *stat_vals++; stat_index += sizeof(uint64_t); } results.gauges = gauges; } data_len += block_size; } return results; } extern "C" WasmResult envoy_resolve_dns(const char* address, size_t address_size, uint32_t* token); ================================================ FILE: source/extensions/common/wasm/ext/envoy_wasm_intrinsics.js ================================================ mergeInto(LibraryManager.library, { envoy_resolve_dns: function() {}, }); ================================================ FILE: source/extensions/common/wasm/ext/node_subset.proto ================================================ syntax = "proto3"; import "google/protobuf/struct.proto"; package envoy.source.extensions.common.wasm; // A subset of message Node from api/envoy/config/core/v?/base.proto. message NodeSubset { string id = 1; google.protobuf.Struct metadata = 3; }; ================================================ FILE: source/extensions/common/wasm/foreign.cc ================================================ #include "common/common/logger.h" #include "source/extensions/common/wasm/ext/declare_property.pb.h" #include "extensions/common/wasm/wasm.h" #if defined(WASM_USE_CEL_PARSER) #include "eval/public/builtin_func_registrar.h" #include "eval/public/cel_expr_builder_factory.h" #include "parser/parser.h" #endif #include "zlib.h" using proxy_wasm::RegisterForeignFunction; using proxy_wasm::WasmForeignFunction; namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { template WasmForeignFunction createFromClass() { auto c = std::make_shared(); return c->create(c); } RegisterForeignFunction registerCompressForeignFunction( "compress", [](WasmBase&, absl::string_view arguments, const std::function& alloc_result) -> WasmResult { unsigned long dest_len = compressBound(arguments.size()); std::unique_ptr b(new unsigned char[dest_len]); if (compress(b.get(), &dest_len, reinterpret_cast(arguments.data()), arguments.size()) != Z_OK) { return WasmResult::SerializationFailure; } auto result = alloc_result(dest_len); memcpy(result, b.get(), dest_len); return WasmResult::Ok; }); RegisterForeignFunction registerUncompressForeignFunction( "uncompress", [](WasmBase&, absl::string_view arguments, const std::function& alloc_result) -> WasmResult { unsigned long dest_len = arguments.size() * 2 + 2; // output estimate. while (true) { std::unique_ptr b(new unsigned char[dest_len]); auto r = uncompress(b.get(), &dest_len, reinterpret_cast(arguments.data()), arguments.size()); if (r == Z_OK) { auto result = alloc_result(dest_len); memcpy(result, b.get(), dest_len); return WasmResult::Ok; } if (r != Z_BUF_ERROR) { return WasmResult::SerializationFailure; } dest_len = dest_len * 2; } }); #if defined(WASM_USE_CEL_PARSER) class ExpressionFactory : public Logger::Loggable { protected: struct ExpressionData { google::api::expr::v1alpha1::ParsedExpr parsed_expr_; Filters::Common::Expr::ExpressionPtr compiled_expr_; }; class ExpressionContext : public StorageObject { public: friend class ExpressionFactory; ExpressionContext(Filters::Common::Expr::BuilderPtr builder) : builder_(std::move(builder)) {} uint32_t createToken() { uint32_t token = next_expr_token_++; for (;;) { if (!expr_.count(token)) { break; } token = next_expr_token_++; } return token; } bool hasExpression(uint32_t token) { return expr_.contains(token); } ExpressionData& getExpression(uint32_t token) { return expr_[token]; } void deleteExpression(uint32_t token) { expr_.erase(token); } Filters::Common::Expr::Builder* builder() { return builder_.get(); } private: Filters::Common::Expr::BuilderPtr builder_{}; uint32_t next_expr_token_ = 0; absl::flat_hash_map expr_; }; static ExpressionContext& getOrCreateContext(ContextBase* context_base) { auto context = static_cast(context_base); std::string data_name = "cel"; auto expr_context = context->getForeignData(data_name); if (!expr_context) { google::api::expr::runtime::InterpreterOptions options; auto builder = google::api::expr::runtime::CreateCelExpressionBuilder(options); auto status = google::api::expr::runtime::RegisterBuiltinFunctions(builder->GetRegistry(), options); if (!status.ok()) { ENVOY_LOG(warn, "failed to register built-in functions: {}", status.message()); } auto new_context = std::make_unique(std::move(builder)); expr_context = new_context.get(); context->setForeignData(data_name, std::move(new_context)); } return *expr_context; } }; class CreateExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = [self](WasmBase&, absl::string_view expr, const std::function& alloc_result) -> WasmResult { auto parse_status = google::api::expr::parser::Parse(std::string(expr)); if (!parse_status.ok()) { ENVOY_LOG(info, "expr_create parse error: {}", parse_status.status().message()); return WasmResult::BadArgument; } auto& expr_context = getOrCreateContext(proxy_wasm::current_context_->root_context()); auto token = expr_context.createToken(); auto& handler = expr_context.getExpression(token); handler.parsed_expr_ = parse_status.value(); auto cel_expression_status = expr_context.builder()->CreateExpression( &handler.parsed_expr_.expr(), &handler.parsed_expr_.source_info()); if (!cel_expression_status.ok()) { ENVOY_LOG(info, "expr_create compile error: {}", cel_expression_status.status().message()); expr_context.deleteExpression(token); return WasmResult::BadArgument; } handler.compiled_expr_ = std::move(cel_expression_status.value()); auto result = reinterpret_cast(alloc_result(sizeof(uint32_t))); *result = token; return WasmResult::Ok; }; return f; } }; RegisterForeignFunction registerCreateExpressionForeignFunction("expr_create", createFromClass()); class EvaluateExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = [self](WasmBase&, absl::string_view argument, const std::function& alloc_result) -> WasmResult { auto& expr_context = getOrCreateContext(proxy_wasm::current_context_->root_context()); if (argument.size() != sizeof(uint32_t)) { return WasmResult::BadArgument; } uint32_t token = *reinterpret_cast(argument.data()); if (!expr_context.hasExpression(token)) { return WasmResult::NotFound; } Protobuf::Arena arena; auto& handler = expr_context.getExpression(token); auto context = static_cast(proxy_wasm::current_context_); auto eval_status = handler.compiled_expr_->Evaluate(*context, &arena); if (!eval_status.ok()) { ENVOY_LOG(debug, "expr_evaluate error: {}", eval_status.status().message()); return WasmResult::InternalFailure; } auto value = eval_status.value(); if (value.IsError()) { ENVOY_LOG(debug, "expr_evaluate value error: {}", value.ErrorOrDie()->message()); return WasmResult::InternalFailure; } std::string result; auto serialize_status = serializeValue(value, &result); if (serialize_status != WasmResult::Ok) { return serialize_status; } auto output = alloc_result(result.size()); memcpy(output, result.data(), result.size()); return WasmResult::Ok; }; return f; } }; RegisterForeignFunction registerEvaluateExpressionForeignFunction("expr_evaluate", createFromClass()); class DeleteExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = [self](WasmBase&, absl::string_view argument, const std::function&) -> WasmResult { auto& expr_context = getOrCreateContext(proxy_wasm::current_context_->root_context()); if (argument.size() != sizeof(uint32_t)) { return WasmResult::BadArgument; } uint32_t token = *reinterpret_cast(argument.data()); expr_context.deleteExpression(token); return WasmResult::Ok; }; return f; } }; RegisterForeignFunction registerDeleteExpressionForeignFunction("expr_delete", createFromClass()); #endif // TODO(kyessenov) The factories should be separated into individual compilation units. // TODO(kyessenov) Leverage the host argument marshaller instead of the protobuf argument list. class DeclarePropertyFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = [self](WasmBase&, absl::string_view arguments, const std::function&) -> WasmResult { envoy::source::extensions::common::wasm::DeclarePropertyArguments args; if (args.ParseFromArray(arguments.data(), arguments.size())) { WasmType type = WasmType::Bytes; switch (args.type()) { case envoy::source::extensions::common::wasm::WasmType::Bytes: type = WasmType::Bytes; break; case envoy::source::extensions::common::wasm::WasmType::Protobuf: type = WasmType::Protobuf; break; case envoy::source::extensions::common::wasm::WasmType::String: type = WasmType::String; break; case envoy::source::extensions::common::wasm::WasmType::FlatBuffers: type = WasmType::FlatBuffers; break; default: // do nothing break; } StreamInfo::FilterState::LifeSpan span = StreamInfo::FilterState::LifeSpan::FilterChain; switch (args.span()) { case envoy::source::extensions::common::wasm::LifeSpan::FilterChain: span = StreamInfo::FilterState::LifeSpan::FilterChain; break; case envoy::source::extensions::common::wasm::LifeSpan::DownstreamRequest: span = StreamInfo::FilterState::LifeSpan::Request; break; case envoy::source::extensions::common::wasm::LifeSpan::DownstreamConnection: span = StreamInfo::FilterState::LifeSpan::Connection; break; default: // do nothing break; } auto context = static_cast(proxy_wasm::current_context_); return context->declareProperty( args.name(), std::make_unique(args.readonly(), type, args.schema(), span)); } return WasmResult::BadArgument; }; return f; } }; RegisterForeignFunction registerDeclarePropertyForeignFunction("declare_property", createFromClass()); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm.cc ================================================ #include "extensions/common/wasm/wasm.h" #include #include #include "envoy/event/deferred_deletable.h" #include "common/common/logger.h" #include "extensions/common/wasm/wasm_extension.h" #include "absl/strings/str_cat.h" #define WASM_CONTEXT(_c) \ static_cast(proxy_wasm::exports::ContextOrEffectiveContext( \ static_cast((void)_c, proxy_wasm::current_context_))) using proxy_wasm::FailState; using proxy_wasm::Word; namespace Envoy { using ScopeWeakPtr = std::weak_ptr; namespace Extensions { namespace Common { namespace Wasm { namespace { using WasmEvent = EnvoyWasm::WasmEvent; struct CodeCacheEntry { std::string code; bool in_progress; MonotonicTime use_time; MonotonicTime fetch_time; }; class RemoteDataFetcherAdapter : public Config::DataFetcher::RemoteDataFetcherCallback, public Event::DeferredDeletable { public: RemoteDataFetcherAdapter(std::function cb) : cb_(cb) {} ~RemoteDataFetcherAdapter() override = default; void onSuccess(const std::string& data) override { cb_(data); } void onFailure(Config::DataFetcher::FailureReason) override { cb_(""); } void setFetcher(std::unique_ptr&& fetcher) { fetcher_ = std::move(fetcher); } private: std::function cb_; std::unique_ptr fetcher_; }; const std::string INLINE_STRING = ""; const int CODE_CACHE_SECONDS_NEGATIVE_CACHING = 10; const int CODE_CACHE_SECONDS_CACHING_TTL = 24 * 3600; // 24 hours. MonotonicTime::duration cache_time_offset_for_testing{}; std::atomic active_wasms; std::mutex code_cache_mutex; absl::flat_hash_map* code_cache = nullptr; // Downcast WasmBase to the actual Wasm. inline Wasm* getWasm(WasmHandleSharedPtr& base_wasm_handle) { return static_cast(base_wasm_handle->wasm().get()); } } // namespace std::string anyToBytes(const ProtobufWkt::Any& any) { if (any.Is()) { ProtobufWkt::StringValue s; MessageUtil::unpackTo(any, s); return s.value(); } if (any.Is()) { Protobuf::BytesValue b; MessageUtil::unpackTo(any, b); return b.value(); } return any.value(); } void Wasm::initializeStats() { active_wasms++; wasm_stats_.active_.set(active_wasms); wasm_stats_.created_.inc(); } void Wasm::initializeLifecycle(Server::ServerLifecycleNotifier& lifecycle_notifier) { auto weak = std::weak_ptr(std::static_pointer_cast(shared_from_this())); lifecycle_notifier.registerCallback(Server::ServerLifecycleNotifier::Stage::ShutdownExit, [this, weak](Event::PostCb post_cb) { auto lock = weak.lock(); if (lock) { // See if we are still alive. server_shutdown_post_cb_ = post_cb; } }); } Wasm::Wasm(absl::string_view runtime, absl::string_view vm_id, absl::string_view vm_configuration, absl::string_view vm_key, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher) : WasmBase(createWasmVm(runtime, scope), vm_id, vm_configuration, vm_key), scope_(scope), cluster_manager_(cluster_manager), dispatcher_(dispatcher), time_source_(dispatcher.timeSource()), wasm_stats_(WasmStats{ ALL_WASM_STATS(POOL_COUNTER_PREFIX(*scope_, absl::StrCat("wasm.", runtime, ".")), POOL_GAUGE_PREFIX(*scope_, absl::StrCat("wasm.", runtime, ".")))}) { initializeStats(); ENVOY_LOG(debug, "Base Wasm created {} now active", active_wasms); } Wasm::Wasm(WasmHandleSharedPtr base_wasm_handle, Event::Dispatcher& dispatcher) : WasmBase(base_wasm_handle, [&base_wasm_handle]() { return createWasmVm( getEnvoyWasmIntegration(*base_wasm_handle->wasm()->wasm_vm()).runtime(), getWasm(base_wasm_handle)->scope_); }), scope_(getWasm(base_wasm_handle)->scope_), cluster_manager_(getWasm(base_wasm_handle)->clusterManager()), dispatcher_(dispatcher), time_source_(dispatcher.timeSource()), wasm_stats_(getWasm(base_wasm_handle)->wasm_stats_) { initializeStats(); ENVOY_LOG(debug, "Thread-Local Wasm created {} now active", active_wasms); } void Wasm::error(absl::string_view message) { ENVOY_LOG(error, "Wasm VM failed {}", message); } void Wasm::setTimerPeriod(uint32_t context_id, std::chrono::milliseconds new_period) { auto& period = timer_period_[context_id]; auto& timer = timer_[context_id]; bool was_running = timer && period.count() > 0; period = new_period; if (was_running) { timer->disableTimer(); } if (period.count() > 0) { timer = dispatcher_.createTimer( [weak = std::weak_ptr(std::static_pointer_cast(shared_from_this())), context_id]() { auto shared = weak.lock(); if (shared) { shared->tickHandler(context_id); } }); timer->enableTimer(period); } } void Wasm::tickHandler(uint32_t root_context_id) { auto period = timer_period_.find(root_context_id); auto timer = timer_.find(root_context_id); if (period == timer_period_.end() || timer == timer_.end() || !on_tick_) { return; } auto context = getContext(root_context_id); if (context) { context->onTick(0); } if (timer->second && period->second.count() > 0) { timer->second->enableTimer(period->second); } } Wasm::~Wasm() { active_wasms--; wasm_stats_.active_.set(active_wasms); ENVOY_LOG(debug, "~Wasm {} remaining active", active_wasms); if (server_shutdown_post_cb_) { dispatcher_.post(server_shutdown_post_cb_); } } // NOLINTNEXTLINE(readability-identifier-naming) Word resolve_dns(void* raw_context, Word dns_address_ptr, Word dns_address_size, Word token_ptr) { auto context = WASM_CONTEXT(raw_context); auto root_context = context->isRootContext() ? context : context->rootContext(); auto address = context->wasmVm()->getMemory(dns_address_ptr, dns_address_size); if (!address) { return WasmResult::InvalidMemoryAccess; } // Verify set and verify token_ptr before initiating the async resolve. uint32_t token = context->wasm()->nextDnsToken(); if (!context->wasm()->setDatatype(token_ptr, token)) { return WasmResult::InvalidMemoryAccess; } auto callback = [weak_wasm = std::weak_ptr(context->wasm()->sharedThis()), root_context, context_id = context->id(), token](Envoy::Network::DnsResolver::ResolutionStatus status, std::list&& response) { auto wasm = weak_wasm.lock(); if (!wasm) { return; } root_context->onResolveDns(token, status, std::move(response)); }; if (!context->wasm()->dnsResolver()) { context->wasm()->dnsResolver() = context->wasm()->dispatcher().createDnsResolver({}, false); } context->wasm()->dnsResolver()->resolve(std::string(address.value()), Network::DnsLookupFamily::Auto, callback); return WasmResult::Ok; } void Wasm::registerCallbacks() { WasmBase::registerCallbacks(); #define _REGISTER(_fn) \ wasm_vm_->registerCallback( \ "env", "envoy_" #_fn, &_fn, \ &proxy_wasm::ConvertFunctionWordToUint32::convertFunctionWordToUint32) _REGISTER(resolve_dns); #undef _REGISTER } void Wasm::getFunctions() { WasmBase::getFunctions(); #define _GET(_fn) wasm_vm_->getFunction("envoy_" #_fn, &_fn##_); _GET(on_resolve_dns) _GET(on_stats_update) #undef _GET } proxy_wasm::CallOnThreadFunction Wasm::callOnThreadFunction() { auto& dispatcher = dispatcher_; return [&dispatcher](const std::function& f) { return dispatcher.post(f); }; } ContextBase* Wasm::createContext(const std::shared_ptr& plugin) { if (create_context_for_testing_) { return create_context_for_testing_(this, std::static_pointer_cast(plugin)); } return new Context(this, std::static_pointer_cast(plugin)); } ContextBase* Wasm::createRootContext(const std::shared_ptr& plugin) { if (create_root_context_for_testing_) { return create_root_context_for_testing_(this, std::static_pointer_cast(plugin)); } return new Context(this, std::static_pointer_cast(plugin)); } ContextBase* Wasm::createVmContext() { return new Context(this); } void Wasm::log(absl::string_view root_id, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) { auto context = getRootContext(root_id); context->log(request_headers, response_headers, response_trailers, stream_info); } void Wasm::onStatsUpdate(absl::string_view root_id, Envoy::Stats::MetricSnapshot& snapshot) { auto context = getRootContext(root_id); context->onStatsUpdate(snapshot); } void clearCodeCacheForTesting() { std::lock_guard guard(code_cache_mutex); if (code_cache) { delete code_cache; code_cache = nullptr; } getWasmExtension()->resetStatsForTesting(); } // TODO: remove this post #4160: Switch default to SimulatedTimeSystem. void setTimeOffsetForCodeCacheForTesting(MonotonicTime::duration d) { cache_time_offset_for_testing = d; } static proxy_wasm::WasmHandleCloneFactory getCloneFactory(WasmExtension* wasm_extension, Event::Dispatcher& dispatcher, CreateContextFn create_root_context_for_testing) { auto wasm_clone_factory = wasm_extension->wasmCloneFactory(); return [&dispatcher, create_root_context_for_testing, wasm_clone_factory]( WasmHandleBaseSharedPtr base_wasm) -> std::shared_ptr { return wasm_clone_factory(std::static_pointer_cast(base_wasm), dispatcher, create_root_context_for_testing); }; } WasmEvent toWasmEvent(const std::shared_ptr& wasm) { if (!wasm) { return WasmEvent::UnableToCreateVM; } switch (wasm->wasm()->fail_state()) { case FailState::Ok: return WasmEvent::Ok; case FailState::UnableToCreateVM: return WasmEvent::UnableToCreateVM; case FailState::UnableToCloneVM: return WasmEvent::UnableToCloneVM; case FailState::MissingFunction: return WasmEvent::MissingFunction; case FailState::UnableToInitializeCode: return WasmEvent::UnableToInitializeCode; case FailState::StartFailed: return WasmEvent::StartFailed; case FailState::ConfigureFailed: return WasmEvent::ConfigureFailed; case FailState::RuntimeError: return WasmEvent::RuntimeError; } NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } static bool createWasmInternal(const VmConfig& vm_config, const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, Event::Dispatcher& dispatcher, Api::Api& api, Server::ServerLifecycleNotifier& lifecycle_notifier, Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, CreateWasmCallback&& cb, CreateContextFn create_root_context_for_testing = nullptr) { auto wasm_extension = getWasmExtension(); std::string source, code; bool fetch = false; if (vm_config.code().has_remote()) { auto now = dispatcher.timeSource().monotonicTime() + cache_time_offset_for_testing; source = vm_config.code().remote().http_uri().uri(); std::lock_guard guard(code_cache_mutex); if (!code_cache) { code_cache = new std::remove_reference::type; } Stats::ScopeSharedPtr create_wasm_stats_scope = wasm_extension->lockAndCreateStats(scope, plugin); // Remove entries older than CODE_CACHE_SECONDS_CACHING_TTL except for our target. for (auto it = code_cache->begin(); it != code_cache->end();) { if (now - it->second.use_time > std::chrono::seconds(CODE_CACHE_SECONDS_CACHING_TTL) && it->first != vm_config.code().remote().sha256()) { code_cache->erase(it++); } else { ++it; } } wasm_extension->onRemoteCacheEntriesChanged(code_cache->size()); auto it = code_cache->find(vm_config.code().remote().sha256()); if (it != code_cache->end()) { it->second.use_time = now; if (it->second.in_progress) { wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheMiss, plugin); ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), warn, "createWasm: failed to load (in progress) from {}", source); cb(nullptr); } code = it->second.code; if (code.empty()) { if (now - it->second.fetch_time < std::chrono::seconds(CODE_CACHE_SECONDS_NEGATIVE_CACHING)) { wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheNegativeHit, plugin); ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), warn, "createWasm: failed to load (cached) from {}", source); cb(nullptr); } fetch = true; // Fetch failed, retry. it->second.in_progress = true; it->second.fetch_time = now; } else { wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheHit, plugin); } } else { fetch = true; // Not in cache, fetch. auto& e = (*code_cache)[vm_config.code().remote().sha256()]; e.in_progress = true; e.use_time = e.fetch_time = now; wasm_extension->onRemoteCacheEntriesChanged(code_cache->size()); wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheMiss, plugin); } } else if (vm_config.code().has_local()) { code = Config::DataSource::read(vm_config.code().local(), true, api); source = Config::DataSource::getPath(vm_config.code().local()) .value_or(code.empty() ? EMPTY_STRING : INLINE_STRING); } auto complete_cb = [cb, vm_config, plugin, scope, &cluster_manager, &dispatcher, &lifecycle_notifier, create_root_context_for_testing, wasm_extension](std::string code) -> bool { if (code.empty()) { cb(nullptr); return false; } auto vm_key = proxy_wasm::makeVmKey(vm_config.vm_id(), anyToBytes(vm_config.configuration()), code); auto wasm_factory = wasm_extension->wasmFactory(); proxy_wasm::WasmHandleFactory proxy_wasm_factory = [&vm_config, scope, &cluster_manager, &dispatcher, &lifecycle_notifier, wasm_factory](absl::string_view vm_key) -> WasmHandleBaseSharedPtr { return wasm_factory(vm_config, scope, cluster_manager, dispatcher, lifecycle_notifier, vm_key); }; auto wasm = proxy_wasm::createWasm( vm_key, code, plugin, proxy_wasm_factory, getCloneFactory(wasm_extension, dispatcher, create_root_context_for_testing), vm_config.allow_precompiled()); Stats::ScopeSharedPtr create_wasm_stats_scope = wasm_extension->lockAndCreateStats(scope, plugin); wasm_extension->onEvent(toWasmEvent(wasm), plugin); if (!wasm || wasm->wasm()->isFailed()) { ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), trace, "Unable to create Wasm"); cb(nullptr); return false; } cb(std::static_pointer_cast(wasm)); return true; }; if (fetch) { auto holder = std::make_shared>(); auto fetch_callback = [vm_config, complete_cb, source, &dispatcher, scope, holder, plugin, wasm_extension](const std::string& code) { { std::lock_guard guard(code_cache_mutex); auto& e = (*code_cache)[vm_config.code().remote().sha256()]; e.in_progress = false; e.code = code; Stats::ScopeSharedPtr create_wasm_stats_scope = wasm_extension->lockAndCreateStats(scope, plugin); if (code.empty()) { wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheFetchFailure, plugin); } else { wasm_extension->onEvent(WasmExtension::WasmEvent::RemoteLoadCacheFetchSuccess, plugin); } wasm_extension->onRemoteCacheEntriesChanged(code_cache->size()); } // NB: xDS currently does not support failing asynchronously, so we fail immediately // if remote Wasm code is not cached and do a background fill. if (!vm_config.nack_on_code_cache_miss()) { if (code.empty()) { ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), trace, "Failed to load Wasm code (fetch failed) from {}", source); } complete_cb(code); } // NB: must be deleted explicitly. if (*holder) { dispatcher.deferredDelete(Envoy::Event::DeferredDeletablePtr{holder->release()}); } }; if (vm_config.nack_on_code_cache_miss()) { auto adapter = std::make_unique(fetch_callback); auto fetcher = std::make_unique( cluster_manager, vm_config.code().remote().http_uri(), vm_config.code().remote().sha256(), *adapter); auto fetcher_ptr = fetcher.get(); adapter->setFetcher(std::move(fetcher)); *holder = std::move(adapter); fetcher_ptr->fetch(); ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), trace, fmt::format("Failed to load Wasm code (fetching) from {}", source)); cb(nullptr); return false; } else { remote_data_provider = std::make_unique( cluster_manager, init_manager, vm_config.code().remote(), dispatcher, api.randomGenerator(), true, fetch_callback); } } else { return complete_cb(code); } return true; } bool createWasm(const VmConfig& vm_config, const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, Event::Dispatcher& dispatcher, Api::Api& api, Envoy::Server::ServerLifecycleNotifier& lifecycle_notifier, Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, CreateWasmCallback&& cb, CreateContextFn create_root_context_for_testing) { return createWasmInternal(vm_config, plugin, scope, cluster_manager, init_manager, dispatcher, api, lifecycle_notifier, remote_data_provider, std::move(cb), create_root_context_for_testing); } WasmHandleSharedPtr getOrCreateThreadLocalWasm(const WasmHandleSharedPtr& base_wasm, const PluginSharedPtr& plugin, Event::Dispatcher& dispatcher, CreateContextFn create_root_context_for_testing) { return std::static_pointer_cast(proxy_wasm::getOrCreateThreadLocalWasm( std::static_pointer_cast(base_wasm), plugin, getCloneFactory(getWasmExtension(), dispatcher, create_root_context_for_testing))); } } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm.h ================================================ #pragma once #include #include #include #include #include "envoy/common/exception.h" #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/http/filter.h" #include "envoy/server/lifecycle_notifier.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/config/datasource.h" #include "common/stats/symbol_table_impl.h" #include "common/version/version.h" #include "extensions/common/wasm/context.h" #include "extensions/common/wasm/wasm_extension.h" #include "extensions/common/wasm/wasm_vm.h" #include "extensions/common/wasm/well_known_names.h" #include "include/proxy-wasm/exports.h" #include "include/proxy-wasm/wasm.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { #define ALL_WASM_STATS(COUNTER, GAUGE) \ COUNTER(created) \ GAUGE(active, NeverImport) class WasmHandle; struct WasmStats { ALL_WASM_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; // Wasm execution instance. Manages the Envoy side of the Wasm interface. class Wasm : public WasmBase, Logger::Loggable { public: Wasm(absl::string_view runtime, absl::string_view vm_id, absl::string_view vm_configuration, absl::string_view vm_key, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher); Wasm(std::shared_ptr other, Event::Dispatcher& dispatcher); ~Wasm() override; Upstream::ClusterManager& clusterManager() const { return cluster_manager_; } Event::Dispatcher& dispatcher() { return dispatcher_; } Context* getRootContext(absl::string_view root_id) { return static_cast(WasmBase::getRootContext(root_id)); } void setTimerPeriod(uint32_t root_context_id, std::chrono::milliseconds period) override; virtual void tickHandler(uint32_t root_context_id); std::shared_ptr sharedThis() { return std::static_pointer_cast(shared_from_this()); } Network::DnsResolverSharedPtr& dnsResolver() { return dns_resolver_; } // WasmBase void error(absl::string_view message) override; proxy_wasm::CallOnThreadFunction callOnThreadFunction() override; ContextBase* createContext(const std::shared_ptr& plugin) override; ContextBase* createRootContext(const std::shared_ptr& plugin) override; ContextBase* createVmContext() override; void registerCallbacks() override; void getFunctions() override; // AccessLog::Instance void log(absl::string_view root_id, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info); void onStatsUpdate(absl::string_view root_id, Envoy::Stats::MetricSnapshot& snapshot); virtual std::string buildVersion() { return BUILD_VERSION_NUMBER; } void initializeLifecycle(Server::ServerLifecycleNotifier& lifecycle_notifier); uint32_t nextDnsToken() { do { dns_token_++; } while (!dns_token_); return dns_token_; } void setCreateContextForTesting(CreateContextFn create_context, CreateContextFn create_root_context) { create_context_for_testing_ = create_context; create_root_context_for_testing_ = create_root_context; } void setFailStateForTesting(proxy_wasm::FailState fail_state) { failed_ = fail_state; } protected: friend class Context; void initializeStats(); // Calls into the VM. proxy_wasm::WasmCallVoid<3> on_resolve_dns_; proxy_wasm::WasmCallVoid<2> on_stats_update_; Stats::ScopeSharedPtr scope_; Upstream::ClusterManager& cluster_manager_; Event::Dispatcher& dispatcher_; Event::PostCb server_shutdown_post_cb_; absl::flat_hash_map timer_; // per root_id. TimeSource& time_source_; // Host Stats/Metrics WasmStats wasm_stats_; // Plugin Stats/Metrics absl::flat_hash_map counters_; absl::flat_hash_map gauges_; absl::flat_hash_map histograms_; CreateContextFn create_context_for_testing_; CreateContextFn create_root_context_for_testing_; Network::DnsResolverSharedPtr dns_resolver_; uint32_t dns_token_ = 1; }; using WasmSharedPtr = std::shared_ptr; class WasmHandle : public WasmHandleBase, public ThreadLocal::ThreadLocalObject { public: explicit WasmHandle(const WasmSharedPtr& wasm) : WasmHandleBase(std::static_pointer_cast(wasm)), wasm_(wasm) {} WasmSharedPtr& wasm() { return wasm_; } private: WasmSharedPtr wasm_; }; using CreateWasmCallback = std::function; // Returns false if createWasm failed synchronously. This is necessary because xDS *MUST* report // all failures synchronously as it has no facility to report configuration update failures // asynchronously. Callers should throw an exception if they are part of a synchronous xDS update // because that is the mechanism for reporting configuration errors. bool createWasm(const VmConfig& vm_config, const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, Event::Dispatcher& dispatcher, Api::Api& api, Envoy::Server::ServerLifecycleNotifier& lifecycle_notifier, Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, CreateWasmCallback&& callback, CreateContextFn create_root_context_for_testing = nullptr); WasmHandleSharedPtr getOrCreateThreadLocalWasm(const WasmHandleSharedPtr& base_wasm, const PluginSharedPtr& plugin, Event::Dispatcher& dispatcher, CreateContextFn create_root_context_for_testing = nullptr); void clearCodeCacheForTesting(); std::string anyToBytes(const ProtobufWkt::Any& any); void setTimeOffsetForCodeCacheForTesting(MonotonicTime::duration d); EnvoyWasm::WasmEvent toWasmEvent(const std::shared_ptr& wasm); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_extension.cc ================================================ #include "extensions/common/wasm/wasm_extension.h" #include "extensions/common/wasm/context.h" #include "extensions/common/wasm/wasm.h" #include "extensions/common/wasm/wasm_vm.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { namespace { WasmExtension* wasm_extension = nullptr; } // namespace Stats::ScopeSharedPtr WasmExtension::lockAndCreateStats(const Stats::ScopeSharedPtr& scope, const PluginSharedPtr& plugin) { absl::MutexLock l(&mutex_); Stats::ScopeSharedPtr lock; if (!(lock = scope_.lock())) { resetStats(); createStats(scope, plugin); scope_ = ScopeWeakPtr(scope); return scope; } createStats(scope, plugin); return lock; } void WasmExtension::resetStatsForTesting() { absl::MutexLock l(&mutex_); resetStats(); } // Register a Wasm extension. Note: only one extension may be registered. RegisterWasmExtension::RegisterWasmExtension(WasmExtension* extension) { RELEASE_ASSERT(!wasm_extension, "Multiple Wasm extensions registered."); wasm_extension = extension; } std::unique_ptr EnvoyWasm::createEnvoyWasmVmIntegration(const Stats::ScopeSharedPtr& scope, absl::string_view runtime, absl::string_view short_runtime) { return std::make_unique(scope, runtime, short_runtime); } WasmHandleExtensionFactory EnvoyWasm::wasmFactory() { return [](const VmConfig vm_config, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher, Server::ServerLifecycleNotifier& lifecycle_notifier, absl::string_view vm_key) -> WasmHandleBaseSharedPtr { auto wasm = std::make_shared(vm_config.runtime(), vm_config.vm_id(), anyToBytes(vm_config.configuration()), vm_key, scope, cluster_manager, dispatcher); wasm->initializeLifecycle(lifecycle_notifier); return std::static_pointer_cast(std::make_shared(std::move(wasm))); }; } WasmHandleExtensionCloneFactory EnvoyWasm::wasmCloneFactory() { return [](const WasmHandleSharedPtr& base_wasm, Event::Dispatcher& dispatcher, CreateContextFn create_root_context_for_testing) -> WasmHandleBaseSharedPtr { auto wasm = std::make_shared(base_wasm, dispatcher); wasm->setCreateContextForTesting(nullptr, create_root_context_for_testing); return std::static_pointer_cast(std::make_shared(std::move(wasm))); }; } void EnvoyWasm::onEvent(WasmEvent event, const PluginSharedPtr&) { switch (event) { case WasmEvent::RemoteLoadCacheHit: create_wasm_stats_->remote_load_cache_hits_.inc(); break; case WasmEvent::RemoteLoadCacheNegativeHit: create_wasm_stats_->remote_load_cache_negative_hits_.inc(); break; case WasmEvent::RemoteLoadCacheMiss: create_wasm_stats_->remote_load_cache_misses_.inc(); break; case WasmEvent::RemoteLoadCacheFetchSuccess: create_wasm_stats_->remote_load_fetch_successes_.inc(); break; case WasmEvent::RemoteLoadCacheFetchFailure: create_wasm_stats_->remote_load_fetch_failures_.inc(); break; default: break; } } void EnvoyWasm::onRemoteCacheEntriesChanged(int entries) { create_wasm_stats_->remote_load_cache_entries_.set(entries); } void EnvoyWasm::createStats(const Stats::ScopeSharedPtr& scope, const PluginSharedPtr&) { if (!create_wasm_stats_) { create_wasm_stats_.reset(new CreateWasmStats{CREATE_WASM_STATS( // NOLINT POOL_COUNTER_PREFIX(*scope, "wasm."), POOL_GAUGE_PREFIX(*scope, "wasm."))}); } } void EnvoyWasm::resetStats() { create_wasm_stats_.reset(); } WasmExtension* getWasmExtension() { static WasmExtension* extension = wasm_extension ? wasm_extension : new EnvoyWasm(); return extension; } } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_extension.h ================================================ #pragma once #include #include "envoy/server/lifecycle_notifier.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/stats/symbol_table_impl.h" #include "extensions/common/wasm/context.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { #define CREATE_WASM_STATS(COUNTER, GAUGE) \ COUNTER(remote_load_cache_hits) \ COUNTER(remote_load_cache_negative_hits) \ COUNTER(remote_load_cache_misses) \ COUNTER(remote_load_fetch_successes) \ COUNTER(remote_load_fetch_failures) \ GAUGE(remote_load_cache_entries, NeverImport) class WasmHandle; class EnvoyWasmVmIntegration; using WasmHandleSharedPtr = std::shared_ptr; using CreateContextFn = std::function& plugin)>; using WasmHandleExtensionFactory = std::function; using WasmHandleExtensionCloneFactory = std::function; using ScopeWeakPtr = std::weak_ptr; struct CreateWasmStats { CREATE_WASM_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; // Extension point for Wasm clients in embedded Envoy. class WasmExtension : Logger::Loggable { public: WasmExtension() = default; virtual ~WasmExtension() = default; virtual void initialize() = 0; virtual std::unique_ptr createEnvoyWasmVmIntegration(const Stats::ScopeSharedPtr& scope, absl::string_view runtime, absl::string_view short_runtime) = 0; virtual WasmHandleExtensionFactory wasmFactory() = 0; virtual WasmHandleExtensionCloneFactory wasmCloneFactory() = 0; enum class WasmEvent : int { Ok, RemoteLoadCacheHit, RemoteLoadCacheNegativeHit, RemoteLoadCacheMiss, RemoteLoadCacheFetchSuccess, RemoteLoadCacheFetchFailure, UnableToCreateVM, UnableToCloneVM, MissingFunction, UnableToInitializeCode, StartFailed, ConfigureFailed, RuntimeError, }; virtual void onEvent(WasmEvent event, const PluginSharedPtr& plugin) = 0; virtual void onRemoteCacheEntriesChanged(int remote_cache_entries) = 0; virtual void createStats(const Stats::ScopeSharedPtr& scope, const PluginSharedPtr& plugin) EXCLUSIVE_LOCKS_REQUIRED(mutex_) = 0; virtual void resetStats() EXCLUSIVE_LOCKS_REQUIRED(mutex_) = 0; // Delete stats pointers // NB: the Scope can become invalid if, for example, the owning FilterChain is deleted. When that // happens the stats must be recreated. This hook verifies the Scope of any existing stats and if // necessary recreates the stats with the newly provided scope. // This call takes out the mutex_ and calls createStats and possibly resetStats(). Stats::ScopeSharedPtr lockAndCreateStats(const Stats::ScopeSharedPtr& scope, const PluginSharedPtr& plugin); void resetStatsForTesting(); protected: absl::Mutex mutex_; ScopeWeakPtr scope_; }; // The default Envoy Wasm implementation. class EnvoyWasm : public WasmExtension { public: EnvoyWasm() = default; ~EnvoyWasm() override = default; void initialize() override {} std::unique_ptr createEnvoyWasmVmIntegration(const Stats::ScopeSharedPtr& scope, absl::string_view runtime, absl::string_view short_runtime) override; WasmHandleExtensionFactory wasmFactory() override; WasmHandleExtensionCloneFactory wasmCloneFactory() override; void onEvent(WasmEvent event, const PluginSharedPtr& plugin) override; void onRemoteCacheEntriesChanged(int remote_cache_entries) override; void createStats(const Stats::ScopeSharedPtr& scope, const PluginSharedPtr& plugin) override; void resetStats() override; private: std::unique_ptr create_wasm_stats_; }; // Register a Wasm extension. Note: only one extension may be registered. struct RegisterWasmExtension { RegisterWasmExtension(WasmExtension* extension); }; #define REGISTER_WASM_EXTENSION(_class) \ ::Envoy::Extensions::Common::Wasm::RegisterWasmExtension register_wasm_extension(new _class()); WasmExtension* getWasmExtension(); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_state.cc ================================================ #include "extensions/common/wasm/wasm_state.h" #include "flatbuffers/reflection.h" #include "tools/flatbuffers_backed_impl.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { using google::api::expr::runtime::CelValue; CelValue WasmState::exprValue(Protobuf::Arena* arena, bool last) const { if (initialized_) { switch (type_) { case WasmType::String: return CelValue::CreateString(&value_); case WasmType::Bytes: return CelValue::CreateBytes(&value_); case WasmType::Protobuf: { if (last) { return CelValue::CreateBytes(&value_); } // Note that this is very expensive since it incurs a de-serialization const auto any = serializeAsProto(); return CelValue::CreateMessage(any.get(), arena); } case WasmType::FlatBuffers: if (last) { return CelValue::CreateBytes(&value_); } return CelValue::CreateMap(google::api::expr::runtime::CreateFlatBuffersBackedObject( reinterpret_cast(value_.data()), *reflection::GetSchema(schema_.data()), arena)); } } return CelValue::CreateNull(); } ProtobufTypes::MessagePtr WasmState::serializeAsProto() const { auto any = std::make_unique(); if (type_ != WasmType::Protobuf) { ProtobufWkt::BytesValue value; value.set_value(value_); any->PackFrom(value); } else { // The Wasm extension serialized in its own type. any->set_type_url(std::string(schema_)); any->set_value(value_); } return any; } } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_state.h ================================================ /* * Wasm State Class available to Wasm/Non-Wasm modules. */ #pragma once #include #include "envoy/stream_info/filter_state.h" #include "common/protobuf/protobuf.h" #include "common/singleton/const_singleton.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "eval/public/cel_value.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { // FilterState prefix for WasmState values. const absl::string_view WasmStateKeyPrefix = "wasm."; // WasmState content declaration. enum class WasmType { Bytes, String, // Schema contains the reflection flatbuffer FlatBuffers, // Schema contains the type URL Protobuf, }; // WasmState type declaration. class WasmStatePrototype { public: WasmStatePrototype(bool readonly, WasmType type, absl::string_view schema, StreamInfo::FilterState::LifeSpan life_span) : readonly_(readonly), type_(type), schema_(schema), life_span_(life_span) {} WasmStatePrototype() = default; const bool readonly_{false}; const WasmType type_{WasmType::Bytes}; const std::string schema_{""}; const StreamInfo::FilterState::LifeSpan life_span_{ StreamInfo::FilterState::LifeSpan::FilterChain}; }; using DefaultWasmStatePrototype = ConstSingleton; // A simple wrapper around generic values class WasmState : public StreamInfo::FilterState::Object { public: explicit WasmState(const WasmStatePrototype& proto) : readonly_(proto.readonly_), type_(proto.type_), schema_(proto.schema_) {} const std::string& value() const { return value_; } // Create a value from the state, given an arena. Last argument indicates whether the value // is de-referenced. google::api::expr::runtime::CelValue exprValue(Protobuf::Arena* arena, bool last) const; bool setValue(absl::string_view value) { if (initialized_ && readonly_) { return false; } value_.assign(value.data(), value.size()); initialized_ = true; return true; } ProtobufTypes::MessagePtr serializeAsProto() const override; absl::optional serializeAsString() const override { return value_; } private: const bool readonly_; const WasmType type_; absl::string_view schema_; std::string value_{}; bool initialized_{false}; }; } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_vm.cc ================================================ #include "extensions/common/wasm/wasm_vm.h" #include #include #include "extensions/common/wasm/context.h" #include "extensions/common/wasm/ext/envoy_null_vm_wasm_api.h" #include "extensions/common/wasm/wasm_extension.h" #include "extensions/common/wasm/well_known_names.h" #include "include/proxy-wasm/null.h" #include "include/proxy-wasm/null_plugin.h" #if defined(ENVOY_WASM_V8) #include "include/proxy-wasm/v8.h" #endif #if defined(ENVOY_WASM_WAVM) #include "include/proxy-wasm/wavm.h" #endif using ContextBase = proxy_wasm::ContextBase; using Word = proxy_wasm::Word; namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { void EnvoyWasmVmIntegration::error(absl::string_view message) { ENVOY_LOG(trace, message); } bool EnvoyWasmVmIntegration::getNullVmFunction(absl::string_view function_name, bool returns_word, int number_of_arguments, proxy_wasm::NullPlugin* plugin, void* ptr_to_function_return) { if (function_name == "envoy_on_resolve_dns" && returns_word == false && number_of_arguments == 3) { *reinterpret_cast*>(ptr_to_function_return) = [plugin](ContextBase* context, Word context_id, Word token, Word result_size) { proxy_wasm::SaveRestoreContext saved_context(context); // Need to add a new API header available to both .wasm and null vm targets. auto context_base = plugin->getContextBase(context_id); if (auto root = context_base->asRoot()) { static_cast(root)->onResolveDns( token, result_size); } }; return true; } else if (function_name == "envoy_on_stats_update" && returns_word == false && number_of_arguments == 2) { *reinterpret_cast*>( ptr_to_function_return) = [plugin](ContextBase* context, Word context_id, Word result_size) { proxy_wasm::SaveRestoreContext saved_context(context); // Need to add a new API header available to both .wasm and null vm targets. auto context_base = plugin->getContextBase(context_id); if (auto root = context_base->asRoot()) { static_cast(root)->onStatsUpdate(result_size); } }; return true; } return false; } WasmVmPtr createWasmVm(absl::string_view runtime, const Stats::ScopeSharedPtr& scope) { if (runtime.empty()) { ENVOY_LOG_TO_LOGGER(Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), warn, "Failed to create Wasm VM with unspecified runtime"); return nullptr; } else if (runtime == WasmRuntimeNames::get().Null) { auto wasm = proxy_wasm::createNullVm(); wasm->integration() = getWasmExtension()->createEnvoyWasmVmIntegration(scope, runtime, "null"); return wasm; #if defined(ENVOY_WASM_V8) } else if (runtime == WasmRuntimeNames::get().V8) { auto wasm = proxy_wasm::createV8Vm(); wasm->integration() = getWasmExtension()->createEnvoyWasmVmIntegration(scope, runtime, "v8"); return wasm; #endif #if defined(ENVOY_WASM_WAVM) } else if (runtime == WasmRuntimeNames::get().Wavm) { auto wasm = proxy_wasm::createWavmVm(); wasm->integration() = getWasmExtension()->createEnvoyWasmVmIntegration(scope, runtime, "wavm"); return wasm; #endif } else { ENVOY_LOG_TO_LOGGER( Envoy::Logger::Registry::getLog(Envoy::Logger::Id::wasm), warn, "Failed to create Wasm VM using {} runtime. Envoy was compiled without support for it", runtime); return nullptr; } } } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_vm.h ================================================ #pragma once #include #include "envoy/common/exception.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "absl/strings/str_cat.h" #include "include/proxy-wasm/wasm_vm.h" #include "include/proxy-wasm/word.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { /** * Wasm host stats. */ #define ALL_VM_STATS(COUNTER, GAUGE) \ COUNTER(created) \ COUNTER(cloned) \ GAUGE(active, NeverImport) struct VmStats { ALL_VM_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; // Wasm VM data providing stats. class EnvoyWasmVmIntegration : public proxy_wasm::WasmVmIntegration, Logger::Loggable { public: EnvoyWasmVmIntegration(const Stats::ScopeSharedPtr& scope, absl::string_view runtime, absl::string_view short_runtime) : scope_(scope), runtime_(std::string(runtime)), short_runtime_(std::string(short_runtime)), runtime_prefix_(absl::StrCat("wasm_vm.", short_runtime, ".")), stats_(VmStats{ALL_VM_STATS(POOL_COUNTER_PREFIX(*scope_, runtime_prefix_), POOL_GAUGE_PREFIX(*scope_, runtime_prefix_))}) { stats_.created_.inc(); stats_.active_.inc(); ENVOY_LOG(debug, "WasmVm created {} now active", runtime_, stats_.active_.value()); } ~EnvoyWasmVmIntegration() override { stats_.active_.dec(); ENVOY_LOG(debug, "~WasmVm {} {} remaining active", runtime_, stats_.active_.value()); } // proxy_wasm::WasmVmIntegration proxy_wasm::WasmVmIntegration* clone() override { return new EnvoyWasmVmIntegration(scope_, runtime_, short_runtime_); } bool getNullVmFunction(absl::string_view function_name, bool returns_word, int number_of_arguments, proxy_wasm::NullPlugin* plugin, void* ptr_to_function_return) override; void error(absl::string_view message) override; const std::string& runtime() const { return runtime_; } protected: const Stats::ScopeSharedPtr scope_; const std::string runtime_; const std::string short_runtime_; const std::string runtime_prefix_; VmStats stats_; }; // namespace Wasm inline EnvoyWasmVmIntegration& getEnvoyWasmIntegration(proxy_wasm::WasmVm& wasm_vm) { return *static_cast(wasm_vm.integration().get()); } // Exceptions for issues with the WebAssembly code. class WasmException : public EnvoyException { public: using EnvoyException::EnvoyException; }; using WasmVmPtr = std::unique_ptr; // Create a new low-level Wasm VM using runtime of the given type (e.g. "envoy.wasm.runtime.wavm"). WasmVmPtr createWasmVm(absl::string_view runtime, const Stats::ScopeSharedPtr& scope); } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/wasm_vm_base.h ================================================ #pragma once #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "extensions/common/wasm/wasm_vm.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { /** * Wasm host stats. */ #define ALL_VM_STATS(COUNTER, GAUGE) \ COUNTER(created) \ COUNTER(cloned) \ GAUGE(active, NeverImport) struct VmStats { ALL_VM_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; // Wasm VM base instance. Provides common behavior (e.g. Stats). class WasmVmBase : public WasmVm { public: WasmVmBase(const Stats::ScopeSharedPtr& scope, absl::string_view runtime) : scope_(scope), runtime_prefix_(absl::StrCat("wasm_vm.", runtime, ".")), runtime_(std::string(runtime)), stats_(VmStats{ALL_VM_STATS(POOL_COUNTER_PREFIX(*scope_, runtime_prefix_), POOL_GAUGE_PREFIX(*scope_, runtime_prefix_))}) { stats_.created_.inc(); stats_.active_.inc(); ENVOY_LOG(debug, "WasmVm created {} now active", runtime_, stats_.active_.value()); } ~WasmVmBase() override { stats_.active_.dec(); ENVOY_LOG(debug, "~WasmVm {} {} remaining active", runtime_, stats_.active_.value()); } protected: const Stats::ScopeSharedPtr scope_; const std::string runtime_prefix_; const std::string runtime_; // The runtime e.g. "v8". VmStats stats_; }; } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/common/wasm/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { /** * Well-known wasm runtime names. * NOTE: New wasm runtimes should use the well known name: envoy.wasm.runtime.name. */ class WasmRuntimeValues { public: // WAVM (https://github.com/WAVM/WAVM) Wasm VM. const std::string Wavm = "envoy.wasm.runtime.wavm"; // Null sandbox: modules must be compiled into envoy and registered name is given in the // DataSource.inline_string. const std::string Null = "envoy.wasm.runtime.null"; // V8-based (https://v8.dev) WebAssembly runtime. const std::string V8 = "envoy.wasm.runtime.v8"; // Filter state name const std::string FilterState = "envoy.wasm"; }; using WasmRuntimeNames = ConstSingleton; } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/common/compressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "compressor_factory_base_lib", hdrs = ["factory_base.h"], deps = [ "//include/envoy/compression/compressor:compressor_config_interface", "//include/envoy/compression/compressor:compressor_factory_interface", "//include/envoy/server:filter_config_interface", ], ) ================================================ FILE: source/extensions/compression/common/compressor/factory_base.h ================================================ #pragma once #include "envoy/compression/compressor/config.h" #include "envoy/compression/compressor/factory.h" #include "envoy/server/filter_config.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Common { namespace Compressor { template class CompressorLibraryFactoryBase : public Envoy::Compression::Compressor::NamedCompressorLibraryConfigFactory { public: Envoy::Compression::Compressor::CompressorFactoryPtr createCompressorFactoryFromProto(const Protobuf::Message& proto_config, Server::Configuration::FactoryContext& context) override { return createCompressorFactoryFromProtoTyped( MessageUtil::downcastAndValidate(proto_config, context.messageValidationVisitor())); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: CompressorLibraryFactoryBase(const std::string& name) : name_(name) {} private: virtual Envoy::Compression::Compressor::CompressorFactoryPtr createCompressorFactoryFromProtoTyped(const ConfigProto&) PURE; const std::string name_; }; } // namespace Compressor } // namespace Common } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/common/decompressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "decompressor_factory_base_lib", hdrs = ["factory_base.h"], deps = [ "//include/envoy/compression/decompressor:decompressor_config_interface", ], ) ================================================ FILE: source/extensions/compression/common/decompressor/factory_base.h ================================================ #pragma once #include "envoy/compression/decompressor/config.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Common { namespace Decompressor { template class DecompressorLibraryFactoryBase : public Envoy::Compression::Decompressor::NamedDecompressorLibraryConfigFactory { public: Envoy::Compression::Decompressor::DecompressorFactoryPtr createDecompressorFactoryFromProto(const Protobuf::Message& proto_config, Server::Configuration::FactoryContext& context) override { return createDecompressorFactoryFromProtoTyped( MessageUtil::downcastAndValidate(proto_config, context.messageValidationVisitor()), context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: DecompressorLibraryFactoryBase(const std::string& name) : name_(name) {} private: virtual Envoy::Compression::Decompressor::DecompressorFactoryPtr createDecompressorFactoryFromProtoTyped(const ConfigProto& proto_config, Server::Configuration::FactoryContext& context) PURE; const std::string name_; }; } // namespace Decompressor } // namespace Common } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "zlib_base_lib", srcs = ["base.cc"], hdrs = ["base.h"], external_deps = ["zlib"], deps = [ "//source/common/buffer:buffer_lib", ], ) ================================================ FILE: source/extensions/compression/gzip/common/base.cc ================================================ #include "extensions/compression/gzip/common/base.h" namespace Envoy { namespace Zlib { Base::Base(uint64_t chunk_size, std::function zstream_deleter) : chunk_size_{chunk_size}, chunk_char_ptr_(new unsigned char[chunk_size]), zstream_ptr_(new z_stream(), zstream_deleter) {} uint64_t Base::checksum() { return zstream_ptr_->adler; } void Base::updateOutput(Buffer::Instance& output_buffer) { const uint64_t n_output = chunk_size_ - zstream_ptr_->avail_out; if (n_output == 0) { return; } output_buffer.add(static_cast(chunk_char_ptr_.get()), n_output); zstream_ptr_->avail_out = chunk_size_; zstream_ptr_->next_out = chunk_char_ptr_.get(); } } // namespace Zlib } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/common/base.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "zlib.h" namespace Envoy { namespace Zlib { /** * Shared code between the compressor and the decompressor. */ // TODO(junr03): move to extensions tree once the compressor side is moved to extensions. class Base { public: Base(uint64_t chunk_size, std::function zstream_deleter); /** * It returns the checksum of all output produced so far. Compressor's checksum at the end of * the stream has to match decompressor's checksum produced at the end of the decompression. * Likewise, the decompressor's checksum has to match the compressor's checksum at the end of * compression. * @return uint64_t CRC-32 if a gzip stream is being read or Adler-32 for other compression * types. */ uint64_t checksum(); protected: void updateOutput(Buffer::Instance& output_buffer); const uint64_t chunk_size_; bool initialized_{false}; const std::unique_ptr chunk_char_ptr_; const std::unique_ptr> zstream_ptr_; }; } // namespace Zlib } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/compressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "compressor_lib", srcs = ["zlib_compressor_impl.cc"], hdrs = ["zlib_compressor_impl.h"], external_deps = ["zlib"], deps = [ "//include/envoy/compression/compressor:compressor_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/extensions/compression/gzip/common:zlib_base_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":compressor_lib", "//source/common/http:headers_lib", "//source/extensions/compression/common/compressor:compressor_factory_base_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/compression/gzip/compressor/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/compression/gzip/compressor/config.cc ================================================ #include "extensions/compression/gzip/compressor/config.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Compressor { namespace { // Default zlib memory level. const uint64_t DefaultMemoryLevel = 5; // Default and maximum compression window size. const uint64_t DefaultWindowBits = 12; // When logical OR'ed to window bits, this sets a gzip header and trailer around the compressed // data. const uint64_t GzipHeaderValue = 16; // Default zlib chunk size. const uint32_t DefaultChunkSize = 4096; } // namespace GzipCompressorFactory::GzipCompressorFactory( const envoy::extensions::compression::gzip::compressor::v3::Gzip& gzip) : compression_level_(compressionLevelEnum(gzip.compression_level())), compression_strategy_(compressionStrategyEnum(gzip.compression_strategy())), memory_level_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, memory_level, DefaultMemoryLevel)), window_bits_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, window_bits, DefaultWindowBits) | GzipHeaderValue), chunk_size_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, chunk_size, DefaultChunkSize)) {} ZlibCompressorImpl::CompressionLevel GzipCompressorFactory::compressionLevelEnum( envoy::extensions::compression::gzip::compressor::v3::Gzip::CompressionLevel compression_level) { switch (compression_level) { case envoy::extensions::compression::gzip::compressor::v3::Gzip::BEST_SPEED: return ZlibCompressorImpl::CompressionLevel::Speed; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_2: return ZlibCompressorImpl::CompressionLevel::Level2; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_3: return ZlibCompressorImpl::CompressionLevel::Level3; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_4: return ZlibCompressorImpl::CompressionLevel::Level4; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_5: return ZlibCompressorImpl::CompressionLevel::Level5; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_6: return ZlibCompressorImpl::CompressionLevel::Level6; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_7: return ZlibCompressorImpl::CompressionLevel::Level7; case envoy::extensions::compression::gzip::compressor::v3::Gzip::COMPRESSION_LEVEL_8: return ZlibCompressorImpl::CompressionLevel::Level8; case envoy::extensions::compression::gzip::compressor::v3::Gzip::BEST_COMPRESSION: return ZlibCompressorImpl::CompressionLevel::Best; default: return ZlibCompressorImpl::CompressionLevel::Standard; } } ZlibCompressorImpl::CompressionStrategy GzipCompressorFactory::compressionStrategyEnum( envoy::extensions::compression::gzip::compressor::v3::Gzip::CompressionStrategy compression_strategy) { switch (compression_strategy) { case envoy::extensions::compression::gzip::compressor::v3::Gzip::FILTERED: return ZlibCompressorImpl::CompressionStrategy::Filtered; case envoy::extensions::compression::gzip::compressor::v3::Gzip::FIXED: return ZlibCompressorImpl::CompressionStrategy::Fixed; case envoy::extensions::compression::gzip::compressor::v3::Gzip::HUFFMAN_ONLY: return ZlibCompressorImpl::CompressionStrategy::Huffman; case envoy::extensions::compression::gzip::compressor::v3::Gzip::RLE: return ZlibCompressorImpl::CompressionStrategy::Rle; default: return ZlibCompressorImpl::CompressionStrategy::Standard; } } Envoy::Compression::Compressor::CompressorPtr GzipCompressorFactory::createCompressor() { auto compressor = std::make_unique(chunk_size_); compressor->init(compression_level_, compression_strategy_, window_bits_, memory_level_); return compressor; } Envoy::Compression::Compressor::CompressorFactoryPtr GzipCompressorLibraryFactory::createCompressorFactoryFromProtoTyped( const envoy::extensions::compression::gzip::compressor::v3::Gzip& proto_config) { return std::make_unique(proto_config); } /** * Static registration for the gzip compressor library. @see NamedCompressorLibraryConfigFactory. */ REGISTER_FACTORY(GzipCompressorLibraryFactory, Envoy::Compression::Compressor::NamedCompressorLibraryConfigFactory); } // namespace Compressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/compressor/config.h ================================================ #pragma once #include "envoy/compression/compressor/factory.h" #include "envoy/extensions/compression/gzip/compressor/v3/gzip.pb.h" #include "envoy/extensions/compression/gzip/compressor/v3/gzip.pb.validate.h" #include "common/http/headers.h" #include "extensions/compression/common/compressor/factory_base.h" #include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Compressor { namespace { const std::string& gzipStatsPrefix() { CONSTRUCT_ON_FIRST_USE(std::string, "gzip."); } const std::string& gzipExtensionName() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.compression.gzip.compressor"); } } // namespace class GzipCompressorFactory : public Envoy::Compression::Compressor::CompressorFactory { public: GzipCompressorFactory(const envoy::extensions::compression::gzip::compressor::v3::Gzip& gzip); // Envoy::Compression::Compressor::CompressorFactory Envoy::Compression::Compressor::CompressorPtr createCompressor() override; const std::string& statsPrefix() const override { return gzipStatsPrefix(); } const std::string& contentEncoding() const override { return Http::CustomHeaders::get().ContentEncodingValues.Gzip; } private: static ZlibCompressorImpl::CompressionLevel compressionLevelEnum(envoy::extensions::compression::gzip::compressor::v3::Gzip::CompressionLevel compression_level); static ZlibCompressorImpl::CompressionStrategy compressionStrategyEnum( envoy::extensions::compression::gzip::compressor::v3::Gzip::CompressionStrategy compression_strategy); ZlibCompressorImpl::CompressionLevel compression_level_; ZlibCompressorImpl::CompressionStrategy compression_strategy_; const int32_t memory_level_; const int32_t window_bits_; const uint32_t chunk_size_; }; class GzipCompressorLibraryFactory : public Compression::Common::Compressor::CompressorLibraryFactoryBase< envoy::extensions::compression::gzip::compressor::v3::Gzip> { public: GzipCompressorLibraryFactory() : CompressorLibraryFactoryBase(gzipExtensionName()) {} private: Envoy::Compression::Compressor::CompressorFactoryPtr createCompressorFactoryFromProtoTyped( const envoy::extensions::compression::gzip::compressor::v3::Gzip& config) override; }; DECLARE_FACTORY(GzipCompressorLibraryFactory); } // namespace Compressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/compressor/zlib_compressor_impl.cc ================================================ #include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Compressor { ZlibCompressorImpl::ZlibCompressorImpl() : ZlibCompressorImpl(4096) {} ZlibCompressorImpl::ZlibCompressorImpl(uint64_t chunk_size) : Zlib::Base(chunk_size, [](z_stream* z) { deflateEnd(z); delete z; }) { zstream_ptr_->zalloc = Z_NULL; zstream_ptr_->zfree = Z_NULL; zstream_ptr_->opaque = Z_NULL; zstream_ptr_->avail_out = chunk_size_; zstream_ptr_->next_out = chunk_char_ptr_.get(); } void ZlibCompressorImpl::init(CompressionLevel comp_level, CompressionStrategy comp_strategy, int64_t window_bits, uint64_t memory_level = 8) { ASSERT(initialized_ == false); const int result = deflateInit2(zstream_ptr_.get(), static_cast(comp_level), Z_DEFLATED, window_bits, memory_level, static_cast(comp_strategy)); RELEASE_ASSERT(result >= 0, ""); initialized_ = true; } void ZlibCompressorImpl::compress(Buffer::Instance& buffer, Envoy::Compression::Compressor::State state) { for (const Buffer::RawSlice& input_slice : buffer.getRawSlices()) { zstream_ptr_->avail_in = input_slice.len_; zstream_ptr_->next_in = static_cast(input_slice.mem_); // Z_NO_FLUSH tells the compressor to take the data in and compresses it as much as possible // without flushing it out. However, if the data output is greater or equal to the allocated // chunk size, process() outputs it to the end of the buffer. This is fine, since at the next // step, the buffer is drained from the beginning of the buffer by the size of input. process(buffer, Z_NO_FLUSH); buffer.drain(input_slice.len_); } process(buffer, state == Envoy::Compression::Compressor::State::Finish ? Z_FINISH : Z_SYNC_FLUSH); } bool ZlibCompressorImpl::deflateNext(int64_t flush_state) { const int result = deflate(zstream_ptr_.get(), flush_state); switch (flush_state) { case Z_FINISH: if (result != Z_OK && result != Z_BUF_ERROR) { RELEASE_ASSERT(result == Z_STREAM_END, ""); return false; } FALLTHRU; default: if (result == Z_BUF_ERROR && zstream_ptr_->avail_in == 0) { return false; // This means that zlib needs more input, so stop here. } RELEASE_ASSERT(result == Z_OK, ""); } return true; } void ZlibCompressorImpl::process(Buffer::Instance& output_buffer, int64_t flush_state) { while (deflateNext(flush_state)) { if (zstream_ptr_->avail_out == 0) { updateOutput(output_buffer); } } if (flush_state == Z_SYNC_FLUSH || flush_state == Z_FINISH) { updateOutput(output_buffer); } } } // namespace Compressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/compressor/zlib_compressor_impl.h ================================================ #pragma once #include "envoy/compression/compressor/compressor.h" #include "extensions/compression/gzip/common/base.h" #include "zlib.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Compressor { /** * Implementation of compressor's interface. */ class ZlibCompressorImpl : public Zlib::Base, public Envoy::Compression::Compressor::Compressor { public: ZlibCompressorImpl(); /** * Constructor that allows setting the size of compressor's output buffer. It * should be called whenever a buffer size different than the 4096 bytes, normally set by the * default constructor, is desired. If memory is available and it makes sense to output large * chunks of compressed data, zlib documentation suggests buffers sizes on the order of 128K or * 256K bytes. @see http://zlib.net/zlib_how.html * @param chunk_size amount of memory reserved for the compressor output. */ ZlibCompressorImpl(uint64_t chunk_size); /** * Enum values used to set compression level during initialization. * best: gives best compression. * speed: gives best performance. * levelX: allows to adjust trad-offs more precisely - from level1 (best speed, but very * low compression ratio) to level9 (best compression, but low speed). * standard: requests a default compromise between speed and compression. (default) @see zlib * manual. */ enum class CompressionLevel : int64_t { Best = Z_BEST_COMPRESSION, Level1 = 1, Level2 = 2, Level3 = 3, Level4 = 4, Level5 = 5, Level6 = 6, Level7 = 7, Level8 = 8, Level9 = 9, Speed = Z_BEST_SPEED, Standard = Z_DEFAULT_COMPRESSION, }; /** * Enum values are used for setting the compression algorithm strategy. * filtered: used for data produced by a filter. (or predictor) @see Z_FILTERED (zlib manual) * fixed: disable dynamic Huffman codes. @see Z_FIXED (zlib manual) * huffman: used to enforce Huffman encoding. @see RFC 1951 * rle: used to limit match distances to one. (Run-length encoding) * standard: used for normal data. (default) @see Z_DEFAULT_STRATEGY in zlib manual. */ enum class CompressionStrategy : uint64_t { Filtered = Z_FILTERED, Fixed = Z_FIXED, Huffman = Z_HUFFMAN_ONLY, Rle = Z_RLE, Standard = Z_DEFAULT_STRATEGY, }; /** * Init must be called in order to initialize the compressor. Once compressor is initialized, it * cannot be initialized again. Init should run before compressing any data. * @param level @see CompressionLevel enum * @param strategy @see CompressionStrategy enum * @param window_bits sets the size of the history buffer. Larger values result in better * compression, but will use more memory @see window_bits. (zlib manual) * @param memory_level sets how much memory should be allocated for the internal compression, min * 1 and max 9. @see memory_level (zlib manual) */ void init(CompressionLevel level, CompressionStrategy strategy, int64_t window_bits, uint64_t memory_level); // Compression::Compressor::Compressor void compress(Buffer::Instance& buffer, Envoy::Compression::Compressor::State state) override; private: bool deflateNext(int64_t flush_state); void process(Buffer::Instance& output_buffer, int64_t flush_state); }; } // namespace Compressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/decompressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "zlib_decompressor_impl_lib", srcs = ["zlib_decompressor_impl.cc"], hdrs = ["zlib_decompressor_impl.h"], external_deps = ["zlib"], deps = [ "//include/envoy/compression/decompressor:decompressor_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/compression/gzip/common:zlib_base_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":zlib_decompressor_impl_lib", "//source/common/http:headers_lib", "//source/extensions/compression/common/decompressor:decompressor_factory_base_lib", "@envoy_api//envoy/extensions/compression/gzip/decompressor/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/compression/gzip/decompressor/config.cc ================================================ #include "extensions/compression/gzip/decompressor/config.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Decompressor { namespace { const uint32_t DefaultWindowBits = 12; const uint32_t DefaultChunkSize = 4096; // When logical OR'ed to window bits, this tells zlib library to decompress gzip data per: // inflateInit2 in https://www.zlib.net/manual.html const uint32_t GzipHeaderValue = 16; } // namespace GzipDecompressorFactory::GzipDecompressorFactory( const envoy::extensions::compression::gzip::decompressor::v3::Gzip& gzip, Stats::Scope& scope) : scope_(scope), window_bits_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, window_bits, DefaultWindowBits) | GzipHeaderValue), chunk_size_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, chunk_size, DefaultChunkSize)) {} Envoy::Compression::Decompressor::DecompressorPtr GzipDecompressorFactory::createDecompressor(const std::string& stats_prefix) { auto decompressor = std::make_unique(scope_, stats_prefix, chunk_size_); decompressor->init(window_bits_); return decompressor; } Envoy::Compression::Decompressor::DecompressorFactoryPtr GzipDecompressorLibraryFactory::createDecompressorFactoryFromProtoTyped( const envoy::extensions::compression::gzip::decompressor::v3::Gzip& proto_config, Server::Configuration::FactoryContext& context) { return std::make_unique(proto_config, context.scope()); } /** * Static registration for the gzip decompressor. @see NamedDecompressorLibraryConfigFactory. */ REGISTER_FACTORY(GzipDecompressorLibraryFactory, Envoy::Compression::Decompressor::NamedDecompressorLibraryConfigFactory); } // namespace Decompressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/decompressor/config.h ================================================ #pragma once #include "envoy/compression/decompressor/config.h" #include "envoy/extensions/compression/gzip/decompressor/v3/gzip.pb.h" #include "envoy/extensions/compression/gzip/decompressor/v3/gzip.pb.validate.h" #include "common/http/headers.h" #include "extensions/compression/common/decompressor/factory_base.h" #include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Decompressor { namespace { const std::string& gzipStatsPrefix() { CONSTRUCT_ON_FIRST_USE(std::string, "gzip."); } const std::string& gzipExtensionName() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy.compression.gzip.decompressor"); } } // namespace class GzipDecompressorFactory : public Envoy::Compression::Decompressor::DecompressorFactory { public: GzipDecompressorFactory(const envoy::extensions::compression::gzip::decompressor::v3::Gzip& gzip, Stats::Scope& scope); // Envoy::Compression::Decompressor::DecompressorFactory Envoy::Compression::Decompressor::DecompressorPtr createDecompressor(const std::string& stats_prefix) override; const std::string& statsPrefix() const override { return gzipStatsPrefix(); } const std::string& contentEncoding() const override { return Http::CustomHeaders::get().ContentEncodingValues.Gzip; } private: Stats::Scope& scope_; const int32_t window_bits_; const uint32_t chunk_size_; }; class GzipDecompressorLibraryFactory : public Common::Decompressor::DecompressorLibraryFactoryBase< envoy::extensions::compression::gzip::decompressor::v3::Gzip> { public: GzipDecompressorLibraryFactory() : DecompressorLibraryFactoryBase(gzipExtensionName()) {} private: Envoy::Compression::Decompressor::DecompressorFactoryPtr createDecompressorFactoryFromProtoTyped( const envoy::extensions::compression::gzip::decompressor::v3::Gzip& proto_config, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(GzipDecompressorLibraryFactory); } // namespace Decompressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.cc ================================================ #include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" #include #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Decompressor { ZlibDecompressorImpl::ZlibDecompressorImpl(Stats::Scope& scope, const std::string& stats_prefix) : ZlibDecompressorImpl(scope, stats_prefix, 4096) {} ZlibDecompressorImpl::ZlibDecompressorImpl(Stats::Scope& scope, const std::string& stats_prefix, uint64_t chunk_size) : Zlib::Base(chunk_size, [](z_stream* z) { inflateEnd(z); delete z; }), stats_(generateStats(stats_prefix, scope)) { zstream_ptr_->zalloc = Z_NULL; zstream_ptr_->zfree = Z_NULL; zstream_ptr_->opaque = Z_NULL; zstream_ptr_->avail_out = chunk_size_; zstream_ptr_->next_out = chunk_char_ptr_.get(); } void ZlibDecompressorImpl::init(int64_t window_bits) { ASSERT(initialized_ == false); const int result = inflateInit2(zstream_ptr_.get(), window_bits); RELEASE_ASSERT(result >= 0, ""); initialized_ = true; } void ZlibDecompressorImpl::decompress(const Buffer::Instance& input_buffer, Buffer::Instance& output_buffer) { for (const Buffer::RawSlice& input_slice : input_buffer.getRawSlices()) { zstream_ptr_->avail_in = input_slice.len_; zstream_ptr_->next_in = static_cast(input_slice.mem_); while (inflateNext()) { if (zstream_ptr_->avail_out == 0) { updateOutput(output_buffer); } } } // Flush z_stream and reset its buffer. Otherwise the stale content of the buffer // will pollute output upon the next call to decompress(). updateOutput(output_buffer); } bool ZlibDecompressorImpl::inflateNext() { const int result = inflate(zstream_ptr_.get(), Z_NO_FLUSH); if (result == Z_STREAM_END) { // Z_FINISH informs inflate to not maintain a sliding window if the stream completes, which // reduces inflate's memory footprint. Ref: https://www.zlib.net/manual.html. inflate(zstream_ptr_.get(), Z_FINISH); return false; } if (result == Z_BUF_ERROR && zstream_ptr_->avail_in == 0) { return false; // This means that zlib needs more input, so stop here. } if (result < 0) { decompression_error_ = result; ENVOY_LOG(trace, "zlib decompression error: {}, msg: {}. Error codes are defined in " "https://www.zlib.net/manual.html", result, zstream_ptr_->msg); chargeErrorStats(result); return false; } return true; } void ZlibDecompressorImpl::chargeErrorStats(const int result) { switch (result) { case Z_ERRNO: stats_.zlib_errno_.inc(); break; case Z_STREAM_ERROR: stats_.zlib_stream_error_.inc(); break; case Z_DATA_ERROR: stats_.zlib_data_error_.inc(); break; case Z_MEM_ERROR: stats_.zlib_mem_error_.inc(); break; case Z_BUF_ERROR: stats_.zlib_buf_error_.inc(); break; case Z_VERSION_ERROR: stats_.zlib_version_error_.inc(); break; } } } // namespace Decompressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h ================================================ #pragma once #include "envoy/compression/decompressor/decompressor.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/compression/gzip/common/base.h" #include "zlib.h" namespace Envoy { namespace Extensions { namespace Compression { namespace Gzip { namespace Decompressor { /** * All zlib decompressor stats. @see stats_macros.h */ #define ALL_ZLIB_DECOMPRESSOR_STATS(COUNTER) \ COUNTER(zlib_errno) \ COUNTER(zlib_stream_error) \ COUNTER(zlib_data_error) \ COUNTER(zlib_mem_error) \ COUNTER(zlib_buf_error) \ COUNTER(zlib_version_error) /** * Struct definition for zlib decompressor stats. @see stats_macros.h */ struct ZlibDecompressorStats { ALL_ZLIB_DECOMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) }; /** * Implementation of decompressor's interface. */ class ZlibDecompressorImpl : public Zlib::Base, public Envoy::Compression::Decompressor::Decompressor, public Logger::Loggable { public: ZlibDecompressorImpl(Stats::Scope& scope, const std::string& stats_prefix); /** * Constructor that allows setting the size of decompressor's output buffer. It * should be called whenever a buffer size different than the 4096 bytes, normally set by the * default constructor, is desired. If memory is available and it makes sense to output large * chunks of compressed data, zlib documentation suggests buffers sizes on the order of 128K or * 256K bytes. @see http://zlib.net/zlib_how.html * @param chunk_size amount of memory reserved for the decompressor output. */ ZlibDecompressorImpl(Stats::Scope& scope, const std::string& stats_prefix, uint64_t chunk_size); /** * Init must be called in order to initialize the decompressor. Once decompressor is initialized, * it cannot be initialized again. Init should run before decompressing any data. * @param window_bits sets the size of the history buffer. It must be greater than or equal to * the window_bits value provided when data was compressed (zlib manual). */ void init(int64_t window_bits); // Compression::Decompressor::Decompressor void decompress(const Buffer::Instance& input_buffer, Buffer::Instance& output_buffer) override; // Flag to track whether error occurred during decompression. // When an error occurs, the error code (a negative int) will be stored in this variable. int decompression_error_{0}; private: // TODO: clean up friend class. This is here to allow coverage of chargeErrorStats as it isn't // completely straightforward // to cause zlib's inflate function to return all the error codes necessary to hit all the cases // in the switch statement. friend class ZlibDecompressorStatsTest; static ZlibDecompressorStats generateStats(const std::string& prefix, Stats::Scope& scope) { return ZlibDecompressorStats{ALL_ZLIB_DECOMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } bool inflateNext(); void chargeErrorStats(const int result); const ZlibDecompressorStats stats_; }; } // namespace Decompressor } // namespace Gzip } // namespace Compression } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/extensions_build_config.bzl ================================================ # See bazel/README.md for details on how this system works. EXTENSIONS = { # # Access loggers # "envoy.access_loggers.file": "//source/extensions/access_loggers/file:config", "envoy.access_loggers.http_grpc": "//source/extensions/access_loggers/grpc:http_config", "envoy.access_loggers.tcp_grpc": "//source/extensions/access_loggers/grpc:tcp_config", "envoy.access_loggers.wasm": "//source/extensions/access_loggers/wasm:config", # # Clusters # "envoy.clusters.aggregate": "//source/extensions/clusters/aggregate:cluster", "envoy.clusters.dynamic_forward_proxy": "//source/extensions/clusters/dynamic_forward_proxy:cluster", "envoy.clusters.redis": "//source/extensions/clusters/redis:redis_cluster", # # Compression # "envoy.compression.gzip.compressor": "//source/extensions/compression/gzip/compressor:config", "envoy.compression.gzip.decompressor": "//source/extensions/compression/gzip/decompressor:config", # # gRPC Credentials Plugins # "envoy.grpc_credentials.file_based_metadata": "//source/extensions/grpc_credentials/file_based_metadata:config", "envoy.grpc_credentials.aws_iam": "//source/extensions/grpc_credentials/aws_iam:config", # # WASM # "envoy.bootstrap.wasm": "//source/extensions/bootstrap/wasm:config", # # Health checkers # "envoy.health_checkers.redis": "//source/extensions/health_checkers/redis:config", # # HTTP filters # "envoy.filters.http.adaptive_concurrency": "//source/extensions/filters/http/adaptive_concurrency:config", "envoy.filters.http.admission_control": "//source/extensions/filters/http/admission_control:config", "envoy.filters.http.aws_lambda": "//source/extensions/filters/http/aws_lambda:config", "envoy.filters.http.aws_request_signing": "//source/extensions/filters/http/aws_request_signing:config", "envoy.filters.http.buffer": "//source/extensions/filters/http/buffer:config", "envoy.filters.http.cache": "//source/extensions/filters/http/cache:config", "envoy.filters.http.cdn_loop": "//source/extensions/filters/http/cdn_loop:config", "envoy.filters.http.compressor": "//source/extensions/filters/http/compressor:config", "envoy.filters.http.cors": "//source/extensions/filters/http/cors:config", "envoy.filters.http.csrf": "//source/extensions/filters/http/csrf:config", "envoy.filters.http.decompressor": "//source/extensions/filters/http/decompressor:config", "envoy.filters.http.dynamic_forward_proxy": "//source/extensions/filters/http/dynamic_forward_proxy:config", "envoy.filters.http.dynamo": "//source/extensions/filters/http/dynamo:config", "envoy.filters.http.ext_authz": "//source/extensions/filters/http/ext_authz:config", "envoy.filters.http.fault": "//source/extensions/filters/http/fault:config", "envoy.filters.http.grpc_http1_bridge": "//source/extensions/filters/http/grpc_http1_bridge:config", "envoy.filters.http.grpc_http1_reverse_bridge": "//source/extensions/filters/http/grpc_http1_reverse_bridge:config", "envoy.filters.http.grpc_json_transcoder": "//source/extensions/filters/http/grpc_json_transcoder:config", "envoy.filters.http.grpc_stats": "//source/extensions/filters/http/grpc_stats:config", "envoy.filters.http.grpc_web": "//source/extensions/filters/http/grpc_web:config", "envoy.filters.http.gzip": "//source/extensions/filters/http/gzip:config", "envoy.filters.http.header_to_metadata": "//source/extensions/filters/http/header_to_metadata:config", "envoy.filters.http.health_check": "//source/extensions/filters/http/health_check:config", "envoy.filters.http.ip_tagging": "//source/extensions/filters/http/ip_tagging:config", "envoy.filters.http.jwt_authn": "//source/extensions/filters/http/jwt_authn:config", "envoy.filters.http.local_ratelimit": "//source/extensions/filters/http/local_ratelimit:config", "envoy.filters.http.lua": "//source/extensions/filters/http/lua:config", "envoy.filters.http.oauth2": "//source/extensions/filters/http/oauth2:config", "envoy.filters.http.on_demand": "//source/extensions/filters/http/on_demand:config", "envoy.filters.http.original_src": "//source/extensions/filters/http/original_src:config", "envoy.filters.http.ratelimit": "//source/extensions/filters/http/ratelimit:config", "envoy.filters.http.rbac": "//source/extensions/filters/http/rbac:config", "envoy.filters.http.router": "//source/extensions/filters/http/router:config", "envoy.filters.http.squash": "//source/extensions/filters/http/squash:config", "envoy.filters.http.tap": "//source/extensions/filters/http/tap:config", "envoy.filters.http.wasm": "//source/extensions/filters/http/wasm:config", # # Listener filters # "envoy.filters.listener.http_inspector": "//source/extensions/filters/listener/http_inspector:config", # NOTE: The original_dst filter is implicitly loaded if original_dst functionality is # configured on the listener. Do not remove it in that case or configs will fail to load. "envoy.filters.listener.original_dst": "//source/extensions/filters/listener/original_dst:config", "envoy.filters.listener.original_src": "//source/extensions/filters/listener/original_src:config", # NOTE: The proxy_protocol filter is implicitly loaded if proxy_protocol functionality is # configured on the listener. Do not remove it in that case or configs will fail to load. "envoy.filters.listener.proxy_protocol": "//source/extensions/filters/listener/proxy_protocol:config", "envoy.filters.listener.tls_inspector": "//source/extensions/filters/listener/tls_inspector:config", # # Network filters # "envoy.filters.network.client_ssl_auth": "//source/extensions/filters/network/client_ssl_auth:config", "envoy.filters.network.direct_response": "//source/extensions/filters/network/direct_response:config", "envoy.filters.network.dubbo_proxy": "//source/extensions/filters/network/dubbo_proxy:config", "envoy.filters.network.echo": "//source/extensions/filters/network/echo:config", "envoy.filters.network.ext_authz": "//source/extensions/filters/network/ext_authz:config", "envoy.filters.network.http_connection_manager": "//source/extensions/filters/network/http_connection_manager:config", # WiP "envoy.filters.network.kafka_broker": "//source/extensions/filters/network/kafka:kafka_broker_config_lib", "envoy.filters.network.local_ratelimit": "//source/extensions/filters/network/local_ratelimit:config", "envoy.filters.network.mongo_proxy": "//source/extensions/filters/network/mongo_proxy:config", "envoy.filters.network.mysql_proxy": "//source/extensions/filters/network/mysql_proxy:config", "envoy.filters.network.postgres_proxy": "//source/extensions/filters/network/postgres_proxy:config", "envoy.filters.network.ratelimit": "//source/extensions/filters/network/ratelimit:config", "envoy.filters.network.rbac": "//source/extensions/filters/network/rbac:config", "envoy.filters.network.redis_proxy": "//source/extensions/filters/network/redis_proxy:config", "envoy.filters.network.rocketmq_proxy": "//source/extensions/filters/network/rocketmq_proxy:config", "envoy.filters.network.tcp_proxy": "//source/extensions/filters/network/tcp_proxy:config", "envoy.filters.network.thrift_proxy": "//source/extensions/filters/network/thrift_proxy:config", "envoy.filters.network.sni_cluster": "//source/extensions/filters/network/sni_cluster:config", "envoy.filters.network.sni_dynamic_forward_proxy": "//source/extensions/filters/network/sni_dynamic_forward_proxy:config", "envoy.filters.network.wasm": "//source/extensions/filters/network/wasm:config", "envoy.filters.network.zookeeper_proxy": "//source/extensions/filters/network/zookeeper_proxy:config", # # UDP filters # "envoy.filters.udp_listener.dns_filter": "//source/extensions/filters/udp/dns_filter:config", "envoy.filters.udp_listener.udp_proxy": "//source/extensions/filters/udp/udp_proxy:config", # # Resource monitors # "envoy.resource_monitors.fixed_heap": "//source/extensions/resource_monitors/fixed_heap:config", "envoy.resource_monitors.injected_resource": "//source/extensions/resource_monitors/injected_resource:config", # # Stat sinks # "envoy.stat_sinks.dog_statsd": "//source/extensions/stat_sinks/dog_statsd:config", "envoy.stat_sinks.hystrix": "//source/extensions/stat_sinks/hystrix:config", "envoy.stat_sinks.metrics_service": "//source/extensions/stat_sinks/metrics_service:config", "envoy.stat_sinks.statsd": "//source/extensions/stat_sinks/statsd:config", "envoy.stat_sinks.wasm": "//source/extensions/stat_sinks/wasm:config", # # Thrift filters # "envoy.filters.thrift.router": "//source/extensions/filters/network/thrift_proxy/router:config", "envoy.filters.thrift.ratelimit": "//source/extensions/filters/network/thrift_proxy/filters/ratelimit:config", # # Tracers # "envoy.tracers.dynamic_ot": "//source/extensions/tracers/dynamic_ot:config", "envoy.tracers.lightstep": "//source/extensions/tracers/lightstep:config", "envoy.tracers.datadog": "//source/extensions/tracers/datadog:config", "envoy.tracers.zipkin": "//source/extensions/tracers/zipkin:config", "envoy.tracers.opencensus": "//source/extensions/tracers/opencensus:config", # WiP "envoy.tracers.xray": "//source/extensions/tracers/xray:config", # # Transport sockets # "envoy.transport_sockets.alts": "//source/extensions/transport_sockets/alts:config", "envoy.transport_sockets.upstream_proxy_protocol": "//source/extensions/transport_sockets/proxy_protocol:upstream_config", "envoy.transport_sockets.raw_buffer": "//source/extensions/transport_sockets/raw_buffer:config", "envoy.transport_sockets.tap": "//source/extensions/transport_sockets/tap:config", "envoy.transport_sockets.quic": "//source/extensions/quic_listeners/quiche:quic_factory_lib", # # Retry host predicates # "envoy.retry_host_predicates.previous_hosts": "//source/extensions/retry/host/previous_hosts:config", "envoy.retry_host_predicates.omit_canary_hosts": "//source/extensions/retry/host/omit_canary_hosts:config", "envoy.retry_host_predicates.omit_host_metadata": "//source/extensions/retry/host/omit_host_metadata:config", # # Retry priorities # "envoy.retry_priorities.previous_priorities": "//source/extensions/retry/priority/previous_priorities:config", # # CacheFilter plugins # "envoy.filters.http.cache.simple_http_cache": "//source/extensions/filters/http/cache/simple_http_cache:simple_http_cache_lib", # # Internal redirect predicates # "envoy.internal_redirect_predicates.allow_listed_routes": "//source/extensions/internal_redirect/allow_listed_routes:config", "envoy.internal_redirect_predicates.previous_routes": "//source/extensions/internal_redirect/previous_routes:config", "envoy.internal_redirect_predicates.safe_cross_scheme": "//source/extensions/internal_redirect/safe_cross_scheme:config", # # Http Upstreams (excepting envoy.upstreams.http.generic which is hard-coded into the build so not registered here) # "envoy.upstreams.http.http": "//source/extensions/upstreams/http/http:config", "envoy.upstreams.http.tcp": "//source/extensions/upstreams/http/tcp:config", # # Watchdog actions # "envoy.watchdog.profile_action": "//source/extensions/watchdog/profile_action:config", "envoy.watchdog.abort_action": "//source/extensions/watchdog/abort_action:config", } # These can be changed to ["//visibility:public"], for downstream builds which # need to directly reference Envoy extensions. EXTENSION_CONFIG_VISIBILITY = ["//:extension_config"] EXTENSION_PACKAGE_VISIBILITY = ["//:extension_library"] ================================================ FILE: source/extensions/filters/common/expr/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "evaluator_lib", srcs = ["evaluator.cc"], hdrs = ["evaluator.h"], deps = [ ":context_lib", "//source/common/http:utility_lib", "//source/common/protobuf", "@com_google_cel_cpp//eval/public:builtin_func_registrar", "@com_google_cel_cpp//eval/public:cel_expr_builder_factory", "@com_google_cel_cpp//eval/public:cel_expression", "@com_google_cel_cpp//eval/public:cel_value", ], ) envoy_cc_library( name = "context_lib", srcs = ["context.cc"], hdrs = ["context.h"], deps = [ "//source/common/grpc:common_lib", "//source/common/http:header_map_lib", "//source/common/http:utility_lib", "//source/common/stream_info:utility_lib", "@com_google_cel_cpp//eval/public:cel_value", "@com_google_cel_cpp//eval/public:cel_value_producer", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/common/expr/context.cc ================================================ #include "extensions/filters/common/expr/context.h" #include "common/grpc/common.h" #include "common/http/header_map_impl.h" #include "common/http/utility.h" #include "absl/strings/numbers.h" #include "absl/time/time.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Expr { Http::RegisterCustomInlineHeader referer_handle(Http::CustomHeaders::get().Referer); absl::optional convertHeaderEntry(const Http::HeaderEntry* header) { if (header == nullptr) { return {}; } return CelValue::CreateStringView(header->value().getStringView()); } absl::optional convertHeaderEntry(Protobuf::Arena& arena, Http::HeaderUtility::GetAllOfHeaderAsStringResult&& result) { if (!result.result().has_value()) { return {}; } else if (!result.backingString().empty()) { return CelValue::CreateString( Protobuf::Arena::Create(&arena, result.backingString())); } else { return CelValue::CreateStringView(result.result().value()); } } namespace { absl::optional extractSslInfo(const Ssl::ConnectionInfo& ssl_info, absl::string_view value) { if (value == TLSVersion) { return CelValue::CreateString(&ssl_info.tlsVersion()); } else if (value == SubjectLocalCertificate) { return CelValue::CreateString(&ssl_info.subjectLocalCertificate()); } else if (value == SubjectPeerCertificate) { return CelValue::CreateString(&ssl_info.subjectPeerCertificate()); } else if (value == URISanLocalCertificate) { if (!ssl_info.uriSanLocalCertificate().empty()) { return CelValue::CreateString(&ssl_info.uriSanLocalCertificate()[0]); } } else if (value == URISanPeerCertificate) { if (!ssl_info.uriSanPeerCertificate().empty()) { return CelValue::CreateString(&ssl_info.uriSanPeerCertificate()[0]); } } else if (value == DNSSanLocalCertificate) { if (!ssl_info.dnsSansLocalCertificate().empty()) { return CelValue::CreateString(&ssl_info.dnsSansLocalCertificate()[0]); } } else if (value == DNSSanPeerCertificate) { if (!ssl_info.dnsSansPeerCertificate().empty()) { return CelValue::CreateString(&ssl_info.dnsSansPeerCertificate()[0]); } } return {}; } } // namespace absl::optional RequestWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (value == Headers) { return CelValue::CreateMap(&headers_); } else if (value == Time) { return CelValue::CreateTimestamp(absl::FromChrono(info_.startTime())); } else if (value == Size) { // it is important to make a choice whether to rely on content-length vs stream info // (which is not available at the time of the request headers) if (headers_.value_ != nullptr && headers_.value_->ContentLength() != nullptr) { int64_t length; if (absl::SimpleAtoi(headers_.value_->getContentLengthValue(), &length)) { return CelValue::CreateInt64(length); } } else { return CelValue::CreateInt64(info_.bytesReceived()); } } else if (value == TotalSize) { return CelValue::CreateInt64(info_.bytesReceived() + (headers_.value_ ? headers_.value_->byteSize() : 0)); } else if (value == Duration) { auto duration = info_.requestComplete(); if (duration.has_value()) { return CelValue::CreateDuration(absl::FromChrono(duration.value())); } } else if (value == Protocol) { if (info_.protocol().has_value()) { return CelValue::CreateString(&Http::Utility::getProtocolString(info_.protocol().value())); } else { return {}; } } if (headers_.value_ != nullptr) { if (value == Path) { return convertHeaderEntry(headers_.value_->Path()); } else if (value == UrlPath) { absl::string_view path = headers_.value_->getPathValue(); size_t query_offset = path.find('?'); if (query_offset == absl::string_view::npos) { return CelValue::CreateStringView(path); } return CelValue::CreateStringView(path.substr(0, query_offset)); } else if (value == Host) { return convertHeaderEntry(headers_.value_->Host()); } else if (value == Scheme) { return convertHeaderEntry(headers_.value_->Scheme()); } else if (value == Method) { return convertHeaderEntry(headers_.value_->Method()); } else if (value == Referer) { return convertHeaderEntry(headers_.value_->getInline(referer_handle.handle())); } else if (value == ID) { return convertHeaderEntry(headers_.value_->RequestId()); } else if (value == UserAgent) { return convertHeaderEntry(headers_.value_->UserAgent()); } } return {}; } absl::optional ResponseWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (value == Code) { auto code = info_.responseCode(); if (code.has_value()) { return CelValue::CreateInt64(code.value()); } return {}; } else if (value == Size) { return CelValue::CreateInt64(info_.bytesSent()); } else if (value == Headers) { return CelValue::CreateMap(&headers_); } else if (value == Trailers) { return CelValue::CreateMap(&trailers_); } else if (value == Flags) { return CelValue::CreateInt64(info_.responseFlags()); } else if (value == GrpcStatus) { auto const& optional_status = Grpc::Common::getGrpcStatus( trailers_.value_ ? *trailers_.value_ : *Http::StaticEmptyHeaders::get().response_trailers, headers_.value_ ? *headers_.value_ : *Http::StaticEmptyHeaders::get().response_headers, info_); if (optional_status.has_value()) { return CelValue::CreateInt64(optional_status.value()); } return {}; } else if (value == TotalSize) { return CelValue::CreateInt64(info_.bytesSent() + (headers_.value_ ? headers_.value_->byteSize() : 0) + (trailers_.value_ ? trailers_.value_->byteSize() : 0)); } else if (value == CodeDetails) { const absl::optional& details = info_.responseCodeDetails(); if (details.has_value()) { return CelValue::CreateString(&details.value()); } return {}; } return {}; } absl::optional ConnectionWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (value == MTLS) { return CelValue::CreateBool(info_.downstreamSslConnection() != nullptr && info_.downstreamSslConnection()->peerCertificatePresented()); } else if (value == RequestedServerName) { return CelValue::CreateString(&info_.requestedServerName()); } else if (value == ID) { auto id = info_.connectionID(); if (id.has_value()) { return CelValue::CreateUint64(id.value()); } return {}; } auto ssl_info = info_.downstreamSslConnection(); if (ssl_info != nullptr) { return extractSslInfo(*ssl_info, value); } return {}; } absl::optional UpstreamWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (value == Address) { auto upstream_host = info_.upstreamHost(); if (upstream_host != nullptr && upstream_host->address() != nullptr) { return CelValue::CreateStringView(upstream_host->address()->asStringView()); } } else if (value == Port) { auto upstream_host = info_.upstreamHost(); if (upstream_host != nullptr && upstream_host->address() != nullptr && upstream_host->address()->ip() != nullptr) { return CelValue::CreateInt64(upstream_host->address()->ip()->port()); } } else if (value == UpstreamLocalAddress) { auto upstream_local_address = info_.upstreamLocalAddress(); if (upstream_local_address != nullptr) { return CelValue::CreateStringView(upstream_local_address->asStringView()); } } else if (value == UpstreamTransportFailureReason) { return CelValue::CreateStringView(info_.upstreamTransportFailureReason()); } auto ssl_info = info_.upstreamSslConnection(); if (ssl_info != nullptr) { return extractSslInfo(*ssl_info, value); } return {}; } absl::optional PeerWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (value == Address) { if (local_) { return CelValue::CreateStringView(info_.downstreamLocalAddress()->asStringView()); } else { return CelValue::CreateStringView(info_.downstreamRemoteAddress()->asStringView()); } } else if (value == Port) { if (local_) { if (info_.downstreamLocalAddress()->ip() != nullptr) { return CelValue::CreateInt64(info_.downstreamLocalAddress()->ip()->port()); } } else { if (info_.downstreamRemoteAddress()->ip() != nullptr) { return CelValue::CreateInt64(info_.downstreamRemoteAddress()->ip()->port()); } } } return {}; } absl::optional FilterStateWrapper::operator[](CelValue key) const { if (!key.IsString()) { return {}; } auto value = key.StringOrDie().value(); if (filter_state_.hasDataWithName(value)) { const StreamInfo::FilterState::Object* object = filter_state_.getDataReadOnlyGeneric(value); absl::optional serialized = object->serializeAsString(); if (serialized.has_value()) { std::string* out = ProtobufWkt::Arena::Create(arena_, serialized.value()); return CelValue::CreateBytes(out); } } return {}; } } // namespace Expr } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/expr/context.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "envoy/stream_info/stream_info.h" #include "common/grpc/status.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "eval/public/cel_value.h" #include "eval/public/cel_value_producer.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Expr { using CelValue = google::api::expr::runtime::CelValue; // Symbols for traversing the request properties constexpr absl::string_view Request = "request"; constexpr absl::string_view Path = "path"; constexpr absl::string_view UrlPath = "url_path"; constexpr absl::string_view Host = "host"; constexpr absl::string_view Scheme = "scheme"; constexpr absl::string_view Method = "method"; constexpr absl::string_view Referer = "referer"; constexpr absl::string_view Headers = "headers"; constexpr absl::string_view Time = "time"; constexpr absl::string_view ID = "id"; constexpr absl::string_view UserAgent = "useragent"; constexpr absl::string_view Size = "size"; constexpr absl::string_view TotalSize = "total_size"; constexpr absl::string_view Duration = "duration"; constexpr absl::string_view Protocol = "protocol"; // Symbols for traversing the response properties constexpr absl::string_view Response = "response"; constexpr absl::string_view Code = "code"; constexpr absl::string_view CodeDetails = "code_details"; constexpr absl::string_view Trailers = "trailers"; constexpr absl::string_view Flags = "flags"; constexpr absl::string_view GrpcStatus = "grpc_status"; // Per-request or per-connection metadata constexpr absl::string_view Metadata = "metadata"; // Per-request or per-connection filter state constexpr absl::string_view FilterState = "filter_state"; // Connection properties constexpr absl::string_view Connection = "connection"; constexpr absl::string_view MTLS = "mtls"; constexpr absl::string_view RequestedServerName = "requested_server_name"; constexpr absl::string_view TLSVersion = "tls_version"; constexpr absl::string_view SubjectLocalCertificate = "subject_local_certificate"; constexpr absl::string_view SubjectPeerCertificate = "subject_peer_certificate"; constexpr absl::string_view URISanLocalCertificate = "uri_san_local_certificate"; constexpr absl::string_view URISanPeerCertificate = "uri_san_peer_certificate"; constexpr absl::string_view DNSSanLocalCertificate = "dns_san_local_certificate"; constexpr absl::string_view DNSSanPeerCertificate = "dns_san_peer_certificate"; // Source properties constexpr absl::string_view Source = "source"; constexpr absl::string_view Address = "address"; constexpr absl::string_view Port = "port"; // Destination properties constexpr absl::string_view Destination = "destination"; // Upstream properties constexpr absl::string_view Upstream = "upstream"; constexpr absl::string_view UpstreamLocalAddress = "local_address"; constexpr absl::string_view UpstreamTransportFailureReason = "transport_failure_reason"; class RequestWrapper; absl::optional convertHeaderEntry(const Http::HeaderEntry* header); absl::optional convertHeaderEntry(Protobuf::Arena& arena, Http::HeaderUtility::GetAllOfHeaderAsStringResult&& result); template class HeadersWrapper : public google::api::expr::runtime::CelMap { public: HeadersWrapper(Protobuf::Arena& arena, const T* value) : arena_(arena), value_(value) {} absl::optional operator[](CelValue key) const override { if (value_ == nullptr || !key.IsString()) { return {}; } auto str = std::string(key.StringOrDie().value()); if (!Http::validHeaderString(str)) { // Reject key if it is an invalid header string return {}; } return convertHeaderEntry( arena_, Http::HeaderUtility::getAllOfHeaderAsString(*value_, Http::LowerCaseString(str))); } int size() const override { return value_ == nullptr ? 0 : value_->size(); } bool empty() const override { return value_ == nullptr ? true : value_->empty(); } const google::api::expr::runtime::CelList* ListKeys() const override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } private: friend class RequestWrapper; friend class ResponseWrapper; Protobuf::Arena& arena_; const T* value_; }; // Wrapper for accessing properties from internal data structures. // Note that CEL assumes no ownership of the underlying data, so temporary // data must be arena-allocated. class BaseWrapper : public google::api::expr::runtime::CelMap, public google::api::expr::runtime::CelValueProducer { public: int size() const override { return 0; } bool empty() const override { return false; } const google::api::expr::runtime::CelList* ListKeys() const override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } CelValue Produce(ProtobufWkt::Arena* arena) override { // Producer is unique per evaluation arena since activation is re-created. arena_ = arena; return CelValue::CreateMap(this); } protected: ProtobufWkt::Arena* arena_; }; class RequestWrapper : public BaseWrapper { public: RequestWrapper(Protobuf::Arena& arena, const Http::RequestHeaderMap* headers, const StreamInfo::StreamInfo& info) : headers_(arena, headers), info_(info) {} absl::optional operator[](CelValue key) const override; private: const HeadersWrapper headers_; const StreamInfo::StreamInfo& info_; }; class ResponseWrapper : public BaseWrapper { public: ResponseWrapper(Protobuf::Arena& arena, const Http::ResponseHeaderMap* headers, const Http::ResponseTrailerMap* trailers, const StreamInfo::StreamInfo& info) : headers_(arena, headers), trailers_(arena, trailers), info_(info) {} absl::optional operator[](CelValue key) const override; private: const HeadersWrapper headers_; const HeadersWrapper trailers_; const StreamInfo::StreamInfo& info_; }; class ConnectionWrapper : public BaseWrapper { public: ConnectionWrapper(const StreamInfo::StreamInfo& info) : info_(info) {} absl::optional operator[](CelValue key) const override; private: const StreamInfo::StreamInfo& info_; }; class UpstreamWrapper : public BaseWrapper { public: UpstreamWrapper(const StreamInfo::StreamInfo& info) : info_(info) {} absl::optional operator[](CelValue key) const override; private: const StreamInfo::StreamInfo& info_; }; class PeerWrapper : public BaseWrapper { public: PeerWrapper(const StreamInfo::StreamInfo& info, bool local) : info_(info), local_(local) {} absl::optional operator[](CelValue key) const override; private: const StreamInfo::StreamInfo& info_; const bool local_; }; class MetadataProducer : public google::api::expr::runtime::CelValueProducer { public: MetadataProducer(const envoy::config::core::v3::Metadata& metadata) : metadata_(metadata) {} CelValue Produce(ProtobufWkt::Arena* arena) override { return CelValue::CreateMessage(&metadata_, arena); } private: const envoy::config::core::v3::Metadata& metadata_; }; class FilterStateWrapper : public BaseWrapper { public: FilterStateWrapper(const StreamInfo::FilterState& filter_state) : filter_state_(filter_state) {} absl::optional operator[](CelValue key) const override; private: const StreamInfo::FilterState& filter_state_; }; } // namespace Expr } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/expr/evaluator.cc ================================================ #include "extensions/filters/common/expr/evaluator.h" #include "envoy/common/exception.h" #include "eval/public/builtin_func_registrar.h" #include "eval/public/cel_expr_builder_factory.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Expr { ActivationPtr createActivation(Protobuf::Arena& arena, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers) { auto activation = std::make_unique(); activation->InsertValueProducer(Request, std::make_unique(arena, request_headers, info)); activation->InsertValueProducer(Response, std::make_unique( arena, response_headers, response_trailers, info)); activation->InsertValueProducer(Connection, std::make_unique(info)); activation->InsertValueProducer(Upstream, std::make_unique(info)); activation->InsertValueProducer(Source, std::make_unique(info, false)); activation->InsertValueProducer(Destination, std::make_unique(info, true)); activation->InsertValueProducer(Metadata, std::make_unique(info.dynamicMetadata())); activation->InsertValueProducer(FilterState, std::make_unique(info.filterState())); return activation; } BuilderPtr createBuilder(Protobuf::Arena* arena) { google::api::expr::runtime::InterpreterOptions options; // Security-oriented defaults options.enable_comprehension = false; options.enable_regex = true; options.regex_max_program_size = 100; options.enable_string_conversion = false; options.enable_string_concat = false; options.enable_list_concat = false; // Enable constant folding (performance optimization) if (arena != nullptr) { options.constant_folding = true; options.constant_arena = arena; } auto builder = google::api::expr::runtime::CreateCelExpressionBuilder(options); auto register_status = google::api::expr::runtime::RegisterBuiltinFunctions(builder->GetRegistry(), options); if (!register_status.ok()) { throw CelException( absl::StrCat("failed to register built-in functions: ", register_status.message())); } return builder; } ExpressionPtr createExpression(Builder& builder, const google::api::expr::v1alpha1::Expr& expr) { google::api::expr::v1alpha1::SourceInfo source_info; auto cel_expression_status = builder.CreateExpression(&expr, &source_info); if (!cel_expression_status.ok()) { throw CelException( absl::StrCat("failed to create an expression: ", cel_expression_status.status().message())); } return std::move(cel_expression_status.value()); } absl::optional evaluate(const Expression& expr, Protobuf::Arena& arena, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers) { auto activation = createActivation(arena, info, request_headers, response_headers, response_trailers); auto eval_status = expr.Evaluate(*activation, &arena); if (!eval_status.ok()) { return {}; } return eval_status.value(); } bool matches(const Expression& expr, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& headers) { Protobuf::Arena arena; auto eval_status = Expr::evaluate(expr, arena, info, &headers, nullptr, nullptr); if (!eval_status.has_value()) { return false; } auto result = eval_status.value(); return result.IsBool() ? result.BoolOrDie() : false; } } // namespace Expr } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/expr/evaluator.h ================================================ #pragma once #include "envoy/stream_info/stream_info.h" #include "common/http/headers.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/common/expr/context.h" #include "eval/public/cel_expression.h" #include "eval/public/cel_value.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Expr { using Activation = google::api::expr::runtime::Activation; using ActivationPtr = std::unique_ptr; using Builder = google::api::expr::runtime::CelExpressionBuilder; using BuilderPtr = std::unique_ptr; using Expression = google::api::expr::runtime::CelExpression; using ExpressionPtr = std::unique_ptr; // Creates an activation providing the common context attributes. // The activation lazily creates wrappers during an evaluation using the evaluation arena. ActivationPtr createActivation(Protobuf::Arena& arena, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers); // Creates an expression builder. The optional arena is used to enable constant folding // for intermediate evaluation results. // Throws an exception if fails to construct an expression builder. BuilderPtr createBuilder(Protobuf::Arena* arena); // Creates an interpretable expression from a protobuf representation. // Throws an exception if fails to construct a runtime expression. ExpressionPtr createExpression(Builder& builder, const google::api::expr::v1alpha1::Expr& expr); // Evaluates an expression for a request. The arena is used to hold intermediate computational // results and potentially the final value. absl::optional evaluate(const Expression& expr, Protobuf::Arena& arena, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers); // Evaluates an expression and returns true if the expression evaluates to "true". // Returns false if the expression fails to evaluate. bool matches(const Expression& expr, const StreamInfo::StreamInfo& info, const Http::RequestHeaderMap& headers); // Thrown when there is an CEL library error. class CelException : public EnvoyException { public: CelException(const std::string& what) : EnvoyException(what) {} }; } // namespace Expr } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "ext_authz_interface", hdrs = ["ext_authz.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/http:headers_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ext_authz_grpc_lib", srcs = ["ext_authz_grpc_impl.cc"], hdrs = ["ext_authz_grpc_impl.h"], deps = [ ":check_request_utils_lib", ":ext_authz_interface", "//include/envoy/grpc:async_client_interface", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/http:protocol_interface", "//include/envoy/network:address_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "//source/common/grpc:typed_async_client_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ext_authz/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v2alpha:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ext_authz_http_lib", srcs = ["ext_authz_http_impl.cc"], hdrs = ["ext_authz_http_impl.h"], deps = [ ":check_request_utils_lib", ":ext_authz_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:matchers_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:async_client_lib", "//source/common/http:codes_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ext_authz/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "check_request_utils_lib", srcs = ["check_request_utils.cc"], hdrs = ["check_request_utils.h"], deps = [ ":ext_authz_interface", "//include/envoy/grpc:async_client_interface", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/http:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/common/ext_authz/check_request_utils.cc ================================================ #include "extensions/filters/common/ext_authz/check_request_utils.h" #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/service/auth/v3/attribute_context.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/ssl/connection.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/grpc/async_client_impl.h" #include "common/http/codes.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/common/ext_authz/ext_authz.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { void CheckRequestUtils::setAttrContextPeer(envoy::service::auth::v3::AttributeContext::Peer& peer, const Network::Connection& connection, const std::string& service, const bool local, bool include_certificate) { // Set the address auto addr = peer.mutable_address(); if (local) { Envoy::Network::Utility::addressToProtobufAddress(*connection.localAddress(), *addr); } else { Envoy::Network::Utility::addressToProtobufAddress(*connection.remoteAddress(), *addr); } // Set the principal. Preferably the URI SAN, DNS SAN or Subject in that order from the peer's // cert. Include the X.509 certificate of the source peer, if configured to do so. auto ssl = connection.ssl(); if (ssl != nullptr) { if (local) { const auto uri_sans = ssl->uriSanLocalCertificate(); if (uri_sans.empty()) { const auto dns_sans = ssl->dnsSansLocalCertificate(); if (dns_sans.empty()) { peer.set_principal(ssl->subjectLocalCertificate()); } else { peer.set_principal(dns_sans[0]); } } else { peer.set_principal(uri_sans[0]); } } else { const auto uri_sans = ssl->uriSanPeerCertificate(); if (uri_sans.empty()) { const auto dns_sans = ssl->dnsSansPeerCertificate(); if (dns_sans.empty()) { peer.set_principal(ssl->subjectPeerCertificate()); } else { peer.set_principal(dns_sans[0]); } } else { peer.set_principal(uri_sans[0]); } if (include_certificate) { peer.set_certificate(ssl->urlEncodedPemEncodedPeerCertificate()); } } } if (!service.empty()) { peer.set_service(service); } } std::string CheckRequestUtils::getHeaderStr(const Envoy::Http::HeaderEntry* entry) { if (entry) { // TODO(jmarantz): plumb absl::string_view further here; there's no need // to allocate a temp string in the local uses. return std::string(entry->value().getStringView()); } return EMPTY_STRING; } void CheckRequestUtils::setRequestTime(envoy::service::auth::v3::AttributeContext::Request& req, const StreamInfo::StreamInfo& stream_info) { // Set the timestamp when the proxy receives the first byte of the request. req.mutable_time()->MergeFrom(Protobuf::util::TimeUtil::NanosecondsToTimestamp( std::chrono::duration_cast( stream_info.startTime().time_since_epoch()) .count())); } void CheckRequestUtils::setHttpRequest( envoy::service::auth::v3::AttributeContext::HttpRequest& httpreq, uint64_t stream_id, const StreamInfo::StreamInfo& stream_info, const Buffer::Instance* decoding_buffer, const Envoy::Http::RequestHeaderMap& headers, uint64_t max_request_bytes, bool pack_as_bytes) { httpreq.set_id(std::to_string(stream_id)); httpreq.set_method(getHeaderStr(headers.Method())); httpreq.set_path(getHeaderStr(headers.Path())); httpreq.set_host(getHeaderStr(headers.Host())); httpreq.set_scheme(getHeaderStr(headers.Scheme())); httpreq.set_size(stream_info.bytesReceived()); if (stream_info.protocol()) { httpreq.set_protocol(Envoy::Http::Utility::getProtocolString(stream_info.protocol().value())); } // Fill in the headers. auto* mutable_headers = httpreq.mutable_headers(); headers.iterate([mutable_headers](const Envoy::Http::HeaderEntry& e) { // Skip any client EnvoyAuthPartialBody header, which could interfere with internal use. if (e.key().getStringView() != Headers::get().EnvoyAuthPartialBody.get()) { (*mutable_headers)[std::string(e.key().getStringView())] = std::string(e.value().getStringView()); } return Envoy::Http::HeaderMap::Iterate::Continue; }); // Set request body. if (max_request_bytes > 0 && decoding_buffer != nullptr) { const uint64_t length = std::min(decoding_buffer->length(), max_request_bytes); std::string data(length, 0); decoding_buffer->copyOut(0, length, &data[0]); // This pack_as_bytes flag allows us to switch the content type (bytes or string) of "body" to // be sent to the external authorization server without doing string encoding check (in this // case UTF-8 check). if (pack_as_bytes) { httpreq.set_raw_body(std::move(data)); } else { httpreq.set_body(std::move(data)); } // Add in a header to detect when a partial body is used. (*mutable_headers)[Headers::get().EnvoyAuthPartialBody.get()] = length != decoding_buffer->length() ? "true" : "false"; } } void CheckRequestUtils::setAttrContextRequest( envoy::service::auth::v3::AttributeContext::Request& req, const uint64_t stream_id, const StreamInfo::StreamInfo& stream_info, const Buffer::Instance* decoding_buffer, const Envoy::Http::RequestHeaderMap& headers, uint64_t max_request_bytes, bool pack_as_bytes) { setRequestTime(req, stream_info); setHttpRequest(*req.mutable_http(), stream_id, stream_info, decoding_buffer, headers, max_request_bytes, pack_as_bytes); } void CheckRequestUtils::createHttpCheck( const Envoy::Http::StreamDecoderFilterCallbacks* callbacks, const Envoy::Http::RequestHeaderMap& headers, Protobuf::Map&& context_extensions, envoy::config::core::v3::Metadata&& metadata_context, envoy::service::auth::v3::CheckRequest& request, uint64_t max_request_bytes, bool pack_as_bytes, bool include_peer_certificate) { auto attrs = request.mutable_attributes(); const std::string service = getHeaderStr(headers.EnvoyDownstreamServiceCluster()); // *cb->connection(), callbacks->streamInfo() and callbacks->decodingBuffer() are not qualified as // const. auto* cb = const_cast(callbacks); setAttrContextPeer(*attrs->mutable_source(), *cb->connection(), service, false, include_peer_certificate); setAttrContextPeer(*attrs->mutable_destination(), *cb->connection(), EMPTY_STRING, true, include_peer_certificate); setAttrContextRequest(*attrs->mutable_request(), cb->streamId(), cb->streamInfo(), cb->decodingBuffer(), headers, max_request_bytes, pack_as_bytes); // Fill in the context extensions and metadata context. (*attrs->mutable_context_extensions()) = std::move(context_extensions); (*attrs->mutable_metadata_context()) = std::move(metadata_context); } void CheckRequestUtils::createTcpCheck(const Network::ReadFilterCallbacks* callbacks, envoy::service::auth::v3::CheckRequest& request, bool include_peer_certificate) { auto attrs = request.mutable_attributes(); auto* cb = const_cast(callbacks); setAttrContextPeer(*attrs->mutable_source(), cb->connection(), "", false, include_peer_certificate); setAttrContextPeer(*attrs->mutable_destination(), cb->connection(), "", true, include_peer_certificate); } } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/check_request_utils.h ================================================ #pragma once #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/http/protocol.h" #include "envoy/network/address.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/service/auth/v3/attribute_context.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/async_client_impl.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { /** * For creating ext_authz.proto (authorization) request. * CheckRequestUtils is used to extract attributes from the TCP/HTTP request * and fill out the details in the authorization protobuf that is sent to authorization * service. * The specific information in the request is as per the specification in the * data plane API. */ class CheckRequestUtils { public: /** * createHttpCheck is used to extract the attributes from the stream and the http headers * and fill them up in the CheckRequest proto message. * @param callbacks supplies the Http stream context from which data can be extracted. * @param headers supplies the header map with http headers that will be used to create the * check request. * @param request is the reference to the check request that will be filled up. * @param with_request_body when true, will add the request body to the check request. * @param pack_as_bytes when true, will set the check request body as bytes. * @param include_peer_certificate whether to include the peer certificate in the check request. */ static void createHttpCheck(const Envoy::Http::StreamDecoderFilterCallbacks* callbacks, const Envoy::Http::RequestHeaderMap& headers, Protobuf::Map&& context_extensions, envoy::config::core::v3::Metadata&& metadata_context, envoy::service::auth::v3::CheckRequest& request, uint64_t max_request_bytes, bool pack_as_bytes, bool include_peer_certificate); /** * createTcpCheck is used to extract the attributes from the network layer and fill them up * in the CheckRequest proto message. * @param callbacks supplies the network layer context from which data can be extracted. * @param request is the reference to the check request that will be filled up. * @param include_peer_certificate whether to include the peer certificate in the check request. */ static void createTcpCheck(const Network::ReadFilterCallbacks* callbacks, envoy::service::auth::v3::CheckRequest& request, bool include_peer_certificate); private: static void setAttrContextPeer(envoy::service::auth::v3::AttributeContext::Peer& peer, const Network::Connection& connection, const std::string& service, const bool local, bool include_certificate); static void setRequestTime(envoy::service::auth::v3::AttributeContext::Request& req, const StreamInfo::StreamInfo& stream_info); static void setHttpRequest(envoy::service::auth::v3::AttributeContext::HttpRequest& httpreq, const uint64_t stream_id, const StreamInfo::StreamInfo& stream_info, const Buffer::Instance* decoding_buffer, const Envoy::Http::RequestHeaderMap& headers, uint64_t max_request_bytes, bool pack_as_bytes); static void setAttrContextRequest(envoy::service::auth::v3::AttributeContext::Request& req, const uint64_t stream_id, const StreamInfo::StreamInfo& stream_info, const Buffer::Instance* decoding_buffer, const Envoy::Http::RequestHeaderMap& headers, uint64_t max_request_bytes, bool pack_as_bytes); static std::string getHeaderStr(const Envoy::Http::HeaderEntry* entry); static Envoy::Http::HeaderMap::Iterate fillHttpHeaders(const Envoy::Http::HeaderEntry&, void*); }; } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/ext_authz.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" #include "envoy/http/codes.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/stream_info/stream_info.h" #include "envoy/tracing/http_tracer.h" #include "common/http/headers.h" #include "common/runtime/runtime_features.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { /** * Constant values used for tracing metadata. */ struct TracingConstantValues { const std::string TraceStatus = "ext_authz_status"; const std::string TraceUnauthz = "ext_authz_unauthorized"; const std::string TraceOk = "ext_authz_ok"; const std::string HttpStatus = "ext_authz_http_status"; }; using TracingConstants = ConstSingleton; /** * Constant auth related HTTP headers. All lower case. This group of headers can * contain prefix override headers. */ class HeaderValues { public: const char* prefix() const { return ThreadSafeSingleton::get().prefix(); } const Http::LowerCaseString EnvoyAuthPartialBody{absl::StrCat(prefix(), "-auth-partial-body")}; const Http::LowerCaseString EnvoyAuthHeadersToRemove{ absl::StrCat(prefix(), "-auth-headers-to-remove")}; }; using Headers = ConstSingleton; /** * Possible async results for a check call. */ enum class CheckStatus { // The request is authorized. OK, // The authz service could not be queried. Error, // The request is denied. Denied }; /** * Possible error kind for Error status.. */ enum class ErrorKind { // Other error. Other, // The request timed out. This will only be set if the timeout is measure when the check request // was created. Timedout, }; /** * Authorization response object for a RequestCallback. */ struct Response { // Call status. CheckStatus status; // In case status is Error, this will contain the kind of error that occurred. ErrorKind error_kind{ErrorKind::Other}; // A set of HTTP headers returned by the authorization server, that will be optionally appended // to the request to the upstream server. Http::HeaderVector headers_to_append; // A set of HTTP headers returned by the authorization server, will be optionally set // (using "setCopy") to the request to the upstream server. Http::HeaderVector headers_to_set; // A set of HTTP headers returned by the authorization server, will be optionally added // (using "addCopy") to the request to the upstream server. Http::HeaderVector headers_to_add; // A set of HTTP headers consumed by the authorization server, will be removed // from the request to the upstream server. std::vector headers_to_remove; // Optional http body used only on denied response. std::string body; // Optional http status used only on denied response. Http::Code status_code{}; // A set of metadata returned by the authorization server, that will be emitted as filter's // dynamic metadata that other filters can leverage. ProtobufWkt::Struct dynamic_metadata; }; using ResponsePtr = std::unique_ptr; /** * Async callbacks used during check() calls. */ class RequestCallbacks { public: virtual ~RequestCallbacks() = default; /** * Called when a check request is complete. The resulting ResponsePtr is supplied. */ virtual void onComplete(ResponsePtr&& response) PURE; }; class Client { public: // Destructor virtual ~Client() = default; /** * Cancel an inflight Check request. */ virtual void cancel() PURE; /** * Request a check call to an external authorization service which can use the * passed request parameters to make a permit/deny decision. * @param callback supplies the completion callbacks. * NOTE: The callback may happen within the calling stack. * @param dispatcher is the dispatcher of the current thread. * @param request is the proto message with the attributes of the specific payload. * @param parent_span source for generating an egress child span as part of the trace. * @param stream_info supplies the client's stream info. */ virtual void check(RequestCallbacks& callback, Event::Dispatcher& dispatcher, const envoy::service::auth::v3::CheckRequest& request, Tracing::Span& parent_span, const StreamInfo::StreamInfo& stream_info) PURE; protected: /** * @return should we start the request time out when the check request is created. */ static bool timeoutStartsAtCheckCreation() { return Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.ext_authz_measure_timeout_on_check_created"); } }; using ClientPtr = std::unique_ptr; } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.cc ================================================ #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/service/auth/v2alpha/external_auth.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "common/common/assert.h" #include "common/grpc/async_client_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { GrpcClientImpl::GrpcClientImpl(Grpc::RawAsyncClientSharedPtr async_client, const absl::optional& timeout, envoy::config::core::v3::ApiVersion transport_api_version, bool use_alpha) : async_client_(async_client), timeout_(timeout), service_method_(Grpc::VersionedMethods("envoy.service.auth.v3.Authorization.Check", "envoy.service.auth.v2.Authorization.Check", "envoy.service.auth.v2alpha.Authorization.Check") .getMethodDescriptorForVersion(transport_api_version, use_alpha)), transport_api_version_(transport_api_version) {} GrpcClientImpl::~GrpcClientImpl() { ASSERT(!callbacks_); } void GrpcClientImpl::cancel() { ASSERT(callbacks_ != nullptr); request_->cancel(); callbacks_ = nullptr; timeout_timer_.reset(); } void GrpcClientImpl::check(RequestCallbacks& callbacks, Event::Dispatcher& dispatcher, const envoy::service::auth::v3::CheckRequest& request, Tracing::Span& parent_span, const StreamInfo::StreamInfo&) { ASSERT(callbacks_ == nullptr); callbacks_ = &callbacks; Http::AsyncClient::RequestOptions options; if (timeout_.has_value()) { if (timeoutStartsAtCheckCreation()) { // TODO(yuval-k): We currently use dispatcher based timeout even if the underlying client is // google gRPC client, which has it's own timeout mechanism. We may want to change that in // the future if the implementations converge. timeout_timer_ = dispatcher.createTimer([this]() -> void { onTimeout(); }); timeout_timer_->enableTimer(timeout_.value()); } else { // not starting timer on check creation, set the timeout on the request. options.setTimeout(timeout_); } } ENVOY_LOG(trace, "Sending CheckRequest: {}", request.DebugString()); request_ = async_client_->send(service_method_, request, *this, parent_span, options, transport_api_version_); } void GrpcClientImpl::onSuccess(std::unique_ptr&& response, Tracing::Span& span) { ENVOY_LOG(trace, "Received CheckResponse: {}", response->DebugString()); ResponsePtr authz_response = std::make_unique(Response{}); if (response->status().code() == Grpc::Status::WellKnownGrpcStatus::Ok) { span.setTag(TracingConstants::get().TraceStatus, TracingConstants::get().TraceOk); authz_response->status = CheckStatus::OK; if (response->has_ok_response()) { toAuthzResponseHeader(authz_response, response->ok_response().headers()); if (response->ok_response().headers_to_remove_size() > 0) { for (const auto& header : response->ok_response().headers_to_remove()) { authz_response->headers_to_remove.push_back(Http::LowerCaseString(header)); } } } } else { span.setTag(TracingConstants::get().TraceStatus, TracingConstants::get().TraceUnauthz); authz_response->status = CheckStatus::Denied; if (response->has_denied_response()) { toAuthzResponseHeader(authz_response, response->denied_response().headers()); authz_response->status_code = static_cast(response->denied_response().status().code()); authz_response->body = response->denied_response().body(); } else { authz_response->status_code = Http::Code::Forbidden; } } // OkHttpResponse.dynamic_metadata is deprecated. Until OkHttpResponse.dynamic_metadata is // removed, it overrides dynamic_metadata field of the outer check response. if (response->has_ok_response() && response->ok_response().has_dynamic_metadata()) { authz_response->dynamic_metadata = response->ok_response().dynamic_metadata(); } else { authz_response->dynamic_metadata = response->dynamic_metadata(); } callbacks_->onComplete(std::move(authz_response)); callbacks_ = nullptr; timeout_timer_.reset(); } void GrpcClientImpl::onFailure(Grpc::Status::GrpcStatus status, const std::string&, Tracing::Span&) { ENVOY_LOG(trace, "CheckRequest call failed with status: {}", Grpc::Utility::grpcStatusToString(status)); ASSERT(status != Grpc::Status::WellKnownGrpcStatus::Ok); timeout_timer_.reset(); respondFailure(ErrorKind::Other); } void GrpcClientImpl::onTimeout() { ENVOY_LOG(trace, "CheckRequest timed-out"); ASSERT(request_ != nullptr); request_->cancel(); // let the client know of failure: respondFailure(ErrorKind::Timedout); } void GrpcClientImpl::respondFailure(ErrorKind kind) { Response response{}; response.status = CheckStatus::Error; response.status_code = Http::Code::Forbidden; response.error_kind = kind; callbacks_->onComplete(std::make_unique(response)); callbacks_ = nullptr; } void GrpcClientImpl::toAuthzResponseHeader( ResponsePtr& response, const Protobuf::RepeatedPtrField& headers) { for (const auto& header : headers) { if (header.append().value()) { response->headers_to_append.emplace_back(Http::LowerCaseString(header.header().key()), header.header().value()); } else { response->headers_to_set.emplace_back(Http::LowerCaseString(header.header().key()), header.header().value()); } } } const Grpc::RawAsyncClientSharedPtr AsyncClientCache::getOrCreateAsyncClient( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& proto_config) { // The cache stores Google gRPC client, so channel is not created for each request. ASSERT(proto_config.has_grpc_service() && proto_config.grpc_service().has_google_grpc()); auto& cache = tls_slot_->getTyped(); const std::size_t cache_key = MessageUtil::hash(proto_config.grpc_service().google_grpc()); const auto it = cache.async_clients_.find(cache_key); if (it != cache.async_clients_.end()) { return it->second; } const Grpc::AsyncClientFactoryPtr factory = async_client_manager_.factoryForGrpcService(proto_config.grpc_service(), scope_, true); const Grpc::RawAsyncClientSharedPtr async_client = factory->create(); cache.async_clients_.emplace(cache_key, async_client); return async_client; } } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/http/protocol.h" #include "envoy/network/address.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/grpc/typed_async_client.h" #include "extensions/filters/common/ext_authz/check_request_utils.h" #include "extensions/filters/common/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { using ExtAuthzAsyncCallbacks = Grpc::AsyncRequestCallbacks; /* * This client implementation is used when the Ext_Authz filter needs to communicate with an gRPC * authorization server. Unlike the HTTP client, the gRPC allows the server to define response * objects which contain the HTTP attributes to be sent to the upstream or to the downstream client. * The gRPC client does not rewrite path. NOTE: We create gRPC client for each filter stack instead * of a client per thread. That is ok since this is unary RPC and the cost of doing this is minimal. */ class GrpcClientImpl : public Client, public ExtAuthzAsyncCallbacks, public Logger::Loggable { public: // TODO(gsagula): remove `use_alpha` param when V2Alpha gets deprecated. GrpcClientImpl(Grpc::RawAsyncClientSharedPtr async_client, const absl::optional& timeout, envoy::config::core::v3::ApiVersion transport_api_version, bool use_alpha); ~GrpcClientImpl() override; // ExtAuthz::Client void cancel() override; void check(RequestCallbacks& callbacks, Event::Dispatcher& dispatcher, const envoy::service::auth::v3::CheckRequest& request, Tracing::Span& parent_span, const StreamInfo::StreamInfo& stream_info) override; // Grpc::AsyncRequestCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} void onSuccess(std::unique_ptr&& response, Tracing::Span& span) override; void onFailure(Grpc::Status::GrpcStatus status, const std::string& message, Tracing::Span& span) override; private: void onTimeout(); void respondFailure(Filters::Common::ExtAuthz::ErrorKind kind); void toAuthzResponseHeader( ResponsePtr& response, const Protobuf::RepeatedPtrField& headers); Grpc::AsyncClient async_client_; Grpc::AsyncRequest* request_{}; absl::optional timeout_; RequestCallbacks* callbacks_{}; const Protobuf::MethodDescriptor& service_method_; const envoy::config::core::v3::ApiVersion transport_api_version_; Event::TimerPtr timeout_timer_; }; using GrpcClientImplPtr = std::unique_ptr; // The client cache for RawAsyncClient for Google grpc so channel is not created for each request. // TODO(fpliu233): The cache will cause resource leak that a new channel is created every time a new // config is pushed. Improve gRPC channel cache with better solution. class AsyncClientCache : public Singleton::Instance { public: AsyncClientCache(Grpc::AsyncClientManager& async_client_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls) : async_client_manager_(async_client_manager), scope_(scope), tls_slot_(tls.allocateSlot()) { tls_slot_->set([](Event::Dispatcher&) { return std::make_shared(); }); } const Grpc::RawAsyncClientSharedPtr getOrCreateAsyncClient( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& proto_config); private: /** * Per-thread cache. */ struct ThreadLocalCache : public ThreadLocal::ThreadLocalObject { ThreadLocalCache() = default; // The client cache stored with key as hash of // envoy::config::core::v3::GrpcService::GoogleGrpc config. // TODO(fpliu233): Remove when the cleaner and generic solution for gRPC is live. absl::flat_hash_map async_clients_; }; Grpc::AsyncClientManager& async_client_manager_; Stats::Scope& scope_; ThreadLocal::SlotPtr tls_slot_; }; using AsyncClientCacheSharedPtr = std::shared_ptr; } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/ext_authz_http_impl.cc ================================================ #include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/matchers.h" #include "common/http/async_client_impl.h" #include "common/http/codes.h" #include "common/runtime/runtime_features.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { namespace { // Static header map used for creating authorization requests. const Http::HeaderMap& lengthZeroHeader() { static const auto headers = Http::createHeaderMap( {{Http::Headers::get().ContentLength, std::to_string(0)}}); return *headers; } // Static response used for creating authorization ERROR responses. const Response& errorResponse() { CONSTRUCT_ON_FIRST_USE(Response, Response{CheckStatus::Error, ErrorKind::Other, Http::HeaderVector{}, Http::HeaderVector{}, Http::HeaderVector{}, {{}}, EMPTY_STRING, Http::Code::Forbidden, ProtobufWkt::Struct{}}); } // SuccessResponse used for creating either DENIED or OK authorization responses. struct SuccessResponse { SuccessResponse(const Http::HeaderMap& headers, const MatcherSharedPtr& matchers, const MatcherSharedPtr& append_matchers, Response&& response) : headers_(headers), matchers_(matchers), append_matchers_(append_matchers), response_(std::make_unique(response)) { headers_.iterate([this](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { // UpstreamHeaderMatcher if (matchers_->matches(header.key().getStringView())) { response_->headers_to_set.emplace_back( Http::LowerCaseString{std::string(header.key().getStringView())}, std::string(header.value().getStringView())); } if (append_matchers_->matches(header.key().getStringView())) { // If there is an existing matching key in the current headers, the new entry will be // appended with the same key. For example, given {"key": "value1"} headers, if there is // a matching "key" from the authorization response headers {"key": "value2"}, the // request to upstream server will have two entries for "key": {"key": "value1", "key": // "value2"}. response_->headers_to_add.emplace_back( Http::LowerCaseString{std::string(header.key().getStringView())}, std::string(header.value().getStringView())); } return Http::HeaderMap::Iterate::Continue; }); } const Http::HeaderMap& headers_; const MatcherSharedPtr& matchers_; const MatcherSharedPtr& append_matchers_; ResponsePtr response_; }; envoy::type::matcher::v3::StringMatcher ignoreCaseStringMatcher(const envoy::type::matcher::v3::StringMatcher& matcher) { const auto& match_pattern_case = matcher.match_pattern_case(); if (match_pattern_case == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSafeRegex || match_pattern_case == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kHiddenEnvoyDeprecatedRegex) { return matcher; } envoy::type::matcher::v3::StringMatcher ignore_case; ignore_case.set_ignore_case(true); switch (matcher.match_pattern_case()) { case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kExact: ignore_case.set_exact(matcher.exact()); break; case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kPrefix: ignore_case.set_prefix(matcher.prefix()); break; case envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSuffix: ignore_case.set_suffix(matcher.suffix()); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } return ignore_case; } std::vector createStringMatchers(const envoy::type::matcher::v3::ListStringMatcher& list, const bool disable_lowercase_string_matcher) { std::vector matchers; for (const auto& matcher : list.patterns()) { matchers.push_back(std::make_unique( disable_lowercase_string_matcher ? matcher : ignoreCaseStringMatcher(matcher))); } return matchers; } } // namespace // Matchers HeaderKeyMatcher::HeaderKeyMatcher(std::vector&& list) : matchers_(std::move(list)) {} bool HeaderKeyMatcher::matches(absl::string_view key) const { return std::any_of(matchers_.begin(), matchers_.end(), [&key](auto& matcher) { return matcher->match(key); }); } NotHeaderKeyMatcher::NotHeaderKeyMatcher(std::vector&& list) : matcher_(std::move(list)) {} bool NotHeaderKeyMatcher::matches(absl::string_view key) const { return !matcher_.matches(key); } // Config ClientConfig::ClientConfig(const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& config, uint32_t timeout, absl::string_view path_prefix) : enable_case_sensitive_string_matcher_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.ext_authz_http_service_enable_case_sensitive_string_matcher")), request_header_matchers_( toRequestMatchers(config.http_service().authorization_request().allowed_headers(), enable_case_sensitive_string_matcher_)), client_header_matchers_( toClientMatchers(config.http_service().authorization_response().allowed_client_headers(), enable_case_sensitive_string_matcher_)), upstream_header_matchers_(toUpstreamMatchers( config.http_service().authorization_response().allowed_upstream_headers(), enable_case_sensitive_string_matcher_)), upstream_header_to_append_matchers_(toUpstreamMatchers( config.http_service().authorization_response().allowed_upstream_headers_to_append(), enable_case_sensitive_string_matcher_)), cluster_name_(config.http_service().server_uri().cluster()), timeout_(timeout), path_prefix_(path_prefix), tracing_name_(fmt::format("async {} egress", config.http_service().server_uri().cluster())), request_headers_parser_(Router::HeaderParser::configure( config.http_service().authorization_request().headers_to_add(), false)) {} MatcherSharedPtr ClientConfig::toRequestMatchers(const envoy::type::matcher::v3::ListStringMatcher& list, const bool disable_lowercase_string_matcher) { const std::vector keys{ {Http::CustomHeaders::get().Authorization, Http::Headers::get().Method, Http::Headers::get().Path, Http::Headers::get().Host}}; std::vector matchers( createStringMatchers(list, disable_lowercase_string_matcher)); for (const auto& key : keys) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact(key.get()); matchers.push_back(std::make_unique(matcher)); } return std::make_shared(std::move(matchers)); } MatcherSharedPtr ClientConfig::toClientMatchers(const envoy::type::matcher::v3::ListStringMatcher& list, const bool disable_lowercase_string_matcher) { std::vector matchers( createStringMatchers(list, disable_lowercase_string_matcher)); // If list is empty, all authorization response headers, except Host, should be added to // the client response. if (matchers.empty()) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact(Http::Headers::get().Host.get()); matchers.push_back(std::make_unique(matcher)); return std::make_shared(std::move(matchers)); } // If not empty, all user defined matchers and default matcher's list will // be used instead. std::vector keys{ {Http::Headers::get().Status, Http::Headers::get().ContentLength, Http::Headers::get().WWWAuthenticate, Http::Headers::get().Location}}; for (const auto& key : keys) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact(key.get()); matchers.push_back(std::make_unique(matcher)); } return std::make_shared(std::move(matchers)); } MatcherSharedPtr ClientConfig::toUpstreamMatchers(const envoy::type::matcher::v3::ListStringMatcher& list, const bool disable_lowercase_string_matcher) { return std::make_unique( createStringMatchers(list, disable_lowercase_string_matcher)); } RawHttpClientImpl::RawHttpClientImpl(Upstream::ClusterManager& cm, ClientConfigSharedPtr config) : cm_(cm), config_(config) {} RawHttpClientImpl::~RawHttpClientImpl() { ASSERT(callbacks_ == nullptr); } void RawHttpClientImpl::cancel() { ASSERT(callbacks_ != nullptr); request_->cancel(); callbacks_ = nullptr; timeout_timer_.reset(); } // Client void RawHttpClientImpl::check(RequestCallbacks& callbacks, Event::Dispatcher& dispatcher, const envoy::service::auth::v3::CheckRequest& request, Tracing::Span& parent_span, const StreamInfo::StreamInfo& stream_info) { ASSERT(callbacks_ == nullptr); callbacks_ = &callbacks; Http::RequestHeaderMapPtr headers; const uint64_t request_length = request.attributes().request().http().body().size(); if (request_length > 0) { headers = Http::createHeaderMap( {{Http::Headers::get().ContentLength, std::to_string(request_length)}}); } else { headers = Http::createHeaderMap(lengthZeroHeader()); } for (const auto& header : request.attributes().request().http().headers()) { const Http::LowerCaseString key{header.first}; // Skip setting content-length header since it is already configured at initialization. if (key == Http::Headers::get().ContentLength) { continue; } if (config_->requestHeaderMatchers()->matches(key.get())) { if (key == Http::Headers::get().Path && !config_->pathPrefix().empty()) { headers->addCopy(key, absl::StrCat(config_->pathPrefix(), header.second)); } else { headers->addCopy(key, header.second); } } } config_->requestHeaderParser().evaluateHeaders(*headers, stream_info); Http::RequestMessagePtr message = std::make_unique(std::move(headers)); if (request_length > 0) { message->body().add(request.attributes().request().http().body()); } const std::string& cluster = config_->cluster(); // It's possible that the cluster specified in the filter configuration no longer exists due to a // CDS removal. if (cm_.get(cluster) == nullptr) { // TODO(dio): Add stats related to this. ENVOY_LOG(debug, "ext_authz cluster '{}' does not exist", cluster); callbacks_->onComplete(std::make_unique(errorResponse())); callbacks_ = nullptr; } else { auto options = Http::AsyncClient::RequestOptions() .setParentSpan(parent_span) .setChildSpanName(config_->tracingName()); if (timeoutStartsAtCheckCreation()) { timeout_timer_ = dispatcher.createTimer([this]() -> void { onTimeout(); }); timeout_timer_->enableTimer(config_->timeout()); } else { options.setTimeout(config_->timeout()); } request_ = cm_.httpAsyncClientForCluster(cluster).send(std::move(message), *this, options); } } void RawHttpClientImpl::onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& message) { timeout_timer_.reset(); callbacks_->onComplete(toResponse(std::move(message))); callbacks_ = nullptr; } void RawHttpClientImpl::onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) { ASSERT(reason == Http::AsyncClient::FailureReason::Reset); timeout_timer_.reset(); callbacks_->onComplete(std::make_unique(errorResponse())); callbacks_ = nullptr; } void RawHttpClientImpl::onBeforeFinalizeUpstreamSpan( Tracing::Span& span, const Http::ResponseHeaderMap* response_headers) { if (response_headers != nullptr) { const uint64_t status_code = Http::Utility::getResponseStatus(*response_headers); span.setTag(TracingConstants::get().HttpStatus, Http::CodeUtility::toString(static_cast(status_code))); span.setTag(TracingConstants::get().TraceStatus, status_code == enumToInt(Http::Code::OK) ? TracingConstants::get().TraceOk : TracingConstants::get().TraceUnauthz); } } void RawHttpClientImpl::onTimeout() { ENVOY_LOG(trace, "CheckRequest timed-out"); ASSERT(request_ != nullptr); request_->cancel(); // let the client know of failure: ASSERT(callbacks_ != nullptr); Response response = errorResponse(); response.error_kind = ErrorKind::Timedout; callbacks_->onComplete(std::make_unique(response)); callbacks_ = nullptr; } ResponsePtr RawHttpClientImpl::toResponse(Http::ResponseMessagePtr message) { const uint64_t status_code = Http::Utility::getResponseStatus(message->headers()); // Set an error status if the call to the authorization server returns any of the 5xx HTTP error // codes. A Forbidden response is sent to the client if the filter has not been configured with // failure_mode_allow. if (Http::CodeUtility::is5xx(status_code)) { return std::make_unique(errorResponse()); } // Extract headers-to-remove from the storage header coming from the // authorization server. const auto& storage_header_name = Headers::get().EnvoyAuthHeadersToRemove; // If we are going to construct an Ok response we need to save the // headers_to_remove in a variable first. std::vector headers_to_remove; if (status_code == enumToInt(Http::Code::OK)) { const auto& get_result = message->headers().getAll(storage_header_name); for (size_t i = 0; i < get_result.size(); ++i) { const Http::HeaderEntry* entry = get_result[i]; if (entry != nullptr) { absl::string_view storage_header_value = entry->value().getStringView(); std::vector header_names = StringUtil::splitToken( storage_header_value, ",", /*keep_empty_string=*/false, /*trim_whitespace=*/true); headers_to_remove.reserve(headers_to_remove.size() + header_names.size()); for (const auto& header_name : header_names) { headers_to_remove.push_back(Http::LowerCaseString(std::string(header_name))); } } } } // Now remove the storage header from the authz server response headers before // we reuse them to construct an Ok/Denied authorization response below. message->headers().remove(storage_header_name); // Create an Ok authorization response. if (status_code == enumToInt(Http::Code::OK)) { SuccessResponse ok{message->headers(), config_->upstreamHeaderMatchers(), config_->upstreamHeaderToAppendMatchers(), Response{CheckStatus::OK, ErrorKind::Other, Http::HeaderVector{}, Http::HeaderVector{}, Http::HeaderVector{}, std::move(headers_to_remove), EMPTY_STRING, Http::Code::OK, ProtobufWkt::Struct{}}}; return std::move(ok.response_); } // Create a Denied authorization response. SuccessResponse denied{message->headers(), config_->clientHeaderMatchers(), config_->upstreamHeaderToAppendMatchers(), Response{CheckStatus::Denied, ErrorKind::Other, Http::HeaderVector{}, Http::HeaderVector{}, Http::HeaderVector{}, {{}}, message->bodyAsString(), static_cast(status_code), ProtobufWkt::Struct{}}}; return std::move(denied.response_); } } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ext_authz/ext_authz_http_impl.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/router/header_parser.h" #include "extensions/filters/common/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace ExtAuthz { class Matcher; using MatcherSharedPtr = std::shared_ptr; /** * Matchers describe the rules for matching authorization request and response headers. */ class Matcher { public: virtual ~Matcher() = default; /** * Returns whether or not the header key matches the rules of the matcher. * * @param key supplies the header key to be evaluated. */ virtual bool matches(absl::string_view key) const PURE; }; class HeaderKeyMatcher : public Matcher { public: HeaderKeyMatcher(std::vector&& list); bool matches(absl::string_view key) const override; private: const std::vector matchers_; }; class NotHeaderKeyMatcher : public Matcher { public: NotHeaderKeyMatcher(std::vector&& list); bool matches(absl::string_view key) const override; private: const HeaderKeyMatcher matcher_; }; /** * HTTP client configuration for the HTTP authorization (ext_authz) filter. */ class ClientConfig { public: ClientConfig(const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& config, uint32_t timeout, absl::string_view path_prefix); /** * Returns the name of the authorization cluster. */ const std::string& cluster() { return cluster_name_; } /** * Returns the authorization request path prefix. */ const std::string& pathPrefix() { return path_prefix_; } /** * Returns authorization request timeout. */ const std::chrono::milliseconds& timeout() const { return timeout_; } /** * Returns a list of matchers used for selecting the request headers that should be sent to the * authorization server. */ const MatcherSharedPtr& requestHeaderMatchers() const { return request_header_matchers_; } /** * Returns a list of matchers used for selecting the authorization response headers that * should be send back to the client. */ const MatcherSharedPtr& clientHeaderMatchers() const { return client_header_matchers_; } /** * Returns a list of matchers used for selecting the authorization response headers that * should be send to an the upstream server. */ const MatcherSharedPtr& upstreamHeaderMatchers() const { return upstream_header_matchers_; } /** * Returns a list of matchers used for selecting the authorization response headers that * should be sent to the upstream server. The same header keys will be appended, instead of * be replaced. */ const MatcherSharedPtr& upstreamHeaderToAppendMatchers() const { return upstream_header_to_append_matchers_; } /** * Returns the name used for tracing. */ const std::string& tracingName() { return tracing_name_; } /** * Returns the configured request header parser. */ const Router::HeaderParser& requestHeaderParser() const { return *request_headers_parser_; } private: static MatcherSharedPtr toRequestMatchers(const envoy::type::matcher::v3::ListStringMatcher& matcher, bool enable_case_sensitive_string_matcher); static MatcherSharedPtr toClientMatchers(const envoy::type::matcher::v3::ListStringMatcher& matcher, bool enable_case_sensitive_string_matcher); static MatcherSharedPtr toUpstreamMatchers(const envoy::type::matcher::v3::ListStringMatcher& matcher, bool enable_case_sensitive_string_matcher); const bool enable_case_sensitive_string_matcher_; const MatcherSharedPtr request_header_matchers_; const MatcherSharedPtr client_header_matchers_; const MatcherSharedPtr upstream_header_matchers_; const MatcherSharedPtr upstream_header_to_append_matchers_; const Http::LowerCaseStrPairVector authorization_headers_to_add_; const std::string cluster_name_; const std::chrono::milliseconds timeout_; const std::string path_prefix_; const std::string tracing_name_; Router::HeaderParserPtr request_headers_parser_; }; using ClientConfigSharedPtr = std::shared_ptr; /** * This client implementation is used when the Ext_Authz filter needs to communicate with an * HTTP authorization server. Unlike the gRPC client that allows the server to define the * response object, in the HTTP client, all headers and body provided in the response are * dispatched to the downstream, and some headers to the upstream. The HTTP client also allows * setting a path prefix witch is not available for gRPC. */ class RawHttpClientImpl : public Client, public Http::AsyncClient::Callbacks, Logger::Loggable { public: explicit RawHttpClientImpl(Upstream::ClusterManager& cm, ClientConfigSharedPtr config); ~RawHttpClientImpl() override; // ExtAuthz::Client void cancel() override; void check(RequestCallbacks& callbacks, Event::Dispatcher& dispatcher, const envoy::service::auth::v3::CheckRequest& request, Tracing::Span& parent_span, const StreamInfo::StreamInfo& stream_info) override; // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& message) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) override; void onBeforeFinalizeUpstreamSpan(Tracing::Span& span, const Http::ResponseHeaderMap* response_headers) override; private: void onTimeout(); ResponsePtr toResponse(Http::ResponseMessagePtr message); Upstream::ClusterManager& cm_; ClientConfigSharedPtr config_; Http::AsyncClient::Request* request_{}; RequestCallbacks* callbacks_{}; Event::TimerPtr timeout_timer_; }; } // namespace ExtAuthz } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/fault/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "fault_config_lib", srcs = ["fault_config.cc"], hdrs = ["fault_config.h"], deps = [ "//include/envoy/http:header_map_interface", "//source/common/http:codes_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/common/fault/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/fault/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/common/fault/fault_config.cc ================================================ #include "extensions/filters/common/fault/fault_config.h" #include "envoy/extensions/filters/common/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Fault { envoy::type::v3::FractionalPercent HeaderPercentageProvider::percentage(const Http::RequestHeaderMap* request_headers) const { if (request_headers == nullptr) { // If request_headers is nullptr, return the default percentage. return percentage_; } const auto header = request_headers->get(header_name_); if (header == nullptr) { return percentage_; } uint32_t header_numerator; if (!absl::SimpleAtoi(header->value().getStringView(), &header_numerator)) { return percentage_; } envoy::type::v3::FractionalPercent result; result.set_numerator(std::min(header_numerator, percentage_.numerator())); result.set_denominator(percentage_.denominator()); return result; } FaultAbortConfig::FaultAbortConfig( const envoy::extensions::filters::http::fault::v3::FaultAbort& abort_config) { switch (abort_config.error_type_case()) { case envoy::extensions::filters::http::fault::v3::FaultAbort::ErrorTypeCase::kHttpStatus: provider_ = std::make_unique(static_cast(abort_config.http_status()), absl::nullopt, abort_config.percentage()); break; case envoy::extensions::filters::http::fault::v3::FaultAbort::ErrorTypeCase::kGrpcStatus: provider_ = std::make_unique( absl::nullopt, static_cast(abort_config.grpc_status()), abort_config.percentage()); break; case envoy::extensions::filters::http::fault::v3::FaultAbort::ErrorTypeCase::kHeaderAbort: provider_ = std::make_unique(abort_config.percentage()); break; case envoy::extensions::filters::http::fault::v3::FaultAbort::ErrorTypeCase::ERROR_TYPE_NOT_SET: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional FaultAbortConfig::HeaderAbortProvider::httpStatusCode( const Http::RequestHeaderMap* request_headers) const { absl::optional ret = absl::nullopt; auto header = request_headers->get(Filters::Common::Fault::HeaderNames::get().AbortRequest); if (header == nullptr) { return ret; } uint64_t code; if (!absl::SimpleAtoi(header->value().getStringView(), &code)) { return ret; } if (code >= 200 && code < 600) { ret = static_cast(code); } return ret; } absl::optional FaultAbortConfig::HeaderAbortProvider::grpcStatusCode( const Http::RequestHeaderMap* request_headers) const { auto header = request_headers->get(Filters::Common::Fault::HeaderNames::get().AbortGrpcRequest); if (header == nullptr) { return absl::nullopt; } uint64_t code; if (!absl::SimpleAtoi(header->value().getStringView(), &code)) { return absl::nullopt; } return static_cast(code); } FaultDelayConfig::FaultDelayConfig( const envoy::extensions::filters::common::fault::v3::FaultDelay& delay_config) { switch (delay_config.fault_delay_secifier_case()) { case envoy::extensions::filters::common::fault::v3::FaultDelay::FaultDelaySecifierCase:: kFixedDelay: provider_ = std::make_unique( std::chrono::milliseconds(PROTOBUF_GET_MS_REQUIRED(delay_config, fixed_delay)), delay_config.percentage()); break; case envoy::extensions::filters::common::fault::v3::FaultDelay::FaultDelaySecifierCase:: kHeaderDelay: provider_ = std::make_unique(delay_config.percentage()); break; case envoy::extensions::filters::common::fault::v3::FaultDelay::FaultDelaySecifierCase:: FAULT_DELAY_SECIFIER_NOT_SET: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional FaultDelayConfig::HeaderDelayProvider::duration( const Http::RequestHeaderMap* request_headers) const { const auto header = request_headers->get(HeaderNames::get().DelayRequest); if (header == nullptr) { return absl::nullopt; } uint64_t value; if (!absl::SimpleAtoi(header->value().getStringView(), &value)) { return absl::nullopt; } return std::chrono::milliseconds(value); } FaultRateLimitConfig::FaultRateLimitConfig( const envoy::extensions::filters::common::fault::v3::FaultRateLimit& rate_limit_config) { switch (rate_limit_config.limit_type_case()) { case envoy::extensions::filters::common::fault::v3::FaultRateLimit::LimitTypeCase::kFixedLimit: provider_ = std::make_unique( rate_limit_config.fixed_limit().limit_kbps(), rate_limit_config.percentage()); break; case envoy::extensions::filters::common::fault::v3::FaultRateLimit::LimitTypeCase::kHeaderLimit: provider_ = std::make_unique(rate_limit_config.percentage()); break; case envoy::extensions::filters::common::fault::v3::FaultRateLimit::LimitTypeCase:: LIMIT_TYPE_NOT_SET: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional FaultRateLimitConfig::HeaderRateLimitProvider::rateKbps( const Http::RequestHeaderMap* request_headers) const { const auto header = request_headers->get(HeaderNames::get().ThroughputResponse); if (header == nullptr) { return absl::nullopt; } uint64_t value; if (!absl::SimpleAtoi(header->value().getStringView(), &value)) { return absl::nullopt; } if (value == 0) { return absl::nullopt; } return value; } } // namespace Fault } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/fault/fault_config.h ================================================ #pragma once #include "envoy/extensions/filters/common/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/grpc/status.h" #include "envoy/http/header_map.h" #include "envoy/type/v3/percent.pb.h" #include "common/http/codes.h" #include "common/http/headers.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Fault { class HeaderNameValues { public: const char* prefix() const { return ThreadSafeSingleton::get().prefix(); } const Http::LowerCaseString AbortRequest{absl::StrCat(prefix(), "-fault-abort-request")}; const Http::LowerCaseString AbortRequestPercentage{ absl::StrCat(prefix(), "-fault-abort-request-percentage")}; const Http::LowerCaseString AbortGrpcRequest{absl::StrCat(prefix(), "-fault-abort-grpc-request")}; const Http::LowerCaseString DelayRequest{absl::StrCat(prefix(), "-fault-delay-request")}; const Http::LowerCaseString DelayRequestPercentage{ absl::StrCat(prefix(), "-fault-delay-request-percentage")}; const Http::LowerCaseString ThroughputResponse{ absl::StrCat(prefix(), "-fault-throughput-response")}; const Http::LowerCaseString ThroughputResponsePercentage{ absl::StrCat(prefix(), "-fault-throughput-response-percentage")}; }; using HeaderNames = ConstSingleton; class HeaderPercentageProvider { public: HeaderPercentageProvider(const Http::LowerCaseString& header_name, const envoy::type::v3::FractionalPercent& percentage) : header_name_(header_name), percentage_(percentage) {} // Return the percentage. Optionally passed HTTP headers that may contain the percentage number, // otherwise the percentage passed at the initialized time is returned. envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const; private: const Http::LowerCaseString header_name_; const envoy::type::v3::FractionalPercent percentage_; }; class FaultAbortConfig { public: FaultAbortConfig(const envoy::extensions::filters::http::fault::v3::FaultAbort& abort_config); absl::optional httpStatusCode(const Http::RequestHeaderMap* request_headers) const { return provider_->httpStatusCode(request_headers); } absl::optional grpcStatusCode(const Http::RequestHeaderMap* request_headers) const { return provider_->grpcStatusCode(request_headers); } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const { return provider_->percentage(request_headers); } private: // Abstract abort provider. class AbortProvider { public: virtual ~AbortProvider() = default; // Return the HTTP status code to use. Optionally passed HTTP headers that may contain the // HTTP status code depending on the provider implementation. virtual absl::optional httpStatusCode(const Http::RequestHeaderMap* request_headers) const PURE; // Return the gRPC status code to use. Optionally passed an HTTP header that may contain the // gRPC status code depending on the provider implementation. virtual absl::optional grpcStatusCode(const Http::RequestHeaderMap* request_headers) const PURE; // Return what percentage of requests abort faults should be applied to. Optionally passed // HTTP headers that may contain the percentage depending on the provider implementation. virtual envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const PURE; }; // Abort provider that uses a fixed abort status code. class FixedAbortProvider : public AbortProvider { public: FixedAbortProvider(absl::optional http_status_code, absl::optional grpc_status_code, const envoy::type::v3::FractionalPercent& percentage) : http_status_code_(http_status_code), grpc_status_code_(grpc_status_code), percentage_(percentage) {} absl::optional httpStatusCode(const Http::RequestHeaderMap*) const override { return http_status_code_; } absl::optional grpcStatusCode(const Http::RequestHeaderMap*) const override { return grpc_status_code_; } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap*) const override { return percentage_; } private: const absl::optional http_status_code_; const absl::optional grpc_status_code_; const envoy::type::v3::FractionalPercent percentage_; }; // Abort provider the reads a status code from an HTTP header. class HeaderAbortProvider : public AbortProvider { public: HeaderAbortProvider(const envoy::type::v3::FractionalPercent& percentage) : header_percentage_provider_(HeaderNames::get().AbortRequestPercentage, percentage) {} absl::optional httpStatusCode(const Http::RequestHeaderMap* request_headers) const override; absl::optional grpcStatusCode(const Http::RequestHeaderMap* request_headers) const override; envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const override { return header_percentage_provider_.percentage(request_headers); } private: HeaderPercentageProvider header_percentage_provider_; }; using AbortProviderPtr = std::unique_ptr; AbortProviderPtr provider_; }; using FaultAbortConfigPtr = std::unique_ptr; /** * Generic configuration for a delay fault. */ class FaultDelayConfig { public: FaultDelayConfig(const envoy::extensions::filters::common::fault::v3::FaultDelay& delay_config); absl::optional duration(const Http::RequestHeaderMap* request_headers) const { return provider_->duration(request_headers); } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const { return provider_->percentage(request_headers); } private: // Abstract delay provider. class DelayProvider { public: virtual ~DelayProvider() = default; // Return the duration to use. Optionally passed HTTP headers that may contain the delay // depending on the provider implementation. virtual absl::optional duration(const Http::RequestHeaderMap* request_headers) const PURE; // Return what percentage of requests request faults should be applied to. Optionally passed // HTTP headers that may contain the percentage depending on the provider implementation. virtual envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const PURE; }; // Delay provider that uses a fixed delay. class FixedDelayProvider : public DelayProvider { public: FixedDelayProvider(std::chrono::milliseconds delay, const envoy::type::v3::FractionalPercent& percentage) : delay_(delay), percentage_(percentage) {} // DelayProvider absl::optional duration(const Http::RequestHeaderMap*) const override { return delay_; } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap*) const override { return percentage_; } private: const std::chrono::milliseconds delay_; const envoy::type::v3::FractionalPercent percentage_; }; // Delay provider the reads a delay from an HTTP header. class HeaderDelayProvider : public DelayProvider { public: HeaderDelayProvider(const envoy::type::v3::FractionalPercent& percentage) : header_percentage_provider_(HeaderNames::get().DelayRequestPercentage, percentage) {} // DelayProvider absl::optional duration(const Http::RequestHeaderMap* request_headers) const override; envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const override { return header_percentage_provider_.percentage(request_headers); } private: HeaderPercentageProvider header_percentage_provider_; }; using DelayProviderPtr = std::unique_ptr; DelayProviderPtr provider_; }; using FaultDelayConfigPtr = std::unique_ptr; using FaultDelayConfigSharedPtr = std::shared_ptr; /** * Generic configuration for a rate limit fault. */ class FaultRateLimitConfig { public: FaultRateLimitConfig( const envoy::extensions::filters::common::fault::v3::FaultRateLimit& rate_limit_config); absl::optional rateKbps(const Http::RequestHeaderMap* request_headers) const { return provider_->rateKbps(request_headers); } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const { return provider_->percentage(request_headers); } private: // Abstract rate limit provider. class RateLimitProvider { public: virtual ~RateLimitProvider() = default; // Return the rate limit to use in KiB/s. Optionally passed HTTP headers that may contain the // rate limit depending on the provider implementation. virtual absl::optional rateKbps(const Http::RequestHeaderMap* request_headers) const PURE; // Return what percentage of requests response rate limit faults should be applied to. // Optionally passed HTTP headers that may contain the percentage depending on the provider // implementation. virtual envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const PURE; }; // Rate limit provider that uses a fixed rate limit. class FixedRateLimitProvider : public RateLimitProvider { public: FixedRateLimitProvider(uint64_t fixed_rate_kbps, const envoy::type::v3::FractionalPercent& percentage) : fixed_rate_kbps_(fixed_rate_kbps), percentage_(percentage) {} absl::optional rateKbps(const Http::RequestHeaderMap*) const override { return fixed_rate_kbps_; } envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap*) const override { return percentage_; } private: const uint64_t fixed_rate_kbps_; const envoy::type::v3::FractionalPercent percentage_; }; // Rate limit provider that reads the rate limit from an HTTP header. class HeaderRateLimitProvider : public RateLimitProvider { public: HeaderRateLimitProvider(const envoy::type::v3::FractionalPercent& percentage) : header_percentage_provider_(HeaderNames::get().ThroughputResponsePercentage, percentage) { } // RateLimitProvider absl::optional rateKbps(const Http::RequestHeaderMap* request_headers) const override; envoy::type::v3::FractionalPercent percentage(const Http::RequestHeaderMap* request_headers) const override { return header_percentage_provider_.percentage(request_headers); } private: HeaderPercentageProvider header_percentage_provider_; }; using RateLimitProviderPtr = std::unique_ptr; RateLimitProviderPtr provider_; }; using FaultRateLimitConfigPtr = std::unique_ptr; } // namespace Fault } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/local_ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "local_ratelimit_lib", srcs = ["local_ratelimit_impl.cc"], hdrs = ["local_ratelimit_impl.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//source/common/common:thread_synchronizer_lib", ], ) ================================================ FILE: source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.cc ================================================ #include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace LocalRateLimit { LocalRateLimiterImpl::LocalRateLimiterImpl(const std::chrono::milliseconds fill_interval, const uint32_t max_tokens, const uint32_t tokens_per_fill, Event::Dispatcher& dispatcher) : fill_interval_(fill_interval), max_tokens_(max_tokens), tokens_per_fill_(tokens_per_fill), fill_timer_(fill_interval_ > std::chrono::milliseconds(0) ? dispatcher.createTimer([this] { onFillTimer(); }) : nullptr) { if (fill_timer_ && fill_interval_ < std::chrono::milliseconds(50)) { throw EnvoyException("local rate limit token bucket fill timer must be >= 50ms"); } tokens_ = max_tokens; if (fill_timer_) { fill_timer_->enableTimer(fill_interval_); } } LocalRateLimiterImpl::~LocalRateLimiterImpl() { if (fill_timer_ != nullptr) { fill_timer_->disableTimer(); } } void LocalRateLimiterImpl::onFillTimer() { // Relaxed consistency is used for all operations because we don't care about ordering, just the // final atomic correctness. uint32_t expected_tokens = tokens_.load(std::memory_order_relaxed); uint32_t new_tokens_value; do { // expected_tokens is either initialized above or reloaded during the CAS failure below. new_tokens_value = std::min(max_tokens_, expected_tokens + tokens_per_fill_); // Testing hook. synchronizer_.syncPoint("on_fill_timer_pre_cas"); // Loop while the weak CAS fails trying to update the tokens value. } while ( !tokens_.compare_exchange_weak(expected_tokens, new_tokens_value, std::memory_order_relaxed)); fill_timer_->enableTimer(fill_interval_); } bool LocalRateLimiterImpl::requestAllowed() const { // Relaxed consistency is used for all operations because we don't care about ordering, just the // final atomic correctness. uint32_t expected_tokens = tokens_.load(std::memory_order_relaxed); do { // expected_tokens is either initialized above or reloaded during the CAS failure below. if (expected_tokens == 0) { return false; } // Testing hook. synchronizer_.syncPoint("allowed_pre_cas"); // Loop while the weak CAS fails trying to subtract 1 from expected. } while (!tokens_.compare_exchange_weak(expected_tokens, expected_tokens - 1, std::memory_order_relaxed)); // We successfully decremented the counter by 1. return true; } } // namespace LocalRateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h ================================================ #pragma once #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "common/common/thread_synchronizer.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace LocalRateLimit { class LocalRateLimiterImpl { public: LocalRateLimiterImpl(const std::chrono::milliseconds fill_interval, const uint32_t max_tokens, const uint32_t tokens_per_fill, Event::Dispatcher& dispatcher); ~LocalRateLimiterImpl(); bool requestAllowed() const; private: void onFillTimer(); const std::chrono::milliseconds fill_interval_; const uint32_t max_tokens_; const uint32_t tokens_per_fill_; const Event::TimerPtr fill_timer_; mutable std::atomic tokens_; mutable Thread::ThreadSynchronizer synchronizer_; // Used for testing only. friend class LocalRateLimiterImplTest; }; } // namespace LocalRateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/lua/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) load("//bazel:envoy_internal.bzl", "envoy_external_dep_path") load("@bazel_skylib//rules:common_settings.bzl", "bool_flag") licenses(["notice"]) # Apache 2 envoy_extension_package() bool_flag( name = "moonjit", build_setting_default = False, ) config_setting( name = "with_moonjit", flag_values = { ":moonjit": "True", }, ) envoy_cc_library( name = "lua_lib", srcs = ["lua.cc"], hdrs = ["lua.h"], deps = [ "//include/envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:lock_guard_lib", "//source/common/common:thread_lib", "//source/common/common:c_smart_ptr_lib", "//source/common/protobuf", ] + select({ ":with_moonjit": [envoy_external_dep_path("moonjit")], "//conditions:default": [envoy_external_dep_path("luajit")], }), ) envoy_cc_library( name = "wrappers_lib", srcs = ["wrappers.cc"], hdrs = ["wrappers.h"], deps = [ ":lua_lib", "//include/envoy/buffer:buffer_interface", "//source/common/common:hex_lib", "//source/common/protobuf", ], ) ================================================ FILE: source/extensions/filters/common/lua/lua.cc ================================================ #include "extensions/filters/common/lua/lua.h" #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/lock_guard.h" #include "common/common/thread.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Lua { Coroutine::Coroutine(const std::pair& new_thread_state) : coroutine_state_(new_thread_state, false) {} void Coroutine::start(int function_ref, int num_args, const std::function& yield_callback) { ASSERT(state_ == State::NotStarted); state_ = State::Yielded; lua_rawgeti(coroutine_state_.get(), LUA_REGISTRYINDEX, function_ref); ASSERT(lua_isfunction(coroutine_state_.get(), -1)); // The function needs to come before the arguments but the arguments are already on the stack, // so we need to move it into position. lua_insert(coroutine_state_.get(), -(num_args + 1)); resume(num_args, yield_callback); } void Coroutine::resume(int num_args, const std::function& yield_callback) { ASSERT(state_ == State::Yielded); int rc = lua_resume(coroutine_state_.get(), num_args); if (0 == rc) { state_ = State::Finished; ENVOY_LOG(debug, "coroutine finished"); } else if (LUA_YIELD == rc) { state_ = State::Yielded; ENVOY_LOG(debug, "coroutine yielded"); yield_callback(); } else { state_ = State::Finished; const char* error = lua_tostring(coroutine_state_.get(), -1); throw LuaException(error); } } ThreadLocalState::ThreadLocalState(const std::string& code, ThreadLocal::SlotAllocator& tls) : tls_slot_(tls.allocateSlot()) { // First verify that the supplied code can be parsed. CSmartPtr state(lua_open()); RELEASE_ASSERT(state.get() != nullptr, "unable to create new Lua state object"); luaL_openlibs(state.get()); if (0 != luaL_dostring(state.get(), code.c_str())) { throw LuaException(fmt::format("script load error: {}", lua_tostring(state.get(), -1))); } // Now initialize on all threads. tls_slot_->set([code](Event::Dispatcher&) { return ThreadLocal::ThreadLocalObjectSharedPtr{new LuaThreadLocal(code)}; }); } int ThreadLocalState::getGlobalRef(uint64_t slot) { LuaThreadLocal& tls = tls_slot_->getTyped(); ASSERT(tls.global_slots_.size() > slot); return tls.global_slots_[slot]; } uint64_t ThreadLocalState::registerGlobal(const std::string& global) { tls_slot_->runOnAllThreads([global](ThreadLocal::ThreadLocalObjectSharedPtr previous) { LuaThreadLocal& tls = *std::dynamic_pointer_cast(previous); lua_getglobal(tls.state_.get(), global.c_str()); if (lua_isfunction(tls.state_.get(), -1)) { tls.global_slots_.push_back(luaL_ref(tls.state_.get(), LUA_REGISTRYINDEX)); } else { ENVOY_LOG(debug, "definition for '{}' not found in script", global); lua_pop(tls.state_.get(), 1); tls.global_slots_.push_back(LUA_REFNIL); } return previous; }); return current_global_slot_++; } CoroutinePtr ThreadLocalState::createCoroutine() { lua_State* state = tls_slot_->getTyped().state_.get(); return std::make_unique(std::make_pair(lua_newthread(state), state)); } ThreadLocalState::LuaThreadLocal::LuaThreadLocal(const std::string& code) : state_(lua_open()) { RELEASE_ASSERT(state_.get() != nullptr, "unable to create new Lua state object"); luaL_openlibs(state_.get()); int rc = luaL_dostring(state_.get(), code.c_str()); ASSERT(rc == 0); } } // namespace Lua } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/lua/lua.h ================================================ #pragma once #include #include #include #include "envoy/common/exception.h" #include "envoy/thread_local/thread_local.h" #include "common/common/assert.h" #include "common/common/c_smart_ptr.h" #include "common/common/logger.h" #include "lua.hpp" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Lua { /** * Some general notes on everything in this file. Lua/C bindings are functional, but not the most * beautiful interfaces. For more general overview information see the following: * 1) https://www.lua.org/manual/5.1/manual.html#3 * 2) https://doc.lagout.org/programmation/Lua/Programming%20in%20Lua%20Second%20Edition.pdf * 3) http://luajit.org/extensions.html * * Instead of delving into crazy template metaprogramming in all cases, I've tried to use a mix * of templates and macros to try to hide the majority of the pain. I.e., most Lua/C pain should * be in this file. We do still expose basic Lua/C programming (manipulating the stack, etc.) out * to callers which avoids the messy C++ template programming I mentioned above. */ /** * Base macro for declaring a Lua/C function. Any function declared will need to be exported via * the exportedFunctions() function in BaseLuaObject. See BaseLuaObject below for more * information. This macro declares a static "thunk" which checks the user data, optionally checks * for object death (again see BaseLuaObject below for more info), and then invokes a normal * object method. The actual object method needs to be implemented by the class. * @param Class supplies the owning class name. * @param Name supplies the function name. * @param Index supplies the stack index where "this" (Lua/C userdata) is found. */ #define DECLARE_LUA_FUNCTION_EX(Class, Name, Index) \ static int static_##Name(lua_State* state) { \ Class* object = ::Envoy::Extensions::Filters::Common::Lua::alignAndCast( \ luaL_checkudata(state, Index, typeid(Class).name())); \ object->checkDead(state); \ return object->Name(state); \ } \ int Name(lua_State* state); /** * Declare a Lua function in which userdata is in stack slot 1. See DECLARE_LUA_FUNCTION_EX() */ #define DECLARE_LUA_FUNCTION(Class, Name) DECLARE_LUA_FUNCTION_EX(Class, Name, 1) /** * Declare a Lua function in which userdata is in upvalue slot 1. See DECLARE_LUA_FUNCTION_EX() */ #define DECLARE_LUA_CLOSURE(Class, Name) DECLARE_LUA_FUNCTION_EX(Class, Name, lua_upvalueindex(1)) /** * Calculate the maximum space needed to be aligned. */ template constexpr size_t maximumSpaceNeededToAlign() { // The allocated memory can be misaligned up to `alignof(T) - 1` bytes. Adding it to the size to // allocate. return sizeof(T) + alignof(T) - 1; } template inline T* alignAndCast(void* mem) { size_t size = maximumSpaceNeededToAlign(); return static_cast(std::align(alignof(T), sizeof(T), mem, size)); } /** * Create a new user data and assign its metatable. */ template inline T* allocateLuaUserData(lua_State* state) { void* mem = lua_newuserdata(state, maximumSpaceNeededToAlign()); luaL_getmetatable(state, typeid(T).name()); ASSERT(lua_istable(state, -1)); lua_setmetatable(state, -2); return alignAndCast(mem); } /** * This is the base class for all C++ objects that we expose out to Lua. The goal is to hide as * much ugliness as possible. In general, to use this, do the following: * 1) Make your class derive from BaseLuaObject * 2) Define methods using DECLARE_LUA_FUNCTION* macros * 3) Export your functions by declaring a static exportedFunctions() method in your class. * 4) Optionally manage "death" status on your object. (See checkDead() and markDead() below). * 5) Generally you will want to hold your objects inside a LuaRef or a LuaDeathRef. See below * for more information on those containers. * * It's very important to understand the Lua memory model: Once an object is created, *it is * owned by Lua*. Lua can GC it at any time. If you want to make sure that does not happen, you * must hold a ref to it in C++, generally via LuaRef or LuaDeathRef. */ template class BaseLuaObject : protected Logger::Loggable { public: using ExportedFunctions = std::vector>; virtual ~BaseLuaObject() = default; /** * Create a new object of this type, owned by Lua. This type must have previously been registered * via the registerType() routine below. * @param state supplies the owning Lua state. * @param args supplies the variadic constructor arguments for the object. * @return a pair containing a pointer to the new object and the state it was created with. (This * is done for convenience when passing a created object to a LuaRef or a LuaDeathRef. */ template static std::pair create(lua_State* state, ConstructorArgs&&... args) { // Memory is allocated via Lua and it is raw. We use placement new to run the constructor. T* mem = allocateLuaUserData(state); ENVOY_LOG(trace, "creating {} at {}", typeid(T).name(), static_cast(mem)); return {new (mem) T(std::forward(args)...), state}; } /** * Register a type with Lua. * @param state supplies the state to register with. */ static void registerType(lua_State* state) { std::vector to_register; // Fetch all of the functions to be exported to Lua so that we can register them in the // metatable. ExportedFunctions functions = T::exportedFunctions(); for (auto function : functions) { to_register.push_back({function.first, function.second}); } // Always register a __gc method so that we can run the object's destructor. We do this // manually because the memory is raw and was allocated by Lua. to_register.push_back( {"__gc", [](lua_State* state) { T* object = alignAndCast(luaL_checkudata(state, 1, typeid(T).name())); ENVOY_LOG(trace, "destroying {} at {}", typeid(T).name(), static_cast(object)); object->~T(); return 0; }}); // Add the sentinel. to_register.push_back({nullptr, nullptr}); // Register the type by creating a new metatable, setting __index to itself, and then // performing the register. ENVOY_LOG(debug, "registering new type: {}", typeid(T).name()); int rc = luaL_newmetatable(state, typeid(T).name()); ASSERT(rc == 1); lua_pushvalue(state, -1); lua_setfield(state, -2, "__index"); luaL_register(state, nullptr, to_register.data()); } /** * This function is called as part of the DECLARE_LUA_FUNCTION* macros. The idea here is that * we cannot control when Lua destroys things. However, we may expose wrappers to a script that * should not be used after some event. This allows us to mark objects as dead so that if they * are used again they will throw a Lua error and not reach our code. * @param state supplies the calling LuaState. */ int checkDead(lua_State* state) { if (dead_) { return luaL_error(state, "object used outside of proper scope"); } return 0; } /** * Mark an object as dead so that a checkDead() call will throw an error. See checkDead(). */ void markDead() { dead_ = true; ENVOY_LOG(trace, "marking dead {} at {}", typeid(T).name(), static_cast(this)); onMarkDead(); } /** * Mark an object as live so that a checkDead() call will not throw an error. See checkDead(). */ void markLive() { dead_ = false; ENVOY_LOG(trace, "marking live {} at {}", typeid(T).name(), static_cast(this)); onMarkLive(); } protected: /** * Called from markDead() when an object is marked dead. This is effectively a C++ destructor for * Lua/C objects. Objects can perform inline cleanup or mark other objects as dead if needed. It * can also be used to protect objects from use if they get assigned to a global variable and * used across coroutines. */ virtual void onMarkDead() {} /** * Called from markLive() when an object is marked live. This is a companion to onMarkDead(). See * the comments there. */ virtual void onMarkLive() {} private: bool dead_{}; }; /** * This is basically a Lua smart pointer. The idea is that given a Lua object, if we want to * guarantee that Lua won't destroy it, we need to reference it. This wraps the reference * functionality. While a LuaRef owns an object it's guaranteed that Lua will not GC it. * TODO(mattklein123): Add dedicated unit tests. This will require mocking a Lua state. */ template class LuaRef { public: /** * Create an empty LuaRef. */ LuaRef() { reset(); } /** * Create a LuaRef from an object. * @param object supplies the object. Generally this is the return value from a Object::create() * call. The object must be at the top of the Lua stack. * @param leave_on_stack supplies whether to leave the object on the stack or not when the ref * is constructed. */ LuaRef(const std::pair& object, bool leave_on_stack) { reset(object, leave_on_stack); } ~LuaRef() { unref(); } T* get() { return object_.first; } /** * Same as the LuaRef non-default constructor, but post-construction. */ void reset(const std::pair& object, bool leave_on_stack) { unref(); if (leave_on_stack) { lua_pushvalue(object.second, -1); } object_ = object; ref_ = luaL_ref(object_.second, LUA_REGISTRYINDEX); ASSERT(ref_ != LUA_REFNIL); } /** * Return a LuaRef to its default/empty state. */ void reset() { unref(); object_ = std::pair{}; ref_ = LUA_NOREF; } /** * Push the referenced object back onto the stack. */ void pushStack() { ASSERT(object_.first); lua_rawgeti(object_.second, LUA_REGISTRYINDEX, ref_); } protected: void unref() { if (object_.second != nullptr) { luaL_unref(object_.second, LUA_REGISTRYINDEX, ref_); } } std::pair object_; int ref_; }; /** * This is a variant of LuaRef which also marks an object as dead during destruction. This is * useful if an object should not be used after the scope of the pcall() or resume(). * TODO(mattklein123): Add dedicated unit tests. This will require mocking a Lua state. */ template class LuaDeathRef : public LuaRef { public: using LuaRef::LuaRef; ~LuaDeathRef() { markDead(); } void markDead() { if (this->object_.first) { this->object_.first->markDead(); } } void markLive() { if (this->object_.first) { this->object_.first->markLive(); } } void reset(const std::pair& object, bool leave_on_stack) { markDead(); LuaRef::reset(object, leave_on_stack); } void reset() { markDead(); LuaRef::reset(); } }; /** * This is a wrapper for a Lua coroutine. Lua intermixes coroutine and "thread." Lua does not have * real threads, only cooperatively scheduled coroutines. */ class Coroutine : Logger::Loggable { public: enum class State { NotStarted, Yielded, Finished }; Coroutine(const std::pair& new_thread_state); lua_State* luaState() { return coroutine_state_.get(); } State state() { return state_; } /** * Start a coroutine. * @param function_ref supplies the previously registered function to call. Registered with * ThreadLocalState::registerGlobal(). * @param num_args supplies the number of arguments to start the coroutine with. They should be * on the stack already. * @param yield_callback supplies a callback that will be invoked if the coroutine yields. */ void start(int function_ref, int num_args, const std::function& yield_callback); /** * Resume a previously yielded coroutine. * @param num_args supplies the number of arguments to resume the coroutine with. They should be * on the stack already. * @param yield_callback supplies a callback that will be invoked if the coroutine yields. */ void resume(int num_args, const std::function& yield_callback); private: LuaRef coroutine_state_; State state_{State::NotStarted}; }; using CoroutinePtr = std::unique_ptr; /** * This class wraps a Lua state that can be used safely across threads. The model is that every * worker gets its own independent state. There is no truly global state that a script can access. * This is something that might be provided in the future via an API (not via Lua itself). */ class ThreadLocalState : Logger::Loggable { public: ThreadLocalState(const std::string& code, ThreadLocal::SlotAllocator& tls); /** * @return CoroutinePtr a new coroutine. */ CoroutinePtr createCoroutine(); /** * @return a global reference previously registered via registerGlobal(). This may return * LUA_REFNIL if there was no such global. * @param slot supplies the global slot/index to lookup. */ int getGlobalRef(uint64_t slot); /** * Register a global for later use. * @param global supplies the name of the global. * @return a slot/index for later use with getGlobalRef(). */ uint64_t registerGlobal(const std::string& global); /** * Register a type with the thread local state. After this call the type will be available on * all threaded workers. */ template void registerType() { tls_slot_->runOnAllThreads([](ThreadLocal::ThreadLocalObjectSharedPtr previous) { LuaThreadLocal& tls = *std::dynamic_pointer_cast(previous); T::registerType(tls.state_.get()); return previous; }); } /** * Return the number of bytes used by the runtime. */ uint64_t runtimeBytesUsed() { uint64_t bytes_used = lua_gc(tls_slot_->getTyped().state_.get(), LUA_GCCOUNT, 0) * 1024; bytes_used += lua_gc(tls_slot_->getTyped().state_.get(), LUA_GCCOUNTB, 0); return bytes_used; } /** * Force a full runtime GC. */ void runtimeGC() { lua_gc(tls_slot_->getTyped().state_.get(), LUA_GCCOLLECT, 0); } private: struct LuaThreadLocal : public ThreadLocal::ThreadLocalObject { LuaThreadLocal(const std::string& code); CSmartPtr state_; std::vector global_slots_; }; ThreadLocal::SlotPtr tls_slot_; uint64_t current_global_slot_{}; }; using ThreadLocalStatePtr = std::unique_ptr; /** * An exception specific to Lua errors. */ class LuaException : public EnvoyException { public: using EnvoyException::EnvoyException; }; } // namespace Lua } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/lua/wrappers.cc ================================================ #include "extensions/filters/common/lua/wrappers.h" #include #include #include "common/common/assert.h" #include "common/common/hex.h" #include "absl/time/time.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Lua { namespace { // Builds a Lua table from a list of strings. template void createLuaTableFromStringList(lua_State* state, const StringList& list) { lua_createtable(state, list.size(), 0); for (size_t i = 0; i < list.size(); i++) { lua_pushstring(state, list[i].c_str()); // After the list[i].c_str() is pushed to the stack, we need to set the "current element" with // that value. The lua_rawseti(state, t, i) helps us to set the value of table t with key i. // Given the index of the current element/table in the stack is below the pushed value i.e. -2 // and the key (refers to where the element is in the table) is i + 1 (note that in Lua index // starts from 1), hence we have: lua_rawseti(state, -2, i + 1); } } // By default, LUA_INTEGER is https://en.cppreference.com/w/cpp/types/ptrdiff_t // (https://github.com/LuaJIT/LuaJIT/blob/8271c643c21d1b2f344e339f559f2de6f3663191/src/luaconf.h#L104), // which is large enough to hold timestamp-since-epoch in seconds. Note: In Lua, we usually use // os.time(os.date("!*t")) to get current timestamp-since-epoch in seconds. int64_t timestampInSeconds(const absl::optional& system_time) { return system_time.has_value() ? std::chrono::duration_cast( system_time.value().time_since_epoch()) .count() : 0; } } // namespace int BufferWrapper::luaLength(lua_State* state) { lua_pushnumber(state, data_.length()); return 1; } int BufferWrapper::luaGetBytes(lua_State* state) { const int index = luaL_checkint(state, 2); const int length = luaL_checkint(state, 3); if (index < 0 || length < 0 || static_cast(index) + static_cast(length) > data_.length()) { luaL_error(state, "index/length must be >= 0 and (index + length) must be <= buffer size"); } // TODO(mattklein123): Reduce copies here by using Lua direct buffer builds. std::unique_ptr data(new char[length]); data_.copyOut(index, length, data.get()); lua_pushlstring(state, data.get(), length); return 1; } int BufferWrapper::luaSetBytes(lua_State* state) { data_.drain(data_.length()); absl::string_view bytes = luaL_checkstring(state, 2); data_.add(bytes); lua_pushnumber(state, data_.length()); return 1; } void MetadataMapHelper::setValue(lua_State* state, const ProtobufWkt::Value& value) { ProtobufWkt::Value::KindCase kind = value.kind_case(); switch (kind) { case ProtobufWkt::Value::kNullValue: return lua_pushnil(state); case ProtobufWkt::Value::kNumberValue: return lua_pushnumber(state, value.number_value()); case ProtobufWkt::Value::kBoolValue: return lua_pushboolean(state, value.bool_value()); case ProtobufWkt::Value::kStructValue: return createTable(state, value.struct_value().fields()); case ProtobufWkt::Value::kStringValue: { const auto& string_value = value.string_value(); return lua_pushstring(state, string_value.c_str()); } case ProtobufWkt::Value::kListValue: { const auto& list = value.list_value(); const int values_size = list.values_size(); lua_createtable(state, values_size, 0); for (int i = 0; i < values_size; i++) { // Here we want to build an array (or a list). Array in lua is just a name for table used in a // specific way. Basically we want to have: 'elements' table. Where elements[i] is an entry // in that table, where key = i and value = list.values[i]. // // Firstly, we need to push the value to the stack. setValue(state, list.values(i)); // Secondly, after the list.value(i) is pushed to the stack, we need to set the 'current // element' with that value. The lua_rawseti(state, t, i) helps us to set the value of table t // with key i. Given the index of the current element/table in the stack is below the pushed // value i.e. -2 and the key (refers to where the element is in the table) is i + 1 (note that // in lua index starts from 1), hence we have: lua_rawseti(state, -2, i + 1); } return; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } void MetadataMapHelper::createTable(lua_State* state, const Protobuf::Map& fields) { lua_createtable(state, 0, fields.size()); for (const auto& field : fields) { int top = lua_gettop(state); lua_pushstring(state, field.first.c_str()); setValue(state, field.second); lua_settable(state, top); } } /** * Converts the value on top of the Lua stack into a ProtobufWkt::Value. * Any Lua types that cannot be directly mapped to Value types will * yield an error. */ ProtobufWkt::Value MetadataMapHelper::loadValue(lua_State* state) { ProtobufWkt::Value value; int type = lua_type(state, -1); switch (type) { case LUA_TNIL: value.set_null_value(ProtobufWkt::NullValue()); break; case LUA_TNUMBER: value.set_number_value(static_cast(lua_tonumber(state, -1))); break; case LUA_TBOOLEAN: value.set_bool_value(lua_toboolean(state, -1) != 0); break; case LUA_TTABLE: { int length = MetadataMapHelper::tableLength(state); if (length > 0) { *value.mutable_list_value() = MetadataMapHelper::loadList(state, length); } else { *value.mutable_struct_value() = MetadataMapHelper::loadStruct(state); } break; } case LUA_TSTRING: value.set_string_value(lua_tostring(state, -1)); break; default: luaL_error(state, "unexpected type '%s' in dynamicMetadata", lua_typename(state, type)); } return value; } /** * Returns the length of a Lua table if it's actually shaped like a List, * i.e. if all the keys are consecutive number values. Otherwise, returns -1. */ int MetadataMapHelper::tableLength(lua_State* state) { double max = 0; lua_pushnil(state); while (lua_next(state, -2) != 0) { if (lua_type(state, -2) == LUA_TNUMBER) { double k = lua_tonumber(state, -2); if (floor(k) == k && k >= 1) { if (k > max) { max = k; } lua_pop(state, 1); continue; } } lua_pop(state, 2); return -1; } return static_cast(max); } ProtobufWkt::ListValue MetadataMapHelper::loadList(lua_State* state, int length) { ProtobufWkt::ListValue list; for (int i = 1; i <= length; i++) { lua_rawgeti(state, -1, i); *list.add_values() = MetadataMapHelper::loadValue(state); lua_pop(state, 1); } return list; } ProtobufWkt::Struct MetadataMapHelper::loadStruct(lua_State* state) { ProtobufWkt::Struct struct_obj; lua_pushnil(state); while (lua_next(state, -2) != 0) { int key_type = lua_type(state, -2); if (key_type != LUA_TSTRING) { luaL_error(state, "unexpected type %s in table key (only string keys are supported)", lua_typename(state, key_type)); } const char* key = lua_tostring(state, -2); (*struct_obj.mutable_fields())[key] = MetadataMapHelper::loadValue(state); lua_pop(state, 1); } return struct_obj; } MetadataMapIterator::MetadataMapIterator(MetadataMapWrapper& parent) : parent_{parent}, current_{parent.metadata_.fields().begin()} {} int MetadataMapIterator::luaPairsIterator(lua_State* state) { if (current_ == parent_.metadata_.fields().end()) { parent_.iterator_.reset(); return 0; } lua_pushstring(state, current_->first.c_str()); MetadataMapHelper::setValue(state, current_->second); current_++; return 2; } int MetadataMapWrapper::luaGet(lua_State* state) { const char* key = luaL_checkstring(state, 2); const auto filter_it = metadata_.fields().find(key); if (filter_it == metadata_.fields().end()) { return 0; } MetadataMapHelper::setValue(state, filter_it->second); return 1; } int MetadataMapWrapper::luaPairs(lua_State* state) { if (iterator_.get() != nullptr) { luaL_error(state, "cannot create a second iterator before completing the first"); } iterator_.reset(MetadataMapIterator::create(state, *this), true); lua_pushcclosure(state, MetadataMapIterator::static_luaPairsIterator, 1); return 1; } int SslConnectionWrapper::luaPeerCertificatePresented(lua_State* state) { lua_pushboolean(state, connection_info_.peerCertificatePresented()); return 1; } int SslConnectionWrapper::luaPeerCertificateValidated(lua_State* state) { lua_pushboolean(state, connection_info_.peerCertificateValidated()); return 1; } int SslConnectionWrapper::luaUriSanLocalCertificate(lua_State* state) { createLuaTableFromStringList(state, connection_info_.uriSanLocalCertificate()); return 1; } int SslConnectionWrapper::luaSha256PeerCertificateDigest(lua_State* state) { lua_pushstring(state, connection_info_.sha256PeerCertificateDigest().c_str()); return 1; } int SslConnectionWrapper::luaSerialNumberPeerCertificate(lua_State* state) { lua_pushstring(state, connection_info_.serialNumberPeerCertificate().c_str()); return 1; } int SslConnectionWrapper::luaIssuerPeerCertificate(lua_State* state) { lua_pushstring(state, connection_info_.issuerPeerCertificate().c_str()); return 1; } int SslConnectionWrapper::luaSubjectPeerCertificate(lua_State* state) { lua_pushstring(state, connection_info_.subjectPeerCertificate().c_str()); return 1; } int SslConnectionWrapper::luaUriSanPeerCertificate(lua_State* state) { createLuaTableFromStringList(state, connection_info_.uriSanPeerCertificate()); return 1; } int SslConnectionWrapper::luaSubjectLocalCertificate(lua_State* state) { lua_pushstring(state, connection_info_.subjectLocalCertificate().c_str()); return 1; } int SslConnectionWrapper::luaDnsSansPeerCertificate(lua_State* state) { createLuaTableFromStringList(state, connection_info_.dnsSansPeerCertificate()); return 1; } int SslConnectionWrapper::luaDnsSansLocalCertificate(lua_State* state) { createLuaTableFromStringList(state, connection_info_.dnsSansLocalCertificate()); return 1; } int SslConnectionWrapper::luaValidFromPeerCertificate(lua_State* state) { lua_pushinteger(state, timestampInSeconds(connection_info_.validFromPeerCertificate())); return 1; } int SslConnectionWrapper::luaExpirationPeerCertificate(lua_State* state) { lua_pushinteger(state, timestampInSeconds(connection_info_.expirationPeerCertificate())); return 1; } int SslConnectionWrapper::luaSessionId(lua_State* state) { lua_pushstring(state, connection_info_.sessionId().c_str()); return 1; } int SslConnectionWrapper::luaCiphersuiteId(lua_State* state) { lua_pushstring(state, absl::StrCat("0x", Hex::uint16ToHex(connection_info_.ciphersuiteId())).c_str()); return 1; } int SslConnectionWrapper::luaCiphersuiteString(lua_State* state) { lua_pushstring(state, connection_info_.ciphersuiteString().c_str()); return 1; } int SslConnectionWrapper::luaUrlEncodedPemEncodedPeerCertificate(lua_State* state) { lua_pushstring(state, connection_info_.urlEncodedPemEncodedPeerCertificate().c_str()); return 1; } int SslConnectionWrapper::luaUrlEncodedPemEncodedPeerCertificateChain(lua_State* state) { lua_pushstring(state, connection_info_.urlEncodedPemEncodedPeerCertificateChain().c_str()); return 1; } int SslConnectionWrapper::luaTlsVersion(lua_State* state) { lua_pushstring(state, connection_info_.tlsVersion().c_str()); return 1; } int ConnectionWrapper::luaSsl(lua_State* state) { const auto& ssl = connection_->ssl(); if (ssl != nullptr) { if (ssl_connection_wrapper_.get() != nullptr) { ssl_connection_wrapper_.pushStack(); } else { ssl_connection_wrapper_.reset(SslConnectionWrapper::create(state, *ssl), true); } } else { lua_pushnil(state); } return 1; } } // namespace Lua } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/lua/wrappers.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/common/lua/lua.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace Lua { /** * A wrapper for a buffer. */ class BufferWrapper : public BaseLuaObject { public: BufferWrapper(Buffer::Instance& data) : data_(data) {} static ExportedFunctions exportedFunctions() { return {{"length", static_luaLength}, {"getBytes", static_luaGetBytes}, {"setBytes", static_luaSetBytes}}; } private: /** * @return int the size in bytes of the buffer. */ DECLARE_LUA_FUNCTION(BufferWrapper, luaLength); /** * Get bytes out of a buffer for inspection in Lua. * @param 1 (int) starting index of bytes to extract. * @param 2 (int) length of bytes to extract. * @return string the extracted bytes. Throws an error if the index/length are out of range. */ DECLARE_LUA_FUNCTION(BufferWrapper, luaGetBytes); /** * Set the wrapped data with the input string. * @param 1 (string) input string. * @return int the length of the input string. */ DECLARE_LUA_FUNCTION(BufferWrapper, luaSetBytes); Buffer::Instance& data_; }; class MetadataMapWrapper; struct MetadataMapHelper { static void setValue(lua_State* state, const ProtobufWkt::Value& value); static void createTable(lua_State* state, const Protobuf::Map& fields); static ProtobufWkt::Value loadValue(lua_State* state); private: static ProtobufWkt::Struct loadStruct(lua_State* state); static ProtobufWkt::ListValue loadList(lua_State* state, int length); static int tableLength(lua_State* state); }; /** * Iterator over a metadata map. */ class MetadataMapIterator : public BaseLuaObject { public: MetadataMapIterator(MetadataMapWrapper& parent); static ExportedFunctions exportedFunctions() { return {}; } DECLARE_LUA_CLOSURE(MetadataMapIterator, luaPairsIterator); private: MetadataMapWrapper& parent_; Protobuf::Map::const_iterator current_; }; /** * Lua wrapper for a metadata map. */ class MetadataMapWrapper : public BaseLuaObject { public: MetadataMapWrapper(const ProtobufWkt::Struct& metadata) : metadata_{metadata} {} static ExportedFunctions exportedFunctions() { return {{"get", static_luaGet}, {"__pairs", static_luaPairs}}; } private: /** * Get a metadata value from the map. * @param 1 (string): filter. * @return string value if found or nil. */ DECLARE_LUA_FUNCTION(MetadataMapWrapper, luaGet); /** * Implementation of the __pairs metamethod so a metadata wrapper can be iterated over using * pairs(). */ DECLARE_LUA_FUNCTION(MetadataMapWrapper, luaPairs); // Envoy::Lua::BaseLuaObject void onMarkDead() override { // Iterators do not survive yields. iterator_.reset(); } const ProtobufWkt::Struct metadata_; LuaDeathRef iterator_; friend class MetadataMapIterator; }; /** * Lua wrapper for Ssl::ConnectionInfo. */ class SslConnectionWrapper : public BaseLuaObject { public: explicit SslConnectionWrapper(const Ssl::ConnectionInfo& info) : connection_info_{info} {} static ExportedFunctions exportedFunctions() { return {{"peerCertificatePresented", static_luaPeerCertificatePresented}, {"peerCertificateValidated", static_luaPeerCertificateValidated}, {"uriSanLocalCertificate", static_luaUriSanLocalCertificate}, {"sha256PeerCertificateDigest", static_luaSha256PeerCertificateDigest}, {"serialNumberPeerCertificate", static_luaSerialNumberPeerCertificate}, {"issuerPeerCertificate", static_luaIssuerPeerCertificate}, {"subjectPeerCertificate", static_luaSubjectPeerCertificate}, {"uriSanPeerCertificate", static_luaUriSanPeerCertificate}, {"subjectLocalCertificate", static_luaSubjectLocalCertificate}, {"dnsSansPeerCertificate", static_luaDnsSansPeerCertificate}, {"dnsSansLocalCertificate", static_luaDnsSansLocalCertificate}, {"validFromPeerCertificate", static_luaValidFromPeerCertificate}, {"expirationPeerCertificate", static_luaExpirationPeerCertificate}, {"sessionId", static_luaSessionId}, {"ciphersuiteId", static_luaCiphersuiteId}, {"ciphersuiteString", static_luaCiphersuiteString}, {"urlEncodedPemEncodedPeerCertificate", static_luaUrlEncodedPemEncodedPeerCertificate}, {"urlEncodedPemEncodedPeerCertificateChain", static_luaUrlEncodedPemEncodedPeerCertificateChain}, {"tlsVersion", static_luaTlsVersion}}; } private: /** * Returns bool whether the peer certificate is presented. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaPeerCertificatePresented); /** * Returns bool whether the peer certificate is validated. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaPeerCertificateValidated); /** * Returns the URIs in the SAN field of the local certificate. Returns empty table if there is no * local certificate, or no SAN field, or no URI in SAN. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaUriSanLocalCertificate); /** * Returns the subject field of the local certificate in RFC 2253 format. Returns empty string if * there is no local certificate, or no subject. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaSubjectLocalCertificate); /** * Returns the SHA256 digest of the peer certificate. Returns empty string if there is no peer * certificate which can happen in TLS (non mTLS) connections. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaSha256PeerCertificateDigest); /** * Returns the serial number field of the peer certificate. Returns empty string if there is no * peer certificate, or no serial number. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaSerialNumberPeerCertificate); /** * Returns the issuer field of the peer certificate in RFC 2253 format. Returns empty string if * there is no peer certificate, or no issuer. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaIssuerPeerCertificate); /** * Returns the subject field of the peer certificate in RFC 2253 format. Returns empty string if * there is no peer certificate, or no subject. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaSubjectPeerCertificate); /** * Returns the URIs in the SAN field of the peer certificate. Returns empty table if there is no * peer certificate, or no SAN field, or no URI. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaUriSanPeerCertificate); /** * Return string the URL-encoded PEM-encoded representation of the peer certificate. Returns empty * string if there is no peer certificate or encoding fails. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaUrlEncodedPemEncodedPeerCertificate); /** * Returns the URL-encoded PEM-encoded representation of the full peer certificate chain including * the leaf certificate. Returns empty string if there is no peer certificate or encoding fails. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaUrlEncodedPemEncodedPeerCertificateChain); /** * Returns the DNS entries in the SAN field of the peer certificate. Returns an empty table if * there is no peer certificate, or no SAN field, or no DNS entries in SAN. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaDnsSansPeerCertificate); /** * Returns the DNS entries in the SAN field of the local certificate. Returns an empty table if * there is no local certificate, or no SAN field, or no DNS entries in SAN. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaDnsSansLocalCertificate); /** * Returns the timestamp-since-epoch (in seconds) that the peer certificate was issued and should * be considered valid from. Returns empty string if there is no peer certificate. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaValidFromPeerCertificate); /** * Returns the timestamp-since-epoch (in seconds) that the peer certificate expires and should not * be considered valid after. Returns empty string if there is no peer certificate. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaExpirationPeerCertificate); /** * Returns the hex-encoded TLS session ID as defined in RFC 5246. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaSessionId); /** * Returns the standard ID for the ciphers used in the established TLS connection. Returns 0xffff * if there is no current negotiated ciphersuite. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaCiphersuiteId); /** * Returns the OpenSSL name for the set of ciphers used in the established TLS connection. Returns * empty string if there is no current negotiated ciphersuite. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaCiphersuiteString); /** * Returns the TLS version (e.g. TLSv1.2, TLSv1.3) used in the established TLS connection. Returns * string if secured and nil if not. */ DECLARE_LUA_FUNCTION(SslConnectionWrapper, luaTlsVersion); // TODO(dio): Add luaX509Extension if required, since currently it is used out of tree. const Ssl::ConnectionInfo& connection_info_; }; /** * Lua wrapper for Network::Connection. */ class ConnectionWrapper : public BaseLuaObject { public: ConnectionWrapper(const Network::Connection* connection) : connection_{connection} {} // TODO(dio): Remove this in favor of StreamInfo::downstreamSslConnection wrapper since ssl() in // envoy/network/connection.h is subject to removal. static ExportedFunctions exportedFunctions() { return {{"ssl", static_luaSsl}}; } private: /** * Get the Ssl::Connection wrapper * @return object if secured and nil if not. */ DECLARE_LUA_FUNCTION(ConnectionWrapper, luaSsl); // Envoy::Lua::BaseLuaObject void onMarkDead() override { ssl_connection_wrapper_.reset(); } const Network::Connection* connection_; LuaDeathRef ssl_connection_wrapper_; }; } // namespace Lua } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/original_src/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Helprs for filters for mirroring the downstream remote address on the upstream's source. envoy_extension_package() envoy_cc_library( name = "original_src_socket_option_lib", srcs = ["original_src_socket_option.cc"], hdrs = ["original_src_socket_option.h"], deps = [ "//include/envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "socket_option_factory_lib", srcs = ["socket_option_factory.cc"], hdrs = ["socket_option_factory.h"], deps = [ ":original_src_socket_option_lib", "//include/envoy/network:listen_socket_interface", "//source/common/network:address_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", ], ) ================================================ FILE: source/extensions/filters/common/original_src/original_src_socket_option.cc ================================================ #include "extensions/filters/common/original_src/original_src_socket_option.h" #include "envoy/config/core/v3/base.pb.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace OriginalSrc { OriginalSrcSocketOption::OriginalSrcSocketOption( Network::Address::InstanceConstSharedPtr src_address) : src_address_(std::move(src_address)) { // Source transparency only works on IP connections. ASSERT(src_address_->type() == Network::Address::Type::Ip); } bool OriginalSrcSocketOption::setOption( Network::Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const { if (state == envoy::config::core::v3::SocketOption::STATE_PREBIND) { socket.setLocalAddress(src_address_); } return true; } /** * Inserts an address, already in network order, to a byte array. */ template void addressIntoVector(std::vector& vec, const T& address) { const uint8_t* byte_array = reinterpret_cast(&address); vec.insert(vec.end(), byte_array, byte_array + sizeof(T)); } void OriginalSrcSocketOption::hashKey(std::vector& key) const { // Note: we're assuming that there cannot be a conflict between IPv6 addresses here. If an IPv4 // address is mapped into an IPv6 address using an IPv4-Mapped IPv6 Address (RFC4921), then it's // possible the hashes will be different despite the IP address used by the connection being // the same. if (src_address_->ip()->version() == Network::Address::IpVersion::v4) { // note raw_address is already in network order uint32_t raw_address = src_address_->ip()->ipv4()->address(); addressIntoVector(key, raw_address); } else if (src_address_->ip()->version() == Network::Address::IpVersion::v6) { // note raw_address is already in network order absl::uint128 raw_address = src_address_->ip()->ipv6()->address(); addressIntoVector(key, raw_address); } } absl::optional OriginalSrcSocketOption::getOptionDetails( const Network::Socket&, envoy::config::core::v3::SocketOption::SocketState) const { // no details for this option. return absl::nullopt; } } // namespace OriginalSrc } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/original_src/original_src_socket_option.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" #include "envoy/network/listen_socket.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace OriginalSrc { /** * A socket option implementation which allows a connection to spoof its source IP/port using * a provided IP address (and maybe port). */ class OriginalSrcSocketOption : public Network::Socket::Option { public: /** * Constructs a socket option which will set the socket to use source @c src_address */ OriginalSrcSocketOption(Network::Address::InstanceConstSharedPtr src_address); ~OriginalSrcSocketOption() override = default; /** * Updates the source address of the socket to match `src_address_`. * Adds socket options to the socket to allow this to work. */ bool setOption(Network::Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; /** * Appends a key which uniquely identifies the address being tracked. */ void hashKey(std::vector& key) const override; absl::optional
    getOptionDetails(const Network::Socket& socket, envoy::config::core::v3::SocketOption::SocketState state) const override; private: Network::Address::InstanceConstSharedPtr src_address_; }; } // namespace OriginalSrc } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/original_src/socket_option_factory.cc ================================================ #include "extensions/filters/common/original_src/socket_option_factory.h" #include "common/network/socket_option_factory.h" #include "common/network/utility.h" #include "extensions/filters/common/original_src/original_src_socket_option.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace OriginalSrc { Network::Socket::OptionsSharedPtr buildOriginalSrcOptions(Network::Address::InstanceConstSharedPtr source, uint32_t mark) { const auto address_without_port = Network::Utility::getAddressWithPort(*source, 0); // Note: we don't expect this to change the behaviour of the socket. We expect it to be copied // into the upstream connection later. auto options_to_add = std::make_shared(); options_to_add->emplace_back( std::make_shared( std::move(address_without_port))); if (mark != 0) { const auto mark_options = Network::SocketOptionFactory::buildSocketMarkOptions(mark); options_to_add->insert(options_to_add->end(), mark_options->begin(), mark_options->end()); } const auto transparent_options = Network::SocketOptionFactory::buildIpTransparentOptions(); options_to_add->insert(options_to_add->end(), transparent_options->begin(), transparent_options->end()); return options_to_add; } } // namespace OriginalSrc } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/original_src/socket_option_factory.h ================================================ #pragma once #include "envoy/network/address.h" #include "envoy/network/listen_socket.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace OriginalSrc { Network::Socket::OptionsSharedPtr buildOriginalSrcOptions(Network::Address::InstanceConstSharedPtr source, uint32_t mark); } // namespace OriginalSrc } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "ratelimit_lib", srcs = ["ratelimit_impl.cc"], hdrs = ["ratelimit_impl.h"], deps = [ ":ratelimit_client_interface", "//include/envoy/grpc:async_client_interface", "//include/envoy/grpc:async_client_manager_interface", "//include/envoy/ratelimit:ratelimit_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/grpc:typed_async_client_lib", "//source/common/http:headers_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/common/ratelimit/v3:pkg_cc_proto", "@envoy_api//envoy/service/ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ratelimit_client_interface", hdrs = ["ratelimit.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/ratelimit:ratelimit_interface", "//include/envoy/singleton:manager_interface", "//include/envoy/tracing:http_tracer_interface", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/service/ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "stat_names_lib", hdrs = ["stat_names.h"], deps = [ "//source/common/stats:symbol_table_lib", ], ) ================================================ FILE: source/extensions/filters/common/ratelimit/ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/common/pure.h" #include "envoy/ratelimit/ratelimit.h" #include "envoy/service/ratelimit/v3/rls.pb.h" #include "envoy/singleton/manager.h" #include "envoy/tracing/http_tracer.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RateLimit { /** * Possible async results for a limit call. */ enum class LimitStatus { // The request is not over limit. OK, // The rate limit service could not be queried. Error, // The request is over limit. OverLimit }; using DescriptorStatusList = std::vector; using DescriptorStatusListPtr = std::unique_ptr; /** * Async callbacks used during limit() calls. */ class RequestCallbacks { public: virtual ~RequestCallbacks() = default; /** * Called when a limit request is complete. The resulting status, * response headers and request headers to be forwarded to the upstream are supplied. */ virtual void complete(LimitStatus status, DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) PURE; }; /** * A client used to query a centralized rate limit service. */ class Client { public: virtual ~Client() = default; /** * Cancel an inflight limit request. */ virtual void cancel() PURE; /** * Request a limit check. Note that this abstract API matches the design of Lyft's GRPC based * rate limit service. See ratelimit.proto for details. Any other rate limit implementations * plugged in at this layer should support the same high level API. * NOTE: It is possible for the completion callback to be called immediately on the same stack * frame. Calling code should account for this. * @param callbacks supplies the completion callbacks. * @param domain specifies the rate limit domain. * @param descriptors specifies a list of descriptors to query. * @param parent_span source for generating an egress child span as part of the trace. * */ virtual void limit(RequestCallbacks& callbacks, const std::string& domain, const std::vector& descriptors, Tracing::Span& parent_span) PURE; }; using ClientPtr = std::unique_ptr; } // namespace RateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ratelimit/ratelimit_impl.cc ================================================ #include "extensions/filters/common/ratelimit/ratelimit_impl.h" #include #include #include #include #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/common/ratelimit/v3/ratelimit.pb.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RateLimit { GrpcClientImpl::GrpcClientImpl(Grpc::RawAsyncClientPtr&& async_client, const absl::optional& timeout, envoy::config::core::v3::ApiVersion transport_api_version) : async_client_(std::move(async_client)), timeout_(timeout), service_method_( Grpc::VersionedMethods("envoy.service.ratelimit.v3.RateLimitService.ShouldRateLimit", "envoy.service.ratelimit.v2.RateLimitService.ShouldRateLimit") .getMethodDescriptorForVersion(transport_api_version)), transport_api_version_(transport_api_version) {} GrpcClientImpl::~GrpcClientImpl() { ASSERT(!callbacks_); } void GrpcClientImpl::cancel() { ASSERT(callbacks_ != nullptr); request_->cancel(); callbacks_ = nullptr; } void GrpcClientImpl::createRequest(envoy::service::ratelimit::v3::RateLimitRequest& request, const std::string& domain, const std::vector& descriptors) { request.set_domain(domain); for (const Envoy::RateLimit::Descriptor& descriptor : descriptors) { envoy::extensions::common::ratelimit::v3::RateLimitDescriptor* new_descriptor = request.add_descriptors(); for (const Envoy::RateLimit::DescriptorEntry& entry : descriptor.entries_) { envoy::extensions::common::ratelimit::v3::RateLimitDescriptor::Entry* new_entry = new_descriptor->add_entries(); new_entry->set_key(entry.key_); new_entry->set_value(entry.value_); } if (descriptor.limit_) { envoy::extensions::common::ratelimit::v3::RateLimitDescriptor_RateLimitOverride* new_limit = new_descriptor->mutable_limit(); new_limit->set_requests_per_unit(descriptor.limit_.value().requests_per_unit_); new_limit->set_unit(descriptor.limit_.value().unit_); } } } void GrpcClientImpl::limit(RequestCallbacks& callbacks, const std::string& domain, const std::vector& descriptors, Tracing::Span& parent_span) { ASSERT(callbacks_ == nullptr); callbacks_ = &callbacks; envoy::service::ratelimit::v3::RateLimitRequest request; createRequest(request, domain, descriptors); request_ = async_client_->send(service_method_, request, *this, parent_span, Http::AsyncClient::RequestOptions().setTimeout(timeout_), transport_api_version_); } void GrpcClientImpl::onSuccess( std::unique_ptr&& response, Tracing::Span& span) { LimitStatus status = LimitStatus::OK; ASSERT(response->overall_code() != envoy::service::ratelimit::v3::RateLimitResponse::UNKNOWN); if (response->overall_code() == envoy::service::ratelimit::v3::RateLimitResponse::OVER_LIMIT) { status = LimitStatus::OverLimit; span.setTag(Constants::get().TraceStatus, Constants::get().TraceOverLimit); } else { span.setTag(Constants::get().TraceStatus, Constants::get().TraceOk); } Http::ResponseHeaderMapPtr response_headers_to_add; Http::RequestHeaderMapPtr request_headers_to_add; if (!response->response_headers_to_add().empty()) { response_headers_to_add = Http::ResponseHeaderMapImpl::create(); for (const auto& h : response->response_headers_to_add()) { response_headers_to_add->addCopy(Http::LowerCaseString(h.key()), h.value()); } } if (!response->request_headers_to_add().empty()) { request_headers_to_add = Http::RequestHeaderMapImpl::create(); for (const auto& h : response->request_headers_to_add()) { request_headers_to_add->addCopy(Http::LowerCaseString(h.key()), h.value()); } } DescriptorStatusListPtr descriptor_statuses = std::make_unique( response->statuses().begin(), response->statuses().end()); callbacks_->complete(status, std::move(descriptor_statuses), std::move(response_headers_to_add), std::move(request_headers_to_add)); callbacks_ = nullptr; } void GrpcClientImpl::onFailure(Grpc::Status::GrpcStatus status, const std::string&, Tracing::Span&) { ASSERT(status != Grpc::Status::WellKnownGrpcStatus::Ok); callbacks_->complete(LimitStatus::Error, nullptr, nullptr, nullptr); callbacks_ = nullptr; } ClientPtr rateLimitClient(Server::Configuration::FactoryContext& context, const envoy::config::core::v3::GrpcService& grpc_service, const std::chrono::milliseconds timeout, envoy::config::core::v3::ApiVersion transport_api_version) { // TODO(ramaraochavali): register client to singleton when GrpcClientImpl supports concurrent // requests. const auto async_client_factory = context.clusterManager().grpcAsyncClientManager().factoryForGrpcService( grpc_service, context.scope(), true); return std::make_unique( async_client_factory->create(), timeout, transport_api_version); } } // namespace RateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ratelimit/ratelimit_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/ratelimit/ratelimit.h" #include "envoy/server/filter_config.h" #include "envoy/service/ratelimit/v3/rls.pb.h" #include "envoy/stats/scope.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/grpc/typed_async_client.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RateLimit { using RateLimitAsyncCallbacks = Grpc::AsyncRequestCallbacks; struct ConstantValues { const std::string TraceStatus = "ratelimit_status"; const std::string TraceOverLimit = "over_limit"; const std::string TraceOk = "ok"; }; using Constants = ConstSingleton; // TODO(htuch): We should have only one client per thread, but today we create one per filter stack. // This will require support for more than one outstanding request per client (limit() assumes only // one today). class GrpcClientImpl : public Client, public RateLimitAsyncCallbacks, public Logger::Loggable { public: GrpcClientImpl(Grpc::RawAsyncClientPtr&& async_client, const absl::optional& timeout, envoy::config::core::v3::ApiVersion transport_api_version); ~GrpcClientImpl() override; static void createRequest(envoy::service::ratelimit::v3::RateLimitRequest& request, const std::string& domain, const std::vector& descriptors); // Filters::Common::RateLimit::Client void cancel() override; void limit(RequestCallbacks& callbacks, const std::string& domain, const std::vector& descriptors, Tracing::Span& parent_span) override; // Grpc::AsyncRequestCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} void onSuccess(std::unique_ptr&& response, Tracing::Span& span) override; void onFailure(Grpc::Status::GrpcStatus status, const std::string& message, Tracing::Span& span) override; private: Grpc::AsyncClient async_client_; Grpc::AsyncRequest* request_{}; absl::optional timeout_; RequestCallbacks* callbacks_{}; const Protobuf::MethodDescriptor& service_method_; const envoy::config::core::v3::ApiVersion transport_api_version_; }; /** * Builds the rate limit client. */ ClientPtr rateLimitClient(Server::Configuration::FactoryContext& context, const envoy::config::core::v3::GrpcService& grpc_service, const std::chrono::milliseconds timeout, envoy::config::core::v3::ApiVersion transport_api_version); } // namespace RateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/ratelimit/stat_names.h ================================================ #pragma once #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RateLimit { // Captures a set of stat-names needed for recording during rate-limit // filters. These should generally be initialized once per process, and // not per-request, to avoid lock contention. struct StatNames { explicit StatNames(Stats::SymbolTable& symbol_table) : pool_(symbol_table), ok_(pool_.add("ratelimit.ok")), error_(pool_.add("ratelimit.error")), failure_mode_allowed_(pool_.add("ratelimit.failure_mode_allowed")), over_limit_(pool_.add("ratelimit.over_limit")) {} Stats::StatNamePool pool_; Stats::StatName ok_; Stats::StatName error_; Stats::StatName failure_mode_allowed_; Stats::StatName over_limit_; }; } // namespace RateLimit } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [ ":engine_lib", "//include/envoy/stats:stats_macros", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "matchers_lib", srcs = ["matchers.cc"], hdrs = ["matchers.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/http:header_map_interface", "//include/envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", "//source/common/network:cidr_range_lib", "//source/extensions/filters/common/expr:evaluator_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/rbac/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "engine_interface", hdrs = ["engine.h"], deps = [ "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/network:connection_interface", ], ) envoy_cc_library( name = "engine_lib", srcs = ["engine_impl.cc"], hdrs = ["engine_impl.h"], deps = [ "//source/extensions/filters/common/rbac:engine_interface", "//source/extensions/filters/common/rbac:matchers_lib", "@envoy_api//envoy/config/rbac/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/common/rbac/engine.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "envoy/stream_info/stream_info.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { /** * Shared logic for evaluating RBAC policies. */ class RoleBasedAccessControlEngine { public: virtual ~RoleBasedAccessControlEngine() = default; /** * Handles action-specific operations and returns whether or not the request is permitted. * * @param connection the downstream connection used to identify the action/principal. * @param headers the headers of the incoming request used to identify the action/principal. An * empty map should be used if there are no headers available. * @param info the per-request or per-connection stream info with additional information * about the action/principal. Can be modified by the LOG Action. * @param effective_policy_id it will be filled by the matching policy's ID, * which is used to identity the source of the allow/deny. */ virtual bool handleAction(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const PURE; /** * Handles action-specific operations and returns whether or not the request is permitted. * * @param connection the downstream connection used to identify the action/principal. * @param info the per-request or per-connection stream info with additional information * about the action/principal. Can be modified by the LOG Action. * @param effective_policy_id it will be filled by the matching policy's ID, * which is used to identity the source of the allow/deny. */ virtual bool handleAction(const Network::Connection& connection, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const PURE; }; } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/engine_impl.cc ================================================ #include "extensions/filters/common/rbac/engine_impl.h" #include "envoy/config/rbac/v3/rbac.pb.h" #include "common/http/header_map_impl.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { RoleBasedAccessControlEngineImpl::RoleBasedAccessControlEngineImpl( const envoy::config::rbac::v3::RBAC& rules, const EnforcementMode mode) : action_(rules.action()), mode_(mode) { // guard expression builder by presence of a condition in policies for (const auto& policy : rules.policies()) { if (policy.second.has_condition()) { builder_ = Expr::createBuilder(&constant_arena_); break; } } for (const auto& policy : rules.policies()) { policies_.emplace(policy.first, std::make_unique(policy.second, builder_.get())); } } bool RoleBasedAccessControlEngineImpl::handleAction(const Network::Connection& connection, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const { return handleAction(connection, *Http::StaticEmptyHeaders::get().request_headers, info, effective_policy_id); } bool RoleBasedAccessControlEngineImpl::handleAction(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const { bool matched = checkPolicyMatch(connection, info, headers, effective_policy_id); switch (action_) { case envoy::config::rbac::v3::RBAC::ALLOW: return matched; case envoy::config::rbac::v3::RBAC::DENY: return !matched; case envoy::config::rbac::v3::RBAC::LOG: { // If not shadow enforcement, set shared log metadata if (mode_ != EnforcementMode::Shadow) { ProtobufWkt::Struct log_metadata; auto& log_fields = *log_metadata.mutable_fields(); log_fields[DynamicMetadataKeysSingleton::get().AccessLogKey].set_bool_value(matched); info.setDynamicMetadata(DynamicMetadataKeysSingleton::get().CommonNamespace, log_metadata); } return true; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } bool RoleBasedAccessControlEngineImpl::checkPolicyMatch( const Network::Connection& connection, const StreamInfo::StreamInfo& info, const Envoy::Http::RequestHeaderMap& headers, std::string* effective_policy_id) const { bool matched = false; for (const auto& policy : policies_) { if (policy.second->matches(connection, headers, info)) { matched = true; if (effective_policy_id != nullptr) { *effective_policy_id = policy.first; } break; } } return matched; } } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/engine_impl.h ================================================ #pragma once #include "envoy/config/rbac/v3/rbac.pb.h" #include "extensions/filters/common/rbac/engine.h" #include "extensions/filters/common/rbac/matchers.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { class DynamicMetadataKeys { public: const std::string ShadowEffectivePolicyIdField{"shadow_effective_policy_id"}; const std::string ShadowEngineResultField{"shadow_engine_result"}; const std::string EngineResultAllowed{"allowed"}; const std::string EngineResultDenied{"denied"}; const std::string AccessLogKey{"access_log_hint"}; const std::string CommonNamespace{"envoy.common"}; }; using DynamicMetadataKeysSingleton = ConstSingleton; enum class EnforcementMode { Enforced, Shadow }; class RoleBasedAccessControlEngineImpl : public RoleBasedAccessControlEngine, NonCopyable { public: RoleBasedAccessControlEngineImpl(const envoy::config::rbac::v3::RBAC& rules, const EnforcementMode mode = EnforcementMode::Enforced); bool handleAction(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const override; bool handleAction(const Network::Connection& connection, StreamInfo::StreamInfo& info, std::string* effective_policy_id) const override; private: // Checks whether the request matches any policies bool checkPolicyMatch(const Network::Connection& connection, const StreamInfo::StreamInfo& info, const Envoy::Http::RequestHeaderMap& headers, std::string* effective_policy_id) const; const envoy::config::rbac::v3::RBAC::Action action_; const EnforcementMode mode_; std::map> policies_; Protobuf::Arena constant_arena_; Expr::BuilderPtr builder_; }; } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/matchers.cc ================================================ #include "extensions/filters/common/rbac/matchers.h" #include "envoy/config/rbac/v3/rbac.pb.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { MatcherConstSharedPtr Matcher::create(const envoy::config::rbac::v3::Permission& permission) { switch (permission.rule_case()) { case envoy::config::rbac::v3::Permission::RuleCase::kAndRules: return std::make_shared(permission.and_rules()); case envoy::config::rbac::v3::Permission::RuleCase::kOrRules: return std::make_shared(permission.or_rules()); case envoy::config::rbac::v3::Permission::RuleCase::kHeader: return std::make_shared(permission.header()); case envoy::config::rbac::v3::Permission::RuleCase::kDestinationIp: return std::make_shared(permission.destination_ip(), IPMatcher::Type::DownstreamLocal); case envoy::config::rbac::v3::Permission::RuleCase::kDestinationPort: return std::make_shared(permission.destination_port()); case envoy::config::rbac::v3::Permission::RuleCase::kAny: return std::make_shared(); case envoy::config::rbac::v3::Permission::RuleCase::kMetadata: return std::make_shared(permission.metadata()); case envoy::config::rbac::v3::Permission::RuleCase::kNotRule: return std::make_shared(permission.not_rule()); case envoy::config::rbac::v3::Permission::RuleCase::kRequestedServerName: return std::make_shared(permission.requested_server_name()); case envoy::config::rbac::v3::Permission::RuleCase::kUrlPath: return std::make_shared(permission.url_path()); default: NOT_REACHED_GCOVR_EXCL_LINE; } } MatcherConstSharedPtr Matcher::create(const envoy::config::rbac::v3::Principal& principal) { switch (principal.identifier_case()) { case envoy::config::rbac::v3::Principal::IdentifierCase::kAndIds: return std::make_shared(principal.and_ids()); case envoy::config::rbac::v3::Principal::IdentifierCase::kOrIds: return std::make_shared(principal.or_ids()); case envoy::config::rbac::v3::Principal::IdentifierCase::kAuthenticated: return std::make_shared(principal.authenticated()); case envoy::config::rbac::v3::Principal::IdentifierCase::kSourceIp: return std::make_shared(principal.source_ip(), IPMatcher::Type::ConnectionRemote); case envoy::config::rbac::v3::Principal::IdentifierCase::kDirectRemoteIp: return std::make_shared(principal.direct_remote_ip(), IPMatcher::Type::DownstreamDirectRemote); case envoy::config::rbac::v3::Principal::IdentifierCase::kRemoteIp: return std::make_shared(principal.remote_ip(), IPMatcher::Type::DownstreamRemote); case envoy::config::rbac::v3::Principal::IdentifierCase::kHeader: return std::make_shared(principal.header()); case envoy::config::rbac::v3::Principal::IdentifierCase::kAny: return std::make_shared(); case envoy::config::rbac::v3::Principal::IdentifierCase::kMetadata: return std::make_shared(principal.metadata()); case envoy::config::rbac::v3::Principal::IdentifierCase::kNotId: return std::make_shared(principal.not_id()); case envoy::config::rbac::v3::Principal::IdentifierCase::kUrlPath: return std::make_shared(principal.url_path()); default: NOT_REACHED_GCOVR_EXCL_LINE; } } AndMatcher::AndMatcher(const envoy::config::rbac::v3::Permission::Set& set) { for (const auto& rule : set.rules()) { matchers_.push_back(Matcher::create(rule)); } } AndMatcher::AndMatcher(const envoy::config::rbac::v3::Principal::Set& set) { for (const auto& id : set.ids()) { matchers_.push_back(Matcher::create(id)); } } bool AndMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const { for (const auto& matcher : matchers_) { if (!matcher->matches(connection, headers, info)) { return false; } } return true; } OrMatcher::OrMatcher(const Protobuf::RepeatedPtrField& rules) { for (const auto& rule : rules) { matchers_.push_back(Matcher::create(rule)); } } OrMatcher::OrMatcher(const Protobuf::RepeatedPtrField& ids) { for (const auto& id : ids) { matchers_.push_back(Matcher::create(id)); } } bool OrMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const { for (const auto& matcher : matchers_) { if (matcher->matches(connection, headers, info)) { return true; } } return false; } bool NotMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const { return !matcher_->matches(connection, headers, info); } bool HeaderMatcher::matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const { return Envoy::Http::HeaderUtility::matchHeaders(headers, header_); } bool IPMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo& info) const { Envoy::Network::Address::InstanceConstSharedPtr ip; switch (type_) { case ConnectionRemote: ip = connection.remoteAddress(); break; case DownstreamLocal: ip = info.downstreamLocalAddress(); break; case DownstreamDirectRemote: ip = info.downstreamDirectRemoteAddress(); break; case DownstreamRemote: ip = info.downstreamRemoteAddress(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } return range_.isInRange(*ip.get()); } bool PortMatcher::matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo& info) const { const Envoy::Network::Address::Ip* ip = info.downstreamLocalAddress().get()->ip(); return ip && ip->port() == port_; } bool AuthenticatedMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo&) const { const auto& ssl = connection.ssl(); if (!ssl) { // connection was not authenticated return false; } else if (!matcher_.has_value()) { // matcher allows any subject return true; } // If set, The URI SAN or DNS SAN in that order is used as Principal, otherwise the subject field // is used. if (!ssl->uriSanPeerCertificate().empty()) { for (const std::string& uri : ssl->uriSanPeerCertificate()) { if (matcher_.value().match(uri)) { return true; } } } if (!ssl->dnsSansPeerCertificate().empty()) { for (const std::string& dns : ssl->dnsSansPeerCertificate()) { if (matcher_.value().match(dns)) { return true; } } } return matcher_.value().match(ssl->subjectPeerCertificate()); } bool MetadataMatcher::matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo& info) const { return matcher_.match(info.dynamicMetadata()); } bool PolicyMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const { return permissions_.matches(connection, headers, info) && principals_.matches(connection, headers, info) && (expr_ == nullptr ? true : Expr::matches(*expr_, info, headers)); } bool RequestedServerNameMatcher::matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo&) const { return match(connection.requestedServerName()); } bool PathMatcher::matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const { if (headers.Path() == nullptr) { return false; } return path_matcher_.match(headers.getPathValue()); } } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/matchers.h ================================================ #pragma once #include #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/header_map.h" #include "envoy/network/connection.h" #include "envoy/type/matcher/v3/path.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "common/common/matchers.h" #include "common/http/header_utility.h" #include "common/network/cidr_range.h" #include "extensions/filters/common/expr/evaluator.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { class Matcher; using MatcherConstSharedPtr = std::shared_ptr; /** * Matchers describe the rules for matching either a permission action or principal. */ class Matcher { public: virtual ~Matcher() = default; /** * Returns whether or not the permission/principal matches the rules of the matcher. * * @param connection the downstream connection used to match against. * @param headers the request headers used to match against. An empty map should be used if * there are none headers available. * @param info the additional information about the action/principal. */ virtual bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const PURE; /** * Creates a shared instance of a matcher based off the rules defined in the Permission config * proto message. */ static MatcherConstSharedPtr create(const envoy::config::rbac::v3::Permission& permission); /** * Creates a shared instance of a matcher based off the rules defined in the Principal config * proto message. */ static MatcherConstSharedPtr create(const envoy::config::rbac::v3::Principal& principal); }; /** * Always matches, returning true for any input. */ class AlwaysMatcher : public Matcher { public: bool matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo&) const override { return true; } }; /** * A composite matcher where all sub-matchers must match for this to return true. Evaluation * short-circuits on the first non-match. */ class AndMatcher : public Matcher { public: AndMatcher(const envoy::config::rbac::v3::Permission::Set& rules); AndMatcher(const envoy::config::rbac::v3::Principal::Set& ids); bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: std::vector matchers_; }; /** * A composite matcher where only one sub-matcher must match for this to return true. Evaluation * short-circuits on the first match. */ class OrMatcher : public Matcher { public: OrMatcher(const envoy::config::rbac::v3::Permission::Set& set) : OrMatcher(set.rules()) {} OrMatcher(const envoy::config::rbac::v3::Principal::Set& set) : OrMatcher(set.ids()) {} OrMatcher(const Protobuf::RepeatedPtrField& rules); OrMatcher(const Protobuf::RepeatedPtrField& ids); bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: std::vector matchers_; }; class NotMatcher : public Matcher { public: NotMatcher(const envoy::config::rbac::v3::Permission& permission) : matcher_(Matcher::create(permission)) {} NotMatcher(const envoy::config::rbac::v3::Principal& principal) : matcher_(Matcher::create(principal)) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: MatcherConstSharedPtr matcher_; }; /** * Perform a match against any HTTP header (or pseudo-header, such as `:path` or `:authority`). Will * always fail to match on any non-HTTP connection. */ class HeaderMatcher : public Matcher { public: HeaderMatcher(const envoy::config::route::v3::HeaderMatcher& matcher) : header_(matcher) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: const Envoy::Http::HeaderUtility::HeaderData header_; }; /** * Perform a match against an IP CIDR range. This rule can be applied to connection remote, * downstream local address, downstream direct remote address or downstream remote address. */ class IPMatcher : public Matcher { public: enum Type { ConnectionRemote = 0, DownstreamLocal, DownstreamDirectRemote, DownstreamRemote }; IPMatcher(const envoy::config::core::v3::CidrRange& range, Type type) : range_(Network::Address::CidrRange::create(range)), type_(type) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const override; private: const Network::Address::CidrRange range_; const Type type_; }; /** * Matches the port number of the destination (local) address. */ class PortMatcher : public Matcher { public: PortMatcher(const uint32_t port) : port_(port) {} bool matches(const Network::Connection&, const Envoy::Http::RequestHeaderMap&, const StreamInfo::StreamInfo& info) const override; private: const uint32_t port_; }; /** * Matches the principal name as described in the peer certificate. Uses the URI SAN first. If that * field is not present, uses the subject instead. */ class AuthenticatedMatcher : public Matcher { public: AuthenticatedMatcher(const envoy::config::rbac::v3::Principal::Authenticated& auth) : matcher_(auth.has_principal_name() ? absl::make_optional(auth.principal_name()) : absl::nullopt) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: const absl::optional matcher_; }; /** * Matches a Policy which is a collection of permission and principal matchers. If any action * matches a permission, the principals are then checked for a match. * The condition is a conjunction clause. */ class PolicyMatcher : public Matcher, NonCopyable { public: PolicyMatcher(const envoy::config::rbac::v3::Policy& policy, Expr::Builder* builder) : permissions_(policy.permissions()), principals_(policy.principals()), condition_(policy.condition()) { if (policy.has_condition()) { expr_ = Expr::createExpression(*builder, condition_); } } bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: const OrMatcher permissions_; const OrMatcher principals_; const google::api::expr::v1alpha1::Expr condition_; Expr::ExpressionPtr expr_; }; class MetadataMatcher : public Matcher { public: MetadataMatcher(const Envoy::Matchers::MetadataMatcher& matcher) : matcher_(matcher) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo& info) const override; private: const Envoy::Matchers::MetadataMatcher matcher_; }; /** * Perform a match against the request server from the client's connection * request. This is typically TLS SNI. */ class RequestedServerNameMatcher : public Matcher, Envoy::Matchers::StringMatcherImpl { public: RequestedServerNameMatcher(const envoy::type::matcher::v3::StringMatcher& requested_server_name) : Envoy::Matchers::StringMatcherImpl(requested_server_name) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; }; /** * Perform a match against the path header on the HTTP request. The query and fragment string are * removed from the path header before matching. */ class PathMatcher : public Matcher { public: PathMatcher(const envoy::type::matcher::v3::PathMatcher& path_matcher) : path_matcher_(path_matcher) {} bool matches(const Network::Connection& connection, const Envoy::Http::RequestHeaderMap& headers, const StreamInfo::StreamInfo&) const override; private: const Matchers::PathMatcher path_matcher_; }; } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/utility.cc ================================================ #include "extensions/filters/common/rbac/utility.h" #include #include "absl/strings/str_replace.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { RoleBasedAccessControlFilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "rbac."; return {ALL_RBAC_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } std::string responseDetail(const std::string& policy_id) { // TODO(alyssawilk): put this as a StreamInfo utility and apply to all response details. // Replace whitespaces in policy_id with '_' to avoid breaking the access log (inconsistent number // of segments between log entries when the separator is whitespace). const absl::flat_hash_map replacement{ {" ", "_"}, {"\t", "_"}, {"\f", "_"}, {"\v", "_"}, {"\n", "_"}, {"\r", "_"}}; std::string sanitized = absl::StrReplaceAll(policy_id, replacement); return fmt::format("rbac_access_denied_matched_policy[{}]", sanitized); } } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/common/rbac/utility.h ================================================ #pragma once #include "envoy/stats/stats_macros.h" #include "common/common/fmt.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/common/rbac/engine_impl.h" namespace Envoy { namespace Extensions { namespace Filters { namespace Common { namespace RBAC { /** * All stats for the RBAC filter. @see stats_macros.h */ #define ALL_RBAC_FILTER_STATS(COUNTER) \ COUNTER(allowed) \ COUNTER(denied) \ COUNTER(shadow_allowed) \ COUNTER(shadow_denied) /** * Wrapper struct for RBAC filter stats. @see stats_macros.h */ struct RoleBasedAccessControlFilterStats { ALL_RBAC_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; RoleBasedAccessControlFilterStats generateStats(const std::string& prefix, Stats::Scope& scope); template std::unique_ptr createEngine(const ConfigType& config) { return config.has_rules() ? std::make_unique( config.rules(), EnforcementMode::Enforced) : nullptr; } template std::unique_ptr createShadowEngine(const ConfigType& config) { return config.has_shadow_rules() ? std::make_unique( config.shadow_rules(), EnforcementMode::Shadow) : nullptr; } std::string responseDetail(const std::string& policy_id); } // namespace RBAC } // namespace Common } // namespace Filters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # Well known names are public. visibility = ["//visibility:public"], deps = [ "//source/common/config:well_known_names", "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that dynamically adjusts the number of allowed concurrent # requests based on sampled latencies. # Public docs: docs/root/configuration/http_filters/adaptive_concurrency_filter.rst envoy_extension_package() envoy_cc_library( name = "adaptive_concurrency_filter_lib", srcs = ["adaptive_concurrency_filter.cc"], hdrs = ["adaptive_concurrency_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/adaptive_concurrency/controller:controller_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/adaptive_concurrency:adaptive_concurrency_filter_lib", "//source/extensions/filters/http/adaptive_concurrency/controller:controller_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.cc ================================================ #include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" #include #include #include #include #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "common/common/assert.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { AdaptiveConcurrencyFilterConfig::AdaptiveConcurrencyFilterConfig( const envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency& proto_config, Runtime::Loader& runtime, std::string stats_prefix, Stats::Scope&, TimeSource& time_source) : stats_prefix_(std::move(stats_prefix)), time_source_(time_source), adaptive_concurrency_feature_(proto_config.enabled(), runtime) {} AdaptiveConcurrencyFilter::AdaptiveConcurrencyFilter( AdaptiveConcurrencyFilterConfigSharedPtr config, ConcurrencyControllerSharedPtr controller) : config_(std::move(config)), controller_(std::move(controller)) {} Http::FilterHeadersStatus AdaptiveConcurrencyFilter::decodeHeaders(Http::RequestHeaderMap&, bool) { // In addition to not sampling if the filter is disabled, health checks should also not be sampled // by the concurrency controller since they may potentially bias the sample aggregate to lower // latency measurements. if (!config_->filterEnabled() || decoder_callbacks_->streamInfo().healthCheck()) { return Http::FilterHeadersStatus::Continue; } if (controller_->forwardingDecision() == Controller::RequestForwardingAction::Block) { decoder_callbacks_->sendLocalReply(Http::Code::ServiceUnavailable, "reached concurrency limit", nullptr, absl::nullopt, "reached_concurrency_limit"); return Http::FilterHeadersStatus::StopIteration; } // When the deferred_sample_task_ object is destroyed, the request start time is sampled. This // occurs either when encoding is complete or during destruction of this filter object. const auto now = config_->timeSource().monotonicTime(); deferred_sample_task_ = std::make_unique([this, now]() { controller_->recordLatencySample(now); }); return Http::FilterHeadersStatus::Continue; } void AdaptiveConcurrencyFilter::encodeComplete() { deferred_sample_task_.reset(); } void AdaptiveConcurrencyFilter::onDestroy() { if (deferred_sample_task_) { // The sampling task hasn't been destroyed yet, so this implies we did not complete encoding. // Let's stop the sampling from happening and perform request cleanup inside the controller. // // TODO (tonya11en): Return some RAII handle from the concurrency controller that performs this // logic as part of its lifecycle. deferred_sample_task_->cancel(); controller_->cancelLatencySample(); } } } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h ================================================ #pragma once #include #include #include #include "envoy/common/time.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/cleanup.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { /** * Configuration for the adaptive concurrency limit filter. */ class AdaptiveConcurrencyFilterConfig { public: AdaptiveConcurrencyFilterConfig( const envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency& proto_config, Runtime::Loader& runtime, std::string stats_prefix, Stats::Scope& scope, TimeSource& time_source); bool filterEnabled() const { return adaptive_concurrency_feature_.enabled(); } TimeSource& timeSource() const { return time_source_; } private: const std::string stats_prefix_; TimeSource& time_source_; Runtime::FeatureFlag adaptive_concurrency_feature_; }; using AdaptiveConcurrencyFilterConfigSharedPtr = std::shared_ptr; using ConcurrencyControllerSharedPtr = std::shared_ptr; /** * A filter that samples request latencies and dynamically adjusts the request * concurrency window. */ class AdaptiveConcurrencyFilter : public Http::PassThroughFilter, Logger::Loggable { public: AdaptiveConcurrencyFilter(AdaptiveConcurrencyFilterConfigSharedPtr config, ConcurrencyControllerSharedPtr controller); // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override; // Http::StreamEncoderFilter void encodeComplete() override; void onDestroy() override; private: AdaptiveConcurrencyFilterConfigSharedPtr config_; const ConcurrencyControllerSharedPtr controller_; std::unique_ptr deferred_sample_task_; }; } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/config.cc ================================================ #include "extensions/filters/http/adaptive_concurrency/config.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" #include "extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { Http::FilterFactoryCb AdaptiveConcurrencyFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { auto acc_stats_prefix = stats_prefix + "adaptive_concurrency."; std::shared_ptr controller; using Proto = envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency; ASSERT(config.concurrency_controller_config_case() == Proto::ConcurrencyControllerConfigCase::kGradientControllerConfig); auto gradient_controller_config = Controller::GradientControllerConfig(config.gradient_controller_config(), context.runtime()); controller = std::make_shared( std::move(gradient_controller_config), context.dispatcher(), context.runtime(), acc_stats_prefix + "gradient_controller.", context.scope(), context.api().randomGenerator(), context.timeSource()); AdaptiveConcurrencyFilterConfigSharedPtr filter_config( new AdaptiveConcurrencyFilterConfig(config, context.runtime(), std::move(acc_stats_prefix), context.scope(), context.timeSource())); return [filter_config, controller](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter( std::make_shared(filter_config, controller)); }; } /** * Static registration for the adaptive_concurrency filter. @see RegisterFactory. */ REGISTER_FACTORY(AdaptiveConcurrencyFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { /** * Config registration for the adaptive concurrency limit filter. @see NamedHttpFilterConfigFactory. */ class AdaptiveConcurrencyFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency> { public: AdaptiveConcurrencyFilterFactory() : FactoryBase(HttpFilterNames::get().AdaptiveConcurrency) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/controller/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that dynamically adjusts the number of allowed concurrent # requests based on sampled latencies. # Public docs: TODO (tonya11en) envoy_extension_package() envoy_cc_library( name = "controller_lib", srcs = ["gradient_controller.cc"], hdrs = [ "controller.h", "gradient_controller.h", ], external_deps = [ "libcircllhist", ], deps = [ "//include/envoy/common:time_interface", "//source/common/event:dispatcher_lib", "//source/common/protobuf", "//source/common/runtime:runtime_lib", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", "@envoy_api//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/controller/controller.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/common/time.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { namespace Controller { /** * The controller's decision on whether a request will be forwarded. */ enum class RequestForwardingAction { // The concurrency limit is exceeded, so the request cannot be forwarded. Block, // The controller has allowed the request through and changed its internal // state. The request must be forwarded. Forward }; /** * Adaptive concurrency controller interface. All implementations of this * interface must be thread-safe. */ class ConcurrencyController { public: virtual ~ConcurrencyController() = default; /** * Called during decoding when the adaptive concurrency filter is attempting * to forward a request. Returns its decision on whether to forward a request. */ virtual RequestForwardingAction forwardingDecision() PURE; /** * Called during encoding when the request latency is known. Records the * request latency to update the internal state of the controller for * concurrency limit calculations. * * @param rq_send_time the time point which the sampled request was sent */ virtual void recordLatencySample(MonotonicTime rq_send_time) PURE; /** * Omit sampling an outstanding request and update the internal state of the controller to reflect * request completion. */ virtual void cancelLatencySample() PURE; /** * Returns the current concurrency limit. */ virtual uint32_t concurrencyLimit() const PURE; }; } // namespace Controller } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.cc ================================================ #include "extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" #include #include #include "envoy/common/random_generator.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/stats.h" #include "common/common/cleanup.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { namespace Controller { GradientControllerConfig::GradientControllerConfig( const envoy::extensions::filters::http::adaptive_concurrency::v3::GradientControllerConfig& proto_config, Runtime::Loader& runtime) : runtime_(runtime), min_rtt_calc_interval_(std::chrono::milliseconds( DurationUtil::durationToMilliseconds(proto_config.min_rtt_calc_params().interval()))), sample_rtt_calc_interval_(std::chrono::milliseconds(DurationUtil::durationToMilliseconds( proto_config.concurrency_limit_params().concurrency_update_interval()))), jitter_pct_( PROTOBUF_PERCENT_TO_DOUBLE_OR_DEFAULT(proto_config.min_rtt_calc_params(), jitter, 15)), max_concurrency_limit_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( proto_config.concurrency_limit_params(), max_concurrency_limit, 1000)), min_rtt_aggregate_request_count_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config.min_rtt_calc_params(), request_count, 50)), sample_aggregate_percentile_( PROTOBUF_PERCENT_TO_DOUBLE_OR_DEFAULT(proto_config, sample_aggregate_percentile, 50)), min_concurrency_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config.min_rtt_calc_params(), min_concurrency, 3)), min_rtt_buffer_pct_( PROTOBUF_PERCENT_TO_DOUBLE_OR_DEFAULT(proto_config.min_rtt_calc_params(), buffer, 25)) {} GradientController::GradientController(GradientControllerConfig config, Event::Dispatcher& dispatcher, Runtime::Loader&, const std::string& stats_prefix, Stats::Scope& scope, Random::RandomGenerator& random, TimeSource& time_source) : config_(std::move(config)), dispatcher_(dispatcher), scope_(scope), stats_(generateStats(scope_, stats_prefix)), random_(random), time_source_(time_source), deferred_limit_value_(0), num_rq_outstanding_(0), concurrency_limit_(config_.minConcurrency()), latency_sample_hist_(hist_fast_alloc(), hist_free) { min_rtt_calc_timer_ = dispatcher_.createTimer([this]() -> void { enterMinRTTSamplingWindow(); }); sample_reset_timer_ = dispatcher_.createTimer([this]() -> void { if (inMinRTTSamplingWindow()) { // The minRTT sampling window started since the sample reset timer was enabled last. Since the // minRTT value is being calculated, let's give up on this timer to avoid blocking the // dispatcher thread and rely on it being enabled again as part of the minRTT calculation. return; } { absl::MutexLock ml(&sample_mutation_mtx_); resetSampleWindow(); } sample_reset_timer_->enableTimer(config_.sampleRTTCalcInterval()); }); enterMinRTTSamplingWindow(); sample_reset_timer_->enableTimer(config_.sampleRTTCalcInterval()); stats_.concurrency_limit_.set(concurrency_limit_.load()); } GradientControllerStats GradientController::generateStats(Stats::Scope& scope, const std::string& stats_prefix) { return {ALL_GRADIENT_CONTROLLER_STATS(POOL_COUNTER_PREFIX(scope, stats_prefix), POOL_GAUGE_PREFIX(scope, stats_prefix))}; } void GradientController::enterMinRTTSamplingWindow() { // There a potential race condition where setting the minimum concurrency multiple times in a row // resets the minRTT sampling timer and triggers the calculation immediately. This could occur // after the minRTT sampling window has already been entered, so we can simply return here knowing // the desired action is already being performed. if (inMinRTTSamplingWindow()) { return; } absl::MutexLock ml(&sample_mutation_mtx_); stats_.min_rtt_calculation_active_.set(1); // Set the minRTT flag to indicate we're gathering samples to update the value. This will // prevent the sample window from resetting until enough requests are gathered to complete the // recalculation. deferred_limit_value_.store(GradientController::concurrencyLimit()); updateConcurrencyLimit(config_.minConcurrency()); // Throw away any latency samples from before the recalculation window as it may not represent // the minRTT. hist_clear(latency_sample_hist_.get()); min_rtt_epoch_ = time_source_.monotonicTime(); } void GradientController::updateMinRTT() { ASSERT(inMinRTTSamplingWindow()); { absl::MutexLock ml(&sample_mutation_mtx_); min_rtt_ = processLatencySamplesAndClear(); stats_.min_rtt_msecs_.set( std::chrono::duration_cast(min_rtt_).count()); updateConcurrencyLimit(deferred_limit_value_.load()); deferred_limit_value_.store(0); stats_.min_rtt_calculation_active_.set(0); } min_rtt_calc_timer_->enableTimer( applyJitter(config_.minRTTCalcInterval(), config_.jitterPercent())); sample_reset_timer_->enableTimer(config_.sampleRTTCalcInterval()); } std::chrono::milliseconds GradientController::applyJitter(std::chrono::milliseconds interval, double jitter_pct) const { if (jitter_pct == 0) { return interval; } const uint32_t jitter_range_ms = interval.count() * jitter_pct; return std::chrono::milliseconds(interval.count() + (random_.random() % jitter_range_ms)); } void GradientController::resetSampleWindow() { // The sampling window must not be reset while sampling for the new minRTT value. ASSERT(!inMinRTTSamplingWindow()); if (hist_sample_count(latency_sample_hist_.get()) == 0) { return; } sample_rtt_ = processLatencySamplesAndClear(); stats_.sample_rtt_msecs_.set( std::chrono::duration_cast(sample_rtt_).count()); updateConcurrencyLimit(calculateNewLimit()); } std::chrono::microseconds GradientController::processLatencySamplesAndClear() { const std::array quantile{config_.sampleAggregatePercentile()}; std::array calculated_quantile; hist_approx_quantile(latency_sample_hist_.get(), quantile.data(), 1, calculated_quantile.data()); hist_clear(latency_sample_hist_.get()); return std::chrono::microseconds(static_cast(calculated_quantile[0])); } uint32_t GradientController::calculateNewLimit() { ASSERT(sample_rtt_.count() > 0); // Calculate the gradient value, ensuring it's clamped between 0.5 and 2.0. // This prevents extreme changes in the concurrency limit between each sample // window. const auto buffered_min_rtt = min_rtt_.count() + min_rtt_.count() * config_.minRTTBufferPercent(); const double raw_gradient = static_cast(buffered_min_rtt) / sample_rtt_.count(); const double gradient = std::max(0.5, std::min(2.0, raw_gradient)); stats_.gradient_.set(gradient); const double limit = concurrencyLimit() * gradient; const double burst_headroom = sqrt(limit); stats_.burst_queue_size_.set(burst_headroom); // The final concurrency value factors in the burst headroom and must be clamped to keep the value // in the range [configured_min, configured_max]. const uint32_t new_limit = limit + burst_headroom; return std::max(config_.minConcurrency(), std::min(config_.maxConcurrencyLimit(), new_limit)); } RequestForwardingAction GradientController::forwardingDecision() { // Note that a race condition exists here which would allow more outstanding requests than the // concurrency limit bounded by the number of worker threads. After loading num_rq_outstanding_ // and before loading concurrency_limit_, another thread could potentially swoop in and modify // num_rq_outstanding_, causing us to move forward with stale values and increment // num_rq_outstanding_. // // TODO (tonya11en): Reconsider using a CAS loop here. if (num_rq_outstanding_.load() < concurrencyLimit()) { ++num_rq_outstanding_; return RequestForwardingAction::Forward; } stats_.rq_blocked_.inc(); return RequestForwardingAction::Block; } void GradientController::recordLatencySample(MonotonicTime rq_send_time) { ASSERT(num_rq_outstanding_.load() > 0); --num_rq_outstanding_; if (rq_send_time < min_rtt_epoch_) { // Disregard samples from requests started in the previous minRTT window. return; } const std::chrono::microseconds rq_latency = std::chrono::duration_cast(time_source_.monotonicTime() - rq_send_time); uint32_t sample_count; { absl::MutexLock ml(&sample_mutation_mtx_); hist_insert(latency_sample_hist_.get(), rq_latency.count(), 1); sample_count = hist_sample_count(latency_sample_hist_.get()); } if (inMinRTTSamplingWindow() && sample_count >= config_.minRTTAggregateRequestCount()) { // This sample has pushed the request count over the request count requirement for the minRTT // recalculation. It must now be finished. updateMinRTT(); } } void GradientController::cancelLatencySample() { ASSERT(num_rq_outstanding_.load() > 0); --num_rq_outstanding_; } void GradientController::updateConcurrencyLimit(const uint32_t new_limit) { const auto old_limit = concurrency_limit_.load(); concurrency_limit_.store(new_limit); stats_.concurrency_limit_.set(concurrency_limit_.load()); if (!inMinRTTSamplingWindow() && old_limit == config_.minConcurrency() && new_limit == config_.minConcurrency()) { ++consecutive_min_concurrency_set_; } else { consecutive_min_concurrency_set_ = 0; } // If the concurrency limit is being set to the minimum value for the 5th consecutive sample // window while not in the middle of a minRTT measurement, this might be indicative of an // inaccurate minRTT measurement. Since the limit is already where it needs to be for a minRTT // measurement, we should measure it again. // // There is a possibility that the minRTT measurement begins before we are able to // cancel/re-enable the timer below and triggers overlapping minRTT windows. To protect against // this, there is an explicit check when entering the minRTT measurement that ensures there is // only a single minRTT measurement active at a time. if (consecutive_min_concurrency_set_ >= 5) { min_rtt_calc_timer_->enableTimer(std::chrono::milliseconds(0)); } } } // namespace Controller } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h ================================================ #pragma once #include #include #include "envoy/common/random_generator.h" #include "envoy/common/time.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/stats_macros.h" #include "extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "absl/base/thread_annotations.h" #include "absl/strings/numbers.h" #include "absl/synchronization/mutex.h" #include "circllhist.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdaptiveConcurrency { namespace Controller { /** * All stats for the gradient controller. */ #define ALL_GRADIENT_CONTROLLER_STATS(COUNTER, GAUGE) \ COUNTER(rq_blocked) \ GAUGE(burst_queue_size, NeverImport) \ GAUGE(concurrency_limit, NeverImport) \ GAUGE(gradient, NeverImport) \ GAUGE(min_rtt_calculation_active, Accumulate) \ GAUGE(min_rtt_msecs, NeverImport) \ GAUGE(sample_rtt_msecs, NeverImport) /** * Wrapper struct for gradient controller stats. @see stats_macros.h */ struct GradientControllerStats { ALL_GRADIENT_CONTROLLER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; class GradientControllerConfig : public Logger::Loggable { public: GradientControllerConfig( const envoy::extensions::filters::http::adaptive_concurrency::v3::GradientControllerConfig& proto_config, Runtime::Loader& runtime); std::chrono::milliseconds minRTTCalcInterval() const { const auto ms = runtime_.snapshot().getInteger(RuntimeKeys::get().MinRTTCalcIntervalKey, min_rtt_calc_interval_.count()); return std::chrono::milliseconds(ms); } std::chrono::milliseconds sampleRTTCalcInterval() const { const auto ms = runtime_.snapshot().getInteger(RuntimeKeys::get().SampleRTTCalcIntervalKey, sample_rtt_calc_interval_.count()); return std::chrono::milliseconds(ms); } uint32_t maxConcurrencyLimit() const { return runtime_.snapshot().getInteger(RuntimeKeys::get().MaxConcurrencyLimitKey, max_concurrency_limit_); } uint32_t minRTTAggregateRequestCount() const { return runtime_.snapshot().getInteger(RuntimeKeys::get().MinRTTAggregateRequestCountKey, min_rtt_aggregate_request_count_); } // The percentage is normalized to the range [0.0, 1.0]. double sampleAggregatePercentile() const { const double val = runtime_.snapshot().getDouble( RuntimeKeys::get().SampleAggregatePercentileKey, sample_aggregate_percentile_); return std::max(0.0, std::min(val, 100.0)) / 100.0; } // The percentage is normalized to the range [0.0, 1.0]. double jitterPercent() const { const double val = runtime_.snapshot().getDouble(RuntimeKeys::get().JitterPercentKey, jitter_pct_); return std::max(0.0, std::min(val, 100.0)) / 100.0; } uint32_t minConcurrency() const { return runtime_.snapshot().getInteger(RuntimeKeys::get().MinConcurrencyKey, min_concurrency_); } // The percentage is normalized to the range [0.0, 1.0]. double minRTTBufferPercent() const { const double val = runtime_.snapshot().getDouble(RuntimeKeys::get().MinRTTBufferPercentKey, min_rtt_buffer_pct_); return std::max(0.0, std::min(val, 100.0)) / 100.0; } private: class RuntimeKeyValues { public: const std::string MinRTTCalcIntervalKey = "adaptive_concurrency.gradient_controller.min_rtt_calc_interval_ms"; const std::string SampleRTTCalcIntervalKey = "adaptive_concurrency.gradient_controller.sample_rtt_calc_interval_ms"; const std::string MaxConcurrencyLimitKey = "adaptive_concurrency.gradient_controller.max_concurrency_limit"; const std::string MinRTTAggregateRequestCountKey = "adaptive_concurrency.gradient_controller.min_rtt_aggregate_request_count"; const std::string SampleAggregatePercentileKey = "adaptive_concurrency.gradient_controller.sample_aggregate_percentile"; const std::string JitterPercentKey = "adaptive_concurrency.gradient_controller.jitter"; const std::string MinConcurrencyKey = "adaptive_concurrency.gradient_controller.min_concurrency"; const std::string MinRTTBufferPercentKey = "adaptive_concurrency.gradient_controller.min_rtt_buffer"; }; using RuntimeKeys = ConstSingleton; Runtime::Loader& runtime_; // The measured request round-trip time under ideal conditions. const std::chrono::milliseconds min_rtt_calc_interval_; // The measured sample round-trip milliseconds from the previous time window. const std::chrono::milliseconds sample_rtt_calc_interval_; // Randomized time delta added to the start of the minRTT calculation window. const double jitter_pct_; // The maximum allowed concurrency value. const uint32_t max_concurrency_limit_; // The number of requests to aggregate/sample during the minRTT recalculation. const uint32_t min_rtt_aggregate_request_count_; // The percentile value considered when processing samples. const double sample_aggregate_percentile_; // The concurrency limit set while measuring the minRTT. const uint32_t min_concurrency_; // The amount added to the measured minRTT as a hedge against natural variability in latency. const double min_rtt_buffer_pct_; }; using GradientControllerConfigSharedPtr = std::shared_ptr; /** * A concurrency controller that implements a variation of the Gradient algorithm described in: * * https://medium.com/@NetflixTechBlog/performance-under-load-3e6fa9a60581 * * This is used to control the allowed request concurrency limit in the adaptive concurrency control * filter. * * The algorithm: * ============== * An ideal round-trip time (minRTT) is measured periodically by only allowing a small number of * outstanding requests at a time and measuring the round-trip time to the upstream. This * information is then used in the calculation of a number called the gradient, using time-sampled * latencies (sampleRTT): * * gradient = minRTT / sampleRTT * * This gradient value has a useful property, such that it decreases as the sampled latencies * increase. The value is then used to periodically update the concurrency limit via: * * limit = old_limit * gradient * new_limit = limit + headroom * * The headroom value allows for request bursts and is also the driving factor behind increasing the * concurrency limit when the sampleRTT is in the same ballpark as the minRTT. This value must be * present in the calculation, since it forces the concurrency limit to increase until there is a * deviation from the minRTT latency. In its absence, the concurrency limit could remain stagnant at * an unnecessarily small value if sampleRTT ~= minRTT. Therefore, the headroom value is * unconfigurable and is set to the square-root of the new limit. * * Sampling: * ========= * The controller makes use of latency samples to either determine the minRTT or the sampleRTT which * is used to periodically update the concurrency limit. Each calculation occurs at separate * configurable frequencies and they may not occur at the same time. To prevent this, there exists a * concept of mutually exclusive sampling windows. * * When the gradient controller is instantiated, it starts inside of a minRTT calculation window * (indicated by inMinRTTSamplingWindow() returning true) and the concurrency limit is pinned to the * configured min_concurrency. This window lasts until the configured number of requests is * received, the minRTT value is updated, and the minRTT value is set by a single worker thread. To * prevent sampleRTT calculations from triggering during this window, the update window mutex is * held. Since it's necessary for a worker thread to know which update window update window mutex is * held for, they check the state of inMinRTTSamplingWindow() after each sample. When the minRTT * calculation is complete, a timer is set to trigger the next minRTT sampling window by the worker * thread who updates the minRTT value. * * If the controller is not in a minRTT sampling window, it's possible that the controller is in a * sampleRTT calculation window. In this, all of the latency samples are consolidated into a * configurable quantile value to represent the measured latencies. This quantile value sets * sampleRTT and the concurrency limit is updated as described in the algorithm section above. * * When not in a sampling window, the controller is simply servicing the adaptive concurrency filter * via the public functions. * * Locking: * ======== * There are 2 mutually exclusive calculation windows, so the sample mutation mutex is held to * prevent the overlap of these windows. It is necessary for a worker thread to know specifically if * the controller is inside of a minRTT recalculation window during the recording of a latency * sample, so this extra bit of information is stored in inMinRTTSamplingWindow(). */ class GradientController : public ConcurrencyController { public: GradientController(GradientControllerConfig config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, const std::string& stats_prefix, Stats::Scope& scope, Random::RandomGenerator& random, TimeSource& time_source); // ConcurrencyController. RequestForwardingAction forwardingDecision() override; void recordLatencySample(MonotonicTime rq_send_time) override; void cancelLatencySample() override; uint32_t concurrencyLimit() const override { return concurrency_limit_.load(); } private: static GradientControllerStats generateStats(Stats::Scope& scope, const std::string& stats_prefix); void updateMinRTT(); std::chrono::microseconds processLatencySamplesAndClear() ABSL_EXCLUSIVE_LOCKS_REQUIRED(sample_mutation_mtx_); uint32_t calculateNewLimit() ABSL_EXCLUSIVE_LOCKS_REQUIRED(sample_mutation_mtx_); void enterMinRTTSamplingWindow(); bool inMinRTTSamplingWindow() const { return deferred_limit_value_.load() > 0; } void resetSampleWindow() ABSL_EXCLUSIVE_LOCKS_REQUIRED(sample_mutation_mtx_); void updateConcurrencyLimit(const uint32_t new_limit) ABSL_EXCLUSIVE_LOCKS_REQUIRED(sample_mutation_mtx_); std::chrono::milliseconds applyJitter(std::chrono::milliseconds interval, double jitter_pct) const; const GradientControllerConfig config_; Event::Dispatcher& dispatcher_; Stats::Scope& scope_; GradientControllerStats stats_; Random::RandomGenerator& random_; TimeSource& time_source_; // Protects data related to latency sampling and RTT values. In addition to protecting the latency // sample histogram, the mutex ensures that the minRTT calculation window and the sample window // (where the new concurrency limit is determined) do not overlap. absl::Mutex sample_mutation_mtx_; // Stores the value of the concurrency limit prior to entering the minRTT update window. If this // is non-zero, then we are actively in the minRTT sampling window. std::atomic deferred_limit_value_; // Stores the expected upstream latency value under ideal conditions with the added buffer to // account for variable latencies. This is the numerator in the gradient value. std::chrono::nanoseconds min_rtt_; // Stores the aggregated sampled latencies for use in the gradient calculation. std::chrono::nanoseconds sample_rtt_ ABSL_GUARDED_BY(sample_mutation_mtx_); // Tracks the count of requests that have been forwarded whose replies have // not been sampled yet. Atomicity is required because this variable is used to make the // forwarding decision without locking. std::atomic num_rq_outstanding_; // Stores the current concurrency limit. Atomicity is required because this variable is used to // make the forwarding decision without locking. std::atomic concurrency_limit_; // Stores all sampled latencies and provides percentile estimations when using the sampled data to // calculate a new concurrency limit. std::unique_ptr latency_sample_hist_ ABSL_GUARDED_BY(sample_mutation_mtx_); // Tracks the number of consecutive times that the concurrency limit is set to the minimum. This // is used to determine whether the controller should trigger an additional minRTT measurement // after remaining at the minimum limit for too long. uint32_t consecutive_min_concurrency_set_ ABSL_GUARDED_BY(sample_mutation_mtx_); // We will disregard sampling any requests admitted before this timestamp to prevent sampling // requests admitted before the start of a minRTT window and potentially skewing the minRTT. MonotonicTime min_rtt_epoch_; Event::TimerPtr min_rtt_calc_timer_; Event::TimerPtr sample_reset_timer_; }; using GradientControllerSharedPtr = std::shared_ptr; } // namespace Controller } // namespace AdaptiveConcurrency } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that probabilistically rejects requests based on upstream success-rate. # Public docs: docs/root/configuration/http_filters/admission_control.rst envoy_extension_package() envoy_cc_extension( name = "admission_control_filter_lib", srcs = [ "admission_control.cc", "thread_local_controller.cc", ], hdrs = [ "admission_control.h", "thread_local_controller.h", ], security_posture = "unknown", deps = [ "//include/envoy/http:filter_interface", "//include/envoy/runtime:runtime_interface", "//source/common/common:cleanup_lib", "//source/common/http:codes_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/admission_control/evaluators:response_evaluator_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/admission_control/v3alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ "//include/envoy/registry", "//source/common/common:enum_to_int", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/admission_control:admission_control_filter_lib", "//source/extensions/filters/http/admission_control/evaluators:response_evaluator_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/admission_control/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/admission_control/admission_control.cc ================================================ #include "extensions/filters/http/admission_control/admission_control.h" #include #include #include #include #include "envoy/common/random_generator.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/grpc/status.h" #include "envoy/http/codes.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "common/common/cleanup.h" #include "common/common/enum_to_int.h" #include "common/grpc/common.h" #include "common/http/codes.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { using GrpcStatus = Grpc::Status::GrpcStatus; static constexpr double defaultAggression = 1.0; static constexpr double defaultSuccessRateThreshold = 95.0; AdmissionControlFilterConfig::AdmissionControlFilterConfig( const AdmissionControlProto& proto_config, Runtime::Loader& runtime, Random::RandomGenerator& random, Stats::Scope& scope, ThreadLocal::SlotPtr&& tls, std::shared_ptr response_evaluator) : random_(random), scope_(scope), tls_(std::move(tls)), admission_control_feature_(proto_config.enabled(), runtime), aggression_(proto_config.has_aggression() ? std::make_unique(proto_config.aggression(), runtime) : nullptr), sr_threshold_(proto_config.has_sr_threshold() ? std::make_unique( proto_config.sr_threshold(), runtime) : nullptr), response_evaluator_(std::move(response_evaluator)) {} double AdmissionControlFilterConfig::aggression() const { return std::max(1.0, aggression_ ? aggression_->value() : defaultAggression); } double AdmissionControlFilterConfig::successRateThreshold() const { const double pct = sr_threshold_ ? sr_threshold_->value() : defaultSuccessRateThreshold; return std::min(pct, 100.0) / 100.0; } AdmissionControlFilter::AdmissionControlFilter(AdmissionControlFilterConfigSharedPtr config, const std::string& stats_prefix) : config_(std::move(config)), stats_(generateStats(config_->scope(), stats_prefix)), record_request_(true) {} Http::FilterHeadersStatus AdmissionControlFilter::decodeHeaders(Http::RequestHeaderMap&, bool) { if (!config_->filterEnabled() || decoder_callbacks_->streamInfo().healthCheck()) { // We must forego recording the success/failure of this request during encoding. record_request_ = false; return Http::FilterHeadersStatus::Continue; } if (shouldRejectRequest()) { // We do not want to sample requests that we are rejecting, since this taints the measurements // that should be describing the upstreams. In addition, if we were to record the requests // rejected, the rejection probabilities would not converge back to 0 even if the upstream // success rate returns to 100%. record_request_ = false; stats_.rq_rejected_.inc(); decoder_callbacks_->sendLocalReply(Http::Code::ServiceUnavailable, "", nullptr, absl::nullopt, "denied by admission control"); return Http::FilterHeadersStatus::StopIteration; } return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus AdmissionControlFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { // TODO(tonya11en): It's not possible for an HTTP filter to understand why a stream is reset, so // we are not currently accounting for resets when recording requests. if (!record_request_) { return Http::FilterHeadersStatus::Continue; } bool successful_response = false; if (Grpc::Common::isGrpcResponseHeaders(headers, end_stream)) { absl::optional grpc_status = Grpc::Common::getGrpcStatus(headers); // If the GRPC status isn't found in the headers, it must be found in the trailers. expect_grpc_status_in_trailer_ = !grpc_status.has_value(); if (expect_grpc_status_in_trailer_) { return Http::FilterHeadersStatus::Continue; } const uint32_t status = enumToInt(grpc_status.value()); successful_response = config_->responseEvaluator().isGrpcSuccess(status); } else { // HTTP response. const uint64_t http_status = Http::Utility::getResponseStatus(headers); successful_response = config_->responseEvaluator().isHttpSuccess(http_status); } if (successful_response) { recordSuccess(); } else { recordFailure(); } return Http::FilterHeadersStatus::Continue; } Http::FilterTrailersStatus AdmissionControlFilter::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (expect_grpc_status_in_trailer_) { absl::optional grpc_status = Grpc::Common::getGrpcStatus(trailers, false); if (grpc_status.has_value() && config_->responseEvaluator().isGrpcSuccess(grpc_status.value())) { recordSuccess(); } else { recordFailure(); } } return Http::FilterTrailersStatus::Continue; } bool AdmissionControlFilter::shouldRejectRequest() const { // This formula is documented in the admission control filter documentation: // https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/admission_control_filter.html const auto request_counts = config_->getController().requestCounts(); const double total_requests = request_counts.requests; const double successful_requests = request_counts.successes; double probability = total_requests - successful_requests / config_->successRateThreshold(); probability = probability / (total_requests + 1); const auto aggression = config_->aggression(); if (aggression != 1.0) { probability = std::pow(probability, 1.0 / aggression); } // Choosing an accuracy of 4 significant figures for the probability. static constexpr uint64_t accuracy = 1e4; auto r = config_->random().random(); return (accuracy * std::max(probability, 0.0)) > (r % accuracy); } } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/admission_control.h ================================================ #pragma once #include #include #include #include "envoy/common/random_generator.h" #include "envoy/common/time.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/cleanup.h" #include "common/common/logger.h" #include "common/grpc/common.h" #include "common/grpc/status.h" #include "common/http/codes.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" #include "extensions/filters/http/admission_control/thread_local_controller.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { /** * All stats for the admission control filter. */ #define ALL_ADMISSION_CONTROL_STATS(COUNTER) \ COUNTER(rq_rejected) \ COUNTER(rq_success) \ COUNTER(rq_failure) /** * Wrapper struct for admission control filter stats. @see stats_macros.h */ struct AdmissionControlStats { ALL_ADMISSION_CONTROL_STATS(GENERATE_COUNTER_STRUCT) }; using AdmissionControlProto = envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl; /** * Configuration for the admission control filter. */ class AdmissionControlFilterConfig { public: AdmissionControlFilterConfig(const AdmissionControlProto& proto_config, Runtime::Loader& runtime, Random::RandomGenerator& random, Stats::Scope& scope, ThreadLocal::SlotPtr&& tls, std::shared_ptr response_evaluator); virtual ~AdmissionControlFilterConfig() = default; virtual ThreadLocalController& getController() const { return tls_->getTyped(); } Random::RandomGenerator& random() const { return random_; } bool filterEnabled() const { return admission_control_feature_.enabled(); } Stats::Scope& scope() const { return scope_; } double aggression() const; double successRateThreshold() const; ResponseEvaluator& responseEvaluator() const { return *response_evaluator_; } private: Random::RandomGenerator& random_; Stats::Scope& scope_; const ThreadLocal::SlotPtr tls_; Runtime::FeatureFlag admission_control_feature_; std::unique_ptr aggression_; std::unique_ptr sr_threshold_; std::shared_ptr response_evaluator_; }; using AdmissionControlFilterConfigSharedPtr = std::shared_ptr; /** * A filter that probabilistically rejects requests based on upstream success-rate. */ class AdmissionControlFilter : public Http::PassThroughFilter, protected Logger::Loggable { public: AdmissionControlFilter(AdmissionControlFilterConfigSharedPtr config, const std::string& stats_prefix); // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; private: static AdmissionControlStats generateStats(Stats::Scope& scope, const std::string& prefix) { return {ALL_ADMISSION_CONTROL_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } bool shouldRejectRequest() const; void recordSuccess() { stats_.rq_success_.inc(); config_->getController().recordSuccess(); } void recordFailure() { stats_.rq_failure_.inc(); config_->getController().recordFailure(); } const AdmissionControlFilterConfigSharedPtr config_; AdmissionControlStats stats_; bool expect_grpc_status_in_trailer_{false}; // If false, the filter will forego recording a request success or failure during encoding. bool record_request_; }; } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/config.cc ================================================ #include "extensions/filters/http/admission_control/config.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/enum_to_int.h" #include "extensions/filters/http/admission_control/admission_control.h" #include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" #include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { static constexpr std::chrono::seconds defaultSamplingWindow{30}; Http::FilterFactoryCb AdmissionControlFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { const std::string prefix = stats_prefix + "admission_control."; // Create the thread-local controller. auto tls = context.threadLocal().allocateSlot(); auto sampling_window = std::chrono::seconds( PROTOBUF_GET_MS_OR_DEFAULT(config, sampling_window, 1000 * defaultSamplingWindow.count()) / 1000); tls->set( [sampling_window, &context](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(context.timeSource(), sampling_window); }); std::unique_ptr response_evaluator; switch (config.evaluation_criteria_case()) { case AdmissionControlProto::EvaluationCriteriaCase::kSuccessCriteria: response_evaluator = std::make_unique(config.success_criteria()); break; case AdmissionControlProto::EvaluationCriteriaCase::EVALUATION_CRITERIA_NOT_SET: NOT_REACHED_GCOVR_EXCL_LINE; } AdmissionControlFilterConfigSharedPtr filter_config = std::make_shared( config, context.runtime(), context.api().randomGenerator(), context.scope(), std::move(tls), std::move(response_evaluator)); return [filter_config, prefix](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(filter_config, prefix)); }; } /** * Static registration for the admission_control filter. @see RegisterFactory. */ REGISTER_FACTORY(AdmissionControlFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { /** * Config registration for the adaptive concurrency limit filter. @see NamedHttpFilterConfigFactory. */ class AdmissionControlFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl> { public: AdmissionControlFilterFactory() : FactoryBase(HttpFilterNames::get().AdmissionControl) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/evaluators/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that probabilistically rejects requests based on upstream success-rate. envoy_extension_package() envoy_cc_library( name = "response_evaluator_lib", srcs = ["success_criteria_evaluator.cc"], hdrs = [ "response_evaluator.h", "success_criteria_evaluator.h", ], visibility = ["//visibility:public"], deps = [ "//include/envoy/grpc:status", "//source/common/common:enum_to_int", "@envoy_api//envoy/extensions/filters/http/admission_control/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/admission_control/evaluators/response_evaluator.h ================================================ #pragma once #include #include "envoy/common/pure.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { /** * Determines of a request was successful based on response headers. */ class ResponseEvaluator { public: virtual ~ResponseEvaluator() = default; /** * Returns true if the provided HTTP code constitutes a success. */ virtual bool isHttpSuccess(uint64_t code) const PURE; /** * Returns true if the provided gRPC status counts constitutes a success. */ virtual bool isGrpcSuccess(uint32_t status) const PURE; }; } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.cc ================================================ #include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" #include #include "envoy/common/exception.h" #include "envoy/grpc/status.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { SuccessCriteriaEvaluator::SuccessCriteriaEvaluator(const SuccessCriteria& success_criteria) { // HTTP status. if (success_criteria.has_http_criteria()) { for (const auto& range : success_criteria.http_criteria().http_success_status()) { if (!validHttpRange(range.start(), range.end())) { throw EnvoyException( fmt::format("invalid HTTP range: [{}, {})", range.start(), range.end())); } const auto start = static_cast(range.start()); const auto end = static_cast(range.end()); http_success_fns_.emplace_back( [start, end](uint64_t status) { return (start <= status) && (status < end); }); } } else { // We default to all non-5xx codes as successes. http_success_fns_.emplace_back([](uint64_t status) { return status < 500; }); } // GRPC status. if (success_criteria.has_grpc_criteria()) { for (const auto& status : success_criteria.grpc_criteria().grpc_success_status()) { if (status > 16) { throw EnvoyException(fmt::format("invalid gRPC code {}", status)); } grpc_success_codes_.emplace_back(status); } } else { grpc_success_codes_ = { enumToInt(Grpc::Status::WellKnownGrpcStatus::AlreadyExists), enumToInt(Grpc::Status::WellKnownGrpcStatus::Canceled), enumToInt(Grpc::Status::WellKnownGrpcStatus::FailedPrecondition), enumToInt(Grpc::Status::WellKnownGrpcStatus::InvalidArgument), enumToInt(Grpc::Status::WellKnownGrpcStatus::NotFound), enumToInt(Grpc::Status::WellKnownGrpcStatus::Ok), enumToInt(Grpc::Status::WellKnownGrpcStatus::OutOfRange), enumToInt(Grpc::Status::WellKnownGrpcStatus::PermissionDenied), enumToInt(Grpc::Status::WellKnownGrpcStatus::Unauthenticated), enumToInt(Grpc::Status::WellKnownGrpcStatus::Unimplemented), enumToInt(Grpc::Status::WellKnownGrpcStatus::Unknown), }; } } bool SuccessCriteriaEvaluator::isGrpcSuccess(uint32_t status) const { return std::count(grpc_success_codes_.begin(), grpc_success_codes_.end(), status) > 0; } bool SuccessCriteriaEvaluator::isHttpSuccess(uint64_t code) const { return std::any_of(http_success_fns_.begin(), http_success_fns_.end(), [code](auto fn) { return fn(code); }); } } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" #include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { class SuccessCriteriaEvaluator : public ResponseEvaluator { public: using SuccessCriteria = envoy::extensions::filters::http::admission_control::v3alpha:: AdmissionControl::SuccessCriteria; SuccessCriteriaEvaluator(const SuccessCriteria& evaluation_criteria); // ResponseEvaluator bool isHttpSuccess(uint64_t code) const override; bool isGrpcSuccess(uint32_t status) const override; private: bool validHttpRange(const int32_t start, const int32_t end) const { return start <= end && start < 600 && start >= 100 && end <= 600 && end >= 100; } std::vector> http_success_fns_; std::vector grpc_success_codes_; }; } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/thread_local_controller.cc ================================================ #include "extensions/filters/http/admission_control/thread_local_controller.h" #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/http/codes.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { static constexpr std::chrono::seconds defaultHistoryGranularity{1}; ThreadLocalControllerImpl::ThreadLocalControllerImpl(TimeSource& time_source, std::chrono::seconds sampling_window) : time_source_(time_source), sampling_window_(sampling_window) {} void ThreadLocalControllerImpl::maybeUpdateHistoricalData() { // Purge stale samples. while (!historical_data_.empty() && ageOfOldestSample() >= sampling_window_) { removeOldestSample(); } // It's possible we purged stale samples from the history and are left with nothing, so it's // necessary to add an empty entry. We will also need to roll over into a new entry in the // historical data if we've exceeded the time specified by the granularity. if (historical_data_.empty() || ageOfNewestSample() >= defaultHistoryGranularity) { historical_data_.emplace_back(time_source_.monotonicTime(), RequestData()); } } void ThreadLocalControllerImpl::recordRequest(bool success) { maybeUpdateHistoricalData(); // The back of the deque will be the most recent samples. ++historical_data_.back().second.requests; ++global_data_.requests; if (success) { ++historical_data_.back().second.successes; ++global_data_.successes; } } } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/admission_control/thread_local_controller.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/http/codes.h" #include "envoy/thread_local/thread_local.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AdmissionControl { /* * Thread-local admission controller interface. */ class ThreadLocalController { public: struct RequestData { RequestData(uint32_t request_count, uint32_t success_count) : requests(request_count), successes(success_count) {} RequestData() = default; inline bool operator==(const RequestData& rhs) const { return (requests == rhs.requests) && (successes == rhs.successes); } uint32_t requests{0}; uint32_t successes{0}; }; virtual ~ThreadLocalController() = default; // Record success/failure of a request and update the internal state of the controller to reflect // this. virtual void recordSuccess() PURE; virtual void recordFailure() PURE; // Returns the current number of requests and how many of them are successful. virtual RequestData requestCounts() PURE; }; /** * Thread-local object to track request counts and successes over a rolling time window. Request * data for the time window is kept recent via a circular buffer that phases out old request/success * counts when recording new samples. * * This controller is thread-local so that we do not need to take any locks on the sample histories * to update them, at the cost of decreasing the number of samples. * * The look-back window for request samples is accurate up to a hard-coded 1-second granularity. * TODO (tonya11en): Allow the granularity to be configurable. */ class ThreadLocalControllerImpl : public ThreadLocalController, public ThreadLocal::ThreadLocalObject { public: ThreadLocalControllerImpl(TimeSource& time_source, std::chrono::seconds sampling_window); ~ThreadLocalControllerImpl() override = default; void recordSuccess() override { recordRequest(true); } void recordFailure() override { recordRequest(false); } RequestData requestCounts() override { maybeUpdateHistoricalData(); return global_data_; } private: void recordRequest(bool success); // Potentially remove any stale samples and record sample aggregates to the historical data. void maybeUpdateHistoricalData(); // Returns the age of the oldest sample in the historical data. std::chrono::microseconds ageOfOldestSample() const { ASSERT(!historical_data_.empty()); using namespace std::chrono; return duration_cast(time_source_.monotonicTime() - historical_data_.front().first); } // Returns the age of the newest sample in the historical data. std::chrono::microseconds ageOfNewestSample() const { ASSERT(!historical_data_.empty()); using namespace std::chrono; return duration_cast(time_source_.monotonicTime() - historical_data_.back().first); } // Removes the oldest sample in the historical data and reconciles the global data. void removeOldestSample() { ASSERT(!historical_data_.empty()); global_data_.successes -= historical_data_.front().second.successes; global_data_.requests -= historical_data_.front().second.requests; historical_data_.pop_front(); } TimeSource& time_source_; // Stores samples from oldest (front) to newest (back). Since there is no need to read/modify // entries that are not the oldest or newest (front/back), we can get away with using a deque // which allocates memory in chunks and keeps most elements contiguous and cache-friendly. std::deque> historical_data_; // Request data aggregated for the whole look-back window. RequestData global_data_; // The rolling time window size. const std::chrono::seconds sampling_window_; }; } // namespace AdmissionControl } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_lambda/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 # L7 HTTP AWS Lambda filter # Public docs: docs/root/configuration/http_filters/aws_lambda_filter.rst envoy_extension_package() envoy_proto_library( name = "request_response", srcs = ["request_response.proto"], ) envoy_cc_library( name = "aws_lambda_filter_lib", srcs = ["aws_lambda_filter.cc"], hdrs = ["aws_lambda_filter.h"], deps = [ ":request_response_cc_proto", "//include/envoy/http:filter_interface", "//source/common/common:base64_lib", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":aws_lambda_filter_lib", "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/aws_lambda/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/aws_lambda/aws_lambda_filter.cc ================================================ #include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" #include #include #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/upstream/upstream.h" #include "common/buffer/buffer_impl.h" #include "common/common/base64.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/crypto/utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "source/extensions/filters/http/aws_lambda/request_response.pb.validate.h" #include "extensions/filters/http/well_known_names.h" #include "absl/strings/numbers.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsLambdaFilter { class LambdaFilterNameValues { public: Http::LowerCaseString InvocationTypeHeader{std::string{"x-amz-invocation-type"}}; Http::LowerCaseString FunctionErrorHeader{std::string{"x-amz-function-error"}}; }; using LambdaFilterNames = ConstSingleton; namespace { constexpr auto filter_metadata_key = "com.amazonaws.lambda"; constexpr auto egress_gateway_metadata_key = "egress_gateway"; void setLambdaHeaders(Http::RequestHeaderMap& headers, absl::string_view function_name, InvocationMode mode) { headers.setMethod(Http::Headers::get().MethodValues.Post); headers.setPath(fmt::format("/2015-03-31/functions/{}/invocations", function_name)); if (mode == InvocationMode::Synchronous) { headers.setReference(LambdaFilterNames::get().InvocationTypeHeader, "RequestResponse"); } else { headers.setReference(LambdaFilterNames::get().InvocationTypeHeader, "Event"); } } /** * Determines if the target cluster has the AWS Lambda metadata on it. */ bool isTargetClusterLambdaGateway(Upstream::ClusterInfo const& cluster_info) { using ProtobufWkt::Value; const auto& filter_metadata_map = cluster_info.metadata().filter_metadata(); auto metadata_it = filter_metadata_map.find(filter_metadata_key); if (metadata_it == filter_metadata_map.end()) { return false; } auto egress_gateway_it = metadata_it->second.fields().find(egress_gateway_metadata_key); if (egress_gateway_it == metadata_it->second.fields().end()) { return false; } if (egress_gateway_it->second.kind_case() != Value::KindCase::kBoolValue) { return false; } return egress_gateway_it->second.bool_value(); } bool isContentTypeTextual(const Http::RequestOrResponseHeaderMap& headers) { // If transfer-encoding is anything other than 'identity' (i.e. chunked, compress, deflate or // gzip) then we want to base64-encode the response body regardless of the content-type value. if (auto encoding_header = headers.TransferEncoding()) { if (!absl::EqualsIgnoreCase(encoding_header->value().getStringView(), Http::Headers::get().TransferEncodingValues.Identity)) { return false; } } // If we don't know the content-type, then we can't make any assumptions. if (!headers.ContentType()) { return false; } const Http::LowerCaseString content_type_value{std::string(headers.getContentTypeValue())}; if (content_type_value.get() == Http::Headers::get().ContentTypeValues.Json) { return true; } if (content_type_value.get() == "application/javascript") { return true; } if (content_type_value.get() == "application/xml") { return true; } if (absl::StartsWith(content_type_value.get(), "text/")) { return true; } return false; } } // namespace Filter::Filter(const FilterSettings& settings, const FilterStats& stats, const std::shared_ptr& sigv4_signer) : settings_(settings), stats_(stats), sigv4_signer_(sigv4_signer) {} absl::optional Filter::getRouteSpecificSettings() const { if (!decoder_callbacks_->route() || !decoder_callbacks_->route()->routeEntry()) { return absl::nullopt; } const auto* route_entry = decoder_callbacks_->route()->routeEntry(); const auto* settings = route_entry->mostSpecificPerFilterConfigTyped( HttpFilterNames::get().AwsLambda); if (!settings) { return absl::nullopt; } return *settings; } void Filter::resolveSettings() { if (auto route_settings = getRouteSpecificSettings()) { payload_passthrough_ = route_settings->payloadPassthrough(); invocation_mode_ = route_settings->invocationMode(); arn_ = std::move(route_settings)->arn(); } else { payload_passthrough_ = settings_.payloadPassthrough(); invocation_mode_ = settings_.invocationMode(); } } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { auto cluster_info_ptr = decoder_callbacks_->clusterInfo(); if (!cluster_info_ptr || !isTargetClusterLambdaGateway(*cluster_info_ptr)) { skip_ = true; ENVOY_LOG(trace, "Target cluster does not have the Lambda metadata. Moving on."); return Http::FilterHeadersStatus::Continue; } resolveSettings(); if (!arn_) { arn_ = settings_.arn(); } if (!end_stream) { request_headers_ = &headers; return Http::FilterHeadersStatus::StopIteration; } if (payload_passthrough_) { setLambdaHeaders(headers, arn_->functionName(), invocation_mode_); sigv4_signer_->sign(headers); return Http::FilterHeadersStatus::Continue; } Buffer::OwnedImpl json_buf; jsonizeRequest(headers, nullptr, json_buf); // We must call setLambdaHeaders *after* the JSON transformation of the request. That way we // reflect the actual incoming request headers instead of the overwritten ones. setLambdaHeaders(headers, arn_->functionName(), invocation_mode_); headers.setContentLength(json_buf.length()); headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); auto& hashing_util = Envoy::Common::Crypto::UtilitySingleton::get(); const auto hash = Hex::encode(hashing_util.getSha256Digest(json_buf)); sigv4_signer_->sign(headers, hash); decoder_callbacks_->addDecodedData(json_buf, false); return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus Filter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { if (skip_ || end_stream) { return Http::FilterHeadersStatus::Continue; } // Check for errors returned by Lambda. // If we detect an error, we skip the encodeData step to hand the error back to the user as is. // Errors can be in the form of HTTP status code or x-amz-function-error header const auto http_status = Http::Utility::getResponseStatus(headers); if (http_status >= 300) { skip_ = true; return Http::FilterHeadersStatus::Continue; } // Just the existence of this header means we have an error, so skip. if (headers.get(LambdaFilterNames::get().FunctionErrorHeader)) { skip_ = true; return Http::FilterHeadersStatus::Continue; } response_headers_ = &headers; return Http::FilterHeadersStatus::StopIteration; } Http::FilterDataStatus Filter::decodeData(Buffer::Instance& data, bool end_stream) { if (skip_) { return Http::FilterDataStatus::Continue; } if (!end_stream) { return Http::FilterDataStatus::StopIterationAndBuffer; } auto& hashing_util = Envoy::Common::Crypto::UtilitySingleton::get(); decoder_callbacks_->addDecodedData(data, false); const Buffer::Instance& decoding_buffer = *decoder_callbacks_->decodingBuffer(); if (!payload_passthrough_) { decoder_callbacks_->modifyDecodingBuffer([this](Buffer::Instance& dec_buf) { Buffer::OwnedImpl json_buf; jsonizeRequest(*request_headers_, &dec_buf, json_buf); // effectively swap(data, json_buf) dec_buf.drain(dec_buf.length()); dec_buf.move(json_buf); }); request_headers_->setContentLength(decoding_buffer.length()); request_headers_->setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); } setLambdaHeaders(*request_headers_, arn_->functionName(), invocation_mode_); const auto hash = Hex::encode(hashing_util.getSha256Digest(decoding_buffer)); sigv4_signer_->sign(*request_headers_, hash); stats().upstream_rq_payload_size_.recordValue(decoding_buffer.length()); return Http::FilterDataStatus::Continue; } Http::FilterDataStatus Filter::encodeData(Buffer::Instance& data, bool end_stream) { if (skip_ || payload_passthrough_ || invocation_mode_ == InvocationMode::Asynchronous) { return Http::FilterDataStatus::Continue; } if (!end_stream) { return Http::FilterDataStatus::StopIterationAndBuffer; } ENVOY_LOG(trace, "Tranforming JSON payload to HTTP response."); encoder_callbacks_->addEncodedData(data, false); const Buffer::Instance& encoding_buffer = *encoder_callbacks_->encodingBuffer(); encoder_callbacks_->modifyEncodingBuffer([this](Buffer::Instance& enc_buf) { Buffer::OwnedImpl body; dejsonizeResponse(*response_headers_, enc_buf, body); enc_buf.drain(enc_buf.length()); enc_buf.move(body); }); response_headers_->setContentLength(encoding_buffer.length()); return Http::FilterDataStatus::Continue; } void Filter::jsonizeRequest(Http::RequestHeaderMap const& headers, const Buffer::Instance* body, Buffer::Instance& out) const { using source::extensions::filters::http::aws_lambda::Request; Request json_req; if (headers.Path()) { json_req.set_raw_path(std::string(headers.getPathValue())); } if (headers.Method()) { json_req.set_method(std::string(headers.getMethodValue())); } // Wrap the headers headers.iterate([&json_req](const Http::HeaderEntry& entry) -> Http::HeaderMap::Iterate { // ignore H2 pseudo-headers if (absl::StartsWith(entry.key().getStringView(), ":")) { return Http::HeaderMap::Iterate::Continue; } std::string name = std::string(entry.key().getStringView()); auto it = json_req.mutable_headers()->find(name); if (it == json_req.headers().end()) { json_req.mutable_headers()->insert({name, std::string(entry.value().getStringView())}); } else { // Coalesce headers with multiple values it->second += fmt::format(",{}", entry.value().getStringView()); } return Http::HeaderMap::Iterate::Continue; }); // Wrap the Query String if (headers.Path()) { for (auto&& kv_pair : Http::Utility::parseQueryString(headers.getPathValue())) { json_req.mutable_query_string_parameters()->insert({kv_pair.first, kv_pair.second}); } } // Wrap the body if (body) { if (isContentTypeTextual(headers)) { json_req.set_body(body->toString()); json_req.set_is_base64_encoded(false); } else { json_req.set_body(Base64::encode(*body, body->length())); json_req.set_is_base64_encoded(true); } } MessageUtil::validate(json_req, ProtobufMessage::getStrictValidationVisitor()); const std::string json_data = MessageUtil::getJsonStringFromMessage( json_req, false /* pretty_print */, true /* always_print_primitive_fields */); out.add(json_data); } void Filter::dejsonizeResponse(Http::ResponseHeaderMap& headers, const Buffer::Instance& json_buf, Buffer::Instance& body) { using source::extensions::filters::http::aws_lambda::Response; Response json_resp; try { MessageUtil::loadFromJson(json_buf.toString(), json_resp, ProtobufMessage::getNullValidationVisitor()); } catch (EnvoyException& ex) { // We would only get here if all of the following are true: // 1- Passthrough is set to false // 2- Lambda returned a 200 OK // 3- There was no x-amz-function-error header // 4- The body contains invalid JSON headers.setStatus(static_cast(Http::Code::InternalServerError)); stats().server_error_.inc(); return; } for (auto&& kv : json_resp.headers()) { // ignore H2 pseudo-headers (if any) if (kv.first[0] == ':') { continue; } headers.setCopy(Http::LowerCaseString(kv.first), kv.second); } for (auto&& cookie : json_resp.cookies()) { headers.addReferenceKey(Http::Headers::get().SetCookie, cookie); } if (json_resp.status_code() != 0) { headers.setStatus(json_resp.status_code()); } headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); if (!json_resp.body().empty()) { if (json_resp.is_base64_encoded()) { body.add(Base64::decode(json_resp.body())); } else { body.add(json_resp.body()); } } } absl::optional parseArn(absl::string_view arn) { const std::vector parts = absl::StrSplit(arn, ':'); constexpr auto min_arn_size = 7; if (parts.size() < min_arn_size) { return absl::nullopt; } if (parts[0] != "arn") { return absl::nullopt; } auto partition = parts[1]; auto service = parts[2]; auto region = parts[3]; auto account_id = parts[4]; auto resource_type = parts[5]; auto function_name = parts[6]; // If the ARN contains a function version/alias, then we want it to be part of the function name. // For example: // arn:aws:lambda:us-west-2:987654321:function:hello_envoy:v1 if (parts.size() > min_arn_size) { std::string versioned_function_name = std::string(function_name); versioned_function_name.push_back(':'); versioned_function_name += std::string(parts[7]); return Arn{partition, service, region, account_id, resource_type, versioned_function_name}; } return Arn{partition, service, region, account_id, resource_type, function_name}; } FilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "aws_lambda."; return {ALL_AWS_LAMBDA_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_HISTOGRAM_PREFIX(scope, final_prefix))}; } } // namespace AwsLambdaFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_lambda/aws_lambda_filter.h ================================================ #pragma once #include #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "common/buffer/buffer_impl.h" #include "extensions/common/aws/signer.h" #include "extensions/filters/http/common/pass_through_filter.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsLambdaFilter { class Arn { public: Arn(absl::string_view partition, absl::string_view service, absl::string_view region, absl::string_view account_id, absl::string_view resource_type, absl::string_view function_name) : partition_(partition), service_(service), region_(region), account_id_(account_id), resource_type_(resource_type), function_name_(function_name) {} const std::string& partition() const { return partition_; } const std::string& service() const { return service_; } const std::string& region() const { return region_; } const std::string& accountId() const { return account_id_; } const std::string& resourceType() const { return resource_type_; } const std::string& functionName() const { return function_name_; } private: std::string partition_; std::string service_; std::string region_; std::string account_id_; std::string resource_type_; std::string function_name_; // resource_id }; /** * Parses the input string into a structured ARN. * * The format is expected to be as such: * arn:partition:service:region:account-id:resource-type:resource-id * * Lambda ARN Example: * arn:aws:lambda:us-west-2:987654321:function:hello_envoy */ absl::optional parseArn(absl::string_view arn); /** * All stats for the AWS Lambda filter. @see stats_macros.h */ #define ALL_AWS_LAMBDA_FILTER_STATS(COUNTER, HISTOGRAM) \ COUNTER(server_error) \ HISTOGRAM(upstream_rq_payload_size, Bytes) /** * Wrapper struct filter stats. @see stats_macros.h */ struct FilterStats { ALL_AWS_LAMBDA_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; FilterStats generateStats(const std::string& prefix, Stats::Scope& scope); /** * Lambda invocation mode. * Synchronous mode is analogous to a blocking call; Lambda responds when it's completed processing. * In the Asynchronous mode, Lambda responds immediately acknowledging it received the request. */ enum class InvocationMode { Synchronous, Asynchronous }; class FilterSettings : public Router::RouteSpecificFilterConfig { public: FilterSettings(const Arn& arn, InvocationMode mode, bool payload_passthrough) : arn_(arn), invocation_mode_(mode), payload_passthrough_(payload_passthrough) {} const Arn& arn() const& { return arn_; } bool payloadPassthrough() const { return payload_passthrough_; } InvocationMode invocationMode() const { return invocation_mode_; } private: Arn arn_; InvocationMode invocation_mode_; bool payload_passthrough_; }; class Filter : public Http::PassThroughFilter, Logger::Loggable { public: Filter(const FilterSettings& config, const FilterStats& stats, const std::shared_ptr& sigv4_signer); Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; /** * Calculates the function ARN, value of pass-through, etc. by checking per-filter configurations * and general filter configuration. Ultimately, the most specific configuration wins. * @return error message if settings are invalid. Otherwise, empty string. */ void resolveSettings(); FilterStats& stats() { return stats_; } /** * Used for unit testing only */ const FilterSettings& settingsForTest() const { return settings_; } private: absl::optional getRouteSpecificSettings() const; // Convert the HTTP request to JSON request. void jsonizeRequest(const Http::RequestHeaderMap& headers, const Buffer::Instance* body, Buffer::Instance& out) const; // Convert the JSON response to a standard HTTP response. void dejsonizeResponse(Http::ResponseHeaderMap& headers, const Buffer::Instance& body, Buffer::Instance& out); const FilterSettings settings_; FilterStats stats_; Http::RequestHeaderMap* request_headers_ = nullptr; Http::ResponseHeaderMap* response_headers_ = nullptr; std::shared_ptr sigv4_signer_; absl::optional arn_; InvocationMode invocation_mode_ = InvocationMode::Synchronous; bool payload_passthrough_ = false; bool skip_ = false; }; } // namespace AwsLambdaFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_lambda/config.cc ================================================ #include "extensions/filters/http/aws_lambda/config.h" #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/fmt.h" #include "extensions/common/aws/credentials_provider_impl.h" #include "extensions/common/aws/signer_impl.h" #include "extensions/common/aws/utility.h" #include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsLambdaFilter { constexpr auto service_name = "lambda"; namespace { InvocationMode getInvocationMode(const envoy::extensions::filters::http::aws_lambda::v3::Config& proto_config) { using namespace envoy::extensions::filters::http::aws_lambda::v3; switch (proto_config.invocation_mode()) { case Config_InvocationMode_ASYNCHRONOUS: return InvocationMode::Asynchronous; case Config_InvocationMode_SYNCHRONOUS: return InvocationMode::Synchronous; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Http::FilterFactoryCb AwsLambdaFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::aws_lambda::v3::Config& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) { auto credentials_provider = std::make_shared( context.api(), Extensions::Common::Aws::Utility::metadataFetcher); const auto arn = parseArn(proto_config.arn()); if (!arn) { throw EnvoyException(fmt::format("aws_lambda_filter: Invalid ARN: {}", proto_config.arn())); } const std::string region = arn->region(); auto signer = std::make_shared( service_name, region, std::move(credentials_provider), context.dispatcher().timeSource()); FilterSettings filter_settings{*arn, getInvocationMode(proto_config), proto_config.payload_passthrough()}; FilterStats stats = generateStats(stat_prefix, context.scope()); return [stats, signer, filter_settings](Http::FilterChainFactoryCallbacks& cb) { auto filter = std::make_shared(filter_settings, stats, signer); cb.addStreamFilter(filter); }; } Router::RouteSpecificFilterConfigConstSharedPtr AwsLambdaFilterFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::aws_lambda::v3::PerRouteConfig& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { const auto arn = parseArn(proto_config.invoke_config().arn()); if (!arn) { throw EnvoyException( fmt::format("aws_lambda_filter: Invalid ARN: {}", proto_config.invoke_config().arn())); } return std::make_shared( FilterSettings{*arn, getInvocationMode(proto_config.invoke_config()), proto_config.invoke_config().payload_passthrough()}); } /* * Static registration for the AWS Lambda filter. @see RegisterFactory. */ REGISTER_FACTORY(AwsLambdaFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace AwsLambdaFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_lambda/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.h" #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsLambdaFilter { class AwsLambdaFilterFactory : public Common::FactoryBase { public: AwsLambdaFilterFactory() : FactoryBase(HttpFilterNames::get().AwsLambda) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::aws_lambda::v3::Config& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::aws_lambda::v3::PerRouteConfig&, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; }; } // namespace AwsLambdaFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_lambda/request_response.proto ================================================ syntax = "proto3"; // The structures are used for the purpose of JSON (de)serialization. package source.extensions.filters.http.aws_lambda; import "validate/validate.proto"; message Request { string raw_path = 1 [(validate.rules).string = {min_len: 1}]; string method = 2 [(validate.rules).string = {min_len: 1}]; // HTTP headers with the same name are coalesced into a single comma-separated value. map headers = 3; // multi-value keys are overwritten. Last one wins. map query_string_parameters = 4; string body = 5; bool is_base64_encoded = 6; } message Response { uint32 status_code = 1; map headers = 2; // cookies are split from headers in the response because the headers are coalesced while the HTTP RFC prohibits // coalescing multiple cookie values in the Set-Cookie header. repeated string cookies = 3; string body = 4; bool is_base64_encoded = 5; } ================================================ FILE: source/extensions/filters/http/aws_request_signing/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP AWS request signing filter # Public docs: docs/root/configuration/http_filters/aws_request_signing_filter.rst envoy_extension_package() envoy_cc_library( name = "aws_request_signing_filter_lib", srcs = ["aws_request_signing_filter.cc"], hdrs = ["aws_request_signing_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/aws_request_signing/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":aws_request_signing_filter_lib", "//include/envoy/registry", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/aws_request_signing/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.cc ================================================ #include "extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsRequestSigningFilter { FilterConfigImpl::FilterConfigImpl(Extensions::Common::Aws::SignerPtr&& signer, const std::string& stats_prefix, Stats::Scope& scope, const std::string& host_rewrite) : signer_(std::move(signer)), stats_(Filter::generateStats(stats_prefix, scope)), host_rewrite_(host_rewrite) {} Filter::Filter(const std::shared_ptr& config) : config_(config) {} Extensions::Common::Aws::Signer& FilterConfigImpl::signer() { return *signer_; } FilterStats& FilterConfigImpl::stats() { return stats_; } const std::string& FilterConfigImpl::hostRewrite() const { return host_rewrite_; } FilterStats Filter::generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "aws_request_signing."; return {ALL_AWS_REQUEST_SIGNING_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { const auto& host_rewrite = config_->hostRewrite(); if (!host_rewrite.empty()) { headers.setHost(host_rewrite); } try { config_->signer().sign(headers); config_->stats().signing_added_.inc(); } catch (const EnvoyException& e) { ENVOY_LOG(debug, "signing failed: {}", e.what()); config_->stats().signing_failed_.inc(); } return Http::FilterHeadersStatus::Continue; } } // namespace AwsRequestSigningFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h ================================================ #pragma once #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "extensions/common/aws/signer.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsRequestSigningFilter { /** * All stats for the AWS request signing filter. @see stats_macros.h */ // clang-format off #define ALL_AWS_REQUEST_SIGNING_FILTER_STATS(COUNTER) \ COUNTER(signing_added) \ COUNTER(signing_failed) // clang-format on /** * Wrapper struct filter stats. @see stats_macros.h */ struct FilterStats { ALL_AWS_REQUEST_SIGNING_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Abstract filter configuration. */ class FilterConfig { public: virtual ~FilterConfig() = default; /** * @return the config's signer. */ virtual Extensions::Common::Aws::Signer& signer() PURE; /** * @return the filter stats. */ virtual FilterStats& stats() PURE; /** * @return the host rewrite value. */ virtual const std::string& hostRewrite() const PURE; }; using FilterConfigSharedPtr = std::shared_ptr; /** * Configuration for the AWS request signing filter. */ class FilterConfigImpl : public FilterConfig { public: FilterConfigImpl(Extensions::Common::Aws::SignerPtr&& signer, const std::string& stats_prefix, Stats::Scope& scope, const std::string& host_rewrite); Extensions::Common::Aws::Signer& signer() override; FilterStats& stats() override; const std::string& hostRewrite() const override; private: Extensions::Common::Aws::SignerPtr signer_; FilterStats stats_; std::string host_rewrite_; }; /** * HTTP AWS request signing auth filter. */ class Filter : public Http::PassThroughDecoderFilter, Logger::Loggable { public: Filter(const std::shared_ptr& config); static FilterStats generateStats(const std::string& prefix, Stats::Scope& scope); Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; private: std::shared_ptr config_; }; } // namespace AwsRequestSigningFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_request_signing/config.cc ================================================ #include "extensions/filters/http/aws_request_signing/config.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/common/aws/credentials_provider_impl.h" #include "extensions/common/aws/signer_impl.h" #include "extensions/common/aws/utility.h" #include "extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsRequestSigningFilter { Http::FilterFactoryCb AwsRequestSigningFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::aws_request_signing::v3::AwsRequestSigning& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { auto credentials_provider = std::make_shared( context.api(), Extensions::Common::Aws::Utility::metadataFetcher); auto signer = std::make_unique( config.service_name(), config.region(), credentials_provider, context.dispatcher().timeSource()); auto filter_config = std::make_shared(std::move(signer), stats_prefix, context.scope(), config.host_rewrite()); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { auto filter = std::make_shared(filter_config); callbacks.addStreamDecoderFilter(filter); }; } /** * Static registration for the AWS request signing filter. @see RegisterFactory. */ REGISTER_FACTORY(AwsRequestSigningFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace AwsRequestSigningFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/aws_request_signing/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace AwsRequestSigningFilter { /** * Config registration for the AWS request signing filter. */ class AwsRequestSigningFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::aws_request_signing::v3::AwsRequestSigning> { public: AwsRequestSigningFilterFactory() : FactoryBase(HttpFilterNames::get().AwsRequestSigning) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::aws_request_signing::v3::AwsRequestSigning& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace AwsRequestSigningFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/buffer/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Request buffering and timeout L7 HTTP filter # Public docs: docs/root/configuration/http_filters/buffer_filter.rst envoy_extension_package() envoy_cc_library( name = "buffer_filter_lib", srcs = ["buffer_filter.cc"], hdrs = ["buffer_filter.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/buffer/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", # Legacy test use. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/buffer:buffer_filter_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/buffer/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/buffer/buffer_filter.cc ================================================ #include "extensions/filters/http/buffer/buffer_filter.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/http/codes.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/runtime/runtime_impl.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace BufferFilter { BufferFilterSettings::BufferFilterSettings( const envoy::extensions::filters::http::buffer::v3::Buffer& proto_config) : disabled_(false), max_request_bytes_(static_cast(proto_config.max_request_bytes().value())) {} BufferFilterSettings::BufferFilterSettings( const envoy::extensions::filters::http::buffer::v3::BufferPerRoute& proto_config) : disabled_(proto_config.disabled()), max_request_bytes_( proto_config.has_buffer() ? static_cast(proto_config.buffer().max_request_bytes().value()) : 0) {} BufferFilterConfig::BufferFilterConfig( const envoy::extensions::filters::http::buffer::v3::Buffer& proto_config) : settings_(proto_config) {} BufferFilter::BufferFilter(BufferFilterConfigSharedPtr config) : config_(config), settings_(config->settings()) {} void BufferFilter::initConfig() { ASSERT(!config_initialized_); config_initialized_ = true; settings_ = config_->settings(); if (!callbacks_->route() || !callbacks_->route()->routeEntry()) { return; } const std::string& name = HttpFilterNames::get().Buffer; const auto* entry = callbacks_->route()->routeEntry(); const auto* route_local = entry->mostSpecificPerFilterConfigTyped(name); settings_ = route_local ? route_local : settings_; } Http::FilterHeadersStatus BufferFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { if (end_stream) { // If this is a header-only request, we don't need to do any buffering. return Http::FilterHeadersStatus::Continue; } initConfig(); if (settings_->disabled()) { // The filter has been disabled for this route. return Http::FilterHeadersStatus::Continue; } callbacks_->setDecoderBufferLimit(settings_->maxRequestBytes()); request_headers_ = &headers; return Http::FilterHeadersStatus::StopIteration; } Http::FilterDataStatus BufferFilter::decodeData(Buffer::Instance& data, bool end_stream) { content_length_ += data.length(); if (end_stream || settings_->disabled()) { maybeAddContentLength(); return Http::FilterDataStatus::Continue; } // Buffer until the complete request has been processed or the ConnectionManagerImpl sends a 413. return Http::FilterDataStatus::StopIterationAndBuffer; } Http::FilterTrailersStatus BufferFilter::decodeTrailers(Http::RequestTrailerMap&) { maybeAddContentLength(); return Http::FilterTrailersStatus::Continue; } void BufferFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } void BufferFilter::maybeAddContentLength() { // request_headers_ is initialized iff plugin is enabled. if (request_headers_ != nullptr && request_headers_->ContentLength() == nullptr) { ASSERT(!settings_->disabled()); request_headers_->setContentLength(content_length_); } } } // namespace BufferFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/buffer/buffer_filter.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/http/filter.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace BufferFilter { class BufferFilterSettings : public Router::RouteSpecificFilterConfig { public: BufferFilterSettings(const envoy::extensions::filters::http::buffer::v3::Buffer&); BufferFilterSettings(const envoy::extensions::filters::http::buffer::v3::BufferPerRoute&); bool disabled() const { return disabled_; } uint64_t maxRequestBytes() const { return max_request_bytes_; } private: bool disabled_; uint64_t max_request_bytes_; }; /** * Configuration for the buffer filter. */ class BufferFilterConfig { public: BufferFilterConfig(const envoy::extensions::filters::http::buffer::v3::Buffer& proto_config); const BufferFilterSettings* settings() const { return &settings_; } private: const BufferFilterSettings settings_; }; using BufferFilterConfigSharedPtr = std::shared_ptr; /** * A filter that is capable of buffering an entire request before dispatching it upstream. */ class BufferFilter : public Http::StreamDecoderFilter { public: BufferFilter(BufferFilterConfigSharedPtr config); // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; private: void initConfig(); void maybeAddContentLength(); BufferFilterConfigSharedPtr config_; const BufferFilterSettings* settings_; Http::StreamDecoderFilterCallbacks* callbacks_{}; Http::RequestHeaderMap* request_headers_{}; uint64_t content_length_{}; bool config_initialized_{}; }; } // namespace BufferFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/buffer/config.cc ================================================ #include "extensions/filters/http/buffer/config.h" #include #include #include #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/buffer/buffer_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace BufferFilter { Http::FilterFactoryCb BufferFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::buffer::v3::Buffer& proto_config, const std::string&, Server::Configuration::FactoryContext&) { ASSERT(proto_config.has_max_request_bytes()); BufferFilterConfigSharedPtr filter_config(new BufferFilterConfig(proto_config)); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(filter_config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr BufferFilterFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::buffer::v3::BufferPerRoute& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config); } /** * Static registration for the buffer filter. @see RegisterFactory. */ REGISTER_FACTORY(BufferFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.buffer"}; } // namespace BufferFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/buffer/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace BufferFilter { /** * Config registration for the buffer filter. */ class BufferFilterFactory : public Common::FactoryBase { public: BufferFilterFactory() : FactoryBase(HttpFilterNames::get().Buffer) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::buffer::v3::Buffer& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::buffer::v3::BufferPerRoute&, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; }; DECLARE_FACTORY(BufferFilterFactory); } // namespace BufferFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 ## Pluggable HTTP cache filter envoy_extension_package() envoy_cc_library( name = "cache_filter_lib", srcs = ["cache_filter.cc"], hdrs = ["cache_filter.h"], deps = [ ":cache_headers_utils_lib", ":cacheability_utils_lib", ":http_cache_lib", ":inline_headers_handles", "//source/common/common:enum_to_int", "//source/common/common:logger_lib", "//source/common/common:macros", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/cache/v3alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "cacheability_utils_lib", srcs = ["cacheability_utils.cc"], hdrs = ["cacheability_utils.h"], deps = [ ":cache_headers_utils_lib", ":inline_headers_handles", "//source/common/common:utility_lib", "//source/common/http:headers_lib", ], ) envoy_proto_library( name = "key", srcs = ["key.proto"], ) envoy_cc_library( name = "http_cache_lib", srcs = ["http_cache.cc"], hdrs = ["http_cache.h"], deps = [ ":cache_headers_utils_lib", ":inline_headers_handles", ":key_cc_proto", "//include/envoy/buffer:buffer_interface", "//include/envoy/common:time_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:header_map_interface", "//source/common/common:assert_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/http/cache/v3alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "cache_headers_utils_lib", srcs = ["cache_headers_utils.cc"], hdrs = ["cache_headers_utils.h"], external_deps = ["abseil_optional"], deps = [ ":inline_headers_handles", "//include/envoy/common:time_interface", "//include/envoy/http:header_map_interface", "//source/common/common:matchers_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/protobuf", "@envoy_api//envoy/extensions/filters/http/cache/v3alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "inline_headers_handles", hdrs = ["inline_headers_handles.h"], deps = [ "//source/common/http:headers_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream_and_upstream", status = "wip", deps = [ ":cache_filter_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/cache/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/cache/cache_filter.cc ================================================ #include "extensions/filters/http/cache/cache_filter.h" #include "envoy/http/header_map.h" #include "common/common/enum_to_int.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "extensions/filters/http/cache/cacheability_utils.h" #include "extensions/filters/http/cache/inline_headers_handles.h" #include "absl/memory/memory.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { namespace { inline bool isResponseNotModified(const Http::ResponseHeaderMap& response_headers) { return Http::Utility::getResponseStatus(response_headers) == enumToInt(Http::Code::NotModified); } } // namespace struct CacheResponseCodeDetailValues { const absl::string_view ResponseFromCacheFilter = "cache.response_from_cache_filter"; }; using CacheResponseCodeDetails = ConstSingleton; CacheFilter::CacheFilter( const envoy::extensions::filters::http::cache::v3alpha::CacheConfig& config, const std::string&, Stats::Scope&, TimeSource& time_source, HttpCache& http_cache) : time_source_(time_source), cache_(http_cache), vary_allow_list_(config.allowed_vary_headers()) {} void CacheFilter::onDestroy() { filter_state_ = FilterState::Destroyed; if (lookup_) { lookup_->onDestroy(); } if (insert_) { insert_->onDestroy(); } } Http::FilterHeadersStatus CacheFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { ENVOY_STREAM_LOG(debug, "CacheFilter::decodeHeaders: {}", *decoder_callbacks_, headers); if (!end_stream) { ENVOY_STREAM_LOG( debug, "CacheFilter::decodeHeaders ignoring request because it has body and/or trailers: {}", *decoder_callbacks_, headers); return Http::FilterHeadersStatus::Continue; } if (!CacheabilityUtils::isCacheableRequest(headers)) { ENVOY_STREAM_LOG(debug, "CacheFilter::decodeHeaders ignoring uncacheable request: {}", *decoder_callbacks_, headers); return Http::FilterHeadersStatus::Continue; } ASSERT(decoder_callbacks_); LookupRequest lookup_request(headers, time_source_.systemTime(), vary_allow_list_); request_allows_inserts_ = !lookup_request.requestCacheControl().no_store_; lookup_ = cache_.makeLookupContext(std::move(lookup_request)); ASSERT(lookup_); getHeaders(headers); ENVOY_STREAM_LOG(debug, "CacheFilter::decodeHeaders starting lookup", *decoder_callbacks_); // Stop the decoding stream until the cache lookup result is ready. return Http::FilterHeadersStatus::StopAllIterationAndWatermark; } Http::FilterHeadersStatus CacheFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { if (filter_state_ == FilterState::DecodeServingFromCache) { // This call was invoked during decoding by decoder_callbacks_->encodeHeaders because a fresh // cached response was found and is being added to the encoding stream -- ignore it. return Http::FilterHeadersStatus::Continue; } // If lookup_ is null, the request wasn't cacheable, so the response isn't either. if (!lookup_) { return Http::FilterHeadersStatus::Continue; } if (filter_state_ == FilterState::ValidatingCachedResponse && isResponseNotModified(headers)) { processSuccessfulValidation(headers); // Stop the encoding stream until the cached response is fetched & added to the encoding stream. return Http::FilterHeadersStatus::StopIteration; } // Either a cache miss or a cache entry that is no longer valid. // Check if the new response can be cached. if (request_allows_inserts_ && CacheabilityUtils::isCacheableResponse(headers, vary_allow_list_)) { ENVOY_STREAM_LOG(debug, "CacheFilter::encodeHeaders inserting headers", *encoder_callbacks_); insert_ = cache_.makeInsertContext(std::move(lookup_)); // Add metadata associated with the cached response. Right now this is only response_time; const ResponseMetadata metadata = {time_source_.systemTime()}; insert_->insertHeaders(headers, metadata, end_stream); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus CacheFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (filter_state_ == FilterState::DecodeServingFromCache) { // This call was invoked during decoding by decoder_callbacks_->encodeData because a fresh // cached response was found and is being added to the encoding stream -- ignore it. return Http::FilterDataStatus::Continue; } if (filter_state_ == FilterState::EncodeServingFromCache) { // Stop the encoding stream until the cached response is fetched & added to the encoding stream. return Http::FilterDataStatus::StopIterationAndBuffer; } if (insert_) { ENVOY_STREAM_LOG(debug, "CacheFilter::encodeData inserting body", *encoder_callbacks_); // TODO(toddmgreer): Wait for the cache if necessary. insert_->insertBody( data, [](bool) {}, end_stream); } return Http::FilterDataStatus::Continue; } void CacheFilter::getHeaders(Http::RequestHeaderMap& request_headers) { ASSERT(lookup_, "CacheFilter is trying to call getHeaders with no LookupContext"); // If the cache posts a callback to the dispatcher then the CacheFilter is destroyed for any // reason (e.g client disconnected and HTTP stream terminated), then there is no guarantee that // the posted callback will run before the filter is deleted. Hence, a weak_ptr to the CacheFilter // is captured and used to make sure the CacheFilter is still alive before accessing it in the // posted callback. // TODO(yosrym93): Look into other options for handling this (also in getBody and getTrailers) as // they arise, e.g. cancellable posts, guaranteed ordering of posted callbacks and deletions, etc. CacheFilterWeakPtr self = weak_from_this(); // The dispatcher needs to be captured because there's no guarantee that // decoder_callbacks_->dispatcher() is thread-safe. lookup_->getHeaders([self, &request_headers, &dispatcher = decoder_callbacks_->dispatcher()](LookupResult&& result) { // The callback is posted to the dispatcher to make sure it is called on the worker thread. // The lambda passed to dispatcher.post() needs to be copyable as it will be used to // initialize a std::function. Therefore, it cannot capture anything non-copyable. // LookupResult is non-copyable as LookupResult::headers_ is a unique_ptr, which is // non-copyable. Hence, "result" is decomposed when captured, and re-instantiated inside the // lambda so that "result.headers_" can be captured as a raw pointer, then wrapped in a // unique_ptr when the result is re-instantiated. dispatcher.post([self, &request_headers, status = result.cache_entry_status_, headers_raw_ptr = result.headers_.release(), response_ranges = std::move(result.response_ranges_), content_length = result.content_length_, has_trailers = result.has_trailers_]() mutable { // Wrap the raw pointer in a unique_ptr before checking to avoid memory leaks. Http::ResponseHeaderMapPtr headers = absl::WrapUnique(headers_raw_ptr); if (CacheFilterSharedPtr cache_filter = self.lock()) { cache_filter->onHeaders( LookupResult{status, std::move(headers), content_length, response_ranges, has_trailers}, request_headers); } }); }); } void CacheFilter::getBody() { ASSERT(lookup_, "CacheFilter is trying to call getBody with no LookupContext"); ASSERT(!remaining_ranges_.empty(), "No reason to call getBody when there's no body to get."); // If the cache posts a callback to the dispatcher then the CacheFilter is destroyed for any // reason (e.g client disconnected and HTTP stream terminated), then there is no guarantee that // the posted callback will run before the filter is deleted. Hence, a weak_ptr to the CacheFilter // is captured and used to make sure the CacheFilter is still alive before accessing it in the // posted callback. CacheFilterWeakPtr self = weak_from_this(); // The dispatcher needs to be captured because there's no guarantee that // decoder_callbacks_->dispatcher() is thread-safe. lookup_->getBody(remaining_ranges_[0], [self, &dispatcher = decoder_callbacks_->dispatcher()]( Buffer::InstancePtr&& body) { // The callback is posted to the dispatcher to make sure it is called on the worker thread. // The lambda passed to dispatcher.post() needs to be copyable as it will be used to // initialize a std::function. Therefore, it cannot capture anything non-copyable. // "body" is a unique_ptr, which is non-copyable. Hence, it is captured as a raw pointer then // wrapped in a unique_ptr inside the lambda. dispatcher.post([self, body_raw_ptr = body.release()] { // Wrap the raw pointer in a unique_ptr before checking to avoid memory leaks. Buffer::InstancePtr body = absl::WrapUnique(body_raw_ptr); if (CacheFilterSharedPtr cache_filter = self.lock()) { cache_filter->onBody(std::move(body)); } }); }); } void CacheFilter::getTrailers() { ASSERT(lookup_, "CacheFilter is trying to call getTrailers with no LookupContext"); ASSERT(response_has_trailers_, "No reason to call getTrailers when there's no trailers to get."); // If the cache posts a callback to the dispatcher then the CacheFilter is destroyed for any // reason (e.g client disconnected and HTTP stream terminated), then there is no guarantee that // the posted callback will run before the filter is deleted. Hence, a weak_ptr to the CacheFilter // is captured and used to make sure the CacheFilter is still alive before accessing it in the // posted callback. CacheFilterWeakPtr self = weak_from_this(); // The dispatcher needs to be captured because there's no guarantee that // decoder_callbacks_->dispatcher() is thread-safe. lookup_->getTrailers([self, &dispatcher = decoder_callbacks_->dispatcher()]( Http::ResponseTrailerMapPtr&& trailers) { // The callback is posted to the dispatcher to make sure it is called on the worker thread. // The lambda passed to dispatcher.post() needs to be copyable as it will be used to // initialize a std::function. Therefore, it cannot capture anything non-copyable. // "trailers" is a unique_ptr, which is non-copyable. Hence, it is captured as a raw // pointer then wrapped in a unique_ptr inside the lambda. dispatcher.post([self, trailers_raw_ptr = trailers.release()] { // Wrap the raw pointer in a unique_ptr before checking to avoid memory leaks. Http::ResponseTrailerMapPtr trailers = absl::WrapUnique(trailers_raw_ptr); if (CacheFilterSharedPtr cache_filter = self.lock()) { cache_filter->onTrailers(std::move(trailers)); } }); }); } void CacheFilter::onHeaders(LookupResult&& result, Http::RequestHeaderMap& request_headers) { if (filter_state_ == FilterState::Destroyed) { // The filter is being destroyed, any callbacks should be ignored. return; } // TODO(yosrym93): Handle request only-if-cached directive switch (result.cache_entry_status_) { case CacheEntryStatus::FoundNotModified: NOT_IMPLEMENTED_GCOVR_EXCL_LINE; // We don't yet return or support these codes. case CacheEntryStatus::RequiresValidation: // If a cache entry requires validation, inject validation headers in the request and let it // pass through as if no cache entry was found. // If the cache entry was valid, the response status should be 304 (unmodified) and the cache // entry will be injected in the response body. lookup_result_ = std::make_unique(std::move(result)); filter_state_ = FilterState::ValidatingCachedResponse; injectValidationHeaders(request_headers); break; case CacheEntryStatus::Unusable: break; case CacheEntryStatus::NotSatisfiableRange: lookup_result_ = std::make_unique(std::move(result)); filter_state_ = FilterState::DecodeServingFromCache; lookup_result_->headers_->setStatus(static_cast(Http::Code::RangeNotSatisfiable)); lookup_result_->headers_->addCopy(Http::Headers::get().ContentRange, absl::StrCat("bytes */", lookup_result_->content_length_)); // We shouldn't serve any of the body, so the response content length is 0. lookup_result_->setContentLength(0); encodeCachedResponse(); break; case CacheEntryStatus::SatisfiableRange: if (result.response_ranges_.size() == 1) { lookup_result_ = std::make_unique(std::move(result)); filter_state_ = FilterState::DecodeServingFromCache; lookup_result_->headers_->setStatus(static_cast(Http::Code::PartialContent)); lookup_result_->headers_->addCopy( Http::Headers::get().ContentRange, absl::StrCat("bytes ", lookup_result_->response_ranges_[0].begin(), "-", lookup_result_->response_ranges_[0].end() - 1, "/", lookup_result_->content_length_)); // We serve only the desired range, so adjust the length accordingly. lookup_result_->setContentLength(lookup_result_->response_ranges_[0].length()); remaining_ranges_ = std::move(lookup_result_->response_ranges_); encodeCachedResponse(); break; } // Multi-part responses are not supported, and they will be treated as a usual 200 response on // ::Ok case below. A possible way to achieve that would be to move all ranges to // remaining_ranges_, and add logic inside '::onBody' to interleave the body bytes with // sub-headers and separator string for each part. Would need to keep track if the current range // is over or not to know when to insert the separator, and calculate the length based on length // of ranges + extra headers and separators. ABSL_FALLTHROUGH_INTENDED; case CacheEntryStatus::Ok: lookup_result_ = std::make_unique(std::move(result)); filter_state_ = FilterState::DecodeServingFromCache; encodeCachedResponse(); // Return here so that continueDecoding is not called. // No need to continue the decoding stream as a cached response is already being served. return; } // decodeHeaders returned StopIteration waiting for this callback -- continue decoding decoder_callbacks_->continueDecoding(); } // TODO(toddmgreer): Handle downstream backpressure. void CacheFilter::onBody(Buffer::InstancePtr&& body) { // Can be called during decoding if a valid cache hit is found, // or during encoding if a cache entry was being validated. if (filter_state_ == FilterState::Destroyed) { // The filter is being destroyed, any callbacks should be ignored. return; } ASSERT(!remaining_ranges_.empty(), "CacheFilter doesn't call getBody unless there's more body to get, so this is a " "bogus callback."); ASSERT(body, "Cache said it had a body, but isn't giving it to us."); const uint64_t bytes_from_cache = body->length(); if (bytes_from_cache < remaining_ranges_[0].length()) { remaining_ranges_[0].trimFront(bytes_from_cache); } else if (bytes_from_cache == remaining_ranges_[0].length()) { remaining_ranges_.erase(remaining_ranges_.begin()); } else { ASSERT(false, "Received oversized body from cache."); filter_state_ == FilterState::DecodeServingFromCache ? decoder_callbacks_->resetStream() : encoder_callbacks_->resetStream(); return; } const bool end_stream = remaining_ranges_.empty() && !response_has_trailers_; filter_state_ == FilterState::DecodeServingFromCache ? decoder_callbacks_->encodeData(*body, end_stream) : encoder_callbacks_->addEncodedData(*body, true); if (!remaining_ranges_.empty()) { getBody(); } else if (response_has_trailers_) { getTrailers(); } else { finalizeEncodingCachedResponse(); } } void CacheFilter::onTrailers(Http::ResponseTrailerMapPtr&& trailers) { // Can be called during decoding if a valid cache hit is found, // or during encoding if a cache entry was being validated. if (filter_state_ == FilterState::Destroyed) { // The filter is being destroyed, any callbacks should be ignored. return; } if (filter_state_ == FilterState::DecodeServingFromCache) { decoder_callbacks_->encodeTrailers(std::move(trailers)); } else { Http::ResponseTrailerMap& response_trailers = encoder_callbacks_->addEncodedTrailers(); response_trailers = std::move(*trailers); } finalizeEncodingCachedResponse(); } void CacheFilter::processSuccessfulValidation(Http::ResponseHeaderMap& response_headers) { ASSERT(lookup_result_, "CacheFilter trying to validate a non-existent lookup result"); ASSERT( filter_state_ == FilterState::ValidatingCachedResponse, "processSuccessfulValidation must only be called when a cached response is being validated"); ASSERT(isResponseNotModified(response_headers), "processSuccessfulValidation must only be called with 304 responses"); // Check whether the cached entry should be updated before modifying the 304 response. const bool should_update_cached_entry = shouldUpdateCachedEntry(response_headers); filter_state_ = FilterState::EncodeServingFromCache; // Update the 304 response status code and content-length response_headers.setStatus(lookup_result_->headers_->getStatusValue()); response_headers.setContentLength(lookup_result_->headers_->getContentLengthValue()); // A response that has been validated should not contain an Age header as it is equivalent to a // freshly served response from the origin, unless the 304 response has an Age header, which // means it was served by an upstream cache. // Remove any existing Age header in the cached response. lookup_result_->headers_->removeInline(age_handle.handle()); // Add any missing headers from the cached response to the 304 response. lookup_result_->headers_->iterate([&response_headers](const Http::HeaderEntry& cached_header) { // TODO(yosrym93): Try to avoid copying the header key twice. Http::LowerCaseString key(std::string(cached_header.key().getStringView())); absl::string_view value = cached_header.value().getStringView(); if (!response_headers.get(key)) { response_headers.setCopy(key, value); } return Http::HeaderMap::Iterate::Continue; }); if (should_update_cached_entry) { // TODO(yosrym93): else the cached entry should be deleted. // Update metadata associated with the cached response. Right now this is only response_time; const ResponseMetadata metadata = {time_source_.systemTime()}; cache_.updateHeaders(*lookup_, response_headers, metadata); } // A cache entry was successfully validated -> encode cached body and trailers. encodeCachedResponse(); } // TODO(yosrym93): Write a test that exercises this when SimpleHttpCache implements updateHeaders bool CacheFilter::shouldUpdateCachedEntry(const Http::ResponseHeaderMap& response_headers) const { ASSERT(isResponseNotModified(response_headers), "shouldUpdateCachedEntry must only be called with 304 responses"); ASSERT(lookup_result_, "shouldUpdateCachedEntry precondition unsatisfied: lookup_result_ " "does not point to a cache lookup result"); ASSERT(filter_state_ == FilterState::ValidatingCachedResponse, "shouldUpdateCachedEntry precondition unsatisfied: the " "CacheFilter is not validating a cache lookup result"); // According to: https://httpwg.org/specs/rfc7234.html#freshening.responses, // and assuming a single cached response per key: // If the 304 response contains a strong validator (etag) that does not match the cached response, // the cached response should not be updated. const Http::HeaderEntry* response_etag = response_headers.getInline(etag_handle.handle()); const Http::HeaderEntry* cached_etag = lookup_result_->headers_->getInline(etag_handle.handle()); return !response_etag || (cached_etag && cached_etag->value().getStringView() == response_etag->value().getStringView()); } void CacheFilter::injectValidationHeaders(Http::RequestHeaderMap& request_headers) { ASSERT(lookup_result_, "injectValidationHeaders precondition unsatisfied: lookup_result_ " "does not point to a cache lookup result"); ASSERT(filter_state_ == FilterState::ValidatingCachedResponse, "injectValidationHeaders precondition unsatisfied: the " "CacheFilter is not validating a cache lookup result"); const Http::HeaderEntry* etag_header = lookup_result_->headers_->getInline(etag_handle.handle()); const Http::HeaderEntry* last_modified_header = lookup_result_->headers_->getInline(last_modified_handle.handle()); if (etag_header) { absl::string_view etag = etag_header->value().getStringView(); request_headers.setInline(if_none_match_handle.handle(), etag); } if (DateUtil::timePointValid(CacheHeadersUtils::httpTime(last_modified_header))) { // Valid Last-Modified header exists. absl::string_view last_modified = last_modified_header->value().getStringView(); request_headers.setInline(if_modified_since_handle.handle(), last_modified); } else { // Either Last-Modified is missing or invalid, fallback to Date. // A correct behaviour according to: // https://httpwg.org/specs/rfc7232.html#header.if-modified-since absl::string_view date = lookup_result_->headers_->getDateValue(); request_headers.setInline(if_modified_since_handle.handle(), date); } } void CacheFilter::encodeCachedResponse() { ASSERT(lookup_result_, "encodeCachedResponse precondition unsatisfied: lookup_result_ " "does not point to a cache lookup result"); response_has_trailers_ = lookup_result_->has_trailers_; const bool end_stream = (lookup_result_->content_length_ == 0 && !response_has_trailers_); // Set appropriate response flags and codes. Http::StreamFilterCallbacks* callbacks = filter_state_ == FilterState::DecodeServingFromCache ? static_cast(decoder_callbacks_) : static_cast(encoder_callbacks_); callbacks->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::ResponseFromCacheFilter); callbacks->streamInfo().setResponseCodeDetails( CacheResponseCodeDetails::get().ResponseFromCacheFilter); // If the filter is encoding, 304 response headers and cached headers are merged in encodeHeaders. // If the filter is decoding, we need to serve response headers from cache directly. if (filter_state_ == FilterState::DecodeServingFromCache) { decoder_callbacks_->encodeHeaders(std::move(lookup_result_->headers_), end_stream, CacheResponseCodeDetails::get().ResponseFromCacheFilter); } if (lookup_result_->content_length_ > 0) { // No range has been added, so we add entire body to the response. if (remaining_ranges_.empty()) { remaining_ranges_.emplace_back(0, lookup_result_->content_length_); } getBody(); } else if (response_has_trailers_) { getTrailers(); } } void CacheFilter::finalizeEncodingCachedResponse() { if (filter_state_ == FilterState::EncodeServingFromCache) { // encodeHeaders returned StopIteration waiting for finishing encoding the cached response -- // continue encoding. encoder_callbacks_->continueEncoding(); } filter_state_ = FilterState::ResponseServedFromCache; } } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/cache_filter.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "common/common/logger.h" #include "extensions/filters/http/cache/cache_headers_utils.h" #include "extensions/filters/http/cache/http_cache.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { /** * A filter that caches responses and attempts to satisfy requests from cache. */ class CacheFilter : public Http::PassThroughFilter, public Logger::Loggable, public std::enable_shared_from_this { public: CacheFilter(const envoy::extensions::filters::http::cache::v3alpha::CacheConfig& config, const std::string& stats_prefix, Stats::Scope& scope, TimeSource& time_source, HttpCache& http_cache); // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& buffer, bool end_stream) override; private: // Utility functions; make any necessary checks and call the corresponding lookup_ functions void getHeaders(Http::RequestHeaderMap& request_headers); void getBody(); void getTrailers(); // Callbacks for HttpCache to call when headers/body/trailers are ready. void onHeaders(LookupResult&& result, Http::RequestHeaderMap& request_headers); void onBody(Buffer::InstancePtr&& body); void onTrailers(Http::ResponseTrailerMapPtr&& trailers); // Precondition: lookup_result_ points to a cache lookup result that requires validation. // filter_state_ is ValidatingCachedResponse. // Serves a validated cached response after updating it with a 304 response. void processSuccessfulValidation(Http::ResponseHeaderMap& response_headers); // Precondition: lookup_result_ points to a cache lookup result that requires validation. // filter_state_ is ValidatingCachedResponse. // Checks if a cached entry should be updated with a 304 response. bool shouldUpdateCachedEntry(const Http::ResponseHeaderMap& response_headers) const; // Precondition: lookup_result_ points to a cache lookup result that requires validation. // Should only be called during onHeaders as it modifies RequestHeaderMap. // Adds required conditional headers for cache validation to the request headers // according to the present cache lookup result headers. void injectValidationHeaders(Http::RequestHeaderMap& request_headers); // Precondition: lookup_result_ points to a fresh or validated cache look up result. // Adds a cache lookup result to the response encoding stream. // Can be called during decoding if a valid cache hit is found, // or during encoding if a cache entry was validated successfully. void encodeCachedResponse(); // Precondition: finished adding a response from cache to the response encoding stream. // Updates filter_state_ and continues the encoding stream if necessary. void finalizeEncodingCachedResponse(); TimeSource& time_source_; HttpCache& cache_; LookupContextPtr lookup_; InsertContextPtr insert_; LookupResultPtr lookup_result_; // Tracks what body bytes still need to be read from the cache. This is // currently only one Range, but will expand when full range support is added. Initialized by // onHeaders for Range Responses, otherwise initialized by encodeCachedResponse. std::vector remaining_ranges_; // TODO(#12901): The allow list could be constructed only once directly from the config, instead // of doing it per-request. A good example of such config is found in the gzip filter: // source/extensions/filters/http/gzip/gzip_filter.h. // Stores the allow list rules that decide if a header can be varied upon. VaryHeader vary_allow_list_; // True if the response has trailers. // TODO(toddmgreer): cache trailers. bool response_has_trailers_ = false; // True if a request allows cache inserts according to: // https://httpwg.org/specs/rfc7234.html#response.cacheability bool request_allows_inserts_ = false; enum class FilterState { Initial, // Cache lookup found a cached response that requires validation ValidatingCachedResponse, // Cache lookup found a fresh cached response and it is being added to the encoding stream. DecodeServingFromCache, // A cached response was successfully validated and it is being added to the encoding stream EncodeServingFromCache, // The cached response was successfully added to the encoding stream (either during decoding or // encoding). ResponseServedFromCache, // CacheFilter::onDestroy has been called, the filter will be destroyed soon. Any triggered // callbacks should be ignored. Destroyed }; FilterState filter_state_ = FilterState::Initial; }; using CacheFilterSharedPtr = std::shared_ptr; using CacheFilterWeakPtr = std::weak_ptr; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/cache_headers_utils.cc ================================================ #include "extensions/filters/http/cache/cache_headers_utils.h" #include #include #include #include "envoy/http/header_map.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "extensions/filters/http/cache/inline_headers_handles.h" #include "absl/algorithm/container.h" #include "absl/strings/ascii.h" #include "absl/strings/numbers.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { // Utility functions used in RequestCacheControl & ResponseCacheControl. namespace { // A directive with an invalid duration is ignored, the RFC does not specify a behavior: // https://httpwg.org/specs/rfc7234.html#delta-seconds OptionalDuration parseDuration(absl::string_view s) { OptionalDuration duration; // Strip quotation marks if any. if (s.size() > 1 && s.front() == '"' && s.back() == '"') { s = s.substr(1, s.size() - 2); } long num; if (absl::SimpleAtoi(s, &num) && num >= 0) { // s is a valid string of digits representing a positive number. duration = Seconds(num); } return duration; } inline std::pair separateDirectiveAndArgument(absl::string_view full_directive) { return absl::StrSplit(absl::StripAsciiWhitespace(full_directive), absl::MaxSplits('=', 1)); } } // namespace // The grammar for This Cache-Control header value should be: // Cache-Control = 1#cache-directive // cache-directive = token [ "=" ( token / quoted-string ) ] // token = 1*tchar // tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" // / "-" / "." / "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA // quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE // qdtext = HTAB / SP /%x21 / %x23-5B / %x5D-7E / obs-text // obs-text = %x80-FF // quoted-pair = "\" ( HTAB / SP / VCHAR / obs-text ) // VCHAR = %x21-7E ; visible (printing) characters // Multiple directives are comma separated according to: // https://httpwg.org/specs/rfc7234.html#collected.abnf RequestCacheControl::RequestCacheControl(absl::string_view cache_control_header) { const std::vector directives = absl::StrSplit(cache_control_header, ','); for (auto full_directive : directives) { absl::string_view directive, argument; std::tie(directive, argument) = separateDirectiveAndArgument(full_directive); if (directive == "no-cache") { must_validate_ = true; } else if (directive == "no-store") { no_store_ = true; } else if (directive == "no-transform") { no_transform_ = true; } else if (directive == "only-if-cached") { only_if_cached_ = true; } else if (directive == "max-age") { max_age_ = parseDuration(argument); } else if (directive == "min-fresh") { min_fresh_ = parseDuration(argument); } else if (directive == "max-stale") { max_stale_ = argument.empty() ? SystemTime::duration::max() : parseDuration(argument); } } } ResponseCacheControl::ResponseCacheControl(absl::string_view cache_control_header) { const std::vector directives = absl::StrSplit(cache_control_header, ','); for (auto full_directive : directives) { absl::string_view directive, argument; std::tie(directive, argument) = separateDirectiveAndArgument(full_directive); if (directive == "no-cache") { // If no-cache directive has arguments they are ignored - not handled. must_validate_ = true; } else if (directive == "must-revalidate" || directive == "proxy-revalidate") { no_stale_ = true; } else if (directive == "no-store" || directive == "private") { // If private directive has arguments they are ignored - not handled. no_store_ = true; } else if (directive == "no-transform") { no_transform_ = true; } else if (directive == "public") { is_public_ = true; } else if (directive == "s-maxage") { max_age_ = parseDuration(argument); } else if (!max_age_.has_value() && directive == "max-age") { max_age_ = parseDuration(argument); } } } bool operator==(const RequestCacheControl& lhs, const RequestCacheControl& rhs) { return (lhs.must_validate_ == rhs.must_validate_) && (lhs.no_store_ == rhs.no_store_) && (lhs.no_transform_ == rhs.no_transform_) && (lhs.only_if_cached_ == rhs.only_if_cached_) && (lhs.max_age_ == rhs.max_age_) && (lhs.min_fresh_ == rhs.min_fresh_) && (lhs.max_stale_ == rhs.max_stale_); } bool operator==(const ResponseCacheControl& lhs, const ResponseCacheControl& rhs) { return (lhs.must_validate_ == rhs.must_validate_) && (lhs.no_store_ == rhs.no_store_) && (lhs.no_transform_ == rhs.no_transform_) && (lhs.no_stale_ == rhs.no_stale_) && (lhs.is_public_ == rhs.is_public_) && (lhs.max_age_ == rhs.max_age_); } SystemTime CacheHeadersUtils::httpTime(const Http::HeaderEntry* header_entry) { if (!header_entry) { return {}; } absl::Time time; const std::string input(header_entry->value().getStringView()); // Acceptable Date/Time Formats per: // https://tools.ietf.org/html/rfc7231#section-7.1.1.1 // // Sun, 06 Nov 1994 08:49:37 GMT ; IMF-fixdate. // Sunday, 06-Nov-94 08:49:37 GMT ; obsolete RFC 850 format. // Sun Nov 6 08:49:37 1994 ; ANSI C's asctime() format. static const char* rfc7231_date_formats[] = {"%a, %d %b %Y %H:%M:%S GMT", "%A, %d-%b-%y %H:%M:%S GMT", "%a %b %e %H:%M:%S %Y"}; for (const std::string& format : rfc7231_date_formats) { if (absl::ParseTime(format, input, &time, nullptr)) { return ToChronoTime(time); } } return {}; } Seconds CacheHeadersUtils::calculateAge(const Http::ResponseHeaderMap& response_headers, const SystemTime response_time, const SystemTime now) { // Age headers calculations follow: https://httpwg.org/specs/rfc7234.html#age.calculations const SystemTime date_value = CacheHeadersUtils::httpTime(response_headers.Date()); long age_value; const absl::string_view age_header = response_headers.getInlineValue(age_handle.handle()); if (!absl::SimpleAtoi(age_header, &age_value)) { age_value = 0; } const SystemTime::duration apparent_age = std::max(SystemTime::duration(0), response_time - date_value); // Assumption: response_delay is negligible -> corrected_age_value = age_value. const SystemTime::duration corrected_age_value = Seconds(age_value); const SystemTime::duration corrected_initial_age = std::max(apparent_age, corrected_age_value); // Calculate current_age: const SystemTime::duration resident_time = now - response_time; const SystemTime::duration current_age = corrected_initial_age + resident_time; return std::chrono::duration_cast(current_age); } absl::optional CacheHeadersUtils::readAndRemoveLeadingDigits(absl::string_view& str) { uint64_t val = 0; uint32_t bytes_consumed = 0; for (const char cur : str) { if (!absl::ascii_isdigit(cur)) { break; } uint64_t new_val = (val * 10) + (cur - '0'); if (new_val / 8 < val) { // Overflow occurred return absl::nullopt; } val = new_val; ++bytes_consumed; } if (bytes_consumed) { // Consume some digits str.remove_prefix(bytes_consumed); return val; } return absl::nullopt; } void CacheHeadersUtils::getAllMatchingHeaderNames( const Http::HeaderMap& headers, const std::vector& ruleset, absl::flat_hash_set& out) { headers.iterate([&ruleset, &out](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { absl::string_view header_name = header.key().getStringView(); for (const auto& rule : ruleset) { if (rule->match(header_name)) { out.emplace(header_name); break; } } return Http::HeaderMap::Iterate::Continue; }); } std::vector CacheHeadersUtils::parseCommaDelimitedList(const Http::HeaderEntry* entry) { if (!entry) { return {}; } std::vector header_values = absl::StrSplit(entry->value().getStringView(), ','); for (std::string& value : header_values) { // TODO(cbdm): Might be able to improve the performance here by using StringUtil::trim to // remove whitespace. absl::StripAsciiWhitespace(&value); } return header_values; } VaryHeader::VaryHeader( const Protobuf::RepeatedPtrField& allow_list) { for (const auto& rule : allow_list) { allow_list_.emplace_back(std::make_unique(rule)); } } bool VaryHeader::isAllowed(const Http::ResponseHeaderMap& headers) const { if (!VaryHeader::hasVary(headers)) { return true; } std::vector varied_headers = CacheHeadersUtils::parseCommaDelimitedList(headers.get(Http::Headers::get().Vary)); for (const std::string& header : varied_headers) { bool valid = false; // "Vary: *" should never be cached per: // https://tools.ietf.org/html/rfc7231#section-7.1.4 if (header == "*") { return false; } for (const auto& rule : allow_list_) { if (rule->match(header)) { valid = true; break; } } if (!valid) { return false; } } return true; } bool VaryHeader::hasVary(const Http::ResponseHeaderMap& headers) { const Http::HeaderEntry* vary_header = headers.get(Http::Headers::get().Vary); return vary_header != nullptr && !vary_header->value().empty(); } namespace { // The separator characters are used to create the vary-key, and must be characters that are // invalid to be inside values and header names. The chosen characters are invalid per: // https://tools.ietf.org/html/rfc2616#section-4.2. // Used to separate the values of different headers. constexpr absl::string_view header_separator = "\n"; // Used to separate multiple values of a same header. constexpr absl::string_view in_value_separator = "\r"; }; // namespace std::string VaryHeader::createVaryKey(const Http::HeaderEntry* vary_header, const Http::RequestHeaderMap& entry_headers) { if (vary_header == nullptr) { return ""; } ASSERT(vary_header->key() == "vary"); std::string vary_key = "vary-key\n"; for (const std::string& header : CacheHeadersUtils::parseCommaDelimitedList(vary_header)) { // TODO(cbdm): Can add some bucketing logic here based on header. For example, we could // normalize the values for accept-language by making all of {en-CA, en-GB, en-US} into // "en". This way we would not need to store multiple versions of the same payload, and any // of those values would find the payload in the requested language. Another example would be to // bucket UserAgent values into android/ios/desktop; UserAgent::initializeFromHeaders tries to // do that normalization and could be used as an inspiration for some bucketing configuration. // The config should enable and control the bucketing wanted. std::vector header_values; Http::HeaderUtility::getAllOfHeader(entry_headers, header, header_values); absl::StrAppend(&vary_key, header, in_value_separator, absl::StrJoin(header_values, in_value_separator), header_separator); } return vary_key; } Http::RequestHeaderMapPtr VaryHeader::possibleVariedHeaders(const Http::RequestHeaderMap& request_headers) const { Http::RequestHeaderMapPtr possible_headers = Http::createHeaderMap({}); absl::flat_hash_set header_names; CacheHeadersUtils::getAllMatchingHeaderNames(request_headers, allow_list_, header_names); for (const absl::string_view& header : header_names) { std::vector values; Http::HeaderUtility::getAllOfHeader(request_headers, header, values); for (const absl::string_view& value : values) { possible_headers->addCopy(Http::LowerCaseString(std::string{header}), value); } } return possible_headers; } } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/cache_headers_utils.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/http/header_map.h" #include "common/common/matchers.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/protobuf/protobuf.h" #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" #include "absl/time/time.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { using OptionalDuration = absl::optional; // According to: https://httpwg.org/specs/rfc7234.html#cache-request-directive struct RequestCacheControl { RequestCacheControl() = default; explicit RequestCacheControl(absl::string_view cache_control_header); // must_validate is true if 'no-cache' directive is present // A cached response must not be served without successful validation with the origin bool must_validate_ = false; // The response to this request must not be cached (stored) bool no_store_ = false; // 'no-transform' directive is not used now // No transformations should be done to the response of this request, as defined by: // https://httpwg.org/specs/rfc7230.html#message.transformations bool no_transform_ = false; // 'only-if-cached' directive is not used now // The request should be satisfied using a cached response, or respond with 504 (Gateway Error) bool only_if_cached_ = false; // The client is unwilling to receive a cached response whose age exceeds the max-age OptionalDuration max_age_; // The client is unwilling to received a cached response that satisfies: // expiration_time - now < min-fresh OptionalDuration min_fresh_; // The client is willing to receive a stale response that satisfies: // now - expiration_time < max-stale // If max-stale has no value then the client is willing to receive any stale response OptionalDuration max_stale_; }; // According to: https://httpwg.org/specs/rfc7234.html#cache-response-directive struct ResponseCacheControl { ResponseCacheControl() = default; explicit ResponseCacheControl(absl::string_view cache_control_header); // must_validate is true if 'no-cache' directive is present; arguments are ignored for now // This response must not be used to satisfy subsequent requests without successful validation // with the origin bool must_validate_ = false; // no_store is true if any of 'no-store' or 'private' directives is present. // 'private' arguments are ignored for now so it is equivalent to 'no-store' // This response must not be cached (stored) bool no_store_ = false; // 'no-transform' directive is not used now // No transformations should be done to this response , as defined by: // https://httpwg.org/specs/rfc7230.html#message.transformations bool no_transform_ = false; // no_stale is true if any of 'must-revalidate' or 'proxy-revalidate' directives is present // This response must not be served stale without successful validation with the origin bool no_stale_ = false; // 'public' directive is not used now // This response may be stored, even if the response would normally be non-cacheable or cacheable // only within a private cache, see: // https://httpwg.org/specs/rfc7234.html#cache-response-directive.public bool is_public_ = false; // max_age is set if to 's-maxage' if present, if not it is set to 'max-age' if present. // Indicates the maximum time after which this response will be considered stale OptionalDuration max_age_; }; bool operator==(const RequestCacheControl& lhs, const RequestCacheControl& rhs); bool operator==(const ResponseCacheControl& lhs, const ResponseCacheControl& rhs); class CacheHeadersUtils { public: // Parses header_entry as an HTTP time. Returns SystemTime() if // header_entry is null or malformed. static SystemTime httpTime(const Http::HeaderEntry* header_entry); // Calculates the age of a cached response static Seconds calculateAge(const Http::ResponseHeaderMap& response_headers, SystemTime response_time, SystemTime now); /** * Read a leading positive decimal integer value and advance "*str" past the * digits read. If overflow occurs, or no digits exist, return * absl::nullopt without advancing "*str". */ static absl::optional readAndRemoveLeadingDigits(absl::string_view& str); // Add to out all header names from the given map that match any of the given rules. static void getAllMatchingHeaderNames(const Http::HeaderMap& headers, const std::vector& ruleset, absl::flat_hash_set& out); // Parses the values of a comma-delimited list as defined per // https://tools.ietf.org/html/rfc7230#section-7. static std::vector parseCommaDelimitedList(const Http::HeaderEntry* entry); }; class VaryHeader { public: // Checks if the headers contain a non-empty value in the Vary header. static bool hasVary(const Http::ResponseHeaderMap& headers); // Creates a single string combining the values of the varied headers from entry_headers. static std::string createVaryKey(const Http::HeaderEntry* vary_header, const Http::RequestHeaderMap& entry_headers); // Parses the allow list from the Cache Config into the object's private allow_list_. VaryHeader(const Protobuf::RepeatedPtrField& allow_list); // Checks if the headers contain an allowed value in the Vary header. bool isAllowed(const Http::ResponseHeaderMap& headers) const; // Returns a header map containing the subset of the original headers that can be varied from the // request. Http::RequestHeaderMapPtr possibleVariedHeaders(const Http::RequestHeaderMap& request_headers) const; private: // Stores the matching rules that define whether a header is allowed to be varied. std::vector allow_list_; }; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/cacheability_utils.cc ================================================ #include "extensions/filters/http/cache/cacheability_utils.h" #include "envoy/http/header_map.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "extensions/filters/http/cache/inline_headers_handles.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { namespace { const absl::flat_hash_set& cacheableStatusCodes() { // As defined by: // https://tools.ietf.org/html/rfc7231#section-6.1, // https://tools.ietf.org/html/rfc7538#section-3, // https://tools.ietf.org/html/rfc7725#section-3 // TODO(yosrym93): the list of cacheable status codes should be configurable. CONSTRUCT_ON_FIRST_USE(absl::flat_hash_set, "200", "203", "204", "206", "300", "301", "308", "404", "405", "410", "414", "451", "501"); } const std::vector& conditionalHeaders() { // As defined by: https://httpwg.org/specs/rfc7232.html#preconditions. CONSTRUCT_ON_FIRST_USE( std::vector, &Http::CustomHeaders::get().IfMatch, &Http::CustomHeaders::get().IfNoneMatch, &Http::CustomHeaders::get().IfModifiedSince, &Http::CustomHeaders::get().IfUnmodifiedSince, &Http::CustomHeaders::get().IfRange); } } // namespace bool CacheabilityUtils::isCacheableRequest(const Http::RequestHeaderMap& headers) { const absl::string_view method = headers.getMethodValue(); const absl::string_view forwarded_proto = headers.getForwardedProtoValue(); const Http::HeaderValues& header_values = Http::Headers::get(); // Check if the request contains any conditional headers. // For now, requests with conditional headers bypass the CacheFilter. // This behavior does not cause any incorrect results, but may reduce the cache effectiveness. // If needed to be handled properly refer to: // https://httpwg.org/specs/rfc7234.html#validation.received for (auto conditional_header : conditionalHeaders()) { if (headers.get(*conditional_header)) { return false; } } // TODO(toddmgreer): Also serve HEAD requests from cache. // Cache-related headers are checked in HttpCache::LookupRequest. return headers.Path() && headers.Host() && !headers.getInline(authorization_handle.handle()) && (method == header_values.MethodValues.Get) && (forwarded_proto == header_values.SchemeValues.Http || forwarded_proto == header_values.SchemeValues.Https); } bool CacheabilityUtils::isCacheableResponse(const Http::ResponseHeaderMap& headers, const VaryHeader& vary_allow_list) { absl::string_view cache_control = headers.getInlineValue(response_cache_control_handle.handle()); ResponseCacheControl response_cache_control(cache_control); // Only cache responses with enough data to calculate freshness lifetime as per: // https://httpwg.org/specs/rfc7234.html#calculating.freshness.lifetime. // Either: // "no-cache" cache-control directive (requires revalidation anyway). // "max-age" or "s-maxage" cache-control directives. // Both "Expires" and "Date" headers. const bool has_validation_data = response_cache_control.must_validate_ || response_cache_control.max_age_.has_value() || (headers.Date() && headers.getInline(expires_handle.handle())); return !response_cache_control.no_store_ && cacheableStatusCodes().contains((headers.getStatusValue())) && has_validation_data && vary_allow_list.isAllowed(headers); } } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/cacheability_utils.h ================================================ #pragma once #include "common/common/utility.h" #include "common/http/headers.h" #include "extensions/filters/http/cache/cache_headers_utils.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { class CacheabilityUtils { public: // Checks if a request can be served from cache. // This does not depend on cache-control headers as // request cache-control headers only decide whether // validation is required and whether the response can be cached. static bool isCacheableRequest(const Http::RequestHeaderMap& headers); // Checks if a response can be stored in cache. // Note that if a request is not cacheable according to 'isCacheableRequest' // then its response is also not cacheable. // Therefore, isCacheableRequest, isCacheableResponse and CacheFilter::request_allows_inserts_ // together should cover https://httpwg.org/specs/rfc7234.html#response.cacheability. static bool isCacheableResponse(const Http::ResponseHeaderMap& headers, const VaryHeader& vary_allow_list); }; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/config.cc ================================================ #include "extensions/filters/http/cache/config.h" #include "extensions/filters/http/cache/cache_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { Http::FilterFactoryCb CacheFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cache::v3alpha::CacheConfig& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { const std::string type{TypeUtil::typeUrlToDescriptorFullName(config.typed_config().type_url())}; HttpCacheFactory* const http_cache_factory = Registry::FactoryRegistry::getFactoryByType(type); if (http_cache_factory == nullptr) { throw EnvoyException( fmt::format("Didn't find a registered implementation for type: '{}'", type)); } return [config, stats_prefix, &context, http_cache_factory](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(config, stats_prefix, context.scope(), context.timeSource(), http_cache_factory->getCache(config))); }; } REGISTER_FACTORY(CacheFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { class CacheFilterFactory : public Common::FactoryBase { public: CacheFilterFactory() : FactoryBase(HttpFilterNames::get().Cache) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cache::v3alpha::CacheConfig& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/http_cache.cc ================================================ #include "extensions/filters/http/cache/http_cache.h" #include #include #include #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/cache/cache_headers_utils.h" #include "extensions/filters/http/cache/inline_headers_handles.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" #include "absl/time/time.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { LookupRequest::LookupRequest(const Http::RequestHeaderMap& request_headers, SystemTime timestamp, const VaryHeader& vary_allow_list) : timestamp_(timestamp) { // These ASSERTs check prerequisites. A request without these headers can't be looked up in cache; // CacheFilter doesn't create LookupRequests for such requests. ASSERT(request_headers.Path(), "Can't form cache lookup key for malformed Http::RequestHeaderMap " "with null Path."); ASSERT( request_headers.ForwardedProto(), "Can't form cache lookup key for malformed Http::RequestHeaderMap with null ForwardedProto."); ASSERT(request_headers.Host(), "Can't form cache lookup key for malformed Http::RequestHeaderMap " "with null Host."); const Http::HeaderString& forwarded_proto = request_headers.ForwardedProto()->value(); const auto& scheme_values = Http::Headers::get().SchemeValues; ASSERT(forwarded_proto == scheme_values.Http || forwarded_proto == scheme_values.Https); initializeRequestCacheControl(request_headers); // TODO(toddmgreer): Let config determine whether to include forwarded_proto, host, and // query params. // TODO(toddmgreer): get cluster name. if (request_headers.getMethodValue() == Http::Headers::get().MethodValues.Get) { // TODO(cbdm): using a constant limit of 1 range since we don't support multi-part responses nor // coalesce multiple overlapping ranges. Could make this into a parameter based on config. const int RangeSpecifierLimit = 1; request_range_spec_ = RangeRequests::parseRanges(request_headers, RangeSpecifierLimit); } key_.set_cluster_name("cluster_name_goes_here"); key_.set_host(std::string(request_headers.getHostValue())); key_.set_path(std::string(request_headers.getPathValue())); key_.set_clear_http(forwarded_proto == scheme_values.Http); vary_headers_ = vary_allow_list.possibleVariedHeaders(request_headers); } // Unless this API is still alpha, calls to stableHashKey() must always return // the same result, or a way must be provided to deal with a complete cache // flush. localHashKey however, can be changed at will. size_t stableHashKey(const Key& key) { return MessageUtil::hash(key); } size_t localHashKey(const Key& key) { return stableHashKey(key); } void LookupRequest::initializeRequestCacheControl(const Http::RequestHeaderMap& request_headers) { const absl::string_view cache_control = request_headers.getInlineValue(request_cache_control_handle.handle()); const absl::string_view pragma = request_headers.getInlineValue(pragma_handle.handle()); if (!cache_control.empty()) { request_cache_control_ = RequestCacheControl(cache_control); } else { // According to: https://httpwg.org/specs/rfc7234.html#header.pragma, // when Cache-Control header is missing, "Pragma:no-cache" is equivalent to // "Cache-Control:no-cache". Any other directives are ignored. request_cache_control_.must_validate_ = RequestCacheControl(pragma).must_validate_; } } bool LookupRequest::requiresValidation(const Http::ResponseHeaderMap& response_headers, SystemTime::duration response_age) const { // TODO(yosrym93): Store parsed response cache-control in cache instead of parsing it on every // lookup. const absl::string_view cache_control = response_headers.getInlineValue(response_cache_control_handle.handle()); const ResponseCacheControl response_cache_control(cache_control); const bool request_max_age_exceeded = request_cache_control_.max_age_.has_value() && request_cache_control_.max_age_.value() < response_age; if (response_cache_control.must_validate_ || request_cache_control_.must_validate_ || request_max_age_exceeded) { // Either the request or response explicitly require validation, or a request max-age // requirement is not satisfied. return true; } // CacheabilityUtils::isCacheableResponse(..) guarantees that any cached response satisfies this. ASSERT(response_cache_control.max_age_.has_value() || (response_headers.getInline(expires_handle.handle()) && response_headers.Date()), "Cache entry does not have valid expiration data."); SystemTime::duration freshness_lifetime; if (response_cache_control.max_age_.has_value()) { freshness_lifetime = response_cache_control.max_age_.value(); } else { const SystemTime expires_value = CacheHeadersUtils::httpTime(response_headers.getInline(expires_handle.handle())); const SystemTime date_value = CacheHeadersUtils::httpTime(response_headers.Date()); freshness_lifetime = expires_value - date_value; } if (response_age > freshness_lifetime) { // Response is stale, requires validation if // the response does not allow being served stale, // or the request max-stale directive does not allow it. const bool allowed_by_max_stale = request_cache_control_.max_stale_.has_value() && request_cache_control_.max_stale_.value() > response_age - freshness_lifetime; return response_cache_control.no_stale_ || !allowed_by_max_stale; } else { // Response is fresh, requires validation only if there is an unsatisfied min-fresh requirement. const bool min_fresh_unsatisfied = request_cache_control_.min_fresh_.has_value() && request_cache_control_.min_fresh_.value() > freshness_lifetime - response_age; return min_fresh_unsatisfied; } } LookupResult LookupRequest::makeLookupResult(Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, uint64_t content_length) const { // TODO(toddmgreer): Implement all HTTP caching semantics. ASSERT(response_headers); LookupResult result; // Assumption: Cache lookup time is negligible. Therefore, now == timestamp_ const Seconds age = CacheHeadersUtils::calculateAge(*response_headers, metadata.response_time_, timestamp_); response_headers->setInline(age_handle.handle(), std::to_string(age.count())); result.cache_entry_status_ = requiresValidation(*response_headers, age) ? CacheEntryStatus::RequiresValidation : CacheEntryStatus::Ok; result.headers_ = std::move(response_headers); result.content_length_ = content_length; if (!adjustByteRangeSet(result.response_ranges_, request_range_spec_, content_length)) { result.cache_entry_status_ = CacheEntryStatus::NotSatisfiableRange; } else if (!result.response_ranges_.empty()) { result.cache_entry_status_ = CacheEntryStatus::SatisfiableRange; } result.has_trailers_ = false; return result; } bool adjustByteRangeSet(std::vector& response_ranges, const std::vector& request_range_spec, uint64_t content_length) { if (request_range_spec.empty()) { // No range header, so the request can proceed. return true; } if (content_length == 0) { // There is a range header, but it's unsatisfiable. return false; } for (const RawByteRange& spec : request_range_spec) { if (spec.isSuffix()) { // spec is a suffix-byte-range-spec. if (spec.suffixLength() == 0) { // This range is unsatisfiable, so skip it. continue; } if (spec.suffixLength() >= content_length) { // All bytes are being requested, so we may as well send a '200 // OK' response. response_ranges.clear(); return true; } response_ranges.emplace_back(content_length - spec.suffixLength(), content_length); } else { // spec is a byte-range-spec if (spec.firstBytePos() >= content_length) { // This range is unsatisfiable, so skip it. continue; } if (spec.lastBytePos() >= content_length - 1) { if (spec.firstBytePos() == 0) { // All bytes are being requested, so we may as well send a '200 // OK' response. response_ranges.clear(); return true; } response_ranges.emplace_back(spec.firstBytePos(), content_length); } else { response_ranges.emplace_back(spec.firstBytePos(), spec.lastBytePos() + 1); } } } if (response_ranges.empty()) { // All ranges were unsatisfiable. return false; } return true; } std::vector RangeRequests::parseRanges(const Http::RequestHeaderMap& request_headers, uint64_t max_byte_range_specs) { // Makes sure we have a GET request, as Range headers are only valid with this type of request. const absl::string_view method = request_headers.getMethodValue(); ASSERT(method == Http::Headers::get().MethodValues.Get); // Multiple instances of range headers are invalid. // https://tools.ietf.org/html/rfc7230#section-3.2.2 std::vector range_headers; Http::HeaderUtility::getAllOfHeader(request_headers, Http::Headers::get().Range.get(), range_headers); absl::string_view header_value; if (range_headers.size() == 1) { header_value = range_headers.front(); } else { if (range_headers.size() > 1) { ENVOY_LOG(debug, "Multiple range headers provided in request. Ignoring all range headers."); } return {}; } if (!absl::ConsumePrefix(&header_value, "bytes=")) { ENVOY_LOG(debug, "Invalid range header. range-unit not correctly specified, only 'bytes' " "supported. Ignoring range header."); return {}; } std::vector ranges = absl::StrSplit(header_value, absl::MaxSplits(',', max_byte_range_specs)); if (ranges.size() > max_byte_range_specs) { ENVOY_LOG(debug, "There are more ranges than allowed by the byte range parse limit ({}). Ignoring " "range header.", max_byte_range_specs); return {}; } std::vector parsed_ranges; for (absl::string_view cur_range : ranges) { absl::optional first = CacheHeadersUtils::readAndRemoveLeadingDigits(cur_range); if (!absl::ConsumePrefix(&cur_range, "-")) { ENVOY_LOG(debug, "Invalid format for range header: missing range-end. Ignoring range header."); return {}; } absl::optional last = CacheHeadersUtils::readAndRemoveLeadingDigits(cur_range); if (!cur_range.empty()) { ENVOY_LOG(debug, "Unexpected characters after byte range in range header. Ignoring range header."); return {}; } if (!first && !last) { ENVOY_LOG(debug, "Invalid format for range header: missing first-byte-pos AND last-byte-pos; " "at least one of them is required. Ignoring range header."); return {}; } // Handle suffix range (e.g., -123). if (!first) { first = std::numeric_limits::max(); } // Handle optional range-end (e.g., 123-). if (!last) { last = std::numeric_limits::max(); } if (first != std::numeric_limits::max() && first > last) { ENVOY_LOG(debug, "Invalid format for range header: range-start and range-end out of order. " "Ignoring range header."); return {}; } parsed_ranges.push_back(RawByteRange(first.value(), last.value())); } return parsed_ranges; } } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/http_cache.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/time.h" #include "envoy/config/typed_config.h" #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/http/header_map.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "source/extensions/filters/http/cache/key.pb.h" #include "extensions/filters/http/cache/cache_headers_utils.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { // Whether a given cache entry is good for the current request. enum class CacheEntryStatus { // This entry is fresh, and an appropriate response to the request. Ok, // No usable entry was found. If this was generated for a cache entry, the // cache should delete that entry. Unusable, // This entry is stale, but appropriate for validating RequiresValidation, // This entry is fresh, and an appropriate basis for a 304 Not Modified // response. FoundNotModified, // This entry is fresh, but cannot satisfy the requested range(s). NotSatisfiableRange, // This entry is fresh, and can satisfy the requested range(s). SatisfiableRange, }; // Byte range from an HTTP request. class RawByteRange { public: // - If first==UINT64_MAX, construct a RawByteRange requesting the final last body bytes. // - Otherwise, construct a RawByteRange requesting the [first,last] body bytes. // Prereq: first == UINT64_MAX || first <= last // Invariant: isSuffix() || firstBytePos() <= lastBytePos // Examples: RawByteRange(0,4) requests the first 5 bytes. // RawByteRange(UINT64_MAX,4) requests the last 4 bytes. RawByteRange(uint64_t first, uint64_t last) : first_byte_pos_(first), last_byte_pos_(last) { ASSERT(isSuffix() || first <= last, "Illegal byte range."); } bool isSuffix() const { return first_byte_pos_ == UINT64_MAX; } uint64_t firstBytePos() const { ASSERT(!isSuffix()); return first_byte_pos_; } uint64_t lastBytePos() const { ASSERT(!isSuffix()); return last_byte_pos_; } uint64_t suffixLength() const { ASSERT(isSuffix()); return last_byte_pos_; } private: const uint64_t first_byte_pos_; const uint64_t last_byte_pos_; }; class RangeRequests : Logger::Loggable { public: // Parses the ranges from the request headers into a vector. // max_byte_range_specs defines how many byte ranges can be parsed from the header value. // If there is no range header, multiple range headers, the header value is malformed, or there // are more ranges than max_byte_range_specs, returns an empty vector. static std::vector parseRanges(const Http::RequestHeaderMap& request_headers, uint64_t max_byte_range_specs); }; // Byte range from an HTTP request, adjusted for a known response body size, and converted from an // HTTP-style closed interval to a C++ style half-open interval. class AdjustedByteRange { public: // Construct an AdjustedByteRange representing the [first,last) bytes in the // response body. Prereq: first <= last Invariant: begin() <= end() // Example: AdjustedByteRange(0,4) represents the first 4 bytes. AdjustedByteRange(uint64_t first, uint64_t last) : first_(first), last_(last) { ASSERT(first < last, "Illegal byte range."); } uint64_t begin() const { return first_; } // Unlike RawByteRange, end() is one past the index of the last offset. uint64_t end() const { return last_; } uint64_t length() const { return last_ - first_; } void trimFront(uint64_t n) { ASSERT(n <= length(), "Attempt to trim too much from range."); first_ += n; } private: uint64_t first_; uint64_t last_; }; inline bool operator==(const AdjustedByteRange& lhs, const AdjustedByteRange& rhs) { return lhs.begin() == rhs.begin() && lhs.end() == rhs.end(); } // Adjusts request_range_spec to fit a cached response of size content_length, putting the results // in response_ranges. Returns true if response_ranges is satisfiable (empty is considered // satisfiable, as it denotes the entire body). // TODO(toddmgreer): Merge/reorder ranges where appropriate. bool adjustByteRangeSet(std::vector& response_ranges, const std::vector& request_range_spec, uint64_t content_length); // Result of a lookup operation, including cached headers and information needed // to serve a response based on it, or to attempt to validate. struct LookupResult { // If cache_entry_status_ == Unusable, none of the other members are // meaningful. CacheEntryStatus cache_entry_status_ = CacheEntryStatus::Unusable; // Headers of the cached response. Http::ResponseHeaderMapPtr headers_; // Size of the full response body. Cache filter will generate a content-length // header with this value, replacing any preexisting content-length header. // (This lets us dechunk responses as we insert them, then later serve them // with a content-length header.) uint64_t content_length_; // Represents the subset of the cached response body that should be served to // the client. If response_ranges.empty(), the entire body should be served. // Otherwise, each Range in response_ranges specifies an exact set of bytes to // serve from the cached response's body. All byte positions in // response_ranges must be in the range [0,content_length). Caches should // ensure that they can efficiently serve these ranges, and may merge and/or // reorder ranges as appropriate, or may clear() response_ranges entirely. std::vector response_ranges_; // TODO(toddmgreer): Implement trailer support. // True if the cached response has trailers. bool has_trailers_ = false; // Update the content length of the object and its response headers. void setContentLength(uint64_t new_length) { content_length_ = new_length; headers_->setContentLength(new_length); } }; using LookupResultPtr = std::unique_ptr; // Produces a hash of key that is consistent across restarts, architectures, // builds, and configurations. Caches that store persistent entries based on a // 64-bit hash should (but are not required to) use stableHashKey. Once this API // leaves alpha, any improvements to stableHashKey that would change its output // for existing callers is a breaking change. // // For non-persistent storage, use MessageUtil, which has no long-term stability // guarantees. // // When providing a cached response, Caches must ensure that the keys (and not // just their hashes) match. // // TODO(toddmgreer): Ensure that stability guarantees above are accurate. size_t stableHashKey(const Key& key); // The metadata associated with a cached response. // TODO(yosrym93): This could be changed to a proto if a need arises. // If a cache was created with the current interface, then it was changed to a proto, all the cache // entries will need to be invalidated. struct ResponseMetadata { // The time at which a response was was most recently inserted, updated, or validated in this // cache. This represents "response_time" in the age header calculations at: // https://httpwg.org/specs/rfc7234.html#age.calculations SystemTime response_time_; }; // LookupRequest holds everything about a request that's needed to look for a // response in a cache, to evaluate whether an entry from a cache is usable, and // to determine what ranges are needed. class LookupRequest { public: // Prereq: request_headers's Path(), Scheme(), and Host() are non-null. LookupRequest(const Http::RequestHeaderMap& request_headers, SystemTime timestamp, const VaryHeader& vary_allow_list); const RequestCacheControl& requestCacheControl() const { return request_cache_control_; } // Caches may modify the key according to local needs, though care must be // taken to ensure that meaningfully distinct responses have distinct keys. const Key& key() const { return key_; } // WARNING: Incomplete--do not use in production (yet). // Returns a LookupResult suitable for sending to the cache filter's // LookupHeadersCallback. Specifically, // - LookupResult::cache_entry_status_ is set according to HTTP cache // validation logic. // - LookupResult::headers_ takes ownership of response_headers. // - LookupResult::content_length_ == content_length. // - LookupResult::response_ranges_ entries are satisfiable (as documented // there). LookupResult makeLookupResult(Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, uint64_t content_length) const; // Warning: this should not be accessed out-of-thread! const Http::RequestHeaderMap& getVaryHeaders() const { return *vary_headers_; } private: void initializeRequestCacheControl(const Http::RequestHeaderMap& request_headers); bool requiresValidation(const Http::ResponseHeaderMap& response_headers, SystemTime::duration age) const; Key key_; std::vector request_range_spec_; // Time when this LookupRequest was created (in response to an HTTP request). SystemTime timestamp_; // The subset of this request's headers that match one of the rules in // envoy::extensions::filters::http::cache::v3alpha::CacheConfig::allowed_vary_headers. If a cache // storage implementation forwards lookup requests to a remote cache server that supports *vary* // headers, that server may need to see these headers. For local implementations, it may be // simpler to instead call makeLookupResult with each potential response. Http::RequestHeaderMapPtr vary_headers_; RequestCacheControl request_cache_control_; }; // Statically known information about a cache. struct CacheInfo { absl::string_view name_; bool supports_range_requests_ = false; }; using LookupBodyCallback = std::function; using LookupHeadersCallback = std::function; using LookupTrailersCallback = std::function; using InsertCallback = std::function; // Manages the lifetime of an insertion. class InsertContext { public: // Accepts response_headers for caching. Only called once. virtual void insertHeaders(const Http::ResponseHeaderMap& response_headers, const ResponseMetadata& metadata, bool end_stream) PURE; // The insertion is streamed into the cache in chunks whose size is determined // by the client, but with a pace determined by the cache. To avoid streaming // data into cache too fast for the cache to handle, clients should wait for // the cache to call readyForNextChunk() before streaming the next chunk. // // The client can abort the streaming insertion by dropping the // InsertContextPtr. A cache can abort the insertion by passing 'false' into // ready_for_next_chunk. virtual void insertBody(const Buffer::Instance& chunk, InsertCallback ready_for_next_chunk, bool end_stream) PURE; // Inserts trailers into the cache. virtual void insertTrailers(const Http::ResponseTrailerMap& trailers) PURE; // This routine is called prior to an InsertContext being destroyed. InsertContext is responsible // for making sure that any async activities are cleaned up before returning from onDestroy(). // This includes timers, network calls, etc. The reason there is an onDestroy() method vs. doing // this type of cleanup in the destructor is to avoid potential data races between an async // callback and the destructor in case the connection terminates abruptly. // Example scenario with a hypothetical cache that uses RPC: // 1. [Filter's thread] CacheFilter calls InsertContext::insertBody. // 2. [Filter's thread] RPCInsertContext sends RPC and returns. // 3. [Filter's thread] Client disconnects; Destroying stream; CacheFilter destructor begins. // 4. [Filter's thread] RPCInsertContext destructor begins. // 5. [Other thread] RPC completes and calls RPCInsertContext::onRPCDone. // --> RPCInsertContext's destructor and onRpcDone cause a data race in RpcInsertContext. // onDestroy() should cancel any outstanding async operations and, if necessary, // it should block on that cancellation to avoid data races. InsertContext must not invoke any // callbacks to the CacheFilter after having onDestroy() invoked. virtual void onDestroy() PURE; virtual ~InsertContext() = default; }; using InsertContextPtr = std::unique_ptr; // Lookup context manages the lifetime of a lookup, helping clients to pull data // from the cache at a pace that works for them. At any time a client can abort // an in-progress lookup by simply dropping the LookupContextPtr. class LookupContext { public: // Get the headers from the cache. It is a programming error to call this // twice. virtual void getHeaders(LookupHeadersCallback&& cb) PURE; // Reads the next chunk from the cache, calling cb when the chunk is ready. // The Buffer::InstancePtr passed to cb must not be null. // // The cache must call cb with a range of bytes starting at range.start() and // ending at or before range.end(). Caller is responsible for tracking what // ranges have been received, what to request next, and when to stop. A cache // can report an error, and cause the response to be aborted, by calling cb // with nullptr. // // If a cache happens to load data in chunks of a set size, it may be // efficient to respond with fewer than the requested number of bytes. For // example, assuming a 23 byte full-bodied response from a cache that reads in // absurdly small 10 byte chunks: // // getBody requests bytes 0-23 .......... callback with bytes 0-9 // getBody requests bytes 10-23 .......... callback with bytes 10-19 // getBody requests bytes 20-23 .......... callback with bytes 20-23 virtual void getBody(const AdjustedByteRange& range, LookupBodyCallback&& cb) PURE; // Get the trailers from the cache. Only called if LookupResult::has_trailers == true. The // Http::ResponseTrailerMapPtr passed to cb must not be null. virtual void getTrailers(LookupTrailersCallback&& cb) PURE; // This routine is called prior to a LookupContext being destroyed. LookupContext is responsible // for making sure that any async activities are cleaned up before returning from onDestroy(). // This includes timers, network calls, etc. The reason there is an onDestroy() method vs. doing // this type of cleanup in the destructor is to avoid potential data races between an async // callback and the destructor in case the connection terminates abruptly. // Example scenario with a hypothetical cache that uses RPC: // 1. [Filter's thread] CacheFilter calls LookupContext::getHeaders. // 2. [Filter's thread] RPCLookupContext sends RPC and returns. // 3. [Filter's thread] Client disconnects; Destroying stream; CacheFilter destructor begins. // 4. [Filter's thread] RPCLookupContext destructor begins. // 5. [Other thread] RPC completes and calls RPCLookupContext::onRPCDone. // --> RPCLookupContext's destructor and onRpcDone cause a data race in RPCLookupContext. // onDestroy() should cancel any outstanding async operations and, if necessary, // it should block on that cancellation to avoid data races. InsertContext must not invoke any // callbacks to the CacheFilter after having onDestroy() invoked. virtual void onDestroy() PURE; virtual ~LookupContext() = default; }; using LookupContextPtr = std::unique_ptr; // Implement this interface to provide a cache implementation for use by // CacheFilter. class HttpCache { public: // Returns a LookupContextPtr to manage the state of a cache lookup. On a cache // miss, the returned LookupContext will be given to the insert call (if any). virtual LookupContextPtr makeLookupContext(LookupRequest&& request) PURE; // Returns an InsertContextPtr to manage the state of a cache insertion. // Responses with a chunked transfer-encoding must be dechunked before // insertion. virtual InsertContextPtr makeInsertContext(LookupContextPtr&& lookup_context) PURE; // Precondition: lookup_context represents a prior cache lookup that required // validation. // // Update the headers of that cache entry to match response_headers. The cache // entry's body and trailers (if any) will not be modified. // // This is called when an expired cache entry is successfully validated, to // update the cache entry. virtual void updateHeaders(const LookupContext& lookup_context, const Http::ResponseHeaderMap& response_headers, const ResponseMetadata& metadata) PURE; // Returns statically known information about a cache. virtual CacheInfo cacheInfo() const PURE; virtual ~HttpCache() = default; }; // Factory interface for cache implementations to implement and register. class HttpCacheFactory : public Config::TypedFactory { public: // From UntypedFactory std::string category() const override { return "envoy.http.cache"; } // Returns an HttpCache that will remain valid indefinitely (at least as long // as the calling CacheFilter). virtual HttpCache& getCache(const envoy::extensions::filters::http::cache::v3alpha::CacheConfig& config) PURE; ~HttpCacheFactory() override = default; private: const std::string name_; }; using HttpCacheFactoryPtr = std::unique_ptr; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/inline_headers_handles.h ================================================ #pragma once #include "envoy/http/header_map.h" #include "common/http/headers.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { // Request headers inline handles inline Http::RegisterCustomInlineHeader authorization_handle(Http::CustomHeaders::get().Authorization); inline Http::RegisterCustomInlineHeader pragma_handle(Http::CustomHeaders::get().Pragma); inline Http::RegisterCustomInlineHeader request_cache_control_handle(Http::CustomHeaders::get().CacheControl); inline Http::RegisterCustomInlineHeader if_match_handle(Http::CustomHeaders::get().IfMatch); inline Http::RegisterCustomInlineHeader if_none_match_handle(Http::CustomHeaders::get().IfNoneMatch); inline Http::RegisterCustomInlineHeader if_modified_since_handle(Http::CustomHeaders::get().IfModifiedSince); inline Http::RegisterCustomInlineHeader if_unmodified_since_handle(Http::CustomHeaders::get().IfUnmodifiedSince); inline Http::RegisterCustomInlineHeader if_range_handle(Http::CustomHeaders::get().IfRange); // Response headers inline handles inline Http::RegisterCustomInlineHeader response_cache_control_handle(Http::CustomHeaders::get().CacheControl); inline Http::RegisterCustomInlineHeader last_modified_handle(Http::CustomHeaders::get().LastModified); inline Http::RegisterCustomInlineHeader etag_handle(Http::CustomHeaders::get().Etag); inline Http::RegisterCustomInlineHeader age_handle(Http::Headers::get().Age); inline Http::RegisterCustomInlineHeader expires_handle(Http::Headers::get().Expires); } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/key.proto ================================================ syntax = "proto3"; package Envoy.Extensions.HttpFilters.Cache; // Cache key for lookups and inserts. message Key { string cluster_name = 1; string host = 2; string path = 3; string query = 4; // True for http://, false for https://. bool clear_http = 5; // Cache implementations can store arbitrary content in these fields; never set by cache filter. repeated bytes custom_fields = 6; repeated int64 custom_ints = 7; }; ================================================ FILE: source/extensions/filters/http/cache/simple_http_cache/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 ## WIP: Simple in-memory cache storage plugin. Not ready for deployment. envoy_extension_package() envoy_cc_extension( name = "simple_http_cache_lib", srcs = ["simple_http_cache.cc"], hdrs = ["simple_http_cache.h"], security_posture = "robust_to_untrusted_downstream_and_upstream", status = "wip", deps = [ ":config_cc_proto", "//include/envoy/registry", "//include/envoy/runtime:runtime_interface", "//source/common/buffer:buffer_lib", "//source/common/common:macros", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/protobuf", "//source/extensions/filters/http/cache:http_cache_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", ], ) envoy_proto_library( name = "config", srcs = ["config.proto"], ) ================================================ FILE: source/extensions/filters/http/cache/simple_http_cache/config.proto ================================================ syntax = "proto3"; package envoy.source.extensions.filters.http.cache; // [#protodoc-title: SimpleHttpCache CacheFilter storage plugin] // [#extension: envoy.extensions.http.cache] message SimpleHttpCacheConfig { } ================================================ FILE: source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.cc ================================================ #include "extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" #include "envoy/registry/registry.h" #include "common/buffer/buffer_impl.h" #include "common/http/header_map_impl.h" #include "source/extensions/filters/http/cache/simple_http_cache/config.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { namespace { class SimpleLookupContext : public LookupContext { public: SimpleLookupContext(SimpleHttpCache& cache, LookupRequest&& request) : cache_(cache), request_(std::move(request)) {} void getHeaders(LookupHeadersCallback&& cb) override { auto entry = cache_.lookup(request_); body_ = std::move(entry.body_); cb(entry.response_headers_ ? request_.makeLookupResult(std::move(entry.response_headers_), std::move(entry.metadata_), body_.size()) : LookupResult{}); } void getBody(const AdjustedByteRange& range, LookupBodyCallback&& cb) override { ASSERT(range.end() <= body_.length(), "Attempt to read past end of body."); cb(std::make_unique(&body_[range.begin()], range.length())); } void getTrailers(LookupTrailersCallback&&) override { // TODO(toddmgreer): Support trailers. NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } const LookupRequest& request() const { return request_; } void onDestroy() override {} private: SimpleHttpCache& cache_; const LookupRequest request_; std::string body_; }; class SimpleInsertContext : public InsertContext { public: SimpleInsertContext(LookupContext& lookup_context, SimpleHttpCache& cache) : key_(dynamic_cast(lookup_context).request().key()), entry_vary_headers_( dynamic_cast(lookup_context).request().getVaryHeaders()), cache_(cache) {} void insertHeaders(const Http::ResponseHeaderMap& response_headers, const ResponseMetadata& metadata, bool end_stream) override { ASSERT(!committed_); response_headers_ = Http::createHeaderMap(response_headers); metadata_ = metadata; if (end_stream) { commit(); } } void insertBody(const Buffer::Instance& chunk, InsertCallback ready_for_next_chunk, bool end_stream) override { ASSERT(!committed_); ASSERT(ready_for_next_chunk || end_stream); body_.add(chunk); if (end_stream) { commit(); } else { ready_for_next_chunk(true); } } void insertTrailers(const Http::ResponseTrailerMap&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; // TODO(toddmgreer): support trailers } void onDestroy() override {} private: void commit() { committed_ = true; if (VaryHeader::hasVary(*response_headers_)) { cache_.varyInsert(key_, std::move(response_headers_), std::move(metadata_), body_.toString(), entry_vary_headers_); } else { cache_.insert(key_, std::move(response_headers_), std::move(metadata_), body_.toString()); } } Key key_; Http::ResponseHeaderMapPtr response_headers_; ResponseMetadata metadata_; const Http::RequestHeaderMap& entry_vary_headers_; SimpleHttpCache& cache_; Buffer::OwnedImpl body_; bool committed_ = false; }; } // namespace LookupContextPtr SimpleHttpCache::makeLookupContext(LookupRequest&& request) { return std::make_unique(*this, std::move(request)); } void SimpleHttpCache::updateHeaders(const LookupContext&, const Http::ResponseHeaderMap&, const ResponseMetadata&) { // TODO(toddmgreer): Support updating headers. // Not implemented yet, however this is called during tests // NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } SimpleHttpCache::Entry SimpleHttpCache::lookup(const LookupRequest& request) { absl::ReaderMutexLock lock(&mutex_); auto iter = map_.find(request.key()); if (iter == map_.end()) { return Entry{}; } ASSERT(iter->second.response_headers_); if (VaryHeader::hasVary(*iter->second.response_headers_)) { return varyLookup(request, iter->second.response_headers_); } else { return SimpleHttpCache::Entry{ Http::createHeaderMap(*iter->second.response_headers_), iter->second.metadata_, iter->second.body_}; } } void SimpleHttpCache::insert(const Key& key, Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, std::string&& body) { absl::WriterMutexLock lock(&mutex_); map_[key] = SimpleHttpCache::Entry{std::move(response_headers), std::move(metadata), std::move(body)}; } SimpleHttpCache::Entry SimpleHttpCache::varyLookup(const LookupRequest& request, const Http::ResponseHeaderMapPtr& response_headers) { // This method should be called from lookup, which holds the mutex for reading. mutex_.AssertReaderHeld(); const Http::HeaderEntry* vary_header = response_headers->get(Http::Headers::get().Vary); ASSERT(vary_header); Key varied_request_key = request.key(); const std::string vary_key = VaryHeader::createVaryKey(vary_header, request.getVaryHeaders()); varied_request_key.add_custom_fields(vary_key); auto iter = map_.find(varied_request_key); if (iter == map_.end()) { return SimpleHttpCache::Entry{}; } ASSERT(iter->second.response_headers_); return SimpleHttpCache::Entry{ Http::createHeaderMap(*iter->second.response_headers_), iter->second.metadata_, iter->second.body_}; } void SimpleHttpCache::varyInsert(const Key& request_key, Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, std::string&& body, const Http::RequestHeaderMap& request_vary_headers) { absl::WriterMutexLock lock(&mutex_); const Http::HeaderEntry* vary_header = response_headers->get(Http::Headers::get().Vary); ASSERT(vary_header); // Insert the varied response. Key varied_request_key = request_key; const std::string vary_key = VaryHeader::createVaryKey(vary_header, request_vary_headers); varied_request_key.add_custom_fields(vary_key); map_[varied_request_key] = SimpleHttpCache::Entry{std::move(response_headers), std::move(metadata), std::move(body)}; // Add a special entry to flag that this request generates varied responses. auto iter = map_.find(request_key); if (iter == map_.end()) { Http::ResponseHeaderMapPtr vary_only_map = Http::createHeaderMap({}); vary_only_map->setCopy(Http::Headers::get().Vary, vary_header->value().getStringView()); // TODO(cbdm): In a cache that evicts entries, we could maintain a list of the "varykey"s that // we have inserted as the body for this first lookup. This way, we would know which keys we // have inserted for that resource. For the first entry simply use vary_key as the entry_list, // for future entries append vary_key to existing list. std::string entry_list; map_[request_key] = SimpleHttpCache::Entry{std::move(vary_only_map), {}, std::move(entry_list)}; } } InsertContextPtr SimpleHttpCache::makeInsertContext(LookupContextPtr&& lookup_context) { ASSERT(lookup_context != nullptr); return std::make_unique(*lookup_context, *this); } constexpr absl::string_view Name = "envoy.extensions.http.cache.simple"; CacheInfo SimpleHttpCache::cacheInfo() const { CacheInfo cache_info; cache_info.name_ = Name; return cache_info; } class SimpleHttpCacheFactory : public HttpCacheFactory { public: // From UntypedFactory std::string name() const override { return std::string(Name); } // From TypedFactory ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::source::extensions::filters::http::cache::SimpleHttpCacheConfig>(); } // From HttpCacheFactory HttpCache& getCache(const envoy::extensions::filters::http::cache::v3alpha::CacheConfig&) override { return cache_; } private: SimpleHttpCache cache_; }; static Registry::RegisterFactory register_; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h ================================================ #pragma once #include "common/protobuf/utility.h" #include "extensions/filters/http/cache/http_cache.h" #include "absl/base/thread_annotations.h" #include "absl/container/flat_hash_map.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cache { // Example cache backend that never evicts. Not suitable for production use. class SimpleHttpCache : public HttpCache { private: struct Entry { Http::ResponseHeaderMapPtr response_headers_; ResponseMetadata metadata_; std::string body_; }; // Looks for a response that has been varied. Only called from lookup. Entry varyLookup(const LookupRequest& request, const Http::ResponseHeaderMapPtr& response_headers); public: // HttpCache LookupContextPtr makeLookupContext(LookupRequest&& request) override; InsertContextPtr makeInsertContext(LookupContextPtr&& lookup_context) override; void updateHeaders(const LookupContext& lookup_context, const Http::ResponseHeaderMap& response_headers, const ResponseMetadata& metadata) override; CacheInfo cacheInfo() const override; Entry lookup(const LookupRequest& request); void insert(const Key& key, Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, std::string&& body); // Inserts a response that has been varied on certain headers. void varyInsert(const Key& request_key, Http::ResponseHeaderMapPtr&& response_headers, ResponseMetadata&& metadata, std::string&& body, const Http::RequestHeaderMap& request_vary_headers); absl::Mutex mutex_; absl::flat_hash_map map_ ABSL_GUARDED_BY(mutex_); }; } // namespace Cache } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "filter_lib", srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//source/common/common:statusor_lib", "//source/common/http:headers_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", ], ) envoy_cc_library( name = "parser_lib", srcs = ["parser.cc"], hdrs = ["parser.h"], deps = ["//source/common/common:statusor_lib"], ) envoy_cc_library( name = "utils_lib", srcs = ["utils.cc"], hdrs = ["utils.h"], deps = [ ":parser_lib", "//source/common/common:statusor_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":filter_lib", ":parser_lib", "//include/envoy/http:filter_interface", "//include/envoy/registry", "//include/envoy/server:factory_context_interface", "//source/common/common:statusor_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/cdn_loop/config.cc ================================================ #include "extensions/filters/http/cdn_loop/config.h" #include #include "envoy/common/exception.h" #include "envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.pb.h" #include "envoy/http/filter.h" #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" #include "common/common/statusor.h" #include "extensions/filters/http/cdn_loop/filter.h" #include "extensions/filters/http/cdn_loop/parser.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { using ::Envoy::Extensions::HttpFilters::CdnLoop::Parser::parseCdnId; using ::Envoy::Extensions::HttpFilters::CdnLoop::Parser::ParseContext; using ::Envoy::Extensions::HttpFilters::CdnLoop::Parser::ParsedCdnId; Http::FilterFactoryCb CdnLoopFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cdn_loop::v3alpha::CdnLoopConfig& config, const std::string& /*stats_prefix*/, Server::Configuration::FactoryContext& /*context*/) { StatusOr context = parseCdnId(ParseContext(config.cdn_id())); if (!context.ok()) { throw EnvoyException(fmt::format("Provided cdn_id \"{}\" is not a valid CDN identifier: {}", config.cdn_id(), context.status())); } return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter( std::make_shared(config.cdn_id(), config.max_allowed_occurrences())); }; } REGISTER_FACTORY(CdnLoopFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/config.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.pb.h" #include "envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.pb.validate.h" #include "envoy/http/filter.h" #include "envoy/server/factory_context.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { class CdnLoopFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::cdn_loop::v3alpha::CdnLoopConfig> { public: CdnLoopFilterFactory() : FactoryBase(HttpFilterNames::get().CdnLoop) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cdn_loop::v3alpha::CdnLoopConfig& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/filter.cc ================================================ #include "extensions/filters/http/cdn_loop/filter.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "common/common/statusor.h" #include "common/http/headers.h" #include "extensions/filters/http/cdn_loop/utils.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { namespace { Http::RegisterCustomInlineHeader cdn_loop_handle(Http::CustomHeaders::get().CdnLoop); constexpr absl::string_view ParseErrorMessage = "Invalid CDN-Loop header in request."; constexpr absl::string_view ParseErrorDetails = "invalid_cdn_loop_header"; constexpr absl::string_view LoopDetectedMessage = "The server has detected a loop between CDNs."; constexpr absl::string_view LoopDetectedDetails = "cdn_loop_detected"; } // namespace Http::FilterHeadersStatus CdnLoopFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool /*end_stream*/) { if (const Http::HeaderEntry* header_entry = headers.getInline(cdn_loop_handle.handle()); header_entry != nullptr) { if (StatusOr count = countCdnLoopOccurrences(header_entry->value().getStringView(), cdn_id_); !count) { decoder_callbacks_->sendLocalReply(Http::Code::BadRequest, ParseErrorMessage, nullptr, absl::nullopt, ParseErrorDetails); return Http::FilterHeadersStatus::StopIteration; } else if (*count > max_allowed_occurrences_) { decoder_callbacks_->sendLocalReply(Http::Code::BadGateway, LoopDetectedMessage, nullptr, absl::nullopt, LoopDetectedDetails); return Http::FilterHeadersStatus::StopIteration; } } headers.appendCopy(Http::CustomHeaders::get().CdnLoop, cdn_id_); return Http::FilterHeadersStatus::Continue; } } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/filter.h ================================================ #pragma once #include #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { class CdnLoopFilter : public Http::PassThroughDecoderFilter { public: CdnLoopFilter(std::string cdn_id, int max_allowed_occurrences) : cdn_id_(std::move(cdn_id)), max_allowed_occurrences_(max_allowed_occurrences) {} Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; private: const std::string cdn_id_; const int max_allowed_occurrences_; }; } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/parser.cc ================================================ #include "extensions/filters/http/cdn_loop/parser.h" #include "common/common/statusor.h" #include "absl/status/status.h" #include "absl/strings/str_format.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { namespace Parser { namespace { // RFC 5234 Appendix B.1 says: // // ALPHA = %x41-5A / %x61-7A ; A-Z / a-z constexpr bool isAlpha(char c) { return ('\x41' <= c && c <= '\x5a') || ('\x61' <= c && c <= '\x7a'); } // RFC 5234 Appendix B.1 says: // // DIGIT = %x30-39 ; 0-9 constexpr bool isDigit(char c) { return '\x30' <= c && c <= '\x39'; } // RFC 2234 Section 6.1 defines HEXDIG as: // // HEXDIG = DIGIT / "A" / "B" / "C" / "D" / "E" / "F" // // This rule allows lower case letters too in violation of the RFC since IPv6 // addresses commonly contain lower-case hex digits. constexpr bool isHexDigitCaseInsensitive(char c) { return isDigit(c) || ('A' <= c && c <= 'F') || ('a' <= c && c <= 'f'); } // RFC 7230 Section 3.2.6 defines obs-text as: // // obs-text = %x80-FF constexpr bool isObsText(char c) { return 0x80 & c; } // RFC 7230 Section 3.2.6 defines qdtext as: // // qdtext = HTAB / SP / %x21 / %x23-5B / %x5D-7E / obs-text constexpr bool isQdText(char c) { return c == '\t' || c == ' ' || c == '\x21' || ('\x23' <= c && c <= '\x5B') || ('\x5D' <= c && c <= '\x7E') || isObsText(c); } // RFC 5234 Appendix B.1 says: // // VCHAR = %x21-7E // ; visible (printing) characters constexpr bool isVChar(char c) { return '\x21' <= c && c <= '\x7e'; } } // namespace ParseContext skipOptionalWhitespace(const ParseContext& input) { ParseContext context = input; while (!context.atEnd()) { const char c = context.peek(); if (!(c == ' ' || c == '\t')) { break; } context.increment(); } return context; } StatusOr parseQuotedPair(const ParseContext& input) { ParseContext context = input; if (context.atEnd()) { return absl::InvalidArgumentError( absl::StrFormat("expected backslash at position %d; found end-of-input", context.next())); } if (context.peek() != '\\') { return absl::InvalidArgumentError(absl::StrFormat( "expected backslash at position %d; found '%c'", input.next(), context.peek())); } context.increment(); if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrFormat( "expected escaped character at position %d; found end-of-input", context.next())); } const char c = context.peek(); if (!(c == '\t' || c == ' ' || isVChar(c) || isObsText(c))) { return absl::InvalidArgumentError( absl::StrFormat("expected escapable character at position %d; found '\\x%x'", input.next(), context.peek())); } context.increment(); return context; } StatusOr parseQuotedString(const ParseContext& input) { ParseContext context = input; if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrFormat( "expected opening '\"' at position %d; found end-of-input", context.next())); } if (context.peek() != '"') { return absl::InvalidArgumentError(absl::StrFormat( "expected opening quote at position %d; found '%c'", context.next(), context.peek())); } context.increment(); while (!context.atEnd() && context.peek() != '"') { if (isQdText(context.peek())) { context.increment(); continue; } else if (context.peek() == '\\') { if (StatusOr quoted_pair_context = parseQuotedPair(context); !quoted_pair_context) { return quoted_pair_context.status(); } else { context.setNext(*quoted_pair_context); continue; } } else { break; } } if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrFormat( "expected closing quote at position %d; found end-of-input", context.next())); } if (context.peek() != '"') { return absl::InvalidArgumentError(absl::StrFormat( "expected closing quote at position %d; found '%c'", input.next(), context.peek())); } context.increment(); return context; } StatusOr parseToken(const ParseContext& input) { ParseContext context = input; while (!context.atEnd()) { const char c = context.peek(); // Put alphanumeric, -, and _ characters at the head of the list since // they're likely to be used most often. if (isAlpha(c) || isDigit(c) || c == '-' || c == '_' || c == '!' || c == '#' || c == '$' || c == '%' || c == '&' || c == '\'' || c == '*' || c == '+' || c == '.' || c == '^' || c == '`' || c == '|' || c == '~') { context.increment(); } else { break; } } if (context.next() == input.next()) { if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrFormat( "expected token starting at position %d; found end of input", input.next())); } else { return absl::InvalidArgumentError(absl::StrFormat( "expected token starting at position %d; found '%c'", input.next(), context.peek())); } } return context; } StatusOr parsePlausibleIpV6(const ParseContext& input) { ParseContext context = input; if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrFormat( "expected IPv6 literal at position %d; found end-of-input", context.next())); } if (context.peek() != '[') { return absl::InvalidArgumentError(absl::StrFormat("expected opening '[' of IPv6 literal at " "position %d; found '%c'", context.next(), context.peek())); } context.increment(); while (true) { if (context.atEnd()) { break; } const char c = context.peek(); if (!(isHexDigitCaseInsensitive(c) || c == ':' || c == '.')) { break; } context.increment(); } if (context.atEnd()) { return absl::InvalidArgumentError( absl::StrFormat("expected closing ']' of IPv6 literal at position %d " "found end-of-input", context.next())); } if (context.peek() != ']') { return absl::InvalidArgumentError(absl::StrFormat("expected closing ']' of IPv6 literal at " "position %d; found '%c'", context.next(), context.peek())); } context.increment(); return context; } StatusOr parseCdnId(const ParseContext& input) { ParseContext context = input; if (context.atEnd()) { return absl::InvalidArgumentError( absl::StrFormat("expected cdn-id at position %d; found end-of-input", context.next())); } // Optimization: dispatch on the next character to avoid the StrFormat in the // error path of an IPv6 parser when the value has a token (and vice versa). if (context.peek() == '[') { if (StatusOr ipv6 = parsePlausibleIpV6(context); !ipv6) { return ipv6.status(); } else { context.setNext(*ipv6); } } else { if (StatusOr token = parseToken(context); !token) { return token.status(); } else { context.setNext(*token); } } if (context.atEnd()) { return ParsedCdnId(context, context.value().substr(input.next(), context.next() - input.next())); } if (context.peek() != ':') { return ParsedCdnId(context, context.value().substr(input.next(), context.next() - input.next())); } context.increment(); while (!context.atEnd()) { if (isDigit(context.value()[context.next()])) { context.increment(); } else { break; } } return ParsedCdnId(context, context.value().substr(input.next(), context.next() - input.next())); } StatusOr parseParameter(const ParseContext& input) { ParseContext context = input; if (StatusOr parsed_token = parseToken(context); !parsed_token) { return parsed_token.status(); } else { context.setNext(*parsed_token); } if (context.atEnd()) { return absl::InvalidArgumentError( absl::StrFormat("expected '=' at position %d; found end-of-input", context.next())); } if (context.peek() != '=') { return absl::InvalidArgumentError( absl::StrFormat("expected '=' at position %d; found '%c'", context.next(), context.peek())); } context.increment(); if (context.atEnd()) { return absl::InvalidArgumentError(absl::StrCat( "expected token or quoted-string at position %d; found end-of-input", context.next())); } // Optimization: dispatch on the next character to avoid the StrFormat in the // error path of an quoted string parser when the next item is a token (and // vice versa). if (context.peek() == '"') { if (StatusOr value_quote = parseQuotedString(context); !value_quote) { return value_quote.status(); } else { return *value_quote; } } else { if (StatusOr value_token = parseToken(context); !value_token) { return value_token.status(); } else { return *value_token; } } } StatusOr parseCdnInfo(const ParseContext& input) { absl::string_view cdn_id; ParseContext context = input; if (StatusOr parsed_id = parseCdnId(input); !parsed_id) { return parsed_id.status(); } else { context.setNext(parsed_id->context()); cdn_id = parsed_id->cdnId(); } context.setNext(skipOptionalWhitespace(context)); while (!context.atEnd()) { if (context.peek() != ';') { break; } context.increment(); context.setNext(skipOptionalWhitespace(context)); if (StatusOr parameter = parseParameter(context); !parameter) { return parameter.status(); } else { context.setNext(*parameter); } context.setNext(skipOptionalWhitespace(context)); } return ParsedCdnInfo(context, cdn_id); } StatusOr parseCdnInfoList(const ParseContext& input) { std::vector cdn_infos; ParseContext context = input; context.setNext(skipOptionalWhitespace(context)); while (!context.atEnd()) { // Loop invariant: we're always at the beginning of a new element. if (context.peek() == ',') { // Empty element case context.increment(); context.setNext(skipOptionalWhitespace(context)); continue; } if (StatusOr parsed_cdn_info = parseCdnInfo(context); !parsed_cdn_info) { return parsed_cdn_info.status(); } else { cdn_infos.push_back(parsed_cdn_info->cdnId()); context.setNext(parsed_cdn_info->context()); } context.setNext(skipOptionalWhitespace(context)); if (context.atEnd()) { break; } if (context.peek() != ',') { return absl::InvalidArgumentError(absl::StrFormat("expected ',' at position %d; found '%c'", context.next(), context.peek())); } else { context.increment(); } context.setNext(skipOptionalWhitespace(context)); } return ParsedCdnInfoList(context, std::move(cdn_infos)); } } // namespace Parser } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/parser.h ================================================ #pragma once #include #include "common/common/statusor.h" #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" // This file defines a parser for the CDN-Loop header value. // // RFC 8586 Section 2 defined the CDN-Loop header as: // // CDN-Loop = #cdn-info // cdn-info = cdn-id *( OWS ";" OWS parameter ) // cdn-id = ( uri-host [ ":" port ] ) / pseudonym // pseudonym = token // // Each of those productions rely on definitions in RFC 3986, RFC 5234, RFC // 7230, and RFC 7231. Their use is noted in the individual parse functions. // // The parser is a top-down combined parser and lexer that implements just // enough of the RFC spec to make it possible count the number of times a // particular CDN value appears. The main differences between the RFC's grammar // and the parser defined here are: // // 1. the parser has a more lax interpretation of what's a valid uri-host. See // ParseCdnId for details. // // 2. the parser allows leading and trailing whitespace around the header // value. See ParseCdnInfoList for details. // // Each parse function takes as input a ParseContext that tells the // function where to start. Parse functions that just need to parse a portion // of the CDN-Loop header, but don't need to return a value, should return a // ParseContext pointing to the next character to parse. Parse functions that // need to return a value should return something that contains a ParseContext. // // Parse functions that can fail (most of them!) wrap their return value in an // Envoy::StatusOr. // // In the interest of performance, this parser works with string_views and // references instead of copying std::strings. The string_view passed into the // ParseContext of a parse function must outlive the return value of the // function. namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { namespace Parser { // A ParseContext contains the state of the recursive descent parser and some // helper methods. class ParseContext { public: ParseContext(absl::string_view value) : value_(value), next_(0) {} ParseContext(absl::string_view value, absl::string_view::size_type next) : value_(value), next_(next) {} // Returns true if we have reached the end of value. constexpr bool atEnd() const { return value_.length() <= next_; } // Returns the value we're parsing constexpr absl::string_view value() const { return value_; } // Returns the position of the next character to process. constexpr absl::string_view::size_type next() const { return next_; } // Returns the character at next. // // REQUIRES: !at_end() constexpr char peek() const { return value_[next_]; } // Moves to the next character. constexpr void increment() { ++next_; } // Sets next from another context. constexpr void setNext(const ParseContext& other) { next_ = other.next_; } constexpr bool operator==(const ParseContext& other) const { return value_ == other.value_ && next_ == other.next_; } constexpr bool operator!=(const ParseContext& other) const { return !(*this == other); } friend std::ostream& operator<<(std::ostream& os, ParseContext arg) { return os << "ParseContext{next=" << arg.next_ << "}"; } private: // The item we're parsing. const absl::string_view value_; // A pointer to the next value we should parse. absl::string_view::size_type next_; }; // A ParsedCdnId holds an extracted CDN-Loop cdn-id. class ParsedCdnId { public: ParsedCdnId(ParseContext context, absl::string_view cdn_id) : context_(context), cdn_id_(cdn_id) {} ParseContext context() const { return context_; } absl::string_view cdnId() const { return cdn_id_; } constexpr bool operator==(const ParsedCdnId& other) const { return context_ == other.context_ && cdn_id_ == other.cdn_id_; } constexpr bool operator!=(const ParsedCdnId& other) const { return !(*this == other); } friend std::ostream& operator<<(std::ostream& os, ParsedCdnId arg) { return os << "ParsedCdnId{context=" << arg.context_ << ", cdn_id=" << arg.cdn_id_ << "}"; } private: ParseContext context_; absl::string_view cdn_id_; }; // A ParsedCdnInfo holds the extracted cdn-id after parsing an entire cdn-info. struct ParsedCdnInfo { ParsedCdnInfo(ParseContext context, absl::string_view cdn_id) : context_(context), cdn_id_(cdn_id) {} ParseContext context() const { return context_; } absl::string_view cdnId() const { return cdn_id_; } constexpr bool operator==(const ParsedCdnInfo& other) const { return context_ == other.context_ && cdn_id_ == other.cdn_id_; } constexpr bool operator!=(const ParsedCdnInfo& other) const { return !(*this == other); } friend std::ostream& operator<<(std::ostream& os, ParsedCdnInfo arg) { return os << "ParsedCdnInfo{context=" << arg.context_ << ", cdn_id=" << arg.cdn_id_ << "}"; } private: ParseContext context_; absl::string_view cdn_id_; }; // A ParsedCdnInfoList contains list of cdn-ids after parsing the entire // CDN-Loop production. struct ParsedCdnInfoList { ParsedCdnInfoList(ParseContext context, std::vector cdn_ids) : context_(context), cdn_ids_(std::move(cdn_ids)) {} constexpr const std::vector& cdnIds() { return cdn_ids_; } constexpr bool operator==(const ParsedCdnInfoList& other) const { return context_ == other.context_ && cdn_ids_ == other.cdn_ids_; } constexpr bool operator!=(const ParsedCdnInfoList& other) const { return !(*this == other); } friend std::ostream& operator<<(std::ostream& os, ParsedCdnInfoList arg) { return os << "ParsedCdnInfoList{context=" << arg.context_ << ", cdn_ids=[" << absl::StrJoin(arg.cdn_ids_, ", ") << "]}"; } private: ParseContext context_; std::vector cdn_ids_; }; // Skips optional whitespace according to RFC 7230 Section 3.2.3. // // OWS = *( SP / HTAB ) // // Since this is completely optional, there's no way this call can fail. ParseContext skipOptionalWhitespace(const ParseContext& input); // Parses a quoted-pair according to RFC 7230 Section 3.2.6. // // quoted-pair = "\" ( HTAB / SP / VCHAR / obs-text ) StatusOr parseQuotedPair(const ParseContext& input); // Parses a quoted-string according to RFC 7230 Section 3.2.6. // // quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE // qdtext = HTAB / SP / %x21 / %x23-5B / %x5D-7E / obs-text // obs-text = %x80-FF // // quoted-pair = "\" ( HTAB / SP / VCHAR / obs-text ) StatusOr parseQuotedString(const ParseContext& input); // Parses a token according to RFC 7320 Section 3.2.6. // // token = 1*tchar // // tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" // / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" // / DIGIT / ALPHA // ; any VCHAR, except delimiters // // According to RFC 5234 Appendix B.1: // // ALPHA = %x41-5A / %x61-7A ; A-Z / a-z // // DIGIT = %x30-39 StatusOr parseToken(const ParseContext& input); // Parses something that looks like an IPv6 address literal. // // A proper IPv6 address literal is defined in RFC 3986, Section 3.2.2 as part // of the host rule. We're going to allow something simpler: // // plausible-ipv6 = "[" *( HEXDIGIT | "." | ":" ) "] // HEXDIGIT = DIGIT | %x41-46 | %x61-66 ; 0-9 | A-F | a-f // // Compared to the real rule, our rule: // // - allows lower-case hex digits // - allows address sections with more than 4 hex digits in a row // - allows embedded IPv4 addresses multiple times rather than just at the end. StatusOr parsePlausibleIpV6(const ParseContext& input); // Parses a cdn-id in a lax way. // // According to to RFC 8586 Section 2, the cdn-id is: // // cdn-id = ( uri-host [ ":" port ] ) / pseudonym // pseudonym = token // // The uri-host portion of the cdn-id is the "host" rule from RFC 3986 Section // 3.2.2. Parsing the host rule is remarkably difficult because the host rule // tries to parse exactly valid IP addresses (e.g., disallowing values greater // than 255 in an IPv4 address or only allowing one instance of "::" in IPv6 // addresses) and needs to deal with % escaping in names. // // Worse, the uri-host reg-name rule admits ',' and ';' as members of sub-delim // rule, making parsing ambiguous in some cases! RFC 3986 does this in order to // be "future-proof" for naming schemes we haven't dreamed up yet. RFC 8586 // says that if a CDN uses a uri-host as its cdn-id, the uri-host must be a // "hostname under its control". The only global naming system we have is DNS, // so the only really valid reg-name an Internet-facing Envoy should see is a // DNS name. // // Luckily, the token rule more or less covers the uri-host rule for DNS names // and for IPv4 addresses. We just a new rule to parse IPv6 addresses. See // ParsePlausibleIpV6 for the rule we'll follow. // // The definition of port comes from RFC 3986 Section // 3.2.3 as: // // port = *DIGIT // // In other words, any number of digits is allowed. // // In all, this function will parse cdn-id as: // // cdn-id = ( plausible-ipv6-address / token ) [ ":" *DIGIT ] StatusOr parseCdnId(const ParseContext& input); // Parses a parameter according RFC 7231 Appendix D. // // parameter = token "=" ( token / quoted-string ) StatusOr parseParameter(const ParseContext& input); // Parses a cdn-info according to RFC 8586 Section 2. // // cdn-info = cdn-id *( OWS ";" OWS parameter ) StatusOr parseCdnInfo(const ParseContext& input); // Parses the top-level cdn-info according to RFC 8586 Section 2. // // CDN-Loop = #cdn-info // // The # rule is defined by RFC 7230 Section 7. The # is different for senders // and recipients. We're a recipient, so: // // For compatibility with legacy list rules, a recipient MUST parse and // ignore a reasonable number of empty list elements: enough to handle // common mistakes by senders that merge values, but not so much that // they could be used as a denial-of-service mechanism. In other words, // a recipient MUST accept lists that satisfy the following syntax: // // #element => [ ( "," / element ) *( OWS "," [ OWS element ] ) ] // // 1#element => *( "," OWS ) element *( OWS "," [ OWS element ] ) // // Empty elements do not contribute to the count of elements present. // // Since #cdn-info uses the #element form, we have to parse (but not count) // blank entries. // // In a divergence with the RFC's grammar, this function will also ignore // leading and trailing OWS. This function expects to consume the entire input // and will return an error if there is something it cannot parse. StatusOr parseCdnInfoList(const ParseContext& input); } // namespace Parser } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/utils.cc ================================================ #include "extensions/filters/http/cdn_loop/utils.h" #include #include "common/common/statusor.h" #include "extensions/filters/http/cdn_loop/parser.h" #include "absl/status/status.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { StatusOr countCdnLoopOccurrences(absl::string_view header, absl::string_view cdn_id) { if (cdn_id.empty()) { return absl::InvalidArgumentError("cdn_id cannot be empty"); } if (absl::StatusOr parsed = Parser::parseCdnInfoList(header); parsed) { return std::count(parsed->cdnIds().begin(), parsed->cdnIds().end(), cdn_id); } else { return parsed.status(); } } } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cdn_loop/utils.h ================================================ #pragma once #include "common/common/statusor.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace CdnLoop { // Count the number of times cdn_id appears as a cdn-id element in header. // // According to RFC 8586, a cdn-id is either a uri-host[:port] or a pseudonym. // In either case, cdn_id must be at least one character long. // // If the header is unparseable or if cdn_id is the empty string, this function // will return an InvalidArgument status. StatusOr countCdnLoopOccurrences(absl::string_view header, absl::string_view cdn_id); } // namespace CdnLoop } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "pass_through_filter_lib", hdrs = ["pass_through_filter.h"], # A thin shim used by test and prod filters. visibility = ["//visibility:public"], deps = [ "//include/envoy/server:filter_config_interface", ], ) envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], visibility = ["//visibility:public"], deps = [ "//include/envoy/server:filter_config_interface", ], ) envoy_cc_library( name = "jwks_fetcher_lib", srcs = ["jwks_fetcher.cc"], hdrs = ["jwks_fetcher.h"], external_deps = [ "jwt_verify_lib", ], deps = [ "//include/envoy/upstream:cluster_manager_interface", "//source/common/http:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utility_lib", hdrs = ["utility.h"], # Used by the router filter. TODO(#9953) clean up. visibility = [ "//source:__subpackages__", "//test:__subpackages__", ], deps = [ "//include/envoy/runtime:runtime_interface", "//source/common/common:macros", "//source/extensions/common:utility_lib", "//source/extensions/filters/http:well_known_names", ], ) ================================================ FILE: source/extensions/filters/http/common/compressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # TODO(rojkov): move this library to source/extensions/filters/http/compressor/. envoy_cc_library( name = "compressor_lib", srcs = ["compressor.cc"], hdrs = ["compressor.h"], deps = [ "//include/envoy/compression/compressor:compressor_interface", "//include/envoy/stats:stats_macros", "//include/envoy/stream_info:filter_state_interface", "//source/common/buffer:buffer_lib", "//source/common/http:header_map_lib", "//source/common/protobuf", "//source/common/runtime:runtime_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/common/compressor/compressor.cc ================================================ #include "extensions/filters/http/common/compressor/compressor.h" #include "common/buffer/buffer_impl.h" #include "common/http/header_map_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { namespace Compressors { namespace { Http::RegisterCustomInlineHeader accept_encoding_handle(Http::CustomHeaders::get().AcceptEncoding); Http::RegisterCustomInlineHeader cache_control_handle(Http::CustomHeaders::get().CacheControl); Http::RegisterCustomInlineHeader content_encoding_handle(Http::CustomHeaders::get().ContentEncoding); Http::RegisterCustomInlineHeader etag_handle(Http::CustomHeaders::get().Etag); Http::RegisterCustomInlineHeader vary_handle(Http::CustomHeaders::get().Vary); // Default minimum length of an upstream response that allows compression. const uint64_t DefaultMinimumContentLength = 30; // Default content types will be used if any is provided by the user. const std::vector& defaultContentEncoding() { CONSTRUCT_ON_FIRST_USE( std::vector, {"text/html", "text/plain", "text/css", "application/javascript", "application/x-javascript", "text/javascript", "text/x-javascript", "text/ecmascript", "text/js", "text/jscript", "text/x-js", "application/ecmascript", "application/x-json", "application/xml", "application/json", "image/svg+xml", "text/xml", "application/xhtml+xml"}); } // List of CompressorFilterConfig objects registered for a stream. struct CompressorRegistry : public StreamInfo::FilterState::Object { std::list filter_configs_; }; // Key to per stream CompressorRegistry objects. const std::string& compressorRegistryKey() { CONSTRUCT_ON_FIRST_USE(std::string, "compressors"); } } // namespace CompressorFilterConfig::CompressorFilterConfig( const envoy::extensions::filters::http::compressor::v3::Compressor& compressor, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, const std::string& content_encoding) : content_length_(contentLengthUint(compressor.content_length().value())), content_type_values_(contentTypeSet(compressor.content_type())), disable_on_etag_header_(compressor.disable_on_etag_header()), remove_accept_encoding_header_(compressor.remove_accept_encoding_header()), stats_(generateStats(stats_prefix, scope)), enabled_(compressor.runtime_enabled(), runtime), content_encoding_(content_encoding) {} StringUtil::CaseUnorderedSet CompressorFilterConfig::contentTypeSet(const Protobuf::RepeatedPtrField& types) { const auto& default_content_encodings = defaultContentEncoding(); return types.empty() ? StringUtil::CaseUnorderedSet(default_content_encodings.begin(), default_content_encodings.end()) : StringUtil::CaseUnorderedSet(types.cbegin(), types.cend()); } uint32_t CompressorFilterConfig::contentLengthUint(Protobuf::uint32 length) { return length > 0 ? length : DefaultMinimumContentLength; } CompressorFilter::CompressorFilter(const CompressorFilterConfigSharedPtr config) : skip_compression_{true}, config_(std::move(config)) {} Http::FilterHeadersStatus CompressorFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { const Http::HeaderEntry* accept_encoding = headers.getInline(accept_encoding_handle.handle()); if (accept_encoding != nullptr) { // Capture the value of the "Accept-Encoding" request header to use it later when making // decision on compressing the corresponding HTTP response. accept_encoding_ = std::make_unique(accept_encoding->value().getStringView()); } if (config_->enabled() && config_->removeAcceptEncodingHeader()) { headers.removeInline(accept_encoding_handle.handle()); } return Http::FilterHeadersStatus::Continue; } void CompressorFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; absl::string_view key = compressorRegistryKey(); // To properly handle the cases where the decision on instantiating a compressor depends on // the presence of other compression filters in the chain the filters need to be aware of each // other. This is achieved by exploiting per-request data objects StreamInfo::FilterState: upon // setting up a CompressorFilter, the new instance registers itself in the filter state. Then in // the method isAcceptEncodingAllowed() the first filter is making a decision which encoder needs // to be used for a request, with e.g. "Accept-Encoding: deflate;q=0.75, gzip;q=0.5", and caches // it in the state. All other compression filters in the sequence use the cached decision. const StreamInfo::FilterStateSharedPtr& filter_state = callbacks.streamInfo().filterState(); if (filter_state->hasData(key)) { CompressorRegistry& registry = filter_state->getDataMutable(key); registry.filter_configs_.push_back(config_); } else { auto registry_ptr = std::make_unique(); registry_ptr->filter_configs_.push_back(config_); filter_state->setData(key, std::move(registry_ptr), StreamInfo::FilterState::StateType::Mutable); } } Http::FilterHeadersStatus CompressorFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { const bool isEnabledAndContentLengthBigEnough = config_->enabled() && isMinimumContentLength(headers); const bool isCompressible = isEnabledAndContentLengthBigEnough && isContentTypeAllowed(headers) && !hasCacheControlNoTransform(headers) && isEtagAllowed(headers) && !headers.getInline(content_encoding_handle.handle()); if (!end_stream && isEnabledAndContentLengthBigEnough && isAcceptEncodingAllowed(headers) && isCompressible && isTransferEncodingAllowed(headers)) { skip_compression_ = false; sanitizeEtagHeader(headers); headers.removeContentLength(); headers.setInline(content_encoding_handle.handle(), config_->contentEncoding()); config_->stats().compressed_.inc(); // Finally instantiate the compressor. compressor_ = config_->makeCompressor(); } else { config_->stats().not_compressed_.inc(); } // Even if we decided not to compress due to incompatible Accept-Encoding value, // the Vary header would need to be inserted to let a caching proxy in front of Envoy // know that the requested resource still can be served with compression applied. if (isCompressible) { insertVaryHeader(headers); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus CompressorFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (!skip_compression_) { config_->stats().total_uncompressed_bytes_.add(data.length()); compressor_->compress(data, end_stream ? Envoy::Compression::Compressor::State::Finish : Envoy::Compression::Compressor::State::Flush); config_->stats().total_compressed_bytes_.add(data.length()); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus CompressorFilter::encodeTrailers(Http::ResponseTrailerMap&) { if (!skip_compression_) { Buffer::OwnedImpl empty_buffer; compressor_->compress(empty_buffer, Envoy::Compression::Compressor::State::Finish); config_->stats().total_compressed_bytes_.add(empty_buffer.length()); encoder_callbacks_->addEncodedData(empty_buffer, true); } return Http::FilterTrailersStatus::Continue; } bool CompressorFilter::hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const { const Http::HeaderEntry* cache_control = headers.getInline(cache_control_handle.handle()); if (cache_control) { return StringUtil::caseFindToken(cache_control->value().getStringView(), ",", Http::CustomHeaders::get().CacheControlValues.NoTransform); } return false; } // This function makes decision on which encoding to use for the response body and is // supposed to be called only once per request even if there are multiple compressor // filters in the chain. To make a decision the function needs to know what's the // request's Accept-Encoding, the response's Content-Type and the list of compressor // filters in the current chain. // TODO(rojkov): add an explicit fuzzer for chooseEncoding(). std::unique_ptr CompressorFilter::chooseEncoding(const Http::ResponseHeaderMap& headers) const { using EncPair = std::pair; // pair of {encoding, q_value} std::vector pairs; absl::string_view content_type_value; const Http::HeaderEntry* content_type = headers.ContentType(); if (content_type != nullptr) { content_type_value = StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); } // Find all compressors enabled for the filter chain. std::map allowed_compressors; uint32_t registration_count{0}; for (const auto& filter_config : decoder_callbacks_->streamInfo() .filterState() ->getDataReadOnly(compressorRegistryKey()) .filter_configs_) { // A compressor filter may be limited to compress certain Content-Types. If the response's // content type doesn't match the list of content types this filter is enabled for then // it must be excluded from the decision process. // For example, there are two compressor filters in the chain e.g. "gzip" and "deflate". // "gzip" is configured to compress only "text/html" and "deflate" is configured to compress // only "application/javascript". Then comes a request with Accept-Encoding header // "gzip;q=1,deflate;q=.5". The corresponding response content type is "application/javascript". // If "gzip" is not excluded from the decision process then it will take precedence over // "deflate" and the resulting response won't be compressed at all. if (!content_type_value.empty() && !filter_config->contentTypeValues().empty()) { auto iter = filter_config->contentTypeValues().find(content_type_value); if (iter == filter_config->contentTypeValues().end()) { // Skip adding this filter to the list of allowed compressors. continue; } } // There could be many compressors registered for the same content encoding, e.g. consider a // case when there are two gzip filters using different compression levels for different content // sizes. In such case we ignore duplicates (or different filters for the same encoding) // registered last. auto enc = allowed_compressors.find(filter_config->contentEncoding()); if (enc == allowed_compressors.end()) { allowed_compressors.insert({filter_config->contentEncoding(), registration_count}); ++registration_count; } } // Find all encodings accepted by the user agent and adjust the list of allowed compressors. for (const auto& token : StringUtil::splitToken(*accept_encoding_, ",", false /* keep_empty */)) { EncPair pair = std::make_pair(StringUtil::trim(StringUtil::cropRight(token, ";")), static_cast(1)); const auto params = StringUtil::cropLeft(token, ";"); if (params != token) { const auto q_value = StringUtil::cropLeft(params, "="); if (q_value != params && absl::EqualsIgnoreCase("q", StringUtil::trim(StringUtil::cropRight(params, "=")))) { auto result = absl::SimpleAtof(StringUtil::trim(q_value), &pair.second); if (!result) { // Skip not parseable q-value. continue; } } } pairs.push_back(pair); if (!pair.second) { // Disallow compressors with "q=0". // The reason why we add encodings to "pairs" even with "q=0" is that "pairs" contains // client's expectations and "allowed_compressors" is what Envoy can handle. Consider // the cases of "Accept-Encoding: gzip;q=0, deflate, *" and "Accept-Encoding: deflate, *" // whereas the proxy has only "gzip" configured. If we just exclude the encodings with "q=0" // from "pairs" then upon noticing "*" we don't know if "gzip" is acceptable by the client. allowed_compressors.erase(std::string(pair.first)); } } if (pairs.empty() || allowed_compressors.empty()) { // If there's no intersection between accepted encodings and the ones provided by the allowed // compressors, then only the "identity" encoding is acceptable. return std::make_unique( Http::CustomHeaders::get().AcceptEncodingValues.Identity, CompressorFilter::EncodingDecision::HeaderStat::NotValid); } // Find intersection of encodings accepted by the user agent and provided // by the allowed compressors and choose the one with the highest q-value. EncPair choice{Http::CustomHeaders::get().AcceptEncodingValues.Identity, static_cast(0)}; for (const auto& pair : pairs) { if ((pair.second > choice.second) && (allowed_compressors.count(std::string(pair.first)) || pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity || pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard)) { choice = pair; } } if (!choice.second) { // The value of "Accept-Encoding" must be invalid as we ended up with zero q-value. return std::make_unique( Http::CustomHeaders::get().AcceptEncodingValues.Identity, CompressorFilter::EncodingDecision::HeaderStat::NotValid); } // The "identity" encoding (no compression) is always available. if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity) { return std::make_unique( Http::CustomHeaders::get().AcceptEncodingValues.Identity, CompressorFilter::EncodingDecision::HeaderStat::Identity); } // If wildcard is given then use which ever compressor is registered first. if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard) { auto first_registered = std::min_element( allowed_compressors.begin(), allowed_compressors.end(), [](const std::pair& a, const std::pair& b) -> bool { return a.second < b.second; }); return std::make_unique( first_registered->first, CompressorFilter::EncodingDecision::HeaderStat::Wildcard); } return std::make_unique( std::string(choice.first), CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor); } // Check if this filter was chosen to compress. Also update the filter's stat counters related to // the Accept-Encoding header. bool CompressorFilter::shouldCompress(const CompressorFilter::EncodingDecision& decision) const { const bool should_compress = absl::EqualsIgnoreCase(config_->contentEncoding(), decision.encoding()); switch (decision.stat()) { case CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor: if (should_compress) { config_->stats().header_compressor_used_.inc(); // TODO(rojkov): Remove this increment when the gzip-specific stat is gone. if (absl::EqualsIgnoreCase("gzip", config_->contentEncoding())) { config_->stats().header_gzip_.inc(); } } else { // Some other compressor filter in the same chain compressed the response body, // but not this filter. config_->stats().header_compressor_overshadowed_.inc(); } break; case CompressorFilter::EncodingDecision::HeaderStat::Identity: config_->stats().header_identity_.inc(); break; case CompressorFilter::EncodingDecision::HeaderStat::Wildcard: config_->stats().header_wildcard_.inc(); break; default: config_->stats().header_not_valid_.inc(); break; } return should_compress; } bool CompressorFilter::isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const { if (accept_encoding_ == nullptr) { config_->stats().no_accept_header_.inc(); return false; } const absl::string_view encoding_decision_key{"encoding_decision"}; // Check if we have already cached our decision on encoding. const StreamInfo::FilterStateSharedPtr& filter_state = decoder_callbacks_->streamInfo().filterState(); if (filter_state->hasData(encoding_decision_key)) { const CompressorFilter::EncodingDecision& decision = filter_state->getDataReadOnly(encoding_decision_key); return shouldCompress(decision); } // No cached decision found, so decide now. std::unique_ptr decision = chooseEncoding(headers); bool result = shouldCompress(*decision); filter_state->setData(encoding_decision_key, std::move(decision), StreamInfo::FilterState::StateType::ReadOnly); return result; } bool CompressorFilter::isContentTypeAllowed(Http::ResponseHeaderMap& headers) const { const Http::HeaderEntry* content_type = headers.ContentType(); if (content_type != nullptr && !config_->contentTypeValues().empty()) { const absl::string_view value = StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); return config_->contentTypeValues().find(value) != config_->contentTypeValues().end(); } return true; } bool CompressorFilter::isEtagAllowed(Http::ResponseHeaderMap& headers) const { const bool is_etag_allowed = !(config_->disableOnEtagHeader() && headers.getInline(etag_handle.handle())); if (!is_etag_allowed) { config_->stats().not_compressed_etag_.inc(); } return is_etag_allowed; } bool CompressorFilter::isMinimumContentLength(Http::ResponseHeaderMap& headers) const { const Http::HeaderEntry* content_length = headers.ContentLength(); if (content_length != nullptr) { uint64_t length; const bool is_minimum_content_length = absl::SimpleAtoi(content_length->value().getStringView(), &length) && length >= config_->minimumLength(); if (!is_minimum_content_length) { config_->stats().content_length_too_small_.inc(); } return is_minimum_content_length; } return StringUtil::caseFindToken(headers.getTransferEncodingValue(), ",", Http::Headers::get().TransferEncodingValues.Chunked); } bool CompressorFilter::isTransferEncodingAllowed(Http::ResponseHeaderMap& headers) const { const Http::HeaderEntry* transfer_encoding = headers.TransferEncoding(); if (transfer_encoding != nullptr) { for (absl::string_view header_value : StringUtil::splitToken(transfer_encoding->value().getStringView(), ",", true)) { const auto trimmed_value = StringUtil::trim(header_value); if (absl::EqualsIgnoreCase(trimmed_value, config_->contentEncoding()) || // or any other compression type known to Envoy absl::EqualsIgnoreCase(trimmed_value, Http::Headers::get().TransferEncodingValues.Gzip) || absl::EqualsIgnoreCase(trimmed_value, Http::Headers::get().TransferEncodingValues.Deflate)) { return false; } } } return true; } void CompressorFilter::insertVaryHeader(Http::ResponseHeaderMap& headers) { const Http::HeaderEntry* vary = headers.getInline(vary_handle.handle()); if (vary != nullptr) { if (!StringUtil::findToken(vary->value().getStringView(), ",", Http::CustomHeaders::get().VaryValues.AcceptEncoding, true)) { std::string new_header; absl::StrAppend(&new_header, vary->value().getStringView(), ", ", Http::CustomHeaders::get().VaryValues.AcceptEncoding); headers.setInline(vary_handle.handle(), new_header); } } else { headers.setReferenceInline(vary_handle.handle(), Http::CustomHeaders::get().VaryValues.AcceptEncoding); } } // TODO(gsagula): It seems that every proxy has a different opinion how to handle Etag. Some // discussions around this topic have been going on for over a decade, e.g., // https://bz.apache.org/bugzilla/show_bug.cgi?id=45023 // This design attempts to stay more on the safe side by preserving weak etags and removing // the strong ones when disable_on_etag_header is false. Envoy does NOT re-write entity tags. void CompressorFilter::sanitizeEtagHeader(Http::ResponseHeaderMap& headers) { const Http::HeaderEntry* etag = headers.getInline(etag_handle.handle()); if (etag != nullptr) { absl::string_view value(etag->value().getStringView()); if (value.length() > 2 && !((value[0] == 'w' || value[0] == 'W') && value[1] == '/')) { headers.removeInline(etag_handle.handle()); } } } } // namespace Compressors } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/compressor/compressor.h ================================================ #pragma once #include "envoy/compression/compressor/compressor.h" #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stream_info/filter_state.h" #include "common/protobuf/protobuf.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { namespace Compressors { /** * All compressor filter stats. @see stats_macros.h * "total_uncompressed_bytes" only includes bytes from requests that were marked for compression. * If the request was not marked for compression, the filter increments "not_compressed", but does * not add to "total_uncompressed_bytes". This way, the user can measure the memory performance of * the compression. * * "header_compressor_used" is a number of requests whose Accept-Encoding header explicitly stated * that the response body should be compressed with the encoding provided by this filter instance. * * "header_compressor_overshadowed" is a number of requests skipped by this filter instance because * they were handled by another filter in the same filter chain. * * "header_gzip" is specific to the gzip filter and is deprecated since it duplicates * "header_compressor_used". */ #define ALL_COMPRESSOR_STATS(COUNTER) \ COUNTER(compressed) \ COUNTER(not_compressed) \ COUNTER(no_accept_header) \ COUNTER(header_identity) \ COUNTER(header_gzip) \ COUNTER(header_compressor_used) \ COUNTER(header_compressor_overshadowed) \ COUNTER(header_wildcard) \ COUNTER(header_not_valid) \ COUNTER(total_uncompressed_bytes) \ COUNTER(total_compressed_bytes) \ COUNTER(content_length_too_small) \ COUNTER(not_compressed_etag) /** * Struct definition for compressor stats. @see stats_macros.h */ struct CompressorStats { ALL_COMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) }; // TODO(rojkov): merge this class with Compressor::CompressorFilterConfig when the filter // `envoy.filters.http.gzip` is fully deprecated and dropped. class CompressorFilterConfig { public: CompressorFilterConfig() = delete; virtual ~CompressorFilterConfig() = default; virtual Envoy::Compression::Compressor::CompressorPtr makeCompressor() PURE; bool enabled() const { return enabled_.enabled(); } const CompressorStats& stats() { return stats_; } const StringUtil::CaseUnorderedSet& contentTypeValues() const { return content_type_values_; } bool disableOnEtagHeader() const { return disable_on_etag_header_; } bool removeAcceptEncodingHeader() const { return remove_accept_encoding_header_; } uint32_t minimumLength() const { return content_length_; } const std::string contentEncoding() const { return content_encoding_; }; protected: CompressorFilterConfig( const envoy::extensions::filters::http::compressor::v3::Compressor& compressor, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, const std::string& content_encoding); private: static StringUtil::CaseUnorderedSet contentTypeSet(const Protobuf::RepeatedPtrField& types); static uint32_t contentLengthUint(Protobuf::uint32 length); static CompressorStats generateStats(const std::string& prefix, Stats::Scope& scope) { return CompressorStats{ALL_COMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } const uint32_t content_length_; const StringUtil::CaseUnorderedSet content_type_values_; const bool disable_on_etag_header_; const bool remove_accept_encoding_header_; const CompressorStats stats_; Runtime::FeatureFlag enabled_; const std::string content_encoding_; }; using CompressorFilterConfigSharedPtr = std::shared_ptr; /** * A filter that compresses data dispatched from the upstream upon client request. */ class CompressorFilter : public Http::PassThroughFilter { public: explicit CompressorFilter(const CompressorFilterConfigSharedPtr config); // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& buffer, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; private: bool hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const; bool isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const; bool isContentTypeAllowed(Http::ResponseHeaderMap& headers) const; bool isEtagAllowed(Http::ResponseHeaderMap& headers) const; bool isMinimumContentLength(Http::ResponseHeaderMap& headers) const; bool isTransferEncodingAllowed(Http::ResponseHeaderMap& headers) const; void sanitizeEtagHeader(Http::ResponseHeaderMap& headers); void insertVaryHeader(Http::ResponseHeaderMap& headers); class EncodingDecision : public StreamInfo::FilterState::Object { public: enum class HeaderStat { NotValid, Identity, Wildcard, ValidCompressor }; EncodingDecision(const std::string& encoding, const HeaderStat stat) : encoding_(encoding), stat_(stat) {} const std::string& encoding() const { return encoding_; } HeaderStat stat() const { return stat_; } private: const std::string encoding_; const HeaderStat stat_; }; std::unique_ptr chooseEncoding(const Http::ResponseHeaderMap& headers) const; bool shouldCompress(const EncodingDecision& decision) const; bool skip_compression_; Envoy::Compression::Compressor::CompressorPtr compressor_; const CompressorFilterConfigSharedPtr config_; std::unique_ptr accept_encoding_; }; } // namespace Compressors } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/factory_base.h ================================================ #pragma once #include "envoy/server/filter_config.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { /** * Common base class for HTTP filter factory registrations. Removes a substantial amount of * boilerplate. */ template class FactoryBase : public Server::Configuration::NamedHttpFilterConfigFactory { public: Http::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override { return createFilterFactoryFromProtoTyped(MessageUtil::downcastAndValidate( proto_config, context.messageValidationVisitor()), stats_prefix, context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } ProtobufTypes::MessagePtr createEmptyRouteConfigProto() override { return std::make_unique(); } Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfig(const Protobuf::Message& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override { return createRouteSpecificFilterConfigTyped( MessageUtil::downcastAndValidate(proto_config, validator), context, validator); } std::string name() const override { return name_; } protected: FactoryBase(const std::string& name) : name_(name) {} private: virtual Http::FilterFactoryCb createFilterFactoryFromProtoTyped(const ConfigProto& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) PURE; virtual Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped(const RouteConfigProto&, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return nullptr; } const std::string name_; }; } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/jwks_fetcher.cc ================================================ #include "extensions/filters/http/common/jwks_fetcher.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "common/common/enum_to_int.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "jwt_verify_lib/status.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { namespace { class JwksFetcherImpl : public JwksFetcher, public Logger::Loggable, public Http::AsyncClient::Callbacks { public: JwksFetcherImpl(Upstream::ClusterManager& cm) : cm_(cm) { ENVOY_LOG(trace, "{}", __func__); } ~JwksFetcherImpl() override { cancel(); } void cancel() final { if (request_ && !complete_) { request_->cancel(); ENVOY_LOG(debug, "fetch pubkey [uri = {}]: canceled", uri_->uri()); } reset(); } void fetch(const envoy::config::core::v3::HttpUri& uri, Tracing::Span& parent_span, JwksFetcher::JwksReceiver& receiver) override { ENVOY_LOG(trace, "{}", __func__); ASSERT(!receiver_); complete_ = false; receiver_ = &receiver; uri_ = &uri; // Check if cluster is configured, fail the request if not. // Otherwise cm_.httpAsyncClientForCluster will throw exception. if (cm_.get(uri.cluster()) == nullptr) { ENVOY_LOG(error, "{}: fetch pubkey [uri = {}] failed: [cluster = {}] is not configured", __func__, uri.uri(), uri.cluster()); complete_ = true; receiver_->onJwksError(JwksFetcher::JwksReceiver::Failure::Network); reset(); return; } Http::RequestMessagePtr message = Http::Utility::prepareHeaders(uri); message->headers().setReferenceMethod(Http::Headers::get().MethodValues.Get); ENVOY_LOG(debug, "fetch pubkey from [uri = {}]: start", uri_->uri()); auto options = Http::AsyncClient::RequestOptions() .setTimeout(std::chrono::milliseconds( DurationUtil::durationToMilliseconds(uri.timeout()))) .setParentSpan(parent_span) .setChildSpanName("JWT Remote PubKey Fetch"); request_ = cm_.httpAsyncClientForCluster(uri.cluster()).send(std::move(message), *this, options); } // HTTP async receive methods void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) override { ENVOY_LOG(trace, "{}", __func__); complete_ = true; const uint64_t status_code = Http::Utility::getResponseStatus(response->headers()); if (status_code == enumToInt(Http::Code::OK)) { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: success", __func__, uri_->uri()); if (response->body().length() != 0) { const auto body = response->bodyAsString(); auto jwks = google::jwt_verify::Jwks::createFrom(body, google::jwt_verify::Jwks::Type::JWKS); if (jwks->getStatus() == google::jwt_verify::Status::Ok) { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: succeeded", __func__, uri_->uri()); receiver_->onJwksSuccess(std::move(jwks)); } else { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: invalid jwks", __func__, uri_->uri()); receiver_->onJwksError(JwksFetcher::JwksReceiver::Failure::InvalidJwks); } } else { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: body is empty", __func__, uri_->uri()); receiver_->onJwksError(JwksFetcher::JwksReceiver::Failure::Network); } } else { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: response status code {}", __func__, uri_->uri(), status_code); receiver_->onJwksError(JwksFetcher::JwksReceiver::Failure::Network); } reset(); } void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason reason) override { ENVOY_LOG(debug, "{}: fetch pubkey [uri = {}]: network error {}", __func__, uri_->uri(), enumToInt(reason)); complete_ = true; receiver_->onJwksError(JwksFetcher::JwksReceiver::Failure::Network); reset(); } void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: Upstream::ClusterManager& cm_; bool complete_{}; JwksFetcher::JwksReceiver* receiver_{}; const envoy::config::core::v3::HttpUri* uri_{}; Http::AsyncClient::Request* request_{}; void reset() { request_ = nullptr; receiver_ = nullptr; uri_ = nullptr; } }; } // namespace JwksFetcherPtr JwksFetcher::create(Upstream::ClusterManager& cm) { return std::make_unique(cm); } } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/jwks_fetcher.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/upstream/cluster_manager.h" #include "jwt_verify_lib/jwks.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { class JwksFetcher; using JwksFetcherPtr = std::unique_ptr; /** * JwksFetcher interface can be used to retrieve remote JWKS * (https://tools.ietf.org/html/rfc7517) data structures returning a concrete, * type-safe representation. An instance of this interface is designed to * retrieve one JWKS at a time. */ class JwksFetcher { public: class JwksReceiver { public: enum class Failure { /* A network error occurred causing JWKS retrieval failure. */ Network, /* A failure occurred when trying to parse the retrieved JWKS data. */ InvalidJwks, }; virtual ~JwksReceiver() = default; /* * Successful retrieval callback. * of the returned JWKS object. * @param jwks the JWKS object retrieved. */ virtual void onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) PURE; /* * Retrieval error callback. * * @param reason the failure reason. */ virtual void onJwksError(Failure reason) PURE; }; virtual ~JwksFetcher() = default; /* * Cancel any in-flight request. */ virtual void cancel() PURE; /* * Retrieve a JWKS resource from a remote HTTP host. * At most one outstanding request may be in-flight, * i.e. from the invocation of `fetch()` until either * a callback or `cancel()` is invoked, no * additional `fetch()` may be issued. * @param uri the uri to retrieve the jwks from. * @param parent_span the active span to create children under * @param receiver the receiver of the fetched JWKS or error. */ virtual void fetch(const envoy::config::core::v3::HttpUri& uri, Tracing::Span& parent_span, JwksReceiver& receiver) PURE; /* * Factory method for creating a JwksFetcher. * @param cm the cluster manager to use during Jwks retrieval * @return a JwksFetcher instance */ static JwksFetcherPtr create(Upstream::ClusterManager& cm); }; } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/pass_through_filter.h ================================================ #pragma once #include "envoy/http/filter.h" namespace Envoy { namespace Http { // A decoder filter which passes all data through with Continue status. class PassThroughDecoderFilter : public virtual StreamDecoderFilter { public: // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override { return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; } protected: Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; }; // An encoder filter which passes all data through with Continue status. class PassThroughEncoderFilter : public virtual StreamEncoderFilter { public: // Http::StreamFilterBase void onDestroy() override {} // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override { return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; } protected: Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; }; // A filter which passes all data through with Continue status. class PassThroughFilter : public StreamFilter, public PassThroughDecoderFilter, public PassThroughEncoderFilter {}; } // namespace Http } // namespace Envoy ================================================ FILE: source/extensions/filters/http/common/utility.h ================================================ #pragma once #include "common/common/macros.h" #include "extensions/common/utility.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Common { /** * FilterNameUtil provides utilities for handling HTTP filter * extension names (e.g., "envoy.filters.http.buffer"). */ class FilterNameUtil { public: /** * Given a deprecated HTTP filter extension name, return the * canonical name. Any name not defined in the deprecated map is * returned without modification. If deprecated extension names are * disabled, throws EnvoyException. * * @return const std::string& canonical filter name * @throw EnvoyException if deprecated names are disabled */ static const std::string& canonicalFilterName(const std::string& name, Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting()) { const auto& it = deprecatedNameMap().find(name); if (it == deprecatedNameMap().end()) { return name; } Extensions::Common::Utility::ExtensionNameUtil::checkDeprecatedExtensionName( "http filter", name, it->second, runtime); return it->second; } private: using DeprecatedNameMap = absl::flat_hash_map; static const DeprecatedNameMap& deprecatedNameMap() { CONSTRUCT_ON_FIRST_USE( DeprecatedNameMap, { {"envoy.buffer", HttpFilters::HttpFilterNames::get().Buffer}, {"envoy.cors", HttpFilters::HttpFilterNames::get().Cors}, {"envoy.csrf", HttpFilters::HttpFilterNames::get().Csrf}, {"envoy.ext_authz", HttpFilters::HttpFilterNames::get().ExtAuthorization}, {"envoy.fault", HttpFilters::HttpFilterNames::get().Fault}, {"envoy.grpc_http1_bridge", HttpFilters::HttpFilterNames::get().GrpcHttp1Bridge}, {"envoy.grpc_json_transcoder", HttpFilters::HttpFilterNames::get().GrpcJsonTranscoder}, {"envoy.grpc_web", HttpFilters::HttpFilterNames::get().GrpcWeb}, {"envoy.gzip", HttpFilters::HttpFilterNames::get().EnvoyGzip}, {"envoy.health_check", HttpFilters::HttpFilterNames::get().HealthCheck}, {"envoy.http_dynamic_filter", HttpFilters::HttpFilterNames::get().Dynamo}, {"envoy.ip_tagging", HttpFilters::HttpFilterNames::get().IpTagging}, {"envoy.lua", HttpFilters::HttpFilterNames::get().Lua}, {"envoy.rate_limit", HttpFilters::HttpFilterNames::get().RateLimit}, {"envoy.router", HttpFilters::HttpFilterNames::get().Router}, {"envoy.squash", HttpFilters::HttpFilterNames::get().Squash}, }); } }; } // namespace Common } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/compressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that performs compression with configurable compression libraries # Public docs: docs/root/configuration/http_filters/compressor_filter.rst envoy_extension_package() envoy_cc_library( name = "compressor_filter_lib", srcs = ["compressor_filter.cc"], hdrs = ["compressor_filter.h"], deps = [ "//include/envoy/compression/compressor:compressor_factory_interface", "//source/extensions/filters/http/common/compressor:compressor_lib", "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":compressor_filter_lib", "//include/envoy/compression/compressor:compressor_config_interface", "//source/common/config:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/compressor/compressor_filter.cc ================================================ #include "extensions/filters/http/compressor/compressor_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { CompressorFilterConfig::CompressorFilterConfig( const envoy::extensions::filters::http::compressor::v3::Compressor& generic_compressor, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Compression::Compressor::CompressorFactoryPtr compressor_factory) : Common::Compressors::CompressorFilterConfig( generic_compressor, stats_prefix + "compressor." + generic_compressor.compressor_library().name() + "." + compressor_factory->statsPrefix(), scope, runtime, compressor_factory->contentEncoding()), compressor_factory_(std::move(compressor_factory)) {} Envoy::Compression::Compressor::CompressorPtr CompressorFilterConfig::makeCompressor() { return compressor_factory_->createCompressor(); } } // namespace Compressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/compressor/compressor_filter.h ================================================ #pragma once #include "envoy/compression/compressor/factory.h" #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" #include "extensions/filters/http/common/compressor/compressor.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { /** * Configuration for the compressor filter. */ class CompressorFilterConfig : public Common::Compressors::CompressorFilterConfig { // TODO(rojkov): move functionality of Common::Compressors::CompressorFilterConfig // to this class when `envoy.filters.http.gzip` is fully deprecated and dropped. public: CompressorFilterConfig() = delete; CompressorFilterConfig( const envoy::extensions::filters::http::compressor::v3::Compressor& genereic_compressor, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Envoy::Compression::Compressor::CompressorFactoryPtr compressor_factory); Envoy::Compression::Compressor::CompressorPtr makeCompressor() override; private: const Envoy::Compression::Compressor::CompressorFactoryPtr compressor_factory_; }; } // namespace Compressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/compressor/config.cc ================================================ #include "extensions/filters/http/compressor/config.h" #include "envoy/compression/compressor/config.h" #include "common/config/utility.h" #include "extensions/filters/http/compressor/compressor_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { Http::FilterFactoryCb CompressorFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { // TODO(rojkov): instead of throwing an exception make the Compressor.compressor_library field // required when the Gzip HTTP-filter is fully deprecated and removed. if (!proto_config.has_compressor_library()) { throw EnvoyException("Compressor filter doesn't have compressor_library defined"); } const std::string type{TypeUtil::typeUrlToDescriptorFullName( proto_config.compressor_library().typed_config().type_url())}; Compression::Compressor::NamedCompressorLibraryConfigFactory* const config_factory = Registry::FactoryRegistry< Compression::Compressor::NamedCompressorLibraryConfigFactory>::getFactoryByType(type); if (config_factory == nullptr) { throw EnvoyException( fmt::format("Didn't find a registered implementation for type: '{}'", type)); } ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( proto_config.compressor_library().typed_config(), context.messageValidationVisitor(), *config_factory); Compression::Compressor::CompressorFactoryPtr compressor_factory = config_factory->createCompressorFactoryFromProto(*message, context); Common::Compressors::CompressorFilterConfigSharedPtr config = std::make_shared(proto_config, stats_prefix, context.scope(), context.runtime(), std::move(compressor_factory)); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(config)); }; } /** * Static registration for the compressor filter. @see NamedHttpFilterConfigFactory. */ REGISTER_FACTORY(CompressorFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace Compressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/compressor/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { /** * Config registration for the compressor filter. @see NamedHttpFilterConfigFactory. */ class CompressorFilterFactory : public Common::FactoryBase { public: CompressorFilterFactory() : FactoryBase(HttpFilterNames::get().Compressor) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::compressor::v3::Compressor& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(CompressorFilterFactory); } // namespace Compressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cors/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter which implements CORS processing (https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) # Public docs: docs/root/configuration/http_filters/cors_filter.rst envoy_extension_package() envoy_cc_library( name = "cors_filter_lib", srcs = ["cors_filter.cc"], hdrs = ["cors_filter.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/cors:cors_filter_lib", "@envoy_api//envoy/extensions/filters/http/cors/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/cors/config.cc ================================================ #include "extensions/filters/http/cors/config.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/cors/cors_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cors { Http::FilterFactoryCb CorsFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cors::v3::Cors&, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { CorsFilterConfigSharedPtr config = std::make_shared(stats_prefix, context.scope()); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(config)); }; } /** * Static registration for the cors filter. @see RegisterFactory. */ REGISTER_FACTORY(CorsFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.cors"}; } // namespace Cors } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cors/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/cors/v3/cors.pb.h" #include "envoy/extensions/filters/http/cors/v3/cors.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cors { /** * Config registration for the cors filter. @see NamedHttpFilterConfigFactory. */ class CorsFilterFactory : public Common::FactoryBase { public: CorsFilterFactory() : FactoryBase(HttpFilterNames::get().Cors) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cors::v3::Cors& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Cors } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cors/cors_filter.cc ================================================ #include "extensions/filters/http/cors/cors_filter.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cors { struct HttpResponseCodeDetailValues { const absl::string_view CorsResponse = "cors_response"; }; using HttpResponseCodeDetails = ConstSingleton; Http::RegisterCustomInlineHeader access_control_request_method_handle(Http::CustomHeaders::get().AccessControlRequestMethod); Http::RegisterCustomInlineHeader origin_handle(Http::CustomHeaders::get().Origin); Http::RegisterCustomInlineHeader access_control_allow_origin_handle(Http::CustomHeaders::get().AccessControlAllowOrigin); Http::RegisterCustomInlineHeader access_control_allow_credentials_handle( Http::CustomHeaders::get().AccessControlAllowCredentials); Http::RegisterCustomInlineHeader access_control_allow_methods_handle(Http::CustomHeaders::get().AccessControlAllowMethods); Http::RegisterCustomInlineHeader access_control_allow_headers_handle(Http::CustomHeaders::get().AccessControlAllowHeaders); Http::RegisterCustomInlineHeader access_control_max_age_handle(Http::CustomHeaders::get().AccessControlMaxAge); Http::RegisterCustomInlineHeader access_control_expose_headers_handle(Http::CustomHeaders::get().AccessControlExposeHeaders); CorsFilterConfig::CorsFilterConfig(const std::string& stats_prefix, Stats::Scope& scope) : stats_(generateStats(stats_prefix + "cors.", scope)) {} CorsFilter::CorsFilter(CorsFilterConfigSharedPtr config) : policies_({{nullptr, nullptr}}), config_(std::move(config)) {} // This handles the CORS preflight request as described in // https://www.w3.org/TR/cors/#resource-preflight-requests Http::FilterHeadersStatus CorsFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { if (decoder_callbacks_->route() == nullptr || decoder_callbacks_->route()->routeEntry() == nullptr) { return Http::FilterHeadersStatus::Continue; } policies_ = {{ decoder_callbacks_->route()->routeEntry()->corsPolicy(), decoder_callbacks_->route()->routeEntry()->virtualHost().corsPolicy(), }}; if (!enabled() && !shadowEnabled()) { return Http::FilterHeadersStatus::Continue; } origin_ = headers.getInline(origin_handle.handle()); if (origin_ == nullptr || origin_->value().empty()) { return Http::FilterHeadersStatus::Continue; } if (!isOriginAllowed(origin_->value())) { config_->stats().origin_invalid_.inc(); return Http::FilterHeadersStatus::Continue; } config_->stats().origin_valid_.inc(); if (shadowEnabled() && !enabled()) { return Http::FilterHeadersStatus::Continue; } is_cors_request_ = true; const absl::string_view method = headers.getMethodValue(); if (method != Http::Headers::get().MethodValues.Options) { return Http::FilterHeadersStatus::Continue; } if (headers.getInlineValue(access_control_request_method_handle.handle()).empty()) { return Http::FilterHeadersStatus::Continue; } auto response_headers{Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::OK))}})}; response_headers->setInline(access_control_allow_origin_handle.handle(), origin_->value().getStringView()); if (allowCredentials()) { response_headers->setReferenceInline(access_control_allow_credentials_handle.handle(), Http::CustomHeaders::get().CORSValues.True); } if (!allowMethods().empty()) { response_headers->setInline(access_control_allow_methods_handle.handle(), allowMethods()); } if (!allowHeaders().empty()) { response_headers->setInline(access_control_allow_headers_handle.handle(), allowHeaders()); } if (!maxAge().empty()) { response_headers->setInline(access_control_max_age_handle.handle(), maxAge()); } decoder_callbacks_->encodeHeaders(std::move(response_headers), true, HttpResponseCodeDetails::get().CorsResponse); return Http::FilterHeadersStatus::StopIteration; } // This handles simple CORS requests as described in // https://www.w3.org/TR/cors/#resource-requests Http::FilterHeadersStatus CorsFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { if (!is_cors_request_) { return Http::FilterHeadersStatus::Continue; } headers.setInline(access_control_allow_origin_handle.handle(), origin_->value().getStringView()); if (allowCredentials()) { headers.setReferenceInline(access_control_allow_credentials_handle.handle(), Http::CustomHeaders::get().CORSValues.True); } if (!exposeHeaders().empty()) { headers.setInline(access_control_expose_headers_handle.handle(), exposeHeaders()); } return Http::FilterHeadersStatus::Continue; } void CorsFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; } bool CorsFilter::isOriginAllowed(const Http::HeaderString& origin) { const auto allow_origins = allowOrigins(); if (allow_origins == nullptr) { return false; } for (const auto& allow_origin : *allow_origins) { if (allow_origin->match("*") || allow_origin->match(origin.getStringView())) { return true; } } return false; } const std::vector* CorsFilter::allowOrigins() { for (const auto policy : policies_) { if (policy && !policy->allowOrigins().empty()) { return &policy->allowOrigins(); } } return nullptr; } const std::string& CorsFilter::allowMethods() { for (const auto policy : policies_) { if (policy && !policy->allowMethods().empty()) { return policy->allowMethods(); } } return EMPTY_STRING; } const std::string& CorsFilter::allowHeaders() { for (const auto policy : policies_) { if (policy && !policy->allowHeaders().empty()) { return policy->allowHeaders(); } } return EMPTY_STRING; } const std::string& CorsFilter::exposeHeaders() { for (const auto policy : policies_) { if (policy && !policy->exposeHeaders().empty()) { return policy->exposeHeaders(); } } return EMPTY_STRING; } const std::string& CorsFilter::maxAge() { for (const auto policy : policies_) { if (policy && !policy->maxAge().empty()) { return policy->maxAge(); } } return EMPTY_STRING; } bool CorsFilter::allowCredentials() { for (const auto policy : policies_) { if (policy && policy->allowCredentials()) { return policy->allowCredentials().value(); } } return false; } bool CorsFilter::shadowEnabled() { for (const auto policy : policies_) { if (policy) { return policy->shadowEnabled(); } } return false; } bool CorsFilter::enabled() { for (const auto policy : policies_) { if (policy) { return policy->enabled(); } } return false; } } // namespace Cors } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/cors/cors_filter.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Cors { /** * All CORS filter stats. @see stats_macros.h */ #define ALL_CORS_STATS(COUNTER) \ COUNTER(origin_valid) \ COUNTER(origin_invalid) /** * Struct definition for CORS stats. @see stats_macros.h */ struct CorsStats { ALL_CORS_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the CORS filter. */ class CorsFilterConfig { public: CorsFilterConfig(const std::string& stats_prefix, Stats::Scope& scope); CorsStats& stats() { return stats_; } private: static CorsStats generateStats(const std::string& prefix, Stats::Scope& scope) { return CorsStats{ALL_CORS_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } CorsStats stats_; }; using CorsFilterConfigSharedPtr = std::shared_ptr; class CorsFilter : public Http::StreamFilter { public: CorsFilter(CorsFilterConfigSharedPtr config); // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; }; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; }; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; }; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override { return Http::FilterTrailersStatus::Continue; }; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; }; private: friend class CorsFilterTest; const std::vector* allowOrigins(); const std::string& allowMethods(); const std::string& allowHeaders(); const std::string& exposeHeaders(); const std::string& maxAge(); bool allowCredentials(); bool shadowEnabled(); bool enabled(); bool isOriginAllowed(const Http::HeaderString& origin); Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; std::array policies_; bool is_cors_request_{}; const Http::HeaderEntry* origin_{}; CorsFilterConfigSharedPtr config_; }; } // namespace Cors } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/csrf/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter which implements CSRF processing (https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)) # Public docs: docs/root/configuration/http_filters/csrf_filter.rst envoy_extension_package() envoy_cc_library( name = "csrf_filter_lib", srcs = ["csrf_filter.cc"], hdrs = ["csrf_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:matchers_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/csrf/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/csrf:csrf_filter_lib", "@envoy_api//envoy/extensions/filters/http/csrf/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/csrf/config.cc ================================================ #include "extensions/filters/http/csrf/config.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/csrf/csrf_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Csrf { Http::FilterFactoryCb CsrfFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { CsrfFilterConfigSharedPtr config = std::make_shared(policy, stats_prefix, context.scope(), context.runtime()); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr CsrfFilterFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor&) { return std::make_shared(policy, context.runtime()); } /** * Static registration for the CSRF filter. @see RegisterFactory. */ REGISTER_FACTORY(CsrfFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.csrf"}; } // namespace Csrf } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/csrf/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Csrf { /** * Config registration for the CSRF filter. @see NamedHttpFilterConfigFactory. */ class CsrfFilterFactory : public Common::FactoryBase { public: CsrfFilterFactory() : FactoryBase(HttpFilterNames::get().Csrf) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace Csrf } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/csrf/csrf_filter.cc ================================================ #include "extensions/filters/http/csrf/csrf_filter.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/stats/scope.h" #include "common/common/empty_string.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Csrf { Http::RegisterCustomInlineHeader origin_handle(Http::CustomHeaders::get().Origin); Http::RegisterCustomInlineHeader referer_handle(Http::CustomHeaders::get().Referer); struct RcDetailsValues { const std::string OriginMismatch = "csrf_origin_mismatch"; }; using RcDetails = ConstSingleton; namespace { bool isModifyMethod(const Http::RequestHeaderMap& headers) { const absl::string_view method_type = headers.getMethodValue(); if (method_type.empty()) { return false; } const auto& method_values = Http::Headers::get().MethodValues; return (method_type == method_values.Post || method_type == method_values.Put || method_type == method_values.Delete || method_type == method_values.Patch); } std::string hostAndPort(const absl::string_view absolute_url) { Http::Utility::Url url; if (!absolute_url.empty()) { if (url.initialize(absolute_url, /*is_connect=*/false)) { return std::string(url.hostAndPort()); } return std::string(absolute_url); } return EMPTY_STRING; } // Note: per https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin, // the Origin header must include the scheme (and hostAndPort expects // an absolute URL). std::string sourceOriginValue(const Http::RequestHeaderMap& headers) { const auto origin = hostAndPort(headers.getInlineValue(origin_handle.handle())); if (!origin.empty()) { return origin; } return hostAndPort(headers.getInlineValue(referer_handle.handle())); } std::string targetOriginValue(const Http::RequestHeaderMap& headers) { const auto host_value = headers.getHostValue(); // Don't even bother if there's not Host header. if (host_value.empty()) { return EMPTY_STRING; } const auto absolute_url = fmt::format( "{}://{}", headers.Scheme() != nullptr ? headers.getSchemeValue() : "http", host_value); return hostAndPort(absolute_url); } static CsrfStats generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "csrf."; return CsrfStats{ALL_CSRF_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } static CsrfPolicyPtr generatePolicy(const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, Runtime::Loader& runtime) { return std::make_unique(policy, runtime); } } // namespace CsrfFilterConfig::CsrfFilterConfig( const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : stats_(generateStats(stats_prefix, scope)), policy_(generatePolicy(policy, runtime)) {} CsrfFilter::CsrfFilter(const CsrfFilterConfigSharedPtr config) : config_(config) {} Http::FilterHeadersStatus CsrfFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { determinePolicy(); if (!policy_->enabled() && !policy_->shadowEnabled()) { return Http::FilterHeadersStatus::Continue; } if (!isModifyMethod(headers)) { return Http::FilterHeadersStatus::Continue; } bool is_valid = true; const auto source_origin = sourceOriginValue(headers); if (source_origin.empty()) { is_valid = false; config_->stats().missing_source_origin_.inc(); } if (!isValid(source_origin, headers)) { is_valid = false; config_->stats().request_invalid_.inc(); } if (is_valid == true) { config_->stats().request_valid_.inc(); return Http::FilterHeadersStatus::Continue; } if (policy_->shadowEnabled() && !policy_->enabled()) { return Http::FilterHeadersStatus::Continue; } callbacks_->sendLocalReply(Http::Code::Forbidden, "Invalid origin", nullptr, absl::nullopt, RcDetails::get().OriginMismatch); return Http::FilterHeadersStatus::StopIteration; } void CsrfFilter::determinePolicy() { const std::string& name = Extensions::HttpFilters::HttpFilterNames::get().Csrf; const CsrfPolicy* policy = Http::Utility::resolveMostSpecificPerFilterConfig(name, callbacks_->route()); if (policy != nullptr) { policy_ = policy; } else { policy_ = config_->policy(); } } bool CsrfFilter::isValid(const absl::string_view source_origin, Http::RequestHeaderMap& headers) { const auto target_origin = targetOriginValue(headers); if (source_origin == target_origin) { return true; } for (const auto& additional_origin : policy_->additionalOrigins()) { if (additional_origin->match(source_origin)) { return true; } } return false; } } // namespace Csrf } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/csrf/csrf_filter.h ================================================ #pragma once #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/buffer/buffer_impl.h" #include "common/common/matchers.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Csrf { /** * All CSRF filter stats. @see stats_macros.h */ #define ALL_CSRF_STATS(COUNTER) \ COUNTER(missing_source_origin) \ COUNTER(request_invalid) \ COUNTER(request_valid) /** * Struct definition for CSRF stats. @see stats_macros.h */ struct CsrfStats { ALL_CSRF_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for CSRF policy. */ class CsrfPolicy : public Router::RouteSpecificFilterConfig { public: CsrfPolicy(const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, Runtime::Loader& runtime) : policy_(policy), runtime_(runtime) { for (const auto& additional_origin : policy.additional_origins()) { additional_origins_.emplace_back( std::make_unique(additional_origin)); } } bool enabled() const { const envoy::config::core::v3::RuntimeFractionalPercent& filter_enabled = policy_.filter_enabled(); return runtime_.snapshot().featureEnabled(filter_enabled.runtime_key(), filter_enabled.default_value()); } bool shadowEnabled() const { if (!policy_.has_shadow_enabled()) { return false; } const envoy::config::core::v3::RuntimeFractionalPercent& shadow_enabled = policy_.shadow_enabled(); return runtime_.snapshot().featureEnabled(shadow_enabled.runtime_key(), shadow_enabled.default_value()); } const std::vector& additionalOrigins() const { return additional_origins_; }; private: const envoy::extensions::filters::http::csrf::v3::CsrfPolicy policy_; std::vector additional_origins_; Runtime::Loader& runtime_; }; using CsrfPolicyPtr = std::unique_ptr; /** * Configuration for the CSRF filter. */ class CsrfFilterConfig { public: CsrfFilterConfig(const envoy::extensions::filters::http::csrf::v3::CsrfPolicy& policy, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); CsrfStats& stats() { return stats_; } const CsrfPolicy* policy() { return policy_.get(); } private: CsrfStats stats_; const CsrfPolicyPtr policy_; }; using CsrfFilterConfigSharedPtr = std::shared_ptr; class CsrfFilter : public Http::StreamDecoderFilter { public: CsrfFilter(CsrfFilterConfigSharedPtr config); // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { callbacks_ = &callbacks; } private: void determinePolicy(); bool isValid(const absl::string_view source_origin, Http::RequestHeaderMap& headers); Http::StreamDecoderFilterCallbacks* callbacks_{}; CsrfFilterConfigSharedPtr config_; const CsrfPolicy* policy_; }; } // namespace Csrf } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/decompressor/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that performs decompression with configurable decompression libraries # Public docs: docs/root/configuration/http_filters/decompressor_filter.rst envoy_extension_package() envoy_cc_library( name = "decompressor_filter_lib", srcs = ["decompressor_filter.cc"], hdrs = ["decompressor_filter.h"], deps = [ "//include/envoy/compression/decompressor:decompressor_config_interface", "//include/envoy/compression/decompressor:decompressor_interface", "//include/envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:macros", "//source/common/http:headers_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/decompressor/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":decompressor_filter_lib", "//include/envoy/compression/decompressor:decompressor_config_interface", "//source/common/config:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/decompressor/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/decompressor/config.cc ================================================ #include "extensions/filters/http/decompressor/config.h" #include "envoy/compression/decompressor/config.h" #include "common/config/utility.h" #include "extensions/filters/http/decompressor/decompressor_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Decompressor { Http::FilterFactoryCb DecompressorFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::decompressor::v3::Decompressor& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { const std::string decompressor_library_type{TypeUtil::typeUrlToDescriptorFullName( proto_config.decompressor_library().typed_config().type_url())}; Compression::Decompressor::NamedDecompressorLibraryConfigFactory* const decompressor_library_factory = Registry::FactoryRegistry< Compression::Decompressor::NamedDecompressorLibraryConfigFactory>:: getFactoryByType(decompressor_library_type); if (decompressor_library_factory == nullptr) { throw EnvoyException(fmt::format("Didn't find a registered implementation for type: '{}'", decompressor_library_type)); } ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( proto_config.decompressor_library().typed_config(), context.messageValidationVisitor(), *decompressor_library_factory); Compression::Decompressor::DecompressorFactoryPtr decompressor_factory = decompressor_library_factory->createDecompressorFactoryFromProto(*message, context); DecompressorFilterConfigSharedPtr filter_config = std::make_shared( proto_config, stats_prefix, context.scope(), context.runtime(), std::move(decompressor_factory)); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(filter_config)); }; } /** * Static registration for the decompressor filter. @see NamedHttpFilterConfigFactory. */ REGISTER_FACTORY(DecompressorFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/decompressor/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.h" #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Decompressor { /** * Config registration for the decompressor filter. @see NamedHttpFilterConfigFactory. */ class DecompressorFilterFactory : public Common::FactoryBase { public: DecompressorFilterFactory() : FactoryBase(HttpFilterNames::get().Decompressor) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::decompressor::v3::Decompressor& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(DecompressorFilterFactory); } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/decompressor/decompressor_filter.cc ================================================ #include "extensions/filters/http/decompressor/decompressor_filter.h" #include "common/buffer/buffer_impl.h" #include "common/common/empty_string.h" #include "common/common/macros.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Decompressor { Http::RegisterCustomInlineHeader accept_encoding_handle(Http::CustomHeaders::get().AcceptEncoding); Http::RegisterCustomInlineHeader cache_control_request_handle(Http::CustomHeaders::get().CacheControl); Http::RegisterCustomInlineHeader content_encoding_request_handle(Http::CustomHeaders::get().ContentEncoding); Http::RegisterCustomInlineHeader cache_control_response_handle(Http::CustomHeaders::get().CacheControl); Http::RegisterCustomInlineHeader content_encoding_response_handle(Http::CustomHeaders::get().ContentEncoding); DecompressorFilterConfig::DecompressorFilterConfig( const envoy::extensions::filters::http::decompressor::v3::Decompressor& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Compression::Decompressor::DecompressorFactoryPtr decompressor_factory) : stats_prefix_(fmt::format("{}decompressor.{}.{}", stats_prefix, proto_config.decompressor_library().name(), decompressor_factory->statsPrefix())), trailers_prefix_(fmt::format("{}-decompressor-{}", ThreadSafeSingleton::get().prefix(), proto_config.decompressor_library().name())), decompressor_stats_prefix_(stats_prefix_ + "decompressor_library"), decompressor_factory_(std::move(decompressor_factory)), request_direction_config_(proto_config.request_direction_config(), stats_prefix_, scope, runtime), response_direction_config_(proto_config.response_direction_config(), stats_prefix_, scope, runtime) {} DecompressorFilterConfig::DirectionConfig::DirectionConfig( const envoy::extensions::filters::http::decompressor::v3::Decompressor::CommonDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : stats_(generateStats(stats_prefix, scope)), decompression_enabled_(proto_config.enabled(), runtime) {} DecompressorFilterConfig::RequestDirectionConfig::RequestDirectionConfig( const envoy::extensions::filters::http::decompressor::v3::Decompressor::RequestDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : DirectionConfig(proto_config.common_config(), stats_prefix + "request.", scope, runtime), advertise_accept_encoding_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config, advertise_accept_encoding, true)) {} DecompressorFilterConfig::ResponseDirectionConfig::ResponseDirectionConfig( const envoy::extensions::filters::http::decompressor::v3::Decompressor::ResponseDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : DirectionConfig(proto_config.common_config(), stats_prefix + "response.", scope, runtime) {} DecompressorFilter::DecompressorFilter(DecompressorFilterConfigSharedPtr config) : config_(std::move(config)), request_byte_tracker_(config_->trailersCompressedBytesString(), config_->trailersUncompressedBytesString()), response_byte_tracker_(config_->trailersCompressedBytesString(), config_->trailersUncompressedBytesString()) {} Http::FilterHeadersStatus DecompressorFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { // Two responsibilities on the request side: // 1. If response decompression is enabled (and advertisement is enabled), then advertise to // the upstream that this hop is able to decompress responses via the Accept-Encoding header. if (config_->responseDirectionConfig().decompressionEnabled() && config_->requestDirectionConfig().advertiseAcceptEncoding()) { headers.appendInline(accept_encoding_handle.handle(), config_->contentEncoding(), ","); ENVOY_STREAM_LOG(debug, "DecompressorFilter::decodeHeaders advertise Accept-Encoding with value '{}'", *decoder_callbacks_, headers.getInlineValue(accept_encoding_handle.handle())); } // Headers-only requests do not, by definition, get decompressed. if (end_stream) { return Http::FilterHeadersStatus::Continue; } ENVOY_STREAM_LOG(debug, "DecompressorFilter::decodeHeaders: {}", *decoder_callbacks_, headers); // 2. Setup request decompression if all checks comply. return maybeInitDecompress(config_->requestDirectionConfig(), request_decompressor_, *decoder_callbacks_, headers); }; Http::FilterDataStatus DecompressorFilter::decodeData(Buffer::Instance& data, bool end_stream) { if (request_decompressor_) { HeaderMapOptRef trailers; if (end_stream) { trailers = HeaderMapOptRef(std::ref(decoder_callbacks_->addDecodedTrailers())); } decompress(config_->requestDirectionConfig(), request_decompressor_, *decoder_callbacks_, data, request_byte_tracker_, trailers); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus DecompressorFilter::decodeTrailers(Http::RequestTrailerMap& trailers) { // Only report if the filter has actually decompressed. if (request_decompressor_) { request_byte_tracker_.reportTotalBytes(trailers); } return Http::FilterTrailersStatus::Continue; } Http::FilterHeadersStatus DecompressorFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { // Headers only response, continue. if (end_stream) { return Http::FilterHeadersStatus::Continue; } ENVOY_STREAM_LOG(debug, "DecompressorFilter::encodeHeaders: {}", *encoder_callbacks_, headers); return maybeInitDecompress(config_->responseDirectionConfig(), response_decompressor_, *encoder_callbacks_, headers); } Http::FilterDataStatus DecompressorFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (response_decompressor_) { HeaderMapOptRef trailers; if (end_stream) { trailers = HeaderMapOptRef(std::ref(encoder_callbacks_->addEncodedTrailers())); } decompress(config_->responseDirectionConfig(), response_decompressor_, *encoder_callbacks_, data, response_byte_tracker_, trailers); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus DecompressorFilter::encodeTrailers(Http::ResponseTrailerMap& trailers) { // Only report if the filter has actually decompressed. if (response_decompressor_) { response_byte_tracker_.reportTotalBytes(trailers); } return Http::FilterTrailersStatus::Continue; } void DecompressorFilter::decompress( const DecompressorFilterConfig::DirectionConfig& direction_config, const Compression::Decompressor::DecompressorPtr& decompressor, Http::StreamFilterCallbacks& callbacks, Buffer::Instance& input_buffer, ByteTracker& byte_tracker, HeaderMapOptRef trailers) const { ASSERT(decompressor); Buffer::OwnedImpl output_buffer; decompressor->decompress(input_buffer, output_buffer); // Report decompression via stats and logging before modifying the input buffer. byte_tracker.chargeBytes(input_buffer.length(), output_buffer.length()); direction_config.stats().total_compressed_bytes_.add(input_buffer.length()); direction_config.stats().total_uncompressed_bytes_.add(output_buffer.length()); ENVOY_STREAM_LOG(debug, "{} data decompressed from {} bytes to {} bytes", callbacks, direction_config.logString(), input_buffer.length(), output_buffer.length()); input_buffer.drain(input_buffer.length()); input_buffer.add(output_buffer); if (trailers.has_value()) { byte_tracker.reportTotalBytes(trailers.value().get()); } } template <> Http::CustomInlineHeaderRegistry::Handle DecompressorFilter::getCacheControlHandle() { return cache_control_request_handle.handle(); } template <> Http::CustomInlineHeaderRegistry::Handle DecompressorFilter::getCacheControlHandle() { return cache_control_response_handle.handle(); } template <> Http::CustomInlineHeaderRegistry::Handle DecompressorFilter::getContentEncodingHandle() { return content_encoding_request_handle.handle(); } template <> Http::CustomInlineHeaderRegistry::Handle DecompressorFilter::getContentEncodingHandle() { return content_encoding_response_handle.handle(); } } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/decompressor/decompressor_filter.h ================================================ #pragma once #include "envoy/compression/decompressor/config.h" #include "envoy/compression/decompressor/decompressor.h" #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.h" #include "envoy/http/filter.h" #include "common/common/macros.h" #include "common/http/headers.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Decompressor { /** * All decompressor filter stats. @see stats_macros.h */ #define ALL_DECOMPRESSOR_STATS(COUNTER) \ COUNTER(decompressed) \ COUNTER(not_decompressed) \ COUNTER(total_uncompressed_bytes) \ COUNTER(total_compressed_bytes) /** * Struct definition for decompressor stats. @see stats_macros.h */ struct DecompressorStats { ALL_DECOMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the decompressor filter. */ class DecompressorFilterConfig { public: class DirectionConfig { public: DirectionConfig(const envoy::extensions::filters::http::decompressor::v3::Decompressor:: CommonDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); virtual ~DirectionConfig() = default; virtual const std::string& logString() const PURE; const DecompressorStats& stats() const { return stats_; } bool decompressionEnabled() const { return decompression_enabled_.enabled(); } private: static DecompressorStats generateStats(const std::string& prefix, Stats::Scope& scope) { return DecompressorStats{ALL_DECOMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } const DecompressorStats stats_; const Runtime::FeatureFlag decompression_enabled_; }; class RequestDirectionConfig : public DirectionConfig { public: RequestDirectionConfig(const envoy::extensions::filters::http::decompressor::v3::Decompressor:: RequestDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); // DirectionConfig const std::string& logString() const override { CONSTRUCT_ON_FIRST_USE(std::string, "request"); } bool advertiseAcceptEncoding() const { return advertise_accept_encoding_; } private: const bool advertise_accept_encoding_; }; class ResponseDirectionConfig : public DirectionConfig { public: ResponseDirectionConfig(const envoy::extensions::filters::http::decompressor::v3::Decompressor:: ResponseDirectionConfig& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); // DirectionConfig const std::string& logString() const override { CONSTRUCT_ON_FIRST_USE(std::string, "response"); } }; DecompressorFilterConfig( const envoy::extensions::filters::http::decompressor::v3::Decompressor& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Compression::Decompressor::DecompressorFactoryPtr decompressor_factory); Compression::Decompressor::DecompressorPtr makeDecompressor() { return decompressor_factory_->createDecompressor(decompressor_stats_prefix_); } const std::string& contentEncoding() { return decompressor_factory_->contentEncoding(); } const RequestDirectionConfig& requestDirectionConfig() { return request_direction_config_; } const ResponseDirectionConfig& responseDirectionConfig() { return response_direction_config_; } const Http::LowerCaseString& trailersCompressedBytesString() const { CONSTRUCT_ON_FIRST_USE(Http::LowerCaseString, Http::LowerCaseString(fmt::format( "{}-compressed-bytes", trailers_prefix_))); } const Http::LowerCaseString& trailersUncompressedBytesString() const { CONSTRUCT_ON_FIRST_USE(Http::LowerCaseString, Http::LowerCaseString(fmt::format( "{}-uncompressed-bytes", trailers_prefix_))); } private: const std::string stats_prefix_; const std::string trailers_prefix_; const std::string decompressor_stats_prefix_; const Compression::Decompressor::DecompressorFactoryPtr decompressor_factory_; const RequestDirectionConfig request_direction_config_; const ResponseDirectionConfig response_direction_config_; }; using DecompressorFilterConfigSharedPtr = std::shared_ptr; /** * A filter that decompresses data bidirectionally. */ class DecompressorFilter : public Http::PassThroughFilter, public Logger::Loggable { public: DecompressorFilter(DecompressorFilterConfigSharedPtr config); // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; private: struct ByteTracker { ByteTracker(const Http::LowerCaseString& compressed_bytes_trailer, const Http::LowerCaseString& uncompressed_bytes_trailer) : compressed_bytes_trailer_(compressed_bytes_trailer), uncompressed_bytes_trailer_(uncompressed_bytes_trailer) {} void chargeBytes(uint64_t compressed_bytes, uint64_t uncompressed_bytes) { total_compressed_bytes_ += compressed_bytes; total_uncompressed_bytes_ += uncompressed_bytes; } void reportTotalBytes(Http::HeaderMap& trailers) const { trailers.addReferenceKey(compressed_bytes_trailer_, total_compressed_bytes_); trailers.addReferenceKey(uncompressed_bytes_trailer_, total_uncompressed_bytes_); } private: const Http::LowerCaseString& compressed_bytes_trailer_; const Http::LowerCaseString& uncompressed_bytes_trailer_; uint64_t total_compressed_bytes_{}; uint64_t total_uncompressed_bytes_{}; }; using ByteTrackerOptConstRef = absl::optional>; template Http::FilterHeadersStatus maybeInitDecompress(const DecompressorFilterConfig::DirectionConfig& direction_config, Compression::Decompressor::DecompressorPtr& decompressor, Http::StreamFilterCallbacks& callbacks, HeaderType& headers) { if (direction_config.decompressionEnabled() && !hasCacheControlNoTransform(headers) && contentEncodingMatches(headers)) { direction_config.stats().decompressed_.inc(); decompressor = config_->makeDecompressor(); // Update headers. headers.removeContentLength(); modifyContentEncoding(headers); ENVOY_STREAM_LOG(debug, "do decompress {}: {}", callbacks, direction_config.logString(), headers); } else { direction_config.stats().not_decompressed_.inc(); ENVOY_STREAM_LOG(debug, "do not decompress {}: {}", callbacks, direction_config.logString(), headers); } return Http::FilterHeadersStatus::Continue; } using HeaderMapOptRef = absl::optional>; void decompress(const DecompressorFilterConfig::DirectionConfig& direction_config, const Compression::Decompressor::DecompressorPtr& decompressor, Http::StreamFilterCallbacks& callbacks, Buffer::Instance& input_buffer, ByteTracker& byte_tracker, HeaderMapOptRef trailers) const; // TODO(junr03): These can be shared between compressor and decompressor. template static Http::CustomInlineHeaderRegistry::Handle getCacheControlHandle(); template static bool hasCacheControlNoTransform(HeaderType& headers) { const auto handle = getCacheControlHandle(); return headers.getInline(handle) ? StringUtil::caseFindToken( headers.getInlineValue(handle), ",", Http::CustomHeaders::get().CacheControlValues.NoTransform) : false; } /** * Content-Encoding matches if the configured encoding is the first value in the comma-delimited * Content-Encoding header, regardless of spacing and casing. */ template static Http::CustomInlineHeaderRegistry::Handle getContentEncodingHandle(); template bool contentEncodingMatches(HeaderType& headers) const { const auto handle = getContentEncodingHandle(); if (headers.getInline(handle)) { absl::string_view coding = StringUtil::trim(StringUtil::cropRight(headers.getInlineValue(handle), ",")); return StringUtil::CaseInsensitiveCompare()(config_->contentEncoding(), coding); } return false; } template static void modifyContentEncoding(HeaderType& headers) { const auto handle = getContentEncodingHandle(); const auto all_codings = StringUtil::trim(headers.getInlineValue(handle)); const auto remaining_codings = StringUtil::trim(StringUtil::cropLeft(all_codings, ",")); if (remaining_codings != all_codings) { headers.setInline(handle, remaining_codings); } else { headers.removeInline(handle); } } DecompressorFilterConfigSharedPtr config_; Compression::Decompressor::DecompressorPtr request_decompressor_{}; Compression::Decompressor::DecompressorPtr response_decompressor_{}; ByteTracker request_byte_tracker_; ByteTracker response_byte_tracker_; }; } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamic_forward_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "proxy_filter_lib", srcs = ["proxy_filter.cc"], hdrs = ["proxy_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//source/common/runtime:runtime_features_lib", "//source/extensions/clusters:well_known_names", "//source/extensions/common/dynamic_forward_proxy:dns_cache_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/dynamic_forward_proxy:proxy_filter_lib", "@envoy_api//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/dynamic_forward_proxy/config.cc ================================================ #include "extensions/filters/http/dynamic_forward_proxy/config.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.validate.h" #include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" #include "extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace DynamicForwardProxy { Http::FilterFactoryCb DynamicForwardProxyFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactoryImpl cache_manager_factory( context.singletonManager(), context.dispatcher(), context.threadLocal(), context.api().randomGenerator(), context.runtime(), context.scope()); ProxyFilterConfigSharedPtr filter_config(std::make_shared( proto_config, cache_manager_factory, context.clusterManager())); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(filter_config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr DynamicForwardProxyFilterFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig& config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(config); } /** * Static registration for the dynamic forward proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(DynamicForwardProxyFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace DynamicForwardProxy } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamic_forward_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace DynamicForwardProxy { /** * Config registration for the dynamic forward proxy filter. */ class DynamicForwardProxyFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig, envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig> { public: DynamicForwardProxyFilterFactory() : FactoryBase(HttpFilterNames::get().DynamicForwardProxy) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig& config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; }; DECLARE_FACTORY(DynamicForwardProxyFilterFactory); } // namespace DynamicForwardProxy } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc ================================================ #include "extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "common/runtime/runtime_features.h" #include "extensions/clusters/well_known_names.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace DynamicForwardProxy { struct ResponseStringValues { const std::string DnsCacheOverflow = "DNS cache overflow"; const std::string PendingRequestOverflow = "Dynamic forward proxy pending request overflow"; }; using CustomClusterType = envoy::config::cluster::v3::Cluster::CustomClusterType; using ResponseStrings = ConstSingleton; using LoadDnsCacheEntryStatus = Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryStatus; ProxyFilterConfig::ProxyFilterConfig( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig& proto_config, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, Upstream::ClusterManager& cluster_manager) : dns_cache_manager_(cache_manager_factory.get()), dns_cache_(dns_cache_manager_->getCache(proto_config.dns_cache_config())), cluster_manager_(cluster_manager) {} ProxyPerRouteConfig::ProxyPerRouteConfig( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig& config) : host_rewrite_(config.host_rewrite_literal()), host_rewrite_header_(Http::LowerCaseString(config.host_rewrite_header())) {} void ProxyFilter::onDestroy() { // Make sure we destroy any active cache load handle in case we are getting reset and deferred // deleted. cache_load_handle_.reset(); circuit_breaker_.reset(); } Http::FilterHeadersStatus ProxyFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { Router::RouteConstSharedPtr route = decoder_callbacks_->route(); const Router::RouteEntry* route_entry; if (!route || !(route_entry = route->routeEntry())) { return Http::FilterHeadersStatus::Continue; } Upstream::ThreadLocalCluster* cluster = config_->clusterManager().get(route_entry->clusterName()); if (!cluster) { return Http::FilterHeadersStatus::Continue; } cluster_info_ = cluster->info(); // We only need to do DNS lookups for hosts in dynamic forward proxy clusters, // since the other cluster types do their own DNS management. const absl::optional& cluster_type = cluster_info_->clusterType(); if (!cluster_type) { return Http::FilterHeadersStatus::Continue; } if (cluster_type->name() != Envoy::Extensions::Clusters::ClusterTypes::get().DynamicForwardProxy) { return Http::FilterHeadersStatus::Continue; } const bool should_use_dns_cache_circuit_breakers = Runtime::runtimeFeatureEnabled("envoy.reloadable_features.enable_dns_cache_circuit_breakers"); circuit_breaker_ = config_->cache().canCreateDnsRequest( !should_use_dns_cache_circuit_breakers ? absl::make_optional(std::reference_wrapper( cluster_info_->resourceManager(route_entry->priority()).pendingRequests())) : absl::nullopt); if (circuit_breaker_ == nullptr) { if (!should_use_dns_cache_circuit_breakers) { cluster_info_->stats().upstream_rq_pending_overflow_.inc(); } ENVOY_STREAM_LOG(debug, "pending request overflow", *this->decoder_callbacks_); this->decoder_callbacks_->sendLocalReply( Http::Code::ServiceUnavailable, ResponseStrings::get().PendingRequestOverflow, nullptr, absl::nullopt, ResponseStrings::get().PendingRequestOverflow); return Http::FilterHeadersStatus::StopIteration; } uint16_t default_port = 80; if (cluster_info_->transportSocketMatcher() .resolve(nullptr) .factory_.implementsSecureTransport()) { default_port = 443; } // Check for per route filter config. const auto* config = route_entry->mostSpecificPerFilterConfigTyped( HttpFilterNames::get().DynamicForwardProxy); if (config != nullptr) { const auto& host_rewrite = config->hostRewrite(); if (!host_rewrite.empty()) { headers.setHost(host_rewrite); } const auto& host_rewrite_header = config->hostRewriteHeader(); if (!host_rewrite_header.get().empty()) { const auto* header = headers.get(host_rewrite_header); if (header != nullptr) { const auto& header_value = header->value().getStringView(); headers.setHost(header_value); } } } // See the comments in dns_cache.h for how loadDnsCacheEntry() handles hosts with embedded ports. // TODO(mattklein123): Because the filter and cluster have independent configuration, it is // not obvious to the user if something is misconfigured. We should see if // we can do better here, perhaps by checking the cache to see if anything // else is attached to it or something else? auto result = config_->cache().loadDnsCacheEntry(headers.Host()->value().getStringView(), default_port, *this); cache_load_handle_ = std::move(result.handle_); if (cache_load_handle_ == nullptr) { circuit_breaker_.reset(); } switch (result.status_) { case LoadDnsCacheEntryStatus::InCache: { ASSERT(cache_load_handle_ == nullptr); ENVOY_STREAM_LOG(debug, "DNS cache entry already loaded, continuing", *decoder_callbacks_); return Http::FilterHeadersStatus::Continue; } case LoadDnsCacheEntryStatus::Loading: { ASSERT(cache_load_handle_ != nullptr); ENVOY_STREAM_LOG(debug, "waiting to load DNS cache entry", *decoder_callbacks_); return Http::FilterHeadersStatus::StopAllIterationAndWatermark; } case LoadDnsCacheEntryStatus::Overflow: { ASSERT(cache_load_handle_ == nullptr); ENVOY_STREAM_LOG(debug, "DNS cache overflow", *decoder_callbacks_); decoder_callbacks_->sendLocalReply(Http::Code::ServiceUnavailable, ResponseStrings::get().DnsCacheOverflow, nullptr, absl::nullopt, ResponseStrings::get().DnsCacheOverflow); return Http::FilterHeadersStatus::StopIteration; } } NOT_REACHED_GCOVR_EXCL_LINE; } void ProxyFilter::onLoadDnsCacheComplete() { ENVOY_STREAM_LOG(debug, "load DNS cache complete, continuing", *decoder_callbacks_); ASSERT(circuit_breaker_ != nullptr); circuit_breaker_.reset(); decoder_callbacks_->continueDecoding(); } } // namespace DynamicForwardProxy } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h ================================================ #pragma once #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/upstream/cluster_manager.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace DynamicForwardProxy { class ProxyFilterConfig { public: ProxyFilterConfig( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig& proto_config, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, Upstream::ClusterManager& cluster_manager); Extensions::Common::DynamicForwardProxy::DnsCache& cache() { return *dns_cache_; } Upstream::ClusterManager& clusterManager() { return cluster_manager_; } private: const Extensions::Common::DynamicForwardProxy::DnsCacheManagerSharedPtr dns_cache_manager_; const Extensions::Common::DynamicForwardProxy::DnsCacheSharedPtr dns_cache_; Upstream::ClusterManager& cluster_manager_; }; using ProxyFilterConfigSharedPtr = std::shared_ptr; class ProxyPerRouteConfig : public ::Envoy::Router::RouteSpecificFilterConfig { public: ProxyPerRouteConfig( const envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig& config); const std::string& hostRewrite() const { return host_rewrite_; } const Http::LowerCaseString& hostRewriteHeader() const { return host_rewrite_header_; } private: const std::string host_rewrite_; const Http::LowerCaseString host_rewrite_header_; }; class ProxyFilter : public Http::PassThroughDecoderFilter, public Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryCallbacks, Logger::Loggable { public: ProxyFilter(const ProxyFilterConfigSharedPtr& config) : config_(config) {} // Http::PassThroughDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; void onDestroy() override; // Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryCallbacks void onLoadDnsCacheComplete() override; private: const ProxyFilterConfigSharedPtr config_; Upstream::ClusterInfoConstSharedPtr cluster_info_; Upstream::ResourceAutoIncDecPtr circuit_breaker_; Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryHandlePtr cache_load_handle_; }; } // namespace DynamicForwardProxy } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # AWS DynamoDB L7 HTTP filter (observability): https://aws.amazon.com/dynamodb/ # Public docs: docs/root/configuration/http_filters/dynamodb_filter.rst envoy_extension_package() envoy_cc_library( name = "dynamo_filter_lib", srcs = ["dynamo_filter.cc"], hdrs = ["dynamo_filter.h"], deps = [ ":dynamo_request_parser_lib", ":dynamo_stats_lib", "//include/envoy/http:filter_interface", "//include/envoy/runtime:runtime_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:exception_lib", ], ) envoy_cc_library( name = "dynamo_request_parser_lib", srcs = ["dynamo_request_parser.cc"], hdrs = ["dynamo_request_parser.h"], deps = [ "//include/envoy/http:header_map_interface", "//source/common/common:utility_lib", "//source/common/json:json_loader_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":dynamo_filter_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/dynamo/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "dynamo_stats_lib", srcs = ["dynamo_stats.cc"], hdrs = ["dynamo_stats.h"], deps = [ ":dynamo_request_parser_lib", "//include/envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) ================================================ FILE: source/extensions/filters/http/dynamo/config.cc ================================================ #include "extensions/filters/http/dynamo/config.h" #include #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/dynamo/dynamo_filter.h" #include "extensions/filters/http/dynamo/dynamo_stats.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { Http::FilterFactoryCb DynamoFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::dynamo::v3::Dynamo&, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { auto stats = std::make_shared(context.scope(), stats_prefix); return [&context, stats](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared( context.runtime(), stats, context.dispatcher().timeSource())); }; } /** * Static registration for the http dynamodb filter. @see RegisterFactory. */ REGISTER_FACTORY(DynamoFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.http_dynamo_filter"}; } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/config.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.h" #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.validate.h" #include "envoy/server/filter_config.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { /** * Config registration for http dynamodb filter. */ class DynamoFilterConfig : public Common::FactoryBase { public: DynamoFilterConfig() : FactoryBase(HttpFilterNames::get().Dynamo) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::dynamo::v3::Dynamo& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_filter.cc ================================================ #include "extensions/filters/http/dynamo/dynamo_filter.h" #include #include #include #include #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/http/codes.h" #include "common/http/exception.h" #include "common/http/utility.h" #include "common/json/json_loader.h" #include "extensions/filters/http/dynamo/dynamo_request_parser.h" #include "extensions/filters/http/dynamo/dynamo_stats.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { Http::FilterHeadersStatus DynamoFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { if (enabled_) { start_decode_ = time_source_.monotonicTime(); operation_ = RequestParser::parseOperation(headers); return Http::FilterHeadersStatus::StopIteration; } else { return Http::FilterHeadersStatus::Continue; } } Http::FilterDataStatus DynamoFilter::decodeData(Buffer::Instance& data, bool end_stream) { if (enabled_ && end_stream) { onDecodeComplete(data); } if (!enabled_ || end_stream) { return Http::FilterDataStatus::Continue; } else { // Buffer until the complete request has been processed. return Http::FilterDataStatus::StopIterationAndBuffer; } } Http::FilterTrailersStatus DynamoFilter::decodeTrailers(Http::RequestTrailerMap&) { if (enabled_) { Buffer::OwnedImpl empty; onDecodeComplete(empty); } return Http::FilterTrailersStatus::Continue; } void DynamoFilter::onDecodeComplete(const Buffer::Instance& data) { std::string body = buildBody(decoder_callbacks_->decodingBuffer(), data); if (!body.empty()) { try { Json::ObjectSharedPtr json_body = Json::Factory::loadFromString(body); table_descriptor_ = RequestParser::parseTable(operation_, *json_body); } catch (const Json::Exception& jsonEx) { // Body parsing failed. This should not happen, just put a stat for that. stats_->incCounter({stats_->invalid_req_body_}); } } } void DynamoFilter::onEncodeComplete(const Buffer::Instance& data) { ASSERT(enabled_); uint64_t status = Http::Utility::getResponseStatus(*response_headers_); chargeBasicStats(status); std::string body = buildBody(encoder_callbacks_->encodingBuffer(), data); if (!body.empty()) { try { Json::ObjectSharedPtr json_body = Json::Factory::loadFromString(body); chargeTablePartitionIdStats(*json_body); if (Http::CodeUtility::is4xx(status)) { chargeFailureSpecificStats(*json_body); } // Batch Operations will always return status 200 for a partial or full success. Check // unprocessed keys to determine partial success. // http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Programming.Errors.html#Programming.Errors.BatchOperations if (RequestParser::isBatchOperation(operation_)) { chargeUnProcessedKeysStats(*json_body); } } catch (const Json::Exception&) { // Body parsing failed. This should not happen, just put a stat for that. stats_->incCounter({stats_->invalid_resp_body_}); } } } Http::FilterHeadersStatus DynamoFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { Http::FilterHeadersStatus status = Http::FilterHeadersStatus::Continue; if (enabled_) { response_headers_ = &headers; if (end_stream) { Buffer::OwnedImpl empty; onEncodeComplete(empty); } else { status = Http::FilterHeadersStatus::StopIteration; } } return status; } Http::FilterDataStatus DynamoFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (enabled_ && end_stream) { onEncodeComplete(data); } if (!enabled_ || end_stream) { return Http::FilterDataStatus::Continue; } else { // Buffer until the complete response has been processed. return Http::FilterDataStatus::StopIterationAndBuffer; } } Http::FilterTrailersStatus DynamoFilter::encodeTrailers(Http::ResponseTrailerMap&) { if (enabled_) { Buffer::OwnedImpl empty; onEncodeComplete(empty); } return Http::FilterTrailersStatus::Continue; } std::string DynamoFilter::buildBody(const Buffer::Instance* buffered, const Buffer::Instance& last) { std::string body; body.reserve((buffered ? buffered->length() : 0) + last.length()); if (buffered) { for (const Buffer::RawSlice& slice : buffered->getRawSlices()) { body.append(static_cast(slice.mem_), slice.len_); } } for (const Buffer::RawSlice& slice : last.getRawSlices()) { body.append(static_cast(slice.mem_), slice.len_); } return body; } void DynamoFilter::chargeBasicStats(uint64_t status) { if (!operation_.empty()) { chargeStatsPerEntity(operation_, "operation", status); } else { stats_->incCounter({stats_->operation_missing_}); } if (!table_descriptor_.table_name.empty()) { chargeStatsPerEntity(table_descriptor_.table_name, "table", status); } else if (table_descriptor_.is_single_table) { stats_->incCounter({stats_->table_missing_}); } else { stats_->incCounter({stats_->multiple_tables_}); } } void DynamoFilter::chargeStatsPerEntity(const std::string& entity, const std::string& entity_type, uint64_t status) { std::chrono::milliseconds latency = std::chrono::duration_cast( time_source_.monotonicTime() - start_decode_); size_t group_index = DynamoStats::groupIndex(status); Stats::StatNameDynamicPool dynamic(stats_->symbolTable()); const Stats::StatName entity_type_name = stats_->getBuiltin(entity_type, stats_->unknown_entity_type_); const Stats::StatName entity_name = dynamic.add(entity); // TODO(jmarantz): Consider using a similar mechanism to common/http/codes.cc // to avoid creating dynamic stat-names for common statuses. const Stats::StatName total_name = dynamic.add(absl::StrCat("upstream_rq_total_", status)); const Stats::StatName time_name = dynamic.add(absl::StrCat("upstream_rq_time_", status)); stats_->incCounter({entity_type_name, entity_name, stats_->upstream_rq_total_}); const Stats::StatName total_group = stats_->upstream_rq_total_groups_[group_index]; stats_->incCounter({entity_type_name, entity_name, total_group}); stats_->incCounter({entity_type_name, entity_name, total_name}); stats_->recordHistogram({entity_type_name, entity_name, stats_->upstream_rq_time_}, Stats::Histogram::Unit::Milliseconds, latency.count()); const Stats::StatName time_group = stats_->upstream_rq_time_groups_[group_index]; stats_->recordHistogram({entity_type_name, entity_name, time_group}, Stats::Histogram::Unit::Milliseconds, latency.count()); stats_->recordHistogram({entity_type_name, entity_name, time_name}, Stats::Histogram::Unit::Milliseconds, latency.count()); } void DynamoFilter::chargeUnProcessedKeysStats(const Json::Object& json_body) { // The unprocessed keys block contains a list of tables and keys for that table that did not // complete apart of the batch operation. Only the table names will be logged for errors. std::vector unprocessed_tables = RequestParser::parseBatchUnProcessedKeys(json_body); for (const std::string& unprocessed_table : unprocessed_tables) { Stats::StatNameDynamicStorage storage(unprocessed_table, stats_->symbolTable()); stats_->incCounter( {stats_->error_, storage.statName(), stats_->batch_failure_unprocessed_keys_}); } } void DynamoFilter::chargeFailureSpecificStats(const Json::Object& json_body) { std::string error_type = RequestParser::parseErrorType(json_body); if (!error_type.empty()) { Stats::StatNameDynamicPool dynamic(stats_->symbolTable()); if (table_descriptor_.table_name.empty()) { stats_->incCounter({stats_->error_, stats_->no_table_, dynamic.add(error_type)}); } else { stats_->incCounter( {stats_->error_, dynamic.add(table_descriptor_.table_name), dynamic.add(error_type)}); } } else { stats_->incCounter({stats_->empty_response_body_}); } } void DynamoFilter::chargeTablePartitionIdStats(const Json::Object& json_body) { if (table_descriptor_.table_name.empty() || operation_.empty()) { return; } std::vector partitions = RequestParser::parsePartitions(json_body); for (const RequestParser::PartitionDescriptor& partition : partitions) { stats_ ->buildPartitionStatCounter(table_descriptor_.table_name, operation_, partition.partition_id_) .add(partition.capacity_); } } } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_filter.h ================================================ #pragma once #include #include #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "common/json/json_loader.h" #include "extensions/filters/http/dynamo/dynamo_request_parser.h" #include "extensions/filters/http/dynamo/dynamo_stats.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { /** * DynamoDb filter to process egress request to dynamo and capture comprehensive stats * It captures RPS/latencies: * 1) Per table per response code (and group of response codes, e.g., 2xx/3xx/etc) * 2) Per operation per response code (and group of response codes, e.g., 2xx/3xx/etc) */ class DynamoFilter : public Http::StreamFilter { public: DynamoFilter(Runtime::Loader& runtime, const DynamoStatsSharedPtr& stats, TimeSource& time_source) : runtime_(runtime), stats_(stats), time_source_(time_source) { enabled_ = runtime_.snapshot().featureEnabled("dynamodb.filter_enabled", 100); } // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; } private: void onDecodeComplete(const Buffer::Instance& data); void onEncodeComplete(const Buffer::Instance& data); std::string buildBody(const Buffer::Instance* buffered, const Buffer::Instance& last); void chargeBasicStats(uint64_t status); void chargeStatsPerEntity(const std::string& entity, const std::string& entity_type, uint64_t status); void chargeFailureSpecificStats(const Json::Object& json_body); void chargeUnProcessedKeysStats(const Json::Object& json_body); void chargeTablePartitionIdStats(const Json::Object& json_body); Runtime::Loader& runtime_; const DynamoStatsSharedPtr stats_; bool enabled_{}; std::string operation_{}; RequestParser::TableDescriptor table_descriptor_{"", true}; std::string error_type_{}; MonotonicTime start_decode_; Http::ResponseHeaderMap* response_headers_; Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; TimeSource& time_source_; }; } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_request_parser.cc ================================================ #include "extensions/filters/http/dynamo/dynamo_request_parser.h" #include #include #include #include #include "common/common/utility.h" #include "absl/strings/match.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { /** * Basic json request/response format: * https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Operations_Amazon_DynamoDB.html */ const Http::LowerCaseString RequestParser::X_AMZ_TARGET("X-AMZ-TARGET"); // clang-format off const std::vector RequestParser::SINGLE_TABLE_OPERATIONS{ "CreateTable", "DeleteItem", "DeleteTable", "DescribeTable", "GetItem", "PutItem", "Query", "Scan", "UpdateItem", "UpdateTable"}; const std::vector RequestParser::SUPPORTED_ERROR_TYPES{ // 4xx "AccessDeniedException", "ConditionalCheckFailedException", "IdempotentParameterMismatchException", "IncompleteSignatureException", "ItemCollectionSizeLimitExceededException", "LimitExceededException", "MissingAuthenticationTokenException", "ProvisionedThroughputExceededException", "ResourceInUseException", "ResourceNotFoundException", "ThrottlingException", "TransactionCanceledException", "TransactionInProgressException", "UnrecognizedClientException", "ValidationException", // Errors not listed in the error handling section of DynamoDB developer guide, but observed in runtime "InvalidSignatureException", // https://github.com/aws/aws-sdk-go/issues/2598#issuecomment-526398896 }; // clang-format on const std::vector RequestParser::BATCH_OPERATIONS{"BatchGetItem", "BatchWriteItem"}; const std::vector RequestParser::TRANSACT_OPERATIONS{"TransactGetItems", "TransactWriteItems"}; const std::vector RequestParser::TRANSACT_ITEM_OPERATIONS{"ConditionCheck", "Delete", "Get", "Put", "Update"}; std::string RequestParser::parseOperation(const Http::HeaderMap& header_map) { std::string operation; const Http::HeaderEntry* x_amz_target = header_map.get(X_AMZ_TARGET); if (x_amz_target) { // Normally x-amz-target contains Version.Operation, e.g., DynamoDB_20160101.GetItem auto version_and_operation = StringUtil::splitToken(x_amz_target->value().getStringView(), "."); if (version_and_operation.size() == 2) { operation = std::string{version_and_operation[1]}; } } return operation; } RequestParser::TableDescriptor RequestParser::parseTable(const std::string& operation, const Json::Object& json_data) { TableDescriptor table{"", true}; // Simple operations on a single table, have "TableName" explicitly specified. if (find(SINGLE_TABLE_OPERATIONS.begin(), SINGLE_TABLE_OPERATIONS.end(), operation) != SINGLE_TABLE_OPERATIONS.end()) { table.table_name = json_data.getString("TableName", ""); } else if (find(BATCH_OPERATIONS.begin(), BATCH_OPERATIONS.end(), operation) != BATCH_OPERATIONS.end()) { Json::ObjectSharedPtr tables = json_data.getObject("RequestItems", true); tables->iterate([&table](const std::string& key, const Json::Object&) { if (table.table_name.empty()) { table.table_name = key; } else { if (table.table_name != key) { table.table_name = ""; table.is_single_table = false; return false; } } return true; }); } else if (find(TRANSACT_OPERATIONS.begin(), TRANSACT_OPERATIONS.end(), operation) != TRANSACT_OPERATIONS.end()) { std::vector transact_items = json_data.getObjectArray("TransactItems", true); for (const Json::ObjectSharedPtr& transact_item : transact_items) { const auto next_table_name = getTableNameFromTransactItem(*transact_item); if (!next_table_name.has_value()) { // if an operation is missing a table name, we want to throw the normal set of errors table.table_name = ""; table.is_single_table = true; break; } if (table.table_name.empty()) { table.table_name = next_table_name.value(); } else if (table.table_name != next_table_name.value()) { table.table_name = ""; table.is_single_table = false; break; } } } return table; } absl::optional RequestParser::getTableNameFromTransactItem(const Json::Object& transact_item) { for (const std::string& operation : TRANSACT_ITEM_OPERATIONS) { Json::ObjectSharedPtr item = transact_item.getObject(operation, true); std::string table_name = item->getString("TableName", ""); if (!table_name.empty()) { return absl::make_optional(table_name); } } return absl::nullopt; } std::vector RequestParser::parseBatchUnProcessedKeys(const Json::Object& json_data) { std::vector unprocessed_tables; Json::ObjectSharedPtr tables = json_data.getObject("UnprocessedKeys", true); tables->iterate([&unprocessed_tables](const std::string& key, const Json::Object&) { unprocessed_tables.emplace_back(key); return true; }); return unprocessed_tables; } std::string RequestParser::parseErrorType(const Json::Object& json_data) { std::string error_type = json_data.getString("__type", ""); if (error_type.empty()) { return ""; } for (const std::string& supported_error_type : SUPPORTED_ERROR_TYPES) { if (absl::EndsWith(error_type, supported_error_type)) { return supported_error_type; } } return ""; } bool RequestParser::isBatchOperation(const std::string& operation) { return find(BATCH_OPERATIONS.begin(), BATCH_OPERATIONS.end(), operation) != BATCH_OPERATIONS.end(); } std::vector RequestParser::parsePartitions(const Json::Object& json_data) { std::vector partition_descriptors; Json::ObjectSharedPtr partitions = json_data.getObject("ConsumedCapacity", true)->getObject("Partitions", true); partitions->iterate([&partition_descriptors, &partitions](const std::string& key, const Json::Object&) { // For a given partition id, the amount of capacity used is returned in the body as a double. // A stat will be created to track the capacity consumed for the operation, table and partition. // Stats counter only increments by whole numbers, capacity is round up to the nearest integer // to account for this. uint64_t capacity_integer = static_cast(std::ceil(partitions->getDouble(key, 0.0))); partition_descriptors.emplace_back(key, capacity_integer); return true; }); return partition_descriptors; } void RequestParser::forEachStatString(const StringFn& fn) { for (const std::string& str : SINGLE_TABLE_OPERATIONS) { fn(str); } for (const std::string& str : SUPPORTED_ERROR_TYPES) { fn(str); } for (const std::string& str : BATCH_OPERATIONS) { fn(str); } for (const std::string& str : TRANSACT_OPERATIONS) { fn(str); } for (const std::string& str : TRANSACT_ITEM_OPERATIONS) { fn(str); } } } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_request_parser.h ================================================ #pragma once #include #include #include #include "envoy/http/header_map.h" #include "common/json/json_loader.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { /** * Request parser for dynamodb request/response. * * Basic dynamodb json request/response format: * http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Appendix.CurrentAPI.html */ class RequestParser { public: struct TableDescriptor { public: std::string table_name; bool is_single_table; }; struct PartitionDescriptor { PartitionDescriptor(const std::string& partition, uint64_t capacity) : partition_id_(partition), capacity_(capacity) {} std::string partition_id_; uint64_t capacity_; }; /** * Parse operation out of x-amz-target header. * @return empty string if operation cannot be parsed. */ static std::string parseOperation(const Http::HeaderMap& header_map); /** * Parse table name out of data, based on the operation. * @return empty string as TableDescriptor.table_name if table name cannot be parsed out of valid *json data * or if operation is not in the list of operations that we support. * * For simple operations on single table, e.g., GetItem, PutItem, Query etc @return table * name in TableDescriptor.table_name. * * For batch operations, e.g. BatchGetItem/BatchWriteItem, @return table name in *TableDescriptor.table_name if it's only one * table used in all operations, @return empty string in TableDescriptor.table_name and *TableDescriptor.is_single_table=false in case of multiple. * * @throw Json::Exception if data is not in valid Json format. */ static TableDescriptor parseTable(const std::string& operation, const Json::Object& json_data); /** * @return string name of table in transaction object, or empty string if none */ static absl::optional getTableNameFromTransactItem(const Json::Object& transact_item); /** * Parse error details which might be provided for a given response code. * @return empty string if cannot get error details. * For the full list of errors, see * http://docs.aws.amazon.com/amazondynamodb/latest/APIReference/CommonErrors.html * Operation specific errors, for example, error section of * http://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html * * @throw Json::Exception if data is not in valid Json format. */ static std::string parseErrorType(const Json::Object& json_data); /** * Parse unprocessed keys for batch operation results. * @return empty set if there are no unprocessed keys or a set of table names that did not get * processed in the batch operation. */ static std::vector parseBatchUnProcessedKeys(const Json::Object& json_data); /** * @return true if the operation is in the set of supported BATCH_OPERATIONS */ static bool isBatchOperation(const std::string& operation); /** * Parse the Partition ids and the consumed capacity from the body. * @return empty set if there is no partition data or a set of partition data containing * the partition id as a string and the capacity consumed as an integer. * * @throw Json::Exception if data is not in valid Json format. */ static std::vector parsePartitions(const Json::Object& json_data); using StringFn = std::function; /** * Calls a function for every string that is likely to be included as a token * in a stat. This is not functionally necessary, but can reduce potentially * contented access to create entries in the symbol table in the hot path. * * @param fn the function to call for every potential stat name. */ static void forEachStatString(const StringFn& fn); private: static const Http::LowerCaseString X_AMZ_TARGET; static const std::vector SINGLE_TABLE_OPERATIONS; static const std::vector BATCH_OPERATIONS; static const std::vector TRANSACT_OPERATIONS; static const std::vector TRANSACT_ITEM_OPERATIONS; // http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Programming.Errors.html static const std::vector SUPPORTED_ERROR_TYPES; RequestParser() = default; }; } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_stats.cc ================================================ #include "extensions/filters/http/dynamo/dynamo_stats.h" #include #include #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/http/dynamo/dynamo_request_parser.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { DynamoStats::DynamoStats(Stats::Scope& scope, const std::string& prefix) : scope_(scope), stat_name_set_(scope.symbolTable().makeSet("Dynamo")), prefix_(stat_name_set_->add(prefix + "dynamodb")), batch_failure_unprocessed_keys_(stat_name_set_->add("BatchFailureUnprocessedKeys")), capacity_(stat_name_set_->add("capacity")), empty_response_body_(stat_name_set_->add("empty_response_body")), error_(stat_name_set_->add("error")), invalid_req_body_(stat_name_set_->add("invalid_req_body")), invalid_resp_body_(stat_name_set_->add("invalid_resp_body")), multiple_tables_(stat_name_set_->add("multiple_tables")), no_table_(stat_name_set_->add("no_table")), operation_missing_(stat_name_set_->add("operation_missing")), table_(stat_name_set_->add("table")), table_missing_(stat_name_set_->add("table_missing")), upstream_rq_time_(stat_name_set_->add("upstream_rq_time")), upstream_rq_total_(stat_name_set_->add("upstream_rq_total")), unknown_entity_type_(stat_name_set_->add("unknown_entity_type")), unknown_operation_(stat_name_set_->add("unknown_operation")) { upstream_rq_total_groups_[0] = stat_name_set_->add("upstream_rq_total_unknown"); upstream_rq_time_groups_[0] = stat_name_set_->add("upstream_rq_time_unknown"); for (size_t i = 1; i < DynamoStats::NumGroupEntries; ++i) { upstream_rq_total_groups_[i] = stat_name_set_->add(fmt::format("upstream_rq_total_{}xx", i)); upstream_rq_time_groups_[i] = stat_name_set_->add(fmt::format("upstream_rq_time_{}xx", i)); } RequestParser::forEachStatString( [this](const std::string& str) { stat_name_set_->rememberBuiltin(str); }); for (uint32_t status_code : {200, 400, 403, 502}) { stat_name_set_->rememberBuiltin(absl::StrCat("upstream_rq_time_", status_code)); stat_name_set_->rememberBuiltin(absl::StrCat("upstream_rq_total_", status_code)); } stat_name_set_->rememberBuiltins({"operation", "table"}); } Stats::ElementVec DynamoStats::addPrefix(const Stats::ElementVec& names) { Stats::ElementVec names_with_prefix; names_with_prefix.reserve(1 + names.size()); names_with_prefix.push_back(prefix_); names_with_prefix.insert(names_with_prefix.end(), names.begin(), names.end()); return names_with_prefix; } void DynamoStats::incCounter(const Stats::ElementVec& names) { Stats::Utility::counterFromElements(scope_, addPrefix(names)).inc(); } void DynamoStats::recordHistogram(const Stats::ElementVec& names, Stats::Histogram::Unit unit, uint64_t value) { Stats::Utility::histogramFromElements(scope_, addPrefix(names), unit).recordValue(value); } Stats::Counter& DynamoStats::buildPartitionStatCounter(const std::string& table_name, const std::string& operation, const std::string& partition_id) { // Use the last 7 characters of the partition id. absl::string_view id_last_7 = absl::string_view(partition_id).substr(partition_id.size() - 7); std::string partition = absl::StrCat("__partition_id=", id_last_7); return Stats::Utility::counterFromElements( scope_, addPrefix({table_, Stats::DynamicName(table_name), capacity_, getBuiltin(operation, unknown_operation_), Stats::DynamicName(partition)})); } size_t DynamoStats::groupIndex(uint64_t status) { size_t index = status / 100; if (index >= NumGroupEntries) { index = 0; // status-code 600 or higher is unknown. } return index; } } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/dynamo/dynamo_stats.h ================================================ #pragma once #include #include #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Dynamo { class DynamoStats { public: DynamoStats(Stats::Scope& scope, const std::string& prefix); void incCounter(const Stats::ElementVec& names); void recordHistogram(const Stats::ElementVec& names, Stats::Histogram::Unit unit, uint64_t value); /** * Creates the partition id stats string. The stats format is * "table..capacity..__partition_id=". * Partition ids and dynamodb table names can be long. To satisfy the string * length, we truncate, taking only the last 7 characters of the partition id. */ Stats::Counter& buildPartitionStatCounter(const std::string& table_name, const std::string& operation, const std::string& partition_id); static size_t groupIndex(uint64_t status); /** * Finds a StatName by string. */ Stats::StatName getBuiltin(const std::string& str, Stats::StatName fallback) { return stat_name_set_->getBuiltin(str, fallback); } Stats::SymbolTable& symbolTable() { return scope_.symbolTable(); } private: Stats::ElementVec addPrefix(const Stats::ElementVec& names); Stats::Scope& scope_; Stats::StatNameSetPtr stat_name_set_; const Stats::StatName prefix_; public: const Stats::StatName batch_failure_unprocessed_keys_; const Stats::StatName capacity_; const Stats::StatName empty_response_body_; const Stats::StatName error_; const Stats::StatName invalid_req_body_; const Stats::StatName invalid_resp_body_; const Stats::StatName multiple_tables_; const Stats::StatName no_table_; const Stats::StatName operation_missing_; const Stats::StatName table_; const Stats::StatName table_missing_; const Stats::StatName upstream_rq_time_; const Stats::StatName upstream_rq_total_; const Stats::StatName upstream_rq_unknown_; const Stats::StatName unknown_entity_type_; const Stats::StatName unknown_operation_; // Keep group codes for HTTP status codes through the 500s. static constexpr size_t NumGroupEntries = 6; Stats::StatName upstream_rq_total_groups_[NumGroupEntries]; Stats::StatName upstream_rq_time_groups_[NumGroupEntries]; }; using DynamoStatsSharedPtr = std::shared_ptr; } // namespace Dynamo } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ext_authz/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # External authorization L7 HTTP filter # Public docs: TODO(saumoh): Docs needed in docs/root/configuration/http_filters envoy_extension_package() envoy_cc_library( name = "ext_authz", srcs = ["ext_authz.cc"], hdrs = ["ext_authz.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:matchers_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", "//source/common/http:utility_lib", "//source/common/router:config_lib", "//source/extensions/filters/common/ext_authz:ext_authz_grpc_lib", "//source/extensions/filters/common/ext_authz:ext_authz_http_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ext_authz/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":ext_authz", "//include/envoy/registry", "//include/envoy/stats:stats_macros", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ext_authz:ext_authz_http_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ext_authz/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/ext_authz/config.cc ================================================ #include "extensions/filters/http/ext_authz/config.h" #include #include #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" #include "extensions/filters/http/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace ExtAuthz { Http::FilterFactoryCb ExtAuthzFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { const auto filter_config = std::make_shared( proto_config, context.scope(), context.runtime(), context.httpContext(), stats_prefix); Http::FilterFactoryCb callback; if (proto_config.has_http_service()) { // Raw HTTP client. const uint32_t timeout_ms = PROTOBUF_GET_MS_OR_DEFAULT(proto_config.http_service().server_uri(), timeout, DefaultTimeout); const auto client_config = std::make_shared( proto_config, timeout_ms, proto_config.http_service().path_prefix()); callback = [filter_config, client_config, &context](Http::FilterChainFactoryCallbacks& callbacks) { auto client = std::make_unique( context.clusterManager(), client_config); callbacks.addStreamDecoderFilter(Http::StreamDecoderFilterSharedPtr{ std::make_shared(filter_config, std::move(client))}); }; } else if (proto_config.grpc_service().has_google_grpc()) { // Google gRPC client. const uint32_t timeout_ms = PROTOBUF_GET_MS_OR_DEFAULT(proto_config.grpc_service(), timeout, DefaultTimeout); auto async_client_cache = getAsyncClientCacheSingleton(context); callback = [async_client_cache, filter_config, timeout_ms, proto_config, transport_api_version = proto_config.transport_api_version(), use_alpha = proto_config.hidden_envoy_deprecated_use_alpha()]( Http::FilterChainFactoryCallbacks& callbacks) { auto client = std::make_unique( async_client_cache->getOrCreateAsyncClient(proto_config), std::chrono::milliseconds(timeout_ms), transport_api_version, use_alpha); callbacks.addStreamDecoderFilter(Http::StreamDecoderFilterSharedPtr{ std::make_shared(filter_config, std::move(client))}); }; } else { // Envoy gRPC client. const uint32_t timeout_ms = PROTOBUF_GET_MS_OR_DEFAULT(proto_config.grpc_service(), timeout, DefaultTimeout); callback = [grpc_service = proto_config.grpc_service(), &context, filter_config, timeout_ms, transport_api_version = proto_config.transport_api_version(), use_alpha = proto_config.hidden_envoy_deprecated_use_alpha()]( Http::FilterChainFactoryCallbacks& callbacks) { const auto async_client_factory = context.clusterManager().grpcAsyncClientManager().factoryForGrpcService( grpc_service, context.scope(), true); auto client = std::make_unique( async_client_factory->create(), std::chrono::milliseconds(timeout_ms), transport_api_version, use_alpha); callbacks.addStreamDecoderFilter(Http::StreamDecoderFilterSharedPtr{ std::make_shared(filter_config, std::move(client))}); }; } return callback; } Router::RouteSpecificFilterConfigConstSharedPtr ExtAuthzFilterConfig::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config); } /** * Static registration for the external authorization filter. @see RegisterFactory. */ REGISTER_FACTORY(ExtAuthzFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.ext_authz"}; SINGLETON_MANAGER_REGISTRATION(google_grpc_async_client_cache); Filters::Common::ExtAuthz::AsyncClientCacheSharedPtr getAsyncClientCacheSingleton(Server::Configuration::FactoryContext& context) { return context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(google_grpc_async_client_cache), [&context] { return std::make_shared( context.clusterManager().grpcAsyncClientManager(), context.scope(), context.threadLocal()); }); } } // namespace ExtAuthz } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ext_authz/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.validate.h" #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace ExtAuthz { /** * Config registration for the external authorization filter. @see NamedHttpFilterConfigFactory. */ class ExtAuthzFilterConfig : public Common::FactoryBase< envoy::extensions::filters::http::ext_authz::v3::ExtAuthz, envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute> { public: ExtAuthzFilterConfig() : FactoryBase(HttpFilterNames::get().ExtAuthorization) {} private: static constexpr uint64_t DefaultTimeout = 200; Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; Filters::Common::ExtAuthz::AsyncClientCacheSharedPtr getAsyncClientCacheSingleton(Server::Configuration::FactoryContext& context); } // namespace ExtAuthz } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ext_authz/ext_authz.cc ================================================ #include "extensions/filters/http/ext_authz/ext_authz.h" #include "envoy/config/core/v3/base.pb.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/matchers.h" #include "common/http/utility.h" #include "common/router/config_impl.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace ExtAuthz { struct RcDetailsValues { // The ext_authz filter denied the downstream request. const std::string AuthzDenied = "ext_authz_denied"; // The ext_authz filter encountered a failure, and was configured to fail-closed. const std::string AuthzError = "ext_authz_error"; }; using RcDetails = ConstSingleton; void FilterConfigPerRoute::merge(const FilterConfigPerRoute& other) { // We only merge context extensions here, and leave boolean flags untouched since those flags are // not used from the merged config. auto begin_it = other.context_extensions_.begin(); auto end_it = other.context_extensions_.end(); for (auto it = begin_it; it != end_it; ++it) { context_extensions_[it->first] = it->second; } } void Filter::initiateCall(const Http::RequestHeaderMap& headers, const Router::RouteConstSharedPtr& route) { if (filter_return_ == FilterReturn::StopDecoding) { return; } auto&& maybe_merged_per_route_config = Http::Utility::getMergedPerFilterConfig( HttpFilterNames::get().ExtAuthorization, route, [](FilterConfigPerRoute& cfg_base, const FilterConfigPerRoute& cfg) { cfg_base.merge(cfg); }); Protobuf::Map context_extensions; if (maybe_merged_per_route_config) { context_extensions = maybe_merged_per_route_config.value().takeContextExtensions(); } // If metadata_context_namespaces is specified, pass matching metadata to the ext_authz service. envoy::config::core::v3::Metadata metadata_context; const auto& request_metadata = callbacks_->streamInfo().dynamicMetadata().filter_metadata(); for (const auto& context_key : config_->metadataContextNamespaces()) { const auto& metadata_it = request_metadata.find(context_key); if (metadata_it != request_metadata.end()) { (*metadata_context.mutable_filter_metadata())[metadata_it->first] = metadata_it->second; } } Filters::Common::ExtAuthz::CheckRequestUtils::createHttpCheck( callbacks_, headers, std::move(context_extensions), std::move(metadata_context), check_request_, config_->maxRequestBytes(), config_->packAsBytes(), config_->includePeerCertificate()); ENVOY_STREAM_LOG(trace, "ext_authz filter calling authorization server", *callbacks_); state_ = State::Calling; filter_return_ = FilterReturn::StopDecoding; // Don't let the filter chain continue as we are // going to invoke check call. cluster_ = callbacks_->clusterInfo(); initiating_call_ = true; client_->check(*this, callbacks_->dispatcher(), check_request_, callbacks_->activeSpan(), callbacks_->streamInfo()); initiating_call_ = false; } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { Router::RouteConstSharedPtr route = callbacks_->route(); const auto per_route_flags = getPerRouteFlags(route); skip_check_ = per_route_flags.skip_check_; if (skip_check_) { return Http::FilterHeadersStatus::Continue; } if (!config_->filterEnabled(callbacks_->streamInfo().dynamicMetadata())) { stats_.disabled_.inc(); if (config_->denyAtDisable()) { ENVOY_STREAM_LOG(trace, "ext_authz filter is disabled. Deny the request.", *callbacks_); callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::UnauthorizedExternalService); callbacks_->sendLocalReply(config_->statusOnError(), EMPTY_STRING, nullptr, absl::nullopt, RcDetails::get().AuthzError); return Http::FilterHeadersStatus::StopIteration; } return Http::FilterHeadersStatus::Continue; } request_headers_ = &headers; buffer_data_ = config_->withRequestBody() && !per_route_flags.skip_request_body_buffering_ && !(end_stream || Http::Utility::isWebSocketUpgradeRequest(headers) || Http::Utility::isH2UpgradeRequest(headers)); if (buffer_data_) { ENVOY_STREAM_LOG(debug, "ext_authz filter is buffering the request", *callbacks_); if (!config_->allowPartialMessage()) { callbacks_->setDecoderBufferLimit(config_->maxRequestBytes()); } return Http::FilterHeadersStatus::StopIteration; } // Initiate a call to the authorization server since we are not disabled. initiateCall(headers, route); return filter_return_ == FilterReturn::StopDecoding ? Http::FilterHeadersStatus::StopAllIterationAndWatermark : Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::decodeData(Buffer::Instance& data, bool end_stream) { if (buffer_data_ && !skip_check_) { const bool buffer_is_full = isBufferFull(); if (end_stream || buffer_is_full) { ENVOY_STREAM_LOG(debug, "ext_authz filter finished buffering the request since {}", *callbacks_, buffer_is_full ? "buffer is full" : "stream is ended"); if (!buffer_is_full) { // Make sure data is available in initiateCall. callbacks_->addDecodedData(data, true); } initiateCall(*request_headers_, callbacks_->route()); return filter_return_ == FilterReturn::StopDecoding ? Http::FilterDataStatus::StopIterationAndWatermark : Http::FilterDataStatus::Continue; } else { return Http::FilterDataStatus::StopIterationAndBuffer; } } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus Filter::decodeTrailers(Http::RequestTrailerMap&) { if (buffer_data_ && !skip_check_) { if (filter_return_ != FilterReturn::StopDecoding) { ENVOY_STREAM_LOG(debug, "ext_authz filter finished buffering the request", *callbacks_); initiateCall(*request_headers_, callbacks_->route()); } return filter_return_ == FilterReturn::StopDecoding ? Http::FilterTrailersStatus::StopIteration : Http::FilterTrailersStatus::Continue; } return Http::FilterTrailersStatus::Continue; } void Filter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } void Filter::onDestroy() { if (state_ == State::Calling) { state_ = State::Complete; client_->cancel(); } } void Filter::onComplete(Filters::Common::ExtAuthz::ResponsePtr&& response) { state_ = State::Complete; using Filters::Common::ExtAuthz::CheckStatus; Stats::StatName empty_stat_name; switch (response->status) { case CheckStatus::OK: { // Any changes to request headers can affect how the request is going to be // routed. If we are changing the headers we also need to clear the route // cache. if (config_->clearRouteCache() && (!response->headers_to_set.empty() || !response->headers_to_append.empty() || !response->headers_to_remove.empty())) { ENVOY_STREAM_LOG(debug, "ext_authz is clearing route cache", *callbacks_); callbacks_->clearRouteCache(); } ENVOY_STREAM_LOG(trace, "ext_authz filter added header(s) to the request:", *callbacks_); for (const auto& header : response->headers_to_set) { ENVOY_STREAM_LOG(trace, "'{}':'{}'", *callbacks_, header.first.get(), header.second); request_headers_->setCopy(header.first, header.second); } for (const auto& header : response->headers_to_add) { ENVOY_STREAM_LOG(trace, "'{}':'{}'", *callbacks_, header.first.get(), header.second); request_headers_->addCopy(header.first, header.second); } for (const auto& header : response->headers_to_append) { const Http::HeaderEntry* header_to_modify = request_headers_->get(header.first); // TODO(dio): Add a flag to allow appending non-existent headers, without setting it first // (via `headers_to_add`). For example, given: // 1. Original headers {"original": "true"} // 2. Response headers from the authorization servers {{"append": "1"}, {"append": "2"}} // // Currently it is not possible to add {{"append": "1"}, {"append": "2"}} (the intended // combined headers: {{"original": "true"}, {"append": "1"}, {"append": "2"}}) to the request // to upstream server by only sets `headers_to_append`. if (header_to_modify != nullptr) { ENVOY_STREAM_LOG(trace, "'{}':'{}'", *callbacks_, header.first.get(), header.second); // The current behavior of appending is by combining entries with the same key, into one // entry. The value of that combined entry is separated by ",". // TODO(dio): Consider to use addCopy instead. request_headers_->appendCopy(header.first, header.second); } } ENVOY_STREAM_LOG(trace, "ext_authz filter removed header(s) from the request:", *callbacks_); for (const auto& header : response->headers_to_remove) { // We don't allow removing any :-prefixed headers, nor Host, as removing // them would make the request malformed. if (absl::StartsWithIgnoreCase(absl::string_view(header.get()), ":") || header == Http::Headers::get().HostLegacy) { continue; } ENVOY_STREAM_LOG(trace, "'{}'", *callbacks_, header.get()); request_headers_->remove(header); } if (!response->dynamic_metadata.fields().empty()) { callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().ExtAuthorization, response->dynamic_metadata); } if (cluster_) { config_->incCounter(cluster_->statsScope(), config_->ext_authz_ok_); } stats_.ok_.inc(); continueDecoding(); break; } case CheckStatus::Denied: { ENVOY_STREAM_LOG(trace, "ext_authz filter rejected the request. Response status code: '{}", *callbacks_, enumToInt(response->status_code)); stats_.denied_.inc(); if (cluster_) { config_->incCounter(cluster_->statsScope(), config_->ext_authz_denied_); Http::CodeStats::ResponseStatInfo info{config_->scope(), cluster_->statsScope(), empty_stat_name, enumToInt(response->status_code), true, empty_stat_name, empty_stat_name, empty_stat_name, empty_stat_name, false}; config_->httpContext().codeStats().chargeResponseStat(info); } callbacks_->sendLocalReply( response->status_code, response->body, [&headers = response->headers_to_set, &callbacks = *callbacks_](Http::HeaderMap& response_headers) -> void { ENVOY_STREAM_LOG(trace, "ext_authz filter added header(s) to the local response:", callbacks); // Firstly, remove all headers requested by the ext_authz filter, to ensure that they will // override existing headers. for (const auto& header : headers) { response_headers.remove(header.first); } // Then set all of the requested headers, allowing the same header to be set multiple // times, e.g. `Set-Cookie`. for (const auto& header : headers) { ENVOY_STREAM_LOG(trace, " '{}':'{}'", callbacks, header.first.get(), header.second); response_headers.addCopy(header.first, header.second); } }, absl::nullopt, RcDetails::get().AuthzDenied); callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::UnauthorizedExternalService); break; } case CheckStatus::Error: { if (cluster_) { config_->incCounter(cluster_->statsScope(), config_->ext_authz_error_); if (response->error_kind == Filters::Common::ExtAuthz::ErrorKind::Timedout) { config_->incCounter(cluster_->statsScope(), config_->ext_authz_timeout_); } } stats_.error_.inc(); if (response->error_kind == Filters::Common::ExtAuthz::ErrorKind::Timedout) { stats_.timeout_.inc(); } if (config_->failureModeAllow()) { ENVOY_STREAM_LOG(trace, "ext_authz filter allowed the request with error", *callbacks_); stats_.failure_mode_allowed_.inc(); if (cluster_) { config_->incCounter(cluster_->statsScope(), config_->ext_authz_failure_mode_allowed_); } continueDecoding(); } else { ENVOY_STREAM_LOG( trace, "ext_authz filter rejected the request with an error. Response status code: {}", *callbacks_, enumToInt(config_->statusOnError())); callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::UnauthorizedExternalService); callbacks_->sendLocalReply(config_->statusOnError(), EMPTY_STRING, nullptr, absl::nullopt, RcDetails::get().AuthzError); } break; } default: NOT_REACHED_GCOVR_EXCL_LINE; break; } } bool Filter::isBufferFull() const { const auto* buffer = callbacks_->decodingBuffer(); if (config_->allowPartialMessage() && buffer != nullptr) { return buffer->length() >= config_->maxRequestBytes(); } return false; } void Filter::continueDecoding() { filter_return_ = FilterReturn::ContinueDecoding; if (!initiating_call_) { callbacks_->continueDecoding(); } } Filter::PerRouteFlags Filter::getPerRouteFlags(const Router::RouteConstSharedPtr& route) const { if (route == nullptr || route->routeEntry() == nullptr) { return PerRouteFlags{true /*skip_check_*/, false /*skip_request_body_buffering_*/}; } const auto* specific_per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( HttpFilterNames::get().ExtAuthorization, route); if (specific_per_route_config != nullptr) { return PerRouteFlags{specific_per_route_config->disabled(), specific_per_route_config->disableRequestBodyBuffering()}; } return PerRouteFlags{false /*skip_check_*/, false /*skip_request_body_buffering_*/}; } } // namespace ExtAuthz } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ext_authz/ext_authz.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/common/ext_authz/ext_authz.h" #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace ExtAuthz { /** * All stats for the Ext Authz filter. @see stats_macros.h */ #define ALL_EXT_AUTHZ_FILTER_STATS(COUNTER) \ COUNTER(ok) \ COUNTER(denied) \ COUNTER(error) \ COUNTER(timeout) \ COUNTER(disabled) \ COUNTER(failure_mode_allowed) /** * Wrapper struct for ext_authz filter stats. @see stats_macros.h */ struct ExtAuthzFilterStats { ALL_EXT_AUTHZ_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the External Authorization (ext_authz) filter. */ class FilterConfig { public: FilterConfig(const envoy::extensions::filters::http::ext_authz::v3::ExtAuthz& config, Stats::Scope& scope, Runtime::Loader& runtime, Http::Context& http_context, const std::string& stats_prefix) : allow_partial_message_(config.with_request_body().allow_partial_message()), failure_mode_allow_(config.failure_mode_allow()), clear_route_cache_(config.clear_route_cache()), max_request_bytes_(config.with_request_body().max_request_bytes()), pack_as_bytes_(config.with_request_body().pack_as_bytes()), status_on_error_(toErrorCode(config.status_on_error().code())), scope_(scope), runtime_(runtime), http_context_(http_context), filter_enabled_(config.has_filter_enabled() ? absl::optional( Runtime::FractionalPercent(config.filter_enabled(), runtime_)) : absl::nullopt), filter_enabled_metadata_( config.has_filter_enabled_metadata() ? absl::optional(config.filter_enabled_metadata()) : absl::nullopt), deny_at_disable_(config.has_deny_at_disable() ? absl::optional( Runtime::FeatureFlag(config.deny_at_disable(), runtime_)) : absl::nullopt), pool_(scope_.symbolTable()), metadata_context_namespaces_(config.metadata_context_namespaces().begin(), config.metadata_context_namespaces().end()), include_peer_certificate_(config.include_peer_certificate()), stats_(generateStats(stats_prefix, config.stat_prefix(), scope)), ext_authz_ok_(pool_.add(createPoolStatName(config.stat_prefix(), "ok"))), ext_authz_denied_(pool_.add(createPoolStatName(config.stat_prefix(), "denied"))), ext_authz_error_(pool_.add(createPoolStatName(config.stat_prefix(), "error"))), ext_authz_timeout_(pool_.add(createPoolStatName(config.stat_prefix(), "timeout"))), ext_authz_failure_mode_allowed_( pool_.add(createPoolStatName(config.stat_prefix(), "failure_mode_allowed"))) {} bool allowPartialMessage() const { return allow_partial_message_; } bool withRequestBody() const { return max_request_bytes_ > 0; } bool failureModeAllow() const { return failure_mode_allow_; } bool clearRouteCache() const { return clear_route_cache_; } uint32_t maxRequestBytes() const { return max_request_bytes_; } bool packAsBytes() const { return pack_as_bytes_; } Http::Code statusOnError() const { return status_on_error_; } bool filterEnabled(const envoy::config::core::v3::Metadata& metadata) { const bool enabled = filter_enabled_.has_value() ? filter_enabled_->enabled() : true; const bool enabled_metadata = filter_enabled_metadata_.has_value() ? filter_enabled_metadata_->match(metadata) : true; return enabled && enabled_metadata; } bool denyAtDisable() { return deny_at_disable_.has_value() ? deny_at_disable_->enabled() : false; } Stats::Scope& scope() { return scope_; } Http::Context& httpContext() { return http_context_; } const std::vector& metadataContextNamespaces() { return metadata_context_namespaces_; } const ExtAuthzFilterStats& stats() const { return stats_; } void incCounter(Stats::Scope& scope, Stats::StatName name) { scope.counterFromStatName(name).inc(); } bool includePeerCertificate() const { return include_peer_certificate_; } private: static Http::Code toErrorCode(uint64_t status) { const auto code = static_cast(status); if (code >= Http::Code::Continue && code <= Http::Code::NetworkAuthenticationRequired) { return code; } return Http::Code::Forbidden; } ExtAuthzFilterStats generateStats(const std::string& prefix, const std::string& filter_stats_prefix, Stats::Scope& scope) { const std::string final_prefix = absl::StrCat(prefix, "ext_authz.", filter_stats_prefix); return {ALL_EXT_AUTHZ_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } // This generates ext_authz..name, for example: ext_authz.waf.ok // when filter_stats_prefix is "waf", and ext_authz.ok when filter_stats_prefix is empty. const std::string createPoolStatName(const std::string& filter_stats_prefix, const std::string& name) { return absl::StrCat("ext_authz", filter_stats_prefix.empty() ? EMPTY_STRING : absl::StrCat(".", filter_stats_prefix), ".", name); } const bool allow_partial_message_; const bool failure_mode_allow_; const bool clear_route_cache_; const uint32_t max_request_bytes_; const bool pack_as_bytes_; const Http::Code status_on_error_; Stats::Scope& scope_; Runtime::Loader& runtime_; Http::Context& http_context_; const absl::optional filter_enabled_; const absl::optional filter_enabled_metadata_; const absl::optional deny_at_disable_; // TODO(nezdolik): stop using pool as part of deprecating cluster scope stats. Stats::StatNamePool pool_; const std::vector metadata_context_namespaces_; const bool include_peer_certificate_; // The stats for the filter. ExtAuthzFilterStats stats_; public: // TODO(nezdolik): deprecate cluster scope stats counters in favor of filter scope stats // (ExtAuthzFilterStats stats_). const Stats::StatName ext_authz_ok_; const Stats::StatName ext_authz_denied_; const Stats::StatName ext_authz_error_; const Stats::StatName ext_authz_timeout_; const Stats::StatName ext_authz_failure_mode_allowed_; }; using FilterConfigSharedPtr = std::shared_ptr; /** * Per route settings for ExtAuth. Allows customizing the CheckRequest on a * virtualhost\route\weighted cluster level. */ class FilterConfigPerRoute : public Router::RouteSpecificFilterConfig { public: using ContextExtensionsMap = Protobuf::Map; FilterConfigPerRoute( const envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute& config) : context_extensions_(config.has_check_settings() ? config.check_settings().context_extensions() : ContextExtensionsMap()), disable_request_body_buffering_(config.has_check_settings() && config.check_settings().disable_request_body_buffering()), disabled_(config.disabled()) {} void merge(const FilterConfigPerRoute& other); /** * @return Context extensions to add to the CheckRequest. */ const ContextExtensionsMap& contextExtensions() const { return context_extensions_; } // Allow moving the context extensions out of this object. ContextExtensionsMap&& takeContextExtensions() { return std::move(context_extensions_); } bool disabled() const { return disabled_; } bool disableRequestBodyBuffering() const { return disable_request_body_buffering_; } private: // We save the context extensions as a protobuf map instead of an std::map as this allows us to // move it to the CheckRequest, thus avoiding a copy that would incur by converting it. ContextExtensionsMap context_extensions_; bool disable_request_body_buffering_; bool disabled_; }; /** * HTTP ext_authz filter. Depending on the route configuration, this filter calls the global * ext_authz service before allowing further filter iteration. */ class Filter : public Logger::Loggable, public Http::StreamDecoderFilter, public Filters::Common::ExtAuthz::RequestCallbacks { public: Filter(const FilterConfigSharedPtr& config, Filters::Common::ExtAuthz::ClientPtr&& client) : config_(config), client_(std::move(client)), stats_(config->stats()) {} // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // ExtAuthz::RequestCallbacks void onComplete(Filters::Common::ExtAuthz::ResponsePtr&&) override; private: void addResponseHeaders(Http::HeaderMap& header_map, const Http::HeaderVector& headers); void initiateCall(const Http::RequestHeaderMap& headers, const Router::RouteConstSharedPtr& route); void continueDecoding(); bool isBufferFull() const; // This holds a set of flags defined in per-route configuration. struct PerRouteFlags { const bool skip_check_; const bool skip_request_body_buffering_; }; PerRouteFlags getPerRouteFlags(const Router::RouteConstSharedPtr& route) const; // State of this filter's communication with the external authorization service. // The filter has either not started calling the external service, in the middle of calling // it or has completed. enum class State { NotStarted, Calling, Complete }; // FilterReturn is used to capture what the return code should be to the filter chain. // if this filter is either in the middle of calling the service or the result is denied then // the filter chain should stop. Otherwise the filter chain can continue to the next filter. enum class FilterReturn { ContinueDecoding, StopDecoding }; Http::HeaderMapPtr getHeaderMap(const Filters::Common::ExtAuthz::ResponsePtr& response); FilterConfigSharedPtr config_; Filters::Common::ExtAuthz::ClientPtr client_; Http::StreamDecoderFilterCallbacks* callbacks_{}; Http::RequestHeaderMap* request_headers_; State state_{State::NotStarted}; FilterReturn filter_return_{FilterReturn::ContinueDecoding}; Upstream::ClusterInfoConstSharedPtr cluster_; // The stats for the filter. ExtAuthzFilterStats stats_; // Used to identify if the callback to onComplete() is synchronous (on the stack) or asynchronous. bool initiating_call_{}; bool buffer_data_{}; bool skip_check_{false}; envoy::service::auth::v3::CheckRequest check_request_{}; }; } // namespace ExtAuthz } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/fault/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that injects faults into the request flow # Public docs: docs/root/configuration/http_filters/fault_filter.rst envoy_extension_package() envoy_cc_library( name = "fault_filter_lib", srcs = ["fault_filter.cc"], hdrs = ["fault_filter.h"], deps = [ "//include/envoy/event:timer_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:token_bucket_impl_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:utility_lib", "//source/extensions/filters/common/fault:fault_config_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/fault/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/fault:fault_filter_lib", "@envoy_api//envoy/extensions/filters/http/fault/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/fault/config.cc ================================================ #include "extensions/filters/http/fault/config.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/fault/fault_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Fault { Http::FilterFactoryCb FaultFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::fault::v3::HTTPFault& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { FaultFilterConfigSharedPtr filter_config(new FaultFilterConfig( config, context.runtime(), stats_prefix, context.scope(), context.timeSource())); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(filter_config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr FaultFilterFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::fault::v3::HTTPFault& config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(config); } /** * Static registration for the fault filter. @see RegisterFactory. */ REGISTER_FACTORY(FaultFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.fault"}; } // namespace Fault } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/fault/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Fault { /** * Config registration for the fault injection filter. @see NamedHttpFilterConfigFactory. */ class FaultFilterFactory : public Common::FactoryBase { public: FaultFilterFactory() : FactoryBase(HttpFilterNames::get().Fault) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::fault::v3::HTTPFault& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::fault::v3::HTTPFault& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace Fault } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/fault/fault_filter.cc ================================================ #include "extensions/filters/http/fault/fault_filter.h" #include #include #include #include #include "envoy/event/timer.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "common/stats/utility.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Fault { struct RcDetailsValues { // The fault filter injected an abort for this request. const std::string FaultAbort = "fault_filter_abort"; }; using RcDetails = ConstSingleton; FaultSettings::FaultSettings(const envoy::extensions::filters::http::fault::v3::HTTPFault& fault) : fault_filter_headers_(Http::HeaderUtility::buildHeaderDataVector(fault.headers())), delay_percent_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT(fault, delay_percent_runtime, RuntimeKeys::get().DelayPercentKey)), abort_percent_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT(fault, abort_percent_runtime, RuntimeKeys::get().AbortPercentKey)), delay_duration_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT(fault, delay_duration_runtime, RuntimeKeys::get().DelayDurationKey)), abort_http_status_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT( fault, abort_http_status_runtime, RuntimeKeys::get().AbortHttpStatusKey)), abort_grpc_status_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT( fault, abort_grpc_status_runtime, RuntimeKeys::get().AbortGrpcStatusKey)), max_active_faults_runtime_(PROTOBUF_GET_STRING_OR_DEFAULT( fault, max_active_faults_runtime, RuntimeKeys::get().MaxActiveFaultsKey)), response_rate_limit_percent_runtime_( PROTOBUF_GET_STRING_OR_DEFAULT(fault, response_rate_limit_percent_runtime, RuntimeKeys::get().ResponseRateLimitPercentKey)) { if (fault.has_abort()) { request_abort_config_ = std::make_unique(fault.abort()); } if (fault.has_delay()) { request_delay_config_ = std::make_unique(fault.delay()); } upstream_cluster_ = fault.upstream_cluster(); for (const auto& node : fault.downstream_nodes()) { downstream_nodes_.insert(node); } if (fault.has_max_active_faults()) { max_active_faults_ = fault.max_active_faults().value(); } if (fault.has_response_rate_limit()) { response_rate_limit_ = std::make_unique(fault.response_rate_limit()); } } FaultFilterConfig::FaultFilterConfig( const envoy::extensions::filters::http::fault::v3::HTTPFault& fault, Runtime::Loader& runtime, const std::string& stats_prefix, Stats::Scope& scope, TimeSource& time_source) : settings_(fault), runtime_(runtime), stats_(generateStats(stats_prefix, scope)), scope_(scope), time_source_(time_source), stat_name_set_(scope.symbolTable().makeSet("Fault")), aborts_injected_(stat_name_set_->add("aborts_injected")), delays_injected_(stat_name_set_->add("delays_injected")), stats_prefix_(stat_name_set_->add(absl::StrCat(stats_prefix, "fault"))) {} void FaultFilterConfig::incCounter(Stats::StatName downstream_cluster, Stats::StatName stat_name) { Stats::Utility::counterFromStatNames(scope_, {stats_prefix_, downstream_cluster, stat_name}) .inc(); } FaultFilter::FaultFilter(FaultFilterConfigSharedPtr config) : config_(config) {} FaultFilter::~FaultFilter() { ASSERT(delay_timer_ == nullptr); ASSERT(response_limiter_ == nullptr || response_limiter_->destroyed()); } // Delays and aborts are independent events. One can inject a delay // followed by an abort or inject just a delay or abort. In this callback, // if we inject a delay, then we will inject the abort in the delay timer // callback. Http::FilterHeadersStatus FaultFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { // Route-level configuration overrides filter-level configuration // NOTE: We should not use runtime when reading from route-level // faults. In other words, runtime is supported only when faults are // configured at the filter level. fault_settings_ = config_->settings(); if (decoder_callbacks_->route() && decoder_callbacks_->route()->routeEntry()) { const std::string& name = Extensions::HttpFilters::HttpFilterNames::get().Fault; const auto* route_entry = decoder_callbacks_->route()->routeEntry(); const auto* per_route_settings = route_entry->mostSpecificPerFilterConfigTyped(name); fault_settings_ = per_route_settings ? per_route_settings : fault_settings_; } if (!matchesTargetUpstreamCluster()) { return Http::FilterHeadersStatus::Continue; } if (!matchesDownstreamNodes(headers)) { return Http::FilterHeadersStatus::Continue; } // Check for header matches if (!Http::HeaderUtility::matchHeaders(headers, fault_settings_->filterHeaders())) { return Http::FilterHeadersStatus::Continue; } if (headers.EnvoyDownstreamServiceCluster()) { downstream_cluster_ = std::string(headers.getEnvoyDownstreamServiceClusterValue()); if (!downstream_cluster_.empty()) { downstream_cluster_storage_ = std::make_unique( downstream_cluster_, config_->scope().symbolTable()); } downstream_cluster_delay_percent_key_ = fmt::format("fault.http.{}.delay.fixed_delay_percent", downstream_cluster_); downstream_cluster_abort_percent_key_ = fmt::format("fault.http.{}.abort.abort_percent", downstream_cluster_); downstream_cluster_delay_duration_key_ = fmt::format("fault.http.{}.delay.fixed_duration_ms", downstream_cluster_); downstream_cluster_abort_http_status_key_ = fmt::format("fault.http.{}.abort.http_status", downstream_cluster_); downstream_cluster_abort_grpc_status_key_ = fmt::format("fault.http.{}.abort.grpc_status", downstream_cluster_); } maybeSetupResponseRateLimit(headers); if (maybeSetupDelay(headers)) { return Http::FilterHeadersStatus::StopIteration; } if (maybeDoAbort(headers)) { return Http::FilterHeadersStatus::StopIteration; } return Http::FilterHeadersStatus::Continue; } bool FaultFilter::maybeSetupDelay(const Http::RequestHeaderMap& request_headers) { absl::optional duration = delayDuration(request_headers); if (duration.has_value() && tryIncActiveFaults()) { delay_timer_ = decoder_callbacks_->dispatcher().createTimer( [this, &request_headers]() -> void { postDelayInjection(request_headers); }); ENVOY_LOG(debug, "fault: delaying request {}ms", duration.value().count()); delay_timer_->enableTimer(duration.value(), &decoder_callbacks_->scope()); recordDelaysInjectedStats(); decoder_callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::DelayInjected); return true; } return false; } bool FaultFilter::maybeDoAbort(const Http::RequestHeaderMap& request_headers) { absl::optional http_status; absl::optional grpc_status; std::tie(http_status, grpc_status) = abortStatus(request_headers); if (http_status.has_value() && tryIncActiveFaults()) { abortWithStatus(http_status.value(), grpc_status); return true; } return false; } void FaultFilter::maybeSetupResponseRateLimit(const Http::RequestHeaderMap& request_headers) { if (!isResponseRateLimitEnabled(request_headers)) { return; } absl::optional rate_kbps = fault_settings_->responseRateLimit()->rateKbps(&request_headers); if (!rate_kbps.has_value()) { return; } if (!tryIncActiveFaults()) { return; } config_->stats().response_rl_injected_.inc(); response_limiter_ = std::make_unique( rate_kbps.value(), encoder_callbacks_->encoderBufferLimit(), [this] { encoder_callbacks_->onEncoderFilterAboveWriteBufferHighWatermark(); }, [this] { encoder_callbacks_->onEncoderFilterBelowWriteBufferLowWatermark(); }, [this](Buffer::Instance& data, bool end_stream) { encoder_callbacks_->injectEncodedDataToFilterChain(data, end_stream); }, [this] { encoder_callbacks_->continueEncoding(); }, config_->timeSource(), decoder_callbacks_->dispatcher(), decoder_callbacks_->scope()); } bool FaultFilter::faultOverflow() { const uint64_t max_faults = config_->runtime().snapshot().getInteger( fault_settings_->maxActiveFaultsRuntime(), fault_settings_->maxActiveFaults().has_value() ? fault_settings_->maxActiveFaults().value() : std::numeric_limits::max()); // Note: Since we don't compare/swap here this is a fuzzy limit which is similar to how the // other circuit breakers work. if (config_->stats().active_faults_.value() >= max_faults) { config_->stats().faults_overflow_.inc(); return true; } return false; } bool FaultFilter::isDelayEnabled(const Http::RequestHeaderMap& request_headers) { const auto request_delay = fault_settings_->requestDelay(); if (request_delay == nullptr) { return false; } if (!downstream_cluster_delay_percent_key_.empty()) { return config_->runtime().snapshot().featureEnabled( downstream_cluster_delay_percent_key_, request_delay->percentage(&request_headers)); } return config_->runtime().snapshot().featureEnabled(fault_settings_->delayPercentRuntime(), request_delay->percentage(&request_headers)); } bool FaultFilter::isAbortEnabled(const Http::RequestHeaderMap& request_headers) { const auto request_abort = fault_settings_->requestAbort(); if (request_abort == nullptr) { return false; } if (!downstream_cluster_abort_percent_key_.empty()) { return config_->runtime().snapshot().featureEnabled( downstream_cluster_abort_percent_key_, request_abort->percentage(&request_headers)); } return config_->runtime().snapshot().featureEnabled(fault_settings_->abortPercentRuntime(), request_abort->percentage(&request_headers)); } bool FaultFilter::isResponseRateLimitEnabled(const Http::RequestHeaderMap& request_headers) { if (fault_settings_->responseRateLimit() == nullptr) { return false; } // TODO(mattklein123): Allow runtime override via downstream cluster similar to the other keys. return config_->runtime().snapshot().featureEnabled( fault_settings_->responseRateLimitPercentRuntime(), fault_settings_->responseRateLimit()->percentage(&request_headers)); } absl::optional FaultFilter::delayDuration(const Http::RequestHeaderMap& request_headers) { absl::optional ret; if (!isDelayEnabled(request_headers)) { return ret; } // See if the configured delay provider has a default delay, if not there is no delay (e.g., // header configuration and no/invalid header). auto config_duration = fault_settings_->requestDelay()->duration(&request_headers); if (!config_duration.has_value()) { return ret; } std::chrono::milliseconds duration = std::chrono::milliseconds(config_->runtime().snapshot().getInteger( fault_settings_->delayDurationRuntime(), config_duration.value().count())); if (!downstream_cluster_delay_duration_key_.empty()) { duration = std::chrono::milliseconds(config_->runtime().snapshot().getInteger( downstream_cluster_delay_duration_key_, duration.count())); } // Delay only if the duration is >0ms if (duration.count() > 0) { ret = duration; } return ret; } AbortHttpAndGrpcStatus FaultFilter::abortStatus(const Http::RequestHeaderMap& request_headers) { if (!isAbortEnabled(request_headers)) { return AbortHttpAndGrpcStatus{absl::nullopt, absl::nullopt}; } auto http_status = abortHttpStatus(request_headers); // If http status code is set, then gRPC status won't be used. if (http_status.has_value()) { return AbortHttpAndGrpcStatus{http_status, absl::nullopt}; } auto grpc_status = abortGrpcStatus(request_headers); // If gRPC status code is set, then http status will be set to Http::Code::OK (200) if (grpc_status.has_value()) { return AbortHttpAndGrpcStatus{Http::Code::OK, grpc_status}; } return AbortHttpAndGrpcStatus{absl::nullopt, absl::nullopt}; } absl::optional FaultFilter::abortHttpStatus(const Http::RequestHeaderMap& request_headers) { // See if the configured abort provider has a default status code, if not there is no abort status // code (e.g., header configuration and no/invalid header). auto http_status = fault_settings_->requestAbort()->httpStatusCode(&request_headers); if (!http_status.has_value()) { return absl::nullopt; } auto default_http_status_code = static_cast(http_status.value()); auto runtime_http_status_code = config_->runtime().snapshot().getInteger( fault_settings_->abortHttpStatusRuntime(), default_http_status_code); if (!downstream_cluster_abort_http_status_key_.empty()) { runtime_http_status_code = config_->runtime().snapshot().getInteger( downstream_cluster_abort_http_status_key_, default_http_status_code); } return static_cast(runtime_http_status_code); } absl::optional FaultFilter::abortGrpcStatus(const Http::RequestHeaderMap& request_headers) { auto grpc_status = fault_settings_->requestAbort()->grpcStatusCode(&request_headers); if (!grpc_status.has_value()) { return absl::nullopt; } auto default_grpc_status_code = static_cast(grpc_status.value()); auto runtime_grpc_status_code = config_->runtime().snapshot().getInteger( fault_settings_->abortGrpcStatusRuntime(), default_grpc_status_code); if (!downstream_cluster_abort_grpc_status_key_.empty()) { runtime_grpc_status_code = config_->runtime().snapshot().getInteger( downstream_cluster_abort_grpc_status_key_, default_grpc_status_code); } return static_cast(runtime_grpc_status_code); } void FaultFilter::recordDelaysInjectedStats() { // Downstream specific stats. if (!downstream_cluster_.empty()) { config_->incDelays(downstream_cluster_storage_->statName()); } config_->stats().delays_injected_.inc(); } void FaultFilter::recordAbortsInjectedStats() { // Downstream specific stats. if (!downstream_cluster_.empty()) { config_->incAborts(downstream_cluster_storage_->statName()); } config_->stats().aborts_injected_.inc(); } Http::FilterDataStatus FaultFilter::decodeData(Buffer::Instance&, bool) { if (delay_timer_ == nullptr) { return Http::FilterDataStatus::Continue; } // If the request is too large, stop reading new data until the buffer drains. return Http::FilterDataStatus::StopIterationAndWatermark; } Http::FilterTrailersStatus FaultFilter::decodeTrailers(Http::RequestTrailerMap&) { return delay_timer_ == nullptr ? Http::FilterTrailersStatus::Continue : Http::FilterTrailersStatus::StopIteration; } FaultFilterStats FaultFilterConfig::generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "fault."; return {ALL_FAULT_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; } bool FaultFilter::tryIncActiveFaults() { // Only charge 1 active fault per filter in case we are injecting multiple faults. // Since we count at most one active fault per filter, we also allow multiple faults // per filter without checking for overflow. if (fault_active_) { return true; } // We only check for overflow when attempting to perform a fault. Note that this means that a // single request might increment the counter more than once if it tries to apply multiple faults, // and it is also possible for it to fail the first check then succeed on the second (should // another thread decrement the active fault gauge). if (faultOverflow()) { return false; } // TODO(mattklein123): Consider per-fault type active fault gauges. config_->stats().active_faults_.inc(); fault_active_ = true; return true; } void FaultFilter::onDestroy() { resetTimerState(); if (response_limiter_ != nullptr) { response_limiter_->destroy(); } if (fault_active_) { config_->stats().active_faults_.dec(); } } void FaultFilter::postDelayInjection(const Http::RequestHeaderMap& request_headers) { resetTimerState(); // Delays can be followed by aborts absl::optional http_status; absl::optional grpc_status; std::tie(http_status, grpc_status) = abortStatus(request_headers); if (http_status.has_value()) { abortWithStatus(http_status.value(), grpc_status); } else { // Continue request processing. decoder_callbacks_->continueDecoding(); } } void FaultFilter::abortWithStatus(Http::Code http_status_code, absl::optional grpc_status) { recordAbortsInjectedStats(); decoder_callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::FaultInjected); decoder_callbacks_->sendLocalReply(http_status_code, "fault filter abort", nullptr, grpc_status, RcDetails::get().FaultAbort); } bool FaultFilter::matchesTargetUpstreamCluster() { bool matches = true; if (!fault_settings_->upstreamCluster().empty()) { Router::RouteConstSharedPtr route = decoder_callbacks_->route(); matches = route && route->routeEntry() && (route->routeEntry()->clusterName() == fault_settings_->upstreamCluster()); } return matches; } bool FaultFilter::matchesDownstreamNodes(const Http::RequestHeaderMap& headers) { if (fault_settings_->downstreamNodes().empty()) { return true; } if (!headers.EnvoyDownstreamServiceNode()) { return false; } const absl::string_view downstream_node = headers.getEnvoyDownstreamServiceNodeValue(); return fault_settings_->downstreamNodes().find(downstream_node) != fault_settings_->downstreamNodes().end(); } void FaultFilter::resetTimerState() { if (delay_timer_) { delay_timer_->disableTimer(); delay_timer_.reset(); } } Http::FilterDataStatus FaultFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (response_limiter_ != nullptr) { response_limiter_->writeData(data, end_stream); return Http::FilterDataStatus::StopIterationNoBuffer; } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus FaultFilter::encodeTrailers(Http::ResponseTrailerMap&) { if (response_limiter_ != nullptr) { return response_limiter_->onTrailers(); } return Http::FilterTrailersStatus::Continue; } StreamRateLimiter::StreamRateLimiter(uint64_t max_kbps, uint64_t max_buffered_data, std::function pause_data_cb, std::function resume_data_cb, std::function write_data_cb, std::function continue_cb, TimeSource& time_source, Event::Dispatcher& dispatcher, const ScopeTrackedObject& scope) : // bytes_per_time_slice is KiB converted to bytes divided by the number of ticks per second. bytes_per_time_slice_((max_kbps * 1024) / SecondDivisor), write_data_cb_(write_data_cb), continue_cb_(continue_cb), scope_(scope), // The token bucket is configured with a max token count of the number of ticks per second, // and refills at the same rate, so that we have a per second limit which refills gradually in // ~63ms intervals. token_bucket_(SecondDivisor, time_source, SecondDivisor), token_timer_(dispatcher.createTimer([this] { onTokenTimer(); })), buffer_(resume_data_cb, pause_data_cb, []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }) { ASSERT(bytes_per_time_slice_ > 0); ASSERT(max_buffered_data > 0); buffer_.setWatermarks(max_buffered_data); } void StreamRateLimiter::onTokenTimer() { ENVOY_LOG(trace, "limiter: timer wakeup: buffered={}", buffer_.length()); Buffer::OwnedImpl data_to_write; if (!saw_data_) { // The first time we see any data on this stream (via writeData()), reset the number of tokens // to 1. This will ensure that we start pacing the data at the desired rate (and don't send a // full 1s of data right away which might not introduce enough delay for a stream that doesn't // have enough data to span more than 1s of rate allowance). Once we reset, we will subsequently // allow for bursting within the second to account for our data provider being bursty. token_bucket_.reset(1); saw_data_ = true; } // Compute the number of tokens needed (rounded up), try to obtain that many tickets, and then // figure out how many bytes to write given the number of tokens we actually got. const uint64_t tokens_needed = (buffer_.length() + bytes_per_time_slice_ - 1) / bytes_per_time_slice_; const uint64_t tokens_obtained = token_bucket_.consume(tokens_needed, true); const uint64_t bytes_to_write = std::min(tokens_obtained * bytes_per_time_slice_, buffer_.length()); ENVOY_LOG(trace, "limiter: tokens_needed={} tokens_obtained={} to_write={}", tokens_needed, tokens_obtained, bytes_to_write); // Move the data to write into the output buffer with as little copying as possible. // NOTE: This might be moving zero bytes, but that should work fine. data_to_write.move(buffer_, bytes_to_write); // If the buffer still contains data in it, we couldn't get enough tokens, so schedule the next // token available time. if (buffer_.length() > 0) { const std::chrono::milliseconds ms = token_bucket_.nextTokenAvailable(); if (ms.count() > 0) { ENVOY_LOG(trace, "limiter: scheduling wakeup for {}ms", ms.count()); token_timer_->enableTimer(ms, &scope_); } } // Write the data out, indicating end stream if we saw end stream, there is no further data to // send, and there are no trailers. write_data_cb_(data_to_write, saw_end_stream_ && buffer_.length() == 0 && !saw_trailers_); // If there is no more data to send and we saw trailers, we need to continue iteration to release // the trailers to further filters. if (buffer_.length() == 0 && saw_trailers_) { continue_cb_(); } } void StreamRateLimiter::writeData(Buffer::Instance& incoming_buffer, bool end_stream) { ENVOY_LOG(trace, "limiter: incoming data length={} buffered={}", incoming_buffer.length(), buffer_.length()); buffer_.move(incoming_buffer); saw_end_stream_ = end_stream; if (!token_timer_->enabled()) { // TODO(mattklein123): In an optimal world we would be able to continue iteration with the data // we want in the buffer, but have a way to clear end_stream in case we can't send it all. // The filter API does not currently support that and it will not be a trivial change to add. // Instead we cheat here by scheduling the token timer to run immediately after the stack is // unwound, at which point we can directly called encode/decodeData. token_timer_->enableTimer(std::chrono::milliseconds(0), &scope_); } } Http::FilterTrailersStatus StreamRateLimiter::onTrailers() { saw_end_stream_ = true; saw_trailers_ = true; return buffer_.length() > 0 ? Http::FilterTrailersStatus::StopIteration : Http::FilterTrailersStatus::Continue; } } // namespace Fault } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/fault/fault_filter.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/type/v3/percent.pb.h" #include "common/buffer/watermark_buffer.h" #include "common/common/token_bucket_impl.h" #include "common/http/header_utility.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/common/fault/fault_config.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Fault { /** * All stats for the fault filter. @see stats_macros.h */ #define ALL_FAULT_FILTER_STATS(COUNTER, GAUGE) \ COUNTER(aborts_injected) \ COUNTER(delays_injected) \ COUNTER(faults_overflow) \ COUNTER(response_rl_injected) \ GAUGE(active_faults, Accumulate) /** * Wrapper struct for connection manager stats. @see stats_macros.h */ struct FaultFilterStats { ALL_FAULT_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Configuration for fault injection. */ class FaultSettings : public Router::RouteSpecificFilterConfig { public: FaultSettings(const envoy::extensions::filters::http::fault::v3::HTTPFault& fault); const std::vector& filterHeaders() const { return fault_filter_headers_; } const Filters::Common::Fault::FaultAbortConfig* requestAbort() const { return request_abort_config_.get(); } const Filters::Common::Fault::FaultDelayConfig* requestDelay() const { return request_delay_config_.get(); } const std::string& upstreamCluster() const { return upstream_cluster_; } const absl::flat_hash_set& downstreamNodes() const { return downstream_nodes_; } absl::optional maxActiveFaults() const { return max_active_faults_; } const Filters::Common::Fault::FaultRateLimitConfig* responseRateLimit() const { return response_rate_limit_.get(); } const std::string& abortPercentRuntime() const { return abort_percent_runtime_; } const std::string& delayPercentRuntime() const { return delay_percent_runtime_; } const std::string& abortHttpStatusRuntime() const { return abort_http_status_runtime_; } const std::string& abortGrpcStatusRuntime() const { return abort_grpc_status_runtime_; } const std::string& delayDurationRuntime() const { return delay_duration_runtime_; } const std::string& maxActiveFaultsRuntime() const { return max_active_faults_runtime_; } const std::string& responseRateLimitPercentRuntime() const { return response_rate_limit_percent_runtime_; } private: class RuntimeKeyValues { public: const std::string DelayPercentKey = "fault.http.delay.fixed_delay_percent"; const std::string AbortPercentKey = "fault.http.abort.abort_percent"; const std::string DelayDurationKey = "fault.http.delay.fixed_duration_ms"; const std::string AbortHttpStatusKey = "fault.http.abort.http_status"; const std::string AbortGrpcStatusKey = "fault.http.abort.grpc_status"; const std::string MaxActiveFaultsKey = "fault.http.max_active_faults"; const std::string ResponseRateLimitPercentKey = "fault.http.rate_limit.response_percent"; }; using RuntimeKeys = ConstSingleton; envoy::type::v3::FractionalPercent abort_percentage_; Filters::Common::Fault::FaultDelayConfigPtr request_delay_config_; Filters::Common::Fault::FaultAbortConfigPtr request_abort_config_; std::string upstream_cluster_; // restrict faults to specific upstream cluster const std::vector fault_filter_headers_; absl::flat_hash_set downstream_nodes_{}; // Inject failures for specific downstream absl::optional max_active_faults_; Filters::Common::Fault::FaultRateLimitConfigPtr response_rate_limit_; const std::string delay_percent_runtime_; const std::string abort_percent_runtime_; const std::string delay_duration_runtime_; const std::string abort_http_status_runtime_; const std::string abort_grpc_status_runtime_; const std::string max_active_faults_runtime_; const std::string response_rate_limit_percent_runtime_; }; /** * Configuration for the fault filter. */ class FaultFilterConfig { public: FaultFilterConfig(const envoy::extensions::filters::http::fault::v3::HTTPFault& fault, Runtime::Loader& runtime, const std::string& stats_prefix, Stats::Scope& scope, TimeSource& time_source); Runtime::Loader& runtime() { return runtime_; } FaultFilterStats& stats() { return stats_; } Stats::Scope& scope() { return scope_; } const FaultSettings* settings() { return &settings_; } TimeSource& timeSource() { return time_source_; } void incDelays(Stats::StatName downstream_cluster) { incCounter(downstream_cluster, delays_injected_); } void incAborts(Stats::StatName downstream_cluster) { incCounter(downstream_cluster, aborts_injected_); } private: static FaultFilterStats generateStats(const std::string& prefix, Stats::Scope& scope); void incCounter(Stats::StatName downstream_cluster, Stats::StatName stat_name); const FaultSettings settings_; Runtime::Loader& runtime_; FaultFilterStats stats_; Stats::Scope& scope_; TimeSource& time_source_; Stats::StatNameSetPtr stat_name_set_; const Stats::StatName aborts_injected_; const Stats::StatName delays_injected_; const Stats::StatName stats_prefix_; // Includes ".fault". }; using FaultFilterConfigSharedPtr = std::shared_ptr; /** * An HTTP stream rate limiter. Split out for ease of testing and potential code reuse elsewhere. */ class StreamRateLimiter : Logger::Loggable { public: /** * @param max_kbps maximum rate in KiB/s. * @param max_buffered_data maximum data to buffer before invoking the pause callback. * @param pause_data_cb callback invoked when the limiter has buffered too much data. * @param resume_data_cb callback invoked when the limiter has gone under the buffer limit. * @param write_data_cb callback invoked to write data to the stream. * @param continue_cb callback invoked to continue the stream. This is only used to continue * trailers that have been paused during body flush. * @param time_source the time source to run the token bucket with. * @param dispatcher the stream's dispatcher to use for creating timers. * @param scope the stream's scope */ StreamRateLimiter(uint64_t max_kbps, uint64_t max_buffered_data, std::function pause_data_cb, std::function resume_data_cb, std::function write_data_cb, std::function continue_cb, TimeSource& time_source, Event::Dispatcher& dispatcher, const ScopeTrackedObject& scope); /** * Called by the stream to write data. All data writes happen asynchronously, the stream should * be stopped after this call (all data will be drained from incoming_buffer). */ void writeData(Buffer::Instance& incoming_buffer, bool end_stream); /** * Called if the stream receives trailers. */ Http::FilterTrailersStatus onTrailers(); /** * Like the owning filter, we must handle inline destruction, so we have a destroy() method which * kills any callbacks. */ void destroy() { token_timer_.reset(); } bool destroyed() { return token_timer_ == nullptr; } private: void onTokenTimer(); // We currently divide each second into 16 segments for the token bucket. Thus, the rate limit is // KiB per second, divided into 16 segments, ~63ms apart. 16 is used because it divides into 1024 // evenly. static constexpr uint64_t SecondDivisor = 16; const uint64_t bytes_per_time_slice_; const std::function write_data_cb_; const std::function continue_cb_; const ScopeTrackedObject& scope_; TokenBucketImpl token_bucket_; Event::TimerPtr token_timer_; bool saw_data_{}; bool saw_end_stream_{}; bool saw_trailers_{}; Buffer::WatermarkBuffer buffer_; }; using AbortHttpAndGrpcStatus = std::pair, absl::optional>; /** * A filter that is capable of faulting an entire request before dispatching it upstream. */ class FaultFilter : public Http::StreamFilter, Logger::Loggable { public: FaultFilter(FaultFilterConfigSharedPtr config); ~FaultFilter() override; // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override { return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; } private: bool faultOverflow(); void recordAbortsInjectedStats(); void recordDelaysInjectedStats(); void resetTimerState(); void postDelayInjection(const Http::RequestHeaderMap& request_headers); void abortWithStatus(Http::Code http_status_code, absl::optional grpc_status_code); bool matchesTargetUpstreamCluster(); bool matchesDownstreamNodes(const Http::RequestHeaderMap& headers); bool isAbortEnabled(const Http::RequestHeaderMap& request_headers); bool isDelayEnabled(const Http::RequestHeaderMap& request_headers); bool isResponseRateLimitEnabled(const Http::RequestHeaderMap& request_headers); absl::optional delayDuration(const Http::RequestHeaderMap& request_headers); AbortHttpAndGrpcStatus abortStatus(const Http::RequestHeaderMap& request_headers); absl::optional abortHttpStatus(const Http::RequestHeaderMap& request_headers); absl::optional abortGrpcStatus(const Http::RequestHeaderMap& request_headers); // Attempts to increase the number of active faults. Returns false if we've reached the maximum // number of allowed faults, in which case no fault should be performed. bool tryIncActiveFaults(); bool maybeDoAbort(const Http::RequestHeaderMap& request_headers); bool maybeSetupDelay(const Http::RequestHeaderMap& request_headers); void maybeSetupResponseRateLimit(const Http::RequestHeaderMap& request_headers); FaultFilterConfigSharedPtr config_; Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; Event::TimerPtr delay_timer_; std::string downstream_cluster_{}; std::unique_ptr downstream_cluster_storage_; const FaultSettings* fault_settings_; bool fault_active_{}; std::unique_ptr response_limiter_; std::string downstream_cluster_delay_percent_key_{}; std::string downstream_cluster_abort_percent_key_{}; std::string downstream_cluster_delay_duration_key_{}; std::string downstream_cluster_abort_http_status_key_{}; std::string downstream_cluster_abort_grpc_status_key_{}; }; } // namespace Fault } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_bridge/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that bridges HTTP/1.1 unary "gRPC" to compliant HTTP/2 gRPC. # Public docs: docs/root/configuration/http_filters/grpc_http1_bridge_filter.rst envoy_extension_package() envoy_cc_library( name = "http1_bridge_filter_lib", srcs = ["http1_bridge_filter.cc"], hdrs = ["http1_bridge_filter.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/grpc:common_lib", "//source/common/grpc:context_lib", "//source/common/http:headers_lib", "//source/common/http/http1:codec_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//source/exe:__pkg__", "//test/integration:__subpackages__", "//test/server:__subpackages__", ], security_posture = "unknown", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_http1_bridge:http1_bridge_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_bridge/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/grpc_http1_bridge/config.cc ================================================ #include "extensions/filters/http/grpc_http1_bridge/config.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1Bridge { Http::FilterFactoryCb GrpcHttp1BridgeFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_bridge::v3::Config&, const std::string&, Server::Configuration::FactoryContext& factory_context) { return [&factory_context](Http::FilterChainFactoryCallbacks& callbacks) { callbacks.addStreamFilter(std::make_shared(factory_context.grpcContext())); }; } /** * Static registration for the grpc HTTP1 bridge filter. @see RegisterFactory. */ REGISTER_FACTORY(GrpcHttp1BridgeFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.grpc_http1_bridge"}; } // namespace GrpcHttp1Bridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_bridge/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/grpc_http1_bridge/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_http1_bridge/v3/config.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1Bridge { /** * Config registration for the grpc HTTP1 bridge filter. @see NamedHttpFilterConfigFactory. */ class GrpcHttp1BridgeFilterConfig : public Common::FactoryBase { public: GrpcHttp1BridgeFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcHttp1Bridge) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_bridge::v3::Config& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& factory_context) override; }; } // namespace GrpcHttp1Bridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.cc ================================================ #include "extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" #include #include #include #include "envoy/http/codes.h" #include "common/common/enum_to_int.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/grpc/context_impl.h" #include "common/http/headers.h" #include "common/http/http1/codec_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1Bridge { void Http1BridgeFilter::chargeStat(const Http::ResponseHeaderOrTrailerMap& headers) { context_.chargeStat(*cluster_, Grpc::Context::Protocol::Grpc, *request_stat_names_, headers.GrpcStatus()); } Http::FilterHeadersStatus Http1BridgeFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { const bool grpc_request = Grpc::Common::isGrpcRequestHeaders(headers); if (grpc_request) { setupStatTracking(headers); } const absl::optional& protocol = decoder_callbacks_->streamInfo().protocol(); ASSERT(protocol); if (protocol.value() < Http::Protocol::Http2 && grpc_request) { do_bridging_ = true; } return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus Http1BridgeFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { if (doStatTracking()) { chargeStat(headers); } if (!do_bridging_ || end_stream) { return Http::FilterHeadersStatus::Continue; } else { response_headers_ = &headers; return Http::FilterHeadersStatus::StopIteration; } } Http::FilterDataStatus Http1BridgeFilter::encodeData(Buffer::Instance&, bool end_stream) { if (!do_bridging_ || end_stream) { return Http::FilterDataStatus::Continue; } else { // Buffer until the complete request has been processed. return Http::FilterDataStatus::StopIterationAndBuffer; } } Http::FilterTrailersStatus Http1BridgeFilter::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (doStatTracking()) { chargeStat(trailers); } if (do_bridging_) { // Here we check for grpc-status. If it's not zero, we change the response code. We assume // that if a reset comes in and we disconnect the HTTP/1.1 client it will raise some type // of exception/error that the response was not complete. const Http::HeaderEntry* grpc_status_header = trailers.GrpcStatus(); if (grpc_status_header) { uint64_t grpc_status_code; if (!absl::SimpleAtoi(grpc_status_header->value().getStringView(), &grpc_status_code) || grpc_status_code != 0) { response_headers_->setStatus(enumToInt(Http::Code::ServiceUnavailable)); } response_headers_->setGrpcStatus(grpc_status_header->value().getStringView()); } const Http::HeaderEntry* grpc_message_header = trailers.GrpcMessage(); if (grpc_message_header) { response_headers_->setGrpcMessage(grpc_message_header->value().getStringView()); } // Since we are buffering, set content-length so that HTTP/1.1 callers can better determine // if this is a complete response. response_headers_->setContentLength( encoder_callbacks_->encodingBuffer() ? encoder_callbacks_->encodingBuffer()->length() : 0); } // NOTE: We will still write the trailers, but the HTTP/1.1 codec will just eat them and end // the chunk encoded response which is what we want. return Http::FilterTrailersStatus::Continue; } void Http1BridgeFilter::setupStatTracking(const Http::RequestHeaderMap& headers) { cluster_ = decoder_callbacks_->clusterInfo(); if (!cluster_) { return; } request_stat_names_ = context_.resolveDynamicServiceAndMethod(headers.Path()); } } // namespace GrpcHttp1Bridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" #include "common/grpc/context_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1Bridge { /** * See docs/configuration/http_filters/grpc_http1_bridge_filter.rst */ class Http1BridgeFilter : public Http::StreamFilter { public: explicit Http1BridgeFilter(Grpc::Context& context) : context_(context) {} // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; } bool doStatTracking() const { return request_stat_names_.has_value(); } private: void chargeStat(const Http::ResponseHeaderOrTrailerMap& headers); void setupStatTracking(const Http::RequestHeaderMap& headers); Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; Http::ResponseHeaderMap* response_headers_{}; bool do_bridging_{}; Upstream::ClusterInfoConstSharedPtr cluster_; absl::optional request_stat_names_; Grpc::Context& context_; }; } // namespace GrpcHttp1Bridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_reverse_bridge/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "filter_lib", srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ "//include/envoy/http:filter_interface", "//source/common/common:enum_to_int", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/grpc:status_lib", "//source/common/http:header_map_lib", "//source/common/http:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":filter_lib", "//include/envoy/http:filter_interface", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/grpc_http1_reverse_bridge/config.cc ================================================ #include "extensions/filters/http/grpc_http1_reverse_bridge/config.h" #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1ReverseBridge { Http::FilterFactoryCb Config::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfig& config, const std::string&, Server::Configuration::FactoryContext&) { return [config](Envoy::Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter( std::make_shared(config.content_type(), config.withhold_grpc_frames())); }; } Router::RouteSpecificFilterConfigConstSharedPtr Config::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfigPerRoute& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config); } /** * Static registration for the grpc http1 reverse bridge filter. @see RegisterFactory. */ REGISTER_FACTORY(Config, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace GrpcHttp1ReverseBridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_reverse_bridge/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.validate.h" #include "envoy/server/filter_config.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1ReverseBridge { class Config : public Common::FactoryBase< envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfig, envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfigPerRoute> { public: Config() : FactoryBase(HttpFilterNames::get().GrpcHttp1ReverseBridge) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfig& config, const std::string& stat_prefix, Envoy::Server::Configuration::FactoryContext& context) override; private: Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfigPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace GrpcHttp1ReverseBridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_reverse_bridge/filter.cc ================================================ #include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" #include "envoy/http/header_map.h" #include "common/common/enum_to_int.h" #include "common/grpc/codec.h" #include "common/grpc/common.h" #include "common/grpc/status.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1ReverseBridge { Http::RegisterCustomInlineHeader accept_handle(Http::CustomHeaders::get().Accept); struct RcDetailsValues { // The gRPC HTTP/1 reverse bridge failed because the body payload was too // small to be a gRPC frame. const std::string GrpcBridgeFailedTooSmall = "grpc_bridge_data_too_small"; // The gRPC HTTP/1 bridge encountered an unsupported content type. const std::string GrpcBridgeFailedContentType = "grpc_bridge_content_type_wrong"; }; using RcDetails = ConstSingleton; namespace { Grpc::Status::GrpcStatus grpcStatusFromHeaders(Http::ResponseHeaderMap& headers) { const auto http_response_status = Http::Utility::getResponseStatus(headers); // Notably, we treat an upstream 200 as a successful response. This differs // from the standard but is key in being able to transform a successful // upstream HTTP response into a gRPC response. if (http_response_status == 200) { return Grpc::Status::WellKnownGrpcStatus::Ok; } else { return Grpc::Utility::httpToGrpcStatus(http_response_status); } } std::string badContentTypeMessage(const Http::ResponseHeaderMap& headers) { if (headers.ContentType() != nullptr) { return fmt::format( "envoy reverse bridge: upstream responded with unsupported content-type {}, status code {}", headers.getContentTypeValue(), headers.getStatusValue()); } else { return fmt::format( "envoy reverse bridge: upstream responded with no content-type header, status code {}", headers.getStatusValue()); } } void adjustContentLength(Http::RequestOrResponseHeaderMap& headers, const std::function& adjustment) { auto length_header = headers.getContentLengthValue(); if (!length_header.empty()) { uint64_t length; if (absl::SimpleAtoi(length_header, &length)) { if (length != 0) { headers.setContentLength(adjustment(length)); } } } } } // namespace Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { // Short circuit if header only. if (end_stream) { return Http::FilterHeadersStatus::Continue; } // Disable filter per route config if applies if (decoder_callbacks_->route() != nullptr) { const auto* per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( Extensions::HttpFilters::HttpFilterNames::get().GrpcHttp1ReverseBridge, decoder_callbacks_->route()); if (per_route_config != nullptr && per_route_config->disabled()) { enabled_ = false; return Http::FilterHeadersStatus::Continue; } } // If this is a gRPC request we: // - mark this request as being gRPC // - change the content-type to application/x-protobuf if (Envoy::Grpc::Common::isGrpcRequestHeaders(headers)) { enabled_ = true; // We keep track of the original content-type to ensure that we handle // gRPC content type variations such as application/grpc+proto. content_type_ = std::string(headers.getContentTypeValue()); headers.setContentType(upstream_content_type_); headers.setInline(accept_handle.handle(), upstream_content_type_); if (withhold_grpc_frames_) { // Adjust the content-length header to account for us removing the gRPC frame header. adjustContentLength(headers, [](auto size) { return size - Grpc::GRPC_FRAME_HEADER_SIZE; }); } // Clear the route cache to recompute the cache. This provides additional // flexibility around request modification through the route table. decoder_callbacks_->clearRouteCache(); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::decodeData(Buffer::Instance& buffer, bool) { if (enabled_ && withhold_grpc_frames_ && !prefix_stripped_) { // Fail the request if the body is too small to possibly contain a gRPC frame. if (buffer.length() < Grpc::GRPC_FRAME_HEADER_SIZE) { decoder_callbacks_->sendLocalReply(Http::Code::OK, "invalid request body", nullptr, Grpc::Status::WellKnownGrpcStatus::Unknown, RcDetails::get().GrpcBridgeFailedTooSmall); return Http::FilterDataStatus::StopIterationNoBuffer; } // Remove the gRPC frame header. buffer.drain(Grpc::GRPC_FRAME_HEADER_SIZE); prefix_stripped_ = true; } return Http::FilterDataStatus::Continue; } Http::FilterHeadersStatus Filter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { if (enabled_) { absl::string_view content_type = headers.getContentTypeValue(); // If the response from upstream does not have the correct content-type, // perform an early return with a useful error message in grpc-message. if (content_type != upstream_content_type_) { decoder_callbacks_->sendLocalReply(Http::Code::OK, badContentTypeMessage(headers), nullptr, Grpc::Status::WellKnownGrpcStatus::Unknown, RcDetails::get().GrpcBridgeFailedContentType); return Http::FilterHeadersStatus::StopIteration; } // Restore the content-type to match what the downstream sent. headers.setContentType(content_type_); if (withhold_grpc_frames_) { // Adjust content-length to account for the frame header that's added. adjustContentLength(headers, [](auto length) { return length + Grpc::GRPC_FRAME_HEADER_SIZE; }); } // We can only insert trailers at the end of data, so keep track of this value // until then. grpc_status_ = grpcStatusFromHeaders(headers); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::encodeData(Buffer::Instance& buffer, bool end_stream) { if (!enabled_) { return Http::FilterDataStatus::Continue; } if (end_stream) { // Insert grpc-status trailers to communicate the error code. auto& trailers = encoder_callbacks_->addEncodedTrailers(); trailers.setGrpcStatus(grpc_status_); if (withhold_grpc_frames_) { buffer.prepend(buffer_); buildGrpcFrameHeader(buffer); } return Http::FilterDataStatus::Continue; } // We only need to buffer if we're responsible for injecting the gRPC frame header. if (withhold_grpc_frames_) { // Buffer the response in a mutable buffer: we need to determine the size of the response // and modify it later on. buffer_.move(buffer); return Http::FilterDataStatus::StopIterationAndBuffer; } else { return Http::FilterDataStatus::Continue; } } Http::FilterTrailersStatus Filter::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (!enabled_) { return Http::FilterTrailersStatus::Continue; } trailers.setGrpcStatus(grpc_status_); if (withhold_grpc_frames_) { buildGrpcFrameHeader(buffer_); encoder_callbacks_->addEncodedData(buffer_, false); } return Http::FilterTrailersStatus::Continue; } void Filter::buildGrpcFrameHeader(Buffer::Instance& buffer) { // We do this even if the upstream failed: If the response returned non-200, // we'll respond with a grpc-status with an error, so clients will know that the request // was unsuccessful. Since we're guaranteed at this point to have a valid response // (unless upstream lied in content-type) we attempt to return a well-formed gRPC // response body. Grpc::Encoder().prependFrameHeader(Grpc::GRPC_FH_DEFAULT, buffer); } } // namespace GrpcHttp1ReverseBridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h ================================================ #pragma once #include #include #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" #include "envoy/http/filter.h" #include "common/buffer/buffer_impl.h" #include "common/grpc/status.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcHttp1ReverseBridge { // When enabled, will downgrade an incoming gRPC http request into a h/1.1 request. class Filter : public Envoy::Http::PassThroughFilter { public: Filter(std::string upstream_content_type, bool withhold_grpc_frames) : upstream_content_type_(std::move(upstream_content_type)), withhold_grpc_frames_(withhold_grpc_frames) {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& buffer, bool end_stream) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& buffer, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; private: // Prepend the grpc frame into the buffer void buildGrpcFrameHeader(Buffer::Instance& buffer); const std::string upstream_content_type_; const bool withhold_grpc_frames_; bool enabled_{}; bool prefix_stripped_{}; std::string content_type_{}; Grpc::Status::GrpcStatus grpc_status_{}; // Normally we'd use the encoding buffer, but since we need to mutate the // buffer we instead maintain our own. Buffer::OwnedImpl buffer_{}; }; using FilterPtr = std::unique_ptr; class FilterConfigPerRoute : public Router::RouteSpecificFilterConfig { public: FilterConfigPerRoute( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfigPerRoute& config) : disabled_(config.disabled()) {} bool disabled() const { return disabled_; } private: bool disabled_; }; } // namespace GrpcHttp1ReverseBridge } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that implements binary gRPC to JSON transcoding # Public docs: docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst envoy_extension_package() envoy_cc_library( name = "json_transcoder_filter_lib", srcs = ["json_transcoder_filter.cc"], hdrs = ["json_transcoder_filter.h"], external_deps = [ "path_matcher", "grpc_transcoding", "http_api_protos", "api_httpbody_protos", ], deps = [ ":http_body_utils_lib", ":transcoder_input_stream_lib", "//include/envoy/http:filter_interface", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/http:headers_lib", "//source/common/protobuf", "@envoy_api//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "http_body_utils_lib", srcs = ["http_body_utils.cc"], hdrs = ["http_body_utils.h"], external_deps = [ "api_httpbody_protos", ], deps = [ "//source/common/grpc:codec_lib", "//source/common/protobuf", ], ) envoy_cc_library( name = "transcoder_input_stream_lib", srcs = ["transcoder_input_stream_impl.cc"], hdrs = ["transcoder_input_stream_impl.h"], external_deps = ["grpc_transcoding"], deps = ["//source/common/buffer:zero_copy_input_stream_lib"], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_json_transcoder:json_transcoder_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/config.cc ================================================ #include "extensions/filters/http/grpc_json_transcoder/config.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { Http::FilterFactoryCb GrpcJsonTranscoderFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { JsonTranscoderConfigSharedPtr filter_config = std::make_shared(proto_config, context.api()); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(*filter_config)); }; } /** * Static registration for the grpc transcoding filter. @see RegisterNamedHttpFilterConfigFactory. */ REGISTER_FACTORY(GrpcJsonTranscoderFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.grpc_json_transcoder"}; } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { /** * Config registration for the gRPC JSON transcoder filter. @see NamedHttpFilterConfigFactory. */ class GrpcJsonTranscoderFilterConfig : public Common::FactoryBase< envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder> { public: GrpcJsonTranscoderFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcJsonTranscoder) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc ================================================ #include "extensions/filters/http/grpc_json_transcoder/http_body_utils.h" #include "google/api/httpbody.pb.h" using Envoy::Protobuf::io::CodedInputStream; using Envoy::Protobuf::io::CodedOutputStream; using Envoy::Protobuf::io::StringOutputStream; using Envoy::Protobuf::io::ZeroCopyInputStream; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { namespace { // Embedded messages are treated the same way as strings (wire type 2). constexpr uint32_t ProtobufLengthDelimitedField = 2; bool parseMessageByFieldPath(CodedInputStream* input, absl::Span field_path, Protobuf::Message* message) { if (field_path.empty()) { return message->MergeFromCodedStream(input); } const uint32_t expected_tag = (field_path.front()->number() << 3) | ProtobufLengthDelimitedField; for (;;) { const uint32_t tag = input->ReadTag(); if (tag == expected_tag) { uint32_t length = 0; if (!input->ReadVarint32(&length)) { return false; } auto limit = input->IncrementRecursionDepthAndPushLimit(length); if (!parseMessageByFieldPath(input, field_path.subspan(1), message)) { return false; } if (!input->DecrementRecursionDepthAndPopLimit(limit.first)) { return false; } } else if (tag == 0) { return true; } else { if (!Protobuf::internal::WireFormatLite::SkipField(input, tag)) { return false; } } } } } // namespace bool HttpBodyUtils::parseMessageByFieldPath(ZeroCopyInputStream* stream, const std::vector& field_path, Protobuf::Message* message) { CodedInputStream input(stream); input.SetRecursionLimit(field_path.size()); return GrpcJsonTranscoder::parseMessageByFieldPath(&input, absl::MakeConstSpan(field_path), message); } void HttpBodyUtils::appendHttpBodyEnvelope( Buffer::Instance& output, const std::vector& request_body_field_path, std::string content_type, uint64_t content_length) { // Manually encode the protobuf envelope for the body. // See https://developers.google.com/protocol-buffers/docs/encoding#embedded for wire format. std::string proto_envelope; { // For memory safety, the StringOutputStream needs to be destroyed before // we read the string. const uint32_t http_body_field_number = (google::api::HttpBody::kDataFieldNumber << 3) | ProtobufLengthDelimitedField; ::google::api::HttpBody body; body.set_content_type(std::move(content_type)); uint64_t envelope_size = body.ByteSizeLong() + CodedOutputStream::VarintSize32(http_body_field_number) + CodedOutputStream::VarintSize64(content_length); std::vector message_sizes; message_sizes.reserve(request_body_field_path.size()); for (auto it = request_body_field_path.rbegin(); it != request_body_field_path.rend(); ++it) { const Protobuf::Field* field = *it; const uint64_t message_size = envelope_size + content_length; const uint32_t field_number = (field->number() << 3) | ProtobufLengthDelimitedField; const uint64_t field_size = CodedOutputStream::VarintSize32(field_number) + CodedOutputStream::VarintSize64(message_size); message_sizes.push_back(message_size); envelope_size += field_size; } std::reverse(message_sizes.begin(), message_sizes.end()); proto_envelope.reserve(envelope_size); Envoy::Protobuf::io::StringOutputStream string_stream(&proto_envelope); Envoy::Protobuf::io::CodedOutputStream coded_stream(&string_stream); // Serialize body field definition manually to avoid the copy of the body. for (size_t i = 0; i < request_body_field_path.size(); ++i) { const Protobuf::Field* field = request_body_field_path[i]; const uint32_t field_number = (field->number() << 3) | ProtobufLengthDelimitedField; const uint64_t message_size = message_sizes[i]; coded_stream.WriteTag(field_number); coded_stream.WriteVarint64(message_size); } body.SerializeToCodedStream(&coded_stream); coded_stream.WriteTag(http_body_field_number); coded_stream.WriteVarint64(content_length); } output.add(proto_envelope); } } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "common/buffer/buffer_impl.h" #include "common/grpc/codec.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { class HttpBodyUtils { public: static bool parseMessageByFieldPath(Protobuf::io::ZeroCopyInputStream* stream, const std::vector& field_path, Protobuf::Message* message); static void appendHttpBodyEnvelope(Buffer::Instance& output, const std::vector& request_body_field_path, std::string content_type, uint64_t content_length); }; } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc ================================================ #include "extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" #include #include #include "envoy/common/exception.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/http/filter.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/utility.h" #include "common/grpc/common.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/grpc_json_transcoder/http_body_utils.h" #include "google/api/annotations.pb.h" #include "google/api/http.pb.h" #include "google/api/httpbody.pb.h" #include "grpc_transcoding/json_request_translator.h" #include "grpc_transcoding/path_matcher_utility.h" #include "grpc_transcoding/response_to_json_translator.h" using Envoy::Protobuf::FileDescriptorSet; using Envoy::Protobuf::io::ZeroCopyInputStream; using Envoy::ProtobufUtil::Status; using Envoy::ProtobufUtil::error::Code; using google::api::HttpRule; using google::grpc::transcoding::JsonRequestTranslator; using JsonRequestTranslatorPtr = std::unique_ptr; using google::grpc::transcoding::MessageStream; using google::grpc::transcoding::PathMatcherBuilder; using google::grpc::transcoding::PathMatcherUtility; using google::grpc::transcoding::RequestInfo; using google::grpc::transcoding::RequestMessageTranslator; using RequestMessageTranslatorPtr = std::unique_ptr; using google::grpc::transcoding::ResponseToJsonTranslator; using ResponseToJsonTranslatorPtr = std::unique_ptr; using google::grpc::transcoding::Transcoder; using TranscoderPtr = std::unique_ptr; using google::grpc::transcoding::TranscoderInputStream; using TranscoderInputStreamPtr = std::unique_ptr; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { struct RcDetailsValues { // The gRPC json transcoder filter failed to transcode when processing request headers. // This will generally be accompanied by details about the transcoder failure. const std::string GrpcTranscodeFailedEarly = "early_grpc_json_transcode_failure"; // The gRPC json transcoder filter failed to transcode when processing the request body. // This will generally be accompanied by details about the transcoder failure. const std::string GrpcTranscodeFailed = "grpc_json_transcode_failure"; }; using RcDetails = ConstSingleton; namespace { const Http::LowerCaseString& trailerHeader() { CONSTRUCT_ON_FIRST_USE(Http::LowerCaseString, "trailer"); } // Transcoder: // https://github.com/grpc-ecosystem/grpc-httpjson-transcoding/blob/master/src/include/grpc_transcoding/transcoder.h // implementation based on JsonRequestTranslator & ResponseToJsonTranslator class TranscoderImpl : public Transcoder { public: /** * Construct a transcoder implementation * @param request_translator a JsonRequestTranslator that does the request translation * @param response_translator a ResponseToJsonTranslator that does the response translation */ TranscoderImpl(RequestMessageTranslatorPtr request_translator, JsonRequestTranslatorPtr json_request_translator, ResponseToJsonTranslatorPtr response_translator) : request_translator_(std::move(request_translator)), json_request_translator_(std::move(json_request_translator)), request_message_stream_(request_translator_ ? *request_translator_ : json_request_translator_->Output()), response_translator_(std::move(response_translator)), request_stream_(request_message_stream_.CreateInputStream()), response_stream_(response_translator_->CreateInputStream()) {} // Transcoder ::google::grpc::transcoding::TranscoderInputStream* RequestOutput() override { return request_stream_.get(); } ProtobufUtil::Status RequestStatus() override { return request_message_stream_.Status(); } ZeroCopyInputStream* ResponseOutput() override { return response_stream_.get(); } ProtobufUtil::Status ResponseStatus() override { return response_translator_->Status(); } private: RequestMessageTranslatorPtr request_translator_; JsonRequestTranslatorPtr json_request_translator_; MessageStream& request_message_stream_; ResponseToJsonTranslatorPtr response_translator_; TranscoderInputStreamPtr request_stream_; TranscoderInputStreamPtr response_stream_; }; } // namespace JsonTranscoderConfig::JsonTranscoderConfig( const envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder& proto_config, Api::Api& api) { FileDescriptorSet descriptor_set; switch (proto_config.descriptor_set_case()) { case envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder:: DescriptorSetCase::kProtoDescriptor: if (!descriptor_set.ParseFromString( api.fileSystem().fileReadToEnd(proto_config.proto_descriptor()))) { throw EnvoyException("transcoding_filter: Unable to parse proto descriptor"); } break; case envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder:: DescriptorSetCase::kProtoDescriptorBin: if (!descriptor_set.ParseFromString(proto_config.proto_descriptor_bin())) { throw EnvoyException("transcoding_filter: Unable to parse proto descriptor"); } break; default: NOT_REACHED_GCOVR_EXCL_LINE; } for (const auto& file : descriptor_set.file()) { addFileDescriptor(file); } convert_grpc_status_ = proto_config.convert_grpc_status(); if (convert_grpc_status_) { addBuiltinSymbolDescriptor("google.protobuf.Any"); addBuiltinSymbolDescriptor("google.rpc.Status"); } type_helper_ = std::make_unique( Protobuf::util::NewTypeResolverForDescriptorPool(Grpc::Common::typeUrlPrefix(), &descriptor_pool_)); PathMatcherBuilder pmb; // clang-format off // We cannot convert this to a absl hash set as PathMatcherUtility::RegisterByHttpRule takes a // std::unordered_set as an argument std::unordered_set ignored_query_parameters; // clang-format on for (const auto& query_param : proto_config.ignored_query_parameters()) { ignored_query_parameters.insert(query_param); } for (const auto& service_name : proto_config.services()) { auto service = descriptor_pool_.FindServiceByName(service_name); if (service == nullptr) { throw EnvoyException("transcoding_filter: Could not find '" + service_name + "' in the proto descriptor"); } for (int i = 0; i < service->method_count(); ++i) { auto method = service->method(i); HttpRule http_rule; if (method->options().HasExtension(google::api::http)) { http_rule = method->options().GetExtension(google::api::http); } else if (proto_config.auto_mapping()) { auto post = "/" + service->full_name() + "/" + method->name(); http_rule.set_post(post); http_rule.set_body("*"); } MethodInfoSharedPtr method_info; Status status = createMethodInfo(method, http_rule, method_info); if (!status.ok()) { throw EnvoyException("transcoding_filter: Cannot register '" + method->full_name() + "': " + status.message().ToString()); } if (!PathMatcherUtility::RegisterByHttpRule(pmb, http_rule, ignored_query_parameters, method_info)) { throw EnvoyException("transcoding_filter: Cannot register '" + method->full_name() + "' to path matcher"); } } } path_matcher_ = pmb.Build(); const auto& print_config = proto_config.print_options(); print_options_.add_whitespace = print_config.add_whitespace(); print_options_.always_print_primitive_fields = print_config.always_print_primitive_fields(); print_options_.always_print_enums_as_ints = print_config.always_print_enums_as_ints(); print_options_.preserve_proto_field_names = print_config.preserve_proto_field_names(); match_incoming_request_route_ = proto_config.match_incoming_request_route(); ignore_unknown_query_parameters_ = proto_config.ignore_unknown_query_parameters(); } void JsonTranscoderConfig::addFileDescriptor(const Protobuf::FileDescriptorProto& file) { if (descriptor_pool_.BuildFile(file) == nullptr) { throw EnvoyException("transcoding_filter: Unable to build proto descriptor pool"); } } void JsonTranscoderConfig::addBuiltinSymbolDescriptor(const std::string& symbol_name) { if (descriptor_pool_.FindFileContainingSymbol(symbol_name) != nullptr) { return; } auto* builtin_pool = Protobuf::DescriptorPool::generated_pool(); if (!builtin_pool) { return; } Protobuf::DescriptorPoolDatabase pool_database(*builtin_pool); Protobuf::FileDescriptorProto file_proto; pool_database.FindFileContainingSymbol(symbol_name, &file_proto); addFileDescriptor(file_proto); } Status JsonTranscoderConfig::resolveField(const Protobuf::Descriptor* descriptor, const std::string& field_path_str, std::vector* field_path, bool* is_http_body) { const Protobuf::Type* message_type = type_helper_->Info()->GetTypeByTypeUrl(Grpc::Common::typeUrl(descriptor->full_name())); if (message_type == nullptr) { return ProtobufUtil::Status(Code::NOT_FOUND, "Could not resolve type: " + descriptor->full_name()); } Status status = type_helper_->ResolveFieldPath( *message_type, field_path_str == "*" ? "" : field_path_str, field_path); if (!status.ok()) { return status; } if (field_path->empty()) { *is_http_body = descriptor->full_name() == google::api::HttpBody::descriptor()->full_name(); } else { const Protobuf::Type* body_type = type_helper_->Info()->GetTypeByTypeUrl(field_path->back()->type_url()); *is_http_body = body_type != nullptr && body_type->name() == google::api::HttpBody::descriptor()->full_name(); } return Status::OK; } Status JsonTranscoderConfig::createMethodInfo(const Protobuf::MethodDescriptor* descriptor, const HttpRule& http_rule, MethodInfoSharedPtr& method_info) { method_info = std::make_shared(); method_info->descriptor_ = descriptor; Status status = resolveField(descriptor->input_type(), http_rule.body(), &method_info->request_body_field_path, &method_info->request_type_is_http_body_); if (!status.ok()) { return status; } status = resolveField(descriptor->output_type(), http_rule.response_body(), &method_info->response_body_field_path, &method_info->response_type_is_http_body_); if (!status.ok()) { return status; } if (!method_info->response_body_field_path.empty() && !method_info->response_type_is_http_body_) { // TODO(euroelessar): Implement https://github.com/envoyproxy/envoy/issues/11136. return Status(Code::UNIMPLEMENTED, "Setting \"response_body\" is not supported yet for non-HttpBody fields: " + descriptor->full_name()); } return Status::OK; } bool JsonTranscoderConfig::matchIncomingRequestInfo() const { return match_incoming_request_route_; } bool JsonTranscoderConfig::convertGrpcStatus() const { return convert_grpc_status_; } ProtobufUtil::Status JsonTranscoderConfig::createTranscoder( const Http::RequestHeaderMap& headers, ZeroCopyInputStream& request_input, google::grpc::transcoding::TranscoderInputStream& response_input, TranscoderPtr& transcoder, MethodInfoSharedPtr& method_info) { if (Grpc::Common::isGrpcRequestHeaders(headers)) { return ProtobufUtil::Status(Code::INVALID_ARGUMENT, "Request headers has application/grpc content-type"); } const std::string method(headers.getMethodValue()); std::string path(headers.getPathValue()); std::string args; const size_t pos = path.find('?'); if (pos != std::string::npos) { args = path.substr(pos + 1); path = path.substr(0, pos); } struct RequestInfo request_info; std::vector variable_bindings; method_info = path_matcher_->Lookup(method, path, args, &variable_bindings, &request_info.body_field_path); if (!method_info) { return ProtobufUtil::Status(Code::NOT_FOUND, "Could not resolve " + path + " to a method"); } auto status = methodToRequestInfo(method_info, &request_info); if (!status.ok()) { return status; } for (const auto& binding : variable_bindings) { google::grpc::transcoding::RequestWeaver::BindingInfo resolved_binding; status = type_helper_->ResolveFieldPath(*request_info.message_type, binding.field_path, &resolved_binding.field_path); if (!status.ok()) { if (ignore_unknown_query_parameters_) { continue; } return status; } resolved_binding.value = binding.value; request_info.variable_bindings.emplace_back(std::move(resolved_binding)); } RequestMessageTranslatorPtr request_translator; JsonRequestTranslatorPtr json_request_translator; if (method_info->request_type_is_http_body_) { request_translator = std::make_unique(*type_helper_->Resolver(), false, std::move(request_info)); request_translator->Input().StartObject(nullptr)->EndObject(); } else { json_request_translator = std::make_unique( type_helper_->Resolver(), &request_input, std::move(request_info), method_info->descriptor_->client_streaming(), true); } const auto response_type_url = Grpc::Common::typeUrl(method_info->descriptor_->output_type()->full_name()); ResponseToJsonTranslatorPtr response_translator{new ResponseToJsonTranslator( type_helper_->Resolver(), response_type_url, method_info->descriptor_->server_streaming(), &response_input, print_options_)}; transcoder = std::make_unique(std::move(request_translator), std::move(json_request_translator), std::move(response_translator)); return ProtobufUtil::Status(); } ProtobufUtil::Status JsonTranscoderConfig::methodToRequestInfo(const MethodInfoSharedPtr& method_info, google::grpc::transcoding::RequestInfo* info) { const std::string& request_type_full_name = method_info->descriptor_->input_type()->full_name(); auto request_type_url = Grpc::Common::typeUrl(request_type_full_name); info->message_type = type_helper_->Info()->GetTypeByTypeUrl(request_type_url); if (info->message_type == nullptr) { ENVOY_LOG(debug, "Cannot resolve input-type: {}", request_type_full_name); return ProtobufUtil::Status(Code::NOT_FOUND, "Could not resolve type: " + request_type_full_name); } return ProtobufUtil::Status(); } ProtobufUtil::Status JsonTranscoderConfig::translateProtoMessageToJson(const Protobuf::Message& message, std::string* json_out) { return ProtobufUtil::BinaryToJsonString( type_helper_->Resolver(), Grpc::Common::typeUrl(message.GetDescriptor()->full_name()), message.SerializeAsString(), json_out, print_options_); } JsonTranscoderFilter::JsonTranscoderFilter(JsonTranscoderConfig& config) : config_(config) {} Http::FilterHeadersStatus JsonTranscoderFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { const auto status = config_.createTranscoder(headers, request_in_, response_in_, transcoder_, method_); if (!status.ok()) { // If transcoder couldn't be created, it might be a normal gRPC request, so the filter will // just pass-through the request to upstream. return Http::FilterHeadersStatus::Continue; } if (method_->request_type_is_http_body_) { if (headers.ContentType() != nullptr) { absl::string_view content_type = headers.getContentTypeValue(); content_type_.assign(content_type.begin(), content_type.end()); } bool done = !readToBuffer(*transcoder_->RequestOutput(), initial_request_data_); if (!done) { ENVOY_LOG( debug, "Transcoding of query arguments of HttpBody request is not done (unexpected state)"); error_ = true; decoder_callbacks_->sendLocalReply( Http::Code::BadRequest, "Bad request", nullptr, absl::nullopt, absl::StrCat(RcDetails::get().GrpcTranscodeFailedEarly, "{BAD_REQUEST}")); return Http::FilterHeadersStatus::StopIteration; } if (checkIfTranscoderFailed(RcDetails::get().GrpcTranscodeFailed)) { return Http::FilterHeadersStatus::StopIteration; } } headers.removeContentLength(); headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Grpc); headers.setEnvoyOriginalPath(headers.getPathValue()); headers.addReferenceKey(Http::Headers::get().EnvoyOriginalMethod, headers.getMethodValue()); headers.setPath("/" + method_->descriptor_->service()->full_name() + "/" + method_->descriptor_->name()); headers.setReferenceMethod(Http::Headers::get().MethodValues.Post); headers.setReferenceTE(Http::Headers::get().TEValues.Trailers); if (!config_.matchIncomingRequestInfo()) { decoder_callbacks_->clearRouteCache(); } if (end_stream && method_->request_type_is_http_body_) { maybeSendHttpBodyRequestMessage(); } else if (end_stream) { request_in_.finish(); if (checkIfTranscoderFailed(RcDetails::get().GrpcTranscodeFailedEarly)) { return Http::FilterHeadersStatus::StopIteration; } Buffer::OwnedImpl data; readToBuffer(*transcoder_->RequestOutput(), data); if (data.length() > 0) { decoder_callbacks_->addDecodedData(data, true); } } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus JsonTranscoderFilter::decodeData(Buffer::Instance& data, bool end_stream) { ASSERT(!error_); if (!transcoder_) { return Http::FilterDataStatus::Continue; } if (method_->request_type_is_http_body_) { request_data_.move(data); // TODO(euroelessar): Upper bound message size for streaming case. if (end_stream || method_->descriptor_->client_streaming()) { maybeSendHttpBodyRequestMessage(); } else { // TODO(euroelessar): Avoid buffering if content length is already known. return Http::FilterDataStatus::StopIterationAndBuffer; } } else { request_in_.move(data); if (end_stream) { request_in_.finish(); } readToBuffer(*transcoder_->RequestOutput(), data); } if (checkIfTranscoderFailed(RcDetails::get().GrpcTranscodeFailed)) { return Http::FilterDataStatus::StopIterationNoBuffer; } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus JsonTranscoderFilter::decodeTrailers(Http::RequestTrailerMap&) { ASSERT(!error_); if (!transcoder_) { return Http::FilterTrailersStatus::Continue; } if (method_->request_type_is_http_body_) { maybeSendHttpBodyRequestMessage(); } else { request_in_.finish(); Buffer::OwnedImpl data; readToBuffer(*transcoder_->RequestOutput(), data); if (data.length()) { decoder_callbacks_->addDecodedData(data, true); } } return Http::FilterTrailersStatus::Continue; } void JsonTranscoderFilter::setDecoderFilterCallbacks( Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; } Http::FilterHeadersStatus JsonTranscoderFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) { if (!Grpc::Common::isGrpcResponseHeaders(headers, end_stream)) { error_ = true; } if (error_ || !transcoder_) { return Http::FilterHeadersStatus::Continue; } response_headers_ = &headers; if (end_stream) { if (method_->descriptor_->server_streaming()) { // When there is no body in a streaming response, a empty JSON array is // returned by default. Set the content type correctly. headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); } // In gRPC wire protocol, headers frame with end_stream is a trailers-only response. // The return value from encodeTrailers is ignored since it is always continue. doTrailers(headers); return Http::FilterHeadersStatus::Continue; } headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); // In case of HttpBody in response - content type is unknown at this moment. // So "Continue" only for regular streaming use case and StopIteration for // all other cases (non streaming, streaming + httpBody) if (method_->descriptor_->server_streaming() && !method_->response_type_is_http_body_) { return Http::FilterHeadersStatus::Continue; } return Http::FilterHeadersStatus::StopIteration; } Http::FilterDataStatus JsonTranscoderFilter::encodeData(Buffer::Instance& data, bool end_stream) { if (error_ || !transcoder_) { return Http::FilterDataStatus::Continue; } has_body_ = true; if (method_->response_type_is_http_body_) { bool frame_processed = buildResponseFromHttpBodyOutput(*response_headers_, data); if (!method_->descriptor_->server_streaming()) { return Http::FilterDataStatus::StopIterationAndBuffer; } if (!http_body_response_headers_set_ && !frame_processed) { return Http::FilterDataStatus::StopIterationAndBuffer; } return Http::FilterDataStatus::Continue; } response_in_.move(data); if (end_stream) { response_in_.finish(); } readToBuffer(*transcoder_->ResponseOutput(), data); if (!method_->descriptor_->server_streaming() && !end_stream) { // Buffer until the response is complete. return Http::FilterDataStatus::StopIterationAndBuffer; } // TODO(lizan): Check ResponseStatus return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus JsonTranscoderFilter::encodeTrailers(Http::ResponseTrailerMap& trailers) { doTrailers(trailers); return Http::FilterTrailersStatus::Continue; } void JsonTranscoderFilter::doTrailers(Http::ResponseHeaderOrTrailerMap& headers_or_trailers) { if (error_ || !transcoder_) { return; } response_in_.finish(); const absl::optional grpc_status = Grpc::Common::getGrpcStatus(headers_or_trailers, true); if (grpc_status && maybeConvertGrpcStatus(*grpc_status, headers_or_trailers)) { return; } if (!method_->response_type_is_http_body_) { Buffer::OwnedImpl data; readToBuffer(*transcoder_->ResponseOutput(), data); if (data.length()) { encoder_callbacks_->addEncodedData(data, true); } } // If there was no previous headers frame, this |trailers| map is our |response_headers_|, // so there is no need to copy headers from one to the other. const bool is_trailers_only_response = response_headers_ == &headers_or_trailers; const bool is_server_streaming = method_->descriptor_->server_streaming(); if (is_server_streaming && !is_trailers_only_response) { // Continue if headers were sent already. return; } if (!grpc_status || grpc_status.value() == Grpc::Status::WellKnownGrpcStatus::InvalidCode) { response_headers_->setStatus(enumToInt(Http::Code::ServiceUnavailable)); } else { response_headers_->setStatus(Grpc::Utility::grpcToHttpStatus(grpc_status.value())); if (!is_trailers_only_response) { response_headers_->setGrpcStatus(grpc_status.value()); } } if (!is_trailers_only_response) { // Copy the grpc-message header if it exists. const Http::HeaderEntry* grpc_message_header = headers_or_trailers.GrpcMessage(); if (grpc_message_header) { response_headers_->setGrpcMessage(grpc_message_header->value().getStringView()); } } // remove Trailer headers if the client connection was http/1 if (encoder_callbacks_->streamInfo().protocol() < Http::Protocol::Http2) { response_headers_->remove(trailerHeader()); } if (!method_->descriptor_->server_streaming()) { // Set content-length for non-streaming responses. response_headers_->setContentLength( encoder_callbacks_->encodingBuffer() ? encoder_callbacks_->encodingBuffer()->length() : 0); } } void JsonTranscoderFilter::setEncoderFilterCallbacks( Http::StreamEncoderFilterCallbacks& callbacks) { encoder_callbacks_ = &callbacks; } bool JsonTranscoderFilter::checkIfTranscoderFailed(const std::string& details) { const auto& request_status = transcoder_->RequestStatus(); if (!request_status.ok()) { ENVOY_LOG(debug, "Transcoding request error {}", request_status.ToString()); error_ = true; decoder_callbacks_->sendLocalReply( Http::Code::BadRequest, absl::string_view(request_status.error_message().data(), request_status.error_message().size()), nullptr, absl::nullopt, absl::StrCat(details, "{", MessageUtil::CodeEnumToString(request_status.code()), "}")); return true; } return false; } // TODO(lizan): Incorporate watermarks to bound buffer sizes bool JsonTranscoderFilter::readToBuffer(Protobuf::io::ZeroCopyInputStream& stream, Buffer::Instance& data) { const void* out; int size; while (stream.Next(&out, &size)) { data.add(out, size); if (size == 0) { return true; } } return false; } void JsonTranscoderFilter::maybeSendHttpBodyRequestMessage() { if (first_request_sent_ && request_data_.length() == 0) { return; } Buffer::OwnedImpl message_payload; message_payload.move(initial_request_data_); HttpBodyUtils::appendHttpBodyEnvelope(message_payload, method_->request_body_field_path, std::move(content_type_), request_data_.length()); content_type_.clear(); message_payload.move(request_data_); Envoy::Grpc::Encoder().prependFrameHeader(Envoy::Grpc::GRPC_FH_DEFAULT, message_payload); decoder_callbacks_->addDecodedData(message_payload, true); first_request_sent_ = true; } bool JsonTranscoderFilter::buildResponseFromHttpBodyOutput( Http::ResponseHeaderMap& response_headers, Buffer::Instance& data) { std::vector frames; decoder_.decode(data, frames); if (frames.empty()) { return false; } google::api::HttpBody http_body; for (auto& frame : frames) { if (frame.length_ > 0) { http_body.Clear(); Buffer::ZeroCopyInputStreamImpl stream(std::move(frame.data_)); if (!HttpBodyUtils::parseMessageByFieldPath(&stream, method_->response_body_field_path, &http_body)) { // TODO(euroelessar): Return error to client. encoder_callbacks_->resetStream(); return true; } const auto& body = http_body.data(); data.add(body); if (!method_->descriptor_->server_streaming()) { // Non streaming case: single message with content type / length response_headers.setContentType(http_body.content_type()); response_headers.setContentLength(body.size()); return true; } else if (!http_body_response_headers_set_) { // Streaming case: set content type only once from first HttpBody message response_headers.setContentType(http_body.content_type()); http_body_response_headers_set_ = true; } } } return true; } bool JsonTranscoderFilter::maybeConvertGrpcStatus(Grpc::Status::GrpcStatus grpc_status, Http::ResponseHeaderOrTrailerMap& trailers) { if (!config_.convertGrpcStatus()) { return false; } // Send a serialized status only if there was no body. if (has_body_) { return false; } if (grpc_status == Grpc::Status::WellKnownGrpcStatus::Ok || grpc_status == Grpc::Status::WellKnownGrpcStatus::InvalidCode) { return false; } // TODO(mattklein123): The dynamic cast here is needed because ResponseHeaderOrTrailerMap is not // a header map. This can likely be cleaned up. auto status_details = Grpc::Common::getGrpcStatusDetailsBin(dynamic_cast(trailers)); if (!status_details) { // If no rpc.Status object was sent in the grpc-status-details-bin header, // construct it from the grpc-status and grpc-message headers. status_details.emplace(); status_details->set_code(grpc_status); auto grpc_message_header = trailers.GrpcMessage(); if (grpc_message_header) { auto message = grpc_message_header->value().getStringView(); status_details->set_message(message.data(), message.size()); } } std::string json_status; auto translate_status = config_.translateProtoMessageToJson(*status_details, &json_status); if (!translate_status.ok()) { ENVOY_LOG(debug, "Transcoding status error {}", translate_status.ToString()); return false; } response_headers_->setStatus(Grpc::Utility::grpcToHttpStatus(grpc_status)); bool is_trailers_only_response = response_headers_ == &trailers; if (is_trailers_only_response) { // Drop the gRPC status headers, we already have them in the JSON body. response_headers_->removeGrpcStatus(); response_headers_->removeGrpcMessage(); response_headers_->remove(Http::Headers::get().GrpcStatusDetailsBin); } // remove Trailer headers if the client connection was http/1 if (encoder_callbacks_->streamInfo().protocol() < Http::Protocol::Http2) { response_headers_->remove(trailerHeader()); } response_headers_->setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); response_headers_->setContentLength(json_status.length()); Buffer::OwnedImpl status_data(json_status); encoder_callbacks_->addEncodedData(status_data, false); return true; } } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/buffer/buffer.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/grpc/codec.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" #include "grpc_transcoding/path_matcher.h" #include "grpc_transcoding/request_message_translator.h" #include "grpc_transcoding/transcoder.h" #include "grpc_transcoding/type_helper.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { /** * VariableBinding specifies a value for a single field in the request message. * When transcoding HTTP/REST/JSON to gRPC/proto the request message is * constructed using the HTTP body and the variable bindings (specified through * request url). * See https://github.com/googleapis/googleapis/blob/master/google/api/http.proto * for details of variable binding. */ struct VariableBinding { // The location of the field in the protobuf message, where the value // needs to be inserted, e.g. "shelf.theme" would mean the "theme" field // of the nested "shelf" message of the request protobuf message. std::vector field_path; // The value to be inserted. std::string value; }; struct MethodInfo { const Protobuf::MethodDescriptor* descriptor_ = nullptr; std::vector request_body_field_path; std::vector response_body_field_path; bool request_type_is_http_body_ = false; bool response_type_is_http_body_ = false; }; using MethodInfoSharedPtr = std::shared_ptr; void createHttpBodyEnvelope(Buffer::Instance& output, const std::vector& request_body_field_path, std::string content_type, uint64_t content_length); /** * Global configuration for the gRPC JSON transcoder filter. Factory for the Transcoder interface. */ class JsonTranscoderConfig : public Logger::Loggable { public: /** * constructor that loads protobuf descriptors from the file specified in the JSON config. * and construct a path matcher for HTTP path bindings. */ JsonTranscoderConfig( const envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder& proto_config, Api::Api& api); /** * Create an instance of Transcoder interface based on incoming request * @param headers headers received from decoder * @param request_input a ZeroCopyInputStream reading from downstream request body * @param response_input a TranscoderInputStream reading from upstream response body * @param transcoder output parameter for the instance of Transcoder interface * @param method_descriptor output parameter for the method looked up from config * @return status whether the Transcoder instance are successfully created or not */ ProtobufUtil::Status createTranscoder(const Http::RequestHeaderMap& headers, Protobuf::io::ZeroCopyInputStream& request_input, google::grpc::transcoding::TranscoderInputStream& response_input, std::unique_ptr& transcoder, MethodInfoSharedPtr& method_info); /** * Converts an arbitrary protobuf message to JSON. */ ProtobufUtil::Status translateProtoMessageToJson(const Protobuf::Message& message, std::string* json_out); /** * If true, skip clearing the route cache after the incoming request has been modified. * This allows Envoy to select the upstream cluster based on the incoming request * rather than the outgoing. */ bool matchIncomingRequestInfo() const; /** * If true, when trailer indicates a gRPC error and there was no HTTP body, * make google.rpc.Status out of gRPC status headers and use it as JSON body. */ bool convertGrpcStatus() const; private: /** * Convert method descriptor to RequestInfo that needed for transcoding library */ ProtobufUtil::Status methodToRequestInfo(const MethodInfoSharedPtr& method_info, google::grpc::transcoding::RequestInfo* info); private: void addFileDescriptor(const Protobuf::FileDescriptorProto& file); void addBuiltinSymbolDescriptor(const std::string& symbol_name); ProtobufUtil::Status resolveField(const Protobuf::Descriptor* descriptor, const std::string& field_path_str, std::vector* field_path, bool* is_http_body); ProtobufUtil::Status createMethodInfo(const Protobuf::MethodDescriptor* descriptor, const google::api::HttpRule& http_rule, MethodInfoSharedPtr& method_info); Protobuf::DescriptorPool descriptor_pool_; google::grpc::transcoding::PathMatcherPtr path_matcher_; std::unique_ptr type_helper_; Protobuf::util::JsonPrintOptions print_options_; bool match_incoming_request_route_{false}; bool ignore_unknown_query_parameters_{false}; bool convert_grpc_status_{false}; }; using JsonTranscoderConfigSharedPtr = std::shared_ptr; /** * The filter instance for gRPC JSON transcoder. */ class JsonTranscoderFilter : public Http::StreamFilter, public Logger::Loggable { public: JsonTranscoderFilter(JsonTranscoderConfig& config); // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override; // Http::StreamFilterBase void onDestroy() override {} private: bool checkIfTranscoderFailed(const std::string& details); bool readToBuffer(Protobuf::io::ZeroCopyInputStream& stream, Buffer::Instance& data); void maybeSendHttpBodyRequestMessage(); /** * Builds response from HttpBody protobuf. * Returns true if at least one gRPC frame has processed. */ bool buildResponseFromHttpBodyOutput(Http::ResponseHeaderMap& response_headers, Buffer::Instance& data); bool maybeConvertGrpcStatus(Grpc::Status::GrpcStatus grpc_status, Http::ResponseHeaderOrTrailerMap& trailers); bool hasHttpBodyAsOutputType(); void doTrailers(Http::ResponseHeaderOrTrailerMap& headers_or_trailers); JsonTranscoderConfig& config_; std::unique_ptr transcoder_; TranscoderInputStreamImpl request_in_; TranscoderInputStreamImpl response_in_; Http::StreamDecoderFilterCallbacks* decoder_callbacks_{nullptr}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{nullptr}; MethodInfoSharedPtr method_; Http::ResponseHeaderMap* response_headers_{nullptr}; Grpc::Decoder decoder_; // Data of the initial request message, initialized from query arguments, path, etc. Buffer::OwnedImpl initial_request_data_; Buffer::OwnedImpl request_data_; bool first_request_sent_{false}; std::string content_type_; bool error_{false}; bool has_body_{false}; bool http_body_response_headers_set_{false}; }; } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.cc ================================================ #include "extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { int64_t TranscoderInputStreamImpl::BytesAvailable() const { return buffer_->length() - position_; } bool TranscoderInputStreamImpl::Finished() const { return finished_; } } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h ================================================ #pragma once #include "common/buffer/zero_copy_input_stream_impl.h" #include "grpc_transcoding/transcoder_input_stream.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcJsonTranscoder { class TranscoderInputStreamImpl : public Buffer::ZeroCopyInputStreamImpl, public google::grpc::transcoding::TranscoderInputStream { public: // TranscoderInputStream int64_t BytesAvailable() const override; bool Finished() const override; }; } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_stats/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that implements gRPC telemetry envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["grpc_stats_filter.cc"], hdrs = ["grpc_stats_filter.h"], security_posture = "unknown", status = "alpha", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//include/envoy/stream_info:filter_state_interface", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/grpc:context_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_stats/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/grpc_stats/grpc_stats_filter.cc ================================================ #include "extensions/filters/http/grpc_stats/grpc_stats_filter.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.validate.h" #include "envoy/registry/registry.h" #include "common/grpc/codec.h" #include "common/grpc/common.h" #include "common/grpc/context_impl.h" #include "common/runtime/runtime_impl.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcStats { namespace { // A map from gRPC service/method name to symbolized stat names for the service/method. // // The expected usage pattern is that the map is populated once, and can then be queried lock-free // as long as it isn't being modified. class GrpcServiceMethodToRequestNamesMap { public: public: // Construct a map populated with the services/methods in method_list. GrpcServiceMethodToRequestNamesMap(Stats::SymbolTable& symbol_table, const envoy::config::core::v3::GrpcMethodList& method_list) : stat_name_pool_(symbol_table), map_(populate(method_list)) {} absl::optional lookup(const Grpc::Common::RequestNames& request_names) const { auto it = map_.find(request_names); if (it != map_.end()) { return it->second; } return {}; } private: using OwningKey = std::tuple; using ViewKey = Grpc::Common::RequestNames; class MapHash { private: // Use the same type for hashing all variations to ensure the same hash value from all source // types. using ViewTuple = std::tuple; static uint64_t hash(const ViewTuple& key) { return absl::Hash()(key); } public: using is_transparent = void; uint64_t operator()(const OwningKey& key) const { return hash(key); } uint64_t operator()(const ViewKey& key) const { return hash(ViewTuple(key.service_, key.method_)); } }; struct MapEq { using is_transparent = void; bool operator()(const OwningKey& left, const OwningKey& right) const { return left == right; } bool operator()(const OwningKey& left, const ViewKey& right) const { return left == std::make_tuple(right.service_, right.method_); } }; using MapType = absl::flat_hash_map; // Helper for generating a populated MapType so that `map_` can be const. MapType populate(const envoy::config::core::v3::GrpcMethodList& method_list) { MapType map; for (const auto& service : method_list.services()) { Stats::StatName stat_name_service = stat_name_pool_.add(service.name()); for (const auto& method_name : service.method_names()) { Stats::StatName stat_name_method = stat_name_pool_.add(method_name); map[OwningKey(service.name(), method_name)] = Grpc::Context::RequestStatNames{stat_name_service, stat_name_method}; } } return map; } Stats::StatNamePool stat_name_pool_; const MapType map_; }; struct Config { Config(const envoy::extensions::filters::http::grpc_stats::v3::FilterConfig& proto_config, Server::Configuration::FactoryContext& context) : context_(context.grpcContext()), emit_filter_state_(proto_config.emit_filter_state()), enable_upstream_stats_(proto_config.enable_upstream_stats()) { switch (proto_config.per_method_stat_specifier_case()) { case envoy::extensions::filters::http::grpc_stats::v3::FilterConfig:: PER_METHOD_STAT_SPECIFIER_NOT_SET: case envoy::extensions::filters::http::grpc_stats::v3::FilterConfig::kStatsForAllMethods: if (proto_config.has_stats_for_all_methods()) { stats_for_all_methods_ = proto_config.stats_for_all_methods().value(); } else { // Default for when "grpc_stats_filter_enable_stats_for_all_methods_by_default" isn't // set. // // This will flip to false after one release. const bool runtime_feature_default = true; const char* runtime_key = "envoy.deprecated_features.grpc_stats_filter_enable_" "stats_for_all_methods_by_default"; stats_for_all_methods_ = context.runtime().snapshot().deprecatedFeatureEnabled( runtime_key, runtime_feature_default); if (stats_for_all_methods_) { ENVOY_LOG_MISC(warn, "Using deprecated default value for " "'envoy.extensions.filters.http.grpc_stats.v3.FilterConfig.stats_for_all_" "methods'. The default for this field will become false in a future " "release. To retain this behavior, set this field to true in your " "configuration. A short-term workaround of setting runtime configuration " "{} to true can be used if the configuration cannot be changed.", runtime_key); } } break; case envoy::extensions::filters::http::grpc_stats::v3::FilterConfig:: kIndividualMethodStatsAllowlist: allowlist_.emplace(context.scope().symbolTable(), proto_config.individual_method_stats_allowlist()); break; } } Grpc::Context& context_; const bool emit_filter_state_; const bool enable_upstream_stats_; bool stats_for_all_methods_{false}; absl::optional allowlist_; }; using ConfigConstSharedPtr = std::shared_ptr; class GrpcStatsFilter : public Http::PassThroughFilter { public: GrpcStatsFilter(ConfigConstSharedPtr config) : config_(config) {} Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override { grpc_request_ = Grpc::Common::isGrpcRequestHeaders(headers); if (grpc_request_) { cluster_ = decoder_callbacks_->clusterInfo(); if (cluster_) { if (config_->stats_for_all_methods_) { // Get dynamically-allocated Context::RequestStatNames from the context. request_names_ = config_->context_.resolveDynamicServiceAndMethod(headers.Path()); do_stat_tracking_ = request_names_.has_value(); } else { // This case handles both proto_config.stats_for_all_methods() == false, // and proto_config.has_individual_method_stats_allowlist(). This works // because proto_config.stats_for_all_methods() == false results in // an empty allowlist, which exactly matches the behavior specified for // this configuration. // // Resolve the service and method to a string_view, then get // the Context::RequestStatNames out of the pre-allocated list that // can be produced with the allowlist being present. absl::optional request_names = Grpc::Common::resolveServiceAndMethod(headers.Path()); if (request_names) { // Do stat tracking as long as this looks like a grpc service/method, // even if it isn't in the allowlist. Things not in the allowlist // are counted with a stat with no service/method in the name. do_stat_tracking_ = true; // If the entry is not found in the allowlist, this will return // an empty optional; each of the `charge` functions on the context // will interpret an empty optional for this value to mean that the // service.method prefix on the stat should be omitted. if (config_->allowlist_) { request_names_ = config_->allowlist_->lookup(*request_names); } } } } } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus decodeData(Buffer::Instance& data, bool) override { if (grpc_request_) { uint64_t delta = request_counter_.inspect(data); if (delta > 0) { maybeWriteFilterState(); if (doStatTracking()) { config_->context_.chargeRequestMessageStat(*cluster_, request_names_, delta); } } } return Http::FilterDataStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override { grpc_response_ = Grpc::Common::isGrpcResponseHeaders(headers, end_stream); if (doStatTracking()) { config_->context_.chargeStat(*cluster_, Grpc::Context::Protocol::Grpc, request_names_, headers.GrpcStatus()); if (end_stream) { maybeChargeUpstreamStat(); } } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus encodeData(Buffer::Instance& data, bool) override { if (grpc_response_) { uint64_t delta = response_counter_.inspect(data); if (delta > 0) { maybeWriteFilterState(); if (doStatTracking()) { config_->context_.chargeResponseMessageStat(*cluster_, request_names_, delta); } } } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override { if (doStatTracking()) { config_->context_.chargeStat(*cluster_, Grpc::Context::Protocol::Grpc, request_names_, trailers.GrpcStatus()); maybeChargeUpstreamStat(); } return Http::FilterTrailersStatus::Continue; } bool doStatTracking() const { return do_stat_tracking_; } void maybeWriteFilterState() { if (!config_->emit_filter_state_) { return; } if (filter_object_ == nullptr) { auto state = std::make_unique(); filter_object_ = state.get(); decoder_callbacks_->streamInfo().filterState()->setData( HttpFilterNames::get().GrpcStats, std::move(state), StreamInfo::FilterState::StateType::Mutable, StreamInfo::FilterState::LifeSpan::FilterChain); } filter_object_->request_message_count = request_counter_.frameCount(); filter_object_->response_message_count = response_counter_.frameCount(); } void maybeChargeUpstreamStat() { if (config_->enable_upstream_stats_ && decoder_callbacks_->streamInfo().lastUpstreamTxByteSent().has_value() && decoder_callbacks_->streamInfo().lastUpstreamRxByteReceived().has_value()) { std::chrono::milliseconds chrono_duration = std::chrono::duration_cast( decoder_callbacks_->streamInfo().lastUpstreamRxByteReceived().value() - decoder_callbacks_->streamInfo().lastUpstreamTxByteSent().value()); config_->context_.chargeUpstreamStat(*cluster_, request_names_, chrono_duration); } } private: ConfigConstSharedPtr config_; GrpcStatsObject* filter_object_{}; bool do_stat_tracking_{false}; bool grpc_request_{false}; bool grpc_response_{false}; Grpc::FrameInspector request_counter_; Grpc::FrameInspector response_counter_; Upstream::ClusterInfoConstSharedPtr cluster_; absl::optional request_names_; }; // namespace } // namespace Http::FilterFactoryCb GrpcStatsFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_stats::v3::FilterConfig& proto_config, const std::string&, Server::Configuration::FactoryContext& factory_context) { ConfigConstSharedPtr config = std::make_shared(proto_config, factory_context); return [config](Http::FilterChainFactoryCallbacks& callbacks) { callbacks.addStreamFilter(std::make_shared(config)); }; } /** * Static registration for the gRPC stats filter. @see RegisterFactory. */ REGISTER_FACTORY(GrpcStatsFilterConfigFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace GrpcStats } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_stats/grpc_stats_filter.h ================================================ #pragma once #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.validate.h" #include "envoy/server/filter_config.h" #include "envoy/stream_info/filter_state.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcStats { // Filter state exposing the gRPC message counts. struct GrpcStatsObject : public StreamInfo::FilterState::Object { uint64_t request_message_count = 0; uint64_t response_message_count = 0; ProtobufTypes::MessagePtr serializeAsProto() const override { auto msg = std::make_unique(); msg->set_request_message_count(request_message_count); msg->set_response_message_count(response_message_count); return msg; } absl::optional serializeAsString() const override { return absl::StrCat(request_message_count, ",", response_message_count); } }; class GrpcStatsFilterConfigFactory : public Common::FactoryBase { public: GrpcStatsFilterConfigFactory() : FactoryBase(HttpFilterNames::get().GrpcStats) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_stats::v3::FilterConfig& proto_config, const std::string&, Server::Configuration::FactoryContext&) override; }; } // namespace GrpcStats } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_web/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that implements the grpc-web protocol (https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-WEB.md) # Public docs: docs/root/configuration/http_filters/grpc_web_filter.rst envoy_extension_package() envoy_cc_library( name = "grpc_web_filter_lib", srcs = ["grpc_web_filter.cc"], hdrs = ["grpc_web_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:base64_lib", "//source/common/common:utility_lib", "//source/common/grpc:codec_lib", "//source/common/grpc:context_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_web:grpc_web_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_web/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/grpc_web/config.cc ================================================ #include "extensions/filters/http/grpc_web/config.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/grpc_web/grpc_web_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcWeb { Http::FilterFactoryCb GrpcWebFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_web::v3::GrpcWeb&, const std::string&, Server::Configuration::FactoryContext& factory_context) { return [&factory_context](Http::FilterChainFactoryCallbacks& callbacks) { callbacks.addStreamFilter(std::make_shared(factory_context.grpcContext())); }; } /** * Static registration for the gRPC-Web filter. @see RegisterFactory. */ REGISTER_FACTORY(GrpcWebFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.grpc_web"}; } // namespace GrpcWeb } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_web/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/grpc_web/v3/grpc_web.pb.h" #include "envoy/extensions/filters/http/grpc_web/v3/grpc_web.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcWeb { class GrpcWebFilterConfig : public Common::FactoryBase { public: GrpcWebFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcWeb) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_web::v3::GrpcWeb& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& factory_context) override; }; } // namespace GrpcWeb } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_web/grpc_web_filter.cc ================================================ #include "extensions/filters/http/grpc_web/grpc_web_filter.h" #ifndef WIN32 #include #endif #include "common/common/assert.h" #include "common/common/base64.h" #include "common/common/empty_string.h" #include "common/common/utility.h" #include "common/grpc/context_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcWeb { Http::RegisterCustomInlineHeader accept_handle(Http::CustomHeaders::get().Accept); Http::RegisterCustomInlineHeader grpc_accept_encoding_handle(Http::CustomHeaders::get().GrpcAcceptEncoding); struct RcDetailsValues { // The grpc web filter couldn't decode the data as the size wasn't a multiple of 4. const std::string GrpcDecodeFailedDueToSize = "grpc_base_64_decode_failed_bad_size"; // The grpc web filter couldn't decode the data provided. const std::string GrpcDecodeFailedDueToData = "grpc_base_64_decode_failed"; }; using RcDetails = ConstSingleton; // Bit mask denotes a trailers frame of gRPC-Web. const uint8_t GrpcWebFilter::GRPC_WEB_TRAILER = 0b10000000; // Supported gRPC-Web content-types. const absl::flat_hash_set& GrpcWebFilter::gRpcWebContentTypes() const { static const absl::flat_hash_set* types = new absl::flat_hash_set( {Http::Headers::get().ContentTypeValues.GrpcWeb, Http::Headers::get().ContentTypeValues.GrpcWebProto, Http::Headers::get().ContentTypeValues.GrpcWebText, Http::Headers::get().ContentTypeValues.GrpcWebTextProto}); return *types; } bool GrpcWebFilter::isGrpcWebRequest(const Http::RequestHeaderMap& headers) { if (!headers.Path()) { return false; } const Http::HeaderEntry* content_type = headers.ContentType(); if (content_type != nullptr) { return gRpcWebContentTypes().count(content_type->value().getStringView()) > 0; } return false; } // Implements StreamDecoderFilter. // TODO(fengli): Implements the subtypes of gRPC-Web content-type other than proto, like +json, etc. Http::FilterHeadersStatus GrpcWebFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { if (!isGrpcWebRequest(headers)) { return Http::FilterHeadersStatus::Continue; } is_grpc_web_request_ = true; // Remove content-length header since it represents http1.1 payload size, not the sum of the h2 // DATA frame payload lengths. https://http2.github.io/http2-spec/#malformed This effectively // switches to chunked encoding which is the default for h2 headers.removeContentLength(); setupStatTracking(headers); const absl::string_view content_type = headers.getContentTypeValue(); if (content_type == Http::Headers::get().ContentTypeValues.GrpcWebText || content_type == Http::Headers::get().ContentTypeValues.GrpcWebTextProto) { // Checks whether gRPC-Web client is sending base64 encoded request. is_text_request_ = true; } headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Grpc); const absl::string_view accept = headers.getInlineValue(accept_handle.handle()); if (accept == Http::Headers::get().ContentTypeValues.GrpcWebText || accept == Http::Headers::get().ContentTypeValues.GrpcWebTextProto) { // Checks whether gRPC-Web client is asking for base64 encoded response. is_text_response_ = true; } // Adds te:trailers to upstream HTTP2 request. It's required for gRPC. headers.setReferenceTE(Http::Headers::get().TEValues.Trailers); // Adds grpc-accept-encoding:identity,deflate,gzip. It's required for gRPC. headers.setReferenceInline(grpc_accept_encoding_handle.handle(), Http::CustomHeaders::get().GrpcAcceptEncodingValues.Default); return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus GrpcWebFilter::decodeData(Buffer::Instance& data, bool end_stream) { if (!is_grpc_web_request_) { return Http::FilterDataStatus::Continue; } if (!is_text_request_) { // No additional transcoding required if gRPC client is sending binary request. return Http::FilterDataStatus::Continue; } // Parse application/grpc-web-text format. const uint64_t available = data.length() + decoding_buffer_.length(); if (end_stream) { if (available == 0) { return Http::FilterDataStatus::Continue; } if (available % 4 != 0) { // Client end stream with invalid base64. Note, base64 padding is mandatory. decoder_callbacks_->sendLocalReply(Http::Code::BadRequest, "Bad gRPC-web request, invalid base64 data.", nullptr, absl::nullopt, RcDetails::get().GrpcDecodeFailedDueToSize); return Http::FilterDataStatus::StopIterationNoBuffer; } } else if (available < 4) { decoding_buffer_.move(data); return Http::FilterDataStatus::StopIterationNoBuffer; } const uint64_t needed = available / 4 * 4 - decoding_buffer_.length(); decoding_buffer_.move(data, needed); const std::string decoded = Base64::decode( std::string(static_cast(decoding_buffer_.linearize(decoding_buffer_.length())), decoding_buffer_.length())); if (decoded.empty()) { // Error happened when decoding base64. decoder_callbacks_->sendLocalReply(Http::Code::BadRequest, "Bad gRPC-web request, invalid base64 data.", nullptr, absl::nullopt, RcDetails::get().GrpcDecodeFailedDueToData); return Http::FilterDataStatus::StopIterationNoBuffer; } decoding_buffer_.drain(decoding_buffer_.length()); decoding_buffer_.move(data); data.add(decoded); // Any block of 4 bytes or more should have been decoded and passed through. ASSERT(decoding_buffer_.length() < 4); return Http::FilterDataStatus::Continue; } // Implements StreamEncoderFilter. Http::FilterHeadersStatus GrpcWebFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { if (!is_grpc_web_request_) { return Http::FilterHeadersStatus::Continue; } if (doStatTracking()) { chargeStat(headers); } if (is_text_response_) { headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.GrpcWebTextProto); } else { headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.GrpcWebProto); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus GrpcWebFilter::encodeData(Buffer::Instance& data, bool) { if (!is_grpc_web_request_) { return Http::FilterDataStatus::Continue; } if (!is_text_response_) { // No additional transcoding required if gRPC-Web client asked for binary response. return Http::FilterDataStatus::Continue; } // The decoder always consumes and drains the given buffer. Incomplete data frame is buffered // inside the decoder. std::vector frames; decoder_.decode(data, frames); if (frames.empty()) { // We don't have enough data to decode for one single frame, stop iteration until more data // comes in. return Http::FilterDataStatus::StopIterationNoBuffer; } // Encodes the decoded gRPC frames with base64. for (auto& frame : frames) { Buffer::OwnedImpl temp; temp.add(&frame.flags_, 1); const uint32_t length = htonl(frame.length_); temp.add(&length, 4); if (frame.length_ > 0) { temp.add(*frame.data_); } data.add(Base64::encode(temp, temp.length())); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus GrpcWebFilter::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (!is_grpc_web_request_) { return Http::FilterTrailersStatus::Continue; } if (doStatTracking()) { chargeStat(trailers); } // Trailers are expected to come all in once, and will be encoded into one single trailers frame. // Trailers in the trailers frame are separated by CRLFs. Buffer::OwnedImpl temp; trailers.iterate([&temp](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { temp.add(header.key().getStringView().data(), header.key().size()); temp.add(":"); temp.add(header.value().getStringView().data(), header.value().size()); temp.add("\r\n"); return Http::HeaderMap::Iterate::Continue; }); // Clears out the trailers so they don't get added since it is now in the body. trailers.clear(); Buffer::OwnedImpl buffer; // Adds the trailers frame head. buffer.add(&GRPC_WEB_TRAILER, 1); // Adds the trailers frame length. const uint32_t length = htonl(temp.length()); buffer.add(&length, 4); buffer.move(temp); if (is_text_response_) { Buffer::OwnedImpl encoded(Base64::encode(buffer, buffer.length())); encoder_callbacks_->addEncodedData(encoded, true); } else { encoder_callbacks_->addEncodedData(buffer, true); } return Http::FilterTrailersStatus::Continue; } void GrpcWebFilter::setupStatTracking(const Http::RequestHeaderMap& headers) { cluster_ = decoder_callbacks_->clusterInfo(); if (!cluster_) { return; } request_stat_names_ = context_.resolveDynamicServiceAndMethod(headers.Path()); } void GrpcWebFilter::chargeStat(const Http::ResponseHeaderOrTrailerMap& headers) { context_.chargeStat(*cluster_, Grpc::Context::Protocol::GrpcWeb, *request_stat_names_, headers.GrpcStatus()); } } // namespace GrpcWeb } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/grpc_web/grpc_web_filter.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/common/non_copyable.h" #include "common/grpc/codec.h" #include "common/grpc/context_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace GrpcWeb { /** * See docs/configuration/http_filters/grpc_web_filter.rst */ class GrpcWebFilter : public Http::StreamFilter, NonCopyable { public: explicit GrpcWebFilter(Grpc::Context& context) : context_(context) {} ~GrpcWebFilter() override = default; // Http::StreamFilterBase void onDestroy() override {} // Implements StreamDecoderFilter. Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; } // Implements StreamEncoderFilter. Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_ = &callbacks; } bool doStatTracking() const { return request_stat_names_.has_value(); } private: friend class GrpcWebFilterTest; void chargeStat(const Http::ResponseHeaderOrTrailerMap& headers); void setupStatTracking(const Http::RequestHeaderMap& headers); bool isGrpcWebRequest(const Http::RequestHeaderMap& headers); static const uint8_t GRPC_WEB_TRAILER; const absl::flat_hash_set& gRpcWebContentTypes() const; Upstream::ClusterInfoConstSharedPtr cluster_; Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; bool is_text_request_{}; bool is_text_response_{}; Buffer::OwnedImpl decoding_buffer_; Grpc::Decoder decoder_; absl::optional request_stat_names_; bool is_grpc_web_request_{}; Grpc::Context& context_; }; } // namespace GrpcWeb } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/gzip/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that performs gzip compression # Public docs: docs/root/configuration/http_filters/gzip_filter.rst envoy_extension_package() envoy_cc_library( name = "gzip_filter_lib", srcs = ["gzip_filter.cc"], hdrs = ["gzip_filter.h"], deps = [ "//source/common/http:headers_lib", "//source/common/protobuf", "//source/extensions/compression/gzip/compressor:compressor_lib", "//source/extensions/filters/http/common/compressor:compressor_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/gzip/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/gzip:gzip_filter_lib", "@envoy_api//envoy/extensions/filters/http/gzip/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/gzip/config.cc ================================================ #include "extensions/filters/http/gzip/config.h" #include "extensions/filters/http/gzip/gzip_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Gzip { Http::FilterFactoryCb GzipFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::gzip::v3::Gzip& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { // This will flip to false eventually. const bool runtime_feature_default = true; const char runtime_key[] = "envoy.deprecated_features.allow_deprecated_gzip_http_filter"; const std::string warn_message = "Using deprecated extension 'envoy.extensions.filters.http.gzip'. This " "extension will be removed from Envoy soon. Please use " "'envoy.extensions.filters.http.compressor' instead."; if (context.runtime().snapshot().deprecatedFeatureEnabled(runtime_key, runtime_feature_default)) { ENVOY_LOG_MISC(warn, "{}", warn_message); } else { throw EnvoyException( warn_message + " If continued use of this extension is absolutely necessary, see " "https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime" "#using-runtime-overrides-for-deprecated-features for how to apply a temporary and " "highly discouraged override."); } Common::Compressors::CompressorFilterConfigSharedPtr config = std::make_shared( proto_config, stats_prefix, context.scope(), context.runtime()); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(config)); }; } /** * Static registration for the gzip filter. @see NamedHttpFilterConfigFactory. */ REGISTER_FACTORY(GzipFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.gzip"}; } // namespace Gzip } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/gzip/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/gzip/v3/gzip.pb.h" #include "envoy/extensions/filters/http/gzip/v3/gzip.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Gzip { /** * Config registration for the gzip filter. @see NamedHttpFilterConfigFactory. */ class GzipFilterFactory : public Common::FactoryBase { public: GzipFilterFactory() : FactoryBase(HttpFilterNames::get().EnvoyGzip) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped(const envoy::extensions::filters::http::gzip::v3::Gzip& config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(GzipFilterFactory); } // namespace Gzip } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/gzip/gzip_filter.cc ================================================ #include "extensions/filters/http/gzip/gzip_filter.h" #include "envoy/config/core/v3/base.pb.h" #include "common/http/headers.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Gzip { namespace { // Default zlib memory level. const uint64_t DefaultMemoryLevel = 5; // Default and maximum compression window size. const uint64_t DefaultWindowBits = 12; // When logical OR'ed to window bits, this sets a gzip header and trailer around the compressed // data. const uint64_t GzipHeaderValue = 16; } // namespace GzipFilterConfig::GzipFilterConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : CompressorFilterConfig(compressorConfig(gzip), stats_prefix + "gzip.", scope, runtime, Http::CustomHeaders::get().ContentEncodingValues.Gzip), compression_level_(compressionLevelEnum(gzip.compression_level())), compression_strategy_(compressionStrategyEnum(gzip.compression_strategy())), memory_level_(memoryLevelUint(gzip.memory_level().value())), window_bits_(windowBitsUint(gzip.window_bits().value())), chunk_size_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, chunk_size, 4096)) {} Envoy::Compression::Compressor::CompressorPtr GzipFilterConfig::makeCompressor() { auto compressor = std::make_unique(chunk_size_); compressor->init(compressionLevel(), compressionStrategy(), windowBits(), memoryLevel()); return compressor; } Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel GzipFilterConfig::compressionLevelEnum( envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::Enum compression_level) { switch (compression_level) { case envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::BEST: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Best; case envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::SPEED: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Speed; default: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Standard; } } Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy GzipFilterConfig::compressionStrategyEnum( envoy::extensions::filters::http::gzip::v3::Gzip::CompressionStrategy compression_strategy) { switch (compression_strategy) { case envoy::extensions::filters::http::gzip::v3::Gzip::RLE: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Rle; case envoy::extensions::filters::http::gzip::v3::Gzip::FILTERED: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Filtered; case envoy::extensions::filters::http::gzip::v3::Gzip::HUFFMAN: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Huffman; default: return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Standard; } } uint64_t GzipFilterConfig::memoryLevelUint(Protobuf::uint32 level) { return level > 0 ? level : DefaultMemoryLevel; } uint64_t GzipFilterConfig::windowBitsUint(Protobuf::uint32 window_bits) { return (window_bits > 0 ? window_bits : DefaultWindowBits) | GzipHeaderValue; } const envoy::extensions::filters::http::compressor::v3::Compressor GzipFilterConfig::compressorConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip) { if (gzip.has_compressor()) { return gzip.compressor(); } envoy::extensions::filters::http::compressor::v3::Compressor compressor = {}; if (gzip.has_hidden_envoy_deprecated_content_length()) { compressor.set_allocated_content_length( // According to // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. new Protobuf::UInt32Value(gzip.hidden_envoy_deprecated_content_length())); } // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) for (const std::string& ctype : gzip.hidden_envoy_deprecated_content_type()) { compressor.add_content_type(ctype); } compressor.set_disable_on_etag_header(gzip.hidden_envoy_deprecated_disable_on_etag_header()); compressor.set_remove_accept_encoding_header( gzip.hidden_envoy_deprecated_remove_accept_encoding_header()); return compressor; } } // namespace Gzip } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/gzip/gzip_filter.h ================================================ #pragma once #include "envoy/extensions/filters/http/gzip/v3/gzip.pb.h" #include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" #include "extensions/filters/http/common/compressor/compressor.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Gzip { /** * Configuration for the gzip filter. */ class GzipFilterConfig : public Common::Compressors::CompressorFilterConfig { public: GzipFilterConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); Envoy::Compression::Compressor::CompressorPtr makeCompressor() override; Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compressionLevel() const { return compression_level_; } Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy compressionStrategy() const { return compression_strategy_; } uint64_t memoryLevel() const { return memory_level_; } uint64_t windowBits() const { return window_bits_; } uint32_t chunkSize() const { return chunk_size_; } private: static Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compressionLevelEnum( envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::Enum compression_level); static Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy compressionStrategyEnum( envoy::extensions::filters::http::gzip::v3::Gzip::CompressionStrategy compression_strategy); static uint64_t memoryLevelUint(Protobuf::uint32 level); static uint64_t windowBitsUint(Protobuf::uint32 window_bits); // TODO(rojkov): this is going to be deprecated when the old configuration fields are dropped. static const envoy::extensions::filters::http::compressor::v3::Compressor compressorConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip); Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compression_level_; Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy compression_strategy_; const int32_t memory_level_; const int32_t window_bits_; const uint32_t chunk_size_; }; } // namespace Gzip } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/header_to_metadata/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that transforms request data into dynamic metadata # Public docs: docs/root/configuration/http_filters/header_to_metadata_filter.rst envoy_extension_package() envoy_cc_library( name = "header_to_metadata_filter_lib", srcs = ["header_to_metadata_filter.cc"], hdrs = ["header_to_metadata_filter.h"], deps = [ "//include/envoy/server:filter_config_interface", "//source/common/common:base64_lib", "//source/common/http:header_utility_lib", "//source/common/http:utility_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/header_to_metadata/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/header_to_metadata:header_to_metadata_filter_lib", "@envoy_api//envoy/extensions/filters/http/header_to_metadata/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/header_to_metadata/config.cc ================================================ #include "extensions/filters/http/header_to_metadata/config.h" #include #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HeaderToMetadataFilter { Http::FilterFactoryCb HeaderToMetadataConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::header_to_metadata::v3::Config& proto_config, const std::string&, Server::Configuration::FactoryContext&) { ConfigSharedPtr filter_config(std::make_shared(proto_config)); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter( Http::StreamFilterSharedPtr{new HeaderToMetadataFilter(filter_config)}); }; } Router::RouteSpecificFilterConfigConstSharedPtr HeaderToMetadataConfig::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::header_to_metadata::v3::Config& config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(config, true); } /** * Static registration for the header-to-metadata filter. @see RegisterFactory. */ REGISTER_FACTORY(HeaderToMetadataConfig, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace HeaderToMetadataFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/header_to_metadata/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HeaderToMetadataFilter { /** * Config registration for the header-to-metadata filter. @see NamedHttpFilterConfigFactory. */ class HeaderToMetadataConfig : public Common::FactoryBase { public: HeaderToMetadataConfig() : FactoryBase(HttpFilterNames::get().HeaderToMetadata) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::header_to_metadata::v3::Config& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::header_to_metadata::v3::Config& config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; }; } // namespace HeaderToMetadataFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.cc ================================================ #include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "common/common/base64.h" #include "common/common/regex.h" #include "common/config/well_known_names.h" #include "common/http/header_utility.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/http/well_known_names.h" #include "absl/strings/numbers.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HeaderToMetadataFilter { // Extract the value of the header. absl::optional HeaderValueSelector::extract(Http::HeaderMap& map) const { const auto header_value = Http::HeaderUtility::getAllOfHeaderAsString(map, header_); if (!header_value.result().has_value()) { return absl::nullopt; } // Catch the value in the header before removing. absl::optional value = std::string(header_value.result().value()); if (remove_) { map.remove(header_); } return value; } // Extract the value of the key from the cookie header. absl::optional CookieValueSelector::extract(Http::HeaderMap& map) const { std::string value = Envoy::Http::Utility::parseCookieValue(map, cookie_); if (!value.empty()) { return absl::optional(std::move(value)); } return absl::nullopt; } Rule::Rule(const ProtoRule& rule) : rule_(rule) { // Ensure only one of header and cookie is specified. // TODO(radha13): remove this once we are on v4 and these fields are folded into a oneof. if (!rule.cookie().empty() && !rule.header().empty()) { throw EnvoyException("Cannot specify both header and cookie"); } // Initialize the shared pointer. if (!rule.header().empty()) { selector_ = std::make_shared(Http::LowerCaseString(rule.header()), rule.remove()); } else if (!rule.cookie().empty()) { selector_ = std::make_shared(rule.cookie()); } else { throw EnvoyException("One of Cookie or Header option needs to be specified"); } // Rule must have at least one of the `on_header_*` fields set. if (!rule.has_on_header_present() && !rule.has_on_header_missing()) { const auto& error = fmt::format("header to metadata filter: rule for {} has neither " "`on_header_present` nor `on_header_missing` set", selector_->toString()); throw EnvoyException(error); } // Ensure value and regex_value_rewrite are not mixed. // TODO(rgs1): remove this once we are on v4 and these fields are folded into a oneof. if (!rule.on_header_present().value().empty() && rule.on_header_present().has_regex_value_rewrite()) { throw EnvoyException("Cannot specify both value and regex_value_rewrite"); } // Remove field is un-supported for cookie. if (!rule.cookie().empty() && rule.remove()) { throw EnvoyException("Cannot specify remove for cookie"); } if (rule.has_on_header_missing() && rule.on_header_missing().value().empty()) { throw EnvoyException("Cannot specify on_header_missing rule with an empty value"); } if (rule.on_header_present().has_regex_value_rewrite()) { const auto& rewrite_spec = rule.on_header_present().regex_value_rewrite(); regex_rewrite_ = Regex::Utility::parseRegex(rewrite_spec.pattern()); regex_rewrite_substitution_ = rewrite_spec.substitution(); } } Config::Config(const envoy::extensions::filters::http::header_to_metadata::v3::Config config, const bool per_route) { request_set_ = Config::configToVector(config.request_rules(), request_rules_); response_set_ = Config::configToVector(config.response_rules(), response_rules_); // Note: empty configs are fine for the global config, which would be the case for enabling // the filter globally without rules and then applying them at the virtual host or // route level. At the virtual or route level, it makes no sense to have an empty // config so we throw an error. if (per_route && !response_set_ && !request_set_) { throw EnvoyException("header_to_metadata_filter: Per filter configs must at least specify " "either request or response rules"); } } bool Config::configToVector(const ProtobufRepeatedRule& proto_rules, HeaderToMetadataRules& vector) { if (proto_rules.empty()) { ENVOY_LOG(debug, "no rules provided"); return false; } for (const auto& entry : proto_rules) { vector.emplace_back(entry); } return true; } HeaderToMetadataFilter::HeaderToMetadataFilter(const ConfigSharedPtr config) : config_(config) {} HeaderToMetadataFilter::~HeaderToMetadataFilter() = default; Http::FilterHeadersStatus HeaderToMetadataFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { const auto* config = getConfig(); if (config->doRequest()) { writeHeaderToMetadata(headers, config->requestRules(), *decoder_callbacks_); } return Http::FilterHeadersStatus::Continue; } void HeaderToMetadataFilter::setDecoderFilterCallbacks( Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; } Http::FilterHeadersStatus HeaderToMetadataFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { const auto* config = getConfig(); if (config->doResponse()) { writeHeaderToMetadata(headers, config->responseRules(), *encoder_callbacks_); } return Http::FilterHeadersStatus::Continue; } void HeaderToMetadataFilter::setEncoderFilterCallbacks( Http::StreamEncoderFilterCallbacks& callbacks) { encoder_callbacks_ = &callbacks; } bool HeaderToMetadataFilter::addMetadata(StructMap& map, const std::string& meta_namespace, const std::string& key, std::string value, ValueType type, ValueEncode encode) const { ProtobufWkt::Value val; ASSERT(!value.empty()); if (value.size() >= MAX_HEADER_VALUE_LEN) { // Too long, go away. ENVOY_LOG(debug, "metadata value is too long"); return false; } if (encode == envoy::extensions::filters::http::header_to_metadata::v3::Config::BASE64) { value = Base64::decodeWithoutPadding(value); if (value.empty()) { ENVOY_LOG(debug, "Base64 decode failed"); return false; } } // Sane enough, add the key/value. switch (type) { case envoy::extensions::filters::http::header_to_metadata::v3::Config::STRING: val.set_string_value(std::move(value)); break; case envoy::extensions::filters::http::header_to_metadata::v3::Config::NUMBER: { double dval; if (absl::SimpleAtod(StringUtil::trim(value), &dval)) { val.set_number_value(dval); } else { ENVOY_LOG(debug, "value to number conversion failed"); return false; } break; } case envoy::extensions::filters::http::header_to_metadata::v3::Config::PROTOBUF_VALUE: { if (!val.ParseFromString(value)) { ENVOY_LOG(debug, "parse from decoded string failed"); return false; } break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } // Have we seen this namespace before? auto namespace_iter = map.find(meta_namespace); if (namespace_iter == map.end()) { map[meta_namespace] = ProtobufWkt::Struct(); namespace_iter = map.find(meta_namespace); } auto& keyval = namespace_iter->second; (*keyval.mutable_fields())[key] = val; return true; } const std::string& HeaderToMetadataFilter::decideNamespace(const std::string& nspace) const { return nspace.empty() ? HttpFilterNames::get().HeaderToMetadata : nspace; } // add metadata['key']= value depending on header present or missing case void HeaderToMetadataFilter::applyKeyValue(std::string&& value, const Rule& rule, const KeyValuePair& keyval, StructMap& np) { if (!keyval.value().empty()) { value = keyval.value(); } else { const auto& matcher = rule.regexRewrite(); if (matcher != nullptr) { value = matcher->replaceAll(value, rule.regexSubstitution()); } } if (!value.empty()) { const auto& nspace = decideNamespace(keyval.metadata_namespace()); addMetadata(np, nspace, keyval.key(), value, keyval.type(), keyval.encode()); } else { ENVOY_LOG(debug, "value is empty, not adding metadata"); } } void HeaderToMetadataFilter::writeHeaderToMetadata(Http::HeaderMap& headers, const HeaderToMetadataRules& rules, Http::StreamFilterCallbacks& callbacks) { StructMap structs_by_namespace; for (const auto& rule : rules) { const auto& proto_rule = rule.rule(); absl::optional value = rule.selector_->extract(headers); if (value && proto_rule.has_on_header_present()) { applyKeyValue(std::move(value).value_or(""), rule, proto_rule.on_header_present(), structs_by_namespace); } else if (!value && proto_rule.has_on_header_missing()) { applyKeyValue(std::move(value).value_or(""), rule, proto_rule.on_header_missing(), structs_by_namespace); } } // Any matching rules? if (!structs_by_namespace.empty()) { for (auto const& entry : structs_by_namespace) { callbacks.streamInfo().setDynamicMetadata(entry.first, entry.second); } } } // TODO(rgs1): this belongs in one of the filter interfaces, see issue #10164. const Config* HeaderToMetadataFilter::getConfig() const { // Cached config pointer. if (effective_config_) { return effective_config_; } effective_config_ = Http::Utility::resolveMostSpecificPerFilterConfig( HttpFilterNames::get().HeaderToMetadata, decoder_callbacks_->route()); if (effective_config_) { return effective_config_; } effective_config_ = config_.get(); return effective_config_; } } // namespace HeaderToMetadataFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h ================================================ #pragma once #include #include #include #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HeaderToMetadataFilter { using ProtoRule = envoy::extensions::filters::http::header_to_metadata::v3::Config::Rule; using ValueType = envoy::extensions::filters::http::header_to_metadata::v3::Config::ValueType; using ValueEncode = envoy::extensions::filters::http::header_to_metadata::v3::Config::ValueEncode; using KeyValuePair = envoy::extensions::filters::http::header_to_metadata::v3::Config::KeyValuePair; // Interface for getting values from a cookie or a header. class ValueSelector { public: virtual ~ValueSelector() = default; /** * Called to extract the value of a given header or cookie. * @param http header map. * @return absl::optional the extracted header or cookie. */ virtual absl::optional extract(Http::HeaderMap& map) const PURE; /** * @return a string representation of either a cookie or a header passed in the request. */ virtual std::string toString() const PURE; }; // Get value from a header. class HeaderValueSelector : public ValueSelector { public: // ValueSelector. explicit HeaderValueSelector(Http::LowerCaseString header, bool remove) : header_(std::move(header)), remove_(std::move(remove)) {} absl::optional extract(Http::HeaderMap& map) const override; std::string toString() const override { return fmt::format("header '{}'", header_.get()); } ~HeaderValueSelector() override = default; private: const Http::LowerCaseString header_; const bool remove_; }; // Get value from a cookie. class CookieValueSelector : public ValueSelector { public: // ValueSelector. explicit CookieValueSelector(std::string cookie) : cookie_(std::move(cookie)) {} absl::optional extract(Http::HeaderMap& map) const override; std::string toString() const override { return fmt::format("cookie '{}'", cookie_); } ~CookieValueSelector() override = default; private: const std::string cookie_; }; class Rule { public: Rule(const ProtoRule& rule); const ProtoRule& rule() const { return rule_; } const Regex::CompiledMatcherPtr& regexRewrite() const { return regex_rewrite_; } const std::string& regexSubstitution() const { return regex_rewrite_substitution_; } std::shared_ptr selector_; private: const ProtoRule rule_; Regex::CompiledMatcherPtr regex_rewrite_{}; std::string regex_rewrite_substitution_{}; }; using HeaderToMetadataRules = std::vector; // TODO(yangminzhu): Make MAX_HEADER_VALUE_LEN configurable. const uint32_t MAX_HEADER_VALUE_LEN = 8 * 1024; /** * Encapsulates the filter configuration with STL containers and provides an area for any custom * configuration logic. */ class Config : public ::Envoy::Router::RouteSpecificFilterConfig, public Logger::Loggable { public: Config(const envoy::extensions::filters::http::header_to_metadata::v3::Config config, bool per_route = false); const HeaderToMetadataRules& requestRules() const { return request_rules_; } const HeaderToMetadataRules& responseRules() const { return response_rules_; } bool doResponse() const { return response_set_; } bool doRequest() const { return request_set_; } private: using ProtobufRepeatedRule = Protobuf::RepeatedPtrField; /** * configToVector is a helper function for converting from configuration (protobuf types) into * STL containers for usage elsewhere. * * @param config A protobuf repeated field of metadata that specifies what headers to convert to * metadata * @param vector A vector that will be populated with the configuration data from config * @return true if any configuration data was added to the vector, false otherwise. Can be used * to validate whether the configuration was empty. */ static bool configToVector(const ProtobufRepeatedRule&, HeaderToMetadataRules&); const std::string& decideNamespace(const std::string& nspace) const; HeaderToMetadataRules request_rules_; HeaderToMetadataRules response_rules_; bool response_set_; bool request_set_; }; using ConfigSharedPtr = std::shared_ptr; /** * Header-To-Metadata examines request/response headers and either copies or * moves the values into request metadata based on configuration information. */ class HeaderToMetadataFilter : public Http::StreamFilter, public Logger::Loggable { public: HeaderToMetadataFilter(const ConfigSharedPtr config); ~HeaderToMetadataFilter() override; // Http::StreamFilterBase void onDestroy() override {} // StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override; private: friend class HeaderToMetadataTest; using StructMap = std::map; const ConfigSharedPtr config_; mutable const Config* effective_config_{nullptr}; Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; /** * writeHeaderToMetadata encapsulates (1) searching for the header and (2) writing it to the * request metadata. * @param headers the map of key-value headers to look through. These could be response or * request headers depending on whether this is called from the encode state or * decode state. * @param rules the header-to-metadata mapping set in configuration. * @param callbacks the callback used to fetch the StreamInfo (which is then used to get * metadata). Callable with both encoder_callbacks_ and decoder_callbacks_. */ void writeHeaderToMetadata(Http::HeaderMap& headers, const HeaderToMetadataRules& rules, Http::StreamFilterCallbacks& callbacks); bool addMetadata(StructMap&, const std::string&, const std::string&, std::string, ValueType, ValueEncode) const; void applyKeyValue(std::string&&, const Rule&, const KeyValuePair&, StructMap&); const std::string& decideNamespace(const std::string& nspace) const; const Config* getConfig() const; }; } // namespace HeaderToMetadataFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/health_check/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that implements health check responses # Public docs: docs/root/configuration/http_filters/health_check_filter.rst envoy_extension_package() envoy_cc_library( name = "health_check_lib", srcs = ["health_check.cc"], hdrs = ["health_check.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//test/common/filter/http:__subpackages__", "//test/integration:__subpackages__", "//test/server:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/common/http:header_utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/health_check:health_check_lib", "@envoy_api//envoy/extensions/filters/http/health_check/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/health_check/config.cc ================================================ #include "extensions/filters/http/health_check/config.h" #include #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.h" #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.validate.h" #include "envoy/registry/registry.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "extensions/filters/http/health_check/health_check.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HealthCheck { Http::FilterFactoryCb HealthCheckFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::health_check::v3::HealthCheck& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { ASSERT(proto_config.has_pass_through_mode()); const bool pass_through_mode = proto_config.pass_through_mode().value(); const int64_t cache_time_ms = PROTOBUF_GET_MS_OR_DEFAULT(proto_config, cache_time, 0); auto header_match_data = std::make_shared>(); *header_match_data = Http::HeaderUtility::buildHeaderDataVector(proto_config.headers()); if (!pass_through_mode && cache_time_ms) { throw EnvoyException("cache_time_ms must not be set when path_through_mode is disabled"); } HealthCheckCacheManagerSharedPtr cache_manager; if (cache_time_ms > 0) { cache_manager = std::make_shared( context.dispatcher(), std::chrono::milliseconds(cache_time_ms)); } ClusterMinHealthyPercentagesConstSharedPtr cluster_min_healthy_percentages; if (!pass_through_mode && !proto_config.cluster_min_healthy_percentages().empty()) { auto cluster_to_percentage = std::make_unique(); for (const auto& item : proto_config.cluster_min_healthy_percentages()) { cluster_to_percentage->emplace(std::make_pair(item.first, item.second.value())); } cluster_min_healthy_percentages = std::move(cluster_to_percentage); } return [&context, pass_through_mode, cache_manager, header_match_data, cluster_min_healthy_percentages](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(context, pass_through_mode, cache_manager, header_match_data, cluster_min_healthy_percentages)); }; } /** * Static registration for the health check filter. @see RegisterFactory. */ REGISTER_FACTORY(HealthCheckFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.health_check"}; } // namespace HealthCheck } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/health_check/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.h" #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HealthCheck { class HealthCheckFilterConfig : public Common::FactoryBase { public: HealthCheckFilterConfig() : FactoryBase(HttpFilterNames::get().HealthCheck) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::health_check::v3::HealthCheck& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace HealthCheck } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/health_check/health_check.cc ================================================ #include "extensions/filters/http/health_check/health_check.h" #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/http/header_map.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HealthCheck { struct RcDetailsValues { // The health check filter returned healthy to a health check. const std::string HealthCheckOk = "health_check_ok"; // The health check filter responded with a failed health check. const std::string HealthCheckFailed = "health_check_failed"; // The health check filter returned a cached health value. const std::string HealthCheckCached = "health_check_cached"; // The health check filter failed due to health checking a nonexistent cluster. const std::string HealthCheckNoCluster = "health_check_failed_no_cluster_found"; // The health check filter failed due to checking min_degraded against an empty cluster. const std::string HealthCheckClusterEmpty = "health_check_failed_cluster_empty"; // The health check filter succeeded given the cluster health was sufficient. const std::string HealthCheckClusterHealthy = "health_check_ok_cluster_healthy"; // The health check filter failed given the cluster health was not sufficient. const std::string HealthCheckClusterUnhealthy = "health_check_failed_cluster_unhealthy"; }; using RcDetails = ConstSingleton; HealthCheckCacheManager::HealthCheckCacheManager(Event::Dispatcher& dispatcher, std::chrono::milliseconds timeout) : clear_cache_timer_(dispatcher.createTimer([this]() -> void { onTimer(); })), timeout_(timeout) { onTimer(); } void HealthCheckCacheManager::onTimer() { use_cached_response_ = false; clear_cache_timer_->enableTimer(timeout_); } Http::FilterHeadersStatus HealthCheckFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { if (Http::HeaderUtility::matchHeaders(headers, *header_match_data_)) { health_check_request_ = true; callbacks_->streamInfo().healthCheck(true); // Set the 'sampled' status for the span to false. This overrides // any previous sampling decision associated with the trace instance, // resulting in this span (and any subsequent child spans) not being // reported to the backend tracing system. callbacks_->activeSpan().setSampled(false); // If we are not in pass through mode, we always handle. Otherwise, we handle if the server is // in the failed state or if we are using caching and we should use the cached response. if (!pass_through_mode_ || context_.healthCheckFailed() || (cache_manager_ && cache_manager_->useCachedResponse())) { handling_ = true; } } if (end_stream && handling_) { onComplete(); } return handling_ ? Http::FilterHeadersStatus::StopIteration : Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus HealthCheckFilter::decodeData(Buffer::Instance&, bool end_stream) { if (end_stream && handling_) { onComplete(); } return handling_ ? Http::FilterDataStatus::StopIterationNoBuffer : Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus HealthCheckFilter::decodeTrailers(Http::RequestTrailerMap&) { if (handling_) { onComplete(); } return handling_ ? Http::FilterTrailersStatus::StopIteration : Http::FilterTrailersStatus::Continue; } Http::FilterHeadersStatus HealthCheckFilter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { if (health_check_request_) { if (cache_manager_) { cache_manager_->setCachedResponse( static_cast(Http::Utility::getResponseStatus(headers)), headers.EnvoyDegraded() != nullptr); } headers.setEnvoyUpstreamHealthCheckedCluster(context_.localInfo().clusterName()); } else if (context_.healthCheckFailed()) { headers.setReferenceEnvoyImmediateHealthCheckFail( Http::Headers::get().EnvoyImmediateHealthCheckFailValues.True); } return Http::FilterHeadersStatus::Continue; } void HealthCheckFilter::onComplete() { ASSERT(handling_); Http::Code final_status = Http::Code::OK; const std::string* details = &RcDetails::get().HealthCheckOk; bool degraded = false; if (context_.healthCheckFailed()) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::FailedLocalHealthCheck); final_status = Http::Code::ServiceUnavailable; details = &RcDetails::get().HealthCheckFailed; } else { if (cache_manager_) { const auto status_and_degraded = cache_manager_->getCachedResponse(); final_status = status_and_degraded.first; details = &RcDetails::get().HealthCheckCached; degraded = status_and_degraded.second; } else if (cluster_min_healthy_percentages_ != nullptr && !cluster_min_healthy_percentages_->empty()) { // Check the status of the specified upstream cluster(s) to determine the right response. auto& clusterManager = context_.clusterManager(); for (const auto& item : *cluster_min_healthy_percentages_) { details = &RcDetails::get().HealthCheckClusterHealthy; const std::string& cluster_name = item.first; const uint64_t min_healthy_percentage = static_cast(item.second); auto* cluster = clusterManager.get(cluster_name); if (cluster == nullptr) { // If the cluster does not exist at all, consider the service unhealthy. final_status = Http::Code::ServiceUnavailable; details = &RcDetails::get().HealthCheckNoCluster; break; } const auto& stats = cluster->info()->stats(); const uint64_t membership_total = stats.membership_total_.value(); if (membership_total == 0) { // If the cluster exists but is empty, consider the service unhealthy unless // the specified minimum percent healthy for the cluster happens to be zero. if (min_healthy_percentage == 0UL) { continue; } else { final_status = Http::Code::ServiceUnavailable; details = &RcDetails::get().HealthCheckClusterEmpty; break; } } // In the general case, consider the service unhealthy if fewer than the // specified percentage of the servers in the cluster are available (healthy + degraded). if ((100UL * (stats.membership_healthy_.value() + stats.membership_degraded_.value())) < membership_total * min_healthy_percentage) { final_status = Http::Code::ServiceUnavailable; details = &RcDetails::get().HealthCheckClusterUnhealthy; break; } } } if (!Http::CodeUtility::is2xx(enumToInt(final_status))) { callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::FailedLocalHealthCheck); } } callbacks_->sendLocalReply( final_status, "", [degraded](auto& headers) { if (degraded) { headers.setEnvoyDegraded(""); } }, absl::nullopt, *details); } } // namespace HealthCheck } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/health_check/health_check.h ================================================ #pragma once #include #include #include #include #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/server/filter_config.h" #include "common/http/header_utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace HealthCheck { /** * Shared cache manager used by all instances of a health check filter configuration as well as * all threads. This sets up a timer that will invalidate the cached response code and allow some * requests to go through to the backend. No attempt is made to allow only a single request to go * through to the backend, so during the invalidation window some number of requests will get * through. */ class HealthCheckCacheManager { public: HealthCheckCacheManager(Event::Dispatcher& dispatcher, std::chrono::milliseconds timeout); std::pair getCachedResponse() { return {last_response_code_, last_response_degraded_}; } void setCachedResponse(Http::Code code, bool degraded) { last_response_code_ = code; last_response_degraded_ = degraded; use_cached_response_ = true; } bool useCachedResponse() { return use_cached_response_; } private: void onTimer(); Event::TimerPtr clear_cache_timer_; const std::chrono::milliseconds timeout_; std::atomic use_cached_response_{}; std::atomic last_response_code_{}; std::atomic last_response_degraded_{}; }; using HealthCheckCacheManagerSharedPtr = std::shared_ptr; using ClusterMinHealthyPercentages = std::map; using ClusterMinHealthyPercentagesConstSharedPtr = std::shared_ptr; using HeaderDataVectorSharedPtr = std::shared_ptr>; /** * Health check responder filter. */ class HealthCheckFilter : public Http::StreamFilter { public: HealthCheckFilter(Server::Configuration::FactoryContext& context, bool pass_through_mode, HealthCheckCacheManagerSharedPtr cache_manager, HeaderDataVectorSharedPtr header_match_data, ClusterMinHealthyPercentagesConstSharedPtr cluster_min_healthy_percentages) : context_(context), pass_through_mode_(pass_through_mode), cache_manager_(cache_manager), header_match_data_(std::move(header_match_data)), cluster_min_healthy_percentages_(cluster_min_healthy_percentages) {} // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { callbacks_ = &callbacks; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks&) override {} private: void onComplete(); Server::Configuration::FactoryContext& context_; Http::StreamDecoderFilterCallbacks* callbacks_{}; bool handling_{}; bool health_check_request_{}; bool pass_through_mode_{}; HealthCheckCacheManagerSharedPtr cache_manager_; const HeaderDataVectorSharedPtr header_match_data_; ClusterMinHealthyPercentagesConstSharedPtr cluster_min_healthy_percentages_; }; } // namespace HealthCheck } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ip_tagging/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter that writes an IP tagging header based on IP trie data # Public docs: docs/root/configuration/http_filters/ip_tagging_filter.rst envoy_extension_package() envoy_cc_library( name = "ip_tagging_filter_lib", srcs = ["ip_tagging_filter.cc"], hdrs = ["ip_tagging_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//include/envoy/runtime:runtime_interface", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/network:lc_trie_lib", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ip_tagging/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/ip_tagging:ip_tagging_filter_lib", "@envoy_api//envoy/extensions/filters/http/ip_tagging/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/ip_tagging/config.cc ================================================ #include "extensions/filters/http/ip_tagging/config.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/ip_tagging/ip_tagging_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace IpTagging { Http::FilterFactoryCb IpTaggingFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ip_tagging::v3::IPTagging& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) { IpTaggingFilterConfigSharedPtr config( new IpTaggingFilterConfig(proto_config, stat_prefix, context.scope(), context.runtime())); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(config)); }; } /** * Static registration for the ip tagging filter. @see RegisterFactory. */ REGISTER_FACTORY(IpTaggingFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.ip_tagging"}; } // namespace IpTagging } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ip_tagging/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace IpTagging { /** * Config registration for the router filter. @see NamedHttpFilterConfigFactory. */ class IpTaggingFilterFactory : public Common::FactoryBase { public: IpTaggingFilterFactory() : FactoryBase(HttpFilterNames::get().IpTagging) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ip_tagging::v3::IPTagging& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace IpTagging } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ip_tagging/ip_tagging_filter.cc ================================================ #include "extensions/filters/http/ip_tagging/ip_tagging_filter.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace IpTagging { IpTaggingFilterConfig::IpTaggingFilterConfig( const envoy::extensions::filters::http::ip_tagging::v3::IPTagging& config, const std::string& stat_prefix, Stats::Scope& scope, Runtime::Loader& runtime) : request_type_(requestTypeEnum(config.request_type())), scope_(scope), runtime_(runtime), stat_name_set_(scope.symbolTable().makeSet("IpTagging")), stats_prefix_(stat_name_set_->add(stat_prefix + "ip_tagging")), no_hit_(stat_name_set_->add("no_hit")), total_(stat_name_set_->add("total")), unknown_tag_(stat_name_set_->add("unknown_tag.hit")) { // Once loading IP tags from a file system is supported, the restriction on the size // of the set should be removed and observability into what tags are loaded needs // to be implemented. // TODO(ccaraman): Remove size check once file system support is implemented. // Work is tracked by issue https://github.com/envoyproxy/envoy/issues/2695. if (config.ip_tags().empty()) { throw EnvoyException("HTTP IP Tagging Filter requires ip_tags to be specified."); } std::vector>> tag_data; tag_data.reserve(config.ip_tags().size()); for (const auto& ip_tag : config.ip_tags()) { std::vector cidr_set; cidr_set.reserve(ip_tag.ip_list().size()); for (const envoy::config::core::v3::CidrRange& entry : ip_tag.ip_list()) { // Currently, CidrRange::create doesn't guarantee that the CidrRanges are valid. Network::Address::CidrRange cidr_entry = Network::Address::CidrRange::create(entry); if (cidr_entry.isValid()) { cidr_set.emplace_back(std::move(cidr_entry)); } else { throw EnvoyException( fmt::format("invalid ip/mask combo '{}/{}' (format is /<# mask bits>)", entry.address_prefix(), entry.prefix_len().value())); } } tag_data.emplace_back(ip_tag.ip_tag_name(), cidr_set); stat_name_set_->rememberBuiltin(absl::StrCat(ip_tag.ip_tag_name(), ".hit")); } trie_ = std::make_unique>(tag_data); } void IpTaggingFilterConfig::incCounter(Stats::StatName name) { Stats::SymbolTable::StoragePtr storage = scope_.symbolTable().join({stats_prefix_, name}); scope_.counterFromStatName(Stats::StatName(storage.get())).inc(); } IpTaggingFilter::IpTaggingFilter(IpTaggingFilterConfigSharedPtr config) : config_(config) {} IpTaggingFilter::~IpTaggingFilter() = default; void IpTaggingFilter::onDestroy() {} Http::FilterHeadersStatus IpTaggingFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { const bool is_internal_request = headers.EnvoyInternalRequest() && (headers.EnvoyInternalRequest()->value() == Http::Headers::get().EnvoyInternalRequestValues.True.c_str()); if ((is_internal_request && config_->requestType() == FilterRequestType::EXTERNAL) || (!is_internal_request && config_->requestType() == FilterRequestType::INTERNAL) || !config_->runtime().snapshot().featureEnabled("ip_tagging.http_filter_enabled", 100)) { return Http::FilterHeadersStatus::Continue; } std::vector tags = config_->trie().getData(callbacks_->streamInfo().downstreamRemoteAddress()); if (!tags.empty()) { const std::string tags_join = absl::StrJoin(tags, ","); headers.appendEnvoyIpTags(tags_join, ","); // We must clear the route cache or else we can't match on x-envoy-ip-tags. callbacks_->clearRouteCache(); // For a large number(ex > 1000) of tags, stats cardinality will be an issue. // If there are use cases with a large set of tags, a way to opt into these stats // should be exposed and other observability options like logging tags need to be implemented. for (const std::string& tag : tags) { config_->incHit(tag); } } else { config_->incNoHit(); } config_->incTotal(); return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus IpTaggingFilter::decodeData(Buffer::Instance&, bool) { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus IpTaggingFilter::decodeTrailers(Http::RequestTrailerMap&) { return Http::FilterTrailersStatus::Continue; } void IpTaggingFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } } // namespace IpTagging } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ip_tagging/ip_tagging_filter.h ================================================ #pragma once #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "common/network/cidr_range.h" #include "common/network/lc_trie.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace IpTagging { /** * Type of requests the filter should apply to. */ enum class FilterRequestType { INTERNAL, EXTERNAL, BOTH }; /** * Configuration for the HTTP IP Tagging filter. */ class IpTaggingFilterConfig { public: IpTaggingFilterConfig(const envoy::extensions::filters::http::ip_tagging::v3::IPTagging& config, const std::string& stat_prefix, Stats::Scope& scope, Runtime::Loader& runtime); Runtime::Loader& runtime() { return runtime_; } FilterRequestType requestType() const { return request_type_; } const Network::LcTrie::LcTrie& trie() const { return *trie_; } void incHit(absl::string_view tag) { incCounter(stat_name_set_->getBuiltin(absl::StrCat(tag, ".hit"), unknown_tag_)); } void incNoHit() { incCounter(no_hit_); } void incTotal() { incCounter(total_); } private: static FilterRequestType requestTypeEnum( envoy::extensions::filters::http::ip_tagging::v3::IPTagging::RequestType request_type) { switch (request_type) { case envoy::extensions::filters::http::ip_tagging::v3::IPTagging::BOTH: return FilterRequestType::BOTH; case envoy::extensions::filters::http::ip_tagging::v3::IPTagging::INTERNAL: return FilterRequestType::INTERNAL; case envoy::extensions::filters::http::ip_tagging::v3::IPTagging::EXTERNAL: return FilterRequestType::EXTERNAL; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void incCounter(Stats::StatName name); const FilterRequestType request_type_; Stats::Scope& scope_; Runtime::Loader& runtime_; Stats::StatNameSetPtr stat_name_set_; const Stats::StatName stats_prefix_; const Stats::StatName no_hit_; const Stats::StatName total_; const Stats::StatName unknown_tag_; std::unique_ptr> trie_; }; using IpTaggingFilterConfigSharedPtr = std::shared_ptr; /** * A filter that gets all tags associated with a request's downstream remote address and * sets a header `x-envoy-ip-tags` with those values. */ class IpTaggingFilter : public Http::StreamDecoderFilter { public: IpTaggingFilter(IpTaggingFilterConfigSharedPtr config); ~IpTaggingFilter() override; // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; private: IpTaggingFilterConfigSharedPtr config_; Http::StreamDecoderFilterCallbacks* callbacks_{}; }; } // namespace IpTagging } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "extractor_lib", srcs = ["extractor.cc"], hdrs = ["extractor.h"], deps = [ "//source/common/http:header_utility_lib", "//source/common/http:utility_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "jwks_cache_lib", srcs = ["jwks_cache.cc"], hdrs = ["jwks_cache.h"], external_deps = [ "jwt_verify_lib", ], deps = [ "//source/common/common:minimal_logger_lib", "//source/common/config:datasource_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "authenticator_lib", srcs = ["authenticator.cc"], hdrs = ["authenticator.h"], deps = [ ":extractor_lib", ":jwks_cache_lib", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_macros", "//source/common/http:message_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/http/common:jwks_fetcher_lib", ], ) envoy_cc_library( name = "filter_lib", srcs = ["filter.cc"], hdrs = ["filter.h"], external_deps = [ "jwt_verify_lib", ], deps = [ ":filter_config_interface", ":matchers_lib", "//include/envoy/http:filter_interface", "//source/common/http:headers_lib", "//source/extensions/filters/http:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["filter_factory.cc"], hdrs = ["filter_factory.h"], security_posture = "robust_to_untrusted_downstream", status = "alpha", deps = [ ":filter_lib", "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "matchers_lib", srcs = ["matcher.cc"], hdrs = ["matcher.h"], deps = [ ":verifier_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", "//source/common/router:config_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "verifier_lib", srcs = ["verifier.cc"], hdrs = ["verifier.h"], deps = [ ":authenticator_lib", ":extractor_lib", "//include/envoy/http:header_map_interface", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_config_interface", srcs = ["filter_config.cc"], hdrs = ["filter_config.h"], deps = [ ":jwks_cache_lib", ":matchers_lib", "//include/envoy/router:string_accessor_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_macros", "//include/envoy/thread_local:thread_local_interface", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/jwt_authn/authenticator.cc ================================================ #include "extensions/filters/http/jwt_authn/authenticator.h" #include "envoy/http/async_client.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/protobuf/protobuf.h" #include "common/tracing/http_tracer_impl.h" #include "jwt_verify_lib/jwt.h" #include "jwt_verify_lib/verify.h" using ::google::jwt_verify::CheckAudience; using ::google::jwt_verify::Status; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { /** * Object to implement Authenticator interface. */ class AuthenticatorImpl : public Logger::Loggable, public Authenticator, public Common::JwksFetcher::JwksReceiver { public: AuthenticatorImpl(const CheckAudience* check_audience, const absl::optional& provider, bool allow_failed, bool allow_missing, JwksCache& jwks_cache, Upstream::ClusterManager& cluster_manager, CreateJwksFetcherCb create_jwks_fetcher_cb, TimeSource& time_source) : jwks_cache_(jwks_cache), cm_(cluster_manager), create_jwks_fetcher_cb_(create_jwks_fetcher_cb), check_audience_(check_audience), provider_(provider), is_allow_failed_(allow_failed), is_allow_missing_(allow_missing), time_source_(time_source) {} // Following functions are for JwksFetcher::JwksReceiver interface void onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) override; void onJwksError(Failure reason) override; // Following functions are for Authenticator interface void verify(Http::HeaderMap& headers, Tracing::Span& parent_span, std::vector&& tokens, SetPayloadCallback set_payload_cb, AuthenticatorCallback callback) override; void onDestroy() override; TimeSource& timeSource() { return time_source_; } private: // Returns the name of the authenticator. For debug logging only. std::string name() const; // Verify with a specific public key. void verifyKey(); // Calls the callback with status. void doneWithStatus(const Status& status); // Start verification process. It will continue to eliminate tokens with invalid claims until it // finds one to verify with key. void startVerify(); // The jwks cache object. JwksCache& jwks_cache_; // the cluster manager object. Upstream::ClusterManager& cm_; // The callback used to create a JwksFetcher instance. CreateJwksFetcherCb create_jwks_fetcher_cb_; // The Jwks fetcher object Common::JwksFetcherPtr fetcher_; // The token data std::vector tokens_; JwtLocationConstPtr curr_token_; // The JWT object. std::unique_ptr<::google::jwt_verify::Jwt> jwt_; // The JWKS data object JwksCache::JwksData* jwks_data_{}; // The HTTP request headers Http::HeaderMap* headers_{}; // The active span for the request Tracing::Span* parent_span_{&Tracing::NullSpan::instance()}; // the callback function to set payload SetPayloadCallback set_payload_cb_; // The on_done function. AuthenticatorCallback callback_; // check audience object. const CheckAudience* check_audience_; // specific provider or not when it is allow missing or failed. const absl::optional provider_; const bool is_allow_failed_; const bool is_allow_missing_; TimeSource& time_source_; }; std::string AuthenticatorImpl::name() const { if (provider_) { return provider_.value() + (is_allow_missing_ ? "-OPTIONAL" : ""); } if (is_allow_failed_) { return "_IS_ALLOW_FAILED_"; } if (is_allow_missing_) { return "_IS_ALLOW_MISSING_"; } return "_UNKNOWN_"; } void AuthenticatorImpl::verify(Http::HeaderMap& headers, Tracing::Span& parent_span, std::vector&& tokens, SetPayloadCallback set_payload_cb, AuthenticatorCallback callback) { ASSERT(!callback_); headers_ = &headers; parent_span_ = &parent_span; tokens_ = std::move(tokens); set_payload_cb_ = std::move(set_payload_cb); callback_ = std::move(callback); ENVOY_LOG(debug, "{}: JWT authentication starts (allow_failed={}), tokens size={}", name(), is_allow_failed_, tokens_.size()); if (tokens_.empty()) { doneWithStatus(Status::JwtMissed); return; } startVerify(); } void AuthenticatorImpl::startVerify() { ASSERT(!tokens_.empty()); ENVOY_LOG(debug, "{}: startVerify: tokens size {}", name(), tokens_.size()); curr_token_ = std::move(tokens_.back()); tokens_.pop_back(); jwt_ = std::make_unique<::google::jwt_verify::Jwt>(); const Status status = jwt_->parseFromString(curr_token_->token()); if (status != Status::Ok) { doneWithStatus(status); return; } ENVOY_LOG(debug, "{}: Verifying JWT token of issuer {}", name(), jwt_->iss_); if (!jwt_->iss_.empty()) { // Check if token extracted from the location contains the issuer specified by config. if (!curr_token_->isIssuerSpecified(jwt_->iss_)) { doneWithStatus(Status::JwtUnknownIssuer); return; } } else { // If provider is not specified, in allow_missing_or_failed or allow_missing case, // the issuer specified in "iss" payload is required in order to lookup provider. if (!provider_) { doneWithStatus(Status::JwtUnknownIssuer); return; } } // TODO(qiwzhang): Cross-platform-wise the below unix_timestamp code is wrong as the // epoch is not guaranteed to be defined as the unix epoch. We should use // the abseil time functionality instead or use the jwt_verify_lib to check // the validity of a JWT. // Check "exp" claim. const uint64_t unix_timestamp = std::chrono::duration_cast(timeSource().systemTime().time_since_epoch()) .count(); // If the nbf claim does *not* appear in the JWT, then the nbf field is defaulted // to 0. if (jwt_->nbf_ > unix_timestamp) { doneWithStatus(Status::JwtNotYetValid); return; } // If the exp claim does *not* appear in the JWT then the exp field is defaulted // to 0. if (jwt_->exp_ > 0 && jwt_->exp_ < unix_timestamp) { doneWithStatus(Status::JwtExpired); return; } // Check the issuer is configured or not. jwks_data_ = provider_ ? jwks_cache_.findByProvider(provider_.value()) : jwks_cache_.findByIssuer(jwt_->iss_); // isIssuerSpecified() check already make sure the issuer is in the cache. ASSERT(jwks_data_ != nullptr); // Check if audience is allowed bool is_allowed = check_audience_ ? check_audience_->areAudiencesAllowed(jwt_->audiences_) : jwks_data_->areAudiencesAllowed(jwt_->audiences_); if (!is_allowed) { doneWithStatus(Status::JwtAudienceNotAllowed); return; } auto jwks_obj = jwks_data_->getJwksObj(); if (jwks_obj != nullptr && !jwks_data_->isExpired()) { // TODO(qiwzhang): It would seem there's a window of error whereby if the JWT issuer // has started signing with a new key that's not in our cache, then the // verification will fail even though the JWT is valid. A simple fix // would be to check the JWS kid header field; if present check we have // the key cached, if we do proceed to verify else try a new JWKS retrieval. // JWTs without a kid header field in the JWS we might be best to get each // time? This all only matters for remote JWKS. verifyKey(); return; } // TODO(potatop): potential optimization. // Only one remote jwks will be fetched, verify will not continue util it is completed. This is // fine for provider name requirements, as each provider has only one issuer, but for allow // missing or failed there can be more than one issuers. This can be optimized; the same remote // jwks fetching can be shared by two requests. if (jwks_data_->getJwtProvider().has_remote_jwks()) { if (!fetcher_) { fetcher_ = create_jwks_fetcher_cb_(cm_); } fetcher_->fetch(jwks_data_->getJwtProvider().remote_jwks().http_uri(), *parent_span_, *this); return; } // No valid keys for this issuer. This may happen as a result of incorrect local // JWKS configuration. doneWithStatus(Status::JwksNoValidKeys); } void AuthenticatorImpl::onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) { const Status status = jwks_data_->setRemoteJwks(std::move(jwks))->getStatus(); if (status != Status::Ok) { doneWithStatus(status); } else { verifyKey(); } } void AuthenticatorImpl::onJwksError(Failure) { doneWithStatus(Status::JwksFetchFail); } void AuthenticatorImpl::onDestroy() { if (fetcher_) { fetcher_->cancel(); } } // Verify with a specific public key. void AuthenticatorImpl::verifyKey() { const Status status = ::google::jwt_verify::verifyJwt(*jwt_, *jwks_data_->getJwksObj()); if (status != Status::Ok) { doneWithStatus(status); return; } // Forward the payload const auto& provider = jwks_data_->getJwtProvider(); if (!provider.forward_payload_header().empty()) { headers_->addCopy(Http::LowerCaseString(provider.forward_payload_header()), jwt_->payload_str_base64url_); } if (!provider.forward()) { // TODO(potatop) remove JWT from queries. // Remove JWT from headers. curr_token_->removeJwt(*headers_); } if (set_payload_cb_ && !provider.payload_in_metadata().empty()) { set_payload_cb_(provider.payload_in_metadata(), jwt_->payload_pb_); } doneWithStatus(Status::Ok); } void AuthenticatorImpl::doneWithStatus(const Status& status) { ENVOY_LOG(debug, "{}: JWT token verification completed with: {}", name(), ::google::jwt_verify::getStatusString(status)); // If a request has multiple tokens, all of them must be valid. Otherwise it may have // following security hole: a request has a good token and a bad one, it will pass // verification, forwarded to the backend, and the backend may mistakenly use the bad // token as the good one that passed the verification. // Unless allowing failed or missing, all tokens must be verified successfully. if ((Status::Ok != status && !is_allow_failed_ && !is_allow_missing_) || tokens_.empty()) { tokens_.clear(); if (is_allow_failed_) { callback_(Status::Ok); } else if (is_allow_missing_ && status == Status::JwtMissed) { callback_(Status::Ok); } else { callback_(status); } callback_ = nullptr; return; } startVerify(); } } // namespace AuthenticatorPtr Authenticator::create(const CheckAudience* check_audience, const absl::optional& provider, bool allow_failed, bool allow_missing, JwksCache& jwks_cache, Upstream::ClusterManager& cluster_manager, CreateJwksFetcherCb create_jwks_fetcher_cb, TimeSource& time_source) { return std::make_unique(check_audience, provider, allow_failed, allow_missing, jwks_cache, cluster_manager, create_jwks_fetcher_cb, time_source); } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/authenticator.h ================================================ #pragma once #include "envoy/server/filter_config.h" #include "extensions/filters/http/common/jwks_fetcher.h" #include "extensions/filters/http/jwt_authn/extractor.h" #include "extensions/filters/http/jwt_authn/jwks_cache.h" #include "jwt_verify_lib/check_audience.h" #include "jwt_verify_lib/status.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { class Authenticator; using AuthenticatorPtr = std::unique_ptr; using AuthenticatorCallback = std::function; using SetPayloadCallback = std::function; /** * CreateJwksFetcherCb is a callback interface for creating a JwksFetcher instance. */ using CreateJwksFetcherCb = std::function; /** * Authenticator object to handle all JWT authentication flow. */ class Authenticator { public: virtual ~Authenticator() = default; // Verify if headers satisfies the JWT requirements. Can be limited to single provider with // extract_param. virtual void verify(Http::HeaderMap& headers, Tracing::Span& parent_span, std::vector&& tokens, SetPayloadCallback set_payload_cb, AuthenticatorCallback callback) PURE; // Called when the object is about to be destroyed. virtual void onDestroy() PURE; // Authenticator factory function. static AuthenticatorPtr create(const ::google::jwt_verify::CheckAudience* check_audience, const absl::optional& provider, bool allow_failed, bool allow_missing, JwksCache& jwks_cache, Upstream::ClusterManager& cluster_manager, CreateJwksFetcherCb create_jwks_fetcher_cb, TimeSource& time_source); }; /** * Interface for authenticator factory. */ class AuthFactory { public: virtual ~AuthFactory() = default; // Factory method for creating authenticator, and populate it with provider config. virtual AuthenticatorPtr create(const ::google::jwt_verify::CheckAudience* check_audience, const absl::optional& provider, bool allow_failed, bool allow_missing) const PURE; }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/extractor.cc ================================================ #include "extensions/filters/http/jwt_authn/extractor.h" #include #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "common/common/utility.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/singleton/const_singleton.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" using envoy::extensions::filters::http::jwt_authn::v3::JwtProvider; using Envoy::Http::LowerCaseString; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { /** * Constant values */ struct JwtConstValueStruct { // The header value prefix for Authorization. const std::string BearerPrefix{"Bearer "}; // The default query parameter name to extract JWT token const std::string AccessTokenParam{"access_token"}; }; using JwtConstValues = ConstSingleton; // A base JwtLocation object to store token and specified_issuers. class JwtLocationBase : public JwtLocation { public: JwtLocationBase(const std::string& token, const absl::node_hash_set& issuers) : token_(token), specified_issuers_(issuers) {} // Get the token string const std::string& token() const override { return token_; } // Check if an issuer has specified the location. bool isIssuerSpecified(const std::string& issuer) const override { return specified_issuers_.find(issuer) != specified_issuers_.end(); } private: // Extracted token. const std::string token_; // Stored issuers specified the location. const absl::node_hash_set& specified_issuers_; }; // The JwtLocation for header extraction. class JwtHeaderLocation : public JwtLocationBase { public: JwtHeaderLocation(const std::string& token, const absl::node_hash_set& issuers, const LowerCaseString& header) : JwtLocationBase(token, issuers), header_(header) {} void removeJwt(Http::HeaderMap& headers) const override { headers.remove(header_); } private: // the header name the JWT is extracted from. const LowerCaseString& header_; }; // The JwtLocation for param extraction. class JwtParamLocation : public JwtLocationBase { public: JwtParamLocation(const std::string& token, const absl::node_hash_set& issuers, const std::string&) : JwtLocationBase(token, issuers) {} void removeJwt(Http::HeaderMap&) const override { // TODO(qiwzhang): remove JWT from parameter. } }; /** * The class implements Extractor interface * */ class ExtractorImpl : public Logger::Loggable, public Extractor { public: ExtractorImpl(const JwtProvider& provider); ExtractorImpl( const std::vector& providers); std::vector extract(const Http::RequestHeaderMap& headers) const override; void sanitizePayloadHeaders(Http::HeaderMap& headers) const override; private: // add a header config void addHeaderConfig(const std::string& issuer, const Http::LowerCaseString& header_name, const std::string& value_prefix); // add a query param config void addQueryParamConfig(const std::string& issuer, const std::string& param); // ctor helper for a jwt provider config void addProvider(const JwtProvider& provider); // @return what should be the 3-part base64url-encoded substring; see RFC-7519 absl::string_view extractJWT(absl::string_view value_str, absl::string_view::size_type after) const; // HeaderMap value type to store prefix and issuers that specified this // header. struct HeaderLocationSpec { HeaderLocationSpec(const Http::LowerCaseString& header, const std::string& value_prefix) : header_(header), value_prefix_(value_prefix) {} // The header name. Http::LowerCaseString header_; // The value prefix. e.g. for "Bearer ", the value_prefix is "Bearer ". std::string value_prefix_; // Issuers that specified this header. absl::node_hash_set specified_issuers_; }; using HeaderLocationSpecPtr = std::unique_ptr; // The map of (header + value_prefix) to HeaderLocationSpecPtr std::map header_locations_; // ParamMap value type to store issuers that specified this header. struct ParamLocationSpec { // Issuers that specified this param. absl::node_hash_set specified_issuers_; }; // The map of a parameter key to set of issuers specified the parameter std::map param_locations_; std::vector forward_payload_headers_; }; ExtractorImpl::ExtractorImpl(const JwtProvider& provider) { addProvider(provider); } ExtractorImpl::ExtractorImpl(const JwtProviderList& providers) { for (const auto& provider : providers) { ASSERT(provider); addProvider(*provider); } } void ExtractorImpl::addProvider(const JwtProvider& provider) { for (const auto& header : provider.from_headers()) { addHeaderConfig(provider.issuer(), LowerCaseString(header.name()), header.value_prefix()); } for (const std::string& param : provider.from_params()) { addQueryParamConfig(provider.issuer(), param); } // If not specified, use default locations. if (provider.from_headers().empty() && provider.from_params().empty()) { addHeaderConfig(provider.issuer(), Http::CustomHeaders::get().Authorization, JwtConstValues::get().BearerPrefix); addQueryParamConfig(provider.issuer(), JwtConstValues::get().AccessTokenParam); } if (!provider.forward_payload_header().empty()) { forward_payload_headers_.emplace_back(provider.forward_payload_header()); } } void ExtractorImpl::addHeaderConfig(const std::string& issuer, const LowerCaseString& header_name, const std::string& value_prefix) { ENVOY_LOG(debug, "addHeaderConfig for issuer {} at {}", issuer, header_name.get()); const std::string map_key = header_name.get() + value_prefix; auto& header_location_spec = header_locations_[map_key]; if (!header_location_spec) { header_location_spec = std::make_unique(header_name, value_prefix); } header_location_spec->specified_issuers_.insert(issuer); } void ExtractorImpl::addQueryParamConfig(const std::string& issuer, const std::string& param) { auto& param_location_spec = param_locations_[param]; param_location_spec.specified_issuers_.insert(issuer); } std::vector ExtractorImpl::extract(const Http::RequestHeaderMap& headers) const { std::vector tokens; // Check header locations first for (const auto& location_it : header_locations_) { const auto& location_spec = location_it.second; ENVOY_LOG(debug, "extract {}", location_it.first); const auto result = Http::HeaderUtility::getAllOfHeaderAsString(headers, location_spec->header_); if (result.result().has_value()) { auto value_str = result.result().value(); if (!location_spec->value_prefix_.empty()) { const auto pos = value_str.find(location_spec->value_prefix_); if (pos == absl::string_view::npos) { // value_prefix not found anywhere in value_str, so skip continue; } value_str = extractJWT(value_str, pos + location_spec->value_prefix_.length()); } tokens.push_back(std::make_unique( std::string(value_str), location_spec->specified_issuers_, location_spec->header_)); } } // If no query parameter locations specified, or Path() is null, bail out if (param_locations_.empty() || headers.Path() == nullptr) { return tokens; } // Check query parameter locations. const auto& params = Http::Utility::parseAndDecodeQueryString(headers.getPathValue()); for (const auto& location_it : param_locations_) { const auto& param_key = location_it.first; const auto& location_spec = location_it.second; const auto& it = params.find(param_key); if (it != params.end()) { tokens.push_back(std::make_unique( it->second, location_spec.specified_issuers_, param_key)); } } return tokens; } // as specified in RFC-4648 § 5, plus dot (period, 0x2e), of which two are required in the JWT constexpr absl::string_view ConstantBase64UrlEncodingCharsPlusDot = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_."; // Returns a token, not a URL: skips non-Base64Url-legal (or dot) characters, collects following // Base64Url+dot string until first non-Base64Url char. // // The input parameters: // "value_str" - the header value string, perhaps "Bearer string....", and // "after" - the offset into that string after which to begin looking for JWT-legal characters // // For backwards compatibility, if it finds no suitable string, it returns value_str as-is. // // It is forgiving w.r.t. dots/periods, as the exact syntax will be verified after extraction. // // See RFC-7519 § 2, RFC-7515 § 2, and RFC-4648 "Base-N Encodings" § 5. absl::string_view ExtractorImpl::extractJWT(absl::string_view value_str, absl::string_view::size_type after) const { const auto starting = value_str.find_first_of(ConstantBase64UrlEncodingCharsPlusDot, after); if (starting == value_str.npos) { return value_str; } // There should be two dots (periods; 0x2e) inside the string, but we don't verify that here auto ending = value_str.find_first_not_of(ConstantBase64UrlEncodingCharsPlusDot, starting); if (ending == value_str.npos) { // Base64Url-encoded string occupies the rest of the line return value_str.substr(starting); } return value_str.substr(starting, ending - starting); } void ExtractorImpl::sanitizePayloadHeaders(Http::HeaderMap& headers) const { for (const auto& header : forward_payload_headers_) { headers.remove(header); } } } // namespace ExtractorConstPtr Extractor::create(const JwtProvider& provider) { return std::make_unique(provider); } ExtractorConstPtr Extractor::create(const JwtProviderList& providers) { return std::make_unique(providers); } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/extractor.h ================================================ #pragma once #include #include #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/http/header_map.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { /** * JwtLocation stores following token information: * * * extracted token string, * * the location where the JWT is extracted from, * * list of issuers specified the location. * */ class JwtLocation { public: virtual ~JwtLocation() = default; // Get the token string virtual const std::string& token() const PURE; // Check if an issuer has specified the location. virtual bool isIssuerSpecified(const std::string& issuer) const PURE; // Remove the token from the headers virtual void removeJwt(Http::HeaderMap& headers) const PURE; }; using JwtLocationConstPtr = std::unique_ptr; using JwtProviderList = std::vector; class Extractor; using ExtractorConstPtr = std::unique_ptr; /** * Extracts JWT from locations specified in the config. * * Usage example: * * auto extractor = Extractor::create(config); * auto tokens = extractor->extract(headers); * for (token : tokens) { * Jwt jwt; * if (jwt.parseFromString(token->token()) != Status::Ok) { * // Handle JWT parsing failure. * } * * if (need_to_remove) { * // remove the JWT * token->removeJwt(headers); * } * } * */ class Extractor { public: virtual ~Extractor() = default; /** * Extract all JWT tokens from the headers. If set of header_keys or param_keys * is not empty only those in the matching locations will be returned. * * @param headers is the HTTP request headers. * @return list of extracted Jwt location info. */ virtual std::vector extract(const Http::RequestHeaderMap& headers) const PURE; /** * Remove headers that configured to send JWT payloads. * * @param headers is the HTTP request headers. */ virtual void sanitizePayloadHeaders(Http::HeaderMap& headers) const PURE; /** * Create an instance of Extractor for a given config. * @param from_headers header location config. * @param from_params query param location config. * @return the extractor object. */ static ExtractorConstPtr create(const envoy::extensions::filters::http::jwt_authn::v3::JwtProvider& provider); /** * Create an instance of Extractor for a list of provider config. * @param the list of JwtProvider configs. * @return the extractor object. */ static ExtractorConstPtr create(const JwtProviderList& providers); }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter.cc ================================================ #include "extensions/filters/http/jwt_authn/filter.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "extensions/filters/http/well_known_names.h" #include "jwt_verify_lib/status.h" using ::google::jwt_verify::Status; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { Http::RegisterCustomInlineHeader access_control_request_method_handle(Http::CustomHeaders::get().AccessControlRequestMethod); Http::RegisterCustomInlineHeader origin_handle(Http::CustomHeaders::get().Origin); bool isCorsPreflightRequest(const Http::RequestHeaderMap& headers) { return headers.getMethodValue() == Http::Headers::get().MethodValues.Options && !headers.getInlineValue(origin_handle.handle()).empty() && !headers.getInlineValue(access_control_request_method_handle.handle()).empty(); } } // namespace struct RcDetailsValues { // The jwt_authn filter rejected the request const std::string JwtAuthnAccessDenied = "jwt_authn_access_denied"; }; using RcDetails = ConstSingleton; Filter::Filter(FilterConfigSharedPtr config) : stats_(config->stats()), config_(std::move(config)) {} void Filter::onDestroy() { ENVOY_LOG(debug, "Called Filter : {}", __func__); if (context_) { context_->cancel(); } } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { ENVOY_LOG(debug, "Called Filter : {}", __func__); state_ = Calling; stopped_ = false; if (config_->bypassCorsPreflightRequest() && isCorsPreflightRequest(headers)) { // The CORS preflight doesn't include user credentials, bypass regardless of JWT requirements. // See http://www.w3.org/TR/cors/#cross-origin-request-with-preflight. ENVOY_LOG(debug, "CORS preflight request bypassed regardless of JWT requirements"); stats_.cors_preflight_bypassed_.inc(); onComplete(Status::Ok); return Http::FilterHeadersStatus::Continue; } // Verify the JWT token, onComplete() will be called when completed. const auto* verifier = config_->findVerifier(headers, *decoder_callbacks_->streamInfo().filterState()); if (!verifier) { onComplete(Status::Ok); } else { context_ = Verifier::createContext(headers, decoder_callbacks_->activeSpan(), this); verifier->verify(context_); } if (state_ == Complete) { return Http::FilterHeadersStatus::Continue; } ENVOY_LOG(debug, "Called Filter : {} Stop", __func__); stopped_ = true; return Http::FilterHeadersStatus::StopIteration; } void Filter::setPayload(const ProtobufWkt::Struct& payload) { decoder_callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().JwtAuthn, payload); } void Filter::onComplete(const Status& status) { ENVOY_LOG(debug, "Called Filter : check complete {}", ::google::jwt_verify::getStatusString(status)); // This stream has been reset, abort the callback. if (state_ == Responded) { return; } if (Status::Ok != status) { stats_.denied_.inc(); state_ = Responded; // verification failed Http::Code code = status == Status::JwtAudienceNotAllowed ? Http::Code::Forbidden : Http::Code::Unauthorized; // return failure reason as message body decoder_callbacks_->sendLocalReply(code, ::google::jwt_verify::getStatusString(status), nullptr, absl::nullopt, RcDetails::get().JwtAuthnAccessDenied); return; } stats_.allowed_.inc(); state_ = Complete; if (stopped_) { decoder_callbacks_->continueDecoding(); } } Http::FilterDataStatus Filter::decodeData(Buffer::Instance&, bool) { ENVOY_LOG(debug, "Called Filter : {}", __func__); if (state_ == Calling) { return Http::FilterDataStatus::StopIterationAndWatermark; } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus Filter::decodeTrailers(Http::RequestTrailerMap&) { ENVOY_LOG(debug, "Called Filter : {}", __func__); if (state_ == Calling) { return Http::FilterTrailersStatus::StopIteration; } return Http::FilterTrailersStatus::Continue; } void Filter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { ENVOY_LOG(debug, "Called Filter : {}", __func__); decoder_callbacks_ = &callbacks; } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter.h ================================================ #pragma once #include "envoy/http/filter.h" #include "common/common/lock_guard.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "extensions/filters/http/jwt_authn/filter_config.h" #include "extensions/filters/http/jwt_authn/matcher.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { // The Envoy filter to process JWT auth. class Filter : public Http::StreamDecoderFilter, public Verifier::Callbacks, public Logger::Loggable { public: Filter(FilterConfigSharedPtr config); // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; private: // Following two functions are for Verifier::Callbacks interface. // Pass the payload as Struct. void setPayload(const ProtobufWkt::Struct& payload) override; // It will be called when its verify() call is completed. void onComplete(const ::google::jwt_verify::Status& status) override; // The callback function. Http::StreamDecoderFilterCallbacks* decoder_callbacks_; // The stats object. JwtAuthnFilterStats& stats_; // The state of the request enum State { Init, Calling, Responded, Complete }; State state_ = Init; // Mark if request has been stopped. bool stopped_ = false; // Filter config object. FilterConfigSharedPtr config_; // Verify context for current request. ContextSharedPtr context_; }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter_config.cc ================================================ #include "extensions/filters/http/jwt_authn/filter_config.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { void FilterConfigImpl::init() { ENVOY_LOG(debug, "Loaded JwtAuthConfig: {}", proto_config_.DebugString()); // Note: `this` and `context` have a a lifetime of the listener. // That may be shorter of the tls callback if the listener is torn shortly after it is created. // We use a shared pointer to make sure this object outlives the tls callbacks. auto shared_this = shared_from_this(); tls_->set([shared_this](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(shared_this->proto_config_, shared_this->time_source_, shared_this->api_); }); for (const auto& rule : proto_config_.rules()) { rule_pairs_.emplace_back(Matcher::create(rule), Verifier::create(rule.requires(), proto_config_.providers(), *this)); } if (proto_config_.has_filter_state_rules()) { filter_state_name_ = proto_config_.filter_state_rules().name(); for (const auto& it : proto_config_.filter_state_rules().requires()) { filter_state_verifiers_.emplace( it.first, Verifier::create(it.second, proto_config_.providers(), *this)); } } } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter_config.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/router/string_accessor.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/thread_local/thread_local.h" #include "extensions/filters/http/jwt_authn/matcher.h" #include "extensions/filters/http/jwt_authn/verifier.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { /** * Making cache as a thread local object, its read/write operations don't need to be protected. * Now it only has jwks_cache, but in the future, it will have token cache: to cache the tokens * with their verification results. */ class ThreadLocalCache : public ThreadLocal::ThreadLocalObject { public: // Load the config from envoy config. ThreadLocalCache(const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& config, TimeSource& time_source, Api::Api& api) { jwks_cache_ = JwksCache::create(config, time_source, api); } // Get the JwksCache object. JwksCache& getJwksCache() { return *jwks_cache_; } private: // The JwksCache object. JwksCachePtr jwks_cache_; }; /** * All stats for the Jwt Authn filter. @see stats_macros.h */ #define ALL_JWT_AUTHN_FILTER_STATS(COUNTER) \ COUNTER(allowed) \ COUNTER(cors_preflight_bypassed) \ COUNTER(denied) /** * Wrapper struct for jwt_authn filter stats. @see stats_macros.h */ struct JwtAuthnFilterStats { ALL_JWT_AUTHN_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * The filter config interface. It is an interface so that we can mock it in tests. */ class FilterConfig { public: virtual ~FilterConfig() = default; virtual JwtAuthnFilterStats& stats() PURE; virtual bool bypassCorsPreflightRequest() const PURE; // Finds the matcher that matched the header virtual const Verifier* findVerifier(const Http::RequestHeaderMap& headers, const StreamInfo::FilterState& filter_state) const PURE; }; using FilterConfigSharedPtr = std::shared_ptr; /** * The filter config object to hold config and relevant objects. */ class FilterConfigImpl : public Logger::Loggable, public FilterConfig, public AuthFactory, public std::enable_shared_from_this { public: ~FilterConfigImpl() override = default; // Finds the matcher that matched the header static std::shared_ptr create(envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { // We can't use make_shared here because the constructor of this class is private. std::shared_ptr ptr( new FilterConfigImpl(proto_config, stats_prefix, context)); ptr->init(); return ptr; } // Get per-thread cache object. ThreadLocalCache& getCache() const { return tls_->getTyped(); } Upstream::ClusterManager& cm() const { return cm_; } TimeSource& timeSource() const { return time_source_; } // FilterConfig JwtAuthnFilterStats& stats() override { return stats_; } bool bypassCorsPreflightRequest() const override { return proto_config_.bypass_cors_preflight(); } const Verifier* findVerifier(const Http::RequestHeaderMap& headers, const StreamInfo::FilterState& filter_state) const override { for (const auto& pair : rule_pairs_) { if (pair.matcher_->matches(headers)) { return pair.verifier_.get(); } } if (!filter_state_name_.empty() && !filter_state_verifiers_.empty() && filter_state.hasData(filter_state_name_)) { const auto& state = filter_state.getDataReadOnly(filter_state_name_); ENVOY_LOG(debug, "use filter state value {} to find verifier.", state.asString()); const auto& it = filter_state_verifiers_.find(state.asString()); if (it != filter_state_verifiers_.end()) { return it->second.get(); } } return nullptr; } // methods for AuthFactory interface. Factory method to help create authenticators. AuthenticatorPtr create(const ::google::jwt_verify::CheckAudience* check_audience, const absl::optional& provider, bool allow_failed, bool allow_missing) const override { return Authenticator::create(check_audience, provider, allow_failed, allow_missing, getCache().getJwksCache(), cm(), Common::JwksFetcher::create, timeSource()); } private: FilterConfigImpl(envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) : proto_config_(std::move(proto_config)), stats_(generateStats(stats_prefix, context.scope())), tls_(context.threadLocal().allocateSlot()), cm_(context.clusterManager()), time_source_(context.dispatcher().timeSource()), api_(context.api()) {} void init(); JwtAuthnFilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + "jwt_authn."; return {ALL_JWT_AUTHN_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } struct MatcherVerifierPair { MatcherVerifierPair(MatcherConstPtr matcher, VerifierConstPtr verifier) : matcher_(std::move(matcher)), verifier_(std::move(verifier)) {} MatcherConstPtr matcher_; VerifierConstPtr verifier_; }; // The proto config. envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication proto_config_; // The stats for the filter. JwtAuthnFilterStats stats_; // Thread local slot to store per-thread auth store ThreadLocal::SlotPtr tls_; // the cluster manager object. Upstream::ClusterManager& cm_; // The list of rule matchers. std::vector rule_pairs_; // The filter state name to lookup filter_state_rules. std::string filter_state_name_; // The filter state verifier map from filter_state_rules. absl::flat_hash_map filter_state_verifiers_; TimeSource& time_source_; Api::Api& api_; }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter_factory.cc ================================================ #include "extensions/filters/http/jwt_authn/filter_factory.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.validate.h" #include "envoy/registry/registry.h" #include "common/config/datasource.h" #include "extensions/filters/http/jwt_authn/filter.h" #include "jwt_verify_lib/jwks.h" using envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication; using ::google::jwt_verify::Jwks; using ::google::jwt_verify::Status; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { /** * Validate inline jwks, make sure they are the valid */ void validateJwtConfig(const JwtAuthentication& proto_config, Api::Api& api) { for (const auto& it : proto_config.providers()) { const auto& provider = it.second; const auto inline_jwks = Config::DataSource::read(provider.local_jwks(), true, api); if (!inline_jwks.empty()) { auto jwks_obj = Jwks::createFrom(inline_jwks, Jwks::JWKS); if (jwks_obj->getStatus() != Status::Ok) { throw EnvoyException(fmt::format( "Issuer '{}' in jwt_authn config has invalid local jwks: {}", provider.issuer(), ::google::jwt_verify::getStatusString(jwks_obj->getStatus()))); } } } } } // namespace Http::FilterFactoryCb FilterFactory::createFilterFactoryFromProtoTyped(const JwtAuthentication& proto_config, const std::string& prefix, Server::Configuration::FactoryContext& context) { validateJwtConfig(proto_config, context.api()); auto filter_config = FilterConfigImpl::create(proto_config, prefix, context); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(filter_config)); }; } /** * Static registration for this jwt_authn filter. @see RegisterFactory. */ REGISTER_FACTORY(FilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/filter_factory.h ================================================ #pragma once #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.validate.h" #include "envoy/server/filter_config.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { /** * Config registration for jwt_authn filter. */ class FilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication> { public: FilterFactory() : FactoryBase(HttpFilterNames::get().JwtAuthn) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/jwks_cache.cc ================================================ #include "extensions/filters/http/jwt_authn/jwks_cache.h" #include #include "envoy/common/time.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "common/common/logger.h" #include "common/config/datasource.h" #include "common/protobuf/utility.h" #include "absl/container/node_hash_map.h" #include "jwt_verify_lib/check_audience.h" using envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication; using envoy::extensions::filters::http::jwt_authn::v3::JwtProvider; using ::google::jwt_verify::Jwks; using ::google::jwt_verify::Status; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { // Default cache expiration time in 5 minutes. constexpr int PubkeyCacheExpirationSec = 600; class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable { public: JwksDataImpl(const JwtProvider& jwt_provider, TimeSource& time_source, Api::Api& api) : jwt_provider_(jwt_provider), time_source_(time_source) { std::vector audiences; for (const auto& aud : jwt_provider_.audiences()) { audiences.push_back(aud); } audiences_ = std::make_unique<::google::jwt_verify::CheckAudience>(audiences); const auto inline_jwks = Config::DataSource::read(jwt_provider_.local_jwks(), true, api); if (!inline_jwks.empty()) { auto ptr = setKey( ::google::jwt_verify::Jwks::createFrom(inline_jwks, ::google::jwt_verify::Jwks::JWKS), std::chrono::steady_clock::time_point::max()); if (ptr->getStatus() != Status::Ok) { ENVOY_LOG(warn, "Invalid inline jwks for issuer: {}, jwks: {}", jwt_provider_.issuer(), inline_jwks); jwks_obj_.reset(nullptr); } } } const JwtProvider& getJwtProvider() const override { return jwt_provider_; } bool areAudiencesAllowed(const std::vector& jwt_audiences) const override { return audiences_->areAudiencesAllowed(jwt_audiences); } const Jwks* getJwksObj() const override { return jwks_obj_.get(); } bool isExpired() const override { return time_source_.monotonicTime() >= expiration_time_; } const ::google::jwt_verify::Jwks* setRemoteJwks(::google::jwt_verify::JwksPtr&& jwks) override { return setKey(std::move(jwks), getRemoteJwksExpirationTime()); } private: // Get the expiration time for a remote Jwks std::chrono::steady_clock::time_point getRemoteJwksExpirationTime() const { auto expire = time_source_.monotonicTime(); if (jwt_provider_.has_remote_jwks() && jwt_provider_.remote_jwks().has_cache_duration()) { expire += std::chrono::milliseconds( DurationUtil::durationToMilliseconds(jwt_provider_.remote_jwks().cache_duration())); } else { expire += std::chrono::seconds(PubkeyCacheExpirationSec); } return expire; } const ::google::jwt_verify::Jwks* setKey(::google::jwt_verify::JwksPtr&& jwks, MonotonicTime expire) { jwks_obj_ = std::move(jwks); expiration_time_ = expire; return jwks_obj_.get(); } // The jwt provider config. const JwtProvider& jwt_provider_; // Check audience object ::google::jwt_verify::CheckAudiencePtr audiences_; // The generated jwks object. ::google::jwt_verify::JwksPtr jwks_obj_; TimeSource& time_source_; // The pubkey expiration time. MonotonicTime expiration_time_; }; class JwksCacheImpl : public JwksCache { public: // Load the config from envoy config. JwksCacheImpl(const JwtAuthentication& config, TimeSource& time_source, Api::Api& api) { for (const auto& it : config.providers()) { const auto& provider = it.second; jwks_data_map_.emplace(it.first, JwksDataImpl(provider, time_source, api)); if (issuer_ptr_map_.find(provider.issuer()) == issuer_ptr_map_.end()) { issuer_ptr_map_.emplace(provider.issuer(), findByProvider(it.first)); } } } JwksData* findByIssuer(const std::string& issuer) override { const auto it = issuer_ptr_map_.find(issuer); if (it == issuer_ptr_map_.end()) { return nullptr; } return it->second; } JwksData* findByProvider(const std::string& provider) final { const auto it = jwks_data_map_.find(provider); if (it == jwks_data_map_.end()) { return nullptr; } return &it->second; } private: // The Jwks data map indexed by provider. absl::node_hash_map jwks_data_map_; // The Jwks data pointer map indexed by issuer. absl::node_hash_map issuer_ptr_map_; }; } // namespace JwksCachePtr JwksCache::create(const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& config, TimeSource& time_source, Api::Api& api) { return JwksCachePtr(new JwksCacheImpl(config, time_source, api)); } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/jwks_cache.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "jwt_verify_lib/jwks.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { class JwksCache; using JwksCachePtr = std::unique_ptr; /** * Interface to access all configured Jwt rules and their cached Jwks objects. * It only caches Jwks specified in the config. * Its usage: * auto jwks_cache = JwksCache::create(Config); * * // for a given jwt * auto jwks_data = jwks_cache->findByIssuer(jwt->getIssuer()); * if (!jwks_data->areAudiencesAllowed(jwt->getAudiences())) reject; * * if (jwks_data->getJwksObj() == nullptr || jwks_data->isExpired()) { * // Fetch remote Jwks. * jwks_data->setRemoteJwks(remote_jwks_str); * } * * verifyJwt(jwks_data->getJwksObj(), jwt); */ class JwksCache { public: virtual ~JwksCache() = default; // Interface to access a Jwks config rule and its cached Jwks object. class JwksData { public: virtual ~JwksData() = default; // Check if a list of audiences are allowed. virtual bool areAudiencesAllowed(const std::vector& audiences) const PURE; // Get the cached config: JWT rule. virtual const envoy::extensions::filters::http::jwt_authn::v3::JwtProvider& getJwtProvider() const PURE; // Get the Jwks object. virtual const ::google::jwt_verify::Jwks* getJwksObj() const PURE; // Return true if jwks object is expired. virtual bool isExpired() const PURE; // Set a remote Jwks. virtual const ::google::jwt_verify::Jwks* setRemoteJwks(::google::jwt_verify::JwksPtr&& jwks) PURE; }; // Lookup issuer cache map. The cache only stores Jwks specified in the config. virtual JwksData* findByIssuer(const std::string& issuer) PURE; virtual JwksData* findByProvider(const std::string& provider) PURE; // Factory function to create an instance. static JwksCachePtr create(const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& config, TimeSource& time_source, Api::Api& api); }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/matcher.cc ================================================ #include "extensions/filters/http/jwt_authn/matcher.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/common/regex.h" #include "common/router/config_impl.h" #include "absl/strings/match.h" using envoy::config::route::v3::RouteMatch; using envoy::extensions::filters::http::jwt_authn::v3::RequirementRule; using Envoy::Router::ConfigUtility; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { /** * Perform a match against any HTTP header or pseudo-header. */ class BaseMatcherImpl : public Matcher, public Logger::Loggable { public: BaseMatcherImpl(const RequirementRule& rule) : case_sensitive_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(rule.match(), case_sensitive, true)), config_headers_(Http::HeaderUtility::buildHeaderDataVector(rule.match().headers())) { for (const auto& query_parameter : rule.match().query_parameters()) { config_query_parameters_.push_back( std::make_unique(query_parameter)); } } // Check match for HeaderMatcher and QueryParameterMatcher bool matchRoute(const Http::RequestHeaderMap& headers) const { bool matches = true; // TODO(potatop): matching on RouteMatch runtime is not implemented. matches &= Http::HeaderUtility::matchHeaders(headers, config_headers_); if (!config_query_parameters_.empty()) { Http::Utility::QueryParams query_parameters = Http::Utility::parseQueryString(headers.getPathValue()); matches &= ConfigUtility::matchQueryParams(query_parameters, config_query_parameters_); } return matches; } protected: const bool case_sensitive_; private: std::vector config_headers_; std::vector config_query_parameters_; }; /** * Perform a match against any path with prefix rule. */ class PrefixMatcherImpl : public BaseMatcherImpl { public: PrefixMatcherImpl(const RequirementRule& rule) : BaseMatcherImpl(rule), prefix_(rule.match().prefix()), path_matcher_(Matchers::PathMatcher::createPrefix(prefix_, !case_sensitive_)) {} bool matches(const Http::RequestHeaderMap& headers) const override { if (BaseMatcherImpl::matchRoute(headers) && path_matcher_->match(headers.getPathValue())) { ENVOY_LOG(debug, "Prefix requirement '{}' matched.", prefix_); return true; } return false; } private: // prefix string const std::string prefix_; const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** * Perform a match against any path with a specific path rule. */ class PathMatcherImpl : public BaseMatcherImpl { public: PathMatcherImpl(const RequirementRule& rule) : BaseMatcherImpl(rule), path_(rule.match().path()), path_matcher_(Matchers::PathMatcher::createExact(path_, !case_sensitive_)) {} bool matches(const Http::RequestHeaderMap& headers) const override { if (BaseMatcherImpl::matchRoute(headers) && path_matcher_->match(headers.getPathValue())) { ENVOY_LOG(debug, "Path requirement '{}' matched.", path_); return true; } return false; } private: // path string. const std::string path_; const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** * Perform a match against any path with a regex rule. * TODO(mattklein123): This code needs dedup with RegexRouteEntryImpl. */ class RegexMatcherImpl : public BaseMatcherImpl { public: RegexMatcherImpl(const RequirementRule& rule) : BaseMatcherImpl(rule) { // TODO(yangminzhu): Use PathMatcher once hidden_envoy_deprecated_regex is removed. if (rule.match().path_specifier_case() == envoy::config::route::v3::RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex) { regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( rule.match().hidden_envoy_deprecated_regex()); regex_str_ = rule.match().hidden_envoy_deprecated_regex(); } else { ASSERT(rule.match().path_specifier_case() == envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); regex_ = Regex::Utility::parseRegex(rule.match().safe_regex()); regex_str_ = rule.match().safe_regex().regex(); } } bool matches(const Http::RequestHeaderMap& headers) const override { if (BaseMatcherImpl::matchRoute(headers)) { const Http::HeaderString& path = headers.Path()->value(); const absl::string_view query_string = Http::Utility::findQueryStringStart(path); absl::string_view path_view = path.getStringView(); path_view.remove_suffix(query_string.length()); if (regex_->match(path_view)) { ENVOY_LOG(debug, "Regex requirement '{}' matched.", regex_str_); return true; } } return false; } private: Regex::CompiledMatcherPtr regex_; // raw regex string, for logging. std::string regex_str_; }; /** * Perform a match against an HTTP CONNECT request. */ class ConnectMatcherImpl : public BaseMatcherImpl { public: ConnectMatcherImpl(const RequirementRule& rule) : BaseMatcherImpl(rule) {} bool matches(const Http::RequestHeaderMap& headers) const override { if (Http::HeaderUtility::isConnect(headers) && BaseMatcherImpl::matchRoute(headers)) { ENVOY_LOG(debug, "CONNECT requirement matched."); return true; } return false; } }; } // namespace MatcherConstPtr Matcher::create(const RequirementRule& rule) { switch (rule.match().path_specifier_case()) { case RouteMatch::PathSpecifierCase::kPrefix: return std::make_unique(rule); case RouteMatch::PathSpecifierCase::kPath: return std::make_unique(rule); case RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex: case RouteMatch::PathSpecifierCase::kSafeRegex: return std::make_unique(rule); case RouteMatch::PathSpecifierCase::kConnectMatcher: return std::make_unique(rule); default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/matcher.h ================================================ #pragma once #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/http/header_map.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { class Matcher; using MatcherConstPtr = std::unique_ptr; /** * Supports matching a HTTP requests with JWT requirements. */ class Matcher { public: virtual ~Matcher() = default; /** * Returns if a HTTP request matches with the rules of the matcher. * * @param headers the request headers used to match against. An empty map should be used if * there are none headers available. * @return true if request is a match, false otherwise. */ virtual bool matches(const Http::RequestHeaderMap& headers) const PURE; /** * Factory method to create a shared instance of a matcher based on the rule defined. * * @param rule the proto rule match message. * @return the matcher instance. */ static MatcherConstPtr create(const envoy::extensions::filters::http::jwt_authn::v3::RequirementRule& rule); }; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/verifier.cc ================================================ #include "extensions/filters/http/jwt_authn/verifier.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "jwt_verify_lib/check_audience.h" using envoy::extensions::filters::http::jwt_authn::v3::JwtProvider; using envoy::extensions::filters::http::jwt_authn::v3::JwtRequirement; using envoy::extensions::filters::http::jwt_authn::v3::JwtRequirementAndList; using envoy::extensions::filters::http::jwt_authn::v3::JwtRequirementOrList; using ::google::jwt_verify::CheckAudience; using ::google::jwt_verify::Status; namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { namespace { /** * Struct to keep track of verifier completed and responded state for a request. */ struct CompletionState { // if verifier node has responded to a request or not. bool is_completed_{false}; // number of completed inner verifier for an any/all verifier. std::size_t number_completed_children_{0}; // A valid error for a RequireAny Status any_valid_error_{Status::Ok}; }; class ContextImpl : public Verifier::Context { public: ContextImpl(Http::RequestHeaderMap& headers, Tracing::Span& parent_span, Verifier::Callbacks* callback) : headers_(headers), parent_span_(parent_span), callback_(callback) {} Http::RequestHeaderMap& headers() const override { return headers_; } Tracing::Span& parentSpan() const override { return parent_span_; } Verifier::Callbacks* callback() const override { return callback_; } void cancel() override { for (const auto& it : auths_) { it->onDestroy(); } } // Get Response data which can be used to check if a verifier node has responded or not. CompletionState& getCompletionState(const Verifier* verifier) { return completion_states_[verifier]; } // Stores an authenticator object for this request. void storeAuth(AuthenticatorPtr&& auth) { auths_.emplace_back(std::move(auth)); } // Add a pair of (name, payload), called by Authenticator void addPayload(const std::string& name, const ProtobufWkt::Struct& payload) { *(*payload_.mutable_fields())[name].mutable_struct_value() = payload; } void setPayload() { if (!payload_.fields().empty()) { callback_->setPayload(payload_); } } private: Http::RequestHeaderMap& headers_; Tracing::Span& parent_span_; Verifier::Callbacks* callback_; absl::node_hash_map completion_states_; std::vector auths_; ProtobufWkt::Struct payload_; }; // base verifier for provider_name, provider_and_audiences, and allow_missing_or_failed. class BaseVerifierImpl : public Logger::Loggable, public Verifier { public: BaseVerifierImpl(const BaseVerifierImpl* parent) : parent_(parent) {} void completeWithStatus(Status status, ContextImpl& context) const { if (parent_ != nullptr) { return parent_->onComplete(status, context); } if (Status::Ok == status) { context.setPayload(); } context.callback()->onComplete(status); context.cancel(); } // Check if next verifier should be notified of status, or if no next verifier exists signal // callback in context. virtual void onComplete(const Status& status, ContextImpl& context) const { auto& completion_state = context.getCompletionState(this); if (!completion_state.is_completed_) { completion_state.is_completed_ = true; completeWithStatus(status, context); } } protected: // The parent group verifier. const BaseVerifierImpl* const parent_; }; // Provider specific verifier class ProviderVerifierImpl : public BaseVerifierImpl { public: ProviderVerifierImpl(const std::string& provider_name, const AuthFactory& factory, const JwtProvider& provider, const BaseVerifierImpl* parent) : BaseVerifierImpl(parent), auth_factory_(factory), extractor_(Extractor::create(provider)), provider_name_(absl::make_optional(provider_name)) {} void verify(ContextSharedPtr context) const override { auto& ctximpl = static_cast(*context); auto auth = auth_factory_.create(getAudienceChecker(), provider_name_, false, false); extractor_->sanitizePayloadHeaders(ctximpl.headers()); auth->verify( ctximpl.headers(), ctximpl.parentSpan(), extractor_->extract(ctximpl.headers()), [&ctximpl](const std::string& name, const ProtobufWkt::Struct& payload) { ctximpl.addPayload(name, payload); }, [this, context](const Status& status) { onComplete(status, static_cast(*context)); }); if (!ctximpl.getCompletionState(this).is_completed_) { ctximpl.storeAuth(std::move(auth)); } else { auth->onDestroy(); } } protected: virtual const CheckAudience* getAudienceChecker() const { return nullptr; } private: const AuthFactory& auth_factory_; const ExtractorConstPtr extractor_; const absl::optional provider_name_; }; class ProviderAndAudienceVerifierImpl : public ProviderVerifierImpl { public: ProviderAndAudienceVerifierImpl(const std::string& provider_name, const AuthFactory& factory, const JwtProvider& provider, const BaseVerifierImpl* parent, const std::vector& config_audiences) : ProviderVerifierImpl(provider_name, factory, provider, parent), check_audience_(std::make_unique(config_audiences)) {} private: const CheckAudience* getAudienceChecker() const override { return check_audience_.get(); } // Check audience object ::google::jwt_verify::CheckAudiencePtr check_audience_; }; // Allow missing or failed verifier class AllowFailedVerifierImpl : public BaseVerifierImpl { public: AllowFailedVerifierImpl(const AuthFactory& factory, const JwtProviderList& providers, const BaseVerifierImpl* parent) : BaseVerifierImpl(parent), auth_factory_(factory), extractor_(Extractor::create(providers)) { } void verify(ContextSharedPtr context) const override { auto& ctximpl = static_cast(*context); auto auth = auth_factory_.create(nullptr, absl::nullopt, true, true); extractor_->sanitizePayloadHeaders(ctximpl.headers()); auth->verify( ctximpl.headers(), ctximpl.parentSpan(), extractor_->extract(ctximpl.headers()), [&ctximpl](const std::string& name, const ProtobufWkt::Struct& payload) { ctximpl.addPayload(name, payload); }, [this, context](const Status& status) { onComplete(status, static_cast(*context)); }); if (!ctximpl.getCompletionState(this).is_completed_) { ctximpl.storeAuth(std::move(auth)); } else { auth->onDestroy(); } } private: const AuthFactory& auth_factory_; // const Extractor& extractor_; const ExtractorConstPtr extractor_; }; class AllowMissingVerifierImpl : public BaseVerifierImpl { public: AllowMissingVerifierImpl(const AuthFactory& factory, const JwtProviderList& providers, const BaseVerifierImpl* parent) : BaseVerifierImpl(parent), auth_factory_(factory), extractor_(Extractor::create(providers)) { } void verify(ContextSharedPtr context) const override { ENVOY_LOG(debug, "Called AllowMissingVerifierImpl.verify : {}", __func__); auto& ctximpl = static_cast(*context); auto auth = auth_factory_.create(nullptr, absl::nullopt, false /* allow failed */, true /* allow missing */); extractor_->sanitizePayloadHeaders(ctximpl.headers()); auth->verify( ctximpl.headers(), ctximpl.parentSpan(), extractor_->extract(ctximpl.headers()), [&ctximpl](const std::string& name, const ProtobufWkt::Struct& payload) { ctximpl.addPayload(name, payload); }, [this, context](const Status& status) { onComplete(status, static_cast(*context)); }); if (!ctximpl.getCompletionState(this).is_completed_) { ctximpl.storeAuth(std::move(auth)); } else { auth->onDestroy(); } } private: const AuthFactory& auth_factory_; const ExtractorConstPtr extractor_; }; VerifierConstPtr innerCreate(const JwtRequirement& requirement, const Protobuf::Map& providers, const AuthFactory& factory, const std::vector parent_provider_names, const BaseVerifierImpl* parent); // Base verifier for requires all or any. class BaseGroupVerifierImpl : public BaseVerifierImpl { public: BaseGroupVerifierImpl(const BaseVerifierImpl* parent) : BaseVerifierImpl(parent) {} void verify(ContextSharedPtr context) const override { auto& ctximpl = static_cast(*context); for (const auto& it : verifiers_) { if (ctximpl.getCompletionState(this).is_completed_) { return; } it->verify(context); } } protected: // The list of requirement verifiers std::vector verifiers_; }; // Requires any verifier. class AnyVerifierImpl : public BaseGroupVerifierImpl { public: AnyVerifierImpl(const JwtRequirementOrList& or_list, const AuthFactory& factory, const Protobuf::Map& providers, const BaseVerifierImpl* parent) : BaseGroupVerifierImpl(parent) { const JwtRequirement* by_pass_type_requirement = nullptr; std::vector used_providers; for (const auto& it : or_list.requirements()) { bool is_regular_requirement = true; switch (it.requires_type_case()) { case JwtRequirement::RequiresTypeCase::kProviderName: used_providers.emplace_back(it.provider_name()); break; case JwtRequirement::RequiresTypeCase::kProviderAndAudiences: used_providers.emplace_back(it.provider_and_audiences().provider_name()); break; case JwtRequirement::RequiresTypeCase::kAllowMissingOrFailed: case JwtRequirement::RequiresTypeCase::kAllowMissing: is_regular_requirement = false; if (by_pass_type_requirement == nullptr || by_pass_type_requirement->requires_type_case() == JwtRequirement::RequiresTypeCase::kAllowMissing) { // We need to keep only one by_pass_type_requirement. If both // kAllowMissing and kAllowMissingOrFailed are set, use // kAllowMissingOrFailed. by_pass_type_requirement = ⁢ } default: break; } if (is_regular_requirement) { verifiers_.emplace_back( innerCreate(it, providers, factory, std::vector{}, this)); } } if (by_pass_type_requirement) { verifiers_.emplace_back( innerCreate(*by_pass_type_requirement, providers, factory, used_providers, this)); } } void onComplete(const Status& status, ContextImpl& context) const override { auto& completion_state = context.getCompletionState(this); if (completion_state.is_completed_) { return; } // For RequireAny: usually it returns the error from the last provider. // But if a Jwt is not for a provider, its auth returns JwtMissed or JwtUnknownIssuer. // Such error should not be used as the final error if there are other valid errors. if (status != Status::Ok && status != Status::JwtMissed && status != Status::JwtUnknownIssuer) { completion_state.any_valid_error_ = status; } if (++completion_state.number_completed_children_ == verifiers_.size() || Status::Ok == status) { completion_state.is_completed_ = true; Status final_status = status; if (status != Status::Ok && completion_state.any_valid_error_ != Status::Ok) { final_status = completion_state.any_valid_error_; } completeWithStatus(final_status, context); } } }; // Requires all verifier class AllVerifierImpl : public BaseGroupVerifierImpl { public: AllVerifierImpl(const JwtRequirementAndList& and_list, const AuthFactory& factory, const Protobuf::Map& providers, // const Extractor& extractor_for_allow_fail, const BaseVerifierImpl* parent) : BaseGroupVerifierImpl(parent) { for (const auto& it : and_list.requirements()) { verifiers_.emplace_back( innerCreate(it, providers, factory, std::vector{}, this)); } } void onComplete(const Status& status, ContextImpl& context) const override { auto& completion_state = context.getCompletionState(this); if (completion_state.is_completed_) { return; } if (++completion_state.number_completed_children_ == verifiers_.size() || Status::Ok != status) { completion_state.is_completed_ = true; completeWithStatus(status, context); } } }; // Match all, for requirement not set class AllowAllVerifierImpl : public BaseVerifierImpl { public: AllowAllVerifierImpl(const BaseVerifierImpl* parent) : BaseVerifierImpl(parent) {} void verify(ContextSharedPtr context) const override { completeWithStatus(Status::Ok, static_cast(*context)); } }; VerifierConstPtr innerCreate(const JwtRequirement& requirement, const Protobuf::Map& providers, const AuthFactory& factory, const std::vector parent_provider_names, const BaseVerifierImpl* parent) { std::string provider_name; std::vector audiences; JwtProviderList parent_providers; for (const auto& name : parent_provider_names) { const auto& it = providers.find(name); if (it == providers.end()) { throw EnvoyException(fmt::format("Required provider ['{}'] is not configured.", name)); } parent_providers.emplace_back(&it->second); } switch (requirement.requires_type_case()) { case JwtRequirement::RequiresTypeCase::kProviderName: provider_name = requirement.provider_name(); break; case JwtRequirement::RequiresTypeCase::kProviderAndAudiences: for (const auto& it : requirement.provider_and_audiences().audiences()) { audiences.emplace_back(it); } provider_name = requirement.provider_and_audiences().provider_name(); break; case JwtRequirement::RequiresTypeCase::kRequiresAny: return std::make_unique(requirement.requires_any(), factory, providers, parent); case JwtRequirement::RequiresTypeCase::kRequiresAll: return std::make_unique(requirement.requires_all(), factory, providers, parent); case JwtRequirement::RequiresTypeCase::kAllowMissingOrFailed: return std::make_unique(factory, parent_providers, parent); case JwtRequirement::RequiresTypeCase::kAllowMissing: return std::make_unique(factory, parent_providers, parent); case JwtRequirement::RequiresTypeCase::REQUIRES_TYPE_NOT_SET: return std::make_unique(parent); default: NOT_REACHED_GCOVR_EXCL_LINE; } const auto& it = providers.find(provider_name); if (it == providers.end()) { throw EnvoyException(fmt::format("Required provider ['{}'] is not configured.", provider_name)); } if (audiences.empty()) { return std::make_unique(provider_name, factory, it->second, parent); } return std::make_unique(provider_name, factory, it->second, parent, audiences); } } // namespace ContextSharedPtr Verifier::createContext(Http::RequestHeaderMap& headers, Tracing::Span& parent_span, Callbacks* callback) { return std::make_shared(headers, parent_span, callback); } VerifierConstPtr Verifier::create(const JwtRequirement& requirement, const Protobuf::Map& providers, const AuthFactory& factory) { return innerCreate(requirement, providers, factory, std::vector{}, nullptr); } } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/jwt_authn/verifier.h ================================================ #pragma once #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "extensions/filters/http/jwt_authn/authenticator.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace JwtAuthn { class Verifier; using VerifierConstPtr = std::unique_ptr; /** * Supports verification of JWTs with configured requirements. */ class Verifier { public: virtual ~Verifier() = default; /** * Handle for notifying Verifier callers of request completion. */ class Callbacks { public: virtual ~Callbacks() = default; /** * Successfully verified JWT payload are stored in the struct with its * *fields* containing **issuer** as keys and **payload** as string values * This function is called before onComplete() function. * It will not be called if no payload to write. */ virtual void setPayload(const ProtobufWkt::Struct& payload) PURE; /** * Called on completion of request. * * @param status the status of the request. */ virtual void onComplete(const ::google::jwt_verify::Status& status) PURE; }; // Context object to hold data needed for verifier. class Context { public: virtual ~Context() = default; /** * Returns the request headers wrapped in this context. * * @return the request headers. */ virtual Http::HeaderMap& headers() const PURE; /** * Returns the active span wrapped in this context. * * @return the active span. */ virtual Tracing::Span& parentSpan() const PURE; /** * Returns the request callback wrapped in this context. * * @returns the request callback. */ virtual Callbacks* callback() const PURE; /** * Cancel any pending requests for this context. */ virtual void cancel() PURE; }; using ContextSharedPtr = std::shared_ptr; // Verify all tokens on headers, and signal the caller with callback. virtual void verify(ContextSharedPtr context) const PURE; // Factory method for creating verifiers. static VerifierConstPtr create( const envoy::extensions::filters::http::jwt_authn::v3::JwtRequirement& requirement, const Protobuf::Map& providers, const AuthFactory& factory); // Factory method for creating verifier contexts. static ContextSharedPtr createContext(Http::RequestHeaderMap& headers, Tracing::Span& parent_span, Callbacks* callback); }; using ContextSharedPtr = std::shared_ptr; } // namespace JwtAuthn } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/local_ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Local Ratelimit L7 HTTP filter # Public docs: docs/root/configuration/http_filters/local_rate_limit_filter.rst envoy_extension_package() envoy_cc_library( name = "local_ratelimit_lib", srcs = ["local_ratelimit.cc"], hdrs = ["local_ratelimit.h"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_macros", "//source/common/common:utility_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/router:header_parser_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/common/local_ratelimit:local_ratelimit_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/local_ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", deps = [ ":local_ratelimit_lib", "//include/envoy/http:filter_interface", "//source/common/protobuf:utility_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/local_ratelimit/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/local_ratelimit/config.cc ================================================ #include "extensions/filters/http/local_ratelimit/config.h" #include #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/local_ratelimit/local_ratelimit.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace LocalRateLimitFilter { Http::FilterFactoryCb LocalRateLimitFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { FilterConfigSharedPtr filter_config = std::make_shared( proto_config, context.dispatcher(), context.scope(), context.runtime()); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(filter_config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr LocalRateLimitFilterConfig::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config, context.dispatcher(), context.scope(), context.runtime(), true); } /** * Static registration for the rate limit filter. @see RegisterFactory. */ REGISTER_FACTORY(LocalRateLimitFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.local_rate_limit"}; } // namespace LocalRateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/local_ratelimit/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace LocalRateLimitFilter { /** * Config registration for the local rate limit filter. @see NamedHttpFilterConfigFactory. */ class LocalRateLimitFilterConfig : public Common::FactoryBase< envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit> { public: LocalRateLimitFilterConfig() : FactoryBase("envoy.filters.http.local_ratelimit") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; }; } // namespace LocalRateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/local_ratelimit/local_ratelimit.cc ================================================ #include "extensions/filters/http/local_ratelimit/local_ratelimit.h" #include #include #include "envoy/http/codes.h" #include "common/http/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace LocalRateLimitFilter { FilterConfig::FilterConfig( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& config, Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::Loader& runtime, const bool per_route) : status_(toErrorCode(config.status().code())), stats_(generateStats(config.stat_prefix(), scope)), rate_limiter_(Filters::Common::LocalRateLimit::LocalRateLimiterImpl( std::chrono::milliseconds( PROTOBUF_GET_MS_OR_DEFAULT(config.token_bucket(), fill_interval, 0)), config.token_bucket().max_tokens(), PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.token_bucket(), tokens_per_fill, 1), dispatcher)), runtime_(runtime), filter_enabled_( config.has_filter_enabled() ? absl::optional( Envoy::Runtime::FractionalPercent(config.filter_enabled(), runtime_)) : absl::nullopt), filter_enforced_( config.has_filter_enabled() ? absl::optional( Envoy::Runtime::FractionalPercent(config.filter_enforced(), runtime_)) : absl::nullopt), response_headers_parser_( Envoy::Router::HeaderParser::configure(config.response_headers_to_add())) { // Note: no token bucket is fine for the global config, which would be the case for enabling // the filter globally but disabled and then applying limits at the virtual host or // route level. At the virtual or route level, it makes no sense to have an no token // bucket so we throw an error. If there's no token bucket configured globally or // at the vhost/route level, no rate limiting is applied. if (per_route && !config.has_token_bucket()) { throw EnvoyException("local rate limit token bucket must be set for per filter configs"); } } bool FilterConfig::requestAllowed() const { return rate_limiter_.requestAllowed(); } LocalRateLimitStats FilterConfig::generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = prefix + ".http_local_rate_limit"; return {ALL_LOCAL_RATE_LIMIT_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } bool FilterConfig::enabled() const { return filter_enabled_.has_value() ? filter_enabled_->enabled() : false; } bool FilterConfig::enforced() const { return filter_enforced_.has_value() ? filter_enforced_->enabled() : false; } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap&, bool) { const auto* config = getConfig(); if (!config->enabled()) { return Http::FilterHeadersStatus::Continue; } config->stats().enabled_.inc(); if (config->requestAllowed()) { config->stats().ok_.inc(); return Http::FilterHeadersStatus::Continue; } config->stats().rate_limited_.inc(); if (!config->enforced()) { return Http::FilterHeadersStatus::Continue; } config->stats().enforced_.inc(); decoder_callbacks_->sendLocalReply( config->status(), "local_rate_limited", [this, config](Http::HeaderMap& headers) { config->responseHeadersParser().evaluateHeaders(headers, decoder_callbacks_->streamInfo()); }, absl::nullopt, "local_rate_limited"); decoder_callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::RateLimited); return Http::FilterHeadersStatus::StopIteration; } const FilterConfig* Filter::getConfig() const { const auto* config = Http::Utility::resolveMostSpecificPerFilterConfig( "envoy.filters.http.local_ratelimit", decoder_callbacks_->route()); if (config) { return config; } return config_.get(); } } // namespace LocalRateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/local_ratelimit/local_ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/http/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/assert.h" #include "common/http/header_map_impl.h" #include "common/router/header_parser.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace LocalRateLimitFilter { /** * All local rate limit stats. @see stats_macros.h */ #define ALL_LOCAL_RATE_LIMIT_STATS(COUNTER) \ COUNTER(enabled) \ COUNTER(enforced) \ COUNTER(rate_limited) \ COUNTER(ok) /** * Struct definition for all local rate limit stats. @see stats_macros.h */ struct LocalRateLimitStats { ALL_LOCAL_RATE_LIMIT_STATS(GENERATE_COUNTER_STRUCT) }; /** * Global configuration for the HTTP local rate limit filter. */ class FilterConfig : public ::Envoy::Router::RouteSpecificFilterConfig { public: FilterConfig(const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& config, Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::Loader& runtime, bool per_route = false); ~FilterConfig() override = default; Runtime::Loader& runtime() { return runtime_; } bool requestAllowed() const; bool enabled() const; bool enforced() const; LocalRateLimitStats& stats() const { return stats_; } const Router::HeaderParser& responseHeadersParser() const { return *response_headers_parser_; } Http::Code status() const { return status_; } private: friend class FilterTest; static LocalRateLimitStats generateStats(const std::string& prefix, Stats::Scope& scope); static Http::Code toErrorCode(uint64_t status) { const auto code = static_cast(status); if (code >= Http::Code::BadRequest) { return code; } return Http::Code::TooManyRequests; } const Http::Code status_; mutable LocalRateLimitStats stats_; Filters::Common::LocalRateLimit::LocalRateLimiterImpl rate_limiter_; Runtime::Loader& runtime_; const absl::optional filter_enabled_; const absl::optional filter_enforced_; Router::HeaderParserPtr response_headers_parser_; }; using FilterConfigSharedPtr = std::shared_ptr; /** * HTTP local rate limit filter. Depending on the route configuration, this filter calls consults * with local token bucket before allowing further filter iteration. */ class Filter : public Http::PassThroughFilter { public: Filter(FilterConfigSharedPtr config) : config_(config) {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; private: friend class FilterTest; const FilterConfig* getConfig() const; FilterConfigSharedPtr config_; }; } // namespace LocalRateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Lua scripting L7 HTTP filter (https://www.lua.org/, http://luajit.org/) # Public docs: docs/root/configuration/http_filters/lua_filter.rst envoy_extension_package() envoy_cc_library( name = "lua_filter_lib", srcs = ["lua_filter.cc"], hdrs = ["lua_filter.h"], deps = [ ":wrappers_lib", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/config:datasource_lib", "//source/common/crypto:utility_lib", "//source/common/http:message_lib", "//source/extensions/common:utility_lib", "//source/extensions/filters/common/lua:lua_lib", "//source/extensions/filters/common/lua:wrappers_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/lua/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "wrappers_lib", srcs = ["wrappers.cc"], hdrs = ["wrappers.h"], deps = [ "//include/envoy/http:header_map_interface", "//include/envoy/stream_info:stream_info_interface", "//source/common/crypto:utility_lib", "//source/common/http:header_utility_lib", "//source/common/http:utility_lib", "//source/extensions/common/crypto:utility_lib", "//source/extensions/filters/common/lua:lua_lib", "//source/extensions/filters/common/lua:wrappers_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/lua:lua_filter_lib", "@envoy_api//envoy/extensions/filters/http/lua/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/lua/config.cc ================================================ #include "extensions/filters/http/lua/config.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/lua/lua_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { Http::FilterFactoryCb LuaFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::lua::v3::Lua& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { FilterConfigConstSharedPtr filter_config(new FilterConfig{ proto_config, context.threadLocal(), context.clusterManager(), context.api()}); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared(filter_config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr LuaFilterConfig::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::lua::v3::LuaPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config, context); } /** * Static registration for the Lua filter. @see RegisterFactory. */ REGISTER_FACTORY(LuaFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.lua"}; } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { /** * Config registration for the Lua filter. @see NamedHttpFilterConfigFactory. */ class LuaFilterConfig : public Common::FactoryBase { public: LuaFilterConfig() : FactoryBase(HttpFilterNames::get().Lua) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::lua::v3::Lua& proto_config, const std::string&, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::lua::v3::LuaPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/lua_filter.cc ================================================ #include "extensions/filters/http/lua/lua_filter.h" #include #include #include "envoy/http/codes.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/config/datasource.h" #include "common/crypto/utility.h" #include "common/http/message_impl.h" #include "absl/strings/escaping.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { namespace { struct HttpResponseCodeDetailValues { const absl::string_view LuaResponse = "lua_response"; }; using HttpResponseCodeDetails = ConstSingleton; const std::string DEPRECATED_LUA_NAME = "envoy.lua"; std::atomic& deprecatedNameLogged() { MUTABLE_CONSTRUCT_ON_FIRST_USE(std::atomic, false); } // Checks if deprecated metadata names are allowed. On the first check only it will log either // a warning (indicating the name should be updated) or an error (the feature is off and the // name is not allowed). When warning, the deprecated feature stat is incremented. Subsequent // checks do not log since this check is done in potentially high-volume request paths. bool allowDeprecatedMetadataName() { if (!deprecatedNameLogged().exchange(true)) { // Have not logged yet, so use the logging test. return Extensions::Common::Utility::ExtensionNameUtil::allowDeprecatedExtensionName( "http filter", DEPRECATED_LUA_NAME, Extensions::HttpFilters::HttpFilterNames::get().Lua); } // We have logged (or another thread will do so momentarily), so just check whether the // deprecated name is allowed. auto status = Extensions::Common::Utility::ExtensionNameUtil::deprecatedExtensionNameStatus(); return status == Extensions::Common::Utility::ExtensionNameUtil::Status::Warn; } const ProtobufWkt::Struct& getMetadata(Http::StreamFilterCallbacks* callbacks) { if (callbacks->route() == nullptr || callbacks->route()->routeEntry() == nullptr) { return ProtobufWkt::Struct::default_instance(); } const auto& metadata = callbacks->route()->routeEntry()->metadata(); { const auto& filter_it = metadata.filter_metadata().find(HttpFilterNames::get().Lua); if (filter_it != metadata.filter_metadata().end()) { return filter_it->second; } } // TODO(zuercher): Remove this block when deprecated filter names are removed. { const auto& filter_it = metadata.filter_metadata().find(DEPRECATED_LUA_NAME); if (filter_it != metadata.filter_metadata().end()) { // Use the non-throwing check here because this happens at request time. if (allowDeprecatedMetadataName()) { return filter_it->second; } } } return ProtobufWkt::Struct::default_instance(); } // Okay to return non-const reference because this doesn't ever get changed. NoopCallbacks& noopCallbacks() { static NoopCallbacks* callbacks = new NoopCallbacks(); return *callbacks; } void buildHeadersFromTable(Http::HeaderMap& headers, lua_State* state, int table_index) { // Build a header map to make the request. We iterate through the provided table to do this and // check that we are getting strings. lua_pushnil(state); while (lua_next(state, table_index) != 0) { // Uses 'key' (at index -2) and 'value' (at index -1). const char* key = luaL_checkstring(state, -2); // Check if the current value is a table, we iterate through the table and add each element of // it as a header entry value for the current key. if (lua_istable(state, -1)) { lua_pushnil(state); while (lua_next(state, -2) != 0) { const char* value = luaL_checkstring(state, -1); headers.addCopy(Http::LowerCaseString(key), value); lua_pop(state, 1); } } else { const char* value = luaL_checkstring(state, -1); headers.addCopy(Http::LowerCaseString(key), value); } // Removes 'value'; keeps 'key' for next iteration. This is the input for lua_next() so that // it can push the next key/value pair onto the stack. lua_pop(state, 1); } } Http::AsyncClient::Request* makeHttpCall(lua_State* state, Filter& filter, Tracing::Span& parent_span, Http::AsyncClient::Callbacks& callbacks) { const std::string cluster = luaL_checkstring(state, 2); luaL_checktype(state, 3, LUA_TTABLE); size_t body_size; const char* body = luaL_optlstring(state, 4, nullptr, &body_size); int timeout_ms = luaL_checkint(state, 5); if (timeout_ms < 0) { luaL_error(state, "http call timeout must be >= 0"); } if (filter.clusterManager().get(cluster) == nullptr) { luaL_error(state, "http call cluster invalid. Must be configured"); } auto headers = Http::RequestHeaderMapImpl::create(); buildHeadersFromTable(*headers, state, 3); Http::RequestMessagePtr message(new Http::RequestMessageImpl(std::move(headers))); // Check that we were provided certain headers. if (message->headers().Path() == nullptr || message->headers().Method() == nullptr || message->headers().Host() == nullptr) { luaL_error(state, "http call headers must include ':path', ':method', and ':authority'"); } if (body != nullptr) { message->body().add(body, body_size); message->headers().setContentLength(body_size); } absl::optional timeout; if (timeout_ms > 0) { timeout = std::chrono::milliseconds(timeout_ms); } auto options = Http::AsyncClient::RequestOptions().setTimeout(timeout).setParentSpan(parent_span); return filter.clusterManager().httpAsyncClientForCluster(cluster).send(std::move(message), callbacks, options); } } // namespace PerLuaCodeSetup::PerLuaCodeSetup(const std::string& lua_code, ThreadLocal::SlotAllocator& tls) : lua_state_(lua_code, tls) { lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); lua_state_.registerType(); request_function_slot_ = lua_state_.registerGlobal("envoy_on_request"); if (lua_state_.getGlobalRef(request_function_slot_) == LUA_REFNIL) { ENVOY_LOG(info, "envoy_on_request() function not found. Lua filter will not hook requests."); } response_function_slot_ = lua_state_.registerGlobal("envoy_on_response"); if (lua_state_.getGlobalRef(response_function_slot_) == LUA_REFNIL) { ENVOY_LOG(info, "envoy_on_response() function not found. Lua filter will not hook responses."); } } StreamHandleWrapper::StreamHandleWrapper(Filters::Common::Lua::Coroutine& coroutine, Http::HeaderMap& headers, bool end_stream, Filter& filter, FilterCallbacks& callbacks) : coroutine_(coroutine), headers_(headers), end_stream_(end_stream), filter_(filter), callbacks_(callbacks), yield_callback_([this]() { if (state_ == State::Running) { throw Filters::Common::Lua::LuaException("script performed an unexpected yield"); } }) {} Http::FilterHeadersStatus StreamHandleWrapper::start(int function_ref) { // We are on the top of the stack. coroutine_.start(function_ref, 1, yield_callback_); Http::FilterHeadersStatus status = (state_ == State::WaitForBody || state_ == State::HttpCall || state_ == State::Responded) ? Http::FilterHeadersStatus::StopIteration : Http::FilterHeadersStatus::Continue; if (status == Http::FilterHeadersStatus::Continue) { headers_continued_ = true; } return status; } Http::FilterDataStatus StreamHandleWrapper::onData(Buffer::Instance& data, bool end_stream) { ASSERT(!end_stream_); end_stream_ = end_stream; saw_body_ = true; if (state_ == State::WaitForBodyChunk) { ENVOY_LOG(trace, "resuming for next body chunk"); Filters::Common::Lua::LuaDeathRef wrapper( Filters::Common::Lua::BufferWrapper::create(coroutine_.luaState(), data), true); state_ = State::Running; coroutine_.resume(1, yield_callback_); } else if (state_ == State::WaitForBody && end_stream_) { ENVOY_LOG(debug, "resuming body due to end stream"); callbacks_.addData(data); state_ = State::Running; coroutine_.resume(luaBody(coroutine_.luaState()), yield_callback_); } else if (state_ == State::WaitForTrailers && end_stream_) { ENVOY_LOG(debug, "resuming nil trailers due to end stream"); state_ = State::Running; coroutine_.resume(0, yield_callback_); } if (state_ == State::HttpCall || state_ == State::WaitForBody) { ENVOY_LOG(trace, "buffering body"); return Http::FilterDataStatus::StopIterationAndBuffer; } else if (state_ == State::Responded) { return Http::FilterDataStatus::StopIterationNoBuffer; } else { headers_continued_ = true; return Http::FilterDataStatus::Continue; } } Http::FilterTrailersStatus StreamHandleWrapper::onTrailers(Http::HeaderMap& trailers) { ASSERT(!end_stream_); end_stream_ = true; trailers_ = &trailers; if (state_ == State::WaitForBodyChunk) { ENVOY_LOG(debug, "resuming nil body chunk due to trailers"); state_ = State::Running; coroutine_.resume(0, yield_callback_); } else if (state_ == State::WaitForBody) { ENVOY_LOG(debug, "resuming body due to trailers"); state_ = State::Running; coroutine_.resume(luaBody(coroutine_.luaState()), yield_callback_); } if (state_ == State::WaitForTrailers) { // Mimic a call to trailers which will push the trailers onto the stack and then resume. state_ = State::Running; coroutine_.resume(luaTrailers(coroutine_.luaState()), yield_callback_); } Http::FilterTrailersStatus status = (state_ == State::HttpCall || state_ == State::Responded) ? Http::FilterTrailersStatus::StopIteration : Http::FilterTrailersStatus::Continue; if (status == Http::FilterTrailersStatus::Continue) { headers_continued_ = true; } return status; } int StreamHandleWrapper::luaRespond(lua_State* state) { ASSERT(state_ == State::Running); if (headers_continued_) { luaL_error(state, "respond() cannot be called if headers have been continued"); } luaL_checktype(state, 2, LUA_TTABLE); size_t body_size; const char* raw_body = luaL_optlstring(state, 3, nullptr, &body_size); auto headers = Http::ResponseHeaderMapImpl::create(); buildHeadersFromTable(*headers, state, 2); uint64_t status; if (!absl::SimpleAtoi(headers->getStatusValue(), &status) || status < 200 || status >= 600) { luaL_error(state, ":status must be between 200-599"); } Buffer::InstancePtr body; if (raw_body != nullptr) { body = std::make_unique(raw_body, body_size); headers->setContentLength(body_size); } // Once we respond we treat that as the end of the script even if there is more code. Thus we // yield. callbacks_.respond(std::move(headers), body.get(), state); state_ = State::Responded; return lua_yield(state, 0); } int StreamHandleWrapper::luaHttpCall(lua_State* state) { ASSERT(state_ == State::Running); const int async_flag_index = 6; if (!lua_isnone(state, async_flag_index) && !lua_isboolean(state, async_flag_index)) { luaL_error(state, "http call asynchronous flag must be 'true', 'false', or empty"); } if (lua_toboolean(state, async_flag_index)) { return doAsynchronousHttpCall(state, callbacks_.activeSpan()); } else { return doSynchronousHttpCall(state, callbacks_.activeSpan()); } } int StreamHandleWrapper::doSynchronousHttpCall(lua_State* state, Tracing::Span& span) { http_request_ = makeHttpCall(state, filter_, span, *this); if (http_request_) { state_ = State::HttpCall; return lua_yield(state, 0); } else { // Immediate failure case. The return arguments are already on the stack. ASSERT(lua_gettop(state) >= 2); return 2; } } int StreamHandleWrapper::doAsynchronousHttpCall(lua_State* state, Tracing::Span& span) { makeHttpCall(state, filter_, span, noopCallbacks()); return 0; } void StreamHandleWrapper::onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) { ASSERT(state_ == State::HttpCall || state_ == State::Running); ENVOY_LOG(debug, "async HTTP response complete"); http_request_ = nullptr; // We need to build a table with the headers as return param 1. The body will be return param 2. lua_newtable(coroutine_.luaState()); response->headers().iterate([lua_State = coroutine_.luaState()]( const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { lua_pushlstring(lua_State, header.key().getStringView().data(), header.key().getStringView().length()); lua_pushlstring(lua_State, header.value().getStringView().data(), header.value().getStringView().length()); lua_settable(lua_State, -3); return Http::HeaderMap::Iterate::Continue; }); // TODO(mattklein123): Avoid double copy here. if (response->body().length() > 0) { lua_pushlstring(coroutine_.luaState(), response->bodyAsString().data(), response->body().length()); } else { lua_pushnil(coroutine_.luaState()); } // In the immediate failure case, we are just going to immediately return to the script. We // have already pushed the return arguments onto the stack. if (state_ == State::HttpCall) { state_ = State::Running; markLive(); try { coroutine_.resume(2, yield_callback_); markDead(); } catch (const Filters::Common::Lua::LuaException& e) { filter_.scriptError(e); } if (state_ == State::Running) { headers_continued_ = true; callbacks_.continueIteration(); } } } void StreamHandleWrapper::onFailure(const Http::AsyncClient::Request& request, Http::AsyncClient::FailureReason) { ASSERT(state_ == State::HttpCall || state_ == State::Running); ENVOY_LOG(debug, "async HTTP failure"); // Just fake a basic 503 response. Http::ResponseMessagePtr response_message( new Http::ResponseMessageImpl(Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::ServiceUnavailable))}}))); response_message->body().add("upstream failure"); onSuccess(request, std::move(response_message)); } int StreamHandleWrapper::luaHeaders(lua_State* state) { ASSERT(state_ == State::Running); if (headers_wrapper_.get() != nullptr) { headers_wrapper_.pushStack(); } else { headers_wrapper_.reset(HeaderMapWrapper::create(state, headers_, [this] { // If we are about to do a modifiable header // operation, blow away the route cache. We // could be a little more intelligent about // when we do this so the performance would be // higher, but this is simple and will get the // job done for now. This is a NOP on the // encoder path. if (!headers_continued_) { callbacks_.onHeadersModified(); } return !headers_continued_; }), true); } return 1; } int StreamHandleWrapper::luaBody(lua_State* state) { ASSERT(state_ == State::Running); if (end_stream_) { if (!buffered_body_ && saw_body_) { return luaL_error(state, "cannot call body() after body has been streamed"); } else if (callbacks_.bufferedBody() == nullptr) { ENVOY_LOG(debug, "end stream. no body"); return 0; } else { if (body_wrapper_.get() != nullptr) { body_wrapper_.pushStack(); } else { body_wrapper_.reset(Filters::Common::Lua::BufferWrapper::create( state, const_cast(*callbacks_.bufferedBody())), true); } return 1; } } else if (saw_body_) { return luaL_error(state, "cannot call body() after body streaming has started"); } else { ENVOY_LOG(debug, "yielding for full body"); state_ = State::WaitForBody; buffered_body_ = true; return lua_yield(state, 0); } } int StreamHandleWrapper::luaBodyChunks(lua_State* state) { ASSERT(state_ == State::Running); if (saw_body_) { luaL_error(state, "cannot call bodyChunks after body processing has begun"); } // We are currently at the top of the stack. Push a closure that has us as the upvalue. lua_pushcclosure(state, static_luaBodyIterator, 1); return 1; } int StreamHandleWrapper::luaBodyIterator(lua_State* state) { ASSERT(state_ == State::Running); if (end_stream_) { ENVOY_LOG(debug, "body complete. no more body chunks"); return 0; } else { ENVOY_LOG(debug, "yielding for next body chunk"); state_ = State::WaitForBodyChunk; return lua_yield(state, 0); } } int StreamHandleWrapper::luaTrailers(lua_State* state) { ASSERT(state_ == State::Running); if (end_stream_ && trailers_ == nullptr) { ENVOY_LOG(debug, "end stream. no trailers"); return 0; } else if (trailers_ != nullptr) { if (trailers_wrapper_.get() != nullptr) { trailers_wrapper_.pushStack(); } else { trailers_wrapper_.reset(HeaderMapWrapper::create(state, *trailers_, []() { return true; }), true); } return 1; } else { ENVOY_LOG(debug, "yielding for trailers"); state_ = State::WaitForTrailers; return lua_yield(state, 0); } } int StreamHandleWrapper::luaMetadata(lua_State* state) { ASSERT(state_ == State::Running); if (metadata_wrapper_.get() != nullptr) { metadata_wrapper_.pushStack(); } else { metadata_wrapper_.reset( Filters::Common::Lua::MetadataMapWrapper::create(state, callbacks_.metadata()), true); } return 1; } int StreamHandleWrapper::luaStreamInfo(lua_State* state) { ASSERT(state_ == State::Running); if (stream_info_wrapper_.get() != nullptr) { stream_info_wrapper_.pushStack(); } else { stream_info_wrapper_.reset(StreamInfoWrapper::create(state, callbacks_.streamInfo()), true); } return 1; } int StreamHandleWrapper::luaConnection(lua_State* state) { ASSERT(state_ == State::Running); if (connection_wrapper_.get() != nullptr) { connection_wrapper_.pushStack(); } else { connection_wrapper_.reset( Filters::Common::Lua::ConnectionWrapper::create(state, callbacks_.connection()), true); } return 1; } int StreamHandleWrapper::luaLogTrace(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::trace, message); return 0; } int StreamHandleWrapper::luaLogDebug(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::debug, message); return 0; } int StreamHandleWrapper::luaLogInfo(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::info, message); return 0; } int StreamHandleWrapper::luaLogWarn(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::warn, message); return 0; } int StreamHandleWrapper::luaLogErr(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::err, message); return 0; } int StreamHandleWrapper::luaLogCritical(lua_State* state) { const char* message = luaL_checkstring(state, 2); filter_.scriptLog(spdlog::level::critical, message); return 0; } int StreamHandleWrapper::luaVerifySignature(lua_State* state) { // Step 1: Get hash function. absl::string_view hash = luaL_checkstring(state, 2); // Step 2: Get the key pointer. auto key = luaL_checkstring(state, 3); auto ptr = public_key_storage_.find(key); if (ptr == public_key_storage_.end()) { luaL_error(state, "invalid public key"); return 0; } // Step 3: Get signature from args. const char* signature = luaL_checkstring(state, 4); int sig_len = luaL_checknumber(state, 5); const std::vector sig_vec(signature, signature + sig_len); // Step 4: Get clear text from args. const char* clear_text = luaL_checkstring(state, 6); int text_len = luaL_checknumber(state, 7); const std::vector text_vec(clear_text, clear_text + text_len); // Step 5: Verify signature. auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); auto output = crypto_util.verifySignature(hash, *ptr->second, sig_vec, text_vec); lua_pushboolean(state, output.result_); if (output.result_) { lua_pushnil(state); } else { lua_pushlstring(state, output.error_message_.data(), output.error_message_.length()); } return 2; } int StreamHandleWrapper::luaImportPublicKey(lua_State* state) { // Get byte array and the length. const char* str = luaL_checkstring(state, 2); int n = luaL_checknumber(state, 3); std::vector key(str, str + n); if (public_key_wrapper_.get() != nullptr) { public_key_wrapper_.pushStack(); } else { auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); Envoy::Common::Crypto::CryptoObjectPtr crypto_ptr = crypto_util.importPublicKey(key); auto wrapper = Envoy::Common::Crypto::Access::getTyped( *crypto_ptr); EVP_PKEY* pkey = wrapper->getEVP_PKEY(); if (pkey == nullptr) { // TODO(dio): Call luaL_error here instead of failing silently. However, the current behavior // is to return nil (when calling get() to the wrapped object, hence we create a wrapper // initialized by an empty string here) when importing a public key is failed. public_key_wrapper_.reset(PublicKeyWrapper::create(state, EMPTY_STRING), true); } public_key_storage_.insert({std::string(str).substr(0, n), std::move(crypto_ptr)}); public_key_wrapper_.reset(PublicKeyWrapper::create(state, str), true); } return 1; } int StreamHandleWrapper::luaBase64Escape(lua_State* state) { size_t input_size; const char* input = luaL_checklstring(state, 2, &input_size); auto output = absl::Base64Escape(absl::string_view(input, input_size)); lua_pushlstring(state, output.data(), output.length()); return 1; } FilterConfig::FilterConfig(const envoy::extensions::filters::http::lua::v3::Lua& proto_config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cluster_manager, Api::Api& api) : cluster_manager_(cluster_manager) { auto global_setup_ptr = std::make_unique(proto_config.inline_code(), tls); if (global_setup_ptr) { per_lua_code_setups_map_[GLOBAL_SCRIPT_NAME] = std::move(global_setup_ptr); } for (const auto& source : proto_config.source_codes()) { const std::string code = Config::DataSource::read(source.second, true, api); auto per_lua_code_setup_ptr = std::make_unique(code, tls); if (!per_lua_code_setup_ptr) { continue; } per_lua_code_setups_map_[source.first] = std::move(per_lua_code_setup_ptr); } } FilterConfigPerRoute::FilterConfigPerRoute( const envoy::extensions::filters::http::lua::v3::LuaPerRoute& config, Server::Configuration::ServerFactoryContext& context) : main_thread_dispatcher_(context.dispatcher()), disabled_(config.disabled()), name_(config.name()) { if (disabled_ || !name_.empty()) { return; } // Read and parse the inline Lua code defined in the route configuration. const std::string code_str = Config::DataSource::read(config.source_code(), true, context.api()); per_lua_code_setup_ptr_ = std::make_unique(code_str, context.threadLocal()); } void Filter::onDestroy() { destroyed_ = true; if (request_stream_wrapper_.get()) { request_stream_wrapper_.get()->onReset(); } if (response_stream_wrapper_.get()) { response_stream_wrapper_.get()->onReset(); } } Http::FilterHeadersStatus Filter::doHeaders(StreamHandleRef& handle, Filters::Common::Lua::CoroutinePtr& coroutine, FilterCallbacks& callbacks, int function_ref, PerLuaCodeSetup* setup, Http::HeaderMap& headers, bool end_stream) { if (function_ref == LUA_REFNIL) { return Http::FilterHeadersStatus::Continue; } ASSERT(setup); coroutine = setup->createCoroutine(); handle.reset(StreamHandleWrapper::create(coroutine->luaState(), *coroutine, headers, end_stream, *this, callbacks), true); Http::FilterHeadersStatus status = Http::FilterHeadersStatus::Continue; try { status = handle.get()->start(function_ref); handle.markDead(); } catch (const Filters::Common::Lua::LuaException& e) { scriptError(e); } return status; } Http::FilterDataStatus Filter::doData(StreamHandleRef& handle, Buffer::Instance& data, bool end_stream) { Http::FilterDataStatus status = Http::FilterDataStatus::Continue; if (handle.get() != nullptr) { try { handle.markLive(); status = handle.get()->onData(data, end_stream); handle.markDead(); } catch (const Filters::Common::Lua::LuaException& e) { scriptError(e); } } return status; } Http::FilterTrailersStatus Filter::doTrailers(StreamHandleRef& handle, Http::HeaderMap& trailers) { Http::FilterTrailersStatus status = Http::FilterTrailersStatus::Continue; if (handle.get() != nullptr) { try { handle.markLive(); status = handle.get()->onTrailers(trailers); handle.markDead(); } catch (const Filters::Common::Lua::LuaException& e) { scriptError(e); } } return status; } void Filter::scriptError(const Filters::Common::Lua::LuaException& e) { scriptLog(spdlog::level::err, e.what()); request_stream_wrapper_.reset(); response_stream_wrapper_.reset(); } void Filter::scriptLog(spdlog::level::level_enum level, const char* message) { switch (level) { case spdlog::level::trace: ENVOY_LOG(trace, "script log: {}", message); return; case spdlog::level::debug: ENVOY_LOG(debug, "script log: {}", message); return; case spdlog::level::info: ENVOY_LOG(info, "script log: {}", message); return; case spdlog::level::warn: ENVOY_LOG(warn, "script log: {}", message); return; case spdlog::level::err: ENVOY_LOG(error, "script log: {}", message); return; case spdlog::level::critical: ENVOY_LOG(critical, "script log: {}", message); return; case spdlog::level::off: NOT_IMPLEMENTED_GCOVR_EXCL_LINE; return; case spdlog::level::n_levels: NOT_REACHED_GCOVR_EXCL_LINE; } } void Filter::DecoderCallbacks::respond(Http::ResponseHeaderMapPtr&& headers, Buffer::Instance* body, lua_State*) { callbacks_->encodeHeaders(std::move(headers), body == nullptr, HttpResponseCodeDetails::get().LuaResponse); if (body && !parent_.destroyed_) { callbacks_->encodeData(*body, true); } } const ProtobufWkt::Struct& Filter::DecoderCallbacks::metadata() const { return getMetadata(callbacks_); } void Filter::EncoderCallbacks::respond(Http::ResponseHeaderMapPtr&&, Buffer::Instance*, lua_State* state) { // TODO(mattklein123): Support response in response path if nothing has been continued // yet. luaL_error(state, "respond not currently supported in the response path"); } const ProtobufWkt::Struct& Filter::EncoderCallbacks::metadata() const { return getMetadata(callbacks_); } } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/lua_filter.h ================================================ #pragma once #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" #include "common/crypto/utility.h" #include "common/http/utility.h" #include "extensions/common/utility.h" #include "extensions/filters/common/lua/wrappers.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/lua/wrappers.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { constexpr char GLOBAL_SCRIPT_NAME[] = "GLOBAL"; class PerLuaCodeSetup : Logger::Loggable { public: PerLuaCodeSetup(const std::string& lua_code, ThreadLocal::SlotAllocator& tls); Extensions::Filters::Common::Lua::CoroutinePtr createCoroutine() { return lua_state_.createCoroutine(); } int requestFunctionRef() { return lua_state_.getGlobalRef(request_function_slot_); } int responseFunctionRef() { return lua_state_.getGlobalRef(response_function_slot_); } uint64_t runtimeBytesUsed() { return lua_state_.runtimeBytesUsed(); } void runtimeGC() { return lua_state_.runtimeGC(); } private: uint64_t request_function_slot_{}; uint64_t response_function_slot_{}; Filters::Common::Lua::ThreadLocalState lua_state_; }; using PerLuaCodeSetupPtr = std::unique_ptr; /** * Callbacks used by a stream handler to access the filter. */ class FilterCallbacks { public: virtual ~FilterCallbacks() = default; /** * Add data to the connection manager buffer. * @param data supplies the data to add. */ virtual void addData(Buffer::Instance& data) PURE; /** * @return const Buffer::Instance* the currently buffered body. */ virtual const Buffer::Instance* bufferedBody() PURE; /** * Continue filter iteration if iteration has been paused due to an async call. */ virtual void continueIteration() PURE; /** * Called when headers have been modified by a script. This can only happen prior to headers * being continued. */ virtual void onHeadersModified() PURE; /** * Perform an immediate response. * @param headers supplies the response headers. * @param body supplies the optional response body. * @param state supplies the active Lua state. */ virtual void respond(Http::ResponseHeaderMapPtr&& headers, Buffer::Instance* body, lua_State* state) PURE; /** * @return const ProtobufWkt::Struct& the value of metadata inside the lua filter scope of current * route entry. */ virtual const ProtobufWkt::Struct& metadata() const PURE; /** * @return StreamInfo::StreamInfo& the current stream info handle. This handle is mutable to * accommodate write API e.g. setDynamicMetadata(). */ virtual StreamInfo::StreamInfo& streamInfo() PURE; /** * @return const Network::Connection* the current network connection handle. */ virtual const Network::Connection* connection() const PURE; /** * @return const Tracing::Span& the current tracing active span. */ virtual Tracing::Span& activeSpan() PURE; }; class Filter; /** * A wrapper for a currently running request/response. This is the primary handle passed to Lua. * The script interacts with Envoy entirely through this handle. */ class StreamHandleWrapper : public Filters::Common::Lua::BaseLuaObject, public Http::AsyncClient::Callbacks { public: /** * The state machine for a stream handler. In the current implementation everything the filter * does is a discrete state. This may become sub-optimal as we add other things that might * cause the filter to block. * TODO(mattklein123): Consider whether we should split the state machine into an overall state * and a blocking reason type. */ enum class State { // Lua code is currently running or the script has finished. Running, // Lua script is blocked waiting for the next body chunk. WaitForBodyChunk, // Lua script is blocked waiting for the full body. WaitForBody, // Lua script is blocked waiting for trailers. WaitForTrailers, // Lua script is blocked waiting for the result of an HTTP call. HttpCall, // Lua script has done a direct response. Responded }; StreamHandleWrapper(Filters::Common::Lua::Coroutine& coroutine, Http::HeaderMap& headers, bool end_stream, Filter& filter, FilterCallbacks& callbacks); Http::FilterHeadersStatus start(int function_ref); Http::FilterDataStatus onData(Buffer::Instance& data, bool end_stream); Http::FilterTrailersStatus onTrailers(Http::HeaderMap& trailers); void onReset() { if (http_request_) { http_request_->cancel(); http_request_ = nullptr; } } static ExportedFunctions exportedFunctions() { return {{"headers", static_luaHeaders}, {"body", static_luaBody}, {"bodyChunks", static_luaBodyChunks}, {"trailers", static_luaTrailers}, {"metadata", static_luaMetadata}, {"logTrace", static_luaLogTrace}, {"logDebug", static_luaLogDebug}, {"logInfo", static_luaLogInfo}, {"logWarn", static_luaLogWarn}, {"logErr", static_luaLogErr}, {"logCritical", static_luaLogCritical}, {"httpCall", static_luaHttpCall}, {"respond", static_luaRespond}, {"streamInfo", static_luaStreamInfo}, {"connection", static_luaConnection}, {"importPublicKey", static_luaImportPublicKey}, {"verifySignature", static_luaVerifySignature}, {"base64Escape", static_luaBase64Escape}}; } private: /** * Perform an HTTP call to an upstream host. * @param 1 (string): The name of the upstream cluster to call. This cluster must be configured. * @param 2 (table): A table of HTTP headers. :method, :path, and :authority must be defined. * @param 3 (string): Body. Can be nil. * @param 4 (int): Timeout in milliseconds for the call. * @param 5 (bool): Optional flag. If true, filter continues without waiting for HTTP response * from upstream service. False/synchronous by default. * @return headers (table), body (string/nil) */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaHttpCall); /** * Perform an inline response. This call is currently only valid on the request path. Further * filter iteration will stop. No further script code will run after this call. * @param 1 (table): A table of HTTP headers. :status must be defined. * @param 2 (string): Body. Can be nil. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaRespond); /** * @return a handle to the headers. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaHeaders); /** * @return a handle to the full body or nil if there is no body. This call will cause the script * to yield until the entire body is received (or if there is no body will return nil * right away). * NOTE: This call causes Envoy to buffer the body. The max buffer size is configured * based on the currently active flow control settings. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaBody); /** * @return an iterator that allows the script to iterate through all body chunks as they are * received. The iterator will yield between body chunks. Envoy *will not* buffer * the body chunks in this case, but the script can look at them as they go by. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaBodyChunks); /** * @return a handle to the trailers or nil if there are no trailers. This call will cause the * script to yield if Envoy does not yet know if there are trailers or not. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaTrailers); /** * @return a handle to the metadata. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaMetadata); /** * @return a handle to the stream info. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaStreamInfo); /** * @return a handle to the network connection. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaConnection); /** * Log a message to the Envoy log. * @param 1 (string): The log message. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogTrace); DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogDebug); DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogInfo); DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogWarn); DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogErr); DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaLogCritical); /** * Verify cryptographic signatures. * @param 1 (string) hash function(including SHA1, SHA224, SHA256, SHA384, SHA512) * @param 2 (void*) pointer to public key * @param 3 (string) signature * @param 4 (int) length of signature * @param 5 (string) clear text * @param 6 (int) length of clear text * @return (bool, string) If the first element is true, the second element is empty; otherwise, * the second element stores the error message */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaVerifySignature); /** * Import public key. * @param 1 (string) keyder string * @param 2 (int) length of keyder string * @return pointer to public key */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaImportPublicKey); /** * This is the closure/iterator returned by luaBodyChunks() above. */ DECLARE_LUA_CLOSURE(StreamHandleWrapper, luaBodyIterator); /** * Base64 escape a string. * @param1 (string) string to be base64 escaped. * @return (string) base64 escaped string. */ DECLARE_LUA_FUNCTION(StreamHandleWrapper, luaBase64Escape); int doSynchronousHttpCall(lua_State* state, Tracing::Span& span); int doAsynchronousHttpCall(lua_State* state, Tracing::Span& span); // Filters::Common::Lua::BaseLuaObject void onMarkDead() override { // Headers/body/trailers wrappers do not survive any yields. The user can request them // again across yields if needed. headers_wrapper_.reset(); body_wrapper_.reset(); trailers_wrapper_.reset(); metadata_wrapper_.reset(); stream_info_wrapper_.reset(); connection_wrapper_.reset(); public_key_wrapper_.reset(); } // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&&) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) override; void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} Filters::Common::Lua::Coroutine& coroutine_; Http::HeaderMap& headers_; bool end_stream_; bool headers_continued_{}; bool buffered_body_{}; bool saw_body_{}; Filter& filter_; FilterCallbacks& callbacks_; Http::HeaderMap* trailers_{}; Filters::Common::Lua::LuaDeathRef headers_wrapper_; Filters::Common::Lua::LuaDeathRef body_wrapper_; Filters::Common::Lua::LuaDeathRef trailers_wrapper_; Filters::Common::Lua::LuaDeathRef metadata_wrapper_; Filters::Common::Lua::LuaDeathRef stream_info_wrapper_; Filters::Common::Lua::LuaDeathRef connection_wrapper_; Filters::Common::Lua::LuaDeathRef public_key_wrapper_; State state_{State::Running}; std::function yield_callback_; Http::AsyncClient::Request* http_request_{}; // The inserted crypto object pointers will not be removed from this map. absl::flat_hash_map public_key_storage_; }; /** * An empty Callbacks client. It will ignore everything, including successes and failures. */ class NoopCallbacks : public Http::AsyncClient::Callbacks { public: // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&&) override {} void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) override {} void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} }; /** * Global configuration for the filter. */ class FilterConfig : Logger::Loggable { public: FilterConfig(const envoy::extensions::filters::http::lua::v3::Lua& proto_config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cluster_manager, Api::Api& api); PerLuaCodeSetup* perLuaCodeSetup(const std::string& name) const { const auto iter = per_lua_code_setups_map_.find(name); if (iter != per_lua_code_setups_map_.end()) { return iter->second.get(); } return nullptr; } Upstream::ClusterManager& cluster_manager_; private: absl::flat_hash_map per_lua_code_setups_map_; }; using FilterConfigConstSharedPtr = std::shared_ptr; /** * Route configuration for the filter. */ class FilterConfigPerRoute : public Router::RouteSpecificFilterConfig { public: FilterConfigPerRoute(const envoy::extensions::filters::http::lua::v3::LuaPerRoute& config, Server::Configuration::ServerFactoryContext& context); ~FilterConfigPerRoute() override { // The design of the TLS system does not allow TLS state to be modified in worker threads. // However, when the route configuration is dynamically updated via RDS, the old // FilterConfigPerRoute object may be destructed in a random worker thread. Therefore, to // ensure thread safety, ownership of per_lua_code_setup_ptr_ must be transferred to the main // thread and destroyed when the FilterConfigPerRoute object is not destructed in the main // thread. if (per_lua_code_setup_ptr_ && !main_thread_dispatcher_.isThreadSafe()) { auto shared_ptr_wrapper = std::make_shared(std::move(per_lua_code_setup_ptr_)); main_thread_dispatcher_.post([shared_ptr_wrapper] { shared_ptr_wrapper->reset(); }); } } bool disabled() const { return disabled_; } const std::string& name() const { return name_; } PerLuaCodeSetup* perLuaCodeSetup() const { return per_lua_code_setup_ptr_.get(); } private: Event::Dispatcher& main_thread_dispatcher_; const bool disabled_; const std::string name_; PerLuaCodeSetupPtr per_lua_code_setup_ptr_; }; namespace { PerLuaCodeSetup* getPerLuaCodeSetup(const FilterConfig* filter_config, Http::StreamFilterCallbacks* callbacks) { const FilterConfigPerRoute* config_per_route = nullptr; if (callbacks && callbacks->route()) { config_per_route = Http::Utility::resolveMostSpecificPerFilterConfig( HttpFilterNames::get().Lua, callbacks->route()); } if (config_per_route != nullptr) { if (config_per_route->disabled()) { return nullptr; } if (!config_per_route->name().empty()) { ASSERT(filter_config); return filter_config->perLuaCodeSetup(config_per_route->name()); } return config_per_route->perLuaCodeSetup(); } ASSERT(filter_config); return filter_config->perLuaCodeSetup(GLOBAL_SCRIPT_NAME); } } // namespace // TODO(mattklein123): Filter stats. /** * The HTTP Lua filter. Allows scripts to run in both the request an response flow. */ class Filter : public Http::StreamFilter, Logger::Loggable { public: Filter(FilterConfigConstSharedPtr config) : config_(config) {} Upstream::ClusterManager& clusterManager() { return config_->cluster_manager_; } void scriptError(const Filters::Common::Lua::LuaException& e); virtual void scriptLog(spdlog::level::level_enum level, const char* message); // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override { PerLuaCodeSetup* setup = getPerLuaCodeSetup(config_.get(), decoder_callbacks_.callbacks_); const int function_ref = setup ? setup->requestFunctionRef() : LUA_REFNIL; return doHeaders(request_stream_wrapper_, request_coroutine_, decoder_callbacks_, function_ref, setup, headers, end_stream); } Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override { return doData(request_stream_wrapper_, data, end_stream); } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override { return doTrailers(request_stream_wrapper_, trailers); } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { decoder_callbacks_.callbacks_ = &callbacks; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override { PerLuaCodeSetup* setup = getPerLuaCodeSetup(config_.get(), decoder_callbacks_.callbacks_); const int function_ref = setup ? setup->responseFunctionRef() : LUA_REFNIL; return doHeaders(response_stream_wrapper_, response_coroutine_, encoder_callbacks_, function_ref, setup, headers, end_stream); } Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override { return doData(response_stream_wrapper_, data, end_stream); }; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override { return doTrailers(response_stream_wrapper_, trailers); }; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { encoder_callbacks_.callbacks_ = &callbacks; }; private: struct DecoderCallbacks : public FilterCallbacks { DecoderCallbacks(Filter& parent) : parent_(parent) {} // FilterCallbacks void addData(Buffer::Instance& data) override { return callbacks_->addDecodedData(data, false); } const Buffer::Instance* bufferedBody() override { return callbacks_->decodingBuffer(); } void continueIteration() override { return callbacks_->continueDecoding(); } void onHeadersModified() override { callbacks_->clearRouteCache(); } void respond(Http::ResponseHeaderMapPtr&& headers, Buffer::Instance* body, lua_State* state) override; const ProtobufWkt::Struct& metadata() const override; StreamInfo::StreamInfo& streamInfo() override { return callbacks_->streamInfo(); } const Network::Connection* connection() const override { return callbacks_->connection(); } Tracing::Span& activeSpan() override { return callbacks_->activeSpan(); } Filter& parent_; Http::StreamDecoderFilterCallbacks* callbacks_{}; }; struct EncoderCallbacks : public FilterCallbacks { EncoderCallbacks(Filter& parent) : parent_(parent) {} // FilterCallbacks void addData(Buffer::Instance& data) override { return callbacks_->addEncodedData(data, false); } const Buffer::Instance* bufferedBody() override { return callbacks_->encodingBuffer(); } void continueIteration() override { return callbacks_->continueEncoding(); } void onHeadersModified() override {} void respond(Http::ResponseHeaderMapPtr&& headers, Buffer::Instance* body, lua_State* state) override; const ProtobufWkt::Struct& metadata() const override; StreamInfo::StreamInfo& streamInfo() override { return callbacks_->streamInfo(); } const Network::Connection* connection() const override { return callbacks_->connection(); } Tracing::Span& activeSpan() override { return callbacks_->activeSpan(); } Filter& parent_; Http::StreamEncoderFilterCallbacks* callbacks_{}; }; using StreamHandleRef = Filters::Common::Lua::LuaDeathRef; Http::FilterHeadersStatus doHeaders(StreamHandleRef& handle, Filters::Common::Lua::CoroutinePtr& coroutine, FilterCallbacks& callbacks, int function_ref, PerLuaCodeSetup* setup, Http::HeaderMap& headers, bool end_stream); Http::FilterDataStatus doData(StreamHandleRef& handle, Buffer::Instance& data, bool end_stream); Http::FilterTrailersStatus doTrailers(StreamHandleRef& handle, Http::HeaderMap& trailers); FilterConfigConstSharedPtr config_; DecoderCallbacks decoder_callbacks_{*this}; EncoderCallbacks encoder_callbacks_{*this}; StreamHandleRef request_stream_wrapper_; StreamHandleRef response_stream_wrapper_; bool destroyed_{}; // These coroutines used to be owned by the stream handles. After investigating #3570, it // became clear that there is a circular memory reference when a coroutine yields. Basically, // the coroutine holds a reference to the stream wrapper. I'm not completely sure why this is, // but I think it is because the yield happens via a stream handle method, so the runtime must // hold a reference so that it can return out of the yield through the object. So now we hold // the coroutine references at the same level as the stream handles so that when the filter is // destroyed the circular reference is broken and both objects are cleaned up. // // Note that the above explanation probably means that we don't need to hold a reference to the // coroutine at all and it would be taken care of automatically via a runtime internal reference // when a yield happens. However, given that I don't fully understand the runtime internals, this // seems like a safer fix for now. Filters::Common::Lua::CoroutinePtr request_coroutine_; Filters::Common::Lua::CoroutinePtr response_coroutine_; }; } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/wrappers.cc ================================================ #include "extensions/filters/http/lua/wrappers.h" #include "common/http/header_utility.h" #include "common/http/utility.h" #include "extensions/filters/common/lua/wrappers.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { HeaderMapIterator::HeaderMapIterator(HeaderMapWrapper& parent) : parent_(parent) { entries_.reserve(parent_.headers_.size()); parent_.headers_.iterate([this](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { entries_.push_back(&header); return Http::HeaderMap::Iterate::Continue; }); } int HeaderMapIterator::luaPairsIterator(lua_State* state) { if (current_ == entries_.size()) { parent_.iterator_.reset(); return 0; } else { const absl::string_view key_view(entries_[current_]->key().getStringView()); lua_pushlstring(state, key_view.data(), key_view.length()); const absl::string_view value_view(entries_[current_]->value().getStringView()); lua_pushlstring(state, value_view.data(), value_view.length()); current_++; return 2; } } int HeaderMapWrapper::luaAdd(lua_State* state) { checkModifiable(state); const char* key = luaL_checkstring(state, 2); const char* value = luaL_checkstring(state, 3); headers_.addCopy(Http::LowerCaseString(key), value); return 0; } int HeaderMapWrapper::luaGet(lua_State* state) { const char* key = luaL_checkstring(state, 2); const auto value = Http::HeaderUtility::getAllOfHeaderAsString(headers_, Http::LowerCaseString(key)); if (value.result().has_value()) { lua_pushlstring(state, value.result().value().data(), value.result().value().length()); return 1; } else { return 0; } } int HeaderMapWrapper::luaPairs(lua_State* state) { if (iterator_.get() != nullptr) { luaL_error(state, "cannot create a second iterator before completing the first"); } // The way iteration works is we create an iteration wrapper that snaps pointers to all of // the headers. We don't allow modification while an iterator is active. This means that // currently if a script breaks out of iteration, further modifications will not be possible // because we don't know if they may resume iteration in the future and it isn't safe. There // are potentially better ways of handling this but due to GC of the iterator it's very // difficult to control safety without tracking every allocated iterator and invalidating them // if the map is modified. iterator_.reset(HeaderMapIterator::create(state, *this), true); lua_pushcclosure(state, HeaderMapIterator::static_luaPairsIterator, 1); return 1; } int HeaderMapWrapper::luaReplace(lua_State* state) { checkModifiable(state); const char* key = luaL_checkstring(state, 2); const char* value = luaL_checkstring(state, 3); const Http::LowerCaseString lower_key(key); headers_.setCopy(lower_key, value); return 0; } int HeaderMapWrapper::luaRemove(lua_State* state) { checkModifiable(state); const char* key = luaL_checkstring(state, 2); headers_.remove(Http::LowerCaseString(key)); return 0; } void HeaderMapWrapper::checkModifiable(lua_State* state) { if (iterator_.get() != nullptr) { luaL_error(state, "header map cannot be modified while iterating"); } if (!cb_()) { luaL_error(state, "header map can no longer be modified"); } } int StreamInfoWrapper::luaProtocol(lua_State* state) { lua_pushstring(state, Http::Utility::getProtocolString(stream_info_.protocol().value()).c_str()); return 1; } int StreamInfoWrapper::luaDynamicMetadata(lua_State* state) { if (dynamic_metadata_wrapper_.get() != nullptr) { dynamic_metadata_wrapper_.pushStack(); } else { dynamic_metadata_wrapper_.reset(DynamicMetadataMapWrapper::create(state, *this), true); } return 1; } int StreamInfoWrapper::luaDownstreamSslConnection(lua_State* state) { const auto& ssl = stream_info_.downstreamSslConnection(); if (ssl != nullptr) { if (downstream_ssl_connection_.get() != nullptr) { downstream_ssl_connection_.pushStack(); } else { downstream_ssl_connection_.reset( Filters::Common::Lua::SslConnectionWrapper::create(state, *ssl), true); } } else { lua_pushnil(state); } return 1; } DynamicMetadataMapIterator::DynamicMetadataMapIterator(DynamicMetadataMapWrapper& parent) : parent_{parent}, current_{parent_.streamInfo().dynamicMetadata().filter_metadata().begin()} {} StreamInfo::StreamInfo& DynamicMetadataMapWrapper::streamInfo() { return parent_.stream_info_; } int DynamicMetadataMapIterator::luaPairsIterator(lua_State* state) { if (current_ == parent_.streamInfo().dynamicMetadata().filter_metadata().end()) { parent_.iterator_.reset(); return 0; } lua_pushstring(state, current_->first.c_str()); Filters::Common::Lua::MetadataMapHelper::createTable(state, current_->second.fields()); current_++; return 2; } int DynamicMetadataMapWrapper::luaGet(lua_State* state) { const char* filter_name = luaL_checkstring(state, 2); const auto& metadata = streamInfo().dynamicMetadata().filter_metadata(); const auto filter_it = metadata.find(filter_name); if (filter_it == metadata.end()) { return 0; } Filters::Common::Lua::MetadataMapHelper::createTable(state, filter_it->second.fields()); return 1; } int DynamicMetadataMapWrapper::luaSet(lua_State* state) { if (iterator_.get() != nullptr) { luaL_error(state, "dynamic metadata map cannot be modified while iterating"); } const char* filter_name = luaL_checkstring(state, 2); const char* key = luaL_checkstring(state, 3); // MetadataMapHelper::loadValue will convert the value on top of the Lua stack, // so push a copy of the 3rd arg ("value") to the top. lua_pushvalue(state, 4); ProtobufWkt::Struct value; (*value.mutable_fields())[key] = Filters::Common::Lua::MetadataMapHelper::loadValue(state); streamInfo().setDynamicMetadata(filter_name, value); // Pop the copy of the metadata value from the stack. lua_pop(state, 1); return 0; } int DynamicMetadataMapWrapper::luaPairs(lua_State* state) { if (iterator_.get() != nullptr) { luaL_error(state, "cannot create a second iterator before completing the first"); } iterator_.reset(DynamicMetadataMapIterator::create(state, *this), true); lua_pushcclosure(state, DynamicMetadataMapIterator::static_luaPairsIterator, 1); return 1; } int PublicKeyWrapper::luaGet(lua_State* state) { if (public_key_.empty()) { lua_pushnil(state); } else { lua_pushstring(state, public_key_.c_str()); } return 1; } } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/lua/wrappers.h ================================================ #pragma once #include "envoy/http/header_map.h" #include "envoy/stream_info/stream_info.h" #include "common/crypto/utility.h" #include "extensions/common/crypto/crypto_impl.h" #include "extensions/filters/common/lua/lua.h" #include "extensions/filters/common/lua/wrappers.h" #include "openssl/evp.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Lua { class HeaderMapWrapper; /** * Iterator over a header map. */ class HeaderMapIterator : public Filters::Common::Lua::BaseLuaObject { public: HeaderMapIterator(HeaderMapWrapper& parent); static ExportedFunctions exportedFunctions() { return {}; } DECLARE_LUA_CLOSURE(HeaderMapIterator, luaPairsIterator); private: HeaderMapWrapper& parent_; std::vector entries_; uint64_t current_{}; }; /** * Lua wrapper for a header map. Methods that will modify the map will call a check function * to see if modification is allowed. */ class HeaderMapWrapper : public Filters::Common::Lua::BaseLuaObject { public: using CheckModifiableCb = std::function; HeaderMapWrapper(Http::HeaderMap& headers, CheckModifiableCb cb) : headers_(headers), cb_(cb) {} static ExportedFunctions exportedFunctions() { return {{"add", static_luaAdd}, {"get", static_luaGet}, {"remove", static_luaRemove}, {"replace", static_luaReplace}, {"__pairs", static_luaPairs}}; } private: /** * Add a header to the map. * @param 1 (string): header name. * @param 2 (string): header value. * @return nothing. */ DECLARE_LUA_FUNCTION(HeaderMapWrapper, luaAdd); /** * Get a header value from the map. * @param 1 (string): header name. * @return string value if found or nil. */ DECLARE_LUA_FUNCTION(HeaderMapWrapper, luaGet); /** * Implementation of the __pairs metamethod so a headers wrapper can be iterated over using * pairs(). */ DECLARE_LUA_FUNCTION(HeaderMapWrapper, luaPairs); /** * Remove a header from the map. * @param 1 (string): header name. * @return nothing. */ DECLARE_LUA_FUNCTION(HeaderMapWrapper, luaRemove); /** * Replace a header in the map. If the header does not exist, it will be added. * @param 1 (string): header name. * @param 2 (string): header value. * @return nothing. */ DECLARE_LUA_FUNCTION(HeaderMapWrapper, luaReplace); void checkModifiable(lua_State* state); // Envoy::Lua::BaseLuaObject void onMarkDead() override { // Iterators do not survive yields. iterator_.reset(); } Http::HeaderMap& headers_; CheckModifiableCb cb_; Filters::Common::Lua::LuaDeathRef iterator_; friend class HeaderMapIterator; }; class DynamicMetadataMapWrapper; class StreamInfoWrapper; /** * Iterator over a dynamic metadata map. */ class DynamicMetadataMapIterator : public Filters::Common::Lua::BaseLuaObject { public: DynamicMetadataMapIterator(DynamicMetadataMapWrapper& parent); static ExportedFunctions exportedFunctions() { return {}; } DECLARE_LUA_CLOSURE(DynamicMetadataMapIterator, luaPairsIterator); private: DynamicMetadataMapWrapper& parent_; Protobuf::Map::const_iterator current_; }; /** * Lua wrapper for a dynamic metadata. */ class DynamicMetadataMapWrapper : public Filters::Common::Lua::BaseLuaObject { public: DynamicMetadataMapWrapper(StreamInfoWrapper& parent) : parent_{parent} {} static ExportedFunctions exportedFunctions() { return {{"get", static_luaGet}, {"set", static_luaSet}, {"__pairs", static_luaPairs}}; } private: /** * Get a metadata value from the map. * @param 1 (string): filter name. * @return value if found or nil. */ DECLARE_LUA_FUNCTION(DynamicMetadataMapWrapper, luaGet); /** * Get a metadata value from the map. * @param 1 (string): filter name. * @param 2 (string or table): key. * @param 3 (string or table): value. * @return nil. */ DECLARE_LUA_FUNCTION(DynamicMetadataMapWrapper, luaSet); /** * Implementation of the __pairs metamethod so a dynamic metadata wrapper can be iterated over * using pairs(). */ DECLARE_LUA_FUNCTION(DynamicMetadataMapWrapper, luaPairs); // Envoy::Lua::BaseLuaObject void onMarkDead() override { // Iterators do not survive yields. iterator_.reset(); } // To get reference to parent's (StreamInfoWrapper) stream info member. StreamInfo::StreamInfo& streamInfo(); StreamInfoWrapper& parent_; Filters::Common::Lua::LuaDeathRef iterator_; friend class DynamicMetadataMapIterator; }; /** * Lua wrapper for a stream info. */ class StreamInfoWrapper : public Filters::Common::Lua::BaseLuaObject { public: StreamInfoWrapper(StreamInfo::StreamInfo& stream_info) : stream_info_{stream_info} {} static ExportedFunctions exportedFunctions() { return {{"protocol", static_luaProtocol}, {"dynamicMetadata", static_luaDynamicMetadata}, {"downstreamSslConnection", static_luaDownstreamSslConnection}}; } private: /** * Get current protocol being used. * @return string representation of Http::Protocol. */ DECLARE_LUA_FUNCTION(StreamInfoWrapper, luaProtocol); /** * Get reference to stream info dynamic metadata object. * @return DynamicMetadataMapWrapper representation of StreamInfo dynamic metadata. */ DECLARE_LUA_FUNCTION(StreamInfoWrapper, luaDynamicMetadata); /** * Get reference to stream info downstreamSslConnection. * @return SslConnectionWrapper representation of StreamInfo downstream SSL connection. */ DECLARE_LUA_FUNCTION(StreamInfoWrapper, luaDownstreamSslConnection); // Envoy::Lua::BaseLuaObject void onMarkDead() override { dynamic_metadata_wrapper_.reset(); } StreamInfo::StreamInfo& stream_info_; Filters::Common::Lua::LuaDeathRef dynamic_metadata_wrapper_; Filters::Common::Lua::LuaDeathRef downstream_ssl_connection_; friend class DynamicMetadataMapWrapper; }; /** * Lua wrapper for key for accessing the imported public keys. */ class PublicKeyWrapper : public Filters::Common::Lua::BaseLuaObject { public: explicit PublicKeyWrapper(absl::string_view key) : public_key_(key) {} static ExportedFunctions exportedFunctions() { return {{"get", static_luaGet}}; } private: /** * Get public key value. * @return public key value or nil if key is empty. */ DECLARE_LUA_FUNCTION(PublicKeyWrapper, luaGet); const std::string public_key_; }; } // namespace Lua } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # HTTP L7 filter that performs oauth. # Public docs: docs/root/configuration/http_filters/oauth_filter.rst envoy_cc_library( name = "oauth_callback_interface", hdrs = ["oauth.h"], ) envoy_proto_library( name = "oauth_response", srcs = ["oauth_response.proto"], ) envoy_cc_library( name = "oauth_client", srcs = ["oauth_client.cc"], hdrs = ["oauth_client.h"], deps = [ ":oauth_response_cc_proto", "//include/envoy/http:async_client_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/protobuf:message_validator_lib", "//source/extensions/filters/http/oauth2:oauth_callback_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "oauth_lib", srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ ":oauth_client", "//include/envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/http:rest_api_fetcher_lib", "//source/common/protobuf:utility_lib", "//source/extensions/common/crypto:utility_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/oauth2/v3alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", status = "alpha", deps = [ ":oauth_lib", "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/api/v2/auth:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/oauth2/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/oauth2/config.cc ================================================ #include "extensions/filters/http/oauth2/config.h" #include #include #include #include "envoy/api/v2/auth/secret.pb.h" #include "envoy/common/exception.h" #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/secret/secret_manager.h" #include "envoy/secret/secret_provider.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/oauth2/filter.h" #include "extensions/filters/http/oauth2/oauth.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { namespace { Secret::GenericSecretConfigProviderSharedPtr secretsProvider(const envoy::extensions::transport_sockets::tls::v3::SdsSecretConfig& config, Secret::SecretManager& secret_manager, Server::Configuration::TransportSocketFactoryContext& transport_socket_factory) { if (config.has_sds_config()) { return secret_manager.findOrCreateGenericSecretProvider(config.sds_config(), config.name(), transport_socket_factory); } else { return secret_manager.findStaticGenericSecretProvider(config.name()); } } } // namespace Http::FilterFactoryCb OAuth2Config::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::oauth2::v3alpha::OAuth2& proto, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { if (!proto.has_config()) { throw EnvoyException("config must be present for global config"); } const auto& proto_config = proto.config(); const auto& credentials = proto_config.credentials(); const auto& token_secret = credentials.token_secret(); const auto& hmac_secret = credentials.hmac_secret(); auto& secret_manager = context.clusterManager().clusterManagerFactory().secretManager(); auto& transport_socket_factory = context.getTransportSocketFactoryContext(); auto secret_provider_token_secret = secretsProvider(token_secret, secret_manager, transport_socket_factory); auto secret_provider_hmac_secret = secretsProvider(hmac_secret, secret_manager, transport_socket_factory); auto secret_reader = std::make_shared( secret_provider_token_secret, secret_provider_hmac_secret, context.api()); auto config = std::make_shared(proto_config, context.clusterManager(), secret_reader, context.scope(), stats_prefix); return [&context, config](Http::FilterChainFactoryCallbacks& callbacks) -> void { std::unique_ptr oauth_client = std::make_unique(context.clusterManager(), config->oauthTokenEndpoint()); callbacks.addStreamDecoderFilter( std::make_shared(config, std::move(oauth_client), context.timeSource())); }; } /* * Static registration for the OAuth2 filter. @see RegisterFactory. */ REGISTER_FACTORY(OAuth2Config, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/config.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.h" #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { class OAuth2Config : public Extensions::HttpFilters::Common::FactoryBase< envoy::extensions::filters::http::oauth2::v3alpha::OAuth2> { public: OAuth2Config() : FactoryBase(HttpFilterNames::get().OAuth) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::oauth2::v3alpha::OAuth2&, const std::string&, Server::Configuration::FactoryContext&) override; }; } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/filter.cc ================================================ #include "extensions/filters/http/oauth2/filter.h" #include #include #include #include #include #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/common/matchers.h" #include "common/crypto/utility.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/protobuf/utility.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" #include "absl/strings/str_replace.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { namespace { Http::RegisterCustomInlineHeader authorization_handle(Http::CustomHeaders::get().Authorization); constexpr absl::string_view SignoutCookieValue = "OauthHMAC=deleted; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT"; constexpr absl::string_view SignoutBearerTokenValue = "BearerToken=deleted; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT"; constexpr const char* CookieTailFormatString = ";version=1;path=/;Max-Age={};secure"; constexpr const char* CookieTailHttpOnlyFormatString = ";version=1;path=/;Max-Age={};secure;HttpOnly"; const char* AuthorizationEndpointFormat = "{}?client_id={}&scope=user&response_type=code&redirect_uri={}&state={}"; constexpr absl::string_view UnauthorizedBodyMessage = "OAuth flow failed."; const std::string& queryParamsError() { CONSTRUCT_ON_FIRST_USE(std::string, "error"); } const std::string& queryParamsCode() { CONSTRUCT_ON_FIRST_USE(std::string, "code"); } const std::string& queryParamsState() { CONSTRUCT_ON_FIRST_USE(std::string, "state"); } constexpr absl::string_view REDIRECT_RACE = "oauth.race_redirect"; constexpr absl::string_view REDIRECT_LOGGED_IN = "oauth.logged_in"; constexpr absl::string_view REDIRECT_FOR_CREDENTIALS = "oauth.missing_credentials"; constexpr absl::string_view SIGN_OUT = "oauth.sign_out"; template std::vector headerMatchers(const T& matcher_protos) { std::vector matchers; matchers.reserve(matcher_protos.size()); for (const auto& proto : matcher_protos) { matchers.emplace_back(proto); } return matchers; } // Sets the auth token as the Bearer token in the authorization header. void setBearerToken(Http::RequestHeaderMap& headers, const std::string& token) { headers.setInline(authorization_handle.handle(), absl::StrCat("Bearer ", token)); } } // namespace FilterConfig::FilterConfig( const envoy::extensions::filters::http::oauth2::v3alpha::OAuth2Config& proto_config, Upstream::ClusterManager& cluster_manager, std::shared_ptr secret_reader, Stats::Scope& scope, const std::string& stats_prefix) : oauth_token_endpoint_(proto_config.token_endpoint()), authorization_endpoint_(proto_config.authorization_endpoint()), client_id_(proto_config.credentials().client_id()), redirect_uri_(proto_config.redirect_uri()), redirect_matcher_(proto_config.redirect_path_matcher()), signout_path_(proto_config.signout_path()), secret_reader_(secret_reader), stats_(FilterConfig::generateStats(stats_prefix, scope)), forward_bearer_token_(proto_config.forward_bearer_token()), pass_through_header_matchers_(headerMatchers(proto_config.pass_through_matcher())) { if (!cluster_manager.get(oauth_token_endpoint_.cluster())) { throw EnvoyException(fmt::format("OAuth2 filter: unknown cluster '{}' in config. Please " "specify which cluster to direct OAuth requests to.", oauth_token_endpoint_.cluster())); } } FilterStats FilterConfig::generateStats(const std::string& prefix, Stats::Scope& scope) { return {ALL_OAUTH_FILTER_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } void OAuth2CookieValidator::setParams(const Http::RequestHeaderMap& headers, const std::string& secret) { expires_ = Http::Utility::parseCookieValue(headers, "OauthExpires"); token_ = Http::Utility::parseCookieValue(headers, "BearerToken"); hmac_ = Http::Utility::parseCookieValue(headers, "OauthHMAC"); host_ = headers.Host()->value().getStringView(); secret_.assign(secret.begin(), secret.end()); } bool OAuth2CookieValidator::hmacIsValid() const { auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); const auto hmac_payload = absl::StrCat(host_, expires_, token_); const auto pre_encoded_hmac = Hex::encode(crypto_util.getSha256Hmac(secret_, hmac_payload)); std::string encoded_hmac; absl::Base64Escape(pre_encoded_hmac, &encoded_hmac); return encoded_hmac == hmac_; } bool OAuth2CookieValidator::timestampIsValid() const { uint64_t expires; if (!absl::SimpleAtoi(expires_, &expires)) { return false; } const auto current_epoch = time_source_.systemTime().time_since_epoch(); return std::chrono::seconds(expires) > current_epoch; } bool OAuth2CookieValidator::isValid() const { return hmacIsValid() && timestampIsValid(); } OAuth2Filter::OAuth2Filter(FilterConfigSharedPtr config, std::unique_ptr&& oauth_client, TimeSource& time_source) : validator_(std::make_shared(time_source)), oauth_client_(std::move(oauth_client)), config_(std::move(config)), time_source_(time_source) { oauth_client_->setCallbacks(*this); } const std::string& OAuth2Filter::bearerPrefix() const { CONSTRUCT_ON_FIRST_USE(std::string, "bearer "); } std::string OAuth2Filter::extractAccessToken(const Http::RequestHeaderMap& headers) const { ASSERT(headers.Path() != nullptr); // Start by looking for a bearer token in the Authorization header. const Http::HeaderEntry* authorization = headers.getInline(authorization_handle.handle()); if (authorization != nullptr) { const auto value = StringUtil::trim(authorization->value().getStringView()); const auto& bearer_prefix = bearerPrefix(); if (absl::StartsWithIgnoreCase(value, bearer_prefix)) { const size_t start = bearer_prefix.length(); return std::string(StringUtil::ltrim(value.substr(start))); } } // Check for the named query string parameter. const auto path = headers.Path()->value().getStringView(); const auto params = Http::Utility::parseQueryString(path); const auto param = params.find("token"); if (param != params.end()) { return param->second; } return EMPTY_STRING; } /** * primary cases: * 1) user is signing out * 2) /_oauth redirect * 3) user is authorized * 4) user is unauthorized */ Http::FilterHeadersStatus OAuth2Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { // The following 2 headers are guaranteed for regular requests. The asserts are helpful when // writing test code to not forget these important variables in mock requests const Http::HeaderEntry* host_header = headers.Host(); ASSERT(host_header != nullptr); host_ = host_header->value().getStringView(); const Http::HeaderEntry* path_header = headers.Path(); ASSERT(path_header != nullptr); const absl::string_view path_str = path_header->value().getStringView(); // We should check if this is a sign out request. if (config_->signoutPath().match(path_header->value().getStringView())) { return signOutUser(headers); } if (canSkipOAuth(headers)) { // Update the path header with the query string parameters after a successful OAuth login. // This is necessary if a website requests multiple resources which get redirected to the // auth server. A cached login on the authorization server side will set cookies // correctly but cause a race condition on future requests that have their location set // to the callback path. if (config_->redirectPathMatcher().match(path_str)) { Http::Utility::QueryParams query_parameters = Http::Utility::parseQueryString(path_str); const auto state = Http::Utility::PercentEncoding::decode(query_parameters.at(queryParamsState())); Http::Utility::Url state_url; if (!state_url.initialize(state, false)) { sendUnauthorizedResponse(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } // Avoid infinite redirect storm if (config_->redirectPathMatcher().match(state_url.pathAndQueryParams())) { sendUnauthorizedResponse(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } Http::ResponseHeaderMapPtr response_headers{ Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::Found))}, {Http::Headers::get().Location, state}})}; decoder_callbacks_->encodeHeaders(std::move(response_headers), true, REDIRECT_RACE); } // Continue on with the filter stack. return Http::FilterHeadersStatus::Continue; } // If a bearer token is supplied as a header or param, we ingest it here and kick off the // user resolution immediately. Note this comes after HMAC validation, so technically this // header is sanitized in a way, as the validation check forces the correct Bearer Cookie value. access_token_ = extractAccessToken(headers); if (!access_token_.empty()) { found_bearer_token_ = true; request_headers_ = &headers; finishFlow(); return Http::FilterHeadersStatus::Continue; } // If no access token and this isn't the callback URI, redirect to acquire credentials. // // The following conditional could be replaced with a regex pattern-match, // if we're concerned about strict matching against the callback path. if (!config_->redirectPathMatcher().match(path_str)) { Http::ResponseHeaderMapPtr response_headers{Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::Found))}})}; // Construct the correct scheme. We default to https since this is a requirement for OAuth to // succeed. However, if a downstream client explicitly declares the "http" scheme for whatever // reason, we also use "http" when constructing our redirect uri to the authorization server. auto scheme = Http::Headers::get().SchemeValues.Https; const auto* scheme_header = headers.Scheme(); if ((scheme_header != nullptr && scheme_header->value().getStringView() == Http::Headers::get().SchemeValues.Http)) { scheme = Http::Headers::get().SchemeValues.Http; } const std::string base_path = absl::StrCat(scheme, "://", host_); const std::string state_path = absl::StrCat(base_path, headers.Path()->value().getStringView()); const std::string escaped_state = Http::Utility::PercentEncoding::encode(state_path, ":/=&?"); Formatter::FormatterImpl formatter(config_->redirectUri()); const auto redirect_uri = formatter.format(headers, *Http::ResponseHeaderMapImpl::create(), *Http::ResponseTrailerMapImpl::create(), decoder_callbacks_->streamInfo(), ""); const std::string escaped_redirect_uri = Http::Utility::PercentEncoding::encode(redirect_uri, ":/=&?"); const std::string new_url = fmt::format(AuthorizationEndpointFormat, config_->authorizationEndpoint(), config_->clientId(), escaped_redirect_uri, escaped_state); response_headers->setLocation(new_url); decoder_callbacks_->encodeHeaders(std::move(response_headers), true, REDIRECT_FOR_CREDENTIALS); config_->stats().oauth_unauthorized_rq_.inc(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } // At this point, we *are* on /_oauth. We believe this request comes from the authorization // server and we expect the query strings to contain the information required to get the access // token const auto query_parameters = Http::Utility::parseQueryString(path_str); if (query_parameters.find(queryParamsError()) != query_parameters.end()) { sendUnauthorizedResponse(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } // if the data we need is not present on the URL, stop execution if (query_parameters.find(queryParamsCode()) == query_parameters.end() || query_parameters.find(queryParamsState()) == query_parameters.end()) { sendUnauthorizedResponse(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } auth_code_ = query_parameters.at(queryParamsCode()); state_ = Http::Utility::PercentEncoding::decode(query_parameters.at(queryParamsState())); Http::Utility::Url state_url; if (!state_url.initialize(state_, false)) { sendUnauthorizedResponse(); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } Formatter::FormatterImpl formatter(config_->redirectUri()); const auto redirect_uri = formatter.format(headers, *Http::ResponseHeaderMapImpl::create(), *Http::ResponseTrailerMapImpl::create(), decoder_callbacks_->streamInfo(), ""); oauth_client_->asyncGetAccessToken(auth_code_, config_->clientId(), config_->clientSecret(), redirect_uri); // pause while we await the next step from the OAuth server return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } // Defines a sequence of checks determining whether we should initiate a new OAuth flow or skip to // the next filter in the chain. bool OAuth2Filter::canSkipOAuth(Http::RequestHeaderMap& headers) const { // We can skip OAuth if the supplied HMAC cookie is valid. Apply the OAuth details as headers // if we successfully validate the cookie. validator_->setParams(headers, config_->tokenSecret()); if (validator_->isValid()) { config_->stats().oauth_success_.inc(); setBearerToken(headers, validator_->token()); return true; } for (const auto& matcher : config_->passThroughMatchers()) { if (matcher.matchesHeaders(headers)) { return true; } } return false; } /** * Modifies the state of the filter by adding response headers to the decoder_callbacks */ Http::FilterHeadersStatus OAuth2Filter::signOutUser(const Http::RequestHeaderMap& headers) { Http::ResponseHeaderMapPtr response_headers{Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::Found))}})}; const std::string new_path = absl::StrCat(headers.ForwardedProto()->value().getStringView(), "://", host_, "/"); response_headers->addReference(Http::Headers::get().SetCookie, SignoutCookieValue); response_headers->addReference(Http::Headers::get().SetCookie, SignoutBearerTokenValue); response_headers->setLocation(new_path); decoder_callbacks_->encodeHeaders(std::move(response_headers), true, SIGN_OUT); return Http::FilterHeadersStatus::StopAllIterationAndBuffer; } void OAuth2Filter::onGetAccessTokenSuccess(const std::string& access_code, std::chrono::seconds expires_in) { access_token_ = access_code; const auto new_epoch = time_source_.systemTime() + expires_in; new_expires_ = std::to_string( std::chrono::duration_cast(new_epoch.time_since_epoch()).count()); finishFlow(); } void OAuth2Filter::finishFlow() { // We have fully completed the entire OAuth flow, whether through Authorization header or from // user redirection to the auth server. if (found_bearer_token_) { setBearerToken(*request_headers_, access_token_); config_->stats().oauth_success_.inc(); decoder_callbacks_->continueDecoding(); return; } std::string token_payload; if (config_->forwardBearerToken()) { token_payload = absl::StrCat(host_, new_expires_, access_token_); } else { token_payload = absl::StrCat(host_, new_expires_); } auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get(); auto token_secret = config_->tokenSecret(); std::vector token_secret_vec(token_secret.begin(), token_secret.end()); const std::string pre_encoded_token = Hex::encode(crypto_util.getSha256Hmac(token_secret_vec, token_payload)); std::string encoded_token; absl::Base64Escape(pre_encoded_token, &encoded_token); // We use HTTP Only cookies for the HMAC and Expiry. const std::string cookie_tail = fmt::format(CookieTailFormatString, new_expires_); const std::string cookie_tail_http_only = fmt::format(CookieTailHttpOnlyFormatString, new_expires_); // At this point we have all of the pieces needed to authorize a user that did not originally // have a bearer access token. Now, we construct a redirect request to return the user to their // previous state and additionally set the OAuth cookies in browser. // The redirection should result in successfully passing this filter. Http::ResponseHeaderMapPtr response_headers{Http::createHeaderMap( {{Http::Headers::get().Status, std::to_string(enumToInt(Http::Code::Found))}})}; response_headers->addReferenceKey( Http::Headers::get().SetCookie, absl::StrCat("OauthHMAC=", encoded_token, cookie_tail_http_only)); response_headers->addReferenceKey( Http::Headers::get().SetCookie, absl::StrCat("OauthExpires=", new_expires_, cookie_tail_http_only)); // If opted-in, we also create a new Bearer cookie for the authorization token provided by the // auth server. if (config_->forwardBearerToken()) { response_headers->addReferenceKey(Http::Headers::get().SetCookie, absl::StrCat("BearerToken=", access_token_, cookie_tail)); } response_headers->setLocation(state_); decoder_callbacks_->encodeHeaders(std::move(response_headers), true, REDIRECT_LOGGED_IN); config_->stats().oauth_success_.inc(); decoder_callbacks_->continueDecoding(); } void OAuth2Filter::sendUnauthorizedResponse() { config_->stats().oauth_failure_.inc(); decoder_callbacks_->sendLocalReply(Http::Code::Unauthorized, UnauthorizedBodyMessage, nullptr, absl::nullopt, EMPTY_STRING); } } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/filter.h ================================================ #pragma once #include #include #include #include "envoy/common/matchers.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.h" #include "envoy/http/header_map.h" #include "envoy/server/filter_config.h" #include "envoy/stats/stats_macros.h" #include "envoy/stream_info/stream_info.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/matchers.h" #include "common/config/datasource.h" #include "common/formatter/substitution_formatter.h" #include "common/http/header_map_impl.h" #include "common/http/header_utility.h" #include "common/http/rest_api_fetcher.h" #include "common/http/utility.h" #include "extensions/filters/http/common/pass_through_filter.h" #include "extensions/filters/http/oauth2/oauth.h" #include "extensions/filters/http/oauth2/oauth_client.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { class OAuth2Client; // Helper class used to fetch secrets (usually from SDS). class SecretReader { public: virtual ~SecretReader() = default; virtual const std::string& clientSecret() const PURE; virtual const std::string& tokenSecret() const PURE; }; class SDSSecretReader : public SecretReader { public: SDSSecretReader(Secret::GenericSecretConfigProviderSharedPtr client_secret_provider, Secret::GenericSecretConfigProviderSharedPtr token_secret_provider, Api::Api& api) : api_(api), client_secret_provider_(std::move(client_secret_provider)), token_secret_provider_(std::move(token_secret_provider)) { readAndWatchSecret(client_secret_, *client_secret_provider_); readAndWatchSecret(token_secret_, *token_secret_provider_); } const std::string& clientSecret() const override { return client_secret_; } const std::string& tokenSecret() const override { return token_secret_; } private: void readAndWatchSecret(std::string& value, Secret::GenericSecretConfigProvider& secret_provider) { const auto* secret = secret_provider.secret(); if (secret != nullptr) { value = Config::DataSource::read(secret->secret(), true, api_); } secret_provider.addUpdateCallback([&secret_provider, this, &value]() { const auto* secret = secret_provider.secret(); if (secret != nullptr) { value = Config::DataSource::read(secret->secret(), true, api_); } }); } std::string client_secret_; std::string token_secret_; Api::Api& api_; Secret::GenericSecretConfigProviderSharedPtr client_secret_provider_; Secret::GenericSecretConfigProviderSharedPtr token_secret_provider_; }; /** * All stats for the OAuth filter. @see stats_macros.h */ #define ALL_OAUTH_FILTER_STATS(COUNTER) \ COUNTER(oauth_unauthorized_rq) \ COUNTER(oauth_failure) \ COUNTER(oauth_success) /** * Wrapper struct filter stats. @see stats_macros.h */ struct FilterStats { ALL_OAUTH_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * This class encapsulates all data needed for the filter to operate so that we don't pass around * raw protobufs and other arbitrary data. */ class FilterConfig { public: FilterConfig(const envoy::extensions::filters::http::oauth2::v3alpha::OAuth2Config& proto_config, Upstream::ClusterManager& cluster_manager, std::shared_ptr secret_reader, Stats::Scope& scope, const std::string& stats_prefix); const std::string& clusterName() const { return oauth_token_endpoint_.cluster(); } const std::string& clientId() const { return client_id_; } bool forwardBearerToken() const { return forward_bearer_token_; } const std::vector& passThroughMatchers() const { return pass_through_header_matchers_; } const envoy::config::core::v3::HttpUri& oauthTokenEndpoint() const { return oauth_token_endpoint_; } const std::string& authorizationEndpoint() const { return authorization_endpoint_; } const std::string& redirectUri() const { return redirect_uri_; } const Matchers::PathMatcher& redirectPathMatcher() const { return redirect_matcher_; } const Matchers::PathMatcher& signoutPath() const { return signout_path_; } std::string clientSecret() const { return secret_reader_->clientSecret(); } std::string tokenSecret() const { return secret_reader_->tokenSecret(); } FilterStats& stats() { return stats_; } private: static FilterStats generateStats(const std::string& prefix, Stats::Scope& scope); const envoy::config::core::v3::HttpUri oauth_token_endpoint_; const std::string authorization_endpoint_; const std::string client_id_; const std::string redirect_uri_; const Matchers::PathMatcher redirect_matcher_; const Matchers::PathMatcher signout_path_; std::shared_ptr secret_reader_; FilterStats stats_; const bool forward_bearer_token_ : 1; const std::vector pass_through_header_matchers_; }; using FilterConfigSharedPtr = std::shared_ptr; /** * An OAuth cookie validator: * 1. extracts cookies from a request * 2. HMAC/encodes the values * 3. Compares the result to the cookie HMAC * 4. Checks that the `expires` value is valid relative to current time * * Required components: * - header map * - secret */ class CookieValidator { public: virtual ~CookieValidator() = default; virtual const std::string& token() const PURE; virtual void setParams(const Http::RequestHeaderMap& headers, const std::string& secret) PURE; virtual bool isValid() const PURE; }; class OAuth2CookieValidator : public CookieValidator { public: explicit OAuth2CookieValidator(TimeSource& time_source) : time_source_(time_source) {} const std::string& token() const override { return token_; } void setParams(const Http::RequestHeaderMap& headers, const std::string& secret) override; bool isValid() const override; bool hmacIsValid() const; bool timestampIsValid() const; private: std::string token_; std::string expires_; std::string hmac_; std::vector secret_; absl::string_view host_; TimeSource& time_source_; }; /** * The filter is the primary entry point for the OAuth workflow. Its responsibilities are to * receive incoming requests and decide at what state of the OAuth workflow they are in. Logic * beyond that is broken into component classes. */ class OAuth2Filter : public Http::PassThroughDecoderFilter, public FilterCallbacks { public: OAuth2Filter(FilterConfigSharedPtr config, std::unique_ptr&& oauth_client, TimeSource& time_source); // Http::PassThroughDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override; // FilterCallbacks void onGetAccessTokenSuccess(const std::string& access_code, std::chrono::seconds expires_in) override; // a catch-all function used for request failures. we don't retry, as a user can simply refresh // the page in the case of a network blip. void sendUnauthorizedResponse() override; void finishFlow(); private: friend class OAuth2Test; std::shared_ptr validator_; // wrap up some of these in a UserData struct or something... std::string auth_code_; std::string access_token_; // TODO - see if we can avoid this being a member variable std::string new_expires_; absl::string_view host_; std::string state_; bool found_bearer_token_{false}; Http::RequestHeaderMap* request_headers_{nullptr}; std::unique_ptr oauth_client_; FilterConfigSharedPtr config_; TimeSource& time_source_; // Determines whether or not the current request can skip the entire OAuth flow (HMAC is valid, // connection is mTLS, etc.) bool canSkipOAuth(Http::RequestHeaderMap& headers) const; Http::FilterHeadersStatus signOutUser(const Http::RequestHeaderMap& headers); const std::string& bearerPrefix() const; std::string extractAccessToken(const Http::RequestHeaderMap& headers) const; }; } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/oauth.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { /** * Callback interface to enable the OAuth client to trigger actions upon completion of an * asynchronous HTTP request/response. */ class FilterCallbacks { public: virtual ~FilterCallbacks() = default; virtual void onGetAccessTokenSuccess(const std::string& access_token, std::chrono::seconds expires_in) PURE; virtual void sendUnauthorizedResponse() PURE; }; } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/oauth_client.cc ================================================ #include "extensions/filters/http/oauth2/oauth_client.h" #include #include "envoy/http/async_client.h" #include "envoy/http/message.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "source/extensions/filters/http/oauth2/oauth_response.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { namespace { Http::RegisterCustomInlineHeader authorization_handle(Http::CustomHeaders::get().Authorization); constexpr const char* GetAccessTokenBodyFormatString = "grant_type=authorization_code&code={0}&client_id={1}&client_secret={2}&redirect_uri={3}"; } // namespace void OAuth2ClientImpl::asyncGetAccessToken(const std::string& auth_code, const std::string& client_id, const std::string& secret, const std::string& cb_url) { const auto encoded_client_id = Http::Utility::PercentEncoding::encode(client_id, ":/=&?"); const auto encoded_secret = Http::Utility::PercentEncoding::encode(secret, ":/=&?"); const auto encoded_cb_url = Http::Utility::PercentEncoding::encode(cb_url, ":/=&?"); Http::RequestMessagePtr request = createPostRequest(); const std::string body = fmt::format(GetAccessTokenBodyFormatString, auth_code, encoded_client_id, encoded_secret, encoded_cb_url); ENVOY_LOG(debug, "Dispatching OAuth request for access token."); dispatchRequest(std::move(request)); ASSERT(state_ == OAuthState::Idle); state_ = OAuthState::PendingAccessToken; } void OAuth2ClientImpl::dispatchRequest(Http::RequestMessagePtr&& msg) { in_flight_request_ = cm_.httpAsyncClientForCluster(uri_.cluster()) .send(std::move(msg), *this, Http::AsyncClient::RequestOptions().setTimeout( std::chrono::milliseconds(PROTOBUF_GET_MS_REQUIRED(uri_, timeout)))); } void OAuth2ClientImpl::onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& message) { in_flight_request_ = nullptr; ASSERT(state_ == OAuthState::PendingAccessToken); state_ = OAuthState::Idle; // Check that the auth cluster returned a happy response. const auto response_code = message->headers().Status()->value().getStringView(); if (response_code != "200") { ENVOY_LOG(debug, "Oauth response code: {}", response_code); parent_->sendUnauthorizedResponse(); return; } const std::string response_body = message->bodyAsString(); envoy::extensions::http_filters::oauth2::OAuthResponse response; try { MessageUtil::loadFromJson(response_body, response, ProtobufMessage::getNullValidationVisitor()); } catch (EnvoyException& e) { ENVOY_LOG(debug, "Error parsing response body, received exception: {}", e.what()); ENVOY_LOG(debug, "Response body: {}", response_body); parent_->sendUnauthorizedResponse(); return; } // TODO(snowp): Should this be a pgv validation instead? A more readable log // message might be good enough reason to do this manually? if (!response.has_access_token() || !response.has_expires_in()) { ENVOY_LOG(debug, "No access token or expiration after asyncGetAccessToken"); parent_->sendUnauthorizedResponse(); return; } const std::string access_token{PROTOBUF_GET_WRAPPED_REQUIRED(response, access_token)}; const std::chrono::seconds expires_in{PROTOBUF_GET_WRAPPED_REQUIRED(response, expires_in)}; parent_->onGetAccessTokenSuccess(access_token, expires_in); } void OAuth2ClientImpl::onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) { ENVOY_LOG(debug, "OAuth request failed."); in_flight_request_ = nullptr; parent_->sendUnauthorizedResponse(); } } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/oauth_client.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/http/async_client.h" #include "envoy/http/message.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "extensions/filters/http/oauth2/oauth.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Oauth2 { /** * An OAuth client abstracts away everything regarding how to communicate with * the OAuth server. The filter should only need to invoke the functions here, * and then wait in a `StopIteration` mode until a callback is triggered. */ class OAuth2Client : public Http::AsyncClient::Callbacks { public: virtual void asyncGetAccessToken(const std::string& auth_code, const std::string& client_id, const std::string& secret, const std::string& cb_url) PURE; virtual void setCallbacks(FilterCallbacks& callbacks) PURE; // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& m) override PURE; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason f) override PURE; }; class OAuth2ClientImpl : public OAuth2Client, Logger::Loggable { public: OAuth2ClientImpl(Upstream::ClusterManager& cm, const envoy::config::core::v3::HttpUri& uri) : cm_(cm), uri_(uri) {} ~OAuth2ClientImpl() override { if (in_flight_request_ != nullptr) { in_flight_request_->cancel(); } } // OAuth2Client /** * Request the access token from the OAuth server. Calls the `onSuccess` on `onFailure` callbacks. */ void asyncGetAccessToken(const std::string& auth_code, const std::string& client_id, const std::string& secret, const std::string& cb_url) override; void setCallbacks(FilterCallbacks& callbacks) override { parent_ = &callbacks; } // AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& m) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason f) override; void onBeforeFinalizeUpstreamSpan(Envoy::Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: friend class OAuth2ClientTest; FilterCallbacks* parent_{nullptr}; Upstream::ClusterManager& cm_; const envoy::config::core::v3::HttpUri uri_; // Tracks any outstanding in-flight requests, allowing us to cancel the request // if the filter ends before the request completes. Http::AsyncClient::Request* in_flight_request_{nullptr}; enum class OAuthState { Idle, PendingAccessToken }; // Due to the asynchronous nature of this functionality, it is helpful to have managed state which // is tracked here. OAuthState state_{OAuthState::Idle}; /** * Begins execution of an asynchronous request. * * @param request the HTTP request to be executed. */ void dispatchRequest(Http::RequestMessagePtr&& request); Http::RequestMessagePtr createPostRequest() { auto request = Http::Utility::prepareHeaders(uri_); request->headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); request->headers().setContentType(Http::Headers::get().ContentTypeValues.FormUrlEncoded); return request; } }; } // namespace Oauth2 } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/oauth2/oauth_response.proto ================================================ syntax = "proto3"; package envoy.extensions.http_filters.oauth2; import "google/protobuf/wrappers.proto"; message OAuthResponse { google.protobuf.StringValue access_token = 1; google.protobuf.UInt64Value expires_in = 2; } ================================================ FILE: source/extensions/filters/http/on_demand/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # On-demand RDS update HTTP filter envoy_extension_package() envoy_cc_library( name = "on_demand_update_lib", srcs = ["on_demand_update.cc"], hdrs = ["on_demand_update.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/http:filter_interface", "//include/envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) classify and clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/on_demand:on_demand_update_lib", "@envoy_api//envoy/config/filter/http/on_demand/v2:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/on_demand/config.cc ================================================ #include "extensions/filters/http/on_demand/config.h" #include "envoy/config/filter/http/on_demand/v2/on_demand.pb.validate.h" #include "extensions/filters/http/on_demand/on_demand_update.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OnDemand { Http::FilterFactoryCb OnDemandFilterFactory::createFilterFactoryFromProtoTyped( const envoy::config::filter::http::on_demand::v2::OnDemand&, const std::string&, Server::Configuration::FactoryContext&) { return [](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter( std::make_shared()); }; } /** * Static registration for the on-demand filter. @see RegisterFactory. */ REGISTER_FACTORY(OnDemandFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace OnDemand } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/on_demand/config.h ================================================ #pragma once #include "envoy/config/filter/http/on_demand/v2/on_demand.pb.h" #include "envoy/config/filter/http/on_demand/v2/on_demand.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OnDemand { /** * Config registration for the OnDemand filter. @see NamedHttpFilterConfigFactory. */ class OnDemandFilterFactory : public Common::FactoryBase { public: OnDemandFilterFactory() : FactoryBase(HttpFilterNames::get().OnDemand) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::config::filter::http::on_demand::v2::OnDemand& proto_config, const std::string&, Server::Configuration::FactoryContext& context) override; }; } // namespace OnDemand } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/on_demand/on_demand_update.cc ================================================ #include "extensions/filters/http/on_demand/on_demand_update.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/http/codes.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OnDemand { Http::FilterHeadersStatus OnDemandRouteUpdate::decodeHeaders(Http::RequestHeaderMap&, bool) { if (callbacks_->route() != nullptr) { filter_iteration_state_ = Http::FilterHeadersStatus::Continue; return filter_iteration_state_; } // decodeHeaders() is interrupted. decode_headers_active_ = true; route_config_updated_callback_ = std::make_shared(Http::RouteConfigUpdatedCallback( [this](bool route_exists) -> void { onRouteConfigUpdateCompletion(route_exists); })); filter_iteration_state_ = Http::FilterHeadersStatus::StopIteration; callbacks_->requestRouteConfigUpdate(route_config_updated_callback_); // decodeHeaders() is completed. decode_headers_active_ = false; return filter_iteration_state_; } Http::FilterDataStatus OnDemandRouteUpdate::decodeData(Buffer::Instance&, bool) { return filter_iteration_state_ == Http::FilterHeadersStatus::StopIteration ? Http::FilterDataStatus::StopIterationAndWatermark : Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus OnDemandRouteUpdate::decodeTrailers(Http::RequestTrailerMap&) { return Http::FilterTrailersStatus::Continue; } void OnDemandRouteUpdate::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } // A weak_ptr copy of the route_config_updated_callback_ is kept by RdsRouteConfigProviderImpl // in config_update_callbacks_. By resetting the pointer in onDestroy() callback we ensure // that this filter/filter-chain will not be resumed if the corresponding has been closed void OnDemandRouteUpdate::onDestroy() { route_config_updated_callback_.reset(); } // This is the callback which is called when an update requested in requestRouteConfigUpdate() // has been propagated to workers, at which point the request processing is restarted from the // beginning. void OnDemandRouteUpdate::onRouteConfigUpdateCompletion(bool route_exists) { filter_iteration_state_ = Http::FilterHeadersStatus::Continue; // Don't call continueDecoding in the middle of decodeHeaders() if (decode_headers_active_) { return; } if (route_exists && // route can be resolved after an on-demand // VHDS update !callbacks_->decodingBuffer() && // Redirects with body not yet supported. callbacks_->recreateStream()) { return; } // route cannot be resolved after an on-demand VHDS update or // recreating stream failed, continue the filter-chain callbacks_->continueDecoding(); } } // namespace OnDemand } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/on_demand/on_demand_update.h ================================================ #pragma once #include "envoy/http/filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OnDemand { class OnDemandRouteUpdate : public Http::StreamDecoderFilter { public: OnDemandRouteUpdate() = default; void onRouteConfigUpdateCompletion(bool route_exists); void setFilterIterationState(Envoy::Http::FilterHeadersStatus status) { filter_iteration_state_ = status; } // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; void onDestroy() override; private: Http::StreamDecoderFilterCallbacks* callbacks_{}; Http::RouteConfigUpdatedCallbackSharedPtr route_config_updated_callback_; Envoy::Http::FilterHeadersStatus filter_iteration_state_{Http::FilterHeadersStatus::Continue}; bool decode_headers_active_{false}; }; } // namespace OnDemand } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # A filter for mirroring the downstream remote address on the upstream's source. envoy_extension_package() envoy_cc_library( name = "config_lib", srcs = ["config.cc"], hdrs = ["config.h"], deps = ["@envoy_api//envoy/extensions/filters/http/original_src/v3:pkg_cc_proto"], ) envoy_cc_library( name = "original_src_lib", srcs = ["original_src.cc"], hdrs = ["original_src.h"], deps = [ ":config_lib", "//include/envoy/http:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/original_src:socket_option_factory_lib", ], ) envoy_cc_extension( name = "config", # The extension build system requires a library named config srcs = ["original_src_config_factory.cc"], hdrs = ["original_src_config_factory.h"], security_posture = "robust_to_untrusted_downstream", status = "alpha", deps = [ ":config_lib", ":original_src_lib", "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/original_src/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/original_src/config.cc ================================================ #include "extensions/filters/http/original_src/config.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { Config::Config(const envoy::extensions::filters::http::original_src::v3::OriginalSrc& config) : mark_(config.mark()) {} } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { class Config { public: Config() = default; explicit Config(const envoy::extensions::filters::http::original_src::v3::OriginalSrc& config); uint32_t mark() const { return mark_; } private: uint32_t mark_ = 0; }; } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/original_src.cc ================================================ #include "extensions/filters/http/original_src/original_src.h" #include "common/common/assert.h" #include "extensions/filters/common/original_src/socket_option_factory.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { OriginalSrcFilter::OriginalSrcFilter(const Config& config) : config_(config) {} void OriginalSrcFilter::onDestroy() {} Http::FilterHeadersStatus OriginalSrcFilter::decodeHeaders(Http::RequestHeaderMap&, bool) { const auto downstream_address = callbacks_->streamInfo().downstreamRemoteAddress(); ASSERT(downstream_address); if (downstream_address->type() != Network::Address::Type::Ip) { // Nothing we can do with this. return Http::FilterHeadersStatus::Continue; } ENVOY_LOG(debug, "Got a new connection in the original_src filter for address {}. Marking with {}", downstream_address->asString(), config_.mark()); const auto options_to_add = Filters::Common::OriginalSrc::buildOriginalSrcOptions( std::move(downstream_address), config_.mark()); callbacks_->addUpstreamSocketOptions(options_to_add); return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus OriginalSrcFilter::decodeData(Buffer::Instance&, bool) { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus OriginalSrcFilter::decodeTrailers(Http::RequestTrailerMap&) { return Http::FilterTrailersStatus::Continue; } void OriginalSrcFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/original_src.h ================================================ #pragma once #include "envoy/http/filter.h" #include "envoy/network/address.h" #include "common/common/logger.h" #include "extensions/filters/http/original_src/config.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { /** * Implements the Original Src http filter. This filter places the downstream source address of the * request, as determined by the stream's `downstreamRemoteAddress()`, into an option which will be * used to partition upstream connections. This does not support non-ip (e.g. AF_UNIX) connections; * they will use the same address they would have had this filter not been installed. */ class OriginalSrcFilter : public Http::StreamDecoderFilter, Logger::Loggable { public: explicit OriginalSrcFilter(const Config& config); // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; private: Config config_; Http::StreamDecoderFilterCallbacks* callbacks_{}; }; } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/original_src_config_factory.cc ================================================ #include "extensions/filters/http/original_src/original_src_config_factory.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/original_src/config.h" #include "extensions/filters/http/original_src/original_src.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { Http::FilterFactoryCb OriginalSrcConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::original_src::v3::OriginalSrc& proto_config, const std::string&, Server::Configuration::FactoryContext&) { Config config(proto_config); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(config)); }; } /** * Static registration for the original_src filter. @see RegisterFactory. */ REGISTER_FACTORY(OriginalSrcConfigFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/original_src/original_src_config_factory.h ================================================ #pragma once #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace OriginalSrc { /** * Config registration for the original_src filter. */ class OriginalSrcConfigFactory : public Common::FactoryBase { public: OriginalSrcConfigFactory() : FactoryBase(HttpFilterNames::get().OriginalSrc) {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::original_src::v3::OriginalSrc& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace OriginalSrc } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Ratelimit L7 HTTP filter # Public docs: docs/root/configuration/http_filters/rate_limit_filter.rst envoy_extension_package() envoy_cc_library( name = "ratelimit_lib", srcs = ["ratelimit.cc"], hdrs = ["ratelimit.h"], deps = [ ":ratelimit_headers_lib", "//include/envoy/http:codes_interface", "//include/envoy/ratelimit:ratelimit_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/router:config_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:stat_names_lib", "@envoy_api//envoy/extensions/filters/http/ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ratelimit_headers_lib", srcs = ["ratelimit_headers.cc"], hdrs = ["ratelimit_headers.h"], deps = [ "//source/common/http:header_map_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":ratelimit_lib", "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/ratelimit/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/ratelimit/config.cc ================================================ #include "extensions/filters/http/ratelimit/config.h" #include #include #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/common/ratelimit/ratelimit_impl.h" #include "extensions/filters/http/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { Http::FilterFactoryCb RateLimitFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ratelimit::v3::RateLimit& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.domain().empty()); FilterConfigSharedPtr filter_config(new FilterConfig(proto_config, context.localInfo(), context.scope(), context.runtime(), context.httpContext())); const std::chrono::milliseconds timeout = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(proto_config, timeout, 20)); return [proto_config, &context, timeout, filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamFilter(std::make_shared( filter_config, Filters::Common::RateLimit::rateLimitClient( context, proto_config.rate_limit_service().grpc_service(), timeout, proto_config.rate_limit_service().transport_api_version()))); }; } Router::RouteSpecificFilterConfigConstSharedPtr RateLimitFilterConfig::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config); } /** * Static registration for the rate limit filter. @see RegisterFactory. */ REGISTER_FACTORY(RateLimitFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.rate_limit"}; } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.validate.h" #include "extensions/filters/common/ratelimit/ratelimit.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { /** * Config registration for the rate limit filter. @see NamedHttpFilterConfigFactory. */ class RateLimitFilterConfig : public Common::FactoryBase< envoy::extensions::filters::http::ratelimit::v3::RateLimit, envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute> { public: RateLimitFilterConfig() : FactoryBase(HttpFilterNames::get().RateLimit) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::ratelimit::v3::RateLimit& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/ratelimit.cc ================================================ #include "extensions/filters/http/ratelimit/ratelimit.h" #include #include #include "envoy/http/codes.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/http/codes.h" #include "common/http/header_utility.h" #include "common/router/config_impl.h" #include "extensions/filters/http/ratelimit/ratelimit_headers.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { struct RcDetailsValues { // This request went above the configured limits for the rate limit filter. const std::string RateLimited = "request_rate_limited"; // The rate limiter encountered a failure, and was configured to fail-closed. const std::string RateLimitError = "rate_limiter_error"; }; using RcDetails = ConstSingleton; void Filter::initiateCall(const Http::RequestHeaderMap& headers) { const bool is_internal_request = Http::HeaderUtility::isEnvoyInternalRequest(headers); if ((is_internal_request && config_->requestType() == FilterRequestType::External) || (!is_internal_request && config_->requestType() == FilterRequestType::Internal)) { return; } Router::RouteConstSharedPtr route = callbacks_->route(); if (!route || !route->routeEntry()) { return; } cluster_ = callbacks_->clusterInfo(); if (!cluster_) { return; } std::vector descriptors; const Router::RouteEntry* route_entry = route->routeEntry(); // Get all applicable rate limit policy entries for the route. populateRateLimitDescriptors(route_entry->rateLimitPolicy(), descriptors, route_entry, headers); VhRateLimitOptions vh_rate_limit_option = getVirtualHostRateLimitOption(route); switch (vh_rate_limit_option) { case VhRateLimitOptions::Ignore: break; case VhRateLimitOptions::Include: populateRateLimitDescriptors(route_entry->virtualHost().rateLimitPolicy(), descriptors, route_entry, headers); break; case VhRateLimitOptions::Override: if (route_entry->rateLimitPolicy().empty()) { populateRateLimitDescriptors(route_entry->virtualHost().rateLimitPolicy(), descriptors, route_entry, headers); } break; default: NOT_REACHED_GCOVR_EXCL_LINE; } if (!descriptors.empty()) { state_ = State::Calling; initiating_call_ = true; client_->limit(*this, config_->domain(), descriptors, callbacks_->activeSpan()); initiating_call_ = false; } } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { if (!config_->runtime().snapshot().featureEnabled("ratelimit.http_filter_enabled", 100)) { return Http::FilterHeadersStatus::Continue; } request_headers_ = &headers; initiateCall(headers); return (state_ == State::Calling || state_ == State::Responded) ? Http::FilterHeadersStatus::StopIteration : Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::decodeData(Buffer::Instance&, bool) { ASSERT(state_ != State::Responded); if (state_ != State::Calling) { return Http::FilterDataStatus::Continue; } // If the request is too large, stop reading new data until the buffer drains. return Http::FilterDataStatus::StopIterationAndWatermark; } Http::FilterTrailersStatus Filter::decodeTrailers(Http::RequestTrailerMap&) { ASSERT(state_ != State::Responded); return state_ == State::Calling ? Http::FilterTrailersStatus::StopIteration : Http::FilterTrailersStatus::Continue; } void Filter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } Http::FilterHeadersStatus Filter::encode100ContinueHeaders(Http::ResponseHeaderMap&) { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus Filter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { populateResponseHeaders(headers); return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::encodeData(Buffer::Instance&, bool) { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus Filter::encodeTrailers(Http::ResponseTrailerMap&) { return Http::FilterTrailersStatus::Continue; } Http::FilterMetadataStatus Filter::encodeMetadata(Http::MetadataMap&) { return Http::FilterMetadataStatus::Continue; } void Filter::setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks&) {} void Filter::onDestroy() { if (state_ == State::Calling) { state_ = State::Complete; client_->cancel(); } } void Filter::complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) { state_ = State::Complete; response_headers_to_add_ = std::move(response_headers_to_add); Http::HeaderMapPtr req_headers_to_add = std::move(request_headers_to_add); Stats::StatName empty_stat_name; Filters::Common::RateLimit::StatNames& stat_names = config_->statNames(); switch (status) { case Filters::Common::RateLimit::LimitStatus::OK: cluster_->statsScope().counterFromStatName(stat_names.ok_).inc(); break; case Filters::Common::RateLimit::LimitStatus::Error: cluster_->statsScope().counterFromStatName(stat_names.error_).inc(); break; case Filters::Common::RateLimit::LimitStatus::OverLimit: cluster_->statsScope().counterFromStatName(stat_names.over_limit_).inc(); Http::CodeStats::ResponseStatInfo info{config_->scope(), cluster_->statsScope(), empty_stat_name, enumToInt(Http::Code::TooManyRequests), true, empty_stat_name, empty_stat_name, empty_stat_name, empty_stat_name, false}; httpContext().codeStats().chargeResponseStat(info); if (response_headers_to_add_ == nullptr) { response_headers_to_add_ = Http::ResponseHeaderMapImpl::create(); } response_headers_to_add_->setReferenceEnvoyRateLimited( Http::Headers::get().EnvoyRateLimitedValues.True); break; } if (config_->enableXRateLimitHeaders()) { Http::ResponseHeaderMapPtr rate_limit_headers = XRateLimitHeaderUtils::create(std::move(descriptor_statuses)); if (response_headers_to_add_ == nullptr) { response_headers_to_add_ = Http::ResponseHeaderMapImpl::create(); } Http::HeaderUtility::addHeaders(*response_headers_to_add_, *rate_limit_headers); } else { descriptor_statuses = nullptr; } if (status == Filters::Common::RateLimit::LimitStatus::OverLimit && config_->runtime().snapshot().featureEnabled("ratelimit.http_filter_enforcing", 100)) { state_ = State::Responded; callbacks_->sendLocalReply( Http::Code::TooManyRequests, "", [this](Http::HeaderMap& headers) { populateResponseHeaders(headers); }, config_->rateLimitedGrpcStatus(), RcDetails::get().RateLimited); callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::RateLimited); } else if (status == Filters::Common::RateLimit::LimitStatus::Error) { if (config_->failureModeAllow()) { cluster_->statsScope().counterFromStatName(stat_names.failure_mode_allowed_).inc(); if (!initiating_call_) { appendRequestHeaders(req_headers_to_add); callbacks_->continueDecoding(); } } else { state_ = State::Responded; callbacks_->sendLocalReply(Http::Code::InternalServerError, "", nullptr, absl::nullopt, RcDetails::get().RateLimitError); callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::RateLimitServiceError); } } else if (!initiating_call_) { appendRequestHeaders(req_headers_to_add); callbacks_->continueDecoding(); } } void Filter::populateRateLimitDescriptors(const Router::RateLimitPolicy& rate_limit_policy, std::vector& descriptors, const Router::RouteEntry* route_entry, const Http::HeaderMap& headers) const { for (const Router::RateLimitPolicyEntry& rate_limit : rate_limit_policy.getApplicableRateLimit(config_->stage())) { const std::string& disable_key = rate_limit.disableKey(); if (!disable_key.empty() && !config_->runtime().snapshot().featureEnabled( fmt::format("ratelimit.{}.http_filter_enabled", disable_key), 100)) { continue; } rate_limit.populateDescriptors(*route_entry, descriptors, config_->localInfo().clusterName(), headers, *callbacks_->streamInfo().downstreamRemoteAddress(), &callbacks_->streamInfo().dynamicMetadata()); } } void Filter::populateResponseHeaders(Http::HeaderMap& response_headers) { if (response_headers_to_add_) { Http::HeaderUtility::addHeaders(response_headers, *response_headers_to_add_); response_headers_to_add_ = nullptr; } } void Filter::appendRequestHeaders(Http::HeaderMapPtr& request_headers_to_add) { if (request_headers_to_add && request_headers_) { Http::HeaderUtility::addHeaders(*request_headers_, *request_headers_to_add); request_headers_to_add = nullptr; } } VhRateLimitOptions Filter::getVirtualHostRateLimitOption(const Router::RouteConstSharedPtr& route) { if (route->routeEntry()->includeVirtualHostRateLimits()) { vh_rate_limits_ = VhRateLimitOptions::Include; } else { const auto* specific_per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( HttpFilterNames::get().RateLimit, route); if (specific_per_route_config != nullptr) { switch (specific_per_route_config->virtualHostRateLimits()) { case envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::INCLUDE: vh_rate_limits_ = VhRateLimitOptions::Include; break; case envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::IGNORE: vh_rate_limits_ = VhRateLimitOptions::Ignore; break; case envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::OVERRIDE: default: vh_rate_limits_ = VhRateLimitOptions::Override; } } else { vh_rate_limits_ = VhRateLimitOptions::Override; } } return vh_rate_limits_; } } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" #include "envoy/http/context.h" #include "envoy/http/filter.h" #include "envoy/local_info/local_info.h" #include "envoy/ratelimit/ratelimit.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/http/header_map_impl.h" #include "extensions/filters/common/ratelimit/ratelimit.h" #include "extensions/filters/common/ratelimit/stat_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { /** * Type of requests the filter should apply to. */ enum class FilterRequestType { Internal, External, Both }; /** * Type of virtual host rate limit options */ enum class VhRateLimitOptions { Override, Include, Ignore }; /** * Global configuration for the HTTP rate limit filter. */ class FilterConfig { public: FilterConfig(const envoy::extensions::filters::http::ratelimit::v3::RateLimit& config, const LocalInfo::LocalInfo& local_info, Stats::Scope& scope, Runtime::Loader& runtime, Http::Context& http_context) : domain_(config.domain()), stage_(static_cast(config.stage())), request_type_(config.request_type().empty() ? stringToType("both") : stringToType(config.request_type())), local_info_(local_info), scope_(scope), runtime_(runtime), failure_mode_deny_(config.failure_mode_deny()), enable_x_ratelimit_headers_( config.enable_x_ratelimit_headers() == envoy::extensions::filters::http::ratelimit::v3::RateLimit::DRAFT_VERSION_03), rate_limited_grpc_status_( config.rate_limited_as_resource_exhausted() ? absl::make_optional(Grpc::Status::WellKnownGrpcStatus::ResourceExhausted) : absl::nullopt), http_context_(http_context), stat_names_(scope.symbolTable()) {} const std::string& domain() const { return domain_; } const LocalInfo::LocalInfo& localInfo() const { return local_info_; } uint64_t stage() const { return stage_; } Runtime::Loader& runtime() { return runtime_; } Stats::Scope& scope() { return scope_; } FilterRequestType requestType() const { return request_type_; } bool failureModeAllow() const { return !failure_mode_deny_; } bool enableXRateLimitHeaders() const { return enable_x_ratelimit_headers_; } const absl::optional rateLimitedGrpcStatus() const { return rate_limited_grpc_status_; } Http::Context& httpContext() { return http_context_; } Filters::Common::RateLimit::StatNames& statNames() { return stat_names_; } private: static FilterRequestType stringToType(const std::string& request_type) { if (request_type == "internal") { return FilterRequestType::Internal; } else if (request_type == "external") { return FilterRequestType::External; } else { ASSERT(request_type == "both"); return FilterRequestType::Both; } } const std::string domain_; const uint64_t stage_; const FilterRequestType request_type_; const LocalInfo::LocalInfo& local_info_; Stats::Scope& scope_; Runtime::Loader& runtime_; const bool failure_mode_deny_; const bool enable_x_ratelimit_headers_; const absl::optional rate_limited_grpc_status_; Http::Context& http_context_; Filters::Common::RateLimit::StatNames stat_names_; }; using FilterConfigSharedPtr = std::shared_ptr; class FilterConfigPerRoute : public Router::RouteSpecificFilterConfig { public: FilterConfigPerRoute( const envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute& config) : vh_rate_limits_(config.vh_rate_limits()) {} envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::VhRateLimitsOptions virtualHostRateLimits() const { return vh_rate_limits_; } private: const envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::VhRateLimitsOptions vh_rate_limits_; }; /** * HTTP rate limit filter. Depending on the route configuration, this filter calls the global * rate limiting service before allowing further filter iteration. */ class Filter : public Http::StreamFilter, public Filters::Common::RateLimit::RequestCallbacks { public: Filter(FilterConfigSharedPtr config, Filters::Common::RateLimit::ClientPtr&& client) : config_(config), client_(std::move(client)) {} // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap& headers) override; Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override; void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override; // RateLimit::RequestCallbacks void complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) override; private: void initiateCall(const Http::RequestHeaderMap& headers); void populateRateLimitDescriptors(const Router::RateLimitPolicy& rate_limit_policy, std::vector& descriptors, const Router::RouteEntry* route_entry, const Http::HeaderMap& headers) const; void populateResponseHeaders(Http::HeaderMap& response_headers); void appendRequestHeaders(Http::HeaderMapPtr& request_headers_to_add); VhRateLimitOptions getVirtualHostRateLimitOption(const Router::RouteConstSharedPtr& route); Http::Context& httpContext() { return config_->httpContext(); } enum class State { NotStarted, Calling, Complete, Responded }; FilterConfigSharedPtr config_; Filters::Common::RateLimit::ClientPtr client_; Http::StreamDecoderFilterCallbacks* callbacks_{}; State state_{State::NotStarted}; VhRateLimitOptions vh_rate_limits_; Upstream::ClusterInfoConstSharedPtr cluster_; bool initiating_call_{}; Http::ResponseHeaderMapPtr response_headers_to_add_; Http::RequestHeaderMap* request_headers_{}; }; } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/ratelimit_headers.cc ================================================ #include "extensions/filters/http/ratelimit/ratelimit_headers.h" #include "common/http/header_map_impl.h" #include "absl/strings/substitute.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { Http::ResponseHeaderMapPtr XRateLimitHeaderUtils::create( Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses) { Http::ResponseHeaderMapPtr result = Http::ResponseHeaderMapImpl::create(); if (!descriptor_statuses || descriptor_statuses->empty()) { descriptor_statuses = nullptr; return result; } absl::optional min_remaining_limit_status; std::string quota_policy; for (auto&& status : *descriptor_statuses) { if (!status.has_current_limit()) { continue; } if (!min_remaining_limit_status || status.limit_remaining() < min_remaining_limit_status.value().limit_remaining()) { min_remaining_limit_status.emplace(status); } const uint32_t window = convertRateLimitUnit(status.current_limit().unit()); // Constructing the quota-policy per RFC // https://tools.ietf.org/id/draft-polli-ratelimit-headers-02.html#name-ratelimit-limit // Example of the result: `, 10;w=1;name="per-ip", 1000;w=3600` if (window) { // For each descriptor status append `;w=` absl::SubstituteAndAppend("a_policy, ", $0;$1=$2", status.current_limit().requests_per_unit(), XRateLimitHeaders::get().QuotaPolicyKeys.Window, window); if (!status.current_limit().name().empty()) { // If the descriptor has a name, append `;name=""` absl::SubstituteAndAppend("a_policy, ";$0=\"$1\"", XRateLimitHeaders::get().QuotaPolicyKeys.Name, status.current_limit().name()); } } } if (min_remaining_limit_status) { const std::string rate_limit_limit = absl::StrCat( min_remaining_limit_status.value().current_limit().requests_per_unit(), quota_policy); result->addReferenceKey(XRateLimitHeaders::get().XRateLimitLimit, rate_limit_limit); result->addReferenceKey(XRateLimitHeaders::get().XRateLimitRemaining, min_remaining_limit_status.value().limit_remaining()); result->addReferenceKey(XRateLimitHeaders::get().XRateLimitReset, min_remaining_limit_status.value().duration_until_reset().seconds()); } descriptor_statuses = nullptr; return result; } uint32_t XRateLimitHeaderUtils::convertRateLimitUnit( const envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::Unit unit) { switch (unit) { case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::SECOND: return 1; case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::MINUTE: return 60; case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::HOUR: return 60 * 60; case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::DAY: return 24 * 60 * 60; case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::UNKNOWN: default: return 0; } } } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/ratelimit/ratelimit_headers.h ================================================ #pragma once #include "envoy/http/header_map.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RateLimitFilter { class XRateLimitHeaderValues { public: const Http::LowerCaseString XRateLimitLimit{"x-ratelimit-limit"}; const Http::LowerCaseString XRateLimitRemaining{"x-ratelimit-remaining"}; const Http::LowerCaseString XRateLimitReset{"x-ratelimit-reset"}; struct { const std::string Window{"w"}; const std::string Name{"name"}; } QuotaPolicyKeys; }; using XRateLimitHeaders = ConstSingleton; class XRateLimitHeaderUtils { public: static Http::ResponseHeaderMapPtr create(Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses); private: static uint32_t convertRateLimitUnit(envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::Unit unit); }; } // namespace RateLimitFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/rbac/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/rbac:rbac_filter_lib", "@envoy_api//envoy/extensions/filters/http/rbac/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "rbac_filter_lib", srcs = ["rbac_filter.cc"], hdrs = ["rbac_filter.h"], deps = [ "//include/envoy/http:filter_interface", "//include/envoy/stats:stats_macros", "//source/common/http:utility_lib", "//source/extensions/filters/common/rbac:engine_lib", "//source/extensions/filters/common/rbac:utility_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/rbac/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/rbac/config.cc ================================================ #include "extensions/filters/http/rbac/config.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/rbac/rbac_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RBACFilter { Http::FilterFactoryCb RoleBasedAccessControlFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::rbac::v3::RBAC& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { auto config = std::make_shared(proto_config, stats_prefix, context.scope()); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(config)); }; } Router::RouteSpecificFilterConfigConstSharedPtr RoleBasedAccessControlFilterConfigFactory::createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::rbac::v3::RBACPerRoute& proto_config, Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) { return std::make_shared(proto_config); } /** * Static registration for the RBAC filter. @see RegisterFactory */ REGISTER_FACTORY(RoleBasedAccessControlFilterConfigFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace RBACFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/rbac/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RBACFilter { /** * Config registration for the RBAC filter. @see NamedHttpFilterConfigFactory. */ class RoleBasedAccessControlFilterConfigFactory : public Common::FactoryBase { public: RoleBasedAccessControlFilterConfigFactory() : FactoryBase(HttpFilterNames::get().Rbac) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::rbac::v3::RBAC& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( const envoy::extensions::filters::http::rbac::v3::RBACPerRoute& proto_config, Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor& validator) override; }; } // namespace RBACFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/rbac/rbac_filter.cc ================================================ #include "extensions/filters/http/rbac/rbac_filter.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/stats/scope.h" #include "common/http/utility.h" #include "extensions/filters/http/well_known_names.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RBACFilter { RoleBasedAccessControlFilterConfig::RoleBasedAccessControlFilterConfig( const envoy::extensions::filters::http::rbac::v3::RBAC& proto_config, const std::string& stats_prefix, Stats::Scope& scope) : stats_(Filters::Common::RBAC::generateStats(stats_prefix, scope)), engine_(Filters::Common::RBAC::createEngine(proto_config)), shadow_engine_(Filters::Common::RBAC::createShadowEngine(proto_config)) {} const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* RoleBasedAccessControlFilterConfig::engine(const Router::RouteConstSharedPtr route, Filters::Common::RBAC::EnforcementMode mode) const { if (!route || !route->routeEntry()) { return engine(mode); } const std::string& name = HttpFilterNames::get().Rbac; const auto* entry = route->routeEntry(); const auto* route_local = entry->mostSpecificPerFilterConfigTyped( name); if (route_local) { return route_local->engine(mode); } return engine(mode); } RoleBasedAccessControlRouteSpecificFilterConfig::RoleBasedAccessControlRouteSpecificFilterConfig( const envoy::extensions::filters::http::rbac::v3::RBACPerRoute& per_route_config) : engine_(Filters::Common::RBAC::createEngine(per_route_config.rbac())), shadow_engine_(Filters::Common::RBAC::createShadowEngine(per_route_config.rbac())) {} Http::FilterHeadersStatus RoleBasedAccessControlFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { ENVOY_LOG( debug, "checking request: requestedServerName: {}, sourceIP: {}, directRemoteIP: {}, remoteIP: {}," "localAddress: {}, ssl: {}, headers: {}, dynamicMetadata: {}", callbacks_->connection()->requestedServerName(), callbacks_->connection()->remoteAddress()->asString(), callbacks_->streamInfo().downstreamDirectRemoteAddress()->asString(), callbacks_->streamInfo().downstreamRemoteAddress()->asString(), callbacks_->streamInfo().downstreamLocalAddress()->asString(), callbacks_->connection()->ssl() ? "uriSanPeerCertificate: " + absl::StrJoin(callbacks_->connection()->ssl()->uriSanPeerCertificate(), ",") + ", dnsSanPeerCertificate: " + absl::StrJoin(callbacks_->connection()->ssl()->dnsSansPeerCertificate(), ",") + ", subjectPeerCertificate: " + callbacks_->connection()->ssl()->subjectPeerCertificate() : "none", headers, callbacks_->streamInfo().dynamicMetadata().DebugString()); std::string effective_policy_id; const auto shadow_engine = config_->engine(callbacks_->route(), Filters::Common::RBAC::EnforcementMode::Shadow); if (shadow_engine != nullptr) { std::string shadow_resp_code = Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().EngineResultAllowed; if (shadow_engine->handleAction(*callbacks_->connection(), headers, callbacks_->streamInfo(), &effective_policy_id)) { ENVOY_LOG(debug, "shadow allowed, matched policy {}", effective_policy_id.empty() ? "none" : effective_policy_id); config_->stats().shadow_allowed_.inc(); } else { ENVOY_LOG(debug, "shadow denied, matched policy {}", effective_policy_id.empty() ? "none" : effective_policy_id); config_->stats().shadow_denied_.inc(); shadow_resp_code = Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().EngineResultDenied; } ProtobufWkt::Struct metrics; auto& fields = *metrics.mutable_fields(); if (!effective_policy_id.empty()) { *fields[Filters::Common::RBAC::DynamicMetadataKeysSingleton::get() .ShadowEffectivePolicyIdField] .mutable_string_value() = effective_policy_id; } *fields[Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().ShadowEngineResultField] .mutable_string_value() = shadow_resp_code; callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().Rbac, metrics); } const auto engine = config_->engine(callbacks_->route(), Filters::Common::RBAC::EnforcementMode::Enforced); if (engine != nullptr) { std::string effective_policy_id; bool allowed = engine->handleAction(*callbacks_->connection(), headers, callbacks_->streamInfo(), &effective_policy_id); const std::string log_policy_id = effective_policy_id.empty() ? "none" : effective_policy_id; if (allowed) { ENVOY_LOG(debug, "enforced allowed, matched policy {}", log_policy_id); config_->stats().allowed_.inc(); return Http::FilterHeadersStatus::Continue; } else { ENVOY_LOG(debug, "enforced denied, matched policy {}", log_policy_id); callbacks_->sendLocalReply(Http::Code::Forbidden, "RBAC: access denied", nullptr, absl::nullopt, Filters::Common::RBAC::responseDetail(log_policy_id)); config_->stats().denied_.inc(); return Http::FilterHeadersStatus::StopIteration; } } ENVOY_LOG(debug, "no engine, allowed by default"); return Http::FilterHeadersStatus::Continue; } } // namespace RBACFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/rbac/rbac_filter.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/filters/common/rbac/engine_impl.h" #include "extensions/filters/common/rbac/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RBACFilter { class RoleBasedAccessControlRouteSpecificFilterConfig : public Router::RouteSpecificFilterConfig { public: RoleBasedAccessControlRouteSpecificFilterConfig( const envoy::extensions::filters::http::rbac::v3::RBACPerRoute& per_route_config); const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* engine(Filters::Common::RBAC::EnforcementMode mode) const { return mode == Filters::Common::RBAC::EnforcementMode::Enforced ? engine_.get() : shadow_engine_.get(); } private: std::unique_ptr engine_; std::unique_ptr shadow_engine_; }; /** * Configuration for the RBAC filter. */ class RoleBasedAccessControlFilterConfig { public: RoleBasedAccessControlFilterConfig( const envoy::extensions::filters::http::rbac::v3::RBAC& proto_config, const std::string& stats_prefix, Stats::Scope& scope); Filters::Common::RBAC::RoleBasedAccessControlFilterStats& stats() { return stats_; } const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* engine(const Router::RouteConstSharedPtr route, Filters::Common::RBAC::EnforcementMode mode) const; private: const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* engine(Filters::Common::RBAC::EnforcementMode mode) const { return mode == Filters::Common::RBAC::EnforcementMode::Enforced ? engine_.get() : shadow_engine_.get(); } Filters::Common::RBAC::RoleBasedAccessControlFilterStats stats_; std::unique_ptr engine_; std::unique_ptr shadow_engine_; }; using RoleBasedAccessControlFilterConfigSharedPtr = std::shared_ptr; /** * A filter that provides role-based access control authorization for HTTP requests. */ class RoleBasedAccessControlFilter : public Http::StreamDecoderFilter, public Logger::Loggable { public: RoleBasedAccessControlFilter(RoleBasedAccessControlFilterConfigSharedPtr config) : config_(config) {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override { return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override { return Http::FilterTrailersStatus::Continue; } void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { callbacks_ = &callbacks; } // Http::StreamFilterBase void onDestroy() override {} private: RoleBasedAccessControlFilterConfigSharedPtr config_; Http::StreamDecoderFilterCallbacks* callbacks_{}; }; } // namespace RBACFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP L7 filter responsible for routing to upstream connection pools # Public docs: docs/root/configuration/http_filters/router_filter.rst envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ "//include/envoy/registry", "//source/common/router:router_lib", "//source/common/router:shadow_writer_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/on_demand:on_demand_update_lib", "@envoy_api//envoy/extensions/filters/http/router/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/router/config.cc ================================================ #include "extensions/filters/http/router/config.h" #include "envoy/extensions/filters/http/router/v3/router.pb.h" #include "envoy/extensions/filters/http/router/v3/router.pb.validate.h" #include "common/router/router.h" #include "common/router/shadow_writer_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RouterFilter { Http::FilterFactoryCb RouterFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::router::v3::Router& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) { Router::FilterConfigSharedPtr filter_config(new Router::FilterConfig( stat_prefix, context, std::make_unique(context.clusterManager()), proto_config)); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter(std::make_shared(*filter_config)); }; } /** * Static registration for the router filter. @see RegisterFactory. */ REGISTER_FACTORY(RouterFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.router"}; } // namespace RouterFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/router/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/router/v3/router.pb.h" #include "envoy/extensions/filters/http/router/v3/router.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace RouterFilter { /** * Config registration for the router filter. @see NamedHttpFilterConfigFactory. */ class RouterFilterConfig : public Common::FactoryBase { public: RouterFilterConfig() : FactoryBase(HttpFilterNames::get().Router) {} bool isTerminalFilter() override { return true; } private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::router::v3::Router& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(RouterFilterConfig); } // namespace RouterFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/squash/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP filter that implements the Squash microservice debugger # Public docs: docs/root/configuration/http_filters/squash_filter.rst envoy_extension_package() envoy_cc_library( name = "squash_filter_lib", srcs = ["squash_filter.cc"], hdrs = ["squash_filter.h"], deps = [ "//include/envoy/event:timer_interface", "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:header_map_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/json:json_loader_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/http/squash/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/squash:squash_filter_lib", "@envoy_api//envoy/extensions/filters/http/squash/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/squash/config.cc ================================================ #include "extensions/filters/http/squash/config.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "extensions/filters/http/squash/squash_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Squash { Http::FilterFactoryCb SquashFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::squash::v3::Squash& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { SquashFilterConfigSharedPtr config = std::make_shared( SquashFilterConfig(proto_config, context.clusterManager())); return [&context, config](Http::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addStreamDecoderFilter( std::make_shared(config, context.clusterManager())); }; } /** * Static registration for the squash filter. @see RegisterFactory. */ REGISTER_FACTORY(SquashFilterConfigFactory, Server::Configuration::NamedHttpFilterConfigFactory){"envoy.squash"}; } // namespace Squash } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/squash/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Squash { /** * Config registration for the squash filter. @see NamedHttpFilterConfigFactory. */ class SquashFilterConfigFactory : public Common::FactoryBase { public: SquashFilterConfigFactory() : FactoryBase(HttpFilterNames::get().Squash) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::squash::v3::Squash& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Squash } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/squash/squash_filter.cc ================================================ #include "extensions/filters/http/squash/squash_filter.h" #include #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/http/codes.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/json/json_loader.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Squash { using std::placeholders::_1; const std::regex SquashFilterConfig::ENV_REGEX("\\{\\{ (\\w+) \\}\\}"); const std::string SquashFilter::POST_ATTACHMENT_PATH = "/api/v2/debugattachment/"; const std::string SquashFilter::SERVER_AUTHORITY = "squash-server"; const std::string SquashFilter::ATTACHED_STATE = "attached"; const std::string SquashFilter::ERROR_STATE = "error"; SquashFilterConfig::SquashFilterConfig( const envoy::extensions::filters::http::squash::v3::Squash& proto_config, Upstream::ClusterManager& cluster_manager) : cluster_name_(proto_config.cluster()), attachment_json_(getAttachment(proto_config.attachment_template())), attachment_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(proto_config, attachment_timeout, 60000)), attachment_poll_period_( PROTOBUF_GET_MS_OR_DEFAULT(proto_config, attachment_poll_period, 1000)), request_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(proto_config, request_timeout, 1000)) { if (!cluster_manager.get(cluster_name_)) { throw EnvoyException( fmt::format("squash filter: unknown cluster '{}' in squash config", cluster_name_)); } } std::string SquashFilterConfig::getAttachment(const ProtobufWkt::Struct& attachment_template) { ProtobufWkt::Struct attachment_json(attachment_template); updateTemplateInStruct(attachment_json); return MessageUtil::getJsonStringFromMessage(attachment_json); } void SquashFilterConfig::updateTemplateInStruct(ProtobufWkt::Struct& attachment_template) { for (auto& value_it : *attachment_template.mutable_fields()) { auto& curvalue = value_it.second; updateTemplateInValue(curvalue); } } void SquashFilterConfig::updateTemplateInValue(ProtobufWkt::Value& curvalue) { switch (curvalue.kind_case()) { case ProtobufWkt::Value::kStructValue: { updateTemplateInStruct(*curvalue.mutable_struct_value()); break; } case ProtobufWkt::Value::kListValue: { ProtobufWkt::ListValue& values = *curvalue.mutable_list_value(); for (int i = 0; i < values.values_size(); i++) { updateTemplateInValue(*values.mutable_values(i)); } break; } case ProtobufWkt::Value::kStringValue: { curvalue.set_string_value(replaceEnv(curvalue.string_value())); break; } case ProtobufWkt::Value::KIND_NOT_SET: case ProtobufWkt::Value::kNullValue: case ProtobufWkt::Value::kBoolValue: case ProtobufWkt::Value::kNumberValue: { // Nothing here... we only need to transform strings } } } /* This function interpolates environment variables in a string template. To interpolate an environment variable named ENV, add '{{ ENV }}' (without the quotes, with the spaces) to the template string. See api/envoy/config/filter/http/squash/v2/squash.proto for the motivation on why this is needed. */ std::string SquashFilterConfig::replaceEnv(const std::string& attachment_template) { std::string s; auto end_last_match = attachment_template.begin(); auto replaceEnvVarInTemplateCallback = [&s, &attachment_template, &end_last_match](const std::match_results& match) { auto start_match = attachment_template.begin() + match.position(0); s.append(end_last_match, start_match); std::string envar_name = match[1].str(); const char* envar_value = std::getenv(envar_name.c_str()); if (envar_value == nullptr) { ENVOY_LOG(warn, "Squash: no environment variable named {}.", envar_name); } else { s.append(envar_value); } end_last_match = start_match + match.length(0); }; std::sregex_iterator begin(attachment_template.begin(), attachment_template.end(), ENV_REGEX), end; std::for_each(begin, end, replaceEnvVarInTemplateCallback); s.append(end_last_match, attachment_template.end()); return s; } SquashFilter::SquashFilter(SquashFilterConfigSharedPtr config, Upstream::ClusterManager& cm) : config_(config), is_squashing_(false), attachment_poll_period_timer_(nullptr), attachment_timeout_timer_(nullptr), in_flight_request_(nullptr), create_attachment_callback_(std::bind(&SquashFilter::onCreateAttachmentSuccess, this, _1), std::bind(&SquashFilter::onCreateAttachmentFailure, this, _1)), check_attachment_callback_(std::bind(&SquashFilter::onGetAttachmentSuccess, this, _1), std::bind(&SquashFilter::onGetAttachmentFailure, this, _1)), cm_(cm), decoder_callbacks_(nullptr) {} SquashFilter::~SquashFilter() = default; void SquashFilter::onDestroy() { cleanup(); } Http::FilterHeadersStatus SquashFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { // Check for squash header if (!headers.get(Http::Headers::get().XSquashDebug)) { return Http::FilterHeadersStatus::Continue; } ENVOY_LOG(debug, "Squash: Holding request and requesting debug attachment"); Http::RequestMessagePtr request(new Http::RequestMessageImpl()); request->headers().setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); request->headers().setReferencePath(POST_ATTACHMENT_PATH); request->headers().setReferenceHost(SERVER_AUTHORITY); request->headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); request->body().add(config_->attachmentJson()); is_squashing_ = true; in_flight_request_ = cm_.httpAsyncClientForCluster(config_->clusterName()) .send(std::move(request), create_attachment_callback_, Http::AsyncClient::RequestOptions().setTimeout(config_->requestTimeout())); if (in_flight_request_ == nullptr) { ENVOY_LOG(debug, "Squash: can't create request for squash server"); is_squashing_ = false; return Http::FilterHeadersStatus::Continue; } attachment_timeout_timer_ = decoder_callbacks_->dispatcher().createTimer([this]() -> void { doneSquashing(); }); attachment_timeout_timer_->enableTimer(config_->attachmentTimeout(), &decoder_callbacks_->scope()); // Check if the timer expired inline. if (!is_squashing_) { return Http::FilterHeadersStatus::Continue; } return Http::FilterHeadersStatus::StopIteration; } Http::FilterDataStatus SquashFilter::decodeData(Buffer::Instance&, bool) { if (is_squashing_) { return Http::FilterDataStatus::StopIterationAndBuffer; } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus SquashFilter::decodeTrailers(Http::RequestTrailerMap&) { if (is_squashing_) { return Http::FilterTrailersStatus::StopIteration; } return Http::FilterTrailersStatus::Continue; } void SquashFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { decoder_callbacks_ = &callbacks; } void SquashFilter::onCreateAttachmentSuccess(Http::ResponseMessagePtr&& m) { in_flight_request_ = nullptr; // Get the config object that was created if (Http::Utility::getResponseStatus(m->headers()) != enumToInt(Http::Code::Created)) { ENVOY_LOG(debug, "Squash: can't create attachment object. status {} - not squashing", m->headers().getStatusValue()); doneSquashing(); } else { std::string debug_attachment_id; try { Json::ObjectSharedPtr json_config = getJsonBody(std::move(m)); debug_attachment_id = json_config->getObject("metadata", true)->getString("name", EMPTY_STRING); } catch (Json::Exception&) { debug_attachment_id = EMPTY_STRING; } if (debug_attachment_id.empty()) { ENVOY_LOG(debug, "Squash: failed to parse debug attachment object - check server settings."); doneSquashing(); } else { debug_attachment_path_ = POST_ATTACHMENT_PATH + debug_attachment_id; pollForAttachment(); } } } void SquashFilter::onCreateAttachmentFailure(Http::AsyncClient::FailureReason) { // in_flight_request_ will be null if we are called inline of async client send() bool request_created = in_flight_request_ != nullptr; in_flight_request_ = nullptr; // No retries here, as we couldn't create the attachment object. if (request_created) { // Cleanup not needed if onFailure called inline in async client send, as this means that // decodeHeaders is down the stack and will return Continue. doneSquashing(); } } void SquashFilter::onGetAttachmentSuccess(Http::ResponseMessagePtr&& m) { in_flight_request_ = nullptr; std::string attachmentstate; try { Json::ObjectSharedPtr json_config = getJsonBody(std::move(m)); attachmentstate = json_config->getObject("status", true)->getString("state", EMPTY_STRING); } catch (Json::Exception&) { // No state yet.. leave it empty for the retry logic. } if (attachmentstate == ATTACHED_STATE || attachmentstate == ERROR_STATE) { doneSquashing(); } else { // Always schedule a retry. The attachment_timeout_timer_ will stop the retry loop when it // expires. scheduleRetry(); } } void SquashFilter::onGetAttachmentFailure(Http::AsyncClient::FailureReason) { in_flight_request_ = nullptr; scheduleRetry(); } void SquashFilter::scheduleRetry() { if (attachment_poll_period_timer_.get() == nullptr) { attachment_poll_period_timer_ = decoder_callbacks_->dispatcher().createTimer([this]() -> void { pollForAttachment(); }); } attachment_poll_period_timer_->enableTimer(config_->attachmentPollPeriod(), &decoder_callbacks_->scope()); } void SquashFilter::pollForAttachment() { Http::RequestMessagePtr request(new Http::RequestMessageImpl()); request->headers().setReferenceMethod(Http::Headers::get().MethodValues.Get); request->headers().setReferencePath(debug_attachment_path_); request->headers().setReferenceHost(SERVER_AUTHORITY); in_flight_request_ = cm_.httpAsyncClientForCluster(config_->clusterName()) .send(std::move(request), check_attachment_callback_, Http::AsyncClient::RequestOptions().setTimeout(config_->requestTimeout())); // No need to check if in_flight_request_ is null as onFailure will take care of // cleanup. } void SquashFilter::doneSquashing() { cleanup(); decoder_callbacks_->continueDecoding(); } void SquashFilter::cleanup() { is_squashing_ = false; if (attachment_poll_period_timer_) { attachment_poll_period_timer_->disableTimer(); attachment_poll_period_timer_.reset(); } if (attachment_timeout_timer_) { attachment_timeout_timer_->disableTimer(); attachment_timeout_timer_.reset(); } if (in_flight_request_ != nullptr) { in_flight_request_->cancel(); in_flight_request_ = nullptr; } debug_attachment_path_ = EMPTY_STRING; } Json::ObjectSharedPtr SquashFilter::getJsonBody(Http::ResponseMessagePtr&& m) { return Json::Factory::loadFromString(m->bodyAsString()); } } // namespace Squash } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/squash/squash_filter.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/http/async_client.h" #include "envoy/http/filter.h" #include "envoy/json/json_object.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "common/protobuf/protobuf.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Squash { class SquashFilterConfig : protected Logger::Loggable { public: SquashFilterConfig(const envoy::extensions::filters::http::squash::v3::Squash& proto_config, Upstream::ClusterManager& cluster_manager); const std::string& clusterName() const { return cluster_name_; } const std::string& attachmentJson() const { return attachment_json_; } const std::chrono::milliseconds& attachmentTimeout() const { return attachment_timeout_; } const std::chrono::milliseconds& attachmentPollPeriod() const { return attachment_poll_period_; } const std::chrono::milliseconds& requestTimeout() const { return request_timeout_; } private: // Get the attachment body, and returns a JSON representations with environment variables // interpolated. static std::string getAttachment(const ProtobufWkt::Struct& attachment_template); // Recursively interpolates environment variables inline in the struct. static void updateTemplateInStruct(ProtobufWkt::Struct& attachment_template); // Recursively interpolates environment variables inline in the value. static void updateTemplateInValue(ProtobufWkt::Value& curvalue); // Interpolates environment variables in a string, and returns the new interpolated string. static std::string replaceEnv(const std::string& attachment_template); // The name of the squash server cluster. const std::string cluster_name_; // The attachment body sent to squash server on create attachment. const std::string attachment_json_; // The total amount of time for an attachment to reach a final state (attached or error). const std::chrono::milliseconds attachment_timeout_; // How frequently should we poll the attachment state with the squash server. const std::chrono::milliseconds attachment_poll_period_; // The timeout for individual requests to the squash server. const std::chrono::milliseconds request_timeout_; // Defines the pattern for interpolating environment variables in to the attachment. const static std::regex ENV_REGEX; }; using SquashFilterConfigSharedPtr = std::shared_ptr; class AsyncClientCallbackShim : public Http::AsyncClient::Callbacks { public: AsyncClientCallbackShim(std::function&& on_success, std::function&& on_fail) : on_success_(on_success), on_fail_(on_fail) {} // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& m) override { on_success_(std::forward(m)); } void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason f) override { on_fail_(f); } void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: const std::function on_success_; const std::function on_fail_; }; class SquashFilter : public Http::StreamDecoderFilter, protected Logger::Loggable { public: SquashFilter(SquashFilterConfigSharedPtr config, Upstream::ClusterManager& cm); ~SquashFilter() override; // Http::StreamFilterBase void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override; Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; private: // AsyncClient callbacks for create attachment request void onCreateAttachmentSuccess(Http::ResponseMessagePtr&&); void onCreateAttachmentFailure(Http::AsyncClient::FailureReason); // AsyncClient callbacks for get attachment request void onGetAttachmentSuccess(Http::ResponseMessagePtr&&); void onGetAttachmentFailure(Http::AsyncClient::FailureReason); // Schedules a pollForAttachment void scheduleRetry(); // Contacts Squash server to get the latest version of a debug attachment. void pollForAttachment(); // Cleanup and continue the filter chain. void doneSquashing(); void cleanup(); // Creates a JSON from the message body. Json::ObjectSharedPtr getJsonBody(Http::ResponseMessagePtr&& m); const SquashFilterConfigSharedPtr config_; // Current state of the squash filter. If is_squashing_ is true, Hold the request while we // communicate with the squash server to attach a debugger. If it is false, let the request // pass-through. bool is_squashing_; // The API path of the created debug attachment (used for polling its state). std::string debug_attachment_path_; // A timer for polling the state of a debug attachment until it reaches a final state. Event::TimerPtr attachment_poll_period_timer_; // A timeout timer - after this timer expires we abort polling the debug attachment, and continue // filter iteration Event::TimerPtr attachment_timeout_timer_; // The current inflight request to the squash server. Http::AsyncClient::Request* in_flight_request_; // Shims to get AsyncClient callbacks to specific methods, per API method. AsyncClientCallbackShim create_attachment_callback_; AsyncClientCallbackShim check_attachment_callback_; // ClusterManager to send requests to squash server Upstream::ClusterManager& cm_; // Callbacks used to continue filter iteration. Http::StreamDecoderFilterCallbacks* decoder_callbacks_; // Create debug attachment URL path. const static std::string POST_ATTACHMENT_PATH; // Authority header for squash server. const static std::string SERVER_AUTHORITY; // The state of a debug attachment object when a debugger is successfully attached. const static std::string ATTACHED_STATE; // The state of a debug attachment object when an error has occurred. const static std::string ERROR_STATE; }; } // namespace Squash } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L7 HTTP Tap filter # Public docs: docs/root/configuration/http_filters/tap_filter.rst envoy_extension_package() envoy_cc_library( name = "tap_config_interface", hdrs = ["tap_config.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/http:header_map_interface", "//source/extensions/common/tap:tap_interface", ], ) envoy_cc_library( name = "tap_config_impl", srcs = ["tap_config_impl.cc"], hdrs = ["tap_config_impl.h"], deps = [ ":tap_config_interface", "//source/extensions/common/tap:tap_config_base", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "tap_filter_lib", srcs = ["tap_filter.cc"], hdrs = ["tap_filter.h"], deps = [ ":tap_config_interface", "//include/envoy/access_log:access_log_interface", "//include/envoy/http:filter_interface", "//source/extensions/common/tap:extension_config_base", "@envoy_api//envoy/extensions/filters/http/tap/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":tap_config_impl", ":tap_filter_lib", "//include/envoy/registry", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/tap/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/tap/config.cc ================================================ #include "extensions/filters/http/tap/config.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/http/tap/tap_config_impl.h" #include "extensions/filters/http/tap/tap_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { class HttpTapConfigFactoryImpl : public Extensions::Common::Tap::TapConfigFactory { public: // TapConfigFactory Extensions::Common::Tap::TapConfigSharedPtr createConfigFromProto(envoy::config::tap::v3::TapConfig&& proto_config, Extensions::Common::Tap::Sink* admin_streamer) override { return std::make_shared(std::move(proto_config), admin_streamer); } }; Http::FilterFactoryCb TapFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::tap::v3::Tap& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { FilterConfigSharedPtr filter_config(new FilterConfigImpl( proto_config, stats_prefix, std::make_unique(), context.scope(), context.admin(), context.singletonManager(), context.threadLocal(), context.dispatcher())); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { auto filter = std::make_shared(filter_config); callbacks.addStreamFilter(filter); callbacks.addAccessLogHandler(filter); }; } /** * Static registration for the tap filter. @see RegisterFactory. */ REGISTER_FACTORY(TapFilterFactory, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { /** * Config registration for the tap filter. */ class TapFilterFactory : public Common::FactoryBase { public: TapFilterFactory() : FactoryBase(HttpFilterNames::get().Tap) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::tap::v3::Tap& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/tap_config.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/http/header_map.h" #include "extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { /** * Per-request/stream HTTP tap implementation. Abstractly handles all request lifecycle events in * order to tap if the configuration matches. */ class HttpPerRequestTapper { public: virtual ~HttpPerRequestTapper() = default; /** * Called when request headers are received. */ virtual void onRequestHeaders(const Http::RequestHeaderMap& headers) PURE; /** * Called when request body is received. */ virtual void onRequestBody(const Buffer::Instance& data) PURE; /** * Called when request trailers are received. */ virtual void onRequestTrailers(const Http::RequestTrailerMap& trailers) PURE; /** * Called when response headers are received. */ virtual void onResponseHeaders(const Http::ResponseHeaderMap& headers) PURE; /** * Called when response body is received. */ virtual void onResponseBody(const Buffer::Instance& data) PURE; /** * Called when response trailers are received. */ virtual void onResponseTrailers(const Http::ResponseTrailerMap& headers) PURE; /** * Called when the request is being destroyed and is being logged. * @return whether the request was tapped or not. */ virtual bool onDestroyLog() PURE; }; using HttpPerRequestTapperPtr = std::unique_ptr; /** * Abstract HTTP tap configuration. */ class HttpTapConfig : public virtual Extensions::Common::Tap::TapConfig { public: /** * @return a new per-request HTTP tapper which is used to handle tapping of a discrete request. * @param stream_id supplies the owning HTTP stream ID. */ virtual HttpPerRequestTapperPtr createPerRequestTapper(uint64_t stream_id) PURE; }; using HttpTapConfigSharedPtr = std::shared_ptr; } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/tap_config_impl.cc ================================================ #include "extensions/filters/http/tap/tap_config_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/http.pb.h" #include "common/common/assert.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { namespace TapCommon = Extensions::Common::Tap; namespace { Http::HeaderMap::ConstIterateCb fillHeaderList(Protobuf::RepeatedPtrField* output) { return [output](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { auto& new_header = *output->Add(); new_header.set_key(std::string(header.key().getStringView())); new_header.set_value(std::string(header.value().getStringView())); return Http::HeaderMap::Iterate::Continue; }; } } // namespace HttpTapConfigImpl::HttpTapConfigImpl(envoy::config::tap::v3::TapConfig&& proto_config, Common::Tap::Sink* admin_streamer) : TapCommon::TapConfigBaseImpl(std::move(proto_config), admin_streamer) {} HttpPerRequestTapperPtr HttpTapConfigImpl::createPerRequestTapper(uint64_t stream_id) { return std::make_unique(shared_from_this(), stream_id); } void HttpPerRequestTapperImpl::streamRequestHeaders() { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); request_headers_->iterate(fillHeaderList( trace->mutable_http_streamed_trace_segment()->mutable_request_headers()->mutable_headers())); sink_handle_->submitTrace(std::move(trace)); } void HttpPerRequestTapperImpl::onRequestHeaders(const Http::RequestHeaderMap& headers) { request_headers_ = &headers; config_->rootMatcher().onHttpRequestHeaders(headers, statuses_); if (config_->streaming() && config_->rootMatcher().matchStatus(statuses_).matches_) { ASSERT(!started_streaming_trace_); started_streaming_trace_ = true; streamRequestHeaders(); } } void HttpPerRequestTapperImpl::streamBufferedRequestBody() { if (buffered_streamed_request_body_ != nullptr) { sink_handle_->submitTrace(std::move(buffered_streamed_request_body_)); buffered_streamed_request_body_.reset(); } } void HttpPerRequestTapperImpl::onRequestBody(const Buffer::Instance& data) { onBody(data, buffered_streamed_request_body_, config_->maxBufferedRxBytes(), &envoy::data::tap::v3::HttpStreamedTraceSegment::mutable_request_body_chunk, &envoy::data::tap::v3::HttpBufferedTrace::mutable_request, true); } void HttpPerRequestTapperImpl::streamRequestTrailers() { if (request_trailers_ != nullptr) { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); request_trailers_->iterate(fillHeaderList(trace->mutable_http_streamed_trace_segment() ->mutable_request_trailers() ->mutable_headers())); sink_handle_->submitTrace(std::move(trace)); } } void HttpPerRequestTapperImpl::onRequestTrailers(const Http::RequestTrailerMap& trailers) { request_trailers_ = &trailers; config_->rootMatcher().onHttpRequestTrailers(trailers, statuses_); if (config_->streaming() && config_->rootMatcher().matchStatus(statuses_).matches_) { if (!started_streaming_trace_) { started_streaming_trace_ = true; // Flush anything that we already buffered. streamRequestHeaders(); streamBufferedRequestBody(); } streamRequestTrailers(); } } void HttpPerRequestTapperImpl::streamResponseHeaders() { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); response_headers_->iterate(fillHeaderList( trace->mutable_http_streamed_trace_segment()->mutable_response_headers()->mutable_headers())); sink_handle_->submitTrace(std::move(trace)); } void HttpPerRequestTapperImpl::onResponseHeaders(const Http::ResponseHeaderMap& headers) { response_headers_ = &headers; config_->rootMatcher().onHttpResponseHeaders(headers, statuses_); if (config_->streaming() && config_->rootMatcher().matchStatus(statuses_).matches_) { if (!started_streaming_trace_) { started_streaming_trace_ = true; // Flush anything that we already buffered. streamRequestHeaders(); streamBufferedRequestBody(); streamRequestTrailers(); } streamResponseHeaders(); } } void HttpPerRequestTapperImpl::streamBufferedResponseBody() { if (buffered_streamed_response_body_ != nullptr) { sink_handle_->submitTrace(std::move(buffered_streamed_response_body_)); buffered_streamed_response_body_.reset(); } } void HttpPerRequestTapperImpl::onResponseBody(const Buffer::Instance& data) { onBody(data, buffered_streamed_response_body_, config_->maxBufferedTxBytes(), &envoy::data::tap::v3::HttpStreamedTraceSegment::mutable_response_body_chunk, &envoy::data::tap::v3::HttpBufferedTrace::mutable_response, false); } void HttpPerRequestTapperImpl::onResponseTrailers(const Http::ResponseTrailerMap& trailers) { response_trailers_ = &trailers; config_->rootMatcher().onHttpResponseTrailers(trailers, statuses_); if (config_->streaming() && config_->rootMatcher().matchStatus(statuses_).matches_) { if (!started_streaming_trace_) { started_streaming_trace_ = true; // Flush anything that we already buffered. streamRequestHeaders(); streamBufferedRequestBody(); streamRequestTrailers(); streamResponseHeaders(); streamBufferedResponseBody(); } TapCommon::TraceWrapperPtr trace = makeTraceSegment(); trailers.iterate(fillHeaderList(trace->mutable_http_streamed_trace_segment() ->mutable_response_trailers() ->mutable_headers())); sink_handle_->submitTrace(std::move(trace)); } } bool HttpPerRequestTapperImpl::onDestroyLog() { if (config_->streaming() || !config_->rootMatcher().matchStatus(statuses_).matches_) { return config_->rootMatcher().matchStatus(statuses_).matches_; } makeBufferedFullTraceIfNeeded(); auto& http_trace = *buffered_full_trace_->mutable_http_buffered_trace(); if (request_headers_ != nullptr) { request_headers_->iterate(fillHeaderList(http_trace.mutable_request()->mutable_headers())); } if (request_trailers_ != nullptr) { request_trailers_->iterate(fillHeaderList(http_trace.mutable_request()->mutable_trailers())); } if (response_headers_ != nullptr) { response_headers_->iterate(fillHeaderList(http_trace.mutable_response()->mutable_headers())); } if (response_trailers_ != nullptr) { response_trailers_->iterate(fillHeaderList(http_trace.mutable_response()->mutable_trailers())); } ENVOY_LOG(debug, "submitting buffered trace sink"); // move is safe as onDestroyLog is the last method called. sink_handle_->submitTrace(std::move(buffered_full_trace_)); return true; } void HttpPerRequestTapperImpl::onBody( const Buffer::Instance& data, Extensions::Common::Tap::TraceWrapperPtr& buffered_streamed_body, uint32_t max_buffered_bytes, MutableBodyChunk mutable_body_chunk, MutableMessage mutable_message, bool request) { // Invoke body matcher. request ? config_->rootMatcher().onRequestBody(data, statuses_) : config_->rootMatcher().onResponseBody(data, statuses_); if (config_->streaming()) { const auto& match_status = config_->rootMatcher().matchStatus(statuses_); // Without body matching, we must have already started tracing or have not yet matched. ASSERT(started_streaming_trace_ || !match_status.matches_); if (started_streaming_trace_) { // If we have already started streaming, flush a body segment now. TapCommon::TraceWrapperPtr trace = makeTraceSegment(); TapCommon::Utility::addBufferToProtoBytes( *(trace->mutable_http_streamed_trace_segment()->*mutable_body_chunk)(), max_buffered_bytes, data, 0, data.length()); sink_handle_->submitTrace(std::move(trace)); } else if (match_status.might_change_status_) { // If we might still match, start buffering the body up to our limit. if (buffered_streamed_body == nullptr) { buffered_streamed_body = makeTraceSegment(); } auto& body = *(buffered_streamed_body->mutable_http_streamed_trace_segment()->*mutable_body_chunk)(); ASSERT(body.as_bytes().size() <= max_buffered_bytes); TapCommon::Utility::addBufferToProtoBytes(body, max_buffered_bytes - body.as_bytes().size(), data, 0, data.length()); } } else { // If we are not streaming, buffer the body up to our limit. makeBufferedFullTraceIfNeeded(); auto& body = *(buffered_full_trace_->mutable_http_buffered_trace()->*mutable_message)()->mutable_body(); ASSERT(body.as_bytes().size() <= max_buffered_bytes); TapCommon::Utility::addBufferToProtoBytes(body, max_buffered_bytes - body.as_bytes().size(), data, 0, data.length()); } } } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/tap_config_impl.h ================================================ #pragma once #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/http.pb.h" #include "envoy/http/header_map.h" #include "common/common/logger.h" #include "extensions/common/tap/tap_config_base.h" #include "extensions/filters/http/tap/tap_config.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { class HttpTapConfigImpl : public Extensions::Common::Tap::TapConfigBaseImpl, public HttpTapConfig, public std::enable_shared_from_this { public: HttpTapConfigImpl(envoy::config::tap::v3::TapConfig&& proto_config, Extensions::Common::Tap::Sink* admin_streamer); // TapFilter::HttpTapConfig HttpPerRequestTapperPtr createPerRequestTapper(uint64_t stream_id) override; }; class HttpPerRequestTapperImpl : public HttpPerRequestTapper, Logger::Loggable { public: HttpPerRequestTapperImpl(HttpTapConfigSharedPtr config, uint64_t stream_id) : config_(std::move(config)), stream_id_(stream_id), sink_handle_(config_->createPerTapSinkHandleManager(stream_id)), statuses_(config_->createMatchStatusVector()) { config_->rootMatcher().onNewStream(statuses_); } // TapFilter::HttpPerRequestTapper void onRequestHeaders(const Http::RequestHeaderMap& headers) override; void onRequestBody(const Buffer::Instance& data) override; void onRequestTrailers(const Http::RequestTrailerMap& headers) override; void onResponseHeaders(const Http::ResponseHeaderMap& headers) override; void onResponseBody(const Buffer::Instance& data) override; void onResponseTrailers(const Http::ResponseTrailerMap& headers) override; bool onDestroyLog() override; private: using HttpStreamedTraceSegment = envoy::data::tap::v3::HttpStreamedTraceSegment; using MutableBodyChunk = envoy::data::tap::v3::Body* (HttpStreamedTraceSegment::*)(); using HttpBufferedTrace = envoy::data::tap::v3::HttpBufferedTrace; using MutableMessage = envoy::data::tap::v3::HttpBufferedTrace::Message* (HttpBufferedTrace::*)(); void onBody(const Buffer::Instance& data, Extensions::Common::Tap::TraceWrapperPtr& buffered_streamed_body, uint32_t max_buffered_bytes, MutableBodyChunk mutable_body_chunk, MutableMessage mutable_message, bool request); void makeBufferedFullTraceIfNeeded() { if (buffered_full_trace_ == nullptr) { buffered_full_trace_ = Extensions::Common::Tap::makeTraceWrapper(); } } Extensions::Common::Tap::TraceWrapperPtr makeTraceSegment() { Extensions::Common::Tap::TraceWrapperPtr segment = Extensions::Common::Tap::makeTraceWrapper(); segment->mutable_http_streamed_trace_segment()->set_trace_id(stream_id_); return segment; } void streamRequestHeaders(); void streamBufferedRequestBody(); void streamRequestTrailers(); void streamResponseHeaders(); void streamBufferedResponseBody(); HttpTapConfigSharedPtr config_; const uint64_t stream_id_; Extensions::Common::Tap::PerTapSinkHandleManagerPtr sink_handle_; Extensions::Common::Tap::Matcher::MatchStatusVector statuses_; bool started_streaming_trace_{}; const Http::RequestHeaderMap* request_headers_{}; const Http::HeaderMap* request_trailers_{}; const Http::ResponseHeaderMap* response_headers_{}; const Http::ResponseTrailerMap* response_trailers_{}; // Must be a shared_ptr because of submitTrace(). Extensions::Common::Tap::TraceWrapperPtr buffered_streamed_request_body_; Extensions::Common::Tap::TraceWrapperPtr buffered_streamed_response_body_; Extensions::Common::Tap::TraceWrapperPtr buffered_full_trace_; }; } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/tap_filter.cc ================================================ #include "extensions/filters/http/tap/tap_filter.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { FilterConfigImpl::FilterConfigImpl( const envoy::extensions::filters::http::tap::v3::Tap& proto_config, const std::string& stats_prefix, Common::Tap::TapConfigFactoryPtr&& config_factory, Stats::Scope& scope, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher) : ExtensionConfigBase(proto_config.common_config(), std::move(config_factory), admin, singleton_manager, tls, main_thread_dispatcher), stats_(Filter::generateStats(stats_prefix, scope)) {} HttpTapConfigSharedPtr FilterConfigImpl::currentConfig() { return currentConfigHelper(); } FilterStats Filter::generateStats(const std::string& prefix, Stats::Scope& scope) { // TODO(mattklein123): Consider whether we want to additionally namespace the stats on the // filter's configured opaque ID. std::string final_prefix = prefix + "tap."; return {ALL_TAP_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, bool) { if (tapper_ != nullptr) { tapper_->onRequestHeaders(headers); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::decodeData(Buffer::Instance& data, bool) { if ((tapper_ != nullptr) && (0 != data.length())) { tapper_->onRequestBody(data); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus Filter::decodeTrailers(Http::RequestTrailerMap& trailers) { if (tapper_ != nullptr) { tapper_->onRequestTrailers(trailers); } return Http::FilterTrailersStatus::Continue; } Http::FilterHeadersStatus Filter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { if (tapper_ != nullptr) { tapper_->onResponseHeaders(headers); } return Http::FilterHeadersStatus::Continue; } Http::FilterDataStatus Filter::encodeData(Buffer::Instance& data, bool) { if ((tapper_ != nullptr) && (0 != data.length())) { tapper_->onResponseBody(data); } return Http::FilterDataStatus::Continue; } Http::FilterTrailersStatus Filter::encodeTrailers(Http::ResponseTrailerMap& trailers) { if (tapper_ != nullptr) { tapper_->onResponseTrailers(trailers); } return Http::FilterTrailersStatus::Continue; } void Filter::log(const Http::RequestHeaderMap*, const Http::ResponseHeaderMap*, const Http::ResponseTrailerMap*, const StreamInfo::StreamInfo&) { if (tapper_ != nullptr && tapper_->onDestroyLog()) { config_->stats().rq_tapped_.inc(); } } } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/tap/tap_filter.h ================================================ #pragma once #include "envoy/access_log/access_log.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" #include "envoy/http/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "extensions/common/tap/extension_config_base.h" #include "extensions/filters/http/tap/tap_config.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace TapFilter { /** * All stats for the tap filter. @see stats_macros.h */ // clang-format off #define ALL_TAP_FILTER_STATS(COUNTER) \ COUNTER(rq_tapped) // clang-format on /** * Wrapper struct for tap filter stats. @see stats_macros.h */ struct FilterStats { ALL_TAP_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Abstract filter configuration. */ class FilterConfig { public: virtual ~FilterConfig() = default; /** * @return the current tap configuration if there is one. */ virtual HttpTapConfigSharedPtr currentConfig() PURE; /** * @return the filter stats. */ virtual FilterStats& stats() PURE; }; using FilterConfigSharedPtr = std::shared_ptr; /** * Configuration for the tap filter. */ class FilterConfigImpl : public FilterConfig, public Extensions::Common::Tap::ExtensionConfigBase { public: FilterConfigImpl(const envoy::extensions::filters::http::tap::v3::Tap& proto_config, const std::string& stats_prefix, Extensions::Common::Tap::TapConfigFactoryPtr&& config_factory, Stats::Scope& scope, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher); // FilterConfig HttpTapConfigSharedPtr currentConfig() override; FilterStats& stats() override { return stats_; } private: FilterStats stats_; }; /** * HTTP tap filter. */ class Filter : public Http::StreamFilter, public AccessLog::Instance { public: Filter(FilterConfigSharedPtr config) : config_(std::move(config)) {} static FilterStats generateStats(const std::string& prefix, Stats::Scope& scope); // Http::StreamFilterBase void onDestroy() override {} // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { HttpTapConfigSharedPtr config = config_->currentConfig(); tapper_ = config ? config->createPerRequestTapper(callbacks.streamId()) : nullptr; } // Http::StreamEncoderFilter Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { return Http::FilterHeadersStatus::Continue; } Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap& trailers) override; Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { return Http::FilterMetadataStatus::Continue; } void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks&) override {} // AccessLog::Instance void log(const Http::RequestHeaderMap* request_headers, const Http::ResponseHeaderMap* response_headers, const Http::ResponseTrailerMap* response_trailers, const StreamInfo::StreamInfo& stream_info) override; private: FilterConfigSharedPtr config_; HttpPerRequestTapperPtr tapper_; }; } // namespace TapFilter } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # Public docs: docs/root/configuration/http_filters/wasm_filter.rst envoy_cc_library( name = "wasm_filter_lib", srcs = ["wasm_filter.cc"], hdrs = ["wasm_filter.h"], visibility = ["//visibility:public"], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/wasm/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":wasm_filter_lib", "//include/envoy/registry", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/wasm/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/http/wasm/config.cc ================================================ #include "extensions/filters/http/wasm/config.h" #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "extensions/common/wasm/wasm.h" #include "extensions/filters/http/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Wasm { Http::FilterFactoryCb WasmFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::wasm::v3::Wasm& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { auto filter_config = std::make_shared(proto_config, context); return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { auto filter = filter_config->createFilter(); if (!filter) { // Fail open return; } callbacks.addStreamFilter(filter); callbacks.addAccessLogHandler(filter); }; } /** * Static registration for the Wasm filter. @see RegisterFactory. */ REGISTER_FACTORY(WasmFilterConfig, Server::Configuration::NamedHttpFilterConfigFactory); } // namespace Wasm } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/wasm/config.h ================================================ #pragma once #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.h" #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.validate.h" #include "extensions/filters/http/common/factory_base.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Wasm { /** * Config registration for the Wasm filter. @see NamedHttpFilterConfigFactory. */ class WasmFilterConfig : public Common::FactoryBase { public: WasmFilterConfig() : FactoryBase(HttpFilterNames::get().Wasm) {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::wasm::v3::Wasm& proto_config, const std::string&, Server::Configuration::FactoryContext& context) override; }; } // namespace Wasm } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/wasm/wasm_filter.cc ================================================ #include "extensions/filters/http/wasm/wasm_filter.h" #include "envoy/http/codes.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/http/header_map_impl.h" #include "common/http/message_impl.h" #include "common/http/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Wasm { FilterConfig::FilterConfig(const envoy::extensions::filters::http::wasm::v3::Wasm& config, Server::Configuration::FactoryContext& context) : tls_slot_(context.threadLocal().allocateSlot()) { plugin_ = std::make_shared( config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), config.config().vm_config().runtime(), Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), context.direction(), context.localInfo(), &context.listenerMetadata()); auto plugin = plugin_; auto callback = [plugin, this](const Common::Wasm::WasmHandleSharedPtr& base_wasm) { // NB: the Slot set() call doesn't complete inline, so all arguments must outlive this call. tls_slot_->set( [base_wasm, plugin](Event::Dispatcher& dispatcher) -> std::shared_ptr { if (!base_wasm) { return nullptr; } return std::static_pointer_cast( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, dispatcher)); }); }; if (!Common::Wasm::createWasm( config.config().vm_config(), plugin_, context.scope().createScope(""), context.clusterManager(), context.initManager(), context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm HTTP filter {}", plugin->name_)); } } } // namespace Wasm } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/wasm/wasm_filter.h ================================================ #pragma once #include #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.validate.h" #include "envoy/http/filter.h" #include "envoy/server/filter_config.h" #include "envoy/upstream/cluster_manager.h" #include "extensions/common/wasm/wasm.h" #include "extensions/filters/http/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Wasm { using Envoy::Extensions::Common::Wasm::Context; using Envoy::Extensions::Common::Wasm::Wasm; using Envoy::Extensions::Common::Wasm::WasmHandle; class FilterConfig : Logger::Loggable { public: FilterConfig(const envoy::extensions::filters::http::wasm::v3::Wasm& proto_config, Server::Configuration::FactoryContext& context); std::shared_ptr createFilter() { Wasm* wasm = nullptr; if (tls_slot_->get()) { wasm = tls_slot_->getTyped().wasm().get(); } if (plugin_->fail_open_ && (!wasm || wasm->isFailed())) { return nullptr; } if (wasm && !root_context_id_) { root_context_id_ = wasm->getRootContext(plugin_->root_id_)->id(); } return std::make_shared(wasm, root_context_id_, plugin_); } private: uint32_t root_context_id_{0}; Envoy::Extensions::Common::Wasm::PluginSharedPtr plugin_; ThreadLocal::SlotPtr tls_slot_; Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; typedef std::shared_ptr FilterConfigSharedPtr; } // namespace Wasm } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/http/well_known_names.h ================================================ #pragma once #include "common/config/well_known_names.h" namespace Envoy { namespace Extensions { namespace HttpFilters { /** * Well-known http filter names. * NOTE: New filters should use the well known name: envoy.filters.http.name. */ class HttpFilterNameValues { public: // Buffer filter const std::string Buffer = "envoy.filters.http.buffer"; // Cache filter const std::string Cache = "envoy.filters.http.cache"; // CDN Loop filter const std::string CdnLoop = "envoy.filters.http.cdn_loop"; // Compressor filter const std::string Compressor = "envoy.filters.http.compressor"; // CORS filter const std::string Cors = "envoy.filters.http.cors"; // CSRF filter const std::string Csrf = "envoy.filters.http.csrf"; // Decompressor filter const std::string Decompressor = "envoy.filters.http.decompressor"; // Dynamo filter const std::string Dynamo = "envoy.filters.http.dynamo"; // Fault filter const std::string Fault = "envoy.filters.http.fault"; // GRPC http1 bridge filter const std::string GrpcHttp1Bridge = "envoy.filters.http.grpc_http1_bridge"; // GRPC json transcoder filter const std::string GrpcJsonTranscoder = "envoy.filters.http.grpc_json_transcoder"; // GRPC web filter const std::string GrpcWeb = "envoy.filters.http.grpc_web"; // GRPC http1 reverse bridge filter const std::string GrpcHttp1ReverseBridge = "envoy.filters.http.grpc_http1_reverse_bridge"; // GRPC telemetry const std::string GrpcStats = "envoy.filters.http.grpc_stats"; // Gzip filter const std::string EnvoyGzip = "envoy.filters.http.gzip"; // IP tagging filter const std::string IpTagging = "envoy.filters.http.ip_tagging"; // Rate limit filter const std::string RateLimit = "envoy.filters.http.ratelimit"; // Router filter const std::string Router = "envoy.filters.http.router"; // Health checking filter const std::string HealthCheck = "envoy.filters.http.health_check"; // Lua filter const std::string Lua = "envoy.filters.http.lua"; // On-demand RDS updates filter const std::string OnDemand = "envoy.filters.http.on_demand"; // Squash filter const std::string Squash = "envoy.filters.http.squash"; // External Authorization filter const std::string ExtAuthorization = "envoy.filters.http.ext_authz"; // RBAC HTTP Authorization filter const std::string Rbac = "envoy.filters.http.rbac"; // JWT authentication filter const std::string JwtAuthn = "envoy.filters.http.jwt_authn"; // Header to metadata filter const std::string HeaderToMetadata = "envoy.filters.http.header_to_metadata"; // Tap filter const std::string Tap = "envoy.filters.http.tap"; // Adaptive concurrency limit filter const std::string AdaptiveConcurrency = "envoy.filters.http.adaptive_concurrency"; // Admission control filter const std::string AdmissionControl = "envoy.filters.http.admission_control"; // Original Src Filter const std::string OriginalSrc = "envoy.filters.http.original_src"; // Dynamic forward proxy filter const std::string DynamicForwardProxy = "envoy.filters.http.dynamic_forward_proxy"; // WebAssembly filter const std::string Wasm = "envoy.filters.http.wasm"; // AWS request signing filter const std::string AwsRequestSigning = "envoy.filters.http.aws_request_signing"; // AWS Lambda filter const std::string AwsLambda = "envoy.filters.http.aws_lambda"; // OAuth filter const std::string OAuth = "envoy.filters.http.oauth"; }; using HttpFilterNames = ConstSingleton; } // namespace HttpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # Well known names are public. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/filters/listener/http_inspector/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # HTTP inspector filter for sniffing HTTP protocol and setting HTTP version to a FilterChain. envoy_extension_package() envoy_cc_library( name = "http_inspector_lib", srcs = ["http_inspector.cc"], hdrs = ["http_inspector.h"], external_deps = ["http_parser"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/extensions/transport_sockets:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":http_inspector_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/listener:well_known_names", "@envoy_api//envoy/extensions/filters/listener/http_inspector/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/listener/http_inspector/config.cc ================================================ #include "envoy/extensions/filters/listener/http_inspector/v3/http_inspector.pb.h" #include "envoy/extensions/filters/listener/http_inspector/v3/http_inspector.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/listener/http_inspector/http_inspector.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace HttpInspector { /** * Config registration for the Http inspector filter. @see NamedNetworkFilterConfigFactory. */ class HttpInspectorConfigFactory : public Server::Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message&, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext& context) override { ConfigSharedPtr config(std::make_shared(context.scope())); return [listener_filter_matcher, config](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(listener_filter_matcher, std::make_unique(config)); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::filters::listener::http_inspector::v3::HttpInspector>(); } std::string name() const override { return ListenerFilterNames::get().HttpInspector; } }; /** * Static registration for the http inspector filter. @see RegisterFactory. */ REGISTER_FACTORY(HttpInspectorConfigFactory, Server::Configuration::NamedListenerFilterConfigFactory){ "envoy.listener.http_inspector"}; } // namespace HttpInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/http_inspector/http_inspector.cc ================================================ #include "extensions/filters/listener/http_inspector/http_inspector.h" #include "envoy/event/dispatcher.h" #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "extensions/transport_sockets/well_known_names.h" #include "absl/strings/match.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace HttpInspector { Config::Config(Stats::Scope& scope) : stats_{ALL_HTTP_INSPECTOR_STATS(POOL_COUNTER_PREFIX(scope, "http_inspector."))} {} const absl::string_view Filter::HTTP2_CONNECTION_PREFACE = "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"; thread_local uint8_t Filter::buf_[Config::MAX_INSPECT_SIZE]; Filter::Filter(const ConfigSharedPtr config) : config_(config) { http_parser_init(&parser_, HTTP_REQUEST); } http_parser_settings Filter::settings_{ nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, }; Network::FilterStatus Filter::onAccept(Network::ListenerFilterCallbacks& cb) { ENVOY_LOG(debug, "http inspector: new connection accepted"); const Network::ConnectionSocket& socket = cb.socket(); const absl::string_view transport_protocol = socket.detectedTransportProtocol(); if (!transport_protocol.empty() && transport_protocol != TransportSockets::TransportProtocolNames::get().RawBuffer) { ENVOY_LOG(trace, "http inspector: cannot inspect http protocol with transport socket {}", transport_protocol); return Network::FilterStatus::Continue; } cb_ = &cb; const ParseState parse_state = onRead(); switch (parse_state) { case ParseState::Error: // As per discussion in https://github.com/envoyproxy/envoy/issues/7864 // we don't add new enum in FilterStatus so we have to signal the caller // the new condition. cb.socket().close(); return Network::FilterStatus::StopIteration; case ParseState::Done: return Network::FilterStatus::Continue; case ParseState::Continue: // do nothing but create the event ASSERT(file_event_ == nullptr); file_event_ = cb.socket().ioHandle().createFileEvent( cb.dispatcher(), [this](uint32_t events) { ENVOY_LOG(trace, "http inspector event: {}", events); // inspector is always peeking and can never determine EOF. // Use this event type to avoid listener timeout on the OS supporting // FileReadyType::Closed. bool end_stream = events & Event::FileReadyType::Closed; const ParseState parse_state = onRead(); switch (parse_state) { case ParseState::Error: file_event_.reset(); cb_->continueFilterChain(false); break; case ParseState::Done: file_event_.reset(); // Do not skip following listener filters. cb_->continueFilterChain(true); break; case ParseState::Continue: if (end_stream) { // Parser fails to determine http but the end of stream is reached. Fallback to // non-http. done(false); file_event_.reset(); cb_->continueFilterChain(true); } // do nothing but wait for the next event break; } }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read | Event::FileReadyType::Closed); return Network::FilterStatus::StopIteration; } NOT_REACHED_GCOVR_EXCL_LINE; } ParseState Filter::onRead() { auto result = cb_->socket().ioHandle().recv(buf_, Config::MAX_INSPECT_SIZE, MSG_PEEK); ENVOY_LOG(trace, "http inspector: recv: {}", result.rc_); if (!result.ok()) { if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { return ParseState::Continue; } config_->stats().read_error_.inc(); return ParseState::Error; } const auto parse_state = parseHttpHeader(absl::string_view(reinterpret_cast(buf_), result.rc_)); switch (parse_state) { case ParseState::Continue: // do nothing but wait for the next event return ParseState::Continue; case ParseState::Error: done(false); return ParseState::Done; case ParseState::Done: done(true); return ParseState::Done; } NOT_REACHED_GCOVR_EXCL_LINE; } ParseState Filter::parseHttpHeader(absl::string_view data) { const size_t len = std::min(data.length(), Filter::HTTP2_CONNECTION_PREFACE.length()); if (Filter::HTTP2_CONNECTION_PREFACE.compare(0, len, data, 0, len) == 0) { if (data.length() < Filter::HTTP2_CONNECTION_PREFACE.length()) { return ParseState::Continue; } ENVOY_LOG(trace, "http inspector: http2 connection preface found"); protocol_ = "HTTP/2"; return ParseState::Done; } else { absl::string_view new_data = data.substr(parser_.nread); const size_t pos = new_data.find_first_of("\r\n"); if (pos != absl::string_view::npos) { // Include \r or \n new_data = new_data.substr(0, pos + 1); ssize_t rc = http_parser_execute(&parser_, &settings_, new_data.data(), new_data.length()); ENVOY_LOG(trace, "http inspector: http_parser parsed {} chars, error code: {}", rc, HTTP_PARSER_ERRNO(&parser_)); // Errors in parsing HTTP. if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK && HTTP_PARSER_ERRNO(&parser_) != HPE_PAUSED) { return ParseState::Error; } if (parser_.http_major == 1 && parser_.http_minor == 1) { protocol_ = Http::Headers::get().ProtocolStrings.Http11String; } else { // Set other HTTP protocols to HTTP/1.0 protocol_ = Http::Headers::get().ProtocolStrings.Http10String; } return ParseState::Done; } else { ssize_t rc = http_parser_execute(&parser_, &settings_, new_data.data(), new_data.length()); ENVOY_LOG(trace, "http inspector: http_parser parsed {} chars, error code: {}", rc, HTTP_PARSER_ERRNO(&parser_)); // Errors in parsing HTTP. if (HTTP_PARSER_ERRNO(&parser_) != HPE_OK && HTTP_PARSER_ERRNO(&parser_) != HPE_PAUSED) { return ParseState::Error; } else { return ParseState::Continue; } } } } void Filter::done(bool success) { ENVOY_LOG(trace, "http inspector: done: {}", success); if (success) { absl::string_view protocol; if (protocol_ == Http::Headers::get().ProtocolStrings.Http10String) { config_->stats().http10_found_.inc(); protocol = Http::Utility::AlpnNames::get().Http10; } else if (protocol_ == Http::Headers::get().ProtocolStrings.Http11String) { config_->stats().http11_found_.inc(); protocol = Http::Utility::AlpnNames::get().Http11; } else { ASSERT(protocol_ == "HTTP/2"); config_->stats().http2_found_.inc(); // h2 HTTP/2 over TLS, h2c HTTP/2 over TCP // TODO(yxue): use detected protocol from http inspector and support h2c token in HCM protocol = Http::Utility::AlpnNames::get().Http2c; } cb_->socket().setRequestedApplicationProtocols({protocol}); } else { config_->stats().http_not_found_.inc(); } } } // namespace HttpInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/http_inspector/http_inspector.h ================================================ #pragma once #include #include "envoy/event/file_event.h" #include "envoy/event/timer.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace HttpInspector { /** * All stats for the http inspector. @see stats_macros.h */ #define ALL_HTTP_INSPECTOR_STATS(COUNTER) \ COUNTER(read_error) \ COUNTER(http10_found) \ COUNTER(http11_found) \ COUNTER(http2_found) \ COUNTER(http_not_found) /** * Definition of all stats for the Http inspector. @see stats_macros.h */ struct HttpInspectorStats { ALL_HTTP_INSPECTOR_STATS(GENERATE_COUNTER_STRUCT) }; enum class ParseState { // Parse result is out. It could be http family or empty. Done, // Parser expects more data. Continue, // Parser reports unrecoverable error. Error }; /** * Global configuration for http inspector. */ class Config { public: Config(Stats::Scope& scope); const HttpInspectorStats& stats() const { return stats_; } static constexpr uint32_t MAX_INSPECT_SIZE = 8192; private: HttpInspectorStats stats_; }; using ConfigSharedPtr = std::shared_ptr; /** * Http inspector listener filter. */ class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr config); // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; private: static const absl::string_view HTTP2_CONNECTION_PREFACE; ParseState onRead(); void done(bool success); ParseState parseHttpHeader(absl::string_view data); const absl::flat_hash_set& httpProtocols() const; const absl::flat_hash_set& http1xMethods() const; ConfigSharedPtr config_; Network::ListenerFilterCallbacks* cb_{nullptr}; Event::FileEventPtr file_event_; absl::string_view protocol_; http_parser parser_; static http_parser_settings settings_; // Use static thread_local to avoid allocating buffer over and over again. static thread_local uint8_t buf_[Config::MAX_INSPECT_SIZE]; }; } // namespace HttpInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_dst/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # ORIGINAL_DST iptables redirection listener filter # Public docs: docs/root/configuration/listener_filters/original_dst_filter.rst envoy_extension_package() envoy_cc_library( name = "original_dst_lib", srcs = ["original_dst.cc"], hdrs = ["original_dst.h"], deps = [ "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/network:utility_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ ":original_dst_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/listener:well_known_names", "@envoy_api//envoy/extensions/filters/listener/original_dst/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/listener/original_dst/config.cc ================================================ #include #include "envoy/extensions/filters/listener/original_dst/v3/original_dst.pb.h" #include "envoy/extensions/filters/listener/original_dst/v3/original_dst.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/listener/original_dst/original_dst.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalDst { /** * Config registration for the original dst filter. @see NamedNetworkFilterConfigFactory. */ class OriginalDstConfigFactory : public Server::Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message&, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext&) override { return [listener_filter_matcher](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(listener_filter_matcher, std::make_unique()); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return ListenerFilterNames::get().OriginalDst; } }; /** * Static registration for the original dst filter. @see RegisterFactory. */ REGISTER_FACTORY(OriginalDstConfigFactory, Server::Configuration::NamedListenerFilterConfigFactory){ "envoy.listener.original_dst"}; } // namespace OriginalDst } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_dst/original_dst.cc ================================================ #include "extensions/filters/listener/original_dst/original_dst.h" #include "envoy/network/listen_socket.h" #include "common/common/assert.h" #include "common/network/utility.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalDst { Network::Address::InstanceConstSharedPtr OriginalDstFilter::getOriginalDst(Network::Socket& sock) { return Network::Utility::getOriginalDst(sock); } Network::FilterStatus OriginalDstFilter::onAccept(Network::ListenerFilterCallbacks& cb) { ENVOY_LOG(debug, "original_dst: New connection accepted"); Network::ConnectionSocket& socket = cb.socket(); if (socket.addressType() == Network::Address::Type::Ip) { Network::Address::InstanceConstSharedPtr original_local_address = getOriginalDst(socket); // A listener that has the use_original_dst flag set to true can still receive // connections that are NOT redirected using iptables. If a connection was not redirected, // the address returned by getOriginalDst() matches the local address of the new socket. // In this case the listener handles the connection directly and does not hand it off. if (original_local_address) { // Restore the local address to the original one. socket.restoreLocalAddress(original_local_address); } } return Network::FilterStatus::Continue; } } // namespace OriginalDst } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_dst/original_dst.h ================================================ #pragma once #include "envoy/network/filter.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalDst { /** * Implementation of an original destination listener filter. */ class OriginalDstFilter : public Network::ListenerFilter, Logger::Loggable { public: virtual Network::Address::InstanceConstSharedPtr getOriginalDst(Network::Socket& sock); // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; }; } // namespace OriginalDst } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # A filter for mirroring the downstream remote address on the upstream's source. envoy_extension_package() envoy_cc_library( name = "config_lib", srcs = ["config.cc"], hdrs = ["config.h"], deps = ["@envoy_api//envoy/extensions/filters/listener/original_src/v3:pkg_cc_proto"], ) envoy_cc_library( name = "original_src_lib", srcs = ["original_src.cc"], hdrs = ["original_src.h"], deps = [ ":config_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/network:address_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/original_src:socket_option_factory_lib", ], ) envoy_cc_extension( name = "config", # The extension build system requires a library named config srcs = ["original_src_config_factory.cc"], hdrs = ["original_src_config_factory.h"], security_posture = "robust_to_untrusted_downstream", status = "alpha", deps = [ ":config_lib", ":original_src_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/listener:well_known_names", "@envoy_api//envoy/extensions/filters/listener/original_src/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/listener/original_src/config.cc ================================================ #include "extensions/filters/listener/original_src/config.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { Config::Config(const envoy::extensions::filters::listener::original_src::v3::OriginalSrc& config) : use_port_(config.bind_port()), mark_(config.mark()) {} } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/config.h ================================================ #pragma once #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { class Config { public: Config() = default; Config(const envoy::extensions::filters::listener::original_src::v3::OriginalSrc& config); bool usePort() const { return use_port_; } uint32_t mark() const { return mark_; } private: bool use_port_ = false; uint32_t mark_ = 0; }; } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/original_src.cc ================================================ #include "extensions/filters/listener/original_src/original_src.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "common/common/assert.h" #include "extensions/filters/common/original_src/socket_option_factory.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { OriginalSrcFilter::OriginalSrcFilter(const Config& config) : config_(config) {} Network::FilterStatus OriginalSrcFilter::onAccept(Network::ListenerFilterCallbacks& cb) { auto& socket = cb.socket(); auto address = socket.remoteAddress(); ASSERT(address); ENVOY_LOG(debug, "Got a new connection in the original_src filter for address {}. Marking with {}", address->asString(), config_.mark()); if (address->type() != Network::Address::Type::Ip) { // nothing we can do with this. return Network::FilterStatus::Continue; } auto options_to_add = Filters::Common::OriginalSrc::buildOriginalSrcOptions(std::move(address), config_.mark()); socket.addOptions(std::move(options_to_add)); return Network::FilterStatus::Continue; } } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/original_src.h ================================================ #pragma once #include "envoy/network/address.h" #include "envoy/network/filter.h" #include "common/common/logger.h" #include "extensions/filters/listener/original_src/config.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { /** * Implements the Original Src network filter. This filter places the source address of the socket * into an option which will alter be used to partition upstream connections. * This does not support non-ip (e.g. AF_UNIX) connections, which will be failed and counted. */ class OriginalSrcFilter : public Network::ListenerFilter, Logger::Loggable { public: OriginalSrcFilter(const Config& config); // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; private: Config config_; }; } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/original_src_config_factory.cc ================================================ #include "extensions/filters/listener/original_src/original_src_config_factory.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/listener/original_src/config.h" #include "extensions/filters/listener/original_src/original_src.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { Network::ListenerFilterFactoryCb OriginalSrcConfigFactory::createListenerFilterFactoryFromProto( const Protobuf::Message& message, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext& context) { auto proto_config = MessageUtil::downcastAndValidate< const envoy::extensions::filters::listener::original_src::v3::OriginalSrc&>( message, context.messageValidationVisitor()); Config config(proto_config); return [listener_filter_matcher, config](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(listener_filter_matcher, std::make_unique(config)); }; } ProtobufTypes::MessagePtr OriginalSrcConfigFactory::createEmptyConfigProto() { return std::make_unique(); } /** * Static registration for the original_src filter. @see RegisterFactory. */ REGISTER_FACTORY(OriginalSrcConfigFactory, Server::Configuration::NamedListenerFilterConfigFactory){ "envoy.listener.original_src"}; } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/original_src/original_src_config_factory.h ================================================ #pragma once #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace OriginalSrc { /** * Config registration for the original_src filter. */ class OriginalSrcConfigFactory : public Server::Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message& message, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override { return ListenerFilterNames::get().OriginalSrc; } }; } // namespace OriginalSrc } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/proxy_protocol/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Proxy protocol listener filter: https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt envoy_extension_package() envoy_cc_library( name = "proxy_protocol_lib", srcs = ["proxy_protocol.cc"], hdrs = [ "proxy_protocol.h", "proxy_protocol_header.h", ], visibility = ["//visibility:public"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", "//source/extensions/filters/listener:well_known_names", "@envoy_api//envoy/extensions/filters/listener/proxy_protocol/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/listener:well_known_names", "//source/extensions/filters/listener/proxy_protocol:proxy_protocol_lib", "@envoy_api//envoy/extensions/filters/listener/proxy_protocol/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/listener/proxy_protocol/config.cc ================================================ #include #include "envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.pb.h" #include "envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace ProxyProtocol { /** * Config registration for the proxy protocol filter. @see NamedNetworkFilterConfigFactory. */ class ProxyProtocolConfigFactory : public Server::Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message& message, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext& context) override { // downcast it to the proxy protocol config const auto& proto_config = MessageUtil::downcastAndValidate< const envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol&>( message, context.messageValidationVisitor()); ConfigSharedPtr config = std::make_shared(context.scope(), proto_config); return [listener_filter_matcher, config](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(listener_filter_matcher, std::make_unique(config)); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol>(); } std::string name() const override { return ListenerFilterNames::get().ProxyProtocol; } }; /** * Static registration for the proxy protocol filter. @see RegisterFactory. */ REGISTER_FACTORY(ProxyProtocolConfigFactory, Server::Configuration::NamedListenerFilterConfigFactory){ "envoy.listener.proxy_protocol"}; } // namespace ProxyProtocol } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/proxy_protocol/proxy_protocol.cc ================================================ #include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" #include #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "extensions/common/proxy_protocol/proxy_protocol_header.h" #include "extensions/filters/listener/well_known_names.h" using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V1_SIGNATURE; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V1_SIGNATURE_LEN; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_ADDR_LEN_INET; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_ADDR_LEN_INET6; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_AF_INET; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_AF_INET6; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_HEADER_LEN; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_LOCAL; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_ONBEHALF_OF; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_SIGNATURE; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_SIGNATURE_LEN; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_TRANSPORT_DGRAM; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_TRANSPORT_STREAM; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_VERSION; namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace ProxyProtocol { Config::Config( Stats::Scope& scope, const envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol& proto_config) : stats_{ALL_PROXY_PROTOCOL_STATS(POOL_COUNTER(scope))} { for (const auto& rule : proto_config.rules()) { tlv_types_[0xFF & rule.tlv_type()] = rule.on_tlv_present(); } } const KeyValuePair* Config::isTlvTypeNeeded(uint8_t type) const { auto tlv_type = tlv_types_.find(type); if (tlv_types_.end() != tlv_type) { return &tlv_type->second; } return nullptr; } size_t Config::numberOfNeededTlvTypes() const { return tlv_types_.size(); } Network::FilterStatus Filter::onAccept(Network::ListenerFilterCallbacks& cb) { ENVOY_LOG(debug, "proxy_protocol: New connection accepted"); Network::ConnectionSocket& socket = cb.socket(); ASSERT(file_event_.get() == nullptr); file_event_ = socket.ioHandle().createFileEvent( cb.dispatcher(), [this](uint32_t events) { ASSERT(events == Event::FileReadyType::Read); onRead(); }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read); cb_ = &cb; return Network::FilterStatus::StopIteration; } void Filter::onRead() { try { onReadWorker(); } catch (const EnvoyException& ee) { config_->stats_.downstream_cx_proxy_proto_error_.inc(); cb_->continueFilterChain(false); } } void Filter::onReadWorker() { Network::ConnectionSocket& socket = cb_->socket(); if ((!proxy_protocol_header_.has_value() && !readProxyHeader(socket.ioHandle())) || (proxy_protocol_header_.has_value() && !readExtensions(socket.ioHandle()))) { // We return if a) we do not yet have the header, or b) we have the header but not yet all // the extension data. In both cases we'll be called again when the socket is ready to read // and pick up where we left off. return; } if (proxy_protocol_header_.has_value() && !proxy_protocol_header_.value().local_command_) { // If this is a local_command, we are not to override address // Error check the source and destination fields. Most errors are caught by the address // parsing above, but a malformed IPv6 address may combine with a malformed port and parse as // an IPv6 address when parsing for an IPv4 address(for v1 mode). Remote address refers to the // source address. const auto remote_version = proxy_protocol_header_.value().remote_address_->ip()->version(); const auto local_version = proxy_protocol_header_.value().local_address_->ip()->version(); if (remote_version != proxy_protocol_header_.value().protocol_version_ || local_version != proxy_protocol_header_.value().protocol_version_) { throw EnvoyException("failed to read proxy protocol"); } // Check that both addresses are valid unicast addresses, as required for TCP if (!proxy_protocol_header_.value().remote_address_->ip()->isUnicastAddress() || !proxy_protocol_header_.value().local_address_->ip()->isUnicastAddress()) { throw EnvoyException("failed to read proxy protocol"); } // Only set the local address if it really changed, and mark it as address being restored. if (*proxy_protocol_header_.value().local_address_ != *socket.localAddress()) { socket.restoreLocalAddress(proxy_protocol_header_.value().local_address_); } socket.setRemoteAddress(proxy_protocol_header_.value().remote_address_); } // Release the file event so that we do not interfere with the connection read events. file_event_.reset(); cb_->continueFilterChain(true); } size_t Filter::lenV2Address(char* buf) { const uint8_t proto_family = buf[PROXY_PROTO_V2_SIGNATURE_LEN + 1]; const int ver_cmd = buf[PROXY_PROTO_V2_SIGNATURE_LEN]; size_t len; if ((ver_cmd & 0xf) == PROXY_PROTO_V2_LOCAL) { // According to the spec there is no address encoded, len=0, and we must ignore return 0; } switch ((proto_family & 0xf0) >> 4) { case PROXY_PROTO_V2_AF_INET: len = PROXY_PROTO_V2_ADDR_LEN_INET; break; case PROXY_PROTO_V2_AF_INET6: len = PROXY_PROTO_V2_ADDR_LEN_INET6; break; default: throw EnvoyException("Unsupported V2 proxy protocol address family"); } return len; } void Filter::parseV2Header(char* buf) { const int ver_cmd = buf[PROXY_PROTO_V2_SIGNATURE_LEN]; uint8_t upper_byte = buf[PROXY_PROTO_V2_HEADER_LEN - 2]; uint8_t lower_byte = buf[PROXY_PROTO_V2_HEADER_LEN - 1]; size_t hdr_addr_len = (upper_byte << 8) + lower_byte; if ((ver_cmd & 0xf) == PROXY_PROTO_V2_LOCAL) { // This is locally-initiated, e.g. health-check, and should not override remote address proxy_protocol_header_.emplace(WireHeader{hdr_addr_len}); return; } // Only do connections on behalf of another user, not internally-driven health-checks. If // its not on behalf of someone, or its not AF_INET{6} / STREAM/DGRAM, ignore and // use the real-remote info if ((ver_cmd & 0xf) == PROXY_PROTO_V2_ONBEHALF_OF) { uint8_t proto_family = buf[PROXY_PROTO_V2_SIGNATURE_LEN + 1]; if (((proto_family & 0x0f) == PROXY_PROTO_V2_TRANSPORT_STREAM) || ((proto_family & 0x0f) == PROXY_PROTO_V2_TRANSPORT_DGRAM)) { if (((proto_family & 0xf0) >> 4) == PROXY_PROTO_V2_AF_INET) { PACKED_STRUCT(struct pp_ipv4_addr { uint32_t src_addr; uint32_t dst_addr; uint16_t src_port; uint16_t dst_port; }); pp_ipv4_addr* v4; v4 = reinterpret_cast(&buf[PROXY_PROTO_V2_HEADER_LEN]); sockaddr_in ra4, la4; memset(&ra4, 0, sizeof(ra4)); memset(&la4, 0, sizeof(la4)); ra4.sin_family = AF_INET; ra4.sin_port = v4->src_port; ra4.sin_addr.s_addr = v4->src_addr; la4.sin_family = AF_INET; la4.sin_port = v4->dst_port; la4.sin_addr.s_addr = v4->dst_addr; proxy_protocol_header_.emplace( WireHeader{hdr_addr_len - PROXY_PROTO_V2_ADDR_LEN_INET, Network::Address::IpVersion::v4, std::make_shared(&ra4), std::make_shared(&la4)}); return; } else if (((proto_family & 0xf0) >> 4) == PROXY_PROTO_V2_AF_INET6) { PACKED_STRUCT(struct pp_ipv6_addr { uint8_t src_addr[16]; uint8_t dst_addr[16]; uint16_t src_port; uint16_t dst_port; }); pp_ipv6_addr* v6; v6 = reinterpret_cast(&buf[PROXY_PROTO_V2_HEADER_LEN]); sockaddr_in6 ra6, la6; memset(&ra6, 0, sizeof(ra6)); memset(&la6, 0, sizeof(la6)); ra6.sin6_family = AF_INET6; ra6.sin6_port = v6->src_port; memcpy(ra6.sin6_addr.s6_addr, v6->src_addr, sizeof(ra6.sin6_addr.s6_addr)); la6.sin6_family = AF_INET6; la6.sin6_port = v6->dst_port; memcpy(la6.sin6_addr.s6_addr, v6->dst_addr, sizeof(la6.sin6_addr.s6_addr)); proxy_protocol_header_.emplace(WireHeader{ hdr_addr_len - PROXY_PROTO_V2_ADDR_LEN_INET6, Network::Address::IpVersion::v6, std::make_shared(ra6), std::make_shared(la6)}); return; } } } throw EnvoyException("Unsupported command or address family or transport"); } void Filter::parseV1Header(char* buf, size_t len) { std::string proxy_line; proxy_line.assign(buf, len); const auto trimmed_proxy_line = StringUtil::rtrim(proxy_line); // Parse proxy protocol line with format: PROXY TCP4/TCP6/UNKNOWN SOURCE_ADDRESS // DESTINATION_ADDRESS SOURCE_PORT DESTINATION_PORT. const auto line_parts = StringUtil::splitToken(trimmed_proxy_line, " ", true); if (line_parts.size() < 2 || line_parts[0] != "PROXY") { throw EnvoyException("failed to read proxy protocol"); } // If the line starts with UNKNOWN we know it's a proxy protocol line, so we can remove it from // the socket and continue. According to spec "real connection's parameters" should be used, so // we should NOT restore the addresses in this case. if (line_parts[1] != "UNKNOWN") { // If protocol not UNKNOWN, src and dst addresses have to be present. if (line_parts.size() != 6) { throw EnvoyException("failed to read proxy protocol"); } // TODO(gsagula): parseInternetAddressAndPort() could be modified to take two string_view // arguments, so we can eliminate allocation here. if (line_parts[1] == "TCP4") { proxy_protocol_header_.emplace( WireHeader{0, Network::Address::IpVersion::v4, Network::Utility::parseInternetAddressAndPort( std::string{line_parts[2]} + ":" + std::string{line_parts[4]}), Network::Utility::parseInternetAddressAndPort( std::string{line_parts[3]} + ":" + std::string{line_parts[5]})}); } else if (line_parts[1] == "TCP6") { proxy_protocol_header_.emplace( WireHeader{0, Network::Address::IpVersion::v6, Network::Utility::parseInternetAddressAndPort( "[" + std::string{line_parts[2]} + "]:" + std::string{line_parts[4]}), Network::Utility::parseInternetAddressAndPort( "[" + std::string{line_parts[3]} + "]:" + std::string{line_parts[5]})}); } else { throw EnvoyException("failed to read proxy protocol"); } } } bool Filter::parseExtensions(Network::IoHandle& io_handle, uint8_t* buf, size_t buf_size, size_t* buf_off) { // If we ever implement extensions elsewhere, be sure to // continue to skip and ignore those for LOCAL. while (proxy_protocol_header_.value().extensions_length_) { int to_read = std::min(buf_size, proxy_protocol_header_.value().extensions_length_); buf += (nullptr != buf_off) ? *buf_off : 0; const auto recv_result = io_handle.recv(buf, to_read, 0); if (!recv_result.ok()) { if (recv_result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { return false; } throw EnvoyException("failed to read proxy protocol (no bytes avail)"); } proxy_protocol_header_.value().extensions_length_ -= recv_result.rc_; if (nullptr != buf_off) { *buf_off += recv_result.rc_; } } return true; } /** * @note A TLV is arranged in the following format: * struct pp2_tlv { * uint8_t type; * uint8_t length_hi; * uint8_t length_lo; * uint8_t value[0]; * }; * See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details */ void Filter::parseTlvs(const std::vector& tlvs) { size_t idx{0}; while (idx < tlvs.size()) { const uint8_t tlv_type = tlvs[idx]; idx++; if ((idx + 1) >= tlvs.size()) { throw EnvoyException( fmt::format("failed to read proxy protocol extension. No bytes for TLV length. " "Extension length is {}, current index is {}, current type is {}.", tlvs.size(), idx, tlv_type)); } const uint8_t tlv_length_upper = tlvs[idx]; const uint8_t tlv_length_lower = tlvs[idx + 1]; const size_t tlv_value_length = (tlv_length_upper << 8) + tlv_length_lower; idx += 2; // Get the value. if ((idx + tlv_value_length - 1) >= tlvs.size()) { throw EnvoyException( fmt::format("failed to read proxy protocol extension. No bytes for TLV value. " "Extension length is {}, current index is {}, current type is {}, current " "value length is {}.", tlvs.size(), idx, tlv_type, tlv_length_upper)); } // Only save to dynamic metadata if this type of TLV is needed. auto key_value_pair = config_->isTlvTypeNeeded(tlv_type); if (nullptr != key_value_pair) { ProtobufWkt::Value metadata_value; metadata_value.set_string_value(reinterpret_cast(tlvs.data() + idx), tlv_value_length); std::string metadata_key = key_value_pair->metadata_namespace().empty() ? ListenerFilterNames::get().ProxyProtocol : key_value_pair->metadata_namespace(); ProtobufWkt::Struct metadata( (*cb_->dynamicMetadata().mutable_filter_metadata())[metadata_key]); metadata.mutable_fields()->insert({key_value_pair->key(), metadata_value}); cb_->setDynamicMetadata(metadata_key, metadata); } else { ENVOY_LOG(trace, "proxy_protocol: Skip TLV of type {} since it's not needed", tlv_type); } idx += tlv_value_length; ASSERT(idx <= tlvs.size()); } } bool Filter::readExtensions(Network::IoHandle& io_handle) { // Parse and discard the extensions if this is a local command or there's no TLV needs to be saved // to metadata. if (proxy_protocol_header_.value().local_command_ || 0 == config_->numberOfNeededTlvTypes()) { // buf_ is no longer in use so we re-use it to read/discard. return parseExtensions(io_handle, reinterpret_cast(buf_), sizeof(buf_), nullptr); } // Initialize the buf_tlv_ only when we need to read the TLVs. if (buf_tlv_.empty()) { buf_tlv_.resize(proxy_protocol_header_.value().extensions_length_); } // Parse until we have all the TLVs in buf_tlv. if (!parseExtensions(io_handle, buf_tlv_.data(), buf_tlv_.size(), &buf_tlv_off_)) { return false; } parseTlvs(buf_tlv_); return true; } bool Filter::readProxyHeader(Network::IoHandle& io_handle) { while (buf_off_ < MAX_PROXY_PROTO_LEN_V2) { const auto result = io_handle.recv(buf_ + buf_off_, MAX_PROXY_PROTO_LEN_V2 - buf_off_, MSG_PEEK); if (!result.ok()) { if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { return false; } throw EnvoyException("failed to read proxy protocol (no bytes read)"); } ssize_t nread = result.rc_; if (nread < 1) { throw EnvoyException("failed to read proxy protocol (no bytes read)"); } if (buf_off_ + nread >= PROXY_PROTO_V2_HEADER_LEN) { const char* sig = PROXY_PROTO_V2_SIGNATURE; if (!memcmp(buf_, sig, PROXY_PROTO_V2_SIGNATURE_LEN)) { header_version_ = V2; } else if (memcmp(buf_, PROXY_PROTO_V1_SIGNATURE, PROXY_PROTO_V1_SIGNATURE_LEN)) { // It is not v2, and can't be v1, so no sense hanging around: it is invalid throw EnvoyException("failed to read proxy protocol (exceed max v1 header len)"); } } if (header_version_ == V2) { const int ver_cmd = buf_[PROXY_PROTO_V2_SIGNATURE_LEN]; if (((ver_cmd & 0xf0) >> 4) != PROXY_PROTO_V2_VERSION) { throw EnvoyException("Unsupported V2 proxy protocol version"); } if (buf_off_ < PROXY_PROTO_V2_HEADER_LEN) { ssize_t exp = PROXY_PROTO_V2_HEADER_LEN - buf_off_; const auto read_result = io_handle.recv(buf_ + buf_off_, exp, 0); if (!result.ok() || read_result.rc_ != uint64_t(exp)) { throw EnvoyException("failed to read proxy protocol (remote closed)"); } buf_off_ += read_result.rc_; nread -= read_result.rc_; } ssize_t addr_len = lenV2Address(buf_); uint8_t upper_byte = buf_[PROXY_PROTO_V2_HEADER_LEN - 2]; uint8_t lower_byte = buf_[PROXY_PROTO_V2_HEADER_LEN - 1]; ssize_t hdr_addr_len = (upper_byte << 8) + lower_byte; if (hdr_addr_len < addr_len) { throw EnvoyException("failed to read proxy protocol (insufficient data)"); } if (ssize_t(buf_off_) + nread >= PROXY_PROTO_V2_HEADER_LEN + addr_len) { ssize_t missing = (PROXY_PROTO_V2_HEADER_LEN + addr_len) - buf_off_; const auto read_result = io_handle.recv(buf_ + buf_off_, missing, 0); if (!result.ok() || read_result.rc_ != uint64_t(missing)) { throw EnvoyException("failed to read proxy protocol (remote closed)"); } buf_off_ += read_result.rc_; parseV2Header(buf_); // The TLV remain, they are read/discard in parseExtensions() which is called from the // parent (if needed). return true; } else { const auto result = io_handle.recv(buf_ + buf_off_, nread, 0); nread = result.rc_; if (!result.ok()) { throw EnvoyException("failed to read proxy protocol (remote closed)"); } buf_off_ += nread; } } else { // continue searching buf_ from where we left off for (; search_index_ < buf_off_ + nread; search_index_++) { if (buf_[search_index_] == '\n' && buf_[search_index_ - 1] == '\r') { if (search_index_ == 1) { // This could be the binary protocol. It cannot be the ascii protocol header_version_ = InProgress; } else { header_version_ = V1; search_index_++; } break; } } // If we bailed on the first char, we might be v2, but are for sure not v1. Thus we // can read up to min(PROXY_PROTO_V2_HEADER_LEN, bytes_avail). If we bailed after first // char, but before we hit \r\n, read up to search_index_. We're asking only for // bytes we've already seen so there should be no block or fail size_t ntoread; if (header_version_ == InProgress) { ntoread = nread; } else { ntoread = search_index_ - buf_off_; } const auto result = io_handle.recv(buf_ + buf_off_, ntoread, 0); nread = result.rc_; ASSERT(result.ok() && size_t(nread) == ntoread); buf_off_ += nread; if (header_version_ == V1) { parseV1Header(buf_, buf_off_); return true; } } } throw EnvoyException("failed to read proxy protocol (exceed max v2 header len)"); } } // namespace ProxyProtocol } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/proxy_protocol/proxy_protocol.h ================================================ #pragma once #include "envoy/event/file_event.h" #include "envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.pb.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/common/proxy_protocol/proxy_protocol_header.h" #include "absl/container/flat_hash_map.h" #include "proxy_protocol_header.h" using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_ADDR_LEN_UNIX; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V2_HEADER_LEN; namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace ProxyProtocol { using KeyValuePair = envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol::KeyValuePair; /** * All stats for the proxy protocol. @see stats_macros.h */ // clang-format off #define ALL_PROXY_PROTOCOL_STATS(COUNTER) \ COUNTER(downstream_cx_proxy_proto_error) // clang-format on /** * Definition of all stats for the proxy protocol. @see stats_macros.h */ struct ProxyProtocolStats { ALL_PROXY_PROTOCOL_STATS(GENERATE_COUNTER_STRUCT) }; /** * Global configuration for Proxy Protocol listener filter. */ class Config : public Logger::Loggable { public: Config( Stats::Scope& scope, const envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol& proto_config); ProxyProtocolStats stats_; /** * Return null if the type of TLV is not needed otherwise a pointer to the KeyValuePair for * emitting to dynamic metadata. */ const KeyValuePair* isTlvTypeNeeded(uint8_t type) const; /** * Number of TLV types that need to be parsed and saved to dynamic metadata. */ size_t numberOfNeededTlvTypes() const; private: absl::flat_hash_map tlv_types_; }; using ConfigSharedPtr = std::shared_ptr; enum ProxyProtocolVersion { Unknown = -1, InProgress = -2, V1 = 1, V2 = 2 }; /** * Implementation the PROXY Protocol listener filter * (https://github.com/haproxy/haproxy/blob/master/doc/proxy-protocol.txt) * * This implementation supports Proxy Protocol v1 (TCP/UDP, v4/v6), * and Proxy Protocol v2 (TCP/UDP, v4/v6). * * Non INET (AF_UNIX) address family in v2 is not supported, will throw an error. * Extensions (TLV) in v2 are skipped over. */ class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr& config) : config_(config) {} // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; private: static const size_t MAX_PROXY_PROTO_LEN_V2 = PROXY_PROTO_V2_HEADER_LEN + PROXY_PROTO_V2_ADDR_LEN_UNIX; static const size_t MAX_PROXY_PROTO_LEN_V1 = 108; void onRead(); void onReadWorker(); /** * Helper function that attempts to read the proxy header * (delimited by \r\n if V1 format, or with length if V2) * throws EnvoyException on any socket errors. * @return bool true valid header, false if more data is needed. */ bool readProxyHeader(Network::IoHandle& io_handle); /** * Parse (and discard unknown) header extensions (until hdr.extensions_length == 0) */ bool parseExtensions(Network::IoHandle& io_handle, uint8_t* buf, size_t buf_size, size_t* buf_off = nullptr); void parseTlvs(const std::vector& tlvs); bool readExtensions(Network::IoHandle& io_handle); /** * Given a char * & len, parse the header as per spec */ void parseV1Header(char* buf, size_t len); void parseV2Header(char* buf); size_t lenV2Address(char* buf); Network::ListenerFilterCallbacks* cb_{}; Event::FileEventPtr file_event_; // The offset in buf_ that has been fully read size_t buf_off_{}; // The index in buf_ where the search for '\r\n' should continue from size_t search_index_{1}; ProxyProtocolVersion header_version_{Unknown}; // Stores the portion of the first line that has been read so far. char buf_[MAX_PROXY_PROTO_LEN_V2]; /** * Store the extension TLVs if they need to be read. */ std::vector buf_tlv_; /** * The index in buf_tlv_ that has been fully read. */ size_t buf_tlv_off_{}; ConfigSharedPtr config_; absl::optional proxy_protocol_header_; }; } // namespace ProxyProtocol } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/proxy_protocol/proxy_protocol_header.h ================================================ #pragma once #include "envoy/network/address.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace ProxyProtocol { struct WireHeader { WireHeader(size_t extensions_length) : extensions_length_(extensions_length), protocol_version_(Network::Address::IpVersion::v4), remote_address_(nullptr), local_address_(nullptr), local_command_(true) {} WireHeader(size_t extensions_length, Network::Address::IpVersion protocol_version, Network::Address::InstanceConstSharedPtr remote_address, Network::Address::InstanceConstSharedPtr local_address) : extensions_length_(extensions_length), protocol_version_(protocol_version), remote_address_(remote_address), local_address_(local_address), local_command_(false) { ASSERT(extensions_length_ <= 65535); } size_t extensions_length_; const Network::Address::IpVersion protocol_version_; const Network::Address::InstanceConstSharedPtr remote_address_; const Network::Address::InstanceConstSharedPtr local_address_; const bool local_command_; }; } // namespace ProxyProtocol } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/tls_inspector/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # TLS inspector filter for examining various TLS parameters before routing to a FilterChain. # Public docs: docs/root/configuration/listener_filters/tls_inspector.rst envoy_extension_package() envoy_cc_library( name = "tls_inspector_lib", srcs = ["tls_inspector.cc"], hdrs = ["tls_inspector.h"], external_deps = ["ssl"], # TODO(#9953) clean up. visibility = [ "//visibility:public", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/transport_sockets:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/listener:well_known_names", "//source/extensions/filters/listener/tls_inspector:tls_inspector_lib", "@envoy_api//envoy/extensions/filters/listener/tls_inspector/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/listener/tls_inspector/config.cc ================================================ #include #include "envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.pb.h" #include "envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/listener/tls_inspector/tls_inspector.h" #include "extensions/filters/listener/well_known_names.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace TlsInspector { /** * Config registration for the TLS inspector filter. @see NamedNetworkFilterConfigFactory. */ class TlsInspectorConfigFactory : public Server::Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto( const Protobuf::Message&, const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Server::Configuration::ListenerFactoryContext& context) override { ConfigSharedPtr config(new Config(context.scope())); return [listener_filter_matcher, config](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(listener_filter_matcher, std::make_unique(config)); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::filters::listener::tls_inspector::v3::TlsInspector>(); } std::string name() const override { return ListenerFilterNames::get().TlsInspector; } }; /** * Static registration for the TLS inspector filter. @see RegisterFactory. */ REGISTER_FACTORY(TlsInspectorConfigFactory, Server::Configuration::NamedListenerFilterConfigFactory){ "envoy.listener.tls_inspector"}; } // namespace TlsInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/tls_inspector/tls_inspector.cc ================================================ #include "extensions/filters/listener/tls_inspector/tls_inspector.h" #include #include #include #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "extensions/transport_sockets/well_known_names.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace TlsInspector { // Min/max TLS version recognized by the underlying TLS/SSL library. const unsigned Config::TLS_MIN_SUPPORTED_VERSION = TLS1_VERSION; const unsigned Config::TLS_MAX_SUPPORTED_VERSION = TLS1_3_VERSION; Config::Config(Stats::Scope& scope, uint32_t max_client_hello_size) : stats_{ALL_TLS_INSPECTOR_STATS(POOL_COUNTER_PREFIX(scope, "tls_inspector."))}, ssl_ctx_(SSL_CTX_new(TLS_with_buffers_method())), max_client_hello_size_(max_client_hello_size) { if (max_client_hello_size_ > TLS_MAX_CLIENT_HELLO) { throw EnvoyException(fmt::format("max_client_hello_size of {} is greater than maximum of {}.", max_client_hello_size_, size_t(TLS_MAX_CLIENT_HELLO))); } SSL_CTX_set_min_proto_version(ssl_ctx_.get(), TLS_MIN_SUPPORTED_VERSION); SSL_CTX_set_max_proto_version(ssl_ctx_.get(), TLS_MAX_SUPPORTED_VERSION); SSL_CTX_set_options(ssl_ctx_.get(), SSL_OP_NO_TICKET); SSL_CTX_set_session_cache_mode(ssl_ctx_.get(), SSL_SESS_CACHE_OFF); SSL_CTX_set_select_certificate_cb( ssl_ctx_.get(), [](const SSL_CLIENT_HELLO* client_hello) -> ssl_select_cert_result_t { const uint8_t* data; size_t len; if (SSL_early_callback_ctx_extension_get( client_hello, TLSEXT_TYPE_application_layer_protocol_negotiation, &data, &len)) { Filter* filter = static_cast(SSL_get_app_data(client_hello->ssl)); filter->onALPN(data, len); } return ssl_select_cert_success; }); SSL_CTX_set_tlsext_servername_callback( ssl_ctx_.get(), [](SSL* ssl, int* out_alert, void*) -> int { Filter* filter = static_cast(SSL_get_app_data(ssl)); filter->onServername( absl::NullSafeStringView(SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name))); // Return an error to stop the handshake; we have what we wanted already. *out_alert = SSL_AD_USER_CANCELLED; return SSL_TLSEXT_ERR_ALERT_FATAL; }); } bssl::UniquePtr Config::newSsl() { return bssl::UniquePtr{SSL_new(ssl_ctx_.get())}; } thread_local uint8_t Filter::buf_[Config::TLS_MAX_CLIENT_HELLO]; Filter::Filter(const ConfigSharedPtr config) : config_(config), ssl_(config_->newSsl()) { RELEASE_ASSERT(sizeof(buf_) >= config_->maxClientHelloSize(), ""); SSL_set_app_data(ssl_.get(), this); SSL_set_accept_state(ssl_.get()); } Network::FilterStatus Filter::onAccept(Network::ListenerFilterCallbacks& cb) { ENVOY_LOG(debug, "tls inspector: new connection accepted"); Network::ConnectionSocket& socket = cb.socket(); ASSERT(file_event_ == nullptr); cb_ = &cb; ParseState parse_state = onRead(); switch (parse_state) { case ParseState::Error: // As per discussion in https://github.com/envoyproxy/envoy/issues/7864 // we don't add new enum in FilterStatus so we have to signal the caller // the new condition. cb.socket().close(); return Network::FilterStatus::StopIteration; case ParseState::Done: return Network::FilterStatus::Continue; case ParseState::Continue: // do nothing but create the event file_event_ = socket.ioHandle().createFileEvent( cb.dispatcher(), [this](uint32_t events) { if (events & Event::FileReadyType::Closed) { config_->stats().connection_closed_.inc(); done(false); return; } ASSERT(events == Event::FileReadyType::Read); ParseState parse_state = onRead(); switch (parse_state) { case ParseState::Error: done(false); break; case ParseState::Done: done(true); break; case ParseState::Continue: // do nothing but wait for the next event break; } }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read | Event::FileReadyType::Closed); return Network::FilterStatus::StopIteration; } NOT_REACHED_GCOVR_EXCL_LINE; } void Filter::onALPN(const unsigned char* data, unsigned int len) { CBS wire, list; CBS_init(&wire, reinterpret_cast(data), static_cast(len)); if (!CBS_get_u16_length_prefixed(&wire, &list) || CBS_len(&wire) != 0 || CBS_len(&list) < 2) { // Don't produce errors, let the real TLS stack do it. return; } CBS name; std::vector protocols; while (CBS_len(&list) > 0) { if (!CBS_get_u8_length_prefixed(&list, &name) || CBS_len(&name) == 0) { // Don't produce errors, let the real TLS stack do it. return; } protocols.emplace_back(reinterpret_cast(CBS_data(&name)), CBS_len(&name)); } cb_->socket().setRequestedApplicationProtocols(protocols); alpn_found_ = true; } void Filter::onServername(absl::string_view name) { if (!name.empty()) { config_->stats().sni_found_.inc(); cb_->socket().setRequestedServerName(name); ENVOY_LOG(debug, "tls:onServerName(), requestedServerName: {}", name); } else { config_->stats().sni_not_found_.inc(); } clienthello_success_ = true; } ParseState Filter::onRead() { // This receive code is somewhat complicated, because it must be done as a MSG_PEEK because // there is no way for a listener-filter to pass payload data to the ConnectionImpl and filters // that get created later. // // The file_event_ in this class gets events every time new data is available on the socket, // even if previous data has not been read, which is always the case due to MSG_PEEK. When // the TlsInspector completes and passes the socket along, a new FileEvent is created for the // socket, so that new event is immediately signaled as readable because it is new and the socket // is readable, even though no new events have occurred. // // TODO(ggreenway): write an integration test to ensure the events work as expected on all // platforms. const auto result = cb_->socket().ioHandle().recv(buf_, config_->maxClientHelloSize(), MSG_PEEK); ENVOY_LOG(trace, "tls inspector: recv: {}", result.rc_); if (!result.ok()) { if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { return ParseState::Continue; } config_->stats().read_error_.inc(); return ParseState::Error; } // Because we're doing a MSG_PEEK, data we've seen before gets returned every time, so // skip over what we've already processed. if (static_cast(result.rc_) > read_) { const uint8_t* data = buf_ + read_; const size_t len = result.rc_ - read_; read_ = result.rc_; return parseClientHello(data, len); } return ParseState::Continue; } void Filter::done(bool success) { ENVOY_LOG(trace, "tls inspector: done: {}", success); file_event_.reset(); cb_->continueFilterChain(success); } ParseState Filter::parseClientHello(const void* data, size_t len) { // Ownership is passed to ssl_ in SSL_set_bio() bssl::UniquePtr bio(BIO_new_mem_buf(data, len)); // Make the mem-BIO return that there is more data // available beyond it's end BIO_set_mem_eof_return(bio.get(), -1); SSL_set_bio(ssl_.get(), bio.get(), bio.get()); bio.release(); int ret = SSL_do_handshake(ssl_.get()); // This should never succeed because an error is always returned from the SNI callback. ASSERT(ret <= 0); switch (SSL_get_error(ssl_.get(), ret)) { case SSL_ERROR_WANT_READ: if (read_ == config_->maxClientHelloSize()) { // We've hit the specified size limit. This is an unreasonably large ClientHello; // indicate failure. config_->stats().client_hello_too_large_.inc(); return ParseState::Error; } return ParseState::Continue; case SSL_ERROR_SSL: if (clienthello_success_) { config_->stats().tls_found_.inc(); if (alpn_found_) { config_->stats().alpn_found_.inc(); } else { config_->stats().alpn_not_found_.inc(); } cb_->socket().setDetectedTransportProtocol( TransportSockets::TransportProtocolNames::get().Tls); } else { config_->stats().tls_not_found_.inc(); } return ParseState::Done; default: return ParseState::Error; } } } // namespace TlsInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/tls_inspector/tls_inspector.h ================================================ #pragma once #include "envoy/event/file_event.h" #include "envoy/event/timer.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { namespace TlsInspector { /** * All stats for the TLS inspector. @see stats_macros.h */ #define ALL_TLS_INSPECTOR_STATS(COUNTER) \ COUNTER(connection_closed) \ COUNTER(client_hello_too_large) \ COUNTER(read_error) \ COUNTER(tls_found) \ COUNTER(tls_not_found) \ COUNTER(alpn_found) \ COUNTER(alpn_not_found) \ COUNTER(sni_found) \ COUNTER(sni_not_found) /** * Definition of all stats for the TLS inspector. @see stats_macros.h */ struct TlsInspectorStats { ALL_TLS_INSPECTOR_STATS(GENERATE_COUNTER_STRUCT) }; enum class ParseState { // Parse result is out. It could be tls or not. Done, // Parser expects more data. Continue, // Parser reports unrecoverable error. Error }; /** * Global configuration for TLS inspector. */ class Config { public: Config(Stats::Scope& scope, uint32_t max_client_hello_size = TLS_MAX_CLIENT_HELLO); const TlsInspectorStats& stats() const { return stats_; } bssl::UniquePtr newSsl(); uint32_t maxClientHelloSize() const { return max_client_hello_size_; } static constexpr size_t TLS_MAX_CLIENT_HELLO = 64 * 1024; static const unsigned TLS_MIN_SUPPORTED_VERSION; static const unsigned TLS_MAX_SUPPORTED_VERSION; private: TlsInspectorStats stats_; bssl::UniquePtr ssl_ctx_; const uint32_t max_client_hello_size_; }; using ConfigSharedPtr = std::shared_ptr; /** * TLS inspector listener filter. */ class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr config); // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; private: ParseState parseClientHello(const void* data, size_t len); ParseState onRead(); void done(bool success); void onALPN(const unsigned char* data, unsigned int len); void onServername(absl::string_view name); ConfigSharedPtr config_; Network::ListenerFilterCallbacks* cb_; Event::FileEventPtr file_event_; bssl::UniquePtr ssl_; uint64_t read_{0}; bool alpn_found_{false}; bool clienthello_success_{false}; static thread_local uint8_t buf_[Config::TLS_MAX_CLIENT_HELLO]; // Allows callbacks on the SSL_CTX to set fields in this class. friend class Config; }; } // namespace TlsInspector } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/listener/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace ListenerFilters { /** * Well-known listener filter names. * NOTE: New filters should use the well known name: envoy.filters.listener.name. */ class ListenerFilterNameValues { public: // HTTP Inspector listener filter const std::string HttpInspector = "envoy.filters.listener.http_inspector"; // Original destination listener filter const std::string OriginalDst = "envoy.filters.listener.original_dst"; // Original source listener filter const std::string OriginalSrc = "envoy.filters.listener.original_src"; // Proxy Protocol listener filter const std::string ProxyProtocol = "envoy.filters.listener.proxy_protocol"; // TLS Inspector listener filter const std::string TlsInspector = "envoy.filters.listener.tls_inspector"; }; using ListenerFilterNames = ConstSingleton; } // namespace ListenerFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # Well known names are public. visibility = ["//visibility:public"], deps = [ "//source/common/config:well_known_names", "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/filters/network/client_ssl_auth/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Client SSL authorization L4 network filter # Public docs: docs/root/configuration/network_filters/client_ssl_auth_filter.rst envoy_extension_package() envoy_cc_library( name = "client_ssl_auth", srcs = ["client_ssl_auth.cc"], hdrs = ["client_ssl_auth.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_macros", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/http:rest_api_fetcher_lib", "//source/common/http:utility_lib", "//source/common/json:json_loader_lib", "//source/common/network:cidr_range_lib", "//source/common/network:utility_lib", "@envoy_api//envoy/extensions/filters/network/client_ssl_auth/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":client_ssl_auth", "//include/envoy/registry", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/client_ssl_auth/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/client_ssl_auth/client_ssl_auth.cc ================================================ #include "extensions/filters/network/client_ssl_auth/client_ssl_auth.h" #include #include #include #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/network/connection.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/json/json_loader.h" #include "common/network/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ClientSslAuth { ClientSslAuthConfig::ClientSslAuthConfig( const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Stats::Scope& scope, Random::RandomGenerator& random) : RestApiFetcher( cm, config.auth_api_cluster(), dispatcher, random, std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, refresh_delay, 60000)), std::chrono::milliseconds(1000)), tls_(tls.allocateSlot()), ip_allowlist_(config.ip_white_list()), stats_(generateStats(scope, config.stat_prefix())) { if (!cm.get(remote_cluster_name_)) { throw EnvoyException( fmt::format("unknown cluster '{}' in client ssl auth config", remote_cluster_name_)); } AllowedPrincipalsSharedPtr empty(new AllowedPrincipals()); tls_->set( [empty](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return empty; }); } ClientSslAuthConfigSharedPtr ClientSslAuthConfig::create( const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Stats::Scope& scope, Random::RandomGenerator& random) { ClientSslAuthConfigSharedPtr new_config( new ClientSslAuthConfig(config, tls, cm, dispatcher, scope, random)); new_config->initialize(); return new_config; } const AllowedPrincipals& ClientSslAuthConfig::allowedPrincipals() { return tls_->getTyped(); } GlobalStats ClientSslAuthConfig::generateStats(Stats::Scope& scope, const std::string& prefix) { std::string final_prefix = fmt::format("auth.clientssl.{}.", prefix); GlobalStats stats{ALL_CLIENT_SSL_AUTH_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; return stats; } void ClientSslAuthConfig::parseResponse(const Http::ResponseMessage& message) { AllowedPrincipalsSharedPtr new_principals(new AllowedPrincipals()); Json::ObjectSharedPtr loader = Json::Factory::loadFromString(message.bodyAsString()); for (const Json::ObjectSharedPtr& certificate : loader->getObjectArray("certificates")) { new_principals->add(certificate->getString("fingerprint_sha256")); } tls_->set([new_principals](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return new_principals; }); stats_.update_success_.inc(); stats_.total_principals_.set(new_principals->size()); } void ClientSslAuthConfig::onFetchFailure(Config::ConfigUpdateFailureReason, const EnvoyException*) { stats_.update_failure_.inc(); } static const std::string Path = "/v1/certs/list/approved"; void ClientSslAuthConfig::createRequest(Http::RequestMessage& request) { request.headers().setReferenceMethod(Http::Headers::get().MethodValues.Get); request.headers().setPath(Path); } Network::FilterStatus ClientSslAuthFilter::onData(Buffer::Instance&, bool) { return Network::FilterStatus::Continue; } Network::FilterStatus ClientSslAuthFilter::onNewConnection() { // If this is not an SSL connection, do no further checking. High layers should redirect, etc. // if SSL is required. if (!read_callbacks_->connection().ssl()) { config_->stats().auth_no_ssl_.inc(); return Network::FilterStatus::Continue; } else { // Otherwise we need to wait for handshake to be complete before proceeding. return Network::FilterStatus::StopIteration; } } void ClientSslAuthFilter::onEvent(Network::ConnectionEvent event) { if (event != Network::ConnectionEvent::Connected) { return; } ASSERT(read_callbacks_->connection().ssl()); if (config_->ipAllowlist().contains(*read_callbacks_->connection().remoteAddress())) { config_->stats().auth_ip_allowlist_.inc(); read_callbacks_->continueReading(); return; } if (!config_->allowedPrincipals().allowed( read_callbacks_->connection().ssl()->sha256PeerCertificateDigest())) { config_->stats().auth_digest_no_match_.inc(); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return; } config_->stats().auth_digest_match_.inc(); read_callbacks_->continueReading(); } } // namespace ClientSslAuth } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h ================================================ #pragma once #include #include #include #include "envoy/common/random_generator.h" #include "envoy/config/subscription.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/rest_api_fetcher.h" #include "common/network/cidr_range.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ClientSslAuth { /** * All client SSL auth stats. @see stats_macros.h */ #define ALL_CLIENT_SSL_AUTH_STATS(COUNTER, GAUGE) \ COUNTER(auth_digest_match) \ COUNTER(auth_digest_no_match) \ COUNTER(auth_ip_allowlist) \ COUNTER(auth_no_ssl) \ COUNTER(update_failure) \ COUNTER(update_success) \ GAUGE(total_principals, NeverImport) /** * Struct definition for all client SSL auth stats. @see stats_macros.h */ struct GlobalStats { ALL_CLIENT_SSL_AUTH_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Wraps the principals currently allowed to authenticate. */ class AllowedPrincipals : public ThreadLocal::ThreadLocalObject { public: void add(const std::string& sha256_digest) { if (!sha256_digest.empty()) { allowed_sha256_digests_.emplace(sha256_digest); } } bool allowed(const std::string& sha256_digest) const { return allowed_sha256_digests_.count(sha256_digest) != 0; } size_t size() const { return allowed_sha256_digests_.size(); } private: absl::node_hash_set allowed_sha256_digests_; }; using AllowedPrincipalsSharedPtr = std::shared_ptr; class ClientSslAuthConfig; using ClientSslAuthConfigSharedPtr = std::shared_ptr; /** * Global configuration for client SSL authentication. The config contacts a JSON API to fetch the * list of allowed principals, caches it, then makes auth decisions on it and any associated IP * allowlist. */ class ClientSslAuthConfig : public Http::RestApiFetcher { public: static ClientSslAuthConfigSharedPtr create(const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Stats::Scope& scope, Random::RandomGenerator& random); const AllowedPrincipals& allowedPrincipals(); const Network::Address::IpList& ipAllowlist() { return ip_allowlist_; } GlobalStats& stats() { return stats_; } private: ClientSslAuthConfig( const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Stats::Scope& scope, Random::RandomGenerator& random); static GlobalStats generateStats(Stats::Scope& scope, const std::string& prefix); // Http::RestApiFetcher void createRequest(Http::RequestMessage& request) override; void parseResponse(const Http::ResponseMessage& response) override; void onFetchComplete() override {} void onFetchFailure(Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; ThreadLocal::SlotPtr tls_; Network::Address::IpList ip_allowlist_; GlobalStats stats_; }; /** * A client SSL auth filter instance. One per connection. */ class ClientSslAuthFilter : public Network::ReadFilter, public Network::ConnectionCallbacks { public: ClientSslAuthFilter(ClientSslAuthConfigSharedPtr config) : config_(config) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; read_callbacks_->connection().addConnectionCallbacks(*this); } // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} private: ClientSslAuthConfigSharedPtr config_; Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace ClientSslAuth } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/client_ssl_auth/config.cc ================================================ #include "extensions/filters/network/client_ssl_auth/config.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" #include "extensions/filters/network/client_ssl_auth/client_ssl_auth.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ClientSslAuth { Network::FilterFactoryCb ClientSslAuthConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.auth_api_cluster().empty()); ASSERT(!proto_config.stat_prefix().empty()); ClientSslAuthConfigSharedPtr filter_config(ClientSslAuthConfig::create( proto_config, context.threadLocal(), context.clusterManager(), context.dispatcher(), context.scope(), context.api().randomGenerator())); return [filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared(filter_config)); }; } /** * Static registration for the client SSL auth filter. @see RegisterFactory. */ REGISTER_FACTORY(ClientSslAuthConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.client_ssl_auth"}; } // namespace ClientSslAuth } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/client_ssl_auth/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ClientSslAuth { /** * Config registration for the client SSL auth filter. @see NamedNetworkFilterConfigFactory. */ class ClientSslAuthConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth> { public: ClientSslAuthConfigFactory() : FactoryBase(NetworkFilterNames::get().ClientSslAuth) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::client_ssl_auth::v3::ClientSSLAuth& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace ClientSslAuth } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], # Used by core. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ "//include/envoy/server:filter_config_interface", "//source/extensions/common:utility_lib", ], ) envoy_cc_library( name = "utility_lib", hdrs = ["utility.h"], # Used by core. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ "//include/envoy/runtime:runtime_interface", "//source/common/common:macros", "//source/extensions/common:utility_lib", "//source/extensions/filters/network:well_known_names", ], ) ================================================ FILE: source/extensions/filters/network/common/factory_base.h ================================================ #pragma once #include "envoy/server/filter_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/upstream/upstream.h" #include "common/common/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { /** * Common base class for network filter factory registrations. Removes a substantial amount of * boilerplate. */ template class FactoryBase : public Server::Configuration::NamedNetworkFilterConfigFactory { public: Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& proto_config, Server::Configuration::FactoryContext& context) override { return createFilterFactoryFromProtoTyped(MessageUtil::downcastAndValidate( proto_config, context.messageValidationVisitor()), context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } ProtobufTypes::MessagePtr createEmptyProtocolOptionsProto() override { return std::make_unique(); } Upstream::ProtocolOptionsConfigConstSharedPtr createProtocolOptionsConfig( const Protobuf::Message& proto_config, Server::Configuration::ProtocolOptionsFactoryContext& factory_context) override { return createProtocolOptionsTyped(MessageUtil::downcastAndValidate( proto_config, factory_context.messageValidationVisitor()), factory_context); } std::string name() const override { return name_; } bool isTerminalFilter() override { return is_terminal_filter_; } protected: FactoryBase(const std::string& name, bool is_terminal = false) : name_(name), is_terminal_filter_(is_terminal) {} private: virtual Network::FilterFactoryCb createFilterFactoryFromProtoTyped(const ConfigProto& proto_config, Server::Configuration::FactoryContext& context) PURE; virtual Upstream::ProtocolOptionsConfigConstSharedPtr createProtocolOptionsTyped(const ProtocolOptionsProto&, Server::Configuration::ProtocolOptionsFactoryContext&) { ExceptionUtil::throwEnvoyException( fmt::format("filter {} does not support protocol options", name_)); } const std::string name_; const bool is_terminal_filter_; }; } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "codec_interface", hdrs = ["codec.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "utility_interface", hdrs = ["utility.h"], deps = [":codec_interface"], ) envoy_cc_library( name = "codec_lib", srcs = ["codec_impl.cc"], hdrs = ["codec_impl.h"], deps = [ ":codec_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "supported_commands_lib", hdrs = ["supported_commands.h"], deps = [ "//source/common/common:macros", ], ) envoy_cc_library( name = "client_interface", hdrs = ["client.h"], deps = [ ":codec_lib", ":redis_command_stats_lib", "//include/envoy/upstream:cluster_manager_interface", ], ) envoy_cc_library( name = "client_lib", srcs = ["client_impl.cc"], hdrs = ["client_impl.h"], deps = [ ":client_interface", ":codec_lib", ":utility_lib", "//include/envoy/router:router_interface", "//include/envoy/stats:timespan_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/network:filter_lib", "//source/common/protobuf:utility_lib", "//source/common/upstream:load_balancer_lib", "//source/common/upstream:upstream_lib", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [ ":codec_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "redis_command_stats_lib", srcs = ["redis_command_stats.cc"], hdrs = ["redis_command_stats.h"], deps = [ ":codec_interface", ":supported_commands_lib", "//include/envoy/stats:stats_interface", "//include/envoy/stats:timespan_interface", "//source/common/common:utility_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:timespan_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "fault_interface", hdrs = ["fault.h"], deps = [ "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "fault_lib", srcs = ["fault_impl.cc"], hdrs = ["fault_impl.h"], deps = [ ":codec_lib", ":fault_interface", "//include/envoy/common:random_generator_interface", "//include/envoy/upstream:upstream_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/common/redis/client.h ================================================ #pragma once #include #include "envoy/upstream/cluster_manager.h" #include "extensions/filters/network/common/redis/codec_impl.h" #include "extensions/filters/network/common/redis/redis_command_stats.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { namespace Client { /** * A handle to an outbound request. */ class PoolRequest { public: virtual ~PoolRequest() = default; /** * Cancel the request. No further request callbacks will be called. */ virtual void cancel() PURE; }; /** * Outbound request callbacks. */ class ClientCallbacks { public: virtual ~ClientCallbacks() = default; /** * Called when a pipelined response is received. * @param value supplies the response which is now owned by the callee. */ virtual void onResponse(RespValuePtr&& value) PURE; /** * Called when a network/protocol error occurs and there is no response. */ virtual void onFailure() PURE; /** * Called when a MOVED or ASK redirection error is received, and the request must be retried. * @param value supplies the MOVED error response * @param host_address supplies the redirection host address and port * @param ask_redirection indicates if this is a ASK redirection * @return bool true if the request is successfully redirected, false otherwise */ virtual bool onRedirection(RespValuePtr&& value, const std::string& host_address, bool ask_redirection) PURE; }; /** * DoNothingPoolCallbacks is used for internally generated commands whose response is * transparently filtered, and redirection never occurs (e.g., "asking", "auth", etc.). */ class DoNothingPoolCallbacks : public ClientCallbacks { public: // ClientCallbacks void onResponse(Common::Redis::RespValuePtr&&) override {} void onFailure() override {} bool onRedirection(Common::Redis::RespValuePtr&&, const std::string&, bool) override { return false; } }; /** * A single redis client connection. */ class Client : public Event::DeferredDeletable { public: ~Client() override = default; /** * Adds network connection callbacks to the underlying network connection. */ virtual void addConnectionCallbacks(Network::ConnectionCallbacks& callbacks) PURE; /** * Called to determine if the client has pending requests. * @return bool true if the client is processing requests or false if it is currently idle. */ virtual bool active() PURE; /** * Closes the underlying network connection. */ virtual void close() PURE; /** * Make a pipelined request to the remote redis server. * @param request supplies the RESP request to make. * @param callbacks supplies the request callbacks. * @return PoolRequest* a handle to the active request or nullptr if the request could not be made * for some reason. */ virtual PoolRequest* makeRequest(const RespValue& request, ClientCallbacks& callbacks) PURE; /** * Initialize the connection. Issue the auth command and readonly command as needed. * @param auth password for upstream host. */ virtual void initialize(const std::string& auth_username, const std::string& auth_password) PURE; }; using ClientPtr = std::unique_ptr; /** * Read policy to use for Redis cluster. */ enum class ReadPolicy { Primary, PreferPrimary, Replica, PreferReplica, Any }; /** * Configuration for a redis connection pool. */ class Config { public: virtual ~Config() = default; /** * @return std::chrono::milliseconds the timeout for an individual redis operation. Currently, * all operations use the same timeout. */ virtual std::chrono::milliseconds opTimeout() const PURE; /** * @return bool disable outlier events even if the cluster has it enabled. This is used by the * healthchecker's connection pool to avoid double counting active healthcheck operations as * passive healthcheck operations. */ virtual bool disableOutlierEvents() const PURE; /** * @return when enabled, a hash tagging function will be used to guarantee that keys with the * same hash tag will be forwarded to the same upstream. */ virtual bool enableHashtagging() const PURE; /** * @return when enabled, moved/ask redirection errors from upstream redis servers will be * processed. */ virtual bool enableRedirection() const PURE; /** * @return buffer size for batching commands for a single upstream host. */ virtual uint32_t maxBufferSizeBeforeFlush() const PURE; /** * @return timeout for batching commands for a single upstream host. */ virtual std::chrono::milliseconds bufferFlushTimeoutInMs() const PURE; /** * @return the maximum number of upstream connections to unknown hosts when enableRedirection() is * true. * * This value acts as an upper bound on the number of servers in a cluster if only a subset * of the cluster's servers are known via configuration (cluster size - number of servers in * cluster known to cluster manager <= maxUpstreamUnknownConnections() for proper operation). * Redirection errors are processed if enableRedirection() is true, and a new upstream connection * to a previously unknown server will be made as a result of redirection if the number of unknown * server connections is currently less than maxUpstreamUnknownConnections(). If a connection * cannot be made, then the original redirection error will be passed though unchanged to the * downstream client. If a cluster is using the Redis cluster protocol (RedisCluster), then the * cluster logic will periodically discover all of the servers in the cluster; this should * minimize the need for a large maxUpstreamUnknownConnections() value. */ virtual uint32_t maxUpstreamUnknownConnections() const PURE; /** * @return when enabled, upstream cluster per-command statistics will be recorded. */ virtual bool enableCommandStats() const PURE; /** * @return the read policy the proxy should use. */ virtual ReadPolicy readPolicy() const PURE; }; using ConfigSharedPtr = std::shared_ptr; /** * A factory for individual redis client connections. */ class ClientFactory { public: virtual ~ClientFactory() = default; /** * Create a client given an upstream host. * @param host supplies the upstream host. * @param dispatcher supplies the owning thread's dispatcher. * @param config supplies the connection pool configuration. * @param redis_command_stats supplies the redis command stats. * @param scope supplies the stats scope. * @param auth password for upstream host. * @return ClientPtr a new connection pool client. */ virtual ClientPtr create(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope, const std::string& auth_username, const std::string& auth_password) PURE; }; } // namespace Client } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/client_impl.cc ================================================ #include "extensions/filters/network/common/redis/client_impl.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { namespace Client { namespace { // null_pool_callbacks is used for requests that must be filtered and not redirected such as // "asking". Common::Redis::Client::DoNothingPoolCallbacks null_pool_callbacks; } // namespace ConfigImpl::ConfigImpl( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings& config) : op_timeout_(PROTOBUF_GET_MS_REQUIRED(config, op_timeout)), enable_hashtagging_(config.enable_hashtagging()), enable_redirection_(config.enable_redirection()), max_buffer_size_before_flush_( config.max_buffer_size_before_flush()), // This is a scalar, so default is zero. buffer_flush_timeout_(PROTOBUF_GET_MS_OR_DEFAULT( config, buffer_flush_timeout, 3)), // Default timeout is 3ms. If max_buffer_size_before_flush is zero, this is not used // as the buffer is flushed on each request immediately. max_upstream_unknown_connections_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_upstream_unknown_connections, 100)), enable_command_stats_(config.enable_command_stats()) { switch (config.read_policy()) { case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings::MASTER: read_policy_ = ReadPolicy::Primary; break; case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings:: PREFER_MASTER: read_policy_ = ReadPolicy::PreferPrimary; break; case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings::REPLICA: read_policy_ = ReadPolicy::Replica; break; case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings:: PREFER_REPLICA: read_policy_ = ReadPolicy::PreferReplica; break; case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings::ANY: read_policy_ = ReadPolicy::Any; break; default: NOT_REACHED_GCOVR_EXCL_LINE; break; } } ClientPtr ClientImpl::create(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, EncoderPtr&& encoder, DecoderFactory& decoder_factory, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope) { auto client = std::make_unique(host, dispatcher, std::move(encoder), decoder_factory, config, redis_command_stats, scope); client->connection_ = host->createConnection(dispatcher, nullptr, nullptr).connection_; client->connection_->addConnectionCallbacks(*client); client->connection_->addReadFilter(Network::ReadFilterSharedPtr{new UpstreamReadFilter(*client)}); client->connection_->connect(); client->connection_->noDelay(true); return client; } ClientImpl::ClientImpl(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, EncoderPtr&& encoder, DecoderFactory& decoder_factory, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope) : host_(host), encoder_(std::move(encoder)), decoder_(decoder_factory.create(*this)), config_(config), connect_or_op_timer_(dispatcher.createTimer([this]() { onConnectOrOpTimeout(); })), flush_timer_(dispatcher.createTimer([this]() { flushBufferAndResetTimer(); })), time_source_(dispatcher.timeSource()), redis_command_stats_(redis_command_stats), scope_(scope) { host->cluster().stats().upstream_cx_total_.inc(); host->stats().cx_total_.inc(); host->cluster().stats().upstream_cx_active_.inc(); host->stats().cx_active_.inc(); connect_or_op_timer_->enableTimer(host->cluster().connectTimeout()); } ClientImpl::~ClientImpl() { ASSERT(pending_requests_.empty()); ASSERT(connection_->state() == Network::Connection::State::Closed); host_->cluster().stats().upstream_cx_active_.dec(); host_->stats().cx_active_.dec(); } void ClientImpl::close() { connection_->close(Network::ConnectionCloseType::NoFlush); } void ClientImpl::flushBufferAndResetTimer() { if (flush_timer_->enabled()) { flush_timer_->disableTimer(); } connection_->write(encoder_buffer_, false); } PoolRequest* ClientImpl::makeRequest(const RespValue& request, ClientCallbacks& callbacks) { ASSERT(connection_->state() == Network::Connection::State::Open); const bool empty_buffer = encoder_buffer_.length() == 0; Stats::StatName command; if (config_.enableCommandStats()) { // Only lowercase command and get StatName if we enable command stats command = redis_command_stats_->getCommandFromRequest(request); redis_command_stats_->updateStatsTotal(scope_, command); } else { // If disabled, we use a placeholder stat name "unused" that is not used command = redis_command_stats_->getUnusedStatName(); } pending_requests_.emplace_back(*this, callbacks, command); encoder_->encode(request, encoder_buffer_); // If buffer is full, flush. If the buffer was empty before the request, start the timer. if (encoder_buffer_.length() >= config_.maxBufferSizeBeforeFlush()) { flushBufferAndResetTimer(); } else if (empty_buffer) { flush_timer_->enableTimer(std::chrono::milliseconds(config_.bufferFlushTimeoutInMs())); } // Only boost the op timeout if: // - We are not already connected. Otherwise, we are governed by the connect timeout and the timer // will be reset when/if connection occurs. This allows a relatively long connection spin up // time for example if TLS is being used. // - This is the first request on the pipeline. Otherwise the timeout would effectively start on // the last operation. if (connected_ && pending_requests_.size() == 1) { connect_or_op_timer_->enableTimer(config_.opTimeout()); } return &pending_requests_.back(); } void ClientImpl::onConnectOrOpTimeout() { putOutlierEvent(Upstream::Outlier::Result::LocalOriginTimeout); if (connected_) { host_->cluster().stats().upstream_rq_timeout_.inc(); host_->stats().rq_timeout_.inc(); } else { host_->cluster().stats().upstream_cx_connect_timeout_.inc(); host_->stats().cx_connect_fail_.inc(); } connection_->close(Network::ConnectionCloseType::NoFlush); } void ClientImpl::onData(Buffer::Instance& data) { try { decoder_->decode(data); } catch (ProtocolError&) { putOutlierEvent(Upstream::Outlier::Result::ExtOriginRequestFailed); host_->cluster().stats().upstream_cx_protocol_error_.inc(); host_->stats().rq_error_.inc(); connection_->close(Network::ConnectionCloseType::NoFlush); } } void ClientImpl::putOutlierEvent(Upstream::Outlier::Result result) { if (!config_.disableOutlierEvents()) { host_->outlierDetector().putResult(result); } } void ClientImpl::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { Upstream::reportUpstreamCxDestroy(host_, event); if (!pending_requests_.empty()) { Upstream::reportUpstreamCxDestroyActiveRequest(host_, event); if (event == Network::ConnectionEvent::RemoteClose) { putOutlierEvent(Upstream::Outlier::Result::LocalOriginConnectFailed); } } while (!pending_requests_.empty()) { PendingRequest& request = pending_requests_.front(); if (!request.canceled_) { request.callbacks_.onFailure(); } else { host_->cluster().stats().upstream_rq_cancelled_.inc(); } pending_requests_.pop_front(); } connect_or_op_timer_->disableTimer(); } else if (event == Network::ConnectionEvent::Connected) { connected_ = true; ASSERT(!pending_requests_.empty()); connect_or_op_timer_->enableTimer(config_.opTimeout()); } if (event == Network::ConnectionEvent::RemoteClose && !connected_) { host_->cluster().stats().upstream_cx_connect_fail_.inc(); host_->stats().cx_connect_fail_.inc(); } } void ClientImpl::onRespValue(RespValuePtr&& value) { ASSERT(!pending_requests_.empty()); PendingRequest& request = pending_requests_.front(); const bool canceled = request.canceled_; if (config_.enableCommandStats()) { bool success = !canceled && (value->type() != Common::Redis::RespType::Error); redis_command_stats_->updateStats(scope_, request.command_, success); request.command_request_timer_->complete(); } request.aggregate_request_timer_->complete(); ClientCallbacks& callbacks = request.callbacks_; // We need to ensure the request is popped before calling the callback, since the callback might // result in closing the connection. pending_requests_.pop_front(); if (canceled) { host_->cluster().stats().upstream_rq_cancelled_.inc(); } else if (config_.enableRedirection() && (value->type() == Common::Redis::RespType::Error)) { std::vector err = StringUtil::splitToken(value->asString(), " ", false); bool redirected = false; if (err.size() == 3) { // MOVED and ASK redirection errors have the following substrings: MOVED or ASK (err[0]), hash // key slot (err[1]), and IP address and TCP port separated by a colon (err[2]) if (err[0] == RedirectionResponse::get().MOVED || err[0] == RedirectionResponse::get().ASK) { redirected = true; bool redirect_succeeded = callbacks.onRedirection(std::move(value), std::string(err[2]), err[0] == RedirectionResponse::get().ASK); if (redirect_succeeded) { host_->cluster().stats().upstream_internal_redirect_succeeded_total_.inc(); } else { host_->cluster().stats().upstream_internal_redirect_failed_total_.inc(); } } } if (!redirected) { if (err[0] == RedirectionResponse::get().CLUSTER_DOWN) { callbacks.onFailure(); } else { callbacks.onResponse(std::move(value)); } } } else { callbacks.onResponse(std::move(value)); } // If there are no remaining ops in the pipeline we need to disable the timer. // Otherwise we boost the timer since we are receiving responses and there are more to flush // out. if (pending_requests_.empty()) { connect_or_op_timer_->disableTimer(); } else { connect_or_op_timer_->enableTimer(config_.opTimeout()); } putOutlierEvent(Upstream::Outlier::Result::ExtOriginRequestSuccess); } ClientImpl::PendingRequest::PendingRequest(ClientImpl& parent, ClientCallbacks& callbacks, Stats::StatName command) : parent_(parent), callbacks_(callbacks), command_{command}, aggregate_request_timer_(parent_.redis_command_stats_->createAggregateTimer( parent_.scope_, parent_.time_source_)) { if (parent_.config_.enableCommandStats()) { command_request_timer_ = parent_.redis_command_stats_->createCommandTimer( parent_.scope_, command_, parent_.time_source_); } parent.host_->cluster().stats().upstream_rq_total_.inc(); parent.host_->stats().rq_total_.inc(); parent.host_->cluster().stats().upstream_rq_active_.inc(); parent.host_->stats().rq_active_.inc(); } ClientImpl::PendingRequest::~PendingRequest() { parent_.host_->cluster().stats().upstream_rq_active_.dec(); parent_.host_->stats().rq_active_.dec(); } void ClientImpl::PendingRequest::cancel() { // If we get a cancellation, we just mark the pending request as cancelled, and then we drop // the response as it comes through. There is no reason to blow away the connection when the // remote is already responding as fast as possible. canceled_ = true; } void ClientImpl::initialize(const std::string& auth_username, const std::string& auth_password) { if (!auth_username.empty()) { // Send an AUTH command to the upstream server with username and password. Utility::AuthRequest auth_request(auth_username, auth_password); makeRequest(auth_request, null_pool_callbacks); } else if (!auth_password.empty()) { // Send an AUTH command to the upstream server. Utility::AuthRequest auth_request(auth_password); makeRequest(auth_request, null_pool_callbacks); } // Any connection to replica requires the READONLY command in order to perform read. // Also the READONLY command is a no-opt for the primary. // We only need to send the READONLY command iff it's possible that the host is a replica. if (config_.readPolicy() != Common::Redis::Client::ReadPolicy::Primary) { makeRequest(Utility::ReadOnlyRequest::instance(), null_pool_callbacks); } } ClientFactoryImpl ClientFactoryImpl::instance_; ClientPtr ClientFactoryImpl::create(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope, const std::string& auth_username, const std::string& auth_password) { ClientPtr client = ClientImpl::create(host, dispatcher, EncoderPtr{new EncoderImpl()}, decoder_factory_, config, redis_command_stats, scope); client->initialize(auth_username, auth_password); return client; } } // namespace Client } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/client_impl.h ================================================ #pragma once #include #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/stats/timespan.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/common/hash.h" #include "common/network/filter_impl.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/upstream_impl.h" #include "extensions/filters/network/common/redis/client.h" #include "extensions/filters/network/common/redis/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { namespace Client { // TODO(mattklein123): Circuit breaking // TODO(rshriram): Fault injection struct RedirectionValues { const std::string ASK = "ASK"; const std::string MOVED = "MOVED"; const std::string CLUSTER_DOWN = "CLUSTERDOWN"; }; using RedirectionResponse = ConstSingleton; class ConfigImpl : public Config { public: ConfigImpl( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings& config); bool disableOutlierEvents() const override { return false; } std::chrono::milliseconds opTimeout() const override { return op_timeout_; } bool enableHashtagging() const override { return enable_hashtagging_; } bool enableRedirection() const override { return enable_redirection_; } uint32_t maxBufferSizeBeforeFlush() const override { return max_buffer_size_before_flush_; } std::chrono::milliseconds bufferFlushTimeoutInMs() const override { return buffer_flush_timeout_; } uint32_t maxUpstreamUnknownConnections() const override { return max_upstream_unknown_connections_; } bool enableCommandStats() const override { return enable_command_stats_; } ReadPolicy readPolicy() const override { return read_policy_; } private: const std::chrono::milliseconds op_timeout_; const bool enable_hashtagging_; const bool enable_redirection_; const uint32_t max_buffer_size_before_flush_; const std::chrono::milliseconds buffer_flush_timeout_; const uint32_t max_upstream_unknown_connections_; const bool enable_command_stats_; ReadPolicy read_policy_; }; class ClientImpl : public Client, public DecoderCallbacks, public Network::ConnectionCallbacks { public: static ClientPtr create(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, EncoderPtr&& encoder, DecoderFactory& decoder_factory, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope); ClientImpl(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, EncoderPtr&& encoder, DecoderFactory& decoder_factory, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope); ~ClientImpl() override; // Client void addConnectionCallbacks(Network::ConnectionCallbacks& callbacks) override { connection_->addConnectionCallbacks(callbacks); } void close() override; PoolRequest* makeRequest(const RespValue& request, ClientCallbacks& callbacks) override; bool active() override { return !pending_requests_.empty(); } void flushBufferAndResetTimer(); void initialize(const std::string& auth_username, const std::string& auth_password) override; private: friend class RedisClientImplTest; struct UpstreamReadFilter : public Network::ReadFilterBaseImpl { UpstreamReadFilter(ClientImpl& parent) : parent_(parent) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool) override { parent_.onData(data); return Network::FilterStatus::Continue; } ClientImpl& parent_; }; struct PendingRequest : public PoolRequest { PendingRequest(ClientImpl& parent, ClientCallbacks& callbacks, Stats::StatName stat_name); ~PendingRequest() override; // PoolRequest void cancel() override; ClientImpl& parent_; ClientCallbacks& callbacks_; Stats::StatName command_; bool canceled_{}; Stats::TimespanPtr aggregate_request_timer_; Stats::TimespanPtr command_request_timer_; }; void onConnectOrOpTimeout(); void onData(Buffer::Instance& data); void putOutlierEvent(Upstream::Outlier::Result result); // DecoderCallbacks void onRespValue(RespValuePtr&& value) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} Upstream::HostConstSharedPtr host_; Network::ClientConnectionPtr connection_; EncoderPtr encoder_; Buffer::OwnedImpl encoder_buffer_; DecoderPtr decoder_; const Config& config_; std::list pending_requests_; Event::TimerPtr connect_or_op_timer_; bool connected_{}; Event::TimerPtr flush_timer_; Envoy::TimeSource& time_source_; const RedisCommandStatsSharedPtr redis_command_stats_; Stats::Scope& scope_; }; class ClientFactoryImpl : public ClientFactory { public: // RedisProxy::ConnPool::ClientFactoryImpl ClientPtr create(Upstream::HostConstSharedPtr host, Event::Dispatcher& dispatcher, const Config& config, const RedisCommandStatsSharedPtr& redis_command_stats, Stats::Scope& scope, const std::string& auth_username, const std::string& auth_password) override; static ClientFactoryImpl instance_; private: DecoderFactoryImpl decoder_factory_; }; } // namespace Client } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/codec.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { /** * All RESP types as defined here: https://redis.io/topics/protocol with the exception of * CompositeArray. CompositeArray is an internal type that behaves like an Array type. Its first * element is a SimpleString or BulkString and the rest of the elements are portion of another * Array. This is created for performance. */ enum class RespType { Null, SimpleString, BulkString, Integer, Error, Array, CompositeArray }; /** * A variant implementation of a RESP value optimized for performance. A C++11 union is used for * the underlying type so that no unnecessary allocations/constructions are needed. */ class RespValue { public: RespValue() : type_(RespType::Null) {} RespValue(std::shared_ptr base_array, const RespValue& command, const uint64_t start, const uint64_t end) : type_(RespType::CompositeArray) { new (&composite_array_) CompositeArray(std::move(base_array), command, start, end); } virtual ~RespValue() { cleanup(); } RespValue(const RespValue& other); // copy constructor RespValue(RespValue&& other) noexcept; // move constructor RespValue& operator=(const RespValue& other); // copy assignment RespValue& operator=(RespValue&& other) noexcept; // move assignment bool operator==(const RespValue& other) const; // test for equality, unit tests bool operator!=(const RespValue& other) const { return !(*this == other); } /** * Convert a RESP value to a string for debugging purposes. */ std::string toString() const; /** * Holds the data for CompositeArray RespType */ class CompositeArray { public: CompositeArray() = default; CompositeArray(std::shared_ptr base_array, const RespValue& command, const uint64_t start, const uint64_t end) : base_array_(std::move(base_array)), command_(&command), start_(start), end_(end) { ASSERT(command.type() == RespType::BulkString || command.type() == RespType::SimpleString); ASSERT(base_array_ != nullptr); ASSERT(base_array_->type() == RespType::Array); ASSERT(start <= end); ASSERT(end < base_array_->asArray().size()); } const RespValue* command() const { return command_; } const std::shared_ptr& baseArray() const { return base_array_; } bool operator==(const CompositeArray& other) const; uint64_t size() const; /** * Forward const iterator for CompositeArray. * @note this implementation currently supports the minimum functionality needed to support * the `for (const RespValue& value : array)` idiom. */ struct CompositeArrayConstIterator { CompositeArrayConstIterator(const RespValue* command, const std::vector& array, uint64_t index, bool first) : command_(command), array_(array), index_(index), first_(first) {} const RespValue& operator*(); CompositeArrayConstIterator& operator++(); bool operator!=(const CompositeArrayConstIterator& rhs) const; static const CompositeArrayConstIterator& empty(); const RespValue* command_; const std::vector& array_; uint64_t index_; bool first_; }; CompositeArrayConstIterator begin() const noexcept { return (command_ && base_array_) ? CompositeArrayConstIterator{command_, base_array_->asArray(), start_, true} : CompositeArrayConstIterator::empty(); } CompositeArrayConstIterator end() const noexcept { return (command_ && base_array_) ? CompositeArrayConstIterator{command_, base_array_->asArray(), end_ + 1, false} : CompositeArrayConstIterator::empty(); } private: std::shared_ptr base_array_; const RespValue* command_; uint64_t start_; uint64_t end_; }; /** * The following are getters and setters for the internal value. A RespValue starts as null, * and must change type via type() before the following methods can be used. */ std::vector& asArray(); const std::vector& asArray() const; std::string& asString(); const std::string& asString() const; int64_t& asInteger(); int64_t asInteger() const; CompositeArray& asCompositeArray(); const CompositeArray& asCompositeArray() const; /** * Get/set the type of the RespValue. A RespValue can only be a single type at a time. Each time * type() is called the type is changed and then the type specific as* methods can be used. */ RespType type() const { return type_; } void type(RespType type); private: union { std::vector array_; std::string string_; int64_t integer_; CompositeArray composite_array_; }; void cleanup(); RespType type_{}; }; using RespValuePtr = std::unique_ptr; using RespValueSharedPtr = std::shared_ptr; using RespValueConstSharedPtr = std::shared_ptr; /** * Callbacks that the decoder fires. */ class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; /** * Called when a new top level RESP value has been decoded. This value may include multiple * sub-values in the case of arrays or nested arrays. * @param value supplies the decoded value that is now owned by the callee. */ virtual void onRespValue(RespValuePtr&& value) PURE; }; /** * A redis byte decoder for https://redis.io/topics/protocol */ class Decoder { public: virtual ~Decoder() = default; /** * Decode redis protocol bytes. * @param data supplies the data to decode. All bytes will be consumed by the decoder or a * ProtocolError will be thrown. */ virtual void decode(Buffer::Instance& data) PURE; }; using DecoderPtr = std::unique_ptr; /** * A factory for a redis decoder. */ class DecoderFactory { public: virtual ~DecoderFactory() = default; /** * Create a decoder given a set of decoder callbacks. */ virtual DecoderPtr create(DecoderCallbacks& callbacks) PURE; }; /** * A redis byte encoder for https://redis.io/topics/protocol */ class Encoder { public: virtual ~Encoder() = default; /** * Encode a RESP value to a buffer. * @param value supplies the value to encode. * @param out supplies the buffer to encode to. */ virtual void encode(const RespValue& value, Buffer::Instance& out) PURE; }; using EncoderPtr = std::unique_ptr; /** * A redis protocol error. */ class ProtocolError : public EnvoyException { public: ProtocolError(const std::string& error) : EnvoyException(error) {} }; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/codec_impl.cc ================================================ #include "extensions/filters/network/common/redis/codec_impl.h" #include #include #include #include #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { std::string RespValue::toString() const { switch (type_) { case RespType::Array: { std::string ret = "["; for (uint64_t i = 0; i < asArray().size(); i++) { ret += asArray()[i].toString(); if (i != asArray().size() - 1) { ret += ", "; } } return ret + "]"; } case RespType::CompositeArray: { std::string ret = "["; uint64_t i = 0; for (const RespValue& value : asCompositeArray()) { ret += value.toString(); if (++i != asCompositeArray().size()) { ret += ", "; } } return ret + "]"; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: return fmt::format("\"{}\"", asString()); case RespType::Null: return "null"; case RespType::Integer: return std::to_string(asInteger()); } NOT_REACHED_GCOVR_EXCL_LINE; } std::vector& RespValue::asArray() { ASSERT(type_ == RespType::Array); return array_; } const std::vector& RespValue::asArray() const { ASSERT(type_ == RespType::Array); return array_; } std::string& RespValue::asString() { ASSERT(type_ == RespType::BulkString || type_ == RespType::Error || type_ == RespType::SimpleString); return string_; } const std::string& RespValue::asString() const { ASSERT(type_ == RespType::BulkString || type_ == RespType::Error || type_ == RespType::SimpleString); return string_; } int64_t& RespValue::asInteger() { ASSERT(type_ == RespType::Integer); return integer_; } int64_t RespValue::asInteger() const { ASSERT(type_ == RespType::Integer); return integer_; } RespValue::CompositeArray& RespValue::asCompositeArray() { ASSERT(type_ == RespType::CompositeArray); return composite_array_; } const RespValue::CompositeArray& RespValue::asCompositeArray() const { ASSERT(type_ == RespType::CompositeArray); return composite_array_; } void RespValue::cleanup() { // Need to manually delete because of the union. switch (type_) { case RespType::Array: { array_.~vector(); break; } case RespType::CompositeArray: { composite_array_.~CompositeArray(); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { string_.~basic_string(); break; } case RespType::Null: case RespType::Integer: { break; } } } void RespValue::type(RespType type) { cleanup(); // Need to use placement new because of the union. type_ = type; switch (type) { case RespType::Array: { new (&array_) std::vector(); break; } case RespType::CompositeArray: { new (&composite_array_) CompositeArray(); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { new (&string_) std::string(); break; } case RespType::Null: case RespType::Integer: { break; } } } RespValue::RespValue(const RespValue& other) : type_(RespType::Null) { type(other.type()); switch (type_) { case RespType::Array: { asArray() = other.asArray(); break; } case RespType::CompositeArray: { asCompositeArray() = other.asCompositeArray(); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { asString() = other.asString(); break; } case RespType::Integer: { asInteger() = other.asInteger(); break; } case RespType::Null: break; } } RespValue::RespValue(RespValue&& other) noexcept : type_(other.type_) { switch (type_) { case RespType::Array: { new (&array_) std::vector(std::move(other.array_)); break; } case RespType::CompositeArray: { new (&composite_array_) CompositeArray(std::move(other.composite_array_)); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { new (&string_) std::string(std::move(other.string_)); break; } case RespType::Integer: { integer_ = other.integer_; break; } case RespType::Null: break; } } RespValue& RespValue::operator=(const RespValue& other) { if (&other == this) { return *this; } type(other.type()); switch (type_) { case RespType::Array: { asArray() = other.asArray(); break; } case RespType::CompositeArray: { asCompositeArray() = other.asCompositeArray(); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { asString() = other.asString(); break; } case RespType::Integer: { asInteger() = other.asInteger(); break; } case RespType::Null: break; } return *this; } RespValue& RespValue::operator=(RespValue&& other) noexcept { if (&other == this) { return *this; } type(other.type()); switch (type_) { case RespType::Array: { array_ = std::move(other.array_); break; } case RespType::CompositeArray: { composite_array_ = std::move(other.composite_array_); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { string_ = std::move(other.string_); break; } case RespType::Integer: { integer_ = other.integer_; break; } case RespType::Null: break; } return *this; } bool RespValue::operator==(const RespValue& other) const { bool result = false; if (type_ != other.type()) { return result; } switch (type_) { case RespType::Array: { result = (asArray() == other.asArray()); break; } case RespType::CompositeArray: { result = (asCompositeArray() == other.asCompositeArray()); break; } case RespType::SimpleString: case RespType::BulkString: case RespType::Error: { result = (asString() == other.asString()); break; } case RespType::Integer: { result = (asInteger() == other.asInteger()); break; } case RespType::Null: { result = true; break; } } return result; } uint64_t RespValue::CompositeArray::size() const { return (command_ && base_array_) ? end_ - start_ + 2 : 0; } bool RespValue::CompositeArray::operator==(const RespValue::CompositeArray& other) const { return base_array_ == other.base_array_ && command_ == other.command_ && start_ == other.start_ && end_ == other.end_; } const RespValue& RespValue::CompositeArray::CompositeArrayConstIterator::operator*() { return first_ ? *command_ : array_[index_]; } RespValue::CompositeArray::CompositeArrayConstIterator& RespValue::CompositeArray::CompositeArrayConstIterator::operator++() { if (first_) { first_ = false; } else { ++index_; } return *this; } bool RespValue::CompositeArray::CompositeArrayConstIterator::operator!=( const CompositeArrayConstIterator& rhs) const { return command_ != (rhs.command_) || &array_ != &(rhs.array_) || index_ != rhs.index_ || first_ != rhs.first_; } const RespValue::CompositeArray::CompositeArrayConstIterator& RespValue::CompositeArray::CompositeArrayConstIterator::empty() { static const RespValue::CompositeArray::CompositeArrayConstIterator* instance = new RespValue::CompositeArray::CompositeArrayConstIterator(nullptr, {}, 0, false); return *instance; } void DecoderImpl::decode(Buffer::Instance& data) { for (const Buffer::RawSlice& slice : data.getRawSlices()) { parseSlice(slice); } data.drain(data.length()); } void DecoderImpl::parseSlice(const Buffer::RawSlice& slice) { const char* buffer = reinterpret_cast(slice.mem_); uint64_t remaining = slice.len_; while (remaining || state_ == State::ValueComplete) { ENVOY_LOG(trace, "parse slice: {} remaining", remaining); switch (state_) { case State::ValueRootStart: { ENVOY_LOG(trace, "parse slice: ValueRootStart"); pending_value_root_ = std::make_unique(); pending_value_stack_.push_front({pending_value_root_.get(), 0}); state_ = State::ValueStart; break; } case State::ValueStart: { ENVOY_LOG(trace, "parse slice: ValueStart: {}", buffer[0]); pending_integer_.reset(); switch (buffer[0]) { case '*': { state_ = State::IntegerStart; pending_value_stack_.front().value_->type(RespType::Array); break; } case '$': { state_ = State::IntegerStart; pending_value_stack_.front().value_->type(RespType::BulkString); break; } case '-': { state_ = State::SimpleString; pending_value_stack_.front().value_->type(RespType::Error); break; } case '+': { state_ = State::SimpleString; pending_value_stack_.front().value_->type(RespType::SimpleString); break; } case ':': { state_ = State::IntegerStart; pending_value_stack_.front().value_->type(RespType::Integer); break; } default: { throw ProtocolError("invalid value type"); } } remaining--; buffer++; break; } case State::IntegerStart: { ENVOY_LOG(trace, "parse slice: IntegerStart: {}", buffer[0]); if (buffer[0] == '-') { pending_integer_.negative_ = true; remaining--; buffer++; } state_ = State::Integer; break; } case State::Integer: { ENVOY_LOG(trace, "parse slice: Integer: {}", buffer[0]); char c = buffer[0]; if (buffer[0] == '\r') { state_ = State::IntegerLF; } else { if (c < '0' || c > '9') { throw ProtocolError("invalid integer character"); } else { pending_integer_.integer_ = (pending_integer_.integer_ * 10) + (c - '0'); } } remaining--; buffer++; break; } case State::IntegerLF: { if (buffer[0] != '\n') { throw ProtocolError("expected new line"); } ENVOY_LOG(trace, "parse slice: IntegerLF: {}", pending_integer_.integer_); remaining--; buffer++; PendingValue& current_value = pending_value_stack_.front(); if (current_value.value_->type() == RespType::Array) { if (pending_integer_.negative_) { // Null array. Convert to null. current_value.value_->type(RespType::Null); state_ = State::ValueComplete; } else if (pending_integer_.integer_ == 0) { state_ = State::ValueComplete; } else { std::vector values(pending_integer_.integer_); current_value.value_->asArray().swap(values); pending_value_stack_.push_front({¤t_value.value_->asArray()[0], 0}); state_ = State::ValueStart; } } else if (current_value.value_->type() == RespType::Integer) { if (pending_integer_.integer_ == 0 || !pending_integer_.negative_) { current_value.value_->asInteger() = pending_integer_.integer_; } else { // By subtracting 1 (and later correcting) we ensure that we remain within the int64_t // range to allow a valid static_cast. This is an issue when we have a value of -2^63, // which cannot be represented as 2^63 in the intermediate int64_t. current_value.value_->asInteger() = static_cast(pending_integer_.integer_ - 1) * -1 - 1; } state_ = State::ValueComplete; } else { ASSERT(current_value.value_->type() == RespType::BulkString); if (!pending_integer_.negative_) { // TODO(mattklein123): reserve and define max length since we don't stream currently. state_ = State::BulkStringBody; } else { // Null bulk string. Switch type to null and move to value complete. current_value.value_->type(RespType::Null); state_ = State::ValueComplete; } } break; } case State::BulkStringBody: { ASSERT(!pending_integer_.negative_); uint64_t length_to_copy = std::min(static_cast(pending_integer_.integer_), remaining); pending_value_stack_.front().value_->asString().append(buffer, length_to_copy); pending_integer_.integer_ -= length_to_copy; remaining -= length_to_copy; buffer += length_to_copy; if (pending_integer_.integer_ == 0) { ENVOY_LOG(trace, "parse slice: BulkStringBody complete: {}", pending_value_stack_.front().value_->asString()); state_ = State::CR; } break; } case State::CR: { ENVOY_LOG(trace, "parse slice: CR"); if (buffer[0] != '\r') { throw ProtocolError("expected carriage return"); } remaining--; buffer++; state_ = State::LF; break; } case State::LF: { ENVOY_LOG(trace, "parse slice: LF"); if (buffer[0] != '\n') { throw ProtocolError("expected new line"); } remaining--; buffer++; state_ = State::ValueComplete; break; } case State::SimpleString: { ENVOY_LOG(trace, "parse slice: SimpleString: {}", buffer[0]); if (buffer[0] == '\r') { state_ = State::LF; } else { pending_value_stack_.front().value_->asString().push_back(buffer[0]); } remaining--; buffer++; break; } case State::ValueComplete: { ENVOY_LOG(trace, "parse slice: ValueComplete"); ASSERT(!pending_value_stack_.empty()); pending_value_stack_.pop_front(); if (pending_value_stack_.empty()) { callbacks_.onRespValue(std::move(pending_value_root_)); state_ = State::ValueRootStart; } else { PendingValue& current_value = pending_value_stack_.front(); ASSERT(current_value.value_->type() == RespType::Array); if (current_value.current_array_element_ < current_value.value_->asArray().size() - 1) { current_value.current_array_element_++; pending_value_stack_.push_front( {¤t_value.value_->asArray()[current_value.current_array_element_], 0}); state_ = State::ValueStart; } } break; } } } } void EncoderImpl::encode(const RespValue& value, Buffer::Instance& out) { switch (value.type()) { case RespType::Array: { encodeArray(value.asArray(), out); break; } case RespType::CompositeArray: { encodeCompositeArray(value.asCompositeArray(), out); break; } case RespType::SimpleString: { encodeSimpleString(value.asString(), out); break; } case RespType::BulkString: { encodeBulkString(value.asString(), out); break; } case RespType::Error: { encodeError(value.asString(), out); break; } case RespType::Null: { out.add("$-1\r\n", 5); break; } case RespType::Integer: encodeInteger(value.asInteger(), out); break; } } void EncoderImpl::encodeArray(const std::vector& array, Buffer::Instance& out) { char buffer[32]; char* current = buffer; *current++ = '*'; current += StringUtil::itoa(current, 21, array.size()); *current++ = '\r'; *current++ = '\n'; out.add(buffer, current - buffer); for (const RespValue& value : array) { encode(value, out); } } void EncoderImpl::encodeCompositeArray(const RespValue::CompositeArray& composite_array, Buffer::Instance& out) { char buffer[32]; char* current = buffer; *current++ = '*'; current += StringUtil::itoa(current, 21, composite_array.size()); *current++ = '\r'; *current++ = '\n'; out.add(buffer, current - buffer); for (const RespValue& value : composite_array) { encode(value, out); } } void EncoderImpl::encodeBulkString(const std::string& string, Buffer::Instance& out) { char buffer[32]; char* current = buffer; *current++ = '$'; current += StringUtil::itoa(current, 21, string.size()); *current++ = '\r'; *current++ = '\n'; out.add(buffer, current - buffer); out.add(string); out.add("\r\n", 2); } void EncoderImpl::encodeError(const std::string& string, Buffer::Instance& out) { out.add("-", 1); out.add(string); out.add("\r\n", 2); } void EncoderImpl::encodeInteger(int64_t integer, Buffer::Instance& out) { char buffer[32]; char* current = buffer; *current++ = ':'; if (integer >= 0) { current += StringUtil::itoa(current, 21, integer); } else { *current++ = '-'; // By adding 1 (and later correcting) we ensure that we remain within the int64_t // range prior to the static_cast. This is an issue when we have a value of -2^63, // which cannot be represented as 2^63 in the intermediate int64_t. current += StringUtil::itoa(current, 30, static_cast((integer + 1) * -1) + 1ULL); } *current++ = '\r'; *current++ = '\n'; out.add(buffer, current - buffer); } void EncoderImpl::encodeSimpleString(const std::string& string, Buffer::Instance& out) { out.add("+", 1); out.add(string); out.add("\r\n", 2); } } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/codec_impl.h ================================================ #pragma once #include #include #include #include #include "common/common/logger.h" #include "extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { /** * Decoder implementation of https://redis.io/topics/protocol * * This implementation buffers when needed and will always consume all bytes passed for decoding. */ class DecoderImpl : public Decoder, Logger::Loggable { public: DecoderImpl(DecoderCallbacks& callbacks) : callbacks_(callbacks) {} // RedisProxy::Decoder void decode(Buffer::Instance& data) override; private: enum class State { ValueRootStart, ValueStart, IntegerStart, Integer, IntegerLF, BulkStringBody, CR, LF, SimpleString, ValueComplete }; struct PendingInteger { void reset() { integer_ = 0; negative_ = false; } uint64_t integer_; bool negative_; }; struct PendingValue { RespValue* value_; uint64_t current_array_element_; }; void parseSlice(const Buffer::RawSlice& slice); DecoderCallbacks& callbacks_; State state_{State::ValueRootStart}; PendingInteger pending_integer_; RespValuePtr pending_value_root_; std::forward_list pending_value_stack_; }; /** * A factory implementation that returns a real decoder. */ class DecoderFactoryImpl : public DecoderFactory { public: // RedisProxy::DecoderFactory DecoderPtr create(DecoderCallbacks& callbacks) override { return DecoderPtr{new DecoderImpl(callbacks)}; } }; /** * Encoder implementation of https://redis.io/topics/protocol */ class EncoderImpl : public Encoder { public: // RedisProxy::Encoder void encode(const RespValue& value, Buffer::Instance& out) override; private: void encodeArray(const std::vector& array, Buffer::Instance& out); void encodeCompositeArray(const RespValue::CompositeArray& array, Buffer::Instance& out); void encodeBulkString(const std::string& string, Buffer::Instance& out); void encodeError(const std::string& string, Buffer::Instance& out); void encodeInteger(int64_t integer, Buffer::Instance& out); void encodeSimpleString(const std::string& string, Buffer::Instance& out); }; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/fault.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/type/v3/percent.pb.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { /** * Fault Type. */ enum class FaultType { Delay, Error }; class Fault { public: virtual ~Fault() = default; virtual FaultType faultType() const PURE; virtual std::chrono::milliseconds delayMs() const PURE; virtual const std::vector commands() const PURE; virtual envoy::type::v3::FractionalPercent defaultValue() const PURE; virtual absl::optional runtimeKey() const PURE; }; using FaultSharedPtr = std::shared_ptr; class FaultManager { public: virtual ~FaultManager() = default; /** * Get fault type and delay given a Redis command. * @param command supplies the Redis command string. */ virtual const Fault* getFaultForCommand(const std::string& command) const PURE; }; using FaultManagerPtr = std::unique_ptr; using FaultManagerSharedPtr = std::shared_ptr; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/fault_impl.cc ================================================ #include "extensions/filters/network/common/redis/fault_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { struct FaultManagerKeyNamesValues { // The rbac filter rejected the request const std::string AllKey = "ALL_KEY"; }; using FaultManagerKeyNames = ConstSingleton; FaultManagerImpl::FaultImpl::FaultImpl( envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault base_fault) : commands_(buildCommands(base_fault)) { delay_ms_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(base_fault, delay, 0)); switch (base_fault.fault_type()) { case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::RedisFault::DELAY: fault_type_ = FaultType::Delay; break; case envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::RedisFault::ERROR: fault_type_ = FaultType::Error; break; default: NOT_REACHED_GCOVR_EXCL_LINE; break; } default_value_ = base_fault.fault_enabled().default_value(); runtime_key_ = base_fault.fault_enabled().runtime_key(); }; std::vector FaultManagerImpl::FaultImpl::buildCommands( envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault base_fault) { std::vector commands; for (const std::string& command : base_fault.commands()) { commands.emplace_back(absl::AsciiStrToLower(command)); } return commands; } FaultManagerImpl::FaultManagerImpl( Random::RandomGenerator& random, Runtime::Loader& runtime, const Protobuf::RepeatedPtrField< ::envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault> faults) : fault_map_(buildFaultMap(faults)), random_(random), runtime_(runtime) {} FaultMap FaultManagerImpl::buildFaultMap( const Protobuf::RepeatedPtrField< ::envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault> faults) { // Next, create the fault map that maps commands to pointers to Fault objects. // Group faults by command FaultMap fault_map; for (auto const& base_fault : faults) { auto fault_ptr = std::make_shared(base_fault); if (!fault_ptr->commands().empty()) { for (const std::string& command : fault_ptr->commands()) { fault_map[command].emplace_back(fault_ptr); } } else { // Generic "ALL" entry in map for faults that map to all keys; also add to each command fault_map[FaultManagerKeyNames::get().AllKey].emplace_back(fault_ptr); } } // Add the ALL keys faults to each command too so that we can just query faults by command. // Get all ALL_KEY faults. FaultMap::iterator it_outer = fault_map.find(FaultManagerKeyNames::get().AllKey); if (it_outer != fault_map.end()) { for (const FaultSharedPtr& fault_ptr : it_outer->second) { FaultMap::iterator it_inner; for (it_inner = fault_map.begin(); it_inner != fault_map.end(); it_inner++) { std::string command = it_inner->first; if (command != FaultManagerKeyNames::get().AllKey) { fault_map[command].push_back(fault_ptr); } } } } return fault_map; } uint64_t FaultManagerImpl::getIntegerNumeratorOfFractionalPercent( absl::string_view key, const envoy::type::v3::FractionalPercent& default_value) const { uint64_t numerator; if (default_value.denominator() == envoy::type::v3::FractionalPercent::HUNDRED) { numerator = default_value.numerator(); } else { int denominator = ProtobufPercentHelper::fractionalPercentDenominatorToInt(default_value.denominator()); numerator = (default_value.numerator() * 100) / denominator; } return runtime_.snapshot().getInteger(key, numerator); } // Fault checking algorithm: // // For example, if we have an ERROR fault at 5% for all commands, and a DELAY fault at 10% for GET, // if we receive a GET, we want 5% of GETs to get DELAY, and 10% to get ERROR. Thus, we need to // amortize the percentages. // // 0. Get random number. // 1. Get faults for given command. // 2. For each fault, calculate the amortized fault injection percentage. // // Note that we do not check to make sure the probabilities of faults are <= 100%! const Fault* FaultManagerImpl::getFaultForCommandInternal(const std::string& command) const { FaultMap::const_iterator it_outer = fault_map_.find(command); if (it_outer != fault_map_.end()) { auto random_number = random_.random() % 100; int amortized_fault = 0; for (const FaultSharedPtr& fault_ptr : it_outer->second) { uint64_t fault_injection_percentage = getIntegerNumeratorOfFractionalPercent( fault_ptr->runtimeKey().value(), fault_ptr->defaultValue()); if (random_number < (fault_injection_percentage + amortized_fault)) { return fault_ptr.get(); } else { amortized_fault += fault_injection_percentage; } } } return nullptr; } const Fault* FaultManagerImpl::getFaultForCommand(const std::string& command) const { if (!fault_map_.empty()) { if (fault_map_.count(command) > 0) { return getFaultForCommandInternal(command); } else { return getFaultForCommandInternal(FaultManagerKeyNames::get().AllKey); } } return nullptr; } } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/fault_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/common/random_generator.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/upstream/upstream.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/common/redis/fault.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { using FaultMap = absl::flat_hash_map>; /** * Message returned for particular types of faults. */ struct FaultMessagesValues { const std::string Error = "Fault Injected: Error"; }; using FaultMessages = ConstSingleton; /** * Fault management- creation, storage and retrieval. Faults are queried for by command, * so they are stored in an unordered map using the command as key. For faults that apply to * all commands, we use a special ALL_KEYS entry in the map. */ class FaultManagerImpl : public FaultManager { public: FaultManagerImpl( Random::RandomGenerator& random, Runtime::Loader& runtime, const Protobuf::RepeatedPtrField< ::envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault> base_faults); const Fault* getFaultForCommand(const std::string& command) const override; static FaultSharedPtr makeFaultForTest(Common::Redis::FaultType fault_type, std::chrono::milliseconds delay_ms) { envoy::type::v3::FractionalPercent default_value; default_value.set_numerator(100); default_value.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); FaultImpl fault = FaultImpl(fault_type, delay_ms, std::vector(), default_value, "foo"); return std::make_shared(fault); } // Allow the unit test to have access to private members. friend class FaultTest; private: class FaultImpl : public Fault { public: FaultImpl( envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault base_fault); FaultImpl(FaultType fault_type, std::chrono::milliseconds delay_ms, const std::vector commands, envoy::type::v3::FractionalPercent default_value, absl::optional runtime_key) : fault_type_(fault_type), delay_ms_(delay_ms), commands_(commands), default_value_(default_value), runtime_key_(runtime_key) {} // For testing only FaultType faultType() const override { return fault_type_; }; std::chrono::milliseconds delayMs() const override { return delay_ms_; }; const std::vector commands() const override { return commands_; }; envoy::type::v3::FractionalPercent defaultValue() const override { return default_value_; }; absl::optional runtimeKey() const override { return runtime_key_; }; private: static std::vector buildCommands( envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault base_fault); FaultType fault_type_; std::chrono::milliseconds delay_ms_; const std::vector commands_; envoy::type::v3::FractionalPercent default_value_; absl::optional runtime_key_; }; static FaultMap buildFaultMap(const Protobuf::RepeatedPtrField< ::envoy::extensions::filters::network::redis_proxy::v3::RedisProxy_RedisFault> faults); uint64_t getIntegerNumeratorOfFractionalPercent( absl::string_view key, const envoy::type::v3::FractionalPercent& default_value) const; const Fault* getFaultForCommandInternal(const std::string& command) const; const FaultMap fault_map_; protected: Random::RandomGenerator& random_; Runtime::Loader& runtime_; }; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/redis_command_stats.cc ================================================ #include "extensions/filters/network/common/redis/redis_command_stats.h" #include "common/stats/timespan_impl.h" #include "common/stats/utility.h" #include "extensions/filters/network/common/redis/supported_commands.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { RedisCommandStats::RedisCommandStats(Stats::SymbolTable& symbol_table, const std::string& prefix) : symbol_table_(symbol_table), stat_name_set_(symbol_table_.makeSet("Redis")), prefix_(stat_name_set_->add(prefix)), upstream_rq_time_(stat_name_set_->add("upstream_rq_time")), latency_(stat_name_set_->add("latency")), total_(stat_name_set_->add("total")), success_(stat_name_set_->add("success")), failure_(stat_name_set_->add("failure")), unused_metric_(stat_name_set_->add("unused")), null_metric_(stat_name_set_->add("null")), unknown_metric_(stat_name_set_->add("unknown")) { // Note: Even if this is disabled, we track the upstream_rq_time. // Create StatName for each Redis command. Note that we don't include Auth or Ping. stat_name_set_->rememberBuiltins( Extensions::NetworkFilters::Common::Redis::SupportedCommands::simpleCommands()); stat_name_set_->rememberBuiltins( Extensions::NetworkFilters::Common::Redis::SupportedCommands::evalCommands()); stat_name_set_->rememberBuiltins(Extensions::NetworkFilters::Common::Redis::SupportedCommands:: hashMultipleSumResultCommands()); stat_name_set_->rememberBuiltin( Extensions::NetworkFilters::Common::Redis::SupportedCommands::mget()); stat_name_set_->rememberBuiltin( Extensions::NetworkFilters::Common::Redis::SupportedCommands::mset()); } Stats::TimespanPtr RedisCommandStats::createCommandTimer(Stats::Scope& scope, Stats::StatName command, Envoy::TimeSource& time_source) { return std::make_unique( Stats::Utility::histogramFromStatNames(scope, {prefix_, command, latency_}, Stats::Histogram::Unit::Microseconds), time_source); } Stats::TimespanPtr RedisCommandStats::createAggregateTimer(Stats::Scope& scope, Envoy::TimeSource& time_source) { return std::make_unique( Stats::Utility::histogramFromStatNames(scope, {prefix_, upstream_rq_time_}, Stats::Histogram::Unit::Microseconds), time_source); } Stats::StatName RedisCommandStats::getCommandFromRequest(const RespValue& request) { // Get command from RespValue switch (request.type()) { case RespType::Array: return getCommandFromRequest(request.asArray().front()); case RespType::CompositeArray: return getCommandFromRequest(*request.asCompositeArray().command()); case RespType::Null: return null_metric_; case RespType::BulkString: case RespType::SimpleString: { std::string to_lower_command = absl::AsciiStrToLower(request.asString()); return stat_name_set_->getBuiltin(to_lower_command, unknown_metric_); } case RespType::Integer: case RespType::Error: default: return unknown_metric_; } } void RedisCommandStats::updateStatsTotal(Stats::Scope& scope, Stats::StatName command) { Stats::Utility::counterFromStatNames(scope, {prefix_, command, total_}).inc(); } void RedisCommandStats::updateStats(Stats::Scope& scope, Stats::StatName command, const bool success) { Stats::StatName status = success ? success_ : failure_; Stats::Utility::counterFromStatNames(scope, {prefix_, command, status}).inc(); } } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/redis_command_stats.h ================================================ #pragma once #include #include #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { class RedisCommandStats { public: RedisCommandStats(Stats::SymbolTable& symbol_table, const std::string& prefix); // TODO (@FAYiEKcbD0XFqF2QK2E4viAHg8rMm2VbjYKdjTg): Use Singleton to manage a single // RedisCommandStats on the client factory so that it can be used for proxy filter, discovery and // health check. static std::shared_ptr createRedisCommandStats(Stats::SymbolTable& symbol_table) { return std::make_shared(symbol_table, "upstream_commands"); } Stats::TimespanPtr createCommandTimer(Stats::Scope& scope, Stats::StatName command, Envoy::TimeSource& time_source); Stats::TimespanPtr createAggregateTimer(Stats::Scope& scope, Envoy::TimeSource& time_source); Stats::StatName getCommandFromRequest(const RespValue& request); void updateStatsTotal(Stats::Scope& scope, Stats::StatName command); void updateStats(Stats::Scope& scope, Stats::StatName command, const bool success); Stats::StatName getUnusedStatName() { return unused_metric_; } private: Stats::SymbolTable& symbol_table_; Stats::StatNameSetPtr stat_name_set_; const Stats::StatName prefix_; const Stats::StatName upstream_rq_time_; const Stats::StatName latency_; const Stats::StatName total_; const Stats::StatName success_; const Stats::StatName failure_; const Stats::StatName unused_metric_; const Stats::StatName null_metric_; const Stats::StatName unknown_metric_; }; using RedisCommandStatsSharedPtr = std::shared_ptr; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/supported_commands.h ================================================ #pragma once #include #include #include #include "common/common/macros.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { struct SupportedCommands { /** * @return commands which hash to a single server */ static const absl::flat_hash_set& simpleCommands() { CONSTRUCT_ON_FIRST_USE( absl::flat_hash_set, "append", "bitcount", "bitfield", "bitpos", "decr", "decrby", "dump", "expire", "expireat", "geoadd", "geodist", "geohash", "geopos", "georadius_ro", "georadiusbymember_ro", "get", "getbit", "getrange", "getset", "hdel", "hexists", "hget", "hgetall", "hincrby", "hincrbyfloat", "hkeys", "hlen", "hmget", "hmset", "hscan", "hset", "hsetnx", "hstrlen", "hvals", "incr", "incrby", "incrbyfloat", "lindex", "linsert", "llen", "lpop", "lpush", "lpushx", "lrange", "lrem", "lset", "ltrim", "persist", "pexpire", "pexpireat", "pfadd", "pfcount", "psetex", "pttl", "restore", "rpop", "rpush", "rpushx", "sadd", "scard", "set", "setbit", "setex", "setnx", "setrange", "sismember", "smembers", "spop", "srandmember", "srem", "sscan", "strlen", "ttl", "type", "zadd", "zcard", "zcount", "zincrby", "zlexcount", "zpopmin", "zpopmax", "zrange", "zrangebylex", "zrangebyscore", "zrank", "zrem", "zremrangebylex", "zremrangebyrank", "zremrangebyscore", "zrevrange", "zrevrangebylex", "zrevrangebyscore", "zrevrank", "zscan", "zscore"); } /** * @return commands which hash on the fourth argument */ static const absl::flat_hash_set& evalCommands() { CONSTRUCT_ON_FIRST_USE(absl::flat_hash_set, "eval", "evalsha"); } /** * @return commands which are sent to multiple servers and coalesced by summing the responses */ static const absl::flat_hash_set& hashMultipleSumResultCommands() { CONSTRUCT_ON_FIRST_USE(absl::flat_hash_set, "del", "exists", "touch", "unlink"); } /** * @return auth command */ static const std::string& auth() { CONSTRUCT_ON_FIRST_USE(std::string, "auth"); } /** * @return mget command */ static const std::string& mget() { CONSTRUCT_ON_FIRST_USE(std::string, "mget"); } /** * @return mset command */ static const std::string& mset() { CONSTRUCT_ON_FIRST_USE(std::string, "mset"); } /** * @return ping command */ static const std::string& ping() { CONSTRUCT_ON_FIRST_USE(std::string, "ping"); } /** * @return commands which alters the state of redis */ static const absl::flat_hash_set& writeCommands() { CONSTRUCT_ON_FIRST_USE( absl::flat_hash_set, "append", "bitfield", "decr", "decrby", "del", "expire", "expireat", "eval", "evalsha", "geoadd", "hdel", "hincrby", "hincrbyfloat", "hmset", "hset", "hsetnx", "incr", "incrby", "incrbyfloat", "linsert", "lpop", "lpush", "lpushx", "lrem", "lset", "ltrim", "mset", "persist", "pexpire", "pexpireat", "pfadd", "psetex", "restore", "rpop", "rpush", "rpushx", "sadd", "set", "setbit", "setex", "setnx", "setrange", "spop", "srem", "zadd", "zincrby", "touch", "zpopmin", "zpopmax", "zrem", "zremrangebylex", "zremrangebyrank", "zremrangebyscore", "unlink"); } static bool isReadCommand(const std::string& command) { return !writeCommands().contains(command); } }; } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/utility.cc ================================================ #include "extensions/filters/network/common/redis/utility.h" #include "common/common/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { namespace Utility { AuthRequest::AuthRequest(const std::string& password) { std::vector values(2); values[0].type(RespType::BulkString); values[0].asString() = "auth"; values[1].type(RespType::BulkString); values[1].asString() = password; type(RespType::Array); asArray().swap(values); } AuthRequest::AuthRequest(const std::string& username, const std::string& password) { std::vector values(3); values[0].type(RespType::BulkString); values[0].asString() = "auth"; values[1].type(RespType::BulkString); values[1].asString() = username; values[2].type(RespType::BulkString); values[2].asString() = password; type(RespType::Array); asArray().swap(values); } RespValuePtr makeError(const std::string& error) { Common::Redis::RespValuePtr response(new RespValue()); response->type(Common::Redis::RespType::Error); response->asString() = error; return response; } ReadOnlyRequest::ReadOnlyRequest() { std::vector values(1); values[0].type(RespType::BulkString); values[0].asString() = "readonly"; type(RespType::Array); asArray().swap(values); } const ReadOnlyRequest& ReadOnlyRequest::instance() { static const ReadOnlyRequest* instance = new ReadOnlyRequest{}; return *instance; } AskingRequest::AskingRequest() { std::vector values(1); values[0].type(RespType::BulkString); values[0].asString() = "asking"; type(RespType::Array); asArray().swap(values); } const AskingRequest& AskingRequest::instance() { static const AskingRequest* instance = new AskingRequest{}; return *instance; } GetRequest::GetRequest() { type(RespType::BulkString); asString() = "get"; } const GetRequest& GetRequest::instance() { static const GetRequest* instance = new GetRequest{}; return *instance; } SetRequest::SetRequest() { type(RespType::BulkString); asString() = "set"; } const SetRequest& SetRequest::instance() { static const SetRequest* instance = new SetRequest{}; return *instance; } } // namespace Utility } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/redis/utility.h ================================================ #pragma once #include #include "extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { namespace Redis { namespace Utility { class AuthRequest : public Redis::RespValue { public: AuthRequest(const std::string& username, const std::string& password); AuthRequest(const std::string& password); }; RespValuePtr makeError(const std::string& error); class ReadOnlyRequest : public Redis::RespValue { public: ReadOnlyRequest(); static const ReadOnlyRequest& instance(); }; class AskingRequest : public Redis::RespValue { public: AskingRequest(); static const AskingRequest& instance(); }; class GetRequest : public Redis::RespValue { public: GetRequest(); static const GetRequest& instance(); }; class SetRequest : public Redis::RespValue { public: SetRequest(); static const SetRequest& instance(); }; } // namespace Utility } // namespace Redis } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/common/utility.h ================================================ #pragma once #include "common/common/macros.h" #include "extensions/common/utility.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Common { /** * FilterNameUtil provides utilities for handling Network filter * extension names (e.g., "envoy.filters.network.redis_proxy"). */ class FilterNameUtil { public: /** * Given a deprecated network filter extension name, return the * canonical name. Any name not defined in the deprecated map is * returned without modification. If deprecated extension names are * disabled, throws EnvoyException. * * @return const std::string& canonical filter name * @throw EnvoyException if deprecated names are disabled */ static const std::string& canonicalFilterName(const std::string& name, Runtime::Loader* runtime = Runtime::LoaderSingleton::getExisting()) { const auto& it = deprecatedNameMap().find(name); if (it == deprecatedNameMap().end()) { return name; } Extensions::Common::Utility::ExtensionNameUtil::checkDeprecatedExtensionName( "network filter", name, it->second, runtime); return it->second; } private: using DeprecatedNameMap = absl::flat_hash_map; static const DeprecatedNameMap& deprecatedNameMap() { CONSTRUCT_ON_FIRST_USE( DeprecatedNameMap, { {"envoy.redis_proxy", NetworkFilters::NetworkFilterNames::get().RedisProxy}, }); } }; } // namespace Common } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/direct_response/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Direct response L4 network filter. # Public docs: docs/root/configuration/network_filters/direct_response_filter.rst envoy_extension_package() envoy_cc_library( name = "filter", srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], security_posture = "unknown", deps = [ ":filter", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/common/config:datasource_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/direct_response/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/direct_response/config.cc ================================================ #include "envoy/extensions/filters/network/direct_response/v3/config.pb.h" #include "envoy/extensions/filters/network/direct_response/v3/config.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/config/datasource.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/direct_response/filter.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DirectResponse { /** * Config registration for the direct response filter. @see NamedNetworkFilterConfigFactory. */ class DirectResponseConfigFactory : public Common::FactoryBase { public: DirectResponseConfigFactory() : FactoryBase(NetworkFilterNames::get().DirectResponse) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::direct_response::v3::Config& config, Server::Configuration::FactoryContext& context) override { return [config, &context](Network::FilterManager& filter_manager) -> void { auto content = Config::DataSource::read(config.response(), true, context.api()); filter_manager.addReadFilter(std::make_shared(content)); }; } bool isTerminalFilter() override { return true; } }; /** * Static registration for the direct response filter. @see RegisterFactory. */ REGISTER_FACTORY(DirectResponseConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace DirectResponse } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/direct_response/filter.cc ================================================ #include "extensions/filters/network/direct_response/filter.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DirectResponse { Network::FilterStatus DirectResponseFilter::onNewConnection() { auto& connection = read_callbacks_->connection(); ENVOY_CONN_LOG(trace, "direct_response: new connection", connection); if (!response_.empty()) { Buffer::OwnedImpl data(response_); connection.write(data, true); ASSERT(0 == data.length()); } connection.streamInfo().setResponseCodeDetails( StreamInfo::ResponseCodeDetails::get().DirectResponse); connection.close(Network::ConnectionCloseType::FlushWrite); return Network::FilterStatus::StopIteration; } } // namespace DirectResponse } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/direct_response/filter.h ================================================ #pragma once #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DirectResponse { /** * Implementation of a basic direct response filter. */ class DirectResponseFilter : public Network::ReadFilter, Logger::Loggable { public: DirectResponseFilter(const std::string& response) : response_(response) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance&, bool) override { return Network::FilterStatus::Continue; } Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; read_callbacks_->connection().enableHalfClose(true); } private: const std::string response_; Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace DirectResponse } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "buffer_helper_lib", srcs = ["buffer_helper.cc"], hdrs = ["buffer_helper.h"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:byte_order_lib", ], ) envoy_cc_library( name = "hessian_utils_lib", srcs = ["hessian_utils.cc"], hdrs = ["hessian_utils.h"], deps = [ ":buffer_helper_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "protocol_interface", hdrs = ["protocol.h"], deps = [ ":buffer_helper_lib", ":message_lib", ":metadata_lib", ":serializer_interface", "//include/envoy/config:typed_config_interface", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "dubbo_protocol_impl_lib", srcs = ["dubbo_protocol_impl.cc"], hdrs = ["dubbo_protocol_impl.h"], deps = [ ":protocol_interface", "//include/envoy/buffer:buffer_interface", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "serializer_interface", srcs = ["serializer_impl.cc"], hdrs = [ "protocol_constants.h", "serializer.h", "serializer_impl.h", ], deps = [ ":message_lib", ":metadata_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/config:typed_config_interface", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "dubbo_hessian2_serializer_impl_lib", srcs = ["dubbo_hessian2_serializer_impl.cc"], hdrs = [ "dubbo_hessian2_serializer_impl.h", ], deps = [ ":buffer_helper_lib", ":hessian_utils_lib", ":serializer_interface", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "decoder_lib", srcs = ["decoder.cc"], hdrs = ["decoder.h"], deps = [ ":decoder_events_lib", ":dubbo_hessian2_serializer_impl_lib", ":dubbo_protocol_impl_lib", "//source/common/buffer:buffer_lib", "//source/common/common:logger_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":conn_manager_lib", "//include/envoy/registry", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/dubbo_proxy/filters:factory_base_lib", "//source/extensions/filters/network/dubbo_proxy/filters:well_known_names", "//source/extensions/filters/network/dubbo_proxy/router:config", "//source/extensions/filters/network/dubbo_proxy/router:route_matcher", "//source/extensions/filters/network/dubbo_proxy/router:router_lib", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "metadata_lib", hdrs = ["metadata.h"], external_deps = ["abseil_optional"], deps = [ ":message_lib", "//source/common/buffer:buffer_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_library( name = "message_lib", hdrs = [ "message.h", "message_impl.h", ], deps = [ "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "decoder_events_lib", hdrs = ["decoder_event_handler.h"], deps = [ ":metadata_lib", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "stats_lib", hdrs = ["stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", ], ) envoy_cc_library( name = "app_exception_lib", srcs = ["app_exception.cc"], hdrs = ["app_exception.h"], deps = [ ":message_lib", ":metadata_lib", ":protocol_interface", ":serializer_interface", "//include/envoy/buffer:buffer_interface", "//source/common/buffer:buffer_lib", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", ], ) envoy_cc_library( name = "heartbeat_response_lib", srcs = ["heartbeat_response.cc"], hdrs = ["heartbeat_response.h"], deps = [ ":metadata_lib", ":protocol_interface", ":serializer_interface", "//include/envoy/buffer:buffer_interface", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", ], ) envoy_cc_library( name = "conn_manager_lib", srcs = [ "active_message.cc", "conn_manager.cc", ], hdrs = [ "active_message.h", "conn_manager.h", ], deps = [ ":app_exception_lib", ":decoder_events_lib", ":decoder_lib", ":dubbo_hessian2_serializer_impl_lib", ":dubbo_protocol_impl_lib", ":heartbeat_response_lib", ":stats_lib", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:timespan_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:linked_object", "//source/common/common:logger_lib", "//source/common/network:filter_lib", "//source/common/stats:timespan_lib", "//source/common/stream_info:stream_info_lib", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", "//source/extensions/filters/network/dubbo_proxy/router:router_interface", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/dubbo_proxy/active_message.cc ================================================ #include "extensions/filters/network/dubbo_proxy/active_message.h" #include "common/stats/timespan_impl.h" #include "extensions/filters/network/dubbo_proxy/app_exception.h" #include "extensions/filters/network/dubbo_proxy/conn_manager.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { // class ActiveResponseDecoder ActiveResponseDecoder::ActiveResponseDecoder(ActiveMessage& parent, DubboFilterStats& stats, Network::Connection& connection, ProtocolPtr&& protocol) : parent_(parent), stats_(stats), response_connection_(connection), protocol_(std::move(protocol)), decoder_(std::make_unique(*protocol_, *this)), complete_(false), response_status_(DubboFilters::UpstreamResponseStatus::MoreData) {} DubboFilters::UpstreamResponseStatus ActiveResponseDecoder::onData(Buffer::Instance& data) { ENVOY_LOG(debug, "dubbo response: the received reply data length is {}", data.length()); bool underflow = false; decoder_->onData(data, underflow); ASSERT(complete_ || underflow); return response_status_; } void ActiveResponseDecoder::onStreamDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) { ASSERT(metadata->messageType() == MessageType::Response || metadata->messageType() == MessageType::Exception); ASSERT(metadata->hasResponseStatus()); metadata_ = metadata; if (applyMessageEncodedFilters(metadata, ctx) != FilterStatus::Continue) { response_status_ = DubboFilters::UpstreamResponseStatus::Complete; return; } if (response_connection_.state() != Network::Connection::State::Open) { throw DownstreamConnectionCloseException("Downstream has closed or closing"); } response_connection_.write(ctx->messageOriginData(), false); ENVOY_LOG(debug, "dubbo response: the upstream response message has been forwarded to the downstream"); stats_.response_.inc(); stats_.response_decoding_success_.inc(); if (metadata->messageType() == MessageType::Exception) { stats_.response_business_exception_.inc(); } switch (metadata->responseStatus()) { case ResponseStatus::Ok: stats_.response_success_.inc(); break; default: stats_.response_error_.inc(); ENVOY_LOG(error, "dubbo response status: {}", static_cast(metadata->responseStatus())); break; } complete_ = true; response_status_ = DubboFilters::UpstreamResponseStatus::Complete; ENVOY_LOG(debug, "dubbo response: complete processing of upstream response messages, id is {}", metadata->requestId()); } FilterStatus ActiveResponseDecoder::applyMessageEncodedFilters(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) { parent_.encoder_filter_action_ = [metadata, ctx](DubboFilters::EncoderFilter* filter) -> FilterStatus { return filter->onMessageEncoded(metadata, ctx); }; auto status = parent_.applyEncoderFilters( nullptr, ActiveMessage::FilterIterationStartState::CanStartFromCurrent); switch (status) { case FilterStatus::StopIteration: break; case FilterStatus::Retry: response_status_ = DubboFilters::UpstreamResponseStatus::Retry; decoder_->reset(); break; default: ASSERT(FilterStatus::Continue == status); break; } return status; } // class ActiveMessageFilterBase uint64_t ActiveMessageFilterBase::requestId() const { return parent_.requestId(); } uint64_t ActiveMessageFilterBase::streamId() const { return parent_.streamId(); } const Network::Connection* ActiveMessageFilterBase::connection() const { return parent_.connection(); } Router::RouteConstSharedPtr ActiveMessageFilterBase::route() { return parent_.route(); } SerializationType ActiveMessageFilterBase::serializationType() const { return parent_.serializationType(); } ProtocolType ActiveMessageFilterBase::protocolType() const { return parent_.protocolType(); } Event::Dispatcher& ActiveMessageFilterBase::dispatcher() { return parent_.dispatcher(); } void ActiveMessageFilterBase::resetStream() { parent_.resetStream(); } StreamInfo::StreamInfo& ActiveMessageFilterBase::streamInfo() { return parent_.streamInfo(); } // class ActiveMessageDecoderFilter ActiveMessageDecoderFilter::ActiveMessageDecoderFilter(ActiveMessage& parent, DubboFilters::DecoderFilterSharedPtr filter, bool dual_filter) : ActiveMessageFilterBase(parent, dual_filter), handle_(filter) {} void ActiveMessageDecoderFilter::continueDecoding() { ASSERT(parent_.context()); auto state = ActiveMessage::FilterIterationStartState::AlwaysStartFromNext; if (0 != parent_.context()->messageOriginData().length()) { state = ActiveMessage::FilterIterationStartState::CanStartFromCurrent; ENVOY_LOG(warn, "The original message data is not consumed, triggering the decoder filter from " "the current location"); } const FilterStatus status = parent_.applyDecoderFilters(this, state); if (status == FilterStatus::Continue) { ENVOY_LOG(debug, "dubbo response: start upstream"); // All filters have been executed for the current decoder state. if (parent_.pendingStreamDecoded()) { // If the filter stack was paused during messageEnd, handle end-of-request details. parent_.finalizeRequest(); } parent_.continueDecoding(); } } void ActiveMessageDecoderFilter::sendLocalReply(const DubboFilters::DirectResponse& response, bool end_stream) { parent_.sendLocalReply(response, end_stream); } void ActiveMessageDecoderFilter::startUpstreamResponse() { parent_.startUpstreamResponse(); } DubboFilters::UpstreamResponseStatus ActiveMessageDecoderFilter::upstreamData(Buffer::Instance& buffer) { return parent_.upstreamData(buffer); } void ActiveMessageDecoderFilter::resetDownstreamConnection() { parent_.resetDownstreamConnection(); } // class ActiveMessageEncoderFilter ActiveMessageEncoderFilter::ActiveMessageEncoderFilter(ActiveMessage& parent, DubboFilters::EncoderFilterSharedPtr filter, bool dual_filter) : ActiveMessageFilterBase(parent, dual_filter), handle_(filter) {} void ActiveMessageEncoderFilter::continueEncoding() { ASSERT(parent_.context()); auto state = ActiveMessage::FilterIterationStartState::AlwaysStartFromNext; if (0 != parent_.context()->messageOriginData().length()) { state = ActiveMessage::FilterIterationStartState::CanStartFromCurrent; ENVOY_LOG(warn, "The original message data is not consumed, triggering the encoder filter from " "the current location"); } const FilterStatus status = parent_.applyEncoderFilters(this, state); if (FilterStatus::Continue == status) { ENVOY_LOG(debug, "All encoding filters have been executed"); } } // class ActiveMessage ActiveMessage::ActiveMessage(ConnectionManager& parent) : parent_(parent), request_timer_(std::make_unique( parent_.stats().request_time_ms_, parent.timeSystem())), request_id_(-1), stream_id_(parent.randomGenerator().random()), stream_info_(parent.timeSystem()), pending_stream_decoded_(false), local_response_sent_(false) { parent_.stats().request_active_.inc(); stream_info_.setDownstreamLocalAddress(parent_.connection().localAddress()); stream_info_.setDownstreamRemoteAddress(parent_.connection().remoteAddress()); stream_info_.setDownstreamDirectRemoteAddress(parent_.connection().directRemoteAddress()); } ActiveMessage::~ActiveMessage() { parent_.stats().request_active_.dec(); request_timer_->complete(); for (auto& filter : decoder_filters_) { ENVOY_LOG(debug, "destroy decoder filter"); filter->handler()->onDestroy(); } for (auto& filter : encoder_filters_) { // Do not call on destroy twice for dual registered filters. if (!filter->dual_filter_) { ENVOY_LOG(debug, "destroy encoder filter"); filter->handler()->onDestroy(); } } } std::list::iterator ActiveMessage::commonEncodePrefix(ActiveMessageEncoderFilter* filter, FilterIterationStartState state) { // Only do base state setting on the initial call. Subsequent calls for filtering do not touch // the base state. if (filter == nullptr) { // ASSERT(!state_.local_complete_); // state_.local_complete_ = end_stream; return encoder_filters_.begin(); } if (state == FilterIterationStartState::CanStartFromCurrent) { // The filter iteration has been stopped for all frame types, and now the iteration continues. // The current filter's encoding callback has not be called. Call it now. return filter->entry(); } return std::next(filter->entry()); } std::list::iterator ActiveMessage::commonDecodePrefix(ActiveMessageDecoderFilter* filter, FilterIterationStartState state) { if (!filter) { return decoder_filters_.begin(); } if (state == FilterIterationStartState::CanStartFromCurrent) { // The filter iteration has been stopped for all frame types, and now the iteration continues. // The current filter's callback function has not been called. Call it now. return filter->entry(); } return std::next(filter->entry()); } void ActiveMessage::onStreamDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) { parent_.stats().request_decoding_success_.inc(); metadata_ = metadata; context_ = ctx; filter_action_ = [metadata, ctx](DubboFilters::DecoderFilter* filter) -> FilterStatus { return filter->onMessageDecoded(metadata, ctx); }; auto status = applyDecoderFilters(nullptr, FilterIterationStartState::CanStartFromCurrent); if (status == FilterStatus::StopIteration) { ENVOY_LOG(debug, "dubbo request: stop calling decoder filter, id is {}", metadata->requestId()); pending_stream_decoded_ = true; return; } finalizeRequest(); ENVOY_LOG(debug, "dubbo request: complete processing of downstream request messages, id is {}", metadata->requestId()); } void ActiveMessage::finalizeRequest() { pending_stream_decoded_ = false; parent_.stats().request_.inc(); bool is_one_way = false; switch (metadata_->messageType()) { case MessageType::Request: parent_.stats().request_twoway_.inc(); break; case MessageType::Oneway: parent_.stats().request_oneway_.inc(); is_one_way = true; break; default: break; } if (local_response_sent_ || is_one_way) { parent_.deferredMessage(*this); } } void ActiveMessage::createFilterChain() { parent_.config().filterFactory().createFilterChain(*this); } DubboProxy::Router::RouteConstSharedPtr ActiveMessage::route() { if (cached_route_) { return cached_route_.value(); } if (metadata_ != nullptr) { DubboProxy::Router::RouteConstSharedPtr route = parent_.config().routerConfig().route(*metadata_, stream_id_); cached_route_ = route; return cached_route_.value(); } return nullptr; } FilterStatus ActiveMessage::applyDecoderFilters(ActiveMessageDecoderFilter* filter, FilterIterationStartState state) { ASSERT(filter_action_ != nullptr); if (!local_response_sent_) { for (auto entry = commonDecodePrefix(filter, state); entry != decoder_filters_.end(); entry++) { const FilterStatus status = filter_action_((*entry)->handler().get()); if (local_response_sent_) { break; } if (status != FilterStatus::Continue) { return status; } } } filter_action_ = nullptr; return FilterStatus::Continue; } FilterStatus ActiveMessage::applyEncoderFilters(ActiveMessageEncoderFilter* filter, FilterIterationStartState state) { ASSERT(encoder_filter_action_ != nullptr); if (!local_response_sent_) { for (auto entry = commonEncodePrefix(filter, state); entry != encoder_filters_.end(); entry++) { const FilterStatus status = encoder_filter_action_((*entry)->handler().get()); if (local_response_sent_) { break; } if (status != FilterStatus::Continue) { return status; } } } encoder_filter_action_ = nullptr; return FilterStatus::Continue; } void ActiveMessage::sendLocalReply(const DubboFilters::DirectResponse& response, bool end_stream) { ASSERT(metadata_); metadata_->setRequestId(request_id_); parent_.sendLocalReply(*metadata_, response, end_stream); if (end_stream) { return; } local_response_sent_ = true; } void ActiveMessage::startUpstreamResponse() { ENVOY_LOG(debug, "dubbo response: start upstream"); ASSERT(response_decoder_ == nullptr); auto protocol = NamedProtocolConfigFactory::getFactory(protocolType()).createProtocol(serializationType()); // Create a response message decoder. response_decoder_ = std::make_unique( *this, parent_.stats(), parent_.connection(), std::move(protocol)); } DubboFilters::UpstreamResponseStatus ActiveMessage::upstreamData(Buffer::Instance& buffer) { ASSERT(response_decoder_ != nullptr); try { auto status = response_decoder_->onData(buffer); if (status == DubboFilters::UpstreamResponseStatus::Complete) { if (requestId() != response_decoder_->requestId()) { throw EnvoyException(fmt::format("dubbo response: request ID is not equal, {}:{}", requestId(), response_decoder_->requestId())); } // Completed upstream response. parent_.deferredMessage(*this); } else if (status == DubboFilters::UpstreamResponseStatus::Retry) { response_decoder_.reset(); } return status; } catch (const DownstreamConnectionCloseException& ex) { ENVOY_CONN_LOG(error, "dubbo response: exception ({})", parent_.connection(), ex.what()); onReset(); parent_.stats().response_error_caused_connection_close_.inc(); return DubboFilters::UpstreamResponseStatus::Reset; } catch (const EnvoyException& ex) { ENVOY_CONN_LOG(error, "dubbo response: exception ({})", parent_.connection(), ex.what()); parent_.stats().response_decoding_error_.inc(); onError(ex.what()); return DubboFilters::UpstreamResponseStatus::Reset; } } void ActiveMessage::resetDownstreamConnection() { parent_.connection().close(Network::ConnectionCloseType::NoFlush); } void ActiveMessage::resetStream() { parent_.deferredMessage(*this); } uint64_t ActiveMessage::requestId() const { return metadata_ != nullptr ? metadata_->requestId() : 0; } uint64_t ActiveMessage::streamId() const { return stream_id_; } void ActiveMessage::continueDecoding() { parent_.continueDecoding(); } SerializationType ActiveMessage::serializationType() const { return parent_.downstreamSerializationType(); } ProtocolType ActiveMessage::protocolType() const { return parent_.downstreamProtocolType(); } StreamInfo::StreamInfo& ActiveMessage::streamInfo() { return stream_info_; } Event::Dispatcher& ActiveMessage::dispatcher() { return parent_.connection().dispatcher(); } const Network::Connection* ActiveMessage::connection() const { return &parent_.connection(); } void ActiveMessage::addDecoderFilter(DubboFilters::DecoderFilterSharedPtr filter) { addDecoderFilterWorker(filter, false); } void ActiveMessage::addEncoderFilter(DubboFilters::EncoderFilterSharedPtr filter) { addEncoderFilterWorker(filter, false); } void ActiveMessage::addFilter(DubboFilters::CodecFilterSharedPtr filter) { addDecoderFilterWorker(filter, true); addEncoderFilterWorker(filter, true); } void ActiveMessage::addDecoderFilterWorker(DubboFilters::DecoderFilterSharedPtr filter, bool dual_filter) { ActiveMessageDecoderFilterPtr wrapper = std::make_unique(*this, filter, dual_filter); filter->setDecoderFilterCallbacks(*wrapper); LinkedList::moveIntoListBack(std::move(wrapper), decoder_filters_); } void ActiveMessage::addEncoderFilterWorker(DubboFilters::EncoderFilterSharedPtr filter, bool dual_filter) { ActiveMessageEncoderFilterPtr wrapper = std::make_unique(*this, filter, dual_filter); filter->setEncoderFilterCallbacks(*wrapper); LinkedList::moveIntoListBack(std::move(wrapper), encoder_filters_); } void ActiveMessage::onReset() { parent_.deferredMessage(*this); } void ActiveMessage::onError(const std::string& what) { if (!metadata_) { // It's possible that an error occurred before the decoder generated metadata, // and a metadata object needs to be created in order to generate a local reply. metadata_ = std::make_shared(); } ASSERT(metadata_); ENVOY_LOG(error, "Bad response: {}", what); sendLocalReply(AppException(ResponseStatus::BadResponse, what), false); parent_.deferredMessage(*this); } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/active_message.h ================================================ #pragma once #include "envoy/event/deferred_deletable.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" #include "common/buffer/buffer_impl.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/stream_info/stream_info_impl.h" #include "extensions/filters/network/dubbo_proxy/decoder.h" #include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/router/router.h" #include "extensions/filters/network/dubbo_proxy/stats.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class ConnectionManager; class ActiveMessage; class ActiveResponseDecoder : public ResponseDecoderCallbacks, public StreamHandler, Logger::Loggable { public: ActiveResponseDecoder(ActiveMessage& parent, DubboFilterStats& stats, Network::Connection& connection, ProtocolPtr&& protocol); ~ActiveResponseDecoder() override = default; DubboFilters::UpstreamResponseStatus onData(Buffer::Instance& data); // StreamHandler void onStreamDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) override; // ResponseDecoderCallbacks StreamHandler& newStream() override { return *this; } void onHeartbeat(MessageMetadataSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } uint64_t requestId() const { return metadata_ ? metadata_->requestId() : 0; } private: FilterStatus applyMessageEncodedFilters(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx); ActiveMessage& parent_; DubboFilterStats& stats_; Network::Connection& response_connection_; ProtocolPtr protocol_; ResponseDecoderPtr decoder_; MessageMetadataSharedPtr metadata_; bool complete_ : 1; DubboFilters::UpstreamResponseStatus response_status_; }; using ActiveResponseDecoderPtr = std::unique_ptr; class ActiveMessageFilterBase : public virtual DubboFilters::FilterCallbacksBase { public: ActiveMessageFilterBase(ActiveMessage& parent, bool dual_filter) : parent_(parent), dual_filter_(dual_filter) {} ~ActiveMessageFilterBase() override = default; // DubboFilters::FilterCallbacksBase uint64_t requestId() const override; uint64_t streamId() const override; const Network::Connection* connection() const override; DubboProxy::Router::RouteConstSharedPtr route() override; SerializationType serializationType() const override; ProtocolType protocolType() const override; StreamInfo::StreamInfo& streamInfo() override; Event::Dispatcher& dispatcher() override; void resetStream() override; protected: ActiveMessage& parent_; const bool dual_filter_ : 1; }; // Wraps a DecoderFilter and acts as the DecoderFilterCallbacks for the filter, enabling filter // chain continuation. class ActiveMessageDecoderFilter : public DubboFilters::DecoderFilterCallbacks, public ActiveMessageFilterBase, public LinkedObject, Logger::Loggable { public: ActiveMessageDecoderFilter(ActiveMessage& parent, DubboFilters::DecoderFilterSharedPtr filter, bool dual_filter); ~ActiveMessageDecoderFilter() override = default; void continueDecoding() override; void sendLocalReply(const DubboFilters::DirectResponse& response, bool end_stream) override; void startUpstreamResponse() override; DubboFilters::UpstreamResponseStatus upstreamData(Buffer::Instance& buffer) override; void resetDownstreamConnection() override; DubboFilters::DecoderFilterSharedPtr handler() { return handle_; } private: DubboFilters::DecoderFilterSharedPtr handle_; }; using ActiveMessageDecoderFilterPtr = std::unique_ptr; // Wraps a EncoderFilter and acts as the EncoderFilterCallbacks for the filter, enabling filter // chain continuation. class ActiveMessageEncoderFilter : public ActiveMessageFilterBase, public DubboFilters::EncoderFilterCallbacks, public LinkedObject, Logger::Loggable { public: ActiveMessageEncoderFilter(ActiveMessage& parent, DubboFilters::EncoderFilterSharedPtr filter, bool dual_filter); ~ActiveMessageEncoderFilter() override = default; void continueEncoding() override; DubboFilters::EncoderFilterSharedPtr handler() { return handle_; } private: DubboFilters::EncoderFilterSharedPtr handle_; friend class ActiveMessage; }; using ActiveMessageEncoderFilterPtr = std::unique_ptr; // ActiveMessage tracks downstream requests for which no response has been received. class ActiveMessage : public LinkedObject, public Event::DeferredDeletable, public StreamHandler, public DubboFilters::DecoderFilterCallbacks, public DubboFilters::FilterChainFactoryCallbacks, Logger::Loggable { public: ActiveMessage(ConnectionManager& parent); ~ActiveMessage() override; // Indicates which filter to start the iteration with. enum class FilterIterationStartState { AlwaysStartFromNext, CanStartFromCurrent }; // Returns the encoder filter to start iteration with. std::list::iterator commonEncodePrefix(ActiveMessageEncoderFilter* filter, FilterIterationStartState state); // Returns the decoder filter to start iteration with. std::list::iterator commonDecodePrefix(ActiveMessageDecoderFilter* filter, FilterIterationStartState state); // Dubbo::FilterChainFactoryCallbacks void addDecoderFilter(DubboFilters::DecoderFilterSharedPtr filter) override; void addEncoderFilter(DubboFilters::EncoderFilterSharedPtr filter) override; void addFilter(DubboFilters::CodecFilterSharedPtr filter) override; // StreamHandler void onStreamDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) override; // DubboFilters::DecoderFilterCallbacks uint64_t requestId() const override; uint64_t streamId() const override; const Network::Connection* connection() const override; void continueDecoding() override; SerializationType serializationType() const override; ProtocolType protocolType() const override; StreamInfo::StreamInfo& streamInfo() override; Router::RouteConstSharedPtr route() override; void sendLocalReply(const DubboFilters::DirectResponse& response, bool end_stream) override; void startUpstreamResponse() override; DubboFilters::UpstreamResponseStatus upstreamData(Buffer::Instance& buffer) override; void resetDownstreamConnection() override; Event::Dispatcher& dispatcher() override; void resetStream() override; void createFilterChain(); FilterStatus applyDecoderFilters(ActiveMessageDecoderFilter* filter, FilterIterationStartState state); FilterStatus applyEncoderFilters(ActiveMessageEncoderFilter* filter, FilterIterationStartState state); void finalizeRequest(); void onReset(); void onError(const std::string& what); MessageMetadataSharedPtr metadata() const { return metadata_; } ContextSharedPtr context() const { return context_; } bool pendingStreamDecoded() const { return pending_stream_decoded_; } private: void addDecoderFilterWorker(DubboFilters::DecoderFilterSharedPtr filter, bool dual_filter); void addEncoderFilterWorker(DubboFilters::EncoderFilterSharedPtr, bool dual_filter); ConnectionManager& parent_; ContextSharedPtr context_; MessageMetadataSharedPtr metadata_; Stats::TimespanPtr request_timer_; ActiveResponseDecoderPtr response_decoder_; absl::optional cached_route_; std::list decoder_filters_; std::function filter_action_; std::list encoder_filters_; std::function encoder_filter_action_; int32_t request_id_; // This value is used in the calculation of the weighted cluster. uint64_t stream_id_; StreamInfo::StreamInfoImpl stream_info_; Buffer::OwnedImpl response_buffer_; bool pending_stream_decoded_ : 1; bool local_response_sent_ : 1; friend class ActiveResponseDecoder; }; using ActiveMessagePtr = std::unique_ptr; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/app_exception.cc ================================================ #include "extensions/filters/network/dubbo_proxy/app_exception.h" #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/dubbo_proxy/message.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { DownstreamConnectionCloseException::DownstreamConnectionCloseException(const std::string& what) : EnvoyException(what) {} } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/app_exception.h ================================================ #pragma once #include "envoy/common/exception.h" #include "common/common/utility.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/protocol.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { using ResponseType = DubboFilters::DirectResponse::ResponseType; template struct AppExceptionBase : public EnvoyException, public DubboFilters::DirectResponse, Logger::Loggable { AppExceptionBase(const AppExceptionBase& ex) = default; AppExceptionBase(T status, const std::string& what) : EnvoyException(what), status_(status), response_type_(RpcResponseType::ResponseWithException) {} ResponseType encode(MessageMetadata& metadata, DubboProxy::Protocol& protocol, Buffer::Instance& buffer) const override { ASSERT(buffer.length() == 0); ENVOY_LOG(debug, "Exception information: {}", what()); metadata.setResponseStatus(status_); metadata.setMessageType(MessageType::Response); if (!protocol.encode(buffer, metadata, what(), response_type_)) { ExceptionUtil::throwEnvoyException("Failed to encode local reply message"); } return ResponseType::Exception; } const T status_; const RpcResponseType response_type_; }; using AppException = AppExceptionBase<>; struct DownstreamConnectionCloseException : public EnvoyException { DownstreamConnectionCloseException(const std::string& what); }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/buffer_helper.cc ================================================ #include "extensions/filters/network/dubbo_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { double BufferHelper::peekDouble(Buffer::Instance& buffer, uint64_t offset) { if (buffer.length() < offset + 8) { throw EnvoyException("buffer underflow"); } double i; uint64_t j = buffer.peekBEInt(offset); std::memcpy(&i, &j, 8); return i; } float BufferHelper::peekFloat(Buffer::Instance& buffer, uint64_t offset) { if (buffer.length() < offset + 4) { throw EnvoyException("buffer underflow"); } float i; uint32_t j = buffer.peekBEInt(offset); std::memcpy(&i, &j, 4); return i; } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/buffer_helper.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * BufferHelper provides buffer operations for reading bytes and numbers in the various encodings * used by protocols. */ class BufferHelper { public: /** * Reads an double from the buffer at the given offset. * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @return the double at offset in buffer */ static double peekDouble(Buffer::Instance& buffer, uint64_t offset = 0); /** * Reads an float from the buffer at the given offset. * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @return the float at offset in buffer */ static float peekFloat(Buffer::Instance& buffer, uint64_t offset = 0); }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/config.cc ================================================ #include "extensions/filters/network/dubbo_proxy/config.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "extensions/filters/network/dubbo_proxy/conn_manager.h" #include "extensions/filters/network/dubbo_proxy/filters/factory_base.h" #include "extensions/filters/network/dubbo_proxy/filters/well_known_names.h" #include "extensions/filters/network/dubbo_proxy/stats.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { Network::FilterFactoryCb DubboProxyFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::dubbo_proxy::v3::DubboProxy& proto_config, Server::Configuration::FactoryContext& context) { std::shared_ptr filter_config(std::make_shared(proto_config, context)); return [filter_config, &context](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared( *filter_config, context.api().randomGenerator(), context.dispatcher().timeSource())); }; } /** * Static registration for the dubbo filter. @see RegisterFactory. */ REGISTER_FACTORY(DubboProxyFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); class ProtocolTypeMapper { public: using ConfigProtocolType = envoy::extensions::filters::network::dubbo_proxy::v3::ProtocolType; using ProtocolTypeMap = absl::flat_hash_map; static ProtocolType lookupProtocolType(ConfigProtocolType config_type) { const auto& iter = protocolTypeMap().find(config_type); ASSERT(iter != protocolTypeMap().end()); return iter->second; } private: static const ProtocolTypeMap& protocolTypeMap() { CONSTRUCT_ON_FIRST_USE(ProtocolTypeMap, { {ConfigProtocolType::Dubbo, ProtocolType::Dubbo}, }); } }; class SerializationTypeMapper { public: using ConfigSerializationType = envoy::extensions::filters::network::dubbo_proxy::v3::SerializationType; using SerializationTypeMap = absl::flat_hash_map; static SerializationType lookupSerializationType(ConfigSerializationType type) { const auto& iter = serializationTypeMap().find(type); ASSERT(iter != serializationTypeMap().end()); return iter->second; } private: static const SerializationTypeMap& serializationTypeMap() { CONSTRUCT_ON_FIRST_USE(SerializationTypeMap, { {ConfigSerializationType::Hessian2, SerializationType::Hessian2}, }); } }; class RouteMatcherTypeMapper { public: using ConfigProtocolType = envoy::extensions::filters::network::dubbo_proxy::v3::ProtocolType; using RouteMatcherTypeMap = absl::flat_hash_map; static Router::RouteMatcherType lookupRouteMatcherType(ConfigProtocolType type) { const auto& iter = routeMatcherTypeMap().find(type); ASSERT(iter != routeMatcherTypeMap().end()); return iter->second; } private: static const RouteMatcherTypeMap& routeMatcherTypeMap() { CONSTRUCT_ON_FIRST_USE(RouteMatcherTypeMap, { {ConfigProtocolType::Dubbo, Router::RouteMatcherType::Default}, }); } }; // class ConfigImpl. ConfigImpl::ConfigImpl(const DubboProxyConfig& config, Server::Configuration::FactoryContext& context) : context_(context), stats_prefix_(fmt::format("dubbo.{}.", config.stat_prefix())), stats_(DubboFilterStats::generateStats(stats_prefix_, context_.scope())), serialization_type_( SerializationTypeMapper::lookupSerializationType(config.serialization_type())), protocol_type_(ProtocolTypeMapper::lookupProtocolType(config.protocol_type())) { auto type = RouteMatcherTypeMapper::lookupRouteMatcherType(config.protocol_type()); route_matcher_ = Router::NamedRouteMatcherConfigFactory::getFactory(type).createRouteMatcher( config.route_config(), context); if (config.dubbo_filters().empty()) { ENVOY_LOG(debug, "using default router filter"); envoy::extensions::filters::network::dubbo_proxy::v3::DubboFilter router_config; router_config.set_name(DubboFilters::DubboFilterNames::get().ROUTER); registerFilter(router_config); } else { for (const auto& filter_config : config.dubbo_filters()) { registerFilter(filter_config); } } } void ConfigImpl::createFilterChain(DubboFilters::FilterChainFactoryCallbacks& callbacks) { for (const DubboFilters::FilterFactoryCb& factory : filter_factories_) { factory(callbacks); } } Router::RouteConstSharedPtr ConfigImpl::route(const MessageMetadata& metadata, uint64_t random_value) const { return route_matcher_->route(metadata, random_value); } ProtocolPtr ConfigImpl::createProtocol() { return NamedProtocolConfigFactory::getFactory(protocol_type_).createProtocol(serialization_type_); } void ConfigImpl::registerFilter(const DubboFilterConfig& proto_config) { const auto& string_name = proto_config.name(); ENVOY_LOG(debug, " dubbo filter #{}", filter_factories_.size()); ENVOY_LOG(debug, " name: {}", string_name); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage(proto_config.config(), true)); auto& factory = Envoy::Config::Utility::getAndCheckFactoryByName( string_name); ProtobufTypes::MessagePtr message = factory.createEmptyConfigProto(); Envoy::Config::Utility::translateOpaqueConfig(proto_config.config(), ProtobufWkt::Struct::default_instance(), context_.messageValidationVisitor(), *message); DubboFilters::FilterFactoryCb callback = factory.createFilterFactoryFromProto(*message, stats_prefix_, context_); filter_factories_.push_back(callback); } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/config.h ================================================ #pragma once #include #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/dubbo_proxy/conn_manager.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/router/route_matcher.h" #include "extensions/filters/network/dubbo_proxy/router/router_impl.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * Config registration for the dubbo proxy filter. @see NamedNetworkFilterConfigFactory. */ class DubboProxyFilterConfigFactory : public Common::FactoryBase { public: DubboProxyFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().DubboProxy, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::dubbo_proxy::v3::DubboProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; class ConfigImpl : public Config, public Router::Config, public DubboFilters::FilterChainFactory, Logger::Loggable { public: using DubboProxyConfig = envoy::extensions::filters::network::dubbo_proxy::v3::DubboProxy; using DubboFilterConfig = envoy::extensions::filters::network::dubbo_proxy::v3::DubboFilter; ConfigImpl(const DubboProxyConfig& config, Server::Configuration::FactoryContext& context); ~ConfigImpl() override = default; // DubboFilters::FilterChainFactory void createFilterChain(DubboFilters::FilterChainFactoryCallbacks& callbacks) override; // Router::Config Router::RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const override; // Config DubboFilterStats& stats() override { return stats_; } DubboFilters::FilterChainFactory& filterFactory() override { return *this; } Router::Config& routerConfig() override { return *this; } ProtocolPtr createProtocol() override; private: void registerFilter(const DubboFilterConfig& proto_config); Server::Configuration::FactoryContext& context_; const std::string stats_prefix_; DubboFilterStats stats_; const SerializationType serialization_type_; const ProtocolType protocol_type_; Router::RouteMatcherPtr route_matcher_; std::list filter_factories_; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/conn_manager.cc ================================================ #include "extensions/filters/network/dubbo_proxy/conn_manager.h" #include #include "envoy/common/exception.h" #include "common/common/fmt.h" #include "extensions/filters/network/dubbo_proxy/app_exception.h" #include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" #include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" #include "extensions/filters/network/dubbo_proxy/heartbeat_response.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { constexpr uint32_t BufferLimit = UINT32_MAX; ConnectionManager::ConnectionManager(Config& config, Random::RandomGenerator& random_generator, TimeSource& time_system) : config_(config), time_system_(time_system), stats_(config_.stats()), random_generator_(random_generator), protocol_(config.createProtocol()), decoder_(std::make_unique(*protocol_, *this)) {} Network::FilterStatus ConnectionManager::onData(Buffer::Instance& data, bool end_stream) { ENVOY_LOG(trace, "dubbo: read {} bytes", data.length()); request_buffer_.move(data); dispatch(); if (end_stream) { ENVOY_CONN_LOG(trace, "downstream half-closed", read_callbacks_->connection()); // Downstream has closed. Unless we're waiting for an upstream connection to complete a oneway // request, close. The special case for oneway requests allows them to complete before the // ConnectionManager is destroyed. if (stopped_) { ASSERT(!active_message_list_.empty()); auto metadata = (*active_message_list_.begin())->metadata(); if (metadata && metadata->messageType() == MessageType::Oneway) { ENVOY_CONN_LOG(trace, "waiting for one-way completion", read_callbacks_->connection()); half_closed_ = true; return Network::FilterStatus::StopIteration; } } ENVOY_LOG(debug, "dubbo: end data processing"); resetAllMessages(false); read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } return Network::FilterStatus::StopIteration; } Network::FilterStatus ConnectionManager::onNewConnection() { return Network::FilterStatus::Continue; } void ConnectionManager::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; read_callbacks_->connection().addConnectionCallbacks(*this); read_callbacks_->connection().enableHalfClose(true); read_callbacks_->connection().setBufferLimits(BufferLimit); } void ConnectionManager::onEvent(Network::ConnectionEvent event) { resetAllMessages(event == Network::ConnectionEvent::LocalClose); } void ConnectionManager::onAboveWriteBufferHighWatermark() { ENVOY_CONN_LOG(debug, "onAboveWriteBufferHighWatermark", read_callbacks_->connection()); read_callbacks_->connection().readDisable(true); } void ConnectionManager::onBelowWriteBufferLowWatermark() { ENVOY_CONN_LOG(debug, "onBelowWriteBufferLowWatermark", read_callbacks_->connection()); read_callbacks_->connection().readDisable(false); } StreamHandler& ConnectionManager::newStream() { ENVOY_LOG(debug, "dubbo: create the new decoder event handler"); ActiveMessagePtr new_message(std::make_unique(*this)); new_message->createFilterChain(); LinkedList::moveIntoList(std::move(new_message), active_message_list_); return **active_message_list_.begin(); } void ConnectionManager::onHeartbeat(MessageMetadataSharedPtr metadata) { stats_.request_event_.inc(); if (read_callbacks_->connection().state() != Network::Connection::State::Open) { ENVOY_LOG(warn, "dubbo: downstream connection is closed or closing"); return; } metadata->setResponseStatus(ResponseStatus::Ok); metadata->setMessageType(MessageType::HeartbeatResponse); HeartbeatResponse heartbeat; Buffer::OwnedImpl response_buffer; heartbeat.encode(*metadata, *protocol_, response_buffer); read_callbacks_->connection().write(response_buffer, false); } void ConnectionManager::dispatch() { if (0 == request_buffer_.length()) { ENVOY_LOG(warn, "dubbo: it's empty data"); return; } if (stopped_) { ENVOY_CONN_LOG(debug, "dubbo: dubbo filter stopped", read_callbacks_->connection()); return; } try { bool underflow = false; while (!underflow) { decoder_->onData(request_buffer_, underflow); } return; } catch (const EnvoyException& ex) { ENVOY_CONN_LOG(error, "dubbo error: {}", read_callbacks_->connection(), ex.what()); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); stats_.request_decoding_error_.inc(); } resetAllMessages(true); } void ConnectionManager::sendLocalReply(MessageMetadata& metadata, const DubboFilters::DirectResponse& response, bool end_stream) { if (read_callbacks_->connection().state() != Network::Connection::State::Open) { return; } DubboFilters::DirectResponse::ResponseType result = DubboFilters::DirectResponse::ResponseType::ErrorReply; try { Buffer::OwnedImpl buffer; result = response.encode(metadata, *protocol_, buffer); read_callbacks_->connection().write(buffer, end_stream); } catch (const EnvoyException& ex) { ENVOY_CONN_LOG(error, "dubbo error: {}", read_callbacks_->connection(), ex.what()); } if (end_stream) { read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } switch (result) { case DubboFilters::DirectResponse::ResponseType::SuccessReply: stats_.local_response_success_.inc(); break; case DubboFilters::DirectResponse::ResponseType::ErrorReply: stats_.local_response_error_.inc(); break; case DubboFilters::DirectResponse::ResponseType::Exception: stats_.local_response_business_exception_.inc(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void ConnectionManager::continueDecoding() { ENVOY_CONN_LOG(debug, "dubbo filter continued", read_callbacks_->connection()); stopped_ = false; dispatch(); if (!stopped_ && half_closed_) { // If we're half closed, but not stopped waiting for an upstream, // reset any pending rpcs and close the connection. resetAllMessages(false); read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } } void ConnectionManager::deferredMessage(ActiveMessage& message) { if (!message.inserted()) { return; } read_callbacks_->connection().dispatcher().deferredDelete( message.removeFromList(active_message_list_)); } void ConnectionManager::resetAllMessages(bool local_reset) { while (!active_message_list_.empty()) { if (local_reset) { ENVOY_CONN_LOG(debug, "local close with active request", read_callbacks_->connection()); stats_.cx_destroy_local_with_active_rq_.inc(); } else { ENVOY_CONN_LOG(debug, "remote close with active request", read_callbacks_->connection()); stats_.cx_destroy_remote_with_active_rq_.inc(); } active_message_list_.front()->onReset(); } } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/conn_manager.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "common/common/logger.h" #include "extensions/filters/network/dubbo_proxy/active_message.h" #include "extensions/filters/network/dubbo_proxy/decoder.h" #include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/protocol.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" #include "extensions/filters/network/dubbo_proxy/stats.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * Config is a configuration interface for ConnectionManager. */ class Config { public: virtual ~Config() = default; virtual DubboFilters::FilterChainFactory& filterFactory() PURE; virtual DubboFilterStats& stats() PURE; virtual ProtocolPtr createProtocol() PURE; virtual Router::Config& routerConfig() PURE; }; // class ActiveMessagePtr; class ConnectionManager : public Network::ReadFilter, public Network::ConnectionCallbacks, public RequestDecoderCallbacks, Logger::Loggable { public: using ConfigProtocolType = envoy::extensions::filters::network::dubbo_proxy::v3::ProtocolType; using ConfigSerializationType = envoy::extensions::filters::network::dubbo_proxy::v3::SerializationType; ConnectionManager(Config& config, Random::RandomGenerator& random_generator, TimeSource& time_system); ~ConnectionManager() override = default; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks&) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; // RequestDecoderCallbacks StreamHandler& newStream() override; void onHeartbeat(MessageMetadataSharedPtr metadata) override; DubboFilterStats& stats() const { return stats_; } Network::Connection& connection() const { return read_callbacks_->connection(); } TimeSource& timeSystem() const { return time_system_; } Random::RandomGenerator& randomGenerator() const { return random_generator_; } Config& config() const { return config_; } SerializationType downstreamSerializationType() const { return protocol_->serializer()->type(); } ProtocolType downstreamProtocolType() const { return protocol_->type(); } void continueDecoding(); void deferredMessage(ActiveMessage& message); void sendLocalReply(MessageMetadata& metadata, const DubboFilters::DirectResponse& response, bool end_stream); // This function is for testing only. std::list& getActiveMessagesForTest() { return active_message_list_; } private: void dispatch(); void resetAllMessages(bool local_reset); Buffer::OwnedImpl request_buffer_; std::list active_message_list_; bool stopped_{false}; bool half_closed_{false}; Config& config_; TimeSource& time_system_; DubboFilterStats& stats_; Random::RandomGenerator& random_generator_; SerializerPtr serializer_; ProtocolPtr protocol_; RequestDecoderPtr decoder_; Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/decoder.cc ================================================ #include "extensions/filters/network/dubbo_proxy/decoder.h" #include "common/common/macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { DecoderStateMachine::DecoderStatus DecoderStateMachine::onDecodeStreamHeader(Buffer::Instance& buffer) { ASSERT(!active_stream_); auto metadata = std::make_shared(); auto ret = protocol_.decodeHeader(buffer, metadata); if (!ret.second) { ENVOY_LOG(debug, "dubbo decoder: need more data for {} protocol", protocol_.name()); return {ProtocolState::WaitForData}; } auto context = ret.first; if (metadata->messageType() == MessageType::HeartbeatRequest || metadata->messageType() == MessageType::HeartbeatResponse) { if (buffer.length() < (context->headerSize() + context->bodySize())) { ENVOY_LOG(debug, "dubbo decoder: need more data for {} protocol heartbeat", protocol_.name()); return {ProtocolState::WaitForData}; } ENVOY_LOG(debug, "dubbo decoder: this is the {} heartbeat message", protocol_.name()); buffer.drain(context->headerSize() + context->bodySize()); delegate_.onHeartbeat(metadata); return {ProtocolState::Done}; } active_stream_ = delegate_.newStream(metadata, context); ASSERT(active_stream_); context->messageOriginData().move(buffer, context->headerSize()); return {ProtocolState::OnDecodeStreamData}; } DecoderStateMachine::DecoderStatus DecoderStateMachine::onDecodeStreamData(Buffer::Instance& buffer) { ASSERT(active_stream_); if (!protocol_.decodeData(buffer, active_stream_->context_, active_stream_->metadata_)) { ENVOY_LOG(debug, "dubbo decoder: need more data for {} serialization, current size {}", protocol_.serializer()->name(), buffer.length()); return {ProtocolState::WaitForData}; } active_stream_->context_->messageOriginData().move(buffer, active_stream_->context_->bodySize()); active_stream_->onStreamDecoded(); active_stream_ = nullptr; ENVOY_LOG(debug, "dubbo decoder: ends the deserialization of the message"); return {ProtocolState::Done}; } DecoderStateMachine::DecoderStatus DecoderStateMachine::handleState(Buffer::Instance& buffer) { switch (state_) { case ProtocolState::OnDecodeStreamHeader: return onDecodeStreamHeader(buffer); case ProtocolState::OnDecodeStreamData: return onDecodeStreamData(buffer); default: NOT_REACHED_GCOVR_EXCL_LINE; } } ProtocolState DecoderStateMachine::run(Buffer::Instance& buffer) { while (state_ != ProtocolState::Done) { ENVOY_LOG(trace, "dubbo decoder: state {}, {} bytes available", ProtocolStateNameValues::name(state_), buffer.length()); DecoderStatus s = handleState(buffer); if (s.next_state_ == ProtocolState::WaitForData) { return ProtocolState::WaitForData; } state_ = s.next_state_; } return state_; } using DecoderStateMachinePtr = std::unique_ptr; DecoderBase::DecoderBase(Protocol& protocol) : protocol_(protocol) {} DecoderBase::~DecoderBase() { complete(); } FilterStatus DecoderBase::onData(Buffer::Instance& data, bool& buffer_underflow) { ENVOY_LOG(debug, "dubbo decoder: {} bytes available", data.length()); buffer_underflow = false; if (!decode_started_) { start(); } ASSERT(state_machine_ != nullptr); ENVOY_LOG(debug, "dubbo decoder: protocol {}, state {}, {} bytes available", protocol_.name(), ProtocolStateNameValues::name(state_machine_->currentState()), data.length()); ProtocolState rv = state_machine_->run(data); switch (rv) { case ProtocolState::WaitForData: ENVOY_LOG(debug, "dubbo decoder: wait for data"); buffer_underflow = true; return FilterStatus::Continue; default: break; } ASSERT(rv == ProtocolState::Done); complete(); buffer_underflow = (data.length() == 0); ENVOY_LOG(debug, "dubbo decoder: data length {}", data.length()); return FilterStatus::Continue; } void DecoderBase::start() { state_machine_ = std::make_unique(protocol_, *this); decode_started_ = true; } void DecoderBase::complete() { state_machine_.reset(); stream_.reset(); decode_started_ = false; } void DecoderBase::reset() { complete(); } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/decoder.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" #include "extensions/filters/network/dubbo_proxy/protocol.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { #define ALL_PROTOCOL_STATES(FUNCTION) \ FUNCTION(StopIteration) \ FUNCTION(WaitForData) \ FUNCTION(OnDecodeStreamHeader) \ FUNCTION(OnDecodeStreamData) \ FUNCTION(Done) /** * ProtocolState represents a set of states used in a state machine to decode Dubbo requests * and responses. */ enum class ProtocolState { ALL_PROTOCOL_STATES(GENERATE_ENUM) }; class ProtocolStateNameValues { public: static const std::string& name(ProtocolState state) { size_t i = static_cast(state); ASSERT(i < names().size()); return names()[i]; } private: static const std::vector& names() { CONSTRUCT_ON_FIRST_USE(std::vector, {ALL_PROTOCOL_STATES(GENERATE_STRING)}); } }; struct ActiveStream { ActiveStream(StreamHandler& handler, MessageMetadataSharedPtr metadata, ContextSharedPtr context) : handler_(handler), metadata_(metadata), context_(context) {} ~ActiveStream() { metadata_.reset(); context_.reset(); } void onStreamDecoded() { ASSERT(metadata_ && context_); handler_.onStreamDecoded(metadata_, context_); } StreamHandler& handler_; MessageMetadataSharedPtr metadata_; ContextSharedPtr context_; }; using ActiveStreamPtr = std::unique_ptr; class DecoderStateMachine : public Logger::Loggable { public: class Delegate { public: virtual ~Delegate() = default; virtual ActiveStream* newStream(MessageMetadataSharedPtr metadata, ContextSharedPtr context) PURE; virtual void onHeartbeat(MessageMetadataSharedPtr metadata) PURE; }; DecoderStateMachine(Protocol& protocol, Delegate& delegate) : protocol_(protocol), delegate_(delegate), state_(ProtocolState::OnDecodeStreamHeader) {} /** * Consumes as much data from the configured Buffer as possible and executes the decoding state * machine. Returns ProtocolState::WaitForData if more data is required to complete processing of * a message. Returns ProtocolState::Done when the end of a message is successfully processed. * Once the Done state is reached, further invocations of run return immediately with Done. * * @param buffer a buffer containing the remaining data to be processed * @return ProtocolState returns with ProtocolState::WaitForData or ProtocolState::Done * @throw Envoy Exception if thrown by the underlying Protocol */ ProtocolState run(Buffer::Instance& buffer); /** * @return the current ProtocolState */ ProtocolState currentState() const { return state_; } private: struct DecoderStatus { DecoderStatus() = default; DecoderStatus(ProtocolState next_state) : next_state_(next_state){}; DecoderStatus(ProtocolState next_state, FilterStatus filter_status) : next_state_(next_state), filter_status_(filter_status){}; ProtocolState next_state_; absl::optional filter_status_; }; // These functions map directly to the matching ProtocolState values. Each returns the next state // or ProtocolState::WaitForData if more data is required. DecoderStatus onDecodeStreamHeader(Buffer::Instance& buffer); DecoderStatus onDecodeStreamData(Buffer::Instance& buffer); // handleState delegates to the appropriate method based on state_. DecoderStatus handleState(Buffer::Instance& buffer); Protocol& protocol_; Delegate& delegate_; ProtocolState state_; ActiveStream* active_stream_{nullptr}; }; using DecoderStateMachinePtr = std::unique_ptr; class DecoderBase : public DecoderStateMachine::Delegate, public Logger::Loggable { public: DecoderBase(Protocol& protocol); ~DecoderBase() override; /** * Drains data from the given buffer * * @param data a Buffer containing Dubbo protocol data * @throw EnvoyException on Dubbo protocol errors */ FilterStatus onData(Buffer::Instance& data, bool& buffer_underflow); const Protocol& protocol() { return protocol_; } // It is assumed that all of the protocol parsing are stateless, // if there is a state of the need to provide the reset interface call here. void reset(); protected: void start(); void complete(); Protocol& protocol_; ActiveStreamPtr stream_; DecoderStateMachinePtr state_machine_; bool decode_started_{false}; }; /** * Decoder encapsulates a configured and ProtocolPtr and SerializationPtr. */ template class Decoder : public DecoderBase { public: Decoder(Protocol& protocol, T& callbacks) : DecoderBase(protocol), callbacks_(callbacks) {} ActiveStream* newStream(MessageMetadataSharedPtr metadata, ContextSharedPtr context) override { ASSERT(!stream_); stream_ = std::make_unique(callbacks_.newStream(), metadata, context); return stream_.get(); } void onHeartbeat(MessageMetadataSharedPtr metadata) override { callbacks_.onHeartbeat(metadata); } private: T& callbacks_; }; class RequestDecoder : public Decoder { public: RequestDecoder(Protocol& protocol, RequestDecoderCallbacks& callbacks) : Decoder(protocol, callbacks) {} }; using RequestDecoderPtr = std::unique_ptr; class ResponseDecoder : public Decoder { public: ResponseDecoder(Protocol& protocol, ResponseDecoderCallbacks& callbacks) : Decoder(protocol, callbacks) {} }; using ResponseDecoderPtr = std::unique_ptr; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/network/filter.h" #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { enum class FilterStatus : uint8_t { // Continue filter chain iteration. Continue, // Do not iterate to any of the remaining filters in the chain. Returning // FilterDataStatus::Continue from decodeData()/encodeData() or calling // continueDecoding()/continueEncoding() MUST be called if continued filter iteration is desired. StopIteration, // Indicates that a retry is required for the reply message received. Retry, }; class StreamDecoder { public: virtual ~StreamDecoder() = default; /** * Indicates that the message had been decoded. * @param metadata MessageMetadataSharedPtr describing the message * @param ctx the message context information * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus onMessageDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) PURE; }; using StreamDecoderSharedPtr = std::shared_ptr; class StreamEncoder { public: virtual ~StreamEncoder() = default; /** * Indicates that the message had been encoded. * @param metadata MessageMetadataSharedPtr describing the message * @param ctx the message context information * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus onMessageEncoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) PURE; }; using StreamEncoderSharedPtr = std::shared_ptr; class StreamHandler { public: virtual ~StreamHandler() = default; /** * Indicates that the message had been decoded. * @param metadata MessageMetadataSharedPtr describing the message * @param ctx the message context information * @return FilterStatus to indicate if filter chain iteration should continue */ virtual void onStreamDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) PURE; }; using StreamDecoderSharedPtr = std::shared_ptr; class DecoderCallbacksBase { public: virtual ~DecoderCallbacksBase() = default; /** * @return StreamDecoder* a new StreamDecoder for a message. */ virtual StreamHandler& newStream() PURE; /** * Indicates that the message is a heartbeat. */ virtual void onHeartbeat(MessageMetadataSharedPtr) PURE; }; class RequestDecoderCallbacks : public DecoderCallbacksBase {}; class ResponseDecoderCallbacks : public DecoderCallbacksBase {}; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.cc ================================================ #include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "extensions/filters/network/dubbo_proxy/hessian_utils.h" #include "extensions/filters/network/dubbo_proxy/message_impl.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" #include "extensions/filters/network/dubbo_proxy/serializer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { std::pair DubboHessian2SerializerImpl::deserializeRpcInvocation(Buffer::Instance& buffer, ContextSharedPtr context) { size_t total_size = 0, size; // TODO(zyfjeff): Add format checker std::string dubbo_version = HessianUtils::peekString(buffer, &size); total_size += size; std::string service_name = HessianUtils::peekString(buffer, &size, total_size); total_size += size; std::string service_version = HessianUtils::peekString(buffer, &size, total_size); total_size += size; std::string method_name = HessianUtils::peekString(buffer, &size, total_size); total_size += size; if (static_cast(context->bodySize()) < total_size) { throw EnvoyException(fmt::format("RpcInvocation size({}) large than body size({})", total_size, context->bodySize())); } auto invo = std::make_shared(); invo->setServiceName(service_name); invo->setServiceVersion(service_version); invo->setMethodName(method_name); return std::pair(invo, true); } std::pair DubboHessian2SerializerImpl::deserializeRpcResult(Buffer::Instance& buffer, ContextSharedPtr context) { ASSERT(buffer.length() >= context->bodySize()); size_t total_size = 0; bool has_value = true; auto result = std::make_shared(); RpcResponseType type = static_cast(HessianUtils::peekInt(buffer, &total_size)); switch (type) { case RpcResponseType::ResponseWithException: case RpcResponseType::ResponseWithExceptionWithAttachments: case RpcResponseType::ResponseWithValue: result->setException(true); break; case RpcResponseType::ResponseWithNullValue: has_value = false; FALLTHRU; case RpcResponseType::ResponseValueWithAttachments: case RpcResponseType::ResponseNullValueWithAttachments: result->setException(false); break; default: throw EnvoyException(fmt::format("not supported return type {}", static_cast(type))); } if (context->bodySize() < total_size) { throw EnvoyException(fmt::format("RpcResult size({}) large than body size({})", total_size, context->bodySize())); } if (!has_value && context->bodySize() != total_size) { throw EnvoyException( fmt::format("RpcResult is no value, but the rest of the body size({}) not equal 0", (context->bodySize() - total_size))); } return std::pair(result, true); } size_t DubboHessian2SerializerImpl::serializeRpcResult(Buffer::Instance& output_buffer, const std::string& content, RpcResponseType type) { size_t origin_length = output_buffer.length(); // The serialized response type is compact int. size_t serialized_size = HessianUtils::writeInt( output_buffer, static_cast::type>(type)); // Serialized response content. serialized_size += HessianUtils::writeString(output_buffer, content); ASSERT((output_buffer.length() - origin_length) == serialized_size); return serialized_size; } class DubboHessian2SerializerConfigFactory : public SerializerFactoryBase { public: DubboHessian2SerializerConfigFactory() : SerializerFactoryBase(ProtocolType::Dubbo, SerializationType::Hessian2) {} }; /** * Static registration for the Hessian protocol. @see RegisterFactory. */ REGISTER_FACTORY(DubboHessian2SerializerConfigFactory, NamedSerializerConfigFactory); } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h ================================================ #pragma once #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class DubboHessian2SerializerImpl : public Serializer { public: ~DubboHessian2SerializerImpl() override = default; const std::string& name() const override { return ProtocolSerializerNames::get().fromType(ProtocolType::Dubbo, type()); } SerializationType type() const override { return SerializationType::Hessian2; } std::pair deserializeRpcInvocation(Buffer::Instance& buffer, ContextSharedPtr context) override; std::pair deserializeRpcResult(Buffer::Instance& buffer, ContextSharedPtr context) override; size_t serializeRpcResult(Buffer::Instance& output_buffer, const std::string& content, RpcResponseType type) override; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.cc ================================================ #include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "extensions/filters/network/dubbo_proxy/message_impl.h" #include "extensions/filters/network/dubbo_proxy/serializer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace { constexpr uint16_t MagicNumber = 0xdabb; constexpr uint8_t MessageTypeMask = 0x80; constexpr uint8_t EventMask = 0x20; constexpr uint8_t TwoWayMask = 0x40; constexpr uint8_t SerializationTypeMask = 0x1f; constexpr uint64_t FlagOffset = 2; constexpr uint64_t StatusOffset = 3; constexpr uint64_t RequestIDOffset = 4; constexpr uint64_t BodySizeOffset = 12; } // namespace // Consistent with the SerializationType bool isValidSerializationType(SerializationType type) { switch (type) { case SerializationType::Hessian2: break; default: return false; } return true; } // Consistent with the ResponseStatus bool isValidResponseStatus(ResponseStatus status) { switch (status) { case ResponseStatus::Ok: case ResponseStatus::ClientTimeout: case ResponseStatus::ServerTimeout: case ResponseStatus::BadRequest: case ResponseStatus::BadResponse: case ResponseStatus::ServiceNotFound: case ResponseStatus::ServiceError: case ResponseStatus::ClientError: case ResponseStatus::ServerThreadpoolExhaustedError: break; default: return false; } return true; } void parseRequestInfoFromBuffer(Buffer::Instance& data, MessageMetadataSharedPtr metadata) { ASSERT(data.length() >= DubboProtocolImpl::MessageSize); uint8_t flag = data.peekInt(FlagOffset); bool is_two_way = (flag & TwoWayMask) == TwoWayMask ? true : false; SerializationType type = static_cast(flag & SerializationTypeMask); if (!isValidSerializationType(type)) { throw EnvoyException( absl::StrCat("invalid dubbo message serialization type ", static_cast::type>(type))); } if (!is_two_way && metadata->messageType() != MessageType::HeartbeatRequest) { metadata->setMessageType(MessageType::Oneway); } metadata->setSerializationType(type); } void parseResponseInfoFromBuffer(Buffer::Instance& buffer, MessageMetadataSharedPtr metadata) { ASSERT(buffer.length() >= DubboProtocolImpl::MessageSize); ResponseStatus status = static_cast(buffer.peekInt(StatusOffset)); if (!isValidResponseStatus(status)) { throw EnvoyException( absl::StrCat("invalid dubbo message response status ", static_cast::type>(status))); } metadata->setResponseStatus(status); } std::pair DubboProtocolImpl::decodeHeader(Buffer::Instance& buffer, MessageMetadataSharedPtr metadata) { if (!metadata) { throw EnvoyException("invalid metadata parameter"); } if (buffer.length() < DubboProtocolImpl::MessageSize) { return std::pair(nullptr, false); } uint16_t magic_number = buffer.peekBEInt(); if (magic_number != MagicNumber) { throw EnvoyException(absl::StrCat("invalid dubbo message magic number ", magic_number)); } uint8_t flag = buffer.peekInt(FlagOffset); MessageType type = (flag & MessageTypeMask) == MessageTypeMask ? MessageType::Request : MessageType::Response; bool is_event = (flag & EventMask) == EventMask ? true : false; int64_t request_id = buffer.peekBEInt(RequestIDOffset); int32_t body_size = buffer.peekBEInt(BodySizeOffset); // The body size of the heartbeat message is zero. if (body_size > MaxBodySize || body_size < 0) { throw EnvoyException(absl::StrCat("invalid dubbo message size ", body_size)); } metadata->setRequestId(request_id); if (type == MessageType::Request) { if (is_event) { type = MessageType::HeartbeatRequest; } metadata->setMessageType(type); parseRequestInfoFromBuffer(buffer, metadata); } else { if (is_event) { type = MessageType::HeartbeatResponse; } metadata->setMessageType(type); parseResponseInfoFromBuffer(buffer, metadata); } auto context = std::make_shared(); context->setHeaderSize(DubboProtocolImpl::MessageSize); context->setBodySize(body_size); context->setHeartbeat(is_event); return std::pair(context, true); } bool DubboProtocolImpl::decodeData(Buffer::Instance& buffer, ContextSharedPtr context, MessageMetadataSharedPtr metadata) { ASSERT(serializer_); if ((buffer.length()) < static_cast(context->bodySize())) { return false; } switch (metadata->messageType()) { case MessageType::Oneway: case MessageType::Request: { auto ret = serializer_->deserializeRpcInvocation(buffer, context); if (!ret.second) { return false; } metadata->setInvocationInfo(ret.first); break; } case MessageType::Response: { auto ret = serializer_->deserializeRpcResult(buffer, context); if (!ret.second) { return false; } if (ret.first->hasException()) { metadata->setMessageType(MessageType::Exception); } break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } return true; } bool DubboProtocolImpl::encode(Buffer::Instance& buffer, const MessageMetadata& metadata, const std::string& content, RpcResponseType type) { ASSERT(serializer_); switch (metadata.messageType()) { case MessageType::HeartbeatResponse: { ASSERT(metadata.hasResponseStatus()); ASSERT(content.empty()); buffer.writeBEInt(MagicNumber); uint8_t flag = static_cast(metadata.serializationType()); flag = flag ^ EventMask; buffer.writeByte(flag); buffer.writeByte(static_cast(metadata.responseStatus())); buffer.writeBEInt(metadata.requestId()); buffer.writeBEInt(0); return true; } case MessageType::Response: { ASSERT(metadata.hasResponseStatus()); ASSERT(!content.empty()); Buffer::OwnedImpl body_buffer; size_t serialized_body_size = serializer_->serializeRpcResult(body_buffer, content, type); buffer.writeBEInt(MagicNumber); buffer.writeByte(static_cast(metadata.serializationType())); buffer.writeByte(static_cast(metadata.responseStatus())); buffer.writeBEInt(metadata.requestId()); buffer.writeBEInt(serialized_body_size); buffer.move(body_buffer, serialized_body_size); return true; } case MessageType::Request: case MessageType::Oneway: case MessageType::Exception: NOT_IMPLEMENTED_GCOVR_EXCL_LINE; default: NOT_REACHED_GCOVR_EXCL_LINE; } } class DubboProtocolConfigFactory : public ProtocolFactoryBase { public: DubboProtocolConfigFactory() : ProtocolFactoryBase(ProtocolType::Dubbo) {} }; /** * Static registration for the Dubbo protocol. @see RegisterFactory. */ REGISTER_FACTORY(DubboProtocolConfigFactory, NamedProtocolConfigFactory); } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h ================================================ #pragma once #include "extensions/filters/network/dubbo_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class DubboProtocolImpl : public Protocol { public: DubboProtocolImpl() = default; ~DubboProtocolImpl() override = default; const std::string& name() const override { return ProtocolNames::get().fromType(type()); } ProtocolType type() const override { return ProtocolType::Dubbo; } std::pair decodeHeader(Buffer::Instance& buffer, MessageMetadataSharedPtr metadata) override; bool decodeData(Buffer::Instance& buffer, ContextSharedPtr context, MessageMetadataSharedPtr metadata) override; bool encode(Buffer::Instance& buffer, const MessageMetadata& metadata, const std::string& content, RpcResponseType type) override; static constexpr uint8_t MessageSize = 16; static constexpr int32_t MaxBodySize = 16 * 1024 * 1024; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/filters/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:connection_interface", "//include/envoy/stream_info:stream_info_interface", "//source/extensions/filters/network/dubbo_proxy:decoder_events_lib", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", "//source/extensions/filters/network/dubbo_proxy:protocol_interface", "//source/extensions/filters/network/dubbo_proxy:serializer_interface", "//source/extensions/filters/network/dubbo_proxy/router:router_interface", ], ) envoy_cc_library( name = "filter_config_interface", hdrs = ["filter_config.h"], deps = [ ":filter_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", "//source/common/common:macros", "//source/common/protobuf:cc_wkt_protos", ], ) envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], deps = [ ":filter_config_interface", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/filters/network/dubbo_proxy/filters/factory_base.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "common/protobuf/utility.h" #include "extensions/filters/network/dubbo_proxy/filters/filter_config.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace DubboFilters { template class FactoryBase : public NamedDubboFilterConfigFactory { public: FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override { return createFilterFactoryFromProtoTyped(MessageUtil::downcastAndValidate( proto_config, context.messageValidationVisitor()), stats_prefix, context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: FactoryBase(const std::string& name) : name_(name) {} private: virtual FilterFactoryCb createFilterFactoryFromProtoTyped(const ConfigProto& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) PURE; const std::string name_; }; } // namespace DubboFilters } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/filters/filter.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/network/connection.h" #include "envoy/stream_info/stream_info.h" #include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/protocol.h" #include "extensions/filters/network/dubbo_proxy/router/router.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace DubboFilters { enum class UpstreamResponseStatus : uint8_t { MoreData = 0, // The upstream response requires more data. Complete = 1, // The upstream response is complete. Reset = 2, // The upstream response is invalid and its connection must be reset. Retry = 3, // The upstream response is failure need to retry. }; class DirectResponse { public: virtual ~DirectResponse() = default; enum class ResponseType : uint8_t { // DirectResponse encodes MessageType::Reply with success payload SuccessReply, // DirectResponse encodes MessageType::Reply with an exception payload ErrorReply, // DirectResponse encodes MessageType::Exception Exception, }; /** * Encodes the response via the given Protocol. * @param metadata the MessageMetadata for the request that generated this response * @param proto the Protocol to be used for message encoding * @param buffer the Buffer into which the message should be encoded * @return ResponseType indicating whether the message is a successful or error reply or an * exception */ virtual ResponseType encode(MessageMetadata& metadata, Protocol& protocol, Buffer::Instance& buffer) const PURE; }; using DirectResponsePtr = std::unique_ptr; /** * Decoder filter callbacks add additional callbacks. */ class FilterCallbacksBase { public: virtual ~FilterCallbacksBase() = default; /** * @return uint64_t the ID of the originating request for logging purposes. */ virtual uint64_t requestId() const PURE; /** * @return uint64_t the ID of the originating stream for logging purposes. */ virtual uint64_t streamId() const PURE; /** * @return const Network::Connection* the originating connection, or nullptr if there is none. */ virtual const Network::Connection* connection() const PURE; /** * @return RouteConstSharedPtr the route for the current request. */ virtual DubboProxy::Router::RouteConstSharedPtr route() PURE; /** * @return SerializationType the originating protocol. */ virtual SerializationType serializationType() const PURE; /** * @return ProtocolType the originating protocol. */ virtual ProtocolType protocolType() const PURE; /** * @return StreamInfo for logging purposes. */ virtual StreamInfo::StreamInfo& streamInfo() PURE; /** * @return Event::Dispatcher& the thread local dispatcher for allocating timers, etc. */ virtual Event::Dispatcher& dispatcher() PURE; /** * Reset the underlying stream. */ virtual void resetStream() PURE; }; /** * Decoder filter callbacks add additional callbacks. */ class DecoderFilterCallbacks : public virtual FilterCallbacksBase { public: ~DecoderFilterCallbacks() override = default; /** * Continue iterating through the filter chain with buffered data. This routine can only be * called if the filter has previously returned StopIteration from one of the DecoderFilter * methods. The connection manager will callbacks to the next filter in the chain. Further note * that if the request is not complete, the calling filter may receive further callbacks and must * return an appropriate status code depending on what the filter needs to do. */ virtual void continueDecoding() PURE; /** * Create a locally generated response using the provided response object. * @param response DirectResponsePtr the response to send to the downstream client */ virtual void sendLocalReply(const DirectResponse& response, bool end_stream) PURE; /** * Indicates the start of an upstream response. May only be called once. * @param transport_type TransportType the upstream is using * @param protocol_type ProtocolType the upstream is using */ virtual void startUpstreamResponse() PURE; /** * Called with upstream response data. * @param data supplies the upstream's data * @return UpstreamResponseStatus indicating if the upstream response requires more data, is * complete, or if an error occurred requiring the upstream connection to be reset. */ virtual UpstreamResponseStatus upstreamData(Buffer::Instance& data) PURE; /** * Reset the downstream connection. */ virtual void resetDownstreamConnection() PURE; }; /** * Encoder filter callbacks add additional callbacks. */ class EncoderFilterCallbacks : public virtual FilterCallbacksBase { public: ~EncoderFilterCallbacks() override = default; /** * Continue iterating through the filter chain with buffered data. This routine can only be * called if the filter has previously returned StopIteration from one of the DecoderFilter * methods. The connection manager will callbacks to the next filter in the chain. Further note * that if the request is not complete, the calling filter may receive further callbacks and must * return an appropriate status code depending on what the filter needs to do. */ virtual void continueEncoding() PURE; }; /** * Common base class for both decoder and encoder filters. */ class FilterBase { public: virtual ~FilterBase() = default; /** * This routine is called prior to a filter being destroyed. This may happen after normal stream * finish (both downstream and upstream) or due to reset. Every filter is responsible for making * sure that any async events are cleaned up in the context of this routine. This includes timers, * network calls, etc. The reason there is an onDestroy() method vs. doing this type of cleanup * in the destructor is due to the deferred deletion model that Envoy uses to avoid stack unwind * complications. Filters must not invoke either encoder or decoder filter callbacks after having * onDestroy() invoked. */ virtual void onDestroy() PURE; }; /** * Decoder filter interface. */ class DecoderFilter : public StreamDecoder, public FilterBase { public: ~DecoderFilter() override = default; /** * Called by the connection manager once to initialize the filter decoder callbacks that the * filter should use. Callbacks will not be invoked by the filter after onDestroy() is called. */ virtual void setDecoderFilterCallbacks(DecoderFilterCallbacks& callbacks) PURE; }; using DecoderFilterSharedPtr = std::shared_ptr; /** * Encoder filter interface. */ class EncoderFilter : public StreamEncoder, public FilterBase { public: ~EncoderFilter() override = default; /** * Called by the connection manager once to initialize the filter encoder callbacks that the * filter should use. Callbacks will not be invoked by the filter after onDestroy() is called. */ virtual void setEncoderFilterCallbacks(EncoderFilterCallbacks& callbacks) PURE; }; using EncoderFilterSharedPtr = std::shared_ptr; /** * A filter that handles both encoding and decoding. */ class CodecFilter : public virtual DecoderFilter, public virtual EncoderFilter {}; using CodecFilterSharedPtr = std::shared_ptr; /** * These callbacks are provided by the connection manager to the factory so that the factory can * build the filter chain in an application specific way. */ class FilterChainFactoryCallbacks { public: virtual ~FilterChainFactoryCallbacks() = default; /** * Add a decoder filter that is used when reading connection data. * @param filter supplies the filter to add. */ virtual void addDecoderFilter(DecoderFilterSharedPtr filter) PURE; /** * Add a encoder filter that is used when writing connection data. * @param filter supplies the filter to add. */ virtual void addEncoderFilter(EncoderFilterSharedPtr filter) PURE; /** * Add a decoder/encoder filter that is used both when reading and writing connection data. * @param filter supplies the filter to add. */ virtual void addFilter(CodecFilterSharedPtr filter) PURE; }; /** * This function is used to wrap the creation of a Dubbo filter chain for new connections as they * come in. Filter factories create the function at configuration initialization time, and then * they are used at runtime. * @param callbacks supplies the callbacks for the stream to install filters to. Typically the * function will install a single filter, but it's technically possibly to install more than one * if desired. */ using FilterFactoryCb = std::function; /** * A FilterChainFactory is used by a connection manager to create a Dubbo level filter chain when * a new connection is created. Typically it would be implemented by a configuration engine that * would install a set of filters that are able to process an application scenario on top of a * stream of Dubbo requests. */ class FilterChainFactory { public: virtual ~FilterChainFactory() = default; /** * Called when a new Dubbo stream is created on the connection. * @param callbacks supplies the "sink" that is used for actually creating the filter chain. @see * FilterChainFactoryCallbacks. */ virtual void createFilterChain(FilterChainFactoryCallbacks& callbacks) PURE; }; } // namespace DubboFilters } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/filters/filter_config.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" #include "common/common/macros.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace DubboFilters { /** * Implemented by each Dubbo filter and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedDubboFilterConfigFactory : public Envoy::Config::TypedFactory { public: ~NamedDubboFilterConfigFactory() override = default; /** * Create a particular dubbo filter factory implementation. If the implementation is unable to * produce a factory with the provided parameters, it should throw an EnvoyException in the case * of general error. The returned callback should always be initialized. * @param config supplies the configuration for the filter * @param stat_prefix prefix for stat logging * @param context supplies the filter's context. * @return FilterFactoryCb the factory creation function. */ virtual DubboFilters::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) PURE; std::string category() const override { return "envoy.dubbo_proxy.filters"; } }; } // namespace DubboFilters } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/filters/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace DubboFilters { /** * Well-known Dubbo filter names. * NOTE: New filters should use the well known name: envoy.filters.dubbo.name. */ class DubboFilterNameValues { public: // Router filter const std::string ROUTER = "envoy.filters.dubbo.router"; }; using DubboFilterNames = ConstSingleton; } // namespace DubboFilters } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/heartbeat_response.cc ================================================ #include "extensions/filters/network/dubbo_proxy/heartbeat_response.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { DubboFilters::DirectResponse::ResponseType HeartbeatResponse::encode(MessageMetadata& metadata, DubboProxy::Protocol& protocol, Buffer::Instance& buffer) const { ASSERT(metadata.responseStatus() == ResponseStatus::Ok); ASSERT(metadata.messageType() == MessageType::HeartbeatResponse); if (!protocol.encode(buffer, metadata, "")) { throw EnvoyException("failed to encode heartbeat message"); } ENVOY_LOG(debug, "buffer length {}", buffer.length()); return DirectResponse::ResponseType::SuccessReply; } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/heartbeat_response.h ================================================ #pragma once #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/protocol.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { struct HeartbeatResponse : public DubboFilters::DirectResponse, Logger::Loggable { HeartbeatResponse() = default; ~HeartbeatResponse() override = default; using ResponseType = DubboFilters::DirectResponse::ResponseType; ResponseType encode(MessageMetadata& metadata, Protocol& protocol, Buffer::Instance& buffer) const override; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/hessian_utils.cc ================================================ #include "extensions/filters/network/dubbo_proxy/hessian_utils.h" #include #include "common/common/assert.h" #include "common/common/fmt.h" #include "extensions/filters/network/dubbo_proxy/buffer_helper.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace { template typename std::enable_if::value, T>::type leftShift(T left, uint16_t bit_number) { if (left < 0) { left = -left; return -1 * (left << bit_number); } return left << bit_number; } inline void addByte(Buffer::Instance& buffer, const uint8_t value) { buffer.add(&value, 1); } void addSeq(Buffer::Instance& buffer, const std::initializer_list& values) { for (const uint8_t& value : values) { buffer.add(&value, 1); } } size_t doWriteString(Buffer::Instance& instance, absl::string_view str_view) { const size_t length = str_view.length(); constexpr size_t str_max_length = 0xffff; constexpr size_t two_octet_max_lenth = 1024; if (length < 32) { addByte(instance, static_cast(length)); instance.add(str_view.data(), str_view.length()); return length + sizeof(uint8_t); } if (length < two_octet_max_lenth) { const uint8_t code = length >> 8; // 0x30 + length / 0x100 must less than 0x34 const uint8_t remain = length & 0xff; std::initializer_list values{static_cast(0x30 + code), remain}; addSeq(instance, values); instance.add(str_view.data(), str_view.length()); return length + values.size(); } if (length <= str_max_length) { const uint8_t code = length >> 8; const uint8_t remain = length & 0xff; std::initializer_list values{'S', code, remain}; addSeq(instance, values); instance.add(str_view.data(), str_view.length()); return length + values.size(); } std::initializer_list values{0x52, 0xff, 0xff}; addSeq(instance, values); instance.add(str_view.data(), str_max_length); const size_t size = str_max_length + values.size(); ASSERT(size == (str_max_length + values.size())); const size_t child_size = doWriteString(instance, str_view.substr(str_max_length, length - str_max_length)); return child_size + size; } } // namespace /* * Reference: * https://cs.chromium.org/chromium/src/base/strings/string_util.h?q=WriteInto&sq=package:chromium&dr=CSs&l=426 */ char* allocStringBuffer(std::string* str, size_t length) { str->reserve(length); str->resize(length - 1); return &((*str)[0]); } std::string HessianUtils::peekString(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); const uint8_t code = buffer.peekInt(offset); size_t delta_length = 0; std::string result; switch (code) { case 0x00: case 0x01: case 0x02: case 0x03: case 0x04: case 0x05: case 0x06: case 0x07: case 0x08: case 0x09: case 0x0a: case 0x0b: case 0x0c: case 0x0d: case 0x0e: case 0x0f: case 0x10: case 0x11: case 0x12: case 0x13: case 0x14: case 0x15: case 0x16: case 0x17: case 0x18: case 0x19: case 0x1a: case 0x1b: case 0x1c: case 0x1d: case 0x1e: case 0x1f: delta_length = code - 0x00; if (delta_length + 1 + offset > buffer.length()) { throw EnvoyException("buffer underflow"); } buffer.copyOut(offset + 1, delta_length, allocStringBuffer(&result, delta_length + 1)); *size = delta_length + 1; return result; case 0x30: case 0x31: case 0x32: case 0x33: if (offset + 2 > buffer.length()) { throw EnvoyException("buffer underflow"); } delta_length = (code - 0x30) * 256 + buffer.peekInt(offset + 1); if (delta_length + 2 + offset > buffer.length()) { throw EnvoyException("buffer underflow"); } buffer.copyOut(offset + 2, delta_length, allocStringBuffer(&result, delta_length + 1)); *size = delta_length + 2; return result; case 0x53: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } delta_length = buffer.peekBEInt(offset + 1); if (delta_length + 3 + offset > buffer.length()) { throw EnvoyException("buffer underflow"); } buffer.copyOut(offset + 3, delta_length, allocStringBuffer(&result, delta_length + 1)); *size = delta_length + 3; return result; case 0x52: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } delta_length = buffer.peekBEInt(offset + 1); buffer.copyOut(offset + 3, delta_length, allocStringBuffer(&result, delta_length + 1)); size_t next_size = 0; result.append(peekString(buffer, &next_size, delta_length + 3 + offset)); *size = next_size + delta_length + 3; return result; } throw EnvoyException(absl::StrCat("hessian type is not string ", code)); } std::string HessianUtils::readString(Buffer::Instance& buffer) { size_t size; std::string result(peekString(buffer, &size)); buffer.drain(size); return result; } long HessianUtils::peekLong(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); long result; uint8_t code = buffer.peekInt(offset); switch (code) { case 0xd8: case 0xd9: case 0xda: case 0xdb: case 0xdc: case 0xdd: case 0xde: case 0xdf: case 0xe0: case 0xe1: case 0xe2: case 0xe3: case 0xe4: case 0xe5: case 0xe6: case 0xe7: case 0xe8: case 0xe9: case 0xea: case 0xee: case 0xef: result = code - 0xe0; *size = 1; return result; case 0xf0: case 0xf1: case 0xf2: case 0xf3: case 0xf4: case 0xf5: case 0xf6: case 0xf7: case 0xf8: case 0xf9: case 0xfa: case 0xfb: case 0xfe: case 0xff: if (offset + 2 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = leftShift(code - 0xf8, 8) + buffer.peekInt(offset + 1); *size = 2; return result; case 0x38: case 0x39: case 0x3a: case 0x3b: case 0x3c: case 0x3d: case 0x3e: case 0x3f: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = leftShift(code - 0x3c, 16) + (buffer.peekInt(offset + 1) << 8) + buffer.peekInt(offset + 2); *size = 3; return result; case 0x59: if (offset + 5 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = buffer.peekBEInt(offset + 1); *size = 5; return result; case 0x4c: if (offset + 9 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = buffer.peekBEInt(offset + 1); *size = 9; return result; } throw EnvoyException(absl::StrCat("hessian type is not long ", code)); } long HessianUtils::readLong(Buffer::Instance& buffer) { size_t size; const long result = peekLong(buffer, &size); buffer.drain(size); return result; } bool HessianUtils::peekBool(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); bool result; const uint8_t code = buffer.peekInt(offset); if (code == 0x46) { result = false; *size = 1; return result; } if (code == 0x54) { result = true; *size = 1; return result; } throw EnvoyException(absl::StrCat("hessian type is not bool ", code)); } bool HessianUtils::readBool(Buffer::Instance& buffer) { size_t size; bool result(peekBool(buffer, &size)); buffer.drain(size); return result; } int HessianUtils::peekInt(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); const uint8_t code = buffer.peekInt(offset); int result; // Compact int if (code >= 0x80 && code <= 0xbf) { result = (code - 0x90); *size = 1; return result; } switch (code) { case 0xc0: case 0xc1: case 0xc2: case 0xc3: case 0xc4: case 0xc5: case 0xc6: case 0xc7: case 0xc8: case 0xc9: case 0xca: case 0xcb: case 0xcd: case 0xce: case 0xcf: if (offset + 2 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = leftShift(code - 0xc8, 8) + buffer.peekInt(offset + 1); *size = 2; return result; case 0xd0: case 0xd1: case 0xd2: case 0xd3: case 0xd4: case 0xd5: case 0xd6: case 0xd7: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = leftShift(code - 0xd4, 16) + (buffer.peekInt(offset + 1) << 8) + buffer.peekInt(offset + 2); *size = 3; return result; case 0x49: if (offset + 5 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = buffer.peekBEInt(offset + 1); *size = 5; return result; } throw EnvoyException(absl::StrCat("hessian type is not int ", code)); } int HessianUtils::readInt(Buffer::Instance& buffer) { size_t size; int result(peekInt(buffer, &size)); buffer.drain(size); return result; } double HessianUtils::peekDouble(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); double result; uint8_t code = buffer.peekInt(offset); switch (code) { case 0x5b: result = 0.0; *size = 1; return result; case 0x5c: result = 1.0; *size = 1; return result; case 0x5d: if (offset + 2 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = static_cast(buffer.peekInt(offset + 1)); *size = 2; return result; case 0x5e: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = static_cast(256 * buffer.peekInt(offset + 1) + buffer.peekInt(offset + 2)); *size = 3; return result; case 0x5f: if (offset + 5 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = BufferHelper::peekFloat(buffer, offset + 1); *size = 5; return result; case 0x44: if (offset + 9 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = BufferHelper::peekDouble(buffer, offset + 1); *size = 9; return result; } throw EnvoyException(absl::StrCat("hessian type is not double ", code)); } double HessianUtils::readDouble(Buffer::Instance& buffer) { size_t size; double result(peekDouble(buffer, &size)); buffer.drain(size); return result; } void HessianUtils::peekNull(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); uint8_t code = buffer.peekInt(offset); if (code == 0x4e) { *size = 1; return; } throw EnvoyException(absl::StrCat("hessian type is not null ", code)); } void HessianUtils::readNull(Buffer::Instance& buffer) { size_t size; peekNull(buffer, &size); buffer.drain(size); } std::chrono::milliseconds HessianUtils::peekDate(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); std::chrono::milliseconds result; uint8_t code = buffer.peekInt(offset); switch (code) { case 0x4b: if (offset + 5 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = std::chrono::minutes(buffer.peekBEInt(offset + 1)); *size = 5; return result; case 0x4a: if (offset + 9 > buffer.length()) { throw EnvoyException("buffer underflow"); } result = std::chrono::milliseconds(buffer.peekBEInt(offset + 1)); *size = 9; return result; } throw EnvoyException(absl::StrCat("hessian type is not date ", code)); } std::chrono::milliseconds HessianUtils::readDate(Buffer::Instance& buffer) { size_t size; std::chrono::milliseconds result; result = peekDate(buffer, &size); buffer.drain(size); return result; } std::string HessianUtils::peekByte(Buffer::Instance& buffer, size_t* size, uint64_t offset) { ASSERT(buffer.length() > offset); std::string result; uint8_t code = buffer.peekInt(offset); size_t delta_length = 0; switch (code) { case 0x20: case 0x21: case 0x22: case 0x23: case 0x24: case 0x25: case 0x26: case 0x27: case 0x28: case 0x29: case 0x2a: case 0x2b: case 0x2c: case 0x2d: case 0x2e: case 0x2f: delta_length = code - 0x20; if (delta_length + 1 + offset > buffer.length()) { throw EnvoyException("buffer underflow"); } buffer.copyOut(offset + 1, delta_length, allocStringBuffer(&result, delta_length + 1)); *size = delta_length + 1; return result; case 0x42: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } delta_length = buffer.peekBEInt(offset + 1); if (delta_length + 3 + offset > buffer.length()) { throw EnvoyException("buffer underflow"); } buffer.copyOut(offset + 3, delta_length, allocStringBuffer(&result, delta_length + 1)); *size = delta_length + 3; return result; case 0x41: if (offset + 3 > buffer.length()) { throw EnvoyException("buffer underflow"); } delta_length = buffer.peekBEInt(offset + 1); buffer.copyOut(offset + 3, delta_length, allocStringBuffer(&result, delta_length + 1)); size_t next_size; result.append(peekByte(buffer, &next_size, delta_length + 3 + offset)); *size = delta_length + 3 + next_size; return result; } throw EnvoyException(absl::StrCat("hessian type is not byte ", code)); } std::string HessianUtils::readByte(Buffer::Instance& buffer) { size_t size; std::string result(peekByte(buffer, &size)); buffer.drain(size); return result; } size_t HessianUtils::writeString(Buffer::Instance& buffer, absl::string_view str) { return doWriteString(buffer, str); } size_t HessianUtils::writeInt(Buffer::Instance& buffer, uint8_t value) { // Compact int buffer.writeByte(0x90 + value); return sizeof(uint8_t); } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/hessian_utils.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /* * Hessian deserialization * See http://hessian.caucho.com/doc/hessian-serialization.html */ class HessianUtils { public: static std::string peekString(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static long peekLong(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static bool peekBool(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static int peekInt(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static double peekDouble(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static void peekNull(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static std::chrono::milliseconds peekDate(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static std::string peekByte(Buffer::Instance& buffer, size_t* size, uint64_t offset = 0); static std::string readString(Buffer::Instance& buffer); static long readLong(Buffer::Instance& buffer); static bool readBool(Buffer::Instance& buffer); static int readInt(Buffer::Instance& buffer); static double readDouble(Buffer::Instance& buffer); static void readNull(Buffer::Instance& buffer); static std::chrono::milliseconds readDate(Buffer::Instance& buffer); static std::string readByte(Buffer::Instance& buffer); static size_t writeString(Buffer::Instance& buffer, absl::string_view str); static size_t writeInt(Buffer::Instance& buffer, uint8_t value); }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/message.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "common/buffer/buffer_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * Stream reset reasons. */ enum class StreamResetReason : uint8_t { // If a local codec level reset was sent on the stream. LocalReset, // If a local codec level refused stream reset was sent on the stream (allowing for retry). LocalRefusedStreamReset, // If a remote codec level reset was received on the stream. RemoteReset, // If a remote codec level refused stream reset was received on the stream (allowing for retry). RemoteRefusedStreamReset, // If the stream was locally reset by a connection pool due to an initial connection failure. ConnectionFailure, // If the stream was locally reset due to connection termination. ConnectionTermination, // The stream was reset because of a resource overflow. Overflow }; // Supported protocol type enum class ProtocolType : uint8_t { Dubbo = 1, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST PROTOCOL TYPE LastProtocolType = Dubbo, }; // Supported serialization type enum class SerializationType : uint8_t { Hessian2 = 2, }; // Message Type enum class MessageType : uint8_t { Response = 0, Request = 1, Oneway = 2, Exception = 3, HeartbeatRequest = 4, HeartbeatResponse = 5, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST MESSAGE TYPE LastMessageType = HeartbeatResponse, }; /** * Dubbo protocol response status types. * See org.apache.dubbo.remoting.exchange */ enum class ResponseStatus : uint8_t { Ok = 20, ClientTimeout = 30, ServerTimeout = 31, BadRequest = 40, BadResponse = 50, ServiceNotFound = 60, ServiceError = 70, ServerError = 80, ClientError = 90, ServerThreadpoolExhaustedError = 100, }; enum class RpcResponseType : uint8_t { ResponseWithException = 0, ResponseWithValue = 1, ResponseWithNullValue = 2, ResponseWithExceptionWithAttachments = 3, ResponseValueWithAttachments = 4, ResponseNullValueWithAttachments = 5, }; class Context { public: using AttachmentMap = absl::node_hash_map; bool hasAttachments() const { return !attachments_.empty(); } const AttachmentMap& attachments() const { return attachments_; } Buffer::Instance& messageOriginData() { return message_origin_buffer_; } size_t messageSize() const { return headerSize() + bodySize(); } virtual size_t bodySize() const PURE; virtual size_t headerSize() const PURE; protected: Context() = default; virtual ~Context() { attachments_.clear(); } AttachmentMap attachments_; Buffer::OwnedImpl message_origin_buffer_; }; using ContextSharedPtr = std::shared_ptr; /** * RpcInvocation represent an rpc call * See * https://github.com/apache/incubator-dubbo/blob/master/dubbo-rpc/dubbo-rpc-api/src/main/java/org/apache/dubbo/rpc/RpcInvocation.java */ class RpcInvocation { public: virtual ~RpcInvocation() = default; virtual const std::string& serviceName() const PURE; virtual const std::string& methodName() const PURE; virtual const absl::optional& serviceVersion() const PURE; virtual const absl::optional& serviceGroup() const PURE; }; using RpcInvocationSharedPtr = std::shared_ptr; /** * RpcResult represent the result of an rpc call * See * https://github.com/apache/incubator-dubbo/blob/master/dubbo-rpc/dubbo-rpc-api/src/main/java/org/apache/dubbo/rpc/RpcResult.java */ class RpcResult { public: virtual ~RpcResult() = default; virtual bool hasException() const PURE; }; using RpcResultSharedPtr = std::shared_ptr; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/message_impl.h ================================================ #pragma once #include "extensions/filters/network/dubbo_proxy/message.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class ContextBase : public Context { public: ContextBase() = default; ~ContextBase() override = default; // Override from Context size_t bodySize() const override { return body_size_; } size_t headerSize() const override { return header_size_; } void setBodySize(size_t size) { body_size_ = size; } void setHeaderSize(size_t size) { header_size_ = size; } protected: size_t body_size_{0}; size_t header_size_{0}; }; class ContextImpl : public ContextBase { public: ContextImpl() = default; ~ContextImpl() override = default; bool isHeartbeat() const { return is_heartbeat_; } void setHeartbeat(bool is_heartbeat) { is_heartbeat_ = is_heartbeat; } private: bool is_heartbeat_{false}; }; class RpcInvocationBase : public RpcInvocation { public: ~RpcInvocationBase() override = default; void setServiceName(const std::string& name) { service_name_ = name; } const std::string& serviceName() const override { return service_name_; } void setMethodName(const std::string& name) { method_name_ = name; } const std::string& methodName() const override { return method_name_; } void setServiceVersion(const std::string& version) { service_version_ = version; } const absl::optional& serviceVersion() const override { return service_version_; } void setServiceGroup(const std::string& group) { group_ = group; } const absl::optional& serviceGroup() const override { return group_; } protected: std::string service_name_; std::string method_name_; absl::optional service_version_; absl::optional group_; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/metadata.h ================================================ #pragma once #include #include #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/http/header_map_impl.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class MessageMetadata { public: void setInvocationInfo(RpcInvocationSharedPtr invocation_info) { invocation_info_ = invocation_info; } bool hasInvocationInfo() const { return invocation_info_ != nullptr; } const RpcInvocation& invocationInfo() const { return *invocation_info_; } void setProtocolType(ProtocolType type) { proto_type_ = type; } ProtocolType protocolType() const { return proto_type_; } void setProtocolVersion(uint8_t version) { protocol_version_ = version; } uint8_t protocolVersion() const { return protocol_version_; } void setMessageType(MessageType type) { message_type_ = type; } MessageType messageType() const { return message_type_; } void setRequestId(int64_t id) { request_id_ = id; } int64_t requestId() const { return request_id_; } void setTimeout(uint32_t timeout) { timeout_ = timeout; } absl::optional timeout() const { return timeout_; } void setTwoWayFlag(bool two_way) { is_two_way_ = two_way; } bool isTwoWay() const { return is_two_way_; } template void setSerializationType(T type) { ASSERT((std::is_same::type>::value)); serialization_type_ = static_cast(type); } template T serializationType() const { ASSERT((std::is_same::type>::value)); return static_cast(serialization_type_); } template void setResponseStatus(T status) { ASSERT((std::is_same::type>::value)); response_status_ = static_cast(status); } template T responseStatus() const { ASSERT((std::is_same::type>::value)); return static_cast(response_status_.value()); } bool hasResponseStatus() const { return response_status_.has_value(); } private: bool is_two_way_{false}; MessageType message_type_{MessageType::Request}; ProtocolType proto_type_{ProtocolType::Dubbo}; absl::optional response_status_; absl::optional timeout_; RpcInvocationSharedPtr invocation_info_; uint8_t serialization_type_{static_cast(SerializationType::Hessian2)}; uint8_t protocol_version_{1}; int64_t request_id_ = 0; }; using MessageMetadataSharedPtr = std::shared_ptr; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/protocol.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/config/typed_config.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * See https://dubbo.incubator.apache.org/en-us/docs/dev/implementation.html */ class Protocol { public: virtual ~Protocol() = default; Protocol() = default; /** * @return Initializes the serializer used by the protocol codec */ void initSerializer(SerializationType type) { serializer_ = NamedSerializerConfigFactory::getFactory(this->type(), type).createSerializer(); } /** * @return Serializer the protocol Serializer */ virtual Serializer* serializer() const { return serializer_.get(); } virtual const std::string& name() const PURE; /** * @return ProtocolType the protocol type */ virtual ProtocolType type() const PURE; /* * decodes the dubbo protocol message header. * * @param buffer the currently buffered dubbo data. * @param metadata the meta data of current messages * @return ContextSharedPtr save the context data of current messages, * nullptr if more data is required. * bool true if a complete message was successfully consumed, false if more data * is required. * @throws EnvoyException if the data is not valid for this protocol. */ virtual std::pair decodeHeader(Buffer::Instance& buffer, MessageMetadataSharedPtr metadata) PURE; /* * decodes the dubbo protocol message body, potentially invoking callbacks. * If successful, the message is removed from the buffer. * * @param buffer the currently buffered dubbo data. * @param context save the meta data of current messages. * @param metadata the meta data of current messages * @return bool true if a complete message was successfully consumed, false if more data * is required. * @throws EnvoyException if the data is not valid for this protocol. */ virtual bool decodeData(Buffer::Instance& buffer, ContextSharedPtr context, MessageMetadataSharedPtr metadata) PURE; /* * encodes the dubbo protocol message. * * @param buffer save the currently buffered dubbo data. * @param metadata the meta data of dubbo protocol * @param content the body of dubbo protocol message * @param type the type of dubbo protocol response message * @return bool true if the protocol coding succeeds. */ virtual bool encode(Buffer::Instance& buffer, const MessageMetadata& metadata, const std::string& content, RpcResponseType type = RpcResponseType::ResponseWithValue) PURE; protected: SerializerPtr serializer_; }; using ProtocolPtr = std::unique_ptr; /** * Implemented by each Dubbo protocol and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedProtocolConfigFactory : public Config::UntypedFactory { public: ~NamedProtocolConfigFactory() override = default; /** * Create a particular Dubbo protocol. * @param serialization_type the serialization type of the protocol body. * @return protocol instance pointer. */ virtual ProtocolPtr createProtocol(SerializationType serialization_type) PURE; std::string category() const override { return "envoy.dubbo_proxy.protocols"; } /** * Convenience method to lookup a factory by type. * @param ProtocolType the protocol type. * @return NamedProtocolConfigFactory& for the ProtocolType. */ static NamedProtocolConfigFactory& getFactory(ProtocolType type) { const std::string& name = ProtocolNames::get().fromType(type); return Envoy::Config::Utility::getAndCheckFactoryByName(name); } }; /** * ProtocolFactoryBase provides a template for a trivial NamedProtocolConfigFactory. */ template class ProtocolFactoryBase : public NamedProtocolConfigFactory { public: ProtocolPtr createProtocol(SerializationType serialization_type) override { auto protocol = std::make_unique(); protocol->initSerializer(serialization_type); return protocol; } std::string name() const override { return name_; } protected: ProtocolFactoryBase(ProtocolType type) : name_(ProtocolNames::get().fromType(type)) {} private: const std::string name_; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/protocol_constants.h ================================================ #pragma once #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * Names of available Protocol implementations. */ class ProtocolNameValues { public: struct ProtocolTypeHash { template std::size_t operator()(T t) const { return static_cast(t); } }; using ProtocolTypeNameMap = absl::node_hash_map; const ProtocolTypeNameMap protocolTypeNameMap = { {ProtocolType::Dubbo, "dubbo"}, }; const std::string& fromType(ProtocolType type) const { const auto& itor = protocolTypeNameMap.find(type); ASSERT(itor != protocolTypeNameMap.end()); return itor->second; } }; using ProtocolNames = ConstSingleton; /** * Names of available serializer implementations. */ class SerializerNameValues { public: struct SerializationTypeHash { template std::size_t operator()(T t) const { return static_cast(t); } }; using SerializerTypeNameMap = absl::node_hash_map; const SerializerTypeNameMap serializerTypeNameMap = { {SerializationType::Hessian2, "hessian2"}, }; const std::string& fromType(SerializationType type) const { const auto& itor = serializerTypeNameMap.find(type); ASSERT(itor != serializerTypeNameMap.end()); return itor->second; } }; using SerializerNames = ConstSingleton; class ProtocolSerializerNameValues { public: inline uint8_t generateKey(ProtocolType protocol_type, SerializationType serialization_type) const { return static_cast(serialization_type) ^ static_cast(protocol_type); } inline std::string generateValue(ProtocolType protocol_type, SerializationType serialization_type) const { return fmt::format("{}.{}", ProtocolNames::get().fromType(protocol_type), SerializerNames::get().fromType(serialization_type)); } #define GENERATE_PAIR(X, Y) generateKey(X, Y), generateValue(X, Y) using ProtocolSerializerTypeNameMap = absl::node_hash_map; const ProtocolSerializerTypeNameMap protocolSerializerTypeNameMap = { {GENERATE_PAIR(ProtocolType::Dubbo, SerializationType::Hessian2)}, }; const std::string& fromType(ProtocolType protocol_type, SerializationType type) const { const auto& itor = protocolSerializerTypeNameMap.find(generateKey(protocol_type, type)); ASSERT(itor != protocolSerializerTypeNameMap.end()); return itor->second; } }; using ProtocolSerializerNames = ConstSingleton; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "router_interface", hdrs = ["router.h"], deps = [ "//include/envoy/router:router_interface", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", ], ) envoy_cc_library( name = "route_matcher_interface", hdrs = ["route.h"], deps = [ ":router_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "route_matcher", srcs = ["route_matcher.cc"], hdrs = ["route_matcher.h"], deps = [ ":route_matcher_interface", ":router_interface", "//include/envoy/router:router_interface", "//source/common/common:logger_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", "//source/extensions/filters/network/dubbo_proxy:serializer_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], deps = [ ":router_lib", "//include/envoy/registry", "//source/extensions/filters/network/dubbo_proxy/filters:factory_base_lib", "//source/extensions/filters/network/dubbo_proxy/filters:filter_config_interface", "//source/extensions/filters/network/dubbo_proxy/filters:well_known_names", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_lib", srcs = ["router_impl.cc"], hdrs = ["router_impl.h"], deps = [ ":router_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:load_balancer_interface", "//include/envoy/upstream:thread_local_cluster_interface", "//source/common/common:logger_lib", "//source/common/http:header_utility_lib", "//source/common/router:metadatamatchcriteria_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/filters/network/dubbo_proxy:app_exception_lib", "//source/extensions/filters/network/dubbo_proxy:protocol_interface", "//source/extensions/filters/network/dubbo_proxy:serializer_interface", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", ], ) ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/config.cc ================================================ #include "extensions/filters/network/dubbo_proxy/router/config.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/network/dubbo_proxy/router/router_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { DubboFilters::FilterFactoryCb RouterFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::dubbo_proxy::router::v3::Router&, const std::string&, Server::Configuration::FactoryContext& context) { return [&context](DubboFilters::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addDecoderFilter(std::make_shared(context.clusterManager())); }; } /** * Static registration for the router filter. @see RegisterFactory. */ REGISTER_FACTORY(RouterFilterConfig, DubboFilters::NamedDubboFilterConfigFactory); } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.validate.h" #include "extensions/filters/network/dubbo_proxy/filters/factory_base.h" #include "extensions/filters/network/dubbo_proxy/filters/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { class RouterFilterConfig : public DubboFilters::FactoryBase< envoy::extensions::filters::network::dubbo_proxy::router::v3::Router> { public: RouterFilterConfig() : FactoryBase(DubboFilters::DubboFilterNames::get().ROUTER) {} private: DubboFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::dubbo_proxy::router::v3::Router& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/route.h ================================================ #pragma once #include #include #include "envoy/config/typed_config.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" #include "envoy/router/router.h" #include "envoy/server/filter_config.h" #include "common/config/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { using RouteConfigurations = Protobuf::RepeatedPtrField< envoy::extensions::filters::network::dubbo_proxy::v3::RouteConfiguration>; enum class RouteMatcherType : uint8_t { Default, }; /** * Names of available Protocol implementations. */ class RouteMatcherNameValues { public: struct RouteMatcherTypeHash { template std::size_t operator()(T t) const { return static_cast(t); } }; using RouteMatcherNameMap = absl::node_hash_map; const RouteMatcherNameMap routeMatcherNameMap = { {RouteMatcherType::Default, "default"}, }; const std::string& fromType(RouteMatcherType type) const { const auto& itor = routeMatcherNameMap.find(type); ASSERT(itor != routeMatcherNameMap.end()); return itor->second; } }; using RouteMatcherNames = ConstSingleton; class RouteMatcher { public: virtual ~RouteMatcher() = default; virtual RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const PURE; }; using RouteMatcherPtr = std::unique_ptr; using RouteMatcherConstSharedPtr = std::shared_ptr; /** * Implemented by each Dubbo protocol and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedRouteMatcherConfigFactory : public Envoy::Config::UntypedFactory { public: ~NamedRouteMatcherConfigFactory() override = default; /** * Create a particular Dubbo protocol. * @param serialization_type the serialization type of the protocol body. * @return protocol instance pointer. */ virtual RouteMatcherPtr createRouteMatcher(const RouteConfigurations& route_configs, Server::Configuration::FactoryContext& context) PURE; std::string category() const override { return "envoy.dubbo_proxy.route_matchers"; } /** * Convenience method to lookup a factory by type. * @param RouteMatcherType the protocol type. * @return NamedRouteMatcherConfigFactory& for the RouteMatcherType. */ static NamedRouteMatcherConfigFactory& getFactory(RouteMatcherType type) { const std::string& name = RouteMatcherNames::get().fromType(type); return Envoy::Config::Utility::getAndCheckFactoryByName(name); } }; /** * RouteMatcherFactoryBase provides a template for a trivial NamedProtocolConfigFactory. */ template class RouteMatcherFactoryBase : public NamedRouteMatcherConfigFactory { public: RouteMatcherPtr createRouteMatcher(const RouteConfigurations& route_configs, Server::Configuration::FactoryContext& context) override { return std::make_unique(route_configs, context); } std::string name() const override { return name_; } protected: RouteMatcherFactoryBase(RouteMatcherType type) : name_(RouteMatcherNames::get().fromType(type)) {} private: const std::string name_; }; } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/route_matcher.cc ================================================ #include "extensions/filters/network/dubbo_proxy/router/route_matcher.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" #include "common/protobuf/utility.h" #include "extensions/filters/network/dubbo_proxy/serializer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { RouteEntryImplBase::RouteEntryImplBase( const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route) : cluster_name_(route.route().cluster()), config_headers_(Http::HeaderUtility::buildHeaderDataVector(route.match().headers())) { if (route.route().cluster_specifier_case() == envoy::extensions::filters::network::dubbo_proxy::v3::RouteAction::ClusterSpecifierCase:: kWeightedClusters) { total_cluster_weight_ = 0UL; for (const auto& cluster : route.route().weighted_clusters().clusters()) { weighted_clusters_.emplace_back(std::make_shared(*this, cluster)); total_cluster_weight_ += weighted_clusters_.back()->clusterWeight(); } ENVOY_LOG(debug, "dubbo route matcher: weighted_clusters_size {}", weighted_clusters_.size()); } } const std::string& RouteEntryImplBase::clusterName() const { return cluster_name_; } const RouteEntry* RouteEntryImplBase::routeEntry() const { return this; } RouteConstSharedPtr RouteEntryImplBase::clusterEntry(uint64_t random_value) const { if (weighted_clusters_.empty()) { ENVOY_LOG(debug, "dubbo route matcher: weighted_clusters_size {}", weighted_clusters_.size()); return shared_from_this(); } return WeightedClusterUtil::pickCluster(weighted_clusters_, total_cluster_weight_, random_value, false); } bool RouteEntryImplBase::headersMatch(const Http::HeaderMap& headers) const { ENVOY_LOG(debug, "dubbo route matcher: headers size {}, metadata headers size {}", config_headers_.size(), headers.size()); return Http::HeaderUtility::matchHeaders(headers, config_headers_); } RouteEntryImplBase::WeightedClusterEntry::WeightedClusterEntry(const RouteEntryImplBase& parent, const WeightedCluster& cluster) : parent_(parent), cluster_name_(cluster.name()), cluster_weight_(PROTOBUF_GET_WRAPPED_REQUIRED(cluster, weight)) {} ParameterRouteEntryImpl::ParameterRouteEntryImpl( const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route) : RouteEntryImplBase(route) { for (auto& config : route.match().method().params_match()) { parameter_data_list_.emplace_back(config.first, config.second); } } ParameterRouteEntryImpl::~ParameterRouteEntryImpl() = default; bool ParameterRouteEntryImpl::matchParameter(absl::string_view request_data, const ParameterData& config_data) const { switch (config_data.match_type_) { case Http::HeaderUtility::HeaderMatchType::Value: return config_data.value_.empty() || request_data == config_data.value_; case Http::HeaderUtility::HeaderMatchType::Range: { int64_t value = 0; return absl::SimpleAtoi(request_data, &value) && value >= config_data.range_.start() && value < config_data.range_.end(); } default: NOT_REACHED_GCOVR_EXCL_LINE; } } RouteConstSharedPtr ParameterRouteEntryImpl::matches(const MessageMetadata& metadata, uint64_t random_value) const { ASSERT(metadata.hasInvocationInfo()); const auto invocation = dynamic_cast(&metadata.invocationInfo()); ASSERT(invocation); if (!invocation->hasParameters()) { return nullptr; } ENVOY_LOG(debug, "dubbo route matcher: parameter name match"); for (auto& config_data : parameter_data_list_) { const std::string& data = invocation->getParameterValue(config_data.index_); if (data.empty()) { ENVOY_LOG(debug, "dubbo route matcher: parameter matching failed, there are no parameters in the " "user request, index '{}'", config_data.index_); return nullptr; } if (!matchParameter(data, config_data)) { ENVOY_LOG(debug, "dubbo route matcher: parameter matching failed, index '{}', value '{}'", config_data.index_, data); return nullptr; } } return clusterEntry(random_value); } ParameterRouteEntryImpl::ParameterData::ParameterData(uint32_t index, const ParameterMatchSpecifier& config) { index_ = index; switch (config.parameter_match_specifier_case()) { case ParameterMatchSpecifier::kExactMatch: match_type_ = Http::HeaderUtility::HeaderMatchType::Value; value_ = config.exact_match(); break; case ParameterMatchSpecifier::kRangeMatch: match_type_ = Http::HeaderUtility::HeaderMatchType::Range; range_.set_start(config.range_match().start()); range_.set_end(config.range_match().end()); break; default: match_type_ = Http::HeaderUtility::HeaderMatchType::Value; break; } } MethodRouteEntryImpl::MethodRouteEntryImpl( const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route) : RouteEntryImplBase(route), method_name_(route.match().method().name()) { if (route.match().method().params_match_size() != 0) { parameter_route_ = std::make_shared(route); } } MethodRouteEntryImpl::~MethodRouteEntryImpl() = default; RouteConstSharedPtr MethodRouteEntryImpl::matches(const MessageMetadata& metadata, uint64_t random_value) const { ASSERT(metadata.hasInvocationInfo()); const auto invocation = dynamic_cast(&metadata.invocationInfo()); ASSERT(invocation); if (invocation->hasHeaders() && !RouteEntryImplBase::headersMatch(invocation->headers())) { ENVOY_LOG(error, "dubbo route matcher: headers not match"); return nullptr; } if (invocation->methodName().empty()) { ENVOY_LOG(error, "dubbo route matcher: there is no method name in the metadata"); return nullptr; } if (!method_name_.match(invocation->methodName())) { ENVOY_LOG(debug, "dubbo route matcher: method matching failed, input method '{}'", invocation->methodName()); return nullptr; } if (parameter_route_) { ENVOY_LOG(debug, "dubbo route matcher: parameter matching is required"); return parameter_route_->matches(metadata, random_value); } return clusterEntry(random_value); } SingleRouteMatcherImpl::SingleRouteMatcherImpl(const RouteConfig& config, Server::Configuration::FactoryContext&) : service_name_(config.interface()), group_(config.group()), version_(config.version()) { using envoy::extensions::filters::network::dubbo_proxy::v3::RouteMatch; for (const auto& route : config.routes()) { routes_.emplace_back(std::make_shared(route)); } ENVOY_LOG(debug, "dubbo route matcher: routes list size {}", routes_.size()); } RouteConstSharedPtr SingleRouteMatcherImpl::route(const MessageMetadata& metadata, uint64_t random_value) const { ASSERT(metadata.hasInvocationInfo()); const auto& invocation = metadata.invocationInfo(); if (service_name_ == invocation.serviceName() && (group_.value().empty() || (invocation.serviceGroup().has_value() && invocation.serviceGroup().value() == group_)) && (version_.value().empty() || (invocation.serviceVersion().has_value() && invocation.serviceVersion().value() == version_))) { for (const auto& route : routes_) { RouteConstSharedPtr route_entry = route->matches(metadata, random_value); if (nullptr != route_entry) { return route_entry; } } } else { ENVOY_LOG(debug, "dubbo route matcher: interface matching failed"); } return nullptr; } MultiRouteMatcher::MultiRouteMatcher(const RouteConfigList& route_config_list, Server::Configuration::FactoryContext& context) { for (const auto& route_config : route_config_list) { route_matcher_list_.emplace_back( std::make_unique(route_config, context)); } ENVOY_LOG(debug, "route matcher list size {}", route_matcher_list_.size()); } RouteConstSharedPtr MultiRouteMatcher::route(const MessageMetadata& metadata, uint64_t random_value) const { for (const auto& route_matcher : route_matcher_list_) { auto route = route_matcher->route(metadata, random_value); if (nullptr != route) { return route; } } return nullptr; } class DefaultRouteMatcherConfigFactory : public RouteMatcherFactoryBase { public: DefaultRouteMatcherConfigFactory() : RouteMatcherFactoryBase(RouteMatcherType::Default) {} }; /** * Static registration for the Dubbo protocol. @see RegisterFactory. */ REGISTER_FACTORY(DefaultRouteMatcherConfigFactory, NamedRouteMatcherConfigFactory); } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/route_matcher.h ================================================ #pragma once #include #include #include #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" #include "envoy/type/v3/range.pb.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/http/header_utility.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/router/route.h" #include "extensions/filters/network/dubbo_proxy/router/router.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { class RouteEntryImplBase : public RouteEntry, public Route, public std::enable_shared_from_this, public Logger::Loggable { public: RouteEntryImplBase(const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route); ~RouteEntryImplBase() override = default; // Router::RouteEntry const std::string& clusterName() const override; const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return metadata_match_criteria_.get(); } // Router::Route const RouteEntry* routeEntry() const override; virtual RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const PURE; protected: RouteConstSharedPtr clusterEntry(uint64_t random_value) const; bool headersMatch(const Http::HeaderMap& headers) const; private: class WeightedClusterEntry : public RouteEntry, public Route { public: using WeightedCluster = envoy::config::route::v3::WeightedCluster::ClusterWeight; WeightedClusterEntry(const RouteEntryImplBase& parent, const WeightedCluster& cluster); uint64_t clusterWeight() const { return cluster_weight_; } // Router::RouteEntry const std::string& clusterName() const override { return cluster_name_; } const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return metadata_match_criteria_ ? metadata_match_criteria_.get() : parent_.metadataMatchCriteria(); } // Router::Route const RouteEntry* routeEntry() const override { return this; } private: const RouteEntryImplBase& parent_; const std::string cluster_name_; const uint64_t cluster_weight_; Envoy::Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; }; using WeightedClusterEntrySharedPtr = std::shared_ptr; uint64_t total_cluster_weight_; const std::string cluster_name_; const std::vector config_headers_; std::vector weighted_clusters_; // TODO(gengleilei) Implement it. Envoy::Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; }; using RouteEntryImplBaseConstSharedPtr = std::shared_ptr; class ParameterRouteEntryImpl : public RouteEntryImplBase { public: ParameterRouteEntryImpl(const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route); ~ParameterRouteEntryImpl() override; struct ParameterData { using ParameterMatchSpecifier = envoy::extensions::filters::network::dubbo_proxy::v3::MethodMatch::ParameterMatchSpecifier; ParameterData(uint32_t index, const ParameterMatchSpecifier& config); Http::HeaderUtility::HeaderMatchType match_type_; std::string value_; envoy::type::v3::Int64Range range_; uint32_t index_; }; // RoutEntryImplBase RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const override; private: bool matchParameter(absl::string_view request_data, const ParameterData& config_data) const; std::vector parameter_data_list_; }; class MethodRouteEntryImpl : public RouteEntryImplBase { public: MethodRouteEntryImpl(const envoy::extensions::filters::network::dubbo_proxy::v3::Route& route); ~MethodRouteEntryImpl() override; // RoutEntryImplBase RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const override; private: const Matchers::StringMatcherImpl method_name_; std::shared_ptr parameter_route_; }; class SingleRouteMatcherImpl : public RouteMatcher, public Logger::Loggable { public: using RouteConfig = envoy::extensions::filters::network::dubbo_proxy::v3::RouteConfiguration; SingleRouteMatcherImpl(const RouteConfig& config, Server::Configuration::FactoryContext& context); RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const override; private: std::vector routes_; const std::string service_name_; const absl::optional group_; const absl::optional version_; }; class MultiRouteMatcher : public RouteMatcher, public Logger::Loggable { public: using RouteConfigList = Envoy::Protobuf::RepeatedPtrField< envoy::extensions::filters::network::dubbo_proxy::v3::RouteConfiguration>; MultiRouteMatcher(const RouteConfigList& route_config_list, Server::Configuration::FactoryContext& context); RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const override; private: std::vector route_matcher_list_; }; } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/router.h ================================================ #pragma once #include #include #include "envoy/router/router.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { /** * RouteEntry is an individual resolved route entry. */ class RouteEntry { public: virtual ~RouteEntry() = default; /** * @return const std::string& the upstream cluster that owns the route. */ virtual const std::string& clusterName() const PURE; /** * @return MetadataMatchCriteria* the metadata that a subset load balancer should match when * selecting an upstream host */ virtual const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const PURE; }; using RouteEntryPtr = std::shared_ptr; /** * Route holds the RouteEntry for a request. */ class Route { public: virtual ~Route() = default; /** * @return the route entry or nullptr if there is no matching route for the request. */ virtual const RouteEntry* routeEntry() const PURE; }; using RouteConstSharedPtr = std::shared_ptr; using RouteSharedPtr = std::shared_ptr; /** * The router configuration. */ class Config { public: virtual ~Config() = default; /** * Based on the incoming Dubbo request transport and/or protocol data, determine the target * route for the request. * @param metadata MessageMetadata for the message to route * @param random_value uint64_t used to select cluster affinity * @return the route or nullptr if there is no matching route for the request. */ virtual RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const PURE; }; using ConfigConstSharedPtr = std::shared_ptr; } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/router_impl.cc ================================================ #include "extensions/filters/network/dubbo_proxy/router/router_impl.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" #include "extensions/filters/network/dubbo_proxy/app_exception.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { void Router::onDestroy() { if (upstream_request_) { upstream_request_->resetStream(); } cleanup(); } void Router::setDecoderFilterCallbacks(DubboFilters::DecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; } FilterStatus Router::onMessageDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) { ASSERT(metadata->hasInvocationInfo()); const auto& invocation = metadata->invocationInfo(); route_ = callbacks_->route(); if (!route_) { ENVOY_STREAM_LOG(debug, "dubbo router: no cluster match for interface '{}'", *callbacks_, invocation.serviceName()); callbacks_->sendLocalReply(AppException(ResponseStatus::ServiceNotFound, fmt::format("dubbo router: no route for interface '{}'", invocation.serviceName())), false); return FilterStatus::StopIteration; } route_entry_ = route_->routeEntry(); Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(route_entry_->clusterName()); if (!cluster) { ENVOY_STREAM_LOG(debug, "dubbo router: unknown cluster '{}'", *callbacks_, route_entry_->clusterName()); callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo router: unknown cluster '{}'", route_entry_->clusterName())), false); return FilterStatus::StopIteration; } cluster_ = cluster->info(); ENVOY_STREAM_LOG(debug, "dubbo router: cluster '{}' match for interface '{}'", *callbacks_, route_entry_->clusterName(), invocation.serviceName()); if (cluster_->maintenanceMode()) { callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo router: maintenance mode for cluster '{}'", route_entry_->clusterName())), false); return FilterStatus::StopIteration; } Tcp::ConnectionPool::Instance* conn_pool = cluster_manager_.tcpConnPoolForCluster( route_entry_->clusterName(), Upstream::ResourcePriority::Default, this); if (!conn_pool) { callbacks_->sendLocalReply( AppException( ResponseStatus::ServerError, fmt::format("dubbo router: no healthy upstream for '{}'", route_entry_->clusterName())), false); return FilterStatus::StopIteration; } ENVOY_STREAM_LOG(debug, "dubbo router: decoding request", *callbacks_); upstream_request_buffer_.move(ctx->messageOriginData(), ctx->messageSize()); upstream_request_ = std::make_unique( *this, *conn_pool, metadata, callbacks_->serializationType(), callbacks_->protocolType()); return upstream_request_->start(); } void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { ASSERT(!upstream_request_->response_complete_); ENVOY_STREAM_LOG(trace, "dubbo router: reading response: {} bytes", *callbacks_, data.length()); // Handle normal response. if (!upstream_request_->response_started_) { callbacks_->startUpstreamResponse(); upstream_request_->response_started_ = true; } DubboFilters::UpstreamResponseStatus status = callbacks_->upstreamData(data); if (status == DubboFilters::UpstreamResponseStatus::Complete) { ENVOY_STREAM_LOG(debug, "dubbo router: response complete", *callbacks_); upstream_request_->onResponseComplete(); cleanup(); return; } else if (status == DubboFilters::UpstreamResponseStatus::Reset) { ENVOY_STREAM_LOG(debug, "dubbo router: upstream reset", *callbacks_); // When the upstreamData function returns Reset, // the current stream is already released from the upper layer, // so there is no need to call callbacks_->resetStream() to notify // the upper layer to release the stream. upstream_request_->resetStream(); return; } if (end_stream) { // Response is incomplete, but no more data is coming. ENVOY_STREAM_LOG(debug, "dubbo router: response underflow", *callbacks_); upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::RemoteConnectionFailure); upstream_request_->onResponseComplete(); cleanup(); } } void Router::onEvent(Network::ConnectionEvent event) { if (!upstream_request_ || upstream_request_->response_complete_) { // Client closed connection after completing response. ENVOY_LOG(debug, "dubbo upstream request: the upstream request had completed"); return; } if (upstream_request_->stream_reset_ && event == Network::ConnectionEvent::LocalClose) { ENVOY_LOG(debug, "dubbo upstream request: the stream reset"); return; } switch (event) { case Network::ConnectionEvent::RemoteClose: upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::RemoteConnectionFailure); break; case Network::ConnectionEvent::LocalClose: upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::LocalConnectionFailure); break; default: // Connected is consumed by the connection pool. NOT_REACHED_GCOVR_EXCL_LINE; } } const Network::Connection* Router::downstreamConnection() const { return callbacks_ != nullptr ? callbacks_->connection() : nullptr; } void Router::cleanup() { if (upstream_request_) { upstream_request_.reset(); } } Router::UpstreamRequest::UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, MessageMetadataSharedPtr& metadata, SerializationType serialization_type, ProtocolType protocol_type) : parent_(parent), conn_pool_(pool), metadata_(metadata), protocol_( NamedProtocolConfigFactory::getFactory(protocol_type).createProtocol(serialization_type)), request_complete_(false), response_started_(false), response_complete_(false), stream_reset_(false) {} Router::UpstreamRequest::~UpstreamRequest() = default; FilterStatus Router::UpstreamRequest::start() { Tcp::ConnectionPool::Cancellable* handle = conn_pool_.newConnection(*this); if (handle) { // Pause while we wait for a connection. conn_pool_handle_ = handle; return FilterStatus::StopIteration; } return FilterStatus::Continue; } void Router::UpstreamRequest::resetStream() { stream_reset_ = true; if (conn_pool_handle_) { ASSERT(!conn_data_); conn_pool_handle_->cancel(Tcp::ConnectionPool::CancelPolicy::Default); conn_pool_handle_ = nullptr; ENVOY_LOG(debug, "dubbo upstream request: reset connection pool handler"); } if (conn_data_) { ASSERT(!conn_pool_handle_); conn_data_->connection().close(Network::ConnectionCloseType::NoFlush); conn_data_.reset(); ENVOY_LOG(debug, "dubbo upstream request: reset connection data"); } } void Router::UpstreamRequest::encodeData(Buffer::Instance& data) { ASSERT(conn_data_); ASSERT(!conn_pool_handle_); ENVOY_STREAM_LOG(trace, "proxying {} bytes", *parent_.callbacks_, data.length()); conn_data_->connection().write(data, false); } void Router::UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) { conn_pool_handle_ = nullptr; // Mimic an upstream reset. onUpstreamHostSelected(host); onResetStream(reason); parent_.upstream_request_buffer_.drain(parent_.upstream_request_buffer_.length()); // If it is a connection error, it means that the connection pool returned // the error asynchronously and the upper layer needs to be notified to continue decoding. // If it is a non-connection error, it is returned synchronously from the connection pool // and is still in the callback at the current Filter, nothing to do. if (reason == ConnectionPool::PoolFailureReason::Timeout || reason == ConnectionPool::PoolFailureReason::LocalConnectionFailure || reason == ConnectionPool::PoolFailureReason::RemoteConnectionFailure) { parent_.callbacks_->continueDecoding(); } } void Router::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) { ENVOY_LOG(debug, "dubbo upstream request: tcp connection has ready"); // Only invoke continueDecoding if we'd previously stopped the filter chain. bool continue_decoding = conn_pool_handle_ != nullptr; onUpstreamHostSelected(host); conn_data_ = std::move(conn_data); conn_data_->addUpstreamCallbacks(parent_); conn_pool_handle_ = nullptr; onRequestStart(continue_decoding); encodeData(parent_.upstream_request_buffer_); } void Router::UpstreamRequest::onRequestStart(bool continue_decoding) { ENVOY_LOG(debug, "dubbo upstream request: start sending data to the server {}", upstream_host_->address()->asString()); if (continue_decoding) { parent_.callbacks_->continueDecoding(); } onRequestComplete(); } void Router::UpstreamRequest::onRequestComplete() { request_complete_ = true; } void Router::UpstreamRequest::onResponseComplete() { response_complete_ = true; conn_data_.reset(); } void Router::UpstreamRequest::onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) { ENVOY_LOG(debug, "dubbo upstream request: selected upstream {}", host->address()->asString()); upstream_host_ = host; } void Router::UpstreamRequest::onResetStream(ConnectionPool::PoolFailureReason reason) { if (metadata_->messageType() == MessageType::Oneway) { // For oneway requests, we should not attempt a response. Reset the downstream to signal // an error. ENVOY_LOG(debug, "dubbo upstream request: the request is oneway, reset downstream stream"); parent_.callbacks_->resetStream(); return; } // When the filter's callback does not end, the sendLocalReply function call // triggers the release of the current stream at the end of the filter's callback. switch (reason) { case ConnectionPool::PoolFailureReason::Overflow: parent_.callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo upstream request: too many connections")), false); break; case ConnectionPool::PoolFailureReason::LocalConnectionFailure: // Should only happen if we closed the connection, due to an error condition, in which case // we've already handled any possible downstream response. parent_.callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo upstream request: local connection failure '{}'", upstream_host_->address()->asString())), false); break; case ConnectionPool::PoolFailureReason::RemoteConnectionFailure: parent_.callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo upstream request: remote connection failure '{}'", upstream_host_->address()->asString())), false); break; case ConnectionPool::PoolFailureReason::Timeout: parent_.callbacks_->sendLocalReply( AppException(ResponseStatus::ServerError, fmt::format("dubbo upstream request: connection failure '{}' due to timeout", upstream_host_->address()->asString())), false); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } if (parent_.filter_complete_ && !response_complete_) { // When the filter's callback has ended and the reply message has not been processed, // call resetStream to release the current stream. // the resetStream eventually triggers the onDestroy function call. parent_.callbacks_->resetStream(); } } } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/router/router_impl.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/tcp/conn_pool.h" #include "common/common/logger.h" #include "common/upstream/load_balancer_impl.h" #include "extensions/filters/network/dubbo_proxy/filters/filter.h" #include "extensions/filters/network/dubbo_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { namespace Router { class Router : public Tcp::ConnectionPool::UpstreamCallbacks, public Upstream::LoadBalancerContextBase, public DubboFilters::DecoderFilter, Logger::Loggable { public: Router(Upstream::ClusterManager& cluster_manager) : cluster_manager_(cluster_manager) {} ~Router() override = default; // DubboFilters::DecoderFilter void onDestroy() override; void setDecoderFilterCallbacks(DubboFilters::DecoderFilterCallbacks& callbacks) override; FilterStatus onMessageDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) override; // Upstream::LoadBalancerContextBase const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() override { return nullptr; } const Network::Connection* downstreamConnection() const override; // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} private: struct UpstreamRequest : public Tcp::ConnectionPool::Callbacks { UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, MessageMetadataSharedPtr& metadata, SerializationType serialization_type, ProtocolType protocol_type); ~UpstreamRequest() override; FilterStatus start(); void resetStream(); void encodeData(Buffer::Instance& data); // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) override; void onRequestStart(bool continue_decoding); void onRequestComplete(); void onResponseComplete(); void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host); void onResetStream(ConnectionPool::PoolFailureReason reason); Router& parent_; Tcp::ConnectionPool::Instance& conn_pool_; MessageMetadataSharedPtr metadata_; Tcp::ConnectionPool::Cancellable* conn_pool_handle_{}; Tcp::ConnectionPool::ConnectionDataPtr conn_data_; Upstream::HostDescriptionConstSharedPtr upstream_host_; SerializerPtr serializer_; ProtocolPtr protocol_; bool request_complete_ : 1; bool response_started_ : 1; bool response_complete_ : 1; bool stream_reset_ : 1; }; void cleanup(); Upstream::ClusterManager& cluster_manager_; DubboFilters::DecoderFilterCallbacks* callbacks_{}; RouteConstSharedPtr route_{}; const RouteEntry* route_entry_{}; Upstream::ClusterInfoConstSharedPtr cluster_; std::unique_ptr upstream_request_; Envoy::Buffer::OwnedImpl upstream_request_buffer_; bool filter_complete_{false}; }; } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/serializer.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/config/typed_config.h" #include "common/common/assert.h" #include "common/config/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/dubbo_proxy/message.h" #include "extensions/filters/network/dubbo_proxy/metadata.h" #include "extensions/filters/network/dubbo_proxy/protocol_constants.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class Serializer { public: virtual ~Serializer() = default; /** * Return this Serializer's name * * @return std::string containing the serialization name. */ virtual const std::string& name() const PURE; /** * @return SerializationType the serializer type */ virtual SerializationType type() const PURE; /** * deserialize an rpc call * If successful, the RpcInvocation removed from the buffer * * @param buffer the currently buffered dubbo data * @param context context information for RPC messages * @return a pair containing the deserialized result of the message and the deserialized * invocation information. * @throws EnvoyException if the data is not valid for this serialization */ virtual std::pair deserializeRpcInvocation(Buffer::Instance& buffer, ContextSharedPtr context) PURE; /** * deserialize result of an rpc call * * @param buffer the currently buffered dubbo data * @param context context information for RPC messages * @return a pair containing the deserialized result of the message and the deserialized * result information. * @throws EnvoyException if the data is not valid for this serialization */ virtual std::pair deserializeRpcResult(Buffer::Instance& buffer, ContextSharedPtr context) PURE; /** * serialize result of an rpc call * If successful, the output_buffer is written to the serialized data * * @param output_buffer store the serialized data * @param content the rpc response content * @param type the rpc response type * @return size_t the length of the serialized content */ virtual size_t serializeRpcResult(Buffer::Instance& output_buffer, const std::string& content, RpcResponseType type) PURE; }; using SerializerPtr = std::unique_ptr; /** * Implemented by each Dubbo serialize and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedSerializerConfigFactory : public Config::UntypedFactory { public: ~NamedSerializerConfigFactory() override = default; /** * Create a particular Dubbo serializer. * @return SerializerPtr the transport */ virtual SerializerPtr createSerializer() PURE; std::string category() const override { return "envoy.dubbo_proxy.serializers"; } /** * Convenience method to lookup a factory by type. * @param TransportType the transport type * @return NamedSerializerConfigFactory& for the TransportType */ static NamedSerializerConfigFactory& getFactory(ProtocolType protocol_type, SerializationType type) { const std::string& name = ProtocolSerializerNames::get().fromType(protocol_type, type); return Envoy::Config::Utility::getAndCheckFactoryByName(name); } }; /** * SerializerFactoryBase provides a template for a trivial NamedSerializerConfigFactory. */ template class SerializerFactoryBase : public NamedSerializerConfigFactory { public: SerializerPtr createSerializer() override { return std::make_unique(); } std::string name() const override { return name_; } protected: SerializerFactoryBase(ProtocolType protocol_type, SerializationType type) : name_(ProtocolSerializerNames::get().fromType(protocol_type, type)) {} private: const std::string name_; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/serializer_impl.cc ================================================ #include "extensions/filters/network/dubbo_proxy/serializer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { void RpcInvocationImpl::addParameterValue(uint32_t index, const std::string& value) { assignParameterIfNeed(); parameter_map_->emplace(index, value); } const std::string& RpcInvocationImpl::getParameterValue(uint32_t index) const { if (parameter_map_) { auto itor = parameter_map_->find(index); if (itor != parameter_map_->end()) { return itor->second; } } return EMPTY_STRING; } const RpcInvocationImpl::ParameterValueMap& RpcInvocationImpl::parameters() { ASSERT(hasParameters()); return *parameter_map_; } const Http::HeaderMap& RpcInvocationImpl::headers() const { ASSERT(hasHeaders()); return *headers_; } void RpcInvocationImpl::addHeader(const std::string& key, const std::string& value) { assignHeaderIfNeed(); headers_->addCopy(Http::LowerCaseString(key), value); } void RpcInvocationImpl::addHeaderReference(const Http::LowerCaseString& key, const std::string& value) { assignHeaderIfNeed(); headers_->addReference(key, value); } } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/serializer_impl.h ================================================ #pragma once #include "extensions/filters/network/dubbo_proxy/message_impl.h" #include "extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { class RpcInvocationImpl : public RpcInvocationBase { public: // TODO(gengleilei) Add parameter data types and implement Dubbo data type mapping. using ParameterValueMap = absl::node_hash_map; using ParameterValueMapPtr = std::unique_ptr; RpcInvocationImpl() = default; ~RpcInvocationImpl() override = default; void addParameterValue(uint32_t index, const std::string& value); const ParameterValueMap& parameters(); const std::string& getParameterValue(uint32_t index) const; bool hasParameters() const { return parameter_map_ != nullptr; } void addHeader(const std::string& key, const std::string& value); void addHeaderReference(const Http::LowerCaseString& key, const std::string& value); const Http::HeaderMap& headers() const; bool hasHeaders() const { return headers_ != nullptr; } private: inline void assignHeaderIfNeed() { if (!headers_) { headers_ = Http::RequestHeaderMapImpl::create(); } } inline void assignParameterIfNeed() { if (!parameter_map_) { parameter_map_ = std::make_unique(); } } ParameterValueMapPtr parameter_map_; Http::HeaderMapPtr headers_; // attachment }; class RpcResultImpl : public RpcResult { public: RpcResultImpl() = default; ~RpcResultImpl() override = default; bool hasException() const override { return has_exception_; } void setException(bool has_exception) { has_exception_ = has_exception; } private: bool has_exception_ = false; }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/dubbo_proxy/stats.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace DubboProxy { /** * All dubbo filter stats. @see stats_macros.h */ #define ALL_DUBBO_FILTER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(cx_destroy_local_with_active_rq) \ COUNTER(cx_destroy_remote_with_active_rq) \ COUNTER(local_response_business_exception) \ COUNTER(local_response_error) \ COUNTER(local_response_success) \ COUNTER(request) \ COUNTER(request_decoding_error) \ COUNTER(request_decoding_success) \ COUNTER(request_event) \ COUNTER(request_oneway) \ COUNTER(request_twoway) \ COUNTER(response) \ COUNTER(response_business_exception) \ COUNTER(response_decoding_error) \ COUNTER(response_decoding_success) \ COUNTER(response_error) \ COUNTER(response_error_caused_connection_close) \ COUNTER(response_success) \ GAUGE(request_active, Accumulate) \ HISTOGRAM(request_time_ms, Milliseconds) /** * Struct definition for all dubbo proxy stats. @see stats_macros.h */ struct DubboFilterStats { ALL_DUBBO_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) static DubboFilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { return DubboFilterStats{ALL_DUBBO_FILTER_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}; } }; } // namespace DubboProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/echo/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Echo L4 network filter. This is primarily a simplistic example. # Public docs: docs/root/configuration/network_filters/echo_filter.rst envoy_extension_package() envoy_cc_library( name = "echo", srcs = ["echo.cc"], hdrs = ["echo.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], # TODO(#9953) move echo integration test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "unknown", deps = [ ":echo", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/echo/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/echo/config.cc ================================================ #include "envoy/extensions/filters/network/echo/v3/echo.pb.h" #include "envoy/extensions/filters/network/echo/v3/echo.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/echo/echo.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Echo { /** * Config registration for the echo filter. @see NamedNetworkFilterConfigFactory. */ class EchoConfigFactory : public Common::FactoryBase { public: EchoConfigFactory() : FactoryBase(NetworkFilterNames::get().Echo) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped(const envoy::extensions::filters::network::echo::v3::Echo&, Server::Configuration::FactoryContext&) override { return [](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared()); }; } bool isTerminalFilter() override { return true; } }; /** * Static registration for the echo filter. @see RegisterFactory. */ REGISTER_FACTORY(EchoConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.echo"}; } // namespace Echo } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/echo/echo.cc ================================================ #include "extensions/filters/network/echo/echo.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Echo { Network::FilterStatus EchoFilter::onData(Buffer::Instance& data, bool end_stream) { ENVOY_CONN_LOG(trace, "echo: got {} bytes", read_callbacks_->connection(), data.length()); read_callbacks_->connection().write(data, end_stream); ASSERT(0 == data.length()); return Network::FilterStatus::StopIteration; } } // namespace Echo } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/echo/echo.h ================================================ #pragma once #include "envoy/network/filter.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Echo { /** * Implementation of a basic echo filter. */ class EchoFilter : public Network::ReadFilter, Logger::Loggable { public: // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; } private: Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace Echo } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ext_authz/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # External authorization L4 network filter # Public docs: TODO(saumoh): Docs needed in docs/root/configuration/network_filters envoy_extension_package() envoy_cc_library( name = "ext_authz", srcs = ["ext_authz.cc"], hdrs = ["ext_authz.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_macros", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:matchers_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/common/ext_authz:ext_authz_grpc_lib", "//source/extensions/filters/common/ext_authz:ext_authz_interface", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/ext_authz/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/ext_authz", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/ext_authz/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/ext_authz/config.cc ================================================ #include "extensions/filters/network/ext_authz/config.h" #include #include #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/common/ext_authz/ext_authz.h" #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "extensions/filters/network/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ExtAuthz { Network::FilterFactoryCb ExtAuthzConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::ext_authz::v3::ExtAuthz& proto_config, Server::Configuration::FactoryContext& context) { ConfigSharedPtr ext_authz_config = std::make_shared(proto_config, context.scope()); const uint32_t timeout_ms = PROTOBUF_GET_MS_OR_DEFAULT(proto_config.grpc_service(), timeout, 200); return [grpc_service = proto_config.grpc_service(), &context, ext_authz_config, transport_api_version = proto_config.transport_api_version(), timeout_ms](Network::FilterManager& filter_manager) -> void { auto async_client_factory = context.clusterManager().grpcAsyncClientManager().factoryForGrpcService( grpc_service, context.scope(), true); auto client = std::make_unique( async_client_factory->create(), std::chrono::milliseconds(timeout_ms), transport_api_version, false); filter_manager.addReadFilter(Network::ReadFilterSharedPtr{ std::make_shared(ext_authz_config, std::move(client))}); }; } /** * Static registration for the external authorization filter. @see RegisterFactory. */ REGISTER_FACTORY(ExtAuthzConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.ext_authz"}; } // namespace ExtAuthz } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ext_authz/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ExtAuthz { /** * Config registration for the external authorization filter. @see NamedNetworkFilterConfigFactory. */ class ExtAuthzConfigFactory : public Common::FactoryBase { public: ExtAuthzConfigFactory() : FactoryBase(NetworkFilterNames::get().ExtAuthorization) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::ext_authz::v3::ExtAuthz& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace ExtAuthz } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ext_authz/ext_authz.cc ================================================ #include "extensions/filters/network/ext_authz/ext_authz.h" #include #include #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ExtAuthz { InstanceStats Config::generateStats(const std::string& name, Stats::Scope& scope) { const std::string final_prefix = fmt::format("ext_authz.{}.", name); return {ALL_TCP_EXT_AUTHZ_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; } void Filter::callCheck() { Filters::Common::ExtAuthz::CheckRequestUtils::createTcpCheck(filter_callbacks_, check_request_, config_->includePeerCertificate()); status_ = Status::Calling; config_->stats().active_.inc(); config_->stats().total_.inc(); calling_check_ = true; auto& connection = filter_callbacks_->connection(); client_->check(*this, connection.dispatcher(), check_request_, Tracing::NullSpan::instance(), connection.streamInfo()); calling_check_ = false; } Network::FilterStatus Filter::onData(Buffer::Instance&, bool /* end_stream */) { if (!filterEnabled(filter_callbacks_->connection().streamInfo().dynamicMetadata())) { config_->stats().disabled_.inc(); return Network::FilterStatus::Continue; } if (status_ == Status::NotStarted) { // By waiting to invoke the check at onData() the call to authorization service will have // sufficient information to fill out the checkRequest_. callCheck(); } return filter_return_ == FilterReturn::Stop ? Network::FilterStatus::StopIteration : Network::FilterStatus::Continue; } Network::FilterStatus Filter::onNewConnection() { // Wait till onData() happens. return Network::FilterStatus::Continue; } void Filter::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (status_ == Status::Calling) { // Make sure that any pending request in the client is cancelled. This will be NOP if the // request already completed. client_->cancel(); config_->stats().active_.dec(); } } } void Filter::onComplete(Filters::Common::ExtAuthz::ResponsePtr&& response) { status_ = Status::Complete; config_->stats().active_.dec(); switch (response->status) { case Filters::Common::ExtAuthz::CheckStatus::OK: config_->stats().ok_.inc(); break; case Filters::Common::ExtAuthz::CheckStatus::Error: config_->stats().error_.inc(); if (response->error_kind == Filters::Common::ExtAuthz::ErrorKind::Timedout) { config_->stats().timeout_.inc(); } break; case Filters::Common::ExtAuthz::CheckStatus::Denied: config_->stats().denied_.inc(); break; } // Fail open only if configured to do so and if the check status was a error. if (response->status == Filters::Common::ExtAuthz::CheckStatus::Denied || (response->status == Filters::Common::ExtAuthz::CheckStatus::Error && !config_->failureModeAllow())) { config_->stats().cx_closed_.inc(); filter_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } else { // Let the filter chain continue. filter_return_ = FilterReturn::Continue; if (config_->failureModeAllow() && response->status == Filters::Common::ExtAuthz::CheckStatus::Error) { // Status is Error and yet we are configured to allow traffic. Click a counter. config_->stats().failure_mode_allowed_.inc(); } if (!response->dynamic_metadata.fields().empty()) { filter_callbacks_->connection().streamInfo().setDynamicMetadata( NetworkFilterNames::get().ExtAuthorization, response->dynamic_metadata); } // We can get completion inline, so only call continue if that isn't happening. if (!calling_check_) { filter_callbacks_->continueReading(); } } } } // namespace ExtAuthz } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ext_authz/ext_authz.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/matchers.h" #include "extensions/filters/common/ext_authz/ext_authz.h" #include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ExtAuthz { /** * All tcp external authorization stats. @see stats_macros.h */ #define ALL_TCP_EXT_AUTHZ_STATS(COUNTER, GAUGE) \ COUNTER(cx_closed) \ COUNTER(denied) \ COUNTER(error) \ COUNTER(timeout) \ COUNTER(failure_mode_allowed) \ COUNTER(ok) \ COUNTER(total) \ COUNTER(disabled) \ GAUGE(active, Accumulate) /** * Struct definition for all external authorization stats. @see stats_macros.h */ struct InstanceStats { ALL_TCP_EXT_AUTHZ_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Global configuration for ExtAuthz filter. */ class Config { public: Config(const envoy::extensions::filters::network::ext_authz::v3::ExtAuthz& config, Stats::Scope& scope) : stats_(generateStats(config.stat_prefix(), scope)), failure_mode_allow_(config.failure_mode_allow()), include_peer_certificate_(config.include_peer_certificate()), filter_enabled_metadata_( config.has_filter_enabled_metadata() ? absl::optional(config.filter_enabled_metadata()) : absl::nullopt) {} const InstanceStats& stats() { return stats_; } bool failureModeAllow() const { return failure_mode_allow_; } void setFailModeAllow(bool value) { failure_mode_allow_ = value; } bool includePeerCertificate() const { return include_peer_certificate_; } bool filterEnabledMetadata(const envoy::config::core::v3::Metadata& metadata) const { return filter_enabled_metadata_.has_value() ? filter_enabled_metadata_->match(metadata) : true; } private: static InstanceStats generateStats(const std::string& name, Stats::Scope& scope); const InstanceStats stats_; bool failure_mode_allow_; const bool include_peer_certificate_; const absl::optional filter_enabled_metadata_; }; using ConfigSharedPtr = std::shared_ptr; /** * ExtAuthz filter instance. This filter will call the Authorization service with the given * configuration parameters. If the authorization service returns an error or a deny the * connection will be closed without any further filters being called. Otherwise all buffered * data will be released to further filters. */ class Filter : public Network::ReadFilter, public Network::ConnectionCallbacks, public Filters::Common::ExtAuthz::RequestCallbacks { public: Filter(ConfigSharedPtr config, Filters::Common::ExtAuthz::ClientPtr&& client) : config_(config), client_(std::move(client)) {} ~Filter() override = default; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { filter_callbacks_ = &callbacks; filter_callbacks_->connection().addConnectionCallbacks(*this); } // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // ExtAuthz::RequestCallbacks void onComplete(Filters::Common::ExtAuthz::ResponsePtr&&) override; private: // State of this filter's communication with the external authorization service. // The filter has either not started calling the external service, in the middle of calling // it or has completed. enum class Status { NotStarted, Calling, Complete }; // FilterReturn is used to capture what the return code should be to the filter chain. // if this filter is either in the middle of calling the external service or the result is denied // then the filter chain should stop. Otherwise the filter chain can continue to the next filter. enum class FilterReturn { Stop, Continue }; void callCheck(); bool filterEnabled(const envoy::config::core::v3::Metadata& metadata) { return config_->filterEnabledMetadata(metadata); } ConfigSharedPtr config_; Filters::Common::ExtAuthz::ClientPtr client_; Network::ReadFilterCallbacks* filter_callbacks_{}; Status status_{Status::NotStarted}; FilterReturn filter_return_{FilterReturn::Stop}; // Used to identify if the callback to onComplete() is synchronous (on the stack) or asynchronous. bool calling_check_{}; envoy::service::auth::v3::CheckRequest check_request_{}; }; } // namespace ExtAuthz } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/http_connection_manager/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # L4 network filter that implements HTTP protocol handling and filtering. This filter internally # drives all of the L7 HTTP filters. # Public docs: docs/root/configuration/http_conn_man/http_conn_man.rst envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ "//include/envoy/config:config_provider_manager_interface", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/http:codec_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:request_id_extension_interface", "//include/envoy/registry", "//include/envoy/router:route_config_provider_manager_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:options_interface", "//include/envoy/stats:stats_interface", "//source/common/access_log:access_log_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/filter/http:filter_config_discovery_lib", "//source/common/http:conn_manager_lib", "//source/common/http:default_server_string_lib", "//source/common/http:request_id_extension_lib", "//source/common/http:utility_lib", "//source/common/http/http1:codec_legacy_lib", "//source/common/http/http1:codec_lib", "//source/common/http/http2:codec_legacy_lib", "//source/common/http/http2:codec_lib", "//source/common/json:json_loader_lib", "//source/common/local_reply:local_reply_lib", "//source/common/protobuf:utility_lib", "//source/common/router:rds_lib", "//source/common/router:scoped_rds_lib", "//source/common/runtime:runtime_lib", "//source/common/tracing:http_tracer_config_lib", "//source/common/tracing:http_tracer_lib", "//source/common/tracing:http_tracer_manager_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", "@envoy_api//envoy/type/tracing/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/http_connection_manager/config.cc ================================================ #include "extensions/filters/network/http_connection_manager/config.h" #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.h" #include "envoy/filesystem/filesystem.h" #include "envoy/registry/registry.h" #include "envoy/server/admin.h" #include "envoy/tracing/http_tracer.h" #include "envoy/type/tracing/v3/custom_tag.pb.h" #include "envoy/type/v3/percent.pb.h" #include "common/access_log/access_log_impl.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/filter/http/filter_config_discovery_impl.h" #include "common/http/conn_manager_utility.h" #include "common/http/default_server_string.h" #include "common/http/http1/codec_impl.h" #include "common/http/http1/codec_impl_legacy.h" #include "common/http/http2/codec_impl.h" #include "common/http/http2/codec_impl_legacy.h" #include "common/http/http3/quic_codec_factory.h" #include "common/http/http3/well_known_names.h" #include "common/http/request_id_extension_impl.h" #include "common/http/utility.h" #include "common/local_reply/local_reply.h" #include "common/protobuf/utility.h" #include "common/router/rds_impl.h" #include "common/router/scoped_rds.h" #include "common/runtime/runtime_impl.h" #include "common/tracing/http_tracer_config_impl.h" #include "common/tracing/http_tracer_manager_impl.h" #include "extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace HttpConnectionManager { namespace { using FilterFactoriesList = std::list; using FilterFactoryMap = std::map; HttpConnectionManagerConfig::UpgradeMap::const_iterator findUpgradeBoolCaseInsensitive(const HttpConnectionManagerConfig::UpgradeMap& upgrade_map, absl::string_view upgrade_type) { for (auto it = upgrade_map.begin(); it != upgrade_map.end(); ++it) { if (StringUtil::CaseInsensitiveCompare()(it->first, upgrade_type)) { return it; } } return upgrade_map.end(); } FilterFactoryMap::const_iterator findUpgradeCaseInsensitive(const FilterFactoryMap& upgrade_map, absl::string_view upgrade_type) { for (auto it = upgrade_map.begin(); it != upgrade_map.end(); ++it) { if (StringUtil::CaseInsensitiveCompare()(it->first, upgrade_type)) { return it; } } return upgrade_map.end(); } std::unique_ptr createInternalAddressConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config) { if (config.has_internal_address_config()) { return std::make_unique(config.internal_address_config()); } return std::make_unique(); } class MissingConfigFilter : public Http::PassThroughDecoderFilter { public: Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override { decoder_callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::NoFilterConfigFound); decoder_callbacks_->sendLocalReply(Http::Code::InternalServerError, EMPTY_STRING, nullptr, absl::nullopt, EMPTY_STRING); return Http::FilterHeadersStatus::StopIteration; } }; } // namespace // Singleton registration via macro defined in envoy/singleton/manager.h SINGLETON_MANAGER_REGISTRATION(date_provider); SINGLETON_MANAGER_REGISTRATION(route_config_provider_manager); SINGLETON_MANAGER_REGISTRATION(scoped_routes_config_provider_manager); SINGLETON_MANAGER_REGISTRATION(http_tracer_manager); SINGLETON_MANAGER_REGISTRATION(filter_config_provider_manager); Utility::Singletons Utility::createSingletons(Server::Configuration::FactoryContext& context) { std::shared_ptr date_provider = context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(date_provider), [&context] { return std::make_shared(context.dispatcher(), context.threadLocal()); }); Router::RouteConfigProviderManagerSharedPtr route_config_provider_manager = context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(route_config_provider_manager), [&context] { return std::make_shared(context.admin()); }); Router::ScopedRoutesConfigProviderManagerSharedPtr scoped_routes_config_provider_manager = context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(scoped_routes_config_provider_manager), [&context, route_config_provider_manager] { return std::make_shared( context.admin(), *route_config_provider_manager); }); auto http_tracer_manager = context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(http_tracer_manager), [&context] { return std::make_shared( std::make_unique( context.getServerFactoryContext(), context.messageValidationVisitor())); }); std::shared_ptr filter_config_provider_manager = context.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(filter_config_provider_manager), [] { return std::make_shared(); }); return {date_provider, route_config_provider_manager, scoped_routes_config_provider_manager, http_tracer_manager, filter_config_provider_manager}; } std::shared_ptr Utility::createConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context, Http::DateProvider& date_provider, Router::RouteConfigProviderManager& route_config_provider_manager, Config::ConfigProviderManager& scoped_routes_config_provider_manager, Tracing::HttpTracerManager& http_tracer_manager, Filter::Http::FilterConfigProviderManager& filter_config_provider_manager) { return std::make_shared( proto_config, context, date_provider, route_config_provider_manager, scoped_routes_config_provider_manager, http_tracer_manager, filter_config_provider_manager); } Network::FilterFactoryCb HttpConnectionManagerFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context) { Utility::Singletons singletons = Utility::createSingletons(context); auto filter_config = Utility::createConfig( proto_config, context, *singletons.date_provider_, *singletons.route_config_provider_manager_, *singletons.scoped_routes_config_provider_manager_, *singletons.http_tracer_manager_, *singletons.filter_config_provider_manager_); // This lambda captures the shared_ptrs created above, thus preserving the // reference count. // Keep in mind the lambda capture list **doesn't** determine the destruction order, but it's fine // as these captured objects are also global singletons. return [singletons, filter_config, &context](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(Network::ReadFilterSharedPtr{new Http::ConnectionManagerImpl( *filter_config, context.drainDecision(), context.api().randomGenerator(), context.httpContext(), context.runtime(), context.localInfo(), context.clusterManager(), context.overloadManager(), context.dispatcher().timeSource())}); }; } /** * Static registration for the HTTP connection manager filter. */ REGISTER_FACTORY(HttpConnectionManagerFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){ "envoy.http_connection_manager"}; InternalAddressConfig::InternalAddressConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: InternalAddressConfig& config) : unix_sockets_(config.unix_sockets()) {} HttpConnectionManagerConfig::HttpConnectionManagerConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::FactoryContext& context, Http::DateProvider& date_provider, Router::RouteConfigProviderManager& route_config_provider_manager, Config::ConfigProviderManager& scoped_routes_config_provider_manager, Tracing::HttpTracerManager& http_tracer_manager, Filter::Http::FilterConfigProviderManager& filter_config_provider_manager) : context_(context), stats_prefix_(fmt::format("http.{}.", config.stat_prefix())), stats_(Http::ConnectionManagerImpl::generateStats(stats_prefix_, context_.scope())), tracing_stats_( Http::ConnectionManagerImpl::generateTracingStats(stats_prefix_, context_.scope())), use_remote_address_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, use_remote_address, false)), internal_address_config_(createInternalAddressConfig(config)), xff_num_trusted_hops_(config.xff_num_trusted_hops()), skip_xff_append_(config.skip_xff_append()), via_(config.via()), route_config_provider_manager_(route_config_provider_manager), scoped_routes_config_provider_manager_(scoped_routes_config_provider_manager), filter_config_provider_manager_(filter_config_provider_manager), http2_options_(Http2::Utility::initializeAndValidateOptions( config.http2_protocol_options(), config.has_stream_error_on_invalid_http_message(), config.stream_error_on_invalid_http_message())), http1_settings_(Http::Utility::parseHttp1Settings( config.http_protocol_options(), config.stream_error_on_invalid_http_message())), max_request_headers_kb_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, max_request_headers_kb, Http::DEFAULT_MAX_REQUEST_HEADERS_KB)), max_request_headers_count_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config.common_http_protocol_options(), max_headers_count, context.runtime().snapshot().getInteger(Http::MaxRequestHeadersCountOverrideKey, Http::DEFAULT_MAX_HEADERS_COUNT))), idle_timeout_(PROTOBUF_GET_OPTIONAL_MS(config.common_http_protocol_options(), idle_timeout)), max_connection_duration_( PROTOBUF_GET_OPTIONAL_MS(config.common_http_protocol_options(), max_connection_duration)), max_stream_duration_( PROTOBUF_GET_OPTIONAL_MS(config.common_http_protocol_options(), max_stream_duration)), stream_idle_timeout_( PROTOBUF_GET_MS_OR_DEFAULT(config, stream_idle_timeout, StreamIdleTimeoutMs)), request_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(config, request_timeout, RequestTimeoutMs)), drain_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(config, drain_timeout, 5000)), generate_request_id_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, generate_request_id, true)), preserve_external_request_id_(config.preserve_external_request_id()), always_set_request_id_in_response_(config.always_set_request_id_in_response()), date_provider_(date_provider), listener_stats_(Http::ConnectionManagerImpl::generateListenerStats(stats_prefix_, context_.listenerScope())), proxy_100_continue_(config.proxy_100_continue()), stream_error_on_invalid_http_messaging_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, stream_error_on_invalid_http_message, false)), delayed_close_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(config, delayed_close_timeout, 1000)), #ifdef ENVOY_NORMALIZE_PATH_BY_DEFAULT normalize_path_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, normalize_path, // TODO(htuch): we should have a boolean variant of featureEnabled() here. context.runtime().snapshot().featureEnabled("http_connection_manager.normalize_path", 100))), #else normalize_path_(PROTOBUF_GET_WRAPPED_OR_DEFAULT( config, normalize_path, // TODO(htuch): we should have a boolean variant of featureEnabled() here. context.runtime().snapshot().featureEnabled("http_connection_manager.normalize_path", 0))), #endif merge_slashes_(config.merge_slashes()), strip_matching_port_(config.strip_matching_host_port()), headers_with_underscores_action_( config.common_http_protocol_options().headers_with_underscores_action()), local_reply_(LocalReply::Factory::create(config.local_reply_config(), context)) { // If idle_timeout_ was not configured in common_http_protocol_options, use value in deprecated // idle_timeout field. // TODO(asraa): Remove when idle_timeout is removed. if (!idle_timeout_) { idle_timeout_ = PROTOBUF_GET_OPTIONAL_MS(config, hidden_envoy_deprecated_idle_timeout); } if (!idle_timeout_) { idle_timeout_ = std::chrono::hours(1); } else if (idle_timeout_.value().count() == 0) { idle_timeout_ = absl::nullopt; } // If we are provided a different request_id_extension implementation to use try and create a new // instance of it, otherwise use default one. if (config.request_id_extension().has_typed_config()) { request_id_extension_ = Http::RequestIDExtensionFactory::fromProto(config.request_id_extension(), context_); } else { request_id_extension_ = Http::RequestIDExtensionFactory::defaultInstance(context_.api().randomGenerator()); } // If scoped RDS is enabled, avoid creating a route config provider. Route config providers will // be managed by the scoped routing logic instead. switch (config.route_specifier_case()) { case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kRds: case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kRouteConfig: route_config_provider_ = Router::RouteConfigProviderUtil::create( config, context_.getServerFactoryContext(), context_.messageValidationVisitor(), context_.initManager(), stats_prefix_, route_config_provider_manager_); break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: RouteSpecifierCase::kScopedRoutes: scoped_routes_config_provider_ = Router::ScopedRoutesConfigProviderUtil::create( config, context_.getServerFactoryContext(), context_.initManager(), stats_prefix_, scoped_routes_config_provider_manager_); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } switch (config.forward_client_cert_details()) { case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: SANITIZE: forward_client_cert_ = Http::ForwardClientCertType::Sanitize; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: FORWARD_ONLY: forward_client_cert_ = Http::ForwardClientCertType::ForwardOnly; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: APPEND_FORWARD: forward_client_cert_ = Http::ForwardClientCertType::AppendForward; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: SANITIZE_SET: forward_client_cert_ = Http::ForwardClientCertType::SanitizeSet; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: ALWAYS_FORWARD_ONLY: forward_client_cert_ = Http::ForwardClientCertType::AlwaysForwardOnly; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } const auto& set_current_client_cert_details = config.set_current_client_cert_details(); if (set_current_client_cert_details.cert()) { set_current_client_cert_details_.push_back(Http::ClientCertDetailsType::Cert); } if (set_current_client_cert_details.chain()) { set_current_client_cert_details_.push_back(Http::ClientCertDetailsType::Chain); } if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(set_current_client_cert_details, subject, false)) { set_current_client_cert_details_.push_back(Http::ClientCertDetailsType::Subject); } if (set_current_client_cert_details.uri()) { set_current_client_cert_details_.push_back(Http::ClientCertDetailsType::URI); } if (set_current_client_cert_details.dns()) { set_current_client_cert_details_.push_back(Http::ClientCertDetailsType::DNS); } if (config.has_add_user_agent() && config.add_user_agent().value()) { user_agent_ = context_.localInfo().clusterName(); } if (config.has_tracing()) { http_tracer_ = http_tracer_manager.getOrCreateHttpTracer(getPerFilterTracerConfig(config)); const auto& tracing_config = config.tracing(); Tracing::OperationName tracing_operation_name; // Listener level traffic direction overrides the operation name switch (context.direction()) { case envoy::config::core::v3::UNSPECIFIED: { switch (tracing_config.hidden_envoy_deprecated_operation_name()) { case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: Tracing::INGRESS: tracing_operation_name = Tracing::OperationName::Ingress; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: Tracing::EGRESS: tracing_operation_name = Tracing::OperationName::Egress; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } break; } case envoy::config::core::v3::INBOUND: tracing_operation_name = Tracing::OperationName::Ingress; break; case envoy::config::core::v3::OUTBOUND: tracing_operation_name = Tracing::OperationName::Egress; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } Tracing::CustomTagMap custom_tags; for (const std::string& header : tracing_config.hidden_envoy_deprecated_request_headers_for_tags()) { envoy::type::tracing::v3::CustomTag::Header headerTag; headerTag.set_name(header); custom_tags.emplace( header, std::make_shared(header, headerTag)); } for (const auto& tag : tracing_config.custom_tags()) { custom_tags.emplace(tag.tag(), Tracing::HttpTracerUtility::createCustomTag(tag)); } envoy::type::v3::FractionalPercent client_sampling; client_sampling.set_numerator( tracing_config.has_client_sampling() ? tracing_config.client_sampling().value() : 100); envoy::type::v3::FractionalPercent random_sampling; // TODO: Random sampling historically was an integer and default to out of 10,000. We should // deprecate that and move to a straight fractional percent config. uint64_t random_sampling_numerator{PROTOBUF_PERCENT_TO_ROUNDED_INTEGER_OR_DEFAULT( tracing_config, random_sampling, 10000, 10000)}; random_sampling.set_numerator(random_sampling_numerator); random_sampling.set_denominator(envoy::type::v3::FractionalPercent::TEN_THOUSAND); envoy::type::v3::FractionalPercent overall_sampling; overall_sampling.set_numerator( tracing_config.has_overall_sampling() ? tracing_config.overall_sampling().value() : 100); const uint32_t max_path_tag_length = PROTOBUF_GET_WRAPPED_OR_DEFAULT( tracing_config, max_path_tag_length, Tracing::DefaultMaxPathTagLength); tracing_config_ = std::make_unique(Http::TracingConnectionManagerConfig{ tracing_operation_name, custom_tags, client_sampling, random_sampling, overall_sampling, tracing_config.verbose(), max_path_tag_length}); } for (const auto& access_log : config.access_log()) { AccessLog::InstanceSharedPtr current_access_log = AccessLog::AccessLogFactory::fromProto(access_log, context_); access_logs_.push_back(current_access_log); } server_transformation_ = config.server_header_transformation(); if (!config.server_name().empty()) { server_name_ = config.server_name(); } else { server_name_ = Http::DefaultServerString::get(); } switch (config.codec_type()) { case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: AUTO: codec_type_ = CodecType::AUTO; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP1: codec_type_ = CodecType::HTTP1; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP2: codec_type_ = CodecType::HTTP2; break; case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP3: codec_type_ = CodecType::HTTP3; break; default: NOT_REACHED_GCOVR_EXCL_LINE; } const auto& filters = config.http_filters(); for (int32_t i = 0; i < filters.size(); i++) { processFilter(filters[i], i, "http", filter_factories_, "http", i == filters.size() - 1); } for (const auto& upgrade_config : config.upgrade_configs()) { const std::string& name = upgrade_config.upgrade_type(); const bool enabled = upgrade_config.has_enabled() ? upgrade_config.enabled().value() : true; if (findUpgradeCaseInsensitive(upgrade_filter_factories_, name) != upgrade_filter_factories_.end()) { throw EnvoyException( fmt::format("Error: multiple upgrade configs with the same name: '{}'", name)); } if (!upgrade_config.filters().empty()) { std::unique_ptr factories = std::make_unique(); for (int32_t j = 0; j < upgrade_config.filters().size(); j++) { processFilter(upgrade_config.filters(j), j, name, *factories, "http upgrade", j == upgrade_config.filters().size() - 1); } upgrade_filter_factories_.emplace( std::make_pair(name, FilterConfig{std::move(factories), enabled})); } else { std::unique_ptr factories(nullptr); upgrade_filter_factories_.emplace( std::make_pair(name, FilterConfig{std::move(factories), enabled})); } } } void HttpConnectionManagerConfig::processFilter( const envoy::extensions::filters::network::http_connection_manager::v3::HttpFilter& proto_config, int i, absl::string_view prefix, FilterFactoriesList& filter_factories, const char* filter_chain_type, bool last_filter_in_current_config) { ENVOY_LOG(debug, " {} filter #{}", prefix, i); if (proto_config.config_type_case() == envoy::extensions::filters::network::http_connection_manager::v3::HttpFilter::ConfigTypeCase:: kConfigDiscovery) { processDynamicFilterConfig(proto_config.name(), proto_config.config_discovery(), filter_factories, filter_chain_type, last_filter_in_current_config); return; } // Now see if there is a factory that will accept the config. auto& factory = Config::Utility::getAndCheckFactory( proto_config); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( proto_config, context_.messageValidationVisitor(), factory); Http::FilterFactoryCb callback = factory.createFilterFactoryFromProto(*message, stats_prefix_, context_); bool is_terminal = factory.isTerminalFilter(); Config::Utility::validateTerminalFilters(proto_config.name(), factory.name(), filter_chain_type, is_terminal, last_filter_in_current_config); auto filter_config_provider = filter_config_provider_manager_.createStaticFilterConfigProvider( callback, proto_config.name()); ENVOY_LOG(debug, " name: {}", filter_config_provider->name()); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage( proto_config.has_typed_config() ? static_cast(proto_config.typed_config()) : static_cast( proto_config.hidden_envoy_deprecated_config()), true)); filter_factories.push_back(std::move(filter_config_provider)); } void HttpConnectionManagerConfig::processDynamicFilterConfig( const std::string& name, const envoy::config::core::v3::ExtensionConfigSource& config_discovery, FilterFactoriesList& filter_factories, const char* filter_chain_type, bool last_filter_in_current_config) { ENVOY_LOG(debug, " dynamic filter name: {}", name); if (config_discovery.apply_default_config_without_warming() && !config_discovery.has_default_config()) { throw EnvoyException(fmt::format( "Error: filter config {} applied without warming but has no default config.", name)); } std::set require_type_urls; for (const auto& type_url : config_discovery.type_urls()) { auto factory_type_url = TypeUtil::typeUrlToDescriptorFullName(type_url); require_type_urls.emplace(factory_type_url); auto* factory = Registry::FactoryRegistry< Server::Configuration::NamedHttpFilterConfigFactory>::getFactoryByType(factory_type_url); if (factory == nullptr) { throw EnvoyException( fmt::format("Error: no factory found for a required type URL {}.", factory_type_url)); } Config::Utility::validateTerminalFilters(name, factory->name(), filter_chain_type, factory->isTerminalFilter(), last_filter_in_current_config); } auto filter_config_provider = filter_config_provider_manager_.createDynamicFilterConfigProvider( config_discovery.config_source(), name, require_type_urls, context_, stats_prefix_, config_discovery.apply_default_config_without_warming()); if (config_discovery.has_default_config()) { auto* default_factory = Config::Utility::getFactoryByType( config_discovery.default_config()); if (default_factory == nullptr) { throw EnvoyException(fmt::format("Error: cannot find filter factory {} for default filter " "configuration with type URL {}.", name, config_discovery.default_config().type_url())); } filter_config_provider->validateConfig(config_discovery.default_config(), *default_factory); ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( config_discovery.default_config(), context_.messageValidationVisitor(), *default_factory); Http::FilterFactoryCb default_config = default_factory->createFilterFactoryFromProto(*message, stats_prefix_, context_); filter_config_provider->onConfigUpdate(default_config, "", nullptr); } filter_factories.push_back(std::move(filter_config_provider)); } Http::ServerConnectionPtr HttpConnectionManagerConfig::createCodec(Network::Connection& connection, const Buffer::Instance& data, Http::ServerConnectionCallbacks& callbacks) { switch (codec_type_) { case CodecType::HTTP1: { if (context_.runtime().snapshot().runtimeFeatureEnabled( "envoy.reloadable_features.new_codec_behavior")) { return std::make_unique( connection, Http::Http1::CodecStats::atomicGet(http1_codec_stats_, context_.scope()), callbacks, http1_settings_, maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } else { return std::make_unique( connection, Http::Http1::CodecStats::atomicGet(http1_codec_stats_, context_.scope()), callbacks, http1_settings_, maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } } case CodecType::HTTP2: { if (context_.runtime().snapshot().runtimeFeatureEnabled( "envoy.reloadable_features.new_codec_behavior")) { return std::make_unique( connection, callbacks, Http::Http2::CodecStats::atomicGet(http2_codec_stats_, context_.scope()), context_.api().randomGenerator(), http2_options_, maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } else { return std::make_unique( connection, callbacks, Http::Http2::CodecStats::atomicGet(http2_codec_stats_, context_.scope()), context_.api().randomGenerator(), http2_options_, maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } } case CodecType::HTTP3: // Hard code Quiche factory name here to instantiate a QUIC codec implemented. // TODO(danzh) Add support to get the factory name from config, possibly // from HttpConnectionManager protobuf. This is not essential till there are multiple // implementations of QUIC. return std::unique_ptr( Config::Utility::getAndCheckFactoryByName( Http::QuicCodecNames::get().Quiche) .createQuicServerConnection(connection, callbacks)); case CodecType::AUTO: return Http::ConnectionManagerUtility::autoCreateCodec( connection, data, callbacks, context_.scope(), context_.api().randomGenerator(), http1_codec_stats_, http2_codec_stats_, http1_settings_, http2_options_, maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } NOT_REACHED_GCOVR_EXCL_LINE; } void HttpConnectionManagerConfig::createFilterChainForFactories( Http::FilterChainFactoryCallbacks& callbacks, const FilterFactoriesList& filter_factories) { bool added_missing_config_filter = false; for (const auto& filter_config_provider : filter_factories) { auto config = filter_config_provider->config(); if (config.has_value()) { config.value()(callbacks); continue; } // If a filter config is missing after warming, inject a local reply with status 500. if (!added_missing_config_filter) { ENVOY_LOG(trace, "Missing filter config for a provider {}", filter_config_provider->name()); callbacks.addStreamDecoderFilter( Http::StreamDecoderFilterSharedPtr{std::make_shared()}); added_missing_config_filter = true; } else { ENVOY_LOG(trace, "Provider {} missing a filter config", filter_config_provider->name()); } } } void HttpConnectionManagerConfig::createFilterChain(Http::FilterChainFactoryCallbacks& callbacks) { createFilterChainForFactories(callbacks, filter_factories_); } bool HttpConnectionManagerConfig::createUpgradeFilterChain( absl::string_view upgrade_type, const Http::FilterChainFactory::UpgradeMap* per_route_upgrade_map, Http::FilterChainFactoryCallbacks& callbacks) { bool route_enabled = false; if (per_route_upgrade_map) { auto route_it = findUpgradeBoolCaseInsensitive(*per_route_upgrade_map, upgrade_type); if (route_it != per_route_upgrade_map->end()) { // Upgrades explicitly not allowed on this route. if (route_it->second == false) { return false; } // Upgrades explicitly enabled on this route. route_enabled = true; } } auto it = findUpgradeCaseInsensitive(upgrade_filter_factories_, upgrade_type); if ((it == upgrade_filter_factories_.end() || !it->second.allow_upgrade) && !route_enabled) { // Either the HCM disables upgrades and the route-config does not override, // or neither is configured for this upgrade. return false; } FilterFactoriesList* filters_to_use = &filter_factories_; if (it != upgrade_filter_factories_.end() && it->second.filter_factories != nullptr) { filters_to_use = it->second.filter_factories.get(); } createFilterChainForFactories(callbacks, *filters_to_use); return true; } const Network::Address::Instance& HttpConnectionManagerConfig::localAddress() { return *context_.localInfo().address(); } /** * Determines what tracing provider to use for a given * "envoy.filters.network.http_connection_manager" filter instance. */ const envoy::config::trace::v3::Tracing_Http* HttpConnectionManagerConfig::getPerFilterTracerConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config) { // Give precedence to tracing provider configuration defined as part of // "envoy.filters.network.http_connection_manager" filter config. if (config.tracing().has_provider()) { return &config.tracing().provider(); } // Otherwise, for the sake of backwards compatibility, fallback to using tracing provider // configuration defined in the bootstrap config. if (context_.httpContext().defaultTracingConfig().has_http()) { return &context_.httpContext().defaultTracingConfig().http(); } return nullptr; } std::function HttpConnectionManagerFactory::createHttpConnectionManagerFactoryFromProto( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context, Network::ReadFilterCallbacks& read_callbacks) { Utility::Singletons singletons = Utility::createSingletons(context); auto filter_config = Utility::createConfig( proto_config, context, *singletons.date_provider_, *singletons.route_config_provider_manager_, *singletons.scoped_routes_config_provider_manager_, *singletons.http_tracer_manager_, *singletons.filter_config_provider_manager_); // This lambda captures the shared_ptrs created above, thus preserving the // reference count. // Keep in mind the lambda capture list **doesn't** determine the destruction order, but it's fine // as these captured objects are also global singletons. return [singletons, filter_config, &context, &read_callbacks]() -> Http::ApiListenerPtr { auto conn_manager = std::make_unique( *filter_config, context.drainDecision(), context.api().randomGenerator(), context.httpContext(), context.runtime(), context.localInfo(), context.clusterManager(), context.overloadManager(), context.dispatcher().timeSource()); // This factory creates a new ConnectionManagerImpl in the absence of its usual environment as // an L4 filter, so this factory needs to take a few actions. // When a new connection is creating its filter chain it hydrates the factory with a filter // manager which provides the ConnectionManager with its "read_callbacks". conn_manager->initializeReadFilterCallbacks(read_callbacks); // When the connection first calls onData on the ConnectionManager, the ConnectionManager // creates a codec. Here we force create a codec as onData will not be called. Buffer::OwnedImpl dummy; conn_manager->createCodec(dummy); return conn_manager; }; } } // namespace HttpConnectionManager } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/http_connection_manager/config.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/config/config_provider_manager.h" #include "envoy/config/core/v3/extension.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.h" #include "envoy/filter/http/filter_config_provider.h" #include "envoy/http/filter.h" #include "envoy/http/request_id_extension.h" #include "envoy/router/route_config_provider_manager.h" #include "envoy/tracing/http_tracer_manager.h" #include "common/common/logger.h" #include "common/http/conn_manager_impl.h" #include "common/http/date_provider_impl.h" #include "common/http/http1/codec_stats.h" #include "common/http/http2/codec_stats.h" #include "common/json/json_loader.h" #include "common/local_reply/local_reply.h" #include "common/router/rds_impl.h" #include "common/router/scoped_rds.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace HttpConnectionManager { /** * Config registration for the HTTP connection manager filter. @see NamedNetworkFilterConfigFactory. */ class HttpConnectionManagerFilterConfigFactory : Logger::Loggable, public Common::FactoryBase< envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager> { public: HttpConnectionManagerFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().HttpConnectionManager, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context) override; }; DECLARE_FACTORY(HttpConnectionManagerFilterConfigFactory); /** * Determines if an address is internal based on user provided config. */ class InternalAddressConfig : public Http::InternalAddressConfig { public: InternalAddressConfig(const envoy::extensions::filters::network::http_connection_manager::v3:: HttpConnectionManager::InternalAddressConfig& config); bool isInternalAddress(const Network::Address::Instance& address) const override { if (address.type() == Network::Address::Type::Pipe) { return unix_sockets_; } // TODO(snowp): Make internal subnets configurable. return Network::Utility::isInternalAddress(address); } private: const bool unix_sockets_; }; /** * Maps proto config to runtime config for an HTTP connection manager network filter. */ class HttpConnectionManagerConfig : Logger::Loggable, public Http::FilterChainFactory, public Http::ConnectionManagerConfig { public: HttpConnectionManagerConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& config, Server::Configuration::FactoryContext& context, Http::DateProvider& date_provider, Router::RouteConfigProviderManager& route_config_provider_manager, Config::ConfigProviderManager& scoped_routes_config_provider_manager, Tracing::HttpTracerManager& http_tracer_manager, Filter::Http::FilterConfigProviderManager& filter_config_provider_manager); // Http::FilterChainFactory void createFilterChain(Http::FilterChainFactoryCallbacks& callbacks) override; using FilterFactoriesList = std::list; struct FilterConfig { std::unique_ptr filter_factories; bool allow_upgrade; }; bool createUpgradeFilterChain(absl::string_view upgrade_type, const Http::FilterChainFactory::UpgradeMap* per_route_upgrade_map, Http::FilterChainFactoryCallbacks& callbacks) override; // Http::ConnectionManagerConfig Http::RequestIDExtensionSharedPtr requestIDExtension() override { return request_id_extension_; } const std::list& accessLogs() override { return access_logs_; } Http::ServerConnectionPtr createCodec(Network::Connection& connection, const Buffer::Instance& data, Http::ServerConnectionCallbacks& callbacks) override; Http::DateProvider& dateProvider() override { return date_provider_; } std::chrono::milliseconds drainTimeout() const override { return drain_timeout_; } FilterChainFactory& filterFactory() override { return *this; } bool generateRequestId() const override { return generate_request_id_; } bool preserveExternalRequestId() const override { return preserve_external_request_id_; } bool alwaysSetRequestIdInResponse() const override { return always_set_request_id_in_response_; } uint32_t maxRequestHeadersKb() const override { return max_request_headers_kb_; } uint32_t maxRequestHeadersCount() const override { return max_request_headers_count_; } absl::optional idleTimeout() const override { return idle_timeout_; } bool isRoutable() const override { return true; } absl::optional maxConnectionDuration() const override { return max_connection_duration_; } std::chrono::milliseconds streamIdleTimeout() const override { return stream_idle_timeout_; } std::chrono::milliseconds requestTimeout() const override { return request_timeout_; } absl::optional maxStreamDuration() const override { return max_stream_duration_; } Router::RouteConfigProvider* routeConfigProvider() override { return route_config_provider_.get(); } Config::ConfigProvider* scopedRouteConfigProvider() override { return scoped_routes_config_provider_.get(); } const std::string& serverName() const override { return server_name_; } HttpConnectionManagerProto::ServerHeaderTransformation serverHeaderTransformation() const override { return server_transformation_; } Http::ConnectionManagerStats& stats() override { return stats_; } Http::ConnectionManagerTracingStats& tracingStats() override { return tracing_stats_; } bool useRemoteAddress() const override { return use_remote_address_; } const Http::InternalAddressConfig& internalAddressConfig() const override { return *internal_address_config_; } uint32_t xffNumTrustedHops() const override { return xff_num_trusted_hops_; } bool skipXffAppend() const override { return skip_xff_append_; } const std::string& via() const override { return via_; } Http::ForwardClientCertType forwardClientCert() const override { return forward_client_cert_; } const std::vector& setCurrentClientCertDetails() const override { return set_current_client_cert_details_; } Tracing::HttpTracerSharedPtr tracer() override { return http_tracer_; } const Http::TracingConnectionManagerConfig* tracingConfig() override { return tracing_config_.get(); } const Network::Address::Instance& localAddress() override; const absl::optional& userAgent() override { return user_agent_; } Http::ConnectionManagerListenerStats& listenerStats() override { return listener_stats_; } bool proxy100Continue() const override { return proxy_100_continue_; } bool streamErrorOnInvalidHttpMessaging() const override { return stream_error_on_invalid_http_messaging_; } const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return normalize_path_; } bool shouldMergeSlashes() const override { return merge_slashes_; } bool shouldStripMatchingPort() const override { return strip_matching_port_; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const override { return headers_with_underscores_action_; } std::chrono::milliseconds delayedCloseTimeout() const override { return delayed_close_timeout_; } const LocalReply::LocalReply& localReply() const override { return *local_reply_; } private: enum class CodecType { HTTP1, HTTP2, HTTP3, AUTO }; void processFilter(const envoy::extensions::filters::network::http_connection_manager::v3::HttpFilter& proto_config, int i, absl::string_view prefix, FilterFactoriesList& filter_factories, const char* filter_chain_type, bool last_filter_in_current_config); void processDynamicFilterConfig(const std::string& name, const envoy::config::core::v3::ExtensionConfigSource& config_discovery, FilterFactoriesList& filter_factories, const char* filter_chain_type, bool last_filter_in_current_config); void createFilterChainForFactories(Http::FilterChainFactoryCallbacks& callbacks, const FilterFactoriesList& filter_factories); /** * Determines what tracing provider to use for a given * "envoy.filters.network.http_connection_manager" filter instance. */ const envoy::config::trace::v3::Tracing_Http* getPerFilterTracerConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& filter_config); Http::RequestIDExtensionSharedPtr request_id_extension_; Server::Configuration::FactoryContext& context_; FilterFactoriesList filter_factories_; std::map upgrade_filter_factories_; std::list access_logs_; const std::string stats_prefix_; Http::ConnectionManagerStats stats_; mutable Http::Http1::CodecStats::AtomicPtr http1_codec_stats_; mutable Http::Http2::CodecStats::AtomicPtr http2_codec_stats_; Http::ConnectionManagerTracingStats tracing_stats_; const bool use_remote_address_{}; const std::unique_ptr internal_address_config_; const uint32_t xff_num_trusted_hops_; const bool skip_xff_append_; const std::string via_; Http::ForwardClientCertType forward_client_cert_; std::vector set_current_client_cert_details_; Router::RouteConfigProviderManager& route_config_provider_manager_; Config::ConfigProviderManager& scoped_routes_config_provider_manager_; Filter::Http::FilterConfigProviderManager& filter_config_provider_manager_; CodecType codec_type_; envoy::config::core::v3::Http2ProtocolOptions http2_options_; const Http::Http1Settings http1_settings_; HttpConnectionManagerProto::ServerHeaderTransformation server_transformation_{ HttpConnectionManagerProto::OVERWRITE}; std::string server_name_; Tracing::HttpTracerSharedPtr http_tracer_{std::make_shared()}; Http::TracingConnectionManagerConfigPtr tracing_config_; absl::optional user_agent_; const uint32_t max_request_headers_kb_; const uint32_t max_request_headers_count_; absl::optional idle_timeout_; absl::optional max_connection_duration_; absl::optional max_stream_duration_; std::chrono::milliseconds stream_idle_timeout_; std::chrono::milliseconds request_timeout_; Router::RouteConfigProviderSharedPtr route_config_provider_; Config::ConfigProviderPtr scoped_routes_config_provider_; std::chrono::milliseconds drain_timeout_; bool generate_request_id_; const bool preserve_external_request_id_; const bool always_set_request_id_in_response_; Http::DateProvider& date_provider_; Http::ConnectionManagerListenerStats listener_stats_; const bool proxy_100_continue_; const bool stream_error_on_invalid_http_messaging_; std::chrono::milliseconds delayed_close_timeout_; const bool normalize_path_; const bool merge_slashes_; const bool strip_matching_port_; const envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; const LocalReply::LocalReplyPtr local_reply_; // Default idle timeout is 5 minutes if nothing is specified in the HCM config. static const uint64_t StreamIdleTimeoutMs = 5 * 60 * 1000; // request timeout is disabled by default static const uint64_t RequestTimeoutMs = 0; }; /** * Factory to create an HttpConnectionManager outside of a Network Filter Chain. */ class HttpConnectionManagerFactory { public: static std::function createHttpConnectionManagerFactoryFromProto( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context, Network::ReadFilterCallbacks& read_callbacks); }; /** * Utility class for shared logic between HTTP connection manager factories. */ class Utility { public: struct Singletons { std::shared_ptr date_provider_; Router::RouteConfigProviderManagerSharedPtr route_config_provider_manager_; Router::ScopedRoutesConfigProviderManagerSharedPtr scoped_routes_config_provider_manager_; Tracing::HttpTracerManagerSharedPtr http_tracer_manager_; std::shared_ptr filter_config_provider_manager_; }; /** * Create/get singletons needed for config creation. * * @param context supplies the context used to create the singletons. * @return Singletons struct containing all the singletons. */ static Singletons createSingletons(Server::Configuration::FactoryContext& context); /** * Create the HttpConnectionManagerConfig. * * @param proto_config supplies the config to install. * @param context supplies the context used to create the config. * @param date_provider the singleton used in config creation. * @param route_config_provider_manager the singleton used in config creation. * @param scoped_routes_config_provider_manager the singleton used in config creation. * @return a shared_ptr to the created config object. */ static std::shared_ptr createConfig( const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& proto_config, Server::Configuration::FactoryContext& context, Http::DateProvider& date_provider, Router::RouteConfigProviderManager& route_config_provider_manager, Config::ConfigProviderManager& scoped_routes_config_provider_manager, Tracing::HttpTracerManager& http_tracer_manager, Filter::Http::FilterConfigProviderManager& filter_config_provider_manager); }; } // namespace HttpConnectionManager } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) load("@rules_python//python:defs.bzl", "py_binary", "py_library") load("@kafka_pip3//:requirements.bzl", "requirement") licenses(["notice"]) # Apache 2 # Kafka network filter. # Broker filter public docs: docs/root/configuration/network_filters/kafka_broker_filter.rst envoy_extension_package() envoy_cc_extension( name = "kafka_broker_config_lib", srcs = ["broker/config.cc"], hdrs = ["broker/config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "wip", deps = [ ":kafka_broker_filter_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/kafka_broker/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "kafka_broker_filter_lib", srcs = ["broker/filter.cc"], hdrs = [ "broker/filter.h", "external/request_metrics.h", "external/response_metrics.h", ], deps = [ ":kafka_request_codec_lib", ":kafka_response_codec_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "abstract_codec_lib", srcs = [], hdrs = [ "codec.h", ], deps = [ "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "kafka_request_codec_lib", srcs = ["request_codec.cc"], hdrs = [ "request_codec.h", ], deps = [ ":abstract_codec_lib", ":kafka_request_parser_lib", ], ) envoy_cc_library( name = "kafka_request_parser_lib", srcs = [ "external/kafka_request_resolver.cc", "kafka_request_parser.cc", ], hdrs = [ "external/requests.h", "kafka_request_parser.h", ], deps = [ ":kafka_request_lib", ":parser_lib", ":tagged_fields_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "kafka_request_lib", srcs = [ ], hdrs = [ "kafka_request.h", ], deps = [ ":serialization_lib", ":tagged_fields_lib", ], ) genrule( name = "kafka_request_generated_source", srcs = [ "@kafka_source//:request_protocol_files", ], outs = [ "external/requests.h", "external/kafka_request_resolver.cc", "external/request_metrics.h", ], cmd = """ ./$(location :kafka_protocol_code_generator_bin) request \ $(location external/requests.h) $(location external/kafka_request_resolver.cc) \ $(location external/request_metrics.h) $(SRCS) """, tools = [ ":kafka_protocol_code_generator_bin", ], ) envoy_cc_library( name = "kafka_response_codec_lib", srcs = ["response_codec.cc"], hdrs = [ "response_codec.h", ], deps = [ ":abstract_codec_lib", ":kafka_response_parser_lib", ], ) envoy_cc_library( name = "kafka_response_parser_lib", srcs = [ "external/kafka_response_resolver.cc", "kafka_response_parser.cc", ], hdrs = [ "external/responses.h", "kafka_response_parser.h", ], deps = [ ":kafka_response_lib", ":parser_lib", ":tagged_fields_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "kafka_response_lib", srcs = [ ], hdrs = [ "kafka_response.h", ], deps = [ ":serialization_lib", ":tagged_fields_lib", ], ) genrule( name = "kafka_response_generated_source", srcs = [ "@kafka_source//:response_protocol_files", ], outs = [ "external/responses.h", "external/kafka_response_resolver.cc", "external/response_metrics.h", ], cmd = """ ./$(location :kafka_protocol_code_generator_bin) response \ $(location external/responses.h) $(location external/kafka_response_resolver.cc) \ $(location external/response_metrics.h) $(SRCS) """, tools = [ ":kafka_protocol_code_generator_bin", ], ) py_binary( name = "kafka_protocol_code_generator_bin", srcs = ["protocol/launcher.py"], data = glob(["protocol/*.j2"]), main = "protocol/launcher.py", deps = [ ":kafka_protocol_generator_lib", requirement("Jinja2"), requirement("MarkupSafe"), ], ) py_library( name = "kafka_protocol_generator_lib", srcs = ["protocol/generator.py"], ) envoy_cc_library( name = "parser_lib", hdrs = ["parser.h"], deps = [ "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "tagged_fields_lib", hdrs = ["tagged_fields.h"], deps = [":serialization_lib"], ) envoy_cc_library( name = "serialization_lib", srcs = [ "serialization.cc", ], hdrs = [ "external/serialization_composite.h", "serialization.h", ], deps = [ ":kafka_types_lib", "//include/envoy/buffer:buffer_interface", "//source/common/common:byte_order_lib", ], ) genrule( name = "serialization_composite_generated_source", srcs = [], outs = [ "external/serialization_composite.h", ], cmd = """ ./$(location :serialization_composite_code_generator_bin) \ $(location external/serialization_composite.h) """, tools = [ ":serialization_composite_code_generator_bin", ], ) py_binary( name = "serialization_composite_code_generator_bin", srcs = ["serialization/launcher.py"], data = glob(["serialization/*.j2"]), main = "serialization/launcher.py", deps = [ ":serialization_composite_generator_lib", requirement("Jinja2"), requirement("MarkupSafe"), ], ) py_library( name = "serialization_composite_generator_lib", srcs = ["serialization/generator.py"], ) envoy_cc_library( name = "kafka_types_lib", hdrs = [ "kafka_types.h", ], external_deps = ["abseil_optional"], deps = [ "//source/common/common:macros", ], ) ================================================ FILE: source/extensions/filters/network/kafka/broker/config.cc ================================================ #include "extensions/filters/network/kafka/broker/config.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" #include "extensions/filters/network/kafka/broker/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { namespace Broker { Network::FilterFactoryCb KafkaConfigFactory::createFilterFactoryFromProtoTyped( const KafkaBrokerProtoConfig& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); const std::string& stat_prefix = proto_config.stat_prefix(); return [&context, stat_prefix](Network::FilterManager& filter_manager) -> void { Network::FilterSharedPtr filter = std::make_shared(context.scope(), context.timeSource(), stat_prefix); filter_manager.addFilter(filter); }; } /** * Static registration for the Kafka filter. @see RegisterFactory. */ REGISTER_FACTORY(KafkaConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace Broker } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/broker/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.pb.h" #include "envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { namespace Broker { using KafkaBrokerProtoConfig = envoy::extensions::filters::network::kafka_broker::v3::KafkaBroker; /** * Config registration for the Kafka filter. */ class KafkaConfigFactory : public Common::FactoryBase { public: KafkaConfigFactory() : FactoryBase(NetworkFilterNames::get().KafkaBroker) {} private: // Common::FactoryBase Network::FilterFactoryCb createFilterFactoryFromProtoTyped(const KafkaBrokerProtoConfig& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace Broker } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/broker/filter.cc ================================================ #include "extensions/filters/network/kafka/broker/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { namespace Broker { void Forwarder::onMessage(AbstractRequestSharedPtr request) { const RequestHeader& header = request->request_header_; response_decoder_.expectResponse(header.correlation_id_, header.api_key_, header.api_version_); } void Forwarder::onFailedParse(RequestParseFailureSharedPtr parse_failure) { const RequestHeader& header = parse_failure->request_header_; response_decoder_.expectResponse(header.correlation_id_, header.api_key_, header.api_version_); } // Nothing fancy here, proper metrics registration is left to Rich...MetricsImpl constructors. KafkaMetricsFacadeImpl::KafkaMetricsFacadeImpl(Stats::Scope& scope, TimeSource& time_source, const std::string& stat_prefix) : KafkaMetricsFacadeImpl{time_source, std::make_shared(scope, stat_prefix), std::make_shared(scope, stat_prefix)} {}; KafkaMetricsFacadeImpl::KafkaMetricsFacadeImpl(TimeSource& time_source, RichRequestMetricsSharedPtr request_metrics, RichResponseMetricsSharedPtr response_metrics) : time_source_{time_source}, request_metrics_{request_metrics}, response_metrics_{ response_metrics} {}; // When request is successfully parsed, increase type count and store its arrival timestamp. void KafkaMetricsFacadeImpl::onMessage(AbstractRequestSharedPtr request) { const RequestHeader& header = request->request_header_; request_metrics_->onRequest(header.api_key_); const MonotonicTime request_arrival_ts = time_source_.monotonicTime(); request_arrivals_[header.correlation_id_] = request_arrival_ts; } void KafkaMetricsFacadeImpl::onFailedParse(RequestParseFailureSharedPtr) { request_metrics_->onUnknownRequest(); } void KafkaMetricsFacadeImpl::onRequestException() { request_metrics_->onBrokenRequest(); } // When response is successfully parsed, compute processing time using its correlation id and // stored request arrival timestamp, then update metrics with the result. void KafkaMetricsFacadeImpl::onMessage(AbstractResponseSharedPtr response) { const ResponseMetadata& metadata = response->metadata_; const MonotonicTime response_arrival_ts = time_source_.monotonicTime(); const MonotonicTime request_arrival_ts = request_arrivals_[metadata.correlation_id_]; request_arrivals_.erase(metadata.correlation_id_); const MonotonicTime::duration time_in_broker = response_arrival_ts - request_arrival_ts; const auto ms = std::chrono::duration_cast(time_in_broker); response_metrics_->onResponse(metadata.api_key_, ms.count()); } void KafkaMetricsFacadeImpl::onFailedParse(ResponseMetadataSharedPtr) { response_metrics_->onUnknownResponse(); } void KafkaMetricsFacadeImpl::onResponseException() { response_metrics_->onBrokenResponse(); } absl::flat_hash_map& KafkaMetricsFacadeImpl::getRequestArrivalsForTest() { return request_arrivals_; } KafkaBrokerFilter::KafkaBrokerFilter(Stats::Scope& scope, TimeSource& time_source, const std::string& stat_prefix) : KafkaBrokerFilter{ std::make_shared(scope, time_source, stat_prefix)} {}; KafkaBrokerFilter::KafkaBrokerFilter(const KafkaMetricsFacadeSharedPtr& metrics) : metrics_{metrics}, response_decoder_{new ResponseDecoder({metrics})}, request_decoder_{ new RequestDecoder({std::make_shared(*response_decoder_), metrics})} {}; KafkaBrokerFilter::KafkaBrokerFilter(KafkaMetricsFacadeSharedPtr metrics, ResponseDecoderSharedPtr response_decoder, RequestDecoderSharedPtr request_decoder) : metrics_{metrics}, response_decoder_{response_decoder}, request_decoder_{request_decoder} {}; Network::FilterStatus KafkaBrokerFilter::onNewConnection() { return Network::FilterStatus::Continue; } void KafkaBrokerFilter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks&) {} Network::FilterStatus KafkaBrokerFilter::onData(Buffer::Instance& data, bool) { ENVOY_LOG(trace, "data from Kafka client [{} request bytes]", data.length()); try { request_decoder_->onData(data); return Network::FilterStatus::Continue; } catch (const EnvoyException& e) { ENVOY_LOG(debug, "could not process data from Kafka client: {}", e.what()); metrics_->onRequestException(); request_decoder_->reset(); return Network::FilterStatus::StopIteration; } } Network::FilterStatus KafkaBrokerFilter::onWrite(Buffer::Instance& data, bool) { ENVOY_LOG(trace, "data from Kafka broker [{} response bytes]", data.length()); try { response_decoder_->onData(data); return Network::FilterStatus::Continue; } catch (const EnvoyException& e) { ENVOY_LOG(debug, "could not process data from Kafka broker: {}", e.what()); metrics_->onResponseException(); response_decoder_->reset(); return Network::FilterStatus::StopIteration; } } RequestDecoderSharedPtr KafkaBrokerFilter::getRequestDecoderForTest() { return request_decoder_; } ResponseDecoderSharedPtr KafkaBrokerFilter::getResponseDecoderForTest() { return response_decoder_; } } // namespace Broker } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/broker/filter.h ================================================ #pragma once #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "common/common/logger.h" #include "extensions/filters/network/kafka/external/request_metrics.h" #include "extensions/filters/network/kafka/external/response_metrics.h" #include "extensions/filters/network/kafka/parser.h" #include "extensions/filters/network/kafka/request_codec.h" #include "extensions/filters/network/kafka/response_codec.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { namespace Broker { /** * Utility class that merges both request & response callbacks. */ class KafkaCallback : public RequestCallback, public ResponseCallback {}; using KafkaCallbackSharedPtr = std::shared_ptr; /** * Request callback responsible for updating state of related response decoder. * When a request gets successfully parsed, the response decoder registers a new incoming request. * When request could not be recognized, we can extract the header, so we can register the * expected response (decoder will not be able to capable of decoding the response, but at least we * will not break the communication between client and broker). */ class Forwarder : public RequestCallback { public: /** * Binds forwarder to given response decoder. */ Forwarder(ResponseDecoder& response_decoder) : response_decoder_{response_decoder} {}; // RequestCallback void onMessage(AbstractRequestSharedPtr request) override; void onFailedParse(RequestParseFailureSharedPtr parse_failure) override; private: ResponseDecoder& response_decoder_; }; /** * Single access point for all Kafka-related metrics. * Implements Kafka message callback, so decoders can refer to it when parse results appear. * This interface was extracted to facilitate mock injection in unit tests. */ class KafkaMetricsFacade : public KafkaCallback { public: /** * To be invoked when exceptions occur while processing a request. */ virtual void onRequestException() PURE; /** * To be invoked when exceptions occur while processing a response. */ virtual void onResponseException() PURE; }; using KafkaMetricsFacadeSharedPtr = std::shared_ptr; /** * Metrics facade implementation that actually uses rich request/response metrics. * Keeps requests' arrival timestamps (by correlation id) and uses them calculate response * processing time. */ class KafkaMetricsFacadeImpl : public KafkaMetricsFacade { public: /** * Creates facade that keeps prefixed metrics in given scope, and uses given time source to * compute processing durations. */ KafkaMetricsFacadeImpl(Stats::Scope& scope, TimeSource& time_source, const std::string& stat_prefix); /** * Visible for testing. */ KafkaMetricsFacadeImpl(TimeSource& time_source, RichRequestMetricsSharedPtr request_metrics, RichResponseMetricsSharedPtr response_metrics); // RequestCallback void onMessage(AbstractRequestSharedPtr request) override; void onFailedParse(RequestParseFailureSharedPtr parse_failure) override; // ResponseCallback void onMessage(AbstractResponseSharedPtr response) override; void onFailedParse(ResponseMetadataSharedPtr parse_failure) override; // KafkaMetricsFacade void onRequestException() override; void onResponseException() override; absl::flat_hash_map& getRequestArrivalsForTest(); private: TimeSource& time_source_; absl::flat_hash_map request_arrivals_; RichRequestMetricsSharedPtr request_metrics_; RichResponseMetricsSharedPtr response_metrics_; }; /** * Implementation of Kafka broker-level filter. * Uses two decoders - request and response ones, that are connected using Forwarder instance. * There's also a KafkaMetricsFacade, that is listening on codec events. * * +---------------------------------------------------+ * | | * | +--------------+ | * | +---------->+RequestDecoder+----------------+ | * | | +-------+------+ | | * | | | | | * | | | | | * | | v v v * +------+---+------+ +----+----+ +---------+---+----+ * |KafkaBrokerFilter| |Forwarder| |KafkaMetricsFacade| * +----------+------+ +----+----+ +---------+--------+ * | | ^ * | | | * | v | * | +-------+-------+ | * +---------->+ResponseDecoder+---------------+ * +---------------+ */ class KafkaBrokerFilter : public Network::Filter, private Logger::Loggable { public: /** * Main constructor. * Creates decoders that eventually update prefixed metrics stored in scope, using time source for * duration calculation. */ KafkaBrokerFilter(Stats::Scope& scope, TimeSource& time_source, const std::string& stat_prefix); /** * Visible for testing. */ KafkaBrokerFilter(KafkaMetricsFacadeSharedPtr metrics, ResponseDecoderSharedPtr response_decoder, RequestDecoderSharedPtr request_decoder); // Network::ReadFilter Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; // Network::WriteFilter Network::FilterStatus onWrite(Buffer::Instance& data, bool end_stream) override; RequestDecoderSharedPtr getRequestDecoderForTest(); ResponseDecoderSharedPtr getResponseDecoderForTest(); private: /** * Helper delegate constructor. * Passes metrics facade as argument to decoders. */ KafkaBrokerFilter(const KafkaMetricsFacadeSharedPtr& metrics); const KafkaMetricsFacadeSharedPtr metrics_; const ResponseDecoderSharedPtr response_decoder_; const RequestDecoderSharedPtr request_decoder_; }; } // namespace Broker } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/codec.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "absl/container/fixed_array.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Kafka message decoder. */ class MessageDecoder { public: virtual ~MessageDecoder() = default; /** * Processes given buffer attempting to decode messages contained within. * @param data buffer instance. */ virtual void onData(Buffer::Instance& data) PURE; }; template class MessageCallback { public: virtual ~MessageCallback() = default; /** * Callback method invoked when message is successfully decoded. * @param message message that has been decoded. */ virtual void onMessage(MessageType message) PURE; /** * Callback method invoked when message could not be decoded. * Invoked after all message's bytes have been consumed. */ virtual void onFailedParse(ParseFailureType failure_data) PURE; }; /** * Abstract message decoder, that resolves messages from Buffer instances provided. * When the message has been parsed, notify the callbacks. */ template class AbstractMessageDecoder : public MessageDecoder { public: ~AbstractMessageDecoder() override = default; /** * Creates a decoder that will invoke given callbacks when a message has been parsed. * @param callbacks callbacks to be invoked (in order). */ AbstractMessageDecoder(const std::vector callbacks) : callbacks_{callbacks} {}; /** * Consumes all data present in a buffer. * If a message can be successfully parsed, then callbacks get notified with parsed response. * Updates decoder state. * Can throw if codec's state does not permit usage, or there there were parse failures. * Impl note: similar to redis codec, which also keeps state. */ void onData(Buffer::Instance& data) override { // Pass slices to `doParse`. for (const Buffer::RawSlice& slice : data.getRawSlices()) { doParse(slice); } } /** * Erases codec state. */ virtual void reset() { current_parser_ = nullptr; } ParserType getCurrentParserForTest() const { return current_parser_; } protected: /** * Create a start parser for a new message. */ virtual ParserType createStartParser() PURE; private: /** * Main parse loop. * * If there is data to process, and the current parser is not present, * create a new one with `createStartParser`. * Feed data to a current parser until it returns a parse result. * If the parse result is a parsed message, notify callbacks and reset current parser. * If the parse result is another parser, update current parser, and keep feeding. */ void doParse(const Buffer::RawSlice& slice) { const char* bytes = reinterpret_cast(slice.mem_); absl::string_view data = {bytes, slice.len_}; while (!data.empty()) { // Re-initialize the parser. if (!current_parser_) { current_parser_ = createStartParser(); } // Feed the data to the parser. auto result = current_parser_->parse(data); // This loop guarantees that parsers consuming 0 bytes also get processed in this invocation. while (result.hasData()) { if (!result.next_parser_) { // Next parser is not present, so we have finished parsing a message. // Depending on whether the parse was successful, invoke the correct callback. if (result.message_) { for (auto& callback : callbacks_) { callback->onMessage(result.message_); } } else { for (auto& callback : callbacks_) { callback->onFailedParse(result.failure_data_); } } // As we finished parsing this response, return to outer loop. // If there is more data, the parser will be re-initialized. current_parser_ = nullptr; break; } else { // The next parser that's supposed to consume the rest of payload was given. current_parser_ = result.next_parser_; } // Keep parsing the data. result = current_parser_->parse(data); } } } const std::vector callbacks_; ParserType current_parser_; }; /** * Kafka message encoder. * @param MessageType encoded message type (request or response). */ template class MessageEncoder { public: virtual ~MessageEncoder() = default; /** * Encodes given message. * @param message message to be encoded. */ virtual void encode(const MessageType& message) PURE; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_request.h ================================================ #pragma once #include "envoy/common/exception.h" #include "extensions/filters/network/kafka/external/serialization_composite.h" #include "extensions/filters/network/kafka/serialization.h" #include "extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Decides if request with given api key & version should have tagged fields in header. * This method gets implemented in generated code through 'kafka_request_resolver_cc.j2'. * @param api_key Kafka request key. * @param api_version Kafka request's version. * @return Whether tagged fields should be used for this request. */ bool requestUsesTaggedFieldsInHeader(const uint16_t api_key, const uint16_t api_version); /** * Represents fields that are present in every Kafka request message. * @see http://kafka.apache.org/protocol.html#protocol_messages */ struct RequestHeader { int16_t api_key_; int16_t api_version_; int32_t correlation_id_; NullableString client_id_; TaggedFields tagged_fields_; RequestHeader(const int16_t api_key, const int16_t api_version, const int32_t correlation_id, const NullableString& client_id) : RequestHeader{api_key, api_version, correlation_id, client_id, TaggedFields{}} {}; RequestHeader(const int16_t api_key, const int16_t api_version, const int32_t correlation_id, const NullableString& client_id, const TaggedFields& tagged_fields) : api_key_{api_key}, api_version_{api_version}, correlation_id_{correlation_id}, client_id_{client_id}, tagged_fields_{tagged_fields} {}; uint32_t computeSize(const EncodingContext& context) const { uint32_t result{0}; result += context.computeSize(api_key_); result += context.computeSize(api_version_); result += context.computeSize(correlation_id_); result += context.computeSize(client_id_); if (requestUsesTaggedFieldsInHeader(api_key_, api_version_)) { result += context.computeCompactSize(tagged_fields_); } return result; } uint32_t encode(Buffer::Instance& dst, EncodingContext& context) const { uint32_t written{0}; written += context.encode(api_key_, dst); written += context.encode(api_version_, dst); written += context.encode(correlation_id_, dst); written += context.encode(client_id_, dst); if (requestUsesTaggedFieldsInHeader(api_key_, api_version_)) { written += context.encodeCompact(tagged_fields_, dst); } return written; } bool operator==(const RequestHeader& rhs) const { return api_key_ == rhs.api_key_ && api_version_ == rhs.api_version_ && correlation_id_ == rhs.correlation_id_ && client_id_ == rhs.client_id_ && tagged_fields_ == rhs.tagged_fields_; }; }; /** * Carries information that could be extracted during the failed parse. */ class RequestParseFailure { public: RequestParseFailure(const RequestHeader& request_header) : request_header_{request_header} {}; /** * Request's header. */ const RequestHeader request_header_; }; using RequestParseFailureSharedPtr = std::shared_ptr; /** * Abstract Kafka request. * Contains data present in every request (the header with request key, version, etc.). * @see http://kafka.apache.org/protocol.html#protocol_messages */ class AbstractRequest { public: virtual ~AbstractRequest() = default; /** * Constructs a request with given header data. * @param request_header request's header. */ AbstractRequest(const RequestHeader& request_header) : request_header_{request_header} {}; /** * Computes the size of this request, if it were to be serialized. * @return serialized size of request */ virtual uint32_t computeSize() const PURE; /** * Encode the contents of this request into a given buffer. * @param dst buffer instance to keep serialized message */ virtual uint32_t encode(Buffer::Instance& dst) const PURE; /** * Request's header. */ const RequestHeader request_header_; }; using AbstractRequestSharedPtr = std::shared_ptr; /** * Concrete request that carries data particular to given request type. * @param Data concrete request data type. */ template class Request : public AbstractRequest { public: /** * Request header fields need to be initialized by user in case of newly created requests. */ Request(const RequestHeader& request_header, const Data& data) : AbstractRequest{request_header}, data_{data} {}; /** * Compute the size of request, which includes both the request header and its real data. */ uint32_t computeSize() const override { const EncodingContext context{request_header_.api_version_}; uint32_t result{0}; // Compute size of header. result += context.computeSize(request_header_); // Compute size of request data. result += context.computeSize(data_); return result; } /** * Encodes given request into a buffer, with any extra configuration carried by the context. */ uint32_t encode(Buffer::Instance& dst) const override { EncodingContext context{request_header_.api_version_}; uint32_t written{0}; // Encode request header. written += context.encode(request_header_, dst); // Encode request-specific data. written += context.encode(data_, dst); return written; } bool operator==(const Request& rhs) const { return request_header_ == rhs.request_header_ && data_ == rhs.data_; }; private: const Data data_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_request_parser.cc ================================================ #include "extensions/filters/network/kafka/kafka_request_parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { const RequestParserResolver& RequestParserResolver::getDefaultInstance() { CONSTRUCT_ON_FIRST_USE(RequestParserResolver); } RequestParseResponse RequestStartParser::parse(absl::string_view& data) { request_length_.feed(data); if (request_length_.ready()) { context_->remaining_request_size_ = request_length_.get(); return RequestParseResponse::nextParser( std::make_shared(parser_resolver_, context_)); } else { return RequestParseResponse::stillWaiting(); } } uint32_t RequestHeaderDeserializer::feed(absl::string_view& data) { uint32_t consumed = 0; consumed += common_part_deserializer_.feed(data); if (common_part_deserializer_.ready()) { const auto request_header = common_part_deserializer_.get(); if (requestUsesTaggedFieldsInHeader(request_header.api_key_, request_header.api_version_)) { tagged_fields_present_ = true; consumed += tagged_fields_deserializer_.feed(data); } } return consumed; } bool RequestHeaderDeserializer::ready() const { // Header is only fully parsed after we have processed everything, including tagged fields (if // they are present). return common_part_deserializer_.ready() && (tagged_fields_present_ ? tagged_fields_deserializer_.ready() : true); } RequestHeader RequestHeaderDeserializer::get() const { auto result = common_part_deserializer_.get(); if (tagged_fields_present_) { result.tagged_fields_ = tagged_fields_deserializer_.get(); } return result; } RequestParseResponse RequestHeaderParser::parse(absl::string_view& data) { context_->remaining_request_size_ -= deserializer_->feed(data); // One of the two needs must have happened when feeding finishes: // - deserializer has consumed all the bytes it needed, // - or all the data has been consumed (but deserializer might still need data to be ready). ASSERT(deserializer_->ready() || data.empty()); if (deserializer_->ready()) { RequestHeader request_header = deserializer_->get(); context_->request_header_ = request_header; RequestParserSharedPtr next_parser = parser_resolver_.createParser( request_header.api_key_, request_header.api_version_, context_); return RequestParseResponse::nextParser(next_parser); } else { return RequestParseResponse::stillWaiting(); } } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_request_parser.h ================================================ #pragma once #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "extensions/filters/network/kafka/kafka_request.h" #include "extensions/filters/network/kafka/parser.h" #include "extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { using RequestParseResponse = ParseResponse; using RequestParser = Parser; using RequestParserSharedPtr = std::shared_ptr; /** * Context that is shared between parsers that are handling the same single message. */ struct RequestContext { /** * Bytes left to consume. */ uint32_t remaining_request_size_{0}; /** * Request header that gets filled in during the parse. */ RequestHeader request_header_{-1, -1, -1, absl::nullopt}; /** * Bytes left to consume. */ uint32_t& remaining() { return remaining_request_size_; } /** * Returns data needed for construction of parse failure message. */ const RequestHeader asFailureData() const { return request_header_; } }; using RequestContextSharedPtr = std::shared_ptr; /** * Request decoder configuration object. * Resolves the parser that will be responsible for consuming the request-specific data. * In other words: provides (api_key, api_version) -> Parser function. */ class RequestParserResolver { public: virtual ~RequestParserResolver() = default; /** * Creates a parser that is going to process data specific for given api_key & api_version. * @param api_key request type. * @param api_version request version. * @param context context to be used by parser. * @return parser that is capable of processing data for given request type & version. */ virtual RequestParserSharedPtr createParser(int16_t api_key, int16_t api_version, RequestContextSharedPtr context) const; /** * Return default resolver, that uses request's api key and version to provide a matching parser. */ static const RequestParserResolver& getDefaultInstance(); }; /** * Request parser responsible for consuming request length and setting up context with this data. * @see http://kafka.apache.org/protocol.html#protocol_common */ class RequestStartParser : public RequestParser { public: RequestStartParser(const RequestParserResolver& parser_resolver) : parser_resolver_{parser_resolver}, context_{std::make_shared()} {}; /** * Consumes 4 bytes (INT32) as request length and updates the context with that value. * @return RequestHeaderParser instance to process request header. */ RequestParseResponse parse(absl::string_view& data) override; const RequestContextSharedPtr contextForTest() const { return context_; } private: const RequestParserResolver& parser_resolver_; const RequestContextSharedPtr context_; Int32Deserializer request_length_; }; /** * Deserializer that extracts request header (4 fields). * Can throw, as one of the fields (client-id) can throw (nullable string with invalid length). * @see http://kafka.apache.org/protocol.html#protocol_messages */ class RequestHeaderDeserializer : public Deserializer, private Logger::Loggable { // Request header, no matter what, has at least 4 fields. They are extracted here. using CommonPartDeserializer = CompositeDeserializerWith4Delegates; public: RequestHeaderDeserializer() = default; uint32_t feed(absl::string_view& data) override; bool ready() const override; RequestHeader get() const override; private: // Deserializer for the first 4 fields, that are present in every request header. CommonPartDeserializer common_part_deserializer_; // Tagged fields are used only in request header v2. // This flag will be set depending on common part's result (api key & version), and will decide // whether we want to feed data to tagged fields deserializer. bool tagged_fields_present_; TaggedFieldsDeserializer tagged_fields_deserializer_; }; using RequestHeaderDeserializerPtr = std::unique_ptr; /** * Parser responsible for extracting the request header and putting it into context. * On a successful parse the resolved data (api_key & api_version) is used to determine the next * parser. * @see http://kafka.apache.org/protocol.html#protocol_messages */ class RequestHeaderParser : public RequestParser { public: // Default constructor. RequestHeaderParser(const RequestParserResolver& parser_resolver, RequestContextSharedPtr context) : RequestHeaderParser{parser_resolver, context, std::make_unique()} {}; // Constructor visible for testing (allows for initial parser injection). RequestHeaderParser(const RequestParserResolver& parser_resolver, RequestContextSharedPtr context, RequestHeaderDeserializerPtr deserializer) : parser_resolver_{parser_resolver}, context_{context}, deserializer_{ std::move(deserializer)} {}; /** * Uses data provided to compute request header. * @return Parser instance responsible for processing rest of the message */ RequestParseResponse parse(absl::string_view& data) override; const RequestContextSharedPtr contextForTest() const { return context_; } private: const RequestParserResolver& parser_resolver_; const RequestContextSharedPtr context_; RequestHeaderDeserializerPtr deserializer_; }; /** * Sentinel parser that is responsible for consuming message bytes for messages that had unsupported * api_key & api_version. It does not attempt to capture any data, just throws it away until end of * message. */ class SentinelParser : public AbstractSentinelParser, public RequestParser { public: SentinelParser(RequestContextSharedPtr context) : AbstractSentinelParser{context} {}; RequestParseResponse parse(absl::string_view& data) override { return AbstractSentinelParser::parse(data); } }; /** * Request parser uses a single deserializer to construct a request object. * This parser is responsible for consuming request-specific data (e.g. topic names) and always * returns a parsed message. * @param RequestType request class. * @param DeserializerType deserializer type corresponding to request class (should be subclass of * Deserializer). */ template class RequestDataParser : public RequestParser { public: /** * Create a parser with given context. * @param context parse context containing request header. */ RequestDataParser(RequestContextSharedPtr context) : context_{context} {}; /** * Consume enough data to fill in deserializer and receive the parsed request. * Fill in request's header with data stored in context. */ RequestParseResponse parse(absl::string_view& data) override { context_->remaining_request_size_ -= deserializer.feed(data); if (deserializer.ready()) { if (0 == context_->remaining_request_size_) { // After a successful parse, there should be nothing left - we have consumed all the bytes. AbstractRequestSharedPtr msg = std::make_shared>(context_->request_header_, deserializer.get()); return RequestParseResponse::parsedMessage(msg); } else { // The message makes no sense, the deserializer that matches the schema consumed all // necessary data, but there are still bytes in this message. return RequestParseResponse::nextParser(std::make_shared(context_)); } } else { return RequestParseResponse::stillWaiting(); } } const RequestContextSharedPtr contextForTest() const { return context_; } protected: RequestContextSharedPtr context_; DeserializerType deserializer; // underlying request-specific deserializer }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_response.h ================================================ #pragma once #include "extensions/filters/network/kafka/external/serialization_composite.h" #include "extensions/filters/network/kafka/serialization.h" #include "extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Decides if response with given api key & version should have tagged fields in header. * Bear in mind, that ApiVersions responses DO NOT contain tagged fields in header (despite having * flexible versions) as per * https://github.com/apache/kafka/blob/2.4.0/clients/src/main/resources/common/message/ApiVersionsResponse.json#L24 * This method gets implemented in generated code through 'kafka_response_resolver_cc.j2'. * * @param api_key Kafka request key. * @param api_version Kafka request's version. * @return Whether tagged fields should be used for this request. */ bool responseUsesTaggedFieldsInHeader(const uint16_t api_key, const uint16_t api_version); /** * Represents Kafka response metadata: expected api key, version and correlation id. * @see http://kafka.apache.org/protocol.html#protocol_messages */ struct ResponseMetadata { ResponseMetadata(const int16_t api_key, const int16_t api_version, const int32_t correlation_id) : ResponseMetadata{api_key, api_version, correlation_id, TaggedFields{}} {}; ResponseMetadata(const int16_t api_key, const int16_t api_version, const int32_t correlation_id, const TaggedFields& tagged_fields) : api_key_{api_key}, api_version_{api_version}, correlation_id_{correlation_id}, tagged_fields_{tagged_fields} {}; uint32_t computeSize(const EncodingContext& context) const { uint32_t result{0}; result += context.computeSize(correlation_id_); if (responseUsesTaggedFieldsInHeader(api_key_, api_version_)) { result += context.computeCompactSize(tagged_fields_); } return result; } uint32_t encode(Buffer::Instance& dst, EncodingContext& context) const { uint32_t written{0}; // Encode correlation id (api key / version are not present in responses). written += context.encode(correlation_id_, dst); if (responseUsesTaggedFieldsInHeader(api_key_, api_version_)) { written += context.encodeCompact(tagged_fields_, dst); } return written; } bool operator==(const ResponseMetadata& rhs) const { return api_key_ == rhs.api_key_ && api_version_ == rhs.api_version_ && correlation_id_ == rhs.correlation_id_ && tagged_fields_ == rhs.tagged_fields_; }; const int16_t api_key_; const int16_t api_version_; const int32_t correlation_id_; const TaggedFields tagged_fields_; }; using ResponseMetadataSharedPtr = std::shared_ptr; /** * Abstract response object, carrying data related to every response. * @see http://kafka.apache.org/protocol.html#protocol_messages */ class AbstractResponse { public: virtual ~AbstractResponse() = default; /** * Constructs a request with given metadata. * @param metadata response metadata. */ AbstractResponse(const ResponseMetadata& metadata) : metadata_{metadata} {}; /** * Computes the size of this response, if it were to be serialized. * @return serialized size of response. */ virtual uint32_t computeSize() const PURE; /** * Encode the contents of this response into a given buffer. * @param dst buffer instance to keep serialized message. */ virtual uint32_t encode(Buffer::Instance& dst) const PURE; /** * Response's metadata. */ const ResponseMetadata metadata_; }; using AbstractResponseSharedPtr = std::shared_ptr; /** * Concrete response that carries data particular to given response type. * @param Data concrete response data type. */ template class Response : public AbstractResponse { public: Response(const ResponseMetadata& metadata, const Data& data) : AbstractResponse{metadata}, data_{data} {}; /** * Compute the size of response, which includes both the response header (correlation id) and * real data. */ uint32_t computeSize() const override { const EncodingContext context{metadata_.api_version_}; uint32_t result{0}; // Compute size of header. result += context.computeSize(metadata_); // Compute size of response data. result += context.computeSize(data_); return result; } /** * Encodes given response into a buffer, with any extra configuration carried by the context. */ uint32_t encode(Buffer::Instance& dst) const override { EncodingContext context{metadata_.api_version_}; uint32_t written{0}; // Encode response header. written += context.encode(metadata_, dst); // Encode response-specific data. written += context.encode(data_, dst); return written; } bool operator==(const Response& rhs) const { return metadata_ == rhs.metadata_ && data_ == rhs.data_; }; private: const Data data_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_response_parser.cc ================================================ #include "extensions/filters/network/kafka/kafka_response_parser.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { const ResponseParserResolver& ResponseParserResolver::getDefaultInstance() { CONSTRUCT_ON_FIRST_USE(ResponseParserResolver); } ResponseParseResponse ResponseHeaderParser::parse(absl::string_view& data) { length_deserializer_.feed(data); if (!length_deserializer_.ready()) { return ResponseParseResponse::stillWaiting(); } correlation_id_deserializer_.feed(data); if (!correlation_id_deserializer_.ready()) { return ResponseParseResponse::stillWaiting(); } if (!context_->api_info_set_) { // We have consumed first two response header fields: payload length and correlation id. context_->remaining_response_size_ = length_deserializer_.get(); context_->remaining_response_size_ -= sizeof(context_->correlation_id_); context_->correlation_id_ = correlation_id_deserializer_.get(); // We have correlation id now, so we can see what is the expected response api key & version. const ExpectedResponseSpec spec = getResponseSpec(context_->correlation_id_); context_->api_key_ = spec.first; context_->api_version_ = spec.second; // Mark that version data has been set, so we do not attempt to re-initialize again. context_->api_info_set_ = true; } // Depending on response's api key & version, we might need to parse tagged fields element. if (responseUsesTaggedFieldsInHeader(context_->api_key_, context_->api_version_)) { context_->remaining_response_size_ -= tagged_fields_deserializer_.feed(data); if (tagged_fields_deserializer_.ready()) { context_->tagged_fields_ = tagged_fields_deserializer_.get(); } else { return ResponseParseResponse::stillWaiting(); } } // At this stage, we have fully setup the context - we know the response's api key & version, // so we can safely create the payload parser. auto next_parser = parser_resolver_.createParser(context_); return ResponseParseResponse::nextParser(next_parser); } ExpectedResponseSpec ResponseHeaderParser::getResponseSpec(const int32_t correlation_id) { const auto it = expected_responses_->find(correlation_id); if (it != expected_responses_->end()) { const auto spec = it->second; expected_responses_->erase(it); return spec; } else { // Response data should always be present in expected responses before response is to be parsed. throw EnvoyException( absl::StrCat("no response metadata registered for correlation_id ", correlation_id)); } }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_response_parser.h ================================================ #pragma once #include #include #include "extensions/filters/network/kafka/kafka_response.h" #include "extensions/filters/network/kafka/parser.h" #include "extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { using ResponseParseResponse = ParseResponse; using ResponseParser = Parser; using ResponseParserSharedPtr = std::shared_ptr; /** * Context that is shared between parsers that are handling the same single message. */ struct ResponseContext { /** * Whether the 'api_key_' & 'api_version_' fields have been initialized. */ bool api_info_set_ = false; /** * Api key of response that's being parsed. */ int16_t api_key_; /** * Api version of response that's being parsed. */ int16_t api_version_; /** * Bytes left to process. */ uint32_t remaining_response_size_; /** * Response's correlation id. */ int32_t correlation_id_; /** * Response's tagged fields. */ TaggedFields tagged_fields_; /** * Bytes left to consume. */ uint32_t& remaining() { return remaining_response_size_; } /** * Returns data needed for construction of parse failure message. */ const ResponseMetadata asFailureData() const { return {api_key_, api_version_, correlation_id_, tagged_fields_}; } }; using ResponseContextSharedPtr = std::shared_ptr; // Helper container for response api key & version. using ExpectedResponseSpec = std::pair; // Response metadata store (maps from correlation id to api key & version). using ExpectedResponses = std::map; using ExpectedResponsesSharedPtr = std::shared_ptr; /** * Response decoder configuration object. * Resolves the parser that will be responsible for consuming the response. * In other words: provides (api_key, api_version) -> Parser function. */ class ResponseParserResolver { public: virtual ~ResponseParserResolver() = default; /** * Creates a parser that is going to process data specific for given response. * @param metadata expected response metadata. * @return parser that is capable of processing response. */ virtual ResponseParserSharedPtr createParser(ResponseContextSharedPtr metadata) const; /** * Return default resolver, that uses response's api key and version to provide a matching parser. */ static const ResponseParserResolver& getDefaultInstance(); }; /** * Response parser responsible for consuming response header (payload length and correlation id) and * setting up context with this data. * @see http://kafka.apache.org/protocol.html#protocol_common */ class ResponseHeaderParser : public ResponseParser { public: /** * Creates a parser with necessary dependencies (store of expected responses & parser resolver). * @param expected_responses store containing mapping from response correlation id to api key & * version. * @param parser_resolver factory used to create the following payload parser. */ ResponseHeaderParser(ExpectedResponsesSharedPtr expected_responses, const ResponseParserResolver& parser_resolver) : expected_responses_{expected_responses}, parser_resolver_{parser_resolver}, context_{std::make_shared()} {}; /** * Consumes 8 bytes (2 x INT32) as response length and correlation id. * Uses correlation id to resolve response's api version & key (throws if not possible). * Updates the context with data resolved, and then creates the following payload parser using the * parser resolver. * @return ResponseParser instance to process the response payload. */ ResponseParseResponse parse(absl::string_view& data) override; const ResponseContextSharedPtr contextForTest() const { return context_; } private: ExpectedResponseSpec getResponseSpec(int32_t correlation_id); const ExpectedResponsesSharedPtr expected_responses_; const ResponseParserResolver& parser_resolver_; const ResponseContextSharedPtr context_; Int32Deserializer length_deserializer_; Int32Deserializer correlation_id_deserializer_; TaggedFieldsDeserializer tagged_fields_deserializer_; }; /** * Sentinel parser that is responsible for consuming message bytes for messages that had unsupported * api_key & api_version. It does not attempt to capture any data, just throws it away until end of * message. */ class SentinelResponseParser : public AbstractSentinelParser, public ResponseParser { public: SentinelResponseParser(ResponseContextSharedPtr context) : AbstractSentinelParser{context} {}; ResponseParseResponse parse(absl::string_view& data) override { return AbstractSentinelParser::parse(data); } }; /** * Response parser uses a single deserializer to construct a response object. * This parser is responsible for consuming response-specific data (e.g. topic names) and always * returns a parsed message. * @param ResponseType response class. * @param DeserializerType deserializer type corresponding to response class (should be subclass of * Deserializer). */ template class ResponseDataParser : public ResponseParser { public: /** * Create a parser for given response metadata. * @param metadata expected message metadata. */ ResponseDataParser(ResponseContextSharedPtr context) : context_{context} {}; /** * Consume enough data to fill in deserializer and receive the parsed response. * Fill in response's header with data stored in context. * @param data data to process. */ ResponseParseResponse parse(absl::string_view& data) override { context_->remaining_response_size_ -= deserializer_.feed(data); if (deserializer_.ready()) { if (0 == context_->remaining_response_size_) { // After a successful parse, there should be nothing left - we have consumed all the bytes. const ResponseMetadata metadata = {context_->api_key_, context_->api_version_, context_->correlation_id_, context_->tagged_fields_}; const AbstractResponseSharedPtr response = std::make_shared>(metadata, deserializer_.get()); return ResponseParseResponse::parsedMessage(response); } else { // The message makes no sense, the deserializer that matches the schema consumed all // necessary data, but there are still bytes in this message. return ResponseParseResponse::nextParser( std::make_shared(context_)); } } else { return ResponseParseResponse::stillWaiting(); } } const ResponseContextSharedPtr contextForTest() const { return context_; } private: ResponseContextSharedPtr context_; DeserializerType deserializer_; // Underlying response-specific deserializer. }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/kafka_types.h ================================================ #pragma once #include #include #include #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Nullable string used by Kafka. */ using NullableString = absl::optional; /** * Bytes array used by Kafka. */ using Bytes = std::vector; /** * Nullable bytes array used by Kafka. */ using NullableBytes = absl::optional; /** * Kafka array of elements of type T. */ template using NullableArray = absl::optional>; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/parser.h ================================================ #pragma once #include #include "common/common/logger.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { template class ParseResponse; /** * Parser is responsible for consuming data relevant to some part of a message, and then returning * the decision how the parsing should continue. */ template class Parser : public Logger::Loggable { public: virtual ~Parser() = default; /** * Submit data to be processed by parser, will consume as much data as it is necessary to reach * the conclusion what should be the next parse step. * @param data bytes to be processed, will be updated by parser if any have been consumed. * @return parse status - decision what should be done with current parser (keep/replace). */ virtual ParseResponse parse(absl::string_view& data) PURE; }; template using ParserSharedPtr = std::shared_ptr>; /** * Three-state holder representing one of: * - parser still needs data (`stillWaiting`), * - parser is finished, and following parser should be used to process the rest of data * (`nextParser`), * - parser is finished, and parse result is attached (`parsedMessage` or `parseFailure`). */ template class ParseResponse { public: using FailureType = FailureDataType; /** * Constructs a response that states that parser still needs data and should not be replaced. */ static ParseResponse stillWaiting() { return {nullptr, nullptr, nullptr}; } /** * Constructs a response that states that parser is finished and should be replaced by given * parser. */ static ParseResponse nextParser(ParserSharedPtr next_parser) { return {next_parser, nullptr, nullptr}; }; /** * Constructs a response that states that parser is finished, the message is ready, and parsing * can start anew for next message. */ static ParseResponse parsedMessage(MessageType message) { return {nullptr, message, nullptr}; }; /** * Constructs a response that states that parser is finished, the message could not be parsed * properly, and parsing can start anew for next message. */ static ParseResponse parseFailure(FailureDataType failure_data) { return {nullptr, nullptr, failure_data}; }; /** * If response contains a next parser or a parse result. */ bool hasData() const { return (next_parser_ != nullptr) || (message_ != nullptr) || (failure_data_ != nullptr); } private: ParseResponse(ParserSharedPtr parser, MessageType message, FailureDataType failure_data) : next_parser_{parser}, message_{message}, failure_data_{failure_data} {}; public: ParserSharedPtr next_parser_; MessageType message_; FailureDataType failure_data_; }; template class AbstractSentinelParser { public: AbstractSentinelParser(ContextType context) : context_{context} {}; ResponseType parse(absl::string_view& data) { const uint32_t min = std::min(context_->remaining(), data.size()); data = {data.data() + min, data.size() - min}; context_->remaining() -= min; if (0 == context_->remaining()) { using FailureType = typename ResponseType::FailureType::element_type; auto failure_data = std::make_shared(context_->asFailureData()); return ResponseType::parseFailure(failure_data); } else { return ResponseType::stillWaiting(); } } const ContextType contextForTest() const { return context_; } private: ContextType context_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/protocol/complex_type_template.j2 ================================================ {# Template for structure representing a composite entity in Kafka protocol (request or response). Rendered templates for each structure in Kafka protocol will be put into 'requests.h' or 'responses.h'. Each structure is capable of holding all versions of given entity (what means its fields are actually a superset of union of all versions' fields). Each version has a dedicated deserializer (named "${name}V${version}Deserializer" e.g. ProduceRequestV0Deserializer or FetchResponseV1Deserializer), which calls the matching constructor. To serialize, it is necessary to pass the encoding context (that contains the version that's being serialized). Depending on the version, the fields will be written to the buffer. #} struct {{ complex_type.name }} { {# Constructors invoked by deserializers. Each constructor has a signature that matches the fields in at least one version (as sometimes there are different Kafka versions that are actually composed of precisely the same fields). #} {% for field in complex_type.fields %} const {{ field.field_declaration() }}_;{% endfor %} {% for constructor in complex_type.compute_constructors() %} // constructor used in versions: {{ constructor['versions'] }} {{ constructor['full_declaration'] }}{% endfor %} {# For every field that's used in version, just compute its size using an encoder. #} uint32_t computeSize(const EncodingContext& encoder) const { const int16_t api_version = encoder.apiVersion(); uint32_t written{0}; {% for spec in complex_type.compute_serialization_specs() %} if (api_version >= {{ spec.versions[0] }} && api_version < {{ spec.versions[-1] + 1 }}) { written += encoder.{{ spec.compute_size_method_name }}({{ spec.field.name }}_); } {% endfor %} return written; } uint32_t computeCompactSize(const EncodingContext& encoder) const { return computeSize(encoder); } {# For every field that's used in version, just serialize it. #} uint32_t encode(Buffer::Instance& dst, EncodingContext& encoder) const { const int16_t api_version = encoder.apiVersion(); uint32_t written{0}; {% for spec in complex_type.compute_serialization_specs() %} if (api_version >= {{ spec.versions[0] }} && api_version < {{ spec.versions[-1] + 1 }}) { written += encoder.{{ spec.encode_method_name }}({{ spec.field.name }}_, dst); } {% endfor %} return written; } uint32_t encodeCompact(Buffer::Instance& dst, EncodingContext& encoder) const { return encode(dst, encoder); } {% if complex_type.fields|length > 0 %} bool operator==(const {{ complex_type.name }}& rhs) const { {% else %} bool operator==(const {{ complex_type.name }}&) const { {% endif %} return true{% for field in complex_type.fields %} && {{ field.name }}_ == rhs.{{ field.name }}_{% endfor %}; }; }; {# Each structure version has a deserializer that matches the structure's field list. #} {% for field_list in complex_type.compute_field_lists() %} class {{ complex_type.name }}V{{ field_list.version }}Deserializer: public CompositeDeserializerWith{{ field_list.field_count() }}Delegates< {{ complex_type.name }} {% for field in field_list.used_fields() %}, {{ field.deserializer_name_in_version(field_list.version, field_list.uses_compact_fields) }} {% endfor %}>{}; {% endfor %} ================================================ FILE: source/extensions/filters/network/kafka/protocol/generator.py ================================================ #!/usr/bin/python # Main library file containing all the protocol generation logic. def generate_main_code(type, main_header_file, resolver_cc_file, metrics_header_file, input_files): """ Main code generator. Takes input files and processes them into structures representing a Kafka message (request or response). These responses are then used to create: - main_header_file - contains definitions of Kafka structures and their deserializers - resolver_cc_file - contains request api key & version mapping to deserializer (from header file) - metrics_header_file - contains metrics with names corresponding to messages """ processor = StatefulProcessor() # Parse provided input files. messages = processor.parse_messages(input_files) complex_type_template = RenderingHelper.get_template('complex_type_template.j2') parsers_template = RenderingHelper.get_template("%s_parser.j2" % type) main_header_contents = '' for message in messages: # For each child structure that is used by request/response, render its matching C++ code. dependencies = message.compute_declaration_chain() for dependency in dependencies: main_header_contents += complex_type_template.render(complex_type=dependency) # Each top-level structure (e.g. FetchRequest/FetchResponse) needs corresponding parsers. main_header_contents += parsers_template.render(complex_type=message) # Full file with headers, namespace declaration etc. template = RenderingHelper.get_template("%ss_h.j2" % type) contents = template.render(contents=main_header_contents) # Generate main header file. with open(main_header_file, 'w') as fd: fd.write(contents) # Generate ...resolver.cc file. template = RenderingHelper.get_template("kafka_%s_resolver_cc.j2" % type) contents = template.render(message_types=messages) with open(resolver_cc_file, 'w') as fd: fd.write(contents) # Generate ...metrics.h file. template = RenderingHelper.get_template("%s_metrics_h.j2" % type) contents = template.render(message_types=messages) with open(metrics_header_file, 'w') as fd: fd.write(contents) def generate_test_code(type, header_test_cc_file, codec_test_cc_file, utilities_cc_file, input_files): """ Test code generator. Takes input files and processes them into structures representing a Kafka message (request or response). These responses are then used to create: - header_test_cc_file - tests for basic message serialization deserialization, - codec_test_cc_file - tests involving codec and Request/ResponseParserResolver, - utilities_cc_file - utilities for creating sample messages. """ processor = StatefulProcessor() # Parse provided input files. messages = processor.parse_messages(input_files) # Generate header-test file. template = RenderingHelper.get_template("%ss_test_cc.j2" % type) contents = template.render(message_types=messages) with open(header_test_cc_file, 'w') as fd: fd.write(contents) # Generate codec-test file. template = RenderingHelper.get_template("%s_codec_%s_test_cc.j2" % (type, type)) contents = template.render(message_types=messages) with open(codec_test_cc_file, 'w') as fd: fd.write(contents) # Generate utilities file. template = RenderingHelper.get_template("%s_utilities_cc.j2" % type) contents = template.render(message_types=messages) with open(utilities_cc_file, 'w') as fd: fd.write(contents) class StatefulProcessor: """ Helper entity that keeps state during the processing. Some state needs to be shared across multiple message types, as we need to handle identical sub-type names (e.g. both AlterConfigsRequest & IncrementalAlterConfigsRequest have child AlterConfigsResource, what would cause a compile-time error if we were to handle it trivially). """ def __init__(self): # Complex types that have been encountered during processing. self.known_types = set() # Name of parent message type that's being processed right now. self.currently_processed_message_type = None # Common structs declared in this message type. self.common_structs = {} def parse_messages(self, input_files): """ Parse request/response structures from provided input files. """ import re import json messages = [] # Sort the input files, as the processing is stateful, as we want the same order every time. input_files.sort() # For each specification file, remove comments, and parse the remains. for input_file in input_files: try: with open(input_file, 'r') as fd: raw_contents = fd.read() without_comments = re.sub(r'\s*//.*\n', '\n', raw_contents) without_empty_newlines = re.sub(r'^\s*$', '', without_comments, flags=re.MULTILINE) message_spec = json.loads(without_empty_newlines) message = self.parse_top_level_element(message_spec) messages.append(message) except Exception as e: print('could not process %s' % input_file) raise # Sort messages by api_key. messages.sort(key=lambda x: x.get_extra('api_key')) return messages def parse_top_level_element(self, spec): """ Parse a given structure into a request/response. Request/response is just a complex type, that has name & version information kept in differently named fields, compared to sub-structures in a message. """ self.currently_processed_message_type = spec['name'] # Figure out all versions of this message type. versions = Statics.parse_version_string(spec['validVersions'], 2 << 16 - 1) # Figure out the flexible versions. flexible_versions_string = spec.get('flexibleVersions', 'none') if 'none' != flexible_versions_string: flexible_versions = Statics.parse_version_string(flexible_versions_string, versions[-1]) else: flexible_versions = [] # Sanity check - all flexible versions need to be versioned. if [x for x in flexible_versions if x not in versions]: raise ValueError('invalid flexible versions') try: # In 2.4 some types are declared at top level, and only referenced inside. # So let's parse them and store them in state. common_structs = spec.get('commonStructs') if common_structs is not None: for common_struct in common_structs: common_struct_name = common_struct['name'] common_struct_versions = Statics.parse_version_string(common_struct['versions'], versions[-1]) parsed_complex = self.parse_complex_type(common_struct_name, common_struct, common_struct_versions) self.common_structs[parsed_complex.name] = parsed_complex # Parse the type itself. complex_type = self.parse_complex_type(self.currently_processed_message_type, spec, versions) complex_type.register_flexible_versions(flexible_versions) # Request / response types need to carry api key version. result = complex_type.with_extra('api_key', spec['apiKey']) return result finally: self.common_structs = {} self.currently_processed_message_type = None def parse_complex_type(self, type_name, field_spec, versions): """ Parse given complex type, returning a structure that holds its name, field specification and allowed versions. """ fields_el = field_spec.get('fields') if fields_el is not None: fields = [] for child_field in field_spec['fields']: child = self.parse_field(child_field, versions[-1]) if child is not None: fields.append(child) # Some of the types repeat multiple times (e.g. AlterableConfig). # In such a case, every second or later occurrence of the same name is going to be prefixed # with parent type, e.g. we have AlterableConfig (for AlterConfigsRequest) and then # IncrementalAlterConfigsRequestAlterableConfig (for IncrementalAlterConfigsRequest). # This keeps names unique, while keeping non-duplicate ones short. if type_name not in self.known_types: self.known_types.add(type_name) else: type_name = self.currently_processed_message_type + type_name self.known_types.add(type_name) return Complex(type_name, fields, versions) else: return self.common_structs[type_name] def parse_field(self, field_spec, highest_possible_version): """ Parse given field, returning a structure holding the name, type, and versions when this field is actually used (nullable or not). Obviously, field cannot be used in version higher than its type's usage. """ if field_spec.get('tag') is not None: return None version_usage = Statics.parse_version_string(field_spec['versions'], highest_possible_version) version_usage_as_nullable = Statics.parse_version_string( field_spec['nullableVersions'], highest_possible_version) if 'nullableVersions' in field_spec else range(-1) parsed_type = self.parse_type(field_spec['type'], field_spec, highest_possible_version) return FieldSpec(field_spec['name'], parsed_type, version_usage, version_usage_as_nullable) def parse_type(self, type_name, field_spec, highest_possible_version): """ Parse a given type element - returns an array type, primitive (e.g. uint32_t) or complex one. """ if (type_name.startswith('[]')): # In spec files, array types are defined as `[]underlying_type` instead of having its own # element with type inside. underlying_type = self.parse_type(type_name[2:], field_spec, highest_possible_version) return Array(underlying_type) else: if (type_name in Primitive.USABLE_PRIMITIVE_TYPE_NAMES): return Primitive(type_name, field_spec.get('default')) else: versions = Statics.parse_version_string(field_spec['versions'], highest_possible_version) return self.parse_complex_type(type_name, field_spec, versions) class Statics: @staticmethod def parse_version_string(raw_versions, highest_possible_version): """ Return integer range that corresponds to version string in spec file. """ if raw_versions.endswith('+'): return range(int(raw_versions[:-1]), highest_possible_version + 1) else: if '-' in raw_versions: tokens = raw_versions.split('-', 1) return range(int(tokens[0]), int(tokens[1]) + 1) else: single_version = int(raw_versions) return range(single_version, single_version + 1) class FieldList: """ List of fields used by given entity (request or child structure) in given message version (as fields get added or removed across versions and/or they change compaction level). """ def __init__(self, version, uses_compact_fields, fields): self.version = version self.uses_compact_fields = uses_compact_fields self.fields = fields def used_fields(self): """ Return list of fields that are actually used in this version of structure. """ return filter(lambda x: x.used_in_version(self.version), self.fields) def constructor_signature(self): """ Return constructor signature. Multiple versions of the same structure can have identical signatures (due to version bumps in Kafka). """ parameter_spec = map(lambda x: x.parameter_declaration(self.version), self.used_fields()) return ', '.join(parameter_spec) def constructor_init_list(self): """ Renders member initialization list in constructor. Takes care of potential optional conversions (as field could be T in V1, but optional in V2). """ init_list = [] for field in self.fields: if field.used_in_version(self.version): if field.is_nullable(): if field.is_nullable_in_version(self.version): # Field is optional, and the parameter is optional in this version. init_list_item = '%s_{%s}' % (field.name, field.name) init_list.append(init_list_item) else: # Field is optional, and the parameter is T in this version. init_list_item = '%s_{absl::make_optional(%s)}' % (field.name, field.name) init_list.append(init_list_item) else: # Field is T, so parameter cannot be optional. init_list_item = '%s_{%s}' % (field.name, field.name) init_list.append(init_list_item) else: # Field is not used in this version, so we need to put in default value. init_list_item = '%s_{%s}' % (field.name, field.default_value()) init_list.append(init_list_item) pass return ', '.join(init_list) def field_count(self): return len(list(self.used_fields())) def example_value(self): return ', '.join(map(lambda x: x.example_value_for_test(self.version), self.used_fields())) class FieldSpec: """ Represents a field present in a structure (request, or child structure thereof). Contains name, type, and versions when it is used (nullable or not). """ def __init__(self, name, type, version_usage, version_usage_as_nullable): import re separated = re.sub('(.)([A-Z][a-z]+)', r'\1_\2', name) self.name = re.sub('([a-z0-9])([A-Z])', r'\1_\2', separated).lower() self.type = type self.version_usage = version_usage self.version_usage_as_nullable = version_usage_as_nullable def is_nullable(self): return len(self.version_usage_as_nullable) > 0 def is_nullable_in_version(self, version): """ Whether the field is nullable in given version. Fields can be non-nullable in earlier versions. See https://github.com/apache/kafka/tree/2.2.0-rc0/clients/src/main/resources/common/message#nullable-fields """ return version in self.version_usage_as_nullable def used_in_version(self, version): return version in self.version_usage def field_declaration(self): if self.is_nullable(): return 'absl::optional<%s> %s' % (self.type.name, self.name) else: return '%s %s' % (self.type.name, self.name) def parameter_declaration(self, version): if self.is_nullable_in_version(version): return 'absl::optional<%s> %s' % (self.type.name, self.name) else: return '%s %s' % (self.type.name, self.name) def default_value(self): if self.is_nullable(): type_default_value = self.type.default_value() # For nullable fields, it's possible to have (Java) null as default value. if type_default_value != 'null': return '{%s}' % type_default_value else: return 'absl::nullopt' else: return str(self.type.default_value()) def example_value_for_test(self, version): if self.is_nullable(): return 'absl::make_optional<%s>(%s)' % (self.type.name, self.type.example_value_for_test(version)) else: return str(self.type.example_value_for_test(version)) def deserializer_name_in_version(self, version, compact): if self.is_nullable_in_version(version): return 'Nullable%s' % self.type.deserializer_name_in_version(version, compact) else: return self.type.deserializer_name_in_version(version, compact) def is_printable(self): return self.type.is_printable() class TypeSpecification: def compute_declaration_chain(self): """ Computes types that need to be declared before this type can be declared, in C++ sense. """ raise NotImplementedError() def deserializer_name_in_version(self, version, compact): """ Renders the deserializer name of given type, in message with given version. """ raise NotImplementedError() def default_value(self): """ Returns a default value for given type. """ raise NotImplementedError() def has_flexible_handling(self): """ Whether the given type has special encoding when carrying message is using flexible encoding. """ raise NotImplementedError() def example_value_for_test(self, version): raise NotImplementedError() def is_printable(self): raise NotImplementedError() class Array(TypeSpecification): """ Represents array complex type. To use instance of this type, it is necessary to declare structures required by self.underlying (e.g. to use Array, we need to have `struct Foo {...}`). """ def __init__(self, underlying): self.underlying = underlying @property def name(self): return 'std::vector<%s>' % self.underlying.name def compute_declaration_chain(self): # To use an array of type T, we just need to be capable of using type T. return self.underlying.compute_declaration_chain() def deserializer_name_in_version(self, version, compact): # For arrays, deserializer name is (Compact)(Nullable)ArrayDeserializer. element_deserializer_name = self.underlying.deserializer_name_in_version(version, compact) return '%sArrayDeserializer<%s>' % ("Compact" if compact else "", element_deserializer_name) def default_value(self): return 'std::vector<%s>{}' % (self.underlying.name) def has_flexible_handling(self): return True def example_value_for_test(self, version): return 'std::vector<%s>{ %s }' % (self.underlying.name, self.underlying.example_value_for_test(version)) def is_printable(self): return self.underlying.is_printable() class Primitive(TypeSpecification): """ Represents a Kafka primitive value. """ USABLE_PRIMITIVE_TYPE_NAMES = ['bool', 'int8', 'int16', 'int32', 'int64', 'string', 'bytes'] KAFKA_TYPE_TO_ENVOY_TYPE = { 'string': 'std::string', 'bool': 'bool', 'int8': 'int8_t', 'int16': 'int16_t', 'int32': 'int32_t', 'int64': 'int64_t', 'bytes': 'Bytes', 'tagged_fields': 'TaggedFields', } KAFKA_TYPE_TO_DESERIALIZER = { 'string': 'StringDeserializer', 'bool': 'BooleanDeserializer', 'int8': 'Int8Deserializer', 'int16': 'Int16Deserializer', 'int32': 'Int32Deserializer', 'int64': 'Int64Deserializer', 'bytes': 'BytesDeserializer', 'tagged_fields': 'TaggedFieldsDeserializer', } KAFKA_TYPE_TO_COMPACT_DESERIALIZER = { 'string': 'CompactStringDeserializer', 'bytes': 'CompactBytesDeserializer' } # See https://github.com/apache/kafka/tree/trunk/clients/src/main/resources/common/message#deserializing-messages KAFKA_TYPE_TO_DEFAULT_VALUE = { 'string': '""', 'bool': 'false', 'int8': '0', 'int16': '0', 'int32': '0', 'int64': '0', 'bytes': '{}', 'tagged_fields': 'TaggedFields({})', } # Custom values that make test code more readable. KAFKA_TYPE_TO_EXAMPLE_VALUE_FOR_TEST = { 'string': '"string"', 'bool': 'false', 'int8': 'static_cast(8)', 'int16': 'static_cast(16)', 'int32': 'static_cast(32)', 'int64': 'static_cast(64)', 'bytes': 'Bytes({0, 1, 2, 3})', 'tagged_fields': 'TaggedFields{std::vector{{10, Bytes({1, 2, 3})}, {20, Bytes({4, 5, 6})}}}', } def __init__(self, name, custom_default_value): self.original_name = name self.name = Primitive.compute(name, Primitive.KAFKA_TYPE_TO_ENVOY_TYPE) self.custom_default_value = custom_default_value @staticmethod def compute(name, map): if name in map: return map[name] else: raise ValueError(name) def compute_declaration_chain(self): # Primitives need no declarations. return [] def deserializer_name_in_version(self, version, compact): if compact and self.original_name in Primitive.KAFKA_TYPE_TO_COMPACT_DESERIALIZER.keys(): return Primitive.compute(self.original_name, Primitive.KAFKA_TYPE_TO_COMPACT_DESERIALIZER) else: return Primitive.compute(self.original_name, Primitive.KAFKA_TYPE_TO_DESERIALIZER) def default_value(self): if self.custom_default_value is not None: return self.custom_default_value else: return Primitive.compute(self.original_name, Primitive.KAFKA_TYPE_TO_DEFAULT_VALUE) def has_flexible_handling(self): return self.original_name in ['string', 'bytes', 'tagged_fields'] def example_value_for_test(self, version): return Primitive.compute(self.original_name, Primitive.KAFKA_TYPE_TO_EXAMPLE_VALUE_FOR_TEST) def is_printable(self): return self.name not in ['Bytes'] class FieldSerializationSpec(): def __init__(self, field, versions, compute_size_method_name, encode_method_name): self.field = field self.versions = versions self.compute_size_method_name = compute_size_method_name self.encode_method_name = encode_method_name class Complex(TypeSpecification): """ Represents a complex type (multiple types aggregated into one). This type gets mapped to a C++ struct. """ def __init__(self, name, fields, versions): self.name = name self.fields = fields self.versions = versions self.flexible_versions = None # Will be set in 'register_flexible_versions'. self.attributes = {} def register_flexible_versions(self, flexible_versions): # If flexible versions are present, so we need to add placeholder 'tagged_fields' field to # *every* type that's used in by this message type. for type in self.compute_declaration_chain(): type.flexible_versions = flexible_versions if len(flexible_versions) > 0: tagged_fields_field = FieldSpec('tagged_fields', Primitive('tagged_fields', None), flexible_versions, []) type.fields.append(tagged_fields_field) def compute_declaration_chain(self): """ Computes all dependencies, what means all non-primitive types used by this type. They need to be declared before this struct is declared. """ result = [] for field in self.fields: field_dependencies = field.type.compute_declaration_chain() for field_dependency in field_dependencies: if field_dependency not in result: result.append(field_dependency) result.append(self) return result def with_extra(self, key, value): self.attributes[key] = value return self def get_extra(self, key): return self.attributes[key] def compute_constructors(self): """ Field lists for different versions may not differ (as Kafka can bump version without any changes). But constructors need to be unique, so we need to remove duplicates if the signatures match. """ signature_to_constructor = {} for field_list in self.compute_field_lists(): signature = field_list.constructor_signature() constructor = signature_to_constructor.get(signature) if constructor is None: entry = {} entry['versions'] = [field_list.version] entry['signature'] = signature if (len(signature) > 0): entry['full_declaration'] = '%s(%s): %s {};' % (self.name, signature, field_list.constructor_init_list()) else: entry['full_declaration'] = '%s() {};' % self.name signature_to_constructor[signature] = entry else: constructor['versions'].append(field_list.version) return sorted(signature_to_constructor.values(), key=lambda x: x['versions'][0]) def compute_field_lists(self): """ Return field lists representing each of structure versions. """ field_lists = [] for version in self.versions: field_list = FieldList(version, version in self.flexible_versions, self.fields) field_lists.append(field_list) return field_lists def compute_serialization_specs(self): result = [] for field in self.fields: if field.type.has_flexible_handling(): flexible = [x for x in field.version_usage if x in self.flexible_versions] non_flexible = [x for x in field.version_usage if x not in flexible] if non_flexible: result.append(FieldSerializationSpec(field, non_flexible, 'computeSize', 'encode')) if flexible: result.append( FieldSerializationSpec(field, flexible, 'computeCompactSize', 'encodeCompact')) else: result.append(FieldSerializationSpec(field, field.version_usage, 'computeSize', 'encode')) return result def deserializer_name_in_version(self, version, compact): return '%sV%dDeserializer' % (self.name, version) def name_in_c_case(self): import re s1 = re.sub('(.)([A-Z][a-z]+)', r'\1_\2', self.name) return re.sub('([a-z0-9])([A-Z])', r'\1_\2', s1).lower() def default_value(self): raise NotImplementedError('unable to create default value of complex type') def has_flexible_handling(self): return False def example_value_for_test(self, version): field_list = next(fl for fl in self.compute_field_lists() if fl.version == version) example_values = map(lambda x: x.example_value_for_test(version), field_list.used_fields()) return '%s(%s)' % (self.name, ', '.join(example_values)) def is_printable(self): return True class RenderingHelper: """ Helper for jinja templates. """ @staticmethod def get_template(template): import jinja2 import os import sys # Templates are resolved relatively to main start script, due to main & test templates being # stored in different directories. env = jinja2.Environment(loader=jinja2.FileSystemLoader( searchpath=os.path.dirname(os.path.abspath(sys.argv[0])))) return env.get_template(template) ================================================ FILE: source/extensions/filters/network/kafka/protocol/kafka_request_resolver_cc.j2 ================================================ {# Template for 'kafka_request_resolver.cc'. Defines default Kafka request resolver, that uses request parsers in (also generated) 'requests.h'. #} #include "extensions/filters/network/kafka/external/requests.h" #include "extensions/filters/network/kafka/kafka_request_parser.h" #include "extensions/filters/network/kafka/parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { // Implements declaration from 'kafka_request.h'. bool requestUsesTaggedFieldsInHeader(const uint16_t api_key, const uint16_t api_version) { switch (api_key) { {% for message_type in message_types %} case {{ message_type.get_extra('api_key') }}: switch (api_version) { {% for flexible_version in message_type.flexible_versions %} case {{ flexible_version }}: return true; {% endfor %} default: return false; } {% endfor %} default: return false; } } /** * Creates a parser that corresponds to provided key and version. * If corresponding parser cannot be found (what means a newer version of Kafka protocol), * a sentinel parser is returned. * @param api_key Kafka request key * @param api_version Kafka request's version * @param context parse context */ RequestParserSharedPtr RequestParserResolver::createParser(int16_t api_key, int16_t api_version, RequestContextSharedPtr context) const { {% for message_type in message_types %}{% for field_list in message_type.compute_field_lists() %} if ({{ message_type.get_extra('api_key') }} == api_key && {{ field_list.version }} == api_version) { return std::make_shared<{{ message_type.name }}V{{ field_list.version }}Parser>(context); }{% endfor %}{% endfor %} return std::make_shared(context); } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/protocol/kafka_response_resolver_cc.j2 ================================================ {# Template for 'kafka_response_resolver.cc'. Defines default Kafka response resolver, that uses response parsers in (also generated) 'responses.h'. #} #include "extensions/filters/network/kafka/external/responses.h" #include "extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { // Implements declaration from 'kafka_response.h'. bool responseUsesTaggedFieldsInHeader(const uint16_t api_key, const uint16_t api_version) { switch (api_key) { {% for message_type in message_types %} case {{ message_type.get_extra('api_key') }}: switch (api_version) { {# ApiVersions responses require special handling. #} {% if message_type.get_extra('api_key') != 18 %} {% for flexible_version in message_type.flexible_versions %} case {{ flexible_version }}: return true; {% endfor %} {% endif %} default: return false; } {% endfor %} default: return false; } } /** * Creates a parser that is going to process data specific for given response. * If corresponding parser cannot be found (what means a newer version of Kafka protocol), * a sentinel parser is returned. * @param context parse context (carries the expected message type information). * @return parser that is capable of properly consuming response bytes. */ ResponseParserSharedPtr ResponseParserResolver::createParser( ResponseContextSharedPtr context) const { const int16_t api_key = context->api_key_; const int16_t api_version = context->api_version_; {% for message_type in message_types %}{% for field_list in message_type.compute_field_lists() %} if ({{ message_type.get_extra('api_key') }} == api_key && {{ field_list.version }} == api_version) { return std::make_shared<{{ message_type.name }}V{{ field_list.version }}Parser>(context); }{% endfor %}{% endfor %} return std::make_shared(context); } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/protocol/launcher.py ================================================ #!/usr/bin/python # Launcher for generating Kafka protocol code. import source.extensions.filters.network.kafka.protocol.generator as generator import sys import os def main(): """ Kafka code generator script ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Generates C++ code from Kafka protocol specification for Kafka codec. Usage: launcher.py MESSAGE_TYPE OUTPUT_FILES INPUT_FILES where: MESSAGE_TYPE : 'request' or 'response' OUTPUT_FILES : location of 'requests.h'/'responses.h', 'kafka_request_resolver.cc'/'kafka_response_resolver.cc' and 'request_metrics.h'/'response_metrics.h'. INPUT_FILES: Kafka protocol json files to be processed. Kafka spec files are provided in Kafka clients jar file. Files created are: - ${MESSAGE_TYPE}s.h - definition of all the structures/deserializers/parsers related to Kafka requests/responses, - kafka_${MESSAGE_TYPE}_resolver.cc - resolver that is responsible for creation of parsers defined in ${MESSAGE_TYPE}s.h (it maps request's api key & version to matching parser), - ${MESSAGE_TYPE}_metrics.h - rich metrics wrappers for all possible message types. Templates used are: - to create '${MESSAGE_TYPE}.h': ${MESSAGE_TYPE}_h.j2, complex_type_template.j2, request_parser.j2, - to create 'kafka_${MESSAGE_TYPE}_resolver.cc': kafka_${MESSAGE_TYPE}_resolver_cc.j2, - to create '${MESSAGE_TYPE}_metrics.h': ${MESSAGE_TYPE}_metrics_h.j2. """ type = sys.argv[1] main_header_file = os.path.abspath(sys.argv[2]) resolver_cc_file = os.path.abspath(sys.argv[3]) metrics_h_file = os.path.abspath(sys.argv[4]) input_files = sys.argv[5:] generator.generate_main_code(type, main_header_file, resolver_cc_file, metrics_h_file, input_files) if __name__ == "__main__": main() ================================================ FILE: source/extensions/filters/network/kafka/protocol/request_metrics_h.j2 ================================================ {# Template for 'request_metrics.h'. Generates the request metric names from Kafka message types. The metrics structure (KAFKA_REQUEST_METRICS) is wrapped by RichRequestMetrics instance, allowing for easier access to metrics using message's api_key. There is one metric for each of request types (e.g. produce) - number of responses received. There is also a metric for counting requests that could not be recognised, and one for requests that could caused deserialization errors. #} #pragma once #include #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Generated metrics, we have a counter for each request type. */ #define KAFKA_REQUEST_METRICS(COUNTER) \ {% for message_type in message_types %} \ COUNTER({{ message_type.name_in_c_case() }}) \ {% endfor %} \ COUNTER(unknown) \ COUNTER(failure) struct KafkaRequestMetrics { KAFKA_REQUEST_METRICS(GENERATE_COUNTER_STRUCT) }; /** * Abstraction layer over request-related metrics. * Pure interface so that it can be mocked easily. */ class RichRequestMetrics { public: virtual ~RichRequestMetrics() = default; /** * Invoked when properly-parsed message is received. */ virtual void onRequest(const int16_t api_key) PURE; /** * Invoked when an unknown message is received. */ virtual void onUnknownRequest() PURE; /** * Invoked when a deserialization error occurs. */ virtual void onBrokenRequest() PURE; }; using RichRequestMetricsSharedPtr = std::shared_ptr; /** * Metrics implementation that uses Envoy Scope to store metrics. */ class RichRequestMetricsImpl: public RichRequestMetrics { public: RichRequestMetricsImpl(Stats::Scope& scope, std::string stat_prefix): metrics_({ KAFKA_REQUEST_METRICS(POOL_COUNTER_PREFIX(scope, fmt::format("kafka.{}.request.", stat_prefix)))}) {}; void onRequest(const int16_t api_key) override { // Both successful message parsing & metrics list depend on protocol-generated code, what means // both do support the same api keys. switch (api_key) { {% for message_type in message_types %} case {{ message_type.get_extra('api_key') }} : metrics_.{{ message_type.name_in_c_case() }}_.inc(); return; {% endfor %} } } void onUnknownRequest() override { metrics_.unknown_.inc(); } void onBrokenRequest() override { metrics_.failure_.inc(); } private: KafkaRequestMetrics metrics_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/protocol/request_parser.j2 ================================================ {# Template for top-level structure representing a request in Kafka protocol (e.g. ProduceRequest). Rendered templates for each request in Kafka protocol will be put into 'requests.h' file. This template handles binding the top-level structure deserializer (e.g. ProduceRequestV0Deserializer) with RequestDataParser. These parsers are then used by RequestParserResolver instance depending on received Kafka api key & api version (see 'kafka_request_resolver_cc.j2'). #} {% for version in complex_type.versions %}class {{ complex_type.name }}V{{ version }}Parser: public RequestDataParser< {{ complex_type.name }}, {{ complex_type.name }}V{{ version }}Deserializer> { public: {{ complex_type.name }}V{{ version }}Parser(RequestContextSharedPtr ctx) : RequestDataParser{ctx} {}; }; {% endfor %} ================================================ FILE: source/extensions/filters/network/kafka/protocol/requests_h.j2 ================================================ {# Main template for 'requests.h' file. Gets filled in (by 'contents') with Kafka request structures, deserializers, and parsers. For each request we have the following: - 1 top-level structure corresponding to the request (e.g. `struct FetchRequest`), - N deserializers for top-level structure, one for each request version, - N parsers binding each deserializer with parser, - 0+ child structures (e.g. `struct FetchRequestTopic`, `FetchRequestPartition`) that are used by the request's top-level structure, - deserializers for each child structure. So for example, for FetchRequest we have: - struct FetchRequest, - FetchRequestV0Deserializer, FetchRequestV1Deserializer, FetchRequestV2Deserializer, etc., - FetchRequestV0Parser, FetchRequestV1Parser, FetchRequestV2Parser, etc., - struct FetchRequestTopic, - FetchRequestTopicV0Deserializer, FetchRequestTopicV1Deserializer, etc. (because topic data is present in every FetchRequest version), - struct FetchRequestPartition, - FetchRequestPartitionV0Deserializer, FetchRequestPartitionV1Deserializer, etc. (because partition data is present in every FetchRequestTopic version). #} #pragma once #include "extensions/filters/network/kafka/kafka_request.h" #include "extensions/filters/network/kafka/kafka_request_parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { {{ contents }} }}}} ================================================ FILE: source/extensions/filters/network/kafka/protocol/response_metrics_h.j2 ================================================ {# Template for 'response_metrics.h'. Generates the response metric names from Kafka message types. The metrics structure (KAFKA_RESPONSE_METRICS) is wrapped by RichResponseMetrics instance, allowing for easier access to metrics using message's api_key. There are two metrics for each of response types (e.g. produce): - number of responses received, - response processing time in milliseconds (time between receiving a request and receiving a response with the same correlation id). There is also a metric for counting responses that could not be recognised, and one for responses that could caused deserialization errors. #} #pragma once #include #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Generated metrics, we have a counter and a histogram for each request type. */ #define KAFKA_RESPONSE_METRICS(COUNTER, HISTOGRAM) \ {% for message_type in message_types %} \ COUNTER({{ message_type.name_in_c_case() }}) \ HISTOGRAM({{ message_type.name_in_c_case() }}_duration, Milliseconds) \ {% endfor %} \ COUNTER(unknown) \ COUNTER(failure) struct KafkaResponseMetrics { KAFKA_RESPONSE_METRICS(GENERATE_COUNTER_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; /** * Abstraction layer over response-related metrics. * Pure interface so that it can be mocked easily. */ class RichResponseMetrics { public: virtual ~RichResponseMetrics() = default; /** * Invoked when properly-parsed message is received. */ virtual void onResponse(const int16_t api_key, const long long duration) PURE; /** * Invoked when an unknown message is received. */ virtual void onUnknownResponse() PURE; /** * Invoked when a deserialization error occurs. */ virtual void onBrokenResponse() PURE; }; using RichResponseMetricsSharedPtr = std::shared_ptr; /** * Metrics implementation that uses Envoy Scope to store metrics. */ class RichResponseMetricsImpl: public RichResponseMetrics { public: RichResponseMetricsImpl(Stats::Scope& scope, std::string stat_prefix): metrics_({ KAFKA_RESPONSE_METRICS(POOL_COUNTER_PREFIX(scope, fmt::format("kafka.{}.response.", stat_prefix)), POOL_HISTOGRAM_PREFIX(scope, fmt::format("kafka.{}.response.", stat_prefix)))}) {}; void onResponse(const int16_t api_key, const long long duration) override { // Both successful message parsing & metrics list depend on protocol-generated code, what means // both do support the same api keys. switch (api_key) { {% for message_type in message_types %} case {{ message_type.get_extra('api_key') }} : // Increase received message counter and update histogram with duration. metrics_.{{ message_type.name_in_c_case() }}_.inc(); metrics_.{{ message_type.name_in_c_case() }}_duration_.recordValue(duration); return; {% endfor %} } } void onUnknownResponse() override { metrics_.unknown_.inc(); } void onBrokenResponse() override { metrics_.failure_.inc(); } private: KafkaResponseMetrics metrics_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/protocol/response_parser.j2 ================================================ {# Template for top-level structure representing a response in Kafka protocol (e.g. ProduceResponse). Rendered templates for each response in Kafka protocol will be put into 'responses.h' file. This template handles binding the top-level structure deserializer (e.g. ProduceResponseV0Deserializer) with ResponseDataParser. These parsers are then used by ResponseParserResolver instance depending on received Kafka api key & api version (see 'kafka_response_resolver_cc.j2'). #} {% for version in complex_type.versions %}class {{ complex_type.name }}V{{ version }}Parser: public ResponseDataParser< {{ complex_type.name }}, {{ complex_type.name }}V{{ version }}Deserializer>{ public: {{ complex_type.name }}V{{ version }}Parser(ResponseContextSharedPtr context): ResponseDataParser{context} {}; }; {% endfor %} ================================================ FILE: source/extensions/filters/network/kafka/protocol/responses_h.j2 ================================================ {# Main template for 'responses.h' file. Gets filled in (by 'contents') with Kafka response structures, deserializers, and parsers. For each response we have the following: - 1 top-level structure corresponding to the response (e.g. `struct FetchResponse`), - N deserializers for top-level structure, one for each response version, - N parsers binding each deserializer with parser, - 0+ child structures (e.g. `struct FetchableTopicResponse`) that are used by the response's top-level structure, - deserializers for each child structure. So for example, for FetchResponse we have: - struct FetchResponse, - FetchResponseV0Deserializer, FetchResponseV1Deserializer, FetchResponseV2Deserializer, etc., - FetchResponseV0Parser, FetchResponseV1Parser, FetchResponseV2Parser, etc., - struct FetchableTopicResponse, - FetchableTopicResponseV0Deserializer, FetchableTopicResponseV1Deserializer, etc. (because topic data is present in every FetchResponse version), - struct FetchablePartitionResponse, - FetchablePartitionResponseV0Deserializer, FetchablePartitionResponseV1Deserializer, etc. (because partition data is present in every FetchableTopicResponse version). - AbortedTransaction & its Deserializers (starting with version 4). #} #pragma once #include "extensions/filters/network/kafka/kafka_response.h" #include "extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { {{ contents }} }}}} ================================================ FILE: source/extensions/filters/network/kafka/request_codec.cc ================================================ #include "extensions/filters/network/kafka/request_codec.h" #include "common/buffer/buffer_impl.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { class RequestStartParserFactory : public InitialParserFactory { RequestParserSharedPtr create(const RequestParserResolver& parser_resolver) const override { return std::make_shared(parser_resolver); } }; const InitialParserFactory& InitialParserFactory::getDefaultInstance() { CONSTRUCT_ON_FIRST_USE(RequestStartParserFactory); } RequestParserSharedPtr RequestDecoder::createStartParser() { return factory_.create(parser_resolver_); } void RequestEncoder::encode(const AbstractRequest& message) { const uint32_t size = htobe32(message.computeSize()); output_.add(&size, sizeof(size)); // Encode data length. message.encode(output_); // Encode data. } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/request_codec.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "extensions/filters/network/kafka/codec.h" #include "extensions/filters/network/kafka/kafka_request.h" #include "extensions/filters/network/kafka/kafka_request_parser.h" #include "extensions/filters/network/kafka/parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { using RequestCallback = MessageCallback; using RequestCallbackSharedPtr = std::shared_ptr; /** * Provides initial parser for messages (class extracted to allow injecting test factories). */ class InitialParserFactory { public: virtual ~InitialParserFactory() = default; /** * Creates default instance that returns RequestStartParser instances. */ static const InitialParserFactory& getDefaultInstance(); /** * Creates parser with given context. */ virtual RequestParserSharedPtr create(const RequestParserResolver& parser_resolver) const PURE; }; /** * Decoder that decodes Kafka requests. * When a request is decoded, the callbacks are notified, in order. * * This decoder uses chain of parsers to parse fragments of a request. * Each parser along the line returns the fully parsed message or the next parser. * Stores parse state (as large message's payload can be provided through multiple `onData` calls). */ class RequestDecoder : public AbstractMessageDecoder { public: /** * Creates a decoder that will notify provided callbacks when a message is successfully parsed. * @param callbacks callbacks to be invoked (in order). */ RequestDecoder(const std::vector callbacks) : RequestDecoder(InitialParserFactory::getDefaultInstance(), RequestParserResolver::getDefaultInstance(), callbacks){}; /** * Visible for testing. * Allows injecting initial parser factory and parser resolver. * @param factory parser factory to be used when new message is to be processed. * @param parser_resolver supported parser resolver. * @param callbacks callbacks to be invoked (in order). */ RequestDecoder(const InitialParserFactory& factory, const RequestParserResolver& parser_resolver, const std::vector callbacks) : AbstractMessageDecoder{callbacks}, factory_{factory}, parser_resolver_{parser_resolver} {}; protected: RequestParserSharedPtr createStartParser() override; private: const InitialParserFactory& factory_; const RequestParserResolver& parser_resolver_; }; using RequestDecoderSharedPtr = std::shared_ptr; /** * Encodes requests into underlying buffer. */ class RequestEncoder : public MessageEncoder { public: /** * Wraps buffer with encoder. */ RequestEncoder(Buffer::Instance& output) : output_(output) {} /** * Encodes request into wrapped buffer. */ void encode(const AbstractRequest& message) override; private: Buffer::Instance& output_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/requirements.txt ================================================ Jinja2==2.11.2 \ --hash=sha256:89aab215427ef59c34ad58735269eb58b1a5808103067f7bb9d5836c651b3bb0 \ --hash=sha256:f0a4641d3cf955324a89c04f3d94663aa4d638abe8f733ecd3582848e1c37035 MarkupSafe==1.1.1 \ --hash=sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473 \ --hash=sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161 \ --hash=sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235 \ --hash=sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5 \ --hash=sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42 \ --hash=sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff \ --hash=sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b \ --hash=sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1 \ --hash=sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e \ --hash=sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183 \ --hash=sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66 \ --hash=sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b \ --hash=sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1 \ --hash=sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15 \ --hash=sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1 \ --hash=sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e \ --hash=sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b \ --hash=sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905 \ --hash=sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735 \ --hash=sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d \ --hash=sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e \ --hash=sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d \ --hash=sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c \ --hash=sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21 \ --hash=sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2 \ --hash=sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5 \ --hash=sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b \ --hash=sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6 \ --hash=sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f \ --hash=sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f \ --hash=sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2 \ --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \ --hash=sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be ================================================ FILE: source/extensions/filters/network/kafka/response_codec.cc ================================================ #include "extensions/filters/network/kafka/response_codec.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { // Default implementation that just creates ResponseHeaderParser with dependencies provided. class ResponseInitialParserFactoryImpl : public ResponseInitialParserFactory { ResponseParserSharedPtr create(ExpectedResponsesSharedPtr expected_responses, const ResponseParserResolver& parser_resolver) const override { return std::make_shared(expected_responses, parser_resolver); } }; const ResponseInitialParserFactory& ResponseInitialParserFactory::getDefaultInstance() { CONSTRUCT_ON_FIRST_USE(ResponseInitialParserFactoryImpl); } void ResponseDecoder::expectResponse(const int32_t correlation_id, const int16_t api_key, const int16_t api_version) { (*expected_responses_)[correlation_id] = {api_key, api_version}; }; ResponseParserSharedPtr ResponseDecoder::createStartParser() { return factory_.create(expected_responses_, response_parser_resolver_); } void ResponseEncoder::encode(const AbstractResponse& message) { const uint32_t size = htobe32(message.computeSize()); output_.add(&size, sizeof(size)); // Encode data length. message.encode(output_); // Encode data. } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/response_codec.h ================================================ #pragma once #include "extensions/filters/network/kafka/codec.h" #include "extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { using ResponseCallback = MessageCallback; using ResponseCallbackSharedPtr = std::shared_ptr; /** * Provides initial parser for responses (class extracted to allow injecting test factories). */ class ResponseInitialParserFactory { public: virtual ~ResponseInitialParserFactory() = default; /** * Creates default instance that returns ResponseHeaderParser instances. */ static const ResponseInitialParserFactory& getDefaultInstance(); /** * Creates first parser in a chain with given dependencies (that will be used by parser further * along the parse process). */ virtual ResponseParserSharedPtr create(ExpectedResponsesSharedPtr expected_responses, const ResponseParserResolver& parser_resolver) const PURE; }; /** * Decoder that decodes Kafka responses. * When a response is decoded, the callbacks are notified, in order. * * This decoder uses chain of parsers to parse fragments of a response. * Each parser along the line returns the fully parsed message or the next parser. * Stores parse state (as large message's payload can be provided through multiple `onData` calls). * * As Kafka protocol does not carry response type data, it is necessary to register expected message * type beforehand with `expectResponse`. */ class ResponseDecoder : public AbstractMessageDecoder, public Logger::Loggable { public: /** * Creates a decoder that will notify provided callbacks when a message is successfully parsed. * @param callbacks callbacks to be invoked (in order). */ ResponseDecoder(const std::vector callbacks) : ResponseDecoder{ResponseInitialParserFactory::getDefaultInstance(), ResponseParserResolver::getDefaultInstance(), callbacks} {}; /** * Visible for testing. * Allows injecting initial parser factory and parser resolver. * @param factory parser factory to be used when new message is to be processed. * @param parserResolver supported parser resolver. * @param callbacks callbacks to be invoked (in order). */ ResponseDecoder(const ResponseInitialParserFactory& factory, const ResponseParserResolver& response_parser_resolver, const std::vector callbacks) : AbstractMessageDecoder{callbacks}, factory_{factory}, response_parser_resolver_{ response_parser_resolver} {}; /** * Registers an expected message. * The response's api key & version will be used to create corresponding payload parser when * message with the same correlation id is received. * @param correlation_id id of the response. * @param api_key expected api key of response with given correlation id. * @param api_version expected api version of response with given correlation id. */ virtual void expectResponse(const int32_t correlation_id, const int16_t api_key, const int16_t api_version); protected: ResponseParserSharedPtr createStartParser() override; private: const ResponseInitialParserFactory& factory_; const ResponseParserResolver& response_parser_resolver_; // Store containing expected response metadata (api key & version). // Response data is stored in order, as per Kafka protocol. const ExpectedResponsesSharedPtr expected_responses_ = std::make_shared(); }; using ResponseDecoderSharedPtr = std::shared_ptr; /** * Encodes responses into underlying buffer. */ class ResponseEncoder : public MessageEncoder { public: /** * Wraps buffer with encoder. */ ResponseEncoder(Buffer::Instance& output) : output_(output) {} /** * Encodes response into wrapped buffer. */ void encode(const AbstractResponse& message) override; private: Buffer::Instance& output_; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/serialization/generator.py ================================================ #!/usr/bin/python # Main library file containing all the composite deserializer logic. def generate_main_code(serialization_composite_h_file): """ Main code generator. Renders the header file for serialization composites. The location of output file is provided as argument. """ generate_code('serialization_composite_h.j2', serialization_composite_h_file) def generate_test_code(serialization_composite_test_cc_file): """ Test code generator. Renders the test file for serialization composites. The location of output file is provided as argument. """ generate_code('serialization_composite_test_cc.j2', serialization_composite_test_cc_file) def generate_code(template_name, output_file): """ Gets definition of structures to render. Then renders these structures using template provided into provided output file. """ field_counts = get_field_counts() template = RenderingHelper.get_template(template_name) contents = template.render(counts=field_counts) with open(output_file, 'w') as fd: fd.write(contents) def get_field_counts(): """ Generate argument counts that should be processed by composite deserializers. """ return range(1, 12) class RenderingHelper: """ Helper for jinja templates. """ @staticmethod def get_template(template): import jinja2 import os import sys # Templates are resolved relatively to main start script, due to main & test templates being # stored in different directories. env = jinja2.Environment(loader=jinja2.FileSystemLoader( searchpath=os.path.dirname(os.path.abspath(sys.argv[0])))) return env.get_template(template) ================================================ FILE: source/extensions/filters/network/kafka/serialization/launcher.py ================================================ #!/usr/bin/python # Launcher for generating composite serializer code. import source.extensions.filters.network.kafka.serialization.generator as generator import sys import os def main(): """ Serialization composite code generator ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Generates main source code files for composite deserializers. The files are generated, as they are extremely repetitive (composite deserializer for 0..9 sub-deserializers). Usage: launcher.py LOCATION_OF_OUTPUT_FILE where: LOCATION_OF_OUTPUT_FILE : location of 'serialization_composite.h'. Creates 'serialization_composite.h' - header with declarations of CompositeDeserializerWith???Delegates classes. Template used: 'serialization_composite_h.j2'. """ serialization_composite_h_file = os.path.abspath(sys.argv[1]) generator.generate_main_code(serialization_composite_h_file) if __name__ == "__main__": main() ================================================ FILE: source/extensions/filters/network/kafka/serialization/serialization_composite_h.j2 ================================================ {# Creates 'serialization_composite.h'. Template for composite serializers (the CompositeDeserializerWith_N_Delegates classes). Covers the corner case of 0 delegates, and then uses templating to create declarations for 1..N variants. #} #pragma once #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "common/common/byte_order.h" #include "common/common/fmt.h" #include "extensions/filters/network/kafka/kafka_types.h" #include "extensions/filters/network/kafka/serialization.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * This header contains only composite deserializers. * The basic design is composite deserializer creating delegates DeserializerType1..N. * Result of type ResponseType is constructed by getting results of each of delegates. * These deserializers can throw, if any of the delegate deserializers can. */ /** * Composite deserializer that uses 0 deserializer(s) (corner case). * Does not consume any bytes, and is always ready to return the result. * Creates a result value using the no-arg ResponseType constructor. * @param ResponseType type of deserialized data. */ template class CompositeDeserializerWith0Delegates : public Deserializer { public: CompositeDeserializerWith0Delegates(){}; uint32_t feed(absl::string_view&) override { return 0; } bool ready() const override { return true; } ResponseType get() const override { return {}; } }; {% for field_count in counts %} /** * Composite deserializer that uses {{ field_count }} deserializer(s). * Passes data to each of the underlying deserializers (deserializers that are already ready do not * consume data, so it's safe). * The composite deserializer is ready when the last deserializer is ready (what means that all * deserializers before it are ready too). * Constructs the result of type ResponseType using { delegate1_.get(), delegate2_.get() ... }. * * @param ResponseType type of deserialized data{% for field in range(1, field_count + 1) %}. * @param DeserializerType{{ field }} deserializer {{ field }}. {% endfor %} */ template < typename ResponseType{% for field in range(1, field_count + 1) %}, typename DeserializerType{{ field }}{% endfor %} > class CompositeDeserializerWith{{ field_count }}Delegates : public Deserializer { public: CompositeDeserializerWith{{ field_count }}Delegates(){}; uint32_t feed(absl::string_view& data) override { uint32_t consumed = 0; {% for field in range(1, field_count + 1) %} consumed += delegate{{ field }}_.feed(data); {% endfor %} return consumed; } bool ready() const override { return delegate{{ field_count }}_.ready(); } ResponseType get() const override { return { {% for field in range(1, field_count + 1) %}delegate{{ field }}_.get(), {% endfor %}}; } protected: {% for field in range(1, field_count + 1) %} DeserializerType{{ field }} delegate{{ field }}_; {% endfor %} }; {% endfor %} } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/serialization.cc ================================================ #include "extensions/filters/network/kafka/serialization.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { constexpr static int16_t NULL_STRING_LENGTH = -1; constexpr static uint32_t NULL_COMPACT_STRING_LENGTH = 0; constexpr static int32_t NULL_BYTES_LENGTH = -1; constexpr static uint32_t NULL_COMPACT_BYTES_LENGTH = 0; /** * Helper method for deserializers that get the length of data, and then copy the given bytes into a * local buffer. Templated as there are length and byte type differences. * Impl note: This method modifies (sets up) most of Deserializer's fields. * @param data bytes to deserialize. * @param length_deserializer payload length deserializer. * @param length_consumed_marker marker telling whether length has been extracted from * length_deserializer, and underlying buffer has been initialized. * @param required remaining bytes to consume. * @param data_buffer buffer with capacity for 'required' bytes. * @param ready marker telling whether this deserialized has finished processing. * @param null_value_length value marking null values. * @param allow_null_value whether null value if allowed. * @return number of bytes consumed. */ template uint32_t feedBytesIntoBuffers(absl::string_view& data, DeserializerType& length_deserializer, bool& length_consumed_marker, LengthType& required, std::vector& data_buffer, bool& ready, const LengthType null_value_length, const bool allow_null_value) { const uint32_t length_consumed = length_deserializer.feed(data); if (!length_deserializer.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_marker) { // Length buffer is ready, but we have not yet processed the result. // We need to extract the real data length and initialize buffer for it. required = length_deserializer.get(); if (required >= 0) { data_buffer = std::vector(required); } if (required == null_value_length) { if (allow_null_value) { // We have received 'null' value in deserializer that allows it (e.g. NullableBytes), no // more processing is necessary. ready = true; } else { // Invalid payload: null length for non-null object. throw EnvoyException(absl::StrCat("invalid length: ", required)); } } if (required < null_value_length) { throw EnvoyException(absl::StrCat("invalid length: ", required)); } length_consumed_marker = true; } if (ready) { // Break early: we might not need to consume any bytes for nullable values OR in case of repeat // invocation on already-ready buffer. return length_consumed; } const uint32_t data_consumed = std::min(required, data.size()); const uint32_t written = data_buffer.size() - required; if (data_consumed > 0) { memcpy(data_buffer.data() + written, data.data(), data_consumed); required -= data_consumed; data = {data.data() + data_consumed, data.size() - data_consumed}; } // We have consumed all the bytes, mark the deserializer as ready. if (required == 0) { ready = true; } return length_consumed + data_consumed; } uint32_t StringDeserializer::feed(absl::string_view& data) { return feedBytesIntoBuffers( data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_STRING_LENGTH, false); } uint32_t NullableStringDeserializer::feed(absl::string_view& data) { return feedBytesIntoBuffers( data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_STRING_LENGTH, true); } uint32_t BytesDeserializer::feed(absl::string_view& data) { return feedBytesIntoBuffers( data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_BYTES_LENGTH, false); } uint32_t NullableBytesDeserializer::feed(absl::string_view& data) { return feedBytesIntoBuffers( data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_BYTES_LENGTH, true); } /** * Helper method for "compact" deserializers that get the length of data, and then copy the given * bytes into a local buffer. Compared to `feedBytesIntoBuffers` we only use template for data type, * as compact data types always use variable-length uint32 for data length. * Impl note: This method modifies (sets up) most of Deserializer's fields. * @param data bytes to deserialize. * @param length_deserializer payload length deserializer. * @param length_consumed_marker marker telling whether length has been extracted from * length_deserializer, and underlying buffer has been initialized. * @param required remaining bytes to consume. * @param data_buffer buffer with capacity for 'required' bytes. * @param ready marker telling whether this deserialized has finished processing. * @param null_value_length value marking null values. * @param allow_null_value whether null value if allowed. * @return number of bytes consumed. */ template uint32_t feedCompactBytesIntoBuffers(absl::string_view& data, VarUInt32Deserializer& length_deserializer, bool& length_consumed_marker, uint32_t& required, std::vector& data_buffer, bool& ready, const uint32_t null_value_length, const bool allow_null_value) { const uint32_t length_consumed = length_deserializer.feed(data); if (!length_deserializer.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_marker) { // Length buffer is ready, but we have not yet processed the result. // We need to extract the real data length and initialize buffer for it. required = length_deserializer.get(); if (null_value_length == required) { if (allow_null_value) { // We have received 'null' value in deserializer that allows it (e.g. NullableCompactBytes), // no more processing is necessary. ready = true; } else { // Invalid payload: null length for non-null object. throw EnvoyException(absl::StrCat("invalid length: ", required)); } } else { // Compact data types carry data length + 1 (0 is used to mark 'null' in nullable types). required--; data_buffer = std::vector(required); } length_consumed_marker = true; } if (ready) { // Break early: we might not need to consume any bytes for nullable values OR in case of repeat // invocation on already-ready buffer. return length_consumed; } const uint32_t data_consumed = std::min(required, data.size()); const uint32_t written = data_buffer.size() - required; if (data_consumed > 0) { memcpy(data_buffer.data() + written, data.data(), data_consumed); required -= data_consumed; data = {data.data() + data_consumed, data.size() - data_consumed}; } // We have consumed all the bytes, mark the deserializer as ready. if (required == 0) { ready = true; } return length_consumed + data_consumed; } uint32_t CompactStringDeserializer::feed(absl::string_view& data) { return feedCompactBytesIntoBuffers(data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_COMPACT_STRING_LENGTH, false); } uint32_t NullableCompactStringDeserializer::feed(absl::string_view& data) { return feedCompactBytesIntoBuffers(data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_COMPACT_STRING_LENGTH, true); } NullableString NullableCompactStringDeserializer::get() const { const uint32_t original_data_len = length_buf_.get(); if (NULL_COMPACT_STRING_LENGTH == original_data_len) { return absl::nullopt; } else { return absl::make_optional(std::string(data_buf_.begin(), data_buf_.end())); } } uint32_t CompactBytesDeserializer::feed(absl::string_view& data) { return feedCompactBytesIntoBuffers(data, length_buf_, length_consumed_, required_, data_buf_, ready_, NULL_COMPACT_BYTES_LENGTH, false); } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/serialization.h ================================================ #pragma once #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "envoy/common/pure.h" #include "common/common/byte_order.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "extensions/filters/network/kafka/kafka_types.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Deserializer is a stateful entity that constructs a result of type T from bytes provided. * It can be feed()-ed data until it is ready, filling the internal store. * When ready(), it is safe to call get() to transform the internally stored bytes into result. * Further feed()-ing should have no effect on a buffer (should return 0 and not move * provided pointer). * @param T type of deserialized data. */ template class Deserializer { public: /** * The type this deserializer is deserializing. */ using result_type = T; virtual ~Deserializer() = default; /** * Submit data to be processed, will consume as much data as it is necessary. * If any bytes are consumed, then the provided string view is updated by stepping over consumed * bytes. Invoking this method when deserializer is ready has no effect (consumes 0 bytes). * @param data bytes to be processed, will be updated if any have been consumed. * @return number of bytes consumed (equal to change in 'data'). */ virtual uint32_t feed(absl::string_view& data) PURE; /** * Whether deserializer has consumed enough data to return result. */ virtual bool ready() const PURE; /** * Returns the entity that is represented by bytes stored in this deserializer. * Should be only called when deserializer is ready. */ virtual T get() const PURE; }; /** * Generic integer deserializer (uses array of sizeof(T) bytes). * After all bytes are filled in, the value is converted from network byte-order and returned. */ template class IntDeserializer : public Deserializer { public: uint32_t feed(absl::string_view& data) override { const uint32_t available = std::min(sizeof(buf_) - written_, data.size()); memcpy(buf_ + written_, data.data(), available); written_ += available; if (written_ == sizeof(buf_)) { ready_ = true; } data = {data.data() + available, data.size() - available}; return available; } bool ready() const override { return ready_; } protected: char buf_[sizeof(T) / sizeof(char)]; uint32_t written_{0}; bool ready_{false}; }; /** * Integer deserializer for int8_t. */ class Int8Deserializer : public IntDeserializer { public: int8_t get() const override { int8_t result; memcpy(&result, buf_, sizeof(result)); return result; } }; /** * Integer deserializer for int16_t. */ class Int16Deserializer : public IntDeserializer { public: int16_t get() const override { int16_t result; memcpy(&result, buf_, sizeof(result)); return be16toh(result); } }; /** * Integer deserializer for int32_t. */ class Int32Deserializer : public IntDeserializer { public: int32_t get() const override { int32_t result; memcpy(&result, buf_, sizeof(result)); return be32toh(result); } }; /** * Integer deserializer for uint32_t. */ class UInt32Deserializer : public IntDeserializer { public: uint32_t get() const override { uint32_t result; memcpy(&result, buf_, sizeof(result)); return be32toh(result); } }; /** * Integer deserializer for uint64_t. */ class Int64Deserializer : public IntDeserializer { public: int64_t get() const override { int64_t result; memcpy(&result, buf_, sizeof(result)); return be64toh(result); } }; /** * Deserializer for boolean values. * Uses a single int8 deserializer, and checks whether the results equals 0. * When reading a boolean value, any non-zero value is considered true. * Impl note: could have been a subclass of IntDeserializer with a different get function, * but it makes it harder to understand. */ class BooleanDeserializer : public Deserializer { public: BooleanDeserializer() = default; uint32_t feed(absl::string_view& data) override { return buffer_.feed(data); } bool ready() const override { return buffer_.ready(); } bool get() const override { return 0 != buffer_.get(); } private: Int8Deserializer buffer_; }; /** * Integer deserializer for uint32_t that was encoded as variable-length byte array. * Encoding documentation: * https://cwiki.apache.org/confluence/display/KAFKA/KIP-482%3A+The+Kafka+Protocol+should+Support+Optional+Tagged+Fields#KIP-482:TheKafkaProtocolshouldSupportOptionalTaggedFields-UnsignedVarints * * Impl note: * This implementation is equivalent to the one present in Kafka 2.4.0, what means that for 5-byte * inputs, the data at bits 5-7 in 5th byte are *ignored* (as long as 8th bit is unset). */ class VarUInt32Deserializer : public Deserializer { public: VarUInt32Deserializer() = default; uint32_t feed(absl::string_view& data) override { uint32_t processed = 0; while (!ready_ && !data.empty()) { // Read next byte from input. uint8_t el; memcpy(&el, data.data(), sizeof(uint8_t)); data = {data.data() + 1, data.size() - 1}; processed++; // Put the 7 bits where they should have been. // Impl note: the cast is done to avoid undefined behaviour when offset_ >= 28 and some bits // at positions 5-7 are set (we would have left shift of signed value that does not fit in // data type). result_ |= ((static_cast(el) & 0x7f) << offset_); if ((el & 0x80) == 0) { // If this was the last byte to process (what is marked by unset highest bit), we are done. ready_ = true; break; } else { // Otherwise, we need to read next byte. offset_ += 7; // Valid input can have at most 5 bytes. if (offset_ >= 5 * 7) { ExceptionUtil::throwEnvoyException( "VarUInt32 is too long (5th byte has highest bit set)"); } } } return processed; } bool ready() const override { return ready_; } uint32_t get() const override { return result_; } private: uint32_t result_ = 0; uint32_t offset_ = 0; bool ready_ = false; }; /** * Deserializer of string value. * First reads length (INT16) and then allocates the buffer of given length. * * From Kafka documentation: * First the length N is given as an INT16. * Then N bytes follow which are the UTF-8 encoding of the character sequence. * Length must not be negative. */ class StringDeserializer : public Deserializer { public: /** * Can throw EnvoyException if given string length is not valid. */ uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } std::string get() const override { return std::string(data_buf_.begin(), data_buf_.end()); } private: Int16Deserializer length_buf_; bool length_consumed_{false}; int16_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of compact string value. * First reads length (UNSIGNED_VARINT) and then allocates the buffer of given length. * * From Kafka documentation: * First the length N + 1 is given as an UNSIGNED_VARINT. * Then N bytes follow which are the UTF-8 encoding of the character sequence. */ class CompactStringDeserializer : public Deserializer { public: uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } std::string get() const override { return std::string(data_buf_.begin(), data_buf_.end()); } private: VarUInt32Deserializer length_buf_; bool length_consumed_{false}; uint32_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of nullable string value. * First reads length (INT16) and then allocates the buffer of given length. * If length was -1, buffer allocation is omitted and deserializer is immediately ready (returning * null value). * * From Kafka documentation: * For non-null strings, first the length N is given as an INT16. * Then N bytes follow which are the UTF-8 encoding of the character sequence. * A null value is encoded with length of -1 and there are no following bytes. */ class NullableStringDeserializer : public Deserializer { public: /** * Can throw EnvoyException if given string length is not valid. */ uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } NullableString get() const override { return required_ >= 0 ? absl::make_optional(std::string(data_buf_.begin(), data_buf_.end())) : absl::nullopt; } private: Int16Deserializer length_buf_; bool length_consumed_{false}; int16_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of nullable compact string value. * First reads length (UNSIGNED_VARINT) and then allocates the buffer of given length. * If length was 0, buffer allocation is omitted and deserializer is immediately ready (returning * null value). * * From Kafka documentation: * First the length N + 1 is given as an UNSIGNED_VARINT. * Then N bytes follow which are the UTF-8 encoding of the character sequence. * A null string is represented with a length of 0. */ class NullableCompactStringDeserializer : public Deserializer { public: uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } NullableString get() const override; private: VarUInt32Deserializer length_buf_; bool length_consumed_{false}; uint32_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of bytes value. * First reads length (INT32) and then allocates the buffer of given length. * * From Kafka documentation: * First the length N is given as an INT32. Then N bytes follow. */ class BytesDeserializer : public Deserializer { public: /** * Can throw EnvoyException if given bytes length is not valid. */ uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } Bytes get() const override { return data_buf_; } private: Int32Deserializer length_buf_; bool length_consumed_{false}; int32_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of compact bytes value. * First reads length (UNSIGNED_VARINT) and then allocates the buffer of given length. * * From Kafka documentation: * First the length N+1 is given as an UNSIGNED_VARINT. Then N bytes follow. */ class CompactBytesDeserializer : public Deserializer { public: /** * Can throw EnvoyException if given bytes length is not valid. */ uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } Bytes get() const override { return data_buf_; } private: VarUInt32Deserializer length_buf_; bool length_consumed_{false}; uint32_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer of nullable bytes value. * First reads length (INT32) and then allocates the buffer of given length. * If length was -1, buffer allocation is omitted and deserializer is immediately ready (returning * null value). * * From Kafka documentation: * For non-null values, first the length N is given as an INT32. Then N bytes follow. * A null value is encoded with length of -1 and there are no following bytes. */ class NullableBytesDeserializer : public Deserializer { public: /** * Can throw EnvoyException if given bytes length is not valid. */ uint32_t feed(absl::string_view& data) override; bool ready() const override { return ready_; } NullableBytes get() const override { return required_ >= 0 ? absl::make_optional(data_buf_) : absl::nullopt; } private: Int32Deserializer length_buf_; bool length_consumed_{false}; int32_t required_; std::vector data_buf_; bool ready_{false}; }; /** * Deserializer for array of objects of the same type. * * First reads the length of the array, then initializes N underlying deserializers of type * DeserializerType. After the last of N deserializers is ready, the results of each of them are * gathered and put in a vector. * @param DeserializerType underlying deserializer type. * * From Kafka documentation: * Represents a sequence of objects of a given type T. Type T can be either a primitive type (e.g. * STRING) or a structure. First, the length N is given as an int32_t. Then N instances of type T * follow. A null array is represented with a length of -1. */ template class ArrayDeserializer : public Deserializer> { public: using ResponseType = typename DeserializerType::result_type; /** * Can throw EnvoyException if array length is invalid or if underlying deserializer can throw. */ uint32_t feed(absl::string_view& data) override { const uint32_t length_consumed = length_buf_.feed(data); if (!length_buf_.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_) { required_ = length_buf_.get(); if (required_ >= 0) { children_ = std::vector(required_); } else { ExceptionUtil::throwEnvoyException(absl::StrCat("invalid ARRAY length: ", required_)); } length_consumed_ = true; } if (ready_) { return length_consumed; } uint32_t child_consumed{0}; for (DeserializerType& child : children_) { child_consumed += child.feed(data); } bool children_ready_ = true; for (DeserializerType& child : children_) { children_ready_ &= child.ready(); } ready_ = children_ready_; return length_consumed + child_consumed; } bool ready() const override { return ready_; } std::vector get() const override { std::vector result{}; result.reserve(children_.size()); for (const DeserializerType& child : children_) { const ResponseType child_result = child.get(); result.push_back(child_result); } return result; } private: Int32Deserializer length_buf_; bool length_consumed_{false}; int32_t required_; std::vector children_; bool children_setup_{false}; bool ready_{false}; }; /** * Deserializer for compact array of objects of the same type. * * First reads the length of the array, then initializes N underlying deserializers of type * DeserializerType. After the last of N deserializers is ready, the results of each of them are * gathered and put in a vector. * @param DeserializerType underlying deserializer type. * * From Kafka documentation: * Represents a sequence of objects of a given type T. Type T can be either a primitive type (e.g. * STRING) or a structure. First, the length N + 1 is given as an UNSIGNED_VARINT. Then N instances * of type T follow. A null array is represented with a length of 0. */ template class CompactArrayDeserializer : public Deserializer> { public: using ResponseType = typename DeserializerType::result_type; /** * Can throw EnvoyException if array length is invalid or if underlying deserializer can throw. */ uint32_t feed(absl::string_view& data) override { const uint32_t length_consumed = length_buf_.feed(data); if (!length_buf_.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_) { const uint32_t required = length_buf_.get(); if (required >= 1) { children_ = std::vector(required - 1); } else { ExceptionUtil::throwEnvoyException( absl::StrCat("invalid COMPACT_ARRAY length: ", required)); } length_consumed_ = true; } if (ready_) { return length_consumed; } uint32_t child_consumed{0}; for (DeserializerType& child : children_) { child_consumed += child.feed(data); } bool children_ready_ = true; for (DeserializerType& child : children_) { children_ready_ &= child.ready(); } ready_ = children_ready_; return length_consumed + child_consumed; } bool ready() const override { return ready_; } std::vector get() const override { std::vector result{}; result.reserve(children_.size()); for (const DeserializerType& child : children_) { const ResponseType child_result = child.get(); result.push_back(child_result); } return result; } private: VarUInt32Deserializer length_buf_; bool length_consumed_{false}; std::vector children_; bool children_setup_{false}; bool ready_{false}; }; /** * Deserializer for nullable array of objects of the same type. * * First reads the length of the array, then initializes N underlying deserializers of type * DeserializerType. After the last of N deserializers is ready, the results of each of them are * gathered and put in a vector. * @param DeserializerType underlying deserializer type. * * From Kafka documentation: * Represents a sequence of objects of a given type T. Type T can be either a primitive type (e.g. * STRING) or a structure. First, the length N is given as an int32_t. Then N instances of type T * follow. A null array is represented with a length of -1. */ template class NullableArrayDeserializer : public Deserializer> { public: using ResponseType = typename DeserializerType::result_type; /** * Can throw EnvoyException if array length is invalid or if underlying deserializer can throw. */ uint32_t feed(absl::string_view& data) override { const uint32_t length_consumed = length_buf_.feed(data); if (!length_buf_.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_) { required_ = length_buf_.get(); if (required_ >= 0) { children_ = std::vector(required_); } if (required_ == NULL_ARRAY_LENGTH) { ready_ = true; } if (required_ < NULL_ARRAY_LENGTH) { ExceptionUtil::throwEnvoyException( fmt::format("invalid NULLABLE_ARRAY length: {}", required_)); } length_consumed_ = true; } if (ready_) { return length_consumed; } uint32_t child_consumed{0}; for (DeserializerType& child : children_) { child_consumed += child.feed(data); } bool children_ready_ = true; for (DeserializerType& child : children_) { children_ready_ &= child.ready(); } ready_ = children_ready_; return length_consumed + child_consumed; } bool ready() const override { return ready_; } NullableArray get() const override { if (NULL_ARRAY_LENGTH != required_) { std::vector result{}; result.reserve(children_.size()); for (const DeserializerType& child : children_) { const ResponseType child_result = child.get(); result.push_back(child_result); } return result; } else { return absl::nullopt; } } private: constexpr static int32_t NULL_ARRAY_LENGTH{-1}; Int32Deserializer length_buf_; bool length_consumed_{false}; int32_t required_; std::vector children_; bool children_setup_{false}; bool ready_{false}; }; /** * Deserializer for compact nullable array of objects of the same type. * * First reads the length of the array, then initializes N underlying deserializers of type * DeserializerType. After the last of N deserializers is ready, the results of each of them are * gathered and put in a vector. * @param DeserializerType underlying deserializer type. * * From Kafka documentation: * Represents a sequence of objects of a given type T. Type T can be either a primitive type (e.g. * STRING) or a structure. First, the length N + 1 is given as an UNSIGNED_VARINT. Then N instances * of type T follow. A null array is represented with a length of 0. */ template class NullableCompactArrayDeserializer : public Deserializer> { public: using ResponseType = typename DeserializerType::result_type; /** * Can throw EnvoyException if array length is invalid or if underlying deserializer can throw. */ uint32_t feed(absl::string_view& data) override { const uint32_t length_consumed = length_buf_.feed(data); if (!length_buf_.ready()) { // Break early: we still need to fill in length buffer. return length_consumed; } if (!length_consumed_) { const uint32_t required = length_buf_.get(); // Length is unsigned, so we never throw exceptions. if (required >= 1) { children_ = std::vector(required - 1); } else { ready_ = true; } length_consumed_ = true; } if (ready_) { return length_consumed; } uint32_t child_consumed{0}; for (DeserializerType& child : children_) { child_consumed += child.feed(data); } bool children_ready_ = true; for (DeserializerType& child : children_) { children_ready_ &= child.ready(); } ready_ = children_ready_; return length_consumed + child_consumed; } bool ready() const override { return ready_; } NullableArray get() const override { if (NULL_ARRAY_LENGTH != length_buf_.get()) { std::vector result{}; result.reserve(children_.size()); for (const DeserializerType& child : children_) { const ResponseType child_result = child.get(); result.push_back(child_result); } return result; } else { return absl::nullopt; } } private: constexpr static int32_t NULL_ARRAY_LENGTH{0}; VarUInt32Deserializer length_buf_; bool length_consumed_{false}; std::vector children_; bool children_setup_{false}; bool ready_{false}; }; /** * Encodes provided argument in Kafka format. * In case of primitive types, this is done explicitly as per specification. * In case of composite types, this is done by calling 'encode' on provided argument. * * This object also carries extra information that is used while traversing the request * structure-tree during encoding (currently api_version, as different request versions serialize * differently). */ class EncodingContext { public: EncodingContext(int16_t api_version) : api_version_{api_version} {}; /** * Compute size of given reference, if it were to be encoded. * @return serialized size of argument. */ template uint32_t computeSize(const T& arg) const; /** * Compute size of given array, if it were to be encoded. * @return serialized size of argument. */ template uint32_t computeSize(const std::vector& arg) const; /** * Compute size of given nullable array, if it were to be encoded. * @return serialized size of argument. */ template uint32_t computeSize(const NullableArray& arg) const; /** * Compute size of given reference, if it were to be compactly encoded. * @return serialized size of argument. */ template uint32_t computeCompactSize(const T& arg) const; /** * Compute size of given array, if it were to be compactly encoded. * @return serialized size of argument. */ template uint32_t computeCompactSize(const std::vector& arg) const; /** * Compute size of given nullable array, if it were to be encoded. * @return serialized size of argument. */ template uint32_t computeCompactSize(const NullableArray& arg) const; /** * Encode given reference in a buffer. * @return bytes written */ template uint32_t encode(const T& arg, Buffer::Instance& dst); /** * Encode given array in a buffer. * @return bytes written */ template uint32_t encode(const std::vector& arg, Buffer::Instance& dst); /** * Encode given nullable array in a buffer. * @return bytes written */ template uint32_t encode(const NullableArray& arg, Buffer::Instance& dst); /** * Compactly encode given reference in a buffer. * @return bytes written. */ template uint32_t encodeCompact(const T& arg, Buffer::Instance& dst); /** * Compactly encode given array in a buffer. * @return bytes written. */ template uint32_t encodeCompact(const std::vector& arg, Buffer::Instance& dst); /** * Compactly encode given nullable array in a buffer. * @return bytes written. */ template uint32_t encodeCompact(const NullableArray& arg, Buffer::Instance& dst); int16_t apiVersion() const { return api_version_; } private: const int16_t api_version_; }; /** * For non-primitive types, call `computeSize` on them, to delegate the work to the entity itself. * The entity may use the information in context to decide which fields are included etc. */ template inline uint32_t EncodingContext::computeSize(const T& arg) const { return arg.computeSize(*this); } /** * For primitive types, Kafka size == sizeof(x). */ #define COMPUTE_SIZE_OF_NUMERIC_TYPE(TYPE) \ template <> constexpr uint32_t EncodingContext::computeSize(const TYPE&) const { \ return sizeof(TYPE); \ } COMPUTE_SIZE_OF_NUMERIC_TYPE(bool) COMPUTE_SIZE_OF_NUMERIC_TYPE(int8_t) COMPUTE_SIZE_OF_NUMERIC_TYPE(int16_t) COMPUTE_SIZE_OF_NUMERIC_TYPE(int32_t) COMPUTE_SIZE_OF_NUMERIC_TYPE(uint32_t) COMPUTE_SIZE_OF_NUMERIC_TYPE(int64_t) /** * Template overload for string. * Kafka String's size is INT16 for header + N bytes. */ template <> inline uint32_t EncodingContext::computeSize(const std::string& arg) const { return sizeof(int16_t) + arg.size(); } /** * Template overload for nullable string. * Kafka NullableString's size is INT16 for header + N bytes (N >= 0). */ template <> inline uint32_t EncodingContext::computeSize(const NullableString& arg) const { return sizeof(int16_t) + (arg ? arg->size() : 0); } /** * Template overload for byte array. * Kafka byte array size is INT32 for header + N bytes. */ template <> inline uint32_t EncodingContext::computeSize(const Bytes& arg) const { return sizeof(int32_t) + arg.size(); } /** * Template overload for nullable byte array. * Kafka nullable byte array size is INT32 for header + N bytes (N >= 0). */ template <> inline uint32_t EncodingContext::computeSize(const NullableBytes& arg) const { return sizeof(int32_t) + (arg ? arg->size() : 0); } /** * Template overload for Array of T. * The size of array is size of header and all of its elements. */ template inline uint32_t EncodingContext::computeSize(const std::vector& arg) const { uint32_t result = sizeof(int32_t); for (const T& el : arg) { result += computeSize(el); } return result; } /** * Template overload for NullableArray of T. * The size of array is size of header and all of its elements. */ template inline uint32_t EncodingContext::computeSize(const NullableArray& arg) const { return arg ? computeSize(*arg) : sizeof(int32_t); } /** * For non-primitive types, call `computeCompactSize` on them, to delegate the work to the entity * itself. The entity may use the information in context to decide which fields are included etc. */ template inline uint32_t EncodingContext::computeCompactSize(const T& arg) const { return arg.computeCompactSize(*this); } /** * Template overload for int32_t. * This data type is not compacted, so we just point to non-compact implementation. */ template <> inline uint32_t EncodingContext::computeCompactSize(const int32_t& arg) const { return computeSize(arg); } /** * Template overload for uint32_t. * For this data type, we notice that the result's length depends on whether there are any bits set * in groups (1-7, 8-14, 15-21, 22-28, 29-32). */ template <> inline uint32_t EncodingContext::computeCompactSize(const uint32_t& arg) const { if (arg <= 0x7f) /* 2^7-1 */ { return 1; } else if (arg <= 0x3fff) /* 2^14-1 */ { return 2; } else if (arg <= 0x1fffff) /* 2^21-1 */ { return 3; } else if (arg <= 0xfffffff) /* 2^28-1 */ { return 4; } else { return 5; } } /** * Template overload for compact string. * Kafka CompactString's size is var-len encoding of N+1 + N bytes. */ template <> inline uint32_t EncodingContext::computeCompactSize(const std::string& arg) const { return computeCompactSize(static_cast(arg.size()) + 1) + arg.size(); } /** * Template overload for compact nullable string. * Kafka CompactString's size is var-len encoding of N+1 + N bytes, or 1 otherwise (because we * var-length encode the length of 0). */ template <> inline uint32_t EncodingContext::computeCompactSize(const NullableString& arg) const { return arg ? computeCompactSize(*arg) : 1; } /** * Template overload for compact byte array. * Kafka CompactBytes' size is var-len encoding of N+1 + N bytes. */ template <> inline uint32_t EncodingContext::computeCompactSize(const Bytes& arg) const { return computeCompactSize(static_cast(arg.size()) + 1) + arg.size(); } /** * Template overload for CompactArray of T. * The size of array is compact size of header and all of its elements. */ template uint32_t EncodingContext::computeCompactSize(const std::vector& arg) const { uint32_t result = computeCompactSize(static_cast(arg.size()) + 1); for (const T& el : arg) { result += computeCompactSize(el); } return result; } /** * Template overload for CompactNullableArray of T. * The size of array is compact size of header and all of its elements; 1 otherwise (because we * var-length encode the length of 0). */ template uint32_t EncodingContext::computeCompactSize(const NullableArray& arg) const { return arg ? computeCompactSize(*arg) : 1; } /** * For non-primitive types, call `encode` on them, to delegate the serialization to the entity * itself. */ template inline uint32_t EncodingContext::encode(const T& arg, Buffer::Instance& dst) { return arg.encode(dst, *this); } /** * Template overload for int8_t. * Encode a single byte. */ template <> inline uint32_t EncodingContext::encode(const int8_t& arg, Buffer::Instance& dst) { dst.add(&arg, sizeof(int8_t)); return sizeof(int8_t); } /** * Template overload for int16_t, int32_t, uint32_t, int64_t. * Encode a N-byte integer, converting to network byte-order. */ #define ENCODE_NUMERIC_TYPE(TYPE, CONVERTER) \ template <> inline uint32_t EncodingContext::encode(const TYPE& arg, Buffer::Instance& dst) { \ const TYPE val = CONVERTER(arg); \ dst.add(&val, sizeof(TYPE)); \ return sizeof(TYPE); \ } ENCODE_NUMERIC_TYPE(int16_t, htobe16); ENCODE_NUMERIC_TYPE(int32_t, htobe32); ENCODE_NUMERIC_TYPE(uint32_t, htobe32); ENCODE_NUMERIC_TYPE(int64_t, htobe64); /** * Template overload for bool. * Encode boolean as a single byte. */ template <> inline uint32_t EncodingContext::encode(const bool& arg, Buffer::Instance& dst) { int8_t val = arg; dst.add(&val, sizeof(int8_t)); return sizeof(int8_t); } /** * Template overload for std::string. * Encode string as INT16 length + N bytes. */ template <> inline uint32_t EncodingContext::encode(const std::string& arg, Buffer::Instance& dst) { int16_t string_length = arg.length(); uint32_t header_length = encode(string_length, dst); dst.add(arg.c_str(), string_length); return header_length + string_length; } /** * Template overload for NullableString. * Encode nullable string as INT16 length + N bytes (length = -1 for null). */ template <> inline uint32_t EncodingContext::encode(const NullableString& arg, Buffer::Instance& dst) { if (arg.has_value()) { return encode(*arg, dst); } else { const int16_t len = -1; return encode(len, dst); } } /** * Template overload for Bytes. * Encode byte array as INT32 length + N bytes. */ template <> inline uint32_t EncodingContext::encode(const Bytes& arg, Buffer::Instance& dst) { const int32_t data_length = arg.size(); const uint32_t header_length = encode(data_length, dst); dst.add(arg.data(), arg.size()); return header_length + data_length; } /** * Template overload for NullableBytes. * Encode nullable byte array as INT32 length + N bytes (length = -1 for null value). */ template <> inline uint32_t EncodingContext::encode(const NullableBytes& arg, Buffer::Instance& dst) { if (arg.has_value()) { return encode(*arg, dst); } else { const int32_t len = -1; return encode(len, dst); } } /** * Encode nullable object array to T as INT32 length + N elements. * Each element of type T then serializes itself on its own. */ template uint32_t EncodingContext::encode(const std::vector& arg, Buffer::Instance& dst) { const NullableArray wrapped = {arg}; return encode(wrapped, dst); } /** * Encode nullable object array to T as INT32 length + N elements (length = -1 for null value). * Each element of type T then serializes itself on its own. */ template uint32_t EncodingContext::encode(const NullableArray& arg, Buffer::Instance& dst) { if (arg.has_value()) { const int32_t len = arg->size(); const uint32_t header_length = encode(len, dst); uint32_t written{0}; for (const T& el : *arg) { // For each of array elements, resolve the correct method again. // Elements could be primitives or complex types, so calling encode() on object won't work. written += encode(el, dst); } return header_length + written; } else { const int32_t len = -1; return encode(len, dst); } } /** * For non-primitive types, call `encodeCompact` on them, to delegate the serialization to the * entity itself. */ template inline uint32_t EncodingContext::encodeCompact(const T& arg, Buffer::Instance& dst) { return arg.encodeCompact(dst, *this); } /** * int32_t is not encoded in compact fashion, so we just delegate to normal implementation. */ template <> inline uint32_t EncodingContext::encodeCompact(const int32_t& arg, Buffer::Instance& dst) { return encode(arg, dst); } /** * Template overload for variable-length uint32_t (VAR_UINT). * Encode the value in 7-bit chunks + marker if field is the last one. * Details: * https://cwiki.apache.org/confluence/display/KAFKA/KIP-482%3A+The+Kafka+Protocol+should+Support+Optional+Tagged+Fields#KIP-482:TheKafkaProtocolshouldSupportOptionalTaggedFields-UnsignedVarints */ template <> inline uint32_t EncodingContext::encodeCompact(const uint32_t& arg, Buffer::Instance& dst) { uint32_t value = arg; uint32_t elements_with_1 = 0; // As long as there are bits set on indexes 8 or higher (counting from 1). while ((value & ~(0x7f)) != 0) { // Save next 7-bit batch with highest bit set. const uint8_t el = (value & 0x7f) | 0x80; dst.add(&el, sizeof(uint8_t)); value >>= 7; elements_with_1++; } // After the loop has finished, we are certain that bit 8 = 0, so we can just add final element. const uint8_t el = value; dst.add(&el, sizeof(uint8_t)); return elements_with_1 + 1; } /** * Template overload for std::string. * Encode string as VAR_UINT + N bytes. */ template <> inline uint32_t EncodingContext::encodeCompact(const std::string& arg, Buffer::Instance& dst) { const uint32_t string_length = arg.length(); const uint32_t header_length = encodeCompact(string_length + 1, dst); dst.add(arg.c_str(), string_length); return header_length + string_length; } /** * Template overload for NullableString. * Encode string as VAR_UINT + N bytes, or VAR_UINT 0 for null value. */ template <> inline uint32_t EncodingContext::encodeCompact(const NullableString& arg, Buffer::Instance& dst) { if (arg.has_value()) { return encodeCompact(*arg, dst); } else { const uint32_t len = 0; return encodeCompact(len, dst); } } /** * Template overload for Bytes. * Encode byte array as VAR_UINT + N bytes. */ template <> inline uint32_t EncodingContext::encodeCompact(const Bytes& arg, Buffer::Instance& dst) { const uint32_t data_length = arg.size(); const uint32_t header_length = encodeCompact(data_length + 1, dst); dst.add(arg.data(), data_length); return header_length + data_length; } /** * Encode object array of T as VAR_UINT + N elements. * Each element of type T then serializes itself on its own. */ template uint32_t EncodingContext::encodeCompact(const std::vector& arg, Buffer::Instance& dst) { const NullableArray wrapped = {arg}; return encodeCompact(wrapped, dst); } /** * Encode nullable object array of T as VAR_UINT + N elements, or VAR_UINT 0 for null value. * Each element of type T then serializes itself on its own. */ template uint32_t EncodingContext::encodeCompact(const NullableArray& arg, Buffer::Instance& dst) { if (arg.has_value()) { const uint32_t len = arg->size() + 1; const uint32_t header_length = encodeCompact(len, dst); uint32_t written{0}; for (const T& el : *arg) { written += encodeCompact(el, dst); } return header_length + written; } else { const uint32_t len = 0; return encodeCompact(len, dst); } } } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/kafka/tagged_fields.h ================================================ #pragma once #include #include "extensions/filters/network/kafka/serialization.h" /** * This header file provides serialization support for tagged fields structure added in 2.4. * https://github.com/apache/kafka/blob/2.4.0/clients/src/main/java/org/apache/kafka/common/protocol/types/TaggedFields.java * * Impl note: contrary to other compact data structures, data in tagged field does not have +1 in * data length. */ namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Kafka { /** * Simple data-holding structure. */ struct TaggedField { uint32_t tag_; std::vector data_; uint32_t computeCompactSize(const EncodingContext& encoder) const { uint32_t result{0}; result += encoder.computeCompactSize(tag_); result += encoder.computeCompactSize(static_cast(data_.size())); result += data_.size(); return result; } uint32_t encodeCompact(Buffer::Instance& dst, EncodingContext& encoder) const { uint32_t written{0}; written += encoder.encodeCompact(tag_, dst); written += encoder.encodeCompact(static_cast(data_.size()), dst); dst.add(data_.data(), data_.size()); written += data_.size(); return written; } bool operator==(const TaggedField& rhs) const { return tag_ == rhs.tag_ && data_ == rhs.data_; } }; /** * Deserializer responsible for extracting a TaggedField from data provided. */ class TaggedFieldDeserializer : public Deserializer { public: TaggedFieldDeserializer() = default; uint32_t feed(absl::string_view& data) override { uint32_t consumed = 0; consumed += tag_deserializer_.feed(data); consumed += length_deserializer_.feed(data); if (!length_deserializer_.ready()) { return consumed; } if (!length_consumed_) { required_ = length_deserializer_.get(); data_buffer_ = std::vector(required_); length_consumed_ = true; } const uint32_t data_consumed = std::min(required_, data.size()); const uint32_t written = data_buffer_.size() - required_; if (data_consumed > 0) { memcpy(data_buffer_.data() + written, data.data(), data_consumed); required_ -= data_consumed; data = {data.data() + data_consumed, data.size() - data_consumed}; } if (required_ == 0) { ready_ = true; } return consumed + data_consumed; }; bool ready() const override { return ready_; }; TaggedField get() const override { return {tag_deserializer_.get(), data_buffer_}; }; private: VarUInt32Deserializer tag_deserializer_; VarUInt32Deserializer length_deserializer_; bool length_consumed_{false}; uint32_t required_; std::vector data_buffer_; bool ready_{false}; }; /** * Aggregate of multiple TaggedField objects. */ struct TaggedFields { std::vector fields_; uint32_t computeCompactSize(const EncodingContext& encoder) const { uint32_t result{0}; result += encoder.computeCompactSize(static_cast(fields_.size())); for (const TaggedField& tagged_field : fields_) { result += tagged_field.computeCompactSize(encoder); } return result; } uint32_t encodeCompact(Buffer::Instance& dst, EncodingContext& encoder) const { uint32_t written{0}; written += encoder.encodeCompact(static_cast(fields_.size()), dst); for (const TaggedField& tagged_field : fields_) { written += tagged_field.encodeCompact(dst, encoder); } return written; } bool operator==(const TaggedFields& rhs) const { return fields_ == rhs.fields_; } }; /** * Deserializer responsible for extracting tagged fields from data provided. */ class TaggedFieldsDeserializer : public Deserializer { public: uint32_t feed(absl::string_view& data) override { const uint32_t count_consumed = count_deserializer_.feed(data); if (!count_deserializer_.ready()) { return count_consumed; } if (!children_setup_) { const uint32_t field_count = count_deserializer_.get(); children_ = std::vector(field_count); children_setup_ = true; } if (ready_) { return count_consumed; } uint32_t child_consumed{0}; for (TaggedFieldDeserializer& child : children_) { child_consumed += child.feed(data); } bool children_ready_ = true; for (TaggedFieldDeserializer& child : children_) { children_ready_ &= child.ready(); } ready_ = children_ready_; return count_consumed + child_consumed; }; bool ready() const override { return ready_; }; TaggedFields get() const override { std::vector fields{}; fields.reserve(children_.size()); for (const TaggedFieldDeserializer& child : children_) { const TaggedField child_result = child.get(); fields.push_back(child_result); } return {fields}; }; private: VarUInt32Deserializer count_deserializer_; std::vector children_; bool children_setup_ = false; bool ready_ = false; }; } // namespace Kafka } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/local_ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Local ratelimit L4 network filter # Public docs: docs/root/configuration/network_filters/local_rate_limit_filter.rst envoy_extension_package() envoy_cc_library( name = "local_ratelimit_lib", srcs = ["local_ratelimit.cc"], hdrs = ["local_ratelimit.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_macros", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/common/local_ratelimit:local_ratelimit_lib", "@envoy_api//envoy/extensions/filters/network/local_ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/local_ratelimit:local_ratelimit_lib", "@envoy_api//envoy/extensions/filters/network/local_ratelimit/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/local_ratelimit/config.cc ================================================ #include "extensions/filters/network/local_ratelimit/config.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.validate.h" #include "extensions/filters/network/local_ratelimit/local_ratelimit.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace LocalRateLimitFilter { Network::FilterFactoryCb LocalRateLimitConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::local_ratelimit::v3::LocalRateLimit& proto_config, Server::Configuration::FactoryContext& context) { ConfigSharedPtr filter_config( new Config(proto_config, context.dispatcher(), context.scope(), context.runtime())); return [filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared(filter_config)); }; } /** * Static registration for the local rate limit filter. @see RegisterFactory. */ REGISTER_FACTORY(LocalRateLimitConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace LocalRateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/local_ratelimit/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace LocalRateLimitFilter { /** * Config registration for the local rate limit filter. @see NamedNetworkFilterConfigFactory. */ class LocalRateLimitConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::local_ratelimit::v3::LocalRateLimit> { public: LocalRateLimitConfigFactory() : FactoryBase(NetworkFilterNames::get().LocalRateLimit) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::local_ratelimit::v3::LocalRateLimit& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace LocalRateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/local_ratelimit/local_ratelimit.cc ================================================ #include "extensions/filters/network/local_ratelimit/local_ratelimit.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace LocalRateLimitFilter { Config::Config( const envoy::extensions::filters::network::local_ratelimit::v3::LocalRateLimit& proto_config, Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::Loader& runtime) : rate_limiter_(Filters::Common::LocalRateLimit::LocalRateLimiterImpl( std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(proto_config.token_bucket(), fill_interval)), proto_config.token_bucket().max_tokens(), PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config.token_bucket(), tokens_per_fill, 1), dispatcher)), enabled_(proto_config.runtime_enabled(), runtime), stats_(generateStats(proto_config.stat_prefix(), scope)) {} LocalRateLimitStats Config::generateStats(const std::string& prefix, Stats::Scope& scope) { const std::string final_prefix = "local_rate_limit." + prefix; return {ALL_LOCAL_RATE_LIMIT_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } bool Config::canCreateConnection() { return rate_limiter_.requestAllowed(); } Network::FilterStatus Filter::onNewConnection() { if (!config_->enabled()) { ENVOY_CONN_LOG(trace, "local_rate_limit: runtime disabled", read_callbacks_->connection()); return Network::FilterStatus::Continue; } if (!config_->canCreateConnection()) { config_->stats().rate_limited_.inc(); ENVOY_CONN_LOG(trace, "local_rate_limit: rate limiting connection", read_callbacks_->connection()); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return Network::FilterStatus::StopIteration; } return Network::FilterStatus::Continue; } } // namespace LocalRateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/local_ratelimit/local_ratelimit.h ================================================ #pragma once #include "envoy/event/timer.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/stats_macros.h" #include "common/common/thread_synchronizer.h" #include "common/runtime/runtime_protos.h" #include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace LocalRateLimitFilter { /** * All local rate limit stats. @see stats_macros.h */ #define ALL_LOCAL_RATE_LIMIT_STATS(COUNTER) COUNTER(rate_limited) /** * Struct definition for all local rate limit stats. @see stats_macros.h */ struct LocalRateLimitStats { ALL_LOCAL_RATE_LIMIT_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration shared across all connections. Must be thread safe. */ class Config : Logger::Loggable { public: Config( const envoy::extensions::filters::network::local_ratelimit::v3::LocalRateLimit& proto_config, Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::Loader& runtime); bool canCreateConnection(); bool enabled() { return enabled_.enabled(); } LocalRateLimitStats& stats() { return stats_; } private: static LocalRateLimitStats generateStats(const std::string& prefix, Stats::Scope& scope); void onFillTimer(); Filters::Common::LocalRateLimit::LocalRateLimiterImpl rate_limiter_; Runtime::FeatureFlag enabled_; LocalRateLimitStats stats_; friend class LocalRateLimitTestBase; }; using ConfigSharedPtr = std::shared_ptr; /** * Per-connection local rate limit filter. */ class Filter : public Network::ReadFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr& config) : config_(config) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance&, bool) override { return Network::FilterStatus::Continue; } Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& read_callbacks) override { read_callbacks_ = &read_callbacks; } private: const ConfigSharedPtr config_; Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace LocalRateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Mongo proxy L4 network filter (observability and fault injection). # Public docs: docs/root/configuration/network_filters/mongo_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "bson_interface", hdrs = ["bson.h"], deps = ["//include/envoy/buffer:buffer_interface"], ) envoy_cc_library( name = "codec_interface", hdrs = ["codec.h"], deps = [":bson_interface"], ) envoy_cc_library( name = "bson_lib", srcs = ["bson_impl.cc"], hdrs = ["bson_impl.h"], deps = [ ":bson_interface", "//include/envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/common:byte_order_lib", "//source/common/common:hex_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "codec_lib", srcs = ["codec_impl.cc"], hdrs = ["codec_impl.h"], deps = [ ":bson_lib", ":codec_interface", "//include/envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "proxy_lib", srcs = ["proxy.cc"], hdrs = ["proxy.h"], deps = [ ":codec_interface", ":codec_lib", ":mongo_stats_lib", ":utility_lib", "//include/envoy/access_log:access_log_interface", "//include/envoy/common:time_interface", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:drain_decision_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/network:filter_lib", "//source/common/protobuf:utility_lib", "//source/common/singleton:const_singleton", "//source/extensions/filters/common/fault:fault_config_lib", "//source/extensions/filters/network:well_known_names", ], ) envoy_cc_library( name = "mongo_stats_lib", srcs = ["mongo_stats.cc"], hdrs = ["mongo_stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], deps = [ ":codec_interface", "//source/common/json:json_loader_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":proxy_lib", "//include/envoy/registry", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/mongo_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/mongo_proxy/bson.h ================================================ #pragma once #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { namespace Bson { /** * Implementation of http://bsonspec.org/spec.html */ class Document; using DocumentSharedPtr = std::shared_ptr; /** * A BSON document field. This is essentially a variably typed parameter that can be "cast" to * the correct type via the as*() functions. */ class Field { public: /** * Raw field type. */ enum class Type : uint8_t { Double = 0x01, String = 0x02, Document = 0x03, Array = 0x04, Binary = 0x05, ObjectId = 0x07, Boolean = 0x08, Datetime = 0x09, NullValue = 0x0A, Regex = 0x0B, Symbol = 0x0E, Int32 = 0x10, Timestamp = 0x11, Int64 = 0x12 }; /** * 12 byte ObjectId type. */ using ObjectId = std::array; /** * Regex type. */ struct Regex { bool operator==(const Regex& rhs) const { return pattern_ == rhs.pattern_ && options_ == rhs.options_; } std::string pattern_; std::string options_; }; virtual ~Field() = default; virtual double asDouble() const PURE; virtual const std::string& asString() const PURE; virtual const std::string& asSymbol() const PURE; virtual const Document& asDocument() const PURE; virtual const Document& asArray() const PURE; virtual const std::string& asBinary() const PURE; virtual const ObjectId& asObjectId() const PURE; virtual bool asBoolean() const PURE; virtual int64_t asDatetime() const PURE; virtual const Regex& asRegex() const PURE; virtual int32_t asInt32() const PURE; virtual int64_t asTimestamp() const PURE; virtual int64_t asInt64() const PURE; virtual int32_t byteSize() const PURE; virtual void encode(Buffer::Instance& output) const PURE; virtual const std::string& key() const PURE; virtual bool operator==(const Field& rhs) const PURE; virtual std::string toString() const PURE; virtual Type type() const PURE; }; using FieldPtr = std::unique_ptr; /** * A BSON document. add*() is used to add strongly typed fields. */ class Document { public: virtual ~Document() = default; virtual DocumentSharedPtr addDouble(const std::string& key, double value) PURE; virtual DocumentSharedPtr addString(const std::string& key, std::string&& value) PURE; virtual DocumentSharedPtr addSymbol(const std::string& key, std::string&& value) PURE; virtual DocumentSharedPtr addDocument(const std::string& key, DocumentSharedPtr value) PURE; virtual DocumentSharedPtr addArray(const std::string& key, DocumentSharedPtr value) PURE; virtual DocumentSharedPtr addBinary(const std::string& key, std::string&& value) PURE; virtual DocumentSharedPtr addObjectId(const std::string& key, Field::ObjectId&& value) PURE; virtual DocumentSharedPtr addBoolean(const std::string& key, bool value) PURE; virtual DocumentSharedPtr addDatetime(const std::string& key, int64_t value) PURE; virtual DocumentSharedPtr addNull(const std::string& key) PURE; virtual DocumentSharedPtr addRegex(const std::string& key, Field::Regex&& value) PURE; virtual DocumentSharedPtr addInt32(const std::string& key, int32_t value) PURE; virtual DocumentSharedPtr addTimestamp(const std::string& key, int64_t value) PURE; virtual DocumentSharedPtr addInt64(const std::string& key, int64_t value) PURE; virtual bool operator==(const Document& rhs) const PURE; virtual int32_t byteSize() const PURE; virtual void encode(Buffer::Instance& output) const PURE; virtual const Field* find(const std::string& name) const PURE; virtual const Field* find(const std::string& name, Field::Type type) const PURE; virtual std::string toString() const PURE; virtual const std::list& values() const PURE; }; } // namespace Bson } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/bson_impl.cc ================================================ #include "extensions/filters/network/mongo_proxy/bson_impl.h" #include #include #include #include "common/common/assert.h" #include "common/common/byte_order.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/common/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { namespace Bson { int32_t BufferHelper::peekInt32(Buffer::Instance& data) { if (data.length() < sizeof(int32_t)) { throw EnvoyException("invalid buffer size"); } int32_t val; void* mem = data.linearize(sizeof(int32_t)); std::memcpy(reinterpret_cast(&val), mem, sizeof(int32_t)); return le32toh(val); } uint8_t BufferHelper::removeByte(Buffer::Instance& data) { if (data.length() == 0) { throw EnvoyException("invalid buffer size"); } void* mem = data.linearize(sizeof(uint8_t)); uint8_t ret = *reinterpret_cast(mem); data.drain(sizeof(uint8_t)); return ret; } void BufferHelper::removeBytes(Buffer::Instance& data, uint8_t* out, size_t out_len) { if (data.length() < out_len) { throw EnvoyException("invalid buffer size"); } void* mem = data.linearize(out_len); std::memcpy(out, mem, out_len); data.drain(out_len); } std::string BufferHelper::removeCString(Buffer::Instance& data) { char end = '\0'; ssize_t index = data.search(&end, sizeof(end), 0); if (index == -1) { throw EnvoyException("invalid CString"); } char* start = reinterpret_cast(data.linearize(index + 1)); std::string ret(start); data.drain(index + 1); return ret; } double BufferHelper::removeDouble(Buffer::Instance& data) { ASSERT(sizeof(double) == 8); // There is not really official endian support for floating point so we unpack an 8 byte integer // into a union with a double. union { int64_t i; double d; } memory; static_assert(sizeof(memory.i) == sizeof(memory.d), "invalid type size"); memory.i = removeInt64(data); return memory.d; } int32_t BufferHelper::removeInt32(Buffer::Instance& data) { int32_t ret = peekInt32(data); data.drain(sizeof(int32_t)); return ret; } int64_t BufferHelper::removeInt64(Buffer::Instance& data) { if (data.length() < sizeof(int64_t)) { throw EnvoyException("invalid buffer size"); } int64_t val; void* mem = data.linearize(sizeof(int64_t)); std::memcpy(reinterpret_cast(&val), mem, sizeof(int64_t)); data.drain(sizeof(int64_t)); return le64toh(val); } std::string BufferHelper::removeString(Buffer::Instance& data) { int32_t length = removeInt32(data); if (static_cast(length) > data.length()) { throw EnvoyException("invalid buffer size"); } char* start = reinterpret_cast(data.linearize(length)); std::string ret(start); data.drain(length); return ret; } std::string BufferHelper::removeBinary(Buffer::Instance& data) { // Read out the subtype but do not store it for now. int32_t length = removeInt32(data); removeByte(data); if (static_cast(length) > data.length()) { throw EnvoyException("invalid buffer size"); } char* start = reinterpret_cast(data.linearize(length)); std::string ret(start, length); data.drain(length); return ret; } void BufferHelper::writeCString(Buffer::Instance& data, const std::string& value) { data.add(value.c_str(), value.size() + 1); } void BufferHelper::writeDouble(Buffer::Instance& data, double value) { // We need to hack converting a double into little endian. int64_t* to_write = reinterpret_cast(&value); writeInt64(data, *to_write); } void BufferHelper::writeInt32(Buffer::Instance& data, int32_t value) { value = htole32(value); data.add(&value, sizeof(value)); } void BufferHelper::writeInt64(Buffer::Instance& data, int64_t value) { value = htole64(value); data.add(&value, sizeof(value)); } void BufferHelper::writeString(Buffer::Instance& data, const std::string& value) { writeInt32(data, value.size() + 1); data.add(value.c_str(), value.size() + 1); } void BufferHelper::writeBinary(Buffer::Instance& data, const std::string& value) { // Right now we do not actually store the binary subtype and always use zero. writeInt32(data, value.size()); uint8_t subtype = 0; data.add(&subtype, sizeof(subtype)); data.add(value.c_str(), value.size()); } int32_t FieldImpl::byteSize() const { // 1 byte type, cstring key, field. int32_t total = 1 + key_.size() + 1; switch (type_) { case Type::Double: case Type::Datetime: case Type::Timestamp: case Type::Int64: { return total + 8; } case Type::String: case Type::Symbol: { return total + 4 + value_.string_value_.size() + 1; } case Type::Document: case Type::Array: { return total + value_.document_value_->byteSize(); } case Type::Binary: { return total + 5 + value_.string_value_.size(); } case Type::ObjectId: { return total + sizeof(ObjectId); } case Type::Boolean: { return total + 1; } case Type::NullValue: { return total; } case Type::Regex: { return total + value_.regex_value_.pattern_.size() + value_.regex_value_.options_.size() + 2; } case Type::Int32: { return total + 4; } } NOT_REACHED_GCOVR_EXCL_LINE; } void FieldImpl::encode(Buffer::Instance& output) const { output.add(&type_, sizeof(type_)); BufferHelper::writeCString(output, key_); switch (type_) { case Type::Double: { return BufferHelper::writeDouble(output, value_.double_value_); } case Type::String: case Type::Symbol: { return BufferHelper::writeString(output, value_.string_value_); } case Type::Document: case Type::Array: { return value_.document_value_->encode(output); } case Type::Binary: { return BufferHelper::writeBinary(output, value_.string_value_); } case Type::ObjectId: { return output.add(&value_.object_id_value_[0], value_.object_id_value_.size()); } case Type::Boolean: { uint8_t to_write = value_.bool_value_ ? 1 : 0; return output.add(&to_write, sizeof(to_write)); } case Type::Datetime: case Type::Timestamp: case Type::Int64: { return BufferHelper::writeInt64(output, value_.int64_value_); } case Type::NullValue: { return; } case Type::Regex: { BufferHelper::writeCString(output, value_.regex_value_.pattern_); return BufferHelper::writeCString(output, value_.regex_value_.options_); } case Type::Int32: return BufferHelper::writeInt32(output, value_.int32_value_); } NOT_REACHED_GCOVR_EXCL_LINE; } bool FieldImpl::operator==(const Field& rhs) const { if (type() != rhs.type()) { return false; } switch (type_) { case Type::Double: { return asDouble() == rhs.asDouble(); } case Type::String: { return asString() == rhs.asString(); } case Type::Symbol: { return asSymbol() == rhs.asSymbol(); } case Type::Document: { return asDocument() == rhs.asDocument(); } case Type::Array: { return asArray() == rhs.asArray(); } case Type::Binary: { return asBinary() == rhs.asBinary(); } case Type::ObjectId: { return asObjectId() == rhs.asObjectId(); } case Type::Boolean: { return asBoolean() == rhs.asBoolean(); } case Type::NullValue: { return true; } case Type::Regex: { return asRegex() == rhs.asRegex(); } case Type::Int32: { return asInt32() == rhs.asInt32(); } case Type::Datetime: { return asDatetime() == rhs.asDatetime(); } case Type::Timestamp: { return asTimestamp() == rhs.asTimestamp(); } case Type::Int64: { return asInt64() == rhs.asInt64(); } } NOT_REACHED_GCOVR_EXCL_LINE; } std::string FieldImpl::toString() const { switch (type_) { case Type::Double: { return std::to_string(value_.double_value_); } case Type::String: case Type::Symbol: case Type::Binary: { return fmt::format("\"{}\"", StringUtil::escape(value_.string_value_)); } case Type::Document: case Type::Array: { return value_.document_value_->toString(); } case Type::ObjectId: { return fmt::format("\"{}\"", Hex::encode(&value_.object_id_value_[0], value_.object_id_value_.size())); } case Type::Boolean: { return value_.bool_value_ ? "true" : "false"; } case Type::NullValue: { return "null"; } case Type::Regex: { return fmt::format("[\"{}\", \"{}\"]", value_.regex_value_.pattern_, value_.regex_value_.options_); } case Type::Int32: { return std::to_string(value_.int32_value_); } case Type::Datetime: case Type::Timestamp: case Type::Int64: { return std::to_string(value_.int64_value_); } } NOT_REACHED_GCOVR_EXCL_LINE; } void DocumentImpl::fromBuffer(Buffer::Instance& data) { uint64_t original_buffer_length = data.length(); int32_t message_length = BufferHelper::removeInt32(data); if (static_cast(message_length) > original_buffer_length) { throw EnvoyException("invalid BSON message length"); } ENVOY_LOG(trace, "BSON document length: {} data length: {}", message_length, original_buffer_length); while (true) { uint64_t document_bytes_remaining = data.length() - (original_buffer_length - message_length); ENVOY_LOG(trace, "BSON document bytes remaining: {}", document_bytes_remaining); if (document_bytes_remaining == 1) { uint8_t last_byte = BufferHelper::removeByte(data); if (last_byte != 0) { throw EnvoyException("invalid document"); } return; } uint8_t element_type = BufferHelper::removeByte(data); std::string key = BufferHelper::removeCString(data); ENVOY_LOG(trace, "BSON element type: {:#x} key: {}", element_type, key); switch (static_cast(element_type)) { case Field::Type::Double: { double value = BufferHelper::removeDouble(data); ENVOY_LOG(trace, "BSON double: {}", value); addDouble(key, value); break; } case Field::Type::String: { std::string value = BufferHelper::removeString(data); ENVOY_LOG(trace, "BSON string: {}", value); addString(key, std::move(value)); break; } case Field::Type::Symbol: { std::string value = BufferHelper::removeString(data); ENVOY_LOG(trace, "BSON symbol: {}", value); addSymbol(key, std::move(value)); break; } case Field::Type::Document: { ENVOY_LOG(trace, "BSON document"); addDocument(key, DocumentImpl::create(data)); break; } case Field::Type::Array: { ENVOY_LOG(trace, "BSON array"); addArray(key, DocumentImpl::create(data)); break; } case Field::Type::Binary: { std::string value = BufferHelper::removeBinary(data); ENVOY_LOG(trace, "BSON binary: {}", value); addBinary(key, std::move(value)); break; } case Field::Type::ObjectId: { Field::ObjectId value; BufferHelper::removeBytes(data, &value[0], value.size()); addObjectId(key, std::move(value)); break; } case Field::Type::Boolean: { const bool value = BufferHelper::removeByte(data) != 0; ENVOY_LOG(trace, "BSON boolean: {}", value); addBoolean(key, value); break; } case Field::Type::Datetime: { const int64_t value = BufferHelper::removeInt64(data); ENVOY_LOG(trace, "BSON datetime: {}", value); addDatetime(key, value); break; } case Field::Type::NullValue: { ENVOY_LOG(trace, "BSON null value"); addNull(key); break; } case Field::Type::Regex: { Field::Regex value; value.pattern_ = BufferHelper::removeCString(data); value.options_ = BufferHelper::removeCString(data); ENVOY_LOG(trace, "BSON regex pattern: {} options: {}", value.pattern_, value.options_); addRegex(key, std::move(value)); break; } case Field::Type::Int32: { int32_t value = BufferHelper::removeInt32(data); ENVOY_LOG(trace, "BSON int32: {}", value); addInt32(key, value); break; } case Field::Type::Timestamp: { int64_t value = BufferHelper::removeInt64(data); ENVOY_LOG(trace, "BSON timestamp: {}", value); addTimestamp(key, value); break; } case Field::Type::Int64: { int64_t value = BufferHelper::removeInt64(data); ENVOY_LOG(trace, "BSON int64: {}", value); addInt64(key, value); break; } default: throw EnvoyException( fmt::format("invalid BSON element type: {:#x} key: {}", element_type, key)); } } } int32_t DocumentImpl::byteSize() const { // Minimum size is 5. int32_t total_size = sizeof(int32_t) + 1; for (const FieldPtr& field : fields_) { total_size += field->byteSize(); } return total_size; } void DocumentImpl::encode(Buffer::Instance& output) const { BufferHelper::writeInt32(output, byteSize()); for (const FieldPtr& field : fields_) { field->encode(output); } uint8_t done = 0; output.add(&done, sizeof(done)); } bool DocumentImpl::operator==(const Document& rhs) const { if (values().size() != rhs.values().size()) { return false; } for (auto i1 = values().begin(), i2 = rhs.values().begin(); i1 != values().end(); i1++, i2++) { if (**i1 == **i2) { continue; } return false; } return true; } std::string DocumentImpl::toString() const { std::stringstream out; out << "{"; bool first = true; for (const FieldPtr& field : fields_) { if (!first) { out << ", "; } out << fmt::format("\"{}\": {}", field->key(), field->toString()); first = false; } out << "}"; return out.str(); } const Field* DocumentImpl::find(const std::string& name) const { for (const FieldPtr& field : fields_) { if (field->key() == name) { return field.get(); } } return nullptr; } const Field* DocumentImpl::find(const std::string& name, Field::Type type) const { for (const FieldPtr& field : fields_) { if (field->key() == name && field->type() == type) { return field.get(); } } return nullptr; } } // namespace Bson } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/bson_impl.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "extensions/filters/network/mongo_proxy/bson.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { namespace Bson { /** * IO helpers for reading/writing BSON data from/to a buffer. */ class BufferHelper { public: static int32_t peekInt32(Buffer::Instance& data); static uint8_t removeByte(Buffer::Instance& data); static void removeBytes(Buffer::Instance& data, uint8_t* out, size_t out_len); static std::string removeCString(Buffer::Instance& data); static double removeDouble(Buffer::Instance& data); static int32_t removeInt32(Buffer::Instance& data); static int64_t removeInt64(Buffer::Instance& data); static std::string removeString(Buffer::Instance& data); static std::string removeBinary(Buffer::Instance& data); static void writeCString(Buffer::Instance& data, const std::string& value); static void writeInt32(Buffer::Instance& data, int32_t value); static void writeInt64(Buffer::Instance& data, int64_t value); static void writeDouble(Buffer::Instance& data, double value); static void writeString(Buffer::Instance& data, const std::string& value); static void writeBinary(Buffer::Instance& data, const std::string& value); }; class FieldImpl : public Field { public: explicit FieldImpl(const std::string& key, double value) : type_(Type::Double), key_(key) { value_.double_value_ = value; } explicit FieldImpl(Type type, const std::string& key, std::string&& value) : type_(type), key_(key) { value_.string_value_ = std::move(value); } explicit FieldImpl(Type type, const std::string& key, DocumentSharedPtr value) : type_(type), key_(key) { value_.document_value_ = value; } explicit FieldImpl(const std::string& key, ObjectId&& value) : type_(Type::ObjectId), key_(key) { value_.object_id_value_ = std::move(value); } explicit FieldImpl(const std::string& key, bool value) : type_(Type::Boolean), key_(key) { value_.bool_value_ = value; } explicit FieldImpl(Type type, const std::string& key, int64_t value) : type_(type), key_(key) { value_.int64_value_ = value; } explicit FieldImpl(const std::string& key) : type_(Type::NullValue), key_(key) {} explicit FieldImpl(const std::string& key, Regex&& value) : type_(Type::Regex), key_(key) { value_.regex_value_ = std::move(value); } explicit FieldImpl(const std::string& key, int32_t value) : type_(Type::Int32), key_(key) { value_.int32_value_ = value; } // Bson::Field double asDouble() const override { checkType(Type::Double); return value_.double_value_; } const std::string& asString() const override { checkType(Type::String); return value_.string_value_; } const std::string& asSymbol() const override { checkType(Type::Symbol); return value_.string_value_; } const Document& asDocument() const override { checkType(Type::Document); return *value_.document_value_; } const Document& asArray() const override { checkType(Type::Array); return *value_.document_value_; } const std::string& asBinary() const override { checkType(Type::Binary); return value_.string_value_; } const ObjectId& asObjectId() const override { checkType(Type::ObjectId); return value_.object_id_value_; } bool asBoolean() const override { checkType(Type::Boolean); return value_.bool_value_; } int64_t asDatetime() const override { checkType(Type::Datetime); return value_.int64_value_; } const Regex& asRegex() const override { checkType(Type::Regex); return value_.regex_value_; } int32_t asInt32() const override { checkType(Type::Int32); return value_.int32_value_; } int64_t asTimestamp() const override { checkType(Type::Timestamp); return value_.int64_value_; } int64_t asInt64() const override { checkType(Type::Int64); return value_.int64_value_; } int32_t byteSize() const override; void encode(Buffer::Instance& output) const override; const std::string& key() const override { return key_; } bool operator==(const Field& rhs) const override; std::string toString() const override; Type type() const override { return type_; } private: void checkType(Type type) const { if (type_ != type) { ExceptionUtil::throwEnvoyException("invalid BSON field type cast"); } } /** * All of the possible variadic values that a field can be. * TODO(mattklein123): Make this a C++11 union to save a little space and time. */ struct Value { double double_value_; std::string string_value_; DocumentSharedPtr document_value_; Field::ObjectId object_id_value_; bool bool_value_; int32_t int32_value_; int64_t int64_value_; Regex regex_value_; }; Field::Type type_; std::string key_; Value value_; }; class DocumentImpl : public Document, Logger::Loggable, public std::enable_shared_from_this { public: static DocumentSharedPtr create() { return DocumentSharedPtr{new DocumentImpl()}; } static DocumentSharedPtr create(Buffer::Instance& data) { std::shared_ptr new_doc{new DocumentImpl()}; new_doc->fromBuffer(data); return new_doc; } // Mongo::Document DocumentSharedPtr addDouble(const std::string& key, double value) override { fields_.emplace_back(new FieldImpl(key, value)); return shared_from_this(); } DocumentSharedPtr addString(const std::string& key, std::string&& value) override { fields_.emplace_back(new FieldImpl(Field::Type::String, key, std::move(value))); return shared_from_this(); } DocumentSharedPtr addSymbol(const std::string& key, std::string&& value) override { fields_.emplace_back(new FieldImpl(Field::Type::Symbol, key, std::move(value))); return shared_from_this(); } DocumentSharedPtr addDocument(const std::string& key, DocumentSharedPtr value) override { fields_.emplace_back(new FieldImpl(Field::Type::Document, key, value)); return shared_from_this(); } DocumentSharedPtr addArray(const std::string& key, DocumentSharedPtr value) override { fields_.emplace_back(new FieldImpl(Field::Type::Array, key, value)); return shared_from_this(); } DocumentSharedPtr addBinary(const std::string& key, std::string&& value) override { fields_.emplace_back(new FieldImpl(Field::Type::Binary, key, std::move(value))); return shared_from_this(); } DocumentSharedPtr addObjectId(const std::string& key, Field::ObjectId&& value) override { fields_.emplace_back(new FieldImpl(key, std::move(value))); return shared_from_this(); } DocumentSharedPtr addBoolean(const std::string& key, bool value) override { fields_.emplace_back(new FieldImpl(key, value)); return shared_from_this(); } DocumentSharedPtr addDatetime(const std::string& key, int64_t value) override { fields_.emplace_back(new FieldImpl(Field::Type::Datetime, key, value)); return shared_from_this(); } DocumentSharedPtr addNull(const std::string& key) override { fields_.emplace_back(new FieldImpl(key)); return shared_from_this(); } DocumentSharedPtr addRegex(const std::string& key, Field::Regex&& value) override { fields_.emplace_back(new FieldImpl(key, std::move(value))); return shared_from_this(); } DocumentSharedPtr addInt32(const std::string& key, int32_t value) override { fields_.emplace_back(new FieldImpl(key, value)); return shared_from_this(); } DocumentSharedPtr addTimestamp(const std::string& key, int64_t value) override { fields_.emplace_back(new FieldImpl(Field::Type::Timestamp, key, value)); return shared_from_this(); } DocumentSharedPtr addInt64(const std::string& key, int64_t value) override { fields_.emplace_back(new FieldImpl(Field::Type::Int64, key, value)); return shared_from_this(); } bool operator==(const Document& rhs) const override; int32_t byteSize() const override; void encode(Buffer::Instance& output) const override; const Field* find(const std::string& name) const override; const Field* find(const std::string& name, Field::Type type) const override; std::string toString() const override; const std::list& values() const override { return fields_; } private: DocumentImpl() = default; void fromBuffer(Buffer::Instance& data); std::list fields_; }; } // namespace Bson } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/codec.h ================================================ #pragma once #include #include #include #include #include "extensions/filters/network/mongo_proxy/bson.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { /** * General implementation of https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/ */ /** * Base class for all mongo messages. */ class Message { public: enum class OpCode { Reply = 1, Msg = 1000, Update = 2001, Insert = 2002, Query = 2004, GetMore = 2005, Delete = 2006, KillCursors = 2007, Command = 2010, CommandReply = 2011 }; virtual ~Message() = default; virtual int32_t requestId() const PURE; virtual int32_t responseTo() const PURE; virtual std::string toString(bool full) const PURE; // Define some constants used in mongo messages encoding constexpr static uint32_t MessageHeaderSize = 16; constexpr static uint32_t Int32Length = 4; constexpr static uint32_t Int64Length = 8; constexpr static uint32_t StringPaddingLength = 1; }; /** * Mongo OP_GET_MORE message. */ class GetMoreMessage : public virtual Message { public: virtual bool operator==(const GetMoreMessage& rhs) const PURE; virtual const std::string& fullCollectionName() const PURE; virtual void fullCollectionName(const std::string& name) PURE; virtual int32_t numberToReturn() const PURE; virtual void numberToReturn(int32_t to_return) PURE; virtual int64_t cursorId() const PURE; virtual void cursorId(int64_t cursor_id) PURE; }; using GetMoreMessagePtr = std::unique_ptr; /** * Mongo OP_INSERT message. */ class InsertMessage : public virtual Message { public: virtual bool operator==(const InsertMessage& rhs) const PURE; virtual int32_t flags() const PURE; virtual void flags(int32_t flags) PURE; virtual const std::string& fullCollectionName() const PURE; virtual void fullCollectionName(const std::string& name) PURE; virtual const std::list& documents() const PURE; virtual std::list& documents() PURE; }; using InsertMessagePtr = std::unique_ptr; /** * Mongo OP_KILL_CURSORS message. */ class KillCursorsMessage : public virtual Message { public: virtual bool operator==(const KillCursorsMessage& rhs) const PURE; virtual int32_t numberOfCursorIds() const PURE; virtual void numberOfCursorIds(int32_t number_of_cursors_ids) PURE; virtual const std::vector& cursorIds() const PURE; virtual void cursorIds(std::vector&& cursors_ids) PURE; }; using KillCursorsMessagePtr = std::unique_ptr; /** * Mongo OP_QUERY message. */ class QueryMessage : public virtual Message { public: struct Flags { // clang-format off static const int32_t TailableCursor = 0x1 << 1; static const int32_t NoCursorTimeout = 0x1 << 4; static const int32_t AwaitData = 0x1 << 5; static const int32_t Exhaust = 0x1 << 6; // clang-format on }; virtual bool operator==(const QueryMessage& rhs) const PURE; virtual int32_t flags() const PURE; virtual void flags(int32_t flags) PURE; virtual const std::string& fullCollectionName() const PURE; virtual void fullCollectionName(const std::string& name) PURE; virtual int32_t numberToSkip() const PURE; virtual void numberToSkip(int32_t skip) PURE; virtual int32_t numberToReturn() const PURE; virtual void numberToReturn(int32_t to_return) PURE; virtual const Bson::Document* query() const PURE; virtual void query(Bson::DocumentSharedPtr&& query) PURE; virtual const Bson::Document* returnFieldsSelector() const PURE; virtual void returnFieldsSelector(Bson::DocumentSharedPtr&& fields) PURE; }; using QueryMessagePtr = std::unique_ptr; /** * Mongo OP_REPLY */ class ReplyMessage : public virtual Message { public: struct Flags { // clang-format off static const int32_t CursorNotFound = 0x1 << 0; static const int32_t QueryFailure = 0x1 << 1; // clang-format on }; virtual bool operator==(const ReplyMessage& rhs) const PURE; virtual int32_t flags() const PURE; virtual void flags(int32_t flags) PURE; virtual int64_t cursorId() const PURE; virtual void cursorId(int64_t cursor_id) PURE; virtual int32_t startingFrom() const PURE; virtual void startingFrom(int32_t starting_from) PURE; virtual int32_t numberReturned() const PURE; virtual void numberReturned(int32_t number_returned) PURE; virtual const std::list& documents() const PURE; virtual std::list& documents() PURE; }; using ReplyMessagePtr = std::unique_ptr; class CommandMessage : public virtual Message { public: // CommandMessage accessors. virtual bool operator==(const CommandMessage& rhs) const PURE; virtual std::string database() const PURE; virtual void database(std::string database) PURE; virtual std::string commandName() const PURE; virtual void commandName(std::string command_name) PURE; virtual const Bson::Document* metadata() const PURE; virtual void metadata(Bson::DocumentSharedPtr&& metadata) PURE; virtual const Bson::Document* commandArgs() const PURE; virtual void commandArgs(Bson::DocumentSharedPtr&& command_args) PURE; virtual const std::list& inputDocs() const PURE; virtual std::list& inputDocs() PURE; }; using CommandMessagePtr = std::unique_ptr; class CommandReplyMessage : public virtual Message { public: virtual bool operator==(const CommandReplyMessage& rhs) const PURE; virtual const Bson::Document* metadata() const PURE; virtual void metadata(Bson::DocumentSharedPtr&& metadata) PURE; virtual const Bson::Document* commandReply() const PURE; virtual void commandReply(Bson::DocumentSharedPtr&& command_reply) PURE; virtual const std::list& outputDocs() const PURE; virtual std::list& outputDocs() PURE; }; using CommandReplyMessagePtr = std::unique_ptr; /** * General callbacks for dispatching decoded mongo messages to a sink. */ class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; virtual void decodeGetMore(GetMoreMessagePtr&& message) PURE; virtual void decodeInsert(InsertMessagePtr&& message) PURE; virtual void decodeKillCursors(KillCursorsMessagePtr&& message) PURE; virtual void decodeQuery(QueryMessagePtr&& message) PURE; virtual void decodeReply(ReplyMessagePtr&& message) PURE; virtual void decodeCommand(CommandMessagePtr&& message) PURE; virtual void decodeCommandReply(CommandReplyMessagePtr&& message) PURE; }; /** * Mongo message decoder. */ class Decoder { public: virtual ~Decoder() = default; virtual void onData(Buffer::Instance& data) PURE; }; using DecoderPtr = std::unique_ptr; /** * Mongo message encoder. */ class Encoder { public: virtual ~Encoder() = default; virtual void encodeGetMore(const GetMoreMessage& message) PURE; virtual void encodeInsert(const InsertMessage& message) PURE; virtual void encodeKillCursors(const KillCursorsMessage& message) PURE; virtual void encodeQuery(const QueryMessage& message) PURE; virtual void encodeReply(const ReplyMessage& message) PURE; virtual void encodeCommand(const CommandMessage& message) PURE; virtual void encodeCommandReply(const CommandReplyMessage& message) PURE; }; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/codec_impl.cc ================================================ #include "extensions/filters/network/mongo_proxy/codec_impl.h" #include #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "extensions/filters/network/mongo_proxy/bson_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { std::string MessageImpl::documentListToString(const std::list& documents) const { std::stringstream out; out << "["; bool first = true; for (const Bson::DocumentSharedPtr& document : documents) { if (!first) { out << ", "; } out << document->toString(); first = false; } out << "]"; return out.str(); } void GetMoreMessageImpl::fromBuffer(uint32_t, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding get more message"); Bson::BufferHelper::removeInt32(data); // "zero" (unused) full_collection_name_ = Bson::BufferHelper::removeCString(data); number_to_return_ = Bson::BufferHelper::removeInt32(data); cursor_id_ = Bson::BufferHelper::removeInt64(data); ENVOY_LOG(trace, "{}", toString(true)); } bool GetMoreMessageImpl::operator==(const GetMoreMessage& rhs) const { return requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && fullCollectionName() == rhs.fullCollectionName() && numberToReturn() == rhs.numberToReturn() && cursorId() == rhs.cursorId(); } std::string GetMoreMessageImpl::toString(bool) const { return fmt::format( R"EOF({{"opcode": "OP_GET_MORE", "id": {}, "response_to": {}, "collection": "{}", "return": {}, )EOF" R"EOF("cursor": {}}})EOF", request_id_, response_to_, full_collection_name_, number_to_return_, cursor_id_); } void InsertMessageImpl::fromBuffer(uint32_t message_length, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding insert message"); uint64_t original_buffer_length = data.length(); ASSERT(message_length <= original_buffer_length); flags_ = Bson::BufferHelper::removeInt32(data); full_collection_name_ = Bson::BufferHelper::removeCString(data); while (data.length() - (original_buffer_length - message_length) > 0) { documents_.emplace_back(Bson::DocumentImpl::create(data)); } ENVOY_LOG(trace, "{}", toString(true)); } bool InsertMessageImpl::operator==(const InsertMessage& rhs) const { if (!(requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && flags() == rhs.flags() && fullCollectionName() == rhs.fullCollectionName() && documents().size() == rhs.documents().size())) { return false; } for (auto i = documents().begin(), j = rhs.documents().begin(); i != documents().end(); i++, j++) { if (!(**i == **j)) { return false; } } return true; } std::string InsertMessageImpl::toString(bool full) const { return fmt::format( R"EOF({{"opcode": "OP_INSERT", "id": {}, "response_to": {}, "flags": "{:#x}", "collection": "{}", )EOF" R"EOF("documents": {}}})EOF", request_id_, response_to_, flags_, full_collection_name_, full ? documentListToString(documents_) : std::to_string(documents_.size())); } void KillCursorsMessageImpl::fromBuffer(uint32_t, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding kill cursors message"); Bson::BufferHelper::removeInt32(data); // zero number_of_cursor_ids_ = Bson::BufferHelper::removeInt32(data); for (int32_t i = 0; i < number_of_cursor_ids_; i++) { cursor_ids_.push_back(Bson::BufferHelper::removeInt64(data)); } ENVOY_LOG(trace, "{}", toString(true)); } bool KillCursorsMessageImpl::operator==(const KillCursorsMessage& rhs) const { return requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && numberOfCursorIds() == rhs.numberOfCursorIds() && cursorIds() == rhs.cursorIds(); } std::string KillCursorsMessageImpl::toString(bool) const { std::stringstream cursors; cursors << "["; for (size_t i = 0; i < cursor_ids_.size(); i++) { if (i > 0) { cursors << ", "; } cursors << cursor_ids_[i]; } cursors << "]"; return fmt::format( R"EOF({{"opcode": "KILL_CURSORS", "id": {}, "response_to": "{:#x}", "num_cursors": "{}", )EOF" R"EOF("cursors": {}}})EOF", request_id_, response_to_, number_of_cursor_ids_, cursors.str()); } void QueryMessageImpl::fromBuffer(uint32_t message_length, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding query message"); uint64_t original_buffer_length = data.length(); ASSERT(message_length <= original_buffer_length); flags_ = Bson::BufferHelper::removeInt32(data); full_collection_name_ = Bson::BufferHelper::removeCString(data); number_to_skip_ = Bson::BufferHelper::removeInt32(data); number_to_return_ = Bson::BufferHelper::removeInt32(data); query_ = Bson::DocumentImpl::create(data); if (data.length() - (original_buffer_length - message_length) > 0) { return_fields_selector_ = Bson::DocumentImpl::create(data); } ENVOY_LOG(trace, "{}", toString(true)); } bool QueryMessageImpl::operator==(const QueryMessage& rhs) const { if (!(requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && flags() == rhs.flags() && fullCollectionName() == rhs.fullCollectionName() && numberToSkip() == rhs.numberToSkip() && numberToReturn() == rhs.numberToReturn() && !query() == !rhs.query() && !returnFieldsSelector() == !rhs.returnFieldsSelector())) { return false; } if (query()) { if (!(*query() == *rhs.query())) { return false; } } if (returnFieldsSelector()) { if (!(*returnFieldsSelector() == *rhs.returnFieldsSelector())) { return false; } } return true; } std::string QueryMessageImpl::toString(bool full) const { return fmt::format( R"EOF({{"opcode": "OP_QUERY", "id": {}, "response_to": {}, "flags": "{:#x}", "collection": "{}", )EOF" R"EOF("skip": {}, "return": {}, "query": {}, "fields": {}}})EOF", request_id_, response_to_, flags_, full_collection_name_, number_to_skip_, number_to_return_, full ? query_->toString() : "\"{...}\"", return_fields_selector_ ? return_fields_selector_->toString() : "{}"); } void ReplyMessageImpl::fromBuffer(uint32_t, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding reply message"); flags_ = Bson::BufferHelper::removeInt32(data); cursor_id_ = Bson::BufferHelper::removeInt64(data); starting_from_ = Bson::BufferHelper::removeInt32(data); number_returned_ = Bson::BufferHelper::removeInt32(data); for (int32_t i = 0; i < number_returned_; i++) { documents_.emplace_back(Bson::DocumentImpl::create(data)); } ENVOY_LOG(trace, "{}", toString(true)); } bool ReplyMessageImpl::operator==(const ReplyMessage& rhs) const { if (!(requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && flags() == rhs.flags() && cursorId() == rhs.cursorId() && startingFrom() == rhs.startingFrom() && numberReturned() == rhs.numberReturned())) { return false; } for (auto i = documents().begin(), j = rhs.documents().begin(); i != documents().end(); i++, j++) { if (!(**i == **j)) { return false; } } return true; } std::string ReplyMessageImpl::toString(bool full) const { return fmt::format( R"EOF({{"opcode": "OP_REPLY", "id": {}, "response_to": {}, "flags": "{:#x}", "cursor": "{}", )EOF" R"EOF("from": {}, "returned": {}, "documents": {}}})EOF", request_id_, response_to_, flags_, cursor_id_, starting_from_, number_returned_, full ? documentListToString(documents_) : std::to_string(documents_.size())); } /* * OP_COMMAND mongo message implementation. */ void CommandMessageImpl::fromBuffer(uint32_t message_length, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding COMMAND message"); const uint64_t original_data_length = data.length(); ASSERT(data.length() >= message_length); // See comment below about relationship. database_ = Bson::BufferHelper::removeCString(data); command_name_ = Bson::BufferHelper::removeCString(data); metadata_ = Bson::DocumentImpl::create(data); command_args_ = Bson::DocumentImpl::create(data); // There may be additional docs. // message_length is mongo message length. original_data_length contains // mongo message and possibly first few bytes of next message. while (data.length() - (original_data_length - message_length) > 0) { input_docs_.emplace_back(Bson::DocumentImpl::create(data)); } ENVOY_LOG(trace, "{}", toString(true)); } std::string CommandMessageImpl::toString(bool full) const { return fmt::format( R"EOF({{"opcode": "OP_COMMAND", "id": {}, "response_to": {}, "database": "{}", )EOF" R"EOF("commandName": "{}", "metadata": {}, )EOF" R"EOF("commandArgs": {}, "inputDocs": {}}})EOF", request_id_, response_to_, database_.c_str(), command_name_.c_str(), metadata_->toString(), command_args_->toString(), full ? documentListToString(input_docs_) : std::to_string(input_docs_.size())); } bool CommandMessageImpl::operator==(const CommandMessage& rhs) const { if (!(requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && database() == rhs.database() && commandName() == rhs.commandName() && !metadata() == !rhs.metadata() && !commandArgs() == !rhs.commandArgs() && inputDocs().size() == rhs.inputDocs().size())) { return false; } // Compare documents now. if (metadata()) { if (!(*metadata() == *rhs.metadata())) { return false; } } if (commandArgs()) { if (!(*commandArgs() == *rhs.commandArgs())) { return false; } } for (auto i = inputDocs().begin(), j = rhs.inputDocs().begin(); i != inputDocs().end(); i++, j++) { if (!(**i == **j)) { return false; } } return true; } // OP_COMMANDREPLY implementation. void CommandReplyMessageImpl::fromBuffer(uint32_t message_length, Buffer::Instance& data) { ENVOY_LOG(trace, "decoding COMMAND REPLY message"); const uint64_t original_data_length = data.length(); ASSERT(data.length() >= message_length); // See comment below about relationship. metadata_ = Bson::DocumentImpl::create(data); command_reply_ = Bson::DocumentImpl::create(data); // There may be additional docs. // message_length is mongo message length. original_data_length contains // mongo message and possibly first few bytes of next message. while (data.length() - (original_data_length - message_length) > 0) { output_docs_.emplace_back(Bson::DocumentImpl::create(data)); } ENVOY_LOG(trace, "{}", toString(true)); } std::string CommandReplyMessageImpl::toString(bool full) const { return fmt::format(R"EOF({{"opcode": "OP_COMMANDREPLY", "id": {}, "response_to": {}, )EOF" R"EOF("metadata": {}, "commandReply": {}, "outputDocs":{}}} )EOF", request_id_, response_to_, metadata_->toString(), command_reply_->toString(), full ? documentListToString(output_docs_) : std::to_string(output_docs_.size())); } bool CommandReplyMessageImpl::operator==(const CommandReplyMessage& rhs) const { if (!(requestId() == rhs.requestId() && responseTo() == rhs.responseTo() && !metadata() == !rhs.metadata() && !commandReply() == !rhs.commandReply() && outputDocs().size() == rhs.outputDocs().size())) { return false; } // Compare documents now. if (metadata()) { if (!(*metadata() == *rhs.metadata())) { return false; } } if (commandReply()) { if (!(*commandReply() == *rhs.commandReply())) { return false; } } for (auto i = outputDocs().begin(), j = rhs.outputDocs().begin(); i != outputDocs().end(); i++, j++) { if (!(**i == **j)) { return false; } } return true; } bool DecoderImpl::decode(Buffer::Instance& data) { // See if we have enough data for the message length. ENVOY_LOG(trace, "decoding {} bytes", data.length()); if (data.length() < sizeof(int32_t)) { return false; } uint32_t message_length = Bson::BufferHelper::peekInt32(data); ENVOY_LOG(trace, "message is {} bytes", message_length); if (data.length() < message_length) { return false; } data.drain(sizeof(int32_t)); int32_t request_id = Bson::BufferHelper::removeInt32(data); int32_t response_to = Bson::BufferHelper::removeInt32(data); Message::OpCode op_code = static_cast(Bson::BufferHelper::removeInt32(data)); ENVOY_LOG(trace, "message op: {}", static_cast(op_code)); // Some messages need to know how long they are to parse. Subtract the header that we have already // parsed off before passing the final value. message_length -= Message::MessageHeaderSize; switch (op_code) { case Message::OpCode::Reply: { std::unique_ptr message(new ReplyMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeReply(std::move(message)); break; } case Message::OpCode::Query: { std::unique_ptr message(new QueryMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeQuery(std::move(message)); break; } case Message::OpCode::GetMore: { std::unique_ptr message(new GetMoreMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeGetMore(std::move(message)); break; } case Message::OpCode::Insert: { std::unique_ptr message(new InsertMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeInsert(std::move(message)); break; } case Message::OpCode::KillCursors: { std::unique_ptr message( new KillCursorsMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeKillCursors(std::move(message)); break; } case Message::OpCode::Command: { std::unique_ptr message(new CommandMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeCommand(std::move(message)); break; } case Message::OpCode::CommandReply: { std::unique_ptr message( new CommandReplyMessageImpl(request_id, response_to)); message->fromBuffer(message_length, data); callbacks_.decodeCommandReply(std::move(message)); break; } default: throw EnvoyException(fmt::format("invalid mongo op {}", static_cast(op_code))); } ENVOY_LOG(trace, "{} bytes remaining after decoding", data.length()); return true; } void DecoderImpl::onData(Buffer::Instance& data) { while (data.length() > 0 && decode(data)) { } } void EncoderImpl::encodeCommonHeader(int32_t total_size, const Message& message, Message::OpCode op) { Bson::BufferHelper::writeInt32(output_, total_size); Bson::BufferHelper::writeInt32(output_, message.requestId()); Bson::BufferHelper::writeInt32(output_, message.responseTo()); Bson::BufferHelper::writeInt32(output_, static_cast(op)); } void EncoderImpl::encodeGetMore(const GetMoreMessage& message) { if (message.fullCollectionName().empty() || message.cursorId() == 0) { throw EnvoyException("invalid get more message"); } // https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/#op-get-more int32_t total_size = Message::MessageHeaderSize + Message::Int32Length + message.fullCollectionName().size() + Message::StringPaddingLength + Message::Int32Length + Message::Int64Length; encodeCommonHeader(total_size, message, Message::OpCode::GetMore); Bson::BufferHelper::writeInt32(output_, 0); Bson::BufferHelper::writeCString(output_, message.fullCollectionName()); Bson::BufferHelper::writeInt32(output_, message.numberToReturn()); Bson::BufferHelper::writeInt64(output_, message.cursorId()); } void EncoderImpl::encodeInsert(const InsertMessage& message) { if (message.fullCollectionName().empty() || message.documents().empty()) { throw EnvoyException("invalid insert message"); } // https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/#op-insert int32_t total_size = Message::MessageHeaderSize + Message::Int32Length + message.fullCollectionName().size() + Message::StringPaddingLength; for (const Bson::DocumentSharedPtr& document : message.documents()) { total_size += document->byteSize(); } encodeCommonHeader(total_size, message, Message::OpCode::Insert); Bson::BufferHelper::writeInt32(output_, message.flags()); Bson::BufferHelper::writeCString(output_, message.fullCollectionName()); for (const Bson::DocumentSharedPtr& document : message.documents()) { document->encode(output_); } } void EncoderImpl::encodeKillCursors(const KillCursorsMessage& message) { if (message.numberOfCursorIds() == 0 || message.numberOfCursorIds() != static_cast(message.cursorIds().size())) { throw EnvoyException("invalid kill cursors message"); } // https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/#op-kill-cursors int32_t total_size = Message::MessageHeaderSize + 2 * Message::Int32Length + (message.numberOfCursorIds() * 8); encodeCommonHeader(total_size, message, Message::OpCode::KillCursors); Bson::BufferHelper::writeInt32(output_, 0); Bson::BufferHelper::writeInt32(output_, message.numberOfCursorIds()); for (int64_t cursor : message.cursorIds()) { Bson::BufferHelper::writeInt64(output_, cursor); } } void EncoderImpl::encodeQuery(const QueryMessage& message) { if (message.fullCollectionName().empty() || !message.query()) { throw EnvoyException("invalid query message"); } // https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/#op-query int32_t total_size = Message::MessageHeaderSize + 3 * Message::Int32Length + message.fullCollectionName().size() + Message::StringPaddingLength + message.query()->byteSize(); if (message.returnFieldsSelector()) { total_size += message.returnFieldsSelector()->byteSize(); } encodeCommonHeader(total_size, message, Message::OpCode::Query); Bson::BufferHelper::writeInt32(output_, message.flags()); Bson::BufferHelper::writeCString(output_, message.fullCollectionName()); Bson::BufferHelper::writeInt32(output_, message.numberToSkip()); Bson::BufferHelper::writeInt32(output_, message.numberToReturn()); message.query()->encode(output_); if (message.returnFieldsSelector()) { message.returnFieldsSelector()->encode(output_); } } void EncoderImpl::encodeReply(const ReplyMessage& message) { // https://docs.mongodb.org/manual/reference/mongodb-wire-protocol/#op-reply int32_t total_size = Message::MessageHeaderSize + 3 * Message::Int32Length + Message::Int64Length; for (const Bson::DocumentSharedPtr& document : message.documents()) { total_size += document->byteSize(); } encodeCommonHeader(total_size, message, Message::OpCode::Reply); Bson::BufferHelper::writeInt32(output_, message.flags()); Bson::BufferHelper::writeInt64(output_, message.cursorId()); Bson::BufferHelper::writeInt32(output_, message.startingFrom()); Bson::BufferHelper::writeInt32(output_, message.numberReturned()); for (const Bson::DocumentSharedPtr& document : message.documents()) { document->encode(output_); } } void EncoderImpl::encodeCommand(const CommandMessage& message) { int32_t total_size = Message::MessageHeaderSize; total_size += message.database().size() + Message::StringPaddingLength; total_size += message.commandName().size() + Message::StringPaddingLength; total_size += message.metadata()->byteSize(); total_size += message.commandArgs()->byteSize(); for (const Bson::DocumentSharedPtr& document : message.inputDocs()) { total_size += document->byteSize(); } // Now encode. encodeCommonHeader(total_size, message, Message::OpCode::Command); Bson::BufferHelper::writeCString(output_, message.database()); Bson::BufferHelper::writeCString(output_, message.commandName()); message.metadata()->encode(output_); message.commandArgs()->encode(output_); for (const Bson::DocumentSharedPtr& document : message.inputDocs()) { document->encode(output_); } } void EncoderImpl::encodeCommandReply(const CommandReplyMessage& message) { int32_t total_size = Message::MessageHeaderSize; total_size += message.metadata()->byteSize(); total_size += message.commandReply()->byteSize(); for (const Bson::DocumentSharedPtr& document : message.outputDocs()) { total_size += document->byteSize(); } // Now encode. encodeCommonHeader(total_size, message, Message::OpCode::CommandReply); message.metadata()->encode(output_); message.commandReply()->encode(output_); for (const Bson::DocumentSharedPtr& document : message.outputDocs()) { document->encode(output_); } } } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/codec_impl.h ================================================ #pragma once #include #include #include #include #include "common/common/logger.h" #include "extensions/filters/network/mongo_proxy/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { class MessageImpl : public virtual Message { public: MessageImpl(int32_t request_id, uint32_t response_to) : request_id_(request_id), response_to_(response_to) {} virtual void fromBuffer(uint32_t message_length, Buffer::Instance& data) PURE; // Mongo::Message int32_t requestId() const override { return request_id_; } int32_t responseTo() const override { return response_to_; } protected: std::string documentListToString(const std::list& documents) const; const int32_t request_id_; const int32_t response_to_; }; class GetMoreMessageImpl : public MessageImpl, public GetMoreMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; // Mongo::Message std::string toString(bool full) const override; // Mongo::GetMoreMessage bool operator==(const GetMoreMessage& rhs) const override; const std::string& fullCollectionName() const override { return full_collection_name_; } void fullCollectionName(const std::string& name) override { full_collection_name_ = name; } int32_t numberToReturn() const override { return number_to_return_; } void numberToReturn(int32_t to_return) override { number_to_return_ = to_return; } int64_t cursorId() const override { return cursor_id_; } void cursorId(int64_t cursor_id) override { cursor_id_ = cursor_id; } private: std::string full_collection_name_; int32_t number_to_return_{}; int64_t cursor_id_{}; }; class InsertMessageImpl : public MessageImpl, public InsertMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; // Mongo::Message std::string toString(bool full) const override; // Mongo::InsertMessage bool operator==(const InsertMessage& rhs) const override; int32_t flags() const override { return flags_; } void flags(int32_t flags) override { flags_ = flags; } const std::string& fullCollectionName() const override { return full_collection_name_; } void fullCollectionName(const std::string& name) override { full_collection_name_ = name; } const std::list& documents() const override { return documents_; } std::list& documents() override { return documents_; } private: int32_t flags_{}; std::string full_collection_name_; std::list documents_; }; class KillCursorsMessageImpl : public MessageImpl, public KillCursorsMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; // Mongo::Message std::string toString(bool full) const override; // Mongo::KillCursorsMessage bool operator==(const KillCursorsMessage& rhs) const override; int32_t numberOfCursorIds() const override { return number_of_cursor_ids_; } void numberOfCursorIds(int32_t number_of_cursor_ids) override { number_of_cursor_ids_ = number_of_cursor_ids; } const std::vector& cursorIds() const override { return cursor_ids_; } void cursorIds(std::vector&& cursor_ids) override { cursor_ids_ = std::move(cursor_ids); } private: int32_t number_of_cursor_ids_{}; std::vector cursor_ids_; }; class QueryMessageImpl : public MessageImpl, public QueryMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; // Mongo::Message std::string toString(bool full) const override; // Mongo::QueryMessage bool operator==(const QueryMessage& rhs) const override; int32_t flags() const override { return flags_; } void flags(int32_t flags) override { flags_ = flags; } const std::string& fullCollectionName() const override { return full_collection_name_; } void fullCollectionName(const std::string& name) override { full_collection_name_ = name; } int32_t numberToSkip() const override { return number_to_skip_; } void numberToSkip(int32_t skip) override { number_to_skip_ = skip; } int32_t numberToReturn() const override { return number_to_return_; } void numberToReturn(int32_t to_return) override { number_to_return_ = to_return; } const Bson::Document* query() const override { return query_.get(); } void query(Bson::DocumentSharedPtr&& query) override { query_ = std::move(query); } const Bson::Document* returnFieldsSelector() const override { return return_fields_selector_.get(); } void returnFieldsSelector(Bson::DocumentSharedPtr&& fields) override { return_fields_selector_ = std::move(fields); } private: int32_t flags_{}; std::string full_collection_name_; int32_t number_to_skip_{}; int32_t number_to_return_{}; Bson::DocumentSharedPtr query_; Bson::DocumentSharedPtr return_fields_selector_; }; class ReplyMessageImpl : public MessageImpl, public ReplyMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; // Mongo::Message std::string toString(bool full) const override; // Mongo::ReplyMessage bool operator==(const ReplyMessage& rhs) const override; int32_t flags() const override { return flags_; } void flags(int32_t flags) override { flags_ = flags; } int64_t cursorId() const override { return cursor_id_; } void cursorId(int64_t cursor_id) override { cursor_id_ = cursor_id; } int32_t startingFrom() const override { return starting_from_; } void startingFrom(int32_t starting_from) override { starting_from_ = starting_from; } int32_t numberReturned() const override { return number_returned_; } void numberReturned(int32_t number_returned) override { number_returned_ = number_returned; } const std::list& documents() const override { return documents_; } std::list& documents() override { return documents_; } private: int32_t flags_{}; int64_t cursor_id_{}; int32_t starting_from_{}; int32_t number_returned_{}; std::list documents_; }; // OP_COMMAND message. class CommandMessageImpl : public MessageImpl, public CommandMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl. void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; std::string toString(bool full) const override; // CommandMessageImpl accessors. bool operator==(const CommandMessage& rhs) const override; std::string database() const override { return database_; } void database(std::string database) override { database_ = database; } std::string commandName() const override { return command_name_; } void commandName(std::string command_name) override { command_name_ = command_name; } const Bson::Document* metadata() const override { return metadata_.get(); } void metadata(Bson::DocumentSharedPtr&& metadata) override { metadata_ = std::move(metadata); } const Bson::Document* commandArgs() const override { return command_args_.get(); } void commandArgs(Bson::DocumentSharedPtr&& command_args) override { command_args_ = std::move(command_args); } const std::list& inputDocs() const override { return input_docs_; } std::list& inputDocs() override { return input_docs_; } private: std::string database_; std::string command_name_; Bson::DocumentSharedPtr metadata_; Bson::DocumentSharedPtr command_args_; std::list input_docs_; }; // OP_COMMANDREPLY message. class CommandReplyMessageImpl : public MessageImpl, public CommandReplyMessage, Logger::Loggable { public: using MessageImpl::MessageImpl; // MessageImpl. void fromBuffer(uint32_t message_length, Buffer::Instance& data) override; std::string toString(bool full) const override; // CommandMessageReplyImpl accessors. bool operator==(const CommandReplyMessage& rhs) const override; const Bson::Document* metadata() const override { return metadata_.get(); } void metadata(Bson::DocumentSharedPtr&& metadata) override { metadata_ = std::move(metadata); } const Bson::Document* commandReply() const override { return command_reply_.get(); } void commandReply(Bson::DocumentSharedPtr&& command_reply) override { command_reply_ = std::move(command_reply); } const std::list& outputDocs() const override { return output_docs_; } std::list& outputDocs() override { return output_docs_; } private: Bson::DocumentSharedPtr metadata_; Bson::DocumentSharedPtr command_reply_; std::list output_docs_; }; class DecoderImpl : public Decoder, Logger::Loggable { public: DecoderImpl(DecoderCallbacks& callbacks) : callbacks_(callbacks) {} // Mongo::Decoder void onData(Buffer::Instance& data) override; private: bool decode(Buffer::Instance& data); DecoderCallbacks& callbacks_; }; class EncoderImpl : public Encoder, Logger::Loggable { public: EncoderImpl(Buffer::Instance& output) : output_(output) {} // Mongo::Encoder void encodeGetMore(const GetMoreMessage& message) override; void encodeInsert(const InsertMessage& message) override; void encodeKillCursors(const KillCursorsMessage& message) override; void encodeQuery(const QueryMessage& message) override; void encodeReply(const ReplyMessage& message) override; void encodeCommand(const CommandMessage& message) override; void encodeCommandReply(const CommandReplyMessage& message) override; private: void encodeCommonHeader(int32_t total_size, const Message& message, Message::OpCode op); Buffer::Instance& output_; }; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/config.cc ================================================ #include "extensions/filters/network/mongo_proxy/config.h" #include #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.h" #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" #include "common/common/fmt.h" #include "extensions/filters/network/mongo_proxy/proxy.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { Network::FilterFactoryCb MongoProxyFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::mongo_proxy::v3::MongoProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); const std::string stat_prefix = fmt::format("mongo.{}", proto_config.stat_prefix()); AccessLogSharedPtr access_log; if (!proto_config.access_log().empty()) { access_log = std::make_shared(proto_config.access_log(), context.accessLogManager(), context.dispatcher().timeSource()); } Filters::Common::Fault::FaultDelayConfigSharedPtr fault_config; if (proto_config.has_delay()) { fault_config = std::make_shared(proto_config.delay()); } auto stats = std::make_shared(context.scope(), stat_prefix); const bool emit_dynamic_metadata = proto_config.emit_dynamic_metadata(); return [stat_prefix, &context, access_log, fault_config, emit_dynamic_metadata, stats](Network::FilterManager& filter_manager) -> void { filter_manager.addFilter(std::make_shared( stat_prefix, context.scope(), context.runtime(), access_log, fault_config, context.drainDecision(), context.dispatcher().timeSource(), emit_dynamic_metadata, stats)); }; } /** * Static registration for the mongo filter. @see RegisterFactory. */ REGISTER_FACTORY(MongoProxyFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.mongo_proxy"}; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/config.h ================================================ #pragma once #include #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.h" #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { /** * Config registration for the mongo proxy filter. @see NamedNetworkFilterConfigFactory. */ class MongoProxyFilterConfigFactory : public Common::FactoryBase { public: MongoProxyFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().MongoProxy) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::mongo_proxy::v3::MongoProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/mongo_stats.cc ================================================ #include "extensions/filters/network/mongo_proxy/mongo_stats.h" #include #include #include #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { MongoStats::MongoStats(Stats::Scope& scope, absl::string_view prefix) : scope_(scope), stat_name_set_(scope.symbolTable().makeSet("Mongo")), prefix_(stat_name_set_->add(prefix)), callsite_(stat_name_set_->add("callsite")), cmd_(stat_name_set_->add("cmd")), collection_(stat_name_set_->add("collection")), multi_get_(stat_name_set_->add("multi_get")), reply_num_docs_(stat_name_set_->add("reply_num_docs")), reply_size_(stat_name_set_->add("reply_size")), reply_time_ms_(stat_name_set_->add("reply_time_ms")), time_ms_(stat_name_set_->add("time_ms")), query_(stat_name_set_->add("query")), scatter_get_(stat_name_set_->add("scatter_get")), total_(stat_name_set_->add("total")), unknown_command_(stat_name_set_->add("unknown_command")) { // TODO(jmarantz): is this the right set of mongo commands to use as builtins? // Should we also have builtins for callsites or collections, or do those need // to be dynamic? stat_name_set_->rememberBuiltins({"insert", "query", "update", "delete"}); } Stats::ElementVec MongoStats::addPrefix(const Stats::ElementVec& names) { Stats::ElementVec names_with_prefix; names_with_prefix.reserve(1 + names.size()); names_with_prefix.push_back(prefix_); names_with_prefix.insert(names_with_prefix.end(), names.begin(), names.end()); return names_with_prefix; } void MongoStats::incCounter(const Stats::ElementVec& names) { Stats::Utility::counterFromElements(scope_, addPrefix(names)).inc(); } void MongoStats::recordHistogram(const Stats::ElementVec& names, Stats::Histogram::Unit unit, uint64_t sample) { Stats::Utility::histogramFromElements(scope_, addPrefix(names), unit).recordValue(sample); } } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/mongo_stats.h ================================================ #pragma once #include #include #include #include "envoy/stats/scope.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { class MongoStats { public: MongoStats(Stats::Scope& scope, absl::string_view prefix); void incCounter(const Stats::ElementVec& names); void recordHistogram(const Stats::ElementVec& names, Stats::Histogram::Unit unit, uint64_t sample); /** * Finds or creates a StatName by string, taking a global lock if needed. * * TODO(jmarantz): Potential perf issue here with mutex contention for names * that have not been remembered as builtins in the constructor. */ Stats::StatName getBuiltin(const std::string& str, Stats::StatName fallback) { return stat_name_set_->getBuiltin(str, fallback); } private: Stats::ElementVec addPrefix(const Stats::ElementVec& names); Stats::Scope& scope_; Stats::StatNameSetPtr stat_name_set_; public: const Stats::StatName prefix_; const Stats::StatName callsite_; const Stats::StatName cmd_; const Stats::StatName collection_; const Stats::StatName multi_get_; const Stats::StatName reply_num_docs_; const Stats::StatName reply_size_; const Stats::StatName reply_time_ms_; const Stats::StatName time_ms_; const Stats::StatName query_; const Stats::StatName scatter_get_; const Stats::StatName total_; const Stats::StatName unknown_command_; }; using MongoStatsSharedPtr = std::shared_ptr; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/proxy.cc ================================================ #include "extensions/filters/network/mongo_proxy/proxy.h" #include #include #include #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" #include "envoy/filesystem/filesystem.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "extensions/filters/network/mongo_proxy/codec_impl.h" #include "extensions/filters/network/well_known_names.h" #include "absl/strings/str_split.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { class DynamicMetadataKeys { public: const std::string OperationInsert{"insert"}; const std::string OperationQuery{"query"}; // TODO: Parse out the delete/update operation from the commands const std::string OperationUpdate{"update"}; const std::string OperationDelete{"delete"}; }; using DynamicMetadataKeysSingleton = ConstSingleton; AccessLog::AccessLog(const std::string& file_name, Envoy::AccessLog::AccessLogManager& log_manager, TimeSource& time_source) : time_source_(time_source) { file_ = log_manager.createAccessLog(file_name); } void AccessLog::logMessage(const Message& message, bool full, const Upstream::HostDescription* upstream_host) { static const std::string log_format = "{{\"time\": \"{}\", \"message\": {}, \"upstream_host\": \"{}\"}}\n"; SystemTime now = time_source_.systemTime(); std::string log_line = fmt::format(log_format, AccessLogDateTimeFormatter::fromTime(now), message.toString(full), upstream_host ? upstream_host->address()->asString() : "-"); file_->write(log_line); } ProxyFilter::ProxyFilter(const std::string& stat_prefix, Stats::Scope& scope, Runtime::Loader& runtime, AccessLogSharedPtr access_log, const Filters::Common::Fault::FaultDelayConfigSharedPtr& fault_config, const Network::DrainDecision& drain_decision, TimeSource& time_source, bool emit_dynamic_metadata, const MongoStatsSharedPtr& mongo_stats) : stats_(generateStats(stat_prefix, scope)), runtime_(runtime), drain_decision_(drain_decision), access_log_(access_log), fault_config_(fault_config), time_source_(time_source), emit_dynamic_metadata_(emit_dynamic_metadata), mongo_stats_(mongo_stats) { if (!runtime_.snapshot().featureEnabled(MongoRuntimeConfig::get().ConnectionLoggingEnabled, 100)) { // If we are not logging at the connection level, just release the shared pointer so that we // don't ever log. access_log_.reset(); } } ProxyFilter::~ProxyFilter() { ASSERT(!delay_timer_); } void ProxyFilter::setDynamicMetadata(std::string operation, std::string resource) { ProtobufWkt::Struct metadata( (*read_callbacks_->connection() .streamInfo() .dynamicMetadata() .mutable_filter_metadata())[NetworkFilterNames::get().MongoProxy]); auto& fields = *metadata.mutable_fields(); // TODO(rshriram): reverse the resource string (table.db) auto& operations = *fields[resource].mutable_list_value(); operations.add_values()->set_string_value(operation); read_callbacks_->connection().streamInfo().setDynamicMetadata( NetworkFilterNames::get().MongoProxy, metadata); } void ProxyFilter::decodeGetMore(GetMoreMessagePtr&& message) { tryInjectDelay(); stats_.op_get_more_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded GET_MORE: {}", message->toString(true)); } void ProxyFilter::decodeInsert(InsertMessagePtr&& message) { tryInjectDelay(); if (emit_dynamic_metadata_) { setDynamicMetadata(DynamicMetadataKeysSingleton::get().OperationInsert, message->fullCollectionName()); } stats_.op_insert_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded INSERT: {}", message->toString(true)); } void ProxyFilter::decodeKillCursors(KillCursorsMessagePtr&& message) { tryInjectDelay(); stats_.op_kill_cursors_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded KILL_CURSORS: {}", message->toString(true)); } void ProxyFilter::decodeQuery(QueryMessagePtr&& message) { tryInjectDelay(); if (emit_dynamic_metadata_) { setDynamicMetadata(DynamicMetadataKeysSingleton::get().OperationQuery, message->fullCollectionName()); } stats_.op_query_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded QUERY: {}", message->toString(true)); if (message->flags() & QueryMessage::Flags::TailableCursor) { stats_.op_query_tailable_cursor_.inc(); } if (message->flags() & QueryMessage::Flags::NoCursorTimeout) { stats_.op_query_no_cursor_timeout_.inc(); } if (message->flags() & QueryMessage::Flags::AwaitData) { stats_.op_query_await_data_.inc(); } if (message->flags() & QueryMessage::Flags::Exhaust) { stats_.op_query_exhaust_.inc(); } ActiveQueryPtr active_query(new ActiveQuery(*this, *message)); if (!active_query->query_info_.command().empty()) { // First field key is the operation. mongo_stats_->incCounter({mongo_stats_->cmd_, mongo_stats_->getBuiltin(active_query->query_info_.command(), mongo_stats_->unknown_command_), mongo_stats_->total_}); } else { // Normal query, get stats on a per collection basis first. QueryMessageInfo::QueryType query_type = active_query->query_info_.type(); Stats::ElementVec names; names.reserve(6); // 2 entries are added by chargeQueryStats(). names.push_back(mongo_stats_->collection_); names.push_back(Stats::DynamicName(active_query->query_info_.collection())); chargeQueryStats(names, query_type); // Callsite stats if we have it. if (!active_query->query_info_.callsite().empty()) { names.push_back(mongo_stats_->callsite_); names.push_back(Stats::DynamicName(active_query->query_info_.callsite())); chargeQueryStats(names, query_type); } // Global stats. if (active_query->query_info_.maxTime() < 1) { stats_.op_query_no_max_time_.inc(); } if (query_type == QueryMessageInfo::QueryType::ScatterGet) { stats_.op_query_scatter_get_.inc(); } else if (query_type == QueryMessageInfo::QueryType::MultiGet) { stats_.op_query_multi_get_.inc(); } } active_query_list_.emplace_back(std::move(active_query)); } void ProxyFilter::chargeQueryStats(Stats::ElementVec& names, QueryMessageInfo::QueryType query_type) { // names come in containing {"collection", collection}. Report stats for 1 or // 2 variations on this array, and then return with the array in the same // state it had on entry. Both of these variations by appending {"query", "total"}. size_t orig_size = names.size(); ASSERT(names.capacity() - orig_size >= 2); // Ensures the caller has reserved() enough memory. names.push_back(mongo_stats_->query_); names.push_back(mongo_stats_->total_); mongo_stats_->incCounter(names); // And now replace "total" with either "scatter_get" or "multi_get" if depending on query_type. if (query_type == QueryMessageInfo::QueryType::ScatterGet) { names.back() = mongo_stats_->scatter_get_; mongo_stats_->incCounter(names); } else if (query_type == QueryMessageInfo::QueryType::MultiGet) { names.back() = mongo_stats_->multi_get_; mongo_stats_->incCounter(names); } names.resize(orig_size); } void ProxyFilter::decodeReply(ReplyMessagePtr&& message) { stats_.op_reply_.inc(); logMessage(*message, false); ENVOY_LOG(debug, "decoded REPLY: {}", message->toString(true)); if (message->cursorId() != 0) { stats_.op_reply_valid_cursor_.inc(); } if (message->flags() & ReplyMessage::Flags::CursorNotFound) { stats_.op_reply_cursor_not_found_.inc(); } if (message->flags() & ReplyMessage::Flags::QueryFailure) { stats_.op_reply_query_failure_.inc(); } for (auto i = active_query_list_.begin(); i != active_query_list_.end(); i++) { ActiveQuery& active_query = **i; if (active_query.query_info_.requestId() != message->responseTo()) { continue; } if (!active_query.query_info_.command().empty()) { Stats::ElementVec names{mongo_stats_->cmd_, mongo_stats_->getBuiltin(active_query.query_info_.command(), mongo_stats_->unknown_command_)}; chargeReplyStats(active_query, names, *message); } else { // Collection stats first. Stats::ElementVec names{mongo_stats_->collection_, Stats::DynamicName(active_query.query_info_.collection()), mongo_stats_->query_}; chargeReplyStats(active_query, names, *message); // Callsite stats if we have it. if (!active_query.query_info_.callsite().empty()) { // Currently, names == {"collection", collection, "query"} and we are going // to mutate the array to {"collection", collection, "callsite", callsite, "query"}. ASSERT(names.size() == 3); names.back() = mongo_stats_->callsite_; // Replaces "query". names.push_back(Stats::DynamicName(active_query.query_info_.callsite())); names.push_back(mongo_stats_->query_); chargeReplyStats(active_query, names, *message); } } active_query_list_.erase(i); break; } if (active_query_list_.empty() && drain_decision_.drainClose() && runtime_.snapshot().featureEnabled(MongoRuntimeConfig::get().DrainCloseEnabled, 100)) { ENVOY_LOG(debug, "drain closing mongo connection"); stats_.cx_drain_close_.inc(); // We are currently in the write path, so we need to let the write flush out before we close. // We do this by creating a timer and firing it with a zero timeout. This will cause it to run // in the next event loop iteration. This is really a hack. A better solution would be to // introduce the concept of a write complete callback so we can get notified when the write goes // out (e.g., flow control, further filters, etc.). This is a much larger project so we can // start with this since it will get the job done. // TODO(mattklein123): Investigate a better solution for write complete callbacks. if (drain_close_timer_ == nullptr) { drain_close_timer_ = read_callbacks_->connection().dispatcher().createTimer([this] { onDrainClose(); }); drain_close_timer_->enableTimer(std::chrono::milliseconds(0)); } } } void ProxyFilter::decodeCommand(CommandMessagePtr&& message) { tryInjectDelay(); stats_.op_command_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded COMMAND: {}", message->toString(true)); } void ProxyFilter::decodeCommandReply(CommandReplyMessagePtr&& message) { tryInjectDelay(); stats_.op_command_reply_.inc(); logMessage(*message, true); ENVOY_LOG(debug, "decoded COMMANDREPLY: {}", message->toString(true)); } void ProxyFilter::onDrainClose() { read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } void ProxyFilter::chargeReplyStats(ActiveQuery& active_query, Stats::ElementVec& names, const ReplyMessage& message) { uint64_t reply_documents_byte_size = 0; for (const Bson::DocumentSharedPtr& document : message.documents()) { reply_documents_byte_size += document->byteSize(); } // Write 3 different histograms; appending 3 different suffixes to the name // that was passed in. Here we overwrite the passed-in names, but we restore // names to its original state upon return. const size_t orig_size = names.size(); names.push_back(mongo_stats_->reply_num_docs_); mongo_stats_->recordHistogram(names, Stats::Histogram::Unit::Unspecified, message.documents().size()); names[orig_size] = mongo_stats_->reply_size_; mongo_stats_->recordHistogram(names, Stats::Histogram::Unit::Bytes, reply_documents_byte_size); names[orig_size] = mongo_stats_->reply_time_ms_; mongo_stats_->recordHistogram(names, Stats::Histogram::Unit::Milliseconds, std::chrono::duration_cast( time_source_.monotonicTime() - active_query.start_time_) .count()); names.resize(orig_size); } void ProxyFilter::doDecode(Buffer::Instance& buffer) { if (!sniffing_ || !runtime_.snapshot().featureEnabled(MongoRuntimeConfig::get().ProxyEnabled, 100)) { // Safety measure just to make sure that if we have a decoding error we keep going and lose // stats. This can be removed once we are more confident of this code. buffer.drain(buffer.length()); return; } // Clear dynamic metadata if (emit_dynamic_metadata_) { auto& metadata = (*read_callbacks_->connection() .streamInfo() .dynamicMetadata() .mutable_filter_metadata())[NetworkFilterNames::get().MongoProxy]; metadata.mutable_fields()->clear(); } if (!decoder_) { decoder_ = createDecoder(*this); } try { decoder_->onData(buffer); } catch (EnvoyException& e) { ENVOY_LOG(info, "mongo decoding error: {}", e.what()); stats_.decoding_error_.inc(); sniffing_ = false; } } void ProxyFilter::logMessage(Message& message, bool full) { if (access_log_ && runtime_.snapshot().featureEnabled(MongoRuntimeConfig::get().LoggingEnabled, 100)) { access_log_->logMessage(message, full, read_callbacks_->upstreamHost().get()); } } void ProxyFilter::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (delay_timer_) { delay_timer_->disableTimer(); delay_timer_.reset(); } if (drain_close_timer_) { drain_close_timer_->disableTimer(); drain_close_timer_.reset(); } } if (event == Network::ConnectionEvent::RemoteClose && !active_query_list_.empty()) { stats_.cx_destroy_local_with_active_rq_.inc(); } if (event == Network::ConnectionEvent::LocalClose && !active_query_list_.empty()) { stats_.cx_destroy_remote_with_active_rq_.inc(); } } Network::FilterStatus ProxyFilter::onData(Buffer::Instance& data, bool) { read_buffer_.add(data); doDecode(read_buffer_); return delay_timer_ ? Network::FilterStatus::StopIteration : Network::FilterStatus::Continue; } Network::FilterStatus ProxyFilter::onWrite(Buffer::Instance& data, bool) { write_buffer_.add(data); doDecode(write_buffer_); return Network::FilterStatus::Continue; } DecoderPtr ProdProxyFilter::createDecoder(DecoderCallbacks& callbacks) { return DecoderPtr{new DecoderImpl(callbacks)}; } absl::optional ProxyFilter::delayDuration() { absl::optional result; if (!fault_config_) { return result; } // Use a default percentage const auto percentage = fault_config_->percentage(nullptr); if (!runtime_.snapshot().featureEnabled(MongoRuntimeConfig::get().FixedDelayPercent, percentage)) { return result; } // See if the delay provider has a default delay, if not there is no delay. auto config_duration = fault_config_->duration(nullptr); if (!config_duration.has_value()) { return result; } const std::chrono::milliseconds duration = std::chrono::milliseconds(runtime_.snapshot().getInteger( MongoRuntimeConfig::get().FixedDelayDurationMs, config_duration.value().count())); // Delay only if the duration is > 0ms. if (duration.count() > 0) { result = duration; } return result; } void ProxyFilter::delayInjectionTimerCallback() { delay_timer_.reset(); // Continue request processing. read_callbacks_->continueReading(); } void ProxyFilter::tryInjectDelay() { // Do not try to inject delays if there is an active delay. // Make sure to capture stats for the request otherwise. if (delay_timer_) { return; } const absl::optional delay = delayDuration(); if (delay) { delay_timer_ = read_callbacks_->connection().dispatcher().createTimer( [this]() -> void { delayInjectionTimerCallback(); }); delay_timer_->enableTimer(delay.value()); stats_.delays_injected_.inc(); } } } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/proxy.h ================================================ #pragma once #include #include #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/common/time.h" #include "envoy/event/timer.h" #include "envoy/network/connection.h" #include "envoy/network/drain_decision.h" #include "envoy/network/filter.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/network/filter_impl.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/common/fault/fault_config.h" #include "extensions/filters/network/mongo_proxy/codec.h" #include "extensions/filters/network/mongo_proxy/mongo_stats.h" #include "extensions/filters/network/mongo_proxy/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { class MongoRuntimeConfigKeys { public: const std::string FixedDelayPercent{"mongo.fault.fixed_delay.percent"}; const std::string FixedDelayDurationMs{"mongo.fault.fixed_delay.duration_ms"}; const std::string LoggingEnabled{"mongo.logging_enabled"}; const std::string ProxyEnabled{"mongo.proxy_enabled"}; const std::string ConnectionLoggingEnabled{"mongo.connection_logging_enabled"}; const std::string DrainCloseEnabled{"mongo.drain_close_enabled"}; }; using MongoRuntimeConfig = ConstSingleton; /** * All mongo proxy stats. @see stats_macros.h */ #define ALL_MONGO_PROXY_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(cx_destroy_local_with_active_rq) \ COUNTER(cx_destroy_remote_with_active_rq) \ COUNTER(cx_drain_close) \ COUNTER(decoding_error) \ COUNTER(delays_injected) \ COUNTER(op_command) \ COUNTER(op_command_reply) \ COUNTER(op_get_more) \ COUNTER(op_insert) \ COUNTER(op_kill_cursors) \ COUNTER(op_query) \ COUNTER(op_query_await_data) \ COUNTER(op_query_exhaust) \ COUNTER(op_query_multi_get) \ COUNTER(op_query_no_cursor_timeout) \ COUNTER(op_query_no_max_time) \ COUNTER(op_query_scatter_get) \ COUNTER(op_query_tailable_cursor) \ COUNTER(op_reply) \ COUNTER(op_reply_cursor_not_found) \ COUNTER(op_reply_query_failure) \ COUNTER(op_reply_valid_cursor) \ GAUGE(op_query_active, Accumulate) /** * Struct definition for all mongo proxy stats. @see stats_macros.h */ struct MongoProxyStats { ALL_MONGO_PROXY_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; /** * Access logger for mongo messages. */ class AccessLog { public: AccessLog(const std::string& file_name, Envoy::AccessLog::AccessLogManager& log_manager, TimeSource& time_source); void logMessage(const Message& message, bool full, const Upstream::HostDescription* upstream_host); private: TimeSource& time_source_; Envoy::AccessLog::AccessLogFileSharedPtr file_; }; using AccessLogSharedPtr = std::shared_ptr; /** * A sniffing filter for mongo traffic. The current implementation makes a copy of read/written * data, decodes it, and generates stats. */ class ProxyFilter : public Network::Filter, public DecoderCallbacks, public Network::ConnectionCallbacks, Logger::Loggable { public: ProxyFilter(const std::string& stat_prefix, Stats::Scope& scope, Runtime::Loader& runtime, AccessLogSharedPtr access_log, const Filters::Common::Fault::FaultDelayConfigSharedPtr& fault_config, const Network::DrainDecision& drain_decision, TimeSource& time_system, bool emit_dynamic_metadata, const MongoStatsSharedPtr& stats); ~ProxyFilter() override; virtual DecoderPtr createDecoder(DecoderCallbacks& callbacks) PURE; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; read_callbacks_->connection().addConnectionCallbacks(*this); } // Network::WriteFilter Network::FilterStatus onWrite(Buffer::Instance& data, bool end_stream) override; // Mongo::DecoderCallback void decodeGetMore(GetMoreMessagePtr&& message) override; void decodeInsert(InsertMessagePtr&& message) override; void decodeKillCursors(KillCursorsMessagePtr&& message) override; void decodeQuery(QueryMessagePtr&& message) override; void decodeReply(ReplyMessagePtr&& message) override; void decodeCommand(CommandMessagePtr&& message) override; void decodeCommandReply(CommandReplyMessagePtr&& message) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} void setDynamicMetadata(std::string operation, std::string resource); private: struct ActiveQuery { ActiveQuery(ProxyFilter& parent, const QueryMessage& query) : parent_(parent), query_info_(query), start_time_(parent_.time_source_.monotonicTime()) { parent_.stats_.op_query_active_.inc(); } ~ActiveQuery() { parent_.stats_.op_query_active_.dec(); } ProxyFilter& parent_; QueryMessageInfo query_info_; MonotonicTime start_time_; }; using ActiveQueryPtr = std::unique_ptr; MongoProxyStats generateStats(const std::string& prefix, Stats::Scope& scope) { return MongoProxyStats{ALL_MONGO_PROXY_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}; } // Increment counters related to queries. 'names' is passed by non-const // reference so the implementation can mutate it without copying, though it // always restores it to its prior state prior to return. void chargeQueryStats(Stats::ElementVec& names, QueryMessageInfo::QueryType query_type); // Add samples to histograms related to replies. 'names' is passed by // non-const reference so the implementation can mutate it without copying, // though it always restores it to its prior state prior to return. void chargeReplyStats(ActiveQuery& active_query, Stats::ElementVec& names, const ReplyMessage& message); void doDecode(Buffer::Instance& buffer); void logMessage(Message& message, bool full); void onDrainClose(); absl::optional delayDuration(); void delayInjectionTimerCallback(); void tryInjectDelay(); std::unique_ptr decoder_; MongoProxyStats stats_; Runtime::Loader& runtime_; const Network::DrainDecision& drain_decision_; Buffer::OwnedImpl read_buffer_; Buffer::OwnedImpl write_buffer_; bool sniffing_{true}; std::list active_query_list_; AccessLogSharedPtr access_log_; Network::ReadFilterCallbacks* read_callbacks_{}; const Filters::Common::Fault::FaultDelayConfigSharedPtr fault_config_; Event::TimerPtr delay_timer_; Event::TimerPtr drain_close_timer_; TimeSource& time_source_; const bool emit_dynamic_metadata_; MongoStatsSharedPtr mongo_stats_; }; class ProdProxyFilter : public ProxyFilter { public: using ProxyFilter::ProxyFilter; // ProxyFilter DecoderPtr createDecoder(DecoderCallbacks& callbacks) override; }; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/utility.cc ================================================ #include "extensions/filters/network/mongo_proxy/utility.h" #include #include "envoy/common/exception.h" #include "common/json/json_loader.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { QueryMessageInfo::QueryMessageInfo(const QueryMessage& query) : request_id_{query.requestId()}, max_time_{0} { // First see if this is a command, if so we are done. const Bson::Document* command = parseCommand(query); if (command) { command_ = command->values().front()->key(); // Special case the 3.2 'find' command since it is a query. if (command_ == "find") { command_ = ""; parseFindCommand(*command); } return; } // Standard query. collection_ = parseCollection(query.fullCollectionName()); callsite_ = parseCallingFunction(query); max_time_ = parseMaxTime(query); type_ = parseType(query); } std::string QueryMessageInfo::parseCollection(const std::string& full_collection_name) { size_t collection_index = full_collection_name.find('.'); if (collection_index == std::string::npos) { throw EnvoyException("invalid full collection name"); } return full_collection_name.substr(collection_index + 1); } int32_t QueryMessageInfo::parseMaxTime(const QueryMessage& query) { const Bson::Field* field = query.query()->find("$maxTimeMS"); if (!field) { field = query.query()->find("maxTimeMS"); if (!field) { return 0; } } if (field->type() == Bson::Field::Type::Int32) { return field->asInt32(); } else if (field->type() == Bson::Field::Type::Int64) { return static_cast(field->asInt64()); } else { return 0; } } const Bson::Document* QueryMessageInfo::parseCommand(const QueryMessage& query) { if (query.fullCollectionName().find("$cmd") == std::string::npos) { return nullptr; } // See if there is a $query document, and use that to find the command if so. const Bson::Document* doc_to_use = query.query(); const Bson::Field* field = query.query()->find("$query", Bson::Field::Type::Document); if (field) { doc_to_use = &field->asDocument(); } if (doc_to_use->values().empty()) { throw EnvoyException("invalid query command"); } return doc_to_use; } std::string QueryMessageInfo::parseCallingFunction(const QueryMessage& query) { const Bson::Field* field = query.query()->find("$comment", Bson::Field::Type::String); if (!field) { return ""; } return parseCallingFunctionJson(field->asString()); } std::string QueryMessageInfo::parseCallingFunctionJson(const std::string& json_string) { try { Json::ObjectSharedPtr json = Json::Factory::loadFromString(json_string); return json->getString("callingFunction"); } catch (Json::Exception&) { return ""; } } QueryMessageInfo::QueryType QueryMessageInfo::parseType(const QueryMessage& query) { // First check the top level for _id. QueryType type = parseTypeFromDocument(*query.query()); if (type == QueryType::ScatterGet) { // If we didn't find it in the top level, see if we have a top level $query element and look // there. const Bson::Field* field = query.query()->find("$query", Bson::Field::Type::Document); if (field) { type = parseTypeFromDocument(field->asDocument()); } } return type; } QueryMessageInfo::QueryType QueryMessageInfo::parseTypeFromDocument(const Bson::Document& document) { const Bson::Field* field = document.find("_id"); if (!field) { return QueryType::ScatterGet; } // For now we call any query where _id is equal to a non-scalar value a multi get. if (field->type() == Bson::Field::Type::Document || field->type() == Bson::Field::Type::Array) { return QueryType::MultiGet; } return QueryType::PrimaryKey; } void QueryMessageInfo::parseFindCommand(const Bson::Document& command) { collection_ = command.values().front()->asString(); const Bson::Field* comment = command.find("comment", Bson::Field::Type::String); if (comment) { callsite_ = parseCallingFunctionJson(comment->asString()); } const Bson::Field* filter = command.find("filter", Bson::Field::Type::Document); if (filter) { type_ = parseTypeFromDocument(filter->asDocument()); } } } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mongo_proxy/utility.h ================================================ #pragma once #include #include "extensions/filters/network/mongo_proxy/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MongoProxy { /** * Parses a query into information that can be used for stat gathering. */ class QueryMessageInfo { public: enum class QueryType { PrimaryKey, MultiGet, ScatterGet }; QueryMessageInfo(const QueryMessage& query); /** * @return the query's request ID. */ int32_t requestId() { return request_id_; } /** * @return the collection name with the database name removed, or "" if a command. */ const std::string& collection() { return collection_; } /** * @return calling function if it can be found in the query. The calling function is found by: * 1) Looking for a top level query field name $comment * 2) Parsing $comment as a JSON string * 3) Accessing the 'callingFunction' field in the JSON. * "" is returned if any of the above fails. */ const std::string& callsite() { return callsite_; } /** * @return the value of maxTimeMS or 0 if not given. */ int32_t maxTime() { return max_time_; } /** * @return the type of a query message. */ QueryType type() { return type_; } /** * @return the name of the command if the query is a command, otherwise "". */ const std::string& command() { return command_; } private: std::string parseCallingFunction(const QueryMessage& query); std::string parseCallingFunctionJson(const std::string& json_string); std::string parseCollection(const std::string& full_collection_name); int32_t parseMaxTime(const QueryMessage& query); const Bson::Document* parseCommand(const QueryMessage& query); void parseFindCommand(const Bson::Document& command); QueryType parseType(const QueryMessage& query); QueryType parseTypeFromDocument(const Bson::Document& document); int32_t request_id_; std::string collection_; std::string callsite_; int32_t max_time_; QueryType type_{QueryType::ScatterGet}; std::string command_; }; } // namespace MongoProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # MySQL proxy L7 network filter. # Public docs: docs/root/configuration/network_filters/mysql_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "proxy_lib", srcs = [ "mysql_codec_clogin.cc", "mysql_codec_clogin_resp.cc", "mysql_codec_command.cc", "mysql_codec_greeting.cc", "mysql_codec_switch_resp.cc", "mysql_decoder.cc", "mysql_filter.cc", "mysql_utils.cc", ], hdrs = [ "mysql_codec.h", "mysql_codec_clogin.h", "mysql_codec_clogin_resp.h", "mysql_codec_command.h", "mysql_codec_greeting.h", "mysql_codec_switch_resp.h", "mysql_decoder.h", "mysql_filter.h", "mysql_session.h", "mysql_utils.h", ], deps = [ "//include/envoy/network:filter_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/network:filter_lib", "//source/extensions/common/sqlutils:sqlutils_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["mysql_config.cc"], hdrs = ["mysql_config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":proxy_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/mysql_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { constexpr uint16_t MYSQL_MAX_STR_SIZE = 256; constexpr uint16_t MYSQL_PKT_SIZE = 1500; constexpr uint8_t MYSQL_HDR_SIZE = 4; constexpr uint8_t MYSQL_PROTOCOL_9 = 9; constexpr uint8_t MYSQL_PROTOCOL_10 = 10; constexpr uint8_t MYSQL_PKT_0 = 0; constexpr uint8_t MYSQL_UNAME_PKT_NUM = 1; constexpr uint32_t MYSQL_HDR_PKT_SIZE_MASK = 0x00FFFFFF; constexpr uint32_t MYSQL_HDR_SEQ_MASK = 0x000000FF; constexpr uint8_t MYSQL_LOGIN_RESP_PKT_NUM = 2; constexpr uint8_t MYSQL_REQUEST_PKT_NUM = 0; constexpr uint8_t MYSQL_RESPONSE_PKT_NUM = 1; constexpr uint16_t MAX_MYSQL_QUERY_STRING = 256; constexpr uint16_t MAX_MYSQL_USER_STRING = 256; constexpr uint8_t MIN_RESPONSE_PAYLOAD = 5; constexpr uint8_t MYSQL_MAX_USER_LEN = 32; constexpr uint8_t MYSQL_MAX_PASSWD_LEN = 32; constexpr uint8_t MYSQL_RESP_OK = 0x00; constexpr uint8_t MYSQL_RESP_MORE = 0x01; constexpr uint8_t MYSQL_RESP_AUTH_SWITCH = 0xfe; constexpr uint8_t MYSQL_RESP_ERR = 0xff; constexpr uint8_t EOF_MARKER = 0xfe; constexpr uint8_t ERR_MARKER = 0xff; constexpr uint8_t CLIENT_CAP_FLD = 2; constexpr uint8_t EXT_CLIENT_CAP_FLD = 2; constexpr uint8_t MAX_PKT_FLD = 4; constexpr uint8_t CHARSET_FLD = 1; constexpr uint8_t UNAME_RSVD_STR = 23; constexpr uint8_t FILLER_1_SIZE = 1; constexpr uint8_t FILLER_2_SIZE = 2; constexpr uint8_t FILLER_3_SIZE = 3; constexpr uint8_t MYSQL_DEFAULT = 4; constexpr uint8_t CHARACTER_SET_SIZE = 2; constexpr uint8_t MAX_TABLE_COLUMNS = 64; constexpr uint8_t MAX_TABLE_ROWS = 128; constexpr uint8_t LAYOUT_CTLG = 0; constexpr uint8_t LAYOUT_DB = 1; constexpr uint8_t LAYOUT_TBL = 2; constexpr uint8_t LAYOUT_ORG_TBL = 3; constexpr uint8_t LAYOUT_NAME = 4; constexpr uint8_t LAYOUT_ORG_NAME = 5; constexpr uint8_t MYSQL_CATALOG_LAYOUT = 6; constexpr uint8_t MULTI_CLIENT = 10; constexpr uint8_t LOGIN_OK_SEQ = 2; constexpr uint8_t GREETING_SEQ_NUM = 0; constexpr uint8_t CHALLENGE_SEQ_NUM = 1; constexpr uint8_t CHALLENGE_RESP_SEQ_NUM = 2; constexpr uint8_t AUTH_SWITH_RESP_SEQ = 3; constexpr uint32_t MYSQL_THREAD_ID = 0x5e; constexpr uint16_t MYSQL_SERVER_CAPAB = 0x0101; constexpr uint8_t MYSQL_SERVER_LANGUAGE = 0x21; constexpr uint16_t MYSQL_SERVER_STATUS = 0x0200; constexpr uint16_t MYSQL_SERVER_EXT_CAPAB = 0x0200; constexpr uint8_t MYSQL_AUTHPLGIN = 0x00; constexpr uint8_t MYSQL_UNSET = 0x00; constexpr uint8_t MYSQL_UNSET_SIZE = 10; constexpr uint16_t MYSQL_CLIENT_CONNECT_WITH_DB = 0x0008; constexpr uint16_t MYSQL_CLIENT_CAPAB_41VS320 = 0x0200; constexpr uint16_t MYSQL_CLIENT_CAPAB_SSL = 0x0800; constexpr uint16_t MYSQL_EXT_CLIENT_CAPAB = 0x0300; constexpr uint16_t MYSQL_EXT_CL_PLG_AUTH_CL_DATA = 0x0020; constexpr uint16_t MYSQL_EXT_CL_SECURE_CONNECTION = 0x8000; constexpr uint32_t MYSQL_MAX_PACKET = 0x00000001; constexpr uint8_t MYSQL_CHARSET = 0x21; constexpr uint8_t LENENCODINT_1BYTE = 0xfb; constexpr uint8_t LENENCODINT_2BYTES = 0xfc; constexpr uint8_t LENENCODINT_3BYTES = 0xfd; constexpr uint8_t LENENCODINT_8BYTES = 0xfe; constexpr int MYSQL_SUCCESS = 0; constexpr int MYSQL_FAILURE = -1; constexpr char MYSQL_STR_END = '\0'; class MySQLCodec : public Logger::Loggable { public: enum class PktType { MysqlRequest = 0, MysqlResponse = 1, }; virtual ~MySQLCodec() = default; int decode(Buffer::Instance& data, uint8_t seq, uint32_t len) { seq_ = seq; return parseMessage(data, len); } virtual std::string encode() PURE; protected: virtual int parseMessage(Buffer::Instance& data, uint32_t len) PURE; uint8_t seq_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void ClientLogin::setClientCap(int client_cap) { client_cap_ = client_cap; } void ClientLogin::setExtendedClientCap(int extended_client_cap) { extended_client_cap_ = extended_client_cap; } void ClientLogin::setMaxPacket(int max_packet) { max_packet_ = max_packet; } void ClientLogin::setCharset(int charset) { charset_ = charset; } void ClientLogin::setUsername(std::string& username) { if (username.length() <= MYSQL_MAX_USER_LEN) { username_.assign(username); } } void ClientLogin::setDb(std::string& db) { db_ = db; } void ClientLogin::setAuthResp(std::string& auth_resp) { auth_resp_.assign(auth_resp); } bool ClientLogin::isResponse41() const { return client_cap_ & MYSQL_CLIENT_CAPAB_41VS320; } bool ClientLogin::isResponse320() const { return !(client_cap_ & MYSQL_CLIENT_CAPAB_41VS320); } bool ClientLogin::isSSLRequest() const { return client_cap_ & MYSQL_CLIENT_CAPAB_SSL; } bool ClientLogin::isConnectWithDb() const { return client_cap_ & MYSQL_CLIENT_CONNECT_WITH_DB; } bool ClientLogin::isClientAuthLenClData() const { return extended_client_cap_ & MYSQL_EXT_CL_PLG_AUTH_CL_DATA; } bool ClientLogin::isClientSecureConnection() const { return extended_client_cap_ & MYSQL_EXT_CL_SECURE_CONNECTION; } int ClientLogin::parseMessage(Buffer::Instance& buffer, uint32_t) { uint16_t client_cap = 0; if (BufferHelper::readUint16(buffer, client_cap) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing client_cap in mysql ClientLogin msg"); return MYSQL_FAILURE; } setClientCap(client_cap); uint16_t extended_client_cap = 0; if (BufferHelper::readUint16(buffer, extended_client_cap) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing extended_client_cap in mysql ClientLogin msg"); return MYSQL_FAILURE; } setExtendedClientCap(extended_client_cap); uint32_t max_packet = 0; if (BufferHelper::readUint32(buffer, max_packet) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing max_packet in mysql ClientLogin msg"); return MYSQL_FAILURE; } setMaxPacket(max_packet); if (isSSLRequest()) { // Stop Parsing if CLIENT_SSL flag is set return MYSQL_SUCCESS; } uint8_t charset = 0; if (BufferHelper::readUint8(buffer, charset) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing charset in mysql ClientLogin msg"); return MYSQL_FAILURE; } setCharset(charset); if (BufferHelper::readBytes(buffer, UNSET_BYTES) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error skipping unset bytes in mysql ClientLogin msg"); return MYSQL_FAILURE; } std::string username; if (BufferHelper::readString(buffer, username) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing username in mysql ClientLogin msg"); return MYSQL_FAILURE; } setUsername(username); std::string auth_resp; if (isClientAuthLenClData()) { uint64_t auth_resp_len = 0; if (BufferHelper::readLengthEncodedInteger(buffer, auth_resp_len) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing LengthEncodedInteger in mysql ClientLogin msg"); return MYSQL_FAILURE; } if (BufferHelper::readStringBySize(buffer, auth_resp_len, auth_resp) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing auth_resp in mysql ClientLogin msg"); return MYSQL_FAILURE; } } else if (isClientSecureConnection()) { uint8_t auth_resp_len = 0; if (BufferHelper::readUint8(buffer, auth_resp_len) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing auth_resp_len in mysql ClientLogin msg"); return MYSQL_FAILURE; } if (BufferHelper::readStringBySize(buffer, auth_resp_len, auth_resp) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing auth_resp in mysql ClientLogin msg"); return MYSQL_FAILURE; } } else { if (BufferHelper::readString(buffer, auth_resp) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing auth_resp in mysql ClientLogin msg"); return MYSQL_FAILURE; } } setAuthResp(auth_resp); if (isConnectWithDb()) { std::string db; if (BufferHelper::readString(buffer, db) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing auth_resp in mysql ClientLogin msg"); return MYSQL_FAILURE; } setDb(db); } return MYSQL_SUCCESS; } std::string ClientLogin::encode() { uint8_t enc_end_string = 0; Buffer::InstancePtr buffer(new Buffer::OwnedImpl()); BufferHelper::addUint16(*buffer, client_cap_); BufferHelper::addUint16(*buffer, extended_client_cap_); BufferHelper::addUint32(*buffer, max_packet_); BufferHelper::addUint8(*buffer, charset_); for (int idx = 0; idx < UNSET_BYTES; idx++) { BufferHelper::addUint8(*buffer, 0); } BufferHelper::addString(*buffer, username_); BufferHelper::addUint8(*buffer, enc_end_string); if ((extended_client_cap_ & MYSQL_EXT_CL_PLG_AUTH_CL_DATA) || (extended_client_cap_ & MYSQL_EXT_CL_SECURE_CONNECTION)) { BufferHelper::addUint8(*buffer, auth_resp_.length()); BufferHelper::addString(*buffer, auth_resp_); } else { BufferHelper::addString(*buffer, auth_resp_); BufferHelper::addUint8(*buffer, enc_end_string); } if (client_cap_ & MYSQL_CLIENT_CONNECT_WITH_DB) { BufferHelper::addString(*buffer, db_); BufferHelper::addUint8(*buffer, enc_end_string); } return buffer->toString(); } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h ================================================ #pragma once #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { constexpr int UNSET_BYTES = 23; class ClientLogin : public MySQLCodec { public: // MySQLCodec int parseMessage(Buffer::Instance& buffer, uint32_t len) override; std::string encode() override; int getClientCap() const { return client_cap_; } int getExtendedClientCap() const { return extended_client_cap_; } int getMaxPacket() const { return max_packet_; } int getCharset() const { return charset_; } const std::string& getUsername() const { return username_; } const std::string& getAuthResp() const { return auth_resp_; } const std::string& getDb() const { return db_; } bool isResponse41() const; bool isResponse320() const; bool isSSLRequest() const; bool isConnectWithDb() const; bool isClientAuthLenClData() const; bool isClientSecureConnection() const; void setClientCap(int client_cap); void setExtendedClientCap(int extended_client_cap); void setMaxPacket(int max_packet); void setCharset(int charset); void setUsername(std::string& username); void setAuthResp(std::string& auth_resp); void setDb(std::string& db); private: int client_cap_; int extended_client_cap_; int max_packet_; int charset_; std::string username_; std::string auth_resp_; std::string db_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void ClientLoginResponse::setRespCode(uint8_t resp_code) { resp_code_ = resp_code; } void ClientLoginResponse::setAffectedRows(uint8_t affected_rows) { affected_rows_ = affected_rows; } void ClientLoginResponse::setLastInsertId(uint8_t last_insert_id) { last_insert_id_ = last_insert_id; } void ClientLoginResponse::setServerStatus(uint16_t status) { server_status_ = status; } void ClientLoginResponse::setWarnings(uint16_t warnings) { warnings_ = warnings; } int ClientLoginResponse::parseMessage(Buffer::Instance& buffer, uint32_t) { uint8_t resp_code = 0; if (BufferHelper::readUint8(buffer, resp_code) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing response code in mysql Login Ok msg"); return MYSQL_FAILURE; } setRespCode(resp_code); if ((resp_code == MYSQL_RESP_AUTH_SWITCH) && BufferHelper::endOfBuffer(buffer)) { // OldAuthSwitchRequest return MYSQL_SUCCESS; } uint8_t affected_rows = 0; if (BufferHelper::readUint8(buffer, affected_rows) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing affected_rows in mysql Login Ok msg"); return MYSQL_FAILURE; } setAffectedRows(affected_rows); uint8_t last_insert_id = 0; if (BufferHelper::readUint8(buffer, last_insert_id) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing last_insert_id in mysql Login Ok msg"); return MYSQL_FAILURE; } setLastInsertId(last_insert_id); uint16_t server_status = 0; if (BufferHelper::readUint16(buffer, server_status) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing server_status in mysql Login Ok msg"); return MYSQL_FAILURE; } setServerStatus(server_status); uint16_t warnings = 0; if (BufferHelper::readUint16(buffer, warnings) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing warnings in mysql Login Ok msg"); return MYSQL_FAILURE; } setWarnings(warnings); return MYSQL_SUCCESS; } std::string ClientLoginResponse::encode() { Buffer::InstancePtr buffer(new Buffer::OwnedImpl()); BufferHelper::addUint8(*buffer, resp_code_); BufferHelper::addUint8(*buffer, affected_rows_); BufferHelper::addUint8(*buffer, last_insert_id_); BufferHelper::addUint16(*buffer, server_status_); BufferHelper::addUint16(*buffer, warnings_); std::string e_string = buffer->toString(); return e_string; } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h ================================================ #pragma once #include #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { class ClientLoginResponse : public MySQLCodec { public: // MySQLCodec int parseMessage(Buffer::Instance& buffer, uint32_t len) override; std::string encode() override; uint8_t getRespCode() const { return resp_code_; } uint8_t getAffectedRows() const { return affected_rows_; } uint8_t getLastInsertId() const { return last_insert_id_; } uint16_t getServerStatus() const { return server_status_; } uint16_t getWarnings() const { return warnings_; } void setRespCode(uint8_t resp_code); void setAffectedRows(uint8_t affected_rows); void setLastInsertId(uint8_t last_insert_id); void setServerStatus(uint16_t status); void setWarnings(uint16_t warnings); private: uint8_t resp_code_; uint8_t affected_rows_; uint8_t last_insert_id_; uint16_t server_status_; uint16_t warnings_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_command.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { Command::Cmd Command::parseCmd(Buffer::Instance& data) { uint8_t cmd; if (BufferHelper::readUint8(data, cmd) != MYSQL_SUCCESS) { return Command::Cmd::Null; } return static_cast(cmd); } void Command::setCmd(Command::Cmd cmd) { cmd_ = cmd; } void Command::setDb(std::string db) { db_ = db; } int Command::parseMessage(Buffer::Instance& buffer, uint32_t len) { Command::Cmd cmd = parseCmd(buffer); setCmd(cmd); if (cmd == Command::Cmd::Null) { return MYSQL_FAILURE; } switch (cmd) { case Command::Cmd::InitDb: case Command::Cmd::CreateDb: case Command::Cmd::DropDb: { std::string db = ""; BufferHelper::readStringBySize(buffer, len - 1, db); setDb(db); break; } case Command::Cmd::Query: is_query_ = true; // query string starts after one byte for comm type BufferHelper::readStringBySize(buffer, len - 1, data_); setDb(""); break; default: setDb(""); break; } return MYSQL_SUCCESS; } void Command::setData(std::string& data) { data_.assign(data); } std::string Command::encode() { Buffer::InstancePtr buffer(new Buffer::OwnedImpl()); BufferHelper::addUint8(*buffer, static_cast(cmd_)); BufferHelper::addString(*buffer, data_); std::string e_string = buffer->toString(); return e_string; } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_command.h ================================================ #pragma once #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { class Command : public MySQLCodec { public: enum class Cmd { Null = -1, Sleep = 0, Quit = 1, InitDb = 2, Query = 3, FieldList = 4, CreateDb = 5, DropDb = 6, Refresh = 7, Shutdown = 8, Statistics = 9, ProcessInfo = 10, Connect = 11, ProcessKill = 12, Debug = 13, Ping = 14, Time = 15, DelayedInsert = 16, ChangeUser = 17, Daemon = 29, ResetConnection = 31, }; // MySQLCodec int parseMessage(Buffer::Instance&, uint32_t len) override; std::string encode() override; Cmd parseCmd(Buffer::Instance& data); Cmd getCmd() const { return cmd_; } const std::string& getData() const { return data_; } std::string& getDb() { return db_; } void setCmd(Cmd cmd); void setData(std::string& data); void setDb(std::string db); bool isQuery() { return is_query_; } private: Cmd cmd_; std::string data_; std::string db_; bool is_query_; }; class CommandResponse : public MySQLCodec { public: // MySQLCodec int parseMessage(Buffer::Instance&, uint32_t) override { return MYSQL_SUCCESS; } std::string encode() override { return ""; } void setServerStatus(uint16_t status); void setWarnings(uint16_t warnings); private: uint16_t server_status_; uint16_t warnings_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void ServerGreeting::setProtocol(int protocol) { protocol_ = protocol; } void ServerGreeting::setVersion(std::string& version) { version_.assign(version); } void ServerGreeting::setThreadId(int thread_id) { thread_id_ = thread_id; } void ServerGreeting::setSalt(std::string& salt) { salt_ = salt; } void ServerGreeting::setServerCap(int server_cap) { server_cap_ = server_cap; } void ServerGreeting::setServerLanguage(int server_language) { server_language_ = server_language; } void ServerGreeting::setServerStatus(int server_status) { server_status_ = server_status; } void ServerGreeting::setExtServerCap(int ext_server_cap) { ext_server_cap_ = ext_server_cap; } int ServerGreeting::parseMessage(Buffer::Instance& buffer, uint32_t) { uint8_t protocol = 0; if (BufferHelper::readUint8(buffer, protocol) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing protocol in mysql Greeting msg"); return MYSQL_FAILURE; } setProtocol(protocol); std::string version; if (BufferHelper::readString(buffer, version) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing version in mysql Greeting msg"); return MYSQL_FAILURE; } setVersion(version); uint32_t thread_id = 0; if (BufferHelper::readUint32(buffer, thread_id) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing thread_id in mysql Greeting msg"); return MYSQL_FAILURE; } setThreadId(thread_id); std::string salt; if (BufferHelper::readString(buffer, salt) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing salt in mysql Greeting msg"); return MYSQL_FAILURE; } setSalt(salt); if (protocol_ == MYSQL_PROTOCOL_9) { // End of HandshakeV9 greeting return MYSQL_SUCCESS; } uint16_t server_cap = 0; if (BufferHelper::readUint16(buffer, server_cap) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing server_cap in mysql Greeting msg"); return MYSQL_FAILURE; } setServerCap(server_cap); if (BufferHelper::endOfBuffer(buffer)) { // HandshakeV10 can terminate after Server Capabilities return MYSQL_SUCCESS; } uint8_t server_language = 0; if (BufferHelper::readUint8(buffer, server_language) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing server_language in mysql Greeting msg"); return MYSQL_FAILURE; } setServerLanguage(server_language); uint16_t server_status = 0; if (BufferHelper::readUint16(buffer, server_status) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing server_status in mysql Greeting msg"); return MYSQL_FAILURE; } setServerStatus(server_status); uint16_t ext_server_cap = 0; if (BufferHelper::readUint16(buffer, ext_server_cap) != MYSQL_SUCCESS) { ENVOY_LOG(info, "error parsing ext_server_cap in mysql Greeting msg"); return MYSQL_FAILURE; } setExtServerCap(ext_server_cap); return MYSQL_SUCCESS; } std::string ServerGreeting::encode() { uint8_t enc_end_string = 0; Buffer::InstancePtr buffer(new Buffer::OwnedImpl()); BufferHelper::addUint8(*buffer, protocol_); BufferHelper::addString(*buffer, version_); BufferHelper::addUint8(*buffer, enc_end_string); BufferHelper::addUint32(*buffer, thread_id_); BufferHelper::addString(*buffer, salt_); BufferHelper::addUint8(*buffer, enc_end_string); BufferHelper::addUint16(*buffer, server_cap_); BufferHelper::addUint8(*buffer, server_language_); BufferHelper::addUint16(*buffer, server_status_); BufferHelper::addUint16(*buffer, ext_server_cap_); return buffer->toString(); } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h ================================================ #pragma once #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { class ServerGreeting : public MySQLCodec { public: // MySQLCodec int parseMessage(Buffer::Instance& buffer, uint32_t len) override; std::string encode() override; int getProtocol() const { return protocol_; } const std::string& getVersion() const { return version_; } int getThreadId() const { return thread_id_; } const std::string& getSalt() const { return salt_; }; int getServerCap() const { return server_cap_; } int getServerLanguage() const { return server_language_; } int getServerStatus() const { return server_status_; } int getExtServerCap() const { return ext_server_cap_; } void setProtocol(int protocol); void setVersion(std::string& version); void setThreadId(int thread_id); void setSalt(std::string& salt); void setServerCap(int server_cap); void setServerLanguage(int server_language); void setServerStatus(int server_status); void setExtServerCap(int ext_server_cap); private: int protocol_; std::string version_; int thread_id_; std::string salt_; int server_cap_; int server_language_; int server_status_; int ext_server_cap_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void ClientSwitchResponse::setAuthPluginResp(std::string& auth_plugin_resp) { auth_plugin_resp_.assign(auth_plugin_resp); } int ClientSwitchResponse::parseMessage(Buffer::Instance&, uint32_t) { return MYSQL_SUCCESS; } std::string ClientSwitchResponse::encode() { Buffer::InstancePtr buffer(new Buffer::OwnedImpl()); BufferHelper::addString(*buffer, auth_plugin_resp_); return buffer->toString(); } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h ================================================ #pragma once #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { class ClientSwitchResponse : public MySQLCodec { public: // MySQLCodec int parseMessage(Buffer::Instance& buffer, uint32_t len) override; std::string encode() override; void setAuthPluginResp(std::string& auth_swith_resp); private: std::string auth_plugin_resp_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_config.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_config.h" #include #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.h" #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "extensions/filters/network/mysql_proxy/mysql_filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { /** * Config registration for the MySQL proxy filter. @see NamedNetworkFilterConfigFactory. */ Network::FilterFactoryCb NetworkFilters::MySQLProxy::MySQLConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::mysql_proxy::v3::MySQLProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); const std::string stat_prefix = fmt::format("mysql.{}", proto_config.stat_prefix()); MySQLFilterConfigSharedPtr filter_config( std::make_shared(stat_prefix, context.scope())); return [filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addFilter(std::make_shared(filter_config)); }; } /** * Static registration for the MySQL proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(MySQLConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_config.h ================================================ #pragma once #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.h" #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/mysql_proxy/mysql_filter.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { /** * Config registration for the MySQL proxy filter. */ class MySQLConfigFactory : public Common::FactoryBase { public: MySQLConfigFactory() : FactoryBase(NetworkFilterNames::get().MySQLProxy) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::mysql_proxy::v3::MySQLProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_decoder.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_decoder.h" #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void DecoderImpl::parseMessage(Buffer::Instance& message, uint8_t seq, uint32_t len) { ENVOY_LOG(trace, "mysql_proxy: parsing message, seq {}, len {}", seq, len); // Run the MySQL state machine switch (session_.getState()) { // Expect Server Challenge packet case MySQLSession::State::Init: { ServerGreeting greeting; greeting.decode(message, seq, len); callbacks_.onServerGreeting(greeting); session_.setState(MySQLSession::State::ChallengeReq); break; } // Process Client Handshake Response case MySQLSession::State::ChallengeReq: { ClientLogin client_login{}; client_login.decode(message, seq, len); callbacks_.onClientLogin(client_login); if (client_login.isSSLRequest()) { session_.setState(MySQLSession::State::SslPt); } else if (client_login.isResponse41()) { session_.setState(MySQLSession::State::ChallengeResp41); } else { session_.setState(MySQLSession::State::ChallengeResp320); } break; } case MySQLSession::State::SslPt: break; case MySQLSession::State::ChallengeResp41: case MySQLSession::State::ChallengeResp320: { ClientLoginResponse client_login_resp{}; client_login_resp.decode(message, seq, len); callbacks_.onClientLoginResponse(client_login_resp); if (client_login_resp.getRespCode() == MYSQL_RESP_OK) { session_.setState(MySQLSession::State::Req); // reset seq# when entering the REQ state session_.setExpectedSeq(MYSQL_REQUEST_PKT_NUM); } else if (client_login_resp.getRespCode() == MYSQL_RESP_AUTH_SWITCH) { session_.setState(MySQLSession::State::AuthSwitchResp); } else if (client_login_resp.getRespCode() == MYSQL_RESP_ERR) { // client/server should close the connection: // https://dev.mysql.com/doc/internals/en/connection-phase.html session_.setState(MySQLSession::State::Error); } else { session_.setState(MySQLSession::State::NotHandled); } break; } case MySQLSession::State::AuthSwitchResp: { ClientSwitchResponse client_switch_resp{}; client_switch_resp.decode(message, seq, len); callbacks_.onClientSwitchResponse(client_switch_resp); session_.setState(MySQLSession::State::AuthSwitchMore); break; } case MySQLSession::State::AuthSwitchMore: { ClientLoginResponse client_login_resp{}; client_login_resp.decode(message, seq, len); callbacks_.onMoreClientLoginResponse(client_login_resp); if (client_login_resp.getRespCode() == MYSQL_RESP_OK) { session_.setState(MySQLSession::State::Req); } else if (client_login_resp.getRespCode() == MYSQL_RESP_MORE) { session_.setState(MySQLSession::State::AuthSwitchResp); } else if (client_login_resp.getRespCode() == MYSQL_RESP_ERR) { // stop parsing auth req/response, attempt to resync in command state session_.setState(MySQLSession::State::Resync); session_.setExpectedSeq(MYSQL_REQUEST_PKT_NUM); } else { session_.setState(MySQLSession::State::NotHandled); } break; } case MySQLSession::State::Resync: { // re-sync to MYSQL_REQ state // expected seq check succeeded, no need to verify session_.setState(MySQLSession::State::Req); FALLTHRU; } // Process Command case MySQLSession::State::Req: { Command command{}; command.decode(message, seq, len); callbacks_.onCommand(command); session_.setState(MySQLSession::State::ReqResp); break; } // Process Command Response case MySQLSession::State::ReqResp: { CommandResponse command_resp{}; command_resp.decode(message, seq, len); callbacks_.onCommandResponse(command_resp); session_.setState(MySQLSession::State::Req); session_.setExpectedSeq(MYSQL_REQUEST_PKT_NUM); break; } case MySQLSession::State::Error: case MySQLSession::State::NotHandled: default: break; } ENVOY_LOG(trace, "mysql_proxy: msg parsed, session in state {}", static_cast(session_.getState())); } bool DecoderImpl::decode(Buffer::Instance& data) { ENVOY_LOG(trace, "mysql_proxy: decoding {} bytes", data.length()); uint32_t len = 0; uint8_t seq = 0; if (BufferHelper::peekHdr(data, len, seq) != MYSQL_SUCCESS) { throw EnvoyException("error parsing mysql packet header"); } // If message is split over multiple packets, hold off until the entire message is available. // Consider the size of the header here as it's not consumed yet. if (sizeof(uint32_t) + len > data.length()) { return false; } BufferHelper::consumeHdr(data); // Consume the header once the message is fully available. callbacks_.onNewMessage(session_.getState()); // Ignore duplicate and out-of-sync packets. if (seq != session_.getExpectedSeq()) { callbacks_.onProtocolError(); ENVOY_LOG(info, "mysql_proxy: ignoring out-of-sync packet"); data.drain(len); // Ensure that the whole message was consumed return true; } session_.setExpectedSeq(seq + 1); const ssize_t data_len = data.length(); parseMessage(data, seq, len); const ssize_t consumed_len = data_len - data.length(); data.drain(len - consumed_len); // Ensure that the whole message was consumed ENVOY_LOG(trace, "mysql_proxy: {} bytes remaining in buffer", data.length()); return true; } void DecoderImpl::onData(Buffer::Instance& data) { // TODO(venilnoronha): handle messages over 16 mb. See // https://dev.mysql.com/doc/dev/mysql-server/latest/page_protocol_basic_packets.html#sect_protocol_basic_packets_sending_mt_16mb. while (!BufferHelper::endOfBuffer(data) && decode(data)) { } } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_decoder.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/common/sqlutils/sqlutils.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_session.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { /** * General callbacks for dispatching decoded MySQL messages to a sink. */ class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; virtual void onProtocolError() PURE; virtual void onNewMessage(MySQLSession::State) PURE; virtual void onServerGreeting(ServerGreeting&) PURE; virtual void onClientLogin(ClientLogin&) PURE; virtual void onClientLoginResponse(ClientLoginResponse&) PURE; virtual void onClientSwitchResponse(ClientSwitchResponse&) PURE; virtual void onMoreClientLoginResponse(ClientLoginResponse&) PURE; virtual void onCommand(Command&) PURE; virtual void onCommandResponse(CommandResponse&) PURE; }; /** * MySQL message decoder. */ class Decoder { public: virtual ~Decoder() = default; virtual void onData(Buffer::Instance& data) PURE; virtual MySQLSession& getSession() PURE; const Extensions::Common::SQLUtils::SQLUtils::DecoderAttributes& getAttributes() const { return attributes_; } protected: // Decoder attributes. Extensions::Common::SQLUtils::SQLUtils::DecoderAttributes attributes_; }; using DecoderPtr = std::unique_ptr; class DecoderImpl : public Decoder, Logger::Loggable { public: DecoderImpl(DecoderCallbacks& callbacks) : callbacks_(callbacks) {} // MySQLProxy::Decoder void onData(Buffer::Instance& data) override; MySQLSession& getSession() override { return session_; } private: bool decode(Buffer::Instance& data); void parseMessage(Buffer::Instance& message, uint8_t seq, uint32_t len); DecoderCallbacks& callbacks_; MySQLSession session_; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_filter.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_filter.h" #include "envoy/config/core/v3/base.pb.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { MySQLFilterConfig::MySQLFilterConfig(const std::string& stat_prefix, Stats::Scope& scope) : scope_(scope), stats_(generateStats(stat_prefix, scope)) {} MySQLFilter::MySQLFilter(MySQLFilterConfigSharedPtr config) : config_(std::move(config)) {} void MySQLFilter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; } Network::FilterStatus MySQLFilter::onData(Buffer::Instance& data, bool) { // Safety measure just to make sure that if we have a decoding error we keep going and lose stats. // This can be removed once we are more confident of this code. if (sniffing_) { read_buffer_.add(data); doDecode(read_buffer_); } return Network::FilterStatus::Continue; } Network::FilterStatus MySQLFilter::onWrite(Buffer::Instance& data, bool) { // Safety measure just to make sure that if we have a decoding error we keep going and lose stats. // This can be removed once we are more confident of this code. if (sniffing_) { write_buffer_.add(data); doDecode(write_buffer_); } return Network::FilterStatus::Continue; } void MySQLFilter::doDecode(Buffer::Instance& buffer) { // Clear dynamic metadata. envoy::config::core::v3::Metadata& dynamic_metadata = read_callbacks_->connection().streamInfo().dynamicMetadata(); auto& metadata = (*dynamic_metadata.mutable_filter_metadata())[NetworkFilterNames::get().MySQLProxy]; metadata.mutable_fields()->clear(); if (!decoder_) { decoder_ = createDecoder(*this); } try { decoder_->onData(buffer); } catch (EnvoyException& e) { ENVOY_LOG(info, "mysql_proxy: decoding error: {}", e.what()); config_->stats_.decoder_errors_.inc(); sniffing_ = false; read_buffer_.drain(read_buffer_.length()); write_buffer_.drain(write_buffer_.length()); } } DecoderPtr MySQLFilter::createDecoder(DecoderCallbacks& callbacks) { return std::make_unique(callbacks); } void MySQLFilter::onProtocolError() { config_->stats_.protocol_errors_.inc(); } void MySQLFilter::onNewMessage(MySQLSession::State state) { if (state == MySQLSession::State::ChallengeReq) { config_->stats_.login_attempts_.inc(); } } void MySQLFilter::onClientLogin(ClientLogin& client_login) { if (client_login.isSSLRequest()) { config_->stats_.upgraded_to_ssl_.inc(); } } void MySQLFilter::onClientLoginResponse(ClientLoginResponse& client_login_resp) { if (client_login_resp.getRespCode() == MYSQL_RESP_AUTH_SWITCH) { config_->stats_.auth_switch_request_.inc(); } else if (client_login_resp.getRespCode() == MYSQL_RESP_ERR) { config_->stats_.login_failures_.inc(); } } void MySQLFilter::onMoreClientLoginResponse(ClientLoginResponse& client_login_resp) { if (client_login_resp.getRespCode() == MYSQL_RESP_ERR) { config_->stats_.login_failures_.inc(); } } void MySQLFilter::onCommand(Command& command) { if (!command.isQuery()) { return; } // Parse a given query envoy::config::core::v3::Metadata& dynamic_metadata = read_callbacks_->connection().streamInfo().dynamicMetadata(); ProtobufWkt::Struct metadata( (*dynamic_metadata.mutable_filter_metadata())[NetworkFilterNames::get().MySQLProxy]); auto result = Common::SQLUtils::SQLUtils::setMetadata(command.getData(), decoder_->getAttributes(), metadata); ENVOY_CONN_LOG(trace, "mysql_proxy: query processed {}", read_callbacks_->connection(), command.getData()); if (!result) { config_->stats_.queries_parse_error_.inc(); return; } config_->stats_.queries_parsed_.inc(); read_callbacks_->connection().streamInfo().setDynamicMetadata( NetworkFilterNames::get().MySQLProxy, metadata); } Network::FilterStatus MySQLFilter::onNewConnection() { config_->stats_.sessions_.inc(); return Network::FilterStatus::Continue; } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_filter.h ================================================ #pragma once #include "envoy/access_log/access_log.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/filters/network/mysql_proxy/mysql_codec.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_decoder.h" #include "extensions/filters/network/mysql_proxy/mysql_session.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { /** * All MySQL proxy stats. @see stats_macros.h */ #define ALL_MYSQL_PROXY_STATS(COUNTER) \ COUNTER(sessions) \ COUNTER(login_attempts) \ COUNTER(login_failures) \ COUNTER(decoder_errors) \ COUNTER(protocol_errors) \ COUNTER(upgraded_to_ssl) \ COUNTER(auth_switch_request) \ COUNTER(queries_parsed) \ COUNTER(queries_parse_error) /** * Struct definition for all MySQL proxy stats. @see stats_macros.h */ struct MySQLProxyStats { ALL_MYSQL_PROXY_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the MySQL proxy filter. */ class MySQLFilterConfig { public: MySQLFilterConfig(const std::string& stat_prefix, Stats::Scope& scope); const MySQLProxyStats& stats() { return stats_; } Stats::Scope& scope_; MySQLProxyStats stats_; private: MySQLProxyStats generateStats(const std::string& prefix, Stats::Scope& scope) { return MySQLProxyStats{ALL_MYSQL_PROXY_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } }; using MySQLFilterConfigSharedPtr = std::shared_ptr; /** * Implementation of MySQL proxy filter. */ class MySQLFilter : public Network::Filter, DecoderCallbacks, Logger::Loggable { public: MySQLFilter(MySQLFilterConfigSharedPtr config); ~MySQLFilter() override = default; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Network::WriteFilter Network::FilterStatus onWrite(Buffer::Instance& data, bool end_stream) override; // MySQLProxy::DecoderCallback void onProtocolError() override; void onNewMessage(MySQLSession::State state) override; void onServerGreeting(ServerGreeting&) override{}; void onClientLogin(ClientLogin& message) override; void onClientLoginResponse(ClientLoginResponse& message) override; void onClientSwitchResponse(ClientSwitchResponse&) override{}; void onMoreClientLoginResponse(ClientLoginResponse& message) override; void onCommand(Command& message) override; void onCommandResponse(CommandResponse&) override{}; void doDecode(Buffer::Instance& buffer); DecoderPtr createDecoder(DecoderCallbacks& callbacks); MySQLSession& getSession() { return decoder_->getSession(); } private: Network::ReadFilterCallbacks* read_callbacks_{}; MySQLFilterConfigSharedPtr config_; Buffer::OwnedImpl read_buffer_; Buffer::OwnedImpl write_buffer_; std::unique_ptr decoder_; bool sniffing_{true}; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_session.h ================================================ #pragma once #include #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { class MySQLSession : Logger::Loggable { public: enum class State { Init = 0, ChallengeReq = 1, ChallengeResp41 = 2, ChallengeResp320 = 3, SslPt = 4, AuthSwitchReq = 5, AuthSwitchReqOld = 6, AuthSwitchResp = 7, AuthSwitchMore = 8, ReqResp = 9, Req = 10, Resync = 11, NotHandled = 12, Error = 13, }; void setState(MySQLSession::State state) { state_ = state; } MySQLSession::State getState() { return state_; } uint8_t getExpectedSeq() { return expected_seq_; } void setExpectedSeq(uint8_t seq) { expected_seq_ = seq; } private: MySQLSession::State state_{State::Init}; uint8_t expected_seq_{0}; }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_utils.cc ================================================ #include "extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { void BufferHelper::addUint8(Buffer::Instance& buffer, uint8_t val) { buffer.writeLEInt(val); } void BufferHelper::addUint16(Buffer::Instance& buffer, uint16_t val) { buffer.writeLEInt(val); } void BufferHelper::addUint32(Buffer::Instance& buffer, uint32_t val) { buffer.writeLEInt(val); } void BufferHelper::addString(Buffer::Instance& buffer, const std::string& str) { buffer.add(str); } std::string BufferHelper::encodeHdr(const std::string& cmd_str, uint8_t seq) { Buffer::OwnedImpl buffer; // First byte contains sequence number, next 3 bytes contain cmd string size uint32_t header = (seq << 24) | (cmd_str.length() & MYSQL_HDR_PKT_SIZE_MASK); addUint32(buffer, header); std::string e_string = buffer.toString(); e_string.append(cmd_str); return e_string; } bool BufferHelper::endOfBuffer(Buffer::Instance& buffer) { return buffer.length() == 0; } int BufferHelper::readUint8(Buffer::Instance& buffer, uint8_t& val) { try { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint8_t)); return MYSQL_SUCCESS; } catch (EnvoyException& e) { // buffer underflow return MYSQL_FAILURE; } } int BufferHelper::readUint16(Buffer::Instance& buffer, uint16_t& val) { try { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint16_t)); return MYSQL_SUCCESS; } catch (EnvoyException& e) { // buffer underflow return MYSQL_FAILURE; } } int BufferHelper::readUint32(Buffer::Instance& buffer, uint32_t& val) { try { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint32_t)); return MYSQL_SUCCESS; } catch (EnvoyException& e) { // buffer underflow return MYSQL_FAILURE; } } // Implementation of MySQL lenenc encoder based on // https://dev.mysql.com/doc/internals/en/integer.html#packet-Protocol::LengthEncodedInteger int BufferHelper::readLengthEncodedInteger(Buffer::Instance& buffer, uint64_t& val) { uint8_t byte_val = 0; if (readUint8(buffer, byte_val) == MYSQL_FAILURE) { return MYSQL_FAILURE; } if (byte_val < LENENCODINT_1BYTE) { val = byte_val; return MYSQL_SUCCESS; } try { if (byte_val == LENENCODINT_2BYTES) { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint16_t)); } else if (byte_val == LENENCODINT_3BYTES) { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint8_t) * 3); } else if (byte_val == LENENCODINT_8BYTES) { val = buffer.peekLEInt(0); buffer.drain(sizeof(uint64_t)); } else { return MYSQL_FAILURE; } } catch (EnvoyException& e) { // buffer underflow return MYSQL_FAILURE; } return MYSQL_SUCCESS; } int BufferHelper::readBytes(Buffer::Instance& buffer, size_t skip_bytes) { if (buffer.length() < skip_bytes) { return MYSQL_FAILURE; } buffer.drain(skip_bytes); return MYSQL_SUCCESS; } int BufferHelper::readString(Buffer::Instance& buffer, std::string& str) { char end = MYSQL_STR_END; ssize_t index = buffer.search(&end, sizeof(end), 0); if (index == -1) { return MYSQL_FAILURE; } if (static_cast(buffer.length()) < (index + 1)) { return MYSQL_FAILURE; } str.assign(std::string(static_cast(buffer.linearize(index)), index)); str = str.substr(0); buffer.drain(index + 1); return MYSQL_SUCCESS; } int BufferHelper::readStringBySize(Buffer::Instance& buffer, size_t len, std::string& str) { if (buffer.length() < len) { return MYSQL_FAILURE; } str.assign(std::string(static_cast(buffer.linearize(len)), len)); str = str.substr(0); buffer.drain(len); return MYSQL_SUCCESS; } int BufferHelper::peekUint32(Buffer::Instance& buffer, uint32_t& val) { try { val = buffer.peekLEInt(0); return MYSQL_SUCCESS; } catch (EnvoyException& e) { // buffer underflow return MYSQL_FAILURE; } } void BufferHelper::consumeHdr(Buffer::Instance& buffer) { buffer.drain(sizeof(uint32_t)); } int BufferHelper::peekHdr(Buffer::Instance& buffer, uint32_t& len, uint8_t& seq) { uint32_t val = 0; if (peekUint32(buffer, val) != MYSQL_SUCCESS) { return MYSQL_FAILURE; } seq = htobe32(val) & MYSQL_HDR_SEQ_MASK; len = val & MYSQL_HDR_PKT_SIZE_MASK; ENVOY_LOG(trace, "mysql_proxy: MYSQL-hdrseq {}, len {}", seq, len); return MYSQL_SUCCESS; } } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/mysql_proxy/mysql_utils.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/byte_order.h" #include "common/common/logger.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "extensions/filters/network/mysql_proxy/mysql_session.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace MySQLProxy { /** * IO helpers for reading/writing MySQL data from/to a buffer. * MySQL uses unsigned integer values in Little Endian format only. */ class BufferHelper : public Logger::Loggable { public: static void addUint8(Buffer::Instance& buffer, uint8_t val); static void addUint16(Buffer::Instance& buffer, uint16_t val); static void addUint32(Buffer::Instance& buffer, uint32_t val); static void addString(Buffer::Instance& buffer, const std::string& str); static std::string encodeHdr(const std::string& cmd_str, uint8_t seq); static bool endOfBuffer(Buffer::Instance& buffer); static int readUint8(Buffer::Instance& buffer, uint8_t& val); static int readUint16(Buffer::Instance& buffer, uint16_t& val); static int readUint32(Buffer::Instance& buffer, uint32_t& val); static int readLengthEncodedInteger(Buffer::Instance& buffer, uint64_t& val); static int readBytes(Buffer::Instance& buffer, size_t skip_bytes); static int readString(Buffer::Instance& buffer, std::string& str); static int readStringBySize(Buffer::Instance& buffer, size_t len, std::string& str); static int peekUint32(Buffer::Instance& buffer, uint32_t& val); static void consumeHdr(Buffer::Instance& buffer); static int peekHdr(Buffer::Instance& buffer, uint32_t& len, uint8_t& seq); }; } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 #package(default_visibility = ["//visibility:public"]) # PostgresSQL proxy L7 network filter. # Public docs: docs/root/configuration/network_filters/postgres_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "filter", srcs = [ "postgres_decoder.cc", "postgres_filter.cc", "postgres_message.cc", ], hdrs = [ "postgres_decoder.h", "postgres_filter.h", "postgres_message.h", "postgres_session.h", ], repository = "@envoy", deps = [ "//include/envoy/network:filter_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/network:filter_lib", "//source/extensions/common/sqlutils:sqlutils_lib", "//source/extensions/filters/network:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], repository = "@envoy", security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":filter", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/postgres_proxy/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/postgres_proxy/config.cc ================================================ #include "extensions/filters/network/postgres_proxy/config.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { /** * Config registration for the Postgres proxy filter. @see NamedNetworkFilterConfigFactory. */ Network::FilterFactoryCb NetworkFilters::PostgresProxy::PostgresConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::postgres_proxy::v3alpha::PostgresProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); const std::string stat_prefix = fmt::format("postgres.{}", proto_config.stat_prefix()); const bool enable_sql = PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config, enable_sql_parsing, true); PostgresFilterConfigSharedPtr filter_config( std::make_shared(stat_prefix, enable_sql, context.scope())); return [filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addFilter(std::make_shared(filter_config)); }; } /** * Static registration for the Postgres proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(PostgresConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.pb.h" #include "envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/postgres_proxy/postgres_filter.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { /** * Config registration for the Postgres proxy filter. */ class PostgresConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::postgres_proxy::v3alpha::PostgresProxy> { public: PostgresConfigFactory() : FactoryBase{NetworkFilterNames::get().PostgresProxy} {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::postgres_proxy::v3alpha::PostgresProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_decoder.cc ================================================ #include "extensions/filters/network/postgres_proxy/postgres_decoder.h" #include #include "absl/strings/str_split.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { #define BODY_FORMAT(...) \ []() -> std::unique_ptr { return createMsgBodyReader<__VA_ARGS__>(); } #define NO_BODY BODY_FORMAT() void DecoderImpl::initialize() { // Special handler for first message of the transaction. first_ = MessageProcessor{"Startup", BODY_FORMAT(Int32, Repeated), {&DecoderImpl::onStartup}}; // Frontend messages. FE_messages_.direction_ = "Frontend"; // Setup handlers for known messages. absl::flat_hash_map& FE_known_msgs = FE_messages_.messages_; // Handler for known Frontend messages. FE_known_msgs['B'] = MessageProcessor{ "Bind", BODY_FORMAT(String, String, Array, Array, Array), {}}; FE_known_msgs['C'] = MessageProcessor{"Close", BODY_FORMAT(Byte1, String), {}}; FE_known_msgs['d'] = MessageProcessor{"CopyData", BODY_FORMAT(ByteN), {}}; FE_known_msgs['c'] = MessageProcessor{"CopyDone", NO_BODY, {}}; FE_known_msgs['f'] = MessageProcessor{"CopyFail", BODY_FORMAT(String), {}}; FE_known_msgs['D'] = MessageProcessor{"Describe", BODY_FORMAT(Byte1, String), {}}; FE_known_msgs['E'] = MessageProcessor{"Execute", BODY_FORMAT(String, Int32), {}}; FE_known_msgs['H'] = MessageProcessor{"Flush", NO_BODY, {}}; FE_known_msgs['F'] = MessageProcessor{ "FunctionCall", BODY_FORMAT(Int32, Array, Array, Int16), {}}; FE_known_msgs['p'] = MessageProcessor{"PasswordMessage/GSSResponse/SASLInitialResponse/SASLResponse", BODY_FORMAT(Int32, ByteN), {}}; FE_known_msgs['P'] = MessageProcessor{"Parse", BODY_FORMAT(String, String, Array), {&DecoderImpl::onParse}}; FE_known_msgs['Q'] = MessageProcessor{"Query", BODY_FORMAT(String), {&DecoderImpl::onQuery}}; FE_known_msgs['S'] = MessageProcessor{"Sync", NO_BODY, {}}; FE_known_msgs['X'] = MessageProcessor{"Terminate", NO_BODY, {&DecoderImpl::decodeFrontendTerminate}}; // Handler for unknown Frontend messages. FE_messages_.unknown_ = MessageProcessor{"Other", BODY_FORMAT(ByteN), {&DecoderImpl::incMessagesUnknown}}; // Backend messages. BE_messages_.direction_ = "Backend"; // Setup handlers for known messages. absl::flat_hash_map& BE_known_msgs = BE_messages_.messages_; // Handler for known Backend messages. BE_known_msgs['R'] = MessageProcessor{"Authentication", BODY_FORMAT(ByteN), {&DecoderImpl::decodeAuthentication}}; BE_known_msgs['K'] = MessageProcessor{"BackendKeyData", BODY_FORMAT(Int32, Int32), {}}; BE_known_msgs['2'] = MessageProcessor{"BindComplete", NO_BODY, {}}; BE_known_msgs['3'] = MessageProcessor{"CloseComplete", NO_BODY, {}}; BE_known_msgs['C'] = MessageProcessor{ "CommandComplete", BODY_FORMAT(String), {&DecoderImpl::decodeBackendStatements}}; BE_known_msgs['d'] = MessageProcessor{"CopyData", BODY_FORMAT(ByteN), {}}; BE_known_msgs['c'] = MessageProcessor{"CopyDone", NO_BODY, {}}; BE_known_msgs['G'] = MessageProcessor{"CopyInResponse", BODY_FORMAT(Int8, Array), {}}; BE_known_msgs['H'] = MessageProcessor{"CopyOutResponse", BODY_FORMAT(Int8, Array), {}}; BE_known_msgs['W'] = MessageProcessor{"CopyBothResponse", BODY_FORMAT(Int8, Array), {}}; BE_known_msgs['D'] = MessageProcessor{"DataRow", BODY_FORMAT(Array), {}}; BE_known_msgs['I'] = MessageProcessor{"EmptyQueryResponse", NO_BODY, {}}; BE_known_msgs['E'] = MessageProcessor{ "ErrorResponse", BODY_FORMAT(Byte1, String), {&DecoderImpl::decodeBackendErrorResponse}}; BE_known_msgs['V'] = MessageProcessor{"FunctionCallResponse", BODY_FORMAT(VarByteN), {}}; BE_known_msgs['v'] = MessageProcessor{"NegotiateProtocolVersion", BODY_FORMAT(ByteN), {}}; BE_known_msgs['n'] = MessageProcessor{"NoData", NO_BODY, {}}; BE_known_msgs['N'] = MessageProcessor{ "NoticeResponse", BODY_FORMAT(ByteN), {&DecoderImpl::decodeBackendNoticeResponse}}; BE_known_msgs['A'] = MessageProcessor{"NotificationResponse", BODY_FORMAT(Int32, String, String), {}}; BE_known_msgs['t'] = MessageProcessor{"ParameterDescription", BODY_FORMAT(Array), {}}; BE_known_msgs['S'] = MessageProcessor{"ParameterStatus", BODY_FORMAT(String, String), {}}; BE_known_msgs['1'] = MessageProcessor{"ParseComplete", NO_BODY, {}}; BE_known_msgs['s'] = MessageProcessor{"PortalSuspend", NO_BODY, {}}; BE_known_msgs['Z'] = MessageProcessor{"ReadyForQuery", BODY_FORMAT(Byte1), {}}; BE_known_msgs['T'] = MessageProcessor{ "RowDescription", BODY_FORMAT(Array>), {}}; // Handler for unknown Backend messages. BE_messages_.unknown_ = MessageProcessor{"Other", BODY_FORMAT(ByteN), {&DecoderImpl::incMessagesUnknown}}; // Setup hash map for handling backend statements. BE_statements_["BEGIN"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Other); callbacks_->incTransactions(); session_.setInTransaction(true); }; BE_statements_["ROLLBACK"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Noop); callbacks_->incTransactionsRollback(); session_.setInTransaction(false); }; BE_statements_["START"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Other); callbacks_->incTransactions(); session_.setInTransaction(true); }; BE_statements_["COMMIT"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Noop); session_.setInTransaction(false); callbacks_->incTransactionsCommit(); }; BE_statements_["SELECT"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Select); callbacks_->incTransactions(); callbacks_->incTransactionsCommit(); }; BE_statements_["INSERT"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Insert); callbacks_->incTransactions(); callbacks_->incTransactionsCommit(); }; BE_statements_["UPDATE"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Update); callbacks_->incTransactions(); callbacks_->incTransactionsCommit(); }; BE_statements_["DELETE"] = [this](DecoderImpl*) -> void { callbacks_->incStatements(DecoderCallbacks::StatementType::Delete); callbacks_->incTransactions(); callbacks_->incTransactionsCommit(); }; // Setup hash map for handling backend ErrorResponse messages. BE_errors_.keywords_["ERROR"] = [this](DecoderImpl*) -> void { callbacks_->incErrors(DecoderCallbacks::ErrorType::Error); }; BE_errors_.keywords_["FATAL"] = [this](DecoderImpl*) -> void { callbacks_->incErrors(DecoderCallbacks::ErrorType::Fatal); }; BE_errors_.keywords_["PANIC"] = [this](DecoderImpl*) -> void { callbacks_->incErrors(DecoderCallbacks::ErrorType::Panic); }; // Setup handler which is called when decoder cannot decode the message and treats it as Unknown // Error message. BE_errors_.unknown_ = [this](DecoderImpl*) -> void { callbacks_->incErrors(DecoderCallbacks::ErrorType::Unknown); }; // Setup hash map for handling backend NoticeResponse messages. BE_notices_.keywords_["WARNING"] = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Warning); }; BE_notices_.keywords_["NOTICE"] = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Notice); }; BE_notices_.keywords_["DEBUG"] = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Debug); }; BE_notices_.keywords_["INFO"] = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Info); }; BE_notices_.keywords_["LOG"] = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Log); }; // Setup handler which is called when decoder cannot decode the message and treats it as Unknown // Notice message. BE_notices_.unknown_ = [this](DecoderImpl*) -> void { callbacks_->incNotices(DecoderCallbacks::NoticeType::Unknown); }; } bool DecoderImpl::parseMessage(Buffer::Instance& data) { ENVOY_LOG(trace, "postgres_proxy: parsing message, len {}", data.length()); // The minimum size of the message sufficient for parsing is 5 bytes. if (data.length() < 5) { // not enough data in the buffer. return false; } if (!startup_) { data.copyOut(0, 1, &command_); ENVOY_LOG(trace, "postgres_proxy: command is {}", command_); } // The 1 byte message type and message length should be in the buffer // Check if the entire message has been read. std::string message; message_len_ = data.peekBEInt(startup_ ? 0 : 1); if (data.length() < (message_len_ + (startup_ ? 0 : 1))) { ENVOY_LOG(trace, "postgres_proxy: cannot parse message. Need {} bytes in buffer", message_len_ + (startup_ ? 0 : 1)); // Not enough data in the buffer. return false; } if (startup_) { uint32_t code = data.peekBEInt(4); // Startup message with 1234 in the most significant 16 bits // indicate request to encrypt. if (code >= 0x04d20000) { ENVOY_LOG(trace, "postgres_proxy: detected encrypted traffic."); encrypted_ = true; startup_ = false; incSessionsEncrypted(); data.drain(data.length()); return false; } else { ENVOY_LOG(debug, "Detected version {}.{} of Postgres", code >> 16, code & 0x0000FFFF); // 4 bytes of length and 4 bytes of version code. } } data.drain(startup_ ? 4 : 5); // Length plus optional 1st byte. uint32_t bytes_to_read = message_len_ - 4; message.assign(std::string(static_cast(data.linearize(bytes_to_read)), bytes_to_read)); setMessage(message); ENVOY_LOG(trace, "postgres_proxy: msg parsed"); return true; } bool DecoderImpl::onData(Buffer::Instance& data, bool frontend) { // If encrypted, just drain the traffic. if (encrypted_) { ENVOY_LOG(trace, "postgres_proxy: ignoring {} bytes of encrypted data", data.length()); data.drain(data.length()); return true; } ENVOY_LOG(trace, "postgres_proxy: decoding {} bytes", data.length()); if (!parseMessage(data)) { return false; } MsgGroup& msg_processor = std::ref(frontend ? FE_messages_ : BE_messages_); frontend ? callbacks_->incMessagesFrontend() : callbacks_->incMessagesBackend(); // Set processing to the handler of unknown messages. // If message is found, the processing will be updated. std::reference_wrapper msg = msg_processor.unknown_; if (startup_) { msg = std::ref(first_); startup_ = false; } else { auto it = msg_processor.messages_.find(command_); if (it != msg_processor.messages_.end()) { msg = std::ref((*it).second); } } std::vector& actions = std::get<2>(msg.get()); for (const auto& action : actions) { action(this); } // message_len_ specifies total message length including 4 bytes long // "length" field. The length of message body is total length minus size // of "length" field (4 bytes). uint32_t bytes_to_read = message_len_ - 4; ENVOY_LOG(debug, "({}) command = {} ({})", msg_processor.direction_, command_, std::get<0>(msg.get())); ENVOY_LOG(debug, "({}) length = {}", msg_processor.direction_, message_len_); ENVOY_LOG(debug, "({}) message = {}", msg_processor.direction_, genDebugMessage(msg, data, bytes_to_read)); data.drain(bytes_to_read); ENVOY_LOG(trace, "postgres_proxy: {} bytes remaining in buffer", data.length()); return true; } // Method is called when C (CommandComplete) message has been // decoded. It extracts the keyword from message's payload // and updates stats associated with that keyword. void DecoderImpl::decodeBackendStatements() { // The message_ contains the statement. Find space character // and the statement is the first word. If space cannot be found // take the whole message. std::string statement = message_.substr(0, message_.find(' ')); auto it = BE_statements_.find(statement); if (it != BE_statements_.end()) { (*it).second(this); } else { callbacks_->incStatements(DecoderCallbacks::StatementType::Other); callbacks_->incTransactions(); callbacks_->incTransactionsCommit(); } } // Method is called when X (Terminate) message // is encountered by the decoder. void DecoderImpl::decodeFrontendTerminate() { if (session_.inTransaction()) { session_.setInTransaction(false); callbacks_->incTransactionsRollback(); } } // Method does deep inspection of Authentication message. // It looks for 4 bytes of zeros, which means that login to // database was successful. void DecoderImpl::decodeAuthentication() { // Check if auth message indicates successful authentication. // Length must be 8 and payload must be 0. if ((8 == message_len_) && (0 == message_.data()[0]) && (0 == message_.data()[1]) && (0 == message_.data()[2]) && (0 == message_.data()[3])) { incSessionsUnencrypted(); } } // Method is used to parse Error and Notice messages. Their syntax is the same, but they // use different keywords inside the message and statistics fields are different. void DecoderImpl::decodeErrorNotice(MsgParserDict& types) { // Error/Notice message should start with character "S". if (message_[0] != 'S') { types.unknown_(this); return; } for (const auto& it : types.keywords_) { // Try to find a keyword with S prefix or V prefix. // Postgres versions prior to 9.6 use only S prefix while // versions higher than 9.6 use S and V prefixes. if ((message_.find("S" + it.first) != std::string::npos) || (message_.find("V" + it.first) != std::string::npos)) { it.second(this); return; } } // Keyword was not found in the message. Count is as Unknown. types.unknown_(this); } // Method parses E (Error) message and looks for string // indicating that error happened. void DecoderImpl::decodeBackendErrorResponse() { decodeErrorNotice(BE_errors_); } // Method parses N (Notice) message and looks for string // indicating its meaning. It can be warning, notice, info, debug or log. void DecoderImpl::decodeBackendNoticeResponse() { decodeErrorNotice(BE_notices_); } // Method parses Parse message of the following format: // String: The name of the destination prepared statement (an empty string selects the unnamed // prepared statement). // // String: The query string to be parsed. // // Int16: The number of parameter data // types specified (can be zero). Note that this is not an indication of the number of parameters // that might appear in the query string, only the number that the frontend wants to pre-specify // types for. Then, for each parameter, there is the following: // // Int32: Specifies the object ID of // the parameter data type. Placing a zero here is equivalent to leaving the type unspecified. void DecoderImpl::onParse() { // The first two strings are separated by \0. // The first string is optional. If no \0 is found it means // that the message contains query string only. std::vector query_parts = absl::StrSplit(message_, absl::ByChar('\0')); callbacks_->processQuery(query_parts[1]); } void DecoderImpl::onQuery() { callbacks_->processQuery(message_); } // Method is invoked on clear-text Startup message. // The message format is continuous string of the following format: // userdatabaseapplication_nameencoding void DecoderImpl::onStartup() { // First 4 bytes of startup message contains version code. // It is skipped. After that message contains attributes. attributes_ = absl::StrSplit(message_.substr(4), absl::ByChar('\0'), absl::SkipEmpty()); // If "database" attribute is not found, default it to "user" attribute. if ((attributes_.find("database") == attributes_.end()) && (attributes_.find("user") != attributes_.end())) { attributes_["database"] = attributes_["user"]; } } // Method generates displayable format of currently processed message. const std::string DecoderImpl::genDebugMessage(const MessageProcessor& msg, Buffer::Instance& data, uint32_t message_len) { const MsgBodyReader& f = std::get<1>(msg); std::string message = "Unrecognized"; if (f != nullptr) { const auto msgParser = f(); msgParser->read(data, message_len); message = msgParser->toString(); } return message; } } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_decoder.h ================================================ #pragma once #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/common/sqlutils/sqlutils.h" #include "extensions/filters/network/postgres_proxy/postgres_message.h" #include "extensions/filters/network/postgres_proxy/postgres_session.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { // General callbacks for dispatching decoded Postgres messages to a sink. class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; virtual void incMessagesBackend() PURE; virtual void incMessagesFrontend() PURE; virtual void incMessagesUnknown() PURE; virtual void incSessionsEncrypted() PURE; virtual void incSessionsUnencrypted() PURE; enum class StatementType { Insert, Delete, Select, Update, Other, Noop }; virtual void incStatements(StatementType) PURE; virtual void incTransactions() PURE; virtual void incTransactionsCommit() PURE; virtual void incTransactionsRollback() PURE; enum class NoticeType { Warning, Notice, Debug, Info, Log, Unknown }; virtual void incNotices(NoticeType) PURE; enum class ErrorType { Error, Fatal, Panic, Unknown }; virtual void incErrors(ErrorType) PURE; virtual void processQuery(const std::string&) PURE; }; // Postgres message decoder. class Decoder { public: virtual ~Decoder() = default; virtual bool onData(Buffer::Instance& data, bool frontend) PURE; virtual PostgresSession& getSession() PURE; const Extensions::Common::SQLUtils::SQLUtils::DecoderAttributes& getAttributes() const { return attributes_; } protected: // Decoder attributes extracted from Startup message. // It can be username, database name, client app type, etc. Extensions::Common::SQLUtils::SQLUtils::DecoderAttributes attributes_; }; using DecoderPtr = std::unique_ptr; class DecoderImpl : public Decoder, Logger::Loggable { public: DecoderImpl(DecoderCallbacks* callbacks) : callbacks_(callbacks) { initialize(); } bool onData(Buffer::Instance& data, bool frontend) override; PostgresSession& getSession() override { return session_; } void setMessage(std::string message) { message_ = message; } std::string getMessage() { return message_; } void setStartup(bool startup) { startup_ = startup; } void initialize(); bool encrypted() const { return encrypted_; } protected: // MsgAction defines the Decoder's method which will be invoked // when a specific message has been decoded. using MsgAction = std::function; // MsgBodyReader is a function which returns a pointer to a Message // class which is able to read the Postgres message body. // The Postgres message body structure depends on the message type. using MsgBodyReader = std::function()>; // MessageProcessor has the following fields: // first - string with message description // second - function which instantiates a Message object of specific type // which is capable of parsing the message's body. // third - vector of Decoder's methods which are invoked when the message // is processed. using MessageProcessor = std::tuple>; // Frontend and Backend messages. using MsgGroup = struct { // String describing direction (Frontend or Backend). std::string direction_; // Hash map indexed by messages' 1st byte points to handlers used for processing messages. absl::flat_hash_map messages_; // Handler used for processing messages not found in hash map. MessageProcessor unknown_; }; // Hash map binding keyword found in a message to an // action to be executed when the keyword is found. using KeywordProcessor = absl::flat_hash_map; // Structure is used for grouping keywords found in a specific message. // Known keywords are dispatched via hash map and unknown keywords // are handled by unknown_. using MsgParserDict = struct { // Handler for known keywords. KeywordProcessor keywords_; // Handler invoked when a keyword is not found in hash map. MsgAction unknown_; }; bool parseMessage(Buffer::Instance& data); void decode(Buffer::Instance& data); void decodeAuthentication(); void decodeBackendStatements(); void decodeBackendErrorResponse(); void decodeBackendNoticeResponse(); void decodeFrontendTerminate(); void decodeErrorNotice(MsgParserDict& types); void onQuery(); void onParse(); void onStartup(); void incMessagesUnknown() { callbacks_->incMessagesUnknown(); } void incSessionsEncrypted() { callbacks_->incSessionsEncrypted(); } void incSessionsUnencrypted() { callbacks_->incSessionsUnencrypted(); } // Helper method generating currently processed message in // displayable format. const std::string genDebugMessage(const MessageProcessor& msg, Buffer::Instance& data, uint32_t message_len); DecoderCallbacks* callbacks_{}; PostgresSession session_{}; // The following fields store result of message parsing. char command_{}; std::string message_; uint32_t message_len_{}; bool startup_{true}; // startup stage does not have 1st byte command bool encrypted_{false}; // tells if exchange is encrypted // Dispatchers for Backend (BE) and Frontend (FE) messages. MsgGroup FE_messages_; MsgGroup BE_messages_; // Handler for startup postgres message. // Startup message message which does not start with 1 byte TYPE. // It starts with message length and must be therefore handled // differently. MessageProcessor first_; // hash map for dispatching backend transaction messages KeywordProcessor BE_statements_; MsgParserDict BE_errors_; MsgParserDict BE_notices_; }; } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_filter.cc ================================================ #include "extensions/filters/network/postgres_proxy/postgres_filter.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "extensions/filters/network/postgres_proxy/postgres_decoder.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { PostgresFilterConfig::PostgresFilterConfig(const std::string& stat_prefix, bool enable_sql_parsing, Stats::Scope& scope) : enable_sql_parsing_(enable_sql_parsing), scope_{scope}, stats_{generateStats(stat_prefix, scope)} {} PostgresFilter::PostgresFilter(PostgresFilterConfigSharedPtr config) : config_{config} { if (!decoder_) { decoder_ = createDecoder(this); } } // Network::ReadFilter Network::FilterStatus PostgresFilter::onData(Buffer::Instance& data, bool) { ENVOY_CONN_LOG(trace, "postgres_proxy: got {} bytes", read_callbacks_->connection(), data.length()); // Frontend Buffer frontend_buffer_.add(data); doDecode(frontend_buffer_, true); return Network::FilterStatus::Continue; } Network::FilterStatus PostgresFilter::onNewConnection() { return Network::FilterStatus::Continue; } void PostgresFilter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; } // Network::WriteFilter Network::FilterStatus PostgresFilter::onWrite(Buffer::Instance& data, bool) { // Backend Buffer backend_buffer_.add(data); doDecode(backend_buffer_, false); return Network::FilterStatus::Continue; } DecoderPtr PostgresFilter::createDecoder(DecoderCallbacks* callbacks) { return std::make_unique(callbacks); } void PostgresFilter::incMessagesBackend() { config_->stats_.messages_.inc(); config_->stats_.messages_backend_.inc(); } void PostgresFilter::incMessagesFrontend() { config_->stats_.messages_.inc(); config_->stats_.messages_frontend_.inc(); } void PostgresFilter::incMessagesUnknown() { config_->stats_.messages_.inc(); config_->stats_.messages_unknown_.inc(); } void PostgresFilter::incSessionsEncrypted() { config_->stats_.sessions_.inc(); config_->stats_.sessions_encrypted_.inc(); } void PostgresFilter::incSessionsUnencrypted() { config_->stats_.sessions_.inc(); config_->stats_.sessions_unencrypted_.inc(); } void PostgresFilter::incTransactions() { if (!decoder_->getSession().inTransaction()) { config_->stats_.transactions_.inc(); } } void PostgresFilter::incTransactionsCommit() { if (!decoder_->getSession().inTransaction()) { config_->stats_.transactions_commit_.inc(); } } void PostgresFilter::incTransactionsRollback() { if (!decoder_->getSession().inTransaction()) { config_->stats_.transactions_rollback_.inc(); } } void PostgresFilter::incNotices(NoticeType type) { config_->stats_.notices_.inc(); switch (type) { case DecoderCallbacks::NoticeType::Warning: config_->stats_.notices_warning_.inc(); break; case DecoderCallbacks::NoticeType::Notice: config_->stats_.notices_notice_.inc(); break; case DecoderCallbacks::NoticeType::Debug: config_->stats_.notices_debug_.inc(); break; case DecoderCallbacks::NoticeType::Info: config_->stats_.notices_info_.inc(); break; case DecoderCallbacks::NoticeType::Log: config_->stats_.notices_log_.inc(); break; case DecoderCallbacks::NoticeType::Unknown: config_->stats_.notices_unknown_.inc(); break; } } void PostgresFilter::incErrors(ErrorType type) { config_->stats_.errors_.inc(); switch (type) { case DecoderCallbacks::ErrorType::Error: config_->stats_.errors_error_.inc(); break; case DecoderCallbacks::ErrorType::Fatal: config_->stats_.errors_fatal_.inc(); break; case DecoderCallbacks::ErrorType::Panic: config_->stats_.errors_panic_.inc(); break; case DecoderCallbacks::ErrorType::Unknown: config_->stats_.errors_unknown_.inc(); break; } } void PostgresFilter::incStatements(StatementType type) { config_->stats_.statements_.inc(); switch (type) { case DecoderCallbacks::StatementType::Insert: config_->stats_.statements_insert_.inc(); break; case DecoderCallbacks::StatementType::Delete: config_->stats_.statements_delete_.inc(); break; case DecoderCallbacks::StatementType::Select: config_->stats_.statements_select_.inc(); break; case DecoderCallbacks::StatementType::Update: config_->stats_.statements_update_.inc(); break; case DecoderCallbacks::StatementType::Other: config_->stats_.statements_other_.inc(); break; case DecoderCallbacks::StatementType::Noop: break; } } void PostgresFilter::processQuery(const std::string& sql) { if (config_->enable_sql_parsing_) { ProtobufWkt::Struct metadata; auto result = Common::SQLUtils::SQLUtils::setMetadata(sql, decoder_->getAttributes(), metadata); if (!result) { config_->stats_.statements_parse_error_.inc(); ENVOY_CONN_LOG(trace, "postgres_proxy: cannot parse SQL: {}", read_callbacks_->connection(), sql.c_str()); return; } config_->stats_.statements_parsed_.inc(); ENVOY_CONN_LOG(trace, "postgres_proxy: query processed {}", read_callbacks_->connection(), sql.c_str()); // Set dynamic metadata read_callbacks_->connection().streamInfo().setDynamicMetadata( NetworkFilterNames::get().PostgresProxy, metadata); } } void PostgresFilter::doDecode(Buffer::Instance& data, bool frontend) { // Keep processing data until buffer is empty or decoder says // that it cannot process data in the buffer. while ((0 < data.length()) && (decoder_->onData(data, frontend))) { ; } } } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_filter.h ================================================ #pragma once #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/filters/network/postgres_proxy/postgres_decoder.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { /** * All Postgres proxy stats. @see stats_macros.h */ #define ALL_POSTGRES_PROXY_STATS(COUNTER) \ COUNTER(errors) \ COUNTER(errors_error) \ COUNTER(errors_fatal) \ COUNTER(errors_panic) \ COUNTER(errors_unknown) \ COUNTER(messages) \ COUNTER(messages_backend) \ COUNTER(messages_frontend) \ COUNTER(messages_unknown) \ COUNTER(sessions) \ COUNTER(sessions_encrypted) \ COUNTER(sessions_unencrypted) \ COUNTER(statements) \ COUNTER(statements_insert) \ COUNTER(statements_delete) \ COUNTER(statements_update) \ COUNTER(statements_select) \ COUNTER(statements_other) \ COUNTER(transactions) \ COUNTER(transactions_commit) \ COUNTER(transactions_rollback) \ COUNTER(statements_parsed) \ COUNTER(statements_parse_error) \ COUNTER(notices) \ COUNTER(notices_notice) \ COUNTER(notices_warning) \ COUNTER(notices_debug) \ COUNTER(notices_info) \ COUNTER(notices_log) \ COUNTER(notices_unknown) /** * Struct definition for all Postgres proxy stats. @see stats_macros.h */ struct PostgresProxyStats { ALL_POSTGRES_PROXY_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the Postgres proxy filter. */ class PostgresFilterConfig { public: PostgresFilterConfig(const std::string& stat_prefix, bool enable_sql_parsing, Stats::Scope& scope); bool enable_sql_parsing_{true}; Stats::Scope& scope_; PostgresProxyStats stats_; private: PostgresProxyStats generateStats(const std::string& prefix, Stats::Scope& scope) { return PostgresProxyStats{ALL_POSTGRES_PROXY_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } }; using PostgresFilterConfigSharedPtr = std::shared_ptr; class PostgresFilter : public Network::Filter, DecoderCallbacks, Logger::Loggable { public: PostgresFilter(PostgresFilterConfigSharedPtr config); ~PostgresFilter() override = default; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Network::WriteFilter Network::FilterStatus onWrite(Buffer::Instance& data, bool end_stream) override; // PostgresProxy::DecoderCallback void incErrors(ErrorType) override; void incMessagesBackend() override; void incMessagesFrontend() override; void incMessagesUnknown() override; void incNotices(NoticeType) override; void incSessionsEncrypted() override; void incSessionsUnencrypted() override; void incStatements(StatementType) override; void incTransactions() override; void incTransactionsCommit() override; void incTransactionsRollback() override; void processQuery(const std::string&) override; void doDecode(Buffer::Instance& data, bool); DecoderPtr createDecoder(DecoderCallbacks* callbacks); void setDecoder(std::unique_ptr decoder) { decoder_ = std::move(decoder); } Decoder* getDecoder() const { return decoder_.get(); } // Routines used during integration and unit tests uint32_t getFrontendBufLength() const { return frontend_buffer_.length(); } uint32_t getBackendBufLength() const { return backend_buffer_.length(); } const PostgresProxyStats& getStats() const { return config_->stats_; } Network::Connection& connection() const { return read_callbacks_->connection(); } const PostgresFilterConfigSharedPtr& getConfig() const { return config_; } private: Network::ReadFilterCallbacks* read_callbacks_{}; PostgresFilterConfigSharedPtr config_; Buffer::OwnedImpl frontend_buffer_; Buffer::OwnedImpl backend_buffer_; std::unique_ptr decoder_; }; } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_message.cc ================================================ #include "extensions/filters/network/postgres_proxy/postgres_message.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { // String type methods. bool String::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { // First find the terminating zero. const char zero = 0; const ssize_t index = data.search(&zero, 1, pos); if (index == -1) { return false; } // Reserve that many bytes in the string. const uint64_t size = index - pos; value_.resize(size); // Now copy from buffer to string. data.copyOut(pos, index - pos, value_.data()); pos += (size + 1); left -= (size + 1); return true; } std::string String::toString() const { return absl::StrCat("[", value_, "]"); } // ByteN type methods. bool ByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { if (left > (data.length() - pos)) { return false; } value_.resize(left); data.copyOut(pos, left, value_.data()); pos += left; left = 0; return true; } std::string ByteN::toString() const { std::string out = "["; absl::StrAppend(&out, absl::StrJoin(value_, " ")); absl::StrAppend(&out, "]"); return out; } // VarByteN type methods. bool VarByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { if ((left < sizeof(int32_t)) || ((data.length() - pos) < sizeof(int32_t))) { return false; } len_ = data.peekBEInt(pos); pos += sizeof(int32_t); left -= sizeof(int32_t); if (len_ < 1) { // There is no payload if length is not positive. value_.clear(); return true; } if ((left < static_cast(len_)) || ((data.length() - pos) < static_cast(len_))) { return false; } value_.resize(len_); data.copyOut(pos, len_, value_.data()); pos += len_; left -= len_; return true; } std::string VarByteN::toString() const { std::string out; out = fmt::format("[({} bytes):", len_); absl::StrAppend(&out, absl::StrJoin(value_, " ")); absl::StrAppend(&out, "]"); return out; } } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_message.h ================================================ #include "common/buffer/buffer_impl.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" #include "fmt/printf.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { /** * Postgres messages are described in official Postgres documentation: * https://www.postgresql.org/docs/12/protocol-message-formats.html * * Most of messages start with 1-byte message identifier followed by 4-bytes length field. Few * messages are defined without starting 1-byte character and are used during well-defined initial * stage of connection process. * * Messages are composed from various fields: 8, 16, 32-bit integers, String, Arrays, etc. * * Structures defined below have the same naming as types used in official Postgres documentation. * * Each structure has the following methods: * read - to read number of bytes from received buffer. The number of bytes depends on structure * type. toString - method returns displayable representation of the structure value. * */ // Template for integer types. // Size of integer types is fixed and depends on the type of integer. template class Int { public: /** * Read integer value from data buffer. * @param data reference to a buffer containing data to read. * @param pos offset in the buffer where data to read is located. Successful read will advance * this parameter. * @param left number of bytes to be read to reach the end of Postgres message. * Successful read will adjust this parameter. * @return boolean value indicating whether read was successful. If read returns * false "pos" and "left" params are not updated. When read is not successful, * the caller should not continue reading next values from the data buffer * for the current message. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { if ((data.length() - pos) < sizeof(T)) { return false; } value_ = data.peekBEInt(pos); pos += sizeof(T); left -= sizeof(T); return true; } std::string toString() const { return fmt::format("[{}]", value_); } T get() const { return value_; } private: T value_{}; }; using Int32 = Int; using Int16 = Int; using Int8 = Int; // 8-bits character value. using Byte1 = Int; // String type requires byte with zero value to indicate end of string. class String { public: /** * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; private: std::string value_; }; // ByteN type is used as the last type in the Postgres message and contains // sequence of bytes. The length must be deduced from message length. class ByteN { public: /** * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; private: std::vector value_; }; // VarByteN represents the structure consisting of 4 bytes of length // indicating how many bytes follow. // In Postgres documentation it is described as: // - Int32 // The number of bytes in the structure (this count does not include itself). Can be // zero. As a special case, -1 indicates a NULL (no result). No value bytes follow in the NULL // case. // // - ByteN // The sequence of bytes representing the value. Bytes are present only when length has a positive // value. class VarByteN { public: /** * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; private: int32_t len_; std::vector value_; }; // Array contains one or more values of the same type. template class Array { public: /** * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { // First read the 16 bits value which indicates how many // elements there are in the array. if (((data.length() - pos) < sizeof(uint16_t)) || (left < sizeof(uint16_t))) { return false; } const uint16_t num = data.peekBEInt(pos); pos += sizeof(uint16_t); left -= sizeof(uint16_t); if (num != 0) { for (uint16_t i = 0; i < num; i++) { auto item = std::make_unique(); if (!item->read(data, pos, left)) { return false; } value_.push_back(std::move(item)); } } return true; } std::string toString() const { std::string out = fmt::format("[Array of {}:{{", value_.size()); // Iterate through all elements in the array. // No delimiter is required between elements, as each // element is wrapped in "[]" or "{}". for (const auto& i : value_) { absl::StrAppend(&out, i->toString()); } absl::StrAppend(&out, "}]"); return out; } private: std::vector> value_; }; // Repeated is a composite type used at the end of the message. // It indicates to read the value of the same type until the end // of the Postgres message. template class Repeated { public: /** * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { if ((data.length() - pos) < left) { return false; } // Read until nothing is left. while (left != 0) { auto item = std::make_unique(); if (!item->read(data, pos, left)) { return false; } value_.push_back(std::move(item)); } return true; } std::string toString() const { std::string out; // Iterate through all repeated elements. // No delimiter is required between elements, as each // element is wrapped in "[]" or "{}". for (const auto& i : value_) { absl::StrAppend(&out, i->toString()); } return out; } private: std::vector> value_; }; // Interface to Postgres message class. class Message { public: virtual ~Message() = default; // read method should read only as many bytes from data // buffer as it is indicated in message's length field. // "length" parameter indicates how many bytes were indicated in Postgres message's // length field. "data" buffer may contain more bytes than "length". virtual bool read(const Buffer::Instance& data, const uint64_t length) PURE; // toString method provides displayable representation of // the Postgres message. virtual std::string toString() const PURE; }; // Sequence is tuple like structure, which binds together // set of several fields of different types. template class Sequence; template class Sequence : public Message { FirstField first_; Sequence remaining_; public: Sequence() = default; std::string toString() const override { return absl::StrCat(first_.toString(), remaining_.toString()); } bool read(const Buffer::Instance& data, const uint64_t length) override { uint64_t pos = 0; uint64_t left = length; return read(data, pos, left); } /** * Implementation of "read" method for variadic template. * It reads data for the current type and invokes read operation * for remaining types. * See above for parameter and return value description for individual types. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { bool result = first_.read(data, pos, left); if (!result) { return false; } return remaining_.read(data, pos, left); } }; // Terminal template definition for variadic Sequence template. template <> class Sequence<> : public Message { public: Sequence<>() = default; std::string toString() const override { return ""; } bool read(const Buffer::Instance&, uint64_t&, uint64_t&) { return true; } bool read(const Buffer::Instance&, const uint64_t) override { return true; } }; // Helper function to create pointer to a Sequence structure and is used by Postgres // decoder after learning the type of Postgres message. template std::unique_ptr createMsgBodyReader() { return std::make_unique>(); } } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/postgres_proxy/postgres_session.h ================================================ #pragma once #include #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace PostgresProxy { // Class stores data about the current state of a transaction between postgres client and server. class PostgresSession { public: bool inTransaction() { return in_transaction_; }; void setInTransaction(bool in_transaction) { in_transaction_ = in_transaction; }; private: bool in_transaction_{false}; }; } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Ratelimit L4 network filter # Public docs: docs/root/configuration/network_filters/rate_limit_filter.rst envoy_extension_package() envoy_cc_library( name = "ratelimit_lib", srcs = ["ratelimit.cc"], hdrs = ["ratelimit.h"], # Legacy test use. TODO(#9953) clean up. visibility = [ "//source/extensions:__subpackages__", "//test/common/network:__pkg__", "//test/extensions:__subpackages__", ], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/ratelimit:ratelimit_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/stats:stats_macros", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "@envoy_api//envoy/extensions/filters/network/ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/ratelimit:ratelimit_lib", "@envoy_api//envoy/extensions/filters/network/ratelimit/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/ratelimit/config.cc ================================================ #include "extensions/filters/network/ratelimit/config.h" #include #include #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/common/ratelimit/ratelimit_impl.h" #include "extensions/filters/network/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RateLimitFilter { Network::FilterFactoryCb RateLimitConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::ratelimit::v3::RateLimit& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); ASSERT(!proto_config.domain().empty()); ASSERT(proto_config.descriptors_size() > 0); ConfigSharedPtr filter_config(new Config(proto_config, context.scope(), context.runtime())); const std::chrono::milliseconds timeout = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(proto_config, timeout, 20)); return [proto_config, &context, timeout, filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared( filter_config, Filters::Common::RateLimit::rateLimitClient( context, proto_config.rate_limit_service().grpc_service(), timeout, proto_config.rate_limit_service().transport_api_version()))); }; } /** * Static registration for the rate limit filter. @see RegisterFactory. */ REGISTER_FACTORY(RateLimitConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.ratelimit"}; } // namespace RateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ratelimit/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.validate.h" #include "extensions/filters/common/ratelimit/ratelimit.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RateLimitFilter { /** * Config registration for the rate limit filter. @see NamedNetworkFilterConfigFactory. */ class RateLimitConfigFactory : public Common::FactoryBase { public: RateLimitConfigFactory() : FactoryBase(NetworkFilterNames::get().RateLimit) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::ratelimit::v3::RateLimit& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace RateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ratelimit/ratelimit.cc ================================================ #include "extensions/filters/network/ratelimit/ratelimit.h" #include #include #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/stats/scope.h" #include "common/common/fmt.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RateLimitFilter { Config::Config(const envoy::extensions::filters::network::ratelimit::v3::RateLimit& config, Stats::Scope& scope, Runtime::Loader& runtime) : domain_(config.domain()), stats_(generateStats(config.stat_prefix(), scope)), runtime_(runtime), failure_mode_deny_(config.failure_mode_deny()) { for (const auto& descriptor : config.descriptors()) { RateLimit::Descriptor new_descriptor; for (const auto& entry : descriptor.entries()) { new_descriptor.entries_.push_back({entry.key(), entry.value()}); } descriptors_.push_back(new_descriptor); } } InstanceStats Config::generateStats(const std::string& name, Stats::Scope& scope) { std::string final_prefix = fmt::format("ratelimit.{}.", name); return {ALL_TCP_RATE_LIMIT_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; } Network::FilterStatus Filter::onData(Buffer::Instance&, bool) { return status_ == Status::Calling ? Network::FilterStatus::StopIteration : Network::FilterStatus::Continue; } Network::FilterStatus Filter::onNewConnection() { if (status_ == Status::NotStarted && !config_->runtime().snapshot().featureEnabled("ratelimit.tcp_filter_enabled", 100)) { status_ = Status::Complete; } if (status_ == Status::NotStarted) { status_ = Status::Calling; config_->stats().active_.inc(); config_->stats().total_.inc(); calling_limit_ = true; client_->limit(*this, config_->domain(), config_->descriptors(), Tracing::NullSpan::instance()); calling_limit_ = false; } return status_ == Status::Calling ? Network::FilterStatus::StopIteration : Network::FilterStatus::Continue; } void Filter::onEvent(Network::ConnectionEvent event) { // Make sure that any pending request in the client is cancelled. This will be NOP if the // request already completed. if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { if (status_ == Status::Calling) { client_->cancel(); config_->stats().active_.dec(); } } } void Filter::complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&&, Http::ResponseHeaderMapPtr&&, Http::RequestHeaderMapPtr&&) { status_ = Status::Complete; config_->stats().active_.dec(); switch (status) { case Filters::Common::RateLimit::LimitStatus::OK: config_->stats().ok_.inc(); break; case Filters::Common::RateLimit::LimitStatus::Error: config_->stats().error_.inc(); break; case Filters::Common::RateLimit::LimitStatus::OverLimit: config_->stats().over_limit_.inc(); break; } if (status == Filters::Common::RateLimit::LimitStatus::OverLimit && config_->runtime().snapshot().featureEnabled("ratelimit.tcp_filter_enforcing", 100)) { config_->stats().cx_closed_.inc(); filter_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } else if (status == Filters::Common::RateLimit::LimitStatus::Error) { if (config_->failureModeAllow()) { config_->stats().failure_mode_allowed_.inc(); if (!calling_limit_) { filter_callbacks_->continueReading(); } } else { config_->stats().cx_closed_.inc(); filter_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } } else { // We can get completion inline, so only call continue if that isn't happening. if (!calling_limit_) { filter_callbacks_->continueReading(); } } } } // namespace RateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/ratelimit/ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/ratelimit/ratelimit.h" #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RateLimitFilter { /** * All tcp rate limit stats. @see stats_macros.h */ #define ALL_TCP_RATE_LIMIT_STATS(COUNTER, GAUGE) \ COUNTER(cx_closed) \ COUNTER(error) \ COUNTER(failure_mode_allowed) \ COUNTER(ok) \ COUNTER(over_limit) \ COUNTER(total) \ GAUGE(active, Accumulate) /** * Struct definition for all tcp rate limit stats. @see stats_macros.h */ struct InstanceStats { ALL_TCP_RATE_LIMIT_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Global configuration for TCP rate limit filter. */ class Config { public: Config(const envoy::extensions::filters::network::ratelimit::v3::RateLimit& config, Stats::Scope& scope, Runtime::Loader& runtime); const std::string& domain() { return domain_; } const std::vector& descriptors() { return descriptors_; } Runtime::Loader& runtime() { return runtime_; } const InstanceStats& stats() { return stats_; } bool failureModeAllow() const { return !failure_mode_deny_; }; private: static InstanceStats generateStats(const std::string& name, Stats::Scope& scope); std::string domain_; std::vector descriptors_; const InstanceStats stats_; Runtime::Loader& runtime_; const bool failure_mode_deny_; }; using ConfigSharedPtr = std::shared_ptr; /** * TCP rate limit filter instance. This filter will call the rate limit service with the given * configuration parameters. If the rate limit service returns an error or an over limit the * connection will be closed without any further filters being called. Otherwise all buffered * data will be released to further filters. */ class Filter : public Network::ReadFilter, public Network::ConnectionCallbacks, public Filters::Common::RateLimit::RequestCallbacks { public: Filter(ConfigSharedPtr config, Filters::Common::RateLimit::ClientPtr&& client) : config_(config), client_(std::move(client)) {} // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { filter_callbacks_ = &callbacks; filter_callbacks_->connection().addConnectionCallbacks(*this); } // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // RateLimit::RequestCallbacks void complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) override; private: enum class Status { NotStarted, Calling, Complete }; ConfigSharedPtr config_; Filters::Common::RateLimit::ClientPtr client_; Network::ReadFilterCallbacks* filter_callbacks_{}; Status status_{Status::NotStarted}; bool calling_limit_{}; }; } // namespace RateLimitFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rbac/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":rbac_filter", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/config/rbac/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/rbac/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "rbac_filter", srcs = ["rbac_filter.cc"], hdrs = ["rbac_filter.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/rbac:engine_lib", "//source/extensions/filters/common/rbac:utility_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/rbac/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/rbac/config.cc ================================================ #include "extensions/filters/network/rbac/config.h" #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" #include "extensions/filters/network/rbac/rbac_filter.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RBACFilter { static void validateFail(const std::string& header) { throw EnvoyException(fmt::format("Found header({}) rule," "not supported by RBAC network filter", header)); } static void validatePermission(const envoy::config::rbac::v3::Permission& permission) { if (permission.has_header()) { validateFail(permission.header().DebugString()); } if (permission.has_and_rules()) { for (const auto& r : permission.and_rules().rules()) { validatePermission(r); } } if (permission.has_or_rules()) { for (const auto& r : permission.or_rules().rules()) { validatePermission(r); } } if (permission.has_not_rule()) { validatePermission(permission.not_rule()); } } static void validatePrincipal(const envoy::config::rbac::v3::Principal& principal) { if (principal.has_header()) { validateFail(principal.header().DebugString()); } if (principal.has_and_ids()) { for (const auto& r : principal.and_ids().ids()) { validatePrincipal(r); } } if (principal.has_or_ids()) { for (const auto& r : principal.or_ids().ids()) { validatePrincipal(r); } } if (principal.has_not_id()) { validatePrincipal(principal.not_id()); } } /** * Validate the RBAC rules doesn't include any header or metadata rule. */ static void validateRbacRules(const envoy::config::rbac::v3::RBAC& rules) { for (const auto& policy : rules.policies()) { for (const auto& permission : policy.second.permissions()) { validatePermission(permission); } for (const auto& principal : policy.second.principals()) { validatePrincipal(principal); } } } Network::FilterFactoryCb RoleBasedAccessControlNetworkFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::rbac::v3::RBAC& proto_config, Server::Configuration::FactoryContext& context) { validateRbacRules(proto_config.rules()); validateRbacRules(proto_config.shadow_rules()); RoleBasedAccessControlFilterConfigSharedPtr config( std::make_shared(proto_config, context.scope())); return [config](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared(config)); }; } /** * Static registration for the RBAC network filter. @see RegisterFactory. */ REGISTER_FACTORY(RoleBasedAccessControlNetworkFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace RBACFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rbac/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RBACFilter { /** * Config registration for the RBAC network filter. @see NamedNetworkFilterConfigFactory. */ class RoleBasedAccessControlNetworkFilterConfigFactory : public Common::FactoryBase { public: RoleBasedAccessControlNetworkFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().Rbac) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::rbac::v3::RBAC& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace RBACFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rbac/rbac_filter.cc ================================================ #include "extensions/filters/network/rbac/rbac_filter.h" #include "envoy/buffer/buffer.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/network/connection.h" #include "extensions/filters/network/well_known_names.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RBACFilter { RoleBasedAccessControlFilterConfig::RoleBasedAccessControlFilterConfig( const envoy::extensions::filters::network::rbac::v3::RBAC& proto_config, Stats::Scope& scope) : stats_(Filters::Common::RBAC::generateStats(proto_config.stat_prefix(), scope)), engine_(Filters::Common::RBAC::createEngine(proto_config)), shadow_engine_(Filters::Common::RBAC::createShadowEngine(proto_config)), enforcement_type_(proto_config.enforcement_type()) {} Network::FilterStatus RoleBasedAccessControlFilter::onData(Buffer::Instance&, bool) { ENVOY_LOG(debug, "checking connection: requestedServerName: {}, sourceIP: {}, directRemoteIP: {}," "remoteIP: {}, localAddress: {}, ssl: {}, dynamicMetadata: {}", callbacks_->connection().requestedServerName(), callbacks_->connection().remoteAddress()->asString(), callbacks_->connection().streamInfo().downstreamDirectRemoteAddress()->asString(), callbacks_->connection().streamInfo().downstreamRemoteAddress()->asString(), callbacks_->connection().streamInfo().downstreamLocalAddress()->asString(), callbacks_->connection().ssl() ? "uriSanPeerCertificate: " + absl::StrJoin(callbacks_->connection().ssl()->uriSanPeerCertificate(), ",") + ", dnsSanPeerCertificate: " + absl::StrJoin(callbacks_->connection().ssl()->dnsSansPeerCertificate(), ",") + ", subjectPeerCertificate: " + callbacks_->connection().ssl()->subjectPeerCertificate() : "none", callbacks_->connection().streamInfo().dynamicMetadata().DebugString()); std::string log_policy_id = "none"; // When the enforcement type is continuous always do the RBAC checks. If it is a one time check, // run the check once and skip it for subsequent onData calls. if (config_->enforcementType() == envoy::extensions::filters::network::rbac::v3::RBAC::CONTINUOUS) { shadow_engine_result_ = checkEngine(Filters::Common::RBAC::EnforcementMode::Shadow).engine_result_; auto result = checkEngine(Filters::Common::RBAC::EnforcementMode::Enforced); engine_result_ = result.engine_result_; log_policy_id = result.connection_termination_details_; } else { if (shadow_engine_result_ == Unknown) { // TODO(quanlin): Pass the shadow engine results to other filters. shadow_engine_result_ = checkEngine(Filters::Common::RBAC::EnforcementMode::Shadow).engine_result_; } if (engine_result_ == Unknown) { auto result = checkEngine(Filters::Common::RBAC::EnforcementMode::Enforced); engine_result_ = result.engine_result_; log_policy_id = result.connection_termination_details_; } } if (engine_result_ == Allow) { return Network::FilterStatus::Continue; } else if (engine_result_ == Deny) { callbacks_->connection().streamInfo().setConnectionTerminationDetails( Filters::Common::RBAC::responseDetail(log_policy_id)); callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return Network::FilterStatus::StopIteration; } ENVOY_LOG(debug, "no engine, allowed by default"); return Network::FilterStatus::Continue; } void RoleBasedAccessControlFilter::setDynamicMetadata(std::string shadow_engine_result, std::string shadow_policy_id) { ProtobufWkt::Struct metrics; auto& fields = *metrics.mutable_fields(); if (!shadow_policy_id.empty()) { *fields[Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().ShadowEffectivePolicyIdField] .mutable_string_value() = shadow_policy_id; } *fields[Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().ShadowEngineResultField] .mutable_string_value() = shadow_engine_result; callbacks_->connection().streamInfo().setDynamicMetadata(NetworkFilterNames::get().Rbac, metrics); } Result RoleBasedAccessControlFilter::checkEngine(Filters::Common::RBAC::EnforcementMode mode) { const auto engine = config_->engine(mode); std::string effective_policy_id; if (engine != nullptr) { // Check authorization decision and do Action operations bool allowed = engine->handleAction( callbacks_->connection(), callbacks_->connection().streamInfo(), &effective_policy_id); const std::string log_policy_id = effective_policy_id.empty() ? "none" : effective_policy_id; if (allowed) { if (mode == Filters::Common::RBAC::EnforcementMode::Shadow) { ENVOY_LOG(debug, "shadow allowed, matched policy {}", log_policy_id); config_->stats().shadow_allowed_.inc(); setDynamicMetadata( Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().EngineResultAllowed, effective_policy_id); } else if (mode == Filters::Common::RBAC::EnforcementMode::Enforced) { ENVOY_LOG(debug, "enforced allowed, matched policy {}", log_policy_id); config_->stats().allowed_.inc(); } return Result{Allow, effective_policy_id}; } else { if (mode == Filters::Common::RBAC::EnforcementMode::Shadow) { ENVOY_LOG(debug, "shadow denied, matched policy {}", log_policy_id); config_->stats().shadow_denied_.inc(); setDynamicMetadata( Filters::Common::RBAC::DynamicMetadataKeysSingleton::get().EngineResultDenied, effective_policy_id); } else if (mode == Filters::Common::RBAC::EnforcementMode::Enforced) { ENVOY_LOG(debug, "enforced denied, matched policy {}", log_policy_id); config_->stats().denied_.inc(); } return Result{Deny, log_policy_id}; } } return Result{None, "none"}; } } // namespace RBACFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rbac/rbac_filter.h ================================================ #pragma once #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/filters/common/rbac/engine_impl.h" #include "extensions/filters/common/rbac/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RBACFilter { enum EngineResult { Unknown, None, Allow, Deny }; struct Result { EngineResult engine_result_; std::string connection_termination_details_; }; /** * Configuration for the RBAC network filter. */ class RoleBasedAccessControlFilterConfig { public: RoleBasedAccessControlFilterConfig( const envoy::extensions::filters::network::rbac::v3::RBAC& proto_config, Stats::Scope& scope); Filters::Common::RBAC::RoleBasedAccessControlFilterStats& stats() { return stats_; } const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* engine(Filters::Common::RBAC::EnforcementMode mode) const { return mode == Filters::Common::RBAC::EnforcementMode::Enforced ? engine_.get() : shadow_engine_.get(); } envoy::extensions::filters::network::rbac::v3::RBAC::EnforcementType enforcementType() const { return enforcement_type_; } private: Filters::Common::RBAC::RoleBasedAccessControlFilterStats stats_; std::unique_ptr engine_; std::unique_ptr shadow_engine_; const envoy::extensions::filters::network::rbac::v3::RBAC::EnforcementType enforcement_type_; }; using RoleBasedAccessControlFilterConfigSharedPtr = std::shared_ptr; /** * Implementation of a basic RBAC network filter. */ class RoleBasedAccessControlFilter : public Network::ReadFilter, public Logger::Loggable { public: RoleBasedAccessControlFilter(RoleBasedAccessControlFilterConfigSharedPtr config) : config_(config) {} ~RoleBasedAccessControlFilter() override = default; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; }; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { callbacks_ = &callbacks; } void setDynamicMetadata(std::string shadow_engine_result, std::string shadow_policy_id); private: RoleBasedAccessControlFilterConfigSharedPtr config_; Network::ReadFilterCallbacks* callbacks_{}; EngineResult engine_result_{Unknown}; EngineResult shadow_engine_result_{Unknown}; Result checkEngine(Filters::Common::RBAC::EnforcementMode mode); }; } // namespace RBACFilter } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Redis proxy L4 network filter. Implements consistent hashing and observability for large redis # clusters. # Public docs: docs/root/configuration/network_filters/redis_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "command_splitter_interface", hdrs = ["command_splitter.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//source/extensions/filters/network/common/redis:codec_interface", ], ) envoy_cc_library( name = "config_interface", hdrs = ["config.h"], deps = [ "//source/common/config:datasource_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ "//include/envoy/upstream:cluster_manager_interface", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:codec_interface", ], ) envoy_cc_library( name = "router_interface", hdrs = ["router.h"], deps = [":conn_pool_interface"], ) envoy_cc_library( name = "command_splitter_lib", srcs = ["command_splitter_impl.cc"], hdrs = ["command_splitter_impl.h"], deps = [ ":command_splitter_interface", ":conn_pool_lib", ":router_interface", "//include/envoy/stats:stats_macros", "//include/envoy/stats:timespan_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/stats:timespan_lib", "//source/extensions/filters/network/common/redis:client_lib", "//source/extensions/filters/network/common/redis:fault_lib", "//source/extensions/filters/network/common/redis:supported_commands_lib", "//source/extensions/filters/network/common/redis:utility_lib", ], ) envoy_cc_library( name = "conn_pool_lib", srcs = ["conn_pool_impl.cc"], hdrs = ["conn_pool_impl.h"], deps = [ ":config_interface", ":conn_pool_interface", "//include/envoy/stats:stats_macros", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/network:address_lib", "//source/common/network:filter_lib", "//source/common/protobuf:utility_lib", "//source/common/upstream:load_balancer_lib", "//source/common/upstream:upstream_lib", "//source/extensions/clusters/redis:redis_cluster_lb", "//source/extensions/common/redis:cluster_refresh_manager_interface", "//source/extensions/filters/network/common/redis:client_lib", "//source/extensions/filters/network/common/redis:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "proxy_filter_lib", srcs = ["proxy_filter.cc"], hdrs = ["proxy_filter.h"], deps = [ ":command_splitter_interface", "//include/envoy/network:drain_decision_interface", "//include/envoy/network:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/config:datasource_lib", "//source/common/config:utility_lib", "//source/extensions/filters/network/common/redis:codec_interface", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "requires_trusted_downstream_and_upstream", deps = [ "//include/envoy/upstream:upstream_interface", "//source/extensions/common/redis:cluster_refresh_manager_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/common/redis:codec_lib", "//source/extensions/filters/network/common/redis:fault_lib", "//source/extensions/filters/network/common/redis:redis_command_stats_lib", "//source/extensions/filters/network/redis_proxy:command_splitter_lib", "//source/extensions/filters/network/redis_proxy:conn_pool_lib", "//source/extensions/filters/network/redis_proxy:proxy_filter_lib", "//source/extensions/filters/network/redis_proxy:router_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_lib", srcs = ["router_impl.cc"], hdrs = ["router_impl.h"], deps = [ ":router_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/extensions/filters/network/common/redis:codec_lib", "//source/extensions/filters/network/common/redis:supported_commands_lib", "//source/extensions/filters/network/common/redis:utility_lib", "//source/extensions/filters/network/redis_proxy:conn_pool_lib", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/redis_proxy/command_splitter.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" #include "extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace CommandSplitter { /** * A handle to a split request. */ class SplitRequest { public: virtual ~SplitRequest() = default; /** * Cancel the request. No further request callbacks will be called. */ virtual void cancel() PURE; }; using SplitRequestPtr = std::unique_ptr; /** * Split request callbacks. */ class SplitCallbacks { public: virtual ~SplitCallbacks() = default; /** * Called to verify that commands should be processed. * @return bool true if commands from this client connection can be processed, false if not. */ virtual bool connectionAllowed() PURE; /** * Called when an authentication command has been received with a password. * @param password supplies the AUTH password provided by the downstream client. */ virtual void onAuth(const std::string& password) PURE; /** * Called when an authentication command has been received with a username and password. * @param username supplies the AUTH username provided by the downstream client. * @param password supplies the AUTH password provided by the downstream client. */ virtual void onAuth(const std::string& username, const std::string& password) PURE; /** * Called when the response is ready. * @param value supplies the response which is now owned by the callee. */ virtual void onResponse(Common::Redis::RespValuePtr&& value) PURE; }; /** * A command splitter that takes incoming redis commands and splits them as appropriate to a * backend connection pool. */ class Instance { public: virtual ~Instance() = default; /** * Make a split redis request capable of being retried/redirected. * @param request supplies the split request to make (ownership transferred to call). * @param callbacks supplies the split request completion callbacks. * @param dispatcher supplies dispatcher used for delay fault timer. * @return SplitRequestPtr a handle to the active request or nullptr if the request has already * been satisfied (via onResponse() being called). The splitter ALWAYS calls * onResponse() for a given request. */ virtual SplitRequestPtr makeRequest(Common::Redis::RespValuePtr&& request, SplitCallbacks& callbacks, Event::Dispatcher& dispatcher) PURE; }; } // namespace CommandSplitter } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/command_splitter_impl.cc ================================================ #include "extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "extensions/filters/network/common/redis/supported_commands.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace CommandSplitter { namespace { // null_pool_callbacks is used for requests that must be filtered and not redirected such as // "asking". ConnPool::DoNothingPoolCallbacks null_pool_callbacks; /** * Make request and maybe mirror the request based on the mirror policies of the route. * @param route supplies the route matched with the request. * @param command supplies the command of the request. * @param key supplies the key of the request. * @param incoming_request supplies the request. * @param callbacks supplies the request completion callbacks. * @return PoolRequest* a handle to the active request or nullptr if the request could not be made * for some reason. */ Common::Redis::Client::PoolRequest* makeSingleServerRequest( const RouteSharedPtr& route, const std::string& command, const std::string& key, Common::Redis::RespValueConstSharedPtr incoming_request, ConnPool::PoolCallbacks& callbacks) { auto handler = route->upstream()->makeRequest(key, ConnPool::RespVariant(incoming_request), callbacks); if (handler) { for (auto& mirror_policy : route->mirrorPolicies()) { if (mirror_policy->shouldMirror(command)) { mirror_policy->upstream()->makeRequest(key, ConnPool::RespVariant(incoming_request), null_pool_callbacks); } } } return handler; } /** * Make request and maybe mirror the request based on the mirror policies of the route. * @param route supplies the route matched with the request. * @param command supplies the command of the request. * @param key supplies the key of the request. * @param incoming_request supplies the request. * @param callbacks supplies the request completion callbacks. * @return PoolRequest* a handle to the active request or nullptr if the request could not be made * for some reason. */ Common::Redis::Client::PoolRequest* makeFragmentedRequest(const RouteSharedPtr& route, const std::string& command, const std::string& key, const Common::Redis::RespValue& incoming_request, ConnPool::PoolCallbacks& callbacks) { auto handler = route->upstream()->makeRequest(key, ConnPool::RespVariant(incoming_request), callbacks); if (handler) { for (auto& mirror_policy : route->mirrorPolicies()) { if (mirror_policy->shouldMirror(command)) { mirror_policy->upstream()->makeRequest(key, ConnPool::RespVariant(incoming_request), null_pool_callbacks); } } } return handler; } } // namespace void SplitRequestBase::onWrongNumberOfArguments(SplitCallbacks& callbacks, const Common::Redis::RespValue& request) { callbacks.onResponse(Common::Redis::Utility::makeError( fmt::format("wrong number of arguments for '{}' command", request.asArray()[0].asString()))); } void SplitRequestBase::updateStats(const bool success) { if (success) { command_stats_.success_.inc(); } else { command_stats_.error_.inc(); } if (command_latency_ != nullptr) { command_latency_->complete(); } } SingleServerRequest::~SingleServerRequest() { ASSERT(!handle_); } void SingleServerRequest::onResponse(Common::Redis::RespValuePtr&& response) { handle_ = nullptr; updateStats(true); callbacks_.onResponse(std::move(response)); } void SingleServerRequest::onFailure() { onFailure(Response::get().UpstreamFailure); } void SingleServerRequest::onFailure(std::string error_msg) { handle_ = nullptr; updateStats(false); callbacks_.onResponse(Common::Redis::Utility::makeError(error_msg)); } void SingleServerRequest::cancel() { handle_->cancel(); handle_ = nullptr; } SplitRequestPtr ErrorFaultRequest::create(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { std::unique_ptr request_ptr{ new ErrorFaultRequest(callbacks, command_stats, time_source, delay_command_latency)}; request_ptr->onFailure(Common::Redis::FaultMessages::get().Error); command_stats.error_fault_.inc(); return nullptr; } std::unique_ptr DelayFaultRequest::create(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, Event::Dispatcher& dispatcher, std::chrono::milliseconds delay) { return std::make_unique(callbacks, command_stats, time_source, dispatcher, delay); } void DelayFaultRequest::onResponse(Common::Redis::RespValuePtr&& response) { response_ = std::move(response); delay_timer_->enableTimer(delay_); } void DelayFaultRequest::onDelayResponse() { command_stats_.delay_fault_.inc(); command_latency_->complete(); // Complete latency of the command stats of the wrapped request callbacks_.onResponse(std::move(response_)); } void DelayFaultRequest::cancel() { delay_timer_->disableTimer(); } SplitRequestPtr SimpleRequest::create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { std::unique_ptr request_ptr{ new SimpleRequest(callbacks, command_stats, time_source, delay_command_latency)}; const auto route = router.upstreamPool(incoming_request->asArray()[1].asString()); if (route) { Common::Redis::RespValueSharedPtr base_request = std::move(incoming_request); request_ptr->handle_ = makeSingleServerRequest(route, base_request->asArray()[0].asString(), base_request->asArray()[1].asString(), base_request, *request_ptr); } if (!request_ptr->handle_) { command_stats.error_.inc(); callbacks.onResponse(Common::Redis::Utility::makeError(Response::get().NoUpstreamHost)); return nullptr; } return request_ptr; } SplitRequestPtr EvalRequest::create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { // EVAL looks like: EVAL script numkeys key [key ...] arg [arg ...] // Ensure there are at least three args to the command or it cannot be hashed. if (incoming_request->asArray().size() < 4) { onWrongNumberOfArguments(callbacks, *incoming_request); command_stats.error_.inc(); return nullptr; } std::unique_ptr request_ptr{ new EvalRequest(callbacks, command_stats, time_source, delay_command_latency)}; const auto route = router.upstreamPool(incoming_request->asArray()[3].asString()); if (route) { Common::Redis::RespValueSharedPtr base_request = std::move(incoming_request); request_ptr->handle_ = makeSingleServerRequest(route, base_request->asArray()[0].asString(), base_request->asArray()[3].asString(), base_request, *request_ptr); } if (!request_ptr->handle_) { command_stats.error_.inc(); callbacks.onResponse(Common::Redis::Utility::makeError(Response::get().NoUpstreamHost)); return nullptr; } return request_ptr; } FragmentedRequest::~FragmentedRequest() { #ifndef NDEBUG for (const PendingRequest& request : pending_requests_) { ASSERT(!request.handle_); } #endif } void FragmentedRequest::cancel() { for (PendingRequest& request : pending_requests_) { if (request.handle_) { request.handle_->cancel(); request.handle_ = nullptr; } } } void FragmentedRequest::onChildFailure(uint32_t index) { onChildResponse(Common::Redis::Utility::makeError(Response::get().UpstreamFailure), index); } SplitRequestPtr MGETRequest::create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { std::unique_ptr request_ptr{ new MGETRequest(callbacks, command_stats, time_source, delay_command_latency)}; request_ptr->num_pending_responses_ = incoming_request->asArray().size() - 1; request_ptr->pending_requests_.reserve(request_ptr->num_pending_responses_); request_ptr->pending_response_ = std::make_unique(); request_ptr->pending_response_->type(Common::Redis::RespType::Array); std::vector responses(request_ptr->num_pending_responses_); request_ptr->pending_response_->asArray().swap(responses); Common::Redis::RespValueSharedPtr base_request = std::move(incoming_request); for (uint32_t i = 1; i < base_request->asArray().size(); i++) { request_ptr->pending_requests_.emplace_back(*request_ptr, i - 1); PendingRequest& pending_request = request_ptr->pending_requests_.back(); const auto route = router.upstreamPool(base_request->asArray()[i].asString()); if (route) { // Create composite array for a single get. const Common::Redis::RespValue single_mget( base_request, Common::Redis::Utility::GetRequest::instance(), i, i); pending_request.handle_ = makeFragmentedRequest( route, "get", base_request->asArray()[i].asString(), single_mget, pending_request); } if (!pending_request.handle_) { pending_request.onResponse(Common::Redis::Utility::makeError(Response::get().NoUpstreamHost)); } } if (request_ptr->num_pending_responses_ > 0) { return request_ptr; } return nullptr; } void MGETRequest::onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) { pending_requests_[index].handle_ = nullptr; pending_response_->asArray()[index].type(value->type()); switch (value->type()) { case Common::Redis::RespType::Array: case Common::Redis::RespType::Integer: case Common::Redis::RespType::SimpleString: case Common::Redis::RespType::CompositeArray: { pending_response_->asArray()[index].type(Common::Redis::RespType::Error); pending_response_->asArray()[index].asString() = Response::get().UpstreamProtocolError; error_count_++; break; } case Common::Redis::RespType::Error: { error_count_++; FALLTHRU; } case Common::Redis::RespType::BulkString: { pending_response_->asArray()[index].asString().swap(value->asString()); break; } case Common::Redis::RespType::Null: break; } ASSERT(num_pending_responses_ > 0); if (--num_pending_responses_ == 0) { updateStats(error_count_ == 0); ENVOY_LOG(debug, "redis: response: '{}'", pending_response_->toString()); callbacks_.onResponse(std::move(pending_response_)); } } SplitRequestPtr MSETRequest::create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { if ((incoming_request->asArray().size() - 1) % 2 != 0) { onWrongNumberOfArguments(callbacks, *incoming_request); command_stats.error_.inc(); return nullptr; } std::unique_ptr request_ptr{ new MSETRequest(callbacks, command_stats, time_source, delay_command_latency)}; request_ptr->num_pending_responses_ = (incoming_request->asArray().size() - 1) / 2; request_ptr->pending_requests_.reserve(request_ptr->num_pending_responses_); request_ptr->pending_response_ = std::make_unique(); request_ptr->pending_response_->type(Common::Redis::RespType::SimpleString); Common::Redis::RespValueSharedPtr base_request = std::move(incoming_request); uint32_t fragment_index = 0; for (uint32_t i = 1; i < base_request->asArray().size(); i += 2) { request_ptr->pending_requests_.emplace_back(*request_ptr, fragment_index++); PendingRequest& pending_request = request_ptr->pending_requests_.back(); const auto route = router.upstreamPool(base_request->asArray()[i].asString()); if (route) { // Create composite array for a single set command. const Common::Redis::RespValue single_set( base_request, Common::Redis::Utility::SetRequest::instance(), i, i + 1); ENVOY_LOG(debug, "redis: parallel set: '{}'", single_set.toString()); pending_request.handle_ = makeFragmentedRequest( route, "set", base_request->asArray()[i].asString(), single_set, pending_request); } if (!pending_request.handle_) { pending_request.onResponse(Common::Redis::Utility::makeError(Response::get().NoUpstreamHost)); } } if (request_ptr->num_pending_responses_ > 0) { return request_ptr; } return nullptr; } void MSETRequest::onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) { pending_requests_[index].handle_ = nullptr; switch (value->type()) { case Common::Redis::RespType::SimpleString: { if (value->asString() == Response::get().OK) { break; } FALLTHRU; } default: { error_count_++; break; } } ASSERT(num_pending_responses_ > 0); if (--num_pending_responses_ == 0) { updateStats(error_count_ == 0); if (error_count_ == 0) { pending_response_->asString() = Response::get().OK; callbacks_.onResponse(std::move(pending_response_)); } else { callbacks_.onResponse(Common::Redis::Utility::makeError( fmt::format("finished with {} error(s)", error_count_))); } } } SplitRequestPtr SplitKeysSumResultRequest::create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) { std::unique_ptr request_ptr{ new SplitKeysSumResultRequest(callbacks, command_stats, time_source, delay_command_latency)}; request_ptr->num_pending_responses_ = incoming_request->asArray().size() - 1; request_ptr->pending_requests_.reserve(request_ptr->num_pending_responses_); request_ptr->pending_response_ = std::make_unique(); request_ptr->pending_response_->type(Common::Redis::RespType::Integer); Common::Redis::RespValueSharedPtr base_request = std::move(incoming_request); for (uint32_t i = 1; i < base_request->asArray().size(); i++) { request_ptr->pending_requests_.emplace_back(*request_ptr, i - 1); PendingRequest& pending_request = request_ptr->pending_requests_.back(); // Create the composite array for a single fragment. const Common::Redis::RespValue single_fragment(base_request, base_request->asArray()[0], i, i); ENVOY_LOG(debug, "redis: parallel {}: '{}'", base_request->asArray()[0].asString(), single_fragment.toString()); const auto route = router.upstreamPool(base_request->asArray()[i].asString()); if (route) { pending_request.handle_ = makeFragmentedRequest(route, base_request->asArray()[0].asString(), base_request->asArray()[i].asString(), single_fragment, pending_request); } if (!pending_request.handle_) { pending_request.onResponse(Common::Redis::Utility::makeError(Response::get().NoUpstreamHost)); } } if (request_ptr->num_pending_responses_ > 0) { return request_ptr; } return nullptr; } void SplitKeysSumResultRequest::onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) { pending_requests_[index].handle_ = nullptr; switch (value->type()) { case Common::Redis::RespType::Integer: { total_ += value->asInteger(); break; } default: { error_count_++; break; } } ASSERT(num_pending_responses_ > 0); if (--num_pending_responses_ == 0) { updateStats(error_count_ == 0); if (error_count_ == 0) { pending_response_->asInteger() = total_; callbacks_.onResponse(std::move(pending_response_)); } else { callbacks_.onResponse(Common::Redis::Utility::makeError( fmt::format("finished with {} error(s)", error_count_))); } } } InstanceImpl::InstanceImpl(RouterPtr&& router, Stats::Scope& scope, const std::string& stat_prefix, TimeSource& time_source, bool latency_in_micros, Common::Redis::FaultManagerPtr&& fault_manager) : router_(std::move(router)), simple_command_handler_(*router_), eval_command_handler_(*router_), mget_handler_(*router_), mset_handler_(*router_), split_keys_sum_result_handler_(*router_), stats_{ALL_COMMAND_SPLITTER_STATS(POOL_COUNTER_PREFIX(scope, stat_prefix + "splitter."))}, time_source_(time_source), fault_manager_(std::move(fault_manager)) { for (const std::string& command : Common::Redis::SupportedCommands::simpleCommands()) { addHandler(scope, stat_prefix, command, latency_in_micros, simple_command_handler_); } for (const std::string& command : Common::Redis::SupportedCommands::evalCommands()) { addHandler(scope, stat_prefix, command, latency_in_micros, eval_command_handler_); } for (const std::string& command : Common::Redis::SupportedCommands::hashMultipleSumResultCommands()) { addHandler(scope, stat_prefix, command, latency_in_micros, split_keys_sum_result_handler_); } addHandler(scope, stat_prefix, Common::Redis::SupportedCommands::mget(), latency_in_micros, mget_handler_); addHandler(scope, stat_prefix, Common::Redis::SupportedCommands::mset(), latency_in_micros, mset_handler_); } SplitRequestPtr InstanceImpl::makeRequest(Common::Redis::RespValuePtr&& request, SplitCallbacks& callbacks, Event::Dispatcher& dispatcher) { if ((request->type() != Common::Redis::RespType::Array) || request->asArray().empty()) { onInvalidRequest(callbacks); return nullptr; } for (const Common::Redis::RespValue& value : request->asArray()) { if (value.type() != Common::Redis::RespType::BulkString) { onInvalidRequest(callbacks); return nullptr; } } std::string to_lower_string = absl::AsciiStrToLower(request->asArray()[0].asString()); if (to_lower_string == Common::Redis::SupportedCommands::auth()) { if (request->asArray().size() < 2) { onInvalidRequest(callbacks); return nullptr; } if (request->asArray().size() == 3) { callbacks.onAuth(request->asArray()[1].asString(), request->asArray()[2].asString()); } else { callbacks.onAuth(request->asArray()[1].asString()); } return nullptr; } if (!callbacks.connectionAllowed()) { callbacks.onResponse(Common::Redis::Utility::makeError(Response::get().AuthRequiredError)); return nullptr; } if (to_lower_string == Common::Redis::SupportedCommands::ping()) { // Respond to PING locally. Common::Redis::RespValuePtr pong(new Common::Redis::RespValue()); pong->type(Common::Redis::RespType::SimpleString); pong->asString() = "PONG"; callbacks.onResponse(std::move(pong)); return nullptr; } if (request->asArray().size() < 2) { // Commands other than PING all have at least two arguments. onInvalidRequest(callbacks); return nullptr; } // Get the handler for the downstream request auto handler = handler_lookup_table_.find(to_lower_string.c_str()); if (handler == nullptr) { stats_.unsupported_command_.inc(); callbacks.onResponse(Common::Redis::Utility::makeError( fmt::format("unsupported command '{}'", request->asArray()[0].asString()))); return nullptr; } // Fault Injection Check const Common::Redis::Fault* fault_ptr = fault_manager_->getFaultForCommand(to_lower_string); // Check if delay, which determines which callbacks to use. If a delay fault is enabled, // the delay fault itself wraps the request (or other fault) and the delay fault itself // implements the callbacks functions, and in turn calls the real callbacks after injecting // delay on the result of the wrapped request or fault. const bool has_delay_fault = fault_ptr != nullptr && fault_ptr->delayMs() > std::chrono::milliseconds(0); std::unique_ptr delay_fault_ptr; if (has_delay_fault) { delay_fault_ptr = DelayFaultRequest::create(callbacks, handler->command_stats_, time_source_, dispatcher, fault_ptr->delayMs()); } // Note that the command_stats_ object of the original request is used for faults, so that our // downstream metrics reflect any faults added (with special fault metrics) or extra latency from // a delay. 2) we use a ternary operator for the callback parameter- we want to use the // delay_fault as callback if there is a delay per the earlier comment. ENVOY_LOG(debug, "redis: splitting '{}'", request->toString()); handler->command_stats_.total_.inc(); SplitRequestPtr request_ptr; if (fault_ptr != nullptr && fault_ptr->faultType() == Common::Redis::FaultType::Error) { request_ptr = ErrorFaultRequest::create(has_delay_fault ? *delay_fault_ptr : callbacks, handler->command_stats_, time_source_, has_delay_fault); } else { request_ptr = handler->handler_.get().startRequest( std::move(request), has_delay_fault ? *delay_fault_ptr : callbacks, handler->command_stats_, time_source_, has_delay_fault); } // Complete delay, if any. The delay fault takes ownership of the wrapped request. if (has_delay_fault) { delay_fault_ptr->wrapped_request_ptr_ = std::move(request_ptr); return delay_fault_ptr; } else { return request_ptr; } } void InstanceImpl::onInvalidRequest(SplitCallbacks& callbacks) { stats_.invalid_request_.inc(); callbacks.onResponse(Common::Redis::Utility::makeError(Response::get().InvalidRequest)); } void InstanceImpl::addHandler(Stats::Scope& scope, const std::string& stat_prefix, const std::string& name, bool latency_in_micros, CommandHandler& handler) { std::string to_lower_name = absl::AsciiStrToLower(name); const std::string command_stat_prefix = fmt::format("{}command.{}.", stat_prefix, to_lower_name); Stats::StatNameManagedStorage storage{command_stat_prefix + std::string("latency"), scope.symbolTable()}; handler_lookup_table_.add( to_lower_name.c_str(), std::make_shared(HandlerData{ CommandStats{ALL_COMMAND_STATS(POOL_COUNTER_PREFIX(scope, command_stat_prefix)) scope.histogramFromStatName(storage.statName(), latency_in_micros ? Stats::Histogram::Unit::Microseconds : Stats::Histogram::Unit::Milliseconds)}, handler})); } } // namespace CommandSplitter } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/command_splitter_impl.h ================================================ #pragma once #include #include #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/stats/timespan_impl.h" #include "extensions/filters/network/common/redis/client_impl.h" #include "extensions/filters/network/common/redis/fault_impl.h" #include "extensions/filters/network/common/redis/utility.h" #include "extensions/filters/network/redis_proxy/command_splitter.h" #include "extensions/filters/network/redis_proxy/conn_pool_impl.h" #include "extensions/filters/network/redis_proxy/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace CommandSplitter { struct ResponseValues { const std::string OK = "OK"; const std::string InvalidRequest = "invalid request"; const std::string NoUpstreamHost = "no upstream host"; const std::string UpstreamFailure = "upstream failure"; const std::string UpstreamProtocolError = "upstream protocol error"; const std::string AuthRequiredError = "NOAUTH Authentication required."; }; using Response = ConstSingleton; /** * All command level stats. @see stats_macros.h */ #define ALL_COMMAND_STATS(COUNTER) \ COUNTER(total) \ COUNTER(success) \ COUNTER(error) \ COUNTER(error_fault) \ COUNTER(delay_fault) /** * Struct definition for all command stats. @see stats_macros.h */ struct CommandStats { ALL_COMMAND_STATS(GENERATE_COUNTER_STRUCT) Envoy::Stats::Histogram& latency_; }; class CommandHandler { public: virtual ~CommandHandler() = default; virtual SplitRequestPtr startRequest(Common::Redis::RespValuePtr&& request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) PURE; }; class CommandHandlerBase { protected: CommandHandlerBase(Router& router) : router_(router) {} Router& router_; }; class SplitRequestBase : public SplitRequest { protected: static void onWrongNumberOfArguments(SplitCallbacks& callbacks, const Common::Redis::RespValue& request); void updateStats(const bool success); SplitRequestBase(CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : command_stats_(command_stats) { if (!delay_command_latency) { command_latency_ = std::make_unique( command_stats_.latency_, time_source); } else { command_latency_ = nullptr; } } CommandStats& command_stats_; Stats::TimespanPtr command_latency_; }; /** * SingleServerRequest is a base class for commands that hash to a single backend. */ class SingleServerRequest : public SplitRequestBase, public ConnPool::PoolCallbacks { public: ~SingleServerRequest() override; // ConnPool::PoolCallbacks void onResponse(Common::Redis::RespValuePtr&& response) override; void onFailure() override; void onFailure(std::string error_msg); // RedisProxy::CommandSplitter::SplitRequest void cancel() override; protected: SingleServerRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : SplitRequestBase(command_stats, time_source, delay_command_latency), callbacks_(callbacks) { } SplitCallbacks& callbacks_; ConnPool::InstanceSharedPtr conn_pool_; Common::Redis::Client::PoolRequest* handle_{}; Common::Redis::RespValuePtr incoming_request_; }; /** * ErrorFaultRequest returns an error. */ class ErrorFaultRequest : public SingleServerRequest { public: static SplitRequestPtr create(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool has_delaydelay_command_latency_fault); private: ErrorFaultRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : SingleServerRequest(callbacks, command_stats, time_source, delay_command_latency) {} }; /** * DelayFaultRequest wraps a request- either a normal request or a fault- and delays it. */ class DelayFaultRequest : public SplitRequestBase, public SplitCallbacks { public: static std::unique_ptr create(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, Event::Dispatcher& dispatcher, std::chrono::milliseconds delay); DelayFaultRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, Event::Dispatcher& dispatcher, std::chrono::milliseconds delay) : SplitRequestBase(command_stats, time_source, false), callbacks_(callbacks), delay_(delay) { delay_timer_ = dispatcher.createTimer([this]() -> void { onDelayResponse(); }); } // SplitCallbacks bool connectionAllowed() override { return callbacks_.connectionAllowed(); } void onAuth(const std::string& password) override { callbacks_.onAuth(password); } void onAuth(const std::string& username, const std::string& password) override { callbacks_.onAuth(username, password); } void onResponse(Common::Redis::RespValuePtr&& response) override; // RedisProxy::CommandSplitter::SplitRequest void cancel() override; SplitRequestPtr wrapped_request_ptr_; private: void onDelayResponse(); SplitCallbacks& callbacks_; std::chrono::milliseconds delay_; Event::TimerPtr delay_timer_; Common::Redis::RespValuePtr response_; }; /** * SimpleRequest hashes the first argument as the key. */ class SimpleRequest : public SingleServerRequest { public: static SplitRequestPtr create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency); private: SimpleRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : SingleServerRequest(callbacks, command_stats, time_source, delay_command_latency) {} }; /** * EvalRequest hashes the fourth argument as the key. */ class EvalRequest : public SingleServerRequest { public: static SplitRequestPtr create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency); private: EvalRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : SingleServerRequest(callbacks, command_stats, time_source, delay_command_latency) {} }; /** * FragmentedRequest is a base class for requests that contains multiple keys. An individual request * is sent to the appropriate server for each key. The responses from all servers are combined and * returned to the client. */ class FragmentedRequest : public SplitRequestBase { public: ~FragmentedRequest() override; // RedisProxy::CommandSplitter::SplitRequest void cancel() override; protected: FragmentedRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : SplitRequestBase(command_stats, time_source, delay_command_latency), callbacks_(callbacks) { } struct PendingRequest : public ConnPool::PoolCallbacks { PendingRequest(FragmentedRequest& parent, uint32_t index) : parent_(parent), index_(index) {} // ConnPool::PoolCallbacks void onResponse(Common::Redis::RespValuePtr&& value) override { parent_.onChildResponse(std::move(value), index_); } void onFailure() override { parent_.onChildFailure(index_); } FragmentedRequest& parent_; const uint32_t index_; Common::Redis::Client::PoolRequest* handle_{}; }; virtual void onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) PURE; void onChildFailure(uint32_t index); SplitCallbacks& callbacks_; Common::Redis::RespValuePtr pending_response_; std::vector pending_requests_; uint32_t num_pending_responses_; uint32_t error_count_{0}; }; /** * MGETRequest takes each key from the command and sends a GET for each to the appropriate Redis * server. The response contains the result from each command. */ class MGETRequest : public FragmentedRequest, Logger::Loggable { public: static SplitRequestPtr create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency); private: MGETRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : FragmentedRequest(callbacks, command_stats, time_source, delay_command_latency) {} // RedisProxy::CommandSplitter::FragmentedRequest void onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) override; }; /** * SplitKeysSumResultRequest takes each key from the command and sends the same incoming command * with each key to the appropriate Redis server. The response from each Redis (which must be an * integer) is summed and returned to the user. If there is any error or failure in processing the * fragmented commands, an error will be returned. */ class SplitKeysSumResultRequest : public FragmentedRequest, Logger::Loggable { public: static SplitRequestPtr create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency); private: SplitKeysSumResultRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : FragmentedRequest(callbacks, command_stats, time_source, delay_command_latency) {} // RedisProxy::CommandSplitter::FragmentedRequest void onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) override; int64_t total_{0}; }; /** * MSETRequest takes each key and value pair from the command and sends a SET for each to the * appropriate Redis server. The response is an OK if all commands succeeded or an ERR if any * failed. */ class MSETRequest : public FragmentedRequest, Logger::Loggable { public: static SplitRequestPtr create(Router& router, Common::Redis::RespValuePtr&& incoming_request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency); private: MSETRequest(SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) : FragmentedRequest(callbacks, command_stats, time_source, delay_command_latency) {} // RedisProxy::CommandSplitter::FragmentedRequest void onChildResponse(Common::Redis::RespValuePtr&& value, uint32_t index) override; }; /** * CommandHandlerFactory is placed in the command lookup map for each supported command and is used * to create Request objects. */ template class CommandHandlerFactory : public CommandHandler, CommandHandlerBase { public: CommandHandlerFactory(Router& router) : CommandHandlerBase(router) {} SplitRequestPtr startRequest(Common::Redis::RespValuePtr&& request, SplitCallbacks& callbacks, CommandStats& command_stats, TimeSource& time_source, bool delay_command_latency) override { return RequestClass::create(router_, std::move(request), callbacks, command_stats, time_source, delay_command_latency); } }; /** * All splitter stats. @see stats_macros.h */ #define ALL_COMMAND_SPLITTER_STATS(COUNTER) \ COUNTER(invalid_request) \ COUNTER(unsupported_command) /** * Struct definition for all splitter stats. @see stats_macros.h */ struct InstanceStats { ALL_COMMAND_SPLITTER_STATS(GENERATE_COUNTER_STRUCT) }; class InstanceImpl : public Instance, Logger::Loggable { public: InstanceImpl(RouterPtr&& router, Stats::Scope& scope, const std::string& stat_prefix, TimeSource& time_source, bool latency_in_micros, Common::Redis::FaultManagerPtr&& fault_manager); // RedisProxy::CommandSplitter::Instance SplitRequestPtr makeRequest(Common::Redis::RespValuePtr&& request, SplitCallbacks& callbacks, Event::Dispatcher& dispatcher) override; private: friend class RedisCommandSplitterImplTest; struct HandlerData { CommandStats command_stats_; std::reference_wrapper handler_; }; using HandlerDataPtr = std::shared_ptr; void addHandler(Stats::Scope& scope, const std::string& stat_prefix, const std::string& name, bool latency_in_micros, CommandHandler& handler); void onInvalidRequest(SplitCallbacks& callbacks); RouterPtr router_; CommandHandlerFactory simple_command_handler_; CommandHandlerFactory eval_command_handler_; CommandHandlerFactory mget_handler_; CommandHandlerFactory mset_handler_; CommandHandlerFactory split_keys_sum_result_handler_; TrieLookupTable handler_lookup_table_; InstanceStats stats_; TimeSource& time_source_; Common::Redis::FaultManagerPtr fault_manager_; }; } // namespace CommandSplitter } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/config.cc ================================================ #include "extensions/filters/network/redis_proxy/config.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "extensions/common/redis/cluster_refresh_manager_impl.h" #include "extensions/filters/network/common/redis/client_impl.h" #include "extensions/filters/network/common/redis/fault_impl.h" #include "extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "extensions/filters/network/redis_proxy/proxy_filter.h" #include "extensions/filters/network/redis_proxy/router_impl.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace { inline void addUniqueClusters( absl::flat_hash_set& clusters, const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes::Route& route) { clusters.emplace(route.cluster()); for (auto& mirror : route.request_mirror_policy()) { clusters.emplace(mirror.cluster()); } } } // namespace Network::FilterFactoryCb RedisProxyFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); ASSERT(proto_config.has_settings()); Extensions::Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager = Extensions::Common::Redis::getClusterRefreshManager( context.singletonManager(), context.dispatcher(), context.clusterManager(), context.timeSource()); ProxyFilterConfigSharedPtr filter_config(std::make_shared( proto_config, context.scope(), context.drainDecision(), context.runtime(), context.api())); envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes prefix_routes( proto_config.prefix_routes()); // Set the catch-all route from the deprecated cluster and settings parameters. if (prefix_routes.hidden_envoy_deprecated_catch_all_cluster().empty() && prefix_routes.routes_size() == 0 && !prefix_routes.has_catch_all_route()) { if (proto_config.hidden_envoy_deprecated_cluster().empty()) { throw EnvoyException("cannot configure a redis-proxy without any upstream"); } prefix_routes.mutable_catch_all_route()->set_cluster( proto_config.hidden_envoy_deprecated_cluster()); } else if (!prefix_routes.hidden_envoy_deprecated_catch_all_cluster().empty() && !prefix_routes.has_catch_all_route()) { // Set the catch-all route from the deprecated catch-all cluster. prefix_routes.mutable_catch_all_route()->set_cluster( prefix_routes.hidden_envoy_deprecated_catch_all_cluster()); } absl::flat_hash_set unique_clusters; for (auto& route : prefix_routes.routes()) { addUniqueClusters(unique_clusters, route); } addUniqueClusters(unique_clusters, prefix_routes.catch_all_route()); auto redis_command_stats = Common::Redis::RedisCommandStats::createRedisCommandStats(context.scope().symbolTable()); Upstreams upstreams; for (auto& cluster : unique_clusters) { Stats::ScopePtr stats_scope = context.scope().createScope(fmt::format("cluster.{}.redis_cluster", cluster)); auto conn_pool_ptr = std::make_shared( cluster, context.clusterManager(), Common::Redis::Client::ClientFactoryImpl::instance_, context.threadLocal(), proto_config.settings(), context.api(), std::move(stats_scope), redis_command_stats, refresh_manager); conn_pool_ptr->init(); upstreams.emplace(cluster, conn_pool_ptr); } auto router = std::make_unique(prefix_routes, std::move(upstreams), context.runtime()); auto fault_manager = std::make_unique( context.api().randomGenerator(), context.runtime(), proto_config.faults()); std::shared_ptr splitter = std::make_shared( std::move(router), context.scope(), filter_config->stat_prefix_, context.timeSource(), proto_config.latency_in_micros(), std::move(fault_manager)); return [splitter, filter_config](Network::FilterManager& filter_manager) -> void { Common::Redis::DecoderFactoryImpl factory; filter_manager.addReadFilter(std::make_shared( factory, Common::Redis::EncoderPtr{new Common::Redis::EncoderImpl()}, *splitter, filter_config)); }; } /** * Static registration for the redis filter. @see RegisterFactory. */ REGISTER_FACTORY(RedisProxyFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.redis_proxy"}; } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/config.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/upstream/upstream.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { class ProtocolOptionsConfigImpl : public Upstream::ProtocolOptionsConfig { public: ProtocolOptionsConfigImpl( const envoy::extensions::filters::network::redis_proxy::v3::RedisProtocolOptions& proto_config) : auth_username_(proto_config.auth_username()), auth_password_(proto_config.auth_password()) { } std::string authUsername(Api::Api& api) const { return Config::DataSource::read(auth_username_, true, api); } std::string authPassword(Api::Api& api) const { return Config::DataSource::read(auth_password_, true, api); } static const std::string authUsername(const Upstream::ClusterInfoConstSharedPtr info, Api::Api& api) { auto options = info->extensionProtocolOptionsTyped( NetworkFilterNames::get().RedisProxy); if (options) { return options->authUsername(api); } return EMPTY_STRING; } static const std::string authPassword(const Upstream::ClusterInfoConstSharedPtr info, Api::Api& api) { auto options = info->extensionProtocolOptionsTyped( NetworkFilterNames::get().RedisProxy); if (options) { return options->authPassword(api); } return EMPTY_STRING; } private: envoy::config::core::v3::DataSource auth_username_; envoy::config::core::v3::DataSource auth_password_; }; /** * Config registration for the redis proxy filter. @see NamedNetworkFilterConfigFactory. */ class RedisProxyFilterConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::redis_proxy::v3::RedisProxy, envoy::extensions::filters::network::redis_proxy::v3::RedisProtocolOptions> { public: RedisProxyFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().RedisProxy, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy& proto_config, Server::Configuration::FactoryContext& context) override; Upstream::ProtocolOptionsConfigConstSharedPtr createProtocolOptionsTyped( const envoy::extensions::filters::network::redis_proxy::v3::RedisProtocolOptions& proto_config, Server::Configuration::ProtocolOptionsFactoryContext&) override { return std::make_shared(proto_config); } }; } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/conn_pool.h ================================================ #pragma once #include #include #include #include "envoy/upstream/cluster_manager.h" #include "extensions/filters/network/common/redis/client.h" #include "extensions/filters/network/common/redis/codec.h" #include "absl/types/variant.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace ConnPool { /** * Outbound request callbacks. */ class PoolCallbacks { public: virtual ~PoolCallbacks() = default; /** * Called when a pipelined response is received. * @param value supplies the response which is now owned by the callee. */ virtual void onResponse(Common::Redis::RespValuePtr&& value) PURE; /** * Called when a network/protocol error occurs and there is no response. */ virtual void onFailure() PURE; }; /** * A variant that either holds a shared pointer to a single server request or a composite array * resp value. This is for performance reason to avoid creating RespValueSharedPtr for each * composite arrays. */ using RespVariant = absl::variant; /** * A redis connection pool. Wraps M connections to N upstream hosts, consistent hashing, * pipelining, failure handling, etc. */ class Instance { public: virtual ~Instance() = default; /** * Makes a redis request. * @param hash_key supplies the key to use for consistent hashing. * @param request supplies the request to make. * @param callbacks supplies the request completion callbacks. * @return PoolRequest* a handle to the active request or nullptr if the request could not be made * for some reason. */ virtual Common::Redis::Client::PoolRequest* makeRequest(const std::string& hash_key, RespVariant&& request, PoolCallbacks& callbacks) PURE; }; using InstanceSharedPtr = std::shared_ptr; } // namespace ConnPool } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/conn_pool_impl.cc ================================================ #include "extensions/filters/network/redis_proxy/conn_pool_impl.h" #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "common/common/assert.h" #include "common/stats/utility.h" #include "extensions/filters/network/redis_proxy/config.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace ConnPool { namespace { // null_pool_callbacks is used for requests that must be filtered and not redirected such as // "asking". Common::Redis::Client::DoNothingPoolCallbacks null_client_callbacks; const Common::Redis::RespValue& getRequest(const RespVariant& request) { if (request.index() == 0) { return absl::get(request); } else { return *(absl::get(request)); } } } // namespace InstanceImpl::InstanceImpl( const std::string& cluster_name, Upstream::ClusterManager& cm, Common::Redis::Client::ClientFactory& client_factory, ThreadLocal::SlotAllocator& tls, const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings& config, Api::Api& api, Stats::ScopePtr&& stats_scope, const Common::Redis::RedisCommandStatsSharedPtr& redis_command_stats, Extensions::Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager) : cluster_name_(cluster_name), cm_(cm), client_factory_(client_factory), tls_(tls.allocateSlot()), config_(new Common::Redis::Client::ConfigImpl(config)), api_(api), stats_scope_(std::move(stats_scope)), redis_command_stats_(redis_command_stats), redis_cluster_stats_{REDIS_CLUSTER_STATS( POOL_COUNTER(*stats_scope_))}, refresh_manager_(std::move(refresh_manager)) {} void InstanceImpl::init() { // Note: `this` and `cluster_name` have a a lifetime of the filter. // That may be shorter than the tls callback if the listener is torn down shortly after it is // created. We use a weak pointer to make sure this object outlives the tls callbacks. std::weak_ptr this_weak_ptr = this->shared_from_this(); tls_->set( [this_weak_ptr](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { if (auto this_shared_ptr = this_weak_ptr.lock()) { return std::make_shared(this_shared_ptr, dispatcher, this_shared_ptr->cluster_name_); } return nullptr; }); } // This method is always called from a InstanceSharedPtr we don't have to worry about tls_->getTyped // failing due to InstanceImpl going away. Common::Redis::Client::PoolRequest* InstanceImpl::makeRequest(const std::string& key, RespVariant&& request, PoolCallbacks& callbacks) { return tls_->getTyped().makeRequest(key, std::move(request), callbacks); } // This method is always called from a InstanceSharedPtr we don't have to worry about tls_->getTyped // failing due to InstanceImpl going away. Common::Redis::Client::PoolRequest* InstanceImpl::makeRequestToHost(const std::string& host_address, const Common::Redis::RespValue& request, Common::Redis::Client::ClientCallbacks& callbacks) { return tls_->getTyped().makeRequestToHost(host_address, request, callbacks); } InstanceImpl::ThreadLocalPool::ThreadLocalPool(std::shared_ptr parent, Event::Dispatcher& dispatcher, std::string cluster_name) : parent_(parent), dispatcher_(dispatcher), cluster_name_(std::move(cluster_name)), drain_timer_(dispatcher.createTimer([this]() -> void { drainClients(); })), is_redis_cluster_(false), client_factory_(parent->client_factory_), config_(parent->config_), stats_scope_(parent->stats_scope_), redis_command_stats_(parent->redis_command_stats_), redis_cluster_stats_(parent->redis_cluster_stats_), refresh_manager_(parent->refresh_manager_) { cluster_update_handle_ = parent->cm_.addThreadLocalClusterUpdateCallbacks(*this); Upstream::ThreadLocalCluster* cluster = parent->cm_.get(cluster_name_); if (cluster != nullptr) { auth_username_ = ProtocolOptionsConfigImpl::authUsername(cluster->info(), parent->api_); auth_password_ = ProtocolOptionsConfigImpl::authPassword(cluster->info(), parent->api_); onClusterAddOrUpdateNonVirtual(*cluster); } } InstanceImpl::ThreadLocalPool::~ThreadLocalPool() { if (host_set_member_update_cb_handle_ != nullptr) { host_set_member_update_cb_handle_->remove(); } while (!pending_requests_.empty()) { pending_requests_.pop_front(); } while (!client_map_.empty()) { client_map_.begin()->second->redis_client_->close(); } while (!clients_to_drain_.empty()) { (*clients_to_drain_.begin())->redis_client_->close(); } } void InstanceImpl::ThreadLocalPool::onClusterAddOrUpdateNonVirtual( Upstream::ThreadLocalCluster& cluster) { if (cluster.info()->name() != cluster_name_) { return; } // Ensure the filter is not deleted in the main thread during this method. auto shared_parent = parent_.lock(); if (!shared_parent) { return; } if (cluster_ != nullptr) { // Treat an update as a removal followed by an add. ThreadLocalPool::onClusterRemoval(cluster_name_); } ASSERT(cluster_ == nullptr); cluster_ = &cluster; ASSERT(host_set_member_update_cb_handle_ == nullptr); host_set_member_update_cb_handle_ = cluster_->prioritySet().addMemberUpdateCb( [this](const std::vector& hosts_added, const std::vector& hosts_removed) -> void { onHostsAdded(hosts_added); onHostsRemoved(hosts_removed); }); ASSERT(host_address_map_.empty()); for (const auto& i : cluster_->prioritySet().hostSetsPerPriority()) { for (auto& host : i->hosts()) { host_address_map_[host->address()->asString()] = host; } } // Figure out if the cluster associated with this ConnPool is a Redis cluster // with its own hash slot sharding scheme and ability to dynamically discover // its members. This is done once to minimize overhead in the data path, makeRequest() in // particular. Upstream::ClusterInfoConstSharedPtr info = cluster_->info(); const auto& cluster_type = info->clusterType(); is_redis_cluster_ = info->lbType() == Upstream::LoadBalancerType::ClusterProvided && cluster_type.has_value() && cluster_type->name() == Extensions::Clusters::ClusterTypes::get().Redis; } void InstanceImpl::ThreadLocalPool::onClusterRemoval(const std::string& cluster_name) { if (cluster_name != cluster_name_) { return; } // Treat cluster removal as a removal of all hosts. Close all connections and fail all pending // requests. if (host_set_member_update_cb_handle_ != nullptr) { host_set_member_update_cb_handle_->remove(); host_set_member_update_cb_handle_ = nullptr; } while (!client_map_.empty()) { client_map_.begin()->second->redis_client_->close(); } while (!clients_to_drain_.empty()) { (*clients_to_drain_.begin())->redis_client_->close(); } cluster_ = nullptr; host_address_map_.clear(); } void InstanceImpl::ThreadLocalPool::onHostsAdded( const std::vector& hosts_added) { for (const auto& host : hosts_added) { std::string host_address = host->address()->asString(); // Insert new host into address map, possibly overwriting a previous host's entry. host_address_map_[host_address] = host; for (const auto& created_host : created_via_redirect_hosts_) { if (created_host->address()->asString() == host_address) { // Remove our "temporary" host created in makeRequestToHost(). onHostsRemoved({created_host}); created_via_redirect_hosts_.remove(created_host); break; } } } } void InstanceImpl::ThreadLocalPool::onHostsRemoved( const std::vector& hosts_removed) { for (const auto& host : hosts_removed) { auto it = client_map_.find(host); if (it != client_map_.end()) { if (it->second->redis_client_->active()) { // Put the ThreadLocalActiveClient to the side to drain. clients_to_drain_.push_back(std::move(it->second)); client_map_.erase(it); if (!drain_timer_->enabled()) { drain_timer_->enableTimer(std::chrono::seconds(1)); } } else { // There are no pending requests so close the connection. it->second->redis_client_->close(); } } // There is the possibility that multiple hosts with the same address // are registered in host_address_map_ given that hosts may be created // upon redirection or supplied as part of the cluster's definition. auto it2 = host_address_map_.find(host->address()->asString()); if ((it2 != host_address_map_.end()) && (it2->second == host)) { host_address_map_.erase(it2); } } } void InstanceImpl::ThreadLocalPool::drainClients() { while (!clients_to_drain_.empty() && !(*clients_to_drain_.begin())->redis_client_->active()) { (*clients_to_drain_.begin())->redis_client_->close(); } if (!clients_to_drain_.empty()) { drain_timer_->enableTimer(std::chrono::seconds(1)); } } InstanceImpl::ThreadLocalActiveClientPtr& InstanceImpl::ThreadLocalPool::threadLocalActiveClient(Upstream::HostConstSharedPtr host) { ThreadLocalActiveClientPtr& client = client_map_[host]; if (!client) { client = std::make_unique(*this); client->host_ = host; client->redis_client_ = client_factory_.create(host, dispatcher_, *config_, redis_command_stats_, *(stats_scope_), auth_username_, auth_password_); client->redis_client_->addConnectionCallbacks(*client); } return client; } Common::Redis::Client::PoolRequest* InstanceImpl::ThreadLocalPool::makeRequest(const std::string& key, RespVariant&& request, PoolCallbacks& callbacks) { if (cluster_ == nullptr) { ASSERT(client_map_.empty()); ASSERT(host_set_member_update_cb_handle_ == nullptr); return nullptr; } Clusters::Redis::RedisLoadBalancerContextImpl lb_context(key, config_->enableHashtagging(), is_redis_cluster_, getRequest(request), config_->readPolicy()); Upstream::HostConstSharedPtr host = cluster_->loadBalancer().chooseHost(&lb_context); if (!host) { return nullptr; } pending_requests_.emplace_back(*this, std::move(request), callbacks); PendingRequest& pending_request = pending_requests_.back(); ThreadLocalActiveClientPtr& client = this->threadLocalActiveClient(host); pending_request.request_handler_ = client->redis_client_->makeRequest( getRequest(pending_request.incoming_request_), pending_request); if (pending_request.request_handler_) { return &pending_request; } else { onRequestCompleted(); return nullptr; } } Common::Redis::Client::PoolRequest* InstanceImpl::ThreadLocalPool::makeRequestToHost( const std::string& host_address, const Common::Redis::RespValue& request, Common::Redis::Client::ClientCallbacks& callbacks) { if (cluster_ == nullptr) { ASSERT(client_map_.empty()); ASSERT(host_set_member_update_cb_handle_ == nullptr); return nullptr; } auto colon_pos = host_address.rfind(':'); if ((colon_pos == std::string::npos) || (colon_pos == (host_address.size() - 1))) { return nullptr; } const std::string ip_address = host_address.substr(0, colon_pos); const bool ipv6 = (ip_address.find(':') != std::string::npos); std::string host_address_map_key; Network::Address::InstanceConstSharedPtr address_ptr; if (!ipv6) { host_address_map_key = host_address; } else { const auto ip_port = absl::string_view(host_address).substr(colon_pos + 1); uint32_t ip_port_number; if (!absl::SimpleAtoi(ip_port, &ip_port_number) || (ip_port_number > 65535)) { return nullptr; } try { address_ptr = std::make_shared(ip_address, ip_port_number); } catch (const EnvoyException&) { return nullptr; } host_address_map_key = address_ptr->asString(); } auto it = host_address_map_.find(host_address_map_key); if (it == host_address_map_.end()) { // This host is not known to the cluster manager. Create a new host and insert it into the map. if (created_via_redirect_hosts_.size() == config_->maxUpstreamUnknownConnections()) { // Too many upstream connections to unknown hosts have been created. redis_cluster_stats_.max_upstream_unknown_connections_reached_.inc(); return nullptr; } if (!ipv6) { // Only create an IPv4 address instance if we need a new Upstream::HostImpl. const auto ip_port = absl::string_view(host_address).substr(colon_pos + 1); uint32_t ip_port_number; if (!absl::SimpleAtoi(ip_port, &ip_port_number) || (ip_port_number > 65535)) { return nullptr; } try { address_ptr = std::make_shared(ip_address, ip_port_number); } catch (const EnvoyException&) { return nullptr; } } Upstream::HostSharedPtr new_host{new Upstream::HostImpl( cluster_->info(), "", address_ptr, nullptr, 1, envoy::config::core::v3::Locality(), envoy::config::endpoint::v3::Endpoint::HealthCheckConfig::default_instance(), 0, envoy::config::core::v3::UNKNOWN)}; host_address_map_[host_address_map_key] = new_host; created_via_redirect_hosts_.push_back(new_host); it = host_address_map_.find(host_address_map_key); } ThreadLocalActiveClientPtr& client = threadLocalActiveClient(it->second); return client->redis_client_->makeRequest(request, callbacks); } void InstanceImpl::ThreadLocalPool::onRequestCompleted() { ASSERT(!pending_requests_.empty()); // The response we got might not be in order, so flush out what we can. (A new response may // unlock several out of order responses). while (!pending_requests_.empty() && !pending_requests_.front().request_handler_) { pending_requests_.pop_front(); } } void InstanceImpl::ThreadLocalActiveClient::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { auto client_to_delete = parent_.client_map_.find(host_); if (client_to_delete != parent_.client_map_.end()) { parent_.dispatcher_.deferredDelete(std::move(redis_client_)); parent_.client_map_.erase(client_to_delete); } else { for (auto it = parent_.clients_to_drain_.begin(); it != parent_.clients_to_drain_.end(); it++) { if ((*it).get() == this) { if (!redis_client_->active()) { parent_.redis_cluster_stats_.upstream_cx_drained_.inc(); } parent_.dispatcher_.deferredDelete(std::move(redis_client_)); parent_.clients_to_drain_.erase(it); break; } } } } } InstanceImpl::PendingRequest::PendingRequest(InstanceImpl::ThreadLocalPool& parent, RespVariant&& incoming_request, PoolCallbacks& pool_callbacks) : parent_(parent), incoming_request_(std::move(incoming_request)), pool_callbacks_(pool_callbacks) {} InstanceImpl::PendingRequest::~PendingRequest() { if (request_handler_) { request_handler_->cancel(); request_handler_ = nullptr; // If we have to cancel the request on the client, then we'll treat this as failure for pool // callback pool_callbacks_.onFailure(); } } void InstanceImpl::PendingRequest::onResponse(Common::Redis::RespValuePtr&& response) { request_handler_ = nullptr; pool_callbacks_.onResponse(std::move(response)); parent_.onRequestCompleted(); } void InstanceImpl::PendingRequest::onFailure() { request_handler_ = nullptr; pool_callbacks_.onFailure(); parent_.refresh_manager_->onFailure(parent_.cluster_name_); parent_.onRequestCompleted(); } bool InstanceImpl::PendingRequest::onRedirection(Common::Redis::RespValuePtr&& value, const std::string& host_address, bool ask_redirection) { // Prepend request with an asking command if redirected via an ASK error. The returned handle is // not important since there is no point in being able to cancel the request. The use of // null_pool_callbacks ensures the transparent filtering of the Redis server's response to the // "asking" command; this is fine since the server either responds with an OK or an error message // if cluster support is not enabled (in which case we should not get an ASK redirection error). if (ask_redirection && !parent_.makeRequestToHost(host_address, Common::Redis::Utility::AskingRequest::instance(), null_client_callbacks)) { onResponse(std::move(value)); return false; } request_handler_ = parent_.makeRequestToHost(host_address, getRequest(incoming_request_), *this); if (!request_handler_) { onResponse(std::move(value)); return false; } else { parent_.refresh_manager_->onRedirection(parent_.cluster_name_); return true; } } void InstanceImpl::PendingRequest::cancel() { request_handler_->cancel(); request_handler_ = nullptr; parent_.onRequestCompleted(); } } // namespace ConnPool } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/conn_pool_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/stats/stats_macros.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/network/address_impl.h" #include "common/network/filter_impl.h" #include "common/protobuf/utility.h" #include "common/singleton/const_singleton.h" #include "common/upstream/load_balancer_impl.h" #include "common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/redis_cluster_lb.h" #include "extensions/common/redis/cluster_refresh_manager.h" #include "extensions/filters/network/common/redis/client.h" #include "extensions/filters/network/common/redis/client_impl.h" #include "extensions/filters/network/common/redis/codec_impl.h" #include "extensions/filters/network/common/redis/utility.h" #include "extensions/filters/network/redis_proxy/conn_pool.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { namespace ConnPool { // TODO(mattklein123): Circuit breaking // TODO(rshriram): Fault injection #define REDIS_CLUSTER_STATS(COUNTER) \ COUNTER(upstream_cx_drained) \ COUNTER(max_upstream_unknown_connections_reached) struct RedisClusterStats { REDIS_CLUSTER_STATS(GENERATE_COUNTER_STRUCT) }; class DoNothingPoolCallbacks : public PoolCallbacks { public: void onResponse(Common::Redis::RespValuePtr&&) override{}; void onFailure() override{}; }; class InstanceImpl : public Instance, public std::enable_shared_from_this { public: InstanceImpl( const std::string& cluster_name, Upstream::ClusterManager& cm, Common::Redis::Client::ClientFactory& client_factory, ThreadLocal::SlotAllocator& tls, const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::ConnPoolSettings& config, Api::Api& api, Stats::ScopePtr&& stats_scope, const Common::Redis::RedisCommandStatsSharedPtr& redis_command_stats, Extensions::Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager); // RedisProxy::ConnPool::Instance Common::Redis::Client::PoolRequest* makeRequest(const std::string& key, RespVariant&& request, PoolCallbacks& callbacks) override; /** * Makes a redis request based on IP address and TCP port of the upstream host (e.g., * moved/ask cluster redirection). This is now only kept mostly for testing. * @param host_address supplies the IP address and TCP port of the upstream host to receive * the request. * @param request supplies the Redis request to make. * @param callbacks supplies the request completion callbacks. * @return PoolRequest* a handle to the active request or nullptr if the request could not be * made for some reason. */ Common::Redis::Client::PoolRequest* makeRequestToHost(const std::string& host_address, const Common::Redis::RespValue& request, Common::Redis::Client::ClientCallbacks& callbacks); void init(); // Allow the unit test to have access to private members. friend class RedisConnPoolImplTest; private: struct ThreadLocalPool; struct ThreadLocalActiveClient : public Network::ConnectionCallbacks { ThreadLocalActiveClient(ThreadLocalPool& parent) : parent_(parent) {} // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} ThreadLocalPool& parent_; Upstream::HostConstSharedPtr host_; Common::Redis::Client::ClientPtr redis_client_; }; using ThreadLocalActiveClientPtr = std::unique_ptr; struct PendingRequest : public Common::Redis::Client::ClientCallbacks, public Common::Redis::Client::PoolRequest { PendingRequest(ThreadLocalPool& parent, RespVariant&& incoming_request, PoolCallbacks& pool_callbacks); ~PendingRequest() override; // Common::Redis::Client::ClientCallbacks void onResponse(Common::Redis::RespValuePtr&& response) override; void onFailure() override; bool onRedirection(Common::Redis::RespValuePtr&& value, const std::string& host_address, bool ask_redirection) override; // PoolRequest void cancel() override; ThreadLocalPool& parent_; const RespVariant incoming_request_; Common::Redis::Client::PoolRequest* request_handler_; PoolCallbacks& pool_callbacks_; }; struct ThreadLocalPool : public ThreadLocal::ThreadLocalObject, public Upstream::ClusterUpdateCallbacks { ThreadLocalPool(std::shared_ptr parent, Event::Dispatcher& dispatcher, std::string cluster_name); ~ThreadLocalPool() override; ThreadLocalActiveClientPtr& threadLocalActiveClient(Upstream::HostConstSharedPtr host); Common::Redis::Client::PoolRequest* makeRequest(const std::string& key, RespVariant&& request, PoolCallbacks& callbacks); Common::Redis::Client::PoolRequest* makeRequestToHost(const std::string& host_address, const Common::Redis::RespValue& request, Common::Redis::Client::ClientCallbacks& callbacks); void onClusterAddOrUpdateNonVirtual(Upstream::ThreadLocalCluster& cluster); void onHostsAdded(const std::vector& hosts_added); void onHostsRemoved(const std::vector& hosts_removed); void drainClients(); // Upstream::ClusterUpdateCallbacks void onClusterAddOrUpdate(Upstream::ThreadLocalCluster& cluster) override { onClusterAddOrUpdateNonVirtual(cluster); } void onClusterRemoval(const std::string& cluster_name) override; void onRequestCompleted(); std::weak_ptr parent_; Event::Dispatcher& dispatcher_; const std::string cluster_name_; Upstream::ClusterUpdateCallbacksHandlePtr cluster_update_handle_; Upstream::ThreadLocalCluster* cluster_{}; absl::node_hash_map client_map_; Envoy::Common::CallbackHandle* host_set_member_update_cb_handle_{}; absl::node_hash_map host_address_map_; std::string auth_username_; std::string auth_password_; std::list created_via_redirect_hosts_; std::list clients_to_drain_; std::list pending_requests_; /* This timer is used to poll the active clients in clients_to_drain_ to determine whether they * have been drained (have no active requests) or not. It is only enabled after a client has * been added to clients_to_drain_, and is only re-enabled as long as that list is not empty. A * timer is being used as opposed to using a callback to avoid adding a check of * clients_to_drain_ to the main data code path as this should only rarely be not empty. */ Event::TimerPtr drain_timer_; bool is_redis_cluster_; Common::Redis::Client::ClientFactory& client_factory_; Common::Redis::Client::ConfigSharedPtr config_; Stats::ScopeSharedPtr stats_scope_; Common::Redis::RedisCommandStatsSharedPtr redis_command_stats_; RedisClusterStats redis_cluster_stats_; const Extensions::Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager_; }; const std::string cluster_name_; Upstream::ClusterManager& cm_; Common::Redis::Client::ClientFactory& client_factory_; ThreadLocal::SlotPtr tls_; Common::Redis::Client::ConfigSharedPtr config_; Api::Api& api_; Stats::ScopeSharedPtr stats_scope_; Common::Redis::RedisCommandStatsSharedPtr redis_command_stats_; RedisClusterStats redis_cluster_stats_; const Extensions::Common::Redis::ClusterRefreshManagerSharedPtr refresh_manager_; }; } // namespace ConnPool } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/proxy_filter.cc ================================================ #include "extensions/filters/network/redis_proxy/proxy_filter.h" #include #include #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/datasource.h" #include "common/config/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { ProxyFilterConfig::ProxyFilterConfig( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy& config, Stats::Scope& scope, const Network::DrainDecision& drain_decision, Runtime::Loader& runtime, Api::Api& api) : drain_decision_(drain_decision), runtime_(runtime), stat_prefix_(fmt::format("redis.{}.", config.stat_prefix())), stats_(generateStats(stat_prefix_, scope)), downstream_auth_username_( Config::DataSource::read(config.downstream_auth_username(), true, api)), downstream_auth_password_( Config::DataSource::read(config.downstream_auth_password(), true, api)) {} ProxyStats ProxyFilterConfig::generateStats(const std::string& prefix, Stats::Scope& scope) { return { ALL_REDIS_PROXY_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix))}; } ProxyFilter::ProxyFilter(Common::Redis::DecoderFactory& factory, Common::Redis::EncoderPtr&& encoder, CommandSplitter::Instance& splitter, ProxyFilterConfigSharedPtr config) : decoder_(factory.create(*this)), encoder_(std::move(encoder)), splitter_(splitter), config_(config) { config_->stats_.downstream_cx_total_.inc(); config_->stats_.downstream_cx_active_.inc(); connection_allowed_ = config_->downstream_auth_username_.empty() && config_->downstream_auth_password_.empty(); } ProxyFilter::~ProxyFilter() { ASSERT(pending_requests_.empty()); config_->stats_.downstream_cx_active_.dec(); } void ProxyFilter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { callbacks_ = &callbacks; callbacks_->connection().addConnectionCallbacks(*this); callbacks_->connection().setConnectionStats({config_->stats_.downstream_cx_rx_bytes_total_, config_->stats_.downstream_cx_rx_bytes_buffered_, config_->stats_.downstream_cx_tx_bytes_total_, config_->stats_.downstream_cx_tx_bytes_buffered_, nullptr, nullptr}); } void ProxyFilter::onRespValue(Common::Redis::RespValuePtr&& value) { pending_requests_.emplace_back(*this); PendingRequest& request = pending_requests_.back(); CommandSplitter::SplitRequestPtr split = splitter_.makeRequest(std::move(value), request, callbacks_->connection().dispatcher()); if (split) { // The splitter can immediately respond and destroy the pending request. Only store the handle // if the request is still alive. request.request_handle_ = std::move(split); } } void ProxyFilter::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { while (!pending_requests_.empty()) { if (pending_requests_.front().request_handle_ != nullptr) { pending_requests_.front().request_handle_->cancel(); } pending_requests_.pop_front(); } } } void ProxyFilter::onAuth(PendingRequest& request, const std::string& password) { Common::Redis::RespValuePtr response{new Common::Redis::RespValue()}; if (config_->downstream_auth_password_.empty()) { response->type(Common::Redis::RespType::Error); response->asString() = "ERR Client sent AUTH, but no password is set"; } else if (password == config_->downstream_auth_password_) { response->type(Common::Redis::RespType::SimpleString); response->asString() = "OK"; connection_allowed_ = true; } else { response->type(Common::Redis::RespType::Error); response->asString() = "ERR invalid password"; connection_allowed_ = false; } request.onResponse(std::move(response)); } void ProxyFilter::onAuth(PendingRequest& request, const std::string& username, const std::string& password) { Common::Redis::RespValuePtr response{new Common::Redis::RespValue()}; if (config_->downstream_auth_username_.empty() && config_->downstream_auth_password_.empty()) { response->type(Common::Redis::RespType::Error); response->asString() = "ERR Client sent AUTH, but no username-password pair is set"; } else if (config_->downstream_auth_username_.empty() && username == "default" && password == config_->downstream_auth_password_) { // empty username and "default" are synonymous in Redis 6 ACLs response->type(Common::Redis::RespType::SimpleString); response->asString() = "OK"; connection_allowed_ = true; } else if (username == config_->downstream_auth_username_ && password == config_->downstream_auth_password_) { response->type(Common::Redis::RespType::SimpleString); response->asString() = "OK"; connection_allowed_ = true; } else { response->type(Common::Redis::RespType::Error); response->asString() = "WRONGPASS invalid username-password pair"; connection_allowed_ = false; } request.onResponse(std::move(response)); } void ProxyFilter::onResponse(PendingRequest& request, Common::Redis::RespValuePtr&& value) { ASSERT(!pending_requests_.empty()); request.pending_response_ = std::move(value); request.request_handle_ = nullptr; // The response we got might not be in order, so flush out what we can. (A new response may // unlock several out of order responses). while (!pending_requests_.empty() && pending_requests_.front().pending_response_) { encoder_->encode(*pending_requests_.front().pending_response_, encoder_buffer_); pending_requests_.pop_front(); } if (encoder_buffer_.length() > 0) { callbacks_->connection().write(encoder_buffer_, false); } // Check for drain close only if there are no pending responses. if (pending_requests_.empty() && config_->drain_decision_.drainClose() && config_->runtime_.snapshot().featureEnabled(config_->redis_drain_close_runtime_key_, 100)) { config_->stats_.downstream_cx_drain_close_.inc(); callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } } Network::FilterStatus ProxyFilter::onData(Buffer::Instance& data, bool) { try { decoder_->decode(data); return Network::FilterStatus::Continue; } catch (Common::Redis::ProtocolError&) { config_->stats_.downstream_cx_protocol_error_.inc(); Common::Redis::RespValue error; error.type(Common::Redis::RespType::Error); error.asString() = "downstream protocol error"; encoder_->encode(error, encoder_buffer_); callbacks_->connection().write(encoder_buffer_, false); callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return Network::FilterStatus::StopIteration; } } ProxyFilter::PendingRequest::PendingRequest(ProxyFilter& parent) : parent_(parent) { parent.config_->stats_.downstream_rq_total_.inc(); parent.config_->stats_.downstream_rq_active_.inc(); } ProxyFilter::PendingRequest::~PendingRequest() { parent_.config_->stats_.downstream_rq_active_.dec(); } } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/proxy_filter.h ================================================ #pragma once #include #include #include #include #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/network/drain_decision.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/common/redis/codec.h" #include "extensions/filters/network/redis_proxy/command_splitter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { /** * All redis proxy stats. @see stats_macros.h */ #define ALL_REDIS_PROXY_STATS(COUNTER, GAUGE) \ COUNTER(downstream_cx_drain_close) \ COUNTER(downstream_cx_protocol_error) \ COUNTER(downstream_cx_rx_bytes_total) \ COUNTER(downstream_cx_total) \ COUNTER(downstream_cx_tx_bytes_total) \ COUNTER(downstream_rq_total) \ GAUGE(downstream_cx_active, Accumulate) \ GAUGE(downstream_cx_rx_bytes_buffered, Accumulate) \ GAUGE(downstream_cx_tx_bytes_buffered, Accumulate) \ GAUGE(downstream_rq_active, Accumulate) /** * Struct definition for all redis proxy stats. @see stats_macros.h */ struct ProxyStats { ALL_REDIS_PROXY_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Configuration for the redis proxy filter. */ class ProxyFilterConfig { public: ProxyFilterConfig(const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy& config, Stats::Scope& scope, const Network::DrainDecision& drain_decision, Runtime::Loader& runtime, Api::Api& api); const Network::DrainDecision& drain_decision_; Runtime::Loader& runtime_; const std::string stat_prefix_; const std::string redis_drain_close_runtime_key_{"redis.drain_close_enabled"}; ProxyStats stats_; const std::string downstream_auth_username_; const std::string downstream_auth_password_; private: static ProxyStats generateStats(const std::string& prefix, Stats::Scope& scope); }; using ProxyFilterConfigSharedPtr = std::shared_ptr; /** * A redis multiplexing proxy filter. This filter will take incoming redis pipelined commands, and * multiplex them onto a consistently hashed connection pool of backend servers. */ class ProxyFilter : public Network::ReadFilter, public Common::Redis::DecoderCallbacks, public Network::ConnectionCallbacks { public: ProxyFilter(Common::Redis::DecoderFactory& factory, Common::Redis::EncoderPtr&& encoder, CommandSplitter::Instance& splitter, ProxyFilterConfigSharedPtr config); ~ProxyFilter() override; // Network::ReadFilter void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // Common::Redis::DecoderCallbacks void onRespValue(Common::Redis::RespValuePtr&& value) override; bool connectionAllowed() { return connection_allowed_; } private: friend class RedisProxyFilterTest; struct PendingRequest : public CommandSplitter::SplitCallbacks { PendingRequest(ProxyFilter& parent); ~PendingRequest() override; // RedisProxy::CommandSplitter::SplitCallbacks bool connectionAllowed() override { return parent_.connectionAllowed(); } void onAuth(const std::string& password) override { parent_.onAuth(*this, password); } void onAuth(const std::string& username, const std::string& password) override { parent_.onAuth(*this, username, password); } void onResponse(Common::Redis::RespValuePtr&& value) override { parent_.onResponse(*this, std::move(value)); } ProxyFilter& parent_; Common::Redis::RespValuePtr pending_response_; CommandSplitter::SplitRequestPtr request_handle_; }; void onAuth(PendingRequest& request, const std::string& password); void onAuth(PendingRequest& request, const std::string& username, const std::string& password); void onResponse(PendingRequest& request, Common::Redis::RespValuePtr&& value); Common::Redis::DecoderPtr decoder_; Common::Redis::EncoderPtr encoder_; CommandSplitter::Instance& splitter_; ProxyFilterConfigSharedPtr config_; Buffer::OwnedImpl encoder_buffer_; Network::ReadFilterCallbacks* callbacks_{}; std::list pending_requests_; bool connection_allowed_; }; } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/router.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" #include "extensions/filters/network/redis_proxy/conn_pool.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { /** * Per route policy for request mirroring. */ class MirrorPolicy { public: virtual ~MirrorPolicy() = default; /** * @return the upstream connection pool that a matching request should be mirrored to. Returns * null if no mirroring should take place. */ virtual ConnPool::InstanceSharedPtr upstream() const PURE; /** * Determine whether a request should be mirrored. * @param command the redis command being requested * @return TRUE if mirroring should take place. */ virtual bool shouldMirror(const std::string& command) const PURE; }; using MirrorPolicyConstSharedPtr = std::shared_ptr; using MirrorPolicies = std::vector; /** * An resolved route that wraps an upstream connection pool and list of mirror policies */ class Route { public: virtual ~Route() = default; virtual ConnPool::InstanceSharedPtr upstream() const PURE; virtual const MirrorPolicies& mirrorPolicies() const PURE; }; using RouteSharedPtr = std::shared_ptr; /* * Decorator of a connection pool in order to enable key based routing. */ class Router { public: virtual ~Router() = default; /** * Returns a connection pool that matches a given route. When no match is found, the catch all * pool is used. When remove prefix is set to true, the prefix will be removed from the key. * @param key mutable reference to the key of the current command. * @return a handle to the connection pool. */ virtual RouteSharedPtr upstreamPool(std::string& key) PURE; }; using RouterPtr = std::unique_ptr; } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/router_impl.cc ================================================ #include "extensions/filters/network/redis_proxy/router_impl.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/type/v3/percent.pb.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { MirrorPolicyImpl::MirrorPolicyImpl(const envoy::extensions::filters::network::redis_proxy::v3:: RedisProxy::PrefixRoutes::Route::RequestMirrorPolicy& config, const ConnPool::InstanceSharedPtr upstream, Runtime::Loader& runtime) : runtime_key_(config.runtime_fraction().runtime_key()), default_value_(config.has_runtime_fraction() ? absl::optional( config.runtime_fraction().default_value()) : absl::nullopt), exclude_read_commands_(config.exclude_read_commands()), upstream_(upstream), runtime_(runtime) {} bool MirrorPolicyImpl::shouldMirror(const std::string& command) const { if (!upstream_) { return false; } std::string to_lower_string = absl::AsciiStrToLower(command); if (exclude_read_commands_ && Common::Redis::SupportedCommands::isReadCommand(to_lower_string)) { return false; } if (default_value_.has_value()) { return runtime_.snapshot().featureEnabled(runtime_key_, default_value_.value()); } return true; } Prefix::Prefix( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes::Route route, Upstreams& upstreams, Runtime::Loader& runtime) : prefix_(route.prefix()), remove_prefix_(route.remove_prefix()), upstream_(upstreams.at(route.cluster())) { for (auto const& mirror_policy : route.request_mirror_policy()) { mirror_policies_.emplace_back(std::make_shared( mirror_policy, upstreams.at(mirror_policy.cluster()), runtime)); } } PrefixRoutes::PrefixRoutes( const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes& config, Upstreams&& upstreams, Runtime::Loader& runtime) : case_insensitive_(config.case_insensitive()), upstreams_(std::move(upstreams)), catch_all_route_(config.has_catch_all_route() ? std::make_shared(config.catch_all_route(), upstreams_, runtime) : nullptr) { for (auto const& route : config.routes()) { std::string copy(route.prefix()); if (case_insensitive_) { absl::AsciiStrToLower(©); } auto success = prefix_lookup_table_.add( copy.c_str(), std::make_shared(route, upstreams_, runtime), false); if (!success) { throw EnvoyException(fmt::format("prefix `{}` already exists.", route.prefix())); } } } RouteSharedPtr PrefixRoutes::upstreamPool(std::string& key) { PrefixSharedPtr value = nullptr; if (case_insensitive_) { std::string copy = absl::AsciiStrToLower(key); value = prefix_lookup_table_.findLongestPrefix(copy.c_str()); } else { value = prefix_lookup_table_.findLongestPrefix(key.c_str()); } if (value != nullptr) { if (value->removePrefix()) { key.erase(0, value->prefix().length()); } return value; } return catch_all_route_; } } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/redis_proxy/router_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" #include "extensions/filters/network/common/redis/supported_commands.h" #include "extensions/filters/network/redis_proxy/conn_pool_impl.h" #include "extensions/filters/network/redis_proxy/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RedisProxy { using Upstreams = std::map; class MirrorPolicyImpl : public MirrorPolicy { public: MirrorPolicyImpl(const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy:: PrefixRoutes::Route::RequestMirrorPolicy&, const ConnPool::InstanceSharedPtr, Runtime::Loader& runtime); ConnPool::InstanceSharedPtr upstream() const override { return upstream_; }; bool shouldMirror(const std::string& command) const override; private: const std::string runtime_key_; const absl::optional default_value_; const bool exclude_read_commands_; ConnPool::InstanceSharedPtr upstream_; Runtime::Loader& runtime_; }; class Prefix : public Route { public: Prefix(const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes::Route route, Upstreams& upstreams, Runtime::Loader& runtime); ConnPool::InstanceSharedPtr upstream() const override { return upstream_; } const MirrorPolicies& mirrorPolicies() const override { return mirror_policies_; }; const std::string& prefix() const { return prefix_; } bool removePrefix() const { return remove_prefix_; } private: const std::string prefix_; const bool remove_prefix_; const ConnPool::InstanceSharedPtr upstream_; MirrorPolicies mirror_policies_; }; using PrefixSharedPtr = std::shared_ptr; class PrefixRoutes : public Router { public: PrefixRoutes(const envoy::extensions::filters::network::redis_proxy::v3::RedisProxy::PrefixRoutes& prefix_routes, Upstreams&& upstreams, Runtime::Loader& runtime); RouteSharedPtr upstreamPool(std::string& key) override; private: TrieLookupTable prefix_lookup_table_; const bool case_insensitive_; Upstreams upstreams_; RouteSharedPtr catch_all_route_; }; } // namespace RedisProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = ["//source/common/singleton:const_singleton"], ) envoy_cc_library( name = "stats_interface", hdrs = ["stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", ], ) envoy_cc_library( name = "rocketmq_interface", hdrs = [ "topic_route.h", ], deps = [ "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "rocketmq_lib", srcs = [ "topic_route.cc", ], deps = [ ":rocketmq_interface", ], ) envoy_cc_library( name = "protocol_interface", hdrs = ["protocol.h"], deps = [ ":metadata_lib", "//source/common/buffer:buffer_lib", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "protocol_lib", srcs = ["protocol.cc"], deps = [ ":protocol_interface", ":well_known_names", "//source/common/common:enum_to_int", ], ) envoy_cc_library( name = "codec_lib", srcs = [ "codec.cc", ], hdrs = [ "codec.h", ], deps = [ ":protocol_lib", "//include/envoy/network:filter_interface", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "conn_manager_lib", srcs = [ "active_message.cc", "conn_manager.cc", ], hdrs = [ "active_message.h", "conn_manager.h", ], deps = [ ":codec_lib", ":protocol_lib", ":rocketmq_lib", ":stats_interface", ":well_known_names", "//include/envoy/buffer:buffer_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/common:linked_object", "//source/common/protobuf:utility_lib", "//source/common/stats:timespan_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/rocketmq_proxy/router:router_interface", "@envoy_api//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = [ "config.cc", ], hdrs = [ "config.h", ], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":conn_manager_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/common/common:logger_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/rocketmq_proxy/router:route_matcher", "//source/extensions/filters/network/rocketmq_proxy/router:router_lib", "@envoy_api//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "metadata_lib", hdrs = ["metadata.h"], external_deps = ["abseil_optional"], deps = [ "//source/common/http:header_map_lib", ], ) ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/active_message.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/active_message.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/protobuf/utility.h" #include "extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "extensions/filters/network/rocketmq_proxy/topic_route.h" #include "extensions/filters/network/rocketmq_proxy/well_known_names.h" #include "extensions/filters/network/well_known_names.h" #include "absl/strings/match.h" using Envoy::Tcp::ConnectionPool::ConnectionDataPtr; namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { ActiveMessage::ActiveMessage(ConnectionManager& conn_manager, RemotingCommandPtr&& request) : connection_manager_(conn_manager), request_(std::move(request)) { metadata_ = std::make_shared(); MetadataHelper::parseRequest(request_, metadata_); updateActiveRequestStats(); } ActiveMessage::~ActiveMessage() { updateActiveRequestStats(false); } void ActiveMessage::createFilterChain() { router_ = connection_manager_.config().createRouter(); } void ActiveMessage::sendRequestToUpstream() { if (!router_) { createFilterChain(); } router_->sendRequestToUpstream(*this); } Router::RouteConstSharedPtr ActiveMessage::route() { if (cached_route_) { return cached_route_.value(); } const std::string& topic_name = metadata_->topicName(); ENVOY_LOG(trace, "fetch route for topic: {}", topic_name); Router::RouteConstSharedPtr route = connection_manager_.config().routerConfig().route(*metadata_); cached_route_ = route; return cached_route_.value(); } void ActiveMessage::onError(absl::string_view error_message) { connection_manager_.onError(request_, error_message); } const RemotingCommandPtr& ActiveMessage::downstreamRequest() const { return request_; } void ActiveMessage::fillAckMessageDirective(Buffer::Instance& buffer, const std::string& group, const std::string& topic, const AckMessageDirective& directive) { int32_t cursor = 0; const int32_t buffer_length = buffer.length(); while (cursor < buffer_length) { auto frame_length = buffer.peekBEInt(cursor); std::string decoded_topic = Decoder::decodeTopic(buffer, cursor); ENVOY_LOG(trace, "Process a message: consumer group: {}, topic: {}, messageId: {}", decoded_topic, group, Decoder::decodeMsgId(buffer, cursor)); if (!absl::StartsWith(decoded_topic, RetryTopicPrefix) && decoded_topic != topic) { ENVOY_LOG(warn, "Decoded topic from pop-response does not equal to request. Decoded topic: " "{}, request topic: {}, message ID: {}", decoded_topic, topic, Decoder::decodeMsgId(buffer, cursor)); } /* * Sometimes, client SDK may used -1 for queue-id in the pop request so that broker servers * are allowed to lookup all queues it serves. So we need to use the actual queue Id from * response body. */ int32_t queue_id = Decoder::decodeQueueId(buffer, cursor); int64_t queue_offset = Decoder::decodeQueueOffset(buffer, cursor); std::string key = fmt::format("{}-{}-{}-{}", group, decoded_topic, queue_id, queue_offset); connection_manager_.insertAckDirective(key, directive); ENVOY_LOG( debug, "Insert an ack directive. Consumer group: {}, topic: {}, queue Id: {}, queue offset: {}", group, topic, queue_id, queue_offset); cursor += frame_length; } } void ActiveMessage::sendResponseToDownstream() { if (request_->code() == enumToSignedInt(RequestCode::PopMessage)) { // Fill ack message directive auto pop_header = request_->typedCustomHeader(); AckMessageDirective directive(pop_header->targetBrokerName(), pop_header->targetBrokerId(), connection_manager_.timeSource().monotonicTime()); ENVOY_LOG(trace, "Receive pop response from broker name: {}, broker ID: {}", pop_header->targetBrokerName(), pop_header->targetBrokerId()); fillAckMessageDirective(response_->body(), pop_header->consumerGroup(), pop_header->topic(), directive); } // If acknowledgment of the message is successful, we need to erase the ack directive from // manager. if (request_->code() == enumToSignedInt(RequestCode::AckMessage) && response_->code() == enumToSignedInt(ResponseCode::Success)) { auto ack_header = request_->typedCustomHeader(); connection_manager_.eraseAckDirective(ack_header->directiveKey()); } if (response_) { response_->opaque(request_->opaque()); connection_manager_.sendResponseToDownstream(response_); } } void ActiveMessage::fillBrokerData(std::vector& list, const std::string& cluster, const std::string& broker_name, int64_t broker_id, const std::string& address) { bool found = false; for (auto& entry : list) { if (entry.cluster() == cluster && entry.brokerName() == broker_name) { found = true; if (entry.brokerAddresses().find(broker_id) != entry.brokerAddresses().end()) { ENVOY_LOG(warn, "Duplicate broker_id found. Broker ID: {}, address: {}", broker_id, address); continue; } else { entry.brokerAddresses()[broker_id] = address; } } } if (!found) { absl::node_hash_map addresses; addresses.emplace(broker_id, address); list.emplace_back(BrokerData(cluster, broker_name, std::move(addresses))); } } void ActiveMessage::onQueryTopicRoute() { std::string cluster_name; ASSERT(metadata_->hasTopicName()); const std::string& topic_name = metadata_->topicName(); Upstream::ThreadLocalCluster* cluster = nullptr; Router::RouteConstSharedPtr route = this->route(); if (route) { cluster_name = route->routeEntry()->clusterName(); Upstream::ClusterManager& cluster_manager = connection_manager_.config().clusterManager(); cluster = cluster_manager.get(cluster_name); } if (cluster) { ENVOY_LOG(trace, "Enovy has an operating cluster {} for topic {}", cluster_name, topic_name); std::vector queue_data_list; std::vector broker_data_list; for (auto& host_set : cluster->prioritySet().hostSetsPerPriority()) { if (host_set->hosts().empty()) { continue; } for (const auto& host : host_set->hosts()) { std::string broker_address = host->address()->asString(); auto& filter_metadata = host->metadata()->filter_metadata(); const auto filter_it = filter_metadata.find(NetworkFilterNames::get().RocketmqProxy); ASSERT(filter_it != filter_metadata.end()); const auto& metadata_fields = filter_it->second.fields(); ASSERT(metadata_fields.contains(RocketmqConstants::get().BrokerName)); std::string broker_name = metadata_fields.at(RocketmqConstants::get().BrokerName).string_value(); ASSERT(metadata_fields.contains(RocketmqConstants::get().ClusterName)); std::string broker_cluster_name = metadata_fields.at(RocketmqConstants::get().ClusterName).string_value(); // Proto3 will ignore the field if the value is zero. int32_t read_queue_num = 0; if (metadata_fields.contains(RocketmqConstants::get().ReadQueueNum)) { read_queue_num = static_cast( metadata_fields.at(RocketmqConstants::get().WriteQueueNum).number_value()); } int32_t write_queue_num = 0; if (metadata_fields.contains(RocketmqConstants::get().WriteQueueNum)) { write_queue_num = static_cast( metadata_fields.at(RocketmqConstants::get().WriteQueueNum).number_value()); } int32_t perm = 0; if (metadata_fields.contains(RocketmqConstants::get().Perm)) { perm = static_cast( metadata_fields.at(RocketmqConstants::get().Perm).number_value()); } int32_t broker_id = 0; if (metadata_fields.contains(RocketmqConstants::get().BrokerId)) { broker_id = static_cast( metadata_fields.at(RocketmqConstants::get().BrokerId).number_value()); } queue_data_list.emplace_back(QueueData(broker_name, read_queue_num, write_queue_num, perm)); if (connection_manager_.config().developMode()) { ENVOY_LOG(trace, "Develop mode, return proxy address to replace all broker addresses so " "that L4 network rewrite is not required"); fillBrokerData(broker_data_list, broker_cluster_name, broker_name, broker_id, connection_manager_.config().proxyAddress()); } else { fillBrokerData(broker_data_list, broker_cluster_name, broker_name, broker_id, broker_address); } } } ENVOY_LOG(trace, "Prepare TopicRouteData for {} OK", topic_name); TopicRouteData topic_route_data(std::move(queue_data_list), std::move(broker_data_list)); ProtobufWkt::Struct data_struct; topic_route_data.encode(data_struct); std::string json = MessageUtil::getJsonStringFromMessage(data_struct); ENVOY_LOG(trace, "Serialize TopicRouteData for {} OK:\n{}", cluster_name, json); RemotingCommandPtr response = std::make_unique( static_cast(ResponseCode::Success), downstreamRequest()->version(), downstreamRequest()->opaque()); response->markAsResponse(); response->body().add(json); connection_manager_.sendResponseToDownstream(response); } else { onError("Cluster is not available"); ENVOY_LOG(warn, "Cluster for topic {} is not available", topic_name); } onReset(); } void ActiveMessage::onReset() { connection_manager_.deferredDelete(*this); } bool ActiveMessage::onUpstreamData(Envoy::Buffer::Instance& data, bool end_stream, ConnectionDataPtr& conn_data) { bool underflow = false; bool has_error = false; response_ = Decoder::decode(data, underflow, has_error, downstreamRequest()->code()); if (underflow && !end_stream) { ENVOY_LOG(trace, "Wait for more data from upstream"); return false; } if (enumToSignedInt(RequestCode::PopMessage) == request_->code() && router_ != nullptr) { recordPopRouteInfo(router_->upstreamHost()); } connection_manager_.stats().response_.inc(); if (!has_error) { connection_manager_.stats().response_decoding_success_.inc(); // Relay response to downstream sendResponseToDownstream(); } else { ENVOY_LOG(error, "Failed to decode response for opaque: {}, close immediately.", downstreamRequest()->opaque()); onError("Failed to decode response from upstream"); connection_manager_.stats().response_decoding_error_.inc(); conn_data->connection().close(Network::ConnectionCloseType::NoFlush); } if (end_stream) { conn_data->connection().close(Network::ConnectionCloseType::NoFlush); } return true; } void ActiveMessage::recordPopRouteInfo(Upstream::HostDescriptionConstSharedPtr host_description) { if (host_description) { auto host_metadata = host_description->metadata(); auto filter_metadata = host_metadata->filter_metadata(); const auto filter_it = filter_metadata.find(NetworkFilterNames::get().RocketmqProxy); ASSERT(filter_it != filter_metadata.end()); const auto& metadata_fields = filter_it->second.fields(); ASSERT(metadata_fields.contains(RocketmqConstants::get().BrokerName)); std::string broker_name = metadata_fields.at(RocketmqConstants::get().BrokerName).string_value(); // Proto3 will ignore the field if the value is zero. int32_t broker_id = 0; if (metadata_fields.contains(RocketmqConstants::get().BrokerId)) { broker_id = static_cast( metadata_fields.at(RocketmqConstants::get().BrokerId).number_value()); } // Tag the request with upstream host metadata: broker-name, broker-id auto custom_header = request_->typedCustomHeader(); custom_header->targetBrokerName(broker_name); custom_header->targetBrokerId(broker_id); } } void ActiveMessage::updateActiveRequestStats(bool is_inc) { if (is_inc) { connection_manager_.stats().request_active_.inc(); } else { connection_manager_.stats().request_active_.dec(); } auto code = static_cast(request_->code()); switch (code) { case RequestCode::PopMessage: { if (is_inc) { connection_manager_.stats().pop_message_active_.inc(); } else { connection_manager_.stats().pop_message_active_.dec(); } break; } case RequestCode::SendMessage: { if (is_inc) { connection_manager_.stats().send_message_v1_active_.inc(); } else { connection_manager_.stats().send_message_v1_active_.dec(); } break; } case RequestCode::SendMessageV2: { if (is_inc) { connection_manager_.stats().send_message_v2_active_.inc(); } else { connection_manager_.stats().send_message_v2_active_.dec(); } break; } case RequestCode::GetRouteInfoByTopic: { if (is_inc) { connection_manager_.stats().get_topic_route_active_.inc(); } else { connection_manager_.stats().get_topic_route_active_.dec(); } break; } default: break; } } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/active_message.h ================================================ #pragma once #include "envoy/event/deferred_deletable.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" #include "common/buffer/buffer_impl.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "extensions/filters/network/rocketmq_proxy/codec.h" #include "extensions/filters/network/rocketmq_proxy/protocol.h" #include "extensions/filters/network/rocketmq_proxy/router/router.h" #include "extensions/filters/network/rocketmq_proxy/topic_route.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class ConnectionManager; /** * ActiveMessage represents an in-flight request from downstream that has not yet received response * from upstream. */ class ActiveMessage : public LinkedObject, public Event::DeferredDeletable, Logger::Loggable { public: ActiveMessage(ConnectionManager& conn_manager, RemotingCommandPtr&& request); ~ActiveMessage() override; /** * Set up filter-chain according to configuration from bootstrap config file and dynamic * configuration items from Pilot. */ void createFilterChain(); /** * Relay requests from downstream to upstream cluster. If the target cluster is absent at the * moment, it triggers cluster discovery service request and mark awaitCluster as true. * ClusterUpdateCallback will process requests marked await-cluster once the target cluster is * in place. */ void sendRequestToUpstream(); const RemotingCommandPtr& downstreamRequest() const; /** * Parse pop response and insert ack route directive such that ack requests will be forwarded to * the same broker host from which messages are popped. * @param buffer Pop response body. * @param group Consumer group name. * @param topic Topic from which messages are popped * @param directive ack route directive */ virtual void fillAckMessageDirective(Buffer::Instance& buffer, const std::string& group, const std::string& topic, const AckMessageDirective& directive); virtual void sendResponseToDownstream(); void onQueryTopicRoute(); virtual void onError(absl::string_view error_message); ConnectionManager& connectionManager() { return connection_manager_; } virtual void onReset(); bool onUpstreamData(Buffer::Instance& data, bool end_stream, Tcp::ConnectionPool::ConnectionDataPtr& conn_data); virtual MessageMetadataSharedPtr metadata() const { return metadata_; } virtual Router::RouteConstSharedPtr route(); void recordPopRouteInfo(Upstream::HostDescriptionConstSharedPtr host_description); static void fillBrokerData(std::vector& list, const std::string& cluster, const std::string& broker_name, int64_t broker_id, const std::string& address); private: ConnectionManager& connection_manager_; RemotingCommandPtr request_; RemotingCommandPtr response_; MessageMetadataSharedPtr metadata_; Router::RouterPtr router_; absl::optional cached_route_; void updateActiveRequestStats(bool is_inc = true); }; using ActiveMessagePtr = std::unique_ptr; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/codec.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/codec.h" #include #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" #include "common/common/logger.h" #include "extensions/filters/network/rocketmq_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { RemotingCommandPtr Decoder::decode(Buffer::Instance& buffer, bool& underflow, bool& has_error, int request_code) { // Verify there is at least some bits, which stores frame length and header length if (buffer.length() <= MIN_FRAME_SIZE) { underflow = true; return nullptr; } auto frame_length = buffer.peekBEInt(); if (frame_length > MAX_FRAME_SIZE) { has_error = true; return nullptr; } if (buffer.length() < frame_length) { underflow = true; return nullptr; } buffer.drain(FRAME_LENGTH_FIELD_SIZE); auto mark = buffer.peekBEInt(); uint32_t header_length = adjustHeaderLength(mark); if (frame_length < header_length + FRAME_HEADER_LENGTH_FIELD_SIZE) { // There is an error in frame_length. // Make sure body_length is non-negative. has_error = true; return nullptr; } buffer.drain(FRAME_HEADER_LENGTH_FIELD_SIZE); uint32_t body_length = frame_length - FRAME_HEADER_LENGTH_FIELD_SIZE - header_length; ENVOY_LOG(debug, "Request/Response Frame Meta: Frame Length = {}, Header Length = {}, Body Length = {}", frame_length, header_length, body_length); Buffer::OwnedImpl header_buffer; header_buffer.move(buffer, header_length); std::string header_json = header_buffer.toString(); ENVOY_LOG(trace, "Request/Response Header JSON: {}", header_json); int32_t code, version, opaque; uint32_t flag; if (isJsonHeader(mark)) { ProtobufWkt::Struct header_struct; // Parse header JSON text try { MessageUtil::loadFromJson(header_json, header_struct); } catch (std::exception& e) { has_error = true; ENVOY_LOG(error, "Failed to parse header JSON: {}. Error message: {}", header_json, e.what()); return nullptr; } const auto& filed_value_pair = header_struct.fields(); if (!filed_value_pair.contains("code")) { ENVOY_LOG(error, "Malformed frame: 'code' field is missing. Header JSON: {}", header_json); has_error = true; return nullptr; } code = filed_value_pair.at("code").number_value(); if (!filed_value_pair.contains("version")) { ENVOY_LOG(error, "Malformed frame: 'version' field is missing. Header JSON: {}", header_json); has_error = true; return nullptr; } version = filed_value_pair.at("version").number_value(); if (!filed_value_pair.contains("opaque")) { ENVOY_LOG(error, "Malformed frame: 'opaque' field is missing. Header JSON: {}", header_json); has_error = true; return nullptr; } opaque = filed_value_pair.at("opaque").number_value(); if (!filed_value_pair.contains("flag")) { ENVOY_LOG(error, "Malformed frame: 'flag' field is missing. Header JSON: {}", header_json); has_error = true; return nullptr; } flag = filed_value_pair.at("flag").number_value(); RemotingCommandPtr cmd = std::make_unique(code, version, opaque); cmd->flag(flag); if (filed_value_pair.contains("language")) { cmd->language(filed_value_pair.at("language").string_value()); } if (filed_value_pair.contains("serializeTypeCurrentRPC")) { cmd->serializeTypeCurrentRPC(filed_value_pair.at("serializeTypeCurrentRPC").string_value()); } cmd->body_.move(buffer, body_length); if (RemotingCommand::isResponse(flag)) { if (filed_value_pair.contains("remark")) { cmd->remark(filed_value_pair.at("remark").string_value()); } cmd->custom_header_ = decodeResponseExtHeader(static_cast(code), header_struct, static_cast(request_code)); } else { cmd->custom_header_ = decodeExtHeader(static_cast(code), header_struct); } return cmd; } else { ENVOY_LOG(warn, "Unsupported header serialization type"); has_error = true; return nullptr; } } bool Decoder::isComplete(Buffer::Instance& buffer, int32_t cursor) { if (buffer.length() - cursor < 4) { // buffer is definitely incomplete. return false; } auto total_size = buffer.peekBEInt(cursor); return buffer.length() - cursor >= static_cast(total_size); } std::string Decoder::decodeTopic(Buffer::Instance& buffer, int32_t cursor) { if (!isComplete(buffer, cursor)) { return EMPTY_STRING; } auto magic_code = buffer.peekBEInt(cursor + 4); MessageVersion message_version = V1; if (enumToSignedInt(MessageVersion::V1) == magic_code) { message_version = V1; } else if (enumToSignedInt(MessageVersion::V2) == magic_code) { message_version = V2; } int32_t offset = 4 /* total size */ + 4 /* magic code */ + 4 /* body CRC */ + 4 /* queue Id */ + 4 /* flag */ + 8 /* queue offset */ + 8 /* physical offset */ + 4 /* sys flag */ + 8 /* born timestamp */ + 4 /* born host */ + 4 /* born host port */ + 8 /* store timestamp */ + 4 /* store host */ + 4 /* store host port */ + 4 /* re-consume times */ + 8 /* transaction offset */ ; auto body_size = buffer.peekBEInt(cursor + offset); offset += 4 /* body size */ + body_size /* body */; int32_t topic_length; std::string topic; switch (message_version) { case V1: { topic_length = buffer.peekBEInt(cursor + offset); topic.reserve(topic_length); topic.resize(topic_length); buffer.copyOut(cursor + offset + sizeof(int8_t), topic_length, &topic[0]); break; } case V2: { topic_length = buffer.peekBEInt(cursor + offset); topic.reserve(topic_length); topic.resize(topic_length); buffer.copyOut(cursor + offset + sizeof(int16_t), topic_length, &topic[0]); break; } } return topic; } int32_t Decoder::decodeQueueId(Buffer::Instance& buffer, int32_t cursor) { if (!isComplete(buffer, cursor)) { return -1; } int32_t offset = 4 /* total size */ + 4 /* magic code */ + 4 /* body CRC */; return buffer.peekBEInt(cursor + offset); } int64_t Decoder::decodeQueueOffset(Buffer::Instance& buffer, int32_t cursor) { if (!isComplete(buffer, cursor)) { return -1; } int32_t offset = 4 /* total size */ + 4 /* magic code */ + 4 /* body CRC */ + 4 /* queue Id */ + 4 /* flag */; return buffer.peekBEInt(cursor + offset); } std::string Decoder::decodeMsgId(Buffer::Instance& buffer, int32_t cursor) { if (!isComplete(buffer, cursor)) { return EMPTY_STRING; } int32_t offset = 4 /* total size */ + 4 /* magic code */ + 4 /* body CRC */ + 4 /* queue Id */ + 4 /* flag */ + 8 /* queue offset */; auto physical_offset = buffer.peekBEInt(cursor + offset); offset += 8 /* physical offset */ + 4 /* sys flag */ + 8 /* born timestamp */ + 4 /* born host */ + 4 /* born host port */ + 8 /* store timestamp */ ; Buffer::OwnedImpl msg_id_buffer; msg_id_buffer.writeBEInt(buffer.peekBEInt(cursor + offset)); msg_id_buffer.writeBEInt(physical_offset); std::string msg_id; msg_id.reserve(32); for (uint64_t i = 0; i < msg_id_buffer.length(); i++) { auto c = msg_id_buffer.peekBEInt(); msg_id.append(1, static_cast(c >> 4U)); msg_id.append(1, static_cast(c & 0xFU)); } return msg_id; } CommandCustomHeaderPtr Decoder::decodeExtHeader(RequestCode code, ProtobufWkt::Struct& header_struct) { const auto& filed_value_pair = header_struct.fields(); switch (code) { case RequestCode::SendMessage: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto send_msg_ext_header = new SendMessageRequestHeader(); send_msg_ext_header->version_ = SendMessageRequestVersion::V1; send_msg_ext_header->decode(ext_fields); return send_msg_ext_header; } case RequestCode::SendMessageV2: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto send_msg_ext_header = new SendMessageRequestHeader(); send_msg_ext_header->version_ = SendMessageRequestVersion::V2; send_msg_ext_header->decode(ext_fields); return send_msg_ext_header; } case RequestCode::GetRouteInfoByTopic: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto get_route_info_request_header = new GetRouteInfoRequestHeader(); get_route_info_request_header->decode(ext_fields); return get_route_info_request_header; } case RequestCode::UnregisterClient: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto unregister_client_request_header = new UnregisterClientRequestHeader(); unregister_client_request_header->decode(ext_fields); return unregister_client_request_header; } case RequestCode::GetConsumerListByGroup: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto get_consumer_list_by_group_request_header = new GetConsumerListByGroupRequestHeader(); get_consumer_list_by_group_request_header->decode(ext_fields); return get_consumer_list_by_group_request_header; } case RequestCode::PopMessage: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto pop_message_request_header = new PopMessageRequestHeader(); pop_message_request_header->decode(ext_fields); return pop_message_request_header; } case RequestCode::AckMessage: { ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); auto ack_message_request_header = new AckMessageRequestHeader(); ack_message_request_header->decode(ext_fields); return ack_message_request_header; } case RequestCode::HeartBeat: { // Heartbeat does not have an extended header. return nullptr; } default: ENVOY_LOG(warn, "Unsupported request code: {}", static_cast(code)); return nullptr; } } CommandCustomHeaderPtr Decoder::decodeResponseExtHeader(ResponseCode response_code, ProtobufWkt::Struct& header_struct, RequestCode request_code) { // No need to decode a failed response. if (response_code != ResponseCode::Success && response_code != ResponseCode::ReplicaNotAvailable) { return nullptr; } const auto& filed_value_pair = header_struct.fields(); switch (request_code) { case RequestCode::SendMessage: case RequestCode::SendMessageV2: { auto send_message_response_header = new SendMessageResponseHeader(); ASSERT(filed_value_pair.contains("extFields")); auto& ext_fields = filed_value_pair.at("extFields"); send_message_response_header->decode(ext_fields); return send_message_response_header; } case RequestCode::PopMessage: { auto pop_message_response_header = new PopMessageResponseHeader(); ASSERT(filed_value_pair.contains("extFields")); const auto& ext_fields = filed_value_pair.at("extFields"); pop_message_response_header->decode(ext_fields); return pop_message_response_header; } default: return nullptr; } } void Encoder::encode(const RemotingCommandPtr& command, Buffer::Instance& data) { ProtobufWkt::Struct command_struct; auto* fields = command_struct.mutable_fields(); ProtobufWkt::Value code_v; code_v.set_number_value(command->code_); (*fields)["code"] = code_v; ProtobufWkt::Value language_v; language_v.set_string_value(command->language()); (*fields)["language"] = language_v; ProtobufWkt::Value version_v; version_v.set_number_value(command->version_); (*fields)["version"] = version_v; ProtobufWkt::Value opaque_v; opaque_v.set_number_value(command->opaque_); (*fields)["opaque"] = opaque_v; ProtobufWkt::Value flag_v; flag_v.set_number_value(command->flag_); (*fields)["flag"] = flag_v; if (!command->remark_.empty()) { ProtobufWkt::Value remark_v; remark_v.set_string_value(command->remark_); (*fields)["remark"] = remark_v; } ProtobufWkt::Value serialization_type_v; serialization_type_v.set_string_value(command->serializeTypeCurrentRPC()); (*fields)["serializeTypeCurrentRPC"] = serialization_type_v; if (command->custom_header_) { ProtobufWkt::Value ext_fields_v; command->custom_header_->encode(ext_fields_v); (*fields)["extFields"] = ext_fields_v; } std::string json = MessageUtil::getJsonStringFromMessage(command_struct); int32_t frame_length = 4; int32_t header_length = json.size(); frame_length += header_length; frame_length += command->bodyLength(); data.writeBEInt(frame_length); data.writeBEInt(header_length); data.add(json); // add body if (command->bodyLength() > 0) { data.add(command->body()); } } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/codec.h ================================================ #pragma once #include #include #include #include "envoy/common/platform.h" #include "envoy/network/filter.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/protobuf/utility.h" #include "extensions/filters/network/rocketmq_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { enum MessageVersion : uint32_t { V1 = (0xAABBCCDDU ^ 1880681586U) + 8U, V2 = (0xAABBCCDDU ^ 1880681586U) + 4U }; class Decoder : Logger::Loggable { public: Decoder() = default; ~Decoder() = default; /** * @param buffer Data buffer to decode. * @param underflow Indicate if buffer contains enough data in terms of protocol frame. * @param has_error Indicate if the decoding is successful or not. * @param request_code Corresponding request code if applies. * @return Decoded remote command. */ static RemotingCommandPtr decode(Buffer::Instance& buffer, bool& underflow, bool& has_error, int request_code = 0); static std::string decodeTopic(Buffer::Instance& buffer, int32_t cursor); static int32_t decodeQueueId(Buffer::Instance& buffer, int32_t cursor); static int64_t decodeQueueOffset(Buffer::Instance& buffer, int32_t cursor); static std::string decodeMsgId(Buffer::Instance& buffer, int32_t cursor); static constexpr uint32_t MIN_FRAME_SIZE = 8; static constexpr uint32_t MAX_FRAME_SIZE = 4 * 1024 * 1024; static constexpr uint32_t FRAME_LENGTH_FIELD_SIZE = 4; static constexpr uint32_t FRAME_HEADER_LENGTH_FIELD_SIZE = 4; private: static uint32_t adjustHeaderLength(uint32_t len) { return len & 0xFFFFFFu; } static bool isJsonHeader(uint32_t len) { return (len >> 24u) == 0; } static CommandCustomHeaderPtr decodeExtHeader(RequestCode code, ProtobufWkt::Struct& header_struct); static CommandCustomHeaderPtr decodeResponseExtHeader(ResponseCode response_code, ProtobufWkt::Struct& header_struct, RequestCode request_code); static bool isComplete(Buffer::Instance& buffer, int32_t cursor); }; class Encoder { public: static void encode(const RemotingCommandPtr& command, Buffer::Instance& buffer); }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/config.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/config.h" #include #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "extensions/filters/network/rocketmq_proxy/stats.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { namespace rocketmq_config = envoy::extensions::filters::network::rocketmq_proxy::v3; Network::FilterFactoryCb RocketmqProxyFilterConfigFactory::createFilterFactoryFromProtoTyped( const rocketmq_config::RocketmqProxy& proto_config, Server::Configuration::FactoryContext& context) { std::shared_ptr filter_config = std::make_shared(proto_config, context); return [filter_config, &context](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter( std::make_shared(*filter_config, context.dispatcher().timeSource())); }; } REGISTER_FACTORY(RocketmqProxyFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); ConfigImpl::ConfigImpl(const RocketmqProxyConfig& config, Server::Configuration::FactoryContext& context) : context_(context), stats_prefix_(fmt::format("rocketmq.{}.", config.stat_prefix())), stats_(RocketmqFilterStats::generateStats(stats_prefix_, context_.scope())), route_matcher_(new Router::RouteMatcher(config.route_config())), develop_mode_(config.develop_mode()), transient_object_life_span_(PROTOBUF_GET_MS_OR_DEFAULT(config, transient_object_life_span, TransientObjectLifeSpan)) {} std::string ConfigImpl::proxyAddress() { const LocalInfo::LocalInfo& localInfo = context_.getServerFactoryContext().localInfo(); Network::Address::InstanceConstSharedPtr address = localInfo.address(); if (address->type() == Network::Address::Type::Ip) { const std::string& ip = address->ip()->addressAsString(); std::string proxyAddr{ip}; if (address->ip()->port()) { return proxyAddr.append(":").append(std::to_string(address->ip()->port())); } else { ENVOY_LOG(trace, "Local info does not have port specified, defaulting to 10000"); return proxyAddr.append(":10000"); } } return address->asString(); } Router::RouteConstSharedPtr ConfigImpl::route(const MessageMetadata& metadata) const { return route_matcher_->route(metadata); } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/config.h ================================================ #pragma once #include #include #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "extensions/filters/network/rocketmq_proxy/router/route_matcher.h" #include "extensions/filters/network/rocketmq_proxy/router/router_impl.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class RocketmqProxyFilterConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::rocketmq_proxy::v3::RocketmqProxy> { public: RocketmqProxyFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().RocketmqProxy, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::rocketmq_proxy::v3::RocketmqProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; class ConfigImpl : public Config, public Router::Config, Logger::Loggable { public: using RocketmqProxyConfig = envoy::extensions::filters::network::rocketmq_proxy::v3::RocketmqProxy; ConfigImpl(const RocketmqProxyConfig& config, Server::Configuration::FactoryContext& context); ~ConfigImpl() override = default; // Config RocketmqFilterStats& stats() override { return stats_; } Upstream::ClusterManager& clusterManager() override { return context_.clusterManager(); } Router::RouterPtr createRouter() override { return std::make_unique(context_.clusterManager()); } bool developMode() const override { return develop_mode_; } std::chrono::milliseconds transientObjectLifeSpan() const override { return transient_object_life_span_; } std::string proxyAddress() override; Router::Config& routerConfig() override { return *this; } // Router::Config Router::RouteConstSharedPtr route(const MessageMetadata& metadata) const override; private: Server::Configuration::FactoryContext& context_; const std::string stats_prefix_; RocketmqFilterStats stats_; Router::RouteMatcherPtr route_matcher_; const bool develop_mode_; std::chrono::milliseconds transient_object_life_span_; static constexpr uint64_t TransientObjectLifeSpan = 30 * 1000; }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/conn_manager.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "common/common/enum_to_int.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { ConsumerGroupMember::ConsumerGroupMember(absl::string_view client_id, ConnectionManager& conn_manager) : client_id_(client_id.data(), client_id.size()), connection_manager_(&conn_manager), last_(connection_manager_->time_source_.monotonicTime()) {} void ConsumerGroupMember::refresh() { last_ = connection_manager_->time_source_.monotonicTime(); } bool ConsumerGroupMember::expired() const { auto duration = connection_manager_->time_source_.monotonicTime() - last_; return std::chrono::duration_cast(duration).count() > connection_manager_->config().transientObjectLifeSpan().count(); } ConnectionManager::ConnectionManager(Config& config, TimeSource& time_source) : config_(config), time_source_(time_source), stats_(config.stats()) {} Envoy::Network::FilterStatus ConnectionManager::onData(Envoy::Buffer::Instance& data, bool end_stream) { ENVOY_CONN_LOG(trace, "rocketmq_proxy: received {} bytes.", read_callbacks_->connection(), data.length()); request_buffer_.move(data); dispatch(); if (end_stream) { resetAllActiveMessages("Connection to downstream is closed"); read_callbacks_->connection().close(Envoy::Network::ConnectionCloseType::FlushWrite); } return Network::FilterStatus::StopIteration; } void ConnectionManager::dispatch() { if (request_buffer_.length() < Decoder::MIN_FRAME_SIZE) { ENVOY_CONN_LOG(warn, "rocketmq_proxy: request buffer length is less than min frame size: {}", read_callbacks_->connection(), request_buffer_.length()); return; } bool underflow = false; bool has_decode_error = false; while (!underflow) { RemotingCommandPtr request = Decoder::decode(request_buffer_, underflow, has_decode_error); if (underflow) { // Wait for more data break; } stats_.request_.inc(); // Decode error, we need to close connection immediately. if (has_decode_error) { ENVOY_CONN_LOG(error, "Failed to decode request, close connection immediately", read_callbacks_->connection()); stats_.request_decoding_error_.inc(); resetAllActiveMessages("Failed to decode data from downstream. Close connection immediately"); read_callbacks_->connection().close(Envoy::Network::ConnectionCloseType::FlushWrite); return; } else { stats_.request_decoding_success_.inc(); } switch (static_cast(request->code())) { case RequestCode::GetRouteInfoByTopic: { ENVOY_CONN_LOG(trace, "GetTopicRoute request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onGetTopicRoute(std::move(request)); } break; case RequestCode::UnregisterClient: { ENVOY_CONN_LOG(trace, "process unregister client request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onUnregisterClient(std::move(request)); } break; case RequestCode::SendMessage: { ENVOY_CONN_LOG(trace, "SendMessage request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onSendMessage(std::move(request)); stats_.send_message_v1_.inc(); } break; case RequestCode::SendMessageV2: { ENVOY_CONN_LOG(trace, "SendMessage request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onSendMessage(std::move(request)); stats_.send_message_v2_.inc(); } break; case RequestCode::GetConsumerListByGroup: { ENVOY_CONN_LOG(trace, "GetConsumerListByGroup request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onGetConsumerListByGroup(std::move(request)); } break; case RequestCode::PopMessage: { ENVOY_CONN_LOG(trace, "PopMessage request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onPopMessage(std::move(request)); stats_.pop_message_.inc(); } break; case RequestCode::AckMessage: { ENVOY_CONN_LOG(trace, "AckMessage request, code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); onAckMessage(std::move(request)); stats_.ack_message_.inc(); } break; case RequestCode::HeartBeat: { ENVOY_CONN_LOG(trace, "Heartbeat request, opaque: {}", read_callbacks_->connection(), request->opaque()); onHeartbeat(std::move(request)); } break; default: { ENVOY_CONN_LOG(warn, "Request code {} not supported yet", read_callbacks_->connection(), request->code()); std::string error_msg("Request not supported"); onError(request, error_msg); } break; } } } void ConnectionManager::purgeDirectiveTable() { auto current = time_source_.monotonicTime(); for (auto it = ack_directive_table_.begin(); it != ack_directive_table_.end();) { auto duration = current - it->second.creation_time_; if (std::chrono::duration_cast(duration).count() > config_.transientObjectLifeSpan().count()) { ack_directive_table_.erase(it++); } else { it++; } } } void ConnectionManager::sendResponseToDownstream(RemotingCommandPtr& response) { Buffer::OwnedImpl buffer; Encoder::encode(response, buffer); if (read_callbacks_->connection().state() == Network::Connection::State::Open) { ENVOY_CONN_LOG(trace, "Write response to downstream. Opaque: {}", read_callbacks_->connection(), response->opaque()); read_callbacks_->connection().write(buffer, false); } else { ENVOY_CONN_LOG(error, "Send response to downstream failed as connection is no longer open", read_callbacks_->connection()); } } void ConnectionManager::onGetTopicRoute(RemotingCommandPtr request) { createActiveMessage(request).onQueryTopicRoute(); stats_.get_topic_route_.inc(); } void ConnectionManager::onHeartbeat(RemotingCommandPtr request) { const std::string& body = request->body().toString(); purgeDirectiveTable(); ProtobufWkt::Struct body_struct; try { MessageUtil::loadFromJson(body, body_struct); } catch (std::exception& e) { ENVOY_LOG(warn, "Failed to decode heartbeat body. Error message: {}", e.what()); return; } HeartbeatData heartbeatData; if (!heartbeatData.decode(body_struct)) { ENVOY_LOG(warn, "Failed to decode heartbeat data"); return; } for (const auto& group : heartbeatData.consumerGroups()) { addOrUpdateGroupMember(group, heartbeatData.clientId()); } RemotingCommandPtr response = std::make_unique(); response->code(enumToSignedInt(ResponseCode::Success)); response->opaque(request->opaque()); response->remark("Heartbeat OK"); response->markAsResponse(); sendResponseToDownstream(response); stats_.heartbeat_.inc(); } void ConnectionManager::addOrUpdateGroupMember(absl::string_view group, absl::string_view client_id) { ENVOY_LOG(trace, "#addOrUpdateGroupMember. Group: {}, client ID: {}", group, client_id); auto search = group_members_.find(std::string(group.data(), group.length())); if (search == group_members_.end()) { std::vector members; members.emplace_back(ConsumerGroupMember(client_id, *this)); group_members_.emplace(std::string(group.data(), group.size()), members); } else { std::vector& members = search->second; for (auto it = members.begin(); it != members.end();) { if (it->clientId() == client_id) { it->refresh(); ++it; } else if (it->expired()) { it = members.erase(it); } else { ++it; } } if (members.empty()) { group_members_.erase(search); } } } void ConnectionManager::onUnregisterClient(RemotingCommandPtr request) { auto header = request->typedCustomHeader(); ASSERT(header != nullptr); ASSERT(!header->clientId().empty()); ENVOY_LOG(trace, "Unregister client ID: {}, producer group: {}, consumer group: {}", header->clientId(), header->producerGroup(), header->consumerGroup()); if (!header->consumerGroup().empty()) { auto search = group_members_.find(header->consumerGroup()); if (search != group_members_.end()) { std::vector& members = search->second; for (auto it = members.begin(); it != members.end();) { if (it->clientId() == header->clientId()) { it = members.erase(it); } else if (it->expired()) { it = members.erase(it); } else { ++it; } } if (members.empty()) { group_members_.erase(search); } } } RemotingCommandPtr response = std::make_unique( enumToSignedInt(ResponseCode::Success), request->version(), request->opaque()); response->markAsResponse(); response->remark("Envoy unregister client OK."); sendResponseToDownstream(response); stats_.unregister_.inc(); } void ConnectionManager::onError(RemotingCommandPtr& request, absl::string_view error_msg) { Buffer::OwnedImpl buffer; RemotingCommandPtr response = std::make_unique(); response->markAsResponse(); response->opaque(request->opaque()); response->code(enumToSignedInt(ResponseCode::SystemError)); response->remark(error_msg); sendResponseToDownstream(response); } void ConnectionManager::onSendMessage(RemotingCommandPtr request) { ENVOY_CONN_LOG(trace, "#onSendMessage, opaque: {}", read_callbacks_->connection(), request->opaque()); auto header = request->typedCustomHeader(); header->queueId(-1); createActiveMessage(request).sendRequestToUpstream(); } void ConnectionManager::onGetConsumerListByGroup(RemotingCommandPtr request) { auto requestExtHeader = request->typedCustomHeader(); ASSERT(requestExtHeader != nullptr); ASSERT(!requestExtHeader->consumerGroup().empty()); ENVOY_LOG(trace, "#onGetConsumerListByGroup, consumer group: {}", requestExtHeader->consumerGroup()); auto search = group_members_.find(requestExtHeader->consumerGroup()); GetConsumerListByGroupResponseBody getConsumerListByGroupResponseBody; if (search != group_members_.end()) { std::vector& members = search->second; std::sort(members.begin(), members.end()); for (const auto& member : members) { getConsumerListByGroupResponseBody.add(member.clientId()); } } else { ENVOY_LOG(warn, "There is no consumer belongs to consumer_group: {}", requestExtHeader->consumerGroup()); } ProtobufWkt::Struct body_struct; getConsumerListByGroupResponseBody.encode(body_struct); RemotingCommandPtr response = std::make_unique( enumToSignedInt(ResponseCode::Success), request->version(), request->opaque()); response->markAsResponse(); std::string json = MessageUtil::getJsonStringFromMessage(body_struct); response->body().add(json); ENVOY_LOG(trace, "GetConsumerListByGroup respond with body: {}", json); sendResponseToDownstream(response); stats_.get_consumer_list_.inc(); } void ConnectionManager::onPopMessage(RemotingCommandPtr request) { auto header = request->typedCustomHeader(); ASSERT(header != nullptr); ENVOY_LOG(trace, "#onPopMessage. Consumer group: {}, topic: {}", header->consumerGroup(), header->topic()); createActiveMessage(request).sendRequestToUpstream(); } void ConnectionManager::onAckMessage(RemotingCommandPtr request) { auto header = request->typedCustomHeader(); ASSERT(header != nullptr); ENVOY_LOG( trace, "#onAckMessage. Consumer group: {}, topic: {}, queue Id: {}, offset: {}, extra-info: {}", header->consumerGroup(), header->topic(), header->queueId(), header->offset(), header->extraInfo()); // Fill the target broker_name and broker_id routing directive auto it = ack_directive_table_.find(header->directiveKey()); if (it == ack_directive_table_.end()) { ENVOY_LOG(warn, "There was no previous ack directive available, which is unexpected"); onError(request, "No ack directive is found"); return; } header->targetBrokerName(it->second.broker_name_); header->targetBrokerId(it->second.broker_id_); createActiveMessage(request).sendRequestToUpstream(); } ActiveMessage& ConnectionManager::createActiveMessage(RemotingCommandPtr& request) { ENVOY_CONN_LOG(trace, "ConnectionManager#createActiveMessage. Code: {}, opaque: {}", read_callbacks_->connection(), request->code(), request->opaque()); ActiveMessagePtr active_message = std::make_unique(*this, std::move(request)); LinkedList::moveIntoList(std::move(active_message), active_message_list_); return **active_message_list_.begin(); } void ConnectionManager::deferredDelete(ActiveMessage& active_message) { read_callbacks_->connection().dispatcher().deferredDelete( active_message.removeFromList(active_message_list_)); } void ConnectionManager::resetAllActiveMessages(absl::string_view error_msg) { while (!active_message_list_.empty()) { ENVOY_CONN_LOG(warn, "Reset pending request {} due to error: {}", read_callbacks_->connection(), active_message_list_.front()->downstreamRequest()->opaque(), error_msg); active_message_list_.front()->onReset(); stats_.response_error_.inc(); } } Envoy::Network::FilterStatus ConnectionManager::onNewConnection() { return Network::FilterStatus::Continue; } void ConnectionManager::initializeReadFilterCallbacks( Envoy::Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/conn_manager.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "envoy/upstream/thread_local_cluster.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/filters/network/rocketmq_proxy/active_message.h" #include "extensions/filters/network/rocketmq_proxy/codec.h" #include "extensions/filters/network/rocketmq_proxy/stats.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class Config { public: virtual ~Config() = default; virtual RocketmqFilterStats& stats() PURE; virtual Upstream::ClusterManager& clusterManager() PURE; virtual Router::RouterPtr createRouter() PURE; /** * Indicate whether this proxy is running in development mode. If true, this proxy plugin may * work without dedicated traffic intercepting facility without considering backward * compatibility. * @return true when in development mode; false otherwise. */ virtual bool developMode() const PURE; virtual std::string proxyAddress() PURE; virtual Router::Config& routerConfig() PURE; virtual std::chrono::milliseconds transientObjectLifeSpan() const PURE; }; class ConnectionManager; /** * This class is to ensure legacy RocketMQ SDK works. Heartbeat between client SDK and envoy is not * necessary any more and should be removed once the lite SDK is in-place. */ class ConsumerGroupMember { public: ConsumerGroupMember(absl::string_view client_id, ConnectionManager& conn_manager); bool operator==(const ConsumerGroupMember& other) const { return client_id_ == other.client_id_; } bool operator<(const ConsumerGroupMember& other) const { return client_id_ < other.client_id_; } void refresh(); bool expired() const; absl::string_view clientId() const { return client_id_; } void setLastForTest(MonotonicTime tp) { last_ = tp; } private: std::string client_id_; ConnectionManager* connection_manager_; MonotonicTime last_; }; class ConnectionManager : public Network::ReadFilter, Logger::Loggable { public: ConnectionManager(Config& config, TimeSource& time_source); ~ConnectionManager() override = default; /** * Called when data is read on the connection. * @param data supplies the read data which may be modified. * @param end_stream supplies whether this is the last byte on the connection. This will only * be set if the connection has half-close semantics enabled. * @return status used by the filter manager to manage further filter iteration. */ Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; /** * Called when a connection is first established. Filters should do one time long term processing * that needs to be done when a connection is established. Filter chain iteration can be stopped * if needed. * @return status used by the filter manager to manage further filter iteration. */ Network::FilterStatus onNewConnection() override; /** * Initializes the read filter callbacks used to interact with the filter manager. It will be * called by the filter manager a single time when the filter is first registered. Thus, any * construction that requires the backing connection should take place in the context of this * function. * * IMPORTANT: No outbound networking or complex processing should be done in this function. * That should be done in the context of onNewConnection() if needed. * * @param callbacks supplies the callbacks. */ void initializeReadFilterCallbacks(Network::ReadFilterCallbacks&) override; /** * Send response to downstream either when envoy proxy has received result from upstream hosts or * the proxy itself may serve the request. * @param response Response to write to downstream with identical opaque number. */ void sendResponseToDownstream(RemotingCommandPtr& response); void onGetTopicRoute(RemotingCommandPtr request); /** * Called when downstream sends heartbeat requests. * @param request heartbeat request from downstream */ void onHeartbeat(RemotingCommandPtr request); void addOrUpdateGroupMember(absl::string_view group, absl::string_view client_id); void onUnregisterClient(RemotingCommandPtr request); void onError(RemotingCommandPtr& request, absl::string_view error_msg); void onSendMessage(RemotingCommandPtr request); void onGetConsumerListByGroup(RemotingCommandPtr request); void onPopMessage(RemotingCommandPtr request); void onAckMessage(RemotingCommandPtr request); ActiveMessage& createActiveMessage(RemotingCommandPtr& request); void deferredDelete(ActiveMessage& active_message); void resetAllActiveMessages(absl::string_view error_msg); Config& config() { return config_; } RocketmqFilterStats& stats() { return stats_; } absl::flat_hash_map>& groupMembersForTest() { return group_members_; } std::list& activeMessageList() { return active_message_list_; } void insertAckDirective(const std::string& key, const AckMessageDirective& directive) { ack_directive_table_.insert(std::make_pair(key, directive)); } void eraseAckDirective(const std::string& key) { auto it = ack_directive_table_.find(key); if (it != ack_directive_table_.end()) { ack_directive_table_.erase(it); } } TimeSource& timeSource() const { return time_source_; } const absl::flat_hash_map& getAckDirectiveTableForTest() const { return ack_directive_table_; } friend class ConsumerGroupMember; private: /** * Dispatch incoming requests from downstream to run through filter chains. */ void dispatch(); /** * Invoked by heartbeat to purge deprecated ack_directive entries. */ void purgeDirectiveTable(); Network::ReadFilterCallbacks* read_callbacks_{}; Buffer::OwnedImpl request_buffer_; Config& config_; TimeSource& time_source_; RocketmqFilterStats& stats_; std::list active_message_list_; absl::flat_hash_map> group_members_; /** * Message unique key to message acknowledge directive mapping. * Acknowledge requests first consult this table to determine which host in the cluster to go. */ absl::flat_hash_map ack_directive_table_; }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/metadata.h ================================================ #pragma once #include #include "common/http/header_map_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class MessageMetadata { public: MessageMetadata() = default; void setOneWay(bool oneway) { is_oneway_ = oneway; } bool isOneWay() const { return is_oneway_; } bool hasTopicName() const { return topic_name_.has_value(); } const std::string& topicName() const { return topic_name_.value(); } void setTopicName(const std::string& topic_name) { topic_name_ = topic_name; } /** * @return HeaderMap of current headers */ const Http::HeaderMap& headers() const { return *headers_; } Http::HeaderMap& headers() { return *headers_; } private: bool is_oneway_{false}; absl::optional topic_name_{}; Http::HeaderMapPtr headers_{Http::RequestHeaderMapImpl::create()}; }; using MessageMetadataSharedPtr = std::shared_ptr; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/protocol.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/protocol.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "extensions/filters/network/rocketmq_proxy/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { void SendMessageRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); switch (version_) { case SendMessageRequestVersion::V1: { ProtobufWkt::Value producer_group_v; producer_group_v.set_string_value(producer_group_); members["producerGroup"] = producer_group_v; ProtobufWkt::Value topic_v; topic_v.set_string_value(topic_.c_str(), topic_.length()); members["topic"] = topic_v; ProtobufWkt::Value default_topic_v; default_topic_v.set_string_value(default_topic_); members["defaultTopic"] = default_topic_v; ProtobufWkt::Value default_topic_queue_number_v; default_topic_queue_number_v.set_number_value(default_topic_queue_number_); members["defaultTopicQueueNums"] = default_topic_queue_number_v; ProtobufWkt::Value queue_id_v; queue_id_v.set_number_value(queue_id_); members["queueId"] = queue_id_v; ProtobufWkt::Value sys_flag_v; sys_flag_v.set_number_value(sys_flag_); members["sysFlag"] = sys_flag_v; ProtobufWkt::Value born_timestamp_v; born_timestamp_v.set_number_value(born_timestamp_); members["bornTimestamp"] = born_timestamp_v; ProtobufWkt::Value flag_v; flag_v.set_number_value(flag_); members["flag"] = flag_v; if (!properties_.empty()) { ProtobufWkt::Value properties_v; properties_v.set_string_value(properties_.c_str(), properties_.length()); members["properties"] = properties_v; } if (reconsume_time_ > 0) { ProtobufWkt::Value reconsume_times_v; reconsume_times_v.set_number_value(reconsume_time_); members["reconsumeTimes"] = reconsume_times_v; } if (unit_mode_) { ProtobufWkt::Value unit_mode_v; unit_mode_v.set_bool_value(unit_mode_); members["unitMode"] = unit_mode_v; } if (batch_) { ProtobufWkt::Value batch_v; batch_v.set_bool_value(batch_); members["batch"] = batch_v; } if (max_reconsume_time_ > 0) { ProtobufWkt::Value max_reconsume_time_v; max_reconsume_time_v.set_number_value(max_reconsume_time_); members["maxReconsumeTimes"] = max_reconsume_time_v; } break; } case SendMessageRequestVersion::V2: { ProtobufWkt::Value producer_group_v; producer_group_v.set_string_value(producer_group_.c_str(), producer_group_.length()); members["a"] = producer_group_v; ProtobufWkt::Value topic_v; topic_v.set_string_value(topic_.c_str(), topic_.length()); members["b"] = topic_v; ProtobufWkt::Value default_topic_v; default_topic_v.set_string_value(default_topic_.c_str(), default_topic_.length()); members["c"] = default_topic_v; ProtobufWkt::Value default_topic_queue_number_v; default_topic_queue_number_v.set_number_value(default_topic_queue_number_); members["d"] = default_topic_queue_number_v; ProtobufWkt::Value queue_id_v; queue_id_v.set_number_value(queue_id_); members["e"] = queue_id_v; ProtobufWkt::Value sys_flag_v; sys_flag_v.set_number_value(sys_flag_); members["f"] = sys_flag_v; ProtobufWkt::Value born_timestamp_v; born_timestamp_v.set_number_value(born_timestamp_); members["g"] = born_timestamp_v; ProtobufWkt::Value flag_v; flag_v.set_number_value(flag_); members["h"] = flag_v; if (!properties_.empty()) { ProtobufWkt::Value properties_v; properties_v.set_string_value(properties_.c_str(), properties_.length()); members["i"] = properties_v; } if (reconsume_time_ > 0) { ProtobufWkt::Value reconsume_times_v; reconsume_times_v.set_number_value(reconsume_time_); members["j"] = reconsume_times_v; } if (unit_mode_) { ProtobufWkt::Value unit_mode_v; unit_mode_v.set_bool_value(unit_mode_); members["k"] = unit_mode_v; } if (batch_) { ProtobufWkt::Value batch_v; batch_v.set_bool_value(batch_); members["m"] = batch_v; } if (max_reconsume_time_ > 0) { ProtobufWkt::Value max_reconsume_time_v; max_reconsume_time_v.set_number_value(max_reconsume_time_); members["l"] = max_reconsume_time_v; } break; } default: break; } } void SendMessageRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); switch (version_) { case SendMessageRequestVersion::V1: { ASSERT(members.contains("producerGroup")); ASSERT(members.contains("topic")); ASSERT(members.contains("defaultTopic")); ASSERT(members.contains("defaultTopicQueueNums")); ASSERT(members.contains("queueId")); ASSERT(members.contains("sysFlag")); ASSERT(members.contains("bornTimestamp")); ASSERT(members.contains("flag")); producer_group_ = members.at("producerGroup").string_value(); topic_ = members.at("topic").string_value(); default_topic_ = members.at("defaultTopic").string_value(); if (members.at("defaultTopicQueueNums").kind_case() == ProtobufWkt::Value::kNumberValue) { default_topic_queue_number_ = members.at("defaultTopicQueueNums").number_value(); } else { default_topic_queue_number_ = std::stoi(members.at("defaultTopicQueueNums").string_value()); } if (members.at("queueId").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_id_ = members.at("queueId").number_value(); } else { queue_id_ = std::stoi(members.at("queueId").string_value()); } if (members.at("sysFlag").kind_case() == ProtobufWkt::Value::kNumberValue) { sys_flag_ = static_cast(members.at("sysFlag").number_value()); } else { sys_flag_ = std::stoi(members.at("sysFlag").string_value()); } if (members.at("bornTimestamp").kind_case() == ProtobufWkt::Value::kNumberValue) { born_timestamp_ = static_cast(members.at("bornTimestamp").number_value()); } else { born_timestamp_ = std::stoll(members.at("bornTimestamp").string_value()); } if (members.at("flag").kind_case() == ProtobufWkt::Value::kNumberValue) { flag_ = static_cast(members.at("flag").number_value()); } else { flag_ = std::stoi(members.at("flag").string_value()); } if (members.contains("properties")) { properties_ = members.at("properties").string_value(); } if (members.contains("reconsumeTimes")) { if (members.at("reconsumeTimes").kind_case() == ProtobufWkt::Value::kNumberValue) { reconsume_time_ = members.at("reconsumeTimes").number_value(); } else { reconsume_time_ = std::stoi(members.at("reconsumeTimes").string_value()); } } if (members.contains("unitMode")) { if (members.at("unitMode").kind_case() == ProtobufWkt::Value::kBoolValue) { unit_mode_ = members.at("unitMode").bool_value(); } else { unit_mode_ = (members.at("unitMode").string_value() == std::string("true")); } } if (members.contains("batch")) { if (members.at("batch").kind_case() == ProtobufWkt::Value::kBoolValue) { batch_ = members.at("batch").bool_value(); } else { batch_ = (members.at("batch").string_value() == std::string("true")); } } if (members.contains("maxReconsumeTimes")) { if (members.at("maxReconsumeTimes").kind_case() == ProtobufWkt::Value::kNumberValue) { max_reconsume_time_ = static_cast(members.at("maxReconsumeTimes").number_value()); } else { max_reconsume_time_ = std::stoi(members.at("maxReconsumeTimes").string_value()); } } break; } case SendMessageRequestVersion::V2: { ASSERT(members.contains("a")); ASSERT(members.contains("b")); ASSERT(members.contains("c")); ASSERT(members.contains("d")); ASSERT(members.contains("e")); ASSERT(members.contains("f")); ASSERT(members.contains("g")); ASSERT(members.contains("h")); producer_group_ = members.at("a").string_value(); topic_ = members.at("b").string_value(); default_topic_ = members.at("c").string_value(); if (members.at("d").kind_case() == ProtobufWkt::Value::kNumberValue) { default_topic_queue_number_ = members.at("d").number_value(); } else { default_topic_queue_number_ = std::stoi(members.at("d").string_value()); } if (members.at("e").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_id_ = members.at("e").number_value(); } else { queue_id_ = std::stoi(members.at("e").string_value()); } if (members.at("f").kind_case() == ProtobufWkt::Value::kNumberValue) { sys_flag_ = static_cast(members.at("f").number_value()); } else { sys_flag_ = std::stoi(members.at("f").string_value()); } if (members.at("g").kind_case() == ProtobufWkt::Value::kNumberValue) { born_timestamp_ = static_cast(members.at("g").number_value()); } else { born_timestamp_ = std::stoll(members.at("g").string_value()); } if (members.at("h").kind_case() == ProtobufWkt::Value::kNumberValue) { flag_ = static_cast(members.at("h").number_value()); } else { flag_ = std::stoi(members.at("h").string_value()); } if (members.contains("i")) { properties_ = members.at("i").string_value(); } if (members.contains("j")) { if (members.at("j").kind_case() == ProtobufWkt::Value::kNumberValue) { reconsume_time_ = members.at("j").number_value(); } else { reconsume_time_ = std::stoi(members.at("j").string_value()); } } if (members.contains("k")) { if (members.at("k").kind_case() == ProtobufWkt::Value::kBoolValue) { unit_mode_ = members.at("k").bool_value(); } else { unit_mode_ = (members.at("k").string_value() == std::string("true")); } } if (members.contains("m")) { if (members.at("m").kind_case() == ProtobufWkt::Value::kBoolValue) { batch_ = members.at("m").bool_value(); } else { batch_ = (members.at("m").string_value() == std::string("true")); } } if (members.contains("l")) { if (members.at("l").kind_case() == ProtobufWkt::Value::kNumberValue) { max_reconsume_time_ = members.at("l").number_value(); } else { max_reconsume_time_ = std::stoi(members.at("l").string_value()); } } break; } default: ENVOY_LOG(error, "Unknown SendMessageRequestVersion: {}", static_cast(version_)); break; } } void SendMessageResponseHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ASSERT(!msg_id_.empty()); ProtobufWkt::Value msg_id_v; msg_id_v.set_string_value(msg_id_.c_str(), msg_id_.length()); members["msgId"] = msg_id_v; ASSERT(queue_id_ >= 0); ProtobufWkt::Value queue_id_v; queue_id_v.set_number_value(queue_id_); members["queueId"] = queue_id_v; ASSERT(queue_offset_ >= 0); ProtobufWkt::Value queue_offset_v; queue_offset_v.set_number_value(queue_offset_); members["queueOffset"] = queue_offset_v; if (!transaction_id_.empty()) { ProtobufWkt::Value transaction_id_v; transaction_id_v.set_string_value(transaction_id_.c_str(), transaction_id_.length()); members["transactionId"] = transaction_id_v; } } void SendMessageResponseHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("msgId")); ASSERT(members.contains("queueId")); ASSERT(members.contains("queueOffset")); msg_id_ = members.at("msgId").string_value(); if (members.at("queueId").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_id_ = members.at("queueId").number_value(); } else { queue_id_ = std::stoi(members.at("queueId").string_value()); } if (members.at("queueOffset").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_offset_ = members.at("queueOffset").number_value(); } else { queue_offset_ = std::stoll(members.at("queueOffset").string_value()); } if (members.contains("transactionId")) { transaction_id_ = members.at("transactionId").string_value(); } } void GetRouteInfoRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ProtobufWkt::Value topic_v; topic_v.set_string_value(topic_.c_str(), topic_.length()); members["topic"] = topic_v; } void GetRouteInfoRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("topic")); topic_ = members.at("topic").string_value(); } void PopMessageRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ASSERT(!consumer_group_.empty()); ProtobufWkt::Value consumer_group_v; consumer_group_v.set_string_value(consumer_group_.c_str(), consumer_group_.size()); members["consumerGroup"] = consumer_group_v; ASSERT(!topic_.empty()); ProtobufWkt::Value topicNode; topicNode.set_string_value(topic_.c_str(), topic_.length()); members["topic"] = topicNode; ProtobufWkt::Value queue_id_v; queue_id_v.set_number_value(queue_id_); members["queueId"] = queue_id_v; ProtobufWkt::Value max_msg_nums_v; max_msg_nums_v.set_number_value(max_msg_nums_); members["maxMsgNums"] = max_msg_nums_v; ProtobufWkt::Value invisible_time_v; invisible_time_v.set_number_value(invisible_time_); members["invisibleTime"] = invisible_time_v; ProtobufWkt::Value poll_time_v; poll_time_v.set_number_value(poll_time_); members["pollTime"] = poll_time_v; ProtobufWkt::Value born_time_v; born_time_v.set_number_value(born_time_); members["bornTime"] = born_time_v; ProtobufWkt::Value init_mode_v; init_mode_v.set_number_value(init_mode_); members["initMode"] = init_mode_v; if (!exp_type_.empty()) { ProtobufWkt::Value exp_type_v; exp_type_v.set_string_value(exp_type_.c_str(), exp_type_.size()); members["expType"] = exp_type_v; } if (!exp_.empty()) { ProtobufWkt::Value exp_v; exp_v.set_string_value(exp_.c_str(), exp_.size()); members["exp"] = exp_v; } } void PopMessageRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("consumerGroup")); ASSERT(members.contains("topic")); ASSERT(members.contains("queueId")); ASSERT(members.contains("maxMsgNums")); ASSERT(members.contains("invisibleTime")); ASSERT(members.contains("pollTime")); ASSERT(members.contains("bornTime")); ASSERT(members.contains("initMode")); consumer_group_ = members.at("consumerGroup").string_value(); topic_ = members.at("topic").string_value(); if (members.at("queueId").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_id_ = members.at("queueId").number_value(); } else { queue_id_ = std::stoi(members.at("queueId").string_value()); } if (members.at("maxMsgNums").kind_case() == ProtobufWkt::Value::kNumberValue) { max_msg_nums_ = members.at("maxMsgNums").number_value(); } else { max_msg_nums_ = std::stoi(members.at("maxMsgNums").string_value()); } if (members.at("invisibleTime").kind_case() == ProtobufWkt::Value::kNumberValue) { invisible_time_ = members.at("invisibleTime").number_value(); } else { invisible_time_ = std::stoll(members.at("invisibleTime").string_value()); } if (members.at("pollTime").kind_case() == ProtobufWkt::Value::kNumberValue) { poll_time_ = members.at("pollTime").number_value(); } else { poll_time_ = std::stoll(members.at("pollTime").string_value()); } if (members.at("bornTime").kind_case() == ProtobufWkt::Value::kNumberValue) { born_time_ = members.at("bornTime").number_value(); } else { born_time_ = std::stoll(members.at("bornTime").string_value()); } if (members.at("initMode").kind_case() == ProtobufWkt::Value::kNumberValue) { init_mode_ = members.at("initMode").number_value(); } else { init_mode_ = std::stol(members.at("initMode").string_value()); } if (members.contains("expType")) { exp_type_ = members.at("expType").string_value(); } if (members.contains("exp")) { exp_ = members.at("exp").string_value(); } } void PopMessageResponseHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ProtobufWkt::Value pop_time_v; pop_time_v.set_number_value(pop_time_); members["popTime"] = pop_time_v; ProtobufWkt::Value invisible_time_v; invisible_time_v.set_number_value(invisible_time_); members["invisibleTime"] = invisible_time_v; ProtobufWkt::Value revive_qid_v; revive_qid_v.set_number_value(revive_qid_); members["reviveQid"] = revive_qid_v; ProtobufWkt::Value rest_num_v; rest_num_v.set_number_value(rest_num_); members["restNum"] = rest_num_v; if (!start_offset_info_.empty()) { ProtobufWkt::Value start_offset_info_v; start_offset_info_v.set_string_value(start_offset_info_.c_str(), start_offset_info_.size()); members["startOffsetInfo"] = start_offset_info_v; } if (!msg_off_set_info_.empty()) { ProtobufWkt::Value msg_offset_info_v; msg_offset_info_v.set_string_value(msg_off_set_info_.c_str(), msg_off_set_info_.size()); members["msgOffsetInfo"] = msg_offset_info_v; } if (!order_count_info_.empty()) { ProtobufWkt::Value order_count_info_v; order_count_info_v.set_string_value(order_count_info_.c_str(), order_count_info_.size()); members["orderCountInfo"] = order_count_info_v; } } void PopMessageResponseHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("popTime")); ASSERT(members.contains("invisibleTime")); ASSERT(members.contains("reviveQid")); ASSERT(members.contains("restNum")); if (members.at("popTime").kind_case() == ProtobufWkt::Value::kNumberValue) { pop_time_ = members.at("popTime").number_value(); } else { pop_time_ = std::stoull(members.at("popTime").string_value()); } if (members.at("invisibleTime").kind_case() == ProtobufWkt::Value::kNumberValue) { invisible_time_ = members.at("invisibleTime").number_value(); } else { invisible_time_ = std::stoull(members.at("invisibleTime").string_value()); } if (members.at("reviveQid").kind_case() == ProtobufWkt::Value::kNumberValue) { revive_qid_ = members.at("reviveQid").number_value(); } else { revive_qid_ = std::stoul(members.at("reviveQid").string_value()); } if (members.at("restNum").kind_case() == ProtobufWkt::Value::kNumberValue) { rest_num_ = members.at("restNum").number_value(); } else { rest_num_ = std::stoull(members.at("restNum").string_value()); } if (members.contains("startOffsetInfo")) { start_offset_info_ = members.at("startOffsetInfo").string_value(); } if (members.contains("msgOffsetInfo")) { msg_off_set_info_ = members.at("msgOffsetInfo").string_value(); } if (members.contains("orderCountInfo")) { order_count_info_ = members.at("orderCountInfo").string_value(); } } void AckMessageRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ASSERT(!consumer_group_.empty()); ProtobufWkt::Value consumer_group_v; consumer_group_v.set_string_value(consumer_group_.c_str(), consumer_group_.size()); members["consumerGroup"] = consumer_group_v; ASSERT(!topic_.empty()); ProtobufWkt::Value topic_v; topic_v.set_string_value(topic_.c_str(), topic_.size()); members["topic"] = topic_v; ASSERT(queue_id_ >= 0); ProtobufWkt::Value queue_id_v; queue_id_v.set_number_value(queue_id_); members["queueId"] = queue_id_v; ASSERT(!extra_info_.empty()); ProtobufWkt::Value extra_info_v; extra_info_v.set_string_value(extra_info_.c_str(), extra_info_.size()); members["extraInfo"] = extra_info_v; ASSERT(offset_ >= 0); ProtobufWkt::Value offset_v; offset_v.set_number_value(offset_); members["offset"] = offset_v; } void AckMessageRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("consumerGroup")); ASSERT(members.contains("topic")); ASSERT(members.contains("queueId")); ASSERT(members.contains("extraInfo")); ASSERT(members.contains("offset")); consumer_group_ = members.at("consumerGroup").string_value(); topic_ = members.at("topic").string_value(); if (members.at("queueId").kind_case() == ProtobufWkt::Value::kNumberValue) { queue_id_ = members.at("queueId").number_value(); } else { queue_id_ = std::stoi(members.at("queueId").string_value()); } extra_info_ = members.at("extraInfo").string_value(); if (members.at("offset").kind_case() == ProtobufWkt::Value::kNumberValue) { offset_ = members.at("offset").number_value(); } else { offset_ = std::stoll(members.at("offset").string_value()); } } void UnregisterClientRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ASSERT(!client_id_.empty()); ProtobufWkt::Value client_id_v; client_id_v.set_string_value(client_id_.c_str(), client_id_.size()); members["clientID"] = client_id_v; ASSERT(!producer_group_.empty() || !consumer_group_.empty()); if (!producer_group_.empty()) { ProtobufWkt::Value producer_group_v; producer_group_v.set_string_value(producer_group_.c_str(), producer_group_.size()); members["producerGroup"] = producer_group_v; } if (!consumer_group_.empty()) { ProtobufWkt::Value consumer_group_v; consumer_group_v.set_string_value(consumer_group_.c_str(), consumer_group_.size()); members["consumerGroup"] = consumer_group_v; } } void UnregisterClientRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("clientID")); ASSERT(members.contains("producerGroup") || members.contains("consumerGroup")); client_id_ = members.at("clientID").string_value(); if (members.contains("consumerGroup")) { consumer_group_ = members.at("consumerGroup").string_value(); } if (members.contains("producerGroup")) { producer_group_ = members.at("producerGroup").string_value(); } } void GetConsumerListByGroupResponseBody::encode(ProtobufWkt::Struct& root) { auto& members = *(root.mutable_fields()); ProtobufWkt::Value consumer_id_list_v; auto member_list = consumer_id_list_v.mutable_list_value(); for (const auto& consumerId : consumer_id_list_) { auto consumer_id_v = new ProtobufWkt::Value; consumer_id_v->set_string_value(consumerId.c_str(), consumerId.size()); member_list->mutable_values()->AddAllocated(consumer_id_v); } members["consumerIdList"] = consumer_id_list_v; } bool HeartbeatData::decode(ProtobufWkt::Struct& doc) { const auto& members = doc.fields(); if (!members.contains("clientID")) { return false; } client_id_ = members.at("clientID").string_value(); if (members.contains("consumerDataSet")) { auto& consumer_data_list = members.at("consumerDataSet").list_value().values(); for (const auto& it : consumer_data_list) { if (it.struct_value().fields().contains("groupName")) { consumer_groups_.push_back(it.struct_value().fields().at("groupName").string_value()); } } } return true; } void HeartbeatData::encode(ProtobufWkt::Struct& root) { auto& members = *(root.mutable_fields()); ProtobufWkt::Value client_id_v; client_id_v.set_string_value(client_id_.c_str(), client_id_.size()); members["clientID"] = client_id_v; } void GetConsumerListByGroupRequestHeader::encode(ProtobufWkt::Value& root) { auto& members = *(root.mutable_struct_value()->mutable_fields()); ProtobufWkt::Value consumer_group_v; consumer_group_v.set_string_value(consumer_group_.c_str(), consumer_group_.size()); members["consumerGroup"] = consumer_group_v; } void GetConsumerListByGroupRequestHeader::decode(const ProtobufWkt::Value& ext_fields) { const auto& members = ext_fields.struct_value().fields(); ASSERT(members.contains("consumerGroup")); consumer_group_ = members.at("consumerGroup").string_value(); } void MetadataHelper::parseRequest(RemotingCommandPtr& request, MessageMetadataSharedPtr metadata) { metadata->setOneWay(request->isOneWay()); CommandCustomHeader* custom_header = request->customHeader(); auto route_command_custom_header = request->typedCustomHeader(); if (route_command_custom_header != nullptr) { metadata->setTopicName(route_command_custom_header->topic()); } const uint64_t code = request->code(); metadata->headers().addCopy(Http::LowerCaseString("code"), code); if (enumToInt(RequestCode::AckMessage) == code) { metadata->headers().addCopy(Http::LowerCaseString(RocketmqConstants::get().BrokerName), custom_header->targetBrokerName()); metadata->headers().addCopy(Http::LowerCaseString(RocketmqConstants::get().BrokerId), custom_header->targetBrokerId()); } } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/protocol.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/network/rocketmq_proxy/metadata.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { /** * Retry topic prefix */ constexpr absl::string_view RetryTopicPrefix = "%RETRY%"; /** * RocketMQ supports two versions of sending message protocol. These two versions are identical in * terms of functionality. But they do differ in encoding scheme. See SendMessageRequestHeader * encode/decode functions for specific differences. */ enum class SendMessageRequestVersion : uint32_t { V1 = 0, V2 = 1, // Only for test purpose V3 = 2, }; /** * Command custom header are used in combination with RemotingCommand::code, to provide further * instructions and data for the operation defined by the protocol. * In addition to the shared encode/decode functions, this class also defines target-broker-name and * target-broker-id fields, which are helpful if the associated remoting command should be delivered * to specific host according to the semantics of the previous command. */ class CommandCustomHeader { public: CommandCustomHeader() = default; virtual ~CommandCustomHeader() = default; virtual void encode(ProtobufWkt::Value& root) PURE; virtual void decode(const ProtobufWkt::Value& ext_fields) PURE; const std::string& targetBrokerName() const { return target_broker_name_; } void targetBrokerName(absl::string_view broker_name) { target_broker_name_ = std::string(broker_name.data(), broker_name.length()); } int32_t targetBrokerId() const { return target_broker_id_; } void targetBrokerId(int32_t broker_id) { target_broker_id_ = broker_id; } protected: /** * If this field is not empty, RDS will employ this field and target-broker-id to direct the * associated request to a subset of the chosen cluster. */ std::string target_broker_name_; /** * Used along with target-broker-name field. */ int32_t target_broker_id_; }; using CommandCustomHeaderPtr = CommandCustomHeader*; /** * This class extends from CommandCustomHeader, adding a commonly used field by various custom * command headers which participate the process of request routing. */ class RoutingCommandCustomHeader : public CommandCustomHeader { public: virtual const std::string& topic() const { return topic_; } virtual void topic(absl::string_view t) { topic_ = std::string(t.data(), t.size()); } protected: std::string topic_; }; /** * This class defines basic request/response forms used by RocketMQ among all its components. */ class RemotingCommand { public: RemotingCommand() : RemotingCommand(0, 0, 0) {} RemotingCommand(int code, int version, int opaque) : code_(code), version_(version), opaque_(opaque), flag_(0) {} ~RemotingCommand() { delete custom_header_; } int32_t code() const { return code_; } void code(int code) { code_ = code; } const std::string& language() const { return language_; } void language(absl::string_view lang) { language_ = std::string(lang.data(), lang.size()); } int32_t version() const { return version_; } void opaque(int opaque) { opaque_ = opaque; } int32_t opaque() const { return opaque_; } uint32_t flag() const { return flag_; } void flag(uint32_t f) { flag_ = f; } void customHeader(CommandCustomHeaderPtr custom_header) { custom_header_ = custom_header; } CommandCustomHeaderPtr customHeader() const { return custom_header_; } template T* typedCustomHeader() { if (!custom_header_) { return nullptr; } return dynamic_cast(custom_header_); } uint32_t bodyLength() const { return body_.length(); } Buffer::Instance& body() { return body_; } const std::string& remark() const { return remark_; } void remark(absl::string_view remark) { remark_ = std::string(remark.data(), remark.length()); } const std::string& serializeTypeCurrentRPC() const { return serialize_type_current_rpc_; } void serializeTypeCurrentRPC(absl::string_view serialization_type) { serialize_type_current_rpc_ = std::string(serialization_type.data(), serialization_type.size()); } bool isOneWay() const { uint32_t marker = 1u << SHIFT_ONEWAY; return (flag_ & marker) == marker; } void markAsResponse() { flag_ |= (1u << SHIFT_RPC); } void markAsOneway() { flag_ |= (1u << SHIFT_ONEWAY); } static bool isResponse(uint32_t flag) { return (flag & (1u << SHIFT_RPC)) == (1u << SHIFT_RPC); } private: /** * Action code of this command. Possible values are defined in RequestCode enumeration. */ int32_t code_; /** * Language used by the client. */ std::string language_{"CPP"}; /** * Version of the client SDK. */ int32_t version_; /** * Request ID. If the RPC is request-response form, this field is used to establish the * association. */ int32_t opaque_; /** * Bit-wise flag indicating RPC type, including whether it is one-way or request-response; * a request or response command. */ uint32_t flag_; /** * Remark is used to deliver text message in addition to code. Urgent scenarios may use this field * to transfer diagnostic message to the counterparts when a full-fledged response is impossible. */ std::string remark_; /** * Indicate how the custom command header is serialized. */ std::string serialize_type_current_rpc_{"JSON"}; /** * The custom command header works with command code to provide additional protocol * implementation. * Generally speaking, each code has pair of request/response custom command header. */ CommandCustomHeaderPtr custom_header_{nullptr}; /** * The command body, in form of binary. */ Buffer::OwnedImpl body_; static constexpr uint32_t SHIFT_RPC = 0; static constexpr uint32_t SHIFT_ONEWAY = 1; friend class Encoder; friend class Decoder; }; using RemotingCommandPtr = std::unique_ptr; /** * Command codes used when sending requests. Meaning of each field is self-explanatory. */ enum class RequestCode : uint32_t { SendMessage = 10, HeartBeat = 34, UnregisterClient = 35, GetConsumerListByGroup = 38, PopMessage = 50, AckMessage = 51, GetRouteInfoByTopic = 105, SendMessageV2 = 310, // Only for test purpose Unsupported = 999, }; /** * Command code used when sending responses. Meaning of each enum is self-explanatory. */ enum class ResponseCode : uint32_t { Success = 0, SystemError = 1, SystemBusy = 2, RequestCodeNotSupported = 3, ReplicaNotAvailable = 11, }; /** * Custom command header for sending messages. */ class SendMessageRequestHeader : public RoutingCommandCustomHeader, Logger::Loggable { public: ~SendMessageRequestHeader() override = default; int32_t queueId() const { return queue_id_; } /** * TODO(lizhanhui): Remove this write API after adding queue-id-aware route logic * @param queue_id target queue Id. */ void queueId(int32_t queue_id) { queue_id_ = queue_id; } void producerGroup(std::string producer_group) { producer_group_ = std::move(producer_group); } void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; const std::string& producerGroup() const { return producer_group_; } const std::string& defaultTopic() const { return default_topic_; } int32_t defaultTopicQueueNumber() const { return default_topic_queue_number_; } int32_t sysFlag() const { return sys_flag_; } int32_t flag() const { return flag_; } int64_t bornTimestamp() const { return born_timestamp_; } const std::string& properties() const { return properties_; } int32_t reconsumeTimes() const { return reconsume_time_; } bool unitMode() const { return unit_mode_; } bool batch() const { return batch_; } int32_t maxReconsumeTimes() const { return max_reconsume_time_; } void properties(absl::string_view props) { properties_ = std::string(props.data(), props.size()); } void reconsumeTimes(int32_t reconsume_times) { reconsume_time_ = reconsume_times; } void unitMode(bool unit_mode) { unit_mode_ = unit_mode; } void batch(bool batch) { batch_ = batch; } void maxReconsumeTimes(int32_t max_reconsume_times) { max_reconsume_time_ = max_reconsume_times; } void version(SendMessageRequestVersion version) { version_ = version; } SendMessageRequestVersion version() const { return version_; } private: std::string producer_group_; std::string default_topic_; int32_t default_topic_queue_number_{0}; int32_t queue_id_{-1}; int32_t sys_flag_{0}; int64_t born_timestamp_{0}; int32_t flag_{0}; std::string properties_; int32_t reconsume_time_{0}; bool unit_mode_{false}; bool batch_{false}; int32_t max_reconsume_time_{0}; SendMessageRequestVersion version_{SendMessageRequestVersion::V1}; friend class Decoder; }; /** * Custom command header to respond to a send-message-request. */ class SendMessageResponseHeader : public CommandCustomHeader { public: SendMessageResponseHeader() = default; SendMessageResponseHeader(std::string msg_id, int32_t queue_id, int64_t queue_offset, std::string transaction_id) : msg_id_(std::move(msg_id)), queue_id_(queue_id), queue_offset_(queue_offset), transaction_id_(std::move(transaction_id)) {} void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; const std::string& msgId() const { return msg_id_; } int32_t queueId() const { return queue_id_; } int64_t queueOffset() const { return queue_offset_; } const std::string& transactionId() const { return transaction_id_; } // This function is for testing only. void msgIdForTest(absl::string_view msg_id) { msg_id_ = std::string(msg_id.data(), msg_id.size()); } void queueId(int32_t queue_id) { queue_id_ = queue_id; } void queueOffset(int64_t queue_offset) { queue_offset_ = queue_offset; } void transactionId(absl::string_view transaction_id) { transaction_id_ = std::string(transaction_id.data(), transaction_id.size()); } private: std::string msg_id_; int32_t queue_id_{0}; int64_t queue_offset_{0}; std::string transaction_id_; }; /** * Classic RocketMQ needs to known addresses of each broker to work with. To resolve the addresses, * client SDK uses this command header to query name servers. * * This header is kept for compatible purpose only. */ class GetRouteInfoRequestHeader : public RoutingCommandCustomHeader { public: void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; }; /** * When a client wishes to consume messages stored in brokers, it sends a pop command to brokers. * Brokers would send a batch of messages to the client. At the same time, the broker keeps the * batch invisible for a configured period of time, waiting for acknowledgments from the client. * * If the client manages to consume the messages within promised time interval and sends ack command * back to the broker, the broker will mark the acknowledged ones as consumed. Otherwise, the * previously sent messages are visible again and would be consumable for other client instances. * * Through this approach, we achieves stateless message-pulling, comparing to classic offset-based * consuming progress management. This models brings about some extra workload to broker side, but * it fits Envoy well. */ class PopMessageRequestHeader : public RoutingCommandCustomHeader { public: friend class Decoder; void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; const std::string& consumerGroup() const { return consumer_group_; } void consumerGroup(absl::string_view consumer_group) { consumer_group_ = std::string(consumer_group.data(), consumer_group.size()); } int32_t queueId() const { return queue_id_; } void queueId(int32_t queue_id) { queue_id_ = queue_id; } int32_t maxMsgNum() const { return max_msg_nums_; } void maxMsgNum(int32_t max_msg_num) { max_msg_nums_ = max_msg_num; } int64_t invisibleTime() const { return invisible_time_; } void invisibleTime(int64_t invisible_time) { invisible_time_ = invisible_time; } int64_t pollTime() const { return poll_time_; } void pollTime(int64_t poll_time) { poll_time_ = poll_time; } int64_t bornTime() const { return born_time_; } void bornTime(int64_t born_time) { born_time_ = born_time; } int32_t initMode() const { return init_mode_; } void initMode(int32_t init_mode) { init_mode_ = init_mode; } const std::string& expType() const { return exp_type_; } void expType(absl::string_view exp_type) { exp_type_ = std::string(exp_type.data(), exp_type.size()); } const std::string& exp() const { return exp_; } void exp(absl::string_view exp) { exp_ = std::string(exp.data(), exp.size()); } private: std::string consumer_group_; int32_t queue_id_{-1}; int32_t max_msg_nums_{32}; int64_t invisible_time_{0}; int64_t poll_time_{0}; int64_t born_time_{0}; int32_t init_mode_{0}; std::string exp_type_; std::string exp_; bool order_{false}; }; /** * The pop response command header. See pop request header for how-things-work explanation. */ class PopMessageResponseHeader : public CommandCustomHeader { public: void decode(const ProtobufWkt::Value& ext_fields) override; void encode(ProtobufWkt::Value& root) override; // This function is for testing only. int64_t popTimeForTest() const { return pop_time_; } void popTime(int64_t pop_time) { pop_time_ = pop_time; } int64_t invisibleTime() const { return invisible_time_; } void invisibleTime(int64_t invisible_time) { invisible_time_ = invisible_time; } int32_t reviveQid() const { return revive_qid_; } void reviveQid(int32_t revive_qid) { revive_qid_ = revive_qid; } int64_t restNum() const { return rest_num_; } void restNum(int64_t rest_num) { rest_num_ = rest_num; } const std::string& startOffsetInfo() const { return start_offset_info_; } void startOffsetInfo(absl::string_view start_offset_info) { start_offset_info_ = std::string(start_offset_info.data(), start_offset_info.size()); } const std::string& msgOffsetInfo() const { return msg_off_set_info_; } void msgOffsetInfo(absl::string_view msg_offset_info) { msg_off_set_info_ = std::string(msg_offset_info.data(), msg_offset_info.size()); } const std::string& orderCountInfo() const { return order_count_info_; } void orderCountInfo(absl::string_view order_count_info) { order_count_info_ = std::string(order_count_info.data(), order_count_info.size()); } private: int64_t pop_time_{0}; int64_t invisible_time_{0}; int32_t revive_qid_{0}; int64_t rest_num_{0}; std::string start_offset_info_; std::string msg_off_set_info_; std::string order_count_info_; }; /** * This command is used by the client to acknowledge message(s) that has been successfully consumed. * Once the broker received this request, the associated message will formally marked as consumed. * * Note: the ack request has to be sent the exactly same broker where messages are popped from. */ class AckMessageRequestHeader : public RoutingCommandCustomHeader { public: void decode(const ProtobufWkt::Value& ext_fields) override; void encode(ProtobufWkt::Value& root) override; absl::string_view consumerGroup() const { return consumer_group_; } int64_t offset() const { return offset_; } void consumerGroup(absl::string_view consumer_group) { consumer_group_ = std::string(consumer_group.data(), consumer_group.size()); } int32_t queueId() const { return queue_id_; } void queueId(int32_t queue_id) { queue_id_ = queue_id; } absl::string_view extraInfo() const { return extra_info_; } void extraInfo(absl::string_view extra_info) { extra_info_ = std::string(extra_info.data(), extra_info.size()); } void offset(int64_t offset) { offset_ = offset; } const std::string& directiveKey() { if (key_.empty()) { key_ = fmt::format("{}-{}-{}-{}", consumer_group_, topic_, queue_id_, offset_); } return key_; } private: std::string consumer_group_; int32_t queue_id_{0}; std::string extra_info_; int64_t offset_{0}; std::string key_; }; /** * When a client shuts down gracefully, it notifies broker(now envoy) this event. */ class UnregisterClientRequestHeader : public CommandCustomHeader { public: void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; void clientId(absl::string_view client_id) { client_id_ = std::string(client_id.data(), client_id.length()); } const std::string& clientId() const { return client_id_; } void producerGroup(absl::string_view producer_group) { producer_group_ = std::string(producer_group.data(), producer_group.length()); } const std::string& producerGroup() const { return producer_group_; } void consumerGroup(absl::string_view consumer_group) { consumer_group_ = std::string(consumer_group.data(), consumer_group.length()); } const std::string& consumerGroup() const { return consumer_group_; } private: std::string client_id_; std::string producer_group_; std::string consumer_group_; }; /** * Classic SDK clients use client-side load balancing. This header is kept for compatibility. */ class GetConsumerListByGroupRequestHeader : public CommandCustomHeader { public: void encode(ProtobufWkt::Value& root) override; void decode(const ProtobufWkt::Value& ext_fields) override; void consumerGroup(absl::string_view consumer_group) { consumer_group_ = std::string(consumer_group.data(), consumer_group.length()); } const std::string& consumerGroup() const { return consumer_group_; } private: std::string consumer_group_; }; /** * The response body. */ class GetConsumerListByGroupResponseBody { public: void encode(ProtobufWkt::Struct& root); void add(absl::string_view consumer_id) { consumer_id_list_.emplace_back(std::string(consumer_id.data(), consumer_id.length())); } private: std::vector consumer_id_list_; }; /** * Client periodically sends heartbeat to servers to maintain alive status. */ class HeartbeatData : public Logger::Loggable { public: bool decode(ProtobufWkt::Struct& doc); const std::string& clientId() const { return client_id_; } const std::vector& consumerGroups() const { return consumer_groups_; } void encode(ProtobufWkt::Struct& root); void clientId(absl::string_view client_id) { client_id_ = std::string(client_id.data(), client_id.size()); } private: std::string client_id_; std::vector consumer_groups_; }; class MetadataHelper { public: MetadataHelper() = delete; static void parseRequest(RemotingCommandPtr& request, MessageMetadataSharedPtr metadata); }; /** * Directive to ensure entailing ack requests are routed to the same broker host where pop * requests are made. */ struct AckMessageDirective { AckMessageDirective(absl::string_view broker_name, int32_t broker_id, MonotonicTime create_time) : broker_name_(broker_name.data(), broker_name.length()), broker_id_(broker_id), creation_time_(create_time) {} std::string broker_name_; int32_t broker_id_; MonotonicTime creation_time_; }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "router_interface", hdrs = ["router.h"], deps = [ "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:load_balancer_interface", "//source/common/upstream:load_balancer_lib", ], ) envoy_cc_library( name = "router_lib", srcs = ["router_impl.cc"], hdrs = ["router_impl.h"], deps = [ ":router_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:thread_local_cluster_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/rocketmq_proxy:conn_manager_lib", ], ) envoy_cc_library( name = "route_matcher", srcs = ["route_matcher.cc"], hdrs = ["route_matcher.h"], deps = [ ":router_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", "//source/common/common:logger_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", "//source/common/router:metadatamatchcriteria_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/rocketmq_proxy:metadata_lib", "@envoy_api//envoy/extensions/filters/network/rocketmq_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/router/route_matcher.h" #include "common/router/metadatamatchcriteria_impl.h" #include "extensions/filters/network/rocketmq_proxy/metadata.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { namespace Router { RouteEntryImpl::RouteEntryImpl( const envoy::extensions::filters::network::rocketmq_proxy::v3::Route& route) : topic_name_(route.match().topic()), cluster_name_(route.route().cluster()), config_headers_(Http::HeaderUtility::buildHeaderDataVector(route.match().headers())) { if (route.route().has_metadata_match()) { const auto filter_it = route.route().metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != route.route().metadata_match().filter_metadata().end()) { metadata_match_criteria_ = std::make_unique(filter_it->second); } } } const std::string& RouteEntryImpl::clusterName() const { return cluster_name_; } const RouteEntry* RouteEntryImpl::routeEntry() const { return this; } RouteConstSharedPtr RouteEntryImpl::matches(const MessageMetadata& metadata) const { if (headersMatch(metadata.headers())) { const std::string& topic_name = metadata.topicName(); if (topic_name_.match(topic_name)) { return shared_from_this(); } } return nullptr; } bool RouteEntryImpl::headersMatch(const Http::HeaderMap& headers) const { ENVOY_LOG(debug, "rocketmq route matcher: headers size {}, metadata headers size {}", config_headers_.size(), headers.size()); return Http::HeaderUtility::matchHeaders(headers, config_headers_); } RouteMatcher::RouteMatcher(const RouteConfig& config) { for (const auto& route : config.routes()) { routes_.emplace_back(std::make_shared(route)); } ENVOY_LOG(debug, "rocketmq route matcher: routes list size {}", routes_.size()); } RouteConstSharedPtr RouteMatcher::route(const MessageMetadata& metadata) const { const std::string& topic_name = metadata.topicName(); for (const auto& route : routes_) { RouteConstSharedPtr route_entry = route->matches(metadata); if (nullptr != route_entry) { ENVOY_LOG(debug, "rocketmq route matcher: find cluster success for topic: {}", topic_name); return route_entry; } } ENVOY_LOG(debug, "rocketmq route matcher: find cluster failed for topic: {}", topic_name); return nullptr; } } // namespace Router } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h ================================================ #pragma once #include #include "envoy/config/typed_config.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/route.pb.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "common/common/matchers.h" #include "common/http/header_utility.h" #include "extensions/filters/network/rocketmq_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class MessageMetadata; namespace Router { class RouteEntryImpl : public RouteEntry, public Route, public std::enable_shared_from_this, public Logger::Loggable { public: RouteEntryImpl(const envoy::extensions::filters::network::rocketmq_proxy::v3::Route& route); ~RouteEntryImpl() override = default; // Router::RouteEntry const std::string& clusterName() const override; const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return metadata_match_criteria_.get(); } // Router::Route const RouteEntry* routeEntry() const override; RouteConstSharedPtr matches(const MessageMetadata& metadata) const; private: bool headersMatch(const Http::HeaderMap& headers) const; const Matchers::StringMatcherImpl topic_name_; const std::string cluster_name_; const std::vector config_headers_; Envoy::Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; }; using RouteEntryImplConstSharedPtr = std::shared_ptr; class RouteMatcher : public Logger::Loggable { public: using RouteConfig = envoy::extensions::filters::network::rocketmq_proxy::v3::RouteConfiguration; RouteMatcher(const RouteConfig& config); RouteConstSharedPtr route(const MessageMetadata& metadata) const; private: std::vector routes_; }; using RouteMatcherPtr = std::unique_ptr; } // namespace Router } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/router.h ================================================ #pragma once #include "envoy/tcp/conn_pool.h" #include "common/upstream/load_balancer_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class ActiveMessage; class MessageMetadata; namespace Router { /** * RouteEntry is an individual resolved route entry. */ class RouteEntry { public: virtual ~RouteEntry() = default; /** * @return const std::string& the upstream cluster that owns the route. */ virtual const std::string& clusterName() const PURE; /** * @return MetadataMatchCriteria* the metadata that a subset load balancer should match when * selecting an upstream host */ virtual const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const PURE; }; /** * Route holds the RouteEntry for a request. */ class Route { public: virtual ~Route() = default; /** * @return the route entry or nullptr if there is no matching route for the request. */ virtual const RouteEntry* routeEntry() const PURE; }; using RouteConstSharedPtr = std::shared_ptr; using RouteSharedPtr = std::shared_ptr; /** * The router configuration. */ class Config { public: virtual ~Config() = default; virtual RouteConstSharedPtr route(const MessageMetadata& metadata) const PURE; }; class Router : public Tcp::ConnectionPool::UpstreamCallbacks, public Upstream::LoadBalancerContextBase { public: virtual void sendRequestToUpstream(ActiveMessage& active_message) PURE; /** * Release resources associated with this router. */ virtual void reset() PURE; /** * Return host description that is eventually connected. * @return upstream host if a connection has been established; nullptr otherwise. */ virtual Upstream::HostDescriptionConstSharedPtr upstreamHost() PURE; }; using RouterPtr = std::unique_ptr; } // namespace Router } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/router/router_impl.h" #include "common/common/enum_to_int.h" #include "extensions/filters/network/rocketmq_proxy/active_message.h" #include "extensions/filters/network/rocketmq_proxy/codec.h" #include "extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "extensions/filters/network/rocketmq_proxy/protocol.h" #include "extensions/filters/network/rocketmq_proxy/well_known_names.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { namespace Router { RouterImpl::RouterImpl(Envoy::Upstream::ClusterManager& cluster_manager) : cluster_manager_(cluster_manager), handle_(nullptr), active_message_(nullptr) {} RouterImpl::~RouterImpl() { if (handle_) { handle_->cancel(Tcp::ConnectionPool::CancelPolicy::Default); } } Upstream::HostDescriptionConstSharedPtr RouterImpl::upstreamHost() { return upstream_host_; } void RouterImpl::onAboveWriteBufferHighWatermark() { ENVOY_LOG(trace, "Above write buffer high watermark"); } void RouterImpl::onBelowWriteBufferLowWatermark() { ENVOY_LOG(trace, "Below write buffer low watermark"); } void RouterImpl::onEvent(Network::ConnectionEvent event) { switch (event) { case Network::ConnectionEvent::RemoteClose: { ENVOY_LOG(error, "Connection to upstream: {} is closed by remote peer", upstream_host_->address()->asString()); // Send local reply to downstream active_message_->onError("Connection to upstream is closed by remote peer"); break; } case Network::ConnectionEvent::LocalClose: { ENVOY_LOG(error, "Connection to upstream: {} has been closed", upstream_host_->address()->asString()); // Send local reply to downstream active_message_->onError("Connection to upstream has been closed"); break; } default: // Ignore other events for now ENVOY_LOG(trace, "Ignore event type"); return; } active_message_->onReset(); } const Envoy::Router::MetadataMatchCriteria* RouterImpl::metadataMatchCriteria() { if (route_entry_) { return route_entry_->metadataMatchCriteria(); } return nullptr; } void RouterImpl::onUpstreamData(Buffer::Instance& data, bool end_stream) { ENVOY_LOG(trace, "Received some data from upstream: {} bytes, end_stream: {}", data.length(), end_stream); if (active_message_->onUpstreamData(data, end_stream, connection_data_)) { reset(); } } void RouterImpl::sendRequestToUpstream(ActiveMessage& active_message) { active_message_ = &active_message; int opaque = active_message_->downstreamRequest()->opaque(); ASSERT(active_message_->metadata()->hasTopicName()); std::string topic_name = active_message_->metadata()->topicName(); RouteConstSharedPtr route = active_message.route(); if (!route) { active_message.onError("No route for current request."); ENVOY_LOG(warn, "Can not find route for topic {}", topic_name); reset(); return; } route_entry_ = route->routeEntry(); const std::string cluster_name = route_entry_->clusterName(); Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(cluster_name); if (!cluster) { active_message.onError("Cluster does not exist."); ENVOY_LOG(warn, "Cluster for {} is not available", cluster_name); reset(); return; } cluster_info_ = cluster->info(); if (cluster_info_->maintenanceMode()) { ENVOY_LOG(warn, "Cluster {} is under maintenance. Opaque: {}", cluster_name, opaque); active_message.onError("Cluster under maintenance."); active_message.connectionManager().stats().maintenance_failure_.inc(); reset(); return; } Tcp::ConnectionPool::Instance* conn_pool = cluster_manager_.tcpConnPoolForCluster( cluster_name, Upstream::ResourcePriority::Default, this); if (!conn_pool) { ENVOY_LOG(warn, "No host available for cluster {}. Opaque: {}", cluster_name, opaque); active_message.onError("No host available"); reset(); return; } upstream_request_ = std::make_unique(*this); Tcp::ConnectionPool::Cancellable* cancellable = conn_pool->newConnection(*upstream_request_); if (cancellable) { handle_ = cancellable; ENVOY_LOG(trace, "No connection is available for now. Create a cancellable handle. Opaque: {}", opaque); } else { /* * UpstreamRequest#onPoolReady or #onPoolFailure should have been invoked. */ ENVOY_LOG(trace, "One connection is picked up from connection pool, callback should have been " "executed. Opaque: {}", opaque); } } RouterImpl::UpstreamRequest::UpstreamRequest(RouterImpl& router) : router_(router) {} void RouterImpl::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) { router_.connection_data_ = std::move(conn); router_.upstream_host_ = host; router_.connection_data_->addUpstreamCallbacks(router_); if (router_.handle_) { ENVOY_LOG(trace, "#onPoolReady, reset cancellable handle to nullptr"); router_.handle_ = nullptr; } ENVOY_LOG(debug, "Current chosen host address: {}", host->address()->asString()); // TODO(lizhanhui): we may optimize out encoding in case we there is no protocol translation. Buffer::OwnedImpl buffer; Encoder::encode(router_.active_message_->downstreamRequest(), buffer); router_.connection_data_->connection().write(buffer, false); ENVOY_LOG(trace, "Write data to upstream OK. Opaque: {}", router_.active_message_->downstreamRequest()->opaque()); if (router_.active_message_->metadata()->isOneWay()) { ENVOY_LOG(trace, "Reset ActiveMessage since data is written and the downstream request is one-way. " "Opaque: {}", router_.active_message_->downstreamRequest()->opaque()); // For one-way ack-message requests, we need erase previously stored ack-directive. if (enumToSignedInt(RequestCode::AckMessage) == router_.active_message_->downstreamRequest()->code()) { auto ack_header = router_.active_message_->downstreamRequest() ->typedCustomHeader(); router_.active_message_->connectionManager().eraseAckDirective(ack_header->directiveKey()); } router_.reset(); } } void RouterImpl::UpstreamRequest::onPoolFailure(Tcp::ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) { if (router_.handle_) { ENVOY_LOG(trace, "#onPoolFailure, reset cancellable handle to nullptr"); router_.handle_ = nullptr; } switch (reason) { case Tcp::ConnectionPool::PoolFailureReason::Overflow: { ENVOY_LOG(error, "Unable to acquire a connection to send request to upstream"); router_.active_message_->onError("overflow"); } break; case Tcp::ConnectionPool::PoolFailureReason::RemoteConnectionFailure: { ENVOY_LOG(error, "Failed to make request to upstream due to remote connection error. Host {}", host->address()->asString()); router_.active_message_->onError("remote connection failure"); } break; case Tcp::ConnectionPool::PoolFailureReason::LocalConnectionFailure: { ENVOY_LOG(error, "Failed to make request to upstream due to local connection error. Host: {}", host->address()->asString()); router_.active_message_->onError("local connection failure"); } break; case Tcp::ConnectionPool::PoolFailureReason::Timeout: { ENVOY_LOG(error, "Failed to make request to upstream due to timeout. Host: {}", host->address()->asString()); router_.active_message_->onError("timeout"); } break; } // Release resources allocated to this request. router_.reset(); } void RouterImpl::reset() { active_message_->onReset(); if (connection_data_) { connection_data_.reset(nullptr); } } } // namespace Router } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/router/router_impl.h ================================================ #pragma once #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" #include "common/common/logger.h" #include "common/upstream/load_balancer_impl.h" #include "extensions/filters/network/rocketmq_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { namespace Router { class RouterImpl : public Router, public Logger::Loggable { public: explicit RouterImpl(Upstream::ClusterManager& cluster_manager); ~RouterImpl() override; // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; void onEvent(Network::ConnectionEvent event) override; // Upstream::LoadBalancerContextBase const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() override; void sendRequestToUpstream(ActiveMessage& active_message) override; void reset() override; Upstream::HostDescriptionConstSharedPtr upstreamHost() override; private: class UpstreamRequest : public Tcp::ConnectionPool::Callbacks { public: UpstreamRequest(RouterImpl& router); void onPoolFailure(Tcp::ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) override; private: RouterImpl& router_; }; using UpstreamRequestPtr = std::unique_ptr; Upstream::ClusterManager& cluster_manager_; Tcp::ConnectionPool::ConnectionDataPtr connection_data_; /** * On requesting connection from upstream connection pool, this handle may be assigned when no * connection is readily available at the moment. We may cancel the request through this handle. * * If there are connections which can be returned immediately, this handle is assigned as nullptr. */ Tcp::ConnectionPool::Cancellable* handle_; Upstream::HostDescriptionConstSharedPtr upstream_host_; ActiveMessage* active_message_; Upstream::ClusterInfoConstSharedPtr cluster_info_; UpstreamRequestPtr upstream_request_; const RouteEntry* route_entry_{}; }; } // namespace Router } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/stats.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { /** * All rocketmq filter stats. @see stats_macros.h */ #define ALL_ROCKETMQ_FILTER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(request) \ COUNTER(request_decoding_error) \ COUNTER(request_decoding_success) \ COUNTER(response) \ COUNTER(response_decoding_error) \ COUNTER(response_decoding_success) \ COUNTER(response_error) \ COUNTER(response_success) \ COUNTER(heartbeat) \ COUNTER(unregister) \ COUNTER(get_topic_route) \ COUNTER(send_message_v1) \ COUNTER(send_message_v2) \ COUNTER(pop_message) \ COUNTER(ack_message) \ COUNTER(get_consumer_list) \ COUNTER(maintenance_failure) \ GAUGE(request_active, Accumulate) \ GAUGE(send_message_v1_active, Accumulate) \ GAUGE(send_message_v2_active, Accumulate) \ GAUGE(pop_message_active, Accumulate) \ GAUGE(get_topic_route_active, Accumulate) \ GAUGE(send_message_pending, Accumulate) \ GAUGE(pop_message_pending, Accumulate) \ GAUGE(get_topic_route_pending, Accumulate) \ GAUGE(total_pending, Accumulate) \ HISTOGRAM(request_time_ms, Milliseconds) /** * Struct definition for all rocketmq proxy stats. @see stats_macros.h */ struct RocketmqFilterStats { ALL_ROCKETMQ_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) static RocketmqFilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { return RocketmqFilterStats{ALL_ROCKETMQ_FILTER_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}; } }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/topic_route.cc ================================================ #include "extensions/filters/network/rocketmq_proxy/topic_route.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { void QueueData::encode(ProtobufWkt::Struct& data_struct) { auto* fields = data_struct.mutable_fields(); ProtobufWkt::Value broker_name_v; broker_name_v.set_string_value(broker_name_); (*fields)["brokerName"] = broker_name_v; ProtobufWkt::Value read_queue_num_v; read_queue_num_v.set_number_value(read_queue_nums_); (*fields)["readQueueNums"] = read_queue_num_v; ProtobufWkt::Value write_queue_num_v; write_queue_num_v.set_number_value(write_queue_nums_); (*fields)["writeQueueNums"] = write_queue_num_v; ProtobufWkt::Value perm_v; perm_v.set_number_value(perm_); (*fields)["perm"] = perm_v; } void BrokerData::encode(ProtobufWkt::Struct& data_struct) { auto& members = *(data_struct.mutable_fields()); ProtobufWkt::Value cluster_v; cluster_v.set_string_value(cluster_); members["cluster"] = cluster_v; ProtobufWkt::Value broker_name_v; broker_name_v.set_string_value(broker_name_); members["brokerName"] = broker_name_v; if (!broker_addrs_.empty()) { ProtobufWkt::Value brokerAddrsNode; auto& brokerAddrsMembers = *(brokerAddrsNode.mutable_struct_value()->mutable_fields()); for (auto& entry : broker_addrs_) { ProtobufWkt::Value address_v; address_v.set_string_value(entry.second); brokerAddrsMembers[std::to_string(entry.first)] = address_v; } members["brokerAddrs"] = brokerAddrsNode; } } void TopicRouteData::encode(ProtobufWkt::Struct& data_struct) { auto* fields = data_struct.mutable_fields(); if (!queue_data_.empty()) { ProtobufWkt::ListValue queue_data_list_v; for (auto& queueData : queue_data_) { queueData.encode(data_struct); queue_data_list_v.add_values()->mutable_struct_value()->CopyFrom(data_struct); } (*fields)["queueDatas"].mutable_list_value()->CopyFrom(queue_data_list_v); } if (!broker_data_.empty()) { ProtobufWkt::ListValue broker_data_list_v; for (auto& brokerData : broker_data_) { brokerData.encode(data_struct); broker_data_list_v.add_values()->mutable_struct_value()->CopyFrom(data_struct); } (*fields)["brokerDatas"].mutable_list_value()->CopyFrom(broker_data_list_v); } } } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/topic_route.h ================================================ #pragma once #include #include #include "common/protobuf/utility.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { class QueueData { public: QueueData(const std::string& broker_name, int32_t read_queue_num, int32_t write_queue_num, int32_t perm) : broker_name_(broker_name), read_queue_nums_(read_queue_num), write_queue_nums_(write_queue_num), perm_(perm) {} void encode(ProtobufWkt::Struct& data_struct); const std::string& brokerName() const { return broker_name_; } int32_t readQueueNum() const { return read_queue_nums_; } int32_t writeQueueNum() const { return write_queue_nums_; } int32_t perm() const { return perm_; } private: std::string broker_name_; int32_t read_queue_nums_; int32_t write_queue_nums_; int32_t perm_; }; class BrokerData { public: BrokerData(const std::string& cluster, const std::string& broker_name, absl::node_hash_map&& broker_addrs) : cluster_(cluster), broker_name_(broker_name), broker_addrs_(broker_addrs) {} void encode(ProtobufWkt::Struct& data_struct); const std::string& cluster() const { return cluster_; } const std::string& brokerName() const { return broker_name_; } absl::node_hash_map& brokerAddresses() { return broker_addrs_; } private: std::string cluster_; std::string broker_name_; absl::node_hash_map broker_addrs_; }; class TopicRouteData { public: void encode(ProtobufWkt::Struct& data_struct); TopicRouteData() = default; TopicRouteData(std::vector&& queue_data, std::vector&& broker_data) : queue_data_(queue_data), broker_data_(broker_data) {} std::vector& queueData() { return queue_data_; } std::vector& brokerData() { return broker_data_; } private: std::vector queue_data_; std::vector broker_data_; }; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/rocketmq_proxy/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace RocketmqProxy { struct RocketmqValues { /** * All the values below are the properties of single broker in filter_metadata. */ const std::string ReadQueueNum = "read_queue_num"; const std::string WriteQueueNum = "write_queue_num"; const std::string ClusterName = "cluster_name"; const std::string BrokerName = "broker_name"; const std::string BrokerId = "broker_id"; const std::string Perm = "perm"; }; using RocketmqConstants = ConstSingleton; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_cluster/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "sni_cluster", srcs = ["sni_cluster.cc"], hdrs = ["sni_cluster.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/tcp_proxy", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", deps = [ ":sni_cluster", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/sni_cluster/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/sni_cluster/config.cc ================================================ #include "extensions/filters/network/sni_cluster/config.h" #include "envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.pb.h" #include "envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/filters/network/sni_cluster/sni_cluster.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniCluster { Network::FilterFactoryCb SniClusterNetworkFilterConfigFactory::createFilterFactoryFromProto( const Protobuf::Message&, Server::Configuration::FactoryContext&) { return [](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared()); }; } ProtobufTypes::MessagePtr SniClusterNetworkFilterConfigFactory::createEmptyConfigProto() { return std::make_unique(); } /** * Static registration for the sni_cluster filter. @see RegisterFactory. */ REGISTER_FACTORY(SniClusterNetworkFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace SniCluster } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_cluster/config.h ================================================ #pragma once #include "envoy/server/filter_config.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniCluster { /** * Config registration for the sni_cluster filter. @see NamedNetworkFilterConfigFactory. */ class SniClusterNetworkFilterConfigFactory : public Server::Configuration::NamedNetworkFilterConfigFactory { public: Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message&, Server::Configuration::FactoryContext&) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override { return NetworkFilterNames::get().SniCluster; } }; } // namespace SniCluster } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_cluster/sni_cluster.cc ================================================ #include "extensions/filters/network/sni_cluster/sni_cluster.h" #include "envoy/network/connection.h" #include "common/common/assert.h" #include "common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniCluster { Network::FilterStatus SniClusterFilter::onNewConnection() { absl::string_view sni = read_callbacks_->connection().requestedServerName(); ENVOY_CONN_LOG(trace, "sni_cluster: new connection with server name {}", read_callbacks_->connection(), sni); if (!sni.empty()) { // Set the tcp_proxy cluster to the same value as SNI. The data is mutable to allow // other filters to change it. read_callbacks_->connection().streamInfo().filterState()->setData( TcpProxy::PerConnectionCluster::key(), std::make_unique(sni), StreamInfo::FilterState::StateType::Mutable, StreamInfo::FilterState::LifeSpan::Connection); } return Network::FilterStatus::Continue; } } // namespace SniCluster } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_cluster/sni_cluster.h ================================================ #pragma once #include "envoy/network/filter.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniCluster { /** * Implementation of the sni_cluster filter that sets the upstream cluster name from * the SNI field in the TLS connection. */ class SniClusterFilter : public Network::ReadFilter, Logger::Loggable { public: // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance&, bool) override { return Network::FilterStatus::Continue; } Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; } private: Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace SniCluster } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_dynamic_forward_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "proxy_filter_lib", srcs = ["proxy_filter.cc"], hdrs = ["proxy_filter.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/tcp_proxy", "//source/extensions/common/dynamic_forward_proxy:dns_cache_interface", "@envoy_api//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":proxy_filter_lib", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/sni_dynamic_forward_proxy/config.cc ================================================ #include "extensions/filters/network/sni_dynamic_forward_proxy/config.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" #include "extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniDynamicForwardProxy { SniDynamicForwardProxyNetworkFilterConfigFactory::SniDynamicForwardProxyNetworkFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().SniDynamicForwardProxy) {} Network::FilterFactoryCb SniDynamicForwardProxyNetworkFilterConfigFactory::createFilterFactoryFromProtoTyped( const FilterConfig& proto_config, Server::Configuration::FactoryContext& context) { Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactoryImpl cache_manager_factory( context.singletonManager(), context.dispatcher(), context.threadLocal(), context.api().randomGenerator(), context.runtime(), context.scope()); ProxyFilterConfigSharedPtr filter_config(std::make_shared( proto_config, cache_manager_factory, context.clusterManager())); return [filter_config](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared(filter_config)); }; } /** * Static registration for the sni_dynamic_forward_proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(SniDynamicForwardProxyNetworkFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace SniDynamicForwardProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_dynamic_forward_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniDynamicForwardProxy { using FilterConfig = envoy::extensions::filters::network::sni_dynamic_forward_proxy::v3alpha::FilterConfig; /** * Config registration for the sni_dynamic_forward_proxy filter. @see * NamedNetworkFilterConfigFactory. */ class SniDynamicForwardProxyNetworkFilterConfigFactory : public Common::FactoryBase { public: SniDynamicForwardProxyNetworkFilterConfigFactory(); private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped(const FilterConfig& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace SniDynamicForwardProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.cc ================================================ #include "extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/upstream/thread_local_cluster.h" #include "common/common/assert.h" #include "common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniDynamicForwardProxy { ProxyFilterConfig::ProxyFilterConfig( const FilterConfig& proto_config, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, Upstream::ClusterManager&) : port_(static_cast(proto_config.port_value())), dns_cache_manager_(cache_manager_factory.get()), dns_cache_(dns_cache_manager_->getCache(proto_config.dns_cache_config())) {} ProxyFilter::ProxyFilter(ProxyFilterConfigSharedPtr config) : config_(std::move(config)) {} using LoadDnsCacheEntryStatus = Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryStatus; Network::FilterStatus ProxyFilter::onNewConnection() { absl::string_view sni = read_callbacks_->connection().requestedServerName(); ENVOY_CONN_LOG(trace, "sni_dynamic_forward_proxy: new connection with server name '{}'", read_callbacks_->connection(), sni); if (sni.empty()) { return Network::FilterStatus::Continue; } circuit_breaker_ = config_->cache().canCreateDnsRequest(absl::nullopt); if (circuit_breaker_ == nullptr) { ENVOY_CONN_LOG(debug, "pending request overflow", read_callbacks_->connection()); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return Network::FilterStatus::StopIteration; } uint32_t default_port = config_->port(); auto result = config_->cache().loadDnsCacheEntry(sni, default_port, *this); cache_load_handle_ = std::move(result.handle_); if (cache_load_handle_ == nullptr) { circuit_breaker_.reset(); } switch (result.status_) { case LoadDnsCacheEntryStatus::InCache: { ASSERT(cache_load_handle_ == nullptr); ENVOY_CONN_LOG(debug, "DNS cache entry already loaded, continuing", read_callbacks_->connection()); return Network::FilterStatus::Continue; } case LoadDnsCacheEntryStatus::Loading: { ASSERT(cache_load_handle_ != nullptr); ENVOY_CONN_LOG(debug, "waiting to load DNS cache entry", read_callbacks_->connection()); return Network::FilterStatus::StopIteration; } case LoadDnsCacheEntryStatus::Overflow: { ASSERT(cache_load_handle_ == nullptr); ENVOY_CONN_LOG(debug, "DNS cache overflow", read_callbacks_->connection()); read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return Network::FilterStatus::StopIteration; } } NOT_REACHED_GCOVR_EXCL_LINE; } void ProxyFilter::onLoadDnsCacheComplete() { ENVOY_CONN_LOG(debug, "load DNS cache complete, continuing", read_callbacks_->connection()); ASSERT(circuit_breaker_ != nullptr); circuit_breaker_.reset(); read_callbacks_->continueReading(); } } // namespace SniDynamicForwardProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h ================================================ #pragma once #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.h" #include "envoy/network/filter.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/logger.h" #include "extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace SniDynamicForwardProxy { using FilterConfig = envoy::extensions::filters::network::sni_dynamic_forward_proxy::v3alpha::FilterConfig; class ProxyFilterConfig { public: ProxyFilterConfig( const FilterConfig& proto_config, Extensions::Common::DynamicForwardProxy::DnsCacheManagerFactory& cache_manager_factory, Upstream::ClusterManager& cluster_manager); Extensions::Common::DynamicForwardProxy::DnsCache& cache() { return *dns_cache_; } uint32_t port() { return port_; } private: const uint32_t port_; const Extensions::Common::DynamicForwardProxy::DnsCacheManagerSharedPtr dns_cache_manager_; const Extensions::Common::DynamicForwardProxy::DnsCacheSharedPtr dns_cache_; }; using ProxyFilterConfigSharedPtr = std::shared_ptr; class ProxyFilter : public Network::ReadFilter, public Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryCallbacks, Logger::Loggable { public: ProxyFilter(ProxyFilterConfigSharedPtr config); // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance&, bool) override { return Network::FilterStatus::Continue; } Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override { read_callbacks_ = &callbacks; } // Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryCallbacks void onLoadDnsCacheComplete() override; private: const ProxyFilterConfigSharedPtr config_; Upstream::ResourceAutoIncDecPtr circuit_breaker_; Extensions::Common::DynamicForwardProxy::DnsCache::LoadDnsCacheEntryHandlePtr cache_load_handle_; Network::ReadFilterCallbacks* read_callbacks_{}; }; } // namespace SniDynamicForwardProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/tcp_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # TCP proxy L4 network filter. # Public docs: docs/root/configuration/network_filters/tcp_proxy_filter.rst envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ "//include/envoy/registry", "//source/common/tcp_proxy", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/tcp_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/tcp_proxy/config.cc ================================================ #include "extensions/filters/network/tcp_proxy/config.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" #include "envoy/registry/registry.h" #include "common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace TcpProxy { Network::FilterFactoryCb ConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); if (proto_config.has_hidden_envoy_deprecated_deprecated_v1()) { ASSERT(proto_config.hidden_envoy_deprecated_deprecated_v1().routes_size() > 0); } Envoy::TcpProxy::ConfigSharedPtr filter_config( std::make_shared(proto_config, context)); return [filter_config, &context](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter( std::make_shared(filter_config, context.clusterManager())); }; } /** * Static registration for the tcp_proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(ConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory){"envoy.tcp_proxy"}; } // namespace TcpProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/tcp_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace TcpProxy { /** * Config registration for the tcp proxy filter. @see NamedNetworkFilterConfigFactory. */ class ConfigFactory : public Common::FactoryBase { public: ConfigFactory() : FactoryBase(NetworkFilterNames::get().TcpProxy, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace TcpProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "app_exception_lib", srcs = ["app_exception_impl.cc"], hdrs = ["app_exception_impl.h"], deps = [ ":protocol_interface", ":thrift_lib", "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "buffer_helper_lib", srcs = ["buffer_helper.cc"], hdrs = ["buffer_helper.h"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:byte_order_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":app_exception_lib", ":auto_protocol_lib", ":auto_transport_lib", ":binary_protocol_lib", ":compact_protocol_lib", ":conn_manager_lib", ":decoder_lib", ":framed_transport_lib", ":header_transport_lib", ":protocol_interface", ":twitter_protocol_lib", ":unframed_transport_lib", "//include/envoy/registry", "//source/common/config:utility_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_config_interface", "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "//source/extensions/filters/network/thrift_proxy/router:router_lib", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "conn_manager_lib", srcs = ["conn_manager.cc"], hdrs = ["conn_manager.h"], external_deps = ["abseil_any"], deps = [ ":app_exception_lib", ":decoder_lib", ":protocol_converter_lib", ":protocol_interface", ":stats_lib", ":transport_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:timespan_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:linked_object", "//source/common/common:logger_lib", "//source/common/network:filter_lib", "//source/common/stats:timespan_lib", "//source/common/stream_info:stream_info_lib", "//source/extensions/filters/network/thrift_proxy/router:router_interface", ], ) envoy_cc_library( name = "decoder_events_lib", hdrs = ["decoder_events.h"], deps = [ ":metadata_lib", ":thrift_lib", ], ) envoy_cc_library( name = "decoder_lib", srcs = ["decoder.cc"], hdrs = ["decoder.h"], deps = [ ":app_exception_lib", ":protocol_interface", ":stats_lib", ":transport_interface", "//source/common/buffer:buffer_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_interface", ], ) envoy_cc_library( name = "metadata_lib", hdrs = ["metadata.h"], external_deps = ["abseil_optional"], deps = [ ":thrift_lib", ":tracing_interface", "//include/envoy/buffer:buffer_interface", "//source/common/common:macros", "//source/common/http:header_map_lib", ], ) envoy_cc_library( name = "tracing_interface", hdrs = ["tracing.h"], external_deps = ["abseil_optional"], deps = [], ) envoy_cc_library( name = "protocol_converter_lib", hdrs = [ "protocol_converter.h", ], deps = [ ":decoder_events_lib", ":protocol_interface", "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "protocol_interface", hdrs = [ "protocol.h", ], external_deps = ["abseil_optional"], deps = [ ":conn_state_lib", ":decoder_events_lib", ":metadata_lib", ":thrift_lib", ":thrift_object_interface", ":transport_interface", "//include/envoy/buffer:buffer_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "auto_protocol_lib", srcs = [ "auto_protocol_impl.cc", ], hdrs = [ "auto_protocol_impl.h", ], deps = [ ":binary_protocol_lib", ":buffer_helper_lib", ":compact_protocol_lib", ":protocol_interface", ":twitter_protocol_lib", "//source/common/common:macros", ], ) envoy_cc_library( name = "binary_protocol_lib", srcs = [ "binary_protocol_impl.cc", ], hdrs = [ "binary_protocol_impl.h", ], deps = [ ":buffer_helper_lib", ":protocol_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "compact_protocol_lib", srcs = [ "compact_protocol_impl.cc", ], hdrs = [ "compact_protocol_impl.h", ], external_deps = ["abseil_optional"], deps = [ ":buffer_helper_lib", ":protocol_interface", "//source/common/common:macros", ], ) envoy_cc_library( name = "twitter_protocol_lib", srcs = [ "twitter_protocol_impl.cc", ], hdrs = [ "twitter_protocol_impl.h", ], deps = [ ":binary_protocol_lib", ":buffer_helper_lib", ":protocol_interface", ":thrift_object_lib", "//source/common/common:macros", ], ) envoy_cc_library( name = "stats_lib", hdrs = ["stats.h"], deps = [ "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", ], ) envoy_cc_library( name = "transport_interface", hdrs = ["transport.h"], external_deps = ["abseil_optional"], deps = [ ":buffer_helper_lib", ":metadata_lib", ":thrift_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "conn_state_lib", hdrs = ["conn_state.h"], deps = [ "//include/envoy/tcp:conn_pool_interface", ], ) envoy_cc_library( name = "thrift_lib", hdrs = ["thrift.h"], deps = [ "//source/common/common:assert_lib", "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "thrift_object_interface", hdrs = ["thrift_object.h"], deps = [ ":thrift_lib", "//include/envoy/buffer:buffer_interface", ], ) envoy_cc_library( name = "thrift_object_lib", srcs = ["thrift_object_impl.cc"], hdrs = ["thrift_object_impl.h"], deps = [ ":decoder_lib", ":thrift_lib", ":thrift_object_interface", ":unframed_transport_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_interface", ], ) envoy_cc_library( name = "auto_transport_lib", srcs = [ "auto_transport_impl.cc", ], hdrs = [ "auto_transport_impl.h", ], deps = [ ":binary_protocol_lib", ":buffer_helper_lib", ":compact_protocol_lib", ":framed_transport_lib", ":header_transport_lib", ":transport_interface", ":twitter_protocol_lib", ":unframed_transport_lib", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "framed_transport_lib", srcs = [ "framed_transport_impl.cc", ], hdrs = [ "framed_transport_impl.h", ], deps = [ ":buffer_helper_lib", ":transport_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "header_transport_lib", srcs = [ "header_transport_impl.cc", ], hdrs = [ "header_transport_impl.h", ], deps = [ ":app_exception_lib", ":buffer_helper_lib", ":transport_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "unframed_transport_lib", srcs = [ "unframed_transport_impl.cc", ], hdrs = [ "unframed_transport_impl.h", ], deps = [ ":buffer_helper_lib", ":transport_interface", "//source/common/common:assert_lib", ], ) ================================================ FILE: source/extensions/filters/network/thrift_proxy/app_exception_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { static const std::string TApplicationException = "TApplicationException"; static const std::string MessageField = "message"; static const std::string TypeField = "type"; static const std::string StopField = ""; DirectResponse::ResponseType AppException::encode(MessageMetadata& metadata, ThriftProxy::Protocol& proto, Buffer::Instance& buffer) const { // Handle cases where the exception occurs before the message name (e.g. some header transport // errors). if (!metadata.hasMethodName()) { metadata.setMethodName(""); } if (!metadata.hasSequenceId()) { metadata.setSequenceId(0); } metadata.setMessageType(MessageType::Exception); proto.writeMessageBegin(buffer, metadata); proto.writeStructBegin(buffer, TApplicationException); proto.writeFieldBegin(buffer, MessageField, FieldType::String, 1); proto.writeString(buffer, std::string(what())); proto.writeFieldEnd(buffer); proto.writeFieldBegin(buffer, TypeField, FieldType::I32, 2); proto.writeInt32(buffer, static_cast(type_)); proto.writeFieldEnd(buffer); proto.writeFieldBegin(buffer, StopField, FieldType::Stop, 0); proto.writeStructEnd(buffer); proto.writeMessageEnd(buffer); return DirectResponse::ResponseType::Exception; } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/app_exception_impl.h ================================================ #pragma once #include "envoy/common/exception.h" #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { struct AppException : public EnvoyException, public DirectResponse { AppException(AppExceptionType type, const std::string& what) : EnvoyException(what), type_(type) {} AppException(const AppException& ex) : EnvoyException(ex.what()), type_(ex.type_) {} ResponseType encode(MessageMetadata& metadata, Protocol& proto, Buffer::Instance& buffer) const override; const AppExceptionType type_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/auto_protocol_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/auto_protocol_impl.h" #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/byte_order.h" #include "common/common/macros.h" #include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" #include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { void AutoProtocolImpl::setType(ProtocolType type) { if (!protocol_) { switch (type) { case ProtocolType::Binary: setProtocol(std::make_unique()); break; case ProtocolType::Compact: setProtocol(std::make_unique()); break; case ProtocolType::Twitter: setProtocol(std::make_unique()); break; default: // Ignored: attempt protocol detection. break; } } } bool AutoProtocolImpl::readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) { if (protocol_ == nullptr) { if (buffer.length() < 2) { return false; } uint16_t version = buffer.peekBEInt(); if (BinaryProtocolImpl::isMagic(version)) { // 12 bytes is the minimum length for message-begin in the binary protocol. if (buffer.length() < BinaryProtocolImpl::MinMessageBeginLength) { return false; } // The first message in the twitter protocol is always an upgrade request, so we use as // much of the buffer as possible to detect the upgrade message. If we guess wrong, // TwitterProtocolImpl will still fall back to binary protocol. if (TwitterProtocolImpl::isUpgradePrefix(buffer)) { setType(ProtocolType::Twitter); } else { setType(ProtocolType::Binary); } } else if (CompactProtocolImpl::isMagic(version)) { setType(ProtocolType::Compact); } if (!protocol_) { throw EnvoyException( fmt::format("unknown thrift auto protocol message start {:04x}", version)); } } return protocol_->readMessageBegin(buffer, metadata); } bool AutoProtocolImpl::readMessageEnd(Buffer::Instance& buffer) { RELEASE_ASSERT(protocol_ != nullptr, ""); return protocol_->readMessageEnd(buffer); } class AutoProtocolConfigFactory : public ProtocolFactoryBase { public: AutoProtocolConfigFactory() : ProtocolFactoryBase(ProtocolNames::get().AUTO) {} }; /** * Static registration for the auto protocol. @see RegisterFactory. */ REGISTER_FACTORY(AutoProtocolConfigFactory, NamedProtocolConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "common/common/fmt.h" #include "extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * AutoProtocolImpl attempts to distinguish between the Thrift binary (strict mode only), compact, * and Twitter protocols and then delegates subsequent decoding operations to the appropriate * Protocol implementation. */ class AutoProtocolImpl : public Protocol { public: AutoProtocolImpl() : name_(ProtocolNames::get().AUTO) {} // Protocol const std::string& name() const override { return name_; } ProtocolType type() const override { if (protocol_ != nullptr) { return protocol_->type(); } return ProtocolType::Auto; } void setType(ProtocolType type) override; bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool readMessageEnd(Buffer::Instance& buffer) override; bool readStructBegin(Buffer::Instance& buffer, std::string& name) override { return protocol_->readStructBegin(buffer, name); } bool readStructEnd(Buffer::Instance& buffer) override { return protocol_->readStructEnd(buffer); } bool readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) override { return protocol_->readFieldBegin(buffer, name, field_type, field_id); } bool readFieldEnd(Buffer::Instance& buffer) override { return protocol_->readFieldEnd(buffer); } bool readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) override { return protocol_->readMapBegin(buffer, key_type, value_type, size); } bool readMapEnd(Buffer::Instance& buffer) override { return protocol_->readMapEnd(buffer); } bool readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override { return protocol_->readListBegin(buffer, elem_type, size); } bool readListEnd(Buffer::Instance& buffer) override { return protocol_->readListEnd(buffer); } bool readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override { return protocol_->readSetBegin(buffer, elem_type, size); } bool readSetEnd(Buffer::Instance& buffer) override { return protocol_->readSetEnd(buffer); } bool readBool(Buffer::Instance& buffer, bool& value) override { return protocol_->readBool(buffer, value); } bool readByte(Buffer::Instance& buffer, uint8_t& value) override { return protocol_->readByte(buffer, value); } bool readInt16(Buffer::Instance& buffer, int16_t& value) override { return protocol_->readInt16(buffer, value); } bool readInt32(Buffer::Instance& buffer, int32_t& value) override { return protocol_->readInt32(buffer, value); } bool readInt64(Buffer::Instance& buffer, int64_t& value) override { return protocol_->readInt64(buffer, value); } bool readDouble(Buffer::Instance& buffer, double& value) override { return protocol_->readDouble(buffer, value); } bool readString(Buffer::Instance& buffer, std::string& value) override { return protocol_->readString(buffer, value); } bool readBinary(Buffer::Instance& buffer, std::string& value) override { return protocol_->readBinary(buffer, value); } void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) override { protocol_->writeMessageBegin(buffer, metadata); } void writeMessageEnd(Buffer::Instance& buffer) override { protocol_->writeMessageEnd(buffer); } void writeStructBegin(Buffer::Instance& buffer, const std::string& name) override { protocol_->writeStructBegin(buffer, name); } void writeStructEnd(Buffer::Instance& buffer) override { protocol_->writeStructEnd(buffer); } void writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) override { protocol_->writeFieldBegin(buffer, name, field_type, field_id); } void writeFieldEnd(Buffer::Instance& buffer) override { protocol_->writeFieldEnd(buffer); } void writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) override { protocol_->writeMapBegin(buffer, key_type, value_type, size); } void writeMapEnd(Buffer::Instance& buffer) override { protocol_->writeMapEnd(buffer); } void writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override { protocol_->writeListBegin(buffer, elem_type, size); } void writeListEnd(Buffer::Instance& buffer) override { protocol_->writeListEnd(buffer); } void writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override { protocol_->writeSetBegin(buffer, elem_type, size); } void writeSetEnd(Buffer::Instance& buffer) override { protocol_->writeSetEnd(buffer); } void writeBool(Buffer::Instance& buffer, bool value) override { protocol_->writeBool(buffer, value); } void writeByte(Buffer::Instance& buffer, uint8_t value) override { protocol_->writeByte(buffer, value); } void writeInt16(Buffer::Instance& buffer, int16_t value) override { protocol_->writeInt16(buffer, value); } void writeInt32(Buffer::Instance& buffer, int32_t value) override { protocol_->writeInt32(buffer, value); } void writeInt64(Buffer::Instance& buffer, int64_t value) override { protocol_->writeInt64(buffer, value); } void writeDouble(Buffer::Instance& buffer, double value) override { protocol_->writeDouble(buffer, value); } void writeString(Buffer::Instance& buffer, const std::string& value) override { protocol_->writeString(buffer, value); } void writeBinary(Buffer::Instance& buffer, const std::string& value) override { protocol_->writeBinary(buffer, value); } bool supportsUpgrade() override { return protocol_->supportsUpgrade(); } DecoderEventHandlerSharedPtr upgradeRequestDecoder() override { return protocol_->upgradeRequestDecoder(); } DirectResponsePtr upgradeResponse(const DecoderEventHandler& decoder) override { return protocol_->upgradeResponse(decoder); } ThriftObjectPtr attemptUpgrade(Transport& transport, ThriftConnectionState& state, Buffer::Instance& buffer) override { return protocol_->attemptUpgrade(transport, state, buffer); } void completeUpgrade(ThriftConnectionState& state, ThriftObject& response) override { return protocol_->completeUpgrade(state, response); } /* * Explicitly set the protocol. Public to simplify testing. */ void setProtocol(ProtocolPtr&& proto) { protocol_ = std::move(proto); name_ = fmt::format("{}({})", protocol_->name(), ProtocolNames::get().AUTO); } private: ProtocolPtr protocol_{}; std::string name_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/auto_transport_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/auto_transport_impl.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" #include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" #include "extensions/filters/network/thrift_proxy/header_transport_impl.h" #include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { bool AutoTransportImpl::decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) { if (transport_ == nullptr) { // Not enough data to select a transport. if (buffer.length() < 8) { return false; } int32_t size = buffer.peekBEInt(); uint16_t proto_start = buffer.peekBEInt(4); // Currently, transport detection depends on the following: // 1. Protocol may only be binary or compact, which start with 0x8001 or 0x8201. // 2. If unframed transport, size will appear negative due to leading protocol bytes. // 3. If header transport, size is followed by 0x0FFF which is distinct from leading // protocol bytes. // 4. For framed transport, size is followed by protocol bytes. if (size > 0 && size <= HeaderTransportImpl::MaxFrameSize && HeaderTransportImpl::isMagic(proto_start)) { setTransport(std::make_unique()); } else if (size > 0 && size <= FramedTransportImpl::MaxFrameSize) { // TODO(zuercher): Spec says max size is 16,384,000 (0xFA0000). Apache C++ TFramedTransport // is configurable, but defaults to 256 MB (0x1000000). if (BinaryProtocolImpl::isMagic(proto_start) || CompactProtocolImpl::isMagic(proto_start)) { setTransport(std::make_unique()); } } else { // Check for sane unframed protocol. proto_start = static_cast((size >> 16) & 0xFFFF); if (BinaryProtocolImpl::isMagic(proto_start) || CompactProtocolImpl::isMagic(proto_start)) { setTransport(std::make_unique()); } } if (transport_ == nullptr) { uint8_t start[9] = {0}; buffer.copyOut(0, 8, start); throw EnvoyException(fmt::format("unknown thrift auto transport frame start " "{:02x} {:02x} {:02x} {:02x} {:02x} {:02x} {:02x} {:02x}", start[0], start[1], start[2], start[3], start[4], start[5], start[6], start[7])); } } return transport_->decodeFrameStart(buffer, metadata); } bool AutoTransportImpl::decodeFrameEnd(Buffer::Instance& buffer) { RELEASE_ASSERT(transport_ != nullptr, ""); return transport_->decodeFrameEnd(buffer); } void AutoTransportImpl::encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) { RELEASE_ASSERT(transport_ != nullptr, "auto transport cannot encode before transport detection"); transport_->encodeFrame(buffer, metadata, message); } class AutoTransportConfigFactory : public TransportFactoryBase { public: AutoTransportConfigFactory() : TransportFactoryBase(TransportNames::get().AUTO) {} }; /** * Static registration for the auto transport. @see RegisterFactory. */ REGISTER_FACTORY(AutoTransportConfigFactory, NamedTransportConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/auto_transport_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "common/common/fmt.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * AutoTransportImpl implements Transport and attempts to distinguish between the Thrift framed and * unframed transports. Once the transport is detected, subsequent operations are delegated to the * appropriate implementation. */ class AutoTransportImpl : public Transport { public: AutoTransportImpl() : name_(TransportNames::get().AUTO){}; // Transport const std::string& name() const override { return name_; } TransportType type() const override { if (transport_ != nullptr) { return transport_->type(); } return TransportType::Auto; } bool decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool decodeFrameEnd(Buffer::Instance& buffer) override; void encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) override; /* * Explicitly set the transport. Public to simplify testing. */ void setTransport(TransportPtr&& transport) { transport_ = std::move(transport); name_ = fmt::format("{}({})", transport_->name(), TransportNames::get().AUTO); } private: TransportPtr transport_{}; std::string name_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/binary_protocol_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { const uint16_t BinaryProtocolImpl::Magic = 0x8001; bool BinaryProtocolImpl::readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) { if (buffer.length() < MinMessageBeginLength) { return false; } uint16_t version = buffer.peekBEInt(); if (version != Magic) { throw EnvoyException( fmt::format("invalid binary protocol version 0x{:04x} != 0x{:04x}", version, Magic)); } // The byte at offset 2 is unused and ignored. MessageType type = static_cast(buffer.peekInt(3)); if (type < MessageType::Call || type > MessageType::LastMessageType) { throw EnvoyException( fmt::format("invalid binary protocol message type {}", static_cast(type))); } uint32_t name_len = buffer.peekBEInt(4); if (buffer.length() < name_len + MinMessageBeginLength) { return false; } buffer.drain(8); if (name_len > 0) { metadata.setMethodName( std::string(static_cast(buffer.linearize(name_len)), name_len)); buffer.drain(name_len); } else { metadata.setMethodName(""); } metadata.setMessageType(type); metadata.setSequenceId(buffer.drainBEInt()); return true; } bool BinaryProtocolImpl::readMessageEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool BinaryProtocolImpl::readStructBegin(Buffer::Instance& buffer, std::string& name) { UNREFERENCED_PARAMETER(buffer); name.clear(); // binary protocol does not transmit struct names return true; } bool BinaryProtocolImpl::readStructEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool BinaryProtocolImpl::readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) { // FieldType::Stop is encoded as 1 byte. if (buffer.length() < 1) { return false; } FieldType type = static_cast(buffer.peekInt()); if (type == FieldType::Stop) { field_id = 0; buffer.drain(1); } else { // FieldType followed by 2 bytes of field id if (buffer.length() < 3) { return false; } int16_t id = buffer.peekBEInt(1); if (id < 0) { throw EnvoyException(absl::StrCat("invalid binary protocol field id ", id)); } field_id = id; buffer.drain(3); } name.clear(); // binary protocol does not transmit field names field_type = type; return true; } bool BinaryProtocolImpl::readFieldEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool BinaryProtocolImpl::readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) { // Minimum length: // key type: 1 byte + // value type: 1 byte + // map size: 4 bytes if (buffer.length() < 6) { return false; } FieldType ktype = static_cast(buffer.peekInt(0)); FieldType vtype = static_cast(buffer.peekInt(1)); int32_t s = buffer.peekBEInt(2); if (s < 0) { throw EnvoyException(absl::StrCat("negative binary protocol map size ", s)); } buffer.drain(6); key_type = ktype; value_type = vtype; size = static_cast(s); return true; } bool BinaryProtocolImpl::readMapEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool BinaryProtocolImpl::readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) { // Minimum length: // elem type: 1 byte + // map size: 4 bytes if (buffer.length() < 5) { return false; } FieldType type = static_cast(buffer.peekInt()); int32_t s = buffer.peekBEInt(1); if (s < 0) { throw EnvoyException(fmt::format("negative binary protocol list/set size {}", s)); } buffer.drain(5); elem_type = type; size = static_cast(s); return true; } bool BinaryProtocolImpl::readListEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool BinaryProtocolImpl::readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) { return readListBegin(buffer, elem_type, size); } bool BinaryProtocolImpl::readSetEnd(Buffer::Instance& buffer) { return readListEnd(buffer); } bool BinaryProtocolImpl::readBool(Buffer::Instance& buffer, bool& value) { if (buffer.length() < 1) { return false; } value = buffer.drainInt() != 0; return true; } bool BinaryProtocolImpl::readByte(Buffer::Instance& buffer, uint8_t& value) { if (buffer.length() < 1) { return false; } value = buffer.drainInt(); return true; } bool BinaryProtocolImpl::readInt16(Buffer::Instance& buffer, int16_t& value) { if (buffer.length() < 2) { return false; } value = buffer.drainBEInt(); return true; } bool BinaryProtocolImpl::readInt32(Buffer::Instance& buffer, int32_t& value) { if (buffer.length() < 4) { return false; } value = buffer.drainBEInt(); return true; } bool BinaryProtocolImpl::readInt64(Buffer::Instance& buffer, int64_t& value) { if (buffer.length() < 8) { return false; } value = buffer.drainBEInt(); return true; } bool BinaryProtocolImpl::readDouble(Buffer::Instance& buffer, double& value) { static_assert(sizeof(double) == sizeof(uint64_t), "sizeof(double) != size(uint64_t)"); if (buffer.length() < 8) { return false; } value = BufferHelper::drainBEDouble(buffer); return true; } bool BinaryProtocolImpl::readString(Buffer::Instance& buffer, std::string& value) { // Encoded as size (4 bytes) followed by string (0+ bytes). if (buffer.length() < 4) { return false; } int32_t str_len = buffer.peekBEInt(); if (str_len < 0) { throw EnvoyException(fmt::format("negative binary protocol string/binary length {}", str_len)); } if (str_len == 0) { buffer.drain(4); value.clear(); return true; } if (buffer.length() < static_cast(str_len) + 4) { return false; } buffer.drain(4); value.assign(static_cast(buffer.linearize(str_len)), str_len); buffer.drain(str_len); return true; } bool BinaryProtocolImpl::readBinary(Buffer::Instance& buffer, std::string& value) { return readString(buffer, value); } void BinaryProtocolImpl::writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) { buffer.writeBEInt(Magic); buffer.writeBEInt(static_cast(metadata.messageType())); writeString(buffer, metadata.methodName()); buffer.writeBEInt(metadata.sequenceId()); } void BinaryProtocolImpl::writeMessageEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void BinaryProtocolImpl::writeStructBegin(Buffer::Instance& buffer, const std::string& name) { UNREFERENCED_PARAMETER(buffer); UNREFERENCED_PARAMETER(name); } void BinaryProtocolImpl::writeStructEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void BinaryProtocolImpl::writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) { UNREFERENCED_PARAMETER(name); buffer.writeByte(static_cast(field_type)); if (field_type == FieldType::Stop) { return; } buffer.writeBEInt(field_id); } void BinaryProtocolImpl::writeFieldEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void BinaryProtocolImpl::writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) { if (size > static_cast(std::numeric_limits::max())) { throw EnvoyException(absl::StrCat("illegal binary protocol map size ", size)); } buffer.writeByte(static_cast(key_type)); buffer.writeByte(static_cast(value_type)); buffer.writeBEInt(static_cast(size)); } void BinaryProtocolImpl::writeMapEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void BinaryProtocolImpl::writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) { if (size > static_cast(std::numeric_limits::max())) { throw EnvoyException(fmt::format("illegal binary protocol list/set size {}", size)); } buffer.writeByte(static_cast(elem_type)); buffer.writeBEInt(static_cast(size)); } void BinaryProtocolImpl::writeListEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void BinaryProtocolImpl::writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) { writeListBegin(buffer, elem_type, size); } void BinaryProtocolImpl::writeSetEnd(Buffer::Instance& buffer) { writeListEnd(buffer); } void BinaryProtocolImpl::writeBool(Buffer::Instance& buffer, bool value) { buffer.writeByte(value ? 1 : 0); } void BinaryProtocolImpl::writeByte(Buffer::Instance& buffer, uint8_t value) { buffer.writeByte(value); } void BinaryProtocolImpl::writeInt16(Buffer::Instance& buffer, int16_t value) { buffer.writeBEInt(value); } void BinaryProtocolImpl::writeInt32(Buffer::Instance& buffer, int32_t value) { buffer.writeBEInt(value); } void BinaryProtocolImpl::writeInt64(Buffer::Instance& buffer, int64_t value) { buffer.writeBEInt(value); } void BinaryProtocolImpl::writeDouble(Buffer::Instance& buffer, double value) { BufferHelper::writeBEDouble(buffer, value); } void BinaryProtocolImpl::writeString(Buffer::Instance& buffer, const std::string& value) { buffer.writeBEInt(value.length()); buffer.add(value); } void BinaryProtocolImpl::writeBinary(Buffer::Instance& buffer, const std::string& value) { writeString(buffer, value); } bool LaxBinaryProtocolImpl::readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) { // Minimum message length: // name len: 4 bytes + // name: 0 bytes + // msg type: 1 byte + // seq id: 4 bytes if (buffer.length() < 9) { return false; } uint32_t name_len = buffer.peekBEInt(); if (buffer.length() < 9 + name_len) { return false; } MessageType type = static_cast(buffer.peekInt(name_len + 4)); if (type < MessageType::Call || type > MessageType::LastMessageType) { throw EnvoyException( fmt::format("invalid (lax) binary protocol message type {}", static_cast(type))); } buffer.drain(4); if (name_len > 0) { metadata.setMethodName( std::string(static_cast(buffer.linearize(name_len)), name_len)); buffer.drain(name_len); } else { metadata.setMethodName(""); } metadata.setMessageType(type); metadata.setSequenceId(buffer.peekBEInt(1)); buffer.drain(5); return true; } void LaxBinaryProtocolImpl::writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) { writeString(buffer, metadata.methodName()); buffer.writeByte(static_cast(metadata.messageType())); buffer.writeBEInt(metadata.sequenceId()); } class BinaryProtocolConfigFactory : public ProtocolFactoryBase { public: BinaryProtocolConfigFactory() : ProtocolFactoryBase(ProtocolNames::get().BINARY) {} }; /** * Static registration for the binary protocol. @see RegisterFactory. */ REGISTER_FACTORY(BinaryProtocolConfigFactory, NamedProtocolConfigFactory); class LaxBinaryProtocolConfigFactory : public ProtocolFactoryBase { public: LaxBinaryProtocolConfigFactory() : ProtocolFactoryBase(ProtocolNames::get().LAX_BINARY) {} }; /** * Static registration for the auto protocol. @see RegisterFactory. */ REGISTER_FACTORY(LaxBinaryProtocolConfigFactory, NamedProtocolConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * BinaryProtocolImpl implements the Thrift Binary protocol with strict message encoding. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-binary-protocol.md */ class BinaryProtocolImpl : public Protocol { public: BinaryProtocolImpl() = default; // Protocol const std::string& name() const override { return ProtocolNames::get().BINARY; } ProtocolType type() const override { return ProtocolType::Binary; } bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool readMessageEnd(Buffer::Instance& buffer) override; bool readStructBegin(Buffer::Instance& buffer, std::string& name) override; bool readStructEnd(Buffer::Instance& buffer) override; bool readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) override; bool readFieldEnd(Buffer::Instance& buffer) override; bool readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) override; bool readMapEnd(Buffer::Instance& buffer) override; bool readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override; bool readListEnd(Buffer::Instance& buffer) override; bool readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override; bool readSetEnd(Buffer::Instance& buffer) override; bool readBool(Buffer::Instance& buffer, bool& value) override; bool readByte(Buffer::Instance& buffer, uint8_t& value) override; bool readInt16(Buffer::Instance& buffer, int16_t& value) override; bool readInt32(Buffer::Instance& buffer, int32_t& value) override; bool readInt64(Buffer::Instance& buffer, int64_t& value) override; bool readDouble(Buffer::Instance& buffer, double& value) override; bool readString(Buffer::Instance& buffer, std::string& value) override; bool readBinary(Buffer::Instance& buffer, std::string& value) override; void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) override; void writeMessageEnd(Buffer::Instance& buffer) override; void writeStructBegin(Buffer::Instance& buffer, const std::string& name) override; void writeStructEnd(Buffer::Instance& buffer) override; void writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) override; void writeFieldEnd(Buffer::Instance& buffer) override; void writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) override; void writeMapEnd(Buffer::Instance& buffer) override; void writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override; void writeListEnd(Buffer::Instance& buffer) override; void writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override; void writeSetEnd(Buffer::Instance& buffer) override; void writeBool(Buffer::Instance& buffer, bool value) override; void writeByte(Buffer::Instance& buffer, uint8_t value) override; void writeInt16(Buffer::Instance& buffer, int16_t value) override; void writeInt32(Buffer::Instance& buffer, int32_t value) override; void writeInt64(Buffer::Instance& buffer, int64_t value) override; void writeDouble(Buffer::Instance& buffer, double value) override; void writeString(Buffer::Instance& buffer, const std::string& value) override; void writeBinary(Buffer::Instance& buffer, const std::string& value) override; static bool isMagic(uint16_t word) { return word == Magic; } // Minimum message length: // version: 2 bytes + // unused: 1 byte + // msg type: 1 byte + // name len: 4 bytes + // name: 0 bytes + // seq id: 4 bytes static constexpr uint64_t MinMessageBeginLength = 12; private: const static uint16_t Magic; }; /** * LaxBinaryProtocolImpl implements the Thrift Binary protocol with non-strict (e.g. lax) message * encoding. See https://github.com/apache/thrift/blob/master/doc/specs/thrift-binary-protocol.md */ class LaxBinaryProtocolImpl : public BinaryProtocolImpl { public: LaxBinaryProtocolImpl() = default; const std::string& name() const override { return ProtocolNames::get().LAX_BINARY; } bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) override; void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) override; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/buffer_helper.cc ================================================ #include "extensions/filters/network/thrift_proxy/buffer_helper.h" #include "common/common/byte_order.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { double BufferHelper::drainBEDouble(Buffer::Instance& buffer) { static_assert(sizeof(double) == sizeof(uint64_t), "sizeof(double) != sizeof(uint64_t)"); static_assert(std::numeric_limits::is_iec559, "non-IEC559 (IEEE 754) double"); // Implementation based on: // https://github.com/CppCon/CppCon2017/raw/master/Presentations/Type%20Punning%20In%20C%2B%2B17%20-%20Avoiding%20Pun-defined%20Behavior/Type%20Punning%20In%20C%2B%2B17%20-%20Avoiding%20Pun-defined%20Behavior%20-%20Scott%20Schurr%20-%20CppCon%202017.pdf // The short version: // 1. Reinterpreting uint64_t* to double* falls astray of strict aliasing rules. // 2. Using union {uint64_t i; double d;} is undefined behavior in C++ (but not C11). // 3. Using memcpy may be undefined, but probably reliable, and can be optimized to the // same instructions as 1 and 2. // 4. Implementation of last resort is to manually copy from i to d via unsigned char*. uint64_t i = buffer.drainBEInt(); double d; std::memcpy(&d, &i, 8); return d; } // Thrift's var int encoding is described in // https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md uint64_t BufferHelper::peekVarInt(Buffer::Instance& buffer, uint64_t offset, int& size) { // Need at least 1 byte for a var int. if (buffer.length() <= offset) { throw EnvoyException("buffer underflow"); } // Need at most 10 bytes for a 64-bit var int. const uint64_t last = std::min(buffer.length() - offset, static_cast(10)); uint8_t shift = 0; uint64_t result = 0; for (uint64_t i = 0; i < last; i++) { uint8_t b = buffer.peekInt(offset + i); // Note: the compact protocol spec says these variable-length ints are encoded as big-endian, // but the Apache C++, Java, and Python implementations read and write them little-endian. result |= static_cast(b & 0x7f) << shift; shift += 7; if ((b & 0x80) == 0) { // End of encoded int. size = i + 1; return result; } } // Ran out of bytes (or it's invalid). size = -last; return 0; } int32_t BufferHelper::peekVarIntI32(Buffer::Instance& buffer, uint64_t offset, int& size) { int underlying_size; uint64_t v64 = peekVarInt(buffer, offset, underlying_size); if (underlying_size <= -5 || underlying_size > 5) { throw EnvoyException("invalid compact protocol varint i32"); } size = underlying_size; if (size < 0) { return 0; } return static_cast(v64); } // Thrift's zig-zag int encoding is described in // https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md int64_t BufferHelper::peekZigZagI64(Buffer::Instance& buffer, uint64_t offset, int& size) { int underlying_size; uint64_t zz64 = peekVarInt(buffer, offset, underlying_size); if (underlying_size <= -10 || underlying_size > 10) { // Max size is 10, so this must be an invalid encoding. throw EnvoyException("invalid compact protocol zig-zag i64"); } size = underlying_size; if (size < 0) { // Still an underflow, but it might become valid with additional data. return 0; } return (zz64 >> 1) ^ static_cast(-static_cast(zz64 & 1)); } // Thrift's zig-zag int encoding is described in // https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md int32_t BufferHelper::peekZigZagI32(Buffer::Instance& buffer, uint64_t offset, int& size) { int underlying_size; uint64_t zz64 = peekVarInt(buffer, offset, underlying_size); if (underlying_size <= -5 || underlying_size > 5) { // Max size is 5, so this must be an invalid encoding. throw EnvoyException("invalid compact protocol zig-zag i32"); } size = underlying_size; if (size < 0) { // Still an underflow, but it might become valid with additional data. return 0; } uint32_t zz32 = static_cast(zz64); return (zz32 >> 1) ^ static_cast(-static_cast(zz32 & 1)); } void BufferHelper::writeBEDouble(Buffer::Instance& buffer, double value) { static_assert(sizeof(double) == sizeof(uint64_t), "sizeof(double) != sizeof(uint64_t)"); static_assert(std::numeric_limits::is_iec559, "non-IEC559 (IEEE 754) double"); // See drainDouble for implementation details. uint64_t i; std::memcpy(&i, &value, 8); buffer.writeBEInt(i); } // Thrift's var int encoding is described in // https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md void BufferHelper::writeVarIntI32(Buffer::Instance& buffer, int32_t value) { uint8_t bytes[5]; uint32_t v = static_cast(value); int pos = 0; while (pos < 5) { if ((v & ~0x7F) == 0) { bytes[pos++] = static_cast(v); break; } bytes[pos++] = static_cast(v & 0x7F) | 0x80; v >>= 7; } ASSERT(v < 0x80); ASSERT(pos <= 5); buffer.add(bytes, pos); } void BufferHelper::writeVarIntI64(Buffer::Instance& buffer, int64_t value) { uint8_t bytes[10]; uint64_t v = static_cast(value); int pos = 0; while (pos < 10) { if ((v & ~0x7F) == 0) { bytes[pos++] = static_cast(v); break; } bytes[pos++] = static_cast(v & 0x7F) | 0x80; v >>= 7; } ASSERT(v < 0x80); ASSERT(pos <= 10); buffer.add(bytes, pos); } void BufferHelper::writeZigZagI32(Buffer::Instance& buffer, int32_t value) { uint32_t zz32 = (static_cast(value) << 1) ^ (value >> 31); writeVarIntI32(buffer, zz32); } void BufferHelper::writeZigZagI64(Buffer::Instance& buffer, int64_t value) { uint64_t zz64 = (static_cast(value) << 1) ^ (value >> 63); writeVarIntI64(buffer, zz64); } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/buffer_helper.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * BufferHelper provides buffer operations for reading bytes and numbers in the various encodings * used by Thrift protocols. */ class BufferHelper { public: /** * Reads and drains a double from a buffer. * @param buffer Buffer::Instance containing data to decode * @return the double at the start of buffer */ static double drainBEDouble(Buffer::Instance& buffer); /** * Peeks at a variable-length int32_t at offset. Updates size to the number of bytes used to * encode the value. If insufficient bytes are available in the buffer to complete decoding, size * is set to a negative number whose absolute value is the number of bytes examined. At least one * byte must be available in the buffer. * * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @param size updated with number of bytes decoded for successful result (positive values of * size) or the number of bytes examined before underflowing (negative values of size). * @return the decoded variable-length int32_t (if size > 0), otherwise 0. * @throw EnvoyException if there is a buffer underflow, but more data would result in an integer * larger than 32 bits. */ static int32_t peekVarIntI32(Buffer::Instance& buffer, uint64_t offset, int& size); /** * Peeks at the zig-zag encoded int64_t at offset. Updates size with the same semantics as * peekVarIntI32. * * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @param size updated with number of bytes decoded for successful result (positive values of * size) or the number of bytes examined before underflowing (negative values of size). * @return the decoded variable-length zig-zag encoded int64_t (if size > 0), otherwise 0. * @throw EnvoyException if there is a buffer underflow, but more data would result in an integer * larger than 64 bits. */ static int64_t peekZigZagI64(Buffer::Instance& buffer, uint64_t offset, int& size); /** * Peeks at the zig-zag encoded int32_t at offset with the same semantics for the size parameter * as peekVarInt32. * * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @param size updated with number of bytes decoded for successful result (positive values of * size) or the number of bytes examined before underflowing (negative values of size). * @return the decoded variable-length zig-zag encoded int32_t (if size > 0), otherwise 0. * @throw EnvoyException if there is a buffer underflow, but more data would result in an integer * larger than 32 bits. */ static int32_t peekZigZagI32(Buffer::Instance& buffer, uint64_t offset, int& size); /** * Writes a double to the buffer. * @param buffer Buffer::Instance written to * @param value the double to write */ static void writeBEDouble(Buffer::Instance& buffer, double value); /** * Writes a var-int encoded int32_t to the buffer. * @param buffer Buffer::Instance written to * @param value the int32_t to write */ static void writeVarIntI32(Buffer::Instance& buffer, int32_t value); /** * Writes a var-int encoded int64_t to the buffer. * @param buffer Buffer::Instance written to * @param value the int64_t to write */ static void writeVarIntI64(Buffer::Instance& buffer, int64_t value); /** * Writes a zig-zag encoded int32_t to the buffer. * @param buffer Buffer::Instance written to * @param value the int32_t to write */ static void writeZigZagI32(Buffer::Instance& buffer, int32_t value); /** * Writes a zig-zag encoded int64_t to the buffer. * @param buffer Buffer::Instance written to * @param value the int64_t to write */ static void writeZigZagI64(Buffer::Instance& buffer, int64_t value); private: /** * Peeks at a variable-length int of up to 64 bits at offset. Updates size to indicate how many * bytes were examined. * * @param buffer Buffer::Instance containing data to decode * @param offset offset into buffer to peek at * @param size updated with number of bytes decoded for successful result (positive values of * size) or the number of bytes examined before underflowing (negative values of size). * @return the decoded variable-length int64_t (if size > 0), otherwise 0. */ static uint64_t peekVarInt(Buffer::Instance& buffer, uint64_t offset, int& size); }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/compact_protocol_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/macros.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { const uint16_t CompactProtocolImpl::Magic = 0x8201; const uint16_t CompactProtocolImpl::MagicMask = 0xFF1F; bool CompactProtocolImpl::readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) { // Minimum message length: // protocol, message type, and version: 2 bytes + // seq id (var int): 1 byte + // name length (var int): 1 byte + // name: 0 bytes if (buffer.length() < 4) { return false; } uint16_t version = buffer.peekBEInt(); if ((version & MagicMask) != Magic) { throw EnvoyException(fmt::format("invalid compact protocol version 0x{:04x} != 0x{:04x}", version & MagicMask, Magic)); } MessageType type = static_cast((version & ~MagicMask) >> 5); if (type < MessageType::Call || type > MessageType::LastMessageType) { throw EnvoyException( fmt::format("invalid compact protocol message type {}", static_cast(type))); } int id_size; int32_t id = BufferHelper::peekVarIntI32(buffer, 2, id_size); if (id_size < 0) { return false; } int name_len_size; int32_t name_len = BufferHelper::peekVarIntI32(buffer, id_size + 2, name_len_size); if (name_len_size < 0) { return false; } if (name_len < 0) { throw EnvoyException(absl::StrCat("negative compact protocol message name length ", name_len)); } if (buffer.length() < static_cast(id_size + name_len_size + name_len + 2)) { return false; } buffer.drain(id_size + name_len_size + 2); if (name_len > 0) { metadata.setMethodName( std::string(static_cast(buffer.linearize(name_len)), name_len)); buffer.drain(name_len); } else { metadata.setMethodName(""); } metadata.setMessageType(type); metadata.setSequenceId(id); return true; } bool CompactProtocolImpl::readMessageEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool CompactProtocolImpl::readStructBegin(Buffer::Instance& buffer, std::string& name) { UNREFERENCED_PARAMETER(buffer); name.clear(); // compact protocol does not transmit struct names // Field ids are encoded as deltas specific to the field's containing struct. Field ids are // tracked in a stack to handle nested structs. last_field_id_stack_.push(last_field_id_); last_field_id_ = 0; return true; } bool CompactProtocolImpl::readStructEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); if (last_field_id_stack_.empty()) { throw EnvoyException("invalid check for compact protocol struct end"); } last_field_id_ = last_field_id_stack_.top(); last_field_id_stack_.pop(); return true; } bool CompactProtocolImpl::readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) { // Minimum size: FieldType::Stop is encoded as 1 byte. if (buffer.length() < 1) { return false; } uint8_t delta_and_type = buffer.peekInt(); if ((delta_and_type & 0x0f) == 0) { // Type is stop, no need to do further decoding. name.clear(); field_id = 0; field_type = FieldType::Stop; buffer.drain(1); return true; } int16_t compact_field_id; CompactFieldType compact_field_type; int id_size = 0; if ((delta_and_type >> 4) == 0) { // Field ID delta is zero: this is a long-form field header, followed by zig-zag field id. if (buffer.length() < 2) { return false; } int32_t id = BufferHelper::peekZigZagI32(buffer, 1, id_size); if (id_size < 0) { return false; } if (id < 0 || id > std::numeric_limits::max()) { throw EnvoyException(absl::StrCat("invalid compact protocol field id ", id)); } compact_field_type = static_cast(delta_and_type); compact_field_id = static_cast(id); } else { // Short form field header: 4 bits of field id delta, 4 bits of field type. compact_field_type = static_cast(delta_and_type & 0x0F); compact_field_id = last_field_id_ + static_cast(delta_and_type >> 4); } field_type = convertCompactFieldType(compact_field_type); // For simple fields, boolean values are transmitted as a type with no further data. if (field_type == FieldType::Bool) { bool_value_ = compact_field_type == CompactFieldType::BoolTrue; } name.clear(); // compact protocol does not transmit field names field_id = compact_field_id; last_field_id_ = compact_field_id; buffer.drain(id_size + 1); return true; } bool CompactProtocolImpl::readFieldEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); bool_value_.reset(); return true; } bool CompactProtocolImpl::readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) { int s_size; int32_t s = BufferHelper::peekVarIntI32(buffer, 0, s_size); if (s_size < 0) { return false; } if (s < 0) { throw EnvoyException(absl::StrCat("negative compact protocol map size ", s)); } if (s == 0) { // Empty map. Compact protocol provides no type information in this case. key_type = value_type = FieldType::Stop; size = 0; buffer.drain(s_size); return true; } if (buffer.length() < static_cast(s_size + 1)) { return false; } uint8_t types = buffer.peekInt(s_size); FieldType ktype = convertCompactFieldType(static_cast(types >> 4)); FieldType vtype = convertCompactFieldType(static_cast(types & 0xF)); // Drain the size and the types byte. buffer.drain(s_size + 1); key_type = ktype; value_type = vtype; size = static_cast(s); return true; } bool CompactProtocolImpl::readMapEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool CompactProtocolImpl::readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) { // Minimum length: // size and type: 1 byte if (buffer.length() < 1) { return false; } uint32_t sz = 0; int s_size = 0; uint8_t size_and_type = buffer.peekInt(); if ((size_and_type & 0xF0) != 0xF0) { // Short form list header: size and type byte. sz = static_cast(size_and_type >> 4); } else { // Long form list header: type byte followed by var int size. int32_t s = BufferHelper::peekVarIntI32(buffer, 1, s_size); if (s_size < 0) { return false; } if (s < 0) { throw EnvoyException(fmt::format("negative compact protocol list/set size {}", s)); } sz = static_cast(s); } elem_type = convertCompactFieldType(static_cast(size_and_type & 0x0F)); size = sz; buffer.drain(s_size + 1); return true; } bool CompactProtocolImpl::readListEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); return true; } bool CompactProtocolImpl::readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) { return readListBegin(buffer, elem_type, size); } bool CompactProtocolImpl::readSetEnd(Buffer::Instance& buffer) { return readListEnd(buffer); } bool CompactProtocolImpl::readBool(Buffer::Instance& buffer, bool& value) { // Boolean struct fields have their value encoded in the field type. if (bool_value_.has_value()) { value = bool_value_.value(); return true; } // All other boolean values (list, set, or map elements) are encoded as single bytes. if (buffer.length() < 1) { return false; } value = buffer.drainInt() != 0; return true; } bool CompactProtocolImpl::readByte(Buffer::Instance& buffer, uint8_t& value) { if (buffer.length() < 1) { return false; } value = buffer.drainInt(); return true; } bool CompactProtocolImpl::readInt16(Buffer::Instance& buffer, int16_t& value) { if (buffer.length() < 1) { return false; } int size; int32_t i = BufferHelper::peekZigZagI32(buffer, 0, size); if (size < 0) { return false; } if (i < std::numeric_limits::min() || i > std::numeric_limits::max()) { throw EnvoyException(fmt::format("compact protocol i16 exceeds allowable range {}", i)); } buffer.drain(size); value = static_cast(i); return true; } bool CompactProtocolImpl::readInt32(Buffer::Instance& buffer, int32_t& value) { if (buffer.length() < 1) { return false; } int size; int32_t i = BufferHelper::peekZigZagI32(buffer, 0, size); if (size < 0) { return false; } buffer.drain(size); value = i; return true; } bool CompactProtocolImpl::readInt64(Buffer::Instance& buffer, int64_t& value) { if (buffer.length() < 1) { return false; } int size; int64_t i = BufferHelper::peekZigZagI64(buffer, 0, size); if (size < 0) { return false; } buffer.drain(size); value = i; return true; } bool CompactProtocolImpl::readDouble(Buffer::Instance& buffer, double& value) { static_assert(sizeof(double) == sizeof(uint64_t), "sizeof(double) != size(uint64_t)"); if (buffer.length() < 8) { return false; } value = BufferHelper::drainBEDouble(buffer); return true; } bool CompactProtocolImpl::readString(Buffer::Instance& buffer, std::string& value) { if (buffer.length() < 1) { return false; } int len_size; int32_t str_len = BufferHelper::peekVarIntI32(buffer, 0, len_size); if (len_size < 0) { return false; } if (str_len < 0) { throw EnvoyException(fmt::format("negative compact protocol string/binary length {}", str_len)); } if (str_len == 0) { buffer.drain(len_size); value.clear(); return true; } if (buffer.length() < static_cast(str_len + len_size)) { return false; } buffer.drain(len_size); value.assign(static_cast(buffer.linearize(str_len)), str_len); buffer.drain(str_len); return true; } bool CompactProtocolImpl::readBinary(Buffer::Instance& buffer, std::string& value) { return readString(buffer, value); } void CompactProtocolImpl::writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) { MessageType msg_type = metadata.messageType(); uint16_t ptv = (Magic & MagicMask) | (static_cast(msg_type) << 5); ASSERT((ptv & MagicMask) == Magic); ASSERT((ptv & ~MagicMask) >> 5 == static_cast(msg_type)); buffer.writeBEInt(ptv); BufferHelper::writeVarIntI32(buffer, metadata.sequenceId()); writeString(buffer, metadata.methodName()); } void CompactProtocolImpl::writeMessageEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void CompactProtocolImpl::writeStructBegin(Buffer::Instance& buffer, const std::string& name) { UNREFERENCED_PARAMETER(buffer); UNREFERENCED_PARAMETER(name); // Field ids are encoded as deltas specific to the field's containing struct. Field ids are // tracked in a stack to handle nested structs. last_field_id_stack_.push(last_field_id_); last_field_id_ = 0; } void CompactProtocolImpl::writeStructEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); if (last_field_id_stack_.empty()) { throw EnvoyException("invalid write of compact protocol struct end"); } last_field_id_ = last_field_id_stack_.top(); last_field_id_stack_.pop(); } void CompactProtocolImpl::writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) { UNREFERENCED_PARAMETER(name); if (field_type == FieldType::Stop) { buffer.writeByte(0); return; } if (field_type == FieldType::Bool) { bool_field_id_ = field_id; return; } writeFieldBeginInternal(buffer, field_type, field_id, {}); } void CompactProtocolImpl::writeFieldBeginInternal( Buffer::Instance& buffer, FieldType field_type, int16_t field_id, absl::optional field_type_override) { CompactFieldType compact_field_type; if (field_type_override.has_value()) { compact_field_type = field_type_override.value(); } else { compact_field_type = convertFieldType(field_type); } if (field_id > last_field_id_ && field_id - last_field_id_ <= 15) { // Encode short-form field header. buffer.writeByte((static_cast(field_id - last_field_id_) << 4) | static_cast(compact_field_type)); } else { buffer.writeByte(static_cast(compact_field_type)); BufferHelper::writeZigZagI32(buffer, static_cast(field_id)); } last_field_id_ = field_id; } void CompactProtocolImpl::writeFieldEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); bool_field_id_.reset(); } void CompactProtocolImpl::writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) { if (size > static_cast(std::numeric_limits::max())) { throw EnvoyException(absl::StrCat("illegal compact protocol map size ", size)); } BufferHelper::writeVarIntI32(buffer, static_cast(size)); if (size == 0) { return; } CompactFieldType compact_key_type = convertFieldType(key_type); CompactFieldType compact_value_type = convertFieldType(value_type); buffer.writeByte((static_cast(compact_key_type) << 4) | static_cast(compact_value_type)); } void CompactProtocolImpl::writeMapEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void CompactProtocolImpl::writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) { if (size > static_cast(std::numeric_limits::max())) { throw EnvoyException(fmt::format("illegal compact protocol list/set size {}", size)); } CompactFieldType compact_elem_type = convertFieldType(elem_type); if (size < 0xF) { // Short form list/set header int8_t short_size = static_cast(size & 0xF); buffer.writeByte((short_size << 4) | static_cast(compact_elem_type)); } else { buffer.writeByte(0xF0 | static_cast(compact_elem_type)); BufferHelper::writeVarIntI32(buffer, static_cast(size)); } } void CompactProtocolImpl::writeListEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void CompactProtocolImpl::writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) { writeListBegin(buffer, elem_type, size); } void CompactProtocolImpl::writeSetEnd(Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(buffer); } void CompactProtocolImpl::writeBool(Buffer::Instance& buffer, bool value) { if (bool_field_id_.has_value()) { // Boolean fields have their value encoded by type. CompactFieldType bool_field_type = value ? CompactFieldType::BoolTrue : CompactFieldType::BoolFalse; writeFieldBeginInternal(buffer, FieldType::Bool, bool_field_id_.value(), {bool_field_type}); return; } // Map/Set/List booleans are encoded as bytes. buffer.writeByte(value ? 1 : 0); } void CompactProtocolImpl::writeByte(Buffer::Instance& buffer, uint8_t value) { buffer.writeByte(value); } void CompactProtocolImpl::writeInt16(Buffer::Instance& buffer, int16_t value) { int32_t extended = static_cast(value); BufferHelper::writeZigZagI32(buffer, extended); } void CompactProtocolImpl::writeInt32(Buffer::Instance& buffer, int32_t value) { BufferHelper::writeZigZagI32(buffer, value); } void CompactProtocolImpl::writeInt64(Buffer::Instance& buffer, int64_t value) { BufferHelper::writeZigZagI64(buffer, value); } void CompactProtocolImpl::writeDouble(Buffer::Instance& buffer, double value) { BufferHelper::writeBEDouble(buffer, value); } void CompactProtocolImpl::writeString(Buffer::Instance& buffer, const std::string& value) { BufferHelper::writeVarIntI32(buffer, value.length()); buffer.add(value); } void CompactProtocolImpl::writeBinary(Buffer::Instance& buffer, const std::string& value) { writeString(buffer, value); } FieldType CompactProtocolImpl::convertCompactFieldType(CompactFieldType compact_field_type) { switch (compact_field_type) { case CompactFieldType::BoolTrue: return FieldType::Bool; case CompactFieldType::BoolFalse: return FieldType::Bool; case CompactFieldType::Byte: return FieldType::Byte; case CompactFieldType::I16: return FieldType::I16; case CompactFieldType::I32: return FieldType::I32; case CompactFieldType::I64: return FieldType::I64; case CompactFieldType::Double: return FieldType::Double; case CompactFieldType::String: return FieldType::String; case CompactFieldType::List: return FieldType::List; case CompactFieldType::Set: return FieldType::Set; case CompactFieldType::Map: return FieldType::Map; case CompactFieldType::Struct: return FieldType::Struct; default: throw EnvoyException(fmt::format("unknown compact protocol field type {}", static_cast(compact_field_type))); } } CompactProtocolImpl::CompactFieldType CompactProtocolImpl::convertFieldType(FieldType field_type) { switch (field_type) { case FieldType::Bool: // c.f. special handling in writeFieldBegin return CompactFieldType::BoolTrue; case FieldType::Byte: return CompactFieldType::Byte; case FieldType::I16: return CompactFieldType::I16; case FieldType::I32: return CompactFieldType::I32; case FieldType::I64: return CompactFieldType::I64; case FieldType::Double: return CompactFieldType::Double; case FieldType::String: return CompactFieldType::String; case FieldType::Struct: return CompactFieldType::Struct; case FieldType::Map: return CompactFieldType::Map; case FieldType::Set: return CompactFieldType::Set; case FieldType::List: return CompactFieldType::List; default: throw EnvoyException( fmt::format("unknown protocol field type {}", static_cast(field_type))); } } class CompactProtocolConfigFactory : public ProtocolFactoryBase { public: CompactProtocolConfigFactory() : ProtocolFactoryBase(ProtocolNames::get().COMPACT) {} }; /** * Static registration for the binary protocol. @see RegisterFactory. */ REGISTER_FACTORY(CompactProtocolConfigFactory, NamedProtocolConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * CompactProtocolImpl implements the Thrift Compact protocol. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md */ class CompactProtocolImpl : public Protocol { public: CompactProtocolImpl() = default; // Protocol const std::string& name() const override { return ProtocolNames::get().COMPACT; } ProtocolType type() const override { return ProtocolType::Compact; } bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool readMessageEnd(Buffer::Instance& buffer) override; bool readStructBegin(Buffer::Instance& buffer, std::string& name) override; bool readStructEnd(Buffer::Instance& buffer) override; bool readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) override; bool readFieldEnd(Buffer::Instance& buffer) override; bool readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) override; bool readMapEnd(Buffer::Instance& buffer) override; bool readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override; bool readListEnd(Buffer::Instance& buffer) override; bool readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) override; bool readSetEnd(Buffer::Instance& buffer) override; bool readBool(Buffer::Instance& buffer, bool& value) override; bool readByte(Buffer::Instance& buffer, uint8_t& value) override; bool readInt16(Buffer::Instance& buffer, int16_t& value) override; bool readInt32(Buffer::Instance& buffer, int32_t& value) override; bool readInt64(Buffer::Instance& buffer, int64_t& value) override; bool readDouble(Buffer::Instance& buffer, double& value) override; bool readString(Buffer::Instance& buffer, std::string& value) override; bool readBinary(Buffer::Instance& buffer, std::string& value) override; void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) override; void writeMessageEnd(Buffer::Instance& buffer) override; void writeStructBegin(Buffer::Instance& buffer, const std::string& name) override; void writeStructEnd(Buffer::Instance& buffer) override; void writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) override; void writeFieldEnd(Buffer::Instance& buffer) override; void writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) override; void writeMapEnd(Buffer::Instance& buffer) override; void writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override; void writeListEnd(Buffer::Instance& buffer) override; void writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) override; void writeSetEnd(Buffer::Instance& buffer) override; void writeBool(Buffer::Instance& buffer, bool value) override; void writeByte(Buffer::Instance& buffer, uint8_t value) override; void writeInt16(Buffer::Instance& buffer, int16_t value) override; void writeInt32(Buffer::Instance& buffer, int32_t value) override; void writeInt64(Buffer::Instance& buffer, int64_t value) override; void writeDouble(Buffer::Instance& buffer, double value) override; void writeString(Buffer::Instance& buffer, const std::string& value) override; void writeBinary(Buffer::Instance& buffer, const std::string& value) override; static bool isMagic(uint16_t word) { return (word & MagicMask) == Magic; } private: enum class CompactFieldType { Stop = 0, BoolTrue = 1, BoolFalse = 2, Byte = 3, I16 = 4, I32 = 5, I64 = 6, Double = 7, String = 8, List = 9, Set = 10, Map = 11, Struct = 12, }; FieldType convertCompactFieldType(CompactFieldType compact_field_type); CompactFieldType convertFieldType(FieldType field_type); void writeFieldBeginInternal(Buffer::Instance& buffer, FieldType field_type, int16_t field_id, absl::optional field_type_override); std::stack last_field_id_stack_{}; int16_t last_field_id_{0}; // Compact protocol encodes boolean struct fields as true/false *types* with no data. // This tracks the last boolean struct field's value for readBool. absl::optional bool_value_{}; // Similarly, track the field id for writeBool. absl::optional bool_field_id_{}; const static uint16_t Magic; const static uint16_t MagicMask; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/config.cc ================================================ #include "extensions/filters/network/thrift_proxy/config.h" #include #include #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "extensions/filters/network/thrift_proxy/auto_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/auto_transport_impl.h" #include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include "extensions/filters/network/thrift_proxy/decoder.h" #include "extensions/filters/network/thrift_proxy/filters/filter_config.h" #include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" #include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" #include "extensions/filters/network/thrift_proxy/stats.h" #include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace { using TransportTypeMap = std::map; static const TransportTypeMap& transportTypeMap() { CONSTRUCT_ON_FIRST_USE( TransportTypeMap, { {envoy::extensions::filters::network::thrift_proxy::v3::AUTO_TRANSPORT, TransportType::Auto}, {envoy::extensions::filters::network::thrift_proxy::v3::FRAMED, TransportType::Framed}, {envoy::extensions::filters::network::thrift_proxy::v3::UNFRAMED, TransportType::Unframed}, {envoy::extensions::filters::network::thrift_proxy::v3::HEADER, TransportType::Header}, }); } using ProtocolTypeMap = std::map; static const ProtocolTypeMap& protocolTypeMap() { CONSTRUCT_ON_FIRST_USE( ProtocolTypeMap, { {envoy::extensions::filters::network::thrift_proxy::v3::AUTO_PROTOCOL, ProtocolType::Auto}, {envoy::extensions::filters::network::thrift_proxy::v3::BINARY, ProtocolType::Binary}, {envoy::extensions::filters::network::thrift_proxy::v3::LAX_BINARY, ProtocolType::LaxBinary}, {envoy::extensions::filters::network::thrift_proxy::v3::COMPACT, ProtocolType::Compact}, {envoy::extensions::filters::network::thrift_proxy::v3::TWITTER, ProtocolType::Twitter}, }); } TransportType lookupTransport(envoy::extensions::filters::network::thrift_proxy::v3::TransportType transport) { const auto& transport_iter = transportTypeMap().find(transport); if (transport_iter == transportTypeMap().end()) { throw EnvoyException(fmt::format( "unknown transport {}", envoy::extensions::filters::network::thrift_proxy::v3::TransportType_Name(transport))); } return transport_iter->second; } ProtocolType lookupProtocol(envoy::extensions::filters::network::thrift_proxy::v3::ProtocolType protocol) { const auto& protocol_iter = protocolTypeMap().find(protocol); if (protocol_iter == protocolTypeMap().end()) { throw EnvoyException(fmt::format( "unknown protocol {}", envoy::extensions::filters::network::thrift_proxy::v3::ProtocolType_Name(protocol))); } return protocol_iter->second; } } // namespace ProtocolOptionsConfigImpl::ProtocolOptionsConfigImpl( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProtocolOptions& config) : transport_(lookupTransport(config.transport())), protocol_(lookupProtocol(config.protocol())) {} TransportType ProtocolOptionsConfigImpl::transport(TransportType downstream_transport) const { return (transport_ == TransportType::Auto) ? downstream_transport : transport_; } ProtocolType ProtocolOptionsConfigImpl::protocol(ProtocolType downstream_protocol) const { return (protocol_ == ProtocolType::Auto) ? downstream_protocol : protocol_; } Network::FilterFactoryCb ThriftProxyFilterConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProxy& proto_config, Server::Configuration::FactoryContext& context) { std::shared_ptr filter_config(new ConfigImpl(proto_config, context)); return [filter_config, &context](Network::FilterManager& filter_manager) -> void { filter_manager.addReadFilter(std::make_shared( *filter_config, context.api().randomGenerator(), context.dispatcher().timeSource())); }; } /** * Static registration for the thrift filter. @see RegisterFactory. */ REGISTER_FACTORY(ThriftProxyFilterConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); ConfigImpl::ConfigImpl( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProxy& config, Server::Configuration::FactoryContext& context) : context_(context), stats_prefix_(fmt::format("thrift.{}.", config.stat_prefix())), stats_(ThriftFilterStats::generateStats(stats_prefix_, context_.scope())), transport_(lookupTransport(config.transport())), proto_(lookupProtocol(config.protocol())), route_matcher_(new Router::RouteMatcher(config.route_config())) { if (config.thrift_filters().empty()) { ENVOY_LOG(debug, "using default router filter"); envoy::extensions::filters::network::thrift_proxy::v3::ThriftFilter router; router.set_name(ThriftFilters::ThriftFilterNames::get().ROUTER); processFilter(router); } else { for (const auto& filter : config.thrift_filters()) { processFilter(filter); } } } void ConfigImpl::createFilterChain(ThriftFilters::FilterChainFactoryCallbacks& callbacks) { for (const ThriftFilters::FilterFactoryCb& factory : filter_factories_) { factory(callbacks); } } TransportPtr ConfigImpl::createTransport() { return NamedTransportConfigFactory::getFactory(transport_).createTransport(); } ProtocolPtr ConfigImpl::createProtocol() { return NamedProtocolConfigFactory::getFactory(proto_).createProtocol(); } void ConfigImpl::processFilter( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftFilter& proto_config) { const std::string& string_name = proto_config.name(); ENVOY_LOG(debug, " thrift filter #{}", filter_factories_.size()); ENVOY_LOG(debug, " name: {}", string_name); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage( proto_config.has_typed_config() ? static_cast(proto_config.typed_config()) : static_cast( proto_config.hidden_envoy_deprecated_config()), true)); auto& factory = Envoy::Config::Utility::getAndCheckFactory( proto_config); ProtobufTypes::MessagePtr message = Envoy::Config::Utility::translateToFactoryConfig( proto_config, context_.messageValidationVisitor(), factory); ThriftFilters::FilterFactoryCb callback = factory.createFilterFactoryFromProto(*message, stats_prefix_, context_); filter_factories_.push_back(callback); } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/config.h ================================================ #pragma once #include #include #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/thrift_proxy/conn_manager.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "extensions/filters/network/thrift_proxy/router/router_impl.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * Provides Thrift-specific cluster options. */ class ProtocolOptionsConfigImpl : public ProtocolOptionsConfig { public: ProtocolOptionsConfigImpl( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProtocolOptions& proto_config); // ProtocolOptionsConfig TransportType transport(TransportType downstream_transport) const override; ProtocolType protocol(ProtocolType downstream_protocol) const override; private: const TransportType transport_; const ProtocolType protocol_; }; /** * Config registration for the thrift proxy filter. @see NamedNetworkFilterConfigFactory. */ class ThriftProxyFilterConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::thrift_proxy::v3::ThriftProxy, envoy::extensions::filters::network::thrift_proxy::v3::ThriftProtocolOptions> { public: ThriftProxyFilterConfigFactory() : FactoryBase(NetworkFilterNames::get().ThriftProxy, true) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProxy& proto_config, Server::Configuration::FactoryContext& context) override; Upstream::ProtocolOptionsConfigConstSharedPtr createProtocolOptionsTyped( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProtocolOptions& proto_config, Server::Configuration::ProtocolOptionsFactoryContext&) override { return std::make_shared(proto_config); } }; class ConfigImpl : public Config, public Router::Config, public ThriftFilters::FilterChainFactory, Logger::Loggable { public: ConfigImpl(const envoy::extensions::filters::network::thrift_proxy::v3::ThriftProxy& config, Server::Configuration::FactoryContext& context); // ThriftFilters::FilterChainFactory void createFilterChain(ThriftFilters::FilterChainFactoryCallbacks& callbacks) override; // Router::Config Router::RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const override { return route_matcher_->route(metadata, random_value); } // Config ThriftFilterStats& stats() override { return stats_; } ThriftFilters::FilterChainFactory& filterFactory() override { return *this; } TransportPtr createTransport() override; ProtocolPtr createProtocol() override; Router::Config& routerConfig() override { return *this; } private: void processFilter( const envoy::extensions::filters::network::thrift_proxy::v3::ThriftFilter& proto_config); Server::Configuration::FactoryContext& context_; const std::string stats_prefix_; ThriftFilterStats stats_; const TransportType transport_; const ProtocolType proto_; std::unique_ptr route_matcher_; std::list filter_factories_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/conn_manager.cc ================================================ #include "extensions/filters/network/thrift_proxy/conn_manager.h" #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { ConnectionManager::ConnectionManager(Config& config, Random::RandomGenerator& random_generator, TimeSource& time_source) : config_(config), stats_(config_.stats()), transport_(config.createTransport()), protocol_(config.createProtocol()), decoder_(std::make_unique(*transport_, *protocol_, *this)), random_generator_(random_generator), time_source_(time_source) {} ConnectionManager::~ConnectionManager() = default; Network::FilterStatus ConnectionManager::onData(Buffer::Instance& data, bool end_stream) { request_buffer_.move(data); dispatch(); if (end_stream) { ENVOY_CONN_LOG(trace, "downstream half-closed", read_callbacks_->connection()); // Downstream has closed. Unless we're waiting for an upstream connection to complete a oneway // request, close. The special case for oneway requests allows them to complete before the // ConnectionManager is destroyed. if (stopped_) { ASSERT(!rpcs_.empty()); MessageMetadata& metadata = *(*rpcs_.begin())->metadata_; ASSERT(metadata.hasMessageType()); if (metadata.messageType() == MessageType::Oneway) { ENVOY_CONN_LOG(trace, "waiting for one-way completion", read_callbacks_->connection()); half_closed_ = true; return Network::FilterStatus::StopIteration; } } resetAllRpcs(false); read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } return Network::FilterStatus::StopIteration; } void ConnectionManager::dispatch() { if (stopped_) { ENVOY_CONN_LOG(debug, "thrift filter stopped", read_callbacks_->connection()); return; } try { bool underflow = false; while (!underflow) { FilterStatus status = decoder_->onData(request_buffer_, underflow); if (status == FilterStatus::StopIteration) { stopped_ = true; break; } } return; } catch (const AppException& ex) { ENVOY_LOG(error, "thrift application exception: {}", ex.what()); if (rpcs_.empty()) { MessageMetadata metadata; sendLocalReply(metadata, ex, true); } else { sendLocalReply(*(*rpcs_.begin())->metadata_, ex, true); } } catch (const EnvoyException& ex) { ENVOY_CONN_LOG(error, "thrift error: {}", read_callbacks_->connection(), ex.what()); if (rpcs_.empty()) { // Transport/protocol mismatch (including errors in automatic detection). Just hang up // since we don't know how to encode a response. read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } else { // Use the current rpc's transport/protocol to send an error downstream. rpcs_.front()->onError(ex.what()); } } stats_.request_decoding_error_.inc(); resetAllRpcs(true); } void ConnectionManager::sendLocalReply(MessageMetadata& metadata, const DirectResponse& response, bool end_stream) { if (read_callbacks_->connection().state() == Network::Connection::State::Closed) { return; } Buffer::OwnedImpl buffer; const DirectResponse::ResponseType result = response.encode(metadata, *protocol_, buffer); Buffer::OwnedImpl response_buffer; metadata.setProtocol(protocol_->type()); transport_->encodeFrame(response_buffer, metadata, buffer); read_callbacks_->connection().write(response_buffer, end_stream); if (end_stream) { read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } switch (result) { case DirectResponse::ResponseType::SuccessReply: stats_.response_success_.inc(); break; case DirectResponse::ResponseType::ErrorReply: stats_.response_error_.inc(); break; case DirectResponse::ResponseType::Exception: stats_.response_exception_.inc(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void ConnectionManager::continueDecoding() { ENVOY_CONN_LOG(debug, "thrift filter continued", read_callbacks_->connection()); stopped_ = false; dispatch(); if (!stopped_ && half_closed_) { // If we're half closed, but not stopped waiting for an upstream, reset any pending rpcs and // close the connection. resetAllRpcs(false); read_callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } } void ConnectionManager::doDeferredRpcDestroy(ConnectionManager::ActiveRpc& rpc) { read_callbacks_->connection().dispatcher().deferredDelete(rpc.removeFromList(rpcs_)); } void ConnectionManager::resetAllRpcs(bool local_reset) { while (!rpcs_.empty()) { if (local_reset) { ENVOY_CONN_LOG(debug, "local close with active request", read_callbacks_->connection()); stats_.cx_destroy_local_with_active_rq_.inc(); } else { ENVOY_CONN_LOG(debug, "remote close with active request", read_callbacks_->connection()); stats_.cx_destroy_remote_with_active_rq_.inc(); } rpcs_.front()->onReset(); } } void ConnectionManager::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; read_callbacks_->connection().addConnectionCallbacks(*this); read_callbacks_->connection().enableHalfClose(true); } void ConnectionManager::onEvent(Network::ConnectionEvent event) { resetAllRpcs(event == Network::ConnectionEvent::LocalClose); } DecoderEventHandler& ConnectionManager::newDecoderEventHandler() { ENVOY_LOG(trace, "new decoder filter"); ActiveRpcPtr new_rpc(new ActiveRpc(*this)); new_rpc->createFilterChain(); LinkedList::moveIntoList(std::move(new_rpc), rpcs_); return **rpcs_.begin(); } bool ConnectionManager::ResponseDecoder::onData(Buffer::Instance& data) { upstream_buffer_.move(data); bool underflow = false; decoder_->onData(upstream_buffer_, underflow); ASSERT(complete_ || underflow); return complete_; } FilterStatus ConnectionManager::ResponseDecoder::messageBegin(MessageMetadataSharedPtr metadata) { metadata_ = metadata; metadata_->setSequenceId(parent_.original_sequence_id_); first_reply_field_ = (metadata->hasMessageType() && metadata->messageType() == MessageType::Reply); return ProtocolConverter::messageBegin(metadata); } FilterStatus ConnectionManager::ResponseDecoder::fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) { if (first_reply_field_) { // Reply messages contain a struct where field 0 is the call result and fields 1+ are // exceptions, if defined. At most one field may be set. Therefore, the very first field we // encounter in a reply is either field 0 (success) or not (IDL exception returned). // If first fieldType is FieldType::Stop then it is a void success and handled in messageEnd() // because decoder state machine does not call decoder event callback fieldBegin on // FieldType::Stop. success_ = (field_id == 0); first_reply_field_ = false; } return ProtocolConverter::fieldBegin(name, field_type, field_id); } FilterStatus ConnectionManager::ResponseDecoder::messageEnd() { if (first_reply_field_) { // When the response is thrift void type there is never a fieldBegin call on a success // because the response struct has no fields and so the first field type is FieldType::Stop. // The decoder state machine handles FieldType::Stop by going immediately to structEnd, // skipping fieldBegin callback. Therefore if we are still waiting for the first reply field // at end of message then it is a void success. success_ = true; first_reply_field_ = false; } return ProtocolConverter::messageEnd(); } FilterStatus ConnectionManager::ResponseDecoder::transportEnd() { ASSERT(metadata_ != nullptr); ConnectionManager& cm = parent_.parent_; if (cm.read_callbacks_->connection().state() == Network::Connection::State::Closed) { complete_ = true; throw EnvoyException("downstream connection is closed"); } Buffer::OwnedImpl buffer; // Use the factory to get the concrete transport from the decoder transport (as opposed to // potentially pre-detection auto transport). TransportPtr transport = NamedTransportConfigFactory::getFactory(parent_.parent_.decoder_->transportType()) .createTransport(); metadata_->setProtocol(parent_.parent_.decoder_->protocolType()); transport->encodeFrame(buffer, *metadata_, parent_.response_buffer_); complete_ = true; cm.read_callbacks_->connection().write(buffer, false); cm.stats_.response_.inc(); switch (metadata_->messageType()) { case MessageType::Reply: cm.stats_.response_reply_.inc(); if (success_.value_or(false)) { cm.stats_.response_success_.inc(); } else { cm.stats_.response_error_.inc(); } break; case MessageType::Exception: cm.stats_.response_exception_.inc(); break; default: cm.stats_.response_invalid_type_.inc(); break; } return FilterStatus::Continue; } void ConnectionManager::ActiveRpcDecoderFilter::continueDecoding() { const FilterStatus status = parent_.applyDecoderFilters(this); if (status == FilterStatus::Continue) { // All filters have been executed for the current decoder state. if (parent_.pending_transport_end_) { // If the filter stack was paused during transportEnd, handle end-of-request details. parent_.finalizeRequest(); } parent_.continueDecoding(); } } FilterStatus ConnectionManager::ActiveRpc::applyDecoderFilters(ActiveRpcDecoderFilter* filter) { ASSERT(filter_action_ != nullptr); if (!local_response_sent_) { if (upgrade_handler_) { // Divert events to the current protocol upgrade handler. const FilterStatus status = filter_action_(upgrade_handler_.get()); filter_context_.reset(); return status; } std::list::iterator entry; if (!filter) { entry = decoder_filters_.begin(); } else { entry = std::next(filter->entry()); } for (; entry != decoder_filters_.end(); entry++) { const FilterStatus status = filter_action_((*entry)->handle_.get()); if (local_response_sent_) { // The filter called sendLocalReply: stop processing filters and return // FilterStatus::Continue irrespective of the current result. break; } if (status != FilterStatus::Continue) { return status; } } } filter_action_ = nullptr; filter_context_.reset(); return FilterStatus::Continue; } FilterStatus ConnectionManager::ActiveRpc::transportBegin(MessageMetadataSharedPtr metadata) { filter_context_ = metadata; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { MessageMetadataSharedPtr metadata = absl::any_cast(filter_context_); return filter->transportBegin(metadata); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::transportEnd() { ASSERT(metadata_ != nullptr); FilterStatus status; if (upgrade_handler_) { status = upgrade_handler_->transportEnd(); if (metadata_->isProtocolUpgradeMessage()) { ENVOY_CONN_LOG(error, "thrift: sending protocol upgrade response", parent_.read_callbacks_->connection()); sendLocalReply(*parent_.protocol_->upgradeResponse(*upgrade_handler_), false); } } else { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->transportEnd(); }; status = applyDecoderFilters(nullptr); if (status == FilterStatus::StopIteration) { pending_transport_end_ = true; return status; } } finalizeRequest(); return status; } void ConnectionManager::ActiveRpc::finalizeRequest() { pending_transport_end_ = false; parent_.stats_.request_.inc(); bool destroy_rpc = false; switch (original_msg_type_) { case MessageType::Call: parent_.stats_.request_call_.inc(); // Local response or protocol upgrade mean we don't wait for an upstream response. destroy_rpc = local_response_sent_ || (upgrade_handler_ != nullptr); break; case MessageType::Oneway: parent_.stats_.request_oneway_.inc(); // No response forthcoming, we're done. destroy_rpc = true; break; default: parent_.stats_.request_invalid_type_.inc(); // Invalid request, implies no response. destroy_rpc = true; break; } if (destroy_rpc) { parent_.doDeferredRpcDestroy(*this); } } FilterStatus ConnectionManager::ActiveRpc::messageBegin(MessageMetadataSharedPtr metadata) { ASSERT(metadata->hasSequenceId()); ASSERT(metadata->hasMessageType()); metadata_ = metadata; original_sequence_id_ = metadata_->sequenceId(); original_msg_type_ = metadata_->messageType(); if (metadata_->isProtocolUpgradeMessage()) { ASSERT(parent_.protocol_->supportsUpgrade()); ENVOY_CONN_LOG(debug, "thrift: decoding protocol upgrade request", parent_.read_callbacks_->connection()); upgrade_handler_ = parent_.protocol_->upgradeRequestDecoder(); ASSERT(upgrade_handler_ != nullptr); } filter_context_ = metadata; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { MessageMetadataSharedPtr metadata = absl::any_cast(filter_context_); return filter->messageBegin(metadata); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::messageEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->messageEnd(); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::structBegin(absl::string_view name) { filter_context_ = std::string(name); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::string& name = absl::any_cast(filter_context_); return filter->structBegin(name); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::structEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->structEnd(); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) { filter_context_ = std::tuple(std::string(name), field_type, field_id); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::tuple& t = absl::any_cast&>(filter_context_); std::string& name = std::get<0>(t); FieldType& field_type = std::get<1>(t); int16_t& field_id = std::get<2>(t); return filter->fieldBegin(name, field_type, field_id); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::fieldEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->fieldEnd(); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::boolValue(bool& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { bool& value = absl::any_cast(filter_context_); return filter->boolValue(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::byteValue(uint8_t& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { uint8_t& value = absl::any_cast(filter_context_); return filter->byteValue(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::int16Value(int16_t& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { int16_t& value = absl::any_cast(filter_context_); return filter->int16Value(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::int32Value(int32_t& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { int32_t& value = absl::any_cast(filter_context_); return filter->int32Value(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::int64Value(int64_t& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { int64_t& value = absl::any_cast(filter_context_); return filter->int64Value(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::doubleValue(double& value) { filter_context_ = value; filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { double& value = absl::any_cast(filter_context_); return filter->doubleValue(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::stringValue(absl::string_view value) { filter_context_ = std::string(value); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::string& value = absl::any_cast(filter_context_); return filter->stringValue(value); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) { filter_context_ = std::tuple(key_type, value_type, size); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::tuple& t = absl::any_cast&>(filter_context_); FieldType& key_type = std::get<0>(t); FieldType& value_type = std::get<1>(t); uint32_t& size = std::get<2>(t); return filter->mapBegin(key_type, value_type, size); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::mapEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->mapEnd(); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::listBegin(FieldType& value_type, uint32_t& size) { filter_context_ = std::tuple(value_type, size); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::tuple& t = absl::any_cast&>(filter_context_); FieldType& value_type = std::get<0>(t); uint32_t& size = std::get<1>(t); return filter->listBegin(value_type, size); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::listEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->listEnd(); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::setBegin(FieldType& value_type, uint32_t& size) { filter_context_ = std::tuple(value_type, size); filter_action_ = [this](DecoderEventHandler* filter) -> FilterStatus { std::tuple& t = absl::any_cast&>(filter_context_); FieldType& value_type = std::get<0>(t); uint32_t& size = std::get<1>(t); return filter->setBegin(value_type, size); }; return applyDecoderFilters(nullptr); } FilterStatus ConnectionManager::ActiveRpc::setEnd() { filter_action_ = [](DecoderEventHandler* filter) -> FilterStatus { return filter->setEnd(); }; return applyDecoderFilters(nullptr); } void ConnectionManager::ActiveRpc::createFilterChain() { parent_.config_.filterFactory().createFilterChain(*this); } void ConnectionManager::ActiveRpc::onReset() { // TODO(zuercher): e.g., parent_.stats_.named_.downstream_rq_rx_reset_.inc(); parent_.doDeferredRpcDestroy(*this); } void ConnectionManager::ActiveRpc::onError(const std::string& what) { if (metadata_) { sendLocalReply(AppException(AppExceptionType::ProtocolError, what), true); return; } // Transport or protocol error happened before (or during message begin) parsing. It's not // possible to provide a valid response, so don't try. parent_.doDeferredRpcDestroy(*this); parent_.read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } const Network::Connection* ConnectionManager::ActiveRpc::connection() const { return &parent_.read_callbacks_->connection(); } Router::RouteConstSharedPtr ConnectionManager::ActiveRpc::route() { if (!cached_route_) { if (metadata_ != nullptr) { Router::RouteConstSharedPtr route = parent_.config_.routerConfig().route(*metadata_, stream_id_); cached_route_ = std::move(route); } else { cached_route_ = nullptr; } } return cached_route_.value(); } void ConnectionManager::ActiveRpc::sendLocalReply(const DirectResponse& response, bool end_stream) { metadata_->setSequenceId(original_sequence_id_); parent_.sendLocalReply(*metadata_, response, end_stream); if (end_stream) { return; } if (!upgrade_handler_) { // Consume any remaining request data from the downstream. local_response_sent_ = true; } } void ConnectionManager::ActiveRpc::startUpstreamResponse(Transport& transport, Protocol& protocol) { ASSERT(response_decoder_ == nullptr); response_decoder_ = std::make_unique(*this, transport, protocol); } ThriftFilters::ResponseStatus ConnectionManager::ActiveRpc::upstreamData(Buffer::Instance& buffer) { ASSERT(response_decoder_ != nullptr); try { if (response_decoder_->onData(buffer)) { // Completed upstream response. parent_.doDeferredRpcDestroy(*this); return ThriftFilters::ResponseStatus::Complete; } return ThriftFilters::ResponseStatus::MoreData; } catch (const AppException& ex) { ENVOY_LOG(error, "thrift response application error: {}", ex.what()); parent_.stats_.response_decoding_error_.inc(); sendLocalReply(ex, true); return ThriftFilters::ResponseStatus::Reset; } catch (const EnvoyException& ex) { ENVOY_CONN_LOG(error, "thrift response error: {}", parent_.read_callbacks_->connection(), ex.what()); parent_.stats_.response_decoding_error_.inc(); onError(ex.what()); return ThriftFilters::ResponseStatus::Reset; } } void ConnectionManager::ActiveRpc::resetDownstreamConnection() { parent_.read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/conn_manager.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/common/random_generator.h" #include "envoy/event/deferred_deletable.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" #include "common/buffer/buffer_impl.h" #include "common/common/linked_object.h" #include "common/common/logger.h" #include "common/stats/timespan_impl.h" #include "common/stream_info/stream_info_impl.h" #include "extensions/filters/network/thrift_proxy/decoder.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "extensions/filters/network/thrift_proxy/protocol_converter.h" #include "extensions/filters/network/thrift_proxy/stats.h" #include "extensions/filters/network/thrift_proxy/transport.h" #include "absl/types/any.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * Config is a configuration interface for ConnectionManager. */ class Config { public: virtual ~Config() = default; virtual ThriftFilters::FilterChainFactory& filterFactory() PURE; virtual ThriftFilterStats& stats() PURE; virtual TransportPtr createTransport() PURE; virtual ProtocolPtr createProtocol() PURE; virtual Router::Config& routerConfig() PURE; }; /** * Extends Upstream::ProtocolOptionsConfig with Thrift-specific cluster options. */ class ProtocolOptionsConfig : public Upstream::ProtocolOptionsConfig { public: ~ProtocolOptionsConfig() override = default; virtual TransportType transport(TransportType downstream_transport) const PURE; virtual ProtocolType protocol(ProtocolType downstream_protocol) const PURE; }; /** * ConnectionManager is a Network::Filter that will perform Thrift request handling on a connection. */ class ConnectionManager : public Network::ReadFilter, public Network::ConnectionCallbacks, public DecoderCallbacks, Logger::Loggable { public: ConnectionManager(Config& config, Random::RandomGenerator& random_generator, TimeSource& time_system); ~ConnectionManager() override; // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override { return Network::FilterStatus::Continue; } void initializeReadFilterCallbacks(Network::ReadFilterCallbacks&) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} // DecoderCallbacks DecoderEventHandler& newDecoderEventHandler() override; private: struct ActiveRpc; struct ResponseDecoder : public DecoderCallbacks, public ProtocolConverter { ResponseDecoder(ActiveRpc& parent, Transport& transport, Protocol& protocol) : parent_(parent), decoder_(std::make_unique(transport, protocol, *this)), complete_(false), first_reply_field_(false) { initProtocolConverter(*parent_.parent_.protocol_, parent_.response_buffer_); } bool onData(Buffer::Instance& data); // ProtocolConverter FilterStatus messageBegin(MessageMetadataSharedPtr metadata) override; FilterStatus messageEnd() override; FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) override; FilterStatus transportBegin(MessageMetadataSharedPtr metadata) override { UNREFERENCED_PARAMETER(metadata); return FilterStatus::Continue; } FilterStatus transportEnd() override; // DecoderCallbacks DecoderEventHandler& newDecoderEventHandler() override { return *this; } ActiveRpc& parent_; DecoderPtr decoder_; Buffer::OwnedImpl upstream_buffer_; MessageMetadataSharedPtr metadata_; absl::optional success_; bool complete_ : 1; bool first_reply_field_ : 1; }; using ResponseDecoderPtr = std::unique_ptr; // Wraps a DecoderFilter and acts as the DecoderFilterCallbacks for the filter, enabling filter // chain continuation. struct ActiveRpcDecoderFilter : public ThriftFilters::DecoderFilterCallbacks, LinkedObject { ActiveRpcDecoderFilter(ActiveRpc& parent, ThriftFilters::DecoderFilterSharedPtr filter) : parent_(parent), handle_(filter) {} // ThriftFilters::DecoderFilterCallbacks uint64_t streamId() const override { return parent_.stream_id_; } const Network::Connection* connection() const override { return parent_.connection(); } void continueDecoding() override; Router::RouteConstSharedPtr route() override { return parent_.route(); } TransportType downstreamTransportType() const override { return parent_.downstreamTransportType(); } ProtocolType downstreamProtocolType() const override { return parent_.downstreamProtocolType(); } void sendLocalReply(const DirectResponse& response, bool end_stream) override { parent_.sendLocalReply(response, end_stream); } void startUpstreamResponse(Transport& transport, Protocol& protocol) override { parent_.startUpstreamResponse(transport, protocol); } ThriftFilters::ResponseStatus upstreamData(Buffer::Instance& buffer) override { return parent_.upstreamData(buffer); } void resetDownstreamConnection() override { parent_.resetDownstreamConnection(); } StreamInfo::StreamInfo& streamInfo() override { return parent_.streamInfo(); } ActiveRpc& parent_; ThriftFilters::DecoderFilterSharedPtr handle_; }; using ActiveRpcDecoderFilterPtr = std::unique_ptr; // ActiveRpc tracks request/response pairs. struct ActiveRpc : LinkedObject, public Event::DeferredDeletable, public DecoderEventHandler, public ThriftFilters::DecoderFilterCallbacks, public ThriftFilters::FilterChainFactoryCallbacks { ActiveRpc(ConnectionManager& parent) : parent_(parent), request_timer_(new Stats::HistogramCompletableTimespanImpl( parent_.stats_.request_time_ms_, parent_.time_source_)), stream_id_(parent_.random_generator_.random()), stream_info_(parent_.time_source_), local_response_sent_{false}, pending_transport_end_{ false} { parent_.stats_.request_active_.inc(); stream_info_.setDownstreamLocalAddress(parent_.read_callbacks_->connection().localAddress()); stream_info_.setDownstreamRemoteAddress( parent_.read_callbacks_->connection().remoteAddress()); stream_info_.setDownstreamDirectRemoteAddress( parent_.read_callbacks_->connection().directRemoteAddress()); } ~ActiveRpc() override { request_timer_->complete(); parent_.stats_.request_active_.dec(); for (auto& filter : decoder_filters_) { filter->handle_->onDestroy(); } } // DecoderEventHandler FilterStatus transportBegin(MessageMetadataSharedPtr metadata) override; FilterStatus transportEnd() override; FilterStatus messageBegin(MessageMetadataSharedPtr metadata) override; FilterStatus messageEnd() override; FilterStatus structBegin(absl::string_view name) override; FilterStatus structEnd() override; FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) override; FilterStatus fieldEnd() override; FilterStatus boolValue(bool& value) override; FilterStatus byteValue(uint8_t& value) override; FilterStatus int16Value(int16_t& value) override; FilterStatus int32Value(int32_t& value) override; FilterStatus int64Value(int64_t& value) override; FilterStatus doubleValue(double& value) override; FilterStatus stringValue(absl::string_view value) override; FilterStatus mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) override; FilterStatus mapEnd() override; FilterStatus listBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus listEnd() override; FilterStatus setBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus setEnd() override; // ThriftFilters::DecoderFilterCallbacks uint64_t streamId() const override { return stream_id_; } const Network::Connection* connection() const override; void continueDecoding() override { parent_.continueDecoding(); } Router::RouteConstSharedPtr route() override; TransportType downstreamTransportType() const override { return parent_.decoder_->transportType(); } ProtocolType downstreamProtocolType() const override { return parent_.decoder_->protocolType(); } void sendLocalReply(const DirectResponse& response, bool end_stream) override; void startUpstreamResponse(Transport& transport, Protocol& protocol) override; ThriftFilters::ResponseStatus upstreamData(Buffer::Instance& buffer) override; void resetDownstreamConnection() override; StreamInfo::StreamInfo& streamInfo() override { return stream_info_; } // Thrift::FilterChainFactoryCallbacks void addDecoderFilter(ThriftFilters::DecoderFilterSharedPtr filter) override { ActiveRpcDecoderFilterPtr wrapper = std::make_unique(*this, filter); filter->setDecoderFilterCallbacks(*wrapper); LinkedList::moveIntoListBack(std::move(wrapper), decoder_filters_); } FilterStatus applyDecoderFilters(ActiveRpcDecoderFilter* filter); void finalizeRequest(); void createFilterChain(); void onReset(); void onError(const std::string& what); ConnectionManager& parent_; Stats::TimespanPtr request_timer_; uint64_t stream_id_; StreamInfo::StreamInfoImpl stream_info_; MessageMetadataSharedPtr metadata_; std::list decoder_filters_; DecoderEventHandlerSharedPtr upgrade_handler_; ResponseDecoderPtr response_decoder_; absl::optional cached_route_; Buffer::OwnedImpl response_buffer_; int32_t original_sequence_id_{0}; MessageType original_msg_type_{MessageType::Call}; std::function filter_action_; absl::any filter_context_; bool local_response_sent_ : 1; bool pending_transport_end_ : 1; }; using ActiveRpcPtr = std::unique_ptr; void continueDecoding(); void dispatch(); void sendLocalReply(MessageMetadata& metadata, const DirectResponse& response, bool end_stream); void doDeferredRpcDestroy(ActiveRpc& rpc); void resetAllRpcs(bool local_reset); Config& config_; ThriftFilterStats& stats_; Network::ReadFilterCallbacks* read_callbacks_{}; TransportPtr transport_; ProtocolPtr protocol_; DecoderPtr decoder_; std::list rpcs_; Buffer::OwnedImpl request_buffer_; Random::RandomGenerator& random_generator_; bool stopped_{false}; bool half_closed_{false}; TimeSource& time_source_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/conn_state.h ================================================ #pragma once #include "envoy/tcp/conn_pool.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * ThriftConnectionState tracks thrift-related connection state for pooled connections. */ class ThriftConnectionState : public Tcp::ConnectionPool::ConnectionState { public: ThriftConnectionState(int32_t initial_sequence_id = 0) : next_sequence_id_(initial_sequence_id) {} /** * @return int32_t the next Thrift sequence id to use for this connection. */ int32_t nextSequenceId() { if (next_sequence_id_ == std::numeric_limits::max()) { next_sequence_id_ = 0; return std::numeric_limits::max(); } return next_sequence_id_++; } /** * @return true if this upgrade has been attempted on this connection. */ bool upgradeAttempted() const { return upgrade_attempted_; } /** * @return true if this connection has been upgraded */ bool isUpgraded() const { return upgraded_; } /** * Marks the connection as successfully upgraded. */ void markUpgraded() { upgrade_attempted_ = true; upgraded_ = true; } /** * Marks the connection as not upgraded. */ void markUpgradeFailed() { upgrade_attempted_ = true; upgraded_ = false; } private: int32_t next_sequence_id_; bool upgrade_attempted_{false}; bool upgraded_{false}; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/decoder.cc ================================================ #include "extensions/filters/network/thrift_proxy/decoder.h" #include "envoy/common/exception.h" #include "common/common/assert.h" #include "common/common/macros.h" #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { // MessageBegin -> StructBegin DecoderStateMachine::DecoderStatus DecoderStateMachine::messageBegin(Buffer::Instance& buffer) { if (!proto_.readMessageBegin(buffer, *metadata_)) { return {ProtocolState::WaitForData}; } stack_.clear(); stack_.emplace_back(Frame(ProtocolState::MessageEnd)); return {ProtocolState::StructBegin, handler_.messageBegin(metadata_)}; } // MessageEnd -> Done DecoderStateMachine::DecoderStatus DecoderStateMachine::messageEnd(Buffer::Instance& buffer) { if (!proto_.readMessageEnd(buffer)) { return {ProtocolState::WaitForData}; } return {ProtocolState::Done, handler_.messageEnd()}; } // StructBegin -> FieldBegin DecoderStateMachine::DecoderStatus DecoderStateMachine::structBegin(Buffer::Instance& buffer) { std::string name; if (!proto_.readStructBegin(buffer, name)) { return {ProtocolState::WaitForData}; } return {ProtocolState::FieldBegin, handler_.structBegin(absl::string_view(name))}; } // StructEnd -> stack's return state DecoderStateMachine::DecoderStatus DecoderStateMachine::structEnd(Buffer::Instance& buffer) { if (!proto_.readStructEnd(buffer)) { return {ProtocolState::WaitForData}; } ProtocolState next_state = popReturnState(); return {next_state, handler_.structEnd()}; } // FieldBegin -> FieldValue, or // FieldBegin -> StructEnd (stop field) DecoderStateMachine::DecoderStatus DecoderStateMachine::fieldBegin(Buffer::Instance& buffer) { std::string name; FieldType field_type; int16_t field_id; if (!proto_.readFieldBegin(buffer, name, field_type, field_id)) { return {ProtocolState::WaitForData}; } if (field_type == FieldType::Stop) { return {ProtocolState::StructEnd, FilterStatus::Continue}; } stack_.emplace_back(Frame(ProtocolState::FieldEnd, field_type)); return {ProtocolState::FieldValue, handler_.fieldBegin(absl::string_view(name), field_type, field_id)}; } // FieldValue -> FieldEnd (via stack return state) DecoderStateMachine::DecoderStatus DecoderStateMachine::fieldValue(Buffer::Instance& buffer) { ASSERT(!stack_.empty()); Frame& frame = stack_.back(); return handleValue(buffer, frame.elem_type_, frame.return_state_); } // FieldEnd -> FieldBegin DecoderStateMachine::DecoderStatus DecoderStateMachine::fieldEnd(Buffer::Instance& buffer) { if (!proto_.readFieldEnd(buffer)) { return {ProtocolState::WaitForData}; } popReturnState(); return {ProtocolState::FieldBegin, handler_.fieldEnd()}; } // ListBegin -> ListValue DecoderStateMachine::DecoderStatus DecoderStateMachine::listBegin(Buffer::Instance& buffer) { FieldType elem_type; uint32_t size; if (!proto_.readListBegin(buffer, elem_type, size)) { return {ProtocolState::WaitForData}; } stack_.emplace_back(Frame(ProtocolState::ListEnd, elem_type, size)); return {ProtocolState::ListValue, handler_.listBegin(elem_type, size)}; } // ListValue -> ListValue, ListBegin, MapBegin, SetBegin, StructBegin (depending on value type), or // ListValue -> ListEnd DecoderStateMachine::DecoderStatus DecoderStateMachine::listValue(Buffer::Instance& buffer) { ASSERT(!stack_.empty()); const uint32_t index = stack_.size() - 1; if (stack_[index].remaining_ == 0) { return {popReturnState(), FilterStatus::Continue}; } DecoderStatus status = handleValue(buffer, stack_[index].elem_type_, ProtocolState::ListValue); if (status.next_state_ != ProtocolState::WaitForData) { stack_[index].remaining_--; } return status; } // ListEnd -> stack's return state DecoderStateMachine::DecoderStatus DecoderStateMachine::listEnd(Buffer::Instance& buffer) { if (!proto_.readListEnd(buffer)) { return {ProtocolState::WaitForData}; } ProtocolState next_state = popReturnState(); return {next_state, handler_.listEnd()}; } // MapBegin -> MapKey DecoderStateMachine::DecoderStatus DecoderStateMachine::mapBegin(Buffer::Instance& buffer) { FieldType key_type, value_type; uint32_t size; if (!proto_.readMapBegin(buffer, key_type, value_type, size)) { return {ProtocolState::WaitForData}; } stack_.emplace_back(Frame(ProtocolState::MapEnd, key_type, value_type, size)); return {ProtocolState::MapKey, handler_.mapBegin(key_type, value_type, size)}; } // MapKey -> MapValue, ListBegin, MapBegin, SetBegin, StructBegin (depending on key type), or // MapKey -> MapEnd DecoderStateMachine::DecoderStatus DecoderStateMachine::mapKey(Buffer::Instance& buffer) { ASSERT(!stack_.empty()); Frame& frame = stack_.back(); if (frame.remaining_ == 0) { return {popReturnState(), FilterStatus::Continue}; } return handleValue(buffer, frame.elem_type_, ProtocolState::MapValue); } // MapValue -> MapKey, ListBegin, MapBegin, SetBegin, StructBegin (depending on value type), or // MapValue -> MapKey DecoderStateMachine::DecoderStatus DecoderStateMachine::mapValue(Buffer::Instance& buffer) { ASSERT(!stack_.empty()); const uint32_t index = stack_.size() - 1; ASSERT(stack_[index].remaining_ != 0); DecoderStatus status = handleValue(buffer, stack_[index].value_type_, ProtocolState::MapKey); if (status.next_state_ != ProtocolState::WaitForData) { stack_[index].remaining_--; } return status; } // MapEnd -> stack's return state DecoderStateMachine::DecoderStatus DecoderStateMachine::mapEnd(Buffer::Instance& buffer) { if (!proto_.readMapEnd(buffer)) { return {ProtocolState::WaitForData}; } ProtocolState next_state = popReturnState(); return {next_state, handler_.mapEnd()}; } // SetBegin -> SetValue DecoderStateMachine::DecoderStatus DecoderStateMachine::setBegin(Buffer::Instance& buffer) { FieldType elem_type; uint32_t size; if (!proto_.readSetBegin(buffer, elem_type, size)) { return {ProtocolState::WaitForData}; } stack_.emplace_back(Frame(ProtocolState::SetEnd, elem_type, size)); return {ProtocolState::SetValue, handler_.setBegin(elem_type, size)}; } // SetValue -> SetValue, ListBegin, MapBegin, SetBegin, StructBegin (depending on value type), or // SetValue -> SetEnd DecoderStateMachine::DecoderStatus DecoderStateMachine::setValue(Buffer::Instance& buffer) { ASSERT(!stack_.empty()); const uint32_t index = stack_.size() - 1; if (stack_[index].remaining_ == 0) { return {popReturnState(), FilterStatus::Continue}; } DecoderStatus status = handleValue(buffer, stack_[index].elem_type_, ProtocolState::SetValue); if (status.next_state_ != ProtocolState::WaitForData) { stack_[index].remaining_--; } return status; } // SetEnd -> stack's return state DecoderStateMachine::DecoderStatus DecoderStateMachine::setEnd(Buffer::Instance& buffer) { if (!proto_.readSetEnd(buffer)) { return {ProtocolState::WaitForData}; } ProtocolState next_state = popReturnState(); return {next_state, handler_.setEnd()}; } DecoderStateMachine::DecoderStatus DecoderStateMachine::handleValue(Buffer::Instance& buffer, FieldType elem_type, ProtocolState return_state) { switch (elem_type) { case FieldType::Bool: { bool value{}; if (proto_.readBool(buffer, value)) { return {return_state, handler_.boolValue(value)}; } break; } case FieldType::Byte: { uint8_t value{}; if (proto_.readByte(buffer, value)) { return {return_state, handler_.byteValue(value)}; } break; } case FieldType::I16: { int16_t value{}; if (proto_.readInt16(buffer, value)) { return {return_state, handler_.int16Value(value)}; } break; } case FieldType::I32: { int32_t value{}; if (proto_.readInt32(buffer, value)) { return {return_state, handler_.int32Value(value)}; } break; } case FieldType::I64: { int64_t value{}; if (proto_.readInt64(buffer, value)) { return {return_state, handler_.int64Value(value)}; } break; } case FieldType::Double: { double value{}; if (proto_.readDouble(buffer, value)) { return {return_state, handler_.doubleValue(value)}; } break; } case FieldType::String: { std::string value; if (proto_.readString(buffer, value)) { return {return_state, handler_.stringValue(value)}; } break; } case FieldType::Struct: stack_.emplace_back(Frame(return_state)); return {ProtocolState::StructBegin, FilterStatus::Continue}; case FieldType::Map: stack_.emplace_back(Frame(return_state)); return {ProtocolState::MapBegin, FilterStatus::Continue}; case FieldType::List: stack_.emplace_back(Frame(return_state)); return {ProtocolState::ListBegin, FilterStatus::Continue}; case FieldType::Set: stack_.emplace_back(Frame(return_state)); return {ProtocolState::SetBegin, FilterStatus::Continue}; default: throw EnvoyException(fmt::format("unknown field type {}", static_cast(elem_type))); } return {ProtocolState::WaitForData}; } DecoderStateMachine::DecoderStatus DecoderStateMachine::handleState(Buffer::Instance& buffer) { switch (state_) { case ProtocolState::MessageBegin: return messageBegin(buffer); case ProtocolState::StructBegin: return structBegin(buffer); case ProtocolState::StructEnd: return structEnd(buffer); case ProtocolState::FieldBegin: return fieldBegin(buffer); case ProtocolState::FieldValue: return fieldValue(buffer); case ProtocolState::FieldEnd: return fieldEnd(buffer); case ProtocolState::ListBegin: return listBegin(buffer); case ProtocolState::ListValue: return listValue(buffer); case ProtocolState::ListEnd: return listEnd(buffer); case ProtocolState::MapBegin: return mapBegin(buffer); case ProtocolState::MapKey: return mapKey(buffer); case ProtocolState::MapValue: return mapValue(buffer); case ProtocolState::MapEnd: return mapEnd(buffer); case ProtocolState::SetBegin: return setBegin(buffer); case ProtocolState::SetValue: return setValue(buffer); case ProtocolState::SetEnd: return setEnd(buffer); case ProtocolState::MessageEnd: return messageEnd(buffer); default: NOT_REACHED_GCOVR_EXCL_LINE; } } ProtocolState DecoderStateMachine::popReturnState() { ASSERT(!stack_.empty()); ProtocolState return_state = stack_.back().return_state_; stack_.pop_back(); return return_state; } ProtocolState DecoderStateMachine::run(Buffer::Instance& buffer) { while (state_ != ProtocolState::Done) { ENVOY_LOG(trace, "thrift: state {}, {} bytes available", ProtocolStateNameValues::name(state_), buffer.length()); DecoderStatus s = handleState(buffer); if (s.next_state_ == ProtocolState::WaitForData) { return ProtocolState::WaitForData; } state_ = s.next_state_; ASSERT(s.filter_status_.has_value()); if (s.filter_status_.value() == FilterStatus::StopIteration) { return ProtocolState::StopIteration; } } return state_; } Decoder::Decoder(Transport& transport, Protocol& protocol, DecoderCallbacks& callbacks) : transport_(transport), protocol_(protocol), callbacks_(callbacks) {} void Decoder::complete() { request_.reset(); state_machine_ = nullptr; frame_started_ = false; frame_ended_ = false; } FilterStatus Decoder::onData(Buffer::Instance& data, bool& buffer_underflow) { ENVOY_LOG(debug, "thrift: {} bytes available", data.length()); buffer_underflow = false; if (frame_ended_) { // Continuation after filter stopped iteration on transportComplete callback. complete(); buffer_underflow = (data.length() == 0); return FilterStatus::Continue; } if (!frame_started_) { // Look for start of next frame. if (!metadata_) { metadata_ = std::make_shared(); } if (!transport_.decodeFrameStart(data, *metadata_)) { ENVOY_LOG(debug, "thrift: need more data for {} transport start", transport_.name()); buffer_underflow = true; return FilterStatus::Continue; } ENVOY_LOG(debug, "thrift: {} transport started", transport_.name()); if (metadata_->hasProtocol()) { if (protocol_.type() == ProtocolType::Auto) { protocol_.setType(metadata_->protocol()); ENVOY_LOG(debug, "thrift: {} transport forced {} protocol", transport_.name(), protocol_.name()); } else if (metadata_->protocol() != protocol_.type()) { throw EnvoyException(fmt::format("transport reports protocol {}, but configured for {}", ProtocolNames::get().fromType(metadata_->protocol()), ProtocolNames::get().fromType(protocol_.type()))); } } if (metadata_->hasAppException()) { AppExceptionType ex_type = metadata_->appExceptionType(); std::string ex_msg = metadata_->appExceptionMessage(); // Force new metadata if we get called again. metadata_.reset(); throw AppException(ex_type, ex_msg); } request_ = std::make_unique(callbacks_.newDecoderEventHandler()); frame_started_ = true; state_machine_ = std::make_unique(protocol_, metadata_, request_->handler_); if (request_->handler_.transportBegin(metadata_) == FilterStatus::StopIteration) { return FilterStatus::StopIteration; } } ASSERT(state_machine_ != nullptr); ENVOY_LOG(debug, "thrift: protocol {}, state {}, {} bytes available", protocol_.name(), ProtocolStateNameValues::name(state_machine_->currentState()), data.length()); ProtocolState rv = state_machine_->run(data); if (rv == ProtocolState::WaitForData) { ENVOY_LOG(debug, "thrift: wait for data"); buffer_underflow = true; return FilterStatus::Continue; } else if (rv == ProtocolState::StopIteration) { ENVOY_LOG(debug, "thrift: wait for continuation"); return FilterStatus::StopIteration; } ASSERT(rv == ProtocolState::Done); // Message complete, decode end of frame. if (!transport_.decodeFrameEnd(data)) { ENVOY_LOG(debug, "thrift: need more data for {} transport end", transport_.name()); buffer_underflow = true; return FilterStatus::Continue; } frame_ended_ = true; metadata_.reset(); ENVOY_LOG(debug, "thrift: {} transport ended", transport_.name()); if (request_->handler_.transportEnd() == FilterStatus::StopIteration) { return FilterStatus::StopIteration; } // Reset for next frame. complete(); buffer_underflow = (data.length() == 0); return FilterStatus::Continue; } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/decoder.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { #define ALL_PROTOCOL_STATES(FUNCTION) \ FUNCTION(StopIteration) \ FUNCTION(WaitForData) \ FUNCTION(MessageBegin) \ FUNCTION(MessageEnd) \ FUNCTION(StructBegin) \ FUNCTION(StructEnd) \ FUNCTION(FieldBegin) \ FUNCTION(FieldValue) \ FUNCTION(FieldEnd) \ FUNCTION(MapBegin) \ FUNCTION(MapKey) \ FUNCTION(MapValue) \ FUNCTION(MapEnd) \ FUNCTION(ListBegin) \ FUNCTION(ListValue) \ FUNCTION(ListEnd) \ FUNCTION(SetBegin) \ FUNCTION(SetValue) \ FUNCTION(SetEnd) \ FUNCTION(Done) /** * ProtocolState represents a set of states used in a state machine to decode Thrift requests * and responses. */ enum class ProtocolState { ALL_PROTOCOL_STATES(GENERATE_ENUM) }; class ProtocolStateNameValues { public: static const std::string& name(ProtocolState state) { size_t i = static_cast(state); ASSERT(i < names().size()); return names()[i]; } private: static const std::vector& names() { CONSTRUCT_ON_FIRST_USE(std::vector, {ALL_PROTOCOL_STATES(GENERATE_STRING)}); } }; /** * DecoderStateMachine is the Thrift message state machine as described in * source/extensions/filters/network/thrift_proxy/docs. */ class DecoderStateMachine : public Logger::Loggable { public: DecoderStateMachine(Protocol& proto, MessageMetadataSharedPtr& metadata, DecoderEventHandler& handler) : proto_(proto), metadata_(metadata), handler_(handler), state_(ProtocolState::MessageBegin) { } /** * Consumes as much data from the configured Buffer as possible and executes the decoding state * machine. Returns ProtocolState::WaitForData if more data is required to complete processing of * a message. Returns ProtocolState::Done when the end of a message is successfully processed. * Once the Done state is reached, further invocations of run return immediately with Done. * * @param buffer a buffer containing the remaining data to be processed * @return ProtocolState returns with ProtocolState::WaitForData or ProtocolState::Done * @throw Envoy Exception if thrown by the underlying Protocol */ ProtocolState run(Buffer::Instance& buffer); /** * @return the current ProtocolState */ ProtocolState currentState() const { return state_; } /** * Set the current state. Used for testing only. */ void setCurrentState(ProtocolState state) { state_ = state; } private: /** * Frame encodes information about the return state for nested elements, container element types, * and the number of remaining container elements. */ struct Frame { Frame(ProtocolState state) : return_state_(state), elem_type_{}, value_type_{}, remaining_(0) {} Frame(ProtocolState state, FieldType elem_type) : return_state_(state), elem_type_(elem_type), value_type_{}, remaining_{} {} Frame(ProtocolState state, FieldType elem_type, uint32_t remaining) : return_state_(state), elem_type_(elem_type), value_type_{}, remaining_(remaining) {} Frame(ProtocolState state, FieldType key_type, FieldType value_type, uint32_t remaining) : return_state_(state), elem_type_(key_type), value_type_(value_type), remaining_(remaining) {} // Structs, lists, maps, and sets may be recursively nested in any combination. This field // indicates which state to return to at the completion of each of those types. const ProtocolState return_state_; // Indicates the element type for lists and sets or the key type for a map. const FieldType elem_type_; // Indicates the value type for a map. const FieldType value_type_; // Indicates the number of elements (or key-value pairs) remaining in a list, map, or set. uint32_t remaining_; }; struct DecoderStatus { DecoderStatus(ProtocolState next_state) : next_state_(next_state){}; DecoderStatus(ProtocolState next_state, FilterStatus filter_status) : next_state_(next_state), filter_status_(filter_status){}; ProtocolState next_state_; absl::optional filter_status_; }; // These functions map directly to the matching ProtocolState values. Each returns the next state // or ProtocolState::WaitForData if more data is required. DecoderStatus messageBegin(Buffer::Instance& buffer); DecoderStatus messageEnd(Buffer::Instance& buffer); DecoderStatus structBegin(Buffer::Instance& buffer); DecoderStatus structEnd(Buffer::Instance& buffer); DecoderStatus fieldBegin(Buffer::Instance& buffer); DecoderStatus fieldValue(Buffer::Instance& buffer); DecoderStatus fieldEnd(Buffer::Instance& buffer); DecoderStatus listBegin(Buffer::Instance& buffer); DecoderStatus listValue(Buffer::Instance& buffer); DecoderStatus listEnd(Buffer::Instance& buffer); DecoderStatus mapBegin(Buffer::Instance& buffer); DecoderStatus mapKey(Buffer::Instance& buffer); DecoderStatus mapValue(Buffer::Instance& buffer); DecoderStatus mapEnd(Buffer::Instance& buffer); DecoderStatus setBegin(Buffer::Instance& buffer); DecoderStatus setValue(Buffer::Instance& buffer); DecoderStatus setEnd(Buffer::Instance& buffer); // handleValue represents the generic Value state from the state machine documentation. It // returns either ProtocolState::WaitForData if more data is required or the next state. For // structs, lists, maps, or sets the return_state is pushed onto the stack and the next state is // based on elem_type. For primitive value types, return_state is returned as the next state // (unless WaitForData is returned). DecoderStatus handleValue(Buffer::Instance& buffer, FieldType elem_type, ProtocolState return_state); // handleState delegates to the appropriate method based on state_. DecoderStatus handleState(Buffer::Instance& buffer); // Helper method to retrieve the current frame's return state and remove the frame from the // stack. ProtocolState popReturnState(); Protocol& proto_; MessageMetadataSharedPtr metadata_; DecoderEventHandler& handler_; ProtocolState state_; std::vector stack_; }; using DecoderStateMachinePtr = std::unique_ptr; class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; /** * @return DecoderEventHandler& a new DecoderEventHandler for a message. */ virtual DecoderEventHandler& newDecoderEventHandler() PURE; }; /** * Decoder encapsulates a configured Transport and Protocol and provides the ability to decode * Thrift messages. */ class Decoder : public Logger::Loggable { public: Decoder(Transport& transport, Protocol& protocol, DecoderCallbacks& callbacks); /** * Drains data from the given buffer while executing a state machine over the data. * * @param data a Buffer containing Thrift protocol data * @param buffer_underflow bool set to true if more data is required to continue decoding * @return FilterStatus::StopIteration when waiting for filter continuation, * Continue otherwise. * @throw EnvoyException on Thrift protocol errors */ FilterStatus onData(Buffer::Instance& data, bool& buffer_underflow); TransportType transportType() { return transport_.type(); } ProtocolType protocolType() { return protocol_.type(); } private: struct ActiveRequest { ActiveRequest(DecoderEventHandler& handler) : handler_(handler) {} DecoderEventHandler& handler_; }; using ActiveRequestPtr = std::unique_ptr; void complete(); Transport& transport_; Protocol& protocol_; DecoderCallbacks& callbacks_; ActiveRequestPtr request_; MessageMetadataSharedPtr metadata_; DecoderStateMachinePtr state_machine_; bool frame_started_{false}; bool frame_ended_{false}; }; using DecoderPtr = std::unique_ptr; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/decoder_events.h ================================================ #pragma once #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { enum class FilterStatus { // Continue filter chain iteration. Continue, // Stop iterating over filters in the filter chain. Iteration must be explicitly restarted via // continueDecoding(). StopIteration }; class DecoderEventHandler { public: virtual ~DecoderEventHandler() = default; /** * Indicates the start of a Thrift transport frame was detected. Unframed transports generate * simulated start messages. * @param metadata MessageMetadataSharedPtr describing as much as is currently known about the * message */ virtual FilterStatus transportBegin(MessageMetadataSharedPtr metadata) PURE; /** * Indicates the end of a Thrift transport frame was detected. Unframed transport generate * simulated complete messages. */ virtual FilterStatus transportEnd() PURE; /** * Indicates that the start of a Thrift protocol message was detected. * @param metadata MessageMetadataSharedPtr describing the message * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus messageBegin(MessageMetadataSharedPtr metadata) PURE; /** * Indicates that the end of a Thrift protocol message was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus messageEnd() PURE; /** * Indicates that the start of a Thrift protocol struct was detected. * @param name the name of the struct, if available * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus structBegin(absl::string_view name) PURE; /** * Indicates that the end of a Thrift protocol struct was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus structEnd() PURE; /** * Indicates that the start of Thrift protocol struct field was detected. * @param name the name of the field, if available * @param field_type the type of the field * @param field_id the field id * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) PURE; /** * Indicates that the end of a Thrift protocol struct field was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus fieldEnd() PURE; /** * A struct field, map key, map value, list element or set element was detected. * @param value type value of the field * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus boolValue(bool& value) PURE; virtual FilterStatus byteValue(uint8_t& value) PURE; virtual FilterStatus int16Value(int16_t& value) PURE; virtual FilterStatus int32Value(int32_t& value) PURE; virtual FilterStatus int64Value(int64_t& value) PURE; virtual FilterStatus doubleValue(double& value) PURE; virtual FilterStatus stringValue(absl::string_view value) PURE; /** * Indicates the start of a Thrift protocol map was detected. * @param key_type the map key type * @param value_type the map value type * @param size the number of key-value pairs * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) PURE; /** * Indicates that the end of a Thrift protocol map was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus mapEnd() PURE; /** * Indicates the start of a Thrift protocol list was detected. * @param elem_type the list value type * @param size the number of values in the list * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus listBegin(FieldType& elem_type, uint32_t& size) PURE; /** * Indicates that the end of a Thrift protocol list was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus listEnd() PURE; /** * Indicates the start of a Thrift protocol set was detected. * @param elem_type the set value type * @param size the number of values in the set * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus setBegin(FieldType& elem_type, uint32_t& size) PURE; /** * Indicates that the end of a Thrift protocol set was detected. * @return FilterStatus to indicate if filter chain iteration should continue */ virtual FilterStatus setEnd() PURE; }; using DecoderEventHandlerSharedPtr = std::shared_ptr; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/docs/thrift_state_machine.dot ================================================ /* graphviz dot file that renders the Thrift Decoder state machine. Rendered via: dot -Tsvg -o thrift_state_machine.svg thrift_state_machine.dot */ digraph { { rank = same; Start; MessageBegin; MessageEnd; Done; }; { rank = same; StructBegin; StructEnd; }; { rank = same; FieldBegin; FieldEnd; }; { rank = same; Value; }; { rank = same; ListBegin; ListEnd; MapBegin; MapEnd; SetBegin; SetEnd; StructValueBegin; StructValueEnd; }; { rank = same; StructValueFieldBegin; StructValueFieldEnd; }; Start -> MessageBegin; MessageBegin -> StructBegin; StructBegin -> FieldBegin; FieldBegin -> Value; FieldBegin -> StructEnd; Value -> FieldEnd; FieldEnd -> FieldBegin; StructEnd -> MessageEnd; MessageEnd -> Done; ListValue [label="Value"]; Value -> ListBegin; ListBegin -> ListValue; ListValue -> ListValue [label="size"]; ListValue -> ListEnd; ListEnd -> Value; MapKeyValue [label="Key (Value)"]; MapValueValue [label="Value"]; Value -> MapBegin; MapBegin -> MapKeyValue; MapKeyValue:sw -> MapValueValue:nw; MapKeyValue -> MapEnd; MapValueValue:ne -> MapKeyValue:se [label="size"]; MapEnd -> Value; SetValue [label="Value"]; Value -> SetBegin; SetBegin -> SetValue; SetValue -> SetValue [label="size"]; SetValue -> SetEnd; SetEnd -> Value; StructValueBegin [label="StructBegin"]; StructValueEnd [label="StructEnd"]; StructValueFieldBegin [label="FieldBegin"]; StructValueFieldEnd [label="FieldEnd"]; StructValueValue [label="Value"]; Value -> StructValueBegin; StructValueBegin -> StructValueFieldBegin; StructValueFieldBegin -> StructValueValue; StructValueFieldBegin -> StructValueEnd; StructValueValue -> StructValueFieldEnd; StructValueFieldEnd -> StructValueFieldBegin; StructValueEnd -> Value; graph [label="Thrift Decoder State Machine.\n\nStates appear in multiple locations to simplify the graph of transitions."]; Start [style=filled, fillcolor="#cccccc"]; Done [style=filled, fillcolor="#cccccc"]; /* force ordering within ranks */ MessageBegin -> MessageEnd [style=invis]; StructBegin -> StructEnd [style=invis]; FieldBegin -> FieldEnd [style=invis]; ListBegin -> ListEnd -> MapBegin -> MapEnd -> SetBegin -> SetEnd -> StructValueBegin -> StructValueEnd [style=invis]; StructValueFieldBegin -> StructValueFieldEnd [style=invis]; } ================================================ FILE: source/extensions/filters/network/thrift_proxy/docs/thrift_state_machine.md ================================================ Thrift Decoder State Machine ============================ ![Thrift Decoder State Machine](thrift_state_machine.svg) Decoding Thrift messages can be visualized as a series of state transitions. Each state corresponds to the invocation of a function on the `ThriftProxy::Protocol` interface. Not pictured in the state diagram is the transient `WaitForData` state which implies that insufficient data was available to process a state and that the state machine should be resumed when more data is available. The `Value` states in the diagram are represented by multiple states in the actual state machine (`FieldValue`, `ListValue`, `MapKey`, `MapValue`, and `SetValue`). The various value states encode the transition from, for example, a list value (`ListValue`) to the `ListEnd` state. The state machine tracks "frames" which allow the state machine to record information about nested lists, maps, sets, and structures. Thrift allows these data types to be nested in arbitrary combinations and the frame records the state to return to at the end of each type. For lists, maps, and sets the frame also records the number of remaining elements. ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "filter_config_interface", hdrs = ["filter_config.h"], deps = [ ":filter_interface", "//include/envoy/config:typed_config_interface", "//include/envoy/server:filter_config_interface", "//source/common/common:macros", "//source/common/protobuf:cc_wkt_protos", ], ) envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], deps = [ ":filter_config_interface", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:connection_interface", "//include/envoy/stream_info:stream_info_interface", "//source/extensions/filters/network/thrift_proxy:decoder_events_lib", "//source/extensions/filters/network/thrift_proxy:protocol_interface", "//source/extensions/filters/network/thrift_proxy:thrift_lib", "//source/extensions/filters/network/thrift_proxy/router:router_interface", ], ) envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = [ "//source/common/singleton:const_singleton", ], ) envoy_cc_library( name = "pass_through_filter_lib", hdrs = ["pass_through_filter.h"], deps = [ ":filter_interface", ], ) ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/factory_base.h ================================================ #pragma once #include "common/protobuf/utility.h" #include "extensions/filters/network/thrift_proxy/filters/filter_config.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace ThriftFilters { template class FactoryBase : public NamedThriftFilterConfigFactory { public: FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override { return createFilterFactoryFromProtoTyped(MessageUtil::downcastAndValidate( proto_config, context.messageValidationVisitor()), stats_prefix, context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: FactoryBase(const std::string& name) : name_(name) {} private: virtual FilterFactoryCb createFilterFactoryFromProtoTyped(const ConfigProto& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) PURE; const std::string name_; }; } // namespace ThriftFilters } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/filter.h ================================================ #pragma once #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" #include "envoy/stream_info/stream_info.h" #include "extensions/filters/network/thrift_proxy/decoder_events.h" #include "extensions/filters/network/thrift_proxy/protocol.h" #include "extensions/filters/network/thrift_proxy/router/router.h" #include "extensions/filters/network/thrift_proxy/thrift.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace ThriftFilters { enum class ResponseStatus { MoreData = 0, // The upstream response requires more data. Complete = 1, // The upstream response is complete. Reset = 2, // The upstream response is invalid and its connection must be reset. }; /** * Decoder filter callbacks add additional callbacks. */ class DecoderFilterCallbacks { public: virtual ~DecoderFilterCallbacks() = default; /** * @return uint64_t the ID of the originating stream for logging purposes. */ virtual uint64_t streamId() const PURE; /** * @return const Network::Connection* the originating connection, or nullptr if there is none. */ virtual const Network::Connection* connection() const PURE; /** * Continue iterating through the filter chain with buffered data. This routine can only be * called if the filter has previously returned StopIteration from one of the DecoderFilter * methods. The connection manager will callbacks to the next filter in the chain. Further note * that if the request is not complete, the calling filter may receive further callbacks and must * return an appropriate status code depending on what the filter needs to do. */ virtual void continueDecoding() PURE; /** * @return RouteConstSharedPtr the route for the current request. */ virtual Router::RouteConstSharedPtr route() PURE; /** * @return TransportType the originating transport. */ virtual TransportType downstreamTransportType() const PURE; /** * @return ProtocolType the originating protocol. */ virtual ProtocolType downstreamProtocolType() const PURE; /** * Create a locally generated response using the provided response object. * @param response DirectResponse the response to send to the downstream client * @param end_stream if true, the downstream connection should be closed after this response */ virtual void sendLocalReply(const ThriftProxy::DirectResponse& response, bool end_stream) PURE; /** * Indicates the start of an upstream response. May only be called once. * @param transport the transport used by the upstream response * @param protocol the protocol used by the upstream response */ virtual void startUpstreamResponse(Transport& transport, Protocol& protocol) PURE; /** * Called with upstream response data. * @param data supplies the upstream's data * @return ResponseStatus indicating if the upstream response requires more data, is complete, * or if an error occurred requiring the upstream connection to be reset. */ virtual ResponseStatus upstreamData(Buffer::Instance& data) PURE; /** * Reset the downstream connection. */ virtual void resetDownstreamConnection() PURE; /** * @return StreamInfo for logging purposes. */ virtual StreamInfo::StreamInfo& streamInfo() PURE; }; /** * Decoder filter interface. */ class DecoderFilter : public virtual DecoderEventHandler { public: ~DecoderFilter() override = default; /** * This routine is called prior to a filter being destroyed. This may happen after normal stream * finish (both downstream and upstream) or due to reset. Every filter is responsible for making * sure that any async events are cleaned up in the context of this routine. This includes timers, * network calls, etc. The reason there is an onDestroy() method vs. doing this type of cleanup * in the destructor is due to the deferred deletion model that Envoy uses to avoid stack unwind * complications. Filters must not invoke either encoder or decoder filter callbacks after having * onDestroy() invoked. */ virtual void onDestroy() PURE; /** * Called by the connection manager once to initialize the filter decoder callbacks that the * filter should use. Callbacks will not be invoked by the filter after onDestroy() is called. */ virtual void setDecoderFilterCallbacks(DecoderFilterCallbacks& callbacks) PURE; }; using DecoderFilterSharedPtr = std::shared_ptr; /** * These callbacks are provided by the connection manager to the factory so that the factory can * build the filter chain in an application specific way. */ class FilterChainFactoryCallbacks { public: virtual ~FilterChainFactoryCallbacks() = default; /** * Add a decoder filter that is used when reading connection data. * @param filter supplies the filter to add. */ virtual void addDecoderFilter(DecoderFilterSharedPtr filter) PURE; }; /** * This function is used to wrap the creation of a Thrift filter chain for new connections as they * come in. Filter factories create the function at configuration initialization time, and then * they are used at runtime. * @param callbacks supplies the callbacks for the stream to install filters to. Typically the * function will install a single filter, but it's technically possibly to install more than one * if desired. */ using FilterFactoryCb = std::function; /** * A FilterChainFactory is used by a connection manager to create a Thrift level filter chain when * a new connection is created. Typically it would be implemented by a configuration engine that * would install a set of filters that are able to process an application scenario on top of a * stream of Thrift requests. */ class FilterChainFactory { public: virtual ~FilterChainFactory() = default; /** * Called when a new Thrift stream is created on the connection. * @param callbacks supplies the "sink" that is used for actually creating the filter chain. @see * FilterChainFactoryCallbacks. */ virtual void createFilterChain(FilterChainFactoryCallbacks& callbacks) PURE; }; } // namespace ThriftFilters } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/filter_config.h ================================================ #pragma once #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" #include "common/common/macros.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace ThriftFilters { /** * Implemented by each Thrift filter and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedThriftFilterConfigFactory : public Envoy::Config::TypedFactory { public: ~NamedThriftFilterConfigFactory() override = default; /** * Create a particular thrift filter factory implementation. If the implementation is unable to * produce a factory with the provided parameters, it should throw an EnvoyException in the case * of general error. The returned callback should always be initialized. * @param config supplies the configuration for the filter * @param stat_prefix prefix for stat logging * @param context supplies the filter's context. * @return FilterFactoryCb the factory creation function. */ virtual FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) PURE; std::string category() const override { return "envoy.thrift_proxy.filters"; } }; } // namespace ThriftFilters } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h ================================================ #pragma once #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace ThriftFilters { /** * Pass through Thrift decoder filter. Continue at each decoding state within the series of * transitions. */ class PassThroughDecoderFilter : public DecoderFilter { public: // ThriftDecoderFilter void onDestroy() override {} void setDecoderFilterCallbacks(DecoderFilterCallbacks& callbacks) override { decoder_callbacks_ = &callbacks; }; // Thrift Decoder State Machine ThriftProxy::FilterStatus transportBegin(ThriftProxy::MessageMetadataSharedPtr) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus transportEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus messageBegin(ThriftProxy::MessageMetadataSharedPtr) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus messageEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus structBegin(absl::string_view) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus structEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus fieldBegin(absl::string_view, ThriftProxy::FieldType&, int16_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus fieldEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus boolValue(bool&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus byteValue(uint8_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus int16Value(int16_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus int32Value(int32_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus int64Value(int64_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus doubleValue(double&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus stringValue(absl::string_view) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus mapBegin(ThriftProxy::FieldType&, ThriftProxy::FieldType&, uint32_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus mapEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus listBegin(ThriftProxy::FieldType&, uint32_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus listEnd() override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus setBegin(ThriftProxy::FieldType&, uint32_t&) override { return ThriftProxy::FilterStatus::Continue; } ThriftProxy::FilterStatus setEnd() override { return ThriftProxy::FilterStatus::Continue; } protected: DecoderFilterCallbacks* decoder_callbacks_{}; }; } // namespace ThriftFilters } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "ratelimit_lib", srcs = ["ratelimit.cc"], hdrs = ["ratelimit.h"], deps = [ "//include/envoy/stats:stats_macros", "//source/common/protobuf:utility_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", "//source/extensions/filters/common/ratelimit:stat_names_lib", "//source/extensions/filters/network/thrift_proxy:app_exception_lib", "//source/extensions/filters/network/thrift_proxy/filters:pass_through_filter_lib", "//source/extensions/filters/network/thrift_proxy/router:router_ratelimit_interface", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":ratelimit_lib", "//include/envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", "//source/extensions/filters/network/thrift_proxy/filters:factory_base_lib", "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.cc ================================================ #include "extensions/filters/network/thrift_proxy/filters/ratelimit/config.h" #include #include #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/filters/common/ratelimit/ratelimit_impl.h" #include "extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { namespace ThriftFilters { namespace RateLimitFilter { using namespace Envoy::Extensions::NetworkFilters; ThriftProxy::ThriftFilters::FilterFactoryCb RateLimitFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::thrift_proxy::filters::ratelimit::v3::RateLimit& proto_config, const std::string&, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.domain().empty()); ConfigSharedPtr config(new Config(proto_config, context.localInfo(), context.scope(), context.runtime(), context.clusterManager())); const std::chrono::milliseconds timeout = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(proto_config, timeout, 20)); return [proto_config, &context, timeout, config](ThriftProxy::ThriftFilters::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addDecoderFilter(std::make_shared( config, Filters::Common::RateLimit::rateLimitClient( context, proto_config.rate_limit_service().grpc_service(), timeout, proto_config.rate_limit_service().transport_api_version()))); }; } /** * Static registration for the rate limit filter. @see RegisterFactory. */ REGISTER_FACTORY(RateLimitFilterConfig, ThriftProxy::ThriftFilters::NamedThriftFilterConfigFactory); } // namespace RateLimitFilter } // namespace ThriftFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.validate.h" #include "extensions/filters/common/ratelimit/ratelimit.h" #include "extensions/filters/network/thrift_proxy/filters/factory_base.h" #include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" namespace Envoy { namespace Extensions { namespace ThriftFilters { namespace RateLimitFilter { using namespace Envoy::Extensions::NetworkFilters; /** * Config registration for the rate limit filter. @see NamedThriftFilterConfigFactory. */ class RateLimitFilterConfig : public ThriftProxy::ThriftFilters::FactoryBase< envoy::extensions::filters::network::thrift_proxy::filters::ratelimit::v3::RateLimit> { public: RateLimitFilterConfig() : FactoryBase(ThriftProxy::ThriftFilters::ThriftFilterNames::get().RATE_LIMIT) {} private: ThriftProxy::ThriftFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::thrift_proxy::filters::ratelimit::v3::RateLimit& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace RateLimitFilter } // namespace ThriftFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.cc ================================================ #include "extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" #include "extensions/filters/network/thrift_proxy/router/router.h" #include "extensions/filters/network/thrift_proxy/router/router_ratelimit.h" namespace Envoy { namespace Extensions { namespace ThriftFilters { namespace RateLimitFilter { using namespace Envoy::Extensions::NetworkFilters; ThriftProxy::FilterStatus Filter::messageBegin(ThriftProxy::MessageMetadataSharedPtr metadata) { if (!config_->runtime().snapshot().featureEnabled("ratelimit.thrift_filter_enabled", 100)) { return ThriftProxy::FilterStatus::Continue; } initiateCall(*metadata); return (state_ == State::Calling || state_ == State::Responded) ? ThriftProxy::FilterStatus::StopIteration : ThriftProxy::FilterStatus::Continue; } void Filter::initiateCall(const ThriftProxy::MessageMetadata& metadata) { ThriftProxy::Router::RouteConstSharedPtr route = decoder_callbacks_->route(); if (!route || !route->routeEntry()) { return; } const ThriftProxy::Router::RouteEntry* route_entry = route->routeEntry(); Upstream::ThreadLocalCluster* cluster = config_->cm().get(route_entry->clusterName()); if (!cluster) { return; } cluster_ = cluster->info(); std::vector descriptors; // Get all applicable rate limit policy entries for the route. populateRateLimitDescriptors(route_entry->rateLimitPolicy(), descriptors, route_entry, metadata); if (!descriptors.empty()) { state_ = State::Calling; initiating_call_ = true; client_->limit(*this, config_->domain(), descriptors, Tracing::NullSpan::instance()); initiating_call_ = false; } } void Filter::onDestroy() { if (state_ == State::Calling) { state_ = State::Complete; client_->cancel(); } } void Filter::complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) { // TODO(zuercher): Store headers to append to a response. Adding them to a local reply (over // limit or error) is a matter of modifying the callbacks to allow it. Adding them to an upstream // response requires either response (aka encoder) filters or some other mechanism. UNREFERENCED_PARAMETER(descriptor_statuses); UNREFERENCED_PARAMETER(response_headers_to_add); UNREFERENCED_PARAMETER(request_headers_to_add); state_ = State::Complete; Filters::Common::RateLimit::StatNames& stat_names = config_->statNames(); switch (status) { case Filters::Common::RateLimit::LimitStatus::OK: cluster_->statsScope().counterFromStatName(stat_names.ok_).inc(); break; case Filters::Common::RateLimit::LimitStatus::Error: cluster_->statsScope().counterFromStatName(stat_names.error_).inc(); if (!config_->failureModeAllow()) { state_ = State::Responded; decoder_callbacks_->sendLocalReply( ThriftProxy::AppException(ThriftProxy::AppExceptionType::InternalError, "limiter error"), false); decoder_callbacks_->streamInfo().setResponseFlag( StreamInfo::ResponseFlag::RateLimitServiceError); return; } cluster_->statsScope().counterFromStatName(stat_names.failure_mode_allowed_).inc(); break; case Filters::Common::RateLimit::LimitStatus::OverLimit: cluster_->statsScope().counterFromStatName(stat_names.over_limit_).inc(); if (config_->runtime().snapshot().featureEnabled("ratelimit.thrift_filter_enforcing", 100)) { state_ = State::Responded; decoder_callbacks_->sendLocalReply( ThriftProxy::AppException(ThriftProxy::AppExceptionType::InternalError, "over limit"), false); decoder_callbacks_->streamInfo().setResponseFlag(StreamInfo::ResponseFlag::RateLimited); return; } break; } if (!initiating_call_) { decoder_callbacks_->continueDecoding(); } } void Filter::populateRateLimitDescriptors( const ThriftProxy::Router::RateLimitPolicy& rate_limit_policy, std::vector& descriptors, const ThriftProxy::Router::RouteEntry* route_entry, const ThriftProxy::MessageMetadata& metadata) const { for (const ThriftProxy::Router::RateLimitPolicyEntry& rate_limit : rate_limit_policy.getApplicableRateLimit(config_->stage())) { const std::string& disable_key = rate_limit.disableKey(); if (!disable_key.empty() && !config_->runtime().snapshot().featureEnabled( fmt::format("ratelimit.{}.thrift_filter_enabled", disable_key), 100)) { continue; } rate_limit.populateDescriptors(*route_entry, descriptors, config_->localInfo().clusterName(), metadata, *decoder_callbacks_->streamInfo().downstreamRemoteAddress()); } } } // namespace RateLimitFilter } // namespace ThriftFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h ================================================ #pragma once #include #include #include #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" #include "envoy/ratelimit/ratelimit.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/common/ratelimit/ratelimit.h" #include "extensions/filters/common/ratelimit/stat_names.h" #include "extensions/filters/network/thrift_proxy/filters/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace ThriftFilters { namespace RateLimitFilter { using namespace Envoy::Extensions::NetworkFilters; /** * Global configuration for Thrift rate limit filter. */ class Config { public: Config(const envoy::extensions::filters::network::thrift_proxy::filters::ratelimit::v3::RateLimit& config, const LocalInfo::LocalInfo& local_info, Stats::Scope& scope, Runtime::Loader& runtime, Upstream::ClusterManager& cm) : domain_(config.domain()), stage_(config.stage()), local_info_(local_info), scope_(scope), runtime_(runtime), cm_(cm), failure_mode_deny_(config.failure_mode_deny()), stat_names_(scope_.symbolTable()) {} const std::string& domain() const { return domain_; } const LocalInfo::LocalInfo& localInfo() const { return local_info_; } uint32_t stage() const { return stage_; } Runtime::Loader& runtime() { return runtime_; } Upstream::ClusterManager& cm() { return cm_; } bool failureModeAllow() const { return !failure_mode_deny_; }; Filters::Common::RateLimit::StatNames& statNames() { return stat_names_; } private: const std::string domain_; const uint32_t stage_; const LocalInfo::LocalInfo& local_info_; Stats::Scope& scope_; Runtime::Loader& runtime_; Upstream::ClusterManager& cm_; const bool failure_mode_deny_; Filters::Common::RateLimit::StatNames stat_names_; }; using ConfigSharedPtr = std::shared_ptr; /** * Thrift rate limit filter instance. Calls the rate limit service with the given configuration * parameters. If the rate limit service returns an over limit response, an application exception * is returned, but the downstream connection is otherwise preserved. If the rate limit service * allows the request, no modifications are made and further filters progress as normal. If an * error is returned and the failure_mode_deny option is enabled, an application exception is * returned. By default, errors allow the request to continue. */ class Filter : public ThriftProxy::ThriftFilters::PassThroughDecoderFilter, public Filters::Common::RateLimit::RequestCallbacks { public: Filter(ConfigSharedPtr config, Filters::Common::RateLimit::ClientPtr&& client) : config_(std::move(config)), client_(std::move(client)) {} ~Filter() override = default; // ThriftFilters::PassThroughDecoderFilter void onDestroy() override; ThriftProxy::FilterStatus messageBegin(ThriftProxy::MessageMetadataSharedPtr) override; // RateLimit::RequestCallbacks void complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::DescriptorStatusListPtr&& descriptor_statuses, Http::ResponseHeaderMapPtr&& response_headers_to_add, Http::RequestHeaderMapPtr&& request_headers_to_add) override; private: void initiateCall(const ThriftProxy::MessageMetadata& metadata); void populateRateLimitDescriptors(const ThriftProxy::Router::RateLimitPolicy& rate_limit_policy, std::vector& descriptors, const ThriftProxy::Router::RouteEntry* route_entry, const ThriftProxy::MessageMetadata& headers) const; enum class State { NotStarted, Calling, Complete, Responded }; ConfigSharedPtr config_; Filters::Common::RateLimit::ClientPtr client_; State state_{State::NotStarted}; Upstream::ClusterInfoConstSharedPtr cluster_; bool initiating_call_{false}; }; } // namespace RateLimitFilter } // namespace ThriftFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/filters/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace ThriftFilters { /** * Well-known http filter names. * NOTE: New filters should use the well known name: envoy.filters.thrift.name. */ class ThriftFilterNameValues { public: // Ratelimit filter const std::string RATE_LIMIT = "envoy.filters.thrift.rate_limit"; // Router filter const std::string ROUTER = "envoy.filters.thrift.router"; }; using ThriftFilterNames = ConstSingleton; } // namespace ThriftFilters } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/framed_transport_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" #include "envoy/common/exception.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { bool FramedTransportImpl::decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) { UNREFERENCED_PARAMETER(metadata); if (buffer.length() < 4) { return false; } int32_t thrift_size = buffer.peekBEInt(); if (thrift_size <= 0 || thrift_size > MaxFrameSize) { throw EnvoyException(absl::StrCat("invalid thrift framed transport frame size ", thrift_size)); } buffer.drain(4); metadata.setFrameSize(static_cast(thrift_size)); return true; } bool FramedTransportImpl::decodeFrameEnd(Buffer::Instance&) { return true; } void FramedTransportImpl::encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) { UNREFERENCED_PARAMETER(metadata); uint64_t size = message.length(); if (size == 0 || size > MaxFrameSize) { throw EnvoyException(absl::StrCat("invalid thrift framed transport frame size ", size)); } int32_t thrift_size = static_cast(size); buffer.writeBEInt(thrift_size); buffer.move(message); } class FramedTransportConfigFactory : public TransportFactoryBase { public: FramedTransportConfigFactory() : TransportFactoryBase(TransportNames::get().FRAMED) {} }; /** * Static registration for the framed transport. @see RegisterFactory. */ REGISTER_FACTORY(FramedTransportConfigFactory, NamedTransportConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/framed_transport_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * FramedTransportImpl implements the Thrift Framed transport. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-rpc.md */ class FramedTransportImpl : public Transport { public: FramedTransportImpl() = default; // Transport const std::string& name() const override { return TransportNames::get().FRAMED; } TransportType type() const override { return TransportType::Framed; } bool decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool decodeFrameEnd(Buffer::Instance& buffer) override; void encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) override; static const int32_t MaxFrameSize = 0xFA0000; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/header_transport_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/header_transport_impl.h" #include #include "envoy/common/exception.h" #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" #include "absl/strings/str_replace.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace { // c.f. // https://github.com/apache/thrift/blob/master/lib/cpp/src/thrift/protocol/TProtocolTypes.h#L27 enum class HeaderProtocolType { Binary = 0, JSON = 1, Compact = 2, FirstHeaderProtocolType = Binary, LastHeaderProtocolType = Compact, }; // Fixed portion of frame header: // Header magic: 2 bytes + // Flags: 2 bytes + // Sequence number: 4 bytes // Header data size: 2 bytes constexpr uint64_t MinFrameStartSizeNoHeaders = 10; // Minimum frame size: fixed portion of frame header + 4 bytes of header data (the minimum) constexpr int32_t MinFrameStartSize = MinFrameStartSizeNoHeaders + 4; // Minimum to start decoding: 4 bytes of frame size + the fixed portion of the frame header constexpr uint64_t MinDecodeBytes = MinFrameStartSizeNoHeaders + 4; // Maximum size for header data. constexpr int32_t MaxHeadersSize = 65536; } // namespace bool HeaderTransportImpl::decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) { if (buffer.length() < MinDecodeBytes) { return false; } // Size of frame, not including the length bytes. const int32_t frame_size = buffer.peekBEInt(); // Minimum header frame size is 18 bytes (4 bytes of frame size + 10 bytes of fixed header + // minimum 4 bytes of variable header data), so frame_size must be at least 14. if (frame_size < MinFrameStartSize || frame_size > MaxFrameSize) { throw EnvoyException(absl::StrCat("invalid thrift header transport frame size ", frame_size)); } int16_t magic = buffer.peekBEInt(4); if (!isMagic(magic)) { throw EnvoyException(fmt::format("invalid thrift header transport magic {:04x}", magic)); } // offset 6: 16 bit flags field, unused // offset 8: 32 bit sequence number field int32_t seq_id = buffer.peekBEInt(8); // offset 12: 16 bit (remaining) header size / 4 (spec erroneously claims / 32). int16_t raw_header_size = buffer.peekBEInt(12); int32_t header_size = static_cast(raw_header_size) * 4; if (header_size < 0 || header_size > MaxHeadersSize) { throw EnvoyException(fmt::format("invalid thrift header transport header size {} ({:04x})", header_size, static_cast(raw_header_size))); } if (header_size == 0) { throw EnvoyException("no header data"); } if (buffer.length() < static_cast(header_size) + MinDecodeBytes) { // Need more header data. return false; } // Header data starts at offset 14 (4 bytes of frame size followed by 10 bytes of fixed header). buffer.drain(MinDecodeBytes); // Remaining frame size is the original frame size (which does not count itself), less the 10 // fixed bytes of the header (magic, flags, etc), less the size of the variable header data // (header_size). metadata.setFrameSize( static_cast(frame_size - header_size - MinFrameStartSizeNoHeaders)); metadata.setSequenceId(seq_id); ProtocolType proto = ProtocolType::Auto; HeaderProtocolType header_proto = static_cast(drainVarIntI16(buffer, header_size, "protocol id")); switch (header_proto) { case HeaderProtocolType::Binary: proto = ProtocolType::Binary; break; case HeaderProtocolType::Compact: proto = ProtocolType::Compact; break; default: throw EnvoyException(fmt::format("Unknown protocol {}", static_cast(header_proto))); } metadata.setProtocol(proto); int16_t num_xforms = drainVarIntI16(buffer, header_size, "transform count"); if (num_xforms < 0) { throw EnvoyException(absl::StrCat("invalid header transport transform count ", num_xforms)); } while (num_xforms-- > 0) { int32_t xform_id = drainVarIntI32(buffer, header_size, "transform id"); // To date, no transforms have a data field. In the future, some transform IDs may require // consuming another varint 32 at this point. The known transform IDs are: // 1: zlib compression // 2: hmac (appended to end of packet) // 3: snappy compression buffer.drain(header_size); metadata.setAppException(AppExceptionType::MissingResult, absl::StrCat("Unknown transform ", xform_id)); return true; } while (header_size > 0) { // Attempt to read info blocks int32_t info_id = drainVarIntI32(buffer, header_size, "info id"); if (info_id != 1) { // 0 indicates a padding byte, and the end of the info block. // 1 indicates an info id header/value pair. // Any other value is an unknown info id block, which we ignore. break; } int32_t num_headers = drainVarIntI32(buffer, header_size, "header count"); if (num_headers < 0) { throw EnvoyException(absl::StrCat("invalid header transport header count ", num_headers)); } while (num_headers-- > 0) { std::string key_string = drainVarString(buffer, header_size, "header key"); // LowerCaseString doesn't allow '\0', '\n', and '\r'. key_string = absl::StrReplaceAll(key_string, {{std::string(1, '\0'), ""}, {"\n", ""}, {"\r", ""}}); const Http::LowerCaseString key = Http::LowerCaseString(key_string); const std::string value = drainVarString(buffer, header_size, "header value"); metadata.headers().addCopy(key, value); } } // Remaining bytes are padding or ignored info blocks. if (header_size > 0) { buffer.drain(header_size); } return true; } bool HeaderTransportImpl::decodeFrameEnd(Buffer::Instance&) { exception_.reset(); exception_reason_.clear(); return true; } void HeaderTransportImpl::encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) { uint64_t msg_size = message.length(); if (msg_size == 0) { throw EnvoyException(absl::StrCat("invalid thrift header transport message size ", msg_size)); } const Http::HeaderMap& headers = metadata.headers(); if (headers.size() > MaxHeadersSize / 2) { // Each header takes a minimum of 2 bytes, yielding this limit. throw EnvoyException( absl::StrCat("invalid thrift header transport too many headers ", headers.size())); } Buffer::OwnedImpl header_buffer; if (!metadata.hasProtocol()) { throw EnvoyException("missing header transport protocol"); } switch (metadata.protocol()) { case ProtocolType::Binary: BufferHelper::writeVarIntI32(header_buffer, static_cast(HeaderProtocolType::Binary)); break; case ProtocolType::Compact: BufferHelper::writeVarIntI32(header_buffer, static_cast(HeaderProtocolType::Compact)); break; default: throw EnvoyException(fmt::format("invalid header transport protocol {}", ProtocolNames::get().fromType(metadata.protocol()))); } BufferHelper::writeVarIntI32(header_buffer, 0); // num transforms if (!headers.empty()) { // Info ID 1 header_buffer.writeByte(1); // Num headers BufferHelper::writeVarIntI32(header_buffer, static_cast(headers.size())); headers.iterate([&header_buffer](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { writeVarString(header_buffer, header.key().getStringView()); writeVarString(header_buffer, header.value().getStringView()); return Http::HeaderMap::Iterate::Continue; }); } uint64_t header_size = header_buffer.length(); // Always pad (as the Apache implementation does). const int padding = 4 - (header_size % 4); header_buffer.add("\0\0\0\0", padding); header_size += padding; if (header_size > MaxHeadersSize) { throw EnvoyException(absl::StrCat("invalid thrift header transport header size ", header_size)); } // Frame size does not include the frame length itself. uint64_t size = header_size + msg_size + MinFrameStartSizeNoHeaders; if (size > MaxFrameSize) { throw EnvoyException(absl::StrCat("invalid thrift header transport frame size ", size)); } int32_t seq_id = 0; if (metadata.hasSequenceId()) { seq_id = metadata.sequenceId(); } buffer.writeBEInt(static_cast(size)); buffer.writeBEInt(Magic); buffer.writeBEInt(0); // flags buffer.writeBEInt(seq_id); buffer.writeBEInt(static_cast(header_size / 4)); buffer.move(header_buffer); buffer.move(message); } int16_t HeaderTransportImpl::drainVarIntI16(Buffer::Instance& buffer, int32_t& header_size, const char* desc) { int32_t value = drainVarIntI32(buffer, header_size, desc); if (value > static_cast(std::numeric_limits::max())) { throw EnvoyException(fmt::format("header transport {}: value {} exceeds max i16 ({})", desc, value, std::numeric_limits::max())); } return static_cast(value); } int32_t HeaderTransportImpl::drainVarIntI32(Buffer::Instance& buffer, int32_t& header_size, const char* desc) { if (header_size <= 0) { throw EnvoyException(fmt::format("unable to read header transport {}: header too small", desc)); } int size; int32_t value = BufferHelper::peekVarIntI32(buffer, 0, size); if (size < 0 || (header_size - size) < 0) { throw EnvoyException(fmt::format("unable to read header transport {}: header too small", desc)); } buffer.drain(size); header_size -= size; return value; } std::string HeaderTransportImpl::drainVarString(Buffer::Instance& buffer, int32_t& header_size, const char* desc) { const int16_t str_len = drainVarIntI16(buffer, header_size, desc); if (str_len == 0) { return ""; } if (header_size < static_cast(str_len)) { throw EnvoyException(fmt::format("unable to read header transport {}: header too small", desc)); } const std::string value(static_cast(buffer.linearize(str_len)), str_len); buffer.drain(str_len); header_size -= str_len; return value; } void HeaderTransportImpl::writeVarString(Buffer::Instance& buffer, const absl::string_view str) { const std::string::size_type len = str.length(); if (len > static_cast(std::numeric_limits::max())) { throw EnvoyException(absl::StrCat("header string too long: ", len)); } BufferHelper::writeVarIntI32(buffer, static_cast(len)); if (len == 0) { return; } buffer.add(str.data(), len); } class HeaderTransportConfigFactory : public TransportFactoryBase { public: HeaderTransportConfigFactory() : TransportFactoryBase(TransportNames::get().HEADER) {} }; /** * Static registration for the header transport. @see RegisterFactory. */ REGISTER_FACTORY(HeaderTransportConfigFactory, NamedTransportConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/header_transport_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/thrift.h" #include "extensions/filters/network/thrift_proxy/transport.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * HeaderTransportImpl implements the Thrift Header transport. * See https://github.com/apache/thrift/blob/master/doc/specs/HeaderFormat.md and * https://github.com/apache/thrift/blob/master/lib/cpp/src/thrift/transport/THeaderTransport.h * (for constants not specified in the spec). */ class HeaderTransportImpl : public Transport { public: // Transport const std::string& name() const override { return TransportNames::get().HEADER; } TransportType type() const override { return TransportType::Header; } bool decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) override; bool decodeFrameEnd(Buffer::Instance& buffer) override; void encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) override; static bool isMagic(uint16_t word) { return word == Magic; } static constexpr int32_t MaxFrameSize = 0x3FFFFFFF; private: static constexpr uint16_t Magic = 0x0FFF; static int16_t drainVarIntI16(Buffer::Instance& buffer, int32_t& header_size, const char* desc); static int32_t drainVarIntI32(Buffer::Instance& buffer, int32_t& header_size, const char* desc); static std::string drainVarString(Buffer::Instance& buffer, int32_t& header_size, const char* desc); static void writeVarString(Buffer::Instance& buffer, const absl::string_view str); absl::optional exception_; std::string exception_reason_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/metadata.h ================================================ #pragma once #include #include #include #include #include #include "envoy/buffer/buffer.h" #include "common/common/macros.h" #include "common/http/header_map_impl.h" #include "extensions/filters/network/thrift_proxy/thrift.h" #include "extensions/filters/network/thrift_proxy/tracing.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * MessageMetadata encapsulates metadata about Thrift messages. The various fields are considered * optional since they may come from either the transport or protocol in some cases. Unless * otherwise noted, accessor methods throw absl::bad_optional_access if the corresponding value has * not been set. */ class MessageMetadata { public: MessageMetadata() = default; bool hasFrameSize() const { return frame_size_.has_value(); } uint32_t frameSize() const { return frame_size_.value(); } void setFrameSize(uint32_t size) { frame_size_ = size; } bool hasProtocol() const { return proto_.has_value(); } ProtocolType protocol() const { return proto_.value(); } void setProtocol(ProtocolType proto) { proto_ = proto; } bool hasMethodName() const { return method_name_.has_value(); } const std::string& methodName() const { return method_name_.value(); } void setMethodName(const std::string& method_name) { method_name_ = method_name; } bool hasSequenceId() const { return seq_id_.has_value(); } int32_t sequenceId() const { return seq_id_.value(); } void setSequenceId(int32_t seq_id) { seq_id_ = seq_id; } bool hasMessageType() const { return msg_type_.has_value(); } MessageType messageType() const { return msg_type_.value(); } void setMessageType(MessageType msg_type) { msg_type_ = msg_type; } /** * @return HeaderMap of current headers (never throws) */ const Http::HeaderMap& headers() const { return *headers_; } Http::HeaderMap& headers() { return *headers_; } /** * @return SpanList an immutable list of Spans */ const SpanList& spans() const { return spans_; } /** * @return SpanList& a reference to a mutable list of Spans */ SpanList& mutableSpans() { return spans_; } bool hasAppException() const { return app_ex_type_.has_value(); } void setAppException(AppExceptionType app_ex_type, const std::string& message) { app_ex_type_ = app_ex_type; app_ex_msg_ = message; } AppExceptionType appExceptionType() const { return app_ex_type_.value(); } const std::string& appExceptionMessage() const { return app_ex_msg_.value(); } bool isProtocolUpgradeMessage() const { return protocol_upgrade_message_; } void setProtocolUpgradeMessage(bool upgrade_message) { protocol_upgrade_message_ = upgrade_message; } absl::optional traceId() const { return trace_id_; } void setTraceId(int64_t trace_id) { trace_id_ = trace_id; } absl::optional traceIdHigh() const { return trace_id_high_; } void setTraceIdHigh(int64_t trace_id_high) { trace_id_high_ = trace_id_high; } absl::optional spanId() const { return span_id_; } void setSpanId(int64_t span_id) { span_id_ = span_id; } absl::optional parentSpanId() const { return parent_span_id_; } void setParentSpanId(int64_t parent_span_id) { parent_span_id_ = parent_span_id; } absl::optional flags() const { return flags_; } void setFlags(int64_t flags) { flags_ = flags; } absl::optional sampled() const { return sampled_; } void setSampled(bool sampled) { sampled_ = sampled; } private: absl::optional frame_size_{}; absl::optional proto_{}; absl::optional method_name_{}; absl::optional seq_id_{}; absl::optional msg_type_{}; Http::HeaderMapPtr headers_{Http::RequestHeaderMapImpl::create()}; absl::optional app_ex_type_; absl::optional app_ex_msg_; bool protocol_upgrade_message_{false}; SpanList spans_; absl::optional trace_id_; absl::optional trace_id_high_; absl::optional span_id_; absl::optional parent_span_id_; absl::optional flags_; absl::optional sampled_; }; using MessageMetadataSharedPtr = std::shared_ptr; /** * Constant Thrift headers. All lower case. */ class HeaderValues { public: const Http::LowerCaseString ClientId{":client-id"}; const Http::LowerCaseString Dest{":dest"}; const Http::LowerCaseString MethodName{":method-name"}; }; using Headers = ConstSingleton; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/protocol.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "common/config/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/thrift_proxy/conn_state.h" #include "extensions/filters/network/thrift_proxy/decoder_events.h" #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/thrift.h" #include "extensions/filters/network/thrift_proxy/thrift_object.h" #include "extensions/filters/network/thrift_proxy/transport.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { class DirectResponse; using DirectResponsePtr = std::unique_ptr; /** * Protocol represents the operations necessary to implement the a generic Thrift protocol. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-protocol-spec.md */ class Protocol { public: virtual ~Protocol() = default; /** * @return const std::string& the human-readable name of the protocol */ virtual const std::string& name() const PURE; /** * @return ProtocolType the protocol type */ virtual ProtocolType type() const PURE; /** * For protocol-detecting implementations, set the underlying type based on external * (e.g. transport-level) information). * @param type ProtocolType to explicitly set */ virtual void setType(ProtocolType) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Reads the start of a Thrift protocol message from the buffer and updates the metadata * parameter with values from the message header. If successful, the message header is removed * from the buffer. * @param buffer the buffer to read from * @param metadata MessageMetadata to be updated with name, message type, and sequence id. * @return true if a message header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid message header */ virtual bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) PURE; /** * Reads the end of a Thrift protocol message from the buffer. If successful, the message footer * is removed from the buffer. * @param buffer the buffer to read from * @return true if a message footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid message footer */ virtual bool readMessageEnd(Buffer::Instance& buffer) PURE; /** * Reads the start of a Thrift struct from the buffer and updates the name parameter with the * value from the struct header. If successful, the struct header is removed from the buffer. * @param buffer the buffer to read from * @param name updated with the struct name on success only * @return true if a struct header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid struct header */ virtual bool readStructBegin(Buffer::Instance& buffer, std::string& name) PURE; /** * Reads the end of a Thrift struct from the buffer. If successful, the struct footer is removed * from the buffer. * @param buffer the buffer to read from * @return true if a struct footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid struct footer */ virtual bool readStructEnd(Buffer::Instance& buffer) PURE; /** * Reads the start of a Thrift struct field from the buffer and updates the name, field_type, and * field_id parameters with the values from the field header. If successful, the field header is * removed from the buffer. * @param buffer the buffer to read from * @param name updated with the field name on success only * @param field_type updated with the FieldType on success only * @param field_id updated with the field ID on success only * @return true if a field header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid field header */ virtual bool readFieldBegin(Buffer::Instance& buffer, std::string& name, FieldType& field_type, int16_t& field_id) PURE; /** * Reads the end of a Thrift struct field from the buffer. If successful, the field footer is * removed from the buffer. * @param buffer the buffer to read from * @return true if a field footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid field footer */ virtual bool readFieldEnd(Buffer::Instance& buffer) PURE; /** * Reads the start of a Thrift map from the buffer and updates the key_type, value_type, and size * parameters with the values from the map header. If successful, the map header is removed from * the buffer. * @param buffer the buffer to read from * @param key_type updated with map key FieldType on success only * @param value_type updated with map value FieldType on success only * @param size updated with the number of key-value pairs in the map on success only * @return true if a map header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid map header */ virtual bool readMapBegin(Buffer::Instance& buffer, FieldType& key_type, FieldType& value_type, uint32_t& size) PURE; /** * Reads the end of a Thrift map from the buffer. If successful, the map footer is removed from * the buffer. * @param buffer the buffer to read from * @return true if a map footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid map footer */ virtual bool readMapEnd(Buffer::Instance& buffer) PURE; /** * Reads the start of a Thrift list from the buffer and updates the elem_type, and size * parameters with the values from the list header. If successful, the list header is removed from * the buffer. * @param buffer the buffer to read from * @param elem_type updated with list element FieldType on success only * @param size updated with the number of list members on success only * @return true if a list header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid list header */ virtual bool readListBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) PURE; /** * Reads the end of a Thrift list from the buffer. If successful, the list footer is removed from * the buffer. * @param buffer the buffer to read from * @return true if a list footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid list footer */ virtual bool readListEnd(Buffer::Instance& buffer) PURE; /** * Reads the start of a Thrift set from the buffer and updates the elem_type, and size * parameters with the values from the set header. If successful, the set header is removed from * the buffer. * @param buffer the buffer to read from * @param elem_type updated with set element FieldType on success only * @param size updated with the number of set members on success only * @return true if a set header was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set header */ virtual bool readSetBegin(Buffer::Instance& buffer, FieldType& elem_type, uint32_t& size) PURE; /** * Reads the end of a Thrift set from the buffer. If successful, the set footer is removed from * the buffer. * @param buffer the buffer to read from * @return true if a set footer was successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readSetEnd(Buffer::Instance& buffer) PURE; /** * Reads a boolean value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readBool(Buffer::Instance& buffer, bool& value) PURE; /** * Reads a byte value from the buffer and updates value. If successful, the value is removed from * the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readByte(Buffer::Instance& buffer, uint8_t& value) PURE; /** * Reads a int16_t value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readInt16(Buffer::Instance& buffer, int16_t& value) PURE; /** * Reads a int32_t value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readInt32(Buffer::Instance& buffer, int32_t& value) PURE; /** * Reads a int64_t value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readInt64(Buffer::Instance& buffer, int64_t& value) PURE; /** * Reads a double value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readDouble(Buffer::Instance& buffer, double& value) PURE; /** * Reads a string value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readString(Buffer::Instance& buffer, std::string& value) PURE; /** * Reads a binary value from the buffer and updates value. If successful, the value is removed * from the buffer. * @param buffer the buffer to read from * @param value updated with the value read from the buffer * @return true if a value successfully read, false if more data is required * @throw EnvoyException if the data is not a valid set footer */ virtual bool readBinary(Buffer::Instance& buffer, std::string& value) PURE; /** * Writes the start of a Thrift protocol message to the buffer. * @param buffer Buffer::Instance to modify * @param metadata MessageMetadata for the message to write. */ virtual void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) PURE; /** * Writes the end of a Thrift protocol message to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeMessageEnd(Buffer::Instance& buffer) PURE; /** * Writes the start of a Thrift struct to the buffer. * @param buffer Buffer::Instance to modify * @param name the struct name, if known */ virtual void writeStructBegin(Buffer::Instance& buffer, const std::string& name) PURE; /** * Writes the end of a Thrift struct to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeStructEnd(Buffer::Instance& buffer) PURE; /** * Writes the start of a Thrift struct field to the buffer * @param buffer Buffer::Instance to modify * @param name the field name, if known * @param field_type the field's FieldType * @param field_id the field ID */ virtual void writeFieldBegin(Buffer::Instance& buffer, const std::string& name, FieldType field_type, int16_t field_id) PURE; /** * Writes the end of a Thrift struct field to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeFieldEnd(Buffer::Instance& buffer) PURE; /** * Writes the start of a Thrift map to the buffer. * @param buffer Buffer::Instance to modify * @param key_type the map key FieldType * @param value_type the map value FieldType * @param size the number of key-value pairs in the map */ virtual void writeMapBegin(Buffer::Instance& buffer, FieldType key_type, FieldType value_type, uint32_t size) PURE; /** * Writes the end of a Thrift map to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeMapEnd(Buffer::Instance& buffer) PURE; /** * Writes the start of a Thrift list to the buffer. * @param buffer Buffer::Instance to modify * @param elem_type the list element FieldType * @param size the number of list members */ virtual void writeListBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) PURE; /** * Writes the end of a Thrift list to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeListEnd(Buffer::Instance& buffer) PURE; /** * Writes the start of a Thrift set to the buffer. * @param buffer Buffer::Instance to modify * @param elem_type the set element FieldType * @param size the number of set members */ virtual void writeSetBegin(Buffer::Instance& buffer, FieldType elem_type, uint32_t size) PURE; /** * Writes the end of a Thrift set to the buffer. * @param buffer Buffer::Instance to modify */ virtual void writeSetEnd(Buffer::Instance& buffer) PURE; /** * Writes a boolean value to the buffer. * @param buffer Buffer::Instance to modify * @param value bool to write */ virtual void writeBool(Buffer::Instance& buffer, bool value) PURE; /** * Writes a byte value to the buffer. * @param buffer Buffer::Instance to modify * @param value uint8_t to write */ virtual void writeByte(Buffer::Instance& buffer, uint8_t value) PURE; /** * Writes a int16_t value to the buffer. * @param buffer Buffer::Instance to modify * @param value int16_t to write */ virtual void writeInt16(Buffer::Instance& buffer, int16_t value) PURE; /** * Writes a int32_t value to the buffer. * @param buffer Buffer::Instance to modify * @param value int32_t to write */ virtual void writeInt32(Buffer::Instance& buffer, int32_t value) PURE; /** * Writes a int64_t value to the buffer. * @param buffer Buffer::Instance to modify * @param value int64_t to write */ virtual void writeInt64(Buffer::Instance& buffer, int64_t value) PURE; /** * Writes a double value to the buffer. * @param buffer Buffer::Instance to modify * @param value double to write */ virtual void writeDouble(Buffer::Instance& buffer, double value) PURE; /** * Writes a string value to the buffer. * @param buffer Buffer::Instance to modify * @param value std::string to write */ virtual void writeString(Buffer::Instance& buffer, const std::string& value) PURE; /** * Writes a binary value to the buffer. * @param buffer Buffer::Instance to modify * @param value std::string to write */ virtual void writeBinary(Buffer::Instance& buffer, const std::string& value) PURE; /** * Indicates whether a protocol uses start-of-connection messages to negotiate protocol options. * If this method returns true, the Protocol must invoke setProtocolUpgradeMessage during * readMessageBegin if it detects an upgrade request. * * @return true for protocols that exchange messages at the start of a connection to negotiate * protocol upgrade (or options) */ virtual bool supportsUpgrade() { return false; } /** * Creates an opaque DecoderEventHandlerSharedPtr that can decode a downstream client's upgrade * request. When the request is complete, the decoder is passed back to writeUpgradeResponse * to allow the Protocol to update its internal state and generate a response to the request. * * @return a DecoderEventHandlerSharedPtr that decodes a downstream client's upgrade request */ virtual DecoderEventHandlerSharedPtr upgradeRequestDecoder() { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Writes a response to a downstream client's upgrade request. * @param decoder DecoderEventHandlerSharedPtr created by upgradeRequestDecoder * @return DirectResponsePtr containing an upgrade response */ virtual DirectResponsePtr upgradeResponse(const DecoderEventHandler& decoder) { UNREFERENCED_PARAMETER(decoder); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Checks whether a given upstream connection can be upgraded and generates an upgrade request * message. If this method returns a ThriftObject it will be used to decode the upstream's next * response. * * @param transport the Transport to use for decoding the response * @param state ThriftConnectionState tracking whether upgrade has already been performed * @param buffer Buffer::Instance to modify with an upgrade request * @return a ThriftObject capable of decoding an upgrade response or nullptr if upgrade was * already completed (successfully or not) */ virtual ThriftObjectPtr attemptUpgrade(Transport& transport, ThriftConnectionState& state, Buffer::Instance& buffer) { UNREFERENCED_PARAMETER(transport); UNREFERENCED_PARAMETER(state); UNREFERENCED_PARAMETER(buffer); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } /** * Completes an upgrade previously started via attemptUpgrade. * @param response ThriftObject created by attemptUpgrade, after the response has completed * decoding */ virtual void completeUpgrade(ThriftConnectionState& state, ThriftObject& response) { UNREFERENCED_PARAMETER(state); UNREFERENCED_PARAMETER(response); NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } }; using ProtocolPtr = std::unique_ptr; /** * A DirectResponse manipulates a Protocol to directly create a Thrift response message. */ class DirectResponse { public: virtual ~DirectResponse() = default; enum class ResponseType { // DirectResponse encodes MessageType::Reply with success payload SuccessReply, // DirectResponse encodes MessageType::Reply with an exception payload ErrorReply, // DirectResponse encodes MessageType::Exception Exception, }; /** * Encodes the response via the given Protocol. * @param metadata the MessageMetadata for the request that generated this response * @param proto the Protocol to be used for message encoding * @param buffer the Buffer into which the message should be encoded * @return ResponseType indicating whether the message is a successful or error reply or an * exception */ virtual ResponseType encode(MessageMetadata& metadata, Protocol& proto, Buffer::Instance& buffer) const PURE; }; /** * Implemented by each Thrift protocol and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedProtocolConfigFactory : public Config::UntypedFactory { public: ~NamedProtocolConfigFactory() override = default; /** * Create a particular Thrift protocol * @return ProtocolFactoryCb the protocol */ virtual ProtocolPtr createProtocol() PURE; std::string category() const override { return "envoy.thrift_proxy.protocols"; } /** * Convenience method to lookup a factory by type. * @param ProtocolType the protocol type * @return NamedProtocolConfigFactory& for the ProtocolType */ static NamedProtocolConfigFactory& getFactory(ProtocolType type) { const std::string& name = ProtocolNames::get().fromType(type); return Envoy::Config::Utility::getAndCheckFactoryByName(name); } }; /** * ProtocolFactoryBase provides a template for a trivial NamedProtocolConfigFactory. */ template class ProtocolFactoryBase : public NamedProtocolConfigFactory { public: ProtocolPtr createProtocol() override { return std::move(std::make_unique()); } std::string name() const override { return name_; } protected: ProtocolFactoryBase(const std::string& name) : name_(name) {} private: const std::string name_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/protocol_converter.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "extensions/filters/network/thrift_proxy/decoder_events.h" #include "extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * ProtocolConverter is an abstract class that implements protocol-related methods on * DecoderEventHandler in terms of converting the decoded messages into a different protocol. */ class ProtocolConverter : public virtual DecoderEventHandler { public: ProtocolConverter() = default; ~ProtocolConverter() override = default; void initProtocolConverter(Protocol& proto, Buffer::Instance& buffer) { proto_ = &proto; buffer_ = &buffer; } // DecoderEventHandler FilterStatus messageBegin(MessageMetadataSharedPtr metadata) override { proto_->writeMessageBegin(*buffer_, *metadata); return FilterStatus::Continue; } FilterStatus messageEnd() override { proto_->writeMessageEnd(*buffer_); return FilterStatus::Continue; } FilterStatus structBegin(absl::string_view name) override { proto_->writeStructBegin(*buffer_, std::string(name)); return FilterStatus::Continue; } FilterStatus structEnd() override { proto_->writeFieldBegin(*buffer_, "", FieldType::Stop, 0); proto_->writeStructEnd(*buffer_); return FilterStatus::Continue; } FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) override { proto_->writeFieldBegin(*buffer_, std::string(name), field_type, field_id); return FilterStatus::Continue; } FilterStatus fieldEnd() override { proto_->writeFieldEnd(*buffer_); return FilterStatus::Continue; } FilterStatus boolValue(bool& value) override { proto_->writeBool(*buffer_, value); return FilterStatus::Continue; } FilterStatus byteValue(uint8_t& value) override { proto_->writeByte(*buffer_, value); return FilterStatus::Continue; } FilterStatus int16Value(int16_t& value) override { proto_->writeInt16(*buffer_, value); return FilterStatus::Continue; } FilterStatus int32Value(int32_t& value) override { proto_->writeInt32(*buffer_, value); return FilterStatus::Continue; } FilterStatus int64Value(int64_t& value) override { proto_->writeInt64(*buffer_, value); return FilterStatus::Continue; } FilterStatus doubleValue(double& value) override { proto_->writeDouble(*buffer_, value); return FilterStatus::Continue; } FilterStatus stringValue(absl::string_view value) override { proto_->writeString(*buffer_, std::string(value)); return FilterStatus::Continue; } FilterStatus mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) override { proto_->writeMapBegin(*buffer_, key_type, value_type, size); return FilterStatus::Continue; } FilterStatus mapEnd() override { proto_->writeMapEnd(*buffer_); return FilterStatus::Continue; } FilterStatus listBegin(FieldType& elem_type, uint32_t& size) override { proto_->writeListBegin(*buffer_, elem_type, size); return FilterStatus::Continue; } FilterStatus listEnd() override { proto_->writeListEnd(*buffer_); return FilterStatus::Continue; } FilterStatus setBegin(FieldType& elem_type, uint32_t& size) override { proto_->writeSetBegin(*buffer_, elem_type, size); return FilterStatus::Continue; } FilterStatus setEnd() override { proto_->writeSetEnd(*buffer_); return FilterStatus::Continue; } private: Protocol* proto_; Buffer::Instance* buffer_{}; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":router_lib", "//include/envoy/registry", "//source/extensions/filters/network/thrift_proxy/filters:factory_base_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_config_interface", "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "@envoy_api//envoy/config/filter/thrift/router/v2alpha1:pkg_cc_proto", ], ) envoy_cc_library( name = "router_interface", hdrs = ["router.h"], external_deps = ["abseil_optional"], deps = [ "//include/envoy/router:router_interface", "//source/extensions/filters/network/thrift_proxy:metadata_lib", ], ) envoy_cc_library( name = "router_ratelimit_interface", hdrs = ["router_ratelimit.h"], deps = [ ":router_interface", "//include/envoy/router:router_ratelimit_interface", "//source/extensions/filters/network/thrift_proxy:metadata_lib", ], ) envoy_cc_library( name = "router_lib", srcs = ["router_impl.cc"], hdrs = ["router_impl.h"], deps = [ ":router_interface", ":router_ratelimit_lib", "//include/envoy/tcp:conn_pool_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:load_balancer_interface", "//include/envoy/upstream:thread_local_cluster_interface", "//source/common/common:logger_lib", "//source/common/http:header_utility_lib", "//source/common/router:metadatamatchcriteria_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/thrift_proxy:app_exception_lib", "//source/extensions/filters/network/thrift_proxy:conn_manager_lib", "//source/extensions/filters/network/thrift_proxy:protocol_converter_lib", "//source/extensions/filters/network/thrift_proxy:protocol_interface", "//source/extensions/filters/network/thrift_proxy:thrift_object_interface", "//source/extensions/filters/network/thrift_proxy:transport_interface", "//source/extensions/filters/network/thrift_proxy/filters:filter_interface", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "router_ratelimit_lib", srcs = ["router_ratelimit_impl.cc"], hdrs = ["router_ratelimit_impl.h"], deps = [ ":router_interface", ":router_ratelimit_interface", "//source/common/http:header_utility_lib", "//source/extensions/filters/network/thrift_proxy:metadata_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/config.cc ================================================ #include "extensions/filters/network/thrift_proxy/router/config.h" #include "envoy/config/filter/thrift/router/v2alpha1/router.pb.h" #include "envoy/config/filter/thrift/router/v2alpha1/router.pb.validate.h" #include "envoy/registry/registry.h" #include "extensions/filters/network/thrift_proxy/router/router_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { ThriftFilters::FilterFactoryCb RouterFilterConfig::createFilterFactoryFromProtoTyped( const envoy::config::filter::thrift::router::v2alpha1::Router& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) { UNREFERENCED_PARAMETER(proto_config); return [&context, stat_prefix](ThriftFilters::FilterChainFactoryCallbacks& callbacks) -> void { callbacks.addDecoderFilter( std::make_shared(context.clusterManager(), stat_prefix, context.scope())); }; } /** * Static registration for the router filter. @see RegisterFactory. */ REGISTER_FACTORY(RouterFilterConfig, ThriftFilters::NamedThriftFilterConfigFactory); } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/config.h ================================================ #pragma once #include "envoy/config/filter/thrift/router/v2alpha1/router.pb.h" #include "envoy/config/filter/thrift/router/v2alpha1/router.pb.validate.h" #include "extensions/filters/network/thrift_proxy/filters/factory_base.h" #include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { class RouterFilterConfig : public ThriftFilters::FactoryBase { public: RouterFilterConfig() : FactoryBase(ThriftFilters::ThriftFilterNames::get().ROUTER) {} private: ThriftFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::config::filter::thrift::router::v2alpha1::Router& proto_config, const std::string& stat_prefix, Server::Configuration::FactoryContext& context) override; }; } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router.h ================================================ #pragma once #include #include #include "envoy/router/router.h" #include "extensions/filters/network/thrift_proxy/metadata.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { class RateLimitPolicy; /** * RouteEntry is an individual resolved route entry. */ class RouteEntry { public: virtual ~RouteEntry() = default; /** * @return const std::string& the upstream cluster that owns the route. */ virtual const std::string& clusterName() const PURE; /** * @return MetadataMatchCriteria* the metadata that a subset load balancer should match when * selecting an upstream host */ virtual const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const PURE; /** * @return const RateLimitPolicy& the rate limit policy for the route. */ virtual const RateLimitPolicy& rateLimitPolicy() const PURE; /** * @return bool should the service name prefix be stripped from the method. */ virtual bool stripServiceName() const PURE; /** * @return const Http::LowerCaseString& the header used to determine the cluster. */ virtual const Http::LowerCaseString& clusterHeader() const PURE; }; /** * Route holds the RouteEntry for a request. */ class Route { public: virtual ~Route() = default; /** * @return the route entry or nullptr if there is no matching route for the request. */ virtual const RouteEntry* routeEntry() const PURE; }; using RouteConstSharedPtr = std::shared_ptr; /** * The router configuration. */ class Config { public: virtual ~Config() = default; /** * Based on the incoming Thrift request transport and/or protocol data, determine the target * route for the request. * @param metadata MessageMetadata for the message to route * @param random_value uint64_t used to select cluster affinity * @return the route or nullptr if there is no matching route for the request. */ virtual RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const PURE; }; using ConfigConstSharedPtr = std::shared_ptr; } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/router/router_impl.h" #include #include "envoy/extensions/filters/network/thrift_proxy/v3/route.pb.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" #include "common/common/utility.h" #include "common/router/metadatamatchcriteria_impl.h" #include "extensions/filters/network/thrift_proxy/app_exception_impl.h" #include "extensions/filters/network/well_known_names.h" #include "absl/strings/match.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { RouteEntryImplBase::RouteEntryImplBase( const envoy::extensions::filters::network::thrift_proxy::v3::Route& route) : cluster_name_(route.route().cluster()), config_headers_(Http::HeaderUtility::buildHeaderDataVector(route.match().headers())), rate_limit_policy_(route.route().rate_limits()), strip_service_name_(route.route().strip_service_name()), cluster_header_(route.route().cluster_header()) { if (route.route().has_metadata_match()) { const auto filter_it = route.route().metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != route.route().metadata_match().filter_metadata().end()) { metadata_match_criteria_ = std::make_unique(filter_it->second); } } if (route.route().cluster_specifier_case() == envoy::extensions::filters::network::thrift_proxy::v3::RouteAction::ClusterSpecifierCase:: kWeightedClusters) { total_cluster_weight_ = 0UL; for (const auto& cluster : route.route().weighted_clusters().clusters()) { std::unique_ptr cluster_entry(new WeightedClusterEntry(*this, cluster)); weighted_clusters_.emplace_back(std::move(cluster_entry)); total_cluster_weight_ += weighted_clusters_.back()->clusterWeight(); } } } const std::string& RouteEntryImplBase::clusterName() const { return cluster_name_; } const RouteEntry* RouteEntryImplBase::routeEntry() const { return this; } RouteConstSharedPtr RouteEntryImplBase::clusterEntry(uint64_t random_value, const MessageMetadata& metadata) const { if (!weighted_clusters_.empty()) { return WeightedClusterUtil::pickCluster(weighted_clusters_, total_cluster_weight_, random_value, false); } const auto& cluster_header = clusterHeader(); if (!cluster_header.get().empty()) { const auto& headers = metadata.headers(); const auto* entry = headers.get(cluster_header); if (entry != nullptr) { return std::make_shared(*this, entry->value().getStringView()); } return nullptr; } return shared_from_this(); } bool RouteEntryImplBase::headersMatch(const Http::HeaderMap& headers) const { return Http::HeaderUtility::matchHeaders(headers, config_headers_); } RouteEntryImplBase::WeightedClusterEntry::WeightedClusterEntry( const RouteEntryImplBase& parent, const envoy::extensions::filters::network::thrift_proxy::v3::WeightedCluster::ClusterWeight& cluster) : parent_(parent), cluster_name_(cluster.name()), cluster_weight_(PROTOBUF_GET_WRAPPED_REQUIRED(cluster, weight)) { if (cluster.has_metadata_match()) { const auto filter_it = cluster.metadata_match().filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != cluster.metadata_match().filter_metadata().end()) { if (parent.metadata_match_criteria_) { metadata_match_criteria_ = parent.metadata_match_criteria_->mergeMatchCriteria(filter_it->second); } else { metadata_match_criteria_ = std::make_unique(filter_it->second); } } } } MethodNameRouteEntryImpl::MethodNameRouteEntryImpl( const envoy::extensions::filters::network::thrift_proxy::v3::Route& route) : RouteEntryImplBase(route), method_name_(route.match().method_name()), invert_(route.match().invert()) { if (method_name_.empty() && invert_) { throw EnvoyException("Cannot have an empty method name with inversion enabled"); } } RouteConstSharedPtr MethodNameRouteEntryImpl::matches(const MessageMetadata& metadata, uint64_t random_value) const { if (RouteEntryImplBase::headersMatch(metadata.headers())) { bool matches = method_name_.empty() || (metadata.hasMethodName() && metadata.methodName() == method_name_); if (matches ^ invert_) { return clusterEntry(random_value, metadata); } } return nullptr; } ServiceNameRouteEntryImpl::ServiceNameRouteEntryImpl( const envoy::extensions::filters::network::thrift_proxy::v3::Route& route) : RouteEntryImplBase(route), invert_(route.match().invert()) { const std::string service_name = route.match().service_name(); if (service_name.empty() && invert_) { throw EnvoyException("Cannot have an empty service name with inversion enabled"); } if (!service_name.empty() && !absl::EndsWith(service_name, ":")) { service_name_ = service_name + ":"; } else { service_name_ = service_name; } } RouteConstSharedPtr ServiceNameRouteEntryImpl::matches(const MessageMetadata& metadata, uint64_t random_value) const { if (RouteEntryImplBase::headersMatch(metadata.headers())) { bool matches = service_name_.empty() || (metadata.hasMethodName() && absl::StartsWith(metadata.methodName(), service_name_)); if (matches ^ invert_) { return clusterEntry(random_value, metadata); } } return nullptr; } RouteMatcher::RouteMatcher( const envoy::extensions::filters::network::thrift_proxy::v3::RouteConfiguration& config) { using envoy::extensions::filters::network::thrift_proxy::v3::RouteMatch; for (const auto& route : config.routes()) { switch (route.match().match_specifier_case()) { case RouteMatch::MatchSpecifierCase::kMethodName: routes_.emplace_back(new MethodNameRouteEntryImpl(route)); break; case RouteMatch::MatchSpecifierCase::kServiceName: routes_.emplace_back(new ServiceNameRouteEntryImpl(route)); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } RouteConstSharedPtr RouteMatcher::route(const MessageMetadata& metadata, uint64_t random_value) const { for (const auto& route : routes_) { RouteConstSharedPtr route_entry = route->matches(metadata, random_value); if (nullptr != route_entry) { return route_entry; } } return nullptr; } void Router::onDestroy() { if (upstream_request_ != nullptr) { upstream_request_->resetStream(); cleanup(); } } void Router::setDecoderFilterCallbacks(ThriftFilters::DecoderFilterCallbacks& callbacks) { callbacks_ = &callbacks; // TODO(zuercher): handle buffer limits } FilterStatus Router::transportBegin(MessageMetadataSharedPtr metadata) { UNREFERENCED_PARAMETER(metadata); return FilterStatus::Continue; } FilterStatus Router::transportEnd() { if (upstream_request_->metadata_->messageType() == MessageType::Oneway) { // No response expected upstream_request_->onResponseComplete(); cleanup(); } return FilterStatus::Continue; } FilterStatus Router::messageBegin(MessageMetadataSharedPtr metadata) { route_ = callbacks_->route(); if (!route_) { ENVOY_STREAM_LOG(debug, "no route match for method '{}'", *callbacks_, metadata->methodName()); stats_.route_missing_.inc(); callbacks_->sendLocalReply( AppException(AppExceptionType::UnknownMethod, fmt::format("no route for method '{}'", metadata->methodName())), true); return FilterStatus::StopIteration; } route_entry_ = route_->routeEntry(); const std::string& cluster_name = route_entry_->clusterName(); Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(cluster_name); if (!cluster) { ENVOY_STREAM_LOG(debug, "unknown cluster '{}'", *callbacks_, cluster_name); stats_.unknown_cluster_.inc(); callbacks_->sendLocalReply(AppException(AppExceptionType::InternalError, fmt::format("unknown cluster '{}'", cluster_name)), true); return FilterStatus::StopIteration; } cluster_ = cluster->info(); ENVOY_STREAM_LOG(debug, "cluster '{}' match for method '{}'", *callbacks_, cluster_name, metadata->methodName()); if (cluster_->maintenanceMode()) { stats_.upstream_rq_maintenance_mode_.inc(); callbacks_->sendLocalReply( AppException(AppExceptionType::InternalError, fmt::format("maintenance mode for cluster '{}'", cluster_name)), true); return FilterStatus::StopIteration; } const std::shared_ptr options = cluster_->extensionProtocolOptionsTyped( NetworkFilterNames::get().ThriftProxy); const TransportType transport = options ? options->transport(callbacks_->downstreamTransportType()) : callbacks_->downstreamTransportType(); ASSERT(transport != TransportType::Auto); const ProtocolType protocol = options ? options->protocol(callbacks_->downstreamProtocolType()) : callbacks_->downstreamProtocolType(); ASSERT(protocol != ProtocolType::Auto); Tcp::ConnectionPool::Instance* conn_pool = cluster_manager_.tcpConnPoolForCluster( cluster_name, Upstream::ResourcePriority::Default, this); if (!conn_pool) { stats_.no_healthy_upstream_.inc(); callbacks_->sendLocalReply( AppException(AppExceptionType::InternalError, fmt::format("no healthy upstream for '{}'", cluster_name)), true); return FilterStatus::StopIteration; } ENVOY_STREAM_LOG(debug, "router decoding request", *callbacks_); if (route_entry_->stripServiceName()) { const auto& method = metadata->methodName(); const auto pos = method.find(':'); if (pos != std::string::npos) { metadata->setMethodName(method.substr(pos + 1)); } } upstream_request_ = std::make_unique(*this, *conn_pool, metadata, transport, protocol); return upstream_request_->start(); } FilterStatus Router::messageEnd() { ProtocolConverter::messageEnd(); Buffer::OwnedImpl transport_buffer; upstream_request_->metadata_->setProtocol(upstream_request_->protocol_->type()); upstream_request_->transport_->encodeFrame(transport_buffer, *upstream_request_->metadata_, upstream_request_buffer_); upstream_request_->conn_data_->connection().write(transport_buffer, false); upstream_request_->onRequestComplete(); return FilterStatus::Continue; } void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { ASSERT(!upstream_request_->response_complete_); if (upstream_request_->upgrade_response_ != nullptr) { ENVOY_STREAM_LOG(trace, "reading upgrade response: {} bytes", *callbacks_, data.length()); // Handle upgrade response. if (!upstream_request_->upgrade_response_->onData(data)) { // Wait for more data. return; } ENVOY_STREAM_LOG(debug, "upgrade response complete", *callbacks_); upstream_request_->protocol_->completeUpgrade(*upstream_request_->conn_state_, *upstream_request_->upgrade_response_); upstream_request_->upgrade_response_.reset(); upstream_request_->onRequestStart(true); } else { ENVOY_STREAM_LOG(trace, "reading response: {} bytes", *callbacks_, data.length()); // Handle normal response. if (!upstream_request_->response_started_) { callbacks_->startUpstreamResponse(*upstream_request_->transport_, *upstream_request_->protocol_); upstream_request_->response_started_ = true; } ThriftFilters::ResponseStatus status = callbacks_->upstreamData(data); if (status == ThriftFilters::ResponseStatus::Complete) { ENVOY_STREAM_LOG(debug, "response complete", *callbacks_); upstream_request_->onResponseComplete(); cleanup(); return; } else if (status == ThriftFilters::ResponseStatus::Reset) { ENVOY_STREAM_LOG(debug, "upstream reset", *callbacks_); upstream_request_->resetStream(); return; } } if (end_stream) { // Response is incomplete, but no more data is coming. ENVOY_STREAM_LOG(debug, "response underflow", *callbacks_); upstream_request_->onResponseComplete(); upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::RemoteConnectionFailure); cleanup(); } } void Router::onEvent(Network::ConnectionEvent event) { ASSERT(upstream_request_ && !upstream_request_->response_complete_); switch (event) { case Network::ConnectionEvent::RemoteClose: ENVOY_STREAM_LOG(debug, "upstream remote close", *callbacks_); upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::RemoteConnectionFailure); break; case Network::ConnectionEvent::LocalClose: ENVOY_STREAM_LOG(debug, "upstream local close", *callbacks_); upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::LocalConnectionFailure); break; default: // Connected is consumed by the connection pool. NOT_REACHED_GCOVR_EXCL_LINE; } upstream_request_->releaseConnection(false); } const Network::Connection* Router::downstreamConnection() const { if (callbacks_ != nullptr) { return callbacks_->connection(); } return nullptr; } void Router::convertMessageBegin(MessageMetadataSharedPtr metadata) { ProtocolConverter::messageBegin(metadata); } void Router::cleanup() { upstream_request_.reset(); } Router::UpstreamRequest::UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, MessageMetadataSharedPtr& metadata, TransportType transport_type, ProtocolType protocol_type) : parent_(parent), conn_pool_(pool), metadata_(metadata), transport_(NamedTransportConfigFactory::getFactory(transport_type).createTransport()), protocol_(NamedProtocolConfigFactory::getFactory(protocol_type).createProtocol()), request_complete_(false), response_started_(false), response_complete_(false) {} Router::UpstreamRequest::~UpstreamRequest() { if (conn_pool_handle_) { conn_pool_handle_->cancel(Tcp::ConnectionPool::CancelPolicy::Default); } } FilterStatus Router::UpstreamRequest::start() { Tcp::ConnectionPool::Cancellable* handle = conn_pool_.newConnection(*this); if (handle) { // Pause while we wait for a connection. conn_pool_handle_ = handle; return FilterStatus::StopIteration; } if (upgrade_response_ != nullptr) { // Pause while we wait for an upgrade response. return FilterStatus::StopIteration; } if (upstream_host_ == nullptr) { return FilterStatus::StopIteration; } return FilterStatus::Continue; } void Router::UpstreamRequest::releaseConnection(const bool close) { if (conn_pool_handle_) { conn_pool_handle_->cancel(Tcp::ConnectionPool::CancelPolicy::Default); conn_pool_handle_ = nullptr; } conn_state_ = nullptr; // The event triggered by close will also release this connection so clear conn_data_ before // closing. auto conn_data = std::move(conn_data_); if (close && conn_data != nullptr) { conn_data->connection().close(Network::ConnectionCloseType::NoFlush); } } void Router::UpstreamRequest::resetStream() { releaseConnection(true); } void Router::UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) { conn_pool_handle_ = nullptr; // Mimic an upstream reset. onUpstreamHostSelected(host); onResetStream(reason); } void Router::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) { // Only invoke continueDecoding if we'd previously stopped the filter chain. bool continue_decoding = conn_pool_handle_ != nullptr; onUpstreamHostSelected(host); conn_data_ = std::move(conn_data); conn_data_->addUpstreamCallbacks(parent_); conn_pool_handle_ = nullptr; conn_state_ = conn_data_->connectionStateTyped(); if (conn_state_ == nullptr) { conn_data_->setConnectionState(std::make_unique()); conn_state_ = conn_data_->connectionStateTyped(); } if (protocol_->supportsUpgrade()) { upgrade_response_ = protocol_->attemptUpgrade(*transport_, *conn_state_, parent_.upstream_request_buffer_); if (upgrade_response_ != nullptr) { conn_data_->connection().write(parent_.upstream_request_buffer_, false); return; } } onRequestStart(continue_decoding); } void Router::UpstreamRequest::onRequestStart(bool continue_decoding) { parent_.initProtocolConverter(*protocol_, parent_.upstream_request_buffer_); metadata_->setSequenceId(conn_state_->nextSequenceId()); parent_.convertMessageBegin(metadata_); if (continue_decoding) { parent_.callbacks_->continueDecoding(); } } void Router::UpstreamRequest::onRequestComplete() { request_complete_ = true; } void Router::UpstreamRequest::onResponseComplete() { response_complete_ = true; conn_state_ = nullptr; conn_data_.reset(); } void Router::UpstreamRequest::onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host) { upstream_host_ = host; } void Router::UpstreamRequest::onResetStream(ConnectionPool::PoolFailureReason reason) { if (metadata_->messageType() == MessageType::Oneway) { // For oneway requests, we should not attempt a response. Reset the downstream to signal // an error. parent_.callbacks_->resetDownstreamConnection(); return; } switch (reason) { case ConnectionPool::PoolFailureReason::Overflow: parent_.callbacks_->sendLocalReply( AppException(AppExceptionType::InternalError, "thrift upstream request: too many connections"), true); break; case ConnectionPool::PoolFailureReason::LocalConnectionFailure: // Should only happen if we closed the connection, due to an error condition, in which case // we've already handled any possible downstream response. parent_.callbacks_->resetDownstreamConnection(); break; case ConnectionPool::PoolFailureReason::RemoteConnectionFailure: case ConnectionPool::PoolFailureReason::Timeout: // TODO(zuercher): distinguish between these cases where appropriate (particularly timeout) if (!response_started_) { parent_.callbacks_->sendLocalReply( AppException( AppExceptionType::InternalError, fmt::format("connection failure '{}'", (upstream_host_ != nullptr) ? upstream_host_->address()->asString() : "to upstream")), true); return; } // Error occurred after a partial response, propagate the reset to the downstream. parent_.callbacks_->resetDownstreamConnection(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router_impl.h ================================================ #pragma once #include #include #include #include "envoy/extensions/filters/network/thrift_proxy/v3/route.pb.h" #include "envoy/router/router.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/load_balancer.h" #include "common/common/logger.h" #include "common/http/header_utility.h" #include "common/upstream/load_balancer_impl.h" #include "extensions/filters/network/thrift_proxy/conn_manager.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "extensions/filters/network/thrift_proxy/router/router.h" #include "extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" #include "extensions/filters/network/thrift_proxy/thrift_object.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { class RouteEntryImplBase : public RouteEntry, public Route, public std::enable_shared_from_this { public: RouteEntryImplBase(const envoy::extensions::filters::network::thrift_proxy::v3::Route& route); // Router::RouteEntry const std::string& clusterName() const override; const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return metadata_match_criteria_.get(); } const RateLimitPolicy& rateLimitPolicy() const override { return rate_limit_policy_; } bool stripServiceName() const override { return strip_service_name_; }; const Http::LowerCaseString& clusterHeader() const override { return cluster_header_; } // Router::Route const RouteEntry* routeEntry() const override; virtual RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const PURE; protected: RouteConstSharedPtr clusterEntry(uint64_t random_value, const MessageMetadata& metadata) const; bool headersMatch(const Http::HeaderMap& headers) const; private: class WeightedClusterEntry : public RouteEntry, public Route { public: WeightedClusterEntry( const RouteEntryImplBase& parent, const envoy::extensions::filters::network::thrift_proxy::v3::WeightedCluster::ClusterWeight& cluster); uint64_t clusterWeight() const { return cluster_weight_; } // Router::RouteEntry const std::string& clusterName() const override { return cluster_name_; } const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { if (metadata_match_criteria_) { return metadata_match_criteria_.get(); } return parent_.metadataMatchCriteria(); } const RateLimitPolicy& rateLimitPolicy() const override { return parent_.rateLimitPolicy(); } bool stripServiceName() const override { return parent_.stripServiceName(); } const Http::LowerCaseString& clusterHeader() const override { return parent_.clusterHeader(); } // Router::Route const RouteEntry* routeEntry() const override { return this; } private: const RouteEntryImplBase& parent_; const std::string cluster_name_; const uint64_t cluster_weight_; Envoy::Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; }; using WeightedClusterEntrySharedPtr = std::shared_ptr; class DynamicRouteEntry : public RouteEntry, public Route { public: DynamicRouteEntry(const RouteEntryImplBase& parent, absl::string_view cluster_name) : parent_(parent), cluster_name_(std::string(cluster_name)) {} // Router::RouteEntry const std::string& clusterName() const override { return cluster_name_; } const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() const override { return parent_.metadataMatchCriteria(); } const RateLimitPolicy& rateLimitPolicy() const override { return parent_.rateLimitPolicy(); } bool stripServiceName() const override { return parent_.stripServiceName(); } const Http::LowerCaseString& clusterHeader() const override { return parent_.clusterHeader(); } // Router::Route const RouteEntry* routeEntry() const override { return this; } private: const RouteEntryImplBase& parent_; const std::string cluster_name_; }; const std::string cluster_name_; const std::vector config_headers_; std::vector weighted_clusters_; uint64_t total_cluster_weight_; Envoy::Router::MetadataMatchCriteriaConstPtr metadata_match_criteria_; const RateLimitPolicyImpl rate_limit_policy_; const bool strip_service_name_; const Http::LowerCaseString cluster_header_; }; using RouteEntryImplBaseConstSharedPtr = std::shared_ptr; class MethodNameRouteEntryImpl : public RouteEntryImplBase { public: MethodNameRouteEntryImpl( const envoy::extensions::filters::network::thrift_proxy::v3::Route& route); // RouteEntryImplBase RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const override; private: const std::string method_name_; const bool invert_; }; class ServiceNameRouteEntryImpl : public RouteEntryImplBase { public: ServiceNameRouteEntryImpl( const envoy::extensions::filters::network::thrift_proxy::v3::Route& route); // RouteEntryImplBase RouteConstSharedPtr matches(const MessageMetadata& metadata, uint64_t random_value) const override; private: std::string service_name_; const bool invert_; }; class RouteMatcher { public: RouteMatcher(const envoy::extensions::filters::network::thrift_proxy::v3::RouteConfiguration&); RouteConstSharedPtr route(const MessageMetadata& metadata, uint64_t random_value) const; private: std::vector routes_; }; #define ALL_THRIFT_ROUTER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(route_missing) \ COUNTER(unknown_cluster) \ COUNTER(upstream_rq_maintenance_mode) \ COUNTER(no_healthy_upstream) struct RouterStats { ALL_THRIFT_ROUTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; class Router : public Tcp::ConnectionPool::UpstreamCallbacks, public Upstream::LoadBalancerContextBase, public ProtocolConverter, public ThriftFilters::DecoderFilter, Logger::Loggable { public: Router(Upstream::ClusterManager& cluster_manager, const std::string& stat_prefix, Stats::Scope& scope) : cluster_manager_(cluster_manager), stats_(generateStats(stat_prefix, scope)) {} ~Router() override = default; // ThriftFilters::DecoderFilter void onDestroy() override; void setDecoderFilterCallbacks(ThriftFilters::DecoderFilterCallbacks& callbacks) override; // ProtocolConverter FilterStatus transportBegin(MessageMetadataSharedPtr metadata) override; FilterStatus transportEnd() override; FilterStatus messageBegin(MessageMetadataSharedPtr metadata) override; FilterStatus messageEnd() override; // Upstream::LoadBalancerContext const Network::Connection* downstreamConnection() const override; const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() override { if (route_entry_) { return route_entry_->metadataMatchCriteria(); } return nullptr; } // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} private: struct UpstreamRequest : public Tcp::ConnectionPool::Callbacks { UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, MessageMetadataSharedPtr& metadata, TransportType transport_type, ProtocolType protocol_type); ~UpstreamRequest() override; FilterStatus start(); void resetStream(); void releaseConnection(bool close); // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) override; void onRequestStart(bool continue_decoding); void onRequestComplete(); void onResponseComplete(); void onUpstreamHostSelected(Upstream::HostDescriptionConstSharedPtr host); void onResetStream(ConnectionPool::PoolFailureReason reason); Router& parent_; Tcp::ConnectionPool::Instance& conn_pool_; MessageMetadataSharedPtr metadata_; Tcp::ConnectionPool::Cancellable* conn_pool_handle_{}; Tcp::ConnectionPool::ConnectionDataPtr conn_data_; Upstream::HostDescriptionConstSharedPtr upstream_host_; ThriftConnectionState* conn_state_{}; TransportPtr transport_; ProtocolPtr protocol_; ThriftObjectPtr upgrade_response_; bool request_complete_ : 1; bool response_started_ : 1; bool response_complete_ : 1; }; void convertMessageBegin(MessageMetadataSharedPtr metadata); void cleanup(); RouterStats generateStats(const std::string& prefix, Stats::Scope& scope) { return RouterStats{ALL_THRIFT_ROUTER_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}; } Upstream::ClusterManager& cluster_manager_; RouterStats stats_; ThriftFilters::DecoderFilterCallbacks* callbacks_{}; RouteConstSharedPtr route_{}; const RouteEntry* route_entry_{}; Upstream::ClusterInfoConstSharedPtr cluster_; std::unique_ptr upstream_request_; Buffer::OwnedImpl upstream_request_buffer_; }; } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h ================================================ #pragma once #include #include #include #include #include "envoy/http/header_map.h" #include "envoy/ratelimit/ratelimit.h" #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { /** * Base interface for generic rate limit action. */ class RateLimitAction { public: virtual ~RateLimitAction() = default; /** * Potentially append a descriptor entry to the end of descriptor. * @param route supplies the target route for the request. * @param descriptor supplies the descriptor to optionally fill. * @param local_service_cluster supplies the name of the local service cluster. * @param metadata supplies the message metadata for the request. * @param remote_address supplies the trusted downstream address for the connection. * @return true if the RateLimitAction populated the descriptor. */ virtual bool populateDescriptor(const RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const PURE; }; using RateLimitActionPtr = std::unique_ptr; /** * Rate limit configuration. */ class RateLimitPolicyEntry { public: virtual ~RateLimitPolicyEntry() = default; /** * @return the stage value that the configuration is applicable to. */ virtual uint32_t stage() const PURE; /** * @return runtime key to be set to disable the configuration. */ virtual const std::string& disableKey() const PURE; /** * Potentially populate the descriptor array with new descriptors to query. * @param route supplies the target route for the request. * @param descriptors supplies the descriptor array to optionally fill. * @param local_service_cluster supplies the name of the local service cluster. * @param metadata supplies the message metadata for the request. * @param remote_address supplies the trusted downstream address for the connection. */ virtual void populateDescriptors(const RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const PURE; }; /** * Rate limiting policy. */ class RateLimitPolicy { public: virtual ~RateLimitPolicy() = default; /** * @return true if there is no rate limit policy for all stage settings. */ virtual bool empty() const PURE; /** * @param stage the value for finding applicable rate limit configurations. * @return set of RateLimitPolicyEntry that are applicable for a stage. */ virtual const std::vector>& getApplicableRateLimit(uint32_t stage) const PURE; }; } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" #include "envoy/common/exception.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/ratelimit/ratelimit.h" #include "extensions/filters/network/thrift_proxy/router/router.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { bool SourceClusterAction::populateDescriptor(const RouteEntry&, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata&, const Network::Address::Instance&) const { descriptor.entries_.push_back({"source_cluster", local_service_cluster}); return true; } bool DestinationClusterAction::populateDescriptor(const RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string&, const MessageMetadata&, const Network::Address::Instance&) const { descriptor.entries_.push_back({"destination_cluster", route.clusterName()}); return true; } bool RequestHeadersAction::populateDescriptor(const RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const MessageMetadata& metadata, const Network::Address::Instance&) const { if (use_method_name_) { if (!metadata.hasMethodName()) { return false; } descriptor.entries_.push_back({descriptor_key_, metadata.methodName()}); return true; } const Http::HeaderEntry* header_value = metadata.headers().get(header_name_); if (!header_value) { return false; } descriptor.entries_.push_back( {descriptor_key_, std::string(header_value->value().getStringView())}); return true; } bool RemoteAddressAction::populateDescriptor( const RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const MessageMetadata&, const Network::Address::Instance& remote_address) const { if (remote_address.type() != Network::Address::Type::Ip) { return false; } descriptor.entries_.push_back({"remote_address", remote_address.ip()->addressAsString()}); return true; } bool GenericKeyAction::populateDescriptor(const RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const MessageMetadata&, const Network::Address::Instance&) const { descriptor.entries_.push_back({"generic_key", descriptor_value_}); return true; } HeaderValueMatchAction::HeaderValueMatchAction( const envoy::config::route::v3::RateLimit::Action::HeaderValueMatch& action) : descriptor_value_(action.descriptor_value()), expect_match_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(action, expect_match, true)), action_headers_(Http::HeaderUtility::buildHeaderDataVector(action.headers())) {} bool HeaderValueMatchAction::populateDescriptor(const RouteEntry&, RateLimit::Descriptor& descriptor, const std::string&, const MessageMetadata& metadata, const Network::Address::Instance&) const { if (expect_match_ == Http::HeaderUtility::matchHeaders(metadata.headers(), action_headers_)) { descriptor.entries_.push_back({"header_match", descriptor_value_}); return true; } else { return false; } } RateLimitPolicyEntryImpl::RateLimitPolicyEntryImpl( const envoy::config::route::v3::RateLimit& config) : disable_key_(config.disable_key()), stage_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, stage, 0)) { for (const auto& action : config.actions()) { switch (action.action_specifier_case()) { case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kSourceCluster: actions_.emplace_back(new SourceClusterAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kDestinationCluster: actions_.emplace_back(new DestinationClusterAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kRequestHeaders: actions_.emplace_back(new RequestHeadersAction(action.request_headers())); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kRemoteAddress: actions_.emplace_back(new RemoteAddressAction()); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kGenericKey: actions_.emplace_back(new GenericKeyAction(action.generic_key())); break; case envoy::config::route::v3::RateLimit::Action::ActionSpecifierCase::kHeaderValueMatch: actions_.emplace_back(new HeaderValueMatchAction(action.header_value_match())); break; default: throw EnvoyException( absl::StrCat("unsupported RateLimit Action ", action.action_specifier_case())); } } } void RateLimitPolicyEntryImpl::populateDescriptors( const RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const { RateLimit::Descriptor descriptor; bool result = true; for (const RateLimitActionPtr& action : actions_) { result = result && action->populateDescriptor(route, descriptor, local_service_cluster, metadata, remote_address); if (!result) { break; } } if (result) { descriptors.emplace_back(descriptor); } } RateLimitPolicyImpl::RateLimitPolicyImpl( const Protobuf::RepeatedPtrField& rate_limits) : rate_limit_entries_reference_(RateLimitPolicyImpl::MAX_STAGE_NUMBER + 1) { for (const auto& rate_limit : rate_limits) { std::unique_ptr rate_limit_policy_entry( new RateLimitPolicyEntryImpl(rate_limit)); uint32_t stage = rate_limit_policy_entry->stage(); ASSERT(stage < rate_limit_entries_reference_.size()); rate_limit_entries_reference_[stage].emplace_back(*rate_limit_policy_entry); rate_limit_entries_.emplace_back(std::move(rate_limit_policy_entry)); } } const std::vector>& RateLimitPolicyImpl::getApplicableRateLimit(uint32_t stage) const { ASSERT(stage < rate_limit_entries_reference_.size()); return rate_limit_entries_reference_[stage]; } } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/config/route/v3/route_components.pb.h" #include "common/http/header_utility.h" #include "extensions/filters/network/thrift_proxy/metadata.h" #include "extensions/filters/network/thrift_proxy/router/router.h" #include "extensions/filters/network/thrift_proxy/router/router_ratelimit.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace Router { /** * Action for source cluster rate limiting. */ class SourceClusterAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; }; /** * Action for destination cluster rate limiting. */ class DestinationClusterAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; }; /** * Action for request headers rate limiting. */ class RequestHeadersAction : public RateLimitAction { public: RequestHeadersAction(const envoy::config::route::v3::RateLimit::Action::RequestHeaders& action) : header_name_(action.header_name()), descriptor_key_(action.descriptor_key()), use_method_name_(header_name_ == Headers::get().MethodName) {} // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; private: const Http::LowerCaseString header_name_; const std::string descriptor_key_; const bool use_method_name_; }; /** * Action for remote address rate limiting. */ class RemoteAddressAction : public RateLimitAction { public: // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; }; /** * Action for generic key rate limiting. */ class GenericKeyAction : public RateLimitAction { public: GenericKeyAction(const envoy::config::route::v3::RateLimit::Action::GenericKey& action) : descriptor_value_(action.descriptor_value()) {} // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; private: const std::string descriptor_value_; }; /** * Action for header value match rate limiting. */ class HeaderValueMatchAction : public RateLimitAction { public: HeaderValueMatchAction( const envoy::config::route::v3::RateLimit::Action::HeaderValueMatch& action); // Router::RateLimitAction bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; private: const std::string descriptor_value_; const bool expect_match_; const std::vector action_headers_; }; /* * Implementation of RateLimitPolicyEntry that holds the action for the configuration. */ class RateLimitPolicyEntryImpl : public RateLimitPolicyEntry { public: RateLimitPolicyEntryImpl(const envoy::config::route::v3::RateLimit& config); // Router::RateLimitPolicyEntry uint32_t stage() const override { return stage_; } const std::string& disableKey() const override { return disable_key_; } void populateDescriptors(const Router::RouteEntry& route, std::vector& descriptors, const std::string& local_service_cluster, const MessageMetadata& metadata, const Network::Address::Instance& remote_address) const override; private: const std::string disable_key_; uint32_t stage_; std::vector actions_; }; /** * Implementation of RateLimitPolicy that reads from the JSON route config. */ class RateLimitPolicyImpl : public RateLimitPolicy { public: RateLimitPolicyImpl( const Protobuf::RepeatedPtrField& rate_limits); // Router::RateLimitPolicy const std::vector>& getApplicableRateLimit(uint32_t stage = 0) const override; bool empty() const override { return rate_limit_entries_.empty(); } static constexpr uint32_t MAX_STAGE_NUMBER = 10; private: std::vector> rate_limit_entries_; std::vector>> rate_limit_entries_reference_; }; } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/stats.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * All thrift filter stats. @see stats_macros.h */ #define ALL_THRIFT_FILTER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(cx_destroy_local_with_active_rq) \ COUNTER(cx_destroy_remote_with_active_rq) \ COUNTER(request) \ COUNTER(request_call) \ COUNTER(request_decoding_error) \ COUNTER(request_invalid_type) \ COUNTER(request_oneway) \ COUNTER(response) \ COUNTER(response_decoding_error) \ COUNTER(response_error) \ COUNTER(response_exception) \ COUNTER(response_invalid_type) \ COUNTER(response_reply) \ COUNTER(response_success) \ GAUGE(request_active, Accumulate) \ HISTOGRAM(request_time_ms, Milliseconds) /** * Struct definition for all thrift proxy stats. @see stats_macros.h */ struct ThriftFilterStats { ALL_THRIFT_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) static ThriftFilterStats generateStats(const std::string& prefix, Stats::Scope& scope) { return ThriftFilterStats{ALL_THRIFT_FILTER_STATS(POOL_COUNTER_PREFIX(scope, prefix), POOL_GAUGE_PREFIX(scope, prefix), POOL_HISTOGRAM_PREFIX(scope, prefix))}; } }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/thrift.h ================================================ #pragma once #include "common/common/assert.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { enum class TransportType { Framed, Header, Unframed, Auto, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST TRANSPORT TYPE LastTransportType = Auto, }; /** * Names of available Transport implementations. */ class TransportNameValues { public: // Framed transport const std::string FRAMED = "framed"; // Header transport const std::string HEADER = "header"; // Unframed transport const std::string UNFRAMED = "unframed"; // Auto-detection transport const std::string AUTO = "auto"; const std::string& fromType(TransportType type) const { switch (type) { case TransportType::Framed: return FRAMED; case TransportType::Header: return HEADER; case TransportType::Unframed: return UNFRAMED; case TransportType::Auto: return AUTO; default: NOT_REACHED_GCOVR_EXCL_LINE; } } }; using TransportNames = ConstSingleton; enum class ProtocolType { Binary, LaxBinary, Compact, Twitter, Auto, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST PROTOCOL TYPE LastProtocolType = Auto, }; /** * Names of available Protocol implementations. */ class ProtocolNameValues { public: // Binary protocol const std::string BINARY = "binary"; // Lax Binary protocol const std::string LAX_BINARY = "binary/non-strict"; // Compact protocol const std::string COMPACT = "compact"; // Twitter protocol const std::string TWITTER = "twitter"; // Auto-detection protocol const std::string AUTO = "auto"; const std::string& fromType(ProtocolType type) const { switch (type) { case ProtocolType::Binary: return BINARY; case ProtocolType::LaxBinary: return LAX_BINARY; case ProtocolType::Compact: return COMPACT; case ProtocolType::Twitter: return TWITTER; case ProtocolType::Auto: return AUTO; default: NOT_REACHED_GCOVR_EXCL_LINE; } } }; using ProtocolNames = ConstSingleton; /** * Thrift protocol message types. * See https://github.com/apache/thrift/blob/master/lib/cpp/src/thrift/protocol/TProtocol.h */ enum class MessageType { Call = 1, Reply = 2, Exception = 3, Oneway = 4, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST MESSAGE TYPE LastMessageType = Oneway, }; /** * Thrift protocol struct field types. * See https://github.com/apache/thrift/blob/master/lib/cpp/src/thrift/protocol/TProtocol.h */ enum class FieldType { Stop = 0, Void = 1, Bool = 2, Byte = 3, Double = 4, I16 = 6, I32 = 8, I64 = 10, String = 11, Struct = 12, Map = 13, Set = 14, List = 15, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST FIELD TYPE LastFieldType = List, }; /** * Thrift Application Exception types. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-rpc.md */ enum class AppExceptionType { Unknown = 0, UnknownMethod = 1, InvalidMessageType = 2, WrongMethodName = 3, BadSequenceId = 4, MissingResult = 5, InternalError = 6, ProtocolError = 7, InvalidTransform = 8, InvalidProtocol = 9, // FBThrift values. // See https://github.com/facebook/fbthrift/blob/master/thrift/lib/cpp/TApplicationException.h#L52 UnsupportedClientType = 10, LoadShedding = 11, Timeout = 12, InjectedFailure = 13, ChecksumMismatch = 14, Interruption = 15, }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/thrift_object.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "common/common/utility.h" #include "extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { class ThriftBase; /** * ThriftValue is a field or container (list, set, or map) element. */ class ThriftValue { public: virtual ~ThriftValue() = default; /** * @return FieldType the type of this value */ virtual FieldType type() const PURE; /** * @return const T& pointer to the value, provided that it can be cast to the given type * @throw EnvoyException if the type T does not match the type */ template const T& getValueTyped() const { // Use the Traits template to determine what FieldType the value must have to be cast to T // and throw if the value's type doesn't match. FieldType expected_field_type = Traits::getFieldType(); if (expected_field_type != type()) { ExceptionUtil::throwEnvoyException(fmt::format("expected field type {}, got {}", static_cast(expected_field_type), static_cast(type()))); } return *static_cast(getValue()); } protected: /** * @return void* pointing to the underlying value, to be dynamically cast in getValueTyped */ virtual const void* getValue() const PURE; private: /** * Traits allows getValueTyped() to enforce that the field type is being cast to the desired type. */ template class Traits { public: // Compilation failures where T does not have a member getFieldType typically mean that // getValueTyped was called with a type T that is not used to encode Thrift values. // The specializations below encode the valid types for Thrift primitive types. static FieldType getFieldType() { return T::getFieldType(); } }; }; // Explicit specializations of ThriftValue::Types for primitive types. template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::Bool; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::Byte; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::I16; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::I32; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::I64; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::Double; } }; template <> class ThriftValue::Traits { public: static FieldType getFieldType() { return FieldType::String; } }; using ThriftValuePtr = std::unique_ptr; using ThriftValuePtrList = std::list; using ThriftValuePtrPairList = std::list>; /** * ThriftField is a field within a ThriftStruct. */ class ThriftField { public: virtual ~ThriftField() = default; /** * @return FieldType this field's type */ virtual FieldType fieldType() const PURE; /** * @return int16_t the field's identifier */ virtual int16_t fieldId() const PURE; /** * @return const ThriftValue& containing the field's value */ virtual const ThriftValue& getValue() const PURE; }; using ThriftFieldPtr = std::unique_ptr; using ThriftFieldPtrList = std::list; /** * ThriftListValue is an ordered list of ThriftValues. */ class ThriftListValue { public: virtual ~ThriftListValue() = default; /** * @return const ThriftValuePtrList& containing the ThriftValues that comprise the list */ virtual const ThriftValuePtrList& elements() const PURE; /** * @return FieldType of the underlying elements */ virtual FieldType elementType() const PURE; /** * Used by ThriftValue::Traits to enforce type safety. */ static FieldType getFieldType() { return FieldType::List; } }; /** * ThriftSetValue is a set of ThriftValues, maintained in their original order. */ class ThriftSetValue { public: virtual ~ThriftSetValue() = default; /** * @return const ThriftValuePtrList& containing the ThriftValues that comprise the set */ virtual const ThriftValuePtrList& elements() const PURE; /** * @return FieldType of the underlying elements */ virtual FieldType elementType() const PURE; /** * Used by ThriftValue::Traits to enforce type safety. */ static FieldType getFieldType() { return FieldType::Set; } }; /** * ThriftMapValue is a map of pairs of ThriftValues, maintained in their original order. */ class ThriftMapValue { public: virtual ~ThriftMapValue() = default; /** * @return const ThriftValuePtrPairList& containing the ThriftValue key-value pairs that comprise * the map. */ virtual const ThriftValuePtrPairList& elements() const PURE; /** * @return FieldType of the underlying keys */ virtual FieldType keyType() const PURE; /** * @return FieldType of the underlying values */ virtual FieldType valueType() const PURE; /** * Used by ThriftValue::Traits to enforce type safety. */ static FieldType getFieldType() { return FieldType::Map; } }; /** * ThriftStructValue is a sequence of ThriftFields. */ class ThriftStructValue { public: virtual ~ThriftStructValue() = default; /** * @return const ThriftFieldPtrList& containing the ThriftFields that comprise the struct. */ virtual const ThriftFieldPtrList& fields() const PURE; /** * Used by ThriftValue::Traits to enforce type safety. */ static FieldType getFieldType() { return FieldType::Struct; } }; /** * ThriftObject is a ThriftStructValue that can be read from a Buffer::Instance. */ class ThriftObject : public ThriftStructValue { public: ~ThriftObject() override = default; /* * Consumes bytes from the buffer until a single complete Thrift struct has been consumed. * @param buffer starting with a Thrift struct * @return true when a single complete struct has been consumed; false if more data is needed to * complete decoding * @throw EnvoyException if the struct is invalid */ virtual bool onData(Buffer::Instance& buffer) PURE; }; using ThriftObjectPtr = std::unique_ptr; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/thrift_object_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/thrift_object_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace { std::unique_ptr makeValue(ThriftBase* parent, FieldType type) { switch (type) { case FieldType::Stop: NOT_REACHED_GCOVR_EXCL_LINE; case FieldType::List: return std::make_unique(parent); case FieldType::Set: return std::make_unique(parent); case FieldType::Map: return std::make_unique(parent); case FieldType::Struct: return std::make_unique(parent); default: return std::make_unique(parent, type); } } } // namespace ThriftBase::ThriftBase(ThriftBase* parent) : parent_(parent) {} FilterStatus ThriftBase::structBegin(absl::string_view name) { ASSERT(delegate_ != nullptr); return delegate_->structBegin(name); } FilterStatus ThriftBase::structEnd() { ASSERT(delegate_ != nullptr); return delegate_->structEnd(); } FilterStatus ThriftBase::fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) { ASSERT(delegate_ != nullptr); return delegate_->fieldBegin(name, field_type, field_id); } FilterStatus ThriftBase::fieldEnd() { ASSERT(delegate_ != nullptr); return delegate_->fieldEnd(); } FilterStatus ThriftBase::boolValue(bool& value) { ASSERT(delegate_ != nullptr); return delegate_->boolValue(value); } FilterStatus ThriftBase::byteValue(uint8_t& value) { ASSERT(delegate_ != nullptr); return delegate_->byteValue(value); } FilterStatus ThriftBase::int16Value(int16_t& value) { ASSERT(delegate_ != nullptr); return delegate_->int16Value(value); } FilterStatus ThriftBase::int32Value(int32_t& value) { ASSERT(delegate_ != nullptr); return delegate_->int32Value(value); } FilterStatus ThriftBase::int64Value(int64_t& value) { ASSERT(delegate_ != nullptr); return delegate_->int64Value(value); } FilterStatus ThriftBase::doubleValue(double& value) { ASSERT(delegate_ != nullptr); return delegate_->doubleValue(value); } FilterStatus ThriftBase::stringValue(absl::string_view value) { ASSERT(delegate_ != nullptr); return delegate_->stringValue(value); } FilterStatus ThriftBase::mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) { ASSERT(delegate_ != nullptr); return delegate_->mapBegin(key_type, value_type, size); } FilterStatus ThriftBase::mapEnd() { ASSERT(delegate_ != nullptr); return delegate_->mapEnd(); } FilterStatus ThriftBase::listBegin(FieldType& elem_type, uint32_t& size) { ASSERT(delegate_ != nullptr); return delegate_->listBegin(elem_type, size); } FilterStatus ThriftBase::listEnd() { ASSERT(delegate_ != nullptr); return delegate_->listEnd(); } FilterStatus ThriftBase::setBegin(FieldType& elem_type, uint32_t& size) { ASSERT(delegate_ != nullptr); return delegate_->setBegin(elem_type, size); } FilterStatus ThriftBase::setEnd() { ASSERT(delegate_ != nullptr); return delegate_->setEnd(); } void ThriftBase::delegateComplete() { ASSERT(delegate_ != nullptr); delegate_ = nullptr; } ThriftFieldImpl::ThriftFieldImpl(ThriftStructValueImpl* parent, absl::string_view name, FieldType field_type, int16_t field_id) : ThriftBase(parent), name_(name), field_type_(field_type), field_id_(field_id) { auto value = makeValue(this, field_type_); delegate_ = value.get(); value_ = std::move(value); } FilterStatus ThriftFieldImpl::fieldEnd() { if (delegate_) { return delegate_->fieldEnd(); } parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftListValueImpl::listBegin(FieldType& elem_type, uint32_t& size) { if (delegate_) { return delegate_->listBegin(elem_type, size); } elem_type_ = elem_type; remaining_ = size; delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftListValueImpl::listEnd() { if (delegate_) { return delegate_->listEnd(); } ASSERT(remaining_ == 0); parent_->delegateComplete(); return FilterStatus::Continue; } void ThriftListValueImpl::delegateComplete() { delegate_ = nullptr; if (remaining_ == 0) { return; } auto elem = makeValue(this, elem_type_); delegate_ = elem.get(); elements_.push_back(std::move(elem)); remaining_--; } FilterStatus ThriftSetValueImpl::setBegin(FieldType& elem_type, uint32_t& size) { if (delegate_) { return delegate_->setBegin(elem_type, size); } elem_type_ = elem_type; remaining_ = size; delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftSetValueImpl::setEnd() { if (delegate_) { return delegate_->setEnd(); } ASSERT(remaining_ == 0); parent_->delegateComplete(); return FilterStatus::Continue; } void ThriftSetValueImpl::delegateComplete() { delegate_ = nullptr; if (remaining_ == 0) { return; } auto elem = makeValue(this, elem_type_); delegate_ = elem.get(); elements_.push_back(std::move(elem)); remaining_--; } FilterStatus ThriftMapValueImpl::mapBegin(FieldType& key_type, FieldType& elem_type, uint32_t& size) { if (delegate_) { return delegate_->mapBegin(key_type, elem_type, size); } key_type_ = key_type; elem_type_ = elem_type; remaining_ = size; delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftMapValueImpl::mapEnd() { if (delegate_) { return delegate_->mapEnd(); } ASSERT(remaining_ == 0); parent_->delegateComplete(); return FilterStatus::Continue; } void ThriftMapValueImpl::delegateComplete() { delegate_ = nullptr; if (remaining_ == 0) { return; } // Prepare for first element's key. if (elements_.empty()) { auto key = makeValue(this, key_type_); delegate_ = key.get(); elements_.emplace_back(std::move(key), nullptr); return; } // Prepare for any element's value. auto& elem = elements_.back(); if (elem.second == nullptr) { auto value = makeValue(this, elem_type_); delegate_ = value.get(); elem.second = std::move(value); remaining_--; return; } // Key-value pair completed, prepare for next key. auto key = makeValue(this, key_type_); delegate_ = key.get(); elements_.emplace_back(std::move(key), nullptr); } FilterStatus ThriftValueImpl::boolValue(bool& value) { ASSERT(value_type_ == FieldType::Bool); bool_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::byteValue(uint8_t& value) { ASSERT(value_type_ == FieldType::Byte); byte_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::int16Value(int16_t& value) { ASSERT(value_type_ == FieldType::I16); int16_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::int32Value(int32_t& value) { ASSERT(value_type_ == FieldType::I32); int32_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::int64Value(int64_t& value) { ASSERT(value_type_ == FieldType::I64); int64_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::doubleValue(double& value) { ASSERT(value_type_ == FieldType::Double); double_value_ = value; parent_->delegateComplete(); return FilterStatus::Continue; } FilterStatus ThriftValueImpl::stringValue(absl::string_view value) { ASSERT(value_type_ == FieldType::String); string_value_ = std::string(value); parent_->delegateComplete(); return FilterStatus::Continue; } const void* ThriftValueImpl::getValue() const { switch (value_type_) { case FieldType::Bool: return &bool_value_; case FieldType::Byte: return &byte_value_; case FieldType::I16: return &int16_value_; case FieldType::I32: return &int32_value_; case FieldType::I64: return &int64_value_; case FieldType::Double: return &double_value_; case FieldType::String: return &string_value_; default: NOT_REACHED_GCOVR_EXCL_LINE; } } FilterStatus ThriftStructValueImpl::structBegin(absl::string_view name) { if (delegate_) { return delegate_->structBegin(name); } return FilterStatus::Continue; } FilterStatus ThriftStructValueImpl::structEnd() { if (delegate_) { return delegate_->structEnd(); } if (parent_) { parent_->delegateComplete(); } return FilterStatus::Continue; } FilterStatus ThriftStructValueImpl::fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) { if (delegate_) { return delegate_->fieldBegin(name, field_type, field_id); } if (field_type != FieldType::Stop) { auto field = std::make_unique(this, name, field_type, field_id); delegate_ = field.get(); fields_.emplace_back(std::move(field)); } return FilterStatus::Continue; } ThriftObjectImpl::ThriftObjectImpl(Transport& transport, Protocol& protocol) : ThriftStructValueImpl(nullptr), decoder_(std::make_unique(transport, protocol, *this)) {} bool ThriftObjectImpl::onData(Buffer::Instance& buffer) { bool underflow = false; auto result = decoder_->onData(buffer, underflow); ASSERT(result == FilterStatus::Continue); if (complete_) { decoder_.reset(); } return complete_; } } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/thrift_object_impl.h ================================================ #pragma once #include "extensions/filters/network/thrift_proxy/decoder.h" #include "extensions/filters/network/thrift_proxy/filters/filter.h" #include "extensions/filters/network/thrift_proxy/thrift_object.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * ThriftBase is a base class for decoding Thrift objects. It implements methods from * DecoderEventHandler to automatically delegate to an underlying ThriftBase so that, for example, * the fieldBegin call for a struct field nested within a list is automatically delegated down the * object hierarchy to the correct ThriftBase subclass. */ class ThriftBase : public DecoderEventHandler { public: ThriftBase(ThriftBase* parent); ~ThriftBase() override = default; // DecoderEventHandler FilterStatus transportBegin(MessageMetadataSharedPtr) override { return FilterStatus::Continue; } FilterStatus transportEnd() override { return FilterStatus::Continue; } FilterStatus messageBegin(MessageMetadataSharedPtr) override { return FilterStatus::Continue; } FilterStatus messageEnd() override { return FilterStatus::Continue; } FilterStatus structBegin(absl::string_view name) override; FilterStatus structEnd() override; FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) override; FilterStatus fieldEnd() override; FilterStatus boolValue(bool& value) override; FilterStatus byteValue(uint8_t& value) override; FilterStatus int16Value(int16_t& value) override; FilterStatus int32Value(int32_t& value) override; FilterStatus int64Value(int64_t& value) override; FilterStatus doubleValue(double& value) override; FilterStatus stringValue(absl::string_view value) override; FilterStatus mapBegin(FieldType& key_type, FieldType& value_type, uint32_t& size) override; FilterStatus mapEnd() override; FilterStatus listBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus listEnd() override; FilterStatus setBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus setEnd() override; // Invoked when the current delegate is complete. Completion implies that the delegate is fully // specified (all list values processed, all struct fields processed, etc). virtual void delegateComplete(); protected: ThriftBase* parent_; ThriftBase* delegate_{nullptr}; }; /** * ThriftValueBase is a base class for all struct field values, list values, set values, map keys, * and map values. */ class ThriftValueBase : public ThriftValue, public ThriftBase { public: ThriftValueBase(ThriftBase* parent, FieldType value_type) : ThriftBase(parent), value_type_(value_type) {} ~ThriftValueBase() override = default; // ThriftValue FieldType type() const override { return value_type_; } protected: const FieldType value_type_; }; class ThriftStructValueImpl; /** * ThriftField represents a field in a thrift Struct. It always delegates DecoderEventHandler * methods to a subclass of ThriftValueBase. */ class ThriftFieldImpl : public ThriftField, public ThriftBase { public: ThriftFieldImpl(ThriftStructValueImpl* parent, absl::string_view name, FieldType field_type, int16_t field_id); // DecoderEventHandler FilterStatus fieldEnd() override; // ThriftField FieldType fieldType() const override { return field_type_; } int16_t fieldId() const override { return field_id_; } const ThriftValue& getValue() const override { return *value_; } private: std::string name_; FieldType field_type_; int16_t field_id_; ThriftValuePtr value_; }; /** * ThriftStructValueImpl implements ThriftStruct. */ class ThriftStructValueImpl : public ThriftStructValue, public ThriftValueBase { public: ThriftStructValueImpl(ThriftBase* parent) : ThriftValueBase(parent, FieldType::Struct) {} // DecoderEventHandler FilterStatus structBegin(absl::string_view name) override; FilterStatus structEnd() override; FilterStatus fieldBegin(absl::string_view name, FieldType& field_type, int16_t& field_id) override; // ThriftStructValue const ThriftFieldPtrList& fields() const override { return fields_; } private: // ThriftValue const void* getValue() const override { return this; }; ThriftFieldPtrList fields_; }; /** * ThriftListValueImpl represents Thrift lists. */ class ThriftListValueImpl : public ThriftListValue, public ThriftValueBase { public: ThriftListValueImpl(ThriftBase* parent) : ThriftValueBase(parent, FieldType::List) {} // DecoderEventHandler FilterStatus listBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus listEnd() override; // ThriftListValue const ThriftValuePtrList& elements() const override { return elements_; } FieldType elementType() const override { return elem_type_; } void delegateComplete() override; protected: // ThriftValue const void* getValue() const override { return this; }; FieldType elem_type_{FieldType::Stop}; uint32_t remaining_{0}; ThriftValuePtrList elements_; }; /** * ThriftSetValueImpl represents Thrift sets. */ class ThriftSetValueImpl : public ThriftSetValue, public ThriftValueBase { public: ThriftSetValueImpl(ThriftBase* parent) : ThriftValueBase(parent, FieldType::Set) {} // DecoderEventHandler FilterStatus setBegin(FieldType& elem_type, uint32_t& size) override; FilterStatus setEnd() override; // ThriftSetValue const ThriftValuePtrList& elements() const override { return elements_; } FieldType elementType() const override { return elem_type_; } void delegateComplete() override; protected: // ThriftValue const void* getValue() const override { return this; }; FieldType elem_type_{FieldType::Stop}; uint32_t remaining_{0}; ThriftValuePtrList elements_; // maintain original order }; /** * ThriftMapValueImpl represents Thrift maps. */ class ThriftMapValueImpl : public ThriftMapValue, public ThriftValueBase { public: ThriftMapValueImpl(ThriftBase* parent) : ThriftValueBase(parent, FieldType::Map) {} // DecoderEventHandler FilterStatus mapBegin(FieldType& key_type, FieldType& elem_type, uint32_t& size) override; FilterStatus mapEnd() override; // ThriftMapValue const ThriftValuePtrPairList& elements() const override { return elements_; } FieldType keyType() const override { return key_type_; } FieldType valueType() const override { return elem_type_; } void delegateComplete() override; protected: // ThriftValue const void* getValue() const override { return this; }; FieldType key_type_{FieldType::Stop}; FieldType elem_type_{FieldType::Stop}; uint32_t remaining_{0}; ThriftValuePtrPairList elements_; // maintain original order }; /** * ThriftValueImpl represents primitive Thrift types, including strings. */ class ThriftValueImpl : public ThriftValueBase { public: ThriftValueImpl(ThriftBase* parent, FieldType value_type) : ThriftValueBase(parent, value_type) {} // DecoderEventHandler FilterStatus boolValue(bool& value) override; FilterStatus byteValue(uint8_t& value) override; FilterStatus int16Value(int16_t& value) override; FilterStatus int32Value(int32_t& value) override; FilterStatus int64Value(int64_t& value) override; FilterStatus doubleValue(double& value) override; FilterStatus stringValue(absl::string_view value) override; protected: // ThriftValue const void* getValue() const override; private: union { bool bool_value_; uint8_t byte_value_; int16_t int16_value_; int32_t int32_value_; int64_t int64_value_; double double_value_; }; std::string string_value_; }; /** * ThriftObjectImpl is a generic representation of a Thrift struct. */ class ThriftObjectImpl : public ThriftObject, public ThriftStructValueImpl, public DecoderCallbacks { public: ThriftObjectImpl(Transport& transport, Protocol& protocol); // DecoderCallbacks DecoderEventHandler& newDecoderEventHandler() override { return *this; } FilterStatus transportEnd() override { complete_ = true; return FilterStatus::Continue; } // ThriftObject bool onData(Buffer::Instance& buffer) override; // ThriftStruct const ThriftFieldPtrList& fields() const override { return ThriftStructValueImpl::fields(); } private: DecoderPtr decoder_; bool complete_{false}; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/tracing.h ================================================ #pragma once #include #include #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * Endpoint is an endpoint attribution on an Annotation or BinaryAnnotation. */ class Endpoint { public: Endpoint(int32_t ipv4, int16_t port, const std::string& service_name) : ipv4_(ipv4), port_(port), service_name_(service_name) {} Endpoint() = default; int32_t ipv4_{0}; int16_t port_{0}; std::string service_name_; }; /** * Annotation is a span annotation. */ class Annotation { public: Annotation(int64_t timestamp, const std::string& value, absl::optional host) : timestamp_(timestamp), value_(value), host_(host) {} Annotation() = default; int64_t timestamp_{0}; std::string value_; absl::optional host_; }; using AnnotationList = std::list; /** * AnnotationType represents a BinaryAnnotation's type. */ enum class AnnotationType { Bool = 0, Bytes = 1, I16 = 2, I32 = 3, I64 = 4, Double = 5, String = 6, }; /** * BinaryAnnotation is a binary span annotation. */ class BinaryAnnotation { public: BinaryAnnotation(const std::string& key, const std::string& value, AnnotationType annotation_type, absl::optional host) : key_(key), value_(value), annotation_type_(annotation_type), host_(host) {} BinaryAnnotation() = default; std::string key_; std::string value_; AnnotationType annotation_type_{AnnotationType::Bool}; absl::optional host_; }; using BinaryAnnotationList = std::list; /** * Span is a single, annotated span in a trace. */ class Span { public: Span(int64_t trace_id, const std::string& name, int64_t span_id, absl::optional parent_span_id, AnnotationList&& annotations, BinaryAnnotationList&& binary_annotations, bool debug) : trace_id_(trace_id), name_(name), span_id_(span_id), parent_span_id_(parent_span_id), annotations_(std::move(annotations)), binary_annotations_(std::move(binary_annotations)), debug_(debug) {} Span() = default; int64_t trace_id_{0}; std::string name_; int64_t span_id_{0}; absl::optional parent_span_id_; AnnotationList annotations_; BinaryAnnotationList binary_annotations_; bool debug_{false}; }; using SpanList = std::list; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/transport.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "common/config/utility.h" #include "common/singleton/const_singleton.h" #include "extensions/filters/network/thrift_proxy/metadata.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * Transport represents a Thrift transport. The Thrift transport is nominally a generic, * bi-directional byte stream. In Envoy we assume it always represents a network byte stream and * the Transport is just a mechanism for framing messages and passing message metadata. */ class Transport { public: virtual ~Transport() = default; /* * Returns this transport's name. * * @return std::string containing the transport name. */ virtual const std::string& name() const PURE; /** * @return TransportType the transport type */ virtual TransportType type() const PURE; /* * Decodes the start of a transport message. If successful, the start of the frame is removed * from the buffer. Transports should not modify the buffer, headers, protocol type, or size if * more data is required to decode the frame's start. If the full frame start can be decoded, the * Transport must drain the frame start data from the buffer. The request metadata should be * modified with any data available to the transport. * * @param buffer the currently buffered thrift data. * @param metadata MessageMetadata to be modified if transport supports additional information * @return bool true if a complete frame header was successfully consumed, false if more data * is required. * @throws EnvoyException if the data is not valid for this transport. */ virtual bool decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) PURE; /* * Decodes the end of a transport message. If successful, the end of the frame is removed from * the buffer. * * @param buffer the currently buffered thrift data. * @return bool true if a complete frame trailer was successfully consumed, false if more data * is required. * @throws EnvoyException if the data is not valid for this transport. */ virtual bool decodeFrameEnd(Buffer::Instance& buffer) PURE; /** * Wraps the given message buffer with the transport's header and trailer (if any). After * encoding, message will be empty. * @param buffer is the output buffer * @param metadata MessageMetadata for the message * @param message a protocol-encoded message * @throws EnvoyException if the message is too large for the transport */ virtual void encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) PURE; }; using TransportPtr = std::unique_ptr; /** * Implemented by each Thrift transport and registered via Registry::registerFactory or the * convenience class RegisterFactory. */ class NamedTransportConfigFactory : public Envoy::Config::UntypedFactory { public: ~NamedTransportConfigFactory() override = default; /** * Create a particular Thrift transport. * @return TransportPtr the transport */ virtual TransportPtr createTransport() PURE; std::string category() const override { return "envoy.thrift_proxy.transports"; } /** * Convenience method to lookup a factory by type. * @param TransportType the transport type * @return NamedTransportConfigFactory& for the TransportType */ static NamedTransportConfigFactory& getFactory(TransportType type) { const std::string& name = TransportNames::get().fromType(type); return Envoy::Config::Utility::getAndCheckFactoryByName(name); } }; /** * TransportFactoryBase provides a template for a trivial NamedTransportConfigFactory. */ template class TransportFactoryBase : public NamedTransportConfigFactory { public: TransportPtr createTransport() override { return std::move(std::make_unique()); } std::string name() const override { return name_; } protected: TransportFactoryBase(const std::string& name) : name_(name) {} private: const std::string name_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" #include "envoy/common/exception.h" #include "common/buffer/buffer_impl.h" #include "extensions/filters/network/thrift_proxy/buffer_helper.h" #include "extensions/filters/network/thrift_proxy/thrift_object_impl.h" #include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" #include "absl/strings/str_replace.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { namespace { struct StructNameValues { const std::string connectionOptionsStruct = "ConnectionOptions"; const std::string requestHeaderStruct = "RequestHeader"; const std::string clientIdStruct = "ClientId"; const std::string delegationStruct = "Delegation"; const std::string requestContextStruct = "RequestContext"; const std::string responseHeaderStruct = "ResponseHeader"; const std::string spanStruct = "Span"; const std::string annotationStruct = "Annotation"; const std::string binaryAnnotationStruct = "BinaryAnnotation"; const std::string endpointStruct = "Endpoint"; const std::string upgradeReplyStruct = "UpgradeReply"; }; using StructNames = ConstSingleton; struct RequestHeaderFieldNameValues { const std::string traceIdField = "trace_id"; const std::string spanIdField = "span_id"; const std::string parentSpanIdField = "parent_span_id"; const std::string sampledField = "sampled"; const std::string clientIdField = "client_id"; const std::string flagsField = "flags"; const std::string contextsField = "contexts"; const std::string destField = "dest"; const std::string delegationsField = "delegations"; const std::string traceIdHighField = "trace_id_high"; }; using RequestHeaderFieldNames = ConstSingleton; struct ClientIdFieldNameValues { const std::string nameField = "name"; }; using ClientIdFieldNames = ConstSingleton; struct DelegationFieldNameValues { const std::string srcField = "src"; const std::string dstField = "dst"; }; using DelegationFieldNames = ConstSingleton; struct RequestContextFieldNameValues { const std::string keyField = "key"; const std::string valueField = "value"; }; using RequestContextFieldNames = ConstSingleton; struct ResponseHeaderFieldNameValues { const std::string spansField = "spans"; const std::string contextsField = "contexts"; }; using ResponseHeaderFieldNames = ConstSingleton; struct SpanFieldNameValues { const std::string traceIdField = "trace_id"; const std::string nameField = "name"; const std::string idField = "id"; const std::string parentIdField = "parent_id"; const std::string annotationsField = "annotations"; const std::string binaryAnnotationsField = "binary_annotations"; const std::string debugField = "debug"; }; using SpanFieldNames = ConstSingleton; struct AnnotationFieldNameValues { const std::string timestampField = "timestamp"; const std::string valueField = "value"; const std::string hostField = "host"; }; using AnnotationFieldNames = ConstSingleton; struct BinaryAnnotationFieldNameValues { const std::string keyField = "key"; const std::string valueField = "value"; const std::string annotationTypeField = "annotation_type"; const std::string hostField = "host"; }; using BinaryAnnotationFieldNames = ConstSingleton; struct EndpointFieldNameValues { const std::string ipv4Field = "ipv4"; const std::string portField = "port"; const std::string serviceNameField = "service_name"; }; using EndpointFieldNames = ConstSingleton; const std::string& emptyString() { CONSTRUCT_ON_FIRST_USE(std::string, ""); } /** * HeaderObjectProtocol implements BinaryProtocolImpl for the specific purpose of decoding the * Twitter protocol RequestHeader and ResponseHeader thrift structs. These appear after any * transport data (e.g. frame size) and before the start of a Thrift message. Decoding them * via a Protocol implementation allows us to reuse the Decoder and its state machine. */ class HeaderObjectProtocol : public BinaryProtocolImpl { public: bool readMessageBegin(Buffer::Instance&, MessageMetadata&) override { return true; } bool readMessageEnd(Buffer::Instance&) override { return true; } }; // Not const because the interfaces do not allow it, but these objects do not maintain internal // state and are therefore not modifiable. Transport& headerObjectTransport() { static UnframedTransportImpl* transport = new UnframedTransportImpl(); return *transport; } Protocol& headerObjectProtocol() { static HeaderObjectProtocol* protocol = new HeaderObjectProtocol(); return *protocol; } /** * ClientId is a Twitter protocol client identifier. * * See https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class ClientId { public: ClientId(const std::string& name) : name_(name) {} ClientId(const ThriftStructValue& value) { for (const auto& field : value.fields()) { // Unknown field id are ignored, to allow for future additional fields. if (field->fieldId() == NameFieldId) { name_ = field->getValue().getValueTyped(); } } } void write(Buffer::Instance& buffer) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().clientIdStruct); // name protocol.writeFieldBegin(buffer, ClientIdFieldNames::get().nameField, FieldType::String, NameFieldId); protocol.writeString(buffer, name_); protocol.writeFieldEnd(buffer); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } static constexpr int16_t NameFieldId = 1; std::string name_; }; /** * UpgradeReply represents Twitter protocol upgrade responses. */ class UpgradeReply : public DirectResponse, public ThriftObject { public: UpgradeReply() = default; UpgradeReply(Transport& transport) : thrift_obj_(std::make_unique(transport, protocol_)) {} // DirectResponse DirectResponse::ResponseType encode(MessageMetadata& metadata, Protocol&, Buffer::Instance& buffer) const override { if (!metadata.hasSequenceId()) { metadata.setSequenceId(0); }; metadata.setMethodName(TwitterProtocolImpl::upgradeMethodName()); metadata.setMessageType(MessageType::Reply); // The upgrade response cannot have Twitter protocol headers, so ignore the caller's Protocol. BinaryProtocolImpl protocol; protocol.writeMessageBegin(buffer, metadata); // Per the Thrift standard, this is an invalid reply. We should start a reply struct with a // single field of id 0 (0x0B 0x00 0x00) to indicate success, followed by an empty UpgradeReply // struct (0x00), followed by a stop field for the reply struct (0x00). The finagle-twitter // implementation, however, just emits a single stop field. protocol.writeStructBegin(buffer, StructNames::get().upgradeReplyStruct); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); protocol.writeMessageEnd(buffer); return DirectResponse::ResponseType::SuccessReply; } // ThriftObject const ThriftFieldPtrList& fields() const override { return thrift_obj_->fields(); } bool onData(Buffer::Instance& buffer) override { return thrift_obj_->onData(buffer); } private: BinaryProtocolImpl protocol_; ThriftObjectPtr thrift_obj_; }; /** * ConnectionOptions is the Twitter protocol upgrade request. It is an empty struct. */ class ConnectionOptions : public ThriftStructValueImpl { public: ConnectionOptions() : ThriftStructValueImpl(nullptr) {} }; /** * RequestContext is a Twitter protocol request context (key/value pair). * * See https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class RequestContext { public: RequestContext(const std::string& key, const std::string& value) : key_(key), value_(value) {} RequestContext(const ThriftStructValue& value) { for (const auto& field : value.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case 1: key_ = field->getValue().getValueTyped(); break; case 2: value_ = field->getValue().getValueTyped(); break; } } } void write(Buffer::Instance& buffer) const { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().requestContextStruct); // key protocol.writeFieldBegin(buffer, RequestContextFieldNames::get().keyField, FieldType::String, KeyFieldId); protocol.writeString(buffer, key_); protocol.writeFieldEnd(buffer); // value protocol.writeFieldBegin(buffer, RequestContextFieldNames::get().valueField, FieldType::String, ValueFieldId); protocol.writeString(buffer, value_); protocol.writeFieldEnd(buffer); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } static constexpr int16_t KeyFieldId = 1; static constexpr int16_t ValueFieldId = 2; std::string key_; std::string value_; }; using RequestContextList = std::list; /** * Delegation is Twitter protocol delegation table entry. * * See https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class Delegation { public: Delegation(const std::string& src, const std::string& dst) : src_(src), dst_(dst) {} Delegation(const ThriftStructValue& value) { for (const auto& field : value.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case SrcFieldId: src_ = field->getValue().getValueTyped(); break; case DstFieldId: dst_ = field->getValue().getValueTyped(); break; } } } void write(Buffer::Instance& buffer) const { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().delegationStruct); // src protocol.writeFieldBegin(buffer, DelegationFieldNames::get().srcField, FieldType::String, SrcFieldId); protocol.writeString(buffer, src_); protocol.writeFieldEnd(buffer); // dst protocol.writeFieldBegin(buffer, DelegationFieldNames::get().dstField, FieldType::String, DstFieldId); protocol.writeString(buffer, dst_); protocol.writeFieldEnd(buffer); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } static constexpr int16_t SrcFieldId = 1; static constexpr int16_t DstFieldId = 2; std::string src_; std::string dst_; }; using DelegationList = std::list; /** * RequestHeader is a Twitter protocol request header, inserted between the transport start and * message begin. * * See https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class RequestHeader { public: RequestHeader(const ThriftObject& header) { for (const auto& field : header.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case TraceIdFieldId: trace_id_ = field->getValue().getValueTyped(); break; case SpanIdFieldId: span_id_ = field->getValue().getValueTyped(); break; case ParentSpanIdFieldId: parent_span_id_ = field->getValue().getValueTyped(); break; // unused: field 4 case SampledFieldId: sampled_ = field->getValue().getValueTyped(); break; case ClientIdFieldId: client_id_ = ClientId(field->getValue().getValueTyped()); break; case FlagsFieldId: flags_ = field->getValue().getValueTyped(); break; case ContextsFieldId: readContexts(field->getValue().getValueTyped()); break; case DestFieldId: dest_ = field->getValue().getValueTyped(); break; case DelegationsFieldId: readDelegations(field->getValue().getValueTyped()); break; case TraceIdHighFieldId: trace_id_high_ = field->getValue().getValueTyped(); break; } } } RequestHeader(const MessageMetadata& metadata) { if (metadata.traceId()) { trace_id_ = *metadata.traceId(); } if (metadata.traceIdHigh()) { trace_id_high_ = *metadata.traceIdHigh(); } if (metadata.spanId()) { span_id_ = *metadata.spanId(); } if (metadata.parentSpanId()) { parent_span_id_ = *metadata.parentSpanId(); } if (metadata.flags()) { flags_ = *metadata.flags(); } if (metadata.sampled().has_value()) { sampled_ = metadata.sampled().value(); } metadata.headers().iterate([this](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { absl::string_view key = header.key().getStringView(); if (key.empty()) { return Http::HeaderMap::Iterate::Continue; } if (key == Headers::get().ClientId.get()) { client_id_ = ClientId(std::string(header.value().getStringView())); } else if (key == Headers::get().Dest.get()) { dest_ = std::string(header.value().getStringView()); } else if (key.find(":d:") == 0 && key.size() > 3) { delegations_.emplace_back(std::string(key.substr(3)), std::string(header.value().getStringView())); } else if (key[0] != ':') { contexts_.emplace_back(std::string(key), std::string(header.value().getStringView())); } return Http::HeaderMap::Iterate::Continue; }); } void write(Buffer::Instance& buffer) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().requestHeaderStruct); // trace_id protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().traceIdField, FieldType::I64, TraceIdFieldId); protocol.writeInt64(buffer, trace_id_); protocol.writeFieldEnd(buffer); // span_id protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().spanIdField, FieldType::I64, SpanIdFieldId); protocol.writeInt64(buffer, span_id_); protocol.writeFieldEnd(buffer); // parent_span_id if (parent_span_id_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().parentSpanIdField, FieldType::I64, ParentSpanIdFieldId); protocol.writeInt64(buffer, *parent_span_id_); protocol.writeFieldEnd(buffer); } // sampled if (sampled_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().sampledField, FieldType::Bool, SampledFieldId); protocol.writeBool(buffer, *sampled_); protocol.writeFieldEnd(buffer); } // client_id if (client_id_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().clientIdField, FieldType::Struct, ClientIdFieldId); client_id_->write(buffer); protocol.writeFieldEnd(buffer); } // flags if (flags_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().flagsField, FieldType::I64, FlagsFieldId); protocol.writeInt64(buffer, *flags_); protocol.writeFieldEnd(buffer); } // contexts if (!contexts_.empty()) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().contextsField, FieldType::List, ContextsFieldId); protocol.writeListBegin(buffer, FieldType::Struct, contexts_.size()); for (const auto& context : contexts_) { context.write(buffer); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); } // dest if (dest_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().destField, FieldType::String, DestFieldId); protocol.writeString(buffer, *dest_); protocol.writeFieldEnd(buffer); } // delegations if (!delegations_.empty()) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().delegationsField, FieldType::List, DelegationsFieldId); protocol.writeListBegin(buffer, FieldType::Struct, delegations_.size()); for (const auto& delegation : delegations_) { delegation.write(buffer); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); } // trace_id_high if (trace_id_high_) { protocol.writeFieldBegin(buffer, RequestHeaderFieldNames::get().traceIdHighField, FieldType::I64, TraceIdHighFieldId); protocol.writeInt64(buffer, *trace_id_high_); protocol.writeFieldEnd(buffer); } protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } int64_t traceId() const { return trace_id_; } int64_t spanId() const { return span_id_; } absl::optional parentSpanId() const { return parent_span_id_; } absl::optional sampled() const { return sampled_; } absl::optional clientId() const { return client_id_; } absl::optional flags() const { return flags_; } const RequestContextList& contexts() const { return contexts_; } RequestContextList* contexts() { return &contexts_; } absl::optional dest() { return dest_; } const DelegationList& delegations() const { return delegations_; } DelegationList* delegations() { return &delegations_; } absl::optional traceIdHigh() const { return trace_id_high_; } private: static constexpr int16_t TraceIdFieldId = 1; static constexpr int16_t SpanIdFieldId = 2; static constexpr int16_t ParentSpanIdFieldId = 3; static constexpr int16_t SampledFieldId = 5; static constexpr int16_t ClientIdFieldId = 6; static constexpr int16_t FlagsFieldId = 7; static constexpr int16_t ContextsFieldId = 8; static constexpr int16_t DestFieldId = 9; static constexpr int16_t DelegationsFieldId = 10; static constexpr int16_t TraceIdHighFieldId = 11; void readContexts(const ThriftListValue& ctxts_list) { contexts_.clear(); for (const auto& elem : ctxts_list.elements()) { const ThriftStructValue& ctxt_struct = elem->getValueTyped(); contexts_.emplace_back(ctxt_struct); } } void readDelegations(const ThriftListValue& delegations_list) { delegations_.clear(); for (const auto& elem : delegations_list.elements()) { const ThriftStructValue& ctxt_struct = elem->getValueTyped(); delegations_.emplace_back(ctxt_struct); } } int64_t trace_id_{0}; int64_t span_id_{0}; absl::optional parent_span_id_; absl::optional sampled_; absl::optional client_id_; absl::optional flags_; std::list contexts_; absl::optional dest_; DelegationList delegations_; absl::optional trace_id_high_; }; /** * ResponseHeader is a Twitter protocol response header, inserted between the transport start and * message begin. * * See https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class ResponseHeader { public: ResponseHeader(const ThriftObject& header) { for (const auto& field : header.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case SpansFieldId: readSpans(field->getValue().getValueTyped()); break; case ContextsFieldId: readContexts(field->getValue().getValueTyped()); break; } } } ResponseHeader(const MessageMetadata& metadata) : spans_(metadata.spans()) { metadata.headers().iterate([this](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { absl::string_view key = header.key().getStringView(); if (!key.empty() && key[0] != ':') { contexts_.emplace_back(std::string(key), std::string(header.value().getStringView())); } return Http::HeaderMap::Iterate::Continue; }); } void write(Buffer::Instance& buffer) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().responseHeaderStruct); // spans if (!spans_.empty()) { protocol.writeFieldBegin(buffer, ResponseHeaderFieldNames::get().spansField, FieldType::List, SpansFieldId); protocol.writeListBegin(buffer, FieldType::Struct, spans_.size()); for (const auto& span : spans_) { writeSpan(buffer, span); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); } // contexts if (!contexts_.empty()) { protocol.writeFieldBegin(buffer, ResponseHeaderFieldNames::get().contextsField, FieldType::List, ContextsFieldId); protocol.writeListBegin(buffer, FieldType::Struct, contexts_.size()); for (const auto& context : contexts_) { context.write(buffer); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); } protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } SpanList& spans() { return spans_; } RequestContextList& contexts() { return contexts_; } private: static constexpr int16_t SpansFieldId = 1; static constexpr int16_t ContextsFieldId = 2; static constexpr int16_t SpanTraceIdFieldId = 1; static constexpr int16_t SpanNameFieldId = 3; static constexpr int16_t SpanIdFieldId = 4; static constexpr int16_t SpanParentIdFieldId = 5; static constexpr int16_t SpanAnnotationsFieldId = 6; static constexpr int16_t SpanBinaryAnnotationsFieldId = 8; static constexpr int16_t SpanDebugFieldId = 9; static constexpr int16_t AnnotationTimestampFieldId = 1; static constexpr int16_t AnnotationValueFieldId = 2; static constexpr int16_t AnnotationHostFieldId = 3; static constexpr int16_t BinaryAnnotationKeyFieldId = 1; static constexpr int16_t BinaryAnnotationValueFieldId = 2; static constexpr int16_t BinaryAnnotationAnnotationTypeFieldId = 3; static constexpr int16_t BinaryAnnotationHostFieldId = 4; static constexpr int16_t EndpointIpv4FieldId = 1; static constexpr int16_t EndpointPortFieldId = 2; static constexpr int16_t EndpointServiceNameFieldId = 3; void readSpans(const ThriftListValue& spans_list) { spans_.clear(); for (const auto& elem : spans_list.elements()) { spans_.emplace_back(); readSpan(spans_.back(), elem->getValueTyped()); } } void readSpan(Span& span, const ThriftStructValue& thrift_struct) { for (const auto& field : thrift_struct.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case SpanTraceIdFieldId: span.trace_id_ = field->getValue().getValueTyped(); break; // field 2: unused case SpanNameFieldId: span.name_ = field->getValue().getValueTyped(); break; case SpanIdFieldId: span.span_id_ = field->getValue().getValueTyped(); break; case SpanParentIdFieldId: span.parent_span_id_ = field->getValue().getValueTyped(); break; case SpanAnnotationsFieldId: readAnnotations(span.annotations_, field->getValue().getValueTyped()); break; // field 7: unused case SpanBinaryAnnotationsFieldId: readBinaryAnnotations(span.binary_annotations_, field->getValue().getValueTyped()); break; case SpanDebugFieldId: span.debug_ = field->getValue().getValueTyped(); break; } } } void writeSpan(Buffer::Instance& buffer, const Span& span) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().spanStruct); // trace_id protocol.writeFieldBegin(buffer, SpanFieldNames::get().traceIdField, FieldType::I64, SpanTraceIdFieldId); protocol.writeInt64(buffer, span.trace_id_); protocol.writeFieldEnd(buffer); // name protocol.writeFieldBegin(buffer, SpanFieldNames::get().nameField, FieldType::String, SpanNameFieldId); protocol.writeString(buffer, span.name_); protocol.writeFieldEnd(buffer); // id protocol.writeFieldBegin(buffer, SpanFieldNames::get().idField, FieldType::I64, SpanIdFieldId); protocol.writeInt64(buffer, span.span_id_); protocol.writeFieldEnd(buffer); // parent_id if (span.parent_span_id_) { protocol.writeFieldBegin(buffer, SpanFieldNames::get().parentIdField, FieldType::I64, SpanParentIdFieldId); protocol.writeInt64(buffer, *span.parent_span_id_); protocol.writeFieldEnd(buffer); } // annotations protocol.writeFieldBegin(buffer, SpanFieldNames::get().annotationsField, FieldType::List, SpanAnnotationsFieldId); protocol.writeListBegin(buffer, FieldType::Struct, span.annotations_.size()); for (const auto& annotation : span.annotations_) { writeAnnotation(buffer, annotation); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); // binary_annotations protocol.writeFieldBegin(buffer, SpanFieldNames::get().binaryAnnotationsField, FieldType::List, SpanBinaryAnnotationsFieldId); protocol.writeListBegin(buffer, FieldType::Struct, span.binary_annotations_.size()); for (const auto& annotation : span.binary_annotations_) { writeBinaryAnnotation(buffer, annotation); } protocol.writeListEnd(buffer); protocol.writeFieldEnd(buffer); // debug protocol.writeFieldBegin(buffer, SpanFieldNames::get().debugField, FieldType::Bool, SpanDebugFieldId); protocol.writeBool(buffer, span.debug_); protocol.writeFieldEnd(buffer); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } void readAnnotations(AnnotationList& annotations, const ThriftListValue& thrift_list) { annotations.clear(); for (const auto& elem : thrift_list.elements()) { annotations.emplace_back(); readAnnotation(annotations.back(), elem->getValueTyped()); } } void readAnnotation(Annotation& annotation, const ThriftStructValue& thrift_struct) { for (const auto& field : thrift_struct.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case AnnotationTimestampFieldId: annotation.timestamp_ = field->getValue().getValueTyped(); break; case AnnotationValueFieldId: annotation.value_ = field->getValue().getValueTyped(); break; case AnnotationHostFieldId: annotation.host_.emplace(); readEndpoint(annotation.host_.value(), field->getValue().getValueTyped()); break; } } } void writeAnnotation(Buffer::Instance& buffer, const Annotation& annotation) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().annotationStruct); // timestamp protocol.writeFieldBegin(buffer, AnnotationFieldNames::get().timestampField, FieldType::I64, AnnotationTimestampFieldId); protocol.writeInt64(buffer, annotation.timestamp_); protocol.writeFieldEnd(buffer); // value protocol.writeFieldBegin(buffer, AnnotationFieldNames::get().valueField, FieldType::String, AnnotationValueFieldId); protocol.writeString(buffer, annotation.value_); protocol.writeFieldEnd(buffer); // endpoint if (annotation.host_) { protocol.writeFieldBegin(buffer, AnnotationFieldNames::get().hostField, FieldType::Struct, AnnotationHostFieldId); writeEndpoint(buffer, *annotation.host_); protocol.writeFieldEnd(buffer); } protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } void readBinaryAnnotations(BinaryAnnotationList& annotations, const ThriftListValue& thrift_list) { annotations.clear(); for (const auto& elem : thrift_list.elements()) { annotations.emplace_back(); readBinaryAnnotation(annotations.back(), elem->getValueTyped()); } } void readBinaryAnnotation(BinaryAnnotation& annotation, const ThriftStructValue& thrift_struct) { for (const auto& field : thrift_struct.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case BinaryAnnotationKeyFieldId: annotation.key_ = field->getValue().getValueTyped(); break; case BinaryAnnotationValueFieldId: annotation.value_ = field->getValue().getValueTyped(); break; case BinaryAnnotationAnnotationTypeFieldId: annotation.annotation_type_ = static_cast(field->getValue().getValueTyped()); break; case BinaryAnnotationHostFieldId: annotation.host_.emplace(); readEndpoint(annotation.host_.value(), field->getValue().getValueTyped()); break; } } } void writeBinaryAnnotation(Buffer::Instance& buffer, const BinaryAnnotation& annotation) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().binaryAnnotationStruct); // key protocol.writeFieldBegin(buffer, BinaryAnnotationFieldNames::get().keyField, FieldType::String, BinaryAnnotationKeyFieldId); protocol.writeString(buffer, annotation.key_); protocol.writeFieldEnd(buffer); // value protocol.writeFieldBegin(buffer, BinaryAnnotationFieldNames::get().valueField, FieldType::String, BinaryAnnotationValueFieldId); protocol.writeString(buffer, annotation.value_); protocol.writeFieldEnd(buffer); // annotation_type protocol.writeFieldBegin(buffer, BinaryAnnotationFieldNames::get().annotationTypeField, FieldType::I32, BinaryAnnotationAnnotationTypeFieldId); protocol.writeInt32(buffer, static_cast(annotation.annotation_type_)); protocol.writeFieldEnd(buffer); // endpoint if (annotation.host_) { protocol.writeFieldBegin(buffer, BinaryAnnotationFieldNames::get().hostField, FieldType::Struct, BinaryAnnotationHostFieldId); writeEndpoint(buffer, *annotation.host_); protocol.writeFieldEnd(buffer); } protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } void readEndpoint(Endpoint& endpoint, const ThriftStructValue& thrift_struct) { for (const auto& field : thrift_struct.fields()) { // Unknown field id are ignored, to allow for future additional fields. switch (field->fieldId()) { case 1: endpoint.ipv4_ = field->getValue().getValueTyped(); break; case 2: endpoint.port_ = field->getValue().getValueTyped(); break; case 3: endpoint.service_name_ = field->getValue().getValueTyped(); break; } } } void writeEndpoint(Buffer::Instance& buffer, const Endpoint& endpoint) { Protocol& protocol = headerObjectProtocol(); protocol.writeStructBegin(buffer, StructNames::get().endpointStruct); // ipv4 protocol.writeFieldBegin(buffer, EndpointFieldNames::get().ipv4Field, FieldType::I32, EndpointIpv4FieldId); protocol.writeInt32(buffer, endpoint.ipv4_); protocol.writeFieldEnd(buffer); // port protocol.writeFieldBegin(buffer, EndpointFieldNames::get().portField, FieldType::I16, EndpointPortFieldId); protocol.writeInt16(buffer, endpoint.port_); protocol.writeFieldEnd(buffer); // service_name protocol.writeFieldBegin(buffer, EndpointFieldNames::get().serviceNameField, FieldType::String, EndpointServiceNameFieldId); protocol.writeString(buffer, endpoint.service_name_); protocol.writeFieldEnd(buffer); protocol.writeFieldBegin(buffer, emptyString(), FieldType::Stop, 0); protocol.writeStructEnd(buffer); } void readContexts(const ThriftListValue& ctxts_list) { contexts_.clear(); for (const auto& elem : ctxts_list.elements()) { const ThriftStructValue& ctxt_struct = elem->getValueTyped(); contexts_.emplace_back(ctxt_struct); } } std::list spans_; std::list contexts_; }; } // namespace bool TwitterProtocolImpl::readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) { // If we see a normal binary protocol message with the improbable name on the first request // or response, we're upgrading to the TTwitter protocol. if (!upgraded_.has_value()) { if (!BinaryProtocolImpl::readMessageBegin(buffer, metadata)) { // Need more data. return false; } ASSERT(metadata.hasMethodName()); if (metadata.methodName() == upgradeMethodName()) { metadata.setProtocolUpgradeMessage(true); return true; } upgraded_ = false; return true; } if (!upgraded_.value()) { // Fall back to regular binary protocol with no header object. return BinaryProtocolImpl::readMessageBegin(buffer, metadata); } // Upgraded protocol: consume RequestHeader or ResponseHeader. if (!header_complete_) { if (!header_) { header_ = std::make_unique(headerObjectTransport(), headerObjectProtocol()); } header_complete_ = header_->onData(buffer); if (!header_complete_) { // Need more data. return false; } } if (!BinaryProtocolImpl::readMessageBegin(buffer, metadata)) { // Need more data. return false; } // Now that we know whether this is a request or a response, handle the header. ASSERT(metadata.hasMessageType()); switch (metadata.messageType()) { case MessageType::Call: case MessageType::Oneway: updateMetadataWithRequestHeader(*header_, metadata); break; case MessageType::Reply: case MessageType::Exception: updateMetadataWithResponseHeader(*header_, metadata); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } header_complete_ = false; header_.reset(); return true; } void TwitterProtocolImpl::writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) { if (upgraded_.value_or(false)) { switch (metadata.messageType()) { case MessageType::Call: case MessageType::Oneway: writeRequestHeader(buffer, metadata); break; case MessageType::Reply: case MessageType::Exception: writeResponseHeader(buffer, metadata); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } BinaryProtocolImpl::writeMessageBegin(buffer, metadata); } void TwitterProtocolImpl::updateMetadataWithRequestHeader(const ThriftObject& header_object, MessageMetadata& metadata) { RequestHeader req_header(header_object); Http::HeaderMap& headers = metadata.headers(); metadata.setTraceId(req_header.traceId()); metadata.setSpanId(req_header.spanId()); if (req_header.parentSpanId()) { metadata.setParentSpanId(*req_header.parentSpanId()); } if (req_header.sampled()) { metadata.setSampled(*req_header.sampled()); } if (req_header.clientId()) { headers.addReferenceKey(Headers::get().ClientId, req_header.clientId()->name_); } if (req_header.flags()) { metadata.setFlags(*req_header.flags()); } for (const auto& context : *req_header.contexts()) { // LowerCaseString doesn't allow '\0', '\n', and '\r'. const std::string key = absl::StrReplaceAll(context.key_, {{std::string(1, '\0'), ""}, {"\n", ""}, {"\r", ""}}); headers.addCopy(Http::LowerCaseString{key}, context.value_); } if (req_header.dest()) { headers.addReferenceKey(Headers::get().Dest, *req_header.dest()); } // TODO(zuercher): Delegations are stored as headers for now. Consider passing them as simple // objects for (const auto& delegation : *req_header.delegations()) { // LowerCaseString doesn't allow '\0', '\n', and '\r'. const std::string src = absl::StrReplaceAll(delegation.src_, {{std::string(1, '\0'), ""}, {"\n", ""}, {"\r", ""}}); const std::string key = fmt::format(":d:{}", src); headers.addCopy(Http::LowerCaseString{key}, delegation.dst_); } if (req_header.traceIdHigh()) { metadata.setTraceIdHigh(*req_header.traceIdHigh()); } } void TwitterProtocolImpl::writeRequestHeader(Buffer::Instance& buffer, const MessageMetadata& metadata) { RequestHeader req_header(metadata); req_header.write(buffer); } void TwitterProtocolImpl::updateMetadataWithResponseHeader(const ThriftObject& header_object, MessageMetadata& metadata) { ResponseHeader resp_header(header_object); Http::HeaderMap& headers = metadata.headers(); for (const auto& context : resp_header.contexts()) { // LowerCaseString doesn't allow '\0', '\n', and '\r'. const std::string key = absl::StrReplaceAll(context.key_, {{std::string(1, '\0'), ""}, {"\n", ""}, {"\r", ""}}); headers.addCopy(Http::LowerCaseString(key), context.value_); } SpanList& spans = resp_header.spans(); std::copy(spans.begin(), spans.end(), std::back_inserter(metadata.mutableSpans())); } void TwitterProtocolImpl::writeResponseHeader(Buffer::Instance& buffer, const MessageMetadata& metadata) { ResponseHeader resp_header(metadata); resp_header.write(buffer); } ThriftObjectPtr TwitterProtocolImpl::newHeader() { return std::make_unique(headerObjectTransport(), headerObjectProtocol()); } DecoderEventHandlerSharedPtr TwitterProtocolImpl::upgradeRequestDecoder() { return std::make_shared(); } DirectResponsePtr TwitterProtocolImpl::upgradeResponse(const DecoderEventHandler& decoder) { ASSERT(dynamic_cast(&decoder) != nullptr); upgraded_ = true; return std::make_unique(); }; ThriftObjectPtr TwitterProtocolImpl::attemptUpgrade(Transport& transport, ThriftConnectionState& state, Buffer::Instance& buffer) { // Check if we've already attempted to upgrade this connection. if (state.upgradeAttempted()) { upgraded_ = state.isUpgraded(); return nullptr; } // Write upgrade request to buffer and return an object that can decode the response. MessageMetadata metadata; metadata.setMethodName(upgradeMethodName()); metadata.setSequenceId(0); metadata.setMessageType(MessageType::Call); Buffer::OwnedImpl message; BinaryProtocolImpl::writeMessageBegin(message, metadata); writeStructBegin(message, StructNames::get().connectionOptionsStruct); writeFieldBegin(message, emptyString(), FieldType::Stop, 0); writeStructEnd(message); writeMessageEnd(message); transport.encodeFrame(buffer, metadata, message); return std::make_unique(transport); } void TwitterProtocolImpl::completeUpgrade(ThriftConnectionState& state, ThriftObject& response) { UpgradeReply& upgrade_reply = dynamic_cast(response); if (upgrade_reply.fields().empty()) { state.markUpgraded(); upgraded_ = true; } else { state.markUpgradeFailed(); upgraded_ = false; } } bool TwitterProtocolImpl::isUpgradePrefix(Buffer::Instance& buffer) { // 12 bytes is the minimum length for the start of a binary protocol message. ASSERT(buffer.length() >= 12); // Must appear to be binary protocol. if (!isMagic(buffer.peekBEInt())) { return false; } // Must have correct length message name length. if (buffer.peekBEInt(4) != upgradeMethodName().length()) { return false; } // Given the fixed 8 bytes of message begin before the name, calculate how many bytes of message // name are available in the buffer. uint32_t available_len = static_cast( std::min(static_cast(upgradeMethodName().length()), buffer.length() - 8)); ASSERT(available_len <= upgradeMethodName().length()); ASSERT(buffer.length() >= available_len + 8); // Extract as much of the name as is available. absl::string_view available_name( static_cast(buffer.linearize(available_len + 8)) + 8, available_len); absl::string_view full_name(upgradeMethodName()); return full_name.compare(0, available_len, available_name) == 0; } class TwitterProtocolConfigFactory : public ProtocolFactoryBase { public: TwitterProtocolConfigFactory() : ProtocolFactoryBase(ProtocolNames::get().TWITTER) {} }; /** * Static registration for the Twitter protocol. @see RegisterFactory. */ REGISTER_FACTORY(TwitterProtocolConfigFactory, NamedProtocolConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" #include "common/common/macros.h" #include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * TwitterProtocolImpl implements the Twitter-upgraded (AKA "TTwitter") Thrift protocol. * See https://twitter.github.io/finagle/docs/com/twitter/finagle/Thrift$ and * https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/thrift/tracing.thrift */ class TwitterProtocolImpl : public BinaryProtocolImpl { public: // Protocol const std::string& name() const override { return ProtocolNames::get().TWITTER; } ProtocolType type() const override { return ProtocolType::Twitter; } bool readMessageBegin(Buffer::Instance& buffer, MessageMetadata& metadata) override; void writeMessageBegin(Buffer::Instance& buffer, const MessageMetadata& metadata) override; bool supportsUpgrade() override { return true; } DecoderEventHandlerSharedPtr upgradeRequestDecoder() override; DirectResponsePtr upgradeResponse(const DecoderEventHandler& decoder) override; ThriftObjectPtr attemptUpgrade(Transport& transport, ThriftConnectionState& state, Buffer::Instance& buffer) override; void completeUpgrade(ThriftConnectionState& state, ThriftObject& response) override; /** * @return true if the protocol upgrade was success, false if not, no value if the result is not * yet known */ absl::optional upgraded() { return upgraded_; } /** * @return std::string containing the "improbably-named method" used for Twitter protocol upgrade. */ static const std::string& upgradeMethodName() { // https://github.com/twitter/finagle/blob/master/finagle-thrift/src/main/scala/com/twitter/finagle/thrift/ThriftTracing.scala CONSTRUCT_ON_FIRST_USE(std::string, "__can__finagle__trace__v3__"); } /** * @return true if the buffer (minimum 12 bytes) appears to start with a Twitter protocol * upgrade message, false otherwise */ static bool isUpgradePrefix(Buffer::Instance& buffer); protected: static void updateMetadataWithRequestHeader(const ThriftObject& header_object, MessageMetadata& metadata); static void updateMetadataWithResponseHeader(const ThriftObject& header_object, MessageMetadata& metadata); static void writeRequestHeader(Buffer::Instance& buffer, const MessageMetadata& metadata); static void writeResponseHeader(Buffer::Instance& buffer, const MessageMetadata& metadata); static ThriftObjectPtr newHeader(); private: ThriftObjectPtr header_; bool header_complete_{false}; absl::optional upgraded_; }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/unframed_transport_impl.cc ================================================ #include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { class UnframedTransportConfigFactory : public TransportFactoryBase { public: UnframedTransportConfigFactory() : TransportFactoryBase(TransportNames::get().UNFRAMED) {} }; /** * Static registration for the unframed transport. @see RegisterFactory. */ REGISTER_FACTORY(UnframedTransportConfigFactory, NamedTransportConfigFactory); } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ThriftProxy { /** * UnframedTransportImpl implements the Thrift Unframed transport. * See https://github.com/apache/thrift/blob/master/doc/specs/thrift-rpc.md */ class UnframedTransportImpl : public Transport { public: UnframedTransportImpl() = default; // Transport const std::string& name() const override { return TransportNames::get().UNFRAMED; } TransportType type() const override { return TransportType::Unframed; } bool decodeFrameStart(Buffer::Instance& buffer, MessageMetadata& metadata) override { UNREFERENCED_PARAMETER(metadata); // Don't start a frame if there's no data at all. return buffer.length() > 0; } bool decodeFrameEnd(Buffer::Instance&) override { return true; } void encodeFrame(Buffer::Instance& buffer, const MessageMetadata& metadata, Buffer::Instance& message) override { UNREFERENCED_PARAMETER(metadata); buffer.move(message); } }; } // namespace ThriftProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # Public docs: docs/root/configuration/network_filters/wasm_filter.rst envoy_cc_library( name = "wasm_filter_lib", srcs = ["wasm_filter.cc"], hdrs = ["wasm_filter.h"], deps = [ "//include/envoy/server:filter_config_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/wasm/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "unknown", status = "alpha", deps = [ ":wasm_filter_lib", "//include/envoy/registry", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/wasm/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/wasm/config.cc ================================================ #include "extensions/filters/network/wasm/config.h" #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "extensions/common/wasm/wasm.h" #include "extensions/filters/network/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Wasm { Network::FilterFactoryCb WasmFilterConfig::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::wasm::v3::Wasm& proto_config, Server::Configuration::FactoryContext& context) { auto filter_config = std::make_shared(proto_config, context); return [filter_config](Network::FilterManager& filter_manager) -> void { auto filter = filter_config->createFilter(); if (filter) { filter_manager.addFilter(filter); } // else fail open }; } /** * Static registration for the Wasm filter. @see RegisterFactory. */ REGISTER_FACTORY(WasmFilterConfig, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace Wasm } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/wasm/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.h" #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Wasm { /** * Config registration for the Wasm filter. @see NamedNetworkFilterConfigFactory. */ class WasmFilterConfig : public Common::FactoryBase { public: WasmFilterConfig() : FactoryBase(NetworkFilterNames::get().Wasm) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::wasm::v3::Wasm& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace Wasm } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/wasm/wasm_filter.cc ================================================ #include "extensions/filters/network/wasm/wasm_filter.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Wasm { FilterConfig::FilterConfig(const envoy::extensions::filters::network::wasm::v3::Wasm& config, Server::Configuration::FactoryContext& context) : tls_slot_(context.threadLocal().allocateSlot()) { plugin_ = std::make_shared( config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), config.config().vm_config().runtime(), Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), context.direction(), context.localInfo(), &context.listenerMetadata()); auto plugin = plugin_; auto callback = [plugin, this](Common::Wasm::WasmHandleSharedPtr base_wasm) { // NB: the Slot set() call doesn't complete inline, so all arguments must outlive this call. tls_slot_->set( [base_wasm, plugin](Event::Dispatcher& dispatcher) -> std::shared_ptr { if (!base_wasm) { return nullptr; } return std::static_pointer_cast( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, dispatcher)); }); }; if (!Common::Wasm::createWasm( config.config().vm_config(), plugin_, context.scope().createScope(""), context.clusterManager(), context.initManager(), context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm network filter {}", plugin->name_)); } } } // namespace Wasm } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/wasm/wasm_filter.h ================================================ #pragma once #include #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "envoy/network/filter.h" #include "envoy/server/filter_config.h" #include "envoy/upstream/cluster_manager.h" #include "extensions/common/wasm/wasm.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace Wasm { using Envoy::Extensions::Common::Wasm::Context; using Envoy::Extensions::Common::Wasm::Wasm; using Envoy::Extensions::Common::Wasm::WasmHandle; class FilterConfig : Logger::Loggable { public: FilterConfig(const envoy::extensions::filters::network::wasm::v3::Wasm& proto_config, Server::Configuration::FactoryContext& context); std::shared_ptr createFilter() { Wasm* wasm = nullptr; if (tls_slot_->get()) { wasm = tls_slot_->getTyped().wasm().get(); } if (plugin_->fail_open_ && (!wasm || wasm->isFailed())) { return nullptr; } if (wasm && !root_context_id_) { root_context_id_ = wasm->getRootContext(plugin_->root_id_)->id(); } return std::make_shared(wasm, root_context_id_, plugin_); } Envoy::Extensions::Common::Wasm::Wasm* wasm() { return tls_slot_->getTyped().wasm().get(); } private: uint32_t root_context_id_{0}; Envoy::Extensions::Common::Wasm::PluginSharedPtr plugin_; ThreadLocal::SlotPtr tls_slot_; Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; typedef std::shared_ptr FilterConfigSharedPtr; } // namespace Wasm } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/well_known_names.h ================================================ #pragma once #include "common/config/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { /** * Well-known network filter names. * NOTE: New filters should use the well known name: envoy.filters.network.name. */ class NetworkFilterNameValues { public: // Client ssl auth filter const std::string ClientSslAuth = "envoy.filters.network.client_ssl_auth"; // Echo filter const std::string Echo = "envoy.filters.network.echo"; // Direct response filter const std::string DirectResponse = "envoy.filters.network.direct_response"; // RocketMQ proxy filter const std::string RocketmqProxy = "envoy.filters.network.rocketmq_proxy"; // Dubbo proxy filter const std::string DubboProxy = "envoy.filters.network.dubbo_proxy"; // HTTP connection manager filter const std::string HttpConnectionManager = "envoy.filters.network.http_connection_manager"; // Local rate limit filter const std::string LocalRateLimit = "envoy.filters.network.local_ratelimit"; // Mongo proxy filter const std::string MongoProxy = "envoy.filters.network.mongo_proxy"; // MySQL proxy filter const std::string MySQLProxy = "envoy.filters.network.mysql_proxy"; // Postgres proxy filter const std::string PostgresProxy = "envoy.filters.network.postgres_proxy"; // Rate limit filter const std::string RateLimit = "envoy.filters.network.ratelimit"; // Redis proxy filter const std::string RedisProxy = "envoy.filters.network.redis_proxy"; // TCP proxy filter const std::string TcpProxy = "envoy.filters.network.tcp_proxy"; // Authorization filter const std::string ExtAuthorization = "envoy.filters.network.ext_authz"; // Kafka Broker filter const std::string KafkaBroker = "envoy.filters.network.kafka_broker"; // Thrift proxy filter const std::string ThriftProxy = "envoy.filters.network.thrift_proxy"; // Role based access control filter const std::string Rbac = "envoy.filters.network.rbac"; // SNI Cluster filter const std::string SniCluster = "envoy.filters.network.sni_cluster"; // SNI Dynamic forward proxy filter const std::string SniDynamicForwardProxy = "envoy.filters.network.sni_dynamic_forward_proxy"; // ZooKeeper proxy filter const std::string ZooKeeperProxy = "envoy.filters.network.zookeeper_proxy"; // WebAssembly filter const std::string Wasm = "envoy.filters.network.wasm"; }; using NetworkFilterNames = ConstSingleton; } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # ZooKeeper proxy L7 network filter. # Public docs: docs/root/configuration/network_filters/zookeeper_proxy_filter.rst envoy_extension_package() envoy_cc_library( name = "proxy_lib", srcs = [ "decoder.cc", "filter.cc", "utils.cc", ], hdrs = [ "decoder.h", "filter.h", "utils.h", ], deps = [ "//include/envoy/network:filter_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/network:filter_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":proxy_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/config.cc ================================================ #include "extensions/filters/network/zookeeper_proxy/config.h" #include #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.h" #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/common/logger.h" #include "extensions/filters/network/zookeeper_proxy/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { /** * Config registration for the ZooKeeper proxy filter. @see NamedNetworkFilterConfigFactory. */ Network::FilterFactoryCb ZooKeeperConfigFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::zookeeper_proxy::v3::ZooKeeperProxy& proto_config, Server::Configuration::FactoryContext& context) { ASSERT(!proto_config.stat_prefix().empty()); const std::string stat_prefix = fmt::format("{}.zookeeper", proto_config.stat_prefix()); const uint32_t max_packet_bytes = PROTOBUF_GET_WRAPPED_OR_DEFAULT(proto_config, max_packet_bytes, 1024 * 1024); ZooKeeperFilterConfigSharedPtr filter_config( std::make_shared(stat_prefix, max_packet_bytes, context.scope())); auto& time_source = context.dispatcher().timeSource(); return [filter_config, &time_source](Network::FilterManager& filter_manager) -> void { filter_manager.addFilter(std::make_shared(filter_config, time_source)); }; } /** * Static registration for the ZooKeeper proxy filter. @see RegisterFactory. */ REGISTER_FACTORY(ZooKeeperConfigFactory, Server::Configuration::NamedNetworkFilterConfigFactory); } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.h" #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.validate.h" #include "extensions/filters/network/common/factory_base.h" #include "extensions/filters/network/well_known_names.h" #include "extensions/filters/network/zookeeper_proxy/filter.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { /** * Config registration for the ZooKeeper proxy filter. */ class ZooKeeperConfigFactory : public Common::FactoryBase< envoy::extensions::filters::network::zookeeper_proxy::v3::ZooKeeperProxy> { public: ZooKeeperConfigFactory() : FactoryBase(NetworkFilterNames::get().ZooKeeperProxy) {} private: Network::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::network::zookeeper_proxy::v3::ZooKeeperProxy& proto_config, Server::Configuration::FactoryContext& context) override; }; } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/decoder.cc ================================================ #include "extensions/filters/network/zookeeper_proxy/decoder.h" #include #include "common/common/enum_to_int.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { constexpr uint32_t BOOL_LENGTH = 1; constexpr uint32_t INT_LENGTH = 4; constexpr uint32_t LONG_LENGTH = 8; constexpr uint32_t XID_LENGTH = 4; constexpr uint32_t OPCODE_LENGTH = 4; constexpr uint32_t ZXID_LENGTH = 8; constexpr uint32_t TIMEOUT_LENGTH = 4; constexpr uint32_t SESSION_LENGTH = 8; constexpr uint32_t MULTI_HEADER_LENGTH = 9; constexpr uint32_t PROTOCOL_VERSION_LENGTH = 4; constexpr uint32_t SERVER_HEADER_LENGTH = 16; const char* createFlagsToString(CreateFlags flags) { switch (flags) { case CreateFlags::Persistent: return "persistent"; case CreateFlags::PersistentSequential: return "persistent_sequential"; case CreateFlags::Ephemeral: return "ephemeral"; case CreateFlags::EphemeralSequential: return "ephemeral_sequential"; case CreateFlags::Container: return "container"; case CreateFlags::PersistentWithTtl: return "persistent_with_ttl"; case CreateFlags::PersistentSequentialWithTtl: return "persistent_sequential_with_ttl"; } return "unknown"; } void DecoderImpl::decodeOnData(Buffer::Instance& data, uint64_t& offset) { ENVOY_LOG(trace, "zookeeper_proxy: decoding request with {} bytes at offset {}", data.length(), offset); // Check message length. const int32_t len = helper_.peekInt32(data, offset); ensureMinLength(len, INT_LENGTH + XID_LENGTH); ensureMaxLength(len); auto start_time = time_source_.monotonicTime(); // Control requests, with XIDs <= 0. // // These are meant to control the state of a session: // connect, keep-alive, authenticate and set initial watches. // // Note: setWatches is a command historically used to set watches // right after connecting, typically used when roaming from one // ZooKeeper server to the next. Thus, the special xid. // However, some client implementations might expose setWatches // as a regular data request, so we support that as well. const int32_t xid = helper_.peekInt32(data, offset); switch (static_cast(xid)) { case XidCodes::ConnectXid: parseConnect(data, offset, len); requests_by_xid_[xid] = {OpCodes::Connect, std::move(start_time)}; return; case XidCodes::PingXid: offset += OPCODE_LENGTH; callbacks_.onPing(); requests_by_xid_[xid] = {OpCodes::Ping, std::move(start_time)}; return; case XidCodes::AuthXid: parseAuthRequest(data, offset, len); requests_by_xid_[xid] = {OpCodes::SetAuth, std::move(start_time)}; return; case XidCodes::SetWatchesXid: offset += OPCODE_LENGTH; parseSetWatchesRequest(data, offset, len); requests_by_xid_[xid] = {OpCodes::SetWatches, std::move(start_time)}; return; default: // WATCH_XID is generated by the server, so that and everything // else can be ignored here. break; } // Data requests, with XIDs > 0. // // These are meant to happen after a successful control request, except // for two cases: auth requests can happen at any time and ping requests // must happen every 1/3 of the negotiated session timeout, to keep // the session alive. const auto opcode = static_cast(helper_.peekInt32(data, offset)); switch (opcode) { case OpCodes::GetData: parseGetDataRequest(data, offset, len); break; case OpCodes::Create: case OpCodes::Create2: case OpCodes::CreateContainer: case OpCodes::CreateTtl: parseCreateRequest(data, offset, len, static_cast(opcode)); break; case OpCodes::SetData: parseSetRequest(data, offset, len); break; case OpCodes::GetChildren: parseGetChildrenRequest(data, offset, len, false); break; case OpCodes::GetChildren2: parseGetChildrenRequest(data, offset, len, true); break; case OpCodes::Delete: parseDeleteRequest(data, offset, len); break; case OpCodes::Exists: parseExistsRequest(data, offset, len); break; case OpCodes::GetAcl: parseGetAclRequest(data, offset, len); break; case OpCodes::SetAcl: parseSetAclRequest(data, offset, len); break; case OpCodes::Sync: callbacks_.onSyncRequest(pathOnlyRequest(data, offset, len)); break; case OpCodes::Check: parseCheckRequest(data, offset, len); break; case OpCodes::Multi: parseMultiRequest(data, offset, len); break; case OpCodes::Reconfig: parseReconfigRequest(data, offset, len); break; case OpCodes::SetWatches: parseSetWatchesRequest(data, offset, len); break; case OpCodes::CheckWatches: parseXWatchesRequest(data, offset, len, OpCodes::CheckWatches); break; case OpCodes::RemoveWatches: parseXWatchesRequest(data, offset, len, OpCodes::RemoveWatches); break; case OpCodes::GetEphemerals: callbacks_.onGetEphemeralsRequest(pathOnlyRequest(data, offset, len)); break; case OpCodes::GetAllChildrenNumber: callbacks_.onGetAllChildrenNumberRequest(pathOnlyRequest(data, offset, len)); break; case OpCodes::Close: callbacks_.onCloseRequest(); break; default: throw EnvoyException(fmt::format("Unknown opcode: {}", enumToSignedInt(opcode))); } requests_by_xid_[xid] = {opcode, std::move(start_time)}; } void DecoderImpl::decodeOnWrite(Buffer::Instance& data, uint64_t& offset) { ENVOY_LOG(trace, "zookeeper_proxy: decoding response with {} bytes at offset {}", data.length(), offset); // Check message length. const int32_t len = helper_.peekInt32(data, offset); ensureMinLength(len, INT_LENGTH + XID_LENGTH); ensureMaxLength(len); const auto xid = helper_.peekInt32(data, offset); const auto xid_code = static_cast(xid); std::chrono::milliseconds latency; OpCodes opcode; if (xid_code != XidCodes::WatchXid) { // Find the corresponding request for this XID. const auto it = requests_by_xid_.find(xid); // If this fails, it's either a server-side bug or a malformed packet. if (it == requests_by_xid_.end()) { throw EnvoyException("xid not found"); } latency = std::chrono::duration_cast(time_source_.monotonicTime() - it->second.start_time); opcode = it->second.opcode; requests_by_xid_.erase(it); } // Connect responses are special, they have no full reply header // but just an XID with no zxid nor error fields like the ones // available for all other server generated messages. if (xid_code == XidCodes::ConnectXid) { parseConnectResponse(data, offset, len, latency); return; } // Control responses that aren't connect, with XIDs <= 0. const auto zxid = helper_.peekInt64(data, offset); const auto error = helper_.peekInt32(data, offset); switch (xid_code) { case XidCodes::PingXid: callbacks_.onResponse(OpCodes::Ping, xid, zxid, error, latency); return; case XidCodes::AuthXid: callbacks_.onResponse(OpCodes::SetAuth, xid, zxid, error, latency); return; case XidCodes::SetWatchesXid: callbacks_.onResponse(OpCodes::SetWatches, xid, zxid, error, latency); return; case XidCodes::WatchXid: parseWatchEvent(data, offset, len, zxid, error); return; default: break; } callbacks_.onResponse(opcode, xid, zxid, error, latency); offset += (len - (XID_LENGTH + ZXID_LENGTH + INT_LENGTH)); } void DecoderImpl::ensureMinLength(const int32_t len, const int32_t minlen) const { if (len < minlen) { throw EnvoyException("Packet is too small"); } } void DecoderImpl::ensureMaxLength(const int32_t len) const { if (static_cast(len) > max_packet_bytes_) { throw EnvoyException("Packet is too big"); } } void DecoderImpl::parseConnect(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + ZXID_LENGTH + TIMEOUT_LENGTH + SESSION_LENGTH + INT_LENGTH); // Skip zxid, timeout, and session id. offset += ZXID_LENGTH + TIMEOUT_LENGTH + SESSION_LENGTH; // Skip password. skipString(data, offset); const bool readonly = maybeReadBool(data, offset); callbacks_.onConnect(readonly); } void DecoderImpl::parseAuthRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH + INT_LENGTH + INT_LENGTH); // Skip opcode + type. offset += OPCODE_LENGTH + INT_LENGTH; const std::string scheme = helper_.peekString(data, offset); // Skip credential. skipString(data, offset); callbacks_.onAuthRequest(scheme); } void DecoderImpl::parseGetDataRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH + BOOL_LENGTH); const std::string path = helper_.peekString(data, offset); const bool watch = helper_.peekBool(data, offset); callbacks_.onGetDataRequest(path, watch); } void DecoderImpl::skipAcls(Buffer::Instance& data, uint64_t& offset) { const int32_t count = helper_.peekInt32(data, offset); for (int i = 0; i < count; ++i) { // Perms. helper_.peekInt32(data, offset); // Skip scheme. skipString(data, offset); // Skip cred. skipString(data, offset); } } void DecoderImpl::parseCreateRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, OpCodes opcode) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (3 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); // Skip data. skipString(data, offset); skipAcls(data, offset); const CreateFlags flags = static_cast(helper_.peekInt32(data, offset)); callbacks_.onCreateRequest(path, flags, opcode); } void DecoderImpl::parseSetRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (3 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); // Skip data. skipString(data, offset); // Ignore version. helper_.peekInt32(data, offset); callbacks_.onSetRequest(path); } void DecoderImpl::parseGetChildrenRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, const bool two) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH + BOOL_LENGTH); const std::string path = helper_.peekString(data, offset); const bool watch = helper_.peekBool(data, offset); callbacks_.onGetChildrenRequest(path, watch, two); } void DecoderImpl::parseDeleteRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (2 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); const int32_t version = helper_.peekInt32(data, offset); callbacks_.onDeleteRequest(path, version); } void DecoderImpl::parseExistsRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH + BOOL_LENGTH); const std::string path = helper_.peekString(data, offset); const bool watch = helper_.peekBool(data, offset); callbacks_.onExistsRequest(path, watch); } void DecoderImpl::parseGetAclRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH); const std::string path = helper_.peekString(data, offset); callbacks_.onGetAclRequest(path); } void DecoderImpl::parseSetAclRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (2 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); skipAcls(data, offset); const int32_t version = helper_.peekInt32(data, offset); callbacks_.onSetAclRequest(path, version); } std::string DecoderImpl::pathOnlyRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + INT_LENGTH); return helper_.peekString(data, offset); } void DecoderImpl::parseCheckRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, (2 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); const int32_t version = helper_.peekInt32(data, offset); callbacks_.onCheckRequest(path, version); } void DecoderImpl::parseMultiRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { // Treat empty transactions as a decoding error, there should be at least 1 header. ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + MULTI_HEADER_LENGTH); while (true) { const int32_t opcode = helper_.peekInt32(data, offset); const bool done = helper_.peekBool(data, offset); // Ignore error field. helper_.peekInt32(data, offset); if (done) { break; } switch (static_cast(opcode)) { case OpCodes::Create: parseCreateRequest(data, offset, len, OpCodes::Create); break; case OpCodes::SetData: parseSetRequest(data, offset, len); break; case OpCodes::Check: parseCheckRequest(data, offset, len); break; default: throw EnvoyException(fmt::format("Unknown opcode within a transaction: {}", opcode)); } } callbacks_.onMultiRequest(); } void DecoderImpl::parseReconfigRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (3 * INT_LENGTH) + LONG_LENGTH); // Skip joining. skipString(data, offset); // Skip leaving. skipString(data, offset); // Skip new members. skipString(data, offset); // Read config id. helper_.peekInt64(data, offset); callbacks_.onReconfigRequest(); } void DecoderImpl::parseSetWatchesRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (3 * INT_LENGTH)); // Data watches. skipStrings(data, offset); // Exist watches. skipStrings(data, offset); // Child watches. skipStrings(data, offset); callbacks_.onSetWatchesRequest(); } void DecoderImpl::parseXWatchesRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, OpCodes opcode) { ensureMinLength(len, XID_LENGTH + OPCODE_LENGTH + (2 * INT_LENGTH)); const std::string path = helper_.peekString(data, offset); const int32_t type = helper_.peekInt32(data, offset); if (opcode == OpCodes::CheckWatches) { callbacks_.onCheckWatchesRequest(path, type); } else { callbacks_.onRemoveWatchesRequest(path, type); } } void DecoderImpl::skipString(Buffer::Instance& data, uint64_t& offset) { const int32_t slen = helper_.peekInt32(data, offset); helper_.skip(slen, offset); } void DecoderImpl::skipStrings(Buffer::Instance& data, uint64_t& offset) { const int32_t count = helper_.peekInt32(data, offset); for (int i = 0; i < count; ++i) { skipString(data, offset); } } void DecoderImpl::onData(Buffer::Instance& data) { decode(data, DecodeType::READ); } void DecoderImpl::onWrite(Buffer::Instance& data) { decode(data, DecodeType::WRITE); } void DecoderImpl::decode(Buffer::Instance& data, DecodeType dtype) { uint64_t offset = 0; try { while (offset < data.length()) { // Reset the helper's cursor, to ensure the current message stays within the // allowed max length, even when it's different than the declared length // by the message. // // Note: we need to keep two cursors — offset and helper_'s internal one — because // a buffer may contain multiple messages, so offset is global while helper_'s // internal cursor gets reset for each individual message. helper_.reset(); const uint64_t current = offset; switch (dtype) { case DecodeType::READ: decodeOnData(data, offset); callbacks_.onRequestBytes(offset - current); break; case DecodeType::WRITE: decodeOnWrite(data, offset); callbacks_.onResponseBytes(offset - current); break; } } } catch (const EnvoyException& e) { ENVOY_LOG(debug, "zookeeper_proxy: decoding exception {}", e.what()); callbacks_.onDecodeError(); } } void DecoderImpl::parseConnectResponse(Buffer::Instance& data, uint64_t& offset, uint32_t len, const std::chrono::milliseconds& latency) { ensureMinLength(len, PROTOCOL_VERSION_LENGTH + TIMEOUT_LENGTH + SESSION_LENGTH + INT_LENGTH); const auto timeout = helper_.peekInt32(data, offset); // Skip session id + password. offset += SESSION_LENGTH; skipString(data, offset); const bool readonly = maybeReadBool(data, offset); callbacks_.onConnectResponse(0, timeout, readonly, latency); } void DecoderImpl::parseWatchEvent(Buffer::Instance& data, uint64_t& offset, const uint32_t len, const int64_t zxid, const int32_t error) { ensureMinLength(len, SERVER_HEADER_LENGTH + (3 * INT_LENGTH)); const auto event_type = helper_.peekInt32(data, offset); const auto client_state = helper_.peekInt32(data, offset); const auto path = helper_.peekString(data, offset); callbacks_.onWatchEvent(event_type, client_state, path, zxid, error); } bool DecoderImpl::maybeReadBool(Buffer::Instance& data, uint64_t& offset) { if (data.length() >= offset + 1) { return helper_.peekBool(data, offset); } return false; } } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/decoder.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/filters/network/zookeeper_proxy/utils.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { enum class XidCodes { ConnectXid = 0, WatchXid = -1, PingXid = -2, AuthXid = -4, SetWatchesXid = -8 }; enum class OpCodes { Connect = 0, Create = 1, Delete = 2, Exists = 3, GetData = 4, SetData = 5, GetAcl = 6, SetAcl = 7, GetChildren = 8, Sync = 9, Ping = 11, GetChildren2 = 12, Check = 13, Multi = 14, Create2 = 15, Reconfig = 16, CheckWatches = 17, RemoveWatches = 18, CreateContainer = 19, CreateTtl = 21, Close = -11, SetAuth = 100, SetWatches = 101, GetEphemerals = 103, GetAllChildrenNumber = 104 }; enum class WatcherType { Children = 1, Data = 2, Any = 3 }; enum class CreateFlags { Persistent, PersistentSequential, Ephemeral, EphemeralSequential, Container, PersistentWithTtl, PersistentSequentialWithTtl }; const char* createFlagsToString(CreateFlags flags); /** * General callbacks for dispatching decoded ZooKeeper messages to a sink. */ class DecoderCallbacks { public: virtual ~DecoderCallbacks() = default; virtual void onDecodeError() PURE; virtual void onRequestBytes(uint64_t bytes) PURE; virtual void onConnect(bool readonly) PURE; virtual void onPing() PURE; virtual void onAuthRequest(const std::string& scheme) PURE; virtual void onGetDataRequest(const std::string& path, bool watch) PURE; virtual void onCreateRequest(const std::string& path, CreateFlags flags, OpCodes opcode) PURE; virtual void onSetRequest(const std::string& path) PURE; virtual void onGetChildrenRequest(const std::string& path, bool watch, bool v2) PURE; virtual void onGetEphemeralsRequest(const std::string& path) PURE; virtual void onGetAllChildrenNumberRequest(const std::string& path) PURE; virtual void onDeleteRequest(const std::string& path, int32_t version) PURE; virtual void onExistsRequest(const std::string& path, bool watch) PURE; virtual void onGetAclRequest(const std::string& path) PURE; virtual void onSetAclRequest(const std::string& path, int32_t version) PURE; virtual void onSyncRequest(const std::string& path) PURE; virtual void onCheckRequest(const std::string& path, int32_t version) PURE; virtual void onMultiRequest() PURE; virtual void onReconfigRequest() PURE; virtual void onSetWatchesRequest() PURE; virtual void onCheckWatchesRequest(const std::string& path, int32_t type) PURE; virtual void onRemoveWatchesRequest(const std::string& path, int32_t type) PURE; virtual void onCloseRequest() PURE; virtual void onResponseBytes(uint64_t bytes) PURE; virtual void onConnectResponse(int32_t proto_version, int32_t timeout, bool readonly, const std::chrono::milliseconds& latency) PURE; virtual void onResponse(OpCodes opcode, int32_t xid, int64_t zxid, int32_t error, const std::chrono::milliseconds& latency) PURE; virtual void onWatchEvent(int32_t event_type, int32_t client_state, const std::string& path, int64_t zxid, int32_t error) PURE; }; /** * ZooKeeper message decoder. */ class Decoder { public: virtual ~Decoder() = default; virtual void onData(Buffer::Instance& data) PURE; virtual void onWrite(Buffer::Instance& data) PURE; }; using DecoderPtr = std::unique_ptr; class DecoderImpl : public Decoder, Logger::Loggable { public: explicit DecoderImpl(DecoderCallbacks& callbacks, uint32_t max_packet_bytes, TimeSource& time_source) : callbacks_(callbacks), max_packet_bytes_(max_packet_bytes), helper_(max_packet_bytes), time_source_(time_source) {} // ZooKeeperProxy::Decoder void onData(Buffer::Instance& data) override; void onWrite(Buffer::Instance& data) override; private: enum class DecodeType { READ, WRITE }; struct RequestBegin { OpCodes opcode; MonotonicTime start_time; }; void decode(Buffer::Instance& data, DecodeType dtype); void decodeOnData(Buffer::Instance& data, uint64_t& offset); void decodeOnWrite(Buffer::Instance& data, uint64_t& offset); void parseConnect(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseAuthRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseGetDataRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseCreateRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, OpCodes opcode); void skipAcls(Buffer::Instance& data, uint64_t& offset); void parseSetRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseGetChildrenRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, bool two); void parseDeleteRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseExistsRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseGetAclRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseSetAclRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseCheckRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseMultiRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseReconfigRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseSetWatchesRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseXWatchesRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len, OpCodes opcode); void skipString(Buffer::Instance& data, uint64_t& offset); void skipStrings(Buffer::Instance& data, uint64_t& offset); void ensureMinLength(int32_t len, int32_t minlen) const; void ensureMaxLength(int32_t len) const; std::string pathOnlyRequest(Buffer::Instance& data, uint64_t& offset, uint32_t len); void parseConnectResponse(Buffer::Instance& data, uint64_t& offset, uint32_t len, const std::chrono::milliseconds& latency); void parseWatchEvent(Buffer::Instance& data, uint64_t& offset, uint32_t len, int64_t zxid, int32_t error); bool maybeReadBool(Buffer::Instance& data, uint64_t& offset); DecoderCallbacks& callbacks_; const uint32_t max_packet_bytes_; BufferHelper helper_; TimeSource& time_source_; absl::node_hash_map requests_by_xid_; }; } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/filter.cc ================================================ #include "extensions/filters/network/zookeeper_proxy/filter.h" #include #include #include "envoy/config/core/v3/base.pb.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/stats/utility.h" #include "extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { ZooKeeperFilterConfig::ZooKeeperFilterConfig(const std::string& stat_prefix, const uint32_t max_packet_bytes, Stats::Scope& scope) : scope_(scope), max_packet_bytes_(max_packet_bytes), stats_(generateStats(stat_prefix, scope)), stat_name_set_(scope.symbolTable().makeSet("Zookeeper")), stat_prefix_(stat_name_set_->add(stat_prefix)), auth_(stat_name_set_->add("auth")), connect_latency_(stat_name_set_->add("connect_response_latency")), unknown_scheme_rq_(stat_name_set_->add("unknown_scheme_rq")), unknown_opcode_latency_(stat_name_set_->add("unknown_opcode_latency")) { // https://zookeeper.apache.org/doc/r3.5.4-beta/zookeeperProgrammers.html#sc_BuiltinACLSchemes // lists commons schemes: "world", "auth", "digest", "host", "x509", and // "ip". These are used in filter.cc by appending "_rq". stat_name_set_->rememberBuiltins( {"auth_rq", "digest_rq", "host_rq", "ip_rq", "ping_response_rq", "world_rq", "x509_rq"}); initOpCode(OpCodes::Ping, stats_.ping_resp_, "ping_response"); initOpCode(OpCodes::SetAuth, stats_.auth_resp_, "auth_response"); initOpCode(OpCodes::GetData, stats_.getdata_resp_, "getdata_resp"); initOpCode(OpCodes::Create, stats_.create_resp_, "create_resp"); initOpCode(OpCodes::Create2, stats_.create2_resp_, "create2_resp"); initOpCode(OpCodes::CreateContainer, stats_.createcontainer_resp_, "createcontainer_resp"); initOpCode(OpCodes::CreateTtl, stats_.createttl_resp_, "createttl_resp"); initOpCode(OpCodes::SetData, stats_.setdata_resp_, "setdata_resp"); initOpCode(OpCodes::GetChildren, stats_.getchildren_resp_, "getchildren_resp"); initOpCode(OpCodes::GetChildren2, stats_.getchildren2_resp_, "getchildren2_resp"); initOpCode(OpCodes::Delete, stats_.delete_resp_, "delete_resp"); initOpCode(OpCodes::Exists, stats_.exists_resp_, "exists_resp"); initOpCode(OpCodes::GetAcl, stats_.getacl_resp_, "getacl_resp"); initOpCode(OpCodes::SetAcl, stats_.setacl_resp_, "setacl_resp"); initOpCode(OpCodes::Sync, stats_.sync_resp_, "sync_resp"); initOpCode(OpCodes::Check, stats_.check_resp_, "check_resp"); initOpCode(OpCodes::Multi, stats_.multi_resp_, "multi_resp"); initOpCode(OpCodes::Reconfig, stats_.reconfig_resp_, "reconfig_resp"); initOpCode(OpCodes::SetWatches, stats_.setwatches_resp_, "setwatches_resp"); initOpCode(OpCodes::CheckWatches, stats_.checkwatches_resp_, "checkwatches_resp"); initOpCode(OpCodes::RemoveWatches, stats_.removewatches_resp_, "removewatches_resp"); initOpCode(OpCodes::GetEphemerals, stats_.getephemerals_resp_, "getephemerals_resp"); initOpCode(OpCodes::GetAllChildrenNumber, stats_.getallchildrennumber_resp_, "getallchildrennumber_resp"); initOpCode(OpCodes::Close, stats_.close_resp_, "close_resp"); } void ZooKeeperFilterConfig::initOpCode(OpCodes opcode, Stats::Counter& counter, absl::string_view name) { OpCodeInfo& opcode_info = op_code_map_[opcode]; opcode_info.counter_ = &counter; opcode_info.opname_ = std::string(name); opcode_info.latency_name_ = stat_name_set_->add(absl::StrCat(name, "_latency")); } ZooKeeperFilter::ZooKeeperFilter(ZooKeeperFilterConfigSharedPtr config, TimeSource& time_source) : config_(std::move(config)), decoder_(createDecoder(*this, time_source)) {} void ZooKeeperFilter::initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) { read_callbacks_ = &callbacks; } Network::FilterStatus ZooKeeperFilter::onData(Buffer::Instance& data, bool) { clearDynamicMetadata(); decoder_->onData(data); return Network::FilterStatus::Continue; } Network::FilterStatus ZooKeeperFilter::onWrite(Buffer::Instance& data, bool) { clearDynamicMetadata(); decoder_->onWrite(data); return Network::FilterStatus::Continue; } Network::FilterStatus ZooKeeperFilter::onNewConnection() { return Network::FilterStatus::Continue; } DecoderPtr ZooKeeperFilter::createDecoder(DecoderCallbacks& callbacks, TimeSource& time_source) { return std::make_unique(callbacks, config_->maxPacketBytes(), time_source); } void ZooKeeperFilter::setDynamicMetadata(const std::string& key, const std::string& value) { setDynamicMetadata({{key, value}}); } void ZooKeeperFilter::clearDynamicMetadata() { envoy::config::core::v3::Metadata& dynamic_metadata = read_callbacks_->connection().streamInfo().dynamicMetadata(); auto& metadata = (*dynamic_metadata.mutable_filter_metadata())[NetworkFilterNames::get().ZooKeeperProxy]; metadata.mutable_fields()->clear(); } void ZooKeeperFilter::setDynamicMetadata( const std::vector>& data) { envoy::config::core::v3::Metadata& dynamic_metadata = read_callbacks_->connection().streamInfo().dynamicMetadata(); ProtobufWkt::Struct metadata( (*dynamic_metadata.mutable_filter_metadata())[NetworkFilterNames::get().ZooKeeperProxy]); auto& fields = *metadata.mutable_fields(); for (const auto& pair : data) { auto val = ProtobufWkt::Value(); val.set_string_value(pair.second); fields.insert({pair.first, val}); } read_callbacks_->connection().streamInfo().setDynamicMetadata( NetworkFilterNames::get().ZooKeeperProxy, metadata); } void ZooKeeperFilter::onConnect(const bool readonly) { if (readonly) { config_->stats_.connect_readonly_rq_.inc(); setDynamicMetadata("opname", "connect_readonly"); } else { config_->stats_.connect_rq_.inc(); setDynamicMetadata("opname", "connect"); } } void ZooKeeperFilter::onDecodeError() { config_->stats_.decoder_error_.inc(); setDynamicMetadata("opname", "error"); } void ZooKeeperFilter::onRequestBytes(const uint64_t bytes) { config_->stats_.request_bytes_.add(bytes); setDynamicMetadata("bytes", std::to_string(bytes)); } void ZooKeeperFilter::onResponseBytes(const uint64_t bytes) { config_->stats_.response_bytes_.add(bytes); setDynamicMetadata("bytes", std::to_string(bytes)); } void ZooKeeperFilter::onPing() { config_->stats_.ping_rq_.inc(); setDynamicMetadata("opname", "ping"); } void ZooKeeperFilter::onAuthRequest(const std::string& scheme) { Stats::Counter& counter = Stats::Utility::counterFromStatNames( config_->scope_, {config_->stat_prefix_, config_->auth_, config_->stat_name_set_->getBuiltin(absl::StrCat(scheme, "_rq"), config_->unknown_scheme_rq_)}); counter.inc(); setDynamicMetadata("opname", "auth"); } void ZooKeeperFilter::onGetDataRequest(const std::string& path, const bool watch) { config_->stats_.getdata_rq_.inc(); setDynamicMetadata({{"opname", "getdata"}, {"path", path}, {"watch", watch ? "true" : "false"}}); } void ZooKeeperFilter::onCreateRequest(const std::string& path, const CreateFlags flags, const OpCodes opcode) { std::string opname; switch (opcode) { case OpCodes::Create: opname = "create"; config_->stats_.create_rq_.inc(); break; case OpCodes::Create2: opname = "create2"; config_->stats_.create2_rq_.inc(); break; case OpCodes::CreateContainer: opname = "createcontainer"; config_->stats_.createcontainer_rq_.inc(); break; case OpCodes::CreateTtl: opname = "createttl"; config_->stats_.createttl_rq_.inc(); break; default: throw EnvoyException(fmt::format("Unknown opcode: {}", enumToSignedInt(opcode))); break; } setDynamicMetadata( {{"opname", opname}, {"path", path}, {"create_type", createFlagsToString(flags)}}); } void ZooKeeperFilter::onSetRequest(const std::string& path) { config_->stats_.setdata_rq_.inc(); setDynamicMetadata({{"opname", "setdata"}, {"path", path}}); } void ZooKeeperFilter::onGetChildrenRequest(const std::string& path, const bool watch, const bool v2) { std::string opname = "getchildren"; if (v2) { config_->stats_.getchildren2_rq_.inc(); opname = "getchildren2"; } else { config_->stats_.getchildren_rq_.inc(); } setDynamicMetadata({{"opname", opname}, {"path", path}, {"watch", watch ? "true" : "false"}}); } void ZooKeeperFilter::onDeleteRequest(const std::string& path, const int32_t version) { config_->stats_.delete_rq_.inc(); setDynamicMetadata({{"opname", "delete"}, {"path", path}, {"version", std::to_string(version)}}); } void ZooKeeperFilter::onExistsRequest(const std::string& path, const bool watch) { config_->stats_.exists_rq_.inc(); setDynamicMetadata({{"opname", "exists"}, {"path", path}, {"watch", watch ? "true" : "false"}}); } void ZooKeeperFilter::onGetAclRequest(const std::string& path) { config_->stats_.getacl_rq_.inc(); setDynamicMetadata({{"opname", "getacl"}, {"path", path}}); } void ZooKeeperFilter::onSetAclRequest(const std::string& path, const int32_t version) { config_->stats_.setacl_rq_.inc(); setDynamicMetadata({{"opname", "setacl"}, {"path", path}, {"version", std::to_string(version)}}); } void ZooKeeperFilter::onSyncRequest(const std::string& path) { config_->stats_.sync_rq_.inc(); setDynamicMetadata({{"opname", "sync"}, {"path", path}}); } void ZooKeeperFilter::onCheckRequest(const std::string&, const int32_t) { config_->stats_.check_rq_.inc(); } void ZooKeeperFilter::onCheckWatchesRequest(const std::string& path, const int32_t) { config_->stats_.checkwatches_rq_.inc(); setDynamicMetadata({{"opname", "checkwatches"}, {"path", path}}); } void ZooKeeperFilter::onRemoveWatchesRequest(const std::string& path, const int32_t) { config_->stats_.removewatches_rq_.inc(); setDynamicMetadata({{"opname", "removewatches"}, {"path", path}}); } void ZooKeeperFilter::onMultiRequest() { config_->stats_.multi_rq_.inc(); setDynamicMetadata("opname", "multi"); } void ZooKeeperFilter::onReconfigRequest() { config_->stats_.reconfig_rq_.inc(); setDynamicMetadata("opname", "reconfig"); } void ZooKeeperFilter::onSetWatchesRequest() { config_->stats_.setwatches_rq_.inc(); setDynamicMetadata("opname", "setwatches"); } void ZooKeeperFilter::onGetEphemeralsRequest(const std::string& path) { config_->stats_.getephemerals_rq_.inc(); setDynamicMetadata({{"opname", "getephemerals"}, {"path", path}}); } void ZooKeeperFilter::onGetAllChildrenNumberRequest(const std::string& path) { config_->stats_.getallchildrennumber_rq_.inc(); setDynamicMetadata({{"opname", "getallchildrennumber"}, {"path", path}}); } void ZooKeeperFilter::onCloseRequest() { config_->stats_.close_rq_.inc(); setDynamicMetadata("opname", "close"); } void ZooKeeperFilter::onConnectResponse(const int32_t proto_version, const int32_t timeout, const bool readonly, const std::chrono::milliseconds& latency) { config_->stats_.connect_resp_.inc(); Stats::Histogram& histogram = Stats::Utility::histogramFromElements( config_->scope_, {config_->stat_prefix_, config_->connect_latency_}, Stats::Histogram::Unit::Milliseconds); histogram.recordValue(latency.count()); setDynamicMetadata({{"opname", "connect_response"}, {"protocol_version", std::to_string(proto_version)}, {"timeout", std::to_string(timeout)}, {"readonly", std::to_string(readonly)}}); } void ZooKeeperFilter::onResponse(const OpCodes opcode, const int32_t xid, const int64_t zxid, const int32_t error, const std::chrono::milliseconds& latency) { Stats::StatName opcode_latency = config_->unknown_opcode_latency_; auto iter = config_->op_code_map_.find(opcode); std::string opname = ""; if (iter != config_->op_code_map_.end()) { const ZooKeeperFilterConfig::OpCodeInfo& opcode_info = iter->second; opcode_info.counter_->inc(); opname = opcode_info.opname_; opcode_latency = opcode_info.latency_name_; } Stats::Histogram& histogram = Stats::Utility::histogramFromStatNames( config_->scope_, {config_->stat_prefix_, opcode_latency}, Stats::Histogram::Unit::Milliseconds); histogram.recordValue(latency.count()); setDynamicMetadata({{"opname", opname}, {"xid", std::to_string(xid)}, {"zxid", std::to_string(zxid)}, {"error", std::to_string(error)}}); } void ZooKeeperFilter::onWatchEvent(const int32_t event_type, const int32_t client_state, const std::string& path, const int64_t zxid, const int32_t error) { config_->stats_.watch_event_.inc(); setDynamicMetadata({{"opname", "watch_event"}, {"event_type", std::to_string(event_type)}, {"client_state", std::to_string(client_state)}, {"path", path}, {"zxid", std::to_string(zxid)}, {"error", std::to_string(error)}}); } } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/filter.h ================================================ #pragma once #include #include #include #include "envoy/access_log/access_log.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "common/stats/symbol_table_impl.h" #include "extensions/filters/network/zookeeper_proxy/decoder.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { /** * All ZooKeeper proxy stats. @see stats_macros.h */ #define ALL_ZOOKEEPER_PROXY_STATS(COUNTER) \ COUNTER(decoder_error) \ COUNTER(request_bytes) \ COUNTER(connect_rq) \ COUNTER(connect_readonly_rq) \ COUNTER(getdata_rq) \ COUNTER(create_rq) \ COUNTER(create2_rq) \ COUNTER(createcontainer_rq) \ COUNTER(createttl_rq) \ COUNTER(setdata_rq) \ COUNTER(getchildren_rq) \ COUNTER(getchildren2_rq) \ COUNTER(getephemerals_rq) \ COUNTER(getallchildrennumber_rq) \ COUNTER(delete_rq) \ COUNTER(exists_rq) \ COUNTER(getacl_rq) \ COUNTER(setacl_rq) \ COUNTER(sync_rq) \ COUNTER(ping_rq) \ COUNTER(multi_rq) \ COUNTER(reconfig_rq) \ COUNTER(close_rq) \ COUNTER(setauth_rq) \ COUNTER(setwatches_rq) \ COUNTER(checkwatches_rq) \ COUNTER(removewatches_rq) \ COUNTER(check_rq) \ COUNTER(response_bytes) \ COUNTER(connect_resp) \ COUNTER(ping_resp) \ COUNTER(auth_resp) \ COUNTER(getdata_resp) \ COUNTER(create_resp) \ COUNTER(create2_resp) \ COUNTER(createcontainer_resp) \ COUNTER(createttl_resp) \ COUNTER(setdata_resp) \ COUNTER(getchildren_resp) \ COUNTER(getchildren2_resp) \ COUNTER(getephemerals_resp) \ COUNTER(getallchildrennumber_resp) \ COUNTER(delete_resp) \ COUNTER(exists_resp) \ COUNTER(getacl_resp) \ COUNTER(setacl_resp) \ COUNTER(sync_resp) \ COUNTER(multi_resp) \ COUNTER(reconfig_resp) \ COUNTER(close_resp) \ COUNTER(setauth_resp) \ COUNTER(setwatches_resp) \ COUNTER(checkwatches_resp) \ COUNTER(removewatches_resp) \ COUNTER(check_resp) \ COUNTER(watch_event) /** * Struct definition for all ZooKeeper proxy stats. @see stats_macros.h */ struct ZooKeeperProxyStats { ALL_ZOOKEEPER_PROXY_STATS(GENERATE_COUNTER_STRUCT) }; /** * Configuration for the ZooKeeper proxy filter. */ class ZooKeeperFilterConfig { public: ZooKeeperFilterConfig(const std::string& stat_prefix, uint32_t max_packet_bytes, Stats::Scope& scope); const ZooKeeperProxyStats& stats() { return stats_; } uint32_t maxPacketBytes() const { return max_packet_bytes_; } // Captures the counter used to track total op-code usage, as well as the // StatName under which to collect the latency for that op-code. The // latency-name will be joined with the stat_prefix_, which varies per filter // instance. struct OpCodeInfo { Stats::Counter* counter_; std::string opname_; Stats::StatName latency_name_; }; absl::flat_hash_map op_code_map_; Stats::Scope& scope_; const uint32_t max_packet_bytes_; ZooKeeperProxyStats stats_; Stats::StatNameSetPtr stat_name_set_; const Stats::StatName stat_prefix_; const Stats::StatName auth_; const Stats::StatName connect_latency_; const Stats::StatName unknown_scheme_rq_; const Stats::StatName unknown_opcode_latency_; private: void initOpCode(OpCodes opcode, Stats::Counter& counter, absl::string_view name); ZooKeeperProxyStats generateStats(const std::string& prefix, Stats::Scope& scope) { return ZooKeeperProxyStats{ALL_ZOOKEEPER_PROXY_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; } }; using ZooKeeperFilterConfigSharedPtr = std::shared_ptr; /** * Implementation of ZooKeeper proxy filter. */ class ZooKeeperFilter : public Network::Filter, DecoderCallbacks, Logger::Loggable { public: ZooKeeperFilter(ZooKeeperFilterConfigSharedPtr config, TimeSource& time_source); // Network::ReadFilter Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override; Network::FilterStatus onNewConnection() override; void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& callbacks) override; // Network::WriteFilter Network::FilterStatus onWrite(Buffer::Instance& data, bool end_stream) override; // ZooKeeperProxy::DecoderCallback void onDecodeError() override; void onRequestBytes(uint64_t bytes) override; void onConnect(bool readonly) override; void onPing() override; void onAuthRequest(const std::string& scheme) override; void onGetDataRequest(const std::string& path, bool watch) override; void onCreateRequest(const std::string& path, CreateFlags flags, OpCodes opcode) override; void onSetRequest(const std::string& path) override; void onGetChildrenRequest(const std::string& path, bool watch, bool v2) override; void onDeleteRequest(const std::string& path, int32_t version) override; void onExistsRequest(const std::string& path, bool watch) override; void onGetAclRequest(const std::string& path) override; void onSetAclRequest(const std::string& path, int32_t version) override; void onSyncRequest(const std::string& path) override; void onCheckRequest(const std::string& path, int32_t version) override; void onMultiRequest() override; void onReconfigRequest() override; void onSetWatchesRequest() override; void onCheckWatchesRequest(const std::string& path, int32_t type) override; void onRemoveWatchesRequest(const std::string& path, int32_t type) override; void onGetEphemeralsRequest(const std::string& path) override; void onGetAllChildrenNumberRequest(const std::string& path) override; void onCloseRequest() override; void onResponseBytes(uint64_t bytes) override; void onConnectResponse(int32_t proto_version, int32_t timeout, bool readonly, const std::chrono::milliseconds& latency) override; void onResponse(OpCodes opcode, int32_t xid, int64_t zxid, int32_t error, const std::chrono::milliseconds& latency) override; void onWatchEvent(int32_t event_type, int32_t client_state, const std::string& path, int64_t zxid, int32_t error) override; DecoderPtr createDecoder(DecoderCallbacks& callbacks, TimeSource& time_source); void setDynamicMetadata(const std::string& key, const std::string& value); void setDynamicMetadata(const std::vector>& data); void clearDynamicMetadata(); private: Network::ReadFilterCallbacks* read_callbacks_{}; ZooKeeperFilterConfigSharedPtr config_; std::unique_ptr decoder_; }; } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/utils.cc ================================================ #include "extensions/filters/network/zookeeper_proxy/utils.h" #include namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { int32_t BufferHelper::peekInt32(Buffer::Instance& buffer, uint64_t& offset) { ensureMaxLen(sizeof(int32_t)); const int32_t val = buffer.peekBEInt(offset); offset += sizeof(int32_t); return val; } int64_t BufferHelper::peekInt64(Buffer::Instance& buffer, uint64_t& offset) { ensureMaxLen(sizeof(int64_t)); const int64_t val = buffer.peekBEInt(offset); offset += sizeof(int64_t); return val; } bool BufferHelper::peekBool(Buffer::Instance& buffer, uint64_t& offset) { ensureMaxLen(1); const char byte = buffer.peekInt(offset); const bool val = static_cast(byte); offset += 1; return val; } std::string BufferHelper::peekString(Buffer::Instance& buffer, uint64_t& offset) { std::string val; const uint32_t len = peekInt32(buffer, offset); if (len == 0) { return val; } if (buffer.length() < (offset + len)) { throw EnvoyException("peekString: buffer is smaller than string length"); } ensureMaxLen(len); std::unique_ptr data(new char[len]); buffer.copyOut(offset, len, data.get()); val.assign(data.get(), len); offset += len; return val; } void BufferHelper::skip(const uint32_t len, uint64_t& offset) { offset += len; current_ += len; } void BufferHelper::ensureMaxLen(const uint32_t size) { current_ += size; if (current_ > max_len_) { throw EnvoyException("read beyond max length"); } } } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/network/zookeeper_proxy/utils.h ================================================ #pragma once #include #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/byte_order.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace NetworkFilters { namespace ZooKeeperProxy { /** * Helper for extracting ZooKeeper data from a buffer. * * If at any point a peek is tried beyond max_len, an EnvoyException * will be thrown. This is important to protect Envoy against malformed * requests (e.g.: when the declared and actual length don't match). * * Note: ZooKeeper's protocol uses network byte ordering (big-endian). */ class BufferHelper : public Logger::Loggable { public: BufferHelper(uint32_t max_len) : max_len_(max_len) {} int32_t peekInt32(Buffer::Instance& buffer, uint64_t& offset); int64_t peekInt64(Buffer::Instance& buffer, uint64_t& offset); std::string peekString(Buffer::Instance& buffer, uint64_t& offset); bool peekBool(Buffer::Instance& buffer, uint64_t& offset); void skip(uint32_t len, uint64_t& offset); void reset() { current_ = 0; } private: void ensureMaxLen(uint32_t size); const uint32_t max_len_; uint32_t current_{}; }; } // namespace ZooKeeperProxy } // namespace NetworkFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "dns_filter_lib", srcs = [ "dns_filter.cc", "dns_filter_resolver.cc", "dns_filter_utils.cc", "dns_parser.cc", ], hdrs = [ "dns_filter.h", "dns_filter_constants.h", "dns_filter_resolver.h", "dns_filter_utils.h", "dns_parser.h", ], external_deps = ["ares"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:address_interface", "//include/envoy/network:dns_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listener_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/common:matchers_lib", "//source/common/config:config_provider_lib", "//source/common/config:datasource_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/common/protobuf:message_validator_lib", "//source/common/runtime:runtime_lib", "//source/common/upstream:cluster_manager_lib", "@envoy_api//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", status = "alpha", deps = [ ":dns_filter_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/udp/dns_filter/config.cc ================================================ #include "extensions/filters/udp/dns_filter/config.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { Network::UdpListenerFilterFactoryCb DnsFilterConfigFactory::createFilterFactoryFromProto( const Protobuf::Message& config, Server::Configuration::ListenerFactoryContext& context) { auto shared_config = std::make_shared( context, MessageUtil::downcastAndValidate< const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig&>( config, context.messageValidationVisitor())); return [shared_config](Network::UdpListenerFilterManager& filter_manager, Network::UdpReadFilterCallbacks& callbacks) -> void { filter_manager.addReadFilter(std::make_unique(callbacks, shared_config)); }; } ProtobufTypes::MessagePtr DnsFilterConfigFactory::createEmptyConfigProto() { return std::make_unique(); } std::string DnsFilterConfigFactory::name() const { return "envoy.filters.udp.dns_filter"; } /** * Static registration for the DNS Filter. @see RegisterFactory. */ static Registry::RegisterFactory register_; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/config.h ================================================ #pragma once #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.validate.h" #include "envoy/server/filter_config.h" #include "extensions/filters/udp/dns_filter/dns_filter.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { /** * Config registration for the UDP proxy filter. @see NamedUdpListenerFilterConfigFactory. */ class DnsFilterConfigFactory : public Server::Configuration::NamedUdpListenerFilterConfigFactory { public: // NamedUdpListenerFilterConfigFactory Network::UdpListenerFilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, Server::Configuration::ListenerFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter.cc ================================================ #include "extensions/filters/udp/dns_filter/dns_filter.h" #include "envoy/network/listener.h" #include "envoy/type/matcher/v3/string.pb.h" #include "common/config/datasource.h" #include "common/network/address_impl.h" #include "common/protobuf/message_validator_impl.h" #include "extensions/filters/udp/dns_filter/dns_filter_utils.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { static constexpr std::chrono::milliseconds DEFAULT_RESOLVER_TIMEOUT{500}; static constexpr std::chrono::seconds DEFAULT_RESOLVER_TTL{300}; DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( Server::Configuration::ListenerFactoryContext& context, const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig& config) : root_scope_(context.scope()), cluster_manager_(context.clusterManager()), api_(context.api()), stats_(generateStats(config.stat_prefix(), root_scope_)), resolver_timeout_(DEFAULT_RESOLVER_TIMEOUT), random_(context.api().randomGenerator()) { using envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig; const auto& server_config = config.server_config(); envoy::data::dns::v3::DnsTable dns_table; bool result = loadServerConfig(server_config, dns_table); ENVOY_LOG(debug, "Loading DNS table from external file: {}", result ? "Success" : "Failure"); retry_count_ = dns_table.external_retry_count(); virtual_domains_.reserve(dns_table.virtual_domains().size()); for (const auto& virtual_domain : dns_table.virtual_domains()) { AddressConstPtrVec addrs{}; const absl::string_view domain_name = virtual_domain.name(); ENVOY_LOG(trace, "Loading configuration for domain: {}", domain_name); if (virtual_domain.endpoint().has_address_list()) { const auto& address_list = virtual_domain.endpoint().address_list().address(); addrs.reserve(address_list.size()); // Shuffle the configured addresses. We store the addresses starting at a random // list index so that we do not always return answers in the same order as the IPs // are configured. size_t i = random_.random(); // Creating the IP address will throw an exception if the address string is malformed for (auto index = 0; index < address_list.size(); index++) { const auto address_iter = std::next(address_list.begin(), (i++ % address_list.size())); auto ipaddr = Network::Utility::parseInternetAddress(*address_iter, 0 /* port */); addrs.push_back(std::move(ipaddr)); } // If the domain already exists with a different endpoint config, update the address_list // with the data from the config if (virtual_domains_.contains(domain_name)) { auto& addr_vec = virtual_domains_[domain_name].address_list.value(); addr_vec.reserve(addr_vec.size() + addrs.size()); std::move(addrs.begin(), addrs.end(), std::inserter(addr_vec, addr_vec.end())); } else { DnsEndpointConfig endpoint_config{}; endpoint_config.address_list = absl::make_optional(std::move(addrs)); virtual_domains_.emplace(std::string(domain_name), std::move(endpoint_config)); } } if (virtual_domain.endpoint().has_service_list()) { const auto& dns_service_list = virtual_domain.endpoint().service_list(); for (const auto& dns_service : dns_service_list.services()) { // Each service should be its own domain in the stored config. The filter will see // the full service name in queries on the wire. The protocol string returned will be empty // if a numeric protocol is configured and we cannot resolve its name const std::string proto = Utils::getProtoName(dns_service.protocol()); if (proto.empty()) { continue; } const std::chrono::seconds ttl = std::chrono::seconds(dns_service.ttl().seconds()); // Generate the full name for the DNS service. All input parameters are populated // strings enforced by the message definition const std::string full_service_name = Utils::buildServiceName(dns_service.service_name(), proto, virtual_domain.name()); DnsSrvRecordPtr service_record_ptr = std::make_unique(full_service_name, proto, ttl); // Store service targets. We require at least one target to be present. The target should // be a fully qualified domain name. If the target name is not a fully qualified name, we // will consider this name to be that of a cluster for (const auto& target : dns_service.targets()) { DnsSrvRecord::DnsTargetAttributes attributes{}; attributes.priority = target.priority(); attributes.weight = target.weight(); attributes.port = target.port(); absl::string_view target_name = target.host_name(); if (target_name.empty()) { target_name = target.cluster_name(); attributes.is_cluster = true; } ENVOY_LOG(trace, "Storing service {} target {}", full_service_name, target_name); service_record_ptr->addTarget(target_name, attributes); } DnsEndpointConfig endpoint_config{}; endpoint_config.service_list = absl::make_optional(std::move(service_record_ptr)); virtual_domains_.emplace(full_service_name, std::move(endpoint_config)); } } // A DNS name can be redirected to only one cluster. const absl::string_view cluster_name = virtual_domain.endpoint().cluster_name(); if (!cluster_name.empty()) { DnsEndpointConfig endpoint_config{}; endpoint_config.cluster_name = absl::make_optional(cluster_name); virtual_domains_.emplace(domain_name, std::move(endpoint_config)); } std::chrono::seconds ttl = virtual_domain.has_answer_ttl() ? std::chrono::seconds(virtual_domain.answer_ttl().seconds()) : DEFAULT_RESOLVER_TTL; domain_ttl_.emplace(virtual_domain.name(), ttl); } // Add known domain suffixes known_suffixes_.reserve(dns_table.known_suffixes().size()); for (const auto& suffix : dns_table.known_suffixes()) { auto matcher_ptr = std::make_unique(suffix); known_suffixes_.push_back(std::move(matcher_ptr)); } forward_queries_ = config.has_client_config(); if (forward_queries_) { const auto& client_config = config.client_config(); const auto& upstream_resolvers = client_config.upstream_resolvers(); resolvers_.reserve(upstream_resolvers.size()); for (const auto& resolver : upstream_resolvers) { auto ipaddr = Network::Utility::protobufAddressToAddress(resolver); resolvers_.emplace_back(std::move(ipaddr)); } resolver_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT( client_config, resolver_timeout, DEFAULT_RESOLVER_TIMEOUT.count())); max_pending_lookups_ = client_config.max_pending_lookups(); } } bool DnsFilterEnvoyConfig::loadServerConfig( const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig:: ServerContextConfig& config, envoy::data::dns::v3::DnsTable& table) { using envoy::data::dns::v3::DnsTable; if (config.has_inline_dns_table()) { table = config.inline_dns_table(); return true; } const auto& datasource = config.external_dns_table(); bool data_source_loaded = false; try { // Data structure is deduced from the file extension. If the data is not read an exception // is thrown. If no table can be read, the filter will refer all queries to an external // DNS server, if configured, otherwise all queries will be responded to with Name Error. MessageUtil::loadFromFile(datasource.filename(), table, ProtobufMessage::getNullValidationVisitor(), api_, false /* do_boosting */); data_source_loaded = true; } catch (const ProtobufMessage::UnknownProtoFieldException& e) { ENVOY_LOG(warn, "Invalid field in DNS Filter datasource configuration: {}", e.what()); } catch (const EnvoyException& e) { ENVOY_LOG(warn, "Filesystem DNS Filter config update failure: {}", e.what()); } return data_source_loaded; } DnsFilter::DnsFilter(Network::UdpReadFilterCallbacks& callbacks, const DnsFilterEnvoyConfigSharedPtr& config) : UdpListenerReadFilter(callbacks), config_(config), listener_(callbacks.udpListener()), cluster_manager_(config_->clusterManager()), message_parser_(config->forwardQueries(), listener_.dispatcher().timeSource(), config->retryCount(), config->random(), config_->stats().downstream_rx_query_latency_) { // This callback is executed when the dns resolution completes. At that time of a response by // the resolver, we build an answer record from each IP returned then send a response to the // client resolver_callback_ = [this](DnsQueryContextPtr context, const DnsQueryRecord* query, AddressConstPtrVec& iplist) -> void { // We cannot retry the resolution if ares returns without a response. The ares context // is still dirty and will result in a segfault when it is freed during a subsequent resolve // call from here. We will retry resolutions for pending lookups only if (context->resolution_status_ != Network::DnsResolver::ResolutionStatus::Success && !context->in_callback_ && context->retry_ > 0) { --context->retry_; ENVOY_LOG(debug, "resolving name [{}] via external resolvers [retry {}]", query->name_, context->retry_); resolver_->resolveExternalQuery(std::move(context), query); return; } config_->stats().externally_resolved_queries_.inc(); if (iplist.empty()) { config_->stats().unanswered_queries_.inc(); } incrementExternalQueryTypeCount(query->type_); for (const auto& ip : iplist) { incrementExternalQueryTypeAnswerCount(query->type_); const std::chrono::seconds ttl = getDomainTTL(query->name_); message_parser_.storeDnsAnswerRecord(context, *query, ttl, std::move(ip)); } sendDnsResponse(std::move(context)); }; resolver_ = std::make_unique(resolver_callback_, config->resolvers(), config->resolverTimeout(), listener_.dispatcher(), config->maxPendingLookups()); } void DnsFilter::onData(Network::UdpRecvData& client_request) { config_->stats().downstream_rx_bytes_.recordValue(client_request.buffer_->length()); config_->stats().downstream_rx_queries_.inc(); // Setup counters for the parser DnsParserCounters parser_counters(config_->stats().query_buffer_underflow_, config_->stats().record_name_overflow_, config_->stats().query_parsing_failure_); // Parse the query, if it fails return an response to the client DnsQueryContextPtr query_context = message_parser_.createQueryContext(client_request, parser_counters); incrementQueryTypeCount(query_context->queries_); if (!query_context->parse_status_) { config_->stats().downstream_rx_invalid_queries_.inc(); sendDnsResponse(std::move(query_context)); return; } // Resolve the requested name and respond to the client. If the return code is // External, we will respond to the client when the upstream resolver returns if (getResponseForQuery(query_context) == DnsLookupResponseCode::External) { return; } // We have an answer, it might be "No Answer". Send it to the client sendDnsResponse(std::move(query_context)); } void DnsFilter::sendDnsResponse(DnsQueryContextPtr query_context) { Buffer::OwnedImpl response; // Serializes the generated response to the parsed query from the client. If there is a // parsing error or the incoming query is invalid, we will still generate a valid DNS response message_parser_.buildResponseBuffer(query_context, response); config_->stats().downstream_tx_responses_.inc(); config_->stats().downstream_tx_bytes_.recordValue(response.length()); Network::UdpSendData response_data{query_context->local_->ip(), *(query_context->peer_), response}; listener_.send(response_data); } DnsLookupResponseCode DnsFilter::getResponseForQuery(DnsQueryContextPtr& context) { /* It appears to be a rare case where we would have more than one query in a single request. * It is allowed by the protocol but not widely supported: * * See: https://www.ietf.org/rfc/rfc1035.txt * * The question section is used to carry the "question" in most queries, * i.e., the parameters that define what is being asked. The section * contains QDCOUNT (usually 1) entries. */ for (const auto& query : context->queries_) { // Try to resolve the query locally. If forwarding the query externally is disabled we will // always attempt to resolve with the configured domains if (isKnownDomain(query->name_) || !config_->forwardQueries()) { // Determine whether the name is a cluster. Move on to the next query if successful if (resolveViaClusters(context, *query)) { continue; } // Determine whether we an answer this query with the static configuration if (resolveViaConfiguredHosts(context, *query)) { continue; } } ENVOY_LOG(debug, "resolving name [{}] via external resolvers", query->name_); resolver_->resolveExternalQuery(std::move(context), query.get()); return DnsLookupResponseCode::External; } if (context->answers_.empty()) { config_->stats().unanswered_queries_.inc(); return DnsLookupResponseCode::Failure; } return DnsLookupResponseCode::Success; } bool DnsFilter::resolveViaConfiguredHosts(DnsQueryContextPtr& context, const DnsQueryRecord& query) { switch (query.type_) { case DNS_RECORD_TYPE_A: case DNS_RECORD_TYPE_AAAA: return resolveConfiguredDomain(context, query); case DNS_RECORD_TYPE_SRV: return resolveConfiguredService(context, query); default: return false; } } std::chrono::seconds DnsFilter::getDomainTTL(const absl::string_view domain) { const auto& domain_ttl_config = config_->domainTtl(); const auto& iter = domain_ttl_config.find(domain); if (iter == domain_ttl_config.end()) { return DEFAULT_RESOLVER_TTL; } return iter->second; } bool DnsFilter::isKnownDomain(const absl::string_view domain_name) { const auto& known_suffixes = config_->knownSuffixes(); // If we don't have a list of allowlisted domain suffixes, we will resolve the name with an // external DNS server // TODO(abaptiste): Use a trie to find a match instead of iterating through the list for (auto& suffix : known_suffixes) { if (suffix->match(domain_name)) { config_->stats().known_domain_queries_.inc(); return true; } } return false; } const DnsEndpointConfig* DnsFilter::getEndpointConfigForDomain(const absl::string_view domain) { const auto& domains = config_->domains(); const auto iter = domains.find(domain); if (iter == domains.end()) { ENVOY_LOG(debug, "No endpoint configuration exists for [{}]", domain); return nullptr; } return &(iter->second); } const DnsSrvRecord* DnsFilter::getServiceConfigForDomain(const absl::string_view domain) { const DnsEndpointConfig* endpoint_config = getEndpointConfigForDomain(domain); if (endpoint_config != nullptr && endpoint_config->service_list.has_value()) { return endpoint_config->service_list.value().get(); } return nullptr; } const AddressConstPtrVec* DnsFilter::getAddressListForDomain(const absl::string_view domain) { const DnsEndpointConfig* endpoint_config = getEndpointConfigForDomain(domain); if (endpoint_config != nullptr && endpoint_config->address_list.has_value()) { return &(endpoint_config->address_list.value()); } return nullptr; } const absl::string_view DnsFilter::getClusterNameForDomain(const absl::string_view domain) { const DnsEndpointConfig* endpoint_config = getEndpointConfigForDomain(domain); if (endpoint_config != nullptr && endpoint_config->cluster_name.has_value()) { return endpoint_config->cluster_name.value(); } return {}; } bool DnsFilter::resolveClusterService(DnsQueryContextPtr& context, const DnsQueryRecord& query) { size_t cluster_endpoints = 0; // Get the service_list config for the domain const auto* service_config = getServiceConfigForDomain(query.name_); if (service_config != nullptr) { // We can redirect to more than one cluster, but only one is supported const auto& cluster_target = service_config->targets_.begin(); const auto& target_name = cluster_target->first; const auto& attributes = cluster_target->second; if (!attributes.is_cluster) { ENVOY_LOG(trace, "Service target [{}] is not a cluster", target_name); return false; } // Determine if there is a cluster Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(target_name); if (cluster == nullptr) { ENVOY_LOG(trace, "No cluster found for service target: {}", target_name); return false; } // Add a service record for each cluster endpoint using the cluster name const std::chrono::seconds ttl = getDomainTTL(target_name); for (const auto& hostsets : cluster->prioritySet().hostSetsPerPriority()) { for (const auto& host : hostsets->hosts()) { // If the target port is zero, use the port from the cluster host. // If the cluster host port is zero also, then this is the value that will // appear in the service record. Zero is a permitted value in the record DnsSrvRecord::DnsTargetAttributes new_attributes = attributes; if (!new_attributes.port) { new_attributes.port = host->address()->ip()->port(); } // Create the service record element and increment the SRV record answer count auto config = std::make_unique(service_config->name_, service_config->proto_, service_config->ttl_); config->addTarget(target_name, new_attributes); message_parser_.storeDnsSrvAnswerRecord(context, query, std::move(config)); incrementClusterQueryTypeAnswerCount(query.type_); // Return the address for all discovered endpoints ENVOY_LOG(debug, "using host address {} for cluster [{}]", host->address()->ip()->addressAsString(), target_name); // We have to determine the address type here so that we increment the correct counter const auto type = Utils::getAddressRecordType(host->address()); if (type.has_value() && message_parser_.storeDnsAdditionalRecord(context, target_name, type.value(), query.class_, ttl, host->address())) { ++cluster_endpoints; incrementClusterQueryTypeAnswerCount(type.value()); } } } } return (cluster_endpoints != 0); } bool DnsFilter::resolveClusterHost(DnsQueryContextPtr& context, const DnsQueryRecord& query) { // Determine if the domain name is being redirected to a cluster const auto cluster_name = getClusterNameForDomain(query.name_); absl::string_view lookup_name; if (!cluster_name.empty()) { lookup_name = cluster_name; } else { lookup_name = query.name_; } // Return an address for all discovered endpoints. The address and query type must match // for the host to be included in the response size_t cluster_endpoints = 0; Upstream::ThreadLocalCluster* cluster = cluster_manager_.get(lookup_name); if (cluster != nullptr) { // TODO(abaptiste): consider using host weights when returning answer addresses const std::chrono::seconds ttl = getDomainTTL(lookup_name); for (const auto& hostsets : cluster->prioritySet().hostSetsPerPriority()) { for (const auto& host : hostsets->hosts()) { // Return the address for all discovered endpoints ENVOY_LOG(debug, "using cluster host address {} for domain [{}]", host->address()->ip()->addressAsString(), lookup_name); if (message_parser_.storeDnsAnswerRecord(context, query, ttl, host->address())) { incrementClusterQueryTypeAnswerCount(query.type_); ++cluster_endpoints; } } } } return (cluster_endpoints != 0); } bool DnsFilter::resolveViaClusters(DnsQueryContextPtr& context, const DnsQueryRecord& query) { switch (query.type_) { case DNS_RECORD_TYPE_SRV: return resolveClusterService(context, query); case DNS_RECORD_TYPE_A: case DNS_RECORD_TYPE_AAAA: return resolveClusterHost(context, query); default: // unsupported query type return false; } } bool DnsFilter::resolveConfiguredDomain(DnsQueryContextPtr& context, const DnsQueryRecord& query) { const auto* configured_address_list = getAddressListForDomain(query.name_); uint64_t hosts_found = 0; if (configured_address_list != nullptr) { // Build an answer record from each configured IP address for (const auto& configured_address : *configured_address_list) { ASSERT(configured_address != nullptr); ENVOY_LOG(trace, "using local address {} for domain [{}]", configured_address->ip()->addressAsString(), query.name_); ++hosts_found; const std::chrono::seconds ttl = getDomainTTL(query.name_); if (message_parser_.storeDnsAnswerRecord(context, query, ttl, configured_address)) { incrementLocalQueryTypeAnswerCount(query.type_); } } } return (hosts_found != 0); } bool DnsFilter::resolveConfiguredService(DnsQueryContextPtr& context, const DnsQueryRecord& query) { const auto* service_config = getServiceConfigForDomain(query.name_); size_t targets_discovered = 0; if (service_config != nullptr) { // for each service target address, we must resolve the target's IP. The target record does not // specify the address type, so we must deduce it when building the record. It is possible that // the configured target's IP addresses are a mix of A and AAAA records. for (const auto& [target_name, attributes] : service_config->targets_) { const auto* configured_address_list = getAddressListForDomain(target_name); if (configured_address_list != nullptr) { // Build an SRV answer record for the service. We need a new SRV record for each target. // Although the same class is used, the target storage is different than the way the service // config is modeled. We store one SrvRecord per target so that we can enforce the response // size limit when serializing the answers to the client ENVOY_LOG(trace, "Adding srv record for target [{}]", target_name); incrementLocalQueryTypeAnswerCount(query.type_); auto config = std::make_unique(service_config->name_, service_config->proto_, service_config->ttl_); config->addTarget(target_name, attributes); message_parser_.storeDnsSrvAnswerRecord(context, query, std::move(config)); for (const auto& configured_address : *configured_address_list) { ASSERT(configured_address != nullptr); // Since there is no type, only a name, we must determine the record type from its address ENVOY_LOG(trace, "using address {} for target [{}] in SRV record", configured_address->ip()->addressAsString(), target_name); const std::chrono::seconds ttl = getDomainTTL(target_name); const auto type = Utils::getAddressRecordType(configured_address); if (type.has_value()) { incrementLocalQueryTypeAnswerCount(type.value()); message_parser_.storeDnsAdditionalRecord(context, target_name, type.value(), query.class_, ttl, configured_address); ++targets_discovered; } } } } } return (targets_discovered != 0); } void DnsFilter::onReceiveError(Api::IoError::IoErrorCode error_code) { config_->stats().downstream_rx_errors_.inc(); UNREFERENCED_PARAMETER(error_code); } } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter.h ================================================ #pragma once #include "envoy/event/file_event.h" #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/network/dns.h" #include "envoy/network/filter.h" #include "common/buffer/buffer_impl.h" #include "common/common/matchers.h" #include "common/config/config_provider_impl.h" #include "common/network/utility.h" #include "extensions/filters/udp/dns_filter/dns_filter_resolver.h" #include "extensions/filters/udp/dns_filter/dns_parser.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { /** * All DNS Filter stats. @see stats_macros.h */ #define ALL_DNS_FILTER_STATS(COUNTER, HISTOGRAM) \ COUNTER(a_record_queries) \ COUNTER(aaaa_record_queries) \ COUNTER(srv_record_queries) \ COUNTER(cluster_a_record_answers) \ COUNTER(cluster_aaaa_record_answers) \ COUNTER(cluster_srv_record_answers) \ COUNTER(cluster_unsupported_answers) \ COUNTER(downstream_rx_errors) \ COUNTER(downstream_rx_invalid_queries) \ COUNTER(downstream_rx_queries) \ COUNTER(external_a_record_queries) \ COUNTER(external_a_record_answers) \ COUNTER(external_aaaa_record_answers) \ COUNTER(external_aaaa_record_queries) \ COUNTER(external_unsupported_answers) \ COUNTER(external_unsupported_queries) \ COUNTER(externally_resolved_queries) \ COUNTER(known_domain_queries) \ COUNTER(local_a_record_answers) \ COUNTER(local_aaaa_record_answers) \ COUNTER(local_srv_record_answers) \ COUNTER(local_unsupported_answers) \ COUNTER(unanswered_queries) \ COUNTER(unsupported_queries) \ COUNTER(downstream_tx_responses) \ COUNTER(query_buffer_underflow) \ COUNTER(query_parsing_failure) \ COUNTER(record_name_overflow) \ HISTOGRAM(downstream_rx_bytes, Bytes) \ HISTOGRAM(downstream_rx_query_latency, Milliseconds) \ HISTOGRAM(downstream_tx_bytes, Bytes) /** * Struct definition for all DNS Filter stats. @see stats_macros.h */ struct DnsFilterStats { ALL_DNS_FILTER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; struct DnsEndpointConfig { absl::optional address_list; absl::optional cluster_name; absl::optional service_list; }; using DnsVirtualDomainConfig = absl::flat_hash_map; /** * DnsFilter configuration class abstracting access to data necessary for the filter's operation */ class DnsFilterEnvoyConfig : public Logger::Loggable { public: DnsFilterEnvoyConfig( Server::Configuration::ListenerFactoryContext& context, const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig& config); DnsFilterStats& stats() const { return stats_; } const DnsVirtualDomainConfig& domains() const { return virtual_domains_; } const std::vector& knownSuffixes() const { return known_suffixes_; } const absl::flat_hash_map& domainTtl() const { return domain_ttl_; } const AddressConstPtrVec& resolvers() const { return resolvers_; } bool forwardQueries() const { return forward_queries_; } const std::chrono::milliseconds resolverTimeout() const { return resolver_timeout_; } Upstream::ClusterManager& clusterManager() const { return cluster_manager_; } uint64_t retryCount() const { return retry_count_; } Random::RandomGenerator& random() const { return random_; } uint64_t maxPendingLookups() const { return max_pending_lookups_; } private: static DnsFilterStats generateStats(const std::string& stat_prefix, Stats::Scope& scope) { const auto final_prefix = absl::StrCat("dns_filter.", stat_prefix); return {ALL_DNS_FILTER_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_HISTOGRAM_PREFIX(scope, final_prefix))}; } bool loadServerConfig(const envoy::extensions::filters::udp::dns_filter::v3alpha:: DnsFilterConfig::ServerContextConfig& config, envoy::data::dns::v3::DnsTable& table); Stats::Scope& root_scope_; Upstream::ClusterManager& cluster_manager_; Network::DnsResolverSharedPtr resolver_; Api::Api& api_; mutable DnsFilterStats stats_; DnsVirtualDomainConfig virtual_domains_; std::vector known_suffixes_; absl::flat_hash_map domain_ttl_; bool forward_queries_; uint64_t retry_count_; AddressConstPtrVec resolvers_; std::chrono::milliseconds resolver_timeout_; Random::RandomGenerator& random_; uint64_t max_pending_lookups_; }; using DnsFilterEnvoyConfigSharedPtr = std::shared_ptr; enum class DnsLookupResponseCode { Success, Failure, External }; /** * This class is responsible for handling incoming DNS datagrams and responding to the queries. * The filter will attempt to resolve the query via its configuration or direct to an external * resolver when necessary */ class DnsFilter : public Network::UdpListenerReadFilter, Logger::Loggable { public: DnsFilter(Network::UdpReadFilterCallbacks& callbacks, const DnsFilterEnvoyConfigSharedPtr& config); // Network::UdpListenerReadFilter callbacks void onData(Network::UdpRecvData& client_request) override; void onReceiveError(Api::IoError::IoErrorCode error_code) override; /** * @return bool true if the domain_name is a known domain for which we respond to queries */ bool isKnownDomain(const absl::string_view domain_name); private: /** * Prepare the response buffer and send it to the client * * @param context contains the data necessary to create a response and send it to a client */ void sendDnsResponse(DnsQueryContextPtr context); /** * @brief Encapsulates all of the logic required to find an answer for a DNS query * * @return DnsLookupResponseCode indicating whether we were able to respond to the query or send * the query to an external resolver */ DnsLookupResponseCode getResponseForQuery(DnsQueryContextPtr& context); /** * @return std::chrono::seconds retrieves the configured per domain TTL to be inserted into answer * records */ std::chrono::seconds getDomainTTL(const absl::string_view domain); /** * @brief Resolves a hostname query from configured clusters * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matched a cluster and an answer record was constructed */ bool resolveClusterHost(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Resolves a service query from configured clusters * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matched a cluster and an answer record was constructed */ bool resolveClusterService(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Resolves the supplied query from configured clusters * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matched a cluster and an answer record was constructed */ bool resolveViaClusters(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Resolves the supplied query from the configured set of domains * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matched a cluster and an answer record was constructed */ bool resolveConfiguredDomain(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Resolves the supplied query from configured services * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matched a cluster and an answer record was constructed */ bool resolveConfiguredService(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Resolves the supplied query from configured hostnames or services * * @param context object containing the query context * @param query query object containing the name to be resolved * @return bool true if the requested name matches a configured domain and answer records can be * constructed */ bool resolveViaConfiguredHosts(DnsQueryContextPtr& context, const DnsQueryRecord& query); /** * @brief Increment the counter for the given query type for external queries * * @param query_type indicate the type of record being resolved (A, AAAA, or other). */ void incrementExternalQueryTypeCount(const uint16_t query_type) { switch (query_type) { case DNS_RECORD_TYPE_A: config_->stats().external_a_record_queries_.inc(); break; case DNS_RECORD_TYPE_AAAA: config_->stats().external_aaaa_record_queries_.inc(); break; default: config_->stats().external_unsupported_queries_.inc(); break; } } /** * @brief Increment the counter for the parsed query type * * @param queries a vector of all the incoming queries received from a client */ void incrementQueryTypeCount(const DnsQueryPtrVec& queries) { for (const auto& query : queries) { incrementQueryTypeCount(query->type_); } } /** * @brief Increment the counter for the given query type. * * @param query_type indicate the type of record being resolved (A, AAAA, or other). */ void incrementQueryTypeCount(const uint16_t query_type) { switch (query_type) { case DNS_RECORD_TYPE_A: config_->stats().a_record_queries_.inc(); break; case DNS_RECORD_TYPE_AAAA: config_->stats().aaaa_record_queries_.inc(); break; case DNS_RECORD_TYPE_SRV: config_->stats().srv_record_queries_.inc(); break; default: config_->stats().unsupported_queries_.inc(); break; } } /** * @brief Increment the counter for answers for the given query type resolved via cluster names * * @param query_type indicate the type of answer record returned to the client */ void incrementClusterQueryTypeAnswerCount(const uint16_t query_type) { switch (query_type) { case DNS_RECORD_TYPE_A: config_->stats().cluster_a_record_answers_.inc(); break; case DNS_RECORD_TYPE_AAAA: config_->stats().cluster_aaaa_record_answers_.inc(); break; case DNS_RECORD_TYPE_SRV: config_->stats().cluster_srv_record_answers_.inc(); break; default: config_->stats().cluster_unsupported_answers_.inc(); break; } } /** * @brief Increment the counter for answers for the given query type resolved from the local * configuration. * * @param query_type indicate the type of answer record returned to the client */ void incrementLocalQueryTypeAnswerCount(const uint16_t query_type) { switch (query_type) { case DNS_RECORD_TYPE_A: config_->stats().local_a_record_answers_.inc(); break; case DNS_RECORD_TYPE_AAAA: config_->stats().local_aaaa_record_answers_.inc(); break; case DNS_RECORD_TYPE_SRV: config_->stats().local_srv_record_answers_.inc(); break; default: config_->stats().local_unsupported_answers_.inc(); break; } } /** * @brief Increment the counter for answers for the given query type resolved via an external * resolver * * @param query_type indicate the type of answer record returned to the client */ void incrementExternalQueryTypeAnswerCount(const uint16_t query_type) { switch (query_type) { case DNS_RECORD_TYPE_A: config_->stats().external_a_record_answers_.inc(); break; case DNS_RECORD_TYPE_AAAA: config_->stats().external_aaaa_record_answers_.inc(); break; default: config_->stats().external_unsupported_answers_.inc(); break; } } /** * @brief Helper function to retrieve the Endpoint configuration for a requested domain */ const DnsEndpointConfig* getEndpointConfigForDomain(const absl::string_view domain); /** * @brief Helper function to retrieve the Service Config for a requested domain */ const DnsSrvRecord* getServiceConfigForDomain(const absl::string_view domain); /** * @brief Helper function to retrieve the Address List for a requested domain */ const AddressConstPtrVec* getAddressListForDomain(const absl::string_view domain); /** * @brief Helper function to retrieve a cluster name that a domain may be redirected towards */ const absl::string_view getClusterNameForDomain(const absl::string_view domain); const DnsFilterEnvoyConfigSharedPtr config_; Network::UdpListener& listener_; Upstream::ClusterManager& cluster_manager_; DnsMessageParser message_parser_; DnsFilterResolverPtr resolver_; Network::Address::InstanceConstSharedPtr local_; Network::Address::InstanceConstSharedPtr peer_; DnsFilterResolverCallback resolver_callback_; }; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter_constants.h ================================================ #pragma once #include "envoy/common/platform.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { constexpr uint16_t DNS_RECORD_CLASS_IN = 1; constexpr uint16_t DNS_RECORD_TYPE_A = 0x01; constexpr uint16_t DNS_RECORD_TYPE_AAAA = 0x1C; constexpr uint16_t DNS_RECORD_TYPE_SRV = 0x21; constexpr uint16_t DNS_RECORD_TYPE_OPT = 0x29; constexpr uint16_t DNS_RESPONSE_CODE_NO_ERROR = 0; constexpr uint16_t DNS_RESPONSE_CODE_FORMAT_ERROR = 1; constexpr uint16_t DNS_RESPONSE_CODE_NAME_ERROR = 3; constexpr uint16_t DNS_RESPONSE_CODE_NOT_IMPLEMENTED = 4; constexpr size_t MIN_QUERY_NAME_LENGTH = 3; constexpr size_t MAX_LABEL_LENGTH = 63; constexpr size_t MAX_NAME_LENGTH = 255; // Amazon Route53 will return up to 8 records in an answer // https://aws.amazon.com/route53/faqs/#associate_multiple_ip_with_single_record constexpr size_t MAX_RETURNED_RECORDS = 8; // Ensure that responses stay below the 512 byte byte limit. If we are to exceed this we must // add DNS extension fields // // Note: There is Network::MAX_UDP_PACKET_SIZE, which is defined as 1500 bytes. If we support // DNS extensions, which support up to 4096 bytes, we will have to keep this 1500 byte limit // in mind. constexpr uint64_t MAX_DNS_RESPONSE_SIZE = 512; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter_resolver.cc ================================================ #include "extensions/filters/udp/dns_filter/dns_filter_resolver.h" #include "common/network/utility.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { void DnsFilterResolver::resolveExternalQuery(DnsQueryContextPtr context, const DnsQueryRecord* domain_query) { // Create an external resolution context for the query. LookupContext ctx{}; ctx.query_rec = domain_query; ctx.query_context = std::move(context); ctx.query_context->in_callback_ = false; ctx.expiry = std::chrono::duration_cast( dispatcher_.timeSource().systemTime().time_since_epoch()) .count() + std::chrono::duration_cast(timeout_).count(); ctx.resolver_status = DnsFilterResolverStatus::Pending; Network::DnsLookupFamily lookup_family; switch (domain_query->type_) { case DNS_RECORD_TYPE_A: lookup_family = Network::DnsLookupFamily::V4Only; break; case DNS_RECORD_TYPE_AAAA: lookup_family = Network::DnsLookupFamily::V6Only; break; default: // We don't support other lookups other than A and AAAA. Set success here so that we don't // retry for something that we are certain will fail. ENVOY_LOG(debug, "Unknown query type [{}] for upstream lookup", domain_query->type_); ctx.query_context->resolution_status_ = Network::DnsResolver::ResolutionStatus::Success; ctx.resolver_status = DnsFilterResolverStatus::Complete; invokeCallback(ctx); return; } const DnsQueryRecord* id = domain_query; // If we have too many pending lookups, invoke the callback to retry the query. if (lookups_.size() > max_pending_lookups_) { ENVOY_LOG( trace, "Retrying query for [{}] because there are too many pending lookups: [pending {}/max {}]", domain_query->name_, lookups_.size(), max_pending_lookups_); ctx.resolver_status = DnsFilterResolverStatus::Complete; invokeCallback(ctx); return; } ctx.timeout_timer = dispatcher_.createTimer([this]() -> void { onResolveTimeout(); }); ctx.timeout_timer->enableTimer(timeout_); lookups_.emplace(id, std::move(ctx)); ENVOY_LOG(trace, "Pending queries: {}", lookups_.size()); // Define the callback that is executed when resolution completes // Resolve the address in the query and add to the resolved_hosts vector resolver_->resolve(domain_query->name_, lookup_family, [this, id](Network::DnsResolver::ResolutionStatus status, std::list&& response) -> void { auto ctx_iter = lookups_.find(id); // If the context is not in the map, the lookup has timed out and was removed // when the timer executed if (ctx_iter == lookups_.end()) { ENVOY_LOG(debug, "Unable to find context for DNS query for ID [{}]", reinterpret_cast(id)); return; } auto ctx = std::move(ctx_iter->second); lookups_.erase(ctx_iter->first); // We are processing the response here, so we did not timeout. Cancel the // timer ctx.timeout_timer->disableTimer(); ENVOY_LOG(trace, "async query status returned. Entries {}", response.size()); ASSERT(ctx.resolver_status == DnsFilterResolverStatus::Pending); ctx.query_context->in_callback_ = true; ctx.query_context->resolution_status_ = status; ctx.resolver_status = DnsFilterResolverStatus::Complete; // C-ares doesn't expose the TTL in the data available here. if (status == Network::DnsResolver::ResolutionStatus::Success) { ctx.resolved_hosts.reserve(response.size()); for (const auto& resp : response) { ASSERT(resp.address_ != nullptr); ENVOY_LOG(trace, "Resolved address: {} for {}", resp.address_->ip()->addressAsString(), ctx.query_rec->name_); ctx.resolved_hosts.emplace_back(std::move(resp.address_)); } } // Invoke the filter callback notifying it of resolved addresses invokeCallback(ctx); }); } void DnsFilterResolver::onResolveTimeout() { const uint64_t now = std::chrono::duration_cast( dispatcher_.timeSource().systemTime().time_since_epoch()) .count(); ENVOY_LOG(trace, "Pending queries: {}", lookups_.size()); // Find an outstanding pending query and purge it for (auto& ctx_iter : lookups_) { if (ctx_iter.second.expiry <= now && ctx_iter.second.resolver_status == DnsFilterResolverStatus::Pending) { auto ctx = std::move(ctx_iter.second); ENVOY_LOG(trace, "Purging expired query: {}", ctx_iter.first->name_); ctx.query_context->resolution_status_ = Network::DnsResolver::ResolutionStatus::Failure; lookups_.erase(ctx_iter.first); callback_(std::move(ctx.query_context), ctx.query_rec, ctx.resolved_hosts); return; } } } } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter_resolver.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/network/dns.h" #include "extensions/filters/udp/dns_filter/dns_parser.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { enum class DnsFilterResolverStatus { Pending, Complete, TimedOut }; /* * This class encapsulates the logic of handling an asynchronous DNS request for the DNS filter. * External request timeouts are handled here. */ class DnsFilterResolver : Logger::Loggable { public: DnsFilterResolver(DnsFilterResolverCallback& callback, AddressConstPtrVec resolvers, std::chrono::milliseconds timeout, Event::Dispatcher& dispatcher, uint64_t max_pending_lookups) : timeout_(timeout), dispatcher_(dispatcher), resolver_(dispatcher.createDnsResolver(resolvers, false /* use_tcp_for_dns_lookups */)), callback_(callback), max_pending_lookups_(max_pending_lookups) {} /** * @brief entry point to resolve the name in a DnsQueryRecord * * This function uses the query object to determine whether it is requesting an A or AAAA record * for the given name. When the resolver callback executes, this will execute a DNS Filter * callback in order to build the answer object returned to the client. * * @param domain_query the query record object containing the name for which we are resolving */ void resolveExternalQuery(DnsQueryContextPtr context, const DnsQueryRecord* domain_query); private: struct LookupContext { const DnsQueryRecord* query_rec; DnsQueryContextPtr query_context; uint64_t expiry; AddressConstPtrVec resolved_hosts; DnsFilterResolverStatus resolver_status; Event::TimerPtr timeout_timer; }; /** * @brief invokes the DNS Filter callback only if our state indicates we have not timed out * waiting for a response from the external resolver */ void invokeCallback(LookupContext& context) { // If we've timed out. Guard against sending a response if (context.resolver_status == DnsFilterResolverStatus::Complete) { callback_(std::move(context.query_context), context.query_rec, context.resolved_hosts); } } /** * @brief Invoke the DNS Filter callback to send a response to a client if the query has timed out * DNS Filter will respond to the client appropriately. */ void onResolveTimeout(); std::chrono::milliseconds timeout_; Event::Dispatcher& dispatcher_; const Network::DnsResolverSharedPtr resolver_; DnsFilterResolverCallback& callback_; absl::flat_hash_map lookups_; uint64_t max_pending_lookups_; }; using DnsFilterResolverPtr = std::unique_ptr; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter_utils.cc ================================================ #include "extensions/filters/udp/dns_filter/dns_filter_utils.h" #include #include "envoy/common/platform.h" #include "common/common/empty_string.h" #include "common/common/logger.h" #include "common/network/address_impl.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { namespace Utils { std::string getProtoName(const DnsTable::DnsServiceProtocol& protocol) { std::string proto = protocol.name(); if (proto.empty()) { switch (protocol.number()) { case 6: proto = "tcp"; break; case 17: proto = "udp"; break; default: // For Envoy to resolve a protocol to a name "/etc/protocols" // should exist. This isn't guaranteed. Since most services are // tcp or udp, if we get a different value, return an empty string. proto = EMPTY_STRING; break; } // end switch } return proto; } absl::string_view getServiceFromName(const absl::string_view name) { const size_t offset = name.find_first_of('.'); if (offset != std::string::npos && offset < name.size()) { size_t start = 0; if (name[start] == '_') { return name.substr(++start, offset - 1); } } return EMPTY_STRING; } absl::string_view getProtoFromName(const absl::string_view name) { size_t start = name.find_first_of('.'); if (start != std::string::npos && ++start < name.size() - 1) { if (name[start] == '_') { const size_t offset = name.find_first_of('.', ++start); if (start != std::string::npos && offset < name.size()) { return name.substr(start, offset - start); } } } return EMPTY_STRING; } std::string buildServiceName(const std::string& name, const std::string& proto, const std::string& domain) { std::string result{}; if (name[0] != '_') { result += "_"; } result += name + "."; if (proto[0] != '_') { result += "_"; } result += proto + '.' + domain; return result; } absl::optional getAddressRecordType(const Network::Address::InstanceConstSharedPtr& ipaddr) { if (ipaddr->type() == Network::Address::Type::Ip) { if (ipaddr->ip()->ipv6() != nullptr) { return absl::make_optional(DNS_RECORD_TYPE_AAAA); } else if (ipaddr->ip()->ipv4() != nullptr) { return absl::make_optional(DNS_RECORD_TYPE_A); } } return absl::nullopt; } } // namespace Utils } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_filter_utils.h ================================================ #pragma once #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/network/address.h" #include "extensions/filters/udp/dns_filter/dns_filter_constants.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { namespace Utils { using envoy::data::dns::v3::DnsTable; /** * @brief Returns the protocol name string from the configured protobuf entity */ std::string getProtoName(const DnsTable::DnsServiceProtocol& protocol); /** * @brief Extracts the service name from the fully qualified service name. The leading underscore * is discarded from the output */ absl::string_view getServiceFromName(const absl::string_view name); /** * @brief Extracts the protocol name from the fully qualified service name. The leading underscore * is discarded from the output */ absl::string_view getProtoFromName(const absl::string_view name); /** * @brief Construct the full service name, including underscores, from the name, protocol and * domain fields. * * A DNS service record name must have the protocol and name labels begin with underscores. This * function validates the input fields and concatenates them to form the full name */ std::string buildServiceName(const std::string& name, const std::string& proto, const std::string& domain); absl::optional getAddressRecordType(const Network::Address::InstanceConstSharedPtr& ipaddr); } // namespace Utils } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_parser.cc ================================================ #include "extensions/filters/udp/dns_filter/dns_parser.h" #include "envoy/network/address.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "extensions/filters/udp/dns_filter/dns_filter_utils.h" #include "ares.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { bool BaseDnsRecord::serializeSpecificName(Buffer::OwnedImpl& output, const absl::string_view name) { // Iterate over a name e.g. "www.domain.com" once and produce a buffer containing each name // segment prefixed by its length static constexpr char SEPARATOR = '.'; // Names are restricted to 255 bytes per RFC if (name.size() > MAX_NAME_LENGTH) { return false; } size_t last = 0; size_t count = name.find_first_of(SEPARATOR); auto iter = name.begin(); while (count != std::string::npos) { if ((count - last) > MAX_LABEL_LENGTH) { return false; } count -= last; output.writeBEInt(count); for (size_t i = 0; i < count; i++) { output.writeByte(*iter); ++iter; } // periods are not serialized. Skip to the next character if (*iter == SEPARATOR) { ++iter; } // Move our last marker to the first position after where we stopped. Search for the next name // separator last += count; count = name.find_first_of(SEPARATOR, ++last); } // Write the remaining segment prepended by its length count = name.size() - last; output.writeBEInt(count); for (size_t i = 0; i < count; i++) { output.writeByte(*iter++); } // Terminate the name record with a null byte output.writeByte(0x00); return true; } bool BaseDnsRecord::serializeName(Buffer::OwnedImpl& output) { return serializeSpecificName(output, name_); } // Serialize a DNS Query Record bool DnsQueryRecord::serialize(Buffer::OwnedImpl& output) { if (serializeName(output)) { output.writeBEInt(type_); output.writeBEInt(class_); } return (output.length() > 0); } // Serialize a single DNS Answer Record bool DnsAnswerRecord::serialize(Buffer::OwnedImpl& output) { if (serializeName(output)) { output.writeBEInt(type_); output.writeBEInt(class_); output.writeBEInt(static_cast(ttl_.count())); ASSERT(ip_addr_ != nullptr); const auto ip_address = ip_addr_->ip(); ASSERT(ip_address != nullptr); if (ip_address->ipv6() != nullptr) { // Store the 128bit address with 2 64 bit writes const absl::uint128 addr6 = ip_address->ipv6()->address(); output.writeBEInt(sizeof(addr6)); output.writeLEInt(absl::Uint128Low64(addr6)); output.writeLEInt(absl::Uint128High64(addr6)); } else if (ip_address->ipv4() != nullptr) { output.writeBEInt(4); output.writeLEInt(ip_address->ipv4()->address()); } } return (output.length() > 0); } bool DnsSrvRecord::serialize(Buffer::OwnedImpl& output) { if (!targets_.empty()) { // The Service Record being serialized should have only one target const auto& target = targets_.begin(); Buffer::OwnedImpl target_buf{}; if (serializeSpecificName(target_buf, target->first) && serializeName(output)) { output.writeBEInt(type_); output.writeBEInt(class_); output.writeBEInt(static_cast(ttl_.count())); const uint16_t data_length = sizeof(target->second.priority) + sizeof(target->second.weight) + sizeof(target->second.port) + target_buf.length(); output.writeBEInt(data_length); output.writeBEInt(target->second.priority); output.writeBEInt(target->second.weight); output.writeBEInt(target->second.port); output.move(target_buf); } } return (output.length() > 0); } void DnsSrvRecord::addTarget(const absl::string_view target, const DnsTargetAttributes& attrs) { targets_.emplace(std::make_pair(std::string(target), attrs)); } DnsQueryContextPtr DnsMessageParser::createQueryContext(Network::UdpRecvData& client_request, DnsParserCounters& counters) { DnsQueryContextPtr query_context = std::make_unique( client_request.addresses_.local_, client_request.addresses_.peer_, counters, retry_count_); query_context->parse_status_ = parseDnsObject(query_context, client_request.buffer_); if (!query_context->parse_status_) { query_context->response_code_ = DNS_RESPONSE_CODE_FORMAT_ERROR; ENVOY_LOG(debug, "Unable to parse query buffer from '{}' into a DNS object", client_request.addresses_.peer_->ip()->addressAsString()); } return query_context; } bool DnsMessageParser::parseDnsObject(DnsQueryContextPtr& context, const Buffer::InstancePtr& buffer) { static constexpr uint64_t field_size = sizeof(uint16_t); size_t available_bytes = buffer->length(); uint64_t offset = 0; uint16_t data; bool done = false; DnsQueryParseState state{DnsQueryParseState::Init}; header_ = {}; do { // Ensure that we have enough data remaining in the buffer to parse the query if (available_bytes < field_size) { context->counters_.underflow_counter.inc(); ENVOY_LOG(debug, "Exhausted available bytes in the buffer. Insufficient data to parse query field."); return false; } // Each aggregate DNS header field is 2 bytes wide. data = buffer->peekBEInt(offset); offset += field_size; available_bytes -= field_size; switch (state) { case DnsQueryParseState::Init: header_.id = data; state = DnsQueryParseState::Flags; break; case DnsQueryParseState::Flags: ::memcpy(static_cast(&header_.flags), &data, field_size); state = DnsQueryParseState::Questions; break; case DnsQueryParseState::Questions: header_.questions = data; state = DnsQueryParseState::Answers; break; case DnsQueryParseState::Answers: header_.answers = data; state = DnsQueryParseState::Authority; break; case DnsQueryParseState::Authority: header_.authority_rrs = data; state = DnsQueryParseState::Authority2; break; case DnsQueryParseState::Authority2: header_.additional_rrs = data; done = true; break; } } while (!done); if (!header_.flags.qr && header_.answers) { ENVOY_LOG(debug, "Answer records present in query"); return false; } if (header_.questions != 1) { context->response_code_ = DNS_RESPONSE_CODE_FORMAT_ERROR; ENVOY_LOG(debug, "Unexpected number [{}] of questions in DNS query", header_.questions); return false; } context->id_ = static_cast(header_.id); if (context->id_ == 0) { ENVOY_LOG(debug, "No ID in DNS query"); return false; } // Almost always, we will have only one query here. Per the RFC, QDCOUNT is usually 1 context->queries_.reserve(header_.questions); for (auto index = 0; index < header_.questions; index++) { ENVOY_LOG(trace, "Parsing [{}/{}] questions", index, header_.questions); auto rec = parseDnsQueryRecord(buffer, offset); if (rec == nullptr) { context->counters_.query_parsing_failure.inc(); ENVOY_LOG(debug, "Couldn't parse query record from buffer"); return false; } context->queries_.push_back(std::move(rec)); } // From RFC 1035 // 4.1.3. Resource record format // // The answer, authority, and additional sections all share the same format: a variable number of // resource records, where the number of records is specified in the corresponding count field in // the header. // Parse Answer Records and Additional Resource Records. This is primarily used for tests // to validate the response generated by the filter if (header_.answers && !parseAnswerRecords(context->answers_, header_.answers, buffer, offset)) { return false; } if (header_.authority_rrs) { // We are not generating these in the filter and don't have a use for them at the moment. // If they exist, we will not parse them and return an error to the client since they appear // between the answers and additional resource records in the buffer. We return true so that // the proper status code is sent to the client context->response_code_ = DNS_RESPONSE_CODE_NOT_IMPLEMENTED; return true; } if (header_.additional_rrs) { // We may encounter additional resource records that we do not support. Since the filter // operates on queries, we can skip any additional records that we cannot parse since // they will not affect responses. parseAnswerRecords(context->additional_, header_.additional_rrs, buffer, offset); } return true; } bool DnsMessageParser::parseAnswerRecords(DnsAnswerMap& answers, const uint16_t answer_count, const Buffer::InstancePtr& buffer, uint64_t& offset) { answers.reserve(answer_count); for (auto index = 0; index < answer_count; index++) { ENVOY_LOG(trace, "Parsing [{}/{}] answers", index, answer_count); auto rec = parseDnsAnswerRecord(buffer, offset); if (rec == nullptr) { ENVOY_LOG(debug, "Couldn't parse answer record from buffer"); return false; } const std::string name = rec->name_; answers.emplace(name, std::move(rec)); } return true; } const std::string DnsMessageParser::parseDnsNameRecord(const Buffer::InstancePtr& buffer, uint64_t& available_bytes, uint64_t& name_offset) { void* buf = buffer->linearize(static_cast(buffer->length())); const unsigned char* linearized_data = static_cast(buf); const unsigned char* record = linearized_data + name_offset; long encoded_len; char* output; const int result = ares_expand_name(record, linearized_data, buffer->length(), &output, &encoded_len); if (result != ARES_SUCCESS) { return EMPTY_STRING; } std::string name(output); ares_free_string(output); name_offset += encoded_len; available_bytes -= encoded_len; return name; } DnsAnswerRecordPtr DnsMessageParser::parseDnsARecord(DnsAnswerCtx& ctx) { Network::Address::InstanceConstSharedPtr ip_addr = nullptr; switch (ctx.record_type_) { case DNS_RECORD_TYPE_A: if (ctx.available_bytes_ >= sizeof(uint32_t)) { sockaddr_in sa4; sa4.sin_addr.s_addr = ctx.buffer_->peekLEInt(ctx.offset_); ip_addr = std::make_shared(&sa4); ctx.offset_ += ctx.data_length_; } break; case DNS_RECORD_TYPE_AAAA: if (ctx.available_bytes_ >= sizeof(absl::uint128)) { sockaddr_in6 sa6; uint8_t* address6_bytes = reinterpret_cast(&sa6.sin6_addr.s6_addr); static constexpr size_t count = sizeof(absl::uint128) / sizeof(uint8_t); for (size_t index = 0; index < count; index++) { *address6_bytes++ = ctx.buffer_->peekLEInt(ctx.offset_++); } ip_addr = std::make_shared(sa6, true); } break; } if (ip_addr == nullptr) { ENVOY_LOG(debug, "No IP parsed from an A or AAAA record"); return nullptr; } ENVOY_LOG(trace, "Parsed address [{}] from record type [{}]: offset {}", ip_addr->ip()->addressAsString(), ctx.record_type_, ctx.offset_); return std::make_unique(ctx.record_name_, ctx.record_type_, ctx.record_class_, std::chrono::seconds(ctx.ttl_), std::move(ip_addr)); } DnsSrvRecordPtr DnsMessageParser::parseDnsSrvRecord(DnsAnswerCtx& ctx) { uint64_t data_length = ctx.data_length_; if (data_length < 3 * sizeof(uint16_t)) { ENVOY_LOG(debug, "Insufficient data for reading a complete SRV answer record"); return nullptr; } uint64_t available_bytes = ctx.buffer_->length() - ctx.offset_; if (available_bytes < data_length) { ENVOY_LOG(debug, "No data left in buffer for reading SRV answer record"); return nullptr; } DnsSrvRecord::DnsTargetAttributes attrs{}; attrs.priority = ctx.buffer_->peekBEInt(ctx.offset_); ctx.offset_ += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); attrs.weight = ctx.buffer_->peekBEInt(ctx.offset_); ctx.offset_ += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); attrs.port = ctx.buffer_->peekBEInt(ctx.offset_); ctx.offset_ += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); const std::string target_name = parseDnsNameRecord(ctx.buffer_, available_bytes, ctx.offset_); const absl::string_view proto = Utils::getProtoFromName(ctx.record_name_); if (!proto.empty() && !target_name.empty()) { auto srv_record = std::make_unique(ctx.record_name_, proto, std::chrono::seconds(ctx.ttl_)); srv_record->addTarget(target_name, attrs); return srv_record; } return nullptr; } DnsAnswerRecordPtr DnsMessageParser::parseDnsAnswerRecord(const Buffer::InstancePtr& buffer, uint64_t& offset) { uint64_t available_bytes = buffer->length() - offset; const std::string record_name = parseDnsNameRecord(buffer, available_bytes, offset); if (record_name.empty()) { ENVOY_LOG(debug, "Unable to parse name record from buffer"); return nullptr; } if (available_bytes < (sizeof(uint32_t) + 3 * sizeof(uint16_t))) { ENVOY_LOG(debug, "Insufficient data in buffer to read answer record data." "Available bytes: {}", available_bytes); return nullptr; } // Parse the record type uint16_t record_type; record_type = buffer->peekBEInt(offset); offset += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); // TODO(abaptiste): Support Extension Mechanisms for DNS (RFC2671) // // We may see optional records indicating DNS extension support. We need to skip // these records until we have proper support. Encountering one of these records // does not indicate a failure. We support A, AAAA and SRV record types if (record_type != DNS_RECORD_TYPE_A && record_type != DNS_RECORD_TYPE_AAAA && record_type != DNS_RECORD_TYPE_SRV) { ENVOY_LOG(debug, "Unsupported record type [{}] found in answer", record_type); return nullptr; } // Parse the record class uint16_t record_class; record_class = buffer->peekBEInt(offset); offset += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); // We support only IN record classes if (record_class != DNS_RECORD_CLASS_IN) { ENVOY_LOG(debug, "Unsupported record class [{}] found in answer", record_class); return nullptr; } // Read the record's TTL uint32_t ttl; ttl = buffer->peekBEInt(offset); offset += sizeof(uint32_t); available_bytes -= sizeof(uint32_t); // Parse the Data Length and address data record uint16_t data_length; data_length = buffer->peekBEInt(offset); offset += sizeof(uint16_t); available_bytes -= sizeof(uint16_t); if (data_length == 0) { ENVOY_LOG(debug, "Read zero for data length when reading address from answer record"); return nullptr; } auto ctx = DnsAnswerCtx(buffer, record_name, record_type, record_class, available_bytes, data_length, ttl, offset); switch (record_type) { case DNS_RECORD_TYPE_A: case DNS_RECORD_TYPE_AAAA: return parseDnsARecord(ctx); case DNS_RECORD_TYPE_SRV: return parseDnsSrvRecord(ctx); default: ENVOY_LOG(debug, "Unsupported record type [{}] found in answer", record_type); return nullptr; } } DnsQueryRecordPtr DnsMessageParser::parseDnsQueryRecord(const Buffer::InstancePtr& buffer, uint64_t& offset) { uint64_t available_bytes = buffer->length() - offset; // This is the minimum data length needed to parse a name [length, value, null byte] if (available_bytes < MIN_QUERY_NAME_LENGTH) { ENVOY_LOG(debug, "No available data in buffer to parse a query record"); return nullptr; } const std::string record_name = parseDnsNameRecord(buffer, available_bytes, offset); if (record_name.empty()) { ENVOY_LOG(debug, "Unable to parse name record from buffer [length {}]", buffer->length()); return nullptr; } // After reading the name we should have data for the record type and class if (available_bytes < 2 * sizeof(uint16_t)) { ENVOY_LOG(debug, "Insufficient data in buffer to read query record type and class. " "Available bytes: {}", available_bytes); return nullptr; } // Read the record type uint16_t record_type; record_type = buffer->peekBEInt(offset); offset += sizeof(record_type); // Read the record class. This value is always 1 for internet address records uint16_t record_class; record_class = buffer->peekBEInt(offset); offset += sizeof(record_class); if (record_class != DNS_RECORD_CLASS_IN) { ENVOY_LOG(debug, "Unsupported record class '{}' in address record", record_class); return nullptr; } auto rec = std::make_unique(record_name, record_type, record_class); rec->query_time_ms_ = std::make_unique( query_latency_histogram_, timesource_); ENVOY_LOG(trace, "Extracted query record. Name: {} type: {} class: {}", record_name, record_type, record_class); return rec; } void DnsMessageParser::setDnsResponseFlags(DnsQueryContextPtr& query_context, const uint16_t questions, const uint16_t answers, const uint16_t authority_rrs, const uint16_t additional_rrs) { // Copy the transaction ID response_header_.id = header_.id; // Signify that this is a response to a query response_header_.flags.qr = 1; response_header_.flags.opcode = header_.flags.opcode; response_header_.flags.aa = 0; response_header_.flags.tc = 0; // Copy Recursion flags response_header_.flags.rd = header_.flags.rd; // Set the recursion flag based on whether Envoy is configured to forward queries response_header_.flags.ra = recursion_available_; // reserved flag is not set response_header_.flags.z = 0; // Set the authenticated flags to zero response_header_.flags.ad = 0; response_header_.flags.cd = 0; response_header_.answers = answers; response_header_.flags.rcode = query_context->response_code_; // Set the number of questions from the incoming query response_header_.questions = questions; response_header_.authority_rrs = authority_rrs; response_header_.additional_rrs = additional_rrs; } bool DnsMessageParser::createAndStoreDnsAnswerRecord( const absl::string_view name, const uint16_t rec_type, const uint16_t rec_class, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr, DnsAnswerMap& collection) { // Verify that we have an address matching the query record type switch (rec_type) { case DNS_RECORD_TYPE_AAAA: if (ipaddr->ip()->ipv6() == nullptr) { ENVOY_LOG(debug, "Unable to return IPV6 address for query"); return false; } break; case DNS_RECORD_TYPE_A: if (ipaddr->ip()->ipv4() == nullptr) { ENVOY_LOG(debug, "Unable to return IPV4 address for query"); return false; } break; } auto answer_record = std::make_unique(name, rec_type, rec_class, ttl, std::move(ipaddr)); collection.emplace(std::string(name), std::move(answer_record)); return true; } bool DnsMessageParser::storeDnsAdditionalRecord(DnsQueryContextPtr& context, const absl::string_view name, const uint16_t rec_type, const uint16_t rec_class, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr) { return createAndStoreDnsAnswerRecord(name, rec_type, rec_class, ttl, std::move(ipaddr), context->additional_); } bool DnsMessageParser::storeDnsAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr) { return createAndStoreDnsAnswerRecord(query_rec.name_, query_rec.type_, query_rec.class_, ttl, std::move(ipaddr), context->answers_); } void DnsMessageParser::addNewDnsSrvAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, DnsSrvRecordPtr service) { RELEASE_ASSERT(query_rec.class_ == DNS_RECORD_CLASS_IN, "Unsupported DNS Record Class in record"); if (query_rec.type_ == DNS_RECORD_TYPE_SRV) { context->answers_.emplace(query_rec.name_, std::move(service)); } } void DnsMessageParser::storeDnsSrvAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, const DnsSrvRecordPtr& service) { if (query_rec.type_ == DNS_RECORD_TYPE_SRV) { ENVOY_LOG(trace, "storing answer record type [{}] for {}", query_rec.type_, query_rec.name_); auto srv_record = std::make_unique(*service); addNewDnsSrvAnswerRecord(context, query_rec, std::move(srv_record)); } } void DnsMessageParser::setResponseCode(DnsQueryContextPtr& context, const uint16_t serialized_queries, const uint16_t serialized_answers) { // Do not change the response returned to the client if the following errors have // already been set if (context->response_code_ == DNS_RESPONSE_CODE_FORMAT_ERROR || context->response_code_ == DNS_RESPONSE_CODE_NOT_IMPLEMENTED) { return; } // Check for unsupported request types for (const auto& query : context->queries_) { switch (query->type_) { case DNS_RECORD_TYPE_A: case DNS_RECORD_TYPE_AAAA: case DNS_RECORD_TYPE_SRV: break; default: context->response_code_ = DNS_RESPONSE_CODE_NOT_IMPLEMENTED; return; } } // Output validation if (serialized_queries == 0) { context->response_code_ = DNS_RESPONSE_CODE_FORMAT_ERROR; return; } if (serialized_answers == 0) { context->response_code_ = DNS_RESPONSE_CODE_NAME_ERROR; return; } context->response_code_ = DNS_RESPONSE_CODE_NO_ERROR; } void DnsMessageParser::buildResponseBuffer(DnsQueryContextPtr& query_context, Buffer::OwnedImpl& buffer) { // Each response must have DNS flags, which spans 4 bytes. Account for them immediately so // that we can adjust the number of returned answers to remain under the limit size_t total_buffer_size = sizeof(DnsHeaderFlags); uint16_t touched_answers = 0; uint16_t serialized_answers = 0; uint16_t serialized_queries = 0; uint16_t serialized_authority_rrs = 0; uint16_t serialized_additional_rrs = 0; Buffer::OwnedImpl query_buffer{}; Buffer::OwnedImpl answer_buffer{}; Buffer::OwnedImpl addl_rec_buffer{}; ENVOY_LOG(trace, "Building response for query ID [{}]", query_context->id_); for (const auto& query : query_context->queries_) { if (!query->serialize(query_buffer)) { ENVOY_LOG(debug, "Unable to serialize query record for {}", query->name_); continue; } // Serialize and account for each query's size. That said, there should be only one query. ++serialized_queries; total_buffer_size += query_buffer.length(); const auto& answers = query_context->answers_; if (answers.empty()) { continue; } // Serialize the additional records in parallel with the answers to ensure consistent // records const auto& additional_rrs = query_context->additional_; const size_t num_answers = answers.size(); // Randomize the starting index if we have more than 8 records size_t index = num_answers > MAX_RETURNED_RECORDS ? rng_.random() % num_answers : 0; while (serialized_answers < num_answers && touched_answers < num_answers) { const auto answer = std::next(answers.begin(), (index++ % num_answers)); ++touched_answers; // Query names are limited to 255 characters. Since we are using c-ares to decode the // encoded query names, we should not end up with a non-conforming name here. // // See Section 2.3.4 of https://tools.ietf.org/html/rfc1035 RELEASE_ASSERT(query->name_.size() < MAX_NAME_LENGTH, "Query name is too large for serialization"); // Serialize answer records whose names and types match the query if (answer->first == query->name_ && answer->second->type_ == query->type_) { // Ensure that we can serialize the answer and the corresponding SRV additional // record together. // It is still possible that there may be more additional records than those referenced // by the answers. However, each serialized answer will have an accompanying additional // record for the host. if (query->type_ == DNS_RECORD_TYPE_SRV) { const DnsSrvRecord* srv_rec = dynamic_cast(answer->second.get()); const auto& target = srv_rec->targets_.begin(); const auto& rr = additional_rrs.find(target->first); if (rr != additional_rrs.end()) { Buffer::OwnedImpl serialized_rr{}; // If serializing the additional record fails, skip serializing the answer record if (!rr->second->serialize(serialized_rr)) { ENVOY_LOG(debug, "Unable to serialize answer record for {}", query->name_); continue; } total_buffer_size += serialized_rr.length(); addl_rec_buffer.add(serialized_rr); ++serialized_additional_rrs; } } // Now we serialize the answer record. We check the length of the serialized // data to ensure we don't exceed the DNS response limit Buffer::OwnedImpl serialized_answer; if (!answer->second->serialize(serialized_answer)) { ENVOY_LOG(debug, "Unable to serialize answer record for {}", query->name_); continue; } total_buffer_size += serialized_answer.length(); if (total_buffer_size > MAX_DNS_RESPONSE_SIZE) { break; } answer_buffer.add(serialized_answer); if (++serialized_answers == MAX_RETURNED_RECORDS) { break; } } } } setResponseCode(query_context, serialized_queries, serialized_answers); setDnsResponseFlags(query_context, serialized_queries, serialized_answers, serialized_authority_rrs, serialized_additional_rrs); // Build the response buffer for transmission to the client buffer.writeBEInt(response_header_.id); uint16_t flags; ::memcpy(&flags, static_cast(&response_header_.flags), sizeof(uint16_t)); buffer.writeBEInt(flags); buffer.writeBEInt(response_header_.questions); buffer.writeBEInt(response_header_.answers); buffer.writeBEInt(response_header_.authority_rrs); buffer.writeBEInt(response_header_.additional_rrs); // write the queries and answers buffer.move(query_buffer); buffer.move(answer_buffer); buffer.move(addl_rec_buffer); } } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/dns_filter/dns_parser.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" #include "envoy/common/random_generator.h" #include "envoy/network/address.h" #include "envoy/network/dns.h" #include "envoy/network/listener.h" #include "common/buffer/buffer_impl.h" #include "common/common/empty_string.h" #include "common/runtime/runtime_impl.h" #include "common/stats/timespan_impl.h" #include "extensions/filters/udp/dns_filter/dns_filter_constants.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace DnsFilter { /** * BaseDnsRecord contains the fields and functions common to both query and answer records. */ class BaseDnsRecord { public: BaseDnsRecord(const absl::string_view rec_name, const uint16_t rec_type, const uint16_t rec_class) : name_(rec_name), type_(rec_type), class_(rec_class) {} virtual ~BaseDnsRecord() = default; bool serializeName(Buffer::OwnedImpl& output); virtual bool serialize(Buffer::OwnedImpl& output) PURE; const std::string name_; const uint16_t type_; const uint16_t class_; protected: bool serializeSpecificName(Buffer::OwnedImpl& output, const absl::string_view name); }; /** * DnsQueryRecord represents a query record parsed from a DNS request from a client. Each query * record contains the domain requested and the flags dictating the type of record that is sought. */ class DnsQueryRecord : public BaseDnsRecord { public: DnsQueryRecord(const absl::string_view rec_name, const uint16_t rec_type, const uint16_t rec_class) : BaseDnsRecord(rec_name, rec_type, rec_class) {} bool serialize(Buffer::OwnedImpl& output) override; std::unique_ptr query_time_ms_; }; using DnsQueryRecordPtr = std::unique_ptr; using DnsQueryPtrVec = std::vector; using AddressConstPtrVec = std::vector; /** * DnsAnswerRecord represents a single answer record for a name that is to be serialized and sent to * a client. This class differs from the BaseDnsRecord and DnsQueryRecord because it contains * additional fields for the TTL and address. */ class DnsAnswerRecord : public BaseDnsRecord { public: DnsAnswerRecord(const absl::string_view query_name, const uint16_t rec_type, const uint16_t rec_class, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr) : BaseDnsRecord(query_name, rec_type, rec_class), ttl_(ttl), ip_addr_(ipaddr) {} bool serialize(Buffer::OwnedImpl& output) override; const std::chrono::seconds ttl_; const Network::Address::InstanceConstSharedPtr ip_addr_; }; using DnsAnswerRecordPtr = std::unique_ptr; using DnsAnswerMap = std::unordered_multimap; /** * DnsSrvRecord represents a single answer record for a service which is to be serialized and * sent to a client. This class inherits core fields from DnsAnswerRecord and adds new fields * inherent to DNS service records */ class DnsSrvRecord : public DnsAnswerRecord { public: DnsSrvRecord(const absl::string_view service_name, const absl::string_view proto, const std::chrono::seconds ttl, const uint16_t rec_type = DNS_RECORD_TYPE_SRV, const uint16_t rec_class = DNS_RECORD_CLASS_IN) : DnsAnswerRecord(service_name, rec_type, rec_class, ttl, nullptr), proto_(proto) {} // Copy Constructor DnsSrvRecord(const DnsSrvRecord& other) : DnsAnswerRecord(other.name_, other.type_, other.class_, other.ttl_, nullptr), proto_(other.proto_) { for (const auto& entry : other.targets_) { addTarget(entry.first, entry.second); } } struct DnsTargetAttributes { uint16_t priority; uint16_t weight; uint16_t port; bool is_cluster; }; bool serialize(Buffer::OwnedImpl& output) override; void addTarget(const absl::string_view target, const DnsTargetAttributes& attrs); std::string proto_; absl::flat_hash_map targets_; }; using DnsSrvRecordPtr = std::unique_ptr; // Store the server record with the full service name as the key to the service config. For // each service there can be multiple configs for a given service name. The service can be // weighted to distribute connections to multiple hosts, etc. using DnsSrvRecordPtrVec = std::vector; /** * @brief This struct is used to hold pointers to the counters that are relevant to the * parser. This is done to prevent dependency loops between the parser and filter headers */ struct DnsParserCounters { Stats::Counter& underflow_counter; Stats::Counter& record_name_overflow; Stats::Counter& query_parsing_failure; DnsParserCounters(Stats::Counter& underflow, Stats::Counter& record_name, Stats::Counter& query_parsing) : underflow_counter(underflow), record_name_overflow(record_name), query_parsing_failure(query_parsing) {} }; /** * DnsQueryContext contains all the data necessary for responding to a query from a given client. */ class DnsQueryContext { public: DnsQueryContext(Network::Address::InstanceConstSharedPtr local, Network::Address::InstanceConstSharedPtr peer, DnsParserCounters& counters, uint64_t retry_count) : local_(std::move(local)), peer_(std::move(peer)), counters_(counters), parse_status_(false), response_code_(DNS_RESPONSE_CODE_NO_ERROR), retry_(retry_count) {} const Network::Address::InstanceConstSharedPtr local_; const Network::Address::InstanceConstSharedPtr peer_; DnsParserCounters& counters_; bool parse_status_; uint16_t response_code_; uint64_t retry_; uint16_t id_; Network::DnsResolver::ResolutionStatus resolution_status_; DnsQueryPtrVec queries_; DnsAnswerMap answers_; DnsAnswerMap additional_; bool in_callback_; }; using DnsQueryContextPtr = std::unique_ptr; using DnsFilterResolverCallback = std::function; /** * This class orchestrates parsing a DNS query and building the response to be sent to a client. */ class DnsMessageParser : public Logger::Loggable { public: enum class DnsQueryParseState { Init, Flags, // 2 bytes Questions, // 2 bytes Answers, // 2 bytes Authority, // 2 bytes Authority2 // 2 bytes }; // The flags have been verified with dig and this structure should not be modified. The flag // order here does not match the RFC, but takes byte ordering into account so that serialization // does not bitwise operations. PACKED_STRUCT(struct DnsHeaderFlags { unsigned rcode : 4; // return code unsigned cd : 1; // checking disabled unsigned ad : 1; // authenticated data unsigned z : 1; // z - bit (must be zero in queries per RFC1035) unsigned ra : 1; // recursion available unsigned rd : 1; // recursion desired unsigned tc : 1; // truncated response unsigned aa : 1; // authoritative answer unsigned opcode : 4; // operation code unsigned qr : 1; // query or response }); /** * Structure representing the DNS header as it appears in a packet * See https://www.ietf.org/rfc/rfc1035.txt for more details */ PACKED_STRUCT(struct DnsHeader { uint16_t id; struct DnsHeaderFlags flags; uint16_t questions; uint16_t answers; uint16_t authority_rrs; uint16_t additional_rrs; }); DnsMessageParser(bool recurse, TimeSource& timesource, uint64_t retry_count, Random::RandomGenerator& random, Stats::Histogram& latency_histogram) : recursion_available_(recurse), timesource_(timesource), retry_count_(retry_count), query_latency_histogram_(latency_histogram), rng_(random) {} /** * @brief Builds an Answer record for the active query. The active query transaction ID is at * the top of a queue. This ID is sufficient enough to determine the answer records associated * with the query */ DnsAnswerRecordPtr getResponseForQuery(); /** * @param buffer the buffer containing the constructed DNS response to be sent to a client */ void buildResponseBuffer(DnsQueryContextPtr& query_context, Buffer::OwnedImpl& buffer); /** * @brief parse a single query record from a client request * * @param buffer a reference to the incoming request object received by the listener * @param offset the buffer offset at which parsing is to begin. This parameter is updated when * one record is parsed from the buffer and returned to the caller. * @return DnsQueryRecordPtr a pointer to a DnsQueryRecord object containing all query data * parsed from the buffer */ DnsQueryRecordPtr parseDnsQueryRecord(const Buffer::InstancePtr& buffer, uint64_t& offset); struct DnsAnswerCtx { DnsAnswerCtx(const Buffer::InstancePtr& buffer, const absl::string_view record_name, const uint16_t record_type, const uint16_t record_class, const uint16_t available_bytes, const uint16_t data_length, const uint32_t ttl, uint64_t& offset) : buffer_(buffer), record_name_(record_name), record_type_(record_type), record_class_(record_class), available_bytes_(available_bytes), data_length_(data_length), ttl_(ttl), offset_(offset) {} const Buffer::InstancePtr& buffer_; const std::string record_name_; const uint16_t record_type_; const uint16_t record_class_; const uint16_t available_bytes_; const uint16_t data_length_; const uint32_t ttl_; uint64_t& offset_; }; /** * @brief parse an A or AAAA DNS Record * * @param context the query context for which we are generating a response * @return DnsAnswerRecordPtr a pointer to a DnsAnswerRecord object containing the parsed answer * record */ DnsAnswerRecordPtr parseDnsARecord(DnsAnswerCtx& context); /** * @brief parse a Server Selection (SRV) DNS Record * * @param context the query context for which we are generating a response * @return DnsSrvRecordPtr a pointer to a DnsSrvRecord object containing the parsed server record */ DnsSrvRecordPtr parseDnsSrvRecord(DnsAnswerCtx& context); /** * @brief parse a single answer record from a client request or filter response * * @param buffer a reference to a buffer containing a DNS request or response * @param offset the buffer offset at which parsing is to begin. This parameter is updated when * one record is parsed from the buffer and returned to the caller. * @return DnsQueryRecordPtr a pointer to a DnsAnswerRecord object containing all query and answer * data parsed from the buffer */ DnsAnswerRecordPtr parseDnsAnswerRecord(const Buffer::InstancePtr& buffer, uint64_t& offset); /** * @brief Parse answer records using a single function. Answer records follow a common format * so one function will suffice for reading them. * * @param answers a reference to the map containing the parsed records * @param answer_count the indicated number of records we expect parsed from the request header * @param buffer a reference to a buffer containing a DNS request or response * @param offset a reference to an index into the buffer indicating the position where reading may * begin */ bool parseAnswerRecords(DnsAnswerMap& answers, const uint16_t answer_count, const Buffer::InstancePtr& buffer, uint64_t& offset); /** * @brief store Answer Records in the supplied collection after validating the record type * * @param name the name of the record being stored * @param rec_type the type of the record being stored * @param rec_class the class of the record being stored * @param ttl the Time-to-live of the record being stored * @param ipaddr the ip of the record being stored. In the case of SRV records, this is * @param collection the destination for the new answer record being created */ bool createAndStoreDnsAnswerRecord(const absl::string_view name, const uint16_t rec_type, const uint16_t rec_class, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr, DnsAnswerMap& collection); /** * @brief store Additional Resource Records in a separate collection from DNS answers * * @param context the query context for which we are generating a response * @param name the name of the record being stored * @param rec_type the type of the record being stored * @param rec_class the class of the record being stored * @param ttl the Time-to-live of the record being stored * @param ipaddr the ip of the record being stored. In the case of SRV records, this is * the address of a target node referenced by an SRV record entry */ bool storeDnsAdditionalRecord(DnsQueryContextPtr& context, const absl::string_view name, const uint16_t rec_type, const uint16_t rec_class, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr); /** * @brief Constructs a DNS SRV Answer record for a given service and stores the object in a map * where the response is associated with query name. This creates a new record and uses the * add function above to insert it into the service map * * @param context the query context for which we are generating a response * @param query_rec to which the answer is matched. * @param service the service that is returned in the answer record * @param move_rec move the passed in record to the underlying connection instead of creating a * new object */ void storeDnsSrvAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, const DnsSrvRecordPtr& service); /** * @brief Constructs a DNS Answer record for a given IP Address and stores the object in a map * where the response is associated with query name. * * @param context the query context for which we are generating a response * @param query_rec to which the answer is matched. * @param ttl the TTL specifying how long the returned answer is cached * @param ipaddr the address that is returned in the answer record * @return true if the answer record matches the query type */ bool storeDnsAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, const std::chrono::seconds ttl, Network::Address::InstanceConstSharedPtr ipaddr); /** * @return uint16_t the response code flag value from a parsed dns object */ uint16_t getQueryResponseCode() { return static_cast(header_.flags.rcode); } /** * @brief Parse the incoming query and create a context object for the filter * * @param client_request a structure containing addressing information and the buffer received * from a client */ DnsQueryContextPtr createQueryContext(Network::UdpRecvData& client_request, DnsParserCounters& counters); /** * @param buffer a reference to the incoming request object received by the listener * @return bool true if all DNS records and flags were successfully parsed from the buffer */ bool parseDnsObject(DnsQueryContextPtr& context, const Buffer::InstancePtr& buffer); private: /** * @brief Adds a new DNS SRV Answer record for a given service to the service map * * @param context the query context for which we are generating a response * @param query_rec to which the answer is matched. * @param service the service that is returned in the answer record * @param move_rec move the passed in record to the underlying connection instead of creating a * new object */ void addNewDnsSrvAnswerRecord(DnsQueryContextPtr& context, const DnsQueryRecord& query_rec, DnsSrvRecordPtr service); /** * @brief sets the response code returned to the client * * @param context the query context for which we are generating a response * @param queries specify the number of query records contained in the response * @param answers specify the number of answer records contained in the response */ void setResponseCode(DnsQueryContextPtr& context, const uint16_t serialized_queries, const uint16_t serialized_answers); /** * @brief sets the flags in the DNS header of the response sent to a client * * @param context the query context for which we are generating a response * @param queries specify the number of query records contained in the response * @param answers specify the number of answer records contained in the response * @param authority_rrs specify the number of authority records contained in the response * @param additional_rrs specify the number of additional records contained in the response */ void setDnsResponseFlags(DnsQueryContextPtr& context, const uint16_t questions, const uint16_t answers, const uint16_t authority_rrs, const uint16_t additional_rrs); /** * @brief Extracts a DNS query name from a buffer * * @param buffer the buffer from which the name is extracted * @param available_bytes the size of the remaining bytes in the buffer on which we can operate * @param name_offset the offset from which parsing begins and ends. The updated value is * returned to the caller */ const std::string parseDnsNameRecord(const Buffer::InstancePtr& buffer, uint64_t& available_bytes, uint64_t& name_offset); bool recursion_available_; TimeSource& timesource_; uint64_t retry_count_; Stats::Histogram& query_latency_histogram_; DnsHeader header_; DnsHeader response_header_; Random::RandomGenerator& rng_; }; } // namespace DnsFilter } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "hash_policy_lib", srcs = ["hash_policy_impl.cc"], hdrs = ["hash_policy_impl.h"], deps = [ "//include/envoy/udp:hash_policy_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "@envoy_api//envoy/extensions/filters/udp/udp_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "udp_proxy_filter_lib", srcs = ["udp_proxy_filter.cc"], hdrs = ["udp_proxy_filter.h"], deps = [ ":hash_policy_lib", "//include/envoy/event:file_event_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listener_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/api:os_sys_calls_lib", "//source/common/network:socket_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", "//source/common/upstream:load_balancer_lib", "@envoy_api//envoy/extensions/filters/udp/udp_proxy/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":udp_proxy_filter_lib", "//include/envoy/registry", "//include/envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/udp/udp_proxy/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/filters/udp/udp_proxy/config.cc ================================================ #include "extensions/filters/udp/udp_proxy/config.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { static Registry::RegisterFactory register_; } } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/config.h ================================================ #pragma once #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.validate.h" #include "envoy/server/filter_config.h" #include "extensions/filters/udp/udp_proxy/udp_proxy_filter.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { /** * Config registration for the UDP proxy filter. @see NamedUdpListenerFilterConfigFactory. */ class UdpProxyFilterConfigFactory : public Server::Configuration::NamedUdpListenerFilterConfigFactory { public: // NamedUdpListenerFilterConfigFactory Network::UdpListenerFilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message& config, Server::Configuration::ListenerFactoryContext& context) override { auto shared_config = std::make_shared( context.clusterManager(), context.timeSource(), context.scope(), MessageUtil::downcastAndValidate< const envoy::extensions::filters::udp::udp_proxy::v3::UdpProxyConfig&>( config, context.messageValidationVisitor())); return [shared_config](Network::UdpListenerFilterManager& filter_manager, Network::UdpReadFilterCallbacks& callbacks) -> void { filter_manager.addReadFilter(std::make_unique(callbacks, shared_config)); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return "envoy.filters.udp_listener.udp_proxy"; } }; } // namespace UdpProxy } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/hash_policy_impl.cc ================================================ #include "extensions/filters/udp/udp_proxy/hash_policy_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { class SourceIpHashMethod : public HashPolicyImpl::HashMethod { public: absl::optional evaluate(const Network::Address::Instance& downstream_addr) const override { if (downstream_addr.ip()) { ASSERT(!downstream_addr.ip()->addressAsString().empty()); return HashUtil::xxHash64(downstream_addr.ip()->addressAsString()); } return absl::nullopt; } }; HashPolicyImpl::HashPolicyImpl( const absl::Span& hash_policies) { ASSERT(hash_policies.size() == 1); switch (hash_policies[0]->policy_specifier_case()) { case UdpProxyConfig::HashPolicy::PolicySpecifierCase::kSourceIp: hash_impl_ = std::make_unique(); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } absl::optional HashPolicyImpl::generateHash(const Network::Address::Instance& downstream_addr) const { return hash_impl_->evaluate(downstream_addr); } } // namespace UdpProxy } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/hash_policy_impl.h ================================================ #pragma once #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" #include "envoy/udp/hash_policy.h" #include "common/common/hash.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { using namespace envoy::extensions::filters::udp::udp_proxy::v3; /** * Implementation of HashPolicy that reads from the UDP proxy filter config. */ class HashPolicyImpl : public Udp::HashPolicy { public: explicit HashPolicyImpl(const absl::Span& hash_policies); // Udp::HashPolicy absl::optional generateHash(const Network::Address::Instance& downstream_addr) const override; class HashMethod { public: virtual ~HashMethod() = default; virtual absl::optional evaluate(const Network::Address::Instance& downstream_addr) const PURE; }; using HashMethodPtr = std::unique_ptr; private: HashMethodPtr hash_impl_; }; } // namespace UdpProxy } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/udp_proxy_filter.cc ================================================ #include "extensions/filters/udp/udp_proxy/udp_proxy_filter.h" #include "envoy/network/listener.h" #include "common/network/socket_option_factory.h" namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { UdpProxyFilter::UdpProxyFilter(Network::UdpReadFilterCallbacks& callbacks, const UdpProxyFilterConfigSharedPtr& config) : UdpListenerReadFilter(callbacks), config_(config), cluster_update_callbacks_( config->clusterManager().addThreadLocalClusterUpdateCallbacks(*this)) { Upstream::ThreadLocalCluster* cluster = config->clusterManager().get(config->cluster()); if (cluster != nullptr) { onClusterAddOrUpdate(*cluster); } } void UdpProxyFilter::onClusterAddOrUpdate(Upstream::ThreadLocalCluster& cluster) { if (cluster.info()->name() != config_->cluster()) { return; } ENVOY_LOG(debug, "udp proxy: attaching to cluster {}", cluster.info()->name()); ASSERT(cluster_info_ == absl::nullopt || &cluster_info_.value().cluster_ != &cluster); cluster_info_.emplace(*this, cluster); } void UdpProxyFilter::onClusterRemoval(const std::string& cluster) { if (cluster != config_->cluster()) { return; } ENVOY_LOG(debug, "udp proxy: detaching from cluster {}", cluster); cluster_info_.reset(); } void UdpProxyFilter::onData(Network::UdpRecvData& data) { if (!cluster_info_.has_value()) { config_->stats().downstream_sess_no_route_.inc(); return; } cluster_info_.value().onData(data); } void UdpProxyFilter::onReceiveError(Api::IoError::IoErrorCode) { config_->stats().downstream_sess_rx_errors_.inc(); } UdpProxyFilter::ClusterInfo::ClusterInfo(UdpProxyFilter& filter, Upstream::ThreadLocalCluster& cluster) : filter_(filter), cluster_(cluster), cluster_stats_(generateStats(cluster.info()->statsScope())), member_update_cb_handle_(cluster.prioritySet().addMemberUpdateCb( [this](const Upstream::HostVector&, const Upstream::HostVector& hosts_removed) { for (const auto& host : hosts_removed) { // This is similar to removeSession() but slightly different due to removeSession() // also handling deletion of the host to session map entry if there are no sessions // left. It would be nice to unify the logic but that can be cleaned up later. auto host_sessions_it = host_to_sessions_.find(host.get()); if (host_sessions_it != host_to_sessions_.end()) { for (const auto& session : host_sessions_it->second) { ASSERT(sessions_.count(session) == 1); sessions_.erase(session); } host_to_sessions_.erase(host_sessions_it); } } })) {} UdpProxyFilter::ClusterInfo::~ClusterInfo() { member_update_cb_handle_->remove(); // Sanity check the session accounting. This is not as fast as a straight teardown, but this is // not a performance critical path. while (!sessions_.empty()) { removeSession(sessions_.begin()->get()); } ASSERT(host_to_sessions_.empty()); } void UdpProxyFilter::ClusterInfo::onData(Network::UdpRecvData& data) { const auto active_session_it = sessions_.find(data.addresses_); ActiveSession* active_session; if (active_session_it == sessions_.end()) { if (!cluster_.info() ->resourceManager(Upstream::ResourcePriority::Default) .connections() .canCreate()) { cluster_.info()->stats().upstream_cx_overflow_.inc(); return; } UdpLoadBalancerContext context(filter_.config_->hashPolicy(), data.addresses_.peer_); Upstream::HostConstSharedPtr host = cluster_.loadBalancer().chooseHost(&context); if (host == nullptr) { ENVOY_LOG(debug, "cannot find any valid host. failed to create a session."); cluster_.info()->stats().upstream_cx_none_healthy_.inc(); return; } active_session = createSession(std::move(data.addresses_), host); } else { active_session = active_session_it->get(); if (active_session->host().health() == Upstream::Host::Health::Unhealthy) { // If a host becomes unhealthy, we optimally would like to replace it with a new session // to a healthy host. We may eventually want to make this behavior configurable, but for now // this will be the universal behavior. UdpLoadBalancerContext context(filter_.config_->hashPolicy(), data.addresses_.peer_); Upstream::HostConstSharedPtr host = cluster_.loadBalancer().chooseHost(&context); if (host != nullptr && host->health() != Upstream::Host::Health::Unhealthy && host.get() != &active_session->host()) { ENVOY_LOG(debug, "upstream session unhealthy, recreating the session"); removeSession(active_session); active_session = createSession(std::move(data.addresses_), host); } else { // In this case we could not get a better host, so just keep using the current session. ENVOY_LOG(trace, "upstream session unhealthy, but unable to get a better host"); } } } active_session->write(*data.buffer_); } UdpProxyFilter::ActiveSession* UdpProxyFilter::ClusterInfo::createSession(Network::UdpRecvData::LocalPeerAddresses&& addresses, const Upstream::HostConstSharedPtr& host) { auto new_session = std::make_unique(*this, std::move(addresses), host); auto new_session_ptr = new_session.get(); sessions_.emplace(std::move(new_session)); host_to_sessions_[host.get()].emplace(new_session_ptr); return new_session_ptr; } void UdpProxyFilter::ClusterInfo::removeSession(const ActiveSession* session) { // First remove from the host to sessions map. ASSERT(host_to_sessions_[&session->host()].count(session) == 1); auto host_sessions_it = host_to_sessions_.find(&session->host()); host_sessions_it->second.erase(session); if (host_sessions_it->second.empty()) { host_to_sessions_.erase(host_sessions_it); } // Now remove it from the primary map. ASSERT(sessions_.count(session) == 1); sessions_.erase(session); } UdpProxyFilter::ActiveSession::ActiveSession(ClusterInfo& cluster, Network::UdpRecvData::LocalPeerAddresses&& addresses, const Upstream::HostConstSharedPtr& host) : cluster_(cluster), use_original_src_ip_(cluster_.filter_.config_->usingOriginalSrcIp()), addresses_(std::move(addresses)), host_(host), idle_timer_(cluster.filter_.read_callbacks_->udpListener().dispatcher().createTimer( [this] { onIdleTimer(); })), // NOTE: The socket call can only fail due to memory/fd exhaustion. No local ephemeral port // is bound until the first packet is sent to the upstream host. socket_(cluster.filter_.createSocket(host)), socket_event_(socket_->ioHandle().createFileEvent( cluster.filter_.read_callbacks_->udpListener().dispatcher(), [this](uint32_t) { onReadReady(); }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read)) { ENVOY_LOG(debug, "creating new session: downstream={} local={} upstream={}", addresses_.peer_->asStringView(), addresses_.local_->asStringView(), host->address()->asStringView()); cluster_.filter_.config_->stats().downstream_sess_total_.inc(); cluster_.filter_.config_->stats().downstream_sess_active_.inc(); cluster_.cluster_.info() ->resourceManager(Upstream::ResourcePriority::Default) .connections() .inc(); if (use_original_src_ip_) { const Network::Socket::OptionsSharedPtr socket_options = Network::SocketOptionFactory::buildIpTransparentOptions(); const bool ok = Network::Socket::applyOptions( socket_options, *socket_, envoy::config::core::v3::SocketOption::STATE_PREBIND); RELEASE_ASSERT(ok, "Should never occur!"); ENVOY_LOG(debug, "The original src is enabled for address {}.", addresses_.peer_->asStringView()); } // TODO(mattklein123): Enable dropped packets socket option. In general the Socket abstraction // does not work well right now for client sockets. It's too heavy weight and is aimed at listener // sockets. We need to figure out how to either refactor Socket into something that works better // for this use case or allow the socket option abstractions to work directly against an IO // handle. } UdpProxyFilter::ActiveSession::~ActiveSession() { ENVOY_LOG(debug, "deleting the session: downstream={} local={} upstream={}", addresses_.peer_->asStringView(), addresses_.local_->asStringView(), host_->address()->asStringView()); cluster_.filter_.config_->stats().downstream_sess_active_.dec(); cluster_.cluster_.info() ->resourceManager(Upstream::ResourcePriority::Default) .connections() .dec(); } void UdpProxyFilter::ActiveSession::onIdleTimer() { ENVOY_LOG(debug, "session idle timeout: downstream={} local={}", addresses_.peer_->asStringView(), addresses_.local_->asStringView()); cluster_.filter_.config_->stats().idle_timeout_.inc(); cluster_.removeSession(this); } void UdpProxyFilter::ActiveSession::onReadReady() { idle_timer_->enableTimer(cluster_.filter_.config_->sessionTimeout()); // TODO(mattklein123): We should not be passing *addresses_.local_ to this function as we are // not trying to populate the local address for received packets. uint32_t packets_dropped = 0; const Api::IoErrorPtr result = Network::Utility::readPacketsFromSocket( socket_->ioHandle(), *addresses_.local_, *this, cluster_.filter_.config_->timeSource(), packets_dropped); // TODO(mattklein123): Handle no error when we limit the number of packets read. if (result->getErrorCode() != Api::IoError::IoErrorCode::Again) { cluster_.cluster_stats_.sess_rx_errors_.inc(); } // Flush out buffered data at the end of IO event. cluster_.filter_.read_callbacks_->udpListener().flush(); } void UdpProxyFilter::ActiveSession::write(const Buffer::Instance& buffer) { ENVOY_LOG(trace, "writing {} byte datagram upstream: downstream={} local={} upstream={}", buffer.length(), addresses_.peer_->asStringView(), addresses_.local_->asStringView(), host_->address()->asStringView()); const uint64_t buffer_length = buffer.length(); cluster_.filter_.config_->stats().downstream_sess_rx_bytes_.add(buffer_length); cluster_.filter_.config_->stats().downstream_sess_rx_datagrams_.inc(); idle_timer_->enableTimer(cluster_.filter_.config_->sessionTimeout()); // NOTE: On the first write, a local ephemeral port is bound, and thus this write can fail due to // port exhaustion. // NOTE: We do not specify the local IP to use for the sendmsg call if use_original_src_ip_ is not // set. We allow the OS to select the right IP based on outbound routing rules if // use_original_src_ip_ is not set, else use downstream peer IP as local IP. const Network::Address::Ip* local_ip = use_original_src_ip_ ? addresses_.peer_->ip() : nullptr; Api::IoCallUint64Result rc = Network::Utility::writeToSocket(socket_->ioHandle(), buffer, local_ip, *host_->address()); if (!rc.ok()) { cluster_.cluster_stats_.sess_tx_errors_.inc(); } else { cluster_.cluster_stats_.sess_tx_datagrams_.inc(); cluster_.cluster_.info()->stats().upstream_cx_tx_bytes_total_.add(buffer_length); } } void UdpProxyFilter::ActiveSession::processPacket(Network::Address::InstanceConstSharedPtr, Network::Address::InstanceConstSharedPtr, Buffer::InstancePtr buffer, MonotonicTime) { ENVOY_LOG(trace, "writing {} byte datagram downstream: downstream={} local={} upstream={}", buffer->length(), addresses_.peer_->asStringView(), addresses_.local_->asStringView(), host_->address()->asStringView()); const uint64_t buffer_length = buffer->length(); cluster_.cluster_stats_.sess_rx_datagrams_.inc(); cluster_.cluster_.info()->stats().upstream_cx_rx_bytes_total_.add(buffer_length); Network::UdpSendData data{addresses_.local_->ip(), *addresses_.peer_, *buffer}; const Api::IoCallUint64Result rc = cluster_.filter_.read_callbacks_->udpListener().send(data); if (!rc.ok()) { cluster_.filter_.config_->stats().downstream_sess_tx_errors_.inc(); } else { cluster_.filter_.config_->stats().downstream_sess_tx_bytes_.add(buffer_length); cluster_.filter_.config_->stats().downstream_sess_tx_datagrams_.inc(); } } } // namespace UdpProxy } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h ================================================ #pragma once #include "envoy/event/file_event.h" #include "envoy/event/timer.h" #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" #include "envoy/network/filter.h" #include "envoy/upstream/cluster_manager.h" #include "common/api/os_sys_calls_impl.h" #include "common/network/socket_impl.h" #include "common/network/socket_interface.h" #include "common/network/utility.h" #include "common/upstream/load_balancer_impl.h" #include "extensions/filters/udp/udp_proxy/hash_policy_impl.h" #include "absl/container/flat_hash_set.h" // TODO(mattklein123): UDP session access logging. namespace Envoy { namespace Extensions { namespace UdpFilters { namespace UdpProxy { /** * All UDP proxy downstream stats. @see stats_macros.h */ #define ALL_UDP_PROXY_DOWNSTREAM_STATS(COUNTER, GAUGE) \ COUNTER(downstream_sess_no_route) \ COUNTER(downstream_sess_rx_bytes) \ COUNTER(downstream_sess_rx_datagrams) \ COUNTER(downstream_sess_rx_errors) \ COUNTER(downstream_sess_total) \ COUNTER(downstream_sess_tx_bytes) \ COUNTER(downstream_sess_tx_datagrams) \ COUNTER(downstream_sess_tx_errors) \ COUNTER(idle_timeout) \ GAUGE(downstream_sess_active, Accumulate) /** * Struct definition for all UDP proxy downstream stats. @see stats_macros.h */ struct UdpProxyDownstreamStats { ALL_UDP_PROXY_DOWNSTREAM_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * All UDP proxy upstream cluster stats. @see stats_macros.h */ #define ALL_UDP_PROXY_UPSTREAM_STATS(COUNTER) \ COUNTER(sess_rx_datagrams) \ COUNTER(sess_rx_errors) \ COUNTER(sess_tx_datagrams) \ COUNTER(sess_tx_errors) /** * Struct definition for all UDP proxy upstream stats. @see stats_macros.h */ struct UdpProxyUpstreamStats { ALL_UDP_PROXY_UPSTREAM_STATS(GENERATE_COUNTER_STRUCT) }; class UdpProxyFilterConfig { public: UdpProxyFilterConfig(Upstream::ClusterManager& cluster_manager, TimeSource& time_source, Stats::Scope& root_scope, const envoy::extensions::filters::udp::udp_proxy::v3::UdpProxyConfig& config) : cluster_manager_(cluster_manager), time_source_(time_source), cluster_(config.cluster()), session_timeout_(PROTOBUF_GET_MS_OR_DEFAULT(config, idle_timeout, 60 * 1000)), use_original_src_ip_(config.use_original_src_ip()), stats_(generateStats(config.stat_prefix(), root_scope)) { if (use_original_src_ip_ && !Api::OsSysCallsSingleton::get().supportsIpTransparent()) { ExceptionUtil::throwEnvoyException( "The platform does not support either IP_TRANSPARENT or IPV6_TRANSPARENT. Or the envoy " "is not running with the CAP_NET_ADMIN capability."); } if (!config.hash_policies().empty()) { hash_policy_ = std::make_unique(config.hash_policies()); } } const std::string& cluster() const { return cluster_; } Upstream::ClusterManager& clusterManager() const { return cluster_manager_; } std::chrono::milliseconds sessionTimeout() const { return session_timeout_; } bool usingOriginalSrcIp() const { return use_original_src_ip_; } const Udp::HashPolicy* hashPolicy() const { return hash_policy_.get(); } UdpProxyDownstreamStats& stats() const { return stats_; } TimeSource& timeSource() const { return time_source_; } private: static UdpProxyDownstreamStats generateStats(const std::string& stat_prefix, Stats::Scope& scope) { const auto final_prefix = absl::StrCat("udp.", stat_prefix); return {ALL_UDP_PROXY_DOWNSTREAM_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), POOL_GAUGE_PREFIX(scope, final_prefix))}; } Upstream::ClusterManager& cluster_manager_; TimeSource& time_source_; const std::string cluster_; const std::chrono::milliseconds session_timeout_; const bool use_original_src_ip_; std::unique_ptr hash_policy_; mutable UdpProxyDownstreamStats stats_; }; using UdpProxyFilterConfigSharedPtr = std::shared_ptr; /** * Currently, it only implements the hash based routing. */ class UdpLoadBalancerContext : public Upstream::LoadBalancerContextBase { public: UdpLoadBalancerContext(const Udp::HashPolicy* hash_policy, const Network::Address::InstanceConstSharedPtr& peer_address) { if (hash_policy) { hash_ = hash_policy->generateHash(*peer_address); } } absl::optional computeHashKey() override { return hash_; } private: absl::optional hash_; }; class UdpProxyFilter : public Network::UdpListenerReadFilter, public Upstream::ClusterUpdateCallbacks, Logger::Loggable { public: UdpProxyFilter(Network::UdpReadFilterCallbacks& callbacks, const UdpProxyFilterConfigSharedPtr& config); // Network::UdpListenerReadFilter void onData(Network::UdpRecvData& data) override; void onReceiveError(Api::IoError::IoErrorCode error_code) override; private: class ClusterInfo; /** * An active session is similar to a TCP connection. It binds a 4-tuple (downstream IP/port, local * IP/port) to a selected upstream host for the purpose of packet forwarding. Unlike a TCP * connection, there is obviously no concept of session destruction beyond internally tracked data * such as an idle timeout, maximum packets, etc. Once a session is created, downstream packets * will be hashed to the same session and will be forwarded to the same upstream, using the same * local ephemeral IP/port. */ class ActiveSession : public Network::UdpPacketProcessor { public: ActiveSession(ClusterInfo& parent, Network::UdpRecvData::LocalPeerAddresses&& addresses, const Upstream::HostConstSharedPtr& host); ~ActiveSession() override; const Network::UdpRecvData::LocalPeerAddresses& addresses() const { return addresses_; } const Upstream::Host& host() const { return *host_; } void write(const Buffer::Instance& buffer); private: void onIdleTimer(); void onReadReady(); // Network::UdpPacketProcessor void processPacket(Network::Address::InstanceConstSharedPtr local_address, Network::Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) override; uint64_t maxPacketSize() const override { // TODO(mattklein123): Support configurable/jumbo frames when proxying to upstream. // Eventually we will want to support some type of PROXY header when doing L4 QUIC // forwarding. return Network::MAX_UDP_PACKET_SIZE; } ClusterInfo& cluster_; const bool use_original_src_ip_; const Network::UdpRecvData::LocalPeerAddresses addresses_; const Upstream::HostConstSharedPtr host_; // TODO(mattklein123): Consider replacing an idle timer for each session with a last used // time stamp and a periodic scan of all sessions to look for timeouts. This solution is simple, // though it might not perform well for high volume traffic. Note that this is how TCP proxy // idle timeouts work so we should consider unifying the implementation if we move to a time // stamp and scan approach. const Event::TimerPtr idle_timer_; // The socket is used for writing packets to the selected upstream host as well as receiving // packets from the upstream host. Note that a a local ephemeral port is bound on the first // write to the upstream host. const Network::SocketPtr socket_; const Event::FileEventPtr socket_event_; }; using ActiveSessionPtr = std::unique_ptr; struct HeterogeneousActiveSessionHash { // Specifying is_transparent indicates to the library infrastructure that // type-conversions should not be applied when calling find(), but instead // pass the actual types of the contained and searched-for objects directly to // these functors. See // https://en.cppreference.com/w/cpp/utility/functional/less_void for an // official reference, and https://abseil.io/tips/144 for a description of // using it in the context of absl. using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(const Network::UdpRecvData::LocalPeerAddresses& value) const { return absl::Hash()(value); } size_t operator()(const ActiveSessionPtr& value) const { return absl::Hash()(value->addresses()); } size_t operator()(const ActiveSession* value) const { return absl::Hash()(value->addresses()); } }; struct HeterogeneousActiveSessionEqual { // See description for HeterogeneousActiveSessionHash::is_transparent. using is_transparent = void; // NOLINT(readability-identifier-naming) bool operator()(const ActiveSessionPtr& lhs, const Network::UdpRecvData::LocalPeerAddresses& rhs) const { return lhs->addresses() == rhs; } bool operator()(const ActiveSessionPtr& lhs, const ActiveSessionPtr& rhs) const { return lhs->addresses() == rhs->addresses(); } bool operator()(const ActiveSessionPtr& lhs, const ActiveSession* rhs) const { return lhs->addresses() == rhs->addresses(); } }; /** * Wraps all cluster specific UDP processing including session tracking, stats, etc. In the future * we will very likely support different types of routing to multiple upstream clusters. */ class ClusterInfo { public: ClusterInfo(UdpProxyFilter& filter, Upstream::ThreadLocalCluster& cluster); ~ClusterInfo(); void onData(Network::UdpRecvData& data); void removeSession(const ActiveSession* session); UdpProxyFilter& filter_; Upstream::ThreadLocalCluster& cluster_; UdpProxyUpstreamStats cluster_stats_; private: ActiveSession* createSession(Network::UdpRecvData::LocalPeerAddresses&& addresses, const Upstream::HostConstSharedPtr& host); static UdpProxyUpstreamStats generateStats(Stats::Scope& scope) { const auto final_prefix = "udp"; return {ALL_UDP_PROXY_UPSTREAM_STATS(POOL_COUNTER_PREFIX(scope, final_prefix))}; } Envoy::Common::CallbackHandle* member_update_cb_handle_; absl::flat_hash_set sessions_; absl::flat_hash_map> host_to_sessions_; }; virtual Network::SocketPtr createSocket(const Upstream::HostConstSharedPtr& host) { // Virtual so this can be overridden in unit tests. return std::make_unique(Network::Socket::Type::Datagram, host->address()); } // Upstream::ClusterUpdateCallbacks void onClusterAddOrUpdate(Upstream::ThreadLocalCluster& cluster) final; void onClusterRemoval(const std::string& cluster_name) override; const UdpProxyFilterConfigSharedPtr config_; const Upstream::ClusterUpdateCallbacksHandlePtr cluster_update_callbacks_; // Right now we support a single cluster to route to. It is highly likely in the future that // we will support additional routing options either using filter chain matching, weighting, // etc. absl::optional cluster_info_; }; } // namespace UdpProxy } // namespace UdpFilters } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/grpc_credentials/aws_iam/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # AWS IAM gRPC Credentials envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], external_deps = ["grpc"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ "//include/envoy/grpc:google_grpc_creds_interface", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/grpc:google_grpc_creds_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:region_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/common/aws:utility_lib", "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/grpc_credential/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/grpc_credentials/aws_iam/config.cc ================================================ #include "extensions/grpc_credentials/aws_iam/config.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/aws_iam.pb.h" #include "envoy/config/grpc_credential/v3/aws_iam.pb.validate.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "common/grpc/google_grpc_creds_impl.h" #include "common/http/utility.h" #include "common/protobuf/message_validator_impl.h" #include "extensions/common/aws/credentials_provider_impl.h" #include "extensions/common/aws/region_provider_impl.h" #include "extensions/common/aws/signer_impl.h" #include "extensions/common/aws/utility.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace AwsIam { std::shared_ptr AwsIamGrpcCredentialsFactory::getChannelCredentials( const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) { const auto& google_grpc = grpc_service_config.google_grpc(); std::shared_ptr creds = Grpc::CredsUtility::defaultSslChannelCredentials(grpc_service_config, api); std::shared_ptr call_creds; for (const auto& credential : google_grpc.call_credentials()) { switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kFromPlugin: { if (credential.from_plugin().name() == GrpcCredentialsNames::get().AwsIam) { AwsIamGrpcCredentialsFactory credentials_factory; // We don't deal with validation failures here at runtime today, see // https://github.com/envoyproxy/envoy/issues/8010. const Envoy::ProtobufTypes::MessagePtr config_message = Envoy::Config::Utility::translateToFactoryConfig( credential.from_plugin(), ProtobufMessage::getNullValidationVisitor(), credentials_factory); const auto& config = Envoy::MessageUtil::downcastAndValidate< const envoy::config::grpc_credential::v3::AwsIamConfig&>( *config_message, ProtobufMessage::getNullValidationVisitor()); auto credentials_provider = std::make_shared( api, Common::Aws::Utility::metadataFetcher); auto signer = std::make_unique( config.service_name(), getRegion(config), credentials_provider, api.timeSource()); std::shared_ptr new_call_creds = grpc::MetadataCredentialsFromPlugin( std::make_unique(std::move(signer))); if (call_creds == nullptr) { call_creds = new_call_creds; } else { call_creds = grpc::CompositeCallCredentials(call_creds, new_call_creds); } } break; } default: // unused credential types continue; } } if (call_creds != nullptr) { return grpc::CompositeChannelCredentials(creds, call_creds); } return creds; } std::string AwsIamGrpcCredentialsFactory::getRegion( const envoy::config::grpc_credential::v3::AwsIamConfig& config) { Common::Aws::RegionProviderPtr region_provider; if (!config.region().empty()) { region_provider = std::make_unique(config.region()); } else { region_provider = std::make_unique(); } if (!region_provider->getRegion().has_value()) { throw EnvoyException("Could not determine AWS region. " "If you are not running Envoy in EC2 or ECS, " "provide the region in the plugin configuration."); } return *region_provider->getRegion(); } grpc::Status AwsIamHeaderAuthenticator::GetMetadata(grpc::string_ref service_url, grpc::string_ref method_name, const grpc::AuthContext&, std::multimap* metadata) { auto message = buildMessageToSign(absl::string_view(service_url.data(), service_url.length()), absl::string_view(method_name.data(), method_name.length())); try { signer_->sign(message, false); } catch (const EnvoyException& e) { return grpc::Status(grpc::StatusCode::INTERNAL, e.what()); } signedHeadersToMetadata(message.headers(), *metadata); return grpc::Status::OK; } Http::RequestMessageImpl AwsIamHeaderAuthenticator::buildMessageToSign(absl::string_view service_url, absl::string_view method_name) { const auto uri = fmt::format("{}/{}", service_url, method_name); absl::string_view host; absl::string_view path; Http::Utility::extractHostPathFromUri(uri, host, path); Http::RequestMessageImpl message; message.headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); message.headers().setHost(host); message.headers().setPath(path); return message; } void AwsIamHeaderAuthenticator::signedHeadersToMetadata( const Http::HeaderMap& headers, std::multimap& metadata) { headers.iterate([&metadata](const Http::HeaderEntry& entry) -> Http::HeaderMap::Iterate { const auto& key = entry.key().getStringView(); // Skip pseudo-headers if (key.empty() || key[0] == ':') { return Http::HeaderMap::Iterate::Continue; } metadata.emplace(key, entry.value().getStringView()); return Http::HeaderMap::Iterate::Continue; }); } REGISTER_FACTORY(AwsIamGrpcCredentialsFactory, Grpc::GoogleGrpcCredentialsFactory); } // namespace AwsIam } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/aws_iam/config.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/aws_iam.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/http/header_map.h" #include "common/http/message_impl.h" #include "extensions/common/aws/signer.h" #include "extensions/grpc_credentials/well_known_names.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace AwsIam { /** * AWS IAM based gRPC channel credentials factory. */ class AwsIamGrpcCredentialsFactory : public Grpc::GoogleGrpcCredentialsFactory { public: std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) override; Envoy::ProtobufTypes::MessagePtr createEmptyConfigProto() { return std::make_unique(); } std::string name() const override { return GrpcCredentialsNames::get().AwsIam; } private: static std::string getRegion(const envoy::config::grpc_credential::v3::AwsIamConfig& config); }; /** * Produce AWS IAM signature metadata for a gRPC call. */ class AwsIamHeaderAuthenticator : public grpc::MetadataCredentialsPlugin { public: AwsIamHeaderAuthenticator(Common::Aws::SignerPtr signer) : signer_(std::move(signer)) {} grpc::Status GetMetadata(grpc::string_ref, grpc::string_ref, const grpc::AuthContext&, std::multimap* metadata) override; bool IsBlocking() const override { return true; } private: static Http::RequestMessageImpl buildMessageToSign(absl::string_view service_url, absl::string_view method_name); static void signedHeadersToMetadata(const Http::HeaderMap& headers, std::multimap& metadata); const Common::Aws::SignerPtr signer_; }; } // namespace AwsIam } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/example/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Example gRPC Credentials envoy_extension_package() envoy_cc_library( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], external_deps = ["grpc"], # Legacy test use. visibility = [ "//source/extensions:__subpackages__", "//test/common/grpc:__subpackages__", "//test/extensions:__subpackages__", ], deps = [ "//include/envoy/grpc:google_grpc_creds_interface", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/common/grpc:google_grpc_creds_lib", "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/grpc_credentials/example/config.cc ================================================ #include "extensions/grpc_credentials/example/config.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" #include "common/grpc/google_grpc_creds_impl.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace Example { std::shared_ptr AccessTokenExampleGrpcCredentialsFactory::getChannelCredentials( const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) { const auto& google_grpc = grpc_service_config.google_grpc(); std::shared_ptr creds = Grpc::CredsUtility::defaultSslChannelCredentials(grpc_service_config, api); std::shared_ptr call_creds = nullptr; for (const auto& credential : google_grpc.call_credentials()) { switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kAccessToken: { if (!credential.access_token().empty()) { std::shared_ptr new_call_creds = grpc::MetadataCredentialsFromPlugin( std::make_unique(credential.access_token())); if (call_creds == nullptr) { call_creds = new_call_creds; } else { call_creds = grpc::CompositeCallCredentials(call_creds, new_call_creds); } } break; } default: // unused credential types continue; } } if (call_creds != nullptr) { return grpc::CompositeChannelCredentials(creds, call_creds); } return creds; } grpc::Status StaticHeaderAuthenticator::GetMetadata(grpc::string_ref, grpc::string_ref, const grpc::AuthContext&, std::multimap* metadata) { // this function is run on a separate thread by the gRPC client library (independent of Envoy // threading), so it can perform actions such as refreshing an access token without blocking // the main thread. see: // https://grpc.io/grpc/cpp/classgrpc_1_1_metadata_credentials_plugin.html#a6faf44f7c08d0311a38a868fdb8cbaf0 metadata->insert(std::make_pair("authorization", "Bearer " + ticket_)); return grpc::Status::OK; } /** * Static registration for the static header Google gRPC credentials factory. @see RegisterFactory. */ REGISTER_FACTORY(AccessTokenExampleGrpcCredentialsFactory, Grpc::GoogleGrpcCredentialsFactory); } // namespace Example } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/example/config.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "extensions/grpc_credentials/well_known_names.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace Example { /** * Access token implementation of Google Grpc Credentials Factory * This implementation uses ssl creds for the grpc channel if available, similar to the default * implementation. Additionally, it uses MetadataCredentialsFromPlugin to add a static secret to a * header for call credentials. This implementation does the same thing as AccessTokenCredentials, * but it's implemented as a Google gRPC client library plugin to show how a custom implementation * would be created. * * This implementation uses the access_token field in the config to get the secret to add to the * header. * * This can be used as an example for how to implement a more complicated custom call credentials * implementation. Any blocking calls should be performed in the * MetadataCredentialsFromPlugin::GetMetadata to ensure that the main thread is not blocked while * initializing the channel. */ class AccessTokenExampleGrpcCredentialsFactory : public Grpc::GoogleGrpcCredentialsFactory { public: std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) override; std::string name() const override { return GrpcCredentialsNames::get().AccessTokenExample; } }; /* * Reference: * https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms */ class StaticHeaderAuthenticator : public grpc::MetadataCredentialsPlugin { public: StaticHeaderAuthenticator(const grpc::string& ticket) : ticket_(ticket) {} grpc::Status GetMetadata(grpc::string_ref, grpc::string_ref, const grpc::AuthContext&, std::multimap* metadata) override; private: grpc::string ticket_; }; } // namespace Example } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/file_based_metadata/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # File Based Metadata gRPC Credentials envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], external_deps = ["grpc"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ "//include/envoy/grpc:google_grpc_creds_interface", "//include/envoy/registry", "//source/common/config:utility_lib", "//source/common/grpc:common_lib", "//source/common/grpc:google_grpc_creds_lib", "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/grpc_credential/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/grpc_credentials/file_based_metadata/config.cc ================================================ #include "extensions/grpc_credentials/file_based_metadata/config.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.h" #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.validate.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" #include "common/config/datasource.h" #include "common/config/utility.h" #include "common/grpc/google_grpc_creds_impl.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace FileBasedMetadata { std::shared_ptr FileBasedMetadataGrpcCredentialsFactory::getChannelCredentials( const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) { const auto& google_grpc = grpc_service_config.google_grpc(); std::shared_ptr creds = Grpc::CredsUtility::defaultSslChannelCredentials(grpc_service_config, api); std::shared_ptr call_creds = nullptr; for (const auto& credential : google_grpc.call_credentials()) { switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kFromPlugin: { if (credential.from_plugin().name() == GrpcCredentialsNames::get().FileBasedMetadata) { FileBasedMetadataGrpcCredentialsFactory file_based_metadata_credentials_factory; // We don't deal with validation failures here at runtime today, see // https://github.com/envoyproxy/envoy/issues/8010. const Envoy::ProtobufTypes::MessagePtr file_based_metadata_config_message = Envoy::Config::Utility::translateToFactoryConfig( credential.from_plugin(), ProtobufMessage::getNullValidationVisitor(), file_based_metadata_credentials_factory); const auto& file_based_metadata_config = Envoy::MessageUtil::downcastAndValidate< const envoy::config::grpc_credential::v3::FileBasedMetadataConfig&>( *file_based_metadata_config_message, ProtobufMessage::getNullValidationVisitor()); std::shared_ptr new_call_creds = grpc::MetadataCredentialsFromPlugin( std::make_unique(file_based_metadata_config, api)); if (call_creds == nullptr) { call_creds = new_call_creds; } else { call_creds = grpc::CompositeCallCredentials(call_creds, new_call_creds); } } break; } default: // unused credential types continue; } } if (call_creds != nullptr) { return grpc::CompositeChannelCredentials(creds, call_creds); } return creds; } grpc::Status FileBasedMetadataAuthenticator::GetMetadata(grpc::string_ref, grpc::string_ref, const grpc::AuthContext&, std::multimap* metadata) { std::string header_key = "authorization"; std::string header_prefix = config_.header_prefix(); if (!config_.header_key().empty()) { header_key = config_.header_key(); } try { std::string header_value = Envoy::Config::DataSource::read(config_.secret_data(), true, api_); metadata->insert(std::make_pair(header_key, header_prefix + header_value)); } catch (const EnvoyException& e) { return grpc::Status(grpc::StatusCode::NOT_FOUND, e.what()); } return grpc::Status::OK; } /** * Static registration for the file based metadata Google gRPC credentials factory. @see * RegisterFactory. */ REGISTER_FACTORY(FileBasedMetadataGrpcCredentialsFactory, Grpc::GoogleGrpcCredentialsFactory); } // namespace FileBasedMetadata } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/file_based_metadata/config.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "common/protobuf/protobuf.h" #include "extensions/grpc_credentials/well_known_names.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { namespace FileBasedMetadata { /** * File Based Metadata implementation of Google Grpc Credentials Factory * This implementation uses ssl creds for the grpc channel if available. Additionally, it uses * MetadataCredentialsFromPlugin to add a static secret that is loaded from a file. The header key * and header prefix are configurable. * * This implementation uses the from_plugin field in the call credentials config to get the filename * of where the secret is stored to add to the header. */ class FileBasedMetadataGrpcCredentialsFactory : public Grpc::GoogleGrpcCredentialsFactory { public: std::shared_ptr getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) override; Envoy::ProtobufTypes::MessagePtr createEmptyConfigProto() { return std::make_unique(); } std::string name() const override { return GrpcCredentialsNames::get().FileBasedMetadata; } }; class FileBasedMetadataAuthenticator : public grpc::MetadataCredentialsPlugin { public: FileBasedMetadataAuthenticator( const envoy::config::grpc_credential::v3::FileBasedMetadataConfig& config, Api::Api& api) : config_(config), api_(api) {} grpc::Status GetMetadata(grpc::string_ref, grpc::string_ref, const grpc::AuthContext&, std::multimap* metadata) override; private: const envoy::config::grpc_credential::v3::FileBasedMetadataConfig config_; Api::Api& api_; }; } // namespace FileBasedMetadata } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/grpc_credentials/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace GrpcCredentials { /** * Well-known gRPC Credentials names. * NOTE: New gRPC Credentials should use the well known name: envoy.grpc_credentials.name. */ class GrpcCredentialsNameValues { public: // Access Token Example. const std::string AccessTokenExample = "envoy.grpc_credentials.access_token_example"; // File Based Metadata credentials const std::string FileBasedMetadata = "envoy.grpc_credentials.file_based_metadata"; // AWS IAM const std::string AwsIam = "envoy.grpc_credentials.aws_iam"; }; using GrpcCredentialsNames = ConstSingleton; } // namespace GrpcCredentials } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/health_checkers/redis/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Redis custom health checker. envoy_extension_package() envoy_cc_library( name = "redis", srcs = ["redis.cc"], hdrs = ["redis.h"], deps = [ "//source/common/upstream:health_checker_base_lib", "//source/extensions/filters/network/common/redis:client_lib", "//source/extensions/filters/network/redis_proxy:config", "//source/extensions/filters/network/redis_proxy:conn_pool_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/health_checker/redis/v2:pkg_cc_proto", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":redis", ":utility", "//include/envoy/registry", "//include/envoy/server:health_checker_config_interface", "//source/common/common:assert_lib", "//source/extensions/health_checkers:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/health_checker/redis/v2:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utility", hdrs = ["utility.h"], deps = [ "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/health_checker/redis/v2:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/health_checkers/redis/config.cc ================================================ #include "extensions/health_checkers/redis/config.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "extensions/health_checkers/redis/utility.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { namespace RedisHealthChecker { Upstream::HealthCheckerSharedPtr RedisHealthCheckerFactory::createCustomHealthChecker( const envoy::config::core::v3::HealthCheck& config, Server::Configuration::HealthCheckerFactoryContext& context) { return std::make_shared( context.cluster(), config, getRedisHealthCheckConfig(config, context.messageValidationVisitor()), context.dispatcher(), context.runtime(), context.eventLogger(), context.api(), NetworkFilters::Common::Redis::Client::ClientFactoryImpl::instance_); }; /** * Static registration for the redis custom health checker. @see RegisterFactory. */ REGISTER_FACTORY(RedisHealthCheckerFactory, Server::Configuration::CustomHealthCheckerFactory); } // namespace RedisHealthChecker } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/redis/config.h ================================================ #pragma once #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.validate.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/server/health_checker_config.h" #include "extensions/health_checkers/redis/redis.h" #include "extensions/health_checkers/well_known_names.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { namespace RedisHealthChecker { /** * Config registration for the redis health checker. */ class RedisHealthCheckerFactory : public Server::Configuration::CustomHealthCheckerFactory { public: Upstream::HealthCheckerSharedPtr createCustomHealthChecker(const envoy::config::core::v3::HealthCheck& config, Server::Configuration::HealthCheckerFactoryContext& context) override; std::string name() const override { return HealthCheckerNames::get().RedisHealthChecker; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new envoy::config::health_checker::redis::v2::Redis()}; } }; } // namespace RedisHealthChecker } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/redis/redis.cc ================================================ #include "extensions/health_checkers/redis/redis.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { namespace RedisHealthChecker { RedisHealthChecker::RedisHealthChecker( const Upstream::Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, const envoy::config::health_checker::redis::v2::Redis& redis_config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Upstream::HealthCheckEventLoggerPtr&& event_logger, Api::Api& api, Extensions::NetworkFilters::Common::Redis::Client::ClientFactory& client_factory) : HealthCheckerImplBase(cluster, config, dispatcher, runtime, api.randomGenerator(), std::move(event_logger)), client_factory_(client_factory), key_(redis_config.key()), auth_username_( NetworkFilters::RedisProxy::ProtocolOptionsConfigImpl::authUsername(cluster.info(), api)), auth_password_(NetworkFilters::RedisProxy::ProtocolOptionsConfigImpl::authPassword( cluster.info(), api)) { if (!key_.empty()) { type_ = Type::Exists; } else { type_ = Type::Ping; } } RedisHealthChecker::RedisActiveHealthCheckSession::RedisActiveHealthCheckSession( RedisHealthChecker& parent, const Upstream::HostSharedPtr& host) : ActiveHealthCheckSession(parent, host), parent_(parent) { redis_command_stats_ = Extensions::NetworkFilters::Common::Redis::RedisCommandStats::createRedisCommandStats( parent_.cluster_.info()->statsScope().symbolTable()); } RedisHealthChecker::RedisActiveHealthCheckSession::~RedisActiveHealthCheckSession() { ASSERT(current_request_ == nullptr); ASSERT(client_ == nullptr); } void RedisHealthChecker::RedisActiveHealthCheckSession::onDeferredDelete() { if (current_request_) { current_request_->cancel(); current_request_ = nullptr; } if (client_) { client_->close(); } } void RedisHealthChecker::RedisActiveHealthCheckSession::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::RemoteClose || event == Network::ConnectionEvent::LocalClose) { // This should only happen after any active requests have been failed/cancelled. ASSERT(!current_request_); parent_.dispatcher_.deferredDelete(std::move(client_)); } } void RedisHealthChecker::RedisActiveHealthCheckSession::onInterval() { if (!client_) { client_ = parent_.client_factory_.create( host_, parent_.dispatcher_, *this, redis_command_stats_, parent_.cluster_.info()->statsScope(), parent_.auth_username_, parent_.auth_password_); client_->addConnectionCallbacks(*this); } ASSERT(!current_request_); switch (parent_.type_) { case Type::Exists: current_request_ = client_->makeRequest(existsHealthCheckRequest(parent_.key_), *this); break; case Type::Ping: current_request_ = client_->makeRequest(pingHealthCheckRequest(), *this); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } void RedisHealthChecker::RedisActiveHealthCheckSession::onResponse( NetworkFilters::Common::Redis::RespValuePtr&& value) { current_request_ = nullptr; switch (parent_.type_) { case Type::Exists: if (value->type() == NetworkFilters::Common::Redis::RespType::Integer && value->asInteger() == 0) { handleSuccess(); } else { handleFailure(envoy::data::core::v3::ACTIVE); } break; case Type::Ping: if (value->type() == NetworkFilters::Common::Redis::RespType::SimpleString && value->asString() == "PONG") { handleSuccess(); } else { handleFailure(envoy::data::core::v3::ACTIVE); } break; default: NOT_REACHED_GCOVR_EXCL_LINE; } if (!parent_.reuse_connection_) { client_->close(); } } void RedisHealthChecker::RedisActiveHealthCheckSession::onFailure() { current_request_ = nullptr; handleFailure(envoy::data::core::v3::NETWORK); } bool RedisHealthChecker::RedisActiveHealthCheckSession::onRedirection( NetworkFilters::Common::Redis::RespValuePtr&&, const std::string&, bool) { // Treat any redirection error response from a Redis server as success. current_request_ = nullptr; handleSuccess(); return true; } void RedisHealthChecker::RedisActiveHealthCheckSession::onTimeout() { current_request_->cancel(); current_request_ = nullptr; client_->close(); } RedisHealthChecker::HealthCheckRequest::HealthCheckRequest(const std::string& key) { std::vector values(2); values[0].type(NetworkFilters::Common::Redis::RespType::BulkString); values[0].asString() = "EXISTS"; values[1].type(NetworkFilters::Common::Redis::RespType::BulkString); values[1].asString() = key; request_.type(NetworkFilters::Common::Redis::RespType::Array); request_.asArray().swap(values); } RedisHealthChecker::HealthCheckRequest::HealthCheckRequest() { std::vector values(1); values[0].type(NetworkFilters::Common::Redis::RespType::BulkString); values[0].asString() = "PING"; request_.type(NetworkFilters::Common::Redis::RespType::Array); request_.asArray().swap(values); } } // namespace RedisHealthChecker } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/redis/redis.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "common/upstream/health_checker_base_impl.h" #include "extensions/filters/network/common/redis/client_impl.h" #include "extensions/filters/network/redis_proxy/config.h" #include "extensions/filters/network/redis_proxy/conn_pool_impl.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { namespace RedisHealthChecker { /** * Redis health checker implementation. Sends PING and expects PONG. */ class RedisHealthChecker : public Upstream::HealthCheckerImplBase { public: RedisHealthChecker( const Upstream::Cluster& cluster, const envoy::config::core::v3::HealthCheck& config, const envoy::config::health_checker::redis::v2::Redis& redis_config, Event::Dispatcher& dispatcher, Runtime::Loader& runtime, Upstream::HealthCheckEventLoggerPtr&& event_logger, Api::Api& api, Extensions::NetworkFilters::Common::Redis::Client::ClientFactory& client_factory); static const NetworkFilters::Common::Redis::RespValue& pingHealthCheckRequest() { static HealthCheckRequest* request = new HealthCheckRequest(); return request->request_; } static const NetworkFilters::Common::Redis::RespValue& existsHealthCheckRequest(const std::string& key) { static HealthCheckRequest* request = new HealthCheckRequest(key); return request->request_; } protected: envoy::data::core::v3::HealthCheckerType healthCheckerType() const override { return envoy::data::core::v3::REDIS; } private: friend class RedisHealthCheckerTest; struct RedisActiveHealthCheckSession : public ActiveHealthCheckSession, public Extensions::NetworkFilters::Common::Redis::Client::Config, public Extensions::NetworkFilters::Common::Redis::Client::ClientCallbacks, public Network::ConnectionCallbacks { RedisActiveHealthCheckSession(RedisHealthChecker& parent, const Upstream::HostSharedPtr& host); ~RedisActiveHealthCheckSession() override; // ActiveHealthCheckSession void onInterval() override; void onTimeout() override; void onDeferredDelete() final; // Extensions::NetworkFilters::Common::Redis::Client::Config bool disableOutlierEvents() const override { return true; } std::chrono::milliseconds opTimeout() const override { // Allow the main Health Check infra to control timeout. return parent_.timeout_ * 2; } bool enableHashtagging() const override { return false; } bool enableRedirection() const override { return true; } // Redirection errors are treated as check successes. NetworkFilters::Common::Redis::Client::ReadPolicy readPolicy() const override { return NetworkFilters::Common::Redis::Client::ReadPolicy::Primary; } // Batching unsigned int maxBufferSizeBeforeFlush() const override { return 0; } // Forces an immediate flush std::chrono::milliseconds bufferFlushTimeoutInMs() const override { return std::chrono::milliseconds(1); } uint32_t maxUpstreamUnknownConnections() const override { return 0; } bool enableCommandStats() const override { return false; } // Extensions::NetworkFilters::Common::Redis::Client::ClientCallbacks void onResponse(NetworkFilters::Common::Redis::RespValuePtr&& value) override; void onFailure() override; bool onRedirection(NetworkFilters::Common::Redis::RespValuePtr&&, const std::string&, bool) override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} RedisHealthChecker& parent_; Extensions::NetworkFilters::Common::Redis::Client::ClientPtr client_; Extensions::NetworkFilters::Common::Redis::Client::PoolRequest* current_request_{}; Extensions::NetworkFilters::Common::Redis::RedisCommandStatsSharedPtr redis_command_stats_; }; enum class Type { Ping, Exists }; struct HealthCheckRequest { HealthCheckRequest(const std::string& key); HealthCheckRequest(); NetworkFilters::Common::Redis::RespValue request_; }; using RedisActiveHealthCheckSessionPtr = std::unique_ptr; // HealthCheckerImplBase ActiveHealthCheckSessionPtr makeSession(Upstream::HostSharedPtr host) override { return std::make_unique(*this, host); } Extensions::NetworkFilters::Common::Redis::Client::ClientFactory& client_factory_; Type type_; const std::string key_; const std::string auth_username_; const std::string auth_password_; }; } // namespace RedisHealthChecker } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/redis/utility.h ================================================ #pragma once #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.h" #include "envoy/config/health_checker/redis/v2/redis.pb.validate.h" #include "common/config/utility.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { namespace RedisHealthChecker { namespace { static const envoy::config::health_checker::redis::v2::Redis getRedisHealthCheckConfig(const envoy::config::core::v3::HealthCheck& health_check_config, ProtobufMessage::ValidationVisitor& validation_visitor) { ProtobufTypes::MessagePtr config = ProtobufTypes::MessagePtr{new envoy::config::health_checker::redis::v2::Redis()}; Envoy::Config::Utility::translateOpaqueConfig( health_check_config.custom_health_check().typed_config(), health_check_config.custom_health_check().hidden_envoy_deprecated_config(), validation_visitor, *config); return MessageUtil::downcastAndValidate( *config, validation_visitor); } } // namespace } // namespace RedisHealthChecker } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/health_checkers/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace HealthCheckers { /** * Well-known health checker names. * NOTE: New health checkers should use the well known name: envoy.health_checkers.name. */ class HealthCheckerNameValues { public: // Redis health checker. const std::string RedisHealthChecker = "envoy.health_checkers.redis"; }; using HealthCheckerNames = ConstSingleton; } // namespace HealthCheckers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/internal_redirect/allow_listed_routes/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "allow_listed_routes_lib", hdrs = ["allow_listed_routes.h"], deps = [ "//include/envoy/router:internal_redirect_interface", "//include/envoy/stream_info:filter_state_interface", "//source/extensions/internal_redirect:well_known_names", "@envoy_api//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":allow_listed_routes_lib", "//include/envoy/registry", "//include/envoy/router:internal_redirect_interface", "//source/extensions/internal_redirect:well_known_names", "@envoy_api//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h ================================================ #pragma once #include "envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.pb.h" #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" #include "extensions/internal_redirect/well_known_names.h" #include "absl/container/flat_hash_set.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class AllowListedRoutesPredicate : public Router::InternalRedirectPredicate { public: explicit AllowListedRoutesPredicate( const envoy::extensions::internal_redirect::allow_listed_routes::v3::AllowListedRoutesConfig& config) : allowed_routes_(config.allowed_route_names().begin(), config.allowed_route_names().end()) {} bool acceptTargetRoute(StreamInfo::FilterState&, absl::string_view route_name, bool, bool) override { return allowed_routes_.contains(route_name); } absl::string_view name() const override { return InternalRedirectPredicateValues::get().AllowListedRoutesPredicate; } const absl::flat_hash_set allowed_routes_; }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/allow_listed_routes/config.cc ================================================ #include "extensions/internal_redirect/allow_listed_routes/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { REGISTER_FACTORY(AllowListedRoutesPredicateFactory, Router::InternalRedirectPredicateFactory); } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/allow_listed_routes/config.h ================================================ #pragma once #include "envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.pb.h" #include "envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.pb.validate.h" #include "envoy/router/internal_redirect.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h" #include "extensions/internal_redirect/well_known_names.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class AllowListedRoutesPredicateFactory : public Router::InternalRedirectPredicateFactory { public: Router::InternalRedirectPredicateSharedPtr createInternalRedirectPredicate(const Protobuf::Message& config, absl::string_view) override { auto allow_listed_routes_config = MessageUtil::downcastAndValidate( config, ProtobufMessage::getStrictValidationVisitor()); return std::make_shared(allow_listed_routes_config); } std::string name() const override { return InternalRedirectPredicateValues::get().AllowListedRoutesPredicate; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::internal_redirect::allow_listed_routes::v3::AllowListedRoutesConfig>(); } }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/previous_routes/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "previous_routes_lib", srcs = ["previous_routes.cc"], hdrs = ["previous_routes.h"], deps = [ "//include/envoy/router:internal_redirect_interface", "//include/envoy/stream_info:filter_state_interface", "//source/extensions/internal_redirect:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":previous_routes_lib", "//include/envoy/registry", "//include/envoy/router:internal_redirect_interface", "//source/extensions/internal_redirect:well_known_names", "@envoy_api//envoy/extensions/internal_redirect/previous_routes/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/internal_redirect/previous_routes/config.cc ================================================ #include "extensions/internal_redirect/previous_routes/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { REGISTER_FACTORY(PreviousRoutesPredicateFactory, Router::InternalRedirectPredicateFactory); } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/previous_routes/config.h ================================================ #pragma once #include "envoy/extensions/internal_redirect/previous_routes/v3/previous_routes_config.pb.h" #include "envoy/extensions/internal_redirect/previous_routes/v3/previous_routes_config.pb.validate.h" #include "envoy/router/internal_redirect.h" #include "extensions/internal_redirect/previous_routes/previous_routes.h" #include "extensions/internal_redirect/well_known_names.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class PreviousRoutesPredicateFactory : public Router::InternalRedirectPredicateFactory { public: Router::InternalRedirectPredicateSharedPtr createInternalRedirectPredicate(const Protobuf::Message&, absl::string_view current_route_name) override { return std::make_shared(current_route_name); } std::string name() const override { return InternalRedirectPredicateValues::get().PreviousRoutesPredicate; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::internal_redirect::previous_routes::v3::PreviousRoutesConfig>(); } }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/previous_routes/previous_routes.cc ================================================ #include "extensions/internal_redirect/previous_routes/previous_routes.h" #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" #include "absl/container/flat_hash_set.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { namespace { constexpr absl::string_view PreviousRoutesPredicateStateNamePrefix = "envoy.internal_redirect.previous_routes_predicate_state"; class PreviousRoutesPredicateState : public StreamInfo::FilterState::Object { public: PreviousRoutesPredicateState() = default; // Disallow copy so that we don't accidentally take a copy of the state // through FilterState::getDataMutable, which will cause confusing bug that // states are not updated in the original copy. PreviousRoutesPredicateState(const PreviousRoutesPredicateState&) = delete; PreviousRoutesPredicateState& operator=(const PreviousRoutesPredicateState&) = delete; bool insertRouteIfNotPresent(absl::string_view route) { return previous_routes_.insert(std::string(route)).second; } private: absl::flat_hash_set previous_routes_; }; } // namespace bool PreviousRoutesPredicate::acceptTargetRoute(StreamInfo::FilterState& filter_state, absl::string_view route_name, bool, bool) { auto filter_state_name = absl::StrCat(PreviousRoutesPredicateStateNamePrefix, ".", current_route_name_); if (!filter_state.hasData(filter_state_name)) { filter_state.setData(filter_state_name, std::make_unique(), StreamInfo::FilterState::StateType::Mutable, StreamInfo::FilterState::LifeSpan::Request); } auto& predicate_state = filter_state.getDataMutable(filter_state_name); return predicate_state.insertRouteIfNotPresent(route_name); } } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/previous_routes/previous_routes.h ================================================ #pragma once #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" #include "extensions/internal_redirect/well_known_names.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class PreviousRoutesPredicate : public Router::InternalRedirectPredicate { public: explicit PreviousRoutesPredicate(absl::string_view current_route_name) : current_route_name_(current_route_name) {} bool acceptTargetRoute(StreamInfo::FilterState& filter_state, absl::string_view route_name, bool, bool) override; absl::string_view name() const override { return InternalRedirectPredicateValues::get().PreviousRoutesPredicate; } private: const std::string current_route_name_; }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/safe_cross_scheme/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "safe_cross_scheme_lib", hdrs = ["safe_cross_scheme.h"], deps = [ "//include/envoy/router:internal_redirect_interface", "//include/envoy/stream_info:filter_state_interface", "//source/extensions/internal_redirect:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":safe_cross_scheme_lib", "//include/envoy/registry", "//include/envoy/router:internal_redirect_interface", "//source/extensions/internal_redirect:well_known_names", "@envoy_api//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/internal_redirect/safe_cross_scheme/config.cc ================================================ #include "extensions/internal_redirect/safe_cross_scheme/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { REGISTER_FACTORY(SafeCrossSchemePredicateFactory, Router::InternalRedirectPredicateFactory); } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/safe_cross_scheme/config.h ================================================ #pragma once #include "envoy/extensions/internal_redirect/safe_cross_scheme/v3/safe_cross_scheme_config.pb.h" #include "envoy/router/internal_redirect.h" #include "extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h" #include "extensions/internal_redirect/well_known_names.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class SafeCrossSchemePredicateFactory : public Router::InternalRedirectPredicateFactory { public: Router::InternalRedirectPredicateSharedPtr createInternalRedirectPredicate(const Protobuf::Message&, absl::string_view) override { return std::make_shared(); } std::string name() const override { return InternalRedirectPredicateValues::get().SafeCrossSchemePredicate; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::internal_redirect::safe_cross_scheme::v3::SafeCrossSchemeConfig>(); } }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h ================================================ #pragma once #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" #include "extensions/internal_redirect/well_known_names.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { class SafeCrossSchemePredicate : public Router::InternalRedirectPredicate { public: bool acceptTargetRoute(StreamInfo::FilterState&, absl::string_view, bool downstream_is_https, bool target_is_https) override { return downstream_is_https || !target_is_https; } absl::string_view name() const override { return InternalRedirectPredicateValues::get().SafeCrossSchemePredicate; } }; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/internal_redirect/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace InternalRedirect { /** * Well-known internal redirect predicate names. */ class InternalRedirectPredicatesNameValues { public: const std::string AllowListedRoutesPredicate = "envoy.internal_redirect_predicates.allow_listed_routes"; const std::string PreviousRoutesPredicate = "envoy.internal_redirect_predicates.previous_routes"; const std::string SafeCrossSchemePredicate = "envoy.internal_redirect_predicates.safe_cross_scheme"; }; using InternalRedirectPredicateValues = ConstSingleton; } // namespace InternalRedirect } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "envoy_quic_alarm_lib", srcs = ["envoy_quic_alarm.cc"], hdrs = ["envoy_quic_alarm.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "@com_googlesource_quiche//:quic_core_alarm_interface_lib", "@com_googlesource_quiche//:quic_core_clock_lib", ], ) envoy_cc_library( name = "envoy_quic_alarm_factory_lib", srcs = ["envoy_quic_alarm_factory.cc"], hdrs = ["envoy_quic_alarm_factory.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ ":envoy_quic_alarm_lib", "@com_googlesource_quiche//:quic_core_alarm_factory_interface_lib", "@com_googlesource_quiche//:quic_core_arena_scoped_ptr_lib", "@com_googlesource_quiche//:quic_core_one_block_arena_lib", ], ) envoy_cc_library( name = "envoy_quic_connection_helper_lib", hdrs = ["envoy_quic_connection_helper.h"], tags = ["nofips"], deps = [ "//source/extensions/quic_listeners/quiche/platform:envoy_quic_clock_lib", "@com_googlesource_quiche//:quic_core_buffer_allocator_lib", "@com_googlesource_quiche//:quic_core_connection_lib", "@com_googlesource_quiche//:quic_core_crypto_random_lib", ], ) envoy_cc_library( name = "envoy_quic_proof_source_base_lib", srcs = ["envoy_quic_proof_source_base.cc"], hdrs = ["envoy_quic_proof_source_base.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ ":envoy_quic_utils_lib", "@com_googlesource_quiche//:quic_core_crypto_certificate_view_lib", "@com_googlesource_quiche//:quic_core_crypto_crypto_handshake_lib", "@com_googlesource_quiche//:quic_core_crypto_proof_source_interface_lib", "@com_googlesource_quiche//:quic_core_data_lib", "@com_googlesource_quiche//:quic_core_versions_lib", ], ) envoy_cc_library( name = "envoy_quic_proof_source_lib", srcs = ["envoy_quic_proof_source.cc"], hdrs = ["envoy_quic_proof_source.h"], external_deps = ["ssl"], tags = ["nofips"], deps = [ ":envoy_quic_proof_source_base_lib", ":envoy_quic_utils_lib", ":quic_io_handle_wrapper_lib", ":quic_transport_socket_factory_lib", "//include/envoy/ssl:tls_certificate_config_interface", "//source/extensions/transport_sockets:well_known_names", "//source/server:connection_handler_lib", "@com_googlesource_quiche//:quic_core_crypto_certificate_view_lib", ], ) envoy_cc_library( name = "envoy_quic_proof_verifier_base_lib", srcs = ["envoy_quic_proof_verifier_base.cc"], hdrs = ["envoy_quic_proof_verifier_base.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ ":envoy_quic_utils_lib", "@com_googlesource_quiche//:quic_core_crypto_certificate_view_lib", "@com_googlesource_quiche//:quic_core_crypto_crypto_handshake_lib", "@com_googlesource_quiche//:quic_core_versions_lib", ], ) envoy_cc_library( name = "envoy_quic_proof_verifier_lib", srcs = ["envoy_quic_proof_verifier.cc"], hdrs = ["envoy_quic_proof_verifier.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ ":envoy_quic_proof_verifier_base_lib", ":envoy_quic_utils_lib", "//source/extensions/transport_sockets/tls:context_lib", ], ) envoy_cc_library( name = "spdy_server_push_utils_for_envoy_lib", srcs = ["spdy_server_push_utils_for_envoy.cc"], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "//source/common/common:assert_lib", "@com_googlesource_quiche//:quic_core_http_spdy_server_push_utils_header", ], ) envoy_cc_library( name = "envoy_quic_stream_lib", hdrs = ["envoy_quic_stream.h"], tags = ["nofips"], deps = [ ":envoy_quic_simulated_watermark_buffer_lib", ":quic_filter_manager_connection_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/http:codec_interface", "//source/common/http:codec_helper_lib", ], ) envoy_cc_library( name = "codec_lib", srcs = ["codec_impl.cc"], hdrs = ["codec_impl.h"], tags = ["nofips"], deps = [ ":envoy_quic_client_session_lib", ":envoy_quic_server_session_lib", "//include/envoy/http:codec_interface", "//include/envoy/registry", "//source/common/http/http3:quic_codec_factory_lib", "//source/common/http/http3:well_known_names", "@com_googlesource_quiche//:quic_core_http_spdy_session_lib", ], ) envoy_cc_library( name = "quic_filter_manager_connection_lib", srcs = ["quic_filter_manager_connection_impl.cc"], hdrs = ["quic_filter_manager_connection_impl.h"], tags = ["nofips"], deps = [ ":envoy_quic_connection_lib", ":envoy_quic_simulated_watermark_buffer_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/http:header_map_lib", "//source/common/network:connection_base_lib", "//source/common/stream_info:stream_info_lib", ], ) envoy_cc_library( name = "envoy_quic_server_session_lib", srcs = [ "envoy_quic_server_session.cc", "envoy_quic_server_stream.cc", ], hdrs = [ "envoy_quic_server_session.h", "envoy_quic_server_stream.h", ], tags = ["nofips"], deps = [ ":envoy_quic_proof_source_lib", ":envoy_quic_stream_lib", ":envoy_quic_utils_lib", ":quic_filter_manager_connection_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", "//source/extensions/quic_listeners/quiche/platform:quic_platform_mem_slice_storage_impl_lib", "@com_googlesource_quiche//:quic_core_http_spdy_session_lib", ], ) envoy_cc_library( name = "envoy_quic_client_session_lib", srcs = [ "envoy_quic_client_session.cc", "envoy_quic_client_stream.cc", ], hdrs = [ "envoy_quic_client_session.h", "envoy_quic_client_stream.h", ], tags = ["nofips"], deps = [ ":envoy_quic_client_connection_lib", ":envoy_quic_stream_lib", ":envoy_quic_utils_lib", ":quic_filter_manager_connection_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", "//source/extensions/quic_listeners/quiche/platform:quic_platform_mem_slice_storage_impl_lib", "@com_googlesource_quiche//:quic_core_http_client_lib", ], ) envoy_cc_library( name = "quic_io_handle_wrapper_lib", hdrs = ["quic_io_handle_wrapper.h"], deps = [ "//include/envoy/network:io_handle_interface", "//source/common/network:io_socket_error_lib", ], ) envoy_cc_library( name = "envoy_quic_connection_lib", srcs = ["envoy_quic_connection.cc"], hdrs = ["envoy_quic_connection.h"], tags = ["nofips"], deps = [ ":quic_io_handle_wrapper_lib", "//include/envoy/network:connection_interface", "//source/common/network:listen_socket_lib", "//source/extensions/quic_listeners/quiche:envoy_quic_utils_lib", "//source/extensions/transport_sockets:well_known_names", "@com_googlesource_quiche//:quic_core_connection_lib", ], ) envoy_cc_library( name = "envoy_quic_server_connection_lib", srcs = ["envoy_quic_server_connection.cc"], hdrs = ["envoy_quic_server_connection.h"], tags = ["nofips"], deps = [ ":envoy_quic_connection_lib", "//source/server:connection_handler_lib", ], ) envoy_cc_library( name = "envoy_quic_client_connection_lib", srcs = ["envoy_quic_client_connection.cc"], hdrs = ["envoy_quic_client_connection.h"], tags = ["nofips"], deps = [ ":envoy_quic_connection_lib", ":envoy_quic_packet_writer_lib", "//include/envoy/event:dispatcher_interface", "//source/common/network:socket_option_factory_lib", "//source/common/network:udp_packet_writer_handler_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "envoy_quic_dispatcher_lib", srcs = ["envoy_quic_dispatcher.cc"], hdrs = ["envoy_quic_dispatcher.h"], tags = ["nofips"], deps = [ ":envoy_quic_proof_source_lib", ":envoy_quic_server_connection_lib", ":envoy_quic_server_session_lib", "//include/envoy/network:listener_interface", "//source/server:connection_handler_lib", "@com_googlesource_quiche//:quic_core_server_lib", "@com_googlesource_quiche//:quic_core_utils_lib", ], ) envoy_cc_library( name = "envoy_quic_simulated_watermark_buffer_lib", hdrs = ["envoy_quic_simulated_watermark_buffer.h"], deps = ["//source/common/common:assert_lib"], ) envoy_cc_library( name = "active_quic_listener_lib", srcs = ["active_quic_listener.cc"], hdrs = ["active_quic_listener.h"], tags = ["nofips"], deps = [ ":envoy_quic_alarm_factory_lib", ":envoy_quic_connection_helper_lib", ":envoy_quic_dispatcher_lib", ":envoy_quic_packet_writer_lib", ":envoy_quic_proof_source_lib", ":envoy_quic_utils_lib", "//include/envoy/network:listener_interface", "//source/common/network:listener_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/server:connection_handler_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "active_quic_listener_config_lib", srcs = ["active_quic_listener_config.cc"], hdrs = ["active_quic_listener_config.h"], tags = ["nofips"], # TODO(#9953) this should be cleaned up visibility = [ "//source/extensions:__subpackages__", "//test/extensions:__subpackages__", "//test/server:__subpackages__", ], deps = [ ":active_quic_listener_lib", "//include/envoy/registry", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "envoy_quic_utils_lib", srcs = ["envoy_quic_utils.cc"], hdrs = ["envoy_quic_utils.h"], external_deps = [ "quiche_quic_platform", "ssl", ], tags = ["nofips"], deps = [ "//include/envoy/http:codec_interface", "//source/common/http:header_map_lib", "//source/common/network:address_lib", "//source/common/network:listen_socket_lib", "//source/common/network:socket_option_factory_lib", "@com_googlesource_quiche//:quic_core_http_header_list_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "quic_transport_socket_factory_lib", srcs = ["quic_transport_socket_factory.cc"], hdrs = ["quic_transport_socket_factory.h"], tags = ["nofips"], deps = [ "//include/envoy/network:transport_socket_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:context_config_interface", "//source/common/common:assert_lib", "//source/extensions/transport_sockets:well_known_names", "//source/extensions/transport_sockets/tls:context_config_lib", "@envoy_api//envoy/extensions/transport_sockets/quic/v3:pkg_cc_proto", ], ) # Create a single target that contains all the libraries that register factories. # All of these are needed for this extension to function. envoy_cc_extension( name = "quic_factory_lib", security_posture = "unknown", tags = ["nofips"], # QUICHE can't build against FIPS BoringSSL until the FIPS build # is on a new enough version to have QUIC support. Remove it from # the build until then. Re-enable as part of #7433. deps = select({ "//bazel:boringssl_fips": [], "//bazel:boringssl_disabled": [], "//conditions:default": [ ":active_quic_listener_config_lib", ":codec_lib", ":quic_transport_socket_factory_lib", ":udp_gso_batch_writer_config_lib", ], }), ) envoy_cc_library( name = "envoy_quic_packet_writer_lib", srcs = ["envoy_quic_packet_writer.cc"], hdrs = ["envoy_quic_packet_writer.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ ":envoy_quic_utils_lib", "@com_googlesource_quiche//:quic_core_packet_writer_interface_lib", ], ) envoy_cc_library( name = "udp_gso_batch_writer_lib", srcs = select({ "//bazel:linux": ["udp_gso_batch_writer.cc"], "//conditions:default": [], }), hdrs = ["udp_gso_batch_writer.h"], external_deps = ["quiche_quic_platform"], tags = ["nofips"], visibility = [ "//test/common/network:__subpackages__", "//test/extensions:__subpackages__", ], deps = [ ":envoy_quic_utils_lib", "//include/envoy/network:udp_packet_writer_handler_interface", "//source/common/network:io_socket_error_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "@com_googlesource_quiche//:quic_core_batch_writer_gso_batch_writer_lib", ], ) envoy_cc_library( name = "udp_gso_batch_writer_config_lib", srcs = ["udp_gso_batch_writer_config.cc"], hdrs = ["udp_gso_batch_writer_config.h"], tags = ["nofips"], visibility = [ "//test/server:__subpackages__", ], deps = [ ":udp_gso_batch_writer_lib", "//include/envoy/network:udp_packet_writer_config_interface", "//include/envoy/registry", "//source/common/api:os_sys_calls_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/quic_listeners/quiche/active_quic_listener.cc ================================================ #include "extensions/quic_listeners/quiche/active_quic_listener.h" #include "envoy/network/exception.h" #if defined(__linux__) #include #endif #include #include "common/runtime/runtime_features.h" #include "extensions/quic_listeners/quiche/envoy_quic_alarm_factory.h" #include "extensions/quic_listeners/quiche/envoy_quic_connection_helper.h" #include "extensions/quic_listeners/quiche/envoy_quic_dispatcher.h" #include "extensions/quic_listeners/quiche/envoy_quic_proof_source.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/quic_listeners/quiche/envoy_quic_packet_writer.h" namespace Envoy { namespace Quic { ActiveQuicListener::ActiveQuicListener( uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::ConnectionHandler& parent, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled) : ActiveQuicListener(worker_index, concurrency, dispatcher, parent, listener_config.listenSocketFactory().getListenSocket(), listener_config, quic_config, std::move(options), kernel_worker_routing, enabled) {} ActiveQuicListener::ActiveQuicListener( uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::ConnectionHandler& parent, Network::SocketSharedPtr listen_socket, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled) : Server::ActiveUdpListenerBase(worker_index, concurrency, parent, *listen_socket, dispatcher.createUdpListener(listen_socket, *this), &listener_config), dispatcher_(dispatcher), version_manager_(quic::CurrentSupportedVersions()), kernel_worker_routing_(kernel_worker_routing), enabled_(enabled, Runtime::LoaderSingleton::get()) { if (options != nullptr) { const bool ok = Network::Socket::applyOptions( options, listen_socket_, envoy::config::core::v3::SocketOption::STATE_BOUND); if (!ok) { // TODO(fcoras): consider removing the fd from the log message ENVOY_LOG(warn, "Failed to apply socket options to socket {} on listener {} after binding", listen_socket_.ioHandle().fdDoNotUse(), listener_config.name()); throw Network::CreateListenerException("Failed to apply socket options."); } listen_socket_.addOptions(options); } quic::QuicRandom* const random = quic::QuicRandom::GetInstance(); random->RandBytes(random_seed_, sizeof(random_seed_)); crypto_config_ = std::make_unique( quiche::QuicheStringPiece(reinterpret_cast(random_seed_), sizeof(random_seed_)), quic::QuicRandom::GetInstance(), std::make_unique(listen_socket_, listener_config.filterChainManager(), stats_), quic::KeyExchangeSource::Default()); auto connection_helper = std::make_unique(dispatcher_); crypto_config_->AddDefaultConfig(random, connection_helper->GetClock(), quic::QuicCryptoServerConfig::ConfigOptions()); auto alarm_factory = std::make_unique(dispatcher_, *connection_helper->GetClock()); quic_dispatcher_ = std::make_unique( crypto_config_.get(), quic_config, &version_manager_, std::move(connection_helper), std::move(alarm_factory), quic::kQuicDefaultConnectionIdLength, parent, *config_, stats_, per_worker_stats_, dispatcher, listen_socket_); // Create udp_packet_writer Network::UdpPacketWriterPtr udp_packet_writer = listener_config.udpPacketWriterFactory()->get().createUdpPacketWriter( listen_socket_.ioHandle(), listener_config.listenerScope()); udp_packet_writer_ = udp_packet_writer.get(); // Some packet writers (like `UdpGsoBatchWriter`) already directly implement // `quic::QuicPacketWriter` and can be used directly here. Other types need // `EnvoyQuicPacketWriter` as an adapter. auto* quic_packet_writer = dynamic_cast(udp_packet_writer.get()); if (quic_packet_writer != nullptr) { quic_dispatcher_->InitializeWithWriter(quic_packet_writer); udp_packet_writer.release(); } else { quic_dispatcher_->InitializeWithWriter(new EnvoyQuicPacketWriter(std::move(udp_packet_writer))); } } ActiveQuicListener::~ActiveQuicListener() { onListenerShutdown(); } void ActiveQuicListener::onListenerShutdown() { ENVOY_LOG(info, "Quic listener {} shutdown.", config_->name()); quic_dispatcher_->Shutdown(); udp_listener_.reset(); } void ActiveQuicListener::onDataWorker(Network::UdpRecvData&& data) { if (!enabled_.enabled()) { return; } quic::QuicSocketAddress peer_address( envoyIpAddressToQuicSocketAddress(data.addresses_.peer_->ip())); quic::QuicSocketAddress self_address( envoyIpAddressToQuicSocketAddress(data.addresses_.local_->ip())); quic::QuicTime timestamp = quic::QuicTime::Zero() + quic::QuicTime::Delta::FromMicroseconds(std::chrono::duration_cast( data.receive_time_.time_since_epoch()) .count()); ASSERT(data.buffer_->getRawSlices().size() == 1); Buffer::RawSliceVector slices = data.buffer_->getRawSlices(/*max_slices=*/1); // TODO(danzh): pass in TTL and UDP header. quic::QuicReceivedPacket packet(reinterpret_cast(slices[0].mem_), slices[0].len_, timestamp, /*owns_buffer=*/false, /*ttl=*/0, /*ttl_valid=*/false, /*packet_headers=*/nullptr, /*headers_length=*/0, /*owns_header_buffer*/ false); quic_dispatcher_->ProcessPacket(self_address, peer_address, packet); if (quic_dispatcher_->HasChlosBuffered()) { // If there are any buffered CHLOs, activate a read event for the next event loop to process // them. udp_listener_->activateRead(); } } void ActiveQuicListener::onReadReady() { if (!enabled_.enabled()) { ENVOY_LOG(trace, "Quic listener {}: runtime disabled", config_->name()); return; } if (quic_dispatcher_->HasChlosBuffered()) { event_loops_with_buffered_chlo_for_test_++; } quic_dispatcher_->ProcessBufferedChlos(kNumSessionsToCreatePerLoop); // If there were more buffered than the limit, schedule again for the next event loop. if (quic_dispatcher_->HasChlosBuffered()) { udp_listener_->activateRead(); } } void ActiveQuicListener::onWriteReady(const Network::Socket& /*socket*/) { quic_dispatcher_->OnCanWrite(); } void ActiveQuicListener::pauseListening() { quic_dispatcher_->StopAcceptingNewConnections(); } void ActiveQuicListener::resumeListening() { quic_dispatcher_->StartAcceptingNewConnections(); } void ActiveQuicListener::shutdownListener() { // Same as pauseListening() because all we want is to stop accepting new // connections. quic_dispatcher_->StopAcceptingNewConnections(); } uint32_t ActiveQuicListener::destination(const Network::UdpRecvData& data) const { if (kernel_worker_routing_) { // The kernel has already routed the packet correctly. Make it stay on the current worker. return worker_index_; } // This implementation is not as performant as it could be. It will result in most packets being // delivered by the kernel to the wrong worker, and then redirected to the correct worker. // // This could possibly be improved by keeping a global table of connection IDs, so that a new // connection will add its connection ID to the table on the current worker, and so packets should // be delivered to the correct worker by the kernel unless the client changes address. // This is a re-implementation of the same algorithm written in BPF in // ``ActiveQuicListenerFactory::createActiveUdpListener`` const uint64_t packet_length = data.buffer_->length(); if (packet_length < 9) { return worker_index_; } uint8_t first_octet; data.buffer_->copyOut(0, sizeof(first_octet), &first_octet); uint32_t connection_id_snippet; if (first_octet & 0x80) { // IETF QUIC long header. // The connection id starts from 7th byte. // Minimum length of a long header packet is 14. if (packet_length < 14) { return worker_index_; } data.buffer_->copyOut(6, sizeof(connection_id_snippet), &connection_id_snippet); } else { // IETF QUIC short header, or gQUIC. // The connection id starts from 2nd byte. data.buffer_->copyOut(1, sizeof(connection_id_snippet), &connection_id_snippet); } connection_id_snippet = htonl(connection_id_snippet); return connection_id_snippet % concurrency_; } ActiveQuicListenerFactory::ActiveQuicListenerFactory( const envoy::config::listener::v3::QuicProtocolOptions& config, uint32_t concurrency) : concurrency_(concurrency), enabled_(config.enabled()) { uint64_t idle_network_timeout_ms = config.has_idle_timeout() ? DurationUtil::durationToMilliseconds(config.idle_timeout()) : 300000; quic_config_.SetIdleNetworkTimeout( quic::QuicTime::Delta::FromMilliseconds(idle_network_timeout_ms)); int32_t max_time_before_crypto_handshake_ms = config.has_crypto_handshake_timeout() ? DurationUtil::durationToMilliseconds(config.crypto_handshake_timeout()) : 20000; quic_config_.set_max_time_before_crypto_handshake( quic::QuicTime::Delta::FromMilliseconds(max_time_before_crypto_handshake_ms)); int32_t max_streams = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_concurrent_streams, 100); quic_config_.SetMaxBidirectionalStreamsToSend(max_streams); quic_config_.SetMaxUnidirectionalStreamsToSend(max_streams); } Network::ConnectionHandler::ActiveUdpListenerPtr ActiveQuicListenerFactory::createActiveUdpListener( uint32_t worker_index, Network::ConnectionHandler& parent, Event::Dispatcher& disptacher, Network::ListenerConfig& config) { bool kernel_worker_routing = false; std::unique_ptr options = std::make_unique(); #if defined(SO_ATTACH_REUSEPORT_CBPF) && defined(__linux__) // This BPF filter reads the 1st word of QUIC connection id in the UDP payload and mods it by the // number of workers to get the socket index in the SO_REUSEPORT socket groups. QUIC packets // should be at least 9 bytes, with the 1st byte indicating one of the below QUIC packet headers: // 1) IETF QUIC long header: most significant bit is 1. The connection id starts from the 7th // byte. // 2) IETF QUIC short header: most significant bit is 0. The connection id starts from 2nd // byte. // 3) Google QUIC header: most significant bit is 0. The connection id starts from 2nd // byte. // Any packet that doesn't belong to any of the three packet header types are dispatched // based on 5-tuple source/destination addresses. // SPELLCHECKER(off) std::vector filter = { {0x80, 0, 0, 0000000000}, // ld len {0x35, 0, 9, 0x00000009}, // jlt #0x9, packet_too_short {0x30, 0, 0, 0000000000}, // ldb [0] {0x54, 0, 0, 0x00000080}, // and #0x80 {0x15, 0, 2, 0000000000}, // jne #0, ietf_long_header {0x20, 0, 0, 0x00000001}, // ld [1] {0x05, 0, 0, 0x00000005}, // ja return {0x80, 0, 0, 0000000000}, // ietf_long_header: ld len {0x35, 0, 2, 0x0000000e}, // jlt #0xe, packet_too_short {0x20, 0, 0, 0x00000006}, // ld [6] {0x05, 0, 0, 0x00000001}, // ja return {0x20, 0, 0, // packet_too_short: ld rxhash static_cast(SKF_AD_OFF + SKF_AD_RXHASH)}, {0x94, 0, 0, concurrency_}, // return: mod #socket_count {0x16, 0, 0, 0000000000}, // ret a }; // SPELLCHECKER(on) sock_fprog prog; // This option only needs to be applied once to any one of the sockets in SO_REUSEPORT socket // group. One of the listener will be created with this socket option. if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.prefer_quic_kernel_bpf_packet_routing")) { absl::call_once(install_bpf_once_, [&]() { if (concurrency_ > 1) { prog.len = filter.size(); prog.filter = filter.data(); options->push_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_BOUND, ENVOY_ATTACH_REUSEPORT_CBPF, absl::string_view(reinterpret_cast(&prog), sizeof(prog)))); } }); kernel_worker_routing = true; }; #else if (concurrency_ != 1) { ENVOY_LOG(warn, "Efficient routing of QUIC packets to the correct worker is not supported or " "not implemented by Envoy on this platform. QUIC performance may be degraded."); } #endif return std::make_unique(worker_index, concurrency_, disptacher, parent, config, quic_config_, std::move(options), kernel_worker_routing, enabled_); } // namespace Quic } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/active_quic_listener.h ================================================ #pragma once #include "envoy/config/listener/v3/quic_config.pb.h" #include "envoy/network/connection_handler.h" #include "envoy/network/listener.h" #include "envoy/runtime/runtime.h" #include "common/network/socket_option_impl.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_protos.h" #include "server/connection_handler_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_dispatcher.h" namespace Envoy { namespace Quic { // QUIC specific UdpListenerCallbacks implementation which delegates incoming // packets, write signals and listener errors to QuicDispatcher. class ActiveQuicListener : public Envoy::Server::ActiveUdpListenerBase, Logger::Loggable { public: // TODO(bencebeky): Tune this value. static const size_t kNumSessionsToCreatePerLoop = 16; ActiveQuicListener(uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::ConnectionHandler& parent, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled); ActiveQuicListener(uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::ConnectionHandler& parent, Network::SocketSharedPtr listen_socket, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled); ~ActiveQuicListener() override; void onListenerShutdown(); uint64_t eventLoopsWithBufferedChlosForTest() const { return event_loops_with_buffered_chlo_for_test_; } // Network::UdpListenerCallbacks void onReadReady() override; void onWriteReady(const Network::Socket& socket) override; void onReceiveError(Api::IoError::IoErrorCode /*error_code*/) override { // No-op. Quic can't do anything upon listener error. } Network::UdpPacketWriter& udpPacketWriter() override { return *udp_packet_writer_; } void onDataWorker(Network::UdpRecvData&& data) override; uint32_t destination(const Network::UdpRecvData& data) const override; // ActiveListenerImplBase void pauseListening() override; void resumeListening() override; void shutdownListener() override; private: friend class ActiveQuicListenerPeer; uint8_t random_seed_[16]; std::unique_ptr crypto_config_; Event::Dispatcher& dispatcher_; quic::QuicVersionManager version_manager_; std::unique_ptr quic_dispatcher_; const bool kernel_worker_routing_; Runtime::FeatureFlag enabled_; Network::UdpPacketWriter* udp_packet_writer_; // The number of runs of the event loop in which at least one CHLO was buffered. // TODO(ggreenway): Consider making this a published stat, or some variation of this information. uint64_t event_loops_with_buffered_chlo_for_test_{0}; }; using ActiveQuicListenerPtr = std::unique_ptr; // A factory to create ActiveQuicListener based on given config. class ActiveQuicListenerFactory : public Network::ActiveUdpListenerFactory, Logger::Loggable { public: ActiveQuicListenerFactory(const envoy::config::listener::v3::QuicProtocolOptions& config, uint32_t concurrency); // Network::ActiveUdpListenerFactory. Network::ConnectionHandler::ActiveUdpListenerPtr createActiveUdpListener(uint32_t worker_index, Network::ConnectionHandler& parent, Event::Dispatcher& disptacher, Network::ListenerConfig& config) override; bool isTransportConnectionless() const override { return false; } private: friend class ActiveQuicListenerFactoryPeer; quic::QuicConfig quic_config_; const uint32_t concurrency_; absl::once_flag install_bpf_once_; envoy::config::core::v3::RuntimeFeatureFlag enabled_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/active_quic_listener_config.cc ================================================ #include "extensions/quic_listeners/quiche/active_quic_listener_config.h" #include "envoy/config/listener/v3/quic_config.pb.h" #include "extensions/quic_listeners/quiche/active_quic_listener.h" namespace Envoy { namespace Quic { ProtobufTypes::MessagePtr ActiveQuicListenerConfigFactory::createEmptyConfigProto() { return std::make_unique(); } Network::ActiveUdpListenerFactoryPtr ActiveQuicListenerConfigFactory::createActiveUdpListenerFactory(const Protobuf::Message& message, uint32_t concurrency) { auto& config = dynamic_cast(message); return std::make_unique(config, concurrency); } std::string ActiveQuicListenerConfigFactory::name() const { return QuicListenerName; } REGISTER_FACTORY(ActiveQuicListenerConfigFactory, Server::ActiveUdpListenerConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/active_quic_listener_config.h ================================================ #pragma once #include #include "envoy/registry/registry.h" #include "envoy/server/active_udp_listener_config.h" namespace Envoy { namespace Quic { const std::string QuicListenerName{"quiche_quic_listener"}; // A factory to create ActiveQuicListenerFactory based on given protobuf. class ActiveQuicListenerConfigFactory : public Server::ActiveUdpListenerConfigFactory { public: ProtobufTypes::MessagePtr createEmptyConfigProto() override; Network::ActiveUdpListenerFactoryPtr createActiveUdpListenerFactory(const Protobuf::Message&, uint32_t concurrency) override; std::string name() const override; }; DECLARE_FACTORY(ActiveQuicListenerConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/codec_impl.cc ================================================ #include "extensions/quic_listeners/quiche/codec_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_client_stream.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h" namespace Envoy { namespace Quic { // Converts a QuicStream instance to EnvoyQuicStream instance. The current stream implementation // inherits from these two interfaces, with the former one providing Quic interface and the latter // providing Envoy interface. EnvoyQuicStream* quicStreamToEnvoyStream(quic::QuicStream* stream) { return dynamic_cast(stream); } EnvoyQuicClientStream* quicStreamToEnvoyClientStream(quic::QuicStream* stream) { return dynamic_cast(stream); } bool QuicHttpConnectionImplBase::wantsToWrite() { return quic_session_.bytesToSend() > 0; } void QuicHttpConnectionImplBase::runWatermarkCallbacksForEachStream( quic::QuicSmallMap, 10>& stream_map, bool high_watermark) { for (auto& it : stream_map) { if (!it.second->is_static()) { // Only call watermark callbacks on non QUIC static streams which are // crypto stream and Google QUIC headers stream. auto stream = quicStreamToEnvoyStream(it.second.get()); if (high_watermark) { ENVOY_LOG(debug, "runHighWatermarkCallbacks on stream {}", it.first); stream->runHighWatermarkCallbacks(); } else { ENVOY_LOG(debug, "runLowWatermarkCallbacks on stream {}", it.first); stream->runLowWatermarkCallbacks(); } } } } QuicHttpServerConnectionImpl::QuicHttpServerConnectionImpl( EnvoyQuicServerSession& quic_session, Http::ServerConnectionCallbacks& callbacks) : QuicHttpConnectionImplBase(quic_session), quic_server_session_(quic_session) { quic_session.setHttpConnectionCallbacks(callbacks); } void QuicHttpServerConnectionImpl::onUnderlyingConnectionAboveWriteBufferHighWatermark() { runWatermarkCallbacksForEachStream(quic_server_session_.stream_map(), true); } void QuicHttpServerConnectionImpl::onUnderlyingConnectionBelowWriteBufferLowWatermark() { runWatermarkCallbacksForEachStream(quic_server_session_.stream_map(), false); } void QuicHttpServerConnectionImpl::shutdownNotice() { if (quic::VersionUsesHttp3(quic_server_session_.transport_version())) { quic_server_session_.SendHttp3Shutdown(); } else { ENVOY_CONN_LOG(debug, "Shutdown notice is not propagated to QUIC.", quic_server_session_); } } void QuicHttpServerConnectionImpl::goAway() { if (quic::VersionUsesHttp3(quic_server_session_.transport_version())) { quic_server_session_.SendHttp3GoAway(); } else { quic_server_session_.SendGoAway(quic::QUIC_PEER_GOING_AWAY, "server shutdown imminent"); } } QuicHttpClientConnectionImpl::QuicHttpClientConnectionImpl(EnvoyQuicClientSession& session, Http::ConnectionCallbacks& callbacks) : QuicHttpConnectionImplBase(session), quic_client_session_(session) { session.setHttpConnectionCallbacks(callbacks); } Http::RequestEncoder& QuicHttpClientConnectionImpl::newStream(Http::ResponseDecoder& response_decoder) { EnvoyQuicClientStream* stream = quicStreamToEnvoyClientStream(quic_client_session_.CreateOutgoingBidirectionalStream()); // TODO(danzh) handle stream creation failure gracefully. This can happen when // there are already 100 open streams. In such case, caller should hold back // the stream creation till an existing stream is closed. ASSERT(stream != nullptr, "Fail to create QUIC stream."); stream->setResponseDecoder(response_decoder); if (quic_client_session_.aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } return *stream; } void QuicHttpClientConnectionImpl::onUnderlyingConnectionAboveWriteBufferHighWatermark() { runWatermarkCallbacksForEachStream(quic_client_session_.stream_map(), true); } void QuicHttpClientConnectionImpl::onUnderlyingConnectionBelowWriteBufferLowWatermark() { runWatermarkCallbacksForEachStream(quic_client_session_.stream_map(), false); } std::unique_ptr QuicHttpClientConnectionFactoryImpl::createQuicClientConnection( Network::Connection& connection, Http::ConnectionCallbacks& callbacks) { return std::make_unique( dynamic_cast(connection), callbacks); } std::unique_ptr QuicHttpServerConnectionFactoryImpl::createQuicServerConnection( Network::Connection& connection, Http::ConnectionCallbacks& callbacks) { return std::make_unique( dynamic_cast(connection), dynamic_cast(callbacks)); } REGISTER_FACTORY(QuicHttpClientConnectionFactoryImpl, Http::QuicHttpClientConnectionFactory); REGISTER_FACTORY(QuicHttpServerConnectionFactoryImpl, Http::QuicHttpServerConnectionFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/codec_impl.h ================================================ #include "envoy/http/codec.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/http/http3/quic_codec_factory.h" #include "common/http/http3/well_known_names.h" #include "extensions/quic_listeners/quiche/envoy_quic_client_session.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_session.h" namespace Envoy { namespace Quic { // QuicHttpConnectionImplBase instance is a thin QUIC codec just providing quic interface to HCM. // Owned by HCM and created during onNewConnection() if the network connection // is a QUIC connection. class QuicHttpConnectionImplBase : public virtual Http::Connection, protected Logger::Loggable { public: QuicHttpConnectionImplBase(QuicFilterManagerConnectionImpl& quic_session) : quic_session_(quic_session) {} // Http::Connection Http::Status dispatch(Buffer::Instance& /*data*/) override { // Bypassed. QUIC connection already hands all data to streams. NOT_REACHED_GCOVR_EXCL_LINE; } Http::Protocol protocol() override { return Http::Protocol::Http3; } // Returns true if the session has data to send but queued in connection or // stream send buffer. bool wantsToWrite() override; void runWatermarkCallbacksForEachStream( quic::QuicSmallMap, 10>& stream_map, bool high_watermark); protected: QuicFilterManagerConnectionImpl& quic_session_; }; class QuicHttpServerConnectionImpl : public QuicHttpConnectionImplBase, public Http::ServerConnection { public: QuicHttpServerConnectionImpl(EnvoyQuicServerSession& quic_session, Http::ServerConnectionCallbacks& callbacks); // Http::Connection void goAway() override; void shutdownNotice() override; void onUnderlyingConnectionAboveWriteBufferHighWatermark() override; void onUnderlyingConnectionBelowWriteBufferLowWatermark() override; private: EnvoyQuicServerSession& quic_server_session_; }; class QuicHttpClientConnectionImpl : public QuicHttpConnectionImplBase, public Http::ClientConnection { public: QuicHttpClientConnectionImpl(EnvoyQuicClientSession& session, Http::ConnectionCallbacks& callbacks); // Http::ClientConnection Http::RequestEncoder& newStream(Http::ResponseDecoder& response_decoder) override; // Http::Connection void goAway() override { NOT_REACHED_GCOVR_EXCL_LINE; } void shutdownNotice() override { NOT_REACHED_GCOVR_EXCL_LINE; } void onUnderlyingConnectionAboveWriteBufferHighWatermark() override; void onUnderlyingConnectionBelowWriteBufferLowWatermark() override; private: EnvoyQuicClientSession& quic_client_session_; }; // A factory to create QuicHttpClientConnection. class QuicHttpClientConnectionFactoryImpl : public Http::QuicHttpClientConnectionFactory { public: std::unique_ptr createQuicClientConnection(Network::Connection& connection, Http::ConnectionCallbacks& callbacks) override; std::string name() const override { return Http::QuicCodecNames::get().Quiche; } }; // A factory to create QuicHttpServerConnection. class QuicHttpServerConnectionFactoryImpl : public Http::QuicHttpServerConnectionFactory { public: std::unique_ptr createQuicServerConnection(Network::Connection& connection, Http::ConnectionCallbacks& callbacks) override; std::string name() const override { return Http::QuicCodecNames::get().Quiche; } }; DECLARE_FACTORY(QuicHttpClientConnectionFactoryImpl); DECLARE_FACTORY(QuicHttpServerConnectionFactoryImpl); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_alarm.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_alarm.h" #include namespace Envoy { namespace Quic { EnvoyQuicAlarm::EnvoyQuicAlarm(Event::Dispatcher& dispatcher, const quic::QuicClock& clock, quic::QuicArenaScopedPtr delegate) : QuicAlarm(std::move(delegate)), dispatcher_(dispatcher), timer_(dispatcher_.createTimer([this]() { Fire(); })), clock_(clock) {} void EnvoyQuicAlarm::CancelImpl() { timer_->disableTimer(); } void EnvoyQuicAlarm::SetImpl() { quic::QuicTime::Delta duration = getDurationBeforeDeadline(); // Round up the duration so that any duration < 1us will not be triggered within current event // loop. QUICHE alarm is not expected to be scheduled in current event loop. This bit is a bummer // in QUICHE, and we are working on the fix. Once QUICHE is fixed of expecting this behavior, we // no longer need to round up the duration. // TODO(antoniovicente) Remove the std::max(1, ...) when decommissioning the // envoy.reloadable_features.activate_timers_next_event_loop runtime flag. timer_->enableHRTimer( std::chrono::microseconds(std::max(static_cast(1), duration.ToMicroseconds()))); } void EnvoyQuicAlarm::UpdateImpl() { // Since Timer::enableTimer() overrides its deadline from previous calls, // there is no need to disable the timer before enabling it again. SetImpl(); } quic::QuicTime::Delta EnvoyQuicAlarm::getDurationBeforeDeadline() { quic::QuicTime::Delta duration(quic::QuicTime::Delta::Zero()); quic::QuicTime now = clock_.ApproximateNow(); quic::QuicTime tmp = deadline(); if (tmp > now) { duration = tmp - now; } return duration; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_alarm.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "common/common/assert.h" #include "quiche/quic/core/quic_alarm.h" #include "quiche/quic/core/quic_clock.h" #include "quiche/quic/core/quic_time.h" namespace Envoy { namespace Quic { // Implements QUIC interface // https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/core/quic_alarm.h This class // wraps an Event::Timer object and provide interface for QUIC to interact with the timer. class EnvoyQuicAlarm : public quic::QuicAlarm { public: EnvoyQuicAlarm(Event::Dispatcher& dispatcher, const quic::QuicClock& clock, quic::QuicArenaScopedPtr delegate); // TimerImpl destruction deletes in-flight alarm firing event. ~EnvoyQuicAlarm() override = default; // quic::QuicAlarm void CancelImpl() override; void SetImpl() override; // Overridden to avoid cancel before set. void UpdateImpl() override; private: quic::QuicTime::Delta getDurationBeforeDeadline(); Event::Dispatcher& dispatcher_; Event::TimerPtr timer_; const quic::QuicClock& clock_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_alarm_factory.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_alarm_factory.h" namespace Envoy { namespace Quic { quic::QuicAlarm* EnvoyQuicAlarmFactory::CreateAlarm(quic::QuicAlarm::Delegate* delegate) { return new EnvoyQuicAlarm(dispatcher_, clock_, quic::QuicArenaScopedPtr(delegate)); } quic::QuicArenaScopedPtr EnvoyQuicAlarmFactory::CreateAlarm(quic::QuicArenaScopedPtr delegate, quic::QuicConnectionArena* arena) { if (arena != nullptr) { return arena->New(dispatcher_, clock_, std::move(delegate)); } return quic::QuicArenaScopedPtr( new EnvoyQuicAlarm(dispatcher_, clock_, std::move(delegate))); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_alarm_factory.h ================================================ #pragma once #include "common/common/non_copyable.h" #include "extensions/quic_listeners/quiche/envoy_quic_alarm.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #endif #include "quiche/quic/core/quic_alarm_factory.h" #include "quiche/quic/core/quic_arena_scoped_ptr.h" #include "quiche/quic/core/quic_one_block_arena.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif namespace Envoy { namespace Quic { class EnvoyQuicAlarmFactory : public quic::QuicAlarmFactory, NonCopyable { public: EnvoyQuicAlarmFactory(Event::Dispatcher& dispatcher, const quic::QuicClock& clock) : dispatcher_(dispatcher), clock_(clock) {} ~EnvoyQuicAlarmFactory() override = default; // QuicAlarmFactory quic::QuicAlarm* CreateAlarm(quic::QuicAlarm::Delegate* delegate) override; quic::QuicArenaScopedPtr CreateAlarm(quic::QuicArenaScopedPtr delegate, quic::QuicConnectionArena* arena) override; private: Event::Dispatcher& dispatcher_; const quic::QuicClock& clock_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_connection.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_client_connection.h" #include #include "envoy/config/core/v3/base.pb.h" #include "common/network/listen_socket_impl.h" #include "common/network/socket_option_factory.h" #include "common/network/udp_packet_writer_handler_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_packet_writer.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Quic { EnvoyQuicClientConnection::EnvoyQuicClientConnection( const quic::QuicConnectionId& server_connection_id, Network::Address::InstanceConstSharedPtr& initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, const quic::ParsedQuicVersionVector& supported_versions, Network::Address::InstanceConstSharedPtr local_addr, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options) : EnvoyQuicClientConnection(server_connection_id, helper, alarm_factory, supported_versions, dispatcher, createConnectionSocket(initial_peer_address, local_addr, options)) { } EnvoyQuicClientConnection::EnvoyQuicClientConnection( const quic::QuicConnectionId& server_connection_id, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, const quic::ParsedQuicVersionVector& supported_versions, Event::Dispatcher& dispatcher, Network::ConnectionSocketPtr&& connection_socket) : EnvoyQuicClientConnection( server_connection_id, helper, alarm_factory, new EnvoyQuicPacketWriter( std::make_unique(connection_socket->ioHandle())), true, supported_versions, dispatcher, std::move(connection_socket)) {} EnvoyQuicClientConnection::EnvoyQuicClientConnection( const quic::QuicConnectionId& server_connection_id, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, const quic::ParsedQuicVersionVector& supported_versions, Event::Dispatcher& dispatcher, Network::ConnectionSocketPtr&& connection_socket) : EnvoyQuicConnection( server_connection_id, envoyIpAddressToQuicSocketAddress(connection_socket->remoteAddress()->ip()), helper, alarm_factory, writer, owns_writer, quic::Perspective::IS_CLIENT, supported_versions, std::move(connection_socket)), dispatcher_(dispatcher) {} void EnvoyQuicClientConnection::processPacket( Network::Address::InstanceConstSharedPtr local_address, Network::Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) { if (!connected()) { return; } quic::QuicTime timestamp = quic::QuicTime::Zero() + quic::QuicTime::Delta::FromMicroseconds( std::chrono::duration_cast(receive_time.time_since_epoch()) .count()); ASSERT(buffer->getRawSlices().size() == 1); Buffer::RawSliceVector slices = buffer->getRawSlices(/*max_slices=*/1); quic::QuicReceivedPacket packet(reinterpret_cast(slices[0].mem_), slices[0].len_, timestamp, /*owns_buffer=*/false, /*ttl=*/0, /*ttl_valid=*/false, /*packet_headers=*/nullptr, /*headers_length=*/0, /*owns_header_buffer*/ false); ProcessUdpPacket(envoyIpAddressToQuicSocketAddress(local_address->ip()), envoyIpAddressToQuicSocketAddress(peer_address->ip()), packet); } uint64_t EnvoyQuicClientConnection::maxPacketSize() const { // TODO(danzh) make this variable configurable to support jumbo frames. return Network::MAX_UDP_PACKET_SIZE; } void EnvoyQuicClientConnection::setUpConnectionSocket() { if (connectionSocket()->ioHandle().isOpen()) { file_event_ = connectionSocket()->ioHandle().createFileEvent( dispatcher_, [this](uint32_t events) -> void { onFileEvent(events); }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read | Event::FileReadyType::Write); if (!Network::Socket::applyOptions(connectionSocket()->options(), *connectionSocket(), envoy::config::core::v3::SocketOption::STATE_LISTENING)) { ENVOY_CONN_LOG(error, "Fail to apply listening options", *this); connectionSocket()->close(); } } if (!connectionSocket()->ioHandle().isOpen()) { CloseConnection(quic::QUIC_CONNECTION_CANCELLED, "Fail to set up connection socket.", quic::ConnectionCloseBehavior::SILENT_CLOSE); } } void EnvoyQuicClientConnection::switchConnectionSocket( Network::ConnectionSocketPtr&& connection_socket) { auto writer = std::make_unique( std::make_unique(connection_socket->ioHandle())); // Destroy the old file_event before closing the old socket. Otherwise the socket might be picked // up by another socket() call while file_event is still operating on it. file_event_.reset(); // The old socket is closed in this call. setConnectionSocket(std::move(connection_socket)); setUpConnectionSocket(); SetQuicPacketWriter(writer.release(), true); } void EnvoyQuicClientConnection::onFileEvent(uint32_t events) { ENVOY_CONN_LOG(trace, "socket event: {}", *this, events); ASSERT(events & (Event::FileReadyType::Read | Event::FileReadyType::Write)); if (events & Event::FileReadyType::Write) { OnCanWrite(); } // It's possible for a write event callback to close the connection, in such case ignore read // event processing. if (connected() && (events & Event::FileReadyType::Read)) { Api::IoErrorPtr err = Network::Utility::readPacketsFromSocket( connectionSocket()->ioHandle(), *connectionSocket()->localAddress(), *this, dispatcher_.timeSource(), packets_dropped_); // TODO(danzh): Handle no error when we limit the number of packets read. if (err->getErrorCode() != Api::IoError::IoErrorCode::Again) { ENVOY_CONN_LOG(error, "recvmsg result {}: {}", *this, static_cast(err->getErrorCode()), err->getErrorDetails()); } } } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_connection.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "common/network/utility.h" #include "extensions/quic_listeners/quiche/envoy_quic_connection.h" namespace Envoy { namespace Quic { // A client QuicConnection instance managing its own file events. class EnvoyQuicClientConnection : public EnvoyQuicConnection, public Network::UdpPacketProcessor { public: // A connection socket will be created with given |local_addr|. If binding // port not provided in |local_addr|, pick up a random port. EnvoyQuicClientConnection(const quic::QuicConnectionId& server_connection_id, Network::Address::InstanceConstSharedPtr& initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, const quic::ParsedQuicVersionVector& supported_versions, Network::Address::InstanceConstSharedPtr local_addr, Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options); EnvoyQuicClientConnection(const quic::QuicConnectionId& server_connection_id, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, const quic::ParsedQuicVersionVector& supported_versions, Event::Dispatcher& dispatcher, Network::ConnectionSocketPtr&& connection_socket); // Network::UdpPacketProcessor void processPacket(Network::Address::InstanceConstSharedPtr local_address, Network::Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) override; uint64_t maxPacketSize() const override; // Register file event and apply socket options. void setUpConnectionSocket(); // Switch underlying socket with the given one. This is used in connection migration. void switchConnectionSocket(Network::ConnectionSocketPtr&& connection_socket); private: EnvoyQuicClientConnection(const quic::QuicConnectionId& server_connection_id, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, const quic::ParsedQuicVersionVector& supported_versions, Event::Dispatcher& dispatcher, Network::ConnectionSocketPtr&& connection_socket); void onFileEvent(uint32_t events); uint32_t packets_dropped_{0}; Event::Dispatcher& dispatcher_; Event::FileEventPtr file_event_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_session.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_client_session.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" namespace Envoy { namespace Quic { EnvoyQuicClientSession::EnvoyQuicClientSession( const quic::QuicConfig& config, const quic::ParsedQuicVersionVector& supported_versions, std::unique_ptr connection, const quic::QuicServerId& server_id, quic::QuicCryptoClientConfig* crypto_config, quic::QuicClientPushPromiseIndex* push_promise_index, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit) : QuicFilterManagerConnectionImpl(*connection, dispatcher, send_buffer_limit), quic::QuicSpdyClientSession(config, supported_versions, connection.release(), server_id, crypto_config, push_promise_index) {} EnvoyQuicClientSession::~EnvoyQuicClientSession() { ASSERT(!connection()->connected()); quic_connection_ = nullptr; } absl::string_view EnvoyQuicClientSession::requestedServerName() const { return {GetCryptoStream()->crypto_negotiated_params().sni}; } void EnvoyQuicClientSession::connect() { dynamic_cast(quic_connection_)->setUpConnectionSocket(); // Start version negotiation and crypto handshake during which the connection may fail if server // doesn't support the one and only supported version. CryptoConnect(); if (quic::VersionUsesHttp3(transport_version())) { SetMaxPushId(0u); } } void EnvoyQuicClientSession::OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { quic::QuicSpdyClientSession::OnConnectionClosed(frame, source); onConnectionCloseEvent(frame, source); } void EnvoyQuicClientSession::Initialize() { quic::QuicSpdyClientSession::Initialize(); quic_connection_->setEnvoyConnection(*this); } void EnvoyQuicClientSession::OnCanWrite() { const uint64_t headers_to_send_old = quic::VersionUsesHttp3(transport_version()) ? 0u : headers_stream()->BufferedDataBytes(); quic::QuicSpdyClientSession::OnCanWrite(); const uint64_t headers_to_send_new = quic::VersionUsesHttp3(transport_version()) ? 0u : headers_stream()->BufferedDataBytes(); adjustBytesToSend(headers_to_send_new - headers_to_send_old); maybeApplyDelayClosePolicy(); } void EnvoyQuicClientSession::OnGoAway(const quic::QuicGoAwayFrame& frame) { ENVOY_CONN_LOG(debug, "GOAWAY received with error {}: {}", *this, quic::QuicErrorCodeToString(frame.error_code), frame.reason_phrase); quic::QuicSpdyClientSession::OnGoAway(frame); if (http_connection_callbacks_ != nullptr) { http_connection_callbacks_->onGoAway(quicErrorCodeToEnvoyErrorCode(frame.error_code)); } } void EnvoyQuicClientSession::OnHttp3GoAway(uint64_t stream_id) { ENVOY_CONN_LOG(debug, "HTTP/3 GOAWAY received", *this); quic::QuicSpdyClientSession::OnHttp3GoAway(stream_id); if (http_connection_callbacks_ != nullptr) { // HTTP/3 GOAWAY doesn't have an error code field. http_connection_callbacks_->onGoAway(Http::GoAwayErrorCode::NoError); } } void EnvoyQuicClientSession::SetDefaultEncryptionLevel(quic::EncryptionLevel level) { quic::QuicSpdyClientSession::SetDefaultEncryptionLevel(level); if (level == quic::ENCRYPTION_FORWARD_SECURE) { // This is only reached once, when handshake is done. raiseConnectionEvent(Network::ConnectionEvent::Connected); } } std::unique_ptr EnvoyQuicClientSession::CreateClientStream() { return std::make_unique(GetNextOutgoingBidirectionalStreamId(), this, quic::BIDIRECTIONAL); } quic::QuicSpdyStream* EnvoyQuicClientSession::CreateIncomingStream(quic::QuicStreamId /*id*/) { // Disallow server initiated stream. NOT_REACHED_GCOVR_EXCL_LINE; } quic::QuicSpdyStream* EnvoyQuicClientSession::CreateIncomingStream(quic::PendingStream* /*pending*/) { // Disallow server initiated stream. NOT_REACHED_GCOVR_EXCL_LINE; } bool EnvoyQuicClientSession::hasDataToWrite() { return HasDataToWrite(); } void EnvoyQuicClientSession::OnTlsHandshakeComplete() { raiseConnectionEvent(Network::ConnectionEvent::Connected); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_session.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #pragma GCC diagnostic ignored "-Wtype-limits" #endif #include "quiche/quic/core/http/quic_spdy_client_session.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_client_stream.h" #include "extensions/quic_listeners/quiche/envoy_quic_client_connection.h" #include "extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h" namespace Envoy { namespace Quic { // Act as a Network::ClientConnection to ClientCodec. // TODO(danzh) This class doesn't need to inherit Network::FilterManager // interface but need all other Network::Connection implementation in // QuicFilterManagerConnectionImpl. Refactor QuicFilterManagerConnectionImpl to // move FilterManager interface to EnvoyQuicServerSession. class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, public quic::QuicSpdyClientSession, public Network::ClientConnection { public: EnvoyQuicClientSession(const quic::QuicConfig& config, const quic::ParsedQuicVersionVector& supported_versions, std::unique_ptr connection, const quic::QuicServerId& server_id, quic::QuicCryptoClientConfig* crypto_config, quic::QuicClientPushPromiseIndex* push_promise_index, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit); ~EnvoyQuicClientSession() override; // Called by QuicHttpClientConnectionImpl before creating data streams. void setHttpConnectionCallbacks(Http::ConnectionCallbacks& callbacks) { http_connection_callbacks_ = &callbacks; } // Network::Connection absl::string_view requestedServerName() const override; // Network::ClientConnection // Set up socket and start handshake. void connect() override; // quic::QuicSession void OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) override; void Initialize() override; void OnCanWrite() override; void OnGoAway(const quic::QuicGoAwayFrame& frame) override; void OnHttp3GoAway(uint64_t stream_id) override; void OnTlsHandshakeComplete() override; // quic::QuicSpdyClientSessionBase void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override; using quic::QuicSpdyClientSession::stream_map; protected: // quic::QuicSpdyClientSession std::unique_ptr CreateClientStream() override; // quic::QuicSpdySession quic::QuicSpdyStream* CreateIncomingStream(quic::QuicStreamId id) override; quic::QuicSpdyStream* CreateIncomingStream(quic::PendingStream* pending) override; // QuicFilterManagerConnectionImpl bool hasDataToWrite() override; private: // These callbacks are owned by network filters and quic session should outlive // them. Http::ConnectionCallbacks* http_connection_callbacks_{nullptr}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_stream.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_client_stream.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/quic_session.h" #include "quiche/quic/core/http/quic_header_list.h" #include "quiche/spdy/core/spdy_header_block.h" #include "extensions/quic_listeners/quiche/platform/quic_mem_slice_span_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/quic_listeners/quiche/envoy_quic_client_session.h" #include "common/buffer/buffer_impl.h" #include "common/http/header_map_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Quic { EnvoyQuicClientStream::EnvoyQuicClientStream(quic::QuicStreamId id, quic::QuicSpdyClientSession* client_session, quic::StreamType type) : quic::QuicSpdyClientStream(id, client_session, type), EnvoyQuicStream( // This should be larger than 8k to fully utilize congestion control // window. And no larger than the max stream flow control window for // the stream to buffer all the data. // Ideally this limit should also correlate to peer's receive window // but not fully depends on that. 16 * 1024, [this]() { runLowWatermarkCallbacks(); }, [this]() { runHighWatermarkCallbacks(); }) {} EnvoyQuicClientStream::EnvoyQuicClientStream(quic::PendingStream* pending, quic::QuicSpdyClientSession* client_session, quic::StreamType type) : quic::QuicSpdyClientStream(pending, client_session, type), EnvoyQuicStream( 16 * 1024, [this]() { runLowWatermarkCallbacks(); }, [this]() { runHighWatermarkCallbacks(); }) {} void EnvoyQuicClientStream::encodeHeaders(const Http::RequestHeaderMap& headers, bool end_stream) { ENVOY_STREAM_LOG(debug, "encodeHeaders: (end_stream={}) {}.", *this, end_stream, headers); quic::QuicStream* writing_stream = quic::VersionUsesHttp3(transport_version()) ? static_cast(this) : (dynamic_cast(session())->headers_stream()); const uint64_t bytes_to_send_old = writing_stream->BufferedDataBytes(); WriteHeaders(envoyHeadersToSpdyHeaderBlock(headers), end_stream, nullptr); local_end_stream_ = end_stream; const uint64_t bytes_to_send_new = writing_stream->BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); // IETF QUIC sends HEADER frame on current stream. After writing headers, the // buffer may increase. maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicClientStream::encodeData(Buffer::Instance& data, bool end_stream) { ENVOY_STREAM_LOG(debug, "encodeData (end_stream={}) of {} bytes.", *this, end_stream, data.length()); local_end_stream_ = end_stream; // This is counting not serialized bytes in the send buffer. const uint64_t bytes_to_send_old = BufferedDataBytes(); // QUIC stream must take all. WriteBodySlices(quic::QuicMemSliceSpan(quic::QuicMemSliceSpanImpl(data)), end_stream); if (data.length() > 0) { // Send buffer didn't take all the data, threshold needs to be adjusted. Reset(quic::QUIC_BAD_APPLICATION_PAYLOAD); return; } const uint64_t bytes_to_send_new = BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicClientStream::encodeTrailers(const Http::RequestTrailerMap& trailers) { ASSERT(!local_end_stream_); local_end_stream_ = true; ENVOY_STREAM_LOG(debug, "encodeTrailers: {}.", *this, trailers); quic::QuicStream* writing_stream = quic::VersionUsesHttp3(transport_version()) ? static_cast(this) : (dynamic_cast(session())->headers_stream()); const uint64_t bytes_to_send_old = writing_stream->BufferedDataBytes(); WriteTrailers(envoyHeadersToSpdyHeaderBlock(trailers), nullptr); const uint64_t bytes_to_send_new = writing_stream->BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); // IETF QUIC sends HEADER frame on current stream. After writing trailers, the // buffer may increase. maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicClientStream::encodeMetadata(const Http::MetadataMapVector& /*metadata_map_vector*/) { // Metadata Frame is not supported in QUIC. // TODO(danzh): add stats for metadata not supported error. } void EnvoyQuicClientStream::resetStream(Http::StreamResetReason reason) { // Higher layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(reason); Reset(envoyResetReasonToQuicRstError(reason)); } void EnvoyQuicClientStream::switchStreamBlockState(bool should_block) { ASSERT(FinishedReadingHeaders(), "Upper stream buffer limit is reached before response body is delivered."); if (should_block) { sequencer()->SetBlockedUntilFlush(); } else { ASSERT(read_disable_counter_ == 0, "readDisable called in between."); sequencer()->SetUnblocked(); } } void EnvoyQuicClientStream::OnInitialHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) { quic::QuicSpdyStream::OnInitialHeadersComplete(fin, frame_len, header_list); if (rst_sent()) { return; } ASSERT(headers_decompressed()); response_decoder_->decodeHeaders( quicHeadersToEnvoyHeaders(header_list), /*end_stream=*/fin); if (fin) { end_stream_decoded_ = true; } ConsumeHeaderList(); } void EnvoyQuicClientStream::OnBodyAvailable() { ASSERT(FinishedReadingHeaders()); ASSERT(read_disable_counter_ == 0); ASSERT(!in_decode_data_callstack_); in_decode_data_callstack_ = true; Buffer::InstancePtr buffer = std::make_unique(); // TODO(danzh): check Envoy per stream buffer limit. // Currently read out all the data. while (HasBytesToRead()) { iovec iov; int num_regions = GetReadableRegions(&iov, 1); ASSERT(num_regions > 0); size_t bytes_read = iov.iov_len; Buffer::RawSlice slice; buffer->reserve(bytes_read, &slice, 1); ASSERT(slice.len_ >= bytes_read); slice.len_ = bytes_read; memcpy(slice.mem_, iov.iov_base, iov.iov_len); buffer->commit(&slice, 1); MarkConsumed(bytes_read); } // True if no trailer and FIN read. bool finished_reading = IsDoneReading(); bool empty_payload_with_fin = buffer->length() == 0 && fin_received(); // If this call is triggered by an empty frame with FIN which is not from peer // but synthesized by stream itself upon receiving HEADERS with FIN or // TRAILERS, do not deliver end of stream here. Because either decodeHeaders // already delivered it or decodeTrailers will be called. bool skip_decoding = empty_payload_with_fin && (end_stream_decoded_ || !finished_reading); if (!skip_decoding) { response_decoder_->decodeData(*buffer, finished_reading); if (finished_reading) { end_stream_decoded_ = true; } } if (!sequencer()->IsClosed()) { in_decode_data_callstack_ = false; if (read_disable_counter_ > 0) { // If readDisable() was ever called during decodeData() and it meant to disable // reading from downstream, the call must have been deferred. Call it now. switchStreamBlockState(true); } return; } if (!quic::VersionUsesHttp3(transport_version()) && !FinishedReadingTrailers()) { // For Google QUIC implementation, trailers may arrived earlier and wait to // be consumed after reading all the body. Consume it here. // IETF QUIC shouldn't reach here because trailers are sent on same stream. response_decoder_->decodeTrailers( spdyHeaderBlockToEnvoyHeaders(received_trailers())); MarkTrailersConsumed(); } OnFinRead(); in_decode_data_callstack_ = false; } void EnvoyQuicClientStream::OnTrailingHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) { quic::QuicSpdyStream::OnTrailingHeadersComplete(fin, frame_len, header_list); ASSERT(trailers_decompressed()); if (session()->connection()->connected() && (quic::VersionUsesHttp3(transport_version()) || sequencer()->IsClosed()) && !FinishedReadingTrailers()) { // Before QPack, trailers can arrive before body. Only decode trailers after finishing decoding // body. response_decoder_->decodeTrailers( spdyHeaderBlockToEnvoyHeaders(received_trailers())); MarkTrailersConsumed(); } } void EnvoyQuicClientStream::OnStreamReset(const quic::QuicRstStreamFrame& frame) { quic::QuicSpdyClientStream::OnStreamReset(frame); runResetCallbacks(quicRstErrorToEnvoyResetReason(frame.error_code)); } void EnvoyQuicClientStream::OnConnectionClosed(quic::QuicErrorCode error, quic::ConnectionCloseSource source) { quic::QuicSpdyClientStream::OnConnectionClosed(error, source); runResetCallbacks(quicErrorCodeToEnvoyResetReason(error)); } void EnvoyQuicClientStream::OnClose() { quic::QuicSpdyClientStream::OnClose(); if (BufferedDataBytes() > 0) { // If the stream is closed without sending out all buffered data, regard // them as sent now and adjust connection buffer book keeping. filterManagerConnection()->adjustBytesToSend(0 - BufferedDataBytes()); } } void EnvoyQuicClientStream::OnCanWrite() { uint64_t buffered_data_old = BufferedDataBytes(); quic::QuicSpdyClientStream::OnCanWrite(); uint64_t buffered_data_new = BufferedDataBytes(); // As long as OnCanWriteNewData() is no-op, data to sent in buffer shouldn't // increase. ASSERT(buffered_data_new <= buffered_data_old); maybeCheckWatermark(buffered_data_old, buffered_data_new, *filterManagerConnection()); } uint32_t EnvoyQuicClientStream::streamId() { return id(); } Network::Connection* EnvoyQuicClientStream::connection() { return filterManagerConnection(); } QuicFilterManagerConnectionImpl* EnvoyQuicClientStream::filterManagerConnection() { return dynamic_cast(session()); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_client_stream.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/http/quic_spdy_client_stream.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_stream.h" namespace Envoy { namespace Quic { // This class is a quic stream and also a request encoder. class EnvoyQuicClientStream : public quic::QuicSpdyClientStream, public EnvoyQuicStream, public Http::RequestEncoder { public: EnvoyQuicClientStream(quic::QuicStreamId id, quic::QuicSpdyClientSession* client_session, quic::StreamType type); EnvoyQuicClientStream(quic::PendingStream* pending, quic::QuicSpdyClientSession* client_session, quic::StreamType type); void setResponseDecoder(Http::ResponseDecoder& decoder) { response_decoder_ = &decoder; } // Http::StreamEncoder void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeMetadata(const Http::MetadataMapVector& metadata_map_vector) override; Http::Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return absl::nullopt; } // Http::RequestEncoder void encodeHeaders(const Http::RequestHeaderMap& headers, bool end_stream) override; void encodeTrailers(const Http::RequestTrailerMap& trailers) override; // Http::Stream void resetStream(Http::StreamResetReason reason) override; void setFlushTimeout(std::chrono::milliseconds) override {} // quic::QuicSpdyStream void OnBodyAvailable() override; void OnStreamReset(const quic::QuicRstStreamFrame& frame) override; void OnClose() override; void OnCanWrite() override; // quic::Stream void OnConnectionClosed(quic::QuicErrorCode error, quic::ConnectionCloseSource source) override; protected: // EnvoyQuicStream void switchStreamBlockState(bool should_block) override; uint32_t streamId() override; Network::Connection* connection() override; // quic::QuicSpdyStream // Overridden to pass headers to decoder. void OnInitialHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) override; void OnTrailingHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) override; private: QuicFilterManagerConnectionImpl* filterManagerConnection(); Http::ResponseDecoder* response_decoder_{nullptr}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_connection.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_connection.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" namespace Envoy { namespace Quic { EnvoyQuicConnection::EnvoyQuicConnection(const quic::QuicConnectionId& server_connection_id, quic::QuicSocketAddress initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, quic::Perspective perspective, const quic::ParsedQuicVersionVector& supported_versions, Network::ConnectionSocketPtr&& connection_socket) : quic::QuicConnection(server_connection_id, initial_peer_address, &helper, &alarm_factory, writer, owns_writer, perspective, supported_versions), connection_socket_(std::move(connection_socket)) {} EnvoyQuicConnection::~EnvoyQuicConnection() { connection_socket_->close(); } uint64_t EnvoyQuicConnection::id() const { return envoy_connection_->id(); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_connection.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/quic_connection.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include #include "common/common/logger.h" #include "envoy/network/connection.h" namespace Envoy { namespace Quic { // Derived for network filter chain, stats and QoS. This is used on both client // and server side. class EnvoyQuicConnection : public quic::QuicConnection, protected Logger::Loggable { public: EnvoyQuicConnection(const quic::QuicConnectionId& server_connection_id, quic::QuicSocketAddress initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, quic::Perspective perspective, const quic::ParsedQuicVersionVector& supported_versions, Network::ConnectionSocketPtr&& connection_socket); ~EnvoyQuicConnection() override; // Called by EnvoyQuicSession::setConnectionStats(). void setConnectionStats(const Network::Connection::ConnectionStats& stats) { connection_stats_ = std::make_unique(stats); } // Called in session Initialize(). void setEnvoyConnection(Network::Connection& connection) { envoy_connection_ = &connection; } const Network::ConnectionSocketPtr& connectionSocket() const { return connection_socket_; } // Needed for ENVOY_CONN_LOG. uint64_t id() const; protected: Network::Connection::ConnectionStats& connectionStats() const { return *connection_stats_; } Network::Connection& envoyConnection() const { ASSERT(envoy_connection_ != nullptr); return *envoy_connection_; } void setConnectionSocket(Network::ConnectionSocketPtr&& connection_socket) { connection_socket_ = std::move(connection_socket); } private: // TODO(danzh): populate stats. std::unique_ptr connection_stats_; // Assigned upon construction. Constructed with empty local address if unknown // by then. Network::ConnectionSocketPtr connection_socket_; // Points to an instance of EnvoyQuicServerSession or EnvoyQuicClientSession. Network::Connection* envoy_connection_{nullptr}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_connection_helper.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #pragma GCC diagnostic ignored "-Wtype-limits" #endif #include "quiche/quic/core/crypto/quic_random.h" #include "quiche/quic/core/quic_connection.h" #include "quiche/quic/core/quic_simple_buffer_allocator.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/platform/envoy_quic_clock.h" namespace Envoy { namespace Quic { // Derived to provide EnvoyQuicClock and default random generator and buffer // allocator. class EnvoyQuicConnectionHelper : public quic::QuicConnectionHelperInterface { public: EnvoyQuicConnectionHelper(Event::Dispatcher& dispatcher) : clock_(dispatcher), random_generator_(quic::QuicRandom::GetInstance()) {} ~EnvoyQuicConnectionHelper() override = default; // QuicConnectionHelperInterface const quic::QuicClock* GetClock() const override { return &clock_; } quic::QuicRandom* GetRandomGenerator() override { return random_generator_; } quic::QuicBufferAllocator* GetStreamSendBufferAllocator() override { return &buffer_allocator_; } private: EnvoyQuicClock clock_; quic::QuicRandom* random_generator_ = nullptr; quic::SimpleBufferAllocator buffer_allocator_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_dispatcher.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_dispatcher.h" #include "common/http/utility.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_connection.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_session.h" namespace Envoy { namespace Quic { EnvoyQuicDispatcher::EnvoyQuicDispatcher( const quic::QuicCryptoServerConfig* crypto_config, const quic::QuicConfig& quic_config, quic::QuicVersionManager* version_manager, std::unique_ptr helper, std::unique_ptr alarm_factory, uint8_t expected_server_connection_id_length, Network::ConnectionHandler& connection_handler, Network::ListenerConfig& listener_config, Server::ListenerStats& listener_stats, Server::PerHandlerListenerStats& per_worker_stats, Event::Dispatcher& dispatcher, Network::Socket& listen_socket) : quic::QuicDispatcher(&quic_config, crypto_config, version_manager, std::move(helper), std::make_unique(), std::move(alarm_factory), expected_server_connection_id_length), connection_handler_(connection_handler), listener_config_(listener_config), listener_stats_(listener_stats), per_worker_stats_(per_worker_stats), dispatcher_(dispatcher), listen_socket_(listen_socket) { // Set send buffer twice of max flow control window to ensure that stream send // buffer always takes all the data. // The max amount of data buffered is the per-stream high watermark + the max // flow control window of upstream. The per-stream high watermark should be // smaller than max flow control window to make sure upper stream can be flow // control blocked early enough not to send more than the threshold allows. // TODO(#8826) Ideally we should use the negotiated value from upstream which is not accessible // for now. 512MB is way to large, but the actual bytes buffered should be bound by the negotiated // upstream flow control window. SetQuicFlag( FLAGS_quic_buffered_data_threshold, 2 * ::Envoy::Http2::Utility::OptionsLimits::DEFAULT_INITIAL_STREAM_WINDOW_SIZE); // 512MB } void EnvoyQuicDispatcher::OnConnectionClosed(quic::QuicConnectionId connection_id, quic::QuicErrorCode error, const std::string& error_details, quic::ConnectionCloseSource source) { quic::QuicDispatcher::OnConnectionClosed(connection_id, error, error_details, source); listener_stats_.downstream_cx_active_.dec(); per_worker_stats_.downstream_cx_active_.dec(); connection_handler_.decNumConnections(); } std::unique_ptr EnvoyQuicDispatcher::CreateQuicSession( quic::QuicConnectionId server_connection_id, const quic::QuicSocketAddress& /*self_address*/, const quic::QuicSocketAddress& peer_address, quiche::QuicheStringPiece /*alpn*/, const quic::ParsedQuicVersion& version) { auto quic_connection = std::make_unique( server_connection_id, peer_address, *helper(), *alarm_factory(), writer(), /*owns_writer=*/false, quic::ParsedQuicVersionVector{version}, listen_socket_); auto quic_session = std::make_unique( config(), quic::ParsedQuicVersionVector{version}, std::move(quic_connection), this, session_helper(), crypto_config(), compressed_certs_cache(), dispatcher_, listener_config_.perConnectionBufferLimitBytes(), listener_config_); quic_session->Initialize(); // Filter chain can't be retrieved here as self address is unknown at this // point. // TODO(danzh): change QUIC interface to pass in self address as it is already // known. In this way, filter chain can be retrieved at this point. But one // thing to pay attention is that if the retrieval fails, connection needs to // be closed, and it should be added to time wait list instead of session map. connection_handler_.incNumConnections(); listener_stats_.downstream_cx_active_.inc(); listener_stats_.downstream_cx_total_.inc(); per_worker_stats_.downstream_cx_active_.inc(); per_worker_stats_.downstream_cx_total_.inc(); return quic_session; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_dispatcher.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #pragma GCC diagnostic ignored "-Wtype-limits" #endif #include "quiche/quic/core/quic_dispatcher.h" #include "quiche/quic/core/quic_utils.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include #include "envoy/network/listener.h" #include "server/connection_handler_impl.h" namespace Envoy { namespace Quic { // Envoy specific provider of server connection id and decision maker of // accepting new connection or not. class EnvoyQuicCryptoServerStreamHelper : public quic::QuicCryptoServerStreamBase::Helper { public: ~EnvoyQuicCryptoServerStreamHelper() override = default; // quic::QuicCryptoServerStream::Helper bool CanAcceptClientHello(const quic::CryptoHandshakeMessage& /*message*/, const quic::QuicSocketAddress& /*client_address*/, const quic::QuicSocketAddress& /*peer_address*/, const quic::QuicSocketAddress& /*self_address*/, std::string* /*error_details*/) const override { // TODO(danzh): decide to accept or not based on information from given handshake message, i.e. // user agent and SNI. return true; } }; class EnvoyQuicDispatcher : public quic::QuicDispatcher { public: EnvoyQuicDispatcher(const quic::QuicCryptoServerConfig* crypto_config, const quic::QuicConfig& quic_config, quic::QuicVersionManager* version_manager, std::unique_ptr helper, std::unique_ptr alarm_factory, uint8_t expected_server_connection_id_length, Network::ConnectionHandler& connection_handler, Network::ListenerConfig& listener_config, Server::ListenerStats& listener_stats, Server::PerHandlerListenerStats& per_worker_stats, Event::Dispatcher& dispatcher, Network::Socket& listen_socket); void OnConnectionClosed(quic::QuicConnectionId connection_id, quic::QuicErrorCode error, const std::string& error_details, quic::ConnectionCloseSource source) override; protected: std::unique_ptr CreateQuicSession(quic::QuicConnectionId server_connection_id, const quic::QuicSocketAddress& self_address, const quic::QuicSocketAddress& peer_address, quiche::QuicheStringPiece alpn, const quic::ParsedQuicVersion& version) override; private: Network::ConnectionHandler& connection_handler_; Network::ListenerConfig& listener_config_; Server::ListenerStats& listener_stats_; Server::PerHandlerListenerStats& per_worker_stats_; Event::Dispatcher& dispatcher_; Network::Socket& listen_socket_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_packet_writer.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_packet_writer.h" #include #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" namespace Envoy { namespace Quic { namespace { quic::WriteResult convertToQuicWriteResult(Api::IoCallUint64Result& result) { if (result.ok()) { return {quic::WRITE_STATUS_OK, static_cast(result.rc_)}; } quic::WriteStatus status = result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again ? quic::WRITE_STATUS_BLOCKED : quic::WRITE_STATUS_ERROR; return {status, static_cast(result.err_->getErrorCode())}; } } // namespace EnvoyQuicPacketWriter::EnvoyQuicPacketWriter(Network::UdpPacketWriterPtr envoy_udp_packet_writer) : envoy_udp_packet_writer_(std::move(envoy_udp_packet_writer)) {} quic::WriteResult EnvoyQuicPacketWriter::WritePacket(const char* buffer, size_t buffer_len, const quic::QuicIpAddress& self_ip, const quic::QuicSocketAddress& peer_address, quic::PerPacketOptions* options) { ASSERT(options == nullptr, "Per packet option is not supported yet."); Buffer::BufferFragmentImpl fragment(buffer, buffer_len, nullptr); Buffer::OwnedImpl buf; buf.addBufferFragment(fragment); quic::QuicSocketAddress self_address(self_ip, /*port=*/0); Network::Address::InstanceConstSharedPtr local_addr = quicAddressToEnvoyAddressInstance(self_address); Network::Address::InstanceConstSharedPtr remote_addr = quicAddressToEnvoyAddressInstance(peer_address); Api::IoCallUint64Result result = envoy_udp_packet_writer_->writePacket( buf, local_addr == nullptr ? nullptr : local_addr->ip(), *remote_addr); return convertToQuicWriteResult(result); } quic::QuicByteCount EnvoyQuicPacketWriter::GetMaxPacketSize(const quic::QuicSocketAddress& peer_address) const { Network::Address::InstanceConstSharedPtr remote_addr = quicAddressToEnvoyAddressInstance(peer_address); return static_cast(envoy_udp_packet_writer_->getMaxPacketSize(*remote_addr)); } quic::QuicPacketBuffer EnvoyQuicPacketWriter::GetNextWriteLocation(const quic::QuicIpAddress& self_ip, const quic::QuicSocketAddress& peer_address) { quic::QuicSocketAddress self_address(self_ip, /*port=*/0); Network::Address::InstanceConstSharedPtr local_addr = quicAddressToEnvoyAddressInstance(self_address); Network::Address::InstanceConstSharedPtr remote_addr = quicAddressToEnvoyAddressInstance(peer_address); Network::UdpPacketWriterBuffer write_location = envoy_udp_packet_writer_->getNextWriteLocation( local_addr == nullptr ? nullptr : local_addr->ip(), *remote_addr); return quic::QuicPacketBuffer(reinterpret_cast(write_location.buffer_), write_location.release_buffer_); } quic::WriteResult EnvoyQuicPacketWriter::Flush() { Api::IoCallUint64Result result = envoy_udp_packet_writer_->flush(); return convertToQuicWriteResult(result); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_packet_writer.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/quic_packet_writer.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "envoy/network/udp_packet_writer_handler.h" namespace Envoy { namespace Quic { class EnvoyQuicPacketWriter : public quic::QuicPacketWriter { public: EnvoyQuicPacketWriter(Network::UdpPacketWriterPtr envoy_udp_packet_writer); quic::WriteResult WritePacket(const char* buffer, size_t buf_len, const quic::QuicIpAddress& self_address, const quic::QuicSocketAddress& peer_address, quic::PerPacketOptions* options) override; // quic::QuicPacketWriter bool IsWriteBlocked() const override { return envoy_udp_packet_writer_->isWriteBlocked(); } void SetWritable() override { envoy_udp_packet_writer_->setWritable(); } bool IsBatchMode() const override { return envoy_udp_packet_writer_->isBatchMode(); } // Currently this writer doesn't support pacing offload. bool SupportsReleaseTime() const override { return false; } quic::QuicByteCount GetMaxPacketSize(const quic::QuicSocketAddress& peer_address) const override; quic::QuicPacketBuffer GetNextWriteLocation(const quic::QuicIpAddress& self_address, const quic::QuicSocketAddress& peer_address) override; quic::WriteResult Flush() override; private: Network::UdpPacketWriterPtr envoy_udp_packet_writer_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_source.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_proof_source.h" #include #include "envoy/ssl/tls_certificate_config.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/quic_listeners/quiche/quic_io_handle_wrapper.h" #include "extensions/transport_sockets/well_known_names.h" #include "openssl/bytestring.h" #include "quiche/quic/core/crypto/certificate_view.h" namespace Envoy { namespace Quic { quic::QuicReferenceCountedPointer EnvoyQuicProofSource::GetCertChain(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname) { CertConfigWithFilterChain res = getTlsCertConfigAndFilterChain(server_address, client_address, hostname); absl::optional> cert_config_ref = res.cert_config_; if (!cert_config_ref.has_value()) { ENVOY_LOG(warn, "No matching filter chain found for handshake."); return nullptr; } auto& cert_config = cert_config_ref.value().get(); const std::string& chain_str = cert_config.certificateChain(); std::stringstream pem_stream(chain_str); std::vector chain = quic::CertificateView::LoadPemFromStream(&pem_stream); return quic::QuicReferenceCountedPointer( new quic::ProofSource::Chain(chain)); } void EnvoyQuicProofSource::signPayload( const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr callback) { CertConfigWithFilterChain res = getTlsCertConfigAndFilterChain(server_address, client_address, hostname); absl::optional> cert_config_ref = res.cert_config_; if (!cert_config_ref.has_value()) { ENVOY_LOG(warn, "No matching filter chain found for handshake."); callback->Run(false, "", nullptr); return; } auto& cert_config = cert_config_ref.value().get(); // Load private key. const std::string& pkey = cert_config.privateKey(); std::stringstream pem_str(pkey); std::unique_ptr pem_key = quic::CertificatePrivateKey::LoadPemFromStream(&pem_str); if (pem_key == nullptr) { ENVOY_LOG(warn, "Failed to load private key."); callback->Run(false, "", nullptr); return; } // Verify the signature algorithm is as expected. std::string error_details; int sign_alg = deduceSignatureAlgorithmFromPublicKey(pem_key->private_key(), &error_details); if (sign_alg != signature_algorithm) { ENVOY_LOG(warn, fmt::format("The signature algorithm {} from the private key is not expected: {}", sign_alg, error_details)); callback->Run(false, "", nullptr); return; } // Sign. std::string sig = pem_key->Sign(in, signature_algorithm); bool success = !sig.empty(); ASSERT(res.filter_chain_.has_value()); callback->Run(success, sig, std::make_unique(res.filter_chain_.value().get())); } EnvoyQuicProofSource::CertConfigWithFilterChain EnvoyQuicProofSource::getTlsCertConfigAndFilterChain(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname) { ENVOY_LOG(trace, "Getting cert chain for {}", hostname); Network::ConnectionSocketImpl connection_socket( std::make_unique(listen_socket_.ioHandle()), quicAddressToEnvoyAddressInstance(server_address), quicAddressToEnvoyAddressInstance(client_address)); connection_socket.setDetectedTransportProtocol( Extensions::TransportSockets::TransportProtocolNames::get().Quic); connection_socket.setRequestedServerName(hostname); connection_socket.setRequestedApplicationProtocols({"h2"}); const Network::FilterChain* filter_chain = filter_chain_manager_.findFilterChain(connection_socket); if (filter_chain == nullptr) { listener_stats_.no_filter_chain_match_.inc(); return {absl::nullopt, absl::nullopt}; } const Network::TransportSocketFactory& transport_socket_factory = filter_chain->transportSocketFactory(); std::vector> tls_cert_configs = dynamic_cast(transport_socket_factory) .serverContextConfig() .tlsCertificates(); // Only return the first TLS cert config. // TODO(danzh) Choose based on supported cipher suites in TLS1.3 CHLO and prefer EC // certs if supported. return {tls_cert_configs[0].get(), *filter_chain}; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_source.h ================================================ #pragma once #include "server/connection_handler_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_proof_source_base.h" #include "extensions/quic_listeners/quiche/quic_transport_socket_factory.h" namespace Envoy { namespace Quic { // A ProofSource implementation which supplies a proof instance with certs from filter chain. class EnvoyQuicProofSource : public EnvoyQuicProofSourceBase { public: EnvoyQuicProofSource(Network::Socket& listen_socket, Network::FilterChainManager& filter_chain_manager, Server::ListenerStats& listener_stats) : listen_socket_(listen_socket), filter_chain_manager_(filter_chain_manager), listener_stats_(listener_stats) {} ~EnvoyQuicProofSource() override = default; // quic::ProofSource quic::QuicReferenceCountedPointer GetCertChain(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname) override; protected: // quic::ProofSource void signPayload(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr callback) override; private: struct CertConfigWithFilterChain { absl::optional> cert_config_; absl::optional> filter_chain_; }; CertConfigWithFilterChain getTlsCertConfigAndFilterChain(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname); Network::Socket& listen_socket_; Network::FilterChainManager& filter_chain_manager_; Server::ListenerStats& listener_stats_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_source_base.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_proof_source_base.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #endif #include "quiche/quic/core/quic_data_writer.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" namespace Envoy { namespace Quic { void EnvoyQuicProofSourceBase::GetProof(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, const std::string& server_config, quic::QuicTransportVersion /*transport_version*/, quiche::QuicheStringPiece chlo_hash, std::unique_ptr callback) { quic::QuicReferenceCountedPointer chain = GetCertChain(server_address, client_address, hostname); if (chain == nullptr || chain->certs.empty()) { quic::QuicCryptoProof proof; callback->Run(/*ok=*/false, nullptr, proof, nullptr); return; } size_t payload_size = sizeof(quic::kProofSignatureLabel) + sizeof(uint32_t) + chlo_hash.size() + server_config.size(); auto payload = std::make_unique(payload_size); quic::QuicDataWriter payload_writer(payload_size, payload.get(), quiche::Endianness::HOST_BYTE_ORDER); bool success = payload_writer.WriteBytes(quic::kProofSignatureLabel, sizeof(quic::kProofSignatureLabel)) && payload_writer.WriteUInt32(chlo_hash.size()) && payload_writer.WriteStringPiece(chlo_hash) && payload_writer.WriteStringPiece(server_config); if (!success) { quic::QuicCryptoProof proof; callback->Run(/*ok=*/false, nullptr, proof, nullptr); return; } std::string error_details; bssl::UniquePtr cert = parseDERCertificate(chain->certs[0], &error_details); if (cert == nullptr) { ENVOY_LOG(warn, absl::StrCat("Invalid leaf cert: ", error_details)); quic::QuicCryptoProof proof; callback->Run(/*ok=*/false, nullptr, proof, nullptr); return; } bssl::UniquePtr pub_key(X509_get_pubkey(cert.get())); int sign_alg = deduceSignatureAlgorithmFromPublicKey(pub_key.get(), &error_details); if (sign_alg == 0) { ENVOY_LOG(warn, absl::StrCat("Failed to deduce signature algorithm from public key: ", error_details)); quic::QuicCryptoProof proof; callback->Run(/*ok=*/false, nullptr, proof, nullptr); return; } auto signature_callback = std::make_unique(std::move(callback), chain); signPayload(server_address, client_address, hostname, sign_alg, quiche::QuicheStringPiece(payload.get(), payload_size), std::move(signature_callback)); } void EnvoyQuicProofSourceBase::ComputeTlsSignature( const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr callback) { signPayload(server_address, client_address, hostname, signature_algorithm, in, std::move(callback)); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_source_base.h ================================================ #pragma once #include #include "common/common/assert.h" #include "absl/strings/str_cat.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #endif #include "quiche/quic/core/crypto/proof_source.h" #include "quiche/quic/core/quic_versions.h" #include "quiche/quic/core/crypto/crypto_protocol.h" #include "quiche/quic/platform/api/quic_reference_counted.h" #include "quiche/quic/platform/api/quic_socket_address.h" #include "quiche/common/platform/api/quiche_string_piece.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "openssl/ssl.h" #include "envoy/network/filter.h" #include "server/backtrace.h" #include "common/common/logger.h" namespace Envoy { namespace Quic { // A ProofSource::Detail implementation which retains filter chain. class EnvoyQuicProofSourceDetails : public quic::ProofSource::Details { public: explicit EnvoyQuicProofSourceDetails(const Network::FilterChain& filter_chain) : filter_chain_(filter_chain) {} EnvoyQuicProofSourceDetails(const EnvoyQuicProofSourceDetails& other) : filter_chain_(other.filter_chain_) {} const Network::FilterChain& filterChain() const { return filter_chain_; } private: const Network::FilterChain& filter_chain_; }; // A partial implementation of quic::ProofSource which chooses a cipher suite according to the leaf // cert to sign in GetProof(). class EnvoyQuicProofSourceBase : public quic::ProofSource, protected Logger::Loggable { public: ~EnvoyQuicProofSourceBase() override = default; // quic::ProofSource // Returns a certs chain and its fake SCT "Fake timestamp" and TLS signature wrapped // in QuicCryptoProof. void GetProof(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, const std::string& server_config, quic::QuicTransportVersion /*transport_version*/, quiche::QuicheStringPiece chlo_hash, std::unique_ptr callback) override; TicketCrypter* GetTicketCrypter() override { return nullptr; } void ComputeTlsSignature(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr callback) override; protected: virtual void signPayload(const quic::QuicSocketAddress& server_address, const quic::QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr callback) PURE; private: // Used by GetProof() to get signature. class SignatureCallback : public quic::ProofSource::SignatureCallback { public: // TODO(danzh) Pass in Details to retain the certs chain, and quic::ProofSource::Callback to be // triggered in Run(). SignatureCallback(std::unique_ptr callback, quic::QuicReferenceCountedPointer chain) : callback_(std::move(callback)), chain_(chain) {} // quic::ProofSource::SignatureCallback void Run(bool ok, std::string signature, std::unique_ptr
    details) override { quic::QuicCryptoProof proof; if (!ok) { callback_->Run(false, chain_, proof, nullptr); return; } proof.signature = signature; proof.leaf_cert_scts = "Fake timestamp"; callback_->Run(true, chain_, proof, std::move(details)); } private: std::unique_ptr callback_; quic::QuicReferenceCountedPointer chain_; }; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_verifier.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_proof_verifier.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "quiche/quic/core/crypto/certificate_view.h" namespace Envoy { namespace Quic { quic::QuicAsyncStatus EnvoyQuicProofVerifier::VerifyCertChain( const std::string& hostname, const uint16_t /*port*/, const std::vector& certs, const std::string& /*ocsp_response*/, const std::string& /*cert_sct*/, const quic::ProofVerifyContext* /*context*/, std::string* error_details, std::unique_ptr* /*details*/, std::unique_ptr /*callback*/) { ASSERT(!certs.empty()); bssl::UniquePtr intermediates(sk_X509_new_null()); bssl::UniquePtr leaf; for (size_t i = 0; i < certs.size(); i++) { bssl::UniquePtr cert = parseDERCertificate(certs[i], error_details); if (!cert) { return quic::QUIC_FAILURE; } if (i == 0) { leaf = std::move(cert); } else { sk_X509_push(intermediates.get(), cert.release()); } } bool success = context_impl_.verifyCertChain(*leaf, *intermediates, *error_details); if (!success) { return quic::QUIC_FAILURE; } std::unique_ptr cert_view = quic::CertificateView::ParseSingleCertificate(certs[0]); ASSERT(cert_view != nullptr); for (const absl::string_view& config_san : cert_view->subject_alt_name_domains()) { if (Extensions::TransportSockets::Tls::ContextImpl::dnsNameMatch(hostname, config_san)) { return quic::QUIC_SUCCESS; } } *error_details = absl::StrCat("Leaf certificate doesn't match hostname: ", hostname); return quic::QUIC_FAILURE; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_verifier.h ================================================ #pragma once #include "extensions/quic_listeners/quiche/envoy_quic_proof_verifier_base.h" #include "extensions/transport_sockets/tls/context_impl.h" namespace Envoy { namespace Quic { // A quic::ProofVerifier implementation which verifies cert chain using SSL // client context config. class EnvoyQuicProofVerifier : public EnvoyQuicProofVerifierBase { public: EnvoyQuicProofVerifier(Stats::Scope& scope, const Envoy::Ssl::ClientContextConfig& config, TimeSource& time_source) : context_impl_(scope, config, time_source) {} // EnvoyQuicProofVerifierBase quic::QuicAsyncStatus VerifyCertChain(const std::string& hostname, const uint16_t port, const std::vector& certs, const std::string& ocsp_response, const std::string& cert_sct, const quic::ProofVerifyContext* context, std::string* error_details, std::unique_ptr* details, std::unique_ptr callback) override; private: Extensions::TransportSockets::Tls::ClientContextImpl context_impl_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_verifier_base.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_proof_verifier_base.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "openssl/ssl.h" #include "quiche/quic/core/crypto/certificate_view.h" #include "quiche/quic/core/crypto/crypto_protocol.h" #include "quiche/quic/core/quic_data_writer.h" namespace Envoy { namespace Quic { quic::QuicAsyncStatus EnvoyQuicProofVerifierBase::VerifyProof( const std::string& hostname, const uint16_t port, const std::string& server_config, quic::QuicTransportVersion /*quic_version*/, absl::string_view chlo_hash, const std::vector& certs, const std::string& cert_sct, const std::string& signature, const quic::ProofVerifyContext* context, std::string* error_details, std::unique_ptr* details, std::unique_ptr callback) { if (certs.empty()) { *error_details = "Received empty cert chain."; return quic::QUIC_FAILURE; } if (!verifySignature(server_config, chlo_hash, certs[0], signature, error_details)) { return quic::QUIC_FAILURE; } return VerifyCertChain(hostname, port, certs, "", cert_sct, context, error_details, details, std::move(callback)); } bool EnvoyQuicProofVerifierBase::verifySignature(const std::string& server_config, absl::string_view chlo_hash, const std::string& cert, const std::string& signature, std::string* error_details) { std::unique_ptr cert_view = quic::CertificateView::ParseSingleCertificate(cert); if (cert_view == nullptr) { *error_details = "Invalid leaf cert."; return false; } int sign_alg = deduceSignatureAlgorithmFromPublicKey(cert_view->public_key(), error_details); if (sign_alg == 0) { return false; } size_t payload_size = sizeof(quic::kProofSignatureLabel) + sizeof(uint32_t) + chlo_hash.size() + server_config.size(); auto payload = std::make_unique(payload_size); quic::QuicDataWriter payload_writer(payload_size, payload.get(), quiche::Endianness::HOST_BYTE_ORDER); bool success = payload_writer.WriteBytes(quic::kProofSignatureLabel, sizeof(quic::kProofSignatureLabel)) && payload_writer.WriteUInt32(chlo_hash.size()) && payload_writer.WriteStringPiece(chlo_hash) && payload_writer.WriteStringPiece(server_config); if (!success) { *error_details = "QuicPacketWriter error."; return false; } bool valid = cert_view->VerifySignature(quiche::QuicheStringPiece(payload.get(), payload_size), signature, sign_alg); if (!valid) { *error_details = "Signature is not valid."; } return valid; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_proof_verifier_base.h ================================================ #pragma once #include "absl/strings/str_cat.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #endif #include "quiche/quic/core/crypto/proof_verifier.h" #include "quiche/quic/core/quic_versions.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "common/common/logger.h" namespace Envoy { namespace Quic { // A partial implementation of quic::ProofVerifier which does signature // verification. class EnvoyQuicProofVerifierBase : public quic::ProofVerifier, protected Logger::Loggable { public: ~EnvoyQuicProofVerifierBase() override = default; // quic::ProofVerifier // Return success if the certs chain is valid and signature of { // server_config + chlo_hash} is valid. Otherwise failure. quic::QuicAsyncStatus VerifyProof(const std::string& hostname, const uint16_t port, const std::string& server_config, quic::QuicTransportVersion /*quic_version*/, absl::string_view chlo_hash, const std::vector& certs, const std::string& cert_sct, const std::string& signature, const quic::ProofVerifyContext* context, std::string* error_details, std::unique_ptr* details, std::unique_ptr callback) override; std::unique_ptr CreateDefaultContext() override { return nullptr; } protected: virtual bool verifySignature(const std::string& server_config, absl::string_view chlo_hash, const std::string& cert, const std::string& signature, std::string* error_details); }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_connection.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_server_connection.h" #include "common/network/listen_socket_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/quic_listeners/quiche/quic_io_handle_wrapper.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Quic { EnvoyQuicServerConnection::EnvoyQuicServerConnection( const quic::QuicConnectionId& server_connection_id, quic::QuicSocketAddress initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, const quic::ParsedQuicVersionVector& supported_versions, Network::Socket& listen_socket) : EnvoyQuicConnection(server_connection_id, initial_peer_address, helper, alarm_factory, writer, owns_writer, quic::Perspective::IS_SERVER, supported_versions, std::make_unique( // Wraps the real IoHandle instance so that if the connection socket // gets closed, the real IoHandle won't be affected. std::make_unique(listen_socket.ioHandle()), nullptr, quicAddressToEnvoyAddressInstance(initial_peer_address))) {} bool EnvoyQuicServerConnection::OnPacketHeader(const quic::QuicPacketHeader& header) { if (!EnvoyQuicConnection::OnPacketHeader(header)) { return false; } if (connectionSocket()->localAddress() != nullptr) { return true; } ASSERT(self_address().IsInitialized()); // Self address should be initialized by now. connectionSocket()->setLocalAddress(quicAddressToEnvoyAddressInstance(self_address())); connectionSocket()->setDetectedTransportProtocol( Extensions::TransportSockets::TransportProtocolNames::get().Quic); return true; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_connection.h ================================================ #include "envoy/network/listener.h" #include "server/connection_handler_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_connection.h" namespace Envoy { namespace Quic { class EnvoyQuicServerConnection : public EnvoyQuicConnection { public: EnvoyQuicServerConnection(const quic::QuicConnectionId& server_connection_id, quic::QuicSocketAddress initial_peer_address, quic::QuicConnectionHelperInterface& helper, quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter* writer, bool owns_writer, const quic::ParsedQuicVersionVector& supported_versions, Network::Socket& listen_socket); // EnvoyQuicConnection // Overridden to set connection_socket_ with initialized self address and retrieve filter chain. bool OnPacketHeader(const quic::QuicPacketHeader& header) override; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_session.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_server_session.h" #include #include "common/common/assert.h" #include "extensions/quic_listeners/quiche/envoy_quic_proof_source.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h" namespace Envoy { namespace Quic { EnvoyQuicServerSession::EnvoyQuicServerSession( const quic::QuicConfig& config, const quic::ParsedQuicVersionVector& supported_versions, std::unique_ptr connection, quic::QuicSession::Visitor* visitor, quic::QuicCryptoServerStream::Helper* helper, const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit, Network::ListenerConfig& listener_config) : quic::QuicServerSessionBase(config, supported_versions, connection.get(), visitor, helper, crypto_config, compressed_certs_cache), QuicFilterManagerConnectionImpl(*connection, dispatcher, send_buffer_limit), quic_connection_(std::move(connection)), listener_config_(listener_config) {} EnvoyQuicServerSession::~EnvoyQuicServerSession() { ASSERT(!quic_connection_->connected()); QuicFilterManagerConnectionImpl::quic_connection_ = nullptr; } absl::string_view EnvoyQuicServerSession::requestedServerName() const { return {GetCryptoStream()->crypto_negotiated_params().sni}; } std::unique_ptr EnvoyQuicServerSession::CreateQuicCryptoServerStream( const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache) { return CreateCryptoServerStream(crypto_config, compressed_certs_cache, this, stream_helper()); } quic::QuicSpdyStream* EnvoyQuicServerSession::CreateIncomingStream(quic::QuicStreamId id) { if (!ShouldCreateIncomingStream(id)) { return nullptr; } auto stream = new EnvoyQuicServerStream(id, this, quic::BIDIRECTIONAL); ActivateStream(absl::WrapUnique(stream)); setUpRequestDecoder(*stream); if (aboveHighWatermark()) { stream->runHighWatermarkCallbacks(); } return stream; } quic::QuicSpdyStream* EnvoyQuicServerSession::CreateIncomingStream(quic::PendingStream* /*pending*/) { // Only client side server push stream should trigger this call. NOT_REACHED_GCOVR_EXCL_LINE; } quic::QuicSpdyStream* EnvoyQuicServerSession::CreateOutgoingBidirectionalStream() { // Disallow server initiated stream. NOT_REACHED_GCOVR_EXCL_LINE; } quic::QuicSpdyStream* EnvoyQuicServerSession::CreateOutgoingUnidirectionalStream() { NOT_REACHED_GCOVR_EXCL_LINE; } void EnvoyQuicServerSession::setUpRequestDecoder(EnvoyQuicServerStream& stream) { ASSERT(http_connection_callbacks_ != nullptr); Http::RequestDecoder& decoder = http_connection_callbacks_->newStream(stream); stream.setRequestDecoder(decoder); } void EnvoyQuicServerSession::OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { quic::QuicServerSessionBase::OnConnectionClosed(frame, source); onConnectionCloseEvent(frame, source); } void EnvoyQuicServerSession::Initialize() { quic::QuicServerSessionBase::Initialize(); quic_connection_->setEnvoyConnection(*this); } void EnvoyQuicServerSession::OnCanWrite() { const uint64_t headers_to_send_old = quic::VersionUsesHttp3(transport_version()) ? 0u : headers_stream()->BufferedDataBytes(); quic::QuicServerSessionBase::OnCanWrite(); const uint64_t headers_to_send_new = quic::VersionUsesHttp3(transport_version()) ? 0u : headers_stream()->BufferedDataBytes(); adjustBytesToSend(headers_to_send_new - headers_to_send_old); // Do not update delay close state according to connection level packet egress because that is // equivalent to TCP transport layer egress. But only do so if the session gets chance to write. maybeApplyDelayClosePolicy(); } void EnvoyQuicServerSession::SetDefaultEncryptionLevel(quic::EncryptionLevel level) { quic::QuicServerSessionBase::SetDefaultEncryptionLevel(level); if (level != quic::ENCRYPTION_FORWARD_SECURE) { return; } maybeCreateNetworkFilters(); // This is only reached once, when handshake is done. raiseConnectionEvent(Network::ConnectionEvent::Connected); } bool EnvoyQuicServerSession::hasDataToWrite() { return HasDataToWrite(); } void EnvoyQuicServerSession::OnTlsHandshakeComplete() { quic::QuicServerSessionBase::OnTlsHandshakeComplete(); maybeCreateNetworkFilters(); raiseConnectionEvent(Network::ConnectionEvent::Connected); } void EnvoyQuicServerSession::maybeCreateNetworkFilters() { auto proof_source_details = dynamic_cast(GetCryptoStream()->ProofSourceDetails()); ASSERT(proof_source_details != nullptr, "ProofSource didn't provide ProofSource::Details. No filter chain will be installed."); const bool has_filter_initialized = listener_config_.filterChainFactory().createNetworkFilterChain( *this, proof_source_details->filterChain().networkFilterFactories()); ASSERT(has_filter_initialized); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_session.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #pragma GCC diagnostic ignored "-Wtype-limits" #endif #include "quiche/quic/core/http/quic_server_session_base.h" #include "quiche/quic/core/quic_crypto_server_stream.h" #include "quiche/quic/core/tls_server_handshaker.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include #include "extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h" namespace Envoy { namespace Quic { // Act as a Network::Connection to HCM and a FilterManager to FilterFactoryCb. // TODO(danzh) Lifetime of quic connection and filter manager connection can be // simplified by changing the inheritance to a member variable instantiated // before quic_connection_. class EnvoyQuicServerSession : public quic::QuicServerSessionBase, public QuicFilterManagerConnectionImpl { public: EnvoyQuicServerSession(const quic::QuicConfig& config, const quic::ParsedQuicVersionVector& supported_versions, std::unique_ptr connection, quic::QuicSession::Visitor* visitor, quic::QuicCryptoServerStreamBase::Helper* helper, const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit, Network::ListenerConfig& listener_config); ~EnvoyQuicServerSession() override; // Network::Connection absl::string_view requestedServerName() const override; // Called by QuicHttpServerConnectionImpl before creating data streams. void setHttpConnectionCallbacks(Http::ServerConnectionCallbacks& callbacks) { http_connection_callbacks_ = &callbacks; } // quic::QuicSession void OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) override; void Initialize() override; void OnCanWrite() override; void OnTlsHandshakeComplete() override; // quic::QuicSpdySession void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override; using quic::QuicSession::stream_map; protected: // quic::QuicServerSessionBase std::unique_ptr CreateQuicCryptoServerStream(const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache) override; // quic::QuicSession // Overridden to create stream as encoder and associate it with an decoder. quic::QuicSpdyStream* CreateIncomingStream(quic::QuicStreamId id) override; quic::QuicSpdyStream* CreateIncomingStream(quic::PendingStream* pending) override; quic::QuicSpdyStream* CreateOutgoingBidirectionalStream() override; quic::QuicSpdyStream* CreateOutgoingUnidirectionalStream() override; // QuicFilterManagerConnectionImpl bool hasDataToWrite() override; private: void setUpRequestDecoder(EnvoyQuicServerStream& stream); void maybeCreateNetworkFilters(); std::unique_ptr quic_connection_; Network::ListenerConfig& listener_config_; // These callbacks are owned by network filters and quic session should out live // them. Http::ServerConnectionCallbacks* http_connection_callbacks_{nullptr}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_stream.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h" #include #include #include #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/http/quic_header_list.h" #include "quiche/quic/core/quic_session.h" #include "quiche/spdy/core/spdy_header_block.h" #include "extensions/quic_listeners/quiche/platform/quic_mem_slice_span_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "extensions/quic_listeners/quiche/envoy_quic_server_session.h" #include "common/buffer/buffer_impl.h" #include "common/http/header_map_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Quic { EnvoyQuicServerStream::EnvoyQuicServerStream(quic::QuicStreamId id, quic::QuicSpdySession* session, quic::StreamType type) : quic::QuicSpdyServerStreamBase(id, session, type), EnvoyQuicStream( // This should be larger than 8k to fully utilize congestion control // window. And no larger than the max stream flow control window for // the stream to buffer all the data. // Ideally this limit should also correlate to peer's receive window // but not fully depends on that. 16 * 1024, [this]() { runLowWatermarkCallbacks(); }, [this]() { runHighWatermarkCallbacks(); }) {} EnvoyQuicServerStream::EnvoyQuicServerStream(quic::PendingStream* pending, quic::QuicSpdySession* session, quic::StreamType type) : quic::QuicSpdyServerStreamBase(pending, session, type), EnvoyQuicStream( // This should be larger than 8k to fully utilize congestion control // window. And no larger than the max stream flow control window for // the stream to buffer all the data. 16 * 1024, [this]() { runLowWatermarkCallbacks(); }, [this]() { runHighWatermarkCallbacks(); }) {} void EnvoyQuicServerStream::encode100ContinueHeaders(const Http::ResponseHeaderMap& headers) { ASSERT(headers.Status()->value() == "100"); encodeHeaders(headers, false); } void EnvoyQuicServerStream::encodeHeaders(const Http::ResponseHeaderMap& headers, bool end_stream) { ENVOY_STREAM_LOG(debug, "encodeHeaders (end_stream={}) {}.", *this, end_stream, headers); // QUICHE guarantees to take all the headers. This could cause infinite data to // be buffered on headers stream in Google QUIC implementation because // headers stream doesn't have upper bound for its send buffer. But in IETF // QUIC implementation this is safe as headers are sent on data stream which // is bounded by max concurrent streams limited. // Same vulnerability exists in crypto stream which can infinitely buffer data // if handshake implementation goes wrong. // TODO(#8826) Modify QUICHE to have an upper bound for header stream send buffer. // This is counting not serialized bytes in the send buffer. quic::QuicStream* writing_stream = quic::VersionUsesHttp3(transport_version()) ? static_cast(this) : (dynamic_cast(session())->headers_stream()); const uint64_t bytes_to_send_old = writing_stream->BufferedDataBytes(); WriteHeaders(envoyHeadersToSpdyHeaderBlock(headers), end_stream, nullptr); local_end_stream_ = end_stream; const uint64_t bytes_to_send_new = writing_stream->BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicServerStream::encodeData(Buffer::Instance& data, bool end_stream) { ENVOY_STREAM_LOG(debug, "encodeData (end_stream={}) of {} bytes.", *this, end_stream, data.length()); local_end_stream_ = end_stream; // This is counting not serialized bytes in the send buffer. const uint64_t bytes_to_send_old = BufferedDataBytes(); // QUIC stream must take all. WriteBodySlices(quic::QuicMemSliceSpan(quic::QuicMemSliceSpanImpl(data)), end_stream); if (data.length() > 0) { // Send buffer didn't take all the data, threshold needs to be adjusted. Reset(quic::QUIC_BAD_APPLICATION_PAYLOAD); return; } const uint64_t bytes_to_send_new = BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicServerStream::encodeTrailers(const Http::ResponseTrailerMap& trailers) { ASSERT(!local_end_stream_); local_end_stream_ = true; ENVOY_STREAM_LOG(debug, "encodeTrailers: {}.", *this, trailers); quic::QuicStream* writing_stream = quic::VersionUsesHttp3(transport_version()) ? static_cast(this) : (dynamic_cast(session())->headers_stream()); const uint64_t bytes_to_send_old = writing_stream->BufferedDataBytes(); WriteTrailers(envoyHeadersToSpdyHeaderBlock(trailers), nullptr); const uint64_t bytes_to_send_new = writing_stream->BufferedDataBytes(); ASSERT(bytes_to_send_old <= bytes_to_send_new); maybeCheckWatermark(bytes_to_send_old, bytes_to_send_new, *filterManagerConnection()); } void EnvoyQuicServerStream::encodeMetadata(const Http::MetadataMapVector& /*metadata_map_vector*/) { // Metadata Frame is not supported in QUIC. // TODO(danzh): add stats for metadata not supported error. } void EnvoyQuicServerStream::resetStream(Http::StreamResetReason reason) { // Upper layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(reason); if (local_end_stream_ && !reading_stopped()) { // This is after 200 early response. Reset with QUIC_STREAM_NO_ERROR instead // of propagating original reset reason. In QUICHE if a stream stops reading // before FIN or RESET received, it resets the steam with QUIC_STREAM_NO_ERROR. StopReading(); } else { Reset(envoyResetReasonToQuicRstError(reason)); } } void EnvoyQuicServerStream::switchStreamBlockState(bool should_block) { ASSERT(FinishedReadingHeaders(), "Upperstream buffer limit is reached before request body is delivered."); if (should_block) { sequencer()->SetBlockedUntilFlush(); } else { ASSERT(read_disable_counter_ == 0, "readDisable called in between."); sequencer()->SetUnblocked(); } } void EnvoyQuicServerStream::OnInitialHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) { quic::QuicSpdyServerStreamBase::OnInitialHeadersComplete(fin, frame_len, header_list); ASSERT(headers_decompressed()); request_decoder_->decodeHeaders( quicHeadersToEnvoyHeaders(header_list), /*end_stream=*/fin); if (fin) { end_stream_decoded_ = true; } ConsumeHeaderList(); } void EnvoyQuicServerStream::OnBodyAvailable() { ASSERT(FinishedReadingHeaders()); ASSERT(read_disable_counter_ == 0); ASSERT(!in_decode_data_callstack_); in_decode_data_callstack_ = true; Buffer::InstancePtr buffer = std::make_unique(); // TODO(danzh): check Envoy per stream buffer limit. // Currently read out all the data. while (HasBytesToRead()) { iovec iov; int num_regions = GetReadableRegions(&iov, 1); ASSERT(num_regions > 0); size_t bytes_read = iov.iov_len; Buffer::RawSlice slice; buffer->reserve(bytes_read, &slice, 1); ASSERT(slice.len_ >= bytes_read); slice.len_ = bytes_read; memcpy(slice.mem_, iov.iov_base, iov.iov_len); buffer->commit(&slice, 1); MarkConsumed(bytes_read); } // True if no trailer and FIN read. bool finished_reading = IsDoneReading(); bool empty_payload_with_fin = buffer->length() == 0 && fin_received(); // If this call is triggered by an empty frame with FIN which is not from peer // but synthesized by stream itself upon receiving HEADERS with FIN or // TRAILERS, do not deliver end of stream here. Because either decodeHeaders // already delivered it or decodeTrailers will be called. bool skip_decoding = empty_payload_with_fin && (end_stream_decoded_ || !finished_reading); if (!skip_decoding) { request_decoder_->decodeData(*buffer, finished_reading); if (finished_reading) { end_stream_decoded_ = true; } } if (!sequencer()->IsClosed()) { in_decode_data_callstack_ = false; if (read_disable_counter_ > 0) { // If readDisable() was ever called during decodeData() and it meant to disable // reading from downstream, the call must have been deferred. Call it now. switchStreamBlockState(true); } return; } if (!quic::VersionUsesHttp3(transport_version()) && !FinishedReadingTrailers()) { // For Google QUIC implementation, trailers may arrived earlier and wait to // be consumed after reading all the body. Consume it here. // IETF QUIC shouldn't reach here because trailers are sent on same stream. request_decoder_->decodeTrailers( spdyHeaderBlockToEnvoyHeaders(received_trailers())); MarkTrailersConsumed(); } OnFinRead(); in_decode_data_callstack_ = false; } void EnvoyQuicServerStream::OnTrailingHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) { quic::QuicSpdyServerStreamBase::OnTrailingHeadersComplete(fin, frame_len, header_list); if (session()->connection()->connected() && (quic::VersionUsesHttp3(transport_version()) || sequencer()->IsClosed()) && !FinishedReadingTrailers()) { // Before QPack trailers can arrive before body. Only decode trailers after finishing decoding // body. request_decoder_->decodeTrailers( spdyHeaderBlockToEnvoyHeaders(received_trailers())); MarkTrailersConsumed(); } } void EnvoyQuicServerStream::OnStreamReset(const quic::QuicRstStreamFrame& frame) { quic::QuicSpdyServerStreamBase::OnStreamReset(frame); runResetCallbacks(quicRstErrorToEnvoyResetReason(frame.error_code)); } void EnvoyQuicServerStream::OnConnectionClosed(quic::QuicErrorCode error, quic::ConnectionCloseSource source) { quic::QuicSpdyServerStreamBase::OnConnectionClosed(error, source); runResetCallbacks(quicErrorCodeToEnvoyResetReason(error)); } void EnvoyQuicServerStream::OnClose() { quic::QuicSpdyServerStreamBase::OnClose(); if (BufferedDataBytes() > 0) { // If the stream is closed without sending out all buffered data, regard // them as sent now and adjust connection buffer book keeping. filterManagerConnection()->adjustBytesToSend(0 - BufferedDataBytes()); } } void EnvoyQuicServerStream::OnCanWrite() { const uint64_t buffered_data_old = BufferedDataBytes(); quic::QuicSpdyServerStreamBase::OnCanWrite(); const uint64_t buffered_data_new = BufferedDataBytes(); // As long as OnCanWriteNewData() is no-op, data to sent in buffer shouldn't // increase. ASSERT(buffered_data_new <= buffered_data_old); maybeCheckWatermark(buffered_data_old, buffered_data_new, *filterManagerConnection()); } uint32_t EnvoyQuicServerStream::streamId() { return id(); } Network::Connection* EnvoyQuicServerStream::connection() { return filterManagerConnection(); } QuicFilterManagerConnectionImpl* EnvoyQuicServerStream::filterManagerConnection() { return dynamic_cast(session()); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_server_stream.h ================================================ #pragma once #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/http/quic_spdy_server_stream_base.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "extensions/quic_listeners/quiche/envoy_quic_stream.h" namespace Envoy { namespace Quic { // This class is a quic stream and also a response encoder. class EnvoyQuicServerStream : public quic::QuicSpdyServerStreamBase, public EnvoyQuicStream, public Http::ResponseEncoder { public: EnvoyQuicServerStream(quic::QuicStreamId id, quic::QuicSpdySession* session, quic::StreamType type); EnvoyQuicServerStream(quic::PendingStream* pending, quic::QuicSpdySession* session, quic::StreamType type); void setRequestDecoder(Http::RequestDecoder& decoder) { request_decoder_ = &decoder; } // Http::StreamEncoder void encode100ContinueHeaders(const Http::ResponseHeaderMap& headers) override; void encodeHeaders(const Http::ResponseHeaderMap& headers, bool end_stream) override; void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeTrailers(const Http::ResponseTrailerMap& trailers) override; void encodeMetadata(const Http::MetadataMapVector& metadata_map_vector) override; Http::Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return absl::nullopt; } bool streamErrorOnInvalidHttpMessage() const override { return false; } // Http::Stream void resetStream(Http::StreamResetReason reason) override; void setFlushTimeout(std::chrono::milliseconds) override { // TODO(mattklein123): Actually implement this for HTTP/3 similar to HTTP/2. } // quic::QuicSpdyStream void OnBodyAvailable() override; void OnStreamReset(const quic::QuicRstStreamFrame& frame) override; void OnClose() override; void OnCanWrite() override; // quic::QuicServerSessionBase void OnConnectionClosed(quic::QuicErrorCode error, quic::ConnectionCloseSource source) override; protected: // EnvoyQuicStream void switchStreamBlockState(bool should_block) override; uint32_t streamId() override; Network::Connection* connection() override; // quic::QuicSpdyStream void OnInitialHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) override; void OnTrailingHeadersComplete(bool fin, size_t frame_len, const quic::QuicHeaderList& header_list) override; private: QuicFilterManagerConnectionImpl* filterManagerConnection(); Http::RequestDecoder* request_decoder_{nullptr}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_simulated_watermark_buffer.h ================================================ #pragma once #include #include "common/common/assert.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Quic { // A class, together with a stand alone buffer, used to achieve the purpose of WatermarkBuffer. // Itself doesn't have buffer or bookkeep buffered bytes. But provided with buffered_bytes, // it reacts upon crossing high/low watermarks. // It's no-op if provided low and high watermark are 0. class EnvoyQuicSimulatedWatermarkBuffer { public: EnvoyQuicSimulatedWatermarkBuffer(uint32_t low_watermark, uint32_t high_watermark, std::function below_low_watermark, std::function above_high_watermark, spdlog::logger& logger) : low_watermark_(low_watermark), high_watermark_(high_watermark), below_low_watermark_(std::move(below_low_watermark)), above_high_watermark_(std::move(above_high_watermark)), logger_(logger) { ASSERT((high_watermark == 0 && low_watermark == 0) || (high_watermark_ > low_watermark_)); } uint32_t highWatermark() const { return high_watermark_; } void checkHighWatermark(uint32_t bytes_buffered) { if (high_watermark_ > 0 && !is_full_ && bytes_buffered > high_watermark_) { // Transitioning from below low watermark to above high watermark. ENVOY_LOG_TO_LOGGER(logger_, debug, "Buffered {} bytes, cross high watermark {}", bytes_buffered, high_watermark_); is_full_ = true; above_high_watermark_(); } } void checkLowWatermark(uint32_t bytes_buffered) { if (low_watermark_ > 0 && is_full_ && bytes_buffered < low_watermark_) { // Transitioning from above high watermark to below low watermark. ENVOY_LOG_TO_LOGGER(logger_, debug, "Buffered {} bytes, cross low watermark {}", bytes_buffered, low_watermark_); is_full_ = false; below_low_watermark_(); } } // True after the buffer goes above high watermark and hasn't come down below low // watermark yet, even though the buffered data might be between high and low // watermarks. bool isAboveHighWatermark() const { return is_full_; } // True before the buffer crosses the high watermark for the first time and after the buffer goes // below low watermark and hasn't come up above high watermark yet, even though the buffered data // might be between high and low watermarks. bool isBelowLowWatermark() const { return !is_full_; } private: uint32_t low_watermark_{0}; uint32_t high_watermark_{0}; bool is_full_{false}; std::function below_low_watermark_; std::function above_high_watermark_; spdlog::logger& logger_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_stream.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/http/codec.h" #include "common/http/codec_helper.h" #include "extensions/quic_listeners/quiche/envoy_quic_simulated_watermark_buffer.h" #include "extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h" namespace Envoy { namespace Quic { // Base class for EnvoyQuicServer|ClientStream. class EnvoyQuicStream : public virtual Http::StreamEncoder, public Http::Stream, public Http::StreamCallbackHelper, protected Logger::Loggable { public: // |buffer_limit| is the high watermark of the stream send buffer, and the low // watermark will be half of it. EnvoyQuicStream(uint32_t buffer_limit, std::function below_low_watermark, std::function above_high_watermark) : send_buffer_simulation_(buffer_limit / 2, buffer_limit, std::move(below_low_watermark), std::move(above_high_watermark), ENVOY_LOGGER()) {} // Http::StreamEncoder Stream& getStream() override { return *this; } // Http::Stream void readDisable(bool disable) override { bool status_changed{false}; if (disable) { ++read_disable_counter_; if (read_disable_counter_ == 1) { status_changed = true; } } else { ASSERT(read_disable_counter_ > 0); --read_disable_counter_; if (read_disable_counter_ == 0) { status_changed = true; } } if (status_changed && !in_decode_data_callstack_) { // Avoid calling this while decoding data because transient disabling and // enabling reading may trigger another decoding data inside the // callstack which messes up stream state. if (disable) { // Block QUIC stream right away. And if there are queued switching // state callback, update the desired state as well. switchStreamBlockState(true); if (unblock_posted_) { should_block_ = true; } } else { should_block_ = false; if (!unblock_posted_) { // If this is the first time unblocking stream is desired, post a // callback to do it in next loop. This is because unblocking QUIC // stream can lead to immediate upstream encoding. unblock_posted_ = true; connection()->dispatcher().post([this] { unblock_posted_ = false; switchStreamBlockState(should_block_); }); } } } } void addCallbacks(Http::StreamCallbacks& callbacks) override { ASSERT(!local_end_stream_); addCallbacksHelper(callbacks); } void removeCallbacks(Http::StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } uint32_t bufferLimit() override { return send_buffer_simulation_.highWatermark(); } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override { return connection()->localAddress(); } void maybeCheckWatermark(uint64_t buffered_data_old, uint64_t buffered_data_new, QuicFilterManagerConnectionImpl& connection) { if (buffered_data_new == buffered_data_old) { return; } // If buffered bytes changed, update stream and session's watermark book // keeping. if (buffered_data_new > buffered_data_old) { send_buffer_simulation_.checkHighWatermark(buffered_data_new); } else { send_buffer_simulation_.checkLowWatermark(buffered_data_new); } connection.adjustBytesToSend(buffered_data_new - buffered_data_old); } protected: virtual void switchStreamBlockState(bool should_block) PURE; // Needed for ENVOY_STREAM_LOG. virtual uint32_t streamId() PURE; virtual Network::Connection* connection() PURE; // True once end of stream is propagated to Envoy. Envoy doesn't expect to be // notified more than once about end of stream. So once this is true, no need // to set it in the callback to Envoy stream any more. bool end_stream_decoded_{false}; uint32_t read_disable_counter_{0u}; // If true, switchStreamBlockState() should be deferred till this variable // becomes false. bool in_decode_data_callstack_{false}; private: // Keeps track of bytes buffered in the stream send buffer in QUICHE and reacts // upon crossing high and low watermarks. // Its high watermark is also the buffer limit of stream read/write filters in // HCM. // There is no receive buffer simulation because Quic stream's // OnBodyDataAvailable() hands all the ready-to-use request data from stream sequencer to HCM // directly and buffers them in filters if needed. Itself doesn't buffer request data. EnvoyQuicSimulatedWatermarkBuffer send_buffer_simulation_; // True if there is posted unblocking QUIC stream callback. There should be // only one such callback no matter how many times readDisable() is called. bool unblock_posted_{false}; // The latest state an unblocking QUIC stream callback should look at. As // more readDisable() calls may happen between the callback is posted and it's // executed, the stream might be unblocked and blocked several times. Only the // latest desired state should be considered by the callback. bool should_block_{false}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_utils.cc ================================================ #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "common/network/socket_option_factory.h" namespace Envoy { namespace Quic { // TODO(danzh): this is called on each write. Consider to return an address instance on the stack if // the heap allocation is too expensive. Network::Address::InstanceConstSharedPtr quicAddressToEnvoyAddressInstance(const quic::QuicSocketAddress& quic_address) { return quic_address.IsInitialized() ? Network::Address::addressFromSockAddr(quic_address.generic_address(), quic_address.host().address_family() == quic::IpAddressFamily::IP_V4 ? sizeof(sockaddr_in) : sizeof(sockaddr_in6), false) : nullptr; } quic::QuicSocketAddress envoyIpAddressToQuicSocketAddress(const Network::Address::Ip* envoy_ip) { if (envoy_ip == nullptr) { // Return uninitialized socket addr return quic::QuicSocketAddress(); } uint32_t port = envoy_ip->port(); sockaddr_storage ss; if (envoy_ip->version() == Network::Address::IpVersion::v4) { // Create and return quic ipv4 address auto ipv4_addr = reinterpret_cast(&ss); memset(ipv4_addr, 0, sizeof(sockaddr_in)); ipv4_addr->sin_family = AF_INET; ipv4_addr->sin_port = htons(port); ipv4_addr->sin_addr.s_addr = envoy_ip->ipv4()->address(); } else { // Create and return quic ipv6 address auto ipv6_addr = reinterpret_cast(&ss); memset(ipv6_addr, 0, sizeof(sockaddr_in6)); ipv6_addr->sin6_family = AF_INET6; ipv6_addr->sin6_port = htons(port); ASSERT(sizeof(ipv6_addr->sin6_addr.s6_addr) == 16u); *reinterpret_cast(ipv6_addr->sin6_addr.s6_addr) = envoy_ip->ipv6()->address(); } return quic::QuicSocketAddress(ss); } spdy::SpdyHeaderBlock envoyHeadersToSpdyHeaderBlock(const Http::HeaderMap& headers) { spdy::SpdyHeaderBlock header_block; headers.iterate([&header_block](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { // The key-value pairs are copied. header_block.insert({header.key().getStringView(), header.value().getStringView()}); return Http::HeaderMap::Iterate::Continue; }); return header_block; } quic::QuicRstStreamErrorCode envoyResetReasonToQuicRstError(Http::StreamResetReason reason) { switch (reason) { case Http::StreamResetReason::LocalRefusedStreamReset: return quic::QUIC_REFUSED_STREAM; case Http::StreamResetReason::ConnectionFailure: return quic::QUIC_STREAM_CONNECTION_ERROR; case Http::StreamResetReason::LocalReset: return quic::QUIC_STREAM_CANCELLED; case Http::StreamResetReason::ConnectionTermination: return quic::QUIC_STREAM_NO_ERROR; default: return quic::QUIC_BAD_APPLICATION_PAYLOAD; } } Http::StreamResetReason quicRstErrorToEnvoyResetReason(quic::QuicRstStreamErrorCode rst_err) { switch (rst_err) { case quic::QUIC_REFUSED_STREAM: return Http::StreamResetReason::RemoteRefusedStreamReset; default: return Http::StreamResetReason::RemoteReset; } } Http::StreamResetReason quicErrorCodeToEnvoyResetReason(quic::QuicErrorCode error) { if (error == quic::QUIC_NO_ERROR) { return Http::StreamResetReason::ConnectionTermination; } else { return Http::StreamResetReason::ConnectionFailure; } } Http::GoAwayErrorCode quicErrorCodeToEnvoyErrorCode(quic::QuicErrorCode error) noexcept { switch (error) { case quic::QUIC_NO_ERROR: return Http::GoAwayErrorCode::NoError; default: return Http::GoAwayErrorCode::Other; } } Network::ConnectionSocketPtr createConnectionSocket(Network::Address::InstanceConstSharedPtr& peer_addr, Network::Address::InstanceConstSharedPtr& local_addr, const Network::ConnectionSocket::OptionsSharedPtr& options) { auto connection_socket = std::make_unique( Network::Socket::Type::Datagram, local_addr, peer_addr); connection_socket->addOptions(Network::SocketOptionFactory::buildIpPacketInfoOptions()); connection_socket->addOptions(Network::SocketOptionFactory::buildRxQueueOverFlowOptions()); if (options != nullptr) { connection_socket->addOptions(options); } if (!Network::Socket::applyOptions(connection_socket->options(), *connection_socket, envoy::config::core::v3::SocketOption::STATE_PREBIND)) { connection_socket->close(); ENVOY_LOG_MISC(error, "Fail to apply pre-bind options"); return connection_socket; } connection_socket->bind(local_addr); ASSERT(local_addr->ip()); local_addr = connection_socket->localAddress(); if (!Network::Socket::applyOptions(connection_socket->options(), *connection_socket, envoy::config::core::v3::SocketOption::STATE_BOUND)) { ENVOY_LOG_MISC(error, "Fail to apply post-bind options"); connection_socket->close(); } return connection_socket; } bssl::UniquePtr parseDERCertificate(const std::string& der_bytes, std::string* error_details) { const uint8_t* data; const uint8_t* orig_data; orig_data = data = reinterpret_cast(der_bytes.data()); bssl::UniquePtr cert(d2i_X509(nullptr, &data, der_bytes.size())); if (!cert.get()) { *error_details = "d2i_X509: fail to parse DER"; return nullptr; } if (data < orig_data || static_cast(data - orig_data) != der_bytes.size()) { *error_details = "There is trailing garbage in DER."; return nullptr; } return cert; } int deduceSignatureAlgorithmFromPublicKey(const EVP_PKEY* public_key, std::string* error_details) { int sign_alg = 0; const int pkey_id = EVP_PKEY_id(public_key); switch (pkey_id) { case EVP_PKEY_EC: { // We only support P-256 ECDSA today. const EC_KEY* ecdsa_public_key = EVP_PKEY_get0_EC_KEY(public_key); // Since we checked the key type above, this should be valid. ASSERT(ecdsa_public_key != nullptr); const EC_GROUP* ecdsa_group = EC_KEY_get0_group(ecdsa_public_key); if (ecdsa_group == nullptr || EC_GROUP_get_curve_name(ecdsa_group) != NID_X9_62_prime256v1) { *error_details = "Invalid leaf cert, only P-256 ECDSA certificates are supported"; break; } // QUICHE uses SHA-256 as hash function in cert signature. sign_alg = SSL_SIGN_ECDSA_SECP256R1_SHA256; } break; case EVP_PKEY_RSA: { // We require RSA certificates with 2048-bit or larger keys. const RSA* rsa_public_key = EVP_PKEY_get0_RSA(public_key); // Since we checked the key type above, this should be valid. ASSERT(rsa_public_key != nullptr); const unsigned rsa_key_length = RSA_size(rsa_public_key); #ifdef BORINGSSL_FIPS if (rsa_key_length != 2048 / 8 && rsa_key_length != 3072 / 8) { *error_details = "Invalid leaf cert, only RSA certificates with 2048-bit or 3072-bit keys " "are supported in FIPS mode"; break; } #else if (rsa_key_length < 2048 / 8) { *error_details = "Invalid leaf cert, only RSA certificates with 2048-bit or larger keys are supported"; break; } #endif sign_alg = SSL_SIGN_RSA_PSS_RSAE_SHA256; } break; default: *error_details = "Invalid leaf cert, only RSA and ECDSA certificates are supported"; } return sign_alg; } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/envoy_quic_utils.h ================================================ #pragma once #include "envoy/common/platform.h" #include "envoy/http/codec.h" #include "common/common/assert.h" #include "common/http/header_map_impl.h" #include "common/network/address_impl.h" #include "common/network/listen_socket_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #endif #include "quiche/quic/core/quic_types.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "quiche/quic/core/http/quic_header_list.h" #include "quiche/quic/core/quic_error_codes.h" #include "quiche/quic/platform/api/quic_ip_address.h" #include "quiche/quic/platform/api/quic_socket_address.h" #include "openssl/ssl.h" namespace Envoy { namespace Quic { // TODO(danzh): this is called on each write. Consider to return an address instance on the stack if // the heap allocation is too expensive. Network::Address::InstanceConstSharedPtr quicAddressToEnvoyAddressInstance(const quic::QuicSocketAddress& quic_address); quic::QuicSocketAddress envoyIpAddressToQuicSocketAddress(const Network::Address::Ip* envoy_ip); // The returned header map has all keys in lower case. template std::unique_ptr quicHeadersToEnvoyHeaders(const quic::QuicHeaderList& header_list) { auto headers = T::create(); for (const auto& entry : header_list) { // TODO(danzh): Avoid copy by referencing entry as header_list is already validated by QUIC. headers->addCopy(Http::LowerCaseString(entry.first), entry.second); } return headers; } template std::unique_ptr spdyHeaderBlockToEnvoyHeaders(const spdy::SpdyHeaderBlock& header_block) { auto headers = T::create(); for (auto entry : header_block) { // TODO(danzh): Avoid temporary strings and addCopy() with string_view. std::string key(entry.first); std::string value(entry.second); headers->addCopy(Http::LowerCaseString(key), value); } return headers; } spdy::SpdyHeaderBlock envoyHeadersToSpdyHeaderBlock(const Http::HeaderMap& headers); // Called when Envoy wants to reset the underlying QUIC stream. quic::QuicRstStreamErrorCode envoyResetReasonToQuicRstError(Http::StreamResetReason reason); // Called when a RST_STREAM frame is received. Http::StreamResetReason quicRstErrorToEnvoyResetReason(quic::QuicRstStreamErrorCode rst_err); // Called when underlying QUIC connection is closed either locally or by peer. Http::StreamResetReason quicErrorCodeToEnvoyResetReason(quic::QuicErrorCode error); // Called when a GOAWAY frame is received. ABSL_MUST_USE_RESULT Http::GoAwayErrorCode quicErrorCodeToEnvoyErrorCode(quic::QuicErrorCode error) noexcept; // Create a connection socket instance and apply given socket options to the // socket. IP_PKTINFO and SO_RXQ_OVFL is always set if supported. Network::ConnectionSocketPtr createConnectionSocket(Network::Address::InstanceConstSharedPtr& peer_addr, Network::Address::InstanceConstSharedPtr& local_addr, const Network::ConnectionSocket::OptionsSharedPtr& options); // Convert a cert in string form to X509 object. // Return nullptr if the bytes passed cannot be passed. bssl::UniquePtr parseDERCertificate(const std::string& der_bytes, std::string* error_details); // Deduce the suitable signature algorithm according to the public key. // Return the sign algorithm id works with the public key; If the public key is // not supported, return 0 with error_details populated correspondingly. int deduceSignatureAlgorithmFromPublicKey(const EVP_PKEY* public_key, std::string* error_details); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # Build targets in this package are part of the QUICHE platform implementation. # These implementations are the infrastructure building block for QUIC. They are # used in 2 different ways: # # Most of them are not to be consumed or referenced directly by other Envoy code. # Their only consumers should be build rules under @com_googlesource_quiche//..., # and tests. In a monorepo, this would be enforced via visibility attribute, but # Bazel does not support limiting visibility to specific external dependencies. # # Very few of them are used by Envoy to interact with QUIC. They are used as a shim # to match a non-virtualized API required by the external Quiche implementation. # # See a detailed description of QUIC platform API dependency model at: # https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/platform/api/README.md # These implementations are tested through their APIs with tests mostly brought in from # QUICHE, thus new unit tests for them are deliberately omitted in Envoy tree. These # tests are added to @com_googlesource_quiche//:quic_platform_api_test. And all tests # under @com_googlesource_quiche// are configured in test/coverage/gen_build.sh to run in # CI. # For some APIs which are not covered in QUICHE tests, their tests is added into # //test/extensions/quic_listeners/quiche/platform/. # TODO: add build target for quic_platform_impl_lib envoy_cc_library( name = "flags_impl_lib", srcs = ["flags_impl.cc"], hdrs = [ "flags_impl.h", "flags_list.h", ], external_deps = [ "abseil_base", "abseil_synchronization", ], visibility = ["//visibility:public"], ) envoy_cc_library( name = "string_utils_lib", srcs = ["string_utils.cc"], hdrs = ["string_utils.h"], external_deps = ["abseil_str_format"], visibility = ["//visibility:private"], deps = [ "//source/common/common:assert_lib", "//source/common/common:base64_lib", ], ) envoy_cc_library( name = "http2_platform_impl_lib", hdrs = [ "http2_arraysize_impl.h", "http2_bug_tracker_impl.h", "http2_containers_impl.h", "http2_estimate_memory_usage_impl.h", "http2_flag_utils_impl.h", "http2_flags_impl.h", "http2_logging_impl.h", "http2_macros_impl.h", "http2_string_utils_impl.h", ], external_deps = [ "abseil_base", "abseil_optional", "abseil_str_format", ], visibility = ["//visibility:public"], deps = [ ":flags_impl_lib", ":quic_platform_logging_impl_lib", ":string_utils_lib", ], ) envoy_cc_library( name = "quic_platform_export_impl_lib", hdrs = ["quic_export_impl.h"], tags = ["nofips"], visibility = ["//visibility:public"], ) envoy_cc_library( name = "quic_platform_logging_impl_lib", srcs = ["quic_logging_impl.cc"], hdrs = [ "quic_bug_tracker_impl.h", "quic_logging_impl.h", ], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "//source/common/common:assert_lib", "//source/common/common:stl_helpers", "//source/common/common:utility_lib", ], ) envoy_cc_library( name = "quic_platform_base_impl_lib", srcs = [ "quic_mem_slice_impl.cc", ], hdrs = [ "quic_aligned_impl.h", "quic_client_stats_impl.h", "quic_containers_impl.h", "quic_error_code_wrappers_impl.h", "quic_estimate_memory_usage_impl.h", "quic_fallthrough_impl.h", "quic_flag_utils_impl.h", "quic_flags_impl.h", "quic_iovec_impl.h", "quic_macros_impl.h", "quic_map_util_impl.h", "quic_mem_slice_impl.h", "quic_prefetch_impl.h", "quic_ptr_util_impl.h", "quic_reference_counted_impl.h", "quic_server_stats_impl.h", "quic_stack_trace_impl.h", "quic_stream_buffer_allocator_impl.h", "quic_uint128_impl.h", ], external_deps = [ "abseil_base", "abseil_hash", "abseil_inlined_vector", "abseil_memory", "abseil_node_hash_map", "abseil_node_hash_set", "abseil_optional", ], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ ":flags_impl_lib", ":string_utils_lib", "//include/envoy/api:io_error_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/server:backtrace_lib", "@com_googlesource_quiche//:quic_core_buffer_allocator_lib", "@com_googlesource_quiche//:quic_platform_export", "@com_googlesource_quiche//:quic_platform_ip_address_family", "@com_googlesource_quiche//:quiche_common_platform", ], ) envoy_cc_library( name = "quic_platform_impl_lib", srcs = [ "quic_cert_utils_impl.cc", "quic_file_utils_impl.cc", "quic_hostname_utils_impl.cc", ], hdrs = [ "quic_cert_utils_impl.h", "quic_file_utils_impl.h", "quic_hostname_utils_impl.h", "quic_mutex_impl.h", "quic_pcc_sender_impl.h", "quic_string_utils_impl.h", ], external_deps = [ "quiche_quic_platform_base", "abseil_str_format", "abseil_synchronization", "abseil_time", "ssl", ], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "//source/common/common:assert_lib", "//source/common/filesystem:directory_lib", "//source/common/filesystem:filesystem_lib", "//source/common/http:utility_lib", ], ) envoy_cc_library( name = "quic_platform_mem_slice_span_impl_lib", srcs = ["quic_mem_slice_span_impl.cc"], hdrs = ["quic_mem_slice_span_impl.h"], copts = select({ "//bazel:windows_x86_64": [], "//conditions:default": ["-Wno-unused-parameter"], }), tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "//include/envoy/buffer:buffer_interface", "@com_googlesource_quiche//:quic_core_types_lib", "@com_googlesource_quiche//:quic_platform_base", ], ) envoy_cc_library( name = "quic_platform_mem_slice_storage_impl_lib", srcs = ["quic_mem_slice_storage_impl.cc"], hdrs = ["quic_mem_slice_storage_impl.h"], copts = select({ "//bazel:windows_x86_64": [], "//conditions:default": [ "-Wno-error=invalid-offsetof", "-Wno-unused-parameter", ], }), tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "@com_googlesource_quiche//:quic_core_buffer_allocator_lib", "@com_googlesource_quiche//:quic_core_utils_lib", "@com_googlesource_quiche//:quic_platform_mem_slice_span", ], ) envoy_cc_library( name = "quic_platform_udp_socket_impl_lib", hdrs = select({ "//bazel:linux": ["quic_udp_socket_platform_impl.h"], "//conditions:default": [], }), repository = "@envoy", tags = ["nofips"], ) envoy_cc_library( name = "envoy_quic_clock_lib", srcs = ["envoy_quic_clock.cc"], hdrs = ["envoy_quic_clock.h"], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "//include/envoy/event:dispatcher_interface", "@com_googlesource_quiche//:quic_core_clock_lib", ], ) envoy_cc_library( name = "quiche_common_platform_optional_impl_lib", hdrs = ["quiche_optional_impl.h"], external_deps = [ "abseil_node_hash_map", ], visibility = ["//visibility:public"], ) envoy_cc_library( name = "quiche_common_platform_impl_lib", srcs = ["quiche_time_utils_impl.cc"], hdrs = [ "quiche_arraysize_impl.h", "quiche_logging_impl.h", "quiche_map_util_impl.h", "quiche_ptr_util_impl.h", "quiche_str_cat_impl.h", "quiche_string_piece_impl.h", "quiche_text_utils_impl.h", "quiche_time_utils_impl.h", "quiche_unordered_containers_impl.h", ], external_deps = [ "abseil_hash", "abseil_node_hash_map", ], visibility = ["//visibility:public"], deps = [ ":quic_platform_logging_impl_lib", ":string_utils_lib", "@com_googlesource_quiche//:quiche_common_platform_optional", ], ) envoy_cc_library( name = "spdy_platform_impl_lib", hdrs = [ "spdy_arraysize_impl.h", "spdy_bug_tracker_impl.h", "spdy_containers_impl.h", "spdy_endianness_util_impl.h", "spdy_estimate_memory_usage_impl.h", "spdy_flags_impl.h", "spdy_logging_impl.h", "spdy_macros_impl.h", "spdy_mem_slice_impl.h", "spdy_string_utils_impl.h", "spdy_test_helpers_impl.h", "spdy_test_utils_prod_impl.h", ], external_deps = [ "abseil_base", "abseil_hash", "abseil_inlined_vector", "abseil_memory", "abseil_str_format", ], visibility = ["//visibility:public"], deps = [ ":flags_impl_lib", ":quic_platform_logging_impl_lib", ":string_utils_lib", "//source/common/common:assert_lib", "@com_googlesource_quiche//:quiche_common_lib", ], ) envoy_cc_library( name = "spdy_platform_unsafe_arena_impl_lib", hdrs = ["spdy_unsafe_arena_impl.h"], visibility = ["//visibility:public"], deps = ["@com_googlesource_quiche//:spdy_simple_arena_lib"], ) envoy_cc_library( name = "quiche_common_platform_export_impl_lib", hdrs = ["quiche_export_impl.h"], tags = ["nofips"], visibility = ["//visibility:public"], ) envoy_cc_library( name = "quiche_common_platform_endian_impl_lib", hdrs = ["quiche_endian_impl.h"], tags = ["nofips"], visibility = ["//visibility:public"], deps = [ "quiche_common_platform_export_impl_lib", "//source/common/common:byte_order_lib", ], ) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/envoy_quic_clock.cc ================================================ #include "extensions/quic_listeners/quiche/platform/envoy_quic_clock.h" namespace Envoy { namespace Quic { quic::QuicTime EnvoyQuicClock::ApproximateNow() const { return quic::QuicTime::Zero() + quic::QuicTime::Delta::FromMicroseconds(microsecondsSinceEpoch( dispatcher_.approximateMonotonicTime())); } quic::QuicTime EnvoyQuicClock::Now() const { // Since the expensive operation of obtaining time has to be performed anyway, // make Dispatcher update approximate time. Without this, alarms might fire // one event loop later. const_cast is necessary here because // updateApproximateMonotonicTime() is a non-const operation, and Now() is // conceptually const (even though this particular implementation has a // visible side effect). Changing Now() to non-const would necessitate // changing a number of other methods and members to non-const, which would // not increase clarity. const_cast(dispatcher_).updateApproximateMonotonicTime(); return ApproximateNow(); } quic::QuicWallTime EnvoyQuicClock::WallNow() const { return quic::QuicWallTime::FromUNIXMicroseconds( microsecondsSinceEpoch(dispatcher_.timeSource().systemTime())); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/envoy_quic_clock.h ================================================ #pragma once #include #include "envoy/event/dispatcher.h" #include "quiche/quic/core/quic_clock.h" namespace Envoy { namespace Quic { class EnvoyQuicClock : public quic::QuicClock { public: EnvoyQuicClock(Event::Dispatcher& dispatcher) : dispatcher_(dispatcher) {} // quic::QuicClock quic::QuicTime ApproximateNow() const override; quic::QuicTime Now() const override; quic::QuicWallTime WallNow() const override; private: template int64_t microsecondsSinceEpoch(std::chrono::time_point time) const { return std::chrono::duration_cast(time.time_since_epoch()).count(); } Event::Dispatcher& dispatcher_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/flags_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/flags_impl.h" #include #include "absl/strings/ascii.h" #include "absl/strings/numbers.h" namespace quiche { namespace { absl::flat_hash_map MakeFlagMap() { absl::flat_hash_map flags; #define QUICHE_FLAG(type, flag, value, help) flags.emplace(FLAGS_##flag->name(), FLAGS_##flag); #include "extensions/quic_listeners/quiche/platform/flags_list.h" #undef QUICHE_FLAG return flags; } } // namespace // static FlagRegistry& FlagRegistry::GetInstance() { static auto* instance = new FlagRegistry(); return *instance; } FlagRegistry::FlagRegistry() : flags_(MakeFlagMap()) {} void FlagRegistry::ResetFlags() const { for (auto& kv : flags_) { kv.second->ResetValue(); } } Flag* FlagRegistry::FindFlag(const std::string& name) const { auto it = flags_.find(name); return (it != flags_.end()) ? it->second : nullptr; } template <> bool TypedFlag::SetValueFromString(const std::string& value_str) { static const auto* kTrueValues = new std::set({"1", "t", "true", "y", "yes"}); static const auto* kFalseValues = new std::set({"0", "f", "false", "n", "no"}); auto lower = absl::AsciiStrToLower(value_str); if (kTrueValues->find(lower) != kTrueValues->end()) { SetValue(true); return true; } if (kFalseValues->find(lower) != kFalseValues->end()) { SetValue(false); return true; } return false; } template <> bool TypedFlag::SetValueFromString(const std::string& value_str) { int32_t value; if (absl::SimpleAtoi(value_str, &value)) { SetValue(value); return true; } return false; } template <> bool TypedFlag::SetValueFromString(const std::string& value_str) { int64_t value; if (absl::SimpleAtoi(value_str, &value)) { SetValue(value); return true; } return false; } template <> bool TypedFlag::SetValueFromString(const std::string& value_str) { double value; if (absl::SimpleAtod(value_str, &value)) { SetValue(value); return true; } return false; } template <> bool TypedFlag::SetValueFromString(const std::string& value_str) { SetValue(value_str); return true; } // Flag definitions #define QUICHE_FLAG(type, flag, value, help) \ TypedFlag* FLAGS_##flag = new TypedFlag(#flag, value, help); #include "extensions/quic_listeners/quiche/platform/flags_list.h" #undef QUICHE_FLAG } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/flags_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "absl/container/flat_hash_map.h" #include "absl/synchronization/mutex.h" namespace quiche { class Flag; // TODO: modify flags implementation to be backed by // Runtime::runtimeFeatureEnabled(), which is the canonical Envoy way of // enabling and disabling features. // Registry of QUICHE flags. Can be used to reset all flags to default values, // and to look up and set flags by name. class FlagRegistry { public: ~FlagRegistry() = default; // Return singleton instance. static FlagRegistry& GetInstance(); // Reset all registered flags to their default values. void ResetFlags() const; // Look up a flag by name. Flag* FindFlag(const std::string& name) const; private: FlagRegistry(); const absl::flat_hash_map flags_; }; // Abstract class for QUICHE protocol and feature flags. class Flag { public: // Construct Flag with the given name and help string. Flag(const char* name, const char* help) : name_(name), help_(help) {} virtual ~Flag() = default; // Set flag value from given string, returning true iff successful. virtual bool SetValueFromString(const std::string& value_str) = 0; // Reset flag to default value. virtual void ResetValue() = 0; // Return flag name. std::string name() const { return name_; } // Return flag help string. std::string help() const { return help_; } private: std::string name_; std::string help_; }; // Concrete class for QUICHE protocol and feature flags, templated by flag type. template class TypedFlag : public Flag { public: TypedFlag(const char* name, T default_value, const char* help) : Flag(name, help), value_(default_value), default_value_(default_value) {} bool SetValueFromString(const std::string& value_str) override; void ResetValue() override { absl::MutexLock lock(&mutex_); value_ = default_value_; } // Set flag value. void SetValue(T value) { absl::MutexLock lock(&mutex_); value_ = value; } // Return flag value. T value() const { absl::MutexLock lock(&mutex_); return value_; } private: mutable absl::Mutex mutex_; T value_ ABSL_GUARDED_BY(mutex_); T default_value_; }; // SetValueFromString specializations template <> bool TypedFlag::SetValueFromString(const std::string& value_str); template <> bool TypedFlag::SetValueFromString(const std::string& value_str); template <> bool TypedFlag::SetValueFromString(const std::string& value_str); template <> bool TypedFlag::SetValueFromString(const std::string& value_str); template <> bool TypedFlag::SetValueFromString(const std::string& value_str); // Flag declarations #define QUICHE_FLAG(type, flag, value, help) extern TypedFlag* FLAGS_##flag; #include "extensions/quic_listeners/quiche/platform/flags_list.h" #undef QUICHE_FLAG } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/flags_list.h ================================================ // This file intentionally does not have header guards. It is intended to be // included multiple times, each time with a different definition of // QUICHE_FLAG. // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. // This file is generated by //third_party/quic/tools:quic_flags_list in // Google3. #if defined(QUICHE_FLAG) QUICHE_FLAG( bool, http2_reloadable_flag_http2_backend_alpn_failure_error_code, false, "If true, the GFE will return a new ResponseCodeDetails error when ALPN to the backend fails.") QUICHE_FLAG(bool, http2_reloadable_flag_http2_ip_based_cwnd_exp, true, "If true, enable IP address based CWND bootstrapping experiment with different " "bandwidth models and priorities in HTTP2.") QUICHE_FLAG( bool, http2_reloadable_flag_http2_load_based_goaway_warning, false, "If true, load-based connection closures will send a warning GOAWAY before the actual GOAWAY.") QUICHE_FLAG(bool, http2_reloadable_flag_http2_security_requirement_for_client3, false, "If true, check whether client meets security requirements during SSL handshake. If " "flag is true and client does not meet security requirements, do not negotiate HTTP/2 " "with client or terminate the session with SPDY_INADEQUATE_SECURITY if HTTP/2 is " "already negotiated. The spec contains both cipher and TLS version requirements.") QUICHE_FLAG(bool, http2_reloadable_flag_http2_websocket_detection, false, "If true, uses a HTTP/2-specific method of detecting websocket upgrade requests.") QUICHE_FLAG(bool, http2_reloadable_flag_permissive_http2_switch, false, "If true, the GFE allows both HTTP/1.0 and HTTP/1.1 versions in HTTP/2 upgrade " "requests/responses.") QUICHE_FLAG(bool, quic_reloadable_flag_advertise_quic_for_https_for_debugips, false, "") QUICHE_FLAG(bool, quic_reloadable_flag_advertise_quic_for_https_for_external_users, false, "") QUICHE_FLAG(bool, quic_reloadable_flag_gclb_quic_allow_alia, true, "If gfe2_reloadable_flag_gclb_use_alia is also true, use Alia for GCLB QUIC " "handshakes. To be used as a big red button if there's a problem with Alia/QUIC.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_abort_qpack_on_stream_close, false, "If true, abort async QPACK header decompression in QuicSpdyStream::OnClose().") QUICHE_FLAG(bool, quic_reloadable_flag_quic_ack_delay_alarm_granularity, false, "When true, ensure the ACK delay is never less than the alarm granularity when ACK " "decimation is enabled.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_add_missing_connected_checks, false, "If true, add missing connected checks.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_add_silent_idle_timeout, true, "If true, when server is silently closing connections due to idle timeout, serialize " "the connection close packets which will be added to time wait list.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_add_stream_info_to_idle_close_detail, false, "If true, include stream information in idle timeout connection close detail.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_allow_backend_set_stream_ttl, false, "If true, check backend response header for X-Response-Ttl. If it is provided, the " "stream TTL is set. A QUIC stream will be immediately canceled when tries to write " "data if this TTL expired.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_allow_client_enabled_bbr_v2, true, "If true, allow client to enable BBRv2 on server via connection option 'B2ON'.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_alpn_dispatch, false, "Support different QUIC sessions, as indicated by ALPN. Used for QBONE.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_bbr2_avoid_too_low_probe_bw_cwnd, false, "If true, QUIC BBRv2's PROBE_BW mode will not reduce cwnd below BDP+ack_height.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_bbr2_fewer_startup_round_trips, false, "When true, the 1RTT and 2RTT connection options decrease the number of round trips in " "BBRv2 STARTUP without a 25% bandwidth increase to 1 or 2 round trips respectively.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_bbr2_limit_inflight_hi, false, "When true, the B2HI connection option limits reduction of inflight_hi to (1-Beta)*CWND.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_bbr2_use_post_inflight_to_detect_queuing, false, "If true, QUIC BBRv2 will use inflight byte after congestion event to detect queuing " "during PROBE_UP.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_bbr_no_bytes_acked_in_startup_recovery, false, "When in STARTUP and recovery, do not add bytes_acked to QUIC BBR's CWND in " "CalculateCongestionWindow()") QUICHE_FLAG(bool, quic_reloadable_flag_quic_bootstrap_cwnd_by_spdy_priority, true, "If true, bootstrap initial QUIC cwnd by SPDY priorities.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_cap_large_client_initial_rtt, true, "If true, cap client suggested initial RTT to 1s if it is longer than 1s.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_clean_up_spdy_session_destructor, false, "If true, QuicSpdySession's destructor won't need to do cleanup.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_close_connection_in_on_can_write_with_blocked_writer, false, "If true, close connection if writer is still blocked while OnCanWrite is called.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_close_connection_on_serialization_failure, false, "If true, close connection on packet serialization failures.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_conservative_bursts, false, "If true, set burst token to 2 in cwnd bootstrapping experiment.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_conservative_cwnd_and_pacing_gains, false, "If true, uses conservative cwnd gain and pacing gain when cwnd gets bootstrapped.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_copy_bbr_cwnd_to_bbr2, false, "If true, when switching from BBR to BBRv2, BBRv2 will use BBR's cwnd as its initial cwnd.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_default_enable_5rto_blackhole_detection2, true, "If true, default-enable 5RTO blachole detection.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_default_on_pto, false, "If true, default on PTO which unifies TLP + RTO loss recovery.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_default_to_bbr, true, "When true, defaults to BBR congestion control instead of Cubic.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_default_to_bbr_v2, false, "If true, use BBRv2 as the default congestion controller. Takes precedence over " "--quic_default_to_bbr.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_server_blackhole_detection, false, "If true, disable blackhole detection on server side.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_draft_27, false, "If true, disable QUIC version h3-27.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_draft_29, false, "If true, disable QUIC version h3-29.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_q043, false, "If true, disable QUIC version Q043.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_q046, false, "If true, disable QUIC version Q046.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_q050, false, "If true, disable QUIC version Q050.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_t050, false, "If true, disable QUIC version h3-T050.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_disable_version_t051, false, "If true, disable QUIC version h3-T051.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_discard_initial_packet_with_key_dropped, false, "If true, discard INITIAL packet if the key has been dropped.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_do_not_accept_stop_waiting, false, "In v44 and above, where STOP_WAITING is never sent, close the connection if it's received.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_donot_reset_ideal_next_packet_send_time, false, "If true, stop resetting ideal_next_packet_send_time_ in pacing sender.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_enable_loss_detection_experiment_at_gfe, false, "If ture, enable GFE-picked loss detection experiment.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_enable_loss_detection_tuner, false, "If true, allow QUIC loss detection tuning to be enabled by connection option ELDT.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_enable_mtu_discovery_at_server, false, "If true, QUIC will default enable MTU discovery at server, with a target of 1450 bytes.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_enabled, false, "") QUICHE_FLAG(bool, quic_reloadable_flag_quic_fix_arm_pto_for_application_data, false, "If true, do not arm PTO for application data until handshake confirmed.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_fix_bytes_left_for_batch_write, false, "If true, convert bytes_left_for_batch_write_ to unsigned int.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_fix_http3_goaway_stream_id, false, "If true, send the lowest stream ID that can be retried by the client in a GOAWAY frame. If " "false, send the highest received stream ID, which actually should not be retried.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_fix_out_of_order_sending, false, "If true, fix a potential out of order sending caused by handshake gets confirmed " "while the coalescer is not empty.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_fix_pto_pending_timer_count, false, "If true, make sure there is pending timer credit when trying to PTO retransmit any packets.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_fix_undecryptable_packets2, false, "If true, remove processed undecryptable packets.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_get_stream_information_from_stream_map, true, "If true, gQUIC will only consult stream_map in QuicSession::GetNumActiveStreams().") QUICHE_FLAG(bool, quic_reloadable_flag_quic_give_sent_packet_to_debug_visitor_after_sent, false, "If true, QUIC connection will pass sent packet information to the debug visitor after " "a packet is recorded as sent in sent packet manager.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_http3_new_default_urgency_value, false, "If true, QuicStream::kDefaultUrgency is 3, otherwise 1.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_ip_based_cwnd_exp, true, "If true, enable IP address based CWND bootstrapping experiment with different " "bandwidth models and priorities. ") QUICHE_FLAG(bool, quic_reloadable_flag_quic_listener_never_fake_epollout, false, "If true, QuicListener::OnSocketIsWritable will always return false, which means there " "will never be a fake EPOLLOUT event in the next epoll iteration.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_neuter_initial_packet_in_coalescer_with_initial_key_discarded, false, "If true, neuter initial packet in the coalescer when discarding initial keys.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_no_dup_experiment_id_2, false, "If true, transport connection stats doesn't report duplicated experiments for same " "connection.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_no_silent_close_for_idle_timeout, true, "If true, always send connection close for idle timeout if NSLC is received.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_only_set_uaid_in_tcs_visitor, false, "If true, QuicTransportConnectionStatsVisitor::PopulateTransportConnectionStats will " "be the only place where TCS's uaid field is set.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_only_truncate_long_cids, true, "In IETF QUIC, only truncate long CIDs from the client's Initial, don't modify them.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_preferred_altsvc_version, false, "When true, we will send a preferred QUIC version at the start of our Alt-Svc list.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_proxy_write_packed_strings, false, "If true, QuicProxyDispatcher will write packed_client_address and packed_server_vip " "in TcpProxyHeaderProto.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_record_frontend_service_vip_mapping, true, "If true, for L1 GFE, as requests come in, record frontend service to VIP mapping " "which is used to announce VIP in SHLO for proxied sessions. ") QUICHE_FLAG(bool, quic_reloadable_flag_quic_record_received_min_ack_delay, false, "If true, record the received min_ack_delay in transport parameters to QUIC config.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_reject_all_traffic, false, "") QUICHE_FLAG(bool, quic_reloadable_flag_quic_remove_zombie_streams, true, "If true, QuicSession doesn't keep a separate zombie_streams. Instead, all streams are " "stored in stream_map_.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_require_handshake_confirmation, false, "If true, require handshake confirmation for QUIC connections, functionally disabling " "0-rtt handshakes.") QUICHE_FLAG( bool, quic_reloadable_flag_quic_send_key_update_not_yet_supported, false, "When true, QUIC+TLS versions will send the key_update_not_yet_supported transport parameter.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_send_path_response, false, "If true, send PATH_RESPONSE upon receiving PATH_CHALLENGE regardless of perspective. " "--gfe2_reloadable_flag_quic_start_peer_migration_earlier has to be true before turn " "on this flag.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_send_timestamps, false, "When the STMP connection option is sent by the client, timestamps in the QUIC ACK " "frame are sent and processed.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_server_push, false, "If true, enable server push feature on QUIC.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_set_resumed_ssl_session_early, false, "If true, set resumed_ssl_session if this is a 0-RTT connection.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_start_peer_migration_earlier, false, "If true, while reading an IETF quic packet, start peer migration immediately when " "detecting the existence of any non-probing frame instead of at the end of the packet.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_stop_sending_uses_ietf_error_code, false, "If true, use IETF QUIC application error codes in STOP_SENDING frames. If false, use " "QuicRstStreamErrorCodes.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_testonly_default_false, false, "A testonly reloadable flag that will always default to false.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_testonly_default_true, true, "A testonly reloadable flag that will always default to true.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_unified_iw_options, false, "When true, set the initial congestion control window from connection options in " "QuicSentPacketManager rather than TcpCubicSenderBytes.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_use_header_stage_idle_list2, false, "If true, use header stage idle list for QUIC connections in GFE.") QUICHE_FLAG(bool, quic_reloadable_flag_quic_use_leto_key_exchange, false, "If true, QUIC will attempt to use the Leto key exchange service and only fall back to " "local key exchange if that fails.") QUICHE_FLAG(bool, quic_reloadable_flag_send_quic_fallback_server_config_on_leto_error, false, "If true and using Leto for QUIC shared-key calculations, GFE will react to a failure " "to contact Leto by sending a REJ containing a fallback ServerConfig, allowing the " "client to continue the handshake.") QUICHE_FLAG( bool, quic_restart_flag_dont_fetch_quic_private_keys_from_leto, false, "If true, GFE will not request private keys when fetching QUIC ServerConfigs from Leto.") QUICHE_FLAG(bool, quic_restart_flag_quic_adjust_initial_cwnd_by_gws, true, "If true, GFE informs backend that a client request is the first one on the connection " "via frontline header \"first_request=1\". Also, adjust initial cwnd based on " "X-Google-Gws-Initial-Cwnd-Mode sent by GWS.") QUICHE_FLAG( bool, quic_restart_flag_quic_allow_loas_multipacket_chlo, false, "If true, inspects QUIC CHLOs for kLOAS and early creates sessions to allow multi-packet CHLOs") QUICHE_FLAG( bool, quic_restart_flag_quic_disable_gws_cwnd_experiment, false, "If true, X-Google-Gws-Initial-Cwnd-Mode related header sent by GWS becomes no-op for QUIC.") QUICHE_FLAG(bool, quic_restart_flag_quic_enable_tls_resumption_v4, true, "If true, enables support for TLS resumption in QUIC.") QUICHE_FLAG(bool, quic_restart_flag_quic_enable_zero_rtt_for_tls_v2, true, "If true, support for IETF QUIC 0-rtt is enabled.") QUICHE_FLAG(bool, quic_restart_flag_quic_offload_pacing_to_usps2, false, "If true, QUIC offload pacing when using USPS as egress method.") QUICHE_FLAG(bool, quic_restart_flag_quic_rx_ring_use_tpacket_v3, false, "If true, use TPACKET_V3 for QuicRxRing instead of TPACKET_V2.") QUICHE_FLAG(bool, quic_restart_flag_quic_should_accept_new_connection, false, "If true, reject QUIC CHLO packets when dispatcher is asked to do so.") QUICHE_FLAG(bool, quic_restart_flag_quic_support_release_time_for_gso, false, "If true, QuicGsoBatchWriter will support release time if it is available and the " "process has the permission to do so.") QUICHE_FLAG(bool, quic_restart_flag_quic_testonly_default_false, false, "A testonly restart flag that will always default to false.") QUICHE_FLAG(bool, quic_restart_flag_quic_testonly_default_true, true, "A testonly restart flag that will always default to true.") QUICHE_FLAG( bool, quic_restart_flag_quic_use_leto_for_quic_configs, false, "If true, use Leto to fetch QUIC server configs instead of using the seeds from Memento.") QUICHE_FLAG(bool, quic_restart_flag_quic_use_pigeon_socket_to_backend, false, "If true, create a shared pigeon socket for all quic to backend connections and switch " "to use it after successful handshake.") QUICHE_FLAG(bool, spdy_reloadable_flag_quic_bootstrap_cwnd_by_spdy_priority, true, "If true, bootstrap initial QUIC cwnd by SPDY priorities.") QUICHE_FLAG(bool, spdy_reloadable_flag_quic_clean_up_spdy_session_destructor, false, "If true, QuicSpdySession's destructor won't need to do cleanup.") QUICHE_FLAG( bool, spdy_reloadable_flag_spdy_discard_response_body_if_disallowed, false, "If true, SPDY will discard all response body bytes when response code indicates no response " "body should exist. Previously, we only discard partial bytes on the first response processing " "and the rest of the response bytes would still be delivered even though the response code " "said there should not be any body associated with the response code.") QUICHE_FLAG(bool, quic_allow_chlo_buffering, true, "If true, allows packets to be buffered in anticipation of a " "future CHLO, and allow CHLO packets to be buffered until next " "iteration of the event loop.") QUICHE_FLAG(bool, quic_disable_pacing_for_perf_tests, false, "If true, disable pacing in QUIC") QUICHE_FLAG(bool, quic_enforce_single_packet_chlo, true, "If true, enforce that QUIC CHLOs fit in one packet") QUICHE_FLAG(int64_t, quic_time_wait_list_max_connections, 600000, "Maximum number of connections on the time-wait list. " "A negative value implies no configured limit.") QUICHE_FLAG(int64_t, quic_time_wait_list_seconds, 200, "Time period for which a given connection_id should live in " "the time-wait state.") QUICHE_FLAG(double, quic_bbr_cwnd_gain, 2.0f, "Congestion window gain for QUIC BBR during PROBE_BW phase.") QUICHE_FLAG(int32_t, quic_buffered_data_threshold, 8 * 1024, "If buffered data in QUIC stream is less than this " "threshold, buffers all provided data or asks upper layer for more data") QUICHE_FLAG(int32_t, quic_send_buffer_max_data_slice_size, 4 * 1024, "Max size of data slice in bytes for QUIC stream send buffer.") QUICHE_FLAG(int32_t, quic_lumpy_pacing_size, 2, "Number of packets that the pacing sender allows in bursts during " "pacing. This flag is ignored if a flow's estimated bandwidth is " "lower than 1200 kbps.") QUICHE_FLAG(double, quic_lumpy_pacing_cwnd_fraction, 0.25f, "Congestion window fraction that the pacing sender allows in bursts " "during pacing.") QUICHE_FLAG(int32_t, quic_max_pace_time_into_future_ms, 10, "Max time that QUIC can pace packets into the future in ms.") QUICHE_FLAG(double, quic_pace_time_into_future_srtt_fraction, 0.125f, "Smoothed RTT fraction that a connection can pace packets into the future.") QUICHE_FLAG(bool, quic_export_server_num_packets_per_write_histogram, false, "If true, export number of packets written per write operation histogram.") QUICHE_FLAG(bool, quic_disable_version_negotiation_grease_randomness, false, "If true, use predictable version negotiation versions.") QUICHE_FLAG(bool, quic_enable_http3_grease_randomness, true, "If true, use random greased settings and frames.") QUICHE_FLAG(int64_t, quic_max_tracked_packet_count, 10000, "Maximum number of tracked packets.") QUICHE_FLAG(bool, quic_prober_uses_length_prefixed_connection_ids, false, "If true, QuicFramer::WriteClientVersionNegotiationProbePacket uses " "length-prefixed connection IDs.") QUICHE_FLAG(bool, quic_client_convert_http_header_name_to_lowercase, true, "If true, HTTP request header names sent from QuicSpdyClientBase(and " "descendents) will be automatically converted to lower case.") QUICHE_FLAG(bool, quic_enable_http3_server_push, false, "If true, server push will be allowed in QUIC versions that use HTTP/3.") QUICHE_FLAG(int32_t, quic_bbr2_default_probe_bw_base_duration_ms, 2000, "The default minimum duration for BBRv2-native probes, in milliseconds.") QUICHE_FLAG(int32_t, quic_bbr2_default_probe_bw_max_rand_duration_ms, 1000, "The default upper bound of the random amount of BBRv2-native " "probes, in milliseconds.") QUICHE_FLAG(int32_t, quic_bbr2_default_probe_rtt_period_ms, 10000, "The default period for entering PROBE_RTT, in milliseconds.") QUICHE_FLAG(double, quic_bbr2_default_loss_threshold, 0.02, "The default loss threshold for QUIC BBRv2, should be a value " "between 0 and 1.") QUICHE_FLAG(int32_t, quic_bbr2_default_startup_full_loss_count, 8, "The default minimum number of loss marking events to exit STARTUP.") QUICHE_FLAG(int32_t, quic_bbr2_default_probe_bw_full_loss_count, 2, "The default minimum number of loss marking events to exit PROBE_UP phase.") QUICHE_FLAG(double, quic_bbr2_default_inflight_hi_headroom, 0.01, "The default fraction of unutilized headroom to try to leave in path " "upon high loss.") QUICHE_FLAG(int32_t, quic_bbr2_default_initial_ack_height_filter_window, 10, "The default initial value of the max ack height filter's window length.") QUICHE_FLAG(double, quic_ack_aggregation_bandwidth_threshold, 1.0, "If the bandwidth during ack aggregation is smaller than (estimated " "bandwidth * this flag), consider the current aggregation completed " "and starts a new one.") QUICHE_FLAG(int32_t, quic_anti_amplification_factor, 5, "Anti-amplification factor. Before address validation, server will " "send no more than factor times bytes received.") QUICHE_FLAG(int32_t, quic_max_buffered_crypto_bytes, 16 * 1024, "The maximum amount of CRYPTO frame data that can be buffered.") QUICHE_FLAG(int32_t, quic_max_aggressive_retransmittable_on_wire_ping_count, 0, "If set to non-zero, the maximum number of consecutive pings that " "can be sent with aggressive initial retransmittable on wire timeout " "if there is no new data received. After which, the timeout will be " "exponentially back off until exceeds the default ping timeout.") QUICHE_FLAG(int32_t, quic_max_congestion_window, 2000, "The maximum congestion window in packets.") QUICHE_FLAG(int32_t, quic_max_streams_window_divisor, 2, "The divisor that controls how often MAX_STREAMS frame is sent.") QUICHE_FLAG(bool, http2_reloadable_flag_http2_testonly_default_false, false, "A testonly reloadable flag that will always default to false.") QUICHE_FLAG(bool, http2_restart_flag_http2_testonly_default_false, false, "A testonly restart flag that will always default to false.") QUICHE_FLAG(bool, spdy_reloadable_flag_spdy_testonly_default_false, false, "A testonly reloadable flag that will always default to false.") QUICHE_FLAG(bool, spdy_restart_flag_spdy_testonly_default_false, false, "A testonly restart flag that will always default to false.") #endif ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_arraysize_impl.h ================================================ #pragma once #include "absl/base/macros.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define HTTP2_ARRAYSIZE_IMPL(x) ABSL_ARRAYSIZE(x) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_bug_tracker_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_bug_tracker_impl.h" #define HTTP2_BUG_IMPL QUIC_BUG_IMPL #define HTTP2_BUG_IF_IMPL QUIC_BUG_IF_IMPL #define FLAGS_http2_always_log_bugs_for_tests_IMPL true ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_containers_impl.h ================================================ #pragma once #include // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace http2 { template using Http2DequeImpl = std::deque; } // namespace http2 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_estimate_memory_usage_impl.h ================================================ #pragma once #include // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace http2 { template size_t Http2EstimateMemoryUsageImpl(const T& /*object*/) { return 0; } } // namespace http2 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_flag_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define HTTP2_RELOADABLE_FLAG_COUNT_IMPL(flag) \ do { \ } while (0) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_flags_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/flags_impl.h" #define GetHttp2ReloadableFlagImpl(flag) quiche::FLAGS_http2_reloadable_flag_##flag->value() #define SetHttp2ReloadableFlagImpl(flag, value) \ quiche::FLAGS_http2_reloadable_flag_##flag->SetValue(value) #define HTTP2_CODE_COUNT_N_IMPL(flag, instance, total) \ do { \ } while (0) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_logging_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" #define HTTP2_LOG_IMPL(severity) QUICHE_LOG_IMPL(severity) #define HTTP2_VLOG_IMPL(verbose_level) QUICHE_VLOG_IMPL(verbose_level) #define HTTP2_DLOG_IMPL(severity) QUICHE_DLOG_IMPL(severity) #define HTTP2_DLOG_IF_IMPL(severity, condition) QUICHE_DLOG_IF_IMPL(severity, condition) #define HTTP2_DVLOG_IMPL(verbose_level) QUICHE_DVLOG_IMPL(verbose_level) #define HTTP2_DVLOG_IF_IMPL(verbose_level, condition) QUICHE_DVLOG_IF_IMPL(verbose_level, condition) #define HTTP2_DLOG_EVERY_N_IMPL(severity, n) QUICHE_DLOG_EVERY_N_IMPL(severity, n) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_macros_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" #include "absl/base/macros.h" #define HTTP2_FALLTHROUGH_IMPL ABSL_FALLTHROUGH_INTENDED #define HTTP2_DIE_IF_NULL_IMPL(ptr) dieIfNull(ptr) #define HTTP2_UNREACHABLE_IMPL() DCHECK(false) namespace http2 { template inline T dieIfNull(T&& ptr) { CHECK((ptr) != nullptr); return std::forward(ptr); } } // namespace http2 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_string_piece_impl.h ================================================ #pragma once #include "absl/strings/string_view.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace http2 { using Http2StringPieceImpl = absl::string_view; } // namespace http2 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/http2_string_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/string_utils.h" #include "absl/strings/escaping.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_format.h" #include "fmt/printf.h" namespace http2 { template inline std::string Http2StrCatImpl(const Args&... args) { return absl::StrCat(std::forward(args)...); } template inline void Http2StrAppendImpl(std::string* output, const Args&... args) { absl::StrAppend(output, std::forward(args)...); } template inline std::string Http2StringPrintfImpl(const Args&... args) { return fmt::sprintf(std::forward(args)...); } inline std::string Http2HexEncodeImpl(const void* bytes, size_t size) { return absl::BytesToHexString(absl::string_view(static_cast(bytes), size)); } inline std::string Http2HexDecodeImpl(absl::string_view data) { return absl::HexStringToBytes(data); } inline std::string Http2HexDumpImpl(absl::string_view data) { return quiche::HexDump(data); } inline std::string Http2HexEscapeImpl(absl::string_view data) { return absl::CHexEscape(data); } template inline std::string Http2HexImpl(Number number) { return absl::StrCat(absl::Hex(number)); } } // namespace http2 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_aligned_impl.h ================================================ #pragma once #include "absl/base/optimization.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUIC_ALIGN_OF_IMPL alignof #ifdef _MSC_VER #define QUIC_ALIGNED_IMPL(X) __declspec(align(X)) #else #define QUIC_ALIGNED_IMPL(X) __attribute__((aligned(X))) #endif #define QUIC_CACHELINE_ALIGNED_IMPL ABSL_CACHELINE_ALIGNED #define QUIC_CACHELINE_SIZE_IMPL ABSL_CACHELINE_SIZE ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_bug_tracker_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" // TODO(wub): Implement exponential back off to avoid performance problems due // to excessive QUIC_BUG. #define QUIC_BUG_IMPL QUICHE_LOG_IMPL(DFATAL) #define QUIC_BUG_IF_IMPL(condition) QUICHE_LOG_IF_IMPL(DFATAL, condition) #define QUIC_PEER_BUG_IMPL QUICHE_LOG_IMPL(ERROR) #define QUIC_PEER_BUG_IF_IMPL(condition) QUICHE_LOG_IF_IMPL(ERROR, condition) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_cert_utils_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_cert_utils_impl.h" #include "openssl/bytestring.h" namespace quic { // static bool QuicCertUtilsImpl::ExtractSubjectNameFromDERCert(quiche::QuicheStringPiece cert, quiche::QuicheStringPiece* subject_out) { CBS tbs_certificate; if (!SeekToSubject(cert, &tbs_certificate)) { return false; } CBS subject; if (!CBS_get_asn1_element(&tbs_certificate, &subject, CBS_ASN1_SEQUENCE)) { return false; } *subject_out = absl::string_view(reinterpret_cast(CBS_data(&subject)), CBS_len(&subject)); return true; } // static bool QuicCertUtilsImpl::SeekToSubject(quiche::QuicheStringPiece cert, CBS* tbs_certificate) { CBS der; CBS_init(&der, reinterpret_cast(cert.data()), cert.size()); CBS certificate; // From RFC 5280, section 4.1 // Certificate ::= SEQUENCE { // tbsCertificate TBSCertificate, // signatureAlgorithm AlgorithmIdentifier, // signatureValue BIT STRING } // TBSCertificate ::= SEQUENCE { // version [0] EXPLICIT Version DEFAULT v1, // serialNumber CertificateSerialNumber, // signature AlgorithmIdentifier, // issuer Name, // validity Validity, // subject Name, // subjectPublicKeyInfo SubjectPublicKeyInfo, if (!CBS_get_asn1(&der, &certificate, CBS_ASN1_SEQUENCE) || CBS_len(&der) != 0 || // We don't allow junk after the certificate. !CBS_get_asn1(&certificate, tbs_certificate, CBS_ASN1_SEQUENCE) || // version. !CBS_get_optional_asn1(tbs_certificate, nullptr, nullptr, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) || // Serial number. !CBS_get_asn1(tbs_certificate, nullptr, CBS_ASN1_INTEGER) || // Signature. !CBS_get_asn1(tbs_certificate, nullptr, CBS_ASN1_SEQUENCE) || // Issuer. !CBS_get_asn1(tbs_certificate, nullptr, CBS_ASN1_SEQUENCE) || // Validity. !CBS_get_asn1(tbs_certificate, nullptr, CBS_ASN1_SEQUENCE)) { return false; } return true; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_cert_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "openssl/base.h" #include "quiche/common/platform/api/quiche_string_piece.h" namespace quic { class QuicCertUtilsImpl { public: static bool ExtractSubjectNameFromDERCert(quiche::QuicheStringPiece cert, quiche::QuicheStringPiece* subject_out); private: static bool SeekToSubject(quiche::QuicheStringPiece cert, CBS* tbs_certificate); }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_client_stats_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include // NOTE(wub): These macros are currently NOOP because they are supposed to be // used by client-side stats. They should be implemented when QUIC client code // is used by Envoy to connect to backends. #define QUIC_CLIENT_HISTOGRAM_ENUM_IMPL(name, sample, enum_size, docstring) \ do { \ (void)(sample); \ } while (0) #define QUIC_CLIENT_HISTOGRAM_BOOL_IMPL(name, sample, docstring) \ (void)(sample); \ do { \ } while (0) #define QUIC_CLIENT_HISTOGRAM_TIMES_IMPL(name, sample, min, max, num_buckets, docstring) \ do { \ (void)(sample); \ } while (0) #define QUIC_CLIENT_HISTOGRAM_COUNTS_IMPL(name, sample, min, max, num_buckets, docstring) \ do { \ (void)(sample); \ } while (0) namespace quic { inline void QuicClientSparseHistogramImpl(const std::string& /*name*/, int /*sample*/) {} } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_containers_impl.h ================================================ #pragma once #include #include #include #include #include #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" #include "absl/container/inlined_vector.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" #include "quiche/common/simple_linked_hash_map.h" #include "quiche/quic/platform/api/quic_flags.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quic { template using QuicDefaultHasherImpl = absl::Hash; template using QuicUnorderedMapImpl = absl::node_hash_map; template using QuicHashMapImpl = absl::flat_hash_map; template using QuicHashSetImpl = absl::flat_hash_set; template using QuicUnorderedSetImpl = absl::node_hash_set; template using QuicLinkedHashMapImpl = quiche::SimpleLinkedHashMap; template using QuicSmallMapImpl = absl::flat_hash_map; template using QuicQueueImpl = std::queue; template using QuicDequeImpl = std::deque; template > using QuicInlinedVectorImpl = absl::InlinedVector; template inline std::ostream& operator<<(std::ostream& os, const QuicInlinedVectorImpl inlined_vector) { std::stringstream debug_string; debug_string << "{"; typename QuicInlinedVectorImpl::const_iterator it = inlined_vector.cbegin(); debug_string << *it; ++it; while (it != inlined_vector.cend()) { debug_string << ", " << *it; ++it; } debug_string << "}"; return os << debug_string.str(); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_error_code_wrappers_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "envoy/api/io_error.h" #define QUIC_EMSGSIZE_IMPL static_cast(Envoy::Api::IoError::IoErrorCode::MessageTooBig) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_estimate_memory_usage_impl.h ================================================ #pragma once #include // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quic { // Dummy implementation. template size_t QuicEstimateMemoryUsageImpl(const T& /*object*/) { return 0; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_export_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUIC_EXPORT #define QUIC_EXPORT_PRIVATE #define QUIC_NO_EXPORT ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_fallthrough_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/base/macros.h" #define QUIC_FALLTHROUGH_INTENDED_IMPL ABSL_FALLTHROUGH_INTENDED ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_file_utils_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_file_utils_impl.h" #include "common/filesystem/directory.h" #include "common/filesystem/filesystem_impl.h" #include "absl/strings/str_cat.h" namespace quic { namespace { void depthFirstTraverseDirectory(const std::string& dirname, std::vector& files) { Envoy::Filesystem::Directory directory(dirname); for (const Envoy::Filesystem::DirectoryEntry& entry : directory) { switch (entry.type_) { case Envoy::Filesystem::FileType::Regular: files.push_back(absl::StrCat(dirname, "/", entry.name_)); break; case Envoy::Filesystem::FileType::Directory: if (entry.name_ != "." && entry.name_ != "..") { depthFirstTraverseDirectory(absl::StrCat(dirname, "/", entry.name_), files); } break; default: ASSERT(false, absl::StrCat("Unknow file entry type ", entry.type_, " under directory ", dirname)); } } } } // namespace // Traverses the directory |dirname| and returns all of the files it contains. std::vector ReadFileContentsImpl(const std::string& dirname) { std::vector files; depthFirstTraverseDirectory(dirname, files); return files; } // Reads the contents of |filename| as a string into |contents|. void ReadFileContentsImpl(quiche::QuicheStringPiece filename, std::string* contents) { #ifdef WIN32 Envoy::Filesystem::InstanceImplWin32 fs; #else Envoy::Filesystem::InstanceImplPosix fs; #endif *contents = fs.fileReadToEnd(std::string(filename.data(), filename.size())); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_file_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "quiche/common/platform/api/quiche_string_piece.h" namespace quic { /** * Traverses the directory |dirname| and returns all of the files it contains. * @param dirname full path without trailing '/'. */ std::vector ReadFileContentsImpl(const std::string& dirname); /** * Reads the contents of |filename| as a string into |contents|. * @param filename the full path to the file. * @param contents output location of the file content. */ void ReadFileContentsImpl(quiche::QuicheStringPiece filename, std::string* contents); } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_flag_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUIC_RELOADABLE_FLAG_COUNT_IMPL(flag) \ do { \ } while (0) #define QUIC_RELOADABLE_FLAG_COUNT_N_IMPL(flag, instance, total) \ do { \ } while (0) #define QUIC_RESTART_FLAG_COUNT_IMPL(flag) \ do { \ } while (0) #define QUIC_RESTART_FLAG_COUNT_N_IMPL(flag, instance, total) \ do { \ } while (0) #define QUIC_CODE_COUNT_IMPL(name) \ do { \ } while (0) #define QUIC_CODE_COUNT_N_IMPL(name, instance, total) \ do { \ } while (0) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_flags_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include "extensions/quic_listeners/quiche/platform/flags_impl.h" // |flag| is the global flag variable, which is a pointer to TypedFlag. #define GetQuicFlagImpl(flag) (quiche::flag)->value() // |flag| is the global flag variable, which is a pointer to TypedFlag. #define SetQuicFlagImpl(flag, value) (quiche::flag)->SetValue(value) #define GetQuicReloadableFlagImpl(flag) quiche::FLAGS_quic_reloadable_flag_##flag->value() #define SetQuicReloadableFlagImpl(flag, value) \ quiche::FLAGS_quic_reloadable_flag_##flag->SetValue(value) #define GetQuicRestartFlagImpl(flag) quiche::FLAGS_quic_restart_flag_##flag->value() #define SetQuicRestartFlagImpl(flag, value) quiche::FLAGS_quic_restart_flag_##flag->SetValue(value) // Not wired into command-line parsing. #define DEFINE_QUIC_COMMAND_LINE_FLAG_IMPL(type, flag, value, help) \ quiche::TypedFlag* FLAGS_##flag = new TypedFlag(#flag, value, help); namespace quic { // TODO(mpwarres): implement. Lower priority since only used by QUIC command-line tools. inline std::vector QuicParseCommandLineFlagsImpl(const char* /*usage*/, int /*argc*/, const char* const* /*argv*/) { return std::vector(); } // TODO(mpwarres): implement. Lower priority since only used by QUIC command-line tools. inline void QuicPrintCommandLineFlagHelpImpl(const char* /*usage*/) {} } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_hostname_utils_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_hostname_utils_impl.h" #include #include "common/http/utility.h" #include "absl/strings/ascii.h" #include "absl/strings/str_cat.h" // TODO(wub): Implement both functions on top of GoogleUrl, then enable // quiche/quic/platform/api/quic_hostname_utils_test.cc. namespace quic { // static bool QuicHostnameUtilsImpl::IsValidSNI(quiche::QuicheStringPiece sni) { // TODO(wub): Implement it on top of GoogleUrl, once it is available. return sni.find_last_of('.') != std::string::npos && Envoy::Http::Utility::Url().initialize(absl::StrCat("http://", sni), false); } // static std::string QuicHostnameUtilsImpl::NormalizeHostname(quiche::QuicheStringPiece hostname) { // TODO(wub): Implement it on top of GoogleUrl, once it is available. std::string host = absl::AsciiStrToLower(hostname); // Walk backwards over the string, stopping at the first trailing dot. size_t host_end = host.length(); while (host_end != 0 && host[host_end - 1] == '.') { host_end--; } // Erase the trailing dots. if (host_end != host.length()) { host.erase(host_end, host.length() - host_end); } return host; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_hostname_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "quiche/common/platform/api/quiche_string_piece.h" #include "quiche/quic/platform/api/quic_export.h" namespace quic { class QUIC_EXPORT_PRIVATE QuicHostnameUtilsImpl { public: // Returns true if the sni is valid, false otherwise. // (1) disallow IP addresses; // (2) check that the hostname contains valid characters only; and // (3) contains at least one dot. // NOTE(wub): Only (3) is implemented for now. static bool IsValidSNI(quiche::QuicheStringPiece sni); // Normalize a hostname: // (1) Canonicalize it, similar to what Chromium does in // https://cs.chromium.org/chromium/src/net/base/url_util.h?q=net::CanonicalizeHost // (2) Convert it to lower case. // (3) Remove the trailing '.'. // WARNING: May mutate |hostname| in place. // NOTE(wub): Only (2) and (3) are implemented for now. static std::string NormalizeHostname(quiche::QuicheStringPiece hostname); private: QuicHostnameUtilsImpl() = delete; }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_iovec_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "envoy/common/platform.h" ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_logging_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" #include #include "common/common/utility.h" namespace quic { namespace { std::atomic g_verbosity_threshold; std::atomic g_dfatal_exit_disabled; // Pointer to the global log sink, usually it is nullptr. // If not nullptr, as in some tests, the sink will receive a copy of the log message right after the // message is emitted from the QUIC_LOG... macros. std::atomic g_quic_log_sink; absl::Mutex g_quic_log_sink_mutex; } // namespace QuicLogEmitter::QuicLogEmitter(QuicLogLevel level) : level_(level), saved_errno_(errno) {} QuicLogEmitter::~QuicLogEmitter() { if (is_perror_) { // TODO(wub): Change to a thread-safe version of errorDetails. stream_ << ": " << Envoy::errorDetails(saved_errno_) << " [" << saved_errno_ << "]"; } std::string content = stream_.str(); if (!content.empty() && content.back() == '\n') { // strip the last trailing '\n' because spd log will add a trailing '\n' to // the output. content.back() = '\0'; } GetLogger().log(level_, "{}", content.c_str()); // Normally there is no log sink and we can avoid acquiring the lock. if (g_quic_log_sink.load(std::memory_order_relaxed) != nullptr) { absl::MutexLock lock(&g_quic_log_sink_mutex); QuicLogSink* sink = g_quic_log_sink.load(std::memory_order_relaxed); if (sink != nullptr) { sink->Log(level_, content); } } if (level_ == FATAL) { GetLogger().flush(); #ifdef NDEBUG // Release mode. abort(); #else // Debug mode. if (!g_dfatal_exit_disabled) { abort(); } #endif } } int GetVerbosityLogThreshold() { return g_verbosity_threshold.load(std::memory_order_relaxed); } void SetVerbosityLogThreshold(int new_verbosity) { g_verbosity_threshold.store(new_verbosity, std::memory_order_relaxed); } bool IsDFatalExitDisabled() { return g_dfatal_exit_disabled.load(std::memory_order_relaxed); } void SetDFatalExitDisabled(bool is_disabled) { g_dfatal_exit_disabled.store(is_disabled, std::memory_order_relaxed); } QuicLogSink* SetLogSink(QuicLogSink* new_sink) { absl::MutexLock lock(&g_quic_log_sink_mutex); QuicLogSink* old_sink = g_quic_log_sink.load(std::memory_order_relaxed); g_quic_log_sink.store(new_sink, std::memory_order_relaxed); return old_sink; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_logging_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include #include #include #include "common/common/assert.h" #include "common/common/logger.h" #include "common/common/stl_helpers.h" #include "absl/base/optimization.h" #include "absl/synchronization/mutex.h" // This implementation is only used by Quiche code, use macros provided by // assert.h and logger.h in Envoy code instead. See QUIC platform API // dependency model described in // https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/platform/api/README.md // // The implementation is backed by Envoy::Logger. // If |condition| is true, use |logstream| to stream the log message and send it to spdlog. // If |condition| is false, |logstream| will not be instantiated. // The switch(0) is used to suppress a compiler warning on ambiguous "else". #define QUICHE_LOG_IMPL_INTERNAL(condition, logstream) \ switch (0) \ default: \ if (!(condition)) { \ } else \ logstream #define QUICHE_LOG_IF_IMPL(severity, condition) \ QUICHE_LOG_IMPL_INTERNAL((condition) && quic::IsLogLevelEnabled(quic::severity), \ quic::QuicLogEmitter(quic::severity).stream()) #define QUICHE_LOG_IMPL(severity) QUICHE_LOG_IF_IMPL(severity, true) #define QUICHE_VLOG_IF_IMPL(verbosity, condition) \ QUICHE_LOG_IMPL_INTERNAL((condition) && quic::IsVerboseLogEnabled(verbosity), \ quic::QuicLogEmitter(quic::INFO).stream()) #define QUICHE_VLOG_IMPL(verbosity) QUICHE_VLOG_IF_IMPL(verbosity, true) // TODO(wub): Implement QUICHE_LOG_FIRST_N_IMPL. #define QUICHE_LOG_FIRST_N_IMPL(severity, n) QUICHE_LOG_IMPL(severity) // TODO(wub): Implement QUICHE_LOG_EVERY_N_IMPL. #define QUICHE_LOG_EVERY_N_IMPL(severity, n) QUICHE_LOG_IMPL(severity) // TODO(wub): Implement QUICHE_LOG_EVERY_N_SEC_IMPL. #define QUICHE_LOG_EVERY_N_SEC_IMPL(severity, seconds) QUICHE_LOG_IMPL(severity) #define QUICHE_PLOG_IMPL(severity) \ QUICHE_LOG_IMPL_INTERNAL(quic::IsLogLevelEnabled(quic::severity), \ quic::QuicLogEmitter(quic::severity).SetPerror().stream()) #define QUICHE_LOG_INFO_IS_ON_IMPL() quic::IsLogLevelEnabled(quic::INFO) #define QUICHE_LOG_WARNING_IS_ON_IMPL() quic::IsLogLevelEnabled(quic::WARNING) #define QUICHE_LOG_ERROR_IS_ON_IMPL() quic::IsLogLevelEnabled(quic::ERROR) #define CHECK(condition) \ QUICHE_LOG_IF_IMPL(FATAL, ABSL_PREDICT_FALSE(!(condition))) << "CHECK failed: " #condition "." #define CHECK_GT(a, b) CHECK((a) > (b)) #define CHECK_GE(a, b) CHECK((a) >= (b)) #define CHECK_LT(a, b) CHECK((a) < (b)) #define CHECK_LE(a, b) CHECK((a) <= (b)) #define CHECK_NE(a, b) CHECK((a) != (b)) #define CHECK_EQ(a, b) CHECK((a) == (b)) #ifdef NDEBUG // Release build #define DCHECK(condition) QUICHE_COMPILED_OUT_LOG(condition) #define QUICHE_COMPILED_OUT_LOG(condition) \ QUICHE_LOG_IMPL_INTERNAL(false && (condition), quic::NullLogStream().stream()) #define QUICHE_DVLOG_IMPL(verbosity) QUICHE_COMPILED_OUT_LOG(false) #define QUICHE_DVLOG_IF_IMPL(verbosity, condition) QUICHE_COMPILED_OUT_LOG(condition) #define QUICHE_DLOG_IMPL(severity) QUICHE_COMPILED_OUT_LOG(false) #define QUICHE_DLOG_IF_IMPL(severity, condition) QUICHE_COMPILED_OUT_LOG(condition) #define QUICHE_DLOG_INFO_IS_ON_IMPL() 0 #define QUICHE_DLOG_EVERY_N_IMPL(severity, n) QUICHE_COMPILED_OUT_LOG(false) #define QUICHE_NOTREACHED_IMPL() #else // Debug build #define DCHECK(condition) CHECK(condition) #define QUICHE_DVLOG_IMPL(verbosity) QUICHE_VLOG_IMPL(verbosity) #define QUICHE_DVLOG_IF_IMPL(verbosity, condition) QUICHE_VLOG_IF_IMPL(verbosity, condition) #define QUICHE_DLOG_IMPL(severity) QUICHE_LOG_IMPL(severity) #define QUICHE_DLOG_IF_IMPL(severity, condition) QUICHE_LOG_IF_IMPL(severity, condition) #define QUICHE_DLOG_INFO_IS_ON_IMPL() QUICHE_LOG_INFO_IS_ON_IMPL() #define QUICHE_DLOG_EVERY_N_IMPL(severity, n) QUICHE_LOG_EVERY_N_IMPL(severity, n) #define QUICHE_NOTREACHED_IMPL() NOT_REACHED_GCOVR_EXCL_LINE #endif #define DCHECK_GE(a, b) DCHECK((a) >= (b)) #define DCHECK_GT(a, b) DCHECK((a) > (b)) #define DCHECK_LT(a, b) DCHECK((a) < (b)) #define DCHECK_LE(a, b) DCHECK((a) <= (b)) #define DCHECK_NE(a, b) DCHECK((a) != (b)) #define DCHECK_EQ(a, b) DCHECK((a) == (b)) #define QUICHE_PREDICT_FALSE_IMPL(x) ABSL_PREDICT_FALSE(x) namespace quic { using QuicLogLevel = spdlog::level::level_enum; static const QuicLogLevel INFO = spdlog::level::info; static const QuicLogLevel WARNING = spdlog::level::warn; static const QuicLogLevel ERROR = spdlog::level::err; static const QuicLogLevel FATAL = spdlog::level::critical; // DFATAL is FATAL in debug mode, ERROR in release mode. #ifdef NDEBUG static const QuicLogLevel DFATAL = ERROR; #else static const QuicLogLevel DFATAL = FATAL; #endif class QuicLogEmitter { public: explicit QuicLogEmitter(QuicLogLevel level); ~QuicLogEmitter(); QuicLogEmitter& SetPerror() { is_perror_ = true; return *this; } std::ostringstream& stream() { return stream_; } private: const QuicLogLevel level_; const int saved_errno_; bool is_perror_ = false; std::ostringstream stream_; }; class NullLogStream : public std::ostream { public: NullLogStream() : std::ostream(nullptr) {} NullLogStream& stream() { return *this; } }; template inline NullLogStream& operator<<(NullLogStream& s, const T&) { return s; } inline spdlog::logger& GetLogger() { return Envoy::Logger::Registry::getLog(Envoy::Logger::Id::quic); } inline bool IsLogLevelEnabled(QuicLogLevel level) { return level >= GetLogger().level(); } int GetVerbosityLogThreshold(); void SetVerbosityLogThreshold(int new_verbosity); inline bool IsVerboseLogEnabled(int verbosity) { return IsLogLevelEnabled(INFO) && verbosity <= GetVerbosityLogThreshold(); } bool IsDFatalExitDisabled(); void SetDFatalExitDisabled(bool is_disabled); // QuicLogSink is used to capture logs emitted from the QUICHE_LOG... macros. class QuicLogSink { public: virtual ~QuicLogSink() = default; // Called when |message| is emitted at |level|. virtual void Log(QuicLogLevel level, const std::string& message) = 0; }; // Only one QuicLogSink can capture log at a time. SetLogSink causes future logs // to be captured by the |new_sink|. // Return the previous sink. QuicLogSink* SetLogSink(QuicLogSink* new_sink); } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_macros_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/base/attributes.h" #define QUIC_MUST_USE_RESULT_IMPL ABSL_MUST_USE_RESULT #define QUIC_UNUSED_IMPL ABSL_ATTRIBUTE_UNUSED #define QUIC_CONST_INIT_IMPL ABSL_CONST_INIT ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_map_util_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include namespace quic { template bool QuicContainsKeyImpl(const Collection& collection, const Key& key) { return collection.find(key) != collection.end(); } template bool QuicContainsValueImpl(const Collection& collection, const Value& value) { return std::find(collection.begin(), collection.end(), value) != collection.end(); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_impl.cc ================================================ // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_mem_slice_impl.h" #include "envoy/buffer/buffer.h" #include "common/common/assert.h" namespace quic { QuicMemSliceImpl::QuicMemSliceImpl(QuicUniqueBufferPtr buffer, size_t length) : fragment_(std::make_unique( buffer.release(), length, [](const void* p, size_t, const Envoy::Buffer::BufferFragmentImpl*) { delete[] static_cast(p); })) { single_slice_buffer_.addBufferFragment(*fragment_); ASSERT(this->length() == length); } QuicMemSliceImpl::QuicMemSliceImpl(Envoy::Buffer::Instance& buffer, size_t length) { ASSERT(firstSliceLength(buffer) == length); single_slice_buffer_.move(buffer, length); ASSERT(single_slice_buffer_.getRawSlices().size() == 1); } const char* QuicMemSliceImpl::data() const { Envoy::Buffer::RawSliceVector slices = single_slice_buffer_.getRawSlices(/*max_slices=*/1); ASSERT(slices.size() <= 1); return !slices.empty() ? static_cast(slices[0].mem_) : nullptr; } size_t QuicMemSliceImpl::firstSliceLength(Envoy::Buffer::Instance& buffer) { Envoy::Buffer::RawSliceVector slices = buffer.getRawSlices(/*max_slices=*/1); ASSERT(slices.size() == 1); return slices[0].len_; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include #include "common/buffer/buffer_impl.h" #include "quiche/quic/core/quic_buffer_allocator.h" namespace quic { // Implements the interface required by // https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/platform/api/quic_mem_slice.h class QuicMemSliceImpl { public: // Constructs an empty QuicMemSliceImpl. QuicMemSliceImpl() = default; // Constructs a QuicMemSliceImpl by taking ownership of the memory in |buffer|. QuicMemSliceImpl(QuicUniqueBufferPtr buffer, size_t length); // Constructs a QuicMemSliceImpl from a Buffer::Instance with first |length| bytes in it. // Data will be moved from |buffer| to this mem slice. // Prerequisite: |buffer| has at least |length| bytes of data and not empty. explicit QuicMemSliceImpl(Envoy::Buffer::Instance& buffer, size_t length); QuicMemSliceImpl(const QuicMemSliceImpl& other) = delete; // Move constructors. |other| will not hold a reference to the data buffer // after this call completes. QuicMemSliceImpl(QuicMemSliceImpl&& other) noexcept { *this = std::move(other); } QuicMemSliceImpl& operator=(const QuicMemSliceImpl& other) = delete; QuicMemSliceImpl& operator=(QuicMemSliceImpl&& other) noexcept { if (this != &other) { fragment_ = std::move(other.fragment_); single_slice_buffer_.move(other.single_slice_buffer_); } return *this; } // Below methods implements interface needed by QuicMemSlice. void Reset() { single_slice_buffer_.drain(length()); } // Returns a char pointer to the one and only slice in buffer. const char* data() const; size_t length() const { return single_slice_buffer_.length(); } bool empty() const { return length() == 0; } Envoy::Buffer::OwnedImpl& single_slice_buffer() { return single_slice_buffer_; } private: // Prerequisite: buffer has at least one slice. size_t firstSliceLength(Envoy::Buffer::Instance& buffer); std::unique_ptr fragment_; Envoy::Buffer::OwnedImpl single_slice_buffer_; }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_span_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_mem_slice_span_impl.h" #include "quiche/quic/platform/api/quic_mem_slice.h" namespace quic { quiche::QuicheStringPiece QuicMemSliceSpanImpl::GetData(size_t index) { Envoy::Buffer::RawSliceVector slices = buffer_->getRawSlices(/*max_slices=*/index + 1); ASSERT(slices.size() > index); return {reinterpret_cast(slices[index].mem_), slices[index].len_}; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_span_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "envoy/buffer/buffer.h" #include "absl/container/fixed_array.h" #include "quiche/common/platform/api/quiche_string_piece.h" #include "quiche/quic/core/quic_types.h" #include "quiche/quic/platform/api/quic_mem_slice.h" namespace quic { // Implements the interface required by // https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/platform/api/quic_mem_slice_span.h // Wraps a Buffer::Instance and deliver its data with minimum number of copies. class QuicMemSliceSpanImpl { public: QuicMemSliceSpanImpl() = default; /** * @param buffer has to outlive the life time of this class. */ explicit QuicMemSliceSpanImpl(Envoy::Buffer::Instance& buffer) : buffer_(&buffer) {} explicit QuicMemSliceSpanImpl(QuicMemSliceImpl* slice) : buffer_(&slice->single_slice_buffer()) {} QuicMemSliceSpanImpl(const QuicMemSliceSpanImpl& other) = default; QuicMemSliceSpanImpl& operator=(const QuicMemSliceSpanImpl& other) = default; QuicMemSliceSpanImpl(QuicMemSliceSpanImpl&& other) noexcept : buffer_(other.buffer_) { other.buffer_ = nullptr; } QuicMemSliceSpanImpl& operator=(QuicMemSliceSpanImpl&& other) noexcept { if (this != &other) { buffer_ = other.buffer_; other.buffer_ = nullptr; } return *this; } // QuicMemSliceSpan quiche::QuicheStringPiece GetData(size_t index); QuicByteCount total_length() { return buffer_->length(); }; size_t NumSlices() { return buffer_->getRawSlices().size(); } template QuicByteCount ConsumeAll(ConsumeFunction consume); bool empty() const { return buffer_->length() == 0; } private: Envoy::Buffer::Instance* buffer_{nullptr}; }; template QuicByteCount QuicMemSliceSpanImpl::ConsumeAll(ConsumeFunction consume) { size_t saved_length = 0; for (auto& slice : buffer_->getRawSlices()) { if (slice.len_ == 0) { continue; } // Move each slice into a stand-alone buffer. // TODO(danzh): investigate the cost of allocating one buffer per slice. // If it turns out to be expensive, add a new function to free data in the middle in buffer // interface and re-design QuicMemSliceImpl. consume(QuicMemSlice(QuicMemSliceImpl(*buffer_, slice.len_))); saved_length += slice.len_; } ASSERT(buffer_->length() == 0); return saved_length; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_storage_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_mem_slice_storage_impl.h" #include #include "envoy/buffer/buffer.h" #include "quiche/quic/core/quic_utils.h" namespace quic { // TODO(danzh)Note that |allocator| is not used to allocate memory currently, instead, // Buffer::OwnedImpl allocates memory on its own. Investigate if a customized // QuicBufferAllocator can improve cache hit. QuicMemSliceStorageImpl::QuicMemSliceStorageImpl(const iovec* iov, int iov_count, QuicBufferAllocator* /*allocator*/, const QuicByteCount max_slice_len) { if (iov == nullptr) { return; } QuicByteCount write_len = 0; for (int i = 0; i < iov_count; ++i) { write_len += iov[i].iov_len; } size_t io_offset = 0; while (io_offset < write_len) { size_t slice_len = std::min(write_len - io_offset, max_slice_len); Envoy::Buffer::RawSlice slice; // Populate a temporary buffer instance and then move it to |buffer_|. This is necessary because // consecutive reserve/commit can return addresses in same slice which violates the restriction // of |max_slice_len| when ToSpan() is called. Envoy::Buffer::OwnedImpl buffer; uint16_t num_slice = buffer.reserve(slice_len, &slice, 1); ASSERT(num_slice == 1); QuicUtils::CopyToBuffer(iov, iov_count, io_offset, slice_len, static_cast(slice.mem_)); io_offset += slice_len; // OwnedImpl may return a slice longer than needed, trim it to requested length. slice.len_ = slice_len; buffer.commit(&slice, num_slice); buffer_.move(buffer); } } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mem_slice_storage_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "common/buffer/buffer_impl.h" #include "quiche/quic/core/quic_buffer_allocator.h" #include "quiche/quic/platform/api/quic_iovec.h" #include "quiche/quic/platform/api/quic_mem_slice_span.h" namespace quic { // QuicMemSliceStorageImpl wraps a MemSlice vector. class QuicMemSliceStorageImpl { public: QuicMemSliceStorageImpl(const iovec* iov, int iov_count, QuicBufferAllocator* allocator, const QuicByteCount max_slice_len); QuicMemSliceStorageImpl(const QuicMemSliceStorageImpl& other) { buffer_.add(other.buffer_); } QuicMemSliceStorageImpl& operator=(const QuicMemSliceStorageImpl& other) { if (this != &other) { if (buffer_.length() > 0) { buffer_.drain(buffer_.length()); } buffer_.add(other.buffer_); } return *this; } QuicMemSliceStorageImpl(QuicMemSliceStorageImpl&& other) = default; QuicMemSliceStorageImpl& operator=(QuicMemSliceStorageImpl&& other) = default; QuicMemSliceSpan ToSpan() { return QuicMemSliceSpan(QuicMemSliceSpanImpl(buffer_)); } void Append(QuicMemSliceImpl mem_slice) { buffer_.move(mem_slice.single_slice_buffer()); } private: Envoy::Buffer::OwnedImpl buffer_; }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_mutex_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/synchronization/mutex.h" #include "absl/synchronization/notification.h" #include "quiche/quic/platform/api/quic_export.h" namespace quic { #define QUIC_EXCLUSIVE_LOCKS_REQUIRED_IMPL ABSL_EXCLUSIVE_LOCKS_REQUIRED #define QUIC_GUARDED_BY_IMPL ABSL_GUARDED_BY #define QUIC_LOCKABLE_IMPL ABSL_LOCKABLE #define QUIC_LOCKS_EXCLUDED_IMPL ABSL_LOCKS_EXCLUDED #define QUIC_SHARED_LOCKS_REQUIRED_IMPL ABSL_SHARED_LOCKS_REQUIRED #define QUIC_EXCLUSIVE_LOCK_FUNCTION_IMPL ABSL_EXCLUSIVE_LOCK_FUNCTION #define QUIC_UNLOCK_FUNCTION_IMPL ABSL_UNLOCK_FUNCTION #define QUIC_SHARED_LOCK_FUNCTION_IMPL ABSL_SHARED_LOCK_FUNCTION #define QUIC_SCOPED_LOCKABLE_IMPL ABSL_SCOPED_LOCKABLE #define QUIC_ASSERT_SHARED_LOCK_IMPL ABSL_ASSERT_SHARED_LOCK // A class wrapping a non-reentrant mutex. class QUIC_LOCKABLE_IMPL QUIC_EXPORT_PRIVATE QuicLockImpl { public: QuicLockImpl() = default; QuicLockImpl(const QuicLockImpl&) = delete; QuicLockImpl& operator=(const QuicLockImpl&) = delete; // Block until mu_ is free, then acquire it exclusively. // NOLINTNEXTLINE(readability-identifier-naming) void WriterLock() QUIC_EXCLUSIVE_LOCK_FUNCTION_IMPL() { mu_.WriterLock(); } // Release mu_. Caller must hold it exclusively. // NOLINTNEXTLINE(readability-identifier-naming) void WriterUnlock() QUIC_UNLOCK_FUNCTION_IMPL() { mu_.WriterUnlock(); } // Block until mu_ is free or shared, then acquire a share of it. // NOLINTNEXTLINE(readability-identifier-naming) void ReaderLock() QUIC_SHARED_LOCK_FUNCTION_IMPL() { mu_.ReaderLock(); } // Release mu_. Caller could hold it in shared mode. // NOLINTNEXTLINE(readability-identifier-naming) void ReaderUnlock() QUIC_UNLOCK_FUNCTION_IMPL() { mu_.ReaderUnlock(); } // Returns immediately if current thread holds mu_ in at least shared // mode. Otherwise, reports an error by crashing with a diagnostic. // NOLINTNEXTLINE(readability-identifier-naming) void AssertReaderHeld() const QUIC_ASSERT_SHARED_LOCK_IMPL() { mu_.AssertReaderHeld(); } private: absl::Mutex mu_; }; // A Notification allows threads to receive notification of a single occurrence // of a single event. class QUIC_EXPORT_PRIVATE QuicNotificationImpl { public: QuicNotificationImpl() = default; QuicNotificationImpl(const QuicNotificationImpl&) = delete; QuicNotificationImpl& operator=(const QuicNotificationImpl&) = delete; bool HasBeenNotified() { return notification_.HasBeenNotified(); } void Notify() { notification_.Notify(); } void WaitForNotification() { notification_.WaitForNotification(); } private: absl::Notification notification_; }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_pcc_sender_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "common/common/assert.h" #include "quiche/quic/core/quic_types.h" namespace quic { class QuicClock; struct QuicConnectionStats; class QuicRandom; class QuicUnackedPacketMap; class RttStats; class SendAlgorithmInterface; // Interface for creating a PCC SendAlgorithmInterface. inline SendAlgorithmInterface* CreatePccSenderImpl(const QuicClock* /*clock*/, const RttStats* /*rtt_stats*/, const QuicUnackedPacketMap* /*unacked_packets*/, QuicRandom* /*random*/, QuicConnectionStats* /*stats*/, QuicPacketCount /*initial_congestion_window*/, QuicPacketCount /*max_congestion_window*/) { PANIC("PccSender is not supported."); return nullptr; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_prefetch_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quic { #if defined(__GNUC__) // See __builtin_prefetch in: // https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html. inline void QuicPrefetchT0Impl(const void* addr) { __builtin_prefetch(addr, 0, 3); } #else inline void QuicPrefetchT0Impl(const void*) {} #endif } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_ptr_util_impl.h ================================================ #pragma once #include #include #include "absl/memory/memory.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quic { template std::unique_ptr QuicMakeUniqueImpl(Args&&... args) { return std::make_unique(std::forward(args)...); } template std::unique_ptr QuicWrapUniqueImpl(T* ptr) { return absl::WrapUnique(ptr); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_reference_counted_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "quiche/quic/platform/api/quic_export.h" namespace quic { /** The implementation of reference counted object is merely wrapping * std::shared_ptr. So QuicReferenceCountedImpl class does not do anything * related to reference counting as shared_ptr already takes care of that. But * it customizes destruction to provide a interface for shared_ptr to destroy * the object, because according to the API declared in QuicReferenceCounted, * this class has to hide its destructor. */ class QuicReferenceCountedImpl { public: QuicReferenceCountedImpl() = default; // Expose destructor through this method. static void destroy(QuicReferenceCountedImpl* impl) { delete impl; } protected: // Non-public destructor to match API declared in QuicReferenceCounted. virtual ~QuicReferenceCountedImpl() = default; }; template class QuicReferenceCountedPointerImpl { public: QuicReferenceCountedPointerImpl() : refptr_(nullptr, T::destroy) {} QuicReferenceCountedPointerImpl(T* p) : refptr_(p, T::destroy) {} QuicReferenceCountedPointerImpl(std::nullptr_t) : refptr_(nullptr, T::destroy) {} // Copy constructor. template QuicReferenceCountedPointerImpl(const QuicReferenceCountedPointerImpl& other) : refptr_(other.refptr()) {} QuicReferenceCountedPointerImpl(const QuicReferenceCountedPointerImpl& other) : refptr_(other.refptr()) {} // Move constructor. template QuicReferenceCountedPointerImpl(QuicReferenceCountedPointerImpl&& other) noexcept : refptr_(std::move(other.refptr())) {} QuicReferenceCountedPointerImpl(QuicReferenceCountedPointerImpl&& other) noexcept : refptr_(std::move(other.refptr())) {} ~QuicReferenceCountedPointerImpl() = default; // Copy assignments. QuicReferenceCountedPointerImpl& operator=(const QuicReferenceCountedPointerImpl& other) { refptr_ = other.refptr(); return *this; } template QuicReferenceCountedPointerImpl& operator=(const QuicReferenceCountedPointerImpl& other) { refptr_ = other.refptr(); return *this; } // Move assignments. QuicReferenceCountedPointerImpl& operator=(QuicReferenceCountedPointerImpl&& other) noexcept { refptr_ = std::move(other.refptr()); return *this; } template QuicReferenceCountedPointerImpl& operator=(QuicReferenceCountedPointerImpl&& other) noexcept { refptr_ = std::move(other.refptr()); return *this; } QuicReferenceCountedPointerImpl& operator=(T* p) { refptr_.reset(p, T::destroy); return *this; } // Returns the raw pointer with no change in reference. T* get() const { return refptr_.get(); } // Accessors for the referenced object. // operator* and operator-> will assert() if there is no current object. T& operator*() const { assert(refptr_ != nullptr); return *refptr_; } T* operator->() const { assert(refptr_ != nullptr); return refptr_.get(); } explicit operator bool() const { return static_cast(refptr_); } const std::shared_ptr& refptr() const { return refptr_; } std::shared_ptr& refptr() { return refptr_; } private: std::shared_ptr refptr_; }; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_server_stats_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUIC_SERVER_HISTOGRAM_ENUM_IMPL(name, sample, enum_size, docstring) \ do { \ } while (0) #define QUIC_SERVER_HISTOGRAM_BOOL_IMPL(name, sample, docstring) \ do { \ } while (0) #define QUIC_SERVER_HISTOGRAM_TIMES_IMPL(name, sample, min, max, bucket_count, docstring) \ do { \ } while (0) #define QUIC_SERVER_HISTOGRAM_COUNTS_IMPL(name, sample, min, max, bucket_count, docstring) \ do { \ } while (0) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_stack_trace_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include "server/backtrace.h" namespace quic { inline std::string QuicStackTraceImpl() { Envoy::BackwardsTrace t; t.capture(); std::ostringstream os; t.printTrace(os); return os.str(); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_stream_buffer_allocator_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "quiche/quic/core/quic_simple_buffer_allocator.h" namespace quic { // Implements the interface required by // https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/platform/api/quic_stream_buffer_allocator.h // with the default implementation provided by QUICHE. using QuicStreamBufferAllocatorImpl = SimpleBufferAllocator; } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_string_utils_impl.h ================================================ #pragma once #include "absl/strings/str_cat.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quic { template inline void QuicStrAppendImpl(std::string* output, const Args&... args) { absl::StrAppend(output, args...); } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_udp_socket_platform_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include namespace quic { const size_t kCmsgSpaceForGooglePacketHeaderImpl = 0; // NOLINTNEXTLINE(readability-identifier-naming) inline bool GetGooglePacketHeadersFromControlMessageImpl(struct ::cmsghdr* /*cmsg*/, char** /*packet_headers*/, size_t* /*packet_headers_len*/) { return false; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quic_uint128_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/numeric/int128.h" namespace quic { using QuicUint128Impl = absl::uint128; #define MakeQuicUint128Impl(hi, lo) absl::MakeUint128(hi, lo) #define QuicUint128Low64Impl(x) absl::Uint128Low64(x) #define QuicUint128High64Impl(x) absl::Uint128High64(x) } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_arraysize_impl.h ================================================ #pragma once #include "absl/base/macros.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUICHE_ARRAYSIZE_IMPL(array) ABSL_ARRAYSIZE(array) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_endian_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include "common/common/byte_order.h" namespace quiche { class QuicheEndianImpl { public: static uint16_t HostToNet16(uint16_t x) { return toEndianness(x); } static uint32_t HostToNet32(uint32_t x) { return toEndianness(x); } static uint64_t HostToNet64(uint64_t x) { return toEndianness(x); } static uint16_t NetToHost16(uint16_t x) { return fromEndianness(x); } static uint32_t NetToHost32(uint32_t x) { return fromEndianness(x); } static uint64_t NetToHost64(uint64_t x) { return fromEndianness(x); } static bool HostIsLittleEndian() { return NetToHost16(0x1234) != 0x1234; } }; } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_export_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define QUICHE_EXPORT #define QUICHE_EXPORT_PRIVATE #define QUICHE_NO_EXPORT ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_logging_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_map_util_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quiche { template bool QuicheContainsKeyImpl(const Collection& collection, const Key& key) { return collection.find(key) != collection.end(); } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_optional_impl.h ================================================ #pragma once #include "absl/types/optional.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quiche { template using QuicheOptionalImpl = absl::optional; #define QUICHE_NULLOPT_IMPL absl::nullopt } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_ptr_util_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/memory/memory.h" namespace quiche { template std::unique_ptr QuicheWrapUniqueImpl(T* ptr) { return absl::WrapUnique(ptr); } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_str_cat_impl.h ================================================ #pragma once #include "absl/strings/str_cat.h" #include "fmt/printf.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quiche { template inline std::string QuicheStrCatImpl(const Args&... args) { return absl::StrCat(args...); } template inline std::string QuicheStringPrintfImpl(const Args&... args) { return fmt::sprintf(std::forward(args)...); } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_string_piece_impl.h ================================================ #pragma once #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" #include "absl/hash/hash.h" #include "absl/strings/string_view.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quiche { using QuicheStringPieceImpl = absl::string_view; using QuicheStringPieceHashImpl = absl::Hash; inline size_t QuicheHashStringPairImpl(QuicheStringPieceImpl a, QuicheStringPieceImpl b) { return absl::Hash()(a) ^ absl::Hash()(b); } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_text_utils_impl.h ================================================ #pragma once #include "common/common/base64.h" #include "extensions/quic_listeners/quiche/platform/quiche_optional_impl.h" #include "extensions/quic_listeners/quiche/platform/quiche_string_piece_impl.h" #include "extensions/quic_listeners/quiche/platform/string_utils.h" #include "absl/strings/ascii.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" #include "absl/strings/numbers.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_format.h" #include "absl/strings/str_split.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace quiche { class QuicheTextUtilsImpl { public: // NOLINTNEXTLINE(readability-identifier-naming) static bool StartsWith(QuicheStringPieceImpl data, QuicheStringPieceImpl prefix) { return absl::StartsWith(data, prefix); } // NOLINTNEXTLINE(readability-identifier-naming) static bool EndsWith(QuicheStringPieceImpl data, QuicheStringPieceImpl suffix) { return absl::EndsWith(data, suffix); } // NOLINTNEXTLINE(readability-identifier-naming) static bool EndsWithIgnoreCase(QuicheStringPieceImpl data, QuicheStringPieceImpl suffix) { return absl::EndsWithIgnoreCase(data, suffix); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string ToLower(QuicheStringPieceImpl data) { return absl::AsciiStrToLower(data); } // NOLINTNEXTLINE(readability-identifier-naming) static void RemoveLeadingAndTrailingWhitespace(QuicheStringPieceImpl* data) { *data = absl::StripAsciiWhitespace(*data); } // NOLINTNEXTLINE(readability-identifier-naming) static bool StringToUint64(QuicheStringPieceImpl in, uint64_t* out) { return absl::SimpleAtoi(in, out); } // NOLINTNEXTLINE(readability-identifier-naming) static bool StringToInt(QuicheStringPieceImpl in, int* out) { return absl::SimpleAtoi(in, out); } // NOLINTNEXTLINE(readability-identifier-naming) static bool StringToUint32(QuicheStringPieceImpl in, uint32_t* out) { return absl::SimpleAtoi(in, out); } // NOLINTNEXTLINE(readability-identifier-naming) static bool StringToSizeT(QuicheStringPieceImpl in, size_t* out) { return absl::SimpleAtoi(in, out); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string Uint64ToString(uint64_t in) { return absl::StrCat(in); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string HexEncode(QuicheStringPieceImpl data) { return absl::BytesToHexString(data); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string Hex(uint32_t v) { return absl::StrCat(absl::Hex(v)); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string HexDecode(QuicheStringPieceImpl data) { return absl::HexStringToBytes(data); } // NOLINTNEXTLINE(readability-identifier-naming) static void Base64Encode(const uint8_t* data, size_t data_len, std::string* output) { *output = Envoy::Base64::encode(reinterpret_cast(data), data_len, /*add_padding=*/false); } // NOLINTNEXTLINE(readability-identifier-naming) static QuicheOptionalImpl Base64Decode(QuicheStringPieceImpl input) { return Envoy::Base64::decodeWithoutPadding(input); } // NOLINTNEXTLINE(readability-identifier-naming) static std::string HexDump(QuicheStringPieceImpl binary_data) { return quiche::HexDump(binary_data); } // NOLINTNEXTLINE(readability-identifier-naming) static bool ContainsUpperCase(QuicheStringPieceImpl data) { return std::any_of(data.begin(), data.end(), absl::ascii_isupper); } // NOLINTNEXTLINE(readability-identifier-naming) static bool IsAllDigits(QuicheStringPieceImpl data) { return std::all_of(data.begin(), data.end(), absl::ascii_isdigit); } // NOLINTNEXTLINE(readability-identifier-naming) static std::vector Split(QuicheStringPieceImpl data, char delim) { return absl::StrSplit(data, delim); } }; } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_time_utils_impl.cc ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quiche_time_utils_impl.h" namespace quiche { namespace { QuicheOptional quicheUtcDateTimeToUnixSecondsInner(int year, int month, int day, int hour, int minute, int second) { const absl::CivilSecond civil_time(year, month, day, hour, minute, second); if (second != 60 && (civil_time.year() != year || civil_time.month() != month || civil_time.day() != day || civil_time.hour() != hour || civil_time.minute() != minute || civil_time.second() != second)) { return absl::nullopt; } const absl::Time time = absl::FromCivil(civil_time, absl::UTCTimeZone()); return absl::ToUnixSeconds(time); } } // namespace // NOLINTNEXTLINE(readability-identifier-naming) QuicheOptional QuicheUtcDateTimeToUnixSecondsImpl(int year, int month, int day, int hour, int minute, int second) { // Handle leap seconds without letting any other irregularities happen. if (second == 60) { auto previous_second = quicheUtcDateTimeToUnixSecondsInner(year, month, day, hour, minute, second - 1); if (!previous_second.has_value()) { return absl::nullopt; } return *previous_second + 1; } return quicheUtcDateTimeToUnixSecondsInner(year, month, day, hour, minute, second); } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_time_utils_impl.h ================================================ // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #pragma once #include #include "absl/time/civil_time.h" #include "absl/time/time.h" #include "quiche/common/platform/api/quiche_optional.h" namespace quiche { // NOLINTNEXTLINE(readability-identifier-naming) QuicheOptional QuicheUtcDateTimeToUnixSecondsImpl(int year, int month, int day, int hour, int minute, int second); } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/quiche_unordered_containers_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/container/node_hash_map.h" #include "absl/hash/hash.h" namespace quiche { // The default hasher used by hash tables. template using QuicheDefaultHasherImpl = absl::Hash; // Similar to absl::node_hash_map, but with better performance and memory usage. template using QuicheUnorderedMapImpl = absl::node_hash_map; } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_arraysize_impl.h ================================================ #pragma once #include "absl/base/macros.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define SPDY_ARRAYSIZE_IMPL(x) ABSL_ARRAYSIZE(x) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_bug_tracker_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_bug_tracker_impl.h" #define SPDY_BUG_IMPL QUIC_BUG_IMPL #define SPDY_BUG_IF_IMPL QUIC_BUG_IF_IMPL #define FLAGS_spdy_always_log_bugs_for_tests_impl true ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_containers_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" #include "absl/container/inlined_vector.h" #include "absl/hash/hash.h" #include "quiche/common/simple_linked_hash_map.h" namespace spdy { template using SpdyHashImpl = absl::Hash; template > using SpdyHashMapImpl = absl::flat_hash_map; template using SpdyHashSetImpl = absl::flat_hash_set; template using SpdyLinkedHashMapImpl = quiche::SimpleLinkedHashMap; template > using SpdyInlinedVectorImpl = absl::InlinedVector; template using SpdySmallMapImpl = absl::flat_hash_map; } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_endianness_util_impl.h ================================================ #pragma once #include #include "envoy/common/platform.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace spdy { inline uint16_t SpdyNetToHost16Impl(uint16_t x) { return ntohs(x); } inline uint32_t SpdyNetToHost32Impl(uint32_t x) { return ntohl(x); } // TODO: implement inline uint64_t SpdyNetToHost64Impl(uint64_t /*x*/) { return 0; } inline uint16_t SpdyHostToNet16Impl(uint16_t x) { return htons(x); } inline uint32_t SpdyHostToNet32Impl(uint32_t x) { return htonl(x); } // TODO: implement inline uint64_t SpdyHostToNet64Impl(uint64_t /*x*/) { return 0; } } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_estimate_memory_usage_impl.h ================================================ #pragma once #include // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. namespace spdy { // Dummy implementation. template size_t SpdyEstimateMemoryUsageImpl(const T& /*object*/) { return 0; } } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_flags_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/flags_impl.h" #define GetSpdyReloadableFlagImpl(flag) quiche::FLAGS_spdy_reloadable_flag_##flag->value() #define GetSpdyRestartFlagImpl(flag) quiche::FLAGS_spdy_restart_flag_##flag->value() #define SPDY_CODE_COUNT_N_IMPL(flag, instance, total) \ do { \ } while (0) #define SPDY_CODE_COUNT_IMPL(name) \ do { \ } while (0) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_logging_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/quic_logging_impl.h" #define SPDY_LOG_IMPL(severity) QUICHE_LOG_IMPL(severity) #define SPDY_VLOG_IMPL(verbose_level) QUICHE_VLOG_IMPL(verbose_level) #define SPDY_DLOG_IMPL(severity) QUICHE_DLOG_IMPL(severity) #define SPDY_DLOG_IF_IMPL(severity, condition) QUICHE_DLOG_IF_IMPL(severity, condition) #define SPDY_DVLOG_IMPL(verbose_level) QUICHE_DVLOG_IMPL(verbose_level) #define SPDY_DVLOG_IF_IMPL(verbose_level, condition) QUICHE_DVLOG_IF_IMPL(verbose_level, condition) ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_macros_impl.h ================================================ #pragma once #include "absl/base/attributes.h" // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #define SPDY_MUST_USE_RESULT_IMPL ABSL_MUST_USE_RESULT #define SPDY_UNUSED_IMPL ABSL_ATTRIBUTE_UNUSED ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_mem_slice_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include namespace spdy { // TODO(danzh): Fill out SpdyMemSliceImpl. // // SpdyMemSliceImpl wraps a reference counted MemSlice and only provides partial // interfaces of MemSlice. class SpdyMemSliceImpl { public: // Constructs an empty SpdyMemSliceImpl that contains an empty MemSlice. SpdyMemSliceImpl(); // Constructs a SpdyMemSlice with reference count 1 to a newly allocated data // buffer of |length| bytes. explicit SpdyMemSliceImpl(size_t length); // Constructs a reference-counted MemSlice to |data|. SpdyMemSliceImpl(const char* data, size_t length); SpdyMemSliceImpl(const SpdyMemSliceImpl& other) = delete; SpdyMemSliceImpl& operator=(const SpdyMemSliceImpl& other) = delete; // Move constructors. |other| will not hold a reference to the data buffer // after this call completes. SpdyMemSliceImpl(SpdyMemSliceImpl&& other) = default; SpdyMemSliceImpl& operator=(SpdyMemSliceImpl&& other) = default; ~SpdyMemSliceImpl(); // Returns a char pointer to underlying data buffer. const char* data() const; // Returns the length of underlying data buffer. size_t length() const; }; } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_string_utils_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "extensions/quic_listeners/quiche/platform/string_utils.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_format.h" #include "fmt/printf.h" #include "quiche/common/platform/api/quiche_string_piece.h" namespace spdy { template // NOLINTNEXTLINE(readability-identifier-naming) inline void SpdyStrAppendImpl(std::string* output, const Args&... args) { absl::StrAppend(output, std::forward(args)...); } // NOLINTNEXTLINE(readability-identifier-naming) inline char SpdyHexDigitToIntImpl(char c) { return quiche::HexDigitToInt(c); } // NOLINTNEXTLINE(readability-identifier-naming) inline std::string SpdyHexDecodeImpl(absl::string_view data) { return absl::HexStringToBytes(data); } // NOLINTNEXTLINE(readability-identifier-naming) inline bool SpdyHexDecodeToUInt32Impl(absl::string_view data, uint32_t* out) { return quiche::HexDecodeToUInt32(data, out); } // NOLINTNEXTLINE(readability-identifier-naming) inline std::string SpdyHexEncodeImpl(const void* bytes, size_t size) { return absl::BytesToHexString(absl::string_view(static_cast(bytes), size)); } // NOLINTNEXTLINE(readability-identifier-naming) inline std::string SpdyHexEncodeUInt32AndTrimImpl(uint32_t data) { return absl::StrCat(absl::Hex(data)); } // NOLINTNEXTLINE(readability-identifier-naming) inline std::string SpdyHexDumpImpl(absl::string_view data) { return quiche::HexDump(data); } struct SpdyStringPieceCaseHashImpl { size_t operator()(quiche::QuicheStringPiece data) const { std::string lower = absl::AsciiStrToLower(data); return absl::Hash()(lower); } }; struct SpdyStringPieceCaseEqImpl { bool operator()(absl::string_view piece1, absl::string_view piece2) const { return absl::EqualsIgnoreCase(piece1, piece2); } }; } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_test_helpers_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. // TODO: implement #define EXPECT_SPDY_BUG_IMPL 0 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_test_utils_prod_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. // TODO: implement #define SPDY_FRIEND_TEST_IMPL 0 ================================================ FILE: source/extensions/quic_listeners/quiche/platform/spdy_unsafe_arena_impl.h ================================================ #pragma once // NOLINT(namespace-envoy) // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include "quiche/spdy/core/spdy_simple_arena.h" namespace spdy { using SpdyUnsafeArenaImpl = SpdySimpleArena; } // namespace spdy ================================================ FILE: source/extensions/quic_listeners/quiche/platform/string_utils.cc ================================================ #include "extensions/quic_listeners/quiche/platform/string_utils.h" // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include "envoy/common/platform.h" #include "absl/strings/ascii.h" #include "absl/strings/escaping.h" #include "absl/strings/str_format.h" #include "common/common/assert.h" namespace quiche { // NOLINTNEXTLINE(readability-identifier-naming) std::string HexDump(absl::string_view data) { const int kBytesPerLine = 16; const char* buf = data.data(); int bytes_remaining = data.size(); int offset = 0; std::string out; const char* p = buf; while (bytes_remaining > 0) { const int line_bytes = std::min(bytes_remaining, kBytesPerLine); absl::StrAppendFormat(&out, "0x%04x: ", offset); // Do the line header for (int i = 0; i < kBytesPerLine; ++i) { if (i < line_bytes) { absl::StrAppendFormat(&out, "%02x", p[i]); } else { out += " "; // two-space filler instead of two-space hex digits } if (i % 2) { out += ' '; } } out += ' '; for (int i = 0; i < line_bytes; ++i) { // Do the ASCII dump out += absl::ascii_isgraph(p[i]) ? p[i] : '.'; } bytes_remaining -= line_bytes; offset += line_bytes; p += line_bytes; out += '\n'; } return out; } // NOLINTNEXTLINE(readability-identifier-naming) char HexDigitToInt(char c) { ASSERT(std::isxdigit(c)); if (std::isdigit(c)) { return c - '0'; } if (c >= 'A' && c <= 'F') { return c - 'A' + 10; } if (c >= 'a' && c <= 'f') { return c - 'a' + 10; } return 0; } // NOLINTNEXTLINE(readability-identifier-naming) bool HexDecodeToUInt32(absl::string_view data, uint32_t* out) { if (data.empty() || data.size() > 8u) { return false; } for (char c : data) { if (!absl::ascii_isxdigit(c)) { return false; } } // Pad with leading zeros. std::string data_padded(data.data(), data.size()); data_padded.insert(0, 8u - data.size(), '0'); std::string byte_string = absl::HexStringToBytes(data_padded); RELEASE_ASSERT(byte_string.size() == 4u, "padded data is not 4 byte long."); uint32_t bytes; memcpy(&bytes, byte_string.data(), byte_string.length()); *out = ntohl(bytes); return true; } } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/platform/string_utils.h ================================================ // NOLINT(namespace-envoy) // // This file is part of the QUICHE platform implementation, and is not to be // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. #include #include #include "absl/strings/string_view.h" namespace quiche { // NOLINTNEXTLINE(readability-identifier-naming) std::string HexDump(absl::string_view data); // '0' => 0, '1' => 1, 'a' or 'A' => 10, etc. // NOLINTNEXTLINE(readability-identifier-naming) char HexDigitToInt(char c); // Turns a 8-byte hex string into a uint32 in host byte order. // e.g. "12345678" => 0x12345678 // NOLINTNEXTLINE(readability-identifier-naming) bool HexDecodeToUInt32(absl::string_view data, uint32_t* out); } // namespace quiche ================================================ FILE: source/extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.cc ================================================ #include "extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h" #include namespace Envoy { namespace Quic { QuicFilterManagerConnectionImpl::QuicFilterManagerConnectionImpl(EnvoyQuicConnection& connection, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit) // Using this for purpose other than logging is not safe. Because QUIC connection id can be // 18 bytes, so there might be collision when it's hashed to 8 bytes. : Network::ConnectionImplBase(dispatcher, /*id=*/connection.connection_id().Hash()), quic_connection_(&connection), filter_manager_(*this), stream_info_(dispatcher.timeSource()), write_buffer_watermark_simulation_( send_buffer_limit / 2, send_buffer_limit, [this]() { onSendBufferLowWatermark(); }, [this]() { onSendBufferHighWatermark(); }, ENVOY_LOGGER()) { stream_info_.protocol(Http::Protocol::Http3); } void QuicFilterManagerConnectionImpl::addWriteFilter(Network::WriteFilterSharedPtr filter) { filter_manager_.addWriteFilter(filter); } void QuicFilterManagerConnectionImpl::addFilter(Network::FilterSharedPtr filter) { filter_manager_.addFilter(filter); } void QuicFilterManagerConnectionImpl::addReadFilter(Network::ReadFilterSharedPtr filter) { filter_manager_.addReadFilter(filter); } bool QuicFilterManagerConnectionImpl::initializeReadFilters() { return filter_manager_.initializeReadFilters(); } void QuicFilterManagerConnectionImpl::enableHalfClose(bool enabled) { RELEASE_ASSERT(!enabled, "Quic connection doesn't support half close."); } void QuicFilterManagerConnectionImpl::setBufferLimits(uint32_t /*limit*/) { // Currently read buffer is capped by connection level flow control. And write buffer limit is set // during construction. Changing the buffer limit during the life time of the connection is not // supported. NOT_REACHED_GCOVR_EXCL_LINE; } bool QuicFilterManagerConnectionImpl::aboveHighWatermark() const { return write_buffer_watermark_simulation_.isAboveHighWatermark(); } void QuicFilterManagerConnectionImpl::close(Network::ConnectionCloseType type) { if (quic_connection_ == nullptr) { // Already detached from quic connection. return; } const bool delayed_close_timeout_configured = delayed_close_timeout_.count() > 0; if (hasDataToWrite() && type != Network::ConnectionCloseType::NoFlush) { if (delayed_close_timeout_configured) { // QUIC connection has unsent data and caller wants to flush them. Wait for flushing or // timeout. if (!inDelayedClose()) { // Only set alarm if not in delay close mode yet. initializeDelayedCloseTimer(); } // Update delay close state according to current call. if (type == Network::ConnectionCloseType::FlushWriteAndDelay) { delayed_close_state_ = DelayedCloseState::CloseAfterFlushAndWait; } else { ASSERT(type == Network::ConnectionCloseType::FlushWrite); delayed_close_state_ = DelayedCloseState::CloseAfterFlush; } } else { delayed_close_state_ = DelayedCloseState::CloseAfterFlush; } } else if (hasDataToWrite()) { // Quic connection has unsent data but caller wants to close right away. ASSERT(type == Network::ConnectionCloseType::NoFlush); quic_connection_->OnCanWrite(); closeConnectionImmediately(); } else { // Quic connection doesn't have unsent data. It's up to the caller and // the configuration whether to wait or not before closing. if (delayed_close_timeout_configured && type == Network::ConnectionCloseType::FlushWriteAndDelay) { if (!inDelayedClose()) { initializeDelayedCloseTimer(); } delayed_close_state_ = DelayedCloseState::CloseAfterFlushAndWait; } else { closeConnectionImmediately(); } } } const Network::ConnectionSocket::OptionsSharedPtr& QuicFilterManagerConnectionImpl::socketOptions() const { return quic_connection_->connectionSocket()->options(); } const Network::Address::InstanceConstSharedPtr& QuicFilterManagerConnectionImpl::remoteAddress() const { ASSERT(quic_connection_->connectionSocket() != nullptr, "remoteAddress() should only be called after OnPacketHeader"); return quic_connection_->connectionSocket()->remoteAddress(); } const Network::Address::InstanceConstSharedPtr& QuicFilterManagerConnectionImpl::directRemoteAddress() const { ASSERT(quic_connection_->connectionSocket() != nullptr, "directRemoteAddress() should only be called after OnPacketHeader"); return quic_connection_->connectionSocket()->directRemoteAddress(); } const Network::Address::InstanceConstSharedPtr& QuicFilterManagerConnectionImpl::localAddress() const { ASSERT(quic_connection_->connectionSocket() != nullptr, "localAddress() should only be called after OnPacketHeader"); return quic_connection_->connectionSocket()->localAddress(); } Ssl::ConnectionInfoConstSharedPtr QuicFilterManagerConnectionImpl::ssl() const { // TODO(danzh): construct Ssl::ConnectionInfo from crypto stream return nullptr; } void QuicFilterManagerConnectionImpl::rawWrite(Buffer::Instance& /*data*/, bool /*end_stream*/) { // Network filter should stop iteration. NOT_REACHED_GCOVR_EXCL_LINE; } void QuicFilterManagerConnectionImpl::adjustBytesToSend(int64_t delta) { const size_t bytes_to_send_old = bytes_to_send_; bytes_to_send_ += delta; if (delta < 0) { ASSERT(bytes_to_send_old > bytes_to_send_); } else { ASSERT(bytes_to_send_old <= bytes_to_send_); } write_buffer_watermark_simulation_.checkHighWatermark(bytes_to_send_); write_buffer_watermark_simulation_.checkLowWatermark(bytes_to_send_); } void QuicFilterManagerConnectionImpl::maybeApplyDelayClosePolicy() { if (!inDelayedClose()) { return; } if (hasDataToWrite() || delayed_close_state_ == DelayedCloseState::CloseAfterFlushAndWait) { if (delayed_close_timer_ != nullptr) { // Re-arm delay close timer on every write event if there are still data // buffered or the connection close is supposed to be delayed. delayed_close_timer_->enableTimer(delayed_close_timeout_); } } else { closeConnectionImmediately(); } } void QuicFilterManagerConnectionImpl::onConnectionCloseEvent( const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { transport_failure_reason_ = absl::StrCat(quic::QuicErrorCodeToString(frame.quic_error_code), " with details: ", frame.error_details); if (quic_connection_ != nullptr) { // Tell network callbacks about connection close if not detached yet. raiseConnectionEvent(source == quic::ConnectionCloseSource::FROM_PEER ? Network::ConnectionEvent::RemoteClose : Network::ConnectionEvent::LocalClose); } } void QuicFilterManagerConnectionImpl::closeConnectionImmediately() { if (quic_connection_ == nullptr) { return; } quic_connection_->CloseConnection(quic::QUIC_NO_ERROR, "Closed by application", quic::ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET); quic_connection_ = nullptr; } void QuicFilterManagerConnectionImpl::onSendBufferHighWatermark() { ENVOY_CONN_LOG(trace, "onSendBufferHighWatermark", *this); for (auto callback : callbacks_) { callback->onAboveWriteBufferHighWatermark(); } } void QuicFilterManagerConnectionImpl::onSendBufferLowWatermark() { ENVOY_CONN_LOG(trace, "onSendBufferLowWatermark", *this); for (auto callback : callbacks_) { callback->onBelowWriteBufferLowWatermark(); } } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/network/connection.h" #include "common/common/empty_string.h" #include "common/common/logger.h" #include "common/network/connection_impl_base.h" #include "common/stream_info/stream_info_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_connection.h" #include "extensions/quic_listeners/quiche/envoy_quic_simulated_watermark_buffer.h" namespace Envoy { namespace Quic { // Act as a Network::Connection to HCM and a FilterManager to FilterFactoryCb. class QuicFilterManagerConnectionImpl : public Network::ConnectionImplBase { public: QuicFilterManagerConnectionImpl(EnvoyQuicConnection& connection, Event::Dispatcher& dispatcher, uint32_t send_buffer_limit); // Network::FilterManager // Overridden to delegate calls to filter_manager_. void addWriteFilter(Network::WriteFilterSharedPtr filter) override; void addFilter(Network::FilterSharedPtr filter) override; void addReadFilter(Network::ReadFilterSharedPtr filter) override; bool initializeReadFilters() override; // Network::Connection void addBytesSentCallback(Network::Connection::BytesSentCb /*cb*/) override { // TODO(danzh): implement to support proxy. This interface is only called from // TCP proxy code. NOT_REACHED_GCOVR_EXCL_LINE; } void enableHalfClose(bool enabled) override; void close(Network::ConnectionCloseType type) override; Event::Dispatcher& dispatcher() override { return dispatcher_; } std::string nextProtocol() const override { return EMPTY_STRING; } void noDelay(bool /*enable*/) override { // No-op. TCP_NODELAY doesn't apply to UDP. } void readDisable(bool /*disable*/) override { NOT_REACHED_GCOVR_EXCL_LINE; } void detectEarlyCloseWhenReadDisabled(bool /*value*/) override { NOT_REACHED_GCOVR_EXCL_LINE; } bool readEnabled() const override { return true; } const Network::Address::InstanceConstSharedPtr& remoteAddress() const override; const Network::Address::InstanceConstSharedPtr& directRemoteAddress() const override; const Network::Address::InstanceConstSharedPtr& localAddress() const override; absl::optional unixSocketPeerCredentials() const override { // Unix domain socket is not supported. NOT_REACHED_GCOVR_EXCL_LINE; } void setConnectionStats(const Network::Connection::ConnectionStats& stats) override { // TODO(danzh): populate stats. Network::ConnectionImplBase::setConnectionStats(stats); quic_connection_->setConnectionStats(stats); } Ssl::ConnectionInfoConstSharedPtr ssl() const override; Network::Connection::State state() const override { if (quic_connection_ != nullptr && quic_connection_->connected()) { return Network::Connection::State::Open; } return Network::Connection::State::Closed; } void write(Buffer::Instance& /*data*/, bool /*end_stream*/) override { // All writes should be handled by Quic internally. NOT_REACHED_GCOVR_EXCL_LINE; } void setBufferLimits(uint32_t limit) override; uint32_t bufferLimit() const override { // As quic connection is not HTTP1.1, this method shouldn't be called by HCM. NOT_REACHED_GCOVR_EXCL_LINE; } bool localAddressRestored() const override { // SO_ORIGINAL_DST not supported by QUIC. NOT_REACHED_GCOVR_EXCL_LINE; } bool aboveHighWatermark() const override; const Network::ConnectionSocket::OptionsSharedPtr& socketOptions() const override; StreamInfo::StreamInfo& streamInfo() override { return stream_info_; } const StreamInfo::StreamInfo& streamInfo() const override { return stream_info_; } absl::string_view transportFailureReason() const override { return transport_failure_reason_; } absl::optional lastRoundTripTime() const override { return {}; } // Network::FilterManagerConnection void rawWrite(Buffer::Instance& data, bool end_stream) override; // Network::ReadBufferSource Network::StreamBuffer getReadBuffer() override { return {empty_buffer_, false}; } // Network::WriteBufferSource Network::StreamBuffer getWriteBuffer() override { NOT_REACHED_GCOVR_EXCL_LINE; } // Update the book keeping of the aggregated buffered bytes cross all the // streams, and run watermark check. void adjustBytesToSend(int64_t delta); // Called after each write when a previous connection close call is postponed. void maybeApplyDelayClosePolicy(); uint32_t bytesToSend() { return bytes_to_send_; } protected: // Propagate connection close to network_connection_callbacks_. void onConnectionCloseEvent(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source); void closeConnectionImmediately() override; virtual bool hasDataToWrite() PURE; EnvoyQuicConnection* quic_connection_{nullptr}; private: // Called when aggregated buffered bytes across all the streams exceeds high watermark. void onSendBufferHighWatermark(); // Called when aggregated buffered bytes across all the streams declines to low watermark. void onSendBufferLowWatermark(); // Currently ConnectionManagerImpl is the one and only filter. If more network // filters are added, ConnectionManagerImpl should always be the last one. // Its onRead() is only called once to trigger ReadFilter::onNewConnection() // and the rest incoming data bypasses these filters. Network::FilterManagerImpl filter_manager_; StreamInfo::StreamInfoImpl stream_info_; std::string transport_failure_reason_; uint32_t bytes_to_send_{0}; // Keeps the buffer state of the connection, and react upon the changes of how many bytes are // buffered cross all streams' send buffer. The state is evaluated and may be changed upon each // stream write. QUICHE doesn't buffer data in connection, all the data is buffered in stream's // send buffer. EnvoyQuicSimulatedWatermarkBuffer write_buffer_watermark_simulation_; Buffer::OwnedImpl empty_buffer_; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/quic_io_handle_wrapper.h ================================================ #include #include #include "envoy/network/io_handle.h" #include "common/network/io_socket_error_impl.h" namespace Envoy { namespace Quic { // A wrapper class around IoHandle object which doesn't close() upon destruction. It is used to // create ConnectionSocket as the actual IoHandle instance should out live connection socket. class QuicIoHandleWrapper : public Network::IoHandle { public: QuicIoHandleWrapper(Network::IoHandle& io_handle) : io_handle_(io_handle) {} // Network::IoHandle os_fd_t fdDoNotUse() const override { return io_handle_.fdDoNotUse(); } Api::IoCallUint64Result close() override { closed_ = true; return Api::ioCallUint64ResultNoError(); } bool isOpen() const override { return !closed_; } Api::IoCallUint64Result readv(uint64_t max_length, Buffer::RawSlice* slices, uint64_t num_slice) override { if (closed_) { return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.readv(max_length, slices, num_slice); } Api::IoCallUint64Result read(Buffer::Instance& buffer, uint64_t max_length) override { if (closed_) { return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.read(buffer, max_length); } Api::IoCallUint64Result writev(const Buffer::RawSlice* slices, uint64_t num_slice) override { if (closed_) { return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.writev(slices, num_slice); } Api::IoCallUint64Result write(Buffer::Instance& buffer) override { if (closed_) { return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.write(buffer); } Api::IoCallUint64Result sendmsg(const Buffer::RawSlice* slices, uint64_t num_slice, int flags, const Envoy::Network::Address::Ip* self_ip, const Network::Address::Instance& peer_address) override { if (closed_) { return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.sendmsg(slices, num_slice, flags, self_ip, peer_address); } Api::IoCallUint64Result recvmsg(Buffer::RawSlice* slices, const uint64_t num_slice, uint32_t self_port, RecvMsgOutput& output) override { if (closed_) { ASSERT(false, "recvmmsg is called after close."); return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.recvmsg(slices, num_slice, self_port, output); } Api::IoCallUint64Result recvmmsg(RawSliceArrays& slices, uint32_t self_port, RecvMsgOutput& output) override { if (closed_) { ASSERT(false, "recvmmsg is called after close."); return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.recvmmsg(slices, self_port, output); } Api::IoCallUint64Result recv(void* buffer, size_t length, int flags) override { if (closed_) { ASSERT(false, "recv called after close."); return Api::IoCallUint64Result(0, Api::IoErrorPtr(new Network::IoSocketError(EBADF), Network::IoSocketError::deleteIoError)); } return io_handle_.recv(buffer, length, flags); } bool supportsMmsg() const override { return io_handle_.supportsMmsg(); } bool supportsUdpGro() const override { return io_handle_.supportsUdpGro(); } Api::SysCallIntResult bind(Network::Address::InstanceConstSharedPtr address) override { return io_handle_.bind(address); } Api::SysCallIntResult listen(int backlog) override { return io_handle_.listen(backlog); } Network::IoHandlePtr accept(struct sockaddr* addr, socklen_t* addrlen) override { return io_handle_.accept(addr, addrlen); } Api::SysCallIntResult connect(Network::Address::InstanceConstSharedPtr address) override { return io_handle_.connect(address); } Api::SysCallIntResult setOption(int level, int optname, const void* optval, socklen_t optlen) override { return io_handle_.setOption(level, optname, optval, optlen); } Api::SysCallIntResult getOption(int level, int optname, void* optval, socklen_t* optlen) override { return io_handle_.getOption(level, optname, optval, optlen); } Api::SysCallIntResult setBlocking(bool blocking) override { return io_handle_.setBlocking(blocking); } absl::optional domain() override { return io_handle_.domain(); } Network::Address::InstanceConstSharedPtr localAddress() override { return io_handle_.localAddress(); } Network::Address::InstanceConstSharedPtr peerAddress() override { return io_handle_.peerAddress(); } Event::FileEventPtr createFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, Event::FileTriggerType trigger, uint32_t events) override { return io_handle_.createFileEvent(dispatcher, cb, trigger, events); } Api::SysCallIntResult shutdown(int how) override { return io_handle_.shutdown(how); } absl::optional lastRoundTripTime() override { return {}; } private: Network::IoHandle& io_handle_; bool closed_{false}; }; } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/quic_transport_socket_factory.cc ================================================ #include "extensions/quic_listeners/quiche/quic_transport_socket_factory.h" // #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.h" #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.validate.h" #include "extensions/transport_sockets/tls/context_config_impl.h" namespace Envoy { namespace Quic { Network::TransportSocketFactoryPtr QuicServerTransportSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& /*server_names*/) { auto quic_transport = MessageUtil::downcastAndValidate< const envoy::extensions::transport_sockets::quic::v3::QuicDownstreamTransport&>( config, context.messageValidationVisitor()); auto server_config = std::make_unique( quic_transport.downstream_tls_context(), context); return std::make_unique(std::move(server_config)); } ProtobufTypes::MessagePtr QuicServerTransportSocketConfigFactory::createEmptyConfigProto() { return std::make_unique< envoy::extensions::transport_sockets::quic::v3::QuicDownstreamTransport>(); } Network::TransportSocketFactoryPtr QuicClientTransportSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) { auto quic_transport = MessageUtil::downcastAndValidate< const envoy::extensions::transport_sockets::quic::v3::QuicUpstreamTransport&>( config, context.messageValidationVisitor()); auto client_config = std::make_unique( quic_transport.upstream_tls_context(), context); return std::make_unique(std::move(client_config)); } ProtobufTypes::MessagePtr QuicClientTransportSocketConfigFactory::createEmptyConfigProto() { return std::make_unique(); } REGISTER_FACTORY(QuicServerTransportSocketConfigFactory, Server::Configuration::DownstreamTransportSocketConfigFactory); REGISTER_FACTORY(QuicClientTransportSocketConfigFactory, Server::Configuration::UpstreamTransportSocketConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/quic_transport_socket_factory.h ================================================ #pragma once #include "envoy/network/transport_socket.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_config.h" #include "common/common/assert.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Quic { // Base class for QUIC transport socket factory. // Because QUIC stack handles all L4 data, there is no need of a real transport // socket for QUIC in current implementation. This factory doesn't provides a // transport socket, instead, its derived class provides TLS context config for // server and client. class QuicTransportSocketFactoryBase : public Network::TransportSocketFactory { public: // Network::TransportSocketFactory Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr /*options*/) const override { NOT_REACHED_GCOVR_EXCL_LINE; } bool implementsSecureTransport() const override { return true; } }; // TODO(danzh): when implement ProofSource, examine of it's necessary to // differentiate server and client side context config. class QuicServerTransportSocketFactory : public QuicTransportSocketFactoryBase { public: QuicServerTransportSocketFactory(Ssl::ServerContextConfigPtr config) : config_(std::move(config)) {} const Ssl::ServerContextConfig& serverContextConfig() const { return *config_; } private: std::unique_ptr config_; }; class QuicClientTransportSocketFactory : public QuicTransportSocketFactoryBase { public: QuicClientTransportSocketFactory(Envoy::Ssl::ClientContextConfigPtr config) : config_(std::move(config)) {} const Ssl::ClientContextConfig& clientContextConfig() const { return *config_; } private: std::unique_ptr config_; }; // Base class to create above QuicTransportSocketFactory for server and client // side. class QuicTransportSocketConfigFactory : public virtual Server::Configuration::TransportSocketConfigFactory { public: // Server::Configuration::TransportSocketConfigFactory std::string name() const override { return Extensions::TransportSockets::TransportSocketNames::get().Quic; } }; class QuicServerTransportSocketConfigFactory : public QuicTransportSocketConfigFactory, public Server::Configuration::DownstreamTransportSocketConfigFactory { public: // Server::Configuration::DownstreamTransportSocketConfigFactory Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) override; // Server::Configuration::TransportSocketConfigFactory ProtobufTypes::MessagePtr createEmptyConfigProto() override; // Prevent double registration for the config proto std::string configType() override { return ""; } }; DECLARE_FACTORY(QuicServerTransportSocketConfigFactory); class QuicClientTransportSocketConfigFactory : public QuicTransportSocketConfigFactory, public Server::Configuration::UpstreamTransportSocketConfigFactory { public: // Server::Configuration::UpstreamTransportSocketConfigFactory Network::TransportSocketFactoryPtr createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) override; // Server::Configuration::TransportSocketConfigFactory ProtobufTypes::MessagePtr createEmptyConfigProto() override; // Prevent double registration for the config proto std::string configType() override { return ""; } }; DECLARE_FACTORY(QuicClientTransportSocketConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/spdy_server_push_utils_for_envoy.cc ================================================ #include "quiche/quic/core/http/spdy_server_push_utils.h" // NOLINT(namespace-envoy) // This file has a substitute definition for // quiche/quic/core/http/spdy_server_push_utils.cc which depends on GURL. // Since Envoy doesn't support server push, these functions shouldn't be // executed at all. using spdy::SpdyHeaderBlock; namespace quic { // static std::string SpdyServerPushUtils::GetPromisedUrlFromHeaders(const SpdyHeaderBlock& /*headers*/) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // static std::string SpdyServerPushUtils::GetPromisedHostNameFromHeaders(const SpdyHeaderBlock& /*headers*/) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // static bool SpdyServerPushUtils::PromisedUrlIsValid(const SpdyHeaderBlock& /*headers*/) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // static std::string SpdyServerPushUtils::GetPushPromiseUrl(quiche::QuicheStringPiece /*scheme*/, quiche::QuicheStringPiece /*authority*/, quiche::QuicheStringPiece /*path*/) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } // namespace quic ================================================ FILE: source/extensions/quic_listeners/quiche/udp_gso_batch_writer.cc ================================================ #include "extensions/quic_listeners/quiche/udp_gso_batch_writer.h" #include "common/network/io_socket_error_impl.h" #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" namespace Envoy { namespace Quic { namespace { Api::IoCallUint64Result convertQuicWriteResult(quic::WriteResult quic_result, size_t payload_len) { switch (quic_result.status) { case quic::WRITE_STATUS_OK: { if (quic_result.bytes_written == 0) { ENVOY_LOG_MISC(trace, "sendmsg successful, message buffered to send"); } else { ENVOY_LOG_MISC(trace, "sendmsg successful, flushed bytes {}", quic_result.bytes_written); } // Return payload_len as rc & nullptr as error on success return Api::IoCallUint64Result( /*rc=*/payload_len, /*err=*/Api::IoErrorPtr(nullptr, Network::IoSocketError::deleteIoError)); } case quic::WRITE_STATUS_BLOCKED_DATA_BUFFERED: { // Data was buffered, Return payload_len as rc & nullptr as error ENVOY_LOG_MISC(trace, "sendmsg blocked, message buffered to send"); return Api::IoCallUint64Result( /*rc=*/payload_len, /*err=*/Api::IoErrorPtr(nullptr, Network::IoSocketError::deleteIoError)); } case quic::WRITE_STATUS_BLOCKED: { // Writer blocked, return error ENVOY_LOG_MISC(trace, "sendmsg blocked, message not buffered"); return Api::IoCallUint64Result( /*rc=*/0, /*err=*/Api::IoErrorPtr(Network::IoSocketError::getIoSocketEagainInstance(), Network::IoSocketError::deleteIoError)); } default: { // Write Failed, return {0 and error_code} ENVOY_LOG_MISC(trace, "sendmsg failed with error code {}", static_cast(quic_result.error_code)); return Api::IoCallUint64Result( /*rc=*/0, /*err=*/Api::IoErrorPtr(new Network::IoSocketError(quic_result.error_code), Network::IoSocketError::deleteIoError)); } } } } // namespace // Initialize QuicGsoBatchWriter, set io_handle_ and stats_ UdpGsoBatchWriter::UdpGsoBatchWriter(Network::IoHandle& io_handle, Stats::Scope& scope) : quic::QuicGsoBatchWriter(io_handle.fdDoNotUse()), stats_(generateStats(scope)) {} // Do Nothing in the Destructor For now UdpGsoBatchWriter::~UdpGsoBatchWriter() = default; Api::IoCallUint64Result UdpGsoBatchWriter::writePacket(const Buffer::Instance& buffer, const Network::Address::Ip* local_ip, const Network::Address::Instance& peer_address) { // Convert received parameters to relevant forms quic::QuicSocketAddress peer_addr = envoyIpAddressToQuicSocketAddress(peer_address.ip()); quic::QuicSocketAddress self_addr = envoyIpAddressToQuicSocketAddress(local_ip); size_t payload_len = static_cast(buffer.length()); // TODO(yugant): Currently we do not use PerPacketOptions with Quic, we may want to // specify this parameter here at a later stage. quic::WriteResult quic_result = WritePacket(buffer.toString().c_str(), payload_len, self_addr.host(), peer_addr, /*quic::PerPacketOptions=*/nullptr); updateUdpGsoBatchWriterStats(quic_result); return convertQuicWriteResult(quic_result, payload_len); } uint64_t UdpGsoBatchWriter::getMaxPacketSize(const Network::Address::Instance& peer_address) const { quic::QuicSocketAddress peer_addr = envoyIpAddressToQuicSocketAddress(peer_address.ip()); return static_cast(GetMaxPacketSize(peer_addr)); } Network::UdpPacketWriterBuffer UdpGsoBatchWriter::getNextWriteLocation(const Network::Address::Ip* local_ip, const Network::Address::Instance& peer_address) { quic::QuicSocketAddress peer_addr = envoyIpAddressToQuicSocketAddress(peer_address.ip()); quic::QuicSocketAddress self_addr = envoyIpAddressToQuicSocketAddress(local_ip); quic::QuicPacketBuffer quic_buf = GetNextWriteLocation(self_addr.host(), peer_addr); return Network::UdpPacketWriterBuffer(reinterpret_cast(quic_buf.buffer), Network::UdpMaxOutgoingPacketSize, quic_buf.release_buffer); } Api::IoCallUint64Result UdpGsoBatchWriter::flush() { quic::WriteResult quic_result = Flush(); updateUdpGsoBatchWriterStats(quic_result); return convertQuicWriteResult(quic_result, /*payload_len=*/0); } void UdpGsoBatchWriter::updateUdpGsoBatchWriterStats(quic::WriteResult quic_result) { if (quic_result.status == quic::WRITE_STATUS_OK && quic_result.bytes_written > 0) { if (gso_size_ > 0u) { uint64_t num_pkts_in_batch = std::ceil(static_cast(quic_result.bytes_written) / gso_size_); stats_.pkts_sent_per_batch_.recordValue(num_pkts_in_batch); } stats_.total_bytes_sent_.add(quic_result.bytes_written); } stats_.internal_buffer_size_.set(batch_buffer().SizeInUse()); gso_size_ = buffered_writes().empty() ? 0u : buffered_writes().front().buf_len; } UdpGsoBatchWriterStats UdpGsoBatchWriter::generateStats(Stats::Scope& scope) { return { UDP_GSO_BATCH_WRITER_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope), POOL_HISTOGRAM(scope))}; } UdpGsoBatchWriterFactory::UdpGsoBatchWriterFactory() = default; Network::UdpPacketWriterPtr UdpGsoBatchWriterFactory::createUdpPacketWriter(Network::IoHandle& io_handle, Stats::Scope& scope) { return std::make_unique(io_handle, scope); } } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/udp_gso_batch_writer.h ================================================ #pragma once #if !defined(__linux__) #define UDP_GSO_BATCH_WRITER_COMPILETIME_SUPPORT 0 #else #define UDP_GSO_BATCH_WRITER_COMPILETIME_SUPPORT 1 #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Winvalid-offsetof" #pragma GCC diagnostic ignored "-Wignored-qualifiers" // QUICHE doesn't mark override at QuicBatchWriterBase::SupportsReleaseTime() #ifdef __clang__ #pragma clang diagnostic push #pragma clang diagnostic ignored "-Winconsistent-missing-override" #elif defined(__GNUC__) && __GNUC__ >= 5 #pragma GCC diagnostic ignored "-Wsuggest-override" #endif #include "quiche/quic/core/batch_writer/quic_gso_batch_writer.h" #ifdef __clang__ #pragma clang diagnostic pop #endif #pragma GCC diagnostic pop #include "envoy/network/udp_packet_writer_handler.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_protos.h" namespace Envoy { namespace Quic { /** * @brief The following can be used to collect statistics * related to UdpGsoBatchWriter. The stats maintained are * as follows: * * @total_bytes_sent: Maintains the count of total bytes * sent via the UdpGsoBatchWriter on the current ioHandle * via both WritePacket() and Flush() functions. * * @internal_buffer_size: Gauge value to keep a track of the * total bytes buffered to writer by UdpGsoBatchWriter. * Resets whenever the internal bytes are sent to the client. * * @pkts_sent_per_batch: Histogram to keep maintain stats of * total number of packets sent in each batch by UdpGsoBatchWriter * Provides summary count of batch-sizes within bucketed range, * and also provides sum and count stats. * * TODO(danzh): Add writer stats to QUIC Documentation when it is * created for QUIC/HTTP3 docs. Also specify in the documentation * that user has to compile in QUICHE to use UdpGsoBatchWriter. */ #define UDP_GSO_BATCH_WRITER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(total_bytes_sent) \ GAUGE(internal_buffer_size, NeverImport) \ HISTOGRAM(pkts_sent_per_batch, Unspecified) /** * Wrapper struct for udp gso batch writer stats. @see stats_macros.h */ struct UdpGsoBatchWriterStats { UDP_GSO_BATCH_WRITER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; /** * UdpPacketWriter implementation based on quic::QuicGsoBatchWriter to send packets * in batches, using UDP socket's generic segmentation offload(GSO) capability. */ class UdpGsoBatchWriter : public quic::QuicGsoBatchWriter, public Network::UdpPacketWriter { public: UdpGsoBatchWriter(Network::IoHandle& io_handle, Stats::Scope& scope); ~UdpGsoBatchWriter() override; // writePacket perform batched sends based on QuicGsoBatchWriter::WritePacket Api::IoCallUint64Result writePacket(const Buffer::Instance& buffer, const Network::Address::Ip* local_ip, const Network::Address::Instance& peer_address) override; // UdpPacketWriter Implementations bool isWriteBlocked() const override { return IsWriteBlocked(); } void setWritable() override { return SetWritable(); } bool isBatchMode() const override { return IsBatchMode(); } uint64_t getMaxPacketSize(const Network::Address::Instance& peer_address) const override; Network::UdpPacketWriterBuffer getNextWriteLocation(const Network::Address::Ip* local_ip, const Network::Address::Instance& peer_address) override; Api::IoCallUint64Result flush() override; private: /** * @brief Update stats_ field for the udp packet writer * @param quic_result is the result from Flush/WritePacket */ void updateUdpGsoBatchWriterStats(quic::WriteResult quic_result); /** * @brief Generate UdpGsoBatchWriterStats object from scope * @param scope for stats * @return UdpGsoBatchWriterStats for scope */ UdpGsoBatchWriterStats generateStats(Stats::Scope& scope); UdpGsoBatchWriterStats stats_; uint64_t gso_size_; }; class UdpGsoBatchWriterFactory : public Network::UdpPacketWriterFactory { public: UdpGsoBatchWriterFactory(); Network::UdpPacketWriterPtr createUdpPacketWriter(Network::IoHandle& io_handle, Stats::Scope& scope) override; private: envoy::config::core::v3::RuntimeFeatureFlag enabled_; }; } // namespace Quic } // namespace Envoy #endif // defined(__linux__) ================================================ FILE: source/extensions/quic_listeners/quiche/udp_gso_batch_writer_config.cc ================================================ #include "extensions/quic_listeners/quiche/udp_gso_batch_writer_config.h" #include "envoy/config/listener/v3/udp_gso_batch_writer_config.pb.h" #include "common/api/os_sys_calls_impl.h" #if defined(__linux__) #include "extensions/quic_listeners/quiche/udp_gso_batch_writer.h" #endif namespace Envoy { namespace Quic { ProtobufTypes::MessagePtr UdpGsoBatchWriterConfigFactory::createEmptyConfigProto() { return std::make_unique(); } Network::UdpPacketWriterFactoryPtr UdpGsoBatchWriterConfigFactory::createUdpPacketWriterFactory(const Protobuf::Message& /*message*/) { if (!Api::OsSysCallsSingleton::get().supportsUdpGso()) { throw EnvoyException("Error configuring batch writer on platform without support " "for UDP GSO. Reset udp_writer_config to default writer"); } #if defined(__linux__) return std::make_unique(); #else // On non-linux, `supportsUdpGso()` always returns false. NOT_REACHED_GCOVR_EXCL_LINE; #endif } std::string UdpGsoBatchWriterConfigFactory::name() const { return GsoBatchWriterName; } REGISTER_FACTORY(UdpGsoBatchWriterConfigFactory, Network::UdpPacketWriterConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/quic_listeners/quiche/udp_gso_batch_writer_config.h ================================================ #pragma once #include #include "envoy/network/udp_packet_writer_config.h" #include "envoy/registry/registry.h" namespace Envoy { namespace Quic { const std::string GsoBatchWriterName{"udp_gso_batch_writer"}; // Network::UdpPacketWriterConfigFactory to create UdpGsoBatchWriterFactory based on given // protobuf. class UdpGsoBatchWriterConfigFactory : public Network::UdpPacketWriterConfigFactory { public: ProtobufTypes::MessagePtr createEmptyConfigProto() override; Network::UdpPacketWriterFactoryPtr createUdpPacketWriterFactory(const Protobuf::Message&) override; std::string name() const override; }; DECLARE_FACTORY(UdpGsoBatchWriterConfigFactory); } // namespace Quic } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/resource_monitors/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], # This resource monitoring library is considered core code. visibility = ["//visibility:public"], deps = [ "//include/envoy/server:resource_monitor_config_interface", "//source/common/protobuf:utility_lib", ], ) ================================================ FILE: source/extensions/resource_monitors/common/factory_base.h ================================================ #pragma once #include "envoy/server/resource_monitor_config.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace Common { template class FactoryBase : public Server::Configuration::ResourceMonitorFactory { public: Server::ResourceMonitorPtr createResourceMonitor(const Protobuf::Message& config, Server::Configuration::ResourceMonitorFactoryContext& context) override { return createResourceMonitorFromProtoTyped(MessageUtil::downcastAndValidate( config, context.messageValidationVisitor()), context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: FactoryBase(const std::string& name) : name_(name) {} private: virtual Server::ResourceMonitorPtr createResourceMonitorFromProtoTyped( const ConfigProto& config, Server::Configuration::ResourceMonitorFactoryContext& context) PURE; const std::string name_; }; } // namespace Common } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/fixed_heap/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "fixed_heap_monitor", srcs = ["fixed_heap_monitor.cc"], hdrs = ["fixed_heap_monitor.h"], deps = [ "//include/envoy/server:resource_monitor_config_interface", "//source/common/common:assert_lib", "//source/common/memory:stats_lib", "@envoy_api//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ ":fixed_heap_monitor", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/extensions/resource_monitors:well_known_names", "//source/extensions/resource_monitors/common:factory_base_lib", "@envoy_api//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/resource_monitors/fixed_heap/config.cc ================================================ #include "extensions/resource_monitors/fixed_heap/config.h" #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.h" #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace FixedHeapMonitor { Server::ResourceMonitorPtr FixedHeapMonitorFactory::createResourceMonitorFromProtoTyped( const envoy::config::resource_monitor::fixed_heap::v2alpha::FixedHeapConfig& config, Server::Configuration::ResourceMonitorFactoryContext& /*unused_context*/) { return std::make_unique(config); } /** * Static registration for the fixed heap resource monitor factory. @see RegistryFactory. */ REGISTER_FACTORY(FixedHeapMonitorFactory, Server::Configuration::ResourceMonitorFactory); } // namespace FixedHeapMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/fixed_heap/config.h ================================================ #pragma once #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.h" #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.validate.h" #include "envoy/server/resource_monitor_config.h" #include "extensions/resource_monitors/common/factory_base.h" #include "extensions/resource_monitors/well_known_names.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace FixedHeapMonitor { class FixedHeapMonitorFactory : public Common::FactoryBase< envoy::config::resource_monitor::fixed_heap::v2alpha::FixedHeapConfig> { public: FixedHeapMonitorFactory() : FactoryBase(ResourceMonitorNames::get().FixedHeap) {} private: Server::ResourceMonitorPtr createResourceMonitorFromProtoTyped( const envoy::config::resource_monitor::fixed_heap::v2alpha::FixedHeapConfig& config, Server::Configuration::ResourceMonitorFactoryContext& context) override; }; } // namespace FixedHeapMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.cc ================================================ #include "extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.h" #include "common/common/assert.h" #include "common/memory/stats.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace FixedHeapMonitor { uint64_t MemoryStatsReader::reservedHeapBytes() { return Memory::Stats::totalCurrentlyReserved(); } uint64_t MemoryStatsReader::unmappedHeapBytes() { return Memory::Stats::totalPageHeapUnmapped(); } FixedHeapMonitor::FixedHeapMonitor( const envoy::config::resource_monitor::fixed_heap::v2alpha::FixedHeapConfig& config, std::unique_ptr stats) : max_heap_(config.max_heap_size_bytes()), stats_(std::move(stats)) { ASSERT(max_heap_ > 0); } void FixedHeapMonitor::updateResourceUsage(Server::ResourceMonitor::Callbacks& callbacks) { const size_t physical = stats_->reservedHeapBytes(); const size_t unmapped = stats_->unmappedHeapBytes(); ASSERT(physical >= unmapped); const size_t used = physical - unmapped; Server::ResourceUsage usage; usage.resource_pressure_ = used / static_cast(max_heap_); callbacks.onSuccess(usage); } } // namespace FixedHeapMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h ================================================ #pragma once #include "envoy/config/resource_monitor/fixed_heap/v2alpha/fixed_heap.pb.h" #include "envoy/server/resource_monitor.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace FixedHeapMonitor { /** * Helper class for getting memory heap stats. */ class MemoryStatsReader { public: MemoryStatsReader() = default; virtual ~MemoryStatsReader() = default; // Memory reserved for the process by the heap. virtual uint64_t reservedHeapBytes(); // Memory in free, unmapped pages in the page heap. virtual uint64_t unmappedHeapBytes(); }; /** * Heap memory monitor with a statically configured maximum. */ class FixedHeapMonitor : public Server::ResourceMonitor { public: FixedHeapMonitor( const envoy::config::resource_monitor::fixed_heap::v2alpha::FixedHeapConfig& config, std::unique_ptr stats = std::make_unique()); void updateResourceUsage(Server::ResourceMonitor::Callbacks& callbacks) override; private: const uint64_t max_heap_; std::unique_ptr stats_; }; } // namespace FixedHeapMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/injected_resource/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "injected_resource_monitor", srcs = ["injected_resource_monitor.cc"], hdrs = ["injected_resource_monitor.h"], deps = [ "//include/envoy/api:api_interface", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/server:resource_monitor_config_interface", "//source/common/common:assert_lib", "@envoy_api//envoy/config/resource_monitor/injected_resource/v2alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], security_posture = "data_plane_agnostic", status = "alpha", deps = [ ":injected_resource_monitor", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/extensions/resource_monitors:well_known_names", "//source/extensions/resource_monitors/common:factory_base_lib", "@envoy_api//envoy/config/resource_monitor/injected_resource/v2alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/resource_monitors/injected_resource/config.cc ================================================ #include "extensions/resource_monitors/injected_resource/config.h" #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.h" #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.validate.h" #include "envoy/registry/registry.h" #include "common/protobuf/utility.h" #include "extensions/resource_monitors/injected_resource/injected_resource_monitor.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace InjectedResourceMonitor { Server::ResourceMonitorPtr InjectedResourceMonitorFactory::createResourceMonitorFromProtoTyped( const envoy::config::resource_monitor::injected_resource::v2alpha::InjectedResourceConfig& config, Server::Configuration::ResourceMonitorFactoryContext& context) { return std::make_unique(config, context); } /** * Static registration for the injected resource monitor factory. @see RegistryFactory. */ REGISTER_FACTORY(InjectedResourceMonitorFactory, Server::Configuration::ResourceMonitorFactory); } // namespace InjectedResourceMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/injected_resource/config.h ================================================ #pragma once #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.h" #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.validate.h" #include "envoy/server/resource_monitor_config.h" #include "extensions/resource_monitors/common/factory_base.h" #include "extensions/resource_monitors/well_known_names.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace InjectedResourceMonitor { class InjectedResourceMonitorFactory : public Common::FactoryBase< envoy::config::resource_monitor::injected_resource::v2alpha::InjectedResourceConfig> { public: InjectedResourceMonitorFactory() : FactoryBase(ResourceMonitorNames::get().InjectedResource) {} private: Server::ResourceMonitorPtr createResourceMonitorFromProtoTyped( const envoy::config::resource_monitor::injected_resource::v2alpha::InjectedResourceConfig& config, Server::Configuration::ResourceMonitorFactoryContext& context) override; }; } // namespace InjectedResourceMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/injected_resource/injected_resource_monitor.cc ================================================ #include "extensions/resource_monitors/injected_resource/injected_resource_monitor.h" #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.h" #include "common/common/assert.h" #include "absl/strings/numbers.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace InjectedResourceMonitor { InjectedResourceMonitor::InjectedResourceMonitor( const envoy::config::resource_monitor::injected_resource::v2alpha::InjectedResourceConfig& config, Server::Configuration::ResourceMonitorFactoryContext& context) : filename_(config.filename()), file_changed_(true), watcher_(context.dispatcher().createFilesystemWatcher()), api_(context.api()) { watcher_->addWatch(filename_, Filesystem::Watcher::Events::MovedTo, [this](uint32_t) { onFileChanged(); }); } void InjectedResourceMonitor::onFileChanged() { file_changed_ = true; } void InjectedResourceMonitor::updateResourceUsage(Server::ResourceMonitor::Callbacks& callbacks) { if (file_changed_) { file_changed_ = false; try { const std::string contents = api_.fileSystem().fileReadToEnd(filename_); double pressure; if (absl::SimpleAtod(contents, &pressure)) { if (pressure < 0 || pressure > 1) { throw EnvoyException("pressure out of range"); } pressure_ = pressure; error_.reset(); } else { throw EnvoyException("failed to parse injected resource pressure"); } } catch (const EnvoyException& error) { error_ = error; pressure_.reset(); } } ASSERT(pressure_.has_value() != error_.has_value()); if (pressure_.has_value()) { callbacks.onSuccess({*pressure_}); } else { callbacks.onFailure(*error_); } } } // namespace InjectedResourceMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/injected_resource/injected_resource_monitor.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/config/resource_monitor/injected_resource/v2alpha/injected_resource.pb.h" #include "envoy/filesystem/filesystem.h" #include "envoy/server/resource_monitor.h" #include "envoy/server/resource_monitor_config.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { namespace InjectedResourceMonitor { /** * A monitor for an injected resource. The resource pressure is read from a text file * specified in the config, which must contain a floating-point number in the range * [0..1] and be updated atomically by a symbolic link swap. * This is intended primarily for integration tests to force Envoy into an overloaded state. */ class InjectedResourceMonitor : public Server::ResourceMonitor { public: InjectedResourceMonitor( const envoy::config::resource_monitor::injected_resource::v2alpha::InjectedResourceConfig& config, Server::Configuration::ResourceMonitorFactoryContext& context); // Server::ResourceMonitor void updateResourceUsage(Server::ResourceMonitor::Callbacks& callbacks) override; protected: virtual void onFileChanged(); private: const std::string filename_; bool file_changed_; Filesystem::WatcherPtr watcher_; absl::optional pressure_; absl::optional error_; Api::Api& api_; }; } // namespace InjectedResourceMonitor } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/resource_monitors/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace ResourceMonitors { /** * Well-known resource monitor names. * NOTE: New resource monitors should use the well known name: envoy.resource_monitors.name. */ class ResourceMonitorNameValues { public: // Heap monitor with statically configured max. const std::string FixedHeap = "envoy.resource_monitors.fixed_heap"; // File-based injected resource monitor. const std::string InjectedResource = "envoy.resource_monitors.injected_resource"; }; using ResourceMonitorNames = ConstSingleton; } // namespace ResourceMonitors } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_canary_hosts/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "omit_canary_hosts_predicate_lib", hdrs = ["omit_canary_hosts.h"], deps = [ "//include/envoy/upstream:retry_interface", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":omit_canary_hosts_predicate_lib", "//include/envoy/registry", "//include/envoy/upstream:retry_interface", "@envoy_api//envoy/config/retry/omit_canary_hosts/v2:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/retry/host/omit_canary_hosts/config.cc ================================================ #include "extensions/retry/host/omit_canary_hosts/config.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { REGISTER_FACTORY(OmitCanaryHostsRetryPredicateFactory, Upstream::RetryHostPredicateFactory); } } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_canary_hosts/config.h ================================================ #include "envoy/config/retry/omit_canary_hosts/v2/omit_canary_hosts.pb.validate.h" #include "envoy/upstream/retry.h" #include "extensions/retry/host/omit_canary_hosts/omit_canary_hosts.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { class OmitCanaryHostsRetryPredicateFactory : public Upstream::RetryHostPredicateFactory { public: Upstream::RetryHostPredicateSharedPtr createHostPredicate(const Protobuf::Message&, uint32_t) override { return std::make_shared(); } std::string name() const override { return "envoy.retry_host_predicates.omit_canary_hosts"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::config::retry::omit_canary_hosts::v2::OmitCanaryHostsPredicate>(); } }; } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_canary_hosts/omit_canary_hosts.h ================================================ #pragma once #include "envoy/upstream/retry.h" #include "envoy/upstream/upstream.h" namespace Envoy { class OmitCanaryHostsRetryPredicate : public Upstream::RetryHostPredicate { public: bool shouldSelectAnotherHost(const Upstream::Host& candidate_host) override { return candidate_host.canary(); } void onHostAttempted(Upstream::HostDescriptionConstSharedPtr) override {} }; } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_host_metadata/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "omit_host_metadata_predicate_lib", srcs = ["omit_host_metadata.cc"], hdrs = ["omit_host_metadata.h"], deps = [ "//include/envoy/upstream:retry_interface", "//source/common/config:well_known_names", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":omit_host_metadata_predicate_lib", "//include/envoy/registry", "//include/envoy/upstream:retry_interface", "//source/common/protobuf", "@envoy_api//envoy/extensions/retry/host/omit_host_metadata/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/retry/host/omit_host_metadata/config.cc ================================================ #include "extensions/retry/host/omit_host_metadata/config.h" #include "envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.pb.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" #include "common/protobuf/message_validator_impl.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { Upstream::RetryHostPredicateSharedPtr OmitHostsRetryPredicateFactory::createHostPredicate(const Protobuf::Message& config, uint32_t) { return std::make_shared( MessageUtil::downcastAndValidate< const envoy::extensions::retry::host::omit_host_metadata::v3::OmitHostMetadataConfig&>( config, ProtobufMessage::getStrictValidationVisitor()) .metadata_match()); } REGISTER_FACTORY(OmitHostsRetryPredicateFactory, Upstream::RetryHostPredicateFactory); } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_host_metadata/config.h ================================================ #pragma once #include "envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.pb.h" #include "envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.pb.validate.h" #include "envoy/upstream/retry.h" #include "extensions/retry/host/omit_host_metadata/omit_host_metadata.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { class OmitHostsRetryPredicateFactory : public Upstream::RetryHostPredicateFactory { public: Upstream::RetryHostPredicateSharedPtr createHostPredicate(const Protobuf::Message& config, uint32_t retry_count) override; std::string name() const override { return "envoy.retry_host_predicates.omit_host_metadata"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr( new envoy::extensions::retry::host::omit_host_metadata::v3::OmitHostMetadataConfig()); } }; } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_host_metadata/omit_host_metadata.cc ================================================ #include "extensions/retry/host/omit_host_metadata/omit_host_metadata.h" #include "common/config/metadata.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { bool OmitHostsRetryPredicate::shouldSelectAnotherHost(const Upstream::Host& host) { // Note: The additional check to verify if the labelSet is empty is performed since // metadataLabelMatch returns true in case of an empty labelSet. However, for an empty labelSet, // i.e. if there is no matching criteria defined, this method should return false. return !labelSet_.empty() && Envoy::Config::Metadata::metadataLabelMatch( labelSet_, host.metadata().get(), Envoy::Config::MetadataFilters::get().ENVOY_LB, true); } } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h ================================================ #pragma once #include "envoy/upstream/retry.h" #include "envoy/upstream/upstream.h" #include "common/config/well_known_names.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { class OmitHostsRetryPredicate : public Upstream::RetryHostPredicate { public: explicit OmitHostsRetryPredicate(const envoy::config::core::v3::Metadata& metadata_match_criteria) : metadata_match_criteria_(metadata_match_criteria) { const auto& filter_it = metadata_match_criteria_.filter_metadata().find( Envoy::Config::MetadataFilters::get().ENVOY_LB); if (filter_it != metadata_match_criteria_.filter_metadata().end()) { for (auto const& it : filter_it->second.fields()) { labelSet_.push_back(it); } } } bool shouldSelectAnotherHost(const Upstream::Host& host) override; void onHostAttempted(Upstream::HostDescriptionConstSharedPtr) override {} private: const envoy::config::core::v3::Metadata metadata_match_criteria_; std::vector> labelSet_; }; } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/previous_hosts/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "previous_hosts_predicate_lib", hdrs = ["previous_hosts.h"], deps = [ "//include/envoy/upstream:retry_interface", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":previous_hosts_predicate_lib", "//include/envoy/registry", "//include/envoy/upstream:retry_interface", "@envoy_api//envoy/config/retry/previous_hosts/v2:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/retry/host/previous_hosts/config.cc ================================================ #include "extensions/retry/host/previous_hosts/config.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { REGISTER_FACTORY(PreviousHostsRetryPredicateFactory, Upstream::RetryHostPredicateFactory); } } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/previous_hosts/config.h ================================================ #pragma once #include "envoy/config/retry/previous_hosts/v2/previous_hosts.pb.validate.h" #include "envoy/upstream/retry.h" #include "extensions/retry/host/previous_hosts/previous_hosts.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Host { class PreviousHostsRetryPredicateFactory : public Upstream::RetryHostPredicateFactory { public: Upstream::RetryHostPredicateSharedPtr createHostPredicate(const Protobuf::Message&, uint32_t retry_count) override { return std::make_shared(retry_count); } std::string name() const override { return "envoy.retry_host_predicates.previous_hosts"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } }; } // namespace Host } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/host/previous_hosts/previous_hosts.h ================================================ #pragma once #include "envoy/upstream/retry.h" #include "envoy/upstream/upstream.h" namespace Envoy { class PreviousHostsRetryPredicate : public Upstream::RetryHostPredicate { public: PreviousHostsRetryPredicate(uint32_t retry_count) : attempted_hosts_(retry_count) {} bool shouldSelectAnotherHost(const Upstream::Host& candidate_host) override { return std::find(attempted_hosts_.begin(), attempted_hosts_.end(), &candidate_host) != attempted_hosts_.end(); } void onHostAttempted(Upstream::HostDescriptionConstSharedPtr attempted_host) override { attempted_hosts_.emplace_back(attempted_host.get()); } private: std::vector attempted_hosts_; }; } // namespace Envoy ================================================ FILE: source/extensions/retry/priority/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/retry/priority/previous_priorities/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "previous_priorities_lib", srcs = ["previous_priorities.cc"], hdrs = ["previous_priorities.h"], deps = [ "//include/envoy/upstream:retry_interface", "//source/common/upstream:load_balancer_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":previous_priorities_lib", "//include/envoy/registry", "//include/envoy/upstream:retry_interface", "//source/common/protobuf", "//source/extensions/retry/priority:well_known_names", "@envoy_api//envoy/config/retry/previous_priorities:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/retry/priority/previous_priorities/config.cc ================================================ #include "extensions/retry/priority/previous_priorities/config.h" #include "envoy/config/retry/previous_priorities/previous_priorities_config.pb.h" #include "envoy/config/retry/previous_priorities/previous_priorities_config.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Priority { Upstream::RetryPrioritySharedPtr PreviousPrioritiesRetryPriorityFactory::createRetryPriority( const Protobuf::Message& config, ProtobufMessage::ValidationVisitor& validation_visitor, uint32_t max_retries) { return std::make_shared( MessageUtil::downcastAndValidate< const envoy::config::retry::previous_priorities::PreviousPrioritiesConfig&>( config, validation_visitor) .update_frequency(), max_retries); } REGISTER_FACTORY(PreviousPrioritiesRetryPriorityFactory, Upstream::RetryPriorityFactory); } // namespace Priority } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/priority/previous_priorities/config.h ================================================ #pragma once #include "envoy/config/retry/previous_priorities/previous_priorities_config.pb.h" #include "envoy/upstream/retry.h" #include "common/protobuf/protobuf.h" #include "extensions/retry/priority/previous_priorities/previous_priorities.h" #include "extensions/retry/priority/well_known_names.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Priority { class PreviousPrioritiesRetryPriorityFactory : public Upstream::RetryPriorityFactory { public: Upstream::RetryPrioritySharedPtr createRetryPriority(const Protobuf::Message& config, ProtobufMessage::ValidationVisitor& validation_visitor, uint32_t max_retries) override; std::string name() const override { return RetryPriorityValues::get().PreviousPrioritiesRetryPriority; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr( new envoy::config::retry::previous_priorities::PreviousPrioritiesConfig()); } }; } // namespace Priority } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/priority/previous_priorities/previous_priorities.cc ================================================ #include "extensions/retry/priority/previous_priorities/previous_priorities.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Priority { const Upstream::HealthyAndDegradedLoad& PreviousPrioritiesRetryPriority::determinePriorityLoad( const Upstream::PrioritySet& priority_set, const Upstream::HealthyAndDegradedLoad& original_priority_load, const PriorityMappingFunc& priority_mapping_func) { // If we've not seen enough retries to modify the priority load, just // return the original. // If this retry should trigger an update, recalculate the priority load by excluding attempted // priorities. if (attempted_hosts_.size() < update_frequency_) { return original_priority_load; } else if (attempted_hosts_.size() % update_frequency_ == 0) { if (excluded_priorities_.size() < priority_set.hostSetsPerPriority().size()) { excluded_priorities_.resize(priority_set.hostSetsPerPriority().size()); } for (const auto& host : attempted_hosts_) { absl::optional mapped_host_priority = priority_mapping_func(*host); if (mapped_host_priority.has_value()) { excluded_priorities_[mapped_host_priority.value()] = true; } } if (!adjustForAttemptedPriorities(priority_set)) { return original_priority_load; } } return per_priority_load_; } bool PreviousPrioritiesRetryPriority::adjustForAttemptedPriorities( const Upstream::PrioritySet& priority_set) { for (auto& host_set : priority_set.hostSetsPerPriority()) { recalculatePerPriorityState(host_set->priority(), priority_set); } std::vector adjusted_per_priority_health(per_priority_health_.get().size(), 0); std::vector adjusted_per_priority_degraded(per_priority_degraded_.get().size(), 0); auto total_availability = adjustedAvailability(adjusted_per_priority_health, adjusted_per_priority_degraded); // If there are no available priorities left, we reset the attempted priorities and recompute the // adjusted availability. // This allows us to fall back to the unmodified priority load when we run out of priorities // instead of failing to route requests. if (total_availability == 0) { for (auto excluded_priority : excluded_priorities_) { excluded_priority = false; } attempted_hosts_.clear(); total_availability = adjustedAvailability(adjusted_per_priority_health, adjusted_per_priority_degraded); } // If total availability is still zero at this point, it must mean that all clusters are // completely unavailable. If so, fall back to using the original priority loads. This maintains // whatever handling the default LB uses when all priorities are unavailable. if (total_availability == 0) { return false; } std::fill(per_priority_load_.healthy_priority_load_.get().begin(), per_priority_load_.healthy_priority_load_.get().end(), 0); std::fill(per_priority_load_.degraded_priority_load_.get().begin(), per_priority_load_.degraded_priority_load_.get().end(), 0); // TODO(snowp): This code is basically distributeLoad from load_balancer_impl.cc, should probably // reuse that. // We then adjust the load by rebalancing priorities with the adjusted availability values. size_t total_load = 100; // The outer loop is used to eliminate rounding errors: any remaining load will be assigned to the // first availability priority. while (total_load != 0) { for (size_t i = 0; i < adjusted_per_priority_health.size(); ++i) { // Now assign as much load as possible to the high priority levels and cease assigning load // when total_load runs out. const auto delta = std::min(total_load, adjusted_per_priority_health[i] * 100 / total_availability); per_priority_load_.healthy_priority_load_.get()[i] += delta; total_load -= delta; } for (size_t i = 0; i < adjusted_per_priority_degraded.size(); ++i) { // Now assign as much load as possible to the high priority levels and cease assigning load // when total_load runs out. const auto delta = std::min(total_load, adjusted_per_priority_degraded[i] * 100 / total_availability); per_priority_load_.degraded_priority_load_.get()[i] += delta; total_load -= delta; } } return true; } uint32_t PreviousPrioritiesRetryPriority::adjustedAvailability( std::vector& adjusted_per_priority_health, std::vector& adjusted_per_priority_degraded) const { // Create an adjusted view of the priorities, where attempted priorities are given a zero load. // Create an adjusted health view of the priorities, where attempted priorities are // given a zero weight. uint32_t total_availability = 0; ASSERT(per_priority_health_.get().size() == per_priority_degraded_.get().size()); for (size_t i = 0; i < per_priority_health_.get().size(); ++i) { if (!excluded_priorities_[i]) { adjusted_per_priority_health[i] = per_priority_health_.get()[i]; adjusted_per_priority_degraded[i] = per_priority_degraded_.get()[i]; total_availability += per_priority_health_.get()[i]; total_availability += per_priority_degraded_.get()[i]; } else { adjusted_per_priority_health[i] = 0; adjusted_per_priority_degraded[i] = 0; } } return std::min(total_availability, 100u); } } // namespace Priority } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/priority/previous_priorities/previous_priorities.h ================================================ #pragma once #include "envoy/upstream/retry.h" #include "common/upstream/load_balancer_impl.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Priority { class PreviousPrioritiesRetryPriority : public Upstream::RetryPriority { public: PreviousPrioritiesRetryPriority(uint32_t update_frequency, uint32_t max_retries) : update_frequency_(update_frequency) { attempted_hosts_.reserve(max_retries); } const Upstream::HealthyAndDegradedLoad& determinePriorityLoad(const Upstream::PrioritySet& priority_set, const Upstream::HealthyAndDegradedLoad& original_priority_load, const PriorityMappingFunc& priority_mapping_func) override; void onHostAttempted(Upstream::HostDescriptionConstSharedPtr attempted_host) override { attempted_hosts_.emplace_back(attempted_host); } private: void recalculatePerPriorityState(uint32_t priority, const Upstream::PrioritySet& priority_set) { // Recalculate health and priority the same way the load balancer does it. Upstream::LoadBalancerBase::recalculatePerPriorityState( priority, priority_set, per_priority_load_, per_priority_health_, per_priority_degraded_); } uint32_t adjustedAvailability(std::vector& per_priority_health, std::vector& per_priority_degraded) const; // Distributes priority load between priorities that should be considered after // excluding attempted priorities. // @return whether the adjustment was successful. If not, the original priority load should be // used. bool adjustForAttemptedPriorities(const Upstream::PrioritySet& priority_set); const uint32_t update_frequency_; std::vector attempted_hosts_; std::vector excluded_priorities_; Upstream::HealthyAndDegradedLoad per_priority_load_; Upstream::HealthyAvailability per_priority_health_; Upstream::DegradedAvailability per_priority_degraded_; }; } // namespace Priority } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/retry/priority/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Retry { namespace Priority { /** * Well-known retry priority load names. */ class RetryPriorityNameValues { public: // Previous priority retry priority. Excludes previously attempted priorities during retries. const std::string PreviousPrioritiesRetryPriority = "envoy.retry_priorities.previous_priorities"; }; using RetryPriorityValues = ConstSingleton; } // namespace Priority } // namespace Retry } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/stat_sinks/common/statsd/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "statsd_lib", srcs = ["statsd.cc"], hdrs = ["statsd.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:connection_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/network:address_lib", ], ) ================================================ FILE: source/extensions/stat_sinks/common/statsd/statsd.cc ================================================ #include "extensions/stat_sinks/common/statsd/statsd.h" #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/event/dispatcher.h" #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" #include "common/api/os_sys_calls_impl.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/network/socket_interface.h" #include "common/network/utility.h" #include "common/stats/symbol_table_impl.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Common { namespace Statsd { UdpStatsdSink::WriterImpl::WriterImpl(UdpStatsdSink& parent) : parent_(parent), io_handle_(Network::ioHandleForAddr(Network::Socket::Type::Datagram, parent_.server_address_)) {} void UdpStatsdSink::WriterImpl::write(const std::string& message) { // TODO(mattklein123): We can avoid this const_cast pattern by having a constant variant of // RawSlice. This can be fixed elsewhere as well. Buffer::RawSlice slice{const_cast(message.c_str()), message.size()}; Network::Utility::writeToSocket(*io_handle_, &slice, 1, nullptr, *parent_.server_address_); } void UdpStatsdSink::WriterImpl::writeBuffer(Buffer::Instance& data) { Network::Utility::writeToSocket(*io_handle_, data, nullptr, *parent_.server_address_); } UdpStatsdSink::UdpStatsdSink(ThreadLocal::SlotAllocator& tls, Network::Address::InstanceConstSharedPtr address, const bool use_tag, const std::string& prefix, absl::optional buffer_size) : tls_(tls.allocateSlot()), server_address_(std::move(address)), use_tag_(use_tag), prefix_(prefix.empty() ? Statsd::getDefaultPrefix() : prefix), buffer_size_(buffer_size.value_or(0)) { tls_->set([this](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(*this); }); } void UdpStatsdSink::flush(Stats::MetricSnapshot& snapshot) { Writer& writer = tls_->getTyped(); Buffer::OwnedImpl buffer; for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { const std::string counter_str = absl::StrCat(prefix_, ".", getName(counter.counter_.get()), ":", counter.delta_, "|c", buildTagStr(counter.counter_.get().tags())); writeBuffer(buffer, writer, counter_str); } } for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { const std::string gauge_str = absl::StrCat(prefix_, ".", getName(gauge.get()), ":", gauge.get().value(), "|g", buildTagStr(gauge.get().tags())); writeBuffer(buffer, writer, gauge_str); } } flushBuffer(buffer, writer); // TODO(efimki): Add support of text readouts stats. } void UdpStatsdSink::writeBuffer(Buffer::OwnedImpl& buffer, Writer& writer, const std::string& statsd_metric) const { if (statsd_metric.length() >= buffer_size_) { // Our statsd_metric is too large to fit into the buffer, skip buffering and write directly writer.write(statsd_metric); } else { if ((buffer.length() + statsd_metric.length() + 1) > buffer_size_) { // If we add the new statsd_metric, we'll overflow our buffer. Flush the buffer to make // room for the new statsd_metric. flushBuffer(buffer, writer); } else if (buffer.length() > 0) { // We have room and have metrics already in the buffer, add a newline to separate // metric entries. buffer.add("\n"); } buffer.add(statsd_metric); } } void UdpStatsdSink::flushBuffer(Buffer::OwnedImpl& buffer, Writer& writer) const { if (buffer.length() == 0) { return; } writer.writeBuffer(buffer); buffer.drain(buffer.length()); } void UdpStatsdSink::onHistogramComplete(const Stats::Histogram& histogram, uint64_t value) { // For statsd histograms are all timers in milliseconds, Envoy histograms are however // not necessarily timers in milliseconds, for Envoy histograms suffixed with their corresponding // SI unit symbol this is acceptable, but for histograms without a suffix, especially those which // are timers but record in units other than milliseconds, it may make sense to scale the value to // milliseconds here and potentially suffix the names accordingly (minus the pre-existing ones for // backwards compatibility). const std::string message(absl::StrCat(prefix_, ".", getName(histogram), ":", std::chrono::milliseconds(value).count(), "|ms", buildTagStr(histogram.tags()))); tls_->getTyped().write(message); } const std::string UdpStatsdSink::getName(const Stats::Metric& metric) const { if (use_tag_) { return metric.tagExtractedName(); } else { return metric.name(); } } const std::string UdpStatsdSink::buildTagStr(const std::vector& tags) const { if (!use_tag_ || tags.empty()) { return ""; } std::vector tag_strings; tag_strings.reserve(tags.size()); for (const Stats::Tag& tag : tags) { tag_strings.emplace_back(tag.name_ + ":" + tag.value_); } return "|#" + absl::StrJoin(tag_strings, ","); } TcpStatsdSink::TcpStatsdSink(const LocalInfo::LocalInfo& local_info, const std::string& cluster_name, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, const std::string& prefix) : prefix_(prefix.empty() ? Statsd::getDefaultPrefix() : prefix), tls_(tls.allocateSlot()), cluster_manager_(cluster_manager), cx_overflow_stat_(scope.counterFromStatName( Stats::StatNameManagedStorage("statsd.cx_overflow", scope.symbolTable()).statName())) { Config::Utility::checkClusterAndLocalInfo("tcp statsd", cluster_name, cluster_manager, local_info); cluster_info_ = cluster_manager.get(cluster_name)->info(); tls_->set([this](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(*this, dispatcher); }); } void TcpStatsdSink::flush(Stats::MetricSnapshot& snapshot) { TlsSink& tls_sink = tls_->getTyped(); tls_sink.beginFlush(true); for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { tls_sink.flushCounter(counter.counter_.get().name(), counter.delta_); } } for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { tls_sink.flushGauge(gauge.get().name(), gauge.get().value()); } } // TODO(efimki): Add support of text readouts stats. tls_sink.endFlush(true); } TcpStatsdSink::TlsSink::TlsSink(TcpStatsdSink& parent, Event::Dispatcher& dispatcher) : parent_(parent), dispatcher_(dispatcher) {} TcpStatsdSink::TlsSink::~TlsSink() { if (connection_) { connection_->close(Network::ConnectionCloseType::NoFlush); } } void TcpStatsdSink::TlsSink::beginFlush(bool expect_empty_buffer) { ASSERT(!expect_empty_buffer || buffer_.length() == 0); ASSERT(current_slice_mem_ == nullptr); uint64_t num_iovecs = buffer_.reserve(FLUSH_SLICE_SIZE_BYTES, ¤t_buffer_slice_, 1); ASSERT(num_iovecs == 1); ASSERT(current_buffer_slice_.len_ >= FLUSH_SLICE_SIZE_BYTES); current_slice_mem_ = reinterpret_cast(current_buffer_slice_.mem_); } void TcpStatsdSink::TlsSink::commonFlush(const std::string& name, uint64_t value, char stat_type) { ASSERT(current_slice_mem_ != nullptr); // 36 > 1 ("." after prefix) + 1 (":" after name) + 4 (postfix chars, e.g., "|ms\n") + 30 for // number (bigger than it will ever be) const uint32_t max_size = name.size() + parent_.getPrefix().size() + 36; if (current_buffer_slice_.len_ - usedBuffer() < max_size) { endFlush(false); beginFlush(false); } // Produces something like "envoy.{}:{}|c\n" // This written this way for maximum perf since with a large number of stats and at a high flush // rate this can become expensive. const char* snapped_current = current_slice_mem_; memcpy(current_slice_mem_, parent_.getPrefix().c_str(), parent_.getPrefix().size()); current_slice_mem_ += parent_.getPrefix().size(); *current_slice_mem_++ = '.'; memcpy(current_slice_mem_, name.c_str(), name.size()); current_slice_mem_ += name.size(); *current_slice_mem_++ = ':'; current_slice_mem_ += StringUtil::itoa(current_slice_mem_, 30, value); *current_slice_mem_++ = '|'; *current_slice_mem_++ = stat_type; *current_slice_mem_++ = '\n'; ASSERT(static_cast(current_slice_mem_ - snapped_current) < max_size); } void TcpStatsdSink::TlsSink::flushCounter(const std::string& name, uint64_t delta) { commonFlush(name, delta, 'c'); } void TcpStatsdSink::TlsSink::flushGauge(const std::string& name, uint64_t value) { commonFlush(name, value, 'g'); } void TcpStatsdSink::TlsSink::endFlush(bool do_write) { ASSERT(current_slice_mem_ != nullptr); current_buffer_slice_.len_ = usedBuffer(); buffer_.commit(¤t_buffer_slice_, 1); current_slice_mem_ = nullptr; if (do_write) { write(buffer_); ASSERT(buffer_.length() == 0); } } void TcpStatsdSink::TlsSink::onEvent(Network::ConnectionEvent event) { if (event == Network::ConnectionEvent::LocalClose || event == Network::ConnectionEvent::RemoteClose) { dispatcher_.deferredDelete(std::move(connection_)); } } void TcpStatsdSink::TlsSink::onTimespanComplete(const std::string& name, std::chrono::milliseconds ms) { // Ultimately it would be nice to perf optimize this path also, but it's not very frequent. It's // also currently not possible that this interleaves with any counter/gauge flushing. // See the comment at UdpStatsdSink::onHistogramComplete with respect to unit suffixes. ASSERT(current_slice_mem_ == nullptr); Buffer::OwnedImpl buffer( fmt::format("{}.{}:{}|ms\n", parent_.getPrefix().c_str(), name, ms.count())); write(buffer); } void TcpStatsdSink::TlsSink::write(Buffer::Instance& buffer) { // Guard against the stats connection backing up. In this case we probably have no visibility // into what is going on externally, but we also increment a stat that should be viewable // locally. // NOTE: In the current implementation, we write most stats on the main thread, but timers // get emitted on the worker threads. Since this is using global buffered data, it's // possible that we are about to kill the connection that is not actually backed up. // This is essentially a panic state, so it's not worth keeping per thread buffer stats, // since if we stay over, the other threads will eventually kill their connections too. // TODO(mattklein123): The use of the stat is somewhat of a hack, and should be replaced with // real flow control callbacks once they are available. if (parent_.cluster_info_->stats().upstream_cx_tx_bytes_buffered_.value() > MAX_BUFFERED_STATS_BYTES) { if (connection_) { connection_->close(Network::ConnectionCloseType::NoFlush); } parent_.cx_overflow_stat_.inc(); buffer.drain(buffer.length()); return; } if (!connection_) { Upstream::Host::CreateConnectionData info = parent_.cluster_manager_.tcpConnForCluster(parent_.cluster_info_->name(), nullptr); if (!info.connection_) { buffer.drain(buffer.length()); return; } connection_ = std::move(info.connection_); connection_->addConnectionCallbacks(*this); connection_->setConnectionStats({parent_.cluster_info_->stats().upstream_cx_rx_bytes_total_, parent_.cluster_info_->stats().upstream_cx_rx_bytes_buffered_, parent_.cluster_info_->stats().upstream_cx_tx_bytes_total_, parent_.cluster_info_->stats().upstream_cx_tx_bytes_buffered_, &parent_.cluster_info_->stats().bind_errors_, nullptr}); connection_->connect(); } connection_->write(buffer, false); } uint64_t TcpStatsdSink::TlsSink::usedBuffer() const { ASSERT(current_slice_mem_ != nullptr); return current_slice_mem_ - reinterpret_cast(current_buffer_slice_.mem_); } } // namespace Statsd } // namespace Common } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/common/statsd/statsd.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" #include "envoy/local_info/local_info.h" #include "envoy/network/connection.h" #include "envoy/stats/histogram.h" #include "envoy/stats/scope.h" #include "envoy/stats/sink.h" #include "envoy/stats/stats.h" #include "envoy/stats/tag.h" #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/common/macros.h" #include "common/network/io_socket_handle_impl.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Common { namespace Statsd { static const std::string& getDefaultPrefix() { CONSTRUCT_ON_FIRST_USE(std::string, "envoy"); } /** * Implementation of Sink that writes to a UDP statsd address. */ class UdpStatsdSink : public Stats::Sink { public: /** * Base interface for writing UDP datagrams. */ class Writer : public ThreadLocal::ThreadLocalObject { public: virtual void write(const std::string& message) PURE; virtual void writeBuffer(Buffer::Instance& data) PURE; }; UdpStatsdSink(ThreadLocal::SlotAllocator& tls, Network::Address::InstanceConstSharedPtr address, const bool use_tag, const std::string& prefix = getDefaultPrefix(), absl::optional buffer_size = absl::nullopt); // For testing. UdpStatsdSink(ThreadLocal::SlotAllocator& tls, const std::shared_ptr& writer, const bool use_tag, const std::string& prefix = getDefaultPrefix(), absl::optional buffer_size = absl::nullopt) : tls_(tls.allocateSlot()), use_tag_(use_tag), prefix_(prefix.empty() ? getDefaultPrefix() : prefix), buffer_size_(buffer_size.value_or(0)) { tls_->set( [writer](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return writer; }); } // Stats::Sink void flush(Stats::MetricSnapshot& snapshot) override; void onHistogramComplete(const Stats::Histogram& histogram, uint64_t value) override; bool getUseTagForTest() { return use_tag_; } uint64_t getBufferSizeForTest() { return buffer_size_; } const std::string& getPrefix() { return prefix_; } private: /** * This is a simple UDP localhost writer for statsd messages. */ class WriterImpl : public Writer { public: WriterImpl(UdpStatsdSink& parent); // Writer void write(const std::string& message) override; void writeBuffer(Buffer::Instance& data) override; private: UdpStatsdSink& parent_; const Network::IoHandlePtr io_handle_; }; void flushBuffer(Buffer::OwnedImpl& buffer, Writer& writer) const; void writeBuffer(Buffer::OwnedImpl& buffer, Writer& writer, const std::string& data) const; const std::string getName(const Stats::Metric& metric) const; const std::string buildTagStr(const std::vector& tags) const; const ThreadLocal::SlotPtr tls_; const Network::Address::InstanceConstSharedPtr server_address_; const bool use_tag_; // Prefix for all flushed stats. const std::string prefix_; const uint64_t buffer_size_; }; /** * Per thread implementation of a TCP stats flusher for statsd. */ class TcpStatsdSink : public Stats::Sink { public: TcpStatsdSink(const LocalInfo::LocalInfo& local_info, const std::string& cluster_name, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, const std::string& prefix = getDefaultPrefix()); // Stats::Sink void flush(Stats::MetricSnapshot& snapshot) override; void onHistogramComplete(const Stats::Histogram& histogram, uint64_t value) override { // For statsd histograms are all timers. tls_->getTyped().onTimespanComplete(histogram.name(), std::chrono::milliseconds(value)); } const std::string& getPrefix() { return prefix_; } private: struct TlsSink : public ThreadLocal::ThreadLocalObject, public Network::ConnectionCallbacks { TlsSink(TcpStatsdSink& parent, Event::Dispatcher& dispatcher); ~TlsSink() override; void beginFlush(bool expect_empty_buffer); void commonFlush(const std::string& name, uint64_t value, char stat_type); void flushCounter(const std::string& name, uint64_t delta); void flushGauge(const std::string& name, uint64_t value); void endFlush(bool do_write); void onTimespanComplete(const std::string& name, std::chrono::milliseconds ms); uint64_t usedBuffer() const; void write(Buffer::Instance& buffer); // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} TcpStatsdSink& parent_; Event::Dispatcher& dispatcher_; Network::ClientConnectionPtr connection_; Buffer::OwnedImpl buffer_; Buffer::RawSlice current_buffer_slice_; char* current_slice_mem_{}; }; // Somewhat arbitrary 16MiB limit for buffered stats. static constexpr uint32_t MAX_BUFFERED_STATS_BYTES = (1024 * 1024 * 16); // 16KiB intermediate buffer for flushing. static constexpr uint32_t FLUSH_SLICE_SIZE_BYTES = (1024 * 16); // Prefix for all flushed stats. const std::string prefix_; Upstream::ClusterInfoConstSharedPtr cluster_info_; ThreadLocal::SlotPtr tls_; Upstream::ClusterManager& cluster_manager_; Stats::Counter& cx_overflow_stat_; }; } // namespace Statsd } // namespace Common } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/dog_statsd/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Stats sink for the DataDog (https://www.datadoghq.com/) variant of the statsd protocol # (https://docs.datadoghq.com/developers/dogstatsd/). envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", deps = [ "//include/envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", "//source/extensions/stat_sinks/common/statsd:statsd_lib", "//source/server:configuration_lib", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/stat_sinks/dog_statsd/config.cc ================================================ #include "extensions/stat_sinks/dog_statsd/config.h" #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" #include "common/network/resolver_impl.h" #include "extensions/stat_sinks/common/statsd/statsd.h" #include "extensions/stat_sinks/well_known_names.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace DogStatsd { Stats::SinkPtr DogStatsdSinkFactory::createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) { const auto& sink_config = MessageUtil::downcastAndValidate( config, server.messageValidationContext().staticValidationVisitor()); Network::Address::InstanceConstSharedPtr address = Network::Address::resolveProtoAddress(sink_config.address()); ENVOY_LOG(debug, "dog_statsd UDP ip address: {}", address->asString()); absl::optional max_bytes; if (sink_config.has_max_bytes_per_datagram()) { max_bytes = sink_config.max_bytes_per_datagram().value(); } return std::make_unique(server.threadLocal(), std::move(address), true, sink_config.prefix(), max_bytes); } ProtobufTypes::MessagePtr DogStatsdSinkFactory::createEmptyConfigProto() { return std::make_unique(); } std::string DogStatsdSinkFactory::name() const { return StatsSinkNames::get().DogStatsd; } /** * Static registration for the this sink factory. @see RegisterFactory. */ REGISTER_FACTORY(DogStatsdSinkFactory, Server::Configuration::StatsSinkFactory){"envoy.dog_statsd"}; } // namespace DogStatsd } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/dog_statsd/config.h ================================================ #pragma once #include "envoy/server/instance.h" #include "server/configuration_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace DogStatsd { /** * Config registration for the DogStatsD compatible statsd sink. @see StatsSinkFactory. */ class DogStatsdSinkFactory : Logger::Loggable, public Server::Configuration::StatsSinkFactory { public: Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace DogStatsd } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/hystrix/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Stats sink for the basic version of the hystrix protocol (https://github.com/b/hystrix_spec). envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", deps = [ ":hystrix_lib", "//include/envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", "//source/server:configuration_lib", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "hystrix_lib", srcs = ["hystrix.cc"], hdrs = ["hystrix.h"], deps = [ "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//include/envoy/stats:stats_interface", "//source/common/buffer:buffer_lib", "//source/common/common:logger_lib", "//source/common/config:well_known_names", "//source/common/http:headers_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) ================================================ FILE: source/extensions/stat_sinks/hystrix/config.cc ================================================ #include "extensions/stat_sinks/hystrix/config.h" #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" #include "common/network/resolver_impl.h" #include "extensions/stat_sinks/hystrix/hystrix.h" #include "extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Hystrix { Stats::SinkPtr HystrixSinkFactory::createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) { const auto& hystrix_sink = MessageUtil::downcastAndValidate( config, server.messageValidationContext().staticValidationVisitor()); return std::make_unique(server, hystrix_sink.num_buckets()); } ProtobufTypes::MessagePtr HystrixSinkFactory::createEmptyConfigProto() { return std::make_unique(); } std::string HystrixSinkFactory::name() const { return StatsSinkNames::get().Hystrix; } /** * Static registration for the statsd sink factory. @see RegisterFactory. */ REGISTER_FACTORY(HystrixSinkFactory, Server::Configuration::StatsSinkFactory); } // namespace Hystrix } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/hystrix/config.h ================================================ #pragma once #include #include "envoy/server/instance.h" #include "server/configuration_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Hystrix { class HystrixSinkFactory : Logger::Loggable, public Server::Configuration::StatsSinkFactory { public: // StatsSinkFactory Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; } // namespace Hystrix } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/hystrix/hystrix.cc ================================================ #include "extensions/stat_sinks/hystrix/hystrix.h" #include #include #include #include #include "envoy/stats/scope.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/config/well_known_names.h" #include "common/http/headers.h" #include "common/stats/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" #include "fmt/printf.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Hystrix { Http::RegisterCustomInlineHeader access_control_allow_origin_handle(Http::CustomHeaders::get().AccessControlAllowOrigin); Http::RegisterCustomInlineHeader access_control_allow_headers_handle(Http::CustomHeaders::get().AccessControlAllowHeaders); Http::RegisterCustomInlineHeader cache_control_handle(Http::CustomHeaders::get().CacheControl); const uint64_t HystrixSink::DEFAULT_NUM_BUCKETS; ClusterStatsCache::ClusterStatsCache(const std::string& cluster_name) : cluster_name_(cluster_name) {} void ClusterStatsCache::printToStream(std::stringstream& out_str) { const std::string cluster_name_prefix = absl::StrCat(cluster_name_, "."); printRollingWindow(absl::StrCat(cluster_name_prefix, "success"), success_, out_str); printRollingWindow(absl::StrCat(cluster_name_prefix, "errors"), errors_, out_str); printRollingWindow(absl::StrCat(cluster_name_prefix, "timeouts"), timeouts_, out_str); printRollingWindow(absl::StrCat(cluster_name_prefix, "rejected"), rejected_, out_str); printRollingWindow(absl::StrCat(cluster_name_prefix, "total"), total_, out_str); } void ClusterStatsCache::printRollingWindow(absl::string_view name, RollingWindow rolling_window, std::stringstream& out_str) { out_str << name << " | "; for (uint64_t& specific_stat_vec_itr : rolling_window) { out_str << specific_stat_vec_itr << " | "; } out_str << std::endl; } void HystrixSink::addHistogramToStream(const QuantileLatencyMap& latency_map, absl::string_view key, std::stringstream& ss) { // TODO: Consider if we better use join here ss << ", \"" << key << "\": {"; bool is_first = true; for (const auto& element : latency_map) { const std::string quantile = fmt::sprintf("%g", element.first * 100); HystrixSink::addDoubleToStream(quantile, element.second, ss, is_first); is_first = false; } ss << "}"; } // Add new value to rolling window, in place of oldest one. void HystrixSink::pushNewValue(RollingWindow& rolling_window, uint64_t value) { if (rolling_window.empty()) { rolling_window.resize(window_size_, value); } else { rolling_window[current_index_] = value; } } uint64_t HystrixSink::getRollingValue(RollingWindow rolling_window) { if (rolling_window.empty()) { return 0; } // If the counter was reset, the result is negative // better return 0, will be back to normal once one rolling window passes. if (rolling_window[current_index_] < rolling_window[(current_index_ + 1) % window_size_]) { return 0; } else { return rolling_window[current_index_] - rolling_window[(current_index_ + 1) % window_size_]; } } void HystrixSink::updateRollingWindowMap(const Upstream::ClusterInfo& cluster_info, ClusterStatsCache& cluster_stats_cache) { Upstream::ClusterStats& cluster_stats = cluster_info.stats(); Stats::Scope& cluster_stats_scope = cluster_info.statsScope(); // Combining timeouts+retries - retries are counted as separate requests // (alternative: each request including the retries counted as 1). uint64_t timeouts = cluster_stats.upstream_rq_timeout_.value() + cluster_stats.upstream_rq_per_try_timeout_.value(); pushNewValue(cluster_stats_cache.timeouts_, timeouts); // Combining errors+retry errors - retries are counted as separate requests // (alternative: each request including the retries counted as 1) // since timeouts are 504 (or 408), deduce them from here ("-" sign). // Timeout retries were not counted here anyway. uint64_t errors = cluster_stats_scope.counterFromStatName(upstream_rq_5xx_).value() + cluster_stats_scope.counterFromStatName(retry_upstream_rq_5xx_).value() + cluster_stats_scope.counterFromStatName(upstream_rq_4xx_).value() + cluster_stats_scope.counterFromStatName(retry_upstream_rq_4xx_).value() - cluster_stats.upstream_rq_timeout_.value(); pushNewValue(cluster_stats_cache.errors_, errors); uint64_t success = cluster_stats_scope.counterFromStatName(upstream_rq_2xx_).value(); pushNewValue(cluster_stats_cache.success_, success); uint64_t rejected = cluster_stats.upstream_rq_pending_overflow_.value(); pushNewValue(cluster_stats_cache.rejected_, rejected); // should not take from upstream_rq_total since it is updated before its components, // leading to wrong results such as error percentage higher than 100% uint64_t total = errors + timeouts + success + rejected; pushNewValue(cluster_stats_cache.total_, total); ENVOY_LOG(trace, "{}", printRollingWindows()); } void HystrixSink::resetRollingWindow() { cluster_stats_cache_map_.clear(); } void HystrixSink::addStringToStream(absl::string_view key, absl::string_view value, std::stringstream& info, bool is_first) { std::string quoted_value = absl::StrCat("\"", value, "\""); addInfoToStream(key, quoted_value, info, is_first); } void HystrixSink::addIntToStream(absl::string_view key, uint64_t value, std::stringstream& info, bool is_first) { addInfoToStream(key, std::to_string(value), info, is_first); } void HystrixSink::addDoubleToStream(absl::string_view key, double value, std::stringstream& info, bool is_first) { addInfoToStream(key, std::to_string(value), info, is_first); } void HystrixSink::addInfoToStream(absl::string_view key, absl::string_view value, std::stringstream& info, bool is_first) { if (!is_first) { info << ", "; } std::string added_info = absl::StrCat("\"", key, "\": ", value); info << added_info; } void HystrixSink::addHystrixCommand(ClusterStatsCache& cluster_stats_cache, absl::string_view cluster_name, uint64_t max_concurrent_requests, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, const QuantileLatencyMap& histogram, std::stringstream& ss) { std::time_t currentTime = std::chrono::system_clock::to_time_t(server_.timeSource().systemTime()); ss << "data: {"; addStringToStream("type", "HystrixCommand", ss, true); addStringToStream("name", cluster_name, ss); addStringToStream("group", "NA", ss); addIntToStream("currentTime", static_cast(currentTime), ss); addInfoToStream("isCircuitBreakerOpen", "false", ss); uint64_t errors = getRollingValue(cluster_stats_cache.errors_); uint64_t timeouts = getRollingValue(cluster_stats_cache.timeouts_); uint64_t rejected = getRollingValue(cluster_stats_cache.rejected_); uint64_t total = getRollingValue(cluster_stats_cache.total_); uint64_t error_rate = total == 0 ? 0 : (100 * (errors + timeouts + rejected)) / total; addIntToStream("errorPercentage", error_rate, ss); addIntToStream("errorCount", errors, ss); addIntToStream("requestCount", total, ss); addIntToStream("rollingCountCollapsedRequests", 0, ss); addIntToStream("rollingCountExceptionsThrown", 0, ss); addIntToStream("rollingCountFailure", errors, ss); addIntToStream("rollingCountFallbackFailure", 0, ss); addIntToStream("rollingCountFallbackRejection", 0, ss); addIntToStream("rollingCountFallbackSuccess", 0, ss); addIntToStream("rollingCountResponsesFromCache", 0, ss); // Envoy's "circuit breaker" has similar meaning to hystrix's isolation // so we count upstream_rq_pending_overflow and present it as rollingCountSemaphoreRejected addIntToStream("rollingCountSemaphoreRejected", rejected, ss); // Hystrix's short circuit is not similar to Envoy's since it is triggered by 503 responses // there is no parallel counter in Envoy since as a result of errors (outlier detection) // requests are not rejected, but rather the node is removed from load balancer healthy pool. addIntToStream("rollingCountShortCircuited", 0, ss); addIntToStream("rollingCountSuccess", getRollingValue(cluster_stats_cache.success_), ss); addIntToStream("rollingCountThreadPoolRejected", 0, ss); addIntToStream("rollingCountTimeout", timeouts, ss); addIntToStream("rollingCountBadRequests", 0, ss); addIntToStream("currentConcurrentExecutionCount", 0, ss); addStringToStream("latencyExecute_mean", "null", ss); addHistogramToStream(histogram, "latencyExecute", ss); addIntToStream("propertyValue_circuitBreakerRequestVolumeThreshold", 0, ss); addIntToStream("propertyValue_circuitBreakerSleepWindowInMilliseconds", 0, ss); addIntToStream("propertyValue_circuitBreakerErrorThresholdPercentage", 0, ss); addInfoToStream("propertyValue_circuitBreakerForceOpen", "false", ss); addInfoToStream("propertyValue_circuitBreakerForceClosed", "true", ss); addStringToStream("propertyValue_executionIsolationStrategy", "SEMAPHORE", ss); addIntToStream("propertyValue_executionIsolationThreadTimeoutInMilliseconds", 0, ss); addInfoToStream("propertyValue_executionIsolationThreadInterruptOnTimeout", "false", ss); addIntToStream("propertyValue_executionIsolationSemaphoreMaxConcurrentRequests", max_concurrent_requests, ss); addIntToStream("propertyValue_fallbackIsolationSemaphoreMaxConcurrentRequests", 0, ss); addInfoToStream("propertyValue_requestCacheEnabled", "false", ss); addInfoToStream("propertyValue_requestLogEnabled", "true", ss); addIntToStream("reportingHosts", reporting_hosts, ss); addIntToStream("propertyValue_metricsRollingStatisticalWindowInMilliseconds", rolling_window_ms.count(), ss); ss << "}" << std::endl << std::endl; } void HystrixSink::addHystrixThreadPool(absl::string_view cluster_name, uint64_t queue_size, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, std::stringstream& ss) { ss << "data: {"; addIntToStream("currentPoolSize", 0, ss, true); addIntToStream("rollingMaxActiveThreads", 0, ss); addIntToStream("currentActiveCount", 0, ss); addIntToStream("currentCompletedTaskCount", 0, ss); addIntToStream("propertyValue_queueSizeRejectionThreshold", queue_size, ss); addStringToStream("type", "HystrixThreadPool", ss); addIntToStream("reportingHosts", reporting_hosts, ss); addIntToStream("propertyValue_metricsRollingStatisticalWindowInMilliseconds", rolling_window_ms.count(), ss); addStringToStream("name", cluster_name, ss); addIntToStream("currentLargestPoolSize", 0, ss); addIntToStream("currentCorePoolSize", 0, ss); addIntToStream("currentQueueSize", 0, ss); addIntToStream("currentTaskCount", 0, ss); addIntToStream("rollingCountThreadsExecuted", 0, ss); addIntToStream("currentMaximumPoolSize", 0, ss); ss << "}" << std::endl << std::endl; } void HystrixSink::addClusterStatsToStream(ClusterStatsCache& cluster_stats_cache, absl::string_view cluster_name, uint64_t max_concurrent_requests, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, const QuantileLatencyMap& histogram, std::stringstream& ss) { addHystrixCommand(cluster_stats_cache, cluster_name, max_concurrent_requests, reporting_hosts, rolling_window_ms, histogram, ss); addHystrixThreadPool(cluster_name, max_concurrent_requests, reporting_hosts, rolling_window_ms, ss); } const std::string HystrixSink::printRollingWindows() { std::stringstream out_str; for (auto& itr : cluster_stats_cache_map_) { ClusterStatsCache& cluster_stats_cache = *(itr.second); cluster_stats_cache.printToStream(out_str); } return out_str.str(); } HystrixSink::HystrixSink(Server::Configuration::ServerFactoryContext& server, const uint64_t num_buckets) : server_(server), current_index_(num_buckets > 0 ? num_buckets : DEFAULT_NUM_BUCKETS), window_size_(current_index_ + 1), stat_name_pool_(server.scope().symbolTable()), cluster_name_(stat_name_pool_.add(Config::TagNames::get().CLUSTER_NAME)), cluster_upstream_rq_time_(stat_name_pool_.add("cluster.upstream_rq_time")), membership_total_(stat_name_pool_.add("membership_total")), retry_upstream_rq_4xx_(stat_name_pool_.add("retry.upstream_rq_4xx")), retry_upstream_rq_5xx_(stat_name_pool_.add("retry.upstream_rq_5xx")), upstream_rq_2xx_(stat_name_pool_.add("upstream_rq_2xx")), upstream_rq_4xx_(stat_name_pool_.add("upstream_rq_4xx")), upstream_rq_5xx_(stat_name_pool_.add("upstream_rq_5xx")) { Server::Admin& admin = server_.admin(); ENVOY_LOG(debug, "adding hystrix_event_stream endpoint to enable connection to hystrix dashboard"); admin.addHandler("/hystrix_event_stream", "send hystrix event stream", MAKE_ADMIN_HANDLER(handlerHystrixEventStream), false, false); } Http::Code HystrixSink::handlerHystrixEventStream(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance&, Server::AdminStream& admin_stream) { response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.TextEventStream); response_headers.setReferenceInline(cache_control_handle.handle(), Http::CustomHeaders::get().CacheControlValues.NoCache); response_headers.setReferenceConnection(Http::Headers::get().ConnectionValues.Close); response_headers.setReferenceInline(access_control_allow_headers_handle.handle(), AccessControlAllowHeadersValue.AllowHeadersHystrix); response_headers.setReferenceInline(access_control_allow_origin_handle.handle(), Http::CustomHeaders::get().AccessControlAllowOriginValue.All); Http::StreamDecoderFilterCallbacks& stream_decoder_filter_callbacks = admin_stream.getDecoderFilterCallbacks(); // Disable chunk-encoding in HTTP/1.x. if (stream_decoder_filter_callbacks.streamInfo().protocol() < Http::Protocol::Http2) { admin_stream.http1StreamEncoderOptions().value().get().disableChunkEncoding(); } registerConnection(&stream_decoder_filter_callbacks); admin_stream.setEndStreamOnComplete(false); // set streaming // Separated out just so it's easier to understand auto on_destroy_callback = [this, &stream_decoder_filter_callbacks]() { ENVOY_LOG(debug, "stopped sending data to hystrix dashboard on port {}", stream_decoder_filter_callbacks.connection()->remoteAddress()->asString()); // Unregister the callbacks from the sink so data is no longer encoded through them. unregisterConnection(&stream_decoder_filter_callbacks); }; // Add the callback to the admin_filter list of callbacks admin_stream.addOnDestroyCallback(std::move(on_destroy_callback)); ENVOY_LOG(debug, "started sending data to hystrix dashboard on port {}", stream_decoder_filter_callbacks.connection()->remoteAddress()->asString()); return Http::Code::OK; } void HystrixSink::flush(Stats::MetricSnapshot& snapshot) { if (callbacks_list_.empty()) { return; } incCounter(); std::stringstream ss; Upstream::ClusterManager::ClusterInfoMap clusters = server_.clusterManager().clusters(); // Save a map of the relevant histograms per cluster in a convenient format. absl::node_hash_map time_histograms; for (const auto& histogram : snapshot.histograms()) { if (histogram.get().tagExtractedStatName() == cluster_upstream_rq_time_) { absl::optional value = Stats::Utility::findTag(histogram.get(), cluster_name_); // Make sure we found the cluster name tag ASSERT(value); std::string value_str = server_.scope().symbolTable().toString(*value); auto it_bool_pair = time_histograms.emplace(std::make_pair(value_str, QuantileLatencyMap())); // Make sure histogram with this name was not already added ASSERT(it_bool_pair.second); QuantileLatencyMap& hist_map = it_bool_pair.first->second; const std::vector& supported_quantiles = histogram.get().intervalStatistics().supportedQuantiles(); for (size_t i = 0; i < supported_quantiles.size(); ++i) { // binary-search here is likely not worth it, as hystrix_quantiles has <10 elements. if (std::find(hystrix_quantiles.begin(), hystrix_quantiles.end(), supported_quantiles[i]) != hystrix_quantiles.end()) { const double value = histogram.get().intervalStatistics().computedQuantiles()[i]; if (!std::isnan(value)) { hist_map[supported_quantiles[i]] = value; } } } } } for (auto& cluster : clusters) { Upstream::ClusterInfoConstSharedPtr cluster_info = cluster.second.get().info(); std::unique_ptr& cluster_stats_cache_ptr = cluster_stats_cache_map_[cluster_info->name()]; if (cluster_stats_cache_ptr == nullptr) { cluster_stats_cache_ptr = std::make_unique(cluster_info->name()); } // update rolling window with cluster stats updateRollingWindowMap(*cluster_info, *cluster_stats_cache_ptr); // append it to stream to be sent addClusterStatsToStream( *cluster_stats_cache_ptr, cluster_info->name(), cluster_info->resourceManager(Upstream::ResourcePriority::Default).pendingRequests().max(), cluster_info->statsScope() .gaugeFromStatName(membership_total_, Stats::Gauge::ImportMode::NeverImport) .value(), server_.statsFlushInterval(), time_histograms[cluster_info->name()], ss); } Buffer::OwnedImpl data; for (auto callbacks : callbacks_list_) { data.add(ss.str()); callbacks->encodeData(data, false); } // send keep alive ping // TODO (@trabetti) : is it ok to send together with data? Buffer::OwnedImpl ping_data; for (auto callbacks : callbacks_list_) { ping_data.add(":\n\n"); callbacks->encodeData(ping_data, false); } // check if any clusters were removed, and remove from cache if (clusters.size() < cluster_stats_cache_map_.size()) { for (auto it = cluster_stats_cache_map_.begin(); it != cluster_stats_cache_map_.end();) { if (clusters.find(it->first) == clusters.end()) { auto next_it = std::next(it); cluster_stats_cache_map_.erase(it); it = next_it; } else { ++it; } } } } void HystrixSink::registerConnection(Http::StreamDecoderFilterCallbacks* callbacks_to_register) { callbacks_list_.emplace_back(callbacks_to_register); } void HystrixSink::unregisterConnection(Http::StreamDecoderFilterCallbacks* callbacks_to_remove) { for (auto it = callbacks_list_.begin(); it != callbacks_list_.end(); ++it) { if ((*it)->streamId() == callbacks_to_remove->streamId()) { callbacks_list_.erase(it); break; } } // If there are no callbacks, clear the map to avoid stale values or having to keep updating the // map. When a new callback is assigned, the rollingWindow is initialized with current statistics // and within RollingWindow time, the results showed in the dashboard will be reliable if (callbacks_list_.empty()) { resetRollingWindow(); } } } // namespace Hystrix } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/hystrix/hystrix.h ================================================ #pragma once #include #include #include #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "envoy/stats/histogram.h" #include "envoy/stats/sink.h" #include "common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Hystrix { using RollingWindow = std::vector; using RollingStatsMap = std::map; using QuantileLatencyMap = absl::node_hash_map; static const std::vector hystrix_quantiles = {0, 0.25, 0.5, 0.75, 0.90, 0.95, 0.99, 0.995, 1}; static const struct { absl::string_view AllowHeadersHystrix{"Accept, Cache-Control, X-Requested-With, Last-Event-ID"}; } AccessControlAllowHeadersValue; struct ClusterStatsCache { ClusterStatsCache(const std::string& cluster_name); void printToStream(std::stringstream& out_str); void printRollingWindow(absl::string_view name, RollingWindow rolling_window, std::stringstream& out_str); std::string cluster_name_; // Rolling windows RollingWindow errors_; RollingWindow success_; RollingWindow total_; RollingWindow timeouts_; RollingWindow rejected_; }; using ClusterStatsCachePtr = std::unique_ptr; class HystrixSink : public Stats::Sink, public Logger::Loggable { public: HystrixSink(Server::Configuration::ServerFactoryContext& server, uint64_t num_buckets); Http::Code handlerHystrixEventStream(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance&, Server::AdminStream& admin_stream); void flush(Stats::MetricSnapshot& snapshot) override; void onHistogramComplete(const Stats::Histogram&, uint64_t) override{}; /** * Register a new connection. */ void registerConnection(Http::StreamDecoderFilterCallbacks* callbacks_to_register); /** * Remove registered connection. */ void unregisterConnection(Http::StreamDecoderFilterCallbacks* callbacks_to_remove); /** * Add new value to top of rolling window, pushing out the oldest value. */ void pushNewValue(RollingWindow& rolling_window, uint64_t value); /** * Increment pointer of next value to add to rolling window. */ void incCounter() { current_index_ = (current_index_ + 1) % window_size_; } /** * Generate the streams to be sent to hystrix dashboard. */ void addClusterStatsToStream(ClusterStatsCache& cluster_stats_cache, absl::string_view cluster_name, uint64_t max_concurrent_requests, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, const QuantileLatencyMap& histogram, std::stringstream& ss); /** * Calculate values needed to create the stream and write into the map. */ void updateRollingWindowMap(const Upstream::ClusterInfo& cluster_info, ClusterStatsCache& cluster_stats_cache); /** * Clear map. */ void resetRollingWindow(); /** * Return string representing current state of the map. for DEBUG. */ const std::string printRollingWindows(); /** * Get the statistic's value change over the rolling window time frame. */ uint64_t getRollingValue(RollingWindow rolling_window); /** * Format the given key and value to "key"=value, and adding to the stringstream. */ static void addInfoToStream(absl::string_view key, absl::string_view value, std::stringstream& info, bool is_first = false); /** * Format the given key and double value to "key"=, and adding to the * stringstream. */ static void addDoubleToStream(absl::string_view key, double value, std::stringstream& info, bool is_first); /** * Format the given key and absl::string_view value to "key"="value", and adding to the * stringstream. */ static void addStringToStream(absl::string_view key, absl::string_view value, std::stringstream& info, bool is_first = false); /** * Format the given key and uint64_t value to "key"=, and adding to the * stringstream. */ static void addIntToStream(absl::string_view key, uint64_t value, std::stringstream& info, bool is_first = false); static void addHistogramToStream(const QuantileLatencyMap& latency_map, absl::string_view key, std::stringstream& ss); private: /** * Generate HystrixCommand event stream. */ void addHystrixCommand(ClusterStatsCache& cluster_stats_cache, absl::string_view cluster_name, uint64_t max_concurrent_requests, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, const QuantileLatencyMap& histogram, std::stringstream& ss); /** * Generate HystrixThreadPool event stream. */ void addHystrixThreadPool(absl::string_view cluster_name, uint64_t queue_size, uint64_t reporting_hosts, std::chrono::milliseconds rolling_window_ms, std::stringstream& ss); std::vector callbacks_list_; Server::Configuration::ServerFactoryContext& server_; uint64_t current_index_; const uint64_t window_size_; static const uint64_t DEFAULT_NUM_BUCKETS = 10; // Map from cluster names to a struct of all of that cluster's stat windows. absl::node_hash_map cluster_stats_cache_map_; // Saved StatNames for fast comparisons in loop. // TODO(mattklein123): Many/all of these stats should just be pulled directly from the cluster // stats directly. This needs some cleanup. Stats::StatNamePool stat_name_pool_; const Stats::StatName cluster_name_; const Stats::StatName cluster_upstream_rq_time_; const Stats::StatName membership_total_; const Stats::StatName retry_upstream_rq_4xx_; const Stats::StatName retry_upstream_rq_5xx_; const Stats::StatName upstream_rq_2xx_; const Stats::StatName upstream_rq_4xx_; const Stats::StatName upstream_rq_5xx_; }; using HystrixSinkPtr = std::unique_ptr; } // namespace Hystrix } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Stats sink for the gRPC metrics service: api/envoy/service/metrics/v2/metrics_service.proto envoy_extension_package() envoy_cc_library( name = "metrics_service_grpc_lib", srcs = ["grpc_metrics_service_impl.cc"], hdrs = ["grpc_metrics_service_impl.h"], deps = [ "//include/envoy/grpc:async_client_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/singleton:instance_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/service/metrics/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "metrics_proto_descriptors_lib", srcs = ["grpc_metrics_proto_descriptors.cc"], hdrs = ["grpc_metrics_proto_descriptors.h"], deps = [ "//source/common/common:assert_lib", "//source/common/config:api_version_lib", "//source/common/protobuf", "@envoy_api//envoy/config/metrics/v2:pkg_cc_proto", "@envoy_api//envoy/service/metrics/v2:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", deps = [ "//include/envoy/registry", "//source/common/common:assert_lib", "//source/extensions/stat_sinks:well_known_names", "//source/extensions/stat_sinks/metrics_service:metrics_proto_descriptors_lib", "//source/extensions/stat_sinks/metrics_service:metrics_service_grpc_lib", "//source/server:configuration_lib", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/stat_sinks/metrics_service/config.cc ================================================ #include "extensions/stat_sinks/metrics_service/config.h" #include "envoy/config/metrics/v3/metrics_service.pb.h" #include "envoy/config/metrics/v3/metrics_service.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/assert.h" #include "common/grpc/async_client_impl.h" #include "common/network/resolver_impl.h" #include "extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" #include "extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" #include "extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { Stats::SinkPtr MetricsServiceSinkFactory::createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) { validateProtoDescriptors(); const auto& sink_config = MessageUtil::downcastAndValidate( config, server.messageValidationContext().staticValidationVisitor()); const auto& grpc_service = sink_config.grpc_service(); const auto& transport_api_version = sink_config.transport_api_version(); ENVOY_LOG(debug, "Metrics Service gRPC service configuration: {}", grpc_service.DebugString()); std::shared_ptr grpc_metrics_streamer = std::make_shared( server.clusterManager().grpcAsyncClientManager().factoryForGrpcService( grpc_service, server.scope(), false), server.localInfo(), transport_api_version); return std::make_unique( grpc_metrics_streamer, server.timeSource(), PROTOBUF_GET_WRAPPED_OR_DEFAULT(sink_config, report_counters_as_deltas, false)); } ProtobufTypes::MessagePtr MetricsServiceSinkFactory::createEmptyConfigProto() { return std::unique_ptr( std::make_unique()); } std::string MetricsServiceSinkFactory::name() const { return StatsSinkNames::get().MetricsService; } /** * Static registration for the this sink factory. @see RegisterFactory. */ REGISTER_FACTORY(MetricsServiceSinkFactory, Server::Configuration::StatsSinkFactory){"envoy.metrics_service"}; } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/config.h ================================================ #pragma once #include "envoy/registry/registry.h" #include "envoy/server/instance.h" #include "server/configuration_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { /** * Config registration for the MetricsService stats sink. @see StatsSinkFactory. */ class MetricsServiceSinkFactory : Logger::Loggable, public Server::Configuration::StatsSinkFactory { public: Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; DECLARE_FACTORY(MetricsServiceSinkFactory); } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.cc ================================================ #include "extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" #include "envoy/config/metrics/v2/metrics_service.pb.h" #include "envoy/service/metrics/v2/metrics_service.pb.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/api_version.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { void validateProtoDescriptors() { // https://github.com/envoyproxy/envoy/issues/9639 const API_NO_BOOST(envoy::service::metrics::v2::StreamMetricsMessage) _dummy_service_v2; // https://github.com/envoyproxy/envoy/pull/9618 made it necessary to register the previous // version's config descriptor by calling ApiTypeOracle::getEarlierVersionDescriptor which has an // assertion for nullptr types. const API_NO_BOOST(envoy::config::metrics::v2::MetricsServiceConfig) _dummy_config_v2; const auto method = "envoy.service.metrics.v2.MetricsService.StreamMetrics"; RELEASE_ASSERT(Protobuf::DescriptorPool::generated_pool()->FindMethodByName(method) != nullptr, ""); const auto config = "envoy.config.metrics.v2.MetricsServiceConfig"; // Keeping this as an ASSERT because ApiTypeOracle::getEarlierVersionDescriptor also has an // ASSERT. ASSERT(Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(config) != nullptr, ""); }; } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h ================================================ #pragma once namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { // This function validates that the method descriptors for gRPC services and type descriptors that // are referenced in Any messages are available in the descriptor pool. void validateProtoDescriptors(); } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.cc ================================================ #include "extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" #include "envoy/service/metrics/v3/metrics_service.pb.h" #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/config/utility.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { GrpcMetricsStreamerImpl::GrpcMetricsStreamerImpl( Grpc::AsyncClientFactoryPtr&& factory, const LocalInfo::LocalInfo& local_info, envoy::config::core::v3::ApiVersion transport_api_version) : client_(factory->create()), local_info_(local_info), service_method_( Grpc::VersionedMethods("envoy.service.metrics.v3.MetricsService.StreamMetrics", "envoy.service.metrics.v2.MetricsService.StreamMetrics") .getMethodDescriptorForVersion(transport_api_version)), transport_api_version_(transport_api_version) {} void GrpcMetricsStreamerImpl::send(envoy::service::metrics::v3::StreamMetricsMessage& message) { if (stream_ == nullptr) { stream_ = client_->start(service_method_, *this, Http::AsyncClient::StreamOptions()); auto* identifier = message.mutable_identifier(); *identifier->mutable_node() = local_info_.node(); } if (stream_ != nullptr) { stream_->sendMessage(message, transport_api_version_, false); } } MetricsServiceSink::MetricsServiceSink(const GrpcMetricsStreamerSharedPtr& grpc_metrics_streamer, TimeSource& time_source, const bool report_counters_as_deltas) : grpc_metrics_streamer_(grpc_metrics_streamer), time_source_(time_source), report_counters_as_deltas_(report_counters_as_deltas) {} void MetricsServiceSink::flushCounter( const Stats::MetricSnapshot::CounterSnapshot& counter_snapshot) { io::prometheus::client::MetricFamily* metrics_family = message_.add_envoy_metrics(); metrics_family->set_type(io::prometheus::client::MetricType::COUNTER); metrics_family->set_name(counter_snapshot.counter_.get().name()); auto* metric = metrics_family->add_metric(); metric->set_timestamp_ms(std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count()); auto* counter_metric = metric->mutable_counter(); if (report_counters_as_deltas_) { counter_metric->set_value(counter_snapshot.delta_); } else { counter_metric->set_value(counter_snapshot.counter_.get().value()); } } void MetricsServiceSink::flushGauge(const Stats::Gauge& gauge) { io::prometheus::client::MetricFamily* metrics_family = message_.add_envoy_metrics(); metrics_family->set_type(io::prometheus::client::MetricType::GAUGE); metrics_family->set_name(gauge.name()); auto* metric = metrics_family->add_metric(); metric->set_timestamp_ms(std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count()); auto* gauge_metric = metric->mutable_gauge(); gauge_metric->set_value(gauge.value()); } void MetricsServiceSink::flushHistogram(const Stats::ParentHistogram& envoy_histogram) { // TODO(ramaraochavali): Currently we are sending both quantile information and bucket // information. We should make this configurable if it turns out that sending both affects // performance. // Add summary information for histograms. io::prometheus::client::MetricFamily* summary_metrics_family = message_.add_envoy_metrics(); summary_metrics_family->set_type(io::prometheus::client::MetricType::SUMMARY); summary_metrics_family->set_name(envoy_histogram.name()); auto* summary_metric = summary_metrics_family->add_metric(); summary_metric->set_timestamp_ms(std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count()); auto* summary = summary_metric->mutable_summary(); const Stats::HistogramStatistics& hist_stats = envoy_histogram.intervalStatistics(); for (size_t i = 0; i < hist_stats.supportedQuantiles().size(); i++) { auto* quantile = summary->add_quantile(); quantile->set_quantile(hist_stats.supportedQuantiles()[i]); quantile->set_value(hist_stats.computedQuantiles()[i]); } // Add bucket information for histograms. io::prometheus::client::MetricFamily* histogram_metrics_family = message_.add_envoy_metrics(); histogram_metrics_family->set_type(io::prometheus::client::MetricType::HISTOGRAM); histogram_metrics_family->set_name(envoy_histogram.name()); auto* histogram_metric = histogram_metrics_family->add_metric(); histogram_metric->set_timestamp_ms(std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count()); auto* histogram = histogram_metric->mutable_histogram(); histogram->set_sample_count(hist_stats.sampleCount()); histogram->set_sample_sum(hist_stats.sampleSum()); for (size_t i = 0; i < hist_stats.supportedBuckets().size(); i++) { auto* bucket = histogram->add_bucket(); bucket->set_upper_bound(hist_stats.supportedBuckets()[i]); bucket->set_cumulative_count(hist_stats.computedBuckets()[i]); } } void MetricsServiceSink::flush(Stats::MetricSnapshot& snapshot) { message_.clear_envoy_metrics(); // TODO(mrice32): there's probably some more sophisticated preallocation we can do here where we // actually preallocate the submessages and then pass ownership to the proto (rather than just // preallocating the pointer array). message_.mutable_envoy_metrics()->Reserve(snapshot.counters().size() + snapshot.gauges().size() + snapshot.histograms().size()); for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { flushCounter(counter); } } for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { flushGauge(gauge.get()); } } for (const auto& histogram : snapshot.histograms()) { if (histogram.get().used()) { flushHistogram(histogram.get()); } } grpc_metrics_streamer_->send(message_); // for perf reasons, clear the identifier after the first flush. if (message_.has_identifier()) { message_.clear_identifier(); } } } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h ================================================ #pragma once #include #include "envoy/grpc/async_client.h" #include "envoy/local_info/local_info.h" #include "envoy/network/connection.h" #include "envoy/service/metrics/v3/metrics_service.pb.h" #include "envoy/singleton/instance.h" #include "envoy/stats/histogram.h" #include "envoy/stats/sink.h" #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/grpc/typed_async_client.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace MetricsService { /** * Interface for metrics streamer. */ class GrpcMetricsStreamer : public Grpc::AsyncStreamCallbacks { public: ~GrpcMetricsStreamer() override = default; /** * Send Metrics Message. * @param message supplies the metrics to send. */ virtual void send(envoy::service::metrics::v3::StreamMetricsMessage& message) PURE; // Grpc::AsyncStreamCallbacks void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&&) override {} void onReceiveMessage(std::unique_ptr&&) override { } void onReceiveTrailingMetadata(Http::ResponseTrailerMapPtr&&) override {} void onRemoteClose(Grpc::Status::GrpcStatus, const std::string&) override{}; }; using GrpcMetricsStreamerSharedPtr = std::shared_ptr; /** * Production implementation of GrpcMetricsStreamer */ class GrpcMetricsStreamerImpl : public Singleton::Instance, public GrpcMetricsStreamer { public: GrpcMetricsStreamerImpl(Grpc::AsyncClientFactoryPtr&& factory, const LocalInfo::LocalInfo& local_info, envoy::config::core::v3::ApiVersion transport_api_version); // GrpcMetricsStreamer void send(envoy::service::metrics::v3::StreamMetricsMessage& message) override; // Grpc::AsyncStreamCallbacks void onRemoteClose(Grpc::Status::GrpcStatus, const std::string&) override { stream_ = nullptr; } private: Grpc::AsyncStream stream_{}; Grpc::AsyncClient client_; const LocalInfo::LocalInfo& local_info_; const Protobuf::MethodDescriptor& service_method_; const envoy::config::core::v3::ApiVersion transport_api_version_; }; using GrpcMetricsStreamerImplPtr = std::unique_ptr; /** * Stat Sink implementation of Metrics Service. */ class MetricsServiceSink : public Stats::Sink { public: // MetricsService::Sink MetricsServiceSink(const GrpcMetricsStreamerSharedPtr& grpc_metrics_streamer, TimeSource& time_system, const bool report_counters_as_deltas); void flush(Stats::MetricSnapshot& snapshot) override; void onHistogramComplete(const Stats::Histogram&, uint64_t) override {} void flushCounter(const Stats::MetricSnapshot::CounterSnapshot& counter_snapshot); void flushGauge(const Stats::Gauge& gauge); void flushHistogram(const Stats::ParentHistogram& envoy_histogram); private: GrpcMetricsStreamerSharedPtr grpc_metrics_streamer_; envoy::service::metrics::v3::StreamMetricsMessage message_; TimeSource& time_source_; const bool report_counters_as_deltas_; }; } // namespace MetricsService } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/statsd/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Stats sink for the basic version of the statsd protocol (https://github.com/b/statsd_spec). envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", # Legacy test use. TODO(#9953) clean up. deps = [ "//include/envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", "//source/extensions/stat_sinks/common/statsd:statsd_lib", "//source/server:configuration_lib", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/stat_sinks/statsd/config.cc ================================================ #include "extensions/stat_sinks/statsd/config.h" #include #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" #include "common/network/resolver_impl.h" #include "extensions/stat_sinks/common/statsd/statsd.h" #include "extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Statsd { Stats::SinkPtr StatsdSinkFactory::createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) { const auto& statsd_sink = MessageUtil::downcastAndValidate( config, server.messageValidationContext().staticValidationVisitor()); switch (statsd_sink.statsd_specifier_case()) { case envoy::config::metrics::v3::StatsdSink::StatsdSpecifierCase::kAddress: { Network::Address::InstanceConstSharedPtr address = Network::Address::resolveProtoAddress(statsd_sink.address()); ENVOY_LOG(debug, "statsd UDP ip address: {}", address->asString()); return std::make_unique(server.threadLocal(), std::move(address), false, statsd_sink.prefix()); } case envoy::config::metrics::v3::StatsdSink::StatsdSpecifierCase::kTcpClusterName: ENVOY_LOG(debug, "statsd TCP cluster: {}", statsd_sink.tcp_cluster_name()); return std::make_unique( server.localInfo(), statsd_sink.tcp_cluster_name(), server.threadLocal(), server.clusterManager(), server.scope(), statsd_sink.prefix()); default: // Verified by schema. NOT_REACHED_GCOVR_EXCL_LINE; } } ProtobufTypes::MessagePtr StatsdSinkFactory::createEmptyConfigProto() { return std::make_unique(); } std::string StatsdSinkFactory::name() const { return StatsSinkNames::get().Statsd; } /** * Static registration for the statsd sink factory. @see RegisterFactory. */ REGISTER_FACTORY(StatsdSinkFactory, Server::Configuration::StatsSinkFactory){"envoy.statsd"}; } // namespace Statsd } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/statsd/config.h ================================================ #pragma once #include "envoy/server/instance.h" #include "server/configuration_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Statsd { /** * Config registration for the tcp statsd sink. @see StatsSinkFactory. */ class StatsdSinkFactory : Logger::Loggable, public Server::Configuration::StatsSinkFactory { public: // StatsSinkFactory Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; }; DECLARE_FACTORY(StatsdSinkFactory); } // namespace Statsd } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/wasm/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() # Stats sink for wasm envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ ":wasm_stat_sink_lib", "//include/envoy/registry", "//include/envoy/server:factory_context_interface", "//include/envoy/server:instance_interface", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/stat_sinks:well_known_names", "//source/server:configuration_lib", "@envoy_api//envoy/extensions/stat_sinks/wasm/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "wasm_stat_sink_lib", hdrs = ["wasm_stat_sink_impl.h"], deps = [ "//include/envoy/stats:stats_interface", "//source/extensions/common/wasm:wasm_lib", ], ) ================================================ FILE: source/extensions/stat_sinks/wasm/config.cc ================================================ #include "extensions/stat_sinks/wasm/config.h" #include #include "envoy/extensions/stat_sinks/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" #include "extensions/common/wasm/wasm.h" #include "extensions/stat_sinks/wasm/wasm_stat_sink_impl.h" #include "extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Wasm { Stats::SinkPtr WasmSinkFactory::createStatsSink(const Protobuf::Message& proto_config, Server::Configuration::ServerFactoryContext& context) { const auto& config = MessageUtil::downcastAndValidate( proto_config, context.messageValidationContext().staticValidationVisitor()); auto wasm_sink = std::make_unique(config.config().root_id(), nullptr); auto plugin = std::make_shared( config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), config.config().vm_config().runtime(), Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr); auto callback = [&wasm_sink, &context, plugin](Common::Wasm::WasmHandleSharedPtr base_wasm) { if (!base_wasm) { if (plugin->fail_open_) { ENVOY_LOG(error, "Unable to create Wasm Stat Sink {}", plugin->name_); } else { ENVOY_LOG(critical, "Unable to create Wasm Stat Sink {}", plugin->name_); } return; } wasm_sink->setSingleton( Common::Wasm::getOrCreateThreadLocalWasm(base_wasm, plugin, context.dispatcher())); }; if (!Common::Wasm::createWasm( config.config().vm_config(), plugin, context.scope().createScope(""), context.clusterManager(), context.initManager(), context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm Stat Sink {}", plugin->name_)); } return wasm_sink; } ProtobufTypes::MessagePtr WasmSinkFactory::createEmptyConfigProto() { return std::make_unique(); } std::string WasmSinkFactory::name() const { return StatsSinkNames::get().Wasm; } /** * Static registration for the wasm access log. @see RegisterFactory. */ REGISTER_FACTORY(WasmSinkFactory, Server::Configuration::StatsSinkFactory); } // namespace Wasm } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/wasm/config.h ================================================ #pragma once #include #include "envoy/server/factory_context.h" #include "envoy/server/instance.h" #include "common/config/datasource.h" #include "server/configuration_impl.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Wasm { /** * Config registration for the Wasm statsd sink. @see StatSinkFactory. */ class WasmSinkFactory : Logger::Loggable, public Server::Configuration::StatsSinkFactory { public: // StatsSinkFactory Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override; private: Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; } // namespace Wasm } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h ================================================ #pragma once #include "envoy/stats/sink.h" #include "extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { namespace StatSinks { namespace Wasm { using Envoy::Extensions::Common::Wasm::WasmHandle; class WasmStatSink : public Stats::Sink { public: WasmStatSink(absl::string_view root_id, Common::Wasm::WasmHandleSharedPtr singleton) : root_id_(root_id), singleton_(std::move(singleton)) {} void flush(Stats::MetricSnapshot& snapshot) override { singleton_->wasm()->onStatsUpdate(root_id_, snapshot); } void setSingleton(Common::Wasm::WasmHandleSharedPtr singleton) { ASSERT(singleton != nullptr); singleton_ = std::move(singleton); } void onHistogramComplete(const Stats::Histogram& histogram, uint64_t value) override { (void)histogram; (void)value; } private: std::string root_id_; Common::Wasm::WasmHandleSharedPtr singleton_; }; } // namespace Wasm } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/stat_sinks/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace StatSinks { /** * Well-known stats sink names. * NOTE: New sinks should use the well known name: envoy.stat_sinks.name. */ class StatsSinkNameValues { public: // Statsd sink const std::string Statsd = "envoy.stat_sinks.statsd"; // DogStatsD compatible statsd sink const std::string DogStatsd = "envoy.stat_sinks.dog_statsd"; // MetricsService sink const std::string MetricsService = "envoy.stat_sinks.metrics_service"; // Hystrix sink const std::string Hystrix = "envoy.stat_sinks.hystrix"; // WebAssembly sink const std::string Wasm = "envoy.stat_sinks.wasm"; }; using StatsSinkNames = ConstSingleton; } // namespace StatSinks } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], deps = [ "//include/envoy/server:tracer_config_interface", "//source/common/config:utility_lib", ], ) ================================================ FILE: source/extensions/tracers/common/factory_base.h ================================================ #pragma once #include "envoy/server/tracer_config.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Common { /** * Common base class for tracer factory registrations. Removes a substantial amount of * boilerplate. */ template class FactoryBase : public Server::Configuration::TracerFactory { public: // Server::Configuration::TracerFactory Tracing::HttpTracerSharedPtr createHttpTracer(const Protobuf::Message& config, Server::Configuration::TracerFactoryContext& context) override { return createHttpTracerTyped(MessageUtil::downcastAndValidate( config, context.messageValidationVisitor()), context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return name_; } protected: FactoryBase(const std::string& name) : name_(name) {} private: virtual Tracing::HttpTracerSharedPtr createHttpTracerTyped(const ConfigProto& proto_config, Server::Configuration::TracerFactoryContext& context) PURE; const std::string name_; }; } // namespace Common } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/common/ot/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "opentracing_driver_lib", srcs = [ "opentracing_driver_impl.cc", ], hdrs = [ "opentracing_driver_impl.h", ], external_deps = ["opentracing"], deps = [ "//source/common/tracing:http_tracer_lib", ], ) ================================================ FILE: source/extensions/tracers/common/ot/opentracing_driver_impl.cc ================================================ #include "extensions/tracers/common/ot/opentracing_driver_impl.h" #include #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/base64.h" #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Common { namespace Ot { Http::RegisterCustomInlineHeader ot_span_context_handle(Http::CustomHeaders::get().OtSpanContext); namespace { class OpenTracingHTTPHeadersWriter : public opentracing::HTTPHeadersWriter { public: explicit OpenTracingHTTPHeadersWriter(Http::HeaderMap& request_headers) : request_headers_(request_headers) {} // opentracing::HTTPHeadersWriter opentracing::expected Set(opentracing::string_view key, opentracing::string_view value) const override { Http::LowerCaseString lowercase_key{key}; request_headers_.remove(lowercase_key); request_headers_.addCopy(std::move(lowercase_key), {value.data(), value.size()}); return {}; } private: Http::HeaderMap& request_headers_; }; class OpenTracingHTTPHeadersReader : public opentracing::HTTPHeadersReader { public: explicit OpenTracingHTTPHeadersReader(const Http::RequestHeaderMap& request_headers) : request_headers_(request_headers) {} using OpenTracingCb = std::function(opentracing::string_view, opentracing::string_view)>; // opentracing::HTTPHeadersReader opentracing::expected LookupKey(opentracing::string_view key) const override { const Http::HeaderEntry* entry = request_headers_.get(Http::LowerCaseString{key}); if (entry != nullptr) { return opentracing::string_view{entry->value().getStringView().data(), entry->value().getStringView().length()}; } else { return opentracing::make_unexpected(opentracing::key_not_found_error); } } opentracing::expected ForeachKey(OpenTracingCb f) const override { request_headers_.iterate(headerMapCallback(f)); return {}; } private: const Http::RequestHeaderMap& request_headers_; static Http::HeaderMap::ConstIterateCb headerMapCallback(OpenTracingCb callback) { return [callback = std::move(callback)](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { opentracing::string_view key{header.key().getStringView().data(), header.key().getStringView().length()}; opentracing::string_view value{header.value().getStringView().data(), header.value().getStringView().length()}; if (callback(key, value)) { return Http::HeaderMap::Iterate::Continue; } else { return Http::HeaderMap::Iterate::Break; } }; } }; } // namespace OpenTracingSpan::OpenTracingSpan(OpenTracingDriver& driver, std::unique_ptr&& span) : driver_{driver}, span_(std::move(span)) {} void OpenTracingSpan::finishSpan() { span_->FinishWithOptions(finish_options_); } void OpenTracingSpan::setOperation(absl::string_view operation) { span_->SetOperationName({operation.data(), operation.length()}); } void OpenTracingSpan::setTag(absl::string_view name, absl::string_view value) { span_->SetTag({name.data(), name.length()}, opentracing::v2::string_view{value.data(), value.length()}); } void OpenTracingSpan::log(SystemTime timestamp, const std::string& event) { opentracing::LogRecord record{timestamp, {{Tracing::Logs::get().EventKey, event}}}; finish_options_.log_records.emplace_back(std::move(record)); } void OpenTracingSpan::setBaggage(absl::string_view key, absl::string_view value) { span_->SetBaggageItem({key.data(), key.length()}, {value.data(), value.length()}); } std::string OpenTracingSpan::getBaggage(absl::string_view key) { return span_->BaggageItem({key.data(), key.length()}); } void OpenTracingSpan::injectContext(Http::RequestHeaderMap& request_headers) { if (driver_.propagationMode() == OpenTracingDriver::PropagationMode::SingleHeader) { // Inject the span context using Envoy's single-header format. std::ostringstream oss; const opentracing::expected was_successful = span_->tracer().Inject(span_->context(), oss); if (!was_successful) { ENVOY_LOG(debug, "Failed to inject span context: {}", was_successful.error().message()); driver_.tracerStats().span_context_injection_error_.inc(); return; } const std::string current_span_context = oss.str(); request_headers.setInline( ot_span_context_handle.handle(), Base64::encode(current_span_context.c_str(), current_span_context.length())); } else { // Inject the context using the tracer's standard HTTP header format. const OpenTracingHTTPHeadersWriter writer{request_headers}; const opentracing::expected was_successful = span_->tracer().Inject(span_->context(), writer); if (!was_successful) { ENVOY_LOG(debug, "Failed to inject span context: {}", was_successful.error().message()); driver_.tracerStats().span_context_injection_error_.inc(); return; } } } void OpenTracingSpan::setSampled(bool sampled) { span_->SetTag(opentracing::ext::sampling_priority, sampled ? 1 : 0); } Tracing::SpanPtr OpenTracingSpan::spawnChild(const Tracing::Config&, const std::string& name, SystemTime start_time) { std::unique_ptr ot_span = span_->tracer().StartSpan( name, {opentracing::ChildOf(&span_->context()), opentracing::StartTimestamp(start_time)}); RELEASE_ASSERT(ot_span != nullptr, ""); return Tracing::SpanPtr{new OpenTracingSpan{driver_, std::move(ot_span)}}; } OpenTracingDriver::OpenTracingDriver(Stats::Scope& scope) : tracer_stats_{OPENTRACING_TRACER_STATS(POOL_COUNTER_PREFIX(scope, "tracing.opentracing."))} {} Tracing::SpanPtr OpenTracingDriver::startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision) { const PropagationMode propagation_mode = this->propagationMode(); const opentracing::Tracer& tracer = this->tracer(); std::unique_ptr active_span; std::unique_ptr parent_span_ctx; if (propagation_mode == PropagationMode::SingleHeader && request_headers.getInline(ot_span_context_handle.handle())) { opentracing::expected> parent_span_ctx_maybe; std::string parent_context = Base64::decode( std::string(request_headers.getInlineValue(ot_span_context_handle.handle()))); if (!parent_context.empty()) { InputConstMemoryStream istream{parent_context.data(), parent_context.size()}; parent_span_ctx_maybe = tracer.Extract(istream); } else { parent_span_ctx_maybe = opentracing::make_unexpected(opentracing::span_context_corrupted_error); } if (parent_span_ctx_maybe) { parent_span_ctx = std::move(*parent_span_ctx_maybe); } else { ENVOY_LOG(debug, "Failed to extract span context: {}", parent_span_ctx_maybe.error().message()); tracerStats().span_context_extraction_error_.inc(); } } else if (propagation_mode == PropagationMode::TracerNative) { const OpenTracingHTTPHeadersReader reader{request_headers}; opentracing::expected> parent_span_ctx_maybe = tracer.Extract(reader); if (parent_span_ctx_maybe) { parent_span_ctx = std::move(*parent_span_ctx_maybe); } else { ENVOY_LOG(debug, "Failed to extract span context: {}", parent_span_ctx_maybe.error().message()); tracerStats().span_context_extraction_error_.inc(); } } opentracing::StartSpanOptions options; options.references.emplace_back(opentracing::SpanReferenceType::ChildOfRef, parent_span_ctx.get()); options.start_system_timestamp = start_time; if (!tracing_decision.traced) { options.tags.emplace_back(opentracing::ext::sampling_priority, 0); } active_span = tracer.StartSpanWithOptions(operation_name, options); RELEASE_ASSERT(active_span != nullptr, ""); active_span->SetTag(opentracing::ext::span_kind, config.operationName() == Tracing::OperationName::Egress ? opentracing::ext::span_kind_rpc_client : opentracing::ext::span_kind_rpc_server); return Tracing::SpanPtr{new OpenTracingSpan{*this, std::move(active_span)}}; } } // namespace Ot } // namespace Common } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/common/ot/opentracing_driver_impl.h ================================================ #pragma once #include #include "envoy/stats/scope.h" #include "envoy/tracing/http_tracer.h" #include "common/common/logger.h" #include "common/singleton/const_singleton.h" #include "opentracing/ext/tags.h" #include "opentracing/tracer.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Common { namespace Ot { #define OPENTRACING_TRACER_STATS(COUNTER) \ COUNTER(span_context_extraction_error) \ COUNTER(span_context_injection_error) struct OpenTracingTracerStats { OPENTRACING_TRACER_STATS(GENERATE_COUNTER_STRUCT) }; class OpenTracingDriver; class OpenTracingSpan : public Tracing::Span, Logger::Loggable { public: OpenTracingSpan(OpenTracingDriver& driver, std::unique_ptr&& span); // Tracing::Span void finishSpan() override; void setOperation(absl::string_view operation) override; void setTag(absl::string_view name, const absl::string_view) override; void log(SystemTime timestamp, const std::string& event) override; void injectContext(Http::RequestHeaderMap& request_headers) override; Tracing::SpanPtr spawnChild(const Tracing::Config& config, const std::string& name, SystemTime start_time) override; void setSampled(bool) override; std::string getBaggage(absl::string_view key) override; void setBaggage(absl::string_view key, absl::string_view value) override; private: OpenTracingDriver& driver_; opentracing::FinishSpanOptions finish_options_; std::unique_ptr span_; }; /** * This driver can be used by tracing libraries implementing the OpenTracing API (see * https://github.com/opentracing/opentracing-cpp) to hook into Envoy's tracing functionality with a * minimal amount of effort. Libraries need only provide an opentracing::Tracer implementation; the * rest of span creation is taken care of by this class. */ class OpenTracingDriver : public Tracing::Driver, protected Logger::Loggable { public: explicit OpenTracingDriver(Stats::Scope& scope); // Tracer::TracingDriver Tracing::SpanPtr startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision) override; virtual opentracing::Tracer& tracer() PURE; enum class PropagationMode { SingleHeader, TracerNative }; /** * Controls how span context is propagated in HTTP headers. PropagationMode::SingleHeader will * propagate span context as a single header within the inline header HeaderMap::OtSpanContext; * otherwise, span context will be propagated using the native format of the tracing library. */ virtual PropagationMode propagationMode() const { return PropagationMode::SingleHeader; } OpenTracingTracerStats& tracerStats() { return tracer_stats_; } private: OpenTracingTracerStats tracer_stats_; }; } // namespace Ot } // namespace Common } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/datadog/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Trace driver for Datadog (https://datadoghq.com/) envoy_extension_package() envoy_cc_library( name = "datadog_tracer_lib", srcs = [ "datadog_tracer_impl.cc", ], hdrs = [ "datadog_tracer_impl.h", ], external_deps = ["dd_opentracing_cpp"], deps = [ "//source/common/config:utility_lib", "//source/common/http:async_client_utility_lib", "//source/common/tracing:http_tracer_lib", "//source/common/upstream:cluster_update_tracker_lib", "//source/common/version:version_lib", "//source/extensions/tracers/common/ot:opentracing_driver_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":datadog_tracer_lib", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/tracers/datadog/config.cc ================================================ #include "extensions/tracers/datadog/config.h" #include "envoy/config/trace/v3/datadog.pb.h" #include "envoy/config/trace/v3/datadog.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/datadog/datadog_tracer_impl.h" #include "datadog/opentracing.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Datadog { DatadogTracerFactory::DatadogTracerFactory() : FactoryBase("envoy.tracers.datadog") {} Tracing::HttpTracerSharedPtr DatadogTracerFactory::createHttpTracerTyped( const envoy::config::trace::v3::DatadogConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { Tracing::DriverPtr datadog_driver = std::make_unique( proto_config, context.serverFactoryContext().clusterManager(), context.serverFactoryContext().scope(), context.serverFactoryContext().threadLocal(), context.serverFactoryContext().runtime()); return std::make_shared(std::move(datadog_driver), context.serverFactoryContext().localInfo()); } /** * Static registration for the Datadog tracer. @see RegisterFactory. */ REGISTER_FACTORY(DatadogTracerFactory, Server::Configuration::TracerFactory); } // namespace Datadog } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/datadog/config.h ================================================ #pragma once #include #include "envoy/config/trace/v3/datadog.pb.h" #include "envoy/config/trace/v3/datadog.pb.validate.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Datadog { /** * Config registration for the Datadog tracer. @see TracerFactory. */ class DatadogTracerFactory : public Common::FactoryBase { public: DatadogTracerFactory(); private: // FactoryBase Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::DatadogConfig& proto_config, Server::Configuration::TracerFactoryContext& context) override; }; } // namespace Datadog } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/datadog/datadog_tracer_impl.cc ================================================ #include "extensions/tracers/datadog/datadog_tracer_impl.h" #include "envoy/config/trace/v3/datadog.pb.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/tracing/http_tracer_impl.h" #include "common/version/version.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Datadog { Driver::TlsTracer::TlsTracer(const std::shared_ptr& tracer, TraceReporterPtr&& reporter, Driver& driver) : tracer_(tracer), reporter_(std::move(reporter)), driver_(driver) {} Driver::Driver(const envoy::config::trace::v3::DatadogConfig& datadog_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader&) : OpenTracingDriver{scope}, cm_(cluster_manager), tracer_stats_{DATADOG_TRACER_STATS( POOL_COUNTER_PREFIX(scope, "tracing.datadog."))}, tls_(tls.allocateSlot()) { Config::Utility::checkCluster("envoy.tracers.datadog", datadog_config.collector_cluster(), cm_, /* allow_added_via_api */ true); cluster_ = datadog_config.collector_cluster(); // Default tracer options. tracer_options_.version = absl::StrCat("envoy ", Envoy::VersionInfo::version()); tracer_options_.operation_name_override = "envoy.proxy"; tracer_options_.service = "envoy"; tracer_options_.inject = std::set{ datadog::opentracing::PropagationStyle::Datadog}; tracer_options_.extract = std::set{ datadog::opentracing::PropagationStyle::Datadog}; // Configuration overrides for tracer options. if (!datadog_config.service_name().empty()) { tracer_options_.service = datadog_config.service_name(); } tls_->set([this](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { auto tp = datadog::opentracing::makeTracerAndEncoder(tracer_options_); auto tracer = std::get<0>(tp); auto encoder = std::get<1>(tp); TraceReporterPtr reporter(new TraceReporter(encoder, *this, dispatcher)); return ThreadLocal::ThreadLocalObjectSharedPtr{ new TlsTracer(tracer, std::move(reporter), *this)}; }); } opentracing::Tracer& Driver::tracer() { return *tls_->getTyped().tracer_; } TraceReporter::TraceReporter(TraceEncoderSharedPtr encoder, Driver& driver, Event::Dispatcher& dispatcher) : driver_(driver), encoder_(encoder), collector_cluster_(driver_.clusterManager(), driver_.cluster()) { flush_timer_ = dispatcher.createTimer([this]() -> void { for (auto& h : encoder_->headers()) { lower_case_headers_.emplace(h.first, Http::LowerCaseString{h.first}); } driver_.tracerStats().timer_flushed_.inc(); flushTraces(); enableTimer(); }); enableTimer(); } void TraceReporter::enableTimer() { // The duration for this timer should not be a factor of the // datadog-agent's read timer of 5000ms. // Further details in https://github.com/envoyproxy/envoy/pull/5358 flush_timer_->enableTimer(std::chrono::milliseconds(900U)); } void TraceReporter::flushTraces() { auto pendingTraces = encoder_->pendingTraces(); if (pendingTraces) { ENVOY_LOG(debug, "flushing traces: {} traces", pendingTraces); driver_.tracerStats().traces_sent_.add(pendingTraces); Http::RequestMessagePtr message(new Http::RequestMessageImpl()); message->headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); message->headers().setReferencePath(encoder_->path()); message->headers().setReferenceHost(driver_.cluster()); for (auto& h : encoder_->headers()) { message->headers().setReferenceKey(lower_case_headers_.at(h.first), h.second); } message->body().add(encoder_->payload()); ENVOY_LOG(debug, "submitting {} trace(s) to {} with payload size {}", pendingTraces, encoder_->path(), encoder_->payload().size()); if (collector_cluster_.exists()) { Http::AsyncClient::Request* request = driver_.clusterManager() .httpAsyncClientForCluster(collector_cluster_.info()->name()) .send( std::move(message), *this, Http::AsyncClient::RequestOptions().setTimeout(std::chrono::milliseconds(1000U))); if (request) { active_requests_.add(*request); } } else { ENVOY_LOG(debug, "collector cluster '{}' does not exist", driver_.cluster()); driver_.tracerStats().reports_skipped_no_cluster_.inc(); } encoder_->clearTraces(); } } void TraceReporter::onFailure(const Http::AsyncClient::Request& request, Http::AsyncClient::FailureReason) { active_requests_.remove(request); ENVOY_LOG(debug, "failure submitting traces to datadog agent"); driver_.tracerStats().reports_failed_.inc(); } void TraceReporter::onSuccess(const Http::AsyncClient::Request& request, Http::ResponseMessagePtr&& http_response) { active_requests_.remove(request); uint64_t responseStatus = Http::Utility::getResponseStatus(http_response->headers()); if (responseStatus != enumToInt(Http::Code::OK)) { // TODO: Consider adding retries for failed submissions. ENVOY_LOG(debug, "unexpected HTTP response code from datadog agent: {}", responseStatus); driver_.tracerStats().reports_dropped_.inc(); } else { ENVOY_LOG(debug, "traces successfully submitted to datadog agent"); driver_.tracerStats().reports_sent_.inc(); encoder_->handleResponse(http_response->bodyAsString()); } } } // namespace Datadog } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/datadog/datadog_tracer_impl.h ================================================ #pragma once #include #include "envoy/config/trace/v3/datadog.pb.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/async_client_utility.h" #include "common/http/header_map_impl.h" #include "common/json/json_loader.h" #include "common/upstream/cluster_update_tracker.h" #include "extensions/tracers/common/ot/opentracing_driver_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Datadog { #define DATADOG_TRACER_STATS(COUNTER) \ COUNTER(traces_sent) \ COUNTER(timer_flushed) \ COUNTER(reports_skipped_no_cluster) \ COUNTER(reports_sent) \ COUNTER(reports_dropped) \ COUNTER(reports_failed) struct DatadogTracerStats { DATADOG_TRACER_STATS(GENERATE_COUNTER_STRUCT) }; class TraceReporter; using TraceReporterPtr = std::unique_ptr; using TraceEncoderSharedPtr = std::shared_ptr; /** * Class for a Datadog-specific Driver. */ class Driver : public Common::Ot::OpenTracingDriver { public: /** * Constructor. It adds itself and a newly-created Datadog::Tracer object to a thread-local store. */ Driver(const envoy::config::trace::v3::DatadogConfig& datadog_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader& runtime); // Getters to return the DatadogDriver's key members. Upstream::ClusterManager& clusterManager() { return cm_; } const std::string& cluster() { return cluster_; } DatadogTracerStats& tracerStats() { return tracer_stats_; } // Tracer::OpenTracingDriver opentracing::Tracer& tracer() override; PropagationMode propagationMode() const override { return Common::Ot::OpenTracingDriver::PropagationMode::TracerNative; } private: /** * Thread-local store containing DatadogDriver and Datadog::Tracer objects. */ struct TlsTracer : ThreadLocal::ThreadLocalObject { TlsTracer(const std::shared_ptr& tracer, TraceReporterPtr&& reporter, Driver& driver); std::shared_ptr tracer_; TraceReporterPtr reporter_; Driver& driver_; }; Upstream::ClusterManager& cm_; std::string cluster_; DatadogTracerStats tracer_stats_; datadog::opentracing::TracerOptions tracer_options_; ThreadLocal::SlotPtr tls_; }; /** * This class wraps the encoder provided with the tracer at initialization * and uses Http::AsyncClient to send completed traces to the Datadog Agent. * * The cluster to use for submitting traces to the agent is controlled with * the setting tracing.datadog.collector_cluster, which is mandatory and must * refer to a cluster in the active configuration. * * An internal timer is used to control how often traces are submitted. * If zero traces have completed in the interval between timer events, * no action is taken. * The timer interval can be controlled with the setting * tracing.datadog.flush_interval_ms, and defaults to 2000ms. */ class TraceReporter : public Http::AsyncClient::Callbacks, protected Logger::Loggable { public: /** * Constructor. * * @param encoder Provides methods to retrieve data for publishing traces. * @param driver The driver to be associated with the reporter. * @param dispatcher Controls the timer used to flush buffered traces. */ TraceReporter(TraceEncoderSharedPtr encoder, Driver& driver, Event::Dispatcher& dispatcher); // Http::AsyncClient::Callbacks. void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&&) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) override; void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: /** * Enables the trace-flushing timer. */ void enableTimer(); /** * Removes all traces from the trace buffer and sends them to a Datadog Agent using * Http::AsyncClient. */ void flushTraces(); Driver& driver_; Event::TimerPtr flush_timer_; TraceEncoderSharedPtr encoder_; std::map lower_case_headers_; Upstream::ClusterUpdateTracker collector_cluster_; // Track active HTTP requests to be able to cancel them on destruction. Http::AsyncClientRequestTracker active_requests_; }; } // namespace Datadog } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/dynamic_ot/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Trace driver for dynamically loadable C++ OpenTracing drivers (http://opentracing.io/). envoy_extension_package() envoy_cc_library( name = "dynamic_opentracing_driver_lib", srcs = [ "dynamic_opentracing_driver_impl.cc", ], hdrs = [ "dynamic_opentracing_driver_impl.h", ], deps = [ "//source/common/tracing:http_tracer_lib", "//source/extensions/tracers/common/ot:opentracing_driver_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":dynamic_opentracing_driver_lib", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/tracers/dynamic_ot/config.cc ================================================ #include "extensions/tracers/dynamic_ot/config.h" #include "envoy/config/trace/v3/dynamic_ot.pb.h" #include "envoy/config/trace/v3/dynamic_ot.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace DynamicOt { DynamicOpenTracingTracerFactory::DynamicOpenTracingTracerFactory() : FactoryBase("envoy.tracers.dynamic_ot") {} Tracing::HttpTracerSharedPtr DynamicOpenTracingTracerFactory::createHttpTracerTyped( const envoy::config::trace::v3::DynamicOtConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { const std::string& library = proto_config.library(); const std::string config = MessageUtil::getJsonStringFromMessage(proto_config.config()); Tracing::DriverPtr dynamic_driver = std::make_unique( context.serverFactoryContext().scope(), library, config); return std::make_shared(std::move(dynamic_driver), context.serverFactoryContext().localInfo()); } /** * Static registration for the dynamic opentracing tracer. @see RegisterFactory. */ REGISTER_FACTORY(DynamicOpenTracingTracerFactory, Server::Configuration::TracerFactory){"envoy.dynamic.ot"}; } // namespace DynamicOt } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/dynamic_ot/config.h ================================================ #pragma once #include "envoy/config/trace/v3/dynamic_ot.pb.h" #include "envoy/config/trace/v3/dynamic_ot.pb.validate.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace DynamicOt { /** * Config registration for the dynamic opentracing tracer. @see TracerFactory. */ class DynamicOpenTracingTracerFactory : public Common::FactoryBase { public: DynamicOpenTracingTracerFactory(); private: // FactoryBase Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::DynamicOtConfig& configuration, Server::Configuration::TracerFactoryContext& context) override; }; } // namespace DynamicOt } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.cc ================================================ #include "extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace DynamicOt { DynamicOpenTracingDriver::DynamicOpenTracingDriver(Stats::Scope& scope, const std::string& library, const std::string& tracer_config) : OpenTracingDriver{scope} { std::string error_message; opentracing::expected library_handle_maybe = opentracing::DynamicallyLoadTracingLibrary(library.c_str(), error_message); if (!library_handle_maybe) { throw EnvoyException{formatErrorMessage(library_handle_maybe.error(), error_message)}; } library_handle_ = std::move(*library_handle_maybe); opentracing::expected> tracer_maybe = library_handle_.tracer_factory().MakeTracer(tracer_config.c_str(), error_message); if (!tracer_maybe) { throw EnvoyException{formatErrorMessage(tracer_maybe.error(), error_message)}; } tracer_ = std::move(*tracer_maybe); RELEASE_ASSERT(tracer_ != nullptr, ""); } std::string DynamicOpenTracingDriver::formatErrorMessage(std::error_code error_code, const std::string& error_message) { if (error_message.empty()) { return absl::StrCat("", error_code.message()); } else { return fmt::format("{}: {}", error_code.message(), error_message); } } } // namespace DynamicOt } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h ================================================ #pragma once #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "extensions/tracers/common/ot/opentracing_driver_impl.h" #include "opentracing/dynamic_load.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace DynamicOt { /** * This driver provides support for dynamically loading tracing libraries into Envoy that provide an * implementation of the OpenTracing API (see https://github.com/opentracing/opentracing-cpp). * TODO(rnburn): Add an example showing how to use a tracer library with this driver. */ class DynamicOpenTracingDriver : public Common::Ot::OpenTracingDriver { public: DynamicOpenTracingDriver(Stats::Scope& scope, const std::string& library, const std::string& tracer_config); static std::string formatErrorMessage(std::error_code error_code, const std::string& error_message); // Tracer::OpenTracingDriver opentracing::Tracer& tracer() override { return *tracer_; } PropagationMode propagationMode() const override { return OpenTracingDriver::PropagationMode::TracerNative; } private: opentracing::DynamicTracingLibraryHandle library_handle_; std::shared_ptr tracer_; }; } // namespace DynamicOt } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/lightstep/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Trace driver for LightStep (https://lightstep.com/) envoy_extension_package() envoy_cc_library( name = "lightstep_tracer_lib", srcs = [ "lightstep_tracer_impl.cc", ], hdrs = [ "lightstep_tracer_impl.h", ], external_deps = ["lightstep"], deps = [ "//source/common/config:utility_lib", "//source/common/grpc:context_lib", "//source/common/stats:symbol_table_lib", "//source/common/tracing:http_tracer_lib", "//source/common/upstream:cluster_update_tracker_lib", "//source/extensions/tracers/common/ot:opentracing_driver_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":lightstep_tracer_lib", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/tracers/lightstep/config.cc ================================================ #include "extensions/tracers/lightstep/config.h" #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/config/trace/v3/lightstep.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/lightstep/lightstep_tracer_impl.h" #include "lightstep/tracer.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Lightstep { LightstepTracerFactory::LightstepTracerFactory() : FactoryBase("envoy.tracers.lightstep") {} Tracing::HttpTracerSharedPtr LightstepTracerFactory::createHttpTracerTyped( const envoy::config::trace::v3::LightstepConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { auto opts = std::make_unique(); const auto access_token_file = context.serverFactoryContext().api().fileSystem().fileReadToEnd( proto_config.access_token_file()); const auto access_token_sv = StringUtil::rtrim(access_token_file); opts->access_token.assign(access_token_sv.data(), access_token_sv.size()); opts->component_name = context.serverFactoryContext().localInfo().clusterName(); Tracing::DriverPtr lightstep_driver = std::make_unique( proto_config, context.serverFactoryContext().clusterManager(), context.serverFactoryContext().scope(), context.serverFactoryContext().threadLocal(), context.serverFactoryContext().runtime(), std::move(opts), Common::Ot::OpenTracingDriver::PropagationMode::TracerNative, context.serverFactoryContext().grpcContext()); return std::make_shared(std::move(lightstep_driver), context.serverFactoryContext().localInfo()); } /** * Static registration for the lightstep tracer. @see RegisterFactory. */ REGISTER_FACTORY(LightstepTracerFactory, Server::Configuration::TracerFactory){"envoy.lightstep"}; } // namespace Lightstep } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/lightstep/config.h ================================================ #pragma once #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/config/trace/v3/lightstep.pb.validate.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Lightstep { /** * Config registration for the lightstep tracer. @see TracerFactory. */ class LightstepTracerFactory : public Common::FactoryBase { public: LightstepTracerFactory(); private: // FactoryBase Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::LightstepConfig& proto_config, Server::Configuration::TracerFactoryContext& context) override; }; } // namespace Lightstep } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/lightstep/lightstep_tracer_impl.cc ================================================ #include "extensions/tracers/lightstep/lightstep_tracer_impl.h" #include #include #include #include #include "envoy/config/trace/v3/lightstep.pb.h" #include "common/buffer/buffer_impl.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/common/base64.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/grpc/common.h" #include "common/http/message_impl.h" #include "common/tracing/http_tracer_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Lightstep { static void serializeGrpcMessage(const lightstep::BufferChain& buffer_chain, Buffer::Instance& body) { auto size = buffer_chain.num_bytes(); Buffer::RawSlice iovec; body.reserve(size, &iovec, 1); ASSERT(iovec.len_ >= size); iovec.len_ = size; buffer_chain.CopyOut(static_cast(iovec.mem_), size); body.commit(&iovec, 1); Grpc::Common::prependGrpcFrameHeader(body); } static std::vector MakePropagationModes(const envoy::config::trace::v3::LightstepConfig& lightstep_config) { if (lightstep_config.propagation_modes().empty()) { return {lightstep::PropagationMode::envoy}; } std::vector result; result.reserve(lightstep_config.propagation_modes().size()); for (auto propagation_mode : lightstep_config.propagation_modes()) { switch (propagation_mode) { case envoy::config::trace::v3::LightstepConfig::ENVOY: result.push_back(lightstep::PropagationMode::envoy); break; case envoy::config::trace::v3::LightstepConfig::LIGHTSTEP: result.push_back(lightstep::PropagationMode::lightstep); break; case envoy::config::trace::v3::LightstepConfig::B3: result.push_back(lightstep::PropagationMode::b3); break; case envoy::config::trace::v3::LightstepConfig::TRACE_CONTEXT: result.push_back(lightstep::PropagationMode::trace_context); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } return result; } void LightStepLogger::operator()(lightstep::LogLevel level, opentracing::string_view message) const { const fmt::string_view fmt_message{message.data(), message.size()}; switch (level) { case lightstep::LogLevel::debug: ENVOY_LOG(debug, "{}", fmt_message); break; case lightstep::LogLevel::info: ENVOY_LOG(info, "{}", fmt_message); break; default: ENVOY_LOG(warn, "{}", fmt_message); break; } } // If the default min_flush_spans value is too small, the larger number of reports can overwhelm // LightStep's satellites. Hence, we need to choose a number that's large enough; though, it's // somewhat arbitrary. // // See https://github.com/lightstep/lightstep-tracer-cpp/issues/106 const size_t LightStepDriver::DefaultMinFlushSpans = 200U; LightStepDriver::LightStepTransporter::LightStepTransporter(LightStepDriver& driver) : driver_(driver), collector_cluster_(driver_.clusterManager(), driver_.cluster()) {} LightStepDriver::LightStepTransporter::~LightStepTransporter() { if (active_request_ != nullptr) { active_request_->cancel(); } } void LightStepDriver::LightStepTransporter::onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& /*response*/) { driver_.grpc_context_.chargeStat(*active_cluster_, driver_.request_stat_names_, true); active_callback_->OnSuccess(*active_report_); reset(); } void LightStepDriver::LightStepTransporter::onFailure( const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason /*failure_reason*/) { driver_.grpc_context_.chargeStat(*active_cluster_, driver_.request_stat_names_, false); active_callback_->OnFailure(*active_report_); reset(); } void LightStepDriver::LightStepTransporter::OnSpanBufferFull() noexcept { if (active_report_ != nullptr) { return; } driver_.flush(); } void LightStepDriver::LightStepTransporter::Send(std::unique_ptr&& report, Callback& callback) noexcept { if (active_report_ != nullptr) { callback.OnFailure(*report); return; } const uint64_t timeout = driver_.runtime().snapshot().getInteger("tracing.lightstep.request_timeout", 5000U); Http::RequestMessagePtr message = Grpc::Common::prepareHeaders( driver_.cluster(), lightstep::CollectorServiceFullName(), lightstep::CollectorMethodName(), absl::optional(timeout)); serializeGrpcMessage(*report, message->body()); if (collector_cluster_.exists()) { active_report_ = std::move(report); active_callback_ = &callback; active_cluster_ = collector_cluster_.info(); active_request_ = driver_.clusterManager() .httpAsyncClientForCluster(collector_cluster_.info()->name()) .send(std::move(message), *this, Http::AsyncClient::RequestOptions().setTimeout( std::chrono::milliseconds(timeout))); } else { ENVOY_LOG(debug, "collector cluster '{}' does not exist", driver_.cluster()); driver_.tracerStats().reports_skipped_no_cluster_.inc(); } } void LightStepDriver::LightStepTransporter::reset() { active_cluster_ = nullptr; active_request_ = nullptr; active_callback_ = nullptr; active_report_ = nullptr; } LightStepDriver::LightStepMetricsObserver::LightStepMetricsObserver(LightStepDriver& driver) : driver_(driver) {} void LightStepDriver::LightStepMetricsObserver::OnSpansSent(int num_spans) noexcept { driver_.tracerStats().spans_sent_.add(num_spans); } void LightStepDriver::LightStepMetricsObserver::OnSpansDropped(int num_spans) noexcept { driver_.tracerStats().spans_dropped_.add(num_spans); } LightStepDriver::TlsLightStepTracer::TlsLightStepTracer( const std::shared_ptr& tracer, LightStepDriver& driver, Event::Dispatcher& dispatcher) : tracer_{tracer}, driver_{driver} { flush_timer_ = dispatcher.createTimer([this]() -> void { driver_.tracerStats().timer_flushed_.inc(); tracer_->Flush(); enableTimer(); }); enableTimer(); } lightstep::LightStepTracer& LightStepDriver::TlsLightStepTracer::tracer() { return *tracer_; } void LightStepDriver::TlsLightStepTracer::enableTimer() { const uint64_t flush_interval = driver_.runtime().snapshot().getInteger("tracing.lightstep.flush_interval_ms", 1000U); flush_timer_->enableTimer(std::chrono::milliseconds(flush_interval)); } LightStepDriver::LightStepDriver(const envoy::config::trace::v3::LightstepConfig& lightstep_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader& runtime, std::unique_ptr&& options, PropagationMode propagation_mode, Grpc::Context& grpc_context) : OpenTracingDriver{scope}, cm_{cluster_manager}, tracer_stats_{LIGHTSTEP_TRACER_STATS(POOL_COUNTER_PREFIX(scope, "tracing.lightstep."))}, tls_{tls.allocateSlot()}, runtime_{runtime}, options_{std::move(options)}, propagation_mode_{propagation_mode}, grpc_context_(grpc_context), pool_(scope.symbolTable()), request_stat_names_{ pool_.add(lightstep::CollectorServiceFullName()), pool_.add(lightstep::CollectorMethodName())} { Config::Utility::checkCluster("envoy.tracers.lightstep", lightstep_config.collector_cluster(), cm_, /* allow_added_via_api */ true); cluster_ = lightstep_config.collector_cluster(); if (!(cm_.get(cluster_)->info()->features() & Upstream::ClusterInfo::Features::HTTP2)) { throw EnvoyException( fmt::format("{} collector cluster must support http2 for gRPC calls", cluster_)); } auto propagation_modes = MakePropagationModes(lightstep_config); tls_->set([this, propagation_modes = std::move(propagation_modes)]( Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { lightstep::LightStepTracerOptions tls_options; tls_options.access_token = options_->access_token; tls_options.component_name = options_->component_name; tls_options.use_thread = false; tls_options.propagation_modes = propagation_modes; tls_options.logger_sink = LightStepLogger{}; tls_options.max_buffered_spans = std::function{[this] { return runtime_.snapshot().getInteger("tracing.lightstep.min_flush_spans", DefaultMinFlushSpans); }}; tls_options.metrics_observer = std::make_unique(*this); tls_options.transporter = std::make_unique(*this); std::shared_ptr tracer = lightstep::MakeLightStepTracer(std::move(tls_options)); return ThreadLocal::ThreadLocalObjectSharedPtr{ new TlsLightStepTracer{tracer, *this, dispatcher}}; }); } void LightStepDriver::flush() { auto& tls_tracer = tls_->getTyped(); tls_tracer.tracer().Flush(); tls_tracer.enableTimer(); } opentracing::Tracer& LightStepDriver::tracer() { return tls_->getTyped().tracer(); } } // namespace Lightstep } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/lightstep/lightstep_tracer_impl.h ================================================ #pragma once #include #include #include #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/buffer/buffer_impl.h" #include "common/grpc/context_impl.h" #include "common/http/header_map_impl.h" #include "common/http/message_impl.h" #include "common/json/json_loader.h" #include "common/protobuf/protobuf.h" #include "common/stats/symbol_table_impl.h" #include "common/upstream/cluster_update_tracker.h" #include "extensions/tracers/common/ot/opentracing_driver_impl.h" #include "lightstep/tracer.h" #include "lightstep/transporter.h" #include "opentracing/noop.h" #include "opentracing/tracer.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Lightstep { #define LIGHTSTEP_TRACER_STATS(COUNTER) \ COUNTER(spans_sent) \ COUNTER(spans_dropped) \ COUNTER(timer_flushed) \ COUNTER(reports_skipped_no_cluster) struct LightstepTracerStats { LIGHTSTEP_TRACER_STATS(GENERATE_COUNTER_STRUCT) }; /** * LightStepLogger is used to translate logs generated from LightStep's tracer to Envoy logs. */ class LightStepLogger : Logger::Loggable { public: void operator()(lightstep::LogLevel level, opentracing::string_view message) const; }; /** * LightStep (http://lightstep.com/) provides tracing capabilities, aggregation, visualization of * application trace data. * * LightStepSink is for flushing data to LightStep collectors. */ class LightStepDriver : public Common::Ot::OpenTracingDriver { public: LightStepDriver(const envoy::config::trace::v3::LightstepConfig& lightstep_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader& runtime, std::unique_ptr&& options, PropagationMode propagation_mode, Grpc::Context& grpc_context); Upstream::ClusterManager& clusterManager() { return cm_; } const std::string& cluster() { return cluster_; } Runtime::Loader& runtime() { return runtime_; } LightstepTracerStats& tracerStats() { return tracer_stats_; } static const size_t DefaultMinFlushSpans; void flush(); // Tracer::OpenTracingDriver opentracing::Tracer& tracer() override; PropagationMode propagationMode() const override { return propagation_mode_; } private: class LightStepTransporter : Logger::Loggable, public lightstep::AsyncTransporter, public Http::AsyncClient::Callbacks { public: explicit LightStepTransporter(LightStepDriver& driver); ~LightStepTransporter() override; // lightstep::AsyncTransporter void OnSpanBufferFull() noexcept override; void Send(std::unique_ptr&& message, Callback& callback) noexcept override; // Http::AsyncClient::Callbacks void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&& response) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason failure_reason) override; void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} private: std::unique_ptr active_report_; Callback* active_callback_ = nullptr; Upstream::ClusterInfoConstSharedPtr active_cluster_; Http::AsyncClient::Request* active_request_ = nullptr; LightStepDriver& driver_; Upstream::ClusterUpdateTracker collector_cluster_; void reset(); }; class LightStepMetricsObserver : public ::lightstep::MetricsObserver { public: explicit LightStepMetricsObserver(LightStepDriver& driver); void OnSpansSent(int num_spans) noexcept override; void OnSpansDropped(int num_spans) noexcept override; private: LightStepDriver& driver_; }; class TlsLightStepTracer : public ThreadLocal::ThreadLocalObject { public: TlsLightStepTracer(const std::shared_ptr& tracer, LightStepDriver& driver, Event::Dispatcher& dispatcher); lightstep::LightStepTracer& tracer(); void enableTimer(); private: std::shared_ptr tracer_; LightStepDriver& driver_; Event::TimerPtr flush_timer_; }; Upstream::ClusterManager& cm_; std::string cluster_; LightstepTracerStats tracer_stats_; ThreadLocal::SlotPtr tls_; Runtime::Loader& runtime_; std::unique_ptr options_; const PropagationMode propagation_mode_; Grpc::Context& grpc_context_; Stats::StatNamePool pool_; const Grpc::Context::RequestStatNames request_stat_names_; }; } // namespace Lightstep } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/opencensus/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", "envoy_select_google_grpc", ) licenses(["notice"]) # Apache 2 # Trace driver for OpenCensus: https://opencensus.io/ envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", deps = [ ":opencensus_tracer_impl", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "opencensus_tracer_impl", srcs = ["opencensus_tracer_impl.cc"], hdrs = ["opencensus_tracer_impl.h"], copts = ["-Wno-unused-parameter"], external_deps = [ "opencensus_trace", "opencensus_trace_b3", "opencensus_trace_cloud_trace_context", "opencensus_trace_grpc_trace_bin", "opencensus_trace_trace_context", "opencensus_exporter_ocagent", "opencensus_exporter_stdout", "opencensus_exporter_stackdriver", "opencensus_exporter_zipkin", ], deps = [ "//source/common/config:utility_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ] + envoy_select_google_grpc(["//source/common/grpc:google_async_client_lib"]), ) ================================================ FILE: source/extensions/tracers/opencensus/config.cc ================================================ #include "extensions/tracers/opencensus/config.h" #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/config/trace/v3/opencensus.pb.validate.h" #include "envoy/registry/registry.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/opencensus/opencensus_tracer_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace OpenCensus { OpenCensusTracerFactory::OpenCensusTracerFactory() : FactoryBase("envoy.tracers.opencensus") {} Tracing::HttpTracerSharedPtr OpenCensusTracerFactory::createHttpTracerTyped( const envoy::config::trace::v3::OpenCensusConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { // Since OpenCensus can only support a single tracing configuration per entire process, // we need to make sure that it is configured at most once. if (tracer_) { if (Envoy::Protobuf::util::MessageDifferencer::Equals(config_, proto_config)) { return tracer_; } else { throw EnvoyException("Opencensus has already been configured with a different config."); } } Tracing::DriverPtr driver = std::make_unique(proto_config, context.serverFactoryContext().localInfo(), context.serverFactoryContext().api()); tracer_ = std::make_shared(std::move(driver), context.serverFactoryContext().localInfo()); config_ = proto_config; return tracer_; } /** * Static registration for the OpenCensus tracer. @see RegisterFactory. */ REGISTER_FACTORY(OpenCensusTracerFactory, Server::Configuration::TracerFactory); } // namespace OpenCensus } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/opencensus/config.h ================================================ #pragma once #include #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/config/trace/v3/opencensus.pb.validate.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace OpenCensus { /** * Config registration for the OpenCensus tracer. @see TracerFactory. */ class OpenCensusTracerFactory : public Common::FactoryBase { public: OpenCensusTracerFactory(); private: // FactoryBase Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::OpenCensusConfig& proto_config, Server::Configuration::TracerFactoryContext& context) override; // Since OpenCensus can only support a single tracing configuration per entire process, // we need to make sure that it is configured at most once. Tracing::HttpTracerSharedPtr tracer_; envoy::config::trace::v3::OpenCensusConfig config_; }; } // namespace OpenCensus } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/opencensus/opencensus_tracer_impl.cc ================================================ #include "extensions/tracers/opencensus/opencensus_tracer_impl.h" #include #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/http/header_map.h" #include "common/common/base64.h" #include "absl/strings/str_cat.h" #include "google/devtools/cloudtrace/v2/tracing.grpc.pb.h" #include "opencensus/exporters/trace/ocagent/ocagent_exporter.h" #include "opencensus/exporters/trace/stackdriver/stackdriver_exporter.h" #include "opencensus/exporters/trace/stdout/stdout_exporter.h" #include "opencensus/exporters/trace/zipkin/zipkin_exporter.h" #include "opencensus/trace/propagation/b3.h" #include "opencensus/trace/propagation/cloud_trace_context.h" #include "opencensus/trace/propagation/grpc_trace_bin.h" #include "opencensus/trace/propagation/trace_context.h" #include "opencensus/trace/sampler.h" #include "opencensus/trace/span.h" #include "opencensus/trace/span_context.h" #include "opencensus/trace/trace_config.h" #include "opencensus/trace/trace_params.h" #ifdef ENVOY_GOOGLE_GRPC #include "common/grpc/google_grpc_utils.h" #endif namespace Envoy { namespace Extensions { namespace Tracers { namespace OpenCensus { #ifdef ENVOY_GOOGLE_GRPC constexpr char GoogleStackdriverTraceAddress[] = "cloudtrace.googleapis.com"; #endif namespace { class ConstantValues { public: const Http::LowerCaseString TRACEPARENT{"traceparent"}; const Http::LowerCaseString GRPC_TRACE_BIN{"grpc-trace-bin"}; const Http::LowerCaseString X_CLOUD_TRACE_CONTEXT{"x-cloud-trace-context"}; const Http::LowerCaseString X_B3_TRACEID{"x-b3-traceid"}; const Http::LowerCaseString X_B3_SPANID{"x-b3-spanid"}; const Http::LowerCaseString X_B3_SAMPLED{"x-b3-sampled"}; const Http::LowerCaseString X_B3_FLAGS{"x-b3-flags"}; }; using Constants = ConstSingleton; /** * OpenCensus tracing implementation of the Envoy Span object. */ class Span : public Tracing::Span { public: Span(const Tracing::Config& config, const envoy::config::trace::v3::OpenCensusConfig& oc_config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision); // Used by spawnChild(). Span(const envoy::config::trace::v3::OpenCensusConfig& oc_config, ::opencensus::trace::Span&& span); void setOperation(absl::string_view operation) override; void setTag(absl::string_view name, absl::string_view value) override; void log(SystemTime timestamp, const std::string& event) override; void finishSpan() override; void injectContext(Http::RequestHeaderMap& request_headers) override; Tracing::SpanPtr spawnChild(const Tracing::Config& config, const std::string& name, SystemTime start_time) override; void setSampled(bool sampled) override; // OpenCensus doesn't support baggage, so noop these OpenTracing functions. void setBaggage(absl::string_view, absl::string_view) override{}; std::string getBaggage(absl::string_view) override { return std::string(); }; private: ::opencensus::trace::Span span_; const envoy::config::trace::v3::OpenCensusConfig& oc_config_; }; ::opencensus::trace::Span startSpanHelper(const std::string& name, bool traced, const Http::RequestHeaderMap& request_headers, const envoy::config::trace::v3::OpenCensusConfig& oc_config) { // Determine if there is a parent context. using OpenCensusConfig = envoy::config::trace::v3::OpenCensusConfig; ::opencensus::trace::SpanContext parent_ctx; for (const auto& incoming : oc_config.incoming_trace_context()) { bool found = false; switch (incoming) { case OpenCensusConfig::TRACE_CONTEXT: { const Http::HeaderEntry* header = request_headers.get(Constants::get().TRACEPARENT); if (header != nullptr) { found = true; parent_ctx = ::opencensus::trace::propagation::FromTraceParentHeader( header->value().getStringView()); } break; } case OpenCensusConfig::GRPC_TRACE_BIN: { const Http::HeaderEntry* header = request_headers.get(Constants::get().GRPC_TRACE_BIN); if (header != nullptr) { found = true; parent_ctx = ::opencensus::trace::propagation::FromGrpcTraceBinHeader( Base64::decodeWithoutPadding(header->value().getStringView())); } break; } case OpenCensusConfig::CLOUD_TRACE_CONTEXT: { const Http::HeaderEntry* header = request_headers.get(Constants::get().X_CLOUD_TRACE_CONTEXT); if (header != nullptr) { found = true; parent_ctx = ::opencensus::trace::propagation::FromCloudTraceContextHeader( header->value().getStringView()); } break; } case OpenCensusConfig::B3: { absl::string_view b3_trace_id; absl::string_view b3_span_id; absl::string_view b3_sampled; absl::string_view b3_flags; const Http::HeaderEntry* h_b3_trace_id = request_headers.get(Constants::get().X_B3_TRACEID); if (h_b3_trace_id != nullptr) { b3_trace_id = h_b3_trace_id->value().getStringView(); } const Http::HeaderEntry* h_b3_span_id = request_headers.get(Constants::get().X_B3_SPANID); if (h_b3_span_id != nullptr) { b3_span_id = h_b3_span_id->value().getStringView(); } const Http::HeaderEntry* h_b3_sampled = request_headers.get(Constants::get().X_B3_SAMPLED); if (h_b3_sampled != nullptr) { b3_sampled = h_b3_sampled->value().getStringView(); } const Http::HeaderEntry* h_b3_flags = request_headers.get(Constants::get().X_B3_FLAGS); if (h_b3_flags != nullptr) { b3_flags = h_b3_flags->value().getStringView(); } if (h_b3_trace_id != nullptr && h_b3_span_id != nullptr) { found = true; parent_ctx = ::opencensus::trace::propagation::FromB3Headers(b3_trace_id, b3_span_id, b3_sampled, b3_flags); } break; } } // First header found wins. if (found) { break; } } // Honor Envoy's tracing decision. ::opencensus::trace::AlwaysSampler always_sampler; ::opencensus::trace::NeverSampler never_sampler; // This is safe because opts are not used after StartSpan. ::opencensus::trace::StartSpanOptions opts{&never_sampler}; if (traced) { opts.sampler = &always_sampler; } if (parent_ctx.IsValid()) { return ::opencensus::trace::Span::StartSpanWithRemoteParent(name, parent_ctx, opts); } return ::opencensus::trace::Span::StartSpan(name, /*parent=*/nullptr, opts); } Span::Span(const Tracing::Config& config, const envoy::config::trace::v3::OpenCensusConfig& oc_config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime /*start_time*/, const Tracing::Decision tracing_decision) : span_(startSpanHelper(operation_name, tracing_decision.traced, request_headers, oc_config)), oc_config_(oc_config) { span_.AddAttribute("OperationName", config.operationName() == Tracing::OperationName::Ingress ? "Ingress" : "Egress"); } Span::Span(const envoy::config::trace::v3::OpenCensusConfig& oc_config, ::opencensus::trace::Span&& span) : span_(std::move(span)), oc_config_(oc_config) {} void Span::setOperation(absl::string_view operation) { span_.SetName(operation); } void Span::setTag(absl::string_view name, absl::string_view value) { span_.AddAttribute(name, value); } void Span::log(SystemTime /*timestamp*/, const std::string& event) { // timestamp is ignored. span_.AddAnnotation(event); } void Span::finishSpan() { span_.End(); } void Span::injectContext(Http::RequestHeaderMap& request_headers) { using OpenCensusConfig = envoy::config::trace::v3::OpenCensusConfig; const auto& ctx = span_.context(); for (const auto& outgoing : oc_config_.outgoing_trace_context()) { switch (outgoing) { case OpenCensusConfig::TRACE_CONTEXT: request_headers.setReferenceKey(Constants::get().TRACEPARENT, ::opencensus::trace::propagation::ToTraceParentHeader(ctx)); break; case OpenCensusConfig::GRPC_TRACE_BIN: { std::string val = ::opencensus::trace::propagation::ToGrpcTraceBinHeader(ctx); val = Base64::encode(val.data(), val.size(), /*add_padding=*/false); request_headers.setReferenceKey(Constants::get().GRPC_TRACE_BIN, val); break; } case OpenCensusConfig::CLOUD_TRACE_CONTEXT: request_headers.setReferenceKey( Constants::get().X_CLOUD_TRACE_CONTEXT, ::opencensus::trace::propagation::ToCloudTraceContextHeader(ctx)); break; case OpenCensusConfig::B3: request_headers.setReferenceKey(Constants::get().X_B3_TRACEID, ::opencensus::trace::propagation::ToB3TraceIdHeader(ctx)); request_headers.setReferenceKey(Constants::get().X_B3_SPANID, ::opencensus::trace::propagation::ToB3SpanIdHeader(ctx)); request_headers.setReferenceKey(Constants::get().X_B3_SAMPLED, ::opencensus::trace::propagation::ToB3SampledHeader(ctx)); // OpenCensus's trace context propagation doesn't produce the // "X-B3-Flags:" header. break; } } } Tracing::SpanPtr Span::spawnChild(const Tracing::Config& /*config*/, const std::string& name, SystemTime /*start_time*/) { span_.AddAnnotation("spawnChild"); return std::make_unique(oc_config_, ::opencensus::trace::Span::StartSpan(name, /*parent=*/&span_)); } void Span::setSampled(bool sampled) { span_.AddAnnotation("setSampled", {{"sampled", sampled}}); } } // namespace Driver::Driver(const envoy::config::trace::v3::OpenCensusConfig& oc_config, const LocalInfo::LocalInfo& localinfo, Api::Api& api) : oc_config_(oc_config), local_info_(localinfo) { // To give user a chance to correct initially invalid configuration and try to apply it once again // without a need to restart Envoy, validation checks must be done prior to any side effects. if (oc_config.stackdriver_exporter_enabled() && oc_config.has_stackdriver_grpc_service() && !oc_config.stackdriver_grpc_service().has_google_grpc()) { throw EnvoyException("Opencensus stackdriver tracer only support GoogleGrpc."); } if (oc_config.ocagent_exporter_enabled() && oc_config.has_ocagent_grpc_service() && !oc_config.ocagent_grpc_service().has_google_grpc()) { throw EnvoyException("Opencensus ocagent tracer only supports GoogleGrpc."); } // Process-wide side effects. if (oc_config.has_trace_config()) { applyTraceConfig(oc_config.trace_config()); } if (oc_config.stdout_exporter_enabled()) { ::opencensus::exporters::trace::StdoutExporter::Register(); } if (oc_config.stackdriver_exporter_enabled()) { ::opencensus::exporters::trace::StackdriverOptions opts; opts.project_id = oc_config.stackdriver_project_id(); if (!oc_config.stackdriver_address().empty()) { auto channel = grpc::CreateChannel(oc_config.stackdriver_address(), grpc::InsecureChannelCredentials()); opts.trace_service_stub = ::google::devtools::cloudtrace::v2::TraceService::NewStub(channel); } else if (oc_config.has_stackdriver_grpc_service() && oc_config.stackdriver_grpc_service().has_google_grpc()) { #ifdef ENVOY_GOOGLE_GRPC envoy::config::core::v3::GrpcService stackdriver_service = oc_config.stackdriver_grpc_service(); if (stackdriver_service.google_grpc().target_uri().empty()) { // If stackdriver server address is not provided, the default production stackdriver // address will be used. stackdriver_service.mutable_google_grpc()->set_target_uri(GoogleStackdriverTraceAddress); } auto channel = Envoy::Grpc::GoogleGrpcUtils::createChannel(stackdriver_service, api); // TODO(bianpengyuan): add tests for trace_service_stub and initial_metadata options with mock // stubs. opts.trace_service_stub = ::google::devtools::cloudtrace::v2::TraceService::NewStub(channel); const auto& initial_metadata = stackdriver_service.initial_metadata(); if (!initial_metadata.empty()) { opts.prepare_client_context = [initial_metadata](grpc::ClientContext* ctx) { for (const auto& metadata : initial_metadata) { ctx->AddMetadata(metadata.key(), metadata.value()); } }; } #else throw EnvoyException("Opencensus tracer: cannot handle stackdriver google grpc service, " "google grpc is not built in."); #endif } ::opencensus::exporters::trace::StackdriverExporter::Register(std::move(opts)); } if (oc_config.zipkin_exporter_enabled()) { ::opencensus::exporters::trace::ZipkinExporterOptions opts(oc_config.zipkin_url()); opts.service_name = local_info_.clusterName(); ::opencensus::exporters::trace::ZipkinExporter::Register(opts); } if (oc_config.ocagent_exporter_enabled()) { ::opencensus::exporters::trace::OcAgentOptions opts; if (!oc_config.ocagent_address().empty()) { opts.address = oc_config.ocagent_address(); } else if (oc_config.has_ocagent_grpc_service() && oc_config.ocagent_grpc_service().has_google_grpc()) { #ifdef ENVOY_GOOGLE_GRPC const envoy::config::core::v3::GrpcService& ocagent_service = oc_config.ocagent_grpc_service(); auto channel = Envoy::Grpc::GoogleGrpcUtils::createChannel(ocagent_service, api); opts.trace_service_stub = ::opencensus::proto::agent::trace::v1::TraceService::NewStub(channel); #else throw EnvoyException("Opencensus tracer: cannot handle ocagent google grpc service, google " "grpc is not built in."); #endif } opts.service_name = local_info_.clusterName(); ::opencensus::exporters::trace::OcAgentExporter::Register(std::move(opts)); } } void Driver::applyTraceConfig(const opencensus::proto::trace::v1::TraceConfig& config) { using SamplerCase = opencensus::proto::trace::v1::TraceConfig::SamplerCase; using opencensus::proto::trace::v1::ConstantSampler; constexpr double kDefaultSamplingProbability = 1e-4; double probability = kDefaultSamplingProbability; switch (config.sampler_case()) { case SamplerCase::kProbabilitySampler: probability = config.probability_sampler().samplingprobability(); break; case SamplerCase::kConstantSampler: switch (config.constant_sampler().decision()) { case ConstantSampler::ALWAYS_OFF: probability = 0.; break; case ConstantSampler::ALWAYS_ON: case ConstantSampler::ALWAYS_PARENT: probability = 1.; break; default: break; /* Keep default probability. */ } break; case SamplerCase::kRateLimitingSampler: ENVOY_LOG(error, "RateLimitingSampler is not supported."); break; case SamplerCase::SAMPLER_NOT_SET: break; // Keep default. default: ENVOY_LOG(error, "Unknown sampler type in TraceConfig."); } ::opencensus::trace::TraceConfig::SetCurrentTraceParams(::opencensus::trace::TraceParams{ uint32_t(config.max_number_of_attributes()), uint32_t(config.max_number_of_annotations()), uint32_t(config.max_number_of_message_events()), uint32_t(config.max_number_of_links()), ::opencensus::trace::ProbabilitySampler(probability)}); } Tracing::SpanPtr Driver::startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision) { return std::make_unique(config, oc_config_, request_headers, operation_name, start_time, tracing_decision); } } // namespace OpenCensus } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/opencensus/opencensus_tracer_impl.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/local_info/local_info.h" #include "envoy/tracing/http_tracer.h" #include "common/common/logger.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace OpenCensus { /** * OpenCensus tracing driver. */ class Driver : public Tracing::Driver, Logger::Loggable { public: Driver(const envoy::config::trace::v3::OpenCensusConfig& oc_config, const LocalInfo::LocalInfo& localinfo, Api::Api& api); /** * Implements the abstract Driver's startSpan operation. */ Tracing::SpanPtr startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, SystemTime start_time, const Tracing::Decision tracing_decision) override; private: void applyTraceConfig(const opencensus::proto::trace::v1::TraceConfig& config); const envoy::config::trace::v3::OpenCensusConfig oc_config_; const LocalInfo::LocalInfo& local_info_; }; } // namespace OpenCensus } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 # Trace driver for AWS X-Ray. envoy_extension_package() envoy_proto_library( name = "daemon", srcs = ["daemon.proto"], ) envoy_cc_library( name = "xray_lib", srcs = [ "daemon_broker.cc", "localized_sampling.cc", "tracer.cc", "util.cc", "xray_tracer_impl.cc", ], hdrs = [ "daemon_broker.h", "localized_sampling.h", "reservoir.h", "sampling_strategy.h", "tracer.h", "util.h", "xray_configuration.h", "xray_tracer_impl.h", ], external_deps = [], deps = [ ":daemon_cc_proto", "//include/envoy/common:time_interface", "//include/envoy/server:tracer_config_interface", "//include/envoy/tracing:http_tracer_interface", "//source/common/common:hex_lib", "//source/common/common:macros", "//source/common/common:random_generator_lib", "//source/common/http:header_map_lib", "//source/common/json:json_loader_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/common/tracing:http_tracer_lib", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream", status = "wip", deps = [ ":xray_lib", "//source/common/config:datasource_lib", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/tracers/xray/config.cc ================================================ #include "extensions/tracers/xray/config.h" #include #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/trace/v3/xray.pb.h" #include "envoy/config/trace/v3/xray.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/utility.h" #include "common/config/datasource.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/xray/xray_tracer_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { XRayTracerFactory::XRayTracerFactory() : FactoryBase("envoy.tracers.xray") {} Tracing::HttpTracerSharedPtr XRayTracerFactory::createHttpTracerTyped(const envoy::config::trace::v3::XRayConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { std::string sampling_rules_json; try { sampling_rules_json = Config::DataSource::read(proto_config.sampling_rule_manifest(), true, context.serverFactoryContext().api()); } catch (EnvoyException& e) { ENVOY_LOG(error, "Failed to read sampling rules manifest because of {}.", e.what()); } if (proto_config.daemon_endpoint().protocol() != envoy::config::core::v3::SocketAddress::UDP) { throw EnvoyException("X-Ray daemon endpoint must be a UDP socket address"); } if (proto_config.daemon_endpoint().port_specifier_case() != envoy::config::core::v3::SocketAddress::PortSpecifierCase::kPortValue) { throw EnvoyException("X-Ray daemon port must be specified as number. Not a named port."); } const std::string endpoint = fmt::format("{}:{}", proto_config.daemon_endpoint().address(), proto_config.daemon_endpoint().port_value()); auto aws = absl::flat_hash_map{}; for (const auto& field : proto_config.segment_fields().aws().fields()) { aws.emplace(field.first, field.second); } const auto& origin = proto_config.segment_fields().origin(); XRayConfiguration xconfig{endpoint, proto_config.segment_name(), sampling_rules_json, origin, std::move(aws)}; auto xray_driver = std::make_unique(xconfig, context); return std::make_shared(std::move(xray_driver), context.serverFactoryContext().localInfo()); } /** * Static registration for the XRay tracer. @see RegisterFactory. */ REGISTER_FACTORY(XRayTracerFactory, Server::Configuration::TracerFactory); } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/config.h ================================================ #pragma once #include "envoy/config/trace/v3/xray.pb.h" #include "common/common/logger.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * Config registration for the XRay tracer. @see TracerFactory. */ class XRayTracerFactory : public Common::FactoryBase, Logger::Loggable { public: XRayTracerFactory(); private: Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::XRayConfig& proto_config, Server::Configuration::TracerFactoryContext& context) override; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/daemon.proto ================================================ syntax = "proto3"; // The structures in this file are merely for JSON serialization to communicate with the X-Ray // daemon. The X-Ray daemon does not speak protobuf. package source.extensions.tracers.xray.daemon; import "validate/validate.proto"; import "google/protobuf/struct.proto"; // see https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html message Segment { string name = 1 [(validate.rules).string = {min_len: 1}]; string id = 2 [(validate.rules).string = {min_len: 1}]; string trace_id = 3 [(validate.rules).string = {len: 35}]; double start_time = 4 [(validate.rules).double = {gt: 0}]; double end_time = 5 [(validate.rules).double = {gt: 0}]; string origin = 9; string parent_id = 6; google.protobuf.Struct aws = 10; http_annotations http = 7; message http_annotations { google.protobuf.Struct request = 1; google.protobuf.Struct response = 2; } map annotations = 8; } message Header { string format = 1; uint32 version = 2; } ================================================ FILE: source/extensions/tracers/xray/daemon_broker.cc ================================================ #include "extensions/tracers/xray/daemon_broker.h" #include "envoy/network/address.h" #include "common/buffer/buffer_impl.h" #include "common/network/socket_interface.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "source/extensions/tracers/xray/daemon.pb.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { namespace { // creates a header JSON for X-Ray daemon. // For example: // { "format": "json", "version": 1} std::string createHeader(const std::string& format, uint32_t version) { source::extensions::tracers::xray::daemon::Header header; header.set_format(format); header.set_version(version); return MessageUtil::getJsonStringFromMessage(header, false /* pretty_print */, false /* always_print_primitive_fields */); } } // namespace DaemonBrokerImpl::DaemonBrokerImpl(const std::string& daemon_endpoint) : address_(Network::Utility::parseInternetAddressAndPort(daemon_endpoint, false /*v6only*/)), io_handle_(Network::ioHandleForAddr(Network::Socket::Type::Datagram, address_)) {} void DaemonBrokerImpl::send(const std::string& data) const { auto& logger = Logger::Registry::getLog(Logger::Id::tracing); constexpr auto version = 1; constexpr auto format = "json"; const std::string payload = absl::StrCat(createHeader(format, version), "\n", data); Buffer::RawSlice buf; buf.mem_ = const_cast(payload.data()); buf.len_ = payload.length(); const auto rc = Network::Utility::writeToSocket(*io_handle_, &buf, 1 /*num_slices*/, nullptr /*local_ip*/, *address_); if (rc.rc_ != payload.length()) { // TODO(marcomagdy): report this in stats ENVOY_LOG_TO_LOGGER(logger, debug, "Failed to send trace payload to the X-Ray daemon."); } } } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/daemon_broker.h ================================================ #pragma once #include #include #include "envoy/common/pure.h" #include "envoy/network/address.h" #include "common/network/io_socket_handle_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * The broker is a way to isolate the network dependency required to communicate with the X-Ray * daemon. */ class DaemonBroker { public: /** * Sends the input string as data to the X-Ray daemon. * The input string is typically a JSON serialized Span. * This method prefixes the data with a header necessary for the daemon to accept the input. */ virtual void send(const std::string& data) const PURE; virtual ~DaemonBroker() = default; }; using DaemonBrokerPtr = std::unique_ptr; class DaemonBrokerImpl : public DaemonBroker { public: /** * Creates a new Broker instance. * * @param daemon_endpoint The ip and port on which the X-Ray daemon is listening. */ explicit DaemonBrokerImpl(const std::string& daemon_endpoint); void send(const std::string& data) const final; private: const Network::Address::InstanceConstSharedPtr address_; const Network::IoHandlePtr io_handle_; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/localized_sampling.cc ================================================ #include "extensions/tracers/xray/localized_sampling.h" #include "common/http/exception.h" #include "common/protobuf/utility.h" #include "extensions/tracers/xray/util.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { constexpr double DefaultRate = 0.5; constexpr int DefaultFixedTarget = 1; constexpr int SamplingFileVersion = 2; constexpr auto VersionJsonKey = "version"; constexpr auto DefaultRuleJsonKey = "default"; constexpr auto FixedTargetJsonKey = "fixed_target"; constexpr auto RateJsonKey = "rate"; constexpr auto CustomRulesJsonKey = "rules"; constexpr auto HostJsonKey = "host"; constexpr auto HttpMethodJsonKey = "http_method"; constexpr auto UrlPathJsonKey = "url_path"; namespace { void fail(absl::string_view msg) { auto& logger = Logger::Registry::getLog(Logger::Id::tracing); ENVOY_LOG_TO_LOGGER(logger, error, "Failed to parse sampling rules - {}", msg); } bool is_valid_rate(double n) { return n >= 0 && n <= 1.0; } bool is_valid_fixed_target(double n) { return n >= 0 && static_cast(n) == n; } bool validateRule(const ProtobufWkt::Struct& rule) { using ProtobufWkt::Value; const auto host_it = rule.fields().find(HostJsonKey); if (host_it != rule.fields().end() && host_it->second.kind_case() != Value::KindCase::kStringValue) { fail("host must be a string"); return false; } const auto http_method_it = rule.fields().find(HttpMethodJsonKey); if (http_method_it != rule.fields().end() && http_method_it->second.kind_case() != Value::KindCase::kStringValue) { fail("HTTP method must be a string"); return false; } const auto url_path_it = rule.fields().find(UrlPathJsonKey); if (url_path_it != rule.fields().end() && url_path_it->second.kind_case() != Value::KindCase::kStringValue) { fail("URL path must be a string"); return false; } const auto fixed_target_it = rule.fields().find(FixedTargetJsonKey); if (fixed_target_it == rule.fields().end() || fixed_target_it->second.kind_case() != Value::KindCase::kNumberValue || !is_valid_fixed_target(fixed_target_it->second.number_value())) { fail("fixed target is missing or not a valid positive integer"); return false; } const auto rate_it = rule.fields().find(RateJsonKey); if (rate_it == rule.fields().end() || rate_it->second.kind_case() != Value::KindCase::kNumberValue || !is_valid_rate(rate_it->second.number_value())) { fail("rate is missing or not a valid positive floating number"); return false; } return true; } } // namespace LocalizedSamplingRule LocalizedSamplingRule::createDefault() { return LocalizedSamplingRule(DefaultFixedTarget, DefaultRate); } bool LocalizedSamplingRule::appliesTo(const SamplingRequest& request) const { return (request.host_.empty() || wildcardMatch(host_, request.host_)) && (request.http_method_.empty() || wildcardMatch(http_method_, request.http_method_)) && (request.http_url_.empty() || wildcardMatch(url_path_, request.http_url_)); } LocalizedSamplingManifest::LocalizedSamplingManifest(const std::string& rule_json) : default_rule_(LocalizedSamplingRule::createDefault()) { if (rule_json.empty()) { return; } ProtobufWkt::Struct document; try { MessageUtil::loadFromJson(rule_json, document); } catch (EnvoyException& e) { fail("invalid JSON format"); return; } const auto version_it = document.fields().find(VersionJsonKey); if (version_it == document.fields().end()) { fail("missing version number"); return; } if (version_it->second.kind_case() != ProtobufWkt::Value::KindCase::kNumberValue || version_it->second.number_value() != SamplingFileVersion) { fail("wrong version number"); return; } const auto default_rule_it = document.fields().find(DefaultRuleJsonKey); if (default_rule_it == document.fields().end() || default_rule_it->second.kind_case() != ProtobufWkt::Value::KindCase::kStructValue) { fail("missing default rule"); return; } // extract default rule members auto& default_rule_object = default_rule_it->second.struct_value(); if (!validateRule(default_rule_object)) { return; } default_rule_.setRate(default_rule_object.fields().find(RateJsonKey)->second.number_value()); default_rule_.setFixedTarget(static_cast( default_rule_object.fields().find(FixedTargetJsonKey)->second.number_value())); const auto custom_rules_it = document.fields().find(CustomRulesJsonKey); if (custom_rules_it == document.fields().end()) { return; } if (custom_rules_it->second.kind_case() != ProtobufWkt::Value::KindCase::kListValue) { fail("rules must be JSON array"); return; } for (auto& el : custom_rules_it->second.list_value().values()) { if (el.kind_case() != ProtobufWkt::Value::KindCase::kStructValue) { fail("rules array must be objects"); return; } auto& rule_json = el.struct_value(); if (!validateRule(rule_json)) { return; } LocalizedSamplingRule rule = LocalizedSamplingRule::createDefault(); const auto host_it = rule_json.fields().find(HostJsonKey); if (host_it != rule_json.fields().end()) { rule.setHost(host_it->second.string_value()); } const auto http_method_it = rule_json.fields().find(HttpMethodJsonKey); if (http_method_it != rule_json.fields().end()) { rule.setHttpMethod(http_method_it->second.string_value()); } const auto url_path_it = rule_json.fields().find(UrlPathJsonKey); if (url_path_it != rule_json.fields().end()) { rule.setUrlPath(url_path_it->second.string_value()); } // rate and fixed_target must exist because we validated this rule rule.setRate(rule_json.fields().find(RateJsonKey)->second.number_value()); rule.setFixedTarget( static_cast(rule_json.fields().find(FixedTargetJsonKey)->second.number_value())); custom_rules_.push_back(std::move(rule)); } } bool LocalizedSamplingStrategy::shouldTrace(const SamplingRequest& sampling_request) { if (!custom_manifest_.hasCustomRules()) { return shouldTrace(default_manifest_.defaultRule()); } for (auto&& rule : custom_manifest_.customRules()) { if (rule.appliesTo(sampling_request)) { return shouldTrace(rule); } } return shouldTrace(custom_manifest_.defaultRule()); } bool LocalizedSamplingStrategy::shouldTrace(LocalizedSamplingRule& rule) { const auto now = time_source_.monotonicTime(); if (rule.reservoir().take(now)) { return true; } // rule.rate() is a rational number between 0 and 1 auto toss = random() % 100; if (toss < (100 * rule.rate())) { return true; } return false; } } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/localized_sampling.h ================================================ #pragma once #include #include #include #include "envoy/common/time.h" #include "common/common/logger.h" #include "common/common/random_generator.h" #include "extensions/tracers/xray/reservoir.h" #include "extensions/tracers/xray/sampling_strategy.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * This class encompasses the algorithm used when deciding whether to sample a given request. * The rule contains wildcard strings for matching a request based on its hostname, HTTP method or * URL path. A request must match on all 3 parts before this rule is applied. * If the rule applies, then |fixed_target| determines how many requests to sample per second. * While, rate determines the percentage of requests to sample after that within the same second. * * By default, this tracer records the first request each second, and five percent of * any additional requests. */ class LocalizedSamplingRule { public: /** * Creates a default sampling rule that has the default |fixed_target| and default |rate| set. */ static LocalizedSamplingRule createDefault(); LocalizedSamplingRule(uint32_t fixed_target, double rate) : fixed_target_(fixed_target), rate_(rate), reservoir_(fixed_target_) {} /** * Determines whether Hostname, HTTP method and URL path match the given request. */ bool appliesTo(const SamplingRequest& request) const; /** * Set the hostname to match against. * This value can contain wildcard characters such as '*' or '?'. */ void setHost(absl::string_view host) { host_ = std::string(host); } /** * Set the HTTP method to match against. * This value can contain wildcard characters such as '*' or '?'. */ void setHttpMethod(absl::string_view http_method) { http_method_ = std::string(http_method); } /** * Set the URL path to match against. * This value can contain wildcard characters such as '*' or '?'. */ void setUrlPath(absl::string_view url_path) { url_path_ = std::string(url_path); } /** * Set the minimum number of requests to sample per second. */ void setFixedTarget(uint32_t fixed_target) { fixed_target_ = fixed_target; reservoir_ = Reservoir(fixed_target); } /** * Set the percentage of requests to sample _after_ sampling |fixed_target| requests per second. */ void setRate(double rate) { rate_ = rate; } double rate() const { return rate_; } Reservoir& reservoir() { return reservoir_; } private: std::string host_; std::string http_method_; std::string url_path_; uint32_t fixed_target_; double rate_; Reservoir reservoir_; }; /** * The manifest represents the set of sampling rules (custom and default) used to match incoming * requests. */ class LocalizedSamplingManifest { public: /** * Create a default manifest. The default manifest is used when a custom manifest does not exist * or failed to parse. The default manifest, will have an empty set of custom rules. */ static LocalizedSamplingManifest createDefault() { return LocalizedSamplingManifest{LocalizedSamplingRule::createDefault()}; } /** * Create a manifest by de-serializing the input string as JSON representation of the sampling * rules. * @param sampling_rules_json JSON representation of X-Ray localized sampling rules. */ explicit LocalizedSamplingManifest(const std::string& sampling_rules_json); /** * Create a manifest by assigning the argument rule as the default rule. The set of custom rules * in this manifest will be empty. * @param default_rule A localized sampling rule that will be assigned as the default rule. */ explicit LocalizedSamplingManifest(const LocalizedSamplingRule& default_rule) : default_rule_(default_rule) {} /** * @return default sampling rule */ LocalizedSamplingRule& defaultRule() { return default_rule_; } /** * @return the user-defined sampling rules */ std::vector& customRules() { return custom_rules_; } /** * @return true if the this manifest has a set of custom rules; otherwise false. */ bool hasCustomRules() const { return !custom_rules_.empty(); } private: LocalizedSamplingRule default_rule_; std::vector custom_rules_; }; class LocalizedSamplingStrategy : public SamplingStrategy { public: LocalizedSamplingStrategy(const std::string& sampling_rules_json, Random::RandomGenerator& rng, TimeSource& time_source) : SamplingStrategy(rng), default_manifest_(LocalizedSamplingManifest::createDefault()), custom_manifest_(sampling_rules_json), time_source_(time_source), use_default_(!custom_manifest_.hasCustomRules()) {} /** * Determines if an incoming request matches one of the sampling rules in the local manifests. * If a match is found, then the request might be traced based on the sampling percentages etc. * determined by the matching rule. */ bool shouldTrace(const SamplingRequest& sampling_request) override; /** * Determines whether default rules are in effect. Mainly for unit testing purposes. */ bool usingDefaultManifest() const { return use_default_; } private: bool shouldTrace(LocalizedSamplingRule& rule); LocalizedSamplingManifest default_manifest_; LocalizedSamplingManifest custom_manifest_; TimeSource& time_source_; bool use_default_; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/reservoir.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "common/common/lock_guard.h" #include "common/common/thread.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * Simple token-bucket algorithm that enables counting samples/traces used per second. */ class Reservoir { public: /** * Creates a new reservoir that allows up to |traces_per_second| samples. */ explicit Reservoir(uint32_t traces_per_second) : traces_per_second_(traces_per_second), used_(0) {} Reservoir(const Reservoir& other) : traces_per_second_(other.traces_per_second_), used_(other.used_), time_point_(other.time_point_) {} Reservoir& operator=(const Reservoir& other) { if (this == &other) { return *this; } traces_per_second_ = other.traces_per_second_; used_ = other.used_; time_point_ = other.time_point_; return *this; } /** * Determines whether all samples have been used up for this particular second. * Every second, this reservoir starts over with a full bucket. * * @param now Used to compare against the last recorded time to determine if it's still within the * same second. */ bool take(Envoy::MonotonicTime now) { Envoy::Thread::LockGuard lg(sync_); const auto diff = now - time_point_; if (diff > std::chrono::seconds(1)) { used_ = 0; time_point_ = now; } if (used_ >= traces_per_second_) { return false; } ++used_; return true; } private: uint32_t traces_per_second_; uint32_t used_; Envoy::MonotonicTime time_point_; Envoy::Thread::MutexBasicLockable sync_; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/sampling_strategy.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/common/random_generator.h" #include "common/common/macros.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { struct SamplingRequest { std::string host_; std::string http_method_; std::string http_url_; }; /** * Strategy provides an interface for implementing trace sampling strategies. */ class SamplingStrategy { public: explicit SamplingStrategy(Random::RandomGenerator& rng) : rng_(rng) {} virtual ~SamplingStrategy() = default; /** * sampleRequest determines if the given request should be traced or not. * Implementation _must_ be thread-safe. */ virtual bool shouldTrace(const SamplingRequest& sampling_request) PURE; protected: uint64_t random() const { return rng_.random(); } private: Random::RandomGenerator& rng_; }; using SamplingStrategyPtr = std::unique_ptr; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/tracer.cc ================================================ #include "extensions/tracers/xray/tracer.h" #include #include #include #include "envoy/http/header_map.h" #include "envoy/network/listener.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/protobuf/utility.h" #include "source/extensions/tracers/xray/daemon.pb.validate.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { namespace { constexpr auto XRaySerializationVersion = "1"; // X-Ray Trace ID Format // // A trace_id consists of three parts separated by hyphens. // For example, 1-58406cf0-a006649127e371903a2de979. // This includes: // // - The version number, that is, 1. // - The time of the original request, in Unix epoch time, in 8 hexadecimal digits. // - A 96-bit unique identifier in 24 hexadecimal digits. // // For more details see: // https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html#api-segmentdocuments-fields std::string generateTraceId(SystemTime point_in_time, Random::RandomGenerator& random) { using std::chrono::seconds; using std::chrono::time_point_cast; const auto epoch = time_point_cast(point_in_time).time_since_epoch().count(); std::string out; out.reserve(35); out += XRaySerializationVersion; out.push_back('-'); // epoch in seconds represented as 8 hexadecimal characters out += Hex::uint32ToHex(epoch); out.push_back('-'); std::string uuid = random.uuid(); // unique id represented as 24 hexadecimal digits and no dashes uuid.erase(std::remove(uuid.begin(), uuid.end(), '-'), uuid.end()); ASSERT(uuid.length() >= 24); out += uuid.substr(0, 24); return out; } } // namespace void Span::finishSpan() { using std::chrono::time_point_cast; using namespace source::extensions::tracers::xray; // X-Ray expects timestamps to be in epoch seconds with milli/micro-second precision as a fraction using SecondsWithFraction = std::chrono::duration; if (!sampled()) { return; } daemon::Segment s; s.set_name(name()); s.set_id(id()); s.set_trace_id(traceId()); s.set_start_time(time_point_cast(startTime()).time_since_epoch().count()); s.set_end_time( time_point_cast(time_source_.systemTime()).time_since_epoch().count()); s.set_origin(origin()); s.set_parent_id(parentId()); auto* aws = s.mutable_aws()->mutable_fields(); for (const auto& field : aws_metadata_) { aws->insert({field.first, field.second}); } auto* request_fields = s.mutable_http()->mutable_request()->mutable_fields(); for (const auto& field : http_request_annotations_) { request_fields->insert({field.first, field.second}); } auto* response_fields = s.mutable_http()->mutable_response()->mutable_fields(); for (const auto& field : http_response_annotations_) { response_fields->insert({field.first, field.second}); } for (const auto& item : custom_annotations_) { s.mutable_annotations()->insert({item.first, item.second}); } const std::string json = MessageUtil::getJsonStringFromMessage( s, false /* pretty_print */, false /* always_print_primitive_fields */); broker_.send(json); } // namespace XRay void Span::injectContext(Http::RequestHeaderMap& request_headers) { const std::string xray_header_value = fmt::format("Root={};Parent={};Sampled={}", traceId(), id(), sampled() ? "1" : "0"); request_headers.setCopy(Http::LowerCaseString(XRayTraceHeader), xray_header_value); } Tracing::SpanPtr Span::spawnChild(const Tracing::Config&, const std::string& operation_name, Envoy::SystemTime start_time) { auto child_span = std::make_unique(time_source_, random_, broker_); child_span->setName(name()); child_span->setOperation(operation_name); child_span->setStartTime(start_time); child_span->setParentId(id()); child_span->setTraceId(traceId()); child_span->setSampled(sampled()); return child_span; } Tracing::SpanPtr Tracer::startSpan(const std::string& operation_name, Envoy::SystemTime start_time, const absl::optional& xray_header) { auto span_ptr = std::make_unique(time_source_, random_, *daemon_broker_); span_ptr->setName(segment_name_); span_ptr->setOperation(operation_name); // Even though we have a TimeSource member in the tracer, we assume the start_time argument has a // more precise value than calling the systemTime() at this point in time. span_ptr->setStartTime(start_time); span_ptr->setOrigin(origin_); span_ptr->setAwsMetadata(aws_metadata_); if (xray_header) { // there's a previous span that this span should be based-on span_ptr->setParentId(xray_header->parent_id_); span_ptr->setTraceId(xray_header->trace_id_); switch (xray_header->sample_decision_) { case SamplingDecision::Sampled: span_ptr->setSampled(true); break; case SamplingDecision::NotSampled: // should never get here. If the header has Sampled=0 then we never call startSpan(). NOT_REACHED_GCOVR_EXCL_LINE; default: break; } } else { span_ptr->setTraceId(generateTraceId(time_source_.systemTime(), random_)); } return span_ptr; } XRay::SpanPtr Tracer::createNonSampledSpan() const { auto span_ptr = std::make_unique(time_source_, random_, *daemon_broker_); span_ptr->setName(segment_name_); span_ptr->setOrigin(origin_); span_ptr->setTraceId(generateTraceId(time_source_.systemTime(), random_)); span_ptr->setAwsMetadata(aws_metadata_); span_ptr->setSampled(false); return span_ptr; } void Span::setTag(absl::string_view name, absl::string_view value) { // For the full set of values see: // https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html#api-segmentdocuments-http constexpr auto SpanContentLength = "content_length"; constexpr auto SpanMethod = "method"; constexpr auto SpanStatus = "status"; constexpr auto SpanUserAgent = "user_agent"; constexpr auto SpanUrl = "url"; constexpr auto SpanClientIp = "client_ip"; constexpr auto SpanXForwardedFor = "x_forwarded_for"; constexpr auto HttpUrl = "http.url"; constexpr auto HttpMethod = "http.method"; constexpr auto HttpStatusCode = "http.status_code"; constexpr auto HttpUserAgent = "user_agent"; constexpr auto HttpResponseSize = "response_size"; constexpr auto PeerAddress = "peer.address"; if (name.empty() || value.empty()) { return; } if (name == HttpUrl) { http_request_annotations_.emplace(SpanUrl, ValueUtil::stringValue(std::string(value))); } else if (name == HttpMethod) { http_request_annotations_.emplace(SpanMethod, ValueUtil::stringValue(std::string(value))); } else if (name == HttpUserAgent) { http_request_annotations_.emplace(SpanUserAgent, ValueUtil::stringValue(std::string(value))); } else if (name == HttpStatusCode) { uint64_t status_code; if (!absl::SimpleAtoi(value, &status_code)) { ENVOY_LOG(debug, "{} must be a number, given: {}", HttpStatusCode, value); return; } http_response_annotations_.emplace(SpanStatus, ValueUtil::numberValue(status_code)); } else if (name == HttpResponseSize) { uint64_t response_size; if (!absl::SimpleAtoi(value, &response_size)) { ENVOY_LOG(debug, "{} must be a number, given: {}", HttpResponseSize, value); return; } http_response_annotations_.emplace(SpanContentLength, ValueUtil::numberValue(response_size)); } else if (name == PeerAddress) { http_request_annotations_.emplace(SpanClientIp, ValueUtil::stringValue(std::string(value))); // In this case, PeerAddress refers to the client's actual IP address, not // the address specified in the HTTP X-Forwarded-For header. http_request_annotations_.emplace(SpanXForwardedFor, ValueUtil::boolValue(false)); } else { custom_annotations_.emplace(name, value); } } } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/tracer.h ================================================ #pragma once #include #include #include #include "envoy/common/time.h" #include "envoy/tracing/http_tracer.h" #include "common/common/hex.h" #include "common/common/random_generator.h" #include "common/protobuf/utility.h" #include "extensions/tracers/xray/daemon_broker.h" #include "extensions/tracers/xray/sampling_strategy.h" #include "extensions/tracers/xray/xray_configuration.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { constexpr auto XRayTraceHeader = "x-amzn-trace-id"; class Span : public Tracing::Span, Logger::Loggable { public: /** * Creates a new Span. * * @param time_source A time source to get the span end time * @param random random generator for generating unique child span ids * @param broker Facilitates communication with the X-Ray daemon. */ Span(TimeSource& time_source, Random::RandomGenerator& random, DaemonBroker& broker) : time_source_(time_source), random_(random), broker_(broker), id_(Hex::uint64ToHex(random_.random())), sampled_(true) {} /** * Sets the Span's trace ID. */ void setTraceId(absl::string_view trace_id) { trace_id_ = std::string(trace_id); }; /** * Gets the Span's trace ID. */ const std::string& traceId() const { return trace_id_; } /** * Completes the current span, serialize it and send it to the X-Ray daemon. */ void finishSpan() override; /** * Sets the current operation name on the Span. * This information will be included in the X-Ray span's metadata. */ void setOperation(absl::string_view operation) override { operation_name_ = std::string(operation); } /** * Sets the name of the Span. */ void setName(absl::string_view name) { name_ = std::string(name); } /** * Sets the origin of the Span. */ void setOrigin(absl::string_view origin) { origin_ = std::string(origin); } /** * Gets the origin of the Span. */ const std::string& origin() { return origin_; } /** * Adds a key-value pair to either the Span's annotations or metadata. * An allowlist of keys are added to the annotations, everything else is added to the metadata. */ void setTag(absl::string_view name, absl::string_view value) override; /** * Sets the ID of the parent segment. This is different from the Trace ID. * The parent ID is used if the request originated from an instrumented application. * For more information see: * https://docs.aws.amazon.com/xray/latest/devguide/xray-concepts.html#xray-concepts-tracingheader */ void setParentId(absl::string_view parent_segment_id) { parent_segment_id_ = std::string(parent_segment_id); } /** * Sets the aws metadata field of the Span. */ void setAwsMetadata(const absl::flat_hash_map& aws_metadata) { aws_metadata_ = aws_metadata; } /** * Gets the AWS metadata * field of the Span. */ const absl::flat_hash_map& awsMetadata() { return aws_metadata_; } /** * Sets the recording start time of the traced operation/request. */ void setStartTime(Envoy::SystemTime start_time) { start_time_ = start_time; } /** * Marks the span as either "sampled" or "not-sampled". * By default, Spans are "sampled". * This is handy in cases where the sampling decision has already been determined either by Envoy * or by a downstream service. */ void setSampled(bool sampled) override { sampled_ = sampled; }; /** * Adds X-Ray trace header to the set of outgoing headers. */ void injectContext(Http::RequestHeaderMap& request_headers) override; /** * Gets the start time of this Span. */ Envoy::SystemTime startTime() const { return start_time_; } /** * Gets this Span's ID. */ const std::string& id() const { return id_; } const std::string& parentId() const { return parent_segment_id_; } /** * Gets this Span's name. */ const std::string& name() const { return name_; } /** * Determines whether this span is sampled. */ bool sampled() const { return sampled_; } /** * Not used by X-Ray because the Spans are "logged" (serialized) to the X-Ray daemon. */ void log(Envoy::SystemTime, const std::string&) override {} // X-Ray doesn't support baggage, so noop these OpenTracing functions. void setBaggage(absl::string_view, absl::string_view) override {} std::string getBaggage(absl::string_view) override { return std::string(); } /** * Creates a child span. * In X-Ray terms this creates a sub-segment and sets its parent ID to the current span's ID. * @param operation_name The span of the child span. * @param start_time The time at which this child span started. */ Tracing::SpanPtr spawnChild(const Tracing::Config&, const std::string& operation_name, Envoy::SystemTime start_time) override; private: Envoy::TimeSource& time_source_; Random::RandomGenerator& random_; DaemonBroker& broker_; Envoy::SystemTime start_time_; std::string operation_name_; std::string id_; std::string trace_id_; std::string parent_segment_id_; std::string name_; std::string origin_; absl::flat_hash_map aws_metadata_; absl::flat_hash_map http_request_annotations_; absl::flat_hash_map http_response_annotations_; absl::flat_hash_map custom_annotations_; bool sampled_; }; using SpanPtr = std::unique_ptr; class Tracer { public: Tracer(absl::string_view segment_name, absl::string_view origin, const absl::flat_hash_map& aws_metadata, DaemonBrokerPtr daemon_broker, TimeSource& time_source, Random::RandomGenerator& random) : segment_name_(segment_name), origin_(origin), aws_metadata_(aws_metadata), daemon_broker_(std::move(daemon_broker)), time_source_(time_source), random_(random) {} /** * Starts a tracing span for X-Ray */ Tracing::SpanPtr startSpan(const std::string& operation_name, Envoy::SystemTime start_time, const absl::optional& xray_header); /** * Creates a Span that is marked as not-sampled. * This is useful when the sampling decision is done in Envoy's X-Ray and we want to avoid * overruling that decision in the upstream service in case that service itself uses X-Ray for * tracing. */ XRay::SpanPtr createNonSampledSpan() const; private: const std::string segment_name_; const std::string origin_; const absl::flat_hash_map aws_metadata_; const DaemonBrokerPtr daemon_broker_; Envoy::TimeSource& time_source_; Random::RandomGenerator& random_; }; using TracerPtr = std::unique_ptr; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/util.cc ================================================ #include "extensions/tracers/xray/util.h" #include "absl/strings/ascii.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { // AWS X-Ray has two sources of sampling rules (wildcard patterns): // // 1- The manifest file (static config) // 2- The X-Ray Service - periodically polled for new rules. (dynamic config) // // X-Ray will inspect every single request and try to match it against the set of rules it has to // decide whether or not a given request should be sampled. That means this wildcard matching // routine is on the hot path. I've spent a great deal of time to make this function optimal and not // allocate. // Using regex matching here has many downsides and it would require us to: // 1- escape/lint the user input pattern to avoid messing up its meaning (think '.' character is a // valid regex and URL character) 2- compile the regex and store it with every corresponding part of // the rule // // Those two steps would add significant overhead to the tracer. Meanwhile, the following function // has a comprehensive test suite and fuzz tests. bool wildcardMatch(absl::string_view pattern, absl::string_view input) { if (pattern.empty()) { return input.empty(); } // Check the special case of a single * pattern, as it's common. constexpr char glob = '*'; if (pattern.size() == 1 && pattern[0] == glob) { return true; } size_t i = 0, p = 0, i_star = input.size(), p_star = 0; while (i < input.size()) { if (p < pattern.size() && absl::ascii_tolower(input[i]) == absl::ascii_tolower(pattern[p])) { ++i; ++p; } else if (p < pattern.size() && '?' == pattern[p]) { ++i; ++p; } else if (p < pattern.size() && pattern[p] == glob) { i_star = i; p_star = p++; } else if (i_star != input.size()) { i = ++i_star; p = p_star + 1; } else { return false; } } while (p < pattern.size() && pattern[p] == glob) { ++p; } return p == pattern.size() && i == input.size(); } } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/util.h ================================================ #pragma once #include #include "absl/strings/string_view.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * Performs a case-insensitive wild-card match against the input string. * This method works with pseudo-regex chars; specifically ? and * * * An asterisk (*) represents any combination of characters. * A question mark (?) represents any single character. * * @param pattern The regex-like pattern to compare with. * @param text The string to compare against the pattern. * @return whether the text matches the pattern. */ bool wildcardMatch(absl::string_view pattern, absl::string_view input); } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/xray_configuration.h ================================================ #pragma once #include #include "common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { /** * X-Ray configuration Model. */ struct XRayConfiguration { const std::string daemon_endpoint_; const std::string segment_name_; const std::string sampling_rules_; const std::string origin_; const absl::flat_hash_map aws_metadata_; }; enum class SamplingDecision { Sampled, NotSampled, Unknown, }; /** * X-Ray header Model. */ struct XRayHeader { std::string trace_id_; std::string parent_id_; SamplingDecision sample_decision_{}; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/xray_tracer_impl.cc ================================================ #include "extensions/tracers/xray/xray_tracer_impl.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "extensions/tracers/xray/localized_sampling.h" #include "extensions/tracers/xray/tracer.h" #include "extensions/tracers/xray/xray_configuration.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { namespace { constexpr auto DefaultDaemonEndpoint = "127.0.0.1:2000"; XRayHeader parseXRayHeader(const Http::LowerCaseString& header) { const auto& lowered_header = header.get(); XRayHeader result; for (const auto& token : StringUtil::splitToken(lowered_header, ";")) { if (absl::StartsWith(token, "root=")) { result.trace_id_ = std::string(StringUtil::cropLeft(token, "=")); } else if (absl::StartsWith(token, "parent=")) { result.parent_id_ = std::string(StringUtil::cropLeft(token, "=")); } else if (absl::StartsWith(token, "sampled=")) { const auto s = StringUtil::cropLeft(token, "="); if (s == "1") { result.sample_decision_ = SamplingDecision::Sampled; } else if (s == "0") { result.sample_decision_ = SamplingDecision::NotSampled; } else { result.sample_decision_ = SamplingDecision::Unknown; } } } return result; } } // namespace Driver::Driver(const XRayConfiguration& config, Server::Configuration::TracerFactoryContext& context) : xray_config_(config), tls_slot_ptr_(context.serverFactoryContext().threadLocal().allocateSlot()) { const std::string daemon_endpoint = config.daemon_endpoint_.empty() ? DefaultDaemonEndpoint : config.daemon_endpoint_; ENVOY_LOG(debug, "send X-Ray generated segments to daemon address on {}", daemon_endpoint); sampling_strategy_ = std::make_unique( xray_config_.sampling_rules_, context.serverFactoryContext().api().randomGenerator(), context.serverFactoryContext().timeSource()); tls_slot_ptr_->set([this, daemon_endpoint, &context](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { DaemonBrokerPtr broker = std::make_unique(daemon_endpoint); TracerPtr tracer = std::make_unique( xray_config_.segment_name_, xray_config_.origin_, xray_config_.aws_metadata_, std::move(broker), context.serverFactoryContext().timeSource(), context.serverFactoryContext().api().randomGenerator()); return std::make_shared(std::move(tracer), *this); }); } Tracing::SpanPtr Driver::startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, Envoy::SystemTime start_time, const Tracing::Decision tracing_decision) { // First thing is to determine whether this request will be sampled or not. // if there's a X-Ray header and it has a sampling decision already determined (i.e. Sample=1) // then we can move on; otherwise, we ask the sampling strategy whether this request should be // sampled or not. // // The second step is create a Span. // If we have a XRay TraceID in the headers, then we create a SpanContext to pass that trace-id // around if no TraceID (which means no x-ray header) then this is a brand new span. UNREFERENCED_PARAMETER(config); // TODO(marcomagdy) - how do we factor this into the logic above UNREFERENCED_PARAMETER(tracing_decision); const auto* header = request_headers.get(Http::LowerCaseString(XRayTraceHeader)); absl::optional should_trace; XRayHeader xray_header; if (header) { Http::LowerCaseString lowered_header_value{std::string(header->value().getStringView())}; xray_header = parseXRayHeader(lowered_header_value); // if the sample_decision in the x-ray header is unknown then we try to make a decision based // on the sampling strategy if (xray_header.sample_decision_ == SamplingDecision::Sampled) { should_trace = true; } else if (xray_header.sample_decision_ == SamplingDecision::NotSampled) { should_trace = false; } else { ENVOY_LOG( trace, "Unable to determine from the X-Ray trace header whether request is sampled or not"); } } if (!should_trace.has_value()) { const SamplingRequest request{std::string{request_headers.getHostValue()}, std::string{request_headers.getMethodValue()}, std::string{request_headers.getPathValue()}}; should_trace = sampling_strategy_->shouldTrace(request); } auto* tracer = tls_slot_ptr_->getTyped().tracer_.get(); if (should_trace.value()) { return tracer->startSpan(operation_name, start_time, header ? absl::optional(xray_header) : absl::nullopt); } // instead of returning nullptr, we return a Span that is marked as not-sampled. // This is important to communicate that information to upstream services (see injectContext()). // Otherwise, the upstream service can decide to sample the request regardless and we end up with // more samples than we asked for. return tracer->createNonSampledSpan(); } } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/xray/xray_tracer_impl.h ================================================ #pragma once #include "envoy/server/tracer_config.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/xray/tracer.h" #include "extensions/tracers/xray/xray_configuration.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace XRay { class Driver : public Tracing::Driver, public Logger::Loggable { public: Driver(const XRay::XRayConfiguration& config, Server::Configuration::TracerFactoryContext& context); Tracing::SpanPtr startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string& operation_name, Envoy::SystemTime start_time, const Tracing::Decision tracing_decision) override; private: struct TlsTracer : ThreadLocal::ThreadLocalObject { TlsTracer(TracerPtr tracer, Driver& driver) : tracer_(std::move(tracer)), driver_(driver) {} TracerPtr tracer_; Driver& driver_; }; XRayConfiguration xray_config_; SamplingStrategyPtr sampling_strategy_; ThreadLocal::SlotPtr tls_slot_ptr_; }; } // namespace XRay } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Trace driver for Zipkin (https://zipkin.io/). envoy_extension_package() envoy_cc_library( name = "zipkin_lib", srcs = [ "span_buffer.cc", "span_context.cc", "span_context_extractor.cc", "tracer.cc", "util.cc", "zipkin_core_types.cc", "zipkin_tracer_impl.cc", ], hdrs = [ "span_buffer.h", "span_context.h", "span_context_extractor.h", "tracer.h", "tracer_interface.h", "util.h", "zipkin_core_constants.h", "zipkin_core_types.h", "zipkin_json_field_names.h", "zipkin_tracer_impl.h", ], external_deps = [ "abseil_optional", ], deps = [ "//include/envoy/common:time_interface", "//include/envoy/local_info:local_info_interface", "//include/envoy/network:address_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/thread_local:thread_local_interface", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/common:hex_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/http:async_client_utility_lib", "//source/common/http:header_map_lib", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/json:json_loader_lib", "//source/common/network:address_lib", "//source/common/singleton:const_singleton", "//source/common/tracing:http_tracer_lib", "//source/common/upstream:cluster_update_tracker_lib", "@com_github_openzipkin_zipkinapi//:zipkin_cc_proto", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//test/server:__subpackages__", ], security_posture = "robust_to_untrusted_downstream", deps = [ ":zipkin_lib", "//source/extensions/tracers/common:factory_base_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/tracers/zipkin/config.cc ================================================ #include "extensions/tracers/zipkin/config.h" #include "envoy/config/trace/v3/zipkin.pb.h" #include "envoy/config/trace/v3/zipkin.pb.validate.h" #include "envoy/registry/registry.h" #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/zipkin/zipkin_tracer_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { ZipkinTracerFactory::ZipkinTracerFactory() : FactoryBase("envoy.tracers.zipkin") {} Tracing::HttpTracerSharedPtr ZipkinTracerFactory::createHttpTracerTyped( const envoy::config::trace::v3::ZipkinConfig& proto_config, Server::Configuration::TracerFactoryContext& context) { Tracing::DriverPtr zipkin_driver = std::make_unique( proto_config, context.serverFactoryContext().clusterManager(), context.serverFactoryContext().scope(), context.serverFactoryContext().threadLocal(), context.serverFactoryContext().runtime(), context.serverFactoryContext().localInfo(), context.serverFactoryContext().api().randomGenerator(), context.serverFactoryContext().timeSource()); return std::make_shared(std::move(zipkin_driver), context.serverFactoryContext().localInfo()); } /** * Static registration for the Zipkin tracer. @see RegisterFactory. */ REGISTER_FACTORY(ZipkinTracerFactory, Server::Configuration::TracerFactory){"envoy.zipkin"}; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/config.h ================================================ #pragma once #include "envoy/config/trace/v3/zipkin.pb.h" #include "envoy/config/trace/v3/zipkin.pb.validate.h" #include "extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * Config registration for the zipkin tracer. @see TracerFactory. */ class ZipkinTracerFactory : public Common::FactoryBase { public: ZipkinTracerFactory(); private: // FactoryBase Tracing::HttpTracerSharedPtr createHttpTracerTyped(const envoy::config::trace::v3::ZipkinConfig& proto_config, Server::Configuration::TracerFactoryContext& context) override; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_buffer.cc ================================================ #include "extensions/tracers/zipkin/span_buffer.h" #include "envoy/config/trace/v3/zipkin.pb.h" #include "common/protobuf/utility.h" #include "extensions/tracers/zipkin/util.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" #include "extensions/tracers/zipkin/zipkin_json_field_names.h" #include "absl/strings/str_join.h" #include "absl/strings/str_replace.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { SpanBuffer::SpanBuffer( const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, const bool shared_span_context) : serializer_{makeSerializer(version, shared_span_context)} {} SpanBuffer::SpanBuffer( const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, const bool shared_span_context, uint64_t size) : serializer_{makeSerializer(version, shared_span_context)} { allocateBuffer(size); } bool SpanBuffer::addSpan(Span&& span) { const auto& annotations = span.annotations(); if (span_buffer_.size() == span_buffer_.capacity() || annotations.empty() || annotations.end() == std::find_if(annotations.begin(), annotations.end(), [](const auto& annotation) { return annotation.value() == CLIENT_SEND || annotation.value() == SERVER_RECV; })) { // Buffer full or invalid span. return false; } span_buffer_.push_back(std::move(span)); return true; } SerializerPtr SpanBuffer::makeSerializer( const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, const bool shared_span_context) { switch (version) { case envoy::config::trace::v3::ZipkinConfig::hidden_envoy_deprecated_HTTP_JSON_V1: return std::make_unique(); case envoy::config::trace::v3::ZipkinConfig::HTTP_JSON: return std::make_unique(shared_span_context); case envoy::config::trace::v3::ZipkinConfig::HTTP_PROTO: return std::make_unique(shared_span_context); default: NOT_REACHED_GCOVR_EXCL_LINE; } } std::string JsonV1Serializer::serialize(const std::vector& zipkin_spans) { const std::string serialized_elements = absl::StrJoin(zipkin_spans, ",", [](std::string* element, const Span& zipkin_span) { absl::StrAppend(element, zipkin_span.toJson()); }); return absl::StrCat("[", serialized_elements, "]"); } JsonV2Serializer::JsonV2Serializer(const bool shared_span_context) : shared_span_context_{shared_span_context} {} std::string JsonV2Serializer::serialize(const std::vector& zipkin_spans) { Util::Replacements replacements; const std::string serialized_elements = absl::StrJoin( zipkin_spans, ",", [this, &replacements](std::string* out, const Span& zipkin_span) { const auto& replacement_values = replacements; absl::StrAppend( out, absl::StrJoin( toListOfSpans(zipkin_span, replacements), ",", [&replacement_values](std::string* element, const ProtobufWkt::Struct& span) { const std::string json = MessageUtil::getJsonStringFromMessage( span, /* pretty_print */ false, /* always_print_primitive_fields */ true); // The Zipkin API V2 specification mandates to store timestamp value as int64 // https://github.com/openzipkin/zipkin-api/blob/228fabe660f1b5d1e28eac9df41f7d1deed4a1c2/zipkin2-api.yaml#L447-L463 // (often translated as uint64 in some of the official implementations: // https://github.com/openzipkin/zipkin-go/blob/62dc8b26c05e0e8b88eb7536eff92498e65bbfc3/model/span.go#L114, // and see the discussion here: // https://github.com/openzipkin/zipkin-go/pull/161#issuecomment-598558072). // However, when the timestamp is stored as number value in a protobuf // struct, it is stored as a double. Because of how protobuf serializes // doubles, there is a possibility that the value will be rendered as a // number with scientific notation as reported in: // https://github.com/envoyproxy/envoy/issues/9341#issuecomment-566912973. To // deal with that issue, here we do a workaround by storing the timestamp as // string and keeping track of that with the corresponding integer // replacements, and do the replacement here so we can meet the Zipkin API V2 // requirements. // // TODO(dio): The right fix for this is to introduce additional knob when // serializing double in protobuf DoubleToBuffer function, and make it // available to be controlled at caller site. // https://github.com/envoyproxy/envoy/issues/10411). absl::StrAppend(element, absl::StrReplaceAll(json, replacement_values)); })); }); return absl::StrCat("[", serialized_elements, "]"); } const std::vector JsonV2Serializer::toListOfSpans(const Span& zipkin_span, Util::Replacements& replacements) const { std::vector spans; spans.reserve(zipkin_span.annotations().size()); for (const auto& annotation : zipkin_span.annotations()) { ProtobufWkt::Struct span; auto* fields = span.mutable_fields(); if (annotation.value() == CLIENT_SEND) { (*fields)[SPAN_KIND] = ValueUtil::stringValue(KIND_CLIENT); } else if (annotation.value() == SERVER_RECV) { if (shared_span_context_ && zipkin_span.annotations().size() > 1) { (*fields)[SPAN_SHARED] = ValueUtil::boolValue(true); } (*fields)[SPAN_KIND] = ValueUtil::stringValue(KIND_SERVER); } else { continue; } if (annotation.isSetEndpoint()) { // Usually we store number to a ProtobufWkt::Struct object via ValueUtil::numberValue. // However, due to the possibility of rendering that to a number with scientific notation, we // chose to store it as a string and keeping track the corresponding replacement. For example, // we have 1584324295476870 if we stored it as a double value, MessageToJsonString gives // us 1.58432429547687e+15. Instead we store it as the string of 1584324295476870 (when it is // serialized: "1584324295476870"), and replace it post MessageToJsonString serialization with // integer (1584324295476870 without `"`), see: JsonV2Serializer::serialize. (*fields)[SPAN_TIMESTAMP] = Util::uint64Value(annotation.timestamp(), SPAN_TIMESTAMP, replacements); (*fields)[SPAN_LOCAL_ENDPOINT] = ValueUtil::structValue(toProtoEndpoint(annotation.endpoint())); } (*fields)[SPAN_TRACE_ID] = ValueUtil::stringValue(zipkin_span.traceIdAsHexString()); if (zipkin_span.isSetParentId()) { (*fields)[SPAN_PARENT_ID] = ValueUtil::stringValue(zipkin_span.parentIdAsHexString()); } (*fields)[SPAN_ID] = ValueUtil::stringValue(zipkin_span.idAsHexString()); const auto& span_name = zipkin_span.name(); if (!span_name.empty()) { (*fields)[SPAN_NAME] = ValueUtil::stringValue(span_name); } if (zipkin_span.isSetDuration()) { // Since SPAN_DURATION has the same data type with SPAN_TIMESTAMP, we use Util::uint64Value to // store it. (*fields)[SPAN_DURATION] = Util::uint64Value(zipkin_span.duration(), SPAN_DURATION, replacements); } const auto& binary_annotations = zipkin_span.binaryAnnotations(); if (!binary_annotations.empty()) { ProtobufWkt::Struct tags; auto* tag_fields = tags.mutable_fields(); for (const auto& binary_annotation : binary_annotations) { (*tag_fields)[binary_annotation.key()] = ValueUtil::stringValue(binary_annotation.value()); } (*fields)[SPAN_TAGS] = ValueUtil::structValue(tags); } spans.push_back(std::move(span)); } return spans; } const ProtobufWkt::Struct JsonV2Serializer::toProtoEndpoint(const Endpoint& zipkin_endpoint) const { ProtobufWkt::Struct endpoint; auto* fields = endpoint.mutable_fields(); Network::Address::InstanceConstSharedPtr address = zipkin_endpoint.address(); if (address) { if (address->ip()->version() == Network::Address::IpVersion::v4) { (*fields)[ENDPOINT_IPV4] = ValueUtil::stringValue(address->ip()->addressAsString()); } else { (*fields)[ENDPOINT_IPV6] = ValueUtil::stringValue(address->ip()->addressAsString()); } (*fields)[ENDPOINT_PORT] = ValueUtil::numberValue(address->ip()->port()); } const std::string& service_name = zipkin_endpoint.serviceName(); if (!service_name.empty()) { (*fields)[ENDPOINT_SERVICE_NAME] = ValueUtil::stringValue(service_name); } return endpoint; } ProtobufSerializer::ProtobufSerializer(const bool shared_span_context) : shared_span_context_{shared_span_context} {} std::string ProtobufSerializer::serialize(const std::vector& zipkin_spans) { zipkin::proto3::ListOfSpans spans; for (const Span& zipkin_span : zipkin_spans) { spans.MergeFrom(toListOfSpans(zipkin_span)); } std::string serialized; spans.SerializeToString(&serialized); return serialized; } const zipkin::proto3::ListOfSpans ProtobufSerializer::toListOfSpans(const Span& zipkin_span) const { zipkin::proto3::ListOfSpans spans; for (const auto& annotation : zipkin_span.annotations()) { zipkin::proto3::Span span; if (annotation.value() == CLIENT_SEND) { span.set_kind(zipkin::proto3::Span::CLIENT); } else if (annotation.value() == SERVER_RECV) { span.set_shared(shared_span_context_ && zipkin_span.annotations().size() > 1); span.set_kind(zipkin::proto3::Span::SERVER); } else { continue; } if (annotation.isSetEndpoint()) { span.set_timestamp(annotation.timestamp()); span.mutable_local_endpoint()->MergeFrom(toProtoEndpoint(annotation.endpoint())); } span.set_trace_id(zipkin_span.traceIdAsByteString()); if (zipkin_span.isSetParentId()) { span.set_parent_id(zipkin_span.parentIdAsByteString()); } span.set_id(zipkin_span.idAsByteString()); span.set_name(zipkin_span.name()); if (zipkin_span.isSetDuration()) { span.set_duration(zipkin_span.duration()); } auto& tags = *span.mutable_tags(); for (const auto& binary_annotation : zipkin_span.binaryAnnotations()) { tags[binary_annotation.key()] = binary_annotation.value(); } auto* mutable_span = spans.add_spans(); mutable_span->MergeFrom(span); } return spans; } const zipkin::proto3::Endpoint ProtobufSerializer::toProtoEndpoint(const Endpoint& zipkin_endpoint) const { zipkin::proto3::Endpoint endpoint; Network::Address::InstanceConstSharedPtr address = zipkin_endpoint.address(); if (address) { if (address->ip()->version() == Network::Address::IpVersion::v4) { endpoint.set_ipv4(Util::toByteString(address->ip()->ipv4()->address())); } else { endpoint.set_ipv6(Util::toByteString(address->ip()->ipv6()->address())); } endpoint.set_port(address->ip()->port()); } const std::string& service_name = zipkin_endpoint.serviceName(); if (!service_name.empty()) { endpoint.set_service_name(service_name); } return endpoint; } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_buffer.h ================================================ #pragma once #include "envoy/config/trace/v3/zipkin.pb.h" #include "common/protobuf/protobuf.h" #include "extensions/tracers/zipkin/tracer_interface.h" #include "extensions/tracers/zipkin/zipkin_core_types.h" #include "zipkin.pb.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * This class implements a simple buffer to store Zipkin tracing spans * prior to flushing them. */ class SpanBuffer { public: /** * Constructor that creates an empty buffer. Space needs to be allocated by invoking * the method allocateBuffer(size). * * @param version The selected Zipkin collector version. @see * api/envoy/config/trace/v2/trace.proto. * @param shared_span_context To determine whether client and server spans will share the same * span context. */ SpanBuffer(const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, bool shared_span_context); /** * Constructor that initializes a buffer with the given size. * * @param version The selected Zipkin collector version. @see * api/envoy/config/trace/v2/trace.proto. * @param shared_span_context To determine whether client and server spans will share the same * span context. * @param size The desired buffer size. */ SpanBuffer(const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, bool shared_span_context, uint64_t size); /** * Allocates space for an empty buffer or resizes a previously-allocated one. * * @param size The desired buffer size. */ void allocateBuffer(uint64_t size) { span_buffer_.reserve(size); } /** * Adds the given Zipkin span to the buffer. * * @param span The span to be added to the buffer. * * @return true if the span was successfully added, or false if the buffer was full. */ bool addSpan(Span&& span); /** * Empties the buffer. This method is supposed to be called when all buffered spans * have been sent to the Zipkin service. */ void clear() { span_buffer_.clear(); } /** * @return the number of spans currently buffered. */ uint64_t pendingSpans() { return span_buffer_.size(); } /** * Serializes std::vector span_buffer_ to std::string as payload for the reporter when the * reporter does spans flushing. This function does only serialization and does not clear * span_buffer_. * * @return std::string the contents of the buffer, a collection of serialized pending Zipkin * spans. */ std::string serialize() const { return serializer_->serialize(span_buffer_); } private: SerializerPtr makeSerializer(const envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion& version, bool shared_span_context); // We use a pre-allocated vector to improve performance std::vector span_buffer_; SerializerPtr serializer_; }; using SpanBufferPtr = std::unique_ptr; /** * JsonV1Serializer implements Zipkin::Serializer that serializes list of Zipkin spans into JSON * Zipkin v1 array. */ class JsonV1Serializer : public Serializer { public: JsonV1Serializer() = default; /** * Serialize list of Zipkin spans into Zipkin v1 JSON array. * @return std::string serialized pending spans as Zipkin v1 JSON array. */ std::string serialize(const std::vector& pending_spans) override; }; /** * JsonV2Serializer implements Zipkin::Serializer that serializes list of Zipkin spans into JSON * Zipkin v2 array. */ class JsonV2Serializer : public Serializer { public: JsonV2Serializer(bool shared_span_context); /** * Serialize list of Zipkin spans into Zipkin v2 JSON array. * @return std::string serialized pending spans as Zipkin v2 JSON array. */ std::string serialize(const std::vector& pending_spans) override; private: const std::vector toListOfSpans(const Span& zipkin_span, Util::Replacements& replacements) const; const ProtobufWkt::Struct toProtoEndpoint(const Endpoint& zipkin_endpoint) const; const bool shared_span_context_; }; /** * ProtobufSerializer implements Zipkin::Serializer that serializes list of Zipkin spans into * stringified (SerializeToString) protobuf message. */ class ProtobufSerializer : public Serializer { public: ProtobufSerializer(bool shared_span_context); /** * Serialize list of Zipkin spans into Zipkin v2 zipkin::proto3::ListOfSpans. * @return std::string serialized pending spans as Zipkin zipkin::proto3::ListOfSpans. */ std::string serialize(const std::vector& pending_spans) override; private: const zipkin::proto3::ListOfSpans toListOfSpans(const Span& zipkin_span) const; const zipkin::proto3::Endpoint toProtoEndpoint(const Endpoint& zipkin_endpoint) const; const bool shared_span_context_; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_context.cc ================================================ #include "extensions/tracers/zipkin/span_context.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { SpanContext::SpanContext(const Span& span) : trace_id_high_(span.isSetTraceIdHigh() ? span.traceIdHigh() : 0), trace_id_(span.traceId()), id_(span.id()), parent_id_(span.isSetParentId() ? span.parentId() : 0), sampled_(span.sampled()) {} } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_context.h ================================================ #pragma once #include #include "extensions/tracers/zipkin/util.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" #include "extensions/tracers/zipkin/zipkin_core_types.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * This class represents the context of a Zipkin span. It embodies the following * span characteristics: trace id, span id, parent id, and basic annotations. */ class SpanContext { public: /** * Default constructor. Creates an empty context. */ SpanContext() = default; /** * Constructor that creates a context object from the supplied trace, span and * parent ids, and sampled flag. * * @param trace_id_high The high 64 bits of the trace id. * @param trace_id The low 64 bits of the trace id. * @param id The span id. * @param parent_id The parent id. * @param sampled The sampled flag. */ SpanContext(const uint64_t trace_id_high, const uint64_t trace_id, const uint64_t id, const uint64_t parent_id, bool sampled) : trace_id_high_(trace_id_high), trace_id_(trace_id), id_(id), parent_id_(parent_id), sampled_(sampled) {} /** * Constructor that creates a context object from the given Zipkin span object. * * @param span The Zipkin span used to initialize a SpanContext object. */ SpanContext(const Span& span); /** * @return the span id as an integer */ uint64_t id() const { return id_; } /** * @return the span's parent id as an integer. */ uint64_t parentId() const { return parent_id_; } /** * @return the high 64 bits of the trace id as an integer. */ uint64_t traceIdHigh() const { return trace_id_high_; } /** * @return the low 64 bits of the trace id as an integer. */ uint64_t traceId() const { return trace_id_; } /** * @return whether using 128 bit trace id. */ bool is128BitTraceId() const { return trace_id_high_ != 0; } /** * @return the sampled flag. */ bool sampled() const { return sampled_; } private: const uint64_t trace_id_high_{0}; const uint64_t trace_id_{0}; const uint64_t id_{0}; const uint64_t parent_id_{0}; const bool sampled_{false}; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_context_extractor.cc ================================================ #include "extensions/tracers/zipkin/span_context_extractor.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "extensions/tracers/zipkin/span_context.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { namespace { constexpr int FormatMaxLength = 32 + 1 + 16 + 3 + 16; // traceid128-spanid-1-parentid bool validSamplingFlags(char c) { if (c == '1' || c == '0' || c == 'd') { return true; } return false; } bool getSamplingFlags(char c, const Tracing::Decision tracing_decision) { if (validSamplingFlags(c)) { return c == '0' ? false : true; } else { return tracing_decision.traced; } } } // namespace SpanContextExtractor::SpanContextExtractor(Http::RequestHeaderMap& request_headers) : request_headers_(request_headers) {} SpanContextExtractor::~SpanContextExtractor() = default; bool SpanContextExtractor::extractSampled(const Tracing::Decision tracing_decision) { bool sampled(false); auto b3_header_entry = request_headers_.get(ZipkinCoreConstants::get().B3); if (b3_header_entry) { absl::string_view b3 = b3_header_entry->value().getStringView(); int sampled_pos = 0; switch (b3.length()) { case 1: break; case 35: // 16 + 1 + 16 + 2 sampled_pos = 34; break; case 51: // 32 + 1 + 16 + 2 sampled_pos = 50; break; case 52: // 16 + 1 + 16 + 2 + 1 + 16 sampled_pos = 34; break; case 68: // 32 + 1 + 16 + 2 + 1 + 16 sampled_pos = 50; break; default: return tracing_decision.traced; } return getSamplingFlags(b3[sampled_pos], tracing_decision); } auto x_b3_sampled_entry = request_headers_.get(ZipkinCoreConstants::get().X_B3_SAMPLED); if (!x_b3_sampled_entry) { return tracing_decision.traced; } // Checking if sampled flag has been specified. Also checking for 'true' value, as some old // zipkin tracers may still use that value, although should be 0 or 1. absl::string_view xb3_sampled = x_b3_sampled_entry->value().getStringView(); sampled = xb3_sampled == SAMPLED || xb3_sampled == "true"; return sampled; } std::pair SpanContextExtractor::extractSpanContext(bool is_sampled) { if (request_headers_.get(ZipkinCoreConstants::get().B3)) { return extractSpanContextFromB3SingleFormat(is_sampled); } uint64_t trace_id(0); uint64_t trace_id_high(0); uint64_t span_id(0); uint64_t parent_id(0); auto b3_trace_id_entry = request_headers_.get(ZipkinCoreConstants::get().X_B3_TRACE_ID); auto b3_span_id_entry = request_headers_.get(ZipkinCoreConstants::get().X_B3_SPAN_ID); if (b3_span_id_entry && b3_trace_id_entry) { // Extract trace id - which can either be 128 or 64 bit. For 128 bit, // it needs to be divided into two 64 bit numbers (high and low). const std::string tid(b3_trace_id_entry->value().getStringView()); if (b3_trace_id_entry->value().size() == 32) { const std::string high_tid = tid.substr(0, 16); const std::string low_tid = tid.substr(16, 16); if (!StringUtil::atoull(high_tid.c_str(), trace_id_high, 16) || !StringUtil::atoull(low_tid.c_str(), trace_id, 16)) { throw ExtractorException( fmt::format("Invalid traceid_high {} or tracid {}", high_tid.c_str(), low_tid.c_str())); } } else if (!StringUtil::atoull(tid.c_str(), trace_id, 16)) { throw ExtractorException(absl::StrCat("Invalid trace_id ", tid.c_str())); } const std::string spid(b3_span_id_entry->value().getStringView()); if (!StringUtil::atoull(spid.c_str(), span_id, 16)) { throw ExtractorException(absl::StrCat("Invalid span id ", spid.c_str())); } auto b3_parent_id_entry = request_headers_.get(ZipkinCoreConstants::get().X_B3_PARENT_SPAN_ID); if (b3_parent_id_entry && !b3_parent_id_entry->value().empty()) { const std::string pspid(b3_parent_id_entry->value().getStringView()); if (!StringUtil::atoull(pspid.c_str(), parent_id, 16)) { throw ExtractorException(absl::StrCat("Invalid parent span id ", pspid.c_str())); } } } else { return {SpanContext(), false}; } return {SpanContext(trace_id_high, trace_id, span_id, parent_id, is_sampled), true}; } std::pair SpanContextExtractor::extractSpanContextFromB3SingleFormat(bool is_sampled) { auto b3_head_entry = request_headers_.get(ZipkinCoreConstants::get().B3); ASSERT(b3_head_entry); const std::string b3(b3_head_entry->value().getStringView()); if (!b3.length()) { throw ExtractorException("Invalid input: empty"); } if (b3.length() == 1) { // possibly sampling flags if (validSamplingFlags(b3[0])) { return std::pair(SpanContext(), false); } throw ExtractorException(fmt::format("Invalid input: invalid sampling flag {}", b3[0])); } if (b3.length() < 16 + 1 + 16 /* traceid64-spanid */) { throw ExtractorException("Invalid input: truncated"); } else if (b3.length() > FormatMaxLength) { throw ExtractorException("Invalid input: too long"); } uint64_t trace_id(0); uint64_t trace_id_high(0); uint64_t span_id(0); uint64_t parent_id(0); uint64_t pos = 0; const std::string trace_id_str = b3.substr(pos, 16); if (b3[pos + 32] == '-') { if (!StringUtil::atoull(trace_id_str.c_str(), trace_id_high, 16)) { throw ExtractorException( fmt::format("Invalid input: invalid trace id high {}", trace_id_str.c_str())); } pos += 16; const std::string trace_id_low_str = b3.substr(pos, 16); if (!StringUtil::atoull(trace_id_low_str.c_str(), trace_id, 16)) { throw ExtractorException( fmt::format("Invalid input: invalid trace id {}", trace_id_low_str.c_str())); } } else { if (!StringUtil::atoull(trace_id_str.c_str(), trace_id, 16)) { throw ExtractorException( fmt::format("Invalid input: invalid trace id {}", trace_id_str.c_str())); } } pos += 16; // traceId ended if (!(b3[pos++] == '-')) { throw ExtractorException("Invalid input: not exists span id"); } const std::string span_id_str = b3.substr(pos, 16); if (!StringUtil::atoull(span_id_str.c_str(), span_id, 16)) { throw ExtractorException(fmt::format("Invalid input: invalid span id {}", span_id_str.c_str())); } pos += 16; // spanId ended if (b3.length() > pos) { // If we are at this point, we have more than just traceId-spanId. // If the sampling field is present, we'll have a delimiter 2 characters from now. Ex "-1" // If it is absent, but a parent ID is (which is strange), we'll have at least 17 characters. // Therefore, if we have less than two characters, the input is truncated. if (b3.length() == (pos + 1)) { throw ExtractorException("Invalid input: truncated"); } if (!(b3[pos++] == '-')) { throw ExtractorException("Invalid input: not exists sampling field"); } // If our position is at the end of the string, or another delimiter is one character past our // position, try to read sampled status. if (b3.length() == pos + 1 || ((b3.length() >= pos + 2) && (b3[pos + 1] == '-'))) { if (!validSamplingFlags(b3[pos])) { throw ExtractorException(fmt::format("Invalid input: invalid sampling flag {}", b3[pos])); } pos++; // consume the sampled status } else { throw ExtractorException("Invalid input: truncated"); } if (b3.length() > pos) { // If we are at this point, we should have a parent ID, encoded as "-[0-9a-f]{16}" if (b3.length() != pos + 17) { throw ExtractorException("Invalid input: truncated"); } ASSERT(b3[pos] == '-'); pos++; const std::string parent_id_str = b3.substr(pos, b3.length() - pos); if (!StringUtil::atoull(parent_id_str.c_str(), parent_id, 16)) { throw ExtractorException( fmt::format("Invalid input: invalid parent id {}", parent_id_str.c_str())); } } } return {SpanContext(trace_id_high, trace_id, span_id, parent_id, is_sampled), true}; } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/span_context_extractor.h ================================================ #pragma once #include "envoy/common/exception.h" #include "envoy/tracing/http_tracer.h" #include "common/http/header_map_impl.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { class SpanContext; struct ExtractorException : public EnvoyException { ExtractorException(const std::string& what) : EnvoyException(what) {} }; /** * This class is used to SpanContext extracted from the Http header */ class SpanContextExtractor { public: SpanContextExtractor(Http::RequestHeaderMap& request_headers); ~SpanContextExtractor(); bool extractSampled(const Tracing::Decision tracing_decision); std::pair extractSpanContext(bool is_sampled); private: /* * Use to SpanContext extracted from B3 single format Http header * b3: {x-b3-traceid}-{x-b3-spanid}-{if x-b3-flags 'd' else x-b3-sampled}-{x-b3-parentspanid} * See: "https://github.com/openzipkin/b3-propagation */ std::pair extractSpanContextFromB3SingleFormat(bool is_sampled); bool tryExtractSampledFromB3SingleFormat(); const Http::RequestHeaderMap& request_headers_; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/tracer.cc ================================================ #include "extensions/tracers/zipkin/tracer.h" #include #include "common/common/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/zipkin/util.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { SpanPtr Tracer::startSpan(const Tracing::Config& config, const std::string& span_name, SystemTime timestamp) { // Build the endpoint Endpoint ep(service_name_, address_); // Build the CS annotation Annotation cs; cs.setEndpoint(std::move(ep)); if (config.operationName() == Tracing::OperationName::Egress) { cs.setValue(CLIENT_SEND); } else { cs.setValue(SERVER_RECV); } // Create an all-new span, with no parent id SpanPtr span_ptr = std::make_unique(time_source_); span_ptr->setName(span_name); uint64_t random_number = random_generator_.random(); span_ptr->setId(random_number); span_ptr->setTraceId(random_number); if (trace_id_128bit_) { span_ptr->setTraceIdHigh(random_generator_.random()); } int64_t start_time_micro = std::chrono::duration_cast( time_source_.monotonicTime().time_since_epoch()) .count(); span_ptr->setStartTime(start_time_micro); // Set the timestamp globally for the span and also for the CS annotation uint64_t timestamp_micro = std::chrono::duration_cast(timestamp.time_since_epoch()).count(); cs.setTimestamp(timestamp_micro); span_ptr->setTimestamp(timestamp_micro); // Add CS annotation to the span span_ptr->addAnnotation(std::move(cs)); span_ptr->setTracer(this); return span_ptr; } SpanPtr Tracer::startSpan(const Tracing::Config& config, const std::string& span_name, SystemTime timestamp, const SpanContext& previous_context) { SpanPtr span_ptr = std::make_unique(time_source_); Annotation annotation; uint64_t timestamp_micro; timestamp_micro = std::chrono::duration_cast(timestamp.time_since_epoch()).count(); span_ptr->setName(span_name); // Set the span's kind (client or server) if (config.operationName() == Tracing::OperationName::Egress) { annotation.setValue(CLIENT_SEND); } else { annotation.setValue(SERVER_RECV); } // Set the span's id and parent id if (config.operationName() == Tracing::OperationName::Egress || !shared_span_context_) { // We need to create a new span that is a child of the previous span; no shared context // Create a new span id uint64_t random_number = random_generator_.random(); span_ptr->setId(random_number); // Set the parent id to the id of the previous span span_ptr->setParentId(previous_context.id()); // Set the timestamp globally for the span span_ptr->setTimestamp(timestamp_micro); } else if (config.operationName() == Tracing::OperationName::Ingress) { // We need to create a new span that will share context with the previous span // Initialize the shared context for the new span span_ptr->setId(previous_context.id()); if (previous_context.parentId()) { span_ptr->setParentId(previous_context.parentId()); } } else { return span_ptr; // return an empty span } // Build the endpoint Endpoint ep(service_name_, address_); // Add the newly-created annotation to the span annotation.setEndpoint(std::move(ep)); annotation.setTimestamp(timestamp_micro); span_ptr->addAnnotation(std::move(annotation)); // Keep the same trace id span_ptr->setTraceId(previous_context.traceId()); if (previous_context.is128BitTraceId()) { span_ptr->setTraceIdHigh(previous_context.traceIdHigh()); } // Keep the same sampled flag span_ptr->setSampled(previous_context.sampled()); int64_t start_time_micro = std::chrono::duration_cast( time_source_.monotonicTime().time_since_epoch()) .count(); span_ptr->setStartTime(start_time_micro); span_ptr->setTracer(this); return span_ptr; } void Tracer::reportSpan(Span&& span) { if (reporter_ && span.sampled()) { reporter_->reportSpan(std::move(span)); } } void Tracer::setReporter(ReporterPtr reporter) { reporter_ = std::move(reporter); } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/tracer.h ================================================ #pragma once #include "envoy/common/pure.h" #include "envoy/common/random_generator.h" #include "envoy/common/time.h" #include "envoy/tracing/http_tracer.h" #include "extensions/tracers/zipkin/span_context.h" #include "extensions/tracers/zipkin/tracer_interface.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" #include "extensions/tracers/zipkin/zipkin_core_types.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * Abstract class that delegates to users of the Tracer class the responsibility * of "reporting" a Zipkin span that has ended its life cycle. "Reporting" can mean that the * span will be sent to out to Zipkin, or buffered so that it can be sent out later. */ class Reporter { public: /** * Destructor. */ virtual ~Reporter() = default; /** * Method that a concrete Reporter class must implement to handle finished spans. * For example, a span-buffer management policy could be implemented. * * @param span The span that needs action. */ virtual void reportSpan(Span&& span) PURE; }; using ReporterPtr = std::unique_ptr; /** * This class implements the Zipkin tracer. It has methods to create the appropriate Zipkin span * type, i.e., root span, child span, or shared-context span. * * This class allows its users to supply a concrete Reporter class whose reportSpan method * is called by its own reportSpan method. By doing so, we have cleanly separated the logic * of dealing with finished spans from the span-creation and tracing logic. */ class Tracer : public TracerInterface { public: /** * Constructor. * * @param service_name The name of the service where the Tracer is running. This name is * used in all annotations' endpoints of the spans created by the Tracer. * @param address Pointer to a network-address object. The IP address and port are used * in all annotations' endpoints of the spans created by the Tracer. * @param random_generator Reference to the random-number generator to be used by the Tracer. * @param trace_id_128bit Whether 128bit ids should be used. * @param shared_span_context Whether shared span id should be used. */ Tracer(const std::string& service_name, Network::Address::InstanceConstSharedPtr address, Random::RandomGenerator& random_generator, const bool trace_id_128bit, const bool shared_span_context, TimeSource& time_source) : service_name_(service_name), address_(address), reporter_(nullptr), random_generator_(random_generator), trace_id_128bit_(trace_id_128bit), shared_span_context_(shared_span_context), time_source_(time_source) {} /** * Creates a "root" Zipkin span. * * @param config The tracing configuration * @param span_name Name of the new span. * @param start_time The time indicating the beginning of the span. * @return SpanPtr The root span. */ SpanPtr startSpan(const Tracing::Config&, const std::string& span_name, SystemTime timestamp); /** * Depending on the given context, creates either a "child" or a "shared-context" Zipkin span. * * @param config The tracing configuration * @param span_name Name of the new span. * @param start_time The time indicating the beginning of the span. * @param previous_context The context of the span preceding the one to be created. * @return SpanPtr The child span. */ SpanPtr startSpan(const Tracing::Config&, const std::string& span_name, SystemTime timestamp, const SpanContext& previous_context); /** * TracerInterface::reportSpan. * * @param span The span to be reported. */ void reportSpan(Span&& span) override; /** * Associates a Reporter object with this Tracer. * * @param The span reporter. */ void setReporter(ReporterPtr reporter); private: const std::string service_name_; Network::Address::InstanceConstSharedPtr address_; ReporterPtr reporter_; Random::RandomGenerator& random_generator_; const bool trace_id_128bit_; const bool shared_span_context_; TimeSource& time_source_; }; using TracerPtr = std::unique_ptr; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/tracer_interface.h ================================================ #pragma once #include #include #include #include "envoy/common/pure.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { class Span; /** * This interface must be observed by a Zipkin tracer. */ class TracerInterface { public: /** * Destructor. */ virtual ~TracerInterface() = default; /** * A Zipkin tracer must implement this method. Its implementation must perform whatever * actions are required when the given span is considered finished. An implementation * will typically buffer the given span so that it can be flushed later. * * This method is invoked by the Span object when its finish() method is called. * * @param span The span that needs action. */ virtual void reportSpan(Span&& span) PURE; }; /** * Buffered pending spans serializer. */ class Serializer { public: virtual ~Serializer() = default; /** * Serialize buffered pending spans. * * @return std::string serialized buffered pending spans. */ virtual std::string serialize(const std::vector& spans) PURE; }; using SerializerPtr = std::unique_ptr; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/util.cc ================================================ #include "extensions/tracers/zipkin/util.h" #include #include #include #include "common/common/hex.h" #include "common/common/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { uint64_t Util::generateRandom64(TimeSource& time_source) { uint64_t seed = std::chrono::duration_cast( time_source.systemTime().time_since_epoch()) .count(); std::mt19937_64 rand_64(seed); return rand_64(); } ProtobufWkt::Value Util::uint64Value(uint64_t value, absl::string_view name, Replacements& replacements) { const std::string string_value = std::to_string(value); replacements.push_back({absl::StrCat("\"", name, "\":\"", string_value, "\""), absl::StrCat("\"", name, "\":", string_value)}); return ValueUtil::stringValue(string_value); } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/util.h ================================================ #pragma once #include #include #include "envoy/common/time.h" #include "common/common/byte_order.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * Utility class with a few convenient methods */ class Util { public: /** * Returns a randomly-generated 64-bit integer number. */ static uint64_t generateRandom64(TimeSource& time_source); /** * Returns byte string representation of a number. * * @param value Number that will be represented in byte string. * @return std::string byte string representation of a number. */ template static std::string toByteString(Type value) { return std::string(reinterpret_cast(&value), sizeof(Type)); } /** * Returns big endian byte string representation of a number. * * @param value Number that will be represented in byte string. * @param flip indicates to flip order or not. * @return std::string byte string representation of a number. */ template static std::string toBigEndianByteString(Type value) { auto bytes = toEndianness(value); return std::string(reinterpret_cast(&bytes), sizeof(Type)); } using Replacements = std::vector>; /** * Returns a wrapped uint64_t value as a string. In addition to that, it also pushes back a * replacement to the given replacements vector. The replacement includes the supplied name * as a key, for identification in a JSON stream. * * @param value unt64_t number that will be represented in string. * @param name std::string that is the key for the value being replaced. * @param replacements a container to hold the required replacements when serializing this value. * @return ProtobufWkt::Value wrapped uint64_t as a string. */ static ProtobufWkt::Value uint64Value(uint64_t value, absl::string_view name, Replacements& replacements); }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_core_constants.h ================================================ #pragma once #include #include "envoy/http/header_map.h" #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { namespace { constexpr char KIND_CLIENT[] = "CLIENT"; constexpr char KIND_SERVER[] = "SERVER"; constexpr char CLIENT_SEND[] = "cs"; constexpr char CLIENT_RECV[] = "cr"; constexpr char SERVER_SEND[] = "ss"; constexpr char SERVER_RECV[] = "sr"; constexpr char HTTP_HOST[] = "http.host"; constexpr char HTTP_METHOD[] = "http.method"; constexpr char HTTP_PATH[] = "http.path"; constexpr char HTTP_URL[] = "http.url"; constexpr char HTTP_STATUS_CODE[] = "http.status_code"; constexpr char HTTP_REQUEST_SIZE[] = "http.request.size"; constexpr char HTTP_RESPONSE_SIZE[] = "http.response.size"; constexpr char LOCAL_COMPONENT[] = "lc"; constexpr char ERROR[] = "error"; constexpr char CLIENT_ADDR[] = "ca"; constexpr char SERVER_ADDR[] = "sa"; constexpr char SAMPLED[] = "1"; constexpr char NOT_SAMPLED[] = "0"; constexpr char DEFAULT_COLLECTOR_ENDPOINT[] = "/api/v1/spans"; constexpr bool DEFAULT_SHARED_SPAN_CONTEXT = true; } // namespace class ZipkinCoreConstantValues { public: // Zipkin B3 headers const Http::LowerCaseString X_B3_TRACE_ID{"x-b3-traceid"}; const Http::LowerCaseString X_B3_SPAN_ID{"x-b3-spanid"}; const Http::LowerCaseString X_B3_PARENT_SPAN_ID{"x-b3-parentspanid"}; const Http::LowerCaseString X_B3_SAMPLED{"x-b3-sampled"}; const Http::LowerCaseString X_B3_FLAGS{"x-b3-flags"}; // Zipkin b3 single header const Http::LowerCaseString B3{"b3"}; }; using ZipkinCoreConstants = ConstSingleton; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_core_types.cc ================================================ #include "extensions/tracers/zipkin/zipkin_core_types.h" #include #include "common/common/utility.h" #include "extensions/tracers/zipkin/span_context.h" #include "extensions/tracers/zipkin/util.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" #include "extensions/tracers/zipkin/zipkin_json_field_names.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { Endpoint::Endpoint(const Endpoint& ep) { service_name_ = ep.serviceName(); address_ = ep.address(); } Endpoint& Endpoint::operator=(const Endpoint& ep) { service_name_ = ep.serviceName(); address_ = ep.address(); return *this; } const ProtobufWkt::Struct Endpoint::toStruct(Util::Replacements&) const { ProtobufWkt::Struct endpoint; auto* fields = endpoint.mutable_fields(); if (!address_) { (*fields)[ENDPOINT_IPV4] = ValueUtil::stringValue(""); (*fields)[ENDPOINT_PORT] = ValueUtil::numberValue(0); } else { (*fields)[address_->ip()->version() == Network::Address::IpVersion::v4 ? ENDPOINT_IPV4 : ENDPOINT_IPV6] = ValueUtil::stringValue(address_->ip()->addressAsString()); (*fields)[ENDPOINT_PORT] = ValueUtil::numberValue(address_->ip()->port()); } (*fields)[ENDPOINT_SERVICE_NAME] = ValueUtil::stringValue(service_name_); return endpoint; } Annotation::Annotation(const Annotation& ann) { timestamp_ = ann.timestamp(); value_ = ann.value(); if (ann.isSetEndpoint()) { endpoint_ = ann.endpoint(); } } Annotation& Annotation::operator=(const Annotation& ann) { timestamp_ = ann.timestamp(); value_ = ann.value(); if (ann.isSetEndpoint()) { endpoint_ = ann.endpoint(); } return *this; } void Annotation::changeEndpointServiceName(const std::string& service_name) { if (endpoint_.has_value()) { endpoint_.value().setServiceName(service_name); } } const ProtobufWkt::Struct Annotation::toStruct(Util::Replacements& replacements) const { ProtobufWkt::Struct annotation; auto* fields = annotation.mutable_fields(); (*fields)[ANNOTATION_TIMESTAMP] = Util::uint64Value(timestamp_, SPAN_TIMESTAMP, replacements); (*fields)[ANNOTATION_VALUE] = ValueUtil::stringValue(value_); if (endpoint_.has_value()) { (*fields)[ANNOTATION_ENDPOINT] = ValueUtil::structValue(static_cast(endpoint_.value()).toStruct(replacements)); } return annotation; } BinaryAnnotation::BinaryAnnotation(const BinaryAnnotation& ann) { key_ = ann.key(); value_ = ann.value(); annotation_type_ = ann.annotationType(); if (ann.isSetEndpoint()) { endpoint_ = ann.endpoint(); } } BinaryAnnotation& BinaryAnnotation::operator=(const BinaryAnnotation& ann) { key_ = ann.key(); value_ = ann.value(); annotation_type_ = ann.annotationType(); if (ann.isSetEndpoint()) { endpoint_ = ann.endpoint(); } return *this; } const ProtobufWkt::Struct BinaryAnnotation::toStruct(Util::Replacements& replacements) const { ProtobufWkt::Struct binary_annotation; auto* fields = binary_annotation.mutable_fields(); (*fields)[BINARY_ANNOTATION_KEY] = ValueUtil::stringValue(key_); (*fields)[BINARY_ANNOTATION_VALUE] = ValueUtil::stringValue(value_); if (endpoint_) { (*fields)[BINARY_ANNOTATION_ENDPOINT] = ValueUtil::structValue(static_cast(endpoint_.value()).toStruct(replacements)); } return binary_annotation; } const std::string Span::EMPTY_HEX_STRING_ = "0000000000000000"; Span::Span(const Span& span) : time_source_(span.time_source_) { trace_id_ = span.traceId(); if (span.isSetTraceIdHigh()) { trace_id_high_ = span.traceIdHigh(); } name_ = span.name(); id_ = span.id(); if (span.isSetParentId()) { parent_id_ = span.parentId(); } debug_ = span.debug(); sampled_ = span.sampled(); annotations_ = span.annotations(); binary_annotations_ = span.binaryAnnotations(); if (span.isSetTimestamp()) { timestamp_ = span.timestamp(); } if (span.isSetDuration()) { duration_ = span.duration(); } monotonic_start_time_ = span.startTime(); tracer_ = span.tracer(); } void Span::setServiceName(const std::string& service_name) { for (auto& annotation : annotations_) { annotation.changeEndpointServiceName(service_name); } } const ProtobufWkt::Struct Span::toStruct(Util::Replacements& replacements) const { ProtobufWkt::Struct span; auto* fields = span.mutable_fields(); (*fields)[SPAN_TRACE_ID] = ValueUtil::stringValue(traceIdAsHexString()); (*fields)[SPAN_NAME] = ValueUtil::stringValue(name_); (*fields)[SPAN_ID] = ValueUtil::stringValue(Hex::uint64ToHex(id_)); if (parent_id_.has_value()) { (*fields)[SPAN_PARENT_ID] = ValueUtil::stringValue(Hex::uint64ToHex(parent_id_.value())); } if (timestamp_.has_value()) { // Usually we store number to a ProtobufWkt::Struct object via ValueUtil::numberValue. // However, due to the possibility of rendering that to a number with scientific notation, we // chose to store it as a string and keeping track the corresponding replacement. (*fields)[SPAN_TIMESTAMP] = Util::uint64Value(timestamp_.value(), SPAN_TIMESTAMP, replacements); } if (duration_.has_value()) { // Since SPAN_DURATION has the same data type with SPAN_TIMESTAMP, we use Util::uint64Value to // store it. (*fields)[SPAN_DURATION] = Util::uint64Value(duration_.value(), SPAN_DURATION, replacements); } if (!annotations_.empty()) { std::vector annotation_list; for (auto& annotation : annotations_) { annotation_list.push_back(ValueUtil::structValue(annotation.toStruct(replacements))); } (*fields)[SPAN_ANNOTATIONS] = ValueUtil::listValue(annotation_list); } if (!binary_annotations_.empty()) { std::vector binary_annotation_list; for (auto& binary_annotation : binary_annotations_) { binary_annotation_list.push_back( ValueUtil::structValue(binary_annotation.toStruct(replacements))); } (*fields)[SPAN_BINARY_ANNOTATIONS] = ValueUtil::listValue(binary_annotation_list); } return span; } void Span::finish() { // Assumption: Span will have only one annotation when this method is called. SpanContext context(*this); if (annotations_[0].value() == SERVER_RECV) { // Need to set the SS annotation Annotation ss; ss.setEndpoint(annotations_[0].endpoint()); ss.setTimestamp(std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count()); ss.setValue(SERVER_SEND); annotations_.push_back(std::move(ss)); } else if (annotations_[0].value() == CLIENT_SEND) { // Need to set the CR annotation. Annotation cr; const uint64_t stop_timestamp = std::chrono::duration_cast( time_source_.systemTime().time_since_epoch()) .count(); cr.setEndpoint(annotations_[0].endpoint()); cr.setTimestamp(stop_timestamp); cr.setValue(CLIENT_RECV); annotations_.push_back(std::move(cr)); } if (monotonic_start_time_) { const int64_t monotonic_stop_time = std::chrono::duration_cast( time_source_.monotonicTime().time_since_epoch()) .count(); setDuration(monotonic_stop_time - monotonic_start_time_); } if (auto t = tracer()) { t->reportSpan(std::move(*this)); } } void Span::setTag(absl::string_view name, absl::string_view value) { if (!name.empty() && !value.empty()) { addBinaryAnnotation(BinaryAnnotation(name, value)); } } void Span::log(SystemTime timestamp, const std::string& event) { Annotation annotation; annotation.setTimestamp( std::chrono::duration_cast(timestamp.time_since_epoch()).count()); annotation.setValue(event); addAnnotation(std::move(annotation)); } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_core_types.h ================================================ #pragma once #include #include "envoy/common/pure.h" #include "envoy/common/time.h" #include "envoy/network/address.h" #include "common/common/assert.h" #include "common/common/hex.h" #include "common/protobuf/utility.h" #include "extensions/tracers/zipkin/tracer_interface.h" #include "extensions/tracers/zipkin/util.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_replace.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { /** * Base class to be inherited by all classes that represent Zipkin-related concepts, namely: * endpoint, annotation, binary annotation, and span. */ class ZipkinBase { public: /** * Destructor. */ virtual ~ZipkinBase() = default; /** * All classes defining Zipkin abstractions need to implement this method to convert * the corresponding abstraction to a ProtobufWkt::Struct. * @param replacements A container that is used to hold the required replacements when this object * is serialized. */ virtual const ProtobufWkt::Struct toStruct(Util::Replacements& replacements) const PURE; /** * Serializes the a type as a Zipkin-compliant JSON representation as a string. * * @return a stringified JSON. */ const std::string toJson() const { Util::Replacements replacements; return absl::StrReplaceAll( MessageUtil::getJsonStringFromMessage(toStruct(replacements), /* pretty_print */ false, /* always_print_primitive_fields */ true), replacements); }; }; /** * Represents a Zipkin endpoint. This class is based on Zipkin's Thrift definition of an endpoint. * Endpoints can be added to Zipkin annotations. */ class Endpoint : public ZipkinBase { public: /** * Copy constructor. */ Endpoint(const Endpoint&); /** * Assignment operator. */ Endpoint& operator=(const Endpoint&); /** * Default constructor. Creates an empty Endpoint. */ Endpoint() : address_(nullptr) {} /** * Constructor that initializes an endpoint with the given attributes. * * @param service_name String representing the endpoint's service name * @param address Pointer to an object representing the endpoint's network address */ Endpoint(const std::string& service_name, Network::Address::InstanceConstSharedPtr address) : service_name_(service_name), address_(address) {} /** * @return the endpoint's address. */ Network::Address::InstanceConstSharedPtr address() const { return address_; } /** * Sets the endpoint's address */ void setAddress(Network::Address::InstanceConstSharedPtr address) { address_ = address; } /** * @return the endpoint's service name attribute. */ const std::string& serviceName() const { return service_name_; } /** * Sets the endpoint's service name attribute. */ void setServiceName(const std::string& service_name) { service_name_ = service_name; } /** * Represents the endpoint as a protobuf struct. * * @return a protobuf struct. */ const ProtobufWkt::Struct toStruct(Util::Replacements& replacements) const override; private: std::string service_name_; Network::Address::InstanceConstSharedPtr address_; }; /** * Represents a Zipkin basic annotation. This class is based on Zipkin's Thrift definition of * an annotation. */ class Annotation : public ZipkinBase { public: /** * Copy constructor. */ Annotation(const Annotation&); /** * Assignment operator. */ Annotation& operator=(const Annotation&); /** * Default constructor. Creates an empty annotation. */ Annotation() = default; /** * Constructor that creates an annotation based on the given parameters. * * @param timestamp A 64-bit integer containing the annotation timestamp attribute. * @param value A string containing the annotation's value attribute. Valid values * appear on ZipkinCoreConstants. The most commonly used values are "cs", "cr", "ss" and "sr". * @param endpoint The endpoint object representing the annotation's endpoint attribute. */ Annotation(uint64_t timestamp, const std::string value, Endpoint& endpoint) : timestamp_(timestamp), value_(value), endpoint_(endpoint) {} /** * @return the annotation's endpoint attribute. */ const Endpoint& endpoint() const { return endpoint_.value(); } /** * Sets the annotation's endpoint attribute (copy semantics). */ void setEndpoint(const Endpoint& endpoint) { endpoint_ = endpoint; } /** * Sets the annotation's endpoint attribute (move semantics). */ void setEndpoint(const Endpoint&& endpoint) { endpoint_ = endpoint; } /** * Replaces the endpoint's service-name attribute value with the given value. * * @param service_name String with the new service name. */ void changeEndpointServiceName(const std::string& service_name); /** * @return the annotation's timestamp attribute * (clock time for user presentation: microseconds since epoch). */ uint64_t timestamp() const { return timestamp_; } /** * Sets the annotation's timestamp attribute. */ void setTimestamp(uint64_t timestamp) { timestamp_ = timestamp; } /** * return the annotation's value attribute. */ const std::string& value() const { return value_; } /** * Sets the annotation's value attribute. */ void setValue(const std::string& value) { value_ = value; } /** * @return true if the endpoint attribute is set, or false otherwise. */ bool isSetEndpoint() const { return endpoint_.has_value(); } /** * Represents the annotation as a protobuf struct. * * @return a protobuf struct. */ const ProtobufWkt::Struct toStruct(Util::Replacements& replacements) const override; private: uint64_t timestamp_{0}; std::string value_; absl::optional endpoint_; }; /** * Enum representing valid types of Zipkin binary annotations. */ enum AnnotationType { BOOL = 0, STRING = 1 }; /** * Represents a Zipkin binary annotation. This class is based on Zipkin's Thrift definition of * a binary annotation. A binary annotation allows arbitrary key-value pairs to be associated * with a Zipkin span. */ class BinaryAnnotation : public ZipkinBase { public: /** * Copy constructor. */ BinaryAnnotation(const BinaryAnnotation&); /** * Assignment operator. */ BinaryAnnotation& operator=(const BinaryAnnotation&); /** * Default constructor. Creates an empty binary annotation. */ BinaryAnnotation() : annotation_type_(STRING) {} /** * Constructor that creates a binary annotation based on the given parameters. * * @param key The key name of the annotation. * @param value The value associated with the key. */ BinaryAnnotation(absl::string_view key, absl::string_view value) : key_(key), value_(value), annotation_type_(STRING) {} /** * @return the type of the binary annotation. */ AnnotationType annotationType() const { return annotation_type_; } /** * Sets the binary's annotation type. */ void setAnnotationType(AnnotationType annotation_type) { annotation_type_ = annotation_type; } /** * @return the annotation's endpoint attribute. */ const Endpoint& endpoint() const { return endpoint_.value(); } /** * Sets the annotation's endpoint attribute (copy semantics). */ void setEndpoint(const Endpoint& endpoint) { endpoint_ = endpoint; } /** * Sets the annotation's endpoint attribute (move semantics). */ void setEndpoint(const Endpoint&& endpoint) { endpoint_ = endpoint; } /** * @return true if the endpoint attribute is set, or false otherwise. */ bool isSetEndpoint() const { return endpoint_.has_value(); } /** * @return the key attribute. */ const std::string& key() const { return key_; } /** * Sets the key attribute. */ void setKey(const std::string& key) { key_ = key; } /** * @return the value attribute. */ const std::string& value() const { return value_; } /** * Sets the value attribute. */ void setValue(const std::string& value) { value_ = value; } /** * Represents the binary annotation as a protobuf struct. * @param replacements Used to hold the required replacements on serialization step. * @return a protobuf struct. */ const ProtobufWkt::Struct toStruct(Util::Replacements& replacements) const override; private: std::string key_; std::string value_; absl::optional endpoint_; AnnotationType annotation_type_{}; }; using SpanPtr = std::unique_ptr; /** * Represents a Zipkin span. This class is based on Zipkin's Thrift definition of a span. */ class Span : public ZipkinBase { public: /** * Copy constructor. */ Span(const Span&); /** * Default constructor. Creates an empty span. */ explicit Span(TimeSource& time_source) : trace_id_(0), id_(0), debug_(false), sampled_(false), monotonic_start_time_(0), tracer_(nullptr), time_source_(time_source) {} /** * Sets the span's trace id attribute. */ void setTraceId(const uint64_t val) { trace_id_ = val; } /** * Sets the span's name attribute. */ void setName(const std::string& val) { name_ = val; } /** * Sets the span's id. */ void setId(const uint64_t val) { id_ = val; } /** * Sets the span's parent id. */ void setParentId(const uint64_t val) { parent_id_ = val; } /** * @return Whether or not the parent_id attribute is set. */ bool isSetParentId() const { return parent_id_.has_value(); } /** * Set the span's sampled flag. */ void setSampled(bool val) { sampled_ = val; } /** * @return a vector with all annotations added to the span. */ const std::vector& annotations() { return annotations_; } /** * Sets the span's annotations all at once. */ void setAnnotations(const std::vector& val) { annotations_ = val; } /** * Adds an annotation to the span (copy semantics). */ void addAnnotation(const Annotation& ann) { annotations_.push_back(ann); } /** * Adds an annotation to the span (move semantics). */ void addAnnotation(Annotation&& ann) { annotations_.emplace_back(std::move(ann)); } /** * Sets the span's binary annotations all at once. */ void setBinaryAnnotations(const std::vector& val) { binary_annotations_ = val; } /** * Adds a binary annotation to the span (copy semantics). */ void addBinaryAnnotation(const BinaryAnnotation& bann) { binary_annotations_.push_back(bann); } /** * Adds a binary annotation to the span (move semantics). */ void addBinaryAnnotation(BinaryAnnotation&& bann) { binary_annotations_.emplace_back(std::move(bann)); } /** * Sets the span's debug attribute. */ void setDebug() { debug_ = true; } /** * Sets the span's timestamp attribute. */ void setTimestamp(const int64_t val) { timestamp_ = val; } /** * @return Whether or not the timestamp attribute is set. */ bool isSetTimestamp() const { return timestamp_.has_value(); } /** * Sets the span's duration attribute. */ void setDuration(const int64_t val) { duration_ = val; } /** * @return Whether or not the duration attribute is set. */ bool isSetDuration() const { return duration_.has_value(); } /** * Sets the higher 64 bits of the span's 128-bit trace id. * Note that this is optional, since 64-bit trace ids are valid. */ void setTraceIdHigh(const uint64_t val) { trace_id_high_ = val; } /** * @return whether or not the trace_id_high attribute is set. */ bool isSetTraceIdHigh() const { return trace_id_high_.has_value(); } /** * Sets the span start-time attribute (monotonic, used to calculate duration). */ void setStartTime(const int64_t time) { monotonic_start_time_ = time; } /** * @return the span's annotations. */ const std::vector& annotations() const { return annotations_; } /** * @return the span's binary annotations. */ const std::vector& binaryAnnotations() const { return binary_annotations_; } /** * @return the span's duration attribute. */ int64_t duration() const { return duration_.value(); } /** * @return the span's id as an integer. */ uint64_t id() const { return id_; } /** * @return the span's id as a hexadecimal string. */ const std::string idAsHexString() const { return Hex::uint64ToHex(id_); } /** * @return the span's id as a byte string. */ const std::string idAsByteString() const { return Util::toByteString(id_); } /** * @return the span's name. */ const std::string& name() const { return name_; } /** * @return the span's parent id as an integer. */ uint64_t parentId() const { return parent_id_.value(); } /** * @return the span's parent id as a hexadecimal string. */ const std::string parentIdAsHexString() const { return parent_id_ ? Hex::uint64ToHex(parent_id_.value()) : EMPTY_HEX_STRING_; } /** * @return the span's parent id as a byte string. */ const std::string parentIdAsByteString() const { ASSERT(parent_id_); return Util::toByteString(parent_id_.value()); } /** * @return whether or not the debug attribute is set */ bool debug() const { return debug_; } /** * @return whether or not the sampled attribute is set */ bool sampled() const { return sampled_; } /** * @return the span's timestamp (clock time for user presentation: microseconds since epoch). */ int64_t timestamp() const { return timestamp_.value(); } /** * @return the higher 64 bits of a 128-bit trace id. */ uint64_t traceIdHigh() const { return trace_id_high_.value(); } /** * @return the span's trace id as an integer. */ uint64_t traceId() const { return trace_id_; } /** * @return the span's trace id as a hexadecimal string. */ const std::string traceIdAsHexString() const { return trace_id_high_.has_value() ? absl::StrCat(Hex::uint64ToHex(trace_id_high_.value()), Hex::uint64ToHex(trace_id_)) : Hex::uint64ToHex(trace_id_); } /** * @return the span's trace id as a byte string. */ const std::string traceIdAsByteString() const { // https://github.com/openzipkin/zipkin-api/blob/v0.2.1/zipkin.proto#L60-L61. return trace_id_high_.has_value() ? absl::StrCat(Util::toBigEndianByteString(trace_id_high_.value()), Util::toBigEndianByteString(trace_id_)) : Util::toBigEndianByteString(trace_id_); } /** * @return the span's start time (monotonic, used to calculate duration). */ int64_t startTime() const { return monotonic_start_time_; } /** * Replaces the service-name attribute of the span's basic annotations with the provided value. * * This method will operate on all basic annotations that are part of the span when the call * is made. * * @param service_name String to be used as the new service name for all basic annotations */ void setServiceName(const std::string& service_name); /** * Represents the binary annotation as a protobuf struct. * * @return a protobuf struct. */ const ProtobufWkt::Struct toStruct(Util::Replacements& replacements) const override; /** * Associates a Tracer object with the span. The tracer's reportSpan() method is invoked * by the span's finish() method so that the tracer can decide what to do with the span * when it is finished. * * @param tracer Represents the Tracer object to be associated with the span. */ void setTracer(TracerInterface* tracer) { tracer_ = tracer; } /** * @return the Tracer object associated with the span. */ TracerInterface* tracer() const { return tracer_; } /** * Marks a successful end of the span. This method will: * * (1) determine if it needs to add more annotations to the span (e.g., a span containing a CS * annotation will need to add a CR annotation) and add them; * (2) compute and set the span's duration; and * (3) invoke the tracer's reportSpan() method if a tracer has been associated with the span. */ void finish(); /** * Adds a binary annotation to the span. * * @param name The binary annotation's key. * @param value The binary annotation's value. */ void setTag(absl::string_view name, absl::string_view value); /** * Adds an annotation to the span * * @param timestamp The annotation's timestamp. * @param event The annotation's value. */ void log(SystemTime timestamp, const std::string& event); private: static const std::string EMPTY_HEX_STRING_; uint64_t trace_id_; std::string name_; uint64_t id_; absl::optional parent_id_; bool debug_; bool sampled_; std::vector annotations_; std::vector binary_annotations_; absl::optional timestamp_; absl::optional duration_; absl::optional trace_id_high_; int64_t monotonic_start_time_; TracerInterface* tracer_; TimeSource& time_source_; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_json_field_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { namespace { constexpr char SPAN_ID[] = "id"; constexpr char SPAN_KIND[] = "kind"; constexpr char SPAN_NAME[] = "name"; constexpr char SPAN_TAGS[] = "tags"; constexpr char SPAN_SHARED[] = "shared"; constexpr char SPAN_TRACE_ID[] = "traceId"; constexpr char SPAN_DURATION[] = "duration"; constexpr char SPAN_PARENT_ID[] = "parentId"; constexpr char SPAN_TIMESTAMP[] = "timestamp"; constexpr char SPAN_ANNOTATIONS[] = "annotations"; constexpr char SPAN_LOCAL_ENDPOINT[] = "localEndpoint"; constexpr char SPAN_BINARY_ANNOTATIONS[] = "binaryAnnotations"; constexpr char ANNOTATION_VALUE[] = "value"; constexpr char ANNOTATION_ENDPOINT[] = "endpoint"; constexpr char ANNOTATION_TIMESTAMP[] = "timestamp"; constexpr char BINARY_ANNOTATION_KEY[] = "key"; constexpr char BINARY_ANNOTATION_VALUE[] = "value"; constexpr char BINARY_ANNOTATION_ENDPOINT[] = "endpoint"; constexpr char ENDPOINT_PORT[] = "port"; constexpr char ENDPOINT_IPV4[] = "ipv4"; constexpr char ENDPOINT_IPV6[] = "ipv6"; constexpr char ENDPOINT_SERVICE_NAME[] = "serviceName"; } // namespace } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_tracer_impl.cc ================================================ #include "extensions/tracers/zipkin/zipkin_tracer_impl.h" #include "envoy/config/trace/v3/zipkin.pb.h" #include "common/common/enum_to_int.h" #include "common/common/fmt.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/tracing/http_tracer_impl.h" #include "extensions/tracers/zipkin/span_context_extractor.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { ZipkinSpan::ZipkinSpan(Zipkin::Span& span, Zipkin::Tracer& tracer) : span_(span), tracer_(tracer) {} void ZipkinSpan::finishSpan() { span_.finish(); } void ZipkinSpan::setOperation(absl::string_view operation) { span_.setName(std::string(operation)); } void ZipkinSpan::setTag(absl::string_view name, absl::string_view value) { span_.setTag(name, value); } void ZipkinSpan::log(SystemTime timestamp, const std::string& event) { span_.log(timestamp, event); } // TODO(#11622): Implement baggage storage for zipkin spans void ZipkinSpan::setBaggage(absl::string_view, absl::string_view) {} std::string ZipkinSpan::getBaggage(absl::string_view) { return std::string(); } void ZipkinSpan::injectContext(Http::RequestHeaderMap& request_headers) { // Set the trace-id and span-id headers properly, based on the newly-created span structure. request_headers.setReferenceKey(ZipkinCoreConstants::get().X_B3_TRACE_ID, span_.traceIdAsHexString()); request_headers.setReferenceKey(ZipkinCoreConstants::get().X_B3_SPAN_ID, span_.idAsHexString()); // Set the parent-span header properly, based on the newly-created span structure. if (span_.isSetParentId()) { request_headers.setReferenceKey(ZipkinCoreConstants::get().X_B3_PARENT_SPAN_ID, span_.parentIdAsHexString()); } // Set the sampled header. request_headers.setReferenceKey(ZipkinCoreConstants::get().X_B3_SAMPLED, span_.sampled() ? SAMPLED : NOT_SAMPLED); } void ZipkinSpan::setSampled(bool sampled) { span_.setSampled(sampled); } Tracing::SpanPtr ZipkinSpan::spawnChild(const Tracing::Config& config, const std::string& name, SystemTime start_time) { SpanContext previous_context(span_); return std::make_unique( *tracer_.startSpan(config, name, start_time, previous_context), tracer_); } Driver::TlsTracer::TlsTracer(TracerPtr&& tracer, Driver& driver) : tracer_(std::move(tracer)), driver_(driver) {} Driver::Driver(const envoy::config::trace::v3::ZipkinConfig& zipkin_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, Random::RandomGenerator& random_generator, TimeSource& time_source) : cm_(cluster_manager), tracer_stats_{ZIPKIN_TRACER_STATS( POOL_COUNTER_PREFIX(scope, "tracing.zipkin."))}, tls_(tls.allocateSlot()), runtime_(runtime), local_info_(local_info), time_source_(time_source) { Config::Utility::checkCluster("envoy.tracers.zipkin", zipkin_config.collector_cluster(), cm_, /* allow_added_via_api */ true); cluster_ = zipkin_config.collector_cluster(); CollectorInfo collector; if (!zipkin_config.collector_endpoint().empty()) { collector.endpoint_ = zipkin_config.collector_endpoint(); } // The current default version of collector_endpoint_version is HTTP_JSON_V1. collector.version_ = zipkin_config.collector_endpoint_version(); const bool trace_id_128bit = zipkin_config.trace_id_128bit(); const bool shared_span_context = PROTOBUF_GET_WRAPPED_OR_DEFAULT( zipkin_config, shared_span_context, DEFAULT_SHARED_SPAN_CONTEXT); collector.shared_span_context_ = shared_span_context; tls_->set([this, collector, &random_generator, trace_id_128bit, shared_span_context]( Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { TracerPtr tracer = std::make_unique(local_info_.clusterName(), local_info_.address(), random_generator, trace_id_128bit, shared_span_context, time_source_); tracer->setReporter( ReporterImpl::NewInstance(std::ref(*this), std::ref(dispatcher), collector)); return std::make_shared(std::move(tracer), *this); }); } Tracing::SpanPtr Driver::startSpan(const Tracing::Config& config, Http::RequestHeaderMap& request_headers, const std::string&, SystemTime start_time, const Tracing::Decision tracing_decision) { Tracer& tracer = *tls_->getTyped().tracer_; SpanPtr new_zipkin_span; SpanContextExtractor extractor(request_headers); bool sampled{extractor.extractSampled(tracing_decision)}; try { auto ret_span_context = extractor.extractSpanContext(sampled); if (!ret_span_context.second) { // Create a root Zipkin span. No context was found in the headers. new_zipkin_span = tracer.startSpan(config, std::string(request_headers.getHostValue()), start_time); new_zipkin_span->setSampled(sampled); } else { new_zipkin_span = tracer.startSpan(config, std::string(request_headers.getHostValue()), start_time, ret_span_context.first); } } catch (const ExtractorException& e) { return std::make_unique(); } // Return the active Zipkin span. return std::make_unique(*new_zipkin_span, tracer); } ReporterImpl::ReporterImpl(Driver& driver, Event::Dispatcher& dispatcher, const CollectorInfo& collector) : driver_(driver), collector_(collector), span_buffer_{std::make_unique( collector.version_, collector.shared_span_context_)}, collector_cluster_(driver_.clusterManager(), driver_.cluster()) { flush_timer_ = dispatcher.createTimer([this]() -> void { driver_.tracerStats().timer_flushed_.inc(); flushSpans(); enableTimer(); }); const uint64_t min_flush_spans = driver_.runtime().snapshot().getInteger("tracing.zipkin.min_flush_spans", 5U); span_buffer_->allocateBuffer(min_flush_spans); enableTimer(); } ReporterPtr ReporterImpl::NewInstance(Driver& driver, Event::Dispatcher& dispatcher, const CollectorInfo& collector) { return std::make_unique(driver, dispatcher, collector); } void ReporterImpl::reportSpan(Span&& span) { span_buffer_->addSpan(std::move(span)); const uint64_t min_flush_spans = driver_.runtime().snapshot().getInteger("tracing.zipkin.min_flush_spans", 5U); if (span_buffer_->pendingSpans() == min_flush_spans) { flushSpans(); } } void ReporterImpl::enableTimer() { const uint64_t flush_interval = driver_.runtime().snapshot().getInteger("tracing.zipkin.flush_interval_ms", 5000U); flush_timer_->enableTimer(std::chrono::milliseconds(flush_interval)); } void ReporterImpl::flushSpans() { if (span_buffer_->pendingSpans()) { driver_.tracerStats().spans_sent_.add(span_buffer_->pendingSpans()); const std::string request_body = span_buffer_->serialize(); Http::RequestMessagePtr message = std::make_unique(); message->headers().setReferenceMethod(Http::Headers::get().MethodValues.Post); message->headers().setPath(collector_.endpoint_); message->headers().setHost(driver_.cluster()); message->headers().setReferenceContentType( collector_.version_ == envoy::config::trace::v3::ZipkinConfig::HTTP_PROTO ? Http::Headers::get().ContentTypeValues.Protobuf : Http::Headers::get().ContentTypeValues.Json); message->body().add(request_body); const uint64_t timeout = driver_.runtime().snapshot().getInteger("tracing.zipkin.request_timeout", 5000U); if (collector_cluster_.exists()) { Http::AsyncClient::Request* request = driver_.clusterManager() .httpAsyncClientForCluster(collector_cluster_.info()->name()) .send(std::move(message), *this, Http::AsyncClient::RequestOptions().setTimeout( std::chrono::milliseconds(timeout))); if (request) { active_requests_.add(*request); } } else { ENVOY_LOG(debug, "collector cluster '{}' does not exist", driver_.cluster()); driver_.tracerStats().reports_skipped_no_cluster_.inc(); } span_buffer_->clear(); } } void ReporterImpl::onFailure(const Http::AsyncClient::Request& request, Http::AsyncClient::FailureReason) { active_requests_.remove(request); driver_.tracerStats().reports_failed_.inc(); } void ReporterImpl::onSuccess(const Http::AsyncClient::Request& request, Http::ResponseMessagePtr&& http_response) { active_requests_.remove(request); if (Http::Utility::getResponseStatus(http_response->headers()) != enumToInt(Http::Code::Accepted)) { driver_.tracerStats().reports_dropped_.inc(); } else { driver_.tracerStats().reports_sent_.inc(); } } } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/tracers/zipkin/zipkin_tracer_impl.h ================================================ #pragma once #include "envoy/common/random_generator.h" #include "envoy/config/trace/v3/zipkin.pb.h" #include "envoy/local_info/local_info.h" #include "envoy/runtime/runtime.h" #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/async_client_utility.h" #include "common/http/header_map_impl.h" #include "common/json/json_loader.h" #include "common/upstream/cluster_update_tracker.h" #include "extensions/tracers/zipkin/span_buffer.h" #include "extensions/tracers/zipkin/tracer.h" #include "extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { namespace Tracers { namespace Zipkin { #define ZIPKIN_TRACER_STATS(COUNTER) \ COUNTER(spans_sent) \ COUNTER(timer_flushed) \ COUNTER(reports_skipped_no_cluster) \ COUNTER(reports_sent) \ COUNTER(reports_dropped) \ COUNTER(reports_failed) struct ZipkinTracerStats { ZIPKIN_TRACER_STATS(GENERATE_COUNTER_STRUCT) }; /** * Class for Zipkin spans, wrapping a Zipkin::Span object. */ class ZipkinSpan : public Tracing::Span { public: /** * Constructor. Wraps a Zipkin::Span object. * * @param span to be wrapped. */ ZipkinSpan(Zipkin::Span& span, Zipkin::Tracer& tracer); /** * Calls Zipkin::Span::finishSpan() to perform all actions needed to finalize the span. * This function is called by Tracing::HttpTracerUtility::finalizeSpan(). */ void finishSpan() override; /** * This method sets the operation name on the span. * @param operation the operation name */ void setOperation(absl::string_view operation) override; /** * This function adds a Zipkin "string" binary annotation to this span. * In Zipkin, binary annotations of the type "string" allow arbitrary key-value pairs * to be associated with a span. * * Note that Tracing::HttpTracerUtility::finalizeSpan() makes several calls to this function, * associating several key-value pairs with this span. */ void setTag(absl::string_view name, absl::string_view value) override; void log(SystemTime timestamp, const std::string& event) override; void injectContext(Http::RequestHeaderMap& request_headers) override; Tracing::SpanPtr spawnChild(const Tracing::Config&, const std::string& name, SystemTime start_time) override; void setSampled(bool sampled) override; // TODO(#11622): Implement baggage storage for zipkin spans void setBaggage(absl::string_view, absl::string_view) override; std::string getBaggage(absl::string_view) override; /** * @return a reference to the Zipkin::Span object. */ Zipkin::Span& span() { return span_; } private: Zipkin::Span span_; Zipkin::Tracer& tracer_; }; using ZipkinSpanPtr = std::unique_ptr; /** * Class for a Zipkin-specific Driver. */ class Driver : public Tracing::Driver { public: /** * Constructor. It adds itself and a newly-created Zipkin::Tracer object to a thread-local store. * Also, it associates the given random-number generator to the Zipkin::Tracer object it creates. */ Driver(const envoy::config::trace::v3::ZipkinConfig& zipkin_config, Upstream::ClusterManager& cluster_manager, Stats::Scope& scope, ThreadLocal::SlotAllocator& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& localinfo, Random::RandomGenerator& random_generator, TimeSource& time_source); /** * This function is inherited from the abstract Driver class. * * It starts a new Zipkin span. Depending on the request headers, it can create a root span, * a child span, or a shared-context span. * * The third parameter (operation_name) does not actually make sense for Zipkin. * Thus, this implementation of the virtual function startSpan() ignores the operation name * ("ingress" or "egress") passed by the caller. */ Tracing::SpanPtr startSpan(const Tracing::Config&, Http::RequestHeaderMap& request_headers, const std::string&, SystemTime start_time, const Tracing::Decision tracing_decision) override; // Getters to return the ZipkinDriver's key members. Upstream::ClusterManager& clusterManager() { return cm_; } const std::string& cluster() { return cluster_; } Runtime::Loader& runtime() { return runtime_; } ZipkinTracerStats& tracerStats() { return tracer_stats_; } private: /** * Thread-local store containing ZipkinDriver and Zipkin::Tracer objects. */ struct TlsTracer : ThreadLocal::ThreadLocalObject { TlsTracer(TracerPtr&& tracer, Driver& driver); TracerPtr tracer_; Driver& driver_; }; Upstream::ClusterManager& cm_; std::string cluster_; ZipkinTracerStats tracer_stats_; ThreadLocal::SlotPtr tls_; Runtime::Loader& runtime_; const LocalInfo::LocalInfo& local_info_; TimeSource& time_source_; }; /** * Information about the Zipkin collector. */ struct CollectorInfo { // The Zipkin collector endpoint/path to receive the collected trace data. e.g. /api/v1/spans if // HTTP_JSON_V1 or /api/v2/spans otherwise. std::string endpoint_{DEFAULT_COLLECTOR_ENDPOINT}; // The version of the collector. This is related to endpoint's supported payload specification and // transport. Currently it defaults to envoy::config::trace::v2::ZipkinConfig::HTTP_JSON_V1. In // the future, we will throw when collector_endpoint_version is not specified. envoy::config::trace::v3::ZipkinConfig::CollectorEndpointVersion version_{ envoy::config::trace::v3::ZipkinConfig::hidden_envoy_deprecated_HTTP_JSON_V1}; bool shared_span_context_{DEFAULT_SHARED_SPAN_CONTEXT}; }; /** * This class derives from the abstract Zipkin::Reporter. * It buffers spans and relies on Http::AsyncClient to send spans to * Zipkin using JSON over HTTP. * * Two runtime parameters control the span buffering/flushing behavior, namely: * tracing.zipkin.min_flush_spans and tracing.zipkin.flush_interval_ms. * * Up to `tracing.zipkin.min_flush_spans` will be buffered. Spans are flushed (sent to Zipkin) * either when the buffer is full, or when a timer, set to `tracing.zipkin.flush_interval_ms`, * expires, whichever happens first. * * The default values for the runtime parameters are 5 spans and 5000ms. */ class ReporterImpl : Logger::Loggable, public Reporter, public Http::AsyncClient::Callbacks { public: /** * Constructor. * * @param driver ZipkinDriver to be associated with the reporter. * @param dispatcher Controls the timer used to flush buffered spans. * @param collector holds the endpoint version and path information. * when making HTTP POST requests carrying spans. This value comes from the * Zipkin-related tracing configuration. */ ReporterImpl(Driver& driver, Event::Dispatcher& dispatcher, const CollectorInfo& collector); /** * Implementation of Zipkin::Reporter::reportSpan(). * * Buffers the given span and calls flushSpans() if the buffer is full. * * @param span The span to be buffered. */ void reportSpan(Span&& span) override; // Http::AsyncClient::Callbacks. // The callbacks below record Zipkin-span-related stats. void onSuccess(const Http::AsyncClient::Request&, Http::ResponseMessagePtr&&) override; void onFailure(const Http::AsyncClient::Request&, Http::AsyncClient::FailureReason) override; void onBeforeFinalizeUpstreamSpan(Tracing::Span&, const Http::ResponseHeaderMap*) override {} /** * Creates a heap-allocated ZipkinReporter. * * @param driver ZipkinDriver to be associated with the reporter. * @param dispatcher Controls the timer used to flush buffered spans. * @param collector holds the endpoint version and path information. * when making HTTP POST requests carrying spans. This value comes from the * Zipkin-related tracing configuration. * * @return Pointer to the newly-created ZipkinReporter. */ static ReporterPtr NewInstance(Driver& driver, Event::Dispatcher& dispatcher, const CollectorInfo& collector); private: /** * Enables the span-flushing timer. */ void enableTimer(); /** * Removes all spans from the span buffer and sends them to Zipkin using Http::AsyncClient. */ void flushSpans(); Driver& driver_; Event::TimerPtr flush_timer_; const CollectorInfo collector_; SpanBufferPtr span_buffer_; Upstream::ClusterUpdateTracker collector_cluster_; // Track active HTTP requests to be able to cancel them on destruction. Http::AsyncClientRequestTracker active_requests_; }; } // namespace Zipkin } // namespace Tracers } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "well_known_names", hdrs = ["well_known_names.h"], # well known names files are public as long as they exist. visibility = ["//visibility:public"], deps = [ "//source/common/singleton:const_singleton", ], ) ================================================ FILE: source/extensions/transport_sockets/alts/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # ALTS transport socket. This provides Google's ALTS protocol support in GCP to Envoy. # https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/ envoy_extension_package() envoy_cc_library( name = "grpc_tsi_wrapper", hdrs = [ "grpc_tsi.h", ], external_deps = [ "grpc", ], visibility = ["//visibility:private"], deps = [ "//source/common/common:c_smart_ptr_lib", ], ) envoy_cc_extension( name = "config", srcs = [ "config.cc", ], hdrs = [ "config.h", ], external_deps = [ "abseil_node_hash_set", ], security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":tsi_handshaker", ":tsi_socket", "//include/envoy/registry", "//include/envoy/server:transport_socket_config_interface", "//source/common/grpc:google_grpc_context_lib", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/extensions/transport_sockets/alts/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "tsi_frame_protector", srcs = [ "tsi_frame_protector.cc", ], hdrs = [ "tsi_frame_protector.h", ], deps = [ ":grpc_tsi_wrapper", "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "tsi_handshaker", srcs = [ "tsi_handshaker.cc", ], hdrs = [ "tsi_handshaker.h", ], deps = [ ":grpc_tsi_wrapper", "//include/envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", ], ) envoy_cc_library( name = "tsi_socket", srcs = [ "tsi_socket.cc", ], hdrs = [ "tsi_socket.h", ], deps = [ ":noop_transport_socket_callbacks_lib", ":tsi_frame_protector", ":tsi_handshaker", "//include/envoy/network:io_handle_interface", "//include/envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/common:cleanup_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/network:raw_buffer_socket_lib", "//source/common/protobuf:utility_lib", ], ) envoy_cc_library( name = "noop_transport_socket_callbacks_lib", hdrs = ["noop_transport_socket_callbacks.h"], deps = [ "//include/envoy/network:io_handle_interface", "//include/envoy/network:transport_socket_interface", ], ) ================================================ FILE: source/extensions/transport_sockets/alts/config.cc ================================================ #include "extensions/transport_sockets/alts/config.h" #include "envoy/extensions/transport_sockets/alts/v3/alts.pb.h" #include "envoy/extensions/transport_sockets/alts/v3/alts.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/transport_socket_config.h" #include "common/common/assert.h" #include "common/grpc/google_grpc_context.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "extensions/transport_sockets/alts/grpc_tsi.h" #include "extensions/transport_sockets/alts/tsi_socket.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { // smart pointer for grpc_alts_credentials_options that will be automatically freed. using GrpcAltsCredentialsOptionsPtr = CSmartPtr; namespace { // TODO: gRPC v1.30.0-pre1 defines the equivalent function grpc_alts_set_rpc_protocol_versions // that should be called directly when available. void grpcAltsSetRpcProtocolVersions(grpc_gcp_rpc_protocol_versions* rpc_versions) { grpc_gcp_rpc_protocol_versions_set_max(rpc_versions, GRPC_PROTOCOL_VERSION_MAX_MAJOR, GRPC_PROTOCOL_VERSION_MAX_MINOR); grpc_gcp_rpc_protocol_versions_set_min(rpc_versions, GRPC_PROTOCOL_VERSION_MIN_MAJOR, GRPC_PROTOCOL_VERSION_MIN_MINOR); } // Returns true if the peer's service account is found in peers, otherwise // returns false and fills out err with an error message. bool doValidate(const tsi_peer& peer, const absl::node_hash_set& peers, std::string& err) { for (size_t i = 0; i < peer.property_count; ++i) { const std::string name = std::string(peer.properties[i].name); const std::string value = std::string(peer.properties[i].value.data, peer.properties[i].value.length); if (name.compare(TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 0 && peers.find(value) != peers.end()) { return true; } } err = "Couldn't find peer's service account in peer_service_accounts: " + absl::StrJoin(peers, ","); return false; } HandshakeValidator createHandshakeValidator(const envoy::extensions::transport_sockets::alts::v3::Alts& config) { const auto& peer_service_accounts = config.peer_service_accounts(); const absl::node_hash_set peers(peer_service_accounts.cbegin(), peer_service_accounts.cend()); HandshakeValidator validator; // Skip validation if peers is empty. if (!peers.empty()) { validator = [peers](const tsi_peer& peer, std::string& err) { return doValidate(peer, peers, err); }; } return validator; } // Manage ALTS singleton state via SingletonManager class AltsSharedState : public Singleton::Instance { public: AltsSharedState() { grpc_alts_shared_resource_dedicated_init(); } ~AltsSharedState() override { grpc_alts_shared_resource_dedicated_shutdown(); } private: // There is blanket google-grpc initialization in MainCommonBase, but that // doesn't cover unit tests. However, putting blanket coverage in ProcessWide // causes background threaded memory allocation in all unit tests making it // hard to measure memory. Thus we also initialize grpc using our idempotent // wrapper-class in classes that need it. See // https://github.com/envoyproxy/envoy/issues/8282 for details. #ifdef ENVOY_GOOGLE_GRPC Grpc::GoogleGrpcContext google_grpc_context_; #endif }; SINGLETON_MANAGER_REGISTRATION(alts_shared_state); Network::TransportSocketFactoryPtr createTransportSocketFactoryHelper( const Protobuf::Message& message, bool is_upstream, Server::Configuration::TransportSocketFactoryContext& factory_ctxt) { // A reference to this is held in the factory closure to keep the singleton // instance alive. auto alts_shared_state = factory_ctxt.singletonManager().getTyped( SINGLETON_MANAGER_REGISTERED_NAME(alts_shared_state), [] { return std::make_shared(); }); auto config = MessageUtil::downcastAndValidate( message, factory_ctxt.messageValidationVisitor()); HandshakeValidator validator = createHandshakeValidator(config); const std::string& handshaker_service = config.handshaker_service(); HandshakerFactory factory = [handshaker_service, is_upstream, alts_shared_state](Event::Dispatcher& dispatcher, const Network::Address::InstanceConstSharedPtr& local_address, const Network::Address::InstanceConstSharedPtr&) -> TsiHandshakerPtr { ASSERT(local_address != nullptr); GrpcAltsCredentialsOptionsPtr options; if (is_upstream) { options = GrpcAltsCredentialsOptionsPtr(grpc_alts_credentials_client_options_create()); } else { options = GrpcAltsCredentialsOptionsPtr(grpc_alts_credentials_server_options_create()); } grpcAltsSetRpcProtocolVersions(&options->rpc_versions); const char* target_name = is_upstream ? "" : nullptr; tsi_handshaker* handshaker = nullptr; // Specifying target name as empty since TSI won't take care of validating peer identity // in this use case. The validation will be performed by TsiSocket with the validator. tsi_result status = alts_tsi_handshaker_create(options.get(), target_name, handshaker_service.c_str(), is_upstream, nullptr /* interested_parties */, &handshaker); CHandshakerPtr handshaker_ptr{handshaker}; if (status != TSI_OK) { const std::string handshaker_name = is_upstream ? "client" : "server"; ENVOY_LOG_MISC(warn, "Cannot create ATLS {} handshaker, status: {}", handshaker_name, status); return nullptr; } return std::make_unique(std::move(handshaker_ptr), dispatcher); }; return std::make_unique(factory, validator); } } // namespace ProtobufTypes::MessagePtr AltsTransportSocketConfigFactory::createEmptyConfigProto() { return std::make_unique(); } Network::TransportSocketFactoryPtr UpstreamAltsTransportSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& factory_ctxt) { return createTransportSocketFactoryHelper(message, /* is_upstream */ true, factory_ctxt); } Network::TransportSocketFactoryPtr DownstreamAltsTransportSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& factory_ctxt, const std::vector&) { return createTransportSocketFactoryHelper(message, /* is_upstream */ false, factory_ctxt); } REGISTER_FACTORY(UpstreamAltsTransportSocketConfigFactory, Server::Configuration::UpstreamTransportSocketConfigFactory); REGISTER_FACTORY(DownstreamAltsTransportSocketConfigFactory, Server::Configuration::DownstreamTransportSocketConfigFactory); } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/config.h ================================================ #pragma once #include "envoy/server/transport_socket_config.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { // ALTS config registry class AltsTransportSocketConfigFactory : public virtual Server::Configuration::TransportSocketConfigFactory { public: ProtobufTypes::MessagePtr createEmptyConfigProto() override; std::string name() const override { return TransportSocketNames::get().Alts; } }; class UpstreamAltsTransportSocketConfigFactory : public AltsTransportSocketConfigFactory, public Server::Configuration::UpstreamTransportSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message&, Server::Configuration::TransportSocketFactoryContext&) override; }; class DownstreamAltsTransportSocketConfigFactory : public AltsTransportSocketConfigFactory, public Server::Configuration::DownstreamTransportSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message&, Server::Configuration::TransportSocketFactoryContext&, const std::vector&) override; }; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/grpc_tsi.h ================================================ #pragma once // Some gRPC headers contains old style cast and unused parameter which doesn't // compile with -Werror, ignoring those compiler warning since we don't have // control on those source codes. This works with GCC and Clang. #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" #pragma GCC diagnostic ignored "-Wold-style-cast" #endif #include "grpc/grpc_security.h" #include "src/core/lib/transport/transport.h" #include "src/core/tsi/alts/handshaker/alts_shared_resource.h" #include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" #include "src/core/tsi/alts/handshaker/transport_security_common_api.h" #include "src/core/tsi/transport_security_grpc.h" #include "src/core/tsi/transport_security_interface.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif #include "common/common/c_smart_ptr.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { using CFrameProtectorPtr = CSmartPtr; using CHandshakerResultPtr = CSmartPtr; using CHandshakerPtr = CSmartPtr; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/noop_transport_socket_callbacks.h ================================================ #pragma once #include "envoy/network/io_handle.h" #include "envoy/network/transport_socket.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { /** * A TransportSocketCallbacks for wrapped TransportSocket object. Some * TransportSocket implementation wraps another socket which does actual I/O. * This class is used by the wrapped socket as its callbacks instead of the real * connection to hold back callbacks from the underlying socket to connection. */ class NoOpTransportSocketCallbacks : public Network::TransportSocketCallbacks { public: explicit NoOpTransportSocketCallbacks(Network::TransportSocketCallbacks& parent) : parent_(parent) {} Network::IoHandle& ioHandle() override { return parent_.ioHandle(); } const Network::IoHandle& ioHandle() const override { return parent_.ioHandle(); } Network::Connection& connection() override { return parent_.connection(); } bool shouldDrainReadBuffer() override { return false; } /* * No-op for these two methods to hold back the callbacks. */ void setReadBufferReady() override {} void raiseEvent(Network::ConnectionEvent) override {} void flushWriteBuffer() override {} private: Network::TransportSocketCallbacks& parent_; }; using NoOpTransportSocketCallbacksPtr = std::unique_ptr; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_frame_protector.cc ================================================ #include "extensions/transport_sockets/alts/tsi_frame_protector.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "grpc/slice_buffer.h" #include "src/core/tsi/transport_security_grpc.h" #include "src/core/tsi/transport_security_interface.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { TsiFrameProtector::TsiFrameProtector(CFrameProtectorPtr&& frame_protector) : frame_protector_(std::move(frame_protector)) {} tsi_result TsiFrameProtector::protect(Buffer::Instance& input, Buffer::Instance& output) { ASSERT(frame_protector_); if (input.length() == 0) { return TSI_OK; } grpc_core::ExecCtx exec_ctx; grpc_slice input_slice = grpc_slice_from_copied_buffer( reinterpret_cast(input.linearize(input.length())), input.length()); grpc_slice_buffer message_buffer; grpc_slice_buffer_init(&message_buffer); grpc_slice_buffer_add(&message_buffer, input_slice); grpc_slice_buffer protected_buffer; grpc_slice_buffer_init(&protected_buffer); tsi_result result = tsi_zero_copy_grpc_protector_protect(frame_protector_.get(), &message_buffer, &protected_buffer); if (result != TSI_OK) { ASSERT(result != TSI_INVALID_ARGUMENT && result != TSI_UNIMPLEMENTED); grpc_slice_buffer_destroy(&message_buffer); grpc_slice_buffer_destroy(&protected_buffer); return result; } const size_t protected_data_length = protected_buffer.length; char* protected_data = new char[protected_data_length]; grpc_slice_buffer_move_first_into_buffer(&protected_buffer, protected_data_length, protected_data); auto fragment = new Buffer::BufferFragmentImpl( protected_data, protected_data_length, [protected_data](const void*, size_t, const Envoy::Buffer::BufferFragmentImpl* this_fragment) { delete[] protected_data; delete this_fragment; }); output.addBufferFragment(*fragment); input.drain(input.length()); grpc_slice_buffer_destroy(&message_buffer); grpc_slice_buffer_destroy(&protected_buffer); return TSI_OK; } tsi_result TsiFrameProtector::unprotect(Buffer::Instance& input, Buffer::Instance& output) { ASSERT(frame_protector_); if (input.length() == 0) { return TSI_OK; } grpc_core::ExecCtx exec_ctx; grpc_slice input_slice = grpc_slice_from_copied_buffer( reinterpret_cast(input.linearize(input.length())), input.length()); grpc_slice_buffer protected_buffer; grpc_slice_buffer_init(&protected_buffer); grpc_slice_buffer_add(&protected_buffer, input_slice); grpc_slice_buffer unprotected_buffer; grpc_slice_buffer_init(&unprotected_buffer); tsi_result result = tsi_zero_copy_grpc_protector_unprotect( frame_protector_.get(), &protected_buffer, &unprotected_buffer); if (result != TSI_OK) { ASSERT(result != TSI_INVALID_ARGUMENT && result != TSI_UNIMPLEMENTED); grpc_slice_buffer_destroy(&protected_buffer); grpc_slice_buffer_destroy(&unprotected_buffer); return result; } const size_t unprotected_data_length = unprotected_buffer.length; char* unprotected_data = new char[unprotected_data_length]; grpc_slice_buffer_move_first_into_buffer(&unprotected_buffer, unprotected_data_length, unprotected_data); auto fragment = new Buffer::BufferFragmentImpl( unprotected_data, unprotected_data_length, [unprotected_data](const void*, size_t, const Envoy::Buffer::BufferFragmentImpl* this_fragment) { delete[] unprotected_data; delete this_fragment; }); output.addBufferFragment(*fragment); input.drain(input.length()); grpc_slice_buffer_destroy(&protected_buffer); grpc_slice_buffer_destroy(&unprotected_buffer); return TSI_OK; } } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_frame_protector.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "extensions/transport_sockets/alts/grpc_tsi.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { /** * A C++ wrapper for tsi_frame_protector interface. * For detail of tsi_frame_protector, see * https://github.com/grpc/grpc/blob/v1.10.0/src/core/tsi/transport_security_interface.h#L70 */ class TsiFrameProtector final { public: explicit TsiFrameProtector(CFrameProtectorPtr&& frame_protector); /** * Wrapper for tsi_frame_protector_protect * @param input supplies the input data to protect, the method will drain it when it is processed. * @param output supplies the buffer where the protected data will be stored. * @return tsi_result the status. */ tsi_result protect(Buffer::Instance& input, Buffer::Instance& output); /** * Wrapper for tsi_frame_protector_unprotect * @param input supplies the input data to unprotect, the method will drain it when it is * processed. * @param output supplies the buffer where the unprotected data will be stored. * @return tsi_result the status. */ tsi_result unprotect(Buffer::Instance& input, Buffer::Instance& output); private: CFrameProtectorPtr frame_protector_; }; using TsiFrameProtectorPtr = std::unique_ptr; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_handshaker.cc ================================================ #include "extensions/transport_sockets/alts/tsi_handshaker.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { void TsiHandshaker::onNextDone(tsi_result status, void* user_data, const unsigned char* bytes_to_send, size_t bytes_to_send_size, tsi_handshaker_result* handshaker_result) { TsiHandshaker* handshaker = static_cast(user_data); Buffer::InstancePtr to_send = std::make_unique(); if (bytes_to_send_size > 0) { to_send->add(bytes_to_send, bytes_to_send_size); } auto next_result = new TsiHandshakerCallbacks::NextResult{status, std::move(to_send), {handshaker_result}}; handshaker->dispatcher_.post([handshaker, next_result]() { TsiHandshakerCallbacks::NextResultPtr next_result_ptr{next_result}; ASSERT(handshaker->calling_); handshaker->calling_ = false; if (handshaker->delete_on_done_) { handshaker->deferredDelete(); return; } handshaker->callbacks_->onNextDone(std::move(next_result_ptr)); }); } TsiHandshaker::TsiHandshaker(CHandshakerPtr&& handshaker, Event::Dispatcher& dispatcher) : handshaker_(std::move(handshaker)), dispatcher_(dispatcher) {} TsiHandshaker::~TsiHandshaker() { ASSERT(!calling_); } tsi_result TsiHandshaker::next(Envoy::Buffer::Instance& received) { ASSERT(callbacks_); ASSERT(!calling_); calling_ = true; uint64_t received_size = received.length(); const unsigned char* bytes_to_send = nullptr; size_t bytes_to_send_size = 0; tsi_handshaker_result* result = nullptr; tsi_result status = tsi_handshaker_next( handshaker_.get(), reinterpret_cast(received.linearize(received_size)), received_size, &bytes_to_send, &bytes_to_send_size, &result, onNextDone, this); received.drain(received_size); if (status != TSI_ASYNC) { onNextDone(status, this, bytes_to_send, bytes_to_send_size, result); } return status; } void TsiHandshaker::deferredDelete() { if (calling_) { delete_on_done_ = true; } else { dispatcher_.deferredDelete(Event::DeferredDeletablePtr{this}); } } } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_handshaker.h ================================================ #pragma once #include #include "envoy/buffer/buffer.h" #include "envoy/event/dispatcher.h" #include "common/common/c_smart_ptr.h" #include "extensions/transport_sockets/alts/grpc_tsi.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { /** * An interface to get callbacks from TsiHandshaker. TsiHandshaker will call this callbacks in the * thread which its dispatcher posts to. */ class TsiHandshakerCallbacks { public: virtual ~TsiHandshakerCallbacks() = default; struct NextResult { // A enum of the result. tsi_result status_; // The buffer to be sent to the peer. Buffer::InstancePtr to_send_; // A pointer to tsi_handshaker_result struct. Owned by instance. CHandshakerResultPtr result_; }; using NextResultPtr = std::unique_ptr; /** * Called when `next` is done, this may be called inline in `next` if the handshaker is not * asynchronous. * @param result a unique pointer to NextResult struct including the result returned by TSI. */ virtual void onNextDone(NextResultPtr&& result) PURE; }; /** * A C++ wrapper for tsi_handshaker interface. * For detail of tsi_handshaker, see * https://github.com/grpc/grpc/blob/v1.12.0/src/core/tsi/transport_security_interface.h#L236 */ class TsiHandshaker final : public Event::DeferredDeletable { public: explicit TsiHandshaker(CHandshakerPtr&& handshaker, Event::Dispatcher& dispatcher); ~TsiHandshaker() override; /** * Conduct next step of handshake, see * https://github.com/grpc/grpc/blob/v1.12.0/src/core/tsi/transport_security_interface.h#L418 * It is callers responsibility to not call this method again until the * TsiHandshakerCallbacks::onNextDone is called. * @param received the buffer received from peer. */ tsi_result next(Buffer::Instance& received); /** * Set handshaker callbacks. This must be called before calling next. * @param callbacks supplies the callback instance. */ void setHandshakerCallbacks(TsiHandshakerCallbacks& callbacks) { callbacks_ = &callbacks; } /** * Delete the handshaker when it is ready. This must be called after releasing from a smart * pointer. If there is no call in progress, this calls dispatcher_.deferredDelete(). If there is * a call in progress dispatcher_.deferredDelete happens after ongoing next call are processed. */ void deferredDelete(); private: static void onNextDone(tsi_result status, void* user_data, const unsigned char* bytes_to_send, size_t bytes_to_send_size, tsi_handshaker_result* handshaker_result); CHandshakerPtr handshaker_; TsiHandshakerCallbacks* callbacks_{}; // This is set to true when there is an ongoing next call to handshaker, and set to false when // the callback posted to dispatcher_ by TsiHandshaker::onNextDone is executed. bool calling_{false}; // This will be set when deferredDelete is called. If there is an ongoing next call, // the handshaker will delete itself after the call is processed. bool delete_on_done_{false}; Event::Dispatcher& dispatcher_; }; using TsiHandshakerPtr = std::unique_ptr; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_socket.cc ================================================ #include "extensions/transport_sockets/alts/tsi_socket.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/empty_string.h" #include "common/common/enum_to_int.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { TsiSocket::TsiSocket(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator, Network::TransportSocketPtr&& raw_socket) : handshaker_factory_(handshaker_factory), handshake_validator_(handshake_validator), raw_buffer_socket_(std::move(raw_socket)) {} TsiSocket::TsiSocket(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator) : TsiSocket(handshaker_factory, handshake_validator, std::make_unique()) {} TsiSocket::~TsiSocket() { ASSERT(!handshaker_); } void TsiSocket::setTransportSocketCallbacks(Envoy::Network::TransportSocketCallbacks& callbacks) { ASSERT(!callbacks_); callbacks_ = &callbacks; noop_callbacks_ = std::make_unique(callbacks); raw_buffer_socket_->setTransportSocketCallbacks(*noop_callbacks_); } std::string TsiSocket::protocol() const { // TSI doesn't have a generic way to indicate application layer protocol. // TODO(lizan): support application layer protocol from TSI for known TSIs. return EMPTY_STRING; } absl::string_view TsiSocket::failureReason() const { // TODO(htuch): Implement error reason for TSI. return EMPTY_STRING; } Network::PostIoAction TsiSocket::doHandshake() { ASSERT(!handshake_complete_); ENVOY_CONN_LOG(debug, "TSI: doHandshake", callbacks_->connection()); if (!handshaker_next_calling_ && raw_read_buffer_.length() > 0) { doHandshakeNext(); } return Network::PostIoAction::KeepOpen; } void TsiSocket::doHandshakeNext() { ENVOY_CONN_LOG(debug, "TSI: doHandshake next: received: {}", callbacks_->connection(), raw_read_buffer_.length()); if (!handshaker_) { handshaker_ = handshaker_factory_(callbacks_->connection().dispatcher(), callbacks_->connection().localAddress(), callbacks_->connection().remoteAddress()); if (!handshaker_) { ENVOY_CONN_LOG(warn, "TSI: failed to create handshaker", callbacks_->connection()); callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); return; } handshaker_->setHandshakerCallbacks(*this); } handshaker_next_calling_ = true; Buffer::OwnedImpl handshaker_buffer; handshaker_buffer.move(raw_read_buffer_); handshaker_->next(handshaker_buffer); } Network::PostIoAction TsiSocket::doHandshakeNextDone(NextResultPtr&& next_result) { ASSERT(next_result); ENVOY_CONN_LOG(debug, "TSI: doHandshake next done: status: {} to_send: {}", callbacks_->connection(), next_result->status_, next_result->to_send_->length()); tsi_result status = next_result->status_; tsi_handshaker_result* handshaker_result = next_result->result_.get(); if (status != TSI_INCOMPLETE_DATA && status != TSI_OK) { ENVOY_CONN_LOG(debug, "TSI: Handshake failed: status: {}", callbacks_->connection(), status); return Network::PostIoAction::Close; } if (next_result->to_send_->length() > 0) { raw_write_buffer_.move(*next_result->to_send_); } if (status == TSI_OK && handshaker_result != nullptr) { tsi_peer peer; // returns TSI_OK assuming there is no fatal error. Asserting OK. status = tsi_handshaker_result_extract_peer(handshaker_result, &peer); ASSERT(status == TSI_OK); Cleanup peer_cleanup([&peer]() { tsi_peer_destruct(&peer); }); ENVOY_CONN_LOG(debug, "TSI: Handshake successful: peer properties: {}", callbacks_->connection(), peer.property_count); for (size_t i = 0; i < peer.property_count; ++i) { ENVOY_CONN_LOG(debug, " {}: {}", callbacks_->connection(), peer.properties[i].name, std::string(peer.properties[i].value.data, peer.properties[i].value.length)); } if (handshake_validator_) { std::string err; const bool peer_validated = handshake_validator_(peer, err); if (peer_validated) { ENVOY_CONN_LOG(debug, "TSI: Handshake validation succeeded.", callbacks_->connection()); } else { ENVOY_CONN_LOG(debug, "TSI: Handshake validation failed: {}", callbacks_->connection(), err); return Network::PostIoAction::Close; } } else { ENVOY_CONN_LOG(debug, "TSI: Handshake validation skipped.", callbacks_->connection()); } const unsigned char* unused_bytes; size_t unused_byte_size; // returns TSI_OK assuming there is no fatal error. Asserting OK. status = tsi_handshaker_result_get_unused_bytes(handshaker_result, &unused_bytes, &unused_byte_size); ASSERT(status == TSI_OK); if (unused_byte_size > 0) { raw_read_buffer_.prepend( absl::string_view{reinterpret_cast(unused_bytes), unused_byte_size}); } ENVOY_CONN_LOG(debug, "TSI: Handshake successful: unused_bytes: {}", callbacks_->connection(), unused_byte_size); // returns TSI_OK assuming there is no fatal error. Asserting OK. tsi_zero_copy_grpc_protector* frame_protector; grpc_core::ExecCtx exec_ctx; status = tsi_handshaker_result_create_zero_copy_grpc_protector(handshaker_result, nullptr, &frame_protector); ASSERT(status == TSI_OK); frame_protector_ = std::make_unique(frame_protector); handshake_complete_ = true; callbacks_->raiseEvent(Network::ConnectionEvent::Connected); } if (read_error_ || (!handshake_complete_ && end_stream_read_)) { ENVOY_CONN_LOG(debug, "TSI: Handshake failed: end of stream without enough data", callbacks_->connection()); return Network::PostIoAction::Close; } if (raw_read_buffer_.length() > 0) { callbacks_->setReadBufferReady(); } // Try to write raw buffer when next call is done, even this is not in do[Read|Write] stack. if (raw_write_buffer_.length() > 0) { return raw_buffer_socket_->doWrite(raw_write_buffer_, false).action_; } return Network::PostIoAction::KeepOpen; } Network::IoResult TsiSocket::doRead(Buffer::Instance& buffer) { Network::IoResult result = {Network::PostIoAction::KeepOpen, 0, false}; if (!end_stream_read_ && !read_error_) { result = raw_buffer_socket_->doRead(raw_read_buffer_); ENVOY_CONN_LOG(debug, "TSI: raw read result action {} bytes {} end_stream {}", callbacks_->connection(), enumToInt(result.action_), result.bytes_processed_, result.end_stream_read_); if (result.action_ == Network::PostIoAction::Close && result.bytes_processed_ == 0) { return result; } if (!handshake_complete_ && result.end_stream_read_ && result.bytes_processed_ == 0) { return {Network::PostIoAction::Close, result.bytes_processed_, result.end_stream_read_}; } end_stream_read_ = result.end_stream_read_; read_error_ = result.action_ == Network::PostIoAction::Close; } if (!handshake_complete_) { Network::PostIoAction action = doHandshake(); if (action == Network::PostIoAction::Close || !handshake_complete_) { return {action, 0, false}; } } if (handshake_complete_) { ASSERT(frame_protector_); uint64_t read_size = raw_read_buffer_.length(); ENVOY_CONN_LOG(debug, "TSI: unprotecting buffer size: {}", callbacks_->connection(), raw_read_buffer_.length()); tsi_result status = frame_protector_->unprotect(raw_read_buffer_, buffer); ENVOY_CONN_LOG(debug, "TSI: unprotected buffer left: {} result: {}", callbacks_->connection(), raw_read_buffer_.length(), tsi_result_to_string(status)); result.bytes_processed_ = read_size - raw_read_buffer_.length(); } ENVOY_CONN_LOG(debug, "TSI: do read result action {} bytes {} end_stream {}", callbacks_->connection(), enumToInt(result.action_), result.bytes_processed_, result.end_stream_read_); return result; } Network::IoResult TsiSocket::doWrite(Buffer::Instance& buffer, bool end_stream) { if (!handshake_complete_) { Network::PostIoAction action = doHandshake(); ASSERT(action == Network::PostIoAction::KeepOpen); // TODO(lizan): Handle synchronous handshake when TsiHandshaker supports it. } if (handshake_complete_) { ASSERT(frame_protector_); ENVOY_CONN_LOG(debug, "TSI: protecting buffer size: {}", callbacks_->connection(), buffer.length()); tsi_result status = frame_protector_->protect(buffer, raw_write_buffer_); ENVOY_CONN_LOG(debug, "TSI: protected buffer left: {} result: {}", callbacks_->connection(), buffer.length(), tsi_result_to_string(status)); } if (raw_write_buffer_.length() > 0) { ENVOY_CONN_LOG(debug, "TSI: raw_write length {} end_stream {}", callbacks_->connection(), raw_write_buffer_.length(), end_stream); return raw_buffer_socket_->doWrite(raw_write_buffer_, end_stream && (buffer.length() == 0)); } return {Network::PostIoAction::KeepOpen, 0, false}; } void TsiSocket::closeSocket(Network::ConnectionEvent) { ENVOY_CONN_LOG(debug, "TSI: closing socket", callbacks_->connection()); if (handshaker_) { handshaker_.release()->deferredDelete(); } } void TsiSocket::onConnected() { ASSERT(!handshake_complete_); doHandshakeNext(); } void TsiSocket::onNextDone(NextResultPtr&& result) { handshaker_next_calling_ = false; Network::PostIoAction action = doHandshakeNextDone(std::move(result)); if (action == Network::PostIoAction::Close) { callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); } } TsiSocketFactory::TsiSocketFactory(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator) : handshaker_factory_(std::move(handshaker_factory)), handshake_validator_(std::move(handshake_validator)) {} bool TsiSocketFactory::implementsSecureTransport() const { return true; } Network::TransportSocketPtr TsiSocketFactory::createTransportSocket(Network::TransportSocketOptionsSharedPtr) const { return std::make_unique(handshaker_factory_, handshake_validator_); } } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/alts/tsi_socket.h ================================================ #pragma once #include "envoy/network/transport_socket.h" #include "common/buffer/buffer_impl.h" #include "common/network/raw_buffer_socket.h" #include "extensions/transport_sockets/alts/noop_transport_socket_callbacks.h" #include "extensions/transport_sockets/alts/tsi_frame_protector.h" #include "extensions/transport_sockets/alts/tsi_handshaker.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Alts { /** * A factory function to create TsiHandshaker * @param dispatcher the dispatcher for the thread where the socket is running on. * @param local_address the local address of the connection. * @param remote_address the remote address of the connection. */ using HandshakerFactory = std::function; /** * A function to validate the peer of the connection. * @param peer the detail peer information of the connection. * @param err an error message to indicate why the peer is invalid. This is an * output param that should be populated by the function implementation. * @return true if the peer is valid or false if the peer is invalid. */ using HandshakeValidator = std::function; /** * A implementation of Network::TransportSocket based on gRPC TSI */ class TsiSocket : public Network::TransportSocket, public TsiHandshakerCallbacks, public Logger::Loggable { public: // For Test TsiSocket(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator, Network::TransportSocketPtr&& raw_socket_ptr); /** * @param handshaker_factory a function to initiate a TsiHandshaker * @param handshake_validator a function to validate the peer. Called right * after the handshake completed with peer data to do the peer validation. * The connection will be closed immediately if it returns false. */ TsiSocket(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator); ~TsiSocket() override; // Network::TransportSocket void setTransportSocketCallbacks(Envoy::Network::TransportSocketCallbacks& callbacks) override; std::string protocol() const override; absl::string_view failureReason() const override; bool canFlushClose() override { return handshake_complete_; } Envoy::Ssl::ConnectionInfoConstSharedPtr ssl() const override { return nullptr; } Network::IoResult doWrite(Buffer::Instance& buffer, bool end_stream) override; void closeSocket(Network::ConnectionEvent event) override; Network::IoResult doRead(Buffer::Instance& buffer) override; void onConnected() override; // TsiHandshakerCallbacks void onNextDone(NextResultPtr&& result) override; private: Network::PostIoAction doHandshake(); void doHandshakeNext(); Network::PostIoAction doHandshakeNextDone(NextResultPtr&& next_result); HandshakerFactory handshaker_factory_; HandshakeValidator handshake_validator_; TsiHandshakerPtr handshaker_{}; bool handshaker_next_calling_{}; TsiFrameProtectorPtr frame_protector_; Envoy::Network::TransportSocketCallbacks* callbacks_{}; NoOpTransportSocketCallbacksPtr noop_callbacks_; Network::TransportSocketPtr raw_buffer_socket_; Envoy::Buffer::OwnedImpl raw_read_buffer_; Envoy::Buffer::OwnedImpl raw_write_buffer_; bool handshake_complete_{}; bool end_stream_read_{}; bool read_error_{}; }; /** * An implementation of Network::TransportSocketFactory for TsiSocket */ class TsiSocketFactory : public Network::TransportSocketFactory { public: TsiSocketFactory(HandshakerFactory handshaker_factory, HandshakeValidator handshake_validator); bool implementsSecureTransport() const override; Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const override; private: HandshakerFactory handshaker_factory_; HandshakeValidator handshake_validator_; }; } // namespace Alts } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "passthrough_lib", srcs = ["passthrough.cc"], hdrs = ["passthrough.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", ], ) ================================================ FILE: source/extensions/transport_sockets/common/passthrough.cc ================================================ #include "extensions/transport_sockets/common/passthrough.h" #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { PassthroughSocket::PassthroughSocket(Network::TransportSocketPtr&& transport_socket) : transport_socket_(std::move(transport_socket)) {} void PassthroughSocket::setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) { transport_socket_->setTransportSocketCallbacks(callbacks); } std::string PassthroughSocket::protocol() const { return transport_socket_->protocol(); } absl::string_view PassthroughSocket::failureReason() const { return transport_socket_->failureReason(); } bool PassthroughSocket::canFlushClose() { return transport_socket_->canFlushClose(); } void PassthroughSocket::closeSocket(Network::ConnectionEvent event) { transport_socket_->closeSocket(event); } Network::IoResult PassthroughSocket::doRead(Buffer::Instance& buffer) { return transport_socket_->doRead(buffer); } Network::IoResult PassthroughSocket::doWrite(Buffer::Instance& buffer, bool end_stream) { return transport_socket_->doWrite(buffer, end_stream); } void PassthroughSocket::onConnected() { transport_socket_->onConnected(); } Ssl::ConnectionInfoConstSharedPtr PassthroughSocket::ssl() const { return transport_socket_->ssl(); } } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/common/passthrough.h ================================================ #pragma once #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { class PassthroughSocket : public Network::TransportSocket { public: PassthroughSocket(Network::TransportSocketPtr&& transport_socket); void setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) override; std::string protocol() const override; absl::string_view failureReason() const override; bool canFlushClose() override; void closeSocket(Network::ConnectionEvent event) override; Network::IoResult doRead(Buffer::Instance& buffer) override; Network::IoResult doWrite(Buffer::Instance& buffer, bool end_stream) override; void onConnected() override; Ssl::ConnectionInfoConstSharedPtr ssl() const override; protected: Network::TransportSocketPtr transport_socket_; }; } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/proxy_protocol/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "upstream_config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream_and_upstream", # header generated in Envoy, so can't be faked deps = [ ":upstream_proxy_protocol", "//include/envoy/network:transport_socket_interface", "//include/envoy/registry", "//include/envoy/server:transport_socket_config_interface", "//source/common/config:utility_lib", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "upstream_proxy_protocol", srcs = ["proxy_protocol.cc"], hdrs = ["proxy_protocol.h"], deps = [ "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/network:address_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", "//source/extensions/transport_sockets/common:passthrough_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/transport_sockets/proxy_protocol/config.cc ================================================ #include "extensions/transport_sockets/proxy_protocol/config.h" #include "envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.pb.h" #include "envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.pb.validate.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "extensions/transport_sockets/proxy_protocol/proxy_protocol.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace ProxyProtocol { Network::TransportSocketFactoryPtr UpstreamProxyProtocolSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& context) { const auto& outer_config = MessageUtil::downcastAndValidate( message, context.messageValidationVisitor()); auto& inner_config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::UpstreamTransportSocketConfigFactory>(outer_config.transport_socket()); ProtobufTypes::MessagePtr inner_factory_config = Config::Utility::translateToFactoryConfig( outer_config.transport_socket(), context.messageValidationVisitor(), inner_config_factory); auto inner_transport_factory = inner_config_factory.createTransportSocketFactory(*inner_factory_config, context); return std::make_unique(std::move(inner_transport_factory), outer_config.config()); } ProtobufTypes::MessagePtr UpstreamProxyProtocolSocketConfigFactory::createEmptyConfigProto() { return std::make_unique< envoy::extensions::transport_sockets::proxy_protocol::v3::ProxyProtocolUpstreamTransport>(); ; } REGISTER_FACTORY(UpstreamProxyProtocolSocketConfigFactory, Server::Configuration::UpstreamTransportSocketConfigFactory); } // namespace ProxyProtocol } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/proxy_protocol/config.h ================================================ #pragma once #include "envoy/server/transport_socket_config.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace ProxyProtocol { /** * Config registration for the proxy protocol wrapper for transport socket factory. * @see TransportSocketConfigFactory. */ class UpstreamProxyProtocolSocketConfigFactory : public Server::Configuration::UpstreamTransportSocketConfigFactory { public: std::string name() const override { return TransportSocketNames::get().UpstreamProxyProtocol; } ProtobufTypes::MessagePtr createEmptyConfigProto() override; Network::TransportSocketFactoryPtr createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) override; }; } // namespace ProxyProtocol } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc ================================================ #include "extensions/transport_sockets/proxy_protocol/proxy_protocol.h" #include #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/network/transport_socket.h" #include "common/buffer/buffer_impl.h" #include "common/network/address_impl.h" #include "extensions/common/proxy_protocol/proxy_protocol_header.h" using envoy::config::core::v3::ProxyProtocolConfig; using envoy::config::core::v3::ProxyProtocolConfig_Version; namespace Envoy { namespace Extensions { namespace TransportSockets { namespace ProxyProtocol { UpstreamProxyProtocolSocket::UpstreamProxyProtocolSocket( Network::TransportSocketPtr&& transport_socket, Network::TransportSocketOptionsSharedPtr options, ProxyProtocolConfig_Version version) : PassthroughSocket(std::move(transport_socket)), options_(options), version_(version) {} void UpstreamProxyProtocolSocket::setTransportSocketCallbacks( Network::TransportSocketCallbacks& callbacks) { transport_socket_->setTransportSocketCallbacks(callbacks); callbacks_ = &callbacks; } Network::IoResult UpstreamProxyProtocolSocket::doWrite(Buffer::Instance& buffer, bool end_stream) { if (header_buffer_.length() > 0) { auto header_res = writeHeader(); if (header_buffer_.length() == 0 && header_res.action_ == Network::PostIoAction::KeepOpen) { auto inner_res = transport_socket_->doWrite(buffer, end_stream); return {inner_res.action_, header_res.bytes_processed_ + inner_res.bytes_processed_, false}; } return header_res; } else { return transport_socket_->doWrite(buffer, end_stream); } } void UpstreamProxyProtocolSocket::generateHeader() { if (version_ == ProxyProtocolConfig_Version::ProxyProtocolConfig_Version_V1) { generateHeaderV1(); } else { generateHeaderV2(); } } void UpstreamProxyProtocolSocket::generateHeaderV1() { // Default to local addresses (used if no downstream connection exists e.g. health checks) auto src_addr = callbacks_->connection().localAddress(); auto dst_addr = callbacks_->connection().remoteAddress(); if (options_ && options_->proxyProtocolOptions().has_value()) { const auto options = options_->proxyProtocolOptions().value(); src_addr = options.src_addr_; dst_addr = options.dst_addr_; } Common::ProxyProtocol::generateV1Header(*src_addr->ip(), *dst_addr->ip(), header_buffer_); } void UpstreamProxyProtocolSocket::generateHeaderV2() { if (!options_ || !options_->proxyProtocolOptions().has_value()) { Common::ProxyProtocol::generateV2LocalHeader(header_buffer_); } else { const auto options = options_->proxyProtocolOptions().value(); Common::ProxyProtocol::generateV2Header(*options.src_addr_->ip(), *options.dst_addr_->ip(), header_buffer_); } } Network::IoResult UpstreamProxyProtocolSocket::writeHeader() { Network::PostIoAction action = Network::PostIoAction::KeepOpen; uint64_t bytes_written = 0; do { if (header_buffer_.length() == 0) { break; } Api::IoCallUint64Result result = callbacks_->ioHandle().write(header_buffer_); if (result.ok()) { ENVOY_CONN_LOG(trace, "write returns: {}", callbacks_->connection(), result.rc_); bytes_written += result.rc_; } else { ENVOY_CONN_LOG(trace, "write error: {}", callbacks_->connection(), result.err_->getErrorDetails()); if (result.err_->getErrorCode() != Api::IoError::IoErrorCode::Again) { action = Network::PostIoAction::Close; } break; } } while (true); return {action, bytes_written, false}; } void UpstreamProxyProtocolSocket::onConnected() { generateHeader(); transport_socket_->onConnected(); } UpstreamProxyProtocolSocketFactory::UpstreamProxyProtocolSocketFactory( Network::TransportSocketFactoryPtr transport_socket_factory, ProxyProtocolConfig config) : transport_socket_factory_(std::move(transport_socket_factory)), config_(config) {} Network::TransportSocketPtr UpstreamProxyProtocolSocketFactory::createTransportSocket( Network::TransportSocketOptionsSharedPtr options) const { auto inner_socket = transport_socket_factory_->createTransportSocket(options); if (inner_socket == nullptr) { return nullptr; } return std::make_unique(std::move(inner_socket), options, config_.version()); } bool UpstreamProxyProtocolSocketFactory::implementsSecureTransport() const { return transport_socket_factory_->implementsSecureTransport(); } } // namespace ProxyProtocol } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h ================================================ #pragma once #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "extensions/transport_sockets/common/passthrough.h" using envoy::config::core::v3::ProxyProtocolConfig; using envoy::config::core::v3::ProxyProtocolConfig_Version; namespace Envoy { namespace Extensions { namespace TransportSockets { namespace ProxyProtocol { class UpstreamProxyProtocolSocket : public TransportSockets::PassthroughSocket, public Logger::Loggable { public: UpstreamProxyProtocolSocket(Network::TransportSocketPtr&& transport_socket, Network::TransportSocketOptionsSharedPtr options, ProxyProtocolConfig_Version version); void setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) override; Network::IoResult doWrite(Buffer::Instance& buffer, bool end_stream) override; void onConnected() override; private: void generateHeader(); void generateHeaderV1(); void generateHeaderV2(); Network::IoResult writeHeader(); Network::TransportSocketOptionsSharedPtr options_; Network::TransportSocketCallbacks* callbacks_{}; Buffer::OwnedImpl header_buffer_{}; ProxyProtocolConfig_Version version_{ProxyProtocolConfig_Version::ProxyProtocolConfig_Version_V1}; }; class UpstreamProxyProtocolSocketFactory : public Network::TransportSocketFactory { public: UpstreamProxyProtocolSocketFactory(Network::TransportSocketFactoryPtr transport_socket_factory, ProxyProtocolConfig config); // Network::TransportSocketFactory Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const override; bool implementsSecureTransport() const override; private: Network::TransportSocketFactoryPtr transport_socket_factory_; ProxyProtocolConfig config_; }; } // namespace ProxyProtocol } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/raw_buffer/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Built-in plaintext connection transport socket. envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "requires_trusted_downstream_and_upstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ "//include/envoy/network:transport_socket_interface", "//include/envoy/registry", "//include/envoy/server:transport_socket_config_interface", "//source/common/network:raw_buffer_socket_lib", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/config/transport_socket/raw_buffer/v2:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/transport_sockets/raw_buffer/config.cc ================================================ #include "extensions/transport_sockets/raw_buffer/config.h" #include #include "envoy/config/transport_socket/raw_buffer/v2/raw_buffer.pb.h" #include "envoy/config/transport_socket/raw_buffer/v2/raw_buffer.pb.validate.h" #include "common/network/raw_buffer_socket.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace RawBuffer { Network::TransportSocketFactoryPtr UpstreamRawBufferSocketFactory::createTransportSocketFactory( const Protobuf::Message&, Server::Configuration::TransportSocketFactoryContext&) { return std::make_unique(); } Network::TransportSocketFactoryPtr DownstreamRawBufferSocketFactory::createTransportSocketFactory( const Protobuf::Message&, Server::Configuration::TransportSocketFactoryContext&, const std::vector&) { return std::make_unique(); } ProtobufTypes::MessagePtr RawBufferSocketFactory::createEmptyConfigProto() { return std::make_unique(); } REGISTER_FACTORY(UpstreamRawBufferSocketFactory, Server::Configuration::UpstreamTransportSocketConfigFactory){"raw_buffer"}; REGISTER_FACTORY(DownstreamRawBufferSocketFactory, Server::Configuration::DownstreamTransportSocketConfigFactory){"raw_buffer"}; } // namespace RawBuffer } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/raw_buffer/config.h ================================================ #pragma once #include "envoy/registry/registry.h" #include "envoy/server/transport_socket_config.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace RawBuffer { /** * Config registration for the raw buffer transport socket factory. * @see TransportSocketConfigFactory. */ class RawBufferSocketFactory : public virtual Server::Configuration::TransportSocketConfigFactory { public: std::string name() const override { return TransportSocketNames::get().RawBuffer; } ProtobufTypes::MessagePtr createEmptyConfigProto() override; }; class UpstreamRawBufferSocketFactory : public Server::Configuration::UpstreamTransportSocketConfigFactory, public RawBufferSocketFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) override; }; class DownstreamRawBufferSocketFactory : public Server::Configuration::DownstreamTransportSocketConfigFactory, public RawBufferSocketFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) override; }; DECLARE_FACTORY(UpstreamRawBufferSocketFactory); DECLARE_FACTORY(DownstreamRawBufferSocketFactory); } // namespace RawBuffer } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # tap wrapper around a transport socket. envoy_extension_package() envoy_cc_library( name = "tap_config_interface", hdrs = ["tap_config.h"], deps = [ "//include/envoy/network:connection_interface", "//source/extensions/common/tap:tap_interface", ], ) envoy_cc_library( name = "tap_config_impl", srcs = ["tap_config_impl.cc"], hdrs = ["tap_config_impl.h"], deps = [ ":tap_config_interface", "//source/common/network:utility_lib", "//source/extensions/common/tap:tap_config_base", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "tap_lib", srcs = ["tap.cc"], hdrs = ["tap.h"], deps = [ ":tap_config_interface", "//include/envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/extensions/common/tap:extension_config_base", "//source/extensions/transport_sockets/common:passthrough_lib", "@envoy_api//envoy/extensions/transport_sockets/tap/v3:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], security_posture = "requires_trusted_downstream_and_upstream", status = "alpha", deps = [ ":tap_config_impl", ":tap_lib", "//include/envoy/network:transport_socket_interface", "//include/envoy/registry", "//include/envoy/server:transport_socket_config_interface", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tap/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/transport_sockets/tap/config.cc ================================================ #include "extensions/transport_sockets/tap/config.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.validate.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "extensions/transport_sockets/tap/tap.h" #include "extensions/transport_sockets/tap/tap_config_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { class SocketTapConfigFactoryImpl : public Extensions::Common::Tap::TapConfigFactory { public: SocketTapConfigFactoryImpl(TimeSource& time_source) : time_source_(time_source) {} // TapConfigFactory Extensions::Common::Tap::TapConfigSharedPtr createConfigFromProto(envoy::config::tap::v3::TapConfig&& proto_config, Extensions::Common::Tap::Sink* admin_streamer) override { return std::make_shared(std::move(proto_config), admin_streamer, time_source_); } private: TimeSource& time_source_; }; Network::TransportSocketFactoryPtr UpstreamTapSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& context) { const auto& outer_config = MessageUtil::downcastAndValidate( message, context.messageValidationVisitor()); auto& inner_config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::UpstreamTransportSocketConfigFactory>(outer_config.transport_socket()); ProtobufTypes::MessagePtr inner_factory_config = Config::Utility::translateToFactoryConfig( outer_config.transport_socket(), context.messageValidationVisitor(), inner_config_factory); auto inner_transport_factory = inner_config_factory.createTransportSocketFactory(*inner_factory_config, context); return std::make_unique( outer_config, std::make_unique(context.dispatcher().timeSource()), context.admin(), context.singletonManager(), context.threadLocal(), context.dispatcher(), std::move(inner_transport_factory)); } Network::TransportSocketFactoryPtr DownstreamTapSocketConfigFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) { const auto& outer_config = MessageUtil::downcastAndValidate( message, context.messageValidationVisitor()); auto& inner_config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::DownstreamTransportSocketConfigFactory>( outer_config.transport_socket()); ProtobufTypes::MessagePtr inner_factory_config = Config::Utility::translateToFactoryConfig( outer_config.transport_socket(), context.messageValidationVisitor(), inner_config_factory); auto inner_transport_factory = inner_config_factory.createTransportSocketFactory( *inner_factory_config, context, server_names); return std::make_unique( outer_config, std::make_unique(context.dispatcher().timeSource()), context.admin(), context.singletonManager(), context.threadLocal(), context.dispatcher(), std::move(inner_transport_factory)); } ProtobufTypes::MessagePtr TapSocketConfigFactory::createEmptyConfigProto() { return std::make_unique(); } REGISTER_FACTORY(UpstreamTapSocketConfigFactory, Server::Configuration::UpstreamTransportSocketConfigFactory); REGISTER_FACTORY(DownstreamTapSocketConfigFactory, Server::Configuration::DownstreamTransportSocketConfigFactory); } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/config.h ================================================ #pragma once #include "envoy/server/transport_socket_config.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { /** * Config registration for the tap wrapper for transport socket factory. * @see TransportSocketConfigFactory. */ class TapSocketConfigFactory : public virtual Server::Configuration::TransportSocketConfigFactory { public: std::string name() const override { return TransportSocketNames::get().Tap; } ProtobufTypes::MessagePtr createEmptyConfigProto() override; }; class UpstreamTapSocketConfigFactory : public Server::Configuration::UpstreamTransportSocketConfigFactory, public TapSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) override; }; class DownstreamTapSocketConfigFactory : public Server::Configuration::DownstreamTransportSocketConfigFactory, public TapSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) override; }; } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/tap.cc ================================================ #include "extensions/transport_sockets/tap/tap.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { TapSocket::TapSocket(SocketTapConfigSharedPtr config, Network::TransportSocketPtr&& transport_socket) : PassthroughSocket(std::move(transport_socket)), config_(config) {} void TapSocket::setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) { ASSERT(!tapper_); transport_socket_->setTransportSocketCallbacks(callbacks); tapper_ = config_ ? config_->createPerSocketTapper(callbacks.connection()) : nullptr; } void TapSocket::closeSocket(Network::ConnectionEvent event) { if (tapper_ != nullptr) { tapper_->closeSocket(event); } transport_socket_->closeSocket(event); } Network::IoResult TapSocket::doRead(Buffer::Instance& buffer) { Network::IoResult result = transport_socket_->doRead(buffer); if (tapper_ != nullptr && result.bytes_processed_ > 0) { tapper_->onRead(buffer, result.bytes_processed_); } return result; } Network::IoResult TapSocket::doWrite(Buffer::Instance& buffer, bool end_stream) { // TODO(htuch): avoid copy. Buffer::OwnedImpl copy(buffer); Network::IoResult result = transport_socket_->doWrite(buffer, end_stream); if (tapper_ != nullptr && result.bytes_processed_ > 0) { tapper_->onWrite(copy, result.bytes_processed_, end_stream); } return result; } TapSocketFactory::TapSocketFactory( const envoy::extensions::transport_sockets::tap::v3::Tap& proto_config, Common::Tap::TapConfigFactoryPtr&& config_factory, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher, Network::TransportSocketFactoryPtr&& transport_socket_factory) : ExtensionConfigBase(proto_config.common_config(), std::move(config_factory), admin, singleton_manager, tls, main_thread_dispatcher), transport_socket_factory_(std::move(transport_socket_factory)) {} Network::TransportSocketPtr TapSocketFactory::createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const { return std::make_unique(currentConfigHelper(), transport_socket_factory_->createTransportSocket(options)); } bool TapSocketFactory::implementsSecureTransport() const { return transport_socket_factory_->implementsSecureTransport(); } } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/tap.h ================================================ #pragma once #include "envoy/event/timer.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "envoy/network/transport_socket.h" #include "extensions/common/tap/extension_config_base.h" #include "extensions/transport_sockets/common/passthrough.h" #include "extensions/transport_sockets/tap/tap_config.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { class TapSocket : public TransportSockets::PassthroughSocket { public: TapSocket(SocketTapConfigSharedPtr config, Network::TransportSocketPtr&& transport_socket); // Network::TransportSocket void setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) override; void closeSocket(Network::ConnectionEvent event) override; Network::IoResult doRead(Buffer::Instance& buffer) override; Network::IoResult doWrite(Buffer::Instance& buffer, bool end_stream) override; private: SocketTapConfigSharedPtr config_; PerSocketTapperPtr tapper_; }; class TapSocketFactory : public Network::TransportSocketFactory, public Common::Tap::ExtensionConfigBase { public: TapSocketFactory(const envoy::extensions::transport_sockets::tap::v3::Tap& proto_config, Common::Tap::TapConfigFactoryPtr&& config_factory, Server::Admin& admin, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, Event::Dispatcher& main_thread_dispatcher, Network::TransportSocketFactoryPtr&& transport_socket_factory); // Network::TransportSocketFactory Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const override; bool implementsSecureTransport() const override; private: Network::TransportSocketFactoryPtr transport_socket_factory_; }; } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/tap_config.h ================================================ #pragma once #include "envoy/network/connection.h" #include "extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { /** * Per-socket tap implementation. Abstractly handles all socket lifecycle events in order to tap * if the configuration matches. */ class PerSocketTapper { public: virtual ~PerSocketTapper() = default; /** * Called when the socket is closed. * @param event supplies the close type. */ virtual void closeSocket(Network::ConnectionEvent event) PURE; /** * Called when data is read from the underlying transport. * @param data supplies the read data. * @param bytes_read supplies the number of bytes read (data might already have bytes in it). */ virtual void onRead(const Buffer::Instance& data, uint32_t bytes_read) PURE; /** * Called when data is written to the underlying transport. * @param data supplies the written data. * @param bytes_written supplies the number of bytes written (data might not have been fully * written). * @param end_stream supplies whether this is the end of socket writes. */ virtual void onWrite(const Buffer::Instance& data, uint32_t bytes_written, bool end_stream) PURE; }; using PerSocketTapperPtr = std::unique_ptr; /** * Abstract socket tap configuration. */ class SocketTapConfig : public virtual Extensions::Common::Tap::TapConfig { public: /** * @return a new per-socket tapper which is used to handle tapping of a discrete socket. * @param connection supplies the underlying network connection. */ virtual PerSocketTapperPtr createPerSocketTapper(const Network::Connection& connection) PURE; /** * @return time source to use for stamping events. */ virtual TimeSource& timeSource() const PURE; }; using SocketTapConfigSharedPtr = std::shared_ptr; } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/tap_config_impl.cc ================================================ #include "extensions/transport_sockets/tap/tap_config_impl.h" #include "envoy/data/tap/v3/transport.pb.h" #include "common/common/assert.h" #include "common/network/utility.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { namespace TapCommon = Extensions::Common::Tap; PerSocketTapperImpl::PerSocketTapperImpl(SocketTapConfigSharedPtr config, const Network::Connection& connection) : config_(std::move(config)), sink_handle_(config_->createPerTapSinkHandleManager(connection.id())), connection_(connection), statuses_(config_->createMatchStatusVector()) { config_->rootMatcher().onNewStream(statuses_); if (config_->streaming() && config_->rootMatcher().matchStatus(statuses_).matches_) { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); fillConnectionInfo(*trace->mutable_socket_streamed_trace_segment()->mutable_connection()); sink_handle_->submitTrace(std::move(trace)); } } void PerSocketTapperImpl::fillConnectionInfo(envoy::data::tap::v3::Connection& connection) { Network::Utility::addressToProtobufAddress(*connection_.localAddress(), *connection.mutable_local_address()); Network::Utility::addressToProtobufAddress(*connection_.remoteAddress(), *connection.mutable_remote_address()); } void PerSocketTapperImpl::closeSocket(Network::ConnectionEvent) { if (!config_->rootMatcher().matchStatus(statuses_).matches_) { return; } if (config_->streaming()) { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); auto& event = *trace->mutable_socket_streamed_trace_segment()->mutable_event(); initEvent(event); event.mutable_closed(); sink_handle_->submitTrace(std::move(trace)); } else { makeBufferedTraceIfNeeded(); fillConnectionInfo(*buffered_trace_->mutable_socket_buffered_trace()->mutable_connection()); sink_handle_->submitTrace(std::move(buffered_trace_)); } // Here we explicitly reset the sink_handle_ to release any sink resources and force a flush // of any data (e.g., files). This is not explicitly needed in production, but is needed in // tests to avoid race conditions due to deferred deletion. We could also do this with a stat, // but this seems fine in general and is simpler. sink_handle_.reset(); } void PerSocketTapperImpl::initEvent(envoy::data::tap::v3::SocketEvent& event) { event.mutable_timestamp()->MergeFrom(Protobuf::util::TimeUtil::NanosecondsToTimestamp( std::chrono::duration_cast( config_->timeSource().systemTime().time_since_epoch()) .count())); } void PerSocketTapperImpl::onRead(const Buffer::Instance& data, uint32_t bytes_read) { if (!config_->rootMatcher().matchStatus(statuses_).matches_) { return; } if (config_->streaming()) { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); auto& event = *trace->mutable_socket_streamed_trace_segment()->mutable_event(); initEvent(event); TapCommon::Utility::addBufferToProtoBytes(*event.mutable_read()->mutable_data(), config_->maxBufferedRxBytes(), data, data.length() - bytes_read, bytes_read); sink_handle_->submitTrace(std::move(trace)); } else { if (buffered_trace_ != nullptr && buffered_trace_->socket_buffered_trace().read_truncated()) { return; } makeBufferedTraceIfNeeded(); auto& event = *buffered_trace_->mutable_socket_buffered_trace()->add_events(); initEvent(event); ASSERT(rx_bytes_buffered_ <= config_->maxBufferedRxBytes()); buffered_trace_->mutable_socket_buffered_trace()->set_read_truncated( TapCommon::Utility::addBufferToProtoBytes(*event.mutable_read()->mutable_data(), config_->maxBufferedRxBytes() - rx_bytes_buffered_, data, data.length() - bytes_read, bytes_read)); rx_bytes_buffered_ += event.read().data().as_bytes().size(); } } void PerSocketTapperImpl::onWrite(const Buffer::Instance& data, uint32_t bytes_written, bool end_stream) { if (!config_->rootMatcher().matchStatus(statuses_).matches_) { return; } if (config_->streaming()) { TapCommon::TraceWrapperPtr trace = makeTraceSegment(); auto& event = *trace->mutable_socket_streamed_trace_segment()->mutable_event(); initEvent(event); TapCommon::Utility::addBufferToProtoBytes(*event.mutable_write()->mutable_data(), config_->maxBufferedTxBytes(), data, 0, bytes_written); event.mutable_write()->set_end_stream(end_stream); sink_handle_->submitTrace(std::move(trace)); } else { if (buffered_trace_ != nullptr && buffered_trace_->socket_buffered_trace().write_truncated()) { return; } makeBufferedTraceIfNeeded(); auto& event = *buffered_trace_->mutable_socket_buffered_trace()->add_events(); initEvent(event); ASSERT(tx_bytes_buffered_ <= config_->maxBufferedTxBytes()); buffered_trace_->mutable_socket_buffered_trace()->set_write_truncated( TapCommon::Utility::addBufferToProtoBytes( *event.mutable_write()->mutable_data(), config_->maxBufferedTxBytes() - tx_bytes_buffered_, data, 0, bytes_written)); tx_bytes_buffered_ += event.write().data().as_bytes().size(); event.mutable_write()->set_end_stream(end_stream); } } } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tap/tap_config_impl.h ================================================ #pragma once #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/transport.pb.h" #include "envoy/event/timer.h" #include "extensions/common/tap/tap_config_base.h" #include "extensions/transport_sockets/tap/tap_config.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tap { class PerSocketTapperImpl : public PerSocketTapper { public: PerSocketTapperImpl(SocketTapConfigSharedPtr config, const Network::Connection& connection); // PerSocketTapper void closeSocket(Network::ConnectionEvent event) override; void onRead(const Buffer::Instance& data, uint32_t bytes_read) override; void onWrite(const Buffer::Instance& data, uint32_t bytes_written, bool end_stream) override; private: void initEvent(envoy::data::tap::v3::SocketEvent&); void fillConnectionInfo(envoy::data::tap::v3::Connection& connection); void makeBufferedTraceIfNeeded() { if (buffered_trace_ == nullptr) { buffered_trace_ = Extensions::Common::Tap::makeTraceWrapper(); buffered_trace_->mutable_socket_buffered_trace()->set_trace_id(connection_.id()); } } Extensions::Common::Tap::TraceWrapperPtr makeTraceSegment() { Extensions::Common::Tap::TraceWrapperPtr trace = Extensions::Common::Tap::makeTraceWrapper(); trace->mutable_socket_streamed_trace_segment()->set_trace_id(connection_.id()); return trace; } SocketTapConfigSharedPtr config_; Extensions::Common::Tap::PerTapSinkHandleManagerPtr sink_handle_; const Network::Connection& connection_; Extensions::Common::Tap::Matcher::MatchStatusVector statuses_; // Must be a shared_ptr because of submitTrace(). Extensions::Common::Tap::TraceWrapperPtr buffered_trace_; uint32_t rx_bytes_buffered_{}; uint32_t tx_bytes_buffered_{}; }; class SocketTapConfigImpl : public Extensions::Common::Tap::TapConfigBaseImpl, public SocketTapConfig, public std::enable_shared_from_this { public: SocketTapConfigImpl(envoy::config::tap::v3::TapConfig&& proto_config, Extensions::Common::Tap::Sink* admin_streamer, TimeSource& time_system) : Extensions::Common::Tap::TapConfigBaseImpl(std::move(proto_config), admin_streamer), time_source_(time_system) {} // SocketTapConfig PerSocketTapperPtr createPerSocketTapper(const Network::Connection& connection) override { return std::make_unique(shared_from_this(), connection); } TimeSource& timeSource() const override { return time_source_; } private: TimeSource& time_source_; friend class PerSocketTapperImpl; }; } // namespace Tap } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 # Built-in TLS connection transport socket. envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "robust_to_untrusted_downstream_and_upstream", # TLS is core functionality. visibility = ["//visibility:public"], deps = [ ":ssl_socket_lib", "//include/envoy/network:transport_socket_interface", "//include/envoy/registry", "//include/envoy/server:transport_socket_config_interface", "//source/extensions/transport_sockets:well_known_names", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ssl_handshaker_lib", srcs = ["ssl_handshaker.cc"], hdrs = ["ssl_handshaker.h"], external_deps = ["ssl"], deps = [ ":context_lib", ":utility_lib", "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/ssl:handshaker_interface", "//include/envoy/ssl:ssl_socket_extended_info_interface", "//include/envoy/ssl:ssl_socket_state", "//include/envoy/ssl/private_key:private_key_callbacks_interface", "//include/envoy/ssl/private_key:private_key_interface", "//include/envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_annotations", "//source/common/http:headers_lib", ], ) envoy_cc_library( name = "io_handle_bio_lib", srcs = ["io_handle_bio.cc"], hdrs = ["io_handle_bio.h"], external_deps = ["ssl"], deps = [ "//include/envoy/buffer:buffer_interface", "//include/envoy/network:io_handle_interface", ], ) envoy_cc_library( name = "ssl_socket_lib", srcs = ["ssl_socket.cc"], hdrs = ["ssl_socket.h"], external_deps = [ "abseil_hash", "abseil_node_hash_map", "abseil_optional", "abseil_synchronization", "ssl", ], # TLS is core functionality. visibility = ["//visibility:public"], deps = [ ":context_config_lib", ":context_lib", ":io_handle_bio_lib", ":ssl_handshaker_lib", ":utility_lib", "//include/envoy/network:connection_interface", "//include/envoy/network:transport_socket_interface", "//include/envoy/ssl:handshaker_interface", "//include/envoy/ssl:ssl_socket_extended_info_interface", "//include/envoy/ssl:ssl_socket_state", "//include/envoy/ssl/private_key:private_key_callbacks_interface", "//include/envoy/ssl/private_key:private_key_interface", "//include/envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_annotations", "//source/common/http:headers_lib", ], ) envoy_cc_library( name = "context_config_lib", srcs = ["context_config_impl.cc"], hdrs = ["context_config_impl.h"], external_deps = [ "ssl", ], # TLS is core functionality. visibility = ["//visibility:public"], deps = [ ":ssl_handshaker_lib", "//include/envoy/secret:secret_callbacks_interface", "//include/envoy/secret:secret_provider_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/ssl:context_config_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:matchers_lib", "//source/common/config:datasource_lib", "//source/common/json:json_loader_lib", "//source/common/protobuf:utility_lib", "//source/common/secret:sds_api_lib", "//source/common/ssl:certificate_validation_context_config_impl_lib", "//source/common/ssl:tls_certificate_config_impl_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "context_lib", srcs = [ "context_impl.cc", "context_manager_impl.cc", ], hdrs = [ "context_impl.h", "context_manager_impl.h", ], external_deps = [ "abseil_node_hash_set", "abseil_synchronization", "ssl", ], # TLS is core functionality. visibility = ["//visibility:public"], deps = [ ":utility_lib", "//include/envoy/ssl:context_config_interface", "//include/envoy/ssl:context_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/ssl:ssl_socket_extended_info_interface", "//include/envoy/ssl/private_key:private_key_interface", "//include/envoy/stats:stats_interface", "//include/envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:base64_lib", "//source/common/common:hex_lib", "//source/common/common:utility_lib", "//source/common/network:address_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_features_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", "//source/extensions/transport_sockets/tls/ocsp:ocsp_lib", "//source/extensions/transport_sockets/tls/private_key:private_key_manager_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = [ "ssl", ], deps = [ "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/network:address_lib", ], ) ================================================ FILE: source/extensions/transport_sockets/tls/config.cc ================================================ #include "extensions/transport_sockets/tls/config.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" #include "common/protobuf/utility.h" #include "extensions/transport_sockets/tls/context_config_impl.h" #include "extensions/transport_sockets/tls/ssl_socket.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { Network::TransportSocketFactoryPtr UpstreamSslSocketFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& context) { auto client_config = std::make_unique( MessageUtil::downcastAndValidate< const envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext&>( message, context.messageValidationVisitor()), context); return std::make_unique(std::move(client_config), context.sslContextManager(), context.scope()); } ProtobufTypes::MessagePtr UpstreamSslSocketFactory::createEmptyConfigProto() { return std::make_unique(); } REGISTER_FACTORY(UpstreamSslSocketFactory, Server::Configuration::UpstreamTransportSocketConfigFactory){"tls"}; Network::TransportSocketFactoryPtr DownstreamSslSocketFactory::createTransportSocketFactory( const Protobuf::Message& message, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) { auto server_config = std::make_unique( MessageUtil::downcastAndValidate< const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext&>( message, context.messageValidationVisitor()), context); return std::make_unique( std::move(server_config), context.sslContextManager(), context.scope(), server_names); } ProtobufTypes::MessagePtr DownstreamSslSocketFactory::createEmptyConfigProto() { return std::make_unique(); } REGISTER_FACTORY(DownstreamSslSocketFactory, Server::Configuration::DownstreamTransportSocketConfigFactory){"tls"}; Ssl::ContextManagerPtr SslContextManagerFactory::createContextManager(TimeSource& time_source) { return std::make_unique(time_source); } static Envoy::Registry::RegisterInternalFactory ssl_manager_registered; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/config.h ================================================ #pragma once #include "envoy/registry/registry.h" #include "envoy/server/transport_socket_config.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { /** * Config registration for the BoringSSL transport socket factory. * @see TransportSocketConfigFactory. */ class SslSocketConfigFactory : public virtual Server::Configuration::TransportSocketConfigFactory { public: ~SslSocketConfigFactory() override = default; std::string name() const override { return TransportSocketNames::get().Tls; } }; class UpstreamSslSocketFactory : public Server::Configuration::UpstreamTransportSocketConfigFactory, public SslSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory( const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; }; DECLARE_FACTORY(UpstreamSslSocketFactory); class DownstreamSslSocketFactory : public Server::Configuration::DownstreamTransportSocketConfigFactory, public SslSocketConfigFactory { public: Network::TransportSocketFactoryPtr createTransportSocketFactory(const Protobuf::Message& config, Server::Configuration::TransportSocketFactoryContext& context, const std::vector& server_names) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override; }; DECLARE_FACTORY(DownstreamSslSocketFactory); class SslContextManagerFactory : public Ssl::ContextManagerFactory { public: Ssl::ContextManagerPtr createContextManager(TimeSource& time_source) override; }; DECLARE_FACTORY(SslContextManagerFactory); } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_config_impl.cc ================================================ #include "extensions/transport_sockets/tls/context_config_impl.h" #include #include #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "common/protobuf/utility.h" #include "common/secret/sds_api.h" #include "common/ssl/certificate_validation_context_config_impl.h" #include "extensions/transport_sockets/tls/ssl_handshaker.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace { std::vector getTlsCertificateConfigProviders( const envoy::extensions::transport_sockets::tls::v3::CommonTlsContext& config, Server::Configuration::TransportSocketFactoryContext& factory_context) { if (!config.tls_certificates().empty()) { std::vector providers; for (const auto& tls_certificate : config.tls_certificates()) { if (!tls_certificate.has_private_key_provider() && !tls_certificate.has_certificate_chain() && !tls_certificate.has_private_key()) { continue; } providers.push_back( factory_context.secretManager().createInlineTlsCertificateProvider(tls_certificate)); } return providers; } if (!config.tls_certificate_sds_secret_configs().empty()) { const auto& sds_secret_config = config.tls_certificate_sds_secret_configs(0); if (sds_secret_config.has_sds_config()) { // Fetch dynamic secret. return {factory_context.secretManager().findOrCreateTlsCertificateProvider( sds_secret_config.sds_config(), sds_secret_config.name(), factory_context)}; } else { // Load static secret. auto secret_provider = factory_context.secretManager().findStaticTlsCertificateProvider( sds_secret_config.name()); if (!secret_provider) { throw EnvoyException(fmt::format("Unknown static secret: {}", sds_secret_config.name())); } return {secret_provider}; } } return {}; } Secret::CertificateValidationContextConfigProviderSharedPtr getProviderFromSds( Server::Configuration::TransportSocketFactoryContext& factory_context, const envoy::extensions::transport_sockets::tls::v3::SdsSecretConfig& sds_secret_config) { if (sds_secret_config.has_sds_config()) { // Fetch dynamic secret. return factory_context.secretManager().findOrCreateCertificateValidationContextProvider( sds_secret_config.sds_config(), sds_secret_config.name(), factory_context); } else { // Load static secret. auto secret_provider = factory_context.secretManager().findStaticCertificateValidationContextProvider( sds_secret_config.name()); if (!secret_provider) { throw EnvoyException(fmt::format("Unknown static certificate validation context: {}", sds_secret_config.name())); } return secret_provider; } return nullptr; } Secret::CertificateValidationContextConfigProviderSharedPtr getCertificateValidationContextConfigProvider( const envoy::extensions::transport_sockets::tls::v3::CommonTlsContext& config, Server::Configuration::TransportSocketFactoryContext& factory_context, std::unique_ptr* default_cvc) { switch (config.validation_context_type_case()) { case envoy::extensions::transport_sockets::tls::v3::CommonTlsContext::ValidationContextTypeCase:: kValidationContext: { auto secret_provider = factory_context.secretManager().createInlineCertificateValidationContextProvider( config.validation_context()); return secret_provider; } case envoy::extensions::transport_sockets::tls::v3::CommonTlsContext::ValidationContextTypeCase:: kValidationContextSdsSecretConfig: { const auto& sds_secret_config = config.validation_context_sds_secret_config(); return getProviderFromSds(factory_context, sds_secret_config); } case envoy::extensions::transport_sockets::tls::v3::CommonTlsContext::ValidationContextTypeCase:: kCombinedValidationContext: { *default_cvc = std::make_unique< envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext>( config.combined_validation_context().default_validation_context()); const auto& sds_secret_config = config.combined_validation_context().validation_context_sds_secret_config(); return getProviderFromSds(factory_context, sds_secret_config); } default: return nullptr; } } Secret::TlsSessionTicketKeysConfigProviderSharedPtr getTlsSessionTicketKeysConfigProvider( Server::Configuration::TransportSocketFactoryContext& factory_context, const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext& config) { switch (config.session_ticket_keys_type_case()) { case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext:: SessionTicketKeysTypeCase::kSessionTicketKeys: return factory_context.secretManager().createInlineTlsSessionTicketKeysProvider( config.session_ticket_keys()); case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext:: SessionTicketKeysTypeCase::kSessionTicketKeysSdsSecretConfig: { const auto& sds_secret_config = config.session_ticket_keys_sds_secret_config(); if (sds_secret_config.has_sds_config()) { // Fetch dynamic secret. return factory_context.secretManager().findOrCreateTlsSessionTicketKeysContextProvider( sds_secret_config.sds_config(), sds_secret_config.name(), factory_context); } else { // Load static secret. auto secret_provider = factory_context.secretManager().findStaticTlsSessionTicketKeysContextProvider( sds_secret_config.name()); if (!secret_provider) { throw EnvoyException( fmt::format("Unknown tls session ticket keys: {}", sds_secret_config.name())); } return secret_provider; } } case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext:: SessionTicketKeysTypeCase::kDisableStatelessSessionResumption: case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext:: SessionTicketKeysTypeCase::SESSION_TICKET_KEYS_TYPE_NOT_SET: return nullptr; default: throw EnvoyException(fmt::format("Unexpected case for oneof session_ticket_keys: {}", config.session_ticket_keys_type_case())); } } bool getStatelessSessionResumptionDisabled( const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext& config) { if (config.session_ticket_keys_type_case() == envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext:: SessionTicketKeysTypeCase::kDisableStatelessSessionResumption) { return config.disable_stateless_session_resumption(); } else { return false; } } } // namespace ContextConfigImpl::ContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::CommonTlsContext& config, const unsigned default_min_protocol_version, const unsigned default_max_protocol_version, const std::string& default_cipher_suites, const std::string& default_curves, Server::Configuration::TransportSocketFactoryContext& factory_context) : api_(factory_context.api()), alpn_protocols_(RepeatedPtrUtil::join(config.alpn_protocols(), ",")), cipher_suites_(StringUtil::nonEmptyStringOrDefault( RepeatedPtrUtil::join(config.tls_params().cipher_suites(), ":"), default_cipher_suites)), ecdh_curves_(StringUtil::nonEmptyStringOrDefault( RepeatedPtrUtil::join(config.tls_params().ecdh_curves(), ":"), default_curves)), tls_certificate_providers_(getTlsCertificateConfigProviders(config, factory_context)), certificate_validation_context_provider_( getCertificateValidationContextConfigProvider(config, factory_context, &default_cvc_)), min_protocol_version_(tlsVersionFromProto(config.tls_params().tls_minimum_protocol_version(), default_min_protocol_version)), max_protocol_version_(tlsVersionFromProto(config.tls_params().tls_maximum_protocol_version(), default_max_protocol_version)) { if (certificate_validation_context_provider_ != nullptr) { if (default_cvc_) { // We need to validate combined certificate validation context. // The default certificate validation context and dynamic certificate validation // context could only contain partial fields, which is okay to fail the validation. // But the combined certificate validation context should pass validation. If // validation of combined certificate validation context fails, // getCombinedValidationContextConfig() throws exception, validation_context_config_ will not // get updated. cvc_validation_callback_handle_ = certificate_validation_context_provider_->addValidationCallback( [this]( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& dynamic_cvc) { getCombinedValidationContextConfig(dynamic_cvc); }); } // Load inlined, static or dynamic secret that's already available. if (certificate_validation_context_provider_->secret() != nullptr) { if (default_cvc_) { validation_context_config_ = getCombinedValidationContextConfig(*certificate_validation_context_provider_->secret()); } else { validation_context_config_ = std::make_unique( *certificate_validation_context_provider_->secret(), api_); } } } // Load inlined, static or dynamic secrets that are already available. if (!tls_certificate_providers_.empty()) { for (auto& provider : tls_certificate_providers_) { if (provider->secret() != nullptr) { tls_certificate_configs_.emplace_back(*provider->secret(), &factory_context, api_); } } } HandshakerFactoryContextImpl handshaker_factory_context(api_, alpn_protocols_); Ssl::HandshakerFactory* handshaker_factory; if (config.has_custom_handshaker()) { // If a custom handshaker is configured, derive the factory from the config. const auto& handshaker_config = config.custom_handshaker(); handshaker_factory = &Config::Utility::getAndCheckFactory(handshaker_config); handshaker_factory_cb_ = handshaker_factory->createHandshakerCb( handshaker_config.typed_config(), handshaker_factory_context, factory_context.messageValidationVisitor()); } else { // Otherwise, derive the config from the default factory. handshaker_factory = HandshakerFactoryImpl::getDefaultHandshakerFactory(); handshaker_factory_cb_ = handshaker_factory->createHandshakerCb( *handshaker_factory->createEmptyConfigProto(), handshaker_factory_context, factory_context.messageValidationVisitor()); } capabilities_ = handshaker_factory->capabilities(); } Ssl::CertificateValidationContextConfigPtr ContextConfigImpl::getCombinedValidationContextConfig( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& dynamic_cvc) { envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext combined_cvc = *default_cvc_; combined_cvc.MergeFrom(dynamic_cvc); return std::make_unique(combined_cvc, api_); } void ContextConfigImpl::setSecretUpdateCallback(std::function callback) { if (!tls_certificate_providers_.empty()) { if (tc_update_callback_handle_) { tc_update_callback_handle_->remove(); } // Once tls_certificate_config_ receives new secret, this callback updates // ContextConfigImpl::tls_certificate_config_ with new secret. tc_update_callback_handle_ = tls_certificate_providers_[0]->addUpdateCallback([this, callback]() { // This breaks multiple certificate support, but today SDS is only single cert. // TODO(htuch): Fix this when SDS goes multi-cert. tls_certificate_configs_.clear(); tls_certificate_configs_.emplace_back(*tls_certificate_providers_[0]->secret(), nullptr, api_); callback(); }); } if (certificate_validation_context_provider_) { if (cvc_update_callback_handle_) { cvc_update_callback_handle_->remove(); } if (default_cvc_) { // Once certificate_validation_context_provider_ receives new secret, this callback updates // ContextConfigImpl::validation_context_config_ with a combined certificate validation // context. The combined certificate validation context is created by merging new secret into // default_cvc_. cvc_update_callback_handle_ = certificate_validation_context_provider_->addUpdateCallback([this, callback]() { validation_context_config_ = getCombinedValidationContextConfig( *certificate_validation_context_provider_->secret()); callback(); }); } else { // Once certificate_validation_context_provider_ receives new secret, this callback updates // ContextConfigImpl::validation_context_config_ with new secret. cvc_update_callback_handle_ = certificate_validation_context_provider_->addUpdateCallback([this, callback]() { validation_context_config_ = std::make_unique( *certificate_validation_context_provider_->secret(), api_); callback(); }); } } } Ssl::HandshakerFactoryCb ContextConfigImpl::createHandshaker() const { return handshaker_factory_cb_; } ContextConfigImpl::~ContextConfigImpl() { if (tc_update_callback_handle_) { tc_update_callback_handle_->remove(); } if (cvc_update_callback_handle_) { cvc_update_callback_handle_->remove(); } if (cvc_validation_callback_handle_) { cvc_validation_callback_handle_->remove(); } } unsigned ContextConfigImpl::tlsVersionFromProto( const envoy::extensions::transport_sockets::tls::v3::TlsParameters::TlsProtocol& version, unsigned default_version) { switch (version) { case envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLS_AUTO: return default_version; case envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0: return TLS1_VERSION; case envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_1: return TLS1_1_VERSION; case envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2: return TLS1_2_VERSION; case envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3: return TLS1_3_VERSION; default: NOT_REACHED_GCOVR_EXCL_LINE; } } const unsigned ClientContextConfigImpl::DEFAULT_MIN_VERSION = TLS1_2_VERSION; const unsigned ClientContextConfigImpl::DEFAULT_MAX_VERSION = TLS1_2_VERSION; const std::string ClientContextConfigImpl::DEFAULT_CIPHER_SUITES = #ifndef BORINGSSL_FIPS "[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:" "[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:" #else // BoringSSL FIPS "ECDHE-ECDSA-AES128-GCM-SHA256:" "ECDHE-RSA-AES128-GCM-SHA256:" #endif "ECDHE-ECDSA-AES128-SHA:" "ECDHE-RSA-AES128-SHA:" "AES128-GCM-SHA256:" "AES128-SHA:" "ECDHE-ECDSA-AES256-GCM-SHA384:" "ECDHE-RSA-AES256-GCM-SHA384:" "ECDHE-ECDSA-AES256-SHA:" "ECDHE-RSA-AES256-SHA:" "AES256-GCM-SHA384:" "AES256-SHA"; const std::string ClientContextConfigImpl::DEFAULT_CURVES = #ifndef BORINGSSL_FIPS "X25519:" #endif "P-256"; ClientContextConfigImpl::ClientContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext& config, absl::string_view sigalgs, Server::Configuration::TransportSocketFactoryContext& factory_context) : ContextConfigImpl(config.common_tls_context(), DEFAULT_MIN_VERSION, DEFAULT_MAX_VERSION, DEFAULT_CIPHER_SUITES, DEFAULT_CURVES, factory_context), server_name_indication_(config.sni()), allow_renegotiation_(config.allow_renegotiation()), max_session_keys_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_session_keys, 1)), sigalgs_(sigalgs) { // BoringSSL treats this as a C string, so embedded NULL characters will not // be handled correctly. if (server_name_indication_.find('\0') != std::string::npos) { throw EnvoyException("SNI names containing NULL-byte are not allowed"); } // TODO(PiotrSikora): Support multiple TLS certificates. if ((config.common_tls_context().tls_certificates().size() + config.common_tls_context().tls_certificate_sds_secret_configs().size()) > 1) { throw EnvoyException("Multiple TLS certificates are not supported for client contexts"); } } const unsigned ServerContextConfigImpl::DEFAULT_MIN_VERSION = TLS1_VERSION; const unsigned ServerContextConfigImpl::DEFAULT_MAX_VERSION = TLS1_3_VERSION; const std::string ServerContextConfigImpl::DEFAULT_CIPHER_SUITES = #ifndef BORINGSSL_FIPS "[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:" "[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:" #else // BoringSSL FIPS "ECDHE-ECDSA-AES128-GCM-SHA256:" "ECDHE-RSA-AES128-GCM-SHA256:" #endif "ECDHE-ECDSA-AES128-SHA:" "ECDHE-RSA-AES128-SHA:" "AES128-GCM-SHA256:" "AES128-SHA:" "ECDHE-ECDSA-AES256-GCM-SHA384:" "ECDHE-RSA-AES256-GCM-SHA384:" "ECDHE-ECDSA-AES256-SHA:" "ECDHE-RSA-AES256-SHA:" "AES256-GCM-SHA384:" "AES256-SHA"; const std::string ServerContextConfigImpl::DEFAULT_CURVES = #ifndef BORINGSSL_FIPS "X25519:" #endif "P-256"; ServerContextConfigImpl::ServerContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext& config, Server::Configuration::TransportSocketFactoryContext& factory_context) : ContextConfigImpl(config.common_tls_context(), DEFAULT_MIN_VERSION, DEFAULT_MAX_VERSION, DEFAULT_CIPHER_SUITES, DEFAULT_CURVES, factory_context), require_client_certificate_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, require_client_certificate, false)), ocsp_staple_policy_(ocspStaplePolicyFromProto(config.ocsp_staple_policy())), session_ticket_keys_provider_(getTlsSessionTicketKeysConfigProvider(factory_context, config)), disable_stateless_session_resumption_(getStatelessSessionResumptionDisabled(config)) { if (session_ticket_keys_provider_ != nullptr) { // Validate tls session ticket keys early to reject bad sds updates. stk_validation_callback_handle_ = session_ticket_keys_provider_->addValidationCallback( [this](const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& keys) { getSessionTicketKeys(keys); }); // Load inlined, static or dynamic secret that's already available. if (session_ticket_keys_provider_->secret() != nullptr) { session_ticket_keys_ = getSessionTicketKeys(*session_ticket_keys_provider_->secret()); } } if (!capabilities().provides_certificates) { if ((config.common_tls_context().tls_certificates().size() + config.common_tls_context().tls_certificate_sds_secret_configs().size()) == 0) { throw EnvoyException("No TLS certificates found for server context"); } else if (!config.common_tls_context().tls_certificates().empty() && !config.common_tls_context().tls_certificate_sds_secret_configs().empty()) { throw EnvoyException("SDS and non-SDS TLS certificates may not be mixed in server contexts"); } } if (config.has_session_timeout()) { session_timeout_ = std::chrono::seconds(DurationUtil::durationToSeconds(config.session_timeout())); } } ServerContextConfigImpl::~ServerContextConfigImpl() { if (stk_update_callback_handle_ != nullptr) { stk_update_callback_handle_->remove(); } if (stk_validation_callback_handle_ != nullptr) { stk_validation_callback_handle_->remove(); } } void ServerContextConfigImpl::setSecretUpdateCallback(std::function callback) { ContextConfigImpl::setSecretUpdateCallback(callback); if (session_ticket_keys_provider_) { if (stk_update_callback_handle_) { stk_update_callback_handle_->remove(); } // Once session_ticket_keys_ receives new secret, this callback updates // ContextConfigImpl::session_ticket_keys_ with new session ticket keys. stk_update_callback_handle_ = session_ticket_keys_provider_->addUpdateCallback([this, callback]() { session_ticket_keys_ = getSessionTicketKeys(*session_ticket_keys_provider_->secret()); callback(); }); } } std::vector ServerContextConfigImpl::getSessionTicketKeys( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& keys) { std::vector result; for (const auto& datasource : keys.keys()) { result.emplace_back(getSessionTicketKey(Config::DataSource::read(datasource, false, api_))); } return result; } // Extracts a SessionTicketKey from raw binary data. // Throws if key_data is invalid. Ssl::ServerContextConfig::SessionTicketKey ServerContextConfigImpl::getSessionTicketKey(const std::string& key_data) { // If this changes, need to figure out how to deal with key files // that previously worked. For now, just assert so we'll notice that // it changed if it does. static_assert(sizeof(SessionTicketKey) == 80, "Input is expected to be this size"); if (key_data.size() != sizeof(SessionTicketKey)) { throw EnvoyException(fmt::format("Incorrect TLS session ticket key length. " "Length {}, expected length {}.", key_data.size(), sizeof(SessionTicketKey))); } SessionTicketKey dst_key; std::copy_n(key_data.begin(), dst_key.name_.size(), dst_key.name_.begin()); size_t pos = dst_key.name_.size(); std::copy_n(key_data.begin() + pos, dst_key.hmac_key_.size(), dst_key.hmac_key_.begin()); pos += dst_key.hmac_key_.size(); std::copy_n(key_data.begin() + pos, dst_key.aes_key_.size(), dst_key.aes_key_.begin()); pos += dst_key.aes_key_.size(); ASSERT(key_data.begin() + pos == key_data.end()); return dst_key; } Ssl::ServerContextConfig::OcspStaplePolicy ServerContextConfigImpl::ocspStaplePolicyFromProto( const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext::OcspStaplePolicy& policy) { switch (policy) { case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext::LENIENT_STAPLING: return Ssl::ServerContextConfig::OcspStaplePolicy::LenientStapling; case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext::STRICT_STAPLING: return Ssl::ServerContextConfig::OcspStaplePolicy::StrictStapling; case envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext::MUST_STAPLE: return Ssl::ServerContextConfig::OcspStaplePolicy::MustStaple; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_config_impl.h ================================================ #pragma once #include #include #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/secret/secret_callbacks.h" #include "envoy/secret/secret_provider.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_config.h" #include "common/common/empty_string.h" #include "common/json/json_loader.h" #include "common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { static const std::string INLINE_STRING = ""; class ContextConfigImpl : public virtual Ssl::ContextConfig { public: ~ContextConfigImpl() override; // Ssl::ContextConfig const std::string& alpnProtocols() const override { return alpn_protocols_; } const std::string& cipherSuites() const override { return cipher_suites_; } const std::string& ecdhCurves() const override { return ecdh_curves_; } // TODO(htuch): This needs to be made const again and/or zero copy and/or callers fixed. std::vector> tlsCertificates() const override { std::vector> configs; for (const auto& config : tls_certificate_configs_) { configs.push_back(config); } return configs; } const Envoy::Ssl::CertificateValidationContextConfig* certificateValidationContext() const override { return validation_context_config_.get(); } unsigned minProtocolVersion() const override { return min_protocol_version_; }; unsigned maxProtocolVersion() const override { return max_protocol_version_; }; bool isReady() const override { const bool tls_is_ready = (tls_certificate_providers_.empty() || !tls_certificate_configs_.empty()); const bool combined_cvc_is_ready = (default_cvc_ == nullptr || validation_context_config_ != nullptr); const bool cvc_is_ready = (certificate_validation_context_provider_ == nullptr || default_cvc_ != nullptr || validation_context_config_ != nullptr); return tls_is_ready && combined_cvc_is_ready && cvc_is_ready; } void setSecretUpdateCallback(std::function callback) override; Ssl::HandshakerFactoryCb createHandshaker() const override; Ssl::HandshakerCapabilities capabilities() const override { return capabilities_; } Ssl::CertificateValidationContextConfigPtr getCombinedValidationContextConfig( const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext& dynamic_cvc); protected: ContextConfigImpl(const envoy::extensions::transport_sockets::tls::v3::CommonTlsContext& config, const unsigned default_min_protocol_version, const unsigned default_max_protocol_version, const std::string& default_cipher_suites, const std::string& default_curves, Server::Configuration::TransportSocketFactoryContext& factory_context); Api::Api& api_; private: static unsigned tlsVersionFromProto( const envoy::extensions::transport_sockets::tls::v3::TlsParameters::TlsProtocol& version, unsigned default_version); const std::string alpn_protocols_; const std::string cipher_suites_; const std::string ecdh_curves_; std::vector tls_certificate_configs_; Ssl::CertificateValidationContextConfigPtr validation_context_config_; // If certificate validation context type is combined_validation_context. default_cvc_ // holds a copy of CombinedCertificateValidationContext::default_validation_context. // Otherwise, default_cvc_ is nullptr. std::unique_ptr default_cvc_; std::vector tls_certificate_providers_; // Handle for TLS certificate dynamic secret callback. Envoy::Common::CallbackHandle* tc_update_callback_handle_{}; Secret::CertificateValidationContextConfigProviderSharedPtr certificate_validation_context_provider_; // Handle for certificate validation context dynamic secret callback. Envoy::Common::CallbackHandle* cvc_update_callback_handle_{}; Envoy::Common::CallbackHandle* cvc_validation_callback_handle_{}; const unsigned min_protocol_version_; const unsigned max_protocol_version_; Ssl::HandshakerFactoryCb handshaker_factory_cb_; Ssl::HandshakerCapabilities capabilities_; }; class ClientContextConfigImpl : public ContextConfigImpl, public Envoy::Ssl::ClientContextConfig { public: static const std::string DEFAULT_CIPHER_SUITES; static const std::string DEFAULT_CURVES; ClientContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext& config, absl::string_view sigalgs, Server::Configuration::TransportSocketFactoryContext& secret_provider_context); ClientContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext& config, Server::Configuration::TransportSocketFactoryContext& secret_provider_context) : ClientContextConfigImpl(config, "", secret_provider_context) {} // Ssl::ClientContextConfig const std::string& serverNameIndication() const override { return server_name_indication_; } bool allowRenegotiation() const override { return allow_renegotiation_; } size_t maxSessionKeys() const override { return max_session_keys_; } const std::string& signingAlgorithmsForTest() const override { return sigalgs_; } private: static const unsigned DEFAULT_MIN_VERSION; static const unsigned DEFAULT_MAX_VERSION; const std::string server_name_indication_; const bool allow_renegotiation_; const size_t max_session_keys_; const std::string sigalgs_; }; class ServerContextConfigImpl : public ContextConfigImpl, public Envoy::Ssl::ServerContextConfig { public: ServerContextConfigImpl( const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext& config, Server::Configuration::TransportSocketFactoryContext& secret_provider_context); ~ServerContextConfigImpl() override; // Ssl::ServerContextConfig bool requireClientCertificate() const override { return require_client_certificate_; } OcspStaplePolicy ocspStaplePolicy() const override { return ocsp_staple_policy_; } const std::vector& sessionTicketKeys() const override { return session_ticket_keys_; } absl::optional sessionTimeout() const override { return session_timeout_; } bool isReady() const override { const bool parent_is_ready = ContextConfigImpl::isReady(); const bool session_ticket_keys_are_ready = (session_ticket_keys_provider_ == nullptr || !session_ticket_keys_.empty()); return parent_is_ready && session_ticket_keys_are_ready; } void setSecretUpdateCallback(std::function callback) override; bool disableStatelessSessionResumption() const override { return disable_stateless_session_resumption_; } private: static const unsigned DEFAULT_MIN_VERSION; static const unsigned DEFAULT_MAX_VERSION; static const std::string DEFAULT_CIPHER_SUITES; static const std::string DEFAULT_CURVES; const bool require_client_certificate_; const OcspStaplePolicy ocsp_staple_policy_; std::vector session_ticket_keys_; const Secret::TlsSessionTicketKeysConfigProviderSharedPtr session_ticket_keys_provider_; Envoy::Common::CallbackHandle* stk_update_callback_handle_{}; Envoy::Common::CallbackHandle* stk_validation_callback_handle_{}; std::vector getSessionTicketKeys( const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& keys); ServerContextConfig::SessionTicketKey getSessionTicketKey(const std::string& key_data); static OcspStaplePolicy ocspStaplePolicyFromProto( const envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext::OcspStaplePolicy& policy); absl::optional session_timeout_; const bool disable_stateless_session_resumption_; }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_impl.cc ================================================ #include "extensions/transport_sockets/tls/context_impl.h" #include #include #include #include #include "envoy/admin/v3/certs.pb.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/ssl/ssl_socket_extended_info.h" #include "envoy/stats/scope.h" #include "envoy/type/matcher/v3/string.pb.h" #include "common/common/assert.h" #include "common/common/base64.h" #include "common/common/fmt.h" #include "common/common/hex.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "common/stats/utility.h" #include "extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" #include "absl/strings/str_join.h" #include "openssl/evp.h" #include "openssl/hmac.h" #include "openssl/rand.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace { bool cbsContainsU16(CBS& cbs, uint16_t n) { while (CBS_len(&cbs) > 0) { uint16_t v; if (!CBS_get_u16(&cbs, &v)) { return false; } if (v == n) { return true; } } return false; } } // namespace int ContextImpl::sslExtendedSocketInfoIndex() { CONSTRUCT_ON_FIRST_USE(int, []() -> int { int ssl_context_index = SSL_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr); RELEASE_ASSERT(ssl_context_index >= 0, ""); return ssl_context_index; }()); } ContextImpl::ContextImpl(Stats::Scope& scope, const Envoy::Ssl::ContextConfig& config, TimeSource& time_source) : scope_(scope), stats_(generateStats(scope)), time_source_(time_source), tls_max_version_(config.maxProtocolVersion()), stat_name_set_(scope.symbolTable().makeSet("TransportSockets::Tls")), unknown_ssl_cipher_(stat_name_set_->add("unknown_ssl_cipher")), unknown_ssl_curve_(stat_name_set_->add("unknown_ssl_curve")), unknown_ssl_algorithm_(stat_name_set_->add("unknown_ssl_algorithm")), unknown_ssl_version_(stat_name_set_->add("unknown_ssl_version")), ssl_ciphers_(stat_name_set_->add("ssl.ciphers")), ssl_versions_(stat_name_set_->add("ssl.versions")), ssl_curves_(stat_name_set_->add("ssl.curves")), ssl_sigalgs_(stat_name_set_->add("ssl.sigalgs")), capabilities_(config.capabilities()) { const auto tls_certificates = config.tlsCertificates(); tls_contexts_.resize(std::max(static_cast(1), tls_certificates.size())); for (auto& ctx : tls_contexts_) { ctx.ssl_ctx_.reset(SSL_CTX_new(TLS_method())); int rc = SSL_CTX_set_app_data(ctx.ssl_ctx_.get(), this); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); rc = SSL_CTX_set_min_proto_version(ctx.ssl_ctx_.get(), config.minProtocolVersion()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); rc = SSL_CTX_set_max_proto_version(ctx.ssl_ctx_.get(), config.maxProtocolVersion()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); if (!capabilities_.provides_ciphers_and_curves && !SSL_CTX_set_strict_cipher_list(ctx.ssl_ctx_.get(), config.cipherSuites().c_str())) { // Break up a set of ciphers into each individual cipher and try them each individually in // order to attempt to log which specific one failed. Example of config.cipherSuites(): // "-ALL:[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:ECDHE-ECDSA-AES128-SHA". // // "-" is both an operator when in the leading position of a token (-ALL: don't allow this // cipher), and the common separator in names (ECDHE-ECDSA-AES128-GCM-SHA256). Don't split on // it because it will separate pieces of the same cipher. When it is a leading character, it // is removed below. std::vector ciphers = StringUtil::splitToken(config.cipherSuites(), ":+![|]", false); std::vector bad_ciphers; for (const auto& cipher : ciphers) { std::string cipher_str(cipher); if (absl::StartsWith(cipher_str, "-")) { cipher_str.erase(cipher_str.begin()); } if (!SSL_CTX_set_strict_cipher_list(ctx.ssl_ctx_.get(), cipher_str.c_str())) { bad_ciphers.push_back(cipher_str); } } throw EnvoyException(fmt::format("Failed to initialize cipher suites {}. The following " "ciphers were rejected when tried individually: {}", config.cipherSuites(), absl::StrJoin(bad_ciphers, ", "))); } if (!capabilities_.provides_ciphers_and_curves && !SSL_CTX_set1_curves_list(ctx.ssl_ctx_.get(), config.ecdhCurves().c_str())) { throw EnvoyException(absl::StrCat("Failed to initialize ECDH curves ", config.ecdhCurves())); } } int verify_mode = SSL_VERIFY_NONE; int verify_mode_validation_context = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT; if (config.certificateValidationContext() != nullptr) { envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext:: TrustChainVerification verification = config.certificateValidationContext()->trustChainVerification(); if (verification == envoy::extensions::transport_sockets::tls::v3:: CertificateValidationContext::ACCEPT_UNTRUSTED) { verify_mode = SSL_VERIFY_PEER; // Ensure client-certs will be requested even if we have // nothing to verify against verify_mode_validation_context = SSL_VERIFY_PEER; } } #ifdef BORINGSSL_FIPS if (!capabilities_.is_fips_compliant) { throw EnvoyException( "Can't load a FIPS noncompliant custom handshaker while running in FIPS compliant mode."); } #endif if (config.certificateValidationContext() != nullptr && !config.certificateValidationContext()->caCert().empty() && !config.capabilities().provides_certificates) { ca_file_path_ = config.certificateValidationContext()->caCertPath(); bssl::UniquePtr bio( BIO_new_mem_buf(const_cast(config.certificateValidationContext()->caCert().data()), config.certificateValidationContext()->caCert().size())); RELEASE_ASSERT(bio != nullptr, ""); // Based on BoringSSL's X509_load_cert_crl_file(). bssl::UniquePtr list( PEM_X509_INFO_read_bio(bio.get(), nullptr, nullptr, nullptr)); if (list == nullptr) { throw EnvoyException(absl::StrCat("Failed to load trusted CA certificates from ", config.certificateValidationContext()->caCertPath())); } for (auto& ctx : tls_contexts_) { X509_STORE* store = SSL_CTX_get_cert_store(ctx.ssl_ctx_.get()); bool has_crl = false; for (const X509_INFO* item : list.get()) { if (item->x509) { X509_STORE_add_cert(store, item->x509); if (ca_cert_ == nullptr) { X509_up_ref(item->x509); ca_cert_.reset(item->x509); } } if (item->crl) { X509_STORE_add_crl(store, item->crl); has_crl = true; } } if (ca_cert_ == nullptr) { throw EnvoyException(absl::StrCat("Failed to load trusted CA certificates from ", config.certificateValidationContext()->caCertPath())); } if (has_crl) { X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); } verify_mode = SSL_VERIFY_PEER; verify_trusted_ca_ = true; // NOTE: We're using SSL_CTX_set_cert_verify_callback() instead of X509_verify_cert() // directly. However, our new callback is still calling X509_verify_cert() under // the hood. Therefore, to ignore cert expiration, we need to set the callback // for X509_verify_cert to ignore that error. if (config.certificateValidationContext()->allowExpiredCertificate()) { X509_STORE_set_verify_cb(store, ContextImpl::ignoreCertificateExpirationCallback); } } } if (config.certificateValidationContext() != nullptr && !config.certificateValidationContext()->certificateRevocationList().empty()) { bssl::UniquePtr bio(BIO_new_mem_buf( const_cast( config.certificateValidationContext()->certificateRevocationList().data()), config.certificateValidationContext()->certificateRevocationList().size())); RELEASE_ASSERT(bio != nullptr, ""); // Based on BoringSSL's X509_load_cert_crl_file(). bssl::UniquePtr list( PEM_X509_INFO_read_bio(bio.get(), nullptr, nullptr, nullptr)); if (list == nullptr) { throw EnvoyException( absl::StrCat("Failed to load CRL from ", config.certificateValidationContext()->certificateRevocationListPath())); } for (auto& ctx : tls_contexts_) { X509_STORE* store = SSL_CTX_get_cert_store(ctx.ssl_ctx_.get()); for (const X509_INFO* item : list.get()) { if (item->crl) { X509_STORE_add_crl(store, item->crl); } } X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); } } const Envoy::Ssl::CertificateValidationContextConfig* cert_validation_config = config.certificateValidationContext(); if (cert_validation_config != nullptr) { if (!cert_validation_config->verifySubjectAltNameList().empty()) { verify_subject_alt_name_list_ = cert_validation_config->verifySubjectAltNameList(); verify_mode = verify_mode_validation_context; } if (!cert_validation_config->subjectAltNameMatchers().empty()) { for (const envoy::type::matcher::v3::StringMatcher& matcher : cert_validation_config->subjectAltNameMatchers()) { subject_alt_name_matchers_.push_back(Matchers::StringMatcherImpl(matcher)); } verify_mode = verify_mode_validation_context; } if (!cert_validation_config->verifyCertificateHashList().empty()) { for (auto hash : cert_validation_config->verifyCertificateHashList()) { // Remove colons from the 95 chars long colon-separated "fingerprint" // in order to get the hex-encoded string. if (hash.size() == 95) { hash.erase(std::remove(hash.begin(), hash.end(), ':'), hash.end()); } const auto& decoded = Hex::decode(hash); if (decoded.size() != SHA256_DIGEST_LENGTH) { throw EnvoyException(absl::StrCat("Invalid hex-encoded SHA-256 ", hash)); } verify_certificate_hash_list_.push_back(decoded); } verify_mode = verify_mode_validation_context; } if (!cert_validation_config->verifyCertificateSpkiList().empty()) { for (const auto& hash : cert_validation_config->verifyCertificateSpkiList()) { const auto decoded = Base64::decode(hash); if (decoded.size() != SHA256_DIGEST_LENGTH) { throw EnvoyException(absl::StrCat("Invalid base64-encoded SHA-256 ", hash)); } verify_certificate_spki_list_.emplace_back(decoded.begin(), decoded.end()); } verify_mode = verify_mode_validation_context; } } if (!capabilities_.verifies_peer_certificates) { for (auto& ctx : tls_contexts_) { if (verify_mode != SSL_VERIFY_NONE) { SSL_CTX_set_verify(ctx.ssl_ctx_.get(), verify_mode, nullptr); SSL_CTX_set_cert_verify_callback(ctx.ssl_ctx_.get(), ContextImpl::verifyCallback, this); } } } absl::node_hash_set cert_pkey_ids; if (!capabilities_.provides_certificates) { for (uint32_t i = 0; i < tls_certificates.size(); ++i) { auto& ctx = tls_contexts_[i]; // Load certificate chain. const auto& tls_certificate = tls_certificates[i].get(); ctx.cert_chain_file_path_ = tls_certificate.certificateChainPath(); bssl::UniquePtr bio( BIO_new_mem_buf(const_cast(tls_certificate.certificateChain().data()), tls_certificate.certificateChain().size())); RELEASE_ASSERT(bio != nullptr, ""); ctx.cert_chain_.reset(PEM_read_bio_X509_AUX(bio.get(), nullptr, nullptr, nullptr)); if (ctx.cert_chain_ == nullptr || !SSL_CTX_use_certificate(ctx.ssl_ctx_.get(), ctx.cert_chain_.get())) { while (uint64_t err = ERR_get_error()) { ENVOY_LOG_MISC(debug, "SSL error: {}:{}:{}:{}", err, ERR_lib_error_string(err), ERR_func_error_string(err), ERR_GET_REASON(err), ERR_reason_error_string(err)); } throw EnvoyException( absl::StrCat("Failed to load certificate chain from ", ctx.cert_chain_file_path_)); } // Read rest of the certificate chain. while (true) { bssl::UniquePtr cert(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr)); if (cert == nullptr) { break; } if (!SSL_CTX_add_extra_chain_cert(ctx.ssl_ctx_.get(), cert.get())) { throw EnvoyException( absl::StrCat("Failed to load certificate chain from ", ctx.cert_chain_file_path_)); } // SSL_CTX_add_extra_chain_cert() takes ownership. cert.release(); } // Check for EOF. const uint32_t err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { ERR_clear_error(); } else { throw EnvoyException( absl::StrCat("Failed to load certificate chain from ", ctx.cert_chain_file_path_)); } // The must staple extension means the certificate promises to carry // with it an OCSP staple. https://tools.ietf.org/html/rfc7633#section-6 constexpr absl::string_view tls_feature_ext = "1.3.6.1.5.5.7.1.24"; constexpr absl::string_view must_staple_ext_value = "\x30\x3\x02\x01\x05"; auto must_staple = Utility::getCertificateExtensionValue(*ctx.cert_chain_, tls_feature_ext); if (must_staple == must_staple_ext_value) { ctx.is_must_staple_ = true; } bssl::UniquePtr public_key(X509_get_pubkey(ctx.cert_chain_.get())); const int pkey_id = EVP_PKEY_id(public_key.get()); if (!cert_pkey_ids.insert(pkey_id).second) { throw EnvoyException(fmt::format("Failed to load certificate chain from {}, at most one " "certificate of a given type may be specified", ctx.cert_chain_file_path_)); } ctx.is_ecdsa_ = pkey_id == EVP_PKEY_EC; switch (pkey_id) { case EVP_PKEY_EC: { // We only support P-256 ECDSA today. const EC_KEY* ecdsa_public_key = EVP_PKEY_get0_EC_KEY(public_key.get()); // Since we checked the key type above, this should be valid. ASSERT(ecdsa_public_key != nullptr); const EC_GROUP* ecdsa_group = EC_KEY_get0_group(ecdsa_public_key); if (ecdsa_group == nullptr || EC_GROUP_get_curve_name(ecdsa_group) != NID_X9_62_prime256v1) { throw EnvoyException(fmt::format("Failed to load certificate chain from {}, only P-256 " "ECDSA certificates are supported", ctx.cert_chain_file_path_)); } ctx.is_ecdsa_ = true; } break; case EVP_PKEY_RSA: { // We require RSA certificates with 2048-bit or larger keys. const RSA* rsa_public_key = EVP_PKEY_get0_RSA(public_key.get()); // Since we checked the key type above, this should be valid. ASSERT(rsa_public_key != nullptr); const unsigned rsa_key_length = RSA_size(rsa_public_key); #ifdef BORINGSSL_FIPS if (rsa_key_length != 2048 / 8 && rsa_key_length != 3072 / 8) { throw EnvoyException( fmt::format("Failed to load certificate chain from {}, only RSA certificates with " "2048-bit or 3072-bit keys are supported in FIPS mode", ctx.cert_chain_file_path_)); } #else if (rsa_key_length < 2048 / 8) { throw EnvoyException( fmt::format("Failed to load certificate chain from {}, only RSA " "certificates with 2048-bit or larger keys are supported", ctx.cert_chain_file_path_)); } #endif } break; #ifdef BORINGSSL_FIPS default: throw EnvoyException(fmt::format("Failed to load certificate chain from {}, only RSA and " "ECDSA certificates are supported in FIPS mode", ctx.cert_chain_file_path_)); #endif } Envoy::Ssl::PrivateKeyMethodProviderSharedPtr private_key_method_provider = tls_certificate.privateKeyMethod(); // We either have a private key or a BoringSSL private key method provider. if (private_key_method_provider) { ctx.private_key_method_provider_ = private_key_method_provider; // The provider has a reference to the private key method for the context lifetime. Ssl::BoringSslPrivateKeyMethodSharedPtr private_key_method = private_key_method_provider->getBoringSslPrivateKeyMethod(); if (private_key_method == nullptr) { throw EnvoyException( fmt::format("Failed to get BoringSSL private key method from provider")); } #ifdef BORINGSSL_FIPS if (!ctx.private_key_method_provider_->checkFips()) { throw EnvoyException( fmt::format("Private key method doesn't support FIPS mode with current parameters")); } #endif SSL_CTX_set_private_key_method(ctx.ssl_ctx_.get(), private_key_method.get()); } else { // Load private key. bio.reset(BIO_new_mem_buf(const_cast(tls_certificate.privateKey().data()), tls_certificate.privateKey().size())); RELEASE_ASSERT(bio != nullptr, ""); bssl::UniquePtr pkey( PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, !tls_certificate.password().empty() ? const_cast(tls_certificate.password().c_str()) : nullptr)); if (pkey == nullptr || !SSL_CTX_use_PrivateKey(ctx.ssl_ctx_.get(), pkey.get())) { throw EnvoyException( absl::StrCat("Failed to load private key from ", tls_certificate.privateKeyPath())); } #ifdef BORINGSSL_FIPS // Verify that private keys are passing FIPS pairwise consistency tests. switch (pkey_id) { case EVP_PKEY_EC: { const EC_KEY* ecdsa_private_key = EVP_PKEY_get0_EC_KEY(pkey.get()); if (!EC_KEY_check_fips(ecdsa_private_key)) { throw EnvoyException(fmt::format("Failed to load private key from {}, ECDSA key failed " "pairwise consistency test required in FIPS mode", tls_certificate.privateKeyPath())); } } break; case EVP_PKEY_RSA: { RSA* rsa_private_key = EVP_PKEY_get0_RSA(pkey.get()); if (!RSA_check_fips(rsa_private_key)) { throw EnvoyException(fmt::format("Failed to load private key from {}, RSA key failed " "pairwise consistency test required in FIPS mode", tls_certificate.privateKeyPath())); } } break; } #endif } } } // use the server's cipher list preferences for (auto& ctx : tls_contexts_) { SSL_CTX_set_options(ctx.ssl_ctx_.get(), SSL_OP_CIPHER_SERVER_PREFERENCE); } if (config.certificateValidationContext() != nullptr) { allow_untrusted_certificate_ = config.certificateValidationContext()->trustChainVerification() == envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext:: ACCEPT_UNTRUSTED; } parsed_alpn_protocols_ = parseAlpnProtocols(config.alpnProtocols()); // To enumerate the required builtin ciphers, curves, algorithms, and // versions, uncomment '#define LOG_BUILTIN_STAT_NAMES' below, and run // bazel test //test/extensions/transport_sockets/tls/... --test_output=streamed // | grep " Builtin ssl." | sort | uniq // #define LOG_BUILTIN_STAT_NAMES // // TODO(#8035): improve tooling to find any other built-ins needed to avoid // contention. // Ciphers stat_name_set_->rememberBuiltin("AEAD-AES128-GCM-SHA256"); stat_name_set_->rememberBuiltin("ECDHE-ECDSA-AES128-GCM-SHA256"); stat_name_set_->rememberBuiltin("ECDHE-RSA-AES128-GCM-SHA256"); stat_name_set_->rememberBuiltin("ECDHE-RSA-AES128-SHA"); stat_name_set_->rememberBuiltin("ECDHE-RSA-CHACHA20-POLY1305"); stat_name_set_->rememberBuiltin("TLS_AES_128_GCM_SHA256"); // Curves from // https://github.com/google/boringssl/blob/f4d8b969200f1ee2dd872ffb85802e6a0976afe7/ssl/ssl_key_share.cc#L384 stat_name_set_->rememberBuiltins( {"P-224", "P-256", "P-384", "P-521", "X25519", "CECPQ2", "CECPQ2b"}); // Algorithms stat_name_set_->rememberBuiltins({"ecdsa_secp256r1_sha256", "rsa_pss_rsae_sha256"}); // Versions stat_name_set_->rememberBuiltins({"TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}); } int ServerContextImpl::alpnSelectCallback(const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen) { // Currently this uses the standard selection algorithm in priority order. const uint8_t* alpn_data = parsed_alpn_protocols_.data(); size_t alpn_data_size = parsed_alpn_protocols_.size(); if (SSL_select_next_proto(const_cast(out), outlen, alpn_data, alpn_data_size, in, inlen) != OPENSSL_NPN_NEGOTIATED) { return SSL_TLSEXT_ERR_NOACK; } else { return SSL_TLSEXT_ERR_OK; } } std::vector ContextImpl::parseAlpnProtocols(const std::string& alpn_protocols) { if (alpn_protocols.empty()) { return {}; } if (alpn_protocols.size() >= 65535) { throw EnvoyException("Invalid ALPN protocol string"); } std::vector out(alpn_protocols.size() + 1); size_t start = 0; for (size_t i = 0; i <= alpn_protocols.size(); i++) { if (i == alpn_protocols.size() || alpn_protocols[i] == ',') { if (i - start > 255) { throw EnvoyException("Invalid ALPN protocol string"); } out[start] = i - start; start = i + 1; } else { out[i + 1] = alpn_protocols[i]; } } return out; } bssl::UniquePtr ContextImpl::newSsl(const Network::TransportSocketOptions*) { // We use the first certificate for a new SSL object, later in the // SSL_CTX_set_select_certificate_cb() callback following ClientHello, we replace with the // selected certificate via SSL_set_SSL_CTX(). return bssl::UniquePtr(SSL_new(tls_contexts_[0].ssl_ctx_.get())); } int ContextImpl::ignoreCertificateExpirationCallback(int ok, X509_STORE_CTX* ctx) { if (!ok) { int err = X509_STORE_CTX_get_error(ctx); if (err == X509_V_ERR_CERT_HAS_EXPIRED || err == X509_V_ERR_CERT_NOT_YET_VALID) { return 1; } } return ok; } int ContextImpl::verifyCallback(X509_STORE_CTX* store_ctx, void* arg) { ContextImpl* impl = reinterpret_cast(arg); SSL* ssl = reinterpret_cast( X509_STORE_CTX_get_ex_data(store_ctx, SSL_get_ex_data_X509_STORE_CTX_idx())); auto cert = bssl::UniquePtr(SSL_get_peer_certificate(ssl)); return impl->doVerifyCertChain( store_ctx, reinterpret_cast( SSL_get_ex_data(ssl, ContextImpl::sslExtendedSocketInfoIndex())), *cert, static_cast(SSL_get_app_data(ssl))); } int ContextImpl::doVerifyCertChain( X509_STORE_CTX* store_ctx, Ssl::SslExtendedSocketInfo* ssl_extended_info, X509& leaf_cert, const Network::TransportSocketOptions* transport_socket_options) { if (verify_trusted_ca_) { int ret = X509_verify_cert(store_ctx); if (ssl_extended_info) { ssl_extended_info->setCertificateValidationStatus( ret == 1 ? Envoy::Ssl::ClientValidationStatus::Validated : Envoy::Ssl::ClientValidationStatus::Failed); } if (ret <= 0) { stats_.fail_verify_error_.inc(); return allow_untrusted_certificate_ ? 1 : ret; } } Envoy::Ssl::ClientValidationStatus validated = verifyCertificate( &leaf_cert, transport_socket_options && !transport_socket_options->verifySubjectAltNameListOverride().empty() ? transport_socket_options->verifySubjectAltNameListOverride() : verify_subject_alt_name_list_, subject_alt_name_matchers_); if (ssl_extended_info) { if (ssl_extended_info->certificateValidationStatus() == Envoy::Ssl::ClientValidationStatus::NotValidated) { ssl_extended_info->setCertificateValidationStatus(validated); } else if (validated != Envoy::Ssl::ClientValidationStatus::NotValidated) { ssl_extended_info->setCertificateValidationStatus(validated); } } return allow_untrusted_certificate_ ? 1 : (validated != Envoy::Ssl::ClientValidationStatus::Failed); } Envoy::Ssl::ClientValidationStatus ContextImpl::verifyCertificate( X509* cert, const std::vector& verify_san_list, const std::vector& subject_alt_name_matchers) { Envoy::Ssl::ClientValidationStatus validated = Envoy::Ssl::ClientValidationStatus::NotValidated; if (!verify_san_list.empty()) { if (!verifySubjectAltName(cert, verify_san_list)) { stats_.fail_verify_san_.inc(); return Envoy::Ssl::ClientValidationStatus::Failed; } validated = Envoy::Ssl::ClientValidationStatus::Validated; } if (!subject_alt_name_matchers.empty() && !matchSubjectAltName(cert, subject_alt_name_matchers)) { stats_.fail_verify_san_.inc(); return Envoy::Ssl::ClientValidationStatus::Failed; } if (!verify_certificate_hash_list_.empty() || !verify_certificate_spki_list_.empty()) { const bool valid_certificate_hash = !verify_certificate_hash_list_.empty() && verifyCertificateHashList(cert, verify_certificate_hash_list_); const bool valid_certificate_spki = !verify_certificate_spki_list_.empty() && verifyCertificateSpkiList(cert, verify_certificate_spki_list_); if (!valid_certificate_hash && !valid_certificate_spki) { stats_.fail_verify_cert_hash_.inc(); return Envoy::Ssl::ClientValidationStatus::Failed; } validated = Envoy::Ssl::ClientValidationStatus::Validated; } return validated; } void ContextImpl::incCounter(const Stats::StatName name, absl::string_view value, const Stats::StatName fallback) const { Stats::Counter& counter = Stats::Utility::counterFromElements( scope_, {name, stat_name_set_->getBuiltin(value, fallback)}); counter.inc(); #ifdef LOG_BUILTIN_STAT_NAMES std::cerr << absl::StrCat("Builtin ", symbol_table.toString(name), ": ", value, "\n") << std::flush; #endif } void ContextImpl::logHandshake(SSL* ssl) const { stats_.handshake_.inc(); if (SSL_session_reused(ssl)) { stats_.session_reused_.inc(); } incCounter(ssl_ciphers_, SSL_get_cipher_name(ssl), unknown_ssl_cipher_); incCounter(ssl_versions_, SSL_get_version(ssl), unknown_ssl_version_); const uint16_t curve_id = SSL_get_curve_id(ssl); if (curve_id) { incCounter(ssl_curves_, SSL_get_curve_name(curve_id), unknown_ssl_curve_); } const uint16_t sigalg_id = SSL_get_peer_signature_algorithm(ssl); if (sigalg_id) { const char* sigalg = SSL_get_signature_algorithm_name(sigalg_id, 1 /* include curve */); incCounter(ssl_sigalgs_, sigalg, unknown_ssl_algorithm_); } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl)); if (!cert.get()) { stats_.no_certificate_.inc(); } } std::vector ContextImpl::getPrivateKeyMethodProviders() { std::vector providers; for (auto& tls_context : tls_contexts_) { Envoy::Ssl::PrivateKeyMethodProviderSharedPtr provider = tls_context.getPrivateKeyMethodProvider(); if (provider) { providers.push_back(provider); } } return providers; } bool ContextImpl::matchSubjectAltName( X509* cert, const std::vector& subject_alt_name_matchers) { bssl::UniquePtr san_names( static_cast(X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr))); if (san_names == nullptr) { return false; } for (const GENERAL_NAME* general_name : san_names.get()) { const std::string san = Utility::generalNameAsString(general_name); for (auto& config_san_matcher : subject_alt_name_matchers) { // For DNS SAN, if the StringMatcher type is exact, we have to follow DNS matching semantics. if (general_name->type == GEN_DNS && config_san_matcher.matcher().match_pattern_case() == envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kExact ? dnsNameMatch(config_san_matcher.matcher().exact(), absl::string_view(san)) : config_san_matcher.match(san)) { return true; } } } return false; } bool ContextImpl::verifySubjectAltName(X509* cert, const std::vector& subject_alt_names) { bssl::UniquePtr san_names( static_cast(X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr))); if (san_names == nullptr) { return false; } for (const GENERAL_NAME* general_name : san_names.get()) { const std::string san = Utility::generalNameAsString(general_name); for (auto& config_san : subject_alt_names) { if (general_name->type == GEN_DNS ? dnsNameMatch(config_san, san.c_str()) : config_san == san) { return true; } } } return false; } bool ContextImpl::dnsNameMatch(const absl::string_view dns_name, const absl::string_view pattern) { if (dns_name == pattern) { return true; } size_t pattern_len = pattern.length(); if (pattern_len > 1 && pattern[0] == '*' && pattern[1] == '.') { if (dns_name.length() > pattern_len - 1) { const size_t off = dns_name.length() - pattern_len + 1; if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.fix_wildcard_matching")) { return dns_name.substr(0, off).find('.') == std::string::npos && dns_name.substr(off, pattern_len - 1) == pattern.substr(1, pattern_len - 1); } else { return dns_name.substr(off, pattern_len - 1) == pattern.substr(1, pattern_len - 1); } } } return false; } bool ContextImpl::verifyCertificateHashList( X509* cert, const std::vector>& expected_hashes) { std::vector computed_hash(SHA256_DIGEST_LENGTH); unsigned int n; X509_digest(cert, EVP_sha256(), computed_hash.data(), &n); RELEASE_ASSERT(n == computed_hash.size(), ""); for (const auto& expected_hash : expected_hashes) { if (computed_hash == expected_hash) { return true; } } return false; } bool ContextImpl::verifyCertificateSpkiList( X509* cert, const std::vector>& expected_hashes) { X509_PUBKEY* pubkey = X509_get_X509_PUBKEY(cert); if (pubkey == nullptr) { return false; } uint8_t* spki = nullptr; const int len = i2d_X509_PUBKEY(pubkey, &spki); if (len < 0) { return false; } bssl::UniquePtr free_spki(spki); std::vector computed_hash(SHA256_DIGEST_LENGTH); SHA256(spki, len, computed_hash.data()); for (const auto& expected_hash : expected_hashes) { if (computed_hash == expected_hash) { return true; } } return false; } SslStats ContextImpl::generateStats(Stats::Scope& store) { std::string prefix("ssl."); return {ALL_SSL_STATS(POOL_COUNTER_PREFIX(store, prefix), POOL_GAUGE_PREFIX(store, prefix), POOL_HISTOGRAM_PREFIX(store, prefix))}; } size_t ContextImpl::daysUntilFirstCertExpires() const { int daysUntilExpiration = Utility::getDaysUntilExpiration(ca_cert_.get(), time_source_); for (auto& ctx : tls_contexts_) { daysUntilExpiration = std::min( Utility::getDaysUntilExpiration(ctx.cert_chain_.get(), time_source_), daysUntilExpiration); } if (daysUntilExpiration < 0) { // Ensure that the return value is unsigned return 0; } return daysUntilExpiration; } absl::optional ContextImpl::secondsUntilFirstOcspResponseExpires() const { absl::optional secs_until_expiration; for (auto& ctx : tls_contexts_) { if (ctx.ocsp_response_) { uint64_t next_expiration = ctx.ocsp_response_->secondsUntilExpiration(); secs_until_expiration = std::min( next_expiration, secs_until_expiration.value_or(std::numeric_limits::max())); } } return secs_until_expiration; } Envoy::Ssl::CertificateDetailsPtr ContextImpl::getCaCertInformation() const { if (ca_cert_ == nullptr) { return nullptr; } return certificateDetails(ca_cert_.get(), getCaFileName(), nullptr); } std::vector ContextImpl::getCertChainInformation() const { std::vector cert_details; for (const auto& ctx : tls_contexts_) { if (ctx.cert_chain_ == nullptr) { continue; } cert_details.emplace_back(certificateDetails(ctx.cert_chain_.get(), ctx.getCertChainFileName(), ctx.ocsp_response_.get())); } return cert_details; } Envoy::Ssl::CertificateDetailsPtr ContextImpl::certificateDetails(X509* cert, const std::string& path, const Ocsp::OcspResponseWrapper* ocsp_response) const { Envoy::Ssl::CertificateDetailsPtr certificate_details = std::make_unique(); certificate_details->set_path(path); certificate_details->set_serial_number(Utility::getSerialNumberFromCertificate(*cert)); certificate_details->set_days_until_expiration( Utility::getDaysUntilExpiration(cert, time_source_)); if (ocsp_response) { auto* ocsp_details = certificate_details->mutable_ocsp_details(); ProtobufWkt::Timestamp* valid_from = ocsp_details->mutable_valid_from(); TimestampUtil::systemClockToTimestamp(ocsp_response->getThisUpdate(), *valid_from); ProtobufWkt::Timestamp* expiration = ocsp_details->mutable_expiration(); TimestampUtil::systemClockToTimestamp(ocsp_response->getNextUpdate(), *expiration); } ProtobufWkt::Timestamp* valid_from = certificate_details->mutable_valid_from(); TimestampUtil::systemClockToTimestamp(Utility::getValidFrom(*cert), *valid_from); ProtobufWkt::Timestamp* expiration_time = certificate_details->mutable_expiration_time(); TimestampUtil::systemClockToTimestamp(Utility::getExpirationTime(*cert), *expiration_time); for (auto& dns_san : Utility::getSubjectAltNames(*cert, GEN_DNS)) { envoy::admin::v3::SubjectAlternateName& subject_alt_name = *certificate_details->add_subject_alt_names(); subject_alt_name.set_dns(dns_san); } for (auto& uri_san : Utility::getSubjectAltNames(*cert, GEN_URI)) { envoy::admin::v3::SubjectAlternateName& subject_alt_name = *certificate_details->add_subject_alt_names(); subject_alt_name.set_uri(uri_san); } for (auto& ip_san : Utility::getSubjectAltNames(*cert, GEN_IPADD)) { envoy::admin::v3::SubjectAlternateName& subject_alt_name = *certificate_details->add_subject_alt_names(); subject_alt_name.set_ip_address(ip_san); } return certificate_details; } ClientContextImpl::ClientContextImpl(Stats::Scope& scope, const Envoy::Ssl::ClientContextConfig& config, TimeSource& time_source) : ContextImpl(scope, config, time_source), server_name_indication_(config.serverNameIndication()), allow_renegotiation_(config.allowRenegotiation()), max_session_keys_(config.maxSessionKeys()) { // This should be guaranteed during configuration ingestion for client contexts. ASSERT(tls_contexts_.size() == 1); if (!parsed_alpn_protocols_.empty()) { for (auto& ctx : tls_contexts_) { const int rc = SSL_CTX_set_alpn_protos(ctx.ssl_ctx_.get(), parsed_alpn_protocols_.data(), parsed_alpn_protocols_.size()); RELEASE_ASSERT(rc == 0, Utility::getLastCryptoError().value_or("")); } } if (!config.signingAlgorithmsForTest().empty()) { const uint16_t sigalgs = parseSigningAlgorithmsForTest(config.signingAlgorithmsForTest()); RELEASE_ASSERT(sigalgs != 0, fmt::format("unsupported signing algorithm {}", config.signingAlgorithmsForTest())); for (auto& ctx : tls_contexts_) { const int rc = SSL_CTX_set_verify_algorithm_prefs(ctx.ssl_ctx_.get(), &sigalgs, 1); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } } if (max_session_keys_ > 0) { SSL_CTX_set_session_cache_mode(tls_contexts_[0].ssl_ctx_.get(), SSL_SESS_CACHE_CLIENT); SSL_CTX_sess_set_new_cb( tls_contexts_[0].ssl_ctx_.get(), [](SSL* ssl, SSL_SESSION* session) -> int { ContextImpl* context_impl = static_cast(SSL_CTX_get_app_data(SSL_get_SSL_CTX(ssl))); ClientContextImpl* client_context_impl = dynamic_cast(context_impl); RELEASE_ASSERT(client_context_impl != nullptr, ""); // for Coverity return client_context_impl->newSessionKey(session); }); } } bool ContextImpl::parseAndSetAlpn(const std::vector& alpn, SSL& ssl) { std::vector parsed_alpn = parseAlpnProtocols(absl::StrJoin(alpn, ",")); if (!parsed_alpn.empty()) { const int rc = SSL_set_alpn_protos(&ssl, parsed_alpn.data(), parsed_alpn.size()); // This should only if memory allocation fails, e.g. OOM. RELEASE_ASSERT(rc == 0, Utility::getLastCryptoError().value_or("")); return true; } return false; } bssl::UniquePtr ClientContextImpl::newSsl(const Network::TransportSocketOptions* options) { bssl::UniquePtr ssl_con(ContextImpl::newSsl(options)); const std::string server_name_indication = options && options->serverNameOverride().has_value() ? options->serverNameOverride().value() : server_name_indication_; if (!server_name_indication.empty()) { const int rc = SSL_set_tlsext_host_name(ssl_con.get(), server_name_indication.c_str()); RELEASE_ASSERT(rc, Utility::getLastCryptoError().value_or("")); } if (options && !options->verifySubjectAltNameListOverride().empty()) { SSL_set_app_data(ssl_con.get(), options); SSL_set_verify(ssl_con.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); } // We determine what ALPN using the following precedence: // 1. Option-provided ALPN override. // 2. ALPN statically configured in the upstream TLS context. // 3. Option-provided ALPN fallback. // At this point in the code the ALPN has already been set (if present) to the value specified in // the TLS context. We've stored this value in parsed_alpn_protocols_ so we can check that to see // if it's already been set. bool has_alpn_defined = !parsed_alpn_protocols_.empty(); if (options) { // ALPN override takes precedence over TLS context specified, so blindly overwrite it. has_alpn_defined |= parseAndSetAlpn(options->applicationProtocolListOverride(), *ssl_con); } if (options && !has_alpn_defined && options->applicationProtocolFallback().has_value()) { // If ALPN hasn't already been set (either through TLS context or override), use the fallback. parseAndSetAlpn({*options->applicationProtocolFallback()}, *ssl_con); } if (allow_renegotiation_) { SSL_set_renegotiate_mode(ssl_con.get(), ssl_renegotiate_freely); } if (max_session_keys_ > 0) { if (session_keys_single_use_) { // Stored single-use session keys, use write/write locks. absl::WriterMutexLock l(&session_keys_mu_); if (!session_keys_.empty()) { // Use the most recently stored session key, since it has the highest // probability of still being recognized/accepted by the server. SSL_SESSION* session = session_keys_.front().get(); SSL_set_session(ssl_con.get(), session); // Remove single-use session key (TLS 1.3) after first use. if (SSL_SESSION_should_be_single_use(session)) { session_keys_.pop_front(); } } } else { // Never stored single-use session keys, use read/write locks. absl::ReaderMutexLock l(&session_keys_mu_); if (!session_keys_.empty()) { // Use the most recently stored session key, since it has the highest // probability of still being recognized/accepted by the server. SSL_SESSION* session = session_keys_.front().get(); SSL_set_session(ssl_con.get(), session); } } } return ssl_con; } int ClientContextImpl::newSessionKey(SSL_SESSION* session) { // In case we ever store single-use session key (TLS 1.3), // we need to switch to using write/write locks. if (SSL_SESSION_should_be_single_use(session)) { session_keys_single_use_ = true; } absl::WriterMutexLock l(&session_keys_mu_); // Evict oldest entries. while (session_keys_.size() >= max_session_keys_) { session_keys_.pop_back(); } // Add new session key at the front of the queue, so that it's used first. session_keys_.push_front(bssl::UniquePtr(session)); return 1; // Tell BoringSSL that we took ownership of the session. } uint16_t ClientContextImpl::parseSigningAlgorithmsForTest(const std::string& sigalgs) { // This is used only when testing RSA/ECDSA certificate selection, so only the signing algorithms // used in tests are supported here. if (sigalgs == "rsa_pss_rsae_sha256") { return SSL_SIGN_RSA_PSS_RSAE_SHA256; } else if (sigalgs == "ecdsa_secp256r1_sha256") { return SSL_SIGN_ECDSA_SECP256R1_SHA256; } return 0; } ServerContextImpl::ServerContextImpl(Stats::Scope& scope, const Envoy::Ssl::ServerContextConfig& config, const std::vector& server_names, TimeSource& time_source) : ContextImpl(scope, config, time_source), session_ticket_keys_(config.sessionTicketKeys()), ocsp_staple_policy_(config.ocspStaplePolicy()) { if (config.tlsCertificates().empty() && !config.capabilities().provides_certificates) { throw EnvoyException("Server TlsCertificates must have a certificate specified"); } // Compute the session context ID hash. We use all the certificate identities, // since we should have a common ID for session resumption no matter what cert // is used. We do this early because it can throw an EnvoyException. const SessionContextID session_id = generateHashForSessionContextId(server_names); // First, configure the base context for ClientHello interception. // TODO(htuch): replace with SSL_IDENTITY when we have this as a means to do multi-cert in // BoringSSL. if (!config.capabilities().provides_certificates) { SSL_CTX_set_select_certificate_cb( tls_contexts_[0].ssl_ctx_.get(), [](const SSL_CLIENT_HELLO* client_hello) -> ssl_select_cert_result_t { return static_cast( SSL_CTX_get_app_data(SSL_get_SSL_CTX(client_hello->ssl))) ->selectTlsContext(client_hello); }); } const auto tls_certificates = config.tlsCertificates(); for (uint32_t i = 0; i < tls_certificates.size(); ++i) { auto& ctx = tls_contexts_[i]; if (!config.capabilities().verifies_peer_certificates && config.certificateValidationContext() != nullptr && !config.certificateValidationContext()->caCert().empty()) { ctx.addClientValidationContext(*config.certificateValidationContext(), config.requireClientCertificate()); } if (!parsed_alpn_protocols_.empty() && !config.capabilities().handles_alpn_selection) { SSL_CTX_set_alpn_select_cb( ctx.ssl_ctx_.get(), [](SSL*, const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen, void* arg) -> int { return static_cast(arg)->alpnSelectCallback(out, outlen, in, inlen); }, this); } // If the handshaker handles session tickets natively, don't call // `SSL_CTX_set_tlsext_ticket_key_cb`. if (config.disableStatelessSessionResumption()) { SSL_CTX_set_options(ctx.ssl_ctx_.get(), SSL_OP_NO_TICKET); } else if (!session_ticket_keys_.empty() && !config.capabilities().handles_session_resumption) { SSL_CTX_set_tlsext_ticket_key_cb( ctx.ssl_ctx_.get(), [](SSL* ssl, uint8_t* key_name, uint8_t* iv, EVP_CIPHER_CTX* ctx, HMAC_CTX* hmac_ctx, int encrypt) -> int { ContextImpl* context_impl = static_cast(SSL_CTX_get_app_data(SSL_get_SSL_CTX(ssl))); ServerContextImpl* server_context_impl = dynamic_cast(context_impl); RELEASE_ASSERT(server_context_impl != nullptr, ""); // for Coverity return server_context_impl->sessionTicketProcess(ssl, key_name, iv, ctx, hmac_ctx, encrypt); }); } if (config.sessionTimeout() && !config.capabilities().handles_session_resumption) { auto timeout = config.sessionTimeout().value().count(); SSL_CTX_set_timeout(ctx.ssl_ctx_.get(), uint32_t(timeout)); } int rc = SSL_CTX_set_session_id_context(ctx.ssl_ctx_.get(), session_id.data(), session_id.size()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); auto& ocsp_resp_bytes = tls_certificates[i].get().ocspStaple(); if (ocsp_resp_bytes.empty()) { if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.require_ocsp_response_for_must_staple_certs") && ctx.is_must_staple_) { throw EnvoyException("OCSP response is required for must-staple certificate"); } if (ocsp_staple_policy_ == Ssl::ServerContextConfig::OcspStaplePolicy::MustStaple) { throw EnvoyException("Required OCSP response is missing from TLS context"); } } else { auto response = std::make_unique(ocsp_resp_bytes, time_source_); if (!response->matchesCertificate(*ctx.cert_chain_)) { throw EnvoyException("OCSP response does not match its TLS certificate"); } ctx.ocsp_response_ = std::move(response); } } } ServerContextImpl::SessionContextID ServerContextImpl::generateHashForSessionContextId(const std::vector& server_names) { uint8_t hash_buffer[EVP_MAX_MD_SIZE]; unsigned hash_length; bssl::ScopedEVP_MD_CTX md; int rc = EVP_DigestInit(md.get(), EVP_sha256()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); // Hash the CommonName/SANs of all the server certificates. This makes sure that sessions can only // be resumed to certificate(s) for the same name(s), but allows resuming to unique certs in the // case that different Envoy instances each have their own certs. All certificates in a // ServerContextImpl context are hashed together, since they all constitute a match on a filter // chain for resumption purposes. if (!capabilities_.provides_certificates) { for (const auto& ctx : tls_contexts_) { X509* cert = SSL_CTX_get0_certificate(ctx.ssl_ctx_.get()); RELEASE_ASSERT(cert != nullptr, "TLS context should have an active certificate"); X509_NAME* cert_subject = X509_get_subject_name(cert); RELEASE_ASSERT(cert_subject != nullptr, "TLS certificate should have a subject"); const int cn_index = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, -1); if (cn_index >= 0) { X509_NAME_ENTRY* cn_entry = X509_NAME_get_entry(cert_subject, cn_index); RELEASE_ASSERT(cn_entry != nullptr, "certificate subject CN should be present"); ASN1_STRING* cn_asn1 = X509_NAME_ENTRY_get_data(cn_entry); if (ASN1_STRING_length(cn_asn1) <= 0) { throw EnvoyException("Invalid TLS context has an empty subject CN"); } rc = EVP_DigestUpdate(md.get(), ASN1_STRING_data(cn_asn1), ASN1_STRING_length(cn_asn1)); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } unsigned san_count = 0; bssl::UniquePtr san_names(static_cast( X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr))); if (san_names != nullptr) { for (const GENERAL_NAME* san : san_names.get()) { switch (san->type) { case GEN_IPADD: rc = EVP_DigestUpdate(md.get(), san->d.iPAddress->data, san->d.iPAddress->length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); ++san_count; break; case GEN_DNS: rc = EVP_DigestUpdate(md.get(), ASN1_STRING_data(san->d.dNSName), ASN1_STRING_length(san->d.dNSName)); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); ++san_count; break; case GEN_URI: rc = EVP_DigestUpdate(md.get(), ASN1_STRING_data(san->d.uniformResourceIdentifier), ASN1_STRING_length(san->d.uniformResourceIdentifier)); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); ++san_count; break; } } } // It's possible that the certificate doesn't have a subject, but // does have SANs. Make sure that we have one or the other. if (cn_index < 0 && san_count == 0) { throw EnvoyException("Invalid TLS context has neither subject CN nor SAN names"); } rc = X509_NAME_digest(X509_get_issuer_name(cert), EVP_sha256(), hash_buffer, &hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); RELEASE_ASSERT(hash_length == SHA256_DIGEST_LENGTH, fmt::format("invalid SHA256 hash length {}", hash_length)); rc = EVP_DigestUpdate(md.get(), hash_buffer, hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } } // Hash all the settings that affect whether the server will allow/accept // the client connection. This ensures that the client is always validated against // the correct settings, even if session resumption across different listeners // is enabled. if (ca_cert_ != nullptr) { rc = X509_digest(ca_cert_.get(), EVP_sha256(), hash_buffer, &hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); RELEASE_ASSERT(hash_length == SHA256_DIGEST_LENGTH, fmt::format("invalid SHA256 hash length {}", hash_length)); rc = EVP_DigestUpdate(md.get(), hash_buffer, hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); // verify_subject_alt_name_list_ can only be set with a ca_cert for (const std::string& name : verify_subject_alt_name_list_) { rc = EVP_DigestUpdate(md.get(), name.data(), name.size()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } } for (const auto& hash : verify_certificate_hash_list_) { rc = EVP_DigestUpdate(md.get(), hash.data(), hash.size() * sizeof(std::remove_reference::type::value_type)); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } for (const auto& hash : verify_certificate_spki_list_) { rc = EVP_DigestUpdate(md.get(), hash.data(), hash.size() * sizeof(std::remove_reference::type::value_type)); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } // Hash configured SNIs for this context, so that sessions cannot be resumed across different // filter chains, even when using the same server certificate. for (const auto& name : server_names) { rc = EVP_DigestUpdate(md.get(), name.data(), name.size()); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); } SessionContextID session_id; // Ensure that the output size of the hash we are using is no greater than // TLS session ID length that we want to generate. static_assert(session_id.size() == SHA256_DIGEST_LENGTH, "hash size mismatch"); static_assert(session_id.size() == SSL_MAX_SSL_SESSION_ID_LENGTH, "TLS session ID size mismatch"); rc = EVP_DigestFinal(md.get(), session_id.data(), &hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); RELEASE_ASSERT(hash_length == session_id.size(), "SHA256 hash length must match TLS Session ID size"); return session_id; } int ServerContextImpl::sessionTicketProcess(SSL*, uint8_t* key_name, uint8_t* iv, EVP_CIPHER_CTX* ctx, HMAC_CTX* hmac_ctx, int encrypt) { const EVP_MD* hmac = EVP_sha256(); const EVP_CIPHER* cipher = EVP_aes_256_cbc(); if (encrypt == 1) { // Encrypt RELEASE_ASSERT(!session_ticket_keys_.empty(), ""); // TODO(ggreenway): validate in SDS that session_ticket_keys_ cannot be empty, // or if we allow it to be emptied, reconfigure the context so this callback // isn't set. const Envoy::Ssl::ServerContextConfig::SessionTicketKey& key = session_ticket_keys_.front(); static_assert(std::tuple_size::value == SSL_TICKET_KEY_NAME_LEN, "Expected key.name length"); std::copy_n(key.name_.begin(), SSL_TICKET_KEY_NAME_LEN, key_name); const int rc = RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)); ASSERT(rc); // This RELEASE_ASSERT is logically a static_assert, but we can't actually get // EVP_CIPHER_key_length(cipher) at compile-time RELEASE_ASSERT(key.aes_key_.size() == EVP_CIPHER_key_length(cipher), ""); if (!EVP_EncryptInit_ex(ctx, cipher, nullptr, key.aes_key_.data(), iv)) { return -1; } if (!HMAC_Init_ex(hmac_ctx, key.hmac_key_.data(), key.hmac_key_.size(), hmac, nullptr)) { return -1; } return 1; // success } else { // Decrypt bool is_enc_key = true; // first element is the encryption key for (const Envoy::Ssl::ServerContextConfig::SessionTicketKey& key : session_ticket_keys_) { static_assert(std::tuple_size::value == SSL_TICKET_KEY_NAME_LEN, "Expected key.name length"); if (std::equal(key.name_.begin(), key.name_.end(), key_name)) { if (!HMAC_Init_ex(hmac_ctx, key.hmac_key_.data(), key.hmac_key_.size(), hmac, nullptr)) { return -1; } RELEASE_ASSERT(key.aes_key_.size() == EVP_CIPHER_key_length(cipher), ""); if (!EVP_DecryptInit_ex(ctx, cipher, nullptr, key.aes_key_.data(), iv)) { return -1; } // If our current encryption was not the decryption key, renew return is_enc_key ? 1 // success; do not renew : 2; // success: renew key } is_enc_key = false; } return 0; // decryption failed } } bool ServerContextImpl::isClientEcdsaCapable(const SSL_CLIENT_HELLO* ssl_client_hello) { CBS client_hello; CBS_init(&client_hello, ssl_client_hello->client_hello, ssl_client_hello->client_hello_len); // This is the TLSv1.3 case (TLSv1.2 on the wire and the supported_versions extensions present). // We just need to look at signature algorithms. const uint16_t client_version = ssl_client_hello->version; if (client_version == TLS1_2_VERSION && tls_max_version_ == TLS1_3_VERSION) { // If the supported_versions extension is found then we assume that the client is competent // enough that just checking the signature_algorithms is sufficient. const uint8_t* supported_versions_data; size_t supported_versions_len; if (SSL_early_callback_ctx_extension_get(ssl_client_hello, TLSEXT_TYPE_supported_versions, &supported_versions_data, &supported_versions_len)) { const uint8_t* signature_algorithms_data; size_t signature_algorithms_len; if (SSL_early_callback_ctx_extension_get(ssl_client_hello, TLSEXT_TYPE_signature_algorithms, &signature_algorithms_data, &signature_algorithms_len)) { CBS signature_algorithms_ext, signature_algorithms; CBS_init(&signature_algorithms_ext, signature_algorithms_data, signature_algorithms_len); if (!CBS_get_u16_length_prefixed(&signature_algorithms_ext, &signature_algorithms) || CBS_len(&signature_algorithms_ext) != 0) { return false; } if (cbsContainsU16(signature_algorithms, SSL_SIGN_ECDSA_SECP256R1_SHA256)) { return true; } } return false; } } // Otherwise we are < TLSv1.3 and need to look at both the curves in the supported_groups for // ECDSA and also for a compatible cipher suite. https://tools.ietf.org/html/rfc4492#section-5.1.1 const uint8_t* curvelist_data; size_t curvelist_len; if (!SSL_early_callback_ctx_extension_get(ssl_client_hello, TLSEXT_TYPE_supported_groups, &curvelist_data, &curvelist_len)) { return false; } CBS curvelist; CBS_init(&curvelist, curvelist_data, curvelist_len); // We only support P256 ECDSA curves today. if (!cbsContainsU16(curvelist, SSL_CURVE_SECP256R1)) { return false; } // The client must have offered an ECDSA ciphersuite that we like. CBS cipher_suites; CBS_init(&cipher_suites, ssl_client_hello->cipher_suites, ssl_client_hello->cipher_suites_len); while (CBS_len(&cipher_suites) > 0) { uint16_t cipher_id; if (!CBS_get_u16(&cipher_suites, &cipher_id)) { return false; } // All tls_context_ share the same set of enabled ciphers, so we can just look at the base // context. if (tls_contexts_[0].isCipherEnabled(cipher_id, client_version)) { return true; } } return false; } bool ServerContextImpl::isClientOcspCapable(const SSL_CLIENT_HELLO* ssl_client_hello) { const uint8_t* status_request_data; size_t status_request_len; if (SSL_early_callback_ctx_extension_get(ssl_client_hello, TLSEXT_TYPE_status_request, &status_request_data, &status_request_len)) { return true; } return false; } OcspStapleAction ServerContextImpl::ocspStapleAction(const ContextImpl::TlsContext& ctx, bool client_ocsp_capable) { if (!client_ocsp_capable) { return OcspStapleAction::ClientNotCapable; } auto& response = ctx.ocsp_response_; if (!Runtime::runtimeFeatureEnabled("envoy.reloadable_features.check_ocsp_policy")) { // Expiration check is disabled. Proceed as if the policy is LenientStapling and the response // is not expired. return response ? OcspStapleAction::Staple : OcspStapleAction::NoStaple; } auto policy = ocsp_staple_policy_; if (ctx.is_must_staple_) { // The certificate has the must-staple extension, so upgrade the policy to match. policy = Ssl::ServerContextConfig::OcspStaplePolicy::MustStaple; } const bool valid_response = response && !response->isExpired(); switch (policy) { case Ssl::ServerContextConfig::OcspStaplePolicy::LenientStapling: if (!valid_response) { return OcspStapleAction::NoStaple; } return OcspStapleAction::Staple; case Ssl::ServerContextConfig::OcspStaplePolicy::StrictStapling: if (valid_response) { return OcspStapleAction::Staple; } if (response) { // Expired response. return OcspStapleAction::Fail; } return OcspStapleAction::NoStaple; case Ssl::ServerContextConfig::OcspStaplePolicy::MustStaple: if (!valid_response) { return OcspStapleAction::Fail; } return OcspStapleAction::Staple; default: NOT_REACHED_GCOVR_EXCL_LINE; } } enum ssl_select_cert_result_t ServerContextImpl::selectTlsContext(const SSL_CLIENT_HELLO* ssl_client_hello) { const bool client_ecdsa_capable = isClientEcdsaCapable(ssl_client_hello); const bool client_ocsp_capable = isClientOcspCapable(ssl_client_hello); // Fallback on first certificate. const TlsContext* selected_ctx = &tls_contexts_[0]; auto ocsp_staple_action = ocspStapleAction(*selected_ctx, client_ocsp_capable); for (const auto& ctx : tls_contexts_) { if (client_ecdsa_capable != ctx.is_ecdsa_) { continue; } auto action = ocspStapleAction(ctx, client_ocsp_capable); if (action == OcspStapleAction::Fail) { continue; } selected_ctx = &ctx; ocsp_staple_action = action; break; } if (client_ocsp_capable) { stats_.ocsp_staple_requests_.inc(); } switch (ocsp_staple_action) { case OcspStapleAction::Staple: { // We avoid setting the OCSP response if the client didn't request it, but doing so is safe. RELEASE_ASSERT(selected_ctx->ocsp_response_, "OCSP response must be present under OcspStapleAction::Staple"); auto& resp_bytes = selected_ctx->ocsp_response_->rawBytes(); int rc = SSL_set_ocsp_response(ssl_client_hello->ssl, resp_bytes.data(), resp_bytes.size()); RELEASE_ASSERT(rc != 0, ""); stats_.ocsp_staple_responses_.inc(); } break; case OcspStapleAction::NoStaple: stats_.ocsp_staple_omitted_.inc(); break; case OcspStapleAction::Fail: stats_.ocsp_staple_failed_.inc(); return ssl_select_cert_error; case OcspStapleAction::ClientNotCapable: break; } RELEASE_ASSERT(SSL_set_SSL_CTX(ssl_client_hello->ssl, selected_ctx->ssl_ctx_.get()) != nullptr, ""); return ssl_select_cert_success; } void ServerContextImpl::TlsContext::addClientValidationContext( const Envoy::Ssl::CertificateValidationContextConfig& config, bool require_client_cert) { bssl::UniquePtr bio( BIO_new_mem_buf(const_cast(config.caCert().data()), config.caCert().size())); RELEASE_ASSERT(bio != nullptr, ""); // Based on BoringSSL's SSL_add_file_cert_subjects_to_stack(). bssl::UniquePtr list(sk_X509_NAME_new( [](const X509_NAME** a, const X509_NAME** b) -> int { return X509_NAME_cmp(*a, *b); })); RELEASE_ASSERT(list != nullptr, ""); for (;;) { bssl::UniquePtr cert(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr)); if (cert == nullptr) { break; } X509_NAME* name = X509_get_subject_name(cert.get()); if (name == nullptr) { throw EnvoyException( absl::StrCat("Failed to load trusted client CA certificates from ", config.caCertPath())); } // Check for duplicates. if (sk_X509_NAME_find(list.get(), nullptr, name)) { continue; } bssl::UniquePtr name_dup(X509_NAME_dup(name)); if (name_dup == nullptr || !sk_X509_NAME_push(list.get(), name_dup.release())) { throw EnvoyException( absl::StrCat("Failed to load trusted client CA certificates from ", config.caCertPath())); } } // Check for EOF. const uint32_t err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { ERR_clear_error(); } else { throw EnvoyException( absl::StrCat("Failed to load trusted client CA certificates from ", config.caCertPath())); } SSL_CTX_set_client_CA_list(ssl_ctx_.get(), list.release()); // SSL_VERIFY_PEER or stronger mode was already set in ContextImpl::ContextImpl(). if (require_client_cert) { SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); } } bool ServerContextImpl::TlsContext::isCipherEnabled(uint16_t cipher_id, uint16_t client_version) { const SSL_CIPHER* c = SSL_get_cipher_by_value(cipher_id); if (c == nullptr) { return false; } // Skip TLS 1.2 only ciphersuites unless the client supports it. if (SSL_CIPHER_get_min_version(c) > client_version) { return false; } if (SSL_CIPHER_get_auth_nid(c) != NID_auth_ecdsa) { return false; } for (const SSL_CIPHER* our_c : SSL_CTX_get_ciphers(ssl_ctx_.get())) { if (SSL_CIPHER_get_id(our_c) == SSL_CIPHER_get_id(c)) { return true; } } return false; } bool ContextImpl::verifyCertChain(X509& leaf_cert, STACK_OF(X509) & intermediates, std::string& error_details) { bssl::UniquePtr ctx(X509_STORE_CTX_new()); // It doesn't matter which SSL context is used, because they share the same // cert validation config. X509_STORE* store = SSL_CTX_get_cert_store(tls_contexts_[0].ssl_ctx_.get()); if (!X509_STORE_CTX_init(ctx.get(), store, &leaf_cert, &intermediates)) { error_details = "Failed to verify certificate chain: X509_STORE_CTX_init"; return false; } int res = doVerifyCertChain(ctx.get(), nullptr, leaf_cert, nullptr); if (res <= 0) { const int n = X509_STORE_CTX_get_error(ctx.get()); const int depth = X509_STORE_CTX_get_error_depth(ctx.get()); error_details = absl::StrCat("X509_verify_cert: certificate verification error at depth ", depth, ": ", X509_verify_cert_error_string(n)); return false; } return true; } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_impl.h ================================================ #pragma once #include #include #include #include #include #include "envoy/network/transport_socket.h" #include "envoy/ssl/context.h" #include "envoy/ssl/context_config.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/ssl_socket_extended_info.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/matchers.h" #include "common/stats/symbol_table_impl.h" #include "extensions/transport_sockets/tls/context_manager_impl.h" #include "extensions/transport_sockets/tls/ocsp/ocsp.h" #include "absl/synchronization/mutex.h" #include "openssl/ssl.h" #include "openssl/x509v3.h" namespace Envoy { #ifndef OPENSSL_IS_BORINGSSL #error Envoy requires BoringSSL #endif namespace Extensions { namespace TransportSockets { namespace Tls { #define ALL_SSL_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(connection_error) \ COUNTER(handshake) \ COUNTER(session_reused) \ COUNTER(no_certificate) \ COUNTER(fail_verify_no_cert) \ COUNTER(fail_verify_error) \ COUNTER(fail_verify_san) \ COUNTER(fail_verify_cert_hash) \ COUNTER(ocsp_staple_failed) \ COUNTER(ocsp_staple_omitted) \ COUNTER(ocsp_staple_responses) \ COUNTER(ocsp_staple_requests) /** * Wrapper struct for SSL stats. @see stats_macros.h */ struct SslStats { ALL_SSL_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; class ContextImpl : public virtual Envoy::Ssl::Context { public: virtual bssl::UniquePtr newSsl(const Network::TransportSocketOptions* options); /** * Logs successful TLS handshake and updates stats. * @param ssl the connection to log */ void logHandshake(SSL* ssl) const; /** * Performs subjectAltName verification * @param ssl the certificate to verify * @param subject_alt_names the configured subject_alt_names to match * @return true if the verification succeeds */ static bool verifySubjectAltName(X509* cert, const std::vector& subject_alt_names); /** * Performs subjectAltName matching with the provided matchers. * @param ssl the certificate to verify * @param subject_alt_name_matchers the configured matchers to match * @return true if the verification succeeds */ static bool matchSubjectAltName(X509* cert, const std::vector& subject_alt_name_matchers); /** * Determines whether the given name matches 'pattern' which may optionally begin with a wildcard. * NOTE: public for testing * @param dns_name the DNS name to match * @param pattern the pattern to match against (*.example.com) * @return true if the san matches pattern */ static bool dnsNameMatch(const absl::string_view dns_name, const absl::string_view pattern); SslStats& stats() { return stats_; } /** * The global SSL-library index used for storing a pointer to the SslExtendedSocketInfo * class in the SSL instance, for retrieval in callbacks. */ static int sslExtendedSocketInfoIndex(); // Ssl::Context size_t daysUntilFirstCertExpires() const override; Envoy::Ssl::CertificateDetailsPtr getCaCertInformation() const override; std::vector getCertChainInformation() const override; absl::optional secondsUntilFirstOcspResponseExpires() const override; std::vector getPrivateKeyMethodProviders(); bool verifyCertChain(X509& leaf_cert, STACK_OF(X509) & intermediates, std::string& error_details); protected: ContextImpl(Stats::Scope& scope, const Envoy::Ssl::ContextConfig& config, TimeSource& time_source); /** * The global SSL-library index used for storing a pointer to the context * in the SSL instance, for retrieval in callbacks. */ static int sslContextIndex(); // A X509_STORE_CTX_verify_cb callback for ignoring cert expiration in X509_verify_cert(). static int ignoreCertificateExpirationCallback(int ok, X509_STORE_CTX* store_ctx); // A SSL_CTX_set_cert_verify_callback for custom cert validation. static int verifyCallback(X509_STORE_CTX* store_ctx, void* arg); // Called by verifyCallback to do the actual cert chain verification. int doVerifyCertChain(X509_STORE_CTX* store_ctx, Ssl::SslExtendedSocketInfo* ssl_extended_info, X509& leaf_cert, const Network::TransportSocketOptions* transport_socket_options); Envoy::Ssl::ClientValidationStatus verifyCertificate(X509* cert, const std::vector& verify_san_list, const std::vector& subject_alt_name_matchers); /** * Verifies certificate hash for pinning. The hash is a hex-encoded SHA-256 of the DER-encoded * certificate. * * @param ssl the certificate to verify * @param expected_hashes the configured list of certificate hashes to match * @return true if the verification succeeds */ static bool verifyCertificateHashList(X509* cert, const std::vector>& expected_hashes); /** * Verifies certificate hash for pinning. The hash is a base64-encoded SHA-256 of the DER-encoded * Subject Public Key Information (SPKI) of the certificate. * * @param ssl the certificate to verify * @param expected_hashes the configured list of certificate hashes to match * @return true if the verification succeeds */ static bool verifyCertificateSpkiList(X509* cert, const std::vector>& expected_hashes); bool parseAndSetAlpn(const std::vector& alpn, SSL& ssl); std::vector parseAlpnProtocols(const std::string& alpn_protocols); static SslStats generateStats(Stats::Scope& scope); std::string getCaFileName() const { return ca_file_path_; }; void incCounter(const Stats::StatName name, absl::string_view value, const Stats::StatName fallback) const; Envoy::Ssl::CertificateDetailsPtr certificateDetails(X509* cert, const std::string& path, const Ocsp::OcspResponseWrapper* ocsp_response) const; struct TlsContext { // Each certificate specified for the context has its own SSL_CTX. SSL_CTXs // are identical with the exception of certificate material, and can be // safely substituted via SSL_set_SSL_CTX() during the // SSL_CTX_set_select_certificate_cb() callback following ClientHello. bssl::UniquePtr ssl_ctx_; bssl::UniquePtr cert_chain_; std::string cert_chain_file_path_; Ocsp::OcspResponseWrapperPtr ocsp_response_; bool is_ecdsa_{}; bool is_must_staple_{}; Ssl::PrivateKeyMethodProviderSharedPtr private_key_method_provider_{}; std::string getCertChainFileName() const { return cert_chain_file_path_; }; void addClientValidationContext(const Envoy::Ssl::CertificateValidationContextConfig& config, bool require_client_cert); bool isCipherEnabled(uint16_t cipher_id, uint16_t client_version); Envoy::Ssl::PrivateKeyMethodProviderSharedPtr getPrivateKeyMethodProvider() { return private_key_method_provider_; } }; // This is always non-empty, with the first context used for all new SSL // objects. For server contexts, once we have ClientHello, we // potentially switch to a different CertificateContext based on certificate // selection. std::vector tls_contexts_; bool verify_trusted_ca_{false}; std::vector verify_subject_alt_name_list_; std::vector subject_alt_name_matchers_; std::vector> verify_certificate_hash_list_; std::vector> verify_certificate_spki_list_; bool allow_untrusted_certificate_{false}; Stats::Scope& scope_; SslStats stats_; std::vector parsed_alpn_protocols_; bssl::UniquePtr ca_cert_; bssl::UniquePtr cert_chain_; std::string ca_file_path_; std::string cert_chain_file_path_; TimeSource& time_source_; const unsigned tls_max_version_; mutable Stats::StatNameSetPtr stat_name_set_; const Stats::StatName unknown_ssl_cipher_; const Stats::StatName unknown_ssl_curve_; const Stats::StatName unknown_ssl_algorithm_; const Stats::StatName unknown_ssl_version_; const Stats::StatName ssl_ciphers_; const Stats::StatName ssl_versions_; const Stats::StatName ssl_curves_; const Stats::StatName ssl_sigalgs_; const Ssl::HandshakerCapabilities capabilities_; }; using ContextImplSharedPtr = std::shared_ptr; class ClientContextImpl : public ContextImpl, public Envoy::Ssl::ClientContext { public: ClientContextImpl(Stats::Scope& scope, const Envoy::Ssl::ClientContextConfig& config, TimeSource& time_source); bssl::UniquePtr newSsl(const Network::TransportSocketOptions* options) override; private: int newSessionKey(SSL_SESSION* session); uint16_t parseSigningAlgorithmsForTest(const std::string& sigalgs); const std::string server_name_indication_; const bool allow_renegotiation_; const size_t max_session_keys_; absl::Mutex session_keys_mu_; std::deque> session_keys_ ABSL_GUARDED_BY(session_keys_mu_); bool session_keys_single_use_{false}; }; enum class OcspStapleAction { Staple, NoStaple, Fail, ClientNotCapable }; class ServerContextImpl : public ContextImpl, public Envoy::Ssl::ServerContext { public: ServerContextImpl(Stats::Scope& scope, const Envoy::Ssl::ServerContextConfig& config, const std::vector& server_names, TimeSource& time_source); private: using SessionContextID = std::array; int alpnSelectCallback(const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen); int sessionTicketProcess(SSL* ssl, uint8_t* key_name, uint8_t* iv, EVP_CIPHER_CTX* ctx, HMAC_CTX* hmac_ctx, int encrypt); bool isClientEcdsaCapable(const SSL_CLIENT_HELLO* ssl_client_hello); bool isClientOcspCapable(const SSL_CLIENT_HELLO* ssl_client_hello); // Select the TLS certificate context in SSL_CTX_set_select_certificate_cb() callback with // ClientHello details. enum ssl_select_cert_result_t selectTlsContext(const SSL_CLIENT_HELLO* ssl_client_hello); OcspStapleAction ocspStapleAction(const ServerContextImpl::TlsContext& ctx, bool client_ocsp_capable); SessionContextID generateHashForSessionContextId(const std::vector& server_names); const std::vector session_ticket_keys_; const Ssl::ServerContextConfig::OcspStaplePolicy ocsp_staple_policy_; }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_manager_impl.cc ================================================ #include "extensions/transport_sockets/tls/context_manager_impl.h" #include #include #include #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "extensions/transport_sockets/tls/context_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { ContextManagerImpl::~ContextManagerImpl() { removeEmptyContexts(); KNOWN_ISSUE_ASSERT(contexts_.empty(), "https://github.com/envoyproxy/envoy/issues/10030"); } void ContextManagerImpl::removeEmptyContexts() { contexts_.remove_if([](const std::weak_ptr& n) { return n.expired(); }); } Envoy::Ssl::ClientContextSharedPtr ContextManagerImpl::createSslClientContext(Stats::Scope& scope, const Envoy::Ssl::ClientContextConfig& config) { if (!config.isReady()) { return nullptr; } Envoy::Ssl::ClientContextSharedPtr context = std::make_shared(scope, config, time_source_); removeEmptyContexts(); contexts_.emplace_back(context); return context; } Envoy::Ssl::ServerContextSharedPtr ContextManagerImpl::createSslServerContext(Stats::Scope& scope, const Envoy::Ssl::ServerContextConfig& config, const std::vector& server_names) { if (!config.isReady()) { return nullptr; } Envoy::Ssl::ServerContextSharedPtr context = std::make_shared(scope, config, server_names, time_source_); removeEmptyContexts(); contexts_.emplace_back(context); return context; } size_t ContextManagerImpl::daysUntilFirstCertExpires() const { size_t ret = std::numeric_limits::max(); for (const auto& ctx_weak_ptr : contexts_) { Envoy::Ssl::ContextSharedPtr context = ctx_weak_ptr.lock(); if (context) { ret = std::min(context->daysUntilFirstCertExpires(), ret); } } return ret; } absl::optional ContextManagerImpl::secondsUntilFirstOcspResponseExpires() const { absl::optional ret; for (const auto& ctx_weak_ptr : contexts_) { Envoy::Ssl::ContextSharedPtr context = ctx_weak_ptr.lock(); if (context) { auto next_expiration = context->secondsUntilFirstOcspResponseExpires(); if (next_expiration) { ret = std::min(next_expiration.value(), ret.value_or(std::numeric_limits::max())); } } } return ret; } void ContextManagerImpl::iterateContexts(std::function callback) { for (const auto& ctx_weak_ptr : contexts_) { Envoy::Ssl::ContextSharedPtr context = ctx_weak_ptr.lock(); if (context) { callback(*context); } } } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/context_manager_impl.h ================================================ #pragma once #include #include #include "envoy/common/time.h" #include "envoy/ssl/context_manager.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/stats/scope.h" #include "extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { /** * The SSL context manager has the following threading model: * Contexts can be allocated via any thread (through in practice they are only allocated on the main * thread). They can be released from any thread (and in practice are since cluster information can * be released from any thread). Context allocation/free is a very uncommon thing so we just do a * global lock to protect it all. */ class ContextManagerImpl final : public Envoy::Ssl::ContextManager { public: ContextManagerImpl(TimeSource& time_source) : time_source_(time_source) {} ~ContextManagerImpl() override; // Ssl::ContextManager Ssl::ClientContextSharedPtr createSslClientContext(Stats::Scope& scope, const Envoy::Ssl::ClientContextConfig& config) override; Ssl::ServerContextSharedPtr createSslServerContext(Stats::Scope& scope, const Envoy::Ssl::ServerContextConfig& config, const std::vector& server_names) override; size_t daysUntilFirstCertExpires() const override; absl::optional secondsUntilFirstOcspResponseExpires() const override; void iterateContexts(std::function callback) override; Ssl::PrivateKeyMethodManager& privateKeyMethodManager() override { return private_key_method_manager_; }; private: void removeEmptyContexts(); TimeSource& time_source_; std::list> contexts_; PrivateKeyMethodManagerImpl private_key_method_manager_{}; }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/io_handle_bio.cc ================================================ #include "extensions/transport_sockets/tls/io_handle_bio.h" #include "envoy/buffer/buffer.h" #include "envoy/network/io_handle.h" #include "openssl/bio.h" #include "openssl/err.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace { // NOLINTNEXTLINE(readability-identifier-naming) inline Envoy::Network::IoHandle* bio_io_handle(BIO* bio) { return reinterpret_cast(bio->ptr); } // NOLINTNEXTLINE(readability-identifier-naming) int io_handle_new(BIO* bio) { bio->init = 0; bio->num = -1; bio->ptr = nullptr; bio->flags = 0; return 1; } // NOLINTNEXTLINE(readability-identifier-naming) int io_handle_free(BIO* bio) { if (bio == nullptr) { return 0; } if (bio->shutdown) { if (bio->init) { bio_io_handle(bio)->close(); } bio->init = 0; bio->flags = 0; } return 1; } // NOLINTNEXTLINE(readability-identifier-naming) int io_handle_read(BIO* b, char* out, int outl) { if (out == nullptr) { return 0; } Envoy::Buffer::RawSlice slice; slice.mem_ = out; slice.len_ = outl; auto result = bio_io_handle(b)->readv(outl, &slice, 1); BIO_clear_retry_flags(b); if (!result.ok()) { auto err = result.err_->getErrorCode(); if (err == Api::IoError::IoErrorCode::Again || err == Api::IoError::IoErrorCode::Interrupt) { BIO_set_retry_read(b); } return -1; } return result.rc_; } // NOLINTNEXTLINE(readability-identifier-naming) int io_handle_write(BIO* b, const char* in, int inl) { Envoy::Buffer::RawSlice slice; slice.mem_ = const_cast(in); slice.len_ = inl; auto result = bio_io_handle(b)->writev(&slice, 1); BIO_clear_retry_flags(b); if (!result.ok()) { auto err = result.err_->getErrorCode(); if (err == Api::IoError::IoErrorCode::Again || err == Api::IoError::IoErrorCode::Interrupt) { BIO_set_retry_write(b); } return -1; } return result.rc_; } // NOLINTNEXTLINE(readability-identifier-naming) long io_handle_ctrl(BIO* b, int cmd, long num, void*) { long ret = 1; switch (cmd) { case BIO_C_SET_FD: RELEASE_ASSERT(false, "should not be called"); break; case BIO_C_GET_FD: RELEASE_ASSERT(false, "should not be called"); break; case BIO_CTRL_GET_CLOSE: ret = b->shutdown; break; case BIO_CTRL_SET_CLOSE: b->shutdown = int(num); break; case BIO_CTRL_FLUSH: ret = 1; break; default: ret = 0; break; } return ret; } const BIO_METHOD methods_io_handlep = { BIO_TYPE_SOCKET, "io_handle", io_handle_write, io_handle_read, nullptr /* puts */, nullptr /* gets, */, io_handle_ctrl, io_handle_new, io_handle_free, nullptr /* callback_ctrl */, }; // NOLINTNEXTLINE(readability-identifier-naming) const BIO_METHOD* BIO_s_io_handle(void) { return &methods_io_handlep; } } // namespace // NOLINTNEXTLINE(readability-identifier-naming) BIO* BIO_new_io_handle(Envoy::Network::IoHandle* io_handle) { BIO* b; b = BIO_new(BIO_s_io_handle()); RELEASE_ASSERT(b != nullptr, ""); // Initialize the BIO b->num = -1; b->ptr = io_handle; b->shutdown = 0; b->init = 1; return b; } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/io_handle_bio.h ================================================ #pragma once #include "envoy/network/io_handle.h" #include "openssl/bio.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { /** * Creates a custom BIO that can read from/write to an IoHandle. It's equivalent to a socket BIO * but instead of relying on access to an fd, it relies on IoHandle APIs for all interactions. */ // NOLINTNEXTLINE(readability-identifier-naming) BIO* BIO_new_io_handle(Envoy::Network::IoHandle* io_handle); } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ocsp/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "ocsp_lib", srcs = ["ocsp.cc"], hdrs = ["ocsp.h"], repository = "", deps = [ ":asn1_utility_lib", "//include/envoy/common:time_interface", "//include/envoy/ssl:context_config_interface", "//source/extensions/transport_sockets/tls:utility_lib", ], ) envoy_cc_library( name = "asn1_utility_lib", srcs = ["asn1_utility.cc"], hdrs = ["asn1_utility.h"], repository = "", deps = [ "//include/envoy/common:time_interface", "//include/envoy/ssl:context_config_interface", "//source/common/common:c_smart_ptr_lib", ], ) ================================================ FILE: source/extensions/transport_sockets/tls/ocsp/asn1_utility.cc ================================================ #include "extensions/transport_sockets/tls/ocsp/asn1_utility.h" #include "common/common/c_smart_ptr.h" #include "absl/strings/ascii.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace Ocsp { namespace { // A type adapter since OPENSSL_free accepts void*. void freeOpensslString(char* str) { OPENSSL_free(str); } // `ASN1_INTEGER` is a type alias for `ASN1_STRING`. // This static_cast is intentional to avoid the // c-style cast performed in `M_ASN1_INTEGER_free`. void freeAsn1Integer(ASN1_INTEGER* integer) { ASN1_STRING_free(static_cast(integer)); } } // namespace absl::string_view Asn1Utility::cbsToString(CBS& cbs) { auto str_head = reinterpret_cast(CBS_data(&cbs)); return {str_head, CBS_len(&cbs)}; } ParsingResult> Asn1Utility::getOptional(CBS& cbs, unsigned tag) { int is_present; CBS data; if (!CBS_get_optional_asn1(&cbs, &data, &is_present, tag)) { return "Failed to parse ASN.1 element tag"; } return is_present ? absl::optional(data) : absl::nullopt; } ParsingResult Asn1Utility::parseOid(CBS& cbs) { CBS oid; if (!CBS_get_asn1(&cbs, &oid, CBS_ASN1_OBJECT)) { return absl::string_view("Input is not a well-formed ASN.1 OBJECT"); } CSmartPtr oid_text(CBS_asn1_oid_to_text(&oid)); if (oid_text == nullptr) { return absl::string_view("Failed to parse oid"); } std::string oid_text_str(oid_text.get()); return oid_text_str; } ParsingResult Asn1Utility::parseGeneralizedTime(CBS& cbs) { CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_GENERALIZEDTIME)) { return "Input is not a well-formed ASN.1 GENERALIZEDTIME"; } auto time_str = cbsToString(elem); // OCSP follows the RFC 5280 enforcement that `GENERALIZEDTIME` // fields MUST be in UTC, so must be suffixed with a Z character. // Local time or time differential, though a part of the `ASN.1` // `GENERALIZEDTIME` spec, are not supported. // Reference: https://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 if (time_str.length() > 0 && absl::ascii_toupper(time_str.at(time_str.length() - 1)) != 'Z') { return "GENERALIZEDTIME must be in UTC"; } absl::Time time; auto utc_time_str = time_str.substr(0, time_str.length() - 1); std::string parse_error; if (!absl::ParseTime(GENERALIZED_TIME_FORMAT, utc_time_str, &time, &parse_error)) { return "Error parsing string of GENERALIZEDTIME format"; } return absl::ToChronoTime(time); } // Performs the following conversions to go from bytestring to hex integer // `CBS` -> `ASN1_INTEGER` -> `BIGNUM` -> String. ParsingResult Asn1Utility::parseInteger(CBS& cbs) { CBS num; if (!CBS_get_asn1(&cbs, &num, CBS_ASN1_INTEGER)) { return absl::string_view("Input is not a well-formed ASN.1 INTEGER"); } auto head = CBS_data(&num); CSmartPtr asn1_integer( c2i_ASN1_INTEGER(nullptr, &head, CBS_len(&num))); if (asn1_integer != nullptr) { BIGNUM num_bn; BN_init(&num_bn); ASN1_INTEGER_to_BN(asn1_integer.get(), &num_bn); CSmartPtr char_hex_number(BN_bn2hex(&num_bn)); BN_free(&num_bn); if (char_hex_number != nullptr) { std::string hex_number(char_hex_number.get()); return hex_number; } } return absl::string_view("Failed to parse ASN.1 INTEGER"); } ParsingResult> Asn1Utility::parseOctetString(CBS& cbs) { CBS value; if (!CBS_get_asn1(&cbs, &value, CBS_ASN1_OCTETSTRING)) { return "Input is not a well-formed ASN.1 OCTETSTRING"; } auto data = reinterpret_cast(CBS_data(&value)); return std::vector{data, data + CBS_len(&value)}; } ParsingResult Asn1Utility::skipOptional(CBS& cbs, unsigned tag) { if (!CBS_get_optional_asn1(&cbs, nullptr, nullptr, tag)) { return "Failed to parse ASN.1 element tag"; } return absl::monostate(); } ParsingResult Asn1Utility::skip(CBS& cbs, unsigned tag) { if (!CBS_get_asn1(&cbs, nullptr, tag)) { return "Failed to parse ASN.1 element"; } return absl::monostate(); } } // namespace Ocsp } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ocsp/asn1_utility.h ================================================ #pragma once #include #include #include #include "envoy/common/exception.h" #include "envoy/common/time.h" #include "common/common/assert.h" #include "absl/types/optional.h" #include "absl/types/variant.h" #include "openssl/bn.h" #include "openssl/bytestring.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace Ocsp { constexpr absl::string_view GENERALIZED_TIME_FORMAT = "%E4Y%m%d%H%M%S"; /** * The result of parsing an `ASN.1` structure or an `absl::string_view` error * description. */ template using ParsingResult = absl::variant; /** * Construct a `T` from the data contained in the CBS&. Functions * of this type must advance the input CBS& over the element. */ template using Asn1ParsingFunc = std::function(CBS&)>; /** * Utility functions for parsing DER-encoded `ASN.1` objects. * This relies heavily on the 'openssl/bytestring' API which * is BoringSSL's recommended interface for parsing DER-encoded * `ASN.1` data when there is not an existing wrapper. * This is not a complete library for `ASN.1` parsing and primarily * serves as abstractions for the OCSP module, but can be * extended and moved into a general utility to support parsing of * additional `ASN.1` objects. * * Each function adheres to the invariant that given a reference * to a crypto `bytestring` (CBS&), it will parse the specified * `ASN.1` element and advance `cbs` over it. * * An exception is thrown if the `bytestring` is malformed or does * not match the specified `ASN.1` object. The position * of `cbs` is not reliable after an exception is thrown. */ class Asn1Utility { public: ~Asn1Utility() = default; /** * Extracts the full contents of `cbs` as a string. * * @param `cbs` a CBS& that refers to the current document position * @returns absl::string_view containing the contents of `cbs` */ static absl::string_view cbsToString(CBS& cbs); /** * Parses all elements of an `ASN.1` SEQUENCE OF. `parse_element` must * advance its input CBS& over the entire element. * * @param cbs a CBS& that refers to an `ASN.1` SEQUENCE OF object * @param parse_element an `Asn1ParsingFunc` used to parse each element * @returns ParsingResult> containing the parsed elements of the sequence * or an error string if `cbs` does not point to a well-formed * SEQUENCE OF object. */ template static ParsingResult> parseSequenceOf(CBS& cbs, Asn1ParsingFunc parse_element); /** * Checks if an explicitly tagged optional element of `tag` is present and * if so parses its value with `parse_data`. If the element is not present, * `cbs` is not advanced. * * @param cbs a CBS& that refers to the current document position * @param parse_data an `Asn1ParsingFunc` used to parse the data if present * @return ParsingResult> with a `T` if `cbs` is of the specified tag, * nullopt if the element has a different tag, or an error string if parsing fails. */ template static ParsingResult> parseOptional(CBS& cbs, Asn1ParsingFunc parse_data, unsigned tag); /** * Returns whether or not an element explicitly tagged with `tag` is present * at `cbs`. If so, `cbs` is advanced over the optional and assigns * `data` to the inner element, if `data` is not nullptr. * If `cbs` does not contain `tag`, `cbs` remains at the same position. * * @param cbs a CBS& that refers to the current document position * @param an unsigned explicit tag indicating an optional value * * @returns ParsingResult whether `cbs` points to an element tagged with `tag` or * an error string if parsing fails. */ static ParsingResult> getOptional(CBS& cbs, unsigned tag); /** * @param cbs a CBS& that refers to an `ASN.1` OBJECT IDENTIFIER element * @returns ParsingResult the `OID` encoded in `cbs` or an error * string if `cbs` does not point to a well-formed OBJECT IDENTIFIER */ static ParsingResult parseOid(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` `GENERALIZEDTIME` element * @returns ParsingResult the UTC timestamp encoded in `cbs` * or an error string if `cbs` does not point to a well-formed * `GENERALIZEDTIME` */ static ParsingResult parseGeneralizedTime(CBS& cbs); /** * Parses an `ASN.1` INTEGER type into its hex string representation. * `ASN.1` INTEGER types are arbitrary precision. * If you're SURE the integer fits into a fixed-size int, * use `CBS_get_asn1_*` functions for the given integer type instead. * * @param cbs a CBS& that refers to an `ASN.1` INTEGER element * @returns ParsingResult a hex representation of the integer * or an error string if `cbs` does not point to a well-formed INTEGER */ static ParsingResult parseInteger(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` `OCTETSTRING` element * @returns ParsingResult> the octets in `cbs` or * an error string if `cbs` does not point to a well-formed `OCTETSTRING` */ static ParsingResult> parseOctetString(CBS& cbs); /** * Advance `cbs` over an `ASN.1` value of the class `tag` if that * value is present. Otherwise, `cbs` stays in the same position. * * @param cbs a CBS& that refers to the current document position * @param tag the tag of the value to skip * @returns `ParsingResult` a unit type denoting success * or an error string if parsing fails. */ static ParsingResult skipOptional(CBS& cbs, unsigned tag); /** * Advance `cbs` over an `ASN.1` value of the class `tag`. * * @param cbs a CBS& that refers to the current document position * @param tag the tag of the value to skip * @returns `ParsingResult` a unit type denoting success * or an error string if parsing fails. */ static ParsingResult skip(CBS& cbs, unsigned tag); }; template ParsingResult> Asn1Utility::parseSequenceOf(CBS& cbs, Asn1ParsingFunc parse_element) { CBS seq_elem; std::vector vec; // Initialize seq_elem to first element in sequence. if (!CBS_get_asn1(&cbs, &seq_elem, CBS_ASN1_SEQUENCE)) { return "Expected sequence of ASN.1 elements."; } while (CBS_data(&seq_elem) < CBS_data(&cbs)) { // parse_element MUST advance seq_elem auto elem_res = parse_element(seq_elem); if (absl::holds_alternative(elem_res)) { vec.push_back(absl::get<0>(elem_res)); } else { return absl::get<1>(elem_res); } } RELEASE_ASSERT(CBS_data(&cbs) == CBS_data(&seq_elem), "Sequence tag length must match actual length or element parsing would fail"); return vec; } template ParsingResult> Asn1Utility::parseOptional(CBS& cbs, Asn1ParsingFunc parse_data, unsigned tag) { auto maybe_data_res = getOptional(cbs, tag); if (absl::holds_alternative(maybe_data_res)) { return absl::get(maybe_data_res); } auto maybe_data = absl::get>(maybe_data_res); if (maybe_data) { auto res = parse_data(maybe_data.value()); if (absl::holds_alternative(res)) { return absl::get<0>(res); } return absl::get<1>(res); } return absl::nullopt; } } // namespace Ocsp } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ocsp/ocsp.cc ================================================ #include "extensions/transport_sockets/tls/ocsp/ocsp.h" #include "common/common/utility.h" #include "extensions/transport_sockets/tls/ocsp/asn1_utility.h" #include "extensions/transport_sockets/tls/utility.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace Ocsp { namespace CertUtility = Envoy::Extensions::TransportSockets::Tls::Utility; namespace { template T unwrap(ParsingResult res) { if (absl::holds_alternative(res)) { return absl::get<0>(res); } throw EnvoyException(std::string(absl::get<1>(res))); } unsigned parseTag(CBS& cbs) { unsigned tag; if (!CBS_get_any_asn1_element(&cbs, nullptr, &tag, nullptr)) { throw EnvoyException("Failed to parse ASN.1 element tag"); } return tag; } std::unique_ptr readDerEncodedOcspResponse(const std::vector& der) { CBS cbs; CBS_init(&cbs, der.data(), der.size()); auto resp = Asn1OcspUtility::parseOcspResponse(cbs); if (CBS_len(&cbs) != 0) { throw EnvoyException("Data contained more than a single OCSP response"); } return resp; } void skipResponderId(CBS& cbs) { // ResponderID ::= CHOICE { // byName [1] Name, // byKey [2] KeyHash // } // // KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key // (excluding the tag and length fields) if (unwrap(Asn1Utility::getOptional(cbs, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1)) || unwrap(Asn1Utility::getOptional(cbs, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 2))) { return; } throw EnvoyException(absl::StrCat("Unknown choice for Responder ID: ", parseTag(cbs))); } void skipCertStatus(CBS& cbs) { // CertStatus ::= CHOICE { // good [0] IMPLICIT NULL, // revoked [1] IMPLICIT RevokedInfo, // unknown [2] IMPLICIT UnknownInfo // } if (!(unwrap(Asn1Utility::getOptional(cbs, CBS_ASN1_CONTEXT_SPECIFIC | 0)) || unwrap( Asn1Utility::getOptional(cbs, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1)) || unwrap(Asn1Utility::getOptional(cbs, CBS_ASN1_CONTEXT_SPECIFIC | 2)))) { throw EnvoyException(absl::StrCat("Unknown OcspCertStatus tag: ", parseTag(cbs))); } } } // namespace OcspResponse::OcspResponse(OcspResponseStatus status, ResponsePtr response) : status_(status), response_(std::move(response)) {} BasicOcspResponse::BasicOcspResponse(ResponseData data) : data_(data) {} ResponseData::ResponseData(std::vector single_responses) : single_responses_(std::move(single_responses)) {} SingleResponse::SingleResponse(CertId cert_id, Envoy::SystemTime this_update, absl::optional next_update) : cert_id_(cert_id), this_update_(this_update), next_update_(next_update) {} CertId::CertId(std::string serial_number) : serial_number_(serial_number) {} OcspResponseWrapper::OcspResponseWrapper(std::vector der_response, TimeSource& time_source) : raw_bytes_(std::move(der_response)), response_(readDerEncodedOcspResponse(raw_bytes_)), time_source_(time_source) { if (response_->status_ != OcspResponseStatus::Successful) { throw EnvoyException("OCSP response was unsuccessful"); } if (response_->response_ == nullptr) { throw EnvoyException("OCSP response has no body"); } // We only permit a 1:1 of certificate to response. if (response_->response_->getNumCerts() != 1) { throw EnvoyException("OCSP Response must be for one certificate only"); } auto& this_update = response_->response_->getThisUpdate(); if (time_source_.systemTime() < this_update) { std::string time_format(GENERALIZED_TIME_FORMAT); DateFormatter formatter(time_format); ENVOY_LOG_MISC(warn, "OCSP Response thisUpdate field is set in the future: {}", formatter.fromTime(this_update)); } } // We use just the serial number to uniquely identify a certificate. // Though different issuers could produce certificates with the same serial // number, this is check is to prevent operator error and a collision in this // case is unlikely. bool OcspResponseWrapper::matchesCertificate(X509& cert) const { std::string cert_serial_number = CertUtility::getSerialNumberFromCertificate(cert); std::string resp_cert_serial_number = response_->response_->getCertSerialNumber(); return resp_cert_serial_number == cert_serial_number; } bool OcspResponseWrapper::isExpired() { auto& next_update = response_->response_->getNextUpdate(); return next_update == absl::nullopt || next_update < time_source_.systemTime(); } uint64_t OcspResponseWrapper::secondsUntilExpiration() const { auto& next_update = response_->response_->getNextUpdate(); auto now = time_source_.systemTime(); if (!next_update || next_update.value() <= now) { return 0; } return std::chrono::duration_cast(next_update.value() - now).count(); } Envoy::SystemTime OcspResponseWrapper::getThisUpdate() const { return response_->response_->getThisUpdate(); } Envoy::SystemTime OcspResponseWrapper::getNextUpdate() const { auto& next_update = response_->response_->getNextUpdate(); if (next_update) { return *next_update; } return time_source_.systemTime(); } std::unique_ptr Asn1OcspUtility::parseOcspResponse(CBS& cbs) { // OCSPResponse ::= SEQUENCE { // responseStatus OCSPResponseStatus, // responseBytes [0] EXPLICIT ResponseBytes OPTIONAL // } CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP Response is not a well-formed ASN.1 SEQUENCE"); } OcspResponseStatus status = Asn1OcspUtility::parseResponseStatus(elem); auto maybe_bytes = unwrap(Asn1Utility::getOptional(elem, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0)); ResponsePtr resp = nullptr; if (maybe_bytes) { resp = Asn1OcspUtility::parseResponseBytes(maybe_bytes.value()); } return std::make_unique(status, std::move(resp)); } OcspResponseStatus Asn1OcspUtility::parseResponseStatus(CBS& cbs) { // OCSPResponseStatus ::= ENUMERATED { // successful (0), -- Response has valid confirmations // malformedRequest (1), -- Illegal confirmation request // internalError (2), -- Internal error in issuer // tryLater (3), -- Try again later // -- (4) is not used // sigRequired (5), -- Must sign the request // unauthorized (6) -- Request unauthorized // } CBS status; if (!CBS_get_asn1(&cbs, &status, CBS_ASN1_ENUMERATED)) { throw EnvoyException("OCSP ResponseStatus is not a well-formed ASN.1 ENUMERATED"); } auto status_ordinal = *CBS_data(&status); switch (status_ordinal) { case 0: return OcspResponseStatus::Successful; case 1: return OcspResponseStatus::MalformedRequest; case 2: return OcspResponseStatus::InternalError; case 3: return OcspResponseStatus::TryLater; case 5: return OcspResponseStatus::SigRequired; case 6: return OcspResponseStatus::Unauthorized; default: throw EnvoyException(absl::StrCat("Unknown OCSP Response Status variant: ", status_ordinal)); } } ResponsePtr Asn1OcspUtility::parseResponseBytes(CBS& cbs) { // ResponseBytes ::= SEQUENCE { // responseType RESPONSE. // &id ({ResponseSet}), // response OCTET STRING (CONTAINING RESPONSE. // &Type({ResponseSet}{@responseType})) // } CBS elem, response; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP ResponseBytes is not a well-formed SEQUENCE"); } auto oid_str = unwrap(Asn1Utility::parseOid(elem)); if (!CBS_get_asn1(&elem, &response, CBS_ASN1_OCTETSTRING)) { throw EnvoyException("Expected ASN.1 OCTETSTRING for response"); } if (oid_str == BasicOcspResponse::OID) { return Asn1OcspUtility::parseBasicOcspResponse(response); } throw EnvoyException(absl::StrCat("Unknown OCSP Response type with OID: ", oid_str)); } std::unique_ptr Asn1OcspUtility::parseBasicOcspResponse(CBS& cbs) { // BasicOCSPResponse ::= SEQUENCE { // tbsResponseData ResponseData, // signatureAlgorithm AlgorithmIdentifier{SIGNATURE-ALGORITHM, // {`sa-dsaWithSHA1` | `sa-rsaWithSHA1` | // `sa-rsaWithMD5` | `sa-rsaWithMD2`, ...}}, // signature BIT STRING, // certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL // } CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP BasicOCSPResponse is not a wellf-formed ASN.1 SEQUENCE"); } auto response_data = Asn1OcspUtility::parseResponseData(elem); // The `signatureAlgorithm` and `signature` are ignored because OCSP // responses are expected to be delivered from a reliable source. // Optional additional certs are ignored. return std::make_unique(response_data); } ResponseData Asn1OcspUtility::parseResponseData(CBS& cbs) { // ResponseData ::= SEQUENCE { // version [0] EXPLICIT Version DEFAULT v1, // responderID ResponderID, // producedAt GeneralizedTime, // responses SEQUENCE OF SingleResponse, // responseExtensions [1] EXPLICIT Extensions OPTIONAL // } CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP ResponseData is not a well-formed ASN.1 SEQUENCE"); } unwrap(Asn1Utility::skipOptional(elem, 0)); skipResponderId(elem); unwrap(Asn1Utility::skip(elem, CBS_ASN1_GENERALIZEDTIME)); auto responses = unwrap(Asn1Utility::parseSequenceOf( elem, [](CBS& cbs) -> ParsingResult { return ParsingResult(parseSingleResponse(cbs)); })); // Extensions currently ignored. return {std::move(responses)}; } SingleResponse Asn1OcspUtility::parseSingleResponse(CBS& cbs) { // SingleResponse ::= SEQUENCE { // certID CertID, // certStatus CertStatus, // thisUpdate GeneralizedTime, // nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, // singleExtensions [1] EXPLICIT Extensions OPTIONAL // } CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP SingleResponse is not a well-formed ASN.1 SEQUENCE"); } auto cert_id = Asn1OcspUtility::parseCertId(elem); skipCertStatus(elem); auto this_update = unwrap(Asn1Utility::parseGeneralizedTime(elem)); auto next_update = unwrap(Asn1Utility::parseOptional( elem, Asn1Utility::parseGeneralizedTime, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0)); // Extensions currently ignored. return {cert_id, this_update, next_update}; } CertId Asn1OcspUtility::parseCertId(CBS& cbs) { // CertID ::= SEQUENCE { // hashAlgorithm AlgorithmIdentifier, // issuerNameHash OCTET STRING, -- Hash of issuer's `DN` // issuerKeyHash OCTET STRING, -- Hash of issuer's public key // serialNumber CertificateSerialNumber // } CBS elem; if (!CBS_get_asn1(&cbs, &elem, CBS_ASN1_SEQUENCE)) { throw EnvoyException("OCSP CertID is not a well-formed ASN.1 SEQUENCE"); } unwrap(Asn1Utility::skip(elem, CBS_ASN1_SEQUENCE)); unwrap(Asn1Utility::skip(elem, CBS_ASN1_OCTETSTRING)); unwrap(Asn1Utility::skip(elem, CBS_ASN1_OCTETSTRING)); auto serial_number = unwrap(Asn1Utility::parseInteger(elem)); return {serial_number}; } } // namespace Ocsp } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ocsp/ocsp.h ================================================ #pragma once #include #include #include #include "envoy/common/exception.h" #include "envoy/common/time.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "openssl/bytestring.h" #include "openssl/ssl.h" /** * Data structures and functions for unmarshaling OCSP responses * according to the RFC6960 B.2 spec. See: https://tools.ietf.org/html/rfc6960#appendix-B * * WARNING: This module is meant to validate that OCSP responses are well-formed * and extract useful fields for OCSP stapling. This assumes that responses are * provided from configs or another trusted source and does not perform * checks necessary to verify responses coming from an upstream server. */ namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace Ocsp { /** * Reflection of the `ASN.1` OcspResponseStatus enumeration. * The possible statuses that can accompany an OCSP response. */ enum class OcspResponseStatus { // OCSPResponseStatus ::= ENUMERATED { // successful (0), -- Response has valid confirmations // malformedRequest (1), -- Illegal confirmation request // internalError (2), -- Internal error in issuer // tryLater (3), -- Try again later // -- (4) is not used // sigRequired (5), -- Must sign the request // unauthorized (6) -- Request unauthorized // } Successful = 0, MalformedRequest = 1, InternalError = 2, TryLater = 3, SigRequired = 5, Unauthorized = 6 }; /** * Partial reflection of the `ASN.1` CertId structure. * Contains the information to identify an SSL Certificate. * Serial numbers are guaranteed to be * unique per issuer but not necessarily universally. */ struct CertId { CertId(std::string serial_number); std::string serial_number_; }; /** * Partial reflection of the `ASN.1` SingleResponse structure. * Contains information about the OCSP status of a single certificate. * An OCSP request may request the status of multiple certificates and * therefore responses may contain multiple SingleResponses. * * this_update_ and next_update_ reflect the validity period for this response. * If next_update_ is not present, the OCSP responder always has new information * available. In this case the response would be considered immediately expired * and invalid for stapling. */ struct SingleResponse { SingleResponse(CertId cert_id, Envoy::SystemTime this_update, absl::optional next_update); const CertId cert_id_; const Envoy::SystemTime this_update_; const absl::optional next_update_; }; /** * Partial reflection of the `ASN.1` ResponseData structure. * Contains an OCSP response for each certificate in a given request * as well as the time at which the response was produced. */ struct ResponseData { ResponseData(std::vector single_responses); const std::vector single_responses_; }; /** * An abstract type for OCSP response formats. Which variant of `Response` is * used in an `OcspResponse` is indicated by the structure's `OID`. * * Envoy enforces that OCSP responses must be for a single certificate * only. The methods on this class extract the relevant information for the * single certificate contained in the response. */ class Response { public: virtual ~Response() = default; /** * @return The number of certs reported on by this response. */ virtual size_t getNumCerts() PURE; /** * @return The serial number of the certificate. */ virtual const std::string& getCertSerialNumber() PURE; /** * @return The beginning of the validity window for this response. */ virtual const Envoy::SystemTime& getThisUpdate() PURE; /** * The time at which this response is considered to expire. If * `nullopt`, then there is assumed to always be more up-to-date * information available and the response is always considered expired. * * @return The end of the validity window for this response. */ virtual const absl::optional& getNextUpdate() PURE; }; using ResponsePtr = std::unique_ptr; /** * Reflection of the `ASN.1` BasicOcspResponse structure. * Contains the full data of an OCSP response. * Envoy enforces that OCSP responses contain a response for only * a single certificate. * * BasicOcspResponse is the only supported Response type in RFC 6960. */ class BasicOcspResponse : public Response { public: BasicOcspResponse(ResponseData data); // Response size_t getNumCerts() override { return data_.single_responses_.size(); } const std::string& getCertSerialNumber() override { return data_.single_responses_[0].cert_id_.serial_number_; } const Envoy::SystemTime& getThisUpdate() override { return data_.single_responses_[0].this_update_; } const absl::optional& getNextUpdate() override { return data_.single_responses_[0].next_update_; } // Identified as `id-pkix-ocsp-basic` in // https://tools.ietf.org/html/rfc6960#appendix-B.2 constexpr static absl::string_view OID = "1.3.6.1.5.5.7.48.1.1"; private: const ResponseData data_; }; /** * Reflection of the `ASN.1` OcspResponse structure. * This is the top-level data structure for OCSP responses. */ struct OcspResponse { OcspResponse(OcspResponseStatus status, ResponsePtr response); OcspResponseStatus status_; ResponsePtr response_; }; /** * A wrapper used to own and query an OCSP response in DER-encoded format. */ class OcspResponseWrapper { public: OcspResponseWrapper(std::vector der_response, TimeSource& time_source); /** * @return std::vector& a reference to the underlying bytestring representation * of the OCSP response */ const std::vector& rawBytes() const { return raw_bytes_; } /** * @return OcspResponseStatus whether the OCSP response was successfully created * or a status indicating an error in the OCSP process */ OcspResponseStatus getResponseStatus() const { return response_->status_; } /** * @param cert a X509& SSL certificate * @returns bool whether this OCSP response contains the revocation status of `cert` */ bool matchesCertificate(X509& cert) const; /** * Determines whether the OCSP response can no longer be considered valid. * This can be true if the nextUpdate field of the response has passed * or is not present, indicating that there is always more updated information * available. * * @returns bool if the OCSP response is expired. */ bool isExpired(); /** * @returns the seconds until this OCSP response expires. */ uint64_t secondsUntilExpiration() const; /** * @return The beginning of the validity window for this response. */ Envoy::SystemTime getThisUpdate() const; /** * The time at which this response is considered to expire. If * the underlying response does not have a value, then the current * time is returned. * * @return The end of the validity window for this response. */ Envoy::SystemTime getNextUpdate() const; private: const std::vector raw_bytes_; const std::unique_ptr response_; TimeSource& time_source_; }; using OcspResponseWrapperPtr = std::unique_ptr; /** * `ASN.1` DER-encoded parsing functions similar to `Asn1Utility` but specifically * for structures related to OCSP. * * Each function must advance `cbs` across the element it refers to. */ class Asn1OcspUtility { public: /** * @param `cbs` a CBS& that refers to an `ASN.1` OcspResponse element * @returns std::unique_ptr the OCSP response encoded in `cbs` * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed OcspResponse * element. */ static std::unique_ptr parseOcspResponse(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` OcspResponseStatus element * @returns OcspResponseStatus the OCSP response encoded in `cbs` * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * OcspResponseStatus element. */ static OcspResponseStatus parseResponseStatus(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` Response element * @returns Response containing the content of an OCSP response * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * structure that is a valid Response type. */ static ResponsePtr parseResponseBytes(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` BasicOcspResponse element * @returns BasicOcspResponse containing the content of an OCSP response * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * BasicOcspResponse element. */ static std::unique_ptr parseBasicOcspResponse(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` ResponseData element * @returns ResponseData containing the content of an OCSP response relating * to certificate statuses. * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * ResponseData element. */ static ResponseData parseResponseData(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` SingleResponse element * @returns SingleResponse containing the id and revocation status of * a single certificate. * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * SingleResponse element. */ static SingleResponse parseSingleResponse(CBS& cbs); /** * @param cbs a CBS& that refers to an `ASN.1` CertId element * @returns CertId containing the information necessary to uniquely identify * an SSL certificate. * @throws Envoy::EnvoyException if `cbs` does not contain a well-formed * CertId element. */ static CertId parseCertId(CBS& cbs); }; } // namespace Ocsp } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/private_key/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "private_key_manager_lib", srcs = [ "private_key_manager_impl.cc", ], hdrs = [ "private_key_manager_impl.h", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/registry", "//include/envoy/ssl/private_key:private_key_config_interface", "//include/envoy/ssl/private_key:private_key_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.cc ================================================ #include "extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/registry/registry.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { Envoy::Ssl::PrivateKeyMethodProviderSharedPtr PrivateKeyMethodManagerImpl::createPrivateKeyMethodProvider( const envoy::extensions::transport_sockets::tls::v3::PrivateKeyProvider& config, Server::Configuration::TransportSocketFactoryContext& factory_context) { Ssl::PrivateKeyMethodProviderInstanceFactory* factory = Registry::FactoryRegistry::getFactory( config.provider_name()); // Create a new provider instance with the configuration. if (factory) { return factory->createPrivateKeyMethodProviderInstance(config, factory_context); } return nullptr; } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.h ================================================ #pragma once #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/private_key/private_key_config.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { class PrivateKeyMethodManagerImpl : public virtual Ssl::PrivateKeyMethodManager { public: // Ssl::PrivateKeyMethodManager Ssl::PrivateKeyMethodProviderSharedPtr createPrivateKeyMethodProvider( const envoy::extensions::transport_sockets::tls::v3::PrivateKeyProvider& config, Server::Configuration::TransportSocketFactoryContext& factory_context) override; }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ssl_handshaker.cc ================================================ #include "extensions/transport_sockets/tls/ssl_handshaker.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/hex.h" #include "common/http/headers.h" #include "extensions/transport_sockets/tls/utility.h" #include "absl/strings/str_replace.h" #include "openssl/err.h" #include "openssl/x509v3.h" using Envoy::Network::PostIoAction; namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { void SslExtendedSocketInfoImpl::setCertificateValidationStatus( Envoy::Ssl::ClientValidationStatus validated) { certificate_validation_status_ = validated; } Envoy::Ssl::ClientValidationStatus SslExtendedSocketInfoImpl::certificateValidationStatus() const { return certificate_validation_status_; } SslHandshakerImpl::SslHandshakerImpl(bssl::UniquePtr ssl, int ssl_extended_socket_info_index, Ssl::HandshakeCallbacks* handshake_callbacks) : ssl_(std::move(ssl)), handshake_callbacks_(handshake_callbacks), state_(Ssl::SocketState::PreHandshake) { SSL_set_ex_data(ssl_.get(), ssl_extended_socket_info_index, &(this->extended_socket_info_)); } bool SslHandshakerImpl::peerCertificatePresented() const { bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); return cert != nullptr; } bool SslHandshakerImpl::peerCertificateValidated() const { return extended_socket_info_.certificateValidationStatus() == Envoy::Ssl::ClientValidationStatus::Validated; } absl::Span SslHandshakerImpl::uriSanLocalCertificate() const { if (!cached_uri_san_local_certificate_.empty()) { return cached_uri_san_local_certificate_; } // The cert object is not owned. X509* cert = SSL_get_certificate(ssl()); if (!cert) { ASSERT(cached_uri_san_local_certificate_.empty()); return cached_uri_san_local_certificate_; } cached_uri_san_local_certificate_ = Utility::getSubjectAltNames(*cert, GEN_URI); return cached_uri_san_local_certificate_; } absl::Span SslHandshakerImpl::dnsSansLocalCertificate() const { if (!cached_dns_san_local_certificate_.empty()) { return cached_dns_san_local_certificate_; } X509* cert = SSL_get_certificate(ssl()); if (!cert) { ASSERT(cached_dns_san_local_certificate_.empty()); return cached_dns_san_local_certificate_; } cached_dns_san_local_certificate_ = Utility::getSubjectAltNames(*cert, GEN_DNS); return cached_dns_san_local_certificate_; } const std::string& SslHandshakerImpl::sha256PeerCertificateDigest() const { if (!cached_sha_256_peer_certificate_digest_.empty()) { return cached_sha_256_peer_certificate_digest_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_sha_256_peer_certificate_digest_.empty()); return cached_sha_256_peer_certificate_digest_; } std::vector computed_hash(SHA256_DIGEST_LENGTH); unsigned int n; X509_digest(cert.get(), EVP_sha256(), computed_hash.data(), &n); RELEASE_ASSERT(n == computed_hash.size(), ""); cached_sha_256_peer_certificate_digest_ = Hex::encode(computed_hash); return cached_sha_256_peer_certificate_digest_; } const std::string& SslHandshakerImpl::sha1PeerCertificateDigest() const { if (!cached_sha_1_peer_certificate_digest_.empty()) { return cached_sha_1_peer_certificate_digest_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_sha_1_peer_certificate_digest_.empty()); return cached_sha_1_peer_certificate_digest_; } std::vector computed_hash(SHA_DIGEST_LENGTH); unsigned int n; X509_digest(cert.get(), EVP_sha1(), computed_hash.data(), &n); RELEASE_ASSERT(n == computed_hash.size(), ""); cached_sha_1_peer_certificate_digest_ = Hex::encode(computed_hash); return cached_sha_1_peer_certificate_digest_; } const std::string& SslHandshakerImpl::urlEncodedPemEncodedPeerCertificate() const { if (!cached_url_encoded_pem_encoded_peer_certificate_.empty()) { return cached_url_encoded_pem_encoded_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_url_encoded_pem_encoded_peer_certificate_.empty()); return cached_url_encoded_pem_encoded_peer_certificate_; } bssl::UniquePtr buf(BIO_new(BIO_s_mem())); RELEASE_ASSERT(buf != nullptr, ""); RELEASE_ASSERT(PEM_write_bio_X509(buf.get(), cert.get()) == 1, ""); const uint8_t* output; size_t length; RELEASE_ASSERT(BIO_mem_contents(buf.get(), &output, &length) == 1, ""); absl::string_view pem(reinterpret_cast(output), length); cached_url_encoded_pem_encoded_peer_certificate_ = absl::StrReplaceAll( pem, {{"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}}); return cached_url_encoded_pem_encoded_peer_certificate_; } const std::string& SslHandshakerImpl::urlEncodedPemEncodedPeerCertificateChain() const { if (!cached_url_encoded_pem_encoded_peer_cert_chain_.empty()) { return cached_url_encoded_pem_encoded_peer_cert_chain_; } STACK_OF(X509)* cert_chain = SSL_get_peer_full_cert_chain(ssl()); if (cert_chain == nullptr) { ASSERT(cached_url_encoded_pem_encoded_peer_cert_chain_.empty()); return cached_url_encoded_pem_encoded_peer_cert_chain_; } for (uint64_t i = 0; i < sk_X509_num(cert_chain); i++) { X509* cert = sk_X509_value(cert_chain, i); bssl::UniquePtr buf(BIO_new(BIO_s_mem())); RELEASE_ASSERT(buf != nullptr, ""); RELEASE_ASSERT(PEM_write_bio_X509(buf.get(), cert) == 1, ""); const uint8_t* output; size_t length; RELEASE_ASSERT(BIO_mem_contents(buf.get(), &output, &length) == 1, ""); absl::string_view pem(reinterpret_cast(output), length); cached_url_encoded_pem_encoded_peer_cert_chain_ = absl::StrCat( cached_url_encoded_pem_encoded_peer_cert_chain_, absl::StrReplaceAll( pem, {{"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}})); } return cached_url_encoded_pem_encoded_peer_cert_chain_; } absl::Span SslHandshakerImpl::uriSanPeerCertificate() const { if (!cached_uri_san_peer_certificate_.empty()) { return cached_uri_san_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_uri_san_peer_certificate_.empty()); return cached_uri_san_peer_certificate_; } cached_uri_san_peer_certificate_ = Utility::getSubjectAltNames(*cert, GEN_URI); return cached_uri_san_peer_certificate_; } absl::Span SslHandshakerImpl::dnsSansPeerCertificate() const { if (!cached_dns_san_peer_certificate_.empty()) { return cached_dns_san_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_dns_san_peer_certificate_.empty()); return cached_dns_san_peer_certificate_; } cached_dns_san_peer_certificate_ = Utility::getSubjectAltNames(*cert, GEN_DNS); return cached_dns_san_peer_certificate_; } uint16_t SslHandshakerImpl::ciphersuiteId() const { const SSL_CIPHER* cipher = SSL_get_current_cipher(ssl()); if (cipher == nullptr) { return 0xffff; } // From the OpenSSL docs: // SSL_CIPHER_get_id returns |cipher|'s id. It may be cast to a |uint16_t| to // get the cipher suite value. return static_cast(SSL_CIPHER_get_id(cipher)); } std::string SslHandshakerImpl::ciphersuiteString() const { const SSL_CIPHER* cipher = SSL_get_current_cipher(ssl()); if (cipher == nullptr) { return {}; } return SSL_CIPHER_get_name(cipher); } const std::string& SslHandshakerImpl::tlsVersion() const { if (!cached_tls_version_.empty()) { return cached_tls_version_; } cached_tls_version_ = SSL_get_version(ssl()); return cached_tls_version_; } Network::PostIoAction SslHandshakerImpl::doHandshake() { ASSERT(state_ != Ssl::SocketState::HandshakeComplete && state_ != Ssl::SocketState::ShutdownSent); int rc = SSL_do_handshake(ssl()); if (rc == 1) { state_ = Ssl::SocketState::HandshakeComplete; handshake_callbacks_->onSuccess(ssl()); // It's possible that we closed during the handshake callback. return handshake_callbacks_->connection().state() == Network::Connection::State::Open ? PostIoAction::KeepOpen : PostIoAction::Close; } else { int err = SSL_get_error(ssl(), rc); switch (err) { case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: return PostIoAction::KeepOpen; case SSL_ERROR_WANT_PRIVATE_KEY_OPERATION: state_ = Ssl::SocketState::HandshakeInProgress; return PostIoAction::KeepOpen; default: handshake_callbacks_->onFailure(); return PostIoAction::Close; } } } const std::string& SslHandshakerImpl::serialNumberPeerCertificate() const { if (!cached_serial_number_peer_certificate_.empty()) { return cached_serial_number_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_serial_number_peer_certificate_.empty()); return cached_serial_number_peer_certificate_; } cached_serial_number_peer_certificate_ = Utility::getSerialNumberFromCertificate(*cert.get()); return cached_serial_number_peer_certificate_; } const std::string& SslHandshakerImpl::issuerPeerCertificate() const { if (!cached_issuer_peer_certificate_.empty()) { return cached_issuer_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_issuer_peer_certificate_.empty()); return cached_issuer_peer_certificate_; } cached_issuer_peer_certificate_ = Utility::getIssuerFromCertificate(*cert); return cached_issuer_peer_certificate_; } const std::string& SslHandshakerImpl::subjectPeerCertificate() const { if (!cached_subject_peer_certificate_.empty()) { return cached_subject_peer_certificate_; } bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { ASSERT(cached_subject_peer_certificate_.empty()); return cached_subject_peer_certificate_; } cached_subject_peer_certificate_ = Utility::getSubjectFromCertificate(*cert); return cached_subject_peer_certificate_; } const std::string& SslHandshakerImpl::subjectLocalCertificate() const { if (!cached_subject_local_certificate_.empty()) { return cached_subject_local_certificate_; } X509* cert = SSL_get_certificate(ssl()); if (!cert) { ASSERT(cached_subject_local_certificate_.empty()); return cached_subject_local_certificate_; } cached_subject_local_certificate_ = Utility::getSubjectFromCertificate(*cert); return cached_subject_local_certificate_; } absl::optional SslHandshakerImpl::validFromPeerCertificate() const { bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { return absl::nullopt; } return Utility::getValidFrom(*cert); } absl::optional SslHandshakerImpl::expirationPeerCertificate() const { bssl::UniquePtr cert(SSL_get_peer_certificate(ssl())); if (!cert) { return absl::nullopt; } return Utility::getExpirationTime(*cert); } const std::string& SslHandshakerImpl::sessionId() const { if (!cached_session_id_.empty()) { return cached_session_id_; } SSL_SESSION* session = SSL_get_session(ssl()); if (session == nullptr) { ASSERT(cached_session_id_.empty()); return cached_session_id_; } unsigned int session_id_length = 0; const uint8_t* session_id = SSL_SESSION_get_id(session, &session_id_length); cached_session_id_ = Hex::encode(session_id, session_id_length); return cached_session_id_; } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ssl_handshaker.h ================================================ #pragma once #include #include #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "envoy/secret/secret_callbacks.h" #include "envoy/ssl/handshaker.h" #include "envoy/ssl/private_key/private_key_callbacks.h" #include "envoy/ssl/ssl_socket_extended_info.h" #include "envoy/ssl/ssl_socket_state.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_map.h" #include "absl/synchronization/mutex.h" #include "absl/types/optional.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { class SslExtendedSocketInfoImpl : public Envoy::Ssl::SslExtendedSocketInfo { public: void setCertificateValidationStatus(Envoy::Ssl::ClientValidationStatus validated) override; Envoy::Ssl::ClientValidationStatus certificateValidationStatus() const override; private: Envoy::Ssl::ClientValidationStatus certificate_validation_status_{ Envoy::Ssl::ClientValidationStatus::NotValidated}; }; class SslHandshakerImpl : public Ssl::ConnectionInfo, public Ssl::Handshaker { public: SslHandshakerImpl(bssl::UniquePtr ssl, int ssl_extended_socket_info_index, Ssl::HandshakeCallbacks* handshake_callbacks); // Ssl::ConnectionInfo bool peerCertificatePresented() const override; bool peerCertificateValidated() const override; absl::Span uriSanLocalCertificate() const override; const std::string& sha256PeerCertificateDigest() const override; const std::string& sha1PeerCertificateDigest() const override; const std::string& serialNumberPeerCertificate() const override; const std::string& issuerPeerCertificate() const override; const std::string& subjectPeerCertificate() const override; const std::string& subjectLocalCertificate() const override; absl::Span uriSanPeerCertificate() const override; const std::string& urlEncodedPemEncodedPeerCertificate() const override; const std::string& urlEncodedPemEncodedPeerCertificateChain() const override; absl::Span dnsSansPeerCertificate() const override; absl::Span dnsSansLocalCertificate() const override; absl::optional validFromPeerCertificate() const override; absl::optional expirationPeerCertificate() const override; const std::string& sessionId() const override; uint16_t ciphersuiteId() const override; std::string ciphersuiteString() const override; const std::string& tlsVersion() const override; // Ssl::Handshaker Network::PostIoAction doHandshake() override; Ssl::SocketState state() { return state_; } void setState(Ssl::SocketState state) { state_ = state; } SSL* ssl() const { return ssl_.get(); } Ssl::HandshakeCallbacks* handshakeCallbacks() { return handshake_callbacks_; } bssl::UniquePtr ssl_; private: Ssl::HandshakeCallbacks* handshake_callbacks_; Ssl::SocketState state_; mutable std::vector cached_uri_san_local_certificate_; mutable std::string cached_sha_256_peer_certificate_digest_; mutable std::string cached_sha_1_peer_certificate_digest_; mutable std::string cached_serial_number_peer_certificate_; mutable std::string cached_issuer_peer_certificate_; mutable std::string cached_subject_peer_certificate_; mutable std::string cached_subject_local_certificate_; mutable std::vector cached_uri_san_peer_certificate_; mutable std::string cached_url_encoded_pem_encoded_peer_certificate_; mutable std::string cached_url_encoded_pem_encoded_peer_cert_chain_; mutable std::vector cached_dns_san_peer_certificate_; mutable std::vector cached_dns_san_local_certificate_; mutable std::string cached_session_id_; mutable std::string cached_tls_version_; mutable SslExtendedSocketInfoImpl extended_socket_info_; }; using SslHandshakerImplSharedPtr = std::shared_ptr; class HandshakerFactoryContextImpl : public Ssl::HandshakerFactoryContext { public: HandshakerFactoryContextImpl(Api::Api& api, absl::string_view alpn_protocols) : api_(api), alpn_protocols_(alpn_protocols) {} // HandshakerFactoryContext Api::Api& api() override { return api_; } absl::string_view alpnProtocols() const override { return alpn_protocols_; } private: Api::Api& api_; const std::string alpn_protocols_; }; class HandshakerFactoryImpl : public Ssl::HandshakerFactory { public: std::string name() const override { return "envoy.default_tls_handshaker"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new Envoy::ProtobufWkt::Struct()}; } Ssl::HandshakerFactoryCb createHandshakerCb(const Protobuf::Message&, Ssl::HandshakerFactoryContext&, ProtobufMessage::ValidationVisitor&) override { // The default HandshakerImpl doesn't take a config or use the HandshakerFactoryContext. return [](bssl::UniquePtr ssl, int ssl_extended_socket_info_index, Ssl::HandshakeCallbacks* handshake_callbacks) { return std::make_shared(std::move(ssl), ssl_extended_socket_info_index, handshake_callbacks); }; } Ssl::HandshakerCapabilities capabilities() const override { // The default handshaker impl requires Envoy to handle all enumerated behaviors. return Ssl::HandshakerCapabilities{}; } static HandshakerFactory* getDefaultHandshakerFactory() { static HandshakerFactoryImpl default_handshaker_factory; return &default_handshaker_factory; } }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ssl_socket.cc ================================================ #include "extensions/transport_sockets/tls/ssl_socket.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/hex.h" #include "common/http/headers.h" #include "common/runtime/runtime_features.h" #include "extensions/transport_sockets/tls/io_handle_bio.h" #include "extensions/transport_sockets/tls/ssl_handshaker.h" #include "extensions/transport_sockets/tls/utility.h" #include "absl/strings/str_replace.h" #include "openssl/err.h" #include "openssl/x509v3.h" using Envoy::Network::PostIoAction; namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace { constexpr absl::string_view NotReadyReason{"TLS error: Secret is not supplied by SDS"}; // This SslSocket will be used when SSL secret is not fetched from SDS server. class NotReadySslSocket : public Network::TransportSocket { public: // Network::TransportSocket void setTransportSocketCallbacks(Network::TransportSocketCallbacks&) override {} std::string protocol() const override { return EMPTY_STRING; } absl::string_view failureReason() const override { return NotReadyReason; } bool canFlushClose() override { return true; } void closeSocket(Network::ConnectionEvent) override {} Network::IoResult doRead(Buffer::Instance&) override { return {PostIoAction::Close, 0, false}; } Network::IoResult doWrite(Buffer::Instance&, bool) override { return {PostIoAction::Close, 0, false}; } void onConnected() override {} Ssl::ConnectionInfoConstSharedPtr ssl() const override { return nullptr; } }; } // namespace SslSocket::SslSocket(Envoy::Ssl::ContextSharedPtr ctx, InitialState state, const Network::TransportSocketOptionsSharedPtr& transport_socket_options, Ssl::HandshakerFactoryCb handshaker_factory_cb) : transport_socket_options_(transport_socket_options), ctx_(std::dynamic_pointer_cast(ctx)), info_(std::dynamic_pointer_cast( handshaker_factory_cb(ctx_->newSsl(transport_socket_options_.get()), ctx_->sslExtendedSocketInfoIndex(), this))) { if (state == InitialState::Client) { SSL_set_connect_state(rawSsl()); } else { ASSERT(state == InitialState::Server); SSL_set_accept_state(rawSsl()); } } void SslSocket::setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) { ASSERT(!callbacks_); callbacks_ = &callbacks; // Associate this SSL connection with all the certificates (with their potentially different // private key methods). for (auto const& provider : ctx_->getPrivateKeyMethodProviders()) { provider->registerPrivateKeyMethod(rawSsl(), *this, callbacks_->connection().dispatcher()); } BIO* bio; if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.tls_use_io_handle_bio")) { // Use custom BIO that reads from/writes to IoHandle bio = BIO_new_io_handle(&callbacks_->ioHandle()); } else { // TODO(fcoras): remove once the io_handle_bio proves to be stable bio = BIO_new_socket(callbacks_->ioHandle().fdDoNotUse(), 0); } SSL_set_bio(rawSsl(), bio, bio); } SslSocket::ReadResult SslSocket::sslReadIntoSlice(Buffer::RawSlice& slice) { ReadResult result; uint8_t* mem = static_cast(slice.mem_); size_t remaining = slice.len_; while (remaining > 0) { int rc = SSL_read(rawSsl(), mem, remaining); ENVOY_CONN_LOG(trace, "ssl read returns: {}", callbacks_->connection(), rc); if (rc > 0) { ASSERT(static_cast(rc) <= remaining); mem += rc; remaining -= rc; result.commit_slice_ = true; } else { result.error_ = absl::make_optional(rc); break; } } if (result.commit_slice_) { slice.len_ -= remaining; } return result; } Network::IoResult SslSocket::doRead(Buffer::Instance& read_buffer) { if (info_->state() != Ssl::SocketState::HandshakeComplete && info_->state() != Ssl::SocketState::ShutdownSent) { PostIoAction action = doHandshake(); if (action == PostIoAction::Close || info_->state() != Ssl::SocketState::HandshakeComplete) { // end_stream is false because either a hard error occurred (action == Close) or // the handshake isn't complete, so a half-close cannot occur yet. return {action, 0, false}; } } bool keep_reading = true; bool end_stream = false; PostIoAction action = PostIoAction::KeepOpen; uint64_t bytes_read = 0; while (keep_reading) { // We use 2 slices here so that we can use the remainder of an existing buffer chain element // if there is extra space. 16K read is arbitrary and can be tuned later. Buffer::RawSlice slices[2]; uint64_t slices_to_commit = 0; uint64_t num_slices = read_buffer.reserve(16384, slices, 2); for (uint64_t i = 0; i < num_slices; i++) { auto result = sslReadIntoSlice(slices[i]); if (result.commit_slice_) { slices_to_commit++; bytes_read += slices[i].len_; } if (result.error_.has_value()) { keep_reading = false; int err = SSL_get_error(rawSsl(), result.error_.value()); switch (err) { case SSL_ERROR_WANT_READ: break; case SSL_ERROR_ZERO_RETURN: end_stream = true; break; case SSL_ERROR_WANT_WRITE: // Renegotiation has started. We don't handle renegotiation so just fall through. default: drainErrorQueue(); action = PostIoAction::Close; break; } break; } } if (slices_to_commit > 0) { read_buffer.commit(slices, slices_to_commit); if (callbacks_->shouldDrainReadBuffer()) { callbacks_->setReadBufferReady(); keep_reading = false; } } } ENVOY_CONN_LOG(trace, "ssl read {} bytes", callbacks_->connection(), bytes_read); return {action, bytes_read, end_stream}; } void SslSocket::onPrivateKeyMethodComplete() { ASSERT(isThreadSafe()); ASSERT(info_->state() == Ssl::SocketState::HandshakeInProgress); // Resume handshake. PostIoAction action = doHandshake(); if (action == PostIoAction::Close) { ENVOY_CONN_LOG(debug, "async handshake completion error", callbacks_->connection()); callbacks_->connection().close(Network::ConnectionCloseType::FlushWrite); } } Network::Connection& SslSocket::connection() const { return callbacks_->connection(); } void SslSocket::onSuccess(SSL* ssl) { ctx_->logHandshake(ssl); callbacks_->raiseEvent(Network::ConnectionEvent::Connected); } void SslSocket::onFailure() { drainErrorQueue(); } PostIoAction SslSocket::doHandshake() { return info_->doHandshake(); } void SslSocket::drainErrorQueue() { bool saw_error = false; bool saw_counted_error = false; while (uint64_t err = ERR_get_error()) { if (ERR_GET_LIB(err) == ERR_LIB_SSL) { if (ERR_GET_REASON(err) == SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE) { ctx_->stats().fail_verify_no_cert_.inc(); saw_counted_error = true; } else if (ERR_GET_REASON(err) == SSL_R_CERTIFICATE_VERIFY_FAILED) { saw_counted_error = true; } } saw_error = true; if (failure_reason_.empty()) { failure_reason_ = "TLS error:"; } failure_reason_.append(absl::StrCat(" ", err, ":", ERR_lib_error_string(err), ":", ERR_func_error_string(err), ":", ERR_reason_error_string(err))); } ENVOY_CONN_LOG(debug, "{}", callbacks_->connection(), failure_reason_); if (saw_error && !saw_counted_error) { ctx_->stats().connection_error_.inc(); } } Network::IoResult SslSocket::doWrite(Buffer::Instance& write_buffer, bool end_stream) { ASSERT(info_->state() != Ssl::SocketState::ShutdownSent || write_buffer.length() == 0); if (info_->state() != Ssl::SocketState::HandshakeComplete && info_->state() != Ssl::SocketState::ShutdownSent) { PostIoAction action = doHandshake(); if (action == PostIoAction::Close || info_->state() != Ssl::SocketState::HandshakeComplete) { return {action, 0, false}; } } uint64_t bytes_to_write; if (bytes_to_retry_) { bytes_to_write = bytes_to_retry_; bytes_to_retry_ = 0; } else { bytes_to_write = std::min(write_buffer.length(), static_cast(16384)); } uint64_t total_bytes_written = 0; while (bytes_to_write > 0) { // TODO(mattklein123): As it relates to our fairness efforts, we might want to limit the number // of iterations of this loop, either by pure iterations, bytes written, etc. // SSL_write() requires that if a previous call returns SSL_ERROR_WANT_WRITE, we need to call // it again with the same parameters. This is done by tracking last write size, but not write // data, since linearize() will return the same undrained data anyway. ASSERT(bytes_to_write <= write_buffer.length()); int rc = SSL_write(rawSsl(), write_buffer.linearize(bytes_to_write), bytes_to_write); ENVOY_CONN_LOG(trace, "ssl write returns: {}", callbacks_->connection(), rc); if (rc > 0) { ASSERT(rc == static_cast(bytes_to_write)); total_bytes_written += rc; write_buffer.drain(rc); bytes_to_write = std::min(write_buffer.length(), static_cast(16384)); } else { int err = SSL_get_error(rawSsl(), rc); switch (err) { case SSL_ERROR_WANT_WRITE: bytes_to_retry_ = bytes_to_write; break; case SSL_ERROR_WANT_READ: // Renegotiation has started. We don't handle renegotiation so just fall through. default: drainErrorQueue(); return {PostIoAction::Close, total_bytes_written, false}; } break; } } if (write_buffer.length() == 0 && end_stream) { shutdownSsl(); } return {PostIoAction::KeepOpen, total_bytes_written, false}; } void SslSocket::onConnected() { ASSERT(info_->state() == Ssl::SocketState::PreHandshake); } Ssl::ConnectionInfoConstSharedPtr SslSocket::ssl() const { return info_; } void SslSocket::shutdownSsl() { ASSERT(info_->state() != Ssl::SocketState::PreHandshake); if (info_->state() != Ssl::SocketState::ShutdownSent && callbacks_->connection().state() != Network::Connection::State::Closed) { int rc = SSL_shutdown(rawSsl()); ENVOY_CONN_LOG(debug, "SSL shutdown: rc={}", callbacks_->connection(), rc); drainErrorQueue(); info_->setState(Ssl::SocketState::ShutdownSent); } } void SslSocket::closeSocket(Network::ConnectionEvent) { // Unregister the SSL connection object from private key method providers. for (auto const& provider : ctx_->getPrivateKeyMethodProviders()) { provider->unregisterPrivateKeyMethod(rawSsl()); } // Attempt to send a shutdown before closing the socket. It's possible this won't go out if // there is no room on the socket. We can extend the state machine to handle this at some point // if needed. if (info_->state() == Ssl::SocketState::HandshakeInProgress || info_->state() == Ssl::SocketState::HandshakeComplete) { shutdownSsl(); } } std::string SslSocket::protocol() const { const unsigned char* proto; unsigned int proto_len; SSL_get0_alpn_selected(rawSsl(), &proto, &proto_len); return std::string(reinterpret_cast(proto), proto_len); } absl::string_view SslSocket::failureReason() const { return failure_reason_; } namespace { SslSocketFactoryStats generateStats(const std::string& prefix, Stats::Scope& store) { return { ALL_SSL_SOCKET_FACTORY_STATS(POOL_COUNTER_PREFIX(store, prefix + "_ssl_socket_factory."))}; } } // namespace ClientSslSocketFactory::ClientSslSocketFactory(Envoy::Ssl::ClientContextConfigPtr config, Envoy::Ssl::ContextManager& manager, Stats::Scope& stats_scope) : manager_(manager), stats_scope_(stats_scope), stats_(generateStats("client", stats_scope)), config_(std::move(config)), ssl_ctx_(manager_.createSslClientContext(stats_scope_, *config_)) { config_->setSecretUpdateCallback([this]() { onAddOrUpdateSecret(); }); } Network::TransportSocketPtr ClientSslSocketFactory::createTransportSocket( Network::TransportSocketOptionsSharedPtr transport_socket_options) const { // onAddOrUpdateSecret() could be invoked in the middle of checking the existence of ssl_ctx and // creating SslSocket using ssl_ctx. Capture ssl_ctx_ into a local variable so that we check and // use the same ssl_ctx to create SslSocket. Envoy::Ssl::ClientContextSharedPtr ssl_ctx; { absl::ReaderMutexLock l(&ssl_ctx_mu_); ssl_ctx = ssl_ctx_; } if (ssl_ctx) { return std::make_unique(std::move(ssl_ctx), InitialState::Client, transport_socket_options, config_->createHandshaker()); } else { ENVOY_LOG(debug, "Create NotReadySslSocket"); stats_.upstream_context_secrets_not_ready_.inc(); return std::make_unique(); } } bool ClientSslSocketFactory::implementsSecureTransport() const { return true; } void ClientSslSocketFactory::onAddOrUpdateSecret() { ENVOY_LOG(debug, "Secret is updated."); { absl::WriterMutexLock l(&ssl_ctx_mu_); ssl_ctx_ = manager_.createSslClientContext(stats_scope_, *config_); } stats_.ssl_context_update_by_sds_.inc(); } ServerSslSocketFactory::ServerSslSocketFactory(Envoy::Ssl::ServerContextConfigPtr config, Envoy::Ssl::ContextManager& manager, Stats::Scope& stats_scope, const std::vector& server_names) : manager_(manager), stats_scope_(stats_scope), stats_(generateStats("server", stats_scope)), config_(std::move(config)), server_names_(server_names), ssl_ctx_(manager_.createSslServerContext(stats_scope_, *config_, server_names_)) { config_->setSecretUpdateCallback([this]() { onAddOrUpdateSecret(); }); } Network::TransportSocketPtr ServerSslSocketFactory::createTransportSocket(Network::TransportSocketOptionsSharedPtr) const { // onAddOrUpdateSecret() could be invoked in the middle of checking the existence of ssl_ctx and // creating SslSocket using ssl_ctx. Capture ssl_ctx_ into a local variable so that we check and // use the same ssl_ctx to create SslSocket. Envoy::Ssl::ServerContextSharedPtr ssl_ctx; { absl::ReaderMutexLock l(&ssl_ctx_mu_); ssl_ctx = ssl_ctx_; } if (ssl_ctx) { return std::make_unique(std::move(ssl_ctx), InitialState::Server, nullptr, config_->createHandshaker()); } else { ENVOY_LOG(debug, "Create NotReadySslSocket"); stats_.downstream_context_secrets_not_ready_.inc(); return std::make_unique(); } } bool ServerSslSocketFactory::implementsSecureTransport() const { return true; } void ServerSslSocketFactory::onAddOrUpdateSecret() { ENVOY_LOG(debug, "Secret is updated."); { absl::WriterMutexLock l(&ssl_ctx_mu_); ssl_ctx_ = manager_.createSslServerContext(stats_scope_, *config_, server_names_); } stats_.ssl_context_update_by_sds_.inc(); } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/ssl_socket.h ================================================ #pragma once #include #include #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" #include "envoy/secret/secret_callbacks.h" #include "envoy/ssl/handshaker.h" #include "envoy/ssl/private_key/private_key_callbacks.h" #include "envoy/ssl/ssl_socket_extended_info.h" #include "envoy/ssl/ssl_socket_state.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" #include "common/common/logger.h" #include "extensions/transport_sockets/tls/context_impl.h" #include "extensions/transport_sockets/tls/ssl_handshaker.h" #include "extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_map.h" #include "absl/synchronization/mutex.h" #include "absl/types/optional.h" #include "openssl/ssl.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { #define ALL_SSL_SOCKET_FACTORY_STATS(COUNTER) \ COUNTER(ssl_context_update_by_sds) \ COUNTER(upstream_context_secrets_not_ready) \ COUNTER(downstream_context_secrets_not_ready) /** * Wrapper struct for SSL socket factory stats. @see stats_macros.h */ struct SslSocketFactoryStats { ALL_SSL_SOCKET_FACTORY_STATS(GENERATE_COUNTER_STRUCT) }; enum class InitialState { Client, Server }; class SslSocket : public Network::TransportSocket, public Envoy::Ssl::PrivateKeyConnectionCallbacks, public Ssl::HandshakeCallbacks, protected Logger::Loggable { public: SslSocket(Envoy::Ssl::ContextSharedPtr ctx, InitialState state, const Network::TransportSocketOptionsSharedPtr& transport_socket_options, Ssl::HandshakerFactoryCb handshaker_factory_cb); // Network::TransportSocket void setTransportSocketCallbacks(Network::TransportSocketCallbacks& callbacks) override; std::string protocol() const override; absl::string_view failureReason() const override; bool canFlushClose() override { return info_->state() == Ssl::SocketState::HandshakeComplete; } void closeSocket(Network::ConnectionEvent close_type) override; Network::IoResult doRead(Buffer::Instance& read_buffer) override; Network::IoResult doWrite(Buffer::Instance& write_buffer, bool end_stream) override; void onConnected() override; Ssl::ConnectionInfoConstSharedPtr ssl() const override; // Ssl::PrivateKeyConnectionCallbacks void onPrivateKeyMethodComplete() override; // Ssl::HandshakeCallbacks Network::Connection& connection() const override; void onSuccess(SSL* ssl) override; void onFailure() override; Network::TransportSocketCallbacks* transportSocketCallbacks() override { return callbacks_; } SSL* rawSslForTest() const { return rawSsl(); } protected: SSL* rawSsl() const { return info_->ssl_.get(); } private: struct ReadResult { bool commit_slice_{}; absl::optional error_; }; ReadResult sslReadIntoSlice(Buffer::RawSlice& slice); Network::PostIoAction doHandshake(); void drainErrorQueue(); void shutdownSsl(); bool isThreadSafe() const { return callbacks_ != nullptr && callbacks_->connection().dispatcher().isThreadSafe(); } const Network::TransportSocketOptionsSharedPtr transport_socket_options_; Network::TransportSocketCallbacks* callbacks_{}; ContextImplSharedPtr ctx_; uint64_t bytes_to_retry_{}; std::string failure_reason_; SslHandshakerImplSharedPtr info_; }; class ClientSslSocketFactory : public Network::TransportSocketFactory, public Secret::SecretCallbacks, Logger::Loggable { public: ClientSslSocketFactory(Envoy::Ssl::ClientContextConfigPtr config, Envoy::Ssl::ContextManager& manager, Stats::Scope& stats_scope); Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const override; bool implementsSecureTransport() const override; // Secret::SecretCallbacks void onAddOrUpdateSecret() override; private: Envoy::Ssl::ContextManager& manager_; Stats::Scope& stats_scope_; SslSocketFactoryStats stats_; Envoy::Ssl::ClientContextConfigPtr config_; mutable absl::Mutex ssl_ctx_mu_; Envoy::Ssl::ClientContextSharedPtr ssl_ctx_ ABSL_GUARDED_BY(ssl_ctx_mu_); }; class ServerSslSocketFactory : public Network::TransportSocketFactory, public Secret::SecretCallbacks, Logger::Loggable { public: ServerSslSocketFactory(Envoy::Ssl::ServerContextConfigPtr config, Envoy::Ssl::ContextManager& manager, Stats::Scope& stats_scope, const std::vector& server_names); Network::TransportSocketPtr createTransportSocket(Network::TransportSocketOptionsSharedPtr options) const override; bool implementsSecureTransport() const override; // Secret::SecretCallbacks void onAddOrUpdateSecret() override; private: Ssl::ContextManager& manager_; Stats::Scope& stats_scope_; SslSocketFactoryStats stats_; Envoy::Ssl::ServerContextConfigPtr config_; const std::vector server_names_; mutable absl::Mutex ssl_ctx_mu_; Envoy::Ssl::ServerContextSharedPtr ssl_ctx_ ABSL_GUARDED_BY(ssl_ctx_mu_); }; } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/utility.cc ================================================ #include "extensions/transport_sockets/tls/utility.h" #include "common/common/assert.h" #include "common/network/address_impl.h" #include "absl/strings/str_join.h" #include "openssl/x509v3.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace { enum class CertName { Issuer, Subject }; /** * Retrieves a name from a certificate and formats it as an RFC 2253 name. * @param cert the certificate. * @param desired_name the desired name (Issuer or Subject) to retrieve from the certificate. * @return std::string returns the desired name formatted as an RFC 2253 name. */ std::string getRFC2253NameFromCertificate(X509& cert, CertName desired_name) { bssl::UniquePtr buf(BIO_new(BIO_s_mem())); RELEASE_ASSERT(buf != nullptr, ""); X509_NAME* name = nullptr; switch (desired_name) { case CertName::Issuer: name = X509_get_issuer_name(&cert); break; case CertName::Subject: name = X509_get_subject_name(&cert); break; } // flags=XN_FLAG_RFC2253 is the documented parameter for single-line output in RFC 2253 format. // Example from the RFC: // * Single value per Relative Distinguished Name (RDN): CN=Steve Kille,O=Isode Limited,C=GB // * Multivalue output in first RDN: OU=Sales+CN=J. Smith,O=Widget Inc.,C=US // * Quoted comma in Organization: CN=L. Eagle,O=Sue\, Grabbit and Runn,C=GB X509_NAME_print_ex(buf.get(), name, 0 /* indent */, XN_FLAG_RFC2253); const uint8_t* data; size_t data_len; int rc = BIO_mem_contents(buf.get(), &data, &data_len); ASSERT(rc == 1); return std::string(reinterpret_cast(data), data_len); } } // namespace const ASN1_TIME& epochASN1_Time() { static ASN1_TIME* e = []() -> ASN1_TIME* { ASN1_TIME* epoch = ASN1_TIME_new(); const time_t epoch_time = 0; RELEASE_ASSERT(ASN1_TIME_set(epoch, epoch_time) != nullptr, ""); return epoch; }(); return *e; } inline bssl::UniquePtr currentASN1_Time(TimeSource& time_source) { bssl::UniquePtr current_asn_time(ASN1_TIME_new()); const time_t current_time = std::chrono::system_clock::to_time_t(time_source.systemTime()); RELEASE_ASSERT(ASN1_TIME_set(current_asn_time.get(), current_time) != nullptr, ""); return current_asn_time; } std::string Utility::getSerialNumberFromCertificate(X509& cert) { ASN1_INTEGER* serial_number = X509_get_serialNumber(&cert); BIGNUM num_bn; BN_init(&num_bn); ASN1_INTEGER_to_BN(serial_number, &num_bn); char* char_serial_number = BN_bn2hex(&num_bn); BN_free(&num_bn); if (char_serial_number != nullptr) { std::string serial_number(char_serial_number); OPENSSL_free(char_serial_number); return serial_number; } return ""; } std::vector Utility::getSubjectAltNames(X509& cert, int type) { std::vector subject_alt_names; bssl::UniquePtr san_names( static_cast(X509_get_ext_d2i(&cert, NID_subject_alt_name, nullptr, nullptr))); if (san_names == nullptr) { return subject_alt_names; } for (const GENERAL_NAME* san : san_names.get()) { if (san->type == type) { subject_alt_names.push_back(generalNameAsString(san)); } } return subject_alt_names; } std::string Utility::generalNameAsString(const GENERAL_NAME* general_name) { std::string san; switch (general_name->type) { case GEN_DNS: { ASN1_STRING* str = general_name->d.dNSName; san.assign(reinterpret_cast(ASN1_STRING_data(str)), ASN1_STRING_length(str)); break; } case GEN_URI: { ASN1_STRING* str = general_name->d.uniformResourceIdentifier; san.assign(reinterpret_cast(ASN1_STRING_data(str)), ASN1_STRING_length(str)); break; } case GEN_IPADD: { if (general_name->d.ip->length == 4) { sockaddr_in sin; sin.sin_port = 0; sin.sin_family = AF_INET; memcpy(&sin.sin_addr, general_name->d.ip->data, sizeof(sin.sin_addr)); Network::Address::Ipv4Instance addr(&sin); san = addr.ip()->addressAsString(); } else if (general_name->d.ip->length == 16) { sockaddr_in6 sin6; sin6.sin6_port = 0; sin6.sin6_family = AF_INET6; memcpy(&sin6.sin6_addr, general_name->d.ip->data, sizeof(sin6.sin6_addr)); Network::Address::Ipv6Instance addr(sin6); san = addr.ip()->addressAsString(); } break; } } return san; } std::string Utility::getIssuerFromCertificate(X509& cert) { return getRFC2253NameFromCertificate(cert, CertName::Issuer); } std::string Utility::getSubjectFromCertificate(X509& cert) { return getRFC2253NameFromCertificate(cert, CertName::Subject); } int32_t Utility::getDaysUntilExpiration(const X509* cert, TimeSource& time_source) { if (cert == nullptr) { return std::numeric_limits::max(); } int days, seconds; if (ASN1_TIME_diff(&days, &seconds, currentASN1_Time(time_source).get(), X509_get0_notAfter(cert))) { return days; } return 0; } absl::string_view Utility::getCertificateExtensionValue(X509& cert, absl::string_view extension_name) { bssl::UniquePtr oid( OBJ_txt2obj(std::string(extension_name).c_str(), 1 /* don't search names */)); if (oid == nullptr) { return {}; } int pos = X509_get_ext_by_OBJ(&cert, oid.get(), -1); if (pos < 0) { return {}; } X509_EXTENSION* extension = X509_get_ext(&cert, pos); if (extension == nullptr) { return {}; } const ASN1_OCTET_STRING* octet_string = X509_EXTENSION_get_data(extension); RELEASE_ASSERT(octet_string != nullptr, ""); // Return the entire DER-encoded value for this extension. Correct decoding depends on // knowledge of the expected structure of the extension's value. const unsigned char* octet_string_data = ASN1_STRING_get0_data(octet_string); const int octet_string_length = ASN1_STRING_length(octet_string); return {reinterpret_cast(octet_string_data), static_cast(octet_string_length)}; } SystemTime Utility::getValidFrom(const X509& cert) { int days, seconds; int rc = ASN1_TIME_diff(&days, &seconds, &epochASN1_Time(), X509_get0_notBefore(&cert)); ASSERT(rc == 1); // Casting to to prevent multiplication overflow when certificate valid-from date // beyond 2038-01-19T03:14:08Z. return std::chrono::system_clock::from_time_t(static_cast(days) * 24 * 60 * 60 + seconds); } SystemTime Utility::getExpirationTime(const X509& cert) { int days, seconds; int rc = ASN1_TIME_diff(&days, &seconds, &epochASN1_Time(), X509_get0_notAfter(&cert)); ASSERT(rc == 1); // Casting to to prevent multiplication overflow when certificate not-after date // beyond 2038-01-19T03:14:08Z. return std::chrono::system_clock::from_time_t(static_cast(days) * 24 * 60 * 60 + seconds); } absl::optional Utility::getLastCryptoError() { auto err = ERR_get_error(); if (err != 0) { char errbuf[256]; ERR_error_string_n(err, errbuf, sizeof(errbuf)); return std::string(errbuf); } return absl::nullopt; } } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/tls/utility.h ================================================ #pragma once #include #include #include "common/common/utility.h" #include "absl/types/optional.h" #include "openssl/ssl.h" #include "openssl/x509v3.h" namespace Envoy { namespace Extensions { namespace TransportSockets { namespace Tls { namespace Utility { /** * Retrieves the serial number of a certificate. * @param cert the certificate * @return std::string the serial number field of the certificate. Returns "" if * there is no serial number. */ std::string getSerialNumberFromCertificate(X509& cert); /** * Retrieves the subject alternate names of a certificate. * @param cert the certificate * @param type type of subject alternate name * @return std::vector returns the list of subject alternate names. */ std::vector getSubjectAltNames(X509& cert, int type); /** * Converts the Subject Alternate Name to string. * @param general_name the subject alternate name * @return std::string returns the string representation of subject alt names. */ std::string generalNameAsString(const GENERAL_NAME* general_name); /** * Retrieves the issuer from certificate. * @param cert the certificate * @return std::string the issuer field for the certificate. */ std::string getIssuerFromCertificate(X509& cert); /** * Retrieves the subject from certificate. * @param cert the certificate * @return std::string the subject field for the certificate. */ std::string getSubjectFromCertificate(X509& cert); /** * Retrieves the value of a specific X509 extension from the cert, if present. * @param cert the certificate. * @param extension_name the name of the extension to extract in dotted number format * @return absl::string_view the DER-encoded value of the extension field or empty if not present. */ absl::string_view getCertificateExtensionValue(X509& cert, absl::string_view extension_name); /** * Returns the days until this certificate is valid. * @param cert the certificate * @param time_source the time source to use for current time calculation. * @return the number of days till this certificate is valid. */ int32_t getDaysUntilExpiration(const X509* cert, TimeSource& time_source); /** * Returns the time from when this certificate is valid. * @param cert the certificate. * @return time from when this certificate is valid. */ SystemTime getValidFrom(const X509& cert); /** * Returns the time when this certificate expires. * @param cert the certificate. * @return time after which the certificate expires. */ SystemTime getExpirationTime(const X509& cert); /** * Returns the last crypto error from ERR_get_error(), or `absl::nullopt` * if the error stack is empty. * @return std::string error message */ absl::optional getLastCryptoError(); } // namespace Utility } // namespace Tls } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/transport_sockets/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { namespace TransportSockets { /** * Well-known transport socket names. * NOTE: New transport sockets should use the well known name: envoy.transport_sockets.name. */ class TransportSocketNameValues { public: const std::string Alts = "envoy.transport_sockets.alts"; const std::string Quic = "envoy.transport_sockets.quic"; const std::string RawBuffer = "envoy.transport_sockets.raw_buffer"; const std::string Tap = "envoy.transport_sockets.tap"; const std::string Tls = "envoy.transport_sockets.tls"; const std::string UpstreamProxyProtocol = "envoy.transport_sockets.upstream_proxy_protocol"; }; using TransportSocketNames = ConstSingleton; /** * Well-known transport protocol names. */ class TransportProtocolNameValues { public: const std::string Tls = "tls"; const std::string RawBuffer = "raw_buffer"; const std::string Quic = "quic"; }; // TODO(lizan): Find a better place to have this singleton. using TransportProtocolNames = ConstSingleton; } // namespace TransportSockets } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/generic/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = [ "config.cc", ], hdrs = [ "config.h", ], security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ "//source/extensions/upstreams/http/http:upstream_request_lib", "//source/extensions/upstreams/http/tcp:upstream_request_lib", "@envoy_api//envoy/extensions/upstreams/http/generic/v3:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/upstreams/http/generic/config.cc ================================================ #include "extensions/upstreams/http/generic/config.h" #include "extensions/upstreams/http/http/upstream_request.h" #include "extensions/upstreams/http/tcp/upstream_request.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Generic { Router::GenericConnPoolPtr GenericGenericConnPoolFactory::createGenericConnPool( Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const { if (is_connect) { auto ret = std::make_unique(cm, is_connect, route_entry, downstream_protocol, ctx); return (ret->valid() ? std::move(ret) : nullptr); } auto ret = std::make_unique(cm, is_connect, route_entry, downstream_protocol, ctx); return (ret->valid() ? std::move(ret) : nullptr); } REGISTER_FACTORY(GenericGenericConnPoolFactory, Router::GenericConnPoolFactory); } // namespace Generic } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/generic/config.h ================================================ #pragma once #include "envoy/extensions/upstreams/http/generic/v3/generic_connection_pool.pb.h" #include "envoy/registry/registry.h" #include "envoy/router/router.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Generic { /** * Config registration for the GenericConnPool. * @see Router::GenericConnPoolFactory */ class GenericGenericConnPoolFactory : public Router::GenericConnPoolFactory { public: std::string name() const override { return "envoy.filters.connection_pools.http.generic"; } std::string category() const override { return "envoy.upstreams"; } Router::GenericConnPoolPtr createGenericConnPool(Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::upstreams::http::generic::v3::GenericConnectionPoolProto>(); } }; DECLARE_FACTORY(GenericGenericConnPoolFactory); } // namespace Generic } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = [ "config.cc", ], hdrs = [ "config.h", ], security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ ":upstream_request_lib", "@envoy_api//envoy/extensions/upstreams/http/http/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "upstream_request_lib", srcs = [ "upstream_request.cc", ], hdrs = [ "upstream_request.h", ], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:conn_pool_interface", "//include/envoy/http:filter_interface", "//include/envoy/upstream:cluster_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/network:application_protocol_lib", "//source/common/network:transport_socket_options_lib", "//source/common/router:router_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", ], ) ================================================ FILE: source/extensions/upstreams/http/http/config.cc ================================================ #include "extensions/upstreams/http/http/config.h" #include "extensions/upstreams/http/http/upstream_request.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Http { Router::GenericConnPoolPtr HttpGenericConnPoolFactory::createGenericConnPool( Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const { auto ret = std::make_unique(cm, is_connect, route_entry, downstream_protocol, ctx); return (ret->valid() ? std::move(ret) : nullptr); } REGISTER_FACTORY(HttpGenericConnPoolFactory, Router::GenericConnPoolFactory); } // namespace Http } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/http/config.h ================================================ #pragma once #include "envoy/extensions/upstreams/http/http/v3/http_connection_pool.pb.h" #include "envoy/registry/registry.h" #include "envoy/router/router.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Http { /** * Config registration for the HttpConnPool. @see Router::GenericConnPoolFactory */ class HttpGenericConnPoolFactory : public Router::GenericConnPoolFactory { public: std::string name() const override { return "envoy.filters.connection_pools.http.http"; } std::string category() const override { return "envoy.upstreams"; } Router::GenericConnPoolPtr createGenericConnPool(Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< envoy::extensions::upstreams::http::http::v3::HttpConnectionPoolProto>(); } }; DECLARE_FACTORY(HttpGenericConnPoolFactory); } // namespace Http } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/http/upstream_request.cc ================================================ #include "extensions/upstreams/http/http/upstream_request.h" #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/grpc/status.h" #include "envoy/http/conn_pool.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/router/router.h" using Envoy::Router::GenericConnectionPoolCallbacks; namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Http { void HttpConnPool::newStream(GenericConnectionPoolCallbacks* callbacks) { callbacks_ = callbacks; // It's possible for a reset to happen inline within the newStream() call. In this case, we // might get deleted inline as well. Only write the returned handle out if it is not nullptr to // deal with this case. Envoy::Http::ConnectionPool::Cancellable* handle = conn_pool_->newStream(callbacks->upstreamToDownstream(), *this); if (handle) { conn_pool_stream_handle_ = handle; } } bool HttpConnPool::cancelAnyPendingStream() { if (conn_pool_stream_handle_) { conn_pool_stream_handle_->cancel(ConnectionPool::CancelPolicy::Default); conn_pool_stream_handle_ = nullptr; return true; } return false; } absl::optional HttpConnPool::protocol() const { return conn_pool_->protocol(); } void HttpConnPool::onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) { callbacks_->onPoolFailure(reason, transport_failure_reason, host); } void HttpConnPool::onPoolReady(Envoy::Http::RequestEncoder& request_encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info) { conn_pool_stream_handle_ = nullptr; auto upstream = std::make_unique(callbacks_->upstreamToDownstream(), &request_encoder); callbacks_->onPoolReady(std::move(upstream), host, request_encoder.getStream().connectionLocalAddress(), info); } } // namespace Http } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/http/upstream_request.h ================================================ #pragma once #include #include #include "envoy/http/codes.h" #include "envoy/http/conn_pool.h" #include "common/common/logger.h" #include "common/config/well_known_names.h" #include "common/router/upstream_request.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Http { class HttpConnPool : public Router::GenericConnPool, public Envoy::Http::ConnectionPool::Callbacks { public: // GenericConnPool HttpConnPool(Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) { ASSERT(!is_connect); conn_pool_ = cm.httpConnPoolForCluster(route_entry.clusterName(), route_entry.priority(), downstream_protocol, ctx); } void newStream(Router::GenericConnectionPoolCallbacks* callbacks) override; bool cancelAnyPendingStream() override; absl::optional protocol() const override; // Http::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Envoy::Http::RequestEncoder& callbacks_encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info) override; Upstream::HostDescriptionConstSharedPtr host() const override { return conn_pool_->host(); } bool valid() { return conn_pool_ != nullptr; } private: // Points to the actual connection pool to create streams from. Envoy::Http::ConnectionPool::Instance* conn_pool_{}; Envoy::Http::ConnectionPool::Cancellable* conn_pool_stream_handle_{}; Router::GenericConnectionPoolCallbacks* callbacks_{}; }; class HttpUpstream : public Router::GenericUpstream, public Envoy::Http::StreamCallbacks { public: HttpUpstream(Router::UpstreamToDownstream& upstream_request, Envoy::Http::RequestEncoder* encoder) : upstream_request_(upstream_request), request_encoder_(encoder) { request_encoder_->getStream().addCallbacks(*this); } // GenericUpstream void encodeData(Buffer::Instance& data, bool end_stream) override { request_encoder_->encodeData(data, end_stream); } void encodeMetadata(const Envoy::Http::MetadataMapVector& metadata_map_vector) override { request_encoder_->encodeMetadata(metadata_map_vector); } void encodeHeaders(const Envoy::Http::RequestHeaderMap& headers, bool end_stream) override { request_encoder_->encodeHeaders(headers, end_stream); } void encodeTrailers(const Envoy::Http::RequestTrailerMap& trailers) override { request_encoder_->encodeTrailers(trailers); } void readDisable(bool disable) override { request_encoder_->getStream().readDisable(disable); } void resetStream() override { request_encoder_->getStream().removeCallbacks(*this); request_encoder_->getStream().resetStream(Envoy::Http::StreamResetReason::LocalReset); } // Http::StreamCallbacks void onResetStream(Envoy::Http::StreamResetReason reason, absl::string_view transport_failure_reason) override { upstream_request_.onResetStream(reason, transport_failure_reason); } void onAboveWriteBufferHighWatermark() override { upstream_request_.onAboveWriteBufferHighWatermark(); } void onBelowWriteBufferLowWatermark() override { upstream_request_.onBelowWriteBufferLowWatermark(); } private: Router::UpstreamToDownstream& upstream_request_; Envoy::Http::RequestEncoder* request_encoder_{}; }; } // namespace Http } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/tcp/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_extension( name = "config", srcs = [ "config.cc", ], hdrs = [ "config.h", ], security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ ":upstream_request_lib", "@envoy_api//envoy/extensions/upstreams/http/tcp/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "upstream_request_lib", srcs = [ "upstream_request.cc", ], hdrs = [ "upstream_request.h", ], deps = [ "//include/envoy/http:codes_interface", "//include/envoy/http:filter_interface", "//include/envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:message_lib", "//source/common/network:application_protocol_lib", "//source/common/network:transport_socket_options_lib", "//source/common/router:router_lib", "//source/common/upstream:load_balancer_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", ], ) ================================================ FILE: source/extensions/upstreams/http/tcp/config.cc ================================================ #include "extensions/upstreams/http/tcp/config.h" #include "extensions/upstreams/http/tcp/upstream_request.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Tcp { Router::GenericConnPoolPtr TcpGenericConnPoolFactory::createGenericConnPool( Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const { auto ret = std::make_unique(cm, is_connect, route_entry, downstream_protocol, ctx); return (ret->valid() ? std::move(ret) : nullptr); } REGISTER_FACTORY(TcpGenericConnPoolFactory, Router::GenericConnPoolFactory); } // namespace Tcp } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/tcp/config.h ================================================ #pragma once #include "envoy/extensions/upstreams/http/tcp/v3/tcp_connection_pool.pb.h" #include "envoy/registry/registry.h" #include "envoy/router/router.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Tcp { /** * Config registration for the TcpConnPool. @see Router::GenericConnPoolFactory */ class TcpGenericConnPoolFactory : public Router::GenericConnPoolFactory { public: std::string name() const override { return "envoy.filters.connection_pools.http.tcp"; } std::string category() const override { return "envoy.upstreams"; } Router::GenericConnPoolPtr createGenericConnPool(Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) const override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } }; DECLARE_FACTORY(TcpGenericConnPoolFactory); } // namespace Tcp } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/tcp/upstream_request.cc ================================================ #include "extensions/upstreams/http/tcp/upstream_request.h" #include #include #include "envoy/upstream/upstream.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/network/transport_socket_options_impl.h" #include "common/router/router.h" #include "extensions/common/proxy_protocol/proxy_protocol_header.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Tcp { void TcpConnPool::onPoolReady(Envoy::Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) { upstream_handle_ = nullptr; Network::Connection& latched_conn = conn_data->connection(); auto upstream = std::make_unique(&callbacks_->upstreamToDownstream(), std::move(conn_data)); callbacks_->onPoolReady(std::move(upstream), host, latched_conn.localAddress(), latched_conn.streamInfo()); } TcpUpstream::TcpUpstream(Router::UpstreamToDownstream* upstream_request, Envoy::Tcp::ConnectionPool::ConnectionDataPtr&& upstream) : upstream_request_(upstream_request), upstream_conn_data_(std::move(upstream)) { upstream_conn_data_->connection().enableHalfClose(true); upstream_conn_data_->addUpstreamCallbacks(*this); } void TcpUpstream::encodeData(Buffer::Instance& data, bool end_stream) { upstream_conn_data_->connection().write(data, end_stream); } void TcpUpstream::encodeHeaders(const Envoy::Http::RequestHeaderMap&, bool end_stream) { // Headers should only happen once, so use this opportunity to add the proxy // proto header, if configured. ASSERT(upstream_request_->routeEntry().connectConfig().has_value()); Buffer::OwnedImpl data; auto& connect_config = upstream_request_->routeEntry().connectConfig().value(); if (connect_config.has_proxy_protocol_config()) { Extensions::Common::ProxyProtocol::generateProxyProtoHeader( connect_config.proxy_protocol_config(), upstream_request_->connection(), data); } if (data.length() != 0 || end_stream) { upstream_conn_data_->connection().write(data, end_stream); } // TcpUpstream::encodeHeaders is called after the UpstreamRequest is fully initialized. Also use // this time to synthesize the 200 response headers downstream to complete the CONNECT handshake. Envoy::Http::ResponseHeaderMapPtr headers{ Envoy::Http::createHeaderMap( {{Envoy::Http::Headers::get().Status, "200"}})}; upstream_request_->decodeHeaders(std::move(headers), false); } void TcpUpstream::encodeTrailers(const Envoy::Http::RequestTrailerMap&) { Buffer::OwnedImpl data; upstream_conn_data_->connection().write(data, true); } void TcpUpstream::readDisable(bool disable) { if (upstream_conn_data_->connection().state() != Network::Connection::State::Open) { return; } upstream_conn_data_->connection().readDisable(disable); } void TcpUpstream::resetStream() { upstream_request_ = nullptr; upstream_conn_data_->connection().close(Network::ConnectionCloseType::NoFlush); } void TcpUpstream::onUpstreamData(Buffer::Instance& data, bool end_stream) { upstream_request_->decodeData(data, end_stream); } void TcpUpstream::onEvent(Network::ConnectionEvent event) { if (event != Network::ConnectionEvent::Connected && upstream_request_) { upstream_request_->onResetStream(Envoy::Http::StreamResetReason::ConnectionTermination, ""); } } void TcpUpstream::onAboveWriteBufferHighWatermark() { if (upstream_request_) { upstream_request_->onAboveWriteBufferHighWatermark(); } } void TcpUpstream::onBelowWriteBufferLowWatermark() { if (upstream_request_) { upstream_request_->onBelowWriteBufferLowWatermark(); } } } // namespace Tcp } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/upstreams/http/tcp/upstream_request.h ================================================ #pragma once #include #include #include "envoy/http/codec.h" #include "envoy/tcp/conn_pool.h" #include "common/buffer/watermark_buffer.h" #include "common/common/cleanup.h" #include "common/common/logger.h" #include "common/config/well_known_names.h" #include "common/router/upstream_request.h" #include "common/stream_info/stream_info_impl.h" namespace Envoy { namespace Extensions { namespace Upstreams { namespace Http { namespace Tcp { class TcpConnPool : public Router::GenericConnPool, public Envoy::Tcp::ConnectionPool::Callbacks { public: TcpConnPool(Upstream::ClusterManager& cm, bool is_connect, const Router::RouteEntry& route_entry, absl::optional, Upstream::LoadBalancerContext* ctx) { ASSERT(is_connect); conn_pool_ = cm.tcpConnPoolForCluster(route_entry.clusterName(), Upstream::ResourcePriority::Default, ctx); } void newStream(Router::GenericConnectionPoolCallbacks* callbacks) override { callbacks_ = callbacks; upstream_handle_ = conn_pool_->newConnection(*this); } bool cancelAnyPendingStream() override { if (upstream_handle_) { upstream_handle_->cancel(Envoy::Tcp::ConnectionPool::CancelPolicy::Default); upstream_handle_ = nullptr; return true; } return false; } absl::optional protocol() const override { return absl::nullopt; } Upstream::HostDescriptionConstSharedPtr host() const override { return conn_pool_->host(); } bool valid() { return conn_pool_ != nullptr; } // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, Upstream::HostDescriptionConstSharedPtr host) override { upstream_handle_ = nullptr; callbacks_->onPoolFailure(reason, "", host); } void onPoolReady(Envoy::Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) override; private: Envoy::Tcp::ConnectionPool::Instance* conn_pool_; Envoy::Tcp::ConnectionPool::Cancellable* upstream_handle_{}; Router::GenericConnectionPoolCallbacks* callbacks_{}; }; class TcpUpstream : public Router::GenericUpstream, public Envoy::Tcp::ConnectionPool::UpstreamCallbacks { public: TcpUpstream(Router::UpstreamToDownstream* upstream_request, Envoy::Tcp::ConnectionPool::ConnectionDataPtr&& upstream); // GenericUpstream void encodeData(Buffer::Instance& data, bool end_stream) override; void encodeMetadata(const Envoy::Http::MetadataMapVector&) override {} void encodeHeaders(const Envoy::Http::RequestHeaderMap&, bool end_stream) override; void encodeTrailers(const Envoy::Http::RequestTrailerMap&) override; void readDisable(bool disable) override; void resetStream() override; // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; void onEvent(Network::ConnectionEvent event) override; void onAboveWriteBufferHighWatermark() override; void onBelowWriteBufferLowWatermark() override; private: Router::UpstreamToDownstream* upstream_request_; Envoy::Tcp::ConnectionPool::ConnectionDataPtr upstream_conn_data_; }; } // namespace Tcp } // namespace Http } // namespace Upstreams } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/abort_action/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "abort_action_lib", srcs = ["abort_action.cc"], hdrs = ["abort_action.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/server:guarddog_config_interface", "//include/envoy/thread:thread_interface", "//source/common/common:assert_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/watchdog/abort_action/v3alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ ":abort_action_lib", "//include/envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:message_validator_lib", "@envoy_api//envoy/extensions/watchdog/abort_action/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/watchdog/abort_action/abort_action.cc ================================================ #include "extensions/watchdog/abort_action/abort_action.h" #include #include #include "envoy/thread/thread.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace AbortAction { namespace { #ifdef __linux__ pid_t toPlatformTid(int64_t tid) { return static_cast(tid); } #elif defined(__APPLE__) uint64_t toPlatformTid(int64_t tid) { return static_cast(tid); } #endif } // namespace AbortAction::AbortAction( envoy::extensions::watchdog::abort_action::v3alpha::AbortActionConfig& config, Server::Configuration::GuardDogActionFactoryContext& /*context*/) : config_(config){}; void AbortAction::run( envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent /*event*/, const std::vector>& thread_last_checkin_pairs, MonotonicTime /*now*/) { if (thread_last_checkin_pairs.empty()) { ENVOY_LOG_MISC(warn, "Watchdog AbortAction called without any thread."); return; } // The following lines of code won't be considered covered by code coverage // tools since they would run in DEATH tests. int64_t raw_tid = thread_last_checkin_pairs[0].first.getId(); // Assume POSIX-compatible system and signal to the thread. ENVOY_LOG_MISC(error, "Watchdog AbortAction sending abort signal to thread with tid {}.", raw_tid); if (kill(toPlatformTid(raw_tid), SIGABRT) == 0) { // Successfully sent signal, sleep for wait_duration. absl::SleepFor(absl::Milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config_, wait_duration, 0))); } else { // Failed to send the signal, abort? ENVOY_LOG_MISC(error, "Failed to send signal to tid {}", raw_tid); } // Abort from the action since the signaled thread hasn't yet crashed the process. // panicing in the action gives flexibility since it doesn't depend on // external code to kill the process if the signal fails. PANIC(fmt::format("Failed to kill thread with id {}, aborting from Watchdog AbortAction instead.", raw_tid)); } } // namespace AbortAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/abort_action/abort_action.h ================================================ #pragma once #include #include "envoy/extensions/watchdog/abort_action/v3alpha/abort_action.pb.h" #include "envoy/server/guarddog_config.h" #include "envoy/thread/thread.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace AbortAction { /** * A GuardDogAction that will terminate the process by sending SIGABRT to the * stuck thread. This is currently only implemented for systems that * support kill to send signals. */ class AbortAction : public Server::Configuration::GuardDogAction { public: AbortAction(envoy::extensions::watchdog::abort_action::v3alpha::AbortActionConfig& config, Server::Configuration::GuardDogActionFactoryContext& context); void run(envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent event, const std::vector>& thread_last_checkin_pairs, MonotonicTime now) override; private: const envoy::extensions::watchdog::abort_action::v3alpha::AbortActionConfig config_; }; using AbortActionPtr = std::unique_ptr; } // namespace AbortAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/abort_action/config.cc ================================================ #include "extensions/watchdog/abort_action/config.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "common/protobuf/message_validator_impl.h" #include "extensions/watchdog/abort_action/abort_action.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace AbortAction { Server::Configuration::GuardDogActionPtr AbortActionFactory::createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& config, Server::Configuration::GuardDogActionFactoryContext& context) { auto message = createEmptyConfigProto(); Config::Utility::translateOpaqueConfig(config.config().typed_config(), ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), *message); return std::make_unique(dynamic_cast(*message), context); } /** * Static registration for the fixed heap resource monitor factory. @see RegistryFactory. */ REGISTER_FACTORY(AbortActionFactory, Server::Configuration::GuardDogActionFactory); } // namespace AbortAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/abort_action/config.h ================================================ #pragma once #include "envoy/extensions/watchdog/abort_action/v3alpha/abort_action.pb.h" #include "envoy/server/guarddog_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace AbortAction { class AbortActionFactory : public Server::Configuration::GuardDogActionFactory { public: AbortActionFactory() = default; Server::Configuration::GuardDogActionPtr createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& config, Server::Configuration::GuardDogActionFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return "envoy.watchdog.abort_action"; } using AbortActionConfig = envoy::extensions::watchdog::abort_action::v3alpha::AbortActionConfig; }; } // namespace AbortAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/profile_action/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() envoy_cc_library( name = "profile_action_lib", srcs = ["profile_action.cc"], hdrs = ["profile_action.h"], external_deps = [ "abseil_optional", ], deps = [ "//include/envoy/api:api_interface", "//include/envoy/common:time_interface", "//include/envoy/event:timer_interface", "//include/envoy/server:guarddog_config_interface", "//include/envoy/thread:thread_interface", "//source/common/profiler:profiler_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/extensions/watchdog/profile_action/v3alpha:pkg_cc_proto", ], ) envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], security_posture = "data_plane_agnostic", status = "alpha", deps = [ ":profile_action_lib", "//include/envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:message_validator_lib", "@envoy_api//envoy/extensions/watchdog/profile_action/v3alpha:pkg_cc_proto", ], ) ================================================ FILE: source/extensions/watchdog/profile_action/config.cc ================================================ #include "extensions/watchdog/profile_action/config.h" #include "envoy/registry/registry.h" #include "common/config/utility.h" #include "common/protobuf/message_validator_impl.h" #include "extensions/watchdog/profile_action/profile_action.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace ProfileAction { Server::Configuration::GuardDogActionPtr ProfileActionFactory::createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& config, Server::Configuration::GuardDogActionFactoryContext& context) { auto message = createEmptyConfigProto(); Config::Utility::translateOpaqueConfig(config.config().typed_config(), ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), *message); return std::make_unique(dynamic_cast(*message), context); } /** * Static registration for the ProfileAction factory. @see RegistryFactory. */ REGISTER_FACTORY(ProfileActionFactory, Server::Configuration::GuardDogActionFactory); } // namespace ProfileAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/profile_action/config.h ================================================ #pragma once #include "envoy/extensions/watchdog/profile_action/v3alpha/profile_action.pb.h" #include "envoy/server/guarddog_config.h" #include "common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace ProfileAction { class ProfileActionFactory : public Server::Configuration::GuardDogActionFactory { public: ProfileActionFactory() = default; Server::Configuration::GuardDogActionPtr createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& config, Server::Configuration::GuardDogActionFactoryContext& context) override; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return "envoy.watchdog.profile_action"; } private: using ProfileActionConfig = envoy::extensions::watchdog::profile_action::v3alpha::ProfileActionConfig; }; } // namespace ProfileAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/profile_action/profile_action.cc ================================================ #include "extensions/watchdog/profile_action/profile_action.h" #include #include "envoy/thread/thread.h" #include "common/profiler/profiler.h" #include "common/protobuf/utility.h" #include "common/stats/symbol_table_impl.h" #include "absl/strings/str_format.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace ProfileAction { namespace { static constexpr uint64_t DefaultMaxProfiles = 10; std::string generateProfileFilePath(const std::string& directory, const SystemTime& now) { auto timestamp = std::chrono::duration_cast(now.time_since_epoch()).count(); if (absl::EndsWith(directory, "/")) { return absl::StrFormat("%s%s.%d", directory, "ProfileAction", timestamp); } return absl::StrFormat("%s/%s.%d", directory, "ProfileAction", timestamp); } } // namespace ProfileAction::ProfileAction( envoy::extensions::watchdog::profile_action::v3alpha::ProfileActionConfig& config, Server::Configuration::GuardDogActionFactoryContext& context) : path_(config.profile_path()), duration_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, profile_duration, 5000))), max_profiles_(config.max_profiles() == 0 ? DefaultMaxProfiles : config.max_profiles()), profiles_attempted_(context.stats_.counterFromStatName( Stats::StatNameManagedStorage( absl::StrCat(context.guarddog_name_, ".profile_action.attempted"), context.stats_.symbolTable()) .statName())), profiles_successfully_captured_(context.stats_.counterFromStatName( Stats::StatNameManagedStorage( absl::StrCat(context.guarddog_name_, ".profile_action.successfully_captured"), context.stats_.symbolTable()) .statName())), context_(context), timer_cb_(context_.dispatcher_.createTimer([this] { if (Profiler::Cpu::profilerEnabled()) { Profiler::Cpu::stopProfiler(); running_profile_ = false; } else { ENVOY_LOG_MISC(error, "Profile Action's stop() was scheduled, but profiler isn't running!"); return; } if (!context_.api_.fileSystem().fileExists(profile_filename_)) { ENVOY_LOG_MISC(error, "Profile file {} wasn't created!", profile_filename_); } else { profiles_successfully_captured_.inc(); } })) {} void ProfileAction::run( envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent /*event*/, const std::vector>& thread_last_checkin_pairs, MonotonicTime /*now*/) { if (running_profile_) { return; } profiles_attempted_.inc(); // Check if there's a tid that justifies profiling if (thread_last_checkin_pairs.empty()) { ENVOY_LOG_MISC(warn, "Profile Action: No tids were provided."); return; } if (profiles_started_ >= max_profiles_) { ENVOY_LOG_MISC(warn, "Profile Action: Unable to profile: enabled but already wrote {} profiles.", profiles_started_); return; } auto& fs = context_.api_.fileSystem(); if (!fs.directoryExists(path_)) { ENVOY_LOG_MISC(error, "Profile Action: Directory path {} doesn't exist.", path_); return; } // Generate file path for output and try to profile profile_filename_ = generateProfileFilePath(path_, context_.api_.timeSource().systemTime()); if (!Profiler::Cpu::profilerEnabled()) { if (Profiler::Cpu::startProfiler(profile_filename_)) { // Update state running_profile_ = true; ++profiles_started_; // Schedule callback to stop timer_cb_->enableTimer(duration_); } else { ENVOY_LOG_MISC(error, "Profile Action failed to start the profiler."); } } else { ENVOY_LOG_MISC(error, "Profile Action unable to start the profiler as it is in use elsewhere."); } } } // namespace ProfileAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/extensions/watchdog/profile_action/profile_action.h ================================================ #pragma once #include #include "envoy/extensions/watchdog/profile_action/v3alpha/profile_action.pb.h" #include "envoy/server/guarddog_config.h" #include "envoy/thread/thread.h" #include "absl/types/optional.h" namespace Envoy { namespace Extensions { namespace Watchdog { namespace ProfileAction { /** * A GuardDogAction that will start CPU profiling. */ class ProfileAction : public Server::Configuration::GuardDogAction { public: ProfileAction(envoy::extensions::watchdog::profile_action::v3alpha::ProfileActionConfig& config, Server::Configuration::GuardDogActionFactoryContext& context); void run(envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent event, const std::vector>& thread_last_checkin_pairs, MonotonicTime now) override; private: const std::string path_; const std::chrono::milliseconds duration_; const uint64_t max_profiles_; bool running_profile_ = false; std::string profile_filename_; Stats::Counter& profiles_attempted_; Stats::Counter& profiles_successfully_captured_; uint64_t profiles_started_ = 0; Server::Configuration::GuardDogActionFactoryContext& context_; Event::TimerPtr timer_cb_; }; using ProfileActionPtr = std::unique_ptr; } // namespace ProfileAction } // namespace Watchdog } // namespace Extensions } // namespace Envoy ================================================ FILE: source/server/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", "envoy_proto_library", "envoy_select_hot_restart", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "backtrace_lib", srcs = ["backtrace.cc"], hdrs = ["backtrace.h"], external_deps = [ "abseil_stacktrace", "abseil_symbolize", ], tags = ["backtrace"], deps = [ "//source/common/common:minimal_logger_lib", "//source/common/version:version_lib", ], ) envoy_cc_library( name = "configuration_lib", srcs = ["configuration_impl.cc"], hdrs = ["configuration_impl.h"], deps = [ "//include/envoy/config:typed_config_interface", "//include/envoy/http:filter_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:filter_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:configuration_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/server:instance_interface", "//include/envoy/server:tracer_config_interface", "//include/envoy/ssl:context_manager_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:runtime_utility_lib", "//source/common/config:utility_lib", "//source/common/network:default_socket_interface_lib", "//source/common/network:resolver_lib", "//source/common/network:socket_interface_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:socket_option_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "connection_handler_lib", srcs = ["connection_handler_impl.cc"], hdrs = ["connection_handler_impl.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/event:deferred_deletable", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:connection_handler_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:exception_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/network:listener_interface", "//include/envoy/server:active_udp_listener_config_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/common:non_copyable", "//source/common/event:deferred_task", "//source/common/network:connection_lib", "//source/common/stats:timespan_lib", "//source/common/stream_info:stream_info_lib", "//source/extensions/transport_sockets:well_known_names", ], ) envoy_cc_library( name = "drain_manager_lib", srcs = ["drain_manager_impl.cc"], hdrs = [ "drain_manager_impl.h", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/runtime:runtime_interface", "//include/envoy/server:drain_manager_interface", "//include/envoy/server:instance_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "guarddog_lib", srcs = ["guarddog_impl.cc"], hdrs = ["guarddog_impl.h"], external_deps = ["abseil_optional"], deps = [ ":watchdog_lib", "//include/envoy/api:api_interface", "//include/envoy/common:time_interface", "//include/envoy/event:timer_interface", "//include/envoy/server:configuration_interface", "//include/envoy/server:guarddog_config_interface", "//include/envoy/server:guarddog_interface", "//include/envoy/server:watchdog_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread:thread_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//source/common/config:utility_lib", "//source/common/event:libevent_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_proto_library( name = "hot_restart", srcs = ["hot_restart.proto"], ) envoy_cc_library( name = "hot_restarting_base", srcs = envoy_select_hot_restart(["hot_restarting_base.cc"]), hdrs = envoy_select_hot_restart(["hot_restarting_base.h"]), deps = [ ":hot_restart_cc_proto", "//include/envoy/api:os_sys_calls_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/server:hot_restart_interface", "//include/envoy/server:instance_interface", "//include/envoy/server:options_interface", "//include/envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/network:utility_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "hot_restarting_child", srcs = envoy_select_hot_restart(["hot_restarting_child.cc"]), hdrs = envoy_select_hot_restart(["hot_restarting_child.h"]), deps = [ ":hot_restarting_base", "//source/common/stats:stat_merger_lib", ], ) envoy_cc_library( name = "hot_restarting_parent", srcs = envoy_select_hot_restart(["hot_restarting_parent.cc"]), hdrs = envoy_select_hot_restart(["hot_restarting_parent.h"]), deps = [ ":hot_restarting_base", ":listener_manager_lib", "//source/common/memory:stats_lib", "//source/common/stats:stat_merger_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], ) envoy_cc_library( name = "hot_restart_lib", srcs = envoy_select_hot_restart(["hot_restart_impl.cc"]), hdrs = envoy_select_hot_restart(["hot_restart_impl.h"]), deps = [ ":hot_restarting_child", ":hot_restarting_parent", "//include/envoy/api:os_sys_calls_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:file_event_interface", "//include/envoy/server:hot_restart_interface", "//include/envoy/server:instance_interface", "//include/envoy/server:options_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/stats:allocator_lib", ], ) envoy_cc_library( name = "hot_restart_nop_lib", hdrs = ["hot_restart_nop_impl.h"], deps = [ "//include/envoy/server:hot_restart_interface", "//source/common/stats:allocator_lib", ], ) envoy_cc_library( name = "options_lib", srcs = ["options_impl.cc"] + select({ "//bazel:linux_x86_64": ["options_impl_platform_linux.cc"], "//bazel:linux_aarch64": ["options_impl_platform_linux.cc"], "//bazel:linux_ppc": ["options_impl_platform_linux.cc"], "//bazel:linux_mips64": ["options_impl_platform_linux.cc"], "//conditions:default": ["options_impl_platform_default.cc"], }), hdrs = [ "options_impl.h", "options_impl_platform.h", ] + select({ "//bazel:linux_x86_64": ["options_impl_platform_linux.h"], "//bazel:linux_aarch64": ["options_impl_platform_linux.h"], "//bazel:linux_ppc": ["options_impl_platform_linux.h"], "//bazel:linux_mips64": ["options_impl_platform_linux.h"], "//conditions:default": [], }), # TCLAP command line parser needs this to support int64_t/uint64_t in several build environments. copts = ["-DHAVE_LONG_LONG"], external_deps = ["tclap"], deps = [ "//include/envoy/network:address_interface", "//include/envoy/registry", "//include/envoy/server:options_interface", "//include/envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:logger_lib", "//source/common/common:macros", "//source/common/protobuf:utility_lib", "//source/common/stats:stats_lib", "//source/common/version:version_lib", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", ], ) envoy_cc_library( name = "overload_manager_lib", srcs = ["overload_manager_impl.cc"], hdrs = ["overload_manager_impl.h"], deps = [ "//include/envoy/server:overload_manager_interface", "//include/envoy/stats:stats_interface", "//include/envoy/thread_local:thread_local_interface", "//source/common/common:logger_lib", "//source/common/config:utility_lib", "//source/common/stats:symbol_table_lib", "//source/server:resource_monitor_config_lib", "@envoy_api//envoy/config/overload/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "lds_api_lib", srcs = ["lds_api.cc"], hdrs = ["lds_api.h"], deps = [ "//include/envoy/config:subscription_factory_interface", "//include/envoy/config:subscription_interface", "//include/envoy/init:manager_interface", "//include/envoy/server:listener_manager_interface", "//source/common/common:cleanup_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", "//source/common/config:utility_lib", "//source/common/init:target_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) # TODO(junr03): actually separate this lib from the listener and api listener lib. # this can be done if the parent_ in the listener and the api listener becomes the ListenerManager interface. # the issue right now is that the listener's reach into the listener manager's server_ instance variable. envoy_cc_library( name = "listener_manager_lib", srcs = [ "api_listener_impl.cc", "listener_impl.cc", "listener_manager_impl.cc", ], hdrs = [ "api_listener_impl.h", "listener_impl.h", "listener_manager_impl.h", ], deps = [ ":configuration_lib", ":drain_manager_lib", ":filter_chain_manager_lib", ":lds_api_lib", ":transport_socket_config_lib", ":well_known_names_lib", "//include/envoy/access_log:access_log_interface", "//include/envoy/network:connection_interface", "//include/envoy/network:udp_packet_writer_config_interface", "//include/envoy/server:active_udp_listener_config_interface", "//include/envoy/server:api_listener_interface", "//include/envoy/server:filter_config_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/server:transport_socket_config_interface", "//include/envoy/server:worker_interface", "//source/common/access_log:access_log_lib", "//source/common/common:basic_resource_lib", "//source/common/common:empty_string", "//source/common/config:utility_lib", "//source/common/config:version_converter_lib", "//source/common/http:conn_manager_lib", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/network:connection_balancer_lib", "//source/common/network:filter_matcher_lib", "//source/common/network:listen_socket_lib", "//source/common/network:listener_lib", "//source/common/network:resolver_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/stream_info:stream_info_lib", "//source/extensions/filters/listener:well_known_names", "//source/extensions/filters/network/http_connection_manager:config", "//source/extensions/transport_sockets:well_known_names", "//source/extensions/upstreams/http/generic:config", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/api/v2/listener:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/listener/proxy_protocol/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_chain_manager_lib", srcs = ["filter_chain_manager_impl.cc"], hdrs = ["filter_chain_manager_impl.h"], deps = [ ":filter_chain_factory_context_callback", "//include/envoy/server:instance_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/server:transport_socket_config_interface", "//source/common/common:empty_string", "//source/common/config:utility_lib", "//source/common/init:manager_lib", "//source/common/network:cidr_range_lib", "//source/common/network:lc_trie_lib", "//source/server:configuration_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "process_context_lib", hdrs = ["process_context_impl.h"], deps = ["//include/envoy/server:process_context_interface"], ) envoy_cc_library( name = "proto_descriptors_lib", srcs = ["proto_descriptors.cc"], hdrs = ["proto_descriptors.h"], deps = [ "//source/common/common:assert_lib", "//source/common/config:protobuf_link_hacks", "//source/common/protobuf", ], ) envoy_cc_library( name = "resource_monitor_config_lib", hdrs = ["resource_monitor_config_impl.h"], deps = [ "//include/envoy/server:resource_monitor_config_interface", ], ) envoy_cc_library( name = "server_lib", srcs = ["server.cc"], hdrs = ["server.h"], external_deps = [ "abseil_node_hash_map", "abseil_optional", ], deps = [ ":active_raw_udp_listener_config", ":configuration_lib", ":connection_handler_lib", ":guarddog_lib", ":listener_hooks_lib", ":listener_manager_lib", ":ssl_context_manager_lib", ":worker_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:signal_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:dns_interface", "//include/envoy/server:bootstrap_extension_config_interface", "//include/envoy/server:drain_manager_interface", "//include/envoy/server:instance_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/server:options_interface", "//include/envoy/server:process_context_interface", "//include/envoy/stats:stats_macros", "//include/envoy/tracing:http_tracer_interface", "//include/envoy/upstream:cluster_manager_interface", "//source/common/access_log:access_log_manager_lib", "//source/common/api:api_lib", "//source/common/common:cleanup_lib", "//source/common/common:logger_lib", "//source/common/common:mutex_tracer_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/grpc:async_client_manager_lib", "//source/common/grpc:context_lib", "//source/common/http:codes_lib", "//source/common/http:context_lib", "//source/common/init:manager_lib", "//source/common/local_info:local_info_lib", "//source/common/memory:heap_shrinker_lib", "//source/common/memory:stats_lib", "//source/common/protobuf:utility_lib", "//source/common/router:rds_lib", "//source/common/runtime:runtime_lib", "//source/common/secret:secret_manager_impl_lib", "//source/common/singleton:manager_impl_lib", "//source/common/stats:thread_local_store_lib", "//source/common/upstream:cluster_manager_lib", "//source/common/upstream:health_discovery_service_lib", "//source/common/version:version_lib", "//source/server:overload_manager_lib", "//source/server/admin:admin_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "ssl_context_manager_lib", srcs = ["ssl_context_manager.cc"], hdrs = ["ssl_context_manager.h"], deps = [ "//include/envoy/registry", "//include/envoy/ssl:context_manager_interface", ], ) envoy_cc_library( name = "listener_hooks_lib", hdrs = ["listener_hooks.h"], ) envoy_cc_library( name = "watchdog_lib", srcs = ["watchdog_impl.cc"], hdrs = ["watchdog_impl.h"], deps = [ "//include/envoy/common:time_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/server:watchdog_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "worker_lib", srcs = ["worker_impl.cc"], hdrs = ["worker_impl.h"], deps = [ ":connection_handler_lib", ":listener_hooks_lib", "//include/envoy/api:api_interface", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//include/envoy/network:exception_interface", "//include/envoy/server:configuration_interface", "//include/envoy/server:guarddog_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/server:worker_interface", "//include/envoy/thread:thread_interface", "//include/envoy/thread_local:thread_local_interface", ], ) envoy_cc_library( name = "transport_socket_config_lib", hdrs = ["transport_socket_config_impl.h"], deps = [ "//include/envoy/server:transport_socket_config_interface", ], ) envoy_cc_library( name = "well_known_names_lib", hdrs = ["well_known_names.h"], deps = ["//source/common/singleton:const_singleton"], ) envoy_cc_library( name = "active_raw_udp_listener_config", srcs = ["active_raw_udp_listener_config.cc"], hdrs = ["active_raw_udp_listener_config.h"], deps = [ ":connection_handler_lib", ":well_known_names_lib", "//include/envoy/registry", "//include/envoy/server:active_udp_listener_config_interface", "@envoy_api//envoy/api/v2/listener:pkg_cc_proto", ], ) envoy_cc_library( name = "filter_chain_factory_context_callback", hdrs = ["filter_chain_factory_context_callback.h"], deps = [ "//include/envoy/server:filter_config_interface", "@envoy_api//envoy/api/v2/listener:pkg_cc_proto", ], ) ================================================ FILE: source/server/active_raw_udp_listener_config.cc ================================================ #include "server/active_raw_udp_listener_config.h" #include #include #include "envoy/api/v2/listener/listener.pb.h" #include "server/connection_handler_impl.h" #include "server/well_known_names.h" namespace Envoy { namespace Server { ActiveRawUdpListenerFactory::ActiveRawUdpListenerFactory(uint32_t concurrency) : concurrency_(concurrency) {} Network::ConnectionHandler::ActiveUdpListenerPtr ActiveRawUdpListenerFactory::createActiveUdpListener(uint32_t worker_index, Network::ConnectionHandler& parent, Event::Dispatcher& dispatcher, Network::ListenerConfig& config) { return std::make_unique(worker_index, concurrency_, parent, dispatcher, config); } ProtobufTypes::MessagePtr ActiveRawUdpListenerConfigFactory::createEmptyConfigProto() { return std::make_unique(); } Network::ActiveUdpListenerFactoryPtr ActiveRawUdpListenerConfigFactory::createActiveUdpListenerFactory( const Protobuf::Message& /*message*/, uint32_t concurrency) { return std::make_unique(concurrency); } std::string ActiveRawUdpListenerConfigFactory::name() const { return UdpListenerNames::get().RawUdp; } REGISTER_FACTORY(ActiveRawUdpListenerConfigFactory, Server::ActiveUdpListenerConfigFactory); } // namespace Server } // namespace Envoy ================================================ FILE: source/server/active_raw_udp_listener_config.h ================================================ #pragma once #include "envoy/network/connection_handler.h" #include "envoy/registry/registry.h" #include "envoy/server/active_udp_listener_config.h" namespace Envoy { namespace Server { class ActiveRawUdpListenerFactory : public Network::ActiveUdpListenerFactory { public: ActiveRawUdpListenerFactory(uint32_t concurrency); Network::ConnectionHandler::ActiveUdpListenerPtr createActiveUdpListener(uint32_t worker_index, Network::ConnectionHandler& parent, Event::Dispatcher& disptacher, Network::ListenerConfig& config) override; bool isTransportConnectionless() const override { return true; } private: const uint32_t concurrency_; }; // This class uses a protobuf config to create a UDP listener factory which // creates a Server::ConnectionHandlerImpl::ActiveUdpListener. // This is the default UDP listener if not specified in config. class ActiveRawUdpListenerConfigFactory : public ActiveUdpListenerConfigFactory { public: ProtobufTypes::MessagePtr createEmptyConfigProto() override; Network::ActiveUdpListenerFactoryPtr createActiveUdpListenerFactory(const Protobuf::Message&, uint32_t concurrency) override; std::string name() const override; }; DECLARE_FACTORY(ActiveRawUdpListenerConfigFactory); } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "admin_lib", srcs = ["admin.cc"], hdrs = ["admin.h"], deps = [ ":admin_filter_lib", ":clusters_handler_lib", ":config_dump_handler_lib", ":config_tracker_lib", ":init_dump_handler_lib", ":listeners_handler_lib", ":logs_handler_lib", ":profiling_handler_lib", ":runtime_handler_lib", ":server_cmd_handler_lib", ":server_info_handler_lib", ":stats_handler_lib", ":utils_lib", "//include/envoy/filesystem:filesystem_interface", "//include/envoy/http:filter_interface", "//include/envoy/http:request_id_extension_interface", "//include/envoy/network:filter_interface", "//include/envoy/network:listen_socket_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:hot_restart_interface", "//include/envoy/server:instance_interface", "//include/envoy/server:listener_manager_interface", "//include/envoy/server:options_interface", "//source/common/access_log:access_log_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:basic_resource_lib", "//source/common/common:empty_string", "//source/common/common:macros", "//source/common/common:minimal_logger_lib", "//source/common/common:mutex_tracer_lib", "//source/common/common:utility_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/html:utility_lib", "//source/common/http:codes_lib", "//source/common/http:conn_manager_lib", "//source/common/http:date_provider_lib", "//source/common/http:default_server_string_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:request_id_extension_lib", "//source/common/http:utility_lib", "//source/common/memory:utils_lib", "//source/common/network:connection_balancer_lib", "//source/common/network:listen_socket_lib", "//source/common/network:raw_buffer_socket_lib", "//source/common/network:utility_lib", "//source/common/router:config_lib", "//source/common/router:scoped_config_lib", "//source/common/stats:isolated_store_lib", "//source/extensions/access_loggers/file:file_access_log_lib", "//source/server:listener_manager_lib", ], ) envoy_cc_library( name = "admin_filter_lib", srcs = ["admin_filter.cc"], hdrs = ["admin_filter.h"], deps = [ ":utils_lib", "//include/envoy/http:filter_interface", "//include/envoy/server:admin_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", ], ) envoy_cc_library( name = "handler_ctx_lib", hdrs = ["handler_ctx.h"], deps = [ "//include/envoy/server:instance_interface", ], ) envoy_cc_library( name = "stats_handler_lib", srcs = ["stats_handler.cc"], hdrs = ["stats_handler.h"], deps = [ ":handler_ctx_lib", ":prometheus_stats_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/html:utility_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/stats:histogram_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "prometheus_stats_lib", srcs = ["prometheus_stats.cc"], hdrs = ["prometheus_stats.h"], deps = [ ":utils_lib", "//source/common/buffer:buffer_lib", "//source/common/stats:histogram_lib", ], ) envoy_cc_library( name = "listeners_handler_lib", srcs = ["listeners_handler.cc"], hdrs = ["listeners_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "runtime_handler_lib", srcs = ["runtime_handler.cc"], hdrs = ["runtime_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_library( name = "logs_handler_lib", srcs = ["logs_handler.cc"], hdrs = ["logs_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_library( name = "profiling_handler_lib", srcs = ["profiling_handler.cc"], hdrs = ["profiling_handler.h"], deps = [ ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/profiler:profiler_lib", ], ) envoy_cc_library( name = "server_cmd_handler_lib", srcs = ["server_cmd_handler.cc"], hdrs = ["server_cmd_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_library( name = "server_info_handler_lib", srcs = ["server_info_handler.cc"], hdrs = ["server_info_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/memory:stats_lib", "//source/common/version:version_includes", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "clusters_handler_lib", srcs = ["clusters_handler.cc"], hdrs = ["clusters_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/upstream:host_utility_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config_dump_handler_lib", srcs = ["config_dump_handler.cc"], hdrs = ["config_dump_handler.h"], deps = [ ":config_tracker_lib", ":handler_ctx_lib", ":utils_lib", "//include/envoy/http:codes_interface", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "init_dump_handler_lib", srcs = ["init_dump_handler.cc"], hdrs = ["init_dump_handler.h"], deps = [ ":handler_ctx_lib", ":utils_lib", "//include/envoy/server:admin_interface", "//include/envoy/server:instance_interface", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "utils_lib", srcs = ["utils.cc"], hdrs = ["utils.h"], deps = [ "//include/envoy/init:manager_interface", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "config_tracker_lib", srcs = ["config_tracker_impl.cc"], hdrs = ["config_tracker_impl.h"], deps = [ "//include/envoy/server:config_tracker_interface", "//source/common/common:assert_lib", "//source/common/common:macros", ], ) ================================================ FILE: source/server/admin/admin.cc ================================================ #include "server/admin/admin.h" #include #include #include #include #include #include #include "envoy/filesystem/filesystem.h" #include "envoy/server/hot_restart.h" #include "envoy/server/instance.h" #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/upstream.h" #include "common/access_log/access_log_impl.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/common/mutex_tracer_impl.h" #include "common/common/utility.h" #include "common/formatter/substitution_formatter.h" #include "common/html/utility.h" #include "common/http/codes.h" #include "common/http/conn_manager_utility.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/memory/utils.h" #include "common/network/listen_socket_impl.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "common/router/config_impl.h" #include "server/admin/utils.h" #include "server/listener_impl.h" #include "extensions/access_loggers/file/file_access_log_impl.h" #include "absl/strings/str_join.h" #include "absl/strings/str_replace.h" #include "absl/strings/string_view.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Server { namespace { /** * Favicon base64 image was harvested by screen-capturing the favicon from a Chrome tab * while visiting https://www.envoyproxy.io/. The resulting PNG was translated to base64 * by dropping it into https://www.base64-image.de/ and then pasting the resulting string * below. * * The actual favicon source for that, https://www.envoyproxy.io/img/favicon.ico is nicer * because it's transparent, but is also 67646 bytes, which is annoying to inline. We could * just reference that rather than inlining it, but then the favicon won't work when visiting * the admin page from a network that can't see the internet. */ const char EnvoyFavicon[] = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAARnQU1" "BAACxjwv8YQUAAAAJcEhZcwAAEnQAABJ0Ad5mH3gAAAH9SURBVEhL7ZRdTttAFIUrUFaAX5w9gIhgUfzshFRK+gIbaVbA" "zwaqCly1dSpKk5A485/YCdXpHTB4BsdgVe0bD0cZ3Xsm38yZ8byTUuJ/6g3wqqoBrBhPTzmmLfptMbAzttJTpTKAF2MWC" "7ADCdNIwXZpvMMwayiIwwS874CcOc9VuQPR1dBBChPMITpFXXU45hukIIH6kHhzVqkEYB8F5HYGvZ5B7EvwmHt9K/59Cr" "U3QbY2RNYaQPYmJc+jPIBICNCcg20ZsAsCPfbcrFlRF+cJZpvXSJt9yMTxO/IAzJrCOfhJXiOgFEX/SbZmezTWxyNk4Q9" "anHMmjnzAhEyhAW8LCE6wl26J7ZFHH1FMYQxh567weQBOO1AW8D7P/UXAQySq/QvL8Fu9HfCEw4SKALm5BkC3bwjwhSKr" "A5hYAMXTJnPNiMyRBVzVjcgCyHiSm+8P+WGlnmwtP2RzbCMiQJ0d2KtmmmPorRHEhfMROVfTG5/fYrF5iWXzE80tfy9WP" "sCqx5Buj7FYH0LvDyHiqd+3otpsr4/fa5+xbEVQPfrYnntylQG5VGeMLBhgEfyE7o6e6qYzwHIjwl0QwXSvvTmrVAY4D5" "ddvT64wV0jRrr7FekO/XEjwuwwhuw7Ef7NY+dlfXpLb06EtHUJdVbsxvNUqBrwj/QGeEUSfwBAkmWHn5Bb/gAAAABJRU5" "ErkJggg=="; const char AdminHtmlStart[] = R"( Envoy Admin )"; const char AdminHtmlEnd[] = R"(
    Command Description
    )"; } // namespace ConfigTracker& AdminImpl::getConfigTracker() { return config_tracker_; } AdminImpl::NullRouteConfigProvider::NullRouteConfigProvider(TimeSource& time_source) : config_(new Router::NullConfigImpl()), time_source_(time_source) {} void AdminImpl::startHttpListener(const std::string& access_log_path, const std::string& address_out_path, Network::Address::InstanceConstSharedPtr address, const Network::Socket::OptionsSharedPtr& socket_options, Stats::ScopePtr&& listener_scope) { // TODO(mattklein123): Allow admin to use normal access logger extension loading and avoid the // hard dependency here. access_logs_.emplace_back(new Extensions::AccessLoggers::File::FileAccessLog( access_log_path, {}, Formatter::SubstitutionFormatUtils::defaultSubstitutionFormatter(), server_.accessLogManager())); null_overload_manager_.start(); socket_ = std::make_shared(address, socket_options, true); socket_factory_ = std::make_shared(socket_); listener_ = std::make_unique(*this, std::move(listener_scope)); if (!address_out_path.empty()) { std::ofstream address_out_file(address_out_path); if (!address_out_file) { ENVOY_LOG(critical, "cannot open admin address output file {} for writing.", address_out_path); } else { address_out_file << socket_->localAddress()->asString(); } } } AdminImpl::AdminImpl(const std::string& profile_path, Server::Instance& server) : server_(server), request_id_extension_(Http::RequestIDExtensionFactory::defaultInstance( server_.api().randomGenerator())), profile_path_(profile_path), stats_(Http::ConnectionManagerImpl::generateStats("http.admin.", server_.stats())), null_overload_manager_(server_.threadLocal()), tracing_stats_( Http::ConnectionManagerImpl::generateTracingStats("http.admin.", no_op_store_)), route_config_provider_(server.timeSource()), scoped_route_config_provider_(server.timeSource()), clusters_handler_(server), config_dump_handler_(config_tracker_, server), init_dump_handler_(server), stats_handler_(server), logs_handler_(server), profiling_handler_(profile_path), runtime_handler_(server), listeners_handler_(server), server_cmd_handler_(server), server_info_handler_(server), // TODO(jsedgwick) add /runtime_reset endpoint that removes all admin-set values handlers_{ {"/", "Admin home page", MAKE_ADMIN_HANDLER(handlerAdminHome), false, false}, {"/certs", "print certs on machine", MAKE_ADMIN_HANDLER(server_info_handler_.handlerCerts), false, false}, {"/clusters", "upstream cluster status", MAKE_ADMIN_HANDLER(clusters_handler_.handlerClusters), false, false}, {"/config_dump", "dump current Envoy configs (experimental)", MAKE_ADMIN_HANDLER(config_dump_handler_.handlerConfigDump), false, false}, {"/init_dump", "dump current Envoy init manager information (experimental)", MAKE_ADMIN_HANDLER(init_dump_handler_.handlerInitDump), false, false}, {"/contention", "dump current Envoy mutex contention stats (if enabled)", MAKE_ADMIN_HANDLER(stats_handler_.handlerContention), false, false}, {"/cpuprofiler", "enable/disable the CPU profiler", MAKE_ADMIN_HANDLER(profiling_handler_.handlerCpuProfiler), false, true}, {"/heapprofiler", "enable/disable the heap profiler", MAKE_ADMIN_HANDLER(profiling_handler_.handlerHeapProfiler), false, true}, {"/healthcheck/fail", "cause the server to fail health checks", MAKE_ADMIN_HANDLER(server_cmd_handler_.handlerHealthcheckFail), false, true}, {"/healthcheck/ok", "cause the server to pass health checks", MAKE_ADMIN_HANDLER(server_cmd_handler_.handlerHealthcheckOk), false, true}, {"/help", "print out list of admin commands", MAKE_ADMIN_HANDLER(handlerHelp), false, false}, {"/hot_restart_version", "print the hot restart compatibility version", MAKE_ADMIN_HANDLER(server_info_handler_.handlerHotRestartVersion), false, false}, {"/logging", "query/change logging levels", MAKE_ADMIN_HANDLER(logs_handler_.handlerLogging), false, true}, {"/memory", "print current allocation/heap usage", MAKE_ADMIN_HANDLER(server_info_handler_.handlerMemory), false, false}, {"/quitquitquit", "exit the server", MAKE_ADMIN_HANDLER(server_cmd_handler_.handlerQuitQuitQuit), false, true}, {"/reset_counters", "reset all counters to zero", MAKE_ADMIN_HANDLER(stats_handler_.handlerResetCounters), false, true}, {"/drain_listeners", "drain listeners", MAKE_ADMIN_HANDLER(listeners_handler_.handlerDrainListeners), false, true}, {"/server_info", "print server version/status information", MAKE_ADMIN_HANDLER(server_info_handler_.handlerServerInfo), false, false}, {"/ready", "print server state, return 200 if LIVE, otherwise return 503", MAKE_ADMIN_HANDLER(server_info_handler_.handlerReady), false, false}, {"/stats", "print server stats", MAKE_ADMIN_HANDLER(stats_handler_.handlerStats), false, false}, {"/stats/prometheus", "print server stats in prometheus format", MAKE_ADMIN_HANDLER(stats_handler_.handlerPrometheusStats), false, false}, {"/stats/recentlookups", "Show recent stat-name lookups", MAKE_ADMIN_HANDLER(stats_handler_.handlerStatsRecentLookups), false, false}, {"/stats/recentlookups/clear", "clear list of stat-name lookups and counter", MAKE_ADMIN_HANDLER(stats_handler_.handlerStatsRecentLookupsClear), false, true}, {"/stats/recentlookups/disable", "disable recording of reset stat-name lookup names", MAKE_ADMIN_HANDLER(stats_handler_.handlerStatsRecentLookupsDisable), false, true}, {"/stats/recentlookups/enable", "enable recording of reset stat-name lookup names", MAKE_ADMIN_HANDLER(stats_handler_.handlerStatsRecentLookupsEnable), false, true}, {"/listeners", "print listener info", MAKE_ADMIN_HANDLER(listeners_handler_.handlerListenerInfo), false, false}, {"/runtime", "print runtime values", MAKE_ADMIN_HANDLER(runtime_handler_.handlerRuntime), false, false}, {"/runtime_modify", "modify runtime values", MAKE_ADMIN_HANDLER(runtime_handler_.handlerRuntimeModify), false, true}, {"/reopen_logs", "reopen access logs", MAKE_ADMIN_HANDLER(logs_handler_.handlerReopenLogs), false, true}, }, date_provider_(server.dispatcher().timeSource()), admin_filter_chain_(std::make_shared()), local_reply_(LocalReply::Factory::createDefault()) {} Http::ServerConnectionPtr AdminImpl::createCodec(Network::Connection& connection, const Buffer::Instance& data, Http::ServerConnectionCallbacks& callbacks) { return Http::ConnectionManagerUtility::autoCreateCodec( connection, data, callbacks, server_.stats(), server_.api().randomGenerator(), http1_codec_stats_, http2_codec_stats_, Http::Http1Settings(), ::Envoy::Http2::Utility::initializeAndValidateOptions( envoy::config::core::v3::Http2ProtocolOptions()), maxRequestHeadersKb(), maxRequestHeadersCount(), headersWithUnderscoresAction()); } bool AdminImpl::createNetworkFilterChain(Network::Connection& connection, const std::vector&) { // Pass in the null overload manager so that the admin interface is accessible even when Envoy is // overloaded. connection.addReadFilter(Network::ReadFilterSharedPtr{new Http::ConnectionManagerImpl( *this, server_.drainManager(), server_.api().randomGenerator(), server_.httpContext(), server_.runtime(), server_.localInfo(), server_.clusterManager(), null_overload_manager_, server_.timeSource())}); return true; } void AdminImpl::createFilterChain(Http::FilterChainFactoryCallbacks& callbacks) { callbacks.addStreamFilter(std::make_shared(createCallbackFunction())); } Http::Code AdminImpl::runCallback(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream& admin_stream) { Http::Code code = Http::Code::OK; bool found_handler = false; std::string::size_type query_index = path_and_query.find('?'); if (query_index == std::string::npos) { query_index = path_and_query.size(); } for (const UrlHandler& handler : handlers_) { if (path_and_query.compare(0, query_index, handler.prefix_) == 0) { found_handler = true; if (handler.mutates_server_state_) { const absl::string_view method = admin_stream.getRequestHeaders().getMethodValue(); if (method != Http::Headers::get().MethodValues.Post) { ENVOY_LOG(error, "admin path \"{}\" mutates state, method={} rather than POST", handler.prefix_, method); code = Http::Code::MethodNotAllowed; response.add(fmt::format("Method {} not allowed, POST required.", method)); break; } } code = handler.handler_(path_and_query, response_headers, response, admin_stream); Memory::Utils::tryShrinkHeap(); break; } } if (!found_handler) { // Extra space is emitted below to have "invalid path." be a separate sentence in the // 404 output from "admin commands are:" in handlerHelp. response.add("invalid path. "); handlerHelp(path_and_query, response_headers, response, admin_stream); code = Http::Code::NotFound; } return code; } std::vector AdminImpl::sortedHandlers() const { std::vector sorted_handlers; for (const UrlHandler& handler : handlers_) { sorted_handlers.push_back(&handler); } // Note: it's generally faster to sort a vector with std::vector than to construct a std::map. std::sort(sorted_handlers.begin(), sorted_handlers.end(), [](const UrlHandler* h1, const UrlHandler* h2) { return h1->prefix_ < h2->prefix_; }); return sorted_handlers; } Http::Code AdminImpl::handlerHelp(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { response.add("admin commands are:\n"); // Prefix order is used during searching, but for printing do them in alpha order. for (const UrlHandler* handler : sortedHandlers()) { response.add(fmt::format(" {}: {}\n", handler->prefix_, handler->help_text_)); } return Http::Code::OK; } Http::Code AdminImpl::handlerAdminHome(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Html); response.add(absl::StrReplaceAll(AdminHtmlStart, {{"@FAVICON@", EnvoyFavicon}})); // Prefix order is used during searching, but for printing do them in alpha order. for (const UrlHandler* handler : sortedHandlers()) { absl::string_view path = handler->prefix_; if (path == "/") { continue; // No need to print self-link to index page. } // Remove the leading slash from the link, so that the admin page can be // rendered as part of another console, on a sub-path. // // E.g. consider a downstream dashboard that embeds the Envoy admin console. // In that case, the "/stats" endpoint would be at // https://DASHBOARD/envoy_admin/stats. If the links we present on the home // page are absolute (e.g. "/stats") they won't work in the context of the // dashboard. Removing the leading slash, they will work properly in both // the raw admin console and when embedded in another page and URL // hierarchy. ASSERT(!path.empty()); ASSERT(path[0] == '/'); path = path.substr(1); // For handlers that mutate state, render the link as a button in a POST form, // rather than an anchor tag. This should discourage crawlers that find the / // page from accidentally mutating all the server state by GETting all the hrefs. const char* link_format = handler->mutates_server_state_ ? "
    " : "{}"; const std::string link = fmt::format(link_format, path, path); // Handlers are all specified by statically above, and are thus trusted and do // not require escaping. response.add(fmt::format("{}" "{}\n", link, Html::Utility::sanitize(handler->help_text_))); } response.add(AdminHtmlEnd); return Http::Code::OK; } const Network::Address::Instance& AdminImpl::localAddress() { return *server_.localInfo().address(); } bool AdminImpl::addHandler(const std::string& prefix, const std::string& help_text, HandlerCb callback, bool removable, bool mutates_state) { ASSERT(prefix.size() > 1); ASSERT(prefix[0] == '/'); // Sanitize prefix and help_text to ensure no XSS can be injected, as // we are injecting these strings into HTML that runs in a domain that // can mutate Envoy server state. Also rule out some characters that // make no sense as part of a URL path: ? and :. const std::string::size_type pos = prefix.find_first_of("&\"'<>?:"); if (pos != std::string::npos) { ENVOY_LOG(error, "filter \"{}\" contains invalid character '{}'", prefix, prefix[pos]); return false; } auto it = std::find_if(handlers_.cbegin(), handlers_.cend(), [&prefix](const UrlHandler& entry) { return prefix == entry.prefix_; }); if (it == handlers_.end()) { handlers_.push_back({prefix, help_text, callback, removable, mutates_state}); return true; } return false; } bool AdminImpl::removeHandler(const std::string& prefix) { const size_t size_before_removal = handlers_.size(); handlers_.remove_if( [&prefix](const UrlHandler& entry) { return prefix == entry.prefix_ && entry.removable_; }); if (handlers_.size() != size_before_removal) { return true; } return false; } Http::Code AdminImpl::request(absl::string_view path_and_query, absl::string_view method, Http::ResponseHeaderMap& response_headers, std::string& body) { AdminFilter filter(createCallbackFunction()); auto request_headers = Http::RequestHeaderMapImpl::create(); request_headers->setMethod(method); filter.decodeHeaders(*request_headers, false); Buffer::OwnedImpl response; Http::Code code = runCallback(path_and_query, response_headers, response, filter); Utility::populateFallbackResponseHeaders(code, response_headers); body = response.toString(); return code; } void AdminImpl::closeSocket() { if (socket_) { socket_->close(); } } void AdminImpl::addListenerToHandler(Network::ConnectionHandler* handler) { if (listener_) { handler->addListener(absl::nullopt, *listener_); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/admin.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/http/filter.h" #include "envoy/http/request_id_extension.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "envoy/server/listener_manager.h" #include "envoy/server/overload_manager.h" #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/resource_manager.h" #include "common/common/assert.h" #include "common/common/basic_resource_impl.h" #include "common/common/empty_string.h" #include "common/common/logger.h" #include "common/common/macros.h" #include "common/http/conn_manager_impl.h" #include "common/http/date_provider_impl.h" #include "common/http/default_server_string.h" #include "common/http/http1/codec_stats.h" #include "common/http/http2/codec_stats.h" #include "common/http/request_id_extension_impl.h" #include "common/http/utility.h" #include "common/network/connection_balancer_impl.h" #include "common/network/raw_buffer_socket.h" #include "common/router/scoped_config_impl.h" #include "common/stats/isolated_store_impl.h" #include "server/admin/admin_filter.h" #include "server/admin/clusters_handler.h" #include "server/admin/config_dump_handler.h" #include "server/admin/config_tracker_impl.h" #include "server/admin/init_dump_handler.h" #include "server/admin/listeners_handler.h" #include "server/admin/logs_handler.h" #include "server/admin/profiling_handler.h" #include "server/admin/runtime_handler.h" #include "server/admin/server_cmd_handler.h" #include "server/admin/server_info_handler.h" #include "server/admin/stats_handler.h" #include "extensions/filters/http/common/pass_through_filter.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class AdminInternalAddressConfig : public Http::InternalAddressConfig { bool isInternalAddress(const Network::Address::Instance&) const override { return false; } }; /** * Implementation of Server::Admin. */ class AdminImpl : public Admin, public Network::FilterChainManager, public Network::FilterChainFactory, public Http::FilterChainFactory, public Http::ConnectionManagerConfig, Logger::Loggable { public: AdminImpl(const std::string& profile_path, Server::Instance& server); Http::Code runCallback(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream& admin_stream); const Network::Socket& socket() override { return *socket_; } Network::Socket& mutableSocket() { return *socket_; } // Server::Admin // TODO(jsedgwick) These can be managed with a generic version of ConfigTracker. // Wins would be no manual removeHandler() and code reuse. // // The prefix must start with "/" and contain at least one additional character. bool addHandler(const std::string& prefix, const std::string& help_text, HandlerCb callback, bool removable, bool mutates_server_state) override; bool removeHandler(const std::string& prefix) override; ConfigTracker& getConfigTracker() override; void startHttpListener(const std::string& access_log_path, const std::string& address_out_path, Network::Address::InstanceConstSharedPtr address, const Network::Socket::OptionsSharedPtr& socket_options, Stats::ScopePtr&& listener_scope) override; uint32_t concurrency() const override { return server_.options().concurrency(); } // Network::FilterChainManager const Network::FilterChain* findFilterChain(const Network::ConnectionSocket&) const override { return admin_filter_chain_.get(); } // Network::FilterChainFactory bool createNetworkFilterChain(Network::Connection& connection, const std::vector& filter_factories) override; bool createListenerFilterChain(Network::ListenerFilterManager&) override { return true; } void createUdpListenerFilterChain(Network::UdpListenerFilterManager&, Network::UdpReadFilterCallbacks&) override {} // Http::FilterChainFactory void createFilterChain(Http::FilterChainFactoryCallbacks& callbacks) override; bool createUpgradeFilterChain(absl::string_view, const Http::FilterChainFactory::UpgradeMap*, Http::FilterChainFactoryCallbacks&) override { return false; } // Http::ConnectionManagerConfig Http::RequestIDExtensionSharedPtr requestIDExtension() override { return request_id_extension_; } const std::list& accessLogs() override { return access_logs_; } Http::ServerConnectionPtr createCodec(Network::Connection& connection, const Buffer::Instance& data, Http::ServerConnectionCallbacks& callbacks) override; Http::DateProvider& dateProvider() override { return date_provider_; } std::chrono::milliseconds drainTimeout() const override { return std::chrono::milliseconds(100); } Http::FilterChainFactory& filterFactory() override { return *this; } bool generateRequestId() const override { return false; } bool preserveExternalRequestId() const override { return false; } bool alwaysSetRequestIdInResponse() const override { return false; } absl::optional idleTimeout() const override { return idle_timeout_; } bool isRoutable() const override { return false; } absl::optional maxConnectionDuration() const override { return max_connection_duration_; } uint32_t maxRequestHeadersKb() const override { return max_request_headers_kb_; } uint32_t maxRequestHeadersCount() const override { return max_request_headers_count_; } std::chrono::milliseconds streamIdleTimeout() const override { return {}; } std::chrono::milliseconds requestTimeout() const override { return {}; } std::chrono::milliseconds delayedCloseTimeout() const override { return {}; } absl::optional maxStreamDuration() const override { return max_stream_duration_; } Router::RouteConfigProvider* routeConfigProvider() override { return &route_config_provider_; } Config::ConfigProvider* scopedRouteConfigProvider() override { return &scoped_route_config_provider_; } const std::string& serverName() const override { return Http::DefaultServerString::get(); } HttpConnectionManagerProto::ServerHeaderTransformation serverHeaderTransformation() const override { return HttpConnectionManagerProto::OVERWRITE; } Http::ConnectionManagerStats& stats() override { return stats_; } Http::ConnectionManagerTracingStats& tracingStats() override { return tracing_stats_; } bool useRemoteAddress() const override { return true; } const Http::InternalAddressConfig& internalAddressConfig() const override { return internal_address_config_; } uint32_t xffNumTrustedHops() const override { return 0; } bool skipXffAppend() const override { return false; } const std::string& via() const override { return EMPTY_STRING; } Http::ForwardClientCertType forwardClientCert() const override { return Http::ForwardClientCertType::Sanitize; } const std::vector& setCurrentClientCertDetails() const override { return set_current_client_cert_details_; } const Network::Address::Instance& localAddress() override; const absl::optional& userAgent() override { return user_agent_; } Tracing::HttpTracerSharedPtr tracer() override { return nullptr; } const Http::TracingConnectionManagerConfig* tracingConfig() override { return nullptr; } Http::ConnectionManagerListenerStats& listenerStats() override { return listener_->stats_; } bool proxy100Continue() const override { return false; } bool streamErrorOnInvalidHttpMessaging() const override { return false; } const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return true; } bool shouldMergeSlashes() const override { return true; } bool shouldStripMatchingPort() const override { return false; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const override { return envoy::config::core::v3::HttpProtocolOptions::ALLOW; } const LocalReply::LocalReply& localReply() const override { return *local_reply_; } Http::Code request(absl::string_view path_and_query, absl::string_view method, Http::ResponseHeaderMap& response_headers, std::string& body) override; void closeSocket(); void addListenerToHandler(Network::ConnectionHandler* handler) override; Server::Instance& server() { return server_; } AdminFilter::AdminServerCallbackFunction createCallbackFunction() { return [this](absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::OwnedImpl& response, AdminFilter& filter) -> Http::Code { return runCallback(path_and_query, response_headers, response, filter); }; } private: /** * Individual admin handler including prefix, help text, and callback. */ struct UrlHandler { const std::string prefix_; const std::string help_text_; const HandlerCb handler_; const bool removable_; const bool mutates_server_state_; }; /** * Implementation of RouteConfigProvider that returns a static null route config. */ struct NullRouteConfigProvider : public Router::RouteConfigProvider { NullRouteConfigProvider(TimeSource& time_source); // Router::RouteConfigProvider Router::ConfigConstSharedPtr config() override { return config_; } absl::optional configInfo() const override { return {}; } SystemTime lastUpdated() const override { return time_source_.systemTime(); } void onConfigUpdate() override {} void validateConfig(const envoy::config::route::v3::RouteConfiguration&) const override {} void requestVirtualHostsUpdate(const std::string&, Event::Dispatcher&, std::weak_ptr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Router::ConfigConstSharedPtr config_; TimeSource& time_source_; }; /** * Implementation of ScopedRouteConfigProvider that returns a null scoped route config. */ struct NullScopedRouteConfigProvider : public Config::ConfigProvider { NullScopedRouteConfigProvider(TimeSource& time_source) : config_(std::make_shared()), time_source_(time_source) {} ~NullScopedRouteConfigProvider() override = default; // Config::ConfigProvider SystemTime lastUpdated() const override { return time_source_.systemTime(); } const Protobuf::Message* getConfigProto() const override { return nullptr; } std::string getConfigVersion() const override { return ""; } ConfigConstSharedPtr getConfig() const override { return config_; } ApiType apiType() const override { return ApiType::Full; } ConfigProtoVector getConfigProtos() const override { return {}; } Router::ScopedConfigConstSharedPtr config_; TimeSource& time_source_; }; /** * Implementation of OverloadManager that is never overloaded. Using this instead of the real * OverloadManager keeps the admin interface accessible even when the proxy is overloaded. */ struct NullOverloadManager : public OverloadManager { struct NullThreadLocalOverloadState : public ThreadLocalOverloadState { const OverloadActionState& getState(const std::string&) override { return inactive_; } const OverloadActionState inactive_ = OverloadActionState::inactive(); }; NullOverloadManager(ThreadLocal::SlotAllocator& slot_allocator) : tls_(slot_allocator.allocateSlot()) {} void start() override { tls_->set([](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(); }); } ThreadLocalOverloadState& getThreadLocalOverloadState() override { return tls_->getTyped(); } bool registerForAction(const std::string&, Event::Dispatcher&, OverloadActionCb) override { // This method shouldn't be called by the admin listener NOT_REACHED_GCOVR_EXCL_LINE; return false; } ThreadLocal::SlotPtr tls_; }; std::vector sortedHandlers() const; envoy::admin::v3::ServerInfo::State serverState(); /** * URL handlers. */ Http::Code handlerAdminHome(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerHelp(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); class AdminListenSocketFactory : public Network::ListenSocketFactory { public: AdminListenSocketFactory(Network::SocketSharedPtr socket) : socket_(socket) {} // Network::ListenSocketFactory Network::Socket::Type socketType() const override { return socket_->socketType(); } const Network::Address::InstanceConstSharedPtr& localAddress() const override { return socket_->localAddress(); } Network::SocketSharedPtr getListenSocket() override { // This is only supposed to be called once. RELEASE_ASSERT(!socket_create_, "AdminListener's socket shouldn't be shared."); socket_create_ = true; return socket_; } Network::SocketOptRef sharedSocket() const override { return absl::nullopt; } private: Network::SocketSharedPtr socket_; bool socket_create_{false}; }; class AdminListener : public Network::ListenerConfig { public: AdminListener(AdminImpl& parent, Stats::ScopePtr&& listener_scope) : parent_(parent), name_("admin"), scope_(std::move(listener_scope)), stats_(Http::ConnectionManagerImpl::generateListenerStats("http.admin.", *scope_)), init_manager_(nullptr) {} // Network::ListenerConfig Network::FilterChainManager& filterChainManager() override { return parent_; } Network::FilterChainFactory& filterChainFactory() override { return parent_; } Network::ListenSocketFactory& listenSocketFactory() override { return *parent_.socket_factory_; } bool bindToPort() override { return true; } bool handOffRestoredDestinationConnections() const override { return false; } uint32_t perConnectionBufferLimitBytes() const override { return 0; } std::chrono::milliseconds listenerFiltersTimeout() const override { return {}; } bool continueOnListenerFiltersTimeout() const override { return false; } Stats::Scope& listenerScope() override { return *scope_; } uint64_t listenerTag() const override { return 0; } const std::string& name() const override { return name_; } Network::ActiveUdpListenerFactory* udpListenerFactory() override { NOT_REACHED_GCOVR_EXCL_LINE; } Network::UdpPacketWriterFactoryOptRef udpPacketWriterFactory() override { NOT_REACHED_GCOVR_EXCL_LINE; } Network::UdpListenerWorkerRouterOptRef udpListenerWorkerRouter() override { NOT_REACHED_GCOVR_EXCL_LINE; } envoy::config::core::v3::TrafficDirection direction() const override { return envoy::config::core::v3::UNSPECIFIED; } Network::ConnectionBalancer& connectionBalancer() override { return connection_balancer_; } ResourceLimit& openConnections() override { return open_connections_; } const std::vector& accessLogs() const override { return empty_access_logs_; } uint32_t tcpBacklogSize() const override { return ENVOY_TCP_BACKLOG_SIZE; } Init::Manager& initManager() override { return *init_manager_; } AdminImpl& parent_; const std::string name_; Stats::ScopePtr scope_; Http::ConnectionManagerListenerStats stats_; Network::NopConnectionBalancerImpl connection_balancer_; BasicResourceLimitImpl open_connections_; private: const std::vector empty_access_logs_; std::unique_ptr init_manager_; }; using AdminListenerPtr = std::unique_ptr; class AdminFilterChain : public Network::FilterChain { public: // We can't use the default constructor because transport_socket_factory_ doesn't have a // default constructor. AdminFilterChain() {} // NOLINT(modernize-use-equals-default) // Network::FilterChain const Network::TransportSocketFactory& transportSocketFactory() const override { return transport_socket_factory_; } const std::vector& networkFilterFactories() const override { return empty_network_filter_factory_; } private: const Network::RawBufferSocketFactory transport_socket_factory_; const std::vector empty_network_filter_factory_; }; Server::Instance& server_; Http::RequestIDExtensionSharedPtr request_id_extension_; std::list access_logs_; const std::string profile_path_; Http::ConnectionManagerStats stats_; NullOverloadManager null_overload_manager_; // Note: this is here to essentially blackhole the tracing stats since they aren't used in the // Admin case. Stats::IsolatedStoreImpl no_op_store_; Http::ConnectionManagerTracingStats tracing_stats_; NullRouteConfigProvider route_config_provider_; NullScopedRouteConfigProvider scoped_route_config_provider_; Server::ClustersHandler clusters_handler_; Server::ConfigDumpHandler config_dump_handler_; Server::InitDumpHandler init_dump_handler_; Server::StatsHandler stats_handler_; Server::LogsHandler logs_handler_; Server::ProfilingHandler profiling_handler_; Server::RuntimeHandler runtime_handler_; Server::ListenersHandler listeners_handler_; Server::ServerCmdHandler server_cmd_handler_; Server::ServerInfoHandler server_info_handler_; std::list handlers_; const uint32_t max_request_headers_kb_{Http::DEFAULT_MAX_REQUEST_HEADERS_KB}; const uint32_t max_request_headers_count_{Http::DEFAULT_MAX_HEADERS_COUNT}; absl::optional idle_timeout_; absl::optional max_connection_duration_; absl::optional max_stream_duration_; absl::optional user_agent_; Http::SlowDateProviderImpl date_provider_; std::vector set_current_client_cert_details_; Http::Http1Settings http1_settings_; Http::Http1::CodecStats::AtomicPtr http1_codec_stats_; Http::Http2::CodecStats::AtomicPtr http2_codec_stats_; ConfigTrackerImpl config_tracker_; const Network::FilterChainSharedPtr admin_filter_chain_; Network::SocketSharedPtr socket_; Network::ListenSocketFactorySharedPtr socket_factory_; AdminListenerPtr listener_; const AdminInternalAddressConfig internal_address_config_; const LocalReply::LocalReplyPtr local_reply_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/admin_filter.cc ================================================ #include "server/admin/admin_filter.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { AdminFilter::AdminFilter(AdminServerCallbackFunction admin_server_callback_func) : admin_server_callback_func_(admin_server_callback_func) {} Http::FilterHeadersStatus AdminFilter::decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) { request_headers_ = &headers; if (end_stream) { onComplete(); } return Http::FilterHeadersStatus::StopIteration; } Http::FilterDataStatus AdminFilter::decodeData(Buffer::Instance& data, bool end_stream) { // Currently we generically buffer all admin request data in case a handler wants to use it. // If we ever support streaming admin requests we may need to revisit this. Note, we must use // addDecodedData() here since we might need to perform onComplete() processing if end_stream is // true. decoder_callbacks_->addDecodedData(data, false); if (end_stream) { onComplete(); } return Http::FilterDataStatus::StopIterationNoBuffer; } Http::FilterTrailersStatus AdminFilter::decodeTrailers(Http::RequestTrailerMap&) { onComplete(); return Http::FilterTrailersStatus::StopIteration; } void AdminFilter::onDestroy() { for (const auto& callback : on_destroy_callbacks_) { callback(); } } void AdminFilter::addOnDestroyCallback(std::function cb) { on_destroy_callbacks_.push_back(std::move(cb)); } Http::StreamDecoderFilterCallbacks& AdminFilter::getDecoderFilterCallbacks() const { ASSERT(decoder_callbacks_ != nullptr); return *decoder_callbacks_; } const Buffer::Instance* AdminFilter::getRequestBody() const { return decoder_callbacks_->decodingBuffer(); } const Http::RequestHeaderMap& AdminFilter::getRequestHeaders() const { ASSERT(request_headers_ != nullptr); return *request_headers_; } void AdminFilter::onComplete() { const absl::string_view path = request_headers_->getPathValue(); ENVOY_STREAM_LOG(debug, "request complete: path: {}", *decoder_callbacks_, path); Buffer::OwnedImpl response; auto header_map = Http::ResponseHeaderMapImpl::create(); RELEASE_ASSERT(request_headers_, ""); Http::Code code = admin_server_callback_func_(path, *header_map, response, *this); Utility::populateFallbackResponseHeaders(code, *header_map); decoder_callbacks_->encodeHeaders(std::move(header_map), end_stream_on_complete_ && response.length() == 0, StreamInfo::ResponseCodeDetails::get().AdminFilterResponse); if (response.length() > 0) { decoder_callbacks_->encodeData(response, end_stream_on_complete_); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/admin_filter.h ================================================ #pragma once #include #include #include "envoy/http/filter.h" #include "envoy/server/admin.h" #include "common/buffer/buffer_impl.h" #include "common/common/logger.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "extensions/filters/http/common/pass_through_filter.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { /** * A terminal HTTP filter that implements server admin functionality. */ class AdminFilter : public Http::PassThroughFilter, public AdminStream, Logger::Loggable { public: using AdminServerCallbackFunction = std::function; AdminFilter(AdminServerCallbackFunction admin_server_run_callback_func); // Http::StreamFilterBase // Handlers relying on the reference should use addOnDestroyCallback() // to add a callback that will notify them when the reference is no // longer valid. void onDestroy() override; // Http::StreamDecoderFilter Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool end_stream) override; Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; // AdminStream void setEndStreamOnComplete(bool end_stream) override { end_stream_on_complete_ = end_stream; } void addOnDestroyCallback(std::function cb) override; Http::StreamDecoderFilterCallbacks& getDecoderFilterCallbacks() const override; const Buffer::Instance* getRequestBody() const override; const Http::RequestHeaderMap& getRequestHeaders() const override; Http::Http1StreamEncoderOptionsOptRef http1StreamEncoderOptions() override { return encoder_callbacks_->http1StreamEncoderOptions(); } private: /** * Called when an admin request has been completely received. */ void onComplete(); AdminServerCallbackFunction admin_server_callback_func_; Http::RequestHeaderMap* request_headers_{}; std::list> on_destroy_callbacks_; bool end_stream_on_complete_ = true; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/clusters_handler.cc ================================================ #include "server/admin/clusters_handler.h" #include "envoy/admin/v3/clusters.pb.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "common/upstream/host_utility.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { namespace { void addCircuitBreakerSettingsAsText(const std::string& cluster_name, const std::string& priority_str, Upstream::ResourceManager& resource_manager, Buffer::Instance& response) { response.add(fmt::format("{}::{}_priority::max_connections::{}\n", cluster_name, priority_str, resource_manager.connections().max())); response.add(fmt::format("{}::{}_priority::max_pending_requests::{}\n", cluster_name, priority_str, resource_manager.pendingRequests().max())); response.add(fmt::format("{}::{}_priority::max_requests::{}\n", cluster_name, priority_str, resource_manager.requests().max())); response.add(fmt::format("{}::{}_priority::max_retries::{}\n", cluster_name, priority_str, resource_manager.retries().max())); } void addCircuitBreakerSettingsAsJson(const envoy::config::core::v3::RoutingPriority& priority, Upstream::ResourceManager& resource_manager, envoy::admin::v3::ClusterStatus& cluster_status) { auto& thresholds = *cluster_status.mutable_circuit_breakers()->add_thresholds(); thresholds.set_priority(priority); thresholds.mutable_max_connections()->set_value(resource_manager.connections().max()); thresholds.mutable_max_pending_requests()->set_value(resource_manager.pendingRequests().max()); thresholds.mutable_max_requests()->set_value(resource_manager.requests().max()); thresholds.mutable_max_retries()->set_value(resource_manager.retries().max()); } } // namespace ClustersHandler::ClustersHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code ClustersHandler::handlerClusters(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { Http::Utility::QueryParams query_params = Http::Utility::parseAndDecodeQueryString(url); const auto format_value = Utility::formatParam(query_params); if (format_value.has_value() && format_value.value() == "json") { writeClustersAsJson(response); response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); } else { writeClustersAsText(response); } return Http::Code::OK; } // Helper method that ensures that we've setting flags based on all the health flag values on the // host. void setHealthFlag(Upstream::Host::HealthFlag flag, const Upstream::Host& host, envoy::admin::v3::HostHealthStatus& health_status) { switch (flag) { case Upstream::Host::HealthFlag::FAILED_ACTIVE_HC: health_status.set_failed_active_health_check( host.healthFlagGet(Upstream::Host::HealthFlag::FAILED_ACTIVE_HC)); break; case Upstream::Host::HealthFlag::FAILED_OUTLIER_CHECK: health_status.set_failed_outlier_check( host.healthFlagGet(Upstream::Host::HealthFlag::FAILED_OUTLIER_CHECK)); break; case Upstream::Host::HealthFlag::FAILED_EDS_HEALTH: case Upstream::Host::HealthFlag::DEGRADED_EDS_HEALTH: if (host.healthFlagGet(Upstream::Host::HealthFlag::FAILED_EDS_HEALTH)) { health_status.set_eds_health_status(envoy::config::core::v3::UNHEALTHY); } else if (host.healthFlagGet(Upstream::Host::HealthFlag::DEGRADED_EDS_HEALTH)) { health_status.set_eds_health_status(envoy::config::core::v3::DEGRADED); } else { health_status.set_eds_health_status(envoy::config::core::v3::HEALTHY); } break; case Upstream::Host::HealthFlag::DEGRADED_ACTIVE_HC: health_status.set_failed_active_degraded_check( host.healthFlagGet(Upstream::Host::HealthFlag::DEGRADED_ACTIVE_HC)); break; case Upstream::Host::HealthFlag::PENDING_DYNAMIC_REMOVAL: health_status.set_pending_dynamic_removal( host.healthFlagGet(Upstream::Host::HealthFlag::PENDING_DYNAMIC_REMOVAL)); break; case Upstream::Host::HealthFlag::PENDING_ACTIVE_HC: health_status.set_pending_active_hc( host.healthFlagGet(Upstream::Host::HealthFlag::PENDING_ACTIVE_HC)); break; } } // TODO(efimki): Add support of text readouts stats. void ClustersHandler::writeClustersAsJson(Buffer::Instance& response) { envoy::admin::v3::Clusters clusters; for (const auto& [name, cluster_ref] : server_.clusterManager().clusters()) { const Upstream::Cluster& cluster = cluster_ref.get(); Upstream::ClusterInfoConstSharedPtr cluster_info = cluster.info(); envoy::admin::v3::ClusterStatus& cluster_status = *clusters.add_cluster_statuses(); cluster_status.set_name(cluster_info->name()); addCircuitBreakerSettingsAsJson( envoy::config::core::v3::RoutingPriority::DEFAULT, cluster.info()->resourceManager(Upstream::ResourcePriority::Default), cluster_status); addCircuitBreakerSettingsAsJson( envoy::config::core::v3::RoutingPriority::HIGH, cluster.info()->resourceManager(Upstream::ResourcePriority::High), cluster_status); const Upstream::Outlier::Detector* outlier_detector = cluster.outlierDetector(); if (outlier_detector != nullptr && outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin) > 0.0) { cluster_status.mutable_success_rate_ejection_threshold()->set_value( outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin)); } if (outlier_detector != nullptr && outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin) > 0.0) { cluster_status.mutable_local_origin_success_rate_ejection_threshold()->set_value( outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin)); } cluster_status.set_added_via_api(cluster_info->addedViaApi()); for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { for (auto& host : host_set->hosts()) { envoy::admin::v3::HostStatus& host_status = *cluster_status.add_host_statuses(); Network::Utility::addressToProtobufAddress(*host->address(), *host_status.mutable_address()); host_status.set_hostname(host->hostname()); host_status.mutable_locality()->MergeFrom(host->locality()); for (const auto& [counter_name, counter] : host->counters()) { auto& metric = *host_status.add_stats(); metric.set_name(std::string(counter_name)); metric.set_value(counter.get().value()); metric.set_type(envoy::admin::v3::SimpleMetric::COUNTER); } for (const auto& [gauge_name, gauge] : host->gauges()) { auto& metric = *host_status.add_stats(); metric.set_name(std::string(gauge_name)); metric.set_value(gauge.get().value()); metric.set_type(envoy::admin::v3::SimpleMetric::GAUGE); } envoy::admin::v3::HostHealthStatus& health_status = *host_status.mutable_health_status(); // Invokes setHealthFlag for each health flag. #define SET_HEALTH_FLAG(name, notused) \ setHealthFlag(Upstream::Host::HealthFlag::name, *host, health_status); HEALTH_FLAG_ENUM_VALUES(SET_HEALTH_FLAG) #undef SET_HEALTH_FLAG double success_rate = host->outlierDetector().successRate( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin); if (success_rate >= 0.0) { host_status.mutable_success_rate()->set_value(success_rate); } host_status.set_weight(host->weight()); host_status.set_priority(host->priority()); success_rate = host->outlierDetector().successRate( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin); if (success_rate >= 0.0) { host_status.mutable_local_origin_success_rate()->set_value(success_rate); } } } } response.add(MessageUtil::getJsonStringFromMessage(clusters, true)); // pretty-print } // TODO(efimki): Add support of text readouts stats. void ClustersHandler::writeClustersAsText(Buffer::Instance& response) { for (const auto& [name, cluster_ref] : server_.clusterManager().clusters()) { const Upstream::Cluster& cluster = cluster_ref.get(); const std::string& cluster_name = cluster.info()->name(); addOutlierInfo(cluster_name, cluster.outlierDetector(), response); addCircuitBreakerSettingsAsText( cluster_name, "default", cluster.info()->resourceManager(Upstream::ResourcePriority::Default), response); addCircuitBreakerSettingsAsText( cluster_name, "high", cluster.info()->resourceManager(Upstream::ResourcePriority::High), response); response.add( fmt::format("{}::added_via_api::{}\n", cluster_name, cluster.info()->addedViaApi())); for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { for (auto& host : host_set->hosts()) { const std::string& host_address = host->address()->asString(); std::map all_stats; for (const auto& [counter_name, counter] : host->counters()) { all_stats[counter_name] = counter.get().value(); } for (const auto& [gauge_name, gauge] : host->gauges()) { all_stats[gauge_name] = gauge.get().value(); } for (const auto& [stat_name, stat] : all_stats) { response.add( fmt::format("{}::{}::{}::{}\n", cluster_name, host_address, stat_name, stat)); } response.add( fmt::format("{}::{}::hostname::{}\n", cluster_name, host_address, host->hostname())); response.add(fmt::format("{}::{}::health_flags::{}\n", cluster_name, host_address, Upstream::HostUtility::healthFlagsToString(*host))); response.add( fmt::format("{}::{}::weight::{}\n", cluster_name, host_address, host->weight())); response.add(fmt::format("{}::{}::region::{}\n", cluster_name, host_address, host->locality().region())); response.add( fmt::format("{}::{}::zone::{}\n", cluster_name, host_address, host->locality().zone())); response.add(fmt::format("{}::{}::sub_zone::{}\n", cluster_name, host_address, host->locality().sub_zone())); response.add( fmt::format("{}::{}::canary::{}\n", cluster_name, host_address, host->canary())); response.add( fmt::format("{}::{}::priority::{}\n", cluster_name, host_address, host->priority())); response.add(fmt::format( "{}::{}::success_rate::{}\n", cluster_name, host_address, host->outlierDetector().successRate( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin))); response.add(fmt::format( "{}::{}::local_origin_success_rate::{}\n", cluster_name, host_address, host->outlierDetector().successRate( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin))); } } } } void ClustersHandler::addOutlierInfo(const std::string& cluster_name, const Upstream::Outlier::Detector* outlier_detector, Buffer::Instance& response) { if (outlier_detector) { response.add(fmt::format( "{}::outlier::success_rate_average::{:g}\n", cluster_name, outlier_detector->successRateAverage( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin))); response.add(fmt::format( "{}::outlier::success_rate_ejection_threshold::{:g}\n", cluster_name, outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin))); response.add(fmt::format( "{}::outlier::local_origin_success_rate_average::{:g}\n", cluster_name, outlier_detector->successRateAverage( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin))); response.add(fmt::format( "{}::outlier::local_origin_success_rate_ejection_threshold::{:g}\n", cluster_name, outlier_detector->successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin))); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/clusters_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ClustersHandler : public HandlerContextBase { public: ClustersHandler(Server::Instance& server); Http::Code handlerClusters(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); private: void addOutlierInfo(const std::string& cluster_name, const Upstream::Outlier::Detector* outlier_detector, Buffer::Instance& response); void writeClustersAsJson(Buffer::Instance& response); void writeClustersAsText(Buffer::Instance& response); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/config_dump_handler.cc ================================================ #include "server/admin/config_dump_handler.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { namespace { // Apply a field mask to a resource message. A simple field mask might look // like "cluster.name,cluster.alt_stat_name,last_updated" for a StaticCluster // resource. Unfortunately, since the "cluster" field is Any and the in-built // FieldMask utils can't mask inside an Any field, we need to do additional work // below. // // We take advantage of the fact that for the most part (with the exception of // DynamicListener) that ConfigDump resources have a single Any field where the // embedded resources lives. This allows us to construct an inner field mask for // the Any resource and an outer field mask for the enclosing message. In the // above example, the inner field mask would be "name,alt_stat_name" and the // outer field mask "cluster,last_updated". The masks are applied to their // respective messages, with the Any resource requiring an unpack/mask/pack // series of operations. // // TODO(htuch): we could make field masks more powerful in future and generalize // this to allow arbitrary indexing through Any fields. This is pretty // complicated, we would need to build a FieldMask tree similar to how the C++ // Protobuf library does this internally. void trimResourceMessage(const Protobuf::FieldMask& field_mask, Protobuf::Message& message) { const Protobuf::Descriptor* descriptor = message.GetDescriptor(); const Protobuf::Reflection* reflection = message.GetReflection(); // Figure out which paths cover Any fields. For each field, gather the paths to // an inner mask, switch the outer mask to cover only the original field. Protobuf::FieldMask outer_field_mask; Protobuf::FieldMask inner_field_mask; std::string any_field_name; for (int i = 0; i < field_mask.paths().size(); ++i) { const std::string& path = field_mask.paths(i); std::vector frags = absl::StrSplit(path, '.'); if (frags.empty()) { continue; } const Protobuf::FieldDescriptor* field = descriptor->FindFieldByName(frags[0]); // Only a single Any field supported, repeated fields don't support further // indexing. // TODO(htuch): should add support for DynamicListener for multiple Any // fields in the future, see // https://github.com/envoyproxy/envoy/issues/9669. if (field != nullptr && field->message_type() != nullptr && !field->is_repeated() && field->message_type()->full_name() == "google.protobuf.Any") { if (any_field_name.empty()) { any_field_name = frags[0]; } else { // This should be structurally true due to the ConfigDump proto // definition (but not for DynamicListener today). ASSERT(any_field_name == frags[0], "Only a single Any field in a config dump resource is supported."); } outer_field_mask.add_paths(frags[0]); frags.erase(frags.begin()); inner_field_mask.add_paths(absl::StrJoin(frags, ".")); } else { outer_field_mask.add_paths(path); } } if (!any_field_name.empty()) { const Protobuf::FieldDescriptor* any_field = descriptor->FindFieldByName(any_field_name); if (reflection->HasField(message, any_field)) { ASSERT(any_field != nullptr); // Unpack to a DynamicMessage. ProtobufWkt::Any any_message; any_message.MergeFrom(reflection->GetMessage(message, any_field)); Protobuf::DynamicMessageFactory dmf; const absl::string_view inner_type_name = TypeUtil::typeUrlToDescriptorFullName(any_message.type_url()); const Protobuf::Descriptor* inner_descriptor = Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName( static_cast(inner_type_name)); ASSERT(inner_descriptor != nullptr); std::unique_ptr inner_message; inner_message.reset(dmf.GetPrototype(inner_descriptor)->New()); MessageUtil::unpackTo(any_message, *inner_message); // Trim message. ProtobufUtil::FieldMaskUtil::TrimMessage(inner_field_mask, inner_message.get()); // Pack it back into the Any resource. any_message.PackFrom(*inner_message); reflection->MutableMessage(&message, any_field)->CopyFrom(any_message); } } ProtobufUtil::FieldMaskUtil::TrimMessage(outer_field_mask, &message); } // Helper method to get the resource parameter. absl::optional resourceParam(const Http::Utility::QueryParams& params) { return Utility::queryParam(params, "resource"); } // Helper method to get the mask parameter. absl::optional maskParam(const Http::Utility::QueryParams& params) { return Utility::queryParam(params, "mask"); } // Helper method to get the eds parameter. bool shouldIncludeEdsInDump(const Http::Utility::QueryParams& params) { return Utility::queryParam(params, "include_eds") != absl::nullopt; } } // namespace ConfigDumpHandler::ConfigDumpHandler(ConfigTracker& config_tracker, Server::Instance& server) : HandlerContextBase(server), config_tracker_(config_tracker) {} Http::Code ConfigDumpHandler::handlerConfigDump(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) const { Http::Utility::QueryParams query_params = Http::Utility::parseAndDecodeQueryString(url); const auto resource = resourceParam(query_params); const auto mask = maskParam(query_params); const bool include_eds = shouldIncludeEdsInDump(query_params); envoy::admin::v3::ConfigDump dump; if (resource.has_value()) { auto err = addResourceToDump(dump, mask, resource.value(), include_eds); if (err.has_value()) { response.add(err.value().second); return err.value().first; } } else { addAllConfigToDump(dump, mask, include_eds); } MessageUtil::redact(dump); response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); response.add(MessageUtil::getJsonStringFromMessage(dump, true)); // pretty-print return Http::Code::OK; } absl::optional> ConfigDumpHandler::addResourceToDump(envoy::admin::v3::ConfigDump& dump, const absl::optional& mask, const std::string& resource, bool include_eds) const { Envoy::Server::ConfigTracker::CbsMap callbacks_map = config_tracker_.getCallbacksMap(); if (include_eds) { if (!server_.clusterManager().clusters().empty()) { callbacks_map.emplace("endpoint", [this] { return dumpEndpointConfigs(); }); } } for (const auto& [name, callback] : callbacks_map) { ProtobufTypes::MessagePtr message = callback(); ASSERT(message); auto field_descriptor = message->GetDescriptor()->FindFieldByName(resource); const Protobuf::Reflection* reflection = message->GetReflection(); if (!field_descriptor) { continue; } else if (!field_descriptor->is_repeated()) { return absl::optional>{std::make_pair( Http::Code::BadRequest, fmt::format("{} is not a repeated field. Use ?mask={} to get only this field", field_descriptor->name(), field_descriptor->name()))}; } auto repeated = reflection->GetRepeatedPtrField(*message, field_descriptor); for (Protobuf::Message& msg : repeated) { if (mask.has_value()) { Protobuf::FieldMask field_mask; ProtobufUtil::FieldMaskUtil::FromString(mask.value(), &field_mask); trimResourceMessage(field_mask, msg); } auto* config = dump.add_configs(); config->PackFrom(msg); } // We found the desired resource so there is no need to continue iterating over // the other keys. return absl::nullopt; } return absl::optional>{ std::make_pair(Http::Code::NotFound, fmt::format("{} not found in config dump", resource))}; } void ConfigDumpHandler::addAllConfigToDump(envoy::admin::v3::ConfigDump& dump, const absl::optional& mask, bool include_eds) const { Envoy::Server::ConfigTracker::CbsMap callbacks_map = config_tracker_.getCallbacksMap(); if (include_eds) { if (!server_.clusterManager().clusters().empty()) { callbacks_map.emplace("endpoint", [this] { return dumpEndpointConfigs(); }); } } for (const auto& [name, callback] : callbacks_map) { ProtobufTypes::MessagePtr message = callback(); ASSERT(message); if (mask.has_value()) { Protobuf::FieldMask field_mask; ProtobufUtil::FieldMaskUtil::FromString(mask.value(), &field_mask); // We don't use trimMessage() above here since masks don't support // indexing through repeated fields. ProtobufUtil::FieldMaskUtil::TrimMessage(field_mask, message.get()); } auto* config = dump.add_configs(); config->PackFrom(*message); } } ProtobufTypes::MessagePtr ConfigDumpHandler::dumpEndpointConfigs() const { auto endpoint_config_dump = std::make_unique(); for (const auto& [name, cluster_ref] : server_.clusterManager().clusters()) { const Upstream::Cluster& cluster = cluster_ref.get(); Upstream::ClusterInfoConstSharedPtr cluster_info = cluster.info(); envoy::config::endpoint::v3::ClusterLoadAssignment cluster_load_assignment; if (cluster_info->edsServiceName().has_value()) { cluster_load_assignment.set_cluster_name(cluster_info->edsServiceName().value()); } else { cluster_load_assignment.set_cluster_name(cluster_info->name()); } auto& policy = *cluster_load_assignment.mutable_policy(); for (auto& host_set : cluster.prioritySet().hostSetsPerPriority()) { policy.mutable_overprovisioning_factor()->set_value(host_set->overprovisioningFactor()); if (!host_set->hostsPerLocality().get().empty()) { for (int index = 0; index < static_cast(host_set->hostsPerLocality().get().size()); index++) { auto locality_host_set = host_set->hostsPerLocality().get()[index]; if (!locality_host_set.empty()) { auto& locality_lb_endpoint = *cluster_load_assignment.mutable_endpoints()->Add(); locality_lb_endpoint.mutable_locality()->MergeFrom(locality_host_set[0]->locality()); locality_lb_endpoint.set_priority(locality_host_set[0]->priority()); if (host_set->localityWeights() != nullptr && !host_set->localityWeights()->empty()) { locality_lb_endpoint.mutable_load_balancing_weight()->set_value( (*host_set->localityWeights())[index]); } for (auto& host : locality_host_set) { addLbEndpoint(host, locality_lb_endpoint); } } } } else { for (auto& host : host_set->hosts()) { auto& locality_lb_endpoint = *cluster_load_assignment.mutable_endpoints()->Add(); locality_lb_endpoint.mutable_locality()->MergeFrom(host->locality()); locality_lb_endpoint.set_priority(host->priority()); addLbEndpoint(host, locality_lb_endpoint); } } } if (cluster_info->addedViaApi()) { auto& dynamic_endpoint = *endpoint_config_dump->mutable_dynamic_endpoint_configs()->Add(); dynamic_endpoint.mutable_endpoint_config()->PackFrom(cluster_load_assignment); } else { auto& static_endpoint = *endpoint_config_dump->mutable_static_endpoint_configs()->Add(); static_endpoint.mutable_endpoint_config()->PackFrom(cluster_load_assignment); } } return endpoint_config_dump; } void ConfigDumpHandler::addLbEndpoint( const Upstream::HostSharedPtr& host, envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint) const { auto& lb_endpoint = *locality_lb_endpoint.mutable_lb_endpoints()->Add(); if (host->metadata() != nullptr) { lb_endpoint.mutable_metadata()->MergeFrom(*host->metadata()); } lb_endpoint.mutable_load_balancing_weight()->set_value(host->weight()); switch (host->health()) { case Upstream::Host::Health::Healthy: lb_endpoint.set_health_status(envoy::config::core::v3::HealthStatus::HEALTHY); break; case Upstream::Host::Health::Unhealthy: lb_endpoint.set_health_status(envoy::config::core::v3::HealthStatus::UNHEALTHY); break; case Upstream::Host::Health::Degraded: lb_endpoint.set_health_status(envoy::config::core::v3::HealthStatus::DEGRADED); break; default: lb_endpoint.set_health_status(envoy::config::core::v3::HealthStatus::UNKNOWN); } auto& endpoint = *lb_endpoint.mutable_endpoint(); endpoint.set_hostname(host->hostname()); Network::Utility::addressToProtobufAddress(*host->address(), *endpoint.mutable_address()); auto& health_check_config = *endpoint.mutable_health_check_config(); health_check_config.set_hostname(host->hostnameForHealthChecks()); if (host->healthCheckAddress()->asString() != host->address()->asString()) { health_check_config.set_port_value(host->healthCheckAddress()->ip()->port()); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/config_dump_handler.h ================================================ #pragma once #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/buffer/buffer.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/config_tracker_impl.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ConfigDumpHandler : public HandlerContextBase { public: ConfigDumpHandler(ConfigTracker& config_tracker, Server::Instance& server); Http::Code handlerConfigDump(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) const; private: void addAllConfigToDump(envoy::admin::v3::ConfigDump& dump, const absl::optional& mask, bool include_eds) const; /** * Add the config matching the passed resource to the passed config dump. * @return absl::nullopt on success, else the Http::Code and an error message that should be added * to the admin response. */ absl::optional> addResourceToDump(envoy::admin::v3::ConfigDump& dump, const absl::optional& mask, const std::string& resource, bool include_eds) const; /** * Helper methods to add endpoints config */ void addLbEndpoint(const Upstream::HostSharedPtr& host, envoy::config::endpoint::v3::LocalityLbEndpoints& locality_lb_endpoint) const; ProtobufTypes::MessagePtr dumpEndpointConfigs() const; ConfigTracker& config_tracker_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/config_tracker_impl.cc ================================================ #include "server/admin/config_tracker_impl.h" namespace Envoy { namespace Server { ConfigTracker::EntryOwnerPtr ConfigTrackerImpl::add(const std::string& key, Cb cb) { auto insert_result = map_->emplace(key, std::move(cb)); return insert_result.second ? std::make_unique(map_, std::move(key)) : nullptr; } const ConfigTracker::CbsMap& ConfigTrackerImpl::getCallbacksMap() const { return *map_; } ConfigTrackerImpl::EntryOwnerImpl::EntryOwnerImpl(const std::shared_ptr& map, const std::string& key) : map_(map), key_(key) {} ConfigTrackerImpl::EntryOwnerImpl::~EntryOwnerImpl() { size_t erased = map_->erase(key_); ASSERT(erased == 1); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/config_tracker_impl.h ================================================ #pragma once #include "envoy/server/config_tracker.h" #include "common/common/assert.h" #include "common/common/macros.h" namespace Envoy { namespace Server { /** * Implementation of ConfigTracker. */ class ConfigTrackerImpl : public ConfigTracker { public: EntryOwnerPtr add(const std::string& key, Cb cb) override; const CbsMap& getCallbacksMap() const override; private: std::shared_ptr map_{std::make_shared()}; class EntryOwnerImpl : public ConfigTracker::EntryOwner { public: EntryOwnerImpl(const std::shared_ptr& map, const std::string& key); ~EntryOwnerImpl() override; private: std::shared_ptr map_; std::string key_; }; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/handler_ctx.h ================================================ #pragma once #include "envoy/server/instance.h" namespace Envoy { namespace Server { class HandlerContextBase { public: HandlerContextBase(Server::Instance& server) : server_(server) {} protected: Server::Instance& server_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/init_dump_handler.cc ================================================ #include "server/admin/init_dump_handler.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { namespace { // Helper method to get the mask parameter. absl::optional maskParam(const Http::Utility::QueryParams& params) { return Utility::queryParam(params, "mask"); } } // namespace InitDumpHandler::InitDumpHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code InitDumpHandler::handlerInitDump(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) const { Http::Utility::QueryParams query_params = Http::Utility::parseAndDecodeQueryString(url); const auto mask = maskParam(query_params); envoy::admin::v3::UnreadyTargetsDumps dump = *dumpUnreadyTargets(mask); MessageUtil::redact(dump); response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); response.add(MessageUtil::getJsonStringFromMessage(dump, true)); // pretty-print return Http::Code::OK; } std::unique_ptr InitDumpHandler::dumpUnreadyTargets(const absl::optional& component) const { auto unready_targets_dumps = std::make_unique(); if (component.has_value()) { if (component.value() == "listener") { dumpListenerUnreadyTargets(*unready_targets_dumps); } // More options for unready targets config dump. } else { // Dump all possible information of unready targets. dumpListenerUnreadyTargets(*unready_targets_dumps); // More unready targets to add into config dump. } return unready_targets_dumps; } void InitDumpHandler::dumpListenerUnreadyTargets( envoy::admin::v3::UnreadyTargetsDumps& unready_targets_dumps) const { std::vector> listeners; if (server_.listenerManager().isWorkerStarted()) { listeners = server_.listenerManager().listeners(ListenerManager::WARMING); } else { listeners = server_.listenerManager().listeners(ListenerManager::ACTIVE); } for (const auto& listener_config : listeners) { auto& listener = listener_config.get(); listener.initManager().dumpUnreadyTargets(unready_targets_dumps); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/init_dump_handler.h ================================================ #pragma once #include "envoy/admin/v3/init_dump.pb.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class InitDumpHandler : public HandlerContextBase { public: InitDumpHandler(Server::Instance& server); Http::Code handlerInitDump(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) const; private: /** * Helper methods for the /init_dump url handler to add unready targets information. */ std::unique_ptr dumpUnreadyTargets(const absl::optional& target) const; /** * Helper methods for the /init_dump url handler to add unready targets config of listeners. */ void dumpListenerUnreadyTargets(envoy::admin::v3::UnreadyTargetsDumps& unready_targets_dumps) const; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/listeners_handler.cc ================================================ #include "server/admin/listeners_handler.h" #include "envoy/admin/v3/listeners.pb.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "common/network/utility.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { ListenersHandler::ListenersHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code ListenersHandler::handlerDrainListeners(absl::string_view url, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { const Http::Utility::QueryParams params = Http::Utility::parseQueryString(url); ListenerManager::StopListenersType stop_listeners_type = params.find("inboundonly") != params.end() ? ListenerManager::StopListenersType::InboundOnly : ListenerManager::StopListenersType::All; const bool graceful = params.find("graceful") != params.end(); if (graceful) { // Ignore calls to /drain_listeners?graceful if the drain sequence has // already started. if (!server_.drainManager().draining()) { server_.drainManager().startDrainSequence([this, stop_listeners_type]() { server_.listenerManager().stopListeners(stop_listeners_type); }); } } else { server_.listenerManager().stopListeners(stop_listeners_type); } response.add("OK\n"); return Http::Code::OK; } Http::Code ListenersHandler::handlerListenerInfo(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { const Http::Utility::QueryParams query_params = Http::Utility::parseQueryString(url); const auto format_value = Utility::formatParam(query_params); if (format_value.has_value() && format_value.value() == "json") { writeListenersAsJson(response); response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); } else { writeListenersAsText(response); } return Http::Code::OK; } void ListenersHandler::writeListenersAsJson(Buffer::Instance& response) { envoy::admin::v3::Listeners listeners; for (const auto& listener : server_.listenerManager().listeners()) { envoy::admin::v3::ListenerStatus& listener_status = *listeners.add_listener_statuses(); listener_status.set_name(listener.get().name()); Network::Utility::addressToProtobufAddress(*listener.get().listenSocketFactory().localAddress(), *listener_status.mutable_local_address()); } response.add(MessageUtil::getJsonStringFromMessage(listeners, true)); // pretty-print } void ListenersHandler::writeListenersAsText(Buffer::Instance& response) { for (const auto& listener : server_.listenerManager().listeners()) { response.add(fmt::format("{}::{}\n", listener.get().name(), listener.get().listenSocketFactory().localAddress()->asString())); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/listeners_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ListenersHandler : public HandlerContextBase { public: ListenersHandler(Server::Instance& server); Http::Code handlerDrainListeners(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerListenerInfo(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); private: /** * Helper methods for the /listeners url handler. */ void writeListenersAsJson(Buffer::Instance& response); void writeListenersAsText(Buffer::Instance& response); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/logs_handler.cc ================================================ #include "server/admin/logs_handler.h" #include #include "common/common/fancy_logger.h" #include "common/common/logger.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { LogsHandler::LogsHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code LogsHandler::handlerLogging(absl::string_view url, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { Http::Utility::QueryParams query_params = Http::Utility::parseQueryString(url); Http::Code rc = Http::Code::OK; if (!query_params.empty() && !changeLogLevel(query_params)) { response.add("usage: /logging?= (change single level)\n"); response.add("usage: /logging?level= (change all levels)\n"); response.add("levels: "); for (auto level_string_view : spdlog::level::level_string_views) { response.add(fmt::format("{} ", level_string_view)); } response.add("\n"); rc = Http::Code::NotFound; } if (!Logger::Context::useFancyLogger()) { response.add("active loggers:\n"); for (const Logger::Logger& logger : Logger::Registry::loggers()) { response.add(fmt::format(" {}: {}\n", logger.name(), logger.levelString())); } response.add("\n"); } else { response.add("active loggers:\n"); std::string logger_info = getFancyContext().listFancyLoggers(); response.add(logger_info); } return rc; } Http::Code LogsHandler::handlerReopenLogs(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.accessLogManager().reopen(); response.add("OK\n"); return Http::Code::OK; } bool LogsHandler::changeLogLevel(const Http::Utility::QueryParams& params) { if (params.size() != 1) { return false; } std::string name = params.begin()->first; std::string level = params.begin()->second; // First see if the level is valid. size_t level_to_use = std::numeric_limits::max(); for (size_t i = 0; i < ARRAY_SIZE(spdlog::level::level_string_views); i++) { if (level == spdlog::level::level_string_views[i]) { level_to_use = i; break; } } if (level_to_use == std::numeric_limits::max()) { return false; } if (!Logger::Context::useFancyLogger()) { // Now either change all levels or a single level. if (name == "level") { ENVOY_LOG(debug, "change all log levels: level='{}'", level); for (Logger::Logger& logger : Logger::Registry::loggers()) { logger.setLevel(static_cast(level_to_use)); } } else { ENVOY_LOG(debug, "change log level: name='{}' level='{}'", name, level); Logger::Logger* logger_to_change = nullptr; for (Logger::Logger& logger : Logger::Registry::loggers()) { if (logger.name() == name) { logger_to_change = &logger; break; } } if (!logger_to_change) { return false; } logger_to_change->setLevel(static_cast(level_to_use)); } } else { // Level setting with Fancy Logger. spdlog::level::level_enum lv = static_cast(level_to_use); if (name == "level") { FANCY_LOG(info, "change all log levels: level='{}'", level); getFancyContext().setAllFancyLoggers(lv); } else { FANCY_LOG(info, "change log level: name='{}' level='{}'", name, level); bool res = getFancyContext().setFancyLogger(name, lv); return res; } } return true; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/logs_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class LogsHandler : public HandlerContextBase, Logger::Loggable { public: LogsHandler(Server::Instance& server); Http::Code handlerLogging(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerReopenLogs(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); private: /** * Attempt to change the log level of a logger or all loggers * @param params supplies the incoming endpoint query params. * @return TRUE if level change succeeded, FALSE otherwise. */ bool changeLogLevel(const Http::Utility::QueryParams& params); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/profiling_handler.cc ================================================ #include "server/admin/profiling_handler.h" #include "common/profiler/profiler.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { ProfilingHandler::ProfilingHandler(const std::string& profile_path) : profile_path_(profile_path) {} Http::Code ProfilingHandler::handlerCpuProfiler(absl::string_view url, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { Http::Utility::QueryParams query_params = Http::Utility::parseAndDecodeQueryString(url); if (query_params.size() != 1 || query_params.begin()->first != "enable" || (query_params.begin()->second != "y" && query_params.begin()->second != "n")) { response.add("?enable=\n"); return Http::Code::BadRequest; } bool enable = query_params.begin()->second == "y"; if (enable && !Profiler::Cpu::profilerEnabled()) { if (!Profiler::Cpu::startProfiler(profile_path_)) { response.add("failure to start the profiler"); return Http::Code::InternalServerError; } } else if (!enable && Profiler::Cpu::profilerEnabled()) { Profiler::Cpu::stopProfiler(); } response.add("OK\n"); return Http::Code::OK; } Http::Code ProfilingHandler::handlerHeapProfiler(absl::string_view url, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { if (!Profiler::Heap::profilerEnabled()) { response.add("The current build does not support heap profiler"); return Http::Code::NotImplemented; } Http::Utility::QueryParams query_params = Http::Utility::parseAndDecodeQueryString(url); if (query_params.size() != 1 || query_params.begin()->first != "enable" || (query_params.begin()->second != "y" && query_params.begin()->second != "n")) { response.add("?enable=\n"); return Http::Code::BadRequest; } Http::Code res = Http::Code::OK; bool enable = query_params.begin()->second == "y"; if (enable) { if (Profiler::Heap::isProfilerStarted()) { response.add("Fail to start heap profiler: already started"); res = Http::Code::BadRequest; } else if (!Profiler::Heap::startProfiler(profile_path_)) { // GCOVR_EXCL_START // TODO(silentdai) remove the GCOVR when startProfiler is better implemented response.add("Fail to start the heap profiler"); res = Http::Code::InternalServerError; // GCOVR_EXCL_STOP } else { response.add("Starting heap profiler"); res = Http::Code::OK; } } else { // !enable if (!Profiler::Heap::isProfilerStarted()) { response.add("Fail to stop heap profiler: not started"); res = Http::Code::BadRequest; } else { Profiler::Heap::stopProfiler(); response.add( fmt::format("Heap profiler stopped and data written to {}. See " "http://goog-perftools.sourceforge.net/doc/heap_profiler.html for details.", profile_path_)); res = Http::Code::OK; } } return res; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/profiling_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ProfilingHandler { public: ProfilingHandler(const std::string& profile_path); Http::Code handlerCpuProfiler(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerHeapProfiler(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); private: const std::string profile_path_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/prometheus_stats.cc ================================================ #include "server/admin/prometheus_stats.h" #include "common/common/empty_string.h" #include "common/common/macros.h" #include "common/stats/histogram_impl.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Server { namespace { const std::regex& promRegex() { CONSTRUCT_ON_FIRST_USE(std::regex, "[^a-zA-Z0-9_]"); } const std::regex& namespaceRegex() { CONSTRUCT_ON_FIRST_USE(std::regex, "^[a-zA-Z_][a-zA-Z0-9]*$"); } /** * Take a string and sanitize it according to Prometheus conventions. */ std::string sanitizeName(const std::string& name) { // The name must match the regex [a-zA-Z_][a-zA-Z0-9_]* as required by // prometheus. Refer to https://prometheus.io/docs/concepts/data_model/. // The initial [a-zA-Z_] constraint is always satisfied by the namespace prefix. return std::regex_replace(name, promRegex(), "_"); } /* * Determine whether a metric has never been emitted and choose to * not show it if we only wanted used metrics. */ template static bool shouldShowMetric(const StatType& metric, const bool used_only, const absl::optional& regex) { return ((!used_only || metric.used()) && (!regex.has_value() || std::regex_search(metric.name(), regex.value()))); } /* * Comparator for Stats::Metric that does not require a string representation * to make the comparison, for memory efficiency. */ struct MetricLessThan { bool operator()(const Stats::Metric* a, const Stats::Metric* b) const { ASSERT(&a->constSymbolTable() == &b->constSymbolTable()); return a->constSymbolTable().lessThan(a->statName(), b->statName()); } }; /** * Processes a stat type (counter, gauge, histogram) by generating all output lines, sorting * them by tag-extracted metric name, and then outputting them in the correct sorted order into * response. * * @param response The buffer to put the output into. * @param used_only Whether to only output stats that are used. * @param regex A filter on which stats to output. * @param metrics The metrics to output stats for. This must contain all stats of the given type * to be included in the same output. * @param generate_output A function which returns the output text for this metric. * @param type The name of the prometheus metric type for used in TYPE annotations. */ template uint64_t outputStatType( Buffer::Instance& response, const bool used_only, const absl::optional& regex, const std::vector>& metrics, const std::function& generate_output, absl::string_view type) { /* * From * https:*github.com/prometheus/docs/blob/master/content/docs/instrumenting/exposition_formats.md#grouping-and-sorting: * * All lines for a given metric must be provided as one single group, with the optional HELP and * TYPE lines first (in no particular order). Beyond that, reproducible sorting in repeated * expositions is preferred but not required, i.e. do not sort if the computational cost is * prohibitive. */ // This is an unsorted collection of dumb-pointers (no need to increment then decrement every // refcount; ownership is held throughout by `metrics`). It is unsorted for efficiency, but will // be sorted before producing the final output to satisfy the "preferred" ordering from the // prometheus spec: metrics will be sorted by their tags' textual representation, which will be // consistent across calls. using StatTypeUnsortedCollection = std::vector; // Return early to avoid crashing when getting the symbol table from the first metric. if (metrics.empty()) { return 0; } // There should only be one symbol table for all of the stats in the admin // interface. If this assumption changes, the name comparisons in this function // will have to change to compare to convert all StatNames to strings before // comparison. const Stats::SymbolTable& global_symbol_table = metrics.front()->constSymbolTable(); // Sorted collection of metrics sorted by their tagExtractedName, to satisfy the requirements // of the exposition format. std::map groups( global_symbol_table); for (const auto& metric : metrics) { ASSERT(&global_symbol_table == &metric->constSymbolTable()); if (!shouldShowMetric(*metric, used_only, regex)) { continue; } groups[metric->tagExtractedStatName()].push_back(metric.get()); } for (auto& group : groups) { const std::string prefixed_tag_extracted_name = PrometheusStatsFormatter::metricName(global_symbol_table.toString(group.first)); response.add(fmt::format("# TYPE {0} {1}\n", prefixed_tag_extracted_name, type)); // Sort before producing the final output to satisfy the "preferred" ordering from the // prometheus spec: metrics will be sorted by their tags' textual representation, which will // be consistent across calls. std::sort(group.second.begin(), group.second.end(), MetricLessThan()); for (const auto& metric : group.second) { response.add(generate_output(*metric, prefixed_tag_extracted_name)); } response.add("\n"); } return groups.size(); } /* * Return the prometheus output for a numeric Stat (Counter or Gauge). */ template std::string generateNumericOutput(const StatType& metric, const std::string& prefixed_tag_extracted_name) { const std::string tags = PrometheusStatsFormatter::formattedTags(metric.tags()); return fmt::format("{0}{{{1}}} {2}\n", prefixed_tag_extracted_name, tags, metric.value()); } /* * Returns the prometheus output for a histogram. The output is a multi-line string (with embedded * newlines) that contains all the individual bucket counts and sum/count for a single histogram * (metric_name plus all tags). */ std::string generateHistogramOutput(const Stats::ParentHistogram& histogram, const std::string& prefixed_tag_extracted_name) { const std::string tags = PrometheusStatsFormatter::formattedTags(histogram.tags()); const std::string hist_tags = histogram.tags().empty() ? EMPTY_STRING : (tags + ","); const Stats::HistogramStatistics& stats = histogram.cumulativeStatistics(); Stats::ConstSupportedBuckets& supported_buckets = stats.supportedBuckets(); const std::vector& computed_buckets = stats.computedBuckets(); std::string output; for (size_t i = 0; i < supported_buckets.size(); ++i) { double bucket = supported_buckets[i]; uint64_t value = computed_buckets[i]; // We want to print the bucket in a fixed point (non-scientific) format. The fmt library // doesn't have a specific modifier to format as a fixed-point value only so we use the // 'g' operator which prints the number in general fixed point format or scientific format // with precision 50 to round the number up to 32 significant digits in fixed point format // which should cover pretty much all cases output.append(fmt::format("{0}_bucket{{{1}le=\"{2:.32g}\"}} {3}\n", prefixed_tag_extracted_name, hist_tags, bucket, value)); } output.append(fmt::format("{0}_bucket{{{1}le=\"+Inf\"}} {2}\n", prefixed_tag_extracted_name, hist_tags, stats.sampleCount())); output.append(fmt::format("{0}_sum{{{1}}} {2:.32g}\n", prefixed_tag_extracted_name, tags, stats.sampleSum())); output.append(fmt::format("{0}_count{{{1}}} {2}\n", prefixed_tag_extracted_name, tags, stats.sampleCount())); return output; }; absl::flat_hash_set& prometheusNamespaces() { MUTABLE_CONSTRUCT_ON_FIRST_USE(absl::flat_hash_set); } } // namespace std::string PrometheusStatsFormatter::formattedTags(const std::vector& tags) { std::vector buf; buf.reserve(tags.size()); for (const Stats::Tag& tag : tags) { buf.push_back(fmt::format("{}=\"{}\"", sanitizeName(tag.name_), tag.value_)); } return absl::StrJoin(buf, ","); } std::string PrometheusStatsFormatter::metricName(const std::string& extracted_name) { std::string sanitized_name = sanitizeName(extracted_name); absl::string_view prom_namespace{sanitized_name}; prom_namespace = prom_namespace.substr(0, prom_namespace.find_first_of('_')); if (prometheusNamespaces().contains(prom_namespace)) { return sanitized_name; } // Add namespacing prefix to avoid conflicts, as per best practice: // https://prometheus.io/docs/practices/naming/#metric-names // Also, naming conventions on https://prometheus.io/docs/concepts/data_model/ return absl::StrCat("envoy_", sanitized_name); } // TODO(efimki): Add support of text readouts stats. uint64_t PrometheusStatsFormatter::statsAsPrometheus( const std::vector& counters, const std::vector& gauges, const std::vector& histograms, Buffer::Instance& response, const bool used_only, const absl::optional& regex) { uint64_t metric_name_count = 0; metric_name_count += outputStatType( response, used_only, regex, counters, generateNumericOutput, "counter"); metric_name_count += outputStatType(response, used_only, regex, gauges, generateNumericOutput, "gauge"); metric_name_count += outputStatType( response, used_only, regex, histograms, generateHistogramOutput, "histogram"); return metric_name_count; } bool PrometheusStatsFormatter::registerPrometheusNamespace(absl::string_view prometheus_namespace) { if (std::regex_match(prometheus_namespace.begin(), prometheus_namespace.end(), namespaceRegex())) { return prometheusNamespaces().insert(std::string(prometheus_namespace)).second; } return false; } bool PrometheusStatsFormatter::unregisterPrometheusNamespace( absl::string_view prometheus_namespace) { auto it = prometheusNamespaces().find(prometheus_namespace); if (it == prometheusNamespaces().end()) { return false; } prometheusNamespaces().erase(it); return true; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/prometheus_stats.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" namespace Envoy { namespace Server { /** * Formatter for metric/labels exported to Prometheus. * * See: https://prometheus.io/docs/concepts/data_model */ class PrometheusStatsFormatter { public: /** * Extracts counters and gauges and relevant tags, appending them to * the response buffer after sanitizing the metric / label names. * @return uint64_t total number of metric types inserted in response. */ static uint64_t statsAsPrometheus(const std::vector& counters, const std::vector& gauges, const std::vector& histograms, Buffer::Instance& response, const bool used_only, const absl::optional& regex); /** * Format the given tags, returning a string as a comma-separated list * of ="" pairs. */ static std::string formattedTags(const std::vector& tags); /** * Format the given metric name, prefixed with "envoy_". */ static std::string metricName(const std::string& extracted_name); /** * Register a prometheus namespace, stats starting with the namespace will not be * automatically prefixed with envoy namespace. * This method must be called from the main thread. * @returns bool if a new namespace is registered, false if the namespace is already * registered or the namespace is invalid. */ static bool registerPrometheusNamespace(absl::string_view prometheus_namespace); /** * Unregister a prometheus namespace registered by `registerPrometheusNamespace` * This method must be called from the main thread. * @returns bool if the Prometheus namespace is unregistered. false if the namespace * wasn't registered. */ static bool unregisterPrometheusNamespace(absl::string_view prometheus_namespace); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/runtime_handler.cc ================================================ #include "server/admin/runtime_handler.h" #include #include #include "common/common/empty_string.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "server/admin/utils.h" #include "absl/container/node_hash_map.h" namespace Envoy { namespace Server { RuntimeHandler::RuntimeHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code RuntimeHandler::handlerRuntime(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { const Http::Utility::QueryParams params = Http::Utility::parseAndDecodeQueryString(url); response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); // TODO(jsedgwick): Use proto to structure this output instead of arbitrary JSON. const auto& layers = server_.runtime().snapshot().getLayers(); std::vector layer_names; layer_names.reserve(layers.size()); std::map> entries; for (const auto& layer : layers) { layer_names.push_back(ValueUtil::stringValue(layer->name())); for (const auto& value : layer->values()) { const auto found = entries.find(value.first); if (found == entries.end()) { entries.emplace(value.first, std::vector{}); } } } for (const auto& layer : layers) { for (auto& entry : entries) { const auto found = layer->values().find(entry.first); const auto& entry_value = found == layer->values().end() ? EMPTY_STRING : found->second.raw_string_value_; entry.second.push_back(entry_value); } } ProtobufWkt::Struct layer_entries; auto* layer_entry_fields = layer_entries.mutable_fields(); for (const auto& entry : entries) { std::vector layer_entry_values; layer_entry_values.reserve(entry.second.size()); std::string final_value; for (const auto& value : entry.second) { if (!value.empty()) { final_value = value; } layer_entry_values.push_back(ValueUtil::stringValue(value)); } ProtobufWkt::Struct layer_entry_value; auto* layer_entry_value_fields = layer_entry_value.mutable_fields(); (*layer_entry_value_fields)["final_value"] = ValueUtil::stringValue(final_value); (*layer_entry_value_fields)["layer_values"] = ValueUtil::listValue(layer_entry_values); (*layer_entry_fields)[entry.first] = ValueUtil::structValue(layer_entry_value); } ProtobufWkt::Struct runtime; auto* fields = runtime.mutable_fields(); (*fields)["layers"] = ValueUtil::listValue(layer_names); (*fields)["entries"] = ValueUtil::structValue(layer_entries); response.add(MessageUtil::getJsonStringFromMessage(runtime, true, true)); return Http::Code::OK; } Http::Code RuntimeHandler::handlerRuntimeModify(absl::string_view url, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream& admin_stream) { Http::Utility::QueryParams params = Http::Utility::parseAndDecodeQueryString(url); if (params.empty()) { // Check if the params are in the request's body. if (admin_stream.getRequestBody() != nullptr && admin_stream.getRequestHeaders().getContentTypeValue() == Http::Headers::get().ContentTypeValues.FormUrlEncoded) { params = Http::Utility::parseFromBody(admin_stream.getRequestBody()->toString()); } if (params.empty()) { response.add("usage: /runtime_modify?key1=value1&key2=value2&keyN=valueN\n"); response.add(" or send the parameters as form values\n"); response.add("use an empty value to remove a previously added override"); return Http::Code::BadRequest; } } absl::node_hash_map overrides; overrides.insert(params.begin(), params.end()); try { server_.runtime().mergeValues(overrides); } catch (const EnvoyException& e) { response.add(e.what()); return Http::Code::ServiceUnavailable; } response.add("OK\n"); return Http::Code::OK; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/runtime_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class RuntimeHandler : public HandlerContextBase { public: RuntimeHandler(Server::Instance& server); Http::Code handlerRuntime(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerRuntimeModify(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/server_cmd_handler.cc ================================================ #include "server/admin/server_cmd_handler.h" namespace Envoy { namespace Server { ServerCmdHandler::ServerCmdHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code ServerCmdHandler::handlerHealthcheckFail(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.failHealthcheck(true); response.add("OK\n"); return Http::Code::OK; } Http::Code ServerCmdHandler::handlerHealthcheckOk(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.failHealthcheck(false); response.add("OK\n"); return Http::Code::OK; } Http::Code ServerCmdHandler::handlerQuitQuitQuit(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.shutdown(); response.add("OK\n"); return Http::Code::OK; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/server_cmd_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ServerCmdHandler : public HandlerContextBase { public: ServerCmdHandler(Server::Instance& server); Http::Code handlerQuitQuitQuit(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerHealthcheckFail(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerHealthcheckOk(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/server_info_handler.cc ================================================ #include "server/admin/server_info_handler.h" #include "envoy/admin/v3/memory.pb.h" #include "common/memory/stats.h" #include "common/version/version.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { ServerInfoHandler::ServerInfoHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code ServerInfoHandler::handlerCerts(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { // This set is used to track distinct certificates. We may have multiple listeners, upstreams, etc // using the same cert. response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); envoy::admin::v3::Certificates certificates; server_.sslContextManager().iterateContexts([&](const Ssl::Context& context) -> void { envoy::admin::v3::Certificate& certificate = *certificates.add_certificates(); if (context.getCaCertInformation() != nullptr) { envoy::admin::v3::CertificateDetails* ca_certificate = certificate.add_ca_cert(); *ca_certificate = *context.getCaCertInformation(); } for (const auto& cert_details : context.getCertChainInformation()) { envoy::admin::v3::CertificateDetails* cert_chain = certificate.add_cert_chain(); *cert_chain = *cert_details; } }); response.add(MessageUtil::getJsonStringFromMessage(certificates, true, true)); return Http::Code::OK; } Http::Code ServerInfoHandler::handlerHotRestartVersion(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { response.add(server_.hotRestart().version()); return Http::Code::OK; } // TODO(ambuc): Add more tcmalloc stats, export proto details based on allocator. Http::Code ServerInfoHandler::handlerMemory(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); envoy::admin::v3::Memory memory; memory.set_allocated(Memory::Stats::totalCurrentlyAllocated()); memory.set_heap_size(Memory::Stats::totalCurrentlyReserved()); memory.set_total_thread_cache(Memory::Stats::totalThreadCacheBytes()); memory.set_pageheap_unmapped(Memory::Stats::totalPageHeapUnmapped()); memory.set_pageheap_free(Memory::Stats::totalPageHeapFree()); memory.set_total_physical_bytes(Memory::Stats::totalPhysicalBytes()); response.add(MessageUtil::getJsonStringFromMessage(memory, true, true)); // pretty-print return Http::Code::OK; } Http::Code ServerInfoHandler::handlerReady(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { const envoy::admin::v3::ServerInfo::State state = Utility::serverState(server_.initManager().state(), server_.healthCheckFailed()); response.add(envoy::admin::v3::ServerInfo::State_Name(state) + "\n"); Http::Code code = state == envoy::admin::v3::ServerInfo::LIVE ? Http::Code::OK : Http::Code::ServiceUnavailable; return code; } Http::Code ServerInfoHandler::handlerServerInfo(absl::string_view, Http::ResponseHeaderMap& headers, Buffer::Instance& response, AdminStream&) { const std::time_t current_time = std::chrono::system_clock::to_time_t(server_.timeSource().systemTime()); const std::time_t uptime_current_epoch = current_time - server_.startTimeCurrentEpoch(); const std::time_t uptime_all_epochs = current_time - server_.startTimeFirstEpoch(); ASSERT(uptime_current_epoch >= 0); ASSERT(uptime_all_epochs >= 0); envoy::admin::v3::ServerInfo server_info; server_info.set_version(VersionInfo::version()); server_info.set_hot_restart_version(server_.hotRestart().version()); server_info.set_state( Utility::serverState(server_.initManager().state(), server_.healthCheckFailed())); server_info.mutable_uptime_current_epoch()->set_seconds(uptime_current_epoch); server_info.mutable_uptime_all_epochs()->set_seconds(uptime_all_epochs); envoy::admin::v3::CommandLineOptions* command_line_options = server_info.mutable_command_line_options(); *command_line_options = *server_.options().toCommandLineOptions(); server_info.mutable_node()->MergeFrom(server_.localInfo().node()); response.add(MessageUtil::getJsonStringFromMessage(server_info, true, true)); headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); return Http::Code::OK; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/server_info_handler.h ================================================ #pragma once #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class ServerInfoHandler : public HandlerContextBase { public: ServerInfoHandler(Server::Instance& server); Http::Code handlerCerts(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerServerInfo(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerReady(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerHotRestartVersion(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerMemory(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/stats_handler.cc ================================================ #include "server/admin/stats_handler.h" #include "envoy/admin/v3/mutex_stats.pb.h" #include "common/common/empty_string.h" #include "common/html/utility.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "server/admin/prometheus_stats.h" #include "server/admin/utils.h" namespace Envoy { namespace Server { const uint64_t RecentLookupsCapacity = 100; StatsHandler::StatsHandler(Server::Instance& server) : HandlerContextBase(server) {} Http::Code StatsHandler::handlerResetCounters(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { for (const Stats::CounterSharedPtr& counter : server_.stats().counters()) { counter->reset(); } server_.stats().symbolTable().clearRecentLookups(); response.add("OK\n"); return Http::Code::OK; } Http::Code StatsHandler::handlerStatsRecentLookups(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { Stats::SymbolTable& symbol_table = server_.stats().symbolTable(); std::string table; const uint64_t total = symbol_table.getRecentLookups([&table](absl::string_view name, uint64_t count) { table += fmt::format("{:8d} {}\n", count, name); }); if (table.empty() && symbol_table.recentLookupCapacity() == 0) { table = "Lookup tracking is not enabled. Use /stats/recentlookups/enable to enable.\n"; } else { response.add(" Count Lookup\n"); } response.add(absl::StrCat(table, "\ntotal: ", total, "\n")); return Http::Code::OK; } Http::Code StatsHandler::handlerStatsRecentLookupsClear(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.stats().symbolTable().clearRecentLookups(); response.add("OK\n"); return Http::Code::OK; } Http::Code StatsHandler::handlerStatsRecentLookupsDisable(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.stats().symbolTable().setRecentLookupCapacity(0); response.add("OK\n"); return Http::Code::OK; } Http::Code StatsHandler::handlerStatsRecentLookupsEnable(absl::string_view, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { server_.stats().symbolTable().setRecentLookupCapacity(RecentLookupsCapacity); response.add("OK\n"); return Http::Code::OK; } Http::Code StatsHandler::handlerStats(absl::string_view url, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream& admin_stream) { Http::Code rc = Http::Code::OK; const Http::Utility::QueryParams params = Http::Utility::parseAndDecodeQueryString(url); const bool used_only = params.find("usedonly") != params.end(); absl::optional regex; if (!Utility::filterParam(params, response, regex)) { return Http::Code::BadRequest; } std::map all_stats; for (const Stats::CounterSharedPtr& counter : server_.stats().counters()) { if (shouldShowMetric(*counter, used_only, regex)) { all_stats.emplace(counter->name(), counter->value()); } } for (const Stats::GaugeSharedPtr& gauge : server_.stats().gauges()) { if (shouldShowMetric(*gauge, used_only, regex)) { ASSERT(gauge->importMode() != Stats::Gauge::ImportMode::Uninitialized); all_stats.emplace(gauge->name(), gauge->value()); } } std::map text_readouts; for (const auto& text_readout : server_.stats().textReadouts()) { if (shouldShowMetric(*text_readout, used_only, regex)) { text_readouts.emplace(text_readout->name(), text_readout->value()); } } if (const auto format_value = Utility::formatParam(params)) { if (format_value.value() == "json") { response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); response.add( statsAsJson(all_stats, text_readouts, server_.stats().histograms(), used_only, regex)); } else if (format_value.value() == "prometheus") { return handlerPrometheusStats(url, response_headers, response, admin_stream); } else { response.add("usage: /stats?format=json or /stats?format=prometheus \n"); response.add("\n"); rc = Http::Code::NotFound; } } else { // Display plain stats if format query param is not there. for (const auto& text_readout : text_readouts) { response.add(fmt::format("{}: \"{}\"\n", text_readout.first, Html::Utility::sanitize(text_readout.second))); } for (const auto& stat : all_stats) { response.add(fmt::format("{}: {}\n", stat.first, stat.second)); } std::map all_histograms; for (const Stats::ParentHistogramSharedPtr& histogram : server_.stats().histograms()) { if (shouldShowMetric(*histogram, used_only, regex)) { auto insert = all_histograms.emplace(histogram->name(), histogram->quantileSummary()); ASSERT(insert.second); // No duplicates expected. } } for (const auto& histogram : all_histograms) { response.add(fmt::format("{}: {}\n", histogram.first, histogram.second)); } } return rc; } Http::Code StatsHandler::handlerPrometheusStats(absl::string_view path_and_query, Http::ResponseHeaderMap&, Buffer::Instance& response, AdminStream&) { const Http::Utility::QueryParams params = Http::Utility::parseAndDecodeQueryString(path_and_query); const bool used_only = params.find("usedonly") != params.end(); absl::optional regex; if (!Utility::filterParam(params, response, regex)) { return Http::Code::BadRequest; } PrometheusStatsFormatter::statsAsPrometheus(server_.stats().counters(), server_.stats().gauges(), server_.stats().histograms(), response, used_only, regex); return Http::Code::OK; } // TODO(ambuc) Export this as a server (?) stat for monitoring. Http::Code StatsHandler::handlerContention(absl::string_view, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&) { if (server_.options().mutexTracingEnabled() && server_.mutexTracer() != nullptr) { response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); envoy::admin::v3::MutexStats mutex_stats; mutex_stats.set_num_contentions(server_.mutexTracer()->numContentions()); mutex_stats.set_current_wait_cycles(server_.mutexTracer()->currentWaitCycles()); mutex_stats.set_lifetime_wait_cycles(server_.mutexTracer()->lifetimeWaitCycles()); response.add(MessageUtil::getJsonStringFromMessage(mutex_stats, true, true)); } else { response.add("Mutex contention tracing is not enabled. To enable, run Envoy with flag " "--enable-mutex-tracing."); } return Http::Code::OK; } std::string StatsHandler::statsAsJson(const std::map& all_stats, const std::map& text_readouts, const std::vector& all_histograms, const bool used_only, const absl::optional regex, const bool pretty_print) { ProtobufWkt::Struct document; std::vector stats_array; for (const auto& text_readout : text_readouts) { ProtobufWkt::Struct stat_obj; auto* stat_obj_fields = stat_obj.mutable_fields(); (*stat_obj_fields)["name"] = ValueUtil::stringValue(text_readout.first); (*stat_obj_fields)["value"] = ValueUtil::stringValue(text_readout.second); stats_array.push_back(ValueUtil::structValue(stat_obj)); } for (const auto& stat : all_stats) { ProtobufWkt::Struct stat_obj; auto* stat_obj_fields = stat_obj.mutable_fields(); (*stat_obj_fields)["name"] = ValueUtil::stringValue(stat.first); (*stat_obj_fields)["value"] = ValueUtil::numberValue(stat.second); stats_array.push_back(ValueUtil::structValue(stat_obj)); } ProtobufWkt::Struct histograms_obj; auto* histograms_obj_fields = histograms_obj.mutable_fields(); ProtobufWkt::Struct histograms_obj_container; auto* histograms_obj_container_fields = histograms_obj_container.mutable_fields(); std::vector computed_quantile_array; bool found_used_histogram = false; for (const Stats::ParentHistogramSharedPtr& histogram : all_histograms) { if (shouldShowMetric(*histogram, used_only, regex)) { if (!found_used_histogram) { // It is not possible for the supported quantiles to differ across histograms, so it is ok // to send them once. Stats::HistogramStatisticsImpl empty_statistics; std::vector supported_quantile_array; for (double quantile : empty_statistics.supportedQuantiles()) { supported_quantile_array.push_back(ValueUtil::numberValue(quantile * 100)); } (*histograms_obj_fields)["supported_quantiles"] = ValueUtil::listValue(supported_quantile_array); found_used_histogram = true; } ProtobufWkt::Struct computed_quantile; auto* computed_quantile_fields = computed_quantile.mutable_fields(); (*computed_quantile_fields)["name"] = ValueUtil::stringValue(histogram->name()); std::vector computed_quantile_value_array; for (size_t i = 0; i < histogram->intervalStatistics().supportedQuantiles().size(); ++i) { ProtobufWkt::Struct computed_quantile_value; auto* computed_quantile_value_fields = computed_quantile_value.mutable_fields(); const auto& interval = histogram->intervalStatistics().computedQuantiles()[i]; const auto& cumulative = histogram->cumulativeStatistics().computedQuantiles()[i]; (*computed_quantile_value_fields)["interval"] = std::isnan(interval) ? ValueUtil::nullValue() : ValueUtil::numberValue(interval); (*computed_quantile_value_fields)["cumulative"] = std::isnan(cumulative) ? ValueUtil::nullValue() : ValueUtil::numberValue(cumulative); computed_quantile_value_array.push_back(ValueUtil::structValue(computed_quantile_value)); } (*computed_quantile_fields)["values"] = ValueUtil::listValue(computed_quantile_value_array); computed_quantile_array.push_back(ValueUtil::structValue(computed_quantile)); } } if (found_used_histogram) { (*histograms_obj_fields)["computed_quantiles"] = ValueUtil::listValue(computed_quantile_array); (*histograms_obj_container_fields)["histograms"] = ValueUtil::structValue(histograms_obj); stats_array.push_back(ValueUtil::structValue(histograms_obj_container)); } auto* document_fields = document.mutable_fields(); (*document_fields)["stats"] = ValueUtil::listValue(stats_array); return MessageUtil::getJsonStringFromMessage(document, pretty_print, true); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/stats_handler.h ================================================ #pragma once #include #include #include "envoy/buffer/buffer.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/server/admin.h" #include "envoy/server/instance.h" #include "common/stats/histogram_impl.h" #include "server/admin/handler_ctx.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { class StatsHandler : public HandlerContextBase { public: StatsHandler(Server::Instance& server); Http::Code handlerResetCounters(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerStatsRecentLookups(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerStatsRecentLookupsClear(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerStatsRecentLookupsDisable(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerStatsRecentLookupsEnable(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerStats(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerPrometheusStats(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); Http::Code handlerContention(absl::string_view path_and_query, Http::ResponseHeaderMap& response_headers, Buffer::Instance& response, AdminStream&); private: template static bool shouldShowMetric(const StatType& metric, const bool used_only, const absl::optional& regex) { return ((!used_only || metric.used()) && (!regex.has_value() || std::regex_search(metric.name(), regex.value()))); } friend class AdminStatsTest; static std::string statsAsJson(const std::map& all_stats, const std::map& text_readouts, const std::vector& all_histograms, bool used_only, const absl::optional regex = absl::nullopt, bool pretty_print = false); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/utils.cc ================================================ #include "server/admin/utils.h" #include "common/common/enum_to_int.h" #include "common/http/headers.h" namespace Envoy { namespace Server { namespace Utility { envoy::admin::v3::ServerInfo::State serverState(Init::Manager::State state, bool health_check_failed) { switch (state) { case Init::Manager::State::Uninitialized: return envoy::admin::v3::ServerInfo::PRE_INITIALIZING; case Init::Manager::State::Initializing: return envoy::admin::v3::ServerInfo::INITIALIZING; case Init::Manager::State::Initialized: return health_check_failed ? envoy::admin::v3::ServerInfo::DRAINING : envoy::admin::v3::ServerInfo::LIVE; } NOT_REACHED_GCOVR_EXCL_LINE; } void populateFallbackResponseHeaders(Http::Code code, Http::ResponseHeaderMap& header_map) { header_map.setStatus(std::to_string(enumToInt(code))); if (header_map.ContentType() == nullptr) { // Default to text-plain if unset. header_map.setReferenceContentType(Http::Headers::get().ContentTypeValues.TextUtf8); } // Default to 'no-cache' if unset, but not 'no-store' which may break the back button. if (header_map.get(Http::CustomHeaders::get().CacheControl) == nullptr) { header_map.setReference(Http::CustomHeaders::get().CacheControl, Http::CustomHeaders::get().CacheControlValues.NoCacheMaxAge0); } // Under no circumstance should browsers sniff content-type. header_map.addReference(Http::Headers::get().XContentTypeOptions, Http::Headers::get().XContentTypeOptionValues.Nosniff); } // Helper method to get filter parameter, or report an error for an invalid regex. bool filterParam(Http::Utility::QueryParams params, Buffer::Instance& response, absl::optional& regex) { auto p = params.find("filter"); if (p != params.end()) { const std::string& pattern = p->second; try { regex = std::regex(pattern); } catch (std::regex_error& error) { // Include the offending pattern in the log, but not the error message. response.add(fmt::format("Invalid regex: \"{}\"\n", error.what())); ENVOY_LOG_MISC(error, "admin: Invalid regex: \"{}\": {}", error.what(), pattern); return false; } } return true; } // Helper method to get the format parameter. absl::optional formatParam(const Http::Utility::QueryParams& params) { return queryParam(params, "format"); } // Helper method to get a query parameter. absl::optional queryParam(const Http::Utility::QueryParams& params, const std::string& key) { return (params.find(key) != params.end()) ? absl::optional{params.at(key)} : absl::nullopt; } } // namespace Utility } // namespace Server } // namespace Envoy ================================================ FILE: source/server/admin/utils.h ================================================ #pragma once #include #include "envoy/admin/v3/server_info.pb.h" #include "envoy/init/manager.h" #include "common/http/codes.h" #include "common/http/header_map_impl.h" #include "common/http/utility.h" namespace Envoy { namespace Server { namespace Utility { envoy::admin::v3::ServerInfo::State serverState(Init::Manager::State state, bool health_check_failed); void populateFallbackResponseHeaders(Http::Code code, Http::ResponseHeaderMap& header_map); bool filterParam(Http::Utility::QueryParams params, Buffer::Instance& response, absl::optional& regex); absl::optional formatParam(const Http::Utility::QueryParams& params); absl::optional queryParam(const Http::Utility::QueryParams& params, const std::string& key); } // namespace Utility } // namespace Server } // namespace Envoy ================================================ FILE: source/server/api_listener_impl.cc ================================================ #include "server/api_listener_impl.h" #include "envoy/api/v2/lds.pb.h" #include "envoy/api/v2/listener/listener.pb.h" #include "envoy/stats/scope.h" #include "common/http/conn_manager_impl.h" #include "common/network/resolver_impl.h" #include "common/protobuf/utility.h" #include "server/drain_manager_impl.h" #include "server/listener_manager_impl.h" #include "extensions/filters/network/http_connection_manager/config.h" namespace Envoy { namespace Server { ApiListenerImplBase::ApiListenerImplBase(const envoy::config::listener::v3::Listener& config, ListenerManagerImpl& parent, const std::string& name) : config_(config), parent_(parent), name_(name), address_(Network::Address::resolveProtoAddress(config.address())), global_scope_(parent_.server_.stats().createScope("")), listener_scope_(parent_.server_.stats().createScope(fmt::format("listener.api.{}.", name_))), factory_context_(parent_.server_, config_, *this, *global_scope_, *listener_scope_), read_callbacks_(SyntheticReadCallbacks(*this)) {} void ApiListenerImplBase::SyntheticReadCallbacks::SyntheticConnection::raiseConnectionEvent( Network::ConnectionEvent event) { for (Network::ConnectionCallbacks* callback : callbacks_) { callback->onEvent(event); } } HttpApiListener::HttpApiListener(const envoy::config::listener::v3::Listener& config, ListenerManagerImpl& parent, const std::string& name) : ApiListenerImplBase(config, parent, name) { auto typed_config = MessageUtil::anyConvertAndValidate< envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager>( config.api_listener().api_listener(), factory_context_.messageValidationVisitor()); http_connection_manager_factory_ = Envoy::Extensions::NetworkFilters::HttpConnectionManager:: HttpConnectionManagerFactory::createHttpConnectionManagerFactoryFromProto( typed_config, factory_context_, read_callbacks_); } Http::ApiListenerOptRef HttpApiListener::http() { if (!http_connection_manager_) { http_connection_manager_ = http_connection_manager_factory_(); } return Http::ApiListenerOptRef(std::ref(*http_connection_manager_)); } void HttpApiListener::shutdown() { // The Http::ConnectionManagerImpl is a callback target for the read_callback_.connection_. By // raising connection closure, Http::ConnectionManagerImpl::onEvent is fired. In that case the // Http::ConnectionManagerImpl will reset any ActiveStreams it has. read_callbacks_.connection_.raiseConnectionEvent(Network::ConnectionEvent::RemoteClose); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/api_listener_impl.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/server/api_listener.h" #include "envoy/server/drain_manager.h" #include "envoy/server/filter_config.h" #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" #include "common/common/empty_string.h" #include "common/common/logger.h" #include "common/http/conn_manager_impl.h" #include "common/init/manager_impl.h" #include "common/stream_info/stream_info_impl.h" #include "server/filter_chain_manager_impl.h" namespace Envoy { namespace Server { class ListenerManagerImpl; /** * Base class all ApiListeners. */ class ApiListenerImplBase : public ApiListener, public Network::DrainDecision, Logger::Loggable { public: // TODO(junr03): consider moving Envoy Mobile's SyntheticAddressImpl to Envoy in order to return // that rather than this semi-real one. const Network::Address::InstanceConstSharedPtr& address() const { return address_; } // ApiListener absl::string_view name() const override { return name_; } // Network::DrainDecision // TODO(junr03): hook up draining to listener state management. bool drainClose() const override { return false; } protected: ApiListenerImplBase(const envoy::config::listener::v3::Listener& config, ListenerManagerImpl& parent, const std::string& name); // Synthetic class that acts as a stub Network::ReadFilterCallbacks. // TODO(junr03): if we are able to separate the Network Filter aspects of the // Http::ConnectionManagerImpl from the http management aspects of it, it is possible we would not // need this and the SyntheticConnection stub anymore. class SyntheticReadCallbacks : public Network::ReadFilterCallbacks { public: SyntheticReadCallbacks(ApiListenerImplBase& parent) : parent_(parent), connection_(SyntheticConnection(*this)) {} // Network::ReadFilterCallbacks void continueReading() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void injectReadDataToFilterChain(Buffer::Instance&, bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Upstream::HostDescriptionConstSharedPtr upstreamHost() override { return nullptr; } void upstreamHost(Upstream::HostDescriptionConstSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Network::Connection& connection() override { return connection_; } // Synthetic class that acts as a stub for the connection backing the // Network::ReadFilterCallbacks. class SyntheticConnection : public Network::Connection { public: SyntheticConnection(SyntheticReadCallbacks& parent) : parent_(parent), stream_info_(parent_.parent_.factory_context_.timeSource()), options_(std::make_shared>()) {} void raiseConnectionEvent(Network::ConnectionEvent event); // Network::FilterManager void addWriteFilter(Network::WriteFilterSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void addFilter(Network::FilterSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void addReadFilter(Network::ReadFilterSharedPtr) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } bool initializeReadFilters() override { return true; } // Network::Connection void addConnectionCallbacks(Network::ConnectionCallbacks& cb) override { callbacks_.push_back(&cb); } void addBytesSentCallback(Network::Connection::BytesSentCb) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void enableHalfClose(bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void close(Network::ConnectionCloseType) override {} Event::Dispatcher& dispatcher() override { return parent_.parent_.factory_context_.dispatcher(); } uint64_t id() const override { return 12345; } void hashKey(std::vector&) const override {} std::string nextProtocol() const override { return EMPTY_STRING; } void noDelay(bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void readDisable(bool) override {} void detectEarlyCloseWhenReadDisabled(bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } bool readEnabled() const override { return true; } const Network::Address::InstanceConstSharedPtr& remoteAddress() const override { return parent_.parent_.address(); } const Network::Address::InstanceConstSharedPtr& directRemoteAddress() const override { return parent_.parent_.address(); } absl::optional unixSocketPeerCredentials() const override { return absl::nullopt; } const Network::Address::InstanceConstSharedPtr& localAddress() const override { return parent_.parent_.address(); } void setConnectionStats(const Network::Connection::ConnectionStats&) override {} Ssl::ConnectionInfoConstSharedPtr ssl() const override { return nullptr; } absl::string_view requestedServerName() const override { return EMPTY_STRING; } State state() const override { return Network::Connection::State::Open; } void write(Buffer::Instance&, bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void setBufferLimits(uint32_t) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } uint32_t bufferLimit() const override { return 65000; } bool localAddressRestored() const override { return false; } bool aboveHighWatermark() const override { return false; } const Network::ConnectionSocket::OptionsSharedPtr& socketOptions() const override { return options_; } StreamInfo::StreamInfo& streamInfo() override { return stream_info_; } const StreamInfo::StreamInfo& streamInfo() const override { return stream_info_; } void setDelayedCloseTimeout(std::chrono::milliseconds) override {} absl::string_view transportFailureReason() const override { return EMPTY_STRING; } absl::optional lastRoundTripTime() const override { return {}; }; SyntheticReadCallbacks& parent_; StreamInfo::StreamInfoImpl stream_info_; Network::ConnectionSocket::OptionsSharedPtr options_; std::list callbacks_; }; ApiListenerImplBase& parent_; SyntheticConnection connection_; }; const envoy::config::listener::v3::Listener& config_; ListenerManagerImpl& parent_; const std::string name_; Network::Address::InstanceConstSharedPtr address_; Stats::ScopePtr global_scope_; Stats::ScopePtr listener_scope_; FactoryContextImpl factory_context_; SyntheticReadCallbacks read_callbacks_; }; /** * ApiListener that provides a handle to inject HTTP calls into Envoy via an * Http::ConnectionManager. Thus, it provides full access to Envoy's L7 features, e.g HTTP filters. */ class HttpApiListener : public ApiListenerImplBase { public: HttpApiListener(const envoy::config::listener::v3::Listener& config, ListenerManagerImpl& parent, const std::string& name); // ApiListener ApiListener::Type type() const override { return ApiListener::Type::HttpApiListener; } Http::ApiListenerOptRef http() override; void shutdown() override; Network::ReadFilterCallbacks& readCallbacksForTest() { return read_callbacks_; } private: // Need to store the factory due to the shared_ptrs that need to be kept alive: date provider, // route config manager, scoped route config manager. std::function http_connection_manager_factory_; // Http::ServerConnectionCallbacks is the API surface that this class provides via its handle(). Http::ApiListenerPtr http_connection_manager_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/backtrace.cc ================================================ #include "server/backtrace.h" #include namespace Envoy { bool BackwardsTrace::log_to_stderr_ = false; void BackwardsTrace::setLogToStderr(bool log_to_stderr) { log_to_stderr_ = log_to_stderr; } } // namespace Envoy ================================================ FILE: source/server/backtrace.h ================================================ #pragma once #include #include "common/common/logger.h" #include "common/version/version.h" #include "absl/debugging/stacktrace.h" #include "absl/debugging/symbolize.h" namespace Envoy { #define BACKTRACE_LOG() \ do { \ BackwardsTrace t; \ t.capture(); \ t.logTrace(); \ } while (0) /** * Use absl::Stacktrace and absl::Symbolize to log resolved symbols * stack traces on demand. To use this just do: * * BackwardsTrace tracer; * tracer.capture(); // Trace is captured as of here. * tracer.logTrace(); // Output the captured trace to the log. * * The capture and log steps are separated to enable debugging in the case where * you want to capture a stack trace from inside some logic but don't know whether * you want to bother logging it until later. * * For convenience a macro is provided BACKTRACE_LOG() which performs the * construction, capture, and log in one shot. * * If the symbols cannot be resolved by absl::Symbolize then the raw address * will be printed instead. */ class BackwardsTrace : Logger::Loggable { public: BackwardsTrace() = default; /** * Directs the output of logTrace() to directly stderr rather than the * logging infrastructure. * * This is intended for coverage tests, where we enable trace logs, but send * them to /dev/null to avoid accumulating too much data in CI. * * @param log_to_stderr Whether to log to stderr or the logging system. */ static void setLogToStderr(bool log_to_stderr); /** * @return whether the system directing backtraces directly to stderr. */ static bool logToStderr() { return log_to_stderr_; } /** * Capture a stack trace. * * The trace will begin with the call to capture(). */ void capture() { // Skip of one means we exclude the last call, which must be to capture(). stack_depth_ = absl::GetStackTrace(stack_trace_, MaxStackDepth, /* skip_count = */ 1); } /** * Capture a stack trace from a particular context. * * This can be used to capture a useful stack trace from a fatal signal * handler. The context argument should be a pointer to the context passed * to a signal handler registered via a sigaction struct. * * @param context A pointer to ucontext_t obtained from a sigaction handler. */ void captureFrom(const void* context) { stack_depth_ = absl::GetStackTraceWithContext(stack_trace_, MaxStackDepth, /* skip_count = */ 1, context, /* min_dropped_frames = */ nullptr); } /** * Log the stack trace. */ void logTrace() { if (log_to_stderr_) { printTrace(std::cerr); return; } ENVOY_LOG(critical, "Backtrace (use tools/stack_decode.py to get line numbers):"); ENVOY_LOG(critical, "Envoy version: {}", VersionInfo::version()); visitTrace([](int index, const char* symbol, void* address) { if (symbol != nullptr) { ENVOY_LOG(critical, "#{}: {} [{}]", index, symbol, address); } else { ENVOY_LOG(critical, "#{}: [{}]", index, address); } }); } void logFault(const char* signame, const void* addr) { ENVOY_LOG(critical, "Caught {}, suspect faulting address {}", signame, addr); } void printTrace(std::ostream& os) { visitTrace([&](int index, const char* symbol, void* address) { if (symbol != nullptr) { os << "#" << index << " " << symbol << " [" << address << "]\n"; } else { os << "#" << index << " [" << address << "]\n"; } }); } private: static bool log_to_stderr_; /** * Visit the previously captured stack trace. * * The visitor function is called once per frame, with 3 parameters: * 1. (int) The index of the current frame. * 2. (const char*) The symbol name for the address of the current frame. nullptr means * symbolization failed. * 3. (void*) The address of the current frame. */ void visitTrace(const std::function& visitor) { for (int i = 0; i < stack_depth_; ++i) { char out[1024]; const bool success = absl::Symbolize(stack_trace_[i], out, sizeof(out)); if (success) { visitor(i, out, stack_trace_[i]); } else { visitor(i, nullptr, stack_trace_[i]); } } } static constexpr int MaxStackDepth = 64; void* stack_trace_[MaxStackDepth]; int stack_depth_{0}; }; } // namespace Envoy ================================================ FILE: source/server/config_validation/BUILD ================================================ load("//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "admin_lib", srcs = ["admin.cc"], hdrs = ["admin.h"], deps = [ "//include/envoy/server:admin_interface", "//source/common/common:assert_lib", "//source/server/admin:config_tracker_lib", ], ) envoy_cc_library( name = "api_lib", srcs = ["api.cc"], hdrs = ["api.h"], deps = [ ":dispatcher_lib", "//include/envoy/api:api_interface", "//include/envoy/filesystem:filesystem_interface", "//source/common/api:api_lib", ], ) envoy_cc_library( name = "async_client_lib", srcs = ["async_client.cc"], hdrs = ["async_client.h"], deps = [ ":dispatcher_lib", "//include/envoy/http:async_client_interface", "//include/envoy/http:message_interface", "//source/common/common:assert_lib", ], ) envoy_cc_library( name = "cluster_manager_lib", srcs = ["cluster_manager.cc"], hdrs = ["cluster_manager.h"], deps = [ ":async_client_lib", "//include/envoy/upstream:cluster_manager_interface", "//source/common/common:utility_lib", "//source/common/http:context_lib", "//source/common/upstream:cluster_manager_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_library( name = "dispatcher_lib", srcs = ["dispatcher.cc"], hdrs = [ "connection.h", "dispatcher.h", "dns.h", ], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/event:dispatcher_lib", ], ) envoy_cc_library( name = "dns_lib", srcs = ["dns.cc"], hdrs = ["dns.h"], deps = [ "//include/envoy/event:dispatcher_interface", "//include/envoy/network:dns_interface", ], ) envoy_cc_library( name = "server_lib", srcs = ["server.cc"], hdrs = ["server.h"], external_deps = ["abseil_optional"], deps = [ ":admin_lib", ":api_lib", ":cluster_manager_lib", ":dns_lib", "//include/envoy/server:drain_manager_interface", "//include/envoy/server:instance_interface", "//include/envoy/ssl:context_manager_interface", "//include/envoy/tracing:http_tracer_interface", "//source/common/access_log:access_log_manager_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/common/grpc:common_lib", "//source/common/local_info:local_info_lib", "//source/common/protobuf:utility_lib", "//source/common/router:rds_lib", "//source/common/runtime:runtime_lib", "//source/common/stats:stats_lib", "//source/common/thread_local:thread_local_lib", "//source/common/version:version_lib", "//source/server:configuration_lib", "//source/server:server_lib", "//source/server/admin:admin_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) ================================================ FILE: source/server/config_validation/admin.cc ================================================ #include "server/config_validation/admin.h" namespace Envoy { namespace Server { // Pretend that handler was added successfully. bool ValidationAdmin::addHandler(const std::string&, const std::string&, HandlerCb, bool, bool) { return true; } bool ValidationAdmin::removeHandler(const std::string&) { return true; } const Network::Socket& ValidationAdmin::socket() { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } ConfigTracker& ValidationAdmin::getConfigTracker() { return config_tracker_; } void ValidationAdmin::startHttpListener(const std::string&, const std::string&, Network::Address::InstanceConstSharedPtr, const Network::Socket::OptionsSharedPtr&, Stats::ScopePtr&&) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Http::Code ValidationAdmin::request(absl::string_view, absl::string_view, Http::ResponseHeaderMap&, std::string&) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void ValidationAdmin::addListenerToHandler(Network::ConnectionHandler*) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/config_validation/admin.h ================================================ #pragma once #include "envoy/server/admin.h" #include "common/common/assert.h" #include "server/admin/config_tracker_impl.h" namespace Envoy { namespace Server { /** * Config-validation-only implementation Server::Admin. This implementation is * needed because Admin is referenced by components of the server that add and * remove handlers. */ class ValidationAdmin : public Admin { public: bool addHandler(const std::string&, const std::string&, HandlerCb, bool, bool) override; bool removeHandler(const std::string&) override; const Network::Socket& socket() override; ConfigTracker& getConfigTracker() override; void startHttpListener(const std::string& access_log_path, const std::string& address_out_path, Network::Address::InstanceConstSharedPtr address, const Network::Socket::OptionsSharedPtr&, Stats::ScopePtr&& listener_scope) override; Http::Code request(absl::string_view path_and_query, absl::string_view method, Http::ResponseHeaderMap& response_headers, std::string& body) override; void addListenerToHandler(Network::ConnectionHandler* handler) override; uint32_t concurrency() const override { return 1; } private: ConfigTrackerImpl config_tracker_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/config_validation/api.cc ================================================ #include "server/config_validation/api.h" #include "common/common/assert.h" #include "server/config_validation/dispatcher.h" namespace Envoy { namespace Api { ValidationImpl::ValidationImpl(Thread::ThreadFactory& thread_factory, Stats::Store& stats_store, Event::TimeSystem& time_system, Filesystem::Instance& file_system, Random::RandomGenerator& random_generator) : Impl(thread_factory, stats_store, time_system, file_system, random_generator), time_system_(time_system) {} Event::DispatcherPtr ValidationImpl::allocateDispatcher(const std::string& name) { return Event::DispatcherPtr{new Event::ValidationDispatcher(name, *this, time_system_)}; } Event::DispatcherPtr ValidationImpl::allocateDispatcher(const std::string&, Buffer::WatermarkFactoryPtr&&) { NOT_REACHED_GCOVR_EXCL_LINE; } } // namespace Api } // namespace Envoy ================================================ FILE: source/server/config_validation/api.h ================================================ #pragma once #include "envoy/api/api.h" #include "envoy/event/timer.h" #include "envoy/filesystem/filesystem.h" #include "common/api/api_impl.h" namespace Envoy { namespace Api { /** * Config-validation-only implementation of Api::Api. Delegates to Api::Impl, * except for allocateDispatcher() which sets up a ValidationDispatcher. */ class ValidationImpl : public Impl { public: ValidationImpl(Thread::ThreadFactory& thread_factory, Stats::Store& stats_store, Event::TimeSystem& time_system, Filesystem::Instance& file_system, Random::RandomGenerator& random_generator); Event::DispatcherPtr allocateDispatcher(const std::string& name) override; Event::DispatcherPtr allocateDispatcher(const std::string& name, Buffer::WatermarkFactoryPtr&& watermark_factory) override; private: Event::TimeSystem& time_system_; }; } // namespace Api } // namespace Envoy ================================================ FILE: source/server/config_validation/async_client.cc ================================================ #include "server/config_validation/async_client.h" namespace Envoy { namespace Http { ValidationAsyncClient::ValidationAsyncClient(Api::Api& api, Event::TimeSystem& time_system) : dispatcher_("validation_async_client", api, time_system) {} AsyncClient::Request* ValidationAsyncClient::send(RequestMessagePtr&&, Callbacks&, const RequestOptions&) { return nullptr; } AsyncClient::Stream* ValidationAsyncClient::start(StreamCallbacks&, const StreamOptions&) { return nullptr; } } // namespace Http } // namespace Envoy ================================================ FILE: source/server/config_validation/async_client.h ================================================ #pragma once #include #include "envoy/http/async_client.h" #include "envoy/http/message.h" #include "common/common/assert.h" #include "server/config_validation/dispatcher.h" namespace Envoy { namespace Http { /** * Config-validation-only implementation of AsyncClient. Both methods on AsyncClient are allowed to * return nullptr if the request can't be created, so that's what the ValidationAsyncClient does in * all cases. */ class ValidationAsyncClient : public AsyncClient { public: ValidationAsyncClient(Api::Api& api, Event::TimeSystem& time_system); // Http::AsyncClient AsyncClient::Request* send(RequestMessagePtr&& request, Callbacks& callbacks, const RequestOptions&) override; AsyncClient::Stream* start(StreamCallbacks& callbacks, const StreamOptions&) override; Event::Dispatcher& dispatcher() override { return dispatcher_; } private: Event::ValidationDispatcher dispatcher_; }; } // namespace Http } // namespace Envoy ================================================ FILE: source/server/config_validation/cluster_manager.cc ================================================ #include "server/config_validation/cluster_manager.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "common/common/utility.h" namespace Envoy { namespace Upstream { ClusterManagerPtr ValidationClusterManagerFactory::clusterManagerFromProto( const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { return std::make_unique( bootstrap, *this, stats_, tls_, runtime_, local_info_, log_manager_, main_thread_dispatcher_, admin_, validation_context_, api_, http_context_, grpc_context_, time_system_); } CdsApiPtr ValidationClusterManagerFactory::createCds(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm) { // Create the CdsApiImpl... ProdClusterManagerFactory::createCds(cds_config, cm); // ... and then throw it away, so that we don't actually connect to it. return nullptr; } ValidationClusterManager::ValidationClusterManager( const envoy::config::bootstrap::v3::Bootstrap& bootstrap, ClusterManagerFactory& factory, Stats::Store& stats, ThreadLocal::Instance& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, AccessLog::AccessLogManager& log_manager, Event::Dispatcher& main_thread_dispatcher, Server::Admin& admin, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context, Event::TimeSystem& time_system) : ClusterManagerImpl(bootstrap, factory, stats, tls, runtime, local_info, log_manager, main_thread_dispatcher, admin, validation_context, api, http_context, grpc_context), async_client_(api, time_system) {} Http::ConnectionPool::Instance* ValidationClusterManager::httpConnPoolForCluster( const std::string&, ResourcePriority, absl::optional, LoadBalancerContext*) { return nullptr; } Host::CreateConnectionData ValidationClusterManager::tcpConnForCluster(const std::string&, LoadBalancerContext*) { return Host::CreateConnectionData{nullptr, nullptr}; } Http::AsyncClient& ValidationClusterManager::httpAsyncClientForCluster(const std::string&) { return async_client_; } } // namespace Upstream } // namespace Envoy ================================================ FILE: source/server/config_validation/cluster_manager.h ================================================ #pragma once #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/secret/secret_manager.h" #include "envoy/upstream/cluster_manager.h" #include "common/http/context_impl.h" #include "common/upstream/cluster_manager_impl.h" #include "server/config_validation/async_client.h" namespace Envoy { namespace Upstream { /** * Config-validation-only implementation of ClusterManagerFactory, which creates * ValidationClusterManagers. It also creates, but never returns, CdsApiImpls. */ class ValidationClusterManagerFactory : public ProdClusterManagerFactory { public: using ProdClusterManagerFactory::ProdClusterManagerFactory; explicit ValidationClusterManagerFactory( Server::Admin& admin, Runtime::Loader& runtime, Stats::Store& stats, ThreadLocal::Instance& tls, Network::DnsResolverSharedPtr dns_resolver, Ssl::ContextManager& ssl_context_manager, Event::Dispatcher& main_thread_dispatcher, const LocalInfo::LocalInfo& local_info, Secret::SecretManager& secret_manager, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context, AccessLog::AccessLogManager& log_manager, Singleton::Manager& singleton_manager, Event::TimeSystem& time_system) : ProdClusterManagerFactory(admin, runtime, stats, tls, dns_resolver, ssl_context_manager, main_thread_dispatcher, local_info, secret_manager, validation_context, api, http_context, grpc_context, log_manager, singleton_manager), grpc_context_(grpc_context), time_system_(time_system) {} ClusterManagerPtr clusterManagerFromProto(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) override; // Delegates to ProdClusterManagerFactory::createCds, but discards the result and returns nullptr // unconditionally. CdsApiPtr createCds(const envoy::config::core::v3::ConfigSource& cds_config, ClusterManager& cm) override; private: Grpc::Context& grpc_context_; Event::TimeSystem& time_system_; }; /** * Config-validation-only implementation of ClusterManager, which opens no upstream connections. */ class ValidationClusterManager : public ClusterManagerImpl { public: ValidationClusterManager(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, ClusterManagerFactory& factory, Stats::Store& stats, ThreadLocal::Instance& tls, Runtime::Loader& runtime, const LocalInfo::LocalInfo& local_info, AccessLog::AccessLogManager& log_manager, Event::Dispatcher& dispatcher, Server::Admin& admin, ProtobufMessage::ValidationContext& validation_context, Api::Api& api, Http::Context& http_context, Grpc::Context& grpc_context, Event::TimeSystem& time_system); Http::ConnectionPool::Instance* httpConnPoolForCluster(const std::string&, ResourcePriority, absl::optional, LoadBalancerContext*) override; Host::CreateConnectionData tcpConnForCluster(const std::string&, LoadBalancerContext*) override; Http::AsyncClient& httpAsyncClientForCluster(const std::string&) override; private: // ValidationAsyncClient always returns null on send() and start(), so it has // no internal state -- we might as well just keep one and hand out references // to it. Http::ValidationAsyncClient async_client_; }; } // namespace Upstream } // namespace Envoy ================================================ FILE: source/server/config_validation/connection.h ================================================ #pragma once #include "common/network/connection_impl.h" #include "server/config_validation/dispatcher.h" namespace Envoy { namespace Network { /* Class representing connection to upstream entity in config verification mode. The connection is not really established, but sockets may be allocated. Methods doing "real" connections should be overridden with no-op implementations. */ class ConfigValidateConnection : public Network::ClientConnectionImpl { public: ConfigValidateConnection(Event::ValidationDispatcher& dispatcher, Network::Address::InstanceConstSharedPtr remote_address, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) : Network::ClientConnectionImpl(dispatcher, remote_address, source_address, std::move(transport_socket), options) {} // Unit tests may instantiate it without proper event machine and leave opened sockets. // Do some cleanup before invoking base class's destructor. ~ConfigValidateConnection() override { close(ConnectionCloseType::NoFlush); } // connect may be called in config verification mode. // It is redefined as no-op. Calling parent's method triggers connection to upstream host. void connect() override {} }; } // namespace Network } // namespace Envoy ================================================ FILE: source/server/config_validation/dispatcher.cc ================================================ #include "server/config_validation/dispatcher.h" #include "common/common/assert.h" #include "server/config_validation/connection.h" namespace Envoy { namespace Event { Network::ClientConnectionPtr ValidationDispatcher::createClientConnection( Network::Address::InstanceConstSharedPtr remote_address, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) { return std::make_unique(*this, remote_address, source_address, std::move(transport_socket), options); } Network::DnsResolverSharedPtr ValidationDispatcher::createDnsResolver( const std::vector&, const bool) { return dns_resolver_; } Network::ListenerPtr ValidationDispatcher::createListener(Network::SocketSharedPtr&&, Network::TcpListenerCallbacks&, bool, uint32_t) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } } // namespace Event } // namespace Envoy ================================================ FILE: source/server/config_validation/dispatcher.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "common/event/dispatcher_impl.h" #include "dns.h" namespace Envoy { namespace Event { /** * Config-validation-only implementation of Event::Dispatcher. This class delegates all calls to * Event::DispatcherImpl, except for the methods involved with network events. Those methods are * disallowed at validation time. */ class ValidationDispatcher : public DispatcherImpl { public: ValidationDispatcher(const std::string& name, Api::Api& api, Event::TimeSystem& time_system) : DispatcherImpl(name, api, time_system) {} Network::ClientConnectionPtr createClientConnection(Network::Address::InstanceConstSharedPtr, Network::Address::InstanceConstSharedPtr, Network::TransportSocketPtr&&, const Network::ConnectionSocket::OptionsSharedPtr& options) override; Network::DnsResolverSharedPtr createDnsResolver(const std::vector& resolvers, const bool use_tcp_for_dns_lookups) override; Network::ListenerPtr createListener(Network::SocketSharedPtr&&, Network::TcpListenerCallbacks&, bool bind_to_port, uint32_t backlog_size) override; protected: std::shared_ptr dns_resolver_{ std::make_shared()}; }; } // namespace Event } // namespace Envoy ================================================ FILE: source/server/config_validation/dns.cc ================================================ #include "server/config_validation/dns.h" namespace Envoy { namespace Network { ActiveDnsQuery* ValidationDnsResolver::resolve(const std::string&, DnsLookupFamily, ResolveCb callback) { callback(DnsResolver::ResolutionStatus::Success, {}); return nullptr; } } // namespace Network } // namespace Envoy ================================================ FILE: source/server/config_validation/dns.h ================================================ #pragma once #include "envoy/event/dispatcher.h" #include "envoy/network/dns.h" namespace Envoy { namespace Network { /** * DnsResolver to be used in config validation runs. Every DNS query immediately fails to resolve, * since we never need DNS information to validate a config. (If a config contains an unresolvable * name, it still passes validation -- for example, we might be running validation in a test * environment, while the name resolves fine in prod.) */ class ValidationDnsResolver : public DnsResolver { public: // Network::DnsResolver ActiveDnsQuery* resolve(const std::string& dns_name, DnsLookupFamily dns_lookup_family, ResolveCb callback) override; }; } // namespace Network } // namespace Envoy ================================================ FILE: source/server/config_validation/server.cc ================================================ #include "server/config_validation/server.h" #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/event/real_time_system.h" #include "common/local_info/local_info_impl.h" #include "common/protobuf/utility.h" #include "common/singleton/manager_impl.h" #include "common/version/version.h" #include "server/ssl_context_manager.h" namespace Envoy { namespace Server { bool validateConfig(const Options& options, const Network::Address::InstanceConstSharedPtr& local_address, ComponentFactory& component_factory, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system) { Thread::MutexBasicLockable access_log_lock; Stats::IsolatedStoreImpl stats_store; try { Event::RealTimeSystem time_system; ValidationInstance server(options, time_system, local_address, stats_store, access_log_lock, component_factory, thread_factory, file_system); std::cout << "configuration '" << options.configPath() << "' OK" << std::endl; server.shutdown(); return true; } catch (const EnvoyException& e) { return false; } } ValidationInstance::ValidationInstance( const Options& options, Event::TimeSystem& time_system, const Network::Address::InstanceConstSharedPtr& local_address, Stats::IsolatedStoreImpl& store, Thread::BasicLockable& access_log_lock, ComponentFactory& component_factory, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system) : options_(options), validation_context_(options_.allowUnknownStaticFields(), !options.rejectUnknownDynamicFields(), !options.ignoreUnknownDynamicFields()), stats_store_(store), api_(new Api::ValidationImpl(thread_factory, store, time_system, file_system, random_generator_)), dispatcher_(api_->allocateDispatcher("main_thread")), singleton_manager_(new Singleton::ManagerImpl(api_->threadFactory())), access_log_manager_(options.fileFlushIntervalMsec(), *api_, *dispatcher_, access_log_lock, store), mutex_tracer_(nullptr), grpc_context_(stats_store_.symbolTable()), http_context_(stats_store_.symbolTable()), time_system_(time_system), server_contexts_(*this) { try { initialize(options, local_address, component_factory); } catch (const EnvoyException& e) { ENVOY_LOG(critical, "error initializing configuration '{}': {}", options.configPath(), e.what()); shutdown(); throw; } } void ValidationInstance::initialize(const Options& options, const Network::Address::InstanceConstSharedPtr& local_address, ComponentFactory& component_factory) { // See comments on InstanceImpl::initialize() for the overall flow here. // // For validation, we only do a subset of normal server initialization: everything that could fail // on a malformed config (e.g. JSON parsing and all the object construction that follows), but // more importantly nothing with observable effects (e.g. binding to ports or shutting down any // other Envoy process). // // If we get all the way through that stripped-down initialization flow, to the point where we'd // be ready to serve, then the config has passed validation. // Handle configuration that needs to take place prior to the main configuration load. envoy::config::bootstrap::v3::Bootstrap bootstrap; InstanceUtil::loadBootstrapConfig(bootstrap, options, messageValidationContext().staticValidationVisitor(), *api_); Config::Utility::createTagProducer(bootstrap); bootstrap.mutable_node()->set_hidden_envoy_deprecated_build_version(VersionInfo::version()); local_info_ = std::make_unique( bootstrap.node(), local_address, options.serviceZone(), options.serviceClusterName(), options.serviceNodeName()); Configuration::InitialImpl initial_config(bootstrap); overload_manager_ = std::make_unique( dispatcher(), stats(), threadLocal(), bootstrap.overload_manager(), messageValidationContext().staticValidationVisitor(), *api_); listener_manager_ = std::make_unique(*this, *this, *this, false); thread_local_.registerThread(*dispatcher_, true); runtime_singleton_ = std::make_unique( component_factory.createRuntime(*this, initial_config)); secret_manager_ = std::make_unique(admin().getConfigTracker()); ssl_context_manager_ = createContextManager("ssl_context_manager", api_->timeSource()); cluster_manager_factory_ = std::make_unique( admin(), runtime(), stats(), threadLocal(), dnsResolver(), sslContextManager(), dispatcher(), localInfo(), *secret_manager_, messageValidationContext(), *api_, http_context_, grpc_context_, accessLogManager(), singletonManager(), time_system_); config_.initialize(bootstrap, *this, *cluster_manager_factory_); runtime().initialize(clusterManager()); clusterManager().setInitializedCb([this]() -> void { init_manager_.initialize(init_watcher_); }); } void ValidationInstance::shutdown() { // This normally happens at the bottom of InstanceImpl::run(), but we don't have a run(). We can // do an abbreviated shutdown here since there's less to clean up -- for example, no workers to // exit. thread_local_.shutdownGlobalThreading(); if (config_.clusterManager() != nullptr) { config_.clusterManager()->shutdown(); } thread_local_.shutdownThread(); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/config_validation/server.h ================================================ #pragma once #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/event/timer.h" #include "envoy/server/drain_manager.h" #include "envoy/server/instance.h" #include "envoy/ssl/context_manager.h" #include "envoy/tracing/http_tracer.h" #include "common/access_log/access_log_manager_impl.h" #include "common/common/assert.h" #include "common/common/random_generator.h" #include "common/grpc/common.h" #include "common/protobuf/message_validator_impl.h" #include "common/router/rds_impl.h" #include "common/runtime/runtime_impl.h" #include "common/secret/secret_manager_impl.h" #include "common/thread_local/thread_local_impl.h" #include "server/admin/admin.h" #include "server/config_validation/admin.h" #include "server/config_validation/api.h" #include "server/config_validation/cluster_manager.h" #include "server/config_validation/dns.h" #include "server/listener_manager_impl.h" #include "server/server.h" #include "absl/types/optional.h" namespace Envoy { namespace Server { /** * validateConfig() takes over from main() for a config-validation run of Envoy. It returns true if * the config is valid, false if invalid. */ bool validateConfig(const Options& options, const Network::Address::InstanceConstSharedPtr& local_address, ComponentFactory& component_factory, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system); /** * ValidationInstance does the bulk of the work for config-validation runs of Envoy. It implements * Server::Instance, but some functionality not needed until serving time, such as updating * health-check status, is not implemented. Everything else is written in terms of other * validation-specific interface implementations, with the end result that we can load and * initialize a configuration, skipping any steps that affect the outside world (such as * hot-restarting or connecting to upstream clusters) but otherwise exercising the entire startup * flow. * * If we finish initialization, and reach the point where an ordinary Envoy run would begin serving * requests, the validation is considered successful. */ class ValidationInstance final : Logger::Loggable, public Instance, public ListenerComponentFactory, public ServerLifecycleNotifier, public WorkerFactory { public: ValidationInstance(const Options& options, Event::TimeSystem& time_system, const Network::Address::InstanceConstSharedPtr& local_address, Stats::IsolatedStoreImpl& store, Thread::BasicLockable& access_log_lock, ComponentFactory& component_factory, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system); // Server::Instance Admin& admin() override { return admin_; } Api::Api& api() override { return *api_; } Upstream::ClusterManager& clusterManager() override { return *config_.clusterManager(); } Ssl::ContextManager& sslContextManager() override { return *ssl_context_manager_; } Event::Dispatcher& dispatcher() override { return *dispatcher_; } Network::DnsResolverSharedPtr dnsResolver() override { return dispatcher().createDnsResolver({}, false); } void drainListeners() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } DrainManager& drainManager() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } AccessLog::AccessLogManager& accessLogManager() override { return access_log_manager_; } void failHealthcheck(bool) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } HotRestart& hotRestart() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Init::Manager& initManager() override { return init_manager_; } ServerLifecycleNotifier& lifecycleNotifier() override { return *this; } ListenerManager& listenerManager() override { return *listener_manager_; } Secret::SecretManager& secretManager() override { return *secret_manager_; } Runtime::Loader& runtime() override { return Runtime::LoaderSingleton::get(); } void shutdown() override; bool isShutdown() override { return false; } void shutdownAdmin() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Singleton::Manager& singletonManager() override { return *singleton_manager_; } OverloadManager& overloadManager() override { return *overload_manager_; } bool healthCheckFailed() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } const Options& options() override { return options_; } time_t startTimeCurrentEpoch() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } time_t startTimeFirstEpoch() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Stats::Store& stats() override { return stats_store_; } Grpc::Context& grpcContext() override { return grpc_context_; } Http::Context& httpContext() override { return http_context_; } ProcessContextOptRef processContext() override { return absl::nullopt; } ThreadLocal::Instance& threadLocal() override { return thread_local_; } const LocalInfo::LocalInfo& localInfo() const override { return *local_info_; } TimeSource& timeSource() override { return api_->timeSource(); } Envoy::MutexTracer* mutexTracer() override { return mutex_tracer_; } std::chrono::milliseconds statsFlushInterval() const override { return config_.statsFlushInterval(); } void flushStats() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } ProtobufMessage::ValidationContext& messageValidationContext() override { return validation_context_; } Configuration::ServerFactoryContext& serverFactoryContext() override { return server_contexts_; } Configuration::TransportSocketFactoryContext& transportSocketFactoryContext() override { return server_contexts_; } void setDefaultTracingConfig(const envoy::config::trace::v3::Tracing& tracing_config) override { http_context_.setDefaultTracingConfig(tracing_config); } // Server::ListenerComponentFactory LdsApiPtr createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator) override { return std::make_unique(lds_config, lds_resources_locator, clusterManager(), initManager(), stats(), listenerManager(), messageValidationContext().dynamicValidationVisitor()); } std::vector createNetworkFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) override { return ProdListenerComponentFactory::createNetworkFilterFactoryList_( filters, filter_chain_factory_context); } std::vector createListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) override { return ProdListenerComponentFactory::createListenerFilterFactoryList_(filters, context); } std::vector createUdpListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) override { return ProdListenerComponentFactory::createUdpListenerFilterFactoryList_(filters, context); } Network::SocketSharedPtr createListenSocket(Network::Address::InstanceConstSharedPtr, Network::Socket::Type, const Network::Socket::OptionsSharedPtr&, const ListenSocketCreationParams&) override { // Returned sockets are not currently used so we can return nothing here safely vs. a // validation mock. return nullptr; } DrainManagerPtr createDrainManager(envoy::config::listener::v3::Listener::DrainType) override { return nullptr; } uint64_t nextListenerTag() override { return 0; } // Server::WorkerFactory WorkerPtr createWorker(uint32_t, OverloadManager&, const std::string&) override { // Returned workers are not currently used so we can return nothing here safely vs. a // validation mock. return nullptr; } // ServerLifecycleNotifier ServerLifecycleNotifier::HandlePtr registerCallback(Stage, StageCallback) override { return nullptr; } ServerLifecycleNotifier::HandlePtr registerCallback(Stage, StageCallbackWithCompletion) override { return nullptr; } private: void initialize(const Options& options, const Network::Address::InstanceConstSharedPtr& local_address, ComponentFactory& component_factory); // init_manager_ must come before any member that participates in initialization, and destructed // only after referencing members are gone, since initialization continuation can potentially // occur at any point during member lifetime. Init::ManagerImpl init_manager_{"Validation server"}; Init::WatcherImpl init_watcher_{"(no-op)", []() {}}; // secret_manager_ must come before listener_manager_, config_ and dispatcher_, and destructed // only after these members can no longer reference it, since: // - There may be active filter chains referencing it in listener_manager_. // - There may be active clusters referencing it in config_.cluster_manager_. // - There may be active connections referencing it. std::unique_ptr secret_manager_; const Options& options_; ProtobufMessage::ProdValidationContextImpl validation_context_; Stats::IsolatedStoreImpl& stats_store_; ThreadLocal::InstanceImpl thread_local_; Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; Server::ValidationAdmin admin_; Singleton::ManagerPtr singleton_manager_; std::unique_ptr runtime_singleton_; Random::RandomGeneratorImpl random_generator_; std::unique_ptr ssl_context_manager_; Configuration::MainImpl config_; LocalInfo::LocalInfoPtr local_info_; AccessLog::AccessLogManagerImpl access_log_manager_; std::unique_ptr cluster_manager_factory_; std::unique_ptr listener_manager_; std::unique_ptr overload_manager_; MutexTracer* mutex_tracer_; Grpc::ContextImpl grpc_context_; Http::ContextImpl http_context_; Event::TimeSystem& time_system_; ServerFactoryContextImpl server_contexts_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/configuration_impl.cc ================================================ #include "server/configuration_impl.h" #include #include #include #include #include #include "envoy/common/exception.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/config/trace/v3/http_tracer.pb.h" #include "envoy/network/connection.h" #include "envoy/runtime/runtime.h" #include "envoy/server/instance.h" #include "envoy/server/tracer_config.h" #include "envoy/ssl/context_manager.h" #include "common/common/assert.h" #include "common/common/utility.h" #include "common/config/runtime_utility.h" #include "common/config/utility.h" #include "common/network/socket_option_factory.h" #include "common/protobuf/utility.h" namespace Envoy { namespace Server { namespace Configuration { bool FilterChainUtility::buildFilterChain(Network::FilterManager& filter_manager, const std::vector& factories) { for (const Network::FilterFactoryCb& factory : factories) { factory(filter_manager); } return filter_manager.initializeReadFilters(); } bool FilterChainUtility::buildFilterChain( Network::ListenerFilterManager& filter_manager, const std::vector& factories) { for (const Network::ListenerFilterFactoryCb& factory : factories) { factory(filter_manager); } return true; } void FilterChainUtility::buildUdpFilterChain( Network::UdpListenerFilterManager& filter_manager, Network::UdpReadFilterCallbacks& callbacks, const std::vector& factories) { for (const Network::UdpListenerFilterFactoryCb& factory : factories) { factory(filter_manager, callbacks); } } void MainImpl::initialize(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server, Upstream::ClusterManagerFactory& cluster_manager_factory) { // In order to support dynamic configuration of tracing providers, // a former server-wide HttpTracer singleton has been replaced by // an HttpTracer instance per "envoy.filters.network.http_connection_manager" filter. // Tracing configuration as part of bootstrap config is still supported, // however, it's become mandatory to process it prior to static Listeners. // Otherwise, static Listeners will be configured in assumption that // tracing configuration is missing from the bootstrap config. initializeTracers(bootstrap.tracing(), server); const auto& secrets = bootstrap.static_resources().secrets(); ENVOY_LOG(info, "loading {} static secret(s)", secrets.size()); for (ssize_t i = 0; i < secrets.size(); i++) { ENVOY_LOG(debug, "static secret #{}: {}", i, secrets[i].name()); server.secretManager().addStaticSecret(secrets[i]); } ENVOY_LOG(info, "loading {} cluster(s)", bootstrap.static_resources().clusters().size()); cluster_manager_ = cluster_manager_factory.clusterManagerFromProto(bootstrap); const auto& listeners = bootstrap.static_resources().listeners(); ENVOY_LOG(info, "loading {} listener(s)", listeners.size()); for (ssize_t i = 0; i < listeners.size(); i++) { ENVOY_LOG(debug, "listener #{}:", i); server.listenerManager().addOrUpdateListener(listeners[i], "", false); } stats_flush_interval_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(bootstrap, stats_flush_interval, 5000)); initializeWatchdogs(bootstrap, server); initializeStatsSinks(bootstrap, server); } void MainImpl::initializeTracers(const envoy::config::trace::v3::Tracing& configuration, Instance& server) { ENVOY_LOG(info, "loading tracing configuration"); // Default tracing configuration must be set prior to processing of static Listeners begins. server.setDefaultTracingConfig(configuration); if (!configuration.has_http()) { return; } // Validating tracing configuration (minimally). ENVOY_LOG(info, " validating default server-wide tracing driver: {}", configuration.http().name()); // Now see if there is a factory that will accept the config. auto& factory = Config::Utility::getAndCheckFactory(configuration.http()); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( configuration.http(), server.messageValidationContext().staticValidationVisitor(), factory); // Notice that the actual HttpTracer instance will be created on demand // in the context of "envoy.filters.network.http_connection_manager" filter. // The side effect of this is that provider-specific configuration // is no longer validated in this step. } void MainImpl::initializeStatsSinks(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server) { ENVOY_LOG(info, "loading stats sink configuration"); for (const envoy::config::metrics::v3::StatsSink& sink_object : bootstrap.stats_sinks()) { // Generate factory and translate stats sink custom config auto& factory = Config::Utility::getAndCheckFactory(sink_object); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig( sink_object, server.messageValidationContext().staticValidationVisitor(), factory); stats_sinks_.emplace_back(factory.createStatsSink(*message, server.serverFactoryContext())); } } void MainImpl::initializeWatchdogs(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server) { if (bootstrap.has_watchdog() && bootstrap.has_watchdogs()) { throw EnvoyException("Only one of watchdog or watchdogs should be set!"); } if (bootstrap.has_watchdog()) { main_thread_watchdog_ = std::make_unique(bootstrap.watchdog(), server); worker_watchdog_ = std::make_unique(bootstrap.watchdog(), server); } else { main_thread_watchdog_ = std::make_unique(bootstrap.watchdogs().main_thread_watchdog(), server); worker_watchdog_ = std::make_unique(bootstrap.watchdogs().worker_watchdog(), server); } } WatchdogImpl::WatchdogImpl(const envoy::config::bootstrap::v3::Watchdog& watchdog, Instance& server) { miss_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(watchdog, miss_timeout, 200)); megamiss_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(watchdog, megamiss_timeout, 1000)); uint64_t kill_timeout = PROTOBUF_GET_MS_OR_DEFAULT(watchdog, kill_timeout, 0); const uint64_t max_kill_timeout_jitter = PROTOBUF_GET_MS_OR_DEFAULT(watchdog, max_kill_timeout_jitter, 0); // Adjust kill timeout if we have skew enabled. if (kill_timeout > 0 && max_kill_timeout_jitter > 0) { // Increments the kill timeout with a random value in (0, max_skew]. // We shouldn't have overflow issues due to the range of Duration. // This won't be entirely uniform, depending on how large max_skew // is relation to uint64. kill_timeout += (server.api().randomGenerator().random() % max_kill_timeout_jitter) + 1; } kill_timeout_ = std::chrono::milliseconds(kill_timeout); multikill_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(watchdog, multikill_timeout, 0)); multikill_threshold_ = PROTOBUF_PERCENT_TO_DOUBLE_OR_DEFAULT(watchdog, multikill_threshold, 0.0); actions_ = watchdog.actions(); } InitialImpl::InitialImpl(const envoy::config::bootstrap::v3::Bootstrap& bootstrap) { const auto& admin = bootstrap.admin(); admin_.access_log_path_ = admin.access_log_path(); admin_.profile_path_ = admin.profile_path().empty() ? "/var/log/envoy/envoy.prof" : admin.profile_path(); if (admin.has_address()) { admin_.address_ = Network::Address::resolveProtoAddress(admin.address()); } admin_.socket_options_ = std::make_shared>(); if (!admin.socket_options().empty()) { Network::Socket::appendOptions( admin_.socket_options_, Network::SocketOptionFactory::buildLiteralOptions(admin.socket_options())); } if (!bootstrap.flags_path().empty()) { flags_path_ = bootstrap.flags_path(); } if (bootstrap.has_layered_runtime()) { layered_runtime_.MergeFrom(bootstrap.layered_runtime()); if (layered_runtime_.layers().empty()) { layered_runtime_.add_layers()->mutable_admin_layer(); } } else { Config::translateRuntime(bootstrap.hidden_envoy_deprecated_runtime(), layered_runtime_); } } } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: source/server/configuration_impl.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/trace/v3/http_tracer.pb.h" #include "envoy/config/typed_config.h" #include "envoy/http/filter.h" #include "envoy/network/filter.h" #include "envoy/server/configuration.h" #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" #include "common/common/logger.h" #include "common/network/resolver_impl.h" #include "common/network/utility.h" namespace Envoy { namespace Server { namespace Configuration { /** * Implemented for each Stats::Sink and registered via Registry::registerFactory() or * the convenience class RegisterFactory. */ class StatsSinkFactory : public Config::TypedFactory { public: ~StatsSinkFactory() override = default; /** * Create a particular Stats::Sink implementation. If the implementation is unable to produce a * Stats::Sink with the provided parameters, it should throw an EnvoyException. The returned * pointer should always be valid. * @param config supplies the custom proto configuration for the Stats::Sink * @param server supplies the server instance */ virtual Stats::SinkPtr createStatsSink(const Protobuf::Message& config, Server::Configuration::ServerFactoryContext& server) PURE; std::string category() const override { return "envoy.stats_sinks"; } }; /** * Utilities for creating a filter chain for a network connection. */ class FilterChainUtility { public: /** * Given a connection and a list of factories, create a new filter chain. Chain creation will * exit early if any filters immediately close the connection. */ static bool buildFilterChain(Network::FilterManager& filter_manager, const std::vector& factories); /** * Given a ListenerFilterManager and a list of factories, create a new filter chain. Chain * creation will exit early if any filters immediately close the connection. * * TODO(sumukhs): Coalesce with the above as they are very similar */ static bool buildFilterChain(Network::ListenerFilterManager& filter_manager, const std::vector& factories); /** * Given a UdpListenerFilterManager and a list of factories, create a new filter chain. Chain * creation will exit early if any filters immediately close the connection. */ static void buildUdpFilterChain(Network::UdpListenerFilterManager& filter_manager, Network::UdpReadFilterCallbacks& callbacks, const std::vector& factories); }; /** * Implementation of Server::Configuration::Main that reads a configuration from * a JSON file. */ class MainImpl : Logger::Loggable, public Main { public: /** * MainImpl is created in two phases. In the first phase it is * default-constructed without a configuration as part of the server. The * server won't be fully populated yet. initialize() applies the * configuration in the second phase, as it requires a fully populated server. * * @param bootstrap v2 bootstrap proto. * @param server supplies the owning server. * @param cluster_manager_factory supplies the cluster manager creation factory. */ void initialize(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server, Upstream::ClusterManagerFactory& cluster_manager_factory); // Server::Configuration::Main Upstream::ClusterManager* clusterManager() override { return cluster_manager_.get(); } std::list& statsSinks() override { return stats_sinks_; } std::chrono::milliseconds statsFlushInterval() const override { return stats_flush_interval_; } const Watchdog& mainThreadWatchdogConfig() const override { return *main_thread_watchdog_; } const Watchdog& workerWatchdogConfig() const override { return *worker_watchdog_; } private: /** * Initialize tracers and corresponding sinks. */ void initializeTracers(const envoy::config::trace::v3::Tracing& configuration, Instance& server); void initializeStatsSinks(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server); /** * Initialize watchdog(s). Call before accessing any watchdog configuration. */ void initializeWatchdogs(const envoy::config::bootstrap::v3::Bootstrap& bootstrap, Instance& server); std::unique_ptr cluster_manager_; std::list stats_sinks_; std::chrono::milliseconds stats_flush_interval_; std::unique_ptr main_thread_watchdog_; std::unique_ptr worker_watchdog_; }; class WatchdogImpl : public Watchdog { public: WatchdogImpl(const envoy::config::bootstrap::v3::Watchdog& watchdog, Instance& server); std::chrono::milliseconds missTimeout() const override { return miss_timeout_; } std::chrono::milliseconds megaMissTimeout() const override { return megamiss_timeout_; } std::chrono::milliseconds killTimeout() const override { return kill_timeout_; } std::chrono::milliseconds multiKillTimeout() const override { return multikill_timeout_; } double multiKillThreshold() const override { return multikill_threshold_; } Protobuf::RepeatedPtrField actions() const override { return actions_; } private: std::chrono::milliseconds miss_timeout_; std::chrono::milliseconds megamiss_timeout_; std::chrono::milliseconds kill_timeout_; std::chrono::milliseconds multikill_timeout_; double multikill_threshold_; Protobuf::RepeatedPtrField actions_; }; /** * Initial configuration that reads from JSON. */ class InitialImpl : public Initial { public: InitialImpl(const envoy::config::bootstrap::v3::Bootstrap& bootstrap); // Server::Configuration::Initial Admin& admin() override { return admin_; } absl::optional flagsPath() const override { return flags_path_; } const envoy::config::bootstrap::v3::LayeredRuntime& runtime() override { return layered_runtime_; } private: struct AdminImpl : public Admin { // Server::Configuration::Initial::Admin const std::string& accessLogPath() const override { return access_log_path_; } const std::string& profilePath() const override { return profile_path_; } Network::Address::InstanceConstSharedPtr address() override { return address_; } Network::Socket::OptionsSharedPtr socketOptions() override { return socket_options_; } std::string access_log_path_; std::string profile_path_; Network::Address::InstanceConstSharedPtr address_; Network::Socket::OptionsSharedPtr socket_options_; }; AdminImpl admin_; absl::optional flags_path_; envoy::config::bootstrap::v3::LayeredRuntime layered_runtime_; }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: source/server/connection_handler_impl.cc ================================================ #include "server/connection_handler_impl.h" #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/network/exception.h" #include "envoy/network/filter.h" #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" #include "common/event/deferred_task.h" #include "common/network/connection_impl.h" #include "common/network/utility.h" #include "common/stats/timespan_impl.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Server { namespace { void emitLogs(Network::ListenerConfig& config, StreamInfo::StreamInfo& stream_info) { stream_info.onRequestComplete(); for (const auto& access_log : config.accessLogs()) { access_log->log(nullptr, nullptr, nullptr, stream_info); } } } // namespace ConnectionHandlerImpl::ConnectionHandlerImpl(Event::Dispatcher& dispatcher, absl::optional worker_index) : worker_index_(worker_index), dispatcher_(dispatcher), per_handler_stat_prefix_(dispatcher.name() + "."), disable_listeners_(false) {} void ConnectionHandlerImpl::incNumConnections() { ++num_handler_connections_; } void ConnectionHandlerImpl::decNumConnections() { ASSERT(num_handler_connections_ > 0); --num_handler_connections_; } void ConnectionHandlerImpl::addListener(absl::optional overridden_listener, Network::ListenerConfig& config) { ActiveListenerDetails details; if (config.listenSocketFactory().socketType() == Network::Socket::Type::Stream) { if (overridden_listener.has_value()) { for (auto& listener : listeners_) { if (listener.second.listener_->listenerTag() == overridden_listener) { listener.second.tcpListener()->get().updateListenerConfig(config); return; } } NOT_REACHED_GCOVR_EXCL_LINE; } auto tcp_listener = std::make_unique(*this, config); details.typed_listener_ = *tcp_listener; details.listener_ = std::move(tcp_listener); } else { ASSERT(config.udpListenerFactory() != nullptr, "UDP listener factory is not initialized."); ASSERT(worker_index_.has_value()); ConnectionHandler::ActiveUdpListenerPtr udp_listener = config.udpListenerFactory()->createActiveUdpListener(*worker_index_, *this, dispatcher_, config); details.typed_listener_ = *udp_listener; details.listener_ = std::move(udp_listener); } if (disable_listeners_) { details.listener_->pauseListening(); } listeners_.emplace_back(config.listenSocketFactory().localAddress(), std::move(details)); } void ConnectionHandlerImpl::removeListeners(uint64_t listener_tag) { for (auto listener = listeners_.begin(); listener != listeners_.end();) { if (listener->second.listener_->listenerTag() == listener_tag) { listener = listeners_.erase(listener); } else { ++listener; } } } ConnectionHandlerImpl::ActiveListenerDetailsOptRef ConnectionHandlerImpl::findActiveListenerByTag(uint64_t listener_tag) { // TODO(mattklein123): We should probably use a hash table here to lookup the tag // instead of iterating through the listener list. for (auto& listener : listeners_) { if (listener.second.listener_->listener() != nullptr && listener.second.listener_->listenerTag() == listener_tag) { return listener.second; } } return absl::nullopt; } Network::UdpListenerCallbacksOptRef ConnectionHandlerImpl::getUdpListenerCallbacks(uint64_t listener_tag) { auto listener = findActiveListenerByTag(listener_tag); if (listener.has_value()) { // If the tag matches this must be a UDP listener. auto udp_listener = listener->get().udpListener(); ASSERT(udp_listener.has_value()); return udp_listener; } return absl::nullopt; } void ConnectionHandlerImpl::removeFilterChains( uint64_t listener_tag, const std::list& filter_chains, std::function completion) { for (auto& listener : listeners_) { if (listener.second.listener_->listenerTag() == listener_tag) { listener.second.tcpListener()->get().deferredRemoveFilterChains(filter_chains); // Completion is deferred because the above removeFilterChains() may defer delete connection. Event::DeferredTaskUtil::deferredRun(dispatcher_, std::move(completion)); return; } } NOT_REACHED_GCOVR_EXCL_LINE; } void ConnectionHandlerImpl::stopListeners(uint64_t listener_tag) { for (auto& listener : listeners_) { if (listener.second.listener_->listenerTag() == listener_tag) { listener.second.listener_->shutdownListener(); } } } void ConnectionHandlerImpl::stopListeners() { for (auto& listener : listeners_) { listener.second.listener_->shutdownListener(); } } void ConnectionHandlerImpl::disableListeners() { disable_listeners_ = true; for (auto& listener : listeners_) { listener.second.listener_->pauseListening(); } } void ConnectionHandlerImpl::enableListeners() { disable_listeners_ = false; for (auto& listener : listeners_) { listener.second.listener_->resumeListening(); } } void ConnectionHandlerImpl::ActiveTcpListener::removeConnection(ActiveTcpConnection& connection) { ENVOY_CONN_LOG(debug, "adding to cleanup list", *connection.connection_); ActiveConnections& active_connections = connection.active_connections_; ActiveTcpConnectionPtr removed = connection.removeFromList(active_connections.connections_); parent_.dispatcher_.deferredDelete(std::move(removed)); // Delete map entry only iff connections becomes empty. if (active_connections.connections_.empty()) { auto iter = connections_by_context_.find(&active_connections.filter_chain_); ASSERT(iter != connections_by_context_.end()); // To cover the lifetime of every single connection, Connections need to be deferred deleted // because the previously contained connection is deferred deleted. parent_.dispatcher_.deferredDelete(std::move(iter->second)); // The erase will break the iteration over the connections_by_context_ during the deletion. if (!is_deleting_) { connections_by_context_.erase(iter); } } } ConnectionHandlerImpl::ActiveListenerImplBase::ActiveListenerImplBase( Network::ConnectionHandler& parent, Network::ListenerConfig* config) : stats_({ALL_LISTENER_STATS(POOL_COUNTER(config->listenerScope()), POOL_GAUGE(config->listenerScope()), POOL_HISTOGRAM(config->listenerScope()))}), per_worker_stats_({ALL_PER_HANDLER_LISTENER_STATS( POOL_COUNTER_PREFIX(config->listenerScope(), parent.statPrefix()), POOL_GAUGE_PREFIX(config->listenerScope(), parent.statPrefix()))}), config_(config) {} ConnectionHandlerImpl::ActiveTcpListener::ActiveTcpListener(ConnectionHandlerImpl& parent, Network::ListenerConfig& config) : ActiveTcpListener( parent, parent.dispatcher_.createListener(config.listenSocketFactory().getListenSocket(), *this, config.bindToPort(), config.tcpBacklogSize()), config) {} ConnectionHandlerImpl::ActiveTcpListener::ActiveTcpListener(ConnectionHandlerImpl& parent, Network::ListenerPtr&& listener, Network::ListenerConfig& config) : ConnectionHandlerImpl::ActiveListenerImplBase(parent, &config), parent_(parent), listener_(std::move(listener)), listener_filters_timeout_(config.listenerFiltersTimeout()), continue_on_listener_filters_timeout_(config.continueOnListenerFiltersTimeout()) { config.connectionBalancer().registerHandler(*this); } void ConnectionHandlerImpl::ActiveTcpListener::updateListenerConfig( Network::ListenerConfig& config) { ENVOY_LOG(trace, "replacing listener ", config_->listenerTag(), " by ", config.listenerTag()); ASSERT(&config_->connectionBalancer() == &config.connectionBalancer()); config_ = &config; } ConnectionHandlerImpl::ActiveTcpListener::~ActiveTcpListener() { is_deleting_ = true; config_->connectionBalancer().unregisterHandler(*this); // Purge sockets that have not progressed to connections. This should only happen when // a listener filter stops iteration and never resumes. while (!sockets_.empty()) { ActiveTcpSocketPtr removed = sockets_.front()->removeFromList(sockets_); parent_.dispatcher_.deferredDelete(std::move(removed)); } for (auto& chain_and_connections : connections_by_context_) { ASSERT(chain_and_connections.second != nullptr); auto& connections = chain_and_connections.second->connections_; while (!connections.empty()) { connections.front()->connection_->close(Network::ConnectionCloseType::NoFlush); } } parent_.dispatcher_.clearDeferredDeleteList(); // By the time a listener is destroyed, in the common case, there should be no connections. // However, this is not always true if there is an in flight rebalanced connection that is // being posted. This assert is extremely useful for debugging the common path so we will leave it // for now. If it becomes a problem (developers hitting this assert when using debug builds) we // can revisit. This case, if it happens, should be benign on production builds. This case is // covered in ConnectionHandlerTest::RemoveListenerDuringRebalance. ASSERT(num_listener_connections_ == 0); } ConnectionHandlerImpl::ActiveTcpListenerOptRef ConnectionHandlerImpl::findActiveTcpListenerByAddress(const Network::Address::Instance& address) { // This is a linear operation, may need to add a map to improve performance. // However, linear performance might be adequate since the number of listeners is small. // We do not return stopped listeners. auto listener_it = std::find_if( listeners_.begin(), listeners_.end(), [&address](std::pair& p) { return p.second.tcpListener().has_value() && p.second.listener_->listener() != nullptr && p.first->type() == Network::Address::Type::Ip && *(p.first) == address; }); // If there is exact address match, return the corresponding listener. if (listener_it != listeners_.end()) { return listener_it->second.tcpListener(); } // Otherwise, we need to look for the wild card match, i.e., 0.0.0.0:[address_port]. // We do not return stopped listeners. // TODO(wattli): consolidate with previous search for more efficiency. listener_it = std::find_if( listeners_.begin(), listeners_.end(), [&address]( const std::pair& p) { return absl::holds_alternative>( p.second.typed_listener_) && p.second.listener_->listener() != nullptr && p.first->type() == Network::Address::Type::Ip && p.first->ip()->port() == address.ip()->port() && p.first->ip()->isAnyAddress(); }); return (listener_it != listeners_.end()) ? ActiveTcpListenerOptRef(absl::get>( listener_it->second.typed_listener_)) : absl::nullopt; } void ConnectionHandlerImpl::ActiveTcpSocket::onTimeout() { listener_.stats_.downstream_pre_cx_timeout_.inc(); ASSERT(inserted()); ENVOY_LOG(debug, "listener filter times out after {} ms", listener_.listener_filters_timeout_.count()); if (listener_.continue_on_listener_filters_timeout_) { ENVOY_LOG(debug, "fallback to default listener filter"); newConnection(); } unlink(); } void ConnectionHandlerImpl::ActiveTcpSocket::startTimer() { if (listener_.listener_filters_timeout_.count() > 0) { timer_ = listener_.parent_.dispatcher_.createTimer([this]() -> void { onTimeout(); }); timer_->enableTimer(listener_.listener_filters_timeout_); } } void ConnectionHandlerImpl::ActiveTcpSocket::unlink() { ActiveTcpSocketPtr removed = removeFromList(listener_.sockets_); if (removed->timer_ != nullptr) { removed->timer_->disableTimer(); } // Emit logs if a connection is not established. if (!connected_) { emitLogs(*listener_.config_, *stream_info_); } listener_.parent_.dispatcher_.deferredDelete(std::move(removed)); } void ConnectionHandlerImpl::ActiveTcpSocket::continueFilterChain(bool success) { if (success) { bool no_error = true; if (iter_ == accept_filters_.end()) { iter_ = accept_filters_.begin(); } else { iter_ = std::next(iter_); } for (; iter_ != accept_filters_.end(); iter_++) { Network::FilterStatus status = (*iter_)->onAccept(*this); if (status == Network::FilterStatus::StopIteration) { // The filter is responsible for calling us again at a later time to continue the filter // chain from the next filter. if (!socket().ioHandle().isOpen()) { // break the loop but should not create new connection no_error = false; break; } else { // Blocking at the filter but no error return; } } } // Successfully ran all the accept filters. if (no_error) { newConnection(); } else { // Signal the caller that no extra filter chain iteration is needed. iter_ = accept_filters_.end(); } } // Filter execution concluded, unlink and delete this ActiveTcpSocket if it was linked. if (inserted()) { unlink(); } } void ConnectionHandlerImpl::ActiveTcpSocket::setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) { stream_info_->setDynamicMetadata(name, value); } void ConnectionHandlerImpl::ActiveTcpSocket::newConnection() { connected_ = true; // Check if the socket may need to be redirected to another listener. ActiveTcpListenerOptRef new_listener; if (hand_off_restored_destination_connections_ && socket_->localAddressRestored()) { // Find a listener associated with the original destination address. new_listener = listener_.parent_.findActiveTcpListenerByAddress(*socket_->localAddress()); } if (new_listener.has_value()) { // Hands off connections redirected by iptables to the listener associated with the // original destination address. Pass 'hand_off_restored_destination_connections' as false to // prevent further redirection as well as 'rebalanced' as true since the connection has // already been balanced if applicable inside onAcceptWorker() when the connection was // initially accepted. Note also that we must account for the number of connections properly // across both listeners. // TODO(mattklein123): See note in ~ActiveTcpSocket() related to making this accounting better. listener_.decNumConnections(); new_listener.value().get().incNumConnections(); new_listener.value().get().onAcceptWorker(std::move(socket_), false, true); } else { // Set default transport protocol if none of the listener filters did it. if (socket_->detectedTransportProtocol().empty()) { socket_->setDetectedTransportProtocol( Extensions::TransportSockets::TransportProtocolNames::get().RawBuffer); } // TODO(lambdai): add integration test // TODO: Address issues in wider scope. See https://github.com/envoyproxy/envoy/issues/8925 // Erase accept filter states because accept filters may not get the opportunity to clean up. // Particularly the assigned events need to reset before assigning new events in the follow up. accept_filters_.clear(); // Create a new connection on this listener. listener_.newConnection(std::move(socket_), std::move(stream_info_)); } } void ConnectionHandlerImpl::ActiveTcpListener::onAccept(Network::ConnectionSocketPtr&& socket) { if (listenerConnectionLimitReached()) { ENVOY_LOG(trace, "closing connection: listener connection limit reached for {}", config_->name()); socket->close(); stats_.downstream_cx_overflow_.inc(); return; } onAcceptWorker(std::move(socket), config_->handOffRestoredDestinationConnections(), false); } void ConnectionHandlerImpl::ActiveTcpListener::onAcceptWorker( Network::ConnectionSocketPtr&& socket, bool hand_off_restored_destination_connections, bool rebalanced) { if (!rebalanced) { Network::BalancedConnectionHandler& target_handler = config_->connectionBalancer().pickTargetHandler(*this); if (&target_handler != this) { target_handler.post(std::move(socket)); return; } } auto active_socket = std::make_unique(*this, std::move(socket), hand_off_restored_destination_connections); // Create and run the filters config_->filterChainFactory().createListenerFilterChain(*active_socket); active_socket->continueFilterChain(true); // Move active_socket to the sockets_ list if filter iteration needs to continue later. // Otherwise we let active_socket be destructed when it goes out of scope. if (active_socket->iter_ != active_socket->accept_filters_.end()) { active_socket->startTimer(); LinkedList::moveIntoListBack(std::move(active_socket), sockets_); } else { // If active_socket is about to be destructed, emit logs if a connection is not created. if (!active_socket->connected_) { emitLogs(*config_, *active_socket->stream_info_); } } } void ConnectionHandlerImpl::ActiveTcpListener::newConnection( Network::ConnectionSocketPtr&& socket, std::unique_ptr stream_info) { // Find matching filter chain. const auto filter_chain = config_->filterChainManager().findFilterChain(*socket); if (filter_chain == nullptr) { ENVOY_LOG(debug, "closing connection: no matching filter chain found"); stats_.no_filter_chain_match_.inc(); stream_info->setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); stream_info->setResponseCodeDetails(StreamInfo::ResponseCodeDetails::get().FilterChainNotFound); emitLogs(*config_, *stream_info); socket->close(); return; } auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); stream_info->setDownstreamSslConnection(transport_socket->ssl()); auto& active_connections = getOrCreateActiveConnections(*filter_chain); auto server_conn_ptr = parent_.dispatcher_.createServerConnection( std::move(socket), std::move(transport_socket), *stream_info); ActiveTcpConnectionPtr active_connection( new ActiveTcpConnection(active_connections, std::move(server_conn_ptr), parent_.dispatcher_.timeSource(), std::move(stream_info))); active_connection->connection_->setBufferLimits(config_->perConnectionBufferLimitBytes()); const bool empty_filter_chain = !config_->filterChainFactory().createNetworkFilterChain( *active_connection->connection_, filter_chain->networkFilterFactories()); if (empty_filter_chain) { ENVOY_CONN_LOG(debug, "closing connection: no filters", *active_connection->connection_); active_connection->connection_->close(Network::ConnectionCloseType::NoFlush); } // If the connection is already closed, we can just let this connection immediately die. if (active_connection->connection_->state() != Network::Connection::State::Closed) { ENVOY_CONN_LOG(debug, "new connection", *active_connection->connection_); active_connection->connection_->addConnectionCallbacks(*active_connection); LinkedList::moveIntoList(std::move(active_connection), active_connections.connections_); } } ConnectionHandlerImpl::ActiveConnections& ConnectionHandlerImpl::ActiveTcpListener::getOrCreateActiveConnections( const Network::FilterChain& filter_chain) { ActiveConnectionsPtr& connections = connections_by_context_[&filter_chain]; if (connections == nullptr) { connections = std::make_unique(*this, filter_chain); } return *connections; } void ConnectionHandlerImpl::ActiveTcpListener::deferredRemoveFilterChains( const std::list& draining_filter_chains) { // Need to recover the original deleting state. const bool was_deleting = is_deleting_; is_deleting_ = true; for (const auto* filter_chain : draining_filter_chains) { auto iter = connections_by_context_.find(filter_chain); if (iter == connections_by_context_.end()) { // It is possible when listener is stopping. } else { auto& connections = iter->second->connections_; while (!connections.empty()) { connections.front()->connection_->close(Network::ConnectionCloseType::NoFlush); } // Since is_deleting_ is on, we need to manually remove the map value and drive the iterator. // Defer delete connection container to avoid race condition in destroying connection. parent_.dispatcher_.deferredDelete(std::move(iter->second)); connections_by_context_.erase(iter); } } is_deleting_ = was_deleting; } namespace { // Structure used to allow a unique_ptr to be captured in a posted lambda. See below. struct RebalancedSocket { Network::ConnectionSocketPtr socket; }; using RebalancedSocketSharedPtr = std::shared_ptr; } // namespace void ConnectionHandlerImpl::ActiveTcpListener::post(Network::ConnectionSocketPtr&& socket) { // It is not possible to capture a unique_ptr because the post() API copies the lambda, so we must // bundle the socket inside a shared_ptr that can be captured. // TODO(mattklein123): It may be possible to change the post() API such that the lambda is only // moved, but this is non-trivial and needs investigation. RebalancedSocketSharedPtr socket_to_rebalance = std::make_shared(); socket_to_rebalance->socket = std::move(socket); parent_.dispatcher_.post( [socket_to_rebalance, tag = config_->listenerTag(), &parent = parent_]() { auto listener = parent.findActiveListenerByTag(tag); if (listener.has_value()) { // If the tag matches this must be a TCP listener. ASSERT(absl::holds_alternative>( listener->get().typed_listener_)); auto& tcp_listener = absl::get>(listener->get().typed_listener_) .get(); tcp_listener.onAcceptWorker(std::move(socket_to_rebalance->socket), tcp_listener.config_->handOffRestoredDestinationConnections(), true); return; } }); } ConnectionHandlerImpl::ActiveConnections::ActiveConnections( ConnectionHandlerImpl::ActiveTcpListener& listener, const Network::FilterChain& filter_chain) : listener_(listener), filter_chain_(filter_chain) {} ConnectionHandlerImpl::ActiveConnections::~ActiveConnections() { // connections should be defer deleted already. ASSERT(connections_.empty()); } ConnectionHandlerImpl::ActiveTcpConnection::ActiveTcpConnection( ActiveConnections& active_connections, Network::ConnectionPtr&& new_connection, TimeSource& time_source, std::unique_ptr&& stream_info) : stream_info_(std::move(stream_info)), active_connections_(active_connections), connection_(std::move(new_connection)), conn_length_(new Stats::HistogramCompletableTimespanImpl( active_connections_.listener_.stats_.downstream_cx_length_ms_, time_source)) { // We just universally set no delay on connections. Theoretically we might at some point want // to make this configurable. connection_->noDelay(true); auto& listener = active_connections_.listener_; listener.stats_.downstream_cx_total_.inc(); listener.stats_.downstream_cx_active_.inc(); listener.per_worker_stats_.downstream_cx_total_.inc(); listener.per_worker_stats_.downstream_cx_active_.inc(); stream_info_->setConnectionID(connection_->id()); // Active connections on the handler (not listener). The per listener connections have already // been incremented at this point either via the connection balancer or in the socket accept // path if there is no configured balancer. ++listener.parent_.num_handler_connections_; } ConnectionHandlerImpl::ActiveTcpConnection::~ActiveTcpConnection() { emitLogs(*active_connections_.listener_.config_, *stream_info_); auto& listener = active_connections_.listener_; listener.stats_.downstream_cx_active_.dec(); listener.stats_.downstream_cx_destroy_.inc(); listener.per_worker_stats_.downstream_cx_active_.dec(); conn_length_->complete(); // Active listener connections (not handler). listener.decNumConnections(); // Active handler connections (not listener). listener.parent_.decNumConnections(); } ConnectionHandlerImpl::ActiveTcpListenerOptRef ConnectionHandlerImpl::ActiveListenerDetails::tcpListener() { auto* val = absl::get_if>(&typed_listener_); return (val != nullptr) ? absl::make_optional(*val) : absl::nullopt; } ConnectionHandlerImpl::UdpListenerCallbacksOptRef ConnectionHandlerImpl::ActiveListenerDetails::udpListener() { auto* val = absl::get_if>(&typed_listener_); return (val != nullptr) ? absl::make_optional(*val) : absl::nullopt; } ActiveUdpListenerBase::ActiveUdpListenerBase(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::UdpListenerPtr&& listener, Network::ListenerConfig* config) : ConnectionHandlerImpl::ActiveListenerImplBase(parent, config), worker_index_(worker_index), concurrency_(concurrency), parent_(parent), listen_socket_(listen_socket), udp_listener_(std::move(listener)) { ASSERT(worker_index_ < concurrency_); config_->udpListenerWorkerRouter()->get().registerWorkerForListener(*this); } ActiveUdpListenerBase::~ActiveUdpListenerBase() { config_->udpListenerWorkerRouter()->get().unregisterWorkerForListener(*this); } void ActiveUdpListenerBase::post(Network::UdpRecvData&& data) { ASSERT(!udp_listener_->dispatcher().isThreadSafe(), "Shouldn't be post'ing if thread safe; use onWorkerData() instead."); // It is not possible to capture a unique_ptr because the post() API copies the lambda, so we must // bundle the socket inside a shared_ptr that can be captured. // TODO(mattklein123): It may be possible to change the post() API such that the lambda is only // moved, but this is non-trivial and needs investigation. auto data_to_post = std::make_shared(); *data_to_post = std::move(data); udp_listener_->dispatcher().post( [data_to_post, tag = config_->listenerTag(), &parent = parent_]() { Network::UdpListenerCallbacksOptRef listener = parent.getUdpListenerCallbacks(tag); if (listener.has_value()) { listener->get().onDataWorker(std::move(*data_to_post)); } }); } void ActiveUdpListenerBase::onData(Network::UdpRecvData&& data) { uint32_t dest = worker_index_; // For concurrency == 1, the packet will always go to the current worker. if (concurrency_ > 1) { dest = destination(data); ASSERT(dest < concurrency_); } if (dest == worker_index_) { onDataWorker(std::move(data)); } else { config_->udpListenerWorkerRouter()->get().deliver(dest, std::move(data)); } } ActiveRawUdpListener::ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Event::Dispatcher& dispatcher, Network::ListenerConfig& config) : ActiveRawUdpListener(worker_index, concurrency, parent, config.listenSocketFactory().getListenSocket(), dispatcher, config) {} ActiveRawUdpListener::ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::SocketSharedPtr listen_socket_ptr, Event::Dispatcher& dispatcher, Network::ListenerConfig& config) : ActiveRawUdpListener(worker_index, concurrency, parent, *listen_socket_ptr, listen_socket_ptr, dispatcher, config) {} ActiveRawUdpListener::ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::SocketSharedPtr listen_socket_ptr, Event::Dispatcher& dispatcher, Network::ListenerConfig& config) : ActiveRawUdpListener(worker_index, concurrency, parent, listen_socket, dispatcher.createUdpListener(listen_socket_ptr, *this), config) {} ActiveRawUdpListener::ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::UdpListenerPtr&& listener, Network::ListenerConfig& config) : ActiveUdpListenerBase(worker_index, concurrency, parent, listen_socket, std::move(listener), &config), read_filter_(nullptr) { // Create the filter chain on creating a new udp listener config_->filterChainFactory().createUdpListenerFilterChain(*this, *this); // If filter is nullptr, fail the creation of the listener if (read_filter_ == nullptr) { throw Network::CreateListenerException( fmt::format("Cannot create listener as no read filter registered for the udp listener: {} ", config_->name())); } // Create udp_packet_writer udp_packet_writer_ = config.udpPacketWriterFactory()->get().createUdpPacketWriter( listen_socket_.ioHandle(), config.listenerScope()); } void ActiveRawUdpListener::onDataWorker(Network::UdpRecvData&& data) { read_filter_->onData(data); } void ActiveRawUdpListener::onReadReady() {} void ActiveRawUdpListener::onWriteReady(const Network::Socket&) { // TODO(sumukhs): This is not used now. When write filters are implemented, this is a // trigger to invoke the on write ready API on the filters which is when they can write // data // Clear write_blocked_ status for udpPacketWriter udp_packet_writer_->setWritable(); } void ActiveRawUdpListener::onReceiveError(Api::IoError::IoErrorCode error_code) { read_filter_->onReceiveError(error_code); } void ActiveRawUdpListener::addReadFilter(Network::UdpListenerReadFilterPtr&& filter) { ASSERT(read_filter_ == nullptr, "Cannot add a 2nd UDP read filter"); read_filter_ = std::move(filter); } Network::UdpListener& ActiveRawUdpListener::udpListener() { return *udp_listener_; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/connection_handler_impl.h ================================================ #pragma once #include #include #include #include #include "envoy/common/time.h" #include "envoy/event/deferred_deletable.h" #include "envoy/network/connection.h" #include "envoy/network/connection_handler.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" #include "envoy/server/active_udp_listener_config.h" #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" #include "common/common/linked_object.h" #include "common/common/non_copyable.h" #include "common/stream_info/stream_info_impl.h" #include "spdlog/spdlog.h" namespace Envoy { namespace Server { #define ALL_LISTENER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(downstream_cx_destroy) \ COUNTER(downstream_cx_overflow) \ COUNTER(downstream_cx_total) \ COUNTER(downstream_global_cx_overflow) \ COUNTER(downstream_pre_cx_timeout) \ COUNTER(no_filter_chain_match) \ GAUGE(downstream_cx_active, Accumulate) \ GAUGE(downstream_pre_cx_active, Accumulate) \ HISTOGRAM(downstream_cx_length_ms, Milliseconds) /** * Wrapper struct for listener stats. @see stats_macros.h */ struct ListenerStats { ALL_LISTENER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; #define ALL_PER_HANDLER_LISTENER_STATS(COUNTER, GAUGE) \ COUNTER(downstream_cx_total) \ GAUGE(downstream_cx_active, Accumulate) /** * Wrapper struct for per-handler listener stats. @see stats_macros.h */ struct PerHandlerListenerStats { ALL_PER_HANDLER_LISTENER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; class ActiveUdpListenerBase; /** * Server side connection handler. This is used both by workers as well as the * main thread for non-threaded listeners. */ class ConnectionHandlerImpl : public Network::ConnectionHandler, NonCopyable, Logger::Loggable { public: ConnectionHandlerImpl(Event::Dispatcher& dispatcher, absl::optional worker_index); // Network::ConnectionHandler uint64_t numConnections() const override { return num_handler_connections_; } void incNumConnections() override; void decNumConnections() override; void addListener(absl::optional overridden_listener, Network::ListenerConfig& config) override; void removeListeners(uint64_t listener_tag) override; Network::UdpListenerCallbacksOptRef getUdpListenerCallbacks(uint64_t listener_tag) override; void removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) override; void stopListeners(uint64_t listener_tag) override; void stopListeners() override; void disableListeners() override; void enableListeners() override; const std::string& statPrefix() const override { return per_handler_stat_prefix_; } /** * Wrapper for an active listener owned by this handler. */ class ActiveListenerImplBase : public virtual Network::ConnectionHandler::ActiveListener { public: ActiveListenerImplBase(Network::ConnectionHandler& parent, Network::ListenerConfig* config); // Network::ConnectionHandler::ActiveListener. uint64_t listenerTag() override { return config_->listenerTag(); } ListenerStats stats_; PerHandlerListenerStats per_worker_stats_; Network::ListenerConfig* config_{}; }; private: struct ActiveTcpConnection; using ActiveTcpConnectionPtr = std::unique_ptr; struct ActiveTcpSocket; using ActiveTcpSocketPtr = std::unique_ptr; class ActiveConnections; using ActiveConnectionsPtr = std::unique_ptr; /** * Wrapper for an active tcp listener owned by this handler. */ class ActiveTcpListener : public Network::TcpListenerCallbacks, public ActiveListenerImplBase, public Network::BalancedConnectionHandler { public: ActiveTcpListener(ConnectionHandlerImpl& parent, Network::ListenerConfig& config); ActiveTcpListener(ConnectionHandlerImpl& parent, Network::ListenerPtr&& listener, Network::ListenerConfig& config); ~ActiveTcpListener() override; bool listenerConnectionLimitReached() const { // TODO(tonya11en): Delegate enforcement of per-listener connection limits to overload // manager. return !config_->openConnections().canCreate(); } void onAcceptWorker(Network::ConnectionSocketPtr&& socket, bool hand_off_restored_destination_connections, bool rebalanced); void decNumConnections() { ASSERT(num_listener_connections_ > 0); --num_listener_connections_; config_->openConnections().dec(); } // Network::TcpListenerCallbacks void onAccept(Network::ConnectionSocketPtr&& socket) override; void onReject() override { stats_.downstream_global_cx_overflow_.inc(); } // ActiveListenerImplBase Network::Listener* listener() override { return listener_.get(); } void pauseListening() override { listener_->disable(); } void resumeListening() override { listener_->enable(); } void shutdownListener() override { listener_.reset(); } // Network::BalancedConnectionHandler uint64_t numConnections() const override { return num_listener_connections_; } void incNumConnections() override { ++num_listener_connections_; config_->openConnections().inc(); } void post(Network::ConnectionSocketPtr&& socket) override; /** * Remove and destroy an active connection. * @param connection supplies the connection to remove. */ void removeConnection(ActiveTcpConnection& connection); /** * Create a new connection from a socket accepted by the listener. */ void newConnection(Network::ConnectionSocketPtr&& socket, std::unique_ptr stream_info); /** * Return the active connections container attached with the given filter chain. */ ActiveConnections& getOrCreateActiveConnections(const Network::FilterChain& filter_chain); /** * Schedule to remove and destroy the active connections which are not tracked by listener * config. Caution: The connection are not destroyed yet when function returns. */ void deferredRemoveFilterChains( const std::list& draining_filter_chains); /** * Update the listener config. The follow up connections will see the new config. The existing * connections are not impacted. */ void updateListenerConfig(Network::ListenerConfig& config); ConnectionHandlerImpl& parent_; Network::ListenerPtr listener_; const std::chrono::milliseconds listener_filters_timeout_; const bool continue_on_listener_filters_timeout_; std::list sockets_; absl::node_hash_map connections_by_context_; // The number of connections currently active on this listener. This is typically used for // connection balancing across per-handler listeners. std::atomic num_listener_connections_{}; bool is_deleting_{false}; }; /** * Wrapper for a group of active connections which are attached to the same filter chain context. */ class ActiveConnections : public Event::DeferredDeletable { public: ActiveConnections(ActiveTcpListener& listener, const Network::FilterChain& filter_chain); ~ActiveConnections() override; // listener filter chain pair is the owner of the connections ActiveTcpListener& listener_; const Network::FilterChain& filter_chain_; // Owned connections std::list connections_; }; /** * Wrapper for an active TCP connection owned by this handler. */ struct ActiveTcpConnection : LinkedObject, public Event::DeferredDeletable, public Network::ConnectionCallbacks { ActiveTcpConnection(ActiveConnections& active_connections, Network::ConnectionPtr&& new_connection, TimeSource& time_system, std::unique_ptr&& stream_info); ~ActiveTcpConnection() override; // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override { // Any event leads to destruction of the connection. if (event == Network::ConnectionEvent::LocalClose || event == Network::ConnectionEvent::RemoteClose) { active_connections_.listener_.removeConnection(*this); } } void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} std::unique_ptr stream_info_; ActiveConnections& active_connections_; Network::ConnectionPtr connection_; Stats::TimespanPtr conn_length_; }; /** * Wrapper for an active accepted TCP socket owned by this handler. */ struct ActiveTcpSocket : public Network::ListenerFilterManager, public Network::ListenerFilterCallbacks, LinkedObject, public Event::DeferredDeletable { ActiveTcpSocket(ActiveTcpListener& listener, Network::ConnectionSocketPtr&& socket, bool hand_off_restored_destination_connections) : listener_(listener), socket_(std::move(socket)), hand_off_restored_destination_connections_(hand_off_restored_destination_connections), iter_(accept_filters_.end()), stream_info_(std::make_unique( listener_.parent_.dispatcher_.timeSource(), StreamInfo::FilterState::LifeSpan::Connection)) { listener_.stats_.downstream_pre_cx_active_.inc(); stream_info_->setDownstreamLocalAddress(socket_->localAddress()); stream_info_->setDownstreamRemoteAddress(socket_->remoteAddress()); stream_info_->setDownstreamDirectRemoteAddress(socket_->directRemoteAddress()); } ~ActiveTcpSocket() override { accept_filters_.clear(); listener_.stats_.downstream_pre_cx_active_.dec(); // If the underlying socket is no longer attached, it means that it has been transferred to // an active connection. In this case, the active connection will decrement the number // of listener connections. // TODO(mattklein123): In general the way we account for the number of listener connections // is incredibly fragile. Revisit this by potentially merging ActiveTcpSocket and // ActiveTcpConnection, having a shared object which does accounting (but would require // another allocation, etc.). if (socket_ != nullptr) { listener_.decNumConnections(); } } void onTimeout(); void startTimer(); void unlink(); void newConnection(); class GenericListenerFilter : public Network::ListenerFilter { public: GenericListenerFilter(const Network::ListenerFilterMatcherSharedPtr& matcher, Network::ListenerFilterPtr listener_filter) : listener_filter_(std::move(listener_filter)), matcher_(std::move(matcher)) {} Network::FilterStatus onAccept(ListenerFilterCallbacks& cb) override { if (isDisabled(cb)) { return Network::FilterStatus::Continue; } return listener_filter_->onAccept(cb); } /** * Check if this filter filter should be disabled on the incoming socket. * @param cb the callbacks the filter instance can use to communicate with the filter chain. **/ bool isDisabled(ListenerFilterCallbacks& cb) { if (matcher_ == nullptr) { return false; } else { return matcher_->matches(cb); } } private: const Network::ListenerFilterPtr listener_filter_; const Network::ListenerFilterMatcherSharedPtr matcher_; }; using ListenerFilterWrapperPtr = std::unique_ptr; // Network::ListenerFilterManager void addAcceptFilter(const Network::ListenerFilterMatcherSharedPtr& listener_filter_matcher, Network::ListenerFilterPtr&& filter) override { accept_filters_.emplace_back( std::make_unique(listener_filter_matcher, std::move(filter))); } // Network::ListenerFilterCallbacks Network::ConnectionSocket& socket() override { return *socket_.get(); } Event::Dispatcher& dispatcher() override { return listener_.parent_.dispatcher_; } void continueFilterChain(bool success) override; void setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) override; envoy::config::core::v3::Metadata& dynamicMetadata() override { return stream_info_->dynamicMetadata(); }; const envoy::config::core::v3::Metadata& dynamicMetadata() const override { return stream_info_->dynamicMetadata(); }; ActiveTcpListener& listener_; Network::ConnectionSocketPtr socket_; const bool hand_off_restored_destination_connections_; std::list accept_filters_; std::list::iterator iter_; Event::TimerPtr timer_; std::unique_ptr stream_info_; bool connected_{false}; }; using ActiveTcpListenerOptRef = absl::optional>; using UdpListenerCallbacksOptRef = absl::optional>; struct ActiveListenerDetails { // Strong pointer to the listener, whether TCP, UDP, QUIC, etc. Network::ConnectionHandler::ActiveListenerPtr listener_; absl::variant, std::reference_wrapper> typed_listener_; // Helpers for accessing the data in the variant for cleaner code. ActiveTcpListenerOptRef tcpListener(); UdpListenerCallbacksOptRef udpListener(); }; using ActiveListenerDetailsOptRef = absl::optional>; ActiveTcpListenerOptRef findActiveTcpListenerByAddress(const Network::Address::Instance& address); ActiveListenerDetailsOptRef findActiveListenerByTag(uint64_t listener_tag); // This has a value on worker threads, and no value on the main thread. const absl::optional worker_index_; Event::Dispatcher& dispatcher_; const std::string per_handler_stat_prefix_; std::list> listeners_; std::atomic num_handler_connections_{}; bool disable_listeners_; }; class ActiveUdpListenerBase : public ConnectionHandlerImpl::ActiveListenerImplBase, public Network::ConnectionHandler::ActiveUdpListener { public: ActiveUdpListenerBase(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::UdpListenerPtr&& listener, Network::ListenerConfig* config); ~ActiveUdpListenerBase() override; // Network::UdpListenerCallbacks void onData(Network::UdpRecvData&& data) final; uint32_t workerIndex() const final { return worker_index_; } void post(Network::UdpRecvData&& data) final; // ActiveListenerImplBase Network::Listener* listener() override { return udp_listener_.get(); } protected: uint32_t destination(const Network::UdpRecvData& /*data*/) const override { // By default, route to the current worker. return worker_index_; } const uint32_t worker_index_; const uint32_t concurrency_; Network::ConnectionHandler& parent_; Network::Socket& listen_socket_; Network::UdpListenerPtr udp_listener_; }; /** * Wrapper for an active udp listener owned by this handler. */ class ActiveRawUdpListener : public ActiveUdpListenerBase, public Network::UdpListenerFilterManager, public Network::UdpReadFilterCallbacks { public: ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Event::Dispatcher& dispatcher, Network::ListenerConfig& config); ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::SocketSharedPtr listen_socket_ptr, Event::Dispatcher& dispatcher, Network::ListenerConfig& config); ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::SocketSharedPtr listen_socket_ptr, Event::Dispatcher& dispatcher, Network::ListenerConfig& config); ActiveRawUdpListener(uint32_t worker_index, uint32_t concurrency, Network::ConnectionHandler& parent, Network::Socket& listen_socket, Network::UdpListenerPtr&& listener, Network::ListenerConfig& config); // Network::UdpListenerCallbacks void onReadReady() override; void onWriteReady(const Network::Socket& socket) override; void onReceiveError(Api::IoError::IoErrorCode error_code) override; Network::UdpPacketWriter& udpPacketWriter() override { return *udp_packet_writer_; } // Network::UdpWorker void onDataWorker(Network::UdpRecvData&& data) override; // ActiveListenerImplBase void pauseListening() override { udp_listener_->disable(); } void resumeListening() override { udp_listener_->enable(); } void shutdownListener() override { // The read filter should be deleted before the UDP listener is deleted. // The read filter refers to the UDP listener to send packets to downstream. // If the UDP listener is deleted before the read filter, the read filter may try to use it // after deletion. read_filter_.reset(); udp_listener_.reset(); } // Network::UdpListenerFilterManager void addReadFilter(Network::UdpListenerReadFilterPtr&& filter) override; // Network::UdpReadFilterCallbacks Network::UdpListener& udpListener() override; private: Network::UdpListenerReadFilterPtr read_filter_; Network::UdpPacketWriterPtr udp_packet_writer_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/drain_manager_impl.cc ================================================ #include "server/drain_manager_impl.h" #include #include #include #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/event/timer.h" #include "common/common/assert.h" namespace Envoy { namespace Server { DrainManagerImpl::DrainManagerImpl(Instance& server, envoy::config::listener::v3::Listener::DrainType drain_type) : server_(server), drain_type_(drain_type) {} bool DrainManagerImpl::drainClose() const { // If we are actively health check failed and the drain type is default, always drain close. // // TODO(mattklein123): In relation to x-envoy-immediate-health-check-fail, it would be better // if even in the case of server health check failure we had some period of drain ramp up. This // would allow the other side to fail health check for the host which will require some thread // jumps versus immediately start GOAWAY/connection thrashing. if (drain_type_ == envoy::config::listener::v3::Listener::DEFAULT && server_.healthCheckFailed()) { return true; } if (!draining_) { return false; } if (server_.options().drainStrategy() == Server::DrainStrategy::Immediate) { return true; } ASSERT(server_.options().drainStrategy() == Server::DrainStrategy::Gradual); // P(return true) = elapsed time / drain timeout // If the drain deadline is exceeded, skip the probability calculation. const MonotonicTime current_time = server_.dispatcher().timeSource().monotonicTime(); if (current_time >= drain_deadline_) { return true; } const auto remaining_time = std::chrono::duration_cast(drain_deadline_ - current_time); ASSERT(server_.options().drainTime() >= remaining_time); const auto elapsed_time = server_.options().drainTime() - remaining_time; return static_cast(elapsed_time.count()) > (server_.api().randomGenerator().random() % server_.options().drainTime().count()); } void DrainManagerImpl::startDrainSequence(std::function drain_complete_cb) { ASSERT(drain_complete_cb); ASSERT(!draining_); ASSERT(!drain_tick_timer_); draining_ = true; drain_tick_timer_ = server_.dispatcher().createTimer(drain_complete_cb); const std::chrono::seconds drain_delay(server_.options().drainTime()); drain_tick_timer_->enableTimer(drain_delay); drain_deadline_ = server_.dispatcher().timeSource().monotonicTime() + drain_delay; } void DrainManagerImpl::startParentShutdownSequence() { ASSERT(!parent_shutdown_timer_); parent_shutdown_timer_ = server_.dispatcher().createTimer([this]() -> void { // Shut down the parent now. It should have already been draining. ENVOY_LOG(info, "shutting down parent after drain"); server_.hotRestart().sendParentTerminateRequest(); }); parent_shutdown_timer_->enableTimer(std::chrono::duration_cast( server_.options().parentShutdownTime())); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/drain_manager_impl.h ================================================ #pragma once #include #include "envoy/common/time.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/event/timer.h" #include "envoy/server/drain_manager.h" #include "envoy/server/instance.h" #include "common/common/logger.h" namespace Envoy { namespace Server { /** * Implementation of drain manager that does the following by default: * 1) Terminates the parent process after 15 minutes. * 2) Drains the parent process over a period of 10 minutes where drain close becomes more * likely each second that passes. */ class DrainManagerImpl : Logger::Loggable, public DrainManager { public: DrainManagerImpl(Instance& server, envoy::config::listener::v3::Listener::DrainType drain_type); // Network::DrainDecision bool drainClose() const override; // Server::DrainManager void startDrainSequence(std::function drain_complete_cb) override; bool draining() const override { return draining_; } void startParentShutdownSequence() override; private: Instance& server_; const envoy::config::listener::v3::Listener::DrainType drain_type_; std::atomic draining_{false}; Event::TimerPtr drain_tick_timer_; MonotonicTime drain_deadline_; Event::TimerPtr parent_shutdown_timer_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/filter_chain_factory_context_callback.h ================================================ #pragma once #include #include "envoy/api/v2/listener/listener.pb.h" #include "envoy/common/pure.h" #include "envoy/server/filter_config.h" namespace Envoy { namespace Server { /** * Handles FilterChainFactoryContext creation. It is used by a listener to add a new filter chain * without worrying about the lifetime of each factory context. */ class FilterChainFactoryContextCreator { public: virtual ~FilterChainFactoryContextCreator() = default; /** * Generate the filter chain factory context from proto. Note the caller does not own the filter * chain context. */ virtual Configuration::FilterChainFactoryContextPtr createFilterChainFactoryContext( const ::envoy::config::listener::v3::FilterChain* const filter_chain) PURE; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/filter_chain_manager_impl.cc ================================================ #include "server/filter_chain_manager_impl.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "common/common/cleanup.h" #include "common/common/empty_string.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/network/socket_interface.h" #include "common/protobuf/utility.h" #include "server/configuration_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Server { namespace { // Return a fake address for use when either the source or destination is UDS. Network::Address::InstanceConstSharedPtr fakeAddress() { CONSTRUCT_ON_FIRST_USE(Network::Address::InstanceConstSharedPtr, Network::Utility::parseInternetAddress("255.255.255.255")); } } // namespace PerFilterChainFactoryContextImpl::PerFilterChainFactoryContextImpl( Configuration::FactoryContext& parent_context, Init::Manager& init_manager) : parent_context_(parent_context), init_manager_(init_manager) {} bool PerFilterChainFactoryContextImpl::drainClose() const { return is_draining_.load() || parent_context_.drainDecision().drainClose(); } Network::DrainDecision& PerFilterChainFactoryContextImpl::drainDecision() { return *this; } Init::Manager& PerFilterChainFactoryContextImpl::initManager() { return init_manager_; } ThreadLocal::SlotAllocator& PerFilterChainFactoryContextImpl::threadLocal() { return parent_context_.threadLocal(); } const envoy::config::core::v3::Metadata& PerFilterChainFactoryContextImpl::listenerMetadata() const { return parent_context_.listenerMetadata(); } envoy::config::core::v3::TrafficDirection PerFilterChainFactoryContextImpl::direction() const { return parent_context_.direction(); } ProtobufMessage::ValidationContext& PerFilterChainFactoryContextImpl::messageValidationContext() { return parent_context_.messageValidationContext(); } ProtobufMessage::ValidationVisitor& PerFilterChainFactoryContextImpl::messageValidationVisitor() { return parent_context_.messageValidationVisitor(); } AccessLog::AccessLogManager& PerFilterChainFactoryContextImpl::accessLogManager() { return parent_context_.accessLogManager(); } Upstream::ClusterManager& PerFilterChainFactoryContextImpl::clusterManager() { return parent_context_.clusterManager(); } Event::Dispatcher& PerFilterChainFactoryContextImpl::dispatcher() { return parent_context_.dispatcher(); } Grpc::Context& PerFilterChainFactoryContextImpl::grpcContext() { return parent_context_.grpcContext(); } bool PerFilterChainFactoryContextImpl::healthCheckFailed() { return parent_context_.healthCheckFailed(); } Http::Context& PerFilterChainFactoryContextImpl::httpContext() { return parent_context_.httpContext(); } const LocalInfo::LocalInfo& PerFilterChainFactoryContextImpl::localInfo() const { return parent_context_.localInfo(); } Envoy::Runtime::Loader& PerFilterChainFactoryContextImpl::runtime() { return parent_context_.runtime(); } Stats::Scope& PerFilterChainFactoryContextImpl::scope() { return parent_context_.scope(); } Singleton::Manager& PerFilterChainFactoryContextImpl::singletonManager() { return parent_context_.singletonManager(); } OverloadManager& PerFilterChainFactoryContextImpl::overloadManager() { return parent_context_.overloadManager(); } Admin& PerFilterChainFactoryContextImpl::admin() { return parent_context_.admin(); } TimeSource& PerFilterChainFactoryContextImpl::timeSource() { return api().timeSource(); } Api::Api& PerFilterChainFactoryContextImpl::api() { return parent_context_.api(); } ServerLifecycleNotifier& PerFilterChainFactoryContextImpl::lifecycleNotifier() { return parent_context_.lifecycleNotifier(); } ProcessContextOptRef PerFilterChainFactoryContextImpl::processContext() { return parent_context_.processContext(); } Configuration::ServerFactoryContext& PerFilterChainFactoryContextImpl::getServerFactoryContext() const { return parent_context_.getServerFactoryContext(); } Configuration::TransportSocketFactoryContext& PerFilterChainFactoryContextImpl::getTransportSocketFactoryContext() const { return parent_context_.getTransportSocketFactoryContext(); } Stats::Scope& PerFilterChainFactoryContextImpl::listenerScope() { return parent_context_.listenerScope(); } FilterChainManagerImpl::FilterChainManagerImpl( const Network::Address::InstanceConstSharedPtr& address, Configuration::FactoryContext& factory_context, Init::Manager& init_manager, const FilterChainManagerImpl& parent_manager) : address_(address), parent_context_(factory_context), origin_(&parent_manager), init_manager_(init_manager) {} bool FilterChainManagerImpl::isWildcardServerName(const std::string& name) { return absl::StartsWith(name, "*."); } void FilterChainManagerImpl::addFilterChain( absl::Span filter_chain_span, FilterChainFactoryBuilder& filter_chain_factory_builder, FilterChainFactoryContextCreator& context_creator) { Cleanup cleanup([this]() { origin_ = absl::nullopt; }); absl::node_hash_map filter_chains; uint32_t new_filter_chain_size = 0; for (const auto& filter_chain : filter_chain_span) { const auto& filter_chain_match = filter_chain->filter_chain_match(); if (!filter_chain_match.address_suffix().empty() || filter_chain_match.has_suffix_len()) { throw EnvoyException(fmt::format("error adding listener '{}': filter chain '{}' contains " "unimplemented fields", address_->asString(), filter_chain->name())); } const auto& matching_iter = filter_chains.find(filter_chain_match); if (matching_iter != filter_chains.end()) { throw EnvoyException(fmt::format("error adding listener '{}': filter chain '{}' has " "the same matching rules defined as '{}'", address_->asString(), filter_chain->name(), matching_iter->second)); } filter_chains.insert({filter_chain_match, filter_chain->name()}); // Validate IP addresses. std::vector destination_ips; destination_ips.reserve(filter_chain_match.prefix_ranges().size()); for (const auto& destination_ip : filter_chain_match.prefix_ranges()) { const auto& cidr_range = Network::Address::CidrRange::create(destination_ip); destination_ips.push_back(cidr_range.asString()); } std::vector source_ips; source_ips.reserve(filter_chain_match.source_prefix_ranges().size()); for (const auto& source_ip : filter_chain_match.source_prefix_ranges()) { const auto& cidr_range = Network::Address::CidrRange::create(source_ip); source_ips.push_back(cidr_range.asString()); } // Reject partial wildcards, we don't match on them. for (const auto& server_name : filter_chain_match.server_names()) { if (server_name.find('*') != std::string::npos && !FilterChainManagerImpl::isWildcardServerName(server_name)) { throw EnvoyException( fmt::format("error adding listener '{}': partial wildcards are not supported in " "\"server_names\"", address_->asString())); } } // Reuse created filter chain if possible. // FilterChainManager maintains the lifetime of FilterChainFactoryContext // ListenerImpl maintains the dependencies of FilterChainFactoryContext auto filter_chain_impl = findExistingFilterChain(*filter_chain); if (filter_chain_impl == nullptr) { filter_chain_impl = filter_chain_factory_builder.buildFilterChain(*filter_chain, context_creator); ++new_filter_chain_size; } addFilterChainForDestinationPorts( destination_ports_map_, PROTOBUF_GET_WRAPPED_OR_DEFAULT(filter_chain_match, destination_port, 0), destination_ips, filter_chain_match.server_names(), filter_chain_match.transport_protocol(), filter_chain_match.application_protocols(), filter_chain_match.source_type(), source_ips, filter_chain_match.source_ports(), filter_chain_impl); fc_contexts_[*filter_chain] = filter_chain_impl; } convertIPsToTries(); ENVOY_LOG(debug, "new fc_contexts has {} filter chains, including {} newly built", fc_contexts_.size(), new_filter_chain_size); } void FilterChainManagerImpl::addFilterChainForDestinationPorts( DestinationPortsMap& destination_ports_map, uint16_t destination_port, const std::vector& destination_ips, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (destination_ports_map.find(destination_port) == destination_ports_map.end()) { destination_ports_map[destination_port] = std::make_pair(DestinationIPsMap{}, nullptr); } addFilterChainForDestinationIPs(destination_ports_map[destination_port].first, destination_ips, server_names, transport_protocol, application_protocols, source_type, source_ips, source_ports, filter_chain); } void FilterChainManagerImpl::addFilterChainForDestinationIPs( DestinationIPsMap& destination_ips_map, const std::vector& destination_ips, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (destination_ips.empty()) { addFilterChainForServerNames(destination_ips_map[EMPTY_STRING], server_names, transport_protocol, application_protocols, source_type, source_ips, source_ports, filter_chain); } else { for (const auto& destination_ip : destination_ips) { addFilterChainForServerNames(destination_ips_map[destination_ip], server_names, transport_protocol, application_protocols, source_type, source_ips, source_ports, filter_chain); } } } void FilterChainManagerImpl::addFilterChainForServerNames( ServerNamesMapSharedPtr& server_names_map_ptr, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (server_names_map_ptr == nullptr) { server_names_map_ptr = std::make_shared(); } auto& server_names_map = *server_names_map_ptr; if (server_names.empty()) { addFilterChainForApplicationProtocols(server_names_map[EMPTY_STRING][transport_protocol], application_protocols, source_type, source_ips, source_ports, filter_chain); } else { for (const auto& server_name_ptr : server_names) { if (isWildcardServerName(*server_name_ptr)) { // Add mapping for the wildcard domain, i.e. ".example.com" for "*.example.com". addFilterChainForApplicationProtocols( server_names_map[server_name_ptr->substr(1)][transport_protocol], application_protocols, source_type, source_ips, source_ports, filter_chain); } else { addFilterChainForApplicationProtocols( server_names_map[*server_name_ptr][transport_protocol], application_protocols, source_type, source_ips, source_ports, filter_chain); } } } } void FilterChainManagerImpl::addFilterChainForApplicationProtocols( ApplicationProtocolsMap& application_protocols_map, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (application_protocols.empty()) { addFilterChainForSourceTypes(application_protocols_map[EMPTY_STRING], source_type, source_ips, source_ports, filter_chain); } else { for (const auto& application_protocol_ptr : application_protocols) { addFilterChainForSourceTypes(application_protocols_map[*application_protocol_ptr], source_type, source_ips, source_ports, filter_chain); } } } void FilterChainManagerImpl::addFilterChainForSourceTypes( SourceTypesArray& source_types_array, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (source_ips.empty()) { addFilterChainForSourceIPs(source_types_array[source_type].first, EMPTY_STRING, source_ports, filter_chain); } else { for (const auto& source_ip : source_ips) { addFilterChainForSourceIPs(source_types_array[source_type].first, source_ip, source_ports, filter_chain); } } } void FilterChainManagerImpl::addFilterChainForSourceIPs( SourceIPsMap& source_ips_map, const std::string& source_ip, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain) { if (source_ports.empty()) { addFilterChainForSourcePorts(source_ips_map[source_ip], 0, filter_chain); } else { for (auto source_port : source_ports) { addFilterChainForSourcePorts(source_ips_map[source_ip], source_port, filter_chain); } } } void FilterChainManagerImpl::addFilterChainForSourcePorts( SourcePortsMapSharedPtr& source_ports_map_ptr, uint32_t source_port, const Network::FilterChainSharedPtr& filter_chain) { if (source_ports_map_ptr == nullptr) { source_ports_map_ptr = std::make_shared(); } auto& source_ports_map = *source_ports_map_ptr; if (!source_ports_map.try_emplace(source_port, filter_chain).second) { // If we got here and found already configured branch, then it means that this FilterChainMatch // is a duplicate, and that there is some overlap in the repeated fields with already processed // FilterChainMatches. throw EnvoyException(fmt::format("error adding listener '{}': multiple filter chains with " "overlapping matching rules are defined", address_->asString())); } } namespace { // Template function for creating a CIDR list entry for either source or destination address. template std::pair> makeCidrListEntry(const std::string& cidr, const T& data) { std::vector subnets; if (cidr == EMPTY_STRING) { if (Network::SocketInterfaceSingleton::get().ipFamilySupported(AF_INET)) { subnets.push_back( Network::Address::CidrRange::create(Network::Utility::getIpv4CidrCatchAllAddress())); } if (Network::SocketInterfaceSingleton::get().ipFamilySupported(AF_INET6)) { subnets.push_back( Network::Address::CidrRange::create(Network::Utility::getIpv6CidrCatchAllAddress())); } } else { subnets.push_back(Network::Address::CidrRange::create(cidr)); } return std::make_pair>(T(data), std::move(subnets)); } }; // namespace const Network::FilterChain* FilterChainManagerImpl::findFilterChain(const Network::ConnectionSocket& socket) const { const auto& address = socket.localAddress(); // Match on destination port (only for IP addresses). if (address->type() == Network::Address::Type::Ip) { const auto port_match = destination_ports_map_.find(address->ip()->port()); if (port_match != destination_ports_map_.end()) { return findFilterChainForDestinationIP(*port_match->second.second, socket); } } // Match on catch-all port 0. const auto port_match = destination_ports_map_.find(0); if (port_match != destination_ports_map_.end()) { return findFilterChainForDestinationIP(*port_match->second.second, socket); } return nullptr; } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForDestinationIP( const DestinationIPsTrie& destination_ips_trie, const Network::ConnectionSocket& socket) const { auto address = socket.localAddress(); if (address->type() != Network::Address::Type::Ip) { address = fakeAddress(); } // Match on both: exact IP and wider CIDR ranges using LcTrie. const auto& data = destination_ips_trie.getData(address); if (!data.empty()) { ASSERT(data.size() == 1); return findFilterChainForServerName(*data.back(), socket); } return nullptr; } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForServerName( const ServerNamesMap& server_names_map, const Network::ConnectionSocket& socket) const { const std::string server_name(socket.requestedServerName()); // Match on exact server name, i.e. "www.example.com" for "www.example.com". const auto server_name_exact_match = server_names_map.find(server_name); if (server_name_exact_match != server_names_map.end()) { return findFilterChainForTransportProtocol(server_name_exact_match->second, socket); } // Match on all wildcard domains, i.e. ".example.com" and ".com" for "www.example.com". size_t pos = server_name.find('.', 1); while (pos < server_name.size() - 1 && pos != std::string::npos) { const std::string wildcard = server_name.substr(pos); const auto server_name_wildcard_match = server_names_map.find(wildcard); if (server_name_wildcard_match != server_names_map.end()) { return findFilterChainForTransportProtocol(server_name_wildcard_match->second, socket); } pos = server_name.find('.', pos + 1); } // Match on a filter chain without server name requirements. const auto server_name_catchall_match = server_names_map.find(EMPTY_STRING); if (server_name_catchall_match != server_names_map.end()) { return findFilterChainForTransportProtocol(server_name_catchall_match->second, socket); } return nullptr; } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForTransportProtocol( const TransportProtocolsMap& transport_protocols_map, const Network::ConnectionSocket& socket) const { const std::string transport_protocol(socket.detectedTransportProtocol()); // Match on exact transport protocol, e.g. "tls". const auto transport_protocol_match = transport_protocols_map.find(transport_protocol); if (transport_protocol_match != transport_protocols_map.end()) { return findFilterChainForApplicationProtocols(transport_protocol_match->second, socket); } // Match on a filter chain without transport protocol requirements. const auto any_protocol_match = transport_protocols_map.find(EMPTY_STRING); if (any_protocol_match != transport_protocols_map.end()) { return findFilterChainForApplicationProtocols(any_protocol_match->second, socket); } return nullptr; } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForApplicationProtocols( const ApplicationProtocolsMap& application_protocols_map, const Network::ConnectionSocket& socket) const { // Match on exact application protocol, e.g. "h2" or "http/1.1". for (const auto& application_protocol : socket.requestedApplicationProtocols()) { const auto application_protocol_match = application_protocols_map.find(application_protocol); if (application_protocol_match != application_protocols_map.end()) { return findFilterChainForSourceTypes(application_protocol_match->second, socket); } } // Match on a filter chain without application protocol requirements. const auto any_protocol_match = application_protocols_map.find(EMPTY_STRING); if (any_protocol_match != application_protocols_map.end()) { return findFilterChainForSourceTypes(any_protocol_match->second, socket); } return nullptr; } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForSourceTypes( const SourceTypesArray& source_types, const Network::ConnectionSocket& socket) const { const auto& filter_chain_local = source_types[envoy::config::listener::v3::FilterChainMatch::SAME_IP_OR_LOOPBACK]; const auto& filter_chain_external = source_types[envoy::config::listener::v3::FilterChainMatch::EXTERNAL]; // isSameIpOrLoopback can be expensive. Call it only if LOCAL or EXTERNAL have entries. const bool is_local_connection = (!filter_chain_local.first.empty() || !filter_chain_external.first.empty()) ? Network::Utility::isSameIpOrLoopback(socket) : false; if (is_local_connection) { if (!filter_chain_local.first.empty()) { return findFilterChainForSourceIpAndPort(*filter_chain_local.second, socket); } } else { if (!filter_chain_external.first.empty()) { return findFilterChainForSourceIpAndPort(*filter_chain_external.second, socket); } } const auto& filter_chain_any = source_types[envoy::config::listener::v3::FilterChainMatch::ANY]; if (!filter_chain_any.first.empty()) { return findFilterChainForSourceIpAndPort(*filter_chain_any.second, socket); } else { return nullptr; } } const Network::FilterChain* FilterChainManagerImpl::findFilterChainForSourceIpAndPort( const SourceIPsTrie& source_ips_trie, const Network::ConnectionSocket& socket) const { auto address = socket.remoteAddress(); if (address->type() != Network::Address::Type::Ip) { address = fakeAddress(); } // Match on both: exact IP and wider CIDR ranges using LcTrie. const auto& data = source_ips_trie.getData(address); if (data.empty()) { return nullptr; } ASSERT(data.size() == 1); const auto& source_ports_map = *data.back(); const uint32_t source_port = address->ip()->port(); const auto port_match = source_ports_map.find(source_port); // Did we get a direct hit on port. if (port_match != source_ports_map.end()) { return port_match->second.get(); } // Try port 0 if we didn't already try it (UDS). if (source_port != 0) { const auto any_match = source_ports_map.find(0); if (any_match != source_ports_map.end()) { return any_match->second.get(); } } return nullptr; } void FilterChainManagerImpl::convertIPsToTries() { for (auto& [destination_port, destination_ips_pair] : destination_ports_map_) { // These variables are used as we build up the destination CIDRs used for the trie. auto& [destination_ips_map, destination_ips_trie] = destination_ips_pair; std::vector>> destination_ips_list; destination_ips_list.reserve(destination_ips_map.size()); for (const auto& [destination_ip, server_names_map_ptr] : destination_ips_map) { destination_ips_list.push_back(makeCidrListEntry(destination_ip, server_names_map_ptr)); // This hugely nested for loop greatly pains me, but I'm not sure how to make it better. // We need to get access to all of the source IP strings so that we can convert them into // a trie like we did for the destination IPs above. for (auto& [server_name, transport_protocols_map] : *server_names_map_ptr) { for (auto& [transport_protocol, application_protocols_map] : transport_protocols_map) { for (auto& [application_protocol, source_arrays] : application_protocols_map) { for (auto& [source_ips_map, source_ips_trie] : source_arrays) { std::vector< std::pair>> source_ips_list; source_ips_list.reserve(source_ips_map.size()); for (auto& [source_ip, source_port_map_ptr] : source_ips_map) { source_ips_list.push_back(makeCidrListEntry(source_ip, source_port_map_ptr)); } source_ips_trie = std::make_unique(source_ips_list, true); } } } } } destination_ips_trie = std::make_unique(destination_ips_list, true); } } Network::DrainableFilterChainSharedPtr FilterChainManagerImpl::findExistingFilterChain( const envoy::config::listener::v3::FilterChain& filter_chain_message) { // Origin filter chain manager could be empty if the current is the ancestor. const auto* origin = getOriginFilterChainManager(); if (origin == nullptr) { return nullptr; } auto iter = origin->fc_contexts_.find(filter_chain_message); if (iter != origin->fc_contexts_.end()) { // copy the context to this filter chain manager. fc_contexts_.emplace(filter_chain_message, iter->second); return iter->second; } return nullptr; } Configuration::FilterChainFactoryContextPtr FilterChainManagerImpl::createFilterChainFactoryContext( const ::envoy::config::listener::v3::FilterChain* const filter_chain) { // TODO(lambdai): add stats UNREFERENCED_PARAMETER(filter_chain); return std::make_unique(parent_context_, init_manager_); } FactoryContextImpl::FactoryContextImpl(Server::Instance& server, const envoy::config::listener::v3::Listener& config, Network::DrainDecision& drain_decision, Stats::Scope& global_scope, Stats::Scope& listener_scope) : server_(server), config_(config), drain_decision_(drain_decision), global_scope_(global_scope), listener_scope_(listener_scope) {} AccessLog::AccessLogManager& FactoryContextImpl::accessLogManager() { return server_.accessLogManager(); } Upstream::ClusterManager& FactoryContextImpl::clusterManager() { return server_.clusterManager(); } Event::Dispatcher& FactoryContextImpl::dispatcher() { return server_.dispatcher(); } Grpc::Context& FactoryContextImpl::grpcContext() { return server_.grpcContext(); } bool FactoryContextImpl::healthCheckFailed() { return server_.healthCheckFailed(); } Http::Context& FactoryContextImpl::httpContext() { return server_.httpContext(); } Init::Manager& FactoryContextImpl::initManager() { return server_.initManager(); } const LocalInfo::LocalInfo& FactoryContextImpl::localInfo() const { return server_.localInfo(); } Envoy::Runtime::Loader& FactoryContextImpl::runtime() { return server_.runtime(); } Stats::Scope& FactoryContextImpl::scope() { return global_scope_; } Singleton::Manager& FactoryContextImpl::singletonManager() { return server_.singletonManager(); } OverloadManager& FactoryContextImpl::overloadManager() { return server_.overloadManager(); } ThreadLocal::SlotAllocator& FactoryContextImpl::threadLocal() { return server_.threadLocal(); } Admin& FactoryContextImpl::admin() { return server_.admin(); } TimeSource& FactoryContextImpl::timeSource() { return server_.timeSource(); } ProtobufMessage::ValidationContext& FactoryContextImpl::messageValidationContext() { return server_.messageValidationContext(); } ProtobufMessage::ValidationVisitor& FactoryContextImpl::messageValidationVisitor() { return server_.messageValidationContext().staticValidationVisitor(); } Api::Api& FactoryContextImpl::api() { return server_.api(); } ServerLifecycleNotifier& FactoryContextImpl::lifecycleNotifier() { return server_.lifecycleNotifier(); } ProcessContextOptRef FactoryContextImpl::processContext() { return server_.processContext(); } Configuration::ServerFactoryContext& FactoryContextImpl::getServerFactoryContext() const { return server_.serverFactoryContext(); } Configuration::TransportSocketFactoryContext& FactoryContextImpl::getTransportSocketFactoryContext() const { return server_.transportSocketFactoryContext(); } const envoy::config::core::v3::Metadata& FactoryContextImpl::listenerMetadata() const { return config_.metadata(); } envoy::config::core::v3::TrafficDirection FactoryContextImpl::direction() const { return config_.traffic_direction(); } Network::DrainDecision& FactoryContextImpl::drainDecision() { return drain_decision_; } Stats::Scope& FactoryContextImpl::listenerScope() { return listener_scope_; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/filter_chain_manager_impl.h ================================================ #pragma once #include #include #include #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/drain_decision.h" #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" #include "envoy/server/transport_socket_config.h" #include "envoy/thread_local/thread_local.h" #include "common/common/logger.h" #include "common/init/manager_impl.h" #include "common/network/cidr_range.h" #include "common/network/lc_trie.h" #include "server/filter_chain_factory_context_callback.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Server { class FilterChainFactoryBuilder { public: virtual ~FilterChainFactoryBuilder() = default; /** * @return Shared filter chain where builder is allowed to determine and reuse duplicated filter * chain. Throw exception if failed. */ virtual Network::DrainableFilterChainSharedPtr buildFilterChain(const envoy::config::listener::v3::FilterChain& filter_chain, FilterChainFactoryContextCreator& context_creator) const PURE; }; // PerFilterChainFactoryContextImpl is supposed to be used by network filter chain. // Its lifetime must cover the created network filter chain. // Its lifetime should be covered by the owned listeners so as to support replacing the active // filter chains in the listener. class PerFilterChainFactoryContextImpl : public Configuration::FilterChainFactoryContext, public Network::DrainDecision { public: explicit PerFilterChainFactoryContextImpl(Configuration::FactoryContext& parent_context, Init::Manager& init_manager); // DrainDecision bool drainClose() const override; // Configuration::FactoryContext AccessLog::AccessLogManager& accessLogManager() override; Upstream::ClusterManager& clusterManager() override; Event::Dispatcher& dispatcher() override; Network::DrainDecision& drainDecision() override; Grpc::Context& grpcContext() override; bool healthCheckFailed() override; Http::Context& httpContext() override; Init::Manager& initManager() override; const LocalInfo::LocalInfo& localInfo() const override; Envoy::Runtime::Loader& runtime() override; Stats::Scope& scope() override; Singleton::Manager& singletonManager() override; OverloadManager& overloadManager() override; ThreadLocal::SlotAllocator& threadLocal() override; Admin& admin() override; const envoy::config::core::v3::Metadata& listenerMetadata() const override; envoy::config::core::v3::TrafficDirection direction() const override; TimeSource& timeSource() override; ProtobufMessage::ValidationVisitor& messageValidationVisitor() override; ProtobufMessage::ValidationContext& messageValidationContext() override; Api::Api& api() override; ServerLifecycleNotifier& lifecycleNotifier() override; ProcessContextOptRef processContext() override; Configuration::ServerFactoryContext& getServerFactoryContext() const override; Configuration::TransportSocketFactoryContext& getTransportSocketFactoryContext() const override; Stats::Scope& listenerScope() override; void startDraining() override { is_draining_.store(true); } private: Configuration::FactoryContext& parent_context_; Init::Manager& init_manager_; std::atomic is_draining_{false}; }; class FilterChainImpl : public Network::DrainableFilterChain { public: FilterChainImpl(Network::TransportSocketFactoryPtr&& transport_socket_factory, std::vector&& filters_factory) : transport_socket_factory_(std::move(transport_socket_factory)), filters_factory_(std::move(filters_factory)) {} // Network::FilterChain const Network::TransportSocketFactory& transportSocketFactory() const override { return *transport_socket_factory_; } const std::vector& networkFilterFactories() const override { return filters_factory_; } void startDraining() override { factory_context_->startDraining(); } void setFilterChainFactoryContext( Configuration::FilterChainFactoryContextPtr filter_chain_factory_context) { ASSERT(factory_context_ == nullptr); factory_context_ = std::move(filter_chain_factory_context); } private: Configuration::FilterChainFactoryContextPtr factory_context_; const Network::TransportSocketFactoryPtr transport_socket_factory_; const std::vector filters_factory_; }; /** * Implementation of FactoryContext wrapping a Server::Instance and some listener components. */ class FactoryContextImpl : public Configuration::FactoryContext { public: FactoryContextImpl(Server::Instance& server, const envoy::config::listener::v3::Listener& config, Network::DrainDecision& drain_decision, Stats::Scope& global_scope, Stats::Scope& listener_scope); // Configuration::FactoryContext AccessLog::AccessLogManager& accessLogManager() override; Upstream::ClusterManager& clusterManager() override; Event::Dispatcher& dispatcher() override; Grpc::Context& grpcContext() override; bool healthCheckFailed() override; Http::Context& httpContext() override; Init::Manager& initManager() override; const LocalInfo::LocalInfo& localInfo() const override; Envoy::Runtime::Loader& runtime() override; Stats::Scope& scope() override; Singleton::Manager& singletonManager() override; OverloadManager& overloadManager() override; ThreadLocal::SlotAllocator& threadLocal() override; Admin& admin() override; TimeSource& timeSource() override; ProtobufMessage::ValidationContext& messageValidationContext() override; ProtobufMessage::ValidationVisitor& messageValidationVisitor() override; Api::Api& api() override; ServerLifecycleNotifier& lifecycleNotifier() override; ProcessContextOptRef processContext() override; Configuration::ServerFactoryContext& getServerFactoryContext() const override; Configuration::TransportSocketFactoryContext& getTransportSocketFactoryContext() const override; const envoy::config::core::v3::Metadata& listenerMetadata() const override; envoy::config::core::v3::TrafficDirection direction() const override; Network::DrainDecision& drainDecision() override; Stats::Scope& listenerScope() override; private: Server::Instance& server_; const envoy::config::listener::v3::Listener& config_; Network::DrainDecision& drain_decision_; Stats::Scope& global_scope_; Stats::Scope& listener_scope_; }; /** * Implementation of FilterChainManager. It owns and exchange filter chains. */ class FilterChainManagerImpl : public Network::FilterChainManager, public FilterChainFactoryContextCreator, Logger::Loggable { public: using FcContextMap = absl::flat_hash_map; FilterChainManagerImpl(const Network::Address::InstanceConstSharedPtr& address, Configuration::FactoryContext& factory_context, Init::Manager& init_manager) : address_(address), parent_context_(factory_context), init_manager_(init_manager) {} FilterChainManagerImpl(const Network::Address::InstanceConstSharedPtr& address, Configuration::FactoryContext& factory_context, Init::Manager& init_manager, const FilterChainManagerImpl& parent_manager); // FilterChainFactoryContextCreator Configuration::FilterChainFactoryContextPtr createFilterChainFactoryContext( const ::envoy::config::listener::v3::FilterChain* const filter_chain) override; // Network::FilterChainManager const Network::FilterChain* findFilterChain(const Network::ConnectionSocket& socket) const override; // Add all filter chains into this manager. During the lifetime of FilterChainManagerImpl this // should be called at most once. void addFilterChain( absl::Span filter_chain_span, FilterChainFactoryBuilder& b, FilterChainFactoryContextCreator& context_creator); static bool isWildcardServerName(const std::string& name); // Return the current view of filter chains, keyed by filter chain message. Used by the owning // listener to calculate the intersection of filter chains with another listener. const FcContextMap& filterChainsByMessage() const { return fc_contexts_; } private: void convertIPsToTries(); using SourcePortsMap = absl::flat_hash_map; using SourcePortsMapSharedPtr = std::shared_ptr; using SourceIPsMap = absl::flat_hash_map; using SourceIPsTrie = Network::LcTrie::LcTrie; using SourceIPsTriePtr = std::unique_ptr; using SourceTypesArray = std::array, 3>; using ApplicationProtocolsMap = absl::flat_hash_map; using TransportProtocolsMap = absl::flat_hash_map; // Both exact server names and wildcard domains are part of the same map, in which wildcard // domains are prefixed with "." (i.e. ".example.com" for "*.example.com") to differentiate // between exact and wildcard entries. using ServerNamesMap = absl::flat_hash_map; using ServerNamesMapSharedPtr = std::shared_ptr; using DestinationIPsMap = absl::flat_hash_map; using DestinationIPsTrie = Network::LcTrie::LcTrie; using DestinationIPsTriePtr = std::unique_ptr; using DestinationPortsMap = absl::flat_hash_map>; void addFilterChainForDestinationPorts( DestinationPortsMap& destination_ports_map, uint16_t destination_port, const std::vector& destination_ips, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForDestinationIPs( DestinationIPsMap& destination_ips_map, const std::vector& destination_ips, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForServerNames( ServerNamesMapSharedPtr& server_names_map_ptr, const absl::Span server_names, const std::string& transport_protocol, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForApplicationProtocols( ApplicationProtocolsMap& application_protocol_map, const absl::Span application_protocols, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForSourceTypes( SourceTypesArray& source_types_array, const envoy::config::listener::v3::FilterChainMatch::ConnectionSourceType source_type, const std::vector& source_ips, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForSourceIPs(SourceIPsMap& source_ips_map, const std::string& source_ip, const absl::Span source_ports, const Network::FilterChainSharedPtr& filter_chain); void addFilterChainForSourcePorts(SourcePortsMapSharedPtr& source_ports_map_ptr, uint32_t source_port, const Network::FilterChainSharedPtr& filter_chain); const Network::FilterChain* findFilterChainForDestinationIP(const DestinationIPsTrie& destination_ips_trie, const Network::ConnectionSocket& socket) const; const Network::FilterChain* findFilterChainForServerName(const ServerNamesMap& server_names_map, const Network::ConnectionSocket& socket) const; const Network::FilterChain* findFilterChainForTransportProtocol(const TransportProtocolsMap& transport_protocols_map, const Network::ConnectionSocket& socket) const; const Network::FilterChain* findFilterChainForApplicationProtocols(const ApplicationProtocolsMap& application_protocols_map, const Network::ConnectionSocket& socket) const; const Network::FilterChain* findFilterChainForSourceTypes(const SourceTypesArray& source_types, const Network::ConnectionSocket& socket) const; const Network::FilterChain* findFilterChainForSourceIpAndPort(const SourceIPsTrie& source_ips_trie, const Network::ConnectionSocket& socket) const; const FilterChainManagerImpl* getOriginFilterChainManager() { return origin_.value(); } // Duplicate the inherent factory context if any. Network::DrainableFilterChainSharedPtr findExistingFilterChain(const envoy::config::listener::v3::FilterChain& filter_chain_message); // Mapping from filter chain message to filter chain. This is used by LDS response handler to // detect the filter chains in the intersection of existing listener and new listener. FcContextMap fc_contexts_; // Mapping of FilterChain's configured destination ports, IPs, server names, transport protocols // and application protocols, using structures defined above. DestinationPortsMap destination_ports_map_; const Network::Address::InstanceConstSharedPtr address_; // This is the reference to a factory context which all the generations of listener share. Configuration::FactoryContext& parent_context_; std::list> factory_contexts_; // Reference to the previous generation of filter chain manager to share the filter chains. // Caution: only during warm up could the optional have value. absl::optional origin_{nullptr}; // For FilterChainFactoryContextCreator // init manager owned by the corresponding listener. The reference is valid when building the // filter chain. Init::Manager& init_manager_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/guarddog_impl.cc ================================================ #include "server/guarddog_impl.h" #include #include #include #include #include #include "envoy/common/time.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/server/configuration.h" #include "envoy/server/guarddog.h" #include "envoy/server/guarddog_config.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/common/lock_guard.h" #include "common/common/logger.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "common/stats/symbol_table_impl.h" #include "server/watchdog_impl.h" #include "absl/synchronization/mutex.h" namespace Envoy { namespace Server { GuardDogImpl::GuardDogImpl(Stats::Scope& stats_scope, const Server::Configuration::Watchdog& config, Api::Api& api, absl::string_view name, std::unique_ptr&& test_interlock) : test_interlock_hook_(std::move(test_interlock)), stats_scope_(stats_scope), time_source_(api.timeSource()), miss_timeout_(config.missTimeout()), megamiss_timeout_(config.megaMissTimeout()), kill_timeout_(config.killTimeout()), multi_kill_timeout_(config.multiKillTimeout()), multi_kill_fraction_(config.multiKillThreshold() / 100.0), loop_interval_([&]() -> std::chrono::milliseconds { // The loop interval is simply the minimum of all specified intervals, // but we must account for the 0=disabled case. This lambda takes care // of that and returns a value that initializes the const loop interval. const auto min_of_nonfatal = std::min(miss_timeout_, megamiss_timeout_); return std::min({killEnabled() ? kill_timeout_ : min_of_nonfatal, multikillEnabled() ? multi_kill_timeout_ : min_of_nonfatal, min_of_nonfatal}); }()), watchdog_miss_counter_(stats_scope.counterFromStatName( Stats::StatNameManagedStorage(absl::StrCat(name, ".watchdog_miss"), stats_scope.symbolTable()) .statName())), watchdog_megamiss_counter_(stats_scope.counterFromStatName( Stats::StatNameManagedStorage(absl::StrCat(name, ".watchdog_mega_miss"), stats_scope.symbolTable()) .statName())), dispatcher_(api.allocateDispatcher(absl::StrCat(name, "_guarddog_thread"))), loop_timer_(dispatcher_->createTimer([this]() { step(); })), events_to_actions_([&](const Server::Configuration::Watchdog& config) -> EventToActionsMap { EventToActionsMap map; // We should be able to share the dispatcher since guard dog's lifetime // should eclipse those of actions. Configuration::GuardDogActionFactoryContext context = {api, *dispatcher_, stats_scope, name}; const auto& actions = config.actions(); for (const auto& action : actions) { // Get factory and add the created cb auto& factory = Config::Utility::getAndCheckFactory( action.config()); map[action.event()].push_back(factory.createGuardDogActionFromProto(action, context)); } return map; }(config)), run_thread_(true) { start(api); } GuardDogImpl::GuardDogImpl(Stats::Scope& stats_scope, const Server::Configuration::Watchdog& config, Api::Api& api, absl::string_view name) : GuardDogImpl(stats_scope, config, api, name, std::make_unique()) {} GuardDogImpl::~GuardDogImpl() { stop(); } void GuardDogImpl::step() { { Thread::LockGuard guard(mutex_); if (!run_thread_) { return; } } const auto now = time_source_.monotonicTime(); std::vector> miss_threads; std::vector> mega_miss_threads; { std::vector> multi_kill_threads; Thread::LockGuard guard(wd_lock_); // Compute the multikill threshold const size_t required_for_multi_kill = std::max(static_cast(2), static_cast(ceil(multi_kill_fraction_ * watched_dogs_.size()))); for (auto& watched_dog : watched_dogs_) { const auto last_checkin = watched_dog->dog_->lastTouchTime(); const auto tid = watched_dog->dog_->threadId(); const auto delta = now - last_checkin; if (watched_dog->last_alert_time_ && watched_dog->last_alert_time_.value() < last_checkin) { watched_dog->miss_alerted_ = false; watched_dog->megamiss_alerted_ = false; } if (delta > miss_timeout_) { if (!watched_dog->miss_alerted_) { watchdog_miss_counter_.inc(); watched_dog->miss_counter_.inc(); watched_dog->last_alert_time_ = last_checkin; watched_dog->miss_alerted_ = true; miss_threads.emplace_back(tid, last_checkin); } } if (delta > megamiss_timeout_) { if (!watched_dog->megamiss_alerted_) { watchdog_megamiss_counter_.inc(); watched_dog->megamiss_counter_.inc(); watched_dog->last_alert_time_ = last_checkin; watched_dog->megamiss_alerted_ = true; mega_miss_threads.emplace_back(tid, last_checkin); } } if (killEnabled() && delta > kill_timeout_) { invokeGuardDogActions(WatchDogAction::KILL, {{tid, last_checkin}}, now); PANIC(fmt::format("GuardDog: one thread ({}) stuck for more than watchdog_kill_timeout", watched_dog->dog_->threadId().debugString())); } if (multikillEnabled() && delta > multi_kill_timeout_) { multi_kill_threads.emplace_back(tid, last_checkin); if (multi_kill_threads.size() >= required_for_multi_kill) { invokeGuardDogActions(WatchDogAction::MULTIKILL, multi_kill_threads, now); PANIC(fmt::format("GuardDog: At least {} threads ({},...) stuck for more than " "watchdog_multikill_timeout", multi_kill_threads.size(), tid.debugString())); } } } } // Run megamiss and miss handlers if (!mega_miss_threads.empty()) { invokeGuardDogActions(WatchDogAction::MEGAMISS, mega_miss_threads, now); } if (!miss_threads.empty()) { invokeGuardDogActions(WatchDogAction::MISS, miss_threads, now); } { Thread::LockGuard guard(mutex_); test_interlock_hook_->signalFromImpl(now); if (run_thread_) { loop_timer_->enableTimer(loop_interval_); } } } WatchDogSharedPtr GuardDogImpl::createWatchDog(Thread::ThreadId thread_id, const std::string& thread_name) { // Timer started by WatchDog will try to fire at 1/2 of the interval of the // minimum timeout specified. loop_interval_ is const so all shared state // accessed out of the locked section below is const (time_source_ has no // state). const auto wd_interval = loop_interval_ / 2; WatchDogSharedPtr new_watchdog = std::make_shared(std::move(thread_id), time_source_, wd_interval); WatchedDogPtr watched_dog = std::make_unique(stats_scope_, thread_name, new_watchdog); { Thread::LockGuard guard(wd_lock_); watched_dogs_.push_back(std::move(watched_dog)); } new_watchdog->touch(); return new_watchdog; } void GuardDogImpl::stopWatching(WatchDogSharedPtr wd) { Thread::LockGuard guard(wd_lock_); auto found_wd = std::find_if(watched_dogs_.begin(), watched_dogs_.end(), [&wd](const WatchedDogPtr& d) -> bool { return d->dog_ == wd; }); if (found_wd != watched_dogs_.end()) { watched_dogs_.erase(found_wd); } else { ASSERT(false); } } void GuardDogImpl::start(Api::Api& api) { Thread::LockGuard guard(mutex_); // See comments in WorkerImpl::start for the naming convention. Thread::Options options{absl::StrCat("dog:", dispatcher_->name())}; thread_ = api.threadFactory().createThread( [this]() -> void { dispatcher_->run(Event::Dispatcher::RunType::RunUntilExit); }, options); loop_timer_->enableTimer(std::chrono::milliseconds(0)); } void GuardDogImpl::stop() { { Thread::LockGuard guard(mutex_); run_thread_ = false; } dispatcher_->exit(); if (thread_) { thread_->join(); thread_.reset(); } } void GuardDogImpl::invokeGuardDogActions( WatchDogAction::WatchdogEvent event, std::vector> thread_last_checkin_pairs, MonotonicTime now) { const auto& registered_actions = events_to_actions_.find(event); if (registered_actions != events_to_actions_.end()) { for (auto& action : registered_actions->second) { action->run(event, thread_last_checkin_pairs, now); } } } GuardDogImpl::WatchedDog::WatchedDog(Stats::Scope& stats_scope, const std::string& thread_name, const WatchDogSharedPtr& watch_dog) : dog_(watch_dog), miss_counter_(stats_scope.counterFromStatName( Stats::StatNameManagedStorage(fmt::format("server.{}.watchdog_miss", thread_name), stats_scope.symbolTable()) .statName())), megamiss_counter_(stats_scope.counterFromStatName( Stats::StatNameManagedStorage(fmt::format("server.{}.watchdog_mega_miss", thread_name), stats_scope.symbolTable()) .statName())) {} } // namespace Server } // namespace Envoy ================================================ FILE: source/server/guarddog_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/event/timer.h" #include "envoy/server/configuration.h" #include "envoy/server/guarddog.h" #include "envoy/server/guarddog_config.h" #include "envoy/server/watchdog.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "common/common/lock_guard.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/event/libevent.h" #include "absl/types/optional.h" namespace Envoy { namespace Server { /** * This feature performs deadlock detection stats collection & enforcement. * * It launches a thread that scans at an interval the minimum of the configured * intervals. If it finds starved threads or suspected deadlocks it will take * the appropriate action depending on the config parameters described below. * * Thread lifetime is tied to GuardDog object lifetime (RAII style). */ class GuardDogImpl : public GuardDog { public: /** * Defines a test interlock hook to enable tests to synchronize the guard-dog * execution so they can probe current counter values. The default * implementation that runs in production has empty methods, which are * overridden in the implementation used during tests. */ class TestInterlockHook { public: virtual ~TestInterlockHook() = default; /** * Called from GuardDogImpl to indicate that it has evaluated all watch-dogs * up to a particular point in time. */ virtual void signalFromImpl(MonotonicTime) {} /** * Called from GuardDog tests to block until the implementation has reached * the desired point in time. */ virtual void waitFromTest(Thread::MutexBasicLockable&, MonotonicTime) {} }; /** * @param stats_scope Statistics scope to write watchdog_miss and * watchdog_mega_miss events into. * @param config Configuration object. * @param api API object. * @param test_interlock a hook for enabling interlock with unit tests. * * See the configuration documentation for details on the timeout settings. */ GuardDogImpl(Stats::Scope& stats_scope, const Server::Configuration::Watchdog& config, Api::Api& api, absl::string_view name, std::unique_ptr&& test_interlock); GuardDogImpl(Stats::Scope& stats_scope, const Server::Configuration::Watchdog& config, Api::Api& api, absl::string_view name); ~GuardDogImpl() override; /** * Exposed for testing purposes only (but harmless to call): */ const std::chrono::milliseconds loopIntervalForTest() const { return loop_interval_; } /** * Test hook to force a step() to catch up with the current simulated * time. This is inlined so that it does not need to be present in the * production binary. */ void forceCheckForTest() { Thread::LockGuard guard(mutex_); MonotonicTime now = time_source_.monotonicTime(); loop_timer_->enableTimer(std::chrono::milliseconds(0)); test_interlock_hook_->waitFromTest(mutex_, now); } // Server::GuardDog WatchDogSharedPtr createWatchDog(Thread::ThreadId thread_id, const std::string& thread_name) override; void stopWatching(WatchDogSharedPtr wd) override; private: void start(Api::Api& api); void step(); void stop(); // Per the C++ standard it is OK to use these in ctor initializer as long as // it is after kill and multikill timeout values are initialized. bool killEnabled() const { return kill_timeout_ > std::chrono::milliseconds(0); } bool multikillEnabled() const { return multi_kill_timeout_ > std::chrono::milliseconds(0); } using WatchDogAction = envoy::config::bootstrap::v3::Watchdog::WatchdogAction; // Helper function to invoke all the GuardDogActions registered for an Event. void invokeGuardDogActions( WatchDogAction::WatchdogEvent event, std::vector> thread_last_checkin_pairs, MonotonicTime now); struct WatchedDog { WatchedDog(Stats::Scope& stats_scope, const std::string& thread_name, const WatchDogSharedPtr& watch_dog); const WatchDogSharedPtr dog_; absl::optional last_alert_time_; bool miss_alerted_{}; bool megamiss_alerted_{}; Stats::Counter& miss_counter_; Stats::Counter& megamiss_counter_; }; using WatchedDogPtr = std::unique_ptr; std::unique_ptr test_interlock_hook_; Stats::Scope& stats_scope_; TimeSource& time_source_; const std::chrono::milliseconds miss_timeout_; const std::chrono::milliseconds megamiss_timeout_; const std::chrono::milliseconds kill_timeout_; const std::chrono::milliseconds multi_kill_timeout_; const double multi_kill_fraction_; const std::chrono::milliseconds loop_interval_; Stats::Counter& watchdog_miss_counter_; Stats::Counter& watchdog_megamiss_counter_; std::vector watched_dogs_ ABSL_GUARDED_BY(wd_lock_); Thread::MutexBasicLockable wd_lock_; Thread::ThreadPtr thread_; Event::DispatcherPtr dispatcher_; Event::TimerPtr loop_timer_; using EventToActionsMap = absl::flat_hash_map>; EventToActionsMap events_to_actions_; Thread::MutexBasicLockable mutex_; bool run_thread_ ABSL_GUARDED_BY(mutex_); }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restart.proto ================================================ syntax = "proto3"; package envoy; message HotRestartMessage { // Child->parent requests message Request { message PassListenSocket { string address = 1; } message ShutdownAdmin { } message Stats { } message DrainListeners { } message Terminate { } oneof request { PassListenSocket pass_listen_socket = 1; ShutdownAdmin shutdown_admin = 2; Stats stats = 3; DrainListeners drain_listeners = 4; Terminate terminate = 5; } } // Parent->child replies message Reply { message PassListenSocket { int32 fd = 1; } message ShutdownAdmin { uint64 original_start_time_unix_seconds = 1; } message Span { uint32 first = 1; uint32 last = 2; // inclusive } message RepeatedSpan { repeated Span spans = 1; } message Stats { // Values for server_stats, which don't fit with the "combination logic" approach. uint64 memory_allocated = 1; uint64 num_connections = 2; // Keys are fully qualified stat names. // // The amount added to the counter since the last time a message included the counter in this // map. (The first time a counter is included in this map, it's the amount added since the // final latch() before hot restart began). map counter_deltas = 3; // The parent's current values for various gauges in its stats store. map gauges = 4; // Maps the string representation of a StatName into an array of Spans, // which indicate which of the StatName tokens are dynamic. For example, // if we are recording a counter or gauge named "a.b.c.d.e.f", where "a", // and "d.e" were created from a StatNameDynamicPool, then we'd map // "a.b.c.d.e.f" to the span array [[0,0], [3,4]], where the [0,0] span // covers the "a", and the [3,4] span covers "d.e". map dynamics = 5; } oneof reply { // When this oneof is of the PassListenSocketReply type, there is a special // implied meaning: the recvmsg that got this proto has control data to make // the passing of the fd work, so make use of CMSG_SPACE etc. PassListenSocket pass_listen_socket = 1; ShutdownAdmin shutdown_admin = 2; Stats stats = 3; } } oneof requestreply { Request request = 1; Reply reply = 2; } bool didnt_recognize_your_last_message = 3; } ================================================ FILE: source/server/hot_restart_impl.cc ================================================ #include "server/hot_restart_impl.h" #include #include #include #include #include #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" #include "envoy/server/instance.h" #include "common/api/os_sys_calls_impl.h" #include "common/api/os_sys_calls_impl_hot_restart.h" #include "common/common/fmt.h" #include "common/common/lock_guard.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Server { SharedMemory* attachSharedMemory(uint32_t base_id, uint32_t restart_epoch) { Api::OsSysCalls& os_sys_calls = Api::OsSysCallsSingleton::get(); Api::HotRestartOsSysCalls& hot_restart_os_sys_calls = Api::HotRestartOsSysCallsSingleton::get(); int flags = O_RDWR; const std::string shmem_name = fmt::format("/envoy_shared_memory_{}", base_id); if (restart_epoch == 0) { flags |= O_CREAT | O_EXCL; // If we are meant to be first, attempt to unlink a previous shared memory instance. If this // is a clean restart this should then allow the shm_open() call below to succeed. hot_restart_os_sys_calls.shmUnlink(shmem_name.c_str()); } const Api::SysCallIntResult result = hot_restart_os_sys_calls.shmOpen(shmem_name.c_str(), flags, S_IRUSR | S_IWUSR); if (result.rc_ == -1) { PANIC(fmt::format("cannot open shared memory region {} check user permissions. Error: {}", shmem_name, errorDetails(result.errno_))); } if (restart_epoch == 0) { const Api::SysCallIntResult truncateRes = os_sys_calls.ftruncate(result.rc_, sizeof(SharedMemory)); RELEASE_ASSERT(truncateRes.rc_ != -1, ""); } const Api::SysCallPtrResult mmapRes = os_sys_calls.mmap( nullptr, sizeof(SharedMemory), PROT_READ | PROT_WRITE, MAP_SHARED, result.rc_, 0); SharedMemory* shmem = reinterpret_cast(mmapRes.rc_); RELEASE_ASSERT(shmem != MAP_FAILED, ""); RELEASE_ASSERT((reinterpret_cast(shmem) % alignof(decltype(shmem))) == 0, ""); if (restart_epoch == 0) { shmem->size_ = sizeof(SharedMemory); shmem->version_ = HOT_RESTART_VERSION; initializeMutex(shmem->log_lock_); initializeMutex(shmem->access_log_lock_); } else { RELEASE_ASSERT(shmem->size_ == sizeof(SharedMemory), "Hot restart SharedMemory size mismatch! You must have hot restarted into a " "not-hot-restart-compatible new version of Envoy."); RELEASE_ASSERT(shmem->version_ == HOT_RESTART_VERSION, "Hot restart version mismatch! You must have hot restarted into a " "not-hot-restart-compatible new version of Envoy."); } // Here we catch the case where a new Envoy starts up when the current Envoy has not yet fully // initialized. The startup logic is quite complicated, and it's not worth trying to handle this // in a finer way. This will cause the startup to fail with an error code early, without // affecting any currently running processes. The process runner should try again later with some // back off and with the same hot restart epoch number. uint64_t old_flags = shmem->flags_.fetch_or(SHMEM_FLAGS_INITIALIZING); if (old_flags & SHMEM_FLAGS_INITIALIZING) { throw EnvoyException("previous envoy process is still initializing"); } return shmem; } void initializeMutex(pthread_mutex_t& mutex) { pthread_mutexattr_t attribute; pthread_mutexattr_init(&attribute); pthread_mutexattr_setpshared(&attribute, PTHREAD_PROCESS_SHARED); pthread_mutexattr_setrobust(&attribute, PTHREAD_MUTEX_ROBUST); pthread_mutex_init(&mutex, &attribute); } // The base id is automatically scaled by 10 to prevent overlap of domain socket names when // multiple Envoys with different base-ids run on a single host. Note that older versions of Envoy // performed the multiplication in OptionsImpl which produced incorrect server info output. // TODO(zuercher): ideally, the base_id would be separated from the restart_epoch in // the socket names to entirely prevent collisions between consecutive base ids. HotRestartImpl::HotRestartImpl(uint32_t base_id, uint32_t restart_epoch, const std::string& socket_path, mode_t socket_mode) : base_id_(base_id), scaled_base_id_(base_id * 10), as_child_(HotRestartingChild(scaled_base_id_, restart_epoch, socket_path, socket_mode)), as_parent_(HotRestartingParent(scaled_base_id_, restart_epoch, socket_path, socket_mode)), shmem_(attachSharedMemory(scaled_base_id_, restart_epoch)), log_lock_(shmem_->log_lock_), access_log_lock_(shmem_->access_log_lock_) { // If our parent ever goes away just terminate us so that we don't have to rely on ops/launching // logic killing the entire process tree. We should never exist without our parent. int rc = prctl(PR_SET_PDEATHSIG, SIGTERM); RELEASE_ASSERT(rc != -1, ""); } void HotRestartImpl::drainParentListeners() { as_child_.drainParentListeners(); // At this point we are initialized and a new Envoy can startup if needed. shmem_->flags_ &= ~SHMEM_FLAGS_INITIALIZING; } int HotRestartImpl::duplicateParentListenSocket(const std::string& address) { return as_child_.duplicateParentListenSocket(address); } void HotRestartImpl::initialize(Event::Dispatcher& dispatcher, Server::Instance& server) { as_parent_.initialize(dispatcher, server); } void HotRestartImpl::sendParentAdminShutdownRequest(time_t& original_start_time) { as_child_.sendParentAdminShutdownRequest(original_start_time); } void HotRestartImpl::sendParentTerminateRequest() { as_child_.sendParentTerminateRequest(); } HotRestart::ServerStatsFromParent HotRestartImpl::mergeParentStatsIfAny(Stats::StoreRoot& stats_store) { std::unique_ptr wrapper_msg = as_child_.getParentStats(); ServerStatsFromParent response; // getParentStats() will happily and cleanly return nullptr if we have no parent. if (wrapper_msg) { as_child_.mergeParentStats(stats_store, wrapper_msg->reply().stats()); response.parent_memory_allocated_ = wrapper_msg->reply().stats().memory_allocated(); response.parent_connections_ = wrapper_msg->reply().stats().num_connections(); } return response; } void HotRestartImpl::shutdown() { as_parent_.shutdown(); } uint32_t HotRestartImpl::baseId() { return base_id_; } std::string HotRestartImpl::version() { return hotRestartVersion(); } std::string HotRestartImpl::hotRestartVersion() { return fmt::format("{}.{}", HOT_RESTART_VERSION, sizeof(SharedMemory)); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restart_impl.h ================================================ #pragma once #include #include #include #include #include #include #include "envoy/common/platform.h" #include "envoy/server/hot_restart.h" #include "common/common/assert.h" #include "common/stats/allocator_impl.h" #include "server/hot_restarting_child.h" #include "server/hot_restarting_parent.h" namespace Envoy { namespace Server { // Increment this whenever there is a shared memory / RPC change that will prevent a hot restart // from working. Operations code can then cope with this and do a full restart. const uint64_t HOT_RESTART_VERSION = 11; /** * Shared memory segment. This structure is laid directly into shared memory and is used amongst * all running envoy processes. */ struct SharedMemory { uint64_t size_; uint64_t version_; pthread_mutex_t log_lock_; pthread_mutex_t access_log_lock_; std::atomic flags_; }; static const uint64_t SHMEM_FLAGS_INITIALIZING = 0x1; /** * Initialize the shared memory segment, depending on whether we are the first running * envoy, or a host restarted envoy process. * * @param base_id uint32_t that is the base id flag used to start this Envoy. * @param restart_epoch uint32_t the restart epoch flag used to start this Envoy. */ SharedMemory* attachSharedMemory(uint32_t base_id, uint32_t restart_epoch); /** * Initialize a pthread mutex for process shared locking. */ void initializeMutex(pthread_mutex_t& mutex); /** * Implementation of Thread::BasicLockable that operates on a process shared pthread mutex. */ class ProcessSharedMutex : public Thread::BasicLockable { public: ProcessSharedMutex(pthread_mutex_t& mutex) : mutex_(mutex) {} void lock() ABSL_EXCLUSIVE_LOCK_FUNCTION() override { // Deal with robust handling here. If the other process dies without unlocking, we are going // to die shortly but try to make sure that we can handle any signals, etc. that happen without // getting into a further messed up state. int rc = pthread_mutex_lock(&mutex_); ASSERT(rc == 0 || rc == EOWNERDEAD); if (rc == EOWNERDEAD) { pthread_mutex_consistent(&mutex_); } } bool tryLock() ABSL_EXCLUSIVE_TRYLOCK_FUNCTION(true) override { int rc = pthread_mutex_trylock(&mutex_); if (rc == EBUSY) { return false; } ASSERT(rc == 0 || rc == EOWNERDEAD); if (rc == EOWNERDEAD) { pthread_mutex_consistent(&mutex_); } return true; } void unlock() ABSL_UNLOCK_FUNCTION() override { int rc = pthread_mutex_unlock(&mutex_); ASSERT(rc == 0); } private: pthread_mutex_t& mutex_; }; /** * Implementation of HotRestart built for Linux. Most of the "protocol" type logic is split out into * HotRestarting{Base,Parent,Child}. This class ties all that to shared memory and version logic. */ class HotRestartImpl : public HotRestart { public: HotRestartImpl(uint32_t base_id, uint32_t restart_epoch, const std::string& socket_path, mode_t socket_mode); // Server::HotRestart void drainParentListeners() override; int duplicateParentListenSocket(const std::string& address) override; void initialize(Event::Dispatcher& dispatcher, Server::Instance& server) override; void sendParentAdminShutdownRequest(time_t& original_start_time) override; void sendParentTerminateRequest() override; ServerStatsFromParent mergeParentStatsIfAny(Stats::StoreRoot& stats_store) override; void shutdown() override; uint32_t baseId() override; std::string version() override; Thread::BasicLockable& logLock() override { return log_lock_; } Thread::BasicLockable& accessLogLock() override { return access_log_lock_; } /** * envoy --hot_restart_version doesn't initialize Envoy, but computes the version string * based on the configured options. */ static std::string hotRestartVersion(); private: uint32_t base_id_; uint32_t scaled_base_id_; HotRestartingChild as_child_; HotRestartingParent as_parent_; // This pointer is shared memory, and is expected to exist until process end. // It will automatically be unmapped when the process terminates. SharedMemory* shmem_; ProcessSharedMutex log_lock_; ProcessSharedMutex access_log_lock_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restart_nop_impl.h ================================================ #pragma once #include #include "envoy/server/hot_restart.h" #include "common/common/thread.h" #include "common/stats/allocator_impl.h" namespace Envoy { namespace Server { /** * No-op implementation of HotRestart. */ class HotRestartNopImpl : public Server::HotRestart { public: // Server::HotRestart void drainParentListeners() override {} int duplicateParentListenSocket(const std::string&) override { return -1; } void initialize(Event::Dispatcher&, Server::Instance&) override {} void sendParentAdminShutdownRequest(time_t&) override {} void sendParentTerminateRequest() override {} ServerStatsFromParent mergeParentStatsIfAny(Stats::StoreRoot&) override { return {}; } void shutdown() override {} uint32_t baseId() override { return 0; } std::string version() override { return "disabled"; } Thread::BasicLockable& logLock() override { return log_lock_; } Thread::BasicLockable& accessLogLock() override { return access_log_lock_; } private: Thread::MutexBasicLockable log_lock_; Thread::MutexBasicLockable access_log_lock_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_base.cc ================================================ #include "server/hot_restarting_base.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/utility.h" #include "common/network/address_impl.h" #include "common/stats/utility.h" namespace Envoy { namespace Server { using HotRestartMessage = envoy::HotRestartMessage; static constexpr uint64_t MaxSendmsgSize = 4096; HotRestartingBase::~HotRestartingBase() { if (my_domain_socket_ != -1) { Api::OsSysCalls& os_sys_calls = Api::OsSysCallsSingleton::get(); Api::SysCallIntResult result = os_sys_calls.close(my_domain_socket_); ASSERT(result.rc_ == 0); } } void HotRestartingBase::initDomainSocketAddress(sockaddr_un* address) { memset(address, 0, sizeof(*address)); address->sun_family = AF_UNIX; } sockaddr_un HotRestartingBase::createDomainSocketAddress(uint64_t id, const std::string& role, const std::string& socket_path, mode_t socket_mode) { // Right now we only allow a maximum of 3 concurrent envoy processes to be running. When the third // starts up it will kill the oldest parent. static constexpr uint64_t MaxConcurrentProcesses = 3; id = id % MaxConcurrentProcesses; sockaddr_un address; initDomainSocketAddress(&address); Network::Address::PipeInstance addr(fmt::format(socket_path + "_{}_{}", role, base_id_ + id), socket_mode, nullptr); memcpy(&address, addr.sockAddr(), addr.sockAddrLen()); fchmod(my_domain_socket_, socket_mode); return address; } void HotRestartingBase::bindDomainSocket(uint64_t id, const std::string& role, const std::string& socket_path, mode_t socket_mode) { Api::OsSysCalls& os_sys_calls = Api::OsSysCallsSingleton::get(); // This actually creates the socket and binds it. We use the socket in datagram mode so we can // easily read single messages. my_domain_socket_ = socket(AF_UNIX, SOCK_DGRAM | SOCK_NONBLOCK, 0); sockaddr_un address = createDomainSocketAddress(id, role, socket_path, socket_mode); unlink(address.sun_path); Api::SysCallIntResult result = os_sys_calls.bind(my_domain_socket_, reinterpret_cast(&address), sizeof(address)); if (result.rc_ != 0) { const auto msg = fmt::format( "unable to bind domain socket with base_id={}, id={}, errno={} (see --base-id option)", base_id_, id, result.errno_); if (result.errno_ == SOCKET_ERROR_ADDR_IN_USE) { throw HotRestartDomainSocketInUseException(msg); } throw EnvoyException(msg); } } void HotRestartingBase::sendHotRestartMessage(sockaddr_un& address, const HotRestartMessage& proto) { const uint64_t serialized_size = proto.ByteSizeLong(); const uint64_t total_size = sizeof(uint64_t) + serialized_size; // Fill with uint64_t 'length' followed by the serialized HotRestartMessage. std::vector send_buf; send_buf.resize(total_size); *reinterpret_cast(send_buf.data()) = htobe64(serialized_size); RELEASE_ASSERT(proto.SerializeWithCachedSizesToArray(send_buf.data() + sizeof(uint64_t)), "failed to serialize a HotRestartMessage"); RELEASE_ASSERT(fcntl(my_domain_socket_, F_SETFL, 0) != -1, fmt::format("Set domain socket blocking failed, errno = {}", errno)); uint8_t* next_byte_to_send = send_buf.data(); uint64_t sent = 0; while (sent < total_size) { const uint64_t cur_chunk_size = std::min(MaxSendmsgSize, total_size - sent); iovec iov[1]; iov[0].iov_base = next_byte_to_send; iov[0].iov_len = cur_chunk_size; next_byte_to_send += cur_chunk_size; sent += cur_chunk_size; msghdr message; memset(&message, 0, sizeof(message)); message.msg_name = &address; message.msg_namelen = sizeof(address); message.msg_iov = iov; message.msg_iovlen = 1; // Control data stuff, only relevant for the fd passing done with PassListenSocketReply. uint8_t control_buffer[CMSG_SPACE(sizeof(int))]; if (replyIsExpectedType(&proto, HotRestartMessage::Reply::kPassListenSocket) && proto.reply().pass_listen_socket().fd() != -1) { memset(control_buffer, 0, CMSG_SPACE(sizeof(int))); message.msg_control = control_buffer; message.msg_controllen = CMSG_SPACE(sizeof(int)); cmsghdr* control_message = CMSG_FIRSTHDR(&message); control_message->cmsg_level = SOL_SOCKET; control_message->cmsg_type = SCM_RIGHTS; control_message->cmsg_len = CMSG_LEN(sizeof(int)); *reinterpret_cast(CMSG_DATA(control_message)) = proto.reply().pass_listen_socket().fd(); ASSERT(sent == total_size, "an fd passing message was too long for one sendmsg()."); } const int rc = sendmsg(my_domain_socket_, &message, 0); RELEASE_ASSERT(rc == static_cast(cur_chunk_size), fmt::format("hot restart sendmsg() failed: returned {}, errno {}", rc, errno)); } RELEASE_ASSERT(fcntl(my_domain_socket_, F_SETFL, O_NONBLOCK) != -1, fmt::format("Set domain socket nonblocking failed, errno = {}", errno)); } bool HotRestartingBase::replyIsExpectedType(const HotRestartMessage* proto, HotRestartMessage::Reply::ReplyCase oneof_type) const { return proto != nullptr && proto->requestreply_case() == HotRestartMessage::kReply && proto->reply().reply_case() == oneof_type; } // Pull the cloned fd, if present, out of the control data and write it into the // PassListenSocketReply proto; the higher level code will see a listening fd that Just Works. We // should only get control data in a PassListenSocketReply, it should only be the fd passing type, // and there should only be one at a time. Crash on any other control data. void HotRestartingBase::getPassedFdIfPresent(HotRestartMessage* out, msghdr* message) { cmsghdr* cmsg = CMSG_FIRSTHDR(message); if (cmsg != nullptr) { RELEASE_ASSERT(cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS && replyIsExpectedType(out, HotRestartMessage::Reply::kPassListenSocket), "recvmsg() came with control data when the message's purpose was not to pass a " "file descriptor."); out->mutable_reply()->mutable_pass_listen_socket()->set_fd( *reinterpret_cast(CMSG_DATA(cmsg))); RELEASE_ASSERT(CMSG_NXTHDR(message, cmsg) == nullptr, "More than one control data on a single hot restart recvmsg()."); } } // While in use, recv_buf_ is always >= MaxSendmsgSize. In between messages, it is kept empty, // to be grown back to MaxSendmsgSize at the start of the next message. void HotRestartingBase::initRecvBufIfNewMessage() { if (recv_buf_.empty()) { ASSERT(cur_msg_recvd_bytes_ == 0); ASSERT(!expected_proto_length_.has_value()); recv_buf_.resize(MaxSendmsgSize); } } // Must only be called when recv_buf_ contains a full proto. Returns that proto, and resets all of // our receive-buffering state back to empty, to await a new message. std::unique_ptr HotRestartingBase::parseProtoAndResetState() { auto ret = std::make_unique(); RELEASE_ASSERT( ret->ParseFromArray(recv_buf_.data() + sizeof(uint64_t), expected_proto_length_.value()), "failed to parse a HotRestartMessage."); recv_buf_.resize(0); cur_msg_recvd_bytes_ = 0; expected_proto_length_.reset(); return ret; } std::unique_ptr HotRestartingBase::receiveHotRestartMessage(Blocking block) { // By default the domain socket is non blocking. If we need to block, make it blocking first. if (block == Blocking::Yes) { RELEASE_ASSERT(fcntl(my_domain_socket_, F_SETFL, 0) != -1, fmt::format("Set domain socket blocking failed, errno = {}", errno)); } initRecvBufIfNewMessage(); iovec iov[1]; msghdr message; uint8_t control_buffer[CMSG_SPACE(sizeof(int))]; std::unique_ptr ret = nullptr; while (!ret) { iov[0].iov_base = recv_buf_.data() + cur_msg_recvd_bytes_; iov[0].iov_len = MaxSendmsgSize; // We always setup to receive an FD even though most messages do not pass one. memset(control_buffer, 0, CMSG_SPACE(sizeof(int))); memset(&message, 0, sizeof(message)); message.msg_iov = iov; message.msg_iovlen = 1; message.msg_control = control_buffer; message.msg_controllen = CMSG_SPACE(sizeof(int)); const int recvmsg_rc = recvmsg(my_domain_socket_, &message, 0); if (block == Blocking::No && recvmsg_rc == -1 && errno == SOCKET_ERROR_AGAIN) { return nullptr; } RELEASE_ASSERT(recvmsg_rc != -1, fmt::format("recvmsg() returned -1, errno = {}", errno)); RELEASE_ASSERT(message.msg_flags == 0, fmt::format("recvmsg() left msg_flags = {}", message.msg_flags)); cur_msg_recvd_bytes_ += recvmsg_rc; // If we don't already know 'length', we're at the start of a new length+protobuf message! if (!expected_proto_length_.has_value()) { // We are not ok with messages so fragmented that the length doesn't even come in one piece. RELEASE_ASSERT(recvmsg_rc >= 8, "received a brokenly tiny message fragment."); expected_proto_length_ = be64toh(*reinterpret_cast(recv_buf_.data())); // Expand the buffer from its default 4096 if this message is going to be longer. if (expected_proto_length_.value() > MaxSendmsgSize - sizeof(uint64_t)) { recv_buf_.resize(expected_proto_length_.value() + sizeof(uint64_t)); cur_msg_recvd_bytes_ = recvmsg_rc; } } // If we have received beyond the end of the current in-flight proto, then next is misaligned. RELEASE_ASSERT(cur_msg_recvd_bytes_ <= sizeof(uint64_t) + expected_proto_length_.value(), "received a length+protobuf message not aligned to start of sendmsg()."); if (cur_msg_recvd_bytes_ == sizeof(uint64_t) + expected_proto_length_.value()) { ret = parseProtoAndResetState(); } } // Turn non-blocking back on if we made it blocking. if (block == Blocking::Yes) { RELEASE_ASSERT(fcntl(my_domain_socket_, F_SETFL, O_NONBLOCK) != -1, fmt::format("Set domain socket nonblocking failed, errno = {}", errno)); } getPassedFdIfPresent(ret.get(), &message); return ret; } Stats::Gauge& HotRestartingBase::hotRestartGeneration(Stats::Scope& scope) { // Track the hot-restart generation. Using gauge's accumulate semantics, // the increments will be combined across hot-restart. This may be useful // at some point, though the main motivation for this stat is to enable // an integration test showing that dynamic stat-names can be coalesced // across hot-restarts. There's no other reason this particular stat-name // needs to be created dynamically. // // Note also, this stat cannot currently be represented as a counter due to // the way stats get latched on sink update. See the comment in // InstanceUtil::flushMetricsToSinks. return Stats::Utility::gaugeFromElements(scope, {Stats::DynamicName("server.hot_restart_generation")}, Stats::Gauge::ImportMode::Accumulate); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_base.h ================================================ #pragma once #include #include #include #include #include #include #include #include #include "envoy/common/platform.h" #include "envoy/server/hot_restart.h" #include "envoy/server/options.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" namespace Envoy { namespace Server { /** * Logic shared by the implementations of both sides of the child<-->parent hot restart protocol: * domain socket communication, and our ad hoc RPC protocol. */ class HotRestartingBase { protected: HotRestartingBase(uint64_t base_id) : base_id_(base_id) {} ~HotRestartingBase(); void initDomainSocketAddress(sockaddr_un* address); sockaddr_un createDomainSocketAddress(uint64_t id, const std::string& role, const std::string& socket_path, mode_t socket_mode); void bindDomainSocket(uint64_t id, const std::string& role, const std::string& socket_path, mode_t socket_mode); int myDomainSocket() const { return my_domain_socket_; } // Protocol description: // // In each direction between parent<-->child, a series of pairs of: // A uint64 'length' (bytes in network order), // followed by 'length' bytes of a serialized HotRestartMessage. // Each new message must start in a new sendmsg datagram, i.e. 'length' must always start at byte // 0. Each sendmsg datagram can be up to 4096 bytes (including 'length' if present). When the // serialized protobuf is longer than 4096-8 bytes, and so cannot fit in just one datagram, it is // delivered by a series of datagrams. In each of these continuation datagrams, the protobuf data // starts at byte 0. // // There is no mechanism to explicitly pair responses to requests. However, the child initiates // all exchanges, and blocks until a reply is received, so there is implicit pairing. void sendHotRestartMessage(sockaddr_un& address, const envoy::HotRestartMessage& proto); enum class Blocking { Yes, No }; // Receive data, possibly enough to build one of our protocol messages. // If block is true, blocks until a full protocol message is available. // If block is false, returns nullptr if we run out of data to receive before a full protocol // message is available. In either case, the HotRestartingBase may end up buffering some data for // the next protocol message, even if the function returns a protobuf. std::unique_ptr receiveHotRestartMessage(Blocking block); bool replyIsExpectedType(const envoy::HotRestartMessage* proto, envoy::HotRestartMessage::Reply::ReplyCase oneof_type) const; // Returns a Gauge that tracks hot-restart generation, where every successive // child increments this number. static Stats::Gauge& hotRestartGeneration(Stats::Scope& scope); private: void getPassedFdIfPresent(envoy::HotRestartMessage* out, msghdr* message); std::unique_ptr parseProtoAndResetState(); void initRecvBufIfNewMessage(); // An int in [0, MaxConcurrentProcesses). As hot restarts happen, each next process gets the // next of 0,1,2,0,1,... // A HotRestartingBase's domain socket's name contains its base_id_ value, and so we can use // this value to determine which domain socket name to treat as our parent, and which to treat as // our child. (E.g. if we are 2, 1 is parent and 0 is child). const uint64_t base_id_; int my_domain_socket_{-1}; // State for the receiving half of the protocol. // // When filled, the size in bytes that the in-flight HotRestartMessage should be. // When empty, we're ready to start receiving a new message (starting with a uint64 'length'). absl::optional expected_proto_length_; // How much of the current in-flight message (including both the uint64 'length', plus the proto // itself) we have received. Once this equals expected_proto_length_ + sizeof(uint64_t), we're // ready to parse the HotRestartMessage. Should be set to 0 in between messages, to indicate // readiness for a new message. uint64_t cur_msg_recvd_bytes_{}; // The first 8 bytes will always be the raw net-order bytes of the current value of // expected_proto_length_. The protobuf partial data starts at byte 8. // Should be resized to 0 in between messages, to indicate readiness for a new message. std::vector recv_buf_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_child.cc ================================================ #include "server/hot_restarting_child.h" #include "common/common/utility.h" namespace Envoy { namespace Server { using HotRestartMessage = envoy::HotRestartMessage; HotRestartingChild::HotRestartingChild(int base_id, int restart_epoch, const std::string& socket_path, mode_t socket_mode) : HotRestartingBase(base_id), restart_epoch_(restart_epoch) { initDomainSocketAddress(&parent_address_); if (restart_epoch_ != 0) { parent_address_ = createDomainSocketAddress(restart_epoch_ + -1, "parent", socket_path, socket_mode); } bindDomainSocket(restart_epoch_, "child", socket_path, socket_mode); } int HotRestartingChild::duplicateParentListenSocket(const std::string& address) { if (restart_epoch_ == 0 || parent_terminated_) { return -1; } HotRestartMessage wrapped_request; wrapped_request.mutable_request()->mutable_pass_listen_socket()->set_address(address); sendHotRestartMessage(parent_address_, wrapped_request); std::unique_ptr wrapped_reply = receiveHotRestartMessage(Blocking::Yes); if (!replyIsExpectedType(wrapped_reply.get(), HotRestartMessage::Reply::kPassListenSocket)) { return -1; } return wrapped_reply->reply().pass_listen_socket().fd(); } std::unique_ptr HotRestartingChild::getParentStats() { if (restart_epoch_ == 0 || parent_terminated_) { return nullptr; } HotRestartMessage wrapped_request; wrapped_request.mutable_request()->mutable_stats(); sendHotRestartMessage(parent_address_, wrapped_request); std::unique_ptr wrapped_reply = receiveHotRestartMessage(Blocking::Yes); RELEASE_ASSERT(replyIsExpectedType(wrapped_reply.get(), HotRestartMessage::Reply::kStats), "Hot restart parent did not respond as expected to get stats request."); return wrapped_reply; } void HotRestartingChild::drainParentListeners() { if (restart_epoch_ == 0 || parent_terminated_) { return; } // No reply expected. HotRestartMessage wrapped_request; wrapped_request.mutable_request()->mutable_drain_listeners(); sendHotRestartMessage(parent_address_, wrapped_request); } void HotRestartingChild::sendParentAdminShutdownRequest(time_t& original_start_time) { if (restart_epoch_ == 0 || parent_terminated_) { return; } HotRestartMessage wrapped_request; wrapped_request.mutable_request()->mutable_shutdown_admin(); sendHotRestartMessage(parent_address_, wrapped_request); std::unique_ptr wrapped_reply = receiveHotRestartMessage(Blocking::Yes); RELEASE_ASSERT(replyIsExpectedType(wrapped_reply.get(), HotRestartMessage::Reply::kShutdownAdmin), "Hot restart parent did not respond as expected to ShutdownParentAdmin."); original_start_time = wrapped_reply->reply().shutdown_admin().original_start_time_unix_seconds(); } void HotRestartingChild::sendParentTerminateRequest() { if (restart_epoch_ == 0 || parent_terminated_) { return; } HotRestartMessage wrapped_request; wrapped_request.mutable_request()->mutable_terminate(); sendHotRestartMessage(parent_address_, wrapped_request); parent_terminated_ = true; // Note that the 'generation' counter needs to retain the contribution from // the parent. stat_merger_->retainParentGaugeValue(hot_restart_generation_stat_name_); // Now it is safe to forget our stat transferral state. // // This destruction is actually important far beyond memory efficiency. The // scope-based temporary counter logic relies on the StatMerger getting // destroyed once hot restart's stat merging is all done. (See stat_merger.h // for details). stat_merger_.reset(); } void HotRestartingChild::mergeParentStats(Stats::Store& stats_store, const HotRestartMessage::Reply::Stats& stats_proto) { if (!stat_merger_) { stat_merger_ = std::make_unique(stats_store); hot_restart_generation_stat_name_ = hotRestartGeneration(stats_store).statName(); } // Convert the protobuf for serialized dynamic spans into the structure // required by StatMerger. Stats::StatMerger::DynamicsMap dynamics; for (const auto& iter : stats_proto.dynamics()) { Stats::DynamicSpans& spans = dynamics[iter.first]; for (int i = 0; i < iter.second.spans_size(); ++i) { const HotRestartMessage::Reply::Span& span_proto = iter.second.spans(i); spans.push_back(Stats::DynamicSpan(span_proto.first(), span_proto.last())); } } stat_merger_->mergeStats(stats_proto.counter_deltas(), stats_proto.gauges(), dynamics); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_child.h ================================================ #pragma once #include "common/stats/stat_merger.h" #include "server/hot_restarting_base.h" namespace Envoy { namespace Server { /** * The child half of hot restarting. Issues requests and commands to the parent. */ class HotRestartingChild : HotRestartingBase, Logger::Loggable { public: HotRestartingChild(int base_id, int restart_epoch, const std::string& socket_path, mode_t socket_mode); int duplicateParentListenSocket(const std::string& address); std::unique_ptr getParentStats(); void drainParentListeners(); void sendParentAdminShutdownRequest(time_t& original_start_time); void sendParentTerminateRequest(); void mergeParentStats(Stats::Store& stats_store, const envoy::HotRestartMessage::Reply::Stats& stats_proto); private: const int restart_epoch_; bool parent_terminated_{}; sockaddr_un parent_address_; std::unique_ptr stat_merger_{}; Stats::StatName hot_restart_generation_stat_name_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_parent.cc ================================================ #include "server/hot_restarting_parent.h" #include "envoy/server/instance.h" #include "common/memory/stats.h" #include "common/network/utility.h" #include "common/stats/stat_merger.h" #include "common/stats/symbol_table_impl.h" #include "common/stats/utility.h" #include "server/listener_impl.h" namespace Envoy { namespace Server { using HotRestartMessage = envoy::HotRestartMessage; HotRestartingParent::HotRestartingParent(int base_id, int restart_epoch, const std::string& socket_path, mode_t socket_mode) : HotRestartingBase(base_id), restart_epoch_(restart_epoch) { child_address_ = createDomainSocketAddress(restart_epoch_ + 1, "child", socket_path, socket_mode); bindDomainSocket(restart_epoch_, "parent", socket_path, socket_mode); } void HotRestartingParent::initialize(Event::Dispatcher& dispatcher, Server::Instance& server) { socket_event_ = dispatcher.createFileEvent( myDomainSocket(), [this](uint32_t events) -> void { ASSERT(events == Event::FileReadyType::Read); onSocketEvent(); }, Event::PlatformDefaultTriggerType, Event::FileReadyType::Read); internal_ = std::make_unique(&server); } void HotRestartingParent::onSocketEvent() { std::unique_ptr wrapped_request; while ((wrapped_request = receiveHotRestartMessage(Blocking::No))) { if (wrapped_request->requestreply_case() == HotRestartMessage::kReply) { ENVOY_LOG(error, "child sent us a HotRestartMessage reply (we want requests); ignoring."); HotRestartMessage wrapped_reply; wrapped_reply.set_didnt_recognize_your_last_message(true); sendHotRestartMessage(child_address_, wrapped_reply); continue; } switch (wrapped_request->request().request_case()) { case HotRestartMessage::Request::kShutdownAdmin: { sendHotRestartMessage(child_address_, internal_->shutdownAdmin()); break; } case HotRestartMessage::Request::kPassListenSocket: { sendHotRestartMessage(child_address_, internal_->getListenSocketsForChild(wrapped_request->request())); break; } case HotRestartMessage::Request::kStats: { HotRestartMessage wrapped_reply; internal_->exportStatsToChild(wrapped_reply.mutable_reply()->mutable_stats()); sendHotRestartMessage(child_address_, wrapped_reply); break; } case HotRestartMessage::Request::kDrainListeners: { internal_->drainListeners(); break; } case HotRestartMessage::Request::kTerminate: { ENVOY_LOG(info, "shutting down due to child request"); kill(getpid(), SIGTERM); break; } default: { ENVOY_LOG(error, "child sent us an unfamiliar type of HotRestartMessage; ignoring."); HotRestartMessage wrapped_reply; wrapped_reply.set_didnt_recognize_your_last_message(true); sendHotRestartMessage(child_address_, wrapped_reply); break; } } } } void HotRestartingParent::shutdown() { socket_event_.reset(); } HotRestartingParent::Internal::Internal(Server::Instance* server) : server_(server) { Stats::Gauge& hot_restart_generation = hotRestartGeneration(server->stats()); hot_restart_generation.inc(); } HotRestartMessage HotRestartingParent::Internal::shutdownAdmin() { server_->shutdownAdmin(); HotRestartMessage wrapped_reply; wrapped_reply.mutable_reply()->mutable_shutdown_admin()->set_original_start_time_unix_seconds( server_->startTimeFirstEpoch()); return wrapped_reply; } HotRestartMessage HotRestartingParent::Internal::getListenSocketsForChild(const HotRestartMessage::Request& request) { HotRestartMessage wrapped_reply; wrapped_reply.mutable_reply()->mutable_pass_listen_socket()->set_fd(-1); Network::Address::InstanceConstSharedPtr addr = Network::Utility::resolveUrl(request.pass_listen_socket().address()); for (const auto& listener : server_->listenerManager().listeners()) { Network::ListenSocketFactory& socket_factory = listener.get().listenSocketFactory(); if (*socket_factory.localAddress() == *addr && listener.get().bindToPort()) { if (socket_factory.sharedSocket().has_value()) { // Pass the socket to the new process if it is already shared across workers. wrapped_reply.mutable_reply()->mutable_pass_listen_socket()->set_fd( socket_factory.sharedSocket()->get().ioHandle().fdDoNotUse()); } break; } } return wrapped_reply; } // TODO(fredlas) if there are enough stats for stat name length to become an issue, this current // implementation can negate the benefit of symbolized stat names by periodically reaching the // magnitude of memory usage that they are meant to avoid, since this map holds full-string // names. The problem can be solved by splitting the export up over many chunks. void HotRestartingParent::Internal::exportStatsToChild(HotRestartMessage::Reply::Stats* stats) { for (const auto& gauge : server_->stats().gauges()) { if (gauge->used()) { const std::string name = gauge->name(); (*stats->mutable_gauges())[name] = gauge->value(); recordDynamics(stats, name, gauge->statName()); } } for (const auto& counter : server_->stats().counters()) { if (counter->used()) { // The hot restart parent is expected to have stopped its normal stat exporting (and so // latching) by the time it begins exporting to the hot restart child. uint64_t latched_value = counter->latch(); if (latched_value > 0) { const std::string name = counter->name(); (*stats->mutable_counter_deltas())[name] = latched_value; recordDynamics(stats, name, counter->statName()); } } } stats->set_memory_allocated(Memory::Stats::totalCurrentlyAllocated()); stats->set_num_connections(server_->listenerManager().numConnections()); } void HotRestartingParent::Internal::recordDynamics(HotRestartMessage::Reply::Stats* stats, const std::string& name, Stats::StatName stat_name) { // Compute an array of spans describing which components of the stat name are // dynamic. This is needed so that when the child recovers the StatName, it // correlates with how the system generates those stats, with the same exact // components using a dynamic representation. // // See https://github.com/envoyproxy/envoy/issues/9874 for more details. Stats::DynamicSpans spans = server_->stats().symbolTable().getDynamicSpans(stat_name); // Convert that C++ structure (controlled by stat_merger.cc) into a protobuf // for serialization. if (!spans.empty()) { HotRestartMessage::Reply::RepeatedSpan spans_proto; for (const Stats::DynamicSpan& span : spans) { HotRestartMessage::Reply::Span* span_proto = spans_proto.add_spans(); span_proto->set_first(span.first); span_proto->set_last(span.second); } (*stats->mutable_dynamics())[name] = spans_proto; } } void HotRestartingParent::Internal::drainListeners() { server_->drainListeners(); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/hot_restarting_parent.h ================================================ #pragma once #include "common/common/hash.h" #include "server/hot_restarting_base.h" namespace Envoy { namespace Server { /** * The parent half of hot restarting. Listens for requests and commands from the child. * This outer class only handles evented socket I/O. The actual hot restart logic lives in * HotRestartingParent::Internal. */ class HotRestartingParent : HotRestartingBase, Logger::Loggable { public: HotRestartingParent(int base_id, int restart_epoch, const std::string& socket_path, mode_t socket_mode); void initialize(Event::Dispatcher& dispatcher, Server::Instance& server); void shutdown(); // The hot restarting parent's hot restart logic. Each function is meant to be called to fulfill a // request from the child for that action. class Internal { public: explicit Internal(Server::Instance* server); // Return value is the response to return to the child. envoy::HotRestartMessage shutdownAdmin(); // Return value is the response to return to the child. envoy::HotRestartMessage getListenSocketsForChild(const envoy::HotRestartMessage::Request& request); // 'stats' is a field in the reply protobuf to be sent to the child, which we should populate. void exportStatsToChild(envoy::HotRestartMessage::Reply::Stats* stats); void recordDynamics(envoy::HotRestartMessage::Reply::Stats* stats, const std::string& name, Stats::StatName stat_name); void drainListeners(); private: Server::Instance* const server_{}; }; private: void onSocketEvent(); const int restart_epoch_; sockaddr_un child_address_; Event::FileEventPtr socket_event_; std::unique_ptr internal_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/lds_api.cc ================================================ #include "server/lds_api.h" #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/api/v2/listener.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/config/api_version.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_join.h" namespace Envoy { namespace Server { LdsApiImpl::LdsApiImpl(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator, Upstream::ClusterManager& cm, Init::Manager& init_manager, Stats::Scope& scope, ListenerManager& lm, ProtobufMessage::ValidationVisitor& validation_visitor) : Envoy::Config::SubscriptionBase( lds_config.resource_api_version(), validation_visitor, "name"), listener_manager_(lm), scope_(scope.createScope("listener_manager.lds.")), cm_(cm), init_target_("LDS", [this]() { subscription_->start({}); }) { const auto resource_name = getResourceName(); if (lds_resources_locator == nullptr) { subscription_ = cm.subscriptionFactory().subscriptionFromConfigSource( lds_config, Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); } else { subscription_ = cm.subscriptionFactory().collectionSubscriptionFromUrl( *lds_resources_locator, lds_config, Grpc::Common::typeUrl(resource_name), *scope_, *this, resource_decoder_); } init_manager.add(init_target_); } void LdsApiImpl::onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) { Config::ScopedResume maybe_resume_rds; if (cm_.adsMux()) { const auto type_urls = Config::getAllVersionTypeUrls(); maybe_resume_rds = cm_.adsMux()->pause(type_urls); } bool any_applied = false; listener_manager_.beginListenerUpdate(); // We do all listener removals before adding the new listeners. This allows adding a new // listener with the same address as a listener that is to be removed. Do not change the order. for (const auto& removed_listener : removed_resources) { if (listener_manager_.removeListener(removed_listener)) { ENVOY_LOG(info, "lds: remove listener '{}'", removed_listener); any_applied = true; } } ListenerManager::FailureStates failure_state; absl::node_hash_set listener_names; std::string message; for (const auto& resource : added_resources) { envoy::config::listener::v3::Listener listener; try { listener = dynamic_cast(resource.get().resource()); if (!listener_names.insert(listener.name()).second) { // NOTE: at this point, the first of these duplicates has already been successfully // applied. throw EnvoyException(fmt::format("duplicate listener {} found", listener.name())); } if (listener_manager_.addOrUpdateListener(listener, resource.get().version(), true)) { ENVOY_LOG(info, "lds: add/update listener '{}'", listener.name()); any_applied = true; } else { ENVOY_LOG(debug, "lds: add/update listener '{}' skipped", listener.name()); } } catch (const EnvoyException& e) { failure_state.push_back(std::make_unique()); auto& state = failure_state.back(); state->set_details(e.what()); state->mutable_failed_configuration()->PackFrom(resource.get().resource()); absl::StrAppend(&message, listener.name(), ": ", e.what(), "\n"); } } listener_manager_.endListenerUpdate(std::move(failure_state)); if (any_applied) { system_version_info_ = system_version_info; } init_target_.ready(); if (!message.empty()) { throw EnvoyException(fmt::format("Error adding/updating listener(s) {}", message)); } } void LdsApiImpl::onConfigUpdate(const std::vector& resources, const std::string& version_info) { // We need to keep track of which listeners need to remove. // Specifically, it's [listeners we currently have] - [listeners found in the response]. absl::node_hash_set listeners_to_remove; for (const auto& listener : listener_manager_.listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) { listeners_to_remove.insert(listener.get().name()); } for (const auto& resource : resources) { // Remove its name from our delta removed pile. listeners_to_remove.erase(resource.get().name()); } // Copy our delta removed pile into the desired format. Protobuf::RepeatedPtrField to_remove_repeated; for (const auto& listener : listeners_to_remove) { *to_remove_repeated.Add() = listener; } onConfigUpdate(resources, to_remove_repeated, version_info); } void LdsApiImpl::onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException*) { ASSERT(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure != reason); // We need to allow server startup to continue, even if we have a bad // config. init_target_.ready(); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/lds_api.h ================================================ #pragma once #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener.pb.validate.h" #include "envoy/config/subscription.h" #include "envoy/config/subscription_factory.h" #include "envoy/init/manager.h" #include "envoy/server/listener_manager.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/common/logger.h" #include "common/config/subscription_base.h" #include "common/init/target_impl.h" namespace Envoy { namespace Server { /** * LDS API implementation that fetches via Subscription. */ class LdsApiImpl : public LdsApi, Envoy::Config::SubscriptionBase, Logger::Loggable { public: LdsApiImpl(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator, Upstream::ClusterManager& cm, Init::Manager& init_manager, Stats::Scope& scope, ListenerManager& lm, ProtobufMessage::ValidationVisitor& validation_visitor); // Server::LdsApi std::string versionInfo() const override { return system_version_info_; } private: // Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override; void onConfigUpdate(const std::vector& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& system_version_info) override; void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason reason, const EnvoyException* e) override; Config::SubscriptionPtr subscription_; std::string system_version_info_; ListenerManager& listener_manager_; Stats::ScopePtr scope_; Upstream::ClusterManager& cm_; Init::TargetImpl init_target_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/listener_hooks.h ================================================ #pragma once #include "envoy/common/pure.h" namespace Envoy { /** * Hooks in the server to allow for integration testing. The real server just uses an empty * implementation defined below. */ class ListenerHooks { public: virtual ~ListenerHooks() = default; /** * Called when a worker has added a listener and it is listening. */ virtual void onWorkerListenerAdded() PURE; /** * Called when a worker has removed a listener and it is no longer listening. */ virtual void onWorkerListenerRemoved() PURE; /** * Called when the Runtime::ScopedLoaderSingleton is created by the server. */ virtual void onRuntimeCreated() PURE; }; /** * Empty implementation of ListenerHooks. */ class DefaultListenerHooks : public ListenerHooks { public: // ListenerHooks void onWorkerListenerAdded() override {} void onWorkerListenerRemoved() override {} void onRuntimeCreated() override {} }; } // namespace Envoy ================================================ FILE: source/server/listener_impl.cc ================================================ #include "server/listener_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/extensions/filters/listener/proxy_protocol/v3/proxy_protocol.pb.h" #include "envoy/network/exception.h" #include "envoy/network/udp_packet_writer_config.h" #include "envoy/registry/registry.h" #include "envoy/server/active_udp_listener_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" #include "common/access_log/access_log_impl.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/assert.h" #include "common/config/utility.h" #include "common/network/connection_balancer_impl.h" #include "common/network/resolver_impl.h" #include "common/network/socket_option_factory.h" #include "common/network/socket_option_impl.h" #include "common/network/udp_listener_impl.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "common/runtime/runtime_features.h" #include "server/configuration_impl.h" #include "server/drain_manager_impl.h" #include "server/filter_chain_manager_impl.h" #include "server/listener_manager_impl.h" #include "server/transport_socket_config_impl.h" #include "server/well_known_names.h" #include "extensions/filters/listener/well_known_names.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Server { namespace { bool needTlsInspector(const envoy::config::listener::v3::Listener& config) { return std::any_of(config.filter_chains().begin(), config.filter_chains().end(), [](const auto& filter_chain) { const auto& matcher = filter_chain.filter_chain_match(); return matcher.transport_protocol() == "tls" || (matcher.transport_protocol().empty() && (!matcher.server_names().empty() || !matcher.application_protocols().empty())); }) && !std::any_of( config.listener_filters().begin(), config.listener_filters().end(), [](const auto& filter) { return filter.name() == Extensions::ListenerFilters::ListenerFilterNames::get().TlsInspector || filter.name() == "envoy.listener.tls_inspector"; }); } } // namespace ListenSocketFactoryImpl::ListenSocketFactoryImpl(ListenerComponentFactory& factory, Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, bool bind_to_port, const std::string& listener_name, bool reuse_port) : factory_(factory), local_address_(address), socket_type_(socket_type), options_(options), bind_to_port_(bind_to_port), listener_name_(listener_name), reuse_port_(reuse_port) { bool create_socket = false; if (local_address_->type() == Network::Address::Type::Ip) { if (socket_type_ == Network::Socket::Type::Datagram) { ASSERT(reuse_port_ == true); } if (reuse_port_ == false) { // create a socket which will be used by all worker threads create_socket = true; } else if (local_address_->ip()->port() == 0) { // port is 0, need to create a socket here for reserving a real port number, // then all worker threads should use same port. create_socket = true; } } else { ASSERT(local_address_->type() == Network::Address::Type::Pipe); // Listeners with Unix domain socket always use shared socket. create_socket = true; } if (create_socket) { socket_ = createListenSocketAndApplyOptions(); } if (socket_ && local_address_->ip() && local_address_->ip()->port() == 0) { local_address_ = socket_->localAddress(); } ENVOY_LOG(debug, "Set listener {} socket factory local address to {}", listener_name_, local_address_->asString()); } Network::SocketSharedPtr ListenSocketFactoryImpl::createListenSocketAndApplyOptions() { // socket might be nullptr depending on factory_ implementation. Network::SocketSharedPtr socket = factory_.createListenSocket( local_address_, socket_type_, options_, {bind_to_port_, !reuse_port_}); // Binding is done by now. ENVOY_LOG(debug, "Create listen socket for listener {} on address {}", listener_name_, local_address_->asString()); if (socket != nullptr && options_ != nullptr) { const bool ok = Network::Socket::applyOptions( options_, *socket, envoy::config::core::v3::SocketOption::STATE_BOUND); const std::string message = fmt::format("{}: Setting socket options {}", listener_name_, ok ? "succeeded" : "failed"); if (!ok) { ENVOY_LOG(warn, "{}", message); throw Network::CreateListenerException(message); } else { ENVOY_LOG(debug, "{}", message); } // Add the options to the socket_ so that STATE_LISTENING options can be // set in the worker after listen()/evconnlistener_new() is called. socket->addOptions(options_); } return socket; } Network::SocketSharedPtr ListenSocketFactoryImpl::getListenSocket() { if (!reuse_port_) { return socket_; } Network::SocketSharedPtr socket; absl::call_once(steal_once_, [this, &socket]() { if (socket_) { // If a listener's port is set to 0, socket_ should be created for reserving a port // number, it is handed over to the first worker thread came here. // There are several reasons for doing this: // - for UDP, once a socket being bound, it begins to receive packets, it can't be // left unused, and closing it will lost packets received by it. // - port number should be reserved before adding listener to active_listeners_ list, // otherwise admin API /listeners might return 0 as listener's port. socket = std::move(socket_); } }); if (socket) { return socket; } return createListenSocketAndApplyOptions(); } ListenerFactoryContextBaseImpl::ListenerFactoryContextBaseImpl( Envoy::Server::Instance& server, ProtobufMessage::ValidationVisitor& validation_visitor, const envoy::config::listener::v3::Listener& config, DrainManagerPtr drain_manager) : server_(server), metadata_(config.metadata()), direction_(config.traffic_direction()), global_scope_(server.stats().createScope("")), listener_scope_(server_.stats().createScope(fmt::format( "listener.{}.", Network::Address::resolveProtoAddress(config.address())->asString()))), validation_visitor_(validation_visitor), drain_manager_(std::move(drain_manager)) {} AccessLog::AccessLogManager& ListenerFactoryContextBaseImpl::accessLogManager() { return server_.accessLogManager(); } Upstream::ClusterManager& ListenerFactoryContextBaseImpl::clusterManager() { return server_.clusterManager(); } Event::Dispatcher& ListenerFactoryContextBaseImpl::dispatcher() { return server_.dispatcher(); } Grpc::Context& ListenerFactoryContextBaseImpl::grpcContext() { return server_.grpcContext(); } bool ListenerFactoryContextBaseImpl::healthCheckFailed() { return server_.healthCheckFailed(); } Http::Context& ListenerFactoryContextBaseImpl::httpContext() { return server_.httpContext(); } const LocalInfo::LocalInfo& ListenerFactoryContextBaseImpl::localInfo() const { return server_.localInfo(); } Envoy::Runtime::Loader& ListenerFactoryContextBaseImpl::runtime() { return server_.runtime(); } Stats::Scope& ListenerFactoryContextBaseImpl::scope() { return *global_scope_; } Singleton::Manager& ListenerFactoryContextBaseImpl::singletonManager() { return server_.singletonManager(); } OverloadManager& ListenerFactoryContextBaseImpl::overloadManager() { return server_.overloadManager(); } ThreadLocal::Instance& ListenerFactoryContextBaseImpl::threadLocal() { return server_.threadLocal(); } Admin& ListenerFactoryContextBaseImpl::admin() { return server_.admin(); } const envoy::config::core::v3::Metadata& ListenerFactoryContextBaseImpl::listenerMetadata() const { return metadata_; }; envoy::config::core::v3::TrafficDirection ListenerFactoryContextBaseImpl::direction() const { return direction_; }; TimeSource& ListenerFactoryContextBaseImpl::timeSource() { return api().timeSource(); } ProtobufMessage::ValidationContext& ListenerFactoryContextBaseImpl::messageValidationContext() { return server_.messageValidationContext(); } ProtobufMessage::ValidationVisitor& ListenerFactoryContextBaseImpl::messageValidationVisitor() { return validation_visitor_; } Api::Api& ListenerFactoryContextBaseImpl::api() { return server_.api(); } ServerLifecycleNotifier& ListenerFactoryContextBaseImpl::lifecycleNotifier() { return server_.lifecycleNotifier(); } ProcessContextOptRef ListenerFactoryContextBaseImpl::processContext() { return server_.processContext(); } Configuration::ServerFactoryContext& ListenerFactoryContextBaseImpl::getServerFactoryContext() const { return server_.serverFactoryContext(); } Configuration::TransportSocketFactoryContext& ListenerFactoryContextBaseImpl::getTransportSocketFactoryContext() const { return server_.transportSocketFactoryContext(); } Stats::Scope& ListenerFactoryContextBaseImpl::listenerScope() { return *listener_scope_; } Network::DrainDecision& ListenerFactoryContextBaseImpl::drainDecision() { return *this; } Server::DrainManager& ListenerFactoryContextBaseImpl::drainManager() { return *drain_manager_; } // Must be overridden Init::Manager& ListenerFactoryContextBaseImpl::initManager() { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } ListenerImpl::ListenerImpl(const envoy::config::listener::v3::Listener& config, const std::string& version_info, ListenerManagerImpl& parent, const std::string& name, bool added_via_api, bool workers_started, uint64_t hash, uint32_t concurrency) : parent_(parent), address_(Network::Address::resolveProtoAddress(config.address())), bind_to_port_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.deprecated_v1(), bind_to_port, true)), hand_off_restored_destination_connections_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, hidden_envoy_deprecated_use_original_dst, false)), per_connection_buffer_limit_bytes_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, per_connection_buffer_limit_bytes, 1024 * 1024)), listener_tag_(parent_.factory_.nextListenerTag()), name_(name), added_via_api_(added_via_api), workers_started_(workers_started), hash_(hash), tcp_backlog_size_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, tcp_backlog_size, ENVOY_TCP_BACKLOG_SIZE)), validation_visitor_( added_via_api_ ? parent_.server_.messageValidationContext().dynamicValidationVisitor() : parent_.server_.messageValidationContext().staticValidationVisitor()), listener_init_target_(fmt::format("Listener-init-target {}", name), [this]() { dynamic_init_manager_->initialize(local_init_watcher_); }), dynamic_init_manager_(std::make_unique( fmt::format("Listener-local-init-manager {} {}", name, hash))), config_(config), version_info_(version_info), listener_filters_timeout_( PROTOBUF_GET_MS_OR_DEFAULT(config, listener_filters_timeout, 15000)), continue_on_listener_filters_timeout_(config.continue_on_listener_filters_timeout()), listener_factory_context_(std::make_shared( parent.server_, validation_visitor_, config, this, *this, parent.factory_.createDrainManager(config.drain_type()))), filter_chain_manager_(address_, listener_factory_context_->parentFactoryContext(), initManager()), cx_limit_runtime_key_("envoy.resource_limits.listener." + config_.name() + ".connection_limit"), open_connections_(std::make_shared( std::numeric_limits::max(), listener_factory_context_->runtime(), cx_limit_runtime_key_)), local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), [this] { if (workers_started_) { parent_.onListenerWarmed(*this); } else { // Notify Server that this listener is // ready. listener_init_target_.ready(); } }) { const absl::optional runtime_val = listener_factory_context_->runtime().snapshot().get(cx_limit_runtime_key_); if (runtime_val && runtime_val->empty()) { ENVOY_LOG(warn, "Listener connection limit runtime key {} is empty. There are currently no " "limitations on the number of accepted connections for listener {}.", cx_limit_runtime_key_, config_.name()); } buildAccessLog(); auto socket_type = Network::Utility::protobufAddressSocketType(config.address()); buildListenSocketOptions(socket_type); buildUdpListenerFactory(socket_type, concurrency); buildUdpWriterFactory(socket_type); createListenerFilterFactories(socket_type); validateFilterChains(socket_type); buildFilterChains(); if (socket_type == Network::Socket::Type::Datagram) { return; } buildSocketOptions(); buildOriginalDstListenerFilter(); buildProxyProtocolListenerFilter(); buildTlsInspectorListenerFilter(); if (!workers_started_) { // Initialize dynamic_init_manager_ from Server's init manager if it's not initialized. // NOTE: listener_init_target_ should be added to parent's initManager at the end of the // listener constructor so that this listener's children entities could register their targets // with their parent's initManager. parent_.server_.initManager().add(listener_init_target_); } } ListenerImpl::ListenerImpl(ListenerImpl& origin, const envoy::config::listener::v3::Listener& config, const std::string& version_info, ListenerManagerImpl& parent, const std::string& name, bool added_via_api, bool workers_started, uint64_t hash, uint32_t concurrency) : parent_(parent), address_(origin.address_), bind_to_port_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.deprecated_v1(), bind_to_port, true)), hand_off_restored_destination_connections_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, hidden_envoy_deprecated_use_original_dst, false)), per_connection_buffer_limit_bytes_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, per_connection_buffer_limit_bytes, 1024 * 1024)), listener_tag_(origin.listener_tag_), name_(name), added_via_api_(added_via_api), workers_started_(workers_started), hash_(hash), tcp_backlog_size_( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, tcp_backlog_size, ENVOY_TCP_BACKLOG_SIZE)), validation_visitor_( added_via_api_ ? parent_.server_.messageValidationContext().dynamicValidationVisitor() : parent_.server_.messageValidationContext().staticValidationVisitor()), // listener_init_target_ is not used during in place update because we expect server started. listener_init_target_("", nullptr), dynamic_init_manager_(std::make_unique( fmt::format("Listener-local-init-manager {} {}", name, hash))), config_(config), version_info_(version_info), listener_filters_timeout_( PROTOBUF_GET_MS_OR_DEFAULT(config, listener_filters_timeout, 15000)), continue_on_listener_filters_timeout_(config.continue_on_listener_filters_timeout()), connection_balancer_(origin.connection_balancer_), listener_factory_context_(std::make_shared( origin.listener_factory_context_->listener_factory_context_base_, this, *this)), filter_chain_manager_(address_, origin.listener_factory_context_->parentFactoryContext(), initManager(), origin.filter_chain_manager_), local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), [this] { ASSERT(workers_started_); parent_.inPlaceFilterChainUpdate(*this); }) { buildAccessLog(); auto socket_type = Network::Utility::protobufAddressSocketType(config.address()); buildListenSocketOptions(socket_type); buildUdpListenerFactory(socket_type, concurrency); buildUdpWriterFactory(socket_type); createListenerFilterFactories(socket_type); validateFilterChains(socket_type); buildFilterChains(); // In place update is tcp only so it's safe to apply below tcp only initialization. buildSocketOptions(); buildOriginalDstListenerFilter(); buildProxyProtocolListenerFilter(); buildTlsInspectorListenerFilter(); open_connections_ = origin.open_connections_; } void ListenerImpl::buildAccessLog() { for (const auto& access_log : config_.access_log()) { AccessLog::InstanceSharedPtr current_access_log = AccessLog::AccessLogFactory::fromProto(access_log, *listener_factory_context_); access_logs_.push_back(current_access_log); } } void ListenerImpl::buildUdpListenerFactory(Network::Socket::Type socket_type, uint32_t concurrency) { if (socket_type == Network::Socket::Type::Datagram) { if (!config_.reuse_port() && concurrency > 1) { throw EnvoyException("Listening on UDP when concurrency is > 1 without the SO_REUSEPORT " "socket option results in " "unstable packet proxying. Configure the reuse_port listener option or " "set concurrency = 1."); } auto udp_config = config_.udp_listener_config(); if (udp_config.udp_listener_name().empty()) { udp_config.set_udp_listener_name(UdpListenerNames::get().RawUdp); } auto& config_factory = Config::Utility::getAndCheckFactoryByName( udp_config.udp_listener_name()); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig(udp_config, validation_visitor_, config_factory); udp_listener_factory_ = config_factory.createActiveUdpListenerFactory(*message, concurrency); udp_listener_worker_router_ = std::make_unique(concurrency); } } void ListenerImpl::buildUdpWriterFactory(Network::Socket::Type socket_type) { if (socket_type == Network::Socket::Type::Datagram) { auto udp_writer_config = config_.udp_writer_config(); if (!Api::OsSysCallsSingleton::get().supportsUdpGso() || udp_writer_config.typed_config().type_url().empty()) { const std::string default_type_url = "type.googleapis.com/envoy.config.listener.v3.UdpDefaultWriterOptions"; udp_writer_config.mutable_typed_config()->set_type_url(default_type_url); } auto& config_factory = Config::Utility::getAndCheckFactory( udp_writer_config); ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( udp_writer_config.typed_config(), validation_visitor_, config_factory); udp_writer_factory_ = config_factory.createUdpPacketWriterFactory(*message); } } void ListenerImpl::buildListenSocketOptions(Network::Socket::Type socket_type) { // The process-wide `signal()` handling may fail to handle SIGPIPE if overridden // in the process (i.e., on a mobile client). Some OSes support handling it at the socket layer: if (ENVOY_SOCKET_SO_NOSIGPIPE.hasValue()) { addListenSocketOptions(Network::SocketOptionFactory::buildSocketNoSigpipeOptions()); } if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_, transparent, false)) { addListenSocketOptions(Network::SocketOptionFactory::buildIpTransparentOptions()); } if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_, freebind, false)) { addListenSocketOptions(Network::SocketOptionFactory::buildIpFreebindOptions()); } if (config_.reuse_port()) { addListenSocketOptions(Network::SocketOptionFactory::buildReusePortOptions()); } if (!config_.socket_options().empty()) { addListenSocketOptions( Network::SocketOptionFactory::buildLiteralOptions(config_.socket_options())); } if (socket_type == Network::Socket::Type::Datagram) { // Needed for recvmsg to return destination address in IP header. addListenSocketOptions(Network::SocketOptionFactory::buildIpPacketInfoOptions()); // Needed to return receive buffer overflown indicator. addListenSocketOptions(Network::SocketOptionFactory::buildRxQueueOverFlowOptions()); // TODO(yugant) : Add a config option for UDP_GRO if (Api::OsSysCallsSingleton::get().supportsUdpGro()) { // Needed to receive gso_size option addListenSocketOptions(Network::SocketOptionFactory::buildUdpGroOptions()); } } } void ListenerImpl::createListenerFilterFactories(Network::Socket::Type socket_type) { if (!config_.listener_filters().empty()) { switch (socket_type) { case Network::Socket::Type::Datagram: if (config_.listener_filters().size() > 1) { // Currently supports only 1 UDP listener filter. throw EnvoyException(fmt::format( "error adding listener '{}': Only 1 UDP listener filter per listener supported", address_->asString())); } udp_listener_filter_factories_ = parent_.factory_.createUdpListenerFilterFactoryList( config_.listener_filters(), *listener_factory_context_); break; case Network::Socket::Type::Stream: listener_filter_factories_ = parent_.factory_.createListenerFilterFactoryList( config_.listener_filters(), *listener_factory_context_); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } void ListenerImpl::validateFilterChains(Network::Socket::Type socket_type) { if (config_.filter_chains().empty() && (socket_type == Network::Socket::Type::Stream || !udp_listener_factory_->isTransportConnectionless())) { // If we got here, this is a tcp listener or connection-oriented udp listener, so ensure there // is a filter chain specified throw EnvoyException(fmt::format("error adding listener '{}': no filter chains specified", address_->asString())); } else if (udp_listener_factory_ != nullptr && !udp_listener_factory_->isTransportConnectionless()) { for (auto& filter_chain : config_.filter_chains()) { // Early fail if any filter chain doesn't have transport socket configured. if (!filter_chain.has_transport_socket()) { throw EnvoyException(fmt::format("error adding listener '{}': no transport socket " "specified for connection oriented UDP listener", address_->asString())); } } } } void ListenerImpl::buildFilterChains() { Server::Configuration::TransportSocketFactoryContextImpl transport_factory_context( parent_.server_.admin(), parent_.server_.sslContextManager(), listenerScope(), parent_.server_.clusterManager(), parent_.server_.localInfo(), parent_.server_.dispatcher(), parent_.server_.stats(), parent_.server_.singletonManager(), parent_.server_.threadLocal(), validation_visitor_, parent_.server_.api()); transport_factory_context.setInitManager(*dynamic_init_manager_); // The init manager is a little messy. Will refactor when filter chain manager could accept // network filter chain update. // TODO(lambdai): create builder from filter_chain_manager to obtain the init manager ListenerFilterChainFactoryBuilder builder(*this, transport_factory_context); filter_chain_manager_.addFilterChain(config_.filter_chains(), builder, filter_chain_manager_); } void ListenerImpl::buildSocketOptions() { // TCP specific setup. if (connection_balancer_ == nullptr) { // Not in place listener update. if (config_.has_connection_balance_config()) { // Currently exact balance is the only supported type and there are no options. ASSERT(config_.connection_balance_config().has_exact_balance()); connection_balancer_ = std::make_shared(); } else { connection_balancer_ = std::make_shared(); } } if (config_.has_tcp_fast_open_queue_length()) { addListenSocketOptions(Network::SocketOptionFactory::buildTcpFastOpenOptions( config_.tcp_fast_open_queue_length().value())); } } void ListenerImpl::buildOriginalDstListenerFilter() { // Add original dst listener filter if 'use_original_dst' flag is set. if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_, hidden_envoy_deprecated_use_original_dst, false)) { auto& factory = Config::Utility::getAndCheckFactoryByName( Extensions::ListenerFilters::ListenerFilterNames::get().OriginalDst); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( Envoy::ProtobufWkt::Empty(), /*listener_filter_matcher=*/nullptr, *listener_factory_context_)); } } void ListenerImpl::buildProxyProtocolListenerFilter() { // Add proxy protocol listener filter if 'use_proxy_proto' flag is set. // TODO(jrajahalme): This is the last listener filter on purpose. When filter chain matching // is implemented, this needs to be run after the filter chain has been // selected. if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_.filter_chains()[0], use_proxy_proto, false)) { auto& factory = Config::Utility::getAndCheckFactoryByName( Extensions::ListenerFilters::ListenerFilterNames::get().ProxyProtocol); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol(), /*listener_filter_matcher=*/nullptr, *listener_factory_context_)); } } void ListenerImpl::buildTlsInspectorListenerFilter() { // TODO(zuercher) remove the deprecated TLS inspector name when the deprecated names are removed. const bool need_tls_inspector = needTlsInspector(config_); // Automatically inject TLS Inspector if it wasn't configured explicitly and it's needed. if (need_tls_inspector) { const std::string message = fmt::format("adding listener '{}': filter chain match rules require TLS Inspector " "listener filter, but it isn't configured, trying to inject it " "(this might fail if Envoy is compiled without it)", address_->asString()); ENVOY_LOG(warn, "{}", message); auto& factory = Config::Utility::getAndCheckFactoryByName( Extensions::ListenerFilters::ListenerFilterNames::get().TlsInspector); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( Envoy::ProtobufWkt::Empty(), /*listener_filter_matcher=*/nullptr, *listener_factory_context_)); } } AccessLog::AccessLogManager& PerListenerFactoryContextImpl::accessLogManager() { return listener_factory_context_base_->accessLogManager(); } Upstream::ClusterManager& PerListenerFactoryContextImpl::clusterManager() { return listener_factory_context_base_->clusterManager(); } Event::Dispatcher& PerListenerFactoryContextImpl::dispatcher() { return listener_factory_context_base_->dispatcher(); } Network::DrainDecision& PerListenerFactoryContextImpl::drainDecision() { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } Grpc::Context& PerListenerFactoryContextImpl::grpcContext() { return listener_factory_context_base_->grpcContext(); } bool PerListenerFactoryContextImpl::healthCheckFailed() { return listener_factory_context_base_->healthCheckFailed(); } Http::Context& PerListenerFactoryContextImpl::httpContext() { return listener_factory_context_base_->httpContext(); } const LocalInfo::LocalInfo& PerListenerFactoryContextImpl::localInfo() const { return listener_factory_context_base_->localInfo(); } Envoy::Runtime::Loader& PerListenerFactoryContextImpl::runtime() { return listener_factory_context_base_->runtime(); } Stats::Scope& PerListenerFactoryContextImpl::scope() { return listener_factory_context_base_->scope(); } Singleton::Manager& PerListenerFactoryContextImpl::singletonManager() { return listener_factory_context_base_->singletonManager(); } OverloadManager& PerListenerFactoryContextImpl::overloadManager() { return listener_factory_context_base_->overloadManager(); } ThreadLocal::Instance& PerListenerFactoryContextImpl::threadLocal() { return listener_factory_context_base_->threadLocal(); } Admin& PerListenerFactoryContextImpl::admin() { return listener_factory_context_base_->admin(); } const envoy::config::core::v3::Metadata& PerListenerFactoryContextImpl::listenerMetadata() const { return listener_factory_context_base_->listenerMetadata(); }; envoy::config::core::v3::TrafficDirection PerListenerFactoryContextImpl::direction() const { return listener_factory_context_base_->direction(); }; TimeSource& PerListenerFactoryContextImpl::timeSource() { return api().timeSource(); } const Network::ListenerConfig& PerListenerFactoryContextImpl::listenerConfig() const { return *listener_config_; } ProtobufMessage::ValidationContext& PerListenerFactoryContextImpl::messageValidationContext() { return getServerFactoryContext().messageValidationContext(); } ProtobufMessage::ValidationVisitor& PerListenerFactoryContextImpl::messageValidationVisitor() { return listener_factory_context_base_->messageValidationVisitor(); } Api::Api& PerListenerFactoryContextImpl::api() { return listener_factory_context_base_->api(); } ServerLifecycleNotifier& PerListenerFactoryContextImpl::lifecycleNotifier() { return listener_factory_context_base_->lifecycleNotifier(); } ProcessContextOptRef PerListenerFactoryContextImpl::processContext() { return listener_factory_context_base_->processContext(); } Configuration::ServerFactoryContext& PerListenerFactoryContextImpl::getServerFactoryContext() const { return listener_factory_context_base_->getServerFactoryContext(); } Configuration::TransportSocketFactoryContext& PerListenerFactoryContextImpl::getTransportSocketFactoryContext() const { return listener_factory_context_base_->getTransportSocketFactoryContext(); } Stats::Scope& PerListenerFactoryContextImpl::listenerScope() { return listener_factory_context_base_->listenerScope(); } Init::Manager& PerListenerFactoryContextImpl::initManager() { return listener_impl_.initManager(); } bool ListenerImpl::createNetworkFilterChain( Network::Connection& connection, const std::vector& filter_factories) { return Configuration::FilterChainUtility::buildFilterChain(connection, filter_factories); } bool ListenerImpl::createListenerFilterChain(Network::ListenerFilterManager& manager) { return Configuration::FilterChainUtility::buildFilterChain(manager, listener_filter_factories_); } void ListenerImpl::createUdpListenerFilterChain(Network::UdpListenerFilterManager& manager, Network::UdpReadFilterCallbacks& callbacks) { Configuration::FilterChainUtility::buildUdpFilterChain(manager, callbacks, udp_listener_filter_factories_); } void ListenerImpl::debugLog(const std::string& message) { UNREFERENCED_PARAMETER(message); ENVOY_LOG(debug, "{}: name={}, hash={}, address={}", message, name_, hash_, address_->asString()); } void ListenerImpl::initialize() { last_updated_ = listener_factory_context_->timeSource().systemTime(); // If workers have already started, we shift from using the global init manager to using a local // per listener init manager. See ~ListenerImpl() for why we gate the onListenerWarmed() call // by resetting the watcher. if (workers_started_) { ENVOY_LOG_MISC(debug, "Initialize listener {} local-init-manager.", name_); // If workers_started_ is true, dynamic_init_manager_ should be initialized by listener // manager directly. dynamic_init_manager_->initialize(local_init_watcher_); } } ListenerImpl::~ListenerImpl() { if (!workers_started_) { // We need to remove the listener_init_target_ handle from parent's initManager(), to unblock // parent's initManager to get ready(). listener_init_target_.ready(); } } Init::Manager& ListenerImpl::initManager() { return *dynamic_init_manager_; } void ListenerImpl::setSocketFactory(const Network::ListenSocketFactorySharedPtr& socket_factory) { ASSERT(!socket_factory_); socket_factory_ = socket_factory; } bool ListenerImpl::supportUpdateFilterChain(const envoy::config::listener::v3::Listener& config, bool worker_started) { if (!Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.listener_in_place_filterchain_update")) { return false; } // The in place update needs the active listener in worker thread. worker_started guarantees the // existence of that active listener. if (!worker_started) { return false; } // Currently we only support TCP filter chain update. if (Network::Utility::protobufAddressSocketType(config_.address()) != Network::Socket::Type::Stream || Network::Utility::protobufAddressSocketType(config.address()) != Network::Socket::Type::Stream) { return false; } // Full listener update currently rejects tcp listener having 0 filter chain. // In place filter chain update could survive under zero filter chain but we should keep the same // behavior for now. This also guards the below filter chain access. if (config.filter_chains_size() == 0) { return false; } // See buildProxyProtocolListenerFilter(). Full listener update guarantees at least 1 filter chain // at tcp listener. if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_.filter_chains()[0], use_proxy_proto, false) ^ PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.filter_chains()[0], use_proxy_proto, false)) { return false; } // See buildTlsInspectorListenerFilter(). if (needTlsInspector(config_) ^ needTlsInspector(config)) { return false; } return ListenerMessageUtil::filterChainOnlyChange(config_, config); } ListenerImplPtr ListenerImpl::newListenerWithFilterChain(const envoy::config::listener::v3::Listener& config, bool workers_started, uint64_t hash) { // Use WrapUnique since the constructor is private. return absl::WrapUnique( new ListenerImpl(*this, config, version_info_, parent_, name_, added_via_api_, /* new new workers started state */ workers_started, /* use new hash */ hash, parent_.server_.options().concurrency())); } void ListenerImpl::diffFilterChain(const ListenerImpl& another_listener, std::function callback) { for (const auto& message_and_filter_chain : filter_chain_manager_.filterChainsByMessage()) { if (another_listener.filter_chain_manager_.filterChainsByMessage().find( message_and_filter_chain.first) == another_listener.filter_chain_manager_.filterChainsByMessage().end()) { // The filter chain exists in `this` listener but not in the listener passed in. callback(*message_and_filter_chain.second); } } } bool ListenerMessageUtil::filterChainOnlyChange(const envoy::config::listener::v3::Listener& lhs, const envoy::config::listener::v3::Listener& rhs) { Protobuf::util::MessageDifferencer differencer; differencer.set_message_field_comparison(Protobuf::util::MessageDifferencer::EQUIVALENT); differencer.set_repeated_field_comparison(Protobuf::util::MessageDifferencer::AS_SET); differencer.IgnoreField( envoy::config::listener::v3::Listener::GetDescriptor()->FindFieldByName("filter_chains")); return differencer.Compare(lhs, rhs); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/listener_impl.h ================================================ #pragma once #include #include "envoy/access_log/access_log.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/network/drain_decision.h" #include "envoy/network/filter.h" #include "envoy/server/drain_manager.h" #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" #include "common/common/basic_resource_impl.h" #include "common/common/logger.h" #include "common/init/manager_impl.h" #include "common/init/target_impl.h" #include "server/filter_chain_manager_impl.h" #include "absl/base/call_once.h" namespace Envoy { namespace Server { class ListenerMessageUtil { public: /** * @return true if listener message lhs and rhs are the same if ignoring filter_chains field. */ static bool filterChainOnlyChange(const envoy::config::listener::v3::Listener& lhs, const envoy::config::listener::v3::Listener& rhs); }; class ListenerManagerImpl; class ListenSocketFactoryImpl : public Network::ListenSocketFactory, protected Logger::Loggable { public: ListenSocketFactoryImpl(ListenerComponentFactory& factory, Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, bool bind_to_port, const std::string& listener_name, bool reuse_port); // Network::ListenSocketFactory Network::Socket::Type socketType() const override { return socket_type_; } const Network::Address::InstanceConstSharedPtr& localAddress() const override { return local_address_; } Network::SocketSharedPtr getListenSocket() override; /** * @return the socket shared by worker threads; otherwise return null. */ Network::SocketOptRef sharedSocket() const override { if (!reuse_port_) { ASSERT(socket_ != nullptr); return *socket_; } // If reuse_port is true, always return null, even socket_ is created for reserving // port number. return absl::nullopt; } protected: Network::SocketSharedPtr createListenSocketAndApplyOptions(); private: ListenerComponentFactory& factory_; // Initially, its port number might be 0. Once a socket is created, its port // will be set to the binding port. Network::Address::InstanceConstSharedPtr local_address_; Network::Socket::Type socket_type_; const Network::Socket::OptionsSharedPtr options_; bool bind_to_port_; const std::string& listener_name_; const bool reuse_port_; Network::SocketSharedPtr socket_; absl::once_flag steal_once_; }; // TODO(mattklein123): Consider getting rid of pre-worker start and post-worker start code by // initializing all listeners after workers are started. /** * The common functionality shared by PerListenerFilterFactoryContexts and * PerFilterChainFactoryFactoryContexts. */ class ListenerFactoryContextBaseImpl final : public Configuration::FactoryContext, public Network::DrainDecision { public: ListenerFactoryContextBaseImpl(Envoy::Server::Instance& server, ProtobufMessage::ValidationVisitor& validation_visitor, const envoy::config::listener::v3::Listener& config, Server::DrainManagerPtr drain_manager); AccessLog::AccessLogManager& accessLogManager() override; Upstream::ClusterManager& clusterManager() override; Event::Dispatcher& dispatcher() override; Network::DrainDecision& drainDecision() override; Grpc::Context& grpcContext() override; bool healthCheckFailed() override; Http::Context& httpContext() override; Init::Manager& initManager() override; const LocalInfo::LocalInfo& localInfo() const override; Envoy::Runtime::Loader& runtime() override; Stats::Scope& scope() override; Singleton::Manager& singletonManager() override; OverloadManager& overloadManager() override; ThreadLocal::Instance& threadLocal() override; Admin& admin() override; const envoy::config::core::v3::Metadata& listenerMetadata() const override; envoy::config::core::v3::TrafficDirection direction() const override; TimeSource& timeSource() override; ProtobufMessage::ValidationContext& messageValidationContext() override; ProtobufMessage::ValidationVisitor& messageValidationVisitor() override; Api::Api& api() override; ServerLifecycleNotifier& lifecycleNotifier() override; ProcessContextOptRef processContext() override; Configuration::ServerFactoryContext& getServerFactoryContext() const override; Configuration::TransportSocketFactoryContext& getTransportSocketFactoryContext() const override; Stats::Scope& listenerScope() override; // DrainDecision bool drainClose() const override { return drain_manager_->drainClose() || server_.drainManager().drainClose(); } Server::DrainManager& drainManager(); private: Envoy::Server::Instance& server_; const envoy::config::core::v3::Metadata metadata_; envoy::config::core::v3::TrafficDirection direction_; Stats::ScopePtr global_scope_; Stats::ScopePtr listener_scope_; // Stats with listener named scope. ProtobufMessage::ValidationVisitor& validation_visitor_; const Server::DrainManagerPtr drain_manager_; }; class ListenerImpl; // TODO(lambdai): Strip the interface since ListenerFactoryContext only need to support // ListenerFilterChain creation. e.g, Is listenerMetaData() required? Is it required only at // listener update or during the lifetime of listener? class PerListenerFactoryContextImpl : public Configuration::ListenerFactoryContext { public: PerListenerFactoryContextImpl(Envoy::Server::Instance& server, ProtobufMessage::ValidationVisitor& validation_visitor, const envoy::config::listener::v3::Listener& config_message, const Network::ListenerConfig* listener_config, ListenerImpl& listener_impl, DrainManagerPtr drain_manager) : listener_factory_context_base_(std::make_shared( server, validation_visitor, config_message, std::move(drain_manager))), listener_config_(listener_config), listener_impl_(listener_impl) {} PerListenerFactoryContextImpl( std::shared_ptr listener_factory_context_base, const Network::ListenerConfig* listener_config, ListenerImpl& listener_impl) : listener_factory_context_base_(listener_factory_context_base), listener_config_(listener_config), listener_impl_(listener_impl) {} // FactoryContext AccessLog::AccessLogManager& accessLogManager() override; Upstream::ClusterManager& clusterManager() override; Event::Dispatcher& dispatcher() override; Network::DrainDecision& drainDecision() override; Grpc::Context& grpcContext() override; bool healthCheckFailed() override; Http::Context& httpContext() override; Init::Manager& initManager() override; const LocalInfo::LocalInfo& localInfo() const override; Envoy::Runtime::Loader& runtime() override; Stats::Scope& scope() override; Singleton::Manager& singletonManager() override; OverloadManager& overloadManager() override; ThreadLocal::Instance& threadLocal() override; Admin& admin() override; const envoy::config::core::v3::Metadata& listenerMetadata() const override; envoy::config::core::v3::TrafficDirection direction() const override; TimeSource& timeSource() override; ProtobufMessage::ValidationContext& messageValidationContext() override; ProtobufMessage::ValidationVisitor& messageValidationVisitor() override; Api::Api& api() override; ServerLifecycleNotifier& lifecycleNotifier() override; ProcessContextOptRef processContext() override; Configuration::ServerFactoryContext& getServerFactoryContext() const override; Configuration::TransportSocketFactoryContext& getTransportSocketFactoryContext() const override; Stats::Scope& listenerScope() override; // ListenerFactoryContext const Network::ListenerConfig& listenerConfig() const override; ListenerFactoryContextBaseImpl& parentFactoryContext() { return *listener_factory_context_base_; } friend class ListenerImpl; private: std::shared_ptr listener_factory_context_base_; const Network::ListenerConfig* listener_config_; ListenerImpl& listener_impl_; }; /** * Maps proto config to runtime config for a listener with a network filter chain. */ class ListenerImpl final : public Network::ListenerConfig, public Network::FilterChainFactory, Logger::Loggable { public: /** * Create a new listener. * @param config supplies the configuration proto. * @param version_info supplies the xDS version of the listener. * @param parent supplies the owning manager. * @param name supplies the listener name. * @param added_via_api supplies whether the listener can be updated or removed. * @param workers_started supplies whether the listener is being added before or after workers * have been started. This controls various behavior related to init management. * @param hash supplies the hash to use for duplicate checking. * @param concurrency is the number of listeners instances to be created. */ ListenerImpl(const envoy::config::listener::v3::Listener& config, const std::string& version_info, ListenerManagerImpl& parent, const std::string& name, bool added_via_api, bool workers_started, uint64_t hash, uint32_t concurrency); ~ListenerImpl() override; // TODO(lambdai): Explore using the same ListenerImpl object to execute in place filter chain // update. /** * Execute in place filter chain update. The filter chain update is less expensive than full * listener update because connections may not need to be drained. */ std::unique_ptr newListenerWithFilterChain(const envoy::config::listener::v3::Listener& config, bool workers_started, uint64_t hash); /** * Determine if in place filter chain update could be executed at this moment. */ bool supportUpdateFilterChain(const envoy::config::listener::v3::Listener& config, bool worker_started); /** * Run the callback on each filter chain that exists in this listener but not in the passed * listener config. */ void diffFilterChain(const ListenerImpl& another_listener, std::function callback); /** * Helper functions to determine whether a listener is blocked for update or remove. */ bool blockUpdate(uint64_t new_hash) { return new_hash == hash_ || !added_via_api_; } bool blockRemove() { return !added_via_api_; } /** * Called when a listener failed to be actually created on a worker. * @return TRUE if we have seen more than one worker failure. */ bool onListenerCreateFailure() { bool ret = saw_listener_create_failure_; saw_listener_create_failure_ = true; return ret; } Network::Address::InstanceConstSharedPtr address() const { return address_; } const envoy::config::listener::v3::Listener& config() const { return config_; } const Network::ListenSocketFactorySharedPtr& getSocketFactory() const { return socket_factory_; } void debugLog(const std::string& message); void initialize(); DrainManager& localDrainManager() const { return listener_factory_context_->listener_factory_context_base_->drainManager(); } void setSocketFactory(const Network::ListenSocketFactorySharedPtr& socket_factory); void setSocketAndOptions(const Network::SocketSharedPtr& socket); const Network::Socket::OptionsSharedPtr& listenSocketOptions() { return listen_socket_options_; } const std::string& versionInfo() const { return version_info_; } // Network::ListenerConfig Network::FilterChainManager& filterChainManager() override { return filter_chain_manager_; } Network::FilterChainFactory& filterChainFactory() override { return *this; } Network::ListenSocketFactory& listenSocketFactory() override { return *socket_factory_; } bool bindToPort() override { return bind_to_port_; } bool handOffRestoredDestinationConnections() const override { return hand_off_restored_destination_connections_; } uint32_t perConnectionBufferLimitBytes() const override { return per_connection_buffer_limit_bytes_; } std::chrono::milliseconds listenerFiltersTimeout() const override { return listener_filters_timeout_; } bool continueOnListenerFiltersTimeout() const override { return continue_on_listener_filters_timeout_; } Stats::Scope& listenerScope() override { return listener_factory_context_->listenerScope(); } uint64_t listenerTag() const override { return listener_tag_; } const std::string& name() const override { return name_; } Network::ActiveUdpListenerFactory* udpListenerFactory() override { return udp_listener_factory_.get(); } Network::UdpPacketWriterFactoryOptRef udpPacketWriterFactory() override { return Network::UdpPacketWriterFactoryOptRef(std::ref(*udp_writer_factory_)); } Network::UdpListenerWorkerRouterOptRef udpListenerWorkerRouter() override { return udp_listener_worker_router_ ? Network::UdpListenerWorkerRouterOptRef(*udp_listener_worker_router_) : absl::nullopt; } Network::ConnectionBalancer& connectionBalancer() override { return *connection_balancer_; } ResourceLimit& openConnections() override { return *open_connections_; } const std::vector& accessLogs() const override { return access_logs_; } uint32_t tcpBacklogSize() const override { return tcp_backlog_size_; } Init::Manager& initManager() override; envoy::config::core::v3::TrafficDirection direction() const override { return config().traffic_direction(); } void ensureSocketOptions() { if (!listen_socket_options_) { listen_socket_options_ = std::make_shared>(); } } // Network::FilterChainFactory bool createNetworkFilterChain(Network::Connection& connection, const std::vector& factories) override; bool createListenerFilterChain(Network::ListenerFilterManager& manager) override; void createUdpListenerFilterChain(Network::UdpListenerFilterManager& udp_listener, Network::UdpReadFilterCallbacks& callbacks) override; SystemTime last_updated_; private: /** * Create a new listener from an existing listener and the new config message if the in place * filter chain update is decided. Should be called only by newListenerWithFilterChain(). */ ListenerImpl(ListenerImpl& origin, const envoy::config::listener::v3::Listener& config, const std::string& version_info, ListenerManagerImpl& parent, const std::string& name, bool added_via_api, bool workers_started, uint64_t hash, uint32_t concurrency); // Helpers for constructor. void buildAccessLog(); void buildUdpListenerFactory(Network::Socket::Type socket_type, uint32_t concurrency); void buildUdpWriterFactory(Network::Socket::Type socket_type); void buildListenSocketOptions(Network::Socket::Type socket_type); void createListenerFilterFactories(Network::Socket::Type socket_type); void validateFilterChains(Network::Socket::Type socket_type); void buildFilterChains(); void buildSocketOptions(); void buildOriginalDstListenerFilter(); void buildProxyProtocolListenerFilter(); void buildTlsInspectorListenerFilter(); void addListenSocketOptions(const Network::Socket::OptionsSharedPtr& options) { ensureSocketOptions(); Network::Socket::appendOptions(listen_socket_options_, options); } ListenerManagerImpl& parent_; Network::Address::InstanceConstSharedPtr address_; Network::ListenSocketFactorySharedPtr socket_factory_; const bool bind_to_port_; const bool hand_off_restored_destination_connections_; const uint32_t per_connection_buffer_limit_bytes_; const uint64_t listener_tag_; const std::string name_; const bool added_via_api_; const bool workers_started_; const uint64_t hash_; const uint32_t tcp_backlog_size_; ProtobufMessage::ValidationVisitor& validation_visitor_; // A target is added to Server's InitManager if workers_started_ is false. Init::TargetImpl listener_init_target_; // This init manager is populated with targets from the filter chain factories, namely // RdsRouteConfigSubscription::init_target_, so the listener can wait for route configs. std::unique_ptr dynamic_init_manager_; std::vector listener_filter_factories_; std::vector udp_listener_filter_factories_; std::vector access_logs_; DrainManagerPtr local_drain_manager_; bool saw_listener_create_failure_{}; const envoy::config::listener::v3::Listener config_; const std::string version_info_; Network::Socket::OptionsSharedPtr listen_socket_options_; const std::chrono::milliseconds listener_filters_timeout_; const bool continue_on_listener_filters_timeout_; Network::ActiveUdpListenerFactoryPtr udp_listener_factory_; Network::UdpPacketWriterFactoryPtr udp_writer_factory_; Network::UdpListenerWorkerRouterPtr udp_listener_worker_router_; Network::ConnectionBalancerSharedPtr connection_balancer_; std::shared_ptr listener_factory_context_; FilterChainManagerImpl filter_chain_manager_; // Per-listener connection limits are only specified via runtime. // // TODO (tonya11en): Move this functionality into the overload manager. const std::string cx_limit_runtime_key_; std::shared_ptr open_connections_; // This init watcher, if workers_started_ is false, notifies the "parent" listener manager when // listener initialization is complete. // Important: local_init_watcher_ must be the last field in the class to avoid unexpected watcher // callback during the destroy of ListenerImpl. Init::WatcherImpl local_init_watcher_; // to access ListenerManagerImpl::factory_. friend class ListenerFilterChainFactoryBuilder; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/listener_manager_impl.cc ================================================ #include "server/listener_manager_impl.h" #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/filter.h" #include "envoy/network/listener.h" #include "envoy/registry/registry.h" #include "envoy/server/active_udp_listener_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/network/filter_matcher.h" #include "common/network/io_socket_handle_impl.h" #include "common/network/listen_socket_impl.h" #include "common/network/socket_option_factory.h" #include "common/network/utility.h" #include "common/protobuf/utility.h" #include "server/api_listener_impl.h" #include "server/configuration_impl.h" #include "server/drain_manager_impl.h" #include "server/filter_chain_manager_impl.h" #include "server/transport_socket_config_impl.h" #include "server/well_known_names.h" #include "extensions/filters/listener/well_known_names.h" #include "extensions/transport_sockets/well_known_names.h" namespace Envoy { namespace Server { namespace { std::string toString(Network::Socket::Type socket_type) { switch (socket_type) { case Network::Socket::Type::Stream: return "SocketType::Stream"; case Network::Socket::Type::Datagram: return "SocketType::Datagram"; } NOT_REACHED_GCOVR_EXCL_LINE; } // Finds and returns the DynamicListener for the name provided from listener_map, creating and // inserting one if necessary. envoy::admin::v3::ListenersConfigDump::DynamicListener* getOrCreateDynamicListener( const std::string& name, envoy::admin::v3::ListenersConfigDump& dump, absl::flat_hash_map& listener_map) { auto it = listener_map.find(name); if (it != listener_map.end()) { return it->second; } auto* state = dump.add_dynamic_listeners(); state->set_name(name); listener_map.emplace(name, state); return state; } // Given a listener, dumps the version info, update time and configuration into the // DynamicListenerState provided. void fillState(envoy::admin::v3::ListenersConfigDump::DynamicListenerState& state, const ListenerImpl& listener) { state.set_version_info(listener.versionInfo()); state.mutable_listener()->PackFrom(API_RECOVER_ORIGINAL(listener.config())); TimestampUtil::systemClockToTimestamp(listener.last_updated_, *(state.mutable_last_updated())); } } // namespace bool ListenSocketCreationParams::operator==(const ListenSocketCreationParams& rhs) const { return (bind_to_port == rhs.bind_to_port) && (duplicate_parent_socket == rhs.duplicate_parent_socket); } bool ListenSocketCreationParams::operator!=(const ListenSocketCreationParams& rhs) const { return !operator==(rhs); } std::vector ProdListenerComponentFactory::createNetworkFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) { std::vector ret; for (ssize_t i = 0; i < filters.size(); i++) { const auto& proto_config = filters[i]; ENVOY_LOG(debug, " filter #{}:", i); ENVOY_LOG(debug, " name: {}", proto_config.name()); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage( proto_config.has_typed_config() ? static_cast(proto_config.typed_config()) : static_cast( proto_config.hidden_envoy_deprecated_config()), true)); // Now see if there is a factory that will accept the config. auto& factory = Config::Utility::getAndCheckFactory( proto_config); Config::Utility::validateTerminalFilters(filters[i].name(), factory.name(), "network", factory.isTerminalFilter(), i == filters.size() - 1); auto message = Config::Utility::translateToFactoryConfig( proto_config, filter_chain_factory_context.messageValidationVisitor(), factory); Network::FilterFactoryCb callback = factory.createFilterFactoryFromProto(*message, filter_chain_factory_context); ret.push_back(callback); } return ret; } std::vector ProdListenerComponentFactory::createListenerFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) { std::vector ret; for (ssize_t i = 0; i < filters.size(); i++) { const auto& proto_config = filters[i]; ENVOY_LOG(debug, " filter #{}:", i); ENVOY_LOG(debug, " name: {}", proto_config.name()); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage( proto_config.has_typed_config() ? static_cast(proto_config.typed_config()) : static_cast( proto_config.hidden_envoy_deprecated_config()), true)); // Now see if there is a factory that will accept the config. auto& factory = Config::Utility::getAndCheckFactory( proto_config); auto message = Config::Utility::translateToFactoryConfig( proto_config, context.messageValidationVisitor(), factory); ret.push_back(factory.createListenerFilterFactoryFromProto( *message, createListenerFilterMatcher(proto_config), context)); } return ret; } std::vector ProdListenerComponentFactory::createUdpListenerFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) { std::vector ret; for (ssize_t i = 0; i < filters.size(); i++) { const auto& proto_config = filters[i]; ENVOY_LOG(debug, " filter #{}:", i); ENVOY_LOG(debug, " name: {}", proto_config.name()); ENVOY_LOG(debug, " config: {}", MessageUtil::getJsonStringFromMessage( proto_config.has_typed_config() ? static_cast(proto_config.typed_config()) : static_cast( proto_config.hidden_envoy_deprecated_config()), true)); // Now see if there is a factory that will accept the config. auto& factory = Config::Utility::getAndCheckFactory( proto_config); auto message = Config::Utility::translateToFactoryConfig( proto_config, context.messageValidationVisitor(), factory); ret.push_back(factory.createFilterFactoryFromProto(*message, context)); } return ret; } Network::ListenerFilterMatcherSharedPtr ProdListenerComponentFactory::createListenerFilterMatcher( const envoy::config::listener::v3::ListenerFilter& listener_filter) { if (!listener_filter.has_filter_disabled()) { return nullptr; } return std::shared_ptr( Network::ListenerFilterMatcherBuilder::buildListenerFilterMatcher( listener_filter.filter_disabled())); } Network::SocketSharedPtr ProdListenerComponentFactory::createListenSocket( Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params) { ASSERT(address->type() == Network::Address::Type::Ip || address->type() == Network::Address::Type::Pipe); ASSERT(socket_type == Network::Socket::Type::Stream || socket_type == Network::Socket::Type::Datagram); // For each listener config we share a single socket among all threaded listeners. // First we try to get the socket from our parent if applicable. if (address->type() == Network::Address::Type::Pipe) { if (socket_type != Network::Socket::Type::Stream) { // This could be implemented in the future, since Unix domain sockets // support SOCK_DGRAM, but there would need to be a way to specify it in // envoy.api.v2.core.Pipe. throw EnvoyException( fmt::format("socket type {} not supported for pipes", toString(socket_type))); } const std::string addr = fmt::format("unix://{}", address->asString()); const int fd = server_.hotRestart().duplicateParentListenSocket(addr); Network::IoHandlePtr io_handle = std::make_unique(fd); if (io_handle->isOpen()) { ENVOY_LOG(debug, "obtained socket for address {} from parent", addr); return std::make_shared(std::move(io_handle), address); } return std::make_shared(address); } const std::string scheme = (socket_type == Network::Socket::Type::Stream) ? std::string(Network::Utility::TCP_SCHEME) : std::string(Network::Utility::UDP_SCHEME); const std::string addr = absl::StrCat(scheme, address->asString()); if (params.bind_to_port && params.duplicate_parent_socket) { const int fd = server_.hotRestart().duplicateParentListenSocket(addr); if (fd != -1) { ENVOY_LOG(debug, "obtained socket for address {} from parent", addr); Network::IoHandlePtr io_handle = std::make_unique(fd); if (socket_type == Network::Socket::Type::Stream) { return std::make_shared(std::move(io_handle), address, options); } else { return std::make_shared(std::move(io_handle), address, options); } } } if (socket_type == Network::Socket::Type::Stream) { return std::make_shared(address, options, params.bind_to_port); } else { return std::make_shared(address, options, params.bind_to_port); } } DrainManagerPtr ProdListenerComponentFactory::createDrainManager( envoy::config::listener::v3::Listener::DrainType drain_type) { return DrainManagerPtr{new DrainManagerImpl(server_, drain_type)}; } DrainingFilterChainsManager::DrainingFilterChainsManager(ListenerImplPtr&& draining_listener, uint64_t workers_pending_removal) : draining_listener_(std::move(draining_listener)), workers_pending_removal_(workers_pending_removal) {} ListenerManagerImpl::ListenerManagerImpl(Instance& server, ListenerComponentFactory& listener_factory, WorkerFactory& worker_factory, bool enable_dispatcher_stats) : server_(server), factory_(listener_factory), scope_(server.stats().createScope("listener_manager.")), stats_(generateStats(*scope_)), config_tracker_entry_(server.admin().getConfigTracker().add( "listeners", [this] { return dumpListenerConfigs(); })), enable_dispatcher_stats_(enable_dispatcher_stats) { for (uint32_t i = 0; i < server.options().concurrency(); i++) { workers_.emplace_back( worker_factory.createWorker(i, server.overloadManager(), absl::StrCat("worker_", i))); } } ProtobufTypes::MessagePtr ListenerManagerImpl::dumpListenerConfigs() { auto config_dump = std::make_unique(); config_dump->set_version_info(lds_api_ != nullptr ? lds_api_->versionInfo() : ""); using DynamicListener = envoy::admin::v3::ListenersConfigDump::DynamicListener; using DynamicListenerState = envoy::admin::v3::ListenersConfigDump::DynamicListenerState; absl::flat_hash_map listener_map; for (const auto& listener : active_listeners_) { if (listener->blockRemove()) { auto& static_listener = *config_dump->mutable_static_listeners()->Add(); static_listener.mutable_listener()->PackFrom(API_RECOVER_ORIGINAL(listener->config())); TimestampUtil::systemClockToTimestamp(listener->last_updated_, *(static_listener.mutable_last_updated())); continue; } // Listeners are always added to active_listeners_ list before workers are started. // This applies even when the listeners are still waiting for initialization. // To avoid confusion in config dump, in that case, we add these listeners to warming // listeners config dump rather than active ones. DynamicListener* dynamic_listener = getOrCreateDynamicListener(listener->name(), *config_dump, listener_map); DynamicListenerState* dump_listener; if (workers_started_) { dump_listener = dynamic_listener->mutable_active_state(); } else { dump_listener = dynamic_listener->mutable_warming_state(); } fillState(*dump_listener, *listener); } for (const auto& listener : warming_listeners_) { DynamicListener* dynamic_listener = getOrCreateDynamicListener(listener->name(), *config_dump, listener_map); DynamicListenerState* dump_listener = dynamic_listener->mutable_warming_state(); fillState(*dump_listener, *listener); } for (const auto& draining_listener : draining_listeners_) { const auto& listener = draining_listener.listener_; DynamicListener* dynamic_listener = getOrCreateDynamicListener(listener->name(), *config_dump, listener_map); DynamicListenerState* dump_listener = dynamic_listener->mutable_draining_state(); fillState(*dump_listener, *listener); } for (const auto& [error_name, error_state] : error_state_tracker_) { DynamicListener* dynamic_listener = getOrCreateDynamicListener(error_name, *config_dump, listener_map); const envoy::admin::v3::UpdateFailureState& state = *error_state; dynamic_listener->mutable_error_state()->CopyFrom(state); } // Dump errors not associated with named listeners. for (const auto& error : overall_error_state_) { config_dump->add_dynamic_listeners()->mutable_error_state()->CopyFrom(*error); } return config_dump; } ListenerManagerStats ListenerManagerImpl::generateStats(Stats::Scope& scope) { return {ALL_LISTENER_MANAGER_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope))}; } bool ListenerManagerImpl::addOrUpdateListener(const envoy::config::listener::v3::Listener& config, const std::string& version_info, bool added_via_api) { RELEASE_ASSERT( !config.address().has_envoy_internal_address(), fmt::format("listener {} has envoy internal address {}. Internal address cannot be used by " "listener yet", config.name(), config.address().envoy_internal_address().DebugString())); // TODO(junr03): currently only one ApiListener can be installed via bootstrap to avoid having to // build a collection of listeners, and to have to be able to warm and drain the listeners. In the // future allow multiple ApiListeners, and allow them to be created via LDS as well as bootstrap. if (config.has_api_listener()) { if (!api_listener_ && !added_via_api) { // TODO(junr03): dispatch to different concrete constructors when there are other // ApiListenerImplBase derived classes. api_listener_ = std::make_unique(config, *this, config.name()); return true; } else { ENVOY_LOG(warn, "listener {} can not be added because currently only one ApiListener is " "allowed, and it can only be added via bootstrap configuration"); return false; } } std::string name; if (!config.name().empty()) { name = config.name(); } else { name = server_.api().randomGenerator().uuid(); } auto it = error_state_tracker_.find(name); try { return addOrUpdateListenerInternal(config, version_info, added_via_api, name); } catch (const EnvoyException& e) { if (it == error_state_tracker_.end()) { it = error_state_tracker_.emplace(name, std::make_unique()).first; } TimestampUtil::systemClockToTimestamp(server_.api().timeSource().systemTime(), *(it->second->mutable_last_update_attempt())); it->second->set_details(e.what()); it->second->mutable_failed_configuration()->PackFrom(API_RECOVER_ORIGINAL(config)); throw e; } error_state_tracker_.erase(it); return false; } bool ListenerManagerImpl::addOrUpdateListenerInternal( const envoy::config::listener::v3::Listener& config, const std::string& version_info, bool added_via_api, const std::string& name) { if (listenersStopped(config)) { ENVOY_LOG( debug, "listener {} can not be added because listeners in the traffic direction {} are stopped", name, envoy::config::core::v3::TrafficDirection_Name(config.traffic_direction())); return false; } const uint64_t hash = MessageUtil::hash(config); ENVOY_LOG(debug, "begin add/update listener: name={} hash={}", name, hash); auto existing_active_listener = getListenerByName(active_listeners_, name); auto existing_warming_listener = getListenerByName(warming_listeners_, name); // The listener should be updated back to its original state and the warming listener should be // removed. if (existing_warming_listener != warming_listeners_.end() && existing_active_listener != active_listeners_.end() && (*existing_active_listener)->blockUpdate(hash)) { warming_listeners_.erase(existing_warming_listener); updateWarmingActiveGauges(); stats_.listener_modified_.inc(); return true; } // Do a quick blocked update check before going further. This check needs to be done against both // warming and active. if ((existing_warming_listener != warming_listeners_.end() && (*existing_warming_listener)->blockUpdate(hash)) || (existing_active_listener != active_listeners_.end() && (*existing_active_listener)->blockUpdate(hash))) { ENVOY_LOG(debug, "duplicate/locked listener '{}'. no add/update", name); return false; } ListenerImplPtr new_listener = nullptr; // In place filter chain update depends on the active listener at worker. if (existing_active_listener != active_listeners_.end() && (*existing_active_listener)->supportUpdateFilterChain(config, workers_started_)) { ENVOY_LOG(debug, "use in place update filter chain update path for listener name={} hash={}", name, hash); new_listener = (*existing_active_listener)->newListenerWithFilterChain(config, workers_started_, hash); stats_.listener_in_place_updated_.inc(); } else { ENVOY_LOG(debug, "use full listener update path for listener name={} hash={}", name, hash); new_listener = std::make_unique(config, version_info, *this, name, added_via_api, workers_started_, hash, server_.options().concurrency()); } ListenerImpl& new_listener_ref = *new_listener; // We mandate that a listener with the same name must have the same configured address. This // avoids confusion during updates and allows us to use the same bound address. Note that in // the case of port 0 binding, the new listener will implicitly use the same bound port from // the existing listener. bool active_listener_exists = false; bool warming_listener_exists = false; if (existing_warming_listener != warming_listeners_.end() && *(*existing_warming_listener)->address() != *new_listener->address()) { warming_listener_exists = true; } if (existing_active_listener != active_listeners_.end() && *(*existing_active_listener)->address() != *new_listener->address()) { active_listener_exists = true; } if (active_listener_exists || warming_listener_exists) { const std::string message = fmt::format("error updating listener: '{}' has a different address '{}' from existing " "listener address '{}'", name, new_listener->address()->asString(), warming_listener_exists ? (*existing_warming_listener)->address()->asString() : (*existing_active_listener)->address()->asString()); ENVOY_LOG(warn, "{}", message); throw EnvoyException(message); } bool added = false; if (existing_warming_listener != warming_listeners_.end()) { // In this case we can just replace inline. ASSERT(workers_started_); new_listener->debugLog("update warming listener"); new_listener->setSocketFactory((*existing_warming_listener)->getSocketFactory()); *existing_warming_listener = std::move(new_listener); } else if (existing_active_listener != active_listeners_.end()) { // In this case we have no warming listener, so what we do depends on whether workers // have been started or not. Either way we get the socket from the existing listener. new_listener->setSocketFactory((*existing_active_listener)->getSocketFactory()); if (workers_started_) { new_listener->debugLog("add warming listener"); warming_listeners_.emplace_back(std::move(new_listener)); } else { new_listener->debugLog("update active listener"); *existing_active_listener = std::move(new_listener); } } else { // Typically we catch address issues when we try to bind to the same address multiple times. // However, for listeners that do not bind we must check to make sure we are not duplicating. // This is an edge case and nothing will explicitly break, but there is no possibility that // two listeners that do not bind will ever be used. Only the first one will be used when // searched for by address. Thus we block it. if (!new_listener->bindToPort() && (hasListenerWithAddress(warming_listeners_, *new_listener->address()) || hasListenerWithAddress(active_listeners_, *new_listener->address()))) { const std::string message = fmt::format("error adding listener: '{}' has duplicate address '{}' as existing listener", name, new_listener->address()->asString()); ENVOY_LOG(warn, "{}", message); throw EnvoyException(message); } // We have no warming or active listener so we need to make a new one. What we do depends on // whether workers have been started or not. Additionally, search through draining listeners // to see if there is a listener that has a socket factory for the same address we are // configured for and doesn't use SO_REUSEPORT. This is an edge case, but may happen if a // listener is removed and then added back with a same or different name and intended to listen // on the same address. This should work and not fail. Network::ListenSocketFactorySharedPtr draining_listen_socket_factory; auto existing_draining_listener = std::find_if( draining_listeners_.cbegin(), draining_listeners_.cend(), [&new_listener](const DrainingListener& listener) { return listener.listener_->listenSocketFactory().sharedSocket().has_value() && listener.listener_->listenSocketFactory().sharedSocket()->get().isOpen() && *new_listener->address() == *listener.listener_->listenSocketFactory().localAddress(); }); if (existing_draining_listener != draining_listeners_.cend()) { draining_listen_socket_factory = existing_draining_listener->listener_->getSocketFactory(); } Network::Socket::Type socket_type = Network::Utility::protobufAddressSocketType(config.address()); new_listener->setSocketFactory( draining_listen_socket_factory ? draining_listen_socket_factory : createListenSocketFactory(config.address(), *new_listener, (socket_type == Network::Socket::Type::Datagram) || config.reuse_port())); if (workers_started_) { new_listener->debugLog("add warming listener"); warming_listeners_.emplace_back(std::move(new_listener)); } else { new_listener->debugLog("add active listener"); active_listeners_.emplace_back(std::move(new_listener)); } added = true; } updateWarmingActiveGauges(); if (added) { stats_.listener_added_.inc(); } else { stats_.listener_modified_.inc(); } new_listener_ref.initialize(); return true; } bool ListenerManagerImpl::hasListenerWithAddress(const ListenerList& list, const Network::Address::Instance& address) { for (const auto& listener : list) { if (*listener->address() == address) { return true; } } return false; } bool ListenerManagerImpl::shareSocketWithOtherListener( const ListenerList& list, const Network::ListenSocketFactorySharedPtr& socket_factory) { ASSERT(socket_factory->sharedSocket().has_value()); for (const auto& listener : list) { if (listener->getSocketFactory() == socket_factory) { return true; } } return false; } void ListenerManagerImpl::drainListener(ListenerImplPtr&& listener) { // First add the listener to the draining list. std::list::iterator draining_it = draining_listeners_.emplace( draining_listeners_.begin(), std::move(listener), workers_.size()); // Using set() avoids a multiple modifiers problem during the multiple processes phase of hot // restart. Same below inside the lambda. stats_.total_listeners_draining_.set(draining_listeners_.size()); // Tell all workers to stop accepting new connections on this listener. draining_it->listener_->debugLog("draining listener"); const uint64_t listener_tag = draining_it->listener_->listenerTag(); stopListener( *draining_it->listener_, [this, share_socket = draining_it->listener_->listenSocketFactory().sharedSocket().has_value(), listener_tag]() { if (!share_socket) { // Each listener has its individual socket and closes the socket on its own. return; } for (auto& listener : draining_listeners_) { if (listener.listener_->listenerTag() == listener_tag) { // Handle the edge case when new listener is added for the same address as the drained // one. In this case the socket is shared between both listeners so one should avoid // closing it. const auto& socket_factory = listener.listener_->getSocketFactory(); if (!shareSocketWithOtherListener(active_listeners_, socket_factory) && !shareSocketWithOtherListener(warming_listeners_, socket_factory)) { // Close the socket iff it is not used anymore. ASSERT(listener.listener_->listenSocketFactory().sharedSocket().has_value()); listener.listener_->listenSocketFactory().sharedSocket()->get().close(); } } } }); // Start the drain sequence which completes when the listener's drain manager has completed // draining at whatever the server configured drain times are. draining_it->listener_->localDrainManager().startDrainSequence([this, draining_it]() -> void { draining_it->listener_->debugLog("removing draining listener"); for (const auto& worker : workers_) { // Once the drain time has completed via the drain manager's timer, we tell the workers // to remove the listener. worker->removeListener(*draining_it->listener_, [this, draining_it]() -> void { // The remove listener completion is called on the worker thread. We post back to the // main thread to avoid locking. This makes sure that we don't destroy the listener // while filters might still be using its context (stats, etc.). server_.dispatcher().post([this, draining_it]() -> void { // TODO(lambdai): Resolve race condition below. // Consider the below events in global sequence order // main thread: calling drainListener // work thread: deferred delete the active connection // work thread: post to main that the drain is done // main thread: erase the listener // worker thread: execute destroying connection when the shared listener config is // destroyed at step 4 (could be worse such as access the connection because connection is // not yet started to deleted). The race condition is introduced because 3 occurs too // early. My solution is to defer schedule the callback posting to main thread, by // introducing DeferTaskUtil. So that 5 should always happen before 3. if (--draining_it->workers_pending_removal_ == 0) { draining_it->listener_->debugLog("draining listener removal complete"); draining_listeners_.erase(draining_it); stats_.total_listeners_draining_.set(draining_listeners_.size()); } }); }); } }); updateWarmingActiveGauges(); } ListenerManagerImpl::ListenerList::iterator ListenerManagerImpl::getListenerByName(ListenerList& listeners, const std::string& name) { auto ret = listeners.end(); for (auto it = listeners.begin(); it != listeners.end(); ++it) { if ((*it)->name() == name) { // There should only ever be a single listener per name in the list. We could return faster // but take the opportunity to assert that fact. ASSERT(ret == listeners.end()); ret = it; } } return ret; } std::vector> ListenerManagerImpl::listeners(ListenerState state) { std::vector> ret; size_t size = 0; size += state & WARMING ? warming_listeners_.size() : 0; size += state & ACTIVE ? active_listeners_.size() : 0; size += state & DRAINING ? draining_listeners_.size() : 0; ret.reserve(size); if (state & WARMING) { for (const auto& listener : warming_listeners_) { ret.push_back(*listener); } } if (state & ACTIVE) { for (const auto& listener : active_listeners_) { ret.push_back(*listener); } } if (state & DRAINING) { for (const auto& draining_listener : draining_listeners_) { ret.push_back(*(draining_listener.listener_)); } } return ret; } void ListenerManagerImpl::addListenerToWorker(Worker& worker, absl::optional overridden_listener, ListenerImpl& listener, ListenerCompletionCallback completion_callback) { if (overridden_listener.has_value()) { ENVOY_LOG(debug, "replacing existing listener {}", overridden_listener.value()); worker.addListener(overridden_listener, listener, [this, completion_callback](bool) -> void { server_.dispatcher().post([this, completion_callback]() -> void { stats_.listener_create_success_.inc(); if (completion_callback) { completion_callback(); } }); }); return; } worker.addListener( overridden_listener, listener, [this, &listener, completion_callback](bool success) -> void { // The add listener completion runs on the worker thread. Post back to the main thread to // avoid locking. server_.dispatcher().post([this, success, &listener, completion_callback]() -> void { // It is possible for a listener to get added on 1 worker but not the others. The below // check with onListenerCreateFailure() is there to ensure we execute the // removal/logging/stats at most once on failure. Note also that drain/removal can race // with addition. It's guaranteed that workers process remove after add so this should be // fine. // // TODO(mattklein123): We should consider rewriting how listener sockets are added to // workers, especially in the case of reuse port. If we were to create all needed // listener sockets on the main thread (even in the case of reuse port) we could catch // almost all socket errors here. This would both greatly simplify the logic and allow // for xDS NACK in most cases. if (!success && !listener.onListenerCreateFailure()) { ENVOY_LOG(error, "listener '{}' failed to listen on address '{}' on worker", listener.name(), listener.listenSocketFactory().localAddress()->asString()); stats_.listener_create_failure_.inc(); removeListenerInternal(listener.name(), false); } if (success) { stats_.listener_create_success_.inc(); } if (completion_callback) { completion_callback(); } }); }); } void ListenerManagerImpl::onListenerWarmed(ListenerImpl& listener) { // The warmed listener should be added first so that the worker will accept new connections // when it stops listening on the old listener. for (const auto& worker : workers_) { addListenerToWorker(*worker, absl::nullopt, listener, nullptr); } auto existing_active_listener = getListenerByName(active_listeners_, listener.name()); auto existing_warming_listener = getListenerByName(warming_listeners_, listener.name()); (*existing_warming_listener)->debugLog("warm complete. updating active listener"); if (existing_active_listener != active_listeners_.end()) { // Finish active_listeners_ transformation before calling `drainListener` as it depends on their // state. auto listener = std::move(*existing_active_listener); *existing_active_listener = std::move(*existing_warming_listener); drainListener(std::move(listener)); } else { active_listeners_.emplace_back(std::move(*existing_warming_listener)); } warming_listeners_.erase(existing_warming_listener); updateWarmingActiveGauges(); } void ListenerManagerImpl::inPlaceFilterChainUpdate(ListenerImpl& listener) { auto existing_active_listener = getListenerByName(active_listeners_, listener.name()); auto existing_warming_listener = getListenerByName(warming_listeners_, listener.name()); ASSERT(existing_warming_listener != warming_listeners_.end()); ASSERT(*existing_warming_listener != nullptr); (*existing_warming_listener)->debugLog("execute in place filter chain update"); // Now that in place filter chain update was decided, the replaced listener must be in active // list. It requires stop/remove listener procedure cancelling the in placed update if any. ASSERT(existing_active_listener != active_listeners_.end()); ASSERT(*existing_active_listener != nullptr); for (const auto& worker : workers_) { // Explicitly override the existing listener with a new listener config. addListenerToWorker(*worker, listener.listenerTag(), listener, nullptr); } auto previous_listener = std::move(*existing_active_listener); *existing_active_listener = std::move(*existing_warming_listener); // Finish active_listeners_ transformation before calling `drainFilterChains` as it depends on // their state. drainFilterChains(std::move(previous_listener), **existing_active_listener); warming_listeners_.erase(existing_warming_listener); updateWarmingActiveGauges(); } void ListenerManagerImpl::drainFilterChains(ListenerImplPtr&& draining_listener, ListenerImpl& new_listener) { // First add the listener to the draining list. std::list::iterator draining_group = draining_filter_chains_manager_.emplace(draining_filter_chains_manager_.begin(), std::move(draining_listener), workers_.size()); draining_group->getDrainingListener().diffFilterChain( new_listener, [&draining_group](Network::DrainableFilterChain& filter_chain) mutable { filter_chain.startDraining(); draining_group->addFilterChainToDrain(filter_chain); }); auto filter_chain_size = draining_group->numDrainingFilterChains(); stats_.total_filter_chains_draining_.add(filter_chain_size); draining_group->getDrainingListener().debugLog( absl::StrCat("draining ", filter_chain_size, " filter chains in listener ", draining_group->getDrainingListener().name())); // Start the drain sequence which completes when the listener's drain manager has completed // draining at whatever the server configured drain times are. draining_group->startDrainSequence( server_.options().drainTime(), server_.dispatcher(), [this, draining_group]() -> void { draining_group->getDrainingListener().debugLog( absl::StrCat("removing draining filter chains from listener ", draining_group->getDrainingListener().name())); for (const auto& worker : workers_) { // Once the drain time has completed via the drain manager's timer, we tell the workers // to remove the filter chains. worker->removeFilterChains( draining_group->getDrainingListenerTag(), draining_group->getDrainingFilterChains(), [this, draining_group]() -> void { // The remove listener completion is called on the worker thread. We post back to // the main thread to avoid locking. This makes sure that we don't destroy the // listener while filters might still be using its context (stats, etc.). server_.dispatcher().post([this, draining_group]() -> void { if (draining_group->decWorkersPendingRemoval() == 0) { draining_group->getDrainingListener().debugLog( absl::StrCat("draining filter chains from listener ", draining_group->getDrainingListener().name(), " complete")); stats_.total_filter_chains_draining_.sub( draining_group->numDrainingFilterChains()); draining_filter_chains_manager_.erase(draining_group); } }); }); } }); updateWarmingActiveGauges(); } uint64_t ListenerManagerImpl::numConnections() const { uint64_t num_connections = 0; for (const auto& worker : workers_) { num_connections += worker->numConnections(); } return num_connections; } bool ListenerManagerImpl::removeListener(const std::string& name) { return removeListenerInternal(name, true); } bool ListenerManagerImpl::removeListenerInternal(const std::string& name, bool dynamic_listeners_only) { ENVOY_LOG(debug, "begin remove listener: name={}", name); auto existing_active_listener = getListenerByName(active_listeners_, name); auto existing_warming_listener = getListenerByName(warming_listeners_, name); if ((existing_warming_listener == warming_listeners_.end() || (dynamic_listeners_only && (*existing_warming_listener)->blockRemove())) && (existing_active_listener == active_listeners_.end() || (dynamic_listeners_only && (*existing_active_listener)->blockRemove()))) { ENVOY_LOG(debug, "unknown/locked listener '{}'. no remove", name); return false; } // Destroy a warming listener directly. if (existing_warming_listener != warming_listeners_.end()) { (*existing_warming_listener)->debugLog("removing warming listener"); warming_listeners_.erase(existing_warming_listener); } // If there is an active listener it needs to be moved to draining after workers have started, or // destroyed directly. if (existing_active_listener != active_listeners_.end()) { // Listeners in active_listeners_ are added to workers after workers start, so we drain // listeners only after this occurs. // Finish active_listeners_ transformation before calling `drainListener` as it depends on their // state. auto listener = std::move(*existing_active_listener); active_listeners_.erase(existing_active_listener); if (workers_started_) { drainListener(std::move(listener)); } } stats_.listener_removed_.inc(); updateWarmingActiveGauges(); return true; } void ListenerManagerImpl::startWorkers(GuardDog& guard_dog) { ENVOY_LOG(info, "all dependencies initialized. starting workers"); ASSERT(!workers_started_); workers_started_ = true; uint32_t i = 0; // We can not use "Cleanup" to simplify this logic here, because it results in a issue if Envoy is // killed before workers are actually started. Specifically the AdminRequestGetStatsAndKill test // case in main_common_test fails with ASAN error if we use "Cleanup" here. const auto listeners_pending_init = std::make_shared>(workers_.size() * active_listeners_.size()); for (const auto& worker : workers_) { ENVOY_LOG(debug, "starting worker {}", i); ASSERT(warming_listeners_.empty()); for (const auto& listener : active_listeners_) { addListenerToWorker(*worker, absl::nullopt, *listener, [this, listeners_pending_init]() { if (--(*listeners_pending_init) == 0) { stats_.workers_started_.set(1); } }); } worker->start(guard_dog); if (enable_dispatcher_stats_) { worker->initializeStats(*scope_); } i++; } if (active_listeners_.empty()) { stats_.workers_started_.set(1); } } void ListenerManagerImpl::stopListener(Network::ListenerConfig& listener, std::function callback) { const auto workers_pending_stop = std::make_shared>(workers_.size()); for (const auto& worker : workers_) { worker->stopListener(listener, [this, callback, workers_pending_stop]() { if (--(*workers_pending_stop) == 0) { server_.dispatcher().post(callback); } }); } } void ListenerManagerImpl::stopListeners(StopListenersType stop_listeners_type) { stop_listeners_type_ = stop_listeners_type; for (Network::ListenerConfig& listener : listeners()) { if (stop_listeners_type != StopListenersType::InboundOnly || listener.direction() == envoy::config::core::v3::INBOUND) { ENVOY_LOG(debug, "begin stop listener: name={}", listener.name()); auto existing_warming_listener = getListenerByName(warming_listeners_, listener.name()); // Destroy a warming listener directly. if (existing_warming_listener != warming_listeners_.end()) { (*existing_warming_listener)->debugLog("removing warming listener"); warming_listeners_.erase(existing_warming_listener); } // Close the socket once all workers stopped accepting its connections. // This allows clients to fast fail instead of waiting in the accept queue. const uint64_t listener_tag = listener.listenerTag(); stopListener(listener, [this, share_socket = listener.listenSocketFactory().sharedSocket().has_value(), listener_tag]() { stats_.listener_stopped_.inc(); if (!share_socket) { // Each listener has its own socket and closes the socket // on its own. return; } for (auto& listener : active_listeners_) { if (listener->listenerTag() == listener_tag) { listener->listenSocketFactory().sharedSocket()->get().close(); } } }); } } } void ListenerManagerImpl::stopWorkers() { if (!workers_started_) { return; } for (const auto& worker : workers_) { worker->stop(); } } void ListenerManagerImpl::endListenerUpdate(FailureStates&& failure_states) { overall_error_state_ = std::move(failure_states); } ListenerFilterChainFactoryBuilder::ListenerFilterChainFactoryBuilder( ListenerImpl& listener, Server::Configuration::TransportSocketFactoryContextImpl& factory_context) : ListenerFilterChainFactoryBuilder(listener.validation_visitor_, listener.parent_.factory_, factory_context) {} ListenerFilterChainFactoryBuilder::ListenerFilterChainFactoryBuilder( ProtobufMessage::ValidationVisitor& validator, ListenerComponentFactory& listener_component_factory, Server::Configuration::TransportSocketFactoryContextImpl& factory_context) : validator_(validator), listener_component_factory_(listener_component_factory), factory_context_(factory_context) {} Network::DrainableFilterChainSharedPtr ListenerFilterChainFactoryBuilder::buildFilterChain( const envoy::config::listener::v3::FilterChain& filter_chain, FilterChainFactoryContextCreator& context_creator) const { return buildFilterChainInternal(filter_chain, context_creator.createFilterChainFactoryContext(&filter_chain)); } Network::DrainableFilterChainSharedPtr ListenerFilterChainFactoryBuilder::buildFilterChainInternal( const envoy::config::listener::v3::FilterChain& filter_chain, Configuration::FilterChainFactoryContextPtr&& filter_chain_factory_context) const { // If the cluster doesn't have transport socket configured, then use the default "raw_buffer" // transport socket or BoringSSL-based "tls" transport socket if TLS settings are configured. // We copy by value first then override if necessary. auto transport_socket = filter_chain.transport_socket(); if (!filter_chain.has_transport_socket()) { if (filter_chain.has_hidden_envoy_deprecated_tls_context()) { transport_socket.set_name(Extensions::TransportSockets::TransportSocketNames::get().Tls); transport_socket.mutable_typed_config()->PackFrom( filter_chain.hidden_envoy_deprecated_tls_context()); } else { transport_socket.set_name( Extensions::TransportSockets::TransportSocketNames::get().RawBuffer); } } auto& config_factory = Config::Utility::getAndCheckFactory< Server::Configuration::DownstreamTransportSocketConfigFactory>(transport_socket); ProtobufTypes::MessagePtr message = Config::Utility::translateToFactoryConfig(transport_socket, validator_, config_factory); std::vector server_names(filter_chain.filter_chain_match().server_names().begin(), filter_chain.filter_chain_match().server_names().end()); auto filter_chain_res = std::make_unique(config_factory.createTransportSocketFactory( *message, factory_context_, std::move(server_names)), listener_component_factory_.createNetworkFilterFactoryList( filter_chain.filters(), *filter_chain_factory_context)); filter_chain_res->setFilterChainFactoryContext(std::move(filter_chain_factory_context)); return filter_chain_res; } Network::ListenSocketFactorySharedPtr ListenerManagerImpl::createListenSocketFactory( const envoy::config::core::v3::Address& proto_address, ListenerImpl& listener, bool reuse_port) { Network::Socket::Type socket_type = Network::Utility::protobufAddressSocketType(proto_address); return std::make_shared( factory_, listener.address(), socket_type, listener.listenSocketOptions(), listener.bindToPort(), listener.name(), reuse_port); } ApiListenerOptRef ListenerManagerImpl::apiListener() { return api_listener_ ? ApiListenerOptRef(std::ref(*api_listener_)) : absl::nullopt; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/listener_manager_impl.h ================================================ #pragma once #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/filter.h" #include "envoy/network/listen_socket.h" #include "envoy/server/api_listener.h" #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" #include "envoy/server/listener_manager.h" #include "envoy/server/transport_socket_config.h" #include "envoy/server/worker.h" #include "envoy/stats/scope.h" #include "server/filter_chain_factory_context_callback.h" #include "server/filter_chain_manager_impl.h" #include "server/lds_api.h" #include "server/listener_impl.h" namespace Envoy { namespace Server { namespace Configuration { class TransportSocketFactoryContextImpl; } class ListenerFilterChainFactoryBuilder; /** * Prod implementation of ListenerComponentFactory that creates real sockets and attempts to fetch * sockets from the parent process via the hot restarter. The filter factory list is created from * statically registered filters. */ class ProdListenerComponentFactory : public ListenerComponentFactory, Logger::Loggable { public: ProdListenerComponentFactory(Instance& server) : server_(server) {} /** * Static worker for createNetworkFilterFactoryList() that can be used directly in tests. */ static std::vector createNetworkFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Configuration::FilterChainFactoryContext& filter_chain_factory_context); /** * Static worker for createListenerFilterFactoryList() that can be used directly in tests. */ static std::vector createListenerFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context); /** * Static worker for createUdpListenerFilterFactoryList() that can be used directly in tests. */ static std::vector createUdpListenerFilterFactoryList_( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context); static Network::ListenerFilterMatcherSharedPtr createListenerFilterMatcher(const envoy::config::listener::v3::ListenerFilter& listener_filter); // Server::ListenerComponentFactory LdsApiPtr createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator) override { return std::make_unique( lds_config, lds_resources_locator, server_.clusterManager(), server_.initManager(), server_.stats(), server_.listenerManager(), server_.messageValidationContext().dynamicValidationVisitor()); } std::vector createNetworkFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) override { return createNetworkFilterFactoryList_(filters, filter_chain_factory_context); } std::vector createListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) override { return createListenerFilterFactoryList_(filters, context); } std::vector createUdpListenerFilterFactoryList( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) override { return createUdpListenerFilterFactoryList_(filters, context); } Network::SocketSharedPtr createListenSocket(Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params) override; DrainManagerPtr createDrainManager(envoy::config::listener::v3::Listener::DrainType drain_type) override; uint64_t nextListenerTag() override { return next_listener_tag_++; } private: Instance& server_; uint64_t next_listener_tag_{1}; }; class ListenerImpl; using ListenerImplPtr = std::unique_ptr; /** * All listener manager stats. @see stats_macros.h */ #define ALL_LISTENER_MANAGER_STATS(COUNTER, GAUGE) \ COUNTER(listener_added) \ COUNTER(listener_create_failure) \ COUNTER(listener_create_success) \ COUNTER(listener_in_place_updated) \ COUNTER(listener_modified) \ COUNTER(listener_removed) \ COUNTER(listener_stopped) \ GAUGE(total_filter_chains_draining, NeverImport) \ GAUGE(total_listeners_active, NeverImport) \ GAUGE(total_listeners_draining, NeverImport) \ GAUGE(total_listeners_warming, NeverImport) \ GAUGE(workers_started, NeverImport) /** * Struct definition for all listener manager stats. @see stats_macros.h */ struct ListenerManagerStats { ALL_LISTENER_MANAGER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; /** * Provides the draining filter chains and the functionality to schedule listener destroy. */ class DrainingFilterChainsManager { public: DrainingFilterChainsManager(ListenerImplPtr&& draining_listener, uint64_t workers_pending_removal); uint64_t getDrainingListenerTag() const { return draining_listener_->listenerTag(); } const std::list& getDrainingFilterChains() const { return draining_filter_chains_; } ListenerImpl& getDrainingListener() { return *draining_listener_; } uint64_t decWorkersPendingRemoval() { return --workers_pending_removal_; } // Schedule listener destroy. void startDrainSequence(std::chrono::seconds drain_time, Event::Dispatcher& dispatcher, std::function completion) { drain_sequence_completion_ = completion; ASSERT(!drain_timer_); drain_timer_ = dispatcher.createTimer([this]() -> void { drain_sequence_completion_(); }); drain_timer_->enableTimer(drain_time); } void addFilterChainToDrain(const Network::FilterChain& filter_chain) { draining_filter_chains_.push_back(&filter_chain); } uint32_t numDrainingFilterChains() const { return draining_filter_chains_.size(); } private: ListenerImplPtr draining_listener_; std::list draining_filter_chains_; uint64_t workers_pending_removal_; Event::TimerPtr drain_timer_; std::function drain_sequence_completion_; }; /** * Implementation of ListenerManager. */ class ListenerManagerImpl : public ListenerManager, Logger::Loggable { public: ListenerManagerImpl(Instance& server, ListenerComponentFactory& listener_factory, WorkerFactory& worker_factory, bool enable_dispatcher_stats); void onListenerWarmed(ListenerImpl& listener); void inPlaceFilterChainUpdate(ListenerImpl& listener); // Server::ListenerManager bool addOrUpdateListener(const envoy::config::listener::v3::Listener& config, const std::string& version_info, bool added_via_api) override; void createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config, const udpa::core::v1::ResourceLocator* lds_resources_locator) override { ASSERT(lds_api_ == nullptr); lds_api_ = factory_.createLdsApi(lds_config, lds_resources_locator); } std::vector> listeners(ListenerState state = ListenerState::ACTIVE) override; uint64_t numConnections() const override; bool removeListener(const std::string& listener_name) override; void startWorkers(GuardDog& guard_dog) override; void stopListeners(StopListenersType stop_listeners_type) override; void stopWorkers() override; void beginListenerUpdate() override { error_state_tracker_.clear(); } void endListenerUpdate(FailureStates&& failure_state) override; bool isWorkerStarted() override { return workers_started_; } Http::Context& httpContext() { return server_.httpContext(); } ApiListenerOptRef apiListener() override; Instance& server_; ListenerComponentFactory& factory_; private: using ListenerList = std::list; /** * Callback invoked when a listener initialization is completed on worker. */ using ListenerCompletionCallback = std::function; bool addOrUpdateListenerInternal(const envoy::config::listener::v3::Listener& config, const std::string& version_info, bool added_via_api, const std::string& name); bool removeListenerInternal(const std::string& listener_name, bool dynamic_listeners_only); struct DrainingListener { DrainingListener(ListenerImplPtr&& listener, uint64_t workers_pending_removal) : listener_(std::move(listener)), workers_pending_removal_(workers_pending_removal) {} ListenerImplPtr listener_; uint64_t workers_pending_removal_; }; void addListenerToWorker(Worker& worker, absl::optional overridden_listener, ListenerImpl& listener, ListenerCompletionCallback completion_callback); ProtobufTypes::MessagePtr dumpListenerConfigs(); static ListenerManagerStats generateStats(Stats::Scope& scope); static bool hasListenerWithAddress(const ListenerList& list, const Network::Address::Instance& address); static bool shareSocketWithOtherListener(const ListenerList& list, const Network::ListenSocketFactorySharedPtr& socket_factory); void updateWarmingActiveGauges() { // Using set() avoids a multiple modifiers problem during the multiple processes phase of hot // restart. stats_.total_listeners_warming_.set(warming_listeners_.size()); stats_.total_listeners_active_.set(active_listeners_.size()); } bool listenersStopped(const envoy::config::listener::v3::Listener& config) { // Currently all listeners in a given direction are stopped because of the way admin // drain_listener functionality is implemented. This needs to be revisited, if that changes - if // we support drain by listener name,for example. return stop_listeners_type_ == StopListenersType::All || (stop_listeners_type_ == StopListenersType::InboundOnly && config.traffic_direction() == envoy::config::core::v3::INBOUND); } /** * Mark a listener for draining. The listener will no longer be considered active but will remain * present to allow connection draining. * @param listener supplies the listener to drain. */ void drainListener(ListenerImplPtr&& listener); /** * Start to draining filter chains that are owned by draining listener but not owned by * new_listener. The new listener should have taken over the listener socket and partial of the * filter chains from listener. This method is used by in place filter chain update. * @param draining_listener supplies the listener to be replaced. * @param new_listener supplies the new listener config which is going to replace the draining * listener. */ void drainFilterChains(ListenerImplPtr&& draining_listener, ListenerImpl& new_listener); /** * Stop a listener. The listener will stop accepting new connections and its socket will be * closed. * @param listener supplies the listener to stop. * @param completion supplies the completion to be called when all workers are stopped accepting * new connections. This completion is called on the main thread. */ void stopListener(Network::ListenerConfig& listener, std::function completion); /** * Get a listener by name. This routine is used because listeners have inherent order in static * configuration and especially for tests. Thus, we can't use a map. * @param listeners supplies the listener list to look in. * @param name supplies the name to search for. */ ListenerList::iterator getListenerByName(ListenerList& listeners, const std::string& name); Network::ListenSocketFactorySharedPtr createListenSocketFactory(const envoy::config::core::v3::Address& proto_address, ListenerImpl& listener, bool reuse_port); ApiListenerPtr api_listener_; // Active listeners are listeners that are currently accepting new connections on the workers. ListenerList active_listeners_; // Warming listeners are listeners that may need further initialization via the listener's init // manager. For example, RDS, or in the future KDS. Once a listener is done warming it will // be transitioned to active. ListenerList warming_listeners_; // Draining listeners are listeners that are in the process of being drained and removed. They // go through two phases where first the workers stop accepting new connections and existing // connections are drained. Then after that time period the listener is removed from all workers // and any remaining connections are closed. std::list draining_listeners_; std::list draining_filter_chains_manager_; std::vector workers_; bool workers_started_{}; absl::optional stop_listeners_type_; Stats::ScopePtr scope_; ListenerManagerStats stats_; ConfigTracker::EntryOwnerPtr config_tracker_entry_; LdsApiPtr lds_api_; const bool enable_dispatcher_stats_{}; using UpdateFailureState = envoy::admin::v3::UpdateFailureState; absl::flat_hash_map> error_state_tracker_; FailureStates overall_error_state_; }; class ListenerFilterChainFactoryBuilder : public FilterChainFactoryBuilder { public: ListenerFilterChainFactoryBuilder( ListenerImpl& listener, Configuration::TransportSocketFactoryContextImpl& factory_context); ListenerFilterChainFactoryBuilder( ProtobufMessage::ValidationVisitor& validator, ListenerComponentFactory& listener_component_factory, Server::Configuration::TransportSocketFactoryContextImpl& factory_context); Network::DrainableFilterChainSharedPtr buildFilterChain(const envoy::config::listener::v3::FilterChain& filter_chain, FilterChainFactoryContextCreator& context_creator) const override; private: Network::DrainableFilterChainSharedPtr buildFilterChainInternal( const envoy::config::listener::v3::FilterChain& filter_chain, Configuration::FilterChainFactoryContextPtr&& filter_chain_factory_context) const; ProtobufMessage::ValidationVisitor& validator_; ListenerComponentFactory& listener_component_factory_; Configuration::TransportSocketFactoryContextImpl& factory_context_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/options_impl.cc ================================================ #include "server/options_impl.h" #include #include #include #include #include "envoy/admin/v3/server_info.pb.h" #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/macros.h" #include "common/protobuf/utility.h" #include "common/version/version.h" #include "server/options_impl_platform.h" #include "absl/strings/str_replace.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" #include "spdlog/spdlog.h" #include "tclap/CmdLine.h" namespace Envoy { namespace { std::vector toArgsVector(int argc, const char* const* argv) { std::vector args; args.reserve(argc); for (int i = 0; i < argc; ++i) { args.emplace_back(argv[i]); } return args; } } // namespace OptionsImpl::OptionsImpl(int argc, const char* const* argv, const HotRestartVersionCb& hot_restart_version_cb, spdlog::level::level_enum default_log_level) : OptionsImpl(toArgsVector(argc, argv), hot_restart_version_cb, default_log_level) {} OptionsImpl::OptionsImpl(std::vector args, const HotRestartVersionCb& hot_restart_version_cb, spdlog::level::level_enum default_log_level) : signal_handling_enabled_(true) { std::string log_levels_string = fmt::format("Log levels: {}", allowedLogLevels()); log_levels_string += fmt::format("\nDefault is [{}]", spdlog::level::level_string_views[default_log_level]); const std::string component_log_level_string = "Comma separated list of component log levels. For example upstream:debug,config:trace"; const std::string log_format_string = fmt::format("Log message format in spdlog syntax " "(see https://github.com/gabime/spdlog/wiki/3.-Custom-formatting)" "\nDefault is \"{}\"", Logger::Logger::DEFAULT_LOG_FORMAT); TCLAP::CmdLine cmd("envoy", ' ', VersionInfo::version()); TCLAP::ValueArg base_id( "", "base-id", "base ID so that multiple envoys can run on the same host if needed", false, 0, "uint32_t", cmd); TCLAP::SwitchArg use_dynamic_base_id( "", "use-dynamic-base-id", "the server chooses a base ID dynamically. Supersedes a static base ID. May not be used " "when the restart epoch is non-zero.", cmd, false); TCLAP::ValueArg base_id_path( "", "base-id-path", "path to which the base ID is written", false, "", "string", cmd); TCLAP::ValueArg concurrency("", "concurrency", "# of worker threads to run", false, std::thread::hardware_concurrency(), "uint32_t", cmd); TCLAP::ValueArg config_path("c", "config-path", "Path to configuration file", false, "", "string", cmd); TCLAP::ValueArg config_yaml( "", "config-yaml", "Inline YAML configuration, merges with the contents of --config-path", false, "", "string", cmd); TCLAP::ValueArg bootstrap_version( "", "bootstrap-version", "API version to parse the bootstrap config as (e.g. 3). If " "unset, all known versions will be attempted", false, 0, "string", cmd); TCLAP::SwitchArg allow_unknown_fields("", "allow-unknown-fields", "allow unknown fields in static configuration (DEPRECATED)", cmd, false); TCLAP::SwitchArg allow_unknown_static_fields("", "allow-unknown-static-fields", "allow unknown fields in static configuration", cmd, false); TCLAP::SwitchArg reject_unknown_dynamic_fields("", "reject-unknown-dynamic-fields", "reject unknown fields in dynamic configuration", cmd, false); TCLAP::SwitchArg ignore_unknown_dynamic_fields("", "ignore-unknown-dynamic-fields", "ignore unknown fields in dynamic configuration", cmd, false); TCLAP::ValueArg admin_address_path("", "admin-address-path", "Admin address path", false, "", "string", cmd); TCLAP::ValueArg local_address_ip_version("", "local-address-ip-version", "The local " "IP address version (v4 or v6).", false, "v4", "string", cmd); TCLAP::ValueArg log_level( "l", "log-level", log_levels_string, false, spdlog::level::level_string_views[default_log_level].data(), "string", cmd); TCLAP::ValueArg component_log_level( "", "component-log-level", component_log_level_string, false, "", "string", cmd); TCLAP::ValueArg log_format("", "log-format", log_format_string, false, Logger::Logger::DEFAULT_LOG_FORMAT, "string", cmd); TCLAP::SwitchArg log_format_escaped("", "log-format-escaped", "Escape c-style escape sequences in the application logs", cmd, false); TCLAP::SwitchArg enable_fine_grain_logging( "", "enable-fine-grain-logging", "Logger mode: enable file level log control(Fancy Logger)or not", cmd, false); TCLAP::ValueArg log_format_prefix_with_location( "", "log-format-prefix-with-location", "Prefix all occurrences of '%v' in log format with with '[%g:%#] ' ('[path/to/file.cc:99] " "').", false, false, "bool", cmd); TCLAP::ValueArg log_path("", "log-path", "Path to logfile", false, "", "string", cmd); TCLAP::ValueArg restart_epoch("", "restart-epoch", "hot restart epoch #", false, 0, "uint32_t", cmd); TCLAP::SwitchArg hot_restart_version_option("", "hot-restart-version", "hot restart compatibility version", cmd); TCLAP::ValueArg service_cluster("", "service-cluster", "Cluster name", false, "", "string", cmd); TCLAP::ValueArg service_node("", "service-node", "Node name", false, "", "string", cmd); TCLAP::ValueArg service_zone("", "service-zone", "Zone name", false, "", "string", cmd); TCLAP::ValueArg file_flush_interval_msec("", "file-flush-interval-msec", "Interval for log flushing in msec", false, 10000, "uint32_t", cmd); TCLAP::ValueArg drain_time_s("", "drain-time-s", "Hot restart and LDS removal drain time in seconds", false, 600, "uint32_t", cmd); TCLAP::ValueArg drain_strategy( "", "drain-strategy", "Hot restart drain sequence behaviour, one of 'gradual' (default) or 'immediate'.", false, "gradual", "string", cmd); TCLAP::ValueArg parent_shutdown_time_s("", "parent-shutdown-time-s", "Hot restart parent shutdown time in seconds", false, 900, "uint32_t", cmd); TCLAP::ValueArg mode("", "mode", "One of 'serve' (default; validate configs and then serve " "traffic normally) or 'validate' (validate configs and exit).", false, "serve", "string", cmd); TCLAP::SwitchArg disable_hot_restart("", "disable-hot-restart", "Disable hot restart functionality", cmd, false); TCLAP::SwitchArg enable_mutex_tracing( "", "enable-mutex-tracing", "Enable mutex contention tracing functionality", cmd, false); TCLAP::SwitchArg cpuset_threads( "", "cpuset-threads", "Get the default # of worker threads from cpuset size", cmd, false); TCLAP::ValueArg use_fake_symbol_table("", "use-fake-symbol-table", "Use fake symbol table implementation", false, false, "bool", cmd); TCLAP::ValueArg disable_extensions("", "disable-extensions", "Comma-separated list of extensions to disable", false, "", "string", cmd); TCLAP::ValueArg socket_path("", "socket-path", "Path to hot restart socket file", false, "@envoy_domain_socket", "string", cmd); TCLAP::ValueArg socket_mode("", "socket-mode", "Socket file permission", false, "600", "string", cmd); cmd.setExceptionHandling(false); try { cmd.parse(args); count_ = cmd.getArgList().size(); } catch (TCLAP::ArgException& e) { try { cmd.getOutput()->failure(cmd, e); } catch (const TCLAP::ExitException&) { // failure() has already written an informative message to stderr, so all that's left to do // is throw our own exception with the original message. throw MalformedArgvException(e.what()); } } catch (const TCLAP::ExitException& e) { // parse() throws an ExitException with status 0 after printing the output for --help and // --version. throw NoServingException(); } hot_restart_disabled_ = disable_hot_restart.getValue(); mutex_tracing_enabled_ = enable_mutex_tracing.getValue(); fake_symbol_table_enabled_ = use_fake_symbol_table.getValue(); if (fake_symbol_table_enabled_) { ENVOY_LOG(warn, "Fake symbol tables have been removed. Please remove references to " "--use-fake-symbol-table"); } cpuset_threads_ = cpuset_threads.getValue(); if (log_level.isSet()) { log_level_ = parseAndValidateLogLevel(log_level.getValue()); } else { log_level_ = default_log_level; } log_format_ = log_format.getValue(); if (log_format_prefix_with_location.getValue()) { log_format_ = absl::StrReplaceAll(log_format_, {{"%%", "%%"}, {"%v", "[%g:%#] %v"}}); } log_format_escaped_ = log_format_escaped.getValue(); enable_fine_grain_logging_ = enable_fine_grain_logging.getValue(); parseComponentLogLevels(component_log_level.getValue()); if (mode.getValue() == "serve") { mode_ = Server::Mode::Serve; } else if (mode.getValue() == "validate") { mode_ = Server::Mode::Validate; } else if (mode.getValue() == "init_only") { mode_ = Server::Mode::InitOnly; } else { const std::string message = fmt::format("error: unknown mode '{}'", mode.getValue()); throw MalformedArgvException(message); } if (local_address_ip_version.getValue() == "v4") { local_address_ip_version_ = Network::Address::IpVersion::v4; } else if (local_address_ip_version.getValue() == "v6") { local_address_ip_version_ = Network::Address::IpVersion::v6; } else { const std::string message = fmt::format("error: unknown IP address version '{}'", local_address_ip_version.getValue()); throw MalformedArgvException(message); } base_id_ = base_id.getValue(); use_dynamic_base_id_ = use_dynamic_base_id.getValue(); base_id_path_ = base_id_path.getValue(); restart_epoch_ = restart_epoch.getValue(); if (use_dynamic_base_id_ && restart_epoch_ > 0) { const std::string message = fmt::format( "error: cannot use --restart-epoch={} with --use-dynamic-base-id", restart_epoch_); throw MalformedArgvException(message); } if (!concurrency.isSet() && cpuset_threads_) { // The 'concurrency' command line option wasn't set but the 'cpuset-threads' // option was set. Use the number of CPUs assigned to the process cpuset, if // that can be known. concurrency_ = OptionsImplPlatform::getCpuCount(); } else { if (concurrency.isSet() && cpuset_threads_ && cpuset_threads.isSet()) { ENVOY_LOG(warn, "Both --concurrency and --cpuset-threads options are set; not applying " "--cpuset-threads."); } concurrency_ = std::max(1U, concurrency.getValue()); } config_path_ = config_path.getValue(); config_yaml_ = config_yaml.getValue(); if (bootstrap_version.getValue() != 0) { bootstrap_version_ = bootstrap_version.getValue(); } if (allow_unknown_fields.getValue()) { ENVOY_LOG(warn, "--allow-unknown-fields is deprecated, use --allow-unknown-static-fields instead."); } allow_unknown_static_fields_ = allow_unknown_static_fields.getValue() || allow_unknown_fields.getValue(); reject_unknown_dynamic_fields_ = reject_unknown_dynamic_fields.getValue(); ignore_unknown_dynamic_fields_ = ignore_unknown_dynamic_fields.getValue(); admin_address_path_ = admin_address_path.getValue(); log_path_ = log_path.getValue(); service_cluster_ = service_cluster.getValue(); service_node_ = service_node.getValue(); service_zone_ = service_zone.getValue(); file_flush_interval_msec_ = std::chrono::milliseconds(file_flush_interval_msec.getValue()); drain_time_ = std::chrono::seconds(drain_time_s.getValue()); parent_shutdown_time_ = std::chrono::seconds(parent_shutdown_time_s.getValue()); socket_path_ = socket_path.getValue(); if (socket_path_.at(0) == '@') { socket_mode_ = 0; } else { uint64_t socket_mode_helper; if (!StringUtil::atoull(socket_mode.getValue().c_str(), socket_mode_helper, 8)) { throw MalformedArgvException( fmt::format("error: invalid socket-mode '{}'", socket_mode.getValue())); } socket_mode_ = socket_mode_helper; } if (drain_strategy.getValue() == "immediate") { drain_strategy_ = Server::DrainStrategy::Immediate; } else if (drain_strategy.getValue() == "gradual") { drain_strategy_ = Server::DrainStrategy::Gradual; } else { throw MalformedArgvException( fmt::format("error: unknown drain-strategy '{}'", mode.getValue())); } if (hot_restart_version_option.getValue()) { std::cerr << hot_restart_version_cb(!hot_restart_disabled_); throw NoServingException(); } if (!disable_extensions.getValue().empty()) { disabled_extensions_ = absl::StrSplit(disable_extensions.getValue(), ','); } } spdlog::level::level_enum OptionsImpl::parseAndValidateLogLevel(absl::string_view log_level) { if (log_level == "warn") { return spdlog::level::level_enum::warn; } size_t level_to_use = std::numeric_limits::max(); for (size_t i = 0; i < ARRAY_SIZE(spdlog::level::level_string_views); i++) { spdlog::string_view_t spd_log_level = spdlog::level::level_string_views[i]; if (log_level == absl::string_view(spd_log_level.data(), spd_log_level.size())) { level_to_use = i; break; } } if (level_to_use == std::numeric_limits::max()) { logError(fmt::format("error: invalid log level specified '{}'", log_level)); } return static_cast(level_to_use); } std::string OptionsImpl::allowedLogLevels() { std::string allowed_log_levels; for (auto level_string_view : spdlog::level::level_string_views) { if (level_string_view == spdlog::level::to_string_view(spdlog::level::warn)) { allowed_log_levels += fmt::format("[{}|warn]", level_string_view); } else { allowed_log_levels += fmt::format("[{}]", level_string_view); } } return allowed_log_levels; } void OptionsImpl::parseComponentLogLevels(const std::string& component_log_levels) { if (component_log_levels.empty()) { return; } component_log_level_str_ = component_log_levels; std::vector log_levels = absl::StrSplit(component_log_levels, ','); for (auto& level : log_levels) { std::vector log_name_level = absl::StrSplit(level, ':'); if (log_name_level.size() != 2) { logError(fmt::format("error: component log level not correctly specified '{}'", level)); } std::string log_name = log_name_level[0]; spdlog::level::level_enum log_level = parseAndValidateLogLevel(log_name_level[1]); Logger::Logger* logger_to_change = Logger::Registry::logger(log_name); if (!logger_to_change) { logError(fmt::format("error: invalid component specified '{}'", log_name)); } component_log_levels_.push_back(std::make_pair(log_name, log_level)); } } uint32_t OptionsImpl::count() const { return count_; } void OptionsImpl::logError(const std::string& error) const { throw MalformedArgvException(error); } Server::CommandLineOptionsPtr OptionsImpl::toCommandLineOptions() const { Server::CommandLineOptionsPtr command_line_options = std::make_unique(); command_line_options->set_base_id(baseId()); command_line_options->set_use_dynamic_base_id(useDynamicBaseId()); command_line_options->set_base_id_path(baseIdPath()); command_line_options->set_concurrency(concurrency()); command_line_options->set_config_path(configPath()); command_line_options->set_config_yaml(configYaml()); command_line_options->set_allow_unknown_static_fields(allow_unknown_static_fields_); command_line_options->set_reject_unknown_dynamic_fields(reject_unknown_dynamic_fields_); command_line_options->set_ignore_unknown_dynamic_fields(ignore_unknown_dynamic_fields_); command_line_options->set_admin_address_path(adminAddressPath()); command_line_options->set_component_log_level(component_log_level_str_); command_line_options->set_log_level(spdlog::level::to_string_view(logLevel()).data(), spdlog::level::to_string_view(logLevel()).size()); command_line_options->set_log_format(logFormat()); command_line_options->set_log_format_escaped(logFormatEscaped()); command_line_options->set_enable_fine_grain_logging(enableFineGrainLogging()); command_line_options->set_log_path(logPath()); command_line_options->set_service_cluster(serviceClusterName()); command_line_options->set_service_node(serviceNodeName()); command_line_options->set_service_zone(serviceZone()); if (mode() == Server::Mode::Serve) { command_line_options->set_mode(envoy::admin::v3::CommandLineOptions::Serve); } else if (mode() == Server::Mode::Validate) { command_line_options->set_mode(envoy::admin::v3::CommandLineOptions::Validate); } else { command_line_options->set_mode(envoy::admin::v3::CommandLineOptions::InitOnly); } if (localAddressIpVersion() == Network::Address::IpVersion::v4) { command_line_options->set_local_address_ip_version(envoy::admin::v3::CommandLineOptions::v4); } else { command_line_options->set_local_address_ip_version(envoy::admin::v3::CommandLineOptions::v6); } command_line_options->mutable_file_flush_interval()->MergeFrom( Protobuf::util::TimeUtil::MillisecondsToDuration(fileFlushIntervalMsec().count())); command_line_options->mutable_drain_time()->MergeFrom( Protobuf::util::TimeUtil::SecondsToDuration(drainTime().count())); command_line_options->set_drain_strategy(drainStrategy() == Server::DrainStrategy::Immediate ? envoy::admin::v3::CommandLineOptions::Immediate : envoy::admin::v3::CommandLineOptions::Gradual); command_line_options->mutable_parent_shutdown_time()->MergeFrom( Protobuf::util::TimeUtil::SecondsToDuration(parentShutdownTime().count())); command_line_options->set_disable_hot_restart(hotRestartDisabled()); command_line_options->set_enable_mutex_tracing(mutexTracingEnabled()); command_line_options->set_cpuset_threads(cpusetThreadsEnabled()); command_line_options->set_restart_epoch(restartEpoch()); for (const auto& e : disabledExtensions()) { command_line_options->add_disabled_extensions(e); } command_line_options->set_socket_path(socketPath()); command_line_options->set_socket_mode(socketMode()); return command_line_options; } OptionsImpl::OptionsImpl(const std::string& service_cluster, const std::string& service_node, const std::string& service_zone, spdlog::level::level_enum log_level) : base_id_(0u), use_dynamic_base_id_(false), base_id_path_(""), concurrency_(1u), config_path_(""), config_yaml_(""), local_address_ip_version_(Network::Address::IpVersion::v4), log_level_(log_level), log_format_(Logger::Logger::DEFAULT_LOG_FORMAT), log_format_escaped_(false), restart_epoch_(0u), service_cluster_(service_cluster), service_node_(service_node), service_zone_(service_zone), file_flush_interval_msec_(10000), drain_time_(600), parent_shutdown_time_(900), drain_strategy_(Server::DrainStrategy::Gradual), mode_(Server::Mode::Serve), hot_restart_disabled_(false), signal_handling_enabled_(true), mutex_tracing_enabled_(false), cpuset_threads_(false), fake_symbol_table_enabled_(false), socket_path_("@envoy_domain_socket"), socket_mode_(0) {} void OptionsImpl::disableExtensions(const std::vector& names) { for (const auto& name : names) { const std::vector parts = absl::StrSplit(name, absl::MaxSplits('/', 1)); if (parts.size() != 2) { ENVOY_LOG_MISC(warn, "failed to disable invalid extension name '{}'", name); continue; } if (Registry::FactoryCategoryRegistry::disableFactory(parts[0], parts[1])) { ENVOY_LOG_MISC(info, "disabled extension '{}'", name); } else { ENVOY_LOG_MISC(warn, "failed to disable unknown extension '{}'", name); } } } } // namespace Envoy ================================================ FILE: source/server/options_impl.h ================================================ #pragma once #include #include #include #include "envoy/common/exception.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/registry/registry.h" #include "envoy/server/options.h" #include "common/common/logger.h" #include "spdlog/spdlog.h" namespace Envoy { /** * Implementation of Server::Options. */ class OptionsImpl : public Server::Options, protected Logger::Loggable { public: /** * Parameters are hot_restart_enabled */ using HotRestartVersionCb = std::function; /** * @throw NoServingException if Envoy has already done everything specified by the args (e.g. * print the hot restart version) and it's time to exit without serving HTTP traffic. The * caller should exit(0) after any necessary cleanup. * @throw MalformedArgvException if something is wrong with the arguments (invalid flag or flag * value). The caller should call exit(1) after any necessary cleanup. */ OptionsImpl(int argc, const char* const* argv, const HotRestartVersionCb& hot_restart_version_cb, spdlog::level::level_enum default_log_level); /** * @throw NoServingException if Envoy has already done everything specified by the args (e.g. * print the hot restart version) and it's time to exit without serving HTTP traffic. The * caller should exit(0) after any necessary cleanup. * @throw MalformedArgvException if something is wrong with the arguments (invalid flag or flag * value). The caller should call exit(1) after any necessary cleanup. */ OptionsImpl(std::vector args, const HotRestartVersionCb& hot_restart_version_cb, spdlog::level::level_enum default_log_level); // Test constructor; creates "reasonable" defaults, but desired values should be set explicitly. OptionsImpl(const std::string& service_cluster, const std::string& service_node, const std::string& service_zone, spdlog::level::level_enum log_level); // Setters for option fields. These are not part of the Options interface. void setBaseId(uint64_t base_id) { base_id_ = base_id; }; void setUseDynamicBaseId(bool use_dynamic_base_id) { use_dynamic_base_id_ = use_dynamic_base_id; } void setBaseIdPath(const std::string& base_id_path) { base_id_path_ = base_id_path; } void setConcurrency(uint32_t concurrency) { concurrency_ = concurrency; } void setConfigPath(const std::string& config_path) { config_path_ = config_path; } void setConfigProto(const envoy::config::bootstrap::v3::Bootstrap& config_proto) { config_proto_ = config_proto; } void setConfigYaml(const std::string& config_yaml) { config_yaml_ = config_yaml; } void setBootstrapVersion(uint32_t bootstrap_version) { bootstrap_version_ = bootstrap_version; } void setAdminAddressPath(const std::string& admin_address_path) { admin_address_path_ = admin_address_path; } void setLocalAddressIpVersion(Network::Address::IpVersion local_address_ip_version) { local_address_ip_version_ = local_address_ip_version; } void setDrainTime(std::chrono::seconds drain_time) { drain_time_ = drain_time; } void setParentShutdownTime(std::chrono::seconds parent_shutdown_time) { parent_shutdown_time_ = parent_shutdown_time; } void setDrainStrategy(Server::DrainStrategy drain_strategy) { drain_strategy_ = drain_strategy; } void setLogLevel(spdlog::level::level_enum log_level) { log_level_ = log_level; } void setLogFormat(const std::string& log_format) { log_format_ = log_format; } void setLogPath(const std::string& log_path) { log_path_ = log_path; } void setRestartEpoch(uint64_t restart_epoch) { restart_epoch_ = restart_epoch; } void setMode(Server::Mode mode) { mode_ = mode; } void setFileFlushIntervalMsec(std::chrono::milliseconds file_flush_interval_msec) { file_flush_interval_msec_ = file_flush_interval_msec; } void setServiceClusterName(const std::string& service_cluster) { service_cluster_ = service_cluster; } void setServiceNodeName(const std::string& service_node) { service_node_ = service_node; } void setServiceZone(const std::string& service_zone) { service_zone_ = service_zone; } void setHotRestartDisabled(bool hot_restart_disabled) { hot_restart_disabled_ = hot_restart_disabled; } void setSignalHandling(bool signal_handling_enabled) { signal_handling_enabled_ = signal_handling_enabled; } void setCpusetThreads(bool cpuset_threads_enabled) { cpuset_threads_ = cpuset_threads_enabled; } void setAllowUnkownFields(bool allow_unknown_static_fields) { allow_unknown_static_fields_ = allow_unknown_static_fields; } void setRejectUnknownFieldsDynamic(bool reject_unknown_dynamic_fields) { reject_unknown_dynamic_fields_ = reject_unknown_dynamic_fields; } void setIgnoreUnknownFieldsDynamic(bool ignore_unknown_dynamic_fields) { ignore_unknown_dynamic_fields_ = ignore_unknown_dynamic_fields; } void setFakeSymbolTableEnabled(bool fake_symbol_table_enabled) { fake_symbol_table_enabled_ = fake_symbol_table_enabled; } void setSocketPath(const std::string& socket_path) { socket_path_ = socket_path; } void setSocketMode(mode_t socket_mode) { socket_mode_ = socket_mode; } // Server::Options uint64_t baseId() const override { return base_id_; } bool useDynamicBaseId() const override { return use_dynamic_base_id_; } const std::string& baseIdPath() const override { return base_id_path_; } uint32_t concurrency() const override { return concurrency_; } const std::string& configPath() const override { return config_path_; } const envoy::config::bootstrap::v3::Bootstrap& configProto() const override { return config_proto_; } const absl::optional& bootstrapVersion() const override { return bootstrap_version_; } const std::string& configYaml() const override { return config_yaml_; } bool allowUnknownStaticFields() const override { return allow_unknown_static_fields_; } bool rejectUnknownDynamicFields() const override { return reject_unknown_dynamic_fields_; } bool ignoreUnknownDynamicFields() const override { return ignore_unknown_dynamic_fields_; } const std::string& adminAddressPath() const override { return admin_address_path_; } Network::Address::IpVersion localAddressIpVersion() const override { return local_address_ip_version_; } std::chrono::seconds drainTime() const override { return drain_time_; } std::chrono::seconds parentShutdownTime() const override { return parent_shutdown_time_; } Server::DrainStrategy drainStrategy() const override { return drain_strategy_; } spdlog::level::level_enum logLevel() const override { return log_level_; } const std::vector>& componentLogLevels() const override { return component_log_levels_; } const std::string& logFormat() const override { return log_format_; } bool logFormatEscaped() const override { return log_format_escaped_; } bool enableFineGrainLogging() const override { return enable_fine_grain_logging_; } const std::string& logPath() const override { return log_path_; } uint64_t restartEpoch() const override { return restart_epoch_; } Server::Mode mode() const override { return mode_; } std::chrono::milliseconds fileFlushIntervalMsec() const override { return file_flush_interval_msec_; } const std::string& serviceClusterName() const override { return service_cluster_; } const std::string& serviceNodeName() const override { return service_node_; } const std::string& serviceZone() const override { return service_zone_; } bool hotRestartDisabled() const override { return hot_restart_disabled_; } bool signalHandlingEnabled() const override { return signal_handling_enabled_; } bool mutexTracingEnabled() const override { return mutex_tracing_enabled_; } bool fakeSymbolTableEnabled() const override { return fake_symbol_table_enabled_; } Server::CommandLineOptionsPtr toCommandLineOptions() const override; void parseComponentLogLevels(const std::string& component_log_levels); bool cpusetThreadsEnabled() const override { return cpuset_threads_; } const std::vector& disabledExtensions() const override { return disabled_extensions_; } uint32_t count() const; const std::string& socketPath() const override { return socket_path_; } mode_t socketMode() const override { return socket_mode_; } /** * disableExtensions parses the given set of extension names of * the form $CATEGORY/$NAME, and disables the corresponding extension * factories. */ static void disableExtensions(const std::vector&); static std::string allowedLogLevels(); private: void logError(const std::string& error) const; spdlog::level::level_enum parseAndValidateLogLevel(absl::string_view log_level); uint64_t base_id_; bool use_dynamic_base_id_; std::string base_id_path_; uint32_t concurrency_; std::string config_path_; envoy::config::bootstrap::v3::Bootstrap config_proto_; absl::optional bootstrap_version_; std::string config_yaml_; bool allow_unknown_static_fields_{false}; bool reject_unknown_dynamic_fields_{false}; bool ignore_unknown_dynamic_fields_{false}; std::string admin_address_path_; Network::Address::IpVersion local_address_ip_version_; spdlog::level::level_enum log_level_; std::vector> component_log_levels_; std::string component_log_level_str_; std::string log_format_; bool log_format_escaped_; std::string log_path_; uint64_t restart_epoch_; std::string service_cluster_; std::string service_node_; std::string service_zone_; std::chrono::milliseconds file_flush_interval_msec_; std::chrono::seconds drain_time_; std::chrono::seconds parent_shutdown_time_; Server::DrainStrategy drain_strategy_; Server::Mode mode_; bool hot_restart_disabled_; bool signal_handling_enabled_; bool mutex_tracing_enabled_; bool cpuset_threads_; bool fake_symbol_table_enabled_; std::vector disabled_extensions_; uint32_t count_; // Initialization added here to avoid integration_admin_test failure caused by uninitialized // enable_fine_grain_logging_. bool enable_fine_grain_logging_ = false; std::string socket_path_; mode_t socket_mode_; }; /** * Thrown when an OptionsImpl was not constructed because all of Envoy's work is done (for example, * it was started with --help and it's already printed a help message) so all that's left to do is * exit successfully. */ class NoServingException : public EnvoyException { public: NoServingException() : EnvoyException("NoServingException") {} }; /** * Thrown when an OptionsImpl was not constructed because the argv was invalid. */ class MalformedArgvException : public EnvoyException { public: MalformedArgvException(const std::string& what) : EnvoyException(what) {} }; } // namespace Envoy ================================================ FILE: source/server/options_impl_platform.h ================================================ #pragma once #include #include "common/common/logger.h" namespace Envoy { class OptionsImplPlatform : protected Logger::Loggable { public: static uint32_t getCpuCount(); }; } // namespace Envoy ================================================ FILE: source/server/options_impl_platform_default.cc ================================================ #include #include "common/common/logger.h" #include "server/options_impl_platform.h" namespace Envoy { uint32_t OptionsImplPlatform::getCpuCount() { ENVOY_LOG(warn, "CPU number provided by HW thread count (instead of cpuset)."); return std::thread::hardware_concurrency(); } } // namespace Envoy ================================================ FILE: source/server/options_impl_platform_linux.cc ================================================ #if !defined(__linux__) #error "Linux platform file is part of non-Linux build." #endif #include "server/options_impl_platform_linux.h" #include #include #include "common/api/os_sys_calls_impl_linux.h" #include "server/options_impl_platform.h" namespace Envoy { uint32_t OptionsImplPlatformLinux::getCpuAffinityCount(unsigned int hw_threads) { unsigned int threads = 0; pid_t pid = getpid(); cpu_set_t mask; auto& linux_os_syscalls = Api::LinuxOsSysCallsSingleton::get(); CPU_ZERO(&mask); const Api::SysCallIntResult result = linux_os_syscalls.sched_getaffinity(pid, sizeof(cpu_set_t), &mask); if (result.rc_ == -1) { // Fall back to number of hardware threads. return hw_threads; } threads = CPU_COUNT(&mask); // Sanity check. if (threads > 0 && threads <= hw_threads) { return threads; } return hw_threads; } uint32_t OptionsImplPlatform::getCpuCount() { unsigned int hw_threads = std::max(1U, std::thread::hardware_concurrency()); return OptionsImplPlatformLinux::getCpuAffinityCount(hw_threads); } } // namespace Envoy ================================================ FILE: source/server/options_impl_platform_linux.h ================================================ #pragma once #if !defined(__linux__) #error "Linux platform file is part of non-Linux build." #endif #include #include namespace Envoy { class OptionsImplPlatformLinux { public: static uint32_t getCpuAffinityCount(unsigned int hw_threads); }; } // namespace Envoy ================================================ FILE: source/server/overload_manager_impl.cc ================================================ #include "server/overload_manager_impl.h" #include "envoy/common/exception.h" #include "envoy/config/overload/v3/overload.pb.h" #include "envoy/stats/scope.h" #include "common/common/fmt.h" #include "common/config/utility.h" #include "common/protobuf/utility.h" #include "common/stats/symbol_table_impl.h" #include "server/resource_monitor_config_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Server { namespace { class ThresholdTriggerImpl final : public OverloadAction::Trigger { public: ThresholdTriggerImpl(const envoy::config::overload::v3::ThresholdTrigger& config) : threshold_(config.value()), state_(OverloadActionState::inactive()) {} bool updateValue(double value) override { const OverloadActionState state = actionState(); state_ = value >= threshold_ ? OverloadActionState::saturated() : OverloadActionState::inactive(); return state.value() != actionState().value(); } OverloadActionState actionState() const override { return state_; } private: const double threshold_; OverloadActionState state_; }; class ScaledTriggerImpl final : public OverloadAction::Trigger { public: ScaledTriggerImpl(const envoy::config::overload::v3::ScaledTrigger& config) : scaling_threshold_(config.scaling_threshold()), saturated_threshold_(config.saturation_threshold()), state_(OverloadActionState::inactive()) { if (scaling_threshold_ >= saturated_threshold_) { throw EnvoyException("scaling_threshold must be less than saturation_threshold"); } } bool updateValue(double value) override { const OverloadActionState old_state = actionState(); if (value <= scaling_threshold_) { state_ = OverloadActionState::inactive(); } else if (value >= saturated_threshold_) { state_ = OverloadActionState::saturated(); } else { state_ = OverloadActionState((value - scaling_threshold_) / (saturated_threshold_ - scaling_threshold_)); } return state_.value() != old_state.value(); } OverloadActionState actionState() const override { return state_; } private: const double scaling_threshold_; const double saturated_threshold_; OverloadActionState state_; }; /** * Thread-local copy of the state of each configured overload action. */ class ThreadLocalOverloadStateImpl : public ThreadLocalOverloadState { public: const OverloadActionState& getState(const std::string& action) override { auto it = actions_.find(action); if (it == actions_.end()) { it = actions_.insert(std::make_pair(action, OverloadActionState::inactive())).first; } return it->second; } void setState(const std::string& action, OverloadActionState state) { actions_.insert_or_assign(action, state); } private: absl::node_hash_map actions_; }; Stats::Counter& makeCounter(Stats::Scope& scope, absl::string_view a, absl::string_view b) { Stats::StatNameManagedStorage stat_name(absl::StrCat("overload.", a, ".", b), scope.symbolTable()); return scope.counterFromStatName(stat_name.statName()); } Stats::Gauge& makeGauge(Stats::Scope& scope, absl::string_view a, absl::string_view b, Stats::Gauge::ImportMode import_mode) { Stats::StatNameManagedStorage stat_name(absl::StrCat("overload.", a, ".", b), scope.symbolTable()); return scope.gaugeFromStatName(stat_name.statName(), import_mode); } } // namespace OverloadAction::OverloadAction(const envoy::config::overload::v3::OverloadAction& config, Stats::Scope& stats_scope) : state_(OverloadActionState::inactive()), active_gauge_( makeGauge(stats_scope, config.name(), "active", Stats::Gauge::ImportMode::Accumulate)), scale_percent_gauge_(makeGauge(stats_scope, config.name(), "scale_percent", Stats::Gauge::ImportMode::Accumulate)) { for (const auto& trigger_config : config.triggers()) { TriggerPtr trigger; switch (trigger_config.trigger_oneof_case()) { case envoy::config::overload::v3::Trigger::TriggerOneofCase::kThreshold: trigger = std::make_unique(trigger_config.threshold()); break; case envoy::config::overload::v3::Trigger::TriggerOneofCase::kScaled: trigger = std::make_unique(trigger_config.scaled()); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } if (!triggers_.try_emplace(trigger_config.name(), std::move(trigger)).second) { throw EnvoyException( absl::StrCat("Duplicate trigger resource for overload action ", config.name())); } } active_gauge_.set(0); scale_percent_gauge_.set(0); } bool OverloadAction::updateResourcePressure(const std::string& name, double pressure) { const OverloadActionState old_state = getState(); auto it = triggers_.find(name); ASSERT(it != triggers_.end()); if (!it->second->updateValue(pressure)) { return false; } const auto trigger_new_state = it->second->actionState(); active_gauge_.set(trigger_new_state.isSaturated() ? 1 : 0); scale_percent_gauge_.set(trigger_new_state.value() * 100); { // Compute the new state as the maximum over all trigger states. OverloadActionState new_state = OverloadActionState::inactive(); for (auto& trigger : triggers_) { const auto trigger_state = trigger.second->actionState(); if (trigger_state.value() > new_state.value()) { new_state = trigger_state; } } state_ = new_state; } return state_.value() != old_state.value(); } OverloadActionState OverloadAction::getState() const { return state_; } OverloadManagerImpl::OverloadManagerImpl(Event::Dispatcher& dispatcher, Stats::Scope& stats_scope, ThreadLocal::SlotAllocator& slot_allocator, const envoy::config::overload::v3::OverloadManager& config, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : started_(false), dispatcher_(dispatcher), tls_(slot_allocator.allocateSlot()), refresh_interval_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, refresh_interval, 1000))) { Configuration::ResourceMonitorFactoryContextImpl context(dispatcher, api, validation_visitor); for (const auto& resource : config.resource_monitors()) { const auto& name = resource.name(); ENVOY_LOG(debug, "Adding resource monitor for {}", name); auto& factory = Config::Utility::getAndCheckFactory(resource); auto config = Config::Utility::translateToFactoryConfig(resource, validation_visitor, factory); auto monitor = factory.createResourceMonitor(*config, context); auto result = resources_.try_emplace(name, name, std::move(monitor), *this, stats_scope); if (!result.second) { throw EnvoyException(absl::StrCat("Duplicate resource monitor ", name)); } } for (const auto& action : config.actions()) { const auto& name = action.name(); ENVOY_LOG(debug, "Adding overload action {}", name); // TODO: use in place construction once https://github.com/abseil/abseil-cpp/issues/388 is // addressed // We cannot currently use in place construction as the OverloadAction constructor may throw, // causing an inconsistent internal state of the actions_ map, which on destruction results in // an invalid free. auto result = actions_.try_emplace(name, OverloadAction(action, stats_scope)); if (!result.second) { throw EnvoyException(absl::StrCat("Duplicate overload action ", name)); } for (const auto& trigger : action.triggers()) { const std::string& resource = trigger.name(); if (resources_.find(resource) == resources_.end()) { throw EnvoyException( fmt::format("Unknown trigger resource {} for overload action {}", resource, name)); } resource_to_actions_.insert(std::make_pair(resource, name)); } } } void OverloadManagerImpl::start() { ASSERT(!started_); started_ = true; tls_->set([](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(); }); if (resources_.empty()) { return; } timer_ = dispatcher_.createTimer([this]() -> void { // Guarantee that all resource updates get flushed after no more than one refresh_interval_. flushResourceUpdates(); // Start a new flush epoch. If all resource updates complete before this callback runs, the last // resource update will call flushResourceUpdates to flush the whole batch early. ++flush_epoch_; flush_awaiting_updates_ = resources_.size(); for (auto& resource : resources_) { resource.second.update(flush_epoch_); } timer_->enableTimer(refresh_interval_); }); timer_->enableTimer(refresh_interval_); } void OverloadManagerImpl::stop() { // Disable any pending timeouts. if (timer_) { timer_->disableTimer(); } // Clear the resource map to block on any pending updates. resources_.clear(); } bool OverloadManagerImpl::registerForAction(const std::string& action, Event::Dispatcher& dispatcher, OverloadActionCb callback) { ASSERT(!started_); if (actions_.find(action) == actions_.end()) { ENVOY_LOG(debug, "No overload action is configured for {}.", action); return false; } action_to_callbacks_.emplace(std::piecewise_construct, std::forward_as_tuple(action), std::forward_as_tuple(dispatcher, callback)); return true; } ThreadLocalOverloadState& OverloadManagerImpl::getThreadLocalOverloadState() { return tls_->getTyped(); } void OverloadManagerImpl::updateResourcePressure(const std::string& resource, double pressure, FlushEpochId flush_epoch) { auto [start, end] = resource_to_actions_.equal_range(resource); std::for_each(start, end, [&](ResourceToActionMap::value_type& entry) { const std::string& action = entry.second; auto action_it = actions_.find(action); ASSERT(action_it != actions_.end()); const OverloadActionState old_state = action_it->second.getState(); if (action_it->second.updateResourcePressure(resource, pressure)) { const auto state = action_it->second.getState(); if (old_state.isSaturated() != state.isSaturated()) { ENVOY_LOG(debug, "Overload action {} became {}", action, (state.isSaturated() ? "saturated" : "scaling")); } // Record the updated value to be sent to workers on the next thread-local-state flush, along // with any update callbacks. This might overwrite a previous action state change caused by a // pressure update for a different resource that hasn't been flushed yet. That's okay because // the state recorded here includes the information from all previous resource updates. So // even if resource 1 causes an action to have value A, and a later update to resource 2 // causes the action to have value B, B would have been the result for whichever order the // updates to resources 1 and 2 came in. state_updates_to_flush_.insert_or_assign(action, state); auto [callbacks_start, callbacks_end] = action_to_callbacks_.equal_range(action); std::for_each(callbacks_start, callbacks_end, [&](ActionToCallbackMap::value_type& cb_entry) { callbacks_to_flush_.insert_or_assign(&cb_entry.second, state); }); } }); // Eagerly flush updates if this is the last call to updateResourcePressure expected for the // current epoch. This assert is always valid because flush_awaiting_updates_ is initialized // before each batch of updates, and even if a resource monitor performs a double update, or a // previous update callback is late, the logic in OverloadManager::Resource::update() will prevent // unexpected calls to this function. ASSERT(flush_awaiting_updates_ > 0); --flush_awaiting_updates_; if (flush_epoch == flush_epoch_ && flush_awaiting_updates_ == 0) { flushResourceUpdates(); } } void OverloadManagerImpl::flushResourceUpdates() { if (!state_updates_to_flush_.empty()) { auto shared_updates = std::make_shared>(); std::swap(*shared_updates, state_updates_to_flush_); tls_->runOnAllThreads( [updates = std::move(shared_updates)](ThreadLocal::ThreadLocalObjectSharedPtr object) -> ThreadLocal::ThreadLocalObjectSharedPtr { for (const auto& [action, state] : *updates) { object->asType().setState(action, state); } return object; }); } for (const auto& [cb, state] : callbacks_to_flush_) { cb->dispatcher_.post([cb = cb, state = state]() { cb->callback_(state); }); } callbacks_to_flush_.clear(); } OverloadManagerImpl::Resource::Resource(const std::string& name, ResourceMonitorPtr monitor, OverloadManagerImpl& manager, Stats::Scope& stats_scope) : name_(name), monitor_(std::move(monitor)), manager_(manager), pending_update_(false), pressure_gauge_( makeGauge(stats_scope, name, "pressure", Stats::Gauge::ImportMode::NeverImport)), failed_updates_counter_(makeCounter(stats_scope, name, "failed_updates")), skipped_updates_counter_(makeCounter(stats_scope, name, "skipped_updates")) {} void OverloadManagerImpl::Resource::update(FlushEpochId flush_epoch) { if (!pending_update_) { pending_update_ = true; flush_epoch_ = flush_epoch; monitor_->updateResourceUsage(*this); return; } ENVOY_LOG(debug, "Skipping update for resource {} which has pending update", name_); skipped_updates_counter_.inc(); } void OverloadManagerImpl::Resource::onSuccess(const ResourceUsage& usage) { pending_update_ = false; manager_.updateResourcePressure(name_, usage.resource_pressure_, flush_epoch_); pressure_gauge_.set(usage.resource_pressure_ * 100); // convert to percent } void OverloadManagerImpl::Resource::onFailure(const EnvoyException& error) { pending_update_ = false; ENVOY_LOG(info, "Failed to update resource {}: {}", name_, error.what()); failed_updates_counter_.inc(); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/overload_manager_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/config/overload/v3/overload.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/protobuf/message_validator.h" #include "envoy/server/overload_manager.h" #include "envoy/server/resource_monitor.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" #include "envoy/thread_local/thread_local.h" #include "common/common/logger.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" namespace Envoy { namespace Server { class OverloadAction { public: OverloadAction(const envoy::config::overload::v3::OverloadAction& config, Stats::Scope& stats_scope); // Updates the current pressure for the given resource and returns whether the action // has changed state. bool updateResourcePressure(const std::string& name, double pressure); // Returns the current action state, which is the max state across all registered triggers. OverloadActionState getState() const; class Trigger { public: virtual ~Trigger() = default; // Updates the current value of the metric and returns whether the trigger has changed state. virtual bool updateValue(double value) PURE; // Returns the action state for the trigger. virtual OverloadActionState actionState() const PURE; }; using TriggerPtr = std::unique_ptr; private: absl::node_hash_map triggers_; OverloadActionState state_; Stats::Gauge& active_gauge_; Stats::Gauge& scale_percent_gauge_; }; class OverloadManagerImpl : Logger::Loggable, public OverloadManager { public: OverloadManagerImpl(Event::Dispatcher& dispatcher, Stats::Scope& stats_scope, ThreadLocal::SlotAllocator& slot_allocator, const envoy::config::overload::v3::OverloadManager& config, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); // Server::OverloadManager void start() override; bool registerForAction(const std::string& action, Event::Dispatcher& dispatcher, OverloadActionCb callback) override; ThreadLocalOverloadState& getThreadLocalOverloadState() override; // Stop the overload manager timer and wait for any pending resource updates to complete. // After this returns, overload manager clients should not receive any more callbacks // about overload state changes. void stop(); private: using FlushEpochId = uint64_t; class Resource : public ResourceMonitor::Callbacks { public: Resource(const std::string& name, ResourceMonitorPtr monitor, OverloadManagerImpl& manager, Stats::Scope& stats_scope); // ResourceMonitor::Callbacks void onSuccess(const ResourceUsage& usage) override; void onFailure(const EnvoyException& error) override; void update(FlushEpochId flush_epoch); private: const std::string name_; ResourceMonitorPtr monitor_; OverloadManagerImpl& manager_; bool pending_update_; FlushEpochId flush_epoch_; Stats::Gauge& pressure_gauge_; Stats::Counter& failed_updates_counter_; Stats::Counter& skipped_updates_counter_; }; struct ActionCallback { ActionCallback(Event::Dispatcher& dispatcher, OverloadActionCb callback) : dispatcher_(dispatcher), callback_(callback) {} Event::Dispatcher& dispatcher_; OverloadActionCb callback_; }; void updateResourcePressure(const std::string& resource, double pressure, FlushEpochId flush_epoch); // Flushes any enqueued action state updates to all worker threads. void flushResourceUpdates(); bool started_; Event::Dispatcher& dispatcher_; ThreadLocal::SlotPtr tls_; const std::chrono::milliseconds refresh_interval_; Event::TimerPtr timer_; absl::node_hash_map resources_; absl::node_hash_map actions_; absl::flat_hash_map state_updates_to_flush_; absl::flat_hash_map callbacks_to_flush_; FlushEpochId flush_epoch_ = 0; uint64_t flush_awaiting_updates_ = 0; using ResourceToActionMap = std::unordered_multimap; ResourceToActionMap resource_to_actions_; using ActionToCallbackMap = std::unordered_multimap; ActionToCallbackMap action_to_callbacks_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/process_context_impl.h ================================================ #pragma once #include "envoy/server/process_context.h" namespace Envoy { class ProcessContextImpl : public ProcessContext { public: ProcessContextImpl(ProcessObject& process_object) : process_object_(process_object) {} // ProcessContext ProcessObject& get() const override { return process_object_; } private: ProcessObject& process_object_; }; } // namespace Envoy ================================================ FILE: source/server/proto_descriptors.cc ================================================ #include "server/proto_descriptors.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/config/protobuf_link_hacks.h" #include "common/protobuf/protobuf.h" #include "absl/strings/str_cat.h" namespace Envoy { namespace Server { void validateProtoDescriptors() { const auto methods = { "envoy.api.v2.ClusterDiscoveryService.FetchClusters", "envoy.api.v2.ClusterDiscoveryService.StreamClusters", "envoy.api.v2.ClusterDiscoveryService.DeltaClusters", "envoy.api.v2.EndpointDiscoveryService.FetchEndpoints", "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints", "envoy.api.v2.EndpointDiscoveryService.DeltaEndpoints", "envoy.api.v2.ListenerDiscoveryService.FetchListeners", "envoy.api.v2.ListenerDiscoveryService.StreamListeners", "envoy.api.v2.ListenerDiscoveryService.DeltaListeners", "envoy.api.v2.RouteDiscoveryService.FetchRoutes", "envoy.api.v2.RouteDiscoveryService.StreamRoutes", "envoy.api.v2.RouteDiscoveryService.DeltaRoutes", "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources", "envoy.service.discovery.v2.AggregatedDiscoveryService.DeltaAggregatedResources", "envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck", "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck", "envoy.service.discovery.v2.RuntimeDiscoveryService.FetchRuntime", "envoy.service.discovery.v2.RuntimeDiscoveryService.StreamRuntime", "envoy.service.ratelimit.v2.RateLimitService.ShouldRateLimit", }; for (const auto& method : methods) { RELEASE_ASSERT(Protobuf::DescriptorPool::generated_pool()->FindMethodByName(method) != nullptr, absl::StrCat("Unable to find method descriptor for ", method)); } const auto types = { "envoy.api.v2.Cluster", "envoy.api.v2.ClusterLoadAssignment", "envoy.api.v2.Listener", "envoy.api.v2.RouteConfiguration", "envoy.api.v2.route.VirtualHost", "envoy.api.v2.auth.Secret", }; for (const auto& type : types) { RELEASE_ASSERT( Protobuf::DescriptorPool::generated_pool()->FindMessageTypeByName(type) != nullptr, ""); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/proto_descriptors.h ================================================ #pragma once namespace Envoy { namespace Server { // This function validates that the method descriptors for gRPC services and type descriptors that // are referenced in Any messages are available in the descriptor pool. void validateProtoDescriptors(); } // namespace Server } // namespace Envoy ================================================ FILE: source/server/resource_monitor_config_impl.h ================================================ #pragma once #include "envoy/server/resource_monitor_config.h" namespace Envoy { namespace Server { namespace Configuration { class ResourceMonitorFactoryContextImpl : public ResourceMonitorFactoryContext { public: ResourceMonitorFactoryContextImpl(Event::Dispatcher& dispatcher, Api::Api& api, ProtobufMessage::ValidationVisitor& validation_visitor) : dispatcher_(dispatcher), api_(api), validation_visitor_(validation_visitor) {} Event::Dispatcher& dispatcher() override { return dispatcher_; } Api::Api& api() override { return api_; } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { return validation_visitor_; } private: Event::Dispatcher& dispatcher_; Api::Api& api_; ProtobufMessage::ValidationVisitor& validation_visitor_; }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: source/server/server.cc ================================================ #include "server/server.h" #include #include #include #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/common/exception.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.validate.h" #include "envoy/event/dispatcher.h" #include "envoy/event/signal.h" #include "envoy/event/timer.h" #include "envoy/network/dns.h" #include "envoy/registry/registry.h" #include "envoy/server/bootstrap_extension_config.h" #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" #include "common/api/api_impl.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/enum_to_int.h" #include "common/common/mutex_tracer_impl.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/http/codes.h" #include "common/local_info/local_info_impl.h" #include "common/memory/stats.h" #include "common/network/address_impl.h" #include "common/network/socket_interface.h" #include "common/network/socket_interface_impl.h" #include "common/network/tcp_listener_impl.h" #include "common/protobuf/utility.h" #include "common/router/rds_impl.h" #include "common/runtime/runtime_impl.h" #include "common/singleton/manager_impl.h" #include "common/stats/thread_local_store.h" #include "common/stats/timespan_impl.h" #include "common/upstream/cluster_manager_impl.h" #include "common/version/version.h" #include "server/admin/utils.h" #include "server/configuration_impl.h" #include "server/connection_handler_impl.h" #include "server/guarddog_impl.h" #include "server/listener_hooks.h" #include "server/ssl_context_manager.h" namespace Envoy { namespace Server { InstanceImpl::InstanceImpl( Init::Manager& init_manager, const Options& options, Event::TimeSystem& time_system, Network::Address::InstanceConstSharedPtr local_address, ListenerHooks& hooks, HotRestart& restarter, Stats::StoreRoot& store, Thread::BasicLockable& access_log_lock, ComponentFactory& component_factory, Random::RandomGeneratorPtr&& random_generator, ThreadLocal::Instance& tls, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system, std::unique_ptr process_context) : init_manager_(init_manager), workers_started_(false), live_(false), shutdown_(false), options_(options), validation_context_(options_.allowUnknownStaticFields(), !options.rejectUnknownDynamicFields(), options.ignoreUnknownDynamicFields()), time_source_(time_system), restarter_(restarter), start_time_(time(nullptr)), original_start_time_(start_time_), stats_store_(store), thread_local_(tls), random_generator_(std::move(random_generator)), api_(new Api::Impl(thread_factory, store, time_system, file_system, *random_generator_, process_context ? ProcessContextOptRef(std::ref(*process_context)) : absl::nullopt)), dispatcher_(api_->allocateDispatcher("main_thread")), singleton_manager_(new Singleton::ManagerImpl(api_->threadFactory())), handler_(new ConnectionHandlerImpl(*dispatcher_, absl::nullopt)), listener_component_factory_(*this), worker_factory_(thread_local_, *api_, hooks), access_log_manager_(options.fileFlushIntervalMsec(), *api_, *dispatcher_, access_log_lock, store), terminated_(false), mutex_tracer_(options.mutexTracingEnabled() ? &Envoy::MutexTracerImpl::getOrCreateTracer() : nullptr), grpc_context_(store.symbolTable()), http_context_(store.symbolTable()), process_context_(std::move(process_context)), main_thread_id_(std::this_thread::get_id()), server_contexts_(*this) { try { if (!options.logPath().empty()) { try { file_logger_ = std::make_unique( options.logPath(), access_log_manager_, Logger::Registry::getSink()); } catch (const EnvoyException& e) { throw EnvoyException( fmt::format("Failed to open log-file '{}'. e.what(): {}", options.logPath(), e.what())); } } restarter_.initialize(*dispatcher_, *this); drain_manager_ = component_factory.createDrainManager(*this); initialize(options, std::move(local_address), component_factory, hooks); } catch (const EnvoyException& e) { ENVOY_LOG(critical, "error initializing configuration '{}': {}", options.configPath(), e.what()); terminate(); throw; } catch (const std::exception& e) { ENVOY_LOG(critical, "error initializing due to unexpected exception: {}", e.what()); terminate(); throw; } catch (...) { ENVOY_LOG(critical, "error initializing due to unknown exception"); terminate(); throw; } } InstanceImpl::~InstanceImpl() { terminate(); // Stop logging to file before all the AccessLogManager and its dependencies are // destructed to avoid crashing at shutdown. file_logger_.reset(); // Destruct the ListenerManager explicitly, before InstanceImpl's local init_manager_ is // destructed. // // The ListenerManager's DestinationPortsMap contains FilterChainSharedPtrs. There is a rare race // condition where one of these FilterChains contains an HttpConnectionManager, which contains an // RdsRouteConfigProvider, which contains an RdsRouteConfigSubscriptionSharedPtr. Since // RdsRouteConfigSubscription is an Init::Target, ~RdsRouteConfigSubscription triggers a callback // set at initialization, which goes to unregister it from the top-level InitManager, which has // already been destructed (use-after-free) causing a segfault. ENVOY_LOG(debug, "destroying listener manager"); listener_manager_.reset(); ENVOY_LOG(debug, "destroyed listener manager"); } Upstream::ClusterManager& InstanceImpl::clusterManager() { return *config_.clusterManager(); } void InstanceImpl::drainListeners() { ENVOY_LOG(info, "closing and draining listeners"); listener_manager_->stopListeners(ListenerManager::StopListenersType::All); drain_manager_->startDrainSequence([] {}); } void InstanceImpl::failHealthcheck(bool fail) { live_.store(!fail); server_stats_->live_.set(live_.load()); } MetricSnapshotImpl::MetricSnapshotImpl(Stats::Store& store) { snapped_counters_ = store.counters(); counters_.reserve(snapped_counters_.size()); for (const auto& counter : snapped_counters_) { counters_.push_back({counter->latch(), *counter}); } snapped_gauges_ = store.gauges(); gauges_.reserve(snapped_gauges_.size()); for (const auto& gauge : snapped_gauges_) { ASSERT(gauge->importMode() != Stats::Gauge::ImportMode::Uninitialized); gauges_.push_back(*gauge); } snapped_histograms_ = store.histograms(); histograms_.reserve(snapped_histograms_.size()); for (const auto& histogram : snapped_histograms_) { histograms_.push_back(*histogram); } snapped_text_readouts_ = store.textReadouts(); text_readouts_.reserve(snapped_text_readouts_.size()); for (const auto& text_readout : snapped_text_readouts_) { text_readouts_.push_back(*text_readout); } } void InstanceUtil::flushMetricsToSinks(const std::list& sinks, Stats::Store& store) { // Create a snapshot and flush to all sinks. // NOTE: Even if there are no sinks, creating the snapshot has the important property that it // latches all counters on a periodic basis. The hot restart code assumes this is being // done so this should not be removed. MetricSnapshotImpl snapshot(store); for (const auto& sink : sinks) { sink->flush(snapshot); } } void InstanceImpl::flushStats() { ENVOY_LOG(debug, "flushing stats"); // If Envoy is not fully initialized, workers will not be started and mergeHistograms // completion callback is not called immediately. As a result of this server stats will // not be updated and flushed to stat sinks. So skip mergeHistograms call if workers are // not started yet. if (initManager().state() == Init::Manager::State::Initialized) { // A shutdown initiated before this callback may prevent this from being called as per // the semantics documented in ThreadLocal's runOnAllThreads method. stats_store_.mergeHistograms([this]() -> void { flushStatsInternal(); }); } else { ENVOY_LOG(debug, "Envoy is not fully initialized, skipping histogram merge and flushing stats"); flushStatsInternal(); } } void InstanceImpl::updateServerStats() { // mergeParentStatsIfAny() does nothing and returns a struct of 0s if there is no parent. HotRestart::ServerStatsFromParent parent_stats = restarter_.mergeParentStatsIfAny(stats_store_); server_stats_->uptime_.set(time(nullptr) - original_start_time_); server_stats_->memory_allocated_.set(Memory::Stats::totalCurrentlyAllocated() + parent_stats.parent_memory_allocated_); server_stats_->memory_heap_size_.set(Memory::Stats::totalCurrentlyReserved()); server_stats_->memory_physical_size_.set(Memory::Stats::totalPhysicalBytes()); server_stats_->parent_connections_.set(parent_stats.parent_connections_); server_stats_->total_connections_.set(listener_manager_->numConnections() + parent_stats.parent_connections_); server_stats_->days_until_first_cert_expiring_.set( sslContextManager().daysUntilFirstCertExpires()); auto secs_until_ocsp_response_expires = sslContextManager().secondsUntilFirstOcspResponseExpires(); if (secs_until_ocsp_response_expires) { server_stats_->seconds_until_first_ocsp_response_expiring_.set( secs_until_ocsp_response_expires.value()); } server_stats_->state_.set( enumToInt(Utility::serverState(initManager().state(), healthCheckFailed()))); server_stats_->stats_recent_lookups_.set( stats_store_.symbolTable().getRecentLookups([](absl::string_view, uint64_t) {})); } void InstanceImpl::flushStatsInternal() { updateServerStats(); InstanceUtil::flushMetricsToSinks(config_.statsSinks(), stats_store_); // TODO(ramaraochavali): consider adding different flush interval for histograms. if (stat_flush_timer_ != nullptr) { stat_flush_timer_->enableTimer(config_.statsFlushInterval()); } } bool InstanceImpl::healthCheckFailed() { return !live_.load(); } namespace { // Loads a bootstrap object, potentially at a specific version (upgrading if necessary). void loadBootstrap(absl::optional bootstrap_version, envoy::config::bootstrap::v3::Bootstrap& bootstrap, std::function load_function) { if (!bootstrap_version.has_value()) { load_function(bootstrap, true); } else if (*bootstrap_version == 3) { load_function(bootstrap, false); } else if (*bootstrap_version == 2) { envoy::config::bootstrap::v2::Bootstrap bootstrap_v2; load_function(bootstrap_v2, false); Config::VersionConverter::upgrade(bootstrap_v2, bootstrap); MessageUtil::onVersionUpgradeWarn("v2 bootstrap"); } else { throw EnvoyException(fmt::format("Unknown bootstrap version {}.", *bootstrap_version)); } } } // namespace void InstanceUtil::loadBootstrapConfig(envoy::config::bootstrap::v3::Bootstrap& bootstrap, const Options& options, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) { const std::string& config_path = options.configPath(); const std::string& config_yaml = options.configYaml(); const envoy::config::bootstrap::v3::Bootstrap& config_proto = options.configProto(); // Exactly one of config_path and config_yaml should be specified. if (config_path.empty() && config_yaml.empty() && config_proto.ByteSize() == 0) { throw EnvoyException("At least one of --config-path or --config-yaml or Options::configProto() " "should be non-empty"); } if (!config_path.empty()) { loadBootstrap( options.bootstrapVersion(), bootstrap, [&config_path, &validation_visitor, &api](Protobuf::Message& message, bool do_boosting) { MessageUtil::loadFromFile(config_path, message, validation_visitor, api, do_boosting); }); } if (!config_yaml.empty()) { envoy::config::bootstrap::v3::Bootstrap bootstrap_override; loadBootstrap( options.bootstrapVersion(), bootstrap_override, [&config_yaml, &validation_visitor](Protobuf::Message& message, bool do_boosting) { MessageUtil::loadFromYaml(config_yaml, message, validation_visitor, do_boosting); }); // TODO(snowp): The fact that we do a merge here doesn't seem to be covered under test. bootstrap.MergeFrom(bootstrap_override); } if (config_proto.ByteSize() != 0) { bootstrap.MergeFrom(config_proto); } MessageUtil::validate(bootstrap, validation_visitor); } void InstanceImpl::initialize(const Options& options, Network::Address::InstanceConstSharedPtr local_address, ComponentFactory& component_factory, ListenerHooks& hooks) { ENVOY_LOG(info, "initializing epoch {} (base id={}, hot restart version={})", options.restartEpoch(), restarter_.baseId(), restarter_.version()); ENVOY_LOG(info, "statically linked extensions:"); for (const auto& ext : Envoy::Registry::FactoryCategoryRegistry::registeredFactories()) { ENVOY_LOG(info, " {}: {}", ext.first, absl::StrJoin(ext.second->registeredNames(), ", ")); } // Handle configuration that needs to take place prior to the main configuration load. InstanceUtil::loadBootstrapConfig(bootstrap_, options, messageValidationContext().staticValidationVisitor(), *api_); bootstrap_config_update_time_ = time_source_.systemTime(); // Immediate after the bootstrap has been loaded, override the header prefix, if configured to // do so. This must be set before any other code block references the HeaderValues ConstSingleton. if (!bootstrap_.header_prefix().empty()) { // setPrefix has a release assert verifying that setPrefix() is not called after prefix() ThreadSafeSingleton::get().setPrefix(bootstrap_.header_prefix().c_str()); } // TODO(mattklein123): Custom O(1) headers can be registered at this point for creating/finalizing // any header maps. ENVOY_LOG(info, "HTTP header map info:"); for (const auto& info : Http::HeaderMapImplUtility::getAllHeaderMapImplInfo()) { ENVOY_LOG(info, " {}: {} bytes: {}", info.name_, info.size_, absl::StrJoin(info.registered_headers_, ",")); } // Needs to happen as early as possible in the instantiation to preempt the objects that require // stats. stats_store_.setTagProducer(Config::Utility::createTagProducer(bootstrap_)); stats_store_.setStatsMatcher(Config::Utility::createStatsMatcher(bootstrap_)); stats_store_.setHistogramSettings(Config::Utility::createHistogramSettings(bootstrap_)); const std::string server_stats_prefix = "server."; server_stats_ = std::make_unique( ServerStats{ALL_SERVER_STATS(POOL_COUNTER_PREFIX(stats_store_, server_stats_prefix), POOL_GAUGE_PREFIX(stats_store_, server_stats_prefix), POOL_HISTOGRAM_PREFIX(stats_store_, server_stats_prefix))}); validation_context_.staticWarningValidationVisitor().setUnknownCounter( server_stats_->static_unknown_fields_); validation_context_.dynamicWarningValidationVisitor().setUnknownCounter( server_stats_->dynamic_unknown_fields_); initialization_timer_ = std::make_unique( server_stats_->initialization_time_ms_, timeSource()); server_stats_->concurrency_.set(options_.concurrency()); server_stats_->hot_restart_epoch_.set(options_.restartEpoch()); assert_action_registration_ = Assert::setDebugAssertionFailureRecordAction( [this]() { server_stats_->debug_assertion_failures_.inc(); }); envoy_bug_action_registration_ = Assert::setEnvoyBugFailureRecordAction( [this]() { server_stats_->envoy_bug_failures_.inc(); }); InstanceImpl::failHealthcheck(false); // Check if bootstrap has server version override set, if yes, we should use that as // 'server.version' stat. uint64_t version_int; if (bootstrap_.stats_server_version_override().value() > 0) { version_int = bootstrap_.stats_server_version_override().value(); } else { if (!StringUtil::atoull(VersionInfo::revision().substr(0, 6).c_str(), version_int, 16)) { throw EnvoyException("compiled GIT SHA is invalid. Invalid build."); } } server_stats_->version_.set(version_int); bootstrap_.mutable_node()->set_hidden_envoy_deprecated_build_version(VersionInfo::version()); bootstrap_.mutable_node()->set_user_agent_name("envoy"); *bootstrap_.mutable_node()->mutable_user_agent_build_version() = VersionInfo::buildVersion(); for (const auto& ext : Envoy::Registry::FactoryCategoryRegistry::registeredFactories()) { for (const auto& name : ext.second->allRegisteredNames()) { auto* extension = bootstrap_.mutable_node()->add_extensions(); extension->set_name(std::string(name)); extension->set_category(ext.first); auto const version = ext.second->getFactoryVersion(name); if (version) { *extension->mutable_version() = version.value(); } extension->set_disabled(ext.second->isFactoryDisabled(name)); } } local_info_ = std::make_unique( bootstrap_.node(), local_address, options.serviceZone(), options.serviceClusterName(), options.serviceNodeName()); Configuration::InitialImpl initial_config(bootstrap_); // Learn original_start_time_ if our parent is still around to inform us of it. restarter_.sendParentAdminShutdownRequest(original_start_time_); admin_ = std::make_unique(initial_config.admin().profilePath(), *this); loadServerFlags(initial_config.flagsPath()); secret_manager_ = std::make_unique(admin_->getConfigTracker()); // Initialize the overload manager early so other modules can register for actions. overload_manager_ = std::make_unique( *dispatcher_, stats_store_, thread_local_, bootstrap_.overload_manager(), messageValidationContext().staticValidationVisitor(), *api_); heap_shrinker_ = std::make_unique(*dispatcher_, *overload_manager_, stats_store_); for (const auto& bootstrap_extension : bootstrap_.bootstrap_extensions()) { auto& factory = Config::Utility::getAndCheckFactory( bootstrap_extension); auto config = Config::Utility::translateAnyToFactoryConfig( bootstrap_extension.typed_config(), messageValidationContext().staticValidationVisitor(), factory); bootstrap_extensions_.push_back( factory.createBootstrapExtension(*config, serverFactoryContext())); } if (!bootstrap_.default_socket_interface().empty()) { auto& sock_name = bootstrap_.default_socket_interface(); auto sock = const_cast(Network::socketInterface(sock_name)); if (sock != nullptr) { Network::SocketInterfaceSingleton::clear(); Network::SocketInterfaceSingleton::initialize(sock); } } // Workers get created first so they register for thread local updates. listener_manager_ = std::make_unique( *this, listener_component_factory_, worker_factory_, bootstrap_.enable_dispatcher_stats()); // The main thread is also registered for thread local updates so that code that does not care // whether it runs on the main thread or on workers can still use TLS. thread_local_.registerThread(*dispatcher_, true); // We can now initialize stats for threading. stats_store_.initializeThreading(*dispatcher_, thread_local_); // It's now safe to start writing stats from the main thread's dispatcher. if (bootstrap_.enable_dispatcher_stats()) { dispatcher_->initializeStats(stats_store_, "server."); } if (initial_config.admin().address()) { if (initial_config.admin().accessLogPath().empty()) { throw EnvoyException("An admin access log path is required for a listening server."); } ENVOY_LOG(info, "admin address: {}", initial_config.admin().address()->asString()); admin_->startHttpListener(initial_config.admin().accessLogPath(), options.adminAddressPath(), initial_config.admin().address(), initial_config.admin().socketOptions(), stats_store_.createScope("listener.admin.")); } else { ENVOY_LOG(warn, "No admin address given, so no admin HTTP server started."); } config_tracker_entry_ = admin_->getConfigTracker().add("bootstrap", [this] { return dumpBootstrapConfig(); }); if (initial_config.admin().address()) { admin_->addListenerToHandler(handler_.get()); } // The broad order of initialization from this point on is the following: // 1. Statically provisioned configuration (bootstrap) are loaded. // 2. Cluster manager is created and all primary clusters (i.e. with endpoint assignments // provisioned statically in bootstrap, discovered through DNS or file based CDS) are // initialized. // 3. Various services are initialized and configured using the bootstrap config. // 4. RTDS is initialized using primary clusters. This allows runtime overrides to be fully // configured before the rest of xDS configuration is provisioned. // 5. Secondary clusters (with endpoint assignments provisioned by xDS servers) are initialized. // 6. The rest of the dynamic configuration is provisioned. // // Please note: this order requires that RTDS is provisioned using a primary cluster. If RTDS is // provisioned through ADS then ADS must use primary cluster as well. This invariant is enforced // during RTDS initialization and invalid configuration will be rejected. // Runtime gets initialized before the main configuration since during main configuration // load things may grab a reference to the loader for later use. runtime_singleton_ = std::make_unique( component_factory.createRuntime(*this, initial_config)); hooks.onRuntimeCreated(); // Once we have runtime we can initialize the SSL context manager. ssl_context_manager_ = createContextManager("ssl_context_manager", time_source_); const bool use_tcp_for_dns_lookups = bootstrap_.use_tcp_for_dns_lookups(); dns_resolver_ = dispatcher_->createDnsResolver({}, use_tcp_for_dns_lookups); cluster_manager_factory_ = std::make_unique( *admin_, Runtime::LoaderSingleton::get(), stats_store_, thread_local_, dns_resolver_, *ssl_context_manager_, *dispatcher_, *local_info_, *secret_manager_, messageValidationContext(), *api_, http_context_, grpc_context_, access_log_manager_, *singleton_manager_); // Now the configuration gets parsed. The configuration may start setting // thread local data per above. See MainImpl::initialize() for why ConfigImpl // is constructed as part of the InstanceImpl and then populated once // cluster_manager_factory_ is available. config_.initialize(bootstrap_, *this, *cluster_manager_factory_); // Instruct the listener manager to create the LDS provider if needed. This must be done later // because various items do not yet exist when the listener manager is created. if (bootstrap_.dynamic_resources().has_lds_config() || bootstrap_.dynamic_resources().has_lds_resources_locator()) { listener_manager_->createLdsApi(bootstrap_.dynamic_resources().lds_config(), bootstrap_.dynamic_resources().has_lds_resources_locator() ? &bootstrap_.dynamic_resources().lds_resources_locator() : nullptr); } // We have to defer RTDS initialization until after the cluster manager is // instantiated (which in turn relies on runtime...). Runtime::LoaderSingleton::get().initialize(clusterManager()); clusterManager().setPrimaryClustersInitializedCb( [this]() { onClusterManagerPrimaryInitializationComplete(); }); for (Stats::SinkPtr& sink : config_.statsSinks()) { stats_store_.addSink(*sink); } // Some of the stat sinks may need dispatcher support so don't flush until the main loop starts. // Just setup the timer. stat_flush_timer_ = dispatcher_->createTimer([this]() -> void { flushStats(); }); stat_flush_timer_->enableTimer(config_.statsFlushInterval()); // GuardDog (deadlock detection) object and thread setup before workers are // started and before our own run() loop runs. main_thread_guard_dog_ = std::make_unique( stats_store_, config_.mainThreadWatchdogConfig(), *api_, "main_thread"); worker_guard_dog_ = std::make_unique( stats_store_, config_.workerWatchdogConfig(), *api_, "workers"); } void InstanceImpl::onClusterManagerPrimaryInitializationComplete() { // If RTDS was not configured the `onRuntimeReady` callback is immediately invoked. Runtime::LoaderSingleton::get().startRtdsSubscriptions([this]() { onRuntimeReady(); }); } void InstanceImpl::onRuntimeReady() { // Begin initializing secondary clusters after RTDS configuration has been applied. clusterManager().initializeSecondaryClusters(bootstrap_); if (bootstrap_.has_hds_config()) { const auto& hds_config = bootstrap_.hds_config(); async_client_manager_ = std::make_unique( *config_.clusterManager(), thread_local_, time_source_, *api_, grpc_context_.statNames()); hds_delegate_ = std::make_unique( stats_store_, Config::Utility::factoryForGrpcApiConfigSource(*async_client_manager_, hds_config, stats_store_, false) ->create(), hds_config.transport_api_version(), *dispatcher_, Runtime::LoaderSingleton::get(), stats_store_, *ssl_context_manager_, info_factory_, access_log_manager_, *config_.clusterManager(), *local_info_, *admin_, *singleton_manager_, thread_local_, messageValidationContext().dynamicValidationVisitor(), *api_); } // If there is no global limit to the number of active connections, warn on startup. // TODO (tonya11en): Move this functionality into the overload manager. if (!runtime().snapshot().get(Network::TcpListenerImpl::GlobalMaxCxRuntimeKey)) { ENVOY_LOG(warn, "there is no configured limit to the number of allowed active connections. Set a " "limit via the runtime key {}", Network::TcpListenerImpl::GlobalMaxCxRuntimeKey); } } void InstanceImpl::startWorkers() { listener_manager_->startWorkers(*worker_guard_dog_); initialization_timer_->complete(); // Update server stats as soon as initialization is done. updateServerStats(); workers_started_ = true; // At this point we are ready to take traffic and all listening ports are up. Notify our parent // if applicable that they can stop listening and drain. restarter_.drainParentListeners(); drain_manager_->startParentShutdownSequence(); } Runtime::LoaderPtr InstanceUtil::createRuntime(Instance& server, Server::Configuration::Initial& config) { ENVOY_LOG(info, "runtime: {}", MessageUtil::getYamlStringFromMessage(config.runtime())); return std::make_unique( server.dispatcher(), server.threadLocal(), config.runtime(), server.localInfo(), server.stats(), server.api().randomGenerator(), server.messageValidationContext().dynamicValidationVisitor(), server.api()); } void InstanceImpl::loadServerFlags(const absl::optional& flags_path) { if (!flags_path) { return; } ENVOY_LOG(info, "server flags path: {}", flags_path.value()); if (api_->fileSystem().fileExists(flags_path.value() + "/drain")) { ENVOY_LOG(info, "starting server in drain mode"); InstanceImpl::failHealthcheck(true); } } RunHelper::RunHelper(Instance& instance, const Options& options, Event::Dispatcher& dispatcher, Upstream::ClusterManager& cm, AccessLog::AccessLogManager& access_log_manager, Init::Manager& init_manager, OverloadManager& overload_manager, std::function post_init_cb) : init_watcher_("RunHelper", [&instance, post_init_cb]() { if (!instance.isShutdown()) { post_init_cb(); } }) { // Setup signals. if (options.signalHandlingEnabled()) { // TODO(Pivotal): Figure out solution to graceful shutdown on Windows. None of these signals exist // on Windows. #ifndef WIN32 sigterm_ = dispatcher.listenForSignal(SIGTERM, [&instance]() { ENVOY_LOG(warn, "caught SIGTERM"); instance.shutdown(); }); sigint_ = dispatcher.listenForSignal(SIGINT, [&instance]() { ENVOY_LOG(warn, "caught SIGINT"); instance.shutdown(); }); sig_usr_1_ = dispatcher.listenForSignal(SIGUSR1, [&access_log_manager]() { ENVOY_LOG(info, "caught SIGUSR1. Reopening access logs."); access_log_manager.reopen(); }); sig_hup_ = dispatcher.listenForSignal(SIGHUP, []() { ENVOY_LOG(warn, "caught and eating SIGHUP. See documentation for how to hot restart."); }); #endif } // Start overload manager before workers. overload_manager.start(); // Register for cluster manager init notification. We don't start serving worker traffic until // upstream clusters are initialized which may involve running the event loop. Note however that // this can fire immediately if all clusters have already initialized. Also note that we need // to guard against shutdown at two different levels since SIGTERM can come in once the run loop // starts. cm.setInitializedCb([&instance, &init_manager, &cm, this]() { if (instance.isShutdown()) { return; } const auto type_urls = Config::getAllVersionTypeUrls(); // Pause RDS to ensure that we don't send any requests until we've // subscribed to all the RDS resources. The subscriptions happen in the init callbacks, // so we pause RDS until we've completed all the callbacks. Config::ScopedResume maybe_resume_rds; if (cm.adsMux()) { maybe_resume_rds = cm.adsMux()->pause(type_urls); } ENVOY_LOG(info, "all clusters initialized. initializing init manager"); init_manager.initialize(init_watcher_); // Now that we're execute all the init callbacks we can resume RDS // as we've subscribed to all the statically defined RDS resources. // This is done by tearing down the maybe_resume_rds Cleanup object. }); } void InstanceImpl::run() { // RunHelper exists primarily to facilitate testing of how we respond to early shutdown during // startup (see RunHelperTest in server_test.cc). const auto run_helper = RunHelper(*this, options_, *dispatcher_, clusterManager(), access_log_manager_, init_manager_, overloadManager(), [this] { notifyCallbacksForStage(Stage::PostInit); startWorkers(); }); // Run the main dispatch loop waiting to exit. ENVOY_LOG(info, "starting main dispatch loop"); auto watchdog = main_thread_guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "main_thread"); watchdog->startWatchdog(*dispatcher_); dispatcher_->post([this] { notifyCallbacksForStage(Stage::Startup); }); dispatcher_->run(Event::Dispatcher::RunType::Block); ENVOY_LOG(info, "main dispatch loop exited"); main_thread_guard_dog_->stopWatching(watchdog); watchdog.reset(); terminate(); } void InstanceImpl::terminate() { if (terminated_) { return; } terminated_ = true; // Before starting to shutdown anything else, stop slot destruction updates. thread_local_.shutdownGlobalThreading(); // Before the workers start exiting we should disable stat threading. stats_store_.shutdownThreading(); if (overload_manager_) { overload_manager_->stop(); } // Shutdown all the workers now that the main dispatch loop is done. if (listener_manager_ != nullptr) { // Also shutdown the listener manager's ApiListener, if there is one, which runs on the main // thread. This needs to happen ahead of calling thread_local_.shutdown() below to prevent any // objects in the ApiListener destructor to reference any objects in thread local storage. if (listener_manager_->apiListener().has_value()) { listener_manager_->apiListener()->get().shutdown(); } listener_manager_->stopWorkers(); } // Only flush if we have not been hot restarted. if (stat_flush_timer_) { flushStats(); } if (config_.clusterManager() != nullptr) { config_.clusterManager()->shutdown(); } handler_.reset(); thread_local_.shutdownThread(); restarter_.shutdown(); ENVOY_LOG(info, "exiting"); ENVOY_FLUSH_LOG(); } Runtime::Loader& InstanceImpl::runtime() { return Runtime::LoaderSingleton::get(); } void InstanceImpl::shutdown() { ENVOY_LOG(info, "shutting down server instance"); shutdown_ = true; restarter_.sendParentTerminateRequest(); notifyCallbacksForStage(Stage::ShutdownExit, [this] { dispatcher_->exit(); }); } void InstanceImpl::shutdownAdmin() { ENVOY_LOG(warn, "shutting down admin due to child startup"); stat_flush_timer_.reset(); handler_->stopListeners(); admin_->closeSocket(); // If we still have a parent, it should be terminated now that we have a child. ENVOY_LOG(warn, "terminating parent process"); restarter_.sendParentTerminateRequest(); } ServerLifecycleNotifier::HandlePtr InstanceImpl::registerCallback(Stage stage, StageCallback callback) { auto& callbacks = stage_callbacks_[stage]; return std::make_unique>(callbacks, callback); } ServerLifecycleNotifier::HandlePtr InstanceImpl::registerCallback(Stage stage, StageCallbackWithCompletion callback) { ASSERT(stage == Stage::ShutdownExit); auto& callbacks = stage_completable_callbacks_[stage]; return std::make_unique>(callbacks, callback); } void InstanceImpl::notifyCallbacksForStage(Stage stage, Event::PostCb completion_cb) { ASSERT(std::this_thread::get_id() == main_thread_id_); const auto it = stage_callbacks_.find(stage); if (it != stage_callbacks_.end()) { for (const StageCallback& callback : it->second) { callback(); } } // Wrap completion_cb so that it only gets invoked when all callbacks for this stage // have finished their work. std::shared_ptr cb_guard( new Cleanup([this, completion_cb]() { dispatcher_->post(completion_cb); })); // Registrations which take a completion callback are typically implemented by executing a // callback on all worker threads using Slot::runOnAllThreads which will hang indefinitely if // worker threads have not been started so we need to skip notifications if envoy is shutdown // early before workers have started. if (workers_started_) { const auto it2 = stage_completable_callbacks_.find(stage); if (it2 != stage_completable_callbacks_.end()) { ENVOY_LOG(info, "Notifying {} callback(s) with completion.", it2->second.size()); for (const StageCallbackWithCompletion& callback : it2->second) { callback([cb_guard] {}); } } } } ProtobufTypes::MessagePtr InstanceImpl::dumpBootstrapConfig() { auto config_dump = std::make_unique(); config_dump->mutable_bootstrap()->MergeFrom(bootstrap_); TimestampUtil::systemClockToTimestamp(bootstrap_config_update_time_, *(config_dump->mutable_last_updated())); return config_dump; } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/server.h ================================================ #pragma once #include #include #include #include #include #include #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/event/timer.h" #include "envoy/server/bootstrap_extension_config.h" #include "envoy/server/drain_manager.h" #include "envoy/server/guarddog.h" #include "envoy/server/instance.h" #include "envoy/server/process_context.h" #include "envoy/server/tracer_config.h" #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_manager.h" #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" #include "envoy/tracing/http_tracer.h" #include "common/access_log/access_log_manager_impl.h" #include "common/common/assert.h" #include "common/common/cleanup.h" #include "common/common/logger_delegates.h" #include "common/grpc/async_client_manager_impl.h" #include "common/grpc/context_impl.h" #include "common/http/context_impl.h" #include "common/init/manager_impl.h" #include "common/memory/heap_shrinker.h" #include "common/protobuf/message_validator_impl.h" #include "common/runtime/runtime_impl.h" #include "common/secret/secret_manager_impl.h" #include "common/upstream/health_discovery_service.h" #include "server/admin/admin.h" #include "server/configuration_impl.h" #include "server/listener_hooks.h" #include "server/listener_manager_impl.h" #include "server/overload_manager_impl.h" #include "server/worker_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" namespace Envoy { namespace Server { /** * All server wide stats. @see stats_macros.h */ #define ALL_SERVER_STATS(COUNTER, GAUGE, HISTOGRAM) \ COUNTER(debug_assertion_failures) \ COUNTER(envoy_bug_failures) \ COUNTER(dynamic_unknown_fields) \ COUNTER(static_unknown_fields) \ GAUGE(concurrency, NeverImport) \ GAUGE(days_until_first_cert_expiring, Accumulate) \ GAUGE(seconds_until_first_ocsp_response_expiring, Accumulate) \ GAUGE(hot_restart_epoch, NeverImport) \ /* hot_restart_generation is an Accumulate gauge; we omit it here for testing dynamics. */ \ GAUGE(live, NeverImport) \ GAUGE(memory_allocated, Accumulate) \ GAUGE(memory_heap_size, Accumulate) \ GAUGE(memory_physical_size, Accumulate) \ GAUGE(parent_connections, Accumulate) \ GAUGE(state, NeverImport) \ GAUGE(stats_recent_lookups, NeverImport) \ GAUGE(total_connections, Accumulate) \ GAUGE(uptime, Accumulate) \ GAUGE(version, NeverImport) \ HISTOGRAM(initialization_time_ms, Milliseconds) struct ServerStats { ALL_SERVER_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, GENERATE_HISTOGRAM_STRUCT) }; /** * Interface for creating service components during boot. */ class ComponentFactory { public: virtual ~ComponentFactory() = default; /** * @return DrainManagerPtr a new drain manager for the server. */ virtual DrainManagerPtr createDrainManager(Instance& server) PURE; /** * @return Runtime::LoaderPtr the runtime implementation for the server. */ virtual Runtime::LoaderPtr createRuntime(Instance& server, Configuration::Initial& config) PURE; }; /** * Helpers used during server creation. */ class InstanceUtil : Logger::Loggable { public: /** * Default implementation of runtime loader creation used in the real server and in most * integration tests where a mock runtime is not needed. */ static Runtime::LoaderPtr createRuntime(Instance& server, Server::Configuration::Initial& config); /** * Helper for flushing counters, gauges and histograms to sinks. This takes care of calling * flush() on each sink. * @param sinks supplies the list of sinks. * @param store provides the store being flushed. */ static void flushMetricsToSinks(const std::list& sinks, Stats::Store& store); /** * Load a bootstrap config and perform validation. * @param bootstrap supplies the bootstrap to fill. * @param options supplies the server options. * @param validation_visitor message validation visitor instance. * @param api reference to the Api object */ static void loadBootstrapConfig(envoy::config::bootstrap::v3::Bootstrap& bootstrap, const Options& options, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api); }; /** * This is a helper used by InstanceImpl::run() on the stack. It's broken out to make testing * easier. */ class RunHelper : Logger::Loggable { public: RunHelper(Instance& instance, const Options& options, Event::Dispatcher& dispatcher, Upstream::ClusterManager& cm, AccessLog::AccessLogManager& access_log_manager, Init::Manager& init_manager, OverloadManager& overload_manager, std::function workers_start_cb); private: Init::WatcherImpl init_watcher_; Event::SignalEventPtr sigterm_; Event::SignalEventPtr sigint_; Event::SignalEventPtr sig_usr_1_; Event::SignalEventPtr sig_hup_; }; // ServerFactoryContextImpl implements both ServerFactoryContext and // TransportSocketFactoryContext for convenience as these two contexts // share common member functions and member variables. class ServerFactoryContextImpl : public Configuration::ServerFactoryContext, public Configuration::TransportSocketFactoryContext { public: explicit ServerFactoryContextImpl(Instance& server) : server_(server), server_scope_(server_.stats().createScope("")) {} // Configuration::ServerFactoryContext Upstream::ClusterManager& clusterManager() override { return server_.clusterManager(); } Event::Dispatcher& dispatcher() override { return server_.dispatcher(); } const LocalInfo::LocalInfo& localInfo() const override { return server_.localInfo(); } ProtobufMessage::ValidationContext& messageValidationContext() override { return server_.messageValidationContext(); } Envoy::Runtime::Loader& runtime() override { return server_.runtime(); } Stats::Scope& scope() override { return *server_scope_; } Singleton::Manager& singletonManager() override { return server_.singletonManager(); } ThreadLocal::Instance& threadLocal() override { return server_.threadLocal(); } Admin& admin() override { return server_.admin(); } TimeSource& timeSource() override { return api().timeSource(); } Api::Api& api() override { return server_.api(); } Grpc::Context& grpcContext() override { return server_.grpcContext(); } Envoy::Server::DrainManager& drainManager() override { return server_.drainManager(); } ServerLifecycleNotifier& lifecycleNotifier() override { return server_.lifecycleNotifier(); } std::chrono::milliseconds statsFlushInterval() const override { return server_.statsFlushInterval(); } // Configuration::TransportSocketFactoryContext Ssl::ContextManager& sslContextManager() override { return server_.sslContextManager(); } Secret::SecretManager& secretManager() override { return server_.secretManager(); } Stats::Store& stats() override { return server_.stats(); } Init::Manager& initManager() override { return server_.initManager(); } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { // Server has two message validation visitors, one for static and // other for dynamic configuration. Choose the dynamic validation // visitor if server's init manager indicates that the server is // in the Initialized state, as this state is engaged right after // the static configuration (e.g., bootstrap) has been completed. return initManager().state() == Init::Manager::State::Initialized ? server_.messageValidationContext().dynamicValidationVisitor() : server_.messageValidationContext().staticValidationVisitor(); } private: Instance& server_; Stats::ScopePtr server_scope_; }; /** * This is the actual full standalone server which stitches together various common components. */ class InstanceImpl final : Logger::Loggable, public Instance, public ServerLifecycleNotifier { public: /** * @throw EnvoyException if initialization fails. */ InstanceImpl(Init::Manager& init_manager, const Options& options, Event::TimeSystem& time_system, Network::Address::InstanceConstSharedPtr local_address, ListenerHooks& hooks, HotRestart& restarter, Stats::StoreRoot& store, Thread::BasicLockable& access_log_lock, ComponentFactory& component_factory, Random::RandomGeneratorPtr&& random_generator, ThreadLocal::Instance& tls, Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system, std::unique_ptr process_context); ~InstanceImpl() override; void run(); // Server::Instance Admin& admin() override { return *admin_; } Api::Api& api() override { return *api_; } Upstream::ClusterManager& clusterManager() override; Ssl::ContextManager& sslContextManager() override { return *ssl_context_manager_; } Event::Dispatcher& dispatcher() override { return *dispatcher_; } Network::DnsResolverSharedPtr dnsResolver() override { return dns_resolver_; } void drainListeners() override; DrainManager& drainManager() override { return *drain_manager_; } AccessLog::AccessLogManager& accessLogManager() override { return access_log_manager_; } void failHealthcheck(bool fail) override; HotRestart& hotRestart() override { return restarter_; } Init::Manager& initManager() override { return init_manager_; } ServerLifecycleNotifier& lifecycleNotifier() override { return *this; } ListenerManager& listenerManager() override { return *listener_manager_; } Secret::SecretManager& secretManager() override { return *secret_manager_; } Envoy::MutexTracer* mutexTracer() override { return mutex_tracer_; } OverloadManager& overloadManager() override { return *overload_manager_; } Runtime::Loader& runtime() override; void shutdown() override; bool isShutdown() final { return shutdown_; } void shutdownAdmin() override; Singleton::Manager& singletonManager() override { return *singleton_manager_; } bool healthCheckFailed() override; const Options& options() override { return options_; } time_t startTimeCurrentEpoch() override { return start_time_; } time_t startTimeFirstEpoch() override { return original_start_time_; } Stats::Store& stats() override { return stats_store_; } Grpc::Context& grpcContext() override { return grpc_context_; } Http::Context& httpContext() override { return http_context_; } ProcessContextOptRef processContext() override { return *process_context_; } ThreadLocal::Instance& threadLocal() override { return thread_local_; } const LocalInfo::LocalInfo& localInfo() const override { return *local_info_; } TimeSource& timeSource() override { return time_source_; } void flushStats() override; Configuration::ServerFactoryContext& serverFactoryContext() override { return server_contexts_; } Configuration::TransportSocketFactoryContext& transportSocketFactoryContext() override { return server_contexts_; } std::chrono::milliseconds statsFlushInterval() const override { return config_.statsFlushInterval(); } ProtobufMessage::ValidationContext& messageValidationContext() override { return validation_context_; } void setDefaultTracingConfig(const envoy::config::trace::v3::Tracing& tracing_config) override { http_context_.setDefaultTracingConfig(tracing_config); } // ServerLifecycleNotifier ServerLifecycleNotifier::HandlePtr registerCallback(Stage stage, StageCallback callback) override; ServerLifecycleNotifier::HandlePtr registerCallback(Stage stage, StageCallbackWithCompletion callback) override; private: ProtobufTypes::MessagePtr dumpBootstrapConfig(); void flushStatsInternal(); void updateServerStats(); void initialize(const Options& options, Network::Address::InstanceConstSharedPtr local_address, ComponentFactory& component_factory, ListenerHooks& hooks); void loadServerFlags(const absl::optional& flags_path); void startWorkers(); void terminate(); void notifyCallbacksForStage( Stage stage, Event::PostCb completion_cb = [] {}); void onRuntimeReady(); void onClusterManagerPrimaryInitializationComplete(); using LifecycleNotifierCallbacks = std::list; using LifecycleNotifierCompletionCallbacks = std::list; // init_manager_ must come before any member that participates in initialization, and destructed // only after referencing members are gone, since initialization continuation can potentially // occur at any point during member lifetime. This init manager is populated with LdsApi targets. Init::Manager& init_manager_; // secret_manager_ must come before listener_manager_, config_ and dispatcher_, and destructed // only after these members can no longer reference it, since: // - There may be active filter chains referencing it in listener_manager_. // - There may be active clusters referencing it in config_.cluster_manager_. // - There may be active connections referencing it. std::unique_ptr secret_manager_; bool workers_started_; std::atomic live_; bool shutdown_; const Options& options_; ProtobufMessage::ProdValidationContextImpl validation_context_; TimeSource& time_source_; // Delete local_info_ as late as possible as some members below may reference it during their // destruction. LocalInfo::LocalInfoPtr local_info_; HotRestart& restarter_; const time_t start_time_; time_t original_start_time_; Stats::StoreRoot& stats_store_; std::unique_ptr server_stats_; Assert::ActionRegistrationPtr assert_action_registration_; Assert::ActionRegistrationPtr envoy_bug_action_registration_; ThreadLocal::Instance& thread_local_; Random::RandomGeneratorPtr random_generator_; Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; std::unique_ptr admin_; Singleton::ManagerPtr singleton_manager_; Network::ConnectionHandlerPtr handler_; std::unique_ptr runtime_singleton_; std::unique_ptr ssl_context_manager_; ProdListenerComponentFactory listener_component_factory_; ProdWorkerFactory worker_factory_; std::unique_ptr listener_manager_; absl::node_hash_map stage_callbacks_; absl::node_hash_map stage_completable_callbacks_; Configuration::MainImpl config_; Network::DnsResolverSharedPtr dns_resolver_; Event::TimerPtr stat_flush_timer_; DrainManagerPtr drain_manager_; AccessLog::AccessLogManagerImpl access_log_manager_; std::unique_ptr cluster_manager_factory_; std::unique_ptr main_thread_guard_dog_; std::unique_ptr worker_guard_dog_; bool terminated_; std::unique_ptr file_logger_; envoy::config::bootstrap::v3::Bootstrap bootstrap_; ConfigTracker::EntryOwnerPtr config_tracker_entry_; SystemTime bootstrap_config_update_time_; Grpc::AsyncClientManagerPtr async_client_manager_; Upstream::ProdClusterInfoFactory info_factory_; Upstream::HdsDelegatePtr hds_delegate_; std::unique_ptr overload_manager_; std::vector bootstrap_extensions_; Envoy::MutexTracer* mutex_tracer_; Grpc::ContextImpl grpc_context_; Http::ContextImpl http_context_; std::unique_ptr process_context_; std::unique_ptr heap_shrinker_; const std::thread::id main_thread_id_; // initialization_time is a histogram for tracking the initialization time across hot restarts // whenever we have support for histogram merge across hot restarts. Stats::TimespanPtr initialization_timer_; ServerFactoryContextImpl server_contexts_; template class LifecycleCallbackHandle : public ServerLifecycleNotifier::Handle, RaiiListElement { public: LifecycleCallbackHandle(std::list& callbacks, T& callback) : RaiiListElement(callbacks, callback) {} }; }; // Local implementation of Stats::MetricSnapshot used to flush metrics to sinks. We could // potentially have a single class instance held in a static and have a clear() method to avoid some // vector constructions and reservations, but I'm not sure it's worth the extra complexity until it // shows up in perf traces. // TODO(mattklein123): One thing we probably want to do is switch from returning vectors of metrics // to a lambda based callback iteration API. This would require less vector // copying and probably be a cleaner API in general. class MetricSnapshotImpl : public Stats::MetricSnapshot { public: explicit MetricSnapshotImpl(Stats::Store& store); // Stats::MetricSnapshot const std::vector& counters() override { return counters_; } const std::vector>& gauges() override { return gauges_; }; const std::vector>& histograms() override { return histograms_; } const std::vector>& textReadouts() override { return text_readouts_; } private: std::vector snapped_counters_; std::vector counters_; std::vector snapped_gauges_; std::vector> gauges_; std::vector snapped_histograms_; std::vector> histograms_; std::vector snapped_text_readouts_; std::vector> text_readouts_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/ssl_context_manager.cc ================================================ #include "server/ssl_context_manager.h" #include "envoy/common/exception.h" #include "envoy/registry/registry.h" namespace Envoy { namespace Server { /** * A stub that provides a SSL context manager capable of reporting on * certificates' data in case there's no TLS implementation built * into Envoy. */ class SslContextManagerNoTlsStub final : public Envoy::Ssl::ContextManager { Ssl::ClientContextSharedPtr createSslClientContext(Stats::Scope& /* scope */, const Envoy::Ssl::ClientContextConfig& /* config */) override { throwException(); } Ssl::ServerContextSharedPtr createSslServerContext(Stats::Scope& /* scope */, const Envoy::Ssl::ServerContextConfig& /* config */, const std::vector& /* server_names */) override { throwException(); } size_t daysUntilFirstCertExpires() const override { return std::numeric_limits::max(); } absl::optional secondsUntilFirstOcspResponseExpires() const override { return absl::nullopt; } void iterateContexts(std::function /* callback */) override{}; Ssl::PrivateKeyMethodManager& privateKeyMethodManager() override { throwException(); } private: [[noreturn]] void throwException() { throw EnvoyException("SSL is not supported in this configuration"); } }; Ssl::ContextManagerPtr createContextManager(const std::string& factory_name, TimeSource& time_source) { Ssl::ContextManagerFactory* factory = Registry::FactoryRegistry::getFactory(factory_name); if (factory != nullptr) { return factory->createContextManager(time_source); } return std::make_unique(); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/ssl_context_manager.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/ssl/context_manager.h" namespace Envoy { namespace Server { Ssl::ContextManagerPtr createContextManager(const std::string& factory_name, TimeSource& time_source); } // namespace Server } // namespace Envoy ================================================ FILE: source/server/transport_socket_config_impl.h ================================================ #pragma once #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" namespace Envoy { namespace Server { namespace Configuration { /** * Implementation of TransportSocketFactoryContext. */ class TransportSocketFactoryContextImpl : public TransportSocketFactoryContext { public: TransportSocketFactoryContextImpl(Server::Admin& admin, Ssl::ContextManager& context_manager, Stats::Scope& stats_scope, Upstream::ClusterManager& cm, const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Stats::Store& stats, Singleton::Manager& singleton_manager, ThreadLocal::SlotAllocator& tls, ProtobufMessage::ValidationVisitor& validation_visitor, Api::Api& api) : admin_(admin), context_manager_(context_manager), stats_scope_(stats_scope), cluster_manager_(cm), local_info_(local_info), dispatcher_(dispatcher), stats_(stats), singleton_manager_(singleton_manager), tls_(tls), validation_visitor_(validation_visitor), api_(api) {} /** * Pass an init manager to register dynamic secret provider. * @param init_manager instance of init manager. */ void setInitManager(Init::Manager& init_manager) { init_manager_ = &init_manager; } // TransportSocketFactoryContext Server::Admin& admin() override { return admin_; } Ssl::ContextManager& sslContextManager() override { return context_manager_; } Stats::Scope& scope() override { return stats_scope_; } Secret::SecretManager& secretManager() override { return cluster_manager_.clusterManagerFactory().secretManager(); } Upstream::ClusterManager& clusterManager() override { return cluster_manager_; } const LocalInfo::LocalInfo& localInfo() const override { return local_info_; } Event::Dispatcher& dispatcher() override { return dispatcher_; } Stats::Store& stats() override { return stats_; } Init::Manager& initManager() override { ASSERT(init_manager_ != nullptr); return *init_manager_; } Singleton::Manager& singletonManager() override { return singleton_manager_; } ThreadLocal::SlotAllocator& threadLocal() override { return tls_; } ProtobufMessage::ValidationVisitor& messageValidationVisitor() override { return validation_visitor_; } Api::Api& api() override { return api_; } private: Server::Admin& admin_; Ssl::ContextManager& context_manager_; Stats::Scope& stats_scope_; Upstream::ClusterManager& cluster_manager_; const LocalInfo::LocalInfo& local_info_; Event::Dispatcher& dispatcher_; Stats::Store& stats_; Singleton::Manager& singleton_manager_; ThreadLocal::SlotAllocator& tls_; Init::Manager* init_manager_{}; ProtobufMessage::ValidationVisitor& validation_visitor_; Api::Api& api_; }; } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: source/server/watchdog_impl.cc ================================================ #include "server/watchdog_impl.h" #include "envoy/event/dispatcher.h" #include "common/common/assert.h" namespace Envoy { namespace Server { void WatchDogImpl::startWatchdog(Event::Dispatcher& dispatcher) { timer_ = dispatcher.createTimer([this]() -> void { this->touch(); timer_->enableTimer(timer_interval_); }); timer_->enableTimer(timer_interval_); } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/watchdog_impl.h ================================================ #pragma once #include #include #include "envoy/common/time.h" #include "envoy/event/dispatcher.h" #include "envoy/server/watchdog.h" namespace Envoy { namespace Server { /** * This class stores the actual data about when the WatchDog was last touched * along with thread metadata. */ class WatchDogImpl : public WatchDog { public: /** * @param interval WatchDog timer interval (used after startWatchdog()) */ WatchDogImpl(Thread::ThreadId thread_id, TimeSource& tsource, std::chrono::milliseconds interval) : thread_id_(thread_id), time_source_(tsource), latest_touch_time_since_epoch_(tsource.monotonicTime().time_since_epoch()), timer_interval_(interval) {} Thread::ThreadId threadId() const override { return thread_id_; } MonotonicTime lastTouchTime() const override { return MonotonicTime(latest_touch_time_since_epoch_.load()); } // Server::WatchDog void startWatchdog(Event::Dispatcher& dispatcher) override; void touch() override { latest_touch_time_since_epoch_.store(time_source_.monotonicTime().time_since_epoch()); } private: const Thread::ThreadId thread_id_; TimeSource& time_source_; std::atomic latest_touch_time_since_epoch_; Event::TimerPtr timer_; const std::chrono::milliseconds timer_interval_; }; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/well_known_names.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Server { /** * Well-known active UDP listener names. */ class UdpListenerNameValues { public: const std::string RawUdp = "raw_udp_listener"; }; using UdpListenerNames = ConstSingleton; } // namespace Server } // namespace Envoy ================================================ FILE: source/server/worker_impl.cc ================================================ #include "server/worker_impl.h" #include #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "envoy/network/exception.h" #include "envoy/server/configuration.h" #include "envoy/thread_local/thread_local.h" #include "server/connection_handler_impl.h" namespace Envoy { namespace Server { WorkerPtr ProdWorkerFactory::createWorker(uint32_t index, OverloadManager& overload_manager, const std::string& worker_name) { Event::DispatcherPtr dispatcher(api_.allocateDispatcher(worker_name)); return std::make_unique(tls_, hooks_, std::move(dispatcher), std::make_unique(*dispatcher, index), overload_manager, api_); } WorkerImpl::WorkerImpl(ThreadLocal::Instance& tls, ListenerHooks& hooks, Event::DispatcherPtr&& dispatcher, Network::ConnectionHandlerPtr handler, OverloadManager& overload_manager, Api::Api& api) : tls_(tls), hooks_(hooks), dispatcher_(std::move(dispatcher)), handler_(std::move(handler)), api_(api) { tls_.registerThread(*dispatcher_, false); overload_manager.registerForAction( OverloadActionNames::get().StopAcceptingConnections, *dispatcher_, [this](OverloadActionState state) { stopAcceptingConnectionsCb(state); }); } void WorkerImpl::addListener(absl::optional overridden_listener, Network::ListenerConfig& listener, AddListenerCompletion completion) { // All listener additions happen via post. However, we must deal with the case where the listener // can not be created on the worker. There is a race condition where 2 processes can successfully // bind to an address, but then fail to listen() with EADDRINUSE. During initial startup, we want // to surface this. dispatcher_->post([this, overridden_listener, &listener, completion]() -> void { try { handler_->addListener(overridden_listener, listener); hooks_.onWorkerListenerAdded(); completion(true); } catch (const Network::CreateListenerException& e) { ENVOY_LOG(error, "failed to add listener on worker: {}", e.what()); completion(false); } }); } uint64_t WorkerImpl::numConnections() const { uint64_t ret = 0; if (handler_) { ret = handler_->numConnections(); } return ret; } void WorkerImpl::removeListener(Network::ListenerConfig& listener, std::function completion) { ASSERT(thread_); const uint64_t listener_tag = listener.listenerTag(); dispatcher_->post([this, listener_tag, completion]() -> void { handler_->removeListeners(listener_tag); completion(); hooks_.onWorkerListenerRemoved(); }); } void WorkerImpl::removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) { ASSERT(thread_); dispatcher_->post( [this, listener_tag, &filter_chains, completion = std::move(completion)]() -> void { handler_->removeFilterChains(listener_tag, filter_chains, completion); }); } void WorkerImpl::start(GuardDog& guard_dog) { ASSERT(!thread_); // In posix, thread names are limited to 15 characters, so contrive to make // sure all interesting data fits there. The naming occurs in // ListenerManagerImpl's constructor: absl::StrCat("worker_", i). Let's say we // have 9999 threads. We'd need, so we need 7 bytes for "worker_", 4 bytes // for the thread index, leaving us 4 bytes left to distinguish between the // two threads used per dispatcher. We'll call this one "dsp:" and the // one allocated in guarddog_impl.cc "dog:". // // TODO(jmarantz): consider refactoring how this naming works so this naming // architecture is centralized, resulting in clearer names. Thread::Options options{absl::StrCat("wrk:", dispatcher_->name())}; thread_ = api_.threadFactory().createThread( [this, &guard_dog]() -> void { threadRoutine(guard_dog); }, options); } void WorkerImpl::initializeStats(Stats::Scope& scope) { dispatcher_->initializeStats(scope); } void WorkerImpl::stop() { // It's possible for the server to cleanly shut down while cluster initialization during startup // is happening, so we might not yet have a thread. if (thread_) { dispatcher_->exit(); thread_->join(); } } void WorkerImpl::stopListener(Network::ListenerConfig& listener, std::function completion) { ASSERT(thread_); const uint64_t listener_tag = listener.listenerTag(); dispatcher_->post([this, listener_tag, completion]() -> void { handler_->stopListeners(listener_tag); if (completion != nullptr) { completion(); } }); } void WorkerImpl::threadRoutine(GuardDog& guard_dog) { ENVOY_LOG(debug, "worker entering dispatch loop"); // The watch dog must be created after the dispatcher starts running and has post events flushed, // as this is when TLS stat scopes start working. dispatcher_->post([this, &guard_dog]() { watch_dog_ = guard_dog.createWatchDog(api_.threadFactory().currentThreadId(), dispatcher_->name()); watch_dog_->startWatchdog(*dispatcher_); }); dispatcher_->run(Event::Dispatcher::RunType::Block); ENVOY_LOG(debug, "worker exited dispatch loop"); guard_dog.stopWatching(watch_dog_); // We must close all active connections before we actually exit the thread. This prevents any // destructors from running on the main thread which might reference thread locals. Destroying // the handler does this which additionally purges the dispatcher delayed deletion list. handler_.reset(); tls_.shutdownThread(); watch_dog_.reset(); } void WorkerImpl::stopAcceptingConnectionsCb(OverloadActionState state) { if (state.isSaturated()) { handler_->disableListeners(); } else { handler_->enableListeners(); } } } // namespace Server } // namespace Envoy ================================================ FILE: source/server/worker_impl.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "envoy/network/connection_handler.h" #include "envoy/server/guarddog.h" #include "envoy/server/listener_manager.h" #include "envoy/server/worker.h" #include "envoy/thread_local/thread_local.h" #include "common/common/logger.h" #include "server/listener_hooks.h" namespace Envoy { namespace Server { class ProdWorkerFactory : public WorkerFactory, Logger::Loggable { public: ProdWorkerFactory(ThreadLocal::Instance& tls, Api::Api& api, ListenerHooks& hooks) : tls_(tls), api_(api), hooks_(hooks) {} // Server::WorkerFactory WorkerPtr createWorker(uint32_t index, OverloadManager& overload_manager, const std::string& worker_name) override; private: ThreadLocal::Instance& tls_; Api::Api& api_; ListenerHooks& hooks_; }; /** * A server threaded worker that wraps up a worker thread, event loop, etc. */ class WorkerImpl : public Worker, Logger::Loggable { public: WorkerImpl(ThreadLocal::Instance& tls, ListenerHooks& hooks, Event::DispatcherPtr&& dispatcher, Network::ConnectionHandlerPtr handler, OverloadManager& overload_manager, Api::Api& api); // Server::Worker void addListener(absl::optional overridden_listener, Network::ListenerConfig& listener, AddListenerCompletion completion) override; uint64_t numConnections() const override; void removeListener(Network::ListenerConfig& listener, std::function completion) override; void removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) override; void start(GuardDog& guard_dog) override; void initializeStats(Stats::Scope& scope) override; void stop() override; void stopListener(Network::ListenerConfig& listener, std::function completion) override; private: void threadRoutine(GuardDog& guard_dog); void stopAcceptingConnectionsCb(OverloadActionState state); ThreadLocal::Instance& tls_; ListenerHooks& hooks_; Event::DispatcherPtr dispatcher_; Network::ConnectionHandlerPtr handler_; Api::Api& api_; Thread::ThreadPtr thread_; WatchDogSharedPtr watch_dog_; }; } // namespace Server } // namespace Envoy ================================================ FILE: support/README.md ================================================ # Support tools A collection of CLI tools meant to support and automate various aspects of developing Envoy, particularly those related to code review. For example, automatic DCO signoff and pre-commit format checking. ## Usage To get started, you need only navigate to the Envoy project root and run: ```bash ./support/bootstrap ``` This will set up the development support toolchain automatically. The toolchain uses git hooks extensively, copying them from `support/hooks` to the `.git` folder. The commit hook checks can be skipped using the `-n` / `--no-verify` flags, as so: ```bash git commit --no-verify ``` ## Functionality Currently the development support toolchain exposes two main pieces of functionality: * Automatically appending DCO signoff to the end of a commit message if it doesn't exist yet. Correctly covers edge cases like `commit --amend` and `rebase`. * Automatically running DCO and format checks on all files in the diff, before push. [filter]: https://github.com/envoyproxy/envoy-filter-example ## Fixing Format Problems If the pre-push format checks detect any problems, you can either fix the affected files manually or run the provided formatting script. To run the format fix script directly: ``` ./tools/code_format/check_format.py fix && ./tools/code_format/format_python_tools.sh fix ``` To run the format fix script under Docker: ``` ./ci/run_envoy_docker.sh './ci/do_ci.sh fix_format' ``` To run clang-tidy under Docker, run the following (this creates a full compilation db and takes a long time): ``` ./ci/run_envoy_docker.sh ci/do_ci.sh bazel.clang_tidy ``` ================================================ FILE: support/bootstrap ================================================ #!/usr/bin/env bash # # Bootstraps the developer tools and development environment. This includes # copying project-standard git commit hooks that do things like ensure DCO # signoff is present during commit. # Best-effort check that we're in the envoy root directory. # # TODO(hausdorff): If compatibility becomes an issue here, come back and do this # "the right way". This is hard to do in general, since `realpath` is not # standard. if [ ! "$PWD" == "$(git rev-parse --show-toplevel)" ]; then cat >&2 <<__EOF__ ERROR: this script must be run at the root of the envoy source tree __EOF__ exit 1 fi # Helper functions that calculate `abspath` and `relpath`. Taken from Mesos # commit 82b040a60561cf94dec3197ea88ae15e57bcaa97, which also carries the Apache # V2 license, and has deployed this code successfully for some time. abspath() { cd "$(dirname "${1}")" echo "${PWD}"/"$(basename "${1}")" cd "${OLDPWD}" } relpath() { local FROM TO UP FROM="$(abspath "${1%/}")" TO="$(abspath "${2%/}"/)" while test "${TO}" = "${TO#"${FROM}"/}" \ -a "${TO}" != "${FROM}"; do FROM="${FROM%/*}" UP="../${UP}" done TO="${UP%/}${TO#${FROM}}" echo "${TO:-.}" } # Try to find the `.git` directory, even if it's not in Envoy project root (as # it wouldn't be if, say, this were in a submodule). The "blessed" but fairly # new way to do this is to use `--git-common-dir`. DOT_GIT_DIR=$(git rev-parse --git-common-dir) if test ! -d "${DOT_GIT_DIR}"; then # If `--git-common-dir` is not available, fall back to older way of doing it. DOT_GIT_DIR=$(git rev-parse --git-dir) fi HOOKS_DIR="${DOT_GIT_DIR}/hooks" HOOKS_DIR_RELPATH=$(relpath "${HOOKS_DIR}" "$(dirname $0)") if [ ! -e "${HOOKS_DIR}/prepare-commit-msg" ]; then echo "Installing hook 'prepare-commit-msg'" ln -sf "${HOOKS_DIR_RELPATH}/hooks/prepare-commit-msg" "${HOOKS_DIR}/prepare-commit-msg" fi if [ ! -e "${HOOKS_DIR}/pre-push" ]; then echo "Installing hook 'pre-push'" ln -sf "${HOOKS_DIR_RELPATH}/hooks/pre-push" "${HOOKS_DIR}/pre-push" fi ================================================ FILE: support/hooks/pre-push ================================================ #!/usr/bin/env bash # # A git commit hook that will automatically run format checking and DCO signoff # checking before the push is successful. # # To enable this hook, run `bootstrap`, or run the following from the root of # the repo. (Note that `bootstrap` will correctly install this even if this code # is located in a submodule, while the following won't.) # # $ ln -s ../../support/hooks/pre-push .git/hooks/pre-push DUMMY_SHA=0000000000000000000000000000000000000000 echo "Running pre-push check; to skip this step use 'push --no-verify'" while read LOCAL_REF LOCAL_SHA REMOTE_REF REMOTE_SHA do if [ "$LOCAL_SHA" = $DUMMY_SHA ] then # Branch deleted. Do nothing. exit 0 else if [ "$REMOTE_SHA" = $DUMMY_SHA ] then # New branch. Verify the last commit, since this is very likely where the new code is # (though there is no way to know for sure). In the extremely uncommon case in which someone # pushes more than 1 new commit to a branch, CI will enforce full checking. RANGE="$LOCAL_SHA~1..$LOCAL_SHA" else # Updating branch. Verify new commits. RANGE="$REMOTE_SHA..$LOCAL_SHA" fi # Verify DCO signoff. We do this before the format checker, since it has # some probability of failing spuriously, while this check never should. # # In general, we can't assume that the commits are signed off by author # pushing, so we settle for just checking that there is a signoff at all. SIGNED_OFF=$(git rev-list --no-merges --grep "^Signed-off-by: " "$RANGE") NOT_SIGNED_OFF=$(git rev-list --no-merges "$RANGE" | grep -Fxv "$SIGNED_OFF") if [ -n "$NOT_SIGNED_OFF" ] then echo >&2 "ERROR: The following commits do not have DCO signoff:" while read -r commit; do echo " $(git log --pretty=oneline --abbrev-commit -n 1 $commit)" done <<< "$NOT_SIGNED_OFF" exit 1 fi # NOTE: The `tools` directory will be the same relative to the support # directory, independent of whether we're in a submodule, so no need to use # our `relpath` helper. SCRIPT_DIR="$(dirname "$(realpath "$0")")/../../tools" # TODO(hausdorff): We should have a more graceful failure story when the # user does not have all the tools set up correctly. This script assumes # `$CLANG_FORMAT` and `$BUILDIFY` are defined, or that the default values it # assumes for these variables correspond to real binaries on the system. If # either of these things aren't true, the check fails. for i in $(git diff --name-only $RANGE --diff-filter=ACMR --ignore-submodules=all 2>&1); do echo -ne " Checking format for $i - " "$SCRIPT_DIR"/code_format/check_format.py check $i if [[ $? -ne 0 ]]; then exit 1 fi echo " Checking spelling for $i" "$SCRIPT_DIR"/spelling/check_spelling_pedantic.py check $i if [[ $? -ne 0 ]]; then exit 1 fi done # TODO(mattklein123): Optimally we would be able to do this on a per-file basis. "$SCRIPT_DIR"/proto_format/proto_format.sh check if [[ $? -ne 0 ]]; then exit 1 fi "$SCRIPT_DIR"/code_format/format_python_tools.sh check if [[ $? -ne 0 ]]; then exit 1 fi # Check correctness of repositories definitions. echo " Checking repositories definitions" if ! "$SCRIPT_DIR"/check_repositories.sh; then exit 1 fi fi done exit 0 ================================================ FILE: support/hooks/prepare-commit-msg ================================================ #!/usr/bin/env bash # # A git commit hook that will automatically append a DCO signoff to the bottom # of any commit message that doesn't have one. This append happens after the git # default message is generated, but before the user is dropped into the commit # message editor. # # To enable this hook, run `bootstrap`, or run the following from the root of # the repo. (Note that `bootstrap` will correctly install this even if this code # is located in a submodule, while the following won't.) # # $ ln -s ../../support/hooks/prepare-commit-msg .git/hooks/prepare-commit-msg COMMIT_MESSAGE_FILE="$1" AUTHOR=$(git var GIT_AUTHOR_IDENT) SIGNOFF=$(echo $AUTHOR | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p') # Check for DCO signoff message. If one doesn't exist, append one and then warn # the user that you did so. if ! $(grep -qs "^$SIGNOFF" "$COMMIT_MESSAGE_FILE") ; then echo -e "\n$SIGNOFF" >> "$COMMIT_MESSAGE_FILE" echo -e "Appended the following signoff to the end of the commit message:\n $SIGNOFF\n" fi ================================================ FILE: test/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() # TODO(htuch): remove when we have a solution for https://github.com/bazelbuild/bazel/issues/3510 envoy_cc_test_library( name = "dummy_main", srcs = ["dummy_main.cc"], ) envoy_cc_test_library( name = "main", srcs = [ "main.cc", "test_listener.cc", "test_runner.cc", "test_runner.h", ], hdrs = ["test_listener.h"], deps = [ "//source/common/common:logger_lib", "//source/common/common:thread_lib", "//source/common/event:libevent_lib", "//source/exe:process_wide_lib", "//source/server:backtrace_lib", "//test/common/runtime:utility_lib", "//test/mocks/access_log:access_log_mocks", "//test/test_common:environment_lib", "//test/test_common:global_lib", "//test/test_common:printers_lib", ], ) ================================================ FILE: test/README.md ================================================ # Envoy tests Envoy uses the [Google Test framework](https://github.com/google/googletest) for tests, including [Google Mock](https://github.com/google/googletest/blob/master/googlemock/README.md) for mocks and matchers. See the documentation on those pages for information on the various classes, macros, and matchers that Envoy uses from those frameworks. ## Integration tests Envoy contains an integration testing framework, for testing downstream-Envoy-upstream communication. [See the framework's README for more information.](https://github.com/envoyproxy/envoy/blob/master/test/integration/README.md) ## Custom matchers Envoy includes some custom Google Mock matchers to make test expectation statements simpler to write and easier to understand. ### HeaderValueOf Tests that a HeaderMap argument contains exactly one header with the given key, whose value satisfies the given expectation. The expectation can be a matcher, or a string that the value should equal. Examples: ```cpp EXPECT_THAT(response->headers(), HeaderValueOf(Headers::get().Server, "envoy")); ``` ```cpp using testing::HasSubstr; EXPECT_THAT(request->headers(), HeaderValueOf(Headers::get().AcceptEncoding, HasSubstr("gzip"))); ``` ### HttpStatusIs Tests that a HeaderMap argument has the provided HTTP status code. The status code can be passed in as a string or an integer. Example: ```cpp EXPECT_THAT(response->headers(), HttpStatusIs("200")); ``` ### HeaderMapEqual and HeaderMapEqualRef `HeaderMapEqualRef` tests that two `HeaderMap` arguments are equal. `HeaderMapEqual` is the same, but it compares two pointers to `HeaderMap`s, and the matcher's argument must be a `HeaderMapPtr`. Example: ```cpp EXPECT_THAT(response->headers(), HeaderMapEqualRef(expected_headers)); ``` ### ProtoEq, ProtoEqIgnoringField, RepeatedProtoEq Tests equality of protobufs, with a variant that ignores the value (including presence) of a single named field. Another variant can be used to compare two instances of Protobuf::RepeatedPtrField element-by-element. Example: ```cpp envoy::api::v2::DeltaDiscoveryRequest expected_request; // (not shown: set some fields of expected_request...) EXPECT_CALL(async_stream_, sendMessage(ProtoEqIgnoringField(expected_request, "response_nonce"), false)); response->mutable_resources()->Add(); response->mutable_resources()->Add(); response->mutable_resources()->Add(); // (not shown: do something to populate those empty added items...) EXPECT_CALL(callbacks_, onConfigUpdate(RepeatedProtoEq(response->resources()), version)); ``` ### IsSubsetOfHeaders and IsSupersetOfHeaders Tests that one `HeaderMap` argument contains every header in another `HeaderMap`. Examples: ```cpp EXPECT_THAT(response->headers(), IsSubsetOfHeaders(allowed_headers)); EXPECT_THAT(response->headers(), IsSupersetOfHeaders(required_headers)); ``` ## Controlling time in tests In Envoy production code, time and timers are managed via [`Event::TimeSystem`](https://github.com/envoyproxy/envoy/blob/master/include/envoy/event/timer.h), which provides a mechanism for querying the time and setting up time-based callbacks. Bypassing this abstraction in Envoy code is flagged as a format violation in CI. In tests we use a derivation [`Event::TestTimeSystem`](test_common/test_time_system.h) which adds the ability to sleep or do a blocking timed wait on a condition variable. There are two implementations of the `Event::TestTimeSystem` interface: `Event::TestRealTimeSystem`, and `Event::SimulatedTimeSystem`. The latter is recommended for all new tests, as it helps avoid flaky tests on slow machines, and makes tests run faster. Typically we do not want to have both real-time and simulated-time in the same test; that could lead to hard-to-reproduce results. Thus both implementations have a mechanism to enforce that only one of them can be instantiated at once. A runtime assertion occurs if an `Event::TestRealTimeSystem` and `Event::SimulatedTimeSystem` are instantiated at the same time. Once the time-system goes out of scope, usually at the end of a test method, the slate is clean and a new test-method can use a different time system. There is also `Event::GlobalTimeSystem`, which can be instantiated in shared test infrastructure that wants to be agnostic to which `TimeSystem` is used in a test. When no `TimeSystem` is instantiated in a test, the `Event::GlobalTimeSystem` will lazy-initialize itself into a concrete `TimeSystem`. Currently this is `TestRealTimeSystem` but will be changed in the future to `SimulatedTimeSystem`. ## Benchmark tests Envoy uses [Google Benchmark](https://github.com/google/benchmark/) for microbenchmarks. There are custom bazel rules, `envoy_cc_benchmark_binary` and `envoy_benchmark_test`, to execute them locally and in CI environments respectively. `envoy_benchmark_test` rules call the benchmark binary from a [script](https://github.com/envoyproxy/envoy/blob/master/bazel/test_for_benchmark_wrapper.sh) which runs the benchmark with a minimal number of iterations and skipping expensive benchmarks to quickly verify that the binary is able to run to completion. In order to collect meaningful bechmarks, `bazel run -c opt` the benchmark binary target on a quiescent machine. If you would like to detect when your benchmark test is running under the wrapper, call [`Envoy::benchmark::skipExpensiveBechmarks()`](https://github.com/envoyproxy/envoy/blob/master/test/benchmark/main.h). ================================================ FILE: test/benchmark/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test_library( name = "main", srcs = ["main.cc"], hdrs = ["main.h"], external_deps = [ "benchmark", "tclap", ], deps = [ "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//test/test_common:environment_lib", "//test/test_common:printers_lib", "//test/test_common:test_runtime_lib", ], ) ================================================ FILE: test/benchmark/main.cc ================================================ // NOLINT(namespace-envoy) // This is an Envoy driver for benchmarks. #include "test/benchmark/main.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "test/test_common/environment.h" #include "test/test_common/test_runtime.h" #include "benchmark/benchmark.h" #include "tclap/CmdLine.h" using namespace Envoy; static bool skip_expensive_benchmarks = false; // Boilerplate main(), which discovers benchmarks and runs them. This uses two // different flag parsers, so the order of flags matters: flags defined here // must be passed first, and flags defined in benchmark::Initialize second, // separated by --. // TODO(pgenera): convert this to abseil/flags/ when benchmark also adopts abseil. int main(int argc, char** argv) { TestEnvironment::initializeTestMain(argv[0]); // Suppressing non-error messages in benchmark tests. This hides warning // messages that appear when using a runtime feature when there isn't an initialized // runtime, and may have non-negligible impact on performance. // TODO(adisuissa): This should be configurable, similarly to unit tests. const spdlog::level::level_enum default_log_level = spdlog::level::err; Envoy::Logger::Registry::setLogLevel(default_log_level); // NOLINTNEXTLINE(clang-analyzer-optin.cplusplus.VirtualCall) TCLAP::CmdLine cmd("envoy-benchmark-test", ' ', "0.1"); TCLAP::SwitchArg skip_switch("s", "skip_expensive_benchmarks", "skip or minimize expensive benchmarks", cmd, false); TCLAP::MultiArg runtime_features( "r", "runtime_feature", "runtime feature settings each of the form: :", false, "string", cmd); cmd.setExceptionHandling(false); try { cmd.parse(argc, argv); } catch (const TCLAP::ExitException& e) { // parse() throws an ExitException with status 0 after printing the output // for --help and --version. return 0; } // Reduce logs so benchmark output is readable. Thread::MutexBasicLockable lock; Logger::Context logging_context{spdlog::level::warn, Logger::Context::getFancyLogFormat(), lock, false}; skip_expensive_benchmarks = skip_switch.getValue(); // Initialize scoped_runtime if a runtime_feature argument is present. This // allows benchmarks to use their own scoped_runtime in case no runtime flag is // passed as an argument. std::unique_ptr scoped_runtime = nullptr; const auto& runtime_features_args = runtime_features.getValue(); for (const absl::string_view runtime_feature_arg : runtime_features_args) { if (scoped_runtime == nullptr) { scoped_runtime = std::make_unique(); } // Make sure the argument contains a single ":" character. const std::vector runtime_feature_split = absl::StrSplit(runtime_feature_arg, ':'); if (runtime_feature_split.size() != 2) { ENVOY_LOG_MISC(critical, "Given runtime flag \"{}\" should have a single ':' separating the flag name " "and its value.", runtime_feature_arg); return 1; } const auto feature_name = runtime_feature_split[0]; const auto feature_val = runtime_feature_split[1]; Runtime::LoaderSingleton::getExisting()->mergeValues({{feature_name, feature_val}}); } ::benchmark::Initialize(&argc, argv); if (skip_expensive_benchmarks) { ENVOY_LOG_MISC( critical, "Expensive benchmarks are being skipped; see test/README.md for more information"); } ::benchmark::RunSpecifiedBenchmarks(); } bool Envoy::benchmark::skipExpensiveBenchmarks() { return skip_expensive_benchmarks; } ================================================ FILE: test/benchmark/main.h ================================================ #pragma once /** * Benchmarks can use this to skip or hurry through long-running tests in CI. */ namespace Envoy { namespace benchmark { bool skipExpensiveBenchmarks(); } } // namespace Envoy ================================================ FILE: test/common/access_log/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "access_log_impl_test", srcs = ["access_log_impl_test.cc"], deps = [ "//source/common/access_log:access_log_lib", "//source/extensions/access_loggers/file:config", "//source/extensions/access_loggers/grpc:http_config", "//source/extensions/access_loggers/grpc:tcp_config", "//test/common/stream_info:test_util", "//test/common/upstream:utility_lib", "//test/mocks/access_log:access_log_mocks", "//test/mocks/event:event_mocks", "//test/mocks/filesystem:filesystem_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/server:factory_context_mocks", "//test/mocks/upstream:cluster_info_mocks", "//test/test_common:registry_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/accesslog/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "access_log_manager_impl_test", srcs = ["access_log_manager_impl_test.cc"], deps = [ "//source/common/access_log:access_log_manager_lib", "//source/common/stats:stats_lib", "//test/common/stats:stat_test_utility_lib", "//test/mocks/access_log:access_log_mocks", "//test/mocks/api:api_mocks", "//test/mocks/event:event_mocks", "//test/mocks/filesystem:filesystem_mocks", ], ) ================================================ FILE: test/common/access_log/access_log_impl_test.cc ================================================ #include #include #include #include #include "envoy/config/accesslog/v3/accesslog.pb.h" #include "envoy/config/accesslog/v3/accesslog.pb.validate.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" #include "common/access_log/access_log_impl.h" #include "common/config/utility.h" #include "common/protobuf/message_validator_impl.h" #include "common/runtime/runtime_impl.h" #include "test/common/stream_info/test_util.h" #include "test/common/upstream/utility.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/upstream/cluster_info.h" #include "test/test_common/printers.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::NiceMock; using testing::Return; using testing::SaveArg; namespace Envoy { namespace AccessLog { namespace { envoy::config::accesslog::v3::AccessLog parseAccessLogFromV3Yaml(const std::string& yaml, bool avoid_boosting = true) { envoy::config::accesslog::v3::AccessLog access_log; TestUtility::loadFromYamlAndValidate(yaml, access_log, false, avoid_boosting); return access_log; } class AccessLogImplTest : public testing::Test { public: AccessLogImplTest() : file_(new MockAccessLogFile()) { ON_CALL(context_, runtime()).WillByDefault(ReturnRef(runtime_)); ON_CALL(context_, accessLogManager()).WillByDefault(ReturnRef(log_manager_)); ON_CALL(log_manager_, createAccessLog(_)).WillByDefault(Return(file_)); ON_CALL(*file_, write(_)).WillByDefault(SaveArg<0>(&output_)); } Http::TestRequestHeaderMapImpl request_headers_{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers_; Http::TestResponseTrailerMapImpl response_trailers_; TestStreamInfo stream_info_; std::shared_ptr file_; StringViewSaver output_; NiceMock runtime_; NiceMock log_manager_; NiceMock context_; }; TEST_F(AccessLogImplTest, LogMoreData) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); stream_info_.response_flags_ = StreamInfo::ResponseFlag::UpstreamConnectionFailure; request_headers_.addCopy(Http::Headers::get().UserAgent, "user-agent-set"); request_headers_.addCopy(Http::Headers::get().RequestId, "id"); request_headers_.addCopy(Http::Headers::get().Host, "host"); request_headers_.addCopy(Http::Headers::get().ForwardedFor, "x.x.x.x"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 UF 1 2 3 - \"x.x.x.x\" " "\"user-agent-set\" \"id\" \"host\" \"-\"\n", output_); } TEST_F(AccessLogImplTest, DownstreamDisconnect) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); auto cluster = std::make_shared>(); stream_info_.upstream_host_ = Upstream::makeTestHostDescription(cluster, "tcp://10.0.0.5:1234"); stream_info_.response_flags_ = StreamInfo::ResponseFlag::DownstreamConnectionTermination; log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 DC 1 2 3 - \"-\" \"-\" \"-\" \"-\" " "\"10.0.0.5:1234\"\n", output_); } TEST_F(AccessLogImplTest, RouteName) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH):256% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %ROUTE_NAME% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\"\n" )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); stream_info_.route_name_ = "route-test-name"; stream_info_.response_flags_ = StreamInfo::ResponseFlag::UpstreamConnectionFailure; request_headers_.addCopy(Http::Headers::get().UserAgent, "user-agent-set"); request_headers_.addCopy(Http::Headers::get().RequestId, "id"); request_headers_.addCopy(Http::Headers::get().Host, "host"); request_headers_.addCopy(Http::Headers::get().ForwardedFor, "x.x.x.x"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ( "[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 UF route-test-name 1 2 3 - \"x.x.x.x\" " "\"user-agent-set\" \"id\" \"host\"\n", output_); } TEST_F(AccessLogImplTest, EnvoyUpstreamServiceTime) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); response_headers_.addCopy(Http::Headers::get().EnvoyUpstreamServiceTime, "999"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 - 1 2 3 999 \"-\" \"-\" \"-\" \"-\" " "\"-\"\n", output_); } TEST_F(AccessLogImplTest, NoFilter) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ( "[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 - 1 2 3 - \"-\" \"-\" \"-\" \"-\" \"-\"\n", output_); } TEST_F(AccessLogImplTest, UpstreamHost) { auto cluster = std::make_shared>(); stream_info_.upstream_host_ = Upstream::makeTestHostDescription(cluster, "tcp://10.0.0.5:1234"); const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("[1999-01-01T00:00:00.000Z] \"GET / HTTP/1.1\" 0 - 1 2 3 - \"-\" \"-\" \"-\" \"-\" " "\"10.0.0.5:1234\"\n", output_); } TEST_F(AccessLogImplTest, WithFilterMiss) { const std::string yaml = R"EOF( name: accesslog filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: key_a - duration_filter: comparison: op: GE value: default_value: 1000000 runtime_key: key_b typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.response_code_ = 200; log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, WithFilterHit) { const std::string yaml = R"EOF( name: accesslog filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: key_a - status_code_filter: comparison: op: EQ value: default_value: 0 runtime_key: key_b - duration_filter: comparison: op: GE value: default_value: 1000000 runtime_key: key_c typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(3); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.response_code_ = 500; log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.response_code_ = 200; stream_info_.end_time_ = stream_info_.startTimeMonotonic() + std::chrono::microseconds(1001000000000000); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, RuntimeFilter) { const std::string yaml = R"EOF( name: accesslog filter: runtime_filter: runtime_key: access_log.test_key typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; Random::RandomGeneratorImpl random; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); // Value is taken from random generator. EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(42)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 0, 42, 100)) .WillOnce(Return(true)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(43)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 0, 43, 100)) .WillOnce(Return(false)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); // Value is taken from x-request-id. request_headers_.addCopy("x-request-id", "000000ff-0000-0000-0000-000000000000"); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 0, 55, 100)) .WillOnce(Return(true)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 0, 55, 100)) .WillOnce(Return(false)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, RuntimeFilterV2) { const std::string yaml = R"EOF( name: accesslog filter: runtime_filter: runtime_key: access_log.test_key percent_sampled: numerator: 5 denominator: TEN_THOUSAND typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; Random::RandomGeneratorImpl random; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); // Value is taken from random generator. EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(42)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 42, 10000)) .WillOnce(Return(true)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(43)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 43, 10000)) .WillOnce(Return(false)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); // Value is taken from x-request-id. request_headers_.addCopy("x-request-id", "000000ff-0000-0000-0000-000000000000"); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 255, 10000)) .WillOnce(Return(true)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 255, 10000)) .WillOnce(Return(false)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, RuntimeFilterV2IndependentRandomness) { const std::string yaml = R"EOF( name: accesslog filter: runtime_filter: runtime_key: access_log.test_key percent_sampled: numerator: 5 denominator: MILLION use_independent_randomness: true typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); // Value should not be taken from x-request-id. request_headers_.addCopy("x-request-id", "000000ff-0000-0000-0000-000000000000"); EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(42)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 42, 1000000)) .WillOnce(Return(true)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_CALL(context_.api_.random_, random()).WillOnce(Return(43)); EXPECT_CALL(runtime_.snapshot_, featureEnabled("access_log.test_key", 5, 43, 1000000)) .WillOnce(Return(false)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, PathRewrite) { request_headers_ = {{":method", "GET"}, {":path", "/foo"}, {"x-envoy-original-path", "/bar"}}; const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("[1999-01-01T00:00:00.000Z] \"GET /bar HTTP/1.1\" 0 - 1 2 3 - \"-\" \"-\" \"-\" \"-\" " "\"-\"\n", output_); } TEST_F(AccessLogImplTest, HealthCheckTrue) { const std::string yaml = R"EOF( name: accesslog filter: not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); Http::TestRequestHeaderMapImpl header_map{}; stream_info_.health_check_request_ = true; EXPECT_CALL(*file_, write(_)).Times(0); log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, HealthCheckFalse) { const std::string yaml = R"EOF( name: accesslog filter: not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/dev/null" )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); Http::TestRequestHeaderMapImpl header_map{}; EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, RequestTracing) { Random::RandomGeneratorImpl random; const std::string yaml = R"EOF( name: accesslog filter: traceable_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); { Http::TestRequestHeaderMapImpl forced_header{{"x-request-id", random.uuid()}}; stream_info_.getRequestIDExtension()->setTraceStatus(forced_header, Http::TraceStatus::Forced); EXPECT_CALL(*file_, write(_)); log->log(&forced_header, &response_headers_, &response_trailers_, stream_info_); } { Http::TestRequestHeaderMapImpl not_traceable{{"x-request-id", random.uuid()}}; EXPECT_CALL(*file_, write(_)).Times(0); log->log(¬_traceable, &response_headers_, &response_trailers_, stream_info_); } { Http::TestRequestHeaderMapImpl sampled_header{{"x-request-id", random.uuid()}}; stream_info_.getRequestIDExtension()->setTraceStatus(sampled_header, Http::TraceStatus::Sampled); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&sampled_header, &response_headers_, &response_trailers_, stream_info_); } } TEST(AccessLogImplTestCtor, FiltersMissingInOrAndFilter) { NiceMock context; { const std::string yaml = R"EOF( name: accesslog filter: or_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW(AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context), EnvoyException); } { const std::string yaml = R"EOF( name: accesslog filter: and_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW(AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context), EnvoyException); } } TEST_F(AccessLogImplTest, AndFilter) { const std::string yaml = R"EOF( name: accesslog filter: and_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: key - not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); stream_info_.response_code_ = 500; { EXPECT_CALL(*file_, write(_)); Http::TestRequestHeaderMapImpl header_map{{"user-agent", "NOT/Envoy/HC"}}; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } { EXPECT_CALL(*file_, write(_)).Times(0); Http::TestRequestHeaderMapImpl header_map{}; stream_info_.health_check_request_ = true; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } } TEST_F(AccessLogImplTest, OrFilter) { const std::string yaml = R"EOF( name: accesslog filter: or_filter: filters: - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: key - not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); stream_info_.response_code_ = 500; { EXPECT_CALL(*file_, write(_)); Http::TestRequestHeaderMapImpl header_map{{"user-agent", "NOT/Envoy/HC"}}; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } { EXPECT_CALL(*file_, write(_)); Http::TestRequestHeaderMapImpl header_map{{"user-agent", "Envoy/HC"}}; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } } TEST_F(AccessLogImplTest, MultipleOperators) { const std::string yaml = R"EOF( name: accesslog filter: and_filter: filters: - or_filter: filters: - duration_filter: comparison: op: GE value: default_value: 10000 runtime_key: key_a - status_code_filter: comparison: op: GE value: default_value: 500 runtime_key: key_b - not_health_check_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); stream_info_.response_code_ = 500; { EXPECT_CALL(*file_, write(_)); Http::TestRequestHeaderMapImpl header_map{}; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } { EXPECT_CALL(*file_, write(_)).Times(0); Http::TestRequestHeaderMapImpl header_map{}; stream_info_.health_check_request_ = true; log->log(&header_map, &response_headers_, &response_trailers_, stream_info_); } } TEST(AccessLogFilterTest, DurationWithRuntimeKey) { const std::string filter_yaml = R"EOF( duration_filter: comparison: op: GE value: default_value: 1000000 runtime_key: key )EOF"; NiceMock runtime; envoy::config::accesslog::v3::AccessLogFilter config; TestUtility::loadFromYaml(filter_yaml, config); DurationFilter filter(config.duration_filter(), runtime); Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; TestStreamInfo stream_info; stream_info.end_time_ = stream_info.startTimeMonotonic() + std::chrono::microseconds(100000); EXPECT_CALL(runtime.snapshot_, getInteger("key", 1000000)).WillOnce(Return(1)); EXPECT_TRUE(filter.evaluate(stream_info, request_headers, response_headers, response_trailers)); EXPECT_CALL(runtime.snapshot_, getInteger("key", 1000000)).WillOnce(Return(1000)); EXPECT_FALSE(filter.evaluate(stream_info, request_headers, response_headers, response_trailers)); stream_info.end_time_ = stream_info.startTimeMonotonic() + std::chrono::microseconds(100000001000); EXPECT_CALL(runtime.snapshot_, getInteger("key", 1000000)).WillOnce(Return(100000000)); EXPECT_TRUE(filter.evaluate(stream_info, request_headers, response_headers, response_trailers)); stream_info.end_time_ = stream_info.startTimeMonotonic() + std::chrono::microseconds(10000); EXPECT_CALL(runtime.snapshot_, getInteger("key", 1000000)).WillOnce(Return(100000000)); EXPECT_FALSE(filter.evaluate(stream_info, request_headers, response_headers, response_trailers)); } TEST(AccessLogFilterTest, StatusCodeWithRuntimeKey) { const std::string filter_yaml = R"EOF( status_code_filter: comparison: op: GE value: default_value: 300 runtime_key: key )EOF"; NiceMock runtime; envoy::config::accesslog::v3::AccessLogFilter config; TestUtility::loadFromYaml(filter_yaml, config); StatusCodeFilter filter(config.status_code_filter(), runtime); Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; TestStreamInfo info; info.response_code_ = 400; EXPECT_CALL(runtime.snapshot_, getInteger("key", 300)).WillOnce(Return(350)); EXPECT_TRUE(filter.evaluate(info, request_headers, response_headers, response_trailers)); EXPECT_CALL(runtime.snapshot_, getInteger("key", 300)).WillOnce(Return(500)); EXPECT_FALSE(filter.evaluate(info, request_headers, response_headers, response_trailers)); } TEST_F(AccessLogImplTest, StatusCodeLessThan) { const std::string yaml = R"EOF( name: accesslog filter: status_code_filter: comparison: op: LE value: default_value: 499 runtime_key: hello typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); stream_info_.response_code_ = 499; EXPECT_CALL(runtime_.snapshot_, getInteger("hello", 499)).WillOnce(Return(499)); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.response_code_ = 500; EXPECT_CALL(runtime_.snapshot_, getInteger("hello", 499)).WillOnce(Return(499)); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, HeaderPresence) { const std::string yaml = R"EOF( name: accesslog filter: header_filter: header: name: test-header typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.addCopy("test-header", "present"); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, HeaderExactMatch) { const std::string yaml = R"EOF( name: accesslog filter: header_filter: header: name: test-header exact_match: exact-match-value typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.addCopy("test-header", "exact-match-value"); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "not-exact-match-value"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, HeaderRegexMatch) { const std::string yaml = R"EOF( name: accesslog filter: header_filter: header: name: test-header safe_regex_match: google_re2: {} regex: "\\d{3}" typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.addCopy("test-header", "123"); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "1234"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "123.456"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, HeaderRangeMatch) { const std::string yaml = R"EOF( name: accesslog filter: header_filter: header: name: test-header range_match: start: -10 end: 0 typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.addCopy("test-header", "-1"); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "0"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "somestring"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "10.9"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.remove("test-header"); request_headers_.addCopy("test-header", "-1somestring"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, ResponseFlagFilterAnyFlag) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, ResponseFlagFilterSpecificFlag) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: flags: - UO typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, ResponseFlagFilterSeveralFlags) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: flags: - UO - RL typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); stream_info_.setResponseFlag(StreamInfo::ResponseFlag::UpstreamOverflow); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, ResponseFlagFilterAllFlagsInPGV) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: flags: - LH - UH - UT - LR - UR - UF - UC - UO - NR - DI - FI - RL - UAEX - RLSE - DC - URX - SI - IH - DPE - UMSDR - RFCF - NFCF - DT typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; static_assert(StreamInfo::ResponseFlag::LastFlag == 0x400000, "A flag has been added. Fix this code."); const std::vector all_response_flags = { StreamInfo::ResponseFlag::FailedLocalHealthCheck, StreamInfo::ResponseFlag::NoHealthyUpstream, StreamInfo::ResponseFlag::UpstreamRequestTimeout, StreamInfo::ResponseFlag::LocalReset, StreamInfo::ResponseFlag::UpstreamRemoteReset, StreamInfo::ResponseFlag::UpstreamConnectionFailure, StreamInfo::ResponseFlag::UpstreamConnectionTermination, StreamInfo::ResponseFlag::UpstreamOverflow, StreamInfo::ResponseFlag::NoRouteFound, StreamInfo::ResponseFlag::DelayInjected, StreamInfo::ResponseFlag::FaultInjected, StreamInfo::ResponseFlag::RateLimited, StreamInfo::ResponseFlag::UnauthorizedExternalService, StreamInfo::ResponseFlag::RateLimitServiceError, StreamInfo::ResponseFlag::DownstreamConnectionTermination, StreamInfo::ResponseFlag::UpstreamRetryLimitExceeded, StreamInfo::ResponseFlag::StreamIdleTimeout, StreamInfo::ResponseFlag::InvalidEnvoyRequestHeaders, StreamInfo::ResponseFlag::DownstreamProtocolError, StreamInfo::ResponseFlag::UpstreamMaxStreamDurationReached, StreamInfo::ResponseFlag::ResponseFromCacheFilter, StreamInfo::ResponseFlag::NoFilterConfigFound, StreamInfo::ResponseFlag::DurationTimeout}; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); for (const auto response_flag : all_response_flags) { TestStreamInfo stream_info; stream_info.setResponseFlag(response_flag); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info); } } TEST_F(AccessLogImplTest, ResponseFlagFilterUnsupportedFlag) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: flags: - UnsupportedFlag typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW_WITH_MESSAGE( AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_), ProtoValidationException, "Proto constraint validation failed (AccessLogValidationError.Filter: [\"embedded message " "failed validation\"] | caused by AccessLogFilterValidationError.ResponseFlagFilter: " "[\"embedded message failed validation\"] | caused by " "ResponseFlagFilterValidationError.Flags[i]: [\"value must be in list \" [\"LH\" \"UH\" " "\"UT\" \"LR\" \"UR\" \"UF\" \"UC\" \"UO\" \"NR\" \"DI\" \"FI\" \"RL\" \"UAEX\" \"RLSE\" " "\"DC\" \"URX\" \"SI\" \"IH\" \"DPE\" \"UMSDR\" \"RFCF\" \"NFCF\" \"DT\"]]): name: " "\"accesslog\"\nfilter {\n " " " "response_flag_filter {\n flags: \"UnsupportedFlag\"\n }\n}\ntyped_config {\n " "[type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog] {\n path: \"/dev/null\"\n " "}\n}\n"); } TEST_F(AccessLogImplTest, ValidateTypedConfig) { const std::string yaml = R"EOF( name: accesslog filter: response_flag_filter: flags: - UnsupportedFlag typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW_WITH_MESSAGE( AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_), ProtoValidationException, "Proto constraint validation failed (AccessLogValidationError.Filter: [\"embedded message " "failed validation\"] | caused by AccessLogFilterValidationError.ResponseFlagFilter: " "[\"embedded message failed validation\"] | caused by " "ResponseFlagFilterValidationError.Flags[i]: [\"value must be in list \" [\"LH\" \"UH\" " "\"UT\" \"LR\" \"UR\" \"UF\" \"UC\" \"UO\" \"NR\" \"DI\" \"FI\" \"RL\" \"UAEX\" \"RLSE\" " "\"DC\" \"URX\" \"SI\" \"IH\" \"DPE\" \"UMSDR\" \"RFCF\" \"NFCF\" \"DT\"]]): name: " "\"accesslog\"\nfilter {\n " " " "response_flag_filter {\n flags: \"UnsupportedFlag\"\n }\n}\ntyped_config {\n " "[type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog] {\n path: \"/dev/null\"\n " "}\n}\n"); } TEST_F(AccessLogImplTest, ValidGrpcStatusMessage) { const std::string yaml = R"EOF( name: accesslog typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null format: "%GRPC_STATUS%\n" )EOF"; InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); { EXPECT_CALL(*file_, write(_)); response_trailers_.addCopy(Http::Headers::get().GrpcStatus, "0"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("OK\n", output_); response_trailers_.remove(Http::Headers::get().GrpcStatus); } { InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); response_headers_.addCopy(Http::Headers::get().GrpcStatus, "1"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("Canceled\n", output_); response_headers_.remove(Http::Headers::get().GrpcStatus); } { InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); response_headers_.addCopy(Http::Headers::get().GrpcStatus, "-1"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); EXPECT_EQ("-1\n", output_); response_headers_.remove(Http::Headers::get().GrpcStatus); } } TEST_F(AccessLogImplTest, GrpcStatusFilterValues) { const std::string yaml_template = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const auto desc = envoy::config::accesslog::v3::GrpcStatusFilter::Status_descriptor(); const int grpcStatuses = static_cast(Grpc::Status::WellKnownGrpcStatus::MaximumKnown) + 1; if (desc->value_count() != grpcStatuses) { FAIL() << "Mismatch in number of gRPC statuses, GrpcStatus has " << grpcStatuses << ", GrpcStatusFilter_Status has " << desc->value_count() << "."; } for (int i = 0; i < desc->value_count(); i++) { InstanceSharedPtr log = AccessLogFactory::fromProto( parseAccessLogFromV3Yaml(fmt::format(yaml_template, desc->value(i)->name())), context_); EXPECT_CALL(*file_, write(_)); response_trailers_.addCopy(Http::Headers::get().GrpcStatus, std::to_string(i)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); response_trailers_.remove(Http::Headers::get().GrpcStatus); } } TEST_F(AccessLogImplTest, GrpcStatusFilterUnsupportedValue) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - NOT_A_VALID_CODE typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW_WITH_REGEX(AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_), EnvoyException, ".*\"NOT_A_VALID_CODE\" for type TYPE_ENUM.*"); } TEST_F(AccessLogImplTest, GrpcStatusFilterBlock) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - OK typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); response_trailers_.addCopy(Http::Headers::get().GrpcStatus, "1"); EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, GrpcStatusFilterHttpCodes) { const std::string yaml_template = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - {} typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; // This mapping includes UNKNOWN <-> 200 because we expect that gRPC should provide an explicit // status code for successes. In general, the only status codes that receive an HTTP mapping are // those enumerated below with a non-UNKNOWN mapping. See: //source/common/grpc/status.cc and // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md. const std::vector> statusMapping = { {"UNKNOWN", 200}, {"INTERNAL", 400}, {"UNAUTHENTICATED", 401}, {"PERMISSION_DENIED", 403}, {"UNAVAILABLE", 429}, {"UNIMPLEMENTED", 404}, {"UNAVAILABLE", 502}, {"UNAVAILABLE", 503}, {"UNAVAILABLE", 504}}; for (const auto& pair : statusMapping) { stream_info_.response_code_ = pair.second; const InstanceSharedPtr log = AccessLogFactory::fromProto( parseAccessLogFromV3Yaml(fmt::format(yaml_template, pair.first)), context_); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } } TEST_F(AccessLogImplTest, GrpcStatusFilterNoCode) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - UNKNOWN typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, GrpcStatusFilterExclude) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: exclude: true statuses: - OK typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); for (int i = 0; i <= static_cast(Grpc::Status::WellKnownGrpcStatus::MaximumKnown); i++) { EXPECT_CALL(*file_, write(_)).Times(i == 0 ? 0 : 1); response_trailers_.addCopy(Http::Headers::get().GrpcStatus, std::to_string(i)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); response_trailers_.remove(Http::Headers::get().GrpcStatus); } } TEST_F(AccessLogImplTest, GrpcStatusFilterExcludeFalse) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: exclude: false statuses: - OK typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); response_trailers_.addCopy(Http::Headers::get().GrpcStatus, "0"); EXPECT_CALL(*file_, write(_)); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, GrpcStatusFilterHeader) { const std::string yaml = R"EOF( name: accesslog filter: grpc_status_filter: statuses: - OK typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)); response_headers_.addCopy(Http::Headers::get().GrpcStatus, "0"); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, MetadataFilter) { const std::string yaml = R"EOF( name: accesslog filter: metadata_filter: matcher: filter: "some.namespace" path: - key: "a" - key: "b" - key: "c" value: bool_match: true typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; TestStreamInfo stream_info; ProtobufWkt::Struct metadata_val; auto& fields_a = *metadata_val.mutable_fields(); auto& struct_b = *fields_a["a"].mutable_struct_value(); auto& fields_b = *struct_b.mutable_fields(); auto& struct_c = *fields_b["b"].mutable_struct_value(); auto& fields_c = *struct_c.mutable_fields(); fields_c["c"].set_bool_value(true); stream_info.setDynamicMetadata("some.namespace", metadata_val); const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(1); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info); fields_c["c"].set_bool_value(false); EXPECT_CALL(*file_, write(_)).Times(0); } // This is a regression test for fuzz bug https://oss-fuzz.com/testcase-detail/4863844862918656 // where a missing matcher would attempt to create a ValueMatcher and crash in debug mode. Instead, // the configured metadata filter does not match. TEST_F(AccessLogImplTest, MetadataFilterNoMatcher) { const std::string yaml = R"EOF( name: accesslog filter: metadata_filter: match_if_key_not_found: false typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; TestStreamInfo stream_info; ProtobufWkt::Struct metadata_val; stream_info.setDynamicMetadata("some.namespace", metadata_val); const InstanceSharedPtr log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); // If no matcher is set, then expect no logs. EXPECT_CALL(*file_, write(_)).Times(0); log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info); } TEST_F(AccessLogImplTest, MetadataFilterNoKey) { const std::string default_true_yaml = R"EOF( name: accesslog filter: metadata_filter: matcher: filter: "some.namespace" path: - key: "x" value: bool_match: true typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; const std::string default_false_yaml = R"EOF( name: accesslog filter: metadata_filter: matcher: filter: "some.namespace" path: - key: "y" value: bool_match: true match_if_key_not_found: value: false typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; TestStreamInfo stream_info; ProtobufWkt::Struct metadata_val; auto& fields_a = *metadata_val.mutable_fields(); auto& struct_b = *fields_a["a"].mutable_struct_value(); auto& fields_b = *struct_b.mutable_fields(); fields_b["b"].set_bool_value(true); stream_info.setDynamicMetadata("some.namespace", metadata_val); const InstanceSharedPtr default_false_log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(default_false_yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); default_false_log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info); const InstanceSharedPtr default_true_log = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(default_true_yaml), context_); EXPECT_CALL(*file_, write(_)).Times(1); default_true_log->log(&request_headers_, &response_headers_, &response_trailers_, stream_info); } class TestHeaderFilterFactory : public ExtensionFilterFactory { public: ~TestHeaderFilterFactory() override = default; FilterPtr createFilter(const envoy::config::accesslog::v3::ExtensionFilter& config, Runtime::Loader&, Random::RandomGenerator&) override { auto factory_config = Config::Utility::translateToFactoryConfig( config, Envoy::ProtobufMessage::getNullValidationVisitor(), *this); const auto& header_config = TestUtility::downcastAndValidate( *factory_config); return std::make_unique(header_config); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return "test_header_filter"; } }; TEST_F(AccessLogImplTest, TestHeaderFilterPresence) { TestHeaderFilterFactory factory; Registry::InjectFactory registration(factory); const std::string yaml = R"EOF( name: accesslog filter: extension_filter: name: test_header_filter typed_config: "@type": type.googleapis.com/envoy.config.filter.accesslog.v2.HeaderFilter header: name: test-header typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr logger = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); EXPECT_CALL(*file_, write(_)).Times(0); logger->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); request_headers_.addCopy("test-header", "foo/bar"); EXPECT_CALL(*file_, write(_)); logger->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } /** * Sample extension filter which allows every 1 of every `sample_rate` log attempts. */ class SampleExtensionFilter : public Filter { public: SampleExtensionFilter(uint32_t sample_rate) : sample_rate_(sample_rate) {} // AccessLog::Filter bool evaluate(const StreamInfo::StreamInfo&, const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, const Http::ResponseTrailerMap&) const override { if (current_++ == 0) { return true; } if (current_ >= sample_rate_) { current_ = 0; } return false; } private: mutable uint32_t current_ = 0; uint32_t sample_rate_; }; /** * Sample extension filter factory which creates SampleExtensionFilter. */ class SampleExtensionFilterFactory : public ExtensionFilterFactory { public: ~SampleExtensionFilterFactory() override = default; FilterPtr createFilter(const envoy::config::accesslog::v3::ExtensionFilter& config, Runtime::Loader&, Random::RandomGenerator&) override { auto factory_config = Config::Utility::translateToFactoryConfig( config, Envoy::ProtobufMessage::getNullValidationVisitor(), *this); ProtobufWkt::Struct struct_config = *dynamic_cast(factory_config.get()); return std::make_unique( static_cast(struct_config.fields().at("rate").number_value())); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } std::string name() const override { return "sample_extension_filter"; } }; TEST_F(AccessLogImplTest, SampleExtensionFilter) { SampleExtensionFilterFactory factory; Registry::InjectFactory registration(factory); const std::string yaml = R"EOF( name: accesslog filter: extension_filter: name: sample_extension_filter typed_config: "@type": type.googleapis.com/google.protobuf.Struct value: rate: 5 typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; InstanceSharedPtr logger = AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_); // For rate=5 expect 1st request to be recorded, 2nd-5th skipped, and 6th recorded. EXPECT_CALL(*file_, write(_)); logger->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); for (int i = 0; i <= 3; ++i) { EXPECT_CALL(*file_, write(_)).Times(0); logger->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } EXPECT_CALL(*file_, write(_)); logger->log(&request_headers_, &response_headers_, &response_trailers_, stream_info_); } TEST_F(AccessLogImplTest, UnregisteredExtensionFilter) { { const std::string yaml = R"EOF( name: accesslog filter: extension_filter: name: unregistered_extension_filter typed_config: "@type": type.googleapis.com/google.protobuf.Struct value: foo: bar typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW(AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_), EnvoyException); } { const std::string yaml = R"EOF( name: accesslog filter: extension_filter: name: bar typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /dev/null )EOF"; EXPECT_THROW(AccessLogFactory::fromProto(parseAccessLogFromV3Yaml(yaml), context_), EnvoyException); } } // Test that the deprecated extension names still function. TEST_F(AccessLogImplTest, DEPRECATED_FEATURE_TEST(DeprecatedExtensionFilterName)) { { envoy::config::accesslog::v3::AccessLog config; config.set_name("envoy.access_loggers.file"); EXPECT_NO_THROW( Config::Utility::getAndCheckFactory( config)); } { envoy::config::accesslog::v3::AccessLog config; config.set_name("envoy.file_access_log"); EXPECT_NO_THROW( Config::Utility::getAndCheckFactory( config)); } { envoy::config::accesslog::v3::AccessLog config; config.set_name("envoy.http_grpc_access_log"); EXPECT_NO_THROW( Config::Utility::getAndCheckFactory( config)); } { envoy::config::accesslog::v3::AccessLog config; config.set_name("envoy.tcp_grpc_access_log"); EXPECT_NO_THROW( Config::Utility::getAndCheckFactory( config)); } } } // namespace } // namespace AccessLog } // namespace Envoy ================================================ FILE: test/common/access_log/access_log_manager_impl_test.cc ================================================ #include #include "common/access_log/access_log_manager_impl.h" #include "common/filesystem/file_shared_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/api/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::ByMove; using testing::Invoke; using testing::NiceMock; using testing::Return; using testing::ReturnNew; using testing::ReturnRef; using testing::Sequence; namespace Envoy { namespace AccessLog { namespace { class AccessLogManagerImplTest : public testing::Test { protected: AccessLogManagerImplTest() : file_(new NiceMock), thread_factory_(Thread::threadFactoryForTest()), access_log_manager_(timeout_40ms_, api_, dispatcher_, lock_, store_) { EXPECT_CALL(file_system_, createFile("foo")) .WillOnce(Return(ByMove(std::unique_ptr>(file_)))); EXPECT_CALL(api_, fileSystem()).WillRepeatedly(ReturnRef(file_system_)); EXPECT_CALL(api_, threadFactory()).WillRepeatedly(ReturnRef(thread_factory_)); } void waitForCounterEq(const std::string& name, uint64_t value) { TestUtility::waitForCounterEq(store_, name, value, time_system_); } void waitForGaugeEq(const std::string& name, uint64_t value) { TestUtility::waitForGaugeEq(store_, name, value, time_system_); } NiceMock api_; NiceMock file_system_; NiceMock* file_; const std::chrono::milliseconds timeout_40ms_{40}; Stats::TestUtil::TestStore store_; Thread::ThreadFactory& thread_factory_; NiceMock dispatcher_; Thread::MutexBasicLockable lock_; AccessLogManagerImpl access_log_manager_; Event::TestRealTimeSystem time_system_; }; TEST_F(AccessLogManagerImplTest, BadFile) { EXPECT_CALL(dispatcher_, createTimer_(_)); EXPECT_CALL(*file_, open_(_)).WillOnce(Return(ByMove(Filesystem::resultFailure(false, 0)))); EXPECT_THROW(access_log_manager_.createAccessLog("foo"), EnvoyException); } TEST_F(AccessLogManagerImplTest, OpenFileWithRightFlags) { EXPECT_CALL(dispatcher_, createTimer_(_)); EXPECT_CALL(*file_, open_(_)) .WillOnce(Invoke([](Filesystem::FlagSet flags) -> Api::IoCallBoolResult { EXPECT_FALSE(flags[Filesystem::File::Operation::Read]); EXPECT_TRUE(flags[Filesystem::File::Operation::Write]); EXPECT_TRUE(flags[Filesystem::File::Operation::Append]); EXPECT_TRUE(flags[Filesystem::File::Operation::Create]); return Filesystem::resultSuccess(true); })); EXPECT_NE(nullptr, access_log_manager_.createAccessLog("foo")); EXPECT_CALL(*file_, close_()).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } TEST_F(AccessLogManagerImplTest, FlushToLogFilePeriodically) { NiceMock* timer = new NiceMock(&dispatcher_); EXPECT_CALL(*file_, open_(_)).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_EQ(0UL, store_.counter("filesystem.write_failed").value()); EXPECT_EQ(0UL, store_.counter("filesystem.write_completed").value()); EXPECT_EQ(0UL, store_.counter("filesystem.flushed_by_timer").value()); EXPECT_EQ(0UL, store_.counter("filesystem.write_buffered").value()); EXPECT_CALL(*timer, enableTimer(timeout_40ms_, _)); EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([&](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ( 4UL, store_.gauge("filesystem.write_total_buffered", Stats::Gauge::ImportMode::Accumulate) .value()); EXPECT_EQ(0, data.compare("test")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("test"); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } waitForCounterEq("filesystem.write_completed", 1); EXPECT_EQ(1UL, store_.counter("filesystem.write_buffered").value()); EXPECT_EQ(0UL, store_.counter("filesystem.flushed_by_timer").value()); waitForGaugeEq("filesystem.write_total_buffered", 0); EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([&](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ( 5UL, store_.gauge("filesystem.write_total_buffered", Stats::Gauge::ImportMode::Accumulate) .value()); EXPECT_EQ(0, data.compare("test2")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("test2"); EXPECT_EQ(2UL, store_.counter("filesystem.write_buffered").value()); // make sure timer is re-enabled on callback call EXPECT_CALL(*timer, enableTimer(timeout_40ms_, _)); timer->invokeCallback(); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 2) { file_->write_event_.wait(file_->write_mutex_); } } waitForCounterEq("filesystem.write_completed", 2); EXPECT_EQ(0UL, store_.counter("filesystem.write_failed").value()); EXPECT_EQ(1UL, store_.counter("filesystem.flushed_by_timer").value()); EXPECT_EQ(2UL, store_.counter("filesystem.write_buffered").value()); waitForGaugeEq("filesystem.write_total_buffered", 0); EXPECT_CALL(*file_, close_()).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } TEST_F(AccessLogManagerImplTest, FlushToLogFileOnDemand) { NiceMock* timer = new NiceMock(&dispatcher_); EXPECT_CALL(*file_, open_(_)).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_EQ(0UL, store_.counter("filesystem.flushed_by_timer").value()); EXPECT_CALL(*timer, enableTimer(timeout_40ms_, _)); // The first write to a given file will start the flush thread. Because AccessManagerImpl::write // holds the write_lock_ when the thread is started, the thread will flush on its first loop, once // it obtains the write_lock_. Perform a write to get all that out of the way. EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("prime-it"); uint32_t expected_writes = 1; { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != expected_writes) { file_->write_event_.wait(file_->write_mutex_); } } EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("test")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("test"); { Thread::LockGuard lock(file_->write_mutex_); EXPECT_EQ(expected_writes, file_->num_writes_); } log_file->flush(); expected_writes++; { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != expected_writes) { file_->write_event_.wait(file_->write_mutex_); } } waitForCounterEq("filesystem.write_completed", 2); EXPECT_EQ(0UL, store_.counter("filesystem.flushed_by_timer").value()); EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("test2")); return Filesystem::resultSuccess(static_cast(data.length())); })); // make sure timer is re-enabled on callback call log_file->write("test2"); EXPECT_CALL(*timer, enableTimer(timeout_40ms_, _)); timer->invokeCallback(); expected_writes++; { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != expected_writes) { file_->write_event_.wait(file_->write_mutex_); } } EXPECT_CALL(*file_, close_()).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } TEST_F(AccessLogManagerImplTest, FlushCountsIOErrors) { NiceMock* timer = new NiceMock(&dispatcher_); EXPECT_CALL(*file_, open_(_)).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_EQ(0UL, store_.counter("filesystem.write_failed").value()); EXPECT_CALL(*timer, enableTimer(timeout_40ms_, _)); EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("test")); return Filesystem::resultFailure(2UL, ENOSPC); })); log_file->write("test"); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } waitForCounterEq("filesystem.write_failed", 1); EXPECT_EQ(0UL, store_.counter("filesystem.write_completed").value()); EXPECT_CALL(*file_, close_()).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } TEST_F(AccessLogManagerImplTest, ReopenFile) { NiceMock* timer = new NiceMock(&dispatcher_); Sequence sq; EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_CALL(*file_, write_(_)) .InSequence(sq) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("before")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("before"); timer->invokeCallback(); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, write_(_)) .InSequence(sq) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("reopened")); return Filesystem::resultSuccess(static_cast(data.length())); })); EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); log_file->reopen(); log_file->write("reopened"); timer->invokeCallback(); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 2) { file_->write_event_.wait(file_->write_mutex_); } } } // Test that the flush timer will trigger file reopen even if no data is waiting. TEST_F(AccessLogManagerImplTest, ReopenFileOnTimerOnly) { NiceMock* timer = new NiceMock(&dispatcher_); Sequence sq; EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_CALL(*file_, write_(_)) .InSequence(sq) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("before")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("before"); timer->invokeCallback(); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); log_file->reopen(); timer->invokeCallback(); { Thread::LockGuard lock(file_->open_mutex_); while (file_->num_opens_ != 2) { file_->open_event_.wait(file_->open_mutex_); } } } TEST_F(AccessLogManagerImplTest, ReopenThrows) { NiceMock* timer = new NiceMock(&dispatcher_); EXPECT_CALL(*file_, write_(_)) .WillRepeatedly(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { return Filesystem::resultSuccess(static_cast(data.length())); })); Sequence sq; EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultFailure(false, 0)))); log_file->write("test write"); timer->invokeCallback(); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } log_file->reopen(); log_file->write("this is to force reopen"); timer->invokeCallback(); { Thread::LockGuard lock(file_->open_mutex_); while (file_->num_opens_ != 2) { file_->open_event_.wait(file_->open_mutex_); } } // write call should not cause any exceptions log_file->write("random data"); timer->invokeCallback(); waitForCounterEq("filesystem.reopen_failed", 1); } TEST_F(AccessLogManagerImplTest, BigDataChunkShouldBeFlushedWithoutTimer) { EXPECT_CALL(*file_, open_(_)).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log_file = access_log_manager_.createAccessLog("foo"); EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { EXPECT_EQ(0, data.compare("a")); return Filesystem::resultSuccess(static_cast(data.length())); })); log_file->write("a"); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 1) { file_->write_event_.wait(file_->write_mutex_); } } // First write happens without waiting on thread_flush_. Now make a big string and it should be // flushed even when timer is not enabled EXPECT_CALL(*file_, write_(_)) .WillOnce(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { std::string expected(1024 * 64 + 1, 'b'); EXPECT_EQ(0, data.compare(expected)); return Filesystem::resultSuccess(static_cast(data.length())); })); std::string big_string(1024 * 64 + 1, 'b'); log_file->write(big_string); { Thread::LockGuard lock(file_->write_mutex_); while (file_->num_writes_ != 2) { file_->write_event_.wait(file_->write_mutex_); } } EXPECT_CALL(*file_, close_()).WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } TEST_F(AccessLogManagerImplTest, ReopenAllFiles) { EXPECT_CALL(dispatcher_, createTimer_(_)).WillRepeatedly(ReturnNew>()); Sequence sq; EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log = access_log_manager_.createAccessLog("foo"); NiceMock* file2 = new NiceMock; EXPECT_CALL(file_system_, createFile("bar")) .WillOnce(Return(ByMove(std::unique_ptr>(file2)))); Sequence sq2; EXPECT_CALL(*file2, open_(_)) .InSequence(sq2) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); AccessLogFileSharedPtr log2 = access_log_manager_.createAccessLog("bar"); // Make sure that getting the access log with the same name returns the same underlying file. EXPECT_EQ(log, access_log_manager_.createAccessLog("foo")); EXPECT_EQ(log2, access_log_manager_.createAccessLog("bar")); // Test that reopen reopens all of the files EXPECT_CALL(*file_, write_(_)) .WillRepeatedly(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { return Filesystem::resultSuccess(static_cast(data.length())); })); EXPECT_CALL(*file2, write_(_)) .WillRepeatedly(Invoke([](absl::string_view data) -> Api::IoCallSizeResult { return Filesystem::resultSuccess(static_cast(data.length())); })); EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file2, close_()) .InSequence(sq2) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file_, open_(_)) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file2, open_(_)) .InSequence(sq2) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); access_log_manager_.reopen(); log->write("this is to force reopen"); log2->write("this is to force reopen"); { Thread::LockGuard lock(file_->open_mutex_); while (file_->num_opens_ != 2) { file_->open_event_.wait(file_->open_mutex_); } } { Thread::LockGuard lock(file2->open_mutex_); while (file2->num_opens_ != 2) { file2->open_event_.wait(file2->open_mutex_); } } EXPECT_CALL(*file_, close_()) .InSequence(sq) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); EXPECT_CALL(*file2, close_()) .InSequence(sq2) .WillOnce(Return(ByMove(Filesystem::resultSuccess(true)))); } } // namespace } // namespace AccessLog } // namespace Envoy ================================================ FILE: test/common/buffer/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_benchmark_test", "envoy_cc_benchmark_binary", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_cc_test_library", "envoy_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test_library( name = "utility_lib", hdrs = ["utility.h"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:byte_order_lib", ], ) envoy_proto_library( name = "buffer_fuzz_proto", srcs = ["buffer_fuzz.proto"], ) envoy_cc_test_library( name = "buffer_fuzz_lib", srcs = ["buffer_fuzz.cc"], hdrs = ["buffer_fuzz.h"], deps = [ ":buffer_fuzz_proto_cc_proto", "//source/common/buffer:buffer_lib", "//source/common/memory:stats_lib", "//source/common/network:address_lib", "//test/fuzz:utility_lib", ], ) envoy_cc_fuzz_test( name = "buffer_fuzz_test", srcs = ["buffer_fuzz_test.cc"], corpus = "buffer_corpus", deps = [":buffer_fuzz_lib"], ) envoy_cc_test( name = "buffer_test", srcs = ["buffer_test.cc"], deps = [ ":utility_lib", "//source/common/buffer:buffer_lib", "//test/test_common:printers_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "owned_impl_test", srcs = ["owned_impl_test.cc"], deps = [ ":utility_lib", "//source/common/buffer:buffer_lib", "//source/common/network:address_lib", "//test/mocks/api:api_mocks", "//test/test_common:logging_lib", "//test/test_common:threadsafe_singleton_injector_lib", ], ) envoy_cc_test( name = "watermark_buffer_test", srcs = ["watermark_buffer_test.cc"], deps = [ ":utility_lib", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/network:address_lib", "//test/test_common:test_runtime_lib", ], ) envoy_cc_test( name = "zero_copy_input_stream_test", srcs = ["zero_copy_input_stream_test.cc"], deps = [ ":utility_lib", "//source/common/buffer:zero_copy_input_stream_lib", ], ) envoy_cc_benchmark_binary( name = "buffer_speed_test", srcs = ["buffer_speed_test.cc"], external_deps = [ "benchmark", ], deps = [ "//source/common/buffer:buffer_lib", ], ) envoy_benchmark_test( name = "buffer_speed_test_benchmark_test", benchmark_binary = "buffer_speed_test", ) ================================================ FILE: test/common/buffer/buffer_corpus/basic ================================================ actions { add_buffer_fragment: 1 } actions { add_string: 3 } actions { target_index: 1 add_buffer: 0 } actions { prepend_string: 5 } actions { target_index: 1 prepend_buffer: 0 } actions { reserve_commit { reserve_length: 2048 commit_length: 765 } } actions { copy_out { start: 7 length: 200 } } actions { drain: 98 } actions { linearize: 45 } actions { target_index: 1 move { source_index: 0 length: 23 } } actions { target_index: 0 move { source_index: 1 } } actions { read: 2789 } actions { write: {} } ================================================ FILE: test/common/buffer/buffer_corpus/case ================================================ actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer_fragment: 738197504 } actions { } actions { } actions { } actions { } actions { add_string: 1684078592 } actions { } actions { } actions { } actions { prepend_string: 65536 } actions { } actions { prepend_string: 1 } actions { } actions { } actions { } actions { target_index: 1 move { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5080353465696256 ================================================ actions { } actions { } actions { add_string: 8 } actions { target_index: 1 read: 256 } actions { } actions { drain: 0 } actions { } actions { target_index: 1 add_buffer: 196608 } actions { target_index: 1 add_buffer: 1 } actions { } actions { target_index: 98 } actions { } actions { target_index: 1 add_buffer: 704643070 } actions { add_buffer: 4294967294 } actions { drain: 0 } actions { prepend_buffer: 0 } actions { } actions { target_index: 2789 } actions { target_index: 2789 } actions { prepend_string: 1600414817 } actions { target_index: 1 } actions { add_string: 2789 } actions { target_index: 1 add_buffer: 1 } actions { target_index: 2789 } actions { target_index: 1 add_buffer: 196608 } actions { } actions { target_index: 2789 } actions { target_index: 2789 add_buffer: 3841982464 } actions { drain: 0 } actions { target_index: 1 add_buffer: 0 } actions { add_string: 0 } actions { } actions { target_index: 1 } actions { target_index: 1 add_buffer: 4294967294 } actions { add_buffer: 1 } actions { target_index: 2789 add_buffer: 1 } actions { target_index: 2789 add_buffer: 1 } actions { target_index: 1 add_buffer: 0 } actions { target_index: 1 } actions { target_index: 229 } actions { } actions { } actions { target_index: 2789 add_buffer: 1 } actions { target_index: 1 add_buffer: 196608 } actions { } actions { target_index: 2789 add_buffer: 1 } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5644734729551872 ================================================ actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_string: 2097152 } actions { target_index: 1 add_buffer: 0 } actions { target_index: 1 } actions { add_buffer: 1 } actions { } actions { target_index: 1 add_buffer: 0 } actions { add_buffer: 1 } actions { add_buffer: 268435456 } actions { add_buffer: 1 } actions { target_index: 1 add_buffer: 0 } actions { target_index: 1 add_buffer: 0 } actions { add_buffer: 4 } actions { add_buffer: 1 } actions { add_buffer: 1 } actions { add_buffer: 1 } actions { target_index: 1 add_buffer: 0 } actions { target_index: 1 add_buffer: 0 } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5654939127250944 ================================================ actions { add_string: 11927552 } actions { target_index: 4 add_buffer: 0 } actions { prepend_string: 1869177088 } actions { } actions { move { source_index: 4294967293 } } actions { } actions { linearize: 8388608 } actions { prepend_string: 1869177088 } actions { linearize: 1 } actions { copy_out { length: 4194304 } } actions { drain: 1 } actions { } actions { add_string: 65534 } actions { target_index: 1769235297 } actions { add_string: 11927552 } actions { target_index: 3053453312 add_string: 11927552 } actions { } actions { target_index: 11927552 drain: 1 } actions { target_index: 1769235297 } actions { write { } } actions { target_index: 1769235297 } actions { linearize: 1 } actions { add_buffer_fragment: 1 } actions { copy_out { length: 4194304 } } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5664992304562176 ================================================ actions { target_index: 4 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { target_index: 1 read: 32249 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { read: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { target_index: 1 move { } } actions { } actions { } actions { move { source_index: 1 } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_string: 32249 } actions { } actions { } actions { target_index: 1 move { } } actions { } actions { move { source_index: 1 } } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5668091688648704 ================================================ actions { target_index: 1 read: 1 } actions { add_buffer_fragment: 1 } actions { prepend_string: 0 } actions { add_string: 4 } actions { target_index: 1 move { length: 1 } } actions { target_index: 1 add_buffer_fragment: 1 } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5669274699431936 ================================================ actions { add_buffer_fragment: 0 } actions { prepend_string: 5 } actions { add_string: 0 } actions { reserve_commit { reserve_length: 1280 } } actions { read: 1953 } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5716850116132864 ================================================ actions { add_string: 6 } actions { reserve_commit { reserve_length: 971 commit_length: 1 } } actions { target_index: 1 add_string: 2 } actions { target_index: 1 prepend_string: 3 } actions { target_index: 1 prepend_buffer: 0 } actions { move { source_index: 1 } } actions { target_index: 1 move { length: 11 } } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5744501719564288 ================================================ actions { } actions { read: 1 } actions { read: 997 } actions { } actions { } actions { } actions { add_buffer_fragment: 4 } actions { read: 1 } actions { read: 997 } actions { } actions { add_buffer_fragment: 1 } actions { target_index: 1 read: 1 } actions { read: 4 } actions { read: 997 } actions { add_buffer_fragment: 1 } actions { prepend_buffer: 4 } actions { prepend_string: 4 } actions { read: 1 } actions { read: 997 } actions { add_buffer_fragment: 4 } actions { read: 1 } actions { } actions { read: 2789 } actions { } actions { read: 536 } actions { write { } } actions { } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-buffer_fuzz_test-5760708737761280 ================================================ actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer_fragment: 738197504 } actions { } actions { } actions { } actions { } actions { add_string: 1684078592 } actions { } actions { } actions { } actions { prepend_string: 65536 } actions { } actions { prepend_string: 1 } actions { } actions { } actions { } actions { target_index: 1 move { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { read: 4 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { linearize: 0 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { read: 0 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { target_index: 5 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { target_index: 5 write { } } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { read: 0 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { target_index: 5 add_buffer: 1 } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 5 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 5 } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { } actions { } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { } actions { write { } } actions { add_buffer: 1 } actions { } actions { } actions { } actions { write { } } actions { } actions { add_buffer: 1 } actions { } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } actions { } actions { add_buffer: 1 } actions { write { } } actions { } ================================================ FILE: test/common/buffer/buffer_corpus/clusterfuzz-testcase-minimized-new_buffer_fuzz_test-5714377684025344 ================================================ actions { } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { read: 9476 } actions { target_index: 1 move { } } actions { target_index: 256 read: 1 } actions { move { source_index: 1 } } actions { move { source_index: 1 } } actions { move { source_index: 2 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { target_index: 1 move { } } actions { move { source_index: 4 } } actions { target_index: 4 move { } } actions { target_index: 2 move { } } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { target_index: 1 move { } } actions { target_index: 1 move { } } actions { move { source_index: 4 } } actions { target_index: 2 move { } } actions { move { source_index: 1 } } actions { move { source_index: 1 } } actions { target_index: 1 move { } } actions { target_index: 2 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 8 } } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { } actions { move { source_index: 8 } } actions { target_index: 5 move { } } actions { add_string: 1646279268 } actions { target_index: 2 move { } } actions { move { source_index: 4 } } actions { move { source_index: 8 } } actions { move { source_index: 1 } } actions { target_index: 4 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { target_index: 2 move { } } actions { target_index: 1 move { } } actions { target_index: 1 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { target_index: 1 } actions { move { source_index: 4 } } actions { target_index: 2 move { } } actions { } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { target_index: 1 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { target_index: 4 move { } } actions { target_index: 4 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { target_index: 4 move { } } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 8 } } actions { move { source_index: 4 } } actions { move { source_index: 1 } } actions { move { source_index: 4 } } actions { target_index: 1 } actions { target_index: 4 move { } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } actions { move { source_index: 4 } } ================================================ FILE: test/common/buffer/buffer_corpus/crash-d60939b6186fa6186e0b574ac67aa6df8f1081cd ================================================ actions { prepend_string: 1024 } actions { } actions { add_buffer_fragment: 1 } actions { read: 2789 } actions { read: 0 } actions { linearize: 45 } actions { reserve_commit { reserve_length: 14 commit_length: 1048576 } } actions { move { source_index: 1 } } actions { reserve_commit { reserve_length: 2048 commit_length: 1048576 } } actions { read: 0 } actions { drain: 1024 } actions { move { length: 23 } } actions { linearize: 45 } actions { copy_out { length: 5 } } ================================================ FILE: test/common/buffer/buffer_corpus/crash-ed103900aec1285149aafc05102a541d9ec51363 ================================================ actions { add_buffer_fragment: 1 } actions { add_string: 3 } actions { target_index: 1 add_buffer: 0 } actions { prepend_string: 5 } actions { target_index: 1 prepend_buffer: 0 } actions { } actions { copy_out { start: 7 length: 200 } } actions { drain: 98 } actions { linearize: 45 } actions { target_index: 1 move { length: 23 } } actions { move { source_index: 1 } } actions { read: 2789 } actions { write { } } ================================================ FILE: test/common/buffer/buffer_fuzz.cc ================================================ #include "test/common/buffer/buffer_fuzz.h" #include #include "envoy/common/platform.h" #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "common/common/logger.h" #include "common/memory/stats.h" #include "common/network/io_socket_handle_impl.h" #include "test/fuzz/utility.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" #include "gtest/gtest.h" namespace Envoy { namespace { // The number of buffers tracked. Each buffer fuzzer action references one or // more of these. We don't need a ton of buffers to capture the range of // possible behaviors, at least two to properly model move operations, let's // assume only 3 for now. constexpr uint32_t BufferCount = 3; // These data are exogenous to the buffer, we don't need to worry about their // deallocation, just keep them around until the fuzz run is over. struct Context { std::vector> fragments_; }; // Bound the maximum allocation size per action. We want this to be able to at // least cover the span of multiple internal chunks. It looks like both // the new OwnedImpl and libevent have minimum chunks in O(a few kilobytes). // This makes sense in general, since you need to to minimize data structure // overhead. If we make this number too big, we risk spending a lot of time in // memcpy/memcmp and slowing down the fuzzer execution rate. The number below is // our current best compromise. constexpr uint32_t MaxAllocation = 16 * 1024; // Hard bound on total bytes allocated across the trace. constexpr uint32_t TotalMaxAllocation = 4 * MaxAllocation; uint32_t clampSize(uint32_t size, uint32_t max_alloc) { return std::min(size, std::min(MaxAllocation, max_alloc)); } void releaseFragmentAllocation(const void* p, size_t, const Buffer::BufferFragmentImpl*) { ::free(const_cast(p)); } // Test implementation of Buffer. Conceptually, this is just a string that we // can append/prepend to and consume bytes from the front of. However, naive // implementations with std::string involve lots of copying to support this, and // even std::stringbuf doesn't support cheap linearization. Instead we use a // flat array that takes advantage of the fact that the total number of bytes // allocated during fuzzing will be bounded by TotalMaxAllocation. // // The data structure is built around the concept of a large flat array of size // 2 * TotalMaxAllocation, with the initial start position set to the middle. // The goal is to make every mutating operation linear time, including // add() and prepend(), as well as supporting O(1) linearization (critical to // making it cheaper to compare results with the real buffer implementation). // We maintain a (start, length) pair and ensure via assertions that we never // walk off the edge; the caller should be guaranteeing this. class StringBuffer : public Buffer::Instance { public: void addDrainTracker(std::function drain_tracker) override { // Not implemented well. ASSERT(false); drain_tracker(); } void add(const void* data, uint64_t size) override { FUZZ_ASSERT(start_ + size_ + size <= data_.size()); ::memcpy(mutableEnd(), data, size); size_ += size; } void addBufferFragment(Buffer::BufferFragment& fragment) override { add(fragment.data(), fragment.size()); fragment.done(); } void add(absl::string_view data) override { add(data.data(), data.size()); } void add(const Buffer::Instance& data) override { const StringBuffer& src = dynamic_cast(data); add(src.start(), src.size_); } void prepend(absl::string_view data) override { FUZZ_ASSERT(start_ >= data.size()); start_ -= data.size(); size_ += data.size(); ::memcpy(mutableStart(), data.data(), data.size()); } void prepend(Instance& data) override { StringBuffer& src = dynamic_cast(data); prepend(src.asStringView()); src.size_ = 0; } void commit(Buffer::RawSlice* iovecs, uint64_t num_iovecs) override { FUZZ_ASSERT(num_iovecs == 1); size_ += iovecs[0].len_; } void copyOut(size_t start, uint64_t size, void* data) const override { ::memcpy(data, this->start() + start, size); } void drain(uint64_t size) override { FUZZ_ASSERT(size <= size_); start_ += size; size_ -= size; } Buffer::RawSliceVector getRawSlices(absl::optional max_slices = absl::nullopt) const override { ASSERT(!max_slices.has_value() || max_slices.value() >= 1); return {{const_cast(start()), size_}}; } uint64_t length() const override { return size_; } void* linearize(uint32_t /*size*/) override { // Sketchy, but probably will work for test purposes. return mutableStart(); } Buffer::SliceDataPtr extractMutableFrontSlice() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void move(Buffer::Instance& rhs) override { move(rhs, rhs.length()); } void move(Buffer::Instance& rhs, uint64_t length) override { StringBuffer& src = dynamic_cast(rhs); add(src.start(), length); src.start_ += length; src.size_ -= length; } uint64_t reserve(uint64_t length, Buffer::RawSlice* iovecs, uint64_t num_iovecs) override { FUZZ_ASSERT(num_iovecs > 0); FUZZ_ASSERT(start_ + size_ + length <= data_.size()); iovecs[0].mem_ = mutableEnd(); iovecs[0].len_ = length; return 1; } ssize_t search(const void* data, uint64_t size, size_t start, size_t length) const override { UNREFERENCED_PARAMETER(length); return asStringView().find({static_cast(data), size}, start); } bool startsWith(absl::string_view data) const override { return absl::StartsWith(asStringView(), data); } std::string toString() const override { return std::string(data_.data() + start_, size_); } absl::string_view asStringView() const { return {start(), size_}; } char* mutableStart() { return data_.data() + start_; } const char* start() const { return data_.data() + start_; } char* mutableEnd() { return mutableStart() + size_; } const char* end() const { return start() + size_; } std::array data_; uint32_t start_{TotalMaxAllocation}; uint32_t size_{0}; }; using BufferList = std::vector>; // Process a single buffer operation. uint32_t bufferAction(Context& ctxt, char insert_value, uint32_t max_alloc, BufferList& buffers, const test::common::buffer::Action& action) { const uint32_t target_index = action.target_index() % BufferCount; Buffer::Instance& target_buffer = *buffers[target_index]; uint32_t allocated = 0; switch (action.action_selector_case()) { case test::common::buffer::Action::kAddBufferFragment: { const uint32_t size = clampSize(action.add_buffer_fragment(), max_alloc); allocated += size; void* p = ::malloc(size); FUZZ_ASSERT(p != nullptr); ::memset(p, insert_value, size); auto fragment = std::make_unique(p, size, releaseFragmentAllocation); ctxt.fragments_.emplace_back(std::move(fragment)); target_buffer.addBufferFragment(*ctxt.fragments_.back()); break; } case test::common::buffer::Action::kAddString: { const uint32_t size = clampSize(action.add_string(), max_alloc); allocated += size; const std::string data(size, insert_value); target_buffer.add(data); break; } case test::common::buffer::Action::kAddBuffer: { const uint32_t source_index = action.add_buffer() % BufferCount; if (target_index == source_index) { break; } Buffer::Instance& source_buffer = *buffers[source_index]; if (source_buffer.length() > max_alloc) { break; } allocated += source_buffer.length(); target_buffer.add(source_buffer); break; } case test::common::buffer::Action::kPrependString: { const uint32_t size = clampSize(action.prepend_string(), max_alloc); allocated += size; const std::string data(size, insert_value); target_buffer.prepend(data); break; } case test::common::buffer::Action::kPrependBuffer: { const uint32_t source_index = action.prepend_buffer() % BufferCount; if (target_index == source_index) { break; } Buffer::Instance& source_buffer = *buffers[source_index]; if (source_buffer.length() > max_alloc) { break; } allocated += source_buffer.length(); target_buffer.prepend(source_buffer); break; } case test::common::buffer::Action::kReserveCommit: { const uint32_t reserve_length = clampSize(action.reserve_commit().reserve_length(), max_alloc); allocated += reserve_length; if (reserve_length == 0) { break; } constexpr uint32_t reserve_slices = 16; Buffer::RawSlice slices[reserve_slices]; const uint32_t allocated_slices = target_buffer.reserve(reserve_length, slices, reserve_slices); uint32_t allocated_length = 0; for (uint32_t i = 0; i < allocated_slices; ++i) { ::memset(slices[i].mem_, insert_value, slices[i].len_); allocated_length += slices[i].len_; } FUZZ_ASSERT(reserve_length <= allocated_length); const uint32_t target_length = std::min(reserve_length, action.reserve_commit().commit_length()); uint32_t shrink_length = allocated_length; int32_t shrink_slice = allocated_slices - 1; while (shrink_length > target_length) { FUZZ_ASSERT(shrink_slice >= 0); const uint32_t available = slices[shrink_slice].len_; const uint32_t remainder = shrink_length - target_length; if (available >= remainder) { slices[shrink_slice].len_ -= remainder; break; } shrink_length -= available; slices[shrink_slice--].len_ = 0; } target_buffer.commit(slices, allocated_slices); break; } case test::common::buffer::Action::kCopyOut: { const uint32_t start = std::min(action.copy_out().start(), static_cast(target_buffer.length())); const uint32_t length = std::min(static_cast(target_buffer.length() - start), action.copy_out().length()); // Make this static to avoid potential continuous ASAN inspired allocation. static uint8_t copy_buffer[TotalMaxAllocation]; target_buffer.copyOut(start, length, copy_buffer); const std::string data = target_buffer.toString(); FUZZ_ASSERT(::memcmp(copy_buffer, data.data() + start, length) == 0); break; } case test::common::buffer::Action::kDrain: { const uint32_t previous_length = target_buffer.length(); const uint32_t drain_length = std::min(static_cast(target_buffer.length()), action.drain()); target_buffer.drain(drain_length); FUZZ_ASSERT(previous_length - drain_length == target_buffer.length()); break; } case test::common::buffer::Action::kLinearize: { const uint32_t linearize_size = std::min(static_cast(target_buffer.length()), action.linearize()); target_buffer.linearize(linearize_size); break; } case test::common::buffer::Action::kMove: { const uint32_t source_index = action.move().source_index() % BufferCount; if (target_index == source_index) { break; } Buffer::Instance& source_buffer = *buffers[source_index]; if (action.move().length() == 0) { if (source_buffer.length() > max_alloc) { break; } allocated += source_buffer.length(); target_buffer.move(source_buffer); } else { const uint32_t source_length = std::min(static_cast(source_buffer.length()), action.move().length()); const uint32_t move_length = clampSize(max_alloc, source_length); if (move_length == 0) { break; } target_buffer.move(source_buffer, move_length); allocated += move_length; } break; } case test::common::buffer::Action::kRead: { const uint32_t max_length = clampSize(action.read(), max_alloc); allocated += max_length; if (max_length == 0) { break; } int pipe_fds[2] = {0, 0}; FUZZ_ASSERT(::pipe(pipe_fds) == 0); Network::IoSocketHandleImpl io_handle(pipe_fds[0]); FUZZ_ASSERT(::fcntl(pipe_fds[0], F_SETFL, O_NONBLOCK) == 0); FUZZ_ASSERT(::fcntl(pipe_fds[1], F_SETFL, O_NONBLOCK) == 0); std::string data(max_length, insert_value); const ssize_t rc = ::write(pipe_fds[1], data.data(), max_length); FUZZ_ASSERT(rc > 0); Api::IoCallUint64Result result = io_handle.read(target_buffer, max_length); FUZZ_ASSERT(result.rc_ == static_cast(rc)); FUZZ_ASSERT(::close(pipe_fds[1]) == 0); break; } case test::common::buffer::Action::kWrite: { int pipe_fds[2] = {0, 0}; FUZZ_ASSERT(::pipe(pipe_fds) == 0); Network::IoSocketHandleImpl io_handle(pipe_fds[1]); FUZZ_ASSERT(::fcntl(pipe_fds[0], F_SETFL, O_NONBLOCK) == 0); FUZZ_ASSERT(::fcntl(pipe_fds[1], F_SETFL, O_NONBLOCK) == 0); uint64_t rc; do { const bool empty = target_buffer.length() == 0; const std::string previous_data = target_buffer.toString(); const auto result = io_handle.write(target_buffer); FUZZ_ASSERT(result.ok()); rc = result.rc_; ENVOY_LOG_MISC(trace, "Write rc: {} errno: {}", rc, result.err_ != nullptr ? result.err_->getErrorDetails() : "-"); if (empty) { FUZZ_ASSERT(rc == 0); } else { auto buf = std::make_unique(rc); FUZZ_ASSERT(static_cast(::read(pipe_fds[0], buf.get(), rc)) == rc); FUZZ_ASSERT(::memcmp(buf.get(), previous_data.data(), rc) == 0); } } while (rc > 0); FUZZ_ASSERT(::close(pipe_fds[0]) == 0); break; } case test::common::buffer::Action::kGetRawSlices: { const uint64_t slices_needed = target_buffer.getRawSlices().size(); const uint64_t slices_tested = std::min(slices_needed, static_cast(action.get_raw_slices())); if (slices_tested == 0) { break; } Buffer::RawSliceVector raw_slices = target_buffer.getRawSlices(/*max_slices=*/slices_tested); const uint64_t slices_obtained = raw_slices.size(); FUZZ_ASSERT(slices_obtained <= slices_needed); uint64_t offset = 0; const std::string data = target_buffer.toString(); for (const auto& raw_slices : raw_slices) { FUZZ_ASSERT(::memcmp(raw_slices.mem_, data.data() + offset, raw_slices.len_) == 0); offset += raw_slices.len_; } FUZZ_ASSERT(slices_needed != slices_tested || offset == target_buffer.length()); break; } case test::common::buffer::Action::kSearch: { const std::string& content = action.search().content(); const uint32_t offset = action.search().offset(); const std::string data = target_buffer.toString(); FUZZ_ASSERT(target_buffer.search(content.data(), content.size(), offset) == static_cast(target_buffer.toString().find(content, offset))); break; } case test::common::buffer::Action::kStartsWith: { const std::string data = target_buffer.toString(); FUZZ_ASSERT(target_buffer.startsWith(action.starts_with()) == (data.find(action.starts_with()) == 0)); break; } default: // Maybe nothing is set? break; } return allocated; } } // namespace void executeActions(const test::common::buffer::BufferFuzzTestCase& input, BufferList& buffers, BufferList& linear_buffers, Context& ctxt) { // Soft bound on the available memory for allocation to avoid OOMs and // timeouts. uint32_t available_alloc = 2 * MaxAllocation; constexpr auto max_actions = 128; for (int i = 0; i < std::min(max_actions, input.actions().size()); ++i) { const char insert_value = 'a' + i % 26; const auto& action = input.actions(i); ENVOY_LOG_MISC(debug, "Action {}", action.DebugString()); const uint32_t allocated = bufferAction(ctxt, insert_value, available_alloc, buffers, action); const uint32_t linear_allocated = bufferAction(ctxt, insert_value, available_alloc, linear_buffers, action); FUZZ_ASSERT(allocated == linear_allocated); FUZZ_ASSERT(allocated <= available_alloc); available_alloc -= allocated; // When tracing, dump everything. for (uint32_t j = 0; j < BufferCount; ++j) { ENVOY_LOG_MISC(trace, "Buffer at index {}", j); ENVOY_LOG_MISC(trace, "B: {}", buffers[j]->toString()); ENVOY_LOG_MISC(trace, "L: {}", linear_buffers[j]->toString()); } // Verification pass, only non-mutating methods for buffers. uint64_t current_allocated_bytes = 0; for (uint32_t j = 0; j < BufferCount; ++j) { // As an optimization, since we know that StringBuffer is just going to // return the pointer to its std::string array, we can avoid the // toString() copy here. const uint64_t linear_buffer_length = linear_buffers[j]->length(); if (buffers[j]->toString() != absl::string_view( static_cast(linear_buffers[j]->linearize(linear_buffer_length)), linear_buffer_length)) { ENVOY_LOG_MISC(debug, "Mismatched buffers at index {}", j); ENVOY_LOG_MISC(debug, "B: {}", buffers[j]->toString()); ENVOY_LOG_MISC(debug, "L: {}", linear_buffers[j]->toString()); FUZZ_ASSERT(false); } FUZZ_ASSERT(buffers[j]->length() == linear_buffer_length); current_allocated_bytes += linear_buffer_length; } ENVOY_LOG_MISC(debug, "[{} MB allocated total]", current_allocated_bytes / (1024.0 * 1024)); // We bail out if buffers get too big, otherwise we will OOM the sanitizer. // We can't use Memory::Stats::totalCurrentlyAllocated() here as we don't // have tcmalloc in ASAN builds, so just do a simple count. if (current_allocated_bytes > TotalMaxAllocation) { ENVOY_LOG_MISC(debug, "Terminating early with total buffer length {} to avoid OOM", current_allocated_bytes); break; } } } void BufferFuzz::bufferFuzz(const test::common::buffer::BufferFuzzTestCase& input) { Context ctxt; // Fuzzed buffers. BufferList buffers; // Shadow buffers based on StringBuffer. BufferList linear_buffers; for (uint32_t i = 0; i < BufferCount; ++i) { buffers.emplace_back(new Buffer::OwnedImpl()); linear_buffers.emplace_back(new StringBuffer()); } executeActions(input, buffers, linear_buffers, ctxt); } } // namespace Envoy ================================================ FILE: test/common/buffer/buffer_fuzz.h ================================================ #pragma once #include "test/common/buffer/buffer_fuzz.pb.h" namespace Envoy { class BufferFuzz { public: static void bufferFuzz(const test::common::buffer::BufferFuzzTestCase& input); }; } // namespace Envoy ================================================ FILE: test/common/buffer/buffer_fuzz.proto ================================================ syntax = "proto3"; package test.common.buffer; import "google/protobuf/empty.proto"; message ReserveCommit { uint32 reserve_length = 1; uint32 commit_length = 2; } message CopyOut { uint32 start = 1; uint32 length = 2; } message Move { uint32 source_index = 1; uint32 length = 2; } message Search { string content = 1; uint32 offset = 2; } message Action { uint32 target_index = 1; oneof action_selector { uint32 add_buffer_fragment = 2; uint32 add_string = 3; uint32 add_buffer = 4; uint32 prepend_string = 5; uint32 prepend_buffer = 6; ReserveCommit reserve_commit = 7; CopyOut copy_out = 8; uint32 drain = 9; uint32 linearize = 10; Move move = 11; uint32 read = 12; google.protobuf.Empty write = 13; uint32 get_raw_slices = 14; Search search = 15; string starts_with = 16; } } message BufferFuzzTestCase { repeated Action actions = 1; } ================================================ FILE: test/common/buffer/buffer_fuzz_test.cc ================================================ #include "test/common/buffer/buffer_fuzz.h" #include "test/common/buffer/buffer_fuzz.pb.h" #include "test/fuzz/fuzz_runner.h" namespace Envoy { // Fuzz the old owned buffer implementation. DEFINE_PROTO_FUZZER(const test::common::buffer::BufferFuzzTestCase& input) { Envoy::BufferFuzz::bufferFuzz(input); } } // namespace Envoy ================================================ FILE: test/common/buffer/buffer_speed_test.cc ================================================ #include "common/buffer/buffer_impl.h" #include "common/common/assert.h" #include "absl/strings/string_view.h" #include "benchmark/benchmark.h" namespace Envoy { static constexpr uint64_t MaxBufferLength = 1024 * 1024; // The fragment needs to be heap allocated in order to survive past the processing done in the inner // loop in the benchmarks below. Do not attempt to release the actual contents of the buffer. void deleteFragment(const void*, size_t, const Buffer::BufferFragmentImpl* self) { delete self; } // Test the creation of an empty OwnedImpl. static void bufferCreateEmpty(benchmark::State& state) { uint64_t length = 0; for (auto _ : state) { Buffer::OwnedImpl buffer; length += buffer.length(); } benchmark::DoNotOptimize(length); } BENCHMARK(bufferCreateEmpty); // Test the creation of an OwnedImpl with varying amounts of content. static void bufferCreate(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); uint64_t length = 0; for (auto _ : state) { Buffer::OwnedImpl buffer(input); length += buffer.length(); } benchmark::DoNotOptimize(length); } BENCHMARK(bufferCreate)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Grow an OwnedImpl in very small amounts. static void bufferAddSmallIncrement(benchmark::State& state) { const std::string data("a"); const absl::string_view input(data); Buffer::OwnedImpl buffer; for (auto _ : state) { buffer.add(input); if (buffer.length() >= MaxBufferLength) { // Keep the test's memory usage from growing too large. // @note Ideally we could use state.PauseTiming()/ResumeTiming() to exclude // the time spent in the drain operation, but those functions themselves are // heavyweight enough to cloud the measurements: // https://github.com/google/benchmark/issues/179 buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferAddSmallIncrement)->Arg(1)->Arg(2)->Arg(3)->Arg(4)->Arg(5); // Test the appending of varying amounts of content from a string to an OwnedImpl. static void bufferAddString(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer(input); for (auto _ : state) { buffer.add(data); if (buffer.length() >= MaxBufferLength) { buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferAddString)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Variant of bufferAddString that appends from another Buffer::Instance // rather than from a string. static void bufferAddBuffer(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); const Buffer::OwnedImpl to_add(data); Buffer::OwnedImpl buffer(input); for (auto _ : state) { buffer.add(to_add); if (buffer.length() >= MaxBufferLength) { buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferAddBuffer)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the prepending of varying amounts of content from a string to an OwnedImpl. static void bufferPrependString(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer(input); for (auto _ : state) { buffer.prepend(data); if (buffer.length() >= MaxBufferLength) { buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferPrependString)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the prepending of one OwnedImpl to another. static void bufferPrependBuffer(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer(input); for (auto _ : state) { // The prepend method removes the content from its source buffer. To populate a new source // buffer every time without the overhead of a copy, we use an BufferFragment that references // (and never deletes) an external string. Buffer::OwnedImpl to_add; auto fragment = std::make_unique(input.data(), input.size(), deleteFragment); to_add.addBufferFragment(*fragment.release()); buffer.prepend(to_add); if (buffer.length() >= MaxBufferLength) { buffer.drain(input.size()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferPrependBuffer)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); static void bufferDrain(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); const Buffer::OwnedImpl to_add(data); Buffer::OwnedImpl buffer(input); // On each iteration of the benchmark, add N bytes and drain a multiple of N, as specified // by DrainCycleRatios. This exercises full-slice, partial-slice, and multi-slice code paths // in the Buffer's drain implementation. constexpr size_t DrainCycleSize = 7; constexpr double DrainCycleRatios[DrainCycleSize] = {0.0, 1.5, 1, 1.5, 0, 2.0, 1.0}; uint64_t drain_size[DrainCycleSize]; for (size_t i = 0; i < DrainCycleSize; i++) { drain_size[i] = state.range(0) * DrainCycleRatios[i]; } size_t drain_cycle = 0; for (auto _ : state) { buffer.add(to_add); buffer.drain(drain_size[drain_cycle]); drain_cycle++; drain_cycle %= DrainCycleSize; } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferDrain)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Drain an OwnedImpl in very small amounts. static void bufferDrainSmallIncrement(benchmark::State& state) { const std::string data(1024 * 1024, 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer(input); for (auto _ : state) { buffer.drain(state.range(0)); if (buffer.length() == 0) { buffer.add(input); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferDrainSmallIncrement)->Arg(1)->Arg(2)->Arg(3)->Arg(4)->Arg(5); // Test the moving of content from one OwnedImpl to another. static void bufferMove(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer1(input); Buffer::OwnedImpl buffer2(input); for (auto _ : state) { buffer1.move(buffer2); // now buffer1 has 2 copies of the input, and buffer2 is empty. buffer2.move(buffer1, input.size()); // now buffer1 and buffer2 are the same size. } uint64_t length = buffer1.length(); benchmark::DoNotOptimize(length); } BENCHMARK(bufferMove)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the moving of content from one OwnedImpl to another, one byte at a time, to // exercise the (likely inefficient) code path in the implementation that handles // partial moves. static void bufferMovePartial(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer1(input); Buffer::OwnedImpl buffer2(input); for (auto _ : state) { while (buffer2.length() != 0) { buffer1.move(buffer2, 1); } buffer2.move(buffer1, input.size()); // now buffer1 and buffer2 are the same size. } uint64_t length = buffer1.length(); benchmark::DoNotOptimize(length); } BENCHMARK(bufferMovePartial)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the reserve+commit cycle, for the special case where the reserved space is // fully used (and therefore the commit size equals the reservation size). static void bufferReserveCommit(benchmark::State& state) { Buffer::OwnedImpl buffer; for (auto _ : state) { constexpr uint64_t NumSlices = 2; Buffer::RawSlice slices[NumSlices]; uint64_t slices_used = buffer.reserve(state.range(0), slices, NumSlices); uint64_t bytes_to_commit = 0; for (uint64_t i = 0; i < slices_used; i++) { bytes_to_commit += static_cast(slices[i].len_); } buffer.commit(slices, slices_used); if (buffer.length() >= MaxBufferLength) { buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferReserveCommit)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the reserve+commit cycle, for the common case where the reserved space is // only partially used (and therefore the commit size is smaller than the reservation size). static void bufferReserveCommitPartial(benchmark::State& state) { Buffer::OwnedImpl buffer; for (auto _ : state) { constexpr uint64_t NumSlices = 2; Buffer::RawSlice slices[NumSlices]; uint64_t slices_used = buffer.reserve(state.range(0), slices, NumSlices); ASSERT(slices_used > 0); // Commit one byte from the first slice and nothing from any subsequent slice. uint64_t bytes_to_commit = 1; slices[0].len_ = bytes_to_commit; buffer.commit(slices, 1); if (buffer.length() >= MaxBufferLength) { buffer.drain(buffer.length()); } } benchmark::DoNotOptimize(buffer.length()); } BENCHMARK(bufferReserveCommitPartial)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the linearization of a buffer in the best case where the data is in one slice. static void bufferLinearizeSimple(benchmark::State& state) { const std::string data(state.range(0), 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer; for (auto _ : state) { buffer.drain(buffer.length()); auto fragment = std::make_unique(input.data(), input.size(), deleteFragment); buffer.addBufferFragment(*fragment.release()); benchmark::DoNotOptimize(buffer.linearize(state.range(0))); } } BENCHMARK(bufferLinearizeSimple)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test the linearization of a buffer in the general case where the data is spread among // many slices. static void bufferLinearizeGeneral(benchmark::State& state) { static constexpr uint64_t SliceSize = 1024; const std::string data(SliceSize, 'a'); const absl::string_view input(data); Buffer::OwnedImpl buffer; for (auto _ : state) { buffer.drain(buffer.length()); do { auto fragment = std::make_unique(input.data(), input.size(), deleteFragment); buffer.addBufferFragment(*fragment.release()); } while (buffer.length() < static_cast(state.range(0))); benchmark::DoNotOptimize(buffer.linearize(state.range(0))); } } BENCHMARK(bufferLinearizeGeneral)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test buffer search, for the simple case where there are no partial matches for // the pattern in the buffer. static void bufferSearch(benchmark::State& state) { const std::string Pattern(16, 'b'); std::string data; data.reserve(state.range(0) + Pattern.length()); data += std::string(state.range(0), 'a'); data += Pattern; const absl::string_view input(data); Buffer::OwnedImpl buffer(input); ssize_t result = 0; for (auto _ : state) { result += buffer.search(Pattern.c_str(), Pattern.length(), 0, 0); } benchmark::DoNotOptimize(result); } BENCHMARK(bufferSearch)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test buffer search, for the more challenging case where there are many partial matches // for the pattern in the buffer. static void bufferSearchPartialMatch(benchmark::State& state) { const std::string Pattern(16, 'b'); const std::string PartialMatch("babbabbbabbbbabbbbbabbbbbbabbbbbbbabbbbbbbba"); std::string data; size_t num_partial_matches = 1 + state.range(0) / PartialMatch.length(); data.reserve(state.range(0) * num_partial_matches + Pattern.length()); for (size_t i = 0; i < num_partial_matches; i++) { data += PartialMatch; } data += Pattern; const absl::string_view input(data); Buffer::OwnedImpl buffer(input); ssize_t result = 0; for (auto _ : state) { result += buffer.search(Pattern.c_str(), Pattern.length(), 0, 0); } benchmark::DoNotOptimize(result); } BENCHMARK(bufferSearchPartialMatch)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test buffer startsWith, for the simple case where there is no match for the pattern at the start // of the buffer. static void bufferStartsWith(benchmark::State& state) { const std::string Pattern(16, 'b'); std::string data; data.reserve(state.range(0) + Pattern.length()); data += std::string(state.range(0), 'a'); data += Pattern; const absl::string_view input(data); Buffer::OwnedImpl buffer(input); ssize_t result = 0; for (auto _ : state) { if (!buffer.startsWith({Pattern.c_str(), Pattern.length()})) { result++; } } benchmark::DoNotOptimize(result); } BENCHMARK(bufferStartsWith)->Arg(1)->Arg(4096)->Arg(16384)->Arg(65536); // Test buffer startsWith, when there is a match at the start of the buffer. static void bufferStartsWithMatch(benchmark::State& state) { const std::string Prefix(state.range(1), 'b'); const std::string Suffix("babbabbbabbbbabbbbbabbbbbbabbbbbbbabbbbbbbba"); std::string data = Prefix; size_t num_suffixes = 1 + state.range(0) / Prefix.length(); data.reserve(Suffix.length() * num_suffixes + Prefix.length()); for (size_t i = 0; i < num_suffixes; i++) { data += Suffix; } const absl::string_view input(data); Buffer::OwnedImpl buffer(input); ssize_t result = 0; for (auto _ : state) { if (buffer.startsWith({Prefix.c_str(), Prefix.length()})) { result++; } } benchmark::DoNotOptimize(result); } BENCHMARK(bufferStartsWithMatch) ->Args({1, 1}) ->Args({4096, 16}) ->Args({16384, 256}) ->Args({65536, 4096}); } // namespace Envoy ================================================ FILE: test/common/buffer/buffer_test.cc ================================================ #include #include "envoy/common/exception.h" #include "common/buffer/buffer_impl.h" #include "test/common/buffer/utility.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Buffer { namespace { class DummySlice : public Slice { public: DummySlice(const std::string& data, const std::function& deletion_callback) : Slice(0, data.size(), data.size()), deletion_callback_(deletion_callback) { base_ = reinterpret_cast(const_cast(data.c_str())); } ~DummySlice() override { if (deletion_callback_ != nullptr) { deletion_callback_(); } } private: const std::function deletion_callback_; }; class OwnedSliceTest : public testing::Test { protected: static void expectReservationSuccess(const Slice::Reservation& reservation, const Slice& slice, uint64_t reservation_size) { EXPECT_NE(nullptr, reservation.mem_); EXPECT_EQ(static_cast(slice.data()) + slice.dataSize(), reservation.mem_); EXPECT_EQ(reservation_size, reservation.len_); } static void expectReservationFailure(const Slice::Reservation& reservation, const Slice& slice, uint64_t reservable_size) { EXPECT_EQ(nullptr, reservation.mem_); EXPECT_EQ(nullptr, reservation.mem_); EXPECT_EQ(reservable_size, slice.reservableSize()); } static void expectCommitSuccess(bool committed, const Slice& slice, uint64_t data_size, uint64_t reservable_size) { EXPECT_TRUE(committed); EXPECT_EQ(data_size, slice.dataSize()); EXPECT_EQ(reservable_size, slice.reservableSize()); } }; bool sliceMatches(const SlicePtr& slice, const std::string& expected) { return slice != nullptr && slice->dataSize() == expected.size() && memcmp(slice->data(), expected.data(), expected.size()) == 0; } TEST_F(OwnedSliceTest, Create) { static constexpr uint64_t Sizes[] = {0, 1, 64, 4096 - sizeof(OwnedSlice), 65535}; for (const auto size : Sizes) { auto slice = OwnedSlice::create(size); EXPECT_NE(nullptr, slice->data()); EXPECT_EQ(0, slice->dataSize()); EXPECT_LE(size, slice->reservableSize()); } } TEST_F(OwnedSliceTest, ReserveCommit) { auto slice = OwnedSlice::create(100); const uint64_t initial_capacity = slice->reservableSize(); EXPECT_LE(100, initial_capacity); { // Verify that a zero-byte reservation is rejected. Slice::Reservation reservation = slice->reserve(0); expectReservationFailure(reservation, *slice, initial_capacity); } { // Create a reservation smaller than the reservable size. // It should reserve the exact number of bytes requested. Slice::Reservation reservation = slice->reserve(10); expectReservationSuccess(reservation, *slice, 10); // Request a second reservation while the first reservation remains uncommitted. // This should succeed. EXPECT_EQ(initial_capacity, slice->reservableSize()); Slice::Reservation reservation2 = slice->reserve(1); expectReservationSuccess(reservation2, *slice, 1); // Commit the entire reserved size. bool committed = slice->commit(reservation); expectCommitSuccess(committed, *slice, 10, initial_capacity - 10); // Verify that a reservation can only be committed once. EXPECT_FALSE(slice->commit(reservation)); } { // Request another reservation, and commit only part of it. Slice::Reservation reservation = slice->reserve(10); expectReservationSuccess(reservation, *slice, 10); reservation.len_ = 5; bool committed = slice->commit(reservation); expectCommitSuccess(committed, *slice, 15, initial_capacity - 15); } { // Request another reservation, and commit only part of it. Slice::Reservation reservation = slice->reserve(10); expectReservationSuccess(reservation, *slice, 10); reservation.len_ = 5; bool committed = slice->commit(reservation); expectCommitSuccess(committed, *slice, 20, initial_capacity - 20); } { // Request another reservation, and commit zero bytes of it. // This should clear the reservation. Slice::Reservation reservation = slice->reserve(10); expectReservationSuccess(reservation, *slice, 10); reservation.len_ = 0; bool committed = slice->commit(reservation); expectCommitSuccess(committed, *slice, 20, initial_capacity - 20); } { // Try to commit a reservation from the wrong slice, and verify that the slice rejects it. Slice::Reservation reservation = slice->reserve(10); expectReservationSuccess(reservation, *slice, 10); auto other_slice = OwnedSlice::create(100); Slice::Reservation other_reservation = other_slice->reserve(10); expectReservationSuccess(other_reservation, *other_slice, 10); EXPECT_FALSE(slice->commit(other_reservation)); EXPECT_FALSE(other_slice->commit(reservation)); // Commit the reservations to the proper slices to clear them. reservation.len_ = 0; bool committed = slice->commit(reservation); EXPECT_TRUE(committed); other_reservation.len_ = 0; committed = other_slice->commit(other_reservation); EXPECT_TRUE(committed); } { // Try to reserve more space than is available in the slice. uint64_t reservable_size = slice->reservableSize(); Slice::Reservation reservation = slice->reserve(reservable_size + 1); expectReservationSuccess(reservation, *slice, reservable_size); bool committed = slice->commit(reservation); expectCommitSuccess(committed, *slice, initial_capacity, 0); } { // Now that the view has no more reservable space, verify that it rejects // subsequent reservation requests. Slice::Reservation reservation = slice->reserve(1); expectReservationFailure(reservation, *slice, 0); } } TEST_F(OwnedSliceTest, Drain) { // Create a slice and commit all the available space. auto slice = OwnedSlice::create(100); Slice::Reservation reservation = slice->reserve(slice->reservableSize()); bool committed = slice->commit(reservation); EXPECT_TRUE(committed); EXPECT_EQ(0, slice->reservableSize()); // Drain some data from the front of the view and verify that the data start moves accordingly. const uint8_t* original_data = static_cast(slice->data()); uint64_t original_size = slice->dataSize(); slice->drain(0); EXPECT_EQ(original_data, slice->data()); EXPECT_EQ(original_size, slice->dataSize()); slice->drain(10); EXPECT_EQ(original_data + 10, slice->data()); EXPECT_EQ(original_size - 10, slice->dataSize()); slice->drain(50); EXPECT_EQ(original_data + 60, slice->data()); EXPECT_EQ(original_size - 60, slice->dataSize()); // Drain all the remaining data. slice->drain(slice->dataSize()); EXPECT_EQ(0, slice->dataSize()); EXPECT_EQ(original_size, slice->reservableSize()); } TEST(UnownedSliceTest, CreateDelete) { constexpr char input[] = "hello world"; bool release_callback_called = false; BufferFragmentImpl fragment( input, sizeof(input) - 1, [&release_callback_called](const void*, size_t, const BufferFragmentImpl*) { release_callback_called = true; }); auto slice = std::make_unique(fragment); EXPECT_EQ(11, slice->dataSize()); EXPECT_EQ(0, slice->reservableSize()); EXPECT_EQ(0, memcmp(slice->data(), input, slice->dataSize())); EXPECT_FALSE(release_callback_called); slice.reset(nullptr); EXPECT_TRUE(release_callback_called); } TEST(UnownedSliceTest, CreateDeleteOwnedBufferFragment) { constexpr char input[] = "hello world"; bool release_callback_called = false; auto fragment = OwnedBufferFragmentImpl::create( {input, sizeof(input) - 1}, [&release_callback_called](const OwnedBufferFragmentImpl*) { release_callback_called = true; }); auto slice = std::make_unique(*fragment); EXPECT_EQ(11, slice->dataSize()); EXPECT_EQ(0, slice->reservableSize()); EXPECT_EQ(0, memcmp(slice->data(), input, slice->dataSize())); EXPECT_FALSE(release_callback_called); slice.reset(nullptr); EXPECT_TRUE(release_callback_called); } TEST(SliceDequeTest, CreateDelete) { bool slice1_deleted = false; bool slice2_deleted = false; bool slice3_deleted = false; { // Create an empty deque. SliceDeque slices; EXPECT_TRUE(slices.empty()); EXPECT_EQ(0, slices.size()); // Append a view to the deque. const std::string slice1 = "slice1"; slices.emplace_back( std::make_unique(slice1, [&slice1_deleted]() { slice1_deleted = true; })); EXPECT_FALSE(slices.empty()); ASSERT_EQ(1, slices.size()); EXPECT_FALSE(slice1_deleted); EXPECT_TRUE(sliceMatches(slices.front(), slice1)); // Append another view to the deque, and verify that both views are accessible. const std::string slice2 = "slice2"; slices.emplace_back( std::make_unique(slice2, [&slice2_deleted]() { slice2_deleted = true; })); EXPECT_FALSE(slices.empty()); ASSERT_EQ(2, slices.size()); EXPECT_FALSE(slice1_deleted); EXPECT_FALSE(slice2_deleted); EXPECT_TRUE(sliceMatches(slices.front(), slice1)); EXPECT_TRUE(sliceMatches(slices.back(), slice2)); // Prepend a view to the deque, to exercise the ring buffer wraparound case. const std::string slice3 = "slice3"; slices.emplace_front( std::make_unique(slice3, [&slice3_deleted]() { slice3_deleted = true; })); EXPECT_FALSE(slices.empty()); ASSERT_EQ(3, slices.size()); EXPECT_FALSE(slice1_deleted); EXPECT_FALSE(slice2_deleted); EXPECT_FALSE(slice3_deleted); EXPECT_TRUE(sliceMatches(slices.front(), slice3)); EXPECT_TRUE(sliceMatches(slices.back(), slice2)); // Remove the first view from the deque, and verify that its slice is deleted. slices.pop_front(); EXPECT_FALSE(slices.empty()); ASSERT_EQ(2, slices.size()); EXPECT_FALSE(slice1_deleted); EXPECT_FALSE(slice2_deleted); EXPECT_TRUE(slice3_deleted); EXPECT_TRUE(sliceMatches(slices.front(), slice1)); EXPECT_TRUE(sliceMatches(slices.back(), slice2)); } EXPECT_TRUE(slice1_deleted); EXPECT_TRUE(slice2_deleted); EXPECT_TRUE(slice3_deleted); } TEST(BufferHelperTest, PeekI8) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 0xFE}); EXPECT_EQ(buffer.peekInt(), 0); EXPECT_EQ(buffer.peekInt(0), 0); EXPECT_EQ(buffer.peekInt(1), 1); EXPECT_EQ(buffer.peekInt(2), -2); EXPECT_EQ(buffer.length(), 3); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; buffer.writeByte(0); EXPECT_THROW_WITH_MESSAGE(buffer.peekInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEI16) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x0100); EXPECT_EQ(buffer.peekLEInt(0), 0x0100); EXPECT_EQ(buffer.peekLEInt(1), 0x0201); EXPECT_EQ(buffer.peekLEInt(2), 0x0302); EXPECT_EQ(buffer.peekLEInt(4), -1); EXPECT_EQ(buffer.length(), 6); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 2, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEI32) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x03020100); EXPECT_EQ(buffer.peekLEInt(0), 0x03020100); EXPECT_EQ(buffer.peekLEInt(1), 0xFF030201); EXPECT_EQ(buffer.peekLEInt(2), 0xFFFF0302); EXPECT_EQ(buffer.peekLEInt(4), -1); EXPECT_EQ(buffer.length(), 8); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 4, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEI64) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x0706050403020100); EXPECT_EQ(buffer.peekLEInt(0), 0x0706050403020100); EXPECT_EQ(buffer.peekLEInt(1), 0xFF07060504030201); EXPECT_EQ(buffer.peekLEInt(2), 0xFFFF070605040302); EXPECT_EQ(buffer.peekLEInt(8), -1); EXPECT_EQ(buffer.length(), 16); // partial EXPECT_EQ((buffer.peekLEInt()), 0x03020100); EXPECT_EQ((buffer.peekLEInt(1)), 0x04030201); EXPECT_EQ((buffer.peekLEInt()), 0x0100); EXPECT_EQ((buffer.peekLEInt(1)), 0x0201); } { // signed Buffer::OwnedImpl buffer; addSeq(buffer, {0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFE, 0xFF, 0xFF}); EXPECT_EQ((buffer.peekLEInt()), -1); EXPECT_EQ((buffer.peekLEInt(2)), 255); // 0x00FF EXPECT_EQ((buffer.peekLEInt(3)), -256); // 0xFF00 EXPECT_EQ((buffer.peekLEInt(5)), -2); // 0xFFFFFE } { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF}); EXPECT_THROW_WITH_MESSAGE( (buffer.peekLEInt(buffer.length() - sizeof(int64_t) + 1)), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 8, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEU16) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x0100); EXPECT_EQ(buffer.peekLEInt(0), 0x0100); EXPECT_EQ(buffer.peekLEInt(1), 0x0201); EXPECT_EQ(buffer.peekLEInt(2), 0x0302); EXPECT_EQ(buffer.peekLEInt(4), 0xFFFF); EXPECT_EQ(buffer.length(), 6); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 2, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEU32) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x03020100); EXPECT_EQ(buffer.peekLEInt(0), 0x03020100); EXPECT_EQ(buffer.peekLEInt(1), 0xFF030201); EXPECT_EQ(buffer.peekLEInt(2), 0xFFFF0302); EXPECT_EQ(buffer.peekLEInt(4), 0xFFFFFFFF); EXPECT_EQ(buffer.length(), 8); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 4, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekLEU64) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekLEInt(), 0x0706050403020100); EXPECT_EQ(buffer.peekLEInt(0), 0x0706050403020100); EXPECT_EQ(buffer.peekLEInt(1), 0xFF07060504030201); EXPECT_EQ(buffer.peekLEInt(2), 0xFFFF070605040302); EXPECT_EQ(buffer.peekLEInt(8), 0xFFFFFFFFFFFFFFFF); EXPECT_EQ(buffer.length(), 16); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 8, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekLEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEI16) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 1); EXPECT_EQ(buffer.peekBEInt(0), 1); EXPECT_EQ(buffer.peekBEInt(1), 0x0102); EXPECT_EQ(buffer.peekBEInt(2), 0x0203); EXPECT_EQ(buffer.peekBEInt(4), -1); EXPECT_EQ(buffer.length(), 6); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 2, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEI32) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 0x00010203); EXPECT_EQ(buffer.peekBEInt(0), 0x00010203); EXPECT_EQ(buffer.peekBEInt(1), 0x010203FF); EXPECT_EQ(buffer.peekBEInt(2), 0x0203FFFF); EXPECT_EQ(buffer.peekBEInt(4), -1); EXPECT_EQ(buffer.length(), 8); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 4, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEI64) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 0x0001020304050607); EXPECT_EQ(buffer.peekBEInt(0), 0x0001020304050607); EXPECT_EQ(buffer.peekBEInt(1), 0x01020304050607FF); EXPECT_EQ(buffer.peekBEInt(2), 0x020304050607FFFF); EXPECT_EQ(buffer.peekBEInt(8), -1); EXPECT_EQ(buffer.length(), 16); // partial EXPECT_EQ((buffer.peekBEInt()), 0x00010203); EXPECT_EQ((buffer.peekBEInt(1)), 0x01020304); EXPECT_EQ((buffer.peekBEInt()), 0x0001); EXPECT_EQ((buffer.peekBEInt(1)), 0x0102); } { // signed Buffer::OwnedImpl buffer; addSeq(buffer, {0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFE}); EXPECT_EQ((buffer.peekBEInt()), -1); EXPECT_EQ((buffer.peekBEInt(2)), -256); // 0xFF00 EXPECT_EQ((buffer.peekBEInt(3)), 255); // 0x00FF EXPECT_EQ((buffer.peekBEInt(5)), -2); // 0xFFFFFE } { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF}); EXPECT_THROW_WITH_MESSAGE( (buffer.peekBEInt(buffer.length() - sizeof(int64_t) + 1)), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 8, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEU16) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 1); EXPECT_EQ(buffer.peekBEInt(0), 1); EXPECT_EQ(buffer.peekBEInt(1), 0x0102); EXPECT_EQ(buffer.peekBEInt(2), 0x0203); EXPECT_EQ(buffer.peekBEInt(4), 0xFFFF); EXPECT_EQ(buffer.length(), 6); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 2, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEU32) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 0x00010203); EXPECT_EQ(buffer.peekBEInt(0), 0x00010203); EXPECT_EQ(buffer.peekBEInt(1), 0x010203FF); EXPECT_EQ(buffer.peekBEInt(2), 0x0203FFFF); EXPECT_EQ(buffer.peekBEInt(4), 0xFFFFFFFF); EXPECT_EQ(buffer.length(), 8); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 4, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, PeekBEU64) { { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.peekBEInt(), 0x0001020304050607); EXPECT_EQ(buffer.peekBEInt(0), 0x0001020304050607); EXPECT_EQ(buffer.peekBEInt(1), 0x01020304050607FF); EXPECT_EQ(buffer.peekBEInt(2), 0x020304050607FFFF); EXPECT_EQ(buffer.peekBEInt(8), 0xFFFFFFFFFFFFFFFF); EXPECT_EQ(buffer.length(), 16); } { Buffer::OwnedImpl buffer; EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(0), EnvoyException, "buffer underflow"); } { Buffer::OwnedImpl buffer; addRepeated(buffer, 8, 0); EXPECT_THROW_WITH_MESSAGE(buffer.peekBEInt(1), EnvoyException, "buffer underflow"); } } TEST(BufferHelperTest, DrainI8) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 0xFE}); EXPECT_EQ(buffer.drainInt(), 0); EXPECT_EQ(buffer.drainInt(), 1); EXPECT_EQ(buffer.drainInt(), -2); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainLEI16) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainLEInt(), 0x0100); EXPECT_EQ(buffer.drainLEInt(), 0x0302); EXPECT_EQ(buffer.drainLEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainLEI32) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainLEInt(), 0x03020100); EXPECT_EQ(buffer.drainLEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainLEI64) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainLEInt(), 0x0706050403020100); EXPECT_EQ(buffer.drainLEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainLEU32) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainLEInt(), 0x03020100); EXPECT_EQ(buffer.drainLEInt(), 0xFFFFFFFF); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainLEU64) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainLEInt(), 0x0706050403020100); EXPECT_EQ(buffer.drainLEInt(), 0xFFFFFFFFFFFFFFFF); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainBEI16) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainBEInt(), 1); EXPECT_EQ(buffer.drainBEInt(), 0x0203); EXPECT_EQ(buffer.drainBEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainBEI32) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainBEInt(), 0x00010203); EXPECT_EQ(buffer.drainBEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainBEI64) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainBEInt(), 0x0001020304050607); EXPECT_EQ(buffer.drainBEInt(), -1); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainBEU32) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainBEInt(), 0x00010203); EXPECT_EQ(buffer.drainBEInt(), 0xFFFFFFFF); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, DrainBEU64) { Buffer::OwnedImpl buffer; addSeq(buffer, {0, 1, 2, 3, 4, 5, 6, 7, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}); EXPECT_EQ(buffer.drainBEInt(), 0x0001020304050607); EXPECT_EQ(buffer.drainBEInt(), 0xFFFFFFFFFFFFFFFF); EXPECT_EQ(buffer.length(), 0); } TEST(BufferHelperTest, WriteI8) { Buffer::OwnedImpl buffer; buffer.writeByte(-128); buffer.writeByte(-1); buffer.writeByte(0); buffer.writeByte(1); buffer.writeByte(127); EXPECT_EQ(std::string("\x80\xFF\0\x1\x7F", 5), buffer.toString()); } TEST(BufferHelperTest, WriteLEI16) { { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\0\x80", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(0); EXPECT_EQ(std::string("\0\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(1); EXPECT_EQ(std::string("\x1\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\x7F", buffer.toString()); } } TEST(BufferHelperTest, WriteLEU16) { { Buffer::OwnedImpl buffer; buffer.writeLEInt(0); EXPECT_EQ(std::string("\0\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(1); EXPECT_EQ(std::string("\x1\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(static_cast(std::numeric_limits::max()) + 1); EXPECT_EQ(std::string("\0\x80", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteLEI32) { { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\0\0\0\x80", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(0); EXPECT_EQ(std::string("\0\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(1); EXPECT_EQ(std::string("\x1\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF\xFF\x7F", buffer.toString()); } } TEST(BufferHelperTest, WriteLEU32) { { Buffer::OwnedImpl buffer; buffer.writeLEInt(0); EXPECT_EQ(std::string("\0\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(1); EXPECT_EQ(std::string("\x1\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(static_cast(std::numeric_limits::max()) + 1); EXPECT_EQ(std::string("\0\0\0\x80", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF\xFF\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteLEI64) { { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\0\0\0\0\0\0\0\x80", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(1); EXPECT_EQ(std::string("\x1\0\0\0\0\0\0\0", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(0); EXPECT_EQ(std::string("\0\0\0\0\0\0\0\0", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeLEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x7F", buffer.toString()); } } TEST(BufferHelperTest, WriteBEI16) { { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\x80\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(0); EXPECT_EQ(std::string("\0\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(1); EXPECT_EQ(std::string("\0\x1", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::max()); EXPECT_EQ("\x7F\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteBEU16) { { Buffer::OwnedImpl buffer; buffer.writeBEInt(0); EXPECT_EQ(std::string("\0\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(1); EXPECT_EQ(std::string("\0\x1", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(static_cast(std::numeric_limits::max()) + 1); EXPECT_EQ(std::string("\x80\0", 2), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteBEI32) { { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\x80\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(0); EXPECT_EQ(std::string("\0\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(1); EXPECT_EQ(std::string("\0\0\0\x1", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::max()); EXPECT_EQ("\x7F\xFF\xFF\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteBEU32) { { Buffer::OwnedImpl buffer; buffer.writeBEInt(0); EXPECT_EQ(std::string("\0\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(1); EXPECT_EQ(std::string("\0\0\0\x1", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(static_cast(std::numeric_limits::max()) + 1); EXPECT_EQ(std::string("\x80\0\0\0", 4), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::max()); EXPECT_EQ("\xFF\xFF\xFF\xFF", buffer.toString()); } } TEST(BufferHelperTest, WriteBEI64) { { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::min()); EXPECT_EQ(std::string("\x80\0\0\0\0\0\0\0\0", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(1); EXPECT_EQ(std::string("\0\0\0\0\0\0\0\x1", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(0); EXPECT_EQ(std::string("\0\0\0\0\0\0\0\0", 8), buffer.toString()); } { Buffer::OwnedImpl buffer; buffer.writeBEInt(std::numeric_limits::max()); EXPECT_EQ("\x7F\xFF\xFF\xFF\xFF\xFF\xFF\xFF", buffer.toString()); } } } // namespace } // namespace Buffer } // namespace Envoy ================================================ FILE: test/common/buffer/owned_impl_test.cc ================================================ #include "envoy/api/io_error.h" #include "common/buffer/buffer_impl.h" #include "common/network/io_socket_handle_impl.h" #include "test/common/buffer/utility.h" #include "test/mocks/api/mocks.h" #include "test/test_common/logging.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "absl/strings/str_cat.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Return; namespace Envoy { namespace Buffer { namespace { class OwnedImplTest : public testing::Test { public: bool release_callback_called_ = false; protected: static void clearReservation(Buffer::RawSlice* iovecs, uint64_t num_iovecs, OwnedImpl& buffer) { for (uint64_t i = 0; i < num_iovecs; i++) { iovecs[i].len_ = 0; } buffer.commit(iovecs, num_iovecs); } static void commitReservation(Buffer::RawSlice* iovecs, uint64_t num_iovecs, OwnedImpl& buffer) { buffer.commit(iovecs, num_iovecs); } static void expectSlices(std::vector> buffer_list, OwnedImpl& buffer) { const auto& buffer_slices = buffer.describeSlicesForTest(); ASSERT_EQ(buffer_list.size(), buffer_slices.size()); for (uint64_t i = 0; i < buffer_slices.size(); i++) { EXPECT_EQ(buffer_slices[i].data, buffer_list[i][0]); EXPECT_EQ(buffer_slices[i].reservable, buffer_list[i][1]); EXPECT_EQ(buffer_slices[i].capacity, buffer_list[i][2]); } } static void expectFirstSlice(std::vector slice_description, OwnedImpl& buffer) { const auto& buffer_slices = buffer.describeSlicesForTest(); ASSERT_LE(1, buffer_slices.size()); EXPECT_EQ(buffer_slices[0].data, slice_description[0]); EXPECT_EQ(buffer_slices[0].reservable, slice_description[1]); EXPECT_EQ(buffer_slices[0].capacity, slice_description[2]); } }; TEST_F(OwnedImplTest, AddBufferFragmentNoCleanup) { char input[] = "hello world"; BufferFragmentImpl frag(input, 11, nullptr); Buffer::OwnedImpl buffer; buffer.addBufferFragment(frag); EXPECT_EQ(11, buffer.length()); buffer.drain(11); EXPECT_EQ(0, buffer.length()); } TEST_F(OwnedImplTest, AddBufferFragmentWithCleanup) { std::string input(2048, 'a'); BufferFragmentImpl frag( input.c_str(), input.size(), [this](const void*, size_t, const BufferFragmentImpl*) { release_callback_called_ = true; }); Buffer::OwnedImpl buffer; buffer.addBufferFragment(frag); EXPECT_EQ(2048, buffer.length()); buffer.drain(2000); EXPECT_EQ(48, buffer.length()); EXPECT_FALSE(release_callback_called_); buffer.drain(48); EXPECT_EQ(0, buffer.length()); EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, AddEmptyFragment) { char input[] = "hello world"; BufferFragmentImpl frag1(input, 11, [](const void*, size_t, const BufferFragmentImpl*) {}); BufferFragmentImpl frag2("", 0, [this](const void*, size_t, const BufferFragmentImpl*) { release_callback_called_ = true; }); BufferFragmentImpl frag3(input, 11, [](const void*, size_t, const BufferFragmentImpl*) {}); Buffer::OwnedImpl buffer; buffer.addBufferFragment(frag1); EXPECT_EQ(11, buffer.length()); buffer.addBufferFragment(frag2); EXPECT_EQ(11, buffer.length()); buffer.addBufferFragment(frag3); EXPECT_EQ(22, buffer.length()); // Cover case of copying a buffer with an empty fragment. Buffer::OwnedImpl buffer2; buffer2.add(buffer); // Cover copyOut std::unique_ptr outbuf(new char[buffer.length()]); buffer.copyOut(0, buffer.length(), outbuf.get()); buffer.drain(22); EXPECT_EQ(0, buffer.length()); EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, AddBufferFragmentDynamicAllocation) { std::string input_str(2048, 'a'); char* input = new char[2048]; std::copy(input_str.c_str(), input_str.c_str() + 11, input); BufferFragmentImpl* frag = new BufferFragmentImpl( input, 2048, [this](const void* data, size_t, const BufferFragmentImpl* frag) { release_callback_called_ = true; delete[] static_cast(data); delete frag; }); Buffer::OwnedImpl buffer; buffer.addBufferFragment(*frag); EXPECT_EQ(2048, buffer.length()); buffer.drain(2042); EXPECT_EQ(6, buffer.length()); EXPECT_FALSE(release_callback_called_); buffer.drain(6); EXPECT_EQ(0, buffer.length()); EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, AddOwnedBufferFragmentWithCleanup) { std::string input(2048, 'a'); const size_t expected_length = input.size(); auto frag = OwnedBufferFragmentImpl::create( {input.c_str(), expected_length}, [this](const OwnedBufferFragmentImpl*) { release_callback_called_ = true; }); Buffer::OwnedImpl buffer; buffer.addBufferFragment(*frag); EXPECT_EQ(expected_length, buffer.length()); const uint64_t partial_drain_size = 5; buffer.drain(partial_drain_size); EXPECT_EQ(expected_length - partial_drain_size, buffer.length()); EXPECT_FALSE(release_callback_called_); buffer.drain(expected_length - partial_drain_size); EXPECT_EQ(0, buffer.length()); EXPECT_TRUE(release_callback_called_); } // Verify that OwnedBufferFragment work correctly when input buffer is allocated on the heap. TEST_F(OwnedImplTest, AddOwnedBufferFragmentDynamicAllocation) { std::string input_str(2048, 'a'); const size_t expected_length = input_str.size(); char* input = new char[expected_length]; std::copy(input_str.c_str(), input_str.c_str() + expected_length, input); auto* frag = OwnedBufferFragmentImpl::create({input, expected_length}, [this, input](const OwnedBufferFragmentImpl* frag) { release_callback_called_ = true; delete[] input; delete frag; }) .release(); Buffer::OwnedImpl buffer; buffer.addBufferFragment(*frag); EXPECT_EQ(expected_length, buffer.length()); const uint64_t partial_drain_size = 5; buffer.drain(partial_drain_size); EXPECT_EQ(expected_length - partial_drain_size, buffer.length()); EXPECT_FALSE(release_callback_called_); buffer.drain(expected_length - partial_drain_size); EXPECT_EQ(0, buffer.length()); EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, Add) { const std::string string1 = "Hello, ", string2 = "World!"; Buffer::OwnedImpl buffer; buffer.add(string1); EXPECT_EQ(string1.size(), buffer.length()); EXPECT_EQ(string1, buffer.toString()); buffer.add(string2); EXPECT_EQ(string1.size() + string2.size(), buffer.length()); EXPECT_EQ(string1 + string2, buffer.toString()); // Append a large string that will only partially fit in the space remaining // at the end of the buffer. std::string big_suffix; big_suffix.reserve(16385); for (unsigned i = 0; i < 16; i++) { big_suffix += std::string(1024, 'A' + i); } big_suffix.push_back('-'); buffer.add(big_suffix); EXPECT_EQ(string1.size() + string2.size() + big_suffix.size(), buffer.length()); EXPECT_EQ(string1 + string2 + big_suffix, buffer.toString()); } TEST_F(OwnedImplTest, Prepend) { const std::string suffix = "World!", prefix = "Hello, "; Buffer::OwnedImpl buffer; buffer.add(suffix); buffer.prepend(prefix); EXPECT_EQ(suffix.size() + prefix.size(), buffer.length()); EXPECT_EQ(prefix + suffix, buffer.toString()); // Prepend a large string that will only partially fit in the space remaining // at the front of the buffer. std::string big_prefix; big_prefix.reserve(16385); for (unsigned i = 0; i < 16; i++) { big_prefix += std::string(1024, 'A' + i); } big_prefix.push_back('-'); buffer.prepend(big_prefix); EXPECT_EQ(big_prefix.size() + prefix.size() + suffix.size(), buffer.length()); EXPECT_EQ(big_prefix + prefix + suffix, buffer.toString()); } TEST_F(OwnedImplTest, PrependToEmptyBuffer) { std::string data = "Hello, World!"; Buffer::OwnedImpl buffer; buffer.prepend(data); EXPECT_EQ(data.size(), buffer.length()); EXPECT_EQ(data, buffer.toString()); buffer.prepend(""); EXPECT_EQ(data.size(), buffer.length()); EXPECT_EQ(data, buffer.toString()); } TEST_F(OwnedImplTest, PrependBuffer) { std::string suffix = "World!", prefix = "Hello, "; Buffer::OwnedImpl buffer; buffer.add(suffix); Buffer::OwnedImpl prefixBuffer; prefixBuffer.add(prefix); buffer.prepend(prefixBuffer); EXPECT_EQ(suffix.size() + prefix.size(), buffer.length()); EXPECT_EQ(prefix + suffix, buffer.toString()); EXPECT_EQ(0, prefixBuffer.length()); } TEST_F(OwnedImplTest, Write) { Api::MockOsSysCalls os_sys_calls; TestThreadsafeSingletonInjector os_calls(&os_sys_calls); Buffer::OwnedImpl buffer; Network::IoSocketHandleImpl io_handle; buffer.add("example"); EXPECT_CALL(os_sys_calls, writev(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{7, 0})); Api::IoCallUint64Result result = io_handle.write(buffer); EXPECT_TRUE(result.ok()); EXPECT_EQ(7, result.rc_); EXPECT_EQ(0, buffer.length()); buffer.add("example"); EXPECT_CALL(os_sys_calls, writev(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{6, 0})); result = io_handle.write(buffer); EXPECT_TRUE(result.ok()); EXPECT_EQ(6, result.rc_); EXPECT_EQ(1, buffer.length()); EXPECT_CALL(os_sys_calls, writev(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{0, 0})); result = io_handle.write(buffer); EXPECT_TRUE(result.ok()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(1, buffer.length()); EXPECT_CALL(os_sys_calls, writev(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{-1, 0})); result = io_handle.write(buffer); EXPECT_EQ(Api::IoError::IoErrorCode::UnknownError, result.err_->getErrorCode()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(1, buffer.length()); EXPECT_CALL(os_sys_calls, writev(_, _, _)) .WillOnce(Return(Api::SysCallSizeResult{-1, SOCKET_ERROR_AGAIN})); result = io_handle.write(buffer); EXPECT_EQ(Api::IoError::IoErrorCode::Again, result.err_->getErrorCode()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(1, buffer.length()); EXPECT_CALL(os_sys_calls, writev(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{1, 0})); result = io_handle.write(buffer); EXPECT_TRUE(result.ok()); EXPECT_EQ(1, result.rc_); EXPECT_EQ(0, buffer.length()); EXPECT_CALL(os_sys_calls, writev(_, _, _)).Times(0); result = io_handle.write(buffer); EXPECT_EQ(0, result.rc_); EXPECT_EQ(0, buffer.length()); } TEST_F(OwnedImplTest, Read) { Api::MockOsSysCalls os_sys_calls; TestThreadsafeSingletonInjector os_calls(&os_sys_calls); Buffer::OwnedImpl buffer; Network::IoSocketHandleImpl io_handle; EXPECT_CALL(os_sys_calls, readv(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{0, 0})); Api::IoCallUint64Result result = io_handle.read(buffer, 100); EXPECT_TRUE(result.ok()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(0, buffer.length()); EXPECT_THAT(buffer.describeSlicesForTest(), testing::IsEmpty()); EXPECT_CALL(os_sys_calls, readv(_, _, _)).WillOnce(Return(Api::SysCallSizeResult{-1, 0})); result = io_handle.read(buffer, 100); EXPECT_EQ(Api::IoError::IoErrorCode::UnknownError, result.err_->getErrorCode()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(0, buffer.length()); EXPECT_THAT(buffer.describeSlicesForTest(), testing::IsEmpty()); EXPECT_CALL(os_sys_calls, readv(_, _, _)) .WillOnce(Return(Api::SysCallSizeResult{-1, SOCKET_ERROR_AGAIN})); result = io_handle.read(buffer, 100); EXPECT_EQ(Api::IoError::IoErrorCode::Again, result.err_->getErrorCode()); EXPECT_EQ(0, result.rc_); EXPECT_EQ(0, buffer.length()); EXPECT_THAT(buffer.describeSlicesForTest(), testing::IsEmpty()); EXPECT_CALL(os_sys_calls, readv(_, _, _)).Times(0); result = io_handle.read(buffer, 0); EXPECT_EQ(0, result.rc_); EXPECT_EQ(0, buffer.length()); EXPECT_THAT(buffer.describeSlicesForTest(), testing::IsEmpty()); } TEST_F(OwnedImplTest, ExtractOwnedSlice) { // Create a buffer with two owned slices. Buffer::OwnedImpl buffer; buffer.appendSliceForTest("abcde"); const uint64_t expected_length0 = 5; buffer.appendSliceForTest("123"); const uint64_t expected_length1 = 3; EXPECT_EQ(buffer.toString(), "abcde123"); RawSliceVector slices = buffer.getRawSlices(); EXPECT_EQ(2, slices.size()); // Extract first slice. auto slice = buffer.extractMutableFrontSlice(); ASSERT_TRUE(slice); auto slice_data = slice->getMutableData(); ASSERT_NE(slice_data.data(), nullptr); EXPECT_EQ(slice_data.size(), expected_length0); EXPECT_EQ("abcde", absl::string_view(reinterpret_cast(slice_data.data()), slice_data.size())); EXPECT_EQ(buffer.toString(), "123"); // Modify and re-add extracted first slice data to the end of the buffer. auto slice_mutable_data = slice->getMutableData(); ASSERT_NE(slice_mutable_data.data(), nullptr); EXPECT_EQ(slice_mutable_data.size(), expected_length0); *slice_mutable_data.data() = 'A'; buffer.appendSliceForTest(slice_mutable_data.data(), slice_mutable_data.size()); EXPECT_EQ(buffer.toString(), "123Abcde"); // Extract second slice, leaving only the original first slice. slice = buffer.extractMutableFrontSlice(); ASSERT_TRUE(slice); slice_data = slice->getMutableData(); ASSERT_NE(slice_data.data(), nullptr); EXPECT_EQ(slice_data.size(), expected_length1); EXPECT_EQ("123", absl::string_view(reinterpret_cast(slice_data.data()), slice_data.size())); EXPECT_EQ(buffer.toString(), "Abcde"); } TEST_F(OwnedImplTest, ExtractAfterSentinelDiscard) { // Create a buffer with a sentinel and one owned slice. Buffer::OwnedImpl buffer; bool sentinel_discarded = false; const Buffer::OwnedBufferFragmentImpl::Releasor sentinel_releasor{ [&](const Buffer::OwnedBufferFragmentImpl* sentinel) { sentinel_discarded = true; delete sentinel; }}; auto sentinel = Buffer::OwnedBufferFragmentImpl::create(absl::string_view("", 0), sentinel_releasor); buffer.addBufferFragment(*sentinel.release()); buffer.appendSliceForTest("abcde"); const uint64_t expected_length = 5; EXPECT_EQ(buffer.toString(), "abcde"); RawSliceVector slices = buffer.getRawSlices(); // only returns slices with data EXPECT_EQ(1, slices.size()); // Extract owned slice after discarding sentinel. EXPECT_FALSE(sentinel_discarded); auto slice = buffer.extractMutableFrontSlice(); ASSERT_TRUE(slice); EXPECT_TRUE(sentinel_discarded); auto slice_data = slice->getMutableData(); ASSERT_NE(slice_data.data(), nullptr); EXPECT_EQ(slice_data.size(), expected_length); EXPECT_EQ("abcde", absl::string_view(reinterpret_cast(slice_data.data()), slice_data.size())); EXPECT_EQ(0, buffer.length()); } TEST_F(OwnedImplTest, DrainThenExtractOwnedSlice) { // Create a buffer with two owned slices. Buffer::OwnedImpl buffer; buffer.appendSliceForTest("abcde"); const uint64_t expected_length0 = 5; buffer.appendSliceForTest("123"); EXPECT_EQ(buffer.toString(), "abcde123"); RawSliceVector slices = buffer.getRawSlices(); EXPECT_EQ(2, slices.size()); // Partially drain the first slice. const uint64_t partial_drain_size = 2; buffer.drain(partial_drain_size); EXPECT_EQ(buffer.toString(), static_cast("abcde123") + partial_drain_size); // Extracted partially drained first slice, leaving the second slice. auto slice = buffer.extractMutableFrontSlice(); ASSERT_TRUE(slice); auto slice_data = slice->getMutableData(); ASSERT_NE(slice_data.data(), nullptr); EXPECT_EQ(slice_data.size(), expected_length0 - partial_drain_size); EXPECT_EQ(static_cast("abcde") + partial_drain_size, absl::string_view(reinterpret_cast(slice_data.data()), slice_data.size())); EXPECT_EQ(buffer.toString(), "123"); } TEST_F(OwnedImplTest, ExtractUnownedSlice) { // Create a buffer with an unowned slice. std::string input{"unowned test slice"}; const size_t expected_length0 = input.size(); auto frag = OwnedBufferFragmentImpl::create( {input.c_str(), expected_length0}, [this](const OwnedBufferFragmentImpl*) { release_callback_called_ = true; }); Buffer::OwnedImpl buffer; buffer.addBufferFragment(*frag); bool drain_tracker_called{false}; buffer.addDrainTracker([&] { drain_tracker_called = true; }); // Add an owned slice to the end of the buffer. EXPECT_EQ(expected_length0, buffer.length()); std::string owned_slice_content{"another slice, but owned"}; buffer.add(owned_slice_content); const uint64_t expected_length1 = owned_slice_content.length(); // Partially drain the unowned slice. const uint64_t partial_drain_size = 5; buffer.drain(partial_drain_size); EXPECT_EQ(expected_length0 - partial_drain_size + expected_length1, buffer.length()); EXPECT_FALSE(release_callback_called_); EXPECT_FALSE(drain_tracker_called); // Extract what remains of the unowned slice, leaving only the owned slice. auto slice = buffer.extractMutableFrontSlice(); ASSERT_TRUE(slice); EXPECT_TRUE(drain_tracker_called); auto slice_data = slice->getMutableData(); ASSERT_NE(slice_data.data(), nullptr); EXPECT_EQ(slice_data.size(), expected_length0 - partial_drain_size); EXPECT_EQ(input.data() + partial_drain_size, absl::string_view(reinterpret_cast(slice_data.data()), slice_data.size())); EXPECT_EQ(expected_length1, buffer.length()); // The underlying immutable unowned slice was discarded during the extract // operation and replaced with a mutable copy. The drain trackers were // called as part of the extract, implying that the release callback was called. EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, ExtractWithDrainTracker) { testing::InSequence s; Buffer::OwnedImpl buffer; buffer.add("a"); testing::MockFunction tracker1; testing::MockFunction tracker2; buffer.addDrainTracker(tracker1.AsStdFunction()); buffer.addDrainTracker(tracker2.AsStdFunction()); testing::MockFunction done; EXPECT_CALL(tracker1, Call()); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(done, Call()); auto slice = buffer.extractMutableFrontSlice(); // The test now has ownership of the slice, but the drain trackers were // called as part of the extract operation done.Call(); slice.reset(); } TEST_F(OwnedImplTest, DrainTracking) { testing::InSequence s; Buffer::OwnedImpl buffer; buffer.add("a"); testing::MockFunction tracker1; testing::MockFunction tracker2; buffer.addDrainTracker(tracker1.AsStdFunction()); buffer.addDrainTracker(tracker2.AsStdFunction()); testing::MockFunction done; EXPECT_CALL(tracker1, Call()); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(done, Call()); buffer.drain(buffer.length()); done.Call(); } TEST_F(OwnedImplTest, MoveDrainTrackersWhenTransferingSlices) { testing::InSequence s; Buffer::OwnedImpl buffer1; buffer1.add("a"); testing::MockFunction tracker1; buffer1.addDrainTracker(tracker1.AsStdFunction()); Buffer::OwnedImpl buffer2; buffer2.add("b"); testing::MockFunction tracker2; buffer2.addDrainTracker(tracker2.AsStdFunction()); buffer2.add(std::string(10000, 'c')); testing::MockFunction tracker3; buffer2.addDrainTracker(tracker3.AsStdFunction()); EXPECT_EQ(2, buffer2.getRawSlices().size()); buffer1.move(buffer2); EXPECT_EQ(10002, buffer1.length()); EXPECT_EQ(0, buffer2.length()); EXPECT_EQ(3, buffer1.getRawSlices().size()); EXPECT_EQ(0, buffer2.getRawSlices().size()); testing::MockFunction done; EXPECT_CALL(tracker1, Call()); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(tracker3, Call()); EXPECT_CALL(done, Call()); buffer1.drain(buffer1.length()); done.Call(); } TEST_F(OwnedImplTest, MoveDrainTrackersWhenCopying) { testing::InSequence s; Buffer::OwnedImpl buffer1; buffer1.add("a"); testing::MockFunction tracker1; buffer1.addDrainTracker(tracker1.AsStdFunction()); Buffer::OwnedImpl buffer2; buffer2.add("b"); testing::MockFunction tracker2; buffer2.addDrainTracker(tracker2.AsStdFunction()); buffer1.move(buffer2); EXPECT_EQ(2, buffer1.length()); EXPECT_EQ(0, buffer2.length()); EXPECT_EQ(1, buffer1.getRawSlices().size()); EXPECT_EQ(0, buffer2.getRawSlices().size()); buffer1.drain(1); testing::MockFunction done; EXPECT_CALL(tracker1, Call()); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(done, Call()); buffer1.drain(1); done.Call(); } TEST_F(OwnedImplTest, PartialMoveDrainTrackers) { testing::InSequence s; Buffer::OwnedImpl buffer1; buffer1.add("a"); testing::MockFunction tracker1; buffer1.addDrainTracker(tracker1.AsStdFunction()); Buffer::OwnedImpl buffer2; buffer2.add("b"); testing::MockFunction tracker2; buffer2.addDrainTracker(tracker2.AsStdFunction()); buffer2.add(std::string(10000, 'c')); testing::MockFunction tracker3; buffer2.addDrainTracker(tracker3.AsStdFunction()); EXPECT_EQ(2, buffer2.getRawSlices().size()); // Move the first slice and associated trackers and part of the second slice to buffer1. buffer1.move(buffer2, 4999); EXPECT_EQ(5000, buffer1.length()); EXPECT_EQ(5002, buffer2.length()); EXPECT_EQ(3, buffer1.getRawSlices().size()); EXPECT_EQ(1, buffer2.getRawSlices().size()); testing::MockFunction done; EXPECT_CALL(tracker1, Call()); buffer1.drain(1); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(done, Call()); buffer1.drain(buffer1.length()); done.Call(); // tracker3 remained in buffer2. EXPECT_CALL(tracker3, Call()); buffer2.drain(buffer2.length()); } TEST_F(OwnedImplTest, DrainTrackingOnDestruction) { testing::InSequence s; auto buffer = std::make_unique(); buffer->add("a"); testing::MockFunction tracker; buffer->addDrainTracker(tracker.AsStdFunction()); testing::MockFunction done; EXPECT_CALL(tracker, Call()); EXPECT_CALL(done, Call()); buffer.reset(); done.Call(); } TEST_F(OwnedImplTest, Linearize) { Buffer::OwnedImpl buffer; // Unowned slice to track when linearize kicks in. std::string input(1000, 'a'); BufferFragmentImpl frag( input.c_str(), input.size(), [this](const void*, size_t, const BufferFragmentImpl*) { release_callback_called_ = true; }); buffer.addBufferFragment(frag); // Second slice with more data. buffer.add(std::string(1000, 'b')); // Linearize does not change the pointer associated with the first slice if requested size is less // than or equal to size of the first slice. EXPECT_EQ(input.c_str(), buffer.linearize(input.size())); EXPECT_FALSE(release_callback_called_); constexpr uint64_t LinearizeSize = 2000; void* out_ptr = buffer.linearize(LinearizeSize); EXPECT_TRUE(release_callback_called_); EXPECT_EQ(input + std::string(1000, 'b'), absl::string_view(reinterpret_cast(out_ptr), LinearizeSize)); } TEST_F(OwnedImplTest, LinearizeEmptyBuffer) { Buffer::OwnedImpl buffer; EXPECT_EQ(nullptr, buffer.linearize(0)); } TEST_F(OwnedImplTest, LinearizeSingleSlice) { auto buffer = std::make_unique(); // Unowned slice to track when linearize kicks in. std::string input(1000, 'a'); BufferFragmentImpl frag( input.c_str(), input.size(), [this](const void*, size_t, const BufferFragmentImpl*) { release_callback_called_ = true; }); buffer->addBufferFragment(frag); EXPECT_EQ(input.c_str(), buffer->linearize(buffer->length())); EXPECT_FALSE(release_callback_called_); buffer.reset(); EXPECT_TRUE(release_callback_called_); } TEST_F(OwnedImplTest, LinearizeDrainTracking) { constexpr uint32_t SmallChunk = 200; constexpr uint32_t LargeChunk = 16384 - SmallChunk; constexpr uint32_t LinearizeSize = SmallChunk + LargeChunk; // Create a buffer with a eclectic combination of buffer OwnedSlice and UnownedSlices that will // help us explore the properties of linearize. Buffer::OwnedImpl buffer; // Large add below the target linearize size. testing::MockFunction tracker1; buffer.add(std::string(LargeChunk, 'a')); buffer.addDrainTracker(tracker1.AsStdFunction()); // Unowned slice which causes some fragmentation. testing::MockFunction tracker2; testing::MockFunction release_callback_tracker; std::string frag_input(2 * SmallChunk, 'b'); BufferFragmentImpl frag(frag_input.c_str(), frag_input.size(), release_callback_tracker.AsStdFunction()); buffer.addBufferFragment(frag); buffer.addDrainTracker(tracker2.AsStdFunction()); // And an unowned slice with 0 size, because. testing::MockFunction tracker3; testing::MockFunction release_callback_tracker2; BufferFragmentImpl frag2(nullptr, 0, release_callback_tracker2.AsStdFunction()); buffer.addBufferFragment(frag2); buffer.addDrainTracker(tracker3.AsStdFunction()); // Add a very large chunk testing::MockFunction tracker4; buffer.add(std::string(LargeChunk + LinearizeSize, 'c')); buffer.addDrainTracker(tracker4.AsStdFunction()); // Small adds that create no gaps. testing::MockFunction tracker5; for (int i = 0; i < 105; ++i) { buffer.add(std::string(SmallChunk, 'd')); } buffer.addDrainTracker(tracker5.AsStdFunction()); expectSlices({{16184, 136, 16320}, {400, 0, 400}, {0, 0, 0}, {32704, 0, 32704}, {4032, 0, 4032}, {4032, 0, 4032}, {4032, 0, 4032}, {4032, 0, 4032}, {4032, 0, 4032}, {704, 3328, 4032}}, buffer); testing::InSequence s; testing::MockFunction drain_tracker; testing::MockFunction done_tracker; EXPECT_CALL(tracker1, Call()); EXPECT_CALL(drain_tracker, Call(3 * LargeChunk + 108 * SmallChunk, 16384)); EXPECT_CALL(release_callback_tracker, Call(_, _, _)); EXPECT_CALL(tracker2, Call()); EXPECT_CALL(release_callback_tracker2, Call(_, _, _)); EXPECT_CALL(tracker3, Call()); EXPECT_CALL(drain_tracker, Call(2 * LargeChunk + 107 * SmallChunk, 16384)); EXPECT_CALL(drain_tracker, Call(LargeChunk + 106 * SmallChunk, 16384)); EXPECT_CALL(tracker4, Call()); EXPECT_CALL(drain_tracker, Call(105 * SmallChunk, 16384)); EXPECT_CALL(tracker5, Call()); EXPECT_CALL(drain_tracker, Call(4616, 4616)); EXPECT_CALL(done_tracker, Call()); for (auto& expected_first_slice : std::vector>{{16384, 4032, 20416}, {16384, 4032, 20416}, {16520, 0, 32704}, {16384, 4032, 20416}, {4616, 3512, 8128}}) { const uint32_t write_size = std::min(LinearizeSize, buffer.length()); buffer.linearize(write_size); expectFirstSlice(expected_first_slice, buffer); drain_tracker.Call(buffer.length(), write_size); buffer.drain(write_size); } done_tracker.Call(); expectSlices({}, buffer); } TEST_F(OwnedImplTest, ReserveCommit) { // This fragment will later be added to the buffer. It is declared in an enclosing scope to // ensure it is not destructed until after the buffer is. const std::string input = "Hello, world"; BufferFragmentImpl fragment(input.c_str(), input.size(), nullptr); { Buffer::OwnedImpl buffer; // A zero-byte reservation should fail. static constexpr uint64_t NumIovecs = 16; Buffer::RawSlice iovecs[NumIovecs]; uint64_t num_reserved = buffer.reserve(0, iovecs, NumIovecs); EXPECT_EQ(0, num_reserved); clearReservation(iovecs, num_reserved, buffer); EXPECT_EQ(0, buffer.length()); // Test and commit a small reservation. This should succeed. num_reserved = buffer.reserve(1, iovecs, NumIovecs); EXPECT_EQ(1, num_reserved); // The implementation might provide a bigger reservation than requested. EXPECT_LE(1, iovecs[0].len_); iovecs[0].len_ = 1; commitReservation(iovecs, num_reserved, buffer); EXPECT_EQ(1, buffer.length()); // Request a reservation that fits in the remaining space at the end of the last slice. num_reserved = buffer.reserve(1, iovecs, NumIovecs); EXPECT_EQ(1, num_reserved); EXPECT_LE(1, iovecs[0].len_); iovecs[0].len_ = 1; const void* slice1 = iovecs[0].mem_; clearReservation(iovecs, num_reserved, buffer); // Request a reservation that is too large to fit in the remaining space at the end of // the last slice, and allow the buffer to use only one slice. This should result in the // creation of a new slice within the buffer. num_reserved = buffer.reserve(4096 - sizeof(OwnedSlice), iovecs, 1); EXPECT_EQ(1, num_reserved); EXPECT_NE(slice1, iovecs[0].mem_); clearReservation(iovecs, num_reserved, buffer); // Request the same size reservation, but allow the buffer to use multiple slices. This // should result in the buffer creating a second slice and splitting the reservation between the // last two slices. num_reserved = buffer.reserve(4096 - sizeof(OwnedSlice), iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); EXPECT_EQ(slice1, iovecs[0].mem_); clearReservation(iovecs, num_reserved, buffer); // Request a reservation that too big to fit in the existing slices. This should result // in the creation of a third slice. expectSlices({{1, 4031, 4032}}, buffer); buffer.reserve(4096 - sizeof(OwnedSlice), iovecs, NumIovecs); expectSlices({{1, 4031, 4032}, {0, 4032, 4032}}, buffer); const void* slice2 = iovecs[1].mem_; num_reserved = buffer.reserve(8192, iovecs, NumIovecs); expectSlices({{1, 4031, 4032}, {0, 4032, 4032}, {0, 4032, 4032}}, buffer); EXPECT_EQ(3, num_reserved); EXPECT_EQ(slice1, iovecs[0].mem_); EXPECT_EQ(slice2, iovecs[1].mem_); clearReservation(iovecs, num_reserved, buffer); // Append a fragment to the buffer, and then request a small reservation. The buffer // should make a new slice to satisfy the reservation; it cannot safely use any of // the previously seen slices, because they are no longer at the end of the buffer. expectSlices({{1, 4031, 4032}}, buffer); buffer.addBufferFragment(fragment); EXPECT_EQ(13, buffer.length()); num_reserved = buffer.reserve(1, iovecs, NumIovecs); expectSlices({{1, 4031, 4032}, {12, 0, 12}, {0, 4032, 4032}}, buffer); EXPECT_EQ(1, num_reserved); EXPECT_NE(slice1, iovecs[0].mem_); commitReservation(iovecs, num_reserved, buffer); EXPECT_EQ(14, buffer.length()); } } TEST_F(OwnedImplTest, ReserveCommitReuse) { Buffer::OwnedImpl buffer; static constexpr uint64_t NumIovecs = 2; Buffer::RawSlice iovecs[NumIovecs]; // Reserve 8KB and commit all but a few bytes of it, to ensure that // the last slice of the buffer can hold part but not all of the // next reservation. Note that the buffer implementation might // allocate more than the requested 8KB. In case the implementation // uses a power-of-two allocator, the subsequent reservations all // request 16KB. uint64_t num_reserved = buffer.reserve(8192, iovecs, NumIovecs); EXPECT_EQ(1, num_reserved); iovecs[0].len_ = 8000; buffer.commit(iovecs, 1); EXPECT_EQ(8000, buffer.length()); // Reserve 16KB. The resulting reservation should span 2 slices. // Commit part of the first slice and none of the second slice. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); const void* first_slice = iovecs[0].mem_; iovecs[0].len_ = 1; expectSlices({{8000, 4224, 12224}, {0, 12224, 12224}}, buffer); buffer.commit(iovecs, 1); EXPECT_EQ(8001, buffer.length()); EXPECT_EQ(first_slice, iovecs[0].mem_); // The second slice is now released because there's nothing in the second slice. expectSlices({{8001, 4223, 12224}}, buffer); // Reserve 16KB again. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); expectSlices({{8001, 4223, 12224}, {0, 12224, 12224}}, buffer); EXPECT_EQ(2, num_reserved); EXPECT_EQ(static_cast(first_slice) + 1, static_cast(iovecs[0].mem_)); } TEST_F(OwnedImplTest, ReserveReuse) { Buffer::OwnedImpl buffer; static constexpr uint64_t NumIovecs = 2; Buffer::RawSlice iovecs[NumIovecs]; // Reserve some space and leave it uncommitted. uint64_t num_reserved = buffer.reserve(8192, iovecs, NumIovecs); EXPECT_EQ(1, num_reserved); const void* first_slice = iovecs[0].mem_; // Reserve more space and verify that it begins with the same slice from the last reservation. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); EXPECT_EQ(first_slice, iovecs[0].mem_); const void* second_slice = iovecs[1].mem_; // Repeat the last reservation and verify that it yields the same slices. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); EXPECT_EQ(first_slice, iovecs[0].mem_); EXPECT_EQ(second_slice, iovecs[1].mem_); expectSlices({{0, 12224, 12224}, {0, 8128, 8128}}, buffer); // Request a larger reservation, verify that the second entry is replaced with a block with a // larger size. num_reserved = buffer.reserve(30000, iovecs, NumIovecs); const void* third_slice = iovecs[1].mem_; EXPECT_EQ(2, num_reserved); EXPECT_EQ(first_slice, iovecs[0].mem_); EXPECT_EQ(12224, iovecs[0].len_); EXPECT_NE(second_slice, iovecs[1].mem_); EXPECT_EQ(30000 - iovecs[0].len_, iovecs[1].len_); expectSlices({{0, 12224, 12224}, {0, 8128, 8128}, {0, 20416, 20416}}, buffer); // Repeating a the reservation request for a smaller block returns the previous entry. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); EXPECT_EQ(first_slice, iovecs[0].mem_); EXPECT_EQ(second_slice, iovecs[1].mem_); expectSlices({{0, 12224, 12224}, {0, 8128, 8128}, {0, 20416, 20416}}, buffer); // Repeat the larger reservation notice that it doesn't match the prior reservation for 30000 // bytes. num_reserved = buffer.reserve(30000, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); EXPECT_EQ(first_slice, iovecs[0].mem_); EXPECT_EQ(12224, iovecs[0].len_); EXPECT_NE(second_slice, iovecs[1].mem_); EXPECT_NE(third_slice, iovecs[1].mem_); EXPECT_EQ(30000 - iovecs[0].len_, iovecs[1].len_); expectSlices({{0, 12224, 12224}, {0, 8128, 8128}, {0, 20416, 20416}, {0, 20416, 20416}}, buffer); // Commit the most recent reservation and verify the representation. buffer.commit(iovecs, num_reserved); expectSlices({{12224, 0, 12224}, {0, 8128, 8128}, {0, 20416, 20416}, {17776, 2640, 20416}}, buffer); // Do another reservation. num_reserved = buffer.reserve(16384, iovecs, NumIovecs); EXPECT_EQ(2, num_reserved); expectSlices({{12224, 0, 12224}, {0, 8128, 8128}, {0, 20416, 20416}, {17776, 2640, 20416}, {0, 16320, 16320}}, buffer); // And commit. buffer.commit(iovecs, num_reserved); expectSlices({{12224, 0, 12224}, {0, 8128, 8128}, {0, 20416, 20416}, {20416, 0, 20416}, {13744, 2576, 16320}}, buffer); } TEST_F(OwnedImplTest, Search) { // Populate a buffer with a string split across many small slices, to // exercise edge cases in the search implementation. static const char* Inputs[] = {"ab", "a", "", "aaa", "b", "a", "aaa", "ab", "a"}; Buffer::OwnedImpl buffer; for (const auto& input : Inputs) { buffer.appendSliceForTest(input); } EXPECT_STREQ("abaaaabaaaaaba", buffer.toString().c_str()); EXPECT_EQ(-1, buffer.search("c", 1, 0, 0)); EXPECT_EQ(0, buffer.search("", 0, 0, 0)); EXPECT_EQ(buffer.length(), buffer.search("", 0, buffer.length(), 0)); EXPECT_EQ(-1, buffer.search("", 0, buffer.length() + 1, 0)); EXPECT_EQ(0, buffer.search("a", 1, 0, 0)); EXPECT_EQ(1, buffer.search("b", 1, 1, 0)); EXPECT_EQ(2, buffer.search("a", 1, 1, 0)); EXPECT_EQ(0, buffer.search("abaa", 4, 0, 0)); EXPECT_EQ(2, buffer.search("aaaa", 4, 0, 0)); EXPECT_EQ(2, buffer.search("aaaa", 4, 1, 0)); EXPECT_EQ(2, buffer.search("aaaa", 4, 2, 0)); EXPECT_EQ(7, buffer.search("aaaaab", 6, 0, 0)); EXPECT_EQ(0, buffer.search("abaaaabaaaaaba", 14, 0, 0)); EXPECT_EQ(12, buffer.search("ba", 2, 10, 0)); EXPECT_EQ(-1, buffer.search("abaaaabaaaaabaa", 15, 0, 0)); } TEST_F(OwnedImplTest, SearchWithLengthLimit) { // Populate a buffer with a string split across many small slices, to // exercise edge cases in the search implementation. static const char* Inputs[] = {"ab", "a", "", "aaa", "b", "a", "aaa", "ab", "a"}; Buffer::OwnedImpl buffer; for (const auto& input : Inputs) { buffer.appendSliceForTest(input); } EXPECT_STREQ("abaaaabaaaaaba", buffer.toString().c_str()); // The string is there, but the search is limited to 1 byte. EXPECT_EQ(-1, buffer.search("b", 1, 0, 1)); // The string is there, but the search is limited to 1 byte. EXPECT_EQ(-1, buffer.search("ab", 2, 0, 1)); // The string is there, but spans over 2 slices. The search length is enough // to find it. EXPECT_EQ(1, buffer.search("ba", 2, 0, 3)); EXPECT_EQ(1, buffer.search("ba", 2, 0, 5)); EXPECT_EQ(1, buffer.search("ba", 2, 1, 2)); EXPECT_EQ(1, buffer.search("ba", 2, 1, 5)); // The string spans over 3 slices. test different variations of search length // and starting position. EXPECT_EQ(2, buffer.search("aaaab", 5, 2, 5)); EXPECT_EQ(-1, buffer.search("aaaab", 5, 2, 3)); EXPECT_EQ(2, buffer.search("aaaab", 5, 2, 6)); EXPECT_EQ(2, buffer.search("aaaab", 5, 0, 8)); EXPECT_EQ(-1, buffer.search("aaaab", 5, 0, 6)); // Test searching for the string which in in the last slice. EXPECT_EQ(12, buffer.search("ba", 2, 12, 2)); EXPECT_EQ(12, buffer.search("ba", 2, 11, 3)); EXPECT_EQ(-1, buffer.search("ba", 2, 11, 2)); // Test cases when length to search is larger than buffer EXPECT_EQ(12, buffer.search("ba", 2, 11, 10e6)); } TEST_F(OwnedImplTest, StartsWith) { // Populate a buffer with a string split across many small slices, to // exercise edge cases in the startsWith implementation. static const char* Inputs[] = {"ab", "a", "", "aaa", "b", "a", "aaa", "ab", "a"}; Buffer::OwnedImpl buffer; for (const auto& input : Inputs) { buffer.appendSliceForTest(input); } EXPECT_STREQ("abaaaabaaaaaba", buffer.toString().c_str()); EXPECT_FALSE(buffer.startsWith({"abaaaabaaaaabaXXX", 17})); EXPECT_FALSE(buffer.startsWith({"c", 1})); EXPECT_TRUE(buffer.startsWith({"", 0})); EXPECT_TRUE(buffer.startsWith({"a", 1})); EXPECT_TRUE(buffer.startsWith({"ab", 2})); EXPECT_TRUE(buffer.startsWith({"aba", 3})); EXPECT_TRUE(buffer.startsWith({"abaa", 4})); EXPECT_TRUE(buffer.startsWith({"abaaaab", 7})); EXPECT_TRUE(buffer.startsWith({"abaaaabaaaaaba", 14})); EXPECT_FALSE(buffer.startsWith({"ba", 2})); } TEST_F(OwnedImplTest, ToString) { Buffer::OwnedImpl buffer; EXPECT_EQ("", buffer.toString()); auto append = [&buffer](absl::string_view str) { buffer.add(str.data(), str.size()); }; append("Hello, "); EXPECT_EQ("Hello, ", buffer.toString()); append("world!"); EXPECT_EQ("Hello, world!", buffer.toString()); // From debug inspection, I find that a second fragment is created at >1000 bytes. std::string long_string(5000, 'A'); append(long_string); EXPECT_EQ(absl::StrCat("Hello, world!" + long_string), buffer.toString()); } TEST_F(OwnedImplTest, AppendSliceForTest) { static constexpr size_t NumInputs = 3; static constexpr const char* Inputs[] = {"one", "2", "", "four", ""}; Buffer::OwnedImpl buffer; EXPECT_EQ(0, buffer.getRawSlices().size()); EXPECT_EQ(0, buffer.getRawSlices(NumInputs).size()); for (const auto& input : Inputs) { buffer.appendSliceForTest(input); } // getRawSlices(max_slices) will only return the 3 slices with nonzero length. RawSliceVector slices = buffer.getRawSlices(/*max_slices=*/NumInputs); EXPECT_EQ(3, slices.size()); // Verify edge case where max_slices is -1 and +1 the actual non-empty slice count. EXPECT_EQ(2, buffer.getRawSlices(/*max_slices=*/NumInputs - 1).size()); EXPECT_EQ(3, buffer.getRawSlices(/*max_slices=*/NumInputs + 1).size()); auto expectSlice = [](const RawSlice& slice, const char* expected) { size_t length = strlen(expected); EXPECT_EQ(length, slice.len_) << expected; EXPECT_EQ(0, memcmp(slice.mem_, expected, length)); }; expectSlice(slices[0], "one"); expectSlice(slices[1], "2"); expectSlice(slices[2], "four"); // getRawSlices returns only the slices with nonzero length. RawSliceVector slices_vector = buffer.getRawSlices(); EXPECT_EQ(3, slices_vector.size()); expectSlice(slices_vector[0], "one"); expectSlice(slices_vector[1], "2"); expectSlice(slices_vector[2], "four"); } // Regression test for oss-fuzz issue // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13263, where prepending // an empty buffer resulted in a corrupted libevent internal state. TEST_F(OwnedImplTest, PrependEmpty) { Buffer::OwnedImpl buf; Buffer::OwnedImpl other_buf; char input[] = "foo"; BufferFragmentImpl frag(input, 3, nullptr); buf.addBufferFragment(frag); buf.prepend(""); other_buf.move(buf, 1); buf.add("bar"); EXPECT_EQ("oobar", buf.toString()); buf.drain(5); EXPECT_EQ(0, buf.length()); } // Regression test for oss-fuzz issues // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14466, empty commit // following a reserve resulted in a corrupted libevent internal state. TEST_F(OwnedImplTest, ReserveZeroCommit) { BufferFragmentImpl frag("", 0, nullptr); Buffer::OwnedImpl buf; buf.addBufferFragment(frag); buf.prepend("bbbbb"); buf.add(""); constexpr uint32_t reserve_slices = 16; Buffer::RawSlice slices[reserve_slices]; const uint32_t allocated_slices = buf.reserve(1280, slices, reserve_slices); for (uint32_t i = 0; i < allocated_slices; ++i) { slices[i].len_ = 0; } buf.commit(slices, allocated_slices); os_fd_t pipe_fds[2] = {0, 0}; auto& os_sys_calls = Api::OsSysCallsSingleton::get(); #ifdef WIN32 ASSERT_EQ(os_sys_calls.socketpair(AF_INET, SOCK_STREAM, 0, pipe_fds).rc_, 0); #else ASSERT_EQ(pipe(pipe_fds), 0); #endif Network::IoSocketHandleImpl io_handle(pipe_fds[0]); ASSERT_EQ(os_sys_calls.setsocketblocking(pipe_fds[0], false).rc_, 0); ASSERT_EQ(os_sys_calls.setsocketblocking(pipe_fds[1], false).rc_, 0); const uint32_t max_length = 1953; std::string data(max_length, 'e'); const ssize_t rc = os_sys_calls.write(pipe_fds[1], data.data(), max_length).rc_; ASSERT_GT(rc, 0); const uint32_t previous_length = buf.length(); Api::IoCallUint64Result result = io_handle.read(buf, max_length); ASSERT_EQ(result.rc_, static_cast(rc)); ASSERT_EQ(os_sys_calls.close(pipe_fds[1]).rc_, 0); ASSERT_EQ(previous_length, buf.search(data.data(), rc, previous_length, 0)); EXPECT_EQ("bbbbb", buf.toString().substr(0, 5)); expectSlices({{5, 0, 4032}, {1953, 2079, 4032}}, buf); } TEST_F(OwnedImplTest, ReadReserveAndCommit) { BufferFragmentImpl frag("", 0, nullptr); Buffer::OwnedImpl buf; buf.add("bbbbb"); os_fd_t pipe_fds[2] = {0, 0}; auto& os_sys_calls = Api::OsSysCallsSingleton::get(); #ifdef WIN32 ASSERT_EQ(os_sys_calls.socketpair(AF_INET, SOCK_STREAM, 0, pipe_fds).rc_, 0); #else ASSERT_EQ(pipe(pipe_fds), 0); #endif Network::IoSocketHandleImpl io_handle(pipe_fds[0]); ASSERT_EQ(os_sys_calls.setsocketblocking(pipe_fds[0], false).rc_, 0); ASSERT_EQ(os_sys_calls.setsocketblocking(pipe_fds[1], false).rc_, 0); const uint32_t read_length = 32768; std::string data = "e"; const ssize_t rc = os_sys_calls.write(pipe_fds[1], data.data(), data.size()).rc_; ASSERT_GT(rc, 0); Api::IoCallUint64Result result = io_handle.read(buf, read_length); ASSERT_EQ(result.rc_, static_cast(rc)); ASSERT_EQ(os_sys_calls.close(pipe_fds[1]).rc_, 0); EXPECT_EQ("bbbbbe", buf.toString()); expectSlices({{6, 4026, 4032}}, buf); } TEST(OverflowDetectingUInt64, Arithmetic) { OverflowDetectingUInt64 length; length += 1; length -= 1; length -= 0; EXPECT_DEATH(length -= 1, "underflow"); uint64_t half = uint64_t(1) << 63; length += half; length += (half - 1); // length is now 2^64 - 1 EXPECT_DEATH(length += 1, "overflow"); } void TestBufferMove(uint64_t buffer1_length, uint64_t buffer2_length, uint64_t expected_slice_count) { Buffer::OwnedImpl buffer1; buffer1.add(std::string(buffer1_length, 'a')); EXPECT_EQ(1, buffer1.getRawSlices().size()); Buffer::OwnedImpl buffer2; buffer2.add(std::string(buffer2_length, 'b')); EXPECT_EQ(1, buffer2.getRawSlices().size()); buffer1.move(buffer2); EXPECT_EQ(expected_slice_count, buffer1.getRawSlices().size()); EXPECT_EQ(buffer1_length + buffer2_length, buffer1.length()); // Make sure `buffer2` was drained. EXPECT_EQ(0, buffer2.length()); } // Slice size large enough to prevent slice content from being coalesced into an existing slice constexpr uint64_t kLargeSliceSize = 2048; TEST_F(OwnedImplTest, MoveBuffersWithLargeSlices) { // Large slices should not be coalesced together TestBufferMove(kLargeSliceSize, kLargeSliceSize, 2); } TEST_F(OwnedImplTest, MoveBuffersWithSmallSlices) { // Small slices should be coalesced together TestBufferMove(1, 1, 1); } TEST_F(OwnedImplTest, MoveSmallSliceIntoLargeSlice) { // Small slices should be coalesced with a large one TestBufferMove(kLargeSliceSize, 1, 1); } TEST_F(OwnedImplTest, MoveLargeSliceIntoSmallSlice) { // Large slice should NOT be coalesced into the small one TestBufferMove(1, kLargeSliceSize, 2); } TEST_F(OwnedImplTest, MoveSmallSliceIntoNotEnoughFreeSpace) { // Small slice will not be coalesced if a previous slice does not have enough free space // Slice buffer sizes are allocated in 4Kb increments // Make first slice have 127 of free space (it is actually less as there is small overhead of the // OwnedSlice object) And second slice 128 bytes TestBufferMove(4096 - 127, 128, 2); } } // namespace } // namespace Buffer } // namespace Envoy ================================================ FILE: test/common/buffer/utility.h ================================================ #pragma once #include #include "common/buffer/buffer_impl.h" #include "gtest/gtest.h" namespace Envoy { namespace Buffer { namespace { inline void addRepeated(Buffer::Instance& buffer, int n, int8_t value) { for (int i = 0; i < n; i++) { buffer.add(&value, 1); } } inline void addSeq(Buffer::Instance& buffer, const std::initializer_list values) { for (int8_t value : values) { buffer.add(&value, 1); } } } // namespace } // namespace Buffer } // namespace Envoy ================================================ FILE: test/common/buffer/watermark_buffer_test.cc ================================================ #include #include "common/api/os_sys_calls_impl.h" #include "common/buffer/buffer_impl.h" #include "common/buffer/watermark_buffer.h" #include "common/network/io_socket_handle_impl.h" #include "test/common/buffer/utility.h" #include "test/test_common/test_runtime.h" #include "gtest/gtest.h" namespace Envoy { namespace Buffer { namespace { const char TEN_BYTES[] = "0123456789"; class WatermarkBufferTest : public testing::Test { public: WatermarkBufferTest() { buffer_.setWatermarks(5, 10); } Buffer::WatermarkBuffer buffer_{[&]() -> void { ++times_low_watermark_called_; }, [&]() -> void { ++times_high_watermark_called_; }, [&]() -> void { ++times_overflow_watermark_called_; }}; uint32_t times_low_watermark_called_{0}; uint32_t times_high_watermark_called_{0}; uint32_t times_overflow_watermark_called_{0}; }; TEST_F(WatermarkBufferTest, TestWatermark) { ASSERT_EQ(10, buffer_.highWatermark()); } TEST_F(WatermarkBufferTest, CopyOut) { buffer_.add("hello world"); std::array out; buffer_.copyOut(0, out.size(), out.data()); EXPECT_EQ(std::string(out.data(), out.size()), "hello"); buffer_.copyOut(6, out.size(), out.data()); EXPECT_EQ(std::string(out.data(), out.size()), "world"); // Copy out zero bytes. buffer_.copyOut(4, 0, out.data()); } TEST_F(WatermarkBufferTest, AddChar) { buffer_.add(TEN_BYTES, 10); EXPECT_EQ(0, times_high_watermark_called_); buffer_.add("a", 1); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(11, buffer_.length()); } TEST_F(WatermarkBufferTest, AddString) { buffer_.add(std::string(TEN_BYTES)); EXPECT_EQ(0, times_high_watermark_called_); buffer_.add(std::string("a")); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(11, buffer_.length()); } TEST_F(WatermarkBufferTest, AddBuffer) { OwnedImpl first(TEN_BYTES); buffer_.add(first); EXPECT_EQ(0, times_high_watermark_called_); OwnedImpl second("a"); buffer_.add(second); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(11, buffer_.length()); } TEST_F(WatermarkBufferTest, Prepend) { std::string suffix = "World!", prefix = "Hello, "; buffer_.add(suffix); EXPECT_EQ(0, times_high_watermark_called_); buffer_.prepend(prefix); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(suffix.size() + prefix.size(), buffer_.length()); } TEST_F(WatermarkBufferTest, PrependToEmptyBuffer) { std::string suffix = "World!", prefix = "Hello, "; buffer_.prepend(suffix); EXPECT_EQ(0, times_high_watermark_called_); EXPECT_EQ(suffix.size(), buffer_.length()); buffer_.prepend(prefix.data()); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(suffix.size() + prefix.size(), buffer_.length()); buffer_.prepend(""); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(suffix.size() + prefix.size(), buffer_.length()); } TEST_F(WatermarkBufferTest, PrependBuffer) { std::string suffix = "World!", prefix = "Hello, "; uint32_t prefix_buffer_low_watermark_hits{0}; uint32_t prefix_buffer_high_watermark_hits{0}; uint32_t prefix_buffer_overflow_watermark_hits{0}; WatermarkBuffer prefixBuffer{[&]() -> void { ++prefix_buffer_low_watermark_hits; }, [&]() -> void { ++prefix_buffer_high_watermark_hits; }, [&]() -> void { ++prefix_buffer_overflow_watermark_hits; }}; prefixBuffer.setWatermarks(5, 10); prefixBuffer.add(prefix); prefixBuffer.add(suffix); EXPECT_EQ(1, prefix_buffer_high_watermark_hits); buffer_.prepend(prefixBuffer); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(1, prefix_buffer_low_watermark_hits); EXPECT_EQ(suffix.size() + prefix.size(), buffer_.length()); EXPECT_EQ(prefix + suffix, buffer_.toString()); EXPECT_EQ(0, prefixBuffer.length()); } TEST_F(WatermarkBufferTest, Commit) { buffer_.add(TEN_BYTES, 10); EXPECT_EQ(0, times_high_watermark_called_); RawSlice out; buffer_.reserve(10, &out, 1); memcpy(out.mem_, &TEN_BYTES[0], 10); out.len_ = 10; buffer_.commit(&out, 1); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(20, buffer_.length()); } TEST_F(WatermarkBufferTest, Drain) { // Draining from above to below the low watermark does nothing if the high // watermark never got hit. buffer_.add(TEN_BYTES, 10); buffer_.drain(10); EXPECT_EQ(0, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); // Go above the high watermark then drain down to just at the low watermark. buffer_.add(TEN_BYTES, 11); buffer_.drain(5); EXPECT_EQ(6, buffer_.length()); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); // Now drain below. buffer_.drain(1); EXPECT_EQ(1, times_low_watermark_called_); // Going back above should trigger the high again buffer_.add(TEN_BYTES, 10); EXPECT_EQ(2, times_high_watermark_called_); } TEST_F(WatermarkBufferTest, DrainUsingExtract) { // Similar to `Drain` test, but using extractMutableFrontSlice() instead of drain(). buffer_.add(TEN_BYTES, 10); ASSERT_EQ(buffer_.length(), 10); buffer_.extractMutableFrontSlice(); EXPECT_EQ(0, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); // Go above the high watermark then drain down to just at the low watermark. buffer_.appendSliceForTest(TEN_BYTES, 5); buffer_.appendSliceForTest(TEN_BYTES, 1); buffer_.appendSliceForTest(TEN_BYTES, 5); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); auto slice0 = buffer_.extractMutableFrontSlice(); // essentially drain(5) ASSERT_TRUE(slice0); EXPECT_EQ(slice0->getMutableData().size(), 5); EXPECT_EQ(6, buffer_.length()); EXPECT_EQ(0, times_low_watermark_called_); // Now drain below. auto slice1 = buffer_.extractMutableFrontSlice(); // essentially drain(1) ASSERT_TRUE(slice1); EXPECT_EQ(slice1->getMutableData().size(), 1); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(1, times_low_watermark_called_); // Going back above should trigger the high again. buffer_.add(TEN_BYTES, 10); EXPECT_EQ(2, times_high_watermark_called_); } // Verify that low watermark callback is called on drain in the case where the // high watermark is non-zero and low watermark is 0. TEST_F(WatermarkBufferTest, DrainWithLowWatermarkOfZero) { buffer_.setWatermarks(0, 10); // Draining from above to below the low watermark does nothing if the high // watermark never got hit. buffer_.add(TEN_BYTES, 10); buffer_.drain(10); EXPECT_EQ(0, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); // Go above the high watermark then drain down to just above the low watermark. buffer_.add(TEN_BYTES, 11); buffer_.drain(10); EXPECT_EQ(1, buffer_.length()); EXPECT_EQ(0, times_low_watermark_called_); // Now drain below. buffer_.drain(1); EXPECT_EQ(1, times_low_watermark_called_); // Going back above should trigger the high again buffer_.add(TEN_BYTES, 11); EXPECT_EQ(2, times_high_watermark_called_); } TEST_F(WatermarkBufferTest, MoveFullBuffer) { buffer_.add(TEN_BYTES, 10); OwnedImpl data("a"); EXPECT_EQ(0, times_high_watermark_called_); buffer_.move(data); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(11, buffer_.length()); } TEST_F(WatermarkBufferTest, MoveOneByte) { buffer_.add(TEN_BYTES, 9); OwnedImpl data("ab"); buffer_.move(data, 1); EXPECT_EQ(0, times_high_watermark_called_); EXPECT_EQ(10, buffer_.length()); buffer_.move(data, 1); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(11, buffer_.length()); } TEST_F(WatermarkBufferTest, WatermarkFdFunctions) { os_fd_t pipe_fds[2] = {0, 0}; #ifdef WIN32 auto& os_sys_calls = Api::OsSysCallsSingleton::get(); ASSERT_EQ(0, os_sys_calls.socketpair(AF_INET, SOCK_STREAM, 0, pipe_fds).rc_); #else ASSERT_EQ(0, pipe(pipe_fds)); #endif buffer_.add(TEN_BYTES, 10); buffer_.add(TEN_BYTES, 10); EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(0, times_low_watermark_called_); int bytes_written_total = 0; Network::IoSocketHandleImpl io_handle1(pipe_fds[1]); while (bytes_written_total < 20) { Api::IoCallUint64Result result = io_handle1.write(buffer_); if (!result.ok()) { ASSERT_EQ(Api::IoError::IoErrorCode::Again, result.err_->getErrorCode()); } else { bytes_written_total += result.rc_; } } EXPECT_EQ(1, times_high_watermark_called_); EXPECT_EQ(1, times_low_watermark_called_); EXPECT_EQ(0, buffer_.length()); int bytes_read_total = 0; Network::IoSocketHandleImpl io_handle2(pipe_fds[0]); while (bytes_read_total < 20) { Api::IoCallUint64Result result = io_handle2.read(buffer_, 20); bytes_read_total += result.rc_; } EXPECT_EQ(2, times_high_watermark_called_); EXPECT_EQ(20, buffer_.length()); } TEST_F(WatermarkBufferTest, MoveWatermarks) { buffer_.add(TEN_BYTES, 9); EXPECT_EQ(0, times_high_watermark_called_); buffer_.setWatermarks(1, 9); EXPECT_EQ(0, times_high_watermark_called_); buffer_.setWatermarks(1, 8); EXPECT_EQ(1, times_high_watermark_called_); buffer_.setWatermarks(8, 20); EXPECT_EQ(0, times_low_watermark_called_); buffer_.setWatermarks(9, 20); EXPECT_EQ(1, times_low_watermark_called_); buffer_.setWatermarks(7, 20); EXPECT_EQ(1, times_low_watermark_called_); buffer_.setWatermarks(9, 20); EXPECT_EQ(1, times_low_watermark_called_); EXPECT_EQ(0, times_overflow_watermark_called_); EXPECT_EQ(1, times_high_watermark_called_); buffer_.setWatermarks(2); EXPECT_EQ(2, times_high_watermark_called_); EXPECT_EQ(1, times_low_watermark_called_); EXPECT_EQ(0, times_overflow_watermark_called_); buffer_.setWatermarks(0); EXPECT_EQ(2, times_high_watermark_called_); EXPECT_EQ(2, times_low_watermark_called_); EXPECT_EQ(0, times_overflow_watermark_called_); buffer_.setWatermarks(1); EXPECT_EQ(3, times_high_watermark_called_); EXPECT_EQ(2, times_low_watermark_called_); EXPECT_EQ(0, times_overflow_watermark_called_); // Fully drain the buffer. buffer_.drain(9); EXPECT_EQ(3, times_low_watermark_called_); EXPECT_EQ(0, buffer_.length()); EXPECT_EQ(0, times_overflow_watermark_called_); } TEST_F(WatermarkBufferTest, GetRawSlices) { buffer_.add(TEN_BYTES, 10); RawSliceVector slices = buffer_.getRawSlices(/*max_slices=*/2); ASSERT_EQ(1, slices.size()); EXPECT_EQ(10, slices[0].len_); EXPECT_EQ(0, memcmp(slices[0].mem_, &TEN_BYTES[0], 10)); void* data_pointer = buffer_.linearize(10); EXPECT_EQ(data_pointer, slices[0].mem_); } TEST_F(WatermarkBufferTest, Search) { buffer_.add(TEN_BYTES, 10); EXPECT_EQ(1, buffer_.search(&TEN_BYTES[1], 2, 0, 0)); EXPECT_EQ(-1, buffer_.search(&TEN_BYTES[1], 2, 5, 0)); } TEST_F(WatermarkBufferTest, StartsWith) { buffer_.add(TEN_BYTES, 10); EXPECT_TRUE(buffer_.startsWith({TEN_BYTES, 2})); EXPECT_TRUE(buffer_.startsWith({TEN_BYTES, 10})); EXPECT_FALSE(buffer_.startsWith({&TEN_BYTES[1], 2})); } TEST_F(WatermarkBufferTest, MoveBackWithWatermarks) { int high_watermark_buffer1 = 0; int low_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void { ++low_watermark_buffer1; }, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; buffer1.setWatermarks(5, 10); // Stick 20 bytes in buffer_ and expect the high watermark is hit. buffer_.add(TEN_BYTES, 10); buffer_.add(TEN_BYTES, 10); EXPECT_EQ(1, times_high_watermark_called_); // Now move 10 bytes to the new buffer. Nothing should happen. buffer1.move(buffer_, 10); EXPECT_EQ(0, times_low_watermark_called_); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); // Move 10 more bytes to the new buffer. Both buffers should hit watermark callbacks. buffer1.move(buffer_, 10); EXPECT_EQ(1, times_low_watermark_called_); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, times_overflow_watermark_called_); EXPECT_EQ(0, overflow_watermark_buffer1); // Now move all the data back to the original buffer. Watermarks should trigger immediately. buffer_.move(buffer1); EXPECT_EQ(2, times_high_watermark_called_); EXPECT_EQ(1, low_watermark_buffer1); EXPECT_EQ(0, times_overflow_watermark_called_); EXPECT_EQ(0, overflow_watermark_buffer1); } TEST_F(WatermarkBufferTest, OverflowWatermark) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues({{"envoy.buffer.overflow_multiplier", "2"}}); int high_watermark_buffer1 = 0; int low_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void { ++low_watermark_buffer1; }, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; buffer1.setWatermarks(5, 10); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add("a", 1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add(TEN_BYTES, 9); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add("a", 1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); EXPECT_EQ(21, buffer1.length()); buffer1.add("a", 1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); EXPECT_EQ(22, buffer1.length()); // Overflow is only triggered once buffer1.drain(18); EXPECT_EQ(4, buffer1.length()); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, low_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(2, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); EXPECT_EQ(14, buffer1.length()); buffer1.add(TEN_BYTES, 6); EXPECT_EQ(2, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); EXPECT_EQ(20, buffer1.length()); } TEST_F(WatermarkBufferTest, OverflowWatermarkDisabled) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues({{"envoy.buffer.overflow_multiplier", "0"}}); int high_watermark_buffer1 = 0; int low_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void { ++low_watermark_buffer1; }, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; buffer1.setWatermarks(5, 10); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add("a", 1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); EXPECT_EQ(21, buffer1.length()); } TEST_F(WatermarkBufferTest, OverflowWatermarkDisabledOnVeryHighValue) { // Disabling execution with TSAN as it causes the test to use too much memory // and time, making the test fail in some settings (such as CI) #if defined(__has_feature) && __has_feature(thread_sanitizer) ENVOY_LOG_MISC(critical, "WatermarkBufferTest::OverflowWatermarkDisabledOnVeryHighValue not " "supported by this compiler configuration"); #else // Verifies that the overflow watermark is disabled when its value is higher // than uint32_t max value TestScopedRuntime scoped_runtime; int high_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void {}, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; // Make sure the overflow threshold will be above std::numeric_limits::max() const uint64_t overflow_multiplier = 3; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.buffer.overflow_multiplier", std::to_string(overflow_multiplier)}}); const uint32_t high_watermark_threshold = (std::numeric_limits::max() / overflow_multiplier) + 1; buffer1.setWatermarks(high_watermark_threshold); // Add many segments instead of full uint32_t::max to get around std::bad_alloc exception const uint32_t segment_denominator = 128; const uint32_t big_segment_len = std::numeric_limits::max() / segment_denominator + 1; for (uint32_t i = 0; i < segment_denominator; ++i) { Buffer::RawSlice iovecs[2]; uint64_t num_reserved = buffer1.reserve(big_segment_len, iovecs, 2); EXPECT_GE(num_reserved, 1); buffer1.commit(iovecs, num_reserved); } EXPECT_GT(buffer1.length(), std::numeric_limits::max()); EXPECT_LT(buffer1.length(), high_watermark_threshold * overflow_multiplier); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); // Reserve and commit additional space on the buffer beyond the expected // high_watermark_threshold * overflow_multiplier threshold. // Adding high_watermark_threshold * overflow_multiplier - buffer1.length() + 1 bytes Buffer::RawSlice iovecs[2]; uint64_t num_reserved = buffer1.reserve( high_watermark_threshold * overflow_multiplier - buffer1.length() + 1, iovecs, 2); EXPECT_GE(num_reserved, 1); buffer1.commit(iovecs, num_reserved); EXPECT_EQ(buffer1.length(), high_watermark_threshold * overflow_multiplier + 1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); #endif } TEST_F(WatermarkBufferTest, OverflowWatermarkEqualHighWatermark) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues({{"envoy.buffer.overflow_multiplier", "1"}}); int high_watermark_buffer1 = 0; int low_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void { ++low_watermark_buffer1; }, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; buffer1.setWatermarks(5, 10); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.add("a", 1); EXPECT_EQ(0, low_watermark_buffer1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); buffer1.drain(6); EXPECT_EQ(1, low_watermark_buffer1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); buffer1.add(TEN_BYTES, 10); EXPECT_EQ(15, buffer1.length()); EXPECT_EQ(2, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); } TEST_F(WatermarkBufferTest, MoveWatermarksOverflow) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues({{"envoy.buffer.overflow_multiplier", "2"}}); int high_watermark_buffer1 = 0; int low_watermark_buffer1 = 0; int overflow_watermark_buffer1 = 0; Buffer::WatermarkBuffer buffer1{[&]() -> void { ++low_watermark_buffer1; }, [&]() -> void { ++high_watermark_buffer1; }, [&]() -> void { ++overflow_watermark_buffer1; }}; buffer1.setWatermarks(5, 10); buffer1.add(TEN_BYTES, 9); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.setWatermarks(1, 9); EXPECT_EQ(0, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.setWatermarks(1, 8); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.setWatermarks(1, 5); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(0, overflow_watermark_buffer1); buffer1.setWatermarks(1, 4); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); // Overflow is only triggered once buffer1.setWatermarks(3, 6); EXPECT_EQ(0, low_watermark_buffer1); EXPECT_EQ(1, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); buffer1.drain(7); buffer1.add(TEN_BYTES, 9); EXPECT_EQ(11, buffer1.length()); EXPECT_EQ(1, low_watermark_buffer1); EXPECT_EQ(2, high_watermark_buffer1); EXPECT_EQ(1, overflow_watermark_buffer1); } } // namespace } // namespace Buffer } // namespace Envoy ================================================ FILE: test/common/buffer/zero_copy_input_stream_test.cc ================================================ #include "common/buffer/buffer_impl.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "test/common/buffer/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Buffer { namespace { class ZeroCopyInputStreamTest : public testing::Test { public: ZeroCopyInputStreamTest() { Buffer::OwnedImpl buffer{"abcd"}; stream_.move(buffer); } std::string slice_data_{"abcd"}; ZeroCopyInputStreamImpl stream_; const void* data_; int size_; }; TEST_F(ZeroCopyInputStreamTest, Move) { Buffer::OwnedImpl buffer{"abcd"}; stream_.move(buffer); EXPECT_EQ(0, buffer.length()); } TEST_F(ZeroCopyInputStreamTest, Next) { EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, size_); EXPECT_EQ(0, memcmp(slice_data_.data(), data_, size_)); } TEST_F(ZeroCopyInputStreamTest, TwoSlices) { // Make content larger than 512 bytes so it would not be coalesced when // moved into the stream_ buffer. Buffer::OwnedImpl buffer(std::string(1024, 'A')); stream_.move(buffer); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, size_); EXPECT_EQ(0, memcmp(slice_data_.data(), data_, size_)); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(1024, size_); EXPECT_THAT(absl::string_view(static_cast(data_), size_), testing::Each(testing::AllOf('A'))); } TEST_F(ZeroCopyInputStreamTest, BackUp) { EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, size_); stream_.BackUp(3); EXPECT_EQ(1, stream_.ByteCount()); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(3, size_); EXPECT_EQ(0, memcmp("bcd", data_, size_)); EXPECT_EQ(4, stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamTest, BackUpFull) { EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, size_); stream_.BackUp(4); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, size_); EXPECT_EQ(0, memcmp("abcd", data_, size_)); EXPECT_EQ(4, stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamTest, ByteCount) { EXPECT_EQ(0, stream_.ByteCount()); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(4, stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamTest, Finish) { EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(0, size_); stream_.finish(); EXPECT_FALSE(stream_.Next(&data_, &size_)); } class ZeroCopyInputStreamSkipTest : public testing::Test { public: ZeroCopyInputStreamSkipTest() { Buffer::OwnedImpl buffer; buffer.addBufferFragment(buffer1_); buffer.addBufferFragment(buffer2_); buffer.addBufferFragment(buffer3_); buffer.addBufferFragment(buffer4_); stream_.move(buffer); } const std::string slice1_{"This is the first slice of the message."}; const std::string slice2_{"This is the second slice of the message."}; const std::string slice3_{"This is the third slice of the message."}; const std::string slice4_{"This is the fourth slice of the message."}; BufferFragmentImpl buffer1_{slice1_.data(), slice1_.size(), nullptr}; BufferFragmentImpl buffer2_{slice2_.data(), slice2_.size(), nullptr}; BufferFragmentImpl buffer3_{slice3_.data(), slice3_.size(), nullptr}; BufferFragmentImpl buffer4_{slice4_.data(), slice4_.size(), nullptr}; const size_t total_bytes_{slice1_.size() + slice2_.size() + slice3_.size() + slice4_.size()}; ZeroCopyInputStreamImpl stream_; const void* data_; int size_; // Convert data_ buffer into a string absl::string_view dataString() const { return absl::string_view{reinterpret_cast(data_), static_cast(size_)}; } }; TEST_F(ZeroCopyInputStreamSkipTest, SkipFirstPartialSlice) { // Only skip the 10 bytes in the first slice. constexpr int skip_count = 10; EXPECT_TRUE(stream_.Skip(skip_count)); EXPECT_EQ(skip_count, stream_.ByteCount()); // Read the first slice EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice1_.size() - skip_count, size_); EXPECT_EQ(slice1_.substr(skip_count), dataString()); EXPECT_EQ(slice1_.size(), stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamSkipTest, SkipFirstFullSlice) { // Skip the full first slice EXPECT_TRUE(stream_.Skip(slice1_.size())); EXPECT_EQ(slice1_.size(), stream_.ByteCount()); // Read the second slice EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice2_.size(), size_); EXPECT_EQ(slice2_, dataString()); EXPECT_EQ(slice1_.size() + slice2_.size(), stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamSkipTest, BackUpAndSkipToEndOfSlice) { // Read the first slice, backUp 10 byes, skip 10 bytes to the end of the first slice. EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice1_.size(), size_); EXPECT_EQ(slice1_, dataString()); constexpr int backup_count = 10; stream_.BackUp(backup_count); EXPECT_TRUE(stream_.Skip(backup_count)); EXPECT_EQ(slice1_.size(), stream_.ByteCount()); // Next read is the second slice EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice2_.size(), size_); EXPECT_EQ(slice2_, dataString()); EXPECT_EQ(slice1_.size() + slice2_.size(), stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamSkipTest, SkipAcrossTwoSlices) { // Read the first slice, backUp 10 byes, skip 15 bytes; 5 bytes into the second slice. EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice1_.size(), size_); EXPECT_EQ(slice1_, dataString()); constexpr int backup_count = 10; // the backup bytes to the end of first slice. constexpr int skip_count = 5; // The skip bytes in the second slice stream_.BackUp(backup_count); EXPECT_TRUE(stream_.Skip(backup_count + skip_count)); EXPECT_EQ(slice1_.size() + skip_count, stream_.ByteCount()); // Read the remain second slice EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice2_.size() - skip_count, size_); EXPECT_EQ(slice2_.substr(skip_count), dataString()); EXPECT_EQ(slice1_.size() + slice2_.size(), stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamSkipTest, SkipAcrossThreeSlices) { // Read the first slice, backUp 10 byes, skip 10 + slice2.size + 5; 5 bytes into the third slice. EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice1_.size(), size_); EXPECT_EQ(slice1_, dataString()); constexpr int backup_count = 10; // the backup bytes to the end of first slice. constexpr int skip_count = 5; // The skip bytes in the third slice stream_.BackUp(backup_count); EXPECT_TRUE(stream_.Skip(backup_count + slice2_.size() + skip_count)); EXPECT_EQ(slice1_.size() + slice2_.size() + skip_count, stream_.ByteCount()); // Read the remain third slice EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice3_.size() - skip_count, size_); EXPECT_EQ(slice3_.substr(skip_count), dataString()); EXPECT_EQ(slice1_.size() + slice2_.size() + slice3_.size(), stream_.ByteCount()); } TEST_F(ZeroCopyInputStreamSkipTest, SkipToEndOfBuffer) { // Failed to skip one extra byte EXPECT_FALSE(stream_.Skip(total_bytes_ + 1)); EXPECT_TRUE(stream_.Skip(total_bytes_)); EXPECT_EQ(total_bytes_, stream_.ByteCount()); // Failed to skip one extra byte EXPECT_FALSE(stream_.Skip(1)); } TEST_F(ZeroCopyInputStreamSkipTest, ReadFirstSkipToTheEnd) { // Read the first slice, backUp 10 byes, skip to the end of buffer EXPECT_TRUE(stream_.Next(&data_, &size_)); EXPECT_EQ(slice1_.size(), size_); EXPECT_EQ(slice1_, dataString()); constexpr int backup_count = 10; // the backup bytes to the end of first slice. stream_.BackUp(backup_count); EXPECT_TRUE(stream_.Skip(total_bytes_ - slice1_.size() + backup_count)); EXPECT_EQ(total_bytes_, stream_.ByteCount()); // Failed to skip one extra byte EXPECT_FALSE(stream_.Skip(1)); } } // namespace } // namespace Buffer } // namespace Envoy ================================================ FILE: test/common/common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_benchmark_test", "envoy_cc_benchmark_binary", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "backoff_strategy_test", srcs = ["backoff_strategy_test.cc"], deps = [ "//source/common/common:backoff_lib", "//test/mocks/runtime:runtime_mocks", ], ) envoy_cc_test( name = "assert_test", srcs = ["assert_test.cc"], deps = [ "//source/common/common:assert_lib", "//test/test_common:logging_lib", ], ) envoy_cc_test( name = "base64_test", srcs = ["base64_test.cc"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:base64_lib", ], ) envoy_cc_fuzz_test( name = "base64_fuzz_test", srcs = ["base64_fuzz_test.cc"], corpus = "base64_corpus", # Fuzzer is stable, no bugs, simple test target; avoid emitting CO2. tags = ["no_fuzz"], deps = ["//source/common/common:base64_lib"], ) envoy_cc_fuzz_test( name = "utility_fuzz_test", srcs = ["utility_fuzz_test.cc"], corpus = "utility_corpus", # Fuzzer is stable, no bugs, simple test target; avoid emitting CO2. tags = ["no_fuzz"], deps = ["//source/common/common:utility_lib"], ) envoy_cc_fuzz_test( name = "hash_fuzz_test", srcs = ["hash_fuzz_test.cc"], corpus = "hash_corpus", deps = ["//source/common/common:hash_lib"], ) envoy_cc_test( name = "cleanup_test", srcs = ["cleanup_test.cc"], deps = ["//source/common/common:cleanup_lib"], ) envoy_cc_test( name = "mem_block_builder_test", srcs = ["mem_block_builder_test.cc"], deps = ["//source/common/common:mem_block_builder_lib"], ) envoy_cc_test( name = "phantom_test", srcs = ["phantom_test.cc"], deps = ["//source/common/common:phantom"], ) envoy_cc_test( name = "fmt_test", srcs = ["fmt_test.cc"], deps = [ "//source/common/common:fmt_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_test( name = "hash_test", srcs = ["hash_test.cc"], deps = ["//source/common/common:hash_lib"], ) envoy_cc_test( name = "hex_test", srcs = ["hex_test.cc"], deps = ["//source/common/common:hex_lib"], ) envoy_cc_test( name = "linked_object_test", srcs = ["linked_object_test.cc"], deps = [ "//source/common/common:linked_object", ], ) envoy_cc_test( name = "log_macros_test", srcs = ["log_macros_test.cc"], deps = [ "//source/common/common:minimal_logger_lib", "//test/mocks/http:http_mocks", "//test/mocks/network:network_mocks", "//test/mocks/upstream:upstream_mocks", "//test/test_common:logging_lib", ], ) envoy_cc_test( name = "fancy_log_macros_test", srcs = ["log_macros_test.cc"], args = ["--enable-fine-grain-logging"], deps = [ "//source/common/common:minimal_logger_lib", "//test/mocks/http:http_mocks", "//test/mocks/network:network_mocks", "//test/mocks/upstream:upstream_mocks", "//test/test_common:logging_lib", ], ) envoy_cc_benchmark_binary( name = "logger_speed_test", srcs = ["logger_speed_test.cc"], external_deps = ["benchmark"], deps = ["//source/common/common:minimal_logger_lib"], ) envoy_benchmark_test( name = "logger_speed_test_benchmark_test", benchmark_binary = "logger_speed_test", ) envoy_cc_test( name = "logger_test", srcs = ["logger_test.cc"], deps = [ "//source/common/common:minimal_logger_lib", ], ) envoy_cc_fuzz_test( name = "logger_fuzz_test", srcs = ["logger_fuzz_test.cc"], corpus = "logger_corpus", # TODO(github.com/envoyproxy/envoy#8893): Re-enable once more fuzz tests are added tags = ["no_fuzz"], deps = ["//source/common/common:minimal_logger_lib"], ) envoy_cc_test( name = "matchers_test", srcs = ["matchers_test.cc"], deps = [ "//source/common/common:matchers_lib", "//source/common/config:metadata_lib", "//source/common/protobuf:utility_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "mutex_tracer_test", srcs = ["mutex_tracer_test.cc"], deps = [ "//source/common/common:mutex_tracer_lib", "//test/test_common:contention_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "random_generator_test", srcs = ["random_generator_test.cc"], deps = [ "//source/common/common:random_generator_lib", "//test/mocks/runtime:runtime_mocks", "//test/test_common:environment_lib", ], ) envoy_cc_test( name = "utility_test", srcs = ["utility_test.cc"], external_deps = [ "abseil_strings", ], deps = [ "//source/common/common:utility_lib", "//test/test_common:simulated_time_system_lib", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "regex_test", srcs = ["regex_test.cc"], deps = [ "//source/common/common:regex_lib", "//test/test_common:logging_lib", "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "perf_annotation_test", srcs = ["perf_annotation_test.cc"], deps = [ "//source/common/common:perf_annotation_lib", ], ) envoy_cc_test( name = "perf_annotation_disabled_test", srcs = ["perf_annotation_disabled_test.cc"], deps = [ "//source/common/common:perf_annotation_lib", ], ) envoy_cc_test( name = "basic_resource_impl_test", srcs = ["basic_resource_impl_test.cc"], deps = [ "//source/common/common:basic_resource_lib", "//test/mocks/runtime:runtime_mocks", ], ) envoy_cc_test( name = "token_bucket_impl_test", srcs = ["token_bucket_impl_test.cc"], deps = [ "//source/common/common:token_bucket_impl_lib", "//test/test_common:simulated_time_system_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "callback_impl_test", srcs = ["callback_impl_test.cc"], deps = ["//source/common/common:callback_impl_lib"], ) envoy_cc_benchmark_binary( name = "utility_speed_test", srcs = ["utility_speed_test.cc"], external_deps = [ "abseil_strings", "benchmark", ], deps = [ "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], ) envoy_benchmark_test( name = "utility_speed_test_benchmark_test", benchmark_binary = "utility_speed_test", ) envoy_cc_test( name = "lock_guard_test", srcs = ["lock_guard_test.cc"], deps = [ "//source/common/common:lock_guard_lib", "//source/common/common:thread_lib", ], ) envoy_cc_test( name = "thread_id_test", srcs = ["thread_id_test.cc"], external_deps = ["abseil_hash_testing"], deps = [ "//source/common/common:thread_lib", "//test/test_common:thread_factory_for_test_lib", ], ) envoy_cc_test( name = "thread_test", srcs = ["thread_test.cc"], deps = [ "//source/common/common:thread_lib", "//source/common/common:thread_synchronizer_lib", "//test/test_common:thread_factory_for_test_lib", ], ) envoy_cc_test( name = "stl_helpers_test", srcs = ["stl_helpers_test.cc"], deps = [ "//source/common/common:stl_helpers", ], ) envoy_cc_test( name = "version_test", srcs = ["version_test.cc"], external_deps = [ "abseil_strings", ], deps = [ "//source/common/version:version_lib", ], ) envoy_cc_test( name = "statusor_test", srcs = ["statusor_test.cc"], deps = [ "//source/common/common:statusor_lib", "//source/common/http:status_lib", ], ) ================================================ FILE: test/common/common/assert_test.cc ================================================ #include "common/common/assert.h" #include "test/test_common/logging.h" #include "gtest/gtest.h" namespace Envoy { TEST(ReleaseAssertDeathTest, VariousLogs) { EXPECT_DEATH({ RELEASE_ASSERT(0, ""); }, ".*assert failure: 0.*"); EXPECT_DEATH({ RELEASE_ASSERT(0, "With some logs"); }, ".*assert failure: 0. Details: With some logs.*"); EXPECT_DEATH({ RELEASE_ASSERT(0 == EAGAIN, fmt::format("using {}", "fmt")); }, ".*assert failure: 0 == EAGAIN. Details: using fmt.*"); } TEST(AssertDeathTest, VariousLogs) { int expected_counted_failures; int assert_fail_count = 0; auto debug_assert_action_registration = Assert::setDebugAssertionFailureRecordAction([&]() { assert_fail_count++; }); #ifndef NDEBUG EXPECT_DEATH({ ASSERT(0); }, ".*assert failure: 0.*"); EXPECT_DEATH({ ASSERT(0, ""); }, ".*assert failure: 0.*"); EXPECT_DEATH({ ASSERT(0, "With some logs"); }, ".*assert failure: 0. Details: With some logs.*"); expected_counted_failures = 0; #elif defined(ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE) EXPECT_LOG_CONTAINS("critical", "assert failure: 0", ASSERT(0)); EXPECT_LOG_CONTAINS("critical", "assert failure: 0", ASSERT(0, "")); EXPECT_LOG_CONTAINS("critical", "assert failure: 0. Details: With some logs", ASSERT(0, "With some logs")); expected_counted_failures = 3; #else EXPECT_NO_LOGS(ASSERT(0)); EXPECT_NO_LOGS(ASSERT(0, "")); EXPECT_NO_LOGS(ASSERT(0, "With some logs")); expected_counted_failures = 0; #endif EXPECT_EQ(expected_counted_failures, assert_fail_count); } TEST(EnvoyBugDeathTest, VariousLogs) { int envoy_bug_fail_count = 0; // ENVOY_BUG actions only occur on power of two counts. auto envoy_bug_action_registration = Assert::setEnvoyBugFailureRecordAction([&]() { envoy_bug_fail_count++; }); #ifndef NDEBUG EXPECT_DEATH({ ENVOY_BUG(false, ""); }, ".*envoy bug failure: false.*"); EXPECT_DEATH({ ENVOY_BUG(false, ""); }, ".*envoy bug failure: false.*"); EXPECT_DEATH({ ENVOY_BUG(false, "With some logs"); }, ".*envoy bug failure: false. Details: With some logs.*"); EXPECT_EQ(0, envoy_bug_fail_count); #else // Same log lines trigger exponential back-off. for (int i = 0; i < 4; i++) { ENVOY_BUG(false, ""); } // 3 counts because 1st, 2nd, and 4th instances are powers of 2. EXPECT_EQ(3, envoy_bug_fail_count); // Different log lines have separate counters for exponential back-off. EXPECT_LOG_CONTAINS("error", "envoy bug failure: false", ENVOY_BUG(false, "")); EXPECT_LOG_CONTAINS("error", "envoy bug failure: false. Details: With some logs", ENVOY_BUG(false, "With some logs")); EXPECT_EQ(5, envoy_bug_fail_count); #endif } } // namespace Envoy ================================================ FILE: test/common/common/backoff_strategy_test.cc ================================================ #include "common/common/backoff_strategy.h" #include "test/mocks/common.h" #include "gtest/gtest.h" using testing::NiceMock; using testing::Return; namespace Envoy { TEST(ExponentialBackOffStrategyTest, JitteredBackOffBasicFlow) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(27)); JitteredExponentialBackOffStrategy jittered_back_off(25, 30, random); EXPECT_EQ(2, jittered_back_off.nextBackOffMs()); EXPECT_EQ(27, jittered_back_off.nextBackOffMs()); } TEST(ExponentialBackOffStrategyTest, JitteredBackOffBasicReset) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(27)); JitteredExponentialBackOffStrategy jittered_back_off(25, 30, random); EXPECT_EQ(2, jittered_back_off.nextBackOffMs()); EXPECT_EQ(27, jittered_back_off.nextBackOffMs()); jittered_back_off.reset(); EXPECT_EQ(2, jittered_back_off.nextBackOffMs()); // Should start from start } TEST(ExponentialBackOffStrategyTest, JitteredBackOffDoesntOverflow) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(std::numeric_limits::max() - 1)); JitteredExponentialBackOffStrategy jittered_back_off(1, std::numeric_limits::max(), random); for (int iter = 0; iter < 100; ++iter) { EXPECT_GE(std::numeric_limits::max(), jittered_back_off.nextBackOffMs()); } EXPECT_EQ(std::numeric_limits::max() - 1, jittered_back_off.nextBackOffMs()); } TEST(ExponentialBackOffStrategyTest, JitteredBackOffWithMaxInterval) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(9999)); JitteredExponentialBackOffStrategy jittered_back_off(5, 100, random); EXPECT_EQ(4, jittered_back_off.nextBackOffMs()); EXPECT_EQ(9, jittered_back_off.nextBackOffMs()); EXPECT_EQ(19, jittered_back_off.nextBackOffMs()); EXPECT_EQ(39, jittered_back_off.nextBackOffMs()); EXPECT_EQ(79, jittered_back_off.nextBackOffMs()); EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); // Should return Max here EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); } TEST(ExponentialBackOffStrategyTest, JitteredBackOffWithMaxIntervalReset) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(9999)); JitteredExponentialBackOffStrategy jittered_back_off(5, 100, random); EXPECT_EQ(4, jittered_back_off.nextBackOffMs()); EXPECT_EQ(9, jittered_back_off.nextBackOffMs()); EXPECT_EQ(19, jittered_back_off.nextBackOffMs()); EXPECT_EQ(39, jittered_back_off.nextBackOffMs()); EXPECT_EQ(79, jittered_back_off.nextBackOffMs()); EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); // Should return Max here EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); jittered_back_off.reset(); EXPECT_EQ(4, jittered_back_off.nextBackOffMs()); EXPECT_EQ(9, jittered_back_off.nextBackOffMs()); EXPECT_EQ(19, jittered_back_off.nextBackOffMs()); EXPECT_EQ(39, jittered_back_off.nextBackOffMs()); EXPECT_EQ(79, jittered_back_off.nextBackOffMs()); EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); // Should return Max here EXPECT_EQ(99, jittered_back_off.nextBackOffMs()); } TEST(LowerBoundBackOffStrategyTest, JitteredBackOffWithLowRandomValue) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(22)); JitteredLowerBoundBackOffStrategy jittered_lower_bound_back_off(500, random); EXPECT_EQ(522, jittered_lower_bound_back_off.nextBackOffMs()); } TEST(LowerBoundBackOffStrategyTest, JitteredBackOffWithHighRandomValue) { NiceMock random; ON_CALL(random, random()).WillByDefault(Return(9999)); JitteredLowerBoundBackOffStrategy jittered_lower_bound_back_off(500, random); EXPECT_EQ(749, jittered_lower_bound_back_off.nextBackOffMs()); } TEST(FixedBackOffStrategyTest, FixedBackOffBasicReset) { FixedBackOffStrategy fixed_back_off(30); EXPECT_EQ(30, fixed_back_off.nextBackOffMs()); EXPECT_EQ(30, fixed_back_off.nextBackOffMs()); fixed_back_off.reset(); EXPECT_EQ(30, fixed_back_off.nextBackOffMs()); } } // namespace Envoy ================================================ FILE: test/common/common/base64_corpus/singleton ================================================ % ================================================ FILE: test/common/common/base64_fuzz_test.cc ================================================ #include "common/common/base64.h" #include "test/fuzz/fuzz_runner.h" namespace Envoy { namespace Fuzz { DEFINE_FUZZER(const uint8_t* buf, size_t len) { Envoy::Base64::encode(reinterpret_cast(buf), len); Envoy::Base64::decode(std::string(reinterpret_cast(buf), len)); Envoy::Base64Url::encode(reinterpret_cast(buf), len); Envoy::Base64Url::decode(std::string(reinterpret_cast(buf), len)); } } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/common/base64_test.cc ================================================ #include #include "common/buffer/buffer_impl.h" #include "common/common/base64.h" #include "test/test_common/printers.h" #include "gtest/gtest.h" namespace Envoy { TEST(Base64Test, EmptyBufferEncode) { { Buffer::OwnedImpl buffer; EXPECT_EQ("", Base64::encode(buffer, 0)); } { Buffer::OwnedImpl buffer; buffer.add("\0\0", 2); EXPECT_EQ("AAA=", Base64::encode(buffer, 2)); } } TEST(Base64Test, SingleSliceBufferEncode) { Buffer::OwnedImpl buffer; buffer.add("foo", 3); EXPECT_EQ("Zm9v", Base64::encode(buffer, 3)); EXPECT_EQ("Zm8=", Base64::encode(buffer, 2)); } TEST(Base64Test, EncodeString) { EXPECT_EQ("", Base64::encode("", 0)); EXPECT_EQ("AAA=", Base64::encode("\0\0", 2)); EXPECT_EQ("AAA", Base64::encode("\0\0", 2, false)); EXPECT_EQ("Zm9v", Base64::encode("foo", 3)); EXPECT_EQ("Zm8=", Base64::encode("fo", 2)); EXPECT_EQ("Zg==", Base64::encode("f", 1)); EXPECT_EQ("Zg", Base64::encode("f", 1, false)); } TEST(Base64Test, Decode) { EXPECT_EQ("", Base64::decode("")); EXPECT_EQ("foo", Base64::decode("Zm9v")); EXPECT_EQ("fo", Base64::decode("Zm8=")); EXPECT_EQ("f", Base64::decode("Zg==")); EXPECT_EQ("foobar", Base64::decode("Zm9vYmFy")); EXPECT_EQ("foob", Base64::decode("Zm9vYg==")); { const char* test_string = "\0\1\2\3\b\n\t"; EXPECT_FALSE(memcmp(test_string, Base64::decode("AAECAwgKCQ==").data(), 7)); } { const char* test_string = "\0\0\0\0als;jkopqitu[\0opbjlcxnb35g]b[\xaa\b\n"; Buffer::OwnedImpl buffer; buffer.add(test_string, 36); EXPECT_FALSE(memcmp(test_string, Base64::decode(Base64::encode(buffer, 36)).data(), 36)); } { const char* test_string = "\0\0\0\0als;jkopqitu[\0opbjlcxnb35g]b[\xaa\b\n"; EXPECT_FALSE(memcmp(test_string, Base64::decode(Base64::encode(test_string, 36)).data(), 36)); } { std::string test_string = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; std::string decoded = Base64::decode(test_string); Buffer::OwnedImpl buffer(decoded); EXPECT_EQ(test_string, Base64::encode(buffer, decoded.length())); } { const char* test_string = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; std::string decoded = Base64::decode(test_string); EXPECT_EQ(test_string, Base64::encode(decoded.c_str(), decoded.length())); } } TEST(Base64Test, DecodeFailure) { EXPECT_EQ("", Base64::decode("==Zg")); EXPECT_EQ("", Base64::decode("=Zm8")); EXPECT_EQ("", Base64::decode("Zm=8")); EXPECT_EQ("", Base64::decode("Zg=A")); EXPECT_EQ("", Base64::decode("Zh==")); // 011001 100001 <- unused bit at tail EXPECT_EQ("", Base64::decode("Zm9=")); // 011001 100110 111101 <- unused bit at tail EXPECT_EQ("", Base64::decode("Zg..")); EXPECT_EQ("", Base64::decode("..Zg")); EXPECT_EQ("", Base64::decode("A===")); EXPECT_EQ("", Base64::decode("====")); EXPECT_EQ("", Base64::decode("123")); } TEST(Base64Test, DecodeWithoutPadding) { EXPECT_EQ("foo", Base64::decodeWithoutPadding("Zm9v")); EXPECT_EQ("fo", Base64::decodeWithoutPadding("Zm8")); EXPECT_EQ("f", Base64::decodeWithoutPadding("Zg")); EXPECT_EQ("foobar", Base64::decodeWithoutPadding("Zm9vYmFy")); EXPECT_EQ("fooba", Base64::decodeWithoutPadding("Zm9vYmE")); EXPECT_EQ("foob", Base64::decodeWithoutPadding("Zm9vYg")); EXPECT_EQ("", Base64::decodeWithoutPadding("")); EXPECT_EQ("", Base64::decodeWithoutPadding("=")); EXPECT_EQ("", Base64::decodeWithoutPadding("==")); EXPECT_EQ("", Base64::decodeWithoutPadding("===")); EXPECT_EQ("", Base64::decodeWithoutPadding("====")); EXPECT_EQ("f", Base64::decodeWithoutPadding("Zg")); EXPECT_EQ("f", Base64::decodeWithoutPadding("Zg=")); EXPECT_EQ("f", Base64::decodeWithoutPadding("Zg==")); } TEST(Base64Test, MultiSlicesBufferEncode) { Buffer::OwnedImpl buffer; buffer.add("foob", 4); buffer.add("ar", 2); EXPECT_EQ("Zm9vYg==", Base64::encode(buffer, 4)); EXPECT_EQ("Zm9vYmE=", Base64::encode(buffer, 5)); EXPECT_EQ("Zm9vYmFy", Base64::encode(buffer, 6)); EXPECT_EQ("Zm9vYmFy", Base64::encode(buffer, 7)); } TEST(Base64Test, BinaryBufferEncode) { Buffer::OwnedImpl buffer; buffer.add("\0\1\2\3", 4); buffer.add("\b\n\t", 4); buffer.add("\xaa\xbc\xde", 3); EXPECT_EQ("AAECAwgKCQ==", Base64::encode(buffer, 7)); EXPECT_EQ("AAECAwgKCQA=", Base64::encode(buffer, 8)); EXPECT_EQ("AAECAwgKCQCq", Base64::encode(buffer, 9)); EXPECT_EQ("AAECAwgKCQCqvA==", Base64::encode(buffer, 10)); EXPECT_EQ("AAECAwgKCQCqvN4=", Base64::encode(buffer, 30)); } TEST(Base64UrlTest, EncodeString) { EXPECT_EQ("", Base64Url::encode("", 0)); EXPECT_EQ("AAA", Base64Url::encode("\0\0", 2)); EXPECT_EQ("Zm9v", Base64Url::encode("foo", 3)); EXPECT_EQ("Zm8", Base64Url::encode("fo", 2)); } TEST(Base64UrlTest, Decode) { EXPECT_EQ("", Base64Url::decode("")); EXPECT_EQ("foo", Base64Url::decode("Zm9v")); EXPECT_EQ("fo", Base64Url::decode("Zm8")); EXPECT_EQ("f", Base64Url::decode("Zg")); EXPECT_EQ("foobar", Base64Url::decode("Zm9vYmFy")); EXPECT_EQ("foob", Base64Url::decode("Zm9vYg")); { const char* test_string = "\0\1\2\3\b\n\t"; EXPECT_FALSE(memcmp(test_string, Base64Url::decode("AAECAwgKCQ").data(), 7)); } { const char* test_string = "\0\0\0\0als;jkopqitu[\0opbjlcxnb35g]b[\xaa\b\n"; EXPECT_FALSE( memcmp(test_string, Base64Url::decode(Base64Url::encode(test_string, 36)).data(), 36)); } { const char* test_string = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; std::string decoded = Base64Url::decode(test_string); EXPECT_EQ(test_string, Base64Url::encode(decoded.c_str(), decoded.length())); } { const char* url_test_string = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; const char* test_string = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; EXPECT_EQ(Base64Url::decode(url_test_string), Base64::decode(test_string)); } } TEST(Base64UrlTest, DecodeFailure) { EXPECT_EQ("", Base64Url::decode("==Zg")); EXPECT_EQ("", Base64Url::decode("=Zm8")); EXPECT_EQ("", Base64Url::decode("Zm=8")); EXPECT_EQ("", Base64Url::decode("Zg=A")); EXPECT_EQ("", Base64Url::decode("Zh==")); // 011001 100001 <- unused bit at tail EXPECT_EQ("", Base64Url::decode("Zm9=")); // 011001 100110 111101 <- unused bit at tail EXPECT_EQ("", Base64Url::decode("Zg..")); EXPECT_EQ("", Base64Url::decode("..Zg")); EXPECT_EQ("", Base64Url::decode("A===")); EXPECT_EQ("", Base64Url::decode("Zh")); // 011001 100001 <- unused bit at tail EXPECT_EQ("", Base64Url::decode("Zm9")); // 011001 100110 111101 <- unused bit at tail EXPECT_EQ("", Base64Url::decode("A")); } } // namespace Envoy ================================================ FILE: test/common/common/basic_resource_impl_test.cc ================================================ #include #include "common/common/basic_resource_impl.h" #include "test/mocks/runtime/mocks.h" #include "gtest/gtest.h" using testing::NiceMock; using testing::Return; namespace Envoy { class BasicResourceLimitImplTest : public testing::Test { protected: NiceMock runtime_; }; TEST_F(BasicResourceLimitImplTest, NoArgsConstructorVerifyMax) { BasicResourceLimitImpl br; EXPECT_EQ(br.max(), std::numeric_limits::max()); } TEST_F(BasicResourceLimitImplTest, VerifySetClearMax) { BasicResourceLimitImpl br(123); EXPECT_EQ(br.max(), 123); br.setMax(321); EXPECT_EQ(br.max(), 321); br.resetMax(); EXPECT_EQ(br.max(), std::numeric_limits::max()); } TEST_F(BasicResourceLimitImplTest, IncDecCount) { BasicResourceLimitImpl br; EXPECT_EQ(br.count(), 0); br.inc(); EXPECT_EQ(br.count(), 1); br.inc(); br.inc(); EXPECT_EQ(br.count(), 3); br.dec(); EXPECT_EQ(br.count(), 2); br.decBy(2); EXPECT_EQ(br.count(), 0); } TEST_F(BasicResourceLimitImplTest, CanCreate) { BasicResourceLimitImpl br(2); EXPECT_TRUE(br.canCreate()); br.inc(); EXPECT_TRUE(br.canCreate()); br.inc(); EXPECT_FALSE(br.canCreate()); br.dec(); EXPECT_TRUE(br.canCreate()); br.dec(); } TEST_F(BasicResourceLimitImplTest, RuntimeMods) { BasicResourceLimitImpl br(1337, runtime_, "trololo"); EXPECT_CALL(runtime_.snapshot_, getInteger("trololo", 1337)).WillOnce(Return(555)); EXPECT_EQ(br.max(), 555); EXPECT_CALL(runtime_.snapshot_, getInteger("trololo", 1337)).WillOnce(Return(1337)); EXPECT_EQ(br.max(), 1337); } } // namespace Envoy ================================================ FILE: test/common/common/callback_impl_test.cc ================================================ #include "common/common/callback_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::InSequence; namespace Envoy { namespace Common { class CallbackManagerTest : public testing::Test { public: MOCK_METHOD(void, called, (int arg)); }; TEST_F(CallbackManagerTest, All) { InSequence s; CallbackManager manager; CallbackHandle* handle1 = manager.add([this](int arg) -> void { called(arg); }); manager.add([this](int arg) -> void { called(arg * 2); }); EXPECT_CALL(*this, called(5)); EXPECT_CALL(*this, called(10)); manager.runCallbacks(5); handle1->remove(); EXPECT_CALL(*this, called(10)); manager.runCallbacks(5); EXPECT_CALL(*this, called(10)); EXPECT_CALL(*this, called(20)); CallbackHandle* handle3 = manager.add([this, &handle3](int arg) -> void { called(arg * 4); handle3->remove(); }); manager.runCallbacks(5); EXPECT_CALL(*this, called(10)); manager.runCallbacks(5); } } // namespace Common } // namespace Envoy ================================================ FILE: test/common/common/cleanup_test.cc ================================================ #include "common/common/cleanup.h" #include "gtest/gtest.h" namespace Envoy { TEST(CleanupTest, ScopeExitCallback) { bool callback_fired = false; { Cleanup cleanup([&callback_fired] { callback_fired = true; }); EXPECT_FALSE(callback_fired); } EXPECT_TRUE(callback_fired); } TEST(CleanupTest, Cancel) { bool callback_fired = false; { Cleanup cleanup([&callback_fired] { callback_fired = true; }); EXPECT_FALSE(cleanup.cancelled()); cleanup.cancel(); EXPECT_FALSE(callback_fired); EXPECT_TRUE(cleanup.cancelled()); } EXPECT_FALSE(callback_fired); } TEST(RaiiListElementTest, DeleteOnDestruction) { std::list l; { EXPECT_EQ(l.size(), 0); RaiiListElement rle(l, 1); EXPECT_EQ(l.size(), 1); } EXPECT_EQ(l.size(), 0); } TEST(RaiiListElementTest, CancelDelete) { std::list l; { EXPECT_EQ(l.size(), 0); RaiiListElement rle(l, 1); EXPECT_EQ(l.size(), 1); rle.cancel(); } EXPECT_EQ(l.size(), 1); } TEST(RaiiListElementTest, DeleteOnErase) { std::list l; { EXPECT_EQ(l.size(), 0); RaiiListElement rle(l, 1); rle.erase(); EXPECT_EQ(l.size(), 0); } EXPECT_EQ(l.size(), 0); } } // namespace Envoy ================================================ FILE: test/common/common/fmt_test.cc ================================================ #include "common/common/fmt.h" #include "common/common/logger.h" #include "absl/strings/string_view.h" #include "gtest/gtest.h" namespace Envoy { TEST(FormatHelpersTest, Format) { absl::string_view sv = "This is my string."; absl::string_view my_string = sv.substr(8, 9); absl::string_view is = sv.substr(5, 2); EXPECT_EQ("it's my string!", fmt::format("it's {}!", my_string)); EXPECT_EQ("it's my string!", fmt::format("it's {:s}!", my_string)); EXPECT_EQ("**is**", fmt::format("{:*^6}", is)); } TEST(FormatHelpersTest, FormatLogMessages) { absl::string_view sv = "formatted"; ENVOY_LOG_MISC(info, "fake {} message", sv); } } // namespace Envoy ================================================ FILE: test/common/common/hash_corpus/example ================================================ hello world ================================================ FILE: test/common/common/hash_fuzz_test.cc ================================================ #include "common/common/hash.h" #include "test/fuzz/fuzz_runner.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Fuzz { namespace { DEFINE_FUZZER(const uint8_t* buf, size_t len) { const std::string input(reinterpret_cast(buf), len); { HashUtil::xxHash64(input); } { HashUtil::djb2CaseInsensitiveHash(input); } { MurmurHash::murmurHash2(input); } if (len > 0) { // Split the input string into two parts to make a key-value pair. const size_t split_point = *reinterpret_cast(buf) % len; const std::string key = input.substr(0, split_point); const std::string value = input.substr(split_point); StringMap map; map[key] = value; map.find(key); } } } // namespace } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/common/hash_test.cc ================================================ #include "common/common/hash.h" #include "gtest/gtest.h" namespace Envoy { TEST(Hash, xxHash) { EXPECT_EQ(3728699739546630719U, HashUtil::xxHash64("foo")); EXPECT_EQ(5234164152756840025U, HashUtil::xxHash64("bar")); EXPECT_EQ(8917841378505826757U, HashUtil::xxHash64("foo\nbar")); EXPECT_EQ(4400747396090729504U, HashUtil::xxHash64("lyft")); EXPECT_EQ(17241709254077376921U, HashUtil::xxHash64("")); } TEST(Hash, djb2CaseInsensitiveHash) { EXPECT_EQ(211616621U, HashUtil::djb2CaseInsensitiveHash("foo")); EXPECT_EQ(211611524U, HashUtil::djb2CaseInsensitiveHash("bar")); EXPECT_EQ(282790909350396U, HashUtil::djb2CaseInsensitiveHash("foo\nbar")); EXPECT_EQ(7195212308U, HashUtil::djb2CaseInsensitiveHash("lyft")); EXPECT_EQ(5381U, HashUtil::djb2CaseInsensitiveHash("")); } TEST(Hash, murmurHash2) { EXPECT_EQ(9631199822919835226U, MurmurHash::murmurHash2("foo")); EXPECT_EQ(11474628671133349555U, MurmurHash::murmurHash2("bar")); EXPECT_EQ(16306510975912980159U, MurmurHash::murmurHash2("foo\nbar")); EXPECT_EQ(12847078931730529320U, MurmurHash::murmurHash2("lyft")); EXPECT_EQ(6142509188972423790U, MurmurHash::murmurHash2("")); } #if __GLIBCXX__ >= 20130411 && __GLIBCXX__ <= 20180726 TEST(Hash, stdhash) { EXPECT_EQ(std::hash()(std::string("foo")), MurmurHash::murmurHash2("foo")); EXPECT_EQ(std::hash()(std::string("bar")), MurmurHash::murmurHash2("bar")); EXPECT_EQ(std::hash()(std::string("foo\nbar")), MurmurHash::murmurHash2("foo\nbar")); EXPECT_EQ(std::hash()(std::string("lyft")), MurmurHash::murmurHash2("lyft")); EXPECT_EQ(std::hash()(std::string("")), MurmurHash::murmurHash2("")); } #endif TEST(Hash, sharedStringSet) { SharedStringSet set; auto foo = std::make_shared("foo"); set.insert(foo); auto pos = set.find("foo"); EXPECT_EQ(pos->get(), foo.get()); } } // namespace Envoy ================================================ FILE: test/common/common/hex_test.cc ================================================ #include #include #include "envoy/common/exception.h" #include "common/common/hex.h" #include "gtest/gtest.h" namespace Envoy { TEST(Hex, SimpleEncode) { std::vector bytes = {0x01, 0x02, 0x03, 0x0a, 0x0b, 0x0c}; EXPECT_EQ("0102030a0b0c", Hex::encode(bytes)); } TEST(Hex, RoundTrip) { std::vector bytes; for (uint8_t i = 0; i < UINT8_MAX; i++) { bytes.push_back(i); } std::string hex = Hex::encode(bytes); std::vector decoded = Hex::decode(hex); EXPECT_EQ(bytes, decoded); } TEST(Hex, BadHex) { EXPECT_EQ(0, Hex::decode("abcde").size()); } TEST(Hex, DecodeUppercase) { EXPECT_EQ(4, Hex::decode("ABCDEFAB").size()); } TEST(Hex, UIntToHex) { std::string base16_string = Hex::uint64ToHex(2722130815203937912ULL); EXPECT_EQ("25c6f38dd0600e78", base16_string); EXPECT_EQ("0000000000000000", Hex::uint64ToHex(0ULL)); } TEST(Hex, UInt32ToHex) { EXPECT_EQ("00000000", Hex::uint32ToHex(0)); EXPECT_EQ("ffffffff", Hex::uint32ToHex(-1)); EXPECT_EQ("deadbeef", Hex::uint32ToHex(3735928559)); } } // namespace Envoy ================================================ FILE: test/common/common/linked_object_test.cc ================================================ #include "common/common/linked_object.h" #include "gtest/gtest.h" namespace Envoy { class TestObject : public LinkedObject { public: TestObject() = default; }; TEST(LinkedObjectTest, MoveIntoListFront) { std::list> list; auto object = std::make_unique(); TestObject* object_ptr = object.get(); LinkedList::moveIntoList(std::move(object), list); ASSERT_EQ(1, list.size()); ASSERT_EQ(object_ptr, list.front().get()); auto object2 = std::make_unique(); TestObject* object2_ptr = object2.get(); LinkedList::moveIntoList(std::move(object2), list); ASSERT_EQ(2, list.size()); ASSERT_EQ(object2_ptr, list.front().get()); ASSERT_EQ(object_ptr, list.back().get()); } TEST(LinkedObjectTest, MoveIntoListBack) { std::list> list; std::unique_ptr object = std::make_unique(); TestObject* object_ptr = object.get(); LinkedList::moveIntoListBack(std::move(object), list); ASSERT_EQ(1, list.size()); ASSERT_EQ(object_ptr, list.front().get()); auto object2 = std::make_unique(); TestObject* object2_ptr = object2.get(); LinkedList::moveIntoListBack(std::move(object2), list); ASSERT_EQ(2, list.size()); ASSERT_EQ(object2_ptr, list.back().get()); ASSERT_EQ(object_ptr, list.front().get()); } } // namespace Envoy ================================================ FILE: test/common/common/lock_guard_test.cc ================================================ #include "common/common/lock_guard.h" #include "common/common/thread.h" #include "gtest/gtest.h" namespace Envoy { namespace Thread { namespace { class LockGuardTest : public testing::Test { protected: LockGuardTest() = default; int a_ ABSL_GUARDED_BY(a_mutex_){0}; MutexBasicLockable a_mutex_; int b_{0}; }; TEST_F(LockGuardTest, TestLockGuard) { LockGuard lock(a_mutex_); EXPECT_EQ(1, ++a_); } TEST_F(LockGuardTest, TestOptionalLockGuard) { OptionalLockGuard lock(nullptr); EXPECT_EQ(1, ++b_); } TEST_F(LockGuardTest, TestReleasableLockGuard) { ReleasableLockGuard lock(a_mutex_); EXPECT_EQ(1, ++a_); lock.release(); } TEST_F(LockGuardTest, TestTryLockGuard) { TryLockGuard lock(a_mutex_); if (lock.tryLock()) { // This test doesn't work, because a_mutex_ is guarded, and thread // annotations don't work with TryLockGuard. The macro is defined in // include/envoy/thread/thread.h. DISABLE_TRYLOCKGUARD_ANNOTATION(EXPECT_EQ(1, ++a_)); // TryLockGuard does functionally work with unguarded variables. EXPECT_EQ(1, ++b_); } } } // namespace } // namespace Thread } // namespace Envoy ================================================ FILE: test/common/common/log_macros_test.cc ================================================ #include #include #include #include #include #include "common/common/fancy_logger.h" #include "common/common/logger.h" #include "test/mocks/http/mocks.h" #include "test/mocks/network/mocks.h" #include "test/test_common/logging.h" #include "absl/synchronization/barrier.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { using namespace std::chrono_literals; class TestFilterLog : public Logger::Loggable { public: void logMessage() { ENVOY_LOG(trace, "fake message"); ENVOY_LOG(debug, "fake message"); ENVOY_LOG(warn, "fake message"); ENVOY_LOG(error, "fake message"); ENVOY_LOG(critical, "fake message"); ENVOY_CONN_LOG(info, "fake message", connection_); ENVOY_STREAM_LOG(info, "fake message", stream_); ENVOY_CONN_LOG(error, "fake error", connection_); ENVOY_STREAM_LOG(error, "fake error", stream_); } void logMessageEscapeSequences() { ENVOY_LOG_MISC(info, "line 1 \n line 2 \t tab \\r test"); } private: NiceMock connection_; NiceMock stream_; }; TEST(Logger, All) { // This test exists just to ensure all macros compile and run with the expected arguments provided TestFilterLog filter; filter.logMessage(); // Misc logging with no facility. ENVOY_LOG_MISC(info, "fake message"); } TEST(Logger, EvaluateParams) { uint32_t i = 1; // Set logger's level to low level. // Log message with higher severity and make sure that params were evaluated. LogLevelSetter save_levels(spdlog::level::info); ENVOY_LOG_MISC(warn, "test message '{}'", i++); EXPECT_THAT(i, testing::Eq(2)); } TEST(Logger, DoNotEvaluateParams) { uint32_t i = 1; // Set logger's logging level high and log a message with lower severity // params should not be evaluated. LogLevelSetter save_levels(spdlog::level::critical); ENVOY_LOG_MISC(error, "test message '{}'", i++); EXPECT_THAT(i, testing::Eq(1)); } TEST(Logger, LogAsStatement) { // Just log as part of if ... statement uint32_t i = 1, j = 1; // Set logger's logging level to high LogLevelSetter save_levels(spdlog::level::critical); // Make sure that if statement inside of LOGGER macro does not catch trailing // else .... if (true) // NOLINT(readability-braces-around-statements) ENVOY_LOG_MISC(warn, "test message 1 '{}'", i++); else // NOLINT(readability-braces-around-statements) ENVOY_LOG_MISC(critical, "test message 2 '{}'", j++); EXPECT_THAT(i, testing::Eq(1)); EXPECT_THAT(j, testing::Eq(1)); // Do the same with curly brackets if (true) { ENVOY_LOG_MISC(warn, "test message 3 '{}'", i++); } else { ENVOY_LOG_MISC(critical, "test message 4 '{}'", j++); } EXPECT_THAT(i, testing::Eq(1)); EXPECT_THAT(j, testing::Eq(1)); } TEST(Logger, CheckLoggerLevel) { class LogTestClass : public Logger::Loggable { public: void setLevel(const spdlog::level::level_enum level) { ENVOY_LOGGER().set_level(level); } uint32_t executeAtTraceLevel() { if (ENVOY_LOG_CHECK_LEVEL(trace)) { // Logger's level was at least trace return 1; } else { // Logger's level was higher than trace return 2; }; } }; LogTestClass test_obj; // Set Loggers severity low test_obj.setLevel(spdlog::level::trace); EXPECT_THAT(test_obj.executeAtTraceLevel(), testing::Eq(1)); test_obj.setLevel(spdlog::level::info); EXPECT_THAT(test_obj.executeAtTraceLevel(), testing::Eq(2)); } void spamCall(std::function&& call_to_spam, const uint32_t num_threads) { std::vector threads(num_threads); auto barrier = std::make_unique(num_threads); for (auto& thread : threads) { thread = std::thread([&call_to_spam, &barrier] { // Allow threads to accrue, to maximize concurrency on the call we are testing. if (barrier->Block()) { barrier.reset(); } call_to_spam(); }); } for (std::thread& thread : threads) { thread.join(); } } class SparseLogMacrosTest : public testing::TestWithParam, public Logger::Loggable { public: SparseLogMacrosTest() : use_misc_macros_(GetParam()) { evaluations() = 0; } void logSomething() { if (use_misc_macros_) { ENVOY_LOG_ONCE_MISC(error, "foo1 '{}'", evaluations()++); } else { ENVOY_LOG_ONCE(error, "foo1 '{}'", evaluations()++); } } void logSomethingElse() { if (use_misc_macros_) { ENVOY_LOG_ONCE_MISC(error, "foo2 '{}'", evaluations()++); } else { ENVOY_LOG_ONCE(error, "foo2 '{}'", evaluations()++); } } void logSomethingBelowLogLevelOnce() { if (use_misc_macros_) { ENVOY_LOG_ONCE_MISC(debug, "foo3 '{}'", evaluations()++); } else { ENVOY_LOG_ONCE(debug, "foo3 '{}'", evaluations()++); } } void logSomethingThrice() { if (use_misc_macros_) { ENVOY_LOG_FIRST_N_MISC(error, 3, "foo4 '{}'", evaluations()++); } else { ENVOY_LOG_FIRST_N(error, 3, "foo4 '{}'", evaluations()++); } } void logEverySeventh() { if (use_misc_macros_) { ENVOY_LOG_EVERY_NTH_MISC(error, 7, "foo5 '{}'", evaluations()++); } else { ENVOY_LOG_EVERY_NTH(error, 7, "foo5 '{}'", evaluations()++); } } void logEveryPow2() { if (use_misc_macros_) { ENVOY_LOG_EVERY_POW_2_MISC(error, "foo6 '{}'", evaluations()++); } else { ENVOY_LOG_EVERY_POW_2(error, "foo6 '{}'", evaluations()++); } } void logEverySecond() { if (use_misc_macros_) { ENVOY_LOG_PERIODIC_MISC(error, 1s, "foo7 '{}'", evaluations()++); } else { ENVOY_LOG_PERIODIC(error, 1s, "foo7 '{}'", evaluations()++); } } std::atomic& evaluations() { MUTABLE_CONSTRUCT_ON_FIRST_USE(std::atomic); }; const bool use_misc_macros_; LogLevelSetter save_levels_{spdlog::level::info}; }; INSTANTIATE_TEST_SUITE_P(MiscOrNot, SparseLogMacrosTest, testing::Values(false, true)); TEST_P(SparseLogMacrosTest, All) { constexpr uint32_t kNumThreads = 100; spamCall( [this]() { logSomething(); logSomething(); }, kNumThreads); EXPECT_EQ(1, evaluations()); spamCall( [this]() { logSomethingElse(); logSomethingElse(); }, kNumThreads); // Two distinct log lines ought to result in two evaluations, and no more. EXPECT_EQ(2, evaluations()); spamCall([this]() { logSomethingThrice(); }, kNumThreads); // Single log line should be emitted 3 times. EXPECT_EQ(5, evaluations()); spamCall([this]() { logEverySeventh(); }, kNumThreads); // (100 threads / log every 7th) + 1s = 15 more evaluations upon logging very 7th. EXPECT_EQ(20, evaluations()); logEveryPow2(); // First call ought to propagate. EXPECT_EQ(21, evaluations()); spamCall([this]() { logEveryPow2(); }, kNumThreads); // 64 is the highest power of two that fits when kNumThreads == 100. // We should log on 2, 4, 8, 16, 32, 64, which means we can expect to add 6 more evaluations. EXPECT_EQ(27, evaluations()); spamCall([this]() { logEverySecond(); }, kNumThreads); // First call ought to evaluate. EXPECT_EQ(28, evaluations()); // We expect one log entry / second. Therefore each spamCall ought to result in one // more evaluation. This depends on real time and not sim time, hopefully 1 second // is enough to not introduce flakes in practice. std::this_thread::sleep_for(1s); // NOLINT spamCall([this]() { logEverySecond(); }, kNumThreads); EXPECT_EQ(29, evaluations()); spamCall([this]() { logSomethingBelowLogLevelOnce(); }, kNumThreads); // We shouldn't observe additional argument evaluations for log lines below the configured // log level. EXPECT_EQ(29, evaluations()); } TEST(RegistryTest, LoggerWithName) { EXPECT_EQ(nullptr, Logger::Registry::logger("blah")); EXPECT_EQ("upstream", Logger::Registry::logger("upstream")->name()); } class FormatTest : public testing::Test { public: static void logMessageEscapeSequences() { ENVOY_LOG_MISC(info, "line 1 \n line 2 \t tab \\r test"); } }; TEST_F(FormatTest, OutputUnescaped) { const Envoy::ExpectedLogMessages message{{"info", "line 1 \n line 2 \t tab \\r test"}}; EXPECT_LOG_CONTAINS_ALL_OF(message, logMessageEscapeSequences()); } TEST_F(FormatTest, OutputEscaped) { // Note this uses a raw string literal const Envoy::ExpectedLogMessages message{{"info", R"(line 1 \n line 2 \t tab \\r test)"}}; EXPECT_LOG_CONTAINS_ALL_OF_ESCAPED(message, logMessageEscapeSequences()); } /** * Test for Fancy Logger convenient macros. */ TEST(Fancy, Global) { FANCY_LOG(info, "Hello world! Here's a line of fancy log!"); FANCY_LOG(error, "Fancy Error! Here's the second message!"); NiceMock connection_; NiceMock stream_; FANCY_CONN_LOG(warn, "Fake info {} of connection", connection_, 1); FANCY_STREAM_LOG(warn, "Fake warning {} of stream", stream_, 1); FANCY_LOG(critical, "Critical message for later flush."); FANCY_FLUSH_LOG(); } TEST(Fancy, FastPath) { getFancyContext().setFancyLogger(__FILE__, spdlog::level::info); for (int i = 0; i < 10; i++) { FANCY_LOG(warn, "Fake warning No. {}", i); } } TEST(Fancy, SetLevel) { const char* file = "P=NP_file"; bool res = getFancyContext().setFancyLogger(file, spdlog::level::trace); EXPECT_EQ(res, false); SpdLoggerSharedPtr p = getFancyContext().getFancyLogEntry(file); EXPECT_EQ(p, nullptr); res = getFancyContext().setFancyLogger(__FILE__, spdlog::level::err); EXPECT_EQ(res, true); FANCY_LOG(error, "Fancy Error! Here's a test for level."); FANCY_LOG(warn, "Warning: you shouldn't see this message!"); p = getFancyContext().getFancyLogEntry(__FILE__); EXPECT_NE(p, nullptr); EXPECT_EQ(p->level(), spdlog::level::err); getFancyContext().setAllFancyLoggers(spdlog::level::info); FANCY_LOG(info, "Info: all loggers back to info."); FANCY_LOG(debug, "Debug: you shouldn't see this message!"); EXPECT_EQ(getFancyContext().getFancyLogEntry(__FILE__)->level(), spdlog::level::info); } TEST(Fancy, Iteration) { FANCY_LOG(info, "Info: iteration test begins."); getFancyContext().setAllFancyLoggers(spdlog::level::info); std::string output = getFancyContext().listFancyLoggers(); EXPECT_EQ(output, " test/common/common/log_macros_test.cc: 2\n"); std::string log_format = "[%T.%e][%t][%l][%n] %v"; getFancyContext().setFancyLogger(__FILE__, spdlog::level::err); // setDefaultFancyLevelFormat relies on previous default and might cause error online // getFancyContext().setDefaultFancyLevelFormat(spdlog::level::warn, log_format); FANCY_LOG(warn, "Warning: now level is warning, format changed (Date removed)."); FANCY_LOG(warn, getFancyContext().listFancyLoggers()); // EXPECT_EQ(getFancyContext().getFancyLogEntry(__FILE__)->level(), // spdlog::level::warn); // note fancy_default_level isn't changed } TEST(Fancy, Context) { FANCY_LOG(info, "Info: context API needs test."); bool enable_fine_grain_logging = Logger::Context::useFancyLogger(); printf(" --> If use fancy logger: %d\n", enable_fine_grain_logging); if (enable_fine_grain_logging) { FANCY_LOG(critical, "Cmd option set: all previous Envoy Log should be converted now!"); } Logger::Context::enableFancyLogger(); EXPECT_EQ(Logger::Context::useFancyLogger(), true); EXPECT_EQ(Logger::Context::getFancyLogFormat(), "[%Y-%m-%d %T.%e][%t][%l] [%g:%#] %v"); // EXPECT_EQ(Logger::Context::getFancyDefaultLevel(), // spdlog::level::err); // default is error in test environment } } // namespace Envoy ================================================ FILE: test/common/common/logger_corpus/test ================================================ hello world random;string::::\np hello \r\t\n world \n world \r\r\r\ \\\\\\ \r test \r\n \t\t\t\t\t\t \n\n\n\n\n\n \ \ \ \ \ \ \ %&*@($&*#\r\r\n no_crashes }{}{}{}\r\n ================================================ FILE: test/common/common/logger_fuzz_test.cc ================================================ #include "common/common/logger.h" #include "test/fuzz/fuzz_runner.h" namespace Envoy { namespace Fuzz { DEFINE_FUZZER(const uint8_t* buf, size_t len) { Logger::DelegatingLogSink::escapeLogLine( absl::string_view(reinterpret_cast(buf), len)); } } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/common/logger_speed_test.cc ================================================ #include #include #include "common/common/fancy_logger.h" #include "common/common/logger.h" #include "benchmark/benchmark.h" namespace Envoy { /** * Benchmark for the main slow path, i.e. new logger creation here. */ static void fancySlowPath(benchmark::State& state) { FANCY_LOG(info, "Slow path test begins."); std::atomic logger; for (auto _ : state) { UNREFERENCED_PARAMETER(_); for (int i = 0; i < state.range(0); i++) { std::string key = "k" + std::to_string(i + (state.thread_index << 8)); getFancyContext().initFancyLogger(key, logger); } } } #define FL FANCY_LOG(trace, "Default") #define FL_8 \ FL; \ FL; \ FL; \ FL; \ FL; \ FL; \ FL; \ FL; #define FL_64 \ { FL_8 FL_8 FL_8 FL_8 FL_8 FL_8 FL_8 FL_8 } #define FL_512 \ { FL_64 FL_64 FL_64 FL_64 FL_64 FL_64 FL_64 FL_64 } #define FL_1024 \ { FL_512 FL_512 } /** * Benchmark for medium path, i.e. new site initialization within the same file. */ static void fancyMediumPath(benchmark::State& state) { FANCY_LOG(info, "Medium path test begins."); for (auto _ : state) { UNREFERENCED_PARAMETER(_); // create different call sites for medium path for (int i = 0; i < state.range(0); i++) { FL_1024 } } } /** * Benchmark for fast path, i.e. integration test of common scenario. */ static void fancyFastPath(benchmark::State& state) { // control log length to be the same as normal Envoy below std::string msg(100 - strlen(__FILE__) + 4, '.'); spdlog::level::level_enum lv = state.range(1) ? spdlog::level::trace : spdlog::level::info; getFancyContext().setFancyLogger(FANCY_KEY, lv); for (auto _ : state) { UNREFERENCED_PARAMETER(_); for (int i = 0; i < state.range(0); i++) { FANCY_LOG(trace, "Fast path: {}", msg); } } } /** * Benchmark for ENVOY_LOG to compare. */ static void envoyNormal(benchmark::State& state) { spdlog::level::level_enum lv = state.range(1) ? spdlog::level::trace : spdlog::level::info; std::string msg(100, '.'); GET_MISC_LOGGER().set_level(lv); for (auto _ : state) { UNREFERENCED_PARAMETER(_); for (int i = 0; i < state.range(0); i++) { ENVOY_LOG_MISC(trace, "Fast path: {}", msg); } } } /** * Benchmark for a large number of level setting. */ static void fancyLevelSetting(benchmark::State& state) { FANCY_LOG(info, "Level setting test begins."); for (auto _ : state) { UNREFERENCED_PARAMETER(_); for (int i = 0; i < state.range(0); i++) { getFancyContext().setFancyLogger(__FILE__, spdlog::level::warn); } } } /** * Comparison with Envoy's level setting. */ static void envoyLevelSetting(benchmark::State& state) { ENVOY_LOG_MISC(info, "Envoy's level setting begins."); for (auto _ : state) { UNREFERENCED_PARAMETER(_); for (int i = 0; i < state.range(0); i++) { GET_MISC_LOGGER().set_level(spdlog::level::warn); } } } /** * Benchmarks in detail starts. */ BENCHMARK(fancySlowPath)->Arg(1 << 10); BENCHMARK(fancySlowPath)->Arg(1 << 10)->Threads(20)->MeasureProcessCPUTime(); BENCHMARK(fancySlowPath)->Arg(1 << 10)->Threads(200)->MeasureProcessCPUTime(); BENCHMARK(fancyMediumPath)->Arg(1)->Iterations(1); // Seems medium path's concurrency test doesn't make sense (hard to do as well) BENCHMARK(fancyFastPath)->Args({1024, 0})->Args({1024, 1}); // First no actual log, then log BENCHMARK(fancyFastPath)->Args({1 << 10, 0})->Threads(20)->MeasureProcessCPUTime(); BENCHMARK(fancyFastPath)->Args({1 << 10, 1})->Threads(20)->MeasureProcessCPUTime(); BENCHMARK(fancyFastPath)->Args({1 << 10, 0})->Threads(200)->MeasureProcessCPUTime(); BENCHMARK(fancyFastPath)->Args({1 << 10, 1})->Threads(200)->MeasureProcessCPUTime(); BENCHMARK(envoyNormal)->Args({1024, 0})->Args({1024, 1}); BENCHMARK(envoyNormal)->Args({1 << 10, 0})->Threads(20)->MeasureProcessCPUTime(); BENCHMARK(envoyNormal)->Args({1 << 10, 1})->Threads(20)->MeasureProcessCPUTime(); BENCHMARK(envoyNormal)->Args({1 << 10, 0})->Threads(200)->MeasureProcessCPUTime(); BENCHMARK(envoyNormal)->Args({1 << 10, 1})->Threads(200)->MeasureProcessCPUTime(); BENCHMARK(fancyLevelSetting)->Arg(1 << 10); BENCHMARK(envoyLevelSetting)->Arg(1 << 10); } // namespace Envoy ================================================ FILE: test/common/common/logger_test.cc ================================================ #include #include "common/common/logger.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Logger { TEST(LoggerTest, StackingStderrSinkDelegate) { StderrSinkDelegate stacked(Envoy::Logger::Registry::getSink()); } TEST(LoggerEscapeTest, LinuxEOL) { EXPECT_EQ("line 1 \\n line 2\n", DelegatingLogSink::escapeLogLine("line 1 \n line 2\n")); } TEST(LoggerEscapeTest, WindowEOL) { EXPECT_EQ("line 1 \\n line 2\r\n", DelegatingLogSink::escapeLogLine("line 1 \n line 2\r\n")); } TEST(LoggerEscapeTest, NoTrailingWhitespace) { EXPECT_EQ("line 1 \\n line 2", DelegatingLogSink::escapeLogLine("line 1 \n line 2")); } TEST(LoggerEscapeTest, NoWhitespace) { EXPECT_EQ("line1", DelegatingLogSink::escapeLogLine("line1")); } TEST(LoggerEscapeTest, AnyTrailingWhitespace) { EXPECT_EQ("line 1 \\t tab 1 \\n line 2\t\n", DelegatingLogSink::escapeLogLine("line 1 \t tab 1 \n line 2\t\n")); } TEST(LoggerEscapeTest, WhitespaceOnly) { // 8 spaces EXPECT_EQ(" ", DelegatingLogSink::escapeLogLine(" ")); // Any whitespace characters EXPECT_EQ("\r\n\t \r\n \n", DelegatingLogSink::escapeLogLine("\r\n\t \r\n \n")); } TEST(LoggerEscapeTest, Empty) { EXPECT_EQ("", DelegatingLogSink::escapeLogLine("")); } } // namespace Logger } // namespace Envoy ================================================ FILE: test/common/common/matchers_test.cc ================================================ #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/matcher/v3/metadata.pb.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" #include "common/common/matchers.h" #include "common/config/metadata.h" #include "common/protobuf/protobuf.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Matcher { namespace { TEST(MetadataTest, MatchNullValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_null_value(ProtobufWkt::NullValue::NULL_VALUE); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_null_match(); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchDoubleValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_number_value(9); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_double_match()->set_exact(1); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_double_match()->set_exact(9); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); auto r = matcher.mutable_value()->mutable_double_match()->mutable_range(); r->set_start(9.1); r->set_end(10); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); r = matcher.mutable_value()->mutable_double_match()->mutable_range(); r->set_start(8.9); r->set_end(9); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); r = matcher.mutable_value()->mutable_double_match()->mutable_range(); r->set_start(9); r->set_end(9.1); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchStringExactValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_string_value("prod"); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_exact("prod"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchStringPrefixValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_string_value("prodabc"); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_prefix("prodx"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_prefix("prod"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchStringSuffixValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_string_value("abcprod"); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_suffix("prodx"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_suffix("prod"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchStringContainsValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_string_value("abcprodef"); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_contains("pride"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->mutable_string_match()->set_contains("prod"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchBoolValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_bool_value(true); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->set_bool_match(false); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->set_bool_match(true); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } TEST(MetadataTest, MatchPresentValue) { envoy::config::core::v3::Metadata metadata; Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "label") .set_string_value("test"); Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.b", "label") .set_number_value(1); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.b"); matcher.add_path()->set_key("label"); matcher.mutable_value()->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->set_present_match(false); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.mutable_value()->set_present_match(true); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); matcher.clear_path(); matcher.add_path()->set_key("unknown"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); } // Helper function to retrieve the reference of an entry in a ListMatcher from a MetadataMatcher. envoy::type::matcher::v3::ValueMatcher* listMatchEntry(envoy::type::matcher::v3::MetadataMatcher* matcher) { return matcher->mutable_value()->mutable_list_match()->mutable_one_of(); } TEST(MetadataTest, MatchStringListValue) { envoy::config::core::v3::Metadata metadata; ProtobufWkt::Value& metadataValue = Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "groups"); ProtobufWkt::ListValue* values = metadataValue.mutable_list_value(); values->add_values()->set_string_value("first"); values->add_values()->set_string_value("second"); values->add_values()->set_string_value("third"); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.a"); matcher.add_path()->set_key("groups"); listMatchEntry(&matcher)->mutable_string_match()->set_exact("second"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_string_match()->set_prefix("fi"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_string_match()->set_suffix("rd"); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_string_match()->set_exact("fourth"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_string_match()->set_prefix("none"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); values->clear_values(); metadataValue.Clear(); } TEST(MetadataTest, MatchBoolListValue) { envoy::config::core::v3::Metadata metadata; ProtobufWkt::Value& metadataValue = Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "groups"); ProtobufWkt::ListValue* values = metadataValue.mutable_list_value(); values->add_values()->set_bool_value(false); values->add_values()->set_bool_value(false); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.a"); matcher.add_path()->set_key("groups"); listMatchEntry(&matcher)->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->set_bool_match(true); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->set_bool_match(false); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); values->clear_values(); metadataValue.Clear(); } TEST(MetadataTest, MatchDoubleListValue) { envoy::config::core::v3::Metadata metadata; ProtobufWkt::Value& metadataValue = Envoy::Config::Metadata::mutableMetadataValue(metadata, "envoy.filter.a", "groups"); ProtobufWkt::ListValue* values = metadataValue.mutable_list_value(); values->add_values()->set_number_value(10); values->add_values()->set_number_value(23); envoy::type::matcher::v3::MetadataMatcher matcher; matcher.set_filter("envoy.filter.a"); matcher.add_path()->set_key("groups"); listMatchEntry(&matcher)->mutable_string_match()->set_exact("test"); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->set_bool_match(true); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_double_match()->set_exact(9); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); listMatchEntry(&matcher)->mutable_double_match()->set_exact(10); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); auto r = listMatchEntry(&matcher)->mutable_double_match()->mutable_range(); r->set_start(10); r->set_end(15); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); r = listMatchEntry(&matcher)->mutable_double_match()->mutable_range(); r->set_start(20); r->set_end(24); EXPECT_TRUE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); r = listMatchEntry(&matcher)->mutable_double_match()->mutable_range(); r->set_start(24); r->set_end(26); EXPECT_FALSE(Envoy::Matchers::MetadataMatcher(matcher).match(metadata)); values->clear_values(); metadataValue.Clear(); } TEST(StringMatcher, ExactMatchIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact("exact"); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("exact")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("EXACT")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("exacz")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); matcher.set_ignore_case(true); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("exact")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("EXACT")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("exacz")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); } TEST(StringMatcher, PrefixMatchIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_prefix("prefix"); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("prefix-abc")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("PREFIX-ABC")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("prefiz-abc")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); matcher.set_ignore_case(true); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("prefix-abc")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("PREFIX-ABC")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("prefiz-abc")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); } TEST(StringMatcher, SuffixMatchIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_suffix("suffix"); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("abc-suffix")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("ABC-SUFFIX")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("abc-suffiz")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); matcher.set_ignore_case(true); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("abc-suffix")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("ABC-SUFFIX")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("abc-suffiz")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); } TEST(StringMatcher, ContainsMatchIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_contains("contained-str"); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("abc-contained-str-def")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("contained-str")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("ABC-Contained-Str-DEF")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("abc-container-int-def")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); matcher.set_ignore_case(true); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("abc-contained-str-def")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("abc-cOnTaInEd-str-def")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("abc-ContAineR-str-def")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("other")); } TEST(StringMatcher, SafeRegexValue) { envoy::type::matcher::v3::StringMatcher matcher; matcher.mutable_safe_regex()->mutable_google_re2(); matcher.mutable_safe_regex()->set_regex("foo.*"); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("foo")); EXPECT_TRUE(Matchers::StringMatcherImpl(matcher).match("foobar")); EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("bar")); } TEST(StringMatcher, RegexValueIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_ignore_case(true); matcher.set_hidden_envoy_deprecated_regex("foo"); EXPECT_THROW_WITH_MESSAGE(Matchers::StringMatcherImpl(matcher).match("foo"), EnvoyException, "ignore_case has no effect for regex."); } TEST(StringMatcher, SafeRegexValueIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_ignore_case(true); matcher.mutable_safe_regex()->mutable_google_re2(); matcher.mutable_safe_regex()->set_regex("foo"); EXPECT_THROW_WITH_MESSAGE(Matchers::StringMatcherImpl(matcher).match("foo"), EnvoyException, "ignore_case has no effect for safe_regex."); } TEST(PathMatcher, MatchExactPath) { const auto matcher = Envoy::Matchers::PathMatcher::createExact("/exact", false); EXPECT_TRUE(matcher->match("/exact")); EXPECT_TRUE(matcher->match("/exact?param=val")); EXPECT_TRUE(matcher->match("/exact#fragment")); EXPECT_TRUE(matcher->match("/exact#fragment?param=val")); EXPECT_FALSE(matcher->match("/EXACT")); EXPECT_FALSE(matcher->match("/exacz")); EXPECT_FALSE(matcher->match("/exact-abc")); EXPECT_FALSE(matcher->match("/exacz?/exact")); EXPECT_FALSE(matcher->match("/exacz#/exact")); } TEST(PathMatcher, MatchExactPathIgnoreCase) { const auto matcher = Envoy::Matchers::PathMatcher::createExact("/exact", true); EXPECT_TRUE(matcher->match("/exact")); EXPECT_TRUE(matcher->match("/EXACT")); EXPECT_TRUE(matcher->match("/exact?param=val")); EXPECT_TRUE(matcher->match("/Exact#fragment")); EXPECT_TRUE(matcher->match("/EXACT#fragment?param=val")); EXPECT_FALSE(matcher->match("/exacz")); EXPECT_FALSE(matcher->match("/exact-abc")); EXPECT_FALSE(matcher->match("/exacz?/exact")); EXPECT_FALSE(matcher->match("/exacz#/exact")); } TEST(PathMatcher, MatchPrefixPath) { const auto matcher = Envoy::Matchers::PathMatcher::createPrefix("/prefix", false); EXPECT_TRUE(matcher->match("/prefix")); EXPECT_TRUE(matcher->match("/prefix-abc")); EXPECT_TRUE(matcher->match("/prefix?param=val")); EXPECT_TRUE(matcher->match("/prefix#fragment")); EXPECT_TRUE(matcher->match("/prefix#fragment?param=val")); EXPECT_FALSE(matcher->match("/PREFIX")); EXPECT_FALSE(matcher->match("/prefiz")); EXPECT_FALSE(matcher->match("/prefiz?/prefix")); EXPECT_FALSE(matcher->match("/prefiz#/prefix")); } TEST(PathMatcher, MatchPrefixPathIgnoreCase) { const auto matcher = Envoy::Matchers::PathMatcher::createPrefix("/prefix", true); EXPECT_TRUE(matcher->match("/prefix")); EXPECT_TRUE(matcher->match("/prefix-abc")); EXPECT_TRUE(matcher->match("/Prefix?param=val")); EXPECT_TRUE(matcher->match("/Prefix#fragment")); EXPECT_TRUE(matcher->match("/PREFIX#fragment?param=val")); EXPECT_TRUE(matcher->match("/PREFIX")); EXPECT_FALSE(matcher->match("/prefiz")); EXPECT_FALSE(matcher->match("/prefiz?/prefix")); EXPECT_FALSE(matcher->match("/prefiz#/prefix")); } TEST(PathMatcher, MatchSuffixPath) { envoy::type::matcher::v3::PathMatcher matcher; matcher.mutable_path()->set_suffix("suffix"); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/suffix")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/abc-suffix")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/suffix?param=val")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/suffix#fragment")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/suffix#fragment?param=val")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/suffiz")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/suffiz?param=suffix")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/suffiz#suffix")); } TEST(PathMatcher, MatchContainsPath) { envoy::type::matcher::v3::PathMatcher matcher; matcher.mutable_path()->set_contains("contains"); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/contains")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/abc-contains")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/contains-abc")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/abc-contains-def")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/abc-contains-def?param=val")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/abc-contains-def#fragment")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/abc-def#containsfragment?param=contains")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/abc-curtains-def")); } TEST(PathMatcher, MatchRegexPath) { envoy::type::matcher::v3::StringMatcher matcher; matcher.mutable_safe_regex()->mutable_google_re2(); matcher.mutable_safe_regex()->set_regex(".*regex.*"); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/regex")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/regex/xyz")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/xyz/regex")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/regex?param=val")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/regex#fragment")); EXPECT_TRUE(Matchers::PathMatcher(matcher).match("/regex#fragment?param=val")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/regez")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/regez?param=regex")); EXPECT_FALSE(Matchers::PathMatcher(matcher).match("/regez#regex")); } } // namespace } // namespace Matcher } // namespace Envoy ================================================ FILE: test/common/common/mem_block_builder_test.cc ================================================ #include #include "common/common/mem_block_builder.h" #include "gtest/gtest.h" namespace Envoy { TEST(MemBlockBuilderTest, AppendUint8) { MemBlockBuilder mem_block(10); EXPECT_EQ(10, mem_block.capacity()); mem_block.appendOne(5); EXPECT_EQ(9, mem_block.capacityRemaining()); const uint8_t foo[] = {6, 7}; mem_block.appendData(absl::MakeConstSpan(foo, ABSL_ARRAYSIZE(foo))); EXPECT_EQ(7, mem_block.capacityRemaining()); MemBlockBuilder append; EXPECT_EQ(0, append.capacity()); append.setCapacity(7); EXPECT_EQ(7, append.capacity()); append.appendOne(8); append.appendOne(9); mem_block.appendBlock(append); EXPECT_EQ(5, mem_block.capacityRemaining()); EXPECT_EQ((std::vector{5, 6, 7, 8, 9}), mem_block.span()); append.appendBlock(mem_block); EXPECT_EQ(0, append.capacityRemaining()); uint64_t size = append.size(); std::unique_ptr data = append.release(); EXPECT_EQ((std::vector{8, 9, 5, 6, 7, 8, 9}), std::vector(data.get(), data.get() + size)); mem_block.reset(); EXPECT_EQ(0, mem_block.capacity()); } TEST(MemBlockBuilderTest, AppendUint32) { MemBlockBuilder mem_block(10); EXPECT_EQ(10, mem_block.capacity()); mem_block.appendOne(100005); EXPECT_EQ(9, mem_block.capacityRemaining()); const uint32_t foo[] = {100006, 100007}; mem_block.appendData(absl::MakeConstSpan(foo, ABSL_ARRAYSIZE(foo))); EXPECT_EQ(7, mem_block.capacityRemaining()); MemBlockBuilder append; EXPECT_EQ(0, append.capacity()); append.setCapacity(7); EXPECT_EQ(7, append.capacity()); append.appendOne(100008); append.appendOne(100009); mem_block.appendBlock(append); EXPECT_EQ(5, mem_block.capacityRemaining()); EXPECT_EQ((std::vector{100005, 100006, 100007, 100008, 100009}), mem_block.span()); append.appendBlock(mem_block); EXPECT_EQ(0, append.capacityRemaining()); uint64_t size = append.size(); std::unique_ptr data = append.release(); EXPECT_EQ((std::vector{100008, 100009, 100005, 100006, 100007, 100008, 100009}), std::vector(data.get(), data.get() + size)); mem_block.reset(); EXPECT_EQ(0, mem_block.capacity()); } #ifdef ENVOY_CONFIG_COVERAGE // For some reason, this test under coverage generates a list of testdata/*. static const char expected_death_regex[] = ""; #else static const char expected_death_regex[] = ".*insufficient capacity.*"; #endif TEST(MemBlockBuilderTest, AppendOneTooMuch) { MemBlockBuilder mem_block(1); mem_block.appendOne(1); EXPECT_DEATH({ mem_block.appendOne(2); }, expected_death_regex); } TEST(MemBlockBuilderTest, AppendDataTooMuch) { MemBlockBuilder mem_block(1); const uint8_t foo[] = {1, 2}; EXPECT_DEATH({ mem_block.appendData(absl::MakeConstSpan(foo, ABSL_ARRAYSIZE(foo))); }, expected_death_regex); } } // namespace Envoy ================================================ FILE: test/common/common/mutex_tracer_test.cc ================================================ #include #include #include "common/common/lock_guard.h" #include "common/common/mutex_tracer_impl.h" #include "test/test_common/contention.h" #include "test/test_common/utility.h" #include "absl/synchronization/mutex.h" #include "gtest/gtest.h" namespace Envoy { class MutexTracerTest : public testing::Test { protected: void SetUp() override { tracer_.reset(); } // Since MutexTracerImpl::contentionHook is a private method, MutexTracerTest is a friend class. void sendWaitCyclesToContentionHook(int64_t wait_cycles) { tracer_.contentionHook(nullptr, nullptr, wait_cycles); } Thread::MutexBasicLockable mu_; MutexTracerImpl& tracer_{MutexTracerImpl::getOrCreateTracer()}; }; // Call the contention hook manually. TEST_F(MutexTracerTest, AddN) { EXPECT_EQ(tracer_.numContentions(), 0); EXPECT_EQ(tracer_.currentWaitCycles(), 0); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 0); sendWaitCyclesToContentionHook(2); EXPECT_EQ(tracer_.numContentions(), 1); EXPECT_EQ(tracer_.currentWaitCycles(), 2); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 2); sendWaitCyclesToContentionHook(3); EXPECT_EQ(tracer_.numContentions(), 2); EXPECT_EQ(tracer_.currentWaitCycles(), 3); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 5); sendWaitCyclesToContentionHook(0); EXPECT_EQ(tracer_.numContentions(), 3); EXPECT_EQ(tracer_.currentWaitCycles(), 0); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 5); } // Call the contention hook in a real contention scenario. TEST_F(MutexTracerTest, OneThreadNoContention) { // Regular operation doesn't cause contention. { Thread::LockGuard lock(mu_); } EXPECT_EQ(tracer_.numContentions(), 0); EXPECT_EQ(tracer_.currentWaitCycles(), 0); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 0); } TEST_F(MutexTracerTest, TryLockNoContention) { // TryLocks don't cause contention. { Thread::LockGuard lock(mu_); EXPECT_FALSE(mu_.tryLock()); } EXPECT_EQ(tracer_.numContentions(), 0); EXPECT_EQ(tracer_.currentWaitCycles(), 0); EXPECT_EQ(tracer_.lifetimeWaitCycles(), 0); } TEST_F(MutexTracerTest, TwoThreadsWithContention) { Api::ApiPtr api = Api::createApiForTest(); int64_t prev_num_contentions = tracer_.numContentions(); for (int i = 1; i <= 10; ++i) { int64_t curr_num_lifetime_wait_cycles = tracer_.lifetimeWaitCycles(); Thread::TestUtil::ContentionGenerator contention_generator(*api); contention_generator.generateContention(tracer_); int64_t num_contentions = tracer_.numContentions(); EXPECT_LT(prev_num_contentions, num_contentions); prev_num_contentions = num_contentions; EXPECT_GT(tracer_.currentWaitCycles(), 0); // This shouldn't be hardcoded. EXPECT_GT(tracer_.lifetimeWaitCycles(), 0); EXPECT_GT(tracer_.lifetimeWaitCycles(), curr_num_lifetime_wait_cycles); } } } // namespace Envoy ================================================ FILE: test/common/common/perf_annotation_disabled_test.cc ================================================ // By default, perf is disabled, but enable running tests with it disabled by locally // undefing if needed. #ifdef ENVOY_PERF_ANNOTATION #undef ENVOY_PERF_ANNOTATION #endif #include "common/common/perf_annotation.h" #include "gtest/gtest.h" namespace Envoy { TEST(PerfAnnotationDisabled, testPerfAnnotation) { PERF_OPERATION(perf); PERF_RECORD(perf, "alpha", "0"); PERF_RECORD(perf, "beta", "1"); PERF_RECORD(perf, "alpha", "2"); PERF_RECORD(perf, "beta", "3"); std::string report = PERF_TO_STRING(); EXPECT_TRUE(report.empty()); PERF_CLEAR(); } } // namespace Envoy ================================================ FILE: test/common/common/perf_annotation_test.cc ================================================ // When building from the command line, you can enable perf annotation globally with // bazel --define=perf_annotation=enabled // You can also do this in on a per-file basis with by defining the macro manually. You // must be sure to do this in the modules where you are collecting the perf annotations // (PERF_OPERATION, PERF_RECORD) and also where you are reporting them (PERF_DUMP). #ifndef ENVOY_PERF_ANNOTATION #define ENVOY_PERF_ANNOTATION #endif #include "common/common/perf_annotation.h" #include "gtest/gtest.h" namespace Envoy { class PerfAnnotationTest : public testing::Test { protected: void TearDown() override { PERF_CLEAR(); } }; // Tests that the macros produce something in the report that includes the categories // and descriptions. TEST_F(PerfAnnotationTest, TestMacros) { PERF_OPERATION(perf); PERF_RECORD(perf, "alpha", "0"); PERF_RECORD(perf, "beta", "1"); PERF_RECORD(perf, "alpha", "2"); PERF_RECORD(perf, "beta", "3"); std::string report = PERF_TO_STRING(); EXPECT_TRUE(report.find(" alpha ") != std::string::npos) << report; EXPECT_TRUE(report.find(" 0 ") != std::string::npos) << report; EXPECT_TRUE(report.find(" beta ") != std::string::npos) << report; EXPECT_TRUE(report.find(" 1 ") != std::string::npos) << report; EXPECT_TRUE(report.find(" alpha ") != std::string::npos) << report; EXPECT_TRUE(report.find(" 2 ") != std::string::npos) << report; EXPECT_TRUE(report.find(" beta ") != std::string::npos) << report; EXPECT_TRUE(report.find(" 3 ") != std::string::npos) << report; PERF_DUMP(); } // More detailed report-format testing, directly using the class. TEST_F(PerfAnnotationTest, TestFormat) { PerfAnnotationContext* context = PerfAnnotationContext::getOrCreate(); for (int i = 0; i < 4; ++i) { context->record(std::chrono::microseconds{1000 + 100 * i}, "alpha", "1"); } for (int i = 0; i < 3; ++i) { context->record(std::chrono::microseconds{30 - i}, "beta", "3"); } context->record(std::chrono::microseconds{200}, "gamma", "2"); std::string report = context->toString(); EXPECT_EQ( "Duration(us) # Calls Mean(ns) StdDev(ns) Min(ns) Max(ns) Category Description\n" " 4600 4 1150000 129099 1000000 1300000 alpha 1 \n" " 200 1 200000 nan 200000 200000 gamma 2 \n" " 87 3 29000 1000 28000 30000 beta 3 \n", context->toString()); } } // namespace Envoy ================================================ FILE: test/common/common/phantom_test.cc ================================================ #include "common/common/phantom.h" #include "gtest/gtest.h" namespace Envoy { struct PhantomTest {}; struct PhantomTest2 {}; using PhantomIntTest = Phantom; using PhantomIntTest2 = Phantom; TEST(PhantomTest, TypeBehavior) { // Should not be possible to implicitly convert from two phantoms with different markers. static_assert(!std::is_convertible::value, "should not be convertible"); } } // namespace Envoy ================================================ FILE: test/common/common/random_generator_test.cc ================================================ #include #include "common/common/random_generator.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Random { namespace { TEST(Random, DISABLED_benchmarkRandom) { Random::RandomGeneratorImpl random; for (size_t i = 0; i < 1000000000; ++i) { random.random(); } } TEST(Random, SanityCheckOfUniquenessRandom) { Random::RandomGeneratorImpl random; std::set results; const size_t num_of_results = 1000000; for (size_t i = 0; i < num_of_results; ++i) { results.insert(random.random()); } EXPECT_EQ(num_of_results, results.size()); } TEST(Random, SanityCheckOfStdLibRandom) { Random::RandomGeneratorImpl random; static const auto num_of_items = 100; std::vector v(num_of_items); std::iota(v.begin(), v.end(), 0); static const auto num_of_checks = 10000; for (size_t i = 0; i < num_of_checks; ++i) { const auto prev = v; std::shuffle(v.begin(), v.end(), random); EXPECT_EQ(v.size(), prev.size()); EXPECT_NE(v, prev); EXPECT_FALSE(std::is_sorted(v.begin(), v.end())); } } TEST(UUID, CheckLengthOfUUID) { Random::RandomGeneratorImpl random; std::string result = random.uuid(); size_t expected_length = 36; EXPECT_EQ(expected_length, result.length()); } TEST(UUID, SanityCheckOfUniqueness) { std::set uuids; const size_t num_of_uuids = 100000; Random::RandomGeneratorImpl random; for (size_t i = 0; i < num_of_uuids; ++i) { uuids.insert(random.uuid()); } EXPECT_EQ(num_of_uuids, uuids.size()); } TEST(Random, Bernoilli) { Random::RandomGeneratorImpl random; EXPECT_FALSE(random.bernoulli(0)); EXPECT_FALSE(random.bernoulli(-1)); EXPECT_TRUE(random.bernoulli(1)); EXPECT_TRUE(random.bernoulli(2)); int true_count = 0; static const auto num_rolls = 100000; for (size_t i = 0; i < num_rolls; ++i) { if (random.bernoulli(0.4)) { ++true_count; } } EXPECT_NEAR(static_cast(true_count) / num_rolls, 0.4, 0.01); } } // namespace } // namespace Random } // namespace Envoy ================================================ FILE: test/common/common/regex_test.cc ================================================ #include "envoy/common/exception.h" #include "envoy/type/matcher/v3/regex.pb.h" #include "common/common/regex.h" #include "test/test_common/logging.h" #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Regex { namespace { TEST(Utility, ParseStdRegex) { EXPECT_THROW_WITH_REGEX(Utility::parseStdRegex("(+invalid)"), EnvoyException, "Invalid regex '\\(\\+invalid\\)': .+"); EXPECT_THROW_WITH_REGEX(Utility::parseStdRegexAsCompiledMatcher("(+invalid)"), EnvoyException, "Invalid regex '\\(\\+invalid\\)': .+"); { std::regex regex = Utility::parseStdRegex("x*"); EXPECT_NE(0, regex.flags() & std::regex::optimize); } { std::regex regex = Utility::parseStdRegex("x*", std::regex::icase); EXPECT_NE(0, regex.flags() & std::regex::icase); EXPECT_EQ(0, regex.flags() & std::regex::optimize); } { // Regression test to cover high-complexity regular expressions that throw on std::regex_match. // Note that not all std::regex_match implementations will throw when matching against the // expression below, but at least clang 9.0.0 under linux does. auto matcher = Utility::parseStdRegexAsCompiledMatcher( "|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||"); EXPECT_FALSE(matcher->match("0")); } } TEST(Utility, ParseRegex) { { envoy::type::matcher::v3::RegexMatcher matcher; matcher.mutable_google_re2(); matcher.set_regex("(+invalid)"); EXPECT_THROW_WITH_MESSAGE(Utility::parseRegex(matcher), EnvoyException, "no argument for repetition operator: +"); } // Regression test for https://github.com/envoyproxy/envoy/issues/7728 { envoy::type::matcher::v3::RegexMatcher matcher; matcher.mutable_google_re2(); matcher.set_regex("/asdf/.*"); const auto compiled_matcher = Utility::parseRegex(matcher); const std::string long_string = "/asdf/" + std::string(50 * 1024, 'a'); EXPECT_TRUE(compiled_matcher->match(long_string)); } // Positive case to ensure no max program size is enforced. { TestScopedRuntime scoped_runtime; envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex("/asdf/.*"); matcher.mutable_google_re2(); EXPECT_NO_THROW(Utility::parseRegex(matcher)); } // Verify max program size with the deprecated field codepath plus runtime. // The deprecated field codepath precedes any runtime settings. { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"re2.max_program_size.error_level", "3"}}); envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex("/asdf/.*"); matcher.mutable_google_re2()->mutable_max_program_size()->set_value(1); #ifndef GTEST_USES_SIMPLE_RE EXPECT_THROW_WITH_REGEX(Utility::parseRegex(matcher), EnvoyException, "RE2 program size of [0-9]+ > max program size of 1\\."); #else EXPECT_THROW_WITH_REGEX(Utility::parseRegex(matcher), EnvoyException, "RE2 program size of \\d+ > max program size of 1\\."); #endif } // Verify that an exception is thrown for the error level max program size. { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"re2.max_program_size.error_level", "1"}}); envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex("/asdf/.*"); matcher.mutable_google_re2(); #ifndef GTEST_USES_SIMPLE_RE EXPECT_THROW_WITH_REGEX( Utility::parseRegex(matcher), EnvoyException, "RE2 program size of [0-9]+ > max program size of 1 set for the error level threshold\\."); #else EXPECT_THROW_WITH_REGEX( Utility::parseRegex(matcher), EnvoyException, "RE2 program size of \\d+ > max program size of 1 set for the error level threshold\\."); #endif } // Verify that the error level max program size defaults to 100 if not set by runtime. { TestScopedRuntime scoped_runtime; envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex( "/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*/asdf/.*"); matcher.mutable_google_re2(); #ifndef GTEST_USES_SIMPLE_RE EXPECT_THROW_WITH_REGEX(Utility::parseRegex(matcher), EnvoyException, "RE2 program size of [0-9]+ > max program size of 100 set for the " "error level threshold\\."); #else EXPECT_THROW_WITH_REGEX( Utility::parseRegex(matcher), EnvoyException, "RE2 program size of \\d+ > max program size of 100 set for the error level threshold\\."); #endif } // Verify that a warning is logged for the warn level max program size. { TestScopedRuntime scoped_runtime; Envoy::Stats::Counter& warn_count = Runtime::LoaderSingleton::getExisting()->getRootScope().counterFromString( "re2.exceeded_warn_level"); Runtime::LoaderSingleton::getExisting()->mergeValues( {{"re2.max_program_size.warn_level", "1"}}); envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex("/asdf/.*"); matcher.mutable_google_re2(); EXPECT_NO_THROW(Utility::parseRegex(matcher)); EXPECT_EQ(1, warn_count.value()); EXPECT_LOG_CONTAINS("warn", "> max program size of 1 set for the warn level threshold", Utility::parseRegex(matcher)); EXPECT_EQ(2, warn_count.value()); } // Verify that no check is performed if the warn level max program size is not set by runtime. { TestScopedRuntime scoped_runtime; Envoy::Stats::Counter& warn_count = Runtime::LoaderSingleton::getExisting()->getRootScope().counterFromString( "re2.exceeded_warn_level"); envoy::type::matcher::v3::RegexMatcher matcher; matcher.set_regex("/asdf/.*"); matcher.mutable_google_re2(); EXPECT_NO_THROW(Utility::parseRegex(matcher)); EXPECT_LOG_NOT_CONTAINS("warn", "> max program size", Utility::parseRegex(matcher)); EXPECT_EQ(0, warn_count.value()); } } } // namespace } // namespace Regex } // namespace Envoy ================================================ FILE: test/common/common/statusor_test.cc ================================================ #include "common/common/statusor.h" #include "common/http/status.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { TEST(StatusOr, Initialization) { StatusOr statusor( Http::prematureResponseError("foobar", Http::Code::ProxyAuthenticationRequired)); EXPECT_FALSE(statusor.ok()); EXPECT_TRUE(Http::isPrematureResponseError(statusor.status())); EXPECT_EQ("foobar", statusor.status().message()); EXPECT_EQ(Http::Code::ProxyAuthenticationRequired, Http::getPrematureResponseHttpCode(statusor.status())); } } // namespace Envoy ================================================ FILE: test/common/common/stl_helpers_test.cc ================================================ #include #include "common/common/stl_helpers.h" #include "gtest/gtest.h" namespace Envoy { TEST(StlHelpersTest, TestOutputToStreamOperator) { std::stringstream os; std::vector v{1, 2, 3, 4, 5}; os << v; EXPECT_EQ("vector { 1, 2, 3, 4, 5 }", os.str()); } } // namespace Envoy ================================================ FILE: test/common/common/thread_id_test.cc ================================================ #include "common/common/thread.h" #include "test/test_common/thread_factory_for_test.h" #include "absl/hash/hash_testing.h" #include "gmock/gmock.h" namespace Envoy { namespace { TEST(ThreadId, Equality) { auto& thread_factory = Thread::threadFactoryForTest(); Thread::ThreadId main_thread = thread_factory.currentThreadId(); Thread::ThreadId background_thread; Thread::ThreadId null_thread; Thread::threadFactoryForTest() .createThread([&]() { background_thread = thread_factory.currentThreadId(); }) ->join(); EXPECT_EQ(main_thread, main_thread); EXPECT_EQ(background_thread, background_thread); EXPECT_EQ(null_thread, null_thread); EXPECT_NE(main_thread, background_thread); EXPECT_NE(main_thread, null_thread); EXPECT_NE(background_thread, null_thread); } TEST(ThreadId, Hashability) { auto& thread_factory = Thread::threadFactoryForTest(); Thread::ThreadId main_thread = thread_factory.currentThreadId(); Thread::ThreadId background_thread; Thread::ThreadId null_thread; Thread::threadFactoryForTest() .createThread([&]() { background_thread = thread_factory.currentThreadId(); }) ->join(); EXPECT_TRUE(absl::VerifyTypeImplementsAbslHashCorrectly({ null_thread, main_thread, background_thread, })); } TEST(ThreadId, CanGetId) { Thread::ThreadId tid(10); EXPECT_EQ(tid.getId(), 10); } } // namespace } // namespace Envoy ================================================ FILE: test/common/common/thread_test.cc ================================================ #include #include "common/common/thread.h" #include "common/common/thread_synchronizer.h" #include "test/test_common/thread_factory_for_test.h" #include "absl/strings/str_cat.h" #include "absl/synchronization/notification.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Thread { namespace { class ThreadAsyncPtrTest : public testing::Test { protected: ThreadFactory& thread_factory_{threadFactoryForTest()}; }; // Tests that two threads racing to create an object have well-defined // behavior. TEST_F(ThreadAsyncPtrTest, DeleteOnDestruct) { AtomicPtr str; ThreadSynchronizer sync; sync.enable(); sync.waitOn("creator"); // On thread1, we will lazily instantiate the string as "thread1". However // in the creation function we will block on a sync-point. auto thread1 = thread_factory_.createThread( [&str, &sync]() { str.get([&sync]() -> std::string* { sync.syncPoint("creator"); return new std::string("thread1"); }); }, Options{"thread1"}); EXPECT_EQ("thread1", thread1->name()); sync.barrierOn("creator"); // Now spawn a separate thread that will attempt to lazy-initialize the // string as "thread2", but that allocator will never run because // the allocator on thread1 has already locked the AtomicPtr's mutex. auto thread2 = thread_factory_.createThread( [&str]() { str.get([]() -> std::string* { return new std::string("thread2"); }); }, Options{"thread2"}); EXPECT_EQ("thread2", thread2->name()); // Now let thread1's initializer finish. sync.signal("creator"); thread1->join(); thread2->join(); // Now ensure the "thread1" value sticks past the thread lifetimes. bool called = false; EXPECT_EQ("thread1", *str.get([&called]() -> std::string* { called = true; return nullptr; })); EXPECT_FALSE(called); } // Same test as AtomicPtrDeleteOnDestruct, except the allocator callbacks return // pointers to locals, rather than allocating the strings on the heap. TEST_F(ThreadAsyncPtrTest, DoNotDelete) { const std::string thread1_str("thread1"); const std::string thread2_str("thread2"); AtomicPtr str; ThreadSynchronizer sync; sync.enable(); sync.waitOn("creator"); // On thread1, we will lazily instantiate the string as "thread1". However // in the creation function we will block on a sync-point. auto thread1 = thread_factory_.createThread( [&str, &sync, &thread1_str]() { str.get([&sync, &thread1_str]() -> const std::string* { sync.syncPoint("creator"); return &thread1_str; }); }, Options{"thread1"}); sync.barrierOn("creator"); // Now spawn a separate thread that will attempt to lazy-initialize the // string as "thread2", but that allocator will never run because // the allocator on thread1 has already locked the AtomicPtr's mutex. auto thread2 = thread_factory_.createThread( [&str, &thread2_str]() { str.get([&thread2_str]() -> const std::string* { return &thread2_str; }); }, Options{"thread2"}); // Now let thread1's initializer finish. sync.signal("creator"); thread1->join(); thread2->join(); // Now ensure the "thread1" value sticks past the thread lifetimes. bool called = false; EXPECT_EQ("thread1", *str.get([&called]() -> std::string* { called = true; return nullptr; })); EXPECT_FALSE(called); } TEST_F(ThreadAsyncPtrTest, ThreadSpammer) { AtomicPtr str; absl::Notification go; constexpr uint32_t num_threads = 100; AtomicPtr answer; uint32_t calls = 0; auto thread_fn = [&go, &answer, &calls]() { go.WaitForNotification(); answer.get([&calls]() { ++calls; return new uint32_t(42); }); }; std::vector threads; for (uint32_t i = 0; i < num_threads; ++i) { std::string name = absl::StrCat("thread", i); threads.emplace_back(thread_factory_.createThread(thread_fn, Options{name})); EXPECT_EQ(name, threads.back()->name()); } EXPECT_EQ(0, calls); go.Notify(); for (auto& thread : threads) { thread->join(); } EXPECT_EQ(1, calls); EXPECT_EQ(42, *answer.get([&calls]() { ++calls; return nullptr; })); EXPECT_EQ(1, calls); } // Tests that null can be allocated, but the allocator will be re-called each // time until a non-null result is returned. TEST_F(ThreadAsyncPtrTest, Null) { AtomicPtr str; uint32_t calls = 0; EXPECT_EQ(nullptr, str.get([&calls]() -> std::string* { ++calls; return nullptr; })); EXPECT_EQ(nullptr, str.get([&calls]() -> std::string* { ++calls; return nullptr; })); EXPECT_EQ(2, calls); EXPECT_EQ("x", *str.get([&calls]() -> std::string* { ++calls; return new std::string("x"); })); EXPECT_EQ(3, calls); EXPECT_EQ("x", *str.get([&calls]() -> std::string* { ++calls; return nullptr; })); EXPECT_EQ(3, calls); // allocator was not called this last time. } // Tests array semantics. Note that AtomicPtr is implemented a 1-element // AtomicPtrArray, so there's no need to repeat the complex thread-race test // from AtomicPtr. TEST_F(ThreadAsyncPtrTest, Array) { const uint32_t size = 5; AtomicPtrArray strs; for (uint32_t i = 0; i < size; ++i) { std::string val = absl::StrCat("x", i); EXPECT_EQ(val, *strs.get(i, [&val]() -> std::string* { return new std::string(val); })); } for (uint32_t i = 0; i < size; ++i) { std::string val = absl::StrCat("x", i); // Second time through the array, the allocator will not be called, but // we'll have all the expected values returned from get. bool called = false; EXPECT_EQ(val, *strs.get(i, [&called]() -> std::string* { called = true; return nullptr; })); EXPECT_FALSE(called); } } TEST_F(ThreadAsyncPtrTest, ManagedAlloc) { const uint32_t size = 5; std::vector> pool; AtomicPtrArray strs; for (uint32_t i = 0; i < size; ++i) { std::string val = absl::StrCat("x", i); EXPECT_EQ(val, *strs.get(i, [&pool, &val]() -> std::string* { pool.emplace_back(std::make_unique(val)); return pool.back().get(); })); } } TEST_F(ThreadAsyncPtrTest, TruncateWait) { absl::Notification notify; auto thread = thread_factory_.createThread([¬ify]() { notify.WaitForNotification(); }, Options{"this name is way too long for posix"}); notify.Notify(); // To make this test work on multiple platforms, just assume the first 10 characters // are retained. EXPECT_THAT(thread->name(), testing::StartsWith("this name ")); thread->join(); } TEST_F(ThreadAsyncPtrTest, TruncateNoWait) { auto thread = thread_factory_.createThread([]() {}, Options{"this name is way too long for posix"}); // In general, across platforms, just assume the first 10 characters are // retained. EXPECT_THAT(thread->name(), testing::StartsWith("this name ")); // On Linux we can check for 15 exactly. #ifdef __linux__ EXPECT_EQ("this name is wa", thread->name()) << "truncated to 15 chars"; #endif thread->join(); } TEST_F(ThreadAsyncPtrTest, NameNotSpecifiedWait) { absl::Notification notify; auto thread = thread_factory_.createThread([¬ify]() { notify.WaitForNotification(); }); notify.Notify(); // For linux builds, the thread name defaults to the name of the // binary. However the name of the binary is different depending on whether // this is a coverage test or not. Currently, this population does not occur // for Mac or Windows. #ifdef __linux__ EXPECT_FALSE(thread->name().empty()); #endif thread->join(); } } // namespace } // namespace Thread } // namespace Envoy ================================================ FILE: test/common/common/token_bucket_impl_test.cc ================================================ #include #include "common/common/token_bucket_impl.h" #include "test/test_common/simulated_time_system.h" #include "gtest/gtest.h" namespace Envoy { class TokenBucketImplTest : public testing::Test { protected: Event::SimulatedTimeSystem time_system_; }; // Verifies TokenBucket initialization. TEST_F(TokenBucketImplTest, Initialization) { TokenBucketImpl token_bucket{1, time_system_, -1.0}; EXPECT_EQ(1, token_bucket.consume(1, false)); EXPECT_EQ(0, token_bucket.consume(1, false)); } // Verifies TokenBucket's maximum capacity. TEST_F(TokenBucketImplTest, MaxBucketSize) { TokenBucketImpl token_bucket{3, time_system_, 1}; EXPECT_EQ(3, token_bucket.consume(3, false)); time_system_.setMonotonicTime(std::chrono::seconds(10)); EXPECT_EQ(0, token_bucket.consume(4, false)); EXPECT_EQ(3, token_bucket.consume(3, false)); } // Verifies that TokenBucket can consume tokens. TEST_F(TokenBucketImplTest, Consume) { TokenBucketImpl token_bucket{10, time_system_, 1}; EXPECT_EQ(0, token_bucket.consume(20, false)); EXPECT_EQ(9, token_bucket.consume(9, false)); EXPECT_EQ(1, token_bucket.consume(1, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(999)); EXPECT_EQ(0, token_bucket.consume(1, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(5999)); EXPECT_EQ(0, token_bucket.consume(6, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(6000)); EXPECT_EQ(6, token_bucket.consume(6, false)); EXPECT_EQ(0, token_bucket.consume(1, false)); } // Verifies that TokenBucket can refill tokens. TEST_F(TokenBucketImplTest, Refill) { TokenBucketImpl token_bucket{1, time_system_, 0.5}; EXPECT_EQ(1, token_bucket.consume(1, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(500)); EXPECT_EQ(0, token_bucket.consume(1, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(1500)); EXPECT_EQ(0, token_bucket.consume(1, false)); time_system_.setMonotonicTime(std::chrono::milliseconds(2000)); EXPECT_EQ(1, token_bucket.consume(1, false)); } TEST_F(TokenBucketImplTest, NextTokenAvailable) { TokenBucketImpl token_bucket{10, time_system_, 5}; EXPECT_EQ(9, token_bucket.consume(9, false)); EXPECT_EQ(std::chrono::milliseconds(0), token_bucket.nextTokenAvailable()); EXPECT_EQ(1, token_bucket.consume(1, false)); EXPECT_EQ(0, token_bucket.consume(1, false)); EXPECT_EQ(std::chrono::milliseconds(200), token_bucket.nextTokenAvailable()); } // Test partial consumption of tokens. TEST_F(TokenBucketImplTest, PartialConsumption) { TokenBucketImpl token_bucket{16, time_system_, 16}; EXPECT_EQ(16, token_bucket.consume(18, true)); EXPECT_EQ(std::chrono::milliseconds(63), token_bucket.nextTokenAvailable()); time_system_.advanceTimeWait(std::chrono::milliseconds(62)); EXPECT_EQ(0, token_bucket.consume(1, true)); time_system_.advanceTimeWait(std::chrono::milliseconds(1)); EXPECT_EQ(1, token_bucket.consume(2, true)); EXPECT_EQ(std::chrono::milliseconds(63), token_bucket.nextTokenAvailable()); } // Test reset functionality. TEST_F(TokenBucketImplTest, Reset) { TokenBucketImpl token_bucket{16, time_system_, 16}; token_bucket.reset(1); EXPECT_EQ(1, token_bucket.consume(2, true)); EXPECT_EQ(std::chrono::milliseconds(63), token_bucket.nextTokenAvailable()); } } // namespace Envoy ================================================ FILE: test/common/common/utility_corpus/test ================================================ hello world ================================================ FILE: test/common/common/utility_fuzz_test.cc ================================================ #include "common/common/utility.h" #include "test/fuzz/fuzz_runner.h" #include "absl/strings/match.h" #include "absl/strings/string_view.h" namespace Envoy { namespace Fuzz { namespace { DEFINE_FUZZER(const uint8_t* buf, size_t len) { { uint64_t out; const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::atoull(string_buffer.c_str(), out); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::escape(string_buffer); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::toUpper(string_buffer); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::trim(string_buffer); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::ltrim(string_buffer); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::rtrim(string_buffer); } if (len > 0) { const size_t split_point = *reinterpret_cast(buf) % len; // (string_buffer.substr(0, split_point), string_buffer.substr(split_point)) // @param1: substring of buffer from beginning to split_point // @param2: substring of buffer from split_point to end of the string { const std::string string_buffer(reinterpret_cast(buf), len); absl::EndsWith(string_buffer.substr(0, split_point), string_buffer.substr(split_point)); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::cropLeft(string_buffer.substr(0, split_point), string_buffer.substr(split_point)); } { const std::string string_buffer(reinterpret_cast(buf), len); StringUtil::cropRight(string_buffer.substr(0, split_point), string_buffer.substr(split_point)); } { const std::string string_buffer(reinterpret_cast(buf), len); // sample random bit to use as the whitespace flag bool trimWhitespace = split_point & 1; const size_t split_point2 = len > 1 ? reinterpret_cast(buf)[1] % len : split_point; const size_t split1 = std::min(split_point, split_point2); const size_t split2 = std::max(split_point, split_point2); StringUtil::findToken(string_buffer.substr(0, split1), string_buffer.substr(split1, split2 - split2), string_buffer.substr(split2), trimWhitespace); } } } } // namespace } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/common/utility_speed_test.cc ================================================ // Note: this should be run with --compilation_mode=opt, and would benefit from a // quiescent system with disabled cstate power management. #include #include "common/common/assert.h" #include "common/common/utility.h" #include "absl/strings/string_view.h" #include "benchmark/benchmark.h" namespace Envoy { static const char TextToTrim[] = "\t the quick brown fox jumps over the lazy dog\n\r\n"; static size_t TextToTrimLength = sizeof(TextToTrim) - 1; static const char AlreadyTrimmed[] = "the quick brown fox jumps over the lazy dog"; static size_t AlreadyTrimmedLength = sizeof(AlreadyTrimmed) - 1; static const char CacheControl[] = "private, max-age=300, no-transform"; static size_t CacheControlLength = sizeof(CacheControl) - 1; // NOLINT(namespace-envoy) static void BM_AccessLogDateTimeFormatter(benchmark::State& state) { int outputBytes = 0; // Generate a sequence of times for which the delta between each successive // pair of times is uniformly distributed in the range (-10ms, 20ms). // This is meant to simulate the situation where requests handled at // approximately the same time may get logged out of order. static Envoy::SystemTime time(std::chrono::seconds(1522796769)); static std::mt19937 prng(1); // PRNG with a fixed seed, for repeatability static std::uniform_int_distribution distribution(-10, 20); for (auto _ : state) { // TODO(brian-pane): The next line, which computes the next input timestamp, // currently accounts for ~30% of the CPU time of this benchmark test. If // the AccessLogDateTimeFormatter implementation is optimized further, we // should precompute a sequence of input timestamps so the benchmark's own // overhead won't obscure changes in the speed of the code being benchmarked. time += std::chrono::milliseconds(static_cast(distribution(prng))); outputBytes += Envoy::AccessLogDateTimeFormatter::fromTime(time).length(); } benchmark::DoNotOptimize(outputBytes); } BENCHMARK(BM_AccessLogDateTimeFormatter); // This benchmark is basically similar with the above BM_AccessLogDateTimeFormatter, the only // difference is the format string input for the Envoy::DateFormatter. static void BM_DateTimeFormatterWithSubseconds(benchmark::State& state) { int outputBytes = 0; Envoy::SystemTime time(std::chrono::seconds(1522796769)); std::mt19937 prng(1); std::uniform_int_distribution distribution(-10, 20); Envoy::DateFormatter date_formatter("%Y-%m-%dT%H:%M:%s.%3f"); for (auto _ : state) { time += std::chrono::milliseconds(static_cast(distribution(prng))); outputBytes += date_formatter.fromTime(time).length(); } benchmark::DoNotOptimize(outputBytes); } BENCHMARK(BM_DateTimeFormatterWithSubseconds); // This benchmark is basically similar with the above BM_DateTimeFormatterWithSubseconds, the // differences are: 1. the format string input is long with duplicated subseconds. 2. The purpose // is to test DateFormatter.parse() which is called in constructor. // NOLINTNEXTLINE(readability-identifier-naming) static void BM_DateTimeFormatterWithLongSubsecondsString(benchmark::State& state) { int outputBytes = 0; Envoy::SystemTime time(std::chrono::seconds(1522796769)); std::mt19937 prng(1); std::uniform_int_distribution distribution(-10, 20); std::string input; int num_duplicates = 400; std::string duplicate_input = "%%1f %1f, %2f, %3f, %4f, "; for (int i = 0; i < num_duplicates; i++) { absl::StrAppend(&input, duplicate_input, "("); } absl::StrAppend(&input, duplicate_input); for (auto _ : state) { Envoy::DateFormatter date_formatter(input); time += std::chrono::milliseconds(static_cast(distribution(prng))); outputBytes += date_formatter.fromTime(time).length(); } benchmark::DoNotOptimize(outputBytes); } BENCHMARK(BM_DateTimeFormatterWithLongSubsecondsString); // NOLINTNEXTLINE(readability-identifier-naming) static void BM_DateTimeFormatterWithoutSubseconds(benchmark::State& state) { int outputBytes = 0; Envoy::SystemTime time(std::chrono::seconds(1522796769)); std::mt19937 prng(1); std::uniform_int_distribution distribution(-10, 20); Envoy::DateFormatter date_formatter("%Y-%m-%dT%H:%M:%s"); for (auto _ : state) { time += std::chrono::milliseconds(static_cast(distribution(prng))); outputBytes += date_formatter.fromTime(time).length(); } benchmark::DoNotOptimize(outputBytes); } BENCHMARK(BM_DateTimeFormatterWithoutSubseconds); static void BM_RTrimStringView(benchmark::State& state) { int accum = 0; for (auto _ : state) { absl::string_view text(TextToTrim, TextToTrimLength); text = Envoy::StringUtil::rtrim(text); accum += TextToTrimLength - text.size(); } benchmark::DoNotOptimize(accum); } BENCHMARK(BM_RTrimStringView); static void BM_RTrimStringViewAlreadyTrimmed(benchmark::State& state) { int accum = 0; for (auto _ : state) { absl::string_view text(AlreadyTrimmed, AlreadyTrimmedLength); text = Envoy::StringUtil::rtrim(text); accum += AlreadyTrimmedLength - text.size(); } benchmark::DoNotOptimize(accum); } BENCHMARK(BM_RTrimStringViewAlreadyTrimmed); static void BM_RTrimStringViewAlreadyTrimmedAndMakeString(benchmark::State& state) { int accum = 0; for (auto _ : state) { absl::string_view text(AlreadyTrimmed, AlreadyTrimmedLength); std::string string_copy = std::string(Envoy::StringUtil::rtrim(text)); accum += AlreadyTrimmedLength - string_copy.size(); } benchmark::DoNotOptimize(accum); } BENCHMARK(BM_RTrimStringViewAlreadyTrimmedAndMakeString); static void BM_FindToken(benchmark::State& state) { const absl::string_view cache_control(CacheControl, CacheControlLength); for (auto _ : state) { RELEASE_ASSERT(Envoy::StringUtil::findToken(cache_control, ",", "no-transform"), ""); } } BENCHMARK(BM_FindToken); static bool nextToken(absl::string_view& str, char delim, bool strip_whitespace, absl::string_view* token) { while (!str.empty()) { absl::string_view::size_type pos = str.find(delim); if (pos == absl::string_view::npos) { *token = str.substr(0, str.size()); str.remove_prefix(str.size()); // clears str } else { *token = str.substr(0, pos); str.remove_prefix(pos + 1); // move past token and delim } if (strip_whitespace) { *token = Envoy::StringUtil::trim(*token); } if (!token->empty()) { return true; } } return false; } // Experimental alternative implementation of StringUtil::findToken which doesn't create // a temp vector, but just iterates through the string_view, tokenizing, and matching against // the token we want. It appears to be about 2.5x to 3x faster on this testcase. static bool findTokenWithoutSplitting(absl::string_view str, char delim, absl::string_view token, bool strip_whitespace) { for (absl::string_view tok; nextToken(str, delim, strip_whitespace, &tok);) { if (tok == token) { return true; } } return false; } static void BM_FindTokenWithoutSplitting(benchmark::State& state) { const absl::string_view cache_control(CacheControl, CacheControlLength); for (auto _ : state) { RELEASE_ASSERT(findTokenWithoutSplitting(cache_control, ',', "no-transform", true), ""); } } BENCHMARK(BM_FindTokenWithoutSplitting); static void BM_FindTokenValueNestedSplit(benchmark::State& state) { const absl::string_view cache_control(CacheControl, CacheControlLength); absl::string_view max_age; for (auto _ : state) { for (absl::string_view token : Envoy::StringUtil::splitToken(cache_control, ",")) { auto name_value = Envoy::StringUtil::splitToken(token, "="); if ((name_value.size() == 2) && (Envoy::StringUtil::trim(name_value[0]) == "max-age")) { max_age = Envoy::StringUtil::trim(name_value[1]); } } RELEASE_ASSERT(max_age == "300", ""); } } BENCHMARK(BM_FindTokenValueNestedSplit); static void BM_FindTokenValueSearchForEqual(benchmark::State& state) { for (auto _ : state) { const absl::string_view cache_control(CacheControl, CacheControlLength); absl::string_view max_age; for (absl::string_view token : Envoy::StringUtil::splitToken(cache_control, ",")) { absl::string_view::size_type equals = token.find('='); if (equals != absl::string_view::npos && Envoy::StringUtil::trim(token.substr(0, equals)) == "max-age") { max_age = Envoy::StringUtil::trim(token.substr(equals + 1)); } } RELEASE_ASSERT(max_age == "300", ""); } } BENCHMARK(BM_FindTokenValueSearchForEqual); static void BM_FindTokenValueNoSplit(benchmark::State& state) { for (auto _ : state) { absl::string_view cache_control(CacheControl, CacheControlLength); absl::string_view max_age; for (absl::string_view token; nextToken(cache_control, ',', true, &token);) { absl::string_view name; if (nextToken(token, '=', true, &name) && (name == "max-age")) { max_age = Envoy::StringUtil::trim(token); } } RELEASE_ASSERT(max_age == "300", ""); } } BENCHMARK(BM_FindTokenValueNoSplit); static void BM_RemoveTokensLong(benchmark::State& state) { auto size = state.range(0); std::string input(size, ','); std::vector to_remove; StringUtil::CaseUnorderedSet to_remove_set; for (decltype(size) i = 0; i < size; i++) { to_remove.push_back(std::to_string(i)); } for (int i = 0; i < size; i++) { if (i & 1) { to_remove_set.insert(to_remove[i]); } input.append(","); input.append(to_remove[i]); } for (auto _ : state) { Envoy::StringUtil::removeTokens(input, ",", to_remove_set, ","); state.SetBytesProcessed(static_cast(state.iterations()) * input.size()); } } BENCHMARK(BM_RemoveTokensLong)->Range(8, 8 << 10); static void BM_IntervalSetInsert17(benchmark::State& state) { for (auto _ : state) { Envoy::IntervalSetImpl interval_set; interval_set.insert(7, 10); interval_set.insert(-2, -1); interval_set.insert(22, 23); interval_set.insert(8, 15); interval_set.insert(5, 12); interval_set.insert(3, 3); interval_set.insert(3, 4); interval_set.insert(2, 4); interval_set.insert(3, 6); interval_set.insert(18, 19); interval_set.insert(16, 17); interval_set.insert(19, 20); interval_set.insert(3, 6); interval_set.insert(3, 20); interval_set.insert(3, 22); interval_set.insert(23, 9223372036854775806UL); interval_set.insert(24, 9223372036854775805UL); } } BENCHMARK(BM_IntervalSetInsert17); static void BM_IntervalSet4ToVector(benchmark::State& state) { Envoy::IntervalSetImpl interval_set; interval_set.insert(7, 10); interval_set.insert(-2, -1); interval_set.insert(22, 23); interval_set.insert(8, 15); for (auto _ : state) { benchmark::DoNotOptimize(interval_set.toVector()); } } BENCHMARK(BM_IntervalSet4ToVector); static void BM_IntervalSet50ToVector(benchmark::State& state) { Envoy::IntervalSetImpl interval_set; for (size_t i = 0; i < 100; i += 2) { interval_set.insert(i, i + 1); } for (auto _ : state) { benchmark::DoNotOptimize(interval_set.toVector()); } } BENCHMARK(BM_IntervalSet50ToVector); } // namespace Envoy ================================================ FILE: test/common/common/utility_test.cc ================================================ #include #include #include #include #include #include "envoy/common/exception.h" #include "common/common/utility.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::ContainerEq; #ifdef WIN32 using testing::HasSubstr; using testing::Not; #endif namespace Envoy { TEST(StringUtil, strtoull) { uint64_t out; const char* rest; static const char* test_str = "12345b"; rest = StringUtil::strtoull(test_str, out); EXPECT_NE(nullptr, rest); EXPECT_EQ('b', *rest); EXPECT_EQ(&test_str[5], rest); EXPECT_EQ(12345U, out); EXPECT_EQ(nullptr, StringUtil::strtoull("", out)); EXPECT_EQ(nullptr, StringUtil::strtoull("b123", out)); rest = StringUtil::strtoull("123", out); EXPECT_NE(nullptr, rest); EXPECT_EQ('\0', *rest); EXPECT_EQ(123U, out); EXPECT_NE(nullptr, StringUtil::strtoull(" 456", out)); EXPECT_EQ(456U, out); EXPECT_NE(nullptr, StringUtil::strtoull("00789", out)); EXPECT_EQ(789U, out); // Hex rest = StringUtil::strtoull("0x1234567890abcdefg", out, 16); EXPECT_NE(nullptr, rest); EXPECT_EQ('g', *rest); EXPECT_EQ(0x1234567890abcdefU, out); // Explicit decimal rest = StringUtil::strtoull("01234567890A", out, 10); EXPECT_NE(nullptr, rest); EXPECT_EQ('A', *rest); EXPECT_EQ(1234567890U, out); // Octal rest = StringUtil::strtoull("012345678", out, 8); EXPECT_NE(nullptr, rest); EXPECT_EQ('8', *rest); EXPECT_EQ(01234567U, out); // Binary rest = StringUtil::strtoull("01010101012", out, 2); EXPECT_NE(nullptr, rest); EXPECT_EQ('2', *rest); EXPECT_EQ(0b101010101U, out); // Verify subsequent call to strtoull succeeds after the first one // failed due to errno ERANGE EXPECT_EQ(nullptr, StringUtil::strtoull("18446744073709551616", out)); EXPECT_NE(nullptr, StringUtil::strtoull("18446744073709551615", out)); EXPECT_EQ(18446744073709551615U, out); } TEST(StringUtil, atoull) { uint64_t out; EXPECT_FALSE(StringUtil::atoull("123b", out)); EXPECT_FALSE(StringUtil::atoull("", out)); EXPECT_FALSE(StringUtil::atoull("b123", out)); EXPECT_TRUE(StringUtil::atoull("123", out)); EXPECT_EQ(123U, out); EXPECT_TRUE(StringUtil::atoull(" 456", out)); EXPECT_EQ(456U, out); EXPECT_TRUE(StringUtil::atoull("00789", out)); EXPECT_EQ(789U, out); // Verify subsequent call to atoull succeeds after the first one // failed due to errno ERANGE EXPECT_FALSE(StringUtil::atoull("18446744073709551616", out)); EXPECT_TRUE(StringUtil::atoull("18446744073709551615", out)); EXPECT_EQ(18446744073709551615U, out); } TEST(DateUtil, All) { EXPECT_FALSE(DateUtil::timePointValid(SystemTime())); DangerousDeprecatedTestTime test_time; EXPECT_TRUE(DateUtil::timePointValid(test_time.timeSystem().systemTime())); } TEST(DateUtil, NowToMilliseconds) { Event::SimulatedTimeSystem test_time; const SystemTime time_with_millis(std::chrono::seconds(12345) + std::chrono::milliseconds(67)); test_time.setSystemTime(time_with_millis); EXPECT_EQ(12345067, DateUtil::nowToMilliseconds(test_time)); } TEST(InputConstMemoryStream, All) { { InputConstMemoryStream istream{nullptr, 0}; std::string s; istream >> s; EXPECT_TRUE(s.empty()); EXPECT_TRUE(istream.eof()); } { std::string data{"123"}; InputConstMemoryStream istream{data.data(), data.size()}; int x; istream >> x; EXPECT_EQ(123, x); EXPECT_TRUE(istream.eof()); } } TEST(StringUtil, WhitespaceChars) { EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, ' ')); EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, '\t')); EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, '\f')); EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, '\v')); EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, '\n')); EXPECT_NE(nullptr, strchr(StringUtil::WhitespaceChars, '\r')); } TEST(StringUtil, itoa) { char buf[32]; EXPECT_THROW(StringUtil::itoa(buf, 20, 1), std::invalid_argument); EXPECT_EQ(1UL, StringUtil::itoa(buf, sizeof(buf), 0)); EXPECT_STREQ("0", buf); EXPECT_EQ(2UL, StringUtil::itoa(buf, sizeof(buf), 10)); EXPECT_STREQ("10", buf); EXPECT_EQ(10UL, StringUtil::itoa(buf, sizeof(buf), 1234567890)); EXPECT_STREQ("1234567890", buf); EXPECT_EQ(20UL, StringUtil::itoa(buf, sizeof(buf), std::numeric_limits::max())); EXPECT_STREQ("18446744073709551615", buf); } TEST(StringUtil, strlcpy) { { char dest[6]; EXPECT_EQ(5U, StringUtil::strlcpy(dest, std::string{"hello"}.c_str(), sizeof(dest))); EXPECT_STREQ("hello", dest); } { char dest[6]; EXPECT_EQ(5U, StringUtil::strlcpy(dest, std::string{"hello"}.c_str(), 3)); EXPECT_STREQ("he", dest); } { char dest[3]; EXPECT_EQ(5U, StringUtil::strlcpy(dest, std::string{"hello"}.c_str(), sizeof(dest))); EXPECT_STREQ("he", dest); } { char dest[3]; EXPECT_EQ(0U, StringUtil::strlcpy(dest, std::string{""}.c_str(), sizeof(dest))); EXPECT_STREQ("", dest); } { char dest[3] = "yo"; EXPECT_EQ(1U, StringUtil::strlcpy(dest, std::string{"a"}.c_str(), sizeof(dest))); EXPECT_STREQ("a", dest); EXPECT_EQ(10U, StringUtil::strlcpy(dest, std::string{"absolutely"}.c_str(), sizeof(dest))); EXPECT_STREQ("ab", dest); } } TEST(StringUtil, escape) { EXPECT_EQ(StringUtil::escape("hello world"), "hello world"); EXPECT_EQ(StringUtil::escape("hello\nworld\n"), "hello\\nworld\\n"); EXPECT_EQ(StringUtil::escape("\t\nworld\r\n"), "\\t\\nworld\\r\\n"); EXPECT_EQ(StringUtil::escape("{\"linux\": \"penguin\"}"), "{\\\"linux\\\": \\\"penguin\\\"}"); } TEST(StringUtil, toUpper) { EXPECT_EQ(StringUtil::toUpper(""), ""); EXPECT_EQ(StringUtil::toUpper("a"), "A"); EXPECT_EQ(StringUtil::toUpper("Ba"), "BA"); EXPECT_EQ(StringUtil::toUpper("X asdf aAf"), "X ASDF AAF"); } TEST(StringUtil, StringViewLtrim) { EXPECT_EQ("", StringUtil::ltrim(" ")); EXPECT_EQ("hello \t\f\v\n\r", StringUtil::ltrim(" hello \t\f\v\n\r")); EXPECT_EQ("hello ", StringUtil::ltrim("\t\f\v\n\r hello ")); EXPECT_EQ("a b ", StringUtil::ltrim("\t\f\v\n\ra b ")); EXPECT_EQ("", StringUtil::ltrim("\t\f\v\n\r")); EXPECT_EQ("", StringUtil::ltrim("")); } TEST(StringUtil, StringViewRtrim) { EXPECT_EQ("", StringUtil::rtrim(" ")); EXPECT_EQ("\t\f\v\n\rhello", StringUtil::rtrim("\t\f\v\n\rhello ")); EXPECT_EQ("\t\f\v\n\r a b", StringUtil::rtrim("\t\f\v\n\r a b \t\f\v\n\r")); EXPECT_EQ("", StringUtil::rtrim("\t\f\v\n\r")); EXPECT_EQ("", StringUtil::rtrim("")); } TEST(StringUtil, RemoveTrailingCharacters) { EXPECT_EQ("", StringUtil::removeTrailingCharacters("......", '.')); EXPECT_EQ("\t\f\v\n\rhello ", StringUtil::removeTrailingCharacters("\t\f\v\n\rhello ", '.')); EXPECT_EQ("\t\f\v\n\r a b", StringUtil::removeTrailingCharacters("\t\f\v\n\r a b.......", '.')); EXPECT_EQ("", StringUtil::removeTrailingCharacters("", '.')); } TEST(StringUtil, StringViewTrim) { EXPECT_EQ("", StringUtil::trim(" ")); EXPECT_EQ("hello", StringUtil::trim("\t\f\v\n\r hello ")); EXPECT_EQ("he llo", StringUtil::trim(" \t\f\v\n\r he llo \t\f\v\n\r")); } TEST(StringUtil, StringViewCaseFindToken) { EXPECT_TRUE(StringUtil::caseFindToken("hello; world", ";", "HELLO")); EXPECT_FALSE(StringUtil::caseFindToken("hello; world", ";", "TEST")); EXPECT_TRUE(StringUtil::caseFindToken("heLLo; world", ";", "hello")); EXPECT_TRUE(StringUtil::caseFindToken("hello; world", ";", "hello")); EXPECT_FALSE(StringUtil::caseFindToken("hello; world", ".", "hello")); EXPECT_TRUE(StringUtil::caseFindToken("", ",", "")); EXPECT_FALSE(StringUtil::caseFindToken("", "", "a")); EXPECT_TRUE(StringUtil::caseFindToken(" ", " ", "", true)); EXPECT_FALSE(StringUtil::caseFindToken(" ", " ", "", false)); EXPECT_TRUE(StringUtil::caseFindToken("A=5", ".", "A=5")); } TEST(StringUtil, StringViewCropRight) { EXPECT_EQ("hello", StringUtil::cropRight("hello; world\t\f\v\n\r", ";")); EXPECT_EQ("foo ", StringUtil::cropRight("foo ; ; ; ; ; ; ", ";")); EXPECT_EQ("", StringUtil::cropRight(";hello world\t\f\v\n\r", ";")); EXPECT_EQ(" hel", StringUtil::cropRight(" hello alo\t\f\v\n\r", "lo")); EXPECT_EQ("\t\f\v\n\rhe 1", StringUtil::cropRight("\t\f\v\n\rhe 12\t\f\v\n\r", "2")); EXPECT_EQ("hello", StringUtil::cropRight("hello alo\t\f\v\n\r", " a")); EXPECT_EQ("hello ", StringUtil::cropRight("hello alo\t\f\v\n\r", "a")); EXPECT_EQ("abcd", StringUtil::cropRight("abcd", ";")); } TEST(StringUtil, StringViewCropLeft) { EXPECT_EQ(" world\t\f\v\n\r", StringUtil::cropLeft("hello; world\t\f\v\n\r", ";")); EXPECT_EQ("hello world ", StringUtil::cropLeft(";hello world ", ";")); EXPECT_EQ("\t\f\v\n\ralo", StringUtil::cropLeft("\t\f\v\n\rhello\t\f\v\n\ralo", "lo")); EXPECT_EQ("2\t\f\v\n\r", StringUtil::cropLeft("\t\f\v\n\rhe 12\t\f\v\n\r", "1")); EXPECT_EQ("lo\t\f\v\n\r", StringUtil::cropLeft("hello alo\t\f\v\n\r", " a")); EXPECT_EQ(" ; ; ; ; ", StringUtil::cropLeft("foo ; ; ; ; ; ", ";")); EXPECT_EQ("abcd", StringUtil::cropLeft("abcd", ";")); EXPECT_EQ("", StringUtil::cropLeft("abcd", "abcd")); } TEST(StringUtil, StringViewFindToken) { EXPECT_TRUE(StringUtil::findToken("hello; world", ";", "hello")); EXPECT_TRUE(StringUtil::findToken("abc; type=text", ";=", "text")); EXPECT_TRUE(StringUtil::findToken("abc; type=text", ";=", "abc")); EXPECT_TRUE(StringUtil::findToken("abc; type=text", ";=", "type")); EXPECT_FALSE(StringUtil::findToken("abc; type=text", ";=", " ")); EXPECT_TRUE(StringUtil::findToken("abc; type=text", ";=", " type", false)); EXPECT_FALSE(StringUtil::findToken("hello; world", ".", "hello")); EXPECT_TRUE(StringUtil::findToken("", ",", "")); EXPECT_FALSE(StringUtil::findToken("", "", "a")); EXPECT_TRUE(StringUtil::findToken(" ", " ", "", true)); EXPECT_FALSE(StringUtil::findToken(" ", " ", "", false)); EXPECT_TRUE(StringUtil::findToken("A=5", ".", "A=5")); } TEST(StringUtil, StringViewCaseInsensitiveHash) { EXPECT_EQ(8972312556107145900U, StringUtil::CaseInsensitiveHash()("hello world")); } TEST(StringUtil, StringViewCaseInsensitiveCompare) { EXPECT_TRUE(StringUtil::CaseInsensitiveCompare()("hello world", "hello world")); EXPECT_TRUE(StringUtil::CaseInsensitiveCompare()("HELLO world", "hello world")); EXPECT_FALSE(StringUtil::CaseInsensitiveCompare()("hello!", "hello world")); } TEST(StringUtil, StringViewCaseUnorderedSet) { StringUtil::CaseUnorderedSet words{"Test", "hello", "WORLD", "Test"}; EXPECT_EQ(3, words.size()); EXPECT_EQ("Test", *(words.find("test"))); EXPECT_EQ("hello", *(words.find("HELLO"))); EXPECT_EQ("WORLD", *(words.find("world"))); EXPECT_EQ(words.end(), words.find("hello world")); } TEST(StringUtil, StringViewSplit) { { auto tokens = StringUtil::splitToken(" one , two , three ", ",", true); EXPECT_EQ(3, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " one ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " two ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " three ") != tokens.end()); EXPECT_FALSE(std::find(tokens.begin(), tokens.end(), "one") != tokens.end()); } { auto tokens = StringUtil::splitToken(" one , two , three ", ","); EXPECT_EQ(3, tokens.size()); EXPECT_FALSE(std::find(tokens.begin(), tokens.end(), "one") != tokens.end()); EXPECT_FALSE(std::find(tokens.begin(), tokens.end(), "two") != tokens.end()); EXPECT_FALSE(std::find(tokens.begin(), tokens.end(), "three") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " one ") != tokens.end()); } { auto tokens = StringUtil::splitToken(" one , , three=five ", ",=", true); EXPECT_EQ(4, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " one ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " three") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "five ") != tokens.end()); } { EXPECT_EQ(std::vector{"hello"}, StringUtil::splitToken(",hello", ",")); EXPECT_EQ(std::vector{}, StringUtil::splitToken("", ",")); EXPECT_EQ(std::vector{"a"}, StringUtil::splitToken("a", ",")); EXPECT_EQ(std::vector{"hello"}, StringUtil::splitToken("hello,", ",")); EXPECT_EQ(std::vector{"hello"}, StringUtil::splitToken(",hello", ",")); EXPECT_EQ(std::vector{"hello"}, StringUtil::splitToken("hello, ", ", ")); EXPECT_EQ(std::vector{}, StringUtil::splitToken(",,", ",")); EXPECT_THAT(std::vector({"h", "e", "l", "l", "o"}), ContainerEq(StringUtil::splitToken("hello", ""))); EXPECT_THAT(std::vector({"hello", "world"}), ContainerEq(StringUtil::splitToken("hello world", " "))); EXPECT_THAT(std::vector({"hello", "world"}), ContainerEq(StringUtil::splitToken("hello world", " "))); EXPECT_THAT(std::vector({"", "", "hello", "world"}), ContainerEq(StringUtil::splitToken(" hello world", " ", true))); EXPECT_THAT(std::vector({"hello", "world", ""}), ContainerEq(StringUtil::splitToken("hello world ", " ", true))); EXPECT_THAT(std::vector({"hello", "world"}), ContainerEq(StringUtil::splitToken("hello world", " ", true))); } { auto tokens = StringUtil::splitToken(" one , two , three ", ",", true, true); EXPECT_EQ(3, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "one") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "two") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "three") != tokens.end()); } { auto tokens = StringUtil::splitToken(" one , , three=five ", ",=", true, true); EXPECT_EQ(4, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "one") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "three") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "five") != tokens.end()); } { auto tokens = StringUtil::splitToken(" one , , three=five ", ",=", false, true); EXPECT_EQ(3, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "one") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "three") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "five") != tokens.end()); } { auto tokens = StringUtil::splitToken(" one , , three=five ", ",=", false); EXPECT_EQ(4, tokens.size()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " one ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " ") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), " three") != tokens.end()); EXPECT_TRUE(std::find(tokens.begin(), tokens.end(), "five ") != tokens.end()); } } TEST(StringUtil, StringViewRemoveTokens) { // Basic cases. EXPECT_EQ(StringUtil::removeTokens("", ",", {"two"}, ","), ""); EXPECT_EQ(StringUtil::removeTokens("one", ",", {"two"}, ","), "one"); EXPECT_EQ(StringUtil::removeTokens("one,two ", ",", {"two"}, ","), "one"); EXPECT_EQ(StringUtil::removeTokens("one,two ", ",", {"two", "one"}, ","), ""); EXPECT_EQ(StringUtil::removeTokens("one,two ", ",", {"one"}, ","), "two"); EXPECT_EQ(StringUtil::removeTokens("one,two,three ", ",", {"two"}, ","), "one,three"); EXPECT_EQ(StringUtil::removeTokens(" one , two , three ", ",", {"two"}, ","), "one,three"); EXPECT_EQ(StringUtil::removeTokens(" one , two , three ", ",", {"three"}, ","), "one,two"); EXPECT_EQ(StringUtil::removeTokens(" one , two , three ", ",", {"three"}, ", "), "one, two"); EXPECT_EQ(StringUtil::removeTokens("one,two,three", ",", {"two", "three"}, ","), "one"); EXPECT_EQ(StringUtil::removeTokens("one,two,three,four", ",", {"two", "three"}, ","), "one,four"); // Ignore case. EXPECT_EQ(StringUtil::removeTokens("One,Two,Three,Four", ",", {"two", "three"}, ","), "One,Four"); // Longer joiner. EXPECT_EQ(StringUtil::removeTokens("one,two,three,four", ",", {"two", "three"}, " , "), "one , four"); // Delimiters. EXPECT_EQ(StringUtil::removeTokens("one,two;three ", ",;", {"two"}, ","), "one,three"); } TEST(StringUtil, removeCharacters) { IntervalSetImpl removals; removals.insert(3, 5); removals.insert(7, 10); EXPECT_EQ("01256", StringUtil::removeCharacters("0123456789", removals)); removals.insert(0, 1); EXPECT_EQ("1256x", StringUtil::removeCharacters("0123456789x", removals)); } TEST(AccessLogDateTimeFormatter, fromTime) { SystemTime time1(std::chrono::seconds(1522796769)); EXPECT_EQ("2018-04-03T23:06:09.000Z", AccessLogDateTimeFormatter::fromTime(time1)); SystemTime time2(std::chrono::milliseconds(1522796769123)); EXPECT_EQ("2018-04-03T23:06:09.123Z", AccessLogDateTimeFormatter::fromTime(time2)); SystemTime time3(std::chrono::milliseconds(1522796769999)); EXPECT_EQ("2018-04-03T23:06:09.999Z", AccessLogDateTimeFormatter::fromTime(time3)); SystemTime time4(std::chrono::milliseconds(1522796768999)); EXPECT_EQ("2018-04-03T23:06:08.999Z", AccessLogDateTimeFormatter::fromTime(time4)); } TEST(Primes, isPrime) { EXPECT_TRUE(Primes::isPrime(67)); EXPECT_FALSE(Primes::isPrime(49)); EXPECT_FALSE(Primes::isPrime(102)); EXPECT_TRUE(Primes::isPrime(103)); } TEST(Primes, findPrimeLargerThan) { EXPECT_EQ(67, Primes::findPrimeLargerThan(62)); EXPECT_EQ(107, Primes::findPrimeLargerThan(103)); EXPECT_EQ(10007, Primes::findPrimeLargerThan(9991)); } class WeightedClusterEntry { public: WeightedClusterEntry(const std::string name, const uint64_t weight) : name_(name), weight_(weight) {} const std::string& clusterName() const { return name_; } uint64_t clusterWeight() const { return weight_; } private: const std::string name_; const uint64_t weight_; }; using WeightedClusterEntrySharedPtr = std::shared_ptr; TEST(WeightedClusterUtil, pickCluster) { std::vector clusters; std::unique_ptr cluster1(new WeightedClusterEntry("cluster1", 10)); clusters.emplace_back(std::move(cluster1)); std::unique_ptr cluster2(new WeightedClusterEntry("cluster2", 90)); clusters.emplace_back(std::move(cluster2)); EXPECT_EQ("cluster1", WeightedClusterUtil::pickCluster(clusters, 100, 5, false)->clusterName()); EXPECT_EQ("cluster2", WeightedClusterUtil::pickCluster(clusters, 80, 79, true)->clusterName()); } static std::string intervalSetIntToString(const IntervalSetImpl& interval_set) { std::string out; const char* prefix = ""; for (const auto& interval : interval_set.toVector()) { absl::StrAppend(&out, prefix, "[", interval.first, ", ", interval.second, ")"); prefix = ", "; } return out; } TEST(IntervalSet, testIntervalAccumulation) { IntervalSetImpl interval_set; auto insert_and_print = [&interval_set](int left, int right) -> std::string { interval_set.insert(left, right); return intervalSetIntToString(interval_set); }; EXPECT_EQ("[7, 10)", insert_and_print(7, 10)); EXPECT_EQ("[-2, -1), [7, 10)", insert_and_print(-2, -1)); // disjoint left EXPECT_EQ("[-2, -1), [7, 10), [22, 23)", insert_and_print(22, 23)); // disjoint right EXPECT_EQ("[-2, -1), [7, 15), [22, 23)", insert_and_print(8, 15)); // right overhang EXPECT_EQ("[-2, -1), [5, 15), [22, 23)", insert_and_print(5, 12)); // left overhang EXPECT_EQ("[-2, -1), [5, 15), [22, 23)", insert_and_print(3, 3)); // empty; no change EXPECT_EQ("[-2, -1), [3, 4), [5, 15), [22, 23)", // single-element add insert_and_print(3, 4)); EXPECT_EQ("[-2, -1), [2, 4), [5, 15), [22, 23)", // disjoint in middle insert_and_print(2, 4)); EXPECT_EQ("[-2, -1), [2, 15), [22, 23)", insert_and_print(3, 6)); // merge two intervals EXPECT_EQ("[-2, -1), [2, 15), [18, 19), [22, 23)", // right disjoint insert_and_print(18, 19)); EXPECT_EQ("[-2, -1), [2, 15), [16, 17), [18, 19), [22, 23)", // middle disjoint insert_and_print(16, 17)); EXPECT_EQ("[-2, -1), [2, 15), [16, 17), [18, 20), [22, 23)", // merge [18,19) and [19,20) insert_and_print(19, 20)); EXPECT_EQ("[-2, -1), [2, 15), [16, 17), [18, 20), [22, 23)", // fully enclosed; no effect insert_and_print(3, 6)); EXPECT_EQ("[-2, -1), [2, 20), [22, 23)", insert_and_print(3, 20)); // merge across 3 intervals EXPECT_EQ("[-2, -1), [2, 23)", insert_and_print(3, 22)); // merge all via overlap EXPECT_EQ("[-2, 23)", insert_and_print(-2, 23)); // merge all covering exact EXPECT_EQ("[-3, 24)", insert_and_print(-3, 24)); // merge all with overhand on both sides interval_set.clear(); EXPECT_EQ("", insert_and_print(10, 10)); EXPECT_EQ("[25, 26)", insert_and_print(25, 26)); EXPECT_EQ("[5, 11), [25, 26)", insert_and_print(5, 11)); } TEST(IntervalSet, testIntervalTargeted) { auto test = [](int left, int right) -> std::string { IntervalSetImpl interval_set; interval_set.insert(15, 20); interval_set.insert(25, 30); interval_set.insert(35, 40); interval_set.insert(left, right); return intervalSetIntToString(interval_set); }; // There are 3 spans, and there are 19 potentially interesting slots // for each coordinate, with the constraint that each left < right. // We'll do one test that left==right has no effect first. So there's // about 19^2/2 = 180 combinations, which is a lot but not too bad. Of // course many of these are essentially the same case but it's worth making // sure there's no problems in corner cases. // // initial setup: [15 20) [25 30) [35 35) // insertion points: x x x xxx x x x xxx x x x xxx x // First the corner-case of an empty insertion, leaving the input unchanged. EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(2, 2)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [) EXPECT_EQ("[2, 3), [15, 20), [25, 30), [35, 40)", test(2, 3)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ) ))) ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[2, 20), [25, 30), [35, 40)", test(2, 15)); EXPECT_EQ("[2, 20), [25, 30), [35, 40)", test(2, 17)); EXPECT_EQ("[2, 20), [25, 30), [35, 40)", test(2, 19)); EXPECT_EQ("[2, 20), [25, 30), [35, 40)", test(2, 20)); EXPECT_EQ("[2, 21), [25, 30), [35, 40)", test(2, 21)); EXPECT_EQ("[2, 23), [25, 30), [35, 40)", test(2, 23)); EXPECT_EQ("[2, 30), [35, 40)", test(2, 25)); EXPECT_EQ("[2, 30), [35, 40)", test(2, 27)); EXPECT_EQ("[2, 30), [35, 40)", test(2, 29)); EXPECT_EQ("[2, 30), [35, 40)", test(2, 30)); EXPECT_EQ("[2, 31), [35, 40)", test(2, 31)); EXPECT_EQ("[2, 33), [35, 40)", test(2, 33)); EXPECT_EQ("[2, 40)", test(2, 35)); EXPECT_EQ("[2, 40)", test(2, 37)); EXPECT_EQ("[2, 40)", test(2, 39)); EXPECT_EQ("[2, 40)", test(2, 40)); EXPECT_EQ("[2, 41)", test(2, 41)); EXPECT_EQ("[2, 43)", test(2, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ))) ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(15, 17)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(15, 19)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(15, 20)); EXPECT_EQ("[15, 21), [25, 30), [35, 40)", test(15, 21)); EXPECT_EQ("[15, 23), [25, 30), [35, 40)", test(15, 23)); EXPECT_EQ("[15, 30), [35, 40)", test(15, 25)); EXPECT_EQ("[15, 30), [35, 40)", test(15, 27)); EXPECT_EQ("[15, 30), [35, 40)", test(15, 29)); EXPECT_EQ("[15, 30), [35, 40)", test(15, 30)); EXPECT_EQ("[15, 31), [35, 40)", test(15, 31)); EXPECT_EQ("[15, 33), [35, 40)", test(15, 33)); EXPECT_EQ("[15, 40)", test(15, 35)); EXPECT_EQ("[15, 40)", test(15, 37)); EXPECT_EQ("[15, 40)", test(15, 39)); EXPECT_EQ("[15, 40)", test(15, 40)); EXPECT_EQ("[15, 41)", test(15, 41)); EXPECT_EQ("[15, 43)", test(15, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ))) ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(17, 19)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(17, 20)); EXPECT_EQ("[15, 21), [25, 30), [35, 40)", test(17, 21)); EXPECT_EQ("[15, 23), [25, 30), [35, 40)", test(17, 23)); EXPECT_EQ("[15, 30), [35, 40)", test(17, 25)); EXPECT_EQ("[15, 30), [35, 40)", test(17, 27)); EXPECT_EQ("[15, 30), [35, 40)", test(17, 29)); EXPECT_EQ("[15, 30), [35, 40)", test(17, 30)); EXPECT_EQ("[15, 31), [35, 40)", test(17, 31)); EXPECT_EQ("[15, 33), [35, 40)", test(17, 33)); EXPECT_EQ("[15, 40)", test(17, 35)); EXPECT_EQ("[15, 40)", test(17, 37)); EXPECT_EQ("[15, 40)", test(17, 39)); EXPECT_EQ("[15, 40)", test(17, 40)); EXPECT_EQ("[15, 41)", test(17, 41)); EXPECT_EQ("[15, 43)", test(17, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [)) ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(19, 20)); EXPECT_EQ("[15, 21), [25, 30), [35, 40)", test(19, 21)); EXPECT_EQ("[15, 23), [25, 30), [35, 40)", test(19, 23)); EXPECT_EQ("[15, 30), [35, 40)", test(19, 25)); EXPECT_EQ("[15, 30), [35, 40)", test(19, 27)); EXPECT_EQ("[15, 30), [35, 40)", test(19, 29)); EXPECT_EQ("[15, 30), [35, 40)", test(19, 30)); EXPECT_EQ("[15, 31), [35, 40)", test(19, 31)); EXPECT_EQ("[15, 33), [35, 40)", test(19, 33)); EXPECT_EQ("[15, 40)", test(19, 35)); EXPECT_EQ("[15, 40)", test(19, 37)); EXPECT_EQ("[15, 40)", test(19, 39)); EXPECT_EQ("[15, 40)", test(19, 40)); EXPECT_EQ("[15, 41)", test(19, 41)); EXPECT_EQ("[15, 43)", test(19, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [) ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 21), [25, 30), [35, 40)", test(20, 21)); EXPECT_EQ("[15, 23), [25, 30), [35, 40)", test(20, 23)); EXPECT_EQ("[15, 30), [35, 40)", test(20, 25)); EXPECT_EQ("[15, 30), [35, 40)", test(20, 27)); EXPECT_EQ("[15, 30), [35, 40)", test(20, 29)); EXPECT_EQ("[15, 30), [35, 40)", test(20, 30)); EXPECT_EQ("[15, 31), [35, 40)", test(20, 31)); EXPECT_EQ("[15, 33), [35, 40)", test(20, 33)); EXPECT_EQ("[15, 40)", test(20, 35)); EXPECT_EQ("[15, 40)", test(20, 37)); EXPECT_EQ("[15, 40)", test(20, 39)); EXPECT_EQ("[15, 40)", test(20, 40)); EXPECT_EQ("[15, 41)", test(20, 41)); EXPECT_EQ("[15, 43)", test(20, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [21, 23), [25, 30), [35, 40)", test(21, 23)); EXPECT_EQ("[15, 20), [21, 30), [35, 40)", test(21, 25)); EXPECT_EQ("[15, 20), [21, 30), [35, 40)", test(21, 27)); EXPECT_EQ("[15, 20), [21, 30), [35, 40)", test(21, 29)); EXPECT_EQ("[15, 20), [21, 30), [35, 40)", test(21, 30)); EXPECT_EQ("[15, 20), [21, 31), [35, 40)", test(21, 31)); EXPECT_EQ("[15, 20), [21, 33), [35, 40)", test(21, 33)); EXPECT_EQ("[15, 20), [21, 40)", test(21, 35)); EXPECT_EQ("[15, 20), [21, 40)", test(21, 37)); EXPECT_EQ("[15, 20), [21, 40)", test(21, 39)); EXPECT_EQ("[15, 20), [21, 40)", test(21, 40)); EXPECT_EQ("[15, 20), [21, 41)", test(21, 41)); EXPECT_EQ("[15, 20), [21, 43)", test(21, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [23, 30), [35, 40)", test(23, 25)); EXPECT_EQ("[15, 20), [23, 30), [35, 40)", test(23, 27)); EXPECT_EQ("[15, 20), [23, 30), [35, 40)", test(23, 29)); EXPECT_EQ("[15, 20), [23, 30), [35, 40)", test(23, 30)); EXPECT_EQ("[15, 20), [23, 31), [35, 40)", test(23, 31)); EXPECT_EQ("[15, 20), [23, 33), [35, 40)", test(23, 33)); EXPECT_EQ("[15, 20), [23, 40)", test(23, 35)); EXPECT_EQ("[15, 20), [23, 40)", test(23, 37)); EXPECT_EQ("[15, 20), [23, 40)", test(23, 39)); EXPECT_EQ("[15, 20), [23, 40)", test(23, 40)); EXPECT_EQ("[15, 20), [23, 41)", test(23, 41)); EXPECT_EQ("[15, 20), [23, 43)", test(23, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(25, 27)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(25, 29)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(25, 30)); EXPECT_EQ("[15, 20), [25, 31), [35, 40)", test(25, 31)); EXPECT_EQ("[15, 20), [25, 33), [35, 40)", test(25, 33)); EXPECT_EQ("[15, 20), [25, 40)", test(25, 35)); EXPECT_EQ("[15, 20), [25, 40)", test(25, 37)); EXPECT_EQ("[15, 20), [25, 40)", test(25, 39)); EXPECT_EQ("[15, 20), [25, 40)", test(25, 40)); EXPECT_EQ("[15, 20), [25, 41)", test(25, 41)); EXPECT_EQ("[15, 20), [25, 43)", test(25, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ))) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(27, 29)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(27, 30)); EXPECT_EQ("[15, 20), [25, 31), [35, 40)", test(27, 31)); EXPECT_EQ("[15, 20), [25, 33), [35, 40)", test(27, 33)); EXPECT_EQ("[15, 20), [25, 40)", test(27, 35)); EXPECT_EQ("[15, 20), [25, 40)", test(27, 37)); EXPECT_EQ("[15, 20), [25, 40)", test(27, 39)); EXPECT_EQ("[15, 20), [25, 40)", test(27, 40)); EXPECT_EQ("[15, 20), [25, 41)", test(27, 41)); EXPECT_EQ("[15, 20), [25, 43)", test(27, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [)) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(29, 30)); EXPECT_EQ("[15, 20), [25, 31), [35, 40)", test(29, 31)); EXPECT_EQ("[15, 20), [25, 33), [35, 40)", test(29, 33)); EXPECT_EQ("[15, 20), [25, 40)", test(29, 35)); EXPECT_EQ("[15, 20), [25, 40)", test(29, 37)); EXPECT_EQ("[15, 20), [25, 40)", test(29, 39)); EXPECT_EQ("[15, 20), [25, 40)", test(29, 40)); EXPECT_EQ("[15, 20), [25, 41)", test(29, 41)); EXPECT_EQ("[15, 20), [25, 43)", test(29, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [) ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 31), [35, 40)", test(30, 31)); EXPECT_EQ("[15, 20), [25, 33), [35, 40)", test(30, 33)); EXPECT_EQ("[15, 20), [25, 40)", test(30, 35)); EXPECT_EQ("[15, 20), [25, 40)", test(30, 37)); EXPECT_EQ("[15, 20), [25, 40)", test(30, 39)); EXPECT_EQ("[15, 20), [25, 40)", test(30, 40)); EXPECT_EQ("[15, 20), [25, 41)", test(30, 41)); EXPECT_EQ("[15, 20), [25, 43)", test(30, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [31, 33), [35, 40)", test(31, 33)); EXPECT_EQ("[15, 20), [25, 30), [31, 40)", test(31, 35)); EXPECT_EQ("[15, 20), [25, 30), [31, 40)", test(31, 37)); EXPECT_EQ("[15, 20), [25, 30), [31, 40)", test(31, 39)); EXPECT_EQ("[15, 20), [25, 30), [31, 40)", test(31, 40)); EXPECT_EQ("[15, 20), [25, 30), [31, 41)", test(31, 41)); EXPECT_EQ("[15, 20), [25, 30), [31, 43)", test(31, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [33, 40)", test(33, 35)); EXPECT_EQ("[15, 20), [25, 30), [33, 40)", test(33, 37)); EXPECT_EQ("[15, 20), [25, 30), [33, 40)", test(33, 39)); EXPECT_EQ("[15, 20), [25, 30), [33, 40)", test(33, 40)); EXPECT_EQ("[15, 20), [25, 30), [33, 41)", test(33, 41)); EXPECT_EQ("[15, 20), [25, 30), [33, 43)", test(33, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(35, 37)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(35, 39)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(35, 40)); EXPECT_EQ("[15, 20), [25, 30), [35, 41)", test(35, 41)); EXPECT_EQ("[15, 20), [25, 30), [35, 43)", test(35, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ))) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(37, 39)); EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(37, 40)); EXPECT_EQ("[15, 20), [25, 30), [35, 41)", test(37, 41)); EXPECT_EQ("[15, 20), [25, 30), [35, 43)", test(37, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [)) ) EXPECT_EQ("[15, 20), [25, 30), [35, 40)", test(39, 40)); EXPECT_EQ("[15, 20), [25, 30), [35, 41)", test(39, 41)); EXPECT_EQ("[15, 20), [25, 30), [35, 43)", test(39, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [) ) EXPECT_EQ("[15, 20), [25, 30), [35, 41)", test(40, 41)); EXPECT_EQ("[15, 20), [25, 30), [35, 43)", test(40, 43)); // initial setup: [15 20) [25 30) [35 35) // insertion points: [ ) EXPECT_EQ("[15, 20), [25, 30), [35, 40), [41, 43)", test(41, 43)); } TEST(WelfordStandardDeviation, AllEntriesTheSame) { WelfordStandardDeviation wsd; wsd.update(10); wsd.update(10); wsd.update(10); EXPECT_EQ(10, wsd.mean()); EXPECT_EQ(0, wsd.computeStandardDeviation()); } TEST(WelfordStandardDeviation, SmallVariance) { WelfordStandardDeviation wsd; wsd.update(10); wsd.update(10); wsd.update(10); wsd.update(9); wsd.update(11); EXPECT_LT(0.5, wsd.computeStandardDeviation()); EXPECT_GT(1.0, wsd.computeStandardDeviation()); EXPECT_EQ(10, wsd.mean()); } TEST(WelfordStandardDeviation, HugeVariance) { WelfordStandardDeviation wsd; wsd.update(20); wsd.update(2000); wsd.update(200000); wsd.update(20000000); EXPECT_EQ(5050505, wsd.mean()); EXPECT_LT(1000, wsd.computeStandardDeviation()); } TEST(WelfordStandardDeviation, InsufficientData) { WelfordStandardDeviation wsd; wsd.update(10); EXPECT_EQ(10, wsd.mean()); EXPECT_TRUE(std::isnan(wsd.computeStandardDeviation())); } TEST(DateFormatter, FromTime) { const SystemTime time1(std::chrono::seconds(1522796769)); EXPECT_EQ("2018-04-03T23:06:09.000Z", DateFormatter("%Y-%m-%dT%H:%M:%S.000Z").fromTime(time1)); EXPECT_EQ("aaa23", DateFormatter(std::string(3, 'a') + "%H").fromTime(time1)); const SystemTime time2(std::chrono::seconds(0)); EXPECT_EQ("1970-01-01T00:00:00.000Z", DateFormatter("%Y-%m-%dT%H:%M:%S.000Z").fromTime(time2)); EXPECT_EQ("aaa00", DateFormatter(std::string(3, 'a') + "%H").fromTime(time2)); } // Check the time complexity. Make sure DateFormatter can finish parsing long messy string without // crashing/freezing. This should pass in 0-2 seconds if O(n). Finish in 30-120 seconds if O(n^2) TEST(DateFormatter, ParseLongString) { std::string input; std::string expected_output; int num_duplicates = 400; std::string duplicate_input = "%%1f %1f, %2f, %3f, %4f, "; std::string duplicate_output = "%1 1, 14, 142, 1420, "; for (int i = 0; i < num_duplicates; i++) { absl::StrAppend(&input, duplicate_input, "("); absl::StrAppend(&expected_output, duplicate_output, "("); } absl::StrAppend(&input, duplicate_input); absl::StrAppend(&expected_output, duplicate_output); const SystemTime time1(std::chrono::seconds(1522796769) + std::chrono::milliseconds(142)); std::string output = DateFormatter(input).fromTime(time1); EXPECT_EQ(expected_output, output); } // Verify that two DateFormatter patterns with the same ??? patterns but // different format strings don't false share cache entries. This is a // regression test for when they did. TEST(DateFormatter, FromTimeSameWildcard) { const SystemTime time1(std::chrono::seconds(1522796769) + std::chrono::milliseconds(142)); EXPECT_EQ("2018-04-03T23:06:09.000Z142", DateFormatter("%Y-%m-%dT%H:%M:%S.000Z%3f").fromTime(time1)); EXPECT_EQ("2018-04-03T23:06:09.000Z114", DateFormatter("%Y-%m-%dT%H:%M:%S.000Z%1f%2f").fromTime(time1)); } TEST(TrieLookupTable, AddItems) { TrieLookupTable trie; const char* cstr_a = "a"; const char* cstr_b = "b"; const char* cstr_c = "c"; EXPECT_TRUE(trie.add("foo", cstr_a)); EXPECT_TRUE(trie.add("bar", cstr_b)); EXPECT_EQ(cstr_a, trie.find("foo")); EXPECT_EQ(cstr_b, trie.find("bar")); // overwrite_existing = false EXPECT_FALSE(trie.add("foo", cstr_c, false)); EXPECT_EQ(cstr_a, trie.find("foo")); // overwrite_existing = true EXPECT_TRUE(trie.add("foo", cstr_c)); EXPECT_EQ(cstr_c, trie.find("foo")); } TEST(TrieLookupTable, LongestPrefix) { TrieLookupTable trie; const char* cstr_a = "a"; const char* cstr_b = "b"; const char* cstr_c = "c"; EXPECT_TRUE(trie.add("foo", cstr_a)); EXPECT_TRUE(trie.add("bar", cstr_b)); EXPECT_TRUE(trie.add("baro", cstr_c)); EXPECT_EQ(cstr_a, trie.find("foo")); EXPECT_EQ(cstr_a, trie.findLongestPrefix("foo")); EXPECT_EQ(cstr_a, trie.findLongestPrefix("foosball")); EXPECT_EQ(cstr_b, trie.find("bar")); EXPECT_EQ(cstr_b, trie.findLongestPrefix("bar")); EXPECT_EQ(cstr_b, trie.findLongestPrefix("baritone")); EXPECT_EQ(cstr_c, trie.findLongestPrefix("barometer")); EXPECT_EQ(nullptr, trie.find("toto")); EXPECT_EQ(nullptr, trie.findLongestPrefix("toto")); EXPECT_EQ(nullptr, trie.find(" ")); EXPECT_EQ(nullptr, trie.findLongestPrefix(" ")); } TEST(InlineStorageTest, InlineString) { InlineStringPtr hello = InlineString::create("Hello, world!"); EXPECT_EQ("Hello, world!", hello->toStringView()); EXPECT_EQ("Hello, world!", hello->toString()); } #ifdef WIN32 TEST(ErrorDetailsTest, WindowsFormatMessage) { // winsock2 error EXPECT_NE(errorDetails(SOCKET_ERROR_AGAIN), ""); EXPECT_THAT(errorDetails(SOCKET_ERROR_AGAIN), Not(HasSubstr("\r\n"))); EXPECT_NE(errorDetails(SOCKET_ERROR_AGAIN), "Unknown error"); // winsock2 error with a long message EXPECT_NE(errorDetails(SOCKET_ERROR_MSG_SIZE), ""); EXPECT_THAT(errorDetails(SOCKET_ERROR_MSG_SIZE), Not(HasSubstr("\r\n"))); EXPECT_NE(errorDetails(SOCKET_ERROR_MSG_SIZE), "Unknown error"); // regular Windows error EXPECT_NE(errorDetails(ERROR_FILE_NOT_FOUND), ""); EXPECT_THAT(errorDetails(ERROR_FILE_NOT_FOUND), Not(HasSubstr("\r\n"))); EXPECT_NE(errorDetails(ERROR_FILE_NOT_FOUND), "Unknown error"); // invalid error code EXPECT_EQ(errorDetails(99999), "Unknown error"); } #endif } // namespace Envoy ================================================ FILE: test/common/common/version_test.cc ================================================ #include "common/version/version.h" #include "absl/strings/str_cat.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { // Class for accessing private members of the VersionInfo class. class VersionInfoTestPeer { public: static const std::string& buildType() { return VersionInfo::buildType(); } static const std::string& sslVersion() { return VersionInfo::sslVersion(); } static envoy::config::core::v3::BuildVersion makeBuildVersion(const char* version) { return VersionInfo::makeBuildVersion(version); } }; TEST(VersionTest, BuildVersion) { auto build_version = VersionInfo::buildVersion(); std::string version_string = absl::StrCat(build_version.version().major_number(), ".", build_version.version().minor_number(), ".", build_version.version().patch()); const auto& fields = build_version.metadata().fields(); if (fields.find(BuildVersionMetadataKeys::get().BuildLabel) != fields.end()) { absl::StrAppend(&version_string, "-", fields.at(BuildVersionMetadataKeys::get().BuildLabel).string_value()); } EXPECT_EQ(BUILD_VERSION_NUMBER, version_string); EXPECT_EQ(VersionInfo::revision(), fields.at(BuildVersionMetadataKeys::get().RevisionSHA).string_value()); EXPECT_EQ(VersionInfo::revisionStatus(), fields.at(BuildVersionMetadataKeys::get().RevisionStatus).string_value()); EXPECT_EQ(VersionInfoTestPeer::buildType(), fields.at(BuildVersionMetadataKeys::get().BuildType).string_value()); EXPECT_EQ(VersionInfoTestPeer::sslVersion(), fields.at(BuildVersionMetadataKeys::get().SslVersion).string_value()); } TEST(VersionTest, MakeBuildVersionWithLabel) { auto build_version = VersionInfoTestPeer::makeBuildVersion("1.2.3-foo-bar"); EXPECT_EQ(1, build_version.version().major_number()); EXPECT_EQ(2, build_version.version().minor_number()); EXPECT_EQ(3, build_version.version().patch()); const auto& fields = build_version.metadata().fields(); EXPECT_GE(fields.size(), 1); EXPECT_EQ("foo-bar", fields.at(BuildVersionMetadataKeys::get().BuildLabel).string_value()); } TEST(VersionTest, MakeBuildVersionWithoutLabel) { auto build_version = VersionInfoTestPeer::makeBuildVersion("1.2.3"); EXPECT_EQ(1, build_version.version().major_number()); EXPECT_EQ(2, build_version.version().minor_number()); EXPECT_EQ(3, build_version.version().patch()); const auto& fields = build_version.metadata().fields(); EXPECT_EQ(fields.find(BuildVersionMetadataKeys::get().BuildLabel), fields.end()); // Other metadata should still be present EXPECT_GE(fields.size(), 1); } TEST(VersionTest, MakeBadBuildVersion) { auto build_version = VersionInfoTestPeer::makeBuildVersion("1.foo.3-bar"); EXPECT_EQ(0, build_version.version().major_number()); EXPECT_EQ(0, build_version.version().minor_number()); EXPECT_EQ(0, build_version.version().patch()); const auto& fields = build_version.metadata().fields(); EXPECT_EQ(fields.find(BuildVersionMetadataKeys::get().BuildLabel), fields.end()); // Other metadata should still be present EXPECT_GE(fields.size(), 1); } } // namespace Envoy ================================================ FILE: test/common/config/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_cc_test_library", "envoy_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "api_shadow_test", srcs = ["api_shadow_test.cc"], deps = ["@envoy_api//envoy/config/cluster/v3:pkg_cc_proto"], ) envoy_cc_test( name = "api_type_oracle_test", srcs = ["api_type_oracle_test.cc"], deps = [ "//source/common/config:api_type_oracle_lib", "@envoy_api//envoy/config/filter/http/ip_tagging/v2:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ip_tagging/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "decoded_resource_impl_test", srcs = ["decoded_resource_impl_test.cc"], deps = [ "//source/common/config:decoded_resource_lib", "//test/mocks/config:config_mocks", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "delta_subscription_impl_test", srcs = ["delta_subscription_impl_test.cc"], deps = [ ":delta_subscription_test_harness", "//source/common/config:api_version_lib", "//source/common/config:grpc_subscription_lib", "//source/common/config:new_grpc_mux_lib", "//source/common/stats:isolated_store_lib", "//test/mocks:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/runtime:runtime_mocks", "//test/test_common:logging_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "delta_subscription_state_test", srcs = ["delta_subscription_state_test.cc"], deps = [ "//source/common/config:delta_subscription_state_lib", "//source/common/config:grpc_subscription_lib", "//source/common/config:new_grpc_mux_lib", "//source/common/stats:isolated_store_lib", "//test/mocks:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/runtime:runtime_mocks", "//test/test_common:logging_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "filesystem_subscription_impl_test", srcs = ["filesystem_subscription_impl_test.cc"], deps = [ ":filesystem_subscription_test_harness", "//test/mocks/event:event_mocks", "//test/mocks/filesystem:filesystem_mocks", "//test/test_common:logging_lib", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "filesystem_subscription_test_harness", srcs = ["filesystem_subscription_test_harness.h"], deps = [ ":subscription_test_harness", "//source/common/config:filesystem_subscription_lib", "//source/common/config:utility_lib", "//source/common/event:dispatcher_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/filesystem:filesystem_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/test_common:environment_lib", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "grpc_mux_impl_test", srcs = ["grpc_mux_impl_test.cc"], deps = [ "//source/common/config:api_version_lib", "//source/common/config:grpc_mux_lib", "//source/common/config:protobuf_link_hacks", "//source/common/config:version_converter_lib", "//source/common/protobuf", "//source/common/stats:isolated_store_lib", "//test/common/stats:stat_test_utility_lib", "//test/mocks:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/runtime:runtime_mocks", "//test/test_common:logging_lib", "//test/test_common:resources_lib", "//test/test_common:simulated_time_system_lib", "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "new_grpc_mux_impl_test", srcs = ["new_grpc_mux_impl_test.cc"], deps = [ "//source/common/config:new_grpc_mux_lib", "//source/common/config:protobuf_link_hacks", "//source/common/config:version_converter_lib", "//source/common/protobuf", "//test/common/stats:stat_test_utility_lib", "//test/mocks:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/runtime:runtime_mocks", "//test/test_common:logging_lib", "//test/test_common:resources_lib", "//test/test_common:simulated_time_system_lib", "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "grpc_stream_test", srcs = ["grpc_stream_test.cc"], deps = [ "//source/common/config:grpc_stream_lib", "//test/common/stats:stat_test_utility_lib", "//test/mocks:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "grpc_subscription_impl_test", srcs = ["grpc_subscription_impl_test.cc"], deps = [ ":grpc_subscription_test_harness", "//source/common/buffer:zero_copy_input_stream_lib", ], ) envoy_cc_test_library( name = "grpc_subscription_test_harness", hdrs = ["grpc_subscription_test_harness.h"], deps = [ ":subscription_test_harness", "//source/common/common:hash_lib", "//source/common/config:api_version_lib", "//source/common/config:grpc_mux_lib", "//source/common/config:grpc_subscription_lib", "//source/common/config:version_converter_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/test_common:resources_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "delta_subscription_test_harness", hdrs = ["delta_subscription_test_harness.h"], deps = [ ":subscription_test_harness", "//source/common/config:new_grpc_mux_lib", "//source/common/config:version_converter_lib", "//source/common/grpc:common_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/runtime:runtime_mocks", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "http_subscription_impl_test", srcs = ["http_subscription_impl_test.cc"], deps = [ ":http_subscription_test_harness", ], ) envoy_cc_test_library( name = "http_subscription_test_harness", srcs = ["http_subscription_test_harness.h"], deps = [ ":subscription_test_harness", "//include/envoy/http:async_client_interface", "//source/common/common:utility_lib", "//source/common/config:http_subscription_lib", "//source/common/config:utility_lib", "//source/common/http:message_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "opaque_resource_decoder_impl_test", srcs = ["opaque_resource_decoder_impl_test.cc"], deps = [ "//source/common/config:opaque_resource_decoder_lib", "//source/common/protobuf:message_validator_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "subscription_factory_impl_test", srcs = ["subscription_factory_impl_test.cc"], deps = [ "//source/common/config:subscription_factory_lib", "//source/common/config:udpa_resource_lib", "//test/mocks/config:config_mocks", "//test/mocks/event:event_mocks", "//test/mocks/filesystem:filesystem_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/stats:stats_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/test_common:environment_lib", "//test/test_common:logging_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "subscription_impl_test", srcs = ["subscription_impl_test.cc"], deps = [ ":delta_subscription_test_harness", ":filesystem_subscription_test_harness", ":grpc_subscription_test_harness", ":http_subscription_test_harness", ":subscription_test_harness", ], ) envoy_cc_test_library( name = "subscription_test_harness", srcs = ["subscription_test_harness.h"], deps = [ "//source/common/config:utility_lib", "//test/mocks/stats:stats_mocks", "//test/test_common:simulated_time_system_lib", ], ) envoy_cc_test( name = "type_to_endpoint_test", srcs = ["type_to_endpoint_test.cc"], deps = [ "//source/common/config:type_to_endpoint_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/route/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "pausable_ack_queue_test", srcs = ["pausable_ack_queue_test.cc"], deps = [ "//source/common/config:pausable_ack_queue_lib", ], ) envoy_cc_test( name = "metadata_test", srcs = ["metadata_test.cc"], deps = [ "//include/envoy/common:base_includes", "//source/common/config:metadata_lib", "//source/common/config:well_known_names", "//source/common/protobuf:utility_lib", "//test/test_common:registry_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "runtime_utility_test", srcs = ["runtime_utility_test.cc"], deps = [ "//source/common/config:runtime_utility_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "utility_test", srcs = ["utility_test.cc"], deps = [ "//source/common/config:api_version_lib", "//source/common/config:utility_lib", "//source/common/config:well_known_names", "//source/common/stats:stats_lib", "//test/mocks/grpc:grpc_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/stats:stats_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/mocks/upstream:thread_local_cluster_mocks", "//test/test_common:environment_lib", "//test/test_common:logging_lib", "//test/test_common:utility_lib", "@com_github_cncf_udpa//udpa/type/v1:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/cors/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "registry_test", srcs = ["registry_test.cc"], deps = [ "//include/envoy/config:typed_config_interface", "//test/test_common:logging_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "watch_map_test", srcs = ["watch_map_test.cc"], deps = [ "//source/common/config:watch_map_lib", "//test/mocks/config:config_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_proto_library( name = "dummy_config_proto", srcs = ["dummy_config.proto"], ) envoy_cc_test( name = "config_provider_impl_test", srcs = ["config_provider_impl_test.cc"], deps = [ ":dummy_config_proto_cc_proto", "//source/common/config:config_provider_lib", "//source/common/protobuf:utility_lib", "//test/mocks/server:instance_mocks", "//test/test_common:simulated_time_system_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "datasource_test", srcs = ["datasource_test.cc"], deps = [ "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/common/http:message_lib", "//source/common/protobuf:utility_lib", "//source/extensions/common/crypto:utility_lib", "//test/mocks/event:event_mocks", "//test/mocks/init:init_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "udpa_context_params_test", srcs = ["udpa_context_params_test.cc"], deps = [ ":udpa_test_utility_lib", "//source/common/config:udpa_context_params_lib", "//test/test_common:logging_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "udpa_resource_test", srcs = ["udpa_resource_test.cc"], deps = [ ":udpa_test_utility_lib", "//source/common/config:udpa_resource_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test_library( name = "udpa_test_utility_lib", hdrs = ["udpa_test_utility.h"], ) envoy_proto_library( name = "version_converter_proto", srcs = ["version_converter.proto"], ) envoy_cc_test( name = "version_converter_test", srcs = ["version_converter_test.cc"], deps = [ ":version_converter_proto_cc_proto", "//source/common/config:api_version_lib", "//source/common/config:version_converter_lib", "//source/common/protobuf:well_known_lib", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) ================================================ FILE: test/common/config/api_shadow_test.cc ================================================ #include "envoy/config/cluster/v3/cluster.pb.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { // Validate that deprecated fields are accessible via the shadow protos. TEST(ApiShadowTest, All) { envoy::config::cluster::v3::Cluster cluster; cluster.mutable_hidden_envoy_deprecated_tls_context(); cluster.set_lb_policy( envoy::config::cluster::v3::Cluster::hidden_envoy_deprecated_ORIGINAL_DST_LB); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/api_type_oracle_test.cc ================================================ #include "envoy/config/filter/http/ip_tagging/v2/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "common/config/api_type_oracle.h" #include "gtest/gtest.h" // API_NO_BOOST_FILE namespace Envoy { namespace Config { namespace { TEST(ApiTypeOracleTest, All) { envoy::config::filter::http::ip_tagging::v2::IPTagging v2_config; envoy::extensions::filters::http::ip_tagging::v3::IPTagging v3_config; ProtobufWkt::Any non_api_type; EXPECT_EQ(nullptr, ApiTypeOracle::getEarlierVersionDescriptor(non_api_type.GetDescriptor()->full_name())); EXPECT_EQ(nullptr, ApiTypeOracle::getEarlierVersionDescriptor(v2_config.GetDescriptor()->full_name())); const auto* desc = ApiTypeOracle::getEarlierVersionDescriptor(v3_config.GetDescriptor()->full_name()); EXPECT_EQ(envoy::config::filter::http::ip_tagging::v2::IPTagging::descriptor()->full_name(), desc->full_name()); EXPECT_EQ(envoy::config::filter::http::ip_tagging::v2::IPTagging::descriptor()->full_name(), ApiTypeOracle::getEarlierVersionMessageTypeName(v3_config.GetDescriptor()->full_name()) .value()); EXPECT_EQ("envoy.config.filter.http.ip_tagging.v2.IPTagging", TypeUtil::typeUrlToDescriptorFullName( "type.googleapis.com/envoy.config.filter.http.ip_tagging.v2.IPTagging")); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/config_provider_impl_test.cc ================================================ #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/config_provider_impl.h" #include "common/protobuf/utility.h" #include "test/common/config/dummy_config.pb.h" #include "test/mocks/server/instance.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { using testing::InSequence; class DummyConfigProviderManager; class DummyConfig : public Envoy::Config::ConfigProvider::Config { public: DummyConfig() = default; explicit DummyConfig(const test::common::config::DummyConfig& config_proto) { protos_.push_back(config_proto); } void addProto(const test::common::config::DummyConfig& config_proto) { protos_.push_back(config_proto); } uint32_t numProtos() const { return protos_.size(); } private: std::vector protos_; }; class StaticDummyConfigProvider : public ImmutableConfigProviderBase { public: StaticDummyConfigProvider(const test::common::config::DummyConfig& config_proto, Server::Configuration::ServerFactoryContext& factory_context, DummyConfigProviderManager& config_provider_manager); ~StaticDummyConfigProvider() override = default; // Envoy::Config::ConfigProvider const Protobuf::Message* getConfigProto() const override { return &config_proto_; } // Envoy::Config::ConfigProvider std::string getConfigVersion() const override { return ""; } // Envoy::Config::ConfigProvider ConfigConstSharedPtr getConfig() const override { return config_; } private: ConfigConstSharedPtr config_; test::common::config::DummyConfig config_proto_; }; class DummyConfigSubscription : public ConfigSubscriptionInstance, Envoy::Config::SubscriptionCallbacks { public: DummyConfigSubscription(const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, DummyConfigProviderManager& config_provider_manager); ~DummyConfigSubscription() override = default; // Envoy::Config::ConfigSubscriptionCommonBase void start() override {} // Envoy::Config::ConfigSubscriptionInstance ConfigProvider::ConfigConstSharedPtr onConfigProtoUpdate(const Protobuf::Message& config_proto) override { return std::make_shared( static_cast(config_proto)); } // Envoy::Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override { const auto& config = dynamic_cast(resources[0].get().resource()); if (checkAndApplyConfigUpdate(config, "dummy_config", version_info)) { config_proto_ = config; } ConfigSubscriptionCommonBase::onConfigUpdate(); } void onConfigUpdate(const std::vector&, const Protobuf::RepeatedPtrField&, const std::string&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } // Envoy::Config::SubscriptionCallbacks void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason, const EnvoyException*) override {} const absl::optional& configProto() const { return config_proto_; } private: absl::optional config_proto_; }; using DummyConfigSubscriptionSharedPtr = std::shared_ptr; class DummyDynamicConfigProvider : public MutableConfigProviderCommonBase { public: explicit DummyDynamicConfigProvider(DummyConfigSubscriptionSharedPtr&& subscription) : MutableConfigProviderCommonBase(std::move(subscription), ApiType::Full), subscription_(static_cast( MutableConfigProviderCommonBase::subscription_.get())) {} ~DummyDynamicConfigProvider() override = default; DummyConfigSubscription& subscription() { return *subscription_; } // Envoy::Config::ConfigProvider const Protobuf::Message* getConfigProto() const override { if (!subscription_->configProto().has_value()) { return nullptr; } return &subscription_->configProto().value(); } std::string getConfigVersion() const override { return ""; } private: // Lifetime of this pointer is owned by the shared_ptr held by the base class. DummyConfigSubscription* subscription_; }; class DummyConfigProviderManager : public ConfigProviderManagerImplBase { public: explicit DummyConfigProviderManager(Server::Admin& admin) : ConfigProviderManagerImplBase(admin, "dummy") {} ~DummyConfigProviderManager() override = default; // Envoy::Config::ConfigProviderManagerImplBase ProtobufTypes::MessagePtr dumpConfigs() const override { auto config_dump = std::make_unique(); for (const auto& element : configSubscriptions()) { auto subscription = element.second.lock(); ASSERT(subscription); if (subscription->configInfo()) { auto* dynamic_config = config_dump->mutable_dynamic_dummy_configs()->Add(); dynamic_config->set_version_info(subscription->configInfo().value().last_config_version_); dynamic_config->mutable_dummy_config()->MergeFrom( static_cast(subscription.get())->configProto().value()); TimestampUtil::systemClockToTimestamp(subscription->lastUpdated(), *dynamic_config->mutable_last_updated()); } } for (const auto* provider : immutableConfigProviders(ConfigProviderInstanceType::Static)) { ASSERT(provider->configProtoInfo()); auto* static_config = config_dump->mutable_static_dummy_configs()->Add(); static_config->mutable_dummy_config()->MergeFrom( provider->configProtoInfo().value().config_proto_); TimestampUtil::systemClockToTimestamp(provider->lastUpdated(), *static_config->mutable_last_updated()); } return config_dump; } // Envoy::Config::ConfigProviderManager ConfigProviderPtr createXdsConfigProvider(const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string&, const Envoy::Config::ConfigProviderManager::OptionalArg&) override { DummyConfigSubscriptionSharedPtr subscription = getSubscription( config_source_proto, init_manager, [&factory_context](const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager) -> ConfigSubscriptionCommonBaseSharedPtr { return std::make_shared( manager_identifier, factory_context, static_cast(config_provider_manager)); }); return std::make_unique(std::move(subscription)); } // Envoy::Config::ConfigProviderManager ConfigProviderPtr createStaticConfigProvider(const Protobuf::Message& config_proto, Server::Configuration::ServerFactoryContext& factory_context, const Envoy::Config::ConfigProviderManager::OptionalArg&) override { return std::make_unique( dynamic_cast(config_proto), factory_context, *this); } ConfigProviderPtr createStaticConfigProvider(std::vector>&&, Server::Configuration::ServerFactoryContext&, const OptionalArg&) override { ASSERT(false, "this provider does not expect multiple config protos"); return nullptr; } }; DummyConfigSubscription::DummyConfigSubscription( const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, DummyConfigProviderManager& config_provider_manager) : ConfigSubscriptionInstance("DummyDS", manager_identifier, config_provider_manager, factory_context) { // A nullptr is shared as the initial value. initialize(nullptr); } StaticDummyConfigProvider::StaticDummyConfigProvider( const test::common::config::DummyConfig& config_proto, Server::Configuration::ServerFactoryContext& factory_context, DummyConfigProviderManager& config_provider_manager) : ImmutableConfigProviderBase(factory_context, config_provider_manager, ConfigProviderInstanceType::Static, ApiType::Full), config_(std::make_shared(config_proto)), config_proto_(config_proto) {} class ConfigProviderImplTest : public testing::Test { public: void initialize() { EXPECT_CALL(server_factory_context_.admin_.config_tracker_, add_("dummy", _)); provider_manager_ = std::make_unique(server_factory_context_.admin_); } Event::SimulatedTimeSystem& timeSystem() { return time_system_; } protected: Event::SimulatedTimeSystem time_system_; NiceMock server_factory_context_; NiceMock init_manager_; std::unique_ptr provider_manager_; }; test::common::config::DummyConfig parseDummyConfigFromYaml(const std::string& yaml) { test::common::config::DummyConfig config; TestUtility::loadFromYaml(yaml, config); return config; } // Tests that dynamic config providers share ownership of the config // subscriptions, config protos and data structures generated as a result of the // configurations (i.e., the ConfigProvider::Config). TEST_F(ConfigProviderImplTest, SharedOwnership) { initialize(); Init::ExpectableWatcherImpl watcher; init_manager_.initialize(watcher); envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); ConfigProviderPtr provider1 = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); // No config protos have been received via the subscription yet. EXPECT_FALSE(provider1->configProtoInfo().has_value()); Protobuf::RepeatedPtrField untyped_dummy_configs; const auto dummy_config = parseDummyConfigFromYaml("a: a dummy config"); DummyConfigSubscription& subscription = dynamic_cast(*provider1).subscription(); const auto decoded_resources = TestUtility::decodeResources({dummy_config}, "a"); subscription.onConfigUpdate(decoded_resources.refvec_, "1"); // Check that a newly created provider with the same config source will share // the subscription, config proto and resulting ConfigProvider::Config. ConfigProviderPtr provider2 = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); EXPECT_TRUE(provider2->configProtoInfo().has_value()); EXPECT_EQ(&dynamic_cast(*provider1).subscription(), &dynamic_cast(*provider2).subscription()); EXPECT_EQ(&provider1->configProtoInfo().value().config_proto_, &provider2->configProtoInfo().value().config_proto_); EXPECT_EQ(provider1->config().get(), provider2->config().get()); // Change the config source and verify that a new subscription is used. config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::REST); ConfigProviderPtr provider3 = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); EXPECT_NE(&dynamic_cast(*provider1).subscription(), &dynamic_cast(*provider3).subscription()); EXPECT_NE(provider1->config().get(), provider3->config().get()); dynamic_cast(*provider3) .subscription() .onConfigUpdate(decoded_resources.refvec_, "provider3"); EXPECT_EQ(2UL, static_cast( provider_manager_->dumpConfigs().get()) ->dynamic_dummy_configs() .size()); // Test that tear down of config providers leads to correctly updating // centralized state; this is validated using the config dump. provider1.reset(); provider2.reset(); auto dynamic_dummy_configs = static_cast(provider_manager_->dumpConfigs().get()) ->dynamic_dummy_configs(); EXPECT_EQ(1UL, dynamic_dummy_configs.size()); EXPECT_EQ("provider3", dynamic_dummy_configs[0].version_info()); provider3.reset(); EXPECT_EQ(0UL, static_cast( provider_manager_->dumpConfigs().get()) ->dynamic_dummy_configs() .size()); } // A ConfigProviderManager that returns a dummy ConfigProvider. class DummyConfigProviderManagerMockConfigProvider : public DummyConfigProviderManager { public: DummyConfigProviderManagerMockConfigProvider(Server::Admin& admin) : DummyConfigProviderManager(admin) {} ConfigProviderPtr createXdsConfigProvider(const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string&, const Envoy::Config::ConfigProviderManager::OptionalArg&) override { DummyConfigSubscriptionSharedPtr subscription = getSubscription( config_source_proto, init_manager, [&factory_context](const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager) -> ConfigSubscriptionCommonBaseSharedPtr { return std::make_shared( manager_identifier, factory_context, static_cast(config_provider_manager)); }); return std::make_unique(std::move(subscription)); } }; // Test that duplicate config updates will not trigger creation of a new ConfigProvider::Config. TEST_F(ConfigProviderImplTest, DuplicateConfigProto) { InSequence sequence; // This provider manager returns a DummyDynamicConfigProvider. auto provider_manager = std::make_unique( server_factory_context_.admin_); envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); ConfigProviderPtr provider = provider_manager->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); auto* typed_provider = static_cast(provider.get()); auto& subscription = static_cast(typed_provider->subscription()); EXPECT_EQ(subscription.getConfig(), nullptr); // First time issuing a configUpdate(). A new ConfigProvider::Config should be created. const auto dummy_config = parseDummyConfigFromYaml("a: a dynamic dummy config"); const auto decoded_resources = TestUtility::decodeResources({dummy_config}, "a"); subscription.onConfigUpdate(decoded_resources.refvec_, "1"); EXPECT_NE(subscription.getConfig(), nullptr); auto config_ptr = subscription.getConfig(); EXPECT_EQ(typed_provider->config().get(), config_ptr.get()); // Second time issuing the configUpdate(), this time with a duplicate proto. A new // ConfigProvider::Config _should not_ be created. subscription.onConfigUpdate(decoded_resources.refvec_, "2"); EXPECT_EQ(config_ptr, subscription.getConfig()); EXPECT_EQ(typed_provider->config().get(), config_ptr.get()); } // An empty config provider tests on base class' constructor. class InlineDummyConfigProvider : public ImmutableConfigProviderBase { public: InlineDummyConfigProvider(Server::Configuration::ServerFactoryContext& factory_context, DummyConfigProviderManager& config_provider_manager, ConfigProviderInstanceType instance_type) : ImmutableConfigProviderBase(factory_context, config_provider_manager, instance_type, ApiType::Full) {} ConfigConstSharedPtr getConfig() const override { return nullptr; } std::string getConfigVersion() const override { return ""; } const Protobuf::Message* getConfigProto() const override { return nullptr; } }; class ConfigProviderImplDeathTest : public ConfigProviderImplTest {}; TEST_F(ConfigProviderImplDeathTest, AssertionFailureOnIncorrectInstanceType) { initialize(); InlineDummyConfigProvider foo(server_factory_context_, *provider_manager_, ConfigProviderInstanceType::Inline); InlineDummyConfigProvider bar(server_factory_context_, *provider_manager_, ConfigProviderInstanceType::Static); EXPECT_DEBUG_DEATH(InlineDummyConfigProvider(server_factory_context_, *provider_manager_, ConfigProviderInstanceType::Xds), ""); } // Tests that the base ConfigProvider*s are handling registration with the // /config_dump admin handler as well as generic bookkeeping such as timestamp // updates. TEST_F(ConfigProviderImplTest, ConfigDump) { initialize(); // Empty dump first. auto message_ptr = server_factory_context_.admin_.config_tracker_.config_tracker_callbacks_["dummy"](); const auto& dummy_config_dump = static_cast(*message_ptr); test::common::config::DummyConfigsDump expected_config_dump; TestUtility::loadFromYaml(R"EOF( static_dummy_configs: dynamic_dummy_configs: )EOF", expected_config_dump); EXPECT_EQ(expected_config_dump.DebugString(), dummy_config_dump.DebugString()); // Static config dump only. std::string config_yaml = "a: a static dummy config"; timeSystem().setSystemTime(std::chrono::milliseconds(1234567891234)); ConfigProviderPtr static_config = provider_manager_->createStaticConfigProvider( parseDummyConfigFromYaml(config_yaml), server_factory_context_, ConfigProviderManager::NullOptionalArg()); message_ptr = server_factory_context_.admin_.config_tracker_.config_tracker_callbacks_["dummy"](); const auto& dummy_config_dump2 = static_cast(*message_ptr); TestUtility::loadFromYaml(R"EOF( static_dummy_configs: - dummy_config: { a: a static dummy config } last_updated: { seconds: 1234567891, nanos: 234000000 } dynamic_dummy_configs: )EOF", expected_config_dump); EXPECT_EQ(expected_config_dump.DebugString(), dummy_config_dump2.DebugString()); envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); ConfigProviderPtr dynamic_provider = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); // Static + dynamic config dump. const auto dummy_config = parseDummyConfigFromYaml("a: a dynamic dummy config"); timeSystem().setSystemTime(std::chrono::milliseconds(1234567891567)); DummyConfigSubscription& subscription = dynamic_cast(*dynamic_provider).subscription(); const auto decoded_resources = TestUtility::decodeResources({dummy_config}, "a"); subscription.onConfigUpdate(decoded_resources.refvec_, "v1"); message_ptr = server_factory_context_.admin_.config_tracker_.config_tracker_callbacks_["dummy"](); const auto& dummy_config_dump3 = static_cast(*message_ptr); TestUtility::loadFromYaml(R"EOF( static_dummy_configs: - dummy_config: { a: a static dummy config } last_updated: { seconds: 1234567891, nanos: 234000000 } dynamic_dummy_configs: - version_info: v1 dummy_config: { a: a dynamic dummy config } last_updated: { seconds: 1234567891, nanos: 567000000 } )EOF", expected_config_dump); EXPECT_EQ(expected_config_dump.DebugString(), dummy_config_dump3.DebugString()); ConfigProviderPtr static_config2 = provider_manager_->createStaticConfigProvider( parseDummyConfigFromYaml("a: another static dummy config"), server_factory_context_, ConfigProviderManager::NullOptionalArg()); message_ptr = server_factory_context_.admin_.config_tracker_.config_tracker_callbacks_["dummy"](); const auto& dummy_config_dump4 = static_cast(*message_ptr); TestUtility::loadFromYaml(R"EOF( static_dummy_configs: - dummy_config: { a: another static dummy config } last_updated: { seconds: 1234567891, nanos: 567000000 } - dummy_config: { a: a static dummy config } last_updated: { seconds: 1234567891, nanos: 234000000 } dynamic_dummy_configs: - version_info: v1 dummy_config: { a: a dynamic dummy config } last_updated: { seconds: 1234567891, nanos: 567000000 } )EOF", expected_config_dump); EXPECT_THAT(expected_config_dump, ProtoEqIgnoreRepeatedFieldOrdering(dummy_config_dump4)); } // Tests that dynamic config providers enforce that the context's localInfo is // set, since it is used to obtain the node/cluster attributes required for // subscriptions. TEST_F(ConfigProviderImplTest, LocalInfoNotDefined) { initialize(); server_factory_context_.local_info_.node_.set_cluster(""); server_factory_context_.local_info_.node_.set_id(""); envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); EXPECT_THROW_WITH_MESSAGE( provider_manager_->createXdsConfigProvider(config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()), EnvoyException, "DummyDS: node 'id' and 'cluster' are required. Set it either in 'node' config or " "via --service-node and --service-cluster options."); } class DeltaDummyConfigProviderManager; class DeltaDummyConfigSubscription : public DeltaConfigSubscriptionInstance, Envoy::Config::SubscriptionCallbacks { public: using ProtoMap = std::map; DeltaDummyConfigSubscription(const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, DeltaDummyConfigProviderManager& config_provider_manager); // Envoy::Config::ConfigSubscriptionCommonBase void start() override {} // Envoy::Config::SubscriptionCallbacks void onConfigUpdate(const std::vector& resources, const std::string& version_info) override { if (resources.empty()) { return; } // For simplicity, there is no logic here to track updates and/or removals to the existing // config proto set (i.e., this is append only). Real xDS APIs will need to track additions, // updates and removals to the config set and apply the diffs to the underlying config // implementations. for (const auto& resource : resources) { const auto& dummy_config = dynamic_cast(resource.get().resource()); proto_map_[version_info] = dummy_config; // Propagate the new config proto to all worker threads. applyConfigUpdate([&dummy_config](ConfigProvider::ConfigConstSharedPtr prev_config) -> ConfigProvider::ConfigConstSharedPtr { auto* config = const_cast(static_cast(prev_config.get())); // Per above, append only for now. config->addProto(dummy_config); return prev_config; }); } ConfigSubscriptionCommonBase::onConfigUpdate(); setLastConfigInfo(absl::optional({absl::nullopt, version_info})); } void onConfigUpdate(const std::vector&, const Protobuf::RepeatedPtrField&, const std::string&) override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } void onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason, const EnvoyException*) override { ConfigSubscriptionCommonBase::onConfigUpdateFailed(); } const ProtoMap& protoMap() const { return proto_map_; } private: ProtoMap proto_map_; }; using DeltaDummyConfigSubscriptionSharedPtr = std::shared_ptr; class DeltaDummyDynamicConfigProvider : public Envoy::Config::MutableConfigProviderCommonBase { public: DeltaDummyDynamicConfigProvider(DeltaDummyConfigSubscriptionSharedPtr&& subscription) : MutableConfigProviderCommonBase(std::move(subscription), ConfigProvider::ApiType::Delta), subscription_(static_cast( MutableConfigProviderCommonBase::subscription_.get())) {} DeltaDummyConfigSubscription& subscription() { return *subscription_; } // Envoy::Config::ConfigProvider ConfigProtoVector getConfigProtos() const override { ConfigProtoVector proto_vector; for (const auto& value_type : subscription_->protoMap()) { proto_vector.push_back(&value_type.second); } return proto_vector; } std::string getConfigVersion() const override { return (subscription_->configInfo().has_value()) ? subscription_->configInfo().value().last_config_version_ : ""; } private: DeltaDummyConfigSubscription* subscription_; }; class DeltaDummyConfigProviderManager : public ConfigProviderManagerImplBase { public: DeltaDummyConfigProviderManager(Server::Admin& admin) : ConfigProviderManagerImplBase(admin, "dummy") {} // Envoy::Config::ConfigProviderManagerImplBase ProtobufTypes::MessagePtr dumpConfigs() const override { auto config_dump = std::make_unique(); for (const auto& element : configSubscriptions()) { auto subscription = element.second.lock(); ASSERT(subscription); if (subscription->configInfo()) { auto* dynamic_config = config_dump->mutable_dynamic_dummy_configs()->Add(); dynamic_config->set_version_info(subscription->configInfo().value().last_config_version_); const auto* typed_subscription = static_cast(subscription.get()); const DeltaDummyConfigSubscription::ProtoMap& proto_map = typed_subscription->protoMap(); for (const auto& value_type : proto_map) { dynamic_config->mutable_dummy_configs()->Add()->MergeFrom(value_type.second); } TimestampUtil::systemClockToTimestamp(subscription->lastUpdated(), *dynamic_config->mutable_last_updated()); } } return config_dump; } // Envoy::Config::ConfigProviderManager ConfigProviderPtr createXdsConfigProvider(const Protobuf::Message& config_source_proto, Server::Configuration::ServerFactoryContext& factory_context, Init::Manager& init_manager, const std::string&, const Envoy::Config::ConfigProviderManager::OptionalArg&) override { DeltaDummyConfigSubscriptionSharedPtr subscription = getSubscription( config_source_proto, init_manager, [&factory_context](const uint64_t manager_identifier, ConfigProviderManagerImplBase& config_provider_manager) -> ConfigSubscriptionCommonBaseSharedPtr { return std::make_shared( manager_identifier, factory_context, static_cast(config_provider_manager)); }); return std::make_unique(std::move(subscription)); } }; DeltaDummyConfigSubscription::DeltaDummyConfigSubscription( const uint64_t manager_identifier, Server::Configuration::ServerFactoryContext& factory_context, DeltaDummyConfigProviderManager& config_provider_manager) : DeltaConfigSubscriptionInstance("Dummy", manager_identifier, config_provider_manager, factory_context) { initialize( []() -> ConfigProvider::ConfigConstSharedPtr { return std::make_shared(); }); } class DeltaConfigProviderImplTest : public testing::Test { public: DeltaConfigProviderImplTest() { EXPECT_CALL(server_factory_context_.admin_.config_tracker_, add_("dummy", _)); provider_manager_ = std::make_unique(server_factory_context_.admin_); } Event::SimulatedTimeSystem& timeSystem() { return time_system_; } protected: Event::SimulatedTimeSystem time_system_; NiceMock server_factory_context_; NiceMock init_manager_; std::unique_ptr provider_manager_; }; // Validate that delta config subscriptions are shared across delta dynamic config providers and // that the underlying Config implementation can be shared as well. TEST_F(DeltaConfigProviderImplTest, MultipleDeltaSubscriptions) { envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); ConfigProviderPtr provider1 = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); // No config protos have been received via the subscription yet. EXPECT_FALSE(provider1->configProtoInfoVector().has_value()); const auto dummy_config_0 = parseDummyConfigFromYaml("a: a dummy config"); const auto dummy_config_1 = parseDummyConfigFromYaml("a: another dummy config"); const auto decoded_resources = TestUtility::decodeResources({dummy_config_0, dummy_config_1}, "a"); DeltaDummyConfigSubscription& subscription = dynamic_cast(*provider1).subscription(); subscription.onConfigUpdate(decoded_resources.refvec_, "1"); ConfigProviderPtr provider2 = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); // Providers, config implementations (i.e., the DummyConfig) and config protos are // expected to be shared for a given subscription. EXPECT_EQ(&dynamic_cast(*provider1).subscription(), &dynamic_cast(*provider2).subscription()); ASSERT_TRUE(provider2->configProtoInfoVector().has_value()); EXPECT_EQ( provider1->configProtoInfoVector().value().config_protos_, provider2->configProtoInfoVector().value().config_protos_); EXPECT_EQ(provider1->config().get(), provider2->config().get()); // Validate that the config protos are propagated to the thread local config implementation. EXPECT_EQ(provider1->config()->numProtos(), 2); // Issue a second config update to validate that having multiple providers bound to the // subscription causes a single update to the underlying shared config implementation. subscription.onConfigUpdate(decoded_resources.refvec_, "2"); // NOTE: the config implementation is append only and _does not_ track updates/removals to the // config proto set, so the expectation is to double the size of the set. EXPECT_EQ(provider1->config().get(), provider2->config().get()); EXPECT_EQ(provider1->config()->numProtos(), 4); EXPECT_EQ(provider1->configProtoInfoVector().value().version_, "2"); } // Tests a config update failure. TEST_F(DeltaConfigProviderImplTest, DeltaSubscriptionFailure) { envoy::config::core::v3::ApiConfigSource config_source_proto; config_source_proto.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); ConfigProviderPtr provider = provider_manager_->createXdsConfigProvider( config_source_proto, server_factory_context_, init_manager_, "dummy_prefix", ConfigProviderManager::NullOptionalArg()); DeltaDummyConfigSubscription& subscription = dynamic_cast(*provider).subscription(); const auto time = std::chrono::milliseconds(1234567891234); timeSystem().setSystemTime(time); const EnvoyException ex(fmt::format("config failure")); // Verify the failure updates the lastUpdated() timestamp. subscription.onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, &ex); EXPECT_EQ(std::chrono::time_point_cast(provider->lastUpdated()) .time_since_epoch(), time); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/datasource_test.cc ================================================ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/base.pb.validate.h" #include "common/common/empty_string.h" #include "common/config/datasource.h" #include "common/http/message_impl.h" #include "common/protobuf/protobuf.h" #include "test/mocks/event/mocks.h" #include "test/mocks/init/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { using ::testing::AtLeast; using ::testing::NiceMock; using ::testing::Return; class AsyncDataSourceTest : public testing::Test { protected: using AsyncDataSourcePb = envoy::config::core::v3::AsyncDataSource; NiceMock cm_; Init::MockManager init_manager_; Init::ExpectableWatcherImpl init_watcher_; Init::TargetHandlePtr init_target_handle_; Api::ApiPtr api_{Api::createApiForTest()}; NiceMock random_; Event::MockDispatcher dispatcher_; Event::MockTimer* retry_timer_; Event::TimerCb retry_timer_cb_; NiceMock request_{&cm_.async_client_}; Config::DataSource::LocalAsyncDataProviderPtr local_data_provider_; Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; using AsyncClientSendFunc = std::function; void initialize(AsyncClientSendFunc func, int num_retries = 1) { retry_timer_ = new Event::MockTimer(); EXPECT_CALL(init_manager_, add(_)).WillOnce(Invoke([this](const Init::Target& target) { init_target_handle_ = target.createHandle("test"); })); EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([this](Event::TimerCb timer_cb) { retry_timer_cb_ = timer_cb; return retry_timer_; })); EXPECT_CALL(cm_, httpAsyncClientForCluster("cluster_1")) .Times(AtLeast(1)) .WillRepeatedly(ReturnRef(cm_.async_client_)); EXPECT_CALL(*retry_timer_, disableTimer()); if (num_retries == 1) { EXPECT_CALL(cm_.async_client_, send_(_, _, _)).Times(AtLeast(1)).WillRepeatedly(Invoke(func)); } else { EXPECT_CALL(cm_.async_client_, send_(_, _, _)) .Times(num_retries) .WillRepeatedly(Invoke(func)); } } }; TEST_F(AsyncDataSourceTest, LoadLocalDataSource) { AsyncDataSourcePb config; std::string yaml = R"EOF( local: inline_string: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_local()); std::string async_data; EXPECT_CALL(init_manager_, add(_)).WillOnce(Invoke([this](const Init::Target& target) { init_target_handle_ = target.createHandle("test"); })); local_data_provider_ = std::make_unique( init_manager_, config.local(), true, *api_, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, "xxxxxx"); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, "xxxxxx"); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceReturnFailure) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { callbacks.onFailure(request_, Envoy::Http::AsyncClient::FailureReason::Reset); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, EMPTY_STRING); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillOnce(Invoke( [&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, EMPTY_STRING); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceSuccessWith503) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { callbacks.onSuccess( request_, Http::ResponseMessagePtr{new Http::ResponseMessageImpl(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "503"}}})}); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, EMPTY_STRING); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillOnce(Invoke( [&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, EMPTY_STRING); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceSuccessWithEmptyBody) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { callbacks.onSuccess( request_, Http::ResponseMessagePtr{new Http::ResponseMessageImpl(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "200"}}})}); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, EMPTY_STRING); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillOnce(Invoke( [&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, EMPTY_STRING); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceSuccessIncorrectSha256) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); const std::string body = "hello world"; initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { Http::ResponseMessagePtr response(new Http::ResponseMessageImpl( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}})); response->body().add(body); callbacks.onSuccess(request_, std::move(response)); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, EMPTY_STRING); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillOnce(Invoke( [&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, EMPTY_STRING); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceSuccess) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); const std::string body = "hello world"; initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { Http::ResponseMessagePtr response(new Http::ResponseMessageImpl( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}})); response->body().add(body); callbacks.onSuccess(request_, std::move(response)); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, body); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, body); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceDoNotAllowEmpty) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxxxxx )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { callbacks.onSuccess( request_, Http::ResponseMessagePtr{new Http::ResponseMessageImpl(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "503"}}})}); return nullptr; }); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, false, [&](const std::string& data) { async_data = data; }); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillOnce(Invoke( [&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, "non-empty"); } TEST_F(AsyncDataSourceTest, DatasourceReleasedBeforeFetchingData) { const std::string body = "hello world"; std::string async_data = "non-empty"; { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); initialize([&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { Http::ResponseMessagePtr response(new Http::ResponseMessageImpl( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}})); response->body().add(body); callbacks.onSuccess(request_, std::move(response)); return nullptr; }); remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, body); async_data = data; }); } EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, body); } TEST_F(AsyncDataSourceTest, LoadRemoteDataSourceWithRetry) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 retry_policy: retry_back_off: base_interval: 1s num_retries: 3 )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); const std::string body = "hello world"; int num_retries = 3; initialize( [&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { callbacks.onSuccess( request_, Http::ResponseMessagePtr{new Http::ResponseMessageImpl(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "503"}}})}); return nullptr; }, num_retries); std::string async_data = "non-empty"; remote_data_provider_ = std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string& data) { EXPECT_EQ(init_manager_.state(), Init::Manager::State::Initializing); EXPECT_EQ(data, body); async_data = data; }); EXPECT_CALL(init_manager_, state()).WillOnce(Return(Init::Manager::State::Initializing)); EXPECT_CALL(init_watcher_, ready()); EXPECT_CALL(*retry_timer_, enableTimer(_, _)) .WillRepeatedly(Invoke([&](const std::chrono::milliseconds&, const ScopeTrackedObject*) { if (--num_retries == 0) { EXPECT_CALL(cm_.async_client_, send_(_, _, _)) .WillOnce(Invoke( [&](Http::RequestMessagePtr&, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) -> Http::AsyncClient::Request* { Http::ResponseMessagePtr response( new Http::ResponseMessageImpl(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "200"}}})); response->body().add(body); callbacks.onSuccess(request_, std::move(response)); return nullptr; })); } retry_timer_cb_(); })); init_target_handle_->initialize(init_watcher_); EXPECT_EQ(async_data, body); } TEST_F(AsyncDataSourceTest, BaseIntervalGreaterThanMaxInterval) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 retry_policy: retry_back_off: base_interval: 10s max_interval: 1s num_retries: 3 )EOF"; TestUtility::loadFromYamlAndValidate(yaml, config); EXPECT_TRUE(config.has_remote()); EXPECT_THROW_WITH_MESSAGE(std::make_unique( cm_, init_manager_, config.remote(), dispatcher_, random_, true, [&](const std::string&) {}), EnvoyException, "max_interval must be greater than or equal to the base_interval"); } TEST_F(AsyncDataSourceTest, BaseIntervalTest) { AsyncDataSourcePb config; std::string yaml = R"EOF( remote: http_uri: uri: https://example.com/data cluster: cluster_1 timeout: 1s sha256: xxx retry_policy: retry_back_off: base_interval: 0.0001s num_retries: 3 )EOF"; EXPECT_THROW(TestUtility::loadFromYamlAndValidate(yaml, config), EnvoyException); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/decoded_resource_impl_test.cc ================================================ #include "common/config/decoded_resource_impl.h" #include "test/mocks/config/mocks.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" using ::testing::InvokeWithoutArgs; using ::testing::Return; namespace Envoy { namespace Config { namespace { TEST(DecodedResourceImplTest, All) { MockOpaqueResourceDecoder resource_decoder; ProtobufWkt::Any some_opaque_resource; some_opaque_resource.set_type_url("some_type_url"); { EXPECT_CALL(resource_decoder, decodeResource(ProtoEq(some_opaque_resource))) .WillOnce(InvokeWithoutArgs( []() -> ProtobufTypes::MessagePtr { return std::make_unique(); })); EXPECT_CALL(resource_decoder, resourceName(ProtoEq(ProtobufWkt::Empty()))) .WillOnce(Return("some_name")); DecodedResourceImpl decoded_resource(resource_decoder, some_opaque_resource, "foo"); EXPECT_EQ("some_name", decoded_resource.name()); EXPECT_TRUE(decoded_resource.aliases().empty()); EXPECT_EQ("foo", decoded_resource.version()); EXPECT_THAT(decoded_resource.resource(), ProtoEq(ProtobufWkt::Empty())); EXPECT_TRUE(decoded_resource.hasResource()); } { envoy::service::discovery::v3::Resource resource_wrapper; resource_wrapper.set_name("real_name"); resource_wrapper.add_aliases("bar"); resource_wrapper.add_aliases("baz"); resource_wrapper.mutable_resource()->MergeFrom(some_opaque_resource); resource_wrapper.set_version("foo"); EXPECT_CALL(resource_decoder, decodeResource(ProtoEq(some_opaque_resource))) .WillOnce(InvokeWithoutArgs( []() -> ProtobufTypes::MessagePtr { return std::make_unique(); })); EXPECT_CALL(resource_decoder, resourceName(ProtoEq(ProtobufWkt::Empty()))).Times(0); DecodedResourceImpl decoded_resource(resource_decoder, resource_wrapper); EXPECT_EQ("real_name", decoded_resource.name()); EXPECT_EQ((std::vector{"bar", "baz"}), decoded_resource.aliases()); EXPECT_EQ("foo", decoded_resource.version()); EXPECT_THAT(decoded_resource.resource(), ProtoEq(ProtobufWkt::Empty())); EXPECT_TRUE(decoded_resource.hasResource()); } { envoy::service::discovery::v3::Resource resource_wrapper; resource_wrapper.set_name("real_name"); resource_wrapper.set_version("foo"); resource_wrapper.add_aliases("bar"); resource_wrapper.add_aliases("baz"); EXPECT_CALL(resource_decoder, decodeResource(ProtoEq(ProtobufWkt::Any()))) .WillOnce(InvokeWithoutArgs( []() -> ProtobufTypes::MessagePtr { return std::make_unique(); })); EXPECT_CALL(resource_decoder, resourceName(_)).Times(0); DecodedResourceImpl decoded_resource(resource_decoder, resource_wrapper); EXPECT_EQ("real_name", decoded_resource.name()); EXPECT_EQ((std::vector{"bar", "baz"}), decoded_resource.aliases()); EXPECT_EQ("foo", decoded_resource.version()); EXPECT_THAT(decoded_resource.resource(), ProtoEq(ProtobufWkt::Empty())); EXPECT_FALSE(decoded_resource.hasResource()); } { auto message = std::make_unique(); DecodedResourceImpl decoded_resource(std::move(message), "real_name", {"bar", "baz"}, "foo"); EXPECT_EQ("real_name", decoded_resource.name()); EXPECT_EQ((std::vector{"bar", "baz"}), decoded_resource.aliases()); EXPECT_EQ("foo", decoded_resource.version()); EXPECT_THAT(decoded_resource.resource(), ProtoEq(ProtobufWkt::Empty())); EXPECT_TRUE(decoded_resource.hasResource()); } } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/delta_subscription_impl_test.cc ================================================ #include "envoy/api/v2/discovery.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/buffer/zero_copy_input_stream_impl.h" #include "common/config/api_version.h" #include "test/common/config/delta_subscription_test_harness.h" namespace Envoy { namespace Config { namespace { class DeltaSubscriptionImplTest : public DeltaSubscriptionTestHarness, public testing::Test { protected: DeltaSubscriptionImplTest() = default; // We need to destroy the subscription before the test's destruction, because the subscription's // destructor removes its watch from the NewGrpcMuxImpl, and that removal process involves // some things held by the test fixture. void TearDown() override { doSubscriptionTearDown(); } }; TEST_F(DeltaSubscriptionImplTest, UpdateResourcesCausesRequest) { startSubscription({"name1", "name2", "name3"}); expectSendMessage({"name4"}, {"name1", "name2"}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest({"name3", "name4"}); expectSendMessage({"name1", "name2"}, {}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest({"name1", "name2", "name3", "name4"}); expectSendMessage({}, {"name1", "name2"}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest({"name3", "name4"}); expectSendMessage({"name1", "name2"}, {}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest({"name1", "name2", "name3", "name4"}); expectSendMessage({}, {"name1", "name2", "name3"}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest({"name4"}); } // Checks that after a pause(), no requests are sent until resume(). // Also demonstrates the collapsing of subscription interest updates into a single // request. (This collapsing happens any time multiple updates arrive before a request // can be sent, not just with pausing: rate limiting or a down gRPC stream would also do it). TEST_F(DeltaSubscriptionImplTest, PauseHoldsRequest) { startSubscription({"name1", "name2", "name3"}); auto resume_sub = subscription_->pause(); // If nested pause wasn't handled correctly, the single expectedSendMessage below would be // insufficient. auto nested_resume_sub = subscription_->pause(); expectSendMessage({"name4"}, {"name1", "name2"}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); // If not for the pause, these updates would make the expectSendMessage fail due to too many // messages being sent. subscription_->updateResourceInterest({"name3", "name4"}); subscription_->updateResourceInterest({"name1", "name2", "name3", "name4"}); subscription_->updateResourceInterest({"name3", "name4"}); subscription_->updateResourceInterest({"name1", "name2", "name3", "name4"}); subscription_->updateResourceInterest({"name3", "name4"}); } TEST_F(DeltaSubscriptionImplTest, ResponseCausesAck) { startSubscription({"name1"}); deliverConfigUpdate({"name1"}, "someversion", true); } // Checks that after a pause(), no ACK requests are sent until resume(), but that after the // resume, *all* ACKs that arrived during the pause are sent (in order). TEST_F(DeltaSubscriptionImplTest, PauseQueuesAcks) { startSubscription({"name1", "name2", "name3"}); auto resume_sub = subscription_->pause(); // The server gives us our first version of resource name1. // subscription_ now wants to ACK name1 (but can't due to pause). { auto message = std::make_unique(); auto* resource = message->mutable_resources()->Add(); resource->set_name("name1"); resource->set_version("version1A"); const std::string nonce = std::to_string(HashUtil::xxHash64("version1A")); message->set_nonce(nonce); message->set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); nonce_acks_required_.push(nonce); static_cast(subscription_->grpcMux().get()) ->onDiscoveryResponse(std::move(message), control_plane_stats_); } // The server gives us our first version of resource name2. // subscription_ now wants to ACK name1 and then name2 (but can't due to pause). { auto message = std::make_unique(); auto* resource = message->mutable_resources()->Add(); resource->set_name("name2"); resource->set_version("version2A"); const std::string nonce = std::to_string(HashUtil::xxHash64("version2A")); message->set_nonce(nonce); message->set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); nonce_acks_required_.push(nonce); static_cast(subscription_->grpcMux().get()) ->onDiscoveryResponse(std::move(message), control_plane_stats_); } // The server gives us an updated version of resource name1. // subscription_ now wants to ACK name1A, then name2, then name1B (but can't due to pause). { auto message = std::make_unique(); auto* resource = message->mutable_resources()->Add(); resource->set_name("name1"); resource->set_version("version1B"); const std::string nonce = std::to_string(HashUtil::xxHash64("version1B")); message->set_nonce(nonce); message->set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); nonce_acks_required_.push(nonce); static_cast(subscription_->grpcMux().get()) ->onDiscoveryResponse(std::move(message), control_plane_stats_); } // All ACK sendMessage()s will happen upon calling resume(). EXPECT_CALL(async_stream_, sendMessageRaw_(_, _)) .WillRepeatedly(Invoke([this](Buffer::InstancePtr& buffer, bool) { API_NO_BOOST(envoy::api::v2::DeltaDiscoveryRequest) message; EXPECT_TRUE(Grpc::Common::parseBufferInstance(std::move(buffer), message)); const std::string nonce = message.response_nonce(); if (!nonce.empty()) { nonce_acks_sent_.push(nonce); } })); // DeltaSubscriptionTestHarness's dtor will check that all ACKs were sent with the correct nonces, // in the correct order. } TEST(DeltaSubscriptionImplFixturelessTest, NoGrpcStream) { Stats::IsolatedStoreImpl stats_store; SubscriptionStats stats(Utility::generateStats(stats_store)); envoy::config::core::v3::Node node; node.set_id("fo0"); NiceMock local_info; EXPECT_CALL(local_info, node()).WillRepeatedly(testing::ReturnRef(node)); NiceMock dispatcher; NiceMock random; Envoy::Config::RateLimitSettings rate_limit_settings; NiceMock callbacks; NiceMock resource_decoder; auto* async_client = new Grpc::MockAsyncClient(); const Protobuf::MethodDescriptor* method_descriptor = Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints"); NewGrpcMuxImplSharedPtr xds_context = std::make_shared( std::unique_ptr(async_client), dispatcher, *method_descriptor, envoy::config::core::v3::ApiVersion::AUTO, random, stats_store, rate_limit_settings, local_info); GrpcSubscriptionImplPtr subscription = std::make_unique( xds_context, callbacks, resource_decoder, stats, Config::TypeUrl::get().ClusterLoadAssignment, dispatcher, std::chrono::milliseconds(12345), false); EXPECT_CALL(*async_client, startRaw(_, _, _, _)).WillOnce(Return(nullptr)); subscription->start({"name1"}); subscription->updateResourceInterest({"name1", "name2"}); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/delta_subscription_state_test.cc ================================================ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/delta_subscription_state.h" #include "common/config/utility.h" #include "common/stats/isolated_store_impl.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/local_info/mocks.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::NiceMock; using testing::Throw; using testing::UnorderedElementsAre; namespace Envoy { namespace Config { namespace { const char TypeUrl[] = "type.googleapis.com/envoy.api.v2.Cluster"; class DeltaSubscriptionStateTest : public testing::Test { protected: DeltaSubscriptionStateTest() : state_(TypeUrl, callbacks_, local_info_) { state_.updateSubscriptionInterest({"name1", "name2", "name3"}, {}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name1", "name2", "name3")); } UpdateAck deliverDiscoveryResponse( const Protobuf::RepeatedPtrField& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info, absl::optional nonce = absl::nullopt, bool expect_config_update_call = true) { envoy::service::discovery::v3::DeltaDiscoveryResponse message; *message.mutable_resources() = added_resources; *message.mutable_removed_resources() = removed_resources; message.set_system_version_info(version_info); if (nonce.has_value()) { message.set_nonce(nonce.value()); } EXPECT_CALL(callbacks_, onConfigUpdate(_, _, _)).Times(expect_config_update_call ? 1 : 0); return state_.handleResponse(message); } UpdateAck deliverBadDiscoveryResponse( const Protobuf::RepeatedPtrField& added_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string& version_info, std::string nonce, std::string error_message) { envoy::service::discovery::v3::DeltaDiscoveryResponse message; *message.mutable_resources() = added_resources; *message.mutable_removed_resources() = removed_resources; message.set_system_version_info(version_info); message.set_nonce(nonce); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, _)).WillOnce(Throw(EnvoyException(error_message))); return state_.handleResponse(message); } NiceMock callbacks_; NiceMock local_info_; NiceMock dispatcher_; // We start out interested in three resources: name1, name2, and name3. DeltaSubscriptionState state_; }; Protobuf::RepeatedPtrField populateRepeatedResource(std::vector> items) { Protobuf::RepeatedPtrField add_to; for (const auto& item : items) { auto* resource = add_to.Add(); resource->set_name(item.first); resource->set_version(item.second); } return add_to; } // Basic gaining/losing interest in resources should lead to subscription updates. TEST_F(DeltaSubscriptionStateTest, SubscribeAndUnsubscribe) { { state_.updateSubscriptionInterest({"name4"}, {"name1"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name4")); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name1")); } { state_.updateSubscriptionInterest({"name1"}, {"name3", "name4"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name1")); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name3", "name4")); } } // Delta xDS reliably queues up and sends all discovery requests, even in situations where it isn't // strictly necessary. E.g.: if you subscribe but then unsubscribe to a given resource, all before a // request was able to be sent, two requests will be sent. The following tests demonstrate this. // // If Envoy decided it wasn't interested in a resource and then (before a request was sent) decided // it was again, for all we know, it dropped that resource in between and needs to retrieve it // again. So, we *should* send a request "re-"subscribing. This means that the server needs to // interpret the resource_names_subscribe field as "send these resources even if you think Envoy // already has them". TEST_F(DeltaSubscriptionStateTest, RemoveThenAdd) { state_.updateSubscriptionInterest({}, {"name3"}); state_.updateSubscriptionInterest({"name3"}, {}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name3")); EXPECT_TRUE(cur_request.resource_names_unsubscribe().empty()); } // Due to how our implementation provides the required behavior tested in RemoveThenAdd, the // add-then-remove case *also* causes the resource to be referred to in the request (as an // unsubscribe). // Unlike the remove-then-add case, this one really is unnecessary, and ideally we would have // the request simply not include any mention of the resource. Oh well. // This test is just here to illustrate that this behavior exists, not to enforce that it // should be like this. What *is* important: the server must happily and cleanly ignore // "unsubscribe from [resource name I have never before referred to]" requests. TEST_F(DeltaSubscriptionStateTest, AddThenRemove) { state_.updateSubscriptionInterest({"name4"}, {}); state_.updateSubscriptionInterest({}, {"name4"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_TRUE(cur_request.resource_names_subscribe().empty()); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name4")); } // add/remove/add == add. TEST_F(DeltaSubscriptionStateTest, AddRemoveAdd) { state_.updateSubscriptionInterest({"name4"}, {}); state_.updateSubscriptionInterest({}, {"name4"}); state_.updateSubscriptionInterest({"name4"}, {}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name4")); EXPECT_TRUE(cur_request.resource_names_unsubscribe().empty()); } // remove/add/remove == remove. TEST_F(DeltaSubscriptionStateTest, RemoveAddRemove) { state_.updateSubscriptionInterest({}, {"name3"}); state_.updateSubscriptionInterest({"name3"}, {}); state_.updateSubscriptionInterest({}, {"name3"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_TRUE(cur_request.resource_names_subscribe().empty()); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name3")); } // Starts with 1,2,3. 4 is added/removed/added. In those same updates, 1,2,3 are // removed/added/removed. End result should be 4 added and 1,2,3 removed. TEST_F(DeltaSubscriptionStateTest, BothAddAndRemove) { state_.updateSubscriptionInterest({"name4"}, {"name1", "name2", "name3"}); state_.updateSubscriptionInterest({"name1", "name2", "name3"}, {"name4"}); state_.updateSubscriptionInterest({"name4"}, {"name1", "name2", "name3"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name4")); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name1", "name2", "name3")); } TEST_F(DeltaSubscriptionStateTest, CumulativeUpdates) { state_.updateSubscriptionInterest({"name4"}, {}); state_.updateSubscriptionInterest({"name5"}, {}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name4", "name5")); EXPECT_TRUE(cur_request.resource_names_unsubscribe().empty()); } // Verifies that a sequence of good and bad responses from the server all get the appropriate // ACKs/NACKs from Envoy. TEST_F(DeltaSubscriptionStateTest, AckGenerated) { // The xDS server's first response includes items for name1 and 2, but not 3. { Protobuf::RepeatedPtrField added_resources = populateRepeatedResource({{"name1", "version1A"}, {"name2", "version2A"}}); UpdateAck ack = deliverDiscoveryResponse(added_resources, {}, "debug1", "nonce1"); EXPECT_EQ("nonce1", ack.nonce_); EXPECT_EQ(Grpc::Status::WellKnownGrpcStatus::Ok, ack.error_detail_.code()); } // The next response updates 1 and 2, and adds 3. { Protobuf::RepeatedPtrField added_resources = populateRepeatedResource( {{"name1", "version1B"}, {"name2", "version2B"}, {"name3", "version3A"}}); UpdateAck ack = deliverDiscoveryResponse(added_resources, {}, "debug2", "nonce2"); EXPECT_EQ("nonce2", ack.nonce_); EXPECT_EQ(Grpc::Status::WellKnownGrpcStatus::Ok, ack.error_detail_.code()); } // The next response tries but fails to update all 3, and so should produce a NACK. { Protobuf::RepeatedPtrField added_resources = populateRepeatedResource( {{"name1", "version1C"}, {"name2", "version2C"}, {"name3", "version3B"}}); UpdateAck ack = deliverBadDiscoveryResponse(added_resources, {}, "debug3", "nonce3", "oh no"); EXPECT_EQ("nonce3", ack.nonce_); EXPECT_NE(Grpc::Status::WellKnownGrpcStatus::Ok, ack.error_detail_.code()); } // The last response successfully updates all 3. { Protobuf::RepeatedPtrField added_resources = populateRepeatedResource( {{"name1", "version1D"}, {"name2", "version2D"}, {"name3", "version3C"}}); UpdateAck ack = deliverDiscoveryResponse(added_resources, {}, "debug4", "nonce4"); EXPECT_EQ("nonce4", ack.nonce_); EXPECT_EQ(Grpc::Status::WellKnownGrpcStatus::Ok, ack.error_detail_.code()); } // Bad response error detail is truncated if it's too large. { const std::string very_large_error_message(1 << 20, 'A'); Protobuf::RepeatedPtrField added_resources = populateRepeatedResource( {{"name1", "version1D"}, {"name2", "version2D"}, {"name3", "version3D"}}); UpdateAck ack = deliverBadDiscoveryResponse(added_resources, {}, "debug5", "nonce5", very_large_error_message); EXPECT_EQ("nonce5", ack.nonce_); EXPECT_NE(Grpc::Status::WellKnownGrpcStatus::Ok, ack.error_detail_.code()); EXPECT_TRUE(absl::EndsWith(ack.error_detail_.message(), "AAAAAAA...(truncated)")); EXPECT_LT(ack.error_detail_.message().length(), very_large_error_message.length()); } } // Tests population of the initial_resource_versions map in the first request of a new stream. // Tests that // 1) resources we have a version of are present in the map, // 2) resources we are interested in but don't have are not present, and // 3) resources we have lost interest in are not present. TEST_F(DeltaSubscriptionStateTest, ResourceGoneLeadsToBlankInitialVersion) { { // The xDS server's first update includes items for name1 and 2, but not 3. Protobuf::RepeatedPtrField add1_2 = populateRepeatedResource({{"name1", "version1A"}, {"name2", "version2A"}}); deliverDiscoveryResponse(add1_2, {}, "debugversion1"); state_.markStreamFresh(); // simulate a stream reconnection envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_EQ("version1A", cur_request.initial_resource_versions().at("name1")); EXPECT_EQ("version2A", cur_request.initial_resource_versions().at("name2")); EXPECT_EQ(cur_request.initial_resource_versions().end(), cur_request.initial_resource_versions().find("name3")); } { // The next update updates 1, removes 2, and adds 3. The map should then have 1 and 3. Protobuf::RepeatedPtrField add1_3 = populateRepeatedResource({{"name1", "version1B"}, {"name3", "version3A"}}); Protobuf::RepeatedPtrField remove2; *remove2.Add() = "name2"; deliverDiscoveryResponse(add1_3, remove2, "debugversion2"); state_.markStreamFresh(); // simulate a stream reconnection envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_EQ("version1B", cur_request.initial_resource_versions().at("name1")); EXPECT_EQ(cur_request.initial_resource_versions().end(), cur_request.initial_resource_versions().find("name2")); EXPECT_EQ("version3A", cur_request.initial_resource_versions().at("name3")); } { // The next update removes 1 and 3. The map we send the server should be empty... Protobuf::RepeatedPtrField remove1_3; *remove1_3.Add() = "name1"; *remove1_3.Add() = "name3"; deliverDiscoveryResponse({}, remove1_3, "debugversion3"); state_.markStreamFresh(); // simulate a stream reconnection envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_TRUE(cur_request.initial_resource_versions().empty()); } { // ...but our own map should remember our interest. In particular, losing interest in a // resource should cause its name to appear in the next request's resource_names_unsubscribe. state_.updateSubscriptionInterest({"name4"}, {"name1", "name2"}); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name4")); EXPECT_THAT(cur_request.resource_names_unsubscribe(), UnorderedElementsAre("name1", "name2")); } } // Upon a reconnection, the server is supposed to assume a blank slate for the Envoy's state // (hence the need for initial_resource_versions). The resource_names_subscribe of the first // message must therefore be every resource the Envoy is interested in. // // resource_names_unsubscribe, on the other hand, is always blank in the first request - even if, // in between the last request of the last stream and the first request of the new stream, Envoy // lost interest in a resource. The unsubscription implicitly takes effect by simply saying // nothing about the resource in the newly reconnected stream. TEST_F(DeltaSubscriptionStateTest, SubscribeAndUnsubscribeAfterReconnect) { Protobuf::RepeatedPtrField add1_2 = populateRepeatedResource({{"name1", "version1A"}, {"name2", "version2A"}}); deliverDiscoveryResponse(add1_2, {}, "debugversion1"); state_.updateSubscriptionInterest({"name4"}, {"name1"}); state_.markStreamFresh(); // simulate a stream reconnection envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); // Regarding the resource_names_subscribe field: // name1: do not include: we lost interest. // name2: yes do include: we're interested and we have a version of it. // name3: yes do include: even though we don't have a version of it, we are interested. // name4: yes do include: we are newly interested. (If this wasn't a stream reconnect, only // name4 // would belong in this subscribe field). EXPECT_THAT(cur_request.resource_names_subscribe(), UnorderedElementsAre("name2", "name3", "name4")); EXPECT_TRUE(cur_request.resource_names_unsubscribe().empty()); } // initial_resource_versions should not be present on messages after the first in a stream. TEST_F(DeltaSubscriptionStateTest, InitialVersionMapFirstMessageOnly) { // First, verify that the first message of a new stream sends initial versions. { // The xDS server's first update gives us all three resources. Protobuf::RepeatedPtrField add_all = populateRepeatedResource( {{"name1", "version1A"}, {"name2", "version2A"}, {"name3", "version3A"}}); deliverDiscoveryResponse(add_all, {}, "debugversion1"); state_.markStreamFresh(); // simulate a stream reconnection envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_EQ("version1A", cur_request.initial_resource_versions().at("name1")); EXPECT_EQ("version2A", cur_request.initial_resource_versions().at("name2")); EXPECT_EQ("version3A", cur_request.initial_resource_versions().at("name3")); } // Then, after updating the resources but not reconnecting the stream, verify that initial // versions are not sent. { state_.updateSubscriptionInterest({"name4"}, {}); // The xDS server updates our resources, and gives us our newly requested one too. Protobuf::RepeatedPtrField add_all = populateRepeatedResource({{"name1", "version1B"}, {"name2", "version2B"}, {"name3", "version3B"}, {"name4", "version4A"}}); deliverDiscoveryResponse(add_all, {}, "debugversion2"); envoy::service::discovery::v3::DeltaDiscoveryRequest cur_request = state_.getNextRequestAckless(); EXPECT_TRUE(cur_request.initial_resource_versions().empty()); } } TEST_F(DeltaSubscriptionStateTest, CheckUpdatePending) { // Note that the test fixture ctor causes the first request to be "sent", so we start in the // middle of a stream, with our initially interested resources having been requested already. EXPECT_FALSE(state_.subscriptionUpdatePending()); state_.updateSubscriptionInterest({}, {}); // no change EXPECT_FALSE(state_.subscriptionUpdatePending()); state_.markStreamFresh(); EXPECT_TRUE(state_.subscriptionUpdatePending()); // no change, BUT fresh stream state_.updateSubscriptionInterest({}, {"name3"}); // one removed EXPECT_TRUE(state_.subscriptionUpdatePending()); state_.updateSubscriptionInterest({"name3"}, {}); // one added EXPECT_TRUE(state_.subscriptionUpdatePending()); } // The next three tests test that duplicate resource names (whether additions or removals) cause // DeltaSubscriptionState to reject the update without even trying to hand it to the consuming // API's onConfigUpdate(). TEST_F(DeltaSubscriptionStateTest, DuplicatedAdd) { Protobuf::RepeatedPtrField additions = populateRepeatedResource({{"name1", "version1A"}, {"name1", "sdfsdfsdfds"}}); UpdateAck ack = deliverDiscoveryResponse(additions, {}, "debugversion1", absl::nullopt, false); EXPECT_EQ("duplicate name name1 found among added/updated resources", ack.error_detail_.message()); } TEST_F(DeltaSubscriptionStateTest, DuplicatedRemove) { Protobuf::RepeatedPtrField removals; *removals.Add() = "name1"; *removals.Add() = "name1"; UpdateAck ack = deliverDiscoveryResponse({}, removals, "debugversion1", absl::nullopt, false); EXPECT_EQ("duplicate name name1 found in the union of added+removed resources", ack.error_detail_.message()); } TEST_F(DeltaSubscriptionStateTest, AddedAndRemoved) { Protobuf::RepeatedPtrField additions = populateRepeatedResource({{"name1", "version1A"}}); Protobuf::RepeatedPtrField removals; *removals.Add() = "name1"; UpdateAck ack = deliverDiscoveryResponse(additions, removals, "debugversion1", absl::nullopt, false); EXPECT_EQ("duplicate name name1 found in the union of added+removed resources", ack.error_detail_.message()); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/delta_subscription_test_harness.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/grpc_subscription_impl.h" #include "common/config/new_grpc_mux_impl.h" #include "common/config/version_converter.h" #include "common/grpc/common.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/common.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/stats/mocks.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::Mock; using testing::NiceMock; using testing::Return; namespace Envoy { namespace Config { namespace { class DeltaSubscriptionTestHarness : public SubscriptionTestHarness { public: DeltaSubscriptionTestHarness() : DeltaSubscriptionTestHarness(std::chrono::milliseconds(0)) {} DeltaSubscriptionTestHarness(std::chrono::milliseconds init_fetch_timeout) : method_descriptor_(Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints")), async_client_(new Grpc::MockAsyncClient()) { node_.set_id("fo0"); EXPECT_CALL(local_info_, node()).WillRepeatedly(testing::ReturnRef(node_)); EXPECT_CALL(dispatcher_, createTimer_(_)); xds_context_ = std::make_shared( std::unique_ptr(async_client_), dispatcher_, *method_descriptor_, envoy::config::core::v3::ApiVersion::AUTO, random_, stats_store_, rate_limit_settings_, local_info_); subscription_ = std::make_unique( xds_context_, callbacks_, resource_decoder_, stats_, Config::TypeUrl::get().ClusterLoadAssignment, dispatcher_, init_fetch_timeout, false); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); } void doSubscriptionTearDown() override { if (subscription_started_) { EXPECT_CALL(async_stream_, sendMessageRaw_(_, _)); subscription_.reset(); } } ~DeltaSubscriptionTestHarness() override { while (!nonce_acks_required_.empty()) { if (nonce_acks_sent_.empty()) { // It's not enough to EXPECT_FALSE(nonce_acks_sent_.empty()), we need to skip the following // EXPECT_EQ, otherwise the undefined .front() can get pretty bad. EXPECT_FALSE(nonce_acks_sent_.empty()); break; } EXPECT_EQ(nonce_acks_required_.front(), nonce_acks_sent_.front()); nonce_acks_required_.pop(); nonce_acks_sent_.pop(); } EXPECT_TRUE(nonce_acks_sent_.empty()); } void startSubscription(const std::set& cluster_names) override { subscription_started_ = true; last_cluster_names_ = cluster_names; expectSendMessage(last_cluster_names_, ""); subscription_->start(cluster_names); } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node = false) override { UNREFERENCED_PARAMETER(version); UNREFERENCED_PARAMETER(expect_node); expectSendMessage(cluster_names, {}, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); } void expectSendMessage(const std::set& subscribe, const std::set& unsubscribe, const Protobuf::int32 error_code, const std::string& error_message, std::map initial_resource_versions) { API_NO_BOOST(envoy::api::v2::DeltaDiscoveryRequest) expected_request; expected_request.mutable_node()->CopyFrom(API_DOWNGRADE(node_)); std::copy( subscribe.begin(), subscribe.end(), Protobuf::RepeatedFieldBackInserter(expected_request.mutable_resource_names_subscribe())); std::copy( unsubscribe.begin(), unsubscribe.end(), Protobuf::RepeatedFieldBackInserter(expected_request.mutable_resource_names_unsubscribe())); if (!last_response_nonce_.empty()) { nonce_acks_required_.push(last_response_nonce_); last_response_nonce_ = ""; } expected_request.set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); for (auto const& resource : initial_resource_versions) { (*expected_request.mutable_initial_resource_versions())[resource.first] = resource.second; } if (error_code != Grpc::Status::WellKnownGrpcStatus::Ok) { ::google::rpc::Status* error_detail = expected_request.mutable_error_detail(); error_detail->set_code(error_code); error_detail->set_message(error_message); } EXPECT_CALL(async_stream_, sendMessageRaw_( Grpc::ProtoBufferEqIgnoringField(expected_request, "response_nonce"), false)) .WillOnce([this](Buffer::InstancePtr& buffer, bool) { API_NO_BOOST(envoy::api::v2::DeltaDiscoveryRequest) message; EXPECT_TRUE(Grpc::Common::parseBufferInstance(std::move(buffer), message)); const std::string nonce = message.response_nonce(); if (!nonce.empty()) { nonce_acks_sent_.push(nonce); } }); } void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept) override { auto response = std::make_unique(); last_response_nonce_ = std::to_string(HashUtil::xxHash64(version)); response->set_nonce(last_response_nonce_); response->set_system_version_info(version); response->set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); Protobuf::RepeatedPtrField typed_resources; for (const auto& cluster : cluster_names) { if (std::find(last_cluster_names_.begin(), last_cluster_names_.end(), cluster) != last_cluster_names_.end()) { envoy::config::endpoint::v3::ClusterLoadAssignment* load_assignment = typed_resources.Add(); load_assignment->set_cluster_name(cluster); auto* resource = response->add_resources(); resource->set_name(cluster); resource->set_version(version); resource->mutable_resource()->PackFrom(API_DOWNGRADE(*load_assignment)); } } Protobuf::RepeatedPtrField removed_resources; EXPECT_CALL(callbacks_, onConfigUpdate(_, _, version)).WillOnce(ThrowOnRejectedConfig(accept)); if (accept) { expectSendMessage({}, version); } else { EXPECT_CALL(callbacks_, onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); expectSendMessage({}, {}, Grpc::Status::WellKnownGrpcStatus::Internal, "bad config", {}); } static_cast(subscription_->grpcMux().get()) ->onDiscoveryResponse(std::move(response), control_plane_stats_); Mock::VerifyAndClearExpectations(&async_stream_); } void updateResourceInterest(const std::set& cluster_names) override { std::set sub; std::set unsub; std::set_difference(cluster_names.begin(), cluster_names.end(), last_cluster_names_.begin(), last_cluster_names_.end(), std::inserter(sub, sub.begin())); std::set_difference(last_cluster_names_.begin(), last_cluster_names_.end(), cluster_names.begin(), cluster_names.end(), std::inserter(unsub, unsub.begin())); expectSendMessage(sub, unsub, Grpc::Status::WellKnownGrpcStatus::Ok, "", {}); subscription_->updateResourceInterest(cluster_names); last_cluster_names_ = cluster_names; } void expectConfigUpdateFailed() override { EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, nullptr)); } void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds timeout) override { init_timeout_timer_ = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*init_timeout_timer_, enableTimer(timeout, _)); } void expectDisableInitFetchTimeoutTimer() override { EXPECT_CALL(*init_timeout_timer_, disableTimer()); } void callInitFetchTimeoutCb() override { init_timeout_timer_->invokeCallback(); } const Protobuf::MethodDescriptor* method_descriptor_; Grpc::MockAsyncClient* async_client_; Event::MockDispatcher dispatcher_; NiceMock random_; NiceMock local_info_; Grpc::MockAsyncStream async_stream_; NewGrpcMuxImplSharedPtr xds_context_; GrpcSubscriptionImplPtr subscription_; std::string last_response_nonce_; std::set last_cluster_names_; Envoy::Config::RateLimitSettings rate_limit_settings_; Event::MockTimer* init_timeout_timer_; envoy::config::core::v3::Node node_; NiceMock callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; std::queue nonce_acks_required_; std::queue nonce_acks_sent_; bool subscription_started_{}; }; } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/dummy_config.proto ================================================ // Provides protos for testing. syntax = "proto3"; package test.common.config; import "google/protobuf/timestamp.proto"; message DummyConfig { string a = 1; } message DummyConfigsDump { message StaticConfigs { DummyConfig dummy_config = 1; google.protobuf.Timestamp last_updated = 2; } message DynamicConfigs { string version_info = 1; DummyConfig dummy_config = 2; google.protobuf.Timestamp last_updated = 3; } repeated StaticConfigs static_dummy_configs = 1; repeated DynamicConfigs dynamic_dummy_configs = 2; } message DeltaDummyConfigsDump { message DynamicConfigs { string version_info = 1; repeated DummyConfig dummy_configs = 2; google.protobuf.Timestamp last_updated = 3; } repeated DynamicConfigs dynamic_dummy_configs = 2; } ================================================ FILE: test/common/config/filesystem_subscription_impl_test.cc ================================================ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener.pb.validate.h" #include "test/common/config/filesystem_subscription_test_harness.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" #include "test/test_common/logging.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::Return; using testing::Throw; namespace Envoy { namespace Config { namespace { class FilesystemSubscriptionImplTest : public testing::Test, public FilesystemSubscriptionTestHarness {}; // Validate that the client can recover from bad JSON responses. TEST_F(FilesystemSubscriptionImplTest, BadJsonRecovery) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); updateFile(";!@#badjso n"); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(3, 1, 0, 1, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); } // Validate that a file that is initially available results in a successful update. TEST_F(FilesystemSubscriptionImplTest, InitialFile) { updateFile("{\"versionInfo\": \"0\", \"resources\": []}", false); startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); } // Validate that if we fail to set a watch, we get a sensible warning. TEST(MiscFilesystemSubscriptionImplTest, BadWatch) { Event::MockDispatcher dispatcher; Stats::MockIsolatedStatsStore stats_store; NiceMock validation_visitor; Api::ApiPtr api = Api::createApiForTest(stats_store); SubscriptionStats stats{Utility::generateStats(stats_store)}; auto* watcher = new Filesystem::MockWatcher(); EXPECT_CALL(dispatcher, createFilesystemWatcher_()).WillOnce(Return(watcher)); EXPECT_CALL(*watcher, addWatch(_, _, _)).WillOnce(Throw(EnvoyException("bad path"))); NiceMock callbacks; NiceMock resource_decoder; EXPECT_THROW_WITH_MESSAGE(FilesystemSubscriptionImpl(dispatcher, "##!@/dev/null", callbacks, resource_decoder, stats, validation_visitor, *api), EnvoyException, "bad path"); } // Validate that the update_time statistic isn't changed when the configuration update gets // rejected. TEST_F(FilesystemSubscriptionImplTest, UpdateTimeNotChangedOnUpdateReject) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); updateFile(";!@#badjso n"); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); } // Validate that the update_time statistic is changed after a trivial configuration update // (update that resulted in no change). TEST_F(FilesystemSubscriptionImplTest, UpdateTimeChangedOnUpdateSuccess) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); // Advance the simulated time. simTime().setSystemTime(SystemTime(std::chrono::milliseconds(TEST_TIME_MILLIS + 1))); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(3, 2, 0, 0, 0, TEST_TIME_MILLIS + 1, 7148434200721666028, "0")); } // TODO(htuch): Add generic test harness support for collection subscriptions so that we can test // gRPC/HTTP transports similar to below. class FilesystemCollectionSubscriptionImplTest : public testing::Test, Event::TestUsingSimulatedTime { public: FilesystemCollectionSubscriptionImplTest() : path_(TestEnvironment::temporaryPath("lds.yaml")), stats_(Utility::generateStats(stats_store_)), api_(Api::createApiForTest(stats_store_, simTime())), dispatcher_(setupDispatcher()), subscription_(*dispatcher_, path_, callbacks_, resource_decoder_, stats_, ProtobufMessage::getStrictValidationVisitor(), *api_) {} ~FilesystemCollectionSubscriptionImplTest() override { TestEnvironment::removePath(path_); } Event::DispatcherPtr setupDispatcher() { auto dispatcher = std::make_unique(); EXPECT_CALL(*dispatcher, createFilesystemWatcher_()).WillOnce(InvokeWithoutArgs([this] { Filesystem::MockWatcher* mock_watcher = new Filesystem::MockWatcher(); EXPECT_CALL(*mock_watcher, addWatch(path_, Filesystem::Watcher::Events::MovedTo, _)) .WillOnce(Invoke([this](absl::string_view, uint32_t, Filesystem::Watcher::OnChangedCb cb) { on_changed_cb_ = cb; })); return mock_watcher; })); return dispatcher; } void updateFile(const std::string& yaml) { // Write YAML contents to file, rename to path_ and invoke on change callback const std::string temp_path = TestEnvironment::writeStringToFileForTest("lds.yaml.tmp", yaml); TestEnvironment::renameFile(temp_path, path_); on_changed_cb_(Filesystem::Watcher::Events::MovedTo); } AssertionResult statsAre(uint32_t attempt, uint32_t success, uint32_t rejected, uint32_t failure, uint64_t version, absl::string_view version_text) { if (attempt != stats_.update_attempt_.value()) { return testing::AssertionFailure() << "update_attempt: expected " << attempt << ", got " << stats_.update_attempt_.value(); } if (success != stats_.update_success_.value()) { return testing::AssertionFailure() << "update_success: expected " << success << ", got " << stats_.update_success_.value(); } if (rejected != stats_.update_rejected_.value()) { return testing::AssertionFailure() << "update_rejected: expected " << rejected << ", got " << stats_.update_rejected_.value(); } // The first attempt always fail. if (1 + failure != stats_.update_failure_.value()) { return testing::AssertionFailure() << "update_failure: expected " << 1 + failure << ", got " << stats_.update_failure_.value(); } if (version != stats_.version_.value()) { return testing::AssertionFailure() << "version: expected " << version << ", got " << stats_.version_.value(); } if (version_text != stats_.version_text_.value()) { return testing::AssertionFailure() << "version_text: expected " << version << ", got " << stats_.version_text_.value(); } return testing::AssertionSuccess(); } const std::string path_; Stats::IsolatedStoreImpl stats_store_; SubscriptionStats stats_; Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; Filesystem::Watcher::OnChangedCb on_changed_cb_; NiceMock callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"name"}; FilesystemCollectionSubscriptionImpl subscription_; }; // Validate that an initial collection load succeeds, followed by a successful update, for inline // entries. TEST_F(FilesystemCollectionSubscriptionImplTest, InlineEntrySuccess) { TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("name"); subscription_.start({}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, "")); // Initial config load. const auto inline_entry = TestUtility::parseYaml(R"EOF( name: foo version: resource.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 )EOF"); const std::string resource = fmt::format(R"EOF( version: system.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.ListenerCollection entries: - inline_entry: {} )EOF", MessageUtil::getJsonStringFromMessage(inline_entry)); DecodedResourcesWrapper decoded_resources; decoded_resources.pushBack(std::make_unique(resource_decoder, inline_entry)); EXPECT_CALL(callbacks_, onConfigUpdate(DecodedResourcesEq(decoded_resources.refvec_), "system.1")); updateFile(resource); EXPECT_TRUE(statsAre(2, 1, 0, 0, 1471442407191366964, "system.1")); // Update. const auto inline_entry_2 = TestUtility::parseYaml(R"EOF( name: foo version: resource.2 resource: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: protocol: TCP address: 0.0.0.1 port_value: 10001 )EOF"); const std::string resource_2 = fmt::format(R"EOF( version: system.2 resource: "@type": type.googleapis.com/envoy.config.listener.v3.ListenerCollection entries: - inline_entry: {} )EOF", MessageUtil::getJsonStringFromMessage(inline_entry_2)); { DecodedResourcesWrapper decoded_resources_2; decoded_resources_2.pushBack( std::make_unique(resource_decoder, inline_entry_2)); EXPECT_CALL(callbacks_, onConfigUpdate(DecodedResourcesEq(decoded_resources_2.refvec_), "system.2")); updateFile(resource_2); } EXPECT_TRUE(statsAre(3, 2, 0, 0, 17889017004055064037ULL, "system.2")); } // Validate handling of invalid resource wrappers TEST_F(FilesystemCollectionSubscriptionImplTest, BadEnvelope) { subscription_.start({}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, "")); EXPECT_CALL(callbacks_, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, _)); // Unknown collection type. updateFile("{}"); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, "")); const std::string resource = R"EOF( version: system.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.Listener )EOF"; EXPECT_CALL(callbacks_, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, _)); // Invalid collection type structure. updateFile(resource); EXPECT_TRUE(statsAre(3, 0, 0, 2, 0, "")); } // Validate handling of unknown fields. TEST_F(FilesystemCollectionSubscriptionImplTest, UnknownFields) { subscription_.start({}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, "")); const std::string resource = R"EOF( version: system.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.ListenerCollection entries: - inline_entry: name: foo version: resource.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo unknown_bar: baz address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 )EOF"; EXPECT_CALL(callbacks_, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, _)); updateFile(resource); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, "")); } // Validate handling of rejected config. TEST_F(FilesystemCollectionSubscriptionImplTest, ConfigRejection) { subscription_.start({}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, "")); const std::string resource = R"EOF( version: system.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.ListenerCollection entries: - inline_entry: name: foo version: resource.1 resource: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 )EOF"; EXPECT_CALL(callbacks_, onConfigUpdate(_, _)).WillOnce(Throw(EnvoyException("blah"))); EXPECT_CALL(callbacks_, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, _)); updateFile(resource); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, "")); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/filesystem_subscription_test_harness.h ================================================ #pragma once #include #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/filesystem_subscription_impl.h" #include "common/config/utility.h" #include "common/event/dispatcher_impl.h" #include "common/protobuf/utility.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::InvokeWithoutArgs; using testing::NiceMock; namespace Envoy { namespace Config { class FilesystemSubscriptionTestHarness : public SubscriptionTestHarness { public: FilesystemSubscriptionTestHarness() : path_(TestEnvironment::temporaryPath("eds.json")), api_(Api::createApiForTest(stats_store_, simTime())), dispatcher_(setupDispatcher()), subscription_(*dispatcher_, path_, callbacks_, resource_decoder_, stats_, validation_visitor_, *api_) {} ~FilesystemSubscriptionTestHarness() override { TestEnvironment::removePath(path_); } Event::DispatcherPtr setupDispatcher() { auto dispatcher = std::make_unique(); EXPECT_CALL(*dispatcher, createFilesystemWatcher_()).WillOnce(InvokeWithoutArgs([this] { Filesystem::MockWatcher* mock_watcher = new Filesystem::MockWatcher(); EXPECT_CALL(*mock_watcher, addWatch(path_, Filesystem::Watcher::Events::MovedTo, _)) .WillOnce(Invoke([this](absl::string_view, uint32_t, Filesystem::Watcher::OnChangedCb cb) { on_changed_cb_ = cb; })); return mock_watcher; })); return dispatcher; } void startSubscription(const std::set& cluster_names) override { std::ifstream config_file(path_); file_at_start_ = config_file.good(); subscription_.start(cluster_names); } void updateResourceInterest(const std::set& cluster_names) override { subscription_.updateResourceInterest(cluster_names); } void updateFile(const std::string& json, bool run_dispatcher = true) { // Write JSON contents to file, rename to path_ and invoke on change callback const std::string temp_path = TestEnvironment::writeStringToFileForTest("eds.json.tmp", json); TestEnvironment::renameFile(temp_path, path_); if (run_dispatcher) { on_changed_cb_(Filesystem::Watcher::Events::MovedTo); } } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node) override { UNREFERENCED_PARAMETER(cluster_names); UNREFERENCED_PARAMETER(version); UNREFERENCED_PARAMETER(expect_node); } void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept) override { std::string file_json = "{\"versionInfo\":\"" + version + "\",\"resources\":["; for (const auto& cluster : cluster_names) { file_json += "{\"@type\":\"type.googleapis.com/" "envoy.api.v2.ClusterLoadAssignment\",\"clusterName\":\"" + cluster + "\"},"; } file_json.pop_back(); file_json += "]}"; envoy::service::discovery::v3::DiscoveryResponse response_pb; TestUtility::loadFromJson(file_json, response_pb); const auto decoded_resources = TestUtility::decodeResources( response_pb, "cluster_name"); EXPECT_CALL(callbacks_, onConfigUpdate(DecodedResourcesEq(decoded_resources.refvec_), version)) .WillOnce(ThrowOnRejectedConfig(accept)); if (accept) { version_ = version; } else { EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)); } updateFile(file_json); } AssertionResult statsAre(uint32_t attempt, uint32_t success, uint32_t rejected, uint32_t failure, uint32_t init_fetch_timeout, uint64_t update_time, uint64_t version, absl::string_view version_text) override { // The first attempt always fail unless there was a file there to begin with. return SubscriptionTestHarness::statsAre(attempt, success, rejected, failure + (file_at_start_ ? 0 : 1), init_fetch_timeout, update_time, version, version_text); } void expectConfigUpdateFailed() override { stats_.update_failure_.inc(); } void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds) override { // initial_fetch_timeout not implemented. } void expectDisableInitFetchTimeoutTimer() override { // initial_fetch_timeout not implemented } void callInitFetchTimeoutCb() override { // initial_fetch_timeout not implemented } const std::string path_; std::string version_; Stats::IsolatedStoreImpl stats_store_; NiceMock validation_visitor_; Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; Filesystem::Watcher::OnChangedCb on_changed_cb_; NiceMock callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; FilesystemSubscriptionImpl subscription_; bool file_at_start_{false}; }; } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/grpc_mux_impl_test.cc ================================================ #include #include "envoy/api/v2/discovery.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/empty_string.h" #include "common/config/api_version.h" #include "common/config/grpc_mux_impl.h" #include "common/config/protobuf_link_hacks.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/protobuf/protobuf.h" #include "common/stats/isolated_store_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/logging.h" #include "test/test_common/resources.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_runtime.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::AtLeast; using testing::InSequence; using testing::Invoke; using testing::IsSubstring; using testing::NiceMock; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Config { namespace { // We test some mux specific stuff below, other unit test coverage for singleton use of GrpcMuxImpl // is provided in [grpc_]subscription_impl_test.cc. class GrpcMuxImplTestBase : public testing::Test { public: GrpcMuxImplTestBase() : async_client_(new Grpc::MockAsyncClient()), control_plane_connected_state_( stats_.gauge("control_plane.connected_state", Stats::Gauge::ImportMode::NeverImport)), control_plane_pending_requests_( stats_.gauge("control_plane.pending_requests", Stats::Gauge::ImportMode::NeverImport)) {} void setup() { grpc_mux_ = std::make_unique( local_info_, std::unique_ptr(async_client_), dispatcher_, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources"), envoy::config::core::v3::ApiVersion::AUTO, random_, stats_, rate_limit_settings_, true); } void setup(const RateLimitSettings& custom_rate_limit_settings) { grpc_mux_ = std::make_unique( local_info_, std::unique_ptr(async_client_), dispatcher_, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources"), envoy::config::core::v3::ApiVersion::AUTO, random_, stats_, custom_rate_limit_settings, true); } void expectSendMessage(const std::string& type_url, const std::vector& resource_names, const std::string& version, bool first = false, const std::string& nonce = "", const Protobuf::int32 error_code = Grpc::Status::WellKnownGrpcStatus::Ok, const std::string& error_message = "") { API_NO_BOOST(envoy::api::v2::DiscoveryRequest) expected_request; if (first) { expected_request.mutable_node()->CopyFrom(API_DOWNGRADE(local_info_.node())); } for (const auto& resource : resource_names) { expected_request.add_resource_names(resource); } if (!version.empty()) { expected_request.set_version_info(version); } expected_request.set_response_nonce(nonce); expected_request.set_type_url(type_url); if (error_code != Grpc::Status::WellKnownGrpcStatus::Ok) { ::google::rpc::Status* error_detail = expected_request.mutable_error_detail(); error_detail->set_code(error_code); error_detail->set_message(error_message); } EXPECT_CALL(async_stream_, sendMessageRaw_(Grpc::ProtoBufferEq(expected_request), false)); } NiceMock dispatcher_; NiceMock random_; Grpc::MockAsyncClient* async_client_; Grpc::MockAsyncStream async_stream_; GrpcMuxImplPtr grpc_mux_; NiceMock callbacks_; NiceMock resource_decoder_; NiceMock local_info_; Stats::TestUtil::TestStore stats_; Envoy::Config::RateLimitSettings rate_limit_settings_; Stats::Gauge& control_plane_connected_state_; Stats::Gauge& control_plane_pending_requests_; }; class GrpcMuxImplTest : public GrpcMuxImplTestBase { public: Event::SimulatedTimeSystem time_system_; }; // Validate behavior when multiple type URL watches are maintained, watches are created/destroyed // (via RAII). TEST_F(GrpcMuxImplTest, MultipleTypeUrlStreams) { setup(); InSequence s; auto foo_sub = grpc_mux_->addWatch("foo", {"x", "y"}, callbacks_, resource_decoder_); auto bar_sub = grpc_mux_->addWatch("bar", {}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage("foo", {"x", "y"}, "", true); expectSendMessage("bar", {}, ""); grpc_mux_->start(); EXPECT_EQ(1, control_plane_connected_state_.value()); expectSendMessage("bar", {"z"}, ""); auto bar_z_sub = grpc_mux_->addWatch("bar", {"z"}, callbacks_, resource_decoder_); expectSendMessage("bar", {"zz", "z"}, ""); auto bar_zz_sub = grpc_mux_->addWatch("bar", {"zz"}, callbacks_, resource_decoder_); expectSendMessage("bar", {"z"}, ""); expectSendMessage("bar", {}, ""); expectSendMessage("foo", {}, ""); } // Validate behavior when multiple type URL watches are maintained and the stream is reset. TEST_F(GrpcMuxImplTest, ResetStream) { InSequence s; Event::MockTimer* timer = nullptr; Event::TimerCb timer_cb; EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([&timer, &timer_cb](Event::TimerCb cb) { timer_cb = cb; EXPECT_EQ(nullptr, timer); timer = new Event::MockTimer(); return timer; })); setup(); auto foo_sub = grpc_mux_->addWatch("foo", {"x", "y"}, callbacks_, resource_decoder_); auto bar_sub = grpc_mux_->addWatch("bar", {}, callbacks_, resource_decoder_); auto baz_sub = grpc_mux_->addWatch("baz", {"z"}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage("foo", {"x", "y"}, "", true); expectSendMessage("bar", {}, ""); expectSendMessage("baz", {"z"}, ""); grpc_mux_->start(); EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, _)) .Times(3); EXPECT_CALL(random_, random()); ASSERT_TRUE(timer != nullptr); // initialized from dispatcher mock. EXPECT_CALL(*timer, enableTimer(_, _)); grpc_mux_->grpcStreamForTest().onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Canceled, ""); EXPECT_EQ(0, control_plane_connected_state_.value()); EXPECT_EQ(0, control_plane_pending_requests_.value()); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage("foo", {"x", "y"}, "", true); expectSendMessage("bar", {}, ""); expectSendMessage("baz", {"z"}, ""); timer_cb(); expectSendMessage("baz", {}, ""); expectSendMessage("foo", {}, ""); } // Validate pause-resume behavior. TEST_F(GrpcMuxImplTest, PauseResume) { setup(); InSequence s; GrpcMuxWatchPtr foo_sub; GrpcMuxWatchPtr foo_z_sub; GrpcMuxWatchPtr foo_zz_sub; foo_sub = grpc_mux_->addWatch("foo", {"x", "y"}, callbacks_, resource_decoder_); { ScopedResume a = grpc_mux_->pause("foo"); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_mux_->start(); expectSendMessage("foo", {"x", "y"}, "", true); } { ScopedResume a = grpc_mux_->pause("bar"); expectSendMessage("foo", {"z", "x", "y"}, ""); foo_z_sub = grpc_mux_->addWatch("foo", {"z"}, callbacks_, resource_decoder_); } { ScopedResume a = grpc_mux_->pause("foo"); foo_zz_sub = grpc_mux_->addWatch("foo", {"zz"}, callbacks_, resource_decoder_); expectSendMessage("foo", {"zz", "z", "x", "y"}, ""); } // When nesting, we only have a single resumption. { ScopedResume a = grpc_mux_->pause("foo"); ScopedResume b = grpc_mux_->pause("foo"); foo_zz_sub = grpc_mux_->addWatch("foo", {"zz"}, callbacks_, resource_decoder_); expectSendMessage("foo", {"zz", "z", "x", "y"}, ""); } grpc_mux_->pause("foo")->cancel(); } // Validate behavior when type URL mismatches occur. TEST_F(GrpcMuxImplTest, TypeUrlMismatch) { setup(); auto invalid_response = std::make_unique(); InSequence s; auto foo_sub = grpc_mux_->addWatch("foo", {"x", "y"}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage("foo", {"x", "y"}, "", true); grpc_mux_->start(); { auto response = std::make_unique(); response->set_type_url("bar"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } { invalid_response->set_type_url("foo"); invalid_response->mutable_resources()->Add()->set_type_url("bar"); EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)) .WillOnce(Invoke([](Envoy::Config::ConfigUpdateFailureReason, const EnvoyException* e) { EXPECT_TRUE(IsSubstring( "", "", "bar does not match the message-wide type URL foo in DiscoveryResponse", e->what())); })); expectSendMessage( "foo", {"x", "y"}, "", false, "", Grpc::Status::WellKnownGrpcStatus::Internal, fmt::format("bar does not match the message-wide type URL foo in DiscoveryResponse {}", invalid_response->DebugString())); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(invalid_response)); } expectSendMessage("foo", {}, ""); } TEST_F(GrpcMuxImplTest, RpcErrorMessageTruncated) { setup(); auto invalid_response = std::make_unique(); InSequence s; auto foo_sub = grpc_mux_->addWatch("foo", {"x", "y"}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage("foo", {"x", "y"}, "", true); grpc_mux_->start(); { // Large error message sent back to management server is truncated. const std::string very_large_type_url(1 << 20, 'A'); invalid_response->set_type_url("foo"); invalid_response->mutable_resources()->Add()->set_type_url(very_large_type_url); EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)) .WillOnce(Invoke([&very_large_type_url](Envoy::Config::ConfigUpdateFailureReason, const EnvoyException* e) { EXPECT_TRUE(IsSubstring( "", "", fmt::format("{} does not match the message-wide type URL foo in DiscoveryResponse", very_large_type_url), // Local error message is not truncated. e->what())); })); expectSendMessage("foo", {"x", "y"}, "", false, "", Grpc::Status::WellKnownGrpcStatus::Internal, fmt::format("{}...(truncated)", std::string(4096, 'A'))); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(invalid_response)); } expectSendMessage("foo", {}, ""); } // Validate behavior when watches has an unknown resource name. TEST_F(GrpcMuxImplTest, WildcardWatch) { setup(); InSequence s; const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); auto foo_sub = grpc_mux_->addWatch(type_url, {}, callbacks_, resource_decoder); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage(type_url, {}, "", true); grpc_mux_->start(); { auto response = std::make_unique(); response->set_type_url(type_url); response->set_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment)); EXPECT_CALL(callbacks_, onConfigUpdate(_, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& resources, const std::string&) { EXPECT_EQ(1, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment)); })); expectSendMessage(type_url, {}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } } // Validate behavior when watches specify resources (potentially overlapping). TEST_F(GrpcMuxImplTest, WatchDemux) { setup(); InSequence s; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; NiceMock foo_callbacks; auto foo_sub = grpc_mux_->addWatch(type_url, {"x", "y"}, foo_callbacks, resource_decoder); NiceMock bar_callbacks; auto bar_sub = grpc_mux_->addWatch(type_url, {"y", "z"}, bar_callbacks, resource_decoder); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); // Should dedupe the "x" resource. expectSendMessage(type_url, {"y", "z", "x"}, "", true); grpc_mux_->start(); { auto response = std::make_unique(); response->set_type_url(type_url); response->set_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment)); EXPECT_CALL(bar_callbacks, onConfigUpdate(_, "1")).Times(0); EXPECT_CALL(foo_callbacks, onConfigUpdate(_, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& resources, const std::string&) { EXPECT_EQ(1, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment)); })); expectSendMessage(type_url, {"y", "z", "x"}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } { auto response = std::make_unique(); response->set_type_url(type_url); response->set_version_info("2"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_x; load_assignment_x.set_cluster_name("x"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment_x)); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_y; load_assignment_y.set_cluster_name("y"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment_y)); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_z; load_assignment_z.set_cluster_name("z"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment_z)); EXPECT_CALL(bar_callbacks, onConfigUpdate(_, "2")) .WillOnce(Invoke([&load_assignment_y, &load_assignment_z]( const std::vector& resources, const std::string&) { EXPECT_EQ(2, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment_y)); const auto& expected_assignment_1 = dynamic_cast( resources[1].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment_1, load_assignment_z)); })); EXPECT_CALL(foo_callbacks, onConfigUpdate(_, "2")) .WillOnce(Invoke([&load_assignment_x, &load_assignment_y]( const std::vector& resources, const std::string&) { EXPECT_EQ(2, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment_x)); const auto& expected_assignment_1 = dynamic_cast( resources[1].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment_1, load_assignment_y)); })); expectSendMessage(type_url, {"y", "z", "x"}, "2"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } expectSendMessage(type_url, {"x", "y"}, "2"); expectSendMessage(type_url, {}, "2"); } // Validate behavior when we have multiple watchers that send empty updates. TEST_F(GrpcMuxImplTest, MultipleWatcherWithEmptyUpdates) { setup(); InSequence s; const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; NiceMock foo_callbacks; auto foo_sub = grpc_mux_->addWatch(type_url, {"x", "y"}, foo_callbacks, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage(type_url, {"x", "y"}, "", true); grpc_mux_->start(); auto response = std::make_unique(); response->set_type_url(type_url); response->set_version_info("1"); EXPECT_CALL(foo_callbacks, onConfigUpdate(_, "1")).Times(0); expectSendMessage(type_url, {"x", "y"}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); expectSendMessage(type_url, {}, "1"); } // Validate behavior when we have Single Watcher that sends Empty updates. TEST_F(GrpcMuxImplTest, SingleWatcherWithEmptyUpdates) { setup(); const std::string& type_url = Config::TypeUrl::get().Cluster; NiceMock foo_callbacks; auto foo_sub = grpc_mux_->addWatch(type_url, {}, foo_callbacks, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage(type_url, {}, "", true); grpc_mux_->start(); auto response = std::make_unique(); response->set_type_url(type_url); response->set_version_info("1"); // Validate that onConfigUpdate is called with empty resources. EXPECT_CALL(foo_callbacks, onConfigUpdate(_, "1")) .WillOnce(Invoke([](const std::vector& resources, const std::string&) { EXPECT_TRUE(resources.empty()); })); expectSendMessage(type_url, {}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } // Exactly one test requires a mock time system to provoke behavior that cannot // easily be achieved with a SimulatedTimeSystem. class GrpcMuxImplTestWithMockTimeSystem : public GrpcMuxImplTestBase { public: Event::DelegatingTestTimeSystem mock_time_system_; }; // Verifies that rate limiting is not enforced with defaults. TEST_F(GrpcMuxImplTestWithMockTimeSystem, TooManyRequestsWithDefaultSettings) { // Validate that only connection retry timer is enabled. Event::MockTimer* timer = nullptr; Event::TimerCb timer_cb; EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([&timer, &timer_cb](Event::TimerCb cb) { timer_cb = cb; EXPECT_EQ(nullptr, timer); timer = new Event::MockTimer(); return timer; })); // Validate that rate limiter is not created. EXPECT_CALL(*mock_time_system_, monotonicTime()).Times(0); setup(); EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)).Times(AtLeast(99)); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); const auto onReceiveMessage = [&](uint64_t burst) { for (uint64_t i = 0; i < burst; i++) { auto response = std::make_unique(); response->set_version_info("baz"); response->set_nonce("bar"); response->set_type_url("foo"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } }; auto foo_sub = grpc_mux_->addWatch("foo", {"x"}, callbacks_, resource_decoder_); expectSendMessage("foo", {"x"}, "", true); grpc_mux_->start(); // Exhausts the limit. onReceiveMessage(99); // API calls go over the limit but we do not see the stat incremented. onReceiveMessage(1); EXPECT_EQ(0, stats_.counter("control_plane.rate_limit_enforced").value()); } // Verifies that default rate limiting is enforced with empty RateLimitSettings. TEST_F(GrpcMuxImplTest, TooManyRequestsWithEmptyRateLimitSettings) { // Validate that request drain timer is created. Event::MockTimer* timer = nullptr; Event::MockTimer* drain_request_timer = nullptr; Event::TimerCb timer_cb; Event::TimerCb drain_timer_cb; EXPECT_CALL(dispatcher_, createTimer_(_)) .WillOnce(Invoke([&timer, &timer_cb](Event::TimerCb cb) { timer_cb = cb; EXPECT_EQ(nullptr, timer); timer = new Event::MockTimer(); return timer; })) .WillOnce(Invoke([&drain_request_timer, &drain_timer_cb](Event::TimerCb cb) { drain_timer_cb = cb; EXPECT_EQ(nullptr, drain_request_timer); drain_request_timer = new Event::MockTimer(); return drain_request_timer; })); RateLimitSettings custom_rate_limit_settings; custom_rate_limit_settings.enabled_ = true; setup(custom_rate_limit_settings); // Attempt to send 99 messages. One of them is rate limited (and we never drain). EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)).Times(99); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); const auto onReceiveMessage = [&](uint64_t burst) { for (uint64_t i = 0; i < burst; i++) { auto response = std::make_unique(); response->set_version_info("baz"); response->set_nonce("bar"); response->set_type_url("foo"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } }; auto foo_sub = grpc_mux_->addWatch("foo", {"x"}, callbacks_, resource_decoder_); expectSendMessage("foo", {"x"}, "", true); grpc_mux_->start(); // Validate that drain_request_timer is enabled when there are no tokens. EXPECT_CALL(*drain_request_timer, enableTimer(std::chrono::milliseconds(100), _)); // The drain timer enable is checked twice, once when we limit, again when the watch is destroyed. EXPECT_CALL(*drain_request_timer, enabled()).Times(11); onReceiveMessage(110); EXPECT_EQ(11, stats_.counter("control_plane.rate_limit_enforced").value()); EXPECT_EQ(11, control_plane_pending_requests_.value()); // Validate that when we reset a stream with pending requests, it reverts back to the initial // query (i.e. the queue is discarded). EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, _)); EXPECT_CALL(random_, random()); ASSERT_TRUE(timer != nullptr); // initialized from dispatcher mock. EXPECT_CALL(*timer, enableTimer(_, _)); grpc_mux_->grpcStreamForTest().onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Canceled, ""); EXPECT_EQ(11, control_plane_pending_requests_.value()); EXPECT_EQ(0, control_plane_connected_state_.value()); EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); time_system_.setMonotonicTime(std::chrono::seconds(30)); timer_cb(); EXPECT_EQ(0, control_plane_pending_requests_.value()); // One more message on the way out when the watch is destroyed. EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)); } // Verifies that rate limiting is enforced with custom RateLimitSettings. TEST_F(GrpcMuxImplTest, TooManyRequestsWithCustomRateLimitSettings) { // Validate that request drain timer is created. Event::MockTimer* timer = nullptr; Event::MockTimer* drain_request_timer = nullptr; Event::TimerCb timer_cb; Event::TimerCb drain_timer_cb; EXPECT_CALL(dispatcher_, createTimer_(_)) .WillOnce(Invoke([&timer, &timer_cb](Event::TimerCb cb) { timer_cb = cb; EXPECT_EQ(nullptr, timer); timer = new Event::MockTimer(); return timer; })) .WillOnce(Invoke([&drain_request_timer, &drain_timer_cb](Event::TimerCb cb) { drain_timer_cb = cb; EXPECT_EQ(nullptr, drain_request_timer); drain_request_timer = new Event::MockTimer(); return drain_request_timer; })); RateLimitSettings custom_rate_limit_settings; custom_rate_limit_settings.enabled_ = true; custom_rate_limit_settings.max_tokens_ = 250; custom_rate_limit_settings.fill_rate_ = 2; setup(custom_rate_limit_settings); EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)).Times(AtLeast(260)); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); const auto onReceiveMessage = [&](uint64_t burst) { for (uint64_t i = 0; i < burst; i++) { auto response = std::make_unique(); response->set_version_info("baz"); response->set_nonce("bar"); response->set_type_url("foo"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } }; auto foo_sub = grpc_mux_->addWatch("foo", {"x"}, callbacks_, resource_decoder_); expectSendMessage("foo", {"x"}, "", true); grpc_mux_->start(); // Validate that rate limit is not enforced for 100 requests. onReceiveMessage(100); EXPECT_EQ(0, stats_.counter("control_plane.rate_limit_enforced").value()); // Validate that drain_request_timer is enabled when there are no tokens. EXPECT_CALL(*drain_request_timer, enableTimer(std::chrono::milliseconds(500), _)); EXPECT_CALL(*drain_request_timer, enabled()).Times(11); onReceiveMessage(160); EXPECT_EQ(11, stats_.counter("control_plane.rate_limit_enforced").value()); EXPECT_EQ(11, control_plane_pending_requests_.value()); // Validate that drain requests call when there are multiple requests in queue. time_system_.setMonotonicTime(std::chrono::seconds(10)); drain_timer_cb(); // Check that the pending_requests stat is updated with the queue drain. EXPECT_EQ(0, control_plane_pending_requests_.value()); } // Verifies that a message with no resources is accepted. TEST_F(GrpcMuxImplTest, UnwatchedTypeAcceptsEmptyResources) { setup(); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; grpc_mux_->start(); { // subscribe and unsubscribe to simulate a cluster added and removed expectSendMessage(type_url, {"y"}, "", true); auto temp_sub = grpc_mux_->addWatch(type_url, {"y"}, callbacks_, resource_decoder_); expectSendMessage(type_url, {}, ""); } // simulate the server sending empty CLA message to notify envoy that the CLA was removed. auto response = std::make_unique(); response->set_nonce("bar"); response->set_version_info("1"); response->set_type_url(type_url); // TODO(fredlas) the expectation of no discovery request here is against the xDS spec. // The upcoming xDS overhaul (part of/followup to PR7293) will fix this. // // This contains zero resources. No discovery request should be sent. grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); // when we add the new subscription version should be 1 and nonce should be bar expectSendMessage(type_url, {"x"}, "1", false, "bar"); // simulate a new cluster x is added. add CLA subscription for it. auto sub = grpc_mux_->addWatch(type_url, {"x"}, callbacks_, resource_decoder_); expectSendMessage(type_url, {}, "1", false, "bar"); } // Verifies that a message with some resources is rejected when there are no watches. TEST_F(GrpcMuxImplTest, UnwatchedTypeRejectsResources) { setup(); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; grpc_mux_->start(); // subscribe and unsubscribe (by not keeping the return watch) so that the type is known to envoy expectSendMessage(type_url, {"y"}, "", true); expectSendMessage(type_url, {}, ""); grpc_mux_->addWatch(type_url, {"y"}, callbacks_, resource_decoder_); // simulate the server sending CLA message to notify envoy that the CLA was added, // even though envoy doesn't expect it. Envoy should reject this update. auto response = std::make_unique(); response->set_nonce("bar"); response->set_version_info("1"); response->set_type_url(type_url); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->PackFrom(load_assignment); // The message should be rejected. expectSendMessage(type_url, {}, "", false, "bar"); EXPECT_LOG_CONTAINS("warning", "Ignoring unwatched type URL " + type_url, grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response))); } TEST_F(GrpcMuxImplTest, BadLocalInfoEmptyClusterName) { EXPECT_CALL(local_info_, clusterName()).WillOnce(ReturnRef(EMPTY_STRING)); EXPECT_THROW_WITH_MESSAGE( GrpcMuxImpl( local_info_, std::unique_ptr(async_client_), dispatcher_, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources"), envoy::config::core::v3::ApiVersion::AUTO, random_, stats_, rate_limit_settings_, true), EnvoyException, "ads: node 'id' and 'cluster' are required. Set it either in 'node' config or via " "--service-node and --service-cluster options."); } TEST_F(GrpcMuxImplTest, BadLocalInfoEmptyNodeName) { EXPECT_CALL(local_info_, nodeName()).WillOnce(ReturnRef(EMPTY_STRING)); EXPECT_THROW_WITH_MESSAGE( GrpcMuxImpl( local_info_, std::unique_ptr(async_client_), dispatcher_, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources"), envoy::config::core::v3::ApiVersion::AUTO, random_, stats_, rate_limit_settings_, true), EnvoyException, "ads: node 'id' and 'cluster' are required. Set it either in 'node' config or via " "--service-node and --service-cluster options."); } // Send discovery request with v2 resource type_url, receive discovery response with v3 resource // type_url. TEST_F(GrpcMuxImplTest, WatchV2ResourceV3) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.enable_type_url_downgrade_and_upgrade", "true"}}); setup(); InSequence s; const std::string& v2_type_url = Config::TypeUrl::get().ClusterLoadAssignment; const std::string& v3_type_url = Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3); TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); auto foo_sub = grpc_mux_->addWatch(v2_type_url, {}, callbacks_, resource_decoder); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage(v2_type_url, {}, "", true); grpc_mux_->start(); { auto response = std::make_unique(); response->set_type_url(v3_type_url); response->set_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->PackFrom(load_assignment); EXPECT_CALL(callbacks_, onConfigUpdate(_, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& resources, const std::string&) { EXPECT_EQ(1, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment)); })); expectSendMessage(v2_type_url, {}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } } // Send discovery request with v3 resource type_url, receive discovery response with v2 resource // type_url. TEST_F(GrpcMuxImplTest, WatchV3ResourceV2) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.enable_type_url_downgrade_and_upgrade", "true"}}); setup(); InSequence s; const std::string& v2_type_url = Config::TypeUrl::get().ClusterLoadAssignment; const std::string& v3_type_url = Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3); TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); auto foo_sub = grpc_mux_->addWatch(v3_type_url, {}, callbacks_, resource_decoder); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage(v3_type_url, {}, "", true); grpc_mux_->start(); { auto response = std::make_unique(); response->set_type_url(v2_type_url); response->set_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->PackFrom(API_DOWNGRADE(load_assignment)); EXPECT_CALL(callbacks_, onConfigUpdate(_, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& resources, const std::string&) { EXPECT_EQ(1, resources.size()); const auto& expected_assignment = dynamic_cast( resources[0].get().resource()); EXPECT_TRUE(TestUtility::protoEqual(expected_assignment, load_assignment)); })); expectSendMessage(v3_type_url, {}, "1"); grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response)); } } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/grpc_stream_test.cc ================================================ #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/grpc_stream.h" #include "common/protobuf/protobuf.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::NiceMock; using testing::Return; namespace Envoy { namespace Config { namespace { class GrpcStreamTest : public testing::Test { protected: GrpcStreamTest() : async_client_owner_(std::make_unique()), async_client_(async_client_owner_.get()), grpc_stream_(&callbacks_, std::move(async_client_owner_), *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints"), random_, dispatcher_, stats_, rate_limit_settings_) {} NiceMock dispatcher_; Grpc::MockAsyncStream async_stream_; Stats::TestUtil::TestStore stats_; NiceMock random_; Envoy::Config::RateLimitSettings rate_limit_settings_; NiceMock callbacks_; std::unique_ptr async_client_owner_; Grpc::MockAsyncClient* async_client_; GrpcStream grpc_stream_; }; // Tests that establishNewStream() establishes it, a second call does nothing, and a third call // after the stream was disconnected re-establishes it. TEST_F(GrpcStreamTest, EstablishStream) { EXPECT_FALSE(grpc_stream_.grpcStreamAvailable()); // Successful establishment { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); EXPECT_CALL(callbacks_, onStreamEstablished()); grpc_stream_.establishNewStream(); EXPECT_TRUE(grpc_stream_.grpcStreamAvailable()); } // Idempotent { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).Times(0); EXPECT_CALL(callbacks_, onStreamEstablished()).Times(0); grpc_stream_.establishNewStream(); EXPECT_TRUE(grpc_stream_.grpcStreamAvailable()); } grpc_stream_.onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Ok, ""); EXPECT_FALSE(grpc_stream_.grpcStreamAvailable()); // Successful re-establishment { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); EXPECT_CALL(callbacks_, onStreamEstablished()); grpc_stream_.establishNewStream(); EXPECT_TRUE(grpc_stream_.grpcStreamAvailable()); } } // A failure in the underlying gRPC machinery should result in grpcStreamAvailable() false. Calling // sendMessage would segfault. TEST_F(GrpcStreamTest, FailToEstablishNewStream) { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(nullptr)); EXPECT_CALL(callbacks_, onEstablishmentFailure()); grpc_stream_.establishNewStream(); EXPECT_FALSE(grpc_stream_.grpcStreamAvailable()); } // Checks that sendMessage correctly passes a DiscoveryRequest down to the underlying gRPC // machinery. TEST_F(GrpcStreamTest, SendMessage) { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_stream_.establishNewStream(); envoy::service::discovery::v3::DiscoveryRequest request; request.set_response_nonce("grpc_stream_test_noncense"); EXPECT_CALL(async_stream_, sendMessageRaw_(Grpc::ProtoBufferEq(request), false)); grpc_stream_.sendMessage(request); } // Tests that, upon a call of the GrpcStream::onReceiveMessage() callback, which is called by the // underlying gRPC machinery, the received proto will make it up to the GrpcStreamCallbacks that the // GrpcStream was given. TEST_F(GrpcStreamTest, ReceiveMessage) { envoy::service::discovery::v3::DiscoveryResponse response_copy; response_copy.set_type_url("faketypeURL"); auto response = std::make_unique(response_copy); envoy::service::discovery::v3::DiscoveryResponse received_message; EXPECT_CALL(callbacks_, onDiscoveryResponse(_, _)) .WillOnce([&received_message]( std::unique_ptr&& message, ControlPlaneStats&) { received_message = *message; }); grpc_stream_.onReceiveMessage(std::move(response)); EXPECT_TRUE(TestUtility::protoEqual(response_copy, received_message)); } // If the value has only ever been 0, the stat should remain unused, including after an attempt to // write a 0 to it. TEST_F(GrpcStreamTest, QueueSizeStat) { grpc_stream_.maybeUpdateQueueSizeStat(0); Stats::Gauge& pending_requests = stats_.gauge("control_plane.pending_requests", Stats::Gauge::ImportMode::Accumulate); EXPECT_FALSE(pending_requests.used()); grpc_stream_.maybeUpdateQueueSizeStat(123); EXPECT_EQ(123, pending_requests.value()); grpc_stream_.maybeUpdateQueueSizeStat(0); EXPECT_EQ(0, pending_requests.value()); } // Just to add coverage to the no-op implementations of these callbacks (without exposing us to // crashes from a badly behaved peer like NOT_IMPLEMENTED_GCOVR_EXCL_LINE would). TEST_F(GrpcStreamTest, HeaderTrailerJustForCodeCoverage) { Http::ResponseHeaderMapPtr response_headers{new Http::TestResponseHeaderMapImpl{}}; grpc_stream_.onReceiveInitialMetadata(std::move(response_headers)); Http::TestRequestHeaderMapImpl request_headers; grpc_stream_.onCreateInitialMetadata(request_headers); Http::ResponseTrailerMapPtr trailers{new Http::TestResponseTrailerMapImpl{}}; grpc_stream_.onReceiveTrailingMetadata(std::move(trailers)); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/grpc_subscription_impl_test.cc ================================================ #include "test/common/config/grpc_subscription_test_harness.h" #include "gtest/gtest.h" using testing::InSequence; namespace Envoy { namespace Config { namespace { class GrpcSubscriptionImplTest : public testing::Test, public GrpcSubscriptionTestHarness {}; // Validate that stream creation results in a timer based retry and can recover. TEST_F(GrpcSubscriptionImplTest, StreamCreationFailure) { InSequence s; EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(nullptr)); // onConfigUpdateFailed() should not be called for gRPC stream connection failure EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, _)) .Times(0); EXPECT_CALL(random_, random()); EXPECT_CALL(*timer_, enableTimer(_, _)); subscription_->start({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); // Ensure this doesn't cause an issue by sending a request, since we don't // have a gRPC stream. subscription_->updateResourceInterest({"cluster2"}); // Retry and succeed. EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage({"cluster2"}, "", true); timer_cb_(); EXPECT_TRUE(statsAre(3, 0, 0, 1, 0, 0, 0, "")); verifyControlPlaneStats(1); } // Validate that the client can recover from a remote stream closure via retry. TEST_F(GrpcSubscriptionImplTest, RemoteStreamClose) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); // onConfigUpdateFailed() should not be called for gRPC stream connection failure EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, _)) .Times(0); EXPECT_CALL(*timer_, enableTimer(_, _)); EXPECT_CALL(random_, random()); mux_->grpcStreamForTest().onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Canceled, ""); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); verifyControlPlaneStats(0); // Retry and succeed. EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); expectSendMessage({"cluster0", "cluster1"}, "", true); timer_cb_(); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); } // Validate that When the management server gets multiple requests for the same version, it can // ignore later ones. This allows the nonce to be used. TEST_F(GrpcSubscriptionImplTest, RepeatedNonce) { InSequence s; startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); // First with the initial, empty version update to "0". updateResourceInterest({"cluster2"}); EXPECT_TRUE(statsAre(2, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster2"}, "0", false); EXPECT_TRUE(statsAre(3, 0, 1, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster2"}, "0", true); EXPECT_TRUE(statsAre(4, 1, 1, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); // Now with version "0" update to "1". updateResourceInterest({"cluster3"}); EXPECT_TRUE(statsAre(5, 1, 1, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); deliverConfigUpdate({"cluster3"}, "42", false); EXPECT_TRUE(statsAre(6, 1, 2, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); deliverConfigUpdate({"cluster3"}, "42", true); EXPECT_TRUE(statsAre(7, 2, 2, 0, 0, TEST_TIME_MILLIS, 7919287270473417401, "42")); } TEST_F(GrpcSubscriptionImplTest, UpdateTimeNotChangedOnUpdateReject) { InSequence s; startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster2"}, "0", false); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); } TEST_F(GrpcSubscriptionImplTest, UpdateTimeChangedOnUpdateSuccess) { InSequence s; startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster2"}, "0", true); EXPECT_TRUE(statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); // Advance the simulated time and verify that a trivial update (no change) also changes the update // time. simTime().setSystemTime(SystemTime(std::chrono::milliseconds(TEST_TIME_MILLIS + 1))); deliverConfigUpdate({"cluster0", "cluster2"}, "0", true); EXPECT_TRUE(statsAre(2, 2, 0, 0, 0, TEST_TIME_MILLIS + 1, 7148434200721666028, "0")); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/grpc_subscription_test_harness.h ================================================ #pragma once #include #include "envoy/api/v2/discovery.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/hash.h" #include "common/config/api_version.h" #include "common/config/grpc_mux_impl.h" #include "common/config/grpc_subscription_impl.h" #include "common/config/version_converter.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/test_common/resources.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Invoke; using testing::Mock; using testing::NiceMock; using testing::Return; namespace Envoy { namespace Config { class GrpcSubscriptionTestHarness : public SubscriptionTestHarness { public: GrpcSubscriptionTestHarness() : GrpcSubscriptionTestHarness(std::chrono::milliseconds(0)) {} GrpcSubscriptionTestHarness(std::chrono::milliseconds init_fetch_timeout) : method_descriptor_(Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints")), async_client_(new NiceMock()), timer_(new Event::MockTimer()) { node_.set_id("fo0"); EXPECT_CALL(local_info_, node()).WillOnce(testing::ReturnRef(node_)); EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([this](Event::TimerCb timer_cb) { timer_cb_ = timer_cb; return timer_; })); mux_ = std::make_shared( local_info_, std::unique_ptr(async_client_), dispatcher_, *method_descriptor_, envoy::config::core::v3::ApiVersion::AUTO, random_, stats_store_, rate_limit_settings_, true); subscription_ = std::make_unique( mux_, callbacks_, resource_decoder_, stats_, Config::TypeUrl::get().ClusterLoadAssignment, dispatcher_, init_fetch_timeout, false); } ~GrpcSubscriptionTestHarness() override { EXPECT_CALL(async_stream_, sendMessageRaw_(_, false)); } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node = false) override { expectSendMessage(cluster_names, version, expect_node, Grpc::Status::WellKnownGrpcStatus::Ok, ""); } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node, const Protobuf::int32 error_code, const std::string& error_message) { UNREFERENCED_PARAMETER(expect_node); API_NO_BOOST(envoy::api::v2::DiscoveryRequest) expected_request; if (expect_node) { expected_request.mutable_node()->CopyFrom(API_DOWNGRADE(node_)); } for (const auto& cluster : cluster_names) { expected_request.add_resource_names(cluster); } if (!version.empty()) { expected_request.set_version_info(version); } expected_request.set_response_nonce(last_response_nonce_); expected_request.set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); if (error_code != Grpc::Status::WellKnownGrpcStatus::Ok) { ::google::rpc::Status* error_detail = expected_request.mutable_error_detail(); error_detail->set_code(error_code); error_detail->set_message(error_message); } EXPECT_CALL(async_stream_, sendMessageRaw_(Grpc::ProtoBufferEq(expected_request), false)); } void startSubscription(const std::set& cluster_names) override { EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); last_cluster_names_ = cluster_names; expectSendMessage(last_cluster_names_, "", true); subscription_->start(cluster_names); } void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept) override { std::unique_ptr response( new envoy::service::discovery::v3::DiscoveryResponse()); response->set_version_info(version); last_response_nonce_ = std::to_string(HashUtil::xxHash64(version)); response->set_nonce(last_response_nonce_); response->set_type_url(Config::TypeUrl::get().ClusterLoadAssignment); response->mutable_control_plane()->set_identifier("ground_control_foo123"); Protobuf::RepeatedPtrField typed_resources; for (const auto& cluster : cluster_names) { if (std::find(last_cluster_names_.begin(), last_cluster_names_.end(), cluster) != last_cluster_names_.end()) { envoy::config::endpoint::v3::ClusterLoadAssignment* load_assignment = typed_resources.Add(); load_assignment->set_cluster_name(cluster); response->add_resources()->PackFrom(API_DOWNGRADE(*load_assignment)); } } const auto decoded_resources = TestUtility::decodeResources( *response, "cluster_name"); EXPECT_CALL(callbacks_, onConfigUpdate(DecodedResourcesEq(decoded_resources.refvec_), version)) .WillOnce(ThrowOnRejectedConfig(accept)); if (accept) { expectSendMessage(last_cluster_names_, version, false); version_ = version; } else { EXPECT_CALL(callbacks_, onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); expectSendMessage(last_cluster_names_, version_, false, Grpc::Status::WellKnownGrpcStatus::Internal, "bad config"); } mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); EXPECT_EQ(control_plane_stats_.identifier_.value(), "ground_control_foo123"); Mock::VerifyAndClearExpectations(&async_stream_); } void updateResourceInterest(const std::set& cluster_names) override { // The "watch" mechanism means that updates that lose interest in a resource // will first generate a request for [still watched resources, i.e. without newly unwatched // ones] before generating the request for all of cluster_names. // TODO(fredlas) this unnecessary second request will stop happening once the watch mechanism is // no longer internally used by GrpcSubscriptionImpl. std::set both; for (const auto& n : cluster_names) { if (last_cluster_names_.find(n) != last_cluster_names_.end()) { both.insert(n); } } expectSendMessage(both, version_); expectSendMessage(cluster_names, version_); subscription_->updateResourceInterest(cluster_names); last_cluster_names_ = cluster_names; } void expectConfigUpdateFailed() override { EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, nullptr)) .WillOnce([this](ConfigUpdateFailureReason reason, const EnvoyException*) { if (reason == ConfigUpdateFailureReason::FetchTimedout) { stats_.init_fetch_timeout_.inc(); } }); } void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds timeout) override { init_timeout_timer_ = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*init_timeout_timer_, enableTimer(timeout, _)); } void expectDisableInitFetchTimeoutTimer() override { EXPECT_CALL(*init_timeout_timer_, disableTimer()); } void callInitFetchTimeoutCb() override { init_timeout_timer_->invokeCallback(); } std::string version_; const Protobuf::MethodDescriptor* method_descriptor_; Grpc::MockAsyncClient* async_client_; NiceMock cm_; Event::MockDispatcher dispatcher_; Random::MockRandomGenerator random_; Event::MockTimer* timer_; Event::TimerCb timer_cb_; envoy::config::core::v3::Node node_; NiceMock callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; NiceMock async_stream_; GrpcMuxImplSharedPtr mux_; GrpcSubscriptionImplPtr subscription_; std::string last_response_nonce_; std::set last_cluster_names_; NiceMock local_info_; Envoy::Config::RateLimitSettings rate_limit_settings_; Event::MockTimer* init_timeout_timer_; }; // TODO(danielhochman): test with RDS and ensure version_info is same as what API returned } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/http_subscription_impl_test.cc ================================================ #include #include "test/common/config/http_subscription_test_harness.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { class HttpSubscriptionImplTest : public testing::Test, public HttpSubscriptionTestHarness {}; // Validate that the client can recover from a remote fetch failure. TEST_F(HttpSubscriptionImplTest, OnRequestReset) { startSubscription({"cluster0", "cluster1"}); EXPECT_CALL(random_gen_, random()).WillOnce(Return(0)); EXPECT_CALL(*timer_, enableTimer(_, _)); EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::ConnectionFailure, _)) .Times(0); http_callbacks_->onFailure(http_request_, Http::AsyncClient::FailureReason::Reset); EXPECT_TRUE(statsAre(1, 0, 0, 1, 0, 0, 0, "")); timerTick(); EXPECT_TRUE(statsAre(2, 0, 0, 1, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "42", true); EXPECT_TRUE(statsAre(3, 1, 0, 1, 0, TEST_TIME_MILLIS, 7919287270473417401, "42")); } // Validate that the client can recover from bad JSON responses. TEST_F(HttpSubscriptionImplTest, BadJsonRecovery) { startSubscription({"cluster0", "cluster1"}); Http::ResponseHeaderMapPtr response_headers{ new Http::TestResponseHeaderMapImpl{{":status", "200"}}}; Http::ResponseMessagePtr message{new Http::ResponseMessageImpl(std::move(response_headers))}; message->body().add(";!@#badjso n"); EXPECT_CALL(random_gen_, random()).WillOnce(Return(0)); EXPECT_CALL(*timer_, enableTimer(_, _)); EXPECT_CALL(callbacks_, onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); http_callbacks_->onSuccess(http_request_, std::move(message)); EXPECT_TRUE(statsAre(1, 0, 1, 0, 0, 0, 0, "")); request_in_progress_ = false; timerTick(); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(3, 1, 1, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); } TEST_F(HttpSubscriptionImplTest, ConfigNotModified) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); timerTick(); EXPECT_TRUE(statsAre(2, 0, 0, 0, 0, 0, 0, "")); // accept and modify. deliverConfigUpdate({"cluster0", "cluster1"}, "0", true, true, "200"); EXPECT_TRUE(statsAre(3, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); // accept and does not modify. deliverConfigUpdate({"cluster0", "cluster1"}, "0", true, false, "304"); EXPECT_TRUE(statsAre(4, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); } TEST_F(HttpSubscriptionImplTest, UpdateTimeNotChangedOnUpdateReject) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", false); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); } TEST_F(HttpSubscriptionImplTest, UpdateTimeChangedOnUpdateSuccess) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); // Advance the simulated time and verify that a trivial update (no change) also changes the update // time. simTime().setSystemTime(SystemTime(std::chrono::milliseconds(TEST_TIME_MILLIS + 1))); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(3, 2, 0, 0, 0, TEST_TIME_MILLIS + 1, 7148434200721666028, "0")); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/http_subscription_test_harness.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/http/async_client.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/utility.h" #include "common/config/http_subscription_impl.h" #include "common/config/utility.h" #include "common/http/message_impl.h" #include "common/protobuf/protobuf.h" #include "common/protobuf/utility.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Invoke; using testing::Return; namespace Envoy { namespace Config { class HttpSubscriptionTestHarness : public SubscriptionTestHarness { public: HttpSubscriptionTestHarness() : HttpSubscriptionTestHarness(std::chrono::milliseconds(0)) {} HttpSubscriptionTestHarness(std::chrono::milliseconds init_fetch_timeout) : method_descriptor_(Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.api.v2.EndpointDiscoveryService.FetchEndpoints")), timer_(new Event::MockTimer()), http_request_(&cm_.async_client_) { node_.set_id("fo0"); EXPECT_CALL(local_info_, node()).WillOnce(testing::ReturnRef(node_)); EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([this](Event::TimerCb timer_cb) { timer_cb_ = timer_cb; return timer_; })); subscription_ = std::make_unique( local_info_, cm_, "eds_cluster", dispatcher_, random_gen_, std::chrono::milliseconds(1), std::chrono::milliseconds(1000), *method_descriptor_, Config::TypeUrl::get().ClusterLoadAssignment, envoy::config::core::v3::ApiVersion::AUTO, callbacks_, resource_decoder_, stats_, init_fetch_timeout, validation_visitor_); } ~HttpSubscriptionTestHarness() override { // Stop subscribing on the way out. if (request_in_progress_) { EXPECT_CALL(http_request_, cancel()); } } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node = false) override { UNREFERENCED_PARAMETER(expect_node); EXPECT_CALL(cm_, httpAsyncClientForCluster("eds_cluster")); EXPECT_CALL(cm_.async_client_, send_(_, _, _)) .WillOnce(Invoke([this, cluster_names, version](Http::RequestMessagePtr& request, Http::AsyncClient::Callbacks& callbacks, const Http::AsyncClient::RequestOptions&) { http_callbacks_ = &callbacks; EXPECT_EQ("POST", request->headers().getMethodValue()); EXPECT_EQ(Http::Headers::get().ContentTypeValues.Json, request->headers().getContentTypeValue()); EXPECT_EQ("eds_cluster", request->headers().getHostValue()); EXPECT_EQ("/v2/discovery:endpoints", request->headers().getPathValue()); std::string expected_request = "{"; if (!version_.empty()) { expected_request += "\"version_info\":\"" + version + "\","; } expected_request += "\"node\":{\"id\":\"fo0\"},"; if (!cluster_names.empty()) { std::string joined_cluster_names; { std::string delimiter = "\",\""; std::ostringstream buf; std::copy(cluster_names.begin(), cluster_names.end(), std::ostream_iterator(buf, delimiter.c_str())); std::string with_comma = buf.str(); joined_cluster_names = with_comma.substr(0, with_comma.length() - delimiter.length()); } expected_request += "\"resource_names\":[\"" + joined_cluster_names + "\"]"; } expected_request += ",\"type_url\":\"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\""; expected_request += "}"; EXPECT_EQ(expected_request, request->bodyAsString()); EXPECT_EQ(fmt::format_int(expected_request.size()).str(), request->headers().getContentLengthValue()); request_in_progress_ = true; return &http_request_; })); } void startSubscription(const std::set& cluster_names) override { version_ = ""; cluster_names_ = cluster_names; expectSendMessage(cluster_names, ""); subscription_->start(cluster_names); } void updateResourceInterest(const std::set& cluster_names) override { cluster_names_ = cluster_names; expectSendMessage(cluster_names, version_); subscription_->updateResourceInterest(cluster_names); timer_cb_(); } void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept) override { deliverConfigUpdate(cluster_names, version, accept, true, "200"); } void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept, bool modify, const std::string& response_code) { std::string response_json = "{\"version_info\":\"" + version + "\",\"resources\":["; for (const auto& cluster : cluster_names) { response_json += "{\"@type\":\"type.googleapis.com/" "envoy.api.v2.ClusterLoadAssignment\",\"cluster_name\":\"" + cluster + "\"},"; } response_json.pop_back(); response_json += "]}"; envoy::service::discovery::v3::DiscoveryResponse response_pb; TestUtility::loadFromJson(response_json, response_pb); Http::ResponseHeaderMapPtr response_headers{ new Http::TestResponseHeaderMapImpl{{":status", response_code}}}; Http::ResponseMessagePtr message{new Http::ResponseMessageImpl(std::move(response_headers))}; message->body().add(response_json); const auto decoded_resources = TestUtility::decodeResources( response_pb, "cluster_name"); if (modify) { EXPECT_CALL(callbacks_, onConfigUpdate(DecodedResourcesEq(decoded_resources.refvec_), version)) .WillOnce(ThrowOnRejectedConfig(accept)); } if (!accept) { EXPECT_CALL(callbacks_, onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, _)); } EXPECT_CALL(random_gen_, random()).WillOnce(Return(0)); EXPECT_CALL(*timer_, enableTimer(_, _)); http_callbacks_->onSuccess(http_request_, std::move(message)); if (accept) { version_ = version; } request_in_progress_ = false; timerTick(); } void expectConfigUpdateFailed() override { EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, nullptr)); } void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds timeout) override { init_timeout_timer_ = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*init_timeout_timer_, enableTimer(std::chrono::milliseconds(timeout), _)); } void expectDisableInitFetchTimeoutTimer() override { EXPECT_CALL(*init_timeout_timer_, disableTimer()); } void callInitFetchTimeoutCb() override { init_timeout_timer_->invokeCallback(); } void timerTick() { expectSendMessage(cluster_names_, version_); timer_cb_(); } bool request_in_progress_{}; std::string version_; std::set cluster_names_; const Protobuf::MethodDescriptor* method_descriptor_; Upstream::MockClusterManager cm_; Event::MockDispatcher dispatcher_; Event::MockTimer* timer_; Event::TimerCb timer_cb_; envoy::config::core::v3::Node node_; Random::MockRandomGenerator random_gen_; Http::MockAsyncClientRequest http_request_; Http::AsyncClient::Callbacks* http_callbacks_; Config::MockSubscriptionCallbacks callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; std::unique_ptr subscription_; NiceMock local_info_; Event::MockTimer* init_timeout_timer_; NiceMock validation_visitor_; }; } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/metadata_test.cc ================================================ #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" #include "common/config/metadata.h" #include "common/config/well_known_names.h" #include "common/protobuf/utility.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { TEST(MetadataTest, MetadataValue) { envoy::config::core::v3::Metadata metadata; Metadata::mutableMetadataValue(metadata, MetadataFilters::get().ENVOY_LB, MetadataEnvoyLbKeys::get().CANARY) .set_bool_value(true); EXPECT_TRUE(Metadata::metadataValue(&metadata, MetadataFilters::get().ENVOY_LB, MetadataEnvoyLbKeys::get().CANARY) .bool_value()); EXPECT_FALSE(Metadata::metadataValue(&metadata, "foo", "bar").bool_value()); EXPECT_FALSE( Metadata::metadataValue(&metadata, MetadataFilters::get().ENVOY_LB, "bar").bool_value()); } TEST(MetadataTest, MetadataValuePath) { const std::string filter = "com.test"; envoy::config::core::v3::Metadata metadata; std::vector path{"test_obj", "inner_key"}; // not found case EXPECT_EQ(Metadata::metadataValue(&metadata, filter, path).kind_case(), ProtobufWkt::Value::KindCase::KIND_NOT_SET); ProtobufWkt::Struct& filter_struct = (*metadata.mutable_filter_metadata())[filter]; auto obj = MessageUtil::keyValueStruct("inner_key", "inner_value"); ProtobufWkt::Value val; *val.mutable_struct_value() = obj; (*filter_struct.mutable_fields())["test_obj"] = val; EXPECT_EQ(Metadata::metadataValue(&metadata, filter, path).string_value(), "inner_value"); // not found with longer path path.push_back("bad_key"); EXPECT_EQ(Metadata::metadataValue(&metadata, filter, path).kind_case(), ProtobufWkt::Value::KindCase::KIND_NOT_SET); // empty path returns not found EXPECT_EQ(Metadata::metadataValue(&metadata, filter, std::vector{}).kind_case(), ProtobufWkt::Value::KindCase::KIND_NOT_SET); } class TypedMetadataTest : public testing::Test { public: TypedMetadataTest() : registered_factory_(foo_factory_) {} struct Foo : public TypedMetadata::Object { Foo(std::string name) : name_(name) {} std::string name_; }; struct Bar : public TypedMetadata::Object {}; class FooFactory : public TypedMetadataFactory { public: std::string name() const override { return "foo"; } // Throws EnvoyException (conversion failure) if d is empty. std::unique_ptr parse(const ProtobufWkt::Struct& d) const override { if (d.fields().find("name") != d.fields().end()) { return std::make_unique(d.fields().at("name").string_value()); } throw EnvoyException("Cannot create a Foo when metadata is empty."); } }; protected: FooFactory foo_factory_; Registry::InjectFactory registered_factory_; }; TEST_F(TypedMetadataTest, OkTest) { envoy::config::core::v3::Metadata metadata; (*metadata.mutable_filter_metadata())[foo_factory_.name()] = MessageUtil::keyValueStruct("name", "foo"); TypedMetadataImpl typed(metadata); EXPECT_NE(nullptr, typed.get(foo_factory_.name())); EXPECT_EQ("foo", typed.get(foo_factory_.name())->name_); // A duck is a duck. EXPECT_EQ(nullptr, typed.get(foo_factory_.name())); } TEST_F(TypedMetadataTest, NoMetadataTest) { envoy::config::core::v3::Metadata metadata; TypedMetadataImpl typed(metadata); EXPECT_EQ(nullptr, typed.get(foo_factory_.name())); } TEST_F(TypedMetadataTest, MetadataRefreshTest) { envoy::config::core::v3::Metadata metadata; (*metadata.mutable_filter_metadata())[foo_factory_.name()] = MessageUtil::keyValueStruct("name", "foo"); TypedMetadataImpl typed(metadata); EXPECT_NE(nullptr, typed.get(foo_factory_.name())); EXPECT_EQ("foo", typed.get(foo_factory_.name())->name_); // Updated. (*metadata.mutable_filter_metadata())[foo_factory_.name()] = MessageUtil::keyValueStruct("name", "bar"); TypedMetadataImpl typed2(metadata); EXPECT_NE(nullptr, typed2.get(foo_factory_.name())); EXPECT_EQ("bar", typed2.get(foo_factory_.name())->name_); // Deleted. (*metadata.mutable_filter_metadata()).erase(foo_factory_.name()); TypedMetadataImpl typed3(metadata); EXPECT_EQ(nullptr, typed3.get(foo_factory_.name())); } TEST_F(TypedMetadataTest, InvalidMetadataTest) { envoy::config::core::v3::Metadata metadata; (*metadata.mutable_filter_metadata())[foo_factory_.name()] = ProtobufWkt::Struct(); EXPECT_THROW_WITH_MESSAGE(TypedMetadataImpl typed(metadata), Envoy::EnvoyException, "Cannot create a Foo when metadata is empty."); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/new_grpc_mux_impl_test.cc ================================================ #include #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/common/empty_string.h" #include "common/config/new_grpc_mux_impl.h" #include "common/config/protobuf_link_hacks.h" #include "common/config/utility.h" #include "common/config/version_converter.h" #include "common/protobuf/protobuf.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/logging.h" #include "test/test_common/resources.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_runtime.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Invoke; using testing::NiceMock; using testing::Return; namespace Envoy { namespace Config { namespace { // We test some mux specific stuff below, other unit test coverage for singleton use of // NewGrpcMuxImpl is provided in [grpc_]subscription_impl_test.cc. class NewGrpcMuxImplTestBase : public testing::Test { public: NewGrpcMuxImplTestBase() : async_client_(new Grpc::MockAsyncClient()), control_plane_stats_(Utility::generateControlPlaneStats(stats_)), control_plane_connected_state_( stats_.gauge("control_plane.connected_state", Stats::Gauge::ImportMode::NeverImport)) {} void setup() { grpc_mux_ = std::make_unique( std::unique_ptr(async_client_), dispatcher_, *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources"), envoy::config::core::v3::ApiVersion::AUTO, random_, stats_, rate_limit_settings_, local_info_); } NiceMock dispatcher_; NiceMock random_; Grpc::MockAsyncClient* async_client_; NiceMock async_stream_; NewGrpcMuxImplPtr grpc_mux_; NiceMock callbacks_; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; NiceMock local_info_; Stats::TestUtil::TestStore stats_; Envoy::Config::RateLimitSettings rate_limit_settings_; ControlPlaneStats control_plane_stats_; Stats::Gauge& control_plane_connected_state_; }; class NewGrpcMuxImplTest : public NewGrpcMuxImplTestBase { public: Event::SimulatedTimeSystem time_system_; }; // Test that we simply ignore a message for an unknown type_url, with no ill effects. TEST_F(NewGrpcMuxImplTest, DiscoveryResponseNonexistentSub) { setup(); const std::string& type_url = Config::TypeUrl::get().ClusterLoadAssignment; auto watch = grpc_mux_->addWatch(type_url, {}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_mux_->start(); { auto unexpected_response = std::make_unique(); unexpected_response->set_type_url(type_url); unexpected_response->set_system_version_info("0"); // empty response should call onConfigUpdate on wildcard watch EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "0")); grpc_mux_->onDiscoveryResponse(std::move(unexpected_response), control_plane_stats_); } { auto response = std::make_unique(); response->set_type_url(type_url); response->set_system_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->mutable_resource()->PackFrom(API_DOWNGRADE(load_assignment)); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { EXPECT_EQ(1, added_resources.size()); EXPECT_TRUE( TestUtility::protoEqual(added_resources[0].get().resource(), load_assignment)); })); grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); } } // DeltaDiscoveryResponse that comes in response to an on-demand request updates the watch with // resource's name. The watch is initially created with an alias used in the on-demand request. TEST_F(NewGrpcMuxImplTest, ConfigUpdateWithAliases) { setup(); const std::string& type_url = Config::TypeUrl::get().VirtualHost; auto watch = grpc_mux_->addWatch(type_url, {"prefix"}, callbacks_, resource_decoder_, true); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_mux_->start(); auto response = std::make_unique(); response->set_type_url(type_url); response->set_system_version_info("1"); envoy::config::route::v3::VirtualHost vhost; vhost.set_name("vhost_1"); vhost.add_domains("domain1.test"); vhost.add_domains("domain2.test"); response->add_resources()->mutable_resource()->PackFrom(vhost); response->mutable_resources()->at(0).set_name("prefix/vhost_1"); response->mutable_resources()->at(0).add_aliases("prefix/domain1.test"); response->mutable_resources()->at(0).add_aliases("prefix/domain2.test"); grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); const auto& subscriptions = grpc_mux_->subscriptions(); auto sub = subscriptions.find(type_url); EXPECT_TRUE(sub != subscriptions.end()); watch->update({}); } // DeltaDiscoveryResponse that comes in response to an on-demand request that couldn't be resolved // will contain an empty Resource. The Resource's aliases field will be populated with the alias // originally used in the request. TEST_F(NewGrpcMuxImplTest, ConfigUpdateWithNotFoundResponse) { setup(); const std::string& type_url = Config::TypeUrl::get().VirtualHost; auto watch = grpc_mux_->addWatch(type_url, {"prefix"}, callbacks_, resource_decoder_, true); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_mux_->start(); auto response = std::make_unique(); response->set_type_url(type_url); response->set_system_version_info("1"); response->add_resources(); response->mutable_resources()->at(0).set_name("not-found"); response->mutable_resources()->at(0).add_aliases("prefix/domain1.test"); } // Watch v2 resource type_url, receive discovery response with v3 resource type_url. TEST_F(NewGrpcMuxImplTest, V3ResourceResponseV2ResourceWatch) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.enable_type_url_downgrade_and_upgrade", "true"}}); setup(); // Watch for v2 resource type_url. const std::string& v2_type_url = Config::TypeUrl::get().ClusterLoadAssignment; const std::string& v3_type_url = Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3); auto watch = grpc_mux_->addWatch(v2_type_url, {}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); // Cluster is not watched, v3 resource is rejected. grpc_mux_->start(); { auto unexpected_response = std::make_unique(); envoy::config::cluster::v3::Cluster cluster; unexpected_response->set_type_url(Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)); unexpected_response->set_system_version_info("0"); unexpected_response->add_resources()->mutable_resource()->PackFrom(cluster); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "0")).Times(0); grpc_mux_->onDiscoveryResponse(std::move(unexpected_response), control_plane_stats_); } // Cluster is not watched, v2 resource is rejected. { auto unexpected_response = std::make_unique(); envoy::config::cluster::v3::Cluster cluster; unexpected_response->set_type_url(Config::TypeUrl::get().Cluster); unexpected_response->set_system_version_info("0"); unexpected_response->add_resources()->mutable_resource()->PackFrom(API_DOWNGRADE(cluster)); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "0")).Times(0); grpc_mux_->onDiscoveryResponse(std::move(unexpected_response), control_plane_stats_); } // ClusterLoadAssignment v2 is watched, v3 resource will be accepted. { auto response = std::make_unique(); response->set_system_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->mutable_resource()->PackFrom(load_assignment); // Send response that contains resource with v3 type url. response->set_type_url(v3_type_url); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { EXPECT_EQ(1, added_resources.size()); EXPECT_TRUE( TestUtility::protoEqual(added_resources[0].get().resource(), load_assignment)); })); grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); } } // Watch v3 resource type_url, receive discovery response with v2 resource type_url. TEST_F(NewGrpcMuxImplTest, V2ResourceResponseV3ResourceWatch) { TestScopedRuntime scoped_runtime; Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.enable_type_url_downgrade_and_upgrade", "true"}}); setup(); // Watch for v3 resource type_url. const std::string& v3_type_url = Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3); const std::string& v2_type_url = Config::TypeUrl::get().ClusterLoadAssignment; auto watch = grpc_mux_->addWatch(v3_type_url, {}, callbacks_, resource_decoder_); EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); grpc_mux_->start(); // ClusterLoadAssignment v3 is watched, v2 resource will be accepted. { auto response = std::make_unique(); response->set_system_version_info("1"); envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; load_assignment.set_cluster_name("x"); response->add_resources()->mutable_resource()->PackFrom(API_DOWNGRADE(load_assignment)); // Send response that contains resource with v3 type url. response->set_type_url(v2_type_url); EXPECT_CALL(callbacks_, onConfigUpdate(_, _, "1")) .WillOnce(Invoke([&load_assignment](const std::vector& added_resources, const Protobuf::RepeatedPtrField&, const std::string&) { EXPECT_EQ(1, added_resources.size()); EXPECT_TRUE( TestUtility::protoEqual(added_resources[0].get().resource(), load_assignment)); })); grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); } } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/opaque_resource_decoder_impl_test.cc ================================================ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "common/config/opaque_resource_decoder_impl.h" #include "common/protobuf/message_validator_impl.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { class OpaqueResourceDecoderImplTest : public testing::Test { public: std::pair decodeTypedResource(const envoy::config::endpoint::v3::ClusterLoadAssignment& typed_resource) { ProtobufWkt::Any opaque_resource; opaque_resource.PackFrom(typed_resource); auto decoded_resource = resource_decoder_.decodeResource(opaque_resource); const std::string name = resource_decoder_.resourceName(*decoded_resource); return {std::move(decoded_resource), name}; } ProtobufMessage::StrictValidationVisitorImpl validation_visitor_; OpaqueResourceDecoderImpl resource_decoder_{ validation_visitor_, "cluster_name"}; }; // Negative test for bad type URL in Any. TEST_F(OpaqueResourceDecoderImplTest, WrongType) { ProtobufWkt::Any opaque_resource; opaque_resource.set_type_url("huh"); EXPECT_THROW_WITH_REGEX(resource_decoder_.decodeResource(opaque_resource), EnvoyException, "Unable to unpack"); } // If the Any is empty (no type set), the default instance of the opaque resource decoder type is // created. TEST_F(OpaqueResourceDecoderImplTest, Empty) { ProtobufWkt::Any opaque_resource; const auto decoded_resource = resource_decoder_.decodeResource(opaque_resource); EXPECT_THAT(*decoded_resource, ProtoEq(envoy::config::endpoint::v3::ClusterLoadAssignment())); EXPECT_EQ("", resource_decoder_.resourceName(*decoded_resource)); } // Negative test for protoc-gen-validate constraints. TEST_F(OpaqueResourceDecoderImplTest, ValidateFail) { envoy::config::endpoint::v3::ClusterLoadAssignment invalid_resource; EXPECT_THROW(decodeTypedResource(invalid_resource), ProtoValidationException); } // When validation is skipped, verify that we can ignore unknown fields. TEST_F(OpaqueResourceDecoderImplTest, ValidateIgnored) { ProtobufMessage::NullValidationVisitorImpl validation_visitor; OpaqueResourceDecoderImpl resource_decoder{ validation_visitor, "cluster_name"}; envoy::config::endpoint::v3::ClusterLoadAssignment strange_resource; strange_resource.set_cluster_name("fare"); auto* unknown = strange_resource.GetReflection()->MutableUnknownFields(&strange_resource); // add a field that doesn't exist in the proto definition: unknown->AddFixed32(1000, 1); ProtobufWkt::Any opaque_resource; opaque_resource.PackFrom(strange_resource); const auto decoded_resource = resource_decoder.decodeResource(opaque_resource); EXPECT_THAT(*decoded_resource, ProtoEq(strange_resource)); EXPECT_EQ("fare", resource_decoder_.resourceName(*decoded_resource)); } // Handling of smuggled deprecated fields during Any conversion. TEST_F(OpaqueResourceDecoderImplTest, HiddenEnvoyDeprecatedFields) { // This test is only valid in API-v3, and should be updated for API-v4, as // the deprecated fields of API-v2 will be removed. envoy::config::endpoint::v3::ClusterLoadAssignment cluster_load_assignment = TestUtility::parseYaml(R"EOF( cluster_name: fare endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 1.2.3.4 port_value: 80 policy: overprovisioning_factor: 100 hidden_envoy_deprecated_disable_overprovisioning: true )EOF"); EXPECT_THROW_WITH_REGEX(decodeTypedResource(cluster_load_assignment), ProtoValidationException, "Illegal use of hidden_envoy_deprecated_ V2 field " "'envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.hidden_envoy_" "deprecated_disable_overprovisioning'"); } // Happy path. TEST_F(OpaqueResourceDecoderImplTest, Success) { envoy::config::endpoint::v3::ClusterLoadAssignment cluster_resource; cluster_resource.set_cluster_name("foo"); const auto result = decodeTypedResource(cluster_resource); EXPECT_THAT(*result.first, ProtoEq(cluster_resource)); EXPECT_EQ("foo", result.second); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/pausable_ack_queue_test.cc ================================================ #include "common/config/pausable_ack_queue.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { TEST(PausableAckQueueTest, TestEmpty) { PausableAckQueue p; EXPECT_EQ(0, p.size()); EXPECT_TRUE(p.empty()); } TEST(PausableAckQueueTest, TestPush) { PausableAckQueue p; p.push(UpdateAck{"bogusnonce", "bogustypeurl"}); EXPECT_EQ(1, p.size()); EXPECT_FALSE(p.empty()); EXPECT_EQ("bogusnonce", p.front().nonce_); EXPECT_EQ("bogustypeurl", p.front().type_url_); } TEST(PausableAckQueueTest, TestPop) { PausableAckQueue p; p.push(UpdateAck{"bogusnonce", "bogustypeurl"}); UpdateAck ack = p.popFront(); EXPECT_EQ(0, p.size()); EXPECT_TRUE(p.empty()); EXPECT_EQ("bogusnonce", ack.nonce_); EXPECT_EQ("bogustypeurl", ack.type_url_); } TEST(PausableAckQueueTest, TestPauseResume) { PausableAckQueue p; p.push(UpdateAck{"nonce1", "type1"}); p.push(UpdateAck{"nonce2", "type2"}); p.push(UpdateAck{"nonce3", "type1"}); p.push(UpdateAck{"nonce4", "type2"}); EXPECT_EQ(4, p.size()); EXPECT_FALSE(p.empty()); // pausing 'type1' should make it invisible to the queue p.pause("type1"); // size() doesn't honor pause state, a bit strange but this is by design EXPECT_EQ(4, p.size()); // validate that both front() and popFront() honor pause state EXPECT_EQ("nonce2", p.front().nonce_); EXPECT_EQ("type2", p.front().type_url_); // validate the above result is invariant even if we nest pauses. p.pause("type1"); EXPECT_EQ(4, p.size()); EXPECT_EQ("nonce2", p.front().nonce_); EXPECT_EQ("type2", p.front().type_url_); p.resume("type1"); EXPECT_EQ("nonce2", p.front().nonce_); EXPECT_EQ("type2", p.front().type_url_); UpdateAck ack = p.popFront(); EXPECT_EQ("nonce2", ack.nonce_); EXPECT_EQ("type2", ack.type_url_); EXPECT_EQ(3, p.size()); // validate that types come back when they're resumed p.resume("type1"); EXPECT_EQ("nonce1", p.front().nonce_); EXPECT_EQ("type1", p.front().type_url_); p.pause("type1"); EXPECT_EQ("nonce4", p.front().nonce_); EXPECT_EQ("type2", p.front().type_url_); p.popFront(); EXPECT_EQ(2, p.size()); p.pause("type2"); EXPECT_TRUE(p.empty()); // A bit strange but this is by design EXPECT_EQ(2, p.size()); p.resume("type1"); EXPECT_FALSE(p.empty()); EXPECT_EQ("nonce1", p.front().nonce_); EXPECT_EQ("type1", p.front().type_url_); p.popFront(); EXPECT_EQ("nonce3", p.front().nonce_); EXPECT_EQ("type1", p.front().type_url_); p.popFront(); EXPECT_TRUE(p.empty()); EXPECT_EQ(0, p.size()); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/registry_test.cc ================================================ #include #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" #include "common/common/fmt.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { using ::testing::Optional; class InternalFactory : public Config::UntypedFactory { public: ~InternalFactory() override = default; std::string category() const override { return ""; } }; class TestInternalFactory : public InternalFactory { public: std::string name() const override { return "testing.internal.test"; } }; static Registry::RegisterInternalFactory test_internal_register; // Ensure that the internal test factory name isn't visible from a // published category. Note that the internal factory can't be in // a registered category by definition since it doesn't have a static // category method. TEST(RegistryTest, InternalFactoryNotPublished) { TestInternalFactory test; // Expect that the published categories don't lead to the internal factory. for (const auto& ext : Envoy::Registry::FactoryCategoryRegistry::registeredFactories()) { for (const auto& name : ext.second->registeredNames()) { EXPECT_NE(name, test.name()); } } // Expect that the factory is present. EXPECT_NE(Registry::FactoryRegistry::getFactory("testing.internal.test"), nullptr); } class PublishedFactory : public Config::UntypedFactory { public: ~PublishedFactory() override = default; std::string category() const override { return "testing.published"; } }; class TestPublishedFactory : public PublishedFactory { public: std::string name() const override { return "testing.published.test"; } }; REGISTER_FACTORY(TestPublishedFactory, PublishedFactory); TEST(RegistryTest, DefaultFactoryPublished) { const auto& factories = Envoy::Registry::FactoryCategoryRegistry::registeredFactories(); // Expect that the category is present. ASSERT_NE(factories.find("testing.published"), factories.end()); // Expect that the factory is listed in the right category. const auto& names = factories.find("testing.published")->second->registeredNames(); EXPECT_NE(std::find(names.begin(), names.end(), "testing.published.test"), std::end(names)); // Expect that the factory is present. EXPECT_NE(Registry::FactoryRegistry::getFactory("testing.published.test"), nullptr); // Expect no version auto const version = factories.find("testing.published")->second->getFactoryVersion("testing.published.test"); EXPECT_FALSE(version.has_value()); } class TestWithDeprecatedPublishedFactory : public PublishedFactory { public: std::string name() const override { return "testing.published.instead_name"; } }; REGISTER_FACTORY(TestWithDeprecatedPublishedFactory, PublishedFactory){"testing.published.deprecated_name"}; TEST(RegistryTest, DEPRECATED_FEATURE_TEST(WithDeprecatedFactoryPublished)) { EXPECT_EQ("testing.published.instead_name", Envoy::Registry::FactoryRegistry::getFactory( "testing.published.deprecated_name") ->name()); EXPECT_LOG_CONTAINS("warn", fmt::format("Using deprecated extension name '{}' for '{}'.", "testing.published.deprecated_name", "testing.published.instead_name"), Envoy::Registry::FactoryRegistry::getFactory( "testing.published.deprecated_name") ->name()); } class NoNamePublishedFactory : public PublishedFactory { public: std::string name() const override { return ""; } }; TEST(RegistryTest, DEPRECATED_FEATURE_TEST(AssertsIfNoDeprecatedNameGiven)) { // Expects an assert to raise if we register a factory that has an empty name // and no associated deprecated names. EXPECT_DEBUG_DEATH((Registry::RegisterFactory({})), "Attempted to register a factory without a name or deprecated name"); } class TestVersionedFactory : public PublishedFactory { public: std::string name() const override { return "testing.published.versioned"; } }; REGISTER_FACTORY(TestVersionedFactory, PublishedFactory){FACTORY_VERSION(2, 5, 39, {{"build.label", "alpha"}})}; // Test registration of versioned factory TEST(RegistryTest, VersionedFactory) { const auto& factories = Envoy::Registry::FactoryCategoryRegistry::registeredFactories(); // Expect that the category is present. ASSERT_NE(factories.find("testing.published"), factories.end()); // Expect that the factory is listed in the right category. const auto& names = factories.find("testing.published")->second->registeredNames(); EXPECT_NE(std::find(names.begin(), names.end(), "testing.published.versioned"), std::end(names)); // Expect that the factory is present. EXPECT_NE(Registry::FactoryRegistry::getFactory("testing.published.versioned"), nullptr); auto version = factories.find("testing.published")->second->getFactoryVersion("testing.published.versioned"); EXPECT_TRUE(version.has_value()); EXPECT_EQ(2, version.value().version().major_number()); EXPECT_EQ(5, version.value().version().minor_number()); EXPECT_EQ(39, version.value().version().patch()); EXPECT_EQ(1, version.value().metadata().fields().size()); EXPECT_EQ("alpha", version.value().metadata().fields().at("build.label").string_value()); } class TestVersionedWithDeprecatedNamesFactory : public PublishedFactory { public: std::string name() const override { return "testing.published.versioned.instead_name"; } }; REGISTER_FACTORY(TestVersionedWithDeprecatedNamesFactory, PublishedFactory){FACTORY_VERSION(0, 0, 1, {{"build.kind", "private"}}), {"testing.published.versioned.deprecated_name"}}; // Test registration of versioned factory that also uses deprecated names TEST(RegistryTest, DEPRECATED_FEATURE_TEST(VersionedWithDeprecatedNamesFactory)) { EXPECT_EQ("testing.published.versioned.instead_name", Envoy::Registry::FactoryRegistry::getFactory( "testing.published.versioned.deprecated_name") ->name()); EXPECT_LOG_CONTAINS("warn", fmt::format("Using deprecated extension name '{}' for '{}'.", "testing.published.versioned.deprecated_name", "testing.published.versioned.instead_name"), Envoy::Registry::FactoryRegistry::getFactory( "testing.published.versioned.deprecated_name") ->name()); const auto& factories = Envoy::Registry::FactoryCategoryRegistry::registeredFactories(); auto version = factories.find("testing.published") ->second->getFactoryVersion("testing.published.versioned.instead_name"); EXPECT_TRUE(version.has_value()); EXPECT_EQ(0, version.value().version().major_number()); EXPECT_EQ(0, version.value().version().minor_number()); EXPECT_EQ(1, version.value().version().patch()); EXPECT_EQ(1, version.value().metadata().fields().size()); EXPECT_EQ("private", version.value().metadata().fields().at("build.kind").string_value()); // Get the version using deprecated name and check that it matches the // version obtained through the new name. auto deprecated_version = factories.find("testing.published") ->second->getFactoryVersion("testing.published.versioned.deprecated_name"); EXPECT_TRUE(deprecated_version.has_value()); EXPECT_THAT(deprecated_version.value(), ProtoEq(version.value())); } TEST(RegistryTest, TestDoubleRegistrationByName) { EXPECT_THROW_WITH_MESSAGE((Registry::RegisterFactory()), EnvoyException, "Double registration for name: 'testing.published.test'"); } class PublishedFactoryWithNameAndCategory : public PublishedFactory { public: std::string category() const override { return "testing.published.additional.category"; } std::string name() const override { return "testing.published.versioned.instead_name_and_category"; } }; TEST(RegistryTest, DEPRECATED_FEATURE_TEST(VersionedWithDeprecatedNamesFactoryAndNewCategory)) { PublishedFactoryWithNameAndCategory test; // Check the category is not registered ASSERT_FALSE(Registry::FactoryCategoryRegistry::isRegistered(test.category())); auto factory = Registry::RegisterFactory( FACTORY_VERSION(0, 0, 1, {{"build.kind", "private"}}), {"testing.published.versioned.deprecated_name_and_category"}); // Check the category now registered ASSERT_TRUE(Registry::FactoryCategoryRegistry::isRegistered(test.category())); const auto& factories = Envoy::Registry::FactoryCategoryRegistry::registeredFactories(); auto version = factories.find("testing.published.additional.category") ->second->getFactoryVersion("testing.published.versioned.instead_name_and_category"); ASSERT_TRUE(version.has_value()); EXPECT_EQ(0, version.value().version().major_number()); EXPECT_EQ(0, version.value().version().minor_number()); EXPECT_EQ(1, version.value().version().patch()); EXPECT_EQ(1, version.value().metadata().fields().size()); EXPECT_EQ("private", version.value().metadata().fields().at("build.kind").string_value()); // Get the version using deprecated name and check that it matches the // version obtained through the new name. auto deprecated_version = factories.find("testing.published.additional.category") ->second->getFactoryVersion("testing.published.versioned.deprecated_name_and_category"); EXPECT_THAT(deprecated_version, Optional(ProtoEq(version.value()))); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/runtime_utility_test.cc ================================================ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "common/config/runtime_utility.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { TEST(RuntimeUtility, TranslateEmpty) { envoy::config::bootstrap::v3::LayeredRuntime layered_runtime_config; translateRuntime({}, layered_runtime_config); envoy::config::bootstrap::v3::LayeredRuntime expected_runtime_config; { auto* layer = expected_runtime_config.add_layers(); layer->set_name("base"); layer->mutable_static_layer(); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("admin"); layer->mutable_admin_layer(); } EXPECT_THAT(layered_runtime_config, ProtoEq(expected_runtime_config)); } TEST(RuntimeUtility, TranslateSubdirOnly) { envoy::config::bootstrap::v3::Runtime runtime_config; runtime_config.set_symlink_root("foo"); runtime_config.set_subdirectory("bar"); envoy::config::bootstrap::v3::LayeredRuntime layered_runtime_config; translateRuntime(runtime_config, layered_runtime_config); envoy::config::bootstrap::v3::LayeredRuntime expected_runtime_config; { auto* layer = expected_runtime_config.add_layers(); layer->set_name("base"); layer->mutable_static_layer(); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("root"); layer->mutable_disk_layer()->set_symlink_root("foo"); layer->mutable_disk_layer()->set_subdirectory("bar"); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("admin"); layer->mutable_admin_layer(); } EXPECT_THAT(layered_runtime_config, ProtoEq(expected_runtime_config)); } TEST(RuntimeUtility, TranslateSubdirOverride) { envoy::config::bootstrap::v3::Runtime runtime_config; runtime_config.set_symlink_root("foo"); runtime_config.set_subdirectory("bar"); runtime_config.set_override_subdirectory("baz"); envoy::config::bootstrap::v3::LayeredRuntime layered_runtime_config; translateRuntime(runtime_config, layered_runtime_config); envoy::config::bootstrap::v3::LayeredRuntime expected_runtime_config; { auto* layer = expected_runtime_config.add_layers(); layer->set_name("base"); layer->mutable_static_layer(); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("root"); layer->mutable_disk_layer()->set_symlink_root("foo"); layer->mutable_disk_layer()->set_subdirectory("bar"); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("override"); layer->mutable_disk_layer()->set_symlink_root("foo"); layer->mutable_disk_layer()->set_subdirectory("baz"); layer->mutable_disk_layer()->set_append_service_cluster(true); } { auto* layer = expected_runtime_config.add_layers(); layer->set_name("admin"); layer->mutable_admin_layer(); } EXPECT_THAT(layered_runtime_config, ProtoEq(expected_runtime_config)); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/subscription_factory_impl_test.cc ================================================ #include #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/core/v3/config_source.pb.validate.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/stats/scope.h" #include "common/config/subscription_factory_impl.h" #include "common/config/udpa_resource.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/test_common/environment.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using ::testing::_; using ::testing::Invoke; using ::testing::Return; using ::testing::ReturnRef; namespace Envoy { namespace Config { namespace { class SubscriptionFactoryTest : public testing::Test { public: SubscriptionFactoryTest() : http_request_(&cm_.async_client_), api_(Api::createApiForTest(stats_store_, random_)), subscription_factory_(local_info_, dispatcher_, cm_, validation_visitor_, *api_, runtime_) { } SubscriptionPtr subscriptionFromConfigSource(const envoy::config::core::v3::ConfigSource& config) { return subscription_factory_.subscriptionFromConfigSource( config, Config::TypeUrl::get().ClusterLoadAssignment, stats_store_, callbacks_, resource_decoder_); } SubscriptionPtr collectionSubscriptionFromUrl(const std::string& udpa_url) { const auto resource_locator = UdpaResourceIdentifier::decodeUrl(udpa_url); return subscription_factory_.collectionSubscriptionFromUrl( resource_locator, {}, Config::TypeUrl::get().ClusterLoadAssignment, stats_store_, callbacks_, resource_decoder_); } Upstream::MockClusterManager cm_; Event::MockDispatcher dispatcher_; Random::MockRandomGenerator random_; MockSubscriptionCallbacks callbacks_; MockOpaqueResourceDecoder resource_decoder_; Http::MockAsyncClientRequest http_request_; Stats::MockIsolatedStatsStore stats_store_; NiceMock local_info_; NiceMock validation_visitor_; Api::ApiPtr api_; NiceMock runtime_; SubscriptionFactoryImpl subscription_factory_; }; class SubscriptionFactoryTestApiConfigSource : public SubscriptionFactoryTest, public testing::WithParamInterface {}; TEST_F(SubscriptionFactoryTest, NoConfigSpecifier) { envoy::config::core::v3::ConfigSource config; EXPECT_THROW_WITH_MESSAGE( subscriptionFromConfigSource(config), EnvoyException, "Missing config source specifier in envoy::config::core::v3::ConfigSource"); } TEST_F(SubscriptionFactoryTest, RestClusterEmpty) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_REGEX(subscriptionFromConfigSource(config), EnvoyException, "API configs must have either a gRPC service or a cluster name defined:"); } TEST_F(SubscriptionFactoryTest, GrpcClusterEmpty) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_REGEX(subscriptionFromConfigSource(config), EnvoyException, "API configs must have either a gRPC service or a cluster name defined:"); } TEST_F(SubscriptionFactoryTest, RestClusterSingleton) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); config.mutable_api_config_source()->mutable_refresh_delay()->set_seconds(1); config.mutable_api_config_source()->add_cluster_names("static_cluster"); primary_clusters.insert("static_cluster"); EXPECT_CALL(dispatcher_, createTimer_(_)); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); subscriptionFromConfigSource(config); } TEST_F(SubscriptionFactoryTest, GrpcClusterSingleton) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); config.mutable_api_config_source()->mutable_refresh_delay()->set_seconds(1); config.mutable_api_config_source()->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name( "static_cluster"); primary_clusters.insert("static_cluster"); envoy::config::core::v3::GrpcService expected_grpc_service; expected_grpc_service.mutable_envoy_grpc()->set_cluster_name("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_CALL(cm_, grpcAsyncClientManager()).WillOnce(ReturnRef(cm_.async_client_manager_)); EXPECT_CALL(cm_.async_client_manager_, factoryForGrpcService(ProtoEq(expected_grpc_service), _, _)) .WillOnce(Invoke([](const envoy::config::core::v3::GrpcService&, Stats::Scope&, bool) { auto async_client_factory = std::make_unique(); EXPECT_CALL(*async_client_factory, create()).WillOnce(Invoke([] { return std::make_unique(); })); return async_client_factory; })); EXPECT_CALL(dispatcher_, createTimer_(_)); subscriptionFromConfigSource(config); } TEST_F(SubscriptionFactoryTest, RestClusterMultiton) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); config.mutable_api_config_source()->add_cluster_names("static_cluster_foo"); primary_clusters.insert("static_cluster_foo"); config.mutable_api_config_source()->add_cluster_names("static_cluster_bar"); primary_clusters.insert("static_cluster_bar"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_REGEX(subscriptionFromConfigSource(config), EnvoyException, fmt::format("{} must have a singleton cluster name specified:", config.mutable_api_config_source()->GetTypeName())); } TEST_F(SubscriptionFactoryTest, GrpcClusterMultiton) { envoy::config::core::v3::ConfigSource config; Upstream::ClusterManager::ClusterSet primary_clusters; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); config.mutable_api_config_source()->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name( "static_cluster_foo"); primary_clusters.insert("static_cluster_foo"); config.mutable_api_config_source()->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name( "static_cluster_bar"); primary_clusters.insert("static_cluster_bar"); EXPECT_CALL(cm_, grpcAsyncClientManager()).WillRepeatedly(ReturnRef(cm_.async_client_manager_)); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_REGEX(subscriptionFromConfigSource(config), EnvoyException, fmt::format("{}::.DELTA_.GRPC must have a " "single gRPC service specified:", config.mutable_api_config_source()->GetTypeName())); } TEST_F(SubscriptionFactoryTest, FilesystemSubscription) { envoy::config::core::v3::ConfigSource config; std::string test_path = TestEnvironment::temporaryDirectory(); config.set_path(test_path); auto* watcher = new Filesystem::MockWatcher(); EXPECT_CALL(dispatcher_, createFilesystemWatcher_()).WillOnce(Return(watcher)); EXPECT_CALL(*watcher, addWatch(test_path, _, _)); EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)); subscriptionFromConfigSource(config)->start({"foo"}); } TEST_F(SubscriptionFactoryTest, FilesystemSubscriptionNonExistentFile) { envoy::config::core::v3::ConfigSource config; config.set_path("/blahblah"); EXPECT_THROW_WITH_MESSAGE(subscriptionFromConfigSource(config)->start({"foo"}), EnvoyException, "envoy::api::v2::Path must refer to an existing path in the system: " "'/blahblah' does not exist") } TEST_F(SubscriptionFactoryTest, FilesystemCollectionSubscription) { std::string test_path = TestEnvironment::temporaryDirectory(); auto* watcher = new Filesystem::MockWatcher(); EXPECT_CALL(dispatcher_, createFilesystemWatcher_()).WillOnce(Return(watcher)); EXPECT_CALL(*watcher, addWatch(test_path, _, _)); EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)); // Unix paths start with /, Windows with c:/. const std::string file_path = test_path[0] == '/' ? test_path.substr(1) : test_path; collectionSubscriptionFromUrl(fmt::format("file:///{}", file_path))->start({}); } TEST_F(SubscriptionFactoryTest, FilesystemCollectionSubscriptionNonExistentFile){ EXPECT_THROW_WITH_MESSAGE(collectionSubscriptionFromUrl("file:///blahblah")->start({}), EnvoyException, "envoy::api::v2::Path must refer to an existing path in the system: " "'/blahblah' does not exist")} TEST_F(SubscriptionFactoryTest, LegacySubscription) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type( envoy::config::core::v3::ApiConfigSource::hidden_envoy_deprecated_UNSUPPORTED_REST_LEGACY); api_config_source->add_cluster_names("static_cluster"); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_REGEX(subscriptionFromConfigSource(config)->start({"static_cluster"}), EnvoyException, "REST_LEGACY no longer a supported ApiConfigSource.*"); } TEST_F(SubscriptionFactoryTest, HttpSubscriptionCustomRequestTimeout) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); api_config_source->add_cluster_names("static_cluster"); api_config_source->mutable_refresh_delay()->set_seconds(1); api_config_source->mutable_request_timeout()->set_seconds(5); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_CALL(dispatcher_, createTimer_(_)).Times(2); EXPECT_CALL(cm_, httpAsyncClientForCluster("static_cluster")); EXPECT_CALL( cm_.async_client_, send_(_, _, Http::AsyncClient::RequestOptions().setTimeout(std::chrono::milliseconds(5000)))); subscriptionFromConfigSource(config)->start({"static_cluster"}); } TEST_F(SubscriptionFactoryTest, HttpSubscription) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); api_config_source->add_cluster_names("static_cluster"); api_config_source->mutable_refresh_delay()->set_seconds(1); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_CALL(dispatcher_, createTimer_(_)).Times(2); EXPECT_CALL(cm_, httpAsyncClientForCluster("static_cluster")); EXPECT_CALL(cm_.async_client_, send_(_, _, _)) .WillOnce(Invoke([this](Http::RequestMessagePtr& request, Http::AsyncClient::Callbacks&, const Http::AsyncClient::RequestOptions&) { EXPECT_EQ("POST", request->headers().getMethodValue()); EXPECT_EQ("static_cluster", request->headers().getHostValue()); EXPECT_EQ("/v2/discovery:endpoints", request->headers().getPathValue()); return &http_request_; })); EXPECT_CALL(http_request_, cancel()); subscriptionFromConfigSource(config)->start({"static_cluster"}); } // Confirm error when no refresh delay is set (not checked by schema). TEST_F(SubscriptionFactoryTest, HttpSubscriptionNoRefreshDelay) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); api_config_source->add_cluster_names("static_cluster"); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_MESSAGE(subscriptionFromConfigSource(config)->start({"static_cluster"}), EnvoyException, "refresh_delay is required for REST API configuration sources"); } TEST_F(SubscriptionFactoryTest, GrpcSubscription) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name("static_cluster"); envoy::config::core::v3::GrpcService expected_grpc_service; expected_grpc_service.mutable_envoy_grpc()->set_cluster_name("static_cluster"); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_CALL(cm_, grpcAsyncClientManager()).WillOnce(ReturnRef(cm_.async_client_manager_)); EXPECT_CALL(cm_.async_client_manager_, factoryForGrpcService(ProtoEq(expected_grpc_service), _, _)) .WillOnce(Invoke([](const envoy::config::core::v3::GrpcService&, Stats::Scope&, bool) { auto async_client_factory = std::make_unique(); EXPECT_CALL(*async_client_factory, create()).WillOnce(Invoke([] { return std::make_unique>(); })); return async_client_factory; })); EXPECT_CALL(random_, random()); EXPECT_CALL(dispatcher_, createTimer_(_)).Times(2); // onConfigUpdateFailed() should not be called for gRPC stream connection failure EXPECT_CALL(callbacks_, onConfigUpdateFailed(_, _)).Times(0); subscriptionFromConfigSource(config)->start({"static_cluster"}); } TEST_F(SubscriptionFactoryTest, LogWarningOnDeprecatedApi) { envoy::config::core::v3::ConfigSource config; config.mutable_api_config_source()->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); config.mutable_api_config_source()->set_transport_api_version( envoy::config::core::v3::ApiVersion::V2); NiceMock snapshot; EXPECT_CALL(runtime_, snapshot()).WillRepeatedly(ReturnRef(snapshot)); EXPECT_CALL(snapshot, runtimeFeatureEnabled(_)).WillOnce(Return(true)); EXPECT_CALL(runtime_, countDeprecatedFeatureUse()); Upstream::ClusterManager::ClusterSet primary_clusters; primary_clusters.insert("static_cluster"); EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_LOG_CONTAINS( "warn", "xDS of version v2 has been deprecated", try { subscription_factory_.subscriptionFromConfigSource( config, Config::TypeUrl::get().ClusterLoadAssignment, stats_store_, callbacks_, resource_decoder_); } catch (EnvoyException&){/* expected, we pass an empty configuration */}); } INSTANTIATE_TEST_SUITE_P(SubscriptionFactoryTestApiConfigSource, SubscriptionFactoryTestApiConfigSource, ::testing::Values(envoy::config::core::v3::ApiConfigSource::REST, envoy::config::core::v3::ApiConfigSource::GRPC)); TEST_P(SubscriptionFactoryTestApiConfigSource, NonExistentCluster) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); api_config_source->set_api_type(GetParam()); if (api_config_source->api_type() == envoy::config::core::v3::ApiConfigSource::GRPC) { api_config_source->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name( "static_cluster"); } else { api_config_source->add_cluster_names("static_cluster"); } Upstream::ClusterManager::ClusterSet primary_clusters; EXPECT_CALL(cm_, primaryClusters()).WillOnce(ReturnRef(primary_clusters)); EXPECT_THROW_WITH_MESSAGE(subscriptionFromConfigSource(config)->start({"static_cluster"}), EnvoyException, fmt::format("{} must have a statically defined " "non-EDS cluster: 'static_cluster' does not exist, was " "added via api, or is an EDS cluster", api_config_source->GetTypeName())); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/subscription_impl_test.cc ================================================ #include #include "test/common/config/delta_subscription_test_harness.h" #include "test/common/config/filesystem_subscription_test_harness.h" #include "test/common/config/grpc_subscription_test_harness.h" #include "test/common/config/http_subscription_test_harness.h" #include "test/common/config/subscription_test_harness.h" using testing::InSequence; namespace Envoy { namespace Config { namespace { enum class SubscriptionType { Grpc, DeltaGrpc, Http, Filesystem, }; class SubscriptionImplTest : public testing::TestWithParam { public: SubscriptionImplTest() : SubscriptionImplTest(std::chrono::milliseconds(0)) {} SubscriptionImplTest(std::chrono::milliseconds init_fetch_timeout) { switch (GetParam()) { case SubscriptionType::Grpc: test_harness_ = std::make_unique(init_fetch_timeout); break; case SubscriptionType::DeltaGrpc: test_harness_ = std::make_unique(init_fetch_timeout); break; case SubscriptionType::Http: test_harness_ = std::make_unique(init_fetch_timeout); break; case SubscriptionType::Filesystem: test_harness_ = std::make_unique(); break; } } void TearDown() override { test_harness_->doSubscriptionTearDown(); } void startSubscription(const std::set& cluster_names) { test_harness_->startSubscription(cluster_names); } void updateResourceInterest(const std::set& cluster_names) { test_harness_->updateResourceInterest(cluster_names); } void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node) { test_harness_->expectSendMessage(cluster_names, version, expect_node); } AssertionResult statsAre(uint32_t attempt, uint32_t success, uint32_t rejected, uint32_t failure, uint32_t init_fetch_timeout, uint64_t update_time, uint64_t version, std::string version_text) { return test_harness_->statsAre(attempt, success, rejected, failure, init_fetch_timeout, update_time, version, version_text); } void deliverConfigUpdate(const std::vector cluster_names, const std::string& version, bool accept) { test_harness_->deliverConfigUpdate(cluster_names, version, accept); } void expectConfigUpdateFailed() { test_harness_->expectConfigUpdateFailed(); } void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds timeout) { test_harness_->expectEnableInitFetchTimeoutTimer(timeout); } void expectDisableInitFetchTimeoutTimer() { test_harness_->expectDisableInitFetchTimeoutTimer(); } void callInitFetchTimeoutCb() { test_harness_->callInitFetchTimeoutCb(); } std::unique_ptr test_harness_; }; class SubscriptionImplInitFetchTimeoutTest : public SubscriptionImplTest { public: SubscriptionImplInitFetchTimeoutTest() : SubscriptionImplTest(std::chrono::milliseconds(1000)) {} }; SubscriptionType types[] = {SubscriptionType::Grpc, SubscriptionType::DeltaGrpc, SubscriptionType::Http, SubscriptionType::Filesystem}; INSTANTIATE_TEST_SUITE_P(SubscriptionImplTest, SubscriptionImplTest, testing::ValuesIn(types)); INSTANTIATE_TEST_SUITE_P(SubscriptionImplTest, SubscriptionImplInitFetchTimeoutTest, testing::ValuesIn(types)); // Validate basic request-response succeeds. TEST_P(SubscriptionImplTest, InitialRequestResponse) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "v25-ubuntu18-beta", true); EXPECT_TRUE( statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 18202868392629624077U, "v25-ubuntu18-beta")); } // Validate that multiple streamed updates succeed. TEST_P(SubscriptionImplTest, ResponseStream) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "1.2.3.4", true); EXPECT_TRUE(statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 14026795738668939420U, "1.2.3.4")); deliverConfigUpdate({"cluster0", "cluster1"}, "5_6_7", true); EXPECT_TRUE(statsAre(3, 2, 0, 0, 0, TEST_TIME_MILLIS, 7612520132475921171U, "5_6_7")); } // Validate that the client can reject a config. TEST_P(SubscriptionImplTest, RejectConfig) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", false); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); } // Validate that the client can reject a config and accept the same config later. TEST_P(SubscriptionImplTest, RejectAcceptConfig) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", false); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); EXPECT_TRUE(statsAre(3, 1, 1, 0, 0, TEST_TIME_MILLIS, 7148434200721666028, "0")); } // Validate that the client can reject a config and accept another config later. TEST_P(SubscriptionImplTest, RejectAcceptNextConfig) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "0", false); EXPECT_TRUE(statsAre(2, 0, 1, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "1", true); EXPECT_TRUE(statsAre(3, 1, 1, 0, 0, TEST_TIME_MILLIS, 13237225503670494420U, "1")); } // Validate that stream updates send a message with the updated resources. TEST_P(SubscriptionImplTest, UpdateResources) { startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); deliverConfigUpdate({"cluster0", "cluster1"}, "42", true); EXPECT_TRUE(statsAre(2, 1, 0, 0, 0, TEST_TIME_MILLIS, 7919287270473417401, "42")); updateResourceInterest({"cluster2"}); EXPECT_TRUE(statsAre(3, 1, 0, 0, 0, TEST_TIME_MILLIS, 7919287270473417401, "42")); } // Validate that initial fetch timer is created and calls callback on timeout TEST_P(SubscriptionImplInitFetchTimeoutTest, InitialFetchTimeout) { if (GetParam() == SubscriptionType::Filesystem) { return; // initial_fetch_timeout not implemented for filesystem. } InSequence s; expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds(1000)); startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); if (GetParam() == SubscriptionType::Http) { expectDisableInitFetchTimeoutTimer(); } expectConfigUpdateFailed(); callInitFetchTimeoutCb(); EXPECT_TRUE(statsAre(1, 0, 0, 0, 1, 0, 0, "")); } // Validate that initial fetch timer is disabled on config update TEST_P(SubscriptionImplInitFetchTimeoutTest, DisableInitTimeoutOnSuccess) { InSequence s; expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds(1000)); startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); expectDisableInitFetchTimeoutTimer(); deliverConfigUpdate({"cluster0", "cluster1"}, "0", true); } // Validate that initial fetch timer is disabled on config update failed TEST_P(SubscriptionImplInitFetchTimeoutTest, DisableInitTimeoutOnFail) { InSequence s; expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds(1000)); startSubscription({"cluster0", "cluster1"}); EXPECT_TRUE(statsAre(1, 0, 0, 0, 0, 0, 0, "")); expectDisableInitFetchTimeoutTimer(); deliverConfigUpdate({"cluster0", "cluster1"}, "0", false); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/subscription_test_harness.h ================================================ #pragma once #include "common/config/utility.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/simulated_time_system.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { const uint64_t TEST_TIME_MILLIS = 42000; /** * Interface for different Subscription implementation test harnesses. This has common functionality * that we can use to write tests that work across all Subscription types. EDS is used as the API in * tests depending on SubscriptionTestHarness, as representative of a subscription API. */ class SubscriptionTestHarness : public Event::TestUsingSimulatedTime { public: SubscriptionTestHarness() : stats_(Utility::generateStats(stats_store_)), control_plane_stats_(Utility::generateControlPlaneStats(stats_store_)) { simTime().setSystemTime(SystemTime(std::chrono::milliseconds(TEST_TIME_MILLIS))); } virtual ~SubscriptionTestHarness() = default; /** * Start subscription and set related expectations. * @param cluster_names initial cluster names to request via EDS. */ virtual void startSubscription(const std::set& cluster_names) PURE; /** * Update cluster names to be delivered via EDS. * @param cluster_names cluster names. */ virtual void updateResourceInterest(const std::set& cluster_names) PURE; /** * Expect that an update request is sent by the Subscription implementation. * @param cluster_names cluster names to expect in the request. * @param version version_info to expect in the request. * @param expect_node whether the node information should be expected */ virtual void expectSendMessage(const std::set& cluster_names, const std::string& version, bool expect_node) PURE; /** * Deliver a response to the Subscription implementation and validate. * @param cluster_names cluster names to provide in the response * @param version version_info to provide in the response. * @param accept will the onConfigUpdate() callback accept the response? */ virtual void deliverConfigUpdate(const std::vector& cluster_names, const std::string& version, bool accept) PURE; virtual testing::AssertionResult statsAre(uint32_t attempt, uint32_t success, uint32_t rejected, uint32_t failure, uint32_t init_fetch_timeout, uint64_t update_time, uint64_t version, absl::string_view version_text) { // TODO(fredlas) rework update_success_ to make sense across all xDS carriers. Its value in // statsAre() calls in many tests will probably have to be changed. UNREFERENCED_PARAMETER(attempt); if (success != stats_.update_success_.value()) { return testing::AssertionFailure() << "update_success: expected " << success << ", got " << stats_.update_success_.value(); } if (rejected != stats_.update_rejected_.value()) { return testing::AssertionFailure() << "update_rejected: expected " << rejected << ", got " << stats_.update_rejected_.value(); } if (failure != stats_.update_failure_.value()) { return testing::AssertionFailure() << "update_failure: expected " << failure << ", got " << stats_.update_failure_.value(); } if (init_fetch_timeout != stats_.init_fetch_timeout_.value()) { return testing::AssertionFailure() << "init_fetch_timeout: expected " << init_fetch_timeout << ", got " << stats_.init_fetch_timeout_.value(); } if (update_time != stats_.update_time_.value()) { return testing::AssertionFailure() << "update_time: expected " << update_time << ", got " << stats_.update_time_.value(); } if (version != stats_.version_.value()) { return testing::AssertionFailure() << "version: expected " << version << ", got " << stats_.version_.value(); } if (version_text != stats_.version_text_.value()) { return testing::AssertionFailure() << "version_text: expected " << version << ", got " << stats_.version_text_.value(); } return testing::AssertionSuccess(); } virtual void verifyControlPlaneStats(uint32_t connected_state) { EXPECT_EQ(connected_state, control_plane_stats_.connected_state_.value()); } virtual void expectConfigUpdateFailed() PURE; virtual void expectEnableInitFetchTimeoutTimer(std::chrono::milliseconds timeout) PURE; virtual void expectDisableInitFetchTimeoutTimer() PURE; virtual void callInitFetchTimeoutCb() PURE; virtual void doSubscriptionTearDown() {} Stats::TestUtil::TestStore stats_store_; SubscriptionStats stats_; ControlPlaneStats control_plane_stats_; }; ACTION_P(ThrowOnRejectedConfig, accept) { if (!accept) { throw EnvoyException("bad config"); } } } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/type_to_endpoint_test.cc ================================================ #include "envoy/api/v2/rds.pb.h" #include "envoy/service/route/v3/rds.pb.h" #include "common/config/type_to_endpoint.h" #include "gtest/gtest.h" // API_NO_BOOST_FILE namespace Envoy { namespace Config { namespace { // Verify type-to-endpoint methods with RDS as an exemplar. TEST(TypeToEndpoint, All) { // The dummy messages are included for link purposes only. envoy::api::v2::RdsDummy _v2_rds_dummy; envoy::service::route::v3::RdsDummy _v3_rds_dummy; // Delta gRPC endpoints. EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.DeltaRoutes", deltaGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); // SotW gRPC endpoints. EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.StreamRoutes", sotwGrpcMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); // REST endpoints. EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.api.v2.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::AUTO) .full_name()); EXPECT_EQ("envoy.api.v2.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V2) .full_name()); EXPECT_EQ("envoy.service.route.v3.RouteDiscoveryService.FetchRoutes", restMethod("type.googleapis.com/envoy.config.route.v3.RouteConfiguration", envoy::config::core::v3::ApiVersion::V3) .full_name()); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/udpa_context_params_test.cc ================================================ #include "common/config/udpa_context_params.h" #include "test/common/config/udpa_test_utility.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" #include "udpa_test_utility.h" using ::testing::Pair; namespace Envoy { namespace Config { namespace { // Validate all the node parameter renderers (except user_agent_build_version, which has its own // test below). TEST(UdpaContextParamsTest, NodeAll) { envoy::config::core::v3::Node node; TestUtility::loadFromYaml(R"EOF( id: some_id cluster: some_cluster user_agent_name: xds_client user_agent_version: 1.2.3 locality: region: some_region zone: some_zone sub_zone: some_sub_zone metadata: foo: true bar: "a" baz: 42 )EOF", node); const auto context_params = UdpaContextParams::encode( node, {"id", "cluster", "user_agent_name", "user_agent_version", "locality.region", "locality.zone", "locality.sub_zone", "metadata"}, {}, {}, {}); EXPECT_CONTEXT_PARAMS( context_params, Pair("udpa.node.cluster", "some_cluster"), Pair("udpa.node.id", "some_id"), Pair("udpa.node.locality.sub_zone", "some_sub_zone"), Pair("udpa.node.locality.zone", "some_zone"), Pair("udpa.node.locality.region", "some_region"), Pair("udpa.node.metadata.bar", "\"a\""), Pair("udpa.node.metadata.baz", "42"), Pair("udpa.node.metadata.foo", "true"), Pair("udpa.node.user_agent_name", "xds_client"), Pair("udpa.node.user_agent_version", "1.2.3")); } // Validate that we can select a subset of node parameters. TEST(UdpaContextParamsTest, NodeParameterSelection) { envoy::config::core::v3::Node node; TestUtility::loadFromYaml(R"EOF( id: some_id cluster: some_cluster user_agent_name: xds_client user_agent_version: 1.2.3 locality: region: some_region zone: some_zone sub_zone: some_sub_zone metadata: foo: true bar: "a" baz: 42 )EOF", node); const auto context_params = UdpaContextParams::encode( node, {"cluster", "user_agent_version", "locality.region", "locality.sub_zone"}, {}, {}, {}); EXPECT_CONTEXT_PARAMS(context_params, Pair("udpa.node.cluster", "some_cluster"), Pair("udpa.node.locality.sub_zone", "some_sub_zone"), Pair("udpa.node.locality.region", "some_region"), Pair("udpa.node.user_agent_version", "1.2.3")); } // Validate user_agent_build_version renderers. TEST(UdpaContextParamsTest, NodeUserAgentBuildVersion) { envoy::config::core::v3::Node node; TestUtility::loadFromYaml(R"EOF( user_agent_build_version: version: major_number: 1 minor_number: 2 patch: 3 metadata: foo: true bar: "a" baz: 42 )EOF", node); const auto context_params = UdpaContextParams::encode( node, {"user_agent_build_version.version", "user_agent_build_version.metadata"}, {}, {}, {}); EXPECT_CONTEXT_PARAMS(context_params, Pair("udpa.node.user_agent_build_version.metadata.bar", "\"a\""), Pair("udpa.node.user_agent_build_version.metadata.baz", "42"), Pair("udpa.node.user_agent_build_version.metadata.foo", "true"), Pair("udpa.node.user_agent_build_version.version", "1.2.3")); } // Validate that resource locator context parameters are pass-thru. TEST(UdpaContextParamsTest, ResoureContextParams) { udpa::core::v1::ContextParams resource_context_params; TestUtility::loadFromYaml(R"EOF( params: foo: "\"some_string\"" bar: "123" baz: "true" )EOF", resource_context_params); const auto context_params = UdpaContextParams::encode({}, {}, resource_context_params, {}, {}); EXPECT_CONTEXT_PARAMS(context_params, Pair("bar", "123"), Pair("baz", "true"), Pair("foo", "\"some_string\"")); } // Validate client feature capabilities context parameter transform. TEST(UdpaContextParamsTest, ClientFeatureCapabilities) { const auto context_params = UdpaContextParams::encode({}, {}, {}, {"some.feature", "another.feature"}, {}); EXPECT_CONTEXT_PARAMS(context_params, Pair("udpa.client_feature.another.feature", "true"), Pair("udpa.client_feature.some.feature", "true")); } // Validate per-resource well-known attributes transform. TEST(UdpaContextParamsTest, ResourceWktAttribs) { const auto context_params = UdpaContextParams::encode({}, {}, {}, {}, {{"foo", "1"}, {"bar", "2"}}); EXPECT_CONTEXT_PARAMS(context_params, Pair("udpa.resource.foo", "1"), Pair("udpa.resource.bar", "2")); } // Validate that the precedence relationships in the specification hold. TEST(UdpaContextParamsTest, Layering) { envoy::config::core::v3::Node node; TestUtility::loadFromYaml(R"EOF( id: some_id cluster: some_cluster )EOF", node); udpa::core::v1::ContextParams resource_context_params; TestUtility::loadFromYaml(R"EOF( params: id: another_id udpa.node.cluster: another_cluster )EOF", resource_context_params); const auto context_params = UdpaContextParams::encode( node, {"id", "cluster"}, resource_context_params, {"id"}, {{"cluster", "huh"}}); EXPECT_CONTEXT_PARAMS(context_params, Pair("id", "another_id"), Pair("udpa.client_feature.id", "true"), Pair("udpa.node.cluster", "another_cluster"), Pair("udpa.node.id", "some_id"), Pair("udpa.resource.cluster", "huh")); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/udpa_resource_test.cc ================================================ #include "common/config/udpa_resource.h" #include "test/common/config/udpa_test_utility.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" using ::testing::ElementsAre; using ::testing::Pair; namespace Envoy { namespace Config { namespace { const std::string EscapedUrn = "udpa://f123%25%2F%3F%23o/envoy.config.listener.v3.Listener/b%25%3A%2F%3F%23%5B%5Dar//" "baz?%25%23%5B%5D%26%3Dab=cde%25%23%5B%5D%26%3Df"; const std::string EscapedUrnWithManyQueryParams = "udpa://f123%25%2F%3F%23o/envoy.config.listener.v3.Listener/b%25%3A%2F%3F%23%5B%5Dar//" "baz?%25%23%5B%5D%26%3D=bar&%25%23%5B%5D%26%3Dab=cde%25%23%5B%5D%26%3Df&foo=%25%23%5B%5D%26%3D"; const std::string EscapedUrlWithManyQueryParamsAndDirectives = EscapedUrnWithManyQueryParams + "#entry=some_en%25%23%5B%5D%2Ctry,alt=udpa://fo%2525%252F%253F%2523o/bar%23alt=udpa://bar/" "baz%2Centry=h%2525%2523%255B%255D%252Cuh"; // for all x. encodeUri(decodeUri(x)) = x where x comes from sample of valid udpa:// URIs. // TODO(htuch): write a fuzzer that validates this property as well. TEST(UdpaResourceIdentifierTest, DecodeEncode) { const std::vector uris = { "udpa:///envoy.config.listener.v3.Listener", "udpa://foo/envoy.config.listener.v3.Listener", "udpa://foo/envoy.config.listener.v3.Listener/bar", "udpa://foo/envoy.config.listener.v3.Listener/bar/baz", "udpa://foo/envoy.config.listener.v3.Listener/bar////baz", "udpa://foo/envoy.config.listener.v3.Listener?ab=cde", "udpa://foo/envoy.config.listener.v3.Listener/bar?ab=cd", "udpa://foo/envoy.config.listener.v3.Listener/bar/baz?ab=cde", "udpa://foo/envoy.config.listener.v3.Listener/bar/baz?ab=", "udpa://foo/envoy.config.listener.v3.Listener/bar/baz?=cd", "udpa://foo/envoy.config.listener.v3.Listener/bar/baz?ab=cde&ba=edc&z=f", EscapedUrn, EscapedUrnWithManyQueryParams, }; UdpaResourceIdentifier::EncodeOptions encode_options; encode_options.sort_context_params_ = true; for (const std::string& uri : uris) { EXPECT_EQ(uri, UdpaResourceIdentifier::encodeUrn(UdpaResourceIdentifier::decodeUrn(uri), encode_options)); EXPECT_EQ(uri, UdpaResourceIdentifier::encodeUrl(UdpaResourceIdentifier::decodeUrl(uri), encode_options)); } } // Validate that URN decoding behaves as expected component-wise. TEST(UdpaResourceNameTest, DecodeSuccess) { const auto resource_name = UdpaResourceIdentifier::decodeUrn(EscapedUrnWithManyQueryParams); EXPECT_EQ("f123%/?#o", resource_name.authority()); EXPECT_EQ("envoy.config.listener.v3.Listener", resource_name.resource_type()); EXPECT_THAT(resource_name.id(), ElementsAre("b%:/?#[]ar", "", "baz")); EXPECT_CONTEXT_PARAMS(resource_name.context(), Pair("%#[]&=", "bar"), Pair("%#[]&=ab", "cde%#[]&=f"), Pair("foo", "%#[]&=")); } // Validate that URL decoding behaves as expected component-wise. TEST(UdpaResourceLocatorTest, DecodeSuccess) { const auto resource_locator = UdpaResourceIdentifier::decodeUrl(EscapedUrlWithManyQueryParamsAndDirectives); EXPECT_EQ("f123%/?#o", resource_locator.authority()); EXPECT_EQ("envoy.config.listener.v3.Listener", resource_locator.resource_type()); EXPECT_THAT(resource_locator.id(), ElementsAre("b%:/?#[]ar", "", "baz")); EXPECT_CONTEXT_PARAMS(resource_locator.exact_context(), Pair("%#[]&=", "bar"), Pair("%#[]&=ab", "cde%#[]&=f"), Pair("foo", "%#[]&=")); EXPECT_EQ(2, resource_locator.directives().size()); EXPECT_EQ("some_en%#[],try", resource_locator.directives()[0].entry()); const auto& alt = resource_locator.directives()[1].alt(); EXPECT_EQ("fo%/?#o", alt.authority()); EXPECT_EQ("bar", alt.resource_type()); EXPECT_EQ(2, alt.directives().size()); const auto& inner_alt = alt.directives()[0].alt(); EXPECT_EQ("bar", inner_alt.authority()); EXPECT_EQ("baz", inner_alt.resource_type()); EXPECT_EQ("h%#[],uh", alt.directives()[1].entry()); } // Validate that the URN decoding behaves with a near-empty UDPA resource name. TEST(UdpaResourceLocatorTest, DecodeEmpty) { const auto resource_name = UdpaResourceIdentifier::decodeUrn("udpa:///envoy.config.listener.v3.Listener"); EXPECT_TRUE(resource_name.authority().empty()); EXPECT_EQ("envoy.config.listener.v3.Listener", resource_name.resource_type()); EXPECT_TRUE(resource_name.id().empty()); EXPECT_TRUE(resource_name.context().params().empty()); } // Validate that the URL decoding behaves with a near-empty UDPA resource locator. TEST(UdpaResourceNameTest, DecodeEmpty) { const auto resource_locator = UdpaResourceIdentifier::decodeUrl("udpa:///envoy.config.listener.v3.Listener"); EXPECT_TRUE(resource_locator.authority().empty()); EXPECT_EQ("envoy.config.listener.v3.Listener", resource_locator.resource_type()); EXPECT_TRUE(resource_locator.id().empty()); EXPECT_TRUE(resource_locator.exact_context().params().empty()); EXPECT_TRUE(resource_locator.directives().empty()); } // Negative tests for URN decoding. TEST(UdpaResourceNameTest, DecodeFail) { { EXPECT_THROW_WITH_MESSAGE(UdpaResourceIdentifier::decodeUrn("foo://"), UdpaResourceIdentifier::DecodeException, "foo:// does not have an udpa: scheme"); } { EXPECT_THROW_WITH_MESSAGE(UdpaResourceIdentifier::decodeUrn("udpa://foo"), UdpaResourceIdentifier::DecodeException, "Resource type missing from /"); } } // Negative tests for URL decoding. TEST(UdpaResourceLocatorTest, DecodeFail) { { EXPECT_THROW_WITH_MESSAGE(UdpaResourceIdentifier::decodeUrl("foo://"), UdpaResourceIdentifier::DecodeException, "foo:// does not have a udpa:, http: or file: scheme"); } { EXPECT_THROW_WITH_MESSAGE(UdpaResourceIdentifier::decodeUrl("udpa://foo"), UdpaResourceIdentifier::DecodeException, "Resource type missing from /"); } { EXPECT_THROW_WITH_MESSAGE(UdpaResourceIdentifier::decodeUrl("udpa://foo/some-type#bar=baz"), UdpaResourceIdentifier::DecodeException, "Unknown fragment component bar=baz"); } } // Validate parsing for udpa:, http: and file: schemes. TEST(UdpaResourceLocatorTest, Schemes) { { const auto resource_locator = UdpaResourceIdentifier::decodeUrl("udpa://foo/bar/baz/blah?a=b#entry=m"); EXPECT_EQ(udpa::core::v1::ResourceLocator::UDPA, resource_locator.scheme()); EXPECT_EQ("foo", resource_locator.authority()); EXPECT_EQ("bar", resource_locator.resource_type()); EXPECT_THAT(resource_locator.id(), ElementsAre("baz", "blah")); EXPECT_CONTEXT_PARAMS(resource_locator.exact_context(), Pair("a", "b")); EXPECT_EQ(1, resource_locator.directives().size()); EXPECT_EQ("m", resource_locator.directives()[0].entry()); EXPECT_EQ("udpa://foo/bar/baz/blah?a=b#entry=m", UdpaResourceIdentifier::encodeUrl(resource_locator)); } { const auto resource_locator = UdpaResourceIdentifier::decodeUrl("http://foo/bar/baz/blah?a=b#entry=m"); EXPECT_EQ(udpa::core::v1::ResourceLocator::HTTP, resource_locator.scheme()); EXPECT_EQ("foo", resource_locator.authority()); EXPECT_EQ("bar", resource_locator.resource_type()); EXPECT_THAT(resource_locator.id(), ElementsAre("baz", "blah")); EXPECT_CONTEXT_PARAMS(resource_locator.exact_context(), Pair("a", "b")); EXPECT_EQ(1, resource_locator.directives().size()); EXPECT_EQ("m", resource_locator.directives()[0].entry()); EXPECT_EQ("http://foo/bar/baz/blah?a=b#entry=m", UdpaResourceIdentifier::encodeUrl(resource_locator)); } { const auto resource_locator = UdpaResourceIdentifier::decodeUrl("file:///bar/baz/blah#entry=m"); EXPECT_EQ(udpa::core::v1::ResourceLocator::FILE, resource_locator.scheme()); EXPECT_THAT(resource_locator.id(), ElementsAre("bar", "baz", "blah")); EXPECT_EQ(1, resource_locator.directives().size()); EXPECT_EQ("m", resource_locator.directives()[0].entry()); EXPECT_EQ("file:///bar/baz/blah#entry=m", UdpaResourceIdentifier::encodeUrl(resource_locator)); } } // extra tests for fragment handling } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/udpa_test_utility.h ================================================ #pragma once #include "gtest/gtest.h" #define EXPECT_CONTEXT_PARAMS(context_params, ...) \ { \ std::map param_map((context_params).params().begin(), \ (context_params).params().end()); \ EXPECT_THAT(param_map, ::testing::UnorderedElementsAre(__VA_ARGS__)); \ } namespace Envoy { namespace Config { namespace {} // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/utility_test.cc ================================================ #include "envoy/api/v2/cluster.pb.h" #include "envoy/common/exception.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/filters/http/cors/v3/cors.pb.h" #include "common/common/fmt.h" #include "common/config/api_version.h" #include "common/config/utility.h" #include "common/config/well_known_names.h" #include "common/protobuf/protobuf.h" #include "test/mocks/config/mocks.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/mocks/upstream/thread_local_cluster.h" #include "test/test_common/environment.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" #include "udpa/type/v1/typed_struct.pb.h" using testing::_; using testing::Ref; using testing::Return; namespace Envoy { namespace Config { namespace { TEST(UtilityTest, ComputeHashedVersion) { EXPECT_EQ("hash_2e1472b57af294d1", Utility::computeHashedVersion("{}").first); EXPECT_EQ("hash_33bf00a859c4ba3f", Utility::computeHashedVersion("foo").first); } TEST(UtilityTest, ApiConfigSourceRefreshDelay) { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.mutable_refresh_delay()->CopyFrom( Protobuf::util::TimeUtil::MillisecondsToDuration(1234)); EXPECT_EQ(1234, Utility::apiConfigSourceRefreshDelay(api_config_source).count()); } TEST(UtilityTest, ApiConfigSourceDefaultRequestTimeout) { envoy::config::core::v3::ApiConfigSource api_config_source; EXPECT_EQ(1000, Utility::apiConfigSourceRequestTimeout(api_config_source).count()); } TEST(UtilityTest, ApiConfigSourceRequestTimeout) { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.mutable_request_timeout()->CopyFrom( Protobuf::util::TimeUtil::MillisecondsToDuration(1234)); EXPECT_EQ(1234, Utility::apiConfigSourceRequestTimeout(api_config_source).count()); } TEST(UtilityTest, ConfigSourceDefaultInitFetchTimeout) { envoy::config::core::v3::ConfigSource config_source; EXPECT_EQ(15000, Utility::configSourceInitialFetchTimeout(config_source).count()); } TEST(UtilityTest, ConfigSourceInitFetchTimeout) { envoy::config::core::v3::ConfigSource config_source; config_source.mutable_initial_fetch_timeout()->CopyFrom( Protobuf::util::TimeUtil::MillisecondsToDuration(654)); EXPECT_EQ(654, Utility::configSourceInitialFetchTimeout(config_source).count()); } TEST(UtilityTest, TranslateApiConfigSource) { envoy::config::core::v3::ApiConfigSource api_config_source_rest_legacy; Utility::translateApiConfigSource("test_rest_legacy_cluster", 10000, ApiType::get().UnsupportedRestLegacy, api_config_source_rest_legacy); EXPECT_EQ( envoy::config::core::v3::ApiConfigSource::hidden_envoy_deprecated_UNSUPPORTED_REST_LEGACY, api_config_source_rest_legacy.api_type()); EXPECT_EQ(10000, DurationUtil::durationToMilliseconds(api_config_source_rest_legacy.refresh_delay())); EXPECT_EQ("test_rest_legacy_cluster", api_config_source_rest_legacy.cluster_names(0)); envoy::config::core::v3::ApiConfigSource api_config_source_rest; Utility::translateApiConfigSource("test_rest_cluster", 20000, ApiType::get().Rest, api_config_source_rest); EXPECT_EQ(envoy::config::core::v3::ApiConfigSource::REST, api_config_source_rest.api_type()); EXPECT_EQ(20000, DurationUtil::durationToMilliseconds(api_config_source_rest.refresh_delay())); EXPECT_EQ("test_rest_cluster", api_config_source_rest.cluster_names(0)); envoy::config::core::v3::ApiConfigSource api_config_source_grpc; Utility::translateApiConfigSource("test_grpc_cluster", 30000, ApiType::get().Grpc, api_config_source_grpc); EXPECT_EQ(envoy::config::core::v3::ApiConfigSource::GRPC, api_config_source_grpc.api_type()); EXPECT_EQ(30000, DurationUtil::durationToMilliseconds(api_config_source_grpc.refresh_delay())); EXPECT_EQ("test_grpc_cluster", api_config_source_grpc.grpc_services(0).envoy_grpc().cluster_name()); } TEST(UtilityTest, createTagProducer) { envoy::config::bootstrap::v3::Bootstrap bootstrap; auto producer = Utility::createTagProducer(bootstrap); ASSERT(producer != nullptr); std::vector tags; auto extracted_name = producer->produceTags("http.config_test.rq_total", tags); ASSERT_EQ(extracted_name, "http.rq_total"); ASSERT_EQ(tags.size(), 1); } TEST(UtilityTest, CheckFilesystemSubscriptionBackingPath) { Api::ApiPtr api = Api::createApiForTest(); EXPECT_THROW_WITH_MESSAGE( Utility::checkFilesystemSubscriptionBackingPath("foo", *api), EnvoyException, "envoy::api::v2::Path must refer to an existing path in the system: 'foo' does not exist"); std::string test_path = TestEnvironment::temporaryDirectory(); Utility::checkFilesystemSubscriptionBackingPath(test_path, *api); } TEST(UtilityTest, ParseDefaultRateLimitSettings) { envoy::config::core::v3::ApiConfigSource api_config_source; const RateLimitSettings& rate_limit_settings = Utility::parseRateLimitSettings(api_config_source); EXPECT_EQ(false, rate_limit_settings.enabled_); EXPECT_EQ(100, rate_limit_settings.max_tokens_); EXPECT_EQ(10, rate_limit_settings.fill_rate_); } TEST(UtilityTest, ParseEmptyRateLimitSettings) { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.mutable_rate_limit_settings(); const RateLimitSettings& rate_limit_settings = Utility::parseRateLimitSettings(api_config_source); EXPECT_EQ(true, rate_limit_settings.enabled_); EXPECT_EQ(100, rate_limit_settings.max_tokens_); EXPECT_EQ(10, rate_limit_settings.fill_rate_); } TEST(UtilityTest, ParseRateLimitSettings) { envoy::config::core::v3::ApiConfigSource api_config_source; envoy::config::core::v3::RateLimitSettings* rate_limits = api_config_source.mutable_rate_limit_settings(); rate_limits->mutable_max_tokens()->set_value(500); rate_limits->mutable_fill_rate()->set_value(4); const RateLimitSettings& rate_limit_settings = Utility::parseRateLimitSettings(api_config_source); EXPECT_EQ(true, rate_limit_settings.enabled_); EXPECT_EQ(500, rate_limit_settings.max_tokens_); EXPECT_EQ(4, rate_limit_settings.fill_rate_); } // TEST(UtilityTest, FactoryForGrpcApiConfigSource) should catch misconfigured // API configs along the dimension of ApiConfigSource type. TEST(UtilityTest, FactoryForGrpcApiConfigSource) { NiceMock async_client_manager; Stats::MockStore scope; { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); EXPECT_THROW_WITH_REGEX( Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, "API configs must have either a gRPC service or a cluster name defined:"); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source.add_grpc_services(); api_config_source.add_grpc_services(); EXPECT_THROW_WITH_REGEX(Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, fmt::format("{}::.DELTA_.GRPC must have a single gRPC service " "specified:", api_config_source.GetTypeName())); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source.add_cluster_names(); // this also logs a warning for setting REST cluster names for a gRPC API config. EXPECT_THROW_WITH_REGEX(Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, fmt::format("{}::.DELTA_.GRPC must not have a cluster name " "specified:", api_config_source.GetTypeName())); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source.add_cluster_names(); api_config_source.add_cluster_names(); EXPECT_THROW_WITH_REGEX(Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, fmt::format("{}::.DELTA_.GRPC must not have a cluster name " "specified:", api_config_source.GetTypeName())); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::REST); api_config_source.add_grpc_services()->mutable_envoy_grpc()->set_cluster_name("foo"); // this also logs a warning for configuring gRPC clusters for a REST API config. EXPECT_THROW_WITH_REGEX(Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, fmt::format("{}, if not a gRPC type, must not have a gRPC service " "specified:", api_config_source.GetTypeName())); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::REST); api_config_source.add_cluster_names("foo"); EXPECT_THROW_WITH_REGEX(Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false), EnvoyException, fmt::format("{} type must be gRPC:", api_config_source.GetTypeName())); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source.add_grpc_services()->mutable_envoy_grpc()->set_cluster_name("foo"); envoy::config::core::v3::GrpcService expected_grpc_service; expected_grpc_service.mutable_envoy_grpc()->set_cluster_name("foo"); EXPECT_CALL(async_client_manager, factoryForGrpcService(ProtoEq(expected_grpc_service), Ref(scope), false)); Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, false); } { envoy::config::core::v3::ApiConfigSource api_config_source; api_config_source.set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); api_config_source.add_grpc_services()->mutable_envoy_grpc()->set_cluster_name("foo"); EXPECT_CALL( async_client_manager, factoryForGrpcService(ProtoEq(api_config_source.grpc_services(0)), Ref(scope), true)); Utility::factoryForGrpcApiConfigSource(async_client_manager, api_config_source, scope, true); } } TEST(UtilityTest, PrepareDnsRefreshStrategy) { NiceMock random; { // dns_failure_refresh_rate not set. envoy::config::cluster::v3::Cluster cluster; BackOffStrategyPtr strategy = Utility::prepareDnsRefreshStrategy(cluster, 5000, random); EXPECT_NE(nullptr, dynamic_cast(strategy.get())); } { // dns_failure_refresh_rate set. envoy::config::cluster::v3::Cluster cluster; cluster.mutable_dns_failure_refresh_rate()->mutable_base_interval()->set_seconds(7); cluster.mutable_dns_failure_refresh_rate()->mutable_max_interval()->set_seconds(10); BackOffStrategyPtr strategy = Utility::prepareDnsRefreshStrategy(cluster, 5000, random); EXPECT_NE(nullptr, dynamic_cast(strategy.get())); } { // dns_failure_refresh_rate set with invalid max_interval. envoy::config::cluster::v3::Cluster cluster; cluster.mutable_dns_failure_refresh_rate()->mutable_base_interval()->set_seconds(7); cluster.mutable_dns_failure_refresh_rate()->mutable_max_interval()->set_seconds(2); EXPECT_THROW_WITH_REGEX(Utility::prepareDnsRefreshStrategy( cluster, 5000, random), EnvoyException, "dns_failure_refresh_rate must have max_interval greater than " "or equal to the base_interval"); } } // Validate that an opaque config of the wrong type throws during conversion. TEST(UtilityTest, AnyWrongType) { ProtobufWkt::Duration source_duration; source_duration.set_seconds(42); ProtobufWkt::Any typed_config; typed_config.PackFrom(source_duration); ProtobufWkt::Timestamp out; EXPECT_THROW_WITH_REGEX( Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out), EnvoyException, R"(Unable to unpack as google.protobuf.Timestamp: \[type.googleapis.com/google.protobuf.Duration\] .*)"); } TEST(UtilityTest, TranslateAnyWrongToFactoryConfig) { ProtobufWkt::Duration source_duration; source_duration.set_seconds(42); ProtobufWkt::Any typed_config; typed_config.PackFrom(source_duration); MockTypedFactory factory; EXPECT_CALL(factory, createEmptyConfigProto()).WillOnce(Invoke([]() -> ProtobufTypes::MessagePtr { return ProtobufTypes::MessagePtr{new ProtobufWkt::Timestamp()}; })); EXPECT_THROW_WITH_REGEX( Utility::translateAnyToFactoryConfig(typed_config, ProtobufMessage::getStrictValidationVisitor(), factory), EnvoyException, R"(Unable to unpack as google.protobuf.Timestamp: \[type.googleapis.com/google.protobuf.Duration\] .*)"); } TEST(UtilityTest, TranslateAnyToFactoryConfig) { ProtobufWkt::Duration source_duration; source_duration.set_seconds(42); ProtobufWkt::Any typed_config; typed_config.PackFrom(source_duration); MockTypedFactory factory; EXPECT_CALL(factory, createEmptyConfigProto()).WillOnce(Invoke([]() -> ProtobufTypes::MessagePtr { return ProtobufTypes::MessagePtr{new ProtobufWkt::Duration()}; })); auto config = Utility::translateAnyToFactoryConfig( typed_config, ProtobufMessage::getStrictValidationVisitor(), factory); EXPECT_THAT(*config, ProtoEq(source_duration)); } void packTypedStructIntoAny(ProtobufWkt::Any& typed_config, const Protobuf::Message& inner) { udpa::type::v1::TypedStruct typed_struct; (*typed_struct.mutable_type_url()) = absl::StrCat("type.googleapis.com/", inner.GetDescriptor()->full_name()); MessageUtil::jsonConvert(inner, *typed_struct.mutable_value()); typed_config.PackFrom(typed_struct); } // Verify that udpa.type.v1.TypedStruct can be translated into google.protobuf.Struct TEST(UtilityTest, TypedStructToStruct) { ProtobufWkt::Any typed_config; ProtobufWkt::Struct untyped_struct; (*untyped_struct.mutable_fields())["foo"].set_string_value("bar"); packTypedStructIntoAny(typed_config, untyped_struct); ProtobufWkt::Struct out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(untyped_struct)); } // Verify that regular Struct can be translated into an arbitrary message of correct type // (v2 API, no upgrading). TEST(UtilityTest, StructToClusterV2) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::api::v2::Cluster) cluster; ProtobufWkt::Struct cluster_struct; const std::string cluster_config_yaml = R"EOF( drain_connections_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); TestUtility::loadFromYaml(cluster_config_yaml, cluster_struct); { API_NO_BOOST(envoy::api::v2::Cluster) out; Utility::translateOpaqueConfig({}, cluster_struct, ProtobufMessage::getNullValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } { API_NO_BOOST(envoy::api::v2::Cluster) out; Utility::translateOpaqueConfig({}, cluster_struct, ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } } // Verify that regular Struct can be translated into an arbitrary message of correct type // (v3 API, upgrading). TEST(UtilityTest, StructToClusterV3) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::config::cluster::v3::Cluster) cluster; ProtobufWkt::Struct cluster_struct; const std::string cluster_config_yaml = R"EOF( ignore_health_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); TestUtility::loadFromYaml(cluster_config_yaml, cluster_struct); { API_NO_BOOST(envoy::config::cluster::v3::Cluster) out; Utility::translateOpaqueConfig({}, cluster_struct, ProtobufMessage::getNullValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } { API_NO_BOOST(envoy::config::cluster::v3::Cluster) out; Utility::translateOpaqueConfig({}, cluster_struct, ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } } // Verify that udpa.type.v1.TypedStruct can be translated into an arbitrary message of correct type // (v2 API, no upgrading). TEST(UtilityTest, TypedStructToClusterV2) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::api::v2::Cluster) cluster; const std::string cluster_config_yaml = R"EOF( drain_connections_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); packTypedStructIntoAny(typed_config, cluster); { API_NO_BOOST(envoy::api::v2::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getNullValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } { API_NO_BOOST(envoy::api::v2::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } } // Verify that udpa.type.v1.TypedStruct can be translated into an arbitrary message of correct type // (v3 API, upgrading). TEST(UtilityTest, TypedStructToClusterV3) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::config::cluster::v3::Cluster) cluster; const std::string cluster_config_yaml = R"EOF( ignore_health_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); packTypedStructIntoAny(typed_config, cluster); { API_NO_BOOST(envoy::config::cluster::v3::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getNullValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } { API_NO_BOOST(envoy::config::cluster::v3::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } } // Verify that Any can be translated into an arbitrary message of correct type // (v2 API, no upgrading). TEST(UtilityTest, AnyToClusterV2) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::api::v2::Cluster) cluster; const std::string cluster_config_yaml = R"EOF( drain_connections_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); typed_config.PackFrom(cluster); API_NO_BOOST(envoy::api::v2::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } // Verify that Any can be translated into an arbitrary message of correct type // (v3 API, upgrading). TEST(UtilityTest, AnyToClusterV3) { ProtobufWkt::Any typed_config; API_NO_BOOST(envoy::config::cluster::v3::Cluster) cluster; const std::string cluster_config_yaml = R"EOF( ignore_health_on_host_removal: true )EOF"; TestUtility::loadFromYaml(cluster_config_yaml, cluster); typed_config.PackFrom(cluster); API_NO_BOOST(envoy::config::cluster::v3::Cluster) out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(cluster)); } // Verify that translation from udpa.type.v1.TypedStruct into message of incorrect type fails TEST(UtilityTest, TypedStructToInvalidType) { ProtobufWkt::Any typed_config; envoy::config::bootstrap::v3::Bootstrap bootstrap; const std::string bootstrap_config_yaml = R"EOF( admin: access_log_path: /dev/null address: pipe: path: "/" )EOF"; TestUtility::loadFromYaml(bootstrap_config_yaml, bootstrap); packTypedStructIntoAny(typed_config, bootstrap); ProtobufWkt::Any out; EXPECT_THROW_WITH_REGEX( Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out), EnvoyException, "Unable to parse JSON as proto"); } // Verify that ProtobufWkt::Empty can load into a typed factory with an empty config proto TEST(UtilityTest, EmptyToEmptyConfig) { ProtobufWkt::Any typed_config; ProtobufWkt::Empty empty_config; typed_config.PackFrom(empty_config); envoy::extensions::filters::http::cors::v3::Cors out; Utility::translateOpaqueConfig(typed_config, ProtobufWkt::Struct(), ProtobufMessage::getStrictValidationVisitor(), out); EXPECT_THAT(out, ProtoEq(envoy::extensions::filters::http::cors::v3::Cors())); } TEST(CheckApiConfigSourceSubscriptionBackingClusterTest, GrpcClusterTestAcrossTypes) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); Upstream::ClusterManager::ClusterSet primary_clusters; // API of type GRPC api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::GRPC); // GRPC cluster without GRPC services. EXPECT_THROW_WITH_REGEX( Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source), EnvoyException, "API configs must have either a gRPC service or a cluster name defined:"); // Non-existent cluster. api_config_source->add_grpc_services()->mutable_envoy_grpc()->set_cluster_name("foo_cluster"); EXPECT_THROW_WITH_MESSAGE( Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source), EnvoyException, fmt::format("{} must have a statically defined non-EDS cluster: " "'foo_cluster' does not exist, was added via api, or is an EDS cluster", api_config_source->GetTypeName())); // All ok. primary_clusters.insert("foo_cluster"); Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source); // API with cluster_names set should be rejected. api_config_source->add_cluster_names("foo_cluster"); EXPECT_THROW_WITH_REGEX( Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source), EnvoyException, fmt::format("{}::.DELTA_.GRPC must not have a cluster name " "specified:", api_config_source->GetTypeName())); } TEST(CheckApiConfigSourceSubscriptionBackingClusterTest, RestClusterTestAcrossTypes) { envoy::config::core::v3::ConfigSource config; auto* api_config_source = config.mutable_api_config_source(); Upstream::ClusterManager::ClusterSet primary_clusters; api_config_source->set_api_type(envoy::config::core::v3::ApiConfigSource::REST); // Non-existent cluster. api_config_source->add_cluster_names("foo_cluster"); EXPECT_THROW_WITH_MESSAGE( Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source), EnvoyException, fmt::format("{} must have a statically defined non-EDS cluster: " "'foo_cluster' does not exist, was added via api, or is an EDS cluster", api_config_source->GetTypeName())); // All ok. primary_clusters.insert("foo_cluster"); Utility::checkApiConfigSourceSubscriptionBackingCluster(primary_clusters, *api_config_source); } // Validates CheckCluster functionality. TEST(UtilityTest, CheckCluster) { Upstream::MockClusterManager cm; // Validate that proper error is thrown, when cluster is not available. EXPECT_CALL(cm, get("foo")).WillOnce(Return(nullptr)); EXPECT_THROW_WITH_MESSAGE(Utility::checkCluster("prefix", "foo", cm, false), EnvoyException, "prefix: unknown cluster 'foo'"); // Validate that proper error is thrown, when dynamic cluster is passed when it is not expected. NiceMock api_cluster; EXPECT_CALL(cm, get("foo")).Times(2).WillRepeatedly(Return(&api_cluster)); EXPECT_CALL(api_cluster, info()); EXPECT_CALL(*api_cluster.cluster_.info_, addedViaApi()).WillOnce(Return(true)); EXPECT_THROW_WITH_MESSAGE(Utility::checkCluster("prefix", "foo", cm, false), EnvoyException, "prefix: invalid cluster 'foo': currently only " "static (non-CDS) clusters are supported"); EXPECT_NO_THROW(Utility::checkCluster("prefix", "foo", cm, true)); // Validate that bootstrap cluster does not throw any exceptions. NiceMock bootstrap_cluster; EXPECT_CALL(cm, get("foo")).Times(2).WillRepeatedly(Return(&bootstrap_cluster)); EXPECT_NO_THROW(Utility::checkCluster("prefix", "foo", cm, true)); EXPECT_NO_THROW(Utility::checkCluster("prefix", "foo", cm, false)); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/version_converter.proto ================================================ syntax = "proto3"; package test.common.config; import "google/protobuf/any.proto"; enum PreviousEnum { PREV_DEFAULT = 0; PREV_DEPRECATED_VALUE = 1; PREV_OTHER_VALUE = 2; } enum NextEnum { NEXT_DEFAULT = 0; reserved 1; NEXT_OTHER_VALUE = 2; } message PreviousVersion { // Singleton scalars. string string_field = 1; bytes bytes_field = 2; int32 int32_field = 3; int64 int64_field = 4; uint32 uint32_field = 5; uint64 uint64_field = 6; double double_field = 7; float float_field = 8; bool bool_field = 9; PreviousEnum enum_field = 10; // Singleton nested message. message PreviousVersionNested { google.protobuf.Any any_field = 1; } PreviousVersionNested nested_field = 11; // Repeated entities. repeated string repeated_scalar_field = 12; repeated PreviousVersionNested repeated_nested_field = 13; // Deprecations. uint32 deprecated_field = 14 [deprecated = true]; PreviousEnum enum_field_with_deprecated_value = 15; } message NextVersion { // Singleton scalars. string string_field = 1; bytes bytes_field = 2; int32 int32_field = 3; int64 int64_field = 4; uint32 uint32_field = 5; uint64 uint64_field = 6; double double_field = 7; float float_field = 8; bool bool_field = 9; PreviousEnum enum_field = 10; // Singleton nested message. message NextVersionNested { google.protobuf.Any any_field = 1; } NextVersionNested nested_field = 11; // Repeated entities. repeated string repeated_scalar_field = 12; repeated NextVersionNested repeated_nested_field = 13; // Deprecations. reserved 14; NextEnum enum_field_with_deprecated_value = 15; message NewMessageInThisVerion { } // New message present in this version but not PreviousVersion. NewMessageInThisVerion new_message_in_this_version = 16; } ================================================ FILE: test/common/config/version_converter_test.cc ================================================ #include "envoy/api/v2/cluster.pb.h" #include "envoy/api/v2/discovery.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/config/api_version.h" #include "common/config/version_converter.h" #include "common/protobuf/well_known.h" #include "test/common/config/version_converter.pb.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Config { namespace { bool hasOriginalTypeInformation(const Protobuf::Message& message) { const Protobuf::Reflection* reflection = message.GetReflection(); const auto& unknown_field_set = reflection->GetUnknownFields(message); for (int i = 0; i < unknown_field_set.field_count(); ++i) { const auto& unknown_field = unknown_field_set.field(i); if (unknown_field.number() == ProtobufWellKnown::OriginalTypeFieldNumber) { return true; } } return false; } // Wire-style upgrading between versions. TEST(VersionConverterTest, Upgrade) { // Create a v2 Cluster message with some fields set. API_NO_BOOST(envoy::api::v2::Cluster) source; source.add_hosts(); source.mutable_load_assignment()->set_cluster_name("bar"); source.mutable_eds_cluster_config()->set_service_name("foo"); source.set_drain_connections_on_host_removal(true); // Upgrade to a v3 Cluster. API_NO_BOOST(envoy::config::cluster::v3::Cluster) dst; VersionConverter::upgrade(source, dst); // Verify fields in v3 Cluster. EXPECT_TRUE(hasOriginalTypeInformation(dst)); EXPECT_FALSE(dst.hidden_envoy_deprecated_hosts().empty()); EXPECT_FALSE(hasOriginalTypeInformation(dst.hidden_envoy_deprecated_hosts(0))); EXPECT_EQ("bar", dst.load_assignment().cluster_name()); EXPECT_FALSE(hasOriginalTypeInformation(dst.load_assignment())); EXPECT_EQ("foo", dst.eds_cluster_config().service_name()); EXPECT_TRUE(hasOriginalTypeInformation(dst.eds_cluster_config())); EXPECT_TRUE(dst.ignore_health_on_host_removal()); // Recover a v2 Cluster from the v3 Cluster using original type information. auto original_dynamic_msg = VersionConverter::recoverOriginal(dst); const auto& original_msg = *original_dynamic_msg->msg_; EXPECT_EQ("envoy.api.v2.Cluster", original_msg.GetDescriptor()->full_name()); // Ensure that we erased any original type information and have the original // message. EXPECT_THAT(original_msg, ProtoEq(source)); // Verify that sub-messages work with VersionConverter::recoverOriginal, i.e. // we are propagating original type information. auto original_dynamic_sub_msg = VersionConverter::recoverOriginal(dst.eds_cluster_config()); const auto& original_sub_msg = *original_dynamic_sub_msg->msg_; EXPECT_THAT(original_sub_msg, ProtoEq(source.eds_cluster_config())); } // Empty upgrade between version_converter.proto entities. TODO(htuch): consider migrating all the // upgrades in this test to version_converter.proto to reduce dependence on APIs that will be // removed at EOY. TEST(VersionConverterProto, UpgradeNextVersion) { test::common::config::PreviousVersion source; test::common::config::NextVersion dst; VersionConverter::upgrade(source, dst); } // Bad UTF-8 can fail wire cast during upgrade. TEST(VersionConverterTest, UpgradeException) { API_NO_BOOST(envoy::api::v2::Cluster) source; source.mutable_eds_cluster_config()->set_service_name("UPST128\tAM_HO\001\202\247ST"); API_NO_BOOST(envoy::config::cluster::v3::Cluster) dst; EXPECT_THROW_WITH_MESSAGE(VersionConverter::upgrade(source, dst), EnvoyException, "Unable to deserialize during wireCast()"); } // Verify that VersionUtil::scrubHiddenEnvoyDeprecated recursively scrubs any // deprecated fields. TEST(VersionConverterTest, ScrubHiddenEnvoyDeprecated) { API_NO_BOOST(envoy::config::cluster::v3::Cluster) msg; msg.set_name("foo"); msg.mutable_hidden_envoy_deprecated_tls_context(); EXPECT_TRUE(msg.has_hidden_envoy_deprecated_tls_context()); msg.mutable_load_balancing_policy()->add_policies()->mutable_hidden_envoy_deprecated_config(); EXPECT_TRUE(msg.load_balancing_policy().policies(0).has_hidden_envoy_deprecated_config()); VersionUtil::scrubHiddenEnvoyDeprecated(msg); EXPECT_EQ("foo", msg.name()); EXPECT_FALSE(msg.has_hidden_envoy_deprecated_tls_context()); EXPECT_FALSE(msg.load_balancing_policy().policies(0).has_hidden_envoy_deprecated_config()); } // Validate that we can sensibly provide a JSON wire interpretation of messages // such as DiscoveryRequest based on transport API version. TEST(VersionConverter, GetJsonStringFromMessage) { API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) discovery_request; discovery_request.mutable_node()->set_hidden_envoy_deprecated_build_version("foo"); discovery_request.mutable_node()->set_user_agent_name("bar"); const std::string v2_discovery_request = VersionConverter::getJsonStringFromMessage( discovery_request, envoy::config::core::v3::ApiVersion::V2); EXPECT_EQ("{\"node\":{\"build_version\":\"foo\",\"user_agent_name\":\"bar\"}}", v2_discovery_request); const std::string auto_discovery_request = VersionConverter::getJsonStringFromMessage( discovery_request, envoy::config::core::v3::ApiVersion::AUTO); EXPECT_EQ("{\"node\":{\"build_version\":\"foo\",\"user_agent_name\":\"bar\"}}", auto_discovery_request); const std::string v3_discovery_request = VersionConverter::getJsonStringFromMessage( discovery_request, envoy::config::core::v3::ApiVersion::V3); EXPECT_EQ("{\"node\":{\"user_agent_name\":\"bar\"}}", v3_discovery_request); } bool hasUnknownFields(const Protobuf::Message& message) { const Protobuf::Reflection* reflection = message.GetReflection(); const auto& unknown_field_set = reflection->GetUnknownFields(message); return !unknown_field_set.empty(); } // Validate that we can sensibly provide a gRPC wire interpretation of messages // such as DiscoveryRequest based on transport API version. TEST(VersionConverter, PrepareMessageForGrpcWire) { API_NO_BOOST(envoy::api::v2::core::Node) v2_node; v2_node.set_build_version("foo"); v2_node.set_user_agent_name("bar"); API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) discovery_request; discovery_request.mutable_node()->set_hidden_envoy_deprecated_build_version("foo"); VersionConverter::upgrade(v2_node, *discovery_request.mutable_node()); { API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) discovery_request_copy; discovery_request_copy.MergeFrom(discovery_request); VersionConverter::prepareMessageForGrpcWire(discovery_request_copy, envoy::config::core::v3::ApiVersion::V2); API_NO_BOOST(envoy::api::v2::DiscoveryRequest) v2_discovery_request; EXPECT_TRUE(v2_discovery_request.ParseFromString(discovery_request_copy.SerializeAsString())); EXPECT_EQ("foo", v2_discovery_request.node().build_version()); EXPECT_FALSE(hasUnknownFields(v2_discovery_request.node())); } { API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) discovery_request_copy; discovery_request_copy.MergeFrom(discovery_request); VersionConverter::prepareMessageForGrpcWire(discovery_request_copy, envoy::config::core::v3::ApiVersion::AUTO); API_NO_BOOST(envoy::api::v2::DiscoveryRequest) auto_discovery_request; EXPECT_TRUE(auto_discovery_request.ParseFromString(discovery_request_copy.SerializeAsString())); EXPECT_EQ("foo", auto_discovery_request.node().build_version()); EXPECT_FALSE(hasUnknownFields(auto_discovery_request.node())); } { API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) discovery_request_copy; discovery_request_copy.MergeFrom(discovery_request); VersionConverter::prepareMessageForGrpcWire(discovery_request_copy, envoy::config::core::v3::ApiVersion::V3); API_NO_BOOST(envoy::service::discovery::v3::DiscoveryRequest) v3_discovery_request; EXPECT_TRUE(v3_discovery_request.ParseFromString(discovery_request_copy.SerializeAsString())); EXPECT_EQ("", v3_discovery_request.node().hidden_envoy_deprecated_build_version()); EXPECT_FALSE(hasUnknownFields(v3_discovery_request.node())); } } // Downgrading to an earlier version (where it exists). TEST(VersionConverterTest, DowngradeEarlier) { API_NO_BOOST(envoy::config::cluster::v3::Cluster) source; source.set_ignore_health_on_host_removal(true); auto downgraded = VersionConverter::downgrade(source); const Protobuf::Descriptor* desc = downgraded->msg_->GetDescriptor(); const Protobuf::Reflection* reflection = downgraded->msg_->GetReflection(); EXPECT_EQ("envoy.api.v2.Cluster", desc->full_name()); EXPECT_EQ(true, reflection->GetBool(*downgraded->msg_, desc->FindFieldByName("drain_connections_on_host_removal"))); } // Downgrading is idempotent if no earlier version. TEST(VersionConverterTest, DowngradeSame) { API_NO_BOOST(envoy::api::v2::Cluster) source; source.set_drain_connections_on_host_removal(true); auto downgraded = VersionConverter::downgrade(source); const Protobuf::Descriptor* desc = downgraded->msg_->GetDescriptor(); const Protobuf::Reflection* reflection = downgraded->msg_->GetReflection(); EXPECT_EQ("envoy.api.v2.Cluster", desc->full_name()); EXPECT_EQ(true, reflection->GetBool(*downgraded->msg_, desc->FindFieldByName("drain_connections_on_host_removal"))); } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/config/watch_map_test.cc ================================================ #include #include "envoy/common/exception.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/config/watch_map.h" #include "test/mocks/config/mocks.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using ::testing::_; using ::testing::AtMost; using ::testing::Invoke; using ::testing::InvokeWithoutArgs; using ::testing::NiceMock; namespace Envoy { namespace Config { namespace { void expectDeltaUpdate( MockSubscriptionCallbacks& callbacks, const std::vector& expected_resources, const std::vector& expected_removals, const std::string& version) { EXPECT_CALL(callbacks, onConfigUpdate(_, _, _)) .WillOnce(Invoke([expected_resources, expected_removals, version](const std::vector& gotten_resources, const Protobuf::RepeatedPtrField& removed_resources, const std::string&) { EXPECT_EQ(expected_resources.size(), gotten_resources.size()); for (size_t i = 0; i < expected_resources.size(); i++) { EXPECT_EQ(gotten_resources[i].get().version(), version); EXPECT_TRUE( TestUtility::protoEqual(gotten_resources[i].get().resource(), expected_resources[i])); } EXPECT_EQ(expected_removals.size(), removed_resources.size()); for (size_t i = 0; i < expected_removals.size(); i++) { EXPECT_EQ(expected_removals[i], removed_resources[i]); } })); } // expectDeltaAndSotwUpdate() EXPECTs two birds with one function call: we want to cover both SotW // and delta, which, while mechanically different, can behave identically for our testing purposes. // Specifically, as a simplification for these tests, every still-present resource is updated in // every update. Therefore, a resource can never show up in the SotW update but not the delta // update. We can therefore use the same expected_resources for both. void expectDeltaAndSotwUpdate( MockSubscriptionCallbacks& callbacks, const std::vector& expected_resources, const std::vector& expected_removals, const std::string& version) { EXPECT_CALL(callbacks, onConfigUpdate(_, version)) .WillOnce(Invoke([expected_resources](const std::vector& gotten_resources, const std::string&) { EXPECT_EQ(expected_resources.size(), gotten_resources.size()); for (size_t i = 0; i < expected_resources.size(); i++) { EXPECT_TRUE( TestUtility::protoEqual(gotten_resources[i].get().resource(), expected_resources[i])); } })); expectDeltaUpdate(callbacks, expected_resources, expected_removals, version); } void expectNoUpdate(MockSubscriptionCallbacks& callbacks, const std::string& version) { EXPECT_CALL(callbacks, onConfigUpdate(_, version)).Times(0); EXPECT_CALL(callbacks, onConfigUpdate(_, _, version)).Times(0); } void expectEmptySotwNoDeltaUpdate(MockSubscriptionCallbacks& callbacks, const std::string& version) { EXPECT_CALL(callbacks, onConfigUpdate(_, version)) .WillOnce(Invoke([](const std::vector& gotten_resources, const std::string&) { EXPECT_EQ(gotten_resources.size(), 0); })); EXPECT_CALL(callbacks, onConfigUpdate(_, _, version)).Times(0); } Protobuf::RepeatedPtrField wrapInResource(const Protobuf::RepeatedPtrField& anys, const std::string& version) { Protobuf::RepeatedPtrField ret; for (const auto& a : anys) { envoy::config::endpoint::v3::ClusterLoadAssignment cur_endpoint; a.UnpackTo(&cur_endpoint); auto* cur_resource = ret.Add(); cur_resource->set_name(cur_endpoint.cluster_name()); cur_resource->mutable_resource()->CopyFrom(a); cur_resource->set_version(version); } return ret; } void doDeltaUpdate(WatchMap& watch_map, const Protobuf::RepeatedPtrField& sotw_resources, const std::vector& removed_names, const std::string& version) { Protobuf::RepeatedPtrField delta_resources = wrapInResource(sotw_resources, version); Protobuf::RepeatedPtrField removed_names_proto; for (const auto& n : removed_names) { *removed_names_proto.Add() = n; } watch_map.onConfigUpdate(delta_resources, removed_names_proto, version); } // Similar to expectDeltaAndSotwUpdate(), but making the onConfigUpdate() happen, rather than // EXPECT-ing it. void doDeltaAndSotwUpdate(WatchMap& watch_map, const Protobuf::RepeatedPtrField& sotw_resources, const std::vector& removed_names, const std::string& version) { watch_map.onConfigUpdate(sotw_resources, version); doDeltaUpdate(watch_map, sotw_resources, removed_names, version); } // Tests the simple case of a single watch. Checks that the watch will not be told of updates to // resources it doesn't care about. Checks that the watch can later decide it does care about them, // and then receive subsequent updates to them. TEST(WatchMapTest, Basic) { MockSubscriptionCallbacks callbacks; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); Watch* watch = watch_map.addWatch(callbacks, resource_decoder); { // nothing is interested, so become wildcard watch // should callback with empty resource expectDeltaAndSotwUpdate(callbacks, {}, {}, "version1"); doDeltaAndSotwUpdate(watch_map, {}, {}, "version1"); } { // The watch is interested in Alice and Bob... std::set update_to({"alice", "bob"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch, update_to); EXPECT_EQ(update_to, added_removed.added_); EXPECT_TRUE(added_removed.removed_.empty()); // ...the update is going to contain Bob and Carol... Protobuf::RepeatedPtrField updated_resources; envoy::config::endpoint::v3::ClusterLoadAssignment bob; bob.set_cluster_name("bob"); updated_resources.Add()->PackFrom(bob); envoy::config::endpoint::v3::ClusterLoadAssignment carol; carol.set_cluster_name("carol"); updated_resources.Add()->PackFrom(carol); // ...so the watch should receive only Bob. std::vector expected_resources; expected_resources.push_back(bob); expectDeltaAndSotwUpdate(callbacks, expected_resources, {}, "version1"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version1"); } { // The watch is now interested in Bob, Carol, Dave, Eve... std::set update_to({"bob", "carol", "dave", "eve"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch, update_to); EXPECT_EQ(std::set({"carol", "dave", "eve"}), added_removed.added_); EXPECT_EQ(std::set({"alice"}), added_removed.removed_); // ...the update is going to contain Alice, Carol, Dave... Protobuf::RepeatedPtrField updated_resources; envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); updated_resources.Add()->PackFrom(alice); envoy::config::endpoint::v3::ClusterLoadAssignment carol; carol.set_cluster_name("carol"); updated_resources.Add()->PackFrom(carol); envoy::config::endpoint::v3::ClusterLoadAssignment dave; dave.set_cluster_name("dave"); updated_resources.Add()->PackFrom(dave); // ...so the watch should receive only Carol and Dave. std::vector expected_resources; expected_resources.push_back(carol); expected_resources.push_back(dave); expectDeltaAndSotwUpdate(callbacks, expected_resources, {"bob"}, "version2"); doDeltaAndSotwUpdate(watch_map, updated_resources, {"bob"}, "version2"); } } // Checks the following: // First watch on a resource name ==> updateWatchInterest() returns "add it to subscription" // Second watch on that name ==> updateWatchInterest() returns nothing about that name // Original watch loses interest ==> nothing // Second watch also loses interest ==> "remove it from subscription" // NOTE: we need the resource name "dummy" to keep either watch from ever having no names watched, // which is treated as interest in all names. TEST(WatchMapTest, Overlap) { MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); Watch* watch1 = watch_map.addWatch(callbacks1, resource_decoder); Watch* watch2 = watch_map.addWatch(callbacks2, resource_decoder); Protobuf::RepeatedPtrField updated_resources; envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); updated_resources.Add()->PackFrom(alice); // First watch becomes interested. { std::set update_to({"alice", "dummy"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch1, update_to); EXPECT_EQ(update_to, added_removed.added_); // add to subscription EXPECT_TRUE(added_removed.removed_.empty()); watch_map.updateWatchInterest(watch2, {"dummy"}); // *Only* first watch receives update. expectDeltaAndSotwUpdate(callbacks1, {alice}, {}, "version1"); expectNoUpdate(callbacks2, "version1"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version1"); } // Second watch becomes interested. { std::set update_to({"alice", "dummy"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch2, update_to); EXPECT_TRUE(added_removed.added_.empty()); // nothing happens EXPECT_TRUE(added_removed.removed_.empty()); // Both watches receive update. expectDeltaAndSotwUpdate(callbacks1, {alice}, {}, "version2"); expectDeltaAndSotwUpdate(callbacks2, {alice}, {}, "version2"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version2"); } // First watch loses interest. { AddedRemoved added_removed = watch_map.updateWatchInterest(watch1, {"dummy"}); EXPECT_TRUE(added_removed.added_.empty()); // nothing happens EXPECT_TRUE(added_removed.removed_.empty()); // Both watches receive the update. For watch2, this is obviously desired. expectDeltaAndSotwUpdate(callbacks2, {alice}, {}, "version3"); // For watch1, it's more subtle: the WatchMap sees that this update has no // resources watch1 cares about, but also knows that watch1 previously had // some resources. So, it must inform watch1 that it now has no resources. // (SotW only: delta's explicit removals avoid the need for this guessing.) expectEmptySotwNoDeltaUpdate(callbacks1, "version3"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version3"); } // Second watch loses interest. { AddedRemoved added_removed = watch_map.updateWatchInterest(watch2, {"dummy"}); EXPECT_TRUE(added_removed.added_.empty()); EXPECT_EQ(std::set({"alice"}), added_removed.removed_); // remove from subscription } } // These are regression tests for #11877, validate that when two watches point at the same // watched resource, and an update to one of the watches removes one or both of them, that // WatchMap defers deletes and doesn't crash. class SameWatchRemoval : public testing::Test { public: SameWatchRemoval() : watch_map_(false) {} void SetUp() override { envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); updated_resources_.Add()->PackFrom(alice); watch1_ = watch_map_.addWatch(callbacks1_, resource_decoder_); watch2_ = watch_map_.addWatch(callbacks2_, resource_decoder_); watch_map_.updateWatchInterest(watch1_, {"alice"}); watch_map_.updateWatchInterest(watch2_, {"alice"}); } void removeAllInterest() { ASSERT_FALSE(watch_cb_invoked_); watch_cb_invoked_ = true; watch_map_.removeWatch(watch1_); watch_map_.removeWatch(watch2_); } TestUtility::TestOpaqueResourceDecoderImpl resource_decoder_{"cluster_name"}; WatchMap watch_map_; NiceMock callbacks1_; MockSubscriptionCallbacks callbacks2_; Protobuf::RepeatedPtrField updated_resources_; Watch* watch1_; Watch* watch2_; bool watch_cb_invoked_{}; }; TEST_F(SameWatchRemoval, SameWatchRemovalSotw) { EXPECT_CALL(callbacks1_, onConfigUpdate(_, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); EXPECT_CALL(callbacks2_, onConfigUpdate(_, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); watch_map_.onConfigUpdate(updated_resources_, "version1"); } TEST_F(SameWatchRemoval, SameWatchRemovalDeltaAdd) { Protobuf::RepeatedPtrField delta_resources = wrapInResource(updated_resources_, "version1"); Protobuf::RepeatedPtrField removed_names_proto; EXPECT_CALL(callbacks1_, onConfigUpdate(_, _, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); EXPECT_CALL(callbacks2_, onConfigUpdate(_, _, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); watch_map_.onConfigUpdate(delta_resources, removed_names_proto, "version1"); } TEST_F(SameWatchRemoval, SameWatchRemovalDeltaRemove) { Protobuf::RepeatedPtrField removed_names_proto; *removed_names_proto.Add() = "alice"; EXPECT_CALL(callbacks1_, onConfigUpdate(_, _, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); EXPECT_CALL(callbacks2_, onConfigUpdate(_, _, _)) .Times(AtMost(1)) .WillRepeatedly(InvokeWithoutArgs([this] { removeAllInterest(); })); watch_map_.onConfigUpdate({}, removed_names_proto, "version1"); } // Checks the following: // First watch on a resource name ==> updateWatchInterest() returns "add it to subscription" // Watch loses interest ==> "remove it from subscription" // Second watch on that name ==> "add it to subscription" // NOTE: we need the resource name "dummy" to keep either watch from ever having no names watched, // which is treated as interest in all names. TEST(WatchMapTest, AddRemoveAdd) { MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); Watch* watch1 = watch_map.addWatch(callbacks1, resource_decoder); Watch* watch2 = watch_map.addWatch(callbacks2, resource_decoder); Protobuf::RepeatedPtrField updated_resources; envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); updated_resources.Add()->PackFrom(alice); // First watch becomes interested. { std::set update_to({"alice", "dummy"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch1, update_to); EXPECT_EQ(update_to, added_removed.added_); // add to subscription EXPECT_TRUE(added_removed.removed_.empty()); watch_map.updateWatchInterest(watch2, {"dummy"}); // *Only* first watch receives update. expectDeltaAndSotwUpdate(callbacks1, {alice}, {}, "version1"); expectNoUpdate(callbacks2, "version1"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version1"); } // First watch loses interest. { AddedRemoved added_removed = watch_map.updateWatchInterest(watch1, {"dummy"}); EXPECT_TRUE(added_removed.added_.empty()); EXPECT_EQ(std::set({"alice"}), added_removed.removed_); // remove from subscription // (The xDS client should have responded to updateWatchInterest()'s return value by removing // Alice from the subscription, so onConfigUpdate() calls should be impossible right now.) } // Second watch becomes interested. { std::set update_to({"alice", "dummy"}); AddedRemoved added_removed = watch_map.updateWatchInterest(watch2, update_to); EXPECT_EQ(std::set({"alice"}), added_removed.added_); // add to subscription EXPECT_TRUE(added_removed.removed_.empty()); // Both watches receive the update. For watch2, this is obviously desired. expectDeltaAndSotwUpdate(callbacks2, {alice}, {}, "version2"); // For watch1, it's more subtle: the WatchMap sees that this update has no // resources watch1 cares about, but also knows that watch1 previously had // some resources. So, it must inform watch1 that it now has no resources. // (SotW only: delta's explicit removals avoid the need for this guessing.) expectEmptySotwNoDeltaUpdate(callbacks1, "version2"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version2"); } } // Tests that nothing breaks if an update arrives that we entirely do not care about. TEST(WatchMapTest, UninterestingUpdate) { MockSubscriptionCallbacks callbacks; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); Watch* watch = watch_map.addWatch(callbacks, resource_decoder); watch_map.updateWatchInterest(watch, {"alice"}); Protobuf::RepeatedPtrField alice_update; envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); alice_update.Add()->PackFrom(alice); Protobuf::RepeatedPtrField bob_update; envoy::config::endpoint::v3::ClusterLoadAssignment bob; bob.set_cluster_name("bob"); bob_update.Add()->PackFrom(bob); // We are watching for alice, and an update for just bob arrives. It should be ignored. expectNoUpdate(callbacks, "version1"); doDeltaAndSotwUpdate(watch_map, bob_update, {}, "version1"); ::testing::Mock::VerifyAndClearExpectations(&callbacks); // The server sends an update adding alice and removing bob. We pay attention only to alice. expectDeltaAndSotwUpdate(callbacks, {alice}, {}, "version2"); doDeltaAndSotwUpdate(watch_map, alice_update, {}, "version2"); ::testing::Mock::VerifyAndClearExpectations(&callbacks); // The server sends an update removing alice and adding bob. We pay attention only to alice. expectDeltaAndSotwUpdate(callbacks, {}, {"alice"}, "version3"); doDeltaAndSotwUpdate(watch_map, bob_update, {"alice"}, "version3"); ::testing::Mock::VerifyAndClearExpectations(&callbacks); // Clean removal of the watch: first update to "interested in nothing", then remove. watch_map.updateWatchInterest(watch, {}); watch_map.removeWatch(watch); // Finally, test that calling onConfigUpdate on a map with no watches doesn't break. doDeltaAndSotwUpdate(watch_map, bob_update, {}, "version4"); } // Tests that a watch that specifies no particular resource interest is treated as interested in // everything. TEST(WatchMapTest, WatchingEverything) { MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); /*Watch* watch1 = */ watch_map.addWatch(callbacks1, resource_decoder); Watch* watch2 = watch_map.addWatch(callbacks2, resource_decoder); // watch1 never specifies any names, and so is treated as interested in everything. watch_map.updateWatchInterest(watch2, {"alice"}); Protobuf::RepeatedPtrField updated_resources; envoy::config::endpoint::v3::ClusterLoadAssignment alice; alice.set_cluster_name("alice"); updated_resources.Add()->PackFrom(alice); envoy::config::endpoint::v3::ClusterLoadAssignment bob; bob.set_cluster_name("bob"); updated_resources.Add()->PackFrom(bob); std::vector expected_resources1; expected_resources1.push_back(alice); expected_resources1.push_back(bob); std::vector expected_resources2; expected_resources2.push_back(alice); expectDeltaAndSotwUpdate(callbacks1, expected_resources1, {}, "version1"); expectDeltaAndSotwUpdate(callbacks2, expected_resources2, {}, "version1"); doDeltaAndSotwUpdate(watch_map, updated_resources, {}, "version1"); } // Delta onConfigUpdate has some slightly subtle details with how it handles the three cases where // a watch receives {only updates, updates+removals, only removals} to its resources. This test // exercise those cases. Also, the removal-only case tests that SotW does call a watch's // onConfigUpdate even if none of the watch's interested resources are among the updated // resources. (Which ensures we deliver empty config updates when a resource is dropped.) TEST(WatchMapTest, DeltaOnConfigUpdate) { MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; MockSubscriptionCallbacks callbacks3; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(false); Watch* watch1 = watch_map.addWatch(callbacks1, resource_decoder); Watch* watch2 = watch_map.addWatch(callbacks2, resource_decoder); Watch* watch3 = watch_map.addWatch(callbacks3, resource_decoder); watch_map.updateWatchInterest(watch1, {"updated"}); watch_map.updateWatchInterest(watch2, {"updated", "removed"}); watch_map.updateWatchInterest(watch3, {"removed"}); // First, create the "removed" resource. We want to test SotW being handed an empty // onConfigUpdate. But, if SotW holds no resources, then an update with nothing it cares about // will just not trigger any onConfigUpdate at all. { Protobuf::RepeatedPtrField prepare_removed; envoy::config::endpoint::v3::ClusterLoadAssignment will_be_removed_later; will_be_removed_later.set_cluster_name("removed"); prepare_removed.Add()->PackFrom(will_be_removed_later); expectDeltaAndSotwUpdate(callbacks2, {will_be_removed_later}, {}, "version0"); expectDeltaAndSotwUpdate(callbacks3, {will_be_removed_later}, {}, "version0"); doDeltaAndSotwUpdate(watch_map, prepare_removed, {}, "version0"); } Protobuf::RepeatedPtrField update; envoy::config::endpoint::v3::ClusterLoadAssignment updated; updated.set_cluster_name("updated"); update.Add()->PackFrom(updated); expectDeltaAndSotwUpdate(callbacks1, {updated}, {}, "version1"); // only update expectDeltaAndSotwUpdate(callbacks2, {updated}, {"removed"}, "version1"); // update+remove expectDeltaAndSotwUpdate(callbacks3, {}, {"removed"}, "version1"); // only remove doDeltaAndSotwUpdate(watch_map, update, {"removed"}, "version1"); } TEST(WatchMapTest, OnConfigUpdateFailed) { WatchMap watch_map(false); // calling on empty map doesn't break watch_map.onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, nullptr); MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); watch_map.addWatch(callbacks1, resource_decoder); watch_map.addWatch(callbacks2, resource_decoder); EXPECT_CALL(callbacks1, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, nullptr)); EXPECT_CALL(callbacks2, onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, nullptr)); watch_map.onConfigUpdateFailed(ConfigUpdateFailureReason::UpdateRejected, nullptr); } TEST(WatchMapTest, OnConfigUpdateUsingNamespaces) { MockSubscriptionCallbacks callbacks1; MockSubscriptionCallbacks callbacks2; MockSubscriptionCallbacks callbacks3; TestUtility::TestOpaqueResourceDecoderImpl resource_decoder("cluster_name"); WatchMap watch_map(true); Watch* watch1 = watch_map.addWatch(callbacks1, resource_decoder); Watch* watch2 = watch_map.addWatch(callbacks2, resource_decoder); Watch* watch3 = watch_map.addWatch(callbacks3, resource_decoder); watch_map.updateWatchInterest(watch1, {"ns1"}); watch_map.updateWatchInterest(watch2, {"ns1", "ns2"}); watch_map.updateWatchInterest(watch3, {"ns3"}); // verify update { Protobuf::RepeatedPtrField update; envoy::config::endpoint::v3::ClusterLoadAssignment resource; resource.set_cluster_name("ns1/resource1"); update.Add()->PackFrom(resource); expectDeltaUpdate(callbacks1, {resource}, {}, "version0"); expectDeltaUpdate(callbacks2, {resource}, {}, "version0"); doDeltaUpdate(watch_map, update, {}, "version0"); } // verify removal { Protobuf::RepeatedPtrField update; expectDeltaUpdate(callbacks2, {}, {"ns2/removed"}, "version1"); doDeltaUpdate(watch_map, update, {"ns2/removed"}, "version1"); } // verify a not-found response to an on-demand request: such a response will contain an empty // resource wrapper with the name and aliases fields containing the alias used in the request. { Protobuf::RepeatedPtrField empty_resources; const auto version = "version3"; const auto not_resolved = "ns3/not_resolved"; auto* cur_resource = empty_resources.Add(); cur_resource->set_version(version); cur_resource->set_name(not_resolved); cur_resource->add_aliases(not_resolved); EXPECT_CALL(callbacks3, onConfigUpdate(_, _, _)) .WillOnce(Invoke([not_resolved, version]( const std::vector& gotten_resources, const Protobuf::RepeatedPtrField&, const std::string&) { EXPECT_EQ(1, gotten_resources.size()); EXPECT_EQ(gotten_resources[0].get().version(), version); EXPECT_FALSE(gotten_resources[0].get().hasResource()); EXPECT_EQ(gotten_resources[0].get().name(), not_resolved); EXPECT_EQ(gotten_resources[0].get().aliases(), std::vector{not_resolved}); })); Protobuf::RepeatedPtrField removed_names_proto; watch_map.onConfigUpdate(empty_resources, removed_names_proto, "version2"); } } } // namespace } // namespace Config } // namespace Envoy ================================================ FILE: test/common/conn_pool/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "conn_pool_base_test", srcs = ["conn_pool_base_test.cc"], deps = [ "//source/common/conn_pool:conn_pool_base_lib", "//source/common/event:dispatcher_lib", "//test/common/upstream:utility_lib", "//test/mocks/event:event_mocks", "//test/mocks/upstream:cluster_info_mocks", "//test/mocks/upstream:upstream_mocks", ], ) ================================================ FILE: test/common/conn_pool/conn_pool_base_test.cc ================================================ #include "common/conn_pool/conn_pool_base.h" #include "test/common/upstream/utility.h" #include "test/mocks/event/mocks.h" #include "test/mocks/upstream/cluster_info.h" #include "test/mocks/upstream/host.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace ConnectionPool { using testing::AnyNumber; using testing::InvokeWithoutArgs; using testing::Return; class TestActiveClient : public ActiveClient { public: using ActiveClient::ActiveClient; void close() override { onEvent(Network::ConnectionEvent::LocalClose); } uint64_t id() const override { return 1; } bool closingWithIncompleteStream() const override { return false; } size_t numActiveStreams() const override { return 1; } }; class TestPendingStream : public PendingStream { public: TestPendingStream(ConnPoolImplBase& parent, AttachContext& context) : PendingStream(parent), context_(context) {} AttachContext& context() override { return context_; } AttachContext& context_; }; class TestConnPoolImplBase : public ConnPoolImplBase { public: using ConnPoolImplBase::ConnPoolImplBase; ConnectionPool::Cancellable* newPendingStream(AttachContext& context) override { auto entry = std::make_unique(*this, context); LinkedList::moveIntoList(std::move(entry), pending_streams_); return pending_streams_.front().get(); } MOCK_METHOD(ActiveClientPtr, instantiateActiveClient, ()); MOCK_METHOD(void, onPoolFailure, (const Upstream::HostDescriptionConstSharedPtr& n, absl::string_view, ConnectionPool::PoolFailureReason, AttachContext&)); MOCK_METHOD(void, onPoolReady, (ActiveClient&, AttachContext&)); }; class ConnPoolImplBaseTest : public testing::Test { public: ConnPoolImplBaseTest() : pool_(host_, Upstream::ResourcePriority::Default, dispatcher_, nullptr, nullptr) { // Default connections to 1024 because the tests shouldn't be relying on the // connection resource limit for most tests. cluster_->resetResourceManager(1024, 1024, 1024, 1, 1); ON_CALL(pool_, instantiateActiveClient).WillByDefault(Invoke([&]() -> ActiveClientPtr { auto ret = std::make_unique(pool_, stream_limit_, concurrent_streams_); clients_.push_back(ret.get()); ret->real_host_description_ = descr_; return ret; })); } uint32_t stream_limit_ = 100; uint32_t concurrent_streams_ = 1; std::shared_ptr> descr_{ new NiceMock()}; std::shared_ptr cluster_{new NiceMock()}; Upstream::HostSharedPtr host_{Upstream::makeTestHost(cluster_, "tcp://127.0.0.1:80")}; NiceMock dispatcher_; TestConnPoolImplBase pool_; AttachContext context_; std::vector clients_; }; TEST_F(ConnPoolImplBaseTest, BasicPrefetch) { // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); // On new stream, create 2 connections. EXPECT_CALL(pool_, instantiateActiveClient).Times(2); auto cancelable = pool_.newStream(context_); cancelable->cancel(ConnectionPool::CancelPolicy::CloseExcess); pool_.destructAllConnections(); } TEST_F(ConnPoolImplBaseTest, PrefetchOnDisconnect) { testing::InSequence s; // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); // On new stream, create 2 connections. EXPECT_CALL(pool_, instantiateActiveClient).Times(2); pool_.newStream(context_); // If a connection fails, existing connections are purged. If a retry causes // a new stream, make sure we create the correct number of connections. EXPECT_CALL(pool_, onPoolFailure).WillOnce(InvokeWithoutArgs([&]() -> void { pool_.newStream(context_); })); EXPECT_CALL(pool_, instantiateActiveClient).Times(1); clients_[0]->close(); EXPECT_CALL(pool_, onPoolFailure); pool_.destructAllConnections(); } TEST_F(ConnPoolImplBaseTest, NoPrefetchIfUnhealthy) { // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); host_->healthFlagSet(Upstream::Host::HealthFlag::FAILED_ACTIVE_HC); EXPECT_EQ(host_->health(), Upstream::Host::Health::Unhealthy); // On new stream, create 1 connection. EXPECT_CALL(pool_, instantiateActiveClient).Times(1); auto cancelable = pool_.newStream(context_); cancelable->cancel(ConnectionPool::CancelPolicy::CloseExcess); pool_.destructAllConnections(); } TEST_F(ConnPoolImplBaseTest, NoPrefetchIfDegraded) { // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); EXPECT_EQ(host_->health(), Upstream::Host::Health::Healthy); host_->healthFlagSet(Upstream::Host::HealthFlag::DEGRADED_EDS_HEALTH); EXPECT_EQ(host_->health(), Upstream::Host::Health::Degraded); // On new stream, create 1 connection. EXPECT_CALL(pool_, instantiateActiveClient).Times(1); auto cancelable = pool_.newStream(context_); cancelable->cancel(ConnectionPool::CancelPolicy::CloseExcess); pool_.destructAllConnections(); } TEST_F(ConnPoolImplBaseTest, ExplicitPrefetch) { // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); EXPECT_CALL(pool_, instantiateActiveClient).Times(AnyNumber()); // With global prefetch off, we won't prefetch. EXPECT_FALSE(pool_.maybePrefetch(0)); // With prefetch ratio of 1.1, we'll prefetch two connections. // Currently, no number of subsequent calls to prefetch will increase that. EXPECT_TRUE(pool_.maybePrefetch(1.1)); EXPECT_TRUE(pool_.maybePrefetch(1.1)); EXPECT_FALSE(pool_.maybePrefetch(1.1)); // With a higher prefetch ratio, more connections may be prefetched. EXPECT_TRUE(pool_.maybePrefetch(3)); pool_.destructAllConnections(); } TEST_F(ConnPoolImplBaseTest, ExplicitPrefetchNotHealthy) { // Create more than one connection per new stream. ON_CALL(*cluster_, perUpstreamPrefetchRatio).WillByDefault(Return(1.5)); // Prefetch won't occur if the host is not healthy. host_->healthFlagSet(Upstream::Host::HealthFlag::DEGRADED_EDS_HEALTH); EXPECT_FALSE(pool_.maybePrefetch(1)); } } // namespace ConnectionPool } // namespace Envoy ================================================ FILE: test/common/crypto/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "utility_test", srcs = [ "utility_test.cc", ], external_deps = [ "ssl", ], deps = [ "//source/common/buffer:buffer_lib", "//source/common/common:hex_lib", "//source/common/crypto:utility_lib", "//source/extensions/common/crypto:utility_lib", ], ) envoy_proto_library( name = "verify_signature_fuzz_proto", srcs = ["verify_signature_fuzz.proto"], ) envoy_cc_fuzz_test( name = "get_sha_256_digest_fuzz_test", srcs = ["get_sha_256_digest_fuzz_test.cc"], corpus = "get_sha_256_digest_corpus", deps = ["//source/extensions/common/crypto:utility_lib"], ) envoy_cc_fuzz_test( name = "verify_signature_fuzz_test", srcs = ["verify_signature_fuzz_test.cc"], corpus = "verify_signature_corpus", dictionaries = ["verify_signature_fuzz_test.dict"], deps = [ ":verify_signature_fuzz_proto_cc_proto", "//source/common/common:hex_lib", "//source/common/crypto:utility_lib", "//source/extensions/common/crypto:utility_lib", ], ) ================================================ FILE: test/common/crypto/get_sha_256_digest_fuzz_test.cc ================================================ #include "common/buffer/buffer_impl.h" #include "common/crypto/utility.h" #include "test/fuzz/fuzz_runner.h" namespace Envoy { namespace Fuzz { DEFINE_FUZZER(const uint8_t* buf, size_t len) { Buffer::OwnedImpl buffer(buf, len); auto digest = Common::Crypto::UtilitySingleton::get().getSha256Digest(buffer); } } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/crypto/utility_test.cc ================================================ #include "common/buffer/buffer_impl.h" #include "common/common/hex.h" #include "common/crypto/utility.h" #include "extensions/common/crypto/crypto_impl.h" #include "gtest/gtest.h" namespace Envoy { namespace Common { namespace Crypto { namespace { TEST(UtilityTest, TestSha256Digest) { const Buffer::OwnedImpl buffer("test data"); const auto digest = UtilitySingleton::get().getSha256Digest(buffer); EXPECT_EQ("916f0027a575074ce72a331777c3478d6513f786a591bd892da1a577bf2335f9", Hex::encode(digest)); } TEST(UtilityTest, TestSha256DigestWithEmptyBuffer) { const Buffer::OwnedImpl buffer; const auto digest = UtilitySingleton::get().getSha256Digest(buffer); EXPECT_EQ("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", Hex::encode(digest)); } TEST(UtilityTest, TestSha256DigestGrowingBuffer) { // Adding multiple slices to the buffer Buffer::OwnedImpl buffer("slice 1"); auto digest = UtilitySingleton::get().getSha256Digest(buffer); EXPECT_EQ("76571770bb46bdf51e1aba95b23c681fda27f6ae56a8a90898a4cb7556e19dcb", Hex::encode(digest)); buffer.add("slice 2"); digest = UtilitySingleton::get().getSha256Digest(buffer); EXPECT_EQ("290b462b0fe5edcf6b8532de3ca70da8ab77937212042bb959192ec6c9f95b9a", Hex::encode(digest)); buffer.add("slice 3"); digest = UtilitySingleton::get().getSha256Digest(buffer); EXPECT_EQ("29606bbf02fdc40007cdf799de36d931e3587dafc086937efd6599a4ea9397aa", Hex::encode(digest)); } TEST(UtilityTest, TestSha256Hmac) { const std::string key = "key"; auto hmac = UtilitySingleton::get().getSha256Hmac(std::vector(key.begin(), key.end()), "test data"); EXPECT_EQ("087d9eb992628854842ca4dbf790f8164c80355c1e78b72789d830334927a84c", Hex::encode(hmac)); } TEST(UtilityTest, TestSha256HmacWithEmptyArguments) { auto hmac = UtilitySingleton::get().getSha256Hmac(std::vector(), ""); EXPECT_EQ("b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad", Hex::encode(hmac)); } TEST(UtilityTest, TestImportPublicKey) { auto key = "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a7471266d01d160308d" "73409c06f2e8d35c531c458d3e480e9f3191847d062ec5ccff7bc51e949d5f2c3540c189a4eca1e8633a6" "2cf2d0923101c27e38013e71de9ae91a704849bff7fbe2ce5bf4bd666fd9731102a53193fe5a9a5a50644" "ff8b1183fa897646598caad22a37f9544510836372b44c58c98586fb7144629cd8c9479592d996d32ff6d" "395c0b8442ec5aa1ef8051529ea0e375883cefc72c04e360b4ef8f5760650589ca814918f678eee39b884" "d5af8136a9630a6cc0cde157dc8e00f39540628d5f335b2c36c54c7c8bc3738a6b21acff815405afa28e5" "183f550dac19abcf1145a7f9ced987db680e4a229cac75dee347ec9ebce1fc3dbbbb0203010001"; Common::Crypto::CryptoObjectPtr crypto_ptr( Common::Crypto::UtilitySingleton::get().importPublicKey(Hex::decode(key))); auto wrapper = Common::Crypto::Access::getTyped(*crypto_ptr); EVP_PKEY* pkey = wrapper->getEVP_PKEY(); EXPECT_NE(nullptr, pkey); key = "badkey"; crypto_ptr = Common::Crypto::UtilitySingleton::get().importPublicKey(Hex::decode(key)); wrapper = Common::Crypto::Access::getTyped(*crypto_ptr); pkey = wrapper->getEVP_PKEY(); EXPECT_EQ(nullptr, pkey); } TEST(UtilityTest, TestVerifySignature) { auto key = "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a7471266d01d160308d" "73409c06f2e8d35c531c458d3e480e9f3191847d062ec5ccff7bc51e949d5f2c3540c189a4eca1e8633a6" "2cf2d0923101c27e38013e71de9ae91a704849bff7fbe2ce5bf4bd666fd9731102a53193fe5a9a5a50644" "ff8b1183fa897646598caad22a37f9544510836372b44c58c98586fb7144629cd8c9479592d996d32ff6d" "395c0b8442ec5aa1ef8051529ea0e375883cefc72c04e360b4ef8f5760650589ca814918f678eee39b884" "d5af8136a9630a6cc0cde157dc8e00f39540628d5f335b2c36c54c7c8bc3738a6b21acff815405afa28e5" "183f550dac19abcf1145a7f9ced987db680e4a229cac75dee347ec9ebce1fc3dbbbb0203010001"; auto hash_func = "sha256"; auto signature = "345ac3a167558f4f387a81c2d64234d901a7ceaa544db779d2f797b0ea4ef851b740905a63e2f4d5af42cee093a2" "9c7155db9a63d3d483e0ef948f5ac51ce4e10a3a6606fd93ef68ee47b30c37491103039459122f78e1c7ea71a1a5" "ea24bb6519bca02c8c9915fe8be24927c91812a13db72dbcb500103a79e8f67ff8cb9e2a631974e0668ab3977bf5" "70a91b67d1b6bcd5dce84055f21427d64f4256a042ab1dc8e925d53a769f6681a873f5859693a7728fcbe95beace" "1563b5ffbcd7c93b898aeba31421dafbfadeea50229c49fd6c445449314460f3d19150bd29a91333beaced557ed6" "295234f7c14fa46303b7e977d2c89ba8a39a46a35f33eb07a332"; auto data = "hello"; Common::Crypto::CryptoObjectPtr crypto_ptr( Common::Crypto::UtilitySingleton::get().importPublicKey(Hex::decode(key))); Common::Crypto::CryptoObject* crypto(crypto_ptr.get()); std::vector text(data, data + strlen(data)); auto sig = Hex::decode(signature); auto result = UtilitySingleton::get().verifySignature(hash_func, *crypto, sig, text); EXPECT_EQ(true, result.result_); EXPECT_EQ("", result.error_message_); result = UtilitySingleton::get().verifySignature("unknown", *crypto, sig, text); EXPECT_EQ(false, result.result_); EXPECT_EQ("unknown is not supported.", result.error_message_); auto empty_crypto = std::make_unique(); result = UtilitySingleton::get().verifySignature(hash_func, *empty_crypto, sig, text); EXPECT_EQ(false, result.result_); EXPECT_EQ("Failed to initialize digest verify.", result.error_message_); data = "baddata"; text = std::vector(data, data + strlen(data)); result = UtilitySingleton::get().verifySignature(hash_func, *crypto, sig, text); EXPECT_EQ(false, result.result_); EXPECT_EQ("Failed to verify digest. Error code: 0", result.error_message_); data = "hello"; text = std::vector(data, data + strlen(data)); result = UtilitySingleton::get().verifySignature(hash_func, *crypto, Hex::decode("000000"), text); EXPECT_EQ(false, result.result_); EXPECT_EQ("Failed to verify digest. Error code: 0", result.error_message_); } } // namespace } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: test/common/crypto/verify_signature_corpus/test_contains_sha1_wrong ================================================ key: "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a7471266d01d160308d73409c06f2e8d35c531c458d3e480e9f3191847d062ec5ccff7bc51e949d5f2c3540c189a4eca1e8633a62cf2d0923101c27e38013e71de9ae91a704849bff7fbe2ce5bf4bd666fd9731102a53193fe5a9a5a50644ff8b1183fa897646598caad22a37f9544510836372b44c58c98586fb7144629cd8c9479592d996d32ff6d395c0b8442ec5aa1ef8051529ea0e375883cefc72c04e360b4ef8f5760650589ca814918f678eee39b884d5af8136a9630a6cc0cde157dc8e00f39540628d5f335b2c36c54c7c8bc3738a6b21acff815405afa28e5183f550dac19abcf1145a7f9ced987db680e4a229cac75dee347ec9ebce1fc3dbbbb0203010001" hash_func: "sha1" signature: "345ac3a167558f4f387a81c2d64234d901a7ceaa544db779d2f797b0ea4ef851b740905a63e2f4d5af42cee093a29c7155db9a63d3d483e0ef948f5ac51ce4e10a3a6606fd93ef68ee47b30c37491103039459122f78e1c7ea71a1a5ea24bb6519bca02c8c9915fe8be24927c91812a13db72dbcb500103a79e8f67ff8cb9e2a631974e0668ab3977bf570a91b67d1b6bcd5dce84055f21427d64f4256a042ab1dc8e925d53a769f6681a873f5859693a7728fcbe95beace1563b5ffbcd7c93b898aeba31421dafbfadeea50229c49fd6c445449314460f3d19150bd29a91333beaced557ed6295234f7c14fa46303b7e977d2c89ba8a39a46a35f33eb07a332" data: "hello" ================================================ FILE: test/common/crypto/verify_signature_corpus/test_contains_sha256_correct ================================================ key: "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a7471266d01d160308d73409c06f2e8d35c531c458d3e480e9f3191847d062ec5ccff7bc51e949d5f2c3540c189a4eca1e8633a62cf2d0923101c27e38013e71de9ae91a704849bff7fbe2ce5bf4bd666fd9731102a53193fe5a9a5a50644ff8b1183fa897646598caad22a37f9544510836372b44c58c98586fb7144629cd8c9479592d996d32ff6d395c0b8442ec5aa1ef8051529ea0e375883cefc72c04e360b4ef8f5760650589ca814918f678eee39b884d5af8136a9630a6cc0cde157dc8e00f39540628d5f335b2c36c54c7c8bc3738a6b21acff815405afa28e5183f550dac19abcf1145a7f9ced987db680e4a229cac75dee347ec9ebce1fc3dbbbb0203010001" hash_func: "sha256" signature: "345ac3a167558f4f387a81c2d64234d901a7ceaa544db779d2f797b0ea4ef851b740905a63e2f4d5af42cee093a29c7155db9a63d3d483e0ef948f5ac51ce4e10a3a6606fd93ef68ee47b30c37491103039459122f78e1c7ea71a1a5ea24bb6519bca02c8c9915fe8be24927c91812a13db72dbcb500103a79e8f67ff8cb9e2a631974e0668ab3977bf570a91b67d1b6bcd5dce84055f21427d64f4256a042ab1dc8e925d53a769f6681a873f5859693a7728fcbe95beace1563b5ffbcd7c93b898aeba31421dafbfadeea50229c49fd6c445449314460f3d19150bd29a91333beaced557ed6295234f7c14fa46303b7e977d2c89ba8a39a46a35f33eb07a332" data: "hello" ================================================ FILE: test/common/crypto/verify_signature_fuzz.proto ================================================ syntax = "proto3"; package test.common.crypto; message VerifySignatureFuzzTestCase { string key = 1; string hash_func = 2; string signature = 3; string data = 4; } ================================================ FILE: test/common/crypto/verify_signature_fuzz_test.cc ================================================ #include "common/common/hex.h" #include "common/crypto/utility.h" #include "test/common/crypto/verify_signature_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" namespace Envoy { namespace Common { namespace Crypto { namespace { DEFINE_PROTO_FUZZER(const test::common::crypto::VerifySignatureFuzzTestCase& input) { const auto& key = input.key(); const auto& hash_func = input.hash_func(); const auto& signature = input.signature(); const auto& data = input.data(); Common::Crypto::CryptoObjectPtr crypto_ptr( Common::Crypto::UtilitySingleton::get().importPublicKey(Hex::decode(key))); Common::Crypto::CryptoObject* crypto(crypto_ptr.get()); std::vector text(data.begin(), data.end()); const auto sig = Hex::decode(signature); UtilitySingleton::get().verifySignature(hash_func, *crypto, sig, text); } } // namespace } // namespace Crypto } // namespace Common } // namespace Envoy ================================================ FILE: test/common/crypto/verify_signature_fuzz_test.dict ================================================ # hash_func "sha1" "sha224" "sha256" "sha384" "sha512" ================================================ FILE: test/common/event/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "dispatcher_impl_test", srcs = ["dispatcher_impl_test.cc"], tags = ["fails_on_windows"], deps = [ "//source/common/api:api_lib", "//source/common/event:deferred_task", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", "//source/common/stats:isolated_store_lib", "//test/mocks:common_lib", "//test/mocks/stats:stats_mocks", "//test/test_common:simulated_time_system_lib", "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "file_event_impl_test", srcs = ["file_event_impl_test.cc"], tags = ["fails_on_windows"], deps = [ "//include/envoy/event:file_event_interface", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", "//source/common/stats:isolated_store_lib", "//test/mocks:common_lib", "//test/test_common:environment_lib", "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "scaled_range_timer_manager_test", srcs = ["scaled_range_timer_manager_test.cc"], deps = [ "//source/common/event:scaled_range_timer_manager", "//test/mocks/event:wrapped_dispatcher", "//test/test_common:simulated_time_system_lib", ], ) ================================================ FILE: test/common/event/dispatcher_impl_test.cc ================================================ #include #include "envoy/thread/thread.h" #include "common/api/api_impl.h" #include "common/common/lock_guard.h" #include "common/event/deferred_task.h" #include "common/event/dispatcher_impl.h" #include "common/event/timer_impl.h" #include "common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::InSequence; using testing::NiceMock; namespace Envoy { namespace Event { namespace { void onWatcherReady(evwatch*, const evwatch_prepare_cb_info*, void* arg) { // `arg` contains the ReadyWatcher passed in from evwatch_prepare_new. auto watcher = static_cast(arg); watcher->ready(); } class SchedulableCallbackImplTest : public testing::Test { protected: SchedulableCallbackImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} void createCallback(std::function cb) { callbacks_.emplace_back(dispatcher_->createSchedulableCallback(cb)); } Api::ApiPtr api_; DispatcherPtr dispatcher_; std::vector callbacks_; }; TEST_F(SchedulableCallbackImplTest, ScheduleCurrentAndCancel) { ReadyWatcher watcher; auto cb = dispatcher_->createSchedulableCallback([&]() { watcher.ready(); }); // Cancel is a no-op if not scheduled. cb->cancel(); dispatcher_->run(Dispatcher::RunType::Block); // Callback is not invoked if cancelled before it executes. cb->scheduleCallbackCurrentIteration(); EXPECT_TRUE(cb->enabled()); cb->cancel(); EXPECT_FALSE(cb->enabled()); dispatcher_->run(Dispatcher::RunType::Block); // Scheduled callback executes. cb->scheduleCallbackCurrentIteration(); EXPECT_CALL(watcher, ready()); dispatcher_->run(Dispatcher::RunType::Block); // Callbacks implicitly cancelled if runner is deleted. cb->scheduleCallbackCurrentIteration(); cb.reset(); dispatcher_->run(Dispatcher::RunType::Block); } TEST_F(SchedulableCallbackImplTest, ScheduleNextAndCancel) { ReadyWatcher watcher; auto cb = dispatcher_->createSchedulableCallback([&]() { watcher.ready(); }); // Cancel is a no-op if not scheduled. cb->cancel(); dispatcher_->run(Dispatcher::RunType::Block); // Callback is not invoked if cancelled before it executes. cb->scheduleCallbackNextIteration(); EXPECT_TRUE(cb->enabled()); cb->cancel(); EXPECT_FALSE(cb->enabled()); dispatcher_->run(Dispatcher::RunType::Block); // Scheduled callback executes. cb->scheduleCallbackNextIteration(); EXPECT_CALL(watcher, ready()); dispatcher_->run(Dispatcher::RunType::Block); // Callbacks implicitly cancelled if runner is deleted. cb->scheduleCallbackNextIteration(); cb.reset(); dispatcher_->run(Dispatcher::RunType::Block); } TEST_F(SchedulableCallbackImplTest, ScheduleOrder) { ReadyWatcher watcher0; createCallback([&]() { watcher0.ready(); }); ReadyWatcher watcher1; createCallback([&]() { watcher1.ready(); }); ReadyWatcher watcher2; createCallback([&]() { watcher2.ready(); }); // Current iteration callbacks run in the order they are scheduled. Next iteration callbacks run // after current iteration callbacks. callbacks_[0]->scheduleCallbackNextIteration(); callbacks_[1]->scheduleCallbackCurrentIteration(); callbacks_[2]->scheduleCallbackCurrentIteration(); InSequence s; EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher0, ready()); dispatcher_->run(Dispatcher::RunType::Block); } TEST_F(SchedulableCallbackImplTest, ScheduleChainingAndCancellation) { DispatcherImpl* dispatcher_impl = static_cast(dispatcher_.get()); ReadyWatcher prepare_watcher; evwatch_prepare_new(&dispatcher_impl->base(), onWatcherReady, &prepare_watcher); ReadyWatcher watcher0; createCallback([&]() { watcher0.ready(); callbacks_[1]->scheduleCallbackCurrentIteration(); }); ReadyWatcher watcher1; createCallback([&]() { watcher1.ready(); callbacks_[2]->scheduleCallbackCurrentIteration(); callbacks_[3]->scheduleCallbackCurrentIteration(); callbacks_[4]->scheduleCallbackCurrentIteration(); callbacks_[5]->scheduleCallbackNextIteration(); }); ReadyWatcher watcher2; createCallback([&]() { watcher2.ready(); EXPECT_TRUE(callbacks_[3]->enabled()); callbacks_[3]->cancel(); EXPECT_TRUE(callbacks_[4]->enabled()); callbacks_[4].reset(); }); ReadyWatcher watcher3; createCallback([&]() { watcher3.ready(); }); ReadyWatcher watcher4; createCallback([&]() { watcher4.ready(); }); ReadyWatcher watcher5; createCallback([&]() { watcher5.ready(); }); // Chained callbacks run in the same event loop iteration, as signaled by a single call to // prepare_watcher.ready(). watcher3 and watcher4 are not invoked because cb2 cancels // cb3 and deletes cb4 as part of its execution. cb5 runs after a second call to the // prepare callback since it's scheduled for the next iteration. callbacks_[0]->scheduleCallbackCurrentIteration(); InSequence s; EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(watcher0, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(watcher5, ready()); dispatcher_->run(Dispatcher::RunType::Block); } TEST_F(SchedulableCallbackImplTest, RescheduleNext) { DispatcherImpl* dispatcher_impl = static_cast(dispatcher_.get()); ReadyWatcher prepare_watcher; evwatch_prepare_new(&dispatcher_impl->base(), onWatcherReady, &prepare_watcher); ReadyWatcher watcher0; createCallback([&]() { watcher0.ready(); // Callback 1 was scheduled from the previous iteration, expect it to fire in the current // iteration despite the attempt to reschedule. callbacks_[1]->scheduleCallbackNextIteration(); // Callback 2 expected to execute next iteration because current called before next. callbacks_[2]->scheduleCallbackCurrentIteration(); callbacks_[2]->scheduleCallbackNextIteration(); // Callback 3 expected to execute next iteration because next was called before current. callbacks_[3]->scheduleCallbackNextIteration(); callbacks_[3]->scheduleCallbackCurrentIteration(); }); ReadyWatcher watcher1; createCallback([&]() { watcher1.ready(); }); ReadyWatcher watcher2; createCallback([&]() { watcher2.ready(); }); ReadyWatcher watcher3; createCallback([&]() { watcher3.ready(); }); // Schedule callbacks 0 and 1 outside the loop, both will run in the same iteration of the event // loop. callbacks_[0]->scheduleCallbackCurrentIteration(); callbacks_[1]->scheduleCallbackNextIteration(); InSequence s; EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(watcher0, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(watcher3, ready()); dispatcher_->run(Dispatcher::RunType::Block); } class TestDeferredDeletable : public DeferredDeletable { public: TestDeferredDeletable(std::function on_destroy) : on_destroy_(on_destroy) {} ~TestDeferredDeletable() override { on_destroy_(); } private: std::function on_destroy_; }; TEST(DeferredDeleteTest, DeferredDelete) { InSequence s; Api::ApiPtr api = Api::createApiForTest(); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); ReadyWatcher watcher1; dispatcher->deferredDelete( DeferredDeletablePtr{new TestDeferredDeletable([&]() -> void { watcher1.ready(); })}); // The first one will get deleted inline. EXPECT_CALL(watcher1, ready()); dispatcher->clearDeferredDeleteList(); // This one does a nested deferred delete. We should need two clear calls to actually get // rid of it with the vector swapping. We also test that inline clear() call does nothing. ReadyWatcher watcher2; ReadyWatcher watcher3; dispatcher->deferredDelete(DeferredDeletablePtr{new TestDeferredDeletable([&]() -> void { watcher2.ready(); dispatcher->deferredDelete( DeferredDeletablePtr{new TestDeferredDeletable([&]() -> void { watcher3.ready(); })}); dispatcher->clearDeferredDeleteList(); })}); EXPECT_CALL(watcher2, ready()); dispatcher->clearDeferredDeleteList(); EXPECT_CALL(watcher3, ready()); dispatcher->clearDeferredDeleteList(); } TEST(DeferredTaskTest, DeferredTask) { InSequence s; Api::ApiPtr api = Api::createApiForTest(); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); ReadyWatcher watcher1; DeferredTaskUtil::deferredRun(*dispatcher, [&watcher1]() -> void { watcher1.ready(); }); // The first one will get deleted inline. EXPECT_CALL(watcher1, ready()); dispatcher->clearDeferredDeleteList(); // Deferred task is scheduled FIFO. ReadyWatcher watcher2; ReadyWatcher watcher3; DeferredTaskUtil::deferredRun(*dispatcher, [&watcher2]() -> void { watcher2.ready(); }); DeferredTaskUtil::deferredRun(*dispatcher, [&watcher3]() -> void { watcher3.ready(); }); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher3, ready()); dispatcher->clearDeferredDeleteList(); } class DispatcherImplTest : public testing::Test { protected: DispatcherImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) { dispatcher_thread_ = api_->threadFactory().createThread([this]() { // Must create a keepalive timer to keep the dispatcher from exiting. std::chrono::milliseconds time_interval(500); keepalive_timer_ = dispatcher_->createTimer( [this, time_interval]() { keepalive_timer_->enableTimer(time_interval); }); keepalive_timer_->enableTimer(time_interval); dispatcher_->run(Dispatcher::RunType::Block); }); } ~DispatcherImplTest() override { dispatcher_->exit(); dispatcher_thread_->join(); } void timerTest(std::function enable_timer_delegate) { TimerPtr timer; dispatcher_->post([this, &timer]() { { Thread::LockGuard lock(mu_); timer = dispatcher_->createTimer([this]() { { Thread::LockGuard lock(mu_); work_finished_ = true; } cv_.notifyOne(); }); EXPECT_FALSE(timer->enabled()); } cv_.notifyOne(); }); Thread::LockGuard lock(mu_); while (timer == nullptr) { cv_.wait(mu_); } enable_timer_delegate(*timer); while (!work_finished_) { cv_.wait(mu_); } } NiceMock scope_; // Used in InitializeStats, must outlive dispatcher_->exit(). Api::ApiPtr api_; Thread::ThreadPtr dispatcher_thread_; DispatcherPtr dispatcher_; Thread::MutexBasicLockable mu_; Thread::CondVar cv_; bool work_finished_{false}; TimerPtr keepalive_timer_; }; // TODO(mergeconflict): We also need integration testing to validate that the expected histograms // are written when `enable_dispatcher_stats` is true. See issue #6582. TEST_F(DispatcherImplTest, InitializeStats) { EXPECT_CALL(scope_, histogram("test.dispatcher.loop_duration_us", Stats::Histogram::Unit::Microseconds)); EXPECT_CALL(scope_, histogram("test.dispatcher.poll_delay_us", Stats::Histogram::Unit::Microseconds)); dispatcher_->initializeStats(scope_, "test."); } TEST_F(DispatcherImplTest, Post) { dispatcher_->post([this]() { { Thread::LockGuard lock(mu_); work_finished_ = true; } cv_.notifyOne(); }); Thread::LockGuard lock(mu_); while (!work_finished_) { cv_.wait(mu_); } } // Ensure that there is no deadlock related to calling a posted callback, or // destructing a closure when finished calling it. TEST_F(DispatcherImplTest, RunPostCallbacksLocking) { class PostOnDestruct { public: PostOnDestruct(Dispatcher& dispatcher) : dispatcher_(dispatcher) {} ~PostOnDestruct() { dispatcher_.post([]() {}); } void method() {} Dispatcher& dispatcher_; }; { // Block dispatcher first to ensure that both posted events below are handled // by a single call to runPostCallbacks(). // // This also ensures that the post_lock_ is not held while callbacks are called, // or else this would deadlock. Thread::LockGuard lock(mu_); dispatcher_->post([this]() { Thread::LockGuard lock(mu_); }); auto post_on_destruct = std::make_shared(*dispatcher_); dispatcher_->post([=]() { post_on_destruct->method(); }); dispatcher_->post([this]() { { Thread::LockGuard lock(mu_); work_finished_ = true; } cv_.notifyOne(); }); } Thread::LockGuard lock(mu_); while (!work_finished_) { cv_.wait(mu_); } } TEST_F(DispatcherImplTest, Timer) { timerTest([](Timer& timer) { timer.enableTimer(std::chrono::milliseconds(0)); }); timerTest([](Timer& timer) { timer.enableTimer(std::chrono::milliseconds(50)); }); timerTest([](Timer& timer) { timer.enableHRTimer(std::chrono::microseconds(50)); }); } TEST_F(DispatcherImplTest, TimerWithScope) { TimerPtr timer; MockScopedTrackedObject scope; dispatcher_->post([this, &timer, &scope]() { { // Expect a call to dumpState. The timer will call onFatalError during // the alarm interval, and if the scope is tracked correctly this will // result in a dumpState call. EXPECT_CALL(scope, dumpState(_, _)); Thread::LockGuard lock(mu_); timer = dispatcher_->createTimer([this]() { { Thread::LockGuard lock(mu_); static_cast(dispatcher_.get())->onFatalError(std::cerr); work_finished_ = true; } cv_.notifyOne(); }); EXPECT_FALSE(timer->enabled()); } cv_.notifyOne(); }); Thread::LockGuard lock(mu_); while (timer == nullptr) { cv_.wait(mu_); } timer->enableTimer(std::chrono::milliseconds(50), &scope); while (!work_finished_) { cv_.wait(mu_); } } TEST_F(DispatcherImplTest, IsThreadSafe) { dispatcher_->post([this]() { { Thread::LockGuard lock(mu_); // Thread safe because it is called within the dispatcher thread's context. EXPECT_TRUE(dispatcher_->isThreadSafe()); work_finished_ = true; } cv_.notifyOne(); }); Thread::LockGuard lock(mu_); while (!work_finished_) { cv_.wait(mu_); } // Not thread safe because it is not called within the dispatcher thread's context. EXPECT_FALSE(dispatcher_->isThreadSafe()); } class NotStartedDispatcherImplTest : public testing::Test { protected: NotStartedDispatcherImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} Api::ApiPtr api_; DispatcherPtr dispatcher_; }; TEST_F(NotStartedDispatcherImplTest, IsThreadSafe) { // Thread safe because the dispatcher has not started. // Therefore, no thread id has been assigned. EXPECT_TRUE(dispatcher_->isThreadSafe()); } class DispatcherMonotonicTimeTest : public testing::Test { protected: DispatcherMonotonicTimeTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} ~DispatcherMonotonicTimeTest() override = default; Api::ApiPtr api_; DispatcherPtr dispatcher_; MonotonicTime time_; }; TEST_F(DispatcherMonotonicTimeTest, UpdateApproximateMonotonicTime) { dispatcher_->post([this]() { { MonotonicTime time1 = dispatcher_->approximateMonotonicTime(); dispatcher_->updateApproximateMonotonicTime(); MonotonicTime time2 = dispatcher_->approximateMonotonicTime(); EXPECT_LT(time1, time2); } }); dispatcher_->run(Dispatcher::RunType::Block); } TEST_F(DispatcherMonotonicTimeTest, ApproximateMonotonicTime) { // approximateMonotonicTime is constant within one event loop run. dispatcher_->post([this]() { { time_ = dispatcher_->approximateMonotonicTime(); EXPECT_EQ(time_, dispatcher_->approximateMonotonicTime()); } }); dispatcher_->run(Dispatcher::RunType::Block); // approximateMonotonicTime is increasing between event loop runs. dispatcher_->post([this]() { { EXPECT_LT(time_, dispatcher_->approximateMonotonicTime()); } }); dispatcher_->run(Dispatcher::RunType::Block); } class TimerImplTest : public testing::TestWithParam { protected: TimerImplTest() { Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.activate_timers_next_event_loop", activateTimersNextEventLoop() ? "true" : "false"}}); // Hook into event loop prepare and check events. evwatch_prepare_new(&libevent_base_, onWatcherReady, &prepare_watcher_); evwatch_check_new(&libevent_base_, onCheck, this); } ~TimerImplTest() override { ASSERT(check_callbacks_.empty()); } bool activateTimersNextEventLoop() { return GetParam(); } // Run a callback inside the event loop. The libevent monotonic time used for timer registration // is frozen while within this callback, so timers enabled within this callback end up with the // requested relative registration times. The callback can invoke advanceLibeventTime() to force // the libevent monotonic time forward before libevent determines the list of triggered timers. void runInEventLoop(std::function cb) { check_callbacks_.emplace_back(cb); // Add a callback to the event loop to force it to run at least once despite there being no // registered timers yet. auto callback = dispatcher_->createSchedulableCallback([]() {}); callback->scheduleCallbackCurrentIteration(); in_event_loop_ = true; dispatcher_->run(Dispatcher::RunType::NonBlock); in_event_loop_ = false; } // Advance time forward while updating the libevent's time cache and monotonic time reference. // Pushing the monotonic time reference forward eliminates the possibility of time moving // backwards and breaking the overly picky TimerImpl tests below. void advanceLibeventTime(absl::Duration duration) { ASSERT(in_event_loop_); requested_advance_ += duration; adjustCachedTime(); } // Similar to advanceLibeventTime, but for use in mock callback actions. Monotonic time will be // moved forward at the start of the next event loop iteration. void advanceLibeventTimeNextIteration(absl::Duration duration) { ASSERT(in_event_loop_); requested_advance_ += duration; } Api::ApiPtr api_{Api::createApiForTest()}; DispatcherPtr dispatcher_{api_->allocateDispatcher("test_thread")}; event_base& libevent_base_{static_cast(*dispatcher_).base()}; ReadyWatcher prepare_watcher_; std::vector callbacks_; private: static void onCheck(evwatch*, const evwatch_check_cb_info*, void* arg) { // `arg` contains the TimerImplTest passed in from evwatch_check_new. auto self = static_cast(arg); auto check_callbacks = self->check_callbacks_; self->check_callbacks_.clear(); for (const auto& cb : check_callbacks) { cb(); } self->adjustCachedTime(); } absl::Duration cachedTimeAsDuration() const { timeval tv; int ret = event_base_gettimeofday_cached(&libevent_base_, &tv); RELEASE_ASSERT(ret == 0, "event_base_gettimeofday_cached failed"); return absl::DurationFromTimeval(tv); } void adjustCachedTime() { auto start = cachedTimeAsDuration(); // Sanity check: ensure that cache time is in use. EXPECT_EQ(start, cachedTimeAsDuration()); while (cachedTimeAsDuration() - start < requested_advance_) { absl::SleepFor(absl::Milliseconds(1)); event_base_update_cache_time(&libevent_base_); } requested_advance_ = absl::ZeroDuration(); } TestScopedRuntime scoped_runtime_; absl::Duration requested_advance_ = absl::ZeroDuration(); std::vector> check_callbacks_; bool in_event_loop_{}; }; INSTANTIATE_TEST_SUITE_P(DelayActivation, TimerImplTest, testing::Bool()); TEST_P(TimerImplTest, TimerEnabledDisabled) { InSequence s; Event::TimerPtr timer = dispatcher_->createTimer([] {}); EXPECT_FALSE(timer->enabled()); timer->enableTimer(std::chrono::milliseconds(0)); EXPECT_TRUE(timer->enabled()); EXPECT_CALL(prepare_watcher_, ready()); dispatcher_->run(Dispatcher::RunType::NonBlock); EXPECT_FALSE(timer->enabled()); timer->enableHRTimer(std::chrono::milliseconds(0)); EXPECT_TRUE(timer->enabled()); EXPECT_CALL(prepare_watcher_, ready()); dispatcher_->run(Dispatcher::RunType::NonBlock); EXPECT_FALSE(timer->enabled()); } TEST_P(TimerImplTest, ChangeTimerBackwardsBeforeRun) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); }); // Expect watcher3 to trigger first because the deadlines for timers 1 and 2 was moved backwards. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher3, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher1, ready()); runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(1)); timer3->enableTimer(std::chrono::milliseconds(2)); timer2->enableTimer(std::chrono::milliseconds(3)); timer1->enableTimer(std::chrono::milliseconds(4)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); }); } TEST_P(TimerImplTest, ChangeTimerForwardsToZeroBeforeRun) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); if (activateTimersNextEventLoop()) { // Expect watcher1 to trigger first because timer1's deadline was moved forward. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); } else { // Timers execute in the wrong order. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher1, ready()); } runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(2)); timer2->enableTimer(std::chrono::milliseconds(1)); timer1->enableTimer(std::chrono::milliseconds(0)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); }); } TEST_P(TimerImplTest, ChangeTimerForwardsToNonZeroBeforeRun) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); // Expect watcher1 to trigger first because timer1's deadline was moved forward. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(3)); timer2->enableTimer(std::chrono::milliseconds(2)); timer1->enableTimer(std::chrono::milliseconds(1)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); }); } TEST_P(TimerImplTest, ChangeLargeTimerForwardToZeroBeforeRun) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); // Expect watcher1 to trigger because timer1's deadline was moved forward. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(prepare_watcher_, ready()); runInEventLoop([&]() { timer1->enableTimer(std::chrono::seconds(2000)); timer2->enableTimer(std::chrono::seconds(1000)); timer1->enableTimer(std::chrono::seconds(0)); }); } TEST_P(TimerImplTest, ChangeLargeTimerForwardToNonZeroBeforeRun) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); // Expect watcher1 to trigger because timer1's deadline was moved forward. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(prepare_watcher_, ready()); runInEventLoop([&]() { timer1->enableTimer(std::chrono::seconds(2000)); timer2->enableTimer(std::chrono::seconds(1000)); timer1->enableTimer(std::chrono::milliseconds(1)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); }); } // Timers scheduled at different times execute in order. TEST_P(TimerImplTest, TimerOrdering) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); }); // Expect watcher calls to happen in order since timers have different times. InSequence s; if (activateTimersNextEventLoop()) { EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher3, ready()); } else { EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher3, ready()); } runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(1)); timer3->enableTimer(std::chrono::milliseconds(2)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); }); } // Alarms that are scheduled to execute and are cancelled do not trigger. TEST_P(TimerImplTest, TimerOrderAndDisableAlarm) { ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { timer2->disableTimer(); watcher1.ready(); }); // Expect watcher calls to happen in order since timers have different times. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher3, ready()); runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(1)); timer3->enableTimer(std::chrono::milliseconds(2)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); }); } // Change the registration time for a timer that is already activated by disabling and re-enabling // the timer. Verify that execution is delayed. TEST_P(TimerImplTest, TimerOrderDisableAndReschedule) { ReadyWatcher watcher4; Event::TimerPtr timer4 = dispatcher_->createTimer([&] { watcher4.ready(); }); ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { timer2->disableTimer(); timer2->enableTimer(std::chrono::milliseconds(0)); timer3->disableTimer(); timer3->enableTimer(std::chrono::milliseconds(1)); watcher1.ready(); }); // timer1 is expected to run first and reschedule timers 2 and 3. timer4 should fire before // timer2 and timer3 since timer4's registration is unaffected. InSequence s; if (activateTimersNextEventLoop()) { EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher4, ready()); // Sleep during prepare to ensure that enough time has elapsed before timer evaluation to ensure // that timers 2 and 3 are picked up by the same loop iteration. Without the sleep the two // timers could execute in different loop iterations. EXPECT_CALL(prepare_watcher_, ready()).WillOnce(testing::InvokeWithoutArgs([&]() { advanceLibeventTimeNextIteration(absl::Milliseconds(10)); })); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher3, ready()); } else { EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); EXPECT_CALL(watcher4, ready()); EXPECT_CALL(watcher2, ready()); // Sleep in prepare cb to avoid flakiness if epoll_wait returns before the timer timeout. EXPECT_CALL(prepare_watcher_, ready()).WillOnce(testing::InvokeWithoutArgs([&]() { advanceLibeventTimeNextIteration(absl::Milliseconds(10)); })); EXPECT_CALL(watcher3, ready()); } runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(1)); timer3->enableTimer(std::chrono::milliseconds(2)); timer4->enableTimer(std::chrono::milliseconds(3)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); EXPECT_TRUE(timer4->enabled()); }); } // Change the registration time for a timer that is already activated by re-enabling the timer // without calling disableTimer first. TEST_P(TimerImplTest, TimerOrderAndReschedule) { ReadyWatcher watcher4; Event::TimerPtr timer4 = dispatcher_->createTimer([&] { watcher4.ready(); }); ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); }); ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { timer2->enableTimer(std::chrono::milliseconds(0)); timer3->enableTimer(std::chrono::milliseconds(1)); watcher1.ready(); }); // Rescheduling timers that are already scheduled to run in the current event loop iteration has // no effect if the time delta is 0. Expect timers 1, 2 and 4 to execute in the original order. // Timer 3 is delayed since it is rescheduled with a non-zero delta. InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher1, ready()); if (activateTimersNextEventLoop()) { EXPECT_CALL(watcher4, ready()); // Sleep during prepare to ensure that enough time has elapsed before timer evaluation to ensure // that timers 2 and 3 are picked up by the same loop iteration. Without the sleep the two // timers could execute in different loop iterations. EXPECT_CALL(prepare_watcher_, ready()).WillOnce(testing::InvokeWithoutArgs([&]() { advanceLibeventTimeNextIteration(absl::Milliseconds(10)); })); EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher3, ready()); } else { EXPECT_CALL(watcher2, ready()); EXPECT_CALL(watcher4, ready()); // Sleep in prepare cb to avoid flakiness if epoll_wait returns before the timer timeout. EXPECT_CALL(prepare_watcher_, ready()).WillOnce(testing::InvokeWithoutArgs([&]() { advanceLibeventTimeNextIteration(absl::Milliseconds(10)); })); EXPECT_CALL(watcher3, ready()); } runInEventLoop([&]() { timer1->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(1)); timer3->enableTimer(std::chrono::milliseconds(2)); timer4->enableTimer(std::chrono::milliseconds(3)); // Advance time by 10ms so timers above all trigger in the same loop iteration. advanceLibeventTime(absl::Milliseconds(10)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); EXPECT_TRUE(timer4->enabled()); }); } TEST_P(TimerImplTest, TimerChaining) { ReadyWatcher watcher1; Event::TimerPtr timer1 = dispatcher_->createTimer([&] { watcher1.ready(); }); ReadyWatcher watcher2; Event::TimerPtr timer2 = dispatcher_->createTimer([&] { watcher2.ready(); timer1->enableTimer(std::chrono::milliseconds(0)); }); ReadyWatcher watcher3; Event::TimerPtr timer3 = dispatcher_->createTimer([&] { watcher3.ready(); timer2->enableTimer(std::chrono::milliseconds(0)); }); ReadyWatcher watcher4; Event::TimerPtr timer4 = dispatcher_->createTimer([&] { watcher4.ready(); timer3->enableTimer(std::chrono::milliseconds(0)); }); timer4->enableTimer(std::chrono::milliseconds(0)); EXPECT_FALSE(timer1->enabled()); EXPECT_FALSE(timer2->enabled()); EXPECT_FALSE(timer3->enabled()); EXPECT_TRUE(timer4->enabled()); InSequence s; EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher4, ready()); if (activateTimersNextEventLoop()) { EXPECT_CALL(prepare_watcher_, ready()); } EXPECT_CALL(watcher3, ready()); if (activateTimersNextEventLoop()) { EXPECT_CALL(prepare_watcher_, ready()); } EXPECT_CALL(watcher2, ready()); if (activateTimersNextEventLoop()) { EXPECT_CALL(prepare_watcher_, ready()); } EXPECT_CALL(watcher1, ready()); dispatcher_->run(Dispatcher::RunType::NonBlock); EXPECT_FALSE(timer1->enabled()); EXPECT_FALSE(timer2->enabled()); EXPECT_FALSE(timer3->enabled()); EXPECT_FALSE(timer4->enabled()); } TEST_P(TimerImplTest, TimerChainDisable) { ReadyWatcher watcher; Event::TimerPtr timer1; Event::TimerPtr timer2; Event::TimerPtr timer3; auto timer_cb = [&] { watcher.ready(); timer1->disableTimer(); timer2->disableTimer(); timer3->disableTimer(); }; timer1 = dispatcher_->createTimer(timer_cb); timer2 = dispatcher_->createTimer(timer_cb); timer3 = dispatcher_->createTimer(timer_cb); timer3->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(0)); timer1->enableTimer(std::chrono::milliseconds(0)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); InSequence s; // Only 1 call to watcher ready since the other 2 timers were disabled by the first timer. EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher, ready()); dispatcher_->run(Dispatcher::RunType::NonBlock); } TEST_P(TimerImplTest, TimerChainDelete) { ReadyWatcher watcher; Event::TimerPtr timer1; Event::TimerPtr timer2; Event::TimerPtr timer3; auto timer_cb = [&] { watcher.ready(); timer1.reset(); timer2.reset(); timer3.reset(); }; timer1 = dispatcher_->createTimer(timer_cb); timer2 = dispatcher_->createTimer(timer_cb); timer3 = dispatcher_->createTimer(timer_cb); timer3->enableTimer(std::chrono::milliseconds(0)); timer2->enableTimer(std::chrono::milliseconds(0)); timer1->enableTimer(std::chrono::milliseconds(0)); EXPECT_TRUE(timer1->enabled()); EXPECT_TRUE(timer2->enabled()); EXPECT_TRUE(timer3->enabled()); InSequence s; // Only 1 call to watcher ready since the other 2 timers were deleted by the first timer. EXPECT_CALL(prepare_watcher_, ready()); EXPECT_CALL(watcher, ready()); dispatcher_->run(Dispatcher::RunType::NonBlock); } class TimerImplTimingTest : public testing::Test { public: std::chrono::nanoseconds getTimerTiming(Event::SimulatedTimeSystem& time_system, Dispatcher& dispatcher, Event::Timer& timer) { const auto start = time_system.monotonicTime(); EXPECT_TRUE(timer.enabled()); dispatcher.run(Dispatcher::RunType::NonBlock); while (timer.enabled()) { time_system.advanceTimeAndRun(std::chrono::microseconds(1), dispatcher, Dispatcher::RunType::NonBlock); #ifdef WIN32 // The event loop runs for a single iteration in NonBlock mode on Windows. A few iterations // are required to ensure that next iteration callbacks have a chance to run before time // advances once again. dispatcher.run(Dispatcher::RunType::NonBlock); dispatcher.run(Dispatcher::RunType::NonBlock); #endif } return time_system.monotonicTime() - start; } }; // Test the timer with a series of timings and measure they fire accurately // using simulated time. enableTimer() should be precise at the millisecond // level, whereas enableHRTimer should be precise at the microsecond level. // For good measure, also check that '0'/immediate does what it says on the tin. TEST_F(TimerImplTimingTest, TheoreticalTimerTiming) { Event::SimulatedTimeSystem time_system; Api::ApiPtr api = Api::createApiForTest(time_system); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); Event::TimerPtr timer = dispatcher->createTimer([&dispatcher] { dispatcher->exit(); }); const uint64_t timings[] = {0, 10, 50, 1234}; for (const uint64_t timing : timings) { std::chrono::milliseconds ms(timing); timer->enableTimer(ms); EXPECT_EQ(std::chrono::duration_cast( getTimerTiming(time_system, *dispatcher, *timer)) .count(), timing); std::chrono::microseconds us(timing); timer->enableHRTimer(us); EXPECT_EQ(std::chrono::duration_cast( getTimerTiming(time_system, *dispatcher, *timer)) .count(), timing); } } class TimerUtilsTest : public testing::Test { public: template void checkConversion(const Duration& duration, const uint64_t expected_secs, const uint64_t expected_usecs) { timeval tv; TimerUtils::durationToTimeval(duration, tv); EXPECT_EQ(tv.tv_sec, expected_secs); EXPECT_EQ(tv.tv_usec, expected_usecs); } }; TEST_F(TimerUtilsTest, TimerNegativeValueThrows) { timeval tv; const int negative_sample = -1; EXPECT_THROW_WITH_MESSAGE( TimerUtils::durationToTimeval(std::chrono::seconds(negative_sample), tv), EnvoyException, fmt::format("Negative duration passed to durationToTimeval(): {}", negative_sample)); } TEST_F(TimerUtilsTest, TimerValueConversion) { // Check input is bounded. checkConversion(std::chrono::nanoseconds::duration::max(), INT32_MAX, 0); checkConversion(std::chrono::microseconds::duration::max(), INT32_MAX, 0); checkConversion(std::chrono::milliseconds::duration::max(), INT32_MAX, 0); checkConversion(std::chrono::seconds::duration::max(), INT32_MAX, 0); // Test the clipping boundary checkConversion(std::chrono::seconds(INT32_MAX) - std::chrono::seconds(1), INT32_MAX - 1, 0); checkConversion(std::chrono::seconds(INT32_MAX) - std::chrono::nanoseconds(1), INT32_MAX - 1, 999999); // Basic test with zero milliseconds. checkConversion(std::chrono::milliseconds(0), 0, 0); // 2050 milliseconds is 2 seconds and 50000 microseconds. checkConversion(std::chrono::milliseconds(2050), 2, 50000); // Some arbitrary tests for good measure. checkConversion(std::chrono::microseconds(233), 0, 233); // Some arbitrary tests for good measure. checkConversion(std::chrono::milliseconds(600014), 600, 14000); } } // namespace } // namespace Event } // namespace Envoy ================================================ FILE: test/common/event/file_event_impl_test.cc ================================================ #include #include "envoy/event/file_event.h" #include "common/api/os_sys_calls_impl.h" #include "common/event/dispatcher_impl.h" #include "common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/test_common/environment.h" #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Event { namespace { class FileEventImplTest : public testing::Test { public: FileEventImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")), os_sys_calls_(Api::OsSysCallsSingleton::get()) {} void SetUp() override { #ifdef WIN32 ASSERT_EQ(0, os_sys_calls_.socketpair(AF_INET, SOCK_STREAM, 0, fds_).rc_); #else ASSERT_EQ(0, os_sys_calls_.socketpair(AF_UNIX, SOCK_DGRAM, 0, fds_).rc_); #endif int data = 1; const Api::SysCallSizeResult result = os_sys_calls_.write(fds_[1], &data, sizeof(data)); ASSERT_EQ(sizeof(data), static_cast(result.rc_)); } void TearDown() override { os_sys_calls_.close(fds_[0]); os_sys_calls_.close(fds_[1]); } protected: os_fd_t fds_[2]; Api::ApiPtr api_; DispatcherPtr dispatcher_; Api::OsSysCalls& os_sys_calls_; }; class FileEventImplActivateTest : public testing::TestWithParam> { public: FileEventImplActivateTest() : os_sys_calls_(Api::OsSysCallsSingleton::get()) { Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.activate_fds_next_event_loop", activateFdsNextEventLoop() ? "true" : "false"}}); } static void onWatcherReady(evwatch*, const evwatch_prepare_cb_info*, void* arg) { // `arg` contains the ReadyWatcher passed in from evwatch_prepare_new. auto watcher = static_cast(arg); watcher->ready(); } int domain() { return std::get<0>(GetParam()) == Network::Address::IpVersion::v4 ? AF_INET : AF_INET6; } bool activateFdsNextEventLoop() { return std::get<1>(GetParam()); } protected: Api::OsSysCalls& os_sys_calls_; TestScopedRuntime scoped_runtime_; }; INSTANTIATE_TEST_SUITE_P( IpVersions, FileEventImplActivateTest, testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), testing::Bool())); TEST_P(FileEventImplActivateTest, Activate) { os_fd_t fd = os_sys_calls_.socket(domain(), SOCK_STREAM, 0).rc_; ASSERT_TRUE(SOCKET_VALID(fd)); Api::ApiPtr api = Api::createApiForTest(); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); ReadyWatcher read_event; EXPECT_CALL(read_event, ready()).Times(1); ReadyWatcher write_event; EXPECT_CALL(write_event, ready()).Times(1); ReadyWatcher closed_event; EXPECT_CALL(closed_event, ready()).Times(1); const FileTriggerType trigger = Event::PlatformDefaultTriggerType; Event::FileEventPtr file_event = dispatcher->createFileEvent( fd, [&](uint32_t events) -> void { if (events & FileReadyType::Read) { read_event.ready(); } if (events & FileReadyType::Write) { write_event.ready(); } if (events & FileReadyType::Closed) { closed_event.ready(); } }, trigger, FileReadyType::Read | FileReadyType::Write | FileReadyType::Closed); file_event->activate(FileReadyType::Read | FileReadyType::Write | FileReadyType::Closed); dispatcher->run(Event::Dispatcher::RunType::NonBlock); os_sys_calls_.close(fd); } TEST_P(FileEventImplActivateTest, ActivateChaining) { os_fd_t fd = os_sys_calls_.socket(domain(), SOCK_STREAM, 0).rc_; ASSERT_TRUE(SOCKET_VALID(fd)); Api::ApiPtr api = Api::createApiForTest(); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); ReadyWatcher fd_event; ReadyWatcher read_event; ReadyWatcher write_event; ReadyWatcher closed_event; ReadyWatcher prepare_watcher; evwatch_prepare_new(&static_cast(dispatcher.get())->base(), onWatcherReady, &prepare_watcher); const FileTriggerType trigger = Event::PlatformDefaultTriggerType; Event::FileEventPtr file_event = dispatcher->createFileEvent( fd, [&](uint32_t events) -> void { fd_event.ready(); if (events & FileReadyType::Read) { read_event.ready(); file_event->activate(FileReadyType::Write); file_event->activate(FileReadyType::Closed); } if (events & FileReadyType::Write) { write_event.ready(); file_event->activate(FileReadyType::Closed); } if (events & FileReadyType::Closed) { closed_event.ready(); } }, trigger, FileReadyType::Read | FileReadyType::Write | FileReadyType::Closed); testing::InSequence s; // First loop iteration: handle scheduled read event and the real write event produced by poll. // Note that the real and injected events are combined and delivered in a single call to the fd // callback. EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(fd_event, ready()); EXPECT_CALL(read_event, ready()); EXPECT_CALL(write_event, ready()); if (activateFdsNextEventLoop()) { // Second loop iteration: handle write and close events scheduled while handling read. EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(fd_event, ready()); EXPECT_CALL(write_event, ready()); EXPECT_CALL(closed_event, ready()); // Third loop iteration: handle close event scheduled while handling write. EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(fd_event, ready()); EXPECT_CALL(closed_event, ready()); // Fourth loop iteration: poll returned no new real events. EXPECT_CALL(prepare_watcher, ready()); } else { // Same loop iteration activation: handle write and close events scheduled while handling read. EXPECT_CALL(fd_event, ready()); EXPECT_CALL(write_event, ready()); EXPECT_CALL(closed_event, ready()); // Second same loop iteration activation: handle close event scheduled while handling write. EXPECT_CALL(fd_event, ready()); EXPECT_CALL(closed_event, ready()); // Second loop iteration: poll returned no new real events. EXPECT_CALL(prepare_watcher, ready()); } file_event->activate(FileReadyType::Read); dispatcher->run(Event::Dispatcher::RunType::NonBlock); os_sys_calls_.close(fd); } TEST_P(FileEventImplActivateTest, SetEnableCancelsActivate) { os_fd_t fd = os_sys_calls_.socket(domain(), SOCK_STREAM, 0).rc_; ASSERT_TRUE(SOCKET_VALID(fd)); Api::ApiPtr api = Api::createApiForTest(); DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); ReadyWatcher fd_event; ReadyWatcher read_event; ReadyWatcher write_event; ReadyWatcher closed_event; ReadyWatcher prepare_watcher; evwatch_prepare_new(&static_cast(dispatcher.get())->base(), onWatcherReady, &prepare_watcher); const FileTriggerType trigger = Event::PlatformDefaultTriggerType; Event::FileEventPtr file_event = dispatcher->createFileEvent( fd, [&](uint32_t events) -> void { fd_event.ready(); if (events & FileReadyType::Read) { read_event.ready(); file_event->activate(FileReadyType::Closed); file_event->setEnabled(FileReadyType::Write | FileReadyType::Closed); } if (events & FileReadyType::Write) { write_event.ready(); } if (events & FileReadyType::Closed) { closed_event.ready(); } }, trigger, FileReadyType::Read | FileReadyType::Write | FileReadyType::Closed); testing::InSequence s; // First loop iteration: handle scheduled read event and the real write event produced by poll. // Note that the real and injected events are combined and delivered in a single call to the fd // callback. EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(fd_event, ready()); EXPECT_CALL(read_event, ready()); EXPECT_CALL(write_event, ready()); // Second loop iteration: handle real write event after resetting event mask via setEnabled. Close // injected event is discarded by the setEnable call. EXPECT_CALL(prepare_watcher, ready()); EXPECT_CALL(fd_event, ready()); EXPECT_CALL(write_event, ready()); // Third loop iteration: poll returned no new real events. EXPECT_CALL(prepare_watcher, ready()); file_event->activate(FileReadyType::Read); dispatcher->run(Event::Dispatcher::RunType::NonBlock); os_sys_calls_.close(fd); } #ifndef WIN32 // Libevent on Windows doesn't support edge trigger. TEST_F(FileEventImplTest, EdgeTrigger) { ReadyWatcher read_event; EXPECT_CALL(read_event, ready()).Times(1); ReadyWatcher write_event; EXPECT_CALL(write_event, ready()).Times(1); Event::FileEventPtr file_event = dispatcher_->createFileEvent( fds_[0], [&](uint32_t events) -> void { if (events & FileReadyType::Read) { read_event.ready(); } if (events & FileReadyType::Write) { write_event.ready(); } }, FileTriggerType::Edge, FileReadyType::Read | FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); } #endif TEST_F(FileEventImplTest, LevelTrigger) { ReadyWatcher read_event; EXPECT_CALL(read_event, ready()).Times(2); ReadyWatcher write_event; EXPECT_CALL(write_event, ready()).Times(2); int count = 2; Event::FileEventPtr file_event = dispatcher_->createFileEvent( fds_[0], [&](uint32_t events) -> void { if (count-- == 0) { dispatcher_->exit(); return; } if (events & FileReadyType::Read) { read_event.ready(); } if (events & FileReadyType::Write) { write_event.ready(); } }, FileTriggerType::Level, FileReadyType::Read | FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::Block); } TEST_F(FileEventImplTest, SetEnabled) { ReadyWatcher read_event; EXPECT_CALL(read_event, ready()).Times(2); ReadyWatcher write_event; EXPECT_CALL(write_event, ready()).Times(2); const FileTriggerType trigger = Event::PlatformDefaultTriggerType; Event::FileEventPtr file_event = dispatcher_->createFileEvent( fds_[0], [&](uint32_t events) -> void { if (events & FileReadyType::Read) { read_event.ready(); } if (events & FileReadyType::Write) { write_event.ready(); } }, trigger, FileReadyType::Read | FileReadyType::Write); file_event->setEnabled(FileReadyType::Read); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); file_event->setEnabled(FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); file_event->setEnabled(0); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); } } // namespace } // namespace Event } // namespace Envoy ================================================ FILE: test/common/event/scaled_range_timer_manager_test.cc ================================================ #include #include "envoy/event/timer.h" #include "common/event/dispatcher_impl.h" #include "common/event/scaled_range_timer_manager.h" #include "test/mocks/common.h" #include "test/mocks/event/wrapped_dispatcher.h" #include "test/test_common/simulated_time_system.h" #include "gtest/gtest.h" namespace Envoy { namespace Event { namespace { using testing::ElementsAre; using testing::InSequence; using testing::MockFunction; class ScopeTrackingDispatcher : public WrappedDispatcher { public: ScopeTrackingDispatcher(DispatcherPtr dispatcher) : WrappedDispatcher(*dispatcher), dispatcher_(std::move(dispatcher)) {} const ScopeTrackedObject* setTrackedObject(const ScopeTrackedObject* object) override { scope_ = object; return impl_.setTrackedObject(object); } const ScopeTrackedObject* scope_{nullptr}; Dispatcher* impl() const { return dispatcher_.get(); } private: DispatcherPtr dispatcher_; }; class ScaledRangeTimerManagerTest : public testing::Test, public TestUsingSimulatedTime { public: ScaledRangeTimerManagerTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} Api::ApiPtr api_; ScopeTrackingDispatcher dispatcher_; }; struct TrackedTimer { explicit TrackedTimer(ScaledRangeTimerManager& manager, TimeSystem& time_system) : timer(manager.createTimer([trigger_times = trigger_times.get(), &time_system] { trigger_times->push_back(time_system.monotonicTime()); })) {} std::unique_ptr> trigger_times{ std::make_unique>()}; RangeTimerPtr timer; }; TEST_F(ScaledRangeTimerManagerTest, CreateAndDestroy) { ScaledRangeTimerManager manager(dispatcher_); } TEST_F(ScaledRangeTimerManagerTest, CreateAndDestroyTimer) { ScaledRangeTimerManager manager(dispatcher_); { MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); } } TEST_F(ScaledRangeTimerManagerTest, CreateSingleScaledTimer) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(10)); EXPECT_TRUE(timer->enabled()); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); EXPECT_TRUE(timer->enabled()); EXPECT_CALL(callback, Call()); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); EXPECT_FALSE(timer->enabled()); } TEST_F(ScaledRangeTimerManagerTest, EnableAndDisableTimer) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(30)); EXPECT_TRUE(timer->enabled()); timer->disableTimer(); EXPECT_FALSE(timer->enabled()); // Provide some additional guarantee of safety by running the dispatcher for a little bit. This // should be a no-op, and if not (because a timer was fired), that's a problem that will be caught // by the strict mock callback. simTime().advanceTimeAndRun(std::chrono::seconds(10), dispatcher_, Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, DisableWhileDisabled) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); EXPECT_FALSE(timer->enabled()); timer->disableTimer(); EXPECT_FALSE(timer->enabled()); } TEST_F(ScaledRangeTimerManagerTest, DisableWhileWaitingForMin) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(10), std::chrono::seconds(100)); EXPECT_TRUE(timer->enabled()); timer->disableTimer(); EXPECT_FALSE(timer->enabled()); } TEST_F(ScaledRangeTimerManagerTest, DisableWhileScalingMax) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(100)); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); EXPECT_TRUE(timer->enabled()); timer->disableTimer(); EXPECT_FALSE(timer->enabled()); // Run the dispatcher to make sure nothing happens when it's not supposed to. simTime().advanceTimeAndRun(std::chrono::seconds(100), dispatcher_, Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, DisableWithZeroMinTime) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(0), std::chrono::seconds(100)); EXPECT_TRUE(timer->enabled()); timer->disableTimer(); EXPECT_FALSE(timer->enabled()); // Run the dispatcher to make sure nothing happens when it's not supposed to. simTime().advanceTimeAndRun(std::chrono::seconds(100), dispatcher_, Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, TriggerWithZeroMinTime) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); timer->enableTimer(std::chrono::seconds(0), std::chrono::seconds(10)); simTime().advanceTimeAndRun(std::chrono::seconds(9), dispatcher_, Dispatcher::RunType::Block); EXPECT_CALL(callback, Call); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, DisableFrontScalingMaxTimer) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback1, callback2; auto timer1 = manager.createTimer(callback1.AsStdFunction()); auto timer2 = manager.createTimer(callback2.AsStdFunction()); // These timers have the same max-min. timer1->enableTimer(std::chrono::seconds(5), std::chrono::seconds(30)); timer2->enableTimer(std::chrono::seconds(10), std::chrono::seconds(35)); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); timer1->disableTimer(); EXPECT_FALSE(timer1->enabled()); ASSERT_TRUE(timer2->enabled()); // Check that timer2 doesn't trigger when timer1 was originally going to, at start+30. simTime().advanceTimeAndRun(std::chrono::seconds(20), dispatcher_, Dispatcher::RunType::Block); // Advancing to timer2's max should trigger it. EXPECT_CALL(callback2, Call); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, DisableLaterScalingMaxTimer) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback1, callback2; auto timer1 = manager.createTimer(callback1.AsStdFunction()); auto timer2 = manager.createTimer(callback2.AsStdFunction()); // These timers have the same max-min. timer1->enableTimer(std::chrono::seconds(5), std::chrono::seconds(30)); timer2->enableTimer(std::chrono::seconds(10), std::chrono::seconds(35)); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); timer2->disableTimer(); EXPECT_FALSE(timer2->enabled()); ASSERT_TRUE(timer1->enabled()); // After the original windows for both timers have long expired, only the enabled one should fire. EXPECT_CALL(callback1, Call); simTime().advanceTimeAndRun(std::chrono::seconds(100), dispatcher_, Dispatcher::RunType::Block); } class ScaledRangeTimerManagerTestWithScope : public ScaledRangeTimerManagerTest, public testing::WithParamInterface { public: ScopeTrackedObject* getScope() { return GetParam() ? &scope_ : nullptr; } MockScopedTrackedObject scope_; }; TEST_P(ScaledRangeTimerManagerTestWithScope, ReRegisterOnCallback) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); EXPECT_EQ(dispatcher_.scope_, nullptr); { InSequence s; EXPECT_CALL(callback, Call).WillOnce([&] { EXPECT_EQ(dispatcher_.scope_, getScope()); timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(2), getScope()); }); EXPECT_CALL(callback, Call).WillOnce([&] { EXPECT_EQ(dispatcher_.scope_, getScope()); }); } timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(2), getScope()); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_EQ(dispatcher_.scope_, nullptr); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_EQ(dispatcher_.scope_, nullptr); EXPECT_TRUE(timer->enabled()); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_FALSE(timer->enabled()); }; TEST_P(ScaledRangeTimerManagerTestWithScope, ScheduleWithScalingFactorZero) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); manager.setScaleFactor(0); EXPECT_CALL(callback, Call).WillOnce([&] { EXPECT_EQ(dispatcher_.scope_, getScope()); }); timer->enableTimer(std::chrono::seconds(0), std::chrono::seconds(1), getScope()); simTime().advanceTimeAndRun(std::chrono::milliseconds(1), dispatcher_, Dispatcher::RunType::Block); } INSTANTIATE_TEST_SUITE_P(WithAndWithoutScope, ScaledRangeTimerManagerTestWithScope, testing::Bool()); TEST_F(ScaledRangeTimerManagerTest, SingleTimerTriggeredNoScaling) { ScaledRangeTimerManager manager(dispatcher_); bool triggered = false; MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); EXPECT_CALL(callback, Call()).WillOnce([&] { triggered = true; }); timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(9)); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); EXPECT_FALSE(triggered); simTime().advanceTimeAndRun(std::chrono::seconds(4) - std::chrono::milliseconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_FALSE(triggered); simTime().advanceTimeAndRun(std::chrono::milliseconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_TRUE(triggered); } TEST_F(ScaledRangeTimerManagerTest, SingleTimerSameMinMax) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback; auto timer = manager.createTimer(callback.AsStdFunction()); EXPECT_CALL(callback, Call()); timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(1)); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_FALSE(timer->enabled()); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersNoScaling) { ScaledRangeTimerManager manager(dispatcher_); std::vector timers; timers.reserve(3); const MonotonicTime start = simTime().monotonicTime(); for (int i = 0; i < 3; ++i) { timers.emplace_back(manager, simTime()); } timers[0].timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(3)); timers[1].timer->enableTimer(std::chrono::seconds(2), std::chrono::seconds(6)); timers[2].timer->enableTimer(std::chrono::seconds(0), std::chrono::seconds(9)); for (int i = 0; i < 10; ++i) { simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); } EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(3))); EXPECT_THAT(*timers[1].trigger_times, ElementsAre(start + std::chrono::seconds(6))); EXPECT_THAT(*timers[2].trigger_times, ElementsAre(start + std::chrono::seconds(9))); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersWithScaling) { ScaledRangeTimerManager manager(dispatcher_); std::vector timers; timers.reserve(3); for (int i = 0; i < 3; ++i) { timers.emplace_back(manager, simTime()); } const MonotonicTime start = simTime().monotonicTime(); timers[0].timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(3)); timers[1].timer->enableTimer(std::chrono::seconds(2), std::chrono::seconds(6)); timers[2].timer->enableTimer(std::chrono::seconds(6), std::chrono::seconds(10)); manager.setScaleFactor(0.5); // Advance time to start = 1 second, so timers[0] hits its min. simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); // Advance time to start = 2, which should make timers[0] hit its scaled max. simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); // At 4x speed, timers[1] will fire in only 1 second. manager.setScaleFactor(0.25); // Advance time to start = 3, which should make timers[1] hit its scaled max. simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); // Advance time to start = 6, which is the minimum required for timers[2] to fire. simTime().advanceTimeAndRun(std::chrono::seconds(3), dispatcher_, Dispatcher::RunType::Block); manager.setScaleFactor(0); // With a scale factor of 0, timers[2] should be ready to be fired immediately. dispatcher_.run(Dispatcher::RunType::Block); EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(2))); EXPECT_THAT(*timers[1].trigger_times, ElementsAre(start + std::chrono::seconds(3))); EXPECT_THAT(*timers[2].trigger_times, ElementsAre(start + std::chrono::seconds(6))); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersSameTimes) { ScaledRangeTimerManager manager(dispatcher_); std::vector timers; timers.reserve(3); const MonotonicTime start = simTime().monotonicTime(); for (int i = 0; i < 3; ++i) { timers.emplace_back(manager, simTime()); timers[i].timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(2)); } simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(2))); EXPECT_THAT(*timers[1].trigger_times, ElementsAre(start + std::chrono::seconds(2))); EXPECT_THAT(*timers[2].trigger_times, ElementsAre(start + std::chrono::seconds(2))); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersSameTimesFastClock) { ScaledRangeTimerManager manager(dispatcher_); std::vector timers; timers.reserve(3); const MonotonicTime start = simTime().monotonicTime(); for (int i = 0; i < 3; ++i) { timers.emplace_back(manager, simTime()); timers[i].timer->enableTimer(std::chrono::seconds(1), std::chrono::seconds(2)); } simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); // The clock runs fast here before the dispatcher gets to the timer callbacks. simTime().advanceTimeAndRun(std::chrono::seconds(2), dispatcher_, Dispatcher::RunType::Block); EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(3))); EXPECT_THAT(*timers[1].trigger_times, ElementsAre(start + std::chrono::seconds(3))); EXPECT_THAT(*timers[2].trigger_times, ElementsAre(start + std::chrono::seconds(3))); } TEST_F(ScaledRangeTimerManagerTest, ScheduledWithScalingFactorZero) { ScaledRangeTimerManager manager(dispatcher_); manager.setScaleFactor(0); TrackedTimer timer(manager, simTime()); // The timer should fire at start = 4 since the scaling factor is 0. const MonotonicTime start = simTime().monotonicTime(); timer.timer->enableTimer(std::chrono::seconds(4), std::chrono::seconds(10)); for (int i = 0; i < 10; ++i) { simTime().advanceTimeAndRun(std::chrono::seconds(4), dispatcher_, Dispatcher::RunType::Block); } EXPECT_THAT(*timer.trigger_times, ElementsAre(start + std::chrono::seconds(4))); } TEST_F(ScaledRangeTimerManagerTest, ScheduledWithMaxBeforeMin) { // When max < min, the timer behaves the same as if max == min. This ensures that min is always // respected, and max is respected as much as possible. ScaledRangeTimerManager manager(dispatcher_); TrackedTimer timer(manager, simTime()); const MonotonicTime start = simTime().monotonicTime(); timer.timer->enableTimer(std::chrono::seconds(4), std::chrono::seconds(3)); for (int i = 0; i < 10; ++i) { simTime().advanceTimeAndRun(std::chrono::seconds(4), dispatcher_, Dispatcher::RunType::Block); } EXPECT_THAT(*timer.trigger_times, ElementsAre(start + std::chrono::seconds(4))); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersTriggeredInTheSameEventLoopIteration) { ScaledRangeTimerManager manager(dispatcher_); MockFunction callback1, callback2, callback3; auto timer1 = manager.createTimer(callback1.AsStdFunction()); auto timer2 = manager.createTimer(callback2.AsStdFunction()); auto timer3 = manager.createTimer(callback3.AsStdFunction()); timer1->enableTimer(std::chrono::seconds(5), std::chrono::seconds(10)); timer2->enableTimer(std::chrono::seconds(5), std::chrono::seconds(10)); timer3->enableTimer(std::chrono::seconds(5), std::chrono::seconds(10)); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); DispatcherImpl* dispatcher_impl = static_cast(dispatcher_.impl()); ASSERT(dispatcher_impl != nullptr); ReadyWatcher prepare_watcher; evwatch_prepare_new( &dispatcher_impl->base(), +[](evwatch*, const evwatch_prepare_cb_info*, void* arg) { // `arg` contains the ReadyWatcher passed in from evwatch_prepare_new. auto watcher = static_cast(arg); watcher->ready(); }, &prepare_watcher); ReadyWatcher schedulable_watcher; SchedulableCallbackPtr schedulable_callback = dispatcher_.createSchedulableCallback([&] { schedulable_watcher.ready(); }); testing::Expectation first_prepare = EXPECT_CALL(prepare_watcher, ready()); testing::ExpectationSet after_first_prepare; after_first_prepare += EXPECT_CALL(schedulable_watcher, ready()).After(first_prepare).WillOnce([&] { schedulable_callback->scheduleCallbackNextIteration(); }); after_first_prepare += EXPECT_CALL(callback1, Call).After(first_prepare); after_first_prepare += EXPECT_CALL(callback2, Call).After(first_prepare); after_first_prepare += EXPECT_CALL(callback3, Call).After(first_prepare); testing::Expectation second_prepare = EXPECT_CALL(prepare_watcher, ready()).After(after_first_prepare).WillOnce([&] { schedulable_callback->scheduleCallbackNextIteration(); }); EXPECT_CALL(schedulable_watcher, ready()).After(second_prepare); // Running outside the event loop, this should schedule a run on the next event loop iteration. schedulable_callback->scheduleCallbackNextIteration(); simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); dispatcher_.run(Dispatcher::RunType::Block); } TEST_F(ScaledRangeTimerManagerTest, MultipleTimersWithChangeInScalingFactor) { ScaledRangeTimerManager manager(dispatcher_); const MonotonicTime start = simTime().monotonicTime(); std::vector timers; timers.reserve(4); for (int i = 0; i < 4; i++) { timers.emplace_back(manager, simTime()); } timers[0].timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(15)); timers[1].timer->enableTimer(std::chrono::seconds(12), std::chrono::seconds(14)); manager.setScaleFactor(0.1); timers[2].timer->enableTimer(std::chrono::seconds(7), std::chrono::seconds(21)); timers[3].timer->enableTimer(std::chrono::seconds(10), std::chrono::seconds(16)); // Advance to timer 0's min. simTime().advanceTimeAndRun(std::chrono::seconds(5), dispatcher_, Dispatcher::RunType::Block); manager.setScaleFactor(0.5); // Now that the scale factor is 0.5, fire times are 0: start+10, 1: start+13, 2: start+14, 3: // start+13. Advance to timer 2's min. simTime().advanceTimeAndRun(std::chrono::seconds(2), dispatcher_, Dispatcher::RunType::Block); // Advance to time start+9. simTime().advanceTimeAndRun(std::chrono::seconds(2), dispatcher_, Dispatcher::RunType::Block); manager.setScaleFactor(0.1); // Now that the scale factor is reduced, fire times are 0: start+6, 1: start+12.2, // 2: start+8.4, 3: start+10.6. Timers 0 and 2 should fire immediately since their // trigger times are in the past. dispatcher_.run(Dispatcher::RunType::Block); EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(9))); EXPECT_THAT(*timers[2].trigger_times, ElementsAre(start + std::chrono::seconds(9))); simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); // The time is now start+10. Re-enable timer 0. ASSERT_FALSE(timers[0].timer->enabled()); timers[0].timer->enableTimer(std::chrono::seconds(5), std::chrono::seconds(13)); // Fire times are now 0: start+19, 1: start+13, 2: none, 3: start+13. manager.setScaleFactor(0.5); // Advance to timer 1's min. simTime().advanceTimeAndRun(std::chrono::seconds(2), dispatcher_, Dispatcher::RunType::Block); // Advance again to start+13, which should trigger both timers 1 and 3. simTime().advanceTimeAndRun(std::chrono::seconds(1), dispatcher_, Dispatcher::RunType::Block); EXPECT_THAT(*timers[1].trigger_times, ElementsAre(start + std::chrono::seconds(13))); EXPECT_THAT(*timers[3].trigger_times, ElementsAre(start + std::chrono::seconds(13))); simTime().advanceTimeAndRun(std::chrono::seconds(3), dispatcher_, Dispatcher::RunType::Block); // The time is now start+16. Setting the scale factor to 0 should make timer 0 fire immediately. manager.setScaleFactor(0); dispatcher_.run(Dispatcher::RunType::Block); EXPECT_THAT(*timers[0].trigger_times, ElementsAre(start + std::chrono::seconds(9), start + std::chrono::seconds(16))); } } // namespace } // namespace Event } // namespace Envoy ================================================ FILE: test/common/filesystem/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "filesystem_impl_test", srcs = ["filesystem_impl_test.cc"], deps = [ "//source/common/filesystem:filesystem_lib", "//test/test_common:environment_lib", ], ) envoy_cc_test( name = "directory_test", srcs = ["directory_test.cc"], deps = [ "//source/common/filesystem:directory_lib", "//test/test_common:environment_lib", ], ) envoy_cc_test( name = "watcher_impl_test", srcs = ["watcher_impl_test.cc"], deps = [ "//source/common/common:assert_lib", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", "//source/common/filesystem:watcher_lib", "//test/test_common:environment_lib", ], ) ================================================ FILE: test/common/filesystem/directory_test.cc ================================================ #include #include #include #include "common/filesystem/directory.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "absl/container/node_hash_set.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Filesystem { class DirectoryTest : public testing::Test { public: DirectoryTest() : dir_path_(TestEnvironment::temporaryPath("envoy_test")) { files_to_remove_.push(dir_path_); } protected: void SetUp() override { TestEnvironment::createPath(dir_path_); } void TearDown() override { while (!files_to_remove_.empty()) { const std::string& f = files_to_remove_.top(); TestEnvironment::removePath(f); files_to_remove_.pop(); } } void addSubDirs(std::list sub_dirs) { for (const std::string& dir_name : sub_dirs) { const std::string full_path = dir_path_ + "/" + dir_name; TestEnvironment::createPath(full_path); files_to_remove_.push(full_path); } } void addFiles(std::list files) { for (const std::string& file_name : files) { const std::string full_path = dir_path_ + "/" + file_name; { const std::ofstream file(full_path); } files_to_remove_.push(full_path); } } void addSymlinks(std::list> symlinks) { for (const auto& link : symlinks) { const std::string target_path = dir_path_ + "/" + link.first; const std::string link_path = dir_path_ + "/" + link.second; TestEnvironment::createSymlink(target_path, link_path); files_to_remove_.push(link_path); } } const std::string dir_path_; std::stack files_to_remove_; }; struct EntryHash { std::size_t operator()(DirectoryEntry const& e) const noexcept { return std::hash{}(e.name_); } }; using EntrySet = absl::node_hash_set; EntrySet getDirectoryContents(const std::string& dir_path, bool recursive) { Directory directory(dir_path); EntrySet ret; for (const DirectoryEntry& entry : directory) { ret.insert(entry); if (entry.type_ == FileType::Directory && entry.name_ != "." && entry.name_ != ".." && recursive) { std::string subdir_name = entry.name_; EntrySet subdir = getDirectoryContents(dir_path + "/" + subdir_name, recursive); for (const DirectoryEntry& entry : subdir) { ret.insert({subdir_name + "/" + entry.name_, entry.type_}); } } } return ret; } // Test that we can list a file in a directory TEST_F(DirectoryTest, DirectoryWithOneFile) { addFiles({"file"}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"file", FileType::Regular}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that we can list a sub directory in a directory TEST_F(DirectoryTest, DirectoryWithOneDirectory) { addSubDirs({"sub_dir"}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"sub_dir", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that we do not recurse into directories when listing files TEST_F(DirectoryTest, DirectoryWithFileInSubDirectory) { addSubDirs({"sub_dir"}); addFiles({"sub_dir/sub_file"}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"sub_dir", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that when recursively creating DirectoryIterators, they do not interfere with each other TEST_F(DirectoryTest, RecursionIntoSubDirectory) { addSubDirs({"sub_dir"}); addFiles({"file", "sub_dir/sub_file"}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"file", FileType::Regular}, {"sub_dir", FileType::Directory}, {"sub_dir/sub_file", FileType::Regular}, {"sub_dir/.", FileType::Directory}, {"sub_dir/..", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, true)); } // Test that we can list a file and a sub directory in a directory TEST_F(DirectoryTest, DirectoryWithFileAndDirectory) { addSubDirs({"sub_dir"}); addFiles({"file"}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"sub_dir", FileType::Directory}, {"file", FileType::Regular}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that a symlink to a file has type FileType::Regular TEST_F(DirectoryTest, DirectoryWithSymlinkToFile) { addFiles({"file"}); addSymlinks({{"file", "link"}}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"file", FileType::Regular}, {"link", FileType::Regular}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that a symlink to a directory has type FileType::Directory TEST_F(DirectoryTest, DirectoryWithSymlinkToDirectory) { addSubDirs({"sub_dir"}); addSymlinks({{"sub_dir", "link_dir"}}); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, {"sub_dir", FileType::Directory}, {"link_dir", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that a broken symlink can be listed TEST_F(DirectoryTest, DirectoryWithBrokenSymlink) { addSubDirs({"sub_dir"}); addSymlinks({{"sub_dir", "link_dir"}}); TestEnvironment::removePath(dir_path_ + "/sub_dir"); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, #ifndef WIN32 // On Linux, a broken directory link is simply a symlink to be rm'ed {"link_dir", FileType::Regular}, #else // On Windows, a broken directory link remains a directory link to be rmdir'ed {"link_dir", FileType::Directory}, #endif }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that we can list an empty directory TEST_F(DirectoryTest, DirectoryWithEmptyDirectory) { const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path_, false)); } // Test that the constructor throws an exception when given a non-existing path TEST(DirectoryIteratorImpl, NonExistingDir) { const std::string dir_path("some/non/existing/dir"); #ifdef WIN32 EXPECT_THROW_WITH_MESSAGE( DirectoryIteratorImpl dir_iterator(dir_path), EnvoyException, fmt::format("unable to open directory {}: {}", dir_path, ERROR_PATH_NOT_FOUND)); #else EXPECT_THROW_WITH_MESSAGE( DirectoryIteratorImpl dir_iterator(dir_path), EnvoyException, fmt::format("unable to open directory {}: No such file or directory", dir_path)); #endif } // Test that we correctly handle trailing path separators TEST(Directory, DirectoryHasTrailingPathSeparator) { #ifdef WIN32 const std::string dir_path(TestEnvironment::temporaryPath("envoy_test") + "\\"); #else const std::string dir_path(TestEnvironment::temporaryPath("envoy_test") + "/"); #endif TestEnvironment::createPath(dir_path); const EntrySet expected = { {".", FileType::Directory}, {"..", FileType::Directory}, }; EXPECT_EQ(expected, getDirectoryContents(dir_path, false)); TestEnvironment::removePath(dir_path); } } // namespace Filesystem } // namespace Envoy ================================================ FILE: test/common/filesystem/filesystem_impl_test.cc ================================================ #include #include #include "common/common/assert.h" #include "common/common/utility.h" #include "common/filesystem/filesystem_impl.h" #include "test/test_common/environment.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Filesystem { static constexpr FlagSet DefaultFlags{ 1 << Filesystem::File::Operation::Read | 1 << Filesystem::File::Operation::Write | 1 << Filesystem::File::Operation::Create | 1 << Filesystem::File::Operation::Append}; class FileSystemImplTest : public testing::Test { protected: filesystem_os_id_t getFd(File* file) { #ifdef WIN32 auto file_impl = dynamic_cast(file); #else auto file_impl = dynamic_cast(file); #endif RELEASE_ASSERT(file_impl != nullptr, "failed to cast File* to FileImpl*"); return file_impl->fd_; } #ifdef WIN32 InstanceImplWin32 file_system_; #else Api::SysCallStringResult canonicalPath(const std::string& path) { return file_system_.canonicalPath(path); } InstanceImplPosix file_system_; #endif }; TEST_F(FileSystemImplTest, FileExists) { EXPECT_FALSE(file_system_.fileExists("/dev/blahblahblah")); #ifdef WIN32 const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", "x"); EXPECT_TRUE(file_system_.fileExists(file_path)); EXPECT_TRUE(file_system_.fileExists("c:/windows")); #else EXPECT_TRUE(file_system_.fileExists("/dev/null")); EXPECT_TRUE(file_system_.fileExists("/dev")); #endif } TEST_F(FileSystemImplTest, DirectoryExists) { EXPECT_FALSE(file_system_.directoryExists("/dev/blahblah")); #ifdef WIN32 const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", "x"); EXPECT_FALSE(file_system_.directoryExists(file_path)); EXPECT_TRUE(file_system_.directoryExists("c:/windows")); #else EXPECT_FALSE(file_system_.directoryExists("/dev/null")); EXPECT_TRUE(file_system_.directoryExists("/dev")); #endif } TEST_F(FileSystemImplTest, FileSize) { EXPECT_EQ(0, file_system_.fileSize(std::string(Platform::null_device_path))); EXPECT_EQ(-1, file_system_.fileSize("/dev/blahblahblah")); const std::string data = "test string\ntest"; const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", data); EXPECT_EQ(data.length(), file_system_.fileSize(file_path)); } TEST_F(FileSystemImplTest, FileReadToEndSuccess) { const std::string data = "test string\ntest"; const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", data); EXPECT_EQ(data, file_system_.fileReadToEnd(file_path)); } // Files are read into std::string; verify that all bytes (e.g., non-ascii characters) come back // unmodified TEST_F(FileSystemImplTest, FileReadToEndSuccessBinary) { std::string data; for (unsigned i = 0; i < 256; i++) { data.push_back(i); } const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", data); const std::string read = file_system_.fileReadToEnd(file_path); const std::vector binary_read(read.begin(), read.end()); EXPECT_EQ(binary_read.size(), 256); for (unsigned i = 0; i < 256; i++) { EXPECT_EQ(binary_read.at(i), i); } } TEST_F(FileSystemImplTest, FileReadToEndDoesNotExist) { unlink(TestEnvironment::temporaryPath("envoy_this_not_exist").c_str()); EXPECT_THROW(file_system_.fileReadToEnd(TestEnvironment::temporaryPath("envoy_this_not_exist")), EnvoyException); } TEST_F(FileSystemImplTest, FileReadToEndDenylisted) { EXPECT_THROW(file_system_.fileReadToEnd("/dev/urandom"), EnvoyException); EXPECT_THROW(file_system_.fileReadToEnd("/proc/cpuinfo"), EnvoyException); EXPECT_THROW(file_system_.fileReadToEnd("/sys/block/sda/dev"), EnvoyException); } #ifndef WIN32 TEST_F(FileSystemImplTest, CanonicalPathSuccess) { EXPECT_EQ("/", canonicalPath("//").rc_); } #endif #ifndef WIN32 TEST_F(FileSystemImplTest, CanonicalPathFail) { const Api::SysCallStringResult result = canonicalPath("/_some_non_existent_file"); EXPECT_TRUE(result.rc_.empty()); EXPECT_EQ("No such file or directory", errorDetails(result.errno_)); } #endif TEST_F(FileSystemImplTest, SplitPathFromFilename) { PathSplitResult result; result = file_system_.splitPathFromFilename("/foo/bar/baz"); EXPECT_EQ(result.directory_, "/foo/bar"); EXPECT_EQ(result.file_, "baz"); result = file_system_.splitPathFromFilename("/foo/bar"); EXPECT_EQ(result.directory_, "/foo"); EXPECT_EQ(result.file_, "bar"); result = file_system_.splitPathFromFilename("/foo"); EXPECT_EQ(result.directory_, "/"); EXPECT_EQ(result.file_, "foo"); result = file_system_.splitPathFromFilename("/"); EXPECT_EQ(result.directory_, "/"); EXPECT_EQ(result.file_, ""); EXPECT_THROW(file_system_.splitPathFromFilename("nopathdelimeter"), EnvoyException); #ifdef WIN32 result = file_system_.splitPathFromFilename("c:\\foo/bar"); EXPECT_EQ(result.directory_, "c:\\foo"); EXPECT_EQ(result.file_, "bar"); result = file_system_.splitPathFromFilename("c:/foo\\bar"); EXPECT_EQ(result.directory_, "c:/foo"); EXPECT_EQ(result.file_, "bar"); result = file_system_.splitPathFromFilename("c:\\foo"); EXPECT_EQ(result.directory_, "c:\\"); EXPECT_EQ(result.file_, "foo"); result = file_system_.splitPathFromFilename("c:foo"); EXPECT_EQ(result.directory_, "c:"); EXPECT_EQ(result.file_, "foo"); result = file_system_.splitPathFromFilename("c:"); EXPECT_EQ(result.directory_, "c:"); EXPECT_EQ(result.file_, ""); result = file_system_.splitPathFromFilename("\\\\?\\C:\\"); EXPECT_EQ(result.directory_, "\\\\?\\C:\\"); EXPECT_EQ(result.file_, ""); #endif } TEST_F(FileSystemImplTest, IllegalPath) { EXPECT_FALSE(file_system_.illegalPath("/")); EXPECT_FALSE(file_system_.illegalPath("//")); #ifdef WIN32 EXPECT_FALSE(file_system_.illegalPath("/dev")); EXPECT_FALSE(file_system_.illegalPath("/dev/")); EXPECT_FALSE(file_system_.illegalPath("/proc")); EXPECT_FALSE(file_system_.illegalPath("/proc/")); EXPECT_FALSE(file_system_.illegalPath("/sys")); EXPECT_FALSE(file_system_.illegalPath("/sys/")); EXPECT_FALSE(file_system_.illegalPath("/_some_non_existent_file")); EXPECT_TRUE(file_system_.illegalPath(R"EOF(\\.\foo)EOF")); EXPECT_TRUE(file_system_.illegalPath(R"EOF(\\z\foo)EOF")); EXPECT_TRUE(file_system_.illegalPath(R"EOF(\\?\nul)EOF")); EXPECT_FALSE(file_system_.illegalPath(R"EOF(\\?\C:\foo)EOF")); EXPECT_FALSE(file_system_.illegalPath(R"EOF(C:\foo)EOF")); EXPECT_FALSE(file_system_.illegalPath(R"EOF(C:\foo/bar\baz)EOF")); EXPECT_FALSE(file_system_.illegalPath("C:/foo")); EXPECT_FALSE(file_system_.illegalPath("C:zfoo")); EXPECT_FALSE(file_system_.illegalPath("C:/foo/bar/baz")); EXPECT_TRUE(file_system_.illegalPath("C:/foo/b*ar/baz")); EXPECT_TRUE(file_system_.illegalPath("C:/foo/b?ar/baz")); EXPECT_TRUE(file_system_.illegalPath(R"EOF(C:/i/x"x)EOF")); EXPECT_TRUE(file_system_.illegalPath(std::string("C:/i\0j", 6))); EXPECT_TRUE(file_system_.illegalPath("C:/i/\177")); EXPECT_TRUE(file_system_.illegalPath("C:/i/\alarm")); EXPECT_FALSE(file_system_.illegalPath("C:/i/../j")); EXPECT_FALSE(file_system_.illegalPath("C:/i/./j")); EXPECT_FALSE(file_system_.illegalPath("C:/i/.j")); EXPECT_TRUE(file_system_.illegalPath("C:/i/j.")); EXPECT_TRUE(file_system_.illegalPath("C:/i/j ")); EXPECT_FALSE(file_system_.illegalPath("C:/i///")); EXPECT_TRUE(file_system_.illegalPath("C:/i/NUL")); EXPECT_TRUE(file_system_.illegalPath("C:/i/nul")); EXPECT_TRUE(file_system_.illegalPath("C:/i/nul.ext")); EXPECT_TRUE(file_system_.illegalPath("C:/i/nul.ext.ext2")); EXPECT_TRUE(file_system_.illegalPath("C:/i/nul .ext")); EXPECT_TRUE(file_system_.illegalPath("C:/i/COM1")); EXPECT_TRUE(file_system_.illegalPath("C:/i/COM1/whoops")); EXPECT_TRUE(file_system_.illegalPath("C:/i/COM1.ext")); EXPECT_TRUE(file_system_.illegalPath("C:/i/COM1 .ext")); EXPECT_FALSE(file_system_.illegalPath("C:/i/COM1 ext")); EXPECT_FALSE(file_system_.illegalPath("C:/i/COM1foo")); EXPECT_FALSE(file_system_.illegalPath("C:/i/COM0")); EXPECT_FALSE(file_system_.illegalPath("C:/i/COM")); #else EXPECT_TRUE(file_system_.illegalPath("/dev")); EXPECT_TRUE(file_system_.illegalPath("/dev/")); // Exception to allow opening from file descriptors. See #7258. EXPECT_FALSE(file_system_.illegalPath("/dev/fd/0")); EXPECT_TRUE(file_system_.illegalPath("/proc")); EXPECT_TRUE(file_system_.illegalPath("/proc/")); EXPECT_TRUE(file_system_.illegalPath("/sys")); EXPECT_TRUE(file_system_.illegalPath("/sys/")); EXPECT_TRUE(file_system_.illegalPath("/_some_non_existent_file")); #endif } TEST_F(FileSystemImplTest, ConstructedFileNotOpen) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); FilePtr file = file_system_.createFile(new_file_path); EXPECT_FALSE(file->isOpen()); } TEST_F(FileSystemImplTest, Open) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult result = file->open(DefaultFlags); EXPECT_TRUE(result.rc_); EXPECT_TRUE(file->isOpen()); } TEST_F(FileSystemImplTest, OpenReadOnly) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); static constexpr FlagSet ReadOnlyFlags{1 << Filesystem::File::Operation::Read | 1 << Filesystem::File::Operation::Create | 1 << Filesystem::File::Operation::Append}; FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult result = file->open(ReadOnlyFlags); EXPECT_TRUE(result.rc_); EXPECT_TRUE(file->isOpen()); } TEST_F(FileSystemImplTest, OpenTwice) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); FilePtr file = file_system_.createFile(new_file_path); EXPECT_EQ(getFd(file.get()), INVALID_HANDLE); const Api::IoCallBoolResult result1 = file->open(DefaultFlags); const filesystem_os_id_t initial_fd = getFd(file.get()); EXPECT_TRUE(result1.rc_); EXPECT_TRUE(file->isOpen()); // check that we don't leak a file descriptor const Api::IoCallBoolResult result2 = file->open(DefaultFlags); EXPECT_EQ(initial_fd, getFd(file.get())); EXPECT_TRUE(result2.rc_); EXPECT_TRUE(file->isOpen()); } TEST_F(FileSystemImplTest, OpenBadFilePath) { FilePtr file = file_system_.createFile(""); const Api::IoCallBoolResult result = file->open(DefaultFlags); EXPECT_FALSE(result.rc_); } TEST_F(FileSystemImplTest, ExistingFile) { const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", "existing file"); { FilePtr file = file_system_.createFile(file_path); const Api::IoCallBoolResult open_result = file->open(DefaultFlags); EXPECT_TRUE(open_result.rc_); std::string data(" new data"); const Api::IoCallSizeResult result = file->write(data); EXPECT_EQ(data.length(), result.rc_); } auto contents = TestEnvironment::readFileToStringForTest(file_path); EXPECT_EQ("existing file new data", contents); } TEST_F(FileSystemImplTest, NonExistingFile) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); { FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult open_result = file->open(DefaultFlags); EXPECT_TRUE(open_result.rc_); std::string data(" new data"); const Api::IoCallSizeResult result = file->write(data); EXPECT_EQ(data.length(), result.rc_); } auto contents = TestEnvironment::readFileToStringForTest(new_file_path); EXPECT_EQ(" new data", contents); } TEST_F(FileSystemImplTest, Close) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult result1 = file->open(DefaultFlags); EXPECT_TRUE(result1.rc_); EXPECT_TRUE(file->isOpen()); const Api::IoCallBoolResult result2 = file->close(); EXPECT_TRUE(result2.rc_); EXPECT_FALSE(file->isOpen()); } TEST_F(FileSystemImplTest, WriteAfterClose) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult bool_result1 = file->open(DefaultFlags); EXPECT_TRUE(bool_result1.rc_); const Api::IoCallBoolResult bool_result2 = file->close(); EXPECT_TRUE(bool_result2.rc_); const Api::IoCallSizeResult size_result = file->write(" new data"); EXPECT_EQ(-1, size_result.rc_); EXPECT_EQ(IoFileError::IoErrorCode::BadFd, size_result.err_->getErrorCode()); } TEST_F(FileSystemImplTest, NonExistingFileAndReadOnly) { const std::string new_file_path = TestEnvironment::temporaryPath("envoy_this_not_exist"); ::unlink(new_file_path.c_str()); static constexpr FlagSet flag(static_cast(Filesystem::File::Operation::Read)); FilePtr file = file_system_.createFile(new_file_path); const Api::IoCallBoolResult open_result = file->open(flag); EXPECT_FALSE(open_result.rc_); } TEST_F(FileSystemImplTest, ExistingReadOnlyFileAndWrite) { const std::string file_path = TestEnvironment::writeStringToFileForTest("test_envoy", "existing file"); { static constexpr FlagSet flag(static_cast(Filesystem::File::Operation::Read)); FilePtr file = file_system_.createFile(file_path); const Api::IoCallBoolResult open_result = file->open(flag); EXPECT_TRUE(open_result.rc_); std::string data(" new data"); const Api::IoCallSizeResult result = file->write(data); EXPECT_TRUE(result.rc_ < 0); #ifdef WIN32 EXPECT_EQ(IoFileError::IoErrorCode::Permission, result.err_->getErrorCode()); #else EXPECT_EQ(IoFileError::IoErrorCode::BadFd, result.err_->getErrorCode()); #endif } auto contents = TestEnvironment::readFileToStringForTest(file_path); EXPECT_EQ("existing file", contents); } TEST_F(FileSystemImplTest, TestIoFileError) { IoFileError error1(HANDLE_ERROR_PERM); EXPECT_EQ(IoFileError::IoErrorCode::Permission, error1.getErrorCode()); EXPECT_EQ(errorDetails(HANDLE_ERROR_PERM), error1.getErrorDetails()); IoFileError error2(HANDLE_ERROR_INVALID); EXPECT_EQ(IoFileError::IoErrorCode::BadFd, error2.getErrorCode()); EXPECT_EQ(errorDetails(HANDLE_ERROR_INVALID), error2.getErrorDetails()); int not_known_error = 42; IoFileError error3(not_known_error); EXPECT_EQ(IoFileError::IoErrorCode::UnknownError, error3.getErrorCode()); } } // namespace Filesystem } // namespace Envoy ================================================ FILE: test/common/filesystem/watcher_impl_test.cc ================================================ #include #include #include "common/common/assert.h" #include "common/event/dispatcher_impl.h" #include "common/filesystem/watcher_impl.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Filesystem { class WatcherImplTest : public testing::Test { protected: WatcherImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; }; class WatchCallback { public: MOCK_METHOD(void, called, (uint32_t)); }; TEST_F(WatcherImplTest, All) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_target").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_link").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_new_target").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_new_link").c_str()); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test")); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/watcher_target")); } TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/watcher_target"), TestEnvironment::temporaryPath("envoy_test/watcher_link")); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/watcher_new_target")); } TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/watcher_new_target"), TestEnvironment::temporaryPath("envoy_test/watcher_new_link")); WatchCallback callback; EXPECT_CALL(callback, called(Watcher::Events::MovedTo)).Times(2); watcher->addWatch(TestEnvironment::temporaryPath("envoy_test/watcher_link"), Watcher::Events::MovedTo, [&](uint32_t events) -> void { callback.called(events); dispatcher_->exit(); }); TestEnvironment::renameFile(TestEnvironment::temporaryPath("envoy_test/watcher_new_link"), TestEnvironment::temporaryPath("envoy_test/watcher_link")); dispatcher_->run(Event::Dispatcher::RunType::Block); TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/watcher_new_target"), TestEnvironment::temporaryPath("envoy_test/watcher_new_link")); TestEnvironment::renameFile(TestEnvironment::temporaryPath("envoy_test/watcher_new_link"), TestEnvironment::temporaryPath("envoy_test/watcher_link")); dispatcher_->run(Event::Dispatcher::RunType::Block); } TEST_F(WatcherImplTest, Create) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_target").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_link").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/watcher_new_link").c_str()); unlink(TestEnvironment::temporaryPath("envoy_test/other_file").c_str()); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test")); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/watcher_target")); } WatchCallback callback; watcher->addWatch(TestEnvironment::temporaryPath("envoy_test/watcher_link"), Watcher::Events::MovedTo, [&](uint32_t events) -> void { callback.called(events); dispatcher_->exit(); }); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/other_file")); } dispatcher_->run(Event::Dispatcher::RunType::NonBlock); EXPECT_CALL(callback, called(Watcher::Events::MovedTo)); TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/watcher_target"), TestEnvironment::temporaryPath("envoy_test/watcher_new_link")); TestEnvironment::renameFile(TestEnvironment::temporaryPath("envoy_test/watcher_new_link"), TestEnvironment::temporaryPath("envoy_test/watcher_link")); dispatcher_->run(Event::Dispatcher::RunType::Block); } TEST_F(WatcherImplTest, Modify) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test")); std::ofstream file(TestEnvironment::temporaryPath("envoy_test/watcher_target")); WatchCallback callback; watcher->addWatch(TestEnvironment::temporaryPath("envoy_test/watcher_target"), Watcher::Events::Modified, [&](uint32_t events) -> void { callback.called(events); dispatcher_->exit(); }); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); file << "text" << std::flush; file.close(); EXPECT_CALL(callback, called(Watcher::Events::Modified)); dispatcher_->run(Event::Dispatcher::RunType::Block); } TEST_F(WatcherImplTest, BadPath) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); EXPECT_THROW( watcher->addWatch("this_is_not_a_file", Watcher::Events::MovedTo, [&](uint32_t) -> void {}), EnvoyException); EXPECT_THROW(watcher->addWatch("this_is_not_a_dir/file", Watcher::Events::MovedTo, [&](uint32_t) -> void {}), EnvoyException); } TEST_F(WatcherImplTest, ParentDirectoryRemoved) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test_empty")); WatchCallback callback; EXPECT_CALL(callback, called(testing::_)).Times(0); watcher->addWatch(TestEnvironment::temporaryPath("envoy_test_empty/watcher_link"), Watcher::Events::MovedTo, [&](uint32_t events) -> void { callback.called(events); }); int rc = rmdir(TestEnvironment::temporaryPath("envoy_test_empty").c_str()); EXPECT_EQ(0, rc); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); } TEST_F(WatcherImplTest, RootDirectoryPath) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); #ifndef WIN32 EXPECT_NO_THROW(watcher->addWatch("/", Watcher::Events::MovedTo, [&](uint32_t) -> void {})); #else EXPECT_NO_THROW(watcher->addWatch("c:\\", Watcher::Events::MovedTo, [&](uint32_t) -> void {})); #endif } // Skipping this test on Windows as there is no Windows API able to atomically move a // directory/symlink when the new name is a non-empty directory #ifndef WIN32 TEST_F(WatcherImplTest, SymlinkAtomicRename) { Filesystem::WatcherPtr watcher = dispatcher_->createFilesystemWatcher(); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test")); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test/..timestamp1")); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/..timestamp1/watched_file")); } TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/..timestamp1"), TestEnvironment::temporaryPath("envoy_test/..data")); TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/..data/watched_file"), TestEnvironment::temporaryPath("envoy_test/watched_file")); WatchCallback callback; EXPECT_CALL(callback, called(Watcher::Events::MovedTo)); watcher->addWatch(TestEnvironment::temporaryPath("envoy_test/"), Watcher::Events::MovedTo, [&](uint32_t events) -> void { callback.called(events); dispatcher_->exit(); }); TestEnvironment::createPath(TestEnvironment::temporaryPath("envoy_test/..timestamp2")); { std::ofstream file(TestEnvironment::temporaryPath("envoy_test/..timestamp2/watched_file")); } TestEnvironment::createSymlink(TestEnvironment::temporaryPath("envoy_test/..timestamp2"), TestEnvironment::temporaryPath("envoy_test/..tmp")); TestEnvironment::renameFile(TestEnvironment::temporaryPath("envoy_test/..tmp"), TestEnvironment::temporaryPath("envoy_test/..data")); dispatcher_->run(Event::Dispatcher::RunType::Block); } #endif } // namespace Filesystem } // namespace Envoy ================================================ FILE: test/common/filter/http/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "filter_config_discovery_impl_test", srcs = ["filter_config_discovery_impl_test.cc"], deps = [ "//source/common/config:utility_lib", "//source/common/filter/http:filter_config_discovery_lib", "//source/common/json:json_loader_lib", "//source/extensions/filters/http/health_check:config", "//source/extensions/filters/http/router:config", "//test/mocks/local_info:local_info_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/mocks/server:server_mocks", "//test/mocks/thread_local:thread_local_mocks", "//test/mocks/upstream:upstream_mocks", "//test/test_common:simulated_time_system_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) ================================================ FILE: test/common/filter/http/filter_config_discovery_impl_test.cc ================================================ #include #include #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/core/v3/extension.pb.h" #include "envoy/config/core/v3/extension.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" #include "common/config/utility.h" #include "common/filter/http/filter_config_discovery_impl.h" #include "common/json/json_loader.h" #include "test/mocks/init/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/server/mocks.h" #include "test/mocks/thread_local/mocks.h" #include "test/mocks/upstream/mocks.h" #include "test/test_common/printers.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::InSequence; using testing::Invoke; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Filter { namespace Http { namespace { class FilterConfigDiscoveryTestBase : public testing::Test { public: FilterConfigDiscoveryTestBase() { // For server_factory_context ON_CALL(factory_context_, scope()).WillByDefault(ReturnRef(scope_)); ON_CALL(factory_context_, messageValidationContext()) .WillByDefault(ReturnRef(validation_context_)); EXPECT_CALL(validation_context_, dynamicValidationVisitor()) .WillRepeatedly(ReturnRef(validation_visitor_)); EXPECT_CALL(factory_context_, initManager()).WillRepeatedly(ReturnRef(init_manager_)); ON_CALL(init_manager_, add(_)).WillByDefault(Invoke([this](const Init::Target& target) { init_target_handle_ = target.createHandle("test"); })); ON_CALL(init_manager_, initialize(_)) .WillByDefault(Invoke( [this](const Init::Watcher& watcher) { init_target_handle_->initialize(watcher); })); // Thread local storage assumes a single (main) thread with no workers. ON_CALL(factory_context_.admin_, concurrency()).WillByDefault(Return(0)); } Event::SimulatedTimeSystem& timeSystem() { return time_system_; } Event::SimulatedTimeSystem time_system_; NiceMock validation_context_; NiceMock validation_visitor_; NiceMock init_manager_; NiceMock factory_context_; Init::ExpectableWatcherImpl init_watcher_; Init::TargetHandlePtr init_target_handle_; NiceMock scope_; }; // Test base class with a single provider. class FilterConfigDiscoveryImplTest : public FilterConfigDiscoveryTestBase { public: FilterConfigDiscoveryImplTest() { filter_config_provider_manager_ = std::make_unique(); } ~FilterConfigDiscoveryImplTest() override { factory_context_.thread_local_.shutdownThread(); } FilterConfigProviderPtr createProvider(std::string name, bool warm) { EXPECT_CALL(init_manager_, add(_)); envoy::config::core::v3::ConfigSource config_source; TestUtility::loadFromYaml("ads: {}", config_source); return filter_config_provider_manager_->createDynamicFilterConfigProvider( config_source, name, {"envoy.extensions.filters.http.router.v3.Router"}, factory_context_, "xds.", !warm); } void setup(bool warm = true) { provider_ = createProvider("foo", warm); callbacks_ = factory_context_.cluster_manager_.subscription_factory_.callbacks_; EXPECT_CALL(*factory_context_.cluster_manager_.subscription_factory_.subscription_, start(_, _)); if (!warm) { EXPECT_CALL(init_watcher_, ready()); } init_manager_.initialize(init_watcher_); } std::unique_ptr filter_config_provider_manager_; FilterConfigProviderPtr provider_; Config::SubscriptionCallbacks* callbacks_{}; }; TEST_F(FilterConfigDiscoveryImplTest, DestroyReady) { setup(); EXPECT_CALL(init_watcher_, ready()); } TEST_F(FilterConfigDiscoveryImplTest, Basic) { InSequence s; setup(); EXPECT_EQ("foo", provider_->name()); EXPECT_EQ(absl::nullopt, provider_->config()); // Initial request. { const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); EXPECT_CALL(init_watcher_, ready()); callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()); EXPECT_NE(absl::nullopt, provider_->config()); EXPECT_EQ(1UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_fail").value()); } // 2nd request with same response. Based on hash should not reload config. { const std::string response_yaml = R"EOF( version_info: "2" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()); EXPECT_EQ(1UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_fail").value()); } } TEST_F(FilterConfigDiscoveryImplTest, ConfigFailed) { InSequence s; setup(); EXPECT_CALL(init_watcher_, ready()); callbacks_->onConfigUpdateFailed(Config::ConfigUpdateFailureReason::FetchTimedout, {}); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); EXPECT_EQ(1UL, scope_.counter("xds.extension_config_discovery.foo.config_fail").value()); } TEST_F(FilterConfigDiscoveryImplTest, TooManyResources) { InSequence s; setup(); const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); EXPECT_CALL(init_watcher_, ready()); EXPECT_THROW_WITH_MESSAGE( callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()), EnvoyException, "Unexpected number of resources in ExtensionConfigDS response: 2"); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); } TEST_F(FilterConfigDiscoveryImplTest, WrongName) { InSequence s; setup(); const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: bar typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); EXPECT_CALL(init_watcher_, ready()); EXPECT_THROW_WITH_MESSAGE( callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()), EnvoyException, "Unexpected resource name in ExtensionConfigDS response: bar"); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); } TEST_F(FilterConfigDiscoveryImplTest, Incremental) { InSequence s; setup(); const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); Protobuf::RepeatedPtrField remove; *remove.Add() = "bar"; EXPECT_CALL(init_watcher_, ready()); callbacks_->onConfigUpdate(decoded_resources.refvec_, remove, response.version_info()); EXPECT_NE(absl::nullopt, provider_->config()); EXPECT_EQ(1UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_fail").value()); } TEST_F(FilterConfigDiscoveryImplTest, ApplyWithoutWarming) { InSequence s; setup(false); EXPECT_EQ("foo", provider_->name()); EXPECT_EQ(absl::nullopt, provider_->config()); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_fail").value()); } TEST_F(FilterConfigDiscoveryImplTest, DualProviders) { InSequence s; setup(); auto provider2 = createProvider("foo", true); EXPECT_EQ("foo", provider2->name()); EXPECT_EQ(absl::nullopt, provider2->config()); const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); EXPECT_CALL(init_watcher_, ready()); callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()); EXPECT_NE(absl::nullopt, provider_->config()); EXPECT_NE(absl::nullopt, provider2->config()); EXPECT_EQ(1UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); } TEST_F(FilterConfigDiscoveryImplTest, DualProvidersInvalid) { InSequence s; setup(); auto provider2 = createProvider("foo", true); const std::string response_yaml = R"EOF( version_info: "1" resources: - "@type": type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig name: foo typed_config: "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false )EOF"; const auto response = TestUtility::parseYaml(response_yaml); const auto decoded_resources = TestUtility::decodeResources(response); EXPECT_CALL(init_watcher_, ready()); EXPECT_THROW_WITH_MESSAGE( callbacks_->onConfigUpdate(decoded_resources.refvec_, response.version_info()), EnvoyException, "Error: filter config has type URL envoy.config.filter.http.health_check.v2.HealthCheck but " "expect envoy.extensions.filters.http.router.v3.Router."); EXPECT_EQ(0UL, scope_.counter("xds.extension_config_discovery.foo.config_reload").value()); } } // namespace } // namespace Http } // namespace Filter } // namespace Envoy ================================================ FILE: test/common/formatter/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_benchmark_test", "envoy_cc_benchmark_binary", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_proto_library( name = "substitution_formatter_fuzz_proto", srcs = ["substitution_formatter_fuzz.proto"], deps = ["//test/fuzz:common_proto"], ) envoy_cc_fuzz_test( name = "substitution_formatter_fuzz_test", srcs = ["substitution_formatter_fuzz_test.cc"], corpus = "substitution_formatter_corpus", dictionaries = [ "substitution_formatter_fuzz_test.dict", "//test/fuzz:headers.dict", ], deps = [ ":substitution_formatter_fuzz_proto_cc_proto", "//source/common/formatter:substitution_formatter_lib", "//test/fuzz:utility_lib", ], ) envoy_cc_test( name = "substitution_formatter_test", srcs = ["substitution_formatter_test.cc"], deps = [ "//source/common/common:utility_lib", "//source/common/formatter:substitution_formatter_lib", "//source/common/http:header_map_lib", "//source/common/json:json_loader_lib", "//source/common/network:address_lib", "//source/common/router:string_accessor_lib", "//test/mocks/api:api_mocks", "//test/mocks/http:http_mocks", "//test/mocks/ssl:ssl_mocks", "//test/mocks/stream_info:stream_info_mocks", "//test/test_common:threadsafe_singleton_injector_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "substitution_format_string_test", srcs = ["substitution_format_string_test.cc"], deps = [ "//source/common/formatter:substitution_format_string_lib", "//test/mocks/http:http_mocks", "//test/mocks/stream_info:stream_info_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_benchmark_binary( name = "substitution_formatter_speed_test", srcs = ["substitution_formatter_speed_test.cc"], external_deps = [ "benchmark", ], deps = [ "//source/common/formatter:substitution_formatter_lib", "//source/common/http:header_map_lib", "//source/common/network:address_lib", "//test/common/stream_info:test_util", "//test/mocks/http:http_mocks", "//test/mocks/stream_info:stream_info_mocks", "//test/test_common:printers_lib", ], ) envoy_benchmark_test( name = "substitution_formatter_speed_test_benchmark_test", benchmark_binary = "substitution_formatter_speed_test", ) ================================================ FILE: test/common/formatter/substitution_format_string_test.cc ================================================ #include "envoy/config/core/v3/substitution_format_string.pb.validate.h" #include "common/formatter/substitution_format_string.h" #include "test/mocks/http/mocks.h" #include "test/mocks/stream_info/mocks.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::Return; namespace Envoy { namespace Formatter { class SubstitutionFormatStringUtilsTest : public ::testing::Test { public: SubstitutionFormatStringUtilsTest() { absl::optional response_code{200}; EXPECT_CALL(stream_info_, responseCode()).WillRepeatedly(Return(response_code)); } Http::TestRequestHeaderMapImpl request_headers_{ {":method", "GET"}, {":path", "/bar/foo"}, {"content-type", "application/json"}}; Http::TestResponseHeaderMapImpl response_headers_; Http::TestResponseTrailerMapImpl response_trailers_; StreamInfo::MockStreamInfo stream_info_; std::string body_; envoy::config::core::v3::SubstitutionFormatString config_; }; TEST_F(SubstitutionFormatStringUtilsTest, TestEmptyIsInvalid) { envoy::config::core::v3::SubstitutionFormatString empty_config; std::string err; EXPECT_FALSE(Validate(empty_config, &err)); } TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigText) { const std::string yaml = R"EOF( text_format: "plain text, path=%REQ(:path)%, code=%RESPONSE_CODE%" )EOF"; TestUtility::loadFromYaml(yaml, config_); auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_); EXPECT_EQ("plain text, path=/bar/foo, code=200", formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_)); } TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJson) { const std::string yaml = R"EOF( json_format: text: "plain text" path: "%REQ(:path)%" code: "%RESPONSE_CODE%" headers: content-type: "%REQ(CONTENT-TYPE)%" )EOF"; TestUtility::loadFromYaml(yaml, config_); auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_); const auto out_json = formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_); const std::string expected = R"EOF({ "text": "plain text", "path": "/bar/foo", "code": 200, "headers": { "content-type": "application/json" } })EOF"; EXPECT_TRUE(TestUtility::jsonStringEqual(out_json, expected)); } TEST_F(SubstitutionFormatStringUtilsTest, TestInvalidConfigs) { const std::vector invalid_configs = { R"( json_format: field: true )", R"( json_format: field: 200 )", }; for (const auto& yaml : invalid_configs) { TestUtility::loadFromYaml(yaml, config_); EXPECT_THROW_WITH_MESSAGE( SubstitutionFormatStringUtils::fromProtoConfig(config_), EnvoyException, "Only string values or nested structs are supported in the JSON access log format."); } } } // namespace Formatter } // namespace Envoy ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-4673648219652096 ================================================ format: "%START_TIME(%f)%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5630958620901376 ================================================ format: "%RESP(\n )% %REQ(\n)%" response_trailers { } stream_info { start_time: 7313138969067071779 response_code { value: 262144 } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5633770020929536 ================================================ format: "%REQ(\r)%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5645869313687552 ================================================ request_headers { headers { key: "\r" } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5701824317751296 ================================================ format: "%START_TIME(%f)%" stream_info { start_time: 18446744073709551615 } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-access_log_formatter_fuzz_test-5758486359572480 ================================================ format : "%DYNAMIC_METADATA()%" stream_info { dynamic_metadata { filter_metadata { key: "" value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { struct_value { fields { key: "" value { list_value { values { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { struct_value { fields { key: "" value { list_value { values { list_value { values { struct_value { fields { key: "" value { list_value { values { list_value { values { } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/clusterfuzz-testcase-minimized-header_parser_fuzz_test-5633924724424704.fuzz ================================================ headers_to_add { header { key: "T" value: "%START_TIME(%f%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f ff%E461%f%f%f%E461f%E46371%bff%E461%f%fE%f%E4E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f ff%E461%f%f%f%E461f%E46111f%E0%f f461f%E46116%f%f%E461f%E46116%f%f%E256f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f*E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E4116%f f461f%E46116%f%f%E461f%E46116%f%f%E1f%f%E9223372036854775809f%E46116%f%f%E461f%E46116%f f65075f%E46115%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%En- *f461f%E1%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46E461f%E46116%f%f%E461f%E46116%f ff%E461%f%f%f%E461f%E46371%bff%E461%f%fE%f%E4E461f%E46116%f%f%E461f%f%E4-8682401458614789115%E46116%f ff%E461%f%f%f%E461f%E46111f%E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E256f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46116%f%f%E98838f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E461f%f%E461f%E46116%f%f%E461f%E46116%f f461f%E46116%f%f%E461f%E46116%f%f%E466%f%f%E461f%E46116%f ff%E461%f%f%f%E195f%E65537%bff%E4ff%f%)%" } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/dynamic_metadata ================================================ format: "%DYNAMIC_METADATA(com.test:test_key)%|%DYNAMIC_METADATA(com.test:test_obj)%|%DYNAMIC_METADATA(com.test:test_obj:inner_key)%" stream_info { dynamic_metadata { filter_metadata { key: "com.test" value: { fields { key: "test_key" value: { string_value: "test_value" } } fields { key: "test_obj" value: { struct_value { fields { key: "inner_key" value: { string_value: "inner_value" } } } } } } } } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/empty ================================================ ================================================ FILE: test/common/formatter/substitution_formatter_corpus/headers ================================================ format: "{{%PROTOCOL%}} %RESP(not exist)%++%RESP(test)% %REQ(FIRST?SECOND)% %RESP(FIRST?SECOND)%\t@%TRAILER(THIRD)%@\t%TRAILER(TEST?TEST-2)%[]" request_headers { headers { key: "first" value: "GET" } headers { key: ":path" value: "/" } } response_headers { headers { key: "second" value: "PUT" } headers { key: "test" value: "test" } } response_trailers { headers { key: "third" value: "POST" } headers { key: "test-2" value: "test-2" } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_0 ================================================ format: "%REQ(" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_1 ================================================ format: "{{%PROTOCOL%}} ++ %REQ(FIRST?SECOND)% %RESP(FIRST?SECOND)" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_10 ================================================ format: "%RESP(TEST):%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_11 ================================================ format: "%RESP(X?Y):%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_12 ================================================ format: "%RESP(X?Y):343o24%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_13 ================================================ format: "%RESP(X?Y):343o24%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_14 ================================================ format: "%REQ(TEST):10" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_15 ================================================ format: "REQ(:TEST):10%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_16 ================================================ format: "%REQ(TEST:10%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_17 ================================================ format: "%REQ(" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_18 ================================================ format: "%REQ(X?Y?Z)%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_19 ================================================ format: "%DYNAMIC_METADATA(TEST"}" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_2 ================================================ format: "%REQ(FIRST?SECOND)T%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_3 ================================================ format: "ESP(FIRST)%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_4 ================================================ format: "%REQ(valid)% %NOT_VALID%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_5 ================================================ format: "%REQ(FIRST?SECOND%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_6 ================================================ format: "%%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_7 ================================================ format: "%protocol%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_8 ================================================ format: "%REQ(TEST):%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/invalid_9 ================================================ format: "%REQ(TEST):3q4%" ================================================ FILE: test/common/formatter/substitution_formatter_corpus/plain_string ================================================ {}*JUST PLAIN string] ================================================ FILE: test/common/formatter/substitution_formatter_corpus/response_code ================================================ format: "%RESPONSE_CODE%" stream_info { response_code { value: 404 } } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/start_time_0 ================================================ format: "%START_TIME(%Y/%m/%d)%|%START_TIME(%s)%|%START_TIME(bad_format)%|%START_TIME%|%START_TIME(%f.%1f.%2f.%3f)%" stream_info { start_time: 1522280158 } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/start_time_1 ================================================ format: "%START_TIME(%s.%3f)%|%START_TIME(%s.%4f)%|%START_TIME(%s.%5f)%|%START_TIME(%s.%6f)%" stream_info { start_time: 1522796769123456 } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/start_time_2 ================================================ format: "%START_TIME(segment1:%s.%3f|segment2:%s.%4f|seg3:%s.%6f|%s-%3f-asdf-%9f|.%7f:segm5:%Y)%" stream_info { start_time: 1522796769123456 } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/start_time_3 ================================================ format: "%START_TIME(%%%%|%%%%%f|%s%%%%%3f|%1f%%%%%s)%" stream_info { start_time: 1522796769123456 } ================================================ FILE: test/common/formatter/substitution_formatter_corpus/upstream_local_address ================================================ format: "%UPSTREAM_LOCAL_ADDRESS%" stream_info { upstream_local_address { socket_address { address: "10.1.2.3", port_value: 10001 } } } ================================================ FILE: test/common/formatter/substitution_formatter_fuzz.proto ================================================ syntax = "proto3"; package test.common.substitution; import "test/fuzz/common.proto"; import "validate/validate.proto"; // Structured input for substitution_formatter_fuzz_test. message TestCase { // Do not allow invalid header characters in %REQ(...)% and %RESP(...)%. // It will crash the fuzzer on LowerCaseString asserts. string format = 1 [(validate.rules).string.pattern = "[^%\\(REQ|RESP\\)\\([^\\r\\0\\n]\\)%]"]; test.fuzz.Headers request_headers = 2; test.fuzz.Headers response_headers = 3; test.fuzz.Headers response_trailers = 4; test.fuzz.StreamInfo stream_info = 5; } ================================================ FILE: test/common/formatter/substitution_formatter_fuzz_test.cc ================================================ #include "common/formatter/substitution_formatter.h" #include "test/common/formatter/substitution_formatter_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" namespace Envoy { namespace Fuzz { namespace { DEFINE_PROTO_FUZZER(const test::common::substitution::TestCase& input) { try { TestUtility::validate(input); std::vector formatters = Formatter::SubstitutionFormatParser::parse(input.format()); const auto& request_headers = Fuzz::fromHeaders(input.request_headers()); const auto& response_headers = Fuzz::fromHeaders(input.response_headers()); const auto& response_trailers = Fuzz::fromHeaders(input.response_trailers()); const std::unique_ptr stream_info = Fuzz::fromStreamInfo(input.stream_info()); for (const auto& it : formatters) { it->format(request_headers, response_headers, response_trailers, *stream_info, absl::string_view()); } ENVOY_LOG_MISC(trace, "Success"); } catch (const EnvoyException& e) { ENVOY_LOG_MISC(debug, "EnvoyException: {}", e.what()); } } } // namespace } // namespace Fuzz } // namespace Envoy ================================================ FILE: test/common/formatter/substitution_formatter_fuzz_test.dict ================================================ # format strings "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\"\x0A" "%START_TIME%" "%BYTES_RECEIVED%" "%PROTOCOL%" "%RESPONSE_CODE%" "%RESPONSE_CODE_DETAILS%" "%BYTES_SENT%" "%DURATION%" "%RESPONSE_DURATION%" "%RESPONSE_FLAGS%" "%RESPONSE_TX_DURATION%" "%ROUTE_NAME%" "%UPSTREAM_HOST%" "%UPSTREAM_CLUSTER%" "%UPSTREAM_LOCAL_ADDRESS%" "%UPSTREAM_TRANSPORT_FAILURE_REASON%" "%DOWNSTREAM_REMOTE_ADDRESS%" "%REQUESTED_SERVER_NAME%" "%REQ" "%TRAILER" "%RESP" "%DOWNSTREAM_PEER_CERT_V_END%" "%HOSTNAME%" ================================================ FILE: test/common/formatter/substitution_formatter_speed_test.cc ================================================ #include "common/formatter/substitution_formatter.h" #include "common/network/address_impl.h" #include "test/common/stream_info/test_util.h" #include "test/mocks/http/mocks.h" #include "benchmark/benchmark.h" namespace Envoy { namespace { std::unique_ptr makeJsonFormatter(bool typed) { ProtobufWkt::Struct JsonLogFormat; const std::string format_yaml = R"EOF( remote_address: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%' start_time: '%START_TIME(%Y/%m/%dT%H:%M:%S%z %s)%' method: '%REQ(:METHOD)%' url: '%REQ(X-FORWARDED-PROTO)%://%REQ(:AUTHORITY)%%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%' protocol: '%PROTOCOL%' respoinse_code: '%RESPONSE_CODE%' bytes_sent: '%BYTES_SENT%' duration: '%DURATION%' referer: '%REQ(REFERER)%' user-agent: '%REQ(USER-AGENT)%' )EOF"; TestUtility::loadFromYaml(format_yaml, JsonLogFormat); return std::make_unique(JsonLogFormat, typed, false); } std::unique_ptr makeStreamInfo() { auto stream_info = std::make_unique(); stream_info->setDownstreamRemoteAddress( std::make_shared("203.0.113.1")); return stream_info; } } // namespace // NOLINTNEXTLINE(readability-identifier-naming) static void BM_AccessLogFormatter(benchmark::State& state) { std::unique_ptr stream_info = makeStreamInfo(); static const char* LogFormat = "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT% %START_TIME(%Y/%m/%dT%H:%M:%S%z %s)% " "%REQ(:METHOD)% " "%REQ(X-FORWARDED-PROTO)%://%REQ(:AUTHORITY)%%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL% " "s%RESPONSE_CODE% %BYTES_SENT% %DURATION% %REQ(REFERER)% \"%REQ(USER-AGENT)%\" - - -\n"; std::unique_ptr formatter = std::make_unique(LogFormat, false); size_t output_bytes = 0; Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; for (auto _ : state) { output_bytes += formatter->format(request_headers, response_headers, response_trailers, *stream_info, body) .length(); } benchmark::DoNotOptimize(output_bytes); } BENCHMARK(BM_AccessLogFormatter); // NOLINTNEXTLINE(readability-identifier-naming) static void BM_JsonAccessLogFormatter(benchmark::State& state) { std::unique_ptr stream_info = makeStreamInfo(); std::unique_ptr json_formatter = makeJsonFormatter(false); size_t output_bytes = 0; Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; for (auto _ : state) { output_bytes += json_formatter ->format(request_headers, response_headers, response_trailers, *stream_info, body) .length(); } benchmark::DoNotOptimize(output_bytes); } BENCHMARK(BM_JsonAccessLogFormatter); // NOLINTNEXTLINE(readability-identifier-naming) static void BM_TypedJsonAccessLogFormatter(benchmark::State& state) { std::unique_ptr stream_info = makeStreamInfo(); std::unique_ptr typed_json_formatter = makeJsonFormatter(true); size_t output_bytes = 0; Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; for (auto _ : state) { output_bytes += typed_json_formatter ->format(request_headers, response_headers, response_trailers, *stream_info, body) .length(); } benchmark::DoNotOptimize(output_bytes); } BENCHMARK(BM_TypedJsonAccessLogFormatter); } // namespace Envoy ================================================ FILE: test/common/formatter/substitution_formatter_test.cc ================================================ #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/formatter/substitution_formatter.h" #include "common/http/header_map_impl.h" #include "common/json/json_loader.h" #include "common/network/address_impl.h" #include "common/protobuf/utility.h" #include "common/router/string_accessor_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/http/mocks.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stream_info/mocks.h" #include "test/test_common/printers.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::Const; using testing::Invoke; using testing::NiceMock; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Formatter { namespace { class TestSerializedUnknownFilterState : public StreamInfo::FilterState::Object { public: ProtobufTypes::MessagePtr serializeAsProto() const override { auto any = std::make_unique(); any->set_type_url("UnknownType"); any->set_value("\xde\xad\xbe\xef"); return any; } }; class TestSerializedStructFilterState : public StreamInfo::FilterState::Object { public: TestSerializedStructFilterState() : use_struct_(true) { (*struct_.mutable_fields())["inner_key"] = ValueUtil::stringValue("inner_value"); } explicit TestSerializedStructFilterState(const ProtobufWkt::Struct& s) : use_struct_(true) { struct_.CopyFrom(s); } explicit TestSerializedStructFilterState(std::chrono::seconds seconds) { duration_.set_seconds(seconds.count()); } ProtobufTypes::MessagePtr serializeAsProto() const override { if (use_struct_) { auto s = std::make_unique(); s->CopyFrom(struct_); return s; } auto d = std::make_unique(); d->CopyFrom(duration_); return d; } private: const bool use_struct_{false}; ProtobufWkt::Struct struct_; ProtobufWkt::Duration duration_; }; // Class used to test serializeAsString and serializeAsProto of FilterState class TestSerializedStringFilterState : public StreamInfo::FilterState::Object { public: TestSerializedStringFilterState(std::string str) : raw_string_(str) {} absl::optional serializeAsString() const override { return raw_string_ + " By PLAIN"; } ProtobufTypes::MessagePtr serializeAsProto() const override { auto message = std::make_unique(); message->set_value(raw_string_ + " By TYPED"); return message; } private: std::string raw_string_; }; TEST(SubstitutionFormatUtilsTest, protocolToString) { EXPECT_EQ("HTTP/1.0", SubstitutionFormatUtils::protocolToString(Http::Protocol::Http10).value().get()); EXPECT_EQ("HTTP/1.1", SubstitutionFormatUtils::protocolToString(Http::Protocol::Http11).value().get()); EXPECT_EQ("HTTP/2", SubstitutionFormatUtils::protocolToString(Http::Protocol::Http2).value().get()); EXPECT_EQ(absl::nullopt, SubstitutionFormatUtils::protocolToString({})); } TEST(SubstitutionFormatUtilsTest, protocolToStringOrDefault) { EXPECT_EQ("HTTP/1.0", SubstitutionFormatUtils::protocolToStringOrDefault(Http::Protocol::Http10)); EXPECT_EQ("HTTP/1.1", SubstitutionFormatUtils::protocolToStringOrDefault(Http::Protocol::Http11)); EXPECT_EQ("HTTP/2", SubstitutionFormatUtils::protocolToStringOrDefault(Http::Protocol::Http2)); EXPECT_EQ("-", SubstitutionFormatUtils::protocolToStringOrDefault({})); } TEST(SubstitutionFormatterTest, plainStringFormatter) { PlainStringFormatter formatter("plain"); Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; EXPECT_EQ("plain", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("plain"))); } TEST(SubstitutionFormatterTest, streamInfoFormatter) { EXPECT_THROW(StreamInfoFormatter formatter("unknown_field"), EnvoyException); NiceMock stream_info; Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; { StreamInfoFormatter request_duration_format("REQUEST_DURATION"); absl::optional dur = std::chrono::nanoseconds(5000000); EXPECT_CALL(stream_info, lastDownstreamRxByteReceived()).WillRepeatedly(Return(dur)); EXPECT_EQ("5", request_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(request_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(5.0))); } { StreamInfoFormatter request_duration_format("REQUEST_DURATION"); absl::optional dur; EXPECT_CALL(stream_info, lastDownstreamRxByteReceived()).WillRepeatedly(Return(dur)); EXPECT_EQ(absl::nullopt, request_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(request_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter response_duration_format("RESPONSE_DURATION"); absl::optional dur = std::chrono::nanoseconds(10000000); EXPECT_CALL(stream_info, firstUpstreamRxByteReceived()).WillRepeatedly(Return(dur)); EXPECT_EQ("10", response_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(10.0))); } { StreamInfoFormatter response_duration_format("RESPONSE_DURATION"); absl::optional dur; EXPECT_CALL(stream_info, firstUpstreamRxByteReceived()).WillRepeatedly(Return(dur)); EXPECT_EQ(absl::nullopt, response_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter ttlb_duration_format("RESPONSE_TX_DURATION"); absl::optional dur_upstream = std::chrono::nanoseconds(10000000); EXPECT_CALL(stream_info, firstUpstreamRxByteReceived()).WillRepeatedly(Return(dur_upstream)); absl::optional dur_downstream = std::chrono::nanoseconds(25000000); EXPECT_CALL(stream_info, lastDownstreamTxByteSent()).WillRepeatedly(Return(dur_downstream)); EXPECT_EQ("15", ttlb_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(ttlb_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(15.0))); } { StreamInfoFormatter ttlb_duration_format("RESPONSE_TX_DURATION"); absl::optional dur_upstream; EXPECT_CALL(stream_info, firstUpstreamRxByteReceived()).WillRepeatedly(Return(dur_upstream)); absl::optional dur_downstream; EXPECT_CALL(stream_info, lastDownstreamTxByteSent()).WillRepeatedly(Return(dur_downstream)); EXPECT_EQ(absl::nullopt, ttlb_duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(ttlb_duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter bytes_received_format("BYTES_RECEIVED"); EXPECT_CALL(stream_info, bytesReceived()).WillRepeatedly(Return(1)); EXPECT_EQ("1", bytes_received_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(bytes_received_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(1.0))); } { StreamInfoFormatter protocol_format("PROTOCOL"); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); EXPECT_EQ("HTTP/1.1", protocol_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(protocol_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("HTTP/1.1"))); } { StreamInfoFormatter response_format("RESPONSE_CODE"); absl::optional response_code{200}; EXPECT_CALL(stream_info, responseCode()).WillRepeatedly(Return(response_code)); EXPECT_EQ("200", response_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(200.0))); } { StreamInfoFormatter response_code_format("RESPONSE_CODE"); absl::optional response_code; EXPECT_CALL(stream_info, responseCode()).WillRepeatedly(Return(response_code)); EXPECT_EQ("0", response_code_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_code_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(0.0))); } { StreamInfoFormatter response_format("RESPONSE_CODE_DETAILS"); absl::optional rc_details; EXPECT_CALL(stream_info, responseCodeDetails()).WillRepeatedly(ReturnRef(rc_details)); EXPECT_EQ(absl::nullopt, response_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter response_code_format("RESPONSE_CODE_DETAILS"); absl::optional rc_details{"via_upstream"}; EXPECT_CALL(stream_info, responseCodeDetails()).WillRepeatedly(ReturnRef(rc_details)); EXPECT_EQ("via_upstream", response_code_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_code_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("via_upstream"))); } { StreamInfoFormatter termination_details_format("CONNECTION_TERMINATION_DETAILS"); absl::optional details; EXPECT_CALL(stream_info, connectionTerminationDetails()).WillRepeatedly(ReturnRef(details)); EXPECT_EQ(absl::nullopt, termination_details_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(termination_details_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter termination_details_format("CONNECTION_TERMINATION_DETAILS"); absl::optional details{"access_denied"}; EXPECT_CALL(stream_info, connectionTerminationDetails()).WillRepeatedly(ReturnRef(details)); EXPECT_EQ("access_denied", termination_details_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(termination_details_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("access_denied"))); } { StreamInfoFormatter bytes_sent_format("BYTES_SENT"); EXPECT_CALL(stream_info, bytesSent()).WillRepeatedly(Return(1)); EXPECT_EQ("1", bytes_sent_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(bytes_sent_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(1.0))); } { StreamInfoFormatter duration_format("DURATION"); absl::optional dur = std::chrono::nanoseconds(15000000); EXPECT_CALL(stream_info, requestComplete()).WillRepeatedly(Return(dur)); EXPECT_EQ("15", duration_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(duration_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(15.0))); } { StreamInfoFormatter response_flags_format("RESPONSE_FLAGS"); ON_CALL(stream_info, hasResponseFlag(StreamInfo::ResponseFlag::LocalReset)) .WillByDefault(Return(true)); EXPECT_EQ("LR", response_flags_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(response_flags_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("LR"))); } { StreamInfoFormatter upstream_format("UPSTREAM_HOST"); EXPECT_EQ("10.0.0.1:443", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("10.0.0.1:443"))); } { StreamInfoFormatter upstream_format("UPSTREAM_CLUSTER"); const std::string upstream_cluster_name = "cluster_name"; EXPECT_CALL(stream_info.host_->cluster_, name()) .WillRepeatedly(ReturnRef(upstream_cluster_name)); EXPECT_EQ("cluster_name", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("cluster_name"))); } { StreamInfoFormatter upstream_format("UPSTREAM_HOST"); EXPECT_CALL(stream_info, upstreamHost()).WillRepeatedly(Return(nullptr)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { NiceMock os_sys_calls; TestThreadsafeSingletonInjector os_calls(&os_sys_calls); EXPECT_CALL(os_sys_calls, gethostname(_, _)) .WillOnce(Invoke([](char*, size_t) -> Api::SysCallIntResult { return {-1, ENAMETOOLONG}; })); StreamInfoFormatter upstream_format("HOSTNAME"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { NiceMock os_sys_calls; TestThreadsafeSingletonInjector os_calls(&os_sys_calls); EXPECT_CALL(os_sys_calls, gethostname(_, _)) .WillOnce(Invoke([](char* name, size_t) -> Api::SysCallIntResult { StringUtil::strlcpy(name, "myhostname", 11); return {0, 0}; })); StreamInfoFormatter upstream_format("HOSTNAME"); EXPECT_EQ("myhostname", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("myhostname"))); } { StreamInfoFormatter upstream_format("UPSTREAM_CLUSTER"); EXPECT_CALL(stream_info, upstreamHost()).WillRepeatedly(Return(nullptr)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_ADDRESS"); EXPECT_EQ("127.0.0.2:0", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.2:0"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT"); EXPECT_EQ("127.0.0.2", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.2"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_PORT"); // Validate for IPv4 address auto address = Network::Address::InstanceConstSharedPtr{ new Network::Address::Ipv4Instance("127.1.2.3", 8443)}; EXPECT_CALL(stream_info, downstreamLocalAddress()).WillRepeatedly(ReturnRef(address)); EXPECT_EQ("8443", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("8443"))); // Validate for IPv6 address address = Network::Address::InstanceConstSharedPtr{new Network::Address::Ipv6Instance("::1", 9443)}; EXPECT_CALL(stream_info, downstreamLocalAddress()).WillRepeatedly(ReturnRef(address)); EXPECT_EQ("9443", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("9443"))); // Validate for Pipe address = Network::Address::InstanceConstSharedPtr{new Network::Address::PipeInstance("/foo")}; EXPECT_CALL(stream_info, downstreamLocalAddress()).WillRepeatedly(ReturnRef(address)); EXPECT_EQ("", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue(""))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT"); EXPECT_EQ("127.0.0.1", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.1"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_REMOTE_ADDRESS"); EXPECT_EQ("127.0.0.1:0", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.1:0"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT"); EXPECT_EQ("127.0.0.1", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.1"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_DIRECT_REMOTE_ADDRESS"); EXPECT_EQ("127.0.0.1:0", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("127.0.0.1:0"))); } { StreamInfoFormatter upstream_format("CONNECTION_ID"); uint64_t id = 123; EXPECT_CALL(stream_info, connectionID()).WillRepeatedly(Return(id)); EXPECT_EQ("123", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::numberValue(id))); } { StreamInfoFormatter upstream_format("REQUESTED_SERVER_NAME"); std::string requested_server_name = "stub_server"; EXPECT_CALL(stream_info, requestedServerName()) .WillRepeatedly(ReturnRef(requested_server_name)); EXPECT_EQ("stub_server", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("stub_server"))); } { StreamInfoFormatter upstream_format("REQUESTED_SERVER_NAME"); std::string requested_server_name; EXPECT_CALL(stream_info, requestedServerName()) .WillRepeatedly(ReturnRef(requested_server_name)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_URI_SAN"); auto connection_info = std::make_shared(); const std::vector sans{"san"}; EXPECT_CALL(*connection_info, uriSanPeerCertificate()).WillRepeatedly(Return(sans)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("san", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("san"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_URI_SAN"); auto connection_info = std::make_shared(); const std::vector sans{"san1", "san2"}; EXPECT_CALL(*connection_info, uriSanPeerCertificate()).WillRepeatedly(Return(sans)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("san1,san2", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_URI_SAN"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, uriSanPeerCertificate()) .WillRepeatedly(Return(std::vector())); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_URI_SAN"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_URI_SAN"); auto connection_info = std::make_shared(); const std::vector sans{"san"}; EXPECT_CALL(*connection_info, uriSanLocalCertificate()).WillRepeatedly(Return(sans)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("san", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("san"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_URI_SAN"); auto connection_info = std::make_shared(); const std::vector sans{"san1", "san2"}; EXPECT_CALL(*connection_info, uriSanLocalCertificate()).WillRepeatedly(Return(sans)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("san1,san2", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_URI_SAN"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, uriSanLocalCertificate()) .WillRepeatedly(Return(std::vector())); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_URI_SAN"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_SUBJECT"); auto connection_info = std::make_shared(); const std::string subject_local = "subject"; EXPECT_CALL(*connection_info, subjectLocalCertificate()) .WillRepeatedly(ReturnRef(subject_local)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("subject", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("subject"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_SUBJECT"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, subjectLocalCertificate()) .WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_LOCAL_SUBJECT"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); auto connection_info = std::make_shared(); const std::string subject_peer = "subject"; EXPECT_CALL(*connection_info, subjectPeerCertificate()).WillRepeatedly(ReturnRef(subject_peer)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("subject", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("subject"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, subjectPeerCertificate()).WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_SESSION_ID"); auto connection_info = std::make_shared(); const std::string session_id = "deadbeef"; EXPECT_CALL(*connection_info, sessionId()).WillRepeatedly(ReturnRef(session_id)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("deadbeef", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("deadbeef"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_SESSION_ID"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, sessionId()).WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_SESSION_ID"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_CIPHER"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, ciphersuiteString()) .WillRepeatedly(Return("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_CIPHER"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, ciphersuiteString()).WillRepeatedly(Return("")); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_CIPHER"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_VERSION"); auto connection_info = std::make_shared(); std::string tlsVersion = "TLSv1.2"; EXPECT_CALL(*connection_info, tlsVersion()).WillRepeatedly(ReturnRef(tlsVersion)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("TLSv1.2", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("TLSv1.2"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_VERSION"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, tlsVersion()).WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_TLS_VERSION"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_256"); auto connection_info = std::make_shared(); std::string expected_sha = "685a2db593d5f86d346cb1a297009c3b467ad77f1944aa799039a2fb3d531f3f"; EXPECT_CALL(*connection_info, sha256PeerCertificateDigest()) .WillRepeatedly(ReturnRef(expected_sha)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(expected_sha, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue(expected_sha))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_256"); auto connection_info = std::make_shared(); std::string expected_sha; EXPECT_CALL(*connection_info, sha256PeerCertificateDigest()) .WillRepeatedly(ReturnRef(expected_sha)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_256"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_1"); auto connection_info = std::make_shared(); std::string expected_sha = "685a2db593d5f86d346cb1a297009c3b467ad77f1944aa799039a2fb3d531f3f"; EXPECT_CALL(*connection_info, sha1PeerCertificateDigest()) .WillRepeatedly(ReturnRef(expected_sha)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(expected_sha, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue(expected_sha))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_1"); auto connection_info = std::make_shared(); std::string expected_sha; EXPECT_CALL(*connection_info, sha1PeerCertificateDigest()) .WillRepeatedly(ReturnRef(expected_sha)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_FINGERPRINT_1"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SERIAL"); auto connection_info = std::make_shared(); const std::string serial_number = "b8b5ecc898f2124a"; EXPECT_CALL(*connection_info, serialNumberPeerCertificate()) .WillRepeatedly(ReturnRef(serial_number)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("b8b5ecc898f2124a", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("b8b5ecc898f2124a"))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SERIAL"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, serialNumberPeerCertificate()) .WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SERIAL"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_ISSUER"); auto connection_info = std::make_shared(); const std::string issuer_peer = "CN=Test CA,OU=Lyft Engineering,O=Lyft,L=San Francisco,ST=California,C=US"; EXPECT_CALL(*connection_info, issuerPeerCertificate()).WillRepeatedly(ReturnRef(issuer_peer)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("CN=Test CA,OU=Lyft Engineering,O=Lyft,L=San Francisco,ST=California,C=US", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_ISSUER"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, issuerPeerCertificate()).WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_ISSUER"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); auto connection_info = std::make_shared(); const std::string subject_peer = "CN=Test Server,OU=Lyft Engineering,O=Lyft,L=San Francisco,ST=California,C=US"; EXPECT_CALL(*connection_info, subjectPeerCertificate()).WillRepeatedly(ReturnRef(subject_peer)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("CN=Test Server,OU=Lyft Engineering,O=Lyft,L=San Francisco,ST=California,C=US", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, subjectPeerCertificate()).WillRepeatedly(ReturnRef(EMPTY_STRING)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_SUBJECT"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT"); auto connection_info = std::make_shared(); std::string expected_cert = ""; EXPECT_CALL(*connection_info, urlEncodedPemEncodedPeerCertificate()) .WillRepeatedly(ReturnRef(expected_cert)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(expected_cert, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue(expected_cert))); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT"); auto connection_info = std::make_shared(); std::string expected_cert = ""; EXPECT_CALL(*connection_info, urlEncodedPemEncodedPeerCertificate()) .WillRepeatedly(ReturnRef(expected_cert)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_START"); auto connection_info = std::make_shared(); absl::Time abslStartTime = TestUtility::parseTime("Dec 18 01:50:34 2018 GMT", "%b %e %H:%M:%S %Y GMT"); SystemTime startTime = absl::ToChronoTime(abslStartTime); EXPECT_CALL(*connection_info, validFromPeerCertificate()).WillRepeatedly(Return(startTime)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("2018-12-18T01:50:34.000Z", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_START"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, validFromPeerCertificate()).WillRepeatedly(Return(absl::nullopt)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_START"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_END"); auto connection_info = std::make_shared(); absl::Time abslEndTime = TestUtility::parseTime("Dec 17 01:50:34 2020 GMT", "%b %e %H:%M:%S %Y GMT"); SystemTime endTime = absl::ToChronoTime(abslEndTime); EXPECT_CALL(*connection_info, expirationPeerCertificate()).WillRepeatedly(Return(endTime)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ("2020-12-17T01:50:34.000Z", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); } { StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_END"); auto connection_info = std::make_shared(); EXPECT_CALL(*connection_info, expirationPeerCertificate()) .WillRepeatedly(Return(absl::nullopt)); EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(connection_info)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { EXPECT_CALL(stream_info, downstreamSslConnection()).WillRepeatedly(Return(nullptr)); StreamInfoFormatter upstream_format("DOWNSTREAM_PEER_CERT_V_END"); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { StreamInfoFormatter upstream_format("UPSTREAM_TRANSPORT_FAILURE_REASON"); std::string upstream_transport_failure_reason = "SSL error"; EXPECT_CALL(stream_info, upstreamTransportFailureReason()) .WillRepeatedly(ReturnRef(upstream_transport_failure_reason)); EXPECT_EQ("SSL error", upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("SSL error"))); } { StreamInfoFormatter upstream_format("UPSTREAM_TRANSPORT_FAILURE_REASON"); std::string upstream_transport_failure_reason; EXPECT_CALL(stream_info, upstreamTransportFailureReason()) .WillRepeatedly(ReturnRef(upstream_transport_failure_reason)); EXPECT_EQ(absl::nullopt, upstream_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(upstream_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } } TEST(SubstitutionFormatterTest, requestHeaderFormatter) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{":method", "PUT"}}; Http::TestResponseTrailerMapImpl response_trailer{{":method", "POST"}, {"test-2", "test-2"}}; std::string body; { RequestHeaderFormatter formatter(":Method", "", absl::optional()); EXPECT_EQ("GET", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("GET"))); } { RequestHeaderFormatter formatter(":path", ":method", absl::optional()); EXPECT_EQ("/", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("/"))); } { RequestHeaderFormatter formatter(":TEST", ":METHOD", absl::optional()); EXPECT_EQ("GET", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("GET"))); } { RequestHeaderFormatter formatter("does_not_exist", "", absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { RequestHeaderFormatter formatter(":Method", "", absl::optional(2)); EXPECT_EQ("GE", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("GE"))); } } TEST(SubstitutionFormatterTest, responseHeaderFormatter) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{":method", "PUT"}, {"test", "test"}}; Http::TestResponseTrailerMapImpl response_trailer{{":method", "POST"}, {"test-2", "test-2"}}; std::string body; { ResponseHeaderFormatter formatter(":method", "", absl::optional()); EXPECT_EQ("PUT", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("PUT"))); } { ResponseHeaderFormatter formatter("test", ":method", absl::optional()); EXPECT_EQ("test", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("test"))); } { ResponseHeaderFormatter formatter(":path", ":method", absl::optional()); EXPECT_EQ("PUT", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("PUT"))); } { ResponseHeaderFormatter formatter("does_not_exist", "", absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { ResponseHeaderFormatter formatter(":method", "", absl::optional(2)); EXPECT_EQ("PU", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("PU"))); } } TEST(SubstitutionFormatterTest, responseTrailerFormatter) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{":method", "PUT"}, {"test", "test"}}; Http::TestResponseTrailerMapImpl response_trailer{{":method", "POST"}, {"test-2", "test-2"}}; std::string body; { ResponseTrailerFormatter formatter(":method", "", absl::optional()); EXPECT_EQ("POST", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("POST"))); } { ResponseTrailerFormatter formatter("test-2", ":method", absl::optional()); EXPECT_EQ("test-2", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("test-2"))); } { ResponseTrailerFormatter formatter(":path", ":method", absl::optional()); EXPECT_EQ("POST", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("POST"))); } { ResponseTrailerFormatter formatter("does_not_exist", "", absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { ResponseTrailerFormatter formatter(":method", "", absl::optional(2)); EXPECT_EQ("PO", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("PO"))); } } /** * Populate a metadata object with the following test data: * "com.test": {"test_key":"test_value","test_obj":{"inner_key":"inner_value"}} */ void populateMetadataTestData(envoy::config::core::v3::Metadata& metadata) { ProtobufWkt::Struct struct_obj; auto& fields_map = *struct_obj.mutable_fields(); fields_map["test_key"] = ValueUtil::stringValue("test_value"); ProtobufWkt::Struct struct_inner; (*struct_inner.mutable_fields())["inner_key"] = ValueUtil::stringValue("inner_value"); ProtobufWkt::Value val; *val.mutable_struct_value() = struct_inner; fields_map["test_obj"] = val; (*metadata.mutable_filter_metadata())["com.test"] = struct_obj; } TEST(SubstitutionFormatterTest, DynamicMetadataFormatter) { envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); NiceMock stream_info; EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; { DynamicMetadataFormatter formatter("com.test", {}, absl::optional()); std::string val = formatter.format(request_headers, response_headers, response_trailers, stream_info, body) .value(); EXPECT_TRUE(val.find("\"test_key\":\"test_value\"") != std::string::npos); EXPECT_TRUE(val.find("\"test_obj\":{\"inner_key\":\"inner_value\"}") != std::string::npos); ProtobufWkt::Value expected_val; expected_val.mutable_struct_value()->CopyFrom(metadata.filter_metadata().at("com.test")); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(expected_val)); } { DynamicMetadataFormatter formatter("com.test", {"test_key"}, absl::optional()); EXPECT_EQ("\"test_value\"", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("test_value"))); } { DynamicMetadataFormatter formatter("com.test", {"test_obj"}, absl::optional()); EXPECT_EQ( "{\"inner_key\":\"inner_value\"}", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); ProtobufWkt::Value expected_val; (*expected_val.mutable_struct_value()->mutable_fields())["inner_key"] = ValueUtil::stringValue("inner_value"); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(expected_val)); } { DynamicMetadataFormatter formatter("com.test", {"test_obj", "inner_key"}, absl::optional()); EXPECT_EQ("\"inner_value\"", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("inner_value"))); } // not found cases { DynamicMetadataFormatter formatter("com.notfound", {}, absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { DynamicMetadataFormatter formatter("com.test", {"notfound"}, absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } { DynamicMetadataFormatter formatter("com.test", {"test_obj", "notfound"}, absl::optional()); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } // size limit { DynamicMetadataFormatter formatter("com.test", {"test_key"}, absl::optional(5)); EXPECT_EQ("\"test", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); // N.B. Does not truncate. EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("test_value"))); } } TEST(SubstitutionFormatterTest, FilterStateFormatter) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData("key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData("key-struct", std::make_unique(), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData("key-no-serialization", std::make_unique(), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData( "key-serialization-error", std::make_unique(std::chrono::seconds(-281474976710656)), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData( "test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); { FilterStateFormatter formatter("key", absl::optional(), false); EXPECT_EQ("\"test_value\"", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("test_value"))); } { FilterStateFormatter formatter("key-struct", absl::optional(), false); EXPECT_EQ( "{\"inner_key\":\"inner_value\"}", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); ProtobufWkt::Value expected; (*expected.mutable_struct_value()->mutable_fields())["inner_key"] = ValueUtil::stringValue("inner_value"); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(expected)); } // not found case { FilterStateFormatter formatter("key-not-found", absl::optional(), false); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } // no serialization case { FilterStateFormatter formatter("key-no-serialization", absl::optional(), false); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } // serialization error case { FilterStateFormatter formatter("key-serialization-error", absl::optional(), false); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } // size limit { FilterStateFormatter formatter("key", absl::optional(5), false); EXPECT_EQ("\"test", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); // N.B. Does not truncate. EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("test_value"))); } // serializeAsString case { FilterStateFormatter formatter("test_key", absl::optional(), true); EXPECT_EQ("test_value By PLAIN", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); } // size limit for serializeAsString { FilterStateFormatter formatter("test_key", absl::optional(10), true); EXPECT_EQ("test_value", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); } // no serialization case for serializeAsString { FilterStateFormatter formatter("key-no-serialization", absl::optional(), true); EXPECT_EQ(absl::nullopt, formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::nullValue())); } } TEST(SubstitutionFormatterTest, StartTimeFormatter) { NiceMock stream_info; Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; std::string body; { StartTimeFormatter start_time_format("%Y/%m/%d"); time_t test_epoch = 1522280158; SystemTime time = std::chrono::system_clock::from_time_t(test_epoch); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(time)); EXPECT_EQ("2018/03/28", start_time_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(start_time_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("2018/03/28"))); } { StartTimeFormatter start_time_format(""); SystemTime time; EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(time)); EXPECT_EQ(AccessLogDateTimeFormatter::fromTime(time), start_time_format.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(start_time_format.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue(AccessLogDateTimeFormatter::fromTime(time)))); } } TEST(SubstitutionFormatterTest, GrpcStatusFormatterTest) { GrpcStatusFormatter formatter("grpc-status", "", absl::optional()); NiceMock stream_info; Http::TestRequestHeaderMapImpl request_header; Http::TestResponseHeaderMapImpl response_header; Http::TestResponseTrailerMapImpl response_trailer; std::string body; std::array grpc_statuses{ "OK", "Canceled", "Unknown", "InvalidArgument", "DeadlineExceeded", "NotFound", "AlreadyExists", "PermissionDenied", "ResourceExhausted", "FailedPrecondition", "Aborted", "OutOfRange", "Unimplemented", "Internal", "Unavailable", "DataLoss", "Unauthenticated"}; for (size_t i = 0; i < grpc_statuses.size(); ++i) { response_trailer = Http::TestResponseTrailerMapImpl{{"grpc-status", std::to_string(i)}}; EXPECT_EQ(grpc_statuses[i], formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue(grpc_statuses[i]))); } { response_trailer = Http::TestResponseTrailerMapImpl{{"grpc-status", "-1"}}; EXPECT_EQ("-1", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("-1"))); response_trailer = Http::TestResponseTrailerMapImpl{{"grpc-status", "42738"}}; EXPECT_EQ("42738", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("42738"))); response_trailer.clear(); } { response_header = Http::TestResponseHeaderMapImpl{{"grpc-status", "-1"}}; EXPECT_EQ("-1", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("-1"))); response_header = Http::TestResponseHeaderMapImpl{{"grpc-status", "42738"}}; EXPECT_EQ("42738", formatter.format(request_header, response_header, response_trailer, stream_info, body)); EXPECT_THAT( formatter.formatValue(request_header, response_header, response_trailer, stream_info, body), ProtoEq(ValueUtil::stringValue("42738"))); response_header.clear(); } } void verifyJsonOutput(std::string json_string, absl::node_hash_map expected_map) { const auto parsed = Json::Factory::loadFromString(json_string); // Every json log line should have only one newline character, and it should be the last character // in the string const auto newline_pos = json_string.find('\n'); EXPECT_NE(newline_pos, std::string::npos); EXPECT_EQ(newline_pos, json_string.length() - 1); for (const auto& pair : expected_map) { EXPECT_EQ(parsed->getString(pair.first), pair.second); } } TEST(SubstitutionFormatterTest, JsonFormatterPlainStringTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header; Http::TestResponseHeaderMapImpl response_header; Http::TestResponseTrailerMapImpl response_trailer; std::string body; envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); absl::node_hash_map expected_json_map = { {"plain_string", "plain_string_value"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( plain_string: plain_string_value )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterNestedObject) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header; Http::TestResponseHeaderMapImpl response_header; Http::TestResponseTrailerMapImpl response_trailer; std::string body; envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( level_one: level_two: level_three: plain_string: plain_string_value protocol: '%PROTOCOL%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); const std::string expected = R"EOF({ "level_one": { "level_two": { "level_three": { "plain_string": "plain_string_value", "protocol": "HTTP/1.1" } } } })EOF"; std::string out_json = formatter.format(request_header, response_header, response_trailer, stream_info, body); EXPECT_TRUE(TestUtility::jsonStringEqual(out_json, expected)); } TEST(SubstitutionFormatterTest, JsonFormatterSingleOperatorTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header; Http::TestResponseHeaderMapImpl response_header; Http::TestResponseTrailerMapImpl response_trailer; std::string body; envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); absl::node_hash_map expected_json_map = {{"protocol", "HTTP/1.1"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( protocol: '%PROTOCOL%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterNonExistentHeaderTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{"some_request_header", "SOME_REQUEST_HEADER"}}; Http::TestResponseHeaderMapImpl response_header{{"some_response_header", "SOME_RESPONSE_HEADER"}}; Http::TestResponseTrailerMapImpl response_trailer; std::string body; absl::node_hash_map expected_json_map = { {"protocol", "HTTP/1.1"}, {"some_request_header", "SOME_REQUEST_HEADER"}, {"nonexistent_response_header", "-"}, {"some_response_header", "SOME_RESPONSE_HEADER"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( protocol: '%PROTOCOL%' some_request_header: '%REQ(some_request_header)%' nonexistent_response_header: '%RESP(nonexistent_response_header)%' some_response_header: '%RESP(some_response_header)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterAlternateHeaderTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{ {"request_present_header", "REQUEST_PRESENT_HEADER"}}; Http::TestResponseHeaderMapImpl response_header{ {"response_present_header", "RESPONSE_PRESENT_HEADER"}}; Http::TestResponseTrailerMapImpl response_trailer; std::string body; absl::node_hash_map expected_json_map = { {"request_present_header_or_request_absent_header", "REQUEST_PRESENT_HEADER"}, {"request_absent_header_or_request_present_header", "REQUEST_PRESENT_HEADER"}, {"response_absent_header_or_response_absent_header", "RESPONSE_PRESENT_HEADER"}, {"response_present_header_or_response_absent_header", "RESPONSE_PRESENT_HEADER"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( request_present_header_or_request_absent_header: '%REQ(request_present_header?request_absent_header)%' request_absent_header_or_request_present_header: '%REQ(request_absent_header?request_present_header)%' response_absent_header_or_response_absent_header: '%RESP(response_absent_header?response_present_header)%' response_present_header_or_response_absent_header: '%RESP(response_present_header?response_absent_header)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterDynamicMetadataTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{"first", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{"second", "PUT"}, {"test", "test"}}; Http::TestResponseTrailerMapImpl response_trailer{{"third", "POST"}, {"test-2", "test-2"}}; std::string body; envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); absl::node_hash_map expected_json_map = { {"test_key", "\"test_value\""}, {"test_obj", "{\"inner_key\":\"inner_value\"}"}, {"test_obj.inner_key", "\"inner_value\""}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key: '%DYNAMIC_METADATA(com.test:test_key)%' test_obj: '%DYNAMIC_METADATA(com.test:test_obj)%' test_obj.inner_key: '%DYNAMIC_METADATA(com.test:test_obj:inner_key)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterTypedDynamicMetadataTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{"first", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{"second", "PUT"}, {"test", "test"}}; Http::TestResponseTrailerMapImpl response_trailer{{"third", "POST"}, {"test-2", "test-2"}}; std::string body; envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key: '%DYNAMIC_METADATA(com.test:test_key)%' test_obj: '%DYNAMIC_METADATA(com.test:test_obj)%' test_obj.inner_key: '%DYNAMIC_METADATA(com.test:test_obj:inner_key)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, true, false); const std::string json = formatter.format(request_header, response_header, response_trailer, stream_info, body); ProtobufWkt::Struct output; MessageUtil::loadFromJson(json, output); const auto& fields = output.fields(); EXPECT_EQ("test_value", fields.at("test_key").string_value()); EXPECT_EQ("inner_value", fields.at("test_obj.inner_key").string_value()); EXPECT_EQ("inner_value", fields.at("test_obj").struct_value().fields().at("inner_key").string_value()); } TEST(SubstitutionFormatterTest, JsonFormatterFilterStateTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData("test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData("test_obj", std::make_unique(), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); absl::node_hash_map expected_json_map = { {"test_key", "\"test_value\""}, {"test_obj", "{\"inner_key\":\"inner_value\"}"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key: '%FILTER_STATE(test_key)%' test_obj: '%FILTER_STATE(test_obj)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_headers, response_headers, response_trailers, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterOmitEmptyTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).Times(testing::AtLeast(1)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key_filter_state: '%FILTER_STATE(nonexistent_key)%' test_key_req: '%REQ(nonexistent_key)%' test_key_res: '%RESP(nonexistent_key)%' test_key_dynamic_metadata: '%DYNAMIC_METADATA(nonexistent_key)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, true); verifyJsonOutput( formatter.format(request_headers, response_headers, response_trailers, stream_info, body), {}); } TEST(SubstitutionFormatterTest, JsonFormatterTypedFilterStateTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData("test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); stream_info.filter_state_->setData("test_obj", std::make_unique(), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key: '%FILTER_STATE(test_key)%' test_obj: '%FILTER_STATE(test_obj)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, true, false); std::string json = formatter.format(request_headers, response_headers, response_trailers, stream_info, body); ProtobufWkt::Struct output; MessageUtil::loadFromJson(json, output); const auto& fields = output.fields(); EXPECT_EQ("test_value", fields.at("test_key").string_value()); EXPECT_EQ("inner_value", fields.at("test_obj").struct_value().fields().at("inner_key").string_value()); } // Test new specifier (PLAIN/TYPED) of FilterState. Ensure that after adding additional specifier, // the FilterState can call the serializeAsProto or serializeAsString methods correctly. TEST(SubstitutionFormatterTest, FilterStateSpeciferTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData( "test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); absl::node_hash_map expected_json_map = { {"test_key_plain", "test_value By PLAIN"}, {"test_key_typed", "\"test_value By TYPED\""}, }; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key_plain: '%FILTER_STATE(test_key:PLAIN)%' test_key_typed: '%FILTER_STATE(test_key:TYPED)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_headers, response_headers, response_trailers, stream_info, body), expected_json_map); } // Test new specifier (PLAIN/TYPED) of FilterState and convert the output log string to proto // and then verify the result. TEST(SubstitutionFormatterTest, TypedFilterStateSpeciferTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData( "test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key_plain: '%FILTER_STATE(test_key:PLAIN)%' test_key_typed: '%FILTER_STATE(test_key:TYPED)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, true, false); std::string json = formatter.format(request_headers, response_headers, response_trailers, stream_info, body); ProtobufWkt::Struct output; MessageUtil::loadFromJson(json, output); const auto& fields = output.fields(); EXPECT_EQ("test_value By PLAIN", fields.at("test_key_plain").string_value()); EXPECT_EQ("test_value By TYPED", fields.at("test_key_typed").string_value()); } // Error specifier will cause an exception to be thrown. TEST(SubstitutionFormatterTest, FilterStateErrorSpeciferTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; stream_info.filter_state_->setData( "test_key", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly); // 'ABCDE' is error specifier. ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( test_key_plain: '%FILTER_STATE(test_key:ABCDE)%' test_key_typed: '%FILTER_STATE(test_key:TYPED)%' )EOF", key_mapping); EXPECT_THROW_WITH_MESSAGE(JsonFormatterImpl formatter(key_mapping, false, false), EnvoyException, "Invalid filter state serialize type, only support PLAIN/TYPED."); } TEST(SubstitutionFormatterTest, JsonFormatterStartTimeTest) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header; Http::TestResponseHeaderMapImpl response_header; Http::TestResponseTrailerMapImpl response_trailer; std::string body; time_t expected_time_in_epoch = 1522280158; SystemTime time = std::chrono::system_clock::from_time_t(expected_time_in_epoch); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(time)); absl::node_hash_map expected_json_map = { {"simple_date", "2018/03/28"}, {"test_time", fmt::format("{}", expected_time_in_epoch)}, {"bad_format", "bad_format"}, {"default", "2018-03-28T23:35:58.000Z"}, {"all_zeroes", "000000000.0.00.000"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( simple_date: '%START_TIME(%Y/%m/%d)%' test_time: '%START_TIME(%s)%' bad_format: '%START_TIME(bad_format)%' default: '%START_TIME%' all_zeroes: '%START_TIME(%f.%1f.%2f.%3f)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, false, false); verifyJsonOutput( formatter.format(request_header, response_header, response_trailer, stream_info, body), expected_json_map); } TEST(SubstitutionFormatterTest, JsonFormatterMultiTokenTest) { { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{"some_request_header", "SOME_REQUEST_HEADER"}}; Http::TestResponseHeaderMapImpl response_header{ {"some_response_header", "SOME_RESPONSE_HEADER"}}; Http::TestResponseTrailerMapImpl response_trailer; std::string body; absl::node_hash_map expected_json_map = { {"multi_token_field", "HTTP/1.1 plainstring SOME_REQUEST_HEADER SOME_RESPONSE_HEADER"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( multi_token_field: '%PROTOCOL% plainstring %REQ(some_request_header)% %RESP(some_response_header)%' )EOF", key_mapping); for (const bool preserve_types : {false, true}) { JsonFormatterImpl formatter(key_mapping, preserve_types, false); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); const auto parsed = Json::Factory::loadFromString( formatter.format(request_header, response_header, response_trailer, stream_info, body)); for (const auto& pair : expected_json_map) { EXPECT_EQ(parsed->getString(pair.first), pair.second); } } } } TEST(SubstitutionFormatterTest, JsonFormatterTypedTest) { Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers; Http::TestResponseTrailerMapImpl response_trailers; StreamInfo::MockStreamInfo stream_info; std::string body; EXPECT_CALL(Const(stream_info), lastDownstreamRxByteReceived()) .WillRepeatedly(Return(std::chrono::nanoseconds(5000000))); ProtobufWkt::Value list; list.mutable_list_value()->add_values()->set_bool_value(true); list.mutable_list_value()->add_values()->set_string_value("two"); list.mutable_list_value()->add_values()->set_number_value(3.14); ProtobufWkt::Struct s; (*s.mutable_fields())["list"] = list; stream_info.filter_state_->setData("test_obj", std::make_unique(s), StreamInfo::FilterState::StateType::ReadOnly); EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( request_duration: '%REQUEST_DURATION%' request_duration_multi: '%REQUEST_DURATION%ms' filter_state: '%FILTER_STATE(test_obj)%' )EOF", key_mapping); JsonFormatterImpl formatter(key_mapping, true, false); const auto json = formatter.format(request_headers, response_headers, response_trailers, stream_info, body); ProtobufWkt::Struct output; MessageUtil::loadFromJson(json, output); EXPECT_THAT(output.fields().at("request_duration"), ProtoEq(ValueUtil::numberValue(5.0))); EXPECT_THAT(output.fields().at("request_duration_multi"), ProtoEq(ValueUtil::stringValue("5ms"))); ProtobufWkt::Value expected; expected.mutable_struct_value()->CopyFrom(s); EXPECT_THAT(output.fields().at("filter_state"), ProtoEq(expected)); } TEST(SubstitutionFormatterTest, CompositeFormatterSuccess) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{{"first", "GET"}, {":path", "/"}}; Http::TestResponseHeaderMapImpl response_header{{"second", "PUT"}, {"test", "test"}}; Http::TestResponseTrailerMapImpl response_trailer{{"third", "POST"}, {"test-2", "test-2"}}; std::string body; { const std::string format = "{{%PROTOCOL%}} %RESP(not exist)%++%RESP(test)% " "%REQ(FIRST?SECOND)% %RESP(FIRST?SECOND)%" "\t@%TRAILER(THIRD)%@\t%TRAILER(TEST?TEST-2)%[]"; FormatterImpl formatter(format, false); absl::optional protocol = Http::Protocol::Http11; EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(protocol)); EXPECT_EQ( "{{HTTP/1.1}} -++test GET PUT\t@POST@\ttest-2[]", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { const std::string format = "{}*JUST PLAIN string]"; FormatterImpl formatter(format, false); EXPECT_EQ(format, formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { const std::string format = "%REQ(first):3%|%REQ(first):1%|%RESP(first?second):2%|%REQ(first):" "10%|%TRAILER(second?third):3%"; FormatterImpl formatter(format, false); EXPECT_EQ("GET|G|PU|GET|POS", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { envoy::config::core::v3::Metadata metadata; populateMetadataTestData(metadata); EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); const std::string format = "%DYNAMIC_METADATA(com.test:test_key)%|%DYNAMIC_METADATA(com.test:" "test_obj)%|%DYNAMIC_METADATA(com.test:test_obj:inner_key)%"; FormatterImpl formatter(format, false); EXPECT_EQ( "\"test_value\"|{\"inner_key\":\"inner_value\"}|\"inner_value\"", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); stream_info.filter_state_->setData("testing", std::make_unique("test_value"), StreamInfo::FilterState::StateType::ReadOnly, StreamInfo::FilterState::LifeSpan::FilterChain); stream_info.filter_state_->setData("serialized", std::make_unique(), StreamInfo::FilterState::StateType::ReadOnly, StreamInfo::FilterState::LifeSpan::FilterChain); const std::string format = "%FILTER_STATE(testing)%|%FILTER_STATE(serialized)%|" "%FILTER_STATE(testing):8%|%FILTER_STATE(nonexisting)%"; FormatterImpl formatter(format, false); EXPECT_EQ( "\"test_value\"|-|\"test_va|-", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { const std::string format = "%START_TIME(%Y/%m/%d)%|%START_TIME(%s)%|%START_TIME(bad_format)%|" "%START_TIME%|%START_TIME(%f.%1f.%2f.%3f)%"; time_t expected_time_in_epoch = 1522280158; SystemTime time = std::chrono::system_clock::from_time_t(expected_time_in_epoch); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(time)); FormatterImpl formatter(format, false); EXPECT_EQ( fmt::format("2018/03/28|{}|bad_format|2018-03-28T23:35:58.000Z|000000000.0.00.000", expected_time_in_epoch), formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { // This tests the beginning of time. const std::string format = "%START_TIME(%Y/%m/%d)%|%START_TIME(%s)%|%START_TIME(bad_format)%|" "%START_TIME%|%START_TIME(%f.%1f.%2f.%3f)%"; const time_t test_epoch = 0; const SystemTime time = std::chrono::system_clock::from_time_t(test_epoch); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(time)); FormatterImpl formatter(format, false); EXPECT_EQ( "1970/01/01|0|bad_format|1970-01-01T00:00:00.000Z|000000000.0.00.000", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { // This tests multiple START_TIMEs. const std::string format = "%START_TIME(%s.%3f)%|%START_TIME(%s.%4f)%|%START_TIME(%s.%5f)%|%START_TIME(%s.%6f)%"; const SystemTime start_time(std::chrono::microseconds(1522796769123456)); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(start_time)); FormatterImpl formatter(format, false); EXPECT_EQ( "1522796769.123|1522796769.1234|1522796769.12345|1522796769.123456", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { const std::string format = "%START_TIME(segment1:%s.%3f|segment2:%s.%4f|seg3:%s.%6f|%s-%3f-asdf-%9f|.%7f:segm5:%Y)%"; const SystemTime start_time(std::chrono::microseconds(1522796769123456)); EXPECT_CALL(stream_info, startTime()).WillRepeatedly(Return(start_time)); FormatterImpl formatter(format, false); EXPECT_EQ( "segment1:1522796769.123|segment2:1522796769.1234|seg3:1522796769.123456|1522796769-" "123-asdf-123456000|.1234560:segm5:2018", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { // This tests START_TIME specifier that has shorter segments when formatted, i.e. // absl::FormatTime("%%%%"") equals "%%", %1f will have 1 as its size. const std::string format = "%START_TIME(%%%%|%%%%%f|%s%%%%%3f|%1f%%%%%s)%"; const SystemTime start_time(std::chrono::microseconds(1522796769123456)); EXPECT_CALL(stream_info, startTime()).WillOnce(Return(start_time)); FormatterImpl formatter(format, false); EXPECT_EQ( "%%|%%123456000|1522796769%%123|1%%1522796769", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } #ifndef WIN32 { const std::string format = "%START_TIME(%E4n)%"; const SystemTime start_time(std::chrono::microseconds(1522796769123456)); EXPECT_CALL(stream_info, startTime()).WillOnce(Return(start_time)); FormatterImpl formatter(format); EXPECT_EQ("%E4n", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } #endif } TEST(SubstitutionFormatterTest, CompositeFormatterEmpty) { StreamInfo::MockStreamInfo stream_info; Http::TestRequestHeaderMapImpl request_header{}; Http::TestResponseHeaderMapImpl response_header{}; Http::TestResponseTrailerMapImpl response_trailer{}; std::string body; { const std::string format = "%PROTOCOL%|%RESP(not exist)%|" "%REQ(FIRST?SECOND)%|%RESP(FIRST?SECOND)%|" "%TRAILER(THIRD)%|%TRAILER(TEST?TEST-2)%"; FormatterImpl formatter(format, false); EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(absl::nullopt)); EXPECT_EQ("-|-|-|-|-|-", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { const std::string format = "%PROTOCOL%|%RESP(not exist)%|" "%REQ(FIRST?SECOND)%%RESP(FIRST?SECOND)%|" "%TRAILER(THIRD)%|%TRAILER(TEST?TEST-2)%"; FormatterImpl formatter(format, true); EXPECT_CALL(stream_info, protocol()).WillRepeatedly(Return(absl::nullopt)); EXPECT_EQ("||||", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { envoy::config::core::v3::Metadata metadata; EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); const std::string format = "%DYNAMIC_METADATA(com.test:test_key)%|%DYNAMIC_METADATA(com.test:" "test_obj)%|%DYNAMIC_METADATA(com.test:test_obj:inner_key)%"; FormatterImpl formatter(format, false); EXPECT_EQ("-|-|-", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { envoy::config::core::v3::Metadata metadata; EXPECT_CALL(stream_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); const std::string format = "%DYNAMIC_METADATA(com.test:test_key)%|%DYNAMIC_METADATA(com.test:" "test_obj)%|%DYNAMIC_METADATA(com.test:test_obj:inner_key)%"; FormatterImpl formatter(format, true); EXPECT_EQ("||", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); const std::string format = "%FILTER_STATE(testing)%|%FILTER_STATE(serialized)%|" "%FILTER_STATE(testing):8%|%FILTER_STATE(nonexisting)%"; FormatterImpl formatter(format, false); EXPECT_EQ("-|-|-|-", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } { EXPECT_CALL(Const(stream_info), filterState()).Times(testing::AtLeast(1)); const std::string format = "%FILTER_STATE(testing)%|%FILTER_STATE(serialized)%|" "%FILTER_STATE(testing):8%|%FILTER_STATE(nonexisting)%"; FormatterImpl formatter(format, true); EXPECT_EQ("|||", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } } TEST(SubstitutionFormatterTest, ParserFailures) { SubstitutionFormatParser parser; std::vector test_cases = { "{{%PROTOCOL%}} ++ %REQ(FIRST?SECOND)% %RESP(FIRST?SECOND)", "%REQ(FIRST?SECOND)T%", "RESP(FIRST)%", "%REQ(valid)% %NOT_VALID%", "%REQ(FIRST?SECOND%", "%%", "%%HOSTNAME%PROTOCOL%", "%protocol%", "%REQ(TEST):%", "%REQ(TEST):3q4%", "%REQ(\n)%", "%REQ(?\n)%", "%RESP(TEST):%", "%RESP(X?Y):%", "%RESP(X?Y):343o24%", "%REQ(TEST):10", "REQ(:TEST):10%", "%REQ(TEST:10%", "%REQ(", "%REQ(X?Y?Z)%", "%TRAILER(TEST):%", "%TRAILER(TEST):23u1%", "%TRAILER(X?Y?Z)%", "%TRAILER(:TEST):10", "%DYNAMIC_METADATA(TEST", "%FILTER_STATE(TEST", "%FILTER_STATE()%", "%START_TIME(%85n)%", "%START_TIME(%#__88n)%", "%START_TIME(%En%)%", "%START_TIME(%4En%)%", "%START_TIME(%On%)%", "%START_TIME(%4On%)%"}; for (const std::string& test_case : test_cases) { EXPECT_THROW(parser.parse(test_case), EnvoyException) << test_case; } } TEST(SubstitutionFormatterTest, ParserSuccesses) { SubstitutionFormatParser parser; std::vector test_cases = {"%START_TIME(%E4n%)%", "%START_TIME(%O4n%)%"}; for (const std::string& test_case : test_cases) { EXPECT_NO_THROW(parser.parse(test_case)); } } } // namespace } // namespace Formatter } // namespace Envoy ================================================ FILE: test/common/grpc/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_cc_test_library", "envoy_package", "envoy_select_google_grpc", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "async_client_impl_test", srcs = ["async_client_impl_test.cc"], deps = [ "//source/common/grpc:async_client_lib", "//test/mocks/http:http_mocks", "//test/mocks/tracing:tracing_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/proto:helloworld_proto_cc_proto", "//test/test_common:test_time_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "async_client_manager_impl_test", srcs = ["async_client_manager_impl_test.cc"], deps = [ "//source/common/api:api_lib", "//source/common/grpc:async_client_manager_lib", "//test/mocks/stats:stats_mocks", "//test/mocks/thread_local:thread_local_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/mocks/upstream:cluster_priority_set_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_fuzz_test( name = "codec_fuzz_test", srcs = ["codec_fuzz_test.cc"], corpus = "codec_corpus", deps = [ "//source/common/buffer:buffer_lib", "//source/common/grpc:codec_lib", "//test/fuzz:utility_lib", "//test/proto:helloworld_proto_cc_proto", ], ) envoy_cc_test( name = "codec_test", srcs = ["codec_test.cc"], deps = [ "//source/common/buffer:buffer_lib", "//source/common/grpc:codec_lib", "//test/common/buffer:utility_lib", "//test/proto:helloworld_proto_cc_proto", ], ) envoy_cc_test( name = "common_test", srcs = ["common_test.cc"], deps = [ "//source/common/grpc:common_lib", "//source/common/http:headers_lib", "//test/mocks/stream_info:stream_info_mocks", "//test/proto:helloworld_proto_cc_proto", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "context_impl_test", srcs = ["context_impl_test.cc"], deps = [ "//source/common/grpc:common_lib", "//source/common/grpc:context_lib", "//source/common/http:headers_lib", "//test/mocks/upstream:cluster_info_mocks", "//test/test_common:global_lib", ], ) envoy_cc_test( name = "google_grpc_utils_test", srcs = envoy_select_google_grpc(["google_grpc_utils_test.cc"]), deps = [ "//source/common/grpc:common_lib", "//source/common/http:headers_lib", "//test/proto:helloworld_proto_cc_proto", "//test/test_common:utility_lib", ] + envoy_select_google_grpc(["//source/common/grpc:google_grpc_utils_lib"]), ) envoy_cc_test( name = "google_async_client_impl_test", srcs = envoy_select_google_grpc(["google_async_client_impl_test.cc"]), deps = [ "//source/common/api:api_lib", "//source/common/event:dispatcher_lib", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", "//source/common/tracing:http_tracer_lib", "//test/mocks/grpc:grpc_mocks", "//test/mocks/tracing:tracing_mocks", "//test/proto:helloworld_proto_cc_proto", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", ] + envoy_select_google_grpc(["//source/common/grpc:google_async_client_lib"]), ) envoy_cc_test( name = "google_grpc_creds_test", srcs = envoy_select_google_grpc(["google_grpc_creds_test.cc"]), data = [":service_key.json"], deps = [ ":utility_lib", "//test/mocks/stats:stats_mocks", "//test/test_common:utility_lib", ] + envoy_select_google_grpc(["//source/common/grpc:google_grpc_creds_lib"]), ) envoy_cc_test_library( name = "grpc_client_integration_lib", hdrs = ["grpc_client_integration.h"], deps = [ "//source/common/common:assert_lib", "//test/mocks/secret:secret_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "grpc_client_integration_test_harness_lib", hdrs = ["grpc_client_integration_test_harness.h"], deps = [ ":grpc_client_integration_lib", ":utility_lib", "//source/common/api:api_lib", "//source/common/event:dispatcher_lib", "//source/common/grpc:context_lib", "//source/common/http:context_lib", "//source/common/http/http2:conn_pool_lib", "//test/integration:integration_lib", "//test/mocks/local_info:local_info_mocks", "//test/mocks/server:transport_socket_factory_context_mocks", "//test/mocks/upstream:cluster_info_mocks", "//test/mocks/upstream:cluster_manager_mocks", "//test/mocks/upstream:host_mocks", "//test/mocks/upstream:thread_local_cluster_mocks", "//test/proto:helloworld_proto_cc_proto", "//test/test_common:global_lib", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "grpc_client_integration_test", srcs = ["grpc_client_integration_test.cc"], deps = [ ":grpc_client_integration_test_harness_lib", "//source/common/grpc:async_client_lib", "//source/extensions/grpc_credentials:well_known_names", "//source/extensions/grpc_credentials/example:config", ] + envoy_select_google_grpc(["//source/common/grpc:google_async_client_lib"]), ) envoy_cc_test_library( name = "utility_lib", hdrs = ["utility.h"], data = ["//test/config/integration/certs"], deps = [ "//test/test_common:environment_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) ================================================ FILE: test/common/grpc/async_client_impl_test.cc ================================================ #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/grpc/async_client_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/tracing/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/test_time.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Eq; using testing::Invoke; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Grpc { namespace { class EnvoyAsyncClientImplTest : public testing::Test { public: EnvoyAsyncClientImplTest() : method_descriptor_(helloworld::Greeter::descriptor()->FindMethodByName("SayHello")) { envoy::config::core::v3::GrpcService config; config.mutable_envoy_grpc()->set_cluster_name("test_cluster"); grpc_client_ = std::make_unique(cm_, config, test_time_.timeSystem()); ON_CALL(cm_, httpAsyncClientForCluster("test_cluster")).WillByDefault(ReturnRef(http_client_)); } const Protobuf::MethodDescriptor* method_descriptor_; NiceMock http_client_; NiceMock cm_; AsyncClient grpc_client_; DangerousDeprecatedTestTime test_time_; }; // Validate that the host header is the cluster name in grpc config. TEST_F(EnvoyAsyncClientImplTest, HostIsClusterNameByDefault) { NiceMock> grpc_callbacks; Http::AsyncClient::StreamCallbacks* http_callbacks; Http::MockAsyncClientStream http_stream; EXPECT_CALL(http_client_, start(_, _)) .WillOnce( Invoke([&http_callbacks, &http_stream](Http::AsyncClient::StreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions&) { http_callbacks = &callbacks; return &http_stream; })); EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(testing::Truly([](Http::RequestHeaderMap& headers) { return headers.Host()->value() == "test_cluster"; }))); EXPECT_CALL(http_stream, sendHeaders(_, _)) .WillOnce(Invoke([&http_callbacks](Http::HeaderMap&, bool) { http_callbacks->onReset(); })); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_EQ(grpc_stream, nullptr); } // Validate that the host header is the authority field in grpc config. TEST_F(EnvoyAsyncClientImplTest, HostIsOverrideByConfig) { envoy::config::core::v3::GrpcService config; config.mutable_envoy_grpc()->set_cluster_name("test_cluster"); config.mutable_envoy_grpc()->set_authority("demo.com"); grpc_client_ = std::make_unique(cm_, config, test_time_.timeSystem()); EXPECT_CALL(cm_, httpAsyncClientForCluster("test_cluster")) .WillRepeatedly(ReturnRef(http_client_)); NiceMock> grpc_callbacks; Http::AsyncClient::StreamCallbacks* http_callbacks; Http::MockAsyncClientStream http_stream; EXPECT_CALL(http_client_, start(_, _)) .WillOnce( Invoke([&http_callbacks, &http_stream](Http::AsyncClient::StreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions&) { http_callbacks = &callbacks; return &http_stream; })); EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(testing::Truly([](Http::RequestHeaderMap& headers) { return headers.Host()->value() == "demo.com"; }))); EXPECT_CALL(http_stream, sendHeaders(_, _)) .WillOnce(Invoke([&http_callbacks](Http::HeaderMap&, bool) { http_callbacks->onReset(); })); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_EQ(grpc_stream, nullptr); } // Validate that a failure in the HTTP client returns immediately with status // UNAVAILABLE. TEST_F(EnvoyAsyncClientImplTest, StreamHttpStartFail) { MockAsyncStreamCallbacks grpc_callbacks; ON_CALL(http_client_, start(_, _)).WillByDefault(Return(nullptr)); EXPECT_CALL(grpc_callbacks, onRemoteClose(Status::WellKnownGrpcStatus::Unavailable, "")); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_EQ(grpc_stream, nullptr); } // Validate that a failure in the HTTP client returns immediately with status // UNAVAILABLE. TEST_F(EnvoyAsyncClientImplTest, RequestHttpStartFail) { MockAsyncRequestCallbacks grpc_callbacks; ON_CALL(http_client_, start(_, _)).WillByDefault(Return(nullptr)); EXPECT_CALL(grpc_callbacks, onFailure(Status::WellKnownGrpcStatus::Unavailable, "", _)); helloworld::HelloRequest request_msg; Tracing::MockSpan active_span; Tracing::MockSpan* child_span{new Tracing::MockSpan()}; EXPECT_CALL(active_span, spawnChild_(_, "async test_cluster egress", _)) .WillOnce(Return(child_span)); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Component), Eq(Tracing::Tags::get().Proxy))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().UpstreamCluster), Eq("test_cluster"))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("14"))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Error), Eq(Tracing::Tags::get().True))); EXPECT_CALL(*child_span, finishSpan()); EXPECT_CALL(*child_span, injectContext(_)).Times(0); auto* grpc_request = grpc_client_->send(*method_descriptor_, request_msg, grpc_callbacks, active_span, Http::AsyncClient::RequestOptions()); EXPECT_EQ(grpc_request, nullptr); } // Validate that a failure to sendHeaders() in the HTTP client returns // immediately with status INTERNAL. TEST_F(EnvoyAsyncClientImplTest, StreamHttpSendHeadersFail) { MockAsyncStreamCallbacks grpc_callbacks; Http::AsyncClient::StreamCallbacks* http_callbacks; Http::MockAsyncClientStream http_stream; EXPECT_CALL(http_client_, start(_, _)) .WillOnce( Invoke([&http_callbacks, &http_stream](Http::AsyncClient::StreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions&) { http_callbacks = &callbacks; return &http_stream; })); EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(_)); EXPECT_CALL(http_stream, sendHeaders(_, _)) .WillOnce(Invoke([&http_callbacks](Http::HeaderMap& headers, bool end_stream) { UNREFERENCED_PARAMETER(headers); UNREFERENCED_PARAMETER(end_stream); http_callbacks->onReset(); })); EXPECT_CALL(grpc_callbacks, onReceiveTrailingMetadata_(_)); EXPECT_CALL(grpc_callbacks, onRemoteClose(Status::WellKnownGrpcStatus::Internal, "")); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_EQ(grpc_stream, nullptr); } // Validate that a failure to sendHeaders() in the HTTP client returns // immediately with status INTERNAL. TEST_F(EnvoyAsyncClientImplTest, RequestHttpSendHeadersFail) { MockAsyncRequestCallbacks grpc_callbacks; Http::AsyncClient::StreamCallbacks* http_callbacks; Http::MockAsyncClientStream http_stream; EXPECT_CALL(http_client_, start(_, _)) .WillOnce( Invoke([&http_callbacks, &http_stream](Http::AsyncClient::StreamCallbacks& callbacks, const Http::AsyncClient::StreamOptions&) { http_callbacks = &callbacks; return &http_stream; })); EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(_)); EXPECT_CALL(http_stream, sendHeaders(_, _)) .WillOnce(Invoke([&http_callbacks](Http::HeaderMap& headers, bool end_stream) { UNREFERENCED_PARAMETER(headers); UNREFERENCED_PARAMETER(end_stream); http_callbacks->onReset(); })); EXPECT_CALL(grpc_callbacks, onFailure(Status::WellKnownGrpcStatus::Internal, "", _)); helloworld::HelloRequest request_msg; Tracing::MockSpan active_span; Tracing::MockSpan* child_span{new Tracing::MockSpan()}; EXPECT_CALL(active_span, spawnChild_(_, "async test_cluster egress", _)) .WillOnce(Return(child_span)); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Component), Eq(Tracing::Tags::get().Proxy))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().UpstreamCluster), Eq("test_cluster"))); EXPECT_CALL(*child_span, injectContext(_)); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("13"))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Error), Eq(Tracing::Tags::get().True))); EXPECT_CALL(*child_span, finishSpan()); auto* grpc_request = grpc_client_->send(*method_descriptor_, request_msg, grpc_callbacks, active_span, Http::AsyncClient::RequestOptions()); EXPECT_EQ(grpc_request, nullptr); } // Validate that when the cluster is not present the grpc_client returns immediately with // status UNAVAILABLE and error message "Cluster not available" TEST_F(EnvoyAsyncClientImplTest, StreamHttpClientException) { MockAsyncStreamCallbacks grpc_callbacks; ON_CALL(cm_, get(_)).WillByDefault(Return(nullptr)); EXPECT_CALL(grpc_callbacks, onRemoteClose(Status::WellKnownGrpcStatus::Unavailable, "Cluster not available")); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_EQ(grpc_stream, nullptr); } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/async_client_manager_impl_test.cc ================================================ #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/api/api_impl.h" #include "common/grpc/async_client_manager_impl.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/thread_local/mocks.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/mocks/upstream/cluster_priority_set.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using ::testing::Return; namespace Envoy { namespace Grpc { namespace { class AsyncClientManagerImplTest : public testing::Test { public: AsyncClientManagerImplTest() : api_(Api::createApiForTest()), stat_names_(scope_.symbolTable()), async_client_manager_(cm_, tls_, test_time_.timeSystem(), *api_, stat_names_) {} Upstream::MockClusterManager cm_; NiceMock tls_; Stats::MockStore scope_; DangerousDeprecatedTestTime test_time_; Api::ApiPtr api_; StatNames stat_names_; AsyncClientManagerImpl async_client_manager_; }; TEST_F(AsyncClientManagerImplTest, EnvoyGrpcOk) { envoy::config::core::v3::GrpcService grpc_service; grpc_service.mutable_envoy_grpc()->set_cluster_name("foo"); Upstream::ClusterManager::ClusterInfoMap cluster_map; Upstream::MockClusterMockPrioritySet cluster; cluster_map.emplace("foo", cluster); EXPECT_CALL(cm_, clusters()).WillOnce(Return(cluster_map)); EXPECT_CALL(cluster, info()); EXPECT_CALL(*cluster.info_, addedViaApi()); async_client_manager_.factoryForGrpcService(grpc_service, scope_, false); } TEST_F(AsyncClientManagerImplTest, EnvoyGrpcUnknown) { envoy::config::core::v3::GrpcService grpc_service; grpc_service.mutable_envoy_grpc()->set_cluster_name("foo"); EXPECT_CALL(cm_, clusters()); EXPECT_THROW_WITH_MESSAGE( async_client_manager_.factoryForGrpcService(grpc_service, scope_, false), EnvoyException, "Unknown gRPC client cluster 'foo'"); } TEST_F(AsyncClientManagerImplTest, EnvoyGrpcDynamicCluster) { envoy::config::core::v3::GrpcService grpc_service; grpc_service.mutable_envoy_grpc()->set_cluster_name("foo"); Upstream::ClusterManager::ClusterInfoMap cluster_map; Upstream::MockClusterMockPrioritySet cluster; cluster_map.emplace("foo", cluster); EXPECT_CALL(cm_, clusters()).WillOnce(Return(cluster_map)); EXPECT_CALL(cluster, info()); EXPECT_CALL(*cluster.info_, addedViaApi()).WillOnce(Return(true)); EXPECT_THROW_WITH_MESSAGE( async_client_manager_.factoryForGrpcService(grpc_service, scope_, false), EnvoyException, "gRPC client cluster 'foo' is not static"); } TEST_F(AsyncClientManagerImplTest, GoogleGrpc) { EXPECT_CALL(scope_, createScope_("grpc.foo.")); envoy::config::core::v3::GrpcService grpc_service; grpc_service.mutable_google_grpc()->set_stat_prefix("foo"); #ifdef ENVOY_GOOGLE_GRPC EXPECT_NE(nullptr, async_client_manager_.factoryForGrpcService(grpc_service, scope_, false)); #else EXPECT_THROW_WITH_MESSAGE( async_client_manager_.factoryForGrpcService(grpc_service, scope_, false), EnvoyException, "Google C++ gRPC client is not linked"); #endif } TEST_F(AsyncClientManagerImplTest, EnvoyGrpcUnknownOk) { envoy::config::core::v3::GrpcService grpc_service; grpc_service.mutable_envoy_grpc()->set_cluster_name("foo"); EXPECT_CALL(cm_, clusters()).Times(0); ASSERT_NO_THROW(async_client_manager_.factoryForGrpcService(grpc_service, scope_, true)); } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/codec_corpus/empty ================================================ ================================================ FILE: test/common/grpc/codec_fuzz_test.cc ================================================ #include "common/buffer/buffer_impl.h" #include "common/grpc/codec.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" #include "test/proto/helloworld.pb.h" namespace Envoy { namespace Grpc { namespace Fuzz { // Fuzz the Grpc::decode() implementation, validating that decode(encode(x)) == // x for all x, regardless of how the encoded buffer is partitioned. Models // frame boundary conditions and also trailing random crud, which effectively // models line noise input to the decoder as well. DEFINE_FUZZER(const uint8_t* buf, size_t len) { FuzzedDataProvider provider(buf, len); // We probably won't learn a ton more after a few frames worth. const uint32_t num_encode_frames = provider.ConsumeIntegralInRange(0, 3); // Model a buffer containing the wire input to the decoder. Buffer::OwnedImpl wire_buffer; // We populate these proto requests and then encode them into wire_buffer. std::vector> requests; // Bounding the size of each request somewhat for sanity sake. We are trading // off being able to see what happens at really large sizes, e.g. 16MB, but // that will just be too slow, lots of memcpy. const size_t MaxRequestNameSize = 96 * 1024; for (uint32_t i = 0; i < num_encode_frames; ++i) { requests.emplace_back(new helloworld::HelloRequest()); requests.back()->set_name_bytes(provider.ConsumeRandomLengthString(MaxRequestNameSize)); // Encode the proto to bytes. const std::string request_buffer = requests.back()->SerializeAsString(); // Encode the gRPC header. std::array header; Encoder encoder; encoder.newFrame(GRPC_FH_DEFAULT, request_buffer.size(), header); // Add header and byte representation of request to wire. wire_buffer.add(header.data(), 5); wire_buffer.add(request_buffer.data(), request_buffer.size()); } // Add random crud at the end to see if we can make the decoder unhappy in // non-standard ways. { const std::string crud = provider.ConsumeRandomLengthString(MaxRequestNameSize); wire_buffer.add(crud.data(), crud.size()); } Decoder decoder; std::vector frames; // We now decode the wire contents, piecemeal. while (wire_buffer.length() > 0) { // We'll try and pick a partition for the remaining content, so that we // enable the fuzzer to explore different ways to cut it. const uint64_t decode_length = provider.remaining_bytes() == 0 ? wire_buffer.length() : provider.ConsumeIntegralInRange(0, wire_buffer.length()); Buffer::OwnedImpl decode_buffer; decode_buffer.move(wire_buffer, decode_length); const bool decode_result = decoder.decode(decode_buffer, frames); // If we have recovered the original frames, we're decoding garbage. It // might end up being a valid frame, but there is no predictability, so just // drain and move on. If we haven't recovered the original frames, we // shouldn't have any errors and should be consuming all of decode_buffer. if (frames.size() >= num_encode_frames) { decode_buffer.drain(decode_buffer.length()); } else { FUZZ_ASSERT(decode_result); FUZZ_ASSERT(decode_buffer.length() == 0); } } // Verify that the original requests are correctly decoded. FUZZ_ASSERT(frames.size() >= num_encode_frames); for (uint32_t i = 0; i < num_encode_frames; ++i) { helloworld::HelloRequest decoded_request; FUZZ_ASSERT(decoded_request.ParseFromArray( frames[i].data_->linearize(frames[i].data_->length()), frames[i].data_->length())); FUZZ_ASSERT(decoded_request.name_bytes() == requests[i]->name_bytes()); } } } // namespace Fuzz } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/codec_test.cc ================================================ #include #include #include #include #include "common/buffer/buffer_impl.h" #include "common/grpc/codec.h" #include "test/common/buffer/utility.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/printers.h" #include "gtest/gtest.h" namespace Envoy { namespace Grpc { namespace { TEST(GrpcCodecTest, encodeHeader) { Encoder encoder; std::array buffer; encoder.newFrame(GRPC_FH_DEFAULT, 1, buffer); EXPECT_EQ(buffer[0], GRPC_FH_DEFAULT); EXPECT_EQ(buffer[1], 0); EXPECT_EQ(buffer[2], 0); EXPECT_EQ(buffer[3], 0); EXPECT_EQ(buffer[4], 1); encoder.newFrame(GRPC_FH_COMPRESSED, 1, buffer); EXPECT_EQ(buffer[0], GRPC_FH_COMPRESSED); EXPECT_EQ(buffer[1], 0); EXPECT_EQ(buffer[2], 0); EXPECT_EQ(buffer[3], 0); EXPECT_EQ(buffer[4], 1); encoder.newFrame(GRPC_FH_DEFAULT, 0x100, buffer); EXPECT_EQ(buffer[0], GRPC_FH_DEFAULT); EXPECT_EQ(buffer[1], 0); EXPECT_EQ(buffer[2], 0); EXPECT_EQ(buffer[3], 1); EXPECT_EQ(buffer[4], 0); encoder.newFrame(GRPC_FH_DEFAULT, 0x10000, buffer); EXPECT_EQ(buffer[0], GRPC_FH_DEFAULT); EXPECT_EQ(buffer[1], 0); EXPECT_EQ(buffer[2], 1); EXPECT_EQ(buffer[3], 0); EXPECT_EQ(buffer[4], 0); encoder.newFrame(GRPC_FH_DEFAULT, 0x1000000, buffer); EXPECT_EQ(buffer[0], GRPC_FH_DEFAULT); EXPECT_EQ(buffer[1], 1); EXPECT_EQ(buffer[2], 0); EXPECT_EQ(buffer[3], 0); EXPECT_EQ(buffer[4], 0); } TEST(GrpcCodecTest, decodeIncompleteFrame) { helloworld::HelloRequest request; request.set_name("hello"); std::string request_buffer = request.SerializeAsString(); Buffer::OwnedImpl buffer; std::array header; Encoder encoder; encoder.newFrame(GRPC_FH_DEFAULT, request.ByteSize(), header); buffer.add(header.data(), 5); buffer.add(request_buffer.c_str(), 5); std::vector frames; Decoder decoder; EXPECT_TRUE(decoder.decode(buffer, frames)); EXPECT_EQ(static_cast(0), buffer.length()); EXPECT_EQ(static_cast(0), frames.size()); EXPECT_EQ(static_cast(request.ByteSize()), decoder.length()); EXPECT_EQ(true, decoder.hasBufferedData()); buffer.add(request_buffer.c_str() + 5); EXPECT_TRUE(decoder.decode(buffer, frames)); EXPECT_EQ(static_cast(0), buffer.length()); EXPECT_EQ(static_cast(1), frames.size()); EXPECT_EQ(static_cast(0), decoder.length()); EXPECT_EQ(false, decoder.hasBufferedData()); helloworld::HelloRequest decoded_request; EXPECT_TRUE(decoded_request.ParseFromArray(frames[0].data_->linearize(frames[0].data_->length()), frames[0].data_->length())); EXPECT_EQ("hello", decoded_request.name()); } TEST(GrpcCodecTest, decodeInvalidFrame) { helloworld::HelloRequest request; request.set_name("hello"); Buffer::OwnedImpl buffer; std::array header; Encoder encoder; encoder.newFrame(0b10u, request.ByteSize(), header); buffer.add(header.data(), 5); buffer.add(request.SerializeAsString()); size_t size = buffer.length(); std::vector frames; Decoder decoder; EXPECT_FALSE(decoder.decode(buffer, frames)); EXPECT_EQ(size, buffer.length()); } TEST(GrpcCodecTest, decodeEmptyFrame) { Buffer::OwnedImpl buffer("\0\0\0\0", 5); Decoder decoder; std::vector frames; EXPECT_TRUE(decoder.decode(buffer, frames)); EXPECT_EQ(1, frames.size()); EXPECT_EQ(0, frames[0].length_); } TEST(GrpcCodecTest, decodeSingleFrame) { helloworld::HelloRequest request; request.set_name("hello"); Buffer::OwnedImpl buffer; std::array header; Encoder encoder; encoder.newFrame(GRPC_FH_DEFAULT, request.ByteSize(), header); buffer.add(header.data(), 5); buffer.add(request.SerializeAsString()); std::vector frames; Decoder decoder; EXPECT_TRUE(decoder.decode(buffer, frames)); EXPECT_EQ(static_cast(0), buffer.length()); EXPECT_EQ(frames.size(), static_cast(1)); EXPECT_EQ(GRPC_FH_DEFAULT, frames[0].flags_); EXPECT_EQ(static_cast(request.ByteSize()), frames[0].length_); helloworld::HelloRequest result; result.ParseFromArray(frames[0].data_->linearize(frames[0].data_->length()), frames[0].data_->length()); EXPECT_EQ("hello", result.name()); } TEST(GrpcCodecTest, decodeMultipleFrame) { helloworld::HelloRequest request; request.set_name("hello"); Buffer::OwnedImpl buffer; std::array header; Encoder encoder; encoder.newFrame(GRPC_FH_DEFAULT, request.ByteSize(), header); for (int i = 0; i < 1009; i++) { buffer.add(header.data(), 5); buffer.add(request.SerializeAsString()); } std::vector frames; Decoder decoder; EXPECT_TRUE(decoder.decode(buffer, frames)); EXPECT_EQ(static_cast(0), buffer.length()); EXPECT_EQ(frames.size(), static_cast(1009)); for (Frame& frame : frames) { EXPECT_EQ(GRPC_FH_DEFAULT, frame.flags_); EXPECT_EQ(static_cast(request.ByteSize()), frame.length_); helloworld::HelloRequest result; result.ParseFromArray(frame.data_->linearize(frame.data_->length()), frame.data_->length()); EXPECT_EQ("hello", result.name()); } } TEST(GrpcCodecTest, FrameInspectorTest) { { Buffer::OwnedImpl buffer; FrameInspector counter; EXPECT_EQ(0, counter.inspect(buffer)); EXPECT_EQ(counter.state(), State::FhFlag); EXPECT_EQ(counter.frameCount(), 0); } { Buffer::OwnedImpl buffer; FrameInspector counter; Buffer::addSeq(buffer, {0}); EXPECT_EQ(1, counter.inspect(buffer)); EXPECT_EQ(counter.state(), State::FhLen0); EXPECT_EQ(counter.frameCount(), 1); } { Buffer::OwnedImpl buffer; FrameInspector counter; Buffer::addSeq(buffer, {1, 0, 0, 0, 1, 0xFF}); EXPECT_EQ(1, counter.inspect(buffer)); EXPECT_EQ(counter.state(), State::FhFlag); EXPECT_EQ(counter.frameCount(), 1); } { FrameInspector counter; Buffer::OwnedImpl buffer1; Buffer::addSeq(buffer1, {1, 0, 0, 0}); EXPECT_EQ(1, counter.inspect(buffer1)); EXPECT_EQ(counter.state(), State::FhLen3); EXPECT_EQ(counter.frameCount(), 1); Buffer::OwnedImpl buffer2; Buffer::addSeq(buffer2, {1, 0xFF}); EXPECT_EQ(0, counter.inspect(buffer2)); EXPECT_EQ(counter.frameCount(), 1); } { Buffer::OwnedImpl buffer; FrameInspector counter; Buffer::addSeq(buffer, {1, 0, 0, 0, 1, 0xFF}); Buffer::addSeq(buffer, {0, 0, 0, 0, 2, 0xFF, 0xFF}); EXPECT_EQ(2, counter.inspect(buffer)); EXPECT_EQ(counter.state(), State::FhFlag); EXPECT_EQ(counter.frameCount(), 2); } { Buffer::OwnedImpl buffer1; Buffer::OwnedImpl buffer2; FrameInspector counter; // message spans two buffers Buffer::addSeq(buffer1, {1, 0, 0, 0, 2, 0xFF}); Buffer::addSeq(buffer2, {0xFF, 0, 0, 0, 0, 2, 0xFF, 0xFF}); EXPECT_EQ(1, counter.inspect(buffer1)); EXPECT_EQ(1, counter.inspect(buffer2)); EXPECT_EQ(counter.state(), State::FhFlag); EXPECT_EQ(counter.frameCount(), 2); } { Buffer::OwnedImpl buffer; FrameInspector counter; // Add longer byte sequence Buffer::addSeq(buffer, {1, 0, 0, 1, 0}); Buffer::addRepeated(buffer, 1 << 8, 0xFF); // Start second message Buffer::addSeq(buffer, {0}); EXPECT_EQ(2, counter.inspect(buffer)); EXPECT_EQ(counter.state(), State::FhLen0); EXPECT_EQ(counter.frameCount(), 2); } { // two empty messages Buffer::OwnedImpl buffer; FrameInspector counter; Buffer::addRepeated(buffer, 10, 0); EXPECT_EQ(2, counter.inspect(buffer)); EXPECT_EQ(counter.frameCount(), 2); } } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/common_test.cc ================================================ #include "envoy/common/platform.h" #include "common/grpc/common.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "test/mocks/stream_info/mocks.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/global.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Grpc { TEST(GrpcContextTest, GetGrpcStatus) { Http::TestResponseHeaderMapImpl ok_trailers{{"grpc-status", "0"}}; EXPECT_EQ(Status::Ok, Common::getGrpcStatus(ok_trailers).value()); Http::TestResponseHeaderMapImpl no_status_trailers{{"foo", "bar"}}; EXPECT_FALSE(Common::getGrpcStatus(no_status_trailers)); Http::TestResponseHeaderMapImpl aborted_trailers{{"grpc-status", "10"}}; EXPECT_EQ(Status::Aborted, Common::getGrpcStatus(aborted_trailers).value()); Http::TestResponseHeaderMapImpl unauth_trailers{{"grpc-status", "16"}}; EXPECT_EQ(Status::Unauthenticated, Common::getGrpcStatus(unauth_trailers).value()); Http::TestResponseHeaderMapImpl invalid_trailers{{"grpc-status", "-1"}}; EXPECT_EQ(Status::InvalidCode, Common::getGrpcStatus(invalid_trailers).value()); Http::TestResponseHeaderMapImpl user_defined_invalid_trailers{{"grpc-status", "1024"}}; EXPECT_EQ(Status::InvalidCode, Common::getGrpcStatus(invalid_trailers).value()); Http::TestResponseHeaderMapImpl user_defined_trailers{{"grpc-status", "1024"}}; EXPECT_EQ(1024, Common::getGrpcStatus(user_defined_trailers, true).value()); } TEST(GrpcContextTest, GetGrpcStatusWithFallbacks) { Http::TestResponseHeaderMapImpl ok_status_headers{{"grpc-status", "0"}}; Http::TestResponseHeaderMapImpl no_status_headers{{"foo", "bar"}}; Http::TestResponseTrailerMapImpl ok_status_trailers{{"grpc-status", "0"}}; Http::TestResponseTrailerMapImpl no_status_trailers{{"foo", "bar"}}; NiceMock info; EXPECT_CALL(info, responseCode()).WillRepeatedly(testing::Return(404)); EXPECT_EQ(Status::Ok, Common::getGrpcStatus(ok_status_trailers, no_status_headers, info).value()); EXPECT_EQ(Status::Ok, Common::getGrpcStatus(no_status_trailers, ok_status_headers, info).value()); EXPECT_EQ(Status::Unimplemented, Common::getGrpcStatus(no_status_trailers, no_status_headers, info).value()); NiceMock info_without_code; EXPECT_FALSE(Common::getGrpcStatus(no_status_trailers, no_status_headers, info_without_code)); } TEST(GrpcContextTest, GetGrpcMessage) { Http::TestResponseTrailerMapImpl empty_trailers; EXPECT_EQ("", Common::getGrpcMessage(empty_trailers)); Http::TestResponseTrailerMapImpl error_trailers{{"grpc-message", "Some error"}}; EXPECT_EQ("Some error", Common::getGrpcMessage(error_trailers)); Http::TestResponseTrailerMapImpl empty_error_trailers{{"grpc-message", ""}}; EXPECT_EQ("", Common::getGrpcMessage(empty_error_trailers)); } TEST(GrpcContextTest, GetGrpcTimeout) { Http::TestRequestHeaderMapImpl empty_headers; EXPECT_EQ(absl::nullopt, Common::getGrpcTimeout(empty_headers)); Http::TestRequestHeaderMapImpl empty_grpc_timeout{{"grpc-timeout", ""}}; EXPECT_EQ(absl::nullopt, Common::getGrpcTimeout(empty_grpc_timeout)); Http::TestRequestHeaderMapImpl missing_unit{{"grpc-timeout", "123"}}; EXPECT_EQ(absl::nullopt, Common::getGrpcTimeout(missing_unit)); Http::TestRequestHeaderMapImpl illegal_unit{{"grpc-timeout", "123F"}}; EXPECT_EQ(absl::nullopt, Common::getGrpcTimeout(illegal_unit)); Http::TestRequestHeaderMapImpl unit_hours{{"grpc-timeout", "0H"}}; EXPECT_EQ(std::chrono::milliseconds(0), Common::getGrpcTimeout(unit_hours)); Http::TestRequestHeaderMapImpl zero_hours{{"grpc-timeout", "1H"}}; EXPECT_EQ(std::chrono::milliseconds(60 * 60 * 1000), Common::getGrpcTimeout(zero_hours)); Http::TestRequestHeaderMapImpl unit_minutes{{"grpc-timeout", "1M"}}; EXPECT_EQ(std::chrono::milliseconds(60 * 1000), Common::getGrpcTimeout(unit_minutes)); Http::TestRequestHeaderMapImpl unit_seconds{{"grpc-timeout", "1S"}}; EXPECT_EQ(std::chrono::milliseconds(1000), Common::getGrpcTimeout(unit_seconds)); Http::TestRequestHeaderMapImpl unit_milliseconds{{"grpc-timeout", "12345678m"}}; EXPECT_EQ(std::chrono::milliseconds(12345678), Common::getGrpcTimeout(unit_milliseconds)); Http::TestRequestHeaderMapImpl unit_microseconds{{"grpc-timeout", "1000001u"}}; EXPECT_EQ(std::chrono::milliseconds(1001), Common::getGrpcTimeout(unit_microseconds)); Http::TestRequestHeaderMapImpl unit_nanoseconds{{"grpc-timeout", "12345678n"}}; EXPECT_EQ(std::chrono::milliseconds(13), Common::getGrpcTimeout(unit_nanoseconds)); // Max 8 digits and no leading whitespace or +- signs are not enforced on decode, // so we don't test for them. } TEST(GrpcCommonTest, GrpcStatusDetailsBin) { Http::TestResponseTrailerMapImpl empty_trailers; EXPECT_FALSE(Common::getGrpcStatusDetailsBin(empty_trailers)); Http::TestResponseTrailerMapImpl invalid_value{{"grpc-status-details-bin", "invalid"}}; EXPECT_FALSE(Common::getGrpcStatusDetailsBin(invalid_value)); Http::TestResponseTrailerMapImpl unpadded_value{ {"grpc-status-details-bin", "CAUSElJlc291cmNlIG5vdCBmb3VuZA"}}; auto status = Common::getGrpcStatusDetailsBin(unpadded_value); ASSERT_TRUE(status); EXPECT_EQ(Status::WellKnownGrpcStatus::NotFound, status->code()); EXPECT_EQ("Resource not found", status->message()); Http::TestResponseTrailerMapImpl padded_value{ {"grpc-status-details-bin", "CAUSElJlc291cmNlIG5vdCBmb3VuZA=="}}; status = Common::getGrpcStatusDetailsBin(padded_value); ASSERT_TRUE(status); EXPECT_EQ(Status::WellKnownGrpcStatus::NotFound, status->code()); EXPECT_EQ("Resource not found", status->message()); } TEST(GrpcContextTest, ToGrpcTimeout) { Http::TestRequestHeaderMapImpl headers; Common::toGrpcTimeout(std::chrono::milliseconds(0UL), headers); EXPECT_EQ("0m", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(1UL), headers); EXPECT_EQ("1m", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(100000000UL), headers); EXPECT_EQ("100000S", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(100000000000UL), headers); EXPECT_EQ("1666666M", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(9000000000000UL), headers); EXPECT_EQ("2500000H", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(360000000000000UL), headers); EXPECT_EQ("99999999H", headers.getGrpcTimeoutValue()); Common::toGrpcTimeout(std::chrono::milliseconds(UINT64_MAX), headers); EXPECT_EQ("99999999H", headers.getGrpcTimeoutValue()); } TEST(GrpcContextTest, PrepareHeaders) { { Http::RequestMessagePtr message = Common::prepareHeaders("cluster", "service_name", "method_name", absl::nullopt); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders( "cluster", "service_name", "method_name", absl::optional(1)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("1m", message->headers().getGrpcTimeoutValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders( "cluster", "service_name", "method_name", absl::optional(1)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("1000m", message->headers().getGrpcTimeoutValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders( "cluster", "service_name", "method_name", absl::optional(1)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("60000m", message->headers().getGrpcTimeoutValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders( "cluster", "service_name", "method_name", absl::optional(1)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("3600000m", message->headers().getGrpcTimeoutValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders( "cluster", "service_name", "method_name", absl::optional(100000000)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("99999999H", message->headers().getGrpcTimeoutValue()); } { Http::RequestMessagePtr message = Common::prepareHeaders("cluster", "service_name", "method_name", absl::optional(100000000000)); EXPECT_EQ("POST", message->headers().getMethodValue()); EXPECT_EQ("/service_name/method_name", message->headers().getPathValue()); EXPECT_EQ("cluster", message->headers().getHostValue()); EXPECT_EQ("application/grpc", message->headers().getContentTypeValue()); EXPECT_EQ("1666666M", message->headers().getGrpcTimeoutValue()); } } TEST(GrpcContextTest, GrpcToHttpStatus) { const std::vector> test_set = { {Status::WellKnownGrpcStatus::Ok, 200}, {Status::WellKnownGrpcStatus::Canceled, 499}, {Status::WellKnownGrpcStatus::Unknown, 500}, {Status::WellKnownGrpcStatus::InvalidArgument, 400}, {Status::WellKnownGrpcStatus::DeadlineExceeded, 504}, {Status::WellKnownGrpcStatus::NotFound, 404}, {Status::WellKnownGrpcStatus::AlreadyExists, 409}, {Status::WellKnownGrpcStatus::PermissionDenied, 403}, {Status::WellKnownGrpcStatus::ResourceExhausted, 429}, {Status::WellKnownGrpcStatus::FailedPrecondition, 400}, {Status::WellKnownGrpcStatus::Aborted, 409}, {Status::WellKnownGrpcStatus::OutOfRange, 400}, {Status::WellKnownGrpcStatus::Unimplemented, 501}, {Status::WellKnownGrpcStatus::Internal, 500}, {Status::WellKnownGrpcStatus::Unavailable, 503}, {Status::WellKnownGrpcStatus::DataLoss, 500}, {Status::WellKnownGrpcStatus::Unauthenticated, 401}, {Status::WellKnownGrpcStatus::InvalidCode, 500}, }; for (const auto& test_case : test_set) { EXPECT_EQ(test_case.second, Grpc::Utility::grpcToHttpStatus(test_case.first)); } } TEST(GrpcContextTest, HttpToGrpcStatus) { const std::vector> test_set = { {400, Status::WellKnownGrpcStatus::Internal}, {401, Status::WellKnownGrpcStatus::Unauthenticated}, {403, Status::WellKnownGrpcStatus::PermissionDenied}, {404, Status::WellKnownGrpcStatus::Unimplemented}, {429, Status::WellKnownGrpcStatus::Unavailable}, {502, Status::WellKnownGrpcStatus::Unavailable}, {503, Status::WellKnownGrpcStatus::Unavailable}, {504, Status::WellKnownGrpcStatus::Unavailable}, {500, Status::WellKnownGrpcStatus::Unknown}, }; for (const auto& test_case : test_set) { EXPECT_EQ(test_case.second, Grpc::Utility::httpToGrpcStatus(test_case.first)); } } TEST(GrpcContextTest, HasGrpcContentType) { { Http::TestRequestHeaderMapImpl headers{}; EXPECT_FALSE(Common::hasGrpcContentType(headers)); } auto isGrpcContentType = [](const std::string& s) { Http::TestRequestHeaderMapImpl headers{{"content-type", s}}; return Common::hasGrpcContentType(headers); }; EXPECT_FALSE(isGrpcContentType("")); EXPECT_FALSE(isGrpcContentType("application/text")); EXPECT_TRUE(isGrpcContentType("application/grpc")); EXPECT_TRUE(isGrpcContentType("application/grpc+")); EXPECT_TRUE(isGrpcContentType("application/grpc+foo")); EXPECT_FALSE(isGrpcContentType("application/grpc-")); EXPECT_FALSE(isGrpcContentType("application/grpc-web")); EXPECT_FALSE(isGrpcContentType("application/grpc-web+foo")); } TEST(GrpcContextTest, IsGrpcRequestHeader) { Http::TestRequestHeaderMapImpl is{ {":method", "GET"}, {":path", "/"}, {"content-type", "application/grpc"}}; EXPECT_TRUE(Common::isGrpcRequestHeaders(is)); Http::TestRequestHeaderMapImpl is_not{{":method", "CONNECT"}, {"content-type", "application/grpc"}}; EXPECT_FALSE(Common::isGrpcRequestHeaders(is_not)); } TEST(GrpcContextTest, IsGrpcResponseHeader) { Http::TestResponseHeaderMapImpl grpc_status_only{{":status", "500"}, {"grpc-status", "14"}}; EXPECT_TRUE(Common::isGrpcResponseHeaders(grpc_status_only, true)); EXPECT_FALSE(Common::isGrpcResponseHeaders(grpc_status_only, false)); Http::TestResponseHeaderMapImpl grpc_response_header{{":status", "200"}, {"content-type", "application/grpc"}}; EXPECT_FALSE(Common::isGrpcResponseHeaders(grpc_response_header, true)); EXPECT_TRUE(Common::isGrpcResponseHeaders(grpc_response_header, false)); Http::TestResponseHeaderMapImpl json_response_header{{":status", "200"}, {"content-type", "application/json"}}; EXPECT_FALSE(Common::isGrpcResponseHeaders(json_response_header, true)); EXPECT_FALSE(Common::isGrpcResponseHeaders(json_response_header, false)); } TEST(GrpcContextTest, ValidateResponse) { { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}}); response.trailers( Http::ResponseTrailerMapPtr{new Http::TestResponseTrailerMapImpl{{"grpc-status", "0"}}}); EXPECT_NO_THROW(Common::validateResponse(response)); } { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "503"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, "non-200 response code"); } { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}}); response.trailers( Http::ResponseTrailerMapPtr{new Http::TestResponseTrailerMapImpl{{"grpc-status", "100"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, "bad grpc-status trailer"); } { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}}); response.trailers( Http::ResponseTrailerMapPtr{new Http::TestResponseTrailerMapImpl{{"grpc-status", "4"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, ""); } { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{{":status", "200"}}}); response.trailers(Http::ResponseTrailerMapPtr{new Http::TestResponseTrailerMapImpl{ {"grpc-status", "4"}, {"grpc-message", "custom error"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, "custom error"); } { Http::ResponseMessageImpl response(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "200"}, {"grpc-status", "100"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, "bad grpc-status header"); } { Http::ResponseMessageImpl response(Http::ResponseHeaderMapPtr{ new Http::TestResponseHeaderMapImpl{{":status", "200"}, {"grpc-status", "4"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, ""); } { Http::ResponseMessageImpl response( Http::ResponseHeaderMapPtr{new Http::TestResponseHeaderMapImpl{ {":status", "200"}, {"grpc-status", "4"}, {"grpc-message", "custom error"}}}); EXPECT_THROW_WITH_MESSAGE(Common::validateResponse(response), Exception, "custom error"); } } // Ensure that the correct gPRC header is constructed for a Buffer::Instance. TEST(GrpcContextTest, PrependGrpcFrameHeader) { auto buffer = std::make_unique(); buffer->add("test", 4); std::array expected_header; expected_header[0] = 0; // flags const uint32_t nsize = htonl(4); std::memcpy(&expected_header[1], reinterpret_cast(&nsize), sizeof(uint32_t)); std::string header_string(&expected_header[0], 5); Common::prependGrpcFrameHeader(*buffer); EXPECT_EQ(buffer->toString(), header_string + "test"); } } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/context_impl_test.cc ================================================ #include "envoy/common/platform.h" #include "common/grpc/common.h" #include "common/grpc/context_impl.h" #include "common/http/headers.h" #include "common/http/message_impl.h" #include "common/http/utility.h" #include "common/stats/symbol_table_impl.h" #include "test/mocks/upstream/cluster_info.h" #include "test/test_common/global.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Grpc { TEST(GrpcContextTest, ChargeStats) { NiceMock cluster; Stats::TestSymbolTable symbol_table_; Stats::StatNamePool pool(*symbol_table_); const Stats::StatName service = pool.add("service"); const Stats::StatName method = pool.add("method"); Context::RequestStatNames request_names{service, method}; ContextImpl context(*symbol_table_); context.chargeStat(cluster, request_names, true); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.success").value()); EXPECT_EQ(0U, cluster.stats_store_.counter("grpc.service.method.failure").value()); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.total").value()); context.chargeStat(cluster, request_names, false); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.success").value()); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.failure").value()); EXPECT_EQ(2U, cluster.stats_store_.counter("grpc.service.method.total").value()); context.chargeRequestMessageStat(cluster, request_names, 3); context.chargeResponseMessageStat(cluster, request_names, 4); EXPECT_EQ(3U, cluster.stats_store_.counter("grpc.service.method.request_message_count").value()); EXPECT_EQ(4U, cluster.stats_store_.counter("grpc.service.method.response_message_count").value()); context.chargeRequestMessageStat(cluster, {}, 3); context.chargeResponseMessageStat(cluster, {}, 4); EXPECT_EQ(3U, cluster.stats_store_.counter("grpc.request_message_count").value()); EXPECT_EQ(4U, cluster.stats_store_.counter("grpc.response_message_count").value()); Http::TestResponseTrailerMapImpl trailers; trailers.setGrpcStatus("0"); const Http::HeaderEntry* status = trailers.GrpcStatus(); context.chargeStat(cluster, Context::Protocol::Grpc, request_names, status); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.0").value()); EXPECT_EQ(2U, cluster.stats_store_.counter("grpc.service.method.success").value()); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.failure").value()); EXPECT_EQ(3U, cluster.stats_store_.counter("grpc.service.method.total").value()); trailers.setGrpcStatus("1"); context.chargeStat(cluster, Context::Protocol::Grpc, request_names, status); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.0").value()); EXPECT_EQ(1U, cluster.stats_store_.counter("grpc.service.method.1").value()); EXPECT_EQ(2U, cluster.stats_store_.counter("grpc.service.method.success").value()); EXPECT_EQ(2U, cluster.stats_store_.counter("grpc.service.method.failure").value()); EXPECT_EQ(4U, cluster.stats_store_.counter("grpc.service.method.total").value()); } TEST(GrpcContextTest, ResolveServiceAndMethod) { std::string service; std::string method; Http::TestRequestHeaderMapImpl headers; headers.setPath("/service_name/method_name?a=b"); const Http::HeaderEntry* path = headers.Path(); Stats::TestSymbolTable symbol_table; ContextImpl context(*symbol_table); absl::optional request_names = context.resolveDynamicServiceAndMethod(path); EXPECT_TRUE(request_names); EXPECT_EQ("service_name", absl::get(request_names->service_)); EXPECT_EQ("method_name", absl::get(request_names->method_)); headers.setPath(""); EXPECT_FALSE(context.resolveDynamicServiceAndMethod(path)); headers.setPath("/"); EXPECT_FALSE(context.resolveDynamicServiceAndMethod(path)); headers.setPath("//"); EXPECT_FALSE(context.resolveDynamicServiceAndMethod(path)); headers.setPath("/service_name"); EXPECT_FALSE(context.resolveDynamicServiceAndMethod(path)); headers.setPath("/service_name/"); EXPECT_FALSE(context.resolveDynamicServiceAndMethod(path)); } } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/google_async_client_impl_test.cc ================================================ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" #include "common/api/api_impl.h" #include "common/event/dispatcher_impl.h" #include "common/grpc/google_async_client_impl.h" #include "common/stats/isolated_store_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/tracing/mocks.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Eq; using testing::NiceMock; using testing::Return; namespace Envoy { namespace Grpc { namespace { class MockGenericStub : public GoogleStub { public: MOCK_METHOD(grpc::GenericClientAsyncReaderWriter*, PrepareCall_, (grpc::ClientContext * context, const grpc::string& method, grpc::CompletionQueue* cq)); std::unique_ptr PrepareCall(grpc::ClientContext* context, const grpc::string& method, grpc::CompletionQueue* cq) override { return std::unique_ptr(PrepareCall_(context, method, cq)); } }; class MockStubFactory : public GoogleStubFactory { public: GoogleStubSharedPtr createStub(std::shared_ptr /*channel*/) override { return shared_stub_; } MockGenericStub* stub_ = new MockGenericStub(); GoogleStubSharedPtr shared_stub_{stub_}; }; class EnvoyGoogleAsyncClientImplTest : public testing::Test { public: EnvoyGoogleAsyncClientImplTest() : stats_store_(new Stats::IsolatedStoreImpl), api_(Api::createApiForTest(*stats_store_)), dispatcher_(api_->allocateDispatcher("test_thread")), scope_(stats_store_), method_descriptor_(helloworld::Greeter::descriptor()->FindMethodByName("SayHello")), stat_names_(scope_->symbolTable()) { auto* google_grpc = config_.mutable_google_grpc(); google_grpc->set_target_uri("fake_address"); google_grpc->set_stat_prefix("test_cluster"); tls_ = std::make_unique(*api_); } virtual void initialize() { grpc_client_ = std::make_unique(*dispatcher_, *tls_, stub_factory_, scope_, config_, *api_, stat_names_); } envoy::config::core::v3::GrpcService config_; DangerousDeprecatedTestTime test_time_; Stats::IsolatedStoreImpl* stats_store_; // Ownership transferred to scope_. Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; Stats::ScopeSharedPtr scope_; GoogleAsyncClientThreadLocalPtr tls_; MockStubFactory stub_factory_; const Protobuf::MethodDescriptor* method_descriptor_; StatNames stat_names_; AsyncClient grpc_client_; }; // Validate that a failure in gRPC stub call creation returns immediately with // status UNAVAILABLE. TEST_F(EnvoyGoogleAsyncClientImplTest, StreamHttpStartFail) { initialize(); EXPECT_CALL(*stub_factory_.stub_, PrepareCall_(_, _, _)).WillOnce(Return(nullptr)); MockAsyncStreamCallbacks grpc_callbacks; EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(_)); EXPECT_CALL(grpc_callbacks, onReceiveTrailingMetadata_(_)); EXPECT_CALL(grpc_callbacks, onRemoteClose(Status::WellKnownGrpcStatus::Unavailable, "")); auto grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::StreamOptions()); EXPECT_TRUE(grpc_stream == nullptr); } // Validate that a failure in gRPC stub call creation returns immediately with // status UNAVAILABLE. TEST_F(EnvoyGoogleAsyncClientImplTest, RequestHttpStartFail) { initialize(); EXPECT_CALL(*stub_factory_.stub_, PrepareCall_(_, _, _)).WillOnce(Return(nullptr)); MockAsyncRequestCallbacks grpc_callbacks; EXPECT_CALL(grpc_callbacks, onCreateInitialMetadata(_)); EXPECT_CALL(grpc_callbacks, onFailure(Status::WellKnownGrpcStatus::Unavailable, "", _)); helloworld::HelloRequest request_msg; Tracing::MockSpan active_span; Tracing::MockSpan* child_span{new Tracing::MockSpan()}; EXPECT_CALL(active_span, spawnChild_(_, "async test_cluster egress", _)) .WillOnce(Return(child_span)); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Component), Eq(Tracing::Tags::get().Proxy))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().UpstreamCluster), Eq("test_cluster"))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("14"))); EXPECT_CALL(*child_span, setTag(Eq(Tracing::Tags::get().Error), Eq(Tracing::Tags::get().True))); EXPECT_CALL(*child_span, finishSpan()); EXPECT_CALL(*child_span, injectContext(_)); auto* grpc_request = grpc_client_->send(*method_descriptor_, request_msg, grpc_callbacks, active_span, Http::AsyncClient::RequestOptions()); EXPECT_TRUE(grpc_request == nullptr); } class EnvoyGoogleLessMockedAsyncClientImplTest : public EnvoyGoogleAsyncClientImplTest { public: void initialize() override { grpc_client_ = std::make_unique(*dispatcher_, *tls_, real_stub_factory_, scope_, config_, *api_, stat_names_); } GoogleGenericStubFactory real_stub_factory_; }; TEST_F(EnvoyGoogleLessMockedAsyncClientImplTest, TestOverflow) { // Set an (unreasonably) low byte limit. auto* google_grpc = config_.mutable_google_grpc(); google_grpc->mutable_per_stream_buffer_limit_bytes()->set_value(1); initialize(); NiceMock> grpc_callbacks; AsyncStream grpc_stream = grpc_client_->start(*method_descriptor_, grpc_callbacks, Http::AsyncClient::RequestOptions()); EXPECT_FALSE(grpc_stream == nullptr); EXPECT_FALSE(grpc_stream->isAboveWriteBufferHighWatermark()); // With no data in the message, it won't back up. helloworld::HelloRequest request_msg; grpc_stream->sendMessage(request_msg, false); EXPECT_FALSE(grpc_stream->isAboveWriteBufferHighWatermark()); // With actual data we pass the very small byte limit. request_msg.set_name("bob"); grpc_stream->sendMessage(request_msg, false); EXPECT_TRUE(grpc_stream->isAboveWriteBufferHighWatermark()); } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/google_grpc_creds_test.cc ================================================ #include #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/grpc/google_grpc_creds_impl.h" #include "test/common/grpc/utility.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Grpc { namespace { // In general, below, we force execution of all paths, but because the // underlying grpc::{CallCredentials,ChannelCredentials} don't have any real way // of getting at the underlying state, we can at best just make sure we don't // crash, compare with nullptr and/or look at vector lengths. class CredsUtilityTest : public testing::Test { public: CredsUtilityTest() : api_(Api::createApiForTest()) {} Api::ApiPtr api_; }; TEST_F(CredsUtilityTest, GetChannelCredentials) { EXPECT_EQ(nullptr, CredsUtility::getChannelCredentials({}, *api_)); envoy::config::core::v3::GrpcService::GoogleGrpc config; auto* creds = config.mutable_channel_credentials(); EXPECT_EQ(nullptr, CredsUtility::getChannelCredentials(config, *api_)); creds->mutable_ssl_credentials(); EXPECT_NE(nullptr, CredsUtility::getChannelCredentials(config, *api_)); creds->mutable_local_credentials(); EXPECT_NE(nullptr, CredsUtility::getChannelCredentials(config, *api_)); const std::string var_name = "GOOGLE_APPLICATION_CREDENTIALS"; EXPECT_EQ(nullptr, ::getenv(var_name.c_str())); const std::string creds_path = TestEnvironment::runfilesPath("test/common/grpc/service_key.json"); TestEnvironment::setEnvVar(var_name, creds_path, 0); creds->mutable_google_default(); EXPECT_NE(nullptr, CredsUtility::getChannelCredentials(config, *api_)); TestEnvironment::unsetEnvVar(var_name); } TEST_F(CredsUtilityTest, DefaultSslChannelCredentials) { EXPECT_NE(nullptr, CredsUtility::defaultSslChannelCredentials({}, *api_)); envoy::config::core::v3::GrpcService config; auto* creds = config.mutable_google_grpc()->mutable_channel_credentials(); EXPECT_NE(nullptr, CredsUtility::defaultSslChannelCredentials(config, *api_)); creds->mutable_ssl_credentials(); EXPECT_NE(nullptr, CredsUtility::defaultSslChannelCredentials(config, *api_)); } TEST_F(CredsUtilityTest, CallCredentials) { EXPECT_TRUE(CredsUtility::callCredentials({}).empty()); { // Invalid refresh token doesn't crash and gets elided. envoy::config::core::v3::GrpcService::GoogleGrpc config; config.add_call_credentials()->set_google_refresh_token("invalid"); EXPECT_TRUE(CredsUtility::callCredentials(config).empty()); } { // Singleton access token succeeds. envoy::config::core::v3::GrpcService::GoogleGrpc config; config.add_call_credentials()->set_access_token("foo"); EXPECT_EQ(1, CredsUtility::callCredentials(config).size()); } { // Multiple call credentials. envoy::config::core::v3::GrpcService::GoogleGrpc config; config.add_call_credentials()->set_access_token("foo"); config.add_call_credentials()->mutable_google_compute_engine(); EXPECT_EQ(2, CredsUtility::callCredentials(config).size()); } // The full set of call credentials are evaluated below in // CredsUtility.DefaultChannelCredentials. } TEST_F(CredsUtilityTest, DefaultChannelCredentials) { { EXPECT_NE(nullptr, CredsUtility::defaultChannelCredentials({}, *api_)); } { envoy::config::core::v3::GrpcService config; TestUtility::setTestSslGoogleGrpcConfig(config, true); EXPECT_NE(nullptr, CredsUtility::defaultChannelCredentials(config, *api_)); } { envoy::config::core::v3::GrpcService config; TestUtility::setTestSslGoogleGrpcConfig(config, true); auto* google_grpc = config.mutable_google_grpc(); google_grpc->add_call_credentials()->set_access_token("foo"); google_grpc->add_call_credentials()->mutable_google_compute_engine(); google_grpc->add_call_credentials()->set_google_refresh_token(R"EOF( { "client_id": "123", "client_secret": "foo", "refresh_token": "bar", "type": "authorized_user" } )EOF"); { auto* service_account_jwt_access = google_grpc->add_call_credentials()->mutable_service_account_jwt_access(); service_account_jwt_access->set_json_key(R"EOF( { "private_key": "foo", "private_key_id": "bar", "client_id": "123", "client_email": "foo@bar", "type": "service_account" } )EOF"); service_account_jwt_access->set_token_lifetime_seconds(123); } { auto* google_iam = google_grpc->add_call_credentials()->mutable_google_iam(); google_iam->set_authorization_token("foo"); google_iam->set_authority_selector("bar"); } // Should be ignored.. google_grpc->add_call_credentials()->mutable_from_plugin()->set_name("foo"); EXPECT_NE(nullptr, CredsUtility::defaultChannelCredentials(config, *api_)); } { envoy::config::core::v3::GrpcService config; TestUtility::setTestSslGoogleGrpcConfig(config, true); auto* sts_service = config.mutable_google_grpc()->add_call_credentials()->mutable_sts_service(); sts_service->set_token_exchange_service_uri("http://tokenexchangeservice.com"); sts_service->set_subject_token_path("/var/run/example_token"); sts_service->set_subject_token_type("urn:ietf:params:oauth:token-type:access_token"); EXPECT_NE(nullptr, CredsUtility::defaultChannelCredentials(config, *api_)); } } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/google_grpc_utils_test.cc ================================================ #include "envoy/common/platform.h" #include "common/grpc/google_grpc_utils.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" using testing::HasSubstr; using testing::Pair; using testing::UnorderedElementsAre; namespace Envoy { namespace Grpc { namespace { TEST(GoogleGrpcUtilsTest, MakeBufferInstanceEmpty) { grpc::ByteBuffer byte_buffer; GoogleGrpcUtils::makeBufferInstance(byte_buffer); } TEST(GoogleGrpcUtilsTest, MakeByteBufferEmpty) { auto buffer = std::make_unique(); GoogleGrpcUtils::makeByteBuffer(std::move(buffer)); buffer = nullptr; GoogleGrpcUtils::makeByteBuffer(std::move(buffer)); } TEST(GoogleGrpcUtilsTest, MakeBufferInstance1) { grpc::Slice slice("test"); grpc::ByteBuffer byte_buffer(&slice, 1); auto buffer_instance = GoogleGrpcUtils::makeBufferInstance(byte_buffer); EXPECT_EQ(buffer_instance->toString(), "test"); } // Test building a Buffer::Instance from 3 grpc::Slice(s). TEST(GoogleGrpcUtilsTest, MakeBufferInstance3) { std::array slices = { {grpc::string("test"), grpc::string(" "), grpc::string("this")}}; grpc::ByteBuffer byte_buffer(&slices[0], 3); auto buffer_instance = GoogleGrpcUtils::makeBufferInstance(byte_buffer); EXPECT_EQ(buffer_instance->toString(), "test this"); } TEST(GoogleGrpcUtilsTest, MakeByteBuffer1) { auto buffer = std::make_unique(); buffer->add("test", 4); auto byte_buffer = GoogleGrpcUtils::makeByteBuffer(std::move(buffer)); std::vector slices; RELEASE_ASSERT(byte_buffer.Dump(&slices).ok(), ""); std::string str; for (auto& s : slices) { str.append(std::string(reinterpret_cast(s.begin()), s.size())); } EXPECT_EQ(str, "test"); } // Test building a grpc::ByteBuffer from a Buffer::Instance with 3 slices. TEST(GoogleGrpcUtilsTest, MakeByteBuffer3) { auto buffer = std::make_unique(); Buffer::BufferFragmentImpl f1("test", 4, nullptr); buffer->addBufferFragment(f1); Buffer::BufferFragmentImpl f2(" ", 1, nullptr); buffer->addBufferFragment(f2); Buffer::BufferFragmentImpl f3("this", 4, nullptr); buffer->addBufferFragment(f3); auto byte_buffer = GoogleGrpcUtils::makeByteBuffer(std::move(buffer)); std::vector slices; RELEASE_ASSERT(byte_buffer.Dump(&slices).ok(), ""); std::string str; for (auto& s : slices) { str.append(std::string(reinterpret_cast(s.begin()), s.size())); } EXPECT_EQ(str, "test this"); } // Test building a Buffer::Instance from a grpc::ByteBuffer from a Buffer::Instance with 3 slices. TEST(GoogleGrpcUtilsTest, ByteBufferInstanceRoundTrip) { std::array slices = { {grpc::string("test"), grpc::string(" "), grpc::string("this")}}; grpc::ByteBuffer byte_buffer(&slices[0], 3); auto buffer_instance1 = GoogleGrpcUtils::makeBufferInstance(byte_buffer); auto byte_buffer2 = GoogleGrpcUtils::makeByteBuffer(std::move(buffer_instance1)); auto buffer_instance2 = GoogleGrpcUtils::makeBufferInstance(byte_buffer2); EXPECT_EQ(buffer_instance2->toString(), "test this"); } // Validate that we build the grpc::ChannelArguments as expected. TEST(GoogleGrpcUtilsTest, ChannelArgsFromConfig) { const auto config = TestUtility::parseYaml(R"EOF( google_grpc: channel_args: args: grpc.http2.max_pings_without_data: { int_value: 3 } grpc.default_authority: { string_value: foo } grpc.http2.max_ping_strikes: { int_value: 5 } grpc.ssl_target_name_override: { string_value: bar } )EOF"); const grpc::ChannelArguments channel_args = GoogleGrpcUtils::channelArgsFromConfig(config); grpc_channel_args effective_args = channel_args.c_channel_args(); absl::node_hash_map string_args; absl::node_hash_map int_args; for (uint32_t n = 0; n < effective_args.num_args; ++n) { const grpc_arg arg = effective_args.args[n]; ASSERT_TRUE(arg.type == GRPC_ARG_STRING || arg.type == GRPC_ARG_INTEGER); if (arg.type == GRPC_ARG_STRING) { string_args[arg.key] = arg.value.string; } else if (arg.type == GRPC_ARG_INTEGER) { int_args[arg.key] = arg.value.integer; } } EXPECT_THAT(string_args, UnorderedElementsAre(Pair("grpc.ssl_target_name_override", "bar"), Pair("grpc.primary_user_agent", HasSubstr("grpc-c++/")), Pair("grpc.default_authority", "foo"))); EXPECT_THAT(int_args, UnorderedElementsAre(Pair("grpc.http2.max_ping_strikes", 5), Pair("grpc.http2.max_pings_without_data", 3))); } } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/grpc_client_integration.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/common/assert.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Grpc { // Support parameterizing over gRPC client type. enum class ClientType { EnvoyGrpc, GoogleGrpc }; // Support parameterizing over state-of-the-world xDS vs delta xDS. enum class SotwOrDelta { Sotw, Delta }; class BaseGrpcClientIntegrationParamTest { public: virtual ~BaseGrpcClientIntegrationParamTest() = default; virtual Network::Address::IpVersion ipVersion() const PURE; virtual ClientType clientType() const PURE; void setGrpcService(envoy::config::core::v3::GrpcService& grpc_service, const std::string& cluster_name, Network::Address::InstanceConstSharedPtr address) { // Set a 5 minute timeout to avoid flakes. If this causes a real test timeout the test is // broken and/or should be using simulated time. grpc_service.mutable_timeout()->CopyFrom(Protobuf::util::TimeUtil::SecondsToDuration(300)); switch (clientType()) { case ClientType::EnvoyGrpc: grpc_service.mutable_envoy_grpc()->set_cluster_name(cluster_name); break; case ClientType::GoogleGrpc: { auto* google_grpc = grpc_service.mutable_google_grpc(); google_grpc->set_target_uri(address->asString()); google_grpc->set_stat_prefix(cluster_name); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } }; class GrpcClientIntegrationParamTest : public BaseGrpcClientIntegrationParamTest, public testing::TestWithParam> { public: static std::string protocolTestParamsToString( const ::testing::TestParamInfo>& p) { return fmt::format("{}_{}", std::get<0>(p.param) == Network::Address::IpVersion::v4 ? "IPv4" : "IPv6", std::get<1>(p.param) == ClientType::GoogleGrpc ? "GoogleGrpc" : "EnvoyGrpc"); } Network::Address::IpVersion ipVersion() const override { return std::get<0>(GetParam()); } ClientType clientType() const override { return std::get<1>(GetParam()); } }; class VersionedGrpcClientIntegrationParamTest : public BaseGrpcClientIntegrationParamTest, public testing::TestWithParam> { public: static std::string protocolTestParamsToString( const ::testing::TestParamInfo>& p) { return fmt::format("{}_{}_{}", std::get<0>(p.param) == Network::Address::IpVersion::v4 ? "IPv4" : "IPv6", std::get<1>(p.param) == ClientType::GoogleGrpc ? "GoogleGrpc" : "EnvoyGrpc", std::get<2>(p.param) == envoy::config::core::v3::ApiVersion::V3 ? "V3" : envoy::config::core::v3::ApiVersion::V2 ? "V2" : "AUTO"); } Network::Address::IpVersion ipVersion() const override { return std::get<0>(GetParam()); } ClientType clientType() const override { return std::get<1>(GetParam()); } envoy::config::core::v3::ApiVersion apiVersion() const { return std::get<2>(GetParam()); } }; class DeltaSotwIntegrationParamTest : public BaseGrpcClientIntegrationParamTest, public testing::TestWithParam< std::tuple> { public: ~DeltaSotwIntegrationParamTest() override = default; static std::string protocolTestParamsToString(const ::testing::TestParamInfo< std::tuple>& p) { return fmt::format("{}_{}_{}", std::get<0>(p.param) == Network::Address::IpVersion::v4 ? "IPv4" : "IPv6", std::get<1>(p.param) == ClientType::GoogleGrpc ? "GoogleGrpc" : "EnvoyGrpc", std::get<2>(p.param) == SotwOrDelta::Delta ? "Delta" : "StateOfTheWorld"); } Network::Address::IpVersion ipVersion() const override { return std::get<0>(GetParam()); } ClientType clientType() const override { return std::get<1>(GetParam()); } SotwOrDelta sotwOrDelta() const { return std::get<2>(GetParam()); } }; // Skip tests based on gRPC client type. #define SKIP_IF_GRPC_CLIENT(client_type) \ if (clientType() == (client_type)) { \ return; \ } // Skip tests based on xDS delta vs state-of-the-world. #define SKIP_IF_XDS_IS(xds) \ if (sotwOrDelta() == (xds)) { \ return; \ } #ifdef ENVOY_GOOGLE_GRPC #define GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc, Grpc::ClientType::GoogleGrpc)) #define VERSIONED_GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc, Grpc::ClientType::GoogleGrpc), \ testing::Values(envoy::config::core::v3::ApiVersion::V3, \ envoy::config::core::v3::ApiVersion::V2, \ envoy::config::core::v3::ApiVersion::AUTO)) #define DELTA_SOTW_GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc, Grpc::ClientType::GoogleGrpc), \ testing::Values(Grpc::SotwOrDelta::Sotw, Grpc::SotwOrDelta::Delta)) #else #define GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc)) #define VERSIONED_GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc), \ testing::Values(envoy::config::core::v3::ApiVersion::V3, \ envoy::config::core::v3::ApiVersion::V2, \ envoy::config::core::v3::ApiVersion::AUTO)) #define DELTA_SOTW_GRPC_CLIENT_INTEGRATION_PARAMS \ testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), \ testing::Values(Grpc::ClientType::EnvoyGrpc), \ testing::Values(Grpc::SotwOrDelta::Sotw, Grpc::SotwOrDelta::Delta)) #endif // ENVOY_GOOGLE_GRPC } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/grpc_client_integration_test.cc ================================================ #ifdef ENVOY_GOOGLE_GRPC #include "envoy/config/core/v3/grpc_service.pb.h" #include "common/grpc/google_async_client_impl.h" #include "extensions/grpc_credentials/well_known_names.h" #endif #include "test/common/grpc/grpc_client_integration_test_harness.h" using testing::Eq; namespace Envoy { namespace Grpc { namespace { // Parameterize the loopback test server socket address and gRPC client type. INSTANTIATE_TEST_SUITE_P(IpVersionsClientType, GrpcClientIntegrationTest, GRPC_CLIENT_INTEGRATION_PARAMS, GrpcClientIntegrationParamTest::protocolTestParamsToString); // Validate that a simple request-reply stream works. TEST_P(GrpcClientIntegrationTest, BasicStream) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that a client destruction with open streams cleans up appropriately. TEST_P(GrpcClientIntegrationTest, ClientDestruct) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); grpc_client_.reset(); } // Validate that a simple request-reply unary RPC works. TEST_P(GrpcClientIntegrationTest, BasicRequest) { initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that multiple streams work. TEST_P(GrpcClientIntegrationTest, MultiStream) { initialize(); auto stream_0 = createStream(empty_metadata_); auto stream_1 = createStream(empty_metadata_); stream_0->sendRequest(); stream_1->sendRequest(); stream_0->sendServerInitialMetadata(empty_metadata_); stream_0->sendReply(); stream_1->sendServerTrailers(Status::WellKnownGrpcStatus::Unavailable, "", empty_metadata_, true); stream_0->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that multiple request-reply unary RPCs works. TEST_P(GrpcClientIntegrationTest, MultiRequest) { initialize(); auto request_0 = createRequest(empty_metadata_); auto request_1 = createRequest(empty_metadata_); request_1->sendReply(); request_0->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that a non-200 HTTP status results in the expected gRPC error. TEST_P(GrpcClientIntegrationTest, HttpNon200Status) { initialize(); for (const auto http_response_status : {400, 401, 403, 404, 429, 431}) { auto stream = createStream(empty_metadata_); const Http::TestResponseHeaderMapImpl reply_headers{ {":status", std::to_string(http_response_status)}}; stream->expectInitialMetadata(empty_metadata_); stream->expectTrailingMetadata(empty_metadata_); // Technically this should be // https://github.com/grpc/grpc/blob/master/doc/http-grpc-status-mapping.md // as given by Grpc::Utility::httpToGrpcStatus(), but the Google gRPC client treats // this as WellKnownGrpcStatus::Canceled. stream->expectGrpcStatus(Status::WellKnownGrpcStatus::Canceled); stream->fake_stream_->encodeHeaders(reply_headers, true); dispatcher_helper_.runDispatcher(); } } // Validate that a non-200 HTTP status results in fallback to grpc-status. TEST_P(GrpcClientIntegrationTest, GrpcStatusFallback) { initialize(); auto stream = createStream(empty_metadata_); const Http::TestResponseHeaderMapImpl reply_headers{ {":status", "404"}, {"grpc-status", std::to_string(enumToInt(Status::WellKnownGrpcStatus::PermissionDenied))}, {"grpc-message", "error message"}}; stream->expectInitialMetadata(empty_metadata_); stream->expectTrailingMetadata(empty_metadata_); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::PermissionDenied); stream->fake_stream_->encodeHeaders(reply_headers, true); dispatcher_helper_.runDispatcher(); } // Validate that a HTTP-level reset is handled as an INTERNAL gRPC error. TEST_P(GrpcClientIntegrationTest, HttpReset) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); dispatcher_helper_.runDispatcher(); stream->expectTrailingMetadata(empty_metadata_); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::Internal); stream->fake_stream_->encodeResetStream(); dispatcher_helper_.runDispatcher(); } // Validate that a reply with bad gRPC framing (compressed frames with Envoy // client) is handled as an INTERNAL gRPC error. TEST_P(GrpcClientIntegrationTest, BadReplyGrpcFraming) { initialize(); // Only testing behavior of Envoy client, since Google client handles // compressed frames. SKIP_IF_GRPC_CLIENT(ClientType::GoogleGrpc); auto stream = createStream(empty_metadata_); stream->sendRequest(); stream->sendServerInitialMetadata(empty_metadata_); stream->expectTrailingMetadata(empty_metadata_); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::Internal); Buffer::OwnedImpl reply_buffer("\xde\xad\xbe\xef\x00", 5); stream->fake_stream_->encodeData(reply_buffer, true); dispatcher_helper_.runDispatcher(); } // Validate that custom channel args can be set on the Google gRPC client. // TEST_P(GrpcClientIntegrationTest, CustomChannelArgs) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); channel_args_.emplace_back("grpc.primary_user_agent", "test_agent"); initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); EXPECT_THAT(stream_headers_->get_("user-agent"), testing::HasSubstr("test_agent")); } // Validate that a reply with bad protobuf is handled as an INTERNAL gRPC error. TEST_P(GrpcClientIntegrationTest, BadReplyProtobuf) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); stream->sendServerInitialMetadata(empty_metadata_); stream->expectTrailingMetadata(empty_metadata_); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::Internal); Buffer::OwnedImpl reply_buffer("\x00\x00\x00\x00\x02\xff\xff", 7); stream->fake_stream_->encodeData(reply_buffer, true); dispatcher_helper_.runDispatcher(); } // Validate that a reply with bad protobuf is handled as an INTERNAL gRPC error. TEST_P(GrpcClientIntegrationTest, BadRequestReplyProtobuf) { initialize(); auto request = createRequest(empty_metadata_); request->fake_stream_->startGrpcStream(); EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("0"))); EXPECT_CALL(*request, onFailure(Status::Internal, "", _)).WillExitIfNeeded(); EXPECT_CALL(*request->child_span_, finishSpan()); dispatcher_helper_.setStreamEventPending(); Buffer::OwnedImpl reply_buffer("\x00\x00\x00\x00\x02\xff\xff", 7); Common::prependGrpcFrameHeader(reply_buffer); request->fake_stream_->encodeData(reply_buffer, false); request->fake_stream_->finishGrpcStream(Grpc::Status::Ok); dispatcher_helper_.runDispatcher(); } // Validate that an out-of-range gRPC status is handled as an INVALID_CODE gRPC // error. TEST_P(GrpcClientIntegrationTest, OutOfRangeGrpcStatus) { initialize(); // TODO(htuch): there is an UBSAN issue with Google gRPC client library // handling of out-of-range status codes, see // https://circleci.com/gh/envoyproxy/envoy/20234?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link // Need to fix this issue upstream first. SKIP_IF_GRPC_CLIENT(ClientType::GoogleGrpc); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); EXPECT_CALL(*stream, onReceiveTrailingMetadata_(_)).WillExitIfNeeded(); dispatcher_helper_.setStreamEventPending(); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::InvalidCode); const Http::TestResponseTrailerMapImpl reply_trailers{{"grpc-status", std::to_string(0x1337)}}; stream->fake_stream_->encodeTrailers(reply_trailers); dispatcher_helper_.runDispatcher(); } // Validate that a missing gRPC status is handled as an UNKNOWN gRPC error. TEST_P(GrpcClientIntegrationTest, MissingGrpcStatus) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); EXPECT_CALL(*stream, onReceiveTrailingMetadata_(_)).WillExitIfNeeded(); dispatcher_helper_.setStreamEventPending(); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::Unknown); const Http::TestResponseTrailerMapImpl reply_trailers{{"some", "other header"}}; stream->fake_stream_->encodeTrailers(reply_trailers); dispatcher_helper_.runDispatcher(); } // Validate that a reply terminated without trailers is handled as a gRPC error. TEST_P(GrpcClientIntegrationTest, ReplyNoTrailers) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); stream->sendServerInitialMetadata(empty_metadata_); helloworld::HelloReply reply; reply.set_message(HELLO_REPLY); EXPECT_CALL(*stream, onReceiveMessage_(HelloworldReplyEq(HELLO_REPLY))).WillExitIfNeeded(); dispatcher_helper_.setStreamEventPending(); stream->expectTrailingMetadata(empty_metadata_); stream->expectGrpcStatus(Status::WellKnownGrpcStatus::InvalidCode); auto serialized_response = Grpc::Common::serializeToGrpcFrame(reply); stream->fake_stream_->encodeData(*serialized_response, true); stream->fake_stream_->encodeResetStream(); dispatcher_helper_.runDispatcher(); } // Validate that sending client initial metadata works. TEST_P(GrpcClientIntegrationTest, StreamClientInitialMetadata) { initialize(); const TestMetadata initial_metadata = { {Http::LowerCaseString("foo"), "bar"}, {Http::LowerCaseString("baz"), "blah"}, }; auto stream = createStream(initial_metadata); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_, true); dispatcher_helper_.runDispatcher(); } // Validate that sending client initial metadata works. TEST_P(GrpcClientIntegrationTest, RequestClientInitialMetadata) { initialize(); const TestMetadata initial_metadata = { {Http::LowerCaseString("foo"), "bar"}, {Http::LowerCaseString("baz"), "blah"}, }; auto request = createRequest(initial_metadata); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that setting service-wide client initial metadata works. TEST_P(GrpcClientIntegrationTest, RequestServiceWideInitialMetadata) { service_wide_initial_metadata_.emplace_back(Http::LowerCaseString("foo"), "bar"); service_wide_initial_metadata_.emplace_back(Http::LowerCaseString("baz"), "blah"); initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that receiving server initial metadata works. TEST_P(GrpcClientIntegrationTest, ServerInitialMetadata) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); const TestMetadata initial_metadata = { {Http::LowerCaseString("foo"), "bar"}, {Http::LowerCaseString("baz"), "blah"}, {Http::LowerCaseString("binary-bin"), "help"}, }; stream->sendServerInitialMetadata(initial_metadata); stream->sendReply(); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that receiving server trailing metadata works. TEST_P(GrpcClientIntegrationTest, ServerTrailingMetadata) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); const TestMetadata trailing_metadata = { {Http::LowerCaseString("foo"), "bar"}, {Http::LowerCaseString("baz"), "blah"}, }; stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", trailing_metadata); dispatcher_helper_.runDispatcher(); } // Validate that a trailers-only response is handled for streams. TEST_P(GrpcClientIntegrationTest, StreamTrailersOnly) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_, true); dispatcher_helper_.runDispatcher(); } // Validate that a trailers-only response is handled for requests, where it is // an error. TEST_P(GrpcClientIntegrationTest, RequestTrailersOnly) { initialize(); auto request = createRequest(empty_metadata_); const Http::TestResponseTrailerMapImpl reply_headers{{":status", "200"}, {"grpc-status", "0"}}; EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("0"))); EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().Error), Eq(Tracing::Tags::get().True))); EXPECT_CALL(*request, onFailure(Status::Internal, "", _)).WillExitIfNeeded(); dispatcher_helper_.setStreamEventPending(); EXPECT_CALL(*request->child_span_, finishSpan()); request->fake_stream_->encodeTrailers(reply_headers); dispatcher_helper_.runDispatcher(); } // Validate that a trailers RESOURCE_EXHAUSTED reply is handled. TEST_P(GrpcClientIntegrationTest, ResourceExhaustedError) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); dispatcher_helper_.runDispatcher(); stream->sendServerTrailers(Status::WellKnownGrpcStatus::ResourceExhausted, "error message", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that a trailers Unauthenticated reply is handled. TEST_P(GrpcClientIntegrationTest, UnauthenticatedError) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Unauthenticated, "error message", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that a trailers reply is still handled even if a grpc status code larger than // MaximumKnown, is handled. TEST_P(GrpcClientIntegrationTest, MaximumKnownPlusOne) { initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendServerTrailers( static_cast(Status::WellKnownGrpcStatus::MaximumKnown + 1), "error message", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that we can continue to receive after a local close. TEST_P(GrpcClientIntegrationTest, ReceiveAfterLocalClose) { initialize(); auto stream = createStream(empty_metadata_); stream->sendRequest(true); stream->sendServerInitialMetadata(empty_metadata_); stream->sendReply(); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that reset() doesn't explode on a half-closed stream (local). TEST_P(GrpcClientIntegrationTest, ResetAfterCloseLocal) { initialize(); auto stream = createStream(empty_metadata_); stream->grpc_stream_->closeStream(); ASSERT_TRUE(stream->fake_stream_->waitForEndStream(dispatcher_helper_.dispatcher_)); stream->grpc_stream_->resetStream(); dispatcher_helper_.dispatcher_.run(Event::Dispatcher::RunType::NonBlock); ASSERT_TRUE(stream->fake_stream_->waitForReset()); } // Validate that request cancel() works. TEST_P(GrpcClientIntegrationTest, CancelRequest) { initialize(); auto request = createRequest(empty_metadata_); EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().Status), Eq(Tracing::Tags::get().Canceled))); EXPECT_CALL(*request->child_span_, finishSpan()); request->grpc_request_->cancel(); dispatcher_helper_.dispatcher_.run(Event::Dispatcher::RunType::NonBlock); ASSERT_TRUE(request->fake_stream_->waitForReset()); } // Parameterize the loopback test server socket address and gRPC client type. INSTANTIATE_TEST_SUITE_P(SslIpVersionsClientType, GrpcSslClientIntegrationTest, GRPC_CLIENT_INTEGRATION_PARAMS, GrpcClientIntegrationParamTest::protocolTestParamsToString); // Validate that a simple request-reply unary RPC works with SSL. TEST_P(GrpcSslClientIntegrationTest, BasicSslRequest) { initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that a simple request-reply unary RPC works with SSL + client certs. TEST_P(GrpcSslClientIntegrationTest, BasicSslRequestWithClientCert) { use_client_cert_ = true; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } #ifdef ENVOY_GOOGLE_GRPC // AccessToken credential validation tests. class GrpcAccessTokenClientIntegrationTest : public GrpcSslClientIntegrationTest { public: void expectExtraHeaders(FakeStream& fake_stream) override { AssertionResult result = fake_stream.waitForHeadersComplete(); RELEASE_ASSERT(result, result.message()); std::vector auth_headers; Http::HeaderUtility::getAllOfHeader(fake_stream.headers(), "authorization", auth_headers); if (!access_token_value_.empty()) { EXPECT_EQ("Bearer " + access_token_value_, auth_headers[0]); } if (!access_token_value_2_.empty()) { EXPECT_EQ("Bearer " + access_token_value_2_, auth_headers[1]); } } envoy::config::core::v3::GrpcService createGoogleGrpcConfig() override { auto config = GrpcClientIntegrationTest::createGoogleGrpcConfig(); auto* google_grpc = config.mutable_google_grpc(); google_grpc->set_credentials_factory_name(credentials_factory_name_); auto* ssl_creds = google_grpc->mutable_channel_credentials()->mutable_ssl_credentials(); ssl_creds->mutable_root_certs()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/upstreamcacert.pem")); google_grpc->add_call_credentials()->set_access_token(access_token_value_); if (!access_token_value_2_.empty()) { google_grpc->add_call_credentials()->set_access_token(access_token_value_2_); } if (!refresh_token_value_.empty()) { google_grpc->add_call_credentials()->set_google_refresh_token(refresh_token_value_); } return config; } std::string access_token_value_{}; std::string access_token_value_2_{}; std::string refresh_token_value_{}; std::string credentials_factory_name_{}; }; // Parameterize the loopback test server socket address and gRPC client type. INSTANTIATE_TEST_SUITE_P(SslIpVersionsClientType, GrpcAccessTokenClientIntegrationTest, GRPC_CLIENT_INTEGRATION_PARAMS, GrpcClientIntegrationParamTest::protocolTestParamsToString); // Validate that a simple request-reply unary RPC works with AccessToken auth. TEST_P(GrpcAccessTokenClientIntegrationTest, AccessTokenAuthRequest) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that a simple request-reply stream RPC works with AccessToken auth.. TEST_P(GrpcAccessTokenClientIntegrationTest, AccessTokenAuthStream) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); stream->sendRequest(); stream->sendReply(); stream->sendServerTrailers(Status::WellKnownGrpcStatus::Ok, "", empty_metadata_); dispatcher_helper_.runDispatcher(); } // Validate that multiple access tokens are accepted TEST_P(GrpcAccessTokenClientIntegrationTest, MultipleAccessTokens) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; access_token_value_2_ = "accesstokenvalue2"; credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that extra params are accepted TEST_P(GrpcAccessTokenClientIntegrationTest, ExtraCredentialParams) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; refresh_token_value_ = "refreshtokenvalue"; credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that no access token still works TEST_P(GrpcAccessTokenClientIntegrationTest, NoAccessTokens) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); dispatcher_helper_.runDispatcher(); } // Validate that an unknown credentials factory name throws an EnvoyException TEST_P(GrpcAccessTokenClientIntegrationTest, InvalidCredentialFactory) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); credentials_factory_name_ = "unknown"; EXPECT_THROW_WITH_MESSAGE(initialize(), EnvoyException, "Unknown google grpc credentials factory: unknown"); } #endif } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/grpc_client_integration_test_harness.h ================================================ #pragma once #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/stats/scope.h" #include "common/api/api_impl.h" #include "common/event/dispatcher_impl.h" #include "common/grpc/async_client_impl.h" #include "common/grpc/context_impl.h" #include "common/http/context_impl.h" #ifdef ENVOY_GOOGLE_GRPC #include "common/grpc/google_async_client_impl.h" #endif #include "common/http/async_client_impl.h" #include "common/http/codes.h" #include "common/http/http2/conn_pool.h" #include "common/stats/symbol_table_impl.h" #include "common/network/connection_impl.h" #include "common/network/raw_buffer_socket.h" #include "extensions/transport_sockets/tls/context_config_impl.h" #include "extensions/transport_sockets/tls/ssl_socket.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/common/grpc/utility.h" #include "test/integration/fake_upstream.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/server/transport_socket_factory_context.h" #include "test/mocks/tracing/mocks.h" #include "test/mocks/upstream/host.h" #include "test/mocks/upstream/cluster_info.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/mocks/upstream/thread_local_cluster.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/environment.h" #include "test/test_common/global.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" using testing::_; using testing::Eq; using testing::Invoke; using testing::InvokeWithoutArgs; using testing::NiceMock; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Grpc { namespace { const char HELLO_REQUEST[] = "ABC"; const char HELLO_REPLY[] = "DEFG"; MATCHER_P(HelloworldReplyEq, rhs, "") { return arg.message() == rhs; } using TestMetadata = std::vector>; // Use in EXPECT_CALL(foo, bar(_)).WillExitIfNeeded() to exit dispatcher loop if // there are no longer any pending events in DispatcherHelper. #define WillExitIfNeeded() \ WillOnce(InvokeWithoutArgs([this] { dispatcher_helper_.exitDispatcherIfNeeded(); })) // Utility to assist with keeping track of pending gmock expected events when // deferring execution to the dispatcher. The dispatcher can be run using this // helper until all pending events are completed. class DispatcherHelper { public: DispatcherHelper(Event::Dispatcher& dispatcher) : dispatcher_(dispatcher) {} void exitDispatcherIfNeeded() { ENVOY_LOG_MISC(debug, "Checking exit with {} events pending", pending_stream_events_); ASSERT(pending_stream_events_ > 0); if (--pending_stream_events_ == 0) { dispatcher_.exit(); } } void runDispatcher() { ENVOY_LOG_MISC(debug, "Run dispatcher with {} events pending", pending_stream_events_); if (pending_stream_events_ > 0) { dispatcher_.run(Event::Dispatcher::RunType::Block); } } void setStreamEventPending() { ++pending_stream_events_; ENVOY_LOG_MISC(debug, "Set event pending, now {} events pending", pending_stream_events_); } uint32_t pending_stream_events_{}; Event::Dispatcher& dispatcher_; }; // Stream related test utilities. class HelloworldStream : public MockAsyncStreamCallbacks { public: HelloworldStream(DispatcherHelper& dispatcher_helper) : dispatcher_helper_(dispatcher_helper) {} void sendRequest(bool end_stream = false) { helloworld::HelloRequest request_msg; request_msg.set_name(HELLO_REQUEST); grpc_stream_->sendMessage(request_msg, end_stream); helloworld::HelloRequest received_msg; AssertionResult result = fake_stream_->waitForGrpcMessage(dispatcher_helper_.dispatcher_, received_msg); RELEASE_ASSERT(result, result.message()); EXPECT_THAT(request_msg, ProtoEq(received_msg)); } void expectInitialMetadata(const TestMetadata& metadata) { EXPECT_CALL(*this, onReceiveInitialMetadata_(_)) .WillOnce(Invoke([this, &metadata](const Http::HeaderMap& received_headers) { Http::TestResponseHeaderMapImpl stream_headers(received_headers); for (const auto& value : metadata) { EXPECT_EQ(value.second, stream_headers.get_(value.first)); } dispatcher_helper_.exitDispatcherIfNeeded(); })); dispatcher_helper_.setStreamEventPending(); } void expectTrailingMetadata(const TestMetadata& metadata) { EXPECT_CALL(*this, onReceiveTrailingMetadata_(_)) .WillOnce(Invoke([this, &metadata](const Http::HeaderMap& received_headers) { Http::TestResponseTrailerMapImpl stream_headers(received_headers); for (auto& value : metadata) { EXPECT_EQ(value.second, stream_headers.get_(value.first)); } dispatcher_helper_.exitDispatcherIfNeeded(); })); dispatcher_helper_.setStreamEventPending(); } void sendServerInitialMetadata(const TestMetadata& metadata) { Http::HeaderMapPtr reply_headers{new Http::TestResponseHeaderMapImpl{{":status", "200"}}}; for (auto& value : metadata) { reply_headers->addReference(value.first, value.second); } expectInitialMetadata(metadata); fake_stream_->encodeHeaders(Http::TestResponseHeaderMapImpl(*reply_headers), false); } void sendReply() { helloworld::HelloReply reply; reply.set_message(HELLO_REPLY); EXPECT_CALL(*this, onReceiveMessage_(HelloworldReplyEq(HELLO_REPLY))).WillExitIfNeeded(); dispatcher_helper_.setStreamEventPending(); fake_stream_->sendGrpcMessage(reply); } void expectGrpcStatus(Status::GrpcStatus grpc_status) { if (grpc_status == Status::WellKnownGrpcStatus::InvalidCode) { EXPECT_CALL(*this, onRemoteClose(_, _)).WillExitIfNeeded(); } else if (grpc_status > Status::WellKnownGrpcStatus::MaximumKnown) { EXPECT_CALL(*this, onRemoteClose(Status::WellKnownGrpcStatus::InvalidCode, _)) .WillExitIfNeeded(); } else { EXPECT_CALL(*this, onRemoteClose(grpc_status, _)).WillExitIfNeeded(); } dispatcher_helper_.setStreamEventPending(); } void sendServerTrailers(Status::GrpcStatus grpc_status, const std::string& grpc_message, const TestMetadata& metadata, bool trailers_only = false) { Http::TestResponseTrailerMapImpl reply_trailers{ {"grpc-status", std::to_string(enumToInt(grpc_status))}}; if (!grpc_message.empty()) { reply_trailers.addCopy("grpc-message", grpc_message); } if (trailers_only) { reply_trailers.addCopy(":status", "200"); } for (const auto& value : metadata) { reply_trailers.addCopy(value.first, value.second); } if (trailers_only) { expectInitialMetadata(empty_metadata_); } expectTrailingMetadata(metadata); expectGrpcStatus(grpc_status); if (trailers_only) { fake_stream_->encodeHeaders(reply_trailers, true); } else { fake_stream_->encodeTrailers(reply_trailers); } } void closeStream() { grpc_stream_->closeStream(); AssertionResult result = fake_stream_->waitForEndStream(dispatcher_helper_.dispatcher_); RELEASE_ASSERT(result, result.message()); } DispatcherHelper& dispatcher_helper_; FakeStream* fake_stream_{}; AsyncStream grpc_stream_{}; const TestMetadata empty_metadata_; }; using HelloworldStreamPtr = std::unique_ptr; // Request related test utilities. class HelloworldRequest : public MockAsyncRequestCallbacks { public: HelloworldRequest(DispatcherHelper& dispatcher_helper) : dispatcher_helper_(dispatcher_helper) {} void sendReply() { fake_stream_->startGrpcStream(); helloworld::HelloReply reply; reply.set_message(HELLO_REPLY); EXPECT_CALL(*child_span_, setTag(Eq(Tracing::Tags::get().GrpcStatusCode), Eq("0"))); EXPECT_CALL(*this, onSuccess_(HelloworldReplyEq(HELLO_REPLY), _)).WillExitIfNeeded(); EXPECT_CALL(*child_span_, finishSpan()); dispatcher_helper_.setStreamEventPending(); fake_stream_->sendGrpcMessage(reply); fake_stream_->finishGrpcStream(Grpc::Status::Ok); } DispatcherHelper& dispatcher_helper_; FakeStream* fake_stream_{}; AsyncRequest* grpc_request_{}; Tracing::MockSpan* child_span_{new Tracing::MockSpan()}; }; using HelloworldRequestPtr = std::unique_ptr; class GrpcClientIntegrationTest : public GrpcClientIntegrationParamTest { public: GrpcClientIntegrationTest() : method_descriptor_(helloworld::Greeter::descriptor()->FindMethodByName("SayHello")), api_(Api::createApiForTest(*stats_store_, test_time_.timeSystem())), dispatcher_(api_->allocateDispatcher("test_thread")), http_context_(stats_store_->symbolTable()) {} virtual void initialize() { if (fake_upstream_ == nullptr) { fake_upstream_ = std::make_unique(0, FakeHttpConnection::Type::HTTP2, ipVersion(), test_time_.timeSystem()); } switch (clientType()) { case ClientType::EnvoyGrpc: grpc_client_ = createAsyncClientImpl(); break; case ClientType::GoogleGrpc: { grpc_client_ = createGoogleAsyncClientImpl(); break; } } // Setup a test timeout (also needed to maintain an active event in the dispatcher so that // .run() will block until timeout rather than exit immediately). timeout_timer_ = dispatcher_->createTimer([this] { FAIL() << "Test timeout"; dispatcher_->exit(); }); timeout_timer_->enableTimer(std::chrono::milliseconds(10000)); } void TearDown() override { if (fake_connection_) { AssertionResult result = fake_connection_->close(); RELEASE_ASSERT(result, result.message()); result = fake_connection_->waitForDisconnect(); RELEASE_ASSERT(result, result.message()); fake_connection_.reset(); } } void fillServiceWideInitialMetadata(envoy::config::core::v3::GrpcService& config) { for (const auto& item : service_wide_initial_metadata_) { auto* header_value = config.add_initial_metadata(); header_value->set_key(item.first.get()); header_value->set_value(item.second); } } // Create a Grpc::AsyncClientImpl instance backed by enough fake/mock // infrastructure to initiate a loopback TCP connection to fake_upstream_. RawAsyncClientPtr createAsyncClientImpl() { client_connection_ = std::make_unique( *dispatcher_, fake_upstream_->localAddress(), nullptr, std::move(async_client_transport_socket_), nullptr); ON_CALL(*mock_cluster_info_, connectTimeout()) .WillByDefault(Return(std::chrono::milliseconds(10000))); EXPECT_CALL(*mock_cluster_info_, name()).WillRepeatedly(ReturnRef(fake_cluster_name_)); EXPECT_CALL(cm_, get(_)).WillRepeatedly(Return(&thread_local_cluster_)); EXPECT_CALL(thread_local_cluster_, info()).WillRepeatedly(Return(cluster_info_ptr_)); Upstream::MockHost::MockCreateConnectionData connection_data{client_connection_.release(), host_description_ptr_}; EXPECT_CALL(*mock_host_, createConnection_(_, _)).WillRepeatedly(Return(connection_data)); EXPECT_CALL(*mock_host_, cluster()).WillRepeatedly(ReturnRef(*cluster_info_ptr_)); EXPECT_CALL(*mock_host_description_, locality()).WillRepeatedly(ReturnRef(host_locality_)); http_conn_pool_ = std::make_unique( *dispatcher_, random_, host_ptr_, Upstream::ResourcePriority::Default, nullptr, nullptr); EXPECT_CALL(cm_, httpConnPoolForCluster(_, _, _, _)) .WillRepeatedly(Return(http_conn_pool_.get())); http_async_client_ = std::make_unique( cluster_info_ptr_, *stats_store_, *dispatcher_, local_info_, cm_, runtime_, random_, std::move(shadow_writer_ptr_), http_context_); EXPECT_CALL(cm_, httpAsyncClientForCluster(fake_cluster_name_)) .WillRepeatedly(ReturnRef(*http_async_client_)); EXPECT_CALL(cm_, get(Eq(fake_cluster_name_))).WillRepeatedly(Return(&thread_local_cluster_)); envoy::config::core::v3::GrpcService config; config.mutable_envoy_grpc()->set_cluster_name(fake_cluster_name_); fillServiceWideInitialMetadata(config); return std::make_unique(cm_, config, dispatcher_->timeSource()); } virtual envoy::config::core::v3::GrpcService createGoogleGrpcConfig() { envoy::config::core::v3::GrpcService config; auto* google_grpc = config.mutable_google_grpc(); google_grpc->set_target_uri(fake_upstream_->localAddress()->asString()); google_grpc->set_stat_prefix("fake_cluster"); for (const auto& config_arg : channel_args_) { (*google_grpc->mutable_channel_args()->mutable_args())[config_arg.first].set_string_value( config_arg.second); } fillServiceWideInitialMetadata(config); return config; } RawAsyncClientPtr createGoogleAsyncClientImpl() { #ifdef ENVOY_GOOGLE_GRPC google_tls_ = std::make_unique(*api_); GoogleGenericStubFactory stub_factory; return std::make_unique(*dispatcher_, *google_tls_, stub_factory, stats_scope_, createGoogleGrpcConfig(), *api_, google_grpc_stat_names_); #else NOT_REACHED_GCOVR_EXCL_LINE; #endif } void expectInitialHeaders(FakeStream& fake_stream, const TestMetadata& initial_metadata) { AssertionResult result = fake_stream.waitForHeadersComplete(); RELEASE_ASSERT(result, result.message()); stream_headers_ = std::make_unique(fake_stream.headers()); EXPECT_EQ("POST", stream_headers_->get_(":method")); EXPECT_EQ("/helloworld.Greeter/SayHello", stream_headers_->get_(":path")); EXPECT_EQ("application/grpc", stream_headers_->get_("content-type")); EXPECT_EQ("trailers", stream_headers_->get_("te")); for (const auto& value : initial_metadata) { EXPECT_EQ(value.second, stream_headers_->get_(value.first)); } for (const auto& value : service_wide_initial_metadata_) { EXPECT_EQ(value.second, stream_headers_->get_(value.first)); } } virtual void expectExtraHeaders(FakeStream&) {} HelloworldRequestPtr createRequest(const TestMetadata& initial_metadata) { auto request = std::make_unique(dispatcher_helper_); EXPECT_CALL(*request, onCreateInitialMetadata(_)) .WillOnce(Invoke([&initial_metadata](Http::HeaderMap& headers) { for (const auto& value : initial_metadata) { headers.addReference(value.first, value.second); } })); helloworld::HelloRequest request_msg; request_msg.set_name(HELLO_REQUEST); Tracing::MockSpan active_span; EXPECT_CALL(active_span, spawnChild_(_, "async fake_cluster egress", _)) .WillOnce(Return(request->child_span_)); EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().UpstreamCluster), Eq(fake_cluster_name_))); EXPECT_CALL(*request->child_span_, setTag(Eq(Tracing::Tags::get().Component), Eq(Tracing::Tags::get().Proxy))); EXPECT_CALL(*request->child_span_, injectContext(_)); request->grpc_request_ = grpc_client_->send(*method_descriptor_, request_msg, *request, active_span, Http::AsyncClient::RequestOptions()); EXPECT_NE(request->grpc_request_, nullptr); if (!fake_connection_) { AssertionResult result = fake_upstream_->waitForHttpConnection(*dispatcher_, fake_connection_); RELEASE_ASSERT(result, result.message()); } fake_streams_.emplace_back(); AssertionResult result = fake_connection_->waitForNewStream(*dispatcher_, fake_streams_.back()); RELEASE_ASSERT(result, result.message()); auto& fake_stream = *fake_streams_.back(); request->fake_stream_ = &fake_stream; expectInitialHeaders(fake_stream, initial_metadata); expectExtraHeaders(fake_stream); helloworld::HelloRequest received_msg; result = fake_stream.waitForGrpcMessage(*dispatcher_, received_msg); RELEASE_ASSERT(result, result.message()); EXPECT_THAT(request_msg, ProtoEq(received_msg)); return request; } HelloworldStreamPtr createStream(const TestMetadata& initial_metadata) { auto stream = std::make_unique(dispatcher_helper_); EXPECT_CALL(*stream, onCreateInitialMetadata(_)) .WillOnce(Invoke([&initial_metadata](Http::HeaderMap& headers) { for (const auto& value : initial_metadata) { headers.addReference(value.first, value.second); } })); stream->grpc_stream_ = grpc_client_->start(*method_descriptor_, *stream, Http::AsyncClient::StreamOptions()); EXPECT_NE(stream->grpc_stream_, nullptr); if (!fake_connection_) { AssertionResult result = fake_upstream_->waitForHttpConnection(*dispatcher_, fake_connection_); RELEASE_ASSERT(result, result.message()); } fake_streams_.emplace_back(); AssertionResult result = fake_connection_->waitForNewStream(*dispatcher_, fake_streams_.back()); RELEASE_ASSERT(result, result.message()); auto& fake_stream = *fake_streams_.back(); stream->fake_stream_ = &fake_stream; expectInitialHeaders(fake_stream, initial_metadata); expectExtraHeaders(fake_stream); return stream; } DangerousDeprecatedTestTime test_time_; std::unique_ptr fake_upstream_; FakeHttpConnectionPtr fake_connection_; std::vector fake_streams_; const Protobuf::MethodDescriptor* method_descriptor_; Stats::TestSymbolTable symbol_table_; Stats::IsolatedStoreImpl* stats_store_ = new Stats::IsolatedStoreImpl(*symbol_table_); Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; DispatcherHelper dispatcher_helper_{*dispatcher_}; Stats::ScopeSharedPtr stats_scope_{stats_store_}; Grpc::StatNames google_grpc_stat_names_{stats_store_->symbolTable()}; TestMetadata service_wide_initial_metadata_; std::unique_ptr stream_headers_; std::vector> channel_args_; #ifdef ENVOY_GOOGLE_GRPC GoogleAsyncClientThreadLocalPtr google_tls_; #endif AsyncClient grpc_client_; Event::TimerPtr timeout_timer_; const TestMetadata empty_metadata_; // Fake/mock infrastructure for Grpc::AsyncClientImpl upstream. Network::TransportSocketPtr async_client_transport_socket_{new Network::RawBufferSocket()}; const std::string fake_cluster_name_{"fake_cluster"}; Upstream::MockClusterManager cm_; Upstream::MockClusterInfo* mock_cluster_info_ = new NiceMock(); Upstream::ClusterInfoConstSharedPtr cluster_info_ptr_{mock_cluster_info_}; Upstream::MockThreadLocalCluster thread_local_cluster_; NiceMock local_info_; Runtime::MockLoader runtime_; Extensions::TransportSockets::Tls::ContextManagerImpl context_manager_{test_time_.timeSystem()}; NiceMock random_; Http::AsyncClientPtr http_async_client_; Http::ConnectionPool::InstancePtr http_conn_pool_; Http::ContextImpl http_context_; envoy::config::core::v3::Locality host_locality_; Upstream::MockHost* mock_host_ = new NiceMock(); Upstream::MockHostDescription* mock_host_description_ = new NiceMock(); Upstream::HostDescriptionConstSharedPtr host_description_ptr_{mock_host_description_}; Upstream::HostConstSharedPtr host_ptr_{mock_host_}; Router::MockShadowWriter* mock_shadow_writer_ = new Router::MockShadowWriter(); Router::ShadowWriterPtr shadow_writer_ptr_{mock_shadow_writer_}; Network::ClientConnectionPtr client_connection_; }; // SSL connection credential validation tests. class GrpcSslClientIntegrationTest : public GrpcClientIntegrationTest { public: GrpcSslClientIntegrationTest() { ON_CALL(factory_context_, api()).WillByDefault(ReturnRef(*api_)); } void TearDown() override { // Reset some state in the superclass before we destruct context_manager_ in our destructor, it // doesn't like dangling contexts at destruction. GrpcClientIntegrationTest::TearDown(); fake_upstream_.reset(); async_client_transport_socket_.reset(); client_connection_.reset(); } envoy::config::core::v3::GrpcService createGoogleGrpcConfig() override { auto config = GrpcClientIntegrationTest::createGoogleGrpcConfig(); TestUtility::setTestSslGoogleGrpcConfig(config, use_client_cert_); return config; } void initialize() override { envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext tls_context; auto* common_tls_context = tls_context.mutable_common_tls_context(); auto* validation_context = common_tls_context->mutable_validation_context(); validation_context->mutable_trusted_ca()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/upstreamcacert.pem")); if (use_client_cert_) { auto* tls_cert = common_tls_context->add_tls_certificates(); tls_cert->mutable_certificate_chain()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/clientcert.pem")); tls_cert->mutable_private_key()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/clientkey.pem")); } auto cfg = std::make_unique( tls_context, factory_context_); mock_host_description_->socket_factory_ = std::make_unique( std::move(cfg), context_manager_, *stats_store_); async_client_transport_socket_ = mock_host_description_->socket_factory_->createTransportSocket(nullptr); fake_upstream_ = std::make_unique(createUpstreamSslContext(), 0, FakeHttpConnection::Type::HTTP2, ipVersion(), test_time_.timeSystem()); GrpcClientIntegrationTest::initialize(); } Network::TransportSocketFactoryPtr createUpstreamSslContext() { envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext tls_context; auto* common_tls_context = tls_context.mutable_common_tls_context(); common_tls_context->add_alpn_protocols(Http::Utility::AlpnNames::get().Http2); auto* tls_cert = common_tls_context->add_tls_certificates(); tls_cert->mutable_certificate_chain()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/upstreamcert.pem")); tls_cert->mutable_private_key()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/upstreamkey.pem")); if (use_client_cert_) { tls_context.mutable_require_client_certificate()->set_value(true); auto* validation_context = common_tls_context->mutable_validation_context(); validation_context->mutable_trusted_ca()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/cacert.pem")); } auto cfg = std::make_unique( tls_context, factory_context_); static Stats::Scope* upstream_stats_store = new Stats::IsolatedStoreImpl(); return std::make_unique( std::move(cfg), context_manager_, *upstream_stats_store, std::vector{}); } bool use_client_cert_{}; testing::NiceMock factory_context_; }; } // namespace } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/grpc/service_key.json ================================================ { "type": "service_account", "project_id": "teset-project", "private_key_id": "xxx", "private_key": "-----BEGIN PRIVATE KEY-----\nspUMkfFsoTfa\n-----END PRIVATE KEY-----\n", "client_email": "test@test.iam.gserviceaccount.com", "client_id": "42", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/test%test-dev.iam.gserviceaccount.com" } ================================================ FILE: test/common/grpc/utility.h ================================================ #pragma once #include "envoy/config/core/v3/grpc_service.pb.h" #include "test/test_common/environment.h" namespace Envoy { namespace Grpc { class TestUtility { public: static void setTestSslGoogleGrpcConfig(envoy::config::core::v3::GrpcService& config, bool use_client_cert) { auto* google_grpc = config.mutable_google_grpc(); auto* ssl_creds = google_grpc->mutable_channel_credentials()->mutable_ssl_credentials(); ssl_creds->mutable_root_certs()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/upstreamcacert.pem")); if (use_client_cert) { ssl_creds->mutable_private_key()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/clientkey.pem")); ssl_creds->mutable_cert_chain()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/clientcert.pem")); } } }; } // namespace Grpc } // namespace Envoy ================================================ FILE: test/common/html/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "utility_test", srcs = ["utility_test.cc"], deps = [ "//source/common/html:utility_lib", ], ) ================================================ FILE: test/common/html/utility_test.cc ================================================ #include "common/html/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Html { namespace { TEST(HttpUtility, SanitizeHtml) { EXPECT_EQ("simple text, no cares/worries", Utility::sanitize("simple text, no cares/worries")); EXPECT_EQ("a&b", Utility::sanitize("a&b")); EXPECT_EQ("<script>", Utility::sanitize("\" contains invalid character '<'", EXPECT_FALSE(admin_.addHandler("/foo", "hello", callback, true, false))); } TEST_P(AdminInstanceTest, RejectHandlerWithEmbeddedQuery) { auto callback = [](absl::string_view, Http::HeaderMap&, Buffer::Instance&, AdminStream&) -> Http::Code { return Http::Code::Accepted; }; EXPECT_LOG_CONTAINS("error", "filter \"/bar?queryShouldNotBeInPrefix\" contains invalid character '?'", EXPECT_FALSE(admin_.addHandler("/bar?queryShouldNotBeInPrefix", "hello", callback, true, false))); } TEST_P(AdminInstanceTest, EscapeHelpTextWithPunctuation) { auto callback = [](absl::string_view, Http::HeaderMap&, Buffer::Instance&, AdminStream&) -> Http::Code { return Http::Code::Accepted; }; // It's OK to have help text with HTML characters in it, but when we render the home // page they need to be escaped. const std::string planets = "jupiter>saturn>mars"; EXPECT_TRUE(admin_.addHandler("/planets", planets, callback, true, false)); Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; EXPECT_EQ(Http::Code::OK, getCallback("/", header_map, response)); const Http::HeaderString& content_type = header_map.ContentType()->value(); EXPECT_THAT(std::string(content_type.getStringView()), testing::HasSubstr("text/html")); EXPECT_EQ(-1, response.search(planets.data(), planets.size(), 0, 0)); const std::string escaped_planets = "jupiter>saturn>mars"; EXPECT_NE(-1, response.search(escaped_planets.data(), escaped_planets.size(), 0, 0)); } TEST_P(AdminInstanceTest, HelpUsesFormForMutations) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; EXPECT_EQ(Http::Code::OK, getCallback("/", header_map, response)); const std::string logging_action = "
    cluster; cluster_map.emplace(cluster.info_->name_, cluster); NiceMock outlier_detector; ON_CALL(Const(cluster), outlierDetector()).WillByDefault(Return(&outlier_detector)); ON_CALL(outlier_detector, successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin)) .WillByDefault(Return(6.0)); ON_CALL(outlier_detector, successRateEjectionThreshold( Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin)) .WillByDefault(Return(9.0)); ON_CALL(*cluster.info_, addedViaApi()).WillByDefault(Return(true)); Upstream::MockHostSet* host_set = cluster.priority_set_.getMockHostSet(0); auto host = std::make_shared>(); envoy::config::core::v3::Locality locality; locality.set_region("test_region"); locality.set_zone("test_zone"); locality.set_sub_zone("test_sub_zone"); ON_CALL(*host, locality()).WillByDefault(ReturnRef(locality)); host_set->hosts_.emplace_back(host); Network::Address::InstanceConstSharedPtr address = Network::Utility::resolveUrl("tcp://1.2.3.4:80"); ON_CALL(*host, address()).WillByDefault(Return(address)); const std::string hostname = "foo.com"; ON_CALL(*host, hostname()).WillByDefault(ReturnRef(hostname)); // Add stats in random order and validate that they come in order. Stats::PrimitiveCounter test_counter; test_counter.add(10); Stats::PrimitiveCounter rest_counter; rest_counter.add(10); Stats::PrimitiveCounter arest_counter; arest_counter.add(5); std::vector> counters = { {"arest_counter", arest_counter}, {"rest_counter", rest_counter}, {"test_counter", test_counter}, }; Stats::PrimitiveGauge test_gauge; test_gauge.set(11); Stats::PrimitiveGauge atest_gauge; atest_gauge.set(10); std::vector> gauges = { {"atest_gauge", atest_gauge}, {"test_gauge", test_gauge}, }; ON_CALL(*host, counters()).WillByDefault(Invoke([&counters]() { return counters; })); ON_CALL(*host, gauges()).WillByDefault(Invoke([&gauges]() { return gauges; })); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::FAILED_ACTIVE_HC)) .WillByDefault(Return(true)); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::FAILED_OUTLIER_CHECK)) .WillByDefault(Return(true)); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::FAILED_EDS_HEALTH)) .WillByDefault(Return(false)); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::DEGRADED_ACTIVE_HC)) .WillByDefault(Return(true)); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::DEGRADED_EDS_HEALTH)) .WillByDefault(Return(true)); ON_CALL(*host, healthFlagGet(Upstream::Host::HealthFlag::PENDING_DYNAMIC_REMOVAL)) .WillByDefault(Return(true)); ON_CALL( host->outlier_detector_, successRate(Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::ExternalOrigin)) .WillByDefault(Return(43.2)); ON_CALL(*host, weight()).WillByDefault(Return(5)); ON_CALL(host->outlier_detector_, successRate(Upstream::Outlier::DetectorHostMonitor::SuccessRateMonitorType::LocalOrigin)) .WillByDefault(Return(93.2)); ON_CALL(*host, priority()).WillByDefault(Return(6)); Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; EXPECT_EQ(Http::Code::OK, getCallback("/clusters?format=json", header_map, response)); std::string output_json = response.toString(); envoy::admin::v3::Clusters output_proto; TestUtility::loadFromJson(output_json, output_proto); const std::string expected_json = R"EOF({ "cluster_statuses": [ { "name": "fake_cluster", "success_rate_ejection_threshold": { "value": 6 }, "local_origin_success_rate_ejection_threshold": { "value": 9 }, "added_via_api": true, "circuit_breakers": { "thresholds": [ { "max_connections": 1, "max_pending_requests": 1024, "max_requests": 1024, "max_retries": 1 }, { "priority": "HIGH", "max_connections": 1, "max_pending_requests": 1024, "max_requests": 1024, "max_retries": 1 } ] }, "host_statuses": [ { "address": { "socket_address": { "protocol": "TCP", "address": "1.2.3.4", "port_value": 80 } }, "stats": [ { "name": "arest_counter", "value": "5", "type": "COUNTER" }, { "name": "rest_counter", "value": "10", "type": "COUNTER" }, { "name": "test_counter", "value": "10", "type": "COUNTER" }, { "name": "atest_gauge", "value": "10", "type": "GAUGE" }, { "name": "test_gauge", "value": "11", "type": "GAUGE" } ], "health_status": { "eds_health_status": "DEGRADED", "failed_active_health_check": true, "failed_outlier_check": true, "failed_active_degraded_check": true, "pending_dynamic_removal": true }, "success_rate": { "value": 43.2 }, "weight": 5, "hostname": "foo.com", "priority": 6, "local_origin_success_rate": { "value": 93.2 }, "locality": { "region": "test_region", "zone": "test_zone", "sub_zone": "test_sub_zone" } } ] } ] } )EOF"; envoy::admin::v3::Clusters expected_proto; TestUtility::loadFromJson(expected_json, expected_proto); // Ensure the protos created from each JSON are equivalent. EXPECT_THAT(output_proto, ProtoEq(expected_proto)); // Ensure that the normal text format is used by default. Buffer::OwnedImpl response2; EXPECT_EQ(Http::Code::OK, getCallback("/clusters", header_map, response2)); const std::string expected_text = R"EOF(fake_cluster::outlier::success_rate_average::0 fake_cluster::outlier::success_rate_ejection_threshold::6 fake_cluster::outlier::local_origin_success_rate_average::0 fake_cluster::outlier::local_origin_success_rate_ejection_threshold::9 fake_cluster::default_priority::max_connections::1 fake_cluster::default_priority::max_pending_requests::1024 fake_cluster::default_priority::max_requests::1024 fake_cluster::default_priority::max_retries::1 fake_cluster::high_priority::max_connections::1 fake_cluster::high_priority::max_pending_requests::1024 fake_cluster::high_priority::max_requests::1024 fake_cluster::high_priority::max_retries::1 fake_cluster::added_via_api::true fake_cluster::1.2.3.4:80::arest_counter::5 fake_cluster::1.2.3.4:80::atest_gauge::10 fake_cluster::1.2.3.4:80::rest_counter::10 fake_cluster::1.2.3.4:80::test_counter::10 fake_cluster::1.2.3.4:80::test_gauge::11 fake_cluster::1.2.3.4:80::hostname::foo.com fake_cluster::1.2.3.4:80::health_flags::/failed_active_hc/failed_outlier_check/degraded_active_hc/degraded_eds_health/pending_dynamic_removal fake_cluster::1.2.3.4:80::weight::5 fake_cluster::1.2.3.4:80::region::test_region fake_cluster::1.2.3.4:80::zone::test_zone fake_cluster::1.2.3.4:80::sub_zone::test_sub_zone fake_cluster::1.2.3.4:80::canary::false fake_cluster::1.2.3.4:80::priority::6 fake_cluster::1.2.3.4:80::success_rate::43.2 fake_cluster::1.2.3.4:80::local_origin_success_rate::93.2 )EOF"; EXPECT_EQ(expected_text, response2.toString()); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/config_dump_handler_test.cc ================================================ #include "test/server/admin/admin_instance.h" using testing::Return; using testing::ReturnPointee; using testing::ReturnRef; namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); // helper method for adding host's info void addHostInfo(NiceMock& host, const std::string& hostname, const std::string& address_url, envoy::config::core::v3::Locality& locality, const std::string& hostname_for_healthcheck, const std::string& healthcheck_address_url, int weight, int priority) { ON_CALL(host, locality()).WillByDefault(ReturnRef(locality)); Network::Address::InstanceConstSharedPtr address = Network::Utility::resolveUrl(address_url); ON_CALL(host, address()).WillByDefault(Return(address)); ON_CALL(host, hostname()).WillByDefault(ReturnRef(hostname)); ON_CALL(host, hostnameForHealthChecks()).WillByDefault(ReturnRef(hostname_for_healthcheck)); Network::Address::InstanceConstSharedPtr healthcheck_address = Network::Utility::resolveUrl(healthcheck_address_url); ON_CALL(host, healthCheckAddress()).WillByDefault(Return(healthcheck_address)); auto metadata = std::make_shared(); ON_CALL(host, metadata()).WillByDefault(Return(metadata)); ON_CALL(host, health()).WillByDefault(Return(Upstream::Host::Health::Healthy)); ON_CALL(host, weight()).WillByDefault(Return(weight)); ON_CALL(host, priority()).WillByDefault(Return(priority)); } TEST_P(AdminInstanceTest, ConfigDump) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto entry = admin_.getConfigTracker().add("foo", [] { auto msg = std::make_unique(); msg->set_value("bar"); return msg; }); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/google.protobuf.StringValue", "value": "bar" } ] } )EOF"; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump", header_map, response)); std::string output = response.toString(); EXPECT_EQ(expected_json, output); } TEST_P(AdminInstanceTest, ConfigDumpMaintainsOrder) { // Add configs in random order and validate config_dump dumps in the order. auto bootstrap_entry = admin_.getConfigTracker().add("bootstrap", [] { auto msg = std::make_unique(); msg->set_value("bootstrap_config"); return msg; }); auto route_entry = admin_.getConfigTracker().add("routes", [] { auto msg = std::make_unique(); msg->set_value("routes_config"); return msg; }); auto listener_entry = admin_.getConfigTracker().add("listeners", [] { auto msg = std::make_unique(); msg->set_value("listeners_config"); return msg; }); auto cluster_entry = admin_.getConfigTracker().add("clusters", [] { auto msg = std::make_unique(); msg->set_value("clusters_config"); return msg; }); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/google.protobuf.StringValue", "value": "bootstrap_config" }, { "@type": "type.googleapis.com/google.protobuf.StringValue", "value": "clusters_config" }, { "@type": "type.googleapis.com/google.protobuf.StringValue", "value": "listeners_config" }, { "@type": "type.googleapis.com/google.protobuf.StringValue", "value": "routes_config" } ] } )EOF"; // Run it multiple times and validate that order is preserved. for (size_t i = 0; i < 5; i++) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump", header_map, response)); const std::string output = response.toString(); EXPECT_EQ(expected_json, output); } } // Test that using ?include_eds parameter adds EDS to the config dump. TEST_P(AdminInstanceTest, ConfigDumpWithEndpoint) { Upstream::ClusterManager::ClusterInfoMap cluster_map; ON_CALL(server_.cluster_manager_, clusters()).WillByDefault(ReturnPointee(&cluster_map)); NiceMock cluster; cluster_map.emplace(cluster.info_->name_, cluster); ON_CALL(*cluster.info_, addedViaApi()).WillByDefault(Return(false)); Upstream::MockHostSet* host_set = cluster.priority_set_.getMockHostSet(0); auto host = std::make_shared>(); host_set->hosts_.emplace_back(host); envoy::config::core::v3::Locality locality; const std::string hostname_for_healthcheck = "test_hostname_healthcheck"; const std::string hostname = "foo.com"; addHostInfo(*host, hostname, "tcp://1.2.3.4:80", locality, hostname_for_healthcheck, "tcp://1.2.3.5:90", 5, 6); Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?include_eds", header_map, response)); std::string output = response.toString(); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.EndpointsConfigDump", "static_endpoint_configs": [ { "endpoint_config": { "@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment", "cluster_name": "fake_cluster", "endpoints": [ { "locality": {}, "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "1.2.3.4", "port_value": 80 } }, "health_check_config": { "port_value": 90, "hostname": "test_hostname_healthcheck" }, "hostname": "foo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 5 } ], "priority": 6 } ], "policy": { "overprovisioning_factor": 140 } } } ] } ] } )EOF"; EXPECT_EQ(expected_json, output); } // Test EDS config dump while multiple localities and priorities exist TEST_P(AdminInstanceTest, ConfigDumpWithLocalityEndpoint) { Upstream::ClusterManager::ClusterInfoMap cluster_map; ON_CALL(server_.cluster_manager_, clusters()).WillByDefault(ReturnPointee(&cluster_map)); NiceMock cluster; cluster_map.emplace(cluster.info_->name_, cluster); ON_CALL(*cluster.info_, addedViaApi()).WillByDefault(Return(false)); Upstream::MockHostSet* host_set_1 = cluster.priority_set_.getMockHostSet(0); auto host_1 = std::make_shared>(); host_set_1->hosts_.emplace_back(host_1); envoy::config::core::v3::Locality locality_1; locality_1.set_region("oceania"); locality_1.set_zone("hello"); locality_1.set_sub_zone("world"); const std::string hostname_for_healthcheck = "test_hostname_healthcheck"; const std::string hostname_1 = "foo.com"; addHostInfo(*host_1, hostname_1, "tcp://1.2.3.4:80", locality_1, hostname_for_healthcheck, "tcp://1.2.3.5:90", 5, 6); auto host_2 = std::make_shared>(); host_set_1->hosts_.emplace_back(host_2); const std::string empty_hostname_for_healthcheck = ""; const std::string hostname_2 = "boo.com"; addHostInfo(*host_2, hostname_2, "tcp://1.2.3.7:8", locality_1, empty_hostname_for_healthcheck, "tcp://1.2.3.7:8", 3, 6); envoy::config::core::v3::Locality locality_2; auto host_3 = std::make_shared>(); host_set_1->hosts_.emplace_back(host_3); const std::string hostname_3 = "coo.com"; addHostInfo(*host_3, hostname_3, "tcp://1.2.3.8:8", locality_2, empty_hostname_for_healthcheck, "tcp://1.2.3.8:8", 3, 4); std::vector locality_hosts = { {Upstream::HostSharedPtr(host_1), Upstream::HostSharedPtr(host_2)}, {Upstream::HostSharedPtr(host_3)}}; auto hosts_per_locality = new Upstream::HostsPerLocalityImpl(std::move(locality_hosts), false); Upstream::LocalityWeightsConstSharedPtr locality_weights{new Upstream::LocalityWeights{1, 3}}; ON_CALL(*host_set_1, hostsPerLocality()).WillByDefault(ReturnRef(*hosts_per_locality)); ON_CALL(*host_set_1, localityWeights()).WillByDefault(Return(locality_weights)); Upstream::MockHostSet* host_set_2 = cluster.priority_set_.getMockHostSet(1); auto host_4 = std::make_shared>(); host_set_2->hosts_.emplace_back(host_4); const std::string hostname_4 = "doo.com"; addHostInfo(*host_4, hostname_4, "tcp://1.2.3.9:8", locality_1, empty_hostname_for_healthcheck, "tcp://1.2.3.9:8", 3, 2); Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?include_eds", header_map, response)); std::string output = response.toString(); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.EndpointsConfigDump", "static_endpoint_configs": [ { "endpoint_config": { "@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment", "cluster_name": "fake_cluster", "endpoints": [ { "locality": { "region": "oceania", "zone": "hello", "sub_zone": "world" }, "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "1.2.3.4", "port_value": 80 } }, "health_check_config": { "port_value": 90, "hostname": "test_hostname_healthcheck" }, "hostname": "foo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 5 }, { "endpoint": { "address": { "socket_address": { "address": "1.2.3.7", "port_value": 8 } }, "health_check_config": {}, "hostname": "boo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 3 } ], "load_balancing_weight": 1, "priority": 6 }, { "locality": {}, "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "1.2.3.8", "port_value": 8 } }, "health_check_config": {}, "hostname": "coo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 3 } ], "load_balancing_weight": 3, "priority": 4 }, { "locality": { "region": "oceania", "zone": "hello", "sub_zone": "world" }, "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "1.2.3.9", "port_value": 8 } }, "health_check_config": {}, "hostname": "doo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 3 } ], "priority": 2 } ], "policy": { "overprovisioning_factor": 140 } } } ] } ] } )EOF"; EXPECT_EQ(expected_json, output); delete (hosts_per_locality); } // Test that using the resource query parameter filters the config dump. // We add both static and dynamic listener config to the dump, but expect only // dynamic in the JSON with ?resource=dynamic_listeners. TEST_P(AdminInstanceTest, ConfigDumpFiltersByResource) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto listeners = admin_.getConfigTracker().add("listeners", [] { auto msg = std::make_unique(); auto dyn_listener = msg->add_dynamic_listeners(); dyn_listener->set_name("foo"); auto stat_listener = msg->add_static_listeners(); envoy::config::listener::v3::Listener listener; listener.set_name("bar"); stat_listener->mutable_listener()->PackFrom(listener); return msg; }); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump.DynamicListener", "name": "foo" } ] } )EOF"; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?resource=dynamic_listeners", header_map, response)); std::string output = response.toString(); EXPECT_EQ(expected_json, output); } // Test that using the resource query parameter filters the config dump including EDS. // We add both static and dynamic endpoint config to the dump, but expect only // dynamic in the JSON with ?resource=dynamic_endpoint_configs. TEST_P(AdminInstanceTest, ConfigDumpWithEndpointFiltersByResource) { Upstream::ClusterManager::ClusterInfoMap cluster_map; ON_CALL(server_.cluster_manager_, clusters()).WillByDefault(ReturnPointee(&cluster_map)); NiceMock cluster_1; cluster_map.emplace(cluster_1.info_->name_, cluster_1); ON_CALL(*cluster_1.info_, addedViaApi()).WillByDefault(Return(true)); Upstream::MockHostSet* host_set = cluster_1.priority_set_.getMockHostSet(0); auto host_1 = std::make_shared>(); host_set->hosts_.emplace_back(host_1); envoy::config::core::v3::Locality locality; const std::string hostname_for_healthcheck = "test_hostname_healthcheck"; const std::string hostname_1 = "foo.com"; addHostInfo(*host_1, hostname_1, "tcp://1.2.3.4:80", locality, hostname_for_healthcheck, "tcp://1.2.3.5:90", 5, 6); NiceMock cluster_2; cluster_2.info_->name_ = "fake_cluster_2"; cluster_map.emplace(cluster_2.info_->name_, cluster_2); ON_CALL(*cluster_2.info_, addedViaApi()).WillByDefault(Return(false)); Upstream::MockHostSet* host_set_2 = cluster_2.priority_set_.getMockHostSet(0); auto host_2 = std::make_shared>(); host_set_2->hosts_.emplace_back(host_2); const std::string hostname_2 = "boo.com"; addHostInfo(*host_2, hostname_2, "tcp://1.2.3.5:8", locality, hostname_for_healthcheck, "tcp://1.2.3.4:1", 3, 4); Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?include_eds&resource=dynamic_endpoint_configs", header_map, response)); std::string output = response.toString(); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig", "endpoint_config": { "@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment", "cluster_name": "fake_cluster", "endpoints": [ { "locality": {}, "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "1.2.3.4", "port_value": 80 } }, "health_check_config": { "port_value": 90, "hostname": "test_hostname_healthcheck" }, "hostname": "foo.com" }, "health_status": "HEALTHY", "metadata": {}, "load_balancing_weight": 5 } ], "priority": 6 } ], "policy": { "overprovisioning_factor": 140 } } } ] } )EOF"; EXPECT_EQ(expected_json, output); } // Test that using the mask query parameter filters the config dump. // We add both static and dynamic listener config to the dump, but expect only // dynamic in the JSON with ?mask=dynamic_listeners. TEST_P(AdminInstanceTest, ConfigDumpFiltersByMask) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto listeners = admin_.getConfigTracker().add("listeners", [] { auto msg = std::make_unique(); auto dyn_listener = msg->add_dynamic_listeners(); dyn_listener->set_name("foo"); auto stat_listener = msg->add_static_listeners(); envoy::config::listener::v3::Listener listener; listener.set_name("bar"); stat_listener->mutable_listener()->PackFrom(listener); return msg; }); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump", "dynamic_listeners": [ { "name": "foo" } ] } ] } )EOF"; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?mask=dynamic_listeners", header_map, response)); std::string output = response.toString(); EXPECT_EQ(expected_json, output); } ProtobufTypes::MessagePtr testDumpClustersConfig() { auto msg = std::make_unique(); auto* static_cluster = msg->add_static_clusters(); envoy::config::cluster::v3::Cluster inner_cluster; inner_cluster.set_name("foo"); inner_cluster.set_ignore_health_on_host_removal(true); static_cluster->mutable_cluster()->PackFrom(inner_cluster); auto* dyn_cluster = msg->add_dynamic_active_clusters(); dyn_cluster->set_version_info("baz"); dyn_cluster->mutable_last_updated()->set_seconds(5); envoy::config::cluster::v3::Cluster inner_dyn_cluster; inner_dyn_cluster.set_name("bar"); inner_dyn_cluster.set_ignore_health_on_host_removal(true); inner_dyn_cluster.mutable_http2_protocol_options()->set_allow_connect(true); dyn_cluster->mutable_cluster()->PackFrom(inner_dyn_cluster); return msg; } // Test that when using both resource and mask query parameters the JSON output contains // only the desired resource and the fields specified in the mask. TEST_P(AdminInstanceTest, ConfigDumpFiltersByResourceAndMask) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto clusters = admin_.getConfigTracker().add("clusters", testDumpClustersConfig); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.ClustersConfigDump.DynamicCluster", "version_info": "baz", "cluster": { "@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster", "name": "bar", "http2_protocol_options": { "allow_connect": true } } } ] } )EOF"; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?resource=dynamic_active_clusters&mask=" "cluster.name,version_info,cluster.http2_protocol_options", header_map, response)); std::string output = response.toString(); EXPECT_EQ(expected_json, output); } // Test that no fields are present in the JSON output if there is no intersection between the fields // of the config dump and the fields present in the mask query parameter. TEST_P(AdminInstanceTest, ConfigDumpNonExistentMask) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto clusters = admin_.getConfigTracker().add("clusters", testDumpClustersConfig); const std::string expected_json = R"EOF({ "configs": [ { "@type": "type.googleapis.com/envoy.admin.v3.ClustersConfigDump.StaticCluster" } ] } )EOF"; EXPECT_EQ(Http::Code::OK, getCallback("/config_dump?resource=static_clusters&mask=bad", header_map, response)); std::string output = response.toString(); EXPECT_EQ(expected_json, output); } // Test that a 404 Not found is returned if a non-existent resource is passed in as the // resource query parameter. TEST_P(AdminInstanceTest, ConfigDumpNonExistentResource) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto listeners = admin_.getConfigTracker().add("listeners", [] { auto msg = std::make_unique(); msg->set_value("listeners_config"); return msg; }); EXPECT_EQ(Http::Code::NotFound, getCallback("/config_dump?resource=foo", header_map, response)); } // Test that a 400 Bad Request is returned if the passed resource query parameter is not a // repeated field. TEST_P(AdminInstanceTest, ConfigDumpResourceNotRepeated) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; auto clusters = admin_.getConfigTracker().add("clusters", [] { auto msg = std::make_unique(); msg->set_version_info("foo"); return msg; }); EXPECT_EQ(Http::Code::BadRequest, getCallback("/config_dump?resource=version_info", header_map, response)); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/config_tracker_impl_test.cc ================================================ #include "server/admin/config_tracker_impl.h" #include "test/mocks/common.h" #include "gmock/gmock.h" namespace Envoy { namespace Server { class ConfigTrackerImplTest : public testing::Test { public: ConfigTrackerImplTest() : cbs_map(tracker.getCallbacksMap()) { EXPECT_TRUE(cbs_map.empty()); test_cb = [this] { called = true; return test_msg(); }; } ProtobufTypes::MessagePtr test_msg() { return std::make_unique(); } ~ConfigTrackerImplTest() override = default; ConfigTrackerImpl tracker; const std::map& cbs_map; ConfigTracker::Cb test_cb; bool called{false}; std::string test_string{"foo"}; }; TEST_F(ConfigTrackerImplTest, Basic) { EXPECT_EQ(0, cbs_map.size()); auto entry_owner = tracker.add("test_key", test_cb); EXPECT_EQ(1, cbs_map.size()); EXPECT_NE(nullptr, entry_owner); EXPECT_NE(nullptr, cbs_map.begin()->second()); EXPECT_TRUE(called); } TEST_F(ConfigTrackerImplTest, DestroyHandleBeforeTracker) { auto entry_owner = tracker.add("test_key", test_cb); EXPECT_EQ(1, cbs_map.size()); entry_owner.reset(); EXPECT_EQ(0, cbs_map.size()); } TEST_F(ConfigTrackerImplTest, DestroyTrackerBeforeHandle) { std::shared_ptr tracker_ptr = std::make_shared(); auto entry_owner = tracker.add("test_key", test_cb); tracker_ptr.reset(); entry_owner.reset(); // Shouldn't explode } TEST_F(ConfigTrackerImplTest, AddDuplicate) { auto entry_owner = tracker.add("test_key", test_cb); EXPECT_EQ(nullptr, tracker.add("test_key", test_cb)); entry_owner.reset(); // Now we can add it EXPECT_NE(nullptr, tracker.add("test_key", test_cb)); } TEST_F(ConfigTrackerImplTest, OperationsWithinCallback) { ConfigTracker::EntryOwnerPtr owner1, owner2; owner1 = tracker.add("test_key", [&] { owner2 = tracker.add("test_key2", [&] { owner1.reset(); return test_msg(); }); return test_msg(); }); EXPECT_EQ(1, cbs_map.size()); EXPECT_NE(nullptr, owner1); EXPECT_NE(nullptr, cbs_map.at("test_key")()); EXPECT_EQ(2, cbs_map.size()); EXPECT_NE(nullptr, owner2); EXPECT_NE(nullptr, cbs_map.at("test_key2")()); EXPECT_EQ(1, cbs_map.size()); EXPECT_EQ(0, cbs_map.count("test_key")); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/init_dump_handler_test.cc ================================================ #include "test/server/admin/admin_instance.h" using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); // Test Using /init_dump to dump information of all unready targets. TEST_P(AdminInstanceTest, UnreadyTargetsDump) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; Network::MockListenerConfig listener_1; Init::ManagerImpl init_manager_1{"test_init_manager_1"}; Init::TargetImpl target_1("test_target_1", nullptr); init_manager_1.add(target_1); EXPECT_CALL(listener_1, initManager()).WillOnce(ReturnRef(init_manager_1)); Network::MockListenerConfig listener_2; Init::ManagerImpl init_manager_2{"test_init_manager_2"}; Init::TargetImpl target_2("test_target_2", nullptr); init_manager_2.add(target_2); EXPECT_CALL(listener_2, initManager()).WillOnce(ReturnRef(init_manager_2)); MockListenerManager listener_manager; EXPECT_CALL(server_, listenerManager()).WillRepeatedly(ReturnRef(listener_manager)); std::vector> listeners; listeners.push_back(listener_1); listeners.push_back(listener_2); EXPECT_CALL(listener_manager, isWorkerStarted()).WillRepeatedly(Return(true)); EXPECT_CALL(listener_manager, listeners(_)).WillOnce(Return(listeners)); EXPECT_EQ(Http::Code::OK, getCallback("/init_dump", header_map, response)); std::string output = response.toString(); // The expected value should be updated when ProtobufTypes::MessagePtr // AdminImpl::dumpListenerUnreadyTargets function includes more dump when mask has no value. const std::string expected_json = R"EOF({ "unready_targets_dumps": [ { "name": "init manager test_init_manager_1", "target_names": [ "target test_target_1" ] }, { "name": "init manager test_init_manager_2", "target_names": [ "target test_target_2" ] } ] } )EOF"; EXPECT_EQ(output, expected_json); } // Test Using /init_dump?listener to dump unready targets of listeners. TEST_P(AdminInstanceTest, ListenerUnreadyTargetsDump) { Buffer::OwnedImpl response; Http::TestResponseHeaderMapImpl header_map; Network::MockListenerConfig listener_1; Init::ManagerImpl init_manager_1{"test_init_manager_1"}; Init::TargetImpl target_1("test_target_1", nullptr); init_manager_1.add(target_1); EXPECT_CALL(listener_1, initManager()).WillOnce(ReturnRef(init_manager_1)); Network::MockListenerConfig listener_2; Init::ManagerImpl init_manager_2{"test_init_manager_2"}; Init::TargetImpl target_2("test_target_2", nullptr); init_manager_2.add(target_2); EXPECT_CALL(listener_2, initManager()).WillOnce(ReturnRef(init_manager_2)); MockListenerManager listener_manager; EXPECT_CALL(server_, listenerManager()).WillRepeatedly(ReturnRef(listener_manager)); std::vector> listeners; listeners.push_back(listener_1); listeners.push_back(listener_2); EXPECT_CALL(listener_manager, isWorkerStarted()).WillRepeatedly(Return(true)); EXPECT_CALL(listener_manager, listeners(_)).WillOnce(Return(listeners)); EXPECT_EQ(Http::Code::OK, getCallback("/init_dump?mask=listener", header_map, response)); std::string output = response.toString(); const std::string expected_json = R"EOF({ "unready_targets_dumps": [ { "name": "init manager test_init_manager_1", "target_names": [ "target test_target_1" ] }, { "name": "init manager test_init_manager_2", "target_names": [ "target test_target_2" ] } ] } )EOF"; EXPECT_EQ(output, expected_json); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/logs_handler_test.cc ================================================ #include "common/common/fancy_logger.h" #include "common/common/logger.h" #include "test/server/admin/admin_instance.h" namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminInstanceTest, ReopenLogs) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; testing::NiceMock access_log_manager_; EXPECT_CALL(server_, accessLogManager()).WillRepeatedly(ReturnRef(access_log_manager_)); EXPECT_CALL(access_log_manager_, reopen()); EXPECT_EQ(Http::Code::OK, postCallback("/reopen_logs", header_map, response)); } TEST_P(AdminInstanceTest, LogLevelSetting) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; // now for Envoy, w/o setting the mode FANCY_LOG(info, "Build the logger for this file."); Logger::Context::enableFancyLogger(); postCallback("/logging", header_map, response); FANCY_LOG(error, response.toString()); postCallback("/logging?level=warning", header_map, response); FANCY_LOG(warn, "After post 1: all level is warning now!"); EXPECT_EQ(getFancyContext().getFancyLogEntry(__FILE__)->level(), spdlog::level::warn); std::string query = fmt::format("/logging?{}=info", __FILE__); postCallback(query, header_map, response); FANCY_LOG(info, "After post 2: level for this file is info now!"); EXPECT_EQ(getFancyContext().getFancyLogEntry(__FILE__)->level(), spdlog::level::info); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/profiling_handler_test.cc ================================================ #include "common/profiler/profiler.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminInstanceTest, AdminCpuProfiler) { Buffer::OwnedImpl data; Http::TestResponseHeaderMapImpl header_map; // Can only get code coverage of AdminImpl::handlerCpuProfiler stopProfiler with // a real profiler linked in (successful call to startProfiler). #ifdef PROFILER_AVAILABLE EXPECT_EQ(Http::Code::OK, postCallback("/cpuprofiler?enable=y", header_map, data)); EXPECT_TRUE(Profiler::Cpu::profilerEnabled()); #else EXPECT_EQ(Http::Code::InternalServerError, postCallback("/cpuprofiler?enable=y", header_map, data)); EXPECT_FALSE(Profiler::Cpu::profilerEnabled()); #endif EXPECT_EQ(Http::Code::OK, postCallback("/cpuprofiler?enable=n", header_map, data)); EXPECT_FALSE(Profiler::Cpu::profilerEnabled()); } TEST_P(AdminInstanceTest, AdminHeapProfilerOnRepeatedRequest) { Buffer::OwnedImpl data; Http::TestResponseHeaderMapImpl header_map; auto repeatResultCode = Http::Code::BadRequest; #ifndef PROFILER_AVAILABLE repeatResultCode = Http::Code::NotImplemented; #endif postCallback("/heapprofiler?enable=y", header_map, data); EXPECT_EQ(repeatResultCode, postCallback("/heapprofiler?enable=y", header_map, data)); postCallback("/heapprofiler?enable=n", header_map, data); EXPECT_EQ(repeatResultCode, postCallback("/heapprofiler?enable=n", header_map, data)); } TEST_P(AdminInstanceTest, AdminHeapProfiler) { Buffer::OwnedImpl data; Http::TestResponseHeaderMapImpl header_map; // The below flow need to begin with the profiler not running Profiler::Heap::stopProfiler(); #ifdef PROFILER_AVAILABLE EXPECT_EQ(Http::Code::OK, postCallback("/heapprofiler?enable=y", header_map, data)); EXPECT_TRUE(Profiler::Heap::isProfilerStarted()); EXPECT_EQ(Http::Code::OK, postCallback("/heapprofiler?enable=n", header_map, data)); #else EXPECT_EQ(Http::Code::NotImplemented, postCallback("/heapprofiler?enable=y", header_map, data)); EXPECT_FALSE(Profiler::Heap::isProfilerStarted()); EXPECT_EQ(Http::Code::NotImplemented, postCallback("/heapprofiler?enable=n", header_map, data)); #endif EXPECT_FALSE(Profiler::Heap::isProfilerStarted()); } TEST_P(AdminInstanceTest, AdminBadProfiler) { Buffer::OwnedImpl data; AdminImpl admin_bad_profile_path(TestEnvironment::temporaryPath("some/unlikely/bad/path.prof"), server_); Http::TestResponseHeaderMapImpl header_map; const absl::string_view post = Http::Headers::get().MethodValues.Post; request_headers_.setMethod(post); admin_filter_.decodeHeaders(request_headers_, false); EXPECT_NO_LOGS(EXPECT_EQ(Http::Code::InternalServerError, admin_bad_profile_path.runCallback("/cpuprofiler?enable=y", header_map, data, admin_filter_))); EXPECT_FALSE(Profiler::Cpu::profilerEnabled()); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/prometheus_stats_test.cc ================================================ #include #include "server/admin/prometheus_stats.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/utility.h" using testing::NiceMock; using testing::ReturnRef; namespace Envoy { namespace Server { class HistogramWrapper { public: HistogramWrapper() : histogram_(hist_alloc()) {} ~HistogramWrapper() { hist_free(histogram_); } const histogram_t* getHistogram() { return histogram_; } void setHistogramValues(const std::vector& values) { for (uint64_t value : values) { hist_insert_intscale(histogram_, value, 0, 1); } } void setHistogramValuesWithCounts(const std::vector>& values) { for (std::pair cv : values) { hist_insert_intscale(histogram_, cv.first, 0, cv.second); } } private: histogram_t* histogram_; }; class PrometheusStatsFormatterTest : public testing::Test { protected: PrometheusStatsFormatterTest() : alloc_(*symbol_table_), pool_(*symbol_table_) {} ~PrometheusStatsFormatterTest() override { clearStorage(); } void addCounter(const std::string& name, Stats::StatNameTagVector cluster_tags) { Stats::StatNameManagedStorage name_storage(baseName(name, cluster_tags), *symbol_table_); Stats::StatNameManagedStorage tag_extracted_name_storage(name, *symbol_table_); counters_.push_back(alloc_.makeCounter(name_storage.statName(), tag_extracted_name_storage.statName(), cluster_tags)); } void addGauge(const std::string& name, Stats::StatNameTagVector cluster_tags) { Stats::StatNameManagedStorage name_storage(baseName(name, cluster_tags), *symbol_table_); Stats::StatNameManagedStorage tag_extracted_name_storage(name, *symbol_table_); gauges_.push_back(alloc_.makeGauge(name_storage.statName(), tag_extracted_name_storage.statName(), cluster_tags, Stats::Gauge::ImportMode::Accumulate)); } using MockHistogramSharedPtr = Stats::RefcountPtr>; void addHistogram(MockHistogramSharedPtr histogram) { histograms_.push_back(histogram); } MockHistogramSharedPtr makeHistogram(const std::string& name, Stats::StatNameTagVector cluster_tags) { auto histogram = MockHistogramSharedPtr(new NiceMock()); histogram->name_ = baseName(name, cluster_tags); histogram->setTagExtractedName(name); histogram->setTags(cluster_tags); histogram->used_ = true; return histogram; } Stats::StatName makeStat(absl::string_view name) { return pool_.add(name); } // Format tags into the name to create a unique stat_name for each name:tag combination. // If the same stat_name is passed to makeGauge() or makeCounter(), even with different // tags, a copy of the previous metric will be returned. std::string baseName(const std::string& name, Stats::StatNameTagVector cluster_tags) { std::string result = name; for (const auto& name_tag : cluster_tags) { result.append(fmt::format("<{}:{}>", symbol_table_->toString(name_tag.first), symbol_table_->toString(name_tag.second))); } return result; } void clearStorage() { pool_.clear(); counters_.clear(); gauges_.clear(); histograms_.clear(); EXPECT_EQ(0, symbol_table_->numSymbols()); } Stats::TestSymbolTable symbol_table_; Stats::AllocatorImpl alloc_; Stats::StatNamePool pool_; std::vector counters_; std::vector gauges_; std::vector histograms_; }; TEST_F(PrometheusStatsFormatterTest, MetricName) { std::string raw = "vulture.eats-liver"; std::string expected = "envoy_vulture_eats_liver"; auto actual = PrometheusStatsFormatter::metricName(raw); EXPECT_EQ(expected, actual); } TEST_F(PrometheusStatsFormatterTest, SanitizeMetricName) { std::string raw = "An.artist.plays-violin@019street"; std::string expected = "envoy_An_artist_plays_violin_019street"; auto actual = PrometheusStatsFormatter::metricName(raw); EXPECT_EQ(expected, actual); } TEST_F(PrometheusStatsFormatterTest, SanitizeMetricNameDigitFirst) { std::string raw = "3.artists.play-violin@019street"; std::string expected = "envoy_3_artists_play_violin_019street"; auto actual = PrometheusStatsFormatter::metricName(raw); EXPECT_EQ(expected, actual); } TEST_F(PrometheusStatsFormatterTest, NamespaceRegistry) { std::string raw = "vulture.eats-liver"; std::string expected = "vulture_eats_liver"; EXPECT_FALSE(PrometheusStatsFormatter::registerPrometheusNamespace("3vulture")); EXPECT_FALSE(PrometheusStatsFormatter::registerPrometheusNamespace(".vulture")); EXPECT_FALSE(PrometheusStatsFormatter::unregisterPrometheusNamespace("vulture")); EXPECT_TRUE(PrometheusStatsFormatter::registerPrometheusNamespace("vulture")); EXPECT_FALSE(PrometheusStatsFormatter::registerPrometheusNamespace("vulture")); EXPECT_EQ(expected, PrometheusStatsFormatter::metricName(raw)); EXPECT_TRUE(PrometheusStatsFormatter::unregisterPrometheusNamespace("vulture")); EXPECT_EQ("envoy_" + expected, PrometheusStatsFormatter::metricName(raw)); } TEST_F(PrometheusStatsFormatterTest, FormattedTags) { std::vector tags; Stats::Tag tag1 = {"a.tag-name", "a.tag-value"}; Stats::Tag tag2 = {"another_tag_name", "another_tag-value"}; tags.push_back(tag1); tags.push_back(tag2); std::string expected = "a_tag_name=\"a.tag-value\",another_tag_name=\"another_tag-value\""; auto actual = PrometheusStatsFormatter::formattedTags(tags); EXPECT_EQ(expected, actual); } TEST_F(PrometheusStatsFormatterTest, MetricNameCollison) { // Create two counters and two gauges with each pair having the same name, // but having different tag names and values. //`statsAsPrometheus()` should return two implying it found two unique stat names addCounter("cluster.test_cluster_1.upstream_cx_total", {{makeStat("a.tag-name"), makeStat("a.tag-value")}}); addCounter("cluster.test_cluster_1.upstream_cx_total", {{makeStat("another_tag_name"), makeStat("another_tag-value")}}); addGauge("cluster.test_cluster_2.upstream_cx_total", {{makeStat("another_tag_name_3"), makeStat("another_tag_3-value")}}); addGauge("cluster.test_cluster_2.upstream_cx_total", {{makeStat("another_tag_name_4"), makeStat("another_tag_4-value")}}); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(2UL, size); } TEST_F(PrometheusStatsFormatterTest, UniqueMetricName) { // Create two counters and two gauges, all with unique names. // statsAsPrometheus() should return four implying it found // four unique stat names. addCounter("cluster.test_cluster_1.upstream_cx_total", {{makeStat("a.tag-name"), makeStat("a.tag-value")}}); addCounter("cluster.test_cluster_2.upstream_cx_total", {{makeStat("another_tag_name"), makeStat("another_tag-value")}}); addGauge("cluster.test_cluster_3.upstream_cx_total", {{makeStat("another_tag_name_3"), makeStat("another_tag_3-value")}}); addGauge("cluster.test_cluster_4.upstream_cx_total", {{makeStat("another_tag_name_4"), makeStat("another_tag_4-value")}}); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(4UL, size); } TEST_F(PrometheusStatsFormatterTest, HistogramWithNoValuesAndNoTags) { HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(std::vector(0)); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram = makeHistogram("histogram1", {}); ON_CALL(*histogram, cumulativeStatistics()).WillByDefault(ReturnRef(h1_cumulative_statistics)); addHistogram(histogram); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(1UL, size); const std::string expected_output = R"EOF(# TYPE envoy_histogram1 histogram envoy_histogram1_bucket{le="0.5"} 0 envoy_histogram1_bucket{le="1"} 0 envoy_histogram1_bucket{le="5"} 0 envoy_histogram1_bucket{le="10"} 0 envoy_histogram1_bucket{le="25"} 0 envoy_histogram1_bucket{le="50"} 0 envoy_histogram1_bucket{le="100"} 0 envoy_histogram1_bucket{le="250"} 0 envoy_histogram1_bucket{le="500"} 0 envoy_histogram1_bucket{le="1000"} 0 envoy_histogram1_bucket{le="2500"} 0 envoy_histogram1_bucket{le="5000"} 0 envoy_histogram1_bucket{le="10000"} 0 envoy_histogram1_bucket{le="30000"} 0 envoy_histogram1_bucket{le="60000"} 0 envoy_histogram1_bucket{le="300000"} 0 envoy_histogram1_bucket{le="600000"} 0 envoy_histogram1_bucket{le="1800000"} 0 envoy_histogram1_bucket{le="3600000"} 0 envoy_histogram1_bucket{le="+Inf"} 0 envoy_histogram1_sum{} 0 envoy_histogram1_count{} 0 )EOF"; EXPECT_EQ(expected_output, response.toString()); } TEST_F(PrometheusStatsFormatterTest, HistogramWithNonDefaultBuckets) { HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(std::vector(0)); Stats::ConstSupportedBuckets buckets{10, 20}; Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram(), buckets); auto histogram = makeHistogram("histogram1", {}); ON_CALL(*histogram, cumulativeStatistics()).WillByDefault(ReturnRef(h1_cumulative_statistics)); addHistogram(histogram); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(1UL, size); const std::string expected_output = R"EOF(# TYPE envoy_histogram1 histogram envoy_histogram1_bucket{le="10"} 0 envoy_histogram1_bucket{le="20"} 0 envoy_histogram1_bucket{le="+Inf"} 0 envoy_histogram1_sum{} 0 envoy_histogram1_count{} 0 )EOF"; EXPECT_EQ(expected_output, response.toString()); } TEST_F(PrometheusStatsFormatterTest, HistogramWithHighCounts) { HistogramWrapper h1_cumulative; // Force large counts to prove that the +Inf bucket doesn't overflow to scientific notation. h1_cumulative.setHistogramValuesWithCounts(std::vector>({ {1, 100000}, {100, 1000000}, {1000, 100000000}, })); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram = makeHistogram("histogram1", {}); ON_CALL(*histogram, cumulativeStatistics()).WillByDefault(ReturnRef(h1_cumulative_statistics)); addHistogram(histogram); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(1UL, size); const std::string expected_output = R"EOF(# TYPE envoy_histogram1 histogram envoy_histogram1_bucket{le="0.5"} 0 envoy_histogram1_bucket{le="1"} 0 envoy_histogram1_bucket{le="5"} 100000 envoy_histogram1_bucket{le="10"} 100000 envoy_histogram1_bucket{le="25"} 100000 envoy_histogram1_bucket{le="50"} 100000 envoy_histogram1_bucket{le="100"} 100000 envoy_histogram1_bucket{le="250"} 1100000 envoy_histogram1_bucket{le="500"} 1100000 envoy_histogram1_bucket{le="1000"} 1100000 envoy_histogram1_bucket{le="2500"} 101100000 envoy_histogram1_bucket{le="5000"} 101100000 envoy_histogram1_bucket{le="10000"} 101100000 envoy_histogram1_bucket{le="30000"} 101100000 envoy_histogram1_bucket{le="60000"} 101100000 envoy_histogram1_bucket{le="300000"} 101100000 envoy_histogram1_bucket{le="600000"} 101100000 envoy_histogram1_bucket{le="1800000"} 101100000 envoy_histogram1_bucket{le="3600000"} 101100000 envoy_histogram1_bucket{le="+Inf"} 101100000 envoy_histogram1_sum{} 105105105000 envoy_histogram1_count{} 101100000 )EOF"; EXPECT_EQ(expected_output, response.toString()); } TEST_F(PrometheusStatsFormatterTest, OutputWithAllMetricTypes) { addCounter("cluster.test_1.upstream_cx_total", {{makeStat("a.tag-name"), makeStat("a.tag-value")}}); addCounter("cluster.test_2.upstream_cx_total", {{makeStat("another_tag_name"), makeStat("another_tag-value")}}); addGauge("cluster.test_3.upstream_cx_total", {{makeStat("another_tag_name_3"), makeStat("another_tag_3-value")}}); addGauge("cluster.test_4.upstream_cx_total", {{makeStat("another_tag_name_4"), makeStat("another_tag_4-value")}}); const std::vector h1_values = {50, 20, 30, 70, 100, 5000, 200}; HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(h1_values); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram1 = makeHistogram("cluster.test_1.upstream_rq_time", {{makeStat("key1"), makeStat("value1")}, {makeStat("key2"), makeStat("value2")}}); histogram1->unit_ = Stats::Histogram::Unit::Milliseconds; addHistogram(histogram1); EXPECT_CALL(*histogram1, cumulativeStatistics()).WillOnce(ReturnRef(h1_cumulative_statistics)); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(5UL, size); const std::string expected_output = R"EOF(# TYPE envoy_cluster_test_1_upstream_cx_total counter envoy_cluster_test_1_upstream_cx_total{a_tag_name="a.tag-value"} 0 # TYPE envoy_cluster_test_2_upstream_cx_total counter envoy_cluster_test_2_upstream_cx_total{another_tag_name="another_tag-value"} 0 # TYPE envoy_cluster_test_3_upstream_cx_total gauge envoy_cluster_test_3_upstream_cx_total{another_tag_name_3="another_tag_3-value"} 0 # TYPE envoy_cluster_test_4_upstream_cx_total gauge envoy_cluster_test_4_upstream_cx_total{another_tag_name_4="another_tag_4-value"} 0 # TYPE envoy_cluster_test_1_upstream_rq_time histogram envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="0.5"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="5"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="10"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="25"} 1 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="50"} 2 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="100"} 4 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="250"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="500"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1000"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="2500"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="5000"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="10000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="30000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="60000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="300000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="600000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1800000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="3600000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="+Inf"} 7 envoy_cluster_test_1_upstream_rq_time_sum{key1="value1",key2="value2"} 5532 envoy_cluster_test_1_upstream_rq_time_count{key1="value1",key2="value2"} 7 )EOF"; EXPECT_EQ(expected_output, response.toString()); } // Test that output groups all metrics of the same name (with different tags) together, // as required by the Prometheus exposition format spec. Additionally, groups of metrics // should be sorted by their tags; the format specifies that it is preferred that metrics // are always grouped in the same order, and sorting is an easy way to ensure this. TEST_F(PrometheusStatsFormatterTest, OutputSortedByMetricName) { const std::vector h1_values = {50, 20, 30, 70, 100, 5000, 200}; HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(h1_values); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); // Create the 3 clusters in non-sorted order to exercise the sorting. // Create two of each metric type (counter, gauge, histogram) so that // the output for each needs to be collected together. for (const char* cluster : {"ccc", "aaa", "bbb"}) { const Stats::StatNameTagVector tags{{makeStat("cluster"), makeStat(cluster)}}; addCounter("cluster.upstream_cx_total", tags); addCounter("cluster.upstream_cx_connect_fail", tags); addGauge("cluster.upstream_cx_active", tags); addGauge("cluster.upstream_rq_active", tags); for (const char* hist_name : {"cluster.upstream_rq_time", "cluster.upstream_response_time"}) { auto histogram1 = makeHistogram(hist_name, tags); histogram1->unit_ = Stats::Histogram::Unit::Milliseconds; addHistogram(histogram1); EXPECT_CALL(*histogram1, cumulativeStatistics()) .WillOnce(ReturnRef(h1_cumulative_statistics)); } } Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, false, absl::nullopt); EXPECT_EQ(6UL, size); const std::string expected_output = R"EOF(# TYPE envoy_cluster_upstream_cx_connect_fail counter envoy_cluster_upstream_cx_connect_fail{cluster="aaa"} 0 envoy_cluster_upstream_cx_connect_fail{cluster="bbb"} 0 envoy_cluster_upstream_cx_connect_fail{cluster="ccc"} 0 # TYPE envoy_cluster_upstream_cx_total counter envoy_cluster_upstream_cx_total{cluster="aaa"} 0 envoy_cluster_upstream_cx_total{cluster="bbb"} 0 envoy_cluster_upstream_cx_total{cluster="ccc"} 0 # TYPE envoy_cluster_upstream_cx_active gauge envoy_cluster_upstream_cx_active{cluster="aaa"} 0 envoy_cluster_upstream_cx_active{cluster="bbb"} 0 envoy_cluster_upstream_cx_active{cluster="ccc"} 0 # TYPE envoy_cluster_upstream_rq_active gauge envoy_cluster_upstream_rq_active{cluster="aaa"} 0 envoy_cluster_upstream_rq_active{cluster="bbb"} 0 envoy_cluster_upstream_rq_active{cluster="ccc"} 0 # TYPE envoy_cluster_upstream_response_time histogram envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="0.5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="1"} 0 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="10"} 0 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="25"} 1 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="50"} 2 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="100"} 4 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="250"} 6 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="1000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="2500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="5000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="10000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="30000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="60000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="300000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="1800000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="3600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="aaa",le="+Inf"} 7 envoy_cluster_upstream_response_time_sum{cluster="aaa"} 5532 envoy_cluster_upstream_response_time_count{cluster="aaa"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="0.5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="1"} 0 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="10"} 0 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="25"} 1 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="50"} 2 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="100"} 4 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="250"} 6 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="1000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="2500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="5000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="10000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="30000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="60000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="300000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="1800000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="3600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="bbb",le="+Inf"} 7 envoy_cluster_upstream_response_time_sum{cluster="bbb"} 5532 envoy_cluster_upstream_response_time_count{cluster="bbb"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="0.5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="1"} 0 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="5"} 0 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="10"} 0 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="25"} 1 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="50"} 2 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="100"} 4 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="250"} 6 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="1000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="2500"} 6 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="5000"} 6 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="10000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="30000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="60000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="300000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="1800000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="3600000"} 7 envoy_cluster_upstream_response_time_bucket{cluster="ccc",le="+Inf"} 7 envoy_cluster_upstream_response_time_sum{cluster="ccc"} 5532 envoy_cluster_upstream_response_time_count{cluster="ccc"} 7 # TYPE envoy_cluster_upstream_rq_time histogram envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="0.5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="1"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="10"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="25"} 1 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="50"} 2 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="100"} 4 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="250"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="1000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="2500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="5000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="10000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="30000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="60000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="300000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="1800000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="3600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="aaa",le="+Inf"} 7 envoy_cluster_upstream_rq_time_sum{cluster="aaa"} 5532 envoy_cluster_upstream_rq_time_count{cluster="aaa"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="0.5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="1"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="10"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="25"} 1 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="50"} 2 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="100"} 4 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="250"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="1000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="2500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="5000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="10000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="30000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="60000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="300000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="1800000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="3600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="bbb",le="+Inf"} 7 envoy_cluster_upstream_rq_time_sum{cluster="bbb"} 5532 envoy_cluster_upstream_rq_time_count{cluster="bbb"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="0.5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="1"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="5"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="10"} 0 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="25"} 1 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="50"} 2 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="100"} 4 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="250"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="1000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="2500"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="5000"} 6 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="10000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="30000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="60000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="300000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="1800000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="3600000"} 7 envoy_cluster_upstream_rq_time_bucket{cluster="ccc",le="+Inf"} 7 envoy_cluster_upstream_rq_time_sum{cluster="ccc"} 5532 envoy_cluster_upstream_rq_time_count{cluster="ccc"} 7 )EOF"; EXPECT_EQ(expected_output, response.toString()); } TEST_F(PrometheusStatsFormatterTest, OutputWithUsedOnly) { addCounter("cluster.test_1.upstream_cx_total", {{makeStat("a.tag-name"), makeStat("a.tag-value")}}); addCounter("cluster.test_2.upstream_cx_total", {{makeStat("another_tag_name"), makeStat("another_tag-value")}}); addGauge("cluster.test_3.upstream_cx_total", {{makeStat("another_tag_name_3"), makeStat("another_tag_3-value")}}); addGauge("cluster.test_4.upstream_cx_total", {{makeStat("another_tag_name_4"), makeStat("another_tag_4-value")}}); const std::vector h1_values = {50, 20, 30, 70, 100, 5000, 200}; HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(h1_values); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram1 = makeHistogram("cluster.test_1.upstream_rq_time", {{makeStat("key1"), makeStat("value1")}, {makeStat("key2"), makeStat("value2")}}); histogram1->unit_ = Stats::Histogram::Unit::Milliseconds; addHistogram(histogram1); EXPECT_CALL(*histogram1, cumulativeStatistics()).WillOnce(ReturnRef(h1_cumulative_statistics)); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, true, absl::nullopt); EXPECT_EQ(1UL, size); const std::string expected_output = R"EOF(# TYPE envoy_cluster_test_1_upstream_rq_time histogram envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="0.5"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="5"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="10"} 0 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="25"} 1 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="50"} 2 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="100"} 4 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="250"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="500"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1000"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="2500"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="5000"} 6 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="10000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="30000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="60000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="300000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="600000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="1800000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="3600000"} 7 envoy_cluster_test_1_upstream_rq_time_bucket{key1="value1",key2="value2",le="+Inf"} 7 envoy_cluster_test_1_upstream_rq_time_sum{key1="value1",key2="value2"} 5532 envoy_cluster_test_1_upstream_rq_time_count{key1="value1",key2="value2"} 7 )EOF"; EXPECT_EQ(expected_output, response.toString()); } TEST_F(PrometheusStatsFormatterTest, OutputWithUsedOnlyHistogram) { const std::vector h1_values = {}; HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(h1_values); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram1 = makeHistogram("cluster.test_1.upstream_rq_time", {{makeStat("key1"), makeStat("value1")}, {makeStat("key2"), makeStat("value2")}}); histogram1->unit_ = Stats::Histogram::Unit::Milliseconds; histogram1->used_ = false; addHistogram(histogram1); { const bool used_only = true; EXPECT_CALL(*histogram1, cumulativeStatistics()).Times(0); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, used_only, absl::nullopt); EXPECT_EQ(0UL, size); } { const bool used_only = false; EXPECT_CALL(*histogram1, cumulativeStatistics()).WillOnce(ReturnRef(h1_cumulative_statistics)); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus(counters_, gauges_, histograms_, response, used_only, absl::nullopt); EXPECT_EQ(1UL, size); } } TEST_F(PrometheusStatsFormatterTest, OutputWithRegexp) { addCounter("cluster.test_1.upstream_cx_total", {{makeStat("a.tag-name"), makeStat("a.tag-value")}}); addCounter("cluster.test_2.upstream_cx_total", {{makeStat("another_tag_name"), makeStat("another_tag-value")}}); addGauge("cluster.test_3.upstream_cx_total", {{makeStat("another_tag_name_3"), makeStat("another_tag_3-value")}}); addGauge("cluster.test_4.upstream_cx_total", {{makeStat("another_tag_name_4"), makeStat("another_tag_4-value")}}); const std::vector h1_values = {50, 20, 30, 70, 100, 5000, 200}; HistogramWrapper h1_cumulative; h1_cumulative.setHistogramValues(h1_values); Stats::HistogramStatisticsImpl h1_cumulative_statistics(h1_cumulative.getHistogram()); auto histogram1 = makeHistogram("cluster.test_1.upstream_rq_time", {{makeStat("key1"), makeStat("value1")}, {makeStat("key2"), makeStat("value2")}}); histogram1->unit_ = Stats::Histogram::Unit::Milliseconds; addHistogram(histogram1); Buffer::OwnedImpl response; auto size = PrometheusStatsFormatter::statsAsPrometheus( counters_, gauges_, histograms_, response, false, absl::optional{std::regex("cluster.test_1.upstream_cx_total")}); EXPECT_EQ(1UL, size); const std::string expected_output = R"EOF(# TYPE envoy_cluster_test_1_upstream_cx_total counter envoy_cluster_test_1_upstream_cx_total{a_tag_name="a.tag-value"} 0 )EOF"; EXPECT_EQ(expected_output, response.toString()); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/runtime_handler_test.cc ================================================ #include "test/server/admin/admin_instance.h" namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminInstanceTest, Runtime) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; Runtime::MockSnapshot snapshot; Runtime::MockLoader loader; auto layer1 = std::make_unique>(); auto layer2 = std::make_unique>(); Runtime::Snapshot::EntryMap entries2{{"string_key", {"override", {}, {}, {}, {}}}, {"extra_key", {"bar", {}, {}, {}, {}}}}; Runtime::Snapshot::EntryMap entries1{{"string_key", {"foo", {}, {}, {}, {}}}, {"int_key", {"1", 1, {}, {}, {}}}, {"other_key", {"bar", {}, {}, {}, {}}}}; ON_CALL(*layer1, name()).WillByDefault(testing::ReturnRefOfCopy(std::string{"layer1"})); ON_CALL(*layer1, values()).WillByDefault(testing::ReturnRef(entries1)); ON_CALL(*layer2, name()).WillByDefault(testing::ReturnRefOfCopy(std::string{"layer2"})); ON_CALL(*layer2, values()).WillByDefault(testing::ReturnRef(entries2)); std::vector layers; layers.push_back(std::move(layer1)); layers.push_back(std::move(layer2)); EXPECT_CALL(snapshot, getLayers()).WillRepeatedly(testing::ReturnRef(layers)); const std::string expected_json = R"EOF({ "layers": [ "layer1", "layer2" ], "entries": { "extra_key": { "layer_values": [ "", "bar" ], "final_value": "bar" }, "int_key": { "layer_values": [ "1", "" ], "final_value": "1" }, "other_key": { "layer_values": [ "bar", "" ], "final_value": "bar" }, "string_key": { "layer_values": [ "foo", "override" ], "final_value": "override" } } })EOF"; EXPECT_CALL(loader, snapshot()).WillRepeatedly(testing::ReturnPointee(&snapshot)); EXPECT_CALL(server_, runtime()).WillRepeatedly(testing::ReturnPointee(&loader)); EXPECT_EQ(Http::Code::OK, getCallback("/runtime", header_map, response)); EXPECT_THAT(expected_json, JsonStringEq(response.toString())); } TEST_P(AdminInstanceTest, RuntimeModify) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; Runtime::MockLoader loader; EXPECT_CALL(server_, runtime()).WillRepeatedly(testing::ReturnPointee(&loader)); absl::node_hash_map overrides; overrides["foo"] = "bar"; overrides["x"] = "42"; overrides["nothing"] = ""; EXPECT_CALL(loader, mergeValues(overrides)).Times(1); EXPECT_EQ(Http::Code::OK, postCallback("/runtime_modify?foo=bar&x=42¬hing=", header_map, response)); EXPECT_EQ("OK\n", response.toString()); } TEST_P(AdminInstanceTest, RuntimeModifyParamsInBody) { Runtime::MockLoader loader; EXPECT_CALL(server_, runtime()).WillRepeatedly(testing::ReturnPointee(&loader)); const std::string key = "routing.traffic_shift.foo"; const std::string value = "numerator: 1\ndenominator: TEN_THOUSAND\n"; const absl::node_hash_map overrides = {{key, value}}; EXPECT_CALL(loader, mergeValues(overrides)).Times(1); const std::string body = fmt::format("{}={}", key, value); Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; EXPECT_EQ(Http::Code::OK, runCallback("/runtime_modify", header_map, response, "POST", body)); EXPECT_EQ("OK\n", response.toString()); } TEST_P(AdminInstanceTest, RuntimeModifyNoArguments) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; EXPECT_EQ(Http::Code::BadRequest, postCallback("/runtime_modify", header_map, response)); EXPECT_TRUE(absl::StartsWith(response.toString(), "usage:")); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/server_info_handler_test.cc ================================================ #include "envoy/admin/v3/memory.pb.h" #include "extensions/transport_sockets/tls/context_config_impl.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" #include "test/test_common/test_runtime.h" using testing::Ge; using testing::HasSubstr; using testing::Property; using testing::Return; namespace Envoy { namespace Server { INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminInstanceTest, ContextThatReturnsNullCertDetails) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; // Setup a context that returns null cert details. testing::NiceMock factory_context; envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext config; Extensions::TransportSockets::Tls::ClientContextConfigImpl cfg(config, factory_context); Stats::IsolatedStoreImpl store; Envoy::Ssl::ClientContextSharedPtr client_ctx( server_.sslContextManager().createSslClientContext(store, cfg)); const std::string expected_empty_json = R"EOF({ "certificates": [ { "ca_cert": [], "cert_chain": [] } ] } )EOF"; // Validate that cert details are null and /certs handles it correctly. EXPECT_EQ(nullptr, client_ctx->getCaCertInformation()); EXPECT_TRUE(client_ctx->getCertChainInformation().empty()); EXPECT_EQ(Http::Code::OK, getCallback("/certs", header_map, response)); EXPECT_EQ(expected_empty_json, response.toString()); } TEST_P(AdminInstanceTest, Memory) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl response; EXPECT_EQ(Http::Code::OK, getCallback("/memory", header_map, response)); const std::string output_json = response.toString(); envoy::admin::v3::Memory output_proto; TestUtility::loadFromJson(output_json, output_proto); EXPECT_THAT(output_proto, AllOf(Property(&envoy::admin::v3::Memory::allocated, Ge(0)), Property(&envoy::admin::v3::Memory::heap_size, Ge(0)), Property(&envoy::admin::v3::Memory::pageheap_unmapped, Ge(0)), Property(&envoy::admin::v3::Memory::pageheap_free, Ge(0)), Property(&envoy::admin::v3::Memory::total_thread_cache, Ge(0)))); } TEST_P(AdminInstanceTest, GetReadyRequest) { NiceMock initManager; ON_CALL(server_, initManager()).WillByDefault(ReturnRef(initManager)); { Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Initialized)); EXPECT_EQ(Http::Code::OK, admin_.request("/ready", "GET", response_headers, body)); EXPECT_EQ(body, "LIVE\n"); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("text/plain")); } { Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Uninitialized)); EXPECT_EQ(Http::Code::ServiceUnavailable, admin_.request("/ready", "GET", response_headers, body)); EXPECT_EQ(body, "PRE_INITIALIZING\n"); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("text/plain")); } Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Initializing)); EXPECT_EQ(Http::Code::ServiceUnavailable, admin_.request("/ready", "GET", response_headers, body)); EXPECT_EQ(body, "INITIALIZING\n"); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("text/plain")); } TEST_P(AdminInstanceTest, GetRequest) { NiceMock local_info; EXPECT_CALL(server_, localInfo()).WillRepeatedly(ReturnRef(local_info)); EXPECT_CALL(server_.options_, toCommandLineOptions()).WillRepeatedly(Invoke([&local_info] { Server::CommandLineOptionsPtr command_line_options = std::make_unique(); command_line_options->set_restart_epoch(2); command_line_options->set_service_cluster(local_info.clusterName()); return command_line_options; })); NiceMock initManager; ON_CALL(server_, initManager()).WillByDefault(ReturnRef(initManager)); ON_CALL(server_.hot_restart_, version()).WillByDefault(Return("foo_version")); { Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Initialized)); EXPECT_EQ(Http::Code::OK, admin_.request("/server_info", "GET", response_headers, body)); envoy::admin::v3::ServerInfo server_info_proto; EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("application/json")); // We only test that it parses as the proto and that some fields are correct, since // values such as timestamps + Envoy version are tricky to test for. TestUtility::loadFromJson(body, server_info_proto); EXPECT_EQ(server_info_proto.state(), envoy::admin::v3::ServerInfo::LIVE); EXPECT_EQ(server_info_proto.hot_restart_version(), "foo_version"); EXPECT_EQ(server_info_proto.command_line_options().restart_epoch(), 2); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), local_info.clusterName()); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), server_info_proto.node().cluster()); EXPECT_EQ(server_info_proto.command_line_options().service_node(), ""); EXPECT_EQ(server_info_proto.command_line_options().service_zone(), ""); EXPECT_EQ(server_info_proto.node().id(), local_info.nodeName()); EXPECT_EQ(server_info_proto.node().locality().zone(), local_info.zoneName()); } { Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Uninitialized)); EXPECT_EQ(Http::Code::OK, admin_.request("/server_info", "GET", response_headers, body)); envoy::admin::v3::ServerInfo server_info_proto; EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("application/json")); // We only test that it parses as the proto and that some fields are correct, since // values such as timestamps + Envoy version are tricky to test for. TestUtility::loadFromJson(body, server_info_proto); EXPECT_EQ(server_info_proto.state(), envoy::admin::v3::ServerInfo::PRE_INITIALIZING); EXPECT_EQ(server_info_proto.command_line_options().restart_epoch(), 2); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), local_info.clusterName()); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), server_info_proto.node().cluster()); EXPECT_EQ(server_info_proto.command_line_options().service_node(), ""); EXPECT_EQ(server_info_proto.command_line_options().service_zone(), ""); EXPECT_EQ(server_info_proto.node().id(), local_info.nodeName()); EXPECT_EQ(server_info_proto.node().locality().zone(), local_info.zoneName()); } Http::TestResponseHeaderMapImpl response_headers; std::string body; ON_CALL(initManager, state()).WillByDefault(Return(Init::Manager::State::Initializing)); EXPECT_EQ(Http::Code::OK, admin_.request("/server_info", "GET", response_headers, body)); envoy::admin::v3::ServerInfo server_info_proto; EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("application/json")); // We only test that it parses as the proto and that some fields are correct, since // values such as timestamps + Envoy version are tricky to test for. TestUtility::loadFromJson(body, server_info_proto); EXPECT_EQ(server_info_proto.state(), envoy::admin::v3::ServerInfo::INITIALIZING); EXPECT_EQ(server_info_proto.command_line_options().restart_epoch(), 2); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), local_info.clusterName()); EXPECT_EQ(server_info_proto.command_line_options().service_cluster(), server_info_proto.node().cluster()); EXPECT_EQ(server_info_proto.command_line_options().service_node(), ""); EXPECT_EQ(server_info_proto.command_line_options().service_zone(), ""); EXPECT_EQ(server_info_proto.node().id(), local_info.nodeName()); EXPECT_EQ(server_info_proto.node().locality().zone(), local_info.zoneName()); } TEST_P(AdminInstanceTest, PostRequest) { // Load TestScopedRuntime to suppress warnings related to runtime features. TestScopedRuntime scoped_runtime; Http::TestResponseHeaderMapImpl response_headers; std::string body; EXPECT_NO_LOGS(EXPECT_EQ(Http::Code::OK, admin_.request("/healthcheck/fail", "POST", response_headers, body))); EXPECT_EQ(body, "OK\n"); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("text/plain")); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/admin/stats_handler_test.cc ================================================ #include #include "common/stats/thread_local_store.h" #include "server/admin/stats_handler.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" using testing::EndsWith; using testing::HasSubstr; using testing::InSequence; using testing::Ref; using testing::StartsWith; namespace Envoy { namespace Server { class AdminStatsTest : public testing::TestWithParam { public: AdminStatsTest() : alloc_(symbol_table_) { store_ = std::make_unique(alloc_); store_->addSink(sink_); } static std::string statsAsJsonHandler(std::map& all_stats, std::map& all_text_readouts, const std::vector& all_histograms, const bool used_only, const absl::optional regex = absl::nullopt) { return StatsHandler::statsAsJson(all_stats, all_text_readouts, all_histograms, used_only, regex, true /*pretty_print*/); } Stats::SymbolTableImpl symbol_table_; NiceMock main_thread_dispatcher_; NiceMock tls_; Stats::AllocatorImpl alloc_; Stats::MockSink sink_; Stats::ThreadLocalStoreImplPtr store_; }; INSTANTIATE_TEST_SUITE_P(IpVersions, AdminStatsTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminStatsTest, StatsAsJson) { InSequence s; store_->initializeThreading(main_thread_dispatcher_, tls_); Stats::Histogram& h1 = store_->histogramFromString("h1", Stats::Histogram::Unit::Unspecified); Stats::Histogram& h2 = store_->histogramFromString("h2", Stats::Histogram::Unit::Unspecified); EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 200)); h1.recordValue(200); EXPECT_CALL(sink_, onHistogramComplete(Ref(h2), 100)); h2.recordValue(100); store_->mergeHistograms([]() -> void {}); // Again record a new value in h1 so that it has both interval and cumulative values. // h2 should only have cumulative values. EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 100)); h1.recordValue(100); store_->mergeHistograms([]() -> void {}); std::vector histograms = store_->histograms(); std::sort(histograms.begin(), histograms.end(), [](const Stats::ParentHistogramSharedPtr& a, const Stats::ParentHistogramSharedPtr& b) -> bool { return a->name() < b->name(); }); std::map all_stats; std::map all_text_readouts; std::string actual_json = statsAsJsonHandler(all_stats, all_text_readouts, histograms, false); const std::string expected_json = R"EOF({ "stats": [ { "histograms": { "supported_quantiles": [ 0.0, 25.0, 50.0, 75.0, 90.0, 95.0, 99.0, 99.5, 99.9, 100.0 ], "computed_quantiles": [ { "name": "h1", "values": [ { "interval": 100.0, "cumulative": 100.0 }, { "interval": 102.5, "cumulative": 105.0 }, { "interval": 105.0, "cumulative": 110.0 }, { "interval": 107.5, "cumulative": 205.0 }, { "interval": 109.0, "cumulative": 208.0 }, { "interval": 109.5, "cumulative": 209.0 }, { "interval": 109.9, "cumulative": 209.8 }, { "interval": 109.95, "cumulative": 209.9 }, { "interval": 109.99, "cumulative": 209.98 }, { "interval": 110.0, "cumulative": 210.0 } ] }, { "name": "h2", "values": [ { "interval": null, "cumulative": 100.0 }, { "interval": null, "cumulative": 102.5 }, { "interval": null, "cumulative": 105.0 }, { "interval": null, "cumulative": 107.5 }, { "interval": null, "cumulative": 109.0 }, { "interval": null, "cumulative": 109.5 }, { "interval": null, "cumulative": 109.9 }, { "interval": null, "cumulative": 109.95 }, { "interval": null, "cumulative": 109.99 }, { "interval": null, "cumulative": 110.0 } ] } ] } } ] })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); store_->shutdownThreading(); } TEST_P(AdminStatsTest, UsedOnlyStatsAsJson) { InSequence s; store_->initializeThreading(main_thread_dispatcher_, tls_); Stats::Histogram& h1 = store_->histogramFromString("h1", Stats::Histogram::Unit::Unspecified); Stats::Histogram& h2 = store_->histogramFromString("h2", Stats::Histogram::Unit::Unspecified); EXPECT_EQ("h1", h1.name()); EXPECT_EQ("h2", h2.name()); EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 200)); h1.recordValue(200); store_->mergeHistograms([]() -> void {}); // Again record a new value in h1 so that it has both interval and cumulative values. // h2 should only have cumulative values. EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 100)); h1.recordValue(100); store_->mergeHistograms([]() -> void {}); std::map all_stats; std::map all_text_readouts; std::string actual_json = statsAsJsonHandler(all_stats, all_text_readouts, store_->histograms(), true); // Expected JSON should not have h2 values as it is not used. const std::string expected_json = R"EOF({ "stats": [ { "histograms": { "supported_quantiles": [ 0.0, 25.0, 50.0, 75.0, 90.0, 95.0, 99.0, 99.5, 99.9, 100.0 ], "computed_quantiles": [ { "name": "h1", "values": [ { "interval": 100.0, "cumulative": 100.0 }, { "interval": 102.5, "cumulative": 105.0 }, { "interval": 105.0, "cumulative": 110.0 }, { "interval": 107.5, "cumulative": 205.0 }, { "interval": 109.0, "cumulative": 208.0 }, { "interval": 109.5, "cumulative": 209.0 }, { "interval": 109.9, "cumulative": 209.8 }, { "interval": 109.95, "cumulative": 209.9 }, { "interval": 109.99, "cumulative": 209.98 }, { "interval": 110.0, "cumulative": 210.0 } ] } ] } } ] })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); store_->shutdownThreading(); } TEST_P(AdminStatsTest, StatsAsJsonFilterString) { InSequence s; store_->initializeThreading(main_thread_dispatcher_, tls_); Stats::Histogram& h1 = store_->histogramFromString("h1", Stats::Histogram::Unit::Unspecified); Stats::Histogram& h2 = store_->histogramFromString("h2", Stats::Histogram::Unit::Unspecified); EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 200)); h1.recordValue(200); EXPECT_CALL(sink_, onHistogramComplete(Ref(h2), 100)); h2.recordValue(100); store_->mergeHistograms([]() -> void {}); // Again record a new value in h1 so that it has both interval and cumulative values. // h2 should only have cumulative values. EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 100)); h1.recordValue(100); store_->mergeHistograms([]() -> void {}); std::map all_stats; std::map all_text_readouts; std::string actual_json = statsAsJsonHandler(all_stats, all_text_readouts, store_->histograms(), false, absl::optional{std::regex("[a-z]1")}); // Because this is a filter case, we don't expect to see any stats except for those containing // "h1" in their name. const std::string expected_json = R"EOF({ "stats": [ { "histograms": { "supported_quantiles": [ 0.0, 25.0, 50.0, 75.0, 90.0, 95.0, 99.0, 99.5, 99.9, 100.0 ], "computed_quantiles": [ { "name": "h1", "values": [ { "interval": 100.0, "cumulative": 100.0 }, { "interval": 102.5, "cumulative": 105.0 }, { "interval": 105.0, "cumulative": 110.0 }, { "interval": 107.5, "cumulative": 205.0 }, { "interval": 109.0, "cumulative": 208.0 }, { "interval": 109.5, "cumulative": 209.0 }, { "interval": 109.9, "cumulative": 209.8 }, { "interval": 109.95, "cumulative": 209.9 }, { "interval": 109.99, "cumulative": 209.98 }, { "interval": 110.0, "cumulative": 210.0 } ] } ] } } ] })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); store_->shutdownThreading(); } TEST_P(AdminStatsTest, UsedOnlyStatsAsJsonFilterString) { InSequence s; store_->initializeThreading(main_thread_dispatcher_, tls_); Stats::Histogram& h1 = store_->histogramFromString( "h1_matches", Stats::Histogram::Unit::Unspecified); // Will match, be used, and print Stats::Histogram& h2 = store_->histogramFromString( "h2_matches", Stats::Histogram::Unit::Unspecified); // Will match but not be used Stats::Histogram& h3 = store_->histogramFromString( "h3_not", Stats::Histogram::Unit::Unspecified); // Will be used but not match EXPECT_EQ("h1_matches", h1.name()); EXPECT_EQ("h2_matches", h2.name()); EXPECT_EQ("h3_not", h3.name()); EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 200)); h1.recordValue(200); EXPECT_CALL(sink_, onHistogramComplete(Ref(h3), 200)); h3.recordValue(200); store_->mergeHistograms([]() -> void {}); // Again record a new value in h1 and h3 so that they have both interval and cumulative values. // h2 should only have cumulative values. EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 100)); h1.recordValue(100); EXPECT_CALL(sink_, onHistogramComplete(Ref(h3), 100)); h3.recordValue(100); store_->mergeHistograms([]() -> void {}); std::map all_stats; std::map all_text_readouts; std::string actual_json = statsAsJsonHandler(all_stats, all_text_readouts, store_->histograms(), true, absl::optional{std::regex("h[12]")}); // Expected JSON should not have h2 values as it is not used, and should not have h3 values as // they are used but do not match. const std::string expected_json = R"EOF({ "stats": [ { "histograms": { "supported_quantiles": [ 0.0, 25.0, 50.0, 75.0, 90.0, 95.0, 99.0, 99.5, 99.9, 100.0 ], "computed_quantiles": [ { "name": "h1_matches", "values": [ { "interval": 100.0, "cumulative": 100.0 }, { "interval": 102.5, "cumulative": 105.0 }, { "interval": 105.0, "cumulative": 110.0 }, { "interval": 107.5, "cumulative": 205.0 }, { "interval": 109.0, "cumulative": 208.0 }, { "interval": 109.5, "cumulative": 209.0 }, { "interval": 109.9, "cumulative": 209.8 }, { "interval": 109.95, "cumulative": 209.9 }, { "interval": 109.99, "cumulative": 209.98 }, { "interval": 110.0, "cumulative": 210.0 } ] } ] } } ] })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); store_->shutdownThreading(); } INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); TEST_P(AdminInstanceTest, StatsInvalidRegex) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl data; EXPECT_LOG_CONTAINS( "error", "Invalid regex: ", EXPECT_EQ(Http::Code::BadRequest, getCallback("/stats?filter=*.test", header_map, data))); // Note: depending on the library, the detailed error message might be one of: // "One of *?+{ was not preceded by a valid regular expression." // "regex_error" // but we always precede by 'Invalid regex: "'. EXPECT_THAT(data.toString(), StartsWith("Invalid regex: \"")); EXPECT_THAT(data.toString(), EndsWith("\"\n")); } TEST_P(AdminInstanceTest, PrometheusStatsInvalidRegex) { Http::TestResponseHeaderMapImpl header_map; Buffer::OwnedImpl data; EXPECT_LOG_CONTAINS( "error", ": *.ptest", EXPECT_EQ(Http::Code::BadRequest, getCallback("/stats?format=prometheus&filter=*.ptest", header_map, data))); // Note: depending on the library, the detailed error message might be one of: // "One of *?+{ was not preceded by a valid regular expression." // "regex_error" // but we always precede by 'Invalid regex: "'. EXPECT_THAT(data.toString(), StartsWith("Invalid regex: \"")); EXPECT_THAT(data.toString(), EndsWith("\"\n")); } TEST_P(AdminInstanceTest, TracingStatsDisabled) { const std::string& name = admin_.tracingStats().service_forced_.name(); for (const Stats::CounterSharedPtr& counter : server_.stats().counters()) { EXPECT_NE(counter->name(), name) << "Unexpected tracing stat found in server stats: " << name; } } TEST_P(AdminInstanceTest, GetRequestJson) { Http::TestResponseHeaderMapImpl response_headers; std::string body; EXPECT_EQ(Http::Code::OK, admin_.request("/stats?format=json", "GET", response_headers, body)); EXPECT_THAT(body, HasSubstr("{\"stats\":[")); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("application/json")); } TEST_P(AdminInstanceTest, RecentLookups) { Http::TestResponseHeaderMapImpl response_headers; std::string body; // Recent lookup tracking is disabled by default. EXPECT_EQ(Http::Code::OK, admin_.request("/stats/recentlookups", "GET", response_headers, body)); EXPECT_THAT(body, HasSubstr("Lookup tracking is not enabled")); EXPECT_THAT(std::string(response_headers.getContentTypeValue()), HasSubstr("text/plain")); // We can't test RecentLookups in admin unit tests as it doesn't work with a // fake symbol table. However we cover this solidly in integration tests. } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/api_listener_test.cc ================================================ #include #include "envoy/config/listener/v3/listener.pb.h" #include "server/api_listener_impl.h" #include "server/listener_manager_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/listener_component_factory.h" #include "test/mocks/server/worker.h" #include "test/mocks/server/worker_factory.h" #include "test/server/utility.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Server { class ApiListenerTest : public testing::Test { protected: ApiListenerTest() : listener_manager_(std::make_unique(server_, listener_factory_, worker_factory_, false)) {} NiceMock server_; NiceMock listener_factory_; NiceMock worker_factory_; std::unique_ptr listener_manager_; }; TEST_F(ApiListenerTest, HttpApiListener) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; const envoy::config::listener::v3::Listener config = parseListenerFromV3Yaml(yaml); auto http_api_listener = HttpApiListener(config, *listener_manager_, config.name()); ASSERT_EQ("test_api_listener", http_api_listener.name()); ASSERT_EQ(ApiListener::Type::HttpApiListener, http_api_listener.type()); ASSERT_TRUE(http_api_listener.http().has_value()); } TEST_F(ApiListenerTest, HttpApiListenerThrowsWithBadConfig) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.api.v2.Cluster name: cluster1 type: EDS eds_cluster_config: eds_config: path: eds path )EOF"; const envoy::config::listener::v3::Listener config = parseListenerFromV3Yaml(yaml); EXPECT_THROW_WITH_MESSAGE( HttpApiListener(config, *listener_manager_, config.name()), EnvoyException, "Unable to unpack as " "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager: " "[type.googleapis.com/envoy.api.v2.Cluster] {\n name: \"cluster1\"\n type: EDS\n " "eds_cluster_config {\n eds_config {\n path: \"eds path\"\n }\n }\n}\n"); } TEST_F(ApiListenerTest, HttpApiListenerShutdown) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; const envoy::config::listener::v3::Listener config = parseListenerFromV3Yaml(yaml); auto http_api_listener = HttpApiListener(config, *listener_manager_, config.name()); ASSERT_EQ("test_api_listener", http_api_listener.name()); ASSERT_EQ(ApiListener::Type::HttpApiListener, http_api_listener.type()); ASSERT_TRUE(http_api_listener.http().has_value()); Network::MockConnectionCallbacks network_connection_callbacks; // TODO(junr03): potentially figure out a way of unit testing this behavior without exposing a // ForTest function. http_api_listener.readCallbacksForTest().connection().addConnectionCallbacks( network_connection_callbacks); EXPECT_CALL(network_connection_callbacks, onEvent(Network::ConnectionEvent::RemoteClose)); // Shutting down the ApiListener should raise an event on all connection callback targets. http_api_listener.shutdown(); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/backtrace_test.cc ================================================ #include "server/backtrace.h" #include "test/test_common/logging.h" #include "gtest/gtest.h" namespace Envoy { TEST(Backward, Basic) { // There isn't much to test here and this feature is really just useful for // debugging. This test simply verifies that we do not cause a crash when // logging a backtrace, and covers the added lines. const bool save_log_to_stderr = BackwardsTrace::logToStderr(); BackwardsTrace::setLogToStderr(false); BackwardsTrace tracer; tracer.capture(); EXPECT_LOG_CONTAINS("critical", "Envoy version:", tracer.logTrace()); BackwardsTrace::setLogToStderr(save_log_to_stderr); } TEST(Backward, InvalidUsageTest) { // Ensure we do not crash if logging is attempted when there was no trace captured BackwardsTrace tracer; tracer.logTrace(); } } // namespace Envoy ================================================ FILE: test/server/config_validation/BUILD ================================================ load("//bazel:envoy_build_system.bzl", "envoy_cc_fuzz_test", "envoy_cc_test", "envoy_cc_test_library", "envoy_package", "envoy_proto_library") load("//source/extensions:all_extensions.bzl", "envoy_all_extensions") load("//bazel:repositories.bzl", "PPC_SKIP_TARGETS", "WINDOWS_SKIP_TARGETS") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "async_client_test", srcs = ["async_client_test.cc"], deps = [ "//include/envoy/http:message_interface", "//source/common/http:message_lib", "//source/server/config_validation:async_client_lib", "//source/server/config_validation:dns_lib", "//test/mocks/http:http_mocks", "//test/test_common:simulated_time_system_lib", ], ) envoy_cc_test( name = "cluster_manager_test", srcs = ["cluster_manager_test.cc"], deps = [ "//include/envoy/upstream:resource_manager_interface", "//include/envoy/upstream:upstream_interface", "//source/common/api:api_lib", "//source/common/singleton:manager_impl_lib", "//source/common/stats:stats_lib", "//source/extensions/transport_sockets/tls:context_lib", "//source/server/config_validation:cluster_manager_lib", "//source/server/config_validation:dns_lib", "//test/mocks/access_log:access_log_mocks", "//test/mocks/event:event_mocks", "//test/mocks/http:http_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/network:network_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/secret:secret_mocks", "//test/mocks/server:admin_mocks", "//test/mocks/thread_local:thread_local_mocks", "//test/test_common:simulated_time_system_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) filegroup( name = "server_test_data", srcs = glob(["test_data/**"]), ) envoy_cc_test( name = "server_test", srcs = ["server_test.cc"], data = [ ":server_test_data", "//configs:example_configs", "//test/config_test:example_configs_test_setup.sh", ], deps = [ "//source/extensions/filters/http/router:config", "//source/extensions/filters/network/http_connection_manager:config", "//source/extensions/transport_sockets/tls:config", "//source/server/config_validation:server_lib", "//test/integration:integration_lib", "//test/mocks/server:options_mocks", "//test/mocks/stats:stats_mocks", "//test/test_common:environment_lib", "//test/test_common:registry_lib", "//test/test_common:utility_lib", ], ) envoy_cc_test( name = "dispatcher_test", srcs = ["dispatcher_test.cc"], deps = [ "//source/common/event:libevent_lib", "//source/common/stats:isolated_store_lib", "//source/server/config_validation:api_lib", "//source/server/config_validation:dns_lib", "//test/test_common:environment_lib", "//test/test_common:network_utility_lib", "//test/test_common:test_time_lib", ], ) envoy_cc_fuzz_test( name = "config_fuzz_test", srcs = ["config_fuzz_test.cc"], corpus = "//test/server:server_fuzz_test_corpus", deps = [ "//source/common/common:thread_lib", "//source/server/config_validation:server_lib", "//test/integration:integration_lib", "//test/mocks/server:options_mocks", "//test/test_common:environment_lib", ] + select({ "//bazel:windows_x86_64": envoy_all_extensions(WINDOWS_SKIP_TARGETS), "//bazel:linux_ppc": envoy_all_extensions(PPC_SKIP_TARGETS), "//conditions:default": envoy_all_extensions(), }), ) envoy_proto_library( name = "xds_fuzz_proto", srcs = ["xds_fuzz.proto"], ) envoy_cc_test_library( name = "xds_verifier_lib", srcs = ["xds_verifier.cc"], hdrs = ["xds_verifier.h"], deps = [ ":xds_fuzz_proto_cc_proto", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/config/filter/network/http_connection_manager/v2:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_test( name = "xds_verifier_test", srcs = ["xds_verifier_test.cc"], deps = [ ":xds_verifier_lib", "//test/config:utility_lib", ], ) envoy_cc_test_library( name = "xds_fuzz_lib", srcs = ["xds_fuzz.cc"], hdrs = ["xds_fuzz.h"], deps = [ ":xds_fuzz_proto_cc_proto", ":xds_verifier_lib", "//test/fuzz:utility_lib", "//test/integration:http_integration_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) envoy_cc_fuzz_test( name = "xds_fuzz_test", srcs = ["xds_fuzz_test.cc"], corpus = "xds_corpus", deps = [ ":xds_fuzz_lib", "//source/common/protobuf:utility_lib", ], ) ================================================ FILE: test/server/config_validation/async_client_test.cc ================================================ #include "envoy/http/message.h" #include "common/http/message_impl.h" #include "server/config_validation/async_client.h" #include "test/mocks/http/mocks.h" #include "test/test_common/simulated_time_system.h" namespace Envoy { namespace Http { namespace { TEST(ValidationAsyncClientTest, MockedMethods) { RequestMessagePtr message{new RequestMessageImpl()}; MockAsyncClientCallbacks callbacks; MockAsyncClientStreamCallbacks stream_callbacks; Event::SimulatedTimeSystem time_system; Api::ApiPtr api = Api::createApiForTest(time_system); ValidationAsyncClient client(*api, time_system); EXPECT_EQ(nullptr, client.send(std::move(message), callbacks, AsyncClient::RequestOptions())); EXPECT_EQ(nullptr, client.start(stream_callbacks, AsyncClient::StreamOptions())); } } // namespace } // namespace Http } // namespace Envoy ================================================ FILE: test/server/config_validation/cluster_manager_test.cc ================================================ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" #include "common/api/api_impl.h" #include "common/grpc/context_impl.h" #include "common/http/context_impl.h" #include "common/singleton/manager_impl.h" #include "server/config_validation/cluster_manager.h" #include "extensions/transport_sockets/tls/context_manager_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/event/mocks.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/network/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/secret/mocks.h" #include "test/mocks/server/admin.h" #include "test/mocks/thread_local/mocks.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" namespace Envoy { namespace Upstream { namespace { TEST(ValidationClusterManagerTest, MockedMethods) { Stats::IsolatedStoreImpl stats_store; Event::SimulatedTimeSystem time_system; NiceMock validation_context; Api::ApiPtr api(Api::createApiForTest(stats_store, time_system)); NiceMock runtime; NiceMock tls; NiceMock random; testing::NiceMock secret_manager; auto dns_resolver = std::make_shared>(); Extensions::TransportSockets::Tls::ContextManagerImpl ssl_context_manager{api->timeSource()}; NiceMock dispatcher; LocalInfo::MockLocalInfo local_info; NiceMock admin; Http::ContextImpl http_context(stats_store.symbolTable()); Grpc::ContextImpl grpc_context(stats_store.symbolTable()); AccessLog::MockAccessLogManager log_manager; Singleton::ManagerImpl singleton_manager{Thread::threadFactoryForTest()}; ValidationClusterManagerFactory factory( admin, runtime, stats_store, tls, dns_resolver, ssl_context_manager, dispatcher, local_info, secret_manager, validation_context, *api, http_context, grpc_context, log_manager, singleton_manager, time_system); const envoy::config::bootstrap::v3::Bootstrap bootstrap; ClusterManagerPtr cluster_manager = factory.clusterManagerFromProto(bootstrap); EXPECT_EQ(nullptr, cluster_manager->httpConnPoolForCluster("cluster", ResourcePriority::Default, Http::Protocol::Http11, nullptr)); Host::CreateConnectionData data = cluster_manager->tcpConnForCluster("cluster", nullptr); EXPECT_EQ(nullptr, data.connection_); EXPECT_EQ(nullptr, data.host_description_); Http::AsyncClient& client = cluster_manager->httpAsyncClientForCluster("cluster"); Http::MockAsyncClientStreamCallbacks stream_callbacks; EXPECT_EQ(nullptr, client.start(stream_callbacks, Http::AsyncClient::StreamOptions())); } } // namespace } // namespace Upstream } // namespace Envoy ================================================ FILE: test/server/config_validation/config_fuzz_test.cc ================================================ #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "common/common/thread.h" #include "common/network/address_impl.h" #include "server/config_validation/server.h" #include "test/fuzz/fuzz_runner.h" #include "test/integration/server.h" #include "test/mocks/server/options.h" #include "test/test_common/environment.h" namespace Envoy { namespace Server { namespace { // Derived from //test/server:server_fuzz_test.cc, but starts the server in configuration validation // mode (quits upon validation of the given config) DEFINE_PROTO_FUZZER(const envoy::config::bootstrap::v3::Bootstrap& input) { envoy::config::bootstrap::v3::Bootstrap sanitizedInput(input); // TODO(asraa): QUIC is not enabled in production code yet, so remove references for HTTP3. // Tracked at https://github.com/envoyproxy/envoy/issues/9513. for (auto& cluster : *sanitizedInput.mutable_static_resources()->mutable_clusters()) { for (auto& health_check : *cluster.mutable_health_checks()) { if (health_check.http_health_check().codec_client_type() == envoy::type::v3::CodecClientType::HTTP3) { health_check.mutable_http_health_check()->clear_codec_client_type(); } } } testing::NiceMock options; TestComponentFactory component_factory; Fuzz::PerTestEnvironment test_env; const std::string bootstrap_path = test_env.temporaryPath("bootstrap.pb_text"); std::ofstream bootstrap_file(bootstrap_path); bootstrap_file << sanitizedInput.DebugString(); options.config_path_ = bootstrap_path; options.log_level_ = Fuzz::Runner::logLevel(); try { validateConfig(options, Network::Address::InstanceConstSharedPtr(), component_factory, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest()); } catch (const EnvoyException& ex) { ENVOY_LOG_MISC(debug, "Controlled EnvoyException exit: {}", ex.what()); } } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/config_validation/dispatcher_test.cc ================================================ #include #include "common/common/thread.h" #include "common/event/dispatcher_impl.h" #include "common/event/libevent.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "common/stats/isolated_store_impl.h" #include "server/config_validation/api.h" #include "test/mocks/common.h" #include "test/test_common/environment.h" #include "test/test_common/network_utility.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" namespace Envoy { // Define fixture which allocates ValidationDispatcher. class ConfigValidation : public testing::TestWithParam { public: ConfigValidation() { validation_ = std::make_unique( Thread::threadFactoryForTest(), stats_store_, test_time_.timeSystem(), Filesystem::fileSystemForTest(), random_generator_); dispatcher_ = validation_->allocateDispatcher("test_thread"); } DangerousDeprecatedTestTime test_time_; Event::DispatcherPtr dispatcher_; Stats::IsolatedStoreImpl stats_store_; testing::NiceMock random_generator_; private: // Using config validation API. std::unique_ptr validation_; }; // Simple test which creates a connection to fake upstream client. This is to test if // ValidationDispatcher can call createClientConnection without crashing. TEST_P(ConfigValidation, CreateConnection) { Network::Address::InstanceConstSharedPtr address( Network::Test::getCanonicalLoopbackAddress(GetParam())); dispatcher_->createClientConnection(address, address, Network::Test::createRawBufferSocket(), nullptr); SUCCEED(); } // Make sure that creating DnsResolver does not cause crash and each call to create // DNS resolver returns the same shared_ptr. TEST_F(ConfigValidation, SharedDnsResolver) { std::vector resolvers; Network::DnsResolverSharedPtr dns1 = dispatcher_->createDnsResolver(resolvers, false); long use_count = dns1.use_count(); Network::DnsResolverSharedPtr dns2 = dispatcher_->createDnsResolver(resolvers, false); EXPECT_EQ(dns1.get(), dns2.get()); // Both point to the same instance. EXPECT_EQ(use_count + 1, dns2.use_count()); // Each call causes ++ in use_count. } INSTANTIATE_TEST_SUITE_P(IpVersions, ConfigValidation, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); } // namespace Envoy ================================================ FILE: test/server/config_validation/server_test.cc ================================================ #include #include "envoy/server/filter_config.h" #include "server/config_validation/server.h" #include "test/integration/server.h" #include "test/mocks/server/options.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/registry.h" #include "test/test_common/test_time.h" namespace Envoy { namespace Server { namespace { // Test param is the path to the config file to validate. class ValidationServerTest : public testing::TestWithParam { public: static void setupTestDirectory() { TestEnvironment::exec( {TestEnvironment::runfilesPath("test/config_test/example_configs_test_setup.sh")}); directory_ = TestEnvironment::temporaryDirectory() + "/test/config_test/"; } static void SetUpTestSuite() { // NOLINT(readability-identifier-naming) setupTestDirectory(); } protected: ValidationServerTest() : options_(directory_ + GetParam()) {} static std::string directory_; testing::NiceMock options_; TestComponentFactory component_factory_; }; std::string ValidationServerTest::directory_ = ""; // ValidationServerTest_1 is created only to run different set of parameterized // tests than set of tests for ValidationServerTest. class ValidationServerTest_1 : public ValidationServerTest { public: static const std::vector getAllConfigFiles() { setupTestDirectory(); auto files = TestUtility::listFiles(ValidationServerTest::directory_, false); // Strip directory part. options_ adds it for each test. for (auto& file : files) { file = file.substr(directory_.length() + 1); } return files; } }; // RuntimeFeatureValidationServerTest is used to test validation with non-default runtime // values. class RuntimeFeatureValidationServerTest : public ValidationServerTest { public: static void SetUpTestSuite() { // NOLINT(readability-identifier-naming) setupTestDirectory(); } static void setupTestDirectory() { directory_ = TestEnvironment::runfilesDirectory("envoy/test/server/config_validation/test_data/"); } static const std::vector getAllConfigFiles() { setupTestDirectory(); auto files = TestUtility::listFiles(ValidationServerTest::directory_, false); // Strip directory part. options_ adds it for each test. for (auto& file : files) { file = file.substr(directory_.length() + 1); } return files; } class TestConfigFactory : public Configuration::NamedNetworkFilterConfigFactory { public: std::string name() const override { return "envoy.filters.network.test"; } Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message&, Configuration::FactoryContext&) override { // Validate that the validation server loaded the runtime data and installed the singleton. auto* runtime = Runtime::LoaderSingleton::getExisting(); if (runtime == nullptr) { throw EnvoyException("Runtime::LoaderSingleton == nullptr"); } if (!runtime->threadsafeSnapshot()->getBoolean("test.runtime.loaded", false)) { throw EnvoyException( "Found Runtime::LoaderSingleton, got wrong value for test.runtime.loaded"); } return [](Network::FilterManager&) {}; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new ProtobufWkt::Struct()}; } bool isTerminalFilter() override { return true; } }; }; TEST_P(ValidationServerTest, Validate) { EXPECT_TRUE(validateConfig(options_, Network::Address::InstanceConstSharedPtr(), component_factory_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest())); } TEST_P(ValidationServerTest, NoopLifecycleNotifier) { Thread::MutexBasicLockable access_log_lock; Stats::IsolatedStoreImpl stats_store; DangerousDeprecatedTestTime time_system; ValidationInstance server(options_, time_system.timeSystem(), Network::Address::InstanceConstSharedPtr(), stats_store, access_log_lock, component_factory_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest()); server.registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [] { FAIL(); }); server.registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [](Event::PostCb) { FAIL(); }); server.shutdown(); } // TODO(rlazarus): We'd like use this setup to replace //test/config_test (that is, run it against // all the example configs) but can't until light validation is implemented, mocking out access to // the filesystem for TLS certs, etc. In the meantime, these are the example configs that work // as-is. (Note, /dev/stdout as an access log file is invalid on Windows, no equivalent /dev/ // exists.) auto testing_values = ::testing::Values("front-proxy_front-envoy.yaml", "google_com_proxy.v2.yaml", #ifndef WIN32 "grpc-bridge_server_envoy-proxy.yaml", #endif "front-proxy_service-envoy.yaml"); INSTANTIATE_TEST_SUITE_P(ValidConfigs, ValidationServerTest, testing_values); // Just make sure that all configs can be ingested without a crash. Processing of config files // may not be successful, but there should be no crash. TEST_P(ValidationServerTest_1, RunWithoutCrash) { auto local_address = Network::Utility::getLocalAddress(options_.localAddressIpVersion()); validateConfig(options_, local_address, component_factory_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest()); SUCCEED(); } INSTANTIATE_TEST_SUITE_P(AllConfigs, ValidationServerTest_1, ::testing::ValuesIn(ValidationServerTest_1::getAllConfigFiles())); TEST_P(RuntimeFeatureValidationServerTest, ValidRuntimeLoaderSingleton) { TestConfigFactory factory; Registry::InjectFactory registration(factory); auto local_address = Network::Utility::getLocalAddress(options_.localAddressIpVersion()); // If this fails, it's likely because TestConfigFactory threw an exception related to the // runtime loader. ASSERT_TRUE(validateConfig(options_, local_address, component_factory_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest())); } INSTANTIATE_TEST_SUITE_P( AllConfigs, RuntimeFeatureValidationServerTest, ::testing::ValuesIn(RuntimeFeatureValidationServerTest::getAllConfigFiles())); } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/config_validation/test_data/runtime_config.yaml ================================================ --- node: id: "test" layered_runtime: layers: - name: static-layer static_layer: "test.runtime.loaded": true static_resources: listeners: - name: "test.listener" address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 0 filter_chains: - filters: - name: envoy.filters.network.test typed_config: "@type": type.googleapis.com/google.protobuf.Struct admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 9000 ================================================ FILE: test/server/config_validation/xds_corpus/clusterfuzz-testcase-minimized-xds_fuzz_test-6524356210196480 ================================================ actions { add_listener { listener_num: 256 route_num: 6356993 } } actions { add_listener { route_num: 16 } } actions { remove_listener { } } actions { add_route { route_num: 1 } } actions { add_listener { route_num: 11264 } } actions { add_listener { listener_num: 2147483648 route_num: 2147483648 } } actions { add_listener { listener_num: 6356993 route_num: 11264 } } actions { add_listener { listener_num: 256 route_num: 65537 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 2147483648 route_num: 2 } } ================================================ FILE: test/server/config_validation/xds_corpus/clusterfuzz-testcase-xds_fuzz_test-6589246463541248 ================================================ actions { add_listener { listener_num: 1024 } } actions { add_route { route_num: 1 } } actions { add_listener { } } actions { add_listener { listener_num: 1851719680 } } actions { add_listener { listener_num: 4 route_num: 1667301376 } } actions { add_listener { listener_num: 268435456 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 17 route_num: 20992 } } actions { remove_listener { listener_num: 16711680 } } actions { add_listener { listener_num: 1 route_num: 42 } } actions { add_route { route_num: 1 } } actions { add_listener { } } actions { add_listener { listener_num: 8 route_num: 1 } } actions { add_route { } } actions { add_route { route_num: 1 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 17 route_num: 20992 } } actions { remove_listener { listener_num: 16711680 } } actions { add_listener { listener_num: 822083584 } } actions { add_route { route_num: 1 } } actions { add_route { } } actions { add_route { route_num: 1 } } actions { remove_listener { listener_num: 16711680 } } config { } ================================================ FILE: test/server/config_validation/xds_corpus/example0 ================================================ actions { add_listener { listener_num : 0 route_num : 0 } } actions { add_route { route_num : 0 } } actions { add_listener { listener_num : 1 route_num : 1 } } actions { add_route { route_num : 1 } } actions { add_listener { listener_num : 2 route_num : 2 } } config { sotw_or_delta : SOTW } ================================================ FILE: test/server/config_validation/xds_corpus/example1 ================================================ actions { remove_listener { listener_num: 1 } } config { sotw_or_delta: SOTW } ================================================ FILE: test/server/config_validation/xds_corpus/example10 ================================================ actions { add_listener { route_num: 100728832 } } actions { add_route { } } actions { add_listener { listener_num: 1 route_num: 1 } } actions { add_route { route_num: 1 } } config { } ================================================ FILE: test/server/config_validation/xds_corpus/example13 ================================================ actions { add_listener { listener_num: 2 route_num: 3 } } actions { add_route { route_num: 3 } } actions { add_route { route_num: 3 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 0 route_num: 1 } } actions { add_route { route_num: 0 } } actions { remove_listener { listener_num: 1 } } actions { add_listener { listener_num: 2 route_num: 3 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 2 route_num: 3 } } config { sotw_or_delta: SOTW } ================================================ FILE: test/server/config_validation/xds_corpus/example2 ================================================ actions { add_listener { listener_num: 1 route_num: 1 } } actions { add_route { route_num: 1 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 2 route_num: 2 } } config { sotw_or_delta : DELTA } ================================================ FILE: test/server/config_validation/xds_corpus/example3 ================================================ actions { add_route { route_num : 0 } } actions { add_listener { listener_num : 0 route_num : 0 } } actions { remove_listener { listener_num : 0 } } config { sotw_or_delta : SOTW } ================================================ FILE: test/server/config_validation/xds_corpus/example4 ================================================ actions { add_listener { listener_num: 1 route_num: 2 } } actions { add_listener { listener_num: 1 route_num: 1 } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 1 route_num: 2 } } config { sotw_or_delta: DELTA } ================================================ FILE: test/server/config_validation/xds_corpus/example5 ================================================ actions { add_route { route_num: 4261412864 } } actions { remove_listener { listener_num: 7012368 } } actions { add_route { route_num: 4261412864 } } actions { remove_listener { listener_num: 7012388 } } actions { add_route { route_num: 7012388 } } actions { remove_listener { listener_num: 7012352 } } config { sotw_or_delta: DELTA } ================================================ FILE: test/server/config_validation/xds_corpus/example6 ================================================ actions { add_listener { listener_num: 1 route_num: 1 } } actions { add_route { route_num: 1 } } actions { add_route { route_num: 1 } } actions { remove_listener { listener_num: 1 } } config { sotw_or_delta: DELTA } ================================================ FILE: test/server/config_validation/xds_corpus/example7 ================================================ actions { add_route { route_num: 1 } } actions { add_listener { } } config { } ================================================ FILE: test/server/config_validation/xds_corpus/example8 ================================================ actions { add_route { route_num: 1 } } actions { add_listener { } } actions { remove_listener { } } config { } ================================================ FILE: test/server/config_validation/xds_corpus/example9 ================================================ actions { add_listener { } } actions { add_route { route_num: 1 } } actions { add_listener { listener_num: 1 route_num: 1 } } actions { add_route { } } config { } ================================================ FILE: test/server/config_validation/xds_fuzz.cc ================================================ #include "test/server/config_validation/xds_fuzz.h" #include "envoy/api/v2/route.pb.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/route/v3/route.pb.h" namespace Envoy { // Helper functions to build API responses. envoy::config::cluster::v3::Cluster XdsFuzzTest::buildCluster(const std::string& name) { return ConfigHelper::buildCluster(name, "ROUND_ROBIN", api_version_); }; envoy::config::endpoint::v3::ClusterLoadAssignment XdsFuzzTest::buildClusterLoadAssignment(const std::string& name) { return ConfigHelper::buildClusterLoadAssignment( name, Network::Test::getLoopbackAddressString(ip_version_), fake_upstreams_[0]->localAddress()->ip()->port(), api_version_); } envoy::config::listener::v3::Listener XdsFuzzTest::buildListener(const std::string& listener_name, const std::string& route_name) { return ConfigHelper::buildListener(listener_name, route_name, Network::Test::getLoopbackAddressString(ip_version_), "ads_test", api_version_); } envoy::config::route::v3::RouteConfiguration XdsFuzzTest::buildRouteConfig(const std::string& route_name) { return ConfigHelper::buildRouteConfig(route_name, "cluster_0", api_version_); } // Helper functions to send API responses. void XdsFuzzTest::updateListener( const std::vector& listeners, const std::vector& added_or_updated, const std::vector& removed) { ENVOY_LOG_MISC(debug, "Sending Listener DiscoveryResponse version {}", version_); sendDiscoveryResponse(Config::TypeUrl::get().Listener, listeners, added_or_updated, removed, std::to_string(version_)); } void XdsFuzzTest::updateRoute( const std::vector& routes, const std::vector& added_or_updated, const std::vector& removed) { ENVOY_LOG_MISC(debug, "Sending Route DiscoveryResponse version {}", version_); sendDiscoveryResponse( Config::TypeUrl::get().RouteConfiguration, routes, added_or_updated, removed, std::to_string(version_)); } XdsFuzzTest::XdsFuzzTest(const test::server::config_validation::XdsTestCase& input, envoy::config::core::v3::ApiVersion api_version) : HttpIntegrationTest( Http::CodecClient::Type::HTTP2, TestEnvironment::getIpVersionsForTest()[0], ConfigHelper::adsBootstrap(input.config().sotw_or_delta() == test::server::config_validation::Config::SOTW ? "GRPC" : "DELTA_GRPC", api_version)), verifier_(input.config().sotw_or_delta()), actions_(input.actions()), version_(1), api_version_(api_version), ip_version_(TestEnvironment::getIpVersionsForTest()[0]) { use_lds_ = false; create_xds_upstream_ = true; tls_xds_upstream_ = false; // Avoid listeners draining during the test. drain_time_ = std::chrono::seconds(60); if (input.config().sotw_or_delta() == test::server::config_validation::Config::SOTW) { sotw_or_delta_ = Grpc::SotwOrDelta::Sotw; } else { sotw_or_delta_ = Grpc::SotwOrDelta::Delta; } } /** * Initialize an envoy configured with a fully dynamic bootstrap with ADS over gRPC. */ void XdsFuzzTest::initialize() { config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { auto* ads_config = bootstrap.mutable_dynamic_resources()->mutable_ads_config(); auto* grpc_service = ads_config->add_grpc_services(); std::string cluster_name = "ads_cluster"; grpc_service->mutable_envoy_grpc()->set_cluster_name(cluster_name); auto* ads_cluster = bootstrap.mutable_static_resources()->add_clusters(); ads_cluster->MergeFrom(bootstrap.static_resources().clusters()[0]); ads_cluster->set_name("ads_cluster"); }); setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); HttpIntegrationTest::initialize(); if (xds_stream_ == nullptr) { createXdsConnection(); AssertionResult result = xds_connection_->waitForNewStream(*dispatcher_, xds_stream_); RELEASE_ASSERT(result, result.message()); xds_stream_->startGrpcStream(); } } void XdsFuzzTest::close() { cleanUpXdsConnection(); test_server_.reset(); fake_upstreams_.clear(); } /** * @return true iff listener_name is in listeners_ (and removes it from listeners_) */ bool XdsFuzzTest::eraseListener(const std::string& listener_name) { const auto orig_size = listeners_.size(); listeners_.erase(std::remove_if(listeners_.begin(), listeners_.end(), [&](auto& listener) { return listener.name() == listener_name; }), listeners_.end()); return orig_size != listeners_.size(); } /** * @return true iff route_name has already been added to routes_ */ bool XdsFuzzTest::hasRoute(const std::string& route_name) { return std::any_of(routes_.begin(), routes_.end(), [&](auto& route) { return route.name() == route_name; }); } /** * Log the current state of the verifier and the test server for debugging purposes to see * discrepancies. */ void XdsFuzzTest::logState() { ENVOY_LOG_MISC(debug, "warming {} ({}), active {} ({}), draining {} ({})", verifier_.numWarming(), test_server_->gauge("listener_manager.total_listeners_warming")->value(), verifier_.numActive(), test_server_->gauge("listener_manager.total_listeners_active")->value(), verifier_.numDraining(), test_server_->gauge("listener_manager.total_listeners_draining")->value()); ENVOY_LOG_MISC( debug, "added {} ({}), modified {} ({}), removed {} ({})", verifier_.numAdded(), test_server_->counter("listener_manager.listener_added")->value(), verifier_.numModified(), test_server_->counter("listener_manager.listener_modified")->value(), verifier_.numRemoved(), test_server_->counter("listener_manager.listener_removed")->value()); } /** * Send an xDS response to add a listener and update state accordingly. */ void XdsFuzzTest::addListener(const std::string& listener_name, const std::string& route_name) { ENVOY_LOG_MISC(debug, "Adding {} with reference to {}", listener_name, route_name); lds_update_success_++; bool removed = eraseListener(listener_name); auto listener = buildListener(listener_name, route_name); listeners_.push_back(listener); updateListener(listeners_, {listener}, {}); // Use waitForAck instead of compareDiscoveryRequest as the client makes additional // DiscoveryRequests at launch that we might not want to respond to yet. EXPECT_TRUE(waitForAck(Config::TypeUrl::get().Listener, std::to_string(version_))); if (removed) { verifier_.listenerUpdated(listener); } else { verifier_.listenerAdded(listener); } } /** * Send an xDS response to remove a listener and update state accordingly. */ void XdsFuzzTest::removeListener(const std::string& listener_name) { ENVOY_LOG_MISC(debug, "Removing {}", listener_name); bool removed = eraseListener(listener_name); if (removed) { lds_update_success_++; updateListener(listeners_, {}, {listener_name}); EXPECT_TRUE(waitForAck(Config::TypeUrl::get().Listener, std::to_string(version_))); verifier_.listenerRemoved(listener_name); } } /** * Send an xDS response to add a route and update state accordingly. */ void XdsFuzzTest::addRoute(const std::string& route_name) { ENVOY_LOG_MISC(debug, "Adding {}", route_name); auto route = buildRouteConfig(route_name); if (!hasRoute(route_name)) { routes_.push_back(route); } updateRoute(routes_, {route}, {}); verifier_.routeAdded(route); EXPECT_TRUE(waitForAck(Config::TypeUrl::get().RouteConfiguration, std::to_string(version_))); } /** * Wait for a specific ACK, ignoring any other ACKs that are made in the meantime. * @param the expected API type url of the ack * @param the expected version number * @return AssertionSuccess() if the ack was received, else an AssertionError() */ AssertionResult XdsFuzzTest::waitForAck(const std::string& expected_type_url, const std::string& expected_version) { if (sotw_or_delta_ == Grpc::SotwOrDelta::Sotw) { API_NO_BOOST(envoy::api::v2::DiscoveryRequest) discovery_request; do { VERIFY_ASSERTION(xds_stream_->waitForGrpcMessage(*dispatcher_, discovery_request)); ENVOY_LOG_MISC(debug, "Received gRPC message with type {} and version {}", discovery_request.type_url(), discovery_request.version_info()); } while (expected_type_url != discovery_request.type_url() || expected_version != discovery_request.version_info()); } else { API_NO_BOOST(envoy::api::v2::DeltaDiscoveryRequest) delta_discovery_request; do { VERIFY_ASSERTION(xds_stream_->waitForGrpcMessage(*dispatcher_, delta_discovery_request)); ENVOY_LOG_MISC(debug, "Received gRPC message with type {}", delta_discovery_request.type_url()); } while (expected_type_url != delta_discovery_request.type_url()); } version_++; return AssertionSuccess(); } /** * Run the sequence of actions defined in the fuzzed protobuf. */ void XdsFuzzTest::replay() { initialize(); // Set up cluster. EXPECT_TRUE(compareDiscoveryRequest(Config::TypeUrl::get().Cluster, "", {}, {}, {}, true)); sendDiscoveryResponse(Config::TypeUrl::get().Cluster, {buildCluster("cluster_0")}, {buildCluster("cluster_0")}, {}, "0"); EXPECT_TRUE(compareDiscoveryRequest(Config::TypeUrl::get().ClusterLoadAssignment, "", {"cluster_0"}, {"cluster_0"}, {})); sendDiscoveryResponse( Config::TypeUrl::get().ClusterLoadAssignment, {buildClusterLoadAssignment("cluster_0")}, {buildClusterLoadAssignment("cluster_0")}, {}, "0"); // The client will not subscribe to the RouteConfiguration type URL until it receives a listener, // and the ACKS it sends back seem to be an empty type URL so just don't check them until a // listener is added. bool sent_listener = false; for (const auto& action : actions_) { switch (action.action_selector_case()) { case test::server::config_validation::Action::kAddListener: { std::string listener_name = absl::StrCat("listener_", action.add_listener().listener_num() % ListenersMax); std::string route_name = absl::StrCat("route_config_", action.add_listener().route_num() % RoutesMax); addListener(listener_name, route_name); if (!sent_listener) { addRoute(route_name); test_server_->waitForCounterEq("listener_manager.listener_create_success", 1, timeout_); } sent_listener = true; break; } case test::server::config_validation::Action::kRemoveListener: { std::string listener_name = absl::StrCat("listener_", action.remove_listener().listener_num() % ListenersMax); removeListener(listener_name); break; } case test::server::config_validation::Action::kAddRoute: { if (!sent_listener) { ENVOY_LOG_MISC(debug, "Ignoring request to add route_{}", action.add_route().route_num() % RoutesMax); break; } std::string route_name = absl::StrCat("route_config_", action.add_route().route_num() % RoutesMax); addRoute(route_name); break; } default: break; } if (sent_listener) { // Wait for all of the updates to take effect. test_server_->waitForGaugeEq("listener_manager.total_listeners_warming", verifier_.numWarming(), timeout_); test_server_->waitForGaugeEq("listener_manager.total_listeners_active", verifier_.numActive(), timeout_); test_server_->waitForGaugeEq("listener_manager.total_listeners_draining", verifier_.numDraining(), timeout_); test_server_->waitForCounterEq("listener_manager.listener_modified", verifier_.numModified(), timeout_); test_server_->waitForCounterEq("listener_manager.listener_added", verifier_.numAdded(), timeout_); test_server_->waitForCounterEq("listener_manager.listener_removed", verifier_.numRemoved(), timeout_); test_server_->waitForCounterEq("listener_manager.lds.update_success", lds_update_success_, timeout_); } logState(); } verifyState(); close(); } /** * Verify that each listener in the verifier has a matching listener in the config dump. */ void XdsFuzzTest::verifyListeners() { ENVOY_LOG_MISC(debug, "Verifying listeners"); const auto& abstract_rep = verifier_.listeners(); const auto dump = getListenersConfigDump().dynamic_listeners(); for (const auto& rep : abstract_rep) { ENVOY_LOG_MISC(debug, "Verifying {} with state {}", rep.listener.name(), rep.state); auto listener_dump = std::find_if(dump.begin(), dump.end(), [&](auto& listener) { return listener.name() == rep.listener.name(); }); // There should be a listener of the same name in the dump. if (listener_dump == dump.end()) { throw EnvoyException(fmt::format("Expected to find {} in config dump", rep.listener.name())); } // The state should match. switch (rep.state) { case XdsVerifier::DRAINING: FUZZ_ASSERT(listener_dump->has_draining_state()); break; case XdsVerifier::WARMING: FUZZ_ASSERT(listener_dump->has_warming_state()); break; case XdsVerifier::ACTIVE: FUZZ_ASSERT(listener_dump->has_active_state()); break; default: NOT_REACHED_GCOVR_EXCL_LINE; } } } void XdsFuzzTest::verifyRoutes() { auto dump = getRoutesConfigDump(); // Go through routes in verifier and make sure each is in the config dump. auto routes = verifier_.routes(); FUZZ_ASSERT(routes.size() == dump.size()); for (const auto& route : routes) { FUZZ_ASSERT(std::any_of(dump.begin(), dump.end(), [&](const auto& dump_route) { return route.first == dump_route.name(); })); } } void XdsFuzzTest::verifyState() { verifyListeners(); ENVOY_LOG_MISC(debug, "Verified listeners"); verifyRoutes(); ENVOY_LOG_MISC(debug, "Verified routes"); FUZZ_ASSERT(test_server_->gauge("listener_manager.total_listeners_draining")->value() == verifier_.numDraining()); FUZZ_ASSERT(test_server_->gauge("listener_manager.total_listeners_warming")->value() == verifier_.numWarming()); FUZZ_ASSERT(test_server_->gauge("listener_manager.total_listeners_active")->value() == verifier_.numActive()); ENVOY_LOG_MISC(debug, "Verified stats"); ENVOY_LOG_MISC(debug, "warming {} ({}), active {} ({}), draining {} ({})", verifier_.numWarming(), test_server_->gauge("listener_manager.total_listeners_warming")->value(), verifier_.numActive(), test_server_->gauge("listener_manager.total_listeners_active")->value(), verifier_.numDraining(), test_server_->gauge("listener_manager.total_listeners_draining")->value()); } envoy::admin::v3::ListenersConfigDump XdsFuzzTest::getListenersConfigDump() { auto message_ptr = test_server_->server().admin().getConfigTracker().getCallbacksMap().at("listeners")(); return dynamic_cast(*message_ptr); } std::vector XdsFuzzTest::getRoutesConfigDump() { auto map = test_server_->server().admin().getConfigTracker().getCallbacksMap(); // There is no route config dump before envoy has a route. if (map.find("routes") == map.end()) { return {}; } auto message_ptr = map.at("routes")(); auto dump = dynamic_cast(*message_ptr); // Since the route config dump gives the RouteConfigurations as an Any, go through and cast them // back to RouteConfigurations. std::vector dump_routes; for (const auto& route : dump.dynamic_route_configs()) { envoy::api::v2::RouteConfiguration dyn_route; route.route_config().UnpackTo(&dyn_route); dump_routes.push_back(dyn_route); } return dump_routes; } } // namespace Envoy ================================================ FILE: test/server/config_validation/xds_fuzz.h ================================================ #pragma once #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/config/utility.h" #include "test/fuzz/utility.h" #include "test/integration/http_integration.h" #include "test/server/config_validation/xds_fuzz.pb.h" #include "test/server/config_validation/xds_verifier.h" #include "absl/types/optional.h" namespace Envoy { class XdsFuzzTest : public HttpIntegrationTest { public: XdsFuzzTest(const test::server::config_validation::XdsTestCase& input, envoy::config::core::v3::ApiVersion api_version); envoy::config::cluster::v3::Cluster buildCluster(const std::string& name); envoy::config::endpoint::v3::ClusterLoadAssignment buildClusterLoadAssignment(const std::string& name); envoy::config::listener::v3::Listener buildListener(const std::string& listener_name, const std::string& route_name); envoy::config::route::v3::RouteConfiguration buildRouteConfig(const std::string& route_name); void updateListener(const std::vector& listeners, const std::vector& added_or_updated, const std::vector& removed); void updateRoute(const std::vector& routes, const std::vector& added_or_updated, const std::vector& removed); void initialize() override; void replay(); void close(); const size_t ListenersMax = 3; const size_t RoutesMax = 5; private: void addListener(const std::string& listener_name, const std::string& route_name); void removeListener(const std::string& listener_name); void addRoute(const std::string& route_name); void logState(); void verifyState(); void verifyListeners(); void verifyRoutes(); envoy::admin::v3::ListenersConfigDump getListenersConfigDump(); std::vector getRoutesConfigDump(); bool eraseListener(const std::string& listener_name); bool hasRoute(const std::string& route_name); AssertionResult waitForAck(const std::string& expected_type_url, const std::string& expected_version); XdsVerifier verifier_; Protobuf::RepeatedPtrField actions_; std::vector routes_; std::vector listeners_; uint64_t version_; envoy::config::core::v3::ApiVersion api_version_; Network::Address::IpVersion ip_version_; std::chrono::seconds timeout_{5}; uint64_t lds_update_success_{0}; }; } // namespace Envoy ================================================ FILE: test/server/config_validation/xds_fuzz.proto ================================================ syntax = "proto3"; package test.server.config_validation; import "validate/validate.proto"; message AddListener { // generates a new listener listener_x with number listener_num, which can later be removed by // RemoveListener // if listener_x had already been added, it will update listener_x's route_config uint32 listener_num = 1; // listener_x references route_y, which has number route_num uint32 route_num = 2; } message AddRoute { // generates a new route route_y with number route_num which can later be removed by a RemoveRoute uint32 route_num = 1; } message RemoveListener { // removes listener_x uint32 listener_num = 1; } message Action { oneof action_selector { option (validate.required) = true; AddListener add_listener = 1; AddRoute add_route = 2; RemoveListener remove_listener = 3; } } message Config { enum SotwOrDelta { SOTW = 0; DELTA = 1; } SotwOrDelta sotw_or_delta = 1; } message XdsTestCase { repeated Action actions = 1; Config config = 2; } ================================================ FILE: test/server/config_validation/xds_fuzz_test.cc ================================================ #include "test/fuzz/fuzz_runner.h" #include "test/server/config_validation/xds_fuzz.h" #include "test/server/config_validation/xds_fuzz.pb.validate.h" namespace Envoy { DEFINE_PROTO_FUZZER(const test::server::config_validation::XdsTestCase& input) { RELEASE_ASSERT(!TestEnvironment::getIpVersionsForTest().empty(), ""); try { TestUtility::validate(input); } catch (const ProtoValidationException& e) { ENVOY_LOG_MISC(debug, "ProtoValidationException: {}", e.what()); return; } XdsFuzzTest test(input, envoy::config::core::v3::ApiVersion::V2); test.replay(); } } // namespace Envoy ================================================ FILE: test/server/config_validation/xds_verifier.cc ================================================ #include "test/server/config_validation/xds_verifier.h" #include "common/common/logger.h" namespace Envoy { XdsVerifier::XdsVerifier(test::server::config_validation::Config::SotwOrDelta sotw_or_delta) : num_warming_(0), num_active_(0), num_draining_(0), num_added_(0), num_modified_(0), num_removed_(0) { if (sotw_or_delta == test::server::config_validation::Config::SOTW) { sotw_or_delta_ = SOTW; } else { sotw_or_delta_ = DELTA; } ENVOY_LOG_MISC(debug, "sotw_or_delta_ = {}", sotw_or_delta_); } /** * Get the route referenced by a listener. */ std::string XdsVerifier::getRoute(const envoy::config::listener::v3::Listener& listener) { envoy::config::listener::v3::Filter filter0 = listener.filter_chains()[0].filters()[0]; envoy::config::filter::network::http_connection_manager::v2::HttpConnectionManager conn_man; filter0.typed_config().UnpackTo(&conn_man); return conn_man.rds().route_config_name(); } /** * @return true iff the route listener refers to is in all_routes_ */ bool XdsVerifier::hasRoute(const envoy::config::listener::v3::Listener& listener) { return hasRoute(getRoute(listener)); } bool XdsVerifier::hasRoute(const std::string& name) { return all_routes_.contains(name); } bool XdsVerifier::hasActiveRoute(const envoy::config::listener::v3::Listener& listener) { return hasActiveRoute(getRoute(listener)); } bool XdsVerifier::hasActiveRoute(const std::string& name) { return active_routes_.contains(name); } bool XdsVerifier::hasListener(const std::string& name, ListenerState state) { return std::any_of(listeners_.begin(), listeners_.end(), [&](const auto& rep) { return rep.listener.name() == name && state == rep.state; }); } /** * Pretty prints the currently stored listeners and their states. */ void XdsVerifier::dumpState() { ENVOY_LOG_MISC(debug, "Listener Dump:"); for (const auto& rep : listeners_) { ENVOY_LOG_MISC(debug, "Name: {}, Route {}, State: {}", rep.listener.name(), getRoute(rep.listener), rep.state); } } /* * If a listener is added for the first time, it will be added as active/warming depending on if * Envoy knows about its route config. * * If a listener is updated (i.e. there is a already a listener by this name), there are 3 cases: * 1. The old listener is active and the new is warming: * - Old will remain active * - New will be added as warming, to replace the old when it gets its route * 2. The old listener is active and new is active: * - Old is drained (seemingly instantaneously) * - New is added as active * 3. The old listener is warming and new is active/warming: * - Old is completely removed * - New is added as warming/active as normal */ /** * Update a listener when its route is changed, draining/removing the old listener and adding the * updated listener. */ void XdsVerifier::listenerUpdated(const envoy::config::listener::v3::Listener& listener) { ENVOY_LOG_MISC(debug, "About to update listener {} to {}", listener.name(), getRoute(listener)); dumpState(); const auto existing_warming = std::find_if(listeners_.begin(), listeners_.end(), [&](const auto& rep) { return rep.listener.name() == listener.name() && getRoute(rep.listener) == getRoute(listener) && rep.state == WARMING; }); const auto existing_active = std::find_if(listeners_.begin(), listeners_.end(), [&](const auto& rep) { return rep.listener.name() == listener.name() && getRoute(rep.listener) == getRoute(listener) && rep.state == ACTIVE; }); // Return early if the listener is a duplicate. if (existing_active != listeners_.end()) { const auto warming_to_remove = std::find_if(listeners_.begin(), listeners_.end(), [&](const auto& rep) { return rep.listener.name() == listener.name() && rep.state == WARMING; }); // The listener should be updated back to its original state and the warming removed. if (warming_to_remove != listeners_.end()) { ENVOY_LOG_MISC(debug, "Removing warming listener {} after update", listener.name()); num_modified_++; num_warming_--; listeners_.erase(warming_to_remove); return; } ENVOY_LOG_MISC(debug, "Ignoring duplicate add of {}", listener.name()); return; } if (existing_warming != listeners_.end()) { ENVOY_LOG_MISC(debug, "Ignoring duplicate add of {}", listener.name()); return; } bool found = false; for (auto it = listeners_.begin(); it != listeners_.end();) { const auto& rep = *it; ENVOY_LOG_MISC(debug, "checking {} for update", rep.listener.name()); if (rep.listener.name() == listener.name()) { // If we're updating a warming/active listener, num_modified_ must be incremented. if (rep.state != DRAINING && !found) { num_modified_++; found = true; } if (rep.state == ACTIVE) { if (hasActiveRoute(listener)) { // If the new listener is ready to take traffic, the old listener will be removed. It // seems to be directly removed without being added to the config dump as draining. ENVOY_LOG_MISC(debug, "Removing {} after update", listener.name()); num_active_--; it = listeners_.erase(it); continue; } else { // If the new listener has not gotten its route yet, the old listener will remain active // until that happens. ENVOY_LOG_MISC(debug, "Keeping {} as ACTIVE", listener.name()); } } else if (rep.state == WARMING) { // If the old listener is warming, it will be removed and replaced with the new. ENVOY_LOG_MISC(debug, "Removed warming listener {}", listener.name()); num_warming_--; it = listeners_.erase(it); // Don't increment it. continue; } } ++it; } dumpState(); listenerAdded(listener, true); } /** * Add a new listener to listeners_ in either an active or warming state. * @param listener the listener to be added * @param from_update whether this function was called from listenerUpdated, in which case * num_added_ should not be incremented */ void XdsVerifier::listenerAdded(const envoy::config::listener::v3::Listener& listener, bool from_update) { if (!from_update) { num_added_++; } if (hasActiveRoute(listener)) { ENVOY_LOG_MISC(debug, "Adding {} to listeners_ as ACTIVE", listener.name()); listeners_.push_back({listener, ACTIVE}); num_active_++; } else { num_warming_++; ENVOY_LOG_MISC(debug, "Adding {} to listeners_ as WARMING", listener.name()); listeners_.push_back({listener, WARMING}); } ENVOY_LOG_MISC(debug, "listenerAdded({})", listener.name()); dumpState(); } /** * Remove a listener and drain it if it was active. * @param name the name of the listener to be removed */ void XdsVerifier::listenerRemoved(const std::string& name) { bool found = false; for (auto it = listeners_.begin(); it != listeners_.end();) { auto& rep = *it; if (rep.listener.name() == name) { if (rep.state == ACTIVE) { // The listener will be drained before being removed. ENVOY_LOG_MISC(debug, "Changing {} to DRAINING", name); found = true; num_active_--; num_draining_++; rep.state = DRAINING; } else if (rep.state == WARMING) { // The listener will be removed immediately. ENVOY_LOG_MISC(debug, "Removed warming listener {}", name); found = true; num_warming_--; it = listeners_.erase(it); // Don't increment it. continue; } } ++it; } if (found) { num_removed_++; } } /** * After a SOTW update, see if any listeners that are currently warming can become active. */ void XdsVerifier::updateSotwListeners() { ASSERT(sotw_or_delta_ == SOTW); for (auto& rep : listeners_) { // Check all_routes_, not active_routes_ since this is SOTW, so any inactive routes will become // active if this listener refers to them. if (hasRoute(rep.listener) && rep.state == WARMING) { // It should successfully warm now. ENVOY_LOG_MISC(debug, "Moving {} to ACTIVE state", rep.listener.name()); // If the route was not originally added as active, change it now. if (!hasActiveRoute(rep.listener)) { std::string route_name = getRoute(rep.listener); auto it = all_routes_.find(route_name); // all added routes should be in all_routes_ in SOTW ASSERT(it != all_routes_.end()); active_routes_.insert({route_name, it->second}); } // If there were any active listeners that were waiting to be updated, they will now be // removed and the warming listener will take their place. markForRemoval(rep); num_warming_--; num_active_++; rep.state = ACTIVE; } } listeners_.erase(std::remove_if(listeners_.begin(), listeners_.end(), [&](auto& listener) { return listener.state == REMOVED; }), listeners_.end()); } /** * After a delta update, update any listeners that refer to the added route. */ void XdsVerifier::updateDeltaListeners(const envoy::config::route::v3::RouteConfiguration& route) { for (auto& rep : listeners_) { if (getRoute(rep.listener) == route.name() && rep.state == WARMING) { // It should successfully warm now. ENVOY_LOG_MISC(debug, "Moving {} to ACTIVE state", rep.listener.name()); // If there were any active listeners that were waiting to be updated, they will now be // removed and the warming listener will take their place. markForRemoval(rep); num_warming_--; num_active_++; rep.state = ACTIVE; } } // erase any active listeners that were replaced listeners_.erase(std::remove_if(listeners_.begin(), listeners_.end(), [&](auto& listener) { return listener.state == REMOVED; }), listeners_.end()); } /** * @param listener a warming listener that has a corresponding active listener of the same name * called after listener receives its route, so it will be moved to active and the old listener will * be removed */ void XdsVerifier::markForRemoval(ListenerRepresentation& rep) { ASSERT(rep.state == WARMING); // Find the old listener and mark it for removal. for (auto& old_rep : listeners_) { if (old_rep.listener.name() == rep.listener.name() && getRoute(old_rep.listener) != getRoute(rep.listener) && old_rep.state == ACTIVE) { // Mark it as removed to remove it after the loop so as not to invalidate the iterator in // the caller function. old_rep.state = REMOVED; num_active_--; } } } /** * Add a new route and update any listeners that refer to this route. */ void XdsVerifier::routeAdded(const envoy::config::route::v3::RouteConfiguration& route) { // Routes that are not referenced by any resource are ignored, so this creates a distinction // between SOTW and delta. // If an unreferenced route is sent in delta, it is ignored forever as it will not be sent in // future RDS updates, whereas in SOTW it will be present in all future RDS updates, so if a // listener that refers to it is added in the meantime, it will become active. if (!hasRoute(route.name())) { all_routes_.insert({route.name(), route}); } if (sotw_or_delta_ == DELTA && std::any_of(listeners_.begin(), listeners_.end(), [&](auto& rep) { return getRoute(rep.listener) == route.name(); })) { if (!hasActiveRoute(route.name())) { active_routes_.insert({route.name(), route}); updateDeltaListeners(route); } updateDeltaListeners(route); } else if (sotw_or_delta_ == SOTW) { updateSotwListeners(); } } /** * Called after draining a listener, will remove it from listeners_. */ void XdsVerifier::drainedListener(const std::string& name) { for (auto it = listeners_.begin(); it != listeners_.end(); ++it) { if (it->listener.name() == name && it->state == DRAINING) { ENVOY_LOG_MISC(debug, "Drained and removed {}", name); num_draining_--; listeners_.erase(it); return; } } throw EnvoyException(fmt::format("Tried to drain {} which is not draining", name)); } } // namespace Envoy ================================================ FILE: test/server/config_validation/xds_verifier.h ================================================ #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "common/common/assert.h" #include "test/server/config_validation/xds_fuzz.pb.h" #include "absl/container/flat_hash_map.h" namespace Envoy { class XdsVerifier { public: XdsVerifier(test::server::config_validation::Config::SotwOrDelta sotw_or_delta); void listenerAdded(const envoy::config::listener::v3::Listener& listener, bool from_update = false); void listenerUpdated(const envoy::config::listener::v3::Listener& listener); void listenerRemoved(const std::string& name); void drainedListener(const std::string& name); void routeAdded(const envoy::config::route::v3::RouteConfiguration& route); enum ListenerState { WARMING, ACTIVE, DRAINING, REMOVED }; struct ListenerRepresentation { envoy::config::listener::v3::Listener listener; ListenerState state; }; const std::vector& listeners() const { return listeners_; } const absl::flat_hash_map& routes() const { return active_routes_; }; uint32_t numWarming() const { return num_warming_; } uint32_t numActive() const { return num_active_; } uint32_t numDraining() const { return num_draining_; } uint32_t numAdded() const { return num_added_; } uint32_t numModified() const { return num_modified_; } uint32_t numRemoved() const { return num_removed_; } void dumpState(); bool hasListener(const std::string& name, ListenerState state); bool hasRoute(const envoy::config::listener::v3::Listener& listener); bool hasRoute(const std::string& name); bool hasActiveRoute(const envoy::config::listener::v3::Listener& listener); bool hasActiveRoute(const std::string& name); private: enum SotwOrDelta { SOTW, DELTA }; std::string getRoute(const envoy::config::listener::v3::Listener& listener); void updateSotwListeners(); void updateDeltaListeners(const envoy::config::route::v3::RouteConfiguration& route); void markForRemoval(ListenerRepresentation& rep); std::vector listeners_; // envoy ignores routes that are not referenced by any resources // all_routes_ is used for SOTW, as every previous route is sent in each request // active_routes_ holds the routes that envoy knows about, i.e. the routes that are/were // referenced by a listener absl::flat_hash_map all_routes_; absl::flat_hash_map active_routes_; uint32_t num_warming_; uint32_t num_active_; uint32_t num_draining_; uint32_t num_added_; uint32_t num_modified_; uint32_t num_removed_; SotwOrDelta sotw_or_delta_; }; } // namespace Envoy ================================================ FILE: test/server/config_validation/xds_verifier_test.cc ================================================ #include "test/config/utility.h" #include "test/server/config_validation/xds_verifier.h" #include "gtest/gtest.h" namespace Envoy { envoy::config::listener::v3::Listener buildListener(const std::string& listener_name, const std::string& route_name) { return ConfigHelper::buildListener(listener_name, route_name, "", "ads_test", envoy::config::core::v3::ApiVersion::V3); } envoy::config::route::v3::RouteConfiguration buildRoute(const std::string& route_name) { return ConfigHelper::buildRouteConfig(route_name, "cluster_0", envoy::config::core::v3::ApiVersion::V3); } // Add, warm, drain and remove a listener. TEST(XdsVerifier, Basic) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numAdded(), 1); EXPECT_EQ(verifier.numWarming(), 1); verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_TRUE(verifier.hasRoute("route_config_0") && verifier.hasActiveRoute("route_config_0")); EXPECT_EQ(verifier.numAdded(), 1); EXPECT_EQ(verifier.numWarming(), 0); EXPECT_EQ(verifier.numActive(), 1); verifier.listenerRemoved("listener_0"); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.DRAINING)); EXPECT_EQ(verifier.numDraining(), 1); EXPECT_EQ(verifier.numRemoved(), 1); EXPECT_EQ(verifier.numActive(), 0); verifier.drainedListener("listener_0"); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.DRAINING)); EXPECT_EQ(verifier.numRemoved(), 1); } TEST(XdsVerifier, RouteBeforeListenerSOTW) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Send a route first, so envoy will not accept it. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasRoute("route_config_0")); EXPECT_FALSE(verifier.hasActiveRoute("route_config_0")); // Envoy still doesn't know about the route, so this will warm. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numAdded(), 1); EXPECT_EQ(verifier.numWarming(), 1); // Send a new route, which will include route_config_0 since SOTW, so route_config_0 will become // active. verifier.routeAdded(buildRoute("route_config_1")); EXPECT_TRUE(verifier.hasRoute("route_config_1")); EXPECT_FALSE(verifier.hasActiveRoute("route_config_1")); EXPECT_TRUE(verifier.hasActiveRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_EQ(verifier.numActive(), 1); } TEST(XdsVerifier, RouteBeforeListenerDelta) { XdsVerifier verifier(test::server::config_validation::Config::DELTA); // Send a route first, so envoy will not accept it. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_FALSE(verifier.hasActiveRoute("route_config_0")); // Envoy still doesn't know about the route, so this will warm. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numAdded(), 1); EXPECT_EQ(verifier.numWarming(), 1); // Send a new route, which will not include route_config_0 since SOTW, so route_config_0 will not // become active. verifier.routeAdded(buildRoute("route_config_1")); EXPECT_FALSE(verifier.hasActiveRoute("route_config_1")); EXPECT_FALSE(verifier.hasActiveRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numWarming(), 1); } TEST(XdsVerifier, UpdateWarmingListener) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.listenerUpdated(buildListener("listener_0", "route_config_1")); // The new listener should directly replace the old listener since it's warming. EXPECT_EQ(verifier.numModified(), 1); EXPECT_EQ(verifier.numAdded(), 1); // Send the route for the old listener, which should have been replaced with the update. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.ACTIVE)); // Now the new should become active. verifier.routeAdded(buildRoute("route_config_1")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); } TEST(XdsVerifier, UpdateActiveListener) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Add an active listener. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); // Send an update, which should keep the old listener active until the new warms. verifier.listenerUpdated(buildListener("listener_0", "route_config_1")); EXPECT_EQ(verifier.numModified(), 1); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); // Warm the new listener, which should remove the old. verifier.routeAdded(buildRoute("route_config_1")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.DRAINING)); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numActive(), 1); } TEST(XdsVerifier, UpdateActiveToActive) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Add two active listeners to different routes. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); // Add an active listener. verifier.listenerAdded(buildListener("listener_1", "route_config_1")); verifier.routeAdded(buildRoute("route_config_1")); EXPECT_TRUE(verifier.hasListener("listener_1", verifier.ACTIVE)); EXPECT_EQ(verifier.numAdded(), 2); // Send an update, which should make the new listener active straight away and remove the old // since its route is already active. verifier.listenerUpdated(buildListener("listener_0", "route_config_1")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_EQ(verifier.numActive(), 2); } TEST(XdsVerifier, WarmMultipleListenersSOTW) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Add two warming listener to the same route. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.listenerAdded(buildListener("listener_1", "route_config_0")); // Send the route, make sure both are active. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_TRUE(verifier.hasListener("listener_1", verifier.ACTIVE)); EXPECT_EQ(verifier.numActive(), 2); } TEST(XdsVerifier, WarmMultipleListenersDelta) { XdsVerifier verifier(test::server::config_validation::Config::DELTA); // Add two warming listener to the same route. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.listenerAdded(buildListener("listener_1", "route_config_0")); // Send the route, make sure both are active. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_TRUE(verifier.hasListener("listener_1", verifier.ACTIVE)); EXPECT_EQ(verifier.numActive(), 2); } TEST(XdsVerifier, ResendRouteSOTW) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Send a route that will be ignored. verifier.routeAdded(buildRoute("route_config_0")); // Add a warming listener that refers to this route. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); // Send the same route again, make sure listener becomes active. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); } TEST(XdsVerifier, ResendRouteDelta) { XdsVerifier verifier(test::server::config_validation::Config::DELTA); // Send a route that will be ignored. verifier.routeAdded(buildRoute("route_config_0")); // Add a warming listener that refers to this route. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); // Send the same route again, make sure listener becomes active. verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); } TEST(XdsVerifier, RemoveThenAddListener) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Add an active listener. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); // Remove it. verifier.listenerRemoved("listener_0"); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.DRAINING)); // And add it back, it should now be draining and active. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.DRAINING)); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); } TEST(XdsVerifier, UpdateBackToOriginal) { XdsVerifier verifier(test::server::config_validation::Config::SOTW); // Add an active listener. verifier.listenerAdded(buildListener("listener_0", "route_config_0")); verifier.routeAdded(buildRoute("route_config_0")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); // Update it to a new route, should warm. verifier.listenerUpdated(buildListener("listener_0", "route_config_1")); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.WARMING)); // Update it back to original, should remove warming listener. verifier.listenerUpdated(buildListener("listener_0", "route_config_0")); EXPECT_FALSE(verifier.hasListener("listener_0", verifier.WARMING)); EXPECT_TRUE(verifier.hasListener("listener_0", verifier.ACTIVE)); } } // namespace Envoy ================================================ FILE: test/server/configuration_impl_test.cc ================================================ #include #include #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/metrics/v3/stats.pb.h" #include "common/api/api_impl.h" #include "common/config/well_known_names.h" #include "common/json/json_loader.h" #include "common/upstream/cluster_manager_impl.h" #include "server/configuration_impl.h" #include "extensions/stat_sinks/well_known_names.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/instance.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "fmt/printf.h" #include "gmock/gmock.h" #include "gtest/gtest.h" #include "udpa/type/v1/typed_struct.pb.h" using testing::Return; namespace Envoy { namespace Server { namespace Configuration { namespace { TEST(FilterChainUtility, buildFilterChain) { Network::MockConnection connection; std::vector factories; ReadyWatcher watcher; Network::FilterFactoryCb factory = [&](Network::FilterManager&) -> void { watcher.ready(); }; factories.push_back(factory); factories.push_back(factory); EXPECT_CALL(watcher, ready()).Times(2); EXPECT_CALL(connection, initializeReadFilters()).WillOnce(Return(true)); EXPECT_EQ(FilterChainUtility::buildFilterChain(connection, factories), true); } TEST(FilterChainUtility, buildFilterChainFailWithBadFilters) { Network::MockConnection connection; std::vector factories; EXPECT_CALL(connection, initializeReadFilters()).WillOnce(Return(false)); EXPECT_EQ(FilterChainUtility::buildFilterChain(connection, factories), false); } class ConfigurationImplTest : public testing::Test { protected: ConfigurationImplTest() : api_(Api::createApiForTest()), cluster_manager_factory_( server_.admin(), server_.runtime(), server_.stats(), server_.threadLocal(), server_.dnsResolver(), server_.sslContextManager(), server_.dispatcher(), server_.localInfo(), server_.secretManager(), server_.messageValidationContext(), *api_, server_.httpContext(), server_.grpcContext(), server_.accessLogManager(), server_.singletonManager()) {} void addStatsdFakeClusterConfig(envoy::config::metrics::v3::StatsSink& sink) { envoy::config::metrics::v3::StatsdSink statsd_sink; statsd_sink.set_tcp_cluster_name("fake_cluster"); sink.mutable_typed_config()->PackFrom(statsd_sink); } Api::ApiPtr api_; NiceMock server_; Upstream::ProdClusterManagerFactory cluster_manager_factory_; }; TEST_F(ConfigurationImplTest, DefaultStatsFlushInterval) { envoy::config::bootstrap::v3::Bootstrap bootstrap; MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(std::chrono::milliseconds(5000), config.statsFlushInterval()); } TEST_F(ConfigurationImplTest, CustomStatsFlushInterval) { std::string json = R"EOF( { "stats_flush_interval": "0.500s", "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(std::chrono::milliseconds(500), config.statsFlushInterval()); } TEST_F(ConfigurationImplTest, SetUpstreamClusterPerConnectionBufferLimit) { const std::string json = R"EOF( { "static_resources": { "listeners" : [], "clusters": [ { "name": "test_cluster", "type": "static", "connect_timeout": "0.01s", "per_connection_buffer_limit_bytes": 8192, "lb_policy": "round_robin", "load_assignment": { "endpoints": [ { "lb_endpoints": [ { "endpoint": { "address": { "socket_address": { "address": "127.0.0.1", "port_value": 9999 } } } } ] } ] } } ] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); ASSERT_EQ(1U, config.clusterManager()->clusters().count("test_cluster")); EXPECT_EQ(8192U, config.clusterManager() ->clusters() .find("test_cluster") ->second.get() .info() ->perConnectionBufferLimitBytes()); server_.thread_local_.shutdownThread(); } TEST_F(ConfigurationImplTest, NullTracerSetWhenTracingConfigurationAbsent) { std::string json = R"EOF( { "static_resources": { "listeners" : [ { "address": { "socket_address": { "address": "127.0.0.1", "port_value": 1234 } }, "filter_chains": [] } ], "clusters": [] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); server_.local_info_.node_.set_cluster(""); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_THAT(envoy::config::trace::v3::Tracing{}, ProtoEq(server_.httpContext().defaultTracingConfig())); } TEST_F(ConfigurationImplTest, NullTracerSetWhenHttpKeyAbsentFromTracerConfiguration) { std::string json = R"EOF( { "static_resources": { "listeners" : [ { "address": { "socket_address": { "address": "127.0.0.1", "port_value": 1234 } }, "filter_chains": [] } ], "clusters": [] }, "tracing": {}, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); server_.local_info_.node_.set_cluster(""); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_THAT(envoy::config::trace::v3::Tracing{}, ProtoEq(server_.httpContext().defaultTracingConfig())); } TEST_F(ConfigurationImplTest, ConfigurationFailsWhenInvalidTracerSpecified) { std::string json = R"EOF( { "static_resources": { "listeners" : [ { "address": { "socket_address": { "address": "127.0.0.1", "port_value": 1234 } }, "filter_chains": [] } ], "clusters": [] }, "tracing": { "http": { "name": "invalid", "typed_config": { "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", "type_url": "type.googleapis.com/envoy.config.trace.v2.BlackHoleConfig", "value": { "collector_cluster": "cluster_0", "access_token_file": "/etc/envoy/envoy.cfg" } } } }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); MainImpl config; EXPECT_THROW_WITH_MESSAGE(config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "Didn't find a registered implementation for name: 'invalid'"); } TEST_F(ConfigurationImplTest, ProtoSpecifiedStatsSink) { std::string json = R"EOF( { "static_resources": { "listeners": [], "clusters": [] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); auto& sink = *bootstrap.mutable_stats_sinks()->Add(); sink.set_name(Extensions::StatSinks::StatsSinkNames::get().Statsd); addStatsdFakeClusterConfig(sink); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(1, config.statsSinks().size()); } TEST_F(ConfigurationImplTest, StatsSinkWithInvalidName) { std::string json = R"EOF( { "static_resources": { "listeners": [], "clusters": [] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); envoy::config::metrics::v3::StatsSink& sink = *bootstrap.mutable_stats_sinks()->Add(); sink.set_name("envoy.invalid"); MainImpl config; EXPECT_THROW_WITH_MESSAGE(config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "Didn't find a registered implementation for name: 'envoy.invalid'"); } TEST_F(ConfigurationImplTest, StatsSinkWithNoName) { std::string json = R"EOF( { "static_resources": { "listeners": [], "clusters": [] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); bootstrap.mutable_stats_sinks()->Add(); MainImpl config; EXPECT_THROW_WITH_MESSAGE(config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "Provided name for static registration lookup was empty."); } TEST_F(ConfigurationImplTest, StatsSinkWithNoType) { std::string json = R"EOF( { "static_resources": { "listeners": [], "clusters": [] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); auto& sink = *bootstrap.mutable_stats_sinks()->Add(); udpa::type::v1::TypedStruct typed_struct; auto untyped_struct = typed_struct.mutable_value(); (*untyped_struct->mutable_fields())["foo"].set_string_value("bar"); sink.mutable_typed_config()->PackFrom(typed_struct); MainImpl config; EXPECT_THROW_WITH_MESSAGE(config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "Provided name for static registration lookup was empty."); } // An explicit non-empty LayeredRuntime is available to the server with no // changes made. TEST(InitialImplTest, LayeredRuntime) { const std::string yaml = R"EOF( layered_runtime: layers: - name: base static_layer: health_check: min_interval: 5 - name: root disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy } - name: override disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy_override, append_service_cluster: true } - name: admin admin_layer: {} )EOF"; const auto bootstrap = TestUtility::parseYaml(yaml); InitialImpl config(bootstrap); EXPECT_THAT(config.runtime(), ProtoEq(bootstrap.layered_runtime())); } // An empty LayeredRuntime has an admin layer injected. TEST(InitialImplTest, EmptyLayeredRuntime) { const std::string bootstrap_yaml = R"EOF( layered_runtime: {} )EOF"; const auto bootstrap = TestUtility::parseYaml(bootstrap_yaml); InitialImpl config(bootstrap); const std::string expected_yaml = R"EOF( layers: - admin_layer: {} )EOF"; const auto expected_runtime = TestUtility::parseYaml(expected_yaml); EXPECT_THAT(config.runtime(), ProtoEq(expected_runtime)); } // An empty deprecated Runtime has an empty static and admin layer injected. TEST(InitialImplTest, EmptyDeprecatedRuntime) { const auto bootstrap = TestUtility::parseYaml("{}"); InitialImpl config(bootstrap); const std::string expected_yaml = R"EOF( layers: - name: base static_layer: {} - name: admin admin_layer: {} )EOF"; const auto expected_runtime = TestUtility::parseYaml(expected_yaml); EXPECT_THAT(config.runtime(), ProtoEq(expected_runtime)); } // A deprecated Runtime is transformed to the equivalent LayeredRuntime. TEST(InitialImplTest, DeprecatedRuntimeTranslation) { const std::string bootstrap_yaml = R"EOF( runtime: symlink_root: /srv/runtime/current subdirectory: envoy override_subdirectory: envoy_override base: health_check: min_interval: 5 )EOF"; const auto bootstrap = TestUtility::parseYaml(bootstrap_yaml); InitialImpl config(bootstrap); const std::string expected_yaml = R"EOF( layers: - name: base static_layer: health_check: min_interval: 5 - name: root disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy } - name: override disk_layer: { symlink_root: /srv/runtime/current, subdirectory: envoy_override, append_service_cluster: true } - name: admin admin_layer: {} )EOF"; const auto expected_runtime = TestUtility::parseYaml(expected_yaml); EXPECT_THAT(config.runtime(), ProtoEq(expected_runtime)); } TEST_F(ConfigurationImplTest, AdminSocketOptions) { std::string json = R"EOF( { "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } }, "socket_options": [ { "level": 1, "name": 2, "int_value": 3, "state": "STATE_PREBIND" }, { "level": 4, "name": 5, "int_value": 6, "state": "STATE_BOUND" }, ] } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); InitialImpl config(bootstrap); Network::MockListenSocket socket_mock; ASSERT_EQ(config.admin().socketOptions()->size(), 2); auto detail = config.admin().socketOptions()->at(0)->getOptionDetails( socket_mock, envoy::config::core::v3::SocketOption::STATE_PREBIND); ASSERT_NE(detail, absl::nullopt); EXPECT_EQ(detail->name_, Envoy::Network::SocketOptionName(1, 2, "1/2")); detail = config.admin().socketOptions()->at(1)->getOptionDetails( socket_mock, envoy::config::core::v3::SocketOption::STATE_BOUND); ASSERT_NE(detail, absl::nullopt); EXPECT_EQ(detail->name_, Envoy::Network::SocketOptionName(4, 5, "4/5")); } TEST_F(ConfigurationImplTest, ExceedLoadBalancerHostWeightsLimit) { const std::string json = R"EOF( { "static_resources": { "listeners" : [], "clusters": [ { "name": "test_cluster", "type": "static", "connect_timeout": "0.01s", "per_connection_buffer_limit_bytes": 8192, "lb_policy": "RING_HASH", "load_assignment": { "cluster_name": "load_test_cluster", "endpoints": [ { "priority": 93 }, { "locality": { "zone": "zone1" }, "lb_endpoints": [ { "endpoint": { "address": { "pipe": { "path": "path/to/pipe" } } }, "health_status": "TIMEOUT", "load_balancing_weight": { "value": 4294967295 } }, { "endpoint": { "address": { "pipe": { "path": "path/to/pipe2" } } }, "health_status": "TIMEOUT", "load_balancing_weight": { "value": 1 } } ], "load_balancing_weight": { "value": 122 } } ] } } ] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); MainImpl config; EXPECT_THROW_WITH_MESSAGE( config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "The sum of weights of all upstream hosts in a locality exceeds 4294967295"); } TEST_F(ConfigurationImplTest, ExceedLoadBalancerLocalityWeightsLimit) { const std::string json = R"EOF( { "static_resources": { "listeners" : [], "clusters": [ { "name": "test_cluster", "type": "static", "connect_timeout": "0.01s", "per_connection_buffer_limit_bytes": 8192, "lb_policy": "RING_HASH", "load_assignment": { "cluster_name": "load_test_cluster", "endpoints": [ { "priority": 93 }, { "locality": { "zone": "zone1" }, "lb_endpoints": [ { "endpoint": { "address": { "pipe": { "path": "path/to/pipe" } } }, "health_status": "TIMEOUT", "load_balancing_weight": { "value": 7 } } ], "load_balancing_weight": { "value": 4294967295 } }, { "locality": { "region": "domains", "sub_zone": "sub_zone1" }, "lb_endpoints": [ { "endpoint": { "address": { "pipe": { "path": "path/to/pipe" } } }, "health_status": "TIMEOUT", "load_balancing_weight": { "value": 8 } } ], "load_balancing_weight": { "value": 2 } } ] }, "lb_subset_config": { "fallback_policy": "ANY_ENDPOINT", "subset_selectors": { "keys": [ "x" ] }, "locality_weight_aware": "true" }, "common_lb_config": { "healthy_panic_threshold": { "value": 0.8 }, "locality_weighted_lb_config": { } } } ] }, "admin": { "access_log_path": "/dev/null", "address": { "socket_address": { "address": "1.2.3.4", "port_value": 5678 } } } } )EOF"; auto bootstrap = Upstream::parseBootstrapFromV3Json(json); MainImpl config; EXPECT_THROW_WITH_MESSAGE( config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "The sum of weights of all localities at the same priority exceeds 4294967295"); } TEST_F(ConfigurationImplTest, KillTimeoutWithoutSkew) { const std::string json = R"EOF( { "watchdog": { "kill_timeout": "1.0s", }, })EOF"; envoy::config::bootstrap::v3::Bootstrap bootstrap; TestUtility::loadFromJson(json, bootstrap); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(std::chrono::milliseconds(1000), config.workerWatchdogConfig().killTimeout()); EXPECT_EQ(std::chrono::milliseconds(1000), config.mainThreadWatchdogConfig().killTimeout()); } TEST_F(ConfigurationImplTest, CanSkewsKillTimeout) { const std::string json = R"EOF( { "watchdog": { "kill_timeout": "1.0s", "max_kill_timeout_jitter": "0.5s" }, })EOF"; envoy::config::bootstrap::v3::Bootstrap bootstrap; TestUtility::loadFromJson(json, bootstrap); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_LT(std::chrono::milliseconds(1000), config.mainThreadWatchdogConfig().killTimeout()); EXPECT_LT(std::chrono::milliseconds(1000), config.workerWatchdogConfig().killTimeout()); EXPECT_GE(std::chrono::milliseconds(1500), config.mainThreadWatchdogConfig().killTimeout()); EXPECT_GE(std::chrono::milliseconds(1500), config.workerWatchdogConfig().killTimeout()); } TEST_F(ConfigurationImplTest, DoesNotSkewIfKillTimeoutDisabled) { const std::string json = R"EOF( { "watchdog": { "max_kill_timeout_jitter": "0.5s" }, })EOF"; envoy::config::bootstrap::v3::Bootstrap bootstrap; TestUtility::loadFromJson(json, bootstrap); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(std::chrono::milliseconds(0), config.mainThreadWatchdogConfig().killTimeout()); EXPECT_EQ(std::chrono::milliseconds(0), config.workerWatchdogConfig().killTimeout()); } TEST_F(ConfigurationImplTest, ShouldErrorIfBothWatchdogsAndWatchdogSet) { const std::string json = R"EOF( { "watchdogs": {}, "watchdog": {}})EOF"; envoy::config::bootstrap::v3::Bootstrap bootstrap; TestUtility::loadFromJson(json, bootstrap); MainImpl config; EXPECT_THROW_WITH_MESSAGE(config.initialize(bootstrap, server_, cluster_manager_factory_), EnvoyException, "Only one of watchdog or watchdogs should be set!"); } TEST_F(ConfigurationImplTest, CanSetMultiWatchdogConfigs) { const std::string json = R"EOF( { "watchdogs": { "main_thread_watchdog" : { miss_timeout : "2s" }, "worker_watchdog" : { miss_timeout : "0.5s" } }})EOF"; envoy::config::bootstrap::v3::Bootstrap bootstrap; TestUtility::loadFromJson(json, bootstrap); MainImpl config; config.initialize(bootstrap, server_, cluster_manager_factory_); EXPECT_EQ(config.mainThreadWatchdogConfig().missTimeout(), std::chrono::milliseconds(2000)); EXPECT_EQ(config.workerWatchdogConfig().missTimeout(), std::chrono::milliseconds(500)); } } // namespace } // namespace Configuration } // namespace Server } // namespace Envoy ================================================ FILE: test/server/connection_handler_test.cc ================================================ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/udp_listener_config.pb.h" #include "envoy/network/exception.h" #include "envoy/network/filter.h" #include "envoy/server/active_udp_listener_config.h" #include "envoy/stats/scope.h" #include "common/common/utility.h" #include "common/config/utility.h" #include "common/network/address_impl.h" #include "common/network/connection_balancer_impl.h" #include "common/network/io_socket_handle_impl.h" #include "common/network/raw_buffer_socket.h" #include "common/network/udp_default_writer_config.h" #include "common/network/udp_listener_impl.h" #include "common/network/utility.h" #include "server/connection_handler_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/api/mocks.h" #include "test/mocks/common.h" #include "test/mocks/network/mocks.h" #include "test/test_common/network_utility.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::HasSubstr; using testing::InSequence; using testing::Invoke; using testing::NiceMock; using testing::Return; using testing::ReturnRef; using testing::SaveArg; namespace Envoy { namespace Server { namespace { class ConnectionHandlerTest : public testing::Test, protected Logger::Loggable { public: ConnectionHandlerTest() : socket_factory_(std::make_shared()), handler_(new ConnectionHandlerImpl(dispatcher_, 0)), filter_chain_(Network::Test::createEmptyFilterChainWithRawBufferSockets()), listener_filter_matcher_(std::make_shared>()), access_log_(std::make_shared()) { ON_CALL(*listener_filter_matcher_, matches(_)).WillByDefault(Return(false)); } class TestListener : public Network::ListenerConfig { public: TestListener( ConnectionHandlerTest& parent, uint64_t tag, bool bind_to_port, bool hand_off_restored_destination_connections, const std::string& name, Network::Socket::Type socket_type, std::chrono::milliseconds listener_filters_timeout, bool continue_on_listener_filters_timeout, Network::ListenSocketFactorySharedPtr socket_factory, std::shared_ptr access_log, std::shared_ptr> filter_chain_manager = nullptr, uint32_t tcp_backlog_size = ENVOY_TCP_BACKLOG_SIZE, Network::ConnectionBalancerSharedPtr connection_balancer = nullptr) : parent_(parent), socket_(std::make_shared>()), socket_factory_(std::move(socket_factory)), tag_(tag), bind_to_port_(bind_to_port), tcp_backlog_size_(tcp_backlog_size), hand_off_restored_destination_connections_(hand_off_restored_destination_connections), name_(name), listener_filters_timeout_(listener_filters_timeout), continue_on_listener_filters_timeout_(continue_on_listener_filters_timeout), connection_balancer_(connection_balancer == nullptr ? std::make_shared() : connection_balancer), access_logs_({access_log}), inline_filter_chain_manager_(filter_chain_manager), init_manager_(nullptr) { envoy::config::listener::v3::UdpListenerConfig dummy; std::string listener_name("raw_udp_listener"); dummy.set_udp_listener_name(listener_name); udp_listener_factory_ = Config::Utility::getAndCheckFactoryByName(listener_name) .createActiveUdpListenerFactory(dummy, /*concurrency=*/1); udp_writer_factory_ = std::make_unique(); ON_CALL(*socket_, socketType()).WillByDefault(Return(socket_type)); } // Network::ListenerConfig Network::FilterChainManager& filterChainManager() override { return inline_filter_chain_manager_ == nullptr ? parent_.manager_ : *inline_filter_chain_manager_; } Network::FilterChainFactory& filterChainFactory() override { return parent_.factory_; } Network::ListenSocketFactory& listenSocketFactory() override { return *socket_factory_; } bool bindToPort() override { return bind_to_port_; } bool handOffRestoredDestinationConnections() const override { return hand_off_restored_destination_connections_; } uint32_t perConnectionBufferLimitBytes() const override { return 0; } std::chrono::milliseconds listenerFiltersTimeout() const override { return listener_filters_timeout_; } bool continueOnListenerFiltersTimeout() const override { return continue_on_listener_filters_timeout_; } Stats::Scope& listenerScope() override { return parent_.stats_store_; } uint64_t listenerTag() const override { return tag_; } const std::string& name() const override { return name_; } Network::ActiveUdpListenerFactory* udpListenerFactory() override { return udp_listener_factory_.get(); } Network::UdpPacketWriterFactoryOptRef udpPacketWriterFactory() override { return Network::UdpPacketWriterFactoryOptRef(std::ref(*udp_writer_factory_)); } Network::UdpListenerWorkerRouterOptRef udpListenerWorkerRouter() override { return *udp_listener_worker_router_; } envoy::config::core::v3::TrafficDirection direction() const override { return envoy::config::core::v3::UNSPECIFIED; } Network::ConnectionBalancer& connectionBalancer() override { return *connection_balancer_; } const std::vector& accessLogs() const override { return access_logs_; } ResourceLimit& openConnections() override { return open_connections_; } uint32_t tcpBacklogSize() const override { return tcp_backlog_size_; } Init::Manager& initManager() override { return *init_manager_; } void setMaxConnections(const uint32_t num_connections) { open_connections_.setMax(num_connections); } void clearMaxConnections() { open_connections_.resetMax(); } ConnectionHandlerTest& parent_; std::shared_ptr> socket_; Network::ListenSocketFactorySharedPtr socket_factory_; uint64_t tag_; bool bind_to_port_; const uint32_t tcp_backlog_size_; const bool hand_off_restored_destination_connections_; const std::string name_; const std::chrono::milliseconds listener_filters_timeout_; const bool continue_on_listener_filters_timeout_; std::unique_ptr udp_listener_factory_; std::unique_ptr udp_writer_factory_; Network::UdpListenerWorkerRouterPtr udp_listener_worker_router_; Network::ConnectionBalancerSharedPtr connection_balancer_; BasicResourceLimitImpl open_connections_; const std::vector access_logs_; std::shared_ptr> inline_filter_chain_manager_; std::unique_ptr init_manager_; }; using TestListenerPtr = std::unique_ptr; class MockUpstreamUdpFilter : public Network::UdpListenerReadFilter { public: MockUpstreamUdpFilter(ConnectionHandlerTest& parent, Network::UdpReadFilterCallbacks& callbacks) : UdpListenerReadFilter(callbacks), parent_(parent) {} ~MockUpstreamUdpFilter() override { parent_.deleted_before_listener_ = !parent_.udp_listener_deleted_; } MOCK_METHOD(void, onData, (Network::UdpRecvData&), (override)); MOCK_METHOD(void, onReceiveError, (Api::IoError::IoErrorCode), (override)); private: ConnectionHandlerTest& parent_; }; class MockUpstreamUdpListener : public Network::UdpListener { public: explicit MockUpstreamUdpListener(ConnectionHandlerTest& parent) : parent_(parent) { ON_CALL(*this, dispatcher()).WillByDefault(ReturnRef(dispatcher_)); } ~MockUpstreamUdpListener() override { parent_.udp_listener_deleted_ = true; } MOCK_METHOD(void, enable, (), (override)); MOCK_METHOD(void, disable, (), (override)); MOCK_METHOD(Event::Dispatcher&, dispatcher, (), (override)); MOCK_METHOD(Network::Address::InstanceConstSharedPtr&, localAddress, (), (const, override)); MOCK_METHOD(Api::IoCallUint64Result, send, (const Network::UdpSendData&), (override)); MOCK_METHOD(Api::IoCallUint64Result, flush, (), (override)); MOCK_METHOD(void, activateRead, (), (override)); private: ConnectionHandlerTest& parent_; Event::MockDispatcher dispatcher_; }; TestListener* addListener( uint64_t tag, bool bind_to_port, bool hand_off_restored_destination_connections, const std::string& name, Network::Listener* listener, Network::TcpListenerCallbacks** listener_callbacks = nullptr, std::shared_ptr connection_balancer = nullptr, Network::BalancedConnectionHandler** balanced_connection_handler = nullptr, Network::Socket::Type socket_type = Network::Socket::Type::Stream, std::chrono::milliseconds listener_filters_timeout = std::chrono::milliseconds(15000), bool continue_on_listener_filters_timeout = false, std::shared_ptr> overridden_filter_chain_manager = nullptr, uint32_t tcp_backlog_size = ENVOY_TCP_BACKLOG_SIZE) { listeners_.emplace_back(std::make_unique( *this, tag, bind_to_port, hand_off_restored_destination_connections, name, socket_type, listener_filters_timeout, continue_on_listener_filters_timeout, socket_factory_, access_log_, overridden_filter_chain_manager, tcp_backlog_size, connection_balancer)); EXPECT_CALL(*socket_factory_, socketType()).WillOnce(Return(socket_type)); if (listener == nullptr) { // Expecting listener config in place update. // If so, dispatcher would not create new network listener. return listeners_.back().get(); } EXPECT_CALL(*socket_factory_, getListenSocket()).WillOnce(Return(listeners_.back()->socket_)); if (socket_type == Network::Socket::Type::Stream) { EXPECT_CALL(dispatcher_, createListener_(_, _, _, _)) .WillOnce(Invoke([listener, listener_callbacks](Network::SocketSharedPtr&&, Network::TcpListenerCallbacks& cb, bool, uint32_t) -> Network::Listener* { if (listener_callbacks != nullptr) { *listener_callbacks = &cb; } return listener; })); } else { EXPECT_CALL(dispatcher_, createUdpListener_(_, _)) .WillOnce(Invoke([listener](Network::SocketSharedPtr&&, Network::UdpListenerCallbacks&) -> Network::UdpListener* { return dynamic_cast(listener); })); listeners_.back()->udp_listener_worker_router_ = std::make_unique(1); } if (balanced_connection_handler != nullptr) { EXPECT_CALL(*connection_balancer, registerHandler(_)) .WillOnce(SaveArgAddress(balanced_connection_handler)); } return listeners_.back().get(); } Stats::TestUtil::TestStore stats_store_; std::shared_ptr socket_factory_; Network::Address::InstanceConstSharedPtr local_address_{ new Network::Address::Ipv4Instance("127.0.0.1", 10001)}; NiceMock dispatcher_{"test"}; std::list listeners_; Network::ConnectionHandlerPtr handler_; NiceMock manager_; NiceMock factory_; const Network::FilterChainSharedPtr filter_chain_; NiceMock os_sys_calls_; TestThreadsafeSingletonInjector os_calls_{&os_sys_calls_}; std::shared_ptr> listener_filter_matcher_; bool udp_listener_deleted_ = false; bool deleted_before_listener_ = false; std::shared_ptr access_log_; }; // Verify that if a listener is removed while a rebalanced connection is in flight, we correctly // destroy the connection. TEST_F(ConnectionHandlerTest, RemoveListenerDuringRebalance) { InSequence s; // For reasons I did not investigate, the death test below requires this, likely due to forking. // So we just leak the FDs for this test. ON_CALL(os_sys_calls_, close(_)).WillByDefault(Return(Api::SysCallIntResult{0, 0})); Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); auto connection_balancer = std::make_shared(); Network::BalancedConnectionHandler* current_handler; TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks, connection_balancer, ¤t_handler); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); // Fake a balancer posting a connection to us. Event::PostCb post_cb; EXPECT_CALL(dispatcher_, post(_)).WillOnce(SaveArg<0>(&post_cb)); Network::MockConnectionSocket* connection = new NiceMock(); current_handler->incNumConnections(); #ifndef NDEBUG EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); #endif current_handler->post(Network::ConnectionSocketPtr{connection}); EXPECT_CALL(*connection_balancer, unregisterHandler(_)); // This also tests the assert in ConnectionHandlerImpl::ActiveTcpListener::~ActiveTcpListener. // See the long comment at the end of that function. #ifndef NDEBUG // On debug builds this should crash. EXPECT_DEATH(handler_->removeListeners(1), ".*num_listener_connections_ == 0.*"); // The original test continues without the previous line being run. To avoid the same assert // firing during teardown, run the posted callback now. post_cb(); ASSERT(post_cb != nullptr); EXPECT_CALL(*listener, onDestroy()); #else // On release builds this should be fine. EXPECT_CALL(*listener, onDestroy()); handler_->removeListeners(1); post_cb(); #endif } TEST_F(ConnectionHandlerTest, ListenerConnectionLimitEnforced) { Network::TcpListenerCallbacks* listener_callbacks1; auto listener1 = new NiceMock(); TestListener* test_listener1 = addListener(1, false, false, "test_listener1", listener1, &listener_callbacks1); Network::Address::InstanceConstSharedPtr normal_address( new Network::Address::Ipv4Instance("127.0.0.1", 10001)); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(normal_address)); // Only allow a single connection on this listener. test_listener1->setMaxConnections(1); handler_->addListener(absl::nullopt, *test_listener1); auto listener2 = new NiceMock(); Network::TcpListenerCallbacks* listener_callbacks2; TestListener* test_listener2 = addListener(2, false, false, "test_listener2", listener2, &listener_callbacks2); Network::Address::InstanceConstSharedPtr alt_address( new Network::Address::Ipv4Instance("127.0.0.2", 20002)); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(alt_address)); // Do not allow any connections on this listener. test_listener2->setMaxConnections(0); handler_->addListener(absl::nullopt, *test_listener2); EXPECT_CALL(manager_, findFilterChain(_)).WillRepeatedly(Return(filter_chain_.get())); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillRepeatedly(Return(true)); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(*test_filter, destroy_()); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterCallbacks&) -> Network::FilterStatus { return Network::FilterStatus::Continue; })); // For listener 2, verify its connection limit is independent of listener 1. // We expect that listener 2 accepts the connection, so there will be a call to // createServerConnection and active cx should increase, while cx overflow remains the same. EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks2->onAccept( Network::ConnectionSocketPtr{new NiceMock()}); EXPECT_EQ(0, handler_->numConnections()); EXPECT_EQ(0, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(0, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "downstream_cx_overflow")->value()); // For listener 1, verify connections are limited after one goes active. // First connection attempt should result in an active connection being created. auto conn1 = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(conn1)); listener_callbacks1->onAccept( Network::ConnectionSocketPtr{new NiceMock()}); EXPECT_EQ(1, handler_->numConnections()); // Note that these stats are not the per-worker stats, but the per-listener stats. EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(1, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "downstream_cx_overflow")->value()); // Don't expect server connection to be created, should be instantly closed and increment // overflow stat. listener_callbacks1->onAccept( Network::ConnectionSocketPtr{new NiceMock()}); EXPECT_EQ(1, handler_->numConnections()); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(1, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(2, TestUtility::findCounter(stats_store_, "downstream_cx_overflow")->value()); // Check behavior again for good measure. listener_callbacks1->onAccept( Network::ConnectionSocketPtr{new NiceMock()}); EXPECT_EQ(1, handler_->numConnections()); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(1, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(3, TestUtility::findCounter(stats_store_, "downstream_cx_overflow")->value()); EXPECT_CALL(*listener1, onDestroy()); EXPECT_CALL(*listener2, onDestroy()); } TEST_F(ConnectionHandlerTest, RemoveListener) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockConnectionSocket* connection = new NiceMock(); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(Network::ConnectionSocketPtr{connection}); EXPECT_EQ(0UL, handler_->numConnections()); // Test stop/remove of not existent listener. handler_->stopListeners(0); handler_->removeListeners(0); EXPECT_CALL(*listener, onDestroy()); handler_->stopListeners(1); EXPECT_CALL(dispatcher_, clearDeferredDeleteList()); handler_->removeListeners(1); EXPECT_EQ(0UL, handler_->numConnections()); // Test stop/remove of not existent listener. handler_->stopListeners(0); handler_->removeListeners(0); } TEST_F(ConnectionHandlerTest, DisableListener) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, false, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); EXPECT_CALL(*listener, disable()); EXPECT_CALL(*listener, onDestroy()); handler_->disableListeners(); } TEST_F(ConnectionHandlerTest, AddDisabledListener) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, false, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*listener, disable()); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); EXPECT_CALL(*listener, onDestroy()); handler_->disableListeners(); handler_->addListener(absl::nullopt, *test_listener); } TEST_F(ConnectionHandlerTest, DestroyCloseConnections) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockConnectionSocket* connection = new NiceMock(); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(Network::ConnectionSocketPtr{connection}); EXPECT_EQ(0UL, handler_->numConnections()); EXPECT_CALL(dispatcher_, clearDeferredDeleteList()); EXPECT_CALL(*listener, onDestroy()); handler_.reset(); } TEST_F(ConnectionHandlerTest, CloseDuringFilterChainCreate) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); EXPECT_CALL(*connection, state()).WillOnce(Return(Network::Connection::State::Closed)); EXPECT_CALL(*connection, addConnectionCallbacks(_)).Times(0); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); Network::MockConnectionSocket* accepted_socket = new NiceMock(); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_EQ(0UL, handler_->numConnections()); EXPECT_CALL(*listener, onDestroy()); } TEST_F(ConnectionHandlerTest, CloseConnectionOnEmptyFilterChain) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(false)); EXPECT_CALL(*connection, close(Network::ConnectionCloseType::NoFlush)); EXPECT_CALL(*connection, addConnectionCallbacks(_)).Times(0); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); Network::MockConnectionSocket* accepted_socket = new NiceMock(); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_EQ(0UL, handler_->numConnections()); EXPECT_CALL(*listener, onDestroy()); } TEST_F(ConnectionHandlerTest, NormalRedirect) { Network::TcpListenerCallbacks* listener_callbacks1; auto listener1 = new NiceMock(); TestListener* test_listener1 = addListener(1, true, true, "test_listener1", listener1, &listener_callbacks1); Network::Address::InstanceConstSharedPtr normal_address( new Network::Address::Ipv4Instance("127.0.0.1", 10001)); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(normal_address)); handler_->addListener(absl::nullopt, *test_listener1); Network::TcpListenerCallbacks* listener_callbacks2; auto listener2 = new NiceMock(); TestListener* test_listener2 = addListener(1, false, false, "test_listener2", listener2, &listener_callbacks2); Network::Address::InstanceConstSharedPtr alt_address( new Network::Address::Ipv4Instance("127.0.0.2", 20002)); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(alt_address)); handler_->addListener(absl::nullopt, *test_listener2); auto* test_filter = new NiceMock(); EXPECT_CALL(*test_filter, destroy_()); Network::MockConnectionSocket* accepted_socket = new NiceMock(); bool redirected = false; EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { // Insert the Mock filter. if (!redirected) { manager.addAcceptFilter(nullptr, Network::ListenerFilterPtr{test_filter}); redirected = true; } return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { cb.socket().restoreLocalAddress(alt_address); return Network::FilterStatus::Continue; })); EXPECT_CALL(*accepted_socket, restoreLocalAddress(alt_address)); EXPECT_CALL(*accepted_socket, localAddressRestored()).WillOnce(Return(true)); EXPECT_CALL(*accepted_socket, localAddress()).WillRepeatedly(ReturnRef(alt_address)); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); listener_callbacks1->onAccept(Network::ConnectionSocketPtr{accepted_socket}); // Verify per-listener connection stats. EXPECT_EQ(1UL, handler_->numConnections()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(1UL, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "test.downstream_cx_total")->value()); EXPECT_EQ(1UL, TestUtility::findGauge(stats_store_, "test.downstream_cx_active")->value()); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); connection->close(Network::ConnectionCloseType::NoFlush); dispatcher_.clearDeferredDeleteList(); EXPECT_EQ(0UL, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(0UL, TestUtility::findGauge(stats_store_, "test.downstream_cx_active")->value()); EXPECT_CALL(*listener2, onDestroy()); EXPECT_CALL(*listener1, onDestroy()); } TEST_F(ConnectionHandlerTest, FallbackToWildcardListener) { Network::TcpListenerCallbacks* listener_callbacks1; auto listener1 = new NiceMock(); TestListener* test_listener1 = addListener(1, true, true, "test_listener1", listener1, &listener_callbacks1); Network::Address::InstanceConstSharedPtr normal_address( new Network::Address::Ipv4Instance("127.0.0.1", 10001)); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(normal_address)); handler_->addListener(absl::nullopt, *test_listener1); Network::TcpListenerCallbacks* listener_callbacks2; auto listener2 = new NiceMock(); TestListener* test_listener2 = addListener(1, false, false, "test_listener2", listener2, &listener_callbacks2); Network::Address::InstanceConstSharedPtr any_address = Network::Utility::getIpv4AnyAddress(); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(any_address)); handler_->addListener(absl::nullopt, *test_listener2); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(*test_filter, destroy_()); Network::MockConnectionSocket* accepted_socket = new NiceMock(); bool redirected = false; EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { // Insert the Mock filter. if (!redirected) { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); redirected = true; } return true; })); // Zero port to match the port of AnyAddress Network::Address::InstanceConstSharedPtr alt_address( new Network::Address::Ipv4Instance("127.0.0.2", 0, nullptr)); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { cb.socket().restoreLocalAddress(alt_address); return Network::FilterStatus::Continue; })); EXPECT_CALL(*accepted_socket, restoreLocalAddress(alt_address)); EXPECT_CALL(*accepted_socket, localAddressRestored()).WillOnce(Return(true)); EXPECT_CALL(*accepted_socket, localAddress()).WillRepeatedly(ReturnRef(alt_address)); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); listener_callbacks1->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_EQ(1UL, handler_->numConnections()); EXPECT_CALL(*listener2, onDestroy()); EXPECT_CALL(*listener1, onDestroy()); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); } TEST_F(ConnectionHandlerTest, WildcardListenerWithOriginalDst) { Network::TcpListenerCallbacks* listener_callbacks1; auto listener1 = new NiceMock(); TestListener* test_listener1 = addListener(1, true, true, "test_listener1", listener1, &listener_callbacks1); Network::Address::InstanceConstSharedPtr normal_address( new Network::Address::Ipv4Instance("127.0.0.1", 80)); // Original dst address nor port number match that of the listener's address. Network::Address::InstanceConstSharedPtr original_dst_address( new Network::Address::Ipv4Instance("127.0.0.2", 8080)); Network::Address::InstanceConstSharedPtr any_address = Network::Utility::getAddressWithPort( *Network::Utility::getIpv4AnyAddress(), normal_address->ip()->port()); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(any_address)); handler_->addListener(absl::nullopt, *test_listener1); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); Network::MockConnectionSocket* accepted_socket = new NiceMock(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { // Insert the Mock filter. manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { cb.socket().restoreLocalAddress(original_dst_address); return Network::FilterStatus::Continue; })); EXPECT_CALL(*test_filter, destroy_()); EXPECT_CALL(*accepted_socket, restoreLocalAddress(original_dst_address)); EXPECT_CALL(*accepted_socket, localAddressRestored()).WillOnce(Return(true)); EXPECT_CALL(*accepted_socket, localAddress()).WillRepeatedly(ReturnRef(original_dst_address)); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); listener_callbacks1->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_EQ(1UL, handler_->numConnections()); EXPECT_CALL(*listener1, onDestroy()); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); } TEST_F(ConnectionHandlerTest, WildcardListenerWithNoOriginalDst) { Network::TcpListenerCallbacks* listener_callbacks1; auto listener1 = new NiceMock(); TestListener* test_listener1 = addListener(1, true, true, "test_listener1", listener1, &listener_callbacks1); Network::Address::InstanceConstSharedPtr normal_address( new Network::Address::Ipv4Instance("127.0.0.1", 80)); Network::Address::InstanceConstSharedPtr any_address = Network::Utility::getAddressWithPort( *Network::Utility::getIpv4AnyAddress(), normal_address->ip()->port()); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(any_address)); handler_->addListener(absl::nullopt, *test_listener1); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(*test_filter, destroy_()); Network::MockConnectionSocket* accepted_socket = new NiceMock(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { // Insert the Mock filter. manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)).WillOnce(Return(Network::FilterStatus::Continue)); EXPECT_CALL(*accepted_socket, localAddressRestored()).WillOnce(Return(false)); EXPECT_CALL(*accepted_socket, localAddress()).WillRepeatedly(ReturnRef(normal_address)); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); listener_callbacks1->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_EQ(1UL, handler_->numConnections()); EXPECT_CALL(*listener1, onDestroy()); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); } TEST_F(ConnectionHandlerTest, TransportProtocolDefault) { Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockConnectionSocket* accepted_socket = new NiceMock(); EXPECT_CALL(*accepted_socket, detectedTransportProtocol()) .WillOnce(Return(absl::string_view(""))); EXPECT_CALL(*accepted_socket, setDetectedTransportProtocol(absl::string_view("raw_buffer"))); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_CALL(*listener, onDestroy()); } TEST_F(ConnectionHandlerTest, TransportProtocolCustom) { Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(*test_filter, destroy_()); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); absl::string_view dummy = "dummy"; EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { cb.socket().setDetectedTransportProtocol(dummy); return Network::FilterStatus::Continue; })); Network::MockConnectionSocket* accepted_socket = new NiceMock(); EXPECT_CALL(*accepted_socket, setDetectedTransportProtocol(dummy)); EXPECT_CALL(*accepted_socket, detectedTransportProtocol()).WillOnce(Return(dummy)); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_CALL(*listener, onDestroy()); } // Timeout during listener filter stop iteration. TEST_F(ConnectionHandlerTest, ListenerFilterTimeout) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks&) -> Network::FilterStatus { return Network::FilterStatus::StopIteration; })); Network::MockConnectionSocket* accepted_socket = new NiceMock(); Network::IoSocketHandleImpl io_handle{42}; EXPECT_CALL(*accepted_socket, ioHandle()).WillRepeatedly(ReturnRef(io_handle)); Event::MockTimer* timeout = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*timeout, enableTimer(std::chrono::milliseconds(15000), _)); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); Stats::Gauge& downstream_pre_cx_active = stats_store_.gauge("downstream_pre_cx_active", Stats::Gauge::ImportMode::Accumulate); EXPECT_EQ(1UL, downstream_pre_cx_active.value()); EXPECT_CALL(*timeout, disableTimer()); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); timeout->invokeCallback(); EXPECT_CALL(*test_filter, destroy_()); dispatcher_.clearDeferredDeleteList(); EXPECT_EQ(0UL, downstream_pre_cx_active.value()); EXPECT_EQ(1UL, stats_store_.counter("downstream_pre_cx_timeout").value()); // Make sure we didn't continue to try create connection. EXPECT_EQ(0UL, stats_store_.counter("no_filter_chain_match").value()); EXPECT_CALL(*listener, onDestroy()); } // Continue on timeout during listener filter stop iteration. TEST_F(ConnectionHandlerTest, ContinueOnListenerFilterTimeout) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks, nullptr, nullptr, Network::Socket::Type::Stream, std::chrono::milliseconds(15000), true); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* test_filter = new NiceMock(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks&) -> Network::FilterStatus { return Network::FilterStatus::StopIteration; })); Network::MockConnectionSocket* accepted_socket = new NiceMock(); Network::IoSocketHandleImpl io_handle{42}; EXPECT_CALL(*accepted_socket, ioHandle()).WillRepeatedly(ReturnRef(io_handle)); Event::MockTimer* timeout = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*timeout, enableTimer(std::chrono::milliseconds(15000), _)); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); Stats::Gauge& downstream_pre_cx_active = stats_store_.gauge("downstream_pre_cx_active", Stats::Gauge::ImportMode::Accumulate); EXPECT_EQ(1UL, downstream_pre_cx_active.value()); EXPECT_CALL(*test_filter, destroy_()); // Barrier: test_filter must be destructed before findFilterChain EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); EXPECT_CALL(*timeout, disableTimer()); timeout->invokeCallback(); dispatcher_.clearDeferredDeleteList(); EXPECT_EQ(0UL, downstream_pre_cx_active.value()); EXPECT_EQ(1UL, stats_store_.counter("downstream_pre_cx_timeout").value()); // Make sure we continued to try create connection. EXPECT_EQ(1UL, stats_store_.counter("no_filter_chain_match").value()); EXPECT_CALL(*listener, onDestroy()); } // Timeout is disabled once the listener filters complete. TEST_F(ConnectionHandlerTest, ListenerFilterTimeoutResetOnSuccess) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); Network::ListenerFilterCallbacks* listener_filter_cb{}; EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { listener_filter_cb = &cb; return Network::FilterStatus::StopIteration; })); Network::MockConnectionSocket* accepted_socket = new NiceMock(); Network::IoSocketHandleImpl io_handle{42}; EXPECT_CALL(*accepted_socket, ioHandle()).WillRepeatedly(ReturnRef(io_handle)); Event::MockTimer* timeout = new Event::MockTimer(&dispatcher_); EXPECT_CALL(*timeout, enableTimer(std::chrono::milliseconds(15000), _)); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_CALL(*test_filter, destroy_()); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); EXPECT_CALL(*timeout, disableTimer()); listener_filter_cb->continueFilterChain(true); EXPECT_CALL(*listener, onDestroy()); } // Ensure there is no timeout when the timeout is disabled with 0s. TEST_F(ConnectionHandlerTest, ListenerFilterDisabledTimeout) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks, nullptr, nullptr, Network::Socket::Type::Stream, std::chrono::milliseconds()); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* test_filter = new Network::MockListenerFilter(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{test_filter}); return true; })); EXPECT_CALL(*test_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks&) -> Network::FilterStatus { return Network::FilterStatus::StopIteration; })); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); EXPECT_CALL(dispatcher_, createTimer_(_)).Times(0); EXPECT_CALL(*test_filter, destroy_()); Network::MockConnectionSocket* accepted_socket = new NiceMock(); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); EXPECT_CALL(*listener, onDestroy()); } // Listener Filter could close socket in the context of listener callback. TEST_F(ConnectionHandlerTest, ListenerFilterReportError) { InSequence s; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockListenerFilter* first_filter = new Network::MockListenerFilter(); Network::MockListenerFilter* last_filter = new Network::MockListenerFilter(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{first_filter}); manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{last_filter}); return true; })); // The first filter close the socket EXPECT_CALL(*first_filter, onAccept(_)) .WillOnce(Invoke([&](Network::ListenerFilterCallbacks& cb) -> Network::FilterStatus { cb.socket().close(); return Network::FilterStatus::StopIteration; })); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); // The last filter won't be invoked EXPECT_CALL(*last_filter, onAccept(_)).Times(0); EXPECT_CALL(*first_filter, destroy_()); EXPECT_CALL(*last_filter, destroy_()); Network::MockConnectionSocket* accepted_socket = new NiceMock(); listener_callbacks->onAccept(Network::ConnectionSocketPtr{accepted_socket}); dispatcher_.clearDeferredDeleteList(); // Make sure the error leads to no listener timer created. EXPECT_CALL(dispatcher_, createTimer_(_)).Times(0); // Make sure we never try to match the filer chain since listener filter doesn't complete. EXPECT_CALL(manager_, findFilterChain(_)).Times(0); EXPECT_CALL(*listener, onDestroy()); } // Ensure an exception is thrown if there are no filters registered for a UDP listener TEST_F(ConnectionHandlerTest, UdpListenerNoFilterThrowsException) { InSequence s; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, nullptr, nullptr, nullptr, Network::Socket::Type::Datagram, std::chrono::milliseconds()); EXPECT_CALL(factory_, createUdpListenerFilterChain(_, _)) .WillOnce(Invoke([&](Network::UdpListenerFilterManager&, Network::UdpReadFilterCallbacks&) -> bool { return true; })); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); EXPECT_CALL(*listener, onDestroy()); try { handler_->addListener(absl::nullopt, *test_listener); FAIL(); } catch (const Network::CreateListenerException& e) { EXPECT_THAT( e.what(), HasSubstr("Cannot create listener as no read filter registered for the udp listener")); } } TEST_F(ConnectionHandlerTest, TcpListenerInplaceUpdate) { InSequence s; uint64_t old_listener_tag = 1; uint64_t new_listener_tag = 2; Network::TcpListenerCallbacks* old_listener_callbacks; Network::BalancedConnectionHandler* current_handler; auto old_listener = new NiceMock(); auto mock_connection_balancer = std::make_shared(); TestListener* old_test_listener = addListener(old_listener_tag, true, false, "test_listener", old_listener, &old_listener_callbacks, mock_connection_balancer, ¤t_handler); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *old_test_listener); ASSERT_NE(old_test_listener, nullptr); Network::TcpListenerCallbacks* new_listener_callbacks = nullptr; auto overridden_filter_chain_manager = std::make_shared>(); TestListener* new_test_listener = addListener( new_listener_tag, true, false, "test_listener", /* Network::Listener */ nullptr, &new_listener_callbacks, mock_connection_balancer, nullptr, Network::Socket::Type::Stream, std::chrono::milliseconds(15000), false, overridden_filter_chain_manager); handler_->addListener(old_listener_tag, *new_test_listener); ASSERT_EQ(new_listener_callbacks, nullptr) << "new listener should be inplace added and callback should not change"; Network::MockConnectionSocket* connection = new NiceMock(); current_handler->incNumConnections(); EXPECT_CALL(*mock_connection_balancer, pickTargetHandler(_)) .WillOnce(ReturnRef(*current_handler)); EXPECT_CALL(manager_, findFilterChain(_)).Times(0); EXPECT_CALL(*overridden_filter_chain_manager, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); EXPECT_CALL(*mock_connection_balancer, unregisterHandler(_)); old_listener_callbacks->onAccept(Network::ConnectionSocketPtr{connection}); EXPECT_EQ(0UL, handler_->numConnections()); EXPECT_CALL(*old_listener, onDestroy()); } TEST_F(ConnectionHandlerTest, TcpListenerRemoveFilterChain) { InSequence s; uint64_t listener_tag = 1; Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(listener_tag, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); Network::MockConnectionSocket* connection = new NiceMock(); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(filter_chain_.get())); Network::MockConnection* server_connection = new NiceMock(); EXPECT_CALL(dispatcher_, createServerConnection_()).WillOnce(Return(server_connection)); EXPECT_CALL(factory_, createNetworkFilterChain(_, _)).WillOnce(Return(true)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(Network::ConnectionSocketPtr{connection}); EXPECT_EQ(1UL, handler_->numConnections()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(1UL, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "test.downstream_cx_total")->value()); EXPECT_EQ(1UL, TestUtility::findGauge(stats_store_, "test.downstream_cx_active")->value()); const std::list filter_chains{filter_chain_.get()}; // The completion callback is scheduled handler_->removeFilterChains(listener_tag, filter_chains, []() { ENVOY_LOG(debug, "removed filter chains"); }); // Trigger the deletion if any. dispatcher_.clearDeferredDeleteList(); EXPECT_EQ(0UL, handler_->numConnections()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "downstream_cx_total")->value()); EXPECT_EQ(0UL, TestUtility::findGauge(stats_store_, "downstream_cx_active")->value()); EXPECT_EQ(1UL, TestUtility::findCounter(stats_store_, "test.downstream_cx_total")->value()); EXPECT_EQ(0UL, TestUtility::findGauge(stats_store_, "test.downstream_cx_active")->value()); EXPECT_CALL(dispatcher_, clearDeferredDeleteList()); EXPECT_CALL(*listener, onDestroy()); handler_.reset(); } // Listener Filter matchers works. TEST_F(ConnectionHandlerTest, ListenerFilterWorks) { Network::TcpListenerCallbacks* listener_callbacks; auto listener = new NiceMock(); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, &listener_callbacks); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); handler_->addListener(absl::nullopt, *test_listener); auto all_matcher = std::make_shared(); auto* disabled_listener_filter = new Network::MockListenerFilter(); auto* enabled_filter = new Network::MockListenerFilter(); EXPECT_CALL(factory_, createListenerFilterChain(_)) .WillRepeatedly(Invoke([&](Network::ListenerFilterManager& manager) -> bool { manager.addAcceptFilter(all_matcher, Network::ListenerFilterPtr{disabled_listener_filter}); manager.addAcceptFilter(listener_filter_matcher_, Network::ListenerFilterPtr{enabled_filter}); return true; })); // The all matcher matches any incoming traffic and disables the listener filter. EXPECT_CALL(*all_matcher, matches(_)).WillOnce(Return(true)); EXPECT_CALL(*disabled_listener_filter, onAccept(_)).Times(0); // The non matcher acts as if always enabled. EXPECT_CALL(*enabled_filter, onAccept(_)).WillOnce(Return(Network::FilterStatus::Continue)); EXPECT_CALL(*disabled_listener_filter, destroy_()); EXPECT_CALL(*enabled_filter, destroy_()); EXPECT_CALL(manager_, findFilterChain(_)).WillOnce(Return(nullptr)); EXPECT_CALL(*access_log_, log(_, _, _, _)).Times(1); listener_callbacks->onAccept(std::make_unique>()); EXPECT_CALL(*listener, onDestroy()); } // The read_filter should be deleted before the udp_listener is deleted. TEST_F(ConnectionHandlerTest, ShutdownUdpListener) { InSequence s; Network::MockUdpReadFilterCallbacks dummy_callbacks; auto listener = new NiceMock(*this); TestListener* test_listener = addListener(1, true, false, "test_listener", listener, nullptr, nullptr, nullptr, Network::Socket::Type::Datagram, std::chrono::milliseconds(), false, nullptr); auto filter = std::make_unique>(*this, dummy_callbacks); EXPECT_CALL(factory_, createUdpListenerFilterChain(_, _)) .WillOnce(Invoke([&](Network::UdpListenerFilterManager& udp_listener, Network::UdpReadFilterCallbacks&) -> bool { udp_listener.addReadFilter(std::move(filter)); return true; })); EXPECT_CALL(*socket_factory_, localAddress()).WillRepeatedly(ReturnRef(local_address_)); EXPECT_CALL(dummy_callbacks.udp_listener_, onDestroy()); handler_->addListener(absl::nullopt, *test_listener); handler_->stopListeners(); ASSERT_TRUE(deleted_before_listener_) << "The read_filter_ should be deleted before the udp_listener_ is deleted."; } TEST_F(ConnectionHandlerTest, TcpBacklogCustom) { uint32_t custom_backlog = 100; TestListener* test_listener = addListener( 1, true, false, "test_tcp_backlog", nullptr, nullptr, nullptr, nullptr, Network::Socket::Type::Stream, std::chrono::milliseconds(), false, nullptr, custom_backlog); EXPECT_CALL(*socket_factory_, getListenSocket()).WillOnce(Return(listeners_.back()->socket_)); EXPECT_CALL(*socket_factory_, localAddress()).WillOnce(ReturnRef(local_address_)); EXPECT_CALL(dispatcher_, createListener_(_, _, _, _)) .WillOnce(Invoke([custom_backlog](Network::SocketSharedPtr&&, Network::TcpListenerCallbacks&, bool, uint32_t backlog) -> Network::Listener* { EXPECT_EQ(custom_backlog, backlog); return nullptr; })); handler_->addListener(absl::nullopt, *test_listener); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/drain_manager_impl_test.cc ================================================ #include #include "envoy/config/listener/v3/listener.pb.h" #include "server/drain_manager_impl.h" #include "test/mocks/server/instance.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::InSequence; using testing::Return; namespace Envoy { namespace Server { namespace { constexpr int DrainTimeSeconds(600); class DrainManagerImplTest : public Event::TestUsingSimulatedTime, public testing::TestWithParam { protected: DrainManagerImplTest() { ON_CALL(server_.options_, drainTime()) .WillByDefault(Return(std::chrono::seconds(DrainTimeSeconds))); ON_CALL(server_.options_, parentShutdownTime()) .WillByDefault(Return(std::chrono::seconds(900))); } NiceMock server_; }; TEST_F(DrainManagerImplTest, Default) { InSequence s; DrainManagerImpl drain_manager(server_, envoy::config::listener::v3::Listener::DEFAULT); // Test parent shutdown. Event::MockTimer* shutdown_timer = new Event::MockTimer(&server_.dispatcher_); EXPECT_CALL(*shutdown_timer, enableTimer(std::chrono::milliseconds(900000), _)); drain_manager.startParentShutdownSequence(); EXPECT_CALL(server_.hot_restart_, sendParentTerminateRequest()); shutdown_timer->invokeCallback(); // Verify basic drain close. EXPECT_CALL(server_, healthCheckFailed()).WillOnce(Return(false)); EXPECT_FALSE(drain_manager.drainClose()); EXPECT_CALL(server_, healthCheckFailed()).WillOnce(Return(true)); EXPECT_TRUE(drain_manager.drainClose()); // Test drain sequence. Event::MockTimer* drain_timer = new Event::MockTimer(&server_.dispatcher_); const auto expected_delay = std::chrono::milliseconds(DrainTimeSeconds * 1000); EXPECT_CALL(*drain_timer, enableTimer(expected_delay, nullptr)); ReadyWatcher drain_complete; drain_manager.startDrainSequence([&drain_complete]() -> void { drain_complete.ready(); }); EXPECT_CALL(drain_complete, ready()); drain_timer->invokeCallback(); } TEST_F(DrainManagerImplTest, ModifyOnly) { InSequence s; DrainManagerImpl drain_manager(server_, envoy::config::listener::v3::Listener::MODIFY_ONLY); EXPECT_CALL(server_, healthCheckFailed()).Times(0); // Listener check will short-circuit EXPECT_FALSE(drain_manager.drainClose()); } TEST_P(DrainManagerImplTest, DrainDeadline) { const bool drain_gradually = GetParam(); ON_CALL(server_.options_, drainStrategy()) .WillByDefault(Return(drain_gradually ? Server::DrainStrategy::Gradual : Server::DrainStrategy::Immediate)); // TODO(auni53): Add integration tests for this once TestDrainManager is // removed. DrainManagerImpl drain_manager(server_, envoy::config::listener::v3::Listener::DEFAULT); // Ensure drainClose() behaviour is determined by the deadline. drain_manager.startDrainSequence([] {}); EXPECT_CALL(server_, healthCheckFailed()).WillRepeatedly(Return(false)); ON_CALL(server_.api_.random_, random()).WillByDefault(Return(DrainTimeSeconds * 2 - 1)); ON_CALL(server_.options_, drainTime()) .WillByDefault(Return(std::chrono::seconds(DrainTimeSeconds))); if (drain_gradually) { // random() should be called when elapsed time < drain timeout EXPECT_CALL(server_.api_.random_, random()).Times(2); EXPECT_FALSE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(DrainTimeSeconds - 1)); EXPECT_FALSE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); // Test that this still works if remaining time is negative simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(500)); EXPECT_TRUE(drain_manager.drainClose()); } else { EXPECT_CALL(server_.api_.random_, random()).Times(0); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(DrainTimeSeconds - 1)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(500)); EXPECT_TRUE(drain_manager.drainClose()); } } TEST_P(DrainManagerImplTest, DrainDeadlineProbability) { const bool drain_gradually = GetParam(); ON_CALL(server_.options_, drainStrategy()) .WillByDefault(Return(drain_gradually ? Server::DrainStrategy::Gradual : Server::DrainStrategy::Immediate)); ON_CALL(server_.api_.random_, random()).WillByDefault(Return(4)); ON_CALL(server_.options_, drainTime()).WillByDefault(Return(std::chrono::seconds(3))); DrainManagerImpl drain_manager(server_, envoy::config::listener::v3::Listener::DEFAULT); EXPECT_CALL(server_, healthCheckFailed()).WillOnce(Return(true)); EXPECT_TRUE(drain_manager.drainClose()); EXPECT_CALL(server_, healthCheckFailed()).WillRepeatedly(Return(false)); EXPECT_FALSE(drain_manager.drainClose()); EXPECT_FALSE(drain_manager.draining()); drain_manager.startDrainSequence([] {}); EXPECT_TRUE(drain_manager.draining()); if (drain_gradually) { // random() should be called when elapsed time < drain timeout EXPECT_CALL(server_.api_.random_, random()).Times(2); // Current elapsed time is 0 // drainClose() will return true when elapsed time > (4 % 3 == 1). EXPECT_FALSE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(2)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); } else { EXPECT_CALL(server_.api_.random_, random()).Times(0); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(2)); EXPECT_TRUE(drain_manager.drainClose()); simTime().advanceTimeWait(std::chrono::seconds(1)); EXPECT_TRUE(drain_manager.drainClose()); } } INSTANTIATE_TEST_SUITE_P(DrainStrategies, DrainManagerImplTest, testing::Bool()); } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/filter_chain_benchmark_test.cc ================================================ #include #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/network/connection.h" #include "envoy/network/listen_socket.h" #include "envoy/protobuf/message_validator.h" #include "server/filter_chain_manager_impl.h" #include "extensions/transport_sockets/well_known_names.h" #include "test/benchmark/main.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" #include "benchmark/benchmark.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Server { namespace { class MockFilterChainFactoryBuilder : public FilterChainFactoryBuilder { Network::DrainableFilterChainSharedPtr buildFilterChain(const envoy::config::listener::v3::FilterChain&, FilterChainFactoryContextCreator&) const override { // A place holder to be found return std::make_shared(); } }; class MockConnectionSocket : public Network::ConnectionSocket { public: MockConnectionSocket() = default; static std::unique_ptr createMockConnectionSocket(uint16_t destination_port, const std::string& destination_address, const std::string& server_name, const std::string& transport_protocol, const std::vector& application_protocols, const std::string& source_address, uint16_t source_port) { auto res = std::make_unique(); if (absl::StartsWith(destination_address, "/")) { res->local_address_ = std::make_shared(destination_address); } else { res->local_address_ = Network::Utility::parseInternetAddress(destination_address, destination_port); } if (absl::StartsWith(source_address, "/")) { res->remote_address_ = std::make_shared(source_address); } else { res->remote_address_ = Network::Utility::parseInternetAddress(source_address, source_port); } res->server_name_ = server_name; res->transport_protocol_ = transport_protocol; res->application_protocols_ = application_protocols; return res; } const Network::Address::InstanceConstSharedPtr& remoteAddress() const override { return remote_address_; } const Network::Address::InstanceConstSharedPtr& directRemoteAddress() const override { return remote_address_; } const Network::Address::InstanceConstSharedPtr& localAddress() const override { return local_address_; } absl::string_view detectedTransportProtocol() const override { return transport_protocol_; } absl::string_view requestedServerName() const override { return server_name_; } const std::vector& requestedApplicationProtocols() const override { return application_protocols_; } // Wont call Network::IoHandle& ioHandle() override { return *io_handle_; } const Network::IoHandle& ioHandle() const override { return *io_handle_; } // Dummy method void close() override {} bool isOpen() const override { return false; } Network::Socket::Type socketType() const override { return Network::Socket::Type::Stream; } Network::Address::Type addressType() const override { return local_address_->type(); } absl::optional ipVersion() const override { return Network::Address::IpVersion::v4; } void setLocalAddress(const Network::Address::InstanceConstSharedPtr&) override {} void restoreLocalAddress(const Network::Address::InstanceConstSharedPtr&) override {} void setRemoteAddress(const Network::Address::InstanceConstSharedPtr&) override {} bool localAddressRestored() const override { return true; } void setDetectedTransportProtocol(absl::string_view) override {} void setRequestedApplicationProtocols(const std::vector&) override {} void addOption(const OptionConstSharedPtr&) override {} void addOptions(const OptionsSharedPtr&) override {} const OptionsSharedPtr& options() const override { return options_; } void setRequestedServerName(absl::string_view) override {} Api::SysCallIntResult bind(Network::Address::InstanceConstSharedPtr) override { return {0, 0}; } Api::SysCallIntResult listen(int) override { return {0, 0}; } Api::SysCallIntResult connect(const Network::Address::InstanceConstSharedPtr) override { return {0, 0}; } Api::SysCallIntResult setSocketOption(int, int, const void*, socklen_t) override { return {0, 0}; } Api::SysCallIntResult getSocketOption(int, int, void*, socklen_t*) const override { return {0, 0}; } Api::SysCallIntResult setBlockingForTest(bool) override { return {0, 0}; } absl::optional lastRoundTripTime() override { return {}; } private: Network::IoHandlePtr io_handle_; OptionsSharedPtr options_; Network::Address::InstanceConstSharedPtr local_address_; Network::Address::InstanceConstSharedPtr remote_address_; std::string server_name_; std::string transport_protocol_; std::vector application_protocols_; }; const char YamlHeader[] = R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" config: {} filter_chains: - filter_chain_match: # empty transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a")EOF"; const char YamlSingleServer[] = R"EOF( - filter_chain_match: server_names: "server1.example.com" transport_protocol: "tls" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a")EOF"; const char YamlSingleDstPortTop[] = R"EOF( - filter_chain_match: destination_port: )EOF"; const char YamlSingleDstPortBottom[] = R"EOF( transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a")EOF"; } // namespace class FilterChainBenchmarkFixture : public ::benchmark::Fixture { public: void initialize(::benchmark::State& state) { int64_t input_size = state.range(0); std::vector port_chains; port_chains.reserve(input_size); for (int i = 0; i < input_size; i++) { port_chains.push_back(absl::StrCat(YamlSingleDstPortTop, 10000 + i, YamlSingleDstPortBottom)); } listener_yaml_config_ = TestEnvironment::substitute( absl::StrCat(YamlHeader, YamlSingleServer, absl::StrJoin(port_chains, "")), Network::Address::IpVersion::v4); TestUtility::loadFromYaml(listener_yaml_config_, listener_config_); filter_chains_ = listener_config_.filter_chains(); } Envoy::Thread::MutexBasicLockable lock_; Logger::Context logging_state_{spdlog::level::warn, Logger::Logger::DEFAULT_LOG_FORMAT, lock_, false}; std::string listener_yaml_config_; envoy::config::listener::v3::Listener listener_config_; absl::Span filter_chains_; MockFilterChainFactoryBuilder dummy_builder_; Init::ManagerImpl init_manager_{"fcm_benchmark"}; }; // NOLINTNEXTLINE(readability-redundant-member-init) BENCHMARK_DEFINE_F(FilterChainBenchmarkFixture, FilterChainManagerBuildTest) (::benchmark::State& state) { if (benchmark::skipExpensiveBenchmarks() && state.range(0) > 64) { state.SkipWithError("Skipping expensive benchmark"); return; } initialize(state); NiceMock factory_context; for (auto _ : state) { FilterChainManagerImpl filter_chain_manager{ std::make_shared("127.0.0.1", 1234), factory_context, init_manager_}; filter_chain_manager.addFilterChain(filter_chains_, dummy_builder_, filter_chain_manager); } } BENCHMARK_DEFINE_F(FilterChainBenchmarkFixture, FilterChainFindTest) (::benchmark::State& state) { if (benchmark::skipExpensiveBenchmarks() && state.range(0) > 64) { state.SkipWithError("Skipping expensive benchmark"); return; } initialize(state); std::vector sockets; sockets.reserve(state.range(0)); for (int i = 0; i < state.range(0); i++) { sockets.push_back(std::move(*MockConnectionSocket::createMockConnectionSocket( 10000 + i, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111))); } NiceMock factory_context; FilterChainManagerImpl filter_chain_manager{ std::make_shared("127.0.0.1", 1234), factory_context, init_manager_}; filter_chain_manager.addFilterChain(filter_chains_, dummy_builder_, filter_chain_manager); for (auto _ : state) { for (int i = 0; i < state.range(0); i++) { filter_chain_manager.findFilterChain(sockets[i]); } } } BENCHMARK_REGISTER_F(FilterChainBenchmarkFixture, FilterChainManagerBuildTest) ->Ranges({ // scale of the chains {1, 4096}, }) ->Unit(::benchmark::kMillisecond); BENCHMARK_REGISTER_F(FilterChainBenchmarkFixture, FilterChainFindTest) ->Ranges({ // scale of the chains {1, 4096}, }) ->Unit(::benchmark::kMillisecond); /* clang-format off Run on (32 X 2200 MHz CPU s) CPU Caches: L1 Data 32K (x16) L1 Instruction 32K (x16) L2 Unified 256K (x16) L3 Unified 56320K (x1) Load Average: 19.05, 9.89, 3.92 ------------------------------------------------------------------------------------------------------- Benchmark Time CPU Iterations ------------------------------------------------------------------------------------------------------- FilterChainBenchmarkFixture/FilterChainManagerBuildTest/1 136994 ns 134510 ns 5183 FilterChainBenchmarkFixture/FilterChainManagerBuildTest/8 583649 ns 574596 ns 1207 FilterChainBenchmarkFixture/FilterChainManagerBuildTest/64 4483799 ns 4419618 ns 157 FilterChainBenchmarkFixture/FilterChainManagerBuildTest/512 38864048 ns 38340468 ns 19 FilterChainBenchmarkFixture/FilterChainManagerBuildTest/4096 318686843 ns 318568578 ns 2 FilterChainBenchmarkFixture/FilterChainFindTest/1 201 ns 201 ns 3494470 FilterChainBenchmarkFixture/FilterChainFindTest/8 1592 ns 1592 ns 435045 FilterChainBenchmarkFixture/FilterChainFindTest/64 16057 ns 16053 ns 44275 FilterChainBenchmarkFixture/FilterChainFindTest/512 172423 ns 172269 ns 4253 FilterChainBenchmarkFixture/FilterChainFindTest/4096 2676478 ns 2676167 ns 254 clang-format on */ } // namespace Server } // namespace Envoy ================================================ FILE: test/server/filter_chain_manager_impl_test.cc ================================================ #include #include #include #include #include #include #include "envoy/config/listener/v3/listener_components.pb.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "common/api/os_sys_calls_impl.h" #include "common/config/metadata.h" #include "common/network/address_impl.h" #include "common/network/io_socket_handle_impl.h" #include "common/network/listen_socket_impl.h" #include "common/network/socket_option_impl.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" #include "server/configuration_impl.h" #include "server/filter_chain_manager_impl.h" #include "server/listener_manager_impl.h" #include "extensions/transport_sockets/tls/ssl_socket.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/drain_manager.h" #include "test/mocks/server/factory_context.h" #include "test/server/utility.h" #include "test/test_common/environment.h" #include "test/test_common/registry.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "test/test_common/utility.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" #include "gtest/gtest.h" using testing::NiceMock; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Server { class MockFilterChainFactoryBuilder : public FilterChainFactoryBuilder { public: MockFilterChainFactoryBuilder() { ON_CALL(*this, buildFilterChain(_, _)) .WillByDefault(Return(std::make_shared())); } MOCK_METHOD(Network::DrainableFilterChainSharedPtr, buildFilterChain, (const envoy::config::listener::v3::FilterChain&, FilterChainFactoryContextCreator&), (const)); }; class FilterChainManagerImplTest : public testing::Test { public: void SetUp() override { local_address_ = std::make_shared("127.0.0.1", 1234); remote_address_ = std::make_shared("127.0.0.1", 1234); TestUtility::loadFromYaml( TestEnvironment::substitute(filter_chain_yaml, Network::Address::IpVersion::v4), filter_chain_template_); } const Network::FilterChain* findFilterChainHelper(uint16_t destination_port, const std::string& destination_address, const std::string& server_name, const std::string& transport_protocol, const std::vector& application_protocols, const std::string& source_address, uint16_t source_port) { auto mock_socket = std::make_shared>(); sockets_.push_back(mock_socket); if (absl::StartsWith(destination_address, "/")) { local_address_ = std::make_shared(destination_address); } else { local_address_ = Network::Utility::parseInternetAddress(destination_address, destination_port); } ON_CALL(*mock_socket, localAddress()).WillByDefault(ReturnRef(local_address_)); ON_CALL(*mock_socket, requestedServerName()) .WillByDefault(Return(absl::string_view(server_name))); ON_CALL(*mock_socket, detectedTransportProtocol()) .WillByDefault(Return(absl::string_view(transport_protocol))); ON_CALL(*mock_socket, requestedApplicationProtocols()) .WillByDefault(ReturnRef(application_protocols)); if (absl::StartsWith(source_address, "/")) { remote_address_ = std::make_shared(source_address); } else { remote_address_ = Network::Utility::parseInternetAddress(source_address, source_port); } ON_CALL(*mock_socket, remoteAddress()).WillByDefault(ReturnRef(remote_address_)); return filter_chain_manager_.findFilterChain(*mock_socket); } void addSingleFilterChainHelper(const envoy::config::listener::v3::FilterChain& filter_chain) { filter_chain_manager_.addFilterChain( std::vector{&filter_chain}, filter_chain_factory_builder_, filter_chain_manager_); } // Intermediate states. Network::Address::InstanceConstSharedPtr local_address_; Network::Address::InstanceConstSharedPtr remote_address_; std::vector> sockets_; // Reusable template. const std::string filter_chain_yaml = R"EOF( filter_chain_match: destination_port: 10000 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" )EOF"; Init::ManagerImpl init_manager_{"for_filter_chain_manager_test"}; envoy::config::listener::v3::FilterChain filter_chain_template_; NiceMock filter_chain_factory_builder_; NiceMock parent_context_; // Test target. FilterChainManagerImpl filter_chain_manager_{ std::make_shared("127.0.0.1", 1234), parent_context_, init_manager_}; }; TEST_F(FilterChainManagerImplTest, FilterChainMatchNothing) { auto filter_chain = findFilterChainHelper(10000, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); } TEST_F(FilterChainManagerImplTest, AddSingleFilterChain) { addSingleFilterChainHelper(filter_chain_template_); auto* filter_chain = findFilterChainHelper(10000, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_NE(filter_chain, nullptr); } TEST_F(FilterChainManagerImplTest, LookupFilterChainContextByFilterChainMessage) { std::vector filter_chain_messages; for (int i = 0; i < 2; i++) { envoy::config::listener::v3::FilterChain new_filter_chain = filter_chain_template_; new_filter_chain.set_name(absl::StrCat("filter_chain_", i)); // For sanity check new_filter_chain.mutable_filter_chain_match()->mutable_destination_port()->set_value(10000 + i); filter_chain_messages.push_back(std::move(new_filter_chain)); } EXPECT_CALL(filter_chain_factory_builder_, buildFilterChain(_, _)).Times(2); filter_chain_manager_.addFilterChain( std::vector{&filter_chain_messages[0], &filter_chain_messages[1]}, filter_chain_factory_builder_, filter_chain_manager_); } TEST_F(FilterChainManagerImplTest, DuplicateContextsAreNotBuilt) { std::vector filter_chain_messages; for (int i = 0; i < 3; i++) { envoy::config::listener::v3::FilterChain new_filter_chain = filter_chain_template_; new_filter_chain.set_name(absl::StrCat("filter_chain_", i)); // For sanity check new_filter_chain.mutable_filter_chain_match()->mutable_destination_port()->set_value(10000 + i); filter_chain_messages.push_back(std::move(new_filter_chain)); } EXPECT_CALL(filter_chain_factory_builder_, buildFilterChain(_, _)).Times(1); filter_chain_manager_.addFilterChain( std::vector{&filter_chain_messages[0]}, filter_chain_factory_builder_, filter_chain_manager_); FilterChainManagerImpl new_filter_chain_manager{ std::make_shared("127.0.0.1", 1234), parent_context_, init_manager_, filter_chain_manager_}; // The new filter chain manager maintains 3 filter chains, but only 2 filter chain context is // built because it reuse the filter chain context in the previous filter chain manager EXPECT_CALL(filter_chain_factory_builder_, buildFilterChain(_, _)).Times(2); new_filter_chain_manager.addFilterChain( std::vector{ &filter_chain_messages[0], &filter_chain_messages[1], &filter_chain_messages[2]}, filter_chain_factory_builder_, new_filter_chain_manager); } TEST_F(FilterChainManagerImplTest, CreatedFilterChainFactoryContextHasIndependentDrainClose) { std::vector filter_chain_messages; for (int i = 0; i < 3; i++) { envoy::config::listener::v3::FilterChain new_filter_chain = filter_chain_template_; new_filter_chain.set_name(absl::StrCat("filter_chain_", i)); // For sanity check new_filter_chain.mutable_filter_chain_match()->mutable_destination_port()->set_value(10000 + i); filter_chain_messages.push_back(std::move(new_filter_chain)); } auto context0 = filter_chain_manager_.createFilterChainFactoryContext(&filter_chain_messages[0]); auto context1 = filter_chain_manager_.createFilterChainFactoryContext(&filter_chain_messages[1]); // Server as whole is not draining. MockDrainManager not_a_draining_manager; EXPECT_CALL(not_a_draining_manager, drainClose).WillRepeatedly(Return(false)); Configuration::MockServerFactoryContext mock_server_context; EXPECT_CALL(mock_server_context, drainManager).WillRepeatedly(ReturnRef(not_a_draining_manager)); EXPECT_CALL(parent_context_, getServerFactoryContext) .WillRepeatedly(ReturnRef(mock_server_context)); EXPECT_FALSE(context0->drainDecision().drainClose()); EXPECT_FALSE(context1->drainDecision().drainClose()); // Drain filter chain 0 auto* context_impl_0 = dynamic_cast(context0.get()); context_impl_0->startDraining(); EXPECT_TRUE(context0->drainDecision().drainClose()); EXPECT_FALSE(context1->drainDecision().drainClose()); } } // namespace Server } // namespace Envoy ================================================ FILE: test/server/guarddog_impl_test.cc ================================================ #include #include #include #include #include #include "envoy/common/time.h" #include "envoy/server/configuration.h" #include "envoy/server/guarddog_config.h" #include "envoy/server/watchdog.h" #include "envoy/thread/thread.h" #include "common/api/api_impl.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/protobuf/utility.h" #include "server/guarddog_impl.h" #include "test/mocks/common.h" #include "test/mocks/server/watchdog_config.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/registry.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::ElementsAre; using testing::InSequence; using testing::NiceMock; namespace Envoy { namespace Server { namespace { // Kill has an explicit value that disables the feature. const int DISABLE_KILL = 0; const int DISABLE_MULTIKILL = 0; // Miss / Megamiss don't have an explicit value that disables them // so set a timeout larger than those used in tests for 'disable' it. const int DISABLE_MISS = 1000000; const int DISABLE_MEGAMISS = 1000000; class DebugTestInterlock : public GuardDogImpl::TestInterlockHook { public: // GuardDogImpl::TestInterlockHook void signalFromImpl(MonotonicTime time) override { impl_reached_ = time; impl_.notifyAll(); } void waitFromTest(Thread::MutexBasicLockable& mutex, MonotonicTime time) override ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex) { while (impl_reached_ < time) { impl_.wait(mutex); } } private: Thread::CondVar impl_; MonotonicTime impl_reached_; }; // We want to make sure guard-dog is tested with both simulated time and real // time, to ensure that it works in production, and that it works in the context // of integration tests which are much easier to control with simulated time. enum class TimeSystemType { Real, Simulated }; class GuardDogTestBase : public testing::TestWithParam { protected: GuardDogTestBase() : time_system_(makeTimeSystem()), api_(Api::createApiForTest(stats_store_, *time_system_)) {} static std::unique_ptr makeTimeSystem() { if (GetParam() == TimeSystemType::Real) { return std::make_unique(); } ASSERT(GetParam() == TimeSystemType::Simulated); return std::make_unique(); } void initGuardDog(Stats::Scope& stats_scope, const Server::Configuration::Watchdog& config) { guard_dog_ = std::make_unique(stats_scope, config, *api_, "server", std::make_unique()); } std::unique_ptr time_system_; Stats::TestUtil::TestStore stats_store_; Api::ApiPtr api_; std::unique_ptr guard_dog_; }; INSTANTIATE_TEST_SUITE_P(TimeSystemType, GuardDogTestBase, testing::ValuesIn({TimeSystemType::Real, TimeSystemType::Simulated})); /** * Death test caveat: Because of the way we die gcov doesn't receive coverage * information from the forked process that is checked for successful death. * This means that the lines dealing with the calls to PANIC are not seen as * green in the coverage report. However, rest assured from the results of the * test: these lines are in fact covered. */ class GuardDogDeathTest : public GuardDogTestBase { protected: GuardDogDeathTest() : config_kill_(1000, 1000, 100, 1000, 0, std::vector{}), config_multikill_(1000, 1000, 1000, 500, 0, std::vector{}), config_multikill_threshold_(1000, 1000, 1000, 500, 60, std::vector{}) {} /** * This does everything but the final forceCheckForTest() that should cause * death for the single kill case. */ void SetupForDeath() { InSequence s; initGuardDog(fakestats_, config_kill_); unpet_dog_ = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); dogs_.emplace_back(unpet_dog_); guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(99)); // 1 ms shy of death. } /** * This does everything but the final forceCheckForTest() that should cause * death for the multiple kill case. */ void SetupForMultiDeath() { InSequence s; initGuardDog(fakestats_, config_multikill_); auto unpet_dog_ = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); dogs_.emplace_back(unpet_dog_); guard_dog_->forceCheckForTest(); auto second_dog_ = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); dogs_.emplace_back(second_dog_); guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(499)); // 1 ms shy of multi-death. } /** * This does everything but the final forceCheckForTest() that should cause * death for the multiple kill case using threshold (100% of watchdogs over the threshold). */ void setupForMultiDeathThreshold() { InSequence s; initGuardDog(fakestats_, config_multikill_threshold_); // Creates 5 watchdogs. for (int i = 0; i < 5; ++i) { auto dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); dogs_.emplace_back(dog); if (i == 0) { unpet_dog_ = dog; } else if (i == 1) { second_dog_ = dog; } guard_dog_->forceCheckForTest(); } time_system_->advanceTimeWait(std::chrono::milliseconds(499)); // 1 ms shy of multi-death. } NiceMock config_kill_; NiceMock config_multikill_; NiceMock config_multikill_threshold_; NiceMock fakestats_; WatchDogSharedPtr unpet_dog_; WatchDogSharedPtr second_dog_; std::vector dogs_; // Tracks all watchdogs created. }; INSTANTIATE_TEST_SUITE_P(TimeSystemType, GuardDogDeathTest, testing::ValuesIn({TimeSystemType::Real, TimeSystemType::Simulated})); // These tests use threads, and need to run after the real death tests, so we need to call them // a different name. class GuardDogAlmostDeadTest : public GuardDogDeathTest {}; INSTANTIATE_TEST_SUITE_P( TimeSystemType, GuardDogAlmostDeadTest, testing::ValuesIn({// TODO(#6465): TimeSystemType::Real -- fails in this suite 30/1000 times. TimeSystemType::Simulated})); TEST_P(GuardDogDeathTest, KillDeathTest) { // Is it German for "The Function"? Almost... auto die_function = [&]() -> void { SetupForDeath(); time_system_->advanceTimeWait(std::chrono::milliseconds(401)); // 400 ms past death. guard_dog_->forceCheckForTest(); }; // Why do it this way? Any threads must be started inside the death test // statement and this is the easiest way to accomplish that. EXPECT_DEATH(die_function(), ""); } TEST_P(GuardDogAlmostDeadTest, KillNoFinalCheckTest) { // This does everything the death test does, except allow enough time to // expire to reach the death panic. The death test does not verify that there // was not a crash *before* the expected line, so this test checks that. SetupForDeath(); } TEST_P(GuardDogDeathTest, MultiKillDeathTest) { auto die_function = [&]() -> void { SetupForMultiDeath(); time_system_->advanceTimeWait(std::chrono::milliseconds(2)); // 1 ms past multi-death. guard_dog_->forceCheckForTest(); }; EXPECT_DEATH(die_function(), ""); } TEST_P(GuardDogAlmostDeadTest, MultiKillNoFinalCheckTest) { // This does everything the death test does not except the final force check that // should actually result in dying. The death test does not verify that there // was not a crash *before* the expected line, so this test checks that. SetupForMultiDeath(); } TEST_P(GuardDogDeathTest, MultiKillThresholdDeathTest) { auto die_function = [&]() -> void { setupForMultiDeathThreshold(); // Pet the last two dogs so we're just at the threshold that causes death. dogs_.at(4)->touch(); dogs_.at(3)->touch(); time_system_->advanceTimeWait(std::chrono::milliseconds(2)); // 1 ms past multi-death. guard_dog_->forceCheckForTest(); }; EXPECT_DEATH(die_function(), ""); } TEST_P(GuardDogAlmostDeadTest, MultiKillUnderThreshold) { // This does everything the death test does except it pets an additional watchdog // that causes us to be under the threshold (60%) of multikill death. setupForMultiDeathThreshold(); // Pet the last three dogs so we're just under the threshold that causes death. dogs_.at(4)->touch(); dogs_.at(3)->touch(); dogs_.at(2)->touch(); time_system_->advanceTimeWait(std::chrono::milliseconds(2)); // 1 ms past multi-death. guard_dog_->forceCheckForTest(); } TEST_P(GuardDogAlmostDeadTest, NearDeathTest) { // This ensures that if only one thread surpasses the multiple kill threshold // there is no death. The positive case is covered in MultiKillDeathTest. InSequence s; initGuardDog(fakestats_, config_multikill_); auto unpet_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); auto pet_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); // This part "waits" 600 milliseconds while one dog is touched every 100, and // the other is not. 600ms is over the threshold of 500ms for multi-kill but // only one is nonresponsive, so there should be no kill (single kill // threshold of 1s is not reached). for (int i = 0; i < 6; i++) { time_system_->advanceTimeWait(std::chrono::milliseconds(100)); pet_dog->touch(); guard_dog_->forceCheckForTest(); } } class GuardDogMissTest : public GuardDogTestBase { protected: GuardDogMissTest() : config_miss_(500, 1000, 0, 0, 0, std::vector{}), config_mega_(1000, 500, 0, 0, 0, std::vector{}) {} void checkMiss(uint64_t count, const std::string& descriptor) { EXPECT_EQ(count, TestUtility::findCounter(stats_store_, "server.watchdog_miss")->value()) << descriptor; EXPECT_EQ(count, TestUtility::findCounter(stats_store_, "server.test_thread.watchdog_miss")->value()) << descriptor; } void checkMegaMiss(uint64_t count, const std::string& descriptor) { EXPECT_EQ(count, TestUtility::findCounter(stats_store_, "server.watchdog_mega_miss")->value()) << descriptor; EXPECT_EQ( count, TestUtility::findCounter(stats_store_, "server.test_thread.watchdog_mega_miss")->value()) << descriptor; } NiceMock config_miss_; NiceMock config_mega_; }; INSTANTIATE_TEST_SUITE_P(TimeSystemType, GuardDogMissTest, testing::ValuesIn({TimeSystemType::Real, TimeSystemType::Simulated})); TEST_P(GuardDogMissTest, MissTest) { // This test checks the actual collected statistics after doing some timer // advances that should and shouldn't increment the counters. initGuardDog(stats_store_, config_miss_); auto unpet_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); // We'd better start at 0: checkMiss(0, "MissTest check 1"); // At 300ms we shouldn't have hit the timeout yet: time_system_->advanceTimeWait(std::chrono::milliseconds(300)); guard_dog_->forceCheckForTest(); checkMiss(0, "MissTest check 2"); // This should push it past the 500ms limit: time_system_->advanceTimeWait(std::chrono::milliseconds(250)); guard_dog_->forceCheckForTest(); checkMiss(1, "MissTest check 3"); guard_dog_->stopWatching(unpet_dog); unpet_dog = nullptr; } TEST_P(GuardDogMissTest, MegaMissTest) { // TODO(#6465): This test fails in real-time 1/1000 times, but passes in simulated time. if (GetParam() == TimeSystemType::Real) { return; } // This test checks the actual collected statistics after doing some timer // advances that should and shouldn't increment the counters. initGuardDog(stats_store_, config_mega_); auto unpet_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); // We'd better start at 0: checkMegaMiss(0, "MegaMissTest check 1"); // This shouldn't be enough to increment the stat: time_system_->advanceTimeWait(std::chrono::milliseconds(499)); guard_dog_->forceCheckForTest(); checkMegaMiss(0, "MegaMissTest check 2"); // Just 2ms more will make it greater than 500ms timeout: time_system_->advanceTimeWait(std::chrono::milliseconds(2)); guard_dog_->forceCheckForTest(); checkMegaMiss(1, "MegaMissTest check 3"); guard_dog_->stopWatching(unpet_dog); unpet_dog = nullptr; } TEST_P(GuardDogMissTest, MissCountTest) { // TODO(#6465): This test fails in real-time 9/1000 times, but passes in simulated time. if (GetParam() == TimeSystemType::Real) { return; } // This tests a flake discovered in the MissTest where real timeout or // spurious condition_variable wakeup causes the counter to get incremented // more than it should be. initGuardDog(stats_store_, config_miss_); auto sometimes_pet_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); // These steps are executed once without ever touching the watchdog. // Then the last step is to touch the watchdog and repeat the steps. // This verifies that the behavior is reset back to baseline after a touch. for (unsigned long i = 0; i < 2; i++) { EXPECT_EQ(i, stats_store_.counter("server.watchdog_miss").value()); // This shouldn't be enough to increment the stat: time_system_->advanceTimeWait(std::chrono::milliseconds(499)); guard_dog_->forceCheckForTest(); checkMiss(i, "MissCountTest check 1"); // And if we force re-execution of the loop it still shouldn't be: guard_dog_->forceCheckForTest(); checkMiss(i, "MissCountTest check 2"); // Just 2ms more will make it greater than 500ms timeout: time_system_->advanceTimeWait(std::chrono::milliseconds(2)); guard_dog_->forceCheckForTest(); checkMiss(i + 1, "MissCountTest check 3"); // Spurious wakeup, we should still only have one miss counted. guard_dog_->forceCheckForTest(); checkMiss(i + 1, "MissCountTest check 4"); // When we finally touch the dog we should get one more increment once the // timeout value expires: sometimes_pet_dog->touch(); } time_system_->advanceTimeWait(std::chrono::milliseconds(1000)); sometimes_pet_dog->touch(); // Make sure megamiss still works: checkMegaMiss(0UL, "MissCountTest check 5"); time_system_->advanceTimeWait(std::chrono::milliseconds(1500)); guard_dog_->forceCheckForTest(); checkMegaMiss(1UL, "MissCountTest check 6"); guard_dog_->stopWatching(sometimes_pet_dog); sometimes_pet_dog = nullptr; } TEST_P(GuardDogTestBase, StartStopTest) { NiceMock stats; NiceMock config(0, 0, 0, 0, 0, std::vector{}); initGuardDog(stats, config); } TEST_P(GuardDogTestBase, LoopIntervalNoKillTest) { NiceMock stats; NiceMock config(40, 50, 0, 0, 0, std::vector{}); initGuardDog(stats, config); EXPECT_EQ(guard_dog_->loopIntervalForTest(), std::chrono::milliseconds(40)); } TEST_P(GuardDogTestBase, LoopIntervalTest) { NiceMock stats; NiceMock config(100, 90, 1000, 500, 0, std::vector{}); initGuardDog(stats, config); EXPECT_EQ(guard_dog_->loopIntervalForTest(), std::chrono::milliseconds(90)); } TEST_P(GuardDogTestBase, WatchDogThreadIdTest) { NiceMock stats; NiceMock config(100, 90, 1000, 500, 0, std::vector{}); initGuardDog(stats, config); auto watched_dog = guard_dog_->createWatchDog(api_->threadFactory().currentThreadId(), "test_thread"); EXPECT_EQ(watched_dog->threadId().debugString(), api_->threadFactory().currentThreadId().debugString()); guard_dog_->stopWatching(watched_dog); } // If this test fails it is because the std::chrono::steady_clock::duration type has become // nontrivial or we are compiling under a compiler and library combo that makes // std::chrono::steady_clock::duration require a lock to be atomically modified. // // The WatchDog/GuardDog relies on this being a lock free atomic for perf reasons so some workaround // will be required if this test starts failing. TEST_P(GuardDogTestBase, AtomicIsAtomicTest) { std::atomic atomic_time; ASSERT_EQ(atomic_time.is_lock_free(), true); } // A GuardDogAction used for testing the GuardDog. // It's primary use is dumping string of the format EVENT_TYPE : tid1,.., tidN to // the events vector passed to it. // Instances of this class will be registered for GuardDogEvent through // TestGuardDogActionFactory. class RecordGuardDogAction : public Configuration::GuardDogAction { public: RecordGuardDogAction(std::vector& events) : events_(events) {} void run(envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent event, const std::vector>& thread_last_checkin_pairs, MonotonicTime /*now*/) override { std::string event_string = envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent_Name(event); absl::StrAppend(&event_string, " : "); std::vector output_string_parts; output_string_parts.reserve(thread_last_checkin_pairs.size()); for (const auto& thread_ltt_pair : thread_last_checkin_pairs) { output_string_parts.push_back(thread_ltt_pair.first.debugString()); } absl::StrAppend(&event_string, absl::StrJoin(output_string_parts, ",")); events_.push_back(event_string); } protected: std::vector& events_; // not owned }; // A GuardDogAction that raises the specified signal. class AssertGuardDogAction : public Configuration::GuardDogAction { public: AssertGuardDogAction() = default; void run(envoy::config::bootstrap::v3::Watchdog::WatchdogAction::WatchdogEvent /*event*/, const std::vector>& /*thread_last_checkin_pairs*/, MonotonicTime /*now*/) override { RELEASE_ASSERT(false, "ASSERT_GUARDDOG_ACTION"); } }; // Test factory for consuming Watchdog configs and creating GuardDogActions. template class RecordGuardDogActionFactory : public Configuration::GuardDogActionFactory { public: RecordGuardDogActionFactory(const std::string& name, std::vector& events) : name_(name), events_(events) {} Configuration::GuardDogActionPtr createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& /*config*/, Configuration::GuardDogActionFactoryContext& /*context*/) override { // Return different actions depending on the config. return std::make_unique(events_); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new ConfigType()}; } std::string name() const override { return name_; } const std::string name_; std::vector& events_; // not owned }; // Test factory for consuming Watchdog configs and creating GuardDogActions. template class AssertGuardDogActionFactory : public Configuration::GuardDogActionFactory { public: AssertGuardDogActionFactory(const std::string& name) : name_(name) {} Configuration::GuardDogActionPtr createGuardDogActionFromProto( const envoy::config::bootstrap::v3::Watchdog::WatchdogAction& /*config*/, Configuration::GuardDogActionFactoryContext& /*context*/) override { // Return different actions depending on the config. return std::make_unique(); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new ConfigType()}; } std::string name() const override { return name_; } const std::string name_; }; /** * Tests that various actions registered for the guard dog get called upon. */ class GuardDogActionsTest : public GuardDogTestBase { protected: GuardDogActionsTest() : log_factory_("LogFactory", events_), register_log_factory_(log_factory_), assert_factory_("AssertFactory"), register_assert_factory_(assert_factory_) {} std::vector getActionsConfig() { return { R"EOF( { "config": { "name": "AssertFactory", "typed_config": { "@type": "type.googleapis.com/google.protobuf.Empty" } }, "event": "MULTIKILL" } )EOF", R"EOF( { "config": { "name": "AssertFactory", "typed_config": { "@type": "type.googleapis.com/google.protobuf.Empty" } }, "event": "KILL" } )EOF", R"EOF( { "config": { "name": "LogFactory", "typed_config": { "@type": "type.googleapis.com/google.protobuf.Empty" } }, "event": "MEGAMISS" } )EOF", R"EOF( { "config": { "name": "LogFactory", "typed_config": { "@type": "type.googleapis.com/google.protobuf.Empty" } }, "event": "MISS" } )EOF"}; } void setupFirstDog(const NiceMock& config, Thread::ThreadId tid) { initGuardDog(fake_stats_, config); first_dog_ = guard_dog_->createWatchDog(tid, "test_thread"); guard_dog_->forceCheckForTest(); } std::vector actions_; std::vector events_; RecordGuardDogActionFactory log_factory_; Registry::InjectFactory register_log_factory_; AssertGuardDogActionFactory assert_factory_; Registry::InjectFactory register_assert_factory_; NiceMock fake_stats_; WatchDogSharedPtr first_dog_; WatchDogSharedPtr second_dog_; }; INSTANTIATE_TEST_SUITE_P(TimeSystemType, GuardDogActionsTest, testing::ValuesIn({TimeSystemType::Real, TimeSystemType::Simulated})); TEST_P(GuardDogActionsTest, MissShouldOnlyReportRelevantThreads) { const NiceMock config(100, DISABLE_MEGAMISS, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); second_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); time_system_->advanceTimeWait(std::chrono::milliseconds(50)); second_dog_->touch(); // This will reset the loop interval timer, and should help us // synchronize with the guard dog. guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(51)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MISS : 10")); } TEST_P(GuardDogActionsTest, MissShouldBeAbleToReportMultipleThreads) { const NiceMock config(100, DISABLE_MEGAMISS, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); initGuardDog(fake_stats_, config); first_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(10), "test_thread"); second_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); first_dog_->touch(); second_dog_->touch(); // This should ensure that when the next call to step() occurs, both of the // dogs will be over last touch time threshold and be reported in the event. // The next call to step() will either be triggered by the timer or after // advanceTimeWait() below, but only one of them will append to events_ // because of saturation. guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MISS : 10,11")); } TEST_P(GuardDogActionsTest, MissShouldSaturateOnMissEvent) { const NiceMock config(100, DISABLE_MISS, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MISS : 10")); // Should saturate and not add an additional "event_" time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MISS : 10")); // Touch the watchdog, which should allow the event to trigger again. first_dog_->touch(); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MISS : 10", "MISS : 10")); } TEST_P(GuardDogActionsTest, MegaMissShouldOnlyReportRelevantThreads) { const NiceMock config(DISABLE_MISS, 100, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); second_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); time_system_->advanceTimeWait(std::chrono::milliseconds(50)); second_dog_->touch(); // This will reset the loop interval timer, and should help us // synchronize with the guard dog. guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(51)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10")); } TEST_P(GuardDogActionsTest, MegaMissShouldBeAbleToReportMultipleThreads) { const NiceMock config(DISABLE_MISS, 100, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); initGuardDog(fake_stats_, config); first_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(10), "test_thread"); second_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); first_dog_->touch(); second_dog_->touch(); // This should ensure that when the next call to step() occurs, both of the // dogs will be over last touch time threshold and be reported in the event. // The next call to step() will either be triggered by the timer or after // advanceTimeWait() below, but only one of them will append to events_ // because of saturation. guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10,11")); } TEST_P(GuardDogActionsTest, MegaMissShouldSaturateOnMegaMissEvent) { const NiceMock config(DISABLE_MISS, 100, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10")); // Should saturate and not add an additional "event_" time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10")); // Touch the watchdog, which should allow the event to trigger again. first_dog_->touch(); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10", "MEGAMISS : 10")); } TEST_P(GuardDogActionsTest, ShouldRespectEventPriority) { // Priority of events are KILL, MULTIKILL, MEGAMISS and MISS // Kill event should fire before the others auto kill_function = [&]() -> void { const NiceMock config(100, 100, 100, 100, 0, getActionsConfig()); initGuardDog(fake_stats_, config); auto first_dog = guard_dog_->createWatchDog(Thread::ThreadId(10), "test_thread"); auto second_dog = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); }; // We expect only the kill action to have fired EXPECT_DEATH(kill_function(), "ASSERT_GUARDDOG_ACTION"); // Multikill event should fire before the others auto multikill_function = [&]() -> void { const NiceMock config(100, 100, DISABLE_KILL, 100, 0, getActionsConfig()); initGuardDog(fake_stats_, config); auto first_dog = guard_dog_->createWatchDog(Thread::ThreadId(10), "test_thread"); auto second_dog = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); }; EXPECT_DEATH(multikill_function(), "ASSERT_GUARDDOG_ACTION"); // We expect megamiss to fire before miss const NiceMock config(100, 100, DISABLE_KILL, DISABLE_MULTIKILL, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); EXPECT_THAT(events_, ElementsAre("MEGAMISS : 10", "MISS : 10")); } TEST_P(GuardDogActionsTest, KillShouldTriggerGuardDogActions) { auto die_function = [&]() -> void { const NiceMock config(DISABLE_MISS, DISABLE_MEGAMISS, 100, 0, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); }; EXPECT_DEATH(die_function(), "ASSERT_GUARDDOG_ACTION"); } TEST_P(GuardDogActionsTest, MultikillShouldTriggerGuardDogActions) { auto die_function = [&]() -> void { const NiceMock config(DISABLE_MISS, DISABLE_MEGAMISS, DISABLE_KILL, 100, 0, getActionsConfig()); setupFirstDog(config, Thread::ThreadId(10)); second_dog_ = guard_dog_->createWatchDog(Thread::ThreadId(11), "test_thread"); guard_dog_->forceCheckForTest(); time_system_->advanceTimeWait(std::chrono::milliseconds(101)); guard_dog_->forceCheckForTest(); }; EXPECT_DEATH(die_function(), "ASSERT_GUARDDOG_ACTION"); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/hot_restart_impl_test.cc ================================================ #include #include "common/api/os_sys_calls_impl.h" #include "common/api/os_sys_calls_impl_hot_restart.h" #include "common/common/hex.h" #include "server/hot_restart_impl.h" #include "test/mocks/api/hot_restart.h" #include "test/mocks/api/mocks.h" #include "test/mocks/server/hot_restart.h" #include "test/test_common/logging.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "absl/strings/match.h" #include "absl/strings/string_view.h" #include "gtest/gtest.h" using testing::_; using testing::AnyNumber; using testing::Invoke; using testing::InvokeWithoutArgs; using testing::Return; using testing::WithArg; namespace Envoy { namespace Server { namespace { class HotRestartImplTest : public testing::Test { public: void setup() { EXPECT_CALL(hot_restart_os_sys_calls_, shmUnlink(_)).Times(AnyNumber()); EXPECT_CALL(hot_restart_os_sys_calls_, shmOpen(_, _, _)); EXPECT_CALL(os_sys_calls_, ftruncate(_, _)).WillOnce(WithArg<1>(Invoke([this](off_t size) { buffer_.resize(size); return Api::SysCallIntResult{0, 0}; }))); EXPECT_CALL(os_sys_calls_, mmap(_, _, _, _, _, _)).WillOnce(InvokeWithoutArgs([this]() { return Api::SysCallPtrResult{buffer_.data(), 0}; })); // We bind two sockets: one to talk to parent, one to talk to our (hypothetical eventual) child EXPECT_CALL(os_sys_calls_, bind(_, _, _)).Times(2); // Test we match the correct stat with empty-slots before, after, or both. hot_restart_ = std::make_unique(0, 0, "@envoy_domain_socket", 0); hot_restart_->drainParentListeners(); // We close both sockets. EXPECT_CALL(os_sys_calls_, close(_)).Times(2); } Api::MockOsSysCalls os_sys_calls_; TestThreadsafeSingletonInjector os_calls{&os_sys_calls_}; Api::MockHotRestartOsSysCalls hot_restart_os_sys_calls_; TestThreadsafeSingletonInjector hot_restart_os_calls{ &hot_restart_os_sys_calls_}; std::vector buffer_; std::unique_ptr hot_restart_; }; TEST_F(HotRestartImplTest, VersionString) { // Tests that the version-string will be consistent and HOT_RESTART_VERSION, // between multiple instantiations. std::string version; // The mocking infrastructure requires a test setup and teardown every time we // want to re-instantiate HotRestartImpl. { setup(); version = hot_restart_->version(); EXPECT_TRUE(absl::StartsWith(version, fmt::format("{}.", HOT_RESTART_VERSION))) << version; TearDown(); } { setup(); EXPECT_EQ(version, hot_restart_->version()) << "Version string deterministic from options"; TearDown(); } } // Test that HotRestartDomainSocketInUseException is thrown when the domain socket is already // in use, TEST_F(HotRestartImplTest, DomainSocketAlreadyInUse) { EXPECT_CALL(os_sys_calls_, bind(_, _, _)) .WillOnce(Return(Api::SysCallIntResult{-1, SOCKET_ERROR_ADDR_IN_USE})); EXPECT_CALL(os_sys_calls_, close(_)).Times(1); EXPECT_THROW(std::make_unique(0, 0, "@envoy_domain_socket", 0), Server::HotRestartDomainSocketInUseException); } // Test that EnvoyException is thrown when the domain socket bind fails for reasons other than // being in use. TEST_F(HotRestartImplTest, DomainSocketError) { EXPECT_CALL(os_sys_calls_, bind(_, _, _)) .WillOnce(Return(Api::SysCallIntResult{-1, SOCKET_ERROR_ACCESS})); EXPECT_CALL(os_sys_calls_, close(_)).Times(1); EXPECT_THROW(std::make_unique(0, 0, "@envoy_domain_socket", 0), EnvoyException); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/hot_restarting_parent_test.cc ================================================ #include #include "server/hot_restarting_child.h" #include "server/hot_restarting_parent.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/listener_manager.h" #include "gtest/gtest.h" using testing::InSequence; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Server { namespace { using HotRestartMessage = envoy::HotRestartMessage; class HotRestartingParentTest : public testing::Test { public: NiceMock server_; HotRestartingParent::Internal hot_restarting_parent_{&server_}; }; TEST_F(HotRestartingParentTest, ShutdownAdmin) { EXPECT_CALL(server_, shutdownAdmin()); EXPECT_CALL(server_, startTimeFirstEpoch()).WillOnce(Return(12345)); HotRestartMessage message = hot_restarting_parent_.shutdownAdmin(); EXPECT_EQ(12345, message.reply().shutdown_admin().original_start_time_unix_seconds()); } TEST_F(HotRestartingParentTest, GetListenSocketsForChildNotFound) { MockListenerManager listener_manager; std::vector> listeners; EXPECT_CALL(server_, listenerManager()).WillOnce(ReturnRef(listener_manager)); EXPECT_CALL(listener_manager, listeners(ListenerManager::ListenerState::ACTIVE)) .WillOnce(Return(listeners)); HotRestartMessage::Request request; request.mutable_pass_listen_socket()->set_address("tcp://127.0.0.1:80"); HotRestartMessage message = hot_restarting_parent_.getListenSocketsForChild(request); EXPECT_EQ(-1, message.reply().pass_listen_socket().fd()); } TEST_F(HotRestartingParentTest, GetListenSocketsForChildNotBindPort) { MockListenerManager listener_manager; Network::MockListenerConfig listener_config; std::vector> listeners; InSequence s; listeners.push_back(std::ref(*static_cast(&listener_config))); EXPECT_CALL(server_, listenerManager()).WillOnce(ReturnRef(listener_manager)); EXPECT_CALL(listener_manager, listeners(ListenerManager::ListenerState::ACTIVE)) .WillOnce(Return(listeners)); EXPECT_CALL(listener_config, listenSocketFactory()); EXPECT_CALL(listener_config.socket_factory_, localAddress()); EXPECT_CALL(listener_config, bindToPort()).WillOnce(Return(false)); HotRestartMessage::Request request; request.mutable_pass_listen_socket()->set_address("tcp://0.0.0.0:80"); HotRestartMessage message = hot_restarting_parent_.getListenSocketsForChild(request); EXPECT_EQ(-1, message.reply().pass_listen_socket().fd()); } TEST_F(HotRestartingParentTest, ExportStatsToChild) { Stats::TestUtil::TestStore store; MockListenerManager listener_manager; EXPECT_CALL(server_, listenerManager()).WillRepeatedly(ReturnRef(listener_manager)); EXPECT_CALL(listener_manager, numConnections()).WillRepeatedly(Return(0)); EXPECT_CALL(server_, stats()).WillRepeatedly(ReturnRef(store)); { store.counter("c1").inc(); store.counter("c2").add(2); store.gauge("g0", Stats::Gauge::ImportMode::Accumulate).set(0); store.gauge("g1", Stats::Gauge::ImportMode::Accumulate).set(123); store.gauge("g2", Stats::Gauge::ImportMode::Accumulate).set(456); HotRestartMessage::Reply::Stats stats; hot_restarting_parent_.exportStatsToChild(&stats); EXPECT_EQ(1, stats.counter_deltas().at("c1")); EXPECT_EQ(2, stats.counter_deltas().at("c2")); EXPECT_EQ(0, stats.gauges().at("g0")); EXPECT_EQ(123, stats.gauges().at("g1")); EXPECT_EQ(456, stats.gauges().at("g2")); } // When a counter has not changed since its last export, it should not be included in the message. { store.counter("c2").add(2); store.gauge("g1", Stats::Gauge::ImportMode::Accumulate).add(1); store.gauge("g2", Stats::Gauge::ImportMode::Accumulate).sub(1); HotRestartMessage::Reply::Stats stats; hot_restarting_parent_.exportStatsToChild(&stats); EXPECT_EQ(stats.counter_deltas().end(), stats.counter_deltas().find("c1")); EXPECT_EQ(2, stats.counter_deltas().at("c2")); // 4 is the value, but 2 is the delta EXPECT_EQ(0, stats.gauges().at("g0")); EXPECT_EQ(124, stats.gauges().at("g1")); EXPECT_EQ(455, stats.gauges().at("g2")); } // When a counter and gauge are not used, they should not be included in the message. { store.counter("unused_counter"); store.counter("used_counter").inc(); store.gauge("unused_gauge", Stats::Gauge::ImportMode::Accumulate); store.gauge("used_gauge", Stats::Gauge::ImportMode::Accumulate).add(1); HotRestartMessage::Reply::Stats stats; hot_restarting_parent_.exportStatsToChild(&stats); EXPECT_EQ(stats.counter_deltas().end(), stats.counter_deltas().find("unused_counter")); EXPECT_EQ(1, stats.counter_deltas().at("used_counter")); EXPECT_EQ(stats.gauges().end(), stats.counter_deltas().find("unused_gauge")); EXPECT_EQ(1, stats.gauges().at("used_gauge")); } } TEST_F(HotRestartingParentTest, RetainDynamicStats) { MockListenerManager listener_manager; Stats::SymbolTableImpl parent_symbol_table; Stats::TestUtil::TestStore parent_store(parent_symbol_table); EXPECT_CALL(server_, listenerManager()).WillRepeatedly(ReturnRef(listener_manager)); EXPECT_CALL(listener_manager, numConnections()).WillRepeatedly(Return(0)); EXPECT_CALL(server_, stats()).WillRepeatedly(ReturnRef(parent_store)); HotRestartMessage::Reply::Stats stats_proto; { Stats::StatNameDynamicPool dynamic(parent_store.symbolTable()); parent_store.counter("c1").inc(); parent_store.counterFromStatName(dynamic.add("c2")).inc(); parent_store.gauge("g1", Stats::Gauge::ImportMode::Accumulate).set(123); parent_store.gaugeFromStatName(dynamic.add("g2"), Stats::Gauge::ImportMode::Accumulate).set(42); hot_restarting_parent_.exportStatsToChild(&stats_proto); } { Stats::SymbolTableImpl child_symbol_table; Stats::TestUtil::TestStore child_store(child_symbol_table); Stats::StatNameDynamicPool dynamic(child_store.symbolTable()); Stats::Counter& c1 = child_store.counter("c1"); Stats::Counter& c2 = child_store.counterFromStatName(dynamic.add("c2")); Stats::Gauge& g1 = child_store.gauge("g1", Stats::Gauge::ImportMode::Accumulate); Stats::Gauge& g2 = child_store.gaugeFromStatName(dynamic.add("g2"), Stats::Gauge::ImportMode::Accumulate); HotRestartingChild hot_restarting_child(0, 0, "@envoy_domain_socket", 0); hot_restarting_child.mergeParentStats(child_store, stats_proto); EXPECT_EQ(1, c1.value()); EXPECT_EQ(1, c2.value()); EXPECT_EQ(123, g1.value()); EXPECT_EQ(42, g2.value()); } } TEST_F(HotRestartingParentTest, DrainListeners) { EXPECT_CALL(server_, drainListeners()); hot_restarting_parent_.drainListeners(); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/lds_api_test.cc ================================================ #include #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "common/protobuf/utility.h" #include "server/lds_api.h" #include "test/mocks/config/mocks.h" #include "test/mocks/init/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/server/listener_manager.h" #include "test/mocks/upstream/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" using ::testing::_; using ::testing::InSequence; using ::testing::Invoke; using ::testing::NiceMock; using ::testing::Return; using ::testing::Throw; namespace Envoy { namespace Server { namespace { class LdsApiTest : public testing::Test { public: LdsApiTest() { ON_CALL(init_manager_, add(_)).WillByDefault(Invoke([this](const Init::Target& target) { init_target_handle_ = target.createHandle("test"); })); } void setup() { envoy::config::core::v3::ConfigSource lds_config; EXPECT_CALL(init_manager_, add(_)); lds_ = std::make_unique(lds_config, nullptr, cluster_manager_, init_manager_, store_, listener_manager_, validation_visitor_); EXPECT_CALL(*cluster_manager_.subscription_factory_.subscription_, start(_, _)); init_target_handle_->initialize(init_watcher_); lds_callbacks_ = cluster_manager_.subscription_factory_.callbacks_; } void expectAdd(const std::string& listener_name, absl::optional version, bool updated) { if (!version) { EXPECT_CALL(listener_manager_, addOrUpdateListener(_, _, true)) .WillOnce( Invoke([listener_name, updated](const envoy::config::listener::v3::Listener& config, const std::string&, bool) -> bool { EXPECT_EQ(listener_name, config.name()); return updated; })); } else { EXPECT_CALL(listener_manager_, addOrUpdateListener(_, version.value(), true)) .WillOnce( Invoke([listener_name, updated](const envoy::config::listener::v3::Listener& config, const std::string&, bool) -> bool { EXPECT_EQ(listener_name, config.name()); return updated; })); } } void makeListenersAndExpectCall(const std::vector& listener_names) { std::vector> refs; listeners_.clear(); for (const auto& name : listener_names) { listeners_.emplace_back(); listeners_.back().name_ = name; refs.emplace_back(listeners_.back()); } EXPECT_CALL(listener_manager_, listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) .WillOnce(Return(refs)); EXPECT_CALL(listener_manager_, beginListenerUpdate()); } envoy::config::listener::v3::Listener buildListener(const std::string& listener_name) { envoy::config::listener::v3::Listener listener; listener.set_name(listener_name); auto socket_address = listener.mutable_address()->mutable_socket_address(); socket_address->set_address(listener_name); socket_address->set_port_value(1); listener.add_filter_chains(); return listener; } std::shared_ptr> grpc_mux_; NiceMock cluster_manager_; Init::MockManager init_manager_; Init::ExpectableWatcherImpl init_watcher_; Init::TargetHandlePtr init_target_handle_; Stats::IsolatedStoreImpl store_; MockListenerManager listener_manager_; Config::SubscriptionCallbacks* lds_callbacks_{}; std::unique_ptr lds_; NiceMock validation_visitor_; private: std::list> listeners_; }; TEST_F(LdsApiTest, MisconfiguredListenerNameIsPresentInException) { InSequence s; setup(); std::vector> existing_listeners; // Construct a minimal listener that would pass proto validation. envoy::config::listener::v3::Listener listener; listener.set_name("invalid-listener"); auto socket_address = listener.mutable_address()->mutable_socket_address(); socket_address->set_address("invalid-address"); socket_address->set_port_value(1); listener.add_filter_chains(); EXPECT_CALL(listener_manager_, listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) .WillOnce(Return(existing_listeners)); EXPECT_CALL(listener_manager_, beginListenerUpdate()); EXPECT_CALL(listener_manager_, addOrUpdateListener(_, _, true)) .WillOnce(Throw(EnvoyException("something is wrong"))); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources({listener}); EXPECT_THROW_WITH_MESSAGE( lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, ""), EnvoyException, "Error adding/updating listener(s) invalid-listener: something is wrong\n"); } TEST_F(LdsApiTest, EmptyListenersUpdate) { InSequence s; setup(); std::vector> existing_listeners; EXPECT_CALL(listener_manager_, listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) .WillOnce(Return(existing_listeners)); EXPECT_CALL(listener_manager_, beginListenerUpdate()); EXPECT_CALL(listener_manager_, endListenerUpdate(_)) .WillOnce(Invoke([](ListenerManager::FailureStates&& state) { EXPECT_EQ(0, state.size()); })); ; EXPECT_CALL(init_watcher_, ready()); lds_callbacks_->onConfigUpdate({}, ""); } TEST_F(LdsApiTest, ListenerCreationContinuesEvenAfterException) { InSequence s; setup(); std::vector> existing_listeners; // Add 4 listeners - 2 valid and 2 invalid. const auto listener_0 = buildListener("valid-listener-1"); const auto listener_1 = buildListener("invalid-listener-1"); const auto listener_2 = buildListener("valid-listener-2"); const auto listener_3 = buildListener("invalid-listener-2"); EXPECT_CALL(listener_manager_, listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) .WillOnce(Return(existing_listeners)); EXPECT_CALL(listener_manager_, beginListenerUpdate()); EXPECT_CALL(listener_manager_, addOrUpdateListener(_, _, true)) .WillOnce(Return(true)) .WillOnce(Throw(EnvoyException("something is wrong"))) .WillOnce(Return(true)) .WillOnce(Throw(EnvoyException("something else is wrong"))); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources({listener_0, listener_1, listener_2, listener_3}); EXPECT_THROW_WITH_MESSAGE(lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, ""), EnvoyException, "Error adding/updating listener(s) invalid-listener-1: something is " "wrong\ninvalid-listener-2: something else is wrong\n"); } // Validate onConfigUpdate throws EnvoyException with duplicate listeners. // The first of the duplicates will be successfully applied, with the rest adding to // the exception message. TEST_F(LdsApiTest, ValidateDuplicateListeners) { InSequence s; setup(); const auto listener = buildListener("duplicate_listener"); std::vector> existing_listeners; EXPECT_CALL(listener_manager_, listeners(ListenerManager::WARMING | ListenerManager::ACTIVE)) .WillOnce(Return(existing_listeners)); EXPECT_CALL(listener_manager_, beginListenerUpdate()); EXPECT_CALL(listener_manager_, addOrUpdateListener(_, _, true)).WillOnce(Return(true)); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources({listener, listener}); EXPECT_THROW_WITH_MESSAGE(lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, ""), EnvoyException, "Error adding/updating listener(s) duplicate_listener: duplicate " "listener duplicate_listener found\n"); } TEST_F(LdsApiTest, Basic) { InSequence s; setup(); const std::string response1_json = R"EOF( { "version_info": "0", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener1", "address": { "socket_address": { "address": "tcp://0.0.0.1", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] }, { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener2", "address": { "socket_address": { "address": "tcp://0.0.0.2", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] } ] } )EOF"; auto response1 = TestUtility::parseYaml(response1_json); makeListenersAndExpectCall({}); expectAdd("listener1", "0", true); expectAdd("listener2", "0", true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources(response1); lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, response1.version_info()); EXPECT_EQ("0", lds_->versionInfo()); const std::string response2_json = R"EOF( { "version_info": "1", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener1", "address": { "socket_address": { "address": "tcp://0.0.0.1", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] }, { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener3", "address": { "socket_address": { "address": "tcp://0.0.0.3", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] } ] } )EOF"; auto response2 = TestUtility::parseYaml(response2_json); makeListenersAndExpectCall({"listener1", "listener2"}); EXPECT_CALL(listener_manager_, removeListener("listener2")).WillOnce(Return(true)); expectAdd("listener1", "1", false); expectAdd("listener3", "1", true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); const auto decoded_resources_2 = TestUtility::decodeResources(response2); lds_callbacks_->onConfigUpdate(decoded_resources_2.refvec_, response2.version_info()); EXPECT_EQ("1", lds_->versionInfo()); } // Regression test against only updating versionInfo() if at least one listener // is added/updated even if one or more are removed. TEST_F(LdsApiTest, UpdateVersionOnListenerRemove) { InSequence s; setup(); const std::string response1_json = R"EOF( { "version_info": "0", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener1", "address": { "socket_address": { "address": "tcp://0.0.0.1", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] } ] } )EOF"; auto response1 = TestUtility::parseYaml(response1_json); makeListenersAndExpectCall({}); expectAdd("listener1", "0", true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources(response1); lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, response1.version_info()); EXPECT_EQ("0", lds_->versionInfo()); const std::string response2_json = R"EOF( { "version_info": "1", "resources": [] } )EOF"; auto response2 = TestUtility::parseYaml(response2_json); makeListenersAndExpectCall({"listener1"}); EXPECT_CALL(listener_manager_, removeListener("listener1")).WillOnce(Return(true)); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); const auto decoded_resources_2 = TestUtility::decodeResources(response2); lds_callbacks_->onConfigUpdate(decoded_resources_2.refvec_, response2.version_info()); EXPECT_EQ("1", lds_->versionInfo()); } // Regression test issue #2188 where an empty ca_cert_file field was created and caused the LDS // update to fail validation. TEST_F(LdsApiTest, TlsConfigWithoutCaCert) { InSequence s; setup(); std::string response1_yaml = R"EOF( version_info: '1' resources: - "@type": type.googleapis.com/envoy.api.v2.Listener name: listener0 address: socket_address: address: tcp://0.0.0.1 port_value: 61000 filter_chains: - filters: )EOF"; auto response1 = TestUtility::parseYaml(response1_yaml); makeListenersAndExpectCall({"listener0"}); expectAdd("listener0", {}, true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources(response1); lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, response1.version_info()); std::string response2_basic = R"EOF( version_info: '1' resources: - "@type": type.googleapis.com/envoy.api.v2.Listener name: listener-8080 address: socket_address: address: tcp://0.0.0.0 port_value: 61001 filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: "{}" private_key: filename: "{}" filters: )EOF"; std::string response2_json = fmt::format(response2_basic, TestEnvironment::runfilesPath("test/config/integration/certs/servercert.pem"), TestEnvironment::runfilesPath("test/config/integration/certs/serverkey.pem")); auto response2 = TestUtility::parseYaml(response2_json); makeListenersAndExpectCall({ "listener-8080", }); // Can't check version here because of bazel sandbox paths for the certs. expectAdd("listener-8080", {}, true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); const auto decoded_resources_2 = TestUtility::decodeResources(response2); EXPECT_NO_THROW( lds_callbacks_->onConfigUpdate(decoded_resources_2.refvec_, response2.version_info())); } // Validate behavior when the config fails delivery at the subscription level. TEST_F(LdsApiTest, FailureSubscription) { InSequence s; setup(); EXPECT_CALL(init_watcher_, ready()); lds_callbacks_->onConfigUpdateFailed(Envoy::Config::ConfigUpdateFailureReason::FetchTimedout, {}); EXPECT_EQ("", lds_->versionInfo()); } TEST_F(LdsApiTest, ReplacingListenerWithSameAddress) { InSequence s; setup(); const std::string response1_json = R"EOF( { "version_info": "0", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener1", "address": { "socket_address": { "address": "tcp://0.0.0.1", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] }, { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener2", "address": { "socket_address": { "address": "tcp://0.0.0.2", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] } ] } )EOF"; auto response1 = TestUtility::parseYaml(response1_json); makeListenersAndExpectCall({}); expectAdd("listener1", "0", true); expectAdd("listener2", "0", true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); EXPECT_CALL(init_watcher_, ready()); const auto decoded_resources = TestUtility::decodeResources(response1); lds_callbacks_->onConfigUpdate(decoded_resources.refvec_, response1.version_info()); EXPECT_EQ("0", lds_->versionInfo()); const std::string response2_json = R"EOF( { "version_info": "1", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener1", "address": { "socket_address": { "address": "tcp://0.0.0.1", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] }, { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener3", "address": { "socket_address": { "address": "tcp://0.0.0.2", "port_value": 0 } }, "filter_chains": [ { "filters": null } ] } ] } )EOF"; auto response2 = TestUtility::parseYaml(response2_json); makeListenersAndExpectCall({"listener1", "listener2"}); EXPECT_CALL(listener_manager_, removeListener("listener2")).WillOnce(Return(true)); expectAdd("listener1", "1", false); expectAdd("listener3", "1", true); EXPECT_CALL(listener_manager_, endListenerUpdate(_)); const auto decoded_resources_2 = TestUtility::decodeResources(response2); lds_callbacks_->onConfigUpdate(decoded_resources_2.refvec_, response2.version_info()); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/listener_manager_impl_quic_only_test.cc ================================================ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "extensions/quic_listeners/quiche/quic_transport_socket_factory.h" #include "test/server/listener_manager_impl_test.h" #include "test/server/utility.h" #include "test/test_common/threadsafe_singleton_injector.h" namespace Envoy { namespace Server { namespace { class MockSupportsUdpGso : public Api::OsSysCallsImpl { public: MOCK_METHOD(bool, supportsUdpGso, (), (const)); }; class ListenerManagerImplQuicOnlyTest : public ListenerManagerImplTest { public: NiceMock udp_gso_syscall_; TestThreadsafeSingletonInjector os_calls{&udp_gso_syscall_}; }; TEST_F(ListenerManagerImplQuicOnlyTest, QuicListenerFactoryAndSslContext) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: address: 127.0.0.1 protocol: UDP port_value: 1234 filter_chains: - filter_chain_match: transport_protocol: "quic" filters: [] transport_socket: name: envoy.transport_sockets.quic typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport downstream_tls_context: common_tls_context: tls_certificates: - certificate_chain: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" private_key: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" validation_context: trusted_ca: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" match_subject_alt_names: - exact: localhost - exact: 127.0.0.1 reuse_port: true udp_listener_config: udp_listener_name: "quiche_quic_listener" udp_writer_config: name: "udp_gso_batch_writer" typed_config: "@type": type.googleapis.com/envoy.config.listener.v3.UdpGsoBatchWriterOptions )EOF", Network::Address::IpVersion::v4); envoy::config::listener::v3::Listener listener_proto = parseListenerFromV3Yaml(yaml); ON_CALL(udp_gso_syscall_, supportsUdpGso()).WillByDefault(Return(true)); EXPECT_CALL(server_.api_.random_, uuid()); expectCreateListenSocket(envoy::config::core::v3::SocketOption::STATE_PREBIND, #ifdef SO_RXQ_OVFL // SO_REUSEPORT is on as configured /* expected_num_options */ Api::OsSysCallsSingleton::get().supportsUdpGro() ? 4 : 3, #else /* expected_num_options */ Api::OsSysCallsSingleton::get().supportsUdpGro() ? 3 : 2, #endif /* expected_creation_params */ {true, false}); expectSetsockopt(/* expected_sockopt_level */ IPPROTO_IP, /* expected_sockopt_name */ ENVOY_IP_PKTINFO, /* expected_value */ 1, /* expected_num_calls */ 1); #ifdef SO_RXQ_OVFL expectSetsockopt(/* expected_sockopt_level */ SOL_SOCKET, /* expected_sockopt_name */ SO_RXQ_OVFL, /* expected_value */ 1, /* expected_num_calls */ 1); #endif expectSetsockopt(/* expected_sockopt_level */ SOL_SOCKET, /* expected_sockopt_name */ SO_REUSEPORT, /* expected_value */ 1, /* expected_num_calls */ 1); if (Api::OsSysCallsSingleton::get().supportsUdpGro()) { expectSetsockopt(/* expected_sockopt_level */ SOL_UDP, /* expected_sockopt_name */ UDP_GRO, /* expected_value */ 1, /* expected_num_calls */ 1); } manager_->addOrUpdateListener(listener_proto, "", true); EXPECT_EQ(1u, manager_->listeners().size()); EXPECT_FALSE(manager_->listeners()[0].get().udpListenerFactory()->isTransportConnectionless()); Network::SocketSharedPtr listen_socket = manager_->listeners().front().get().listenSocketFactory().getListenSocket(); Network::UdpPacketWriterPtr udp_packet_writer = manager_->listeners().front().get().udpPacketWriterFactory()->get().createUdpPacketWriter( listen_socket->ioHandle(), manager_->listeners()[0].get().listenerScope()); EXPECT_TRUE(udp_packet_writer->isBatchMode()); // No filter chain found with non-matching transport protocol. EXPECT_EQ(nullptr, findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111)); auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "quic", {}, "8.8.8.8", 111); ASSERT_NE(nullptr, filter_chain); auto& quic_socket_factory = dynamic_cast( filter_chain->transportSocketFactory()); EXPECT_TRUE(quic_socket_factory.implementsSecureTransport()); EXPECT_TRUE(quic_socket_factory.serverContextConfig().isReady()); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/listener_manager_impl_test.cc ================================================ #include "test/server/listener_manager_impl_test.h" #include #include #include #include #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/server/filter_config.h" #include "envoy/server/listener_manager.h" #include "common/api/os_sys_calls_impl.h" #include "common/config/metadata.h" #include "common/init/manager_impl.h" #include "common/network/address_impl.h" #include "common/network/io_socket_handle_impl.h" #include "common/network/utility.h" #include "common/protobuf/protobuf.h" #include "extensions/filters/listener/original_dst/original_dst.h" #include "extensions/transport_sockets/tls/ssl_socket.h" #include "test/mocks/init/mocks.h" #include "test/server/utility.h" #include "test/test_common/network_utility.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" namespace Envoy { namespace Server { namespace { using testing::AtLeast; using testing::InSequence; using testing::Return; using testing::ReturnRef; using testing::Throw; class ListenerManagerImplWithDispatcherStatsTest : public ListenerManagerImplTest { protected: ListenerManagerImplWithDispatcherStatsTest() { enable_dispatcher_stats_ = true; } }; class ListenerManagerImplWithRealFiltersTest : public ListenerManagerImplTest { public: /** * Create an IPv4 listener with a given name. */ envoy::config::listener::v3::Listener createIPv4Listener(const std::string& name) { envoy::config::listener::v3::Listener listener = parseListenerFromV3Yaml(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1111 } filter_chains: - filters: )EOF"); listener.set_name(name); return listener; } /** * Used by some tests below to validate that, if a given socket option is valid on this platform * and set in the Listener, it should result in a call to setsockopt() with the appropriate * values. */ void testSocketOption(const envoy::config::listener::v3::Listener& listener, const envoy::config::core::v3::SocketOption::SocketState& expected_state, const Network::SocketOptionName& expected_option, int expected_value, uint32_t expected_num_options = 1, ListenSocketCreationParams expected_creation_params = {true, true}) { if (expected_option.hasValue()) { expectCreateListenSocket(expected_state, expected_num_options, expected_creation_params); expectSetsockopt(expected_option.level(), expected_option.option(), expected_value, expected_num_options); manager_->addOrUpdateListener(listener, "", true); EXPECT_EQ(1U, manager_->listeners().size()); } else { EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(listener, "", true), EnvoyException, "MockListenerComponentFactory: Setting socket options failed"); EXPECT_EQ(0U, manager_->listeners().size()); } } }; class ListenerManagerImplForInPlaceFilterChainUpdateTest : public ListenerManagerImplTest { public: envoy::config::listener::v3::Listener createDefaultListener() { envoy::config::listener::v3::Listener listener_proto; Protobuf::TextFormat::ParseFromString(R"EOF( name: "foo" address: { socket_address: { address: "127.0.0.1" port_value: 1234 } } filter_chains: {} )EOF", &listener_proto); return listener_proto; } void expectAddListener(const envoy::config::listener::v3::Listener& listener_proto, ListenerHandle*) { EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); manager_->addOrUpdateListener(listener_proto, "", true); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); } void expectUpdateToThenDrain(const envoy::config::listener::v3::Listener& new_listener_proto, ListenerHandle* old_listener_handle) { EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*old_listener_handle->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->addOrUpdateListener(new_listener_proto, "", true)); EXPECT_CALL(*worker_, removeListener(_, _)); old_listener_handle->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*old_listener_handle, onDestroy()); worker_->callRemovalCompletion(); } void expectRemove(const envoy::config::listener::v3::Listener& listener_proto, ListenerHandle* listener_handle) { EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_handle->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener(listener_proto.name())); EXPECT_CALL(*worker_, removeListener(_, _)); listener_handle->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*listener_handle, onDestroy()); worker_->callRemovalCompletion(); } }; class MockLdsApi : public LdsApi { public: MOCK_METHOD(std::string, versionInfo, (), (const)); }; TEST_F(ListenerManagerImplWithRealFiltersTest, EmptyFilter) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); EXPECT_EQ(std::chrono::milliseconds(15000), manager_->listeners().front().get().listenerFiltersTimeout()); } TEST_F(ListenerManagerImplWithRealFiltersTest, DefaultListenerPerConnectionBufferLimit) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1024 * 1024U, manager_->listeners().back().get().perConnectionBufferLimitBytes()); } TEST_F(ListenerManagerImplWithRealFiltersTest, SetListenerPerConnectionBufferLimit) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] per_connection_buffer_limit_bytes: 8192 )EOF"; EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(8192U, manager_->listeners().back().get().perConnectionBufferLimitBytes()); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsTransportSocket) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" private_key: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" validation_context: trusted_ca: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" match_subject_alt_names: exact: localhost exact: 127.0.0.1 )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); } TEST_F(ListenerManagerImplWithRealFiltersTest, DEPRECATED_FEATURE_TEST(TlsTransportSocketLegacyConfig)) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" private_key: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" validation_context: trusted_ca: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" verify_subject_alt_name: - localhost - 127.0.0.1 )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); } TEST_F(ListenerManagerImplWithRealFiltersTest, DEPRECATED_FEATURE_TEST(TlsContext)) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" private_key: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" validation_context: trusted_ca: filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" match_subject_alt_names: exact: localhost exact: 127.0.0.1 )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); } TEST_F(ListenerManagerImplWithRealFiltersTest, UdpAddress) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Validate that there are no active listeners and workers are started. EXPECT_EQ(0, server_.stats_store_ .gauge("listener_manager.total_active_listeners", Stats::Gauge::ImportMode::NeverImport) .value()); EXPECT_EQ(1, server_.stats_store_ .gauge("listener_manager.workers_started", Stats::Gauge::ImportMode::NeverImport) .value()); const std::string proto_text = R"EOF( address: { socket_address: { protocol: UDP address: "127.0.0.1" port_value: 1234 } } filter_chains: {} )EOF"; envoy::config::listener::v3::Listener listener_proto; EXPECT_TRUE(Protobuf::TextFormat::ParseFromString(proto_text, &listener_proto)); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(listener_factory_, createListenSocket(_, Network::Socket::Type::Datagram, _, {{true, false}})) .WillOnce(Invoke([this](const Network::Address::InstanceConstSharedPtr&, Network::Socket::Type, const Network::Socket::OptionsSharedPtr&, const ListenSocketCreationParams&) -> Network::SocketSharedPtr { return listener_factory_.socket_; })); EXPECT_CALL(*listener_factory_.socket_, setSocketOption(_, _, _, _)).Times(testing::AtLeast(1)); EXPECT_CALL(os_sys_calls_, close(_)).WillRepeatedly(Return(Api::SysCallIntResult{0, errno})); manager_->addOrUpdateListener(listener_proto, "", true); EXPECT_EQ(1u, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, BadListenerConfig) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] test: a )EOF"; EXPECT_THROW_WITH_REGEX(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "test: Cannot find field"); } TEST_F(ListenerManagerImplWithRealFiltersTest, BadListenerConfigNoFilterChains) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 )EOF"; EXPECT_THROW_WITH_REGEX(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "no filter chains specified"); } TEST_F(ListenerManagerImplWithRealFiltersTest, BadListenerConfig2UDPListenerFilters) { const std::string yaml = R"EOF( address: socket_address: protocol: UDP address: 127.0.0.1 port_value: 1234 listener_filters: - name: envoy.filters.listener.tls_inspector - name: envoy.filters.listener.original_dst )EOF"; EXPECT_THROW_WITH_REGEX(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Only 1 UDP listener filter per listener supported"); } TEST_F(ListenerManagerImplWithRealFiltersTest, BadFilterConfig) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: - foo: type name: name typed_config: {} )EOF"; EXPECT_THROW_WITH_REGEX(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "foo: Cannot find field"); } class NonTerminalFilterFactory : public Configuration::NamedNetworkFilterConfigFactory { public: // Configuration::NamedNetworkFilterConfigFactory Network::FilterFactoryCb createFilterFactoryFromProto(const Protobuf::Message&, Server::Configuration::FactoryContext&) override { return [](Network::FilterManager&) -> void {}; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return std::make_unique(); } std::string name() const override { return "non_terminal"; } }; TEST_F(ListenerManagerImplWithRealFiltersTest, TerminalNotLast) { NonTerminalFilterFactory filter; Registry::InjectFactory registered(filter); const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: - name: non_terminal typed_config: {} )EOF"; EXPECT_THROW_WITH_REGEX( manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Error: non-terminal filter named non_terminal of type non_terminal is the last " "filter in a network filter chain."); } TEST_F(ListenerManagerImplWithRealFiltersTest, NotTerminalLast) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: - name: envoy.filters.network.tcp_proxy typed_config: {} - name: unknown_but_will_not_be_processed typed_config: {} )EOF"; EXPECT_THROW_WITH_REGEX( manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Error: terminal filter named envoy.filters.network.tcp_proxy of type " "envoy.filters.network.tcp_proxy must be the last filter in a network filter chain."); } TEST_F(ListenerManagerImplWithRealFiltersTest, BadFilterName) { const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: - name: invalid typed_config: {} )EOF"; EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Didn't find a registered implementation for name: 'invalid'"); } class TestStatsConfigFactory : public Configuration::NamedNetworkFilterConfigFactory { public: // Configuration::NamedNetworkFilterConfigFactory Network::FilterFactoryCb createFilterFactoryFromProto( const Protobuf::Message&, Configuration::FactoryContext& filter_chain_factory_context) override { return commonFilterFactory(filter_chain_factory_context); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return std::make_unique(); } std::string name() const override { return "stats_test"; } bool isTerminalFilter() override { return true; } private: Network::FilterFactoryCb commonFilterFactory(Configuration::FactoryContext& context) { context.scope().counterFromString("bar").inc(); return [](Network::FilterManager&) -> void {}; } }; TEST_F(ListenerManagerImplWithRealFiltersTest, StatsScopeTest) { TestStatsConfigFactory filter; Registry::InjectFactory registered(filter); const std::string yaml = R"EOF( address: socket_address: address: 127.0.0.1 port_value: 1234 deprecated_v1: bind_to_port: false filter_chains: - filters: - name: stats_test typed_config: {} )EOF"; EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, ListenSocketCreationParams(false))); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); manager_->listeners().front().get().listenerScope().counterFromString("foo").inc(); EXPECT_EQ(1UL, server_.stats_store_.counterFromString("bar").value()); EXPECT_EQ(1UL, server_.stats_store_.counterFromString("listener.127.0.0.1_1234.foo").value()); } TEST_F(ListenerManagerImplTest, UnsupportedInternalListener) { const std::string yaml = R"EOF( address: envoy_internal_address: server_listener_name: a_listener_name filter_chains: - filters: [] )EOF"; ASSERT_DEATH(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), ""); } TEST_F(ListenerManagerImplTest, NotDefaultListenerFiltersTimeout) { const std::string yaml = R"EOF( name: "foo" address: socket_address: { address: 127.0.0.1, port_value: 10000 } filter_chains: - filters: listener_filters_timeout: 0s )EOF"; EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true)); EXPECT_EQ(std::chrono::milliseconds(), manager_->listeners().front().get().listenerFiltersTimeout()); } TEST_F(ListenerManagerImplTest, ModifyOnlyDrainType) { InSequence s; // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: "foo" address: socket_address: { address: 127.0.0.1, port_value: 10000 } filter_chains: - filters: drain_type: MODIFY_ONLY )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true, envoy::config::listener::v3::Listener::MODIFY_ONLY); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo, onDestroy()); } TEST_F(ListenerManagerImplTest, AddListenerAddressNotMatching) { InSequence s; // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] drain_type: default )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo listener, but with a different address. Should throw. const std::string listener_foo_different_address_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1235 filter_chains: - filters: [] drain_type: modify_only )EOF"; ListenerHandle* listener_foo_different_address = expectListenerCreate(false, true, envoy::config::listener::v3::Listener::MODIFY_ONLY); EXPECT_CALL(*listener_foo_different_address, onDestroy()); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_different_address_yaml), "", true), EnvoyException, "error updating listener: 'foo' has a different address " "'127.0.0.1:1235' from existing listener address '127.0.0.1:1234'"); EXPECT_CALL(*listener_foo, onDestroy()); } // Make sure that a listener creation does not fail on IPv4 only setups when FilterChainMatch is not // specified and we try to create default CidrRange. See makeCidrListEntry function for // more details. TEST_F(ListenerManagerImplTest, AddListenerOnIpv4OnlySetups) { InSequence s; const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] drain_type: default )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); ON_CALL(os_sys_calls_, socket(AF_INET, _, 0)) .WillByDefault(Return(Api::SysCallSocketResult{5, 0})); ON_CALL(os_sys_calls_, socket(AF_INET6, _, 0)) .WillByDefault(Return(Api::SysCallSocketResult{INVALID_SOCKET, 0})); ON_CALL(os_sys_calls_, close(_)).WillByDefault(Return(Api::SysCallIntResult{0, 0})); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo, onDestroy()); } // Make sure that a listener creation does not fail on IPv6 only setups when FilterChainMatch is not // specified and we try to create default CidrRange. See makeCidrListEntry function for // more details. TEST_F(ListenerManagerImplTest, AddListenerOnIpv6OnlySetups) { InSequence s; const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: "::0001" port_value: 1234 filter_chains: - filters: [] drain_type: default )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); ON_CALL(os_sys_calls_, socket(AF_INET, _, 0)) .WillByDefault(Return(Api::SysCallSocketResult{INVALID_SOCKET, 0})); ON_CALL(os_sys_calls_, socket(AF_INET6, _, 0)) .WillByDefault(Return(Api::SysCallSocketResult{5, 0})); ON_CALL(os_sys_calls_, close(_)).WillByDefault(Return(Api::SysCallIntResult{0, 0})); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo, onDestroy()); } // Make sure that a listener that is not added_via_api cannot be updated or removed. TEST_F(ListenerManagerImplTest, UpdateRemoveNotModifiableListener) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, false); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", false)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); checkConfigDump(R"EOF( static_listeners: listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1234 filter_chains: {} last_updated: seconds: 1001001001 nanos: 1000000 )EOF"); // Update foo listener. Should be blocked. const std::string listener_foo_update1_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: - name: fake typed_config: {} )EOF"; EXPECT_FALSE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", false)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Remove foo listener. Should be blocked. EXPECT_FALSE(manager_->removeListener("foo")); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo, onDestroy()); } // Tests that when listener tears down, server's initManager is notified. TEST_F(ListenerManagerImplTest, ListenerTeardownNotifiesServerInitManager) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; auto* lds_api = new MockLdsApi(); EXPECT_CALL(listener_factory_, createLdsApi_(_, _)).WillOnce(Return(lds_api)); envoy::config::core::v3::ConfigSource lds_config; manager_->createLdsApi(lds_config, nullptr); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("")); checkConfigDump(R"EOF( static_listeners: )EOF"); const std::string listener_foo_yaml = R"EOF( name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1234 filter_chains: {} )EOF"; const std::string listener_foo_address_update_yaml = R"EOF( name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1235 filter_chains: {} )EOF"; Init::ManagerImpl server_init_mgr("server-init-manager"); Init::ExpectableWatcherImpl server_init_watcher("server-init-watcher"); { // Add and remove a listener before starting workers. ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(server_, initManager()).WillOnce(ReturnRef(server_init_mgr)); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "version1", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version1")); checkConfigDump(R"EOF( version_info: version1 static_listeners: dynamic_listeners: - name: foo warming_state: version_info: version1 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} last_updated: seconds: 1001001001 nanos: 1000000 )EOF"); EXPECT_CALL(listener_foo->target_, initialize()).Times(1); server_init_mgr.initialize(server_init_watcher); // Since listener_foo->target_ is not ready, the listener's listener_init_target will not be // ready until the destruction happens. server_init_watcher.expectReady().Times(1); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_TRUE(manager_->removeListener("foo")); } // Listener foo's listener_init_target_ is the only target added to server_init_mgr. EXPECT_EQ(server_init_mgr.state(), Init::Manager::State::Initialized); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("")); checkConfigDump(R"EOF( static_listeners: )EOF"); EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Now add new version listener foo after workers start, note it's fine that server_init_mgr is // initialized, as no target will be added to it. time_system_.setSystemTime(std::chrono::milliseconds(2002002002002)); EXPECT_CALL(server_, initManager()).Times(0); // No target added to server init manager. server_init_watcher.expectReady().Times(0); { ListenerHandle* listener_foo2 = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); // Version 2 listener will be initialized by listener manager directly. EXPECT_CALL(listener_foo2->target_, initialize()).Times(1); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "version2", true)); // Version2 is in warming list as listener_foo2->target_ is not ready yet. checkStats(__LINE__, /*added=*/2, 0, /*removed=*/1, /*warming=*/1, 0, 0, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version2")); checkConfigDump(R"EOF( version_info: version2 static_listeners: dynamic_listeners: - name: foo warming_state: version_info: version2 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} last_updated: seconds: 2002002002 nanos: 2000000 )EOF"); // While it is in warming state, try updating the address. It should fail. ListenerHandle* listener_foo3 = expectListenerCreate(true, true); EXPECT_CALL(*listener_foo3, onDestroy()); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_address_update_yaml), "version3", true), EnvoyException, "error updating listener: 'foo' has a different address " "'127.0.0.1:1235' from existing listener address '127.0.0.1:1234'"); // Delete foo-listener again. EXPECT_CALL(*listener_foo2, onDestroy()); EXPECT_TRUE(manager_->removeListener("foo")); } } TEST_F(ListenerManagerImplTest, OverrideListener) { InSequence s; time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); auto* lds_api = new MockLdsApi(); EXPECT_CALL(listener_factory_, createLdsApi_(_, _)).WillOnce(Return(lds_api)); envoy::config::core::v3::ConfigSource lds_config; manager_->createLdsApi(lds_config, nullptr); // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1234 filter_chains: {} )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "version1", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Start workers and capture ListenerImpl. Network::ListenerConfig* listener_config = nullptr; EXPECT_CALL(*worker_, addListener(_, _, _)) .WillOnce(Invoke([&listener_config](auto, Network::ListenerConfig& config, auto) -> void { listener_config = &config; })) .RetiresOnSaturation(); EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_create_success").value()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(false); EXPECT_CALL(*worker_, addListener(_, _, _)); auto* timer = new Event::MockTimer(dynamic_cast(&server_.dispatcher())); EXPECT_CALL(*timer, enableTimer(_, _)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1UL, manager_->listeners().size()); worker_->callAddCompletion(true); checkStats(__LINE__, 1, 1, 0, 0, 1, 0, 1); EXPECT_CALL(*worker_, removeFilterChains(_, _, _)); timer->invokeCallback(); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callDrainFilterChainsComplete(); EXPECT_EQ(1UL, manager_->listeners().size()); EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_create_success").value()); } TEST_F(ListenerManagerImplTest, AddOrUpdateListener) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; auto* lds_api = new MockLdsApi(); EXPECT_CALL(listener_factory_, createLdsApi_(_, _)).WillOnce(Return(lds_api)); envoy::config::core::v3::ConfigSource lds_config; manager_->createLdsApi(lds_config, nullptr); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("")); checkConfigDump(R"EOF( static_listeners: )EOF"); // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1234 filter_chains: {} )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "version1", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version1")); checkConfigDump(R"EOF( version_info: version1 static_listeners: dynamic_listeners: - name: foo warming_state: version_info: version1 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} last_updated: seconds: 1001001001 nanos: 1000000 )EOF"); // Update duplicate should be a NOP. EXPECT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo listener. Should share socket. const std::string listener_foo_update1_yaml = R"EOF( name: "foo" address: socket_address: address: "127.0.0.1" port_value: 1234 filter_chains: {} per_connection_buffer_limit_bytes: 10 )EOF"; time_system_.setSystemTime(std::chrono::milliseconds(2002002002002)); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "version2", true)); checkStats(__LINE__, 1, 1, 0, 0, 1, 0, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version2")); checkConfigDump(R"EOF( version_info: version2 static_listeners: dynamic_listeners: - name: foo warming_state: version_info: version2 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} per_connection_buffer_limit_bytes: 10 last_updated: seconds: 2002002002 nanos: 2000000 )EOF"); // Validate that workers_started stat is zero before calling startWorkers. EXPECT_EQ(0, server_.stats_store_ .gauge("listener_manager.workers_started", Stats::Gauge::ImportMode::NeverImport) .value()); // Start workers. EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Validate that workers_started stat is still zero before workers set the status via // completion callback. EXPECT_EQ(0, server_.stats_store_ .gauge("listener_manager.workers_started", Stats::Gauge::ImportMode::NeverImport) .value()); worker_->callAddCompletion(true); // Validate that workers_started stat is set to 1 after workers have responded with initialization // status. EXPECT_EQ(1, server_.stats_store_ .gauge("listener_manager.workers_started", Stats::Gauge::ImportMode::NeverImport) .value()); // Update duplicate should be a NOP. EXPECT_FALSE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); checkStats(__LINE__, 1, 1, 0, 0, 1, 0, 0); time_system_.setSystemTime(std::chrono::milliseconds(3003003003003)); // Update foo. Should go into warming, have an immediate warming callback, and start immediate // removal. ListenerHandle* listener_foo_update2 = expectListenerCreate(false, true); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_foo_update1->drain_manager_, startDrainSequence(_)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "version3", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 1, 2, 0, 0, 1, 1, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version3")); checkConfigDump(R"EOF( version_info: version3 static_listeners: dynamic_listeners: - name: foo active_state: version_info: version3 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} last_updated: seconds: 3003003003 nanos: 3000000 draining_state: version_info: version2 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} per_connection_buffer_limit_bytes: 10 last_updated: seconds: 2002002002 nanos: 2000000 )EOF"); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo_update1->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 1, 2, 0, 0, 1, 1, 0); EXPECT_CALL(*listener_foo_update1, onDestroy()); worker_->callRemovalCompletion(); checkStats(__LINE__, 1, 2, 0, 0, 1, 0, 0); time_system_.setSystemTime(std::chrono::milliseconds(4004004004004)); // Add bar listener. const std::string listener_bar_yaml = R"EOF( name: "bar" address: socket_address: address: "127.0.0.1" port_value: 1235 filter_chains: {} )EOF"; ListenerHandle* listener_bar = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_yaml), "version4", true)); EXPECT_EQ(2UL, manager_->listeners().size()); worker_->callAddCompletion(true); checkStats(__LINE__, 2, 2, 0, 0, 2, 0, 0); time_system_.setSystemTime(std::chrono::milliseconds(5005005005005)); // Add baz listener, this time requiring initializing. const std::string listener_baz_yaml = R"EOF( name: "baz" address: socket_address: address: "127.0.0.1" port_value: 1236 filter_chains: {} )EOF"; ListenerHandle* listener_baz = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_baz->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_baz_yaml), "version5", true)); EXPECT_EQ(2UL, manager_->listeners().size()); checkStats(__LINE__, 3, 2, 0, 1, 2, 0, 0); EXPECT_CALL(*lds_api, versionInfo()).WillOnce(Return("version5")); checkConfigDump(R"EOF( version_info: version5 dynamic_listeners: - name: foo active_state: version_info: version3 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: {} last_updated: seconds: 3003003003 nanos: 3000000 - name: bar active_state: version_info: version4 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: bar address: socket_address: address: 127.0.0.1 port_value: 1235 filter_chains: {} last_updated: seconds: 4004004004 nanos: 4000000 - name: baz warming_state: version_info: version5 listener: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: baz address: socket_address: address: 127.0.0.1 port_value: 1236 filter_chains: {} last_updated: seconds: 5005005005 nanos: 5000000 )EOF"); // Update a duplicate baz that is currently warming. EXPECT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_baz_yaml), "", true)); checkStats(__LINE__, 3, 2, 0, 1, 2, 0, 0); // Update baz while it is warming. const std::string listener_baz_update1_yaml = R"EOF( name: baz address: socket_address: address: 127.0.0.1 port_value: 1236 filter_chains: - filters: - name: fake typed_config: {} )EOF"; ListenerHandle* listener_baz_update1 = expectListenerCreate(true, true); EXPECT_CALL(*listener_baz, onDestroy()).WillOnce(Invoke([listener_baz]() -> void { // Call the initialize callback during destruction like RDS will. listener_baz->target_.ready(); })); EXPECT_CALL(listener_baz_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_baz_update1_yaml), "", true)); EXPECT_EQ(2UL, manager_->listeners().size()); checkStats(__LINE__, 3, 3, 0, 1, 2, 0, 0); // Finish initialization for baz which should make it active. EXPECT_CALL(*worker_, addListener(_, _, _)); listener_baz_update1->target_.ready(); EXPECT_EQ(3UL, manager_->listeners().size()); worker_->callAddCompletion(true); checkStats(__LINE__, 3, 3, 0, 0, 3, 0, 0); EXPECT_CALL(*listener_foo_update2, onDestroy()); EXPECT_CALL(*listener_bar, onDestroy()); EXPECT_CALL(*listener_baz_update1, onDestroy()); } TEST_F(ListenerManagerImplTest, UpdateActiveToWarmAndBack) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add and initialize foo listener. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 per_connection_buffer_limit_bytes: 999 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo_update1 = expectListenerCreate(true, true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); // Should be both active and warming now. EXPECT_EQ(1UL, manager_->listeners(ListenerManager::WARMING).size()); EXPECT_EQ(1UL, manager_->listeners(ListenerManager::ACTIVE).size()); checkStats(__LINE__, 1, 1, 0, 1, 1, 0, 0); // Update foo back to original active, should cause the warming listener to be removed. EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 2, 0, 0, 1, 0, 0); EXPECT_EQ(0UL, manager_->listeners(ListenerManager::WARMING).size()); EXPECT_EQ(1UL, manager_->listeners(ListenerManager::ACTIVE).size()); EXPECT_CALL(*listener_foo, onDestroy()); } TEST_F(ListenerManagerImplTest, AddReusableDrainingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener directly into active. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; Network::Address::InstanceConstSharedPtr local_address( new Network::Address::Ipv4Instance("127.0.0.1", 1234)); ON_CALL(*listener_factory_.socket_, localAddress()).WillByDefault(ReturnRef(local_address)); ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Remove foo into draining. std::function stop_completion; EXPECT_CALL(*worker_, stopListener(_, _)) .WillOnce(Invoke( [&stop_completion](Network::ListenerConfig&, std::function completion) -> void { ASSERT_TRUE(completion != nullptr); stop_completion = std::move(completion); })); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); // Add foo again. We should use the socket from draining. ListenerHandle* listener_foo2 = expectListenerCreate(false, true); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 2, 0, 1, 0, 1, 1, 0); EXPECT_CALL(*listener_factory_.socket_, close()).Times(0); stop_completion(); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); checkStats(__LINE__, 2, 0, 1, 0, 1, 0, 0); EXPECT_CALL(*listener_foo2, onDestroy()); } TEST_F(ListenerManagerImplTest, AddClosedDrainingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener directly into active. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; Network::Address::InstanceConstSharedPtr local_address( new Network::Address::Ipv4Instance("127.0.0.1", 1234)); ON_CALL(*listener_factory_.socket_, localAddress()).WillByDefault(ReturnRef(local_address)); ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Remove foo into draining. EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); // Add foo again. We should use the socket from draining. ListenerHandle* listener_foo2 = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 2, 0, 1, 0, 1, 1, 0); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); checkStats(__LINE__, 2, 0, 1, 0, 1, 0, 0); EXPECT_CALL(*listener_foo2, onDestroy()); } TEST_F(ListenerManagerImplTest, BindToPortEqualToFalse) { InSequence s; ProdListenerComponentFactory real_listener_factory(server_); EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 deprecated_v1: bind_to_port: false filter_chains: - filters: [] )EOF"; auto syscall_result = os_sys_calls_actual_.socket(AF_INET, SOCK_STREAM, 0); ASSERT_TRUE(SOCKET_VALID(syscall_result.rc_)); ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, ListenSocketCreationParams(false))) .WillOnce(Invoke([this, &syscall_result, &real_listener_factory]( const Network::Address::InstanceConstSharedPtr& address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params) -> Network::SocketSharedPtr { EXPECT_CALL(server_, hotRestart).Times(0); // When bind_to_port is equal to false, create socket fd directly, and do not get socket // fd through hot restart. ON_CALL(os_sys_calls_, socket(AF_INET, _, 0)).WillByDefault(Return(syscall_result)); return real_listener_factory.createListenSocket(address, socket_type, options, params); })); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); } TEST_F(ListenerManagerImplTest, ReusePortEqualToTrue) { InSequence s; ProdListenerComponentFactory real_listener_factory(server_); EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 0 reuse_port: true filter_chains: - filters: [] )EOF"; auto syscall_result = os_sys_calls_actual_.socket(AF_INET, SOCK_STREAM, 0); ASSERT_TRUE(SOCKET_VALID(syscall_result.rc_)); // On Windows if the socket has not been bound to an address with bind // the call to getsockname fails with WSAEINVAL. To avoid that we make sure // that the bind system actually happens and it does not get mocked. ON_CALL(os_sys_calls_, bind(_, _, _)) .WillByDefault(Invoke( [&](os_fd_t sockfd, const sockaddr* addr, socklen_t addrlen) -> Api::SysCallIntResult { Api::SysCallIntResult result = os_sys_calls_actual_.bind(sockfd, addr, addrlen); ASSERT(result.rc_ >= 0); return result; })); ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {{true, false}})) .WillOnce(Invoke([this, &syscall_result, &real_listener_factory]( const Network::Address::InstanceConstSharedPtr& address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params) -> Network::SocketSharedPtr { EXPECT_CALL(server_, hotRestart).Times(0); ON_CALL(os_sys_calls_, socket(AF_INET, _, 0)).WillByDefault(Return(syscall_result)); return real_listener_factory.createListenSocket(address, socket_type, options, params); })); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); } TEST_F(ListenerManagerImplTest, NotSupportedDatagramUds) { ProdListenerComponentFactory real_listener_factory(server_); EXPECT_THROW_WITH_MESSAGE(real_listener_factory.createListenSocket( std::make_shared("/foo"), Network::Socket::Type::Datagram, nullptr, {true}), EnvoyException, "socket type SocketType::Datagram not supported for pipes"); } TEST_F(ListenerManagerImplTest, CantBindSocket) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})) .WillOnce(Throw(EnvoyException("can't bind"))); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_THROW(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true), EnvoyException); checkConfigDump(R"EOF( dynamic_listeners: - name: foo error_state: failed_configuration: "@type": type.googleapis.com/envoy.config.listener.v3.Listener name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - {} last_update_attempt: seconds: 1001001001 nanos: 1000000 details: can't bind )EOF"); ListenerManager::FailureStates empty_failure_state; // Fake a new update, just to sanity check the clearing code. manager_->beginListenerUpdate(); manager_->endListenerUpdate(std::move(empty_failure_state)); checkConfigDump(R"EOF( dynamic_listeners: )EOF"); } // Verify that errors tracked on endListenerUpdate show up in the config dump/ TEST_F(ListenerManagerImplTest, ConfigDumpWithExternalError) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Make sure the config dump is empty by default. ListenerManager::FailureStates empty_failure_state; manager_->beginListenerUpdate(); manager_->endListenerUpdate(std::move(empty_failure_state)); checkConfigDump(R"EOF( dynamic_listeners: )EOF"); // Now have an external update with errors and make sure it gets dumped. ListenerManager::FailureStates non_empty_failure_state; non_empty_failure_state.push_back(std::make_unique()); auto& state = non_empty_failure_state.back(); state->set_details("foo"); manager_->beginListenerUpdate(); manager_->endListenerUpdate(std::move(non_empty_failure_state)); checkConfigDump(R"EOF( dynamic_listeners: error_state: details: "foo" )EOF"); // And clear again. ListenerManager::FailureStates empty_failure_state2; manager_->beginListenerUpdate(); manager_->endListenerUpdate(std::move(empty_failure_state2)); checkConfigDump(R"EOF( dynamic_listeners: )EOF"); } TEST_F(ListenerManagerImplTest, ListenerDraining) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); worker_->callAddCompletion(true); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo->drain_manager_, drainClose()).WillOnce(Return(false)); EXPECT_CALL(server_.drain_manager_, drainClose()).WillOnce(Return(false)); EXPECT_FALSE(listener_foo->context_->drainDecision().drainClose()); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); // NOTE: || short circuit here prevents the server drain manager from getting called. EXPECT_CALL(*listener_foo->drain_manager_, drainClose()).WillOnce(Return(true)); EXPECT_TRUE(listener_foo->context_->drainDecision().drainClose()); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 1, 0, 1, 0, 0, 1, 0); EXPECT_CALL(*listener_foo->drain_manager_, drainClose()).WillOnce(Return(false)); EXPECT_CALL(server_.drain_manager_, drainClose()).WillOnce(Return(true)); EXPECT_TRUE(listener_foo->context_->drainDecision().drainClose()); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ(0UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 1, 0, 0, 0, 0); } TEST_F(ListenerManagerImplTest, RemoveListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Remove an unknown listener. EXPECT_FALSE(manager_->removeListener("unknown")); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_EQ(0UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); // Remove foo. EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_TRUE(manager_->removeListener("foo")); EXPECT_EQ(0UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 1, 0, 0, 0, 0); // Add foo again and initialize it. listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 2, 0, 1, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 2, 0, 1, 0, 1, 0, 0); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 per_connection_buffer_limit_bytes: 999 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo_update1 = expectListenerCreate(true, true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 2, 1, 1, 1, 1, 0, 0); // Remove foo which should remove both warming and active. EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); checkStats(__LINE__, 2, 1, 2, 0, 0, 1, 0); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 2, 1, 2, 0, 0, 1, 0); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ(0UL, manager_->listeners().size()); checkStats(__LINE__, 2, 1, 2, 0, 0, 0, 0); } // Validates that StopListener functionality works correctly when only inbound listeners are // stopped. TEST_F(ListenerManagerImplTest, StopListeners) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener in inbound direction. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); auto foo_inbound_proto = parseListenerFromV3Yaml(listener_foo_yaml); EXPECT_TRUE(manager_->addOrUpdateListener(foo_inbound_proto, "", true)); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Add a listener in outbound direction. const std::string listener_foo_outbound_yaml = R"EOF( name: foo_outbound traffic_direction: OUTBOUND address: socket_address: address: 127.0.0.1 port_value: 1239 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo_outbound = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo_outbound->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_outbound_yaml), "", true)); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo_outbound->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(2UL, manager_->listeners().size()); // Validate that stop listener is only called once - for inbound listeners. EXPECT_CALL(*worker_, stopListener(_, _)).Times(1); EXPECT_CALL(*listener_factory_.socket_, close()).Times(1); manager_->stopListeners(ListenerManager::StopListenersType::InboundOnly); EXPECT_EQ(1, server_.stats_store_.counterFromString("listener_manager.listener_stopped").value()); // Validate that listener creation in outbound direction is allowed. const std::string listener_bar_outbound_yaml = R"EOF( name: bar_outbound traffic_direction: OUTBOUND address: socket_address: address: 127.0.0.1 port_value: 1237 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_bar_outbound = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_outbound_yaml), "", true)); EXPECT_EQ(3UL, manager_->listeners().size()); worker_->callAddCompletion(true); // Validate that adding a listener in stopped listener's traffic direction is not allowed. const std::string listener_bar_yaml = R"EOF( name: bar traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1235 filter_chains: - filters: [] )EOF"; EXPECT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_yaml), "", true)); // Explicitly validate that in place filter chain update is not allowed. auto in_place_foo_inbound_proto = foo_inbound_proto; in_place_foo_inbound_proto.mutable_filter_chains(0) ->mutable_filter_chain_match() ->mutable_destination_port() ->set_value(9999); EXPECT_FALSE(manager_->addOrUpdateListener(in_place_foo_inbound_proto, "", true)); EXPECT_CALL(*listener_foo, onDestroy()); EXPECT_CALL(*listener_foo_outbound, onDestroy()); EXPECT_CALL(*listener_bar_outbound, onDestroy()); } // Validates that StopListener functionality works correctly when all listeners are stopped. TEST_F(ListenerManagerImplTest, StopAllListeners) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo, onDestroy()); manager_->stopListeners(ListenerManager::StopListenersType::All); EXPECT_EQ(1, server_.stats_store_.counterFromString("listener_manager.listener_stopped").value()); // Validate that adding a listener is not allowed after all listeners are stopped. const std::string listener_bar_yaml = R"EOF( name: bar address: socket_address: address: 127.0.0.1 port_value: 1235 filter_chains: - filters: [] )EOF"; EXPECT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_yaml), "", true)); } // Validate that stopping a warming listener, removes directly from warming listener list. TEST_F(ListenerManagerImplTest, StopWarmingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 per_connection_buffer_limit_bytes: 999 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo_update1 = expectListenerCreate(true, true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1UL, manager_->listeners().size()); // Stop foo which should remove warming listener. EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo, onDestroy()); manager_->stopListeners(ListenerManager::StopListenersType::InboundOnly); EXPECT_EQ(1, server_.stats_store_.counterFromString("listener_manager.listener_stopped").value()); } TEST_F(ListenerManagerImplTest, AddListenerFailure) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into active. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 0.0.0.0 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); worker_->callAddCompletion(false); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ( 1UL, server_.stats_store_.counterFromString("listener_manager.listener_create_failure").value()); } TEST_F(ListenerManagerImplTest, StaticListenerAddFailure) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into active. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 0.0.0.0 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, false); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", false)); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); worker_->callAddCompletion(false); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ( 1UL, server_.stats_store_.counterFromString("listener_manager.listener_create_failure").value()); EXPECT_EQ(0, manager_->listeners().size()); } TEST_F(ListenerManagerImplTest, StatsNameValidCharacterTest) { const std::string yaml = R"EOF( address: socket_address: address: "::1" port_value: 10000 filter_chains: - filters: [] )EOF"; manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); manager_->listeners().front().get().listenerScope().counterFromString("foo").inc(); EXPECT_EQ(1UL, server_.stats_store_.counterFromString("listener.[__1]_10000.foo").value()); } TEST_F(ListenerManagerImplTest, DuplicateAddressDontBind) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 0.0.0.0 port_value: 1234 deprecated_v1: bind_to_port: false filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, ListenSocketCreationParams(false))); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); // Add bar with same non-binding address. Should fail. const std::string listener_bar_yaml = R"EOF( name: bar address: socket_address: address: 0.0.0.0 port_value: 1234 deprecated_v1: bind_to_port: false filter_chains: - filters: [] )EOF"; ListenerHandle* listener_bar = expectListenerCreate(true, true); EXPECT_CALL(*listener_bar, onDestroy()); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_yaml), "", true), EnvoyException, "error adding listener: 'bar' has duplicate address '0.0.0.0:1234' as existing listener"); // Move foo to active and then try to add again. This should still fail. EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); listener_bar = expectListenerCreate(true, true); EXPECT_CALL(*listener_bar, onDestroy()); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_bar_yaml), "", true), EnvoyException, "error adding listener: 'bar' has duplicate address '0.0.0.0:1234' as existing listener"); EXPECT_CALL(*listener_foo, onDestroy()); } TEST_F(ListenerManagerImplTest, EarlyShutdown) { // If stopWorkers is called before the workers are started, it should be a no-op: they should be // neither started nor stopped. EXPECT_CALL(*worker_, start(_)).Times(0); EXPECT_CALL(*worker_, stop()).Times(0); manager_->stopWorkers(); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithDestinationPortMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: destination_port: 8080 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv4 client connects to unknown port - no match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // IPv4 client connects to valid port - using 1st filter chain. filter_chain = findFilterChain(8080, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // UDS client - no match. filter_chain = findFilterChain(0, "/tmp/test.sock", "", "tls", {}, "/tmp/test.sock", 111); EXPECT_EQ(filter_chain, nullptr); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithDestinationIPMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: prefix_ranges: { address_prefix: 127.0.0.0, prefix_len: 8 } transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv4 client connects to unknown IP - no match. auto filter_chain = findFilterChain(1234, "1.2.3.4", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // IPv4 client connects to valid IP - using 1st filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // UDS client - no match. filter_chain = findFilterChain(0, "/tmp/test.sock", "", "tls", {}, "/tmp/test.sock", 111); EXPECT_EQ(filter_chain, nullptr); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithServerNamesMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: "server1.example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS client without SNI - no match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // TLS client without matching SNI - no match. filter_chain = findFilterChain(1234, "127.0.0.1", "www.example.com", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // TLS client with matching SNI - using 1st filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "server1.example.com", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithTransportProtocolMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: transport_protocol: "tls" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TCP client - no match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "raw_buffer", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // TLS client - using 1st filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithApplicationProtocolMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: application_protocols: "http/1.1" source_type: ANY transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS client without ALPN - no match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // TLS client with "http/1.1" ALPN - using 1st filter chain. filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "8.8.8.8", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } // Define a source_type filter chain match and test against it. TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithSourceTypeMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: source_type: SAME_IP_OR_LOOPBACK transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // EXTERNAL IPv4 client without "http/1.1" ALPN - no match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "8.8.8.8", 111); EXPECT_EQ(filter_chain, nullptr); // LOCAL IPv4 client with "http/1.1" ALPN - using 1st filter chain. filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // LOCAL UDS client with "http/1.1" ALPN - using 1st filter chain. filter_chain = findFilterChain( 0, "/tmp/test.sock", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "/tmp/test.sock", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } // Verify source IP matches. TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithSourceIpMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: source_prefix_ranges: - address_prefix: 10.0.0.1 prefix_len: 24 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv4 client with source 10.0.1.1. No match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "10.0.1.1", 111); EXPECT_EQ(filter_chain, nullptr); // IPv4 client with source 10.0.0.10, Match. filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "10.0.0.10", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // IPv6 client. No match. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "2001:0db8:85a3:0000:0000:8a2e:0370:7334", 111); EXPECT_EQ(filter_chain, nullptr); // UDS client. No match. filter_chain = findFilterChain( 0, "/tmp/test.sock", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "/tmp/test.sock", 0); ASSERT_EQ(filter_chain, nullptr); } // Verify source IPv6 matches. TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithSourceIpv6Match) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: source_prefix_ranges: - address_prefix: 2001:0db8:85a3:0000:0000:0000:0000:0000 prefix_len: 64 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv6 client with matching subnet. Match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "2001:0db8:85a3:0000:0000:8a2e:0370:7334", 111); EXPECT_NE(filter_chain, nullptr); // IPv6 client with non-matching subnet. No match. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "2001:0db8:85a3:0001:0000:8a2e:0370:7334", 111); EXPECT_EQ(filter_chain, nullptr); } // Verify source port matches. TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithSourcePortMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: source_ports: - 100 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // Client with source port 100. Match. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 100); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // Client with source port 101. No match. filter_chain = findFilterChain( 1234, "8.8.8.8", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "4.4.4.4", 101); ASSERT_EQ(filter_chain, nullptr); } // Define multiple source_type filter chain matches and test against them. TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainWithSourceTypeMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: source_type: SAME_IP_OR_LOOPBACK transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } - filter_chain_match: application_protocols: "http/1.1" source_type: EXTERNAL transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" } - filter_chain_match: source_type: ANY transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // LOCAL TLS client with "http/1.1" ALPN - no match. auto filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "127.0.0.1", 111); EXPECT_EQ(filter_chain, nullptr); // LOCAL TLS client without "http/1.1" ALPN - using 1st filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // EXTERNAL TLS client with "http/1.1" ALPN - using 2nd filter chain. filter_chain = findFilterChain( 1234, "8.8.8.8", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "4.4.4.4", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); auto uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); // EXTERNAL TLS client without "http/1.1" ALPN - using 3rd filter chain. filter_chain = findFilterChain(1234, "8.8.8.8", "", "tls", {}, "4.4.4.4", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 2); EXPECT_EQ(server_names.front(), "*.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithDestinationPortMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" } - filter_chain_match: destination_port: 8080 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } - filter_chain_match: destination_port: 8081 transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv4 client connects to default port - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); // IPv4 client connects to port 8080 - using 2nd filter chain. filter_chain = findFilterChain(8080, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // IPv4 client connects to port 8081 - using 3rd filter chain. filter_chain = findFilterChain(8081, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 2); EXPECT_EQ(server_names.front(), "*.example.com"); // UDS client - using 1st filter chain. filter_chain = findFilterChain(0, "/tmp/test.sock", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithDestinationIPMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" } - filter_chain_match: prefix_ranges: { address_prefix: 192.168.0.1, prefix_len: 32 } transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } - filter_chain_match: prefix_ranges: { address_prefix: 192.168.0.0, prefix_len: 16 } transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // IPv4 client connects to default IP - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); // IPv4 client connects to exact IP match - using 2nd filter chain. filter_chain = findFilterChain(1234, "192.168.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // IPv4 client connects to wildcard IP match - using 3rd filter chain. filter_chain = findFilterChain(1234, "192.168.1.1", "", "tls", {}, "192.168.1.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 2); EXPECT_EQ(server_names.front(), "*.example.com"); // UDS client - using 1st filter chain. filter_chain = findFilterChain(0, "/tmp/test.sock", "", "tls", {}, "/tmp/test.sock", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithServerNamesMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" - filter_chain_match: server_names: "server1.example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" - filter_chain_match: server_names: "*.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_multiple_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS client without SNI - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto uri = ssl_socket->ssl()->uriSanLocalCertificate(); EXPECT_EQ(uri[0], "spiffe://lyft.com/test-team"); // TLS client with exact SNI match - using 2nd filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "server1.example.com", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); // TLS client with wildcard SNI match - using 3rd filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "server2.example.com", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 2); EXPECT_EQ(server_names.front(), "*.example.com"); // TLS client with wildcard SNI match - using 3rd filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "www.wildcard.com", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); ssl_socket = dynamic_cast(transport_socket.get()); server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 2); EXPECT_EQ(server_names.front(), "*.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithTransportProtocolMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty - filter_chain_match: transport_protocol: "tls" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TCP client - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "raw_buffer", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_FALSE(filter_chain->transportSocketFactory().implementsSecureTransport()); // TLS client - using 2nd filter chain. filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithApplicationProtocolMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty - filter_chain_match: application_protocols: ["dummy", "h2"] transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS client without ALPN - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_FALSE(filter_chain->transportSocketFactory().implementsSecureTransport()); // TLS client with "h2,http/1.1" ALPN - using 2nd filter chain. filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithMultipleRequirementsMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: # empty - filter_chain_match: server_names: ["www.example.com", "server1.example.com"] transport_protocol: "tls" application_protocols: ["dummy", "h2"] transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS client without SNI and ALPN - using 1st filter chain. auto filter_chain = findFilterChain(1234, "127.0.0.1", "", "tls", {}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_FALSE(filter_chain->transportSocketFactory().implementsSecureTransport()); // TLS client with exact SNI match but without ALPN - no match (SNI blackholed by configuration). filter_chain = findFilterChain(1234, "127.0.0.1", "server1.example.com", "tls", {}, "127.0.0.1", 111); EXPECT_EQ(filter_chain, nullptr); // TLS client with ALPN match but without SNI - using 1st filter chain. filter_chain = findFilterChain( 1234, "127.0.0.1", "", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_FALSE(filter_chain->transportSocketFactory().implementsSecureTransport()); // TLS client with exact SNI match and ALPN match - using 2nd filter chain. filter_chain = findFilterChain( 1234, "127.0.0.1", "server1.example.com", "tls", {Http::Utility::AlpnNames::get().Http2, Http::Utility::AlpnNames::get().Http11}, "127.0.0.1", 111); ASSERT_NE(filter_chain, nullptr); EXPECT_TRUE(filter_chain->transportSocketFactory().implementsSecureTransport()); auto transport_socket = filter_chain->transportSocketFactory().createTransportSocket(nullptr); auto ssl_socket = dynamic_cast(transport_socket.get()); auto server_names = ssl_socket->ssl()->dnsSansLocalCertificate(); EXPECT_EQ(server_names.size(), 1); EXPECT_EQ(server_names.front(), "server1.example.com"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithDifferentSessionTicketKeys) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: "example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" - filter_chain_match: server_names: "www.example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_b" )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithMixedUseOfSessionTicketKeys) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: "example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } session_ticket_keys: keys: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ticket_key_a" - filter_chain_match: server_names: "www.example.com" transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithInvalidDestinationIPMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: prefix_ranges: { address_prefix: a.b.c.d, prefix_len: 32 } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "malformed IP address: a.b.c.d"); } TEST_F(ListenerManagerImplWithRealFiltersTest, SingleFilterChainWithInvalidServerNamesMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: "*w.example.com" )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "error adding listener '127.0.0.1:1234': partial wildcards are not " "supported in \"server_names\""); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithSameMatch) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - name : foo filter_chain_match: transport_protocol: "tls" - name: bar filter_chain_match: transport_protocol: "tls" )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "error adding listener '127.0.0.1:1234': filter chain 'bar' has " "the same matching rules defined as 'foo'"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithSameMatchPlusUnimplementedFields) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - name: foo filter_chain_match: transport_protocol: "tls" - name: bar filter_chain_match: transport_protocol: "tls" address_suffix: 127.0.0.0 )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "error adding listener '127.0.0.1:1234': filter chain 'bar' contains unimplemented fields"); } TEST_F(ListenerManagerImplWithRealFiltersTest, MultipleFilterChainsWithOverlappingRules) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.filters.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: server_names: "example.com" - filter_chain_match: server_names: ["example.com", "www.example.com"] )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "error adding listener '127.0.0.1:1234': multiple filter chains with " "overlapping matching rules are defined"); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsFilterChainWithoutTlsInspector) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - filter_chain_match: transport_protocol: "tls" - filter_chain_match: # empty )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS Inspector is automatically injected for filter chains with TLS requirements, // so make sure there is exactly 1 listener filter (and assume it's TLS Inspector). Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr&) -> void {})); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } // Test the tls inspector is not injected twice when the deprecated name is used. TEST_F(ListenerManagerImplWithRealFiltersTest, DEPRECATED_FEATURE_TEST(TlsFilterChainWithDeprecatedTlsInspectorName)) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } listener_filters: - name: "envoy.listener.tls_inspector" typed_config: {} filter_chains: - filter_chain_match: transport_protocol: "tls" - filter_chain_match: # empty )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // Make sure there is exactly 1 listener filter (and assume it's TLS Inspector). 2 filters // would imply incorrect injection of a second filter. Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr&) -> void {})); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } TEST_F(ListenerManagerImplWithRealFiltersTest, SniFilterChainWithoutTlsInspector) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - filter_chain_match: server_names: "example.com" - filter_chain_match: # empty )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS Inspector is automatically injected for filter chains with SNI requirements, // so make sure there is exactly 1 listener filter (and assume it's TLS Inspector). Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr&) -> void {})); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } TEST_F(ListenerManagerImplWithRealFiltersTest, AlpnFilterChainWithoutTlsInspector) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - filter_chain_match: application_protocols: ["h2", "http/1.1"] - filter_chain_match: # empty )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // TLS Inspector is automatically injected for filter chains with ALPN requirements, // so make sure there is exactly 1 listener filter (and assume it's TLS Inspector). Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr&) -> void {})); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } TEST_F(ListenerManagerImplWithRealFiltersTest, CustomTransportProtocolWithSniWithoutTlsInspector) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - filter_chain_match: server_names: "example.com" transport_protocol: "custom" - filter_chain_match: # empty )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); // Make sure there are no listener filters (i.e. no automatically injected TLS Inspector). Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; EXPECT_CALL(manager, addAcceptFilter_(_, _)).Times(0); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateInline) { const std::string cert = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem")); const std::string pkey = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_key.pem")); const std::string ca = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem")); const std::string yaml = absl::StrCat(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { inline_string: ")EOF", absl::CEscape(cert), R"EOF(" } private_key: { inline_string: ")EOF", absl::CEscape(pkey), R"EOF(" } validation_context: trusted_ca: { inline_string: ")EOF", absl::CEscape(ca), R"EOF(" } )EOF"); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateChainInlinePrivateKeyFilename) { const std::string cert = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem")); const std::string yaml = TestEnvironment::substitute(absl::StrCat(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_key.pem" } certificate_chain: { inline_string: ")EOF", absl::CEscape(cert), R"EOF(" } )EOF"), Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateIncomplete) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, TestEnvironment::substitute( "Failed to load incomplete certificate from {{ test_rundir }}" "/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem, ", Network::Address::IpVersion::v4)); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateInvalidCertificateChain) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { inline_string: "invalid" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_key.pem" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Failed to load certificate chain from "); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateInvalidIntermediateCA) { const std::string leaf = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_cert.pem")); const std::string yaml = TestEnvironment::substitute( absl::StrCat( R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { inline_string: ")EOF", absl::CEscape(leaf), R"EOF(\n-----BEGIN CERTIFICATE-----\nDEFINITELY_INVALID_CERTIFICATE\n-----END CERTIFICATE-----" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_key.pem" } )EOF"), Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Failed to load certificate chain from "); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateInvalidPrivateKey) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem" } private_key: { inline_string: "invalid" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Failed to load private key from "); } TEST_F(ListenerManagerImplWithRealFiltersTest, TlsCertificateInvalidTrustedCA) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_chain.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns3_key.pem" } validation_context: trusted_ca: { inline_string: "invalid" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Failed to load trusted CA certificates from "); } TEST_F(ListenerManagerImplWithRealFiltersTest, Metadata) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } metadata: { filter_metadata: { com.bar.foo: { baz: test_value } } } traffic_direction: INBOUND filter_chains: - filter_chain_match: filters: - name: http typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: metadata_test route_config: virtual_hosts: - name: "some_virtual_host" domains: ["some.domain"] routes: - match: { prefix: "/" } route: { cluster: service_foo } listener_filters: - name: "envoy.filters.listener.original_dst" typed_config: {} )EOF", Network::Address::IpVersion::v4); Configuration::ListenerFactoryContext* listener_factory_context = nullptr; // Extract listener_factory_context avoid accessing private member. ON_CALL(listener_factory_, createListenerFilterFactoryList(_, _)) .WillByDefault( Invoke([&listener_factory_context]( const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) -> std::vector { listener_factory_context = &context; return ProdListenerComponentFactory::createListenerFilterFactoryList_(filters, context); })); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); ASSERT_NE(nullptr, listener_factory_context); EXPECT_EQ("test_value", Config::Metadata::metadataValue( &listener_factory_context->listenerMetadata(), "com.bar.foo", "baz") .string_value()); EXPECT_EQ(envoy::config::core::v3::INBOUND, listener_factory_context->direction()); } TEST_F(ListenerManagerImplWithRealFiltersTest, OriginalDstFilter) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1111 } filter_chains: {} listener_filters: - name: "envoy.filters.listener.original_dst" typed_config: {} )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; #ifdef SOL_IP // Return error when trying to retrieve the original dst on the invalid handle EXPECT_CALL(os_sys_calls_, getsockopt_(_, _, _, _, _)).WillOnce(Return(-1)); #endif NiceMock callbacks; Network::AcceptedSocketImpl socket(std::make_unique(), Network::Address::InstanceConstSharedPtr{ new Network::Address::Ipv4Instance("127.0.0.1", 1234)}, Network::Address::InstanceConstSharedPtr{ new Network::Address::Ipv4Instance("127.0.0.1", 5678)}); EXPECT_CALL(callbacks, socket()).WillOnce(Invoke([&]() -> Network::ConnectionSocket& { return socket; })); EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr& filter) -> void { EXPECT_EQ(Network::FilterStatus::Continue, filter->onAccept(callbacks)); })); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); } class OriginalDstTestFilter : public Extensions::ListenerFilters::OriginalDst::OriginalDstFilter { Network::Address::InstanceConstSharedPtr getOriginalDst(Network::Socket&) override { return Network::Address::InstanceConstSharedPtr{ new Network::Address::Ipv4Instance("127.0.0.2", 2345)}; } }; TEST_F(ListenerManagerImplWithRealFiltersTest, OriginalDstTestFilter) { class OriginalDstTestConfigFactory : public Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto(const Protobuf::Message&, const Network::ListenerFilterMatcherSharedPtr&, Configuration::ListenerFactoryContext&) override { return [](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(nullptr, std::make_unique()); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return std::make_unique(); } std::string name() const override { return "test.listener.original_dst"; } }; OriginalDstTestConfigFactory factory; Registry::InjectFactory registration(factory); const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1111 } filter_chains: {} listener_filters: - name: "test.listener.original_dst" typed_config: {} )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; NiceMock callbacks; Network::AcceptedSocketImpl socket( std::make_unique(), std::make_unique("127.0.0.1", 1234), std::make_unique("127.0.0.1", 5678)); EXPECT_CALL(callbacks, socket()).WillOnce(Invoke([&]() -> Network::ConnectionSocket& { return socket; })); EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr& filter) -> void { EXPECT_EQ(Network::FilterStatus::Continue, filter->onAccept(callbacks)); })); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); EXPECT_TRUE(socket.localAddressRestored()); EXPECT_EQ("127.0.0.2:2345", socket.localAddress()->asString()); } class OriginalDstTestFilterIPv6 : public Extensions::ListenerFilters::OriginalDst::OriginalDstFilter { Network::Address::InstanceConstSharedPtr getOriginalDst(Network::Socket&) override { return Network::Address::InstanceConstSharedPtr{ new Network::Address::Ipv6Instance("1::2", 2345)}; } }; TEST_F(ListenerManagerImplWithRealFiltersTest, OriginalDstTestFilterIPv6) { class OriginalDstTestConfigFactory : public Configuration::NamedListenerFilterConfigFactory { public: // NamedListenerFilterConfigFactory Network::ListenerFilterFactoryCb createListenerFilterFactoryFromProto(const Protobuf::Message&, const Network::ListenerFilterMatcherSharedPtr&, Configuration::ListenerFactoryContext&) override { return [](Network::ListenerFilterManager& filter_manager) -> void { filter_manager.addAcceptFilter(nullptr, std::make_unique()); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return std::make_unique(); } std::string name() const override { return "test.listener.original_dstipv6"; } }; OriginalDstTestConfigFactory factory; Registry::InjectFactory registration(factory); const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: ::0001, port_value: 1111 } filter_chains: {} listener_filters: - name: "test.listener.original_dstipv6" typed_config: {} )EOF", Network::Address::IpVersion::v6); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); Network::ListenerConfig& listener = manager_->listeners().back().get(); Network::FilterChainFactory& filterChainFactory = listener.filterChainFactory(); Network::MockListenerFilterManager manager; NiceMock callbacks; Network::AcceptedSocketImpl socket( std::make_unique(), std::make_unique("::0001", 1234), std::make_unique("::0001", 5678)); EXPECT_CALL(callbacks, socket()).WillOnce(Invoke([&]() -> Network::ConnectionSocket& { return socket; })); EXPECT_CALL(manager, addAcceptFilter_(_, _)) .WillOnce(Invoke([&](const Network::ListenerFilterMatcherSharedPtr&, Network::ListenerFilterPtr& filter) -> void { EXPECT_EQ(Network::FilterStatus::Continue, filter->onAccept(callbacks)); })); EXPECT_TRUE(filterChainFactory.createListenerFilterChain(manager)); EXPECT_TRUE(socket.localAddressRestored()); EXPECT_EQ("[1::2]:2345", socket.localAddress()->asString()); } // Validate that when neither transparent nor freebind is not set in the // Listener, we see no socket option set. TEST_F(ListenerManagerImplWithRealFiltersTest, TransparentFreebindListenerDisabled) { const std::string yaml = TestEnvironment::substitute(R"EOF( name: "TestListener" address: socket_address: { address: 127.0.0.1, port_value: 1111 } transparent: false freebind: false filter_chains: - filters: )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})) .WillOnce(Invoke([&](Network::Address::InstanceConstSharedPtr, Network::Socket::Type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams&) -> Network::SocketSharedPtr { EXPECT_EQ(options, nullptr); return listener_factory_.socket_; })); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } // Validate that when transparent is set in the Listener, we see the socket option // propagated to setsockopt(). This is as close to an end-to-end test as we have // for this feature, due to the complexity of creating an integration test // involving the network stack. We only test the IPv4 case here, as the logic // around IPv4/IPv6 handling is tested generically in // socket_option_impl_test.cc. TEST_F(ListenerManagerImplWithRealFiltersTest, TransparentListenerEnabled) { auto listener = createIPv4Listener("TransparentListener"); listener.mutable_transparent()->set_value(true); testSocketOption(listener, envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_IP_TRANSPARENT, /* expected_value */ 1, /* expected_num_options */ 2); } // Validate that when freebind is set in the Listener, we see the socket option // propagated to setsockopt(). This is as close to an end-to-end test as we have // for this feature, due to the complexity of creating an integration test // involving the network stack. We only test the IPv4 case here, as the logic // around IPv4/IPv6 handling is tested generically in // socket_option_impl_test.cc. TEST_F(ListenerManagerImplWithRealFiltersTest, FreebindListenerEnabled) { auto listener = createIPv4Listener("FreebindListener"); listener.mutable_freebind()->set_value(true); testSocketOption(listener, envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_IP_FREEBIND, /* expected_value */ 1); } // Validate that when tcp_fast_open_queue_length is set in the Listener, we see the socket option // propagated to setsockopt(). This is as close to an end-to-end test as we have // for this feature, due to the complexity of creating an integration test // involving the network stack. We only test the IPv4 case here, as the logic // around IPv4/IPv6 handling is tested generically in // socket_option_impl_test.cc. TEST_F(ListenerManagerImplWithRealFiltersTest, FastOpenListenerEnabled) { auto listener = createIPv4Listener("FastOpenListener"); listener.mutable_tcp_fast_open_queue_length()->set_value(1); testSocketOption(listener, envoy::config::core::v3::SocketOption::STATE_LISTENING, ENVOY_SOCKET_TCP_FASTOPEN, /* expected_value */ 1); } // Validate that when reuse_port is set in the Listener, we see the socket option // propagated to setsockopt(). TEST_F(ListenerManagerImplWithRealFiltersTest, ReusePortListenerEnabledForTcp) { auto listener = createIPv4Listener("ReusePortListener"); listener.set_reuse_port(true); // when reuse_port is true, port should be 0 for creating the shared socket, // otherwise socket creation will be done on worker thread. listener.mutable_address()->mutable_socket_address()->set_port_value(0); testSocketOption(listener, envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_SOCKET_SO_REUSEPORT, /* expected_value */ 1, /* expected_num_options */ 1, /* expected_creation_params */ {true, false}); } TEST_F(ListenerManagerImplWithRealFiltersTest, ReusePortListenerDisabled) { auto listener = createIPv4Listener("UdpListener"); listener.mutable_address()->mutable_socket_address()->set_protocol( envoy::config::core::v3::SocketAddress::UDP); // For UDP, verify that we fail if reuse port is false and concurrency is > 1. listener.set_reuse_port(false); server_.options_.concurrency_ = 2; EXPECT_THROW_WITH_MESSAGE( manager_->addOrUpdateListener(listener, "", true), EnvoyException, "Listening on UDP when concurrency is > 1 without the SO_REUSEPORT socket option results in " "unstable packet proxying. Configure the reuse_port listener option or set concurrency = 1."); EXPECT_EQ(0, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, LiteralSockoptListenerEnabled) { const envoy::config::listener::v3::Listener listener = parseListenerFromV3Yaml(R"EOF( name: SockoptsListener address: socket_address: { address: 127.0.0.1, port_value: 1111 } filter_chains: - filters: socket_options: [ # The socket goes through socket() and bind() but never listen(), so if we # ever saw (7, 8, 9) being applied it would cause a EXPECT_CALL failure. { level: 1, name: 2, int_value: 3, state: STATE_PREBIND }, { level: 4, name: 5, int_value: 6, state: STATE_BOUND }, { level: 7, name: 8, int_value: 9, state: STATE_LISTENING }, ] )EOF"); expectCreateListenSocket(envoy::config::core::v3::SocketOption::STATE_PREBIND, /* expected_num_options */ 3); expectSetsockopt( /* expected_sockopt_level */ 1, /* expected_sockopt_name */ 2, /* expected_value */ 3); expectSetsockopt( /* expected_sockopt_level */ 4, /* expected_sockopt_name */ 5, /* expected_value */ 6); manager_->addOrUpdateListener(listener, "", true); EXPECT_EQ(1U, manager_->listeners().size()); } // Set the resolver to the default IP resolver. The address resolver logic is unit tested in // resolver_impl_test.cc. TEST_F(ListenerManagerImplWithRealFiltersTest, AddressResolver) { const std::string yaml = TestEnvironment::substitute(R"EOF( name: AddressResolverdListener address: socket_address: { address: 127.0.0.1, port_value: 1111, resolver_name: envoy.mock.resolver } filter_chains: - filters: )EOF", Network::Address::IpVersion::v4); NiceMock mock_resolver; EXPECT_CALL(mock_resolver, resolve(_)) .Times(2) .WillRepeatedly(Return(Network::Utility::parseInternetAddress("127.0.0.1", 1111, false))); Registry::InjectFactory register_resolver(mock_resolver); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, CRLFilename) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: trusted_ca: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" } crl: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.crl" } )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, CRLInline) { const std::string crl = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.crl")); const std::string yaml = TestEnvironment::substitute(absl::StrCat(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: trusted_ca: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" } crl: { inline_string: ")EOF", absl::CEscape(crl), R"EOF(" } )EOF"), Network::Address::IpVersion::v4); EXPECT_CALL(server_.api_.random_, uuid()); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); } TEST_F(ListenerManagerImplWithRealFiltersTest, InvalidCRLInline) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: trusted_ca: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" } crl: { inline_string: "-----BEGIN X509 CRL-----\nTOTALLY_NOT_A_CRL_HERE\n-----END X509 CRL-----\n" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Failed to load CRL from "); } TEST_F(ListenerManagerImplWithRealFiltersTest, CRLWithNoCA) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: crl: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.crl" } )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_REGEX(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "^Failed to load CRL from .* without trusted CA$"); } TEST_F(ListenerManagerImplWithRealFiltersTest, VerifySanWithNoCA) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: match_subject_alt_names: exact: "spiffe://lyft.com/testclient" )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "SAN-based verification of peer certificates without trusted CA " "is insecure and not allowed"); } // Disabling certificate expiration checks only makes sense with a trusted CA. TEST_F(ListenerManagerImplWithRealFiltersTest, VerifyIgnoreExpirationWithNoCA) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: allow_expired_certificate: true )EOF", Network::Address::IpVersion::v4); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true), EnvoyException, "Certificate validity period is always ignored without trusted CA"); } // Verify that with a CA, expired certificates are allowed. TEST_F(ListenerManagerImplWithRealFiltersTest, VerifyIgnoreExpirationWithCA) { const std::string yaml = TestEnvironment::substitute(R"EOF( address: socket_address: { address: 127.0.0.1, port_value: 1234 } filter_chains: - transport_socket: name: tls typed_config: "@type": type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext common_tls_context: tls_certificates: - certificate_chain: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem" } private_key: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_key.pem" } validation_context: trusted_ca: { filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" } allow_expired_certificate: true )EOF", Network::Address::IpVersion::v4); EXPECT_NO_THROW(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true)); } // Validate that dispatcher stats prefix is set correctly when enabled. TEST_F(ListenerManagerImplWithDispatcherStatsTest, DispatherStatsWithCorrectPrefix) { EXPECT_CALL(*worker_, start(_)); EXPECT_CALL(*worker_, initializeStats(_)); manager_->startWorkers(guard_dog_); } TEST_F(ListenerManagerImplWithRealFiltersTest, ApiListener) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; ASSERT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", false)); EXPECT_EQ(0U, manager_->listeners().size()); ASSERT_TRUE(manager_->apiListener().has_value()); } TEST_F(ListenerManagerImplWithRealFiltersTest, ApiListenerNotAllowedAddedViaApi) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; ASSERT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true)); EXPECT_EQ(0U, manager_->listeners().size()); ASSERT_FALSE(manager_->apiListener().has_value()); } TEST_F(ListenerManagerImplWithRealFiltersTest, ApiListenerOnlyOneApiListener) { const std::string yaml = R"EOF( name: test_api_listener address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; const std::string yaml2 = R"EOF( name: test_api_listener_2 address: socket_address: address: 127.0.0.1 port_value: 1234 api_listener: api_listener: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: hcm route_config: name: api_router virtual_hosts: - name: api domains: - "*" routes: - match: prefix: "/" route: cluster: dynamic_forward_proxy_cluster )EOF"; ASSERT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", false)); EXPECT_EQ(0U, manager_->listeners().size()); ASSERT_TRUE(manager_->apiListener().has_value()); EXPECT_EQ("test_api_listener", manager_->apiListener()->get().name()); // Only one ApiListener is added. ASSERT_FALSE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", false)); EXPECT_EQ(0U, manager_->listeners().size()); // The original ApiListener is there. ASSERT_TRUE(manager_->apiListener().has_value()); EXPECT_EQ("test_api_listener", manager_->apiListener()->get().name()); } TEST_F(ListenerManagerImplTest, StopInplaceWarmingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); EXPECT_EQ(1UL, manager_->listeners().size()); // Stop foo which should remove warming listener. EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo, onDestroy()); manager_->stopListeners(ListenerManager::StopListenersType::InboundOnly); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_stopped").value()); } TEST_F(ListenerManagerImplTest, RemoveInplaceUpdatingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 1, 0, 1, 1, 0, 0); // Remove foo which should remove both warming and active. EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); checkStats(__LINE__, 1, 1, 1, 0, 0, 1, 0); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo->drain_manager_->drain_sequence_completion_(); checkStats(__LINE__, 1, 1, 1, 0, 0, 1, 0); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ(0UL, manager_->listeners().size()); checkStats(__LINE__, 1, 1, 1, 0, 0, 0, 0); } TEST_F(ListenerManagerImplTest, UpdateInplaceWarmingListener) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 1, 0, 1, 1, 0, 0); // Listener warmed up. EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(*listener_foo, onDestroy()); listener_foo_update1->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); EXPECT_CALL(*listener_foo_update1, onDestroy()); } TEST_F(ListenerManagerImplTest, DrainageDuringInplaceUpdate) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener into warming. const std::string listener_foo_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(true, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(listener_foo->target_, initialize()); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); checkStats(__LINE__, 1, 0, 0, 1, 0, 0, 0); EXPECT_CALL(*worker_, addListener(_, _, _)); listener_foo->target_.ready(); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); // Update foo into warming. const std::string listener_foo_update1_yaml = R"EOF( name: foo traffic_direction: INBOUND address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(true); EXPECT_CALL(listener_foo_update1->target_, initialize()); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1UL, manager_->listeners().size()); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); checkStats(__LINE__, 1, 1, 0, 1, 1, 0, 0); // The warmed up starts the drain timer. EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(server_.options_, drainTime()).WillOnce(Return(std::chrono::seconds(600))); Event::MockTimer* filter_chain_drain_timer = new Event::MockTimer(&server_.dispatcher_); EXPECT_CALL(*filter_chain_drain_timer, enableTimer(std::chrono::milliseconds(600000), _)); listener_foo_update1->target_.ready(); checkStats(__LINE__, 1, 1, 0, 0, 1, 0, 1); // Timer expires, worker close connections if any. EXPECT_CALL(*worker_, removeFilterChains(_, _, _)); filter_chain_drain_timer->invokeCallback(); // Once worker clean up is done, it's safe for the main thread to remove the original listener. EXPECT_CALL(*listener_foo, onDestroy()); worker_->callDrainFilterChainsComplete(); checkStats(__LINE__, 1, 1, 0, 0, 1, 0, 0); EXPECT_CALL(*listener_foo_update1, onDestroy()); } TEST(ListenerMessageUtilTest, ListenerMessageSameAreEquivalent) { envoy::config::listener::v3::Listener listener1; envoy::config::listener::v3::Listener listener2; EXPECT_TRUE(Server::ListenerMessageUtil::filterChainOnlyChange(listener1, listener2)); } TEST(ListenerMessageUtilTest, ListenerMessageHaveDifferentNameNotEquivalent) { envoy::config::listener::v3::Listener listener1; listener1.set_name("listener1"); envoy::config::listener::v3::Listener listener2; listener2.set_name("listener2"); EXPECT_FALSE(Server::ListenerMessageUtil::filterChainOnlyChange(listener1, listener2)); } TEST(ListenerMessageUtilTest, ListenerMessageHaveDifferentFilterChainsAreEquivalent) { envoy::config::listener::v3::Listener listener1; listener1.set_name("common"); auto add_filter_chain_1 = listener1.add_filter_chains(); add_filter_chain_1->set_name("127.0.0.1"); envoy::config::listener::v3::Listener listener2; listener2.set_name("common"); auto add_filter_chain_2 = listener2.add_filter_chains(); add_filter_chain_2->set_name("127.0.0.2"); EXPECT_TRUE(Server::ListenerMessageUtil::filterChainOnlyChange(listener1, listener2)); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfWorkerNotStarted) { // Worker is not started yet. auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); manager_->addOrUpdateListener(listener_proto, "", true); EXPECT_EQ(1u, manager_->listeners().size()); // Mutate the listener message as filter chain change only. auto new_listener_proto = listener_proto; new_listener_proto.mutable_filter_chains(0) ->mutable_filter_chain_match() ->mutable_destination_port() ->set_value(9999); EXPECT_CALL(*listener_foo, onDestroy()); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); manager_->addOrUpdateListener(new_listener_proto, "", true); EXPECT_CALL(*listener_foo_update1, onDestroy()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfAnyListenerIsNotTcp) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); expectAddListener(listener_proto, listener_foo); auto new_listener_proto = listener_proto; new_listener_proto.mutable_address()->mutable_socket_address()->set_protocol( envoy::config::core::v3::SocketAddress_Protocol::SocketAddress_Protocol_UDP); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); expectUpdateToThenDrain(new_listener_proto, listener_foo); expectRemove(new_listener_proto, listener_foo_update1); EXPECT_EQ(0UL, manager_->listeners().size()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfImplicitTlsInspectorChanges) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); expectAddListener(listener_proto, listener_foo); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); auto new_listener_proto = listener_proto; *new_listener_proto.mutable_filter_chains(0) ->mutable_filter_chain_match() ->mutable_application_protocols() ->Add() = "alpn"; expectUpdateToThenDrain(new_listener_proto, listener_foo); expectRemove(new_listener_proto, listener_foo_update1); EXPECT_EQ(0UL, manager_->listeners().size()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfImplicitProxyProtocolChanges) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); expectAddListener(listener_proto, listener_foo); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); auto new_listener_proto = listener_proto; new_listener_proto.mutable_filter_chains(0)->mutable_use_proxy_proto()->set_value(true); expectUpdateToThenDrain(new_listener_proto, listener_foo); expectRemove(new_listener_proto, listener_foo_update1); EXPECT_EQ(0UL, manager_->listeners().size()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateOnZeroFilterChain) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); expectAddListener(listener_proto, listener_foo); auto new_listener_proto = listener_proto; new_listener_proto.clear_filter_chains(); EXPECT_CALL(server_.validation_context_, staticValidationVisitor()).Times(0); EXPECT_CALL(server_.validation_context_, dynamicValidationVisitor()); EXPECT_CALL(listener_factory_, createDrainManager_(_)); EXPECT_THROW_WITH_MESSAGE(manager_->addOrUpdateListener(new_listener_proto, "", true), EnvoyException, "error adding listener '127.0.0.1:1234': no filter chains specified"); expectRemove(listener_proto, listener_foo); EXPECT_EQ(0UL, manager_->listeners().size()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfListenerConfigHasUpdateOtherThanFilterChain) { EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); auto listener_proto = createDefaultListener(); ListenerHandle* listener_foo = expectListenerCreate(false, true); expectAddListener(listener_proto, listener_foo); ListenerHandle* listener_foo_update1 = expectListenerCreate(false, true); auto new_listener_proto = listener_proto; new_listener_proto.set_traffic_direction(::envoy::config::core::v3::TrafficDirection::INBOUND); expectUpdateToThenDrain(new_listener_proto, listener_foo); expectRemove(new_listener_proto, listener_foo_update1); EXPECT_EQ(0UL, manager_->listeners().size()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); } // This test execute an in place update first, then a traditional listener update. // The second update is enforced by runtime. TEST_F(ListenerManagerImplTest, RuntimeDisabledInPlaceUpdateFallbacksToTraditionalUpdate) { InSequence s; EXPECT_CALL(*worker_, start(_)); manager_->startWorkers(guard_dog_); // Add foo listener. const std::string listener_foo_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] )EOF"; ListenerHandle* listener_foo = expectListenerCreate(false, true); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, {true})); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_TRUE(manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_yaml), "", true)); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); worker_->callAddCompletion(true); EXPECT_EQ(1UL, manager_->listeners().size()); checkStats(__LINE__, 1, 0, 0, 0, 1, 0, 0); // Add foo listener again. Will execute in place filter chain update path. const std::string listener_foo_update1_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: [] filter_chain_match: destination_port: 1234 )EOF"; ListenerHandle* listener_foo_update1 = expectListenerOverridden(false, listener_foo); EXPECT_CALL(*worker_, addListener(_, _, _)); auto* timer = new Event::MockTimer(dynamic_cast(&server_.dispatcher())); EXPECT_CALL(*timer, enableTimer(_, _)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update1_yaml), "", true)); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); EXPECT_EQ(1UL, manager_->listeners().size()); worker_->callAddCompletion(true); EXPECT_CALL(*worker_, removeFilterChains(_, _, _)); timer->invokeCallback(); EXPECT_CALL(*listener_foo, onDestroy()); worker_->callDrainFilterChainsComplete(); // Update foo again. This time we disable in place filter chain update in runtime. // The traditional full listener update path is used. auto in_place_update_disabled_guard = disableInplaceUpdateForThisTest(); const std::string listener_foo_update2_yaml = R"EOF( name: foo address: socket_address: address: 127.0.0.1 port_value: 1234 filter_chains: - filters: filter_chain_match: destination_port: 2345 )EOF"; ListenerHandle* listener_foo_update2 = expectListenerCreate(false, true); EXPECT_CALL(*worker_, addListener(_, _, _)); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_foo_update1->drain_manager_, startDrainSequence(_)); EXPECT_TRUE( manager_->addOrUpdateListener(parseListenerFromV3Yaml(listener_foo_update2_yaml), "", true)); EXPECT_EQ(1, server_.stats_store_.counter("listener_manager.listener_in_place_updated").value()); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo_update1->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*listener_foo_update1, onDestroy()); worker_->callRemovalCompletion(); EXPECT_CALL(*worker_, stopListener(_, _)); EXPECT_CALL(*listener_factory_.socket_, close()); EXPECT_CALL(*listener_foo_update2->drain_manager_, startDrainSequence(_)); EXPECT_TRUE(manager_->removeListener("foo")); EXPECT_CALL(*worker_, removeListener(_, _)); listener_foo_update2->drain_manager_->drain_sequence_completion_(); EXPECT_CALL(*listener_foo_update2, onDestroy()); worker_->callRemovalCompletion(); EXPECT_EQ(0UL, manager_->listeners().size()); } // This test verifies that on default initialization the UDP Packet Writer // is initialized in passthrough mode. (i.e. by using UdpDefaultWriter). TEST_F(ListenerManagerImplTest, UdpDefaultWriterConfig) { const envoy::config::listener::v3::Listener listener = parseListenerFromV3Yaml(R"EOF( address: socket_address: address: 127.0.0.1 protocol: UDP port_value: 1234 filter_chains: filters: [] )EOF"); manager_->addOrUpdateListener(listener, "", true); EXPECT_EQ(1U, manager_->listeners().size()); Network::SocketSharedPtr listen_socket = manager_->listeners().front().get().listenSocketFactory().getListenSocket(); Network::UdpPacketWriterPtr udp_packet_writer = manager_->listeners().front().get().udpPacketWriterFactory()->get().createUdpPacketWriter( listen_socket->ioHandle(), manager_->listeners()[0].get().listenerScope()); EXPECT_FALSE(udp_packet_writer->isBatchMode()); } TEST_F(ListenerManagerImplTest, TcpBacklogCustomConfig) { const std::string yaml = TestEnvironment::substitute(R"EOF( name: TcpBacklogConfigListener address: socket_address: { address: 127.0.0.1, port_value: 1111 } tcp_backlog_size: 100 filter_chains: - filters: )EOF", Network::Address::IpVersion::v4); EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, _)); manager_->addOrUpdateListener(parseListenerFromV3Yaml(yaml), "", true); EXPECT_EQ(1U, manager_->listeners().size()); EXPECT_EQ(100U, manager_->listeners().back().get().tcpBacklogSize()); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/listener_manager_impl_test.h ================================================ #include #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" #include "common/network/listen_socket_impl.h" #include "common/network/socket_option_impl.h" #include "server/configuration_impl.h" #include "server/listener_manager_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/drain_manager.h" #include "test/mocks/server/guard_dog.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/listener_component_factory.h" #include "test/mocks/server/worker.h" #include "test/mocks/server/worker_factory.h" #include "test/test_common/environment.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_runtime.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::NiceMock; using testing::Return; using testing::ReturnRef; namespace Envoy { namespace Server { class ListenerHandle { public: ListenerHandle(bool need_local_drain_manager = true) { if (need_local_drain_manager) { drain_manager_ = new MockDrainManager(); EXPECT_CALL(*drain_manager_, startParentShutdownSequence()).Times(0); } } ~ListenerHandle() { onDestroy(); } MOCK_METHOD(void, onDestroy, ()); Init::ExpectableTargetImpl target_; MockDrainManager* drain_manager_{}; Configuration::FactoryContext* context_{}; }; class ListenerManagerImplTest : public testing::Test { protected: ListenerManagerImplTest() : api_(Api::createApiForTest(server_.api_.random_)) {} void SetUp() override { ON_CALL(server_, api()).WillByDefault(ReturnRef(*api_)); EXPECT_CALL(worker_factory_, createWorker_()).WillOnce(Return(worker_)); ON_CALL(server_.validation_context_, staticValidationVisitor()) .WillByDefault(ReturnRef(validation_visitor)); ON_CALL(server_.validation_context_, dynamicValidationVisitor()) .WillByDefault(ReturnRef(validation_visitor)); manager_ = std::make_unique(server_, listener_factory_, worker_factory_, enable_dispatcher_stats_); // Use real filter loading by default. ON_CALL(listener_factory_, createNetworkFilterFactoryList(_, _)) .WillByDefault(Invoke( [](const Protobuf::RepeatedPtrField& filters, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) -> std::vector { return ProdListenerComponentFactory::createNetworkFilterFactoryList_( filters, filter_chain_factory_context); })); ON_CALL(listener_factory_, createListenerFilterFactoryList(_, _)) .WillByDefault( Invoke([](const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) -> std::vector { return ProdListenerComponentFactory::createListenerFilterFactoryList_(filters, context); })); ON_CALL(listener_factory_, createUdpListenerFilterFactoryList(_, _)) .WillByDefault( Invoke([](const Protobuf::RepeatedPtrField& filters, Configuration::ListenerFactoryContext& context) -> std::vector { return ProdListenerComponentFactory::createUdpListenerFilterFactoryList_(filters, context); })); ON_CALL(listener_factory_, nextListenerTag()).WillByDefault(Invoke([this]() { return listener_tag_++; })); local_address_ = std::make_shared("127.0.0.1", 1234); remote_address_ = std::make_shared("127.0.0.1", 1234); EXPECT_CALL(os_sys_calls_, close(_)).WillRepeatedly(Return(Api::SysCallIntResult{0, errno})); EXPECT_CALL(os_sys_calls_, getsockname) .WillRepeatedly(Invoke([this](os_fd_t sockfd, sockaddr* addr, socklen_t* addrlen) { return os_sys_calls_actual_.getsockname(sockfd, addr, addrlen); })); socket_ = std::make_unique>(); } /** * This routing sets up an expectation that does various things: * 1) Allows us to track listener destruction via filter factory destruction. * 2) Allows us to register for init manager handling much like RDS, etc. would do. * 3) Stores the factory context for later use. * 4) Creates a mock local drain manager for the listener. */ ListenerHandle* expectListenerCreate(bool need_init, bool added_via_api, envoy::config::listener::v3::Listener::DrainType drain_type = envoy::config::listener::v3::Listener::DEFAULT) { if (added_via_api) { EXPECT_CALL(server_.validation_context_, staticValidationVisitor()).Times(0); EXPECT_CALL(server_.validation_context_, dynamicValidationVisitor()); } else { EXPECT_CALL(server_.validation_context_, staticValidationVisitor()); EXPECT_CALL(server_.validation_context_, dynamicValidationVisitor()).Times(0); } auto raw_listener = new ListenerHandle(); EXPECT_CALL(listener_factory_, createDrainManager_(drain_type)) .WillOnce(Return(raw_listener->drain_manager_)); EXPECT_CALL(listener_factory_, createNetworkFilterFactoryList(_, _)) .WillOnce(Invoke( [raw_listener, need_init]( const Protobuf::RepeatedPtrField&, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) -> std::vector { std::shared_ptr notifier(raw_listener); raw_listener->context_ = &filter_chain_factory_context; if (need_init) { filter_chain_factory_context.initManager().add(notifier->target_); } return {[notifier](Network::FilterManager&) -> void {}}; })); return raw_listener; } ListenerHandle* expectListenerOverridden(bool need_init, ListenerHandle* origin = nullptr) { auto raw_listener = new ListenerHandle(false); // Simulate ListenerImpl: drain manager is copied from origin. if (origin != nullptr) { raw_listener->drain_manager_ = origin->drain_manager_; } // Overridden listener is always added by api. EXPECT_CALL(server_.validation_context_, staticValidationVisitor()).Times(0); EXPECT_CALL(server_.validation_context_, dynamicValidationVisitor()); EXPECT_CALL(listener_factory_, createNetworkFilterFactoryList(_, _)) .WillOnce(Invoke( [raw_listener, need_init]( const Protobuf::RepeatedPtrField&, Server::Configuration::FilterChainFactoryContext& filter_chain_factory_context) -> std::vector { std::shared_ptr notifier(raw_listener); raw_listener->context_ = &filter_chain_factory_context; if (need_init) { filter_chain_factory_context.initManager().add(notifier->target_); } return {[notifier](Network::FilterManager&) -> void {}}; })); return raw_listener; } const Network::FilterChain* findFilterChain(uint16_t destination_port, const std::string& destination_address, const std::string& server_name, const std::string& transport_protocol, const std::vector& application_protocols, const std::string& source_address, uint16_t source_port) { if (absl::StartsWith(destination_address, "/")) { local_address_ = std::make_shared(destination_address); } else { local_address_ = Network::Utility::parseInternetAddress(destination_address, destination_port); } ON_CALL(*socket_, localAddress()).WillByDefault(ReturnRef(local_address_)); ON_CALL(*socket_, requestedServerName()).WillByDefault(Return(absl::string_view(server_name))); ON_CALL(*socket_, detectedTransportProtocol()) .WillByDefault(Return(absl::string_view(transport_protocol))); ON_CALL(*socket_, requestedApplicationProtocols()) .WillByDefault(ReturnRef(application_protocols)); if (absl::StartsWith(source_address, "/")) { remote_address_ = std::make_shared(source_address); } else { remote_address_ = Network::Utility::parseInternetAddress(source_address, source_port); } ON_CALL(*socket_, remoteAddress()).WillByDefault(ReturnRef(remote_address_)); return manager_->listeners().back().get().filterChainManager().findFilterChain(*socket_); } /** * Validate that createListenSocket is called once with the expected options. */ void expectCreateListenSocket(const envoy::config::core::v3::SocketOption::SocketState& expected_state, Network::Socket::Options::size_type expected_num_options, ListenSocketCreationParams expected_creation_params = {true, true}) { EXPECT_CALL(listener_factory_, createListenSocket(_, _, _, expected_creation_params)) .WillOnce(Invoke([this, expected_num_options, &expected_state]( const Network::Address::InstanceConstSharedPtr&, Network::Socket::Type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams&) -> Network::SocketSharedPtr { EXPECT_NE(options.get(), nullptr); EXPECT_EQ(options->size(), expected_num_options); EXPECT_TRUE( Network::Socket::applyOptions(options, *listener_factory_.socket_, expected_state)); return listener_factory_.socket_; })); } /** * Validate that setSocketOption() is called the expected number of times with the expected * options. */ void expectSetsockopt(int expected_sockopt_level, int expected_sockopt_name, int expected_value, uint32_t expected_num_calls = 1) { EXPECT_CALL(*listener_factory_.socket_, setSocketOption(expected_sockopt_level, expected_sockopt_name, _, sizeof(int))) .Times(expected_num_calls) .WillRepeatedly(Invoke( [expected_value](int, int, const void* optval, socklen_t) -> Api::SysCallIntResult { EXPECT_EQ(expected_value, *static_cast(optval)); return {0, 0}; })); } void checkStats(int line_num, uint64_t added, uint64_t modified, uint64_t removed, uint64_t warming, uint64_t active, uint64_t draining, uint64_t draining_filter_chains) { SCOPED_TRACE(line_num); EXPECT_EQ(added, server_.stats_store_.counter("listener_manager.listener_added").value()); EXPECT_EQ(modified, server_.stats_store_.counter("listener_manager.listener_modified").value()); EXPECT_EQ(removed, server_.stats_store_.counter("listener_manager.listener_removed").value()); EXPECT_EQ(warming, server_.stats_store_ .gauge("listener_manager.total_listeners_warming", Stats::Gauge::ImportMode::NeverImport) .value()); EXPECT_EQ(active, server_.stats_store_ .gauge("listener_manager.total_listeners_active", Stats::Gauge::ImportMode::NeverImport) .value()); EXPECT_EQ(draining, server_.stats_store_ .gauge("listener_manager.total_listeners_draining", Stats::Gauge::ImportMode::NeverImport) .value()); EXPECT_EQ(draining_filter_chains, server_.stats_store_ .gauge("listener_manager.total_filter_chains_draining", Stats::Gauge::ImportMode::NeverImport) .value()); } void checkConfigDump(const std::string& expected_dump_yaml) { auto message_ptr = server_.admin_.config_tracker_.config_tracker_callbacks_["listeners"](); const auto& listeners_config_dump = dynamic_cast(*message_ptr); envoy::admin::v3::ListenersConfigDump expected_listeners_config_dump; TestUtility::loadFromYaml(expected_dump_yaml, expected_listeners_config_dump); EXPECT_EQ(expected_listeners_config_dump.DebugString(), listeners_config_dump.DebugString()); } ABSL_MUST_USE_RESULT auto disableInplaceUpdateForThisTest() { auto scoped_runtime = std::make_unique(); Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.listener_in_place_filterchain_update", "false"}}); return scoped_runtime; } NiceMock os_sys_calls_; TestThreadsafeSingletonInjector os_calls_{&os_sys_calls_}; Api::OsSysCallsImpl os_sys_calls_actual_; NiceMock server_; NiceMock listener_factory_; NiceMock validation_visitor; MockWorker* worker_ = new MockWorker(); NiceMock worker_factory_; std::unique_ptr manager_; NiceMock guard_dog_; Event::SimulatedTimeSystem time_system_; Api::ApiPtr api_; Network::Address::InstanceConstSharedPtr local_address_; Network::Address::InstanceConstSharedPtr remote_address_; std::unique_ptr socket_; uint64_t listener_tag_{1}; bool enable_dispatcher_stats_{false}; }; } // namespace Server } // namespace Envoy ================================================ FILE: test/server/options_impl_test.cc ================================================ #include #include #include #include #include #include #include "envoy/admin/v3/server_info.pb.h" #include "envoy/common/exception.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/filter/http/buffer/v2/buffer.pb.h" #include "envoy/config/typed_config.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/server/filter_config.h" #include "common/common/utility.h" #include "server/options_impl.h" #include "extensions/filters/http/buffer/buffer_filter.h" #include "extensions/filters/http/well_known_names.h" #if defined(__linux__) #include #include "server/options_impl_platform_linux.h" #endif #include "test/mocks/api/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/logging.h" #include "test/test_common/registry.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" #include "spdlog/spdlog.h" namespace Envoy { namespace { class OptionsImplTest : public testing::Test { public: // Do the ugly work of turning a std::string into a vector and create an OptionsImpl. Args are // separated by a single space: no fancy quoting or escaping. std::unique_ptr createOptionsImpl(const std::string& args) { std::vector words = TestUtility::split(args, ' '); return std::make_unique( std::move(words), [](bool) { return "1"; }, spdlog::level::warn); } std::unique_ptr createOptionsImpl(std::vector args) { return std::make_unique( std::move(args), [](bool) { return "1"; }, spdlog::level::warn); } }; TEST_F(OptionsImplTest, HotRestartVersion) { EXPECT_THROW_WITH_REGEX(createOptionsImpl("envoy --hot-restart-version"), NoServingException, "NoServingException"); } TEST_F(OptionsImplTest, InvalidMode) { EXPECT_THROW_WITH_REGEX(createOptionsImpl("envoy --mode bogus"), MalformedArgvException, "bogus"); } TEST_F(OptionsImplTest, InvalidCommandLine) { EXPECT_THROW_WITH_REGEX(createOptionsImpl("envoy --blah"), MalformedArgvException, "Couldn't find match for argument"); } TEST_F(OptionsImplTest, InvalidSocketMode) { EXPECT_THROW_WITH_REGEX( createOptionsImpl("envoy --socket-path /foo/envoy_domain_socket --socket-mode foo"), MalformedArgvException, "error: invalid socket-mode 'foo'"); } TEST_F(OptionsImplTest, V1Disallowed) { std::unique_ptr options = createOptionsImpl( "envoy --mode validate --concurrency 2 -c hello --admin-address-path path --restart-epoch 1 " "--local-address-ip-version v6 -l info --service-cluster cluster --service-node node " "--service-zone zone --file-flush-interval-msec 9000 --drain-time-s 60 --log-format [%v] " "--parent-shutdown-time-s 90 --log-path /foo/bar --disable-hot-restart"); EXPECT_EQ(Server::Mode::Validate, options->mode()); } TEST_F(OptionsImplTest, All) { std::unique_ptr options = createOptionsImpl( "envoy --mode validate --concurrency 2 -c hello --admin-address-path path --restart-epoch 0 " "--local-address-ip-version v6 -l info --component-log-level upstream:debug,connection:trace " "--service-cluster cluster --service-node node --service-zone zone " "--file-flush-interval-msec 9000 " "--drain-time-s 60 --log-format [%v] --enable-fine-grain-logging --parent-shutdown-time-s 90 " "--log-path " "/foo/bar " "--disable-hot-restart --cpuset-threads --allow-unknown-static-fields " "--reject-unknown-dynamic-fields --use-fake-symbol-table 0 --base-id 5 " "--use-dynamic-base-id --base-id-path /foo/baz " "--socket-path /foo/envoy_domain_socket --socket-mode 644"); EXPECT_EQ(Server::Mode::Validate, options->mode()); EXPECT_EQ(2U, options->concurrency()); EXPECT_EQ("hello", options->configPath()); EXPECT_EQ("path", options->adminAddressPath()); EXPECT_EQ(Network::Address::IpVersion::v6, options->localAddressIpVersion()); EXPECT_EQ(0U, options->restartEpoch()); EXPECT_EQ(spdlog::level::info, options->logLevel()); EXPECT_EQ(2, options->componentLogLevels().size()); EXPECT_EQ("[%v]", options->logFormat()); EXPECT_EQ("/foo/bar", options->logPath()); EXPECT_EQ(true, options->enableFineGrainLogging()); EXPECT_EQ("cluster", options->serviceClusterName()); EXPECT_EQ("node", options->serviceNodeName()); EXPECT_EQ("zone", options->serviceZone()); EXPECT_EQ(std::chrono::milliseconds(9000), options->fileFlushIntervalMsec()); EXPECT_EQ(std::chrono::seconds(60), options->drainTime()); EXPECT_EQ(std::chrono::seconds(90), options->parentShutdownTime()); EXPECT_TRUE(options->hotRestartDisabled()); EXPECT_TRUE(options->cpusetThreadsEnabled()); EXPECT_TRUE(options->allowUnknownStaticFields()); EXPECT_TRUE(options->rejectUnknownDynamicFields()); EXPECT_FALSE(options->fakeSymbolTableEnabled()); EXPECT_EQ(5U, options->baseId()); EXPECT_TRUE(options->useDynamicBaseId()); EXPECT_EQ("/foo/baz", options->baseIdPath()); EXPECT_EQ("/foo/envoy_domain_socket", options->socketPath()); EXPECT_EQ(0644, options->socketMode()); options = createOptionsImpl("envoy --mode init_only"); EXPECT_EQ(Server::Mode::InitOnly, options->mode()); } // TODO(#13399): remove this test once we remove the option. TEST_F(OptionsImplTest, FakeSymtabWarning) { EXPECT_LOG_CONTAINS("warning", "Fake symbol tables have been removed", createOptionsImpl("envoy --use-fake-symbol-table 1")); EXPECT_NO_LOGS(createOptionsImpl("envoy --use-fake-symbol-table 0")); } // Either variants of allow-unknown-[static-]-fields works. TEST_F(OptionsImplTest, AllowUnknownFields) { { std::unique_ptr options = createOptionsImpl("envoy"); EXPECT_FALSE(options->allowUnknownStaticFields()); } { std::unique_ptr options; EXPECT_LOG_CONTAINS( "warning", "--allow-unknown-fields is deprecated, use --allow-unknown-static-fields instead.", options = createOptionsImpl("envoy --allow-unknown-fields")); EXPECT_TRUE(options->allowUnknownStaticFields()); } { std::unique_ptr options = createOptionsImpl("envoy --allow-unknown-static-fields"); EXPECT_TRUE(options->allowUnknownStaticFields()); } } TEST_F(OptionsImplTest, SetAll) { std::unique_ptr options = createOptionsImpl("envoy -c hello"); bool hot_restart_disabled = options->hotRestartDisabled(); bool signal_handling_enabled = options->signalHandlingEnabled(); bool cpuset_threads_enabled = options->cpusetThreadsEnabled(); bool fake_symbol_table_enabled = options->fakeSymbolTableEnabled(); options->setBaseId(109876); options->setConcurrency(42); options->setConfigPath("foo"); envoy::config::bootstrap::v3::Bootstrap bootstrap_foo{}; bootstrap_foo.mutable_node()->set_id("foo"); options->setConfigProto(bootstrap_foo); options->setConfigYaml("bogus:"); options->setAdminAddressPath("path"); options->setLocalAddressIpVersion(Network::Address::IpVersion::v6); options->setDrainTime(std::chrono::seconds(42)); options->setDrainStrategy(Server::DrainStrategy::Immediate); options->setParentShutdownTime(std::chrono::seconds(43)); options->setLogLevel(spdlog::level::trace); options->setLogFormat("%L %n %v"); options->setLogPath("/foo/bar"); options->setRestartEpoch(44); options->setFileFlushIntervalMsec(std::chrono::milliseconds(45)); options->setMode(Server::Mode::Validate); options->setServiceClusterName("cluster_foo"); options->setServiceNodeName("node_foo"); options->setServiceZone("zone_foo"); options->setHotRestartDisabled(!options->hotRestartDisabled()); options->setSignalHandling(!options->signalHandlingEnabled()); options->setCpusetThreads(!options->cpusetThreadsEnabled()); options->setAllowUnkownFields(true); options->setRejectUnknownFieldsDynamic(true); options->setFakeSymbolTableEnabled(!options->fakeSymbolTableEnabled()); options->setSocketPath("/foo/envoy_domain_socket"); options->setSocketMode(0644); EXPECT_EQ(109876, options->baseId()); EXPECT_EQ(42U, options->concurrency()); EXPECT_EQ("foo", options->configPath()); envoy::config::bootstrap::v3::Bootstrap bootstrap_bar{}; bootstrap_bar.mutable_node()->set_id("foo"); EXPECT_TRUE(TestUtility::protoEqual(bootstrap_bar, options->configProto())); EXPECT_EQ("bogus:", options->configYaml()); EXPECT_EQ("path", options->adminAddressPath()); EXPECT_EQ(Network::Address::IpVersion::v6, options->localAddressIpVersion()); EXPECT_EQ(std::chrono::seconds(42), options->drainTime()); EXPECT_EQ(Server::DrainStrategy::Immediate, options->drainStrategy()); EXPECT_EQ(spdlog::level::trace, options->logLevel()); EXPECT_EQ("%L %n %v", options->logFormat()); EXPECT_EQ("/foo/bar", options->logPath()); EXPECT_EQ(std::chrono::seconds(43), options->parentShutdownTime()); EXPECT_EQ(44, options->restartEpoch()); EXPECT_EQ(std::chrono::milliseconds(45), options->fileFlushIntervalMsec()); EXPECT_EQ(Server::Mode::Validate, options->mode()); EXPECT_EQ("cluster_foo", options->serviceClusterName()); EXPECT_EQ("node_foo", options->serviceNodeName()); EXPECT_EQ("zone_foo", options->serviceZone()); EXPECT_EQ(!hot_restart_disabled, options->hotRestartDisabled()); EXPECT_EQ(!signal_handling_enabled, options->signalHandlingEnabled()); EXPECT_EQ(!cpuset_threads_enabled, options->cpusetThreadsEnabled()); EXPECT_TRUE(options->allowUnknownStaticFields()); EXPECT_TRUE(options->rejectUnknownDynamicFields()); EXPECT_EQ(!fake_symbol_table_enabled, options->fakeSymbolTableEnabled()); EXPECT_EQ("/foo/envoy_domain_socket", options->socketPath()); EXPECT_EQ(0644, options->socketMode()); // Validate that CommandLineOptions is constructed correctly. Server::CommandLineOptionsPtr command_line_options = options->toCommandLineOptions(); EXPECT_EQ(options->baseId(), command_line_options->base_id()); EXPECT_EQ(options->concurrency(), command_line_options->concurrency()); EXPECT_EQ(options->configPath(), command_line_options->config_path()); EXPECT_EQ(options->configYaml(), command_line_options->config_yaml()); EXPECT_EQ(options->adminAddressPath(), command_line_options->admin_address_path()); EXPECT_EQ(envoy::admin::v3::CommandLineOptions::v6, command_line_options->local_address_ip_version()); EXPECT_EQ(options->drainTime().count(), command_line_options->drain_time().seconds()); EXPECT_EQ(envoy::admin::v3::CommandLineOptions::Immediate, command_line_options->drain_strategy()); EXPECT_EQ(options->parentShutdownTime().count(), command_line_options->parent_shutdown_time().seconds()); EXPECT_EQ(spdlog::level::to_string_view(options->logLevel()), command_line_options->log_level()); EXPECT_EQ(options->logFormat(), command_line_options->log_format()); EXPECT_EQ(options->logPath(), command_line_options->log_path()); EXPECT_EQ(options->restartEpoch(), command_line_options->restart_epoch()); EXPECT_EQ(options->fileFlushIntervalMsec().count() / 1000, command_line_options->file_flush_interval().seconds()); EXPECT_EQ(envoy::admin::v3::CommandLineOptions::Validate, command_line_options->mode()); EXPECT_EQ(options->serviceClusterName(), command_line_options->service_cluster()); EXPECT_EQ(options->serviceNodeName(), command_line_options->service_node()); EXPECT_EQ(options->serviceZone(), command_line_options->service_zone()); EXPECT_EQ(options->hotRestartDisabled(), command_line_options->disable_hot_restart()); EXPECT_EQ(options->mutexTracingEnabled(), command_line_options->enable_mutex_tracing()); EXPECT_EQ(options->cpusetThreadsEnabled(), command_line_options->cpuset_threads()); EXPECT_EQ(options->socketPath(), command_line_options->socket_path()); EXPECT_EQ(options->socketMode(), command_line_options->socket_mode()); } TEST_F(OptionsImplTest, DefaultParams) { std::unique_ptr options = createOptionsImpl("envoy -c hello"); EXPECT_EQ(std::chrono::seconds(600), options->drainTime()); EXPECT_EQ(Server::DrainStrategy::Gradual, options->drainStrategy()); EXPECT_EQ(std::chrono::seconds(900), options->parentShutdownTime()); EXPECT_EQ("", options->adminAddressPath()); EXPECT_EQ(Network::Address::IpVersion::v4, options->localAddressIpVersion()); EXPECT_EQ(Server::Mode::Serve, options->mode()); EXPECT_EQ(spdlog::level::warn, options->logLevel()); EXPECT_EQ("@envoy_domain_socket", options->socketPath()); EXPECT_EQ(0, options->socketMode()); EXPECT_FALSE(options->hotRestartDisabled()); EXPECT_FALSE(options->cpusetThreadsEnabled()); // Validate that CommandLineOptions is constructed correctly with default params. Server::CommandLineOptionsPtr command_line_options = options->toCommandLineOptions(); EXPECT_EQ(600, command_line_options->drain_time().seconds()); EXPECT_EQ(900, command_line_options->parent_shutdown_time().seconds()); EXPECT_EQ("", command_line_options->admin_address_path()); EXPECT_EQ(envoy::admin::v3::CommandLineOptions::v4, command_line_options->local_address_ip_version()); EXPECT_EQ(envoy::admin::v3::CommandLineOptions::Serve, command_line_options->mode()); EXPECT_EQ("@envoy_domain_socket", command_line_options->socket_path()); EXPECT_EQ(0, command_line_options->socket_mode()); EXPECT_FALSE(command_line_options->disable_hot_restart()); EXPECT_FALSE(command_line_options->cpuset_threads()); EXPECT_FALSE(command_line_options->allow_unknown_static_fields()); EXPECT_FALSE(command_line_options->reject_unknown_dynamic_fields()); } // Validates that the server_info proto is in sync with the options. TEST_F(OptionsImplTest, OptionsAreInSyncWithProto) { std::unique_ptr options = createOptionsImpl("envoy -c hello"); Server::CommandLineOptionsPtr command_line_options = options->toCommandLineOptions(); // Failure of this condition indicates that the server_info proto is not in sync with the options. // If an option is added/removed, please update server_info proto as well to keep it in sync. // Currently the following 7 options are not defined in proto, hence the count differs by 7. // 1. version - default TCLAP argument. // 2. help - default TCLAP argument. // 3. ignore_rest - default TCLAP argument. // 4. allow-unknown-fields - deprecated alias of allow-unknown-static-fields. // 5. use-fake-symbol-table - short-term override for rollout of real symbol-table implementation. // 6. hot restart version - print the hot restart version and exit. // 7. log-format-prefix-with-location - short-term override for rollout of dynamic log format. const uint32_t options_not_in_proto = 7; // There are two deprecated options: "max_stats" and "max_obj_name_len". const uint32_t deprecated_options = 2; EXPECT_EQ(options->count() - options_not_in_proto, command_line_options->GetDescriptor()->field_count() - deprecated_options); } TEST_F(OptionsImplTest, OptionsFromArgv) { const std::array args{"envoy", "-c", "hello"}; std::unique_ptr options = std::make_unique( static_cast(args.size()), args.data(), [](bool) { return "1"; }, spdlog::level::warn); // Spot check that the arguments were parsed. EXPECT_EQ("hello", options->configPath()); } TEST_F(OptionsImplTest, OptionsFromArgvPrefix) { const std::array args{"envoy", "-c", "hello", "--admin-address-path", "goodbye"}; std::unique_ptr options = std::make_unique( static_cast(args.size()) - 2, // Pass in only a prefix of the args args.data(), [](bool) { return "1"; }, spdlog::level::warn); EXPECT_EQ("hello", options->configPath()); // This should still have the default value since the extra arguments are // ignored. EXPECT_EQ("", options->adminAddressPath()); } TEST_F(OptionsImplTest, BadCliOption) { EXPECT_THROW_WITH_REGEX(createOptionsImpl("envoy -c hello --local-address-ip-version foo"), MalformedArgvException, "error: unknown IP address version 'foo'"); } TEST_F(OptionsImplTest, ParseComponentLogLevels) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); options->parseComponentLogLevels("upstream:debug,connection:trace"); const std::vector>& component_log_levels = options->componentLogLevels(); EXPECT_EQ(2, component_log_levels.size()); EXPECT_EQ("upstream", component_log_levels[0].first); EXPECT_EQ(spdlog::level::level_enum::debug, component_log_levels[0].second); EXPECT_EQ("connection", component_log_levels[1].first); EXPECT_EQ(spdlog::level::level_enum::trace, component_log_levels[1].second); } TEST_F(OptionsImplTest, ParseComponentLogLevelsWithBlank) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); options->parseComponentLogLevels(""); EXPECT_EQ(0, options->componentLogLevels().size()); } TEST_F(OptionsImplTest, InvalidComponent) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); EXPECT_THROW_WITH_REGEX(options->parseComponentLogLevels("blah:debug"), MalformedArgvException, "error: invalid component specified 'blah'"); } TEST_F(OptionsImplTest, InvalidComponentLogLevel) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); EXPECT_THROW_WITH_REGEX(options->parseComponentLogLevels("upstream:blah,connection:trace"), MalformedArgvException, "error: invalid log level specified 'blah'"); } TEST_F(OptionsImplTest, ComponentLogLevelContainsBlank) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); EXPECT_THROW_WITH_REGEX(options->parseComponentLogLevels("upstream:,connection:trace"), MalformedArgvException, "error: invalid log level specified ''"); } TEST_F(OptionsImplTest, InvalidComponentLogLevelStructure) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); EXPECT_THROW_WITH_REGEX(options->parseComponentLogLevels("upstream:foo:bar"), MalformedArgvException, "error: component log level not correctly specified 'upstream:foo:bar'"); } TEST_F(OptionsImplTest, IncompleteComponentLogLevel) { std::unique_ptr options = createOptionsImpl("envoy --mode init_only"); EXPECT_THROW_WITH_REGEX(options->parseComponentLogLevels("upstream"), MalformedArgvException, "component log level not correctly specified 'upstream'"); } TEST_F(OptionsImplTest, InvalidLogLevel) { EXPECT_THROW_WITH_REGEX(createOptionsImpl("envoy -l blah"), MalformedArgvException, "error: invalid log level specified 'blah'"); } TEST_F(OptionsImplTest, ValidLogLevel) { std::unique_ptr options = createOptionsImpl("envoy -l critical"); EXPECT_EQ(spdlog::level::level_enum::critical, options->logLevel()); } TEST_F(OptionsImplTest, WarnIsValidLogLevel) { std::unique_ptr options = createOptionsImpl("envoy -l warn"); EXPECT_EQ(spdlog::level::level_enum::warn, options->logLevel()); } TEST_F(OptionsImplTest, AllowedLogLevels) { EXPECT_EQ("[trace][debug][info][warning|warn][error][critical][off]", OptionsImpl::allowedLogLevels()); } // Test that the test constructor comes up with the same default values as the main constructor. TEST_F(OptionsImplTest, SaneTestConstructor) { std::unique_ptr regular_options_impl(createOptionsImpl("envoy")); OptionsImpl test_options_impl("service_cluster", "service_node", "service_zone", spdlog::level::level_enum::info); // Specified by constructor EXPECT_EQ("service_cluster", test_options_impl.serviceClusterName()); EXPECT_EQ("service_node", test_options_impl.serviceNodeName()); EXPECT_EQ("service_zone", test_options_impl.serviceZone()); EXPECT_EQ(spdlog::level::level_enum::info, test_options_impl.logLevel()); // Special (simplified) for tests EXPECT_EQ(1u, test_options_impl.concurrency()); EXPECT_EQ(regular_options_impl->baseId(), test_options_impl.baseId()); EXPECT_EQ(regular_options_impl->configPath(), test_options_impl.configPath()); EXPECT_TRUE(TestUtility::protoEqual(regular_options_impl->configProto(), test_options_impl.configProto())); EXPECT_EQ(regular_options_impl->configYaml(), test_options_impl.configYaml()); EXPECT_EQ(regular_options_impl->adminAddressPath(), test_options_impl.adminAddressPath()); EXPECT_EQ(regular_options_impl->localAddressIpVersion(), test_options_impl.localAddressIpVersion()); EXPECT_EQ(regular_options_impl->drainTime(), test_options_impl.drainTime()); EXPECT_EQ(spdlog::level::level_enum::info, test_options_impl.logLevel()); EXPECT_EQ(regular_options_impl->componentLogLevels(), test_options_impl.componentLogLevels()); EXPECT_EQ(regular_options_impl->logPath(), test_options_impl.logPath()); EXPECT_EQ(regular_options_impl->parentShutdownTime(), test_options_impl.parentShutdownTime()); EXPECT_EQ(regular_options_impl->restartEpoch(), test_options_impl.restartEpoch()); EXPECT_EQ(regular_options_impl->mode(), test_options_impl.mode()); EXPECT_EQ(regular_options_impl->fileFlushIntervalMsec(), test_options_impl.fileFlushIntervalMsec()); EXPECT_EQ(regular_options_impl->hotRestartDisabled(), test_options_impl.hotRestartDisabled()); EXPECT_EQ(regular_options_impl->cpusetThreadsEnabled(), test_options_impl.cpusetThreadsEnabled()); } TEST_F(OptionsImplTest, SetBothConcurrencyAndCpuset) { EXPECT_LOG_CONTAINS( "warning", "Both --concurrency and --cpuset-threads options are set; not applying --cpuset-threads.", std::unique_ptr options = createOptionsImpl("envoy -c hello --concurrency 42 --cpuset-threads")); } TEST_F(OptionsImplTest, SetCpusetOnly) { std::unique_ptr options = createOptionsImpl("envoy -c hello --cpuset-threads"); EXPECT_NE(options->concurrency(), 0); } TEST_F(OptionsImplTest, LogFormatDefault) { std::unique_ptr options = createOptionsImpl({"envoy", "-c", "hello"}); EXPECT_EQ(options->logFormat(), "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"); } TEST_F(OptionsImplTest, LogFormatDefaultNoPrefix) { std::unique_ptr options = createOptionsImpl({"envoy", "-c", "hello", "--log-format-prefix-with-location", "0"}); EXPECT_EQ(options->logFormat(), "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"); } TEST_F(OptionsImplTest, LogFormatOverride) { std::unique_ptr options = createOptionsImpl({"envoy", "-c", "hello", "--log-format", "%%v %v %t %v", "--log-format-prefix-with-location 1"}); EXPECT_EQ(options->logFormat(), "%%v [%g:%#] %v %t [%g:%#] %v"); } TEST_F(OptionsImplTest, LogFormatOverrideNoPrefix) { std::unique_ptr options = createOptionsImpl({"envoy", "-c", "hello", "--log-format", "%%v %v %t %v"}); EXPECT_EQ(options->logFormat(), "%%v %v %t %v"); } // Test that --base-id and --restart-epoch with non-default values are accepted. TEST_F(OptionsImplTest, SetBaseIdAndRestartEpoch) { std::unique_ptr options = createOptionsImpl({"envoy", "-c", "hello", "--base-id", "99", "--restart-epoch", "999"}); EXPECT_EQ(99U, options->baseId()); EXPECT_EQ(999U, options->restartEpoch()); } // Test that --use-dynamic-base-id and --restart-epoch with a non-default value is not accepted. TEST_F(OptionsImplTest, SetUseDynamicBaseIdAndRestartEpoch) { EXPECT_THROW_WITH_REGEX( createOptionsImpl({"envoy", "-c", "hello", "--use-dynamic-base-id", "--restart-epoch", "1"}), MalformedArgvException, "error: cannot use --restart-epoch=1 with --use-dynamic-base-id"); } #if defined(__linux__) using testing::DoAll; using testing::Return; using testing::SetArgPointee; class OptionsImplPlatformLinuxTest : public testing::Test { public: }; TEST_F(OptionsImplPlatformLinuxTest, AffinityTest1) { // Success case: cpuset size and hardware thread count are the same. unsigned int fake_hw_threads = 4; cpu_set_t test_set; Api::MockLinuxOsSysCalls linux_os_sys_calls; TestThreadsafeSingletonInjector linux_os_calls(&linux_os_sys_calls); // Set cpuset size to be four. CPU_ZERO(&test_set); for (int i = 0; i < 4; i++) { CPU_SET(i, &test_set); } EXPECT_CALL(linux_os_sys_calls, sched_getaffinity(_, _, _)) .WillOnce(DoAll(SetArgPointee<2>(test_set), Return(Api::SysCallIntResult{0, 0}))); EXPECT_EQ(OptionsImplPlatformLinux::getCpuAffinityCount(fake_hw_threads), 4); } TEST_F(OptionsImplPlatformLinuxTest, AffinityTest2) { // Success case: cpuset size is half of the hardware thread count. unsigned int fake_hw_threads = 16; cpu_set_t test_set; Api::MockLinuxOsSysCalls linux_os_sys_calls; TestThreadsafeSingletonInjector linux_os_calls(&linux_os_sys_calls); // Set cpuset size to be eight. CPU_ZERO(&test_set); for (int i = 0; i < 8; i++) { CPU_SET(i, &test_set); } EXPECT_CALL(linux_os_sys_calls, sched_getaffinity(_, _, _)) .WillOnce(DoAll(SetArgPointee<2>(test_set), Return(Api::SysCallIntResult{0, 0}))); EXPECT_EQ(OptionsImplPlatformLinux::getCpuAffinityCount(fake_hw_threads), 8); } TEST_F(OptionsImplPlatformLinuxTest, AffinityTest3) { // Failure case: cpuset size is bigger than the hardware thread count. unsigned int fake_hw_threads = 4; cpu_set_t test_set; Api::MockLinuxOsSysCalls linux_os_sys_calls; TestThreadsafeSingletonInjector linux_os_calls(&linux_os_sys_calls); // Set cpuset size to be eight. CPU_ZERO(&test_set); for (int i = 0; i < 8; i++) { CPU_SET(i, &test_set); } EXPECT_CALL(linux_os_sys_calls, sched_getaffinity(_, _, _)) .WillOnce(DoAll(SetArgPointee<2>(test_set), Return(Api::SysCallIntResult{0, 0}))); EXPECT_EQ(OptionsImplPlatformLinux::getCpuAffinityCount(fake_hw_threads), fake_hw_threads); } TEST_F(OptionsImplPlatformLinuxTest, AffinityTest4) { // When sched_getaffinity() fails, expect to get the hardware thread count. unsigned int fake_hw_threads = 8; cpu_set_t test_set; Api::MockLinuxOsSysCalls linux_os_sys_calls; TestThreadsafeSingletonInjector linux_os_calls(&linux_os_sys_calls); // Set cpuset size to be four. CPU_ZERO(&test_set); for (int i = 0; i < 4; i++) { CPU_SET(i, &test_set); } EXPECT_CALL(linux_os_sys_calls, sched_getaffinity(_, _, _)) .WillOnce(DoAll(SetArgPointee<2>(test_set), Return(Api::SysCallIntResult{-1, 0}))); EXPECT_EQ(OptionsImplPlatformLinux::getCpuAffinityCount(fake_hw_threads), fake_hw_threads); } #endif class TestFactory : public Config::TypedFactory { public: ~TestFactory() override = default; std::string category() const override { return "test"; } std::string configType() override { return "google.protobuf.StringValue"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } }; class TestTestFactory : public TestFactory { public: std::string name() const override { return "test"; } }; class TestingFactory : public Config::TypedFactory { public: ~TestingFactory() override = default; std::string category() const override { return "testing"; } std::string configType() override { return "google.protobuf.StringValue"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); } }; class TestTestingFactory : public TestingFactory { public: std::string name() const override { return "test"; } }; TEST(DisableExtensions, DEPRECATED_FEATURE_TEST(IsDisabled)) { TestTestFactory testTestFactory; Registry::InjectFactoryCategory testTestCategory(testTestFactory); Registry::InjectFactory testTestRegistration(testTestFactory, {"test-1", "test-2"}); TestTestingFactory testTestingFactory; Registry::InjectFactoryCategory testTestingCategory(testTestingFactory); Registry::InjectFactory testTestingRegistration(testTestingFactory, {"test-1", "test-2"}); EXPECT_LOG_CONTAINS("warning", "failed to disable invalid extension name 'not.a.factory'", OptionsImpl::disableExtensions({"not.a.factory"})); EXPECT_LOG_CONTAINS("warning", "failed to disable unknown extension 'no/such.factory'", OptionsImpl::disableExtensions({"no/such.factory"})); EXPECT_NE(Registry::FactoryRegistry::getFactory("test"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactory("test-1"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactory("test-2"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactoryByType("google.protobuf.StringValue"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactory("test"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactory("test-1"), nullptr); EXPECT_NE(Registry::FactoryRegistry::getFactory("test-2"), nullptr); OptionsImpl::disableExtensions({"test/test", "testing/test-2"}); // Simulate the initial construction of the type mappings. testTestRegistration.resetTypeMappings(); testTestingRegistration.resetTypeMappings(); // When we disable an extension, all its aliases should also be disabled. EXPECT_EQ(Registry::FactoryRegistry::getFactory("test"), nullptr); EXPECT_EQ(Registry::FactoryRegistry::getFactory("test-1"), nullptr); EXPECT_EQ(Registry::FactoryRegistry::getFactory("test-2"), nullptr); // When we disable an extension, all its aliases should also be disabled. EXPECT_EQ(Registry::FactoryRegistry::getFactory("test"), nullptr); EXPECT_EQ(Registry::FactoryRegistry::getFactory("test-1"), nullptr); EXPECT_EQ(Registry::FactoryRegistry::getFactory("test-2"), nullptr); // Typing map for TestingFactory should be constructed here after disabling EXPECT_EQ( Registry::FactoryRegistry::getFactoryByType("google.protobuf.StringValue"), nullptr); } TEST(FactoryByTypeTest, EarlierVersionConfigType) { envoy::config::filter::http::buffer::v2::Buffer v2_config; auto factory = Registry::FactoryRegistry:: getFactoryByType(v2_config.GetDescriptor()->full_name()); EXPECT_NE(factory, nullptr); EXPECT_EQ(factory->name(), Extensions::HttpFilters::HttpFilterNames::get().Buffer); envoy::extensions::filters::http::buffer::v3::Buffer v3_config; factory = Registry::FactoryRegistry:: getFactoryByType(v3_config.GetDescriptor()->full_name()); EXPECT_NE(factory, nullptr); EXPECT_EQ(factory->name(), Extensions::HttpFilters::HttpFilterNames::get().Buffer); ProtobufWkt::Any non_api_type; factory = Registry::FactoryRegistry:: getFactoryByType(non_api_type.GetDescriptor()->full_name()); EXPECT_EQ(factory, nullptr); } } // namespace } // namespace Envoy ================================================ FILE: test/server/overload_manager_impl_test.cc ================================================ #include "envoy/config/overload/v3/overload.pb.h" #include "envoy/server/overload_manager.h" #include "envoy/server/resource_monitor.h" #include "envoy/server/resource_monitor_config.h" #include "common/stats/isolated_store_impl.h" #include "server/overload_manager_impl.h" #include "extensions/resource_monitors/common/factory_base.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/thread_local/mocks.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::AllOf; using testing::Invoke; using testing::NiceMock; using testing::Property; namespace Envoy { namespace Server { namespace { class FakeResourceMonitor : public ResourceMonitor { public: FakeResourceMonitor(Event::Dispatcher& dispatcher) : dispatcher_(dispatcher), response_(0.0) {} void setPressure(double pressure) { response_ = pressure; } void setError() { response_ = EnvoyException("fake_error"); } void setUpdateAsync(bool new_update_async) { callbacks_.reset(); update_async_ = new_update_async; } void updateResourceUsage(ResourceMonitor::Callbacks& callbacks) override { if (update_async_) { callbacks_.emplace(callbacks); } else { publishUpdate(callbacks); } } void publishUpdate() { if (update_async_) { ASSERT(callbacks_.has_value()); publishUpdate(*callbacks_); callbacks_.reset(); } } private: void publishUpdate(ResourceMonitor::Callbacks& callbacks) { if (absl::holds_alternative(response_)) { Server::ResourceUsage usage; usage.resource_pressure_ = absl::get(response_); dispatcher_.post([&, usage]() { callbacks.onSuccess(usage); }); } else { EnvoyException& error = absl::get(response_); dispatcher_.post([&, error]() { callbacks.onFailure(error); }); } } Event::Dispatcher& dispatcher_; absl::variant response_; bool update_async_ = false; absl::optional> callbacks_; }; template class FakeResourceMonitorFactory : public Server::Configuration::ResourceMonitorFactory { public: FakeResourceMonitorFactory(const std::string& name) : monitor_(nullptr), name_(name) {} Server::ResourceMonitorPtr createResourceMonitor(const Protobuf::Message&, Server::Configuration::ResourceMonitorFactoryContext& context) override { auto monitor = std::make_unique(context.dispatcher()); monitor_ = monitor.get(); return monitor; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new ConfigType()}; } std::string name() const override { return name_; } FakeResourceMonitor* monitor_; // not owned const std::string name_; }; class OverloadManagerImplTest : public testing::Test { protected: OverloadManagerImplTest() : factory1_("envoy.resource_monitors.fake_resource1"), factory2_("envoy.resource_monitors.fake_resource2"), factory3_("envoy.resource_monitors.fake_resource3"), factory4_("envoy.resource_monitors.fake_resource4"), register_factory1_(factory1_), register_factory2_(factory2_), register_factory3_(factory3_), register_factory4_(factory4_), api_(Api::createApiForTest(stats_)) {} void setDispatcherExpectation() { timer_ = new NiceMock(); EXPECT_CALL(dispatcher_, createTimer_(_)).WillOnce(Invoke([&](Event::TimerCb cb) { timer_cb_ = cb; return timer_; })); } envoy::config::overload::v3::OverloadManager parseConfig(const std::string& config) { envoy::config::overload::v3::OverloadManager proto; bool success = Protobuf::TextFormat::ParseFromString(config, &proto); ASSERT(success); return proto; } std::string getConfig() { return R"EOF( refresh_interval { seconds: 1 } resource_monitors { name: "envoy.resource_monitors.fake_resource1" } resource_monitors { name: "envoy.resource_monitors.fake_resource2" } resource_monitors { name: "envoy.resource_monitors.fake_resource3" } resource_monitors { name: "envoy.resource_monitors.fake_resource4" } actions { name: "envoy.overload_actions.dummy_action" triggers { name: "envoy.resource_monitors.fake_resource1" threshold { value: 0.9 } } triggers { name: "envoy.resource_monitors.fake_resource2" threshold { value: 0.8 } } triggers { name: "envoy.resource_monitors.fake_resource3" scaled { scaling_threshold: 0.5 saturation_threshold: 0.8 } } triggers { name: "envoy.resource_monitors.fake_resource4" scaled { scaling_threshold: 0.5 saturation_threshold: 0.8 } } } )EOF"; } std::unique_ptr createOverloadManager(const std::string& config) { return std::make_unique(dispatcher_, stats_, thread_local_, parseConfig(config), validation_visitor_, *api_); } FakeResourceMonitorFactory factory1_; FakeResourceMonitorFactory factory2_; FakeResourceMonitorFactory factory3_; FakeResourceMonitorFactory factory4_; Registry::InjectFactory register_factory1_; Registry::InjectFactory register_factory2_; Registry::InjectFactory register_factory3_; Registry::InjectFactory register_factory4_; NiceMock dispatcher_; NiceMock* timer_; // not owned Stats::TestUtil::TestStore stats_; NiceMock thread_local_; Event::TimerCb timer_cb_; NiceMock validation_visitor_; Api::ApiPtr api_; }; TEST_F(OverloadManagerImplTest, CallbackOnlyFiresWhenStateChanges) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); bool is_active = false; int cb_count = 0; manager->registerForAction("envoy.overload_actions.dummy_action", dispatcher_, [&](OverloadActionState state) { is_active = state.isSaturated(); cb_count++; }); manager->registerForAction("envoy.overload_actions.unknown_action", dispatcher_, [&](OverloadActionState) { EXPECT_TRUE(false); }); manager->start(); Stats::Gauge& active_gauge = stats_.gauge("overload.envoy.overload_actions.dummy_action.active", Stats::Gauge::ImportMode::Accumulate); Stats::Gauge& scale_percent_gauge = stats_.gauge("overload.envoy.overload_actions.dummy_action.scale_percent", Stats::Gauge::ImportMode::Accumulate); Stats::Gauge& pressure_gauge1 = stats_.gauge("overload.envoy.resource_monitors.fake_resource1.pressure", Stats::Gauge::ImportMode::NeverImport); Stats::Gauge& pressure_gauge2 = stats_.gauge("overload.envoy.resource_monitors.fake_resource2.pressure", Stats::Gauge::ImportMode::NeverImport); const OverloadActionState& action_state = manager->getThreadLocalOverloadState().getState("envoy.overload_actions.dummy_action"); // Update does not exceed fake_resource1 trigger threshold, no callback expected factory1_.monitor_->setPressure(0.5); timer_cb_(); EXPECT_FALSE(is_active); EXPECT_THAT(action_state, AllOf(Property(&OverloadActionState::isSaturated, false), Property(&OverloadActionState::value, 0))); EXPECT_EQ(0, cb_count); EXPECT_EQ(0, active_gauge.value()); EXPECT_EQ(0, scale_percent_gauge.value()); EXPECT_EQ(50, pressure_gauge1.value()); // Update exceeds fake_resource1 trigger threshold, callback is expected factory1_.monitor_->setPressure(0.95); timer_cb_(); EXPECT_TRUE(is_active); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, cb_count); EXPECT_EQ(1, active_gauge.value()); EXPECT_EQ(100, scale_percent_gauge.value()); EXPECT_EQ(95, pressure_gauge1.value()); // Callback should not be invoked if action state does not change factory1_.monitor_->setPressure(0.94); timer_cb_(); EXPECT_TRUE(is_active); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, cb_count); EXPECT_EQ(94, pressure_gauge1.value()); // The action is already active for fake_resource1 so no callback expected factory2_.monitor_->setPressure(0.9); timer_cb_(); EXPECT_TRUE(is_active); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, cb_count); EXPECT_EQ(90, pressure_gauge2.value()); // The action remains active for fake_resource2 so no callback expected factory1_.monitor_->setPressure(0.5); timer_cb_(); EXPECT_TRUE(is_active); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, cb_count); EXPECT_EQ(50, pressure_gauge1.value()); EXPECT_EQ(90, pressure_gauge2.value()); // Both become inactive so callback is expected factory2_.monitor_->setPressure(0.3); timer_cb_(); EXPECT_FALSE(is_active); EXPECT_THAT(action_state, AllOf(Property(&OverloadActionState::isSaturated, false), Property(&OverloadActionState::value, 0))); EXPECT_EQ(2, cb_count); EXPECT_EQ(30, pressure_gauge2.value()); // Different triggers, both become active, only one callback expected factory1_.monitor_->setPressure(0.97); factory2_.monitor_->setPressure(0.96); timer_cb_(); EXPECT_TRUE(is_active); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(3, cb_count); EXPECT_EQ(97, pressure_gauge1.value()); EXPECT_EQ(96, pressure_gauge2.value()); // Different triggers, both become inactive, only one callback expected factory1_.monitor_->setPressure(0.41); factory2_.monitor_->setPressure(0.42); timer_cb_(); EXPECT_FALSE(is_active); EXPECT_THAT(action_state, AllOf(Property(&OverloadActionState::isSaturated, false), Property(&OverloadActionState::value, 0))); EXPECT_EQ(4, cb_count); EXPECT_EQ(41, pressure_gauge1.value()); EXPECT_EQ(42, pressure_gauge2.value()); manager->stop(); } TEST_F(OverloadManagerImplTest, ScaledTrigger) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); const auto& action_state = manager->getThreadLocalOverloadState().getState("envoy.overload_actions.dummy_action"); Stats::Gauge& active_gauge = stats_.gauge("overload.envoy.overload_actions.dummy_action.active", Stats::Gauge::ImportMode::Accumulate); Stats::Gauge& scale_percent_gauge = stats_.gauge("overload.envoy.overload_actions.dummy_action.scale_percent", Stats::Gauge::ImportMode::Accumulate); factory3_.monitor_->setPressure(0.5); timer_cb_(); EXPECT_THAT(action_state, AllOf(Property(&OverloadActionState::isSaturated, false), Property(&OverloadActionState::value, 0))); EXPECT_EQ(0, active_gauge.value()); EXPECT_EQ(0, scale_percent_gauge.value()); // The trigger for fake_resource3 is a scaled trigger with a min of 0.5 and a max of 0.8. Set the // current pressure value to halfway in that range. factory3_.monitor_->setPressure(0.65); timer_cb_(); EXPECT_EQ(action_state.value(), 0.5 /* = 0.65 / (0.8 - 0.5) */); EXPECT_EQ(0, active_gauge.value()); EXPECT_EQ(50, scale_percent_gauge.value()); factory3_.monitor_->setPressure(0.8); timer_cb_(); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, active_gauge.value()); EXPECT_EQ(100, scale_percent_gauge.value()); factory3_.monitor_->setPressure(0.9); timer_cb_(); EXPECT_TRUE(action_state.isSaturated()); EXPECT_EQ(1, active_gauge.value()); EXPECT_EQ(100, scale_percent_gauge.value()); } TEST_F(OverloadManagerImplTest, FailedUpdates) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); Stats::Counter& failed_updates = stats_.counter("overload.envoy.resource_monitors.fake_resource1.failed_updates"); factory1_.monitor_->setError(); timer_cb_(); EXPECT_EQ(1, failed_updates.value()); timer_cb_(); EXPECT_EQ(2, failed_updates.value()); manager->stop(); } TEST_F(OverloadManagerImplTest, AggregatesMultipleResourceUpdates) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); const OverloadActionState& action_state = manager->getThreadLocalOverloadState().getState("envoy.overload_actions.dummy_action"); factory1_.monitor_->setUpdateAsync(true); // Monitor 2 will respond immediately at the timer callback, but that won't push an update to the // thread-local state because monitor 1 hasn't finished its update yet. factory2_.monitor_->setPressure(1.0); timer_cb_(); EXPECT_FALSE(action_state.isSaturated()); // Once the last monitor publishes, the change to the action takes effect. factory1_.monitor_->publishUpdate(); EXPECT_TRUE(action_state.isSaturated()); } TEST_F(OverloadManagerImplTest, DelayedUpdatesAreCoalesced) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); const OverloadActionState& action_state = manager->getThreadLocalOverloadState().getState("envoy.overload_actions.dummy_action"); factory3_.monitor_->setUpdateAsync(true); factory4_.monitor_->setUpdateAsync(true); timer_cb_(); // When monitor 3 publishes its update, the action won't be visible to the thread-local state factory3_.monitor_->setPressure(0.6); factory3_.monitor_->publishUpdate(); EXPECT_EQ(action_state.value(), 0.0); // Now when monitor 4 publishes a larger value, the update from monitor 3 is skipped. EXPECT_FALSE(action_state.isSaturated()); factory4_.monitor_->setPressure(0.65); factory4_.monitor_->publishUpdate(); EXPECT_EQ(action_state.value(), 0.5 /* = (0.65 - 0.5) / (0.8 - 0.5) */); } TEST_F(OverloadManagerImplTest, FlushesUpdatesEvenWithOneUnresponsive) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); const OverloadActionState& action_state = manager->getThreadLocalOverloadState().getState("envoy.overload_actions.dummy_action"); // Set monitor 1 to async, but never publish updates for it. factory1_.monitor_->setUpdateAsync(true); // Monitor 2 will respond immediately at the timer callback, but that won't push an update to the // thread-local state because monitor 1 hasn't finished its update yet. factory2_.monitor_->setPressure(1.0); timer_cb_(); EXPECT_FALSE(action_state.isSaturated()); // A second timer callback will flush the update from monitor 2, even though monitor 1 is // unresponsive. timer_cb_(); EXPECT_TRUE(action_state.isSaturated()); } TEST_F(OverloadManagerImplTest, SkippedUpdates) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); Stats::Counter& skipped_updates = stats_.counter("overload.envoy.resource_monitors.fake_resource1.skipped_updates"); Stats::Gauge& pressure_gauge1 = stats_.gauge("overload.envoy.resource_monitors.fake_resource1.pressure", Stats::Gauge::ImportMode::NeverImport); factory1_.monitor_->setUpdateAsync(true); EXPECT_EQ(0, pressure_gauge1.value()); factory1_.monitor_->setPressure(0.3); timer_cb_(); EXPECT_EQ(0, skipped_updates.value()); timer_cb_(); EXPECT_EQ(1, skipped_updates.value()); timer_cb_(); EXPECT_EQ(2, skipped_updates.value()); factory1_.monitor_->publishUpdate(); EXPECT_EQ(30, pressure_gauge1.value()); timer_cb_(); EXPECT_EQ(2, skipped_updates.value()); manager->stop(); } TEST_F(OverloadManagerImplTest, DuplicateResourceMonitor) { const std::string config = R"EOF( resource_monitors { name: "envoy.resource_monitors.fake_resource1" } resource_monitors { name: "envoy.resource_monitors.fake_resource1" } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "Duplicate resource monitor .*"); } TEST_F(OverloadManagerImplTest, DuplicateOverloadAction) { const std::string config = R"EOF( actions { name: "envoy.overload_actions.dummy_action" } actions { name: "envoy.overload_actions.dummy_action" } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "Duplicate overload action .*"); } // A scaled trigger action's thresholds must conform to scaling < saturation. TEST_F(OverloadManagerImplTest, ScaledTriggerSaturationLessThanScalingThreshold) { const std::string config = R"EOF( resource_monitors { name: "envoy.resource_monitors.fake_resource1" } actions { name: "envoy.overload_actions.dummy_action" triggers { name: "envoy.resource_monitors.fake_resource1" scaled { scaling_threshold: 0.9 saturation_threshold: 0.8 } } } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "scaling_threshold must be less than saturation_threshold.*"); } // A scaled trigger action can't have threshold values that are equal. TEST_F(OverloadManagerImplTest, ScaledTriggerThresholdsEqual) { const std::string config = R"EOF( resource_monitors { name: "envoy.resource_monitors.fake_resource1" } actions { name: "envoy.overload_actions.dummy_action" triggers { name: "envoy.resource_monitors.fake_resource1" scaled { scaling_threshold: 0.9 saturation_threshold: 0.9 } } } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "scaling_threshold must be less than saturation_threshold.*"); } TEST_F(OverloadManagerImplTest, UnknownTrigger) { const std::string config = R"EOF( actions { name: "envoy.overload_actions.dummy_action" triggers { name: "envoy.resource_monitors.fake_resource1" threshold { value: 0.9 } } } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "Unknown trigger resource .*"); } TEST_F(OverloadManagerImplTest, DuplicateTrigger) { const std::string config = R"EOF( resource_monitors { name: "envoy.resource_monitors.fake_resource1" } actions { name: "envoy.overload_actions.dummy_action" triggers { name: "envoy.resource_monitors.fake_resource1" threshold { value: 0.9 } } triggers { name: "envoy.resource_monitors.fake_resource1" threshold { value: 0.8 } } } )EOF"; EXPECT_THROW_WITH_REGEX(createOverloadManager(config), EnvoyException, "Duplicate trigger .*"); } TEST_F(OverloadManagerImplTest, Shutdown) { setDispatcherExpectation(); auto manager(createOverloadManager(getConfig())); manager->start(); EXPECT_CALL(*timer_, disableTimer()); manager->stop(); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/server_corpus/api_boost_crash ================================================ node { client_features: "&" } static_resources { listeners { name: " " address { pipe { path: "aa\000" } } transparent { } } } stats_sinks { typed_config { [type.googleapis.com/envoy.api.v2.route.Route] { route { retry_policy { retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 113 retriable_status_codes: 32 retriable_status_codes: 123 retriable_status_codes: 40 retriable_status_codes: 36 retriable_status_codes: 32 retriable_status_codes: 42 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 113 retriable_status_codes: 32 retriable_status_codes: 123 retriable_status_codes: 40 retriable_status_codes: 36 retriable_status_codes: 32 retriable_status_codes: 32 retriable_status_codes: 99 retriable_status_codes: 108 retriable_status_codes: 117 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 114 retriable_status_codes: 123 retriable_status_codes: 115 } } } } } stats_sinks { typed_config { [type.googleapis.com/envoy.api.v2.route.Route] { route { retry_policy { retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 116 retriable_status_codes: 105 retriable_status_codes: 99 retriable_status_codes: 95 retriable_status_codes: 114 retriable_status_codes: 101 retriable_status_codes: 115 retriable_status_codes: 111 retriable_status_codes: 117 retriable_status_codes: 114 retriable_status_codes: 99 retriable_status_codes: 65 retriable_status_codes: 101 retriable_status_codes: 32 retriable_status_codes: 99 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 32 retriable_status_codes: 32 retriable_status_codes: 99 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 } } } } } stats_sinks { typed_config { [type.googleapis.com/envoy.api.v2.route.Route] { route { retry_policy { retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 113 retriable_status_codes: 32 retriable_status_codes: 123 retriable_status_codes: 40 retriable_status_codes: 36 retriable_status_codes: 32 retriable_status_codes: 42 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 97 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 113 retriable_status_codes: 32 retriable_status_codes: 123 retriable_status_codes: 40 retriable_status_codes: 36 retriable_status_codes: 32 retriable_status_codes: 32 retriable_status_codes: 99 retriable_status_codes: 108 retriable_status_codes: 117 retriable_status_codes: 115 retriable_status_codes: 116 retriable_status_codes: 101 retriable_status_codes: 114 retriable_status_codes: 123 retriable_status_codes: 115 } } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-4788023076847616 ================================================ static_resources { clusters { name: ";" connect_timeout { seconds: 2304 nanos: 132 } health_checks { timeout { nanos: 262144 } interval { seconds: 2559 nanos: 67154560 } unhealthy_threshold { value: 122 } healthy_threshold { value: 1728053248 } alt_port { value: 4 } http_health_check { path: "0.0.0.0" receive { text: "@B\017\000\000\000\000\000" } request_headers_to_add { header { key: ";" value: "\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177" } append { value: true } } request_headers_to_remove: ";x" codec_client_type: HTTP3 } no_traffic_interval { nanos: 917760 } unhealthy_edge_interval { seconds: 2559 nanos: 16384 } event_log_path: "]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]" interval_jitter_percent: 524288 tls_options { alpn_protocols: "/" } } http2_protocol_options { } upstream_bind_config { source_address { address: "0.0.0.0" port_value: 0 } freebind { value: true } } common_http_protocol_options { idle_timeout { seconds: 2304 nanos: 132 } } load_assignment { cluster_name: "domains" endpoints { locality { zone: "6" } load_balancing_weight { value: 122 } priority: 122 } endpoints { lb_endpoints { endpoint { address { socket_address { protocol: UDP address: "0.0.0.0" port_value: 122 } } } health_status: TIMEOUT load_balancing_weight { value: 8960 } } priority: 122 } endpoints { locality { zone: "\n\000\000\000" } lb_endpoints { endpoint { address { socket_address { address: "0.0.0.0" port_value: 0 } } } health_status: TIMEOUT } load_balancing_weight { value: 122 } priority: 122 } endpoints { locality { sub_zone: "|" } priority: 122 proximity { value: 664184 } } endpoints { locality { zone: "77777777" } lb_endpoints { endpoint { address { socket_address { address: "0.0.0.1" port_value: 0 ipv4_compat: true } } } health_status: TIMEOUT } lb_endpoints { endpoint { address { socket_address { address: "0.0.0.0" port_value: 0 } } } health_status: TIMEOUT } load_balancing_weight { value: 1728053248 } priority: 106 } policy { endpoint_stale_after { nanos: 262144 } } } dns_failure_refresh_rate { base_interval { seconds: 8 nanos: 812933685 } } upstream_http_protocol_options { } } } cluster_manager { load_stats_config { transport_api_version: V3 } } stats_sinks { name: "type.googleapis.com/envoy.api.v2.route.Route" typed_config { type_url: "IIIIIIIIIIIIIIII" } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-5067970991095808 ================================================ static_resources { clusters { name: "6" connect_timeout { seconds: 2321 } lb_policy: MAGLEV hosts { pipe { path: "=" } } hosts { pipe { path: "=" } } hosts { pipe { path: "t" } } max_requests_per_connection { value: 67108864 } dns_lookup_family: V4_ONLY outlier_detection { success_rate_minimum_hosts { value: 4096 } } common_lb_config { locality_weighted_lb_config { } } } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J :2222222222222222222222222\022" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*static\'_resourc\022es {(\n cluster`s" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J :2222222222222222222222221\022" } } stats_flush_interval { nanos: 2883584 } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-5664687524413440 ================================================ node { id: "," cluster: "0" locality { zone: "0" sub_zone: "0" } } static_resources { listeners { address { pipe { path: "name" } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } transport_protocol: "\177" } } tcp_fast_open_queue_length { value: 99 } } listeners { address { pipe { path: "name" } } filter_chains { } tcp_fast_open_queue_length { value: 99 } } listeners { name: "listener_0" address { pipe { path: "name" } } filter_chains { tls_context { common_tls_context { tls_params { tls_minimum_protocol_version: TLSv1_2 tls_maximum_protocol_version: TLSv1_2 } tls_certificate_sds_secret_configs { sds_config { api_config_source { api_type: REST grpc_services { google_grpc { target_uri: "name" stat_prefix: ":" } } } } } } require_client_certificate { } require_sni { } } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } } } transparent { value: true } listener_filters_timeout { nanos: 1024 } } listeners { address { pipe { path: "name" } } filter_chains { filter_chain_match { } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } } tls_context { common_tls_context { tls_params { tls_minimum_protocol_version: TLSv1_2 tls_maximum_protocol_version: TLSv1_2 } tls_certificate_sds_secret_configs { name: "\177" sds_config { api_config_source { api_type: REST grpc_services { google_grpc { target_uri: "name" stat_prefix: ":" } } } } } } require_client_certificate { } require_sni { } } } tcp_fast_open_queue_length { value: 99 } } listeners { address { pipe { path: "name" } } filter_chains { filter_chain_match { } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } } tls_context { common_tls_context { tls_params { tls_minimum_protocol_version: TLSv1_2 tls_maximum_protocol_version: TLSv1_2 } tls_certificate_sds_secret_configs { name: "\177" sds_config { api_config_source { api_type: REST grpc_services { google_grpc { target_uri: "name" stat_prefix: ":" } } } } } } require_client_certificate { } require_sni { } } } tcp_fast_open_queue_length { value: 99 } } listeners { address { pipe { path: "name" } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } } } tcp_fast_open_queue_length { value: 99 } } listeners { address { pipe { path: "name" } } filter_chains { filter_chain_match { source_prefix_ranges { address_prefix: "\177" } } } tcp_fast_open_queue_length { value: 99 } } } flags_path: " " ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-5697041979146240 ================================================ static_resources { clusters { name: "ineasrh_stsB" eds_cluster_config { service_name: "\177" } connect_timeout { nanos: 249999905 } dns_refresh_rate { nanos: 249999905 } dns_lookup_family: V4_ONLY load_assignment { cluster_name: "GGG" endpoints { priority: 538970624 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { priority: 246 } endpoints { priority: 538970624 } endpoints { priority: 2 } endpoints { priority: 538970624 } endpoints { priority: 2105354 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { priority: 671091188 } endpoints { priority: 2105354 } endpoints { priority: 11264 } endpoints { lb_endpoints { } load_balancing_weight { value: 2 } priority: 11264 } endpoints { priority: 538970624 } endpoints { priority: 538970624 } endpoints { priority: 538970624 } endpoints { priority: 11264 } endpoints { priority: 2105354 } endpoints { priority: 671091190 } endpoints { priority: 671151625 } endpoints { priority: 671151625 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { priority: 671091190 } endpoints { priority: 538976256 } endpoints { priority: 671091188 } endpoints { priority: 671091188 } endpoints { priority: 11264 } endpoints { lb_endpoints { health_status: DRAINING load_balancing_weight { value: 2 } } priority: 11264 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { priority: 11264 } endpoints { priority: 538970624 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 11264 } endpoints { priority: 11264 } endpoints { lb_endpoints { load_balancing_weight { value: 2 } } priority: 738208768 } endpoints { priority: 671151625 } endpoints { priority: 671091188 } endpoints { priority: 30 } endpoints { priority: 671151625 } endpoints { lb_endpoints { } load_balancing_weight { value: 64 } priority: 2 } endpoints { lb_endpoints { health_status: DRAINING } priority: 11264 } endpoints { lb_endpoints { } priority: 11264 } endpoints { locality { zone: "\177\r" } priority: 538970624 } endpoints { priority: 671091190 } endpoints { priority: 244 } endpoints { priority: 538970624 } endpoints { locality { region: "~" } lb_endpoints { } priority: 11264 } endpoints { priority: 2 } } } } admin { access_log_path: "/tmp/admin_access.log" address { pipe { path: "*" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-5729922022113280 ================================================ static_resources { clusters { name: "i?aress_http" type: LOGICAL_DNS connect_timeout { seconds: 2304 nanos: 707406378 } tls_context { common_tls_context { alpn_protocols: "" alpn_protocols: "" combined_validation_context { default_validation_context { trusted_ca { inline_bytes: "\302\000\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\000\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302" } require_signed_certificate_timestamp { } } validation_context_sds_secret_config { } } } sni: "mane" } alt_stat_name: "[" } clusters { name: "i?aress_http" type: LOGICAL_DNS connect_timeout { nanos: 538970747 } hosts { pipe { path: "\000\000\000\000`" } } hosts { pipe { path: "2" } } hosts { pipe { path: "`" } } hosts { pipe { path: "2" } } tls_context { common_tls_context { combined_validation_context { default_validation_context { trusted_ca { inline_bytes: "\302\000\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\000\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302" } require_signed_certificate_timestamp { } } validation_context_sds_secret_config { sds_config { api_config_source { refresh_delay { seconds: 8391050737688276324 nanos: 64 } } } } } } } http_protocol_options { allow_absolute_url { value: true } } alt_stat_name: "[" upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589824 } } } } clusters { name: "p`ne" type: STRICT_DNS connect_timeout { nanos: 707406378 } hosts { pipe { path: "2" } } hosts { pipe { path: "`" } } tls_context { common_tls_context { alpn_protocols: "" alpn_protocols: "" combined_validation_context { default_validation_context { trusted_ca { inline_bytes: "\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302\302" } require_signed_certificate_timestamp { } } validation_context_sds_secret_config { sds_config { api_config_source { refresh_delay { seconds: 8391050737688276324 nanos: 64 } } } } } } sni: "mane" } http_protocol_options { allow_absolute_url { value: true } } alt_stat_name: "[" } secrets { validation_context { } } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "2" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "Z" } stats_sinks { } stats_sinks { name: "type.googleapis.com/envoy.api.v2.route.Route" typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\nJ1" } } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*static\'_resourc\022es {(\n cluster`s" } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "type.googleapis.com/envoy.api.v2.route.Route" typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "type.googleapis.com/envoy.api.v2.route.Route" } } stats_sinks { name: "]" } stats_sinks { } stats_sinks { } stats_sinks { name: "type.googleatis.com/google.protobuf.Value" } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*static_resourc\001es {(\n cluster`s" } } stats_sinks { name: "," } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J :2222622222222222222222221\022" } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "\013" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\nJ1" } } stats_sinks { } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-5747944989392896 ================================================ static_resources { clusters { name: "servi_e_ervile" connect_timeout { seconds: 2304 nanos: 250000000 } lb_policy: RING_HASH hosts { pipe { path: "\000\000\020\000\000\000\000\000" } } hosts { pipe { path: "{" } } hosts { pipe { path: "z" } } dns_lookup_family: V4_ONLY lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } subset_selectors { } } common_lb_config { healthy_panic_threshold { value: 9.88131291682493e-324 } locality_weighted_lb_config {} } drain_connections_on_host_removal: true } clusters { name: "{" connect_timeout { seconds: 2304 } lb_policy: RING_HASH hosts { pipe { path: "z" } } hosts { pipe { path: "A" } } hosts { pipe { path: "1" } } hosts { pipe { path: "A" } } hosts { pipe { path: "z" } } dns_lookup_family: V6_ONLY outlier_detection { success_rate_stdev_factor { value: 589951 } } lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } } common_lb_config { locality_weighted_lb_config {} } upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589951 } } } drain_connections_on_host_removal: true } clusters { name: "|" connect_timeout { seconds: 2304 } lb_policy: RING_HASH hosts { pipe { path: "j" } } hosts { pipe { path: "1" } } hosts { pipe { path: "6" } } hosts { pipe { path: "A" } } dns_lookup_family: V4_ONLY outlier_detection { success_rate_stdev_factor { value: 4294443006 } } lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } locality_weight_aware: true } common_lb_config { locality_weighted_lb_config {} } upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589951 } } } drain_connections_on_host_removal: true } clusters { name: "z" connect_timeout { seconds: 2304 } lb_policy: RANDOM hosts { pipe { path: "\001" } } hosts { pipe { path: "z" } } hosts { pipe { path: "@" } } hosts { pipe { path: "{" } } dns_lookup_family: V4_ONLY upstream_connection_options { } } clusters { name: "8" connect_timeout { seconds: 2304 nanos: 250000000 } lb_policy: RING_HASH hosts { pipe { path: "{" } } hosts { pipe { path: "\001" } } circuit_breakers { thresholds { max_requests { value: 4294443006 } } } dns_lookup_family: V4_ONLY outlier_detection { success_rate_stdev_factor { value: 589951 } } lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } locality_weight_aware: true scale_locality_weight: true } common_lb_config { locality_weighted_lb_config {} } alt_stat_name: "B" upstream_connection_options { } drain_connections_on_host_removal: true } clusters { name: "\001" connect_timeout { seconds: 2304 nanos: 250000111 } lb_policy: RING_HASH hosts { pipe { path: "\001" } } hosts { pipe { path: "z" } } hosts { pipe { path: "\001" } } hosts { pipe { path: "@" } } dns_lookup_family: V4_ONLY lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } subset_selectors { } locality_weight_aware: true } common_lb_config { locality_weighted_lb_config {} } upstream_connection_options { } } } admin { access_log_path: "/tmpoadmin_access.log" address { pipe { path: "name" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-config_fuzz_test-6287096397430784 ================================================ static_resources { clusters { name: " " connect_timeout { seconds: 2304 } per_connection_buffer_limit_bytes { value: 209 } lb_policy: RING_HASH hosts { pipe { path: "z" } } hosts { pipe { path: " " } } hosts { pipe { path: ";" } } dns_lookup_family: V4_ONLY outlier_detection { success_rate_stdev_factor { value: 268435456 } } } clusters { name: "@" connect_timeout { seconds: 2304 } lb_policy: RING_HASH hosts { pipe { path: "@" } } hosts { pipe { path: "X" } } hosts { pipe { path: "@" } } dns_lookup_family: V4_ONLY outlier_detection { success_rate_stdev_factor { value: 589951 } } } clusters { name: "#" connect_timeout { seconds: 2304 nanos: 235995425 } lb_policy: MAGLEV dns_lookup_family: V4_ONLY cleanup_interval { nanos: 235995425 } upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589824 } } } } clusters { name: "X" connect_timeout { seconds: 2304 } outlier_detection { success_rate_stdev_factor { value: 589951 } } lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } locality_weight_aware: true } ring_hash_lb_config { } } clusters { name: "0" connect_timeout { seconds: 2304 } outlier_detection { success_rate_stdev_factor { value: 589951 } } lb_subset_config { fallback_policy: ANY_ENDPOINT subset_selectors { } locality_weight_aware: true } } clusters { name: "`" connect_timeout { seconds: 2304 } lb_policy: RING_HASH hosts { pipe { path: ";" } } hosts { pipe { path: ";" } } dns_lookup_family: V4_ONLY outlier_detection { success_rate_stdev_factor { value: 589951 } } lb_subset_config { default_subset { fields { key: "" value { bool_value: true } } } } upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589824 } } } close_connections_on_host_health_failure: true drain_connections_on_host_removal: true } clusters { name: "z" connect_timeout { seconds: 2304 } hosts { pipe { path: "*" } } hosts { pipe { path: "5" } } hosts { pipe { path: "z" } } hosts { pipe { path: "@" } } hosts { pipe { path: "z" } } upstream_connection_options { tcp_keepalive { keepalive_probes { value: 589824 } } } load_assignment { cluster_name: " " endpoints { locality { region: " " } lb_endpoints { endpoint { address { pipe { path: "\n\000\000\000" } } health_check_config { port_value: 10878976 } } health_status: TIMEOUT } } endpoints { lb_endpoints { endpoint { health_check_config { port_value: 41216 } } health_status: TIMEOUT } priority: 41216 } endpoints { locality { region: "\027" } lb_endpoints { } } endpoints { priority: 41216 } } } } admin { access_log_path: "/tmp/admin_access.lss" address { pipe { path: "*" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5118008002871296 ================================================ static_resources { listeners { name: " " address { pipe { path: "\000" } } transparent { } } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*stateq {($ *stateq {($ cluster{s" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*static_resourcAe csta csta" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*stateq {($ *stateq {($ cluster{s" } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5118008002871297 ================================================ static_resources { listeners { name: " " address { pipe { path: "aa\000" } } transparent { } } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*stateq {($ *stateq {($ cluster{s" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*static_resourcAe csta csta" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J.:*stateq {($ *stateq {($ cluster{s" } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5186283155750912 ================================================ static_resources { clusters { name: "www.google.com" connect_timeout { nanos: 61 } http2_protocol_options { initial_stream_window_size { value: 917504 } initial_connection_window_size { value: 1952382976 } allow_connect: true max_outbound_control_frames { value: 1952382976 } stream_error_on_invalid_http_messaging: true custom_settings_parameters { identifier { value: 65536 } value { value: 7536640 } } custom_settings_parameters { identifier { value: 65536 } value { value: 7536640 } } } alt_stat_name: ";" load_assignment { cluster_name: "domains" policy { hidden_envoy_deprecated_disable_overprovisioning: true } } lrs_server { path: ":" } } } dynamic_resources { } stats_sinks { hidden_envoy_deprecated_config { fields { key: "fffffffffffffffffffffffffff" value { } } } } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "J\004\022\002\010\001J\005\n\003\022\0019J\004\022\002\010\001b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000b\000" } } admin { } enable_dispatcher_stats: true header_prefix: "*" ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5666128418832384 ================================================ node { id: " " cluster: " " build_version: " " } static_resources { clusters { name: " " type: STRICT_DNS connect_timeout { nanos: 82893184 } per_connection_buffer_limit_bytes { value: 268435456 } lb_policy: RING_HASH hosts { pipe { path: " " } } hosts { pipe { path: " " } } tls_context { common_tls_context { } } } clusters { name: " " connect_timeout { seconds: 2304 } lb_policy: RING_HASH hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: " " } } hosts { pipe { path: "2" } } hosts { pipe { path: "s" } } hosts { pipe { path: "4" } } hosts { pipe { path: "5" } } hosts { pipe { path: "1" } } hosts { pipe { path: "0" } } hosts { pipe { path: "]" } } hosts { pipe { path: "8" } } hosts { pipe { path: "{" } } hosts { pipe { path: "*" } } hosts { pipe { path: "4" } } hosts { pipe { path: " " } } hosts { pipe { path: "{" } } health_checks { timeout { seconds: 4294901763 nanos: 25 } interval { nanos: 25 } unhealthy_threshold { value: 268435456 } healthy_threshold { value: 655360 } http_health_check { path: ":" service_name: "0" use_http2: true } event_log_path: "c" } tls_context { common_tls_context { validation_context { } tls_certificate_sds_secret_configs { sds_config { path: "/" } } } } alt_stat_name: "o" } } stats_sinks { } stats_sinks { name: "tsy.googtati" config { fields { key: "\177" value { } } } } stats_sinks { name: "," } stats_sinks { typed_config { type_url: "type.googleapis.com/googlalue" } } stats_sinks { } stats_sinks { name: "," } stats_sinks { config { } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "[" } stats_sinks { typed_config { type_url: "[" } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "toogti" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "q" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "!" } stats_sinks { name: "," } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "," } stats_sinks { } stats_sinks { name: "2" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "," } stats_sinks { } stats_sinks { name: "," } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "2" } stats_sinks { } stats_sinks { name: "," } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "," } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "2" } stats_sinks { name: "6" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5674078337236992 ================================================ static_resources { clusters { name: "p" connect_timeout { nanos: 786870912 } hosts { pipe { path: "`" } } hosts { pipe { path: "`" } } tls_context { common_tls_context { tls_params { ecdh_curves: "P" ecdh_curves: "P" } tls_certificates { private_key { filename: "\001\000\000\t" } password { inline_string: "#\000\000\000\000\000\000\000" } ocsp_staple { filename: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } } tls_certificates { private_key { filename: "\001\000\000\t" } password { inline_string: "#\000\000\000\000\000\000\000" } ocsp_staple { filename: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } } tls_certificates { private_key { filename: "\001static_resources {\n clusters {\n name: \"z:\"\n type: STRICT_DNS\n connect_timeout {\n seconds: -210453399808\n nanos: 250002048\n }\n http2_protocol_options {\n allow_connect: true\n }\n dns_lookup_family: V4_ONLY\n common_lb_config {\n ignore_new_hosts_until_first_hc: true\n }\n alt_stat_name: \"\\020\"\n close_connections_on_host_health_failure: true\n filters {\n name: \"%\"\n }\n }\n clusters {\n name: \"service_google\"\n connect_timeout {\n nanos\000: 786870912\n }\n per_connection_buffer_limit_bytes {\n value: 4143972352\n }\n lb_policy: RING_HASH\n hosts {\n pipe {\n path: \"`\"\n }\n }\n hosts {\n pipe {\n path: \"#\"\n }\n }\n hosts {\n pipe {\n path: \"`\"\n }\n }\n tls_context {\n common_tls_conte\000xt {\n tls_params {\n ecdh_curves: \"P\"\n }\n tls_certificates {\n private_key {\n filename: \"\\001\\0\t00\\000\\t\"\n }\n password {\n inline_string: \"#\\000\\000\\000\\000\\000\\000\\000\"\n }\n ocsp_staple {\n filename: \"\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\\000\"\n }\n }\n tls_certificates" } ocsp_staple { filename: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } } combined_validation_context { default_validation_context { verify_subject_alt_name: "\001\000\000\000\000\000\000\006" require_ocsp_staple { value: true } require_signed_certificate_timestamp { } } validation_context_sds_secret_config { } } } } close_connections_on_host_health_failure: true } secrets { validation_context { trusted_ca { inline_bytes: "\316" } } } } cluster_manager { local_cluster_name: "," upstream_bind_config { source_address { address: "\032" port_value: 8192 ipv4_compat: true } } load_stats_config { refresh_delay { seconds: 4611686018427387903 } set_node_on_first_message_only: true } } stats_sinks { typed_config { type_url: "\001\000\000\t" value: "\230*Vs{{{{{{{{{{{{{{{{{{{{{{{{{{||{|||{{{{{{{{{{{{{{{{{{{{{{{{{||||||||||||||||||||||||||st|||||||||||||||||||||stt" } } stats_sinks { } stats_sinks { name: "VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV" typed_config { type_url: "\001\000\000\t" } } watchdog { miss_timeout { seconds: 2147483707 } kill_timeout { seconds: 2046820352 } } hds_config { } layered_runtime { } header_prefix: ":" ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5702999713513472 ================================================ static_resources { listeners { address { pipe { path: "@" } } } clusters { name: "&" connect_timeout { seconds: 2304 } lb_policy: RING_HASH alt_stat_name: "t" close_connections_on_host_health_failure: true track_timeout_budgets: true } clusters { name: "servi|e_gogole" connect_timeout { seconds: 3 } lb_policy: RING_HASH load_assignment { cluster_name: "domains" endpoints { priority: 93 } endpoints { locality { zone: "t" } lb_endpoints { endpoint { address { pipe { path: ";" } } } health_status: TIMEOUT load_balancing_weight { value: 4294967295 } } load_balancing_weight { value: 122 } } endpoints { locality { region: "domains" sub_zone: "|" } lb_endpoints { endpoint { address { pipe { path: ";" } } } health_status: TIMEOUT } priority: 122 } endpoints { locality { zone: "\t" } load_balancing_weight { value: 122 } priority: 122 } endpoints { locality { sub_zone: "|" } priority: 122 } endpoints { locality { zone: "\t" } load_balancing_weight { value: 285212672 } priority: 122 } endpoints { locality { } load_balancing_weight { value: 122 } priority: 122 } endpoints { locality { zone: "\t" } lb_endpoints { endpoint { address { socket_address { address: "0.0.0.0" port_value: 47 } } } health_status: TIMEOUT } load_balancing_weight { value: 122 } } endpoints { locality { zone: "\t" } lb_endpoints { endpoint { address { pipe { path: "@" } } } health_status: UNHEALTHY } load_balancing_weight { value: 122 } priority: 122 } endpoints { load_balancing_weight { value: 122 } priority: 122 } policy { } } } } flags_path: "VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV(VVVVVVVVVVVVVVV" stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/e" } } stats_sinks { } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "B\004\n\000\022\000R\000" } } stats_sinks { } stats_sinks { } stats_sinks { hidden_envoy_deprecated_config { fields { key: "" value { null_value: NULL_VALUE } } } } stats_sinks { } stats_sinks { } stats_sinks { name: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } stats_sinks { typed_config { type_url: "\000\000\000\000" } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/e" } } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { name: "ffff]f$fffff" } stats_sinks { name: "\000\035eut_c" } stats_sinks { name: "]" } admin { profile_path: "\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'\'" } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5754548048625664 ================================================ node { id: " " cluster: " " } dynamic_resources { ads_config { api_type: GRPC grpc_services { google_grpc { target_uri: " " stat_prefix: " " } } } } admin { access_log_path: " 004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\007\004\004\004\004\004\004\004\004 }\n\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004 \004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004\004}" profile_path: "p" } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-config_fuzz_test-5762646786179072 ================================================ node { id: " " cluster: " " } static_resources { listeners { address { pipe { path: " " } } filter_chains { tls_context { common_tls_context { tls_params { tls_minimum_protocol_version: TLSv1_2 tls_maximum_protocol_version: TLSv1_3 cipher_suites: " " ecdh_curves: " " } tls_certificate_sds_secret_configs { sds_config { api_config_source { cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" } } } validation_context_sds_secret_config { sds_config { ads { } } } } require_client_certificate { value: true } } } metadata { filter_metadata { key: "" value { } } filter_metadata { key: "\000\000\000" value { } } filter_metadata { key: "\000\000\000\014" value { fields { key: "" value { } } } } filter_metadata { key: "\000\000\010\010" value { } } filter_metadata { key: "\000\000\024\024" value { } } filter_metadata { key: "\000\004\004\004" value { } } filter_metadata { key: "\000\004\027\000\010\010" value { } } filter_metadata { key: "\000\005\010" value { } } filter_metadata { key: "\000\020\001\010" value { } } filter_metadata { key: "\004\000\000\004" value { } } filter_metadata { key: "\024\020n" value { } } filter_metadata { key: " " value { } } filter_metadata { key: "\"" value { } } filter_metadata { key: "4" value { } } filter_metadata { key: "B" value { } } filter_metadata { key: "LN~NNNN" value { } } filter_metadata { key: "M" value { } } filter_metadata { key: "M" value { } } filter_metadata { key: "NH~=LZ" value { } } filter_metadata { key: "NL/EN/X" value { } } filter_metadata { key: "NL/LNNX" value { } } filter_metadata { key: "NNMn!mN" value { } } filter_metadata { key: "NNNHH^" value { } } filter_metadata { key: "NNNHNNN" value { } } filter_metadata { key: "NNNH`NN" value { fields { key: "[" value { } } } } filter_metadata { key: "NNNLNNN" value { } } filter_metadata { key: "NNNN~L^" value { } } filter_metadata { key: "NNN~=LZ" value { } } filter_metadata { key: "envoy.hnnection_managemananer" value { } } filter_metadata { key: "f&fff$f2fff" value { } } filter_metadata { key: "f&fffnameff" } filter_metadata { key: "ffQff$fffff" value { fields { key: "\000\000\000\005" value { } } } } filter_metadata { key: "ffff$ffffff" value { } } filter_metadata { key: "fffff$fff$f" value { } } filter_metadata { key: "ffffffQf@ff" value { } } filter_metadata { key: "ffffffffff&" value { } } filter_metadata { key: "ffffffffnf&" value { } } filter_metadata { key: "nAm!" value { } } filter_metadata { key: "p" value { } } filter_metadata { key: "t=L^NNN" value { } } filter_metadata { key: "u" value { fields { key: "\000\000\000\005" value { } } } } filter_metadata { key: "}fffv$fffff" value { } } filter_metadata { key: "\312\277 " value { } } filter_metadata { key: "\314\200`282366920938463463374607431768211455stati\020alt" value { } } filter_metadata { key: "\314\200`282366929384634633744607431768211455stati\000alt" value { } } filter_metadata { key: "\314\200`282366929384634669293846432337611455stati\000alt" value { } } filter_metadata { key: "\314\200\340282366920938463463374607431768211455static_resources {\n clusters {\n he\000alt" value { } } filter_metadata { key: "\343\203\262\"88GIHT98\361\241\254\243\341\277\236`28236692093:463463374607431768211203\363\213\207\222\361\221\226\240\005" value { } } filter_metadata { key: "\343\203\262\"88GIHT98\361\241\254\243\341\277\236`28:366920938463463374607431712163208\363\213\207\222\321\221\314\240\005" value { } } } tcp_fast_open_queue_length { } } } dynamic_resources { ads_config { api_type: GRPC grpc_services { google_grpc { target_uri: "*" stat_prefix: " " } } } } stats_sinks { name: "!" } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/google.prlue" } } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/google.prlue" } } stats_sinks { } stats_sinks { name: "\005" } stats_sinks { name: "\005" typed_config { type_url: "type.googleapis.com/google.protobuf.Value" value: "2\366\337\303\377\007!\253" } } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/google.protobuf.Value" value: "2\366\337\303\377\007!\253" } } stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "d" } } stats_sinks { typed_config { type_url: "type.googleapis.com/google.protobuf.ListValue" value: "2\366\337\303\377\007!\253" } } stats_sinks { name: "tsy.googtati" typed_config { type_url: "type.googleapiobuf.Value" } } stats_sinks { name: "," } stats_sinks { name: "\005" } stats_sinks { typed_config { type_url: "type.googleapis.com/google.protobuf.Value" value: "2\366\337\303\377\007!\253" } } stats_sinks { name: "," } stats_sinks { name: "," typed_config { type_url: "type.googleapis.com/google.protobuf.Value" value: "2\366\337\303\377\007!\253" } } stats_sinks { } stats_sinks { } stats_sinks { name: "\005" } stats_sinks { } stats_sinks { } stats_sinks { } stats_sinks { typed_config { type_url: "type.googleapis.com/google.prlue" } } stats_sinks { } stats_sinks { } stats_sinks { name: "\005" } stats_sinks { typed_config { type_url: "type.googleapis.com/google.protobuf.ListValue" } } hds_config { cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" cluster_names: "" } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5083428128030720 ================================================ static_resources { clusters { name: "^" connect_timeout { nanos: 6 } lb_policy: RING_HASH hosts { pipe { path: "i" } } ring_hash_lb_config { minimum_ring_size { value: 4395513236313604096 } } } } admin { access_log_path: "@" address { pipe { path: "i" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5084029869883392 ================================================ static_resources { listeners { address { envoy_internal_address { server_listener_name: "ipv6" } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5632902623657984 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 6 } hosts { pipe { path: " " } } health_checks { timeout { nanos: 6 } interval { nanos: 6 } unhealthy_threshold { } healthy_threshold { } tcp_health_check { } } } } cluster_manager { upstream_bind_config { source_address { address: "0.0.0.0" port_value: 0 } freebind { value: true } } } admin { address { pipe { path: " " } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5633109961998336 ================================================ static_resources { clusters { name: "B" connect_timeout { nanos: 4 } hosts { pipe { path: "l" } } hosts { pipe { path: "\334\254" } } health_checks { timeout { seconds: 512 } interval { nanos: 91 } unhealthy_threshold { } healthy_threshold { } http_health_check { host: "#" path: "=" codec_client_type: HTTP3 } interval_jitter_percent: 1 always_log_health_check_failures: true } } } cluster_manager { load_stats_config { rate_limit_settings { fill_rate { value: 2.36453327863576e-312 } } } } flags_path: "\000\000\000\000\000\010NK" ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5665272556158976 ================================================ cluster_manager { load_stats_config { grpc_services { google_grpc { target_uri: " " call_credentials { sts_service { } } } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5665941383282688 ================================================ static_resources { clusters { name: " " type: STRICT_DNS connect_timeout { nanos: 4 } dns_refresh_rate { nanos: 4 } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5686444035670016 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 4 } hosts { pipe { } } health_checks { timeout { nanos: 4 } interval { nanos: 4 } unhealthy_threshold { } healthy_threshold { } tcp_health_check { } no_traffic_interval { seconds: 2818048 } interval_jitter_percent: 537791091 } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5690948441341952 ================================================ static_resources { clusters { name: " " type: STRICT_DNS connect_timeout { nanos: 8 } outlier_detection { interval { nanos: 800000000 } success_rate_minimum_hosts { } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5705296232579072 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 6 } load_assignment { cluster_name: " " endpoints { priority: 4 } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5714049408172032 ================================================ cluster_manager { load_stats_config { api_type: GRPC grpc_services { google_grpc { target_uri: "18446744073709551617" stat_prefix: "2147483649" channel_args { args { key: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" value { } } } } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5724853840117760 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 9 } hosts { pipe { } } health_checks { timeout { nanos: 9 } interval { nanos: 9 } unhealthy_threshold { } healthy_threshold { } grpc_health_check { } no_traffic_interval { } interval_jitter_percent: 4 } http2_protocol_options { } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5730612661452800 ================================================ runtime { symlink_root: "/" subdirectory: "tmp" override_subdirectory: "out" } admin { access_log_path: "/" address { pipe { path: "WW" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5733243234811904 ================================================ node { } static_resources { clusters { name: ";" connect_timeout { seconds: 8 nanos: 132 } per_connection_buffer_limit_bytes { value: 1728053248 } health_checks { timeout { seconds: 8 nanos: 25 } interval { seconds: 2559 nanos: 67154560 } unhealthy_threshold { value: 1728053248 } healthy_threshold { value: 1728053248 } alt_port { value: 4 } http_health_check { path: ":" receive { text: "@B\017\000\000\000\000\000" } request_headers_to_add { header { key: "\361\211\211\211\t\341\211\211\tt" value: "\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\337\205\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177" } } request_headers_to_remove: ";" } unhealthy_interval { seconds: 8 nanos: 132 } unhealthy_edge_interval { seconds: 2299 nanos: 16384 } event_log_path: "%" always_log_health_check_failures: true } max_requests_per_connection { value: 842473504 } http2_protocol_options { max_inbound_priority_frames_per_stream { value: 1701737468 } } alt_stat_name: "=" common_http_protocol_options { max_headers_count { value: 842473504 } } load_assignment { cluster_name: "domains" endpoints { locality { zone: "6" } load_balancing_weight { value: 842473504 } priority: 122 } endpoints { lb_endpoints { endpoint { address { socket_address { address: "0.0.0.0" port_value: 0 } } } health_status: TIMEOUT } priority: 122 proximity { value: 28732523 } } endpoints { locality { sub_zone: "|" } lb_endpoints { endpoint { address { pipe { path: "$node {\n}\ns" } } } health_status: UNHEALTHY } load_balancing_weight { value: 122 } priority: 122 } endpoints { locality { sub_zone: "|" } lb_endpoints { endpoint { address { socket_address { address: "0.0.0.0" port_value: 0 } } } health_status: DEGRADED } priority: 122 } endpoints { lb_endpoints { health_status: HEALTHY endpoint_name: "\021\000\000\000\000\000\000\000" } lb_endpoints { endpoint { address { envoy_internal_address { server_listener_name: "\001\000\000\001" } } } health_status: TIMEOUT } priority: 106 } policy { drop_overloads { category: "U" } } } dns_failure_refresh_rate { base_interval { seconds: 8 nanos: 132 } } track_cluster_stats { } } } stats_sinks { name: "type.googleapis.com/envoy.api.v2.route.Route" typed_config { type_url: "IIIIIIIIIIIIIIII" } } stats_sinks { name: "=" typed_config { value: "\000\037" } } stats_sinks { } stats_sinks { } stats_sinks { name: "[" } stats_sinks { } stats_sinks { name: "z" } stats_sinks { name: "z" } stats_sinks { name: "z" } stats_sinks { name: "z" } stats_sinks { name: "z" } stats_sinks { name: "z" } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5742573780467712 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 4 } load_assignment { cluster_name: " " endpoints { lb_endpoints { endpoint { address { pipe { path: " " } } health_check_config { port_value: 2 } } } } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5751467204411392 ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 6 } lb_policy: RING_HASH hosts { pipe { } } health_checks { timeout { nanos: 6 } interval { nanos: 6 } unhealthy_threshold { } healthy_threshold { } tcp_health_check { } } ring_hash_lb_config { minimum_ring_size { value: 8765695 } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-5761881319407616 ================================================ node { id: " " cluster: " " } static_resources { clusters { name: " " connect_timeout { nanos: 4 } hosts { pipe { } } health_checks { timeout { nanos: 4 } interval { nanos: 4 } unhealthy_threshold { } healthy_threshold { } grpc_health_check { } } tls_context { common_tls_context { tls_certificate_sds_secret_configs { sds_config { path: "" } } } } http2_protocol_options { } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-minimized-server_fuzz_test-6246954531291136 ================================================ static_resources { clusters { name: "o" connect_timeout { nanos: 15118976 } metadata { filter_metadata { key: "" } filter_metadata { key: "\000\000" } filter_metadata { key: "\000\000\001\002z3r90\000\000" } filter_metadata { key: "\000\001\000" } filter_metadata { key: "\000\\959798428\001\002z32902546264\23297677535337\000" } filter_metadata { key: "\0147,83648\000\001\001" } filter_metadata { key: "0" } filter_metadata { key: "@" } filter_metadata { key: "@@" } filter_metadata { key: "UPST128\tAM_HO\001\202\247ST" value { } } filter_metadata { key: "g" value { } } filter_metadata { key: "m" value { } } filter_metadata { key: "y" } } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-4832853025095680 ================================================ static_resources { clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "google.com" port_value: 0 } } tls_context { sni: "127.0.0.1" } dns_lookup_family: V4_ONLY } clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "127.0.0.1" port_value: 4294312379 } } dns_lookup_family: V4_ONLY } clusters { name: "127.1" type: LOGICAL_DNS tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY } } admin { access_log_path: "127.1" profile_path: "\'" address { pipe { path: "@" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-4890981380915200 ================================================ stats_flush_interval { seconds: 13792273858822144 } tracing { } admin { access_log_path: "127.0.0.1" address { pipe { path: "\177" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5085107063881728 ================================================ watchdog { megamiss_timeout { seconds: -27037478448 } } admin { access_log_path: "@" address { pipe { path: "!" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5366294281977856 ================================================ static_resources { clusters { name: "9" connect_timeout { nanos: 1 } hosts { pipe { path: "N" } } hosts { pipe { path: "n" } } hosts { pipe { path: "=" } } hosts { pipe { path: "s" } } hosts { pipe { path: "n" } } hosts { pipe { path: "N" } } hosts { pipe { path: "W" } } hosts { pipe { path: "=" } } hosts { pipe { path: "N" } } hosts { pipe { path: "n" } } health_checks { timeout { nanos: 1 } interval { nanos: 1 } unhealthy_threshold { } healthy_threshold { value: 1701650432 } http_health_check { path: "~" request_headers_to_add { } request_headers_to_add { header { value: "W" } } request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } use_http2: true } } health_checks { timeout { nanos: 1 } interval { nanos: 1 } unhealthy_threshold { } healthy_threshold { } http_health_check { path: "E" request_headers_to_add { } request_headers_to_add { } request_headers_to_add { } } } } } admin { access_log_path: "@\'" address { socket_address { address: "::" port_value: 0 } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5647989147697152 ================================================ static_resources { listeners { name: "$" address { pipe { path: "." } } filter_chains { } } listeners { address { pipe { path: "=" } } filter_chains { } } listeners { name: "\000$&$`%n�NaN0" address { socket_address { address: "0.0.1.0" port_value: 32768 resolver_name: "@q" } } } listeners { address { pipe { path: "=" } } filter_chains { use_proxy_proto { value: true } } } listeners { address { pipe { path: "=" } } filter_chains { use_proxy_proto { value: true } } listener_filters_timeout { } } listeners { name: "@" address { socket_address { address: "2147483648.0.1.0" named_port: "L" } } filter_chains { } } listeners { name: "$" address { pipe { path: "." } } filter_chains { } } listeners { name: "@" address { socket_address { address: "0.0.1.0" port_value: 32768 } } filter_chains { } } listeners { name: "\000$&$`%n�NaN0" address { pipe { path: "1" } } filter_chains { use_proxy_proto { value: true } } use_original_dst { } } listeners { address { pipe { path: "=" } } filter_chains { use_proxy_proto { value: true } } } listeners { name: "@" address { socket_address { address: "@" port_value: 32768 } } filter_chains { } } listeners { address { pipe { path: "=" } } filter_chains { use_proxy_proto { value: true } } use_original_dst { } } listeners { name: "\000$&$`%n�NaN0" address { pipe { path: "@" } } filter_chains { use_proxy_proto { } } use_original_dst { } } listeners { name: "@" address { socket_address { address: "0.0.1.0" port_value: 32768 } } filter_chains { } } listeners { address { pipe { path: "=" } } filter_chains { use_proxy_proto { value: true } } } } admin { access_log_path: "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" address { pipe { path: "$" } } } layered_runtime { layers { name: "preserveExt" } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5691106634760192 ================================================ ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5696568846450688 ================================================ static_resources { clusters { name: "/" type: STRICT_DNS connect_timeout { seconds: 539000848 nanos: 15 } hosts { pipe { path: "4" } } tls_context { common_tls_context { tls_certificate_sds_secret_configs { sds_config { path: "/" } } } } } } tracing { } admin { address { pipe { path: " " } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5697356077989888 ================================================ static_resources { clusters { name: "=" type: LOGICAL_DNS connect_timeout { seconds: 1946186496 } hosts { socket_address { address: "127.0.0.1" port_value: 0 } } health_checks { timeout { nanos: 95 } interval { nanos: 95 } unhealthy_threshold { } healthy_threshold { value: 2147483648 } redis_health_check { key: "=" } healthy_edge_interval { nanos: 95 } } tls_context { common_tls_context { tls_params { } } } alt_stat_name: "\001\000\000\000\007\\\316\230" } } admin { access_log_path: "@" address { pipe { path: "%" } } } stats_config { use_all_default_tags { } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5704964522377216 ================================================ static_resources { clusters { name: "907501" connect_timeout { nanos: 45696 } lb_policy: RING_HASH tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY lb_subset_config { subset_selectors { keys: "\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177" } } } } admin { access_log_path: "@" address { pipe { path: "@" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5705154446753792 ================================================ static_resources { clusters { name: "service_google" type: STRICT_DNS connect_timeout { nanos: 1 } lb_policy: MAGLEV hosts { socket_address { address: "127.0.0.1" port_value: 0 } } hosts { socket_address { address: "127.0.0.1" port_value: 0 } } circuit_breakers { thresholds { max_retries { value: 7564900 } } } tls_context { sni: "www.google.com" } lb_subset_config { subset_selectors { keys: "\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177" } } } } admin { access_log_path: "@" address { pipe { path: "`" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5734693923717120 ================================================ static_resources { clusters { name: "@" connect_timeout { nanos: 250000000 } common_lb_config { zone_aware_lb_config { min_cluster_size { value: 38 } } } } } stats_flush_interval { nanos: 32256 } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5754606195310592 ================================================ static_resources { } stats_config { use_all_default_tags { value: true } } overload_manager { resource_monitors { name: "envoy.resource_monitors.fixed_heap" } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5755877701713920 ================================================ static_resources { listeners { address { pipe { } } filter_chains { } freebind { } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5763613693837312 ================================================ stats_sinks { typed_config { type_url: "type.googleapis.com/envoy.api.v2.route.Route" value: "\022*J :222222\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\t2871770\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\0378\377\377\377\377\377\377\377\377 8\377\377\377\377\377\377\377\377\37722222222222222222220\022" } } header_prefix: "type.googleapis.com/envoy.api.v2.route.Route" ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5809171076218880 ================================================ admin { access_log_path: "@" address { pipe { path: "@" } } } hds_config { cluster_names: "+" } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-5988544525893632 ================================================ static_resources { clusters { name: "-2353373969551157135775236" connect_timeout { seconds: 12884901890 } hosts { pipe { path: "@" } } outlier_detection { } common_lb_config { healthy_panic_threshold { value: nan } } } } admin { access_log_path: "@r" address { pipe { path: "W" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6036175623028736 ================================================ dynamic_resources { ads_config { api_type: GRPC grpc_services { google_grpc { target_uri: "\177\177" stat_prefix: "\177\001D\177" } timeout { seconds: 2048 } initial_metadata { value: "\177\177\177\177" } } } } flags_path: "\'" admin { access_log_path: "@" address { pipe { path: "^" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6236930453798912 ================================================ static_resources { clusters { name: "www.google.com" connect_timeout { nanos: 1 } lb_policy: RING_HASH hosts { pipe { path: " " } } tls_context { sni: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } } } cluster_manager { load_stats_config { api_type: REST cluster_names: "www.google.com" } } watchdog { miss_timeout { nanos: 64 } } admin { access_log_path: "@" address { pipe { path: "[" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6280208148594688 ================================================ static_resources { clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "127.0.0.1" port_value: 0 } } tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY alt_stat_name: "\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177\177" } } admin { access_log_path: "/tmp/admin_access.log" address { socket_address { address: "127.0.0.1" port_value: 0 } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6288786894880768 ================================================ node { locality { } } static_resources { clusters { name: "x" type: STRICT_DNS connect_timeout { nanos: 250000000 } lb_policy: RING_HASH hosts { socket_address { address: "123.1.0.1" named_port: "x" } } hosts { socket_address { address: "127.0.0.2" named_port: "3" } } common_lb_config { update_merge_window { seconds: 281474976710656 } } } } admin { access_log_path: "@-" address { pipe { path: " " } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6313779791921152 ================================================ admin { access_log_path: "W" address { pipe { path: "W" } } } stats_config { stats_tags { tag_name: "W" regex: "t\n \00000\\x000\00000\000\000a000\000 \000\\00\\D00\\n \000N000000\000\000\000\000L000\000\\B\\\n ^^^^^^^^^^^000N000000\000\000\000\000L000\000\\B\\\n ^^^^^^^^^^^000N0���00000\000(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((<((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII����00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\00\000\000IIIIIIIIII00\000\0^^^^^^^^^^^^^^^^^^^^^^000N000000\000((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((\000\000\000L00000(((((((\000\000\000L00000\0\000\000\0000\\cCb\ } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6419204524736512 ================================================ static_resources { clusters { name: "`" connect_timeout { nanos: 20 } load_assignment { cluster_name: "`" endpoints { priority: 1030831324 } } } } admin { access_log_path: "@@" address { pipe { path: "`" } } } ================================================ FILE: test/server/server_corpus/clusterfuzz-testcase-server_fuzz_test-6610050496856064 ================================================ static_resources { listeners { name: "listener_0" address { pipe { path: "\t" } } filter_chains { tls_context { common_tls_context { tls_certificate_sds_secret_configs { sds_config { api_config_source { refresh_delay { seconds: -281474976710656 } grpc_services { envoy_grpc { cluster_name: "\000\000\000\000\000" } } } } } } } } filter_chains { filter_chain_match { server_names: "6e702f1f66d415068aabbc60377ad67a326b6b2b" } } filter_chains { } } } admin { access_log_path: "@" address { pipe { path: "^" } } } ================================================ FILE: test/server/server_corpus/crash-38abba5264d01217f4f027f02dc403eae6eda8bb ================================================ static_resources { listeners { name: "listener_0" address { pipe { path: "/tmp/admin_access.log" } } filter_chains { tls_context { common_tls_context { tls_certificate_sds_secret_configs { sds_config { ads { } } } } } } use_original_dst { } } listeners { name: "www.google.com" address { socket_address { address: "(" named_port: "2" } } filter_chains { } } } admin { access_log_path: "(st" address { pipe { path: "/tmp/admin_access.log" } } } ================================================ FILE: test/server/server_corpus/crash-ac725507195d840cdb90bed3079b877e6e9419e3 ================================================ dynamic_resources { } cluster_manager { local_cluster_name: "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" } hidden_envoy_deprecated_runtime { } admin { } stats_config { use_all_default_tags { value: true } } layered_runtime { layers { disk_layer { append_service_cluster: true } } } use_tcp_for_dns_lookups: true ================================================ FILE: test/server/server_corpus/crash-cbd98584afd43791dc2143260c4438f4d2db5e87 ================================================ static_resources { listeners { name: "listener_0" address { pipe { path: "@" } } filter_chains { tls_context { common_tls_context { tls_certificates { password { filename: "\177\177\177\177\177\177\177\177\177\177" } } } } } } } admin { access_log_path: "@" address { pipe { path: "@" } } } ================================================ FILE: test/server/server_corpus/crash-d60f68abcafaae8e7b135ca5144b062d969e5575 ================================================ static_resources { clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "google.com" port_value: 0 } } tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY } clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "google.com" port_value: 0 } } tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY } } admin { access_log_path: "/tmp/admin_access.log" address { socket_address { address: "127.0.0.1" port_value: 0 } } } ================================================ FILE: test/server/server_corpus/crash-da39a3ee5e6b4b0d3255bfef95601890afd80709 ================================================ ================================================ FILE: test/server/server_corpus/crash-db2ee19f50162f2079dc0c5ba24fd0e3dcb8b9bc ================================================ static_resources { clusters { name: "@" connect_timeout { nanos: 250000000 } lb_policy: MAGLEV dns_lookup_family: V4_ONLY dns_resolvers { pipe { path: "\014\000" } } } } admin { access_log_path: "@" address { pipe { path: "@" } } } ================================================ FILE: test/server/server_corpus/crash-e0339370f24027b5c73b5355e74c0b68c8b33314 ================================================ static_resources { listeners { name: "listener_0" address { pipe { path: "\000\000\000j" } } filter_chains { tls_context { session_ticket_keys_sds_secret_config { } } } tcp_fast_open_queue_length { value: 1 } } } admin { access_log_path: "/tmp/admin_access,lOg" address { pipe { path: "\026runt" } } } ================================================ FILE: test/server/server_corpus/google_com_proxy.v2.pb_text ================================================ static_resources { listeners { name: "listener_0" address { socket_address { address: "0.0.0.0" port_value: 0 } } filter_chains { filters { name: "envoy.filters.network.http_connection_manager" config { fields { key: "http_filters" value { list_value { values { struct_value { fields { key: "name" value { string_value: "envoy.filters.http.router" } } } } } } } fields { key: "route_config" value { struct_value { fields { key: "name" value { string_value: "local_route" } } fields { key: "virtual_hosts" value { list_value { values { struct_value { fields { key: "domains" value { list_value { values { string_value: "*" } } } } fields { key: "name" value { string_value: "local_service" } } fields { key: "routes" value { list_value { values { struct_value { fields { key: "match" value { struct_value { fields { key: "prefix" value { string_value: "/" } } } } } fields { key: "route" value { struct_value { fields { key: "cluster" value { string_value: "service_google" } } fields { key: "host_rewrite" value { string_value: "www.google.com" } } } } } } } } } } } } } } } } } } fields { key: "stat_prefix" value { string_value: "ingress_http" } } } } } } clusters { name: "service_google" type: LOGICAL_DNS connect_timeout { nanos: 250000000 } hosts { socket_address { address: "google.com" port_value: 0 } } tls_context { sni: "www.google.com" } dns_lookup_family: V4_ONLY } } admin { access_log_path: "/tmp/admin_access.log" address { socket_address { address: "127.0.0.1" port_value: 0 } } } ================================================ FILE: test/server/server_corpus/not_implemented_envoy_internal ================================================ static_resources { clusters { name: "ser" connect_timeout { nanos: 813 } lb_policy: RING_HASH health_checks { timeout { seconds: 1000000 nanos: 262239 } interval { seconds: 10838081697 nanos: 95 } unhealthy_threshold { } healthy_threshold { } http_health_check { host: "\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\001\037\037\037\037\037\037\037\037\037\037\037\037\037f\037\037\037\037" path: "&" } healthy_edge_interval { nanos: 95 } } circuit_breakers { } http_protocol_options { allow_absolute_url { value: true } } load_assignment { cluster_name: "." endpoints { } endpoints { lb_endpoints { endpoint { address { pipe { path: "f" } } } health_status: DRAINING } } endpoints { lb_endpoints { endpoint { address { envoy_internal_address { server_listener_name: "\000\000\000\003" } } } } priority: 16 } endpoints { proximity { value: 10240 } } endpoints { lb_endpoints { endpoint { address { socket_address { address: "127.0.0.1" port_value: 9901 } } } health_status: HEALTHY } priority: 16 } } use_tcp_for_dns_lookups: true } } stats_flush_interval { nanos: 16777216 } admin { access_log_path: "f" address { socket_address { address: "\024" } } socket_options { description: "=" level: 4702337453602635775 int_value: 4702337453602635775 } } use_tcp_for_dns_lookups: true ================================================ FILE: test/server/server_corpus/not_reached ================================================ static_resources { clusters { name: " " connect_timeout { nanos: 4 } lb_policy: LOAD_BALANCING_POLICY_CONFIG } } ================================================ FILE: test/server/server_corpus/valid ================================================ static_resources { clusters { name: "ser" connect_timeout { nanos: 813 } per_connection_buffer_limit_bytes { } lb_policy: RING_HASH health_checks { timeout { nanos: 95 } interval { seconds: 165537 nanos: 95 } unhealthy_threshold { } healthy_threshold { } http_health_check { host: "a\037\037\037\037\037\037\037\037\037\000\037\037\037\037\037\037\037\037\037\037\037\001\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\031\037\037\037\037\037\037\037\037\037\037\037\037" path: "&" } healthy_edge_interval { nanos: 54784 } interval_jitter_percent: 16 } http_protocol_options { header_key_format { proper_case_words { } } } load_assignment { cluster_name: "." endpoints { locality { sub_zone: "\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\001\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037" } lb_endpoints { endpoint { address { pipe { path: "." } } } health_status: DRAINING } } endpoints { locality { region: "." sub_zone: "\037\037\037\037\037\037\037\037\037\000\037\037\037\037\037\037\037\037\037\037\037\001\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\037\031\037\037\037\037\037\037\037\037\037\037\037\037" } lb_endpoints { endpoint { address { pipe { path: "." } } } health_status: DRAINING } } endpoints { priority: 16 } endpoints { } endpoints { lb_endpoints { endpoint { address { pipe { path: "." } } } health_status: HEALTHY } } } } } enable_dispatcher_stats: true ================================================ FILE: test/server/server_fuzz_test.cc ================================================ #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/address.pb.h" #include "common/common/random_generator.h" #include "common/network/address_impl.h" #include "common/thread_local/thread_local_impl.h" #include "server/listener_hooks.h" #include "server/server.h" #include "test/common/runtime/utility.h" #include "test/fuzz/fuzz_runner.h" #include "test/integration/server.h" #include "test/mocks/server/hot_restart.h" #include "test/mocks/server/options.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/test_time.h" namespace Envoy { namespace Server { namespace { void makePortHermetic(Fuzz::PerTestEnvironment& test_env, envoy::config::core::v3::Address& address) { if (address.has_socket_address()) { address.mutable_socket_address()->set_port_value(0); } else if (address.has_pipe() || address.has_envoy_internal_address()) { // TODO(asraa): Remove this work-around to replace EnvoyInternalAddress when implemented and // remove condition at line 74. address.mutable_pipe()->set_path("@" + test_env.testId() + address.pipe().path()); } } envoy::config::bootstrap::v3::Bootstrap makeHermeticPathsAndPorts(Fuzz::PerTestEnvironment& test_env, const envoy::config::bootstrap::v3::Bootstrap& input) { envoy::config::bootstrap::v3::Bootstrap output(input); // This is not a complete list of places where we need to zero out ports or sanitize paths, so we // should adapt it as we go and encounter places that we need to stabilize server test flakes. // config_validation_fuzz_test doesn't need to do this sanitization, so should pickup the coverage // we lose here. If we don't sanitize here, we get flakes due to port bind conflicts, file // conflicts, etc. output.clear_admin(); // The header_prefix is a write-once then read-only singleton that persists across tests. We clear // this field so that fuzz tests don't fail over multiple iterations. output.clear_header_prefix(); if (output.has_hidden_envoy_deprecated_runtime()) { output.mutable_hidden_envoy_deprecated_runtime()->set_symlink_root(test_env.temporaryPath("")); } for (auto& listener : *output.mutable_static_resources()->mutable_listeners()) { if (listener.has_address()) { makePortHermetic(test_env, *listener.mutable_address()); } } for (auto& cluster : *output.mutable_static_resources()->mutable_clusters()) { for (auto& health_check : *cluster.mutable_health_checks()) { // TODO(asraa): QUIC is not enabled in production code yet, so remove references for HTTP3. // Tracked at https://github.com/envoyproxy/envoy/issues/9513. if (health_check.http_health_check().codec_client_type() == envoy::type::v3::CodecClientType::HTTP3) { health_check.mutable_http_health_check()->clear_codec_client_type(); } } // We may have both deprecated hosts() or load_assignment(). for (auto& host : *cluster.mutable_hidden_envoy_deprecated_hosts()) { makePortHermetic(test_env, host); } for (int j = 0; j < cluster.load_assignment().endpoints_size(); ++j) { auto* locality_lb = cluster.mutable_load_assignment()->mutable_endpoints(j); for (int k = 0; k < locality_lb->lb_endpoints_size(); ++k) { auto* lb_endpoint = locality_lb->mutable_lb_endpoints(k); if (lb_endpoint->endpoint().address().has_socket_address() || lb_endpoint->endpoint().address().has_envoy_internal_address()) { makePortHermetic(test_env, *lb_endpoint->mutable_endpoint()->mutable_address()); } } } } return output; } DEFINE_PROTO_FUZZER(const envoy::config::bootstrap::v3::Bootstrap& input) { testing::NiceMock options; DefaultListenerHooks hooks; testing::NiceMock restart; Stats::TestIsolatedStoreImpl stats_store; Thread::MutexBasicLockable fakelock; TestComponentFactory component_factory; ThreadLocal::InstanceImpl thread_local_instance; DangerousDeprecatedTestTime test_time; Fuzz::PerTestEnvironment test_env; Init::ManagerImpl init_manager{"Server"}; { const std::string bootstrap_path = test_env.temporaryPath("bootstrap.pb_text"); std::ofstream bootstrap_file(bootstrap_path); bootstrap_file << makeHermeticPathsAndPorts(test_env, input).DebugString(); options.config_path_ = bootstrap_path; options.log_level_ = Fuzz::Runner::logLevel(); } std::unique_ptr server; try { server = std::make_unique( init_manager, options, test_time.timeSystem(), std::make_shared("127.0.0.1"), hooks, restart, stats_store, fakelock, component_factory, std::make_unique(), thread_local_instance, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), nullptr); } catch (const EnvoyException& ex) { ENVOY_LOG_MISC(debug, "Controlled EnvoyException exit: {}", ex.what()); return; } // If we were successful, run any pending events on the main thread's dispatcher loop. These might // be, for example, pending DNS resolution callbacks. If they generate exceptions, we want to // explode and fail the test, hence we do this outside of the try-catch above. server->dispatcher().run(Event::Dispatcher::RunType::NonBlock); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/server_test.cc ================================================ #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" #include "envoy/server/bootstrap_extension_config.h" #include "common/common/assert.h" #include "common/network/address_impl.h" #include "common/network/listen_socket_impl.h" #include "common/network/socket_option_impl.h" #include "common/protobuf/protobuf.h" #include "common/thread_local/thread_local_impl.h" #include "common/version/version.h" #include "server/process_context_impl.h" #include "server/server.h" #include "test/common/config/dummy_config.pb.h" #include "test/common/stats/stat_test_utility.h" #include "test/integration/server.h" #include "test/mocks/server/bootstrap_extension_factory.h" #include "test/mocks/server/hot_restart.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/options.h" #include "test/mocks/server/overload_manager.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/logging.h" #include "test/test_common/registry.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_time.h" #include "test/test_common/utility.h" #include "absl/synchronization/notification.h" #include "gtest/gtest.h" using testing::_; using testing::Assign; using testing::HasSubstr; using testing::InSequence; using testing::Invoke; using testing::InvokeWithoutArgs; using testing::Return; using testing::SaveArg; using testing::StrictMock; namespace Envoy { namespace Server { namespace { TEST(ServerInstanceUtil, flushHelper) { InSequence s; Stats::TestUtil::TestStore store; Stats::Counter& c = store.counter("hello"); c.inc(); store.gauge("world", Stats::Gauge::ImportMode::Accumulate).set(5); store.histogram("histogram", Stats::Histogram::Unit::Unspecified); store.textReadout("text").set("is important"); std::list sinks; InstanceUtil::flushMetricsToSinks(sinks, store); // Make sure that counters have been latched even if there are no sinks. EXPECT_EQ(1UL, c.value()); EXPECT_EQ(0, c.latch()); Stats::MockSink* sink = new StrictMock(); sinks.emplace_back(sink); EXPECT_CALL(*sink, flush(_)).WillOnce(Invoke([](Stats::MetricSnapshot& snapshot) { ASSERT_EQ(snapshot.counters().size(), 1); EXPECT_EQ(snapshot.counters()[0].counter_.get().name(), "hello"); EXPECT_EQ(snapshot.counters()[0].delta_, 1); ASSERT_EQ(snapshot.gauges().size(), 1); EXPECT_EQ(snapshot.gauges()[0].get().name(), "world"); EXPECT_EQ(snapshot.gauges()[0].get().value(), 5); ASSERT_EQ(snapshot.textReadouts().size(), 1); EXPECT_EQ(snapshot.textReadouts()[0].get().name(), "text"); EXPECT_EQ(snapshot.textReadouts()[0].get().value(), "is important"); })); c.inc(); InstanceUtil::flushMetricsToSinks(sinks, store); // Histograms don't currently work with the isolated store so test those with a mock store. NiceMock mock_store; Stats::ParentHistogramSharedPtr parent_histogram(new Stats::MockParentHistogram()); std::vector parent_histograms = {parent_histogram}; ON_CALL(mock_store, histograms).WillByDefault(Return(parent_histograms)); EXPECT_CALL(*sink, flush(_)).WillOnce(Invoke([](Stats::MetricSnapshot& snapshot) { EXPECT_TRUE(snapshot.counters().empty()); EXPECT_TRUE(snapshot.gauges().empty()); EXPECT_EQ(snapshot.histograms().size(), 1); EXPECT_TRUE(snapshot.textReadouts().empty()); })); InstanceUtil::flushMetricsToSinks(sinks, mock_store); } class RunHelperTest : public testing::Test { public: RunHelperTest() { InSequence s; #ifndef WIN32 sigterm_ = new Event::MockSignalEvent(&dispatcher_); sigint_ = new Event::MockSignalEvent(&dispatcher_); sigusr1_ = new Event::MockSignalEvent(&dispatcher_); sighup_ = new Event::MockSignalEvent(&dispatcher_); #endif EXPECT_CALL(overload_manager_, start()); EXPECT_CALL(cm_, setInitializedCb(_)).WillOnce(SaveArg<0>(&cm_init_callback_)); ON_CALL(server_, shutdown()).WillByDefault(Assign(&shutdown_, true)); helper_ = std::make_unique(server_, options_, dispatcher_, cm_, access_log_manager_, init_manager_, overload_manager_, [this] { start_workers_.ready(); }); } NiceMock server_; testing::NiceMock options_; NiceMock dispatcher_; NiceMock cm_; NiceMock access_log_manager_; NiceMock overload_manager_; Init::ManagerImpl init_manager_{""}; ReadyWatcher start_workers_; std::unique_ptr helper_; std::function cm_init_callback_; #ifndef WIN32 Event::MockSignalEvent* sigterm_; Event::MockSignalEvent* sigint_; Event::MockSignalEvent* sigusr1_; Event::MockSignalEvent* sighup_; #endif bool shutdown_ = false; }; TEST_F(RunHelperTest, Normal) { EXPECT_CALL(start_workers_, ready()); cm_init_callback_(); } // no signals on Windows #ifndef WIN32 TEST_F(RunHelperTest, ShutdownBeforeCmInitialize) { EXPECT_CALL(start_workers_, ready()).Times(0); sigterm_->callback_(); EXPECT_CALL(server_, isShutdown()).WillOnce(Return(shutdown_)); cm_init_callback_(); } #endif // no signals on Windows #ifndef WIN32 TEST_F(RunHelperTest, ShutdownBeforeInitManagerInit) { EXPECT_CALL(start_workers_, ready()).Times(0); Init::ExpectableTargetImpl target; init_manager_.add(target); EXPECT_CALL(target, initialize()); cm_init_callback_(); sigterm_->callback_(); EXPECT_CALL(server_, isShutdown()).WillOnce(Return(shutdown_)); target.ready(); } #endif class InitializingInitManager : public Init::ManagerImpl { public: InitializingInitManager(absl::string_view name) : Init::ManagerImpl(name) {} State state() const override { return State::Initializing; } }; // Class creates minimally viable server instance for testing. class ServerInstanceImplTestBase { protected: void initialize(const std::string& bootstrap_path) { initialize(bootstrap_path, false); } void initialize(const std::string& bootstrap_path, const bool use_intializing_instance) { if (options_.config_path_.empty()) { options_.config_path_ = TestEnvironment::temporaryFileSubstitute( bootstrap_path, {{"upstream_0", 0}, {"upstream_1", 0}}, version_); } thread_local_ = std::make_unique(); if (process_object_ != nullptr) { process_context_ = std::make_unique(*process_object_); } init_manager_ = use_intializing_instance ? std::make_unique("Server") : std::make_unique("Server"); server_ = std::make_unique( *init_manager_, options_, time_system_, std::make_shared("127.0.0.1"), hooks_, restart_, stats_store_, fakelock_, component_factory_, std::make_unique>(), *thread_local_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), std::move(process_context_)); EXPECT_TRUE(server_->api().fileSystem().fileExists(std::string(Platform::null_device_path))); } void initializeWithHealthCheckParams(const std::string& bootstrap_path, const double timeout, const double interval) { options_.config_path_ = TestEnvironment::temporaryFileSubstitute( bootstrap_path, {{"health_check_timeout", fmt::format("{}", timeout).c_str()}, {"health_check_interval", fmt::format("{}", interval).c_str()}}, TestEnvironment::PortMap{}, version_); thread_local_ = std::make_unique(); init_manager_ = std::make_unique("Server"); server_ = std::make_unique( *init_manager_, options_, time_system_, std::make_shared("127.0.0.1"), hooks_, restart_, stats_store_, fakelock_, component_factory_, std::make_unique>(), *thread_local_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), nullptr); EXPECT_TRUE(server_->api().fileSystem().fileExists(std::string(Platform::null_device_path))); } Thread::ThreadPtr startTestServer(const std::string& bootstrap_path, const bool use_intializing_instance) { absl::Notification started; absl::Notification post_init; auto server_thread = Thread::threadFactoryForTest().createThread([&] { initialize(bootstrap_path, use_intializing_instance); auto startup_handle = server_->registerCallback(ServerLifecycleNotifier::Stage::Startup, [&] { started.Notify(); }); auto post_init_handle = server_->registerCallback(ServerLifecycleNotifier::Stage::PostInit, [&] { post_init.Notify(); }); auto shutdown_handle = server_->registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [&](Event::PostCb) { FAIL(); }); shutdown_handle = nullptr; // unregister callback server_->run(); startup_handle = nullptr; post_init_handle = nullptr; server_ = nullptr; thread_local_ = nullptr; }); started.WaitForNotification(); post_init.WaitForNotification(); return server_thread; } void expectCorrectBuildVersion(const envoy::config::core::v3::BuildVersion& build_version) { std::string version_string = absl::StrCat(build_version.version().major_number(), ".", build_version.version().minor_number(), ".", build_version.version().patch()); const auto& fields = build_version.metadata().fields(); if (fields.find(BuildVersionMetadataKeys::get().BuildLabel) != fields.end()) { absl::StrAppend(&version_string, "-", fields.at(BuildVersionMetadataKeys::get().BuildLabel).string_value()); } EXPECT_EQ(BUILD_VERSION_NUMBER, version_string); } Network::Address::IpVersion version_; testing::NiceMock options_; DefaultListenerHooks hooks_; testing::NiceMock restart_; ThreadLocal::InstanceImplPtr thread_local_; Stats::TestIsolatedStoreImpl stats_store_; Thread::MutexBasicLockable fakelock_; TestComponentFactory component_factory_; Event::GlobalTimeSystem time_system_; ProcessObject* process_object_ = nullptr; std::unique_ptr process_context_; std::unique_ptr init_manager_; std::unique_ptr server_; }; class ServerInstanceImplTest : public ServerInstanceImplTestBase, public testing::TestWithParam { protected: ServerInstanceImplTest() { version_ = GetParam(); } }; // Custom StatsSink that just increments a counter when flush is called. class CustomStatsSink : public Stats::Sink { public: CustomStatsSink(Stats::Scope& scope) : stats_flushed_(scope.counterFromString("stats.flushed")) {} // Stats::Sink void flush(Stats::MetricSnapshot&) override { stats_flushed_.inc(); } void onHistogramComplete(const Stats::Histogram&, uint64_t) override {} private: Stats::Counter& stats_flushed_; }; // Custom StatsSinkFactory that creates CustomStatsSink. class CustomStatsSinkFactory : public Server::Configuration::StatsSinkFactory { public: // StatsSinkFactory Stats::SinkPtr createStatsSink(const Protobuf::Message&, Server::Configuration::ServerFactoryContext& server) override { return std::make_unique(server.scope()); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return ProtobufTypes::MessagePtr{new Envoy::ProtobufWkt::Struct()}; } std::string name() const override { return "envoy.custom_stats_sink"; } }; INSTANTIATE_TEST_SUITE_P(IpVersions, ServerInstanceImplTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); // Validates that server stats are flushed even when server is stuck with initialization. TEST_P(ServerInstanceImplTest, StatsFlushWhenServerIsStillInitializing) { CustomStatsSinkFactory factory; Registry::InjectFactory registered(factory); auto server_thread = startTestServer("test/server/test_data/server/stats_sink_bootstrap.yaml", true); // Wait till stats are flushed to custom sink and validate that the actual flush happens. TestUtility::waitForCounterEq(stats_store_, "stats.flushed", 1, time_system_); EXPECT_EQ(3L, TestUtility::findGauge(stats_store_, "server.state")->value()); EXPECT_EQ(Init::Manager::State::Initializing, server_->initManager().state()); server_->dispatcher().post([&] { server_->shutdown(); }); server_thread->join(); } // Validates that the "server.version" is updated with stats_server_version_override from bootstrap. TEST_P(ServerInstanceImplTest, ProxyVersionOveridesFromBootstrap) { auto server_thread = startTestServer("test/server/test_data/server/proxy_version_bootstrap.yaml", true); EXPECT_EQ(100012001, TestUtility::findGauge(stats_store_, "server.version")->value()); server_->dispatcher().post([&] { server_->shutdown(); }); server_thread->join(); } TEST_P(ServerInstanceImplTest, EmptyShutdownLifecycleNotifications) { auto server_thread = startTestServer("test/server/test_data/server/node_bootstrap.yaml", false); server_->dispatcher().post([&] { server_->shutdown(); }); server_thread->join(); // Validate that initialization_time histogram value has been set. EXPECT_TRUE(stats_store_ .histogramFromString("server.initialization_time_ms", Stats::Histogram::Unit::Milliseconds) .used()); EXPECT_EQ(0L, TestUtility::findGauge(stats_store_, "server.state")->value()); } TEST_P(ServerInstanceImplTest, LifecycleNotifications) { bool startup = false, post_init = false, shutdown = false, shutdown_with_completion = false; absl::Notification started, post_init_fired, shutdown_begin, completion_block, completion_done; // Run the server in a separate thread so we can test different lifecycle stages. auto server_thread = Thread::threadFactoryForTest().createThread([&] { initialize("test/server/test_data/server/node_bootstrap.yaml"); auto handle1 = server_->registerCallback(ServerLifecycleNotifier::Stage::Startup, [&] { startup = true; started.Notify(); }); auto handle2 = server_->registerCallback(ServerLifecycleNotifier::Stage::PostInit, [&] { post_init = true; post_init_fired.Notify(); }); auto handle3 = server_->registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [&] { shutdown = true; shutdown_begin.Notify(); }); auto handle4 = server_->registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [&](Event::PostCb completion_cb) { // Block till we're told to complete completion_block.WaitForNotification(); shutdown_with_completion = true; server_->dispatcher().post(completion_cb); completion_done.Notify(); }); auto handle5 = server_->registerCallback(ServerLifecycleNotifier::Stage::Startup, [&] { FAIL(); }); handle5 = server_->registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [&](Event::PostCb) { FAIL(); }); handle5 = nullptr; server_->run(); handle1 = nullptr; handle2 = nullptr; handle3 = nullptr; handle4 = nullptr; server_ = nullptr; thread_local_ = nullptr; }); started.WaitForNotification(); EXPECT_TRUE(startup); EXPECT_FALSE(shutdown); EXPECT_TRUE(TestUtility::findGauge(stats_store_, "server.state")->used()); EXPECT_EQ(0L, TestUtility::findGauge(stats_store_, "server.state")->value()); post_init_fired.WaitForNotification(); EXPECT_TRUE(post_init); EXPECT_FALSE(shutdown); server_->dispatcher().post([&] { server_->shutdown(); }); shutdown_begin.WaitForNotification(); EXPECT_TRUE(shutdown); // Expect the server to block waiting for the completion callback to be invoked EXPECT_FALSE(completion_done.WaitForNotificationWithTimeout(absl::Seconds(1))); completion_block.Notify(); completion_done.WaitForNotification(); EXPECT_TRUE(shutdown_with_completion); server_thread->join(); } // A test target which never signals that it is ready. class NeverReadyTarget : public Init::TargetImpl { public: NeverReadyTarget(absl::Notification& initialized) : Init::TargetImpl("test", [this] { initialize(); }), initialized_(initialized) {} private: void initialize() { initialized_.Notify(); } absl::Notification& initialized_; }; TEST_P(ServerInstanceImplTest, NoLifecycleNotificationOnEarlyShutdown) { absl::Notification initialized; auto server_thread = Thread::threadFactoryForTest().createThread([&] { initialize("test/server/test_data/server/node_bootstrap.yaml"); // This shutdown notification should never be called because we will shutdown // early before the init manager finishes initializing and therefore before // the server starts worker threads. auto shutdown_handle = server_->registerCallback(ServerLifecycleNotifier::Stage::ShutdownExit, [&](Event::PostCb) { FAIL(); }); NeverReadyTarget target(initialized); server_->initManager().add(target); server_->run(); shutdown_handle = nullptr; server_ = nullptr; thread_local_ = nullptr; }); // Wait until the init manager starts initializing targets... initialized.WaitForNotification(); // Now shutdown the main dispatcher and trigger server lifecycle notifications. server_->dispatcher().post([&] { server_->shutdown(); }); server_thread->join(); } TEST_P(ServerInstanceImplTest, V2ConfigOnly) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; try { initialize("test/server/test_data/server/unparseable_bootstrap.yaml"); FAIL(); } catch (const EnvoyException& e) { EXPECT_THAT(e.what(), HasSubstr("Unable to parse JSON as proto")); } } TEST_P(ServerInstanceImplTest, Stats) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.concurrency_ = 2; options_.hot_restart_epoch_ = 3; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_NE(nullptr, TestUtility::findCounter(stats_store_, "main_thread.watchdog_miss")); EXPECT_NE(nullptr, TestUtility::findCounter(stats_store_, "workers.watchdog_miss")); EXPECT_EQ(2L, TestUtility::findGauge(stats_store_, "server.concurrency")->value()); EXPECT_EQ(3L, TestUtility::findGauge(stats_store_, "server.hot_restart_epoch")->value()); // The ENVOY_BUG stat works in release mode. #if defined(NDEBUG) // Test exponential back-off on a fixed line ENVOY_BUG. for (int i = 0; i < 16; i++) { ENVOY_BUG(false, ""); } EXPECT_EQ(5L, TestUtility::findCounter(stats_store_, "server.envoy_bug_failures")->value()); // Another ENVOY_BUG increments the counter. ENVOY_BUG(false, "Testing envoy bug assertion failure detection in release build."); EXPECT_EQ(6L, TestUtility::findCounter(stats_store_, "server.envoy_bug_failures")->value()); #else // The ENVOY_BUG macro aborts in debug mode. EXPECT_DEATH(ENVOY_BUG(false, ""), ""); #endif // The ASSERT stat only works in this configuration. #if defined(NDEBUG) && defined(ENVOY_LOG_DEBUG_ASSERT_IN_RELEASE) ASSERT(false, "Testing debug assertion failure detection in release build."); EXPECT_EQ(1L, TestUtility::findCounter(stats_store_, "server.debug_assertion_failures")->value()); #else EXPECT_EQ(0L, TestUtility::findCounter(stats_store_, "server.debug_assertion_failures")->value()); #endif } class ServerStatsTest : public Event::TestUsingSimulatedTime, public ServerInstanceImplTestBase, public testing::TestWithParam> { protected: ServerStatsTest() { version_ = std::get<0>(GetParam()); manual_flush_ = std::get<1>(GetParam()); } void flushStats() { if (manual_flush_) { server_->flushStats(); server_->dispatcher().run(Event::Dispatcher::RunType::Block); } else { // Default flush interval is 5 seconds. simTime().advanceTimeAndRun(std::chrono::seconds(6), server_->dispatcher(), Event::Dispatcher::RunType::Block); } } bool manual_flush_; }; std::string ipFlushingModeTestParamsToString( const ::testing::TestParamInfo>& params) { return fmt::format( "{}_{}", TestUtility::ipTestParamsToString( ::testing::TestParamInfo(std::get<0>(params.param), 0)), std::get<1>(params.param) ? "with_manual_flush" : "with_time_based_flush"); } INSTANTIATE_TEST_SUITE_P( IpVersionsFlushingMode, ServerStatsTest, testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), testing::Bool()), ipFlushingModeTestParamsToString); TEST_P(ServerStatsTest, FlushStats) { initialize("test/server/test_data/server/empty_bootstrap.yaml"); Stats::Gauge& recent_lookups = stats_store_.gaugeFromString( "server.stats_recent_lookups", Stats::Gauge::ImportMode::NeverImport); EXPECT_EQ(0, recent_lookups.value()); flushStats(); uint64_t strobed_recent_lookups = recent_lookups.value(); EXPECT_LT(100, strobed_recent_lookups); // Recently this was 319 but exact value not important. Stats::StatNameSetPtr test_set = stats_store_.symbolTable().makeSet("test"); // When we remember a StatNameSet builtin, we charge only for the SymbolTable // lookup, which requires a lock. test_set->rememberBuiltin("a.b"); flushStats(); EXPECT_EQ(1, recent_lookups.value() - strobed_recent_lookups); strobed_recent_lookups = recent_lookups.value(); // When we create a dynamic stat, there are no locks taken. Stats::StatNameDynamicStorage dynamic_stat("c.d", stats_store_.symbolTable()); flushStats(); EXPECT_EQ(recent_lookups.value(), strobed_recent_lookups); } // Default validation mode TEST_P(ServerInstanceImplTest, ValidationDefault) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_THAT_THROWS_MESSAGE( server_->messageValidationContext().staticValidationVisitor().onUnknownField("foo"), EnvoyException, "Protobuf message (foo) has unknown fields"); EXPECT_EQ(0, TestUtility::findCounter(stats_store_, "server.static_unknown_fields")->value()); EXPECT_NO_THROW( server_->messageValidationContext().dynamicValidationVisitor().onUnknownField("bar")); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "server.dynamic_unknown_fields")->value()); } // Validation mode with --allow-unknown-static-fields TEST_P(ServerInstanceImplTest, ValidationAllowStatic) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.allow_unknown_static_fields_ = true; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_NO_THROW( server_->messageValidationContext().staticValidationVisitor().onUnknownField("foo")); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "server.static_unknown_fields")->value()); EXPECT_NO_THROW( server_->messageValidationContext().dynamicValidationVisitor().onUnknownField("bar")); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "server.dynamic_unknown_fields")->value()); } // Validation mode with --reject-unknown-dynamic-fields TEST_P(ServerInstanceImplTest, ValidationRejectDynamic) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.reject_unknown_dynamic_fields_ = true; options_.ignore_unknown_dynamic_fields_ = true; // reject takes precedence over ignore EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_THAT_THROWS_MESSAGE( server_->messageValidationContext().staticValidationVisitor().onUnknownField("foo"), EnvoyException, "Protobuf message (foo) has unknown fields"); EXPECT_EQ(0, TestUtility::findCounter(stats_store_, "server.static_unknown_fields")->value()); EXPECT_THAT_THROWS_MESSAGE( server_->messageValidationContext().dynamicValidationVisitor().onUnknownField("bar"), EnvoyException, "Protobuf message (bar) has unknown fields"); EXPECT_EQ(0, TestUtility::findCounter(stats_store_, "server.dynamic_unknown_fields")->value()); } // Validation mode with --allow-unknown-static-fields --reject-unknown-dynamic-fields TEST_P(ServerInstanceImplTest, ValidationAllowStaticRejectDynamic) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.allow_unknown_static_fields_ = true; options_.reject_unknown_dynamic_fields_ = true; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_NO_THROW( server_->messageValidationContext().staticValidationVisitor().onUnknownField("foo")); EXPECT_EQ(1, TestUtility::findCounter(stats_store_, "server.static_unknown_fields")->value()); EXPECT_THAT_THROWS_MESSAGE( server_->messageValidationContext().dynamicValidationVisitor().onUnknownField("bar"), EnvoyException, "Protobuf message (bar) has unknown fields"); EXPECT_EQ(0, TestUtility::findCounter(stats_store_, "server.dynamic_unknown_fields")->value()); } // Validate server localInfo() from bootstrap Node. // Deprecated testing of the envoy.api.v2.core.Node.build_version field TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(BootstrapNodeDeprecated)) { initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("bootstrap_zone", server_->localInfo().zoneName()); EXPECT_EQ("bootstrap_cluster", server_->localInfo().clusterName()); EXPECT_EQ("bootstrap_id", server_->localInfo().nodeName()); EXPECT_EQ("bootstrap_sub_zone", server_->localInfo().node().locality().sub_zone()); EXPECT_EQ(VersionInfo::version(), server_->localInfo().node().hidden_envoy_deprecated_build_version()); EXPECT_EQ("envoy", server_->localInfo().node().user_agent_name()); EXPECT_TRUE(server_->localInfo().node().has_user_agent_build_version()); expectCorrectBuildVersion(server_->localInfo().node().user_agent_build_version()); } // Validate server localInfo() from bootstrap Node. TEST_P(ServerInstanceImplTest, BootstrapNode) { initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("bootstrap_zone", server_->localInfo().zoneName()); EXPECT_EQ("bootstrap_cluster", server_->localInfo().clusterName()); EXPECT_EQ("bootstrap_id", server_->localInfo().nodeName()); EXPECT_EQ("bootstrap_sub_zone", server_->localInfo().node().locality().sub_zone()); EXPECT_EQ("envoy", server_->localInfo().node().user_agent_name()); EXPECT_TRUE(server_->localInfo().node().has_user_agent_build_version()); expectCorrectBuildVersion(server_->localInfo().node().user_agent_build_version()); } // Validate that bootstrap pb_text loads. TEST_P(ServerInstanceImplTest, LoadsBootstrapFromPbText) { EXPECT_LOG_NOT_CONTAINS("trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/node_bootstrap.pb_text")); EXPECT_EQ("bootstrap_id", server_->localInfo().node().id()); } // Validate that bootstrap v2 pb_text with deprecated fields loads. TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(LoadsV2BootstrapFromPbText)) { EXPECT_LOG_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.pb_text")); EXPECT_FALSE(server_->localInfo().node().hidden_envoy_deprecated_build_version().empty()); } // Validate that bootstrap v2 YAML with deprecated fields loads. TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(LoadsV2BootstrapFromYaml)) { EXPECT_LOG_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.yaml")); EXPECT_FALSE(server_->localInfo().node().hidden_envoy_deprecated_build_version().empty()); } // Validate that bootstrap v3 pb_text with new fields loads fails if V2 config is specified. TEST_P(ServerInstanceImplTest, FailToLoadV3ConfigWhenV2SelectedFromPbText) { options_.bootstrap_version_ = 2; EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.pb_text"), EnvoyException, "Unable to parse file"); } // Validate that bootstrap v3 YAML with new fields loads fails if V2 config is specified. TEST_P(ServerInstanceImplTest, FailToLoadV3ConfigWhenV2SelectedFromYaml) { options_.bootstrap_version_ = 2; EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml"), EnvoyException, "has unknown fields"); } // Validate that we correctly parse a V2 pb_text file when configured to do so. TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(LoadsV2ConfigWhenV2SelectedFromPbText)) { options_.bootstrap_version_ = 2; EXPECT_LOG_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.pb_text")); EXPECT_EQ(server_->localInfo().node().id(), "bootstrap_id"); } // Validate that we correctly parse a V2 YAML file when configured to do so. TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(LoadsV2ConfigWhenV2SelectedFromYaml)) { options_.bootstrap_version_ = 2; EXPECT_LOG_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.yaml")); EXPECT_EQ(server_->localInfo().node().id(), "bootstrap_id"); } // Validate that we correctly parse a V3 pb_text file without explicit version configuration. TEST_P(ServerInstanceImplTest, LoadsV3ConfigFromPbText) { EXPECT_LOG_NOT_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.pb_text")); } // Validate that we correctly parse a V3 YAML file without explicit version configuration. TEST_P(ServerInstanceImplTest, LoadsV3ConfigFromYaml) { EXPECT_LOG_NOT_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml")); } // Validate that we correctly parse a V3 pb_text file when configured to do so. TEST_P(ServerInstanceImplTest, LoadsV3ConfigWhenV3SelectedFromPbText) { options_.bootstrap_version_ = 3; EXPECT_LOG_NOT_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.pb_text")); } // Validate that we correctly parse a V3 YAML file when configured to do so. TEST_P(ServerInstanceImplTest, LoadsV3ConfigWhenV3SelectedFromYaml) { options_.bootstrap_version_ = 3; EXPECT_LOG_NOT_CONTAINS( "trace", "Configuration does not parse cleanly as v3", initialize("test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml")); } // Validate that bootstrap v2 pb_text with deprecated fields loads fails if V3 config is specified. TEST_P(ServerInstanceImplTest, FailToLoadV2ConfigWhenV3SelectedFromPbText) { options_.bootstrap_version_ = 3; EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.pb_text"), EnvoyException, "Unable to parse file"); } // Validate that bootstrap v2 YAML with deprecated fields loads fails if V3 config is specified. TEST_P(ServerInstanceImplTest, FailToLoadV2ConfigWhenV3SelectedFromYaml) { options_.bootstrap_version_ = 3; EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.yaml"), EnvoyException, "has unknown fields"); } // Validate that we blow up on invalid version number. TEST_P(ServerInstanceImplTest, InvalidBootstrapVersion) { options_.bootstrap_version_ = 1; EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.pb_text"), EnvoyException, "Unknown bootstrap version 1."); } TEST_P(ServerInstanceImplTest, LoadsBootstrapFromConfigProtoOptions) { options_.config_proto_.mutable_node()->set_id("foo"); initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("foo", server_->localInfo().node().id()); } TEST_P(ServerInstanceImplTest, LoadsBootstrapFromConfigYamlAfterConfigPath) { options_.config_yaml_ = "node:\n id: 'bar'"; initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("bar", server_->localInfo().node().id()); } TEST_P(ServerInstanceImplTest, LoadsBootstrapFromConfigProtoOptionsLast) { options_.config_yaml_ = "node:\n id: 'bar'"; options_.config_proto_.mutable_node()->set_id("foo"); initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("foo", server_->localInfo().node().id()); } // Validate server localInfo() from bootstrap Node with CLI overrides. TEST_P(ServerInstanceImplTest, BootstrapNodeWithOptionsOverride) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.service_zone_name_ = "some_zone_name"; initialize("test/server/test_data/server/node_bootstrap.yaml"); EXPECT_EQ("some_zone_name", server_->localInfo().zoneName()); EXPECT_EQ("some_cluster_name", server_->localInfo().clusterName()); EXPECT_EQ("some_node_name", server_->localInfo().nodeName()); EXPECT_EQ("bootstrap_sub_zone", server_->localInfo().node().locality().sub_zone()); } // Validate server runtime is parsed from bootstrap and that we can read from // service cluster specified disk-based overrides. TEST_P(ServerInstanceImplTest, BootstrapRuntime) { options_.service_cluster_name_ = "some_service"; initialize("test/server/test_data/server/runtime_bootstrap.yaml"); EXPECT_EQ("bar", server_->runtime().snapshot().get("foo").value().get()); // This should access via the override/some_service overlay. EXPECT_EQ("fozz", server_->runtime().snapshot().get("fizz").value().get()); } // Validate that a runtime absent an admin layer will fail mutating operations // but still support inspection of runtime values. TEST_P(ServerInstanceImplTest, RuntimeNoAdminLayer) { options_.service_cluster_name_ = "some_service"; initialize("test/server/test_data/server/runtime_bootstrap.yaml"); Http::TestResponseHeaderMapImpl response_headers; std::string response_body; EXPECT_EQ(Http::Code::OK, server_->admin().request("/runtime", "GET", response_headers, response_body)); EXPECT_THAT(response_body, HasSubstr("fozz")); EXPECT_EQ( Http::Code::ServiceUnavailable, server_->admin().request("/runtime_modify?foo=bar", "POST", response_headers, response_body)); EXPECT_EQ("No admin layer specified", response_body); } // Verify that bootstrap fails if RTDS is configured through an EDS cluster TEST_P(ServerInstanceImplTest, BootstrapRtdsThroughEdsFails) { options_.service_cluster_name_ = "some_service"; options_.service_node_name_ = "some_node_name"; EXPECT_THROW_WITH_REGEX(initialize("test/server/test_data/server/runtime_bootstrap_eds.yaml"), EnvoyException, "must have a statically defined non-EDS cluster"); } // Verify that bootstrap fails if RTDS is configured through an ADS using EDS cluster TEST_P(ServerInstanceImplTest, BootstrapRtdsThroughAdsViaEdsFails) { options_.service_cluster_name_ = "some_service"; options_.service_node_name_ = "some_node_name"; EXPECT_THROW_WITH_REGEX(initialize("test/server/test_data/server/runtime_bootstrap_ads_eds.yaml"), EnvoyException, "Unknown gRPC client cluster"); } TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(InvalidLegacyBootstrapRuntime)) { EXPECT_THROW_WITH_MESSAGE( initialize("test/server/test_data/server/invalid_legacy_runtime_bootstrap.yaml"), EnvoyException, "Invalid runtime entry value for foo"); } // Validate invalid runtime in bootstrap is rejected. TEST_P(ServerInstanceImplTest, InvalidBootstrapRuntime) { EXPECT_THROW_WITH_MESSAGE( initialize("test/server/test_data/server/invalid_runtime_bootstrap.yaml"), EnvoyException, "Invalid runtime entry value for foo"); } // Validate invalid layered runtime missing a name is rejected. TEST_P(ServerInstanceImplTest, InvalidLayeredBootstrapMissingName) { EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/invalid_layered_runtime_missing_name.yaml"), EnvoyException, "RuntimeLayerValidationError.Name: \\[\"value length must be at least"); } // Validate invalid layered runtime with duplicate names is rejected. TEST_P(ServerInstanceImplTest, InvalidLayeredBootstrapDuplicateName) { EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml"), EnvoyException, "Duplicate layer name: some_static_laye"); } // Validate invalid layered runtime with no layer specifier is rejected. TEST_P(ServerInstanceImplTest, InvalidLayeredBootstrapNoLayerSpecifier) { EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml"), EnvoyException, "BootstrapValidationError.LayeredRuntime"); } // Regression test for segfault when server initialization fails prior to // ClusterManager initialization. TEST_P(ServerInstanceImplTest, BootstrapClusterManagerInitializationFail) { EXPECT_THROW_WITH_MESSAGE(initialize("test/server/test_data/server/cluster_dupe_bootstrap.yaml"), EnvoyException, "cluster manager: duplicate cluster 'service_google'"); } // Regression tests for SdsApi throwing exceptions in initialize(). TEST_P(ServerInstanceImplTest, BadSdsConfigSource) { EXPECT_THROW_WITH_MESSAGE( initialize("test/server/test_data/server/bad_sds_config_source.yaml"), EnvoyException, "envoy.config.core.v3.ApiConfigSource must have a statically defined non-EDS cluster: " "'sds-grpc' does not exist, was added via api, or is an EDS cluster"); } // Test for protoc-gen-validate constraint on invalid timeout entry of a health check config entry. TEST_P(ServerInstanceImplTest, BootstrapClusterHealthCheckInvalidTimeout) { EXPECT_THROW_WITH_REGEX( initializeWithHealthCheckParams( "test/server/test_data/server/cluster_health_check_bootstrap.yaml", 0, 0.25), EnvoyException, "HealthCheckValidationError.Timeout: \\[\"value must be greater than \" \"0s\"\\]"); } // Test for protoc-gen-validate constraint on invalid interval entry of a health check config entry. TEST_P(ServerInstanceImplTest, BootstrapClusterHealthCheckInvalidInterval) { EXPECT_THROW_WITH_REGEX( initializeWithHealthCheckParams( "test/server/test_data/server/cluster_health_check_bootstrap.yaml", 0.5, 0), EnvoyException, "HealthCheckValidationError.Interval: \\[\"value must be greater than \" \"0s\"\\]"); } // Test for protoc-gen-validate constraint on invalid timeout and interval entry of a health check // config entry. TEST_P(ServerInstanceImplTest, BootstrapClusterHealthCheckInvalidTimeoutAndInterval) { EXPECT_THROW_WITH_REGEX( initializeWithHealthCheckParams( "test/server/test_data/server/cluster_health_check_bootstrap.yaml", 0, 0), EnvoyException, "HealthCheckValidationError.Timeout: \\[\"value must be greater than \" \"0s\"\\]"); } // Test for protoc-gen-validate constraint on valid interval entry of a health check config entry. TEST_P(ServerInstanceImplTest, BootstrapClusterHealthCheckValidTimeoutAndInterval) { EXPECT_NO_THROW(initializeWithHealthCheckParams( "test/server/test_data/server/cluster_health_check_bootstrap.yaml", 0.25, 0.5)); } // Test that a Bootstrap proto with no address specified in its Admin field can go through // initialization properly, but without starting an admin listener. TEST_P(ServerInstanceImplTest, BootstrapNodeNoAdmin) { EXPECT_NO_THROW(initialize("test/server/test_data/server/node_bootstrap_no_admin_port.yaml")); // Admin::addListenerToHandler() calls one of handler's methods after checking that the Admin // has a listener. So, the fact that passing a nullptr doesn't cause a segfault establishes // that there is no listener. server_->admin().addListenerToHandler(/*handler=*/nullptr); } // Validate that an admin config with a server address but no access log path is rejected. TEST_P(ServerInstanceImplTest, BootstrapNodeWithoutAccessLog) { EXPECT_THROW_WITH_MESSAGE( initialize("test/server/test_data/server/node_bootstrap_without_access_log.yaml"), EnvoyException, "An admin access log path is required for a listening server."); } namespace { void bindAndListenTcpSocket(const Network::Address::InstanceConstSharedPtr& address, const Network::Socket::OptionsSharedPtr& options) { auto socket = std::make_unique(address, options, true); // Some kernels erroneously allow `bind` without SO_REUSEPORT for addresses // with some other socket already listening on it, see #7636. if (SOCKET_FAILURE(socket->ioHandle().listen(1).rc_)) { // Mimic bind exception for the test simplicity. throw Network::SocketBindException(fmt::format("cannot listen: {}", errorDetails(errno)), errno); } } } // namespace // Test that `socket_options` field in an Admin proto is honored. TEST_P(ServerInstanceImplTest, BootstrapNodeWithSocketOptions) { // Start Envoy instance with admin port with SO_REUSEPORT option. ASSERT_NO_THROW( initialize("test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml")); const auto address = server_->admin().socket().localAddress(); // First attempt to bind and listen socket should fail due to the lack of SO_REUSEPORT socket // options. EXPECT_THAT_THROWS_MESSAGE(bindAndListenTcpSocket(address, nullptr), EnvoyException, HasSubstr(errorDetails(SOCKET_ERROR_ADDR_IN_USE))); // Second attempt should succeed as kernel allows multiple sockets to listen the same address iff // both of them use SO_REUSEPORT socket option. auto options = std::make_shared(); options->emplace_back(std::make_shared( envoy::config::core::v3::SocketOption::STATE_PREBIND, ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_REUSEPORT), 1)); EXPECT_NO_THROW(bindAndListenTcpSocket(address, options)); } // Empty bootstrap succeeds. TEST_P(ServerInstanceImplTest, EmptyBootstrap) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); } // Custom header bootstrap succeeds. TEST_P(ServerInstanceImplTest, CustomHeaderBootstrap) { options_.config_path_ = TestEnvironment::writeStringToFileForTest( "custom.yaml", "header_prefix: \"x-envoy\"\nstatic_resources:\n"); options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize(options_.config_path_)); } // Negative test for protoc-gen-validate constraints. TEST_P(ServerInstanceImplTest, ValidateFail) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; try { initialize("test/server/test_data/server/invalid_bootstrap.yaml"); FAIL(); } catch (const EnvoyException& e) { EXPECT_THAT(e.what(), HasSubstr("Proto constraint validation failed")); } } TEST_P(ServerInstanceImplTest, LogToFile) { const std::string path = TestEnvironment::temporaryPath("ServerInstanceImplTest_LogToFile_Test.log"); options_.log_path_ = path; options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_TRUE(server_->api().fileSystem().fileExists(path)); GET_MISC_LOGGER().set_level(spdlog::level::info); ENVOY_LOG_MISC(warn, "LogToFile test string"); Logger::Registry::getSink()->flush(); std::string log = server_->api().fileSystem().fileReadToEnd(path); EXPECT_GT(log.size(), 0); EXPECT_TRUE(log.find("LogToFile test string") != std::string::npos); // Test that critical messages get immediately flushed ENVOY_LOG_MISC(critical, "LogToFile second test string"); log = server_->api().fileSystem().fileReadToEnd(path); EXPECT_TRUE(log.find("LogToFile second test string") != std::string::npos); } TEST_P(ServerInstanceImplTest, LogToFileError) { options_.log_path_ = "/this/path/does/not/exist"; options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; try { initialize("test/server/test_data/server/empty_bootstrap.yaml"); FAIL(); } catch (const EnvoyException& e) { EXPECT_THAT(e.what(), HasSubstr("Failed to open log-file")); } } // When there are no bootstrap CLI options, either for content or path, we can load the server with // an empty config. TEST_P(ServerInstanceImplTest, NoOptionsPassed) { thread_local_ = std::make_unique(); init_manager_ = std::make_unique("Server"); EXPECT_THROW_WITH_MESSAGE( server_.reset(new InstanceImpl(*init_manager_, options_, time_system_, std::make_shared("127.0.0.1"), hooks_, restart_, stats_store_, fakelock_, component_factory_, std::make_unique>(), *thread_local_, Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), nullptr)), EnvoyException, "At least one of --config-path or --config-yaml or Options::configProto() should be " "non-empty"); } // Validate that when std::exception is unexpectedly thrown, we exit safely. // This is a regression test for when we used to crash. TEST_P(ServerInstanceImplTest, StdExceptionThrowInConstructor) { EXPECT_CALL(restart_, initialize(_, _)).WillOnce(InvokeWithoutArgs([] { throw(std::runtime_error("foobar")); })); EXPECT_THROW_WITH_MESSAGE(initialize("test/server/test_data/server/node_bootstrap.yaml"), std::runtime_error, "foobar"); } // Neither EnvoyException nor std::exception derived. class FakeException { public: FakeException(const std::string& what) : what_(what) {} const std::string& what() const { return what_; } const std::string what_; }; // Validate that when a totally unknown exception is unexpectedly thrown, we // exit safely. This is a regression test for when we used to crash. TEST_P(ServerInstanceImplTest, UnknownExceptionThrowInConstructor) { EXPECT_CALL(restart_, initialize(_, _)).WillOnce(InvokeWithoutArgs([] { throw(FakeException("foobar")); })); EXPECT_THROW_WITH_MESSAGE(initialize("test/server/test_data/server/node_bootstrap.yaml"), FakeException, "foobar"); } TEST_P(ServerInstanceImplTest, MutexContentionEnabled) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.mutex_tracing_enabled_ = true; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); } TEST_P(ServerInstanceImplTest, NoHttpTracing) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); EXPECT_THAT(envoy::config::trace::v3::Tracing{}, ProtoEq(server_->httpContext().defaultTracingConfig())); } TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(ZipkinHttpTracingEnabled)) { options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; EXPECT_NO_THROW(initialize("test/server/test_data/server/zipkin_tracing_deprecated_config.yaml")); EXPECT_EQ("zipkin", server_->httpContext().defaultTracingConfig().http().name()); } class TestObject : public ProcessObject { public: void setFlag(bool value) { boolean_flag_ = value; } bool boolean_flag_ = true; }; TEST_P(ServerInstanceImplTest, WithProcessContext) { TestObject object; process_object_ = &object; EXPECT_NO_THROW(initialize("test/server/test_data/server/empty_bootstrap.yaml")); auto context = server_->processContext(); auto& object_from_context = dynamic_cast(context->get().get()); EXPECT_EQ(&object_from_context, &object); EXPECT_TRUE(object_from_context.boolean_flag_); object.boolean_flag_ = false; EXPECT_FALSE(object_from_context.boolean_flag_); } class FooBootstrapExtension : public BootstrapExtension {}; TEST_P(ServerInstanceImplTest, WithBootstrapExtensions) { NiceMock mock_factory; EXPECT_CALL(mock_factory, createEmptyConfigProto()).WillRepeatedly(Invoke([]() { return std::make_unique(); })); EXPECT_CALL(mock_factory, name()).WillRepeatedly(Return("envoy_test.bootstrap.foo")); EXPECT_CALL(mock_factory, createBootstrapExtension(_, _)) .WillOnce(Invoke([](const Protobuf::Message& config, Configuration::ServerFactoryContext&) { const auto* proto = dynamic_cast(&config); EXPECT_NE(nullptr, proto); EXPECT_EQ(proto->a(), "foo"); return std::make_unique(); })); Registry::InjectFactory registered_factory( mock_factory); EXPECT_NO_THROW(initialize("test/server/test_data/server/bootstrap_extensions.yaml")); } TEST_P(ServerInstanceImplTest, WithBootstrapExtensionsThrowingError) { NiceMock mock_factory; EXPECT_CALL(mock_factory, createEmptyConfigProto()).WillRepeatedly(Invoke([]() { return std::make_unique(); })); EXPECT_CALL(mock_factory, name()).WillRepeatedly(Return("envoy_test.bootstrap.foo")); EXPECT_CALL(mock_factory, createBootstrapExtension(_, _)) .WillOnce(Invoke([](const Protobuf::Message&, Configuration::ServerFactoryContext&) -> BootstrapExtensionPtr { throw EnvoyException("Unable to initiate mock_bootstrap_extension."); })); Registry::InjectFactory registered_factory( mock_factory); EXPECT_THROW_WITH_REGEX(initialize("test/server/test_data/server/bootstrap_extensions.yaml"), EnvoyException, "Unable to initiate mock_bootstrap_extension."); } TEST_P(ServerInstanceImplTest, WithUnknownBootstrapExtensions) { EXPECT_THROW_WITH_REGEX( initialize("test/server/test_data/server/bootstrap_extensions.yaml"), EnvoyException, "Didn't find a registered implementation for name: 'envoy_test.bootstrap.foo'"); } // Static configuration validation. We test with both allow/reject settings various aspects of // configuration from YAML. class StaticValidationTest : public ServerInstanceImplTestBase, public testing::TestWithParam> { protected: StaticValidationTest() { version_ = std::get<0>(GetParam()); options_.service_cluster_name_ = "some_cluster_name"; options_.service_node_name_ = "some_node_name"; options_.allow_unknown_static_fields_ = std::get<1>(GetParam()); // By inverting the static validation value, we can hopefully catch places we may have confused // static/dynamic validation. options_.reject_unknown_dynamic_fields_ = options_.allow_unknown_static_fields_; } AssertionResult validate(absl::string_view yaml_filename) { const std::string path = absl::StrCat("test/server/test_data/static_validation/", yaml_filename); try { initialize(path); } catch (EnvoyException&) { return options_.allow_unknown_static_fields_ ? AssertionFailure() : AssertionSuccess(); } return options_.allow_unknown_static_fields_ ? AssertionSuccess() : AssertionFailure(); } }; std::string staticValidationTestParamsToString( const ::testing::TestParamInfo>& params) { return fmt::format( "{}_{}", TestUtility::ipTestParamsToString( ::testing::TestParamInfo(std::get<0>(params.param), 0)), std::get<1>(params.param) ? "with_allow_unknown_static_fields" : "without_allow_unknown_static_fields"); } INSTANTIATE_TEST_SUITE_P( IpVersions, StaticValidationTest, testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), testing::Bool()), staticValidationTestParamsToString); TEST_P(StaticValidationTest, BootstrapUnknownField) { EXPECT_TRUE(validate("bootstrap_unknown_field.yaml")); } TEST_P(StaticValidationTest, ListenerUnknownField) { EXPECT_TRUE(validate("listener_unknown_field.yaml")); } TEST_P(StaticValidationTest, NetworkFilterUnknownField) { EXPECT_TRUE(validate("network_filter_unknown_field.yaml")); } TEST_P(StaticValidationTest, ClusterUnknownField) { EXPECT_TRUE(validate("cluster_unknown_field.yaml")); } // Custom StatsSink that registers both a Cluster update callback and Server lifecycle callback. class CallbacksStatsSink : public Stats::Sink, public Upstream::ClusterUpdateCallbacks { public: CallbacksStatsSink(Server::Configuration::ServerFactoryContext& server) : cluster_removal_cb_handle_( server.clusterManager().addThreadLocalClusterUpdateCallbacks(*this)), lifecycle_cb_handle_(server.lifecycleNotifier().registerCallback( ServerLifecycleNotifier::Stage::ShutdownExit, [this]() { cluster_removal_cb_handle_.reset(); })) {} // Stats::Sink void flush(Stats::MetricSnapshot&) override {} void onHistogramComplete(const Stats::Histogram&, uint64_t) override {} // Upstream::ClusterUpdateCallbacks void onClusterAddOrUpdate(Upstream::ThreadLocalCluster&) override {} void onClusterRemoval(const std::string&) override {} private: Upstream::ClusterUpdateCallbacksHandlePtr cluster_removal_cb_handle_; ServerLifecycleNotifier::HandlePtr lifecycle_cb_handle_; }; class CallbacksStatsSinkFactory : public Server::Configuration::StatsSinkFactory { public: // StatsSinkFactory Stats::SinkPtr createStatsSink(const Protobuf::Message&, Server::Configuration::ServerFactoryContext& server) override { return std::make_unique(server); } ProtobufTypes::MessagePtr createEmptyConfigProto() override { // Using Struct instead of a custom per-filter empty config proto // This is only allowed in tests. return ProtobufTypes::MessagePtr{new Envoy::ProtobufWkt::Struct()}; } std::string name() const override { return "envoy.callbacks_stats_sink"; } }; // This test ensures that a stats sink can use cluster update callbacks properly. Using only a // cluster update callback is insufficient to protect against double-free bugs, so a server // lifecycle callback is also used to ensure that the cluster update callback is freed during // Server::Instance's destruction. See issue #9292 for more details. TEST_P(ServerInstanceImplTest, CallbacksStatsSinkTest) { CallbacksStatsSinkFactory factory; Registry::InjectFactory registered(factory); initialize("test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml"); // Necessary to trigger server lifecycle callbacks, otherwise only terminate() is called. server_->shutdown(); } // Validate that disabled extension is reflected in the list of Node extensions. TEST_P(ServerInstanceImplTest, DisabledExtension) { OptionsImpl::disableExtensions({"envoy.filters.http/envoy.filters.http.buffer"}); initialize("test/server/test_data/server/node_bootstrap.yaml"); bool disabled_filter_found = false; for (const auto& extension : server_->localInfo().node().extensions()) { // TODO(zuercher): remove envoy.buffer when old-style name deprecation is completed. if (extension.category() == "envoy.filters.http" && (extension.name() == "envoy.filters.http.buffer" || extension.name() == "envoy.buffer")) { ASSERT_TRUE(extension.disabled()); disabled_filter_found = true; } else { ASSERT_FALSE(extension.disabled()); } } ASSERT_TRUE(disabled_filter_found); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/ssl_context_manager_test.cc ================================================ #include "server/ssl_context_manager.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Server { namespace { TEST(SslContextManager, createStub) { Event::SimulatedTimeSystem time_system; Stats::MockStore scope; Ssl::MockClientContextConfig client_config; Ssl::MockServerContextConfig server_config; std::vector server_names; Ssl::ContextManagerPtr manager = createContextManager("fake_factory_name", time_system); // Check we've created a stub, not real manager. EXPECT_EQ(manager->daysUntilFirstCertExpires(), std::numeric_limits::max()); EXPECT_EQ(manager->secondsUntilFirstOcspResponseExpires(), absl::nullopt); EXPECT_THROW_WITH_MESSAGE(manager->createSslClientContext(scope, client_config), EnvoyException, "SSL is not supported in this configuration"); EXPECT_THROW_WITH_MESSAGE(manager->createSslServerContext(scope, server_config, server_names), EnvoyException, "SSL is not supported in this configuration"); EXPECT_NO_THROW(manager->iterateContexts([](const Envoy::Ssl::Context&) -> void {})); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/test_data/runtime/override/some_service/fizz ================================================ fozz ================================================ FILE: test/server/test_data/runtime/primary/fizz ================================================ buzz ================================================ FILE: test/server/test_data/server/bad_sds_config_source.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster static_resources: clusters: - name: xds-grpc connect_timeout: 0.25s type: STRICT_DNS connect_timeout: 1s load_assignment: cluster_name: xds-grpc endpoints: - lb_endpoints: - endpoint: address: socket_address: address: localhost port_value: 12345 transport_socket: name: "envoy.transport_sockets.tls" typed_config: "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext" common_tls_context: tls_certificate_sds_secret_configs: - name: default sds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: "sds-grpc" validation_context: {} ================================================ FILE: test/server/test_data/server/bootstrap_extensions.yaml ================================================ bootstrap_extensions: - name: envoy_test.bootstrap.foo typed_config: "@type": type.googleapis.com/test.common.config.DummyConfig a: foo ================================================ FILE: test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 stats_sinks: - name: envoy.callbacks_stats_sink stats_flush_interval: 1s ================================================ FILE: test/server/test_data/server/cluster_dupe_bootstrap.yaml ================================================ admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 static_resources: clusters: - name: service_google connect_timeout: 0.25s - name: service_google connect_timeout: 0.25s ================================================ FILE: test/server/test_data/server/cluster_health_check_bootstrap.yaml ================================================ admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 static_resources: clusters: - name: service_google connect_timeout: 0.25s health_checks: - timeout: {{ health_check_timeout }}s interval: {{ health_check_interval }}s unhealthy_threshold: 1 healthy_threshold: 1 http_health_check: path: "/" ================================================ FILE: test/server/test_data/server/empty_bootstrap.yaml ================================================ static_resources: ================================================ FILE: test/server/test_data/server/invalid_bootstrap.yaml ================================================ static_resources: clusters: - name: ================================================ FILE: test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml ================================================ layered_runtime: layers: - name: some_static_layer static_layer: foo: bar - name: some_static_layer static_layer: foo: baz ================================================ FILE: test/server/test_data/server/invalid_layered_runtime_missing_name.yaml ================================================ layered_runtime: layers: - static_layer: foo: bar ================================================ FILE: test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml ================================================ layered_runtime: layers: - name: "foo" ================================================ FILE: test/server/test_data/server/invalid_legacy_runtime_bootstrap.yaml ================================================ runtime: base: foo: - bar: baz ================================================ FILE: test/server/test_data/server/invalid_runtime_bootstrap.yaml ================================================ layered_runtime: layers: - name: some_static_layer static_layer: foo: - bar: baz ================================================ FILE: test/server/test_data/server/node_bootstrap.pb_text ================================================ node { id: "bootstrap_id" cluster: "bootstrap_cluster" locality { zone: "bootstrap_zone" sub_zone: "bootstrap_sub_zone" } } admin { access_log_path: "{{ null_device_path }}" address { socket_address { address: "{{ ntop_ip_loopback_address }}" port_value: 0 } } } ================================================ FILE: test/server/test_data/server/node_bootstrap.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 ================================================ FILE: test/server/test_data/server/node_bootstrap_no_admin_port.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} ================================================ FILE: test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 socket_options: - description: SO_REUSEPORT level: {{ sol_socket }} name: {{ so_reuseport }} int_value: 1 state: STATE_PREBIND ================================================ FILE: test/server/test_data/server/node_bootstrap_without_access_log.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 ================================================ FILE: test/server/test_data/server/proxy_version_bootstrap.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 stats_server_version_override: 100012001 ================================================ FILE: test/server/test_data/server/runtime_bootstrap.yaml ================================================ layered_runtime: layers: - name: some_static_layer static_layer: foo: bar - name: base_disk_layer disk_layer: { symlink_root: {{ test_rundir }}/test/server/test_data/runtime/primary } - name: overlay_disk_layer disk_layer: { symlink_root: {{ test_rundir }}/test/server/test_data/runtime/override, append_service_cluster: true } ================================================ FILE: test/server/test_data/server/runtime_bootstrap_ads_eds.yaml ================================================ static_resources: clusters: - name: dummy_cluster connect_timeout: 1s load_assignment: cluster_name: dummy_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 - name: ads_cluster connect_timeout: 1s type: EDS eds_cluster_config: eds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: "dummy_cluster" dynamic_resources: ads_config: api_type: GRPC grpc_services: envoy_grpc: cluster_name: ads_cluster set_node_on_first_message_only: true layered_runtime: layers: - name: foobar rtds_layer: name: foobar rtds_config: ads: {} ================================================ FILE: test/server/test_data/server/runtime_bootstrap_eds.yaml ================================================ static_resources: clusters: - name: dummy_cluster connect_timeout: 1s load_assignment: cluster_name: dummy_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 - name: rtds_cluster connect_timeout: 1s type: EDS eds_cluster_config: eds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: "dummy_cluster" layered_runtime: layers: - name: foobar rtds_layer: name: foobar rtds_config: api_config_source: api_type: GRPC grpc_services: envoy_grpc: cluster_name: rtds_cluster ================================================ FILE: test/server/test_data/server/stats_sink_bootstrap.yaml ================================================ node: id: bootstrap_id cluster: bootstrap_cluster locality: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: access_log_path: {{ null_device_path }} address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 stats_sinks: - name: envoy.custom_stats_sink stats_flush_interval: 1s ================================================ FILE: test/server/test_data/server/unparseable_bootstrap.yaml ================================================ - foo: bar ================================================ FILE: test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.pb_text ================================================ node { id: "bootstrap_id" build_version: "foo" } ================================================ FILE: test/server/test_data/server/valid_v2_but_invalid_v3_bootstrap.yaml ================================================ node: id: "bootstrap_id" build_version: "foo" ================================================ FILE: test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.pb_text ================================================ static_resources { clusters { name: "cluster" ignore_health_on_host_removal: true connect_timeout { seconds: 1 } } } ================================================ FILE: test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml ================================================ static_resources: clusters : name: "cluster" ignore_health_on_host_removal: true connect_timeout: 1s ================================================ FILE: test/server/test_data/server/watchdogs_bootstrap_with_deprecated_field.yaml ================================================ watchdogs: main_thread_watchdog: miss_timeout: 1s worker_watchdog: miss_timeout: 0.5s watchdog: miss_timeout: 1s ================================================ FILE: test/server/test_data/server/zipkin_tracing_deprecated_config.yaml ================================================ static_resources: clusters: - name: zipkin connect_timeout: 1s tracing: http: name: zipkin typed_config: "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v1/spans" collector_endpoint_version: HTTP_JSON ================================================ FILE: test/server/test_data/static_validation/bootstrap_unknown_field.yaml ================================================ foo: bar ================================================ FILE: test/server/test_data/static_validation/cluster_unknown_field.yaml ================================================ static_resources: clusters: name: foo connect_timeout: { seconds: 5 } foo: bar ================================================ FILE: test/server/test_data/static_validation/listener_unknown_field.yaml ================================================ static_resources: listeners: name: foo address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 foo: bar filter_chains: - filters: ================================================ FILE: test/server/test_data/static_validation/network_filter_unknown_field.yaml ================================================ static_resources: listeners: name: foo address: socket_address: address: {{ ntop_ip_loopback_address }} port_value: 0 filter_chains: - filters: - name: http typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: HTTP2 stat_prefix: blah route_config: {} foo: bar ================================================ FILE: test/server/utility.h ================================================ #pragma once #include #include "envoy/config/listener/v3/listener.pb.h" #include "common/protobuf/utility.h" #include "test/test_common/utility.h" namespace Envoy { namespace Server { namespace { inline envoy::config::listener::v3::Listener parseListenerFromV3Yaml(const std::string& yaml, bool avoid_boosting = true) { envoy::config::listener::v3::Listener listener; TestUtility::loadFromYaml(yaml, listener, true, avoid_boosting); return listener; } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/server/worker_impl_test.cc ================================================ #include "envoy/network/exception.h" #include "common/api/api_impl.h" #include "common/event/dispatcher_impl.h" #include "server/worker_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/guard_dog.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/overload_manager.h" #include "test/mocks/thread_local/mocks.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" using testing::_; using testing::InSequence; using testing::Invoke; using testing::InvokeWithoutArgs; using testing::NiceMock; using testing::Return; using testing::Throw; namespace Envoy { namespace Server { namespace { class WorkerImplTest : public testing::Test { public: WorkerImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("worker_test")), no_exit_timer_(dispatcher_->createTimer([]() -> void {})), worker_(tls_, hooks_, std::move(dispatcher_), Network::ConnectionHandlerPtr{handler_}, overload_manager_, *api_) { // In the real worker the watchdog has timers that prevent exit. Here we need to prevent event // loop exit since we use mock timers. no_exit_timer_->enableTimer(std::chrono::hours(1)); } ~WorkerImplTest() override { // We init no_exit_timer_ before worker_ because the dispatcher will be // moved into the worker. However we need to destruct no_exit_timer_ before // destructing the worker, otherwise the timer will outlive its dispatcher. no_exit_timer_.reset(); } NiceMock tls_; Network::MockConnectionHandler* handler_ = new Network::MockConnectionHandler(); NiceMock guard_dog_; NiceMock overload_manager_; Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; DefaultListenerHooks hooks_; Event::TimerPtr no_exit_timer_; WorkerImpl worker_; }; TEST_F(WorkerImplTest, BasicFlow) { InSequence s; std::thread::id current_thread_id = std::this_thread::get_id(); ConditionalInitializer ci; // Before a worker is started adding a listener will be posted and will get added when the // thread starts running. NiceMock listener; ON_CALL(listener, listenerTag()).WillByDefault(Return(1UL)); EXPECT_CALL(*handler_, addListener(_, _)) .WillOnce(Invoke( [current_thread_id](absl::optional, Network::ListenerConfig& config) -> void { EXPECT_EQ(config.listenerTag(), 1UL); EXPECT_NE(current_thread_id, std::this_thread::get_id()); })); worker_.addListener(absl::nullopt, listener, [&ci](bool success) -> void { EXPECT_TRUE(success); ci.setReady(); }); NiceMock store; worker_.start(guard_dog_); worker_.initializeStats(store); ci.waitReady(); // After a worker is started adding/stopping/removing a listener happens on the worker thread. NiceMock listener2; ON_CALL(listener2, listenerTag()).WillByDefault(Return(2UL)); EXPECT_CALL(*handler_, addListener(_, _)) .WillOnce(Invoke( [current_thread_id](absl::optional, Network::ListenerConfig& config) -> void { EXPECT_EQ(config.listenerTag(), 2UL); EXPECT_NE(current_thread_id, std::this_thread::get_id()); })); worker_.addListener(absl::nullopt, listener2, [&ci](bool success) -> void { EXPECT_TRUE(success); ci.setReady(); }); ci.waitReady(); EXPECT_CALL(*handler_, stopListeners(2)) .WillOnce(InvokeWithoutArgs([current_thread_id, &ci]() -> void { EXPECT_NE(current_thread_id, std::this_thread::get_id()); ci.setReady(); })); ConditionalInitializer ci2; // Verify that callback is called from the other thread. worker_.stopListener(listener2, [current_thread_id, &ci2]() { EXPECT_NE(current_thread_id, std::this_thread::get_id()); ci2.setReady(); }); ci.waitReady(); ci2.waitReady(); EXPECT_CALL(*handler_, removeListeners(2)) .WillOnce(InvokeWithoutArgs([current_thread_id]() -> void { EXPECT_NE(current_thread_id, std::this_thread::get_id()); })); worker_.removeListener(listener2, [current_thread_id, &ci]() -> void { EXPECT_NE(current_thread_id, std::this_thread::get_id()); ci.setReady(); }); ci.waitReady(); // Now test adding and removing a listener without stopping it first. NiceMock listener3; ON_CALL(listener3, listenerTag()).WillByDefault(Return(3UL)); EXPECT_CALL(*handler_, addListener(_, _)) .WillOnce(Invoke( [current_thread_id](absl::optional, Network::ListenerConfig& config) -> void { EXPECT_EQ(config.listenerTag(), 3UL); EXPECT_NE(current_thread_id, std::this_thread::get_id()); })); worker_.addListener(absl::nullopt, listener3, [&ci](bool success) -> void { EXPECT_TRUE(success); ci.setReady(); }); ci.waitReady(); EXPECT_CALL(*handler_, removeListeners(3)) .WillOnce(InvokeWithoutArgs([current_thread_id]() -> void { EXPECT_NE(current_thread_id, std::this_thread::get_id()); })); worker_.removeListener(listener3, [current_thread_id]() -> void { EXPECT_NE(current_thread_id, std::this_thread::get_id()); }); worker_.stop(); } TEST_F(WorkerImplTest, ListenerException) { InSequence s; NiceMock listener; ON_CALL(listener, listenerTag()).WillByDefault(Return(1UL)); EXPECT_CALL(*handler_, addListener(_, _)) .WillOnce(Throw(Network::CreateListenerException("failed"))); worker_.addListener(absl::nullopt, listener, [](bool success) -> void { EXPECT_FALSE(success); }); worker_.start(guard_dog_); worker_.stop(); } } // namespace } // namespace Server } // namespace Envoy ================================================ FILE: test/test_common/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_basic_cc_library", "envoy_cc_library", "envoy_cc_test", "envoy_cc_test_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_basic_cc_library( name = "printers_includes", hdrs = ["printers.h"], deps = [ "//include/envoy/network:address_interface", ], ) envoy_cc_test_library( name = "environment_lib", srcs = ["environment.cc"], hdrs = ["environment.h"], external_deps = [ "abseil_optional", "abseil_symbolize", "bazel_runfiles", ], deps = [ ":network_utility_lib", "//include/envoy/server:options_interface", "//source/common/common:assert_lib", "//source/common/common:compiler_requirements_lib", "//source/common/common:macros", "//source/common/common:utility_lib", "//source/common/filesystem:filesystem_lib", "//source/common/json:json_loader_lib", "//source/common/network:utility_lib", "//source/server:options_lib", "//test/common/runtime:utility_lib", ] + select({ "//bazel:disable_signal_trace": [], "//conditions:default": ["//source/common/signal:sigaction_lib"], }), ) envoy_cc_test_library( name = "network_utility_lib", srcs = ["network_utility.cc"], hdrs = ["network_utility.h"], deps = [ ":utility_lib", "//include/envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/network:address_lib", "//source/common/network:listen_socket_lib", "//source/common/network:raw_buffer_socket_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", "//source/common/runtime:runtime_lib", ], ) envoy_cc_test( name = "network_utility_test", srcs = ["network_utility_test.cc"], deps = [ ":environment_lib", ":network_utility_lib", ], ) envoy_cc_test_library( name = "contention_lib", srcs = ["contention.cc"], hdrs = ["contention.h"], deps = [ "//source/common/common:mutex_tracer_lib", "//source/common/common:thread_lib", "//test/test_common:test_time_lib", "//test/test_common:utility_lib", ], ) envoy_cc_library( name = "printers_lib", srcs = ["printers.cc"], deps = [ ":printers_includes", "//source/common/buffer:buffer_lib", "//source/common/http:header_map_lib", ], ) envoy_cc_test_library( name = "registry_lib", hdrs = ["registry.h"], deps = [ "//include/envoy/registry", ], ) envoy_cc_test_library( name = "resources_lib", hdrs = ["resources.h"], deps = ["//source/common/singleton:const_singleton"], ) envoy_cc_test_library( name = "utility_lib", srcs = ["utility.cc"], hdrs = ["utility.h"], external_deps = [ "abseil_strings", ], deps = [ ":file_system_for_test_lib", ":resources_lib", ":test_time_lib", ":thread_factory_for_test_lib", "//include/envoy/buffer:buffer_interface", "//include/envoy/http:codec_interface", "//include/envoy/network:address_interface", "//source/common/api:api_lib", "//source/common/common:empty_string", "//source/common/common:thread_lib", "//source/common/common:utility_lib", "//source/common/config:decoded_resource_lib", "//source/common/config:opaque_resource_decoder_lib", "//source/common/config:version_converter_lib", "//source/common/filesystem:directory_lib", "//source/common/filesystem:filesystem_lib", "//source/common/http:header_map_lib", "//source/common/json:json_loader_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:stats_lib", "//test/mocks/stats:stats_mocks", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/runtime/v3:pkg_cc_proto", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "test_runtime_lib", hdrs = ["test_runtime.h"], deps = [ "//source/common/runtime:runtime_lib", "//source/common/stats:isolated_store_lib", "//test/mocks/event:event_mocks", "//test/mocks/init:init_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/protobuf:protobuf_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/thread_local:thread_local_mocks", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "thread_factory_for_test_lib", srcs = ["thread_factory_for_test.cc"], hdrs = ["thread_factory_for_test.h"], deps = [ "//source/common/common:thread_lib", "//source/common/common:utility_lib", ], ) envoy_cc_test_library( name = "file_system_for_test_lib", srcs = ["file_system_for_test.cc"], hdrs = ["file_system_for_test.h"], deps = [ "//source/common/common:utility_lib", "//source/common/filesystem:filesystem_lib", ], ) envoy_cc_test( name = "utility_test", srcs = ["utility_test.cc"], deps = [ ":utility_lib", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) envoy_cc_test_library( name = "logging_lib", srcs = ["logging.cc"], hdrs = ["logging.h"], deps = [ "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], ) envoy_cc_library( name = "threadsafe_singleton_injector_lib", hdrs = ["threadsafe_singleton_injector.h"], deps = [ "//source/common/singleton:threadsafe_singleton", ], ) envoy_cc_library( name = "global_lib", srcs = ["global.cc"], hdrs = ["global.h"], deps = [ "//source/common/common:assert_lib", "//source/common/common:thread_lib", ], ) envoy_cc_test( name = "global_test", srcs = ["global_test.cc"], deps = [ ":global_lib", ], ) envoy_cc_test_library( name = "only_one_thread_lib", srcs = ["only_one_thread.cc"], hdrs = ["only_one_thread.h"], deps = [":thread_factory_for_test_lib"], ) envoy_cc_test_library( name = "test_time_lib", srcs = ["test_time.cc"], hdrs = ["test_time.h"], deps = [ ":global_lib", ":test_time_system_interface", "//source/common/event:real_time_system_lib", ], ) envoy_cc_test_library( name = "test_time_system_interface", srcs = ["test_time_system.cc"], hdrs = ["test_time_system.h"], deps = [ ":global_lib", ":only_one_thread_lib", "//include/envoy/event:dispatcher_interface", "//include/envoy/event:timer_interface", "//source/common/common:thread_lib", ], ) envoy_cc_test_library( name = "simulated_time_system_lib", srcs = ["simulated_time_system.cc"], hdrs = ["simulated_time_system.h"], deps = [ ":test_time_system_interface", ":utility_lib", "//source/common/event:event_impl_base_lib", "//source/common/event:real_time_system_lib", "//source/common/event:timer_lib", ], ) envoy_cc_test_library( name = "status_utility_lib", hdrs = ["status_utility.h"], ) envoy_cc_test( name = "simulated_time_system_test", srcs = ["simulated_time_system_test.cc"], deps = [ ":simulated_time_system_lib", ":utility_lib", "//source/common/event:libevent_scheduler_lib", "//test/mocks/event:event_mocks", "//test/test_common:test_runtime_lib", ], ) envoy_cc_test( name = "test_time_system_test", srcs = ["test_time_system_test.cc"], deps = [ ":simulated_time_system_lib", ":test_time_lib", ":utility_lib", ], ) envoy_cc_test_library( name = "wasm_lib", hdrs = ["wasm_base.h"], deps = [ "//source/common/stream_info:stream_info_lib", "//source/extensions/common/wasm:wasm_interoperation_lib", "//source/extensions/common/wasm:wasm_lib", "//test/mocks/grpc:grpc_mocks", "//test/mocks/http:http_mocks", "//test/mocks/network:network_mocks", "//test/mocks/server:server_mocks", "//test/mocks/ssl:ssl_mocks", "//test/mocks/stream_info:stream_info_mocks", "//test/mocks/thread_local:thread_local_mocks", "//test/mocks/upstream:upstream_mocks", "//test/test_common:environment_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", ], ) envoy_basic_cc_library( name = "test_version_linkstamp", srcs = ["test_version_linkstamp.cc"], alwayslink = 1, ) ================================================ FILE: test/test_common/contention.cc ================================================ #include "test/test_common/contention.h" #include "test/test_common/utility.h" namespace Envoy { namespace Thread { namespace TestUtil { void ContentionGenerator::generateContention(MutexTracerImpl& tracer) { Envoy::Thread::ThreadPtr t1 = launchThread(tracer); Envoy::Thread::ThreadPtr t2 = launchThread(tracer); t1->join(); t2->join(); } Envoy::Thread::ThreadPtr ContentionGenerator::launchThread(MutexTracerImpl& tracer) { return threadFactoryForTest().createThread( [&tracer, this]() -> void { holdUntilContention(tracer); }); } void ContentionGenerator::holdUntilContention(MutexTracerImpl& tracer) { Event::DispatcherPtr dispatcher = api_.allocateDispatcher("test_thread"); Event::TimerPtr timer = dispatcher->createTimer([&dispatcher]() { dispatcher->exit(); }); auto sleep_ms = [&timer, &dispatcher](int num_ms) { timer->enableTimer(std::chrono::milliseconds(num_ms)); dispatcher->run(Event::Dispatcher::RunType::RunUntilExit); }; int64_t curr_num_contentions = tracer.numContentions(); do { sleep_ms(1); { LockGuard lock(mutex_); // We hold the lock 90% of the time to ensure both contention and eventual acquisition, which // is needed to bump numContentions(). sleep_ms(9); } if (tracer.numContentions() > curr_num_contentions) { found_contention_ = true; } } while (!found_contention_); } } // namespace TestUtil } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/contention.h ================================================ #pragma once #include #include #include "envoy/api/api.h" #include "common/common/lock_guard.h" #include "common/common/mutex_tracer_impl.h" #include "common/common/thread.h" #include "test/test_common/test_time.h" namespace Envoy { namespace Thread { namespace TestUtil { /** * Generates mutex contention, as measured by the MutexTracer passed in via argument. * @param tracer a reference to the global MutexTracerImpl. */ class ContentionGenerator { public: ContentionGenerator(Api::Api& api) : api_(api) {} /** * Generates at least once occurrence of mutex contention, as measured by tracer. */ void generateContention(MutexTracerImpl& tracer); private: ThreadPtr launchThread(MutexTracerImpl& tracer); void holdUntilContention(MutexTracerImpl& tracer); MutexBasicLockable mutex_; Api::Api& api_; std::atomic found_contention_{false}; }; } // namespace TestUtil } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/environment.cc ================================================ #include "test/test_common/environment.h" #include #include #include #include #include #include #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/compiler_requirements.h" #include "common/common/logger.h" #include "common/common/macros.h" #include "common/common/utility.h" #include "common/filesystem/directory.h" #include "absl/container/node_hash_map.h" #ifdef ENVOY_HANDLE_SIGNALS #include "common/signal/signal_action.h" #endif #include "server/options_impl.h" #include "test/test_common/file_system_for_test.h" #include "test/test_common/network_utility.h" #include "absl/debugging/symbolize.h" #include "absl/strings/match.h" #include "absl/strings/str_format.h" #include "gtest/gtest.h" #include "spdlog/spdlog.h" using bazel::tools::cpp::runfiles::Runfiles; using Envoy::Filesystem::Directory; using Envoy::Filesystem::DirectoryEntry; namespace Envoy { namespace { std::string makeTempDir(std::string basename_template) { #ifdef WIN32 std::string name_template = "c:\\Windows\\TEMP\\" + basename_template; char* dirname = ::_mktemp(&name_template[0]); RELEASE_ASSERT(dirname != nullptr, fmt::format("failed to create tempdir from template: {} {}", name_template, errorDetails(errno))); TestEnvironment::createPath(dirname); #else std::string name_template = "/tmp/" + basename_template; char* dirname = ::mkdtemp(&name_template[0]); RELEASE_ASSERT(dirname != nullptr, fmt::format("failed to create tempdir from template: {} {}", name_template, errorDetails(errno))); #endif return std::string(dirname); } std::string getOrCreateUnixDomainSocketDirectory() { const char* path = std::getenv("TEST_UDSDIR"); if (path != nullptr) { return std::string(path); } // Generate temporary path for Unix Domain Sockets only. This is a workaround // for the sun_path limit on `sockaddr_un`, since TEST_TMPDIR as generated by // Bazel may be too long. return makeTempDir("envoy_test_uds.XXXXXX"); } std::string getTemporaryDirectory() { std::string temp_dir; if (std::getenv("TEST_TMPDIR")) { temp_dir = TestEnvironment::getCheckedEnvVar("TEST_TMPDIR"); } else if (std::getenv("TMPDIR")) { temp_dir = TestEnvironment::getCheckedEnvVar("TMPDIR"); } else { return makeTempDir("envoy_test_tmp.XXXXXX"); } TestEnvironment::createPath(temp_dir); return temp_dir; } // Allow initializeOptions() to remember CLI args for getOptions(). int argc_; char** argv_; } // namespace void TestEnvironment::createPath(const std::string& path) { if (Filesystem::fileSystemForTest().directoryExists(path)) { return; } const Filesystem::PathSplitResult parent = Filesystem::fileSystemForTest().splitPathFromFilename(path); if (parent.file_.length() > 0) { TestEnvironment::createPath(std::string(parent.directory_)); } #ifndef WIN32 RELEASE_ASSERT(::mkdir(path.c_str(), S_IRWXU | S_IRWXG | S_IRWXO) == 0, absl::StrCat("failed to create path: ", path)); #else RELEASE_ASSERT(::CreateDirectory(path.c_str(), NULL), absl::StrCat("failed to create path: ", path)); #endif } // On linux, attempt to unlink any file that exists at path, // ignoring the result code, to avoid traversing a symlink, // On windows, also attempt to remove the directory in case // it is actually a symlink/junction, ignoring the result code. // Proceed to iteratively recurse the directory if it still remains void TestEnvironment::removePath(const std::string& path) { RELEASE_ASSERT(absl::StartsWith(path, TestEnvironment::temporaryDirectory()), "cowardly refusing to remove test directory not in temp path"); #ifndef WIN32 (void)::unlink(path.c_str()); #else (void)::DeleteFile(path.c_str()); (void)::RemoveDirectory(path.c_str()); #endif if (!Filesystem::fileSystemForTest().directoryExists(path)) { return; } Directory directory(path); std::string entry_name; entry_name.reserve(path.size() + 256); entry_name.append(path); entry_name.append("/"); size_t fileidx = entry_name.size(); for (const DirectoryEntry& entry : directory) { entry_name.resize(fileidx); entry_name.append(entry.name_); if (entry.type_ == Envoy::Filesystem::FileType::Regular) { #ifndef WIN32 RELEASE_ASSERT(::unlink(entry_name.c_str()) == 0, absl::StrCat("failed to remove file: ", entry_name)); #else RELEASE_ASSERT(::DeleteFile(entry_name.c_str()), absl::StrCat("failed to remove file: ", entry_name)); #endif } else if (entry.type_ == Envoy::Filesystem::FileType::Directory) { if (entry.name_ != "." && entry.name_ != "..") { removePath(entry_name); } } } #ifndef WIN32 RELEASE_ASSERT(::rmdir(path.c_str()) == 0, absl::StrCat("failed to remove path: ", path, " (rmdir failed)")); #else RELEASE_ASSERT(::RemoveDirectory(path.c_str()), absl::StrCat("failed to remove path: ", path)); #endif } void TestEnvironment::renameFile(const std::string& old_name, const std::string& new_name) { #ifdef WIN32 // use MoveFileEx, since ::rename will not overwrite an existing file. See // https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/rename-wrename?view=vs-2017 // Note MoveFileEx cannot overwrite a directory as documented, nor a symlink, apparently. const BOOL rc = ::MoveFileEx(old_name.c_str(), new_name.c_str(), MOVEFILE_REPLACE_EXISTING); ASSERT_NE(0, rc); #else const int rc = ::rename(old_name.c_str(), new_name.c_str()); ASSERT_EQ(0, rc); #endif }; void TestEnvironment::createSymlink(const std::string& target, const std::string& link) { #ifdef WIN32 const DWORD attributes = ::GetFileAttributes(target.c_str()); ASSERT_NE(attributes, INVALID_FILE_ATTRIBUTES); int flags = SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE; if (attributes & FILE_ATTRIBUTE_DIRECTORY) { flags |= SYMBOLIC_LINK_FLAG_DIRECTORY; } const BOOLEAN rc = ::CreateSymbolicLink(link.c_str(), target.c_str(), flags); ASSERT_NE(rc, 0); #else const int rc = ::symlink(target.c_str(), link.c_str()); ASSERT_EQ(rc, 0); #endif } absl::optional TestEnvironment::getOptionalEnvVar(const std::string& var) { const char* path = std::getenv(var.c_str()); if (path == nullptr) { return {}; } return std::string(path); } std::string TestEnvironment::getCheckedEnvVar(const std::string& var) { auto optional = getOptionalEnvVar(var); RELEASE_ASSERT(optional.has_value(), var); return optional.value(); } void TestEnvironment::initializeTestMain(char* program_name) { #ifdef WIN32 _set_abort_behavior(0, _WRITE_ABORT_MSG | _CALL_REPORTFAULT); _set_invalid_parameter_handler([](const wchar_t* expression, const wchar_t* function, const wchar_t* file, unsigned int line, uintptr_t pReserved) {}); WSADATA wsa_data; const WORD version_requested = MAKEWORD(2, 2); RELEASE_ASSERT(WSAStartup(version_requested, &wsa_data) == 0, ""); #endif #ifdef __APPLE__ UNREFERENCED_PARAMETER(program_name); #else absl::InitializeSymbolizer(program_name); #endif #ifdef ENVOY_HANDLE_SIGNALS // Enabled by default. Control with "bazel --define=signal_trace=disabled" static Envoy::SignalAction handle_sigs; #endif } void TestEnvironment::initializeOptions(int argc, char** argv) { argc_ = argc; argv_ = argv; } bool TestEnvironment::shouldRunTestForIpVersion(Network::Address::IpVersion type) { const char* value = std::getenv("ENVOY_IP_TEST_VERSIONS"); std::string option(value ? value : ""); if (option.empty()) { return true; } if ((type == Network::Address::IpVersion::v4 && option == "v6only") || (type == Network::Address::IpVersion::v6 && option == "v4only")) { return false; } return true; } std::vector TestEnvironment::getIpVersionsForTest() { std::vector parameters; for (auto version : {Network::Address::IpVersion::v4, Network::Address::IpVersion::v6}) { if (TestEnvironment::shouldRunTestForIpVersion(version)) { parameters.push_back(version); if (!Network::Test::supportsIpVersion(version)) { const auto version_string = Network::Test::addressVersionAsString(version); ENVOY_LOG_TO_LOGGER( Logger::Registry::getLog(Logger::Id::testing), warn, "Testing with IP{} addresses may not be supported on this machine. If " "testing fails, set the environment variable ENVOY_IP_TEST_VERSIONS to 'v{}only'.", version_string, version_string); } } } return parameters; } Server::Options& TestEnvironment::getOptions() { static OptionsImpl* options = new OptionsImpl( argc_, argv_, [](bool) { return "1"; }, spdlog::level::err); return *options; } const std::string& TestEnvironment::temporaryDirectory() { CONSTRUCT_ON_FIRST_USE(std::string, getTemporaryDirectory()); } std::string TestEnvironment::runfilesDirectory(const std::string& workspace) { RELEASE_ASSERT(runfiles_ != nullptr, ""); return runfiles_->Rlocation(workspace); } std::string TestEnvironment::runfilesPath(const std::string& path, const std::string& workspace) { RELEASE_ASSERT(runfiles_ != nullptr, ""); return runfiles_->Rlocation(absl::StrCat(workspace, "/", path)); } const std::string TestEnvironment::unixDomainSocketDirectory() { CONSTRUCT_ON_FIRST_USE(std::string, getOrCreateUnixDomainSocketDirectory()); } std::string TestEnvironment::substitute(const std::string& str, Network::Address::IpVersion version) { const absl::node_hash_map path_map = { {"test_tmpdir", TestEnvironment::temporaryDirectory()}, {"test_udsdir", TestEnvironment::unixDomainSocketDirectory()}, {"test_rundir", runfiles_ != nullptr ? TestEnvironment::runfilesDirectory() : "invalid"}, }; std::string out_json_string = str; for (const auto& it : path_map) { const std::regex port_regex("\\{\\{ " + it.first + " \\}\\}"); out_json_string = std::regex_replace(out_json_string, port_regex, it.second); } // Substitute platform specific null device. const std::regex null_device_regex(R"(\{\{ null_device_path \}\})"); out_json_string = std::regex_replace(out_json_string, null_device_regex, std::string(Platform::null_device_path).c_str()); // Substitute IP loopback addresses. const std::regex loopback_address_regex(R"(\{\{ ip_loopback_address \}\})"); out_json_string = std::regex_replace(out_json_string, loopback_address_regex, Network::Test::getLoopbackAddressString(version)); const std::regex ntop_loopback_address_regex(R"(\{\{ ntop_ip_loopback_address \}\})"); out_json_string = std::regex_replace(out_json_string, ntop_loopback_address_regex, Network::Test::getLoopbackAddressString(version)); // Substitute IP any addresses. const std::regex any_address_regex(R"(\{\{ ip_any_address \}\})"); out_json_string = std::regex_replace(out_json_string, any_address_regex, Network::Test::getAnyAddressString(version)); // Substitute dns lookup family. const std::regex lookup_family_regex(R"(\{\{ dns_lookup_family \}\})"); switch (version) { case Network::Address::IpVersion::v4: out_json_string = std::regex_replace(out_json_string, lookup_family_regex, "v4_only"); break; case Network::Address::IpVersion::v6: out_json_string = std::regex_replace(out_json_string, lookup_family_regex, "v6_only"); break; } // Substitute socket options arguments. const std::regex sol_socket_regex(R"(\{\{ sol_socket \}\})"); out_json_string = std::regex_replace(out_json_string, sol_socket_regex, std::to_string(SOL_SOCKET)); const std::regex so_reuseport_regex(R"(\{\{ so_reuseport \}\})"); out_json_string = std::regex_replace(out_json_string, so_reuseport_regex, std::to_string(SO_REUSEPORT)); return out_json_string; } std::string TestEnvironment::temporaryFileSubstitute(const std::string& path, const PortMap& port_map, Network::Address::IpVersion version) { return temporaryFileSubstitute(path, ParamMap(), port_map, version); } std::string TestEnvironment::readFileToStringForTest(const std::string& filename, bool require_existence) { std::ifstream file(filename, std::ios::binary); if (file.fail()) { if (!require_existence) { return ""; } RELEASE_ASSERT(false, absl::StrCat("failed to open: ", filename)); } std::stringstream file_string_stream; file_string_stream << file.rdbuf(); return file_string_stream.str(); } std::string TestEnvironment::temporaryFileSubstitute(const std::string& path, const ParamMap& param_map, const PortMap& port_map, Network::Address::IpVersion version) { RELEASE_ASSERT(!path.empty(), "requested path to substitute in is empty"); // Load the entire file as a string, regex replace one at a time and write it back out. Proper // templating might be better one day, but this works for now. const std::string json_path = TestEnvironment::runfilesPath(path); std::string out_json_string = readFileToStringForTest(json_path); // Substitute params. for (const auto& it : param_map) { const std::regex param_regex("\\{\\{ " + it.first + " \\}\\}"); out_json_string = std::regex_replace(out_json_string, param_regex, it.second); } // Substitute ports. for (const auto& it : port_map) { const std::regex port_regex("\\{\\{ " + it.first + " \\}\\}"); out_json_string = std::regex_replace(out_json_string, port_regex, std::to_string(it.second)); } // Substitute paths and other common things. out_json_string = substitute(out_json_string, version); auto name = Filesystem::fileSystemForTest().splitPathFromFilename(path).file_; const std::string extension = absl::EndsWith(name, ".yaml") ? ".yaml" : absl::EndsWith(name, ".pb_text") ? ".pb_text" : ".json"; const std::string out_json_path = TestEnvironment::temporaryPath(name) + ".with.ports" + extension; { std::ofstream out_json_file(out_json_path, std::ios::binary); out_json_file << out_json_string; } return out_json_path; } Json::ObjectSharedPtr TestEnvironment::jsonLoadFromString(const std::string& json, Network::Address::IpVersion version) { return Json::Factory::loadFromString(substitute(json, version)); } void TestEnvironment::exec(const std::vector& args) { std::stringstream cmd; // Symlinked args[0] can confuse Python when importing module relative, so we let Python know // where it can find its module relative files. cmd << "bash -c \"PYTHONPATH=$(dirname " << args[0] << ") "; for (auto& arg : args) { cmd << arg << " "; } cmd << "\""; if (::system(cmd.str().c_str()) != 0) { std::cerr << "Failed " << cmd.str() << "\n"; RELEASE_ASSERT(false, ""); } } std::string TestEnvironment::writeStringToFileForTest(const std::string& filename, const std::string& contents, bool fully_qualified_path) { const std::string out_path = fully_qualified_path ? filename : TestEnvironment::temporaryPath(filename); unlink(out_path.c_str()); { std::ofstream out_file(out_path, std::ios_base::binary); RELEASE_ASSERT(!out_file.fail(), ""); out_file << contents; } return out_path; } void TestEnvironment::setEnvVar(const std::string& name, const std::string& value, int overwrite) { #ifdef WIN32 if (!overwrite) { size_t requiredSize; const int rc = ::getenv_s(&requiredSize, nullptr, 0, name.c_str()); ASSERT_EQ(0, rc); if (requiredSize != 0) { return; } } const int rc = ::_putenv_s(name.c_str(), value.c_str()); ASSERT_EQ(0, rc); #else const int rc = ::setenv(name.c_str(), value.c_str(), overwrite); ASSERT_EQ(0, rc); #endif } void TestEnvironment::unsetEnvVar(const std::string& name) { #ifdef WIN32 const int rc = ::_putenv_s(name.c_str(), ""); ASSERT_EQ(0, rc); #else const int rc = ::unsetenv(name.c_str()); ASSERT_EQ(0, rc); #endif } void TestEnvironment::setRunfiles(Runfiles* runfiles) { runfiles_ = runfiles; } Runfiles* TestEnvironment::runfiles_{}; AtomicFileUpdater::AtomicFileUpdater(const std::string& filename) : link_(filename), new_link_(absl::StrCat(filename, ".new")), target1_(absl::StrCat(filename, ".target1")), target2_(absl::StrCat(filename, ".target2")), use_target1_(true) { unlink(link_.c_str()); unlink(new_link_.c_str()); unlink(target1_.c_str()); unlink(target2_.c_str()); } void AtomicFileUpdater::update(const std::string& contents) { const std::string target = use_target1_ ? target1_ : target2_; use_target1_ = !use_target1_; { std::ofstream file(target, std::ios_base::binary); file << contents; } TestEnvironment::createSymlink(target, new_link_); TestEnvironment::renameFile(new_link_, link_); } } // namespace Envoy ================================================ FILE: test/test_common/environment.h ================================================ #pragma once #include #include #include #include "envoy/network/address.h" #include "envoy/server/options.h" #include "common/json/json_loader.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include "tools/cpp/runfiles/runfiles.h" namespace Envoy { class TestEnvironment { public: using PortMap = absl::node_hash_map; using ParamMap = absl::node_hash_map; /** * Perform common initialization steps needed to run a test binary. This * method should be called first in all test main functions. * @param program_name argv[0] test program is invoked with */ static void initializeTestMain(char* program_name); /** * Initialize command-line options for later access by tests in getOptions(). * @param argc number of command-line args. * @param argv array of command-line args. */ static void initializeOptions(int argc, char** argv); /** * Check whether testing with IP version type {v4 or v6} is enabled via * setting the environment variable ENVOY_IP_TEST_VERSIONS. * @param Network::Address::IpVersion IP address version to check. * @return bool if testing only with IP type addresses only. */ static bool shouldRunTestForIpVersion(Network::Address::IpVersion type); /** * Return a vector of IP address parameters to test. Tests can be run with * only IPv4 addressing or only IPv6 addressing by setting the environment * variable ENVOY_IP_TEST_VERSIONS to "v4only" or "v6only", respectively. * The default test setting runs all tests with both IPv4 and IPv6 addresses. * @return std::vector vector of IP address * types to test. */ static std::vector getIpVersionsForTest(); /** * Obtain command-line options reference. * @return Server::Options& with command-line options. */ static Server::Options& getOptions(); /** * Obtain the value of an environment variable, null if not available. * @return absl::optional with the value of the environment variable. */ static absl::optional getOptionalEnvVar(const std::string& var); /** * Obtain the value of an environment variable, die if not available. * @return std::string with the value of the environment variable. */ static std::string getCheckedEnvVar(const std::string& var); /** * Obtain a private writable temporary directory. * @return const std::string& with the path to the temporary directory. */ static const std::string& temporaryDirectory(); /** * Prefix a given path with the private writable test temporary directory. * @param path path suffix. * @return std::string path qualified with temporary directory. */ static std::string temporaryPath(absl::string_view path) { return absl::StrCat(temporaryDirectory(), "/", path); } /** * Obtain platform specific new line character(s) * @return absl::string_view platform specific new line character(s) */ static constexpr absl::string_view newLine #ifdef WIN32 {"\r\n"}; #else {"\n"}; #endif /** * Obtain read-only test input data directory. * @param workspace the name of the Bazel workspace where the input data is. * @return const std::string& with the path to the read-only test input directory. */ static std::string runfilesDirectory(const std::string& workspace = "envoy"); /** * Prefix a given path with the read-only test input data directory. * @param path path suffix. * @return std::string path qualified with read-only test input data directory. */ static std::string runfilesPath(const std::string& path, const std::string& workspace = "envoy"); /** * Obtain Unix Domain Socket temporary directory. * @return std::string& with the path to the Unix Domain Socket temporary directory. */ static const std::string unixDomainSocketDirectory(); /** * Prefix a given path with the Unix Domain Socket temporary directory. * @param path path suffix. * @param abstract_namespace true if an abstract namespace should be returned. * @return std::string path qualified with the Unix Domain Socket temporary directory. */ static std::string unixDomainSocketPath(const std::string& path, bool abstract_namespace = false) { return (abstract_namespace ? "@" : "") + unixDomainSocketDirectory() + "/" + path; } /** * String environment path, loopback, and DNS resolver type substitution. * @param str string with template patterns including {{ test_tmpdir }}. * @param version supplies the IP version to substitute for relevant templates. * @return std::string with patterns replaced with environment values. */ static std::string substitute(const std::string& str, Network::Address::IpVersion version = Network::Address::IpVersion::v4); /** * Substitute ports, paths, and IP loopback addresses in a JSON file in the * private writable test temporary directory. * @param path path prefix for the input file with port and path templates. * @param port_map map from port name to port number. * @param version IP address version to substitute. * @return std::string path for the generated file. */ static std::string temporaryFileSubstitute(const std::string& path, const PortMap& port_map, Network::Address::IpVersion version); /** * Substitute ports, paths, and IP loopback addresses in a JSON file in the * private writable test temporary directory. * @param path path prefix for the input file with port and path templates. * @param param_map map from parameter name to values. * @param port_map map from port name to port number. * @param version IP address version to substitute. * @return std::string path for the generated file. */ static std::string temporaryFileSubstitute(const std::string& path, const ParamMap& param_map, const PortMap& port_map, Network::Address::IpVersion version); /** * Build JSON object from a string subject to environment path, loopback, and DNS resolver type * substitution. * @param json JSON with template patterns including {{ test_certs }}. * @param version supplies the IP version to substitute for relevant templates. * @return Json::ObjectSharedPtr with built JSON object. */ static Json::ObjectSharedPtr jsonLoadFromString(const std::string& json, Network::Address::IpVersion version = Network::Address::IpVersion::v4); /** * Execute a program under ::system. Any failure is fatal. * @param args program path and arguments. */ static void exec(const std::vector& args); /** * Dumps the contents of the string into a temporary file from temporaryDirectory() + filename. * * @param filename: the name of the file to use * @param contents: the data to go in the file. * @param fully_qualified_path: if true, will write to filename without prepending the tempdir. * @return the fully qualified path of the output file. */ static std::string writeStringToFileForTest(const std::string& filename, const std::string& contents, bool fully_qualified_path = false); /** * Dumps the contents of the file into the string. * * @param filename: the fully qualified name of the file to use * @param require_existence if true, RELEASE_ASSERT if the file does not exist. * If false, an empty string will be returned if the file is not present. * @return string the contents of the file. */ static std::string readFileToStringForTest(const std::string& filename, bool require_existence = true); /** * Create a path on the filesystem (mkdir -p ... equivalent). * @param path. */ static void createPath(const std::string& path); /** * Remove a path on the filesystem (rm -rf ... equivalent). * @param path. */ static void removePath(const std::string& path); /** * Rename a file * @param old_name * @param new_name */ static void renameFile(const std::string& old_name, const std::string& new_name); /** * Create a symlink * @param target * @param link */ static void createSymlink(const std::string& target, const std::string& link); /** * Set environment variable. Same args as setenv(2). */ static void setEnvVar(const std::string& name, const std::string& value, int overwrite); /** * Removes environment variable. Same args as unsetenv(3). */ static void unsetEnvVar(const std::string& name); /** * Set runfiles with current test, this have to be called before calling path related functions. */ static void setRunfiles(bazel::tools::cpp::runfiles::Runfiles* runfiles); private: static bazel::tools::cpp::runfiles::Runfiles* runfiles_; }; /** * A utility class for atomically updating a file using symbolic link swap. * Note the file lifetime is limited to the instance of the AtomicFileUpdater * which erases any existing files upon creation, used for specific test * scenarios. See discussion at https://github.com/envoyproxy/envoy/pull/4298 */ class AtomicFileUpdater { public: AtomicFileUpdater(const std::string& filename); void update(const std::string& contents); private: const std::string link_; const std::string new_link_; const std::string target1_; const std::string target2_; bool use_target1_; }; } // namespace Envoy ================================================ FILE: test/test_common/file_system_for_test.cc ================================================ #include "common/filesystem/filesystem_impl.h" namespace Envoy { namespace Filesystem { // TODO(sesmith177) Tests should get the Filesystem::Instance from the same location as the main // code Instance& fileSystemForTest() { #ifdef WIN32 static InstanceImplWin32* file_system = new InstanceImplWin32(); #else static InstanceImplPosix* file_system = new InstanceImplPosix(); #endif return *file_system; } } // namespace Filesystem } // namespace Envoy ================================================ FILE: test/test_common/file_system_for_test.h ================================================ #include "envoy/filesystem/filesystem.h" namespace Envoy { namespace Filesystem { Instance& fileSystemForTest(); } // namespace Filesystem } // namespace Envoy ================================================ FILE: test/test_common/global.cc ================================================ #include "test/test_common/global.h" #include "common/common/assert.h" namespace Envoy { namespace Test { Globals& Globals::instance() { static Globals* globals = new Globals; return *globals; } std::string Globals::describeActiveSingletonsHelper() { std::string ret; Thread::ReleasableLockGuard map_lock(map_mutex_); for (auto& p : singleton_map_) { SingletonSharedPtr singleton = p.second.lock(); if (singleton != nullptr) { absl::StrAppend(&ret, "Unexpected active singleton: ", p.first, "\n"); } } return ret; } } // namespace Test } // namespace Envoy ================================================ FILE: test/test_common/global.h ================================================ #pragma once #include "common/common/lock_guard.h" #include "common/common/thread.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Test { /** * Helper class for managing Globals. * * This class is instantiated as a process-scoped singleton. It manages a map * from type-name to weak_ptr. That map accumulates * over a process lifetime and never shrinks. However, the weak_ptr will * generally be cleared after each test, as all shared_ptr references held in * Global instances are destroyed. This way, each unit-test gets a fresh * start. */ class Globals { public: /** * Walks through all global singletons and ensures that none of them are * active. No singletons should be allocated at the end of unit tests, so * this is called at the end of Envoy::TestRunner::RunTests(). * * @return std::string empty string if quiescent, otherwise newline-separated * error messages. */ static std::string describeActiveSingletons() { return instance().describeActiveSingletonsHelper(); } /** * Manages Singleton objects that are cleaned up after all references are * dropped. This class must not be templatized because as a map value where * every singleton in the map represents a different type. Instead we * templatize the ptr() and ref() methods. */ struct Singleton { virtual ~Singleton() = default; virtual void* ptrHelper() PURE; template Type* ptr() { return static_cast(ptrHelper()); } template Type& ref() { return *ptr(); } }; using SingletonSharedPtr = std::shared_ptr; /** * @return Type a singleton instance of Type. T must be default-constructible. */ template static SingletonSharedPtr get() { return instance().getHelper(); } ~Globals() = delete; // Globals is constructed once and never destroyed. private: /** * Templatized derived class of Singleton which holds the Type object and is * responsible for deleting it using the correct destructor. */ template struct TypedSingleton : public Singleton { ~TypedSingleton() override = default; void* ptrHelper() override { return ptr_.get(); } private: std::unique_ptr ptr_{std::make_unique()}; }; Globals() = default; // Construct via Globals::instance(). /** * @return Globals& a singleton for Globals. */ static Globals& instance(); template SingletonSharedPtr getHelper() { Thread::LockGuard map_lock(map_mutex_); std::weak_ptr& weak_singleton_ref = singleton_map_[typeid(Type).name()]; SingletonSharedPtr singleton = weak_singleton_ref.lock(); if (singleton == nullptr) { singleton = std::make_shared>(); weak_singleton_ref = singleton; } return singleton; } std::string describeActiveSingletonsHelper(); Thread::MutexBasicLockable map_mutex_; absl::flat_hash_map> singleton_map_ ABSL_GUARDED_BY(map_mutex_); }; /** * Helps manage classes that need to be instantiated once per server. In * production they must be plumbed through call/class hierarchy, but * in test-code the zero-arg-constructor Mock pattern makes this impractical. * Instead we use self-cleaning singletons. * * Say for example you need a FooImpl plumbed through the system. In production * code you must propagate a FooImpl through constructors to provide access * where needed. For tests, everywhere a common FooImpl is required, * instantiate: * * Global foo; * * You can then access the singleton FooImpl via foo.get(). The underlying * FooImpl is ref-counted, and when the last TestGlobal is freed, the singleton * FooImpl will be destructed and the singleton pointer nulled. * * The templated type must have a zero-arg constructor. Templatizing this on an * int will compile, but will be hard to use as the memory will be uninitialized * and you will not know when instantiating it whether it needs to be * initialized. */ template class Global { public: Global() : singleton_(Globals::get()) {} Type& get() { return singleton_->ref(); } const Type& get() const { return singleton_->ref(); } Type* operator->() { return singleton_->ptr(); } Type& operator*() { return singleton_->ref(); } private: Globals::SingletonSharedPtr singleton_; }; } // namespace Test } // namespace Envoy ================================================ FILE: test/test_common/global_test.cc ================================================ #include #include #include "test/test_common/global.h" #include "gtest/gtest.h" namespace Envoy { namespace Test { class GlobalTest : public testing::Test { protected: }; TEST_F(GlobalTest, SingletonStringAndVector) { { Global s1; Global> v1; EXPECT_EQ("", *s1); *s1 = "foo"; EXPECT_TRUE(v1->empty()); v1->push_back(42); Global s2; Global> v2; EXPECT_EQ("foo", *s2); ASSERT_EQ(1, v2->size()); EXPECT_EQ(42, (*v2)[0]); } // The system is now quiescent, having dropped all references to the globals. EXPECT_EQ("", Globals::describeActiveSingletons()); // After the globals went out of scope, referencing them again we start // from clean objects; Global s3; Global> v3; EXPECT_EQ("", *s3); EXPECT_TRUE(v3->empty()); // With s3 and v3 on the stack, there are active singletons. EXPECT_NE("", Globals::describeActiveSingletons()); } } // namespace Test } // namespace Envoy ================================================ FILE: test/test_common/logging.cc ================================================ #include "test/test_common/logging.h" #include "common/common/assert.h" #include "absl/synchronization/mutex.h" namespace Envoy { LogLevelSetter::LogLevelSetter(spdlog::level::level_enum log_level) { if (Logger::Context::useFancyLogger()) { previous_fancy_levels_ = getFancyContext().getAllFancyLogLevelsForTest(); getFancyContext().setAllFancyLoggers(log_level); } else { for (Logger::Logger& logger : Logger::Registry::loggers()) { previous_levels_.push_back(logger.level()); logger.setLevel(log_level); } } } LogLevelSetter::~LogLevelSetter() { if (Logger::Context::useFancyLogger()) { for (const auto& it : previous_fancy_levels_) { getFancyContext().setFancyLogger(it.first, it.second); } } else { auto prev_level = previous_levels_.begin(); for (Logger::Logger& logger : Logger::Registry::loggers()) { ASSERT(prev_level != previous_levels_.end()); logger.setLevel(*prev_level); ++prev_level; } ASSERT(prev_level == previous_levels_.end()); } } LogRecordingSink::LogRecordingSink(Logger::DelegatingLogSinkSharedPtr log_sink) : Logger::SinkDelegate(log_sink) { setDelegate(); } LogRecordingSink::~LogRecordingSink() { restoreDelegate(); } void LogRecordingSink::log(absl::string_view msg) { previousDelegate()->log(msg); absl::MutexLock ml(&mtx_); messages_.push_back(std::string(msg)); } void LogRecordingSink::flush() { previousDelegate()->flush(); } } // namespace Envoy ================================================ FILE: test/test_common/logging.h ================================================ #pragma once #include #include #include #include "common/common/logger.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "absl/synchronization/mutex.h" #include "spdlog/spdlog.h" namespace Envoy { /** * Provides a mechanism to temporarily set the logging level on * construction, restoring its previous state on destruction. * * The log_level is the minimum log severity required to print messages. * Messages below this loglevel will be suppressed. * * Note that during the scope of this object, command-line overrides, e.g., * --log-level trace, will not take effect. * * Also note: instantiating this setter should only occur when the system is * in a quiescent state, e.g. at startup or between tests. * * This is intended for use in EXPECT_LOG_CONTAINS and similar macros. */ class LogLevelSetter { public: explicit LogLevelSetter(spdlog::level::level_enum log_level); ~LogLevelSetter(); private: std::vector previous_levels_; FancyLogLevelMap previous_fancy_levels_; }; /** * Records log messages in a vector, forwarding them to the previous * delegate. This is useful for unit-testing log messages while still being able * to see them on stderr. * * Also note: instantiating this sink should only occur when the system is * in a quiescent state, e.g. at startup or between tests * * This is intended for use in EXPECT_LOG_CONTAINS and similar macros. */ class LogRecordingSink : public Logger::SinkDelegate { public: explicit LogRecordingSink(Logger::DelegatingLogSinkSharedPtr log_sink); ~LogRecordingSink() override; // Logger::SinkDelegate void log(absl::string_view msg) override; void flush() override; const std::vector& messages() const { return messages_; } private: absl::Mutex mtx_; std::vector messages_ ABSL_GUARDED_BY(mtx_); }; using StringPair = std::pair; using ExpectedLogMessages = std::vector; // Below macros specify Envoy:: before class names so that the macro can be used outside of // namespace Envoy. // Alias for EXPECT_LOG_CONTAINS_ALL_OF_HELPER, with escaped=true #define EXPECT_LOG_CONTAINS_ALL_OF_ESCAPED(expected_messages, stmt) \ EXPECT_LOG_CONTAINS_ALL_OF_HELPER(expected_messages, stmt, true) // Alias for EXPECT_LOG_CONTAINS_ALL_OF_HELPER, with escaped=false #define EXPECT_LOG_CONTAINS_ALL_OF(expected_messages, stmt) \ EXPECT_LOG_CONTAINS_ALL_OF_HELPER(expected_messages, stmt, false) // Validates that when stmt is executed, log messages containing substr and loglevel will be // emitted. Escaped=true sets the behavior to function like the --log-format-escaped CLI flag. // Failure message e.g., // // Logs: // [2018-04-12 05:51:00.245][7290192][debug][upstream] grpc_mux_impl.cc:160] Received gRPC // [2018-04-12 05:51:00.246][7290192][warning][upstream] grpc_mux_impl.cc:63] Called bar // [2018-04-12 05:51:00.246][7290192][trace][upstream] grpc_mux_impl.cc:80] Sending foo // Does NOT contain: // 'warning', 'Too many sendDiscoveryRequest calls for baz’ // 'warning', 'Too man sendDiscoveryRequest calls for foo' #define EXPECT_LOG_CONTAINS_ALL_OF_HELPER(expected_messages, stmt, escaped) \ do { \ ASSERT_FALSE(expected_messages.empty()) << "Expected messages cannot be empty."; \ Envoy::LogLevelSetter save_levels(spdlog::level::trace); \ Envoy::Logger::DelegatingLogSinkSharedPtr sink_ptr = Envoy::Logger::Registry::getSink(); \ sink_ptr->setShouldEscape(escaped); \ Envoy::LogRecordingSink log_recorder(sink_ptr); \ stmt; \ if (log_recorder.messages().empty()) { \ FAIL() << "Expected message(s), but NONE was recorded."; \ } \ Envoy::ExpectedLogMessages failed_expectations; \ for (const Envoy::StringPair& expected : expected_messages) { \ const auto log_message = \ std::find_if(log_recorder.messages().begin(), log_recorder.messages().end(), \ [&expected](const std::string& message) { \ return (message.find(expected.second) != std::string::npos) && \ (message.find(expected.first) != std::string::npos); \ }); \ if (log_message == log_recorder.messages().end()) { \ failed_expectations.push_back(expected); \ } \ } \ if (!failed_expectations.empty()) { \ std::string failed_message; \ absl::StrAppend(&failed_message, "\nLogs:\n ", absl::StrJoin(log_recorder.messages(), " "), \ "\n Do NOT contain:\n"); \ for (const auto& expectation : failed_expectations) { \ absl::StrAppend(&failed_message, " '", expectation.first, "', '", expectation.second, \ "'\n"); \ } \ FAIL() << failed_message; \ } \ } while (false) // Validates that when stmt is executed, log message containing substr and loglevel will NOT be // emitted. Failure message e.g., // // Logs: // [2018-04-12 05:51:00.245][7290192][warning][upstream] grpc_mux_impl.cc:160] Received gRPC // [2018-04-12 05:51:00.246][7290192][trace][upstream] grpc_mux_impl.cc:63] Called bar // Should NOT contain: // 'warning', 'Received gRPC’ #define EXPECT_LOG_NOT_CONTAINS(loglevel, substr, stmt) \ do { \ Envoy::LogLevelSetter save_levels(spdlog::level::trace); \ Envoy::LogRecordingSink log_recorder(Envoy::Logger::Registry::getSink()); \ stmt; \ for (const std::string& message : log_recorder.messages()) { \ if ((message.find(substr) != std::string::npos) && \ (message.find(loglevel) != std::string::npos)) { \ FAIL() << "\nLogs:\n " << absl::StrJoin(log_recorder.messages(), " ") \ << "\n Should NOT contain:\n '" << loglevel << "', '" << substr "'\n"; \ } \ } \ } while (false) // Validates that when stmt is executed, the supplied substring matches at least one log message. // Failure message e.g., // // Logs: // [2018-04-12 05:51:00.245][7290192][debug][upstream] grpc_mux_impl.cc:160] Received gRPC // [2018-04-12 05:51:00.246][7290192][trace][upstream] grpc_mux_impl.cc:80] Sending foo // Do NOT contain: // 'warning', 'Too many sendDiscoveryRequest calls for baz’ #define EXPECT_LOG_CONTAINS(loglevel, substr, stmt) \ do { \ const Envoy::ExpectedLogMessages message{{loglevel, substr}}; \ EXPECT_LOG_CONTAINS_ALL_OF(message, stmt); \ } while (false) // Validates that when stmt is executed, no logs will be emitted. // Expected equality of these values: // 0 // logs.size() // Which is: 3 // Logs: // [2018-04-12 05:51:00.245][7290192][debug][upstream] grpc_mux_impl.cc:160] Received gRPC // [2018-04-12 05:51:00.246][7290192][trace][upstream] grpc_mux_impl.cc:80] Sending foo #define EXPECT_NO_LOGS(stmt) \ do { \ Envoy::LogLevelSetter save_levels(spdlog::level::trace); \ Envoy::LogRecordingSink log_recorder(Envoy::Logger::Registry::getSink()); \ stmt; \ const std::vector& logs = log_recorder.messages(); \ ASSERT_EQ(0, logs.size()) << " Logs:\n " << absl::StrJoin(logs, " "); \ } while (false) } // namespace Envoy ================================================ FILE: test/test_common/network_utility.cc ================================================ #include "test/test_common/network_utility.h" #include #include #include "envoy/common/platform.h" #include "common/common/assert.h" #include "common/common/fmt.h" #include "common/network/address_impl.h" #include "common/network/listen_socket_impl.h" #include "common/network/raw_buffer_socket.h" #include "common/network/socket_interface.h" #include "common/network/socket_option_factory.h" #include "common/network/utility.h" #include "common/runtime/runtime_impl.h" #include "test/test_common/utility.h" namespace Envoy { namespace Network { namespace Test { Address::InstanceConstSharedPtr findOrCheckFreePort(Address::InstanceConstSharedPtr addr_port, Socket::Type type) { if (addr_port == nullptr || addr_port->type() != Address::Type::Ip) { ADD_FAILURE() << "Not an internet address: " << (addr_port == nullptr ? "nullptr" : addr_port->asString()); return nullptr; } SocketImpl sock(type, addr_port); // Not setting REUSEADDR, therefore if the address has been recently used we won't reuse it here. // However, because we're going to use the address while checking if it is available, we'll need // to set REUSEADDR on listener sockets created by tests using an address validated by this means. Api::SysCallIntResult result = sock.bind(addr_port); const char* failing_fn = nullptr; if (result.rc_ != 0) { failing_fn = "bind"; } else if (type == Socket::Type::Stream) { // Try listening on the port also, if the type is TCP. result = sock.listen(1); if (result.rc_ != 0) { failing_fn = "listen"; } } if (failing_fn != nullptr) { if (result.errno_ == SOCKET_ERROR_ADDR_IN_USE) { // The port is already in use. Perfectly normal. return nullptr; } else if (result.errno_ == SOCKET_ERROR_ACCESS) { // A privileged port, and we don't have privileges. Might want to log this. return nullptr; } // Unexpected failure. ADD_FAILURE() << failing_fn << " failed for '" << addr_port->asString() << "' with error: " << errorDetails(result.errno_) << " (" << result.errno_ << ")"; return nullptr; } return sock.localAddress(); } Address::InstanceConstSharedPtr findOrCheckFreePort(const std::string& addr_port, Socket::Type type) { auto instance = Utility::parseInternetAddressAndPort(addr_port); if (instance != nullptr) { instance = findOrCheckFreePort(instance, type); } else { ADD_FAILURE() << "Unable to parse as an address and port: " << addr_port; } return instance; } std::string getLoopbackAddressUrlString(const Address::IpVersion version) { if (version == Address::IpVersion::v6) { return std::string("[::1]"); } return std::string("127.0.0.1"); } std::string getLoopbackAddressString(const Address::IpVersion version) { if (version == Address::IpVersion::v6) { return std::string("::1"); } return std::string("127.0.0.1"); } std::string getAnyAddressUrlString(const Address::IpVersion version) { if (version == Address::IpVersion::v6) { return std::string("[::]"); } return std::string("0.0.0.0"); } std::string getAnyAddressString(const Address::IpVersion version) { if (version == Address::IpVersion::v6) { return std::string("::"); } return std::string("0.0.0.0"); } std::string addressVersionAsString(const Address::IpVersion version) { if (version == Address::IpVersion::v4) { return std::string("v4"); } return std::string("v6"); } Address::InstanceConstSharedPtr getCanonicalLoopbackAddress(Address::IpVersion version) { if (version == Address::IpVersion::v4) { return Network::Utility::getCanonicalIpv4LoopbackAddress(); } return Network::Utility::getIpv6LoopbackAddress(); } namespace { // There is no portable way to initialize sockaddr_in6 with a static initializer, do it with a // helper function instead. sockaddr_in6 sockaddrIn6Any() { sockaddr_in6 v6any = {}; v6any.sin6_family = AF_INET6; v6any.sin6_addr = in6addr_any; return v6any; } } // namespace Address::InstanceConstSharedPtr getAnyAddress(const Address::IpVersion version, bool v4_compat) { if (version == Address::IpVersion::v4) { return Network::Utility::getIpv4AnyAddress(); } if (v4_compat) { // This will return an IPv6 ANY address ("[::]:0") like the getIpv6AnyAddress() below, but // with the internal 'v6only' member set to false. This will allow a socket created from this // address to accept IPv4 connections. IPv4 connections received on IPv6 sockets will have // Ipv4-mapped IPv6 addresses, which we will then internally interpret as IPv4 addresses so // that, for example, access logging will show IPv4 address format for IPv4 connections even // if they were received on an IPv6 socket. static Address::InstanceConstSharedPtr any(new Address::Ipv6Instance(sockaddrIn6Any(), false)); return any; } return Network::Utility::getIpv6AnyAddress(); } bool supportsIpVersion(const Address::IpVersion version) { return Network::SocketInterfaceSingleton::get().ipFamilySupported( version == Address::IpVersion::v4 ? AF_INET : AF_INET6); } std::string ipVersionToDnsFamily(Network::Address::IpVersion version) { switch (version) { case Network::Address::IpVersion::v4: return "V4_ONLY"; case Network::Address::IpVersion::v6: return "V6_ONLY"; } // This seems to be needed on the coverage build for some reason. NOT_REACHED_GCOVR_EXCL_LINE; } std::pair bindFreeLoopbackPort(Address::IpVersion version, Socket::Type type, bool reuse_port) { Address::InstanceConstSharedPtr addr = getCanonicalLoopbackAddress(version); SocketPtr sock = std::make_unique(type, addr); if (reuse_port) { sock->addOptions(SocketOptionFactory::buildReusePortOptions()); Socket::applyOptions(sock->options(), *sock, envoy::config::core::v3::SocketOption::STATE_PREBIND); } Api::SysCallIntResult result = sock->bind(addr); if (0 != result.rc_) { sock->close(); std::string msg = fmt::format("bind failed for address {} with error: {} ({})", addr->asString(), errorDetails(result.errno_), result.errno_); ADD_FAILURE() << msg; throw EnvoyException(msg); } return std::make_pair(sock->localAddress(), std::move(sock)); } TransportSocketPtr createRawBufferSocket() { return std::make_unique(); } TransportSocketFactoryPtr createRawBufferSocketFactory() { return std::make_unique(); } const Network::FilterChainSharedPtr createEmptyFilterChain(TransportSocketFactoryPtr&& transport_socket_factory) { return std::make_shared(std::move(transport_socket_factory)); } const Network::FilterChainSharedPtr createEmptyFilterChainWithRawBufferSockets() { return createEmptyFilterChain(createRawBufferSocketFactory()); } namespace { struct SyncPacketProcessor : public Network::UdpPacketProcessor { SyncPacketProcessor(std::list& data) : data_(data) {} void processPacket(Network::Address::InstanceConstSharedPtr local_address, Network::Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, MonotonicTime receive_time) override { Network::UdpRecvData datagram{ {std::move(local_address), std::move(peer_address)}, std::move(buffer), receive_time}; data_.push_back(std::move(datagram)); } uint64_t maxPacketSize() const override { return Network::MAX_UDP_PACKET_SIZE; } std::list& data_; }; } // namespace Api::IoCallUint64Result readFromSocket(IoHandle& handle, const Address::Instance& local_address, std::list& data) { SyncPacketProcessor processor(data); return Network::Utility::readFromSocket(handle, local_address, processor, MonotonicTime(std::chrono::seconds(0)), nullptr); } UdpSyncPeer::UdpSyncPeer(Network::Address::IpVersion version) : socket_( std::make_unique(getCanonicalLoopbackAddress(version), nullptr, true)) { RELEASE_ASSERT(socket_->setBlockingForTest(true).rc_ != -1, ""); } void UdpSyncPeer::write(const std::string& buffer, const Network::Address::Instance& peer) { const auto rc = Network::Utility::writeToSocket(socket_->ioHandle(), Buffer::OwnedImpl(buffer), nullptr, peer); ASSERT_EQ(rc.rc_, buffer.length()); } void UdpSyncPeer::recv(Network::UdpRecvData& datagram) { if (received_datagrams_.empty()) { const auto rc = Network::Test::readFromSocket(socket_->ioHandle(), *socket_->localAddress(), received_datagrams_); ASSERT_TRUE(rc.ok()); } datagram = std::move(received_datagrams_.front()); received_datagrams_.pop_front(); } } // namespace Test } // namespace Network } // namespace Envoy ================================================ FILE: test/test_common/network_utility.h ================================================ #pragma once #include #include #include "envoy/network/address.h" #include "envoy/network/filter.h" #include "envoy/network/io_handle.h" #include "envoy/network/transport_socket.h" namespace Envoy { namespace Network { namespace Test { /** * Determines if the passed in address and port is available for binding. If the port is zero, * the OS should pick an unused port for the supplied address (e.g. for the loopback address). * NOTE: this is racy, as it does not provide a means to keep the port reserved for the * caller's use. * @param addr_port a valid host address (e.g. an address of one of the network interfaces * of this host, or the any address or the loopback address) and port (zero to indicate * that the OS should pick an unused address. * @param type the type of socket to be tested. * @returns the address and port (selected if zero was the passed in port) that can be used for * listening, else nullptr if the address and port are not free. */ Address::InstanceConstSharedPtr findOrCheckFreePort(Address::InstanceConstSharedPtr addr_port, Socket::Type type); /** * As above, but addr_port is specified as a string. For example: * - 127.0.0.1:32000 Check whether a specific port on the IPv4 loopback address is free. * - [::1]:0 Pick a free port on the IPv6 loopback address. * - 0.0.0.0:0 Pick a free port on all local addresses of all local interfaces. * - [::]:45678 Check whether a specific port on all local IPv6 addresses is free. */ Address::InstanceConstSharedPtr findOrCheckFreePort(const std::string& addr_port, Socket::Type type); /** * Get a URL ready IP loopback address as a string. * @param version IP address version of loopback address. * @return std::string URL ready loopback address as a string. */ std::string getLoopbackAddressUrlString(const Address::IpVersion version); /** * Get a IP loopback address as a string. There are no square brackets around IPv6 addresses, this * is what inet_ntop() gives. * @param version IP address version of loopback address. * @return std::string loopback address as a string. */ std::string getLoopbackAddressString(const Address::IpVersion version); /** * Get a URL ready IP any address as a string. * @param version IP address version of any address. * @return std::string URL ready any address as a string. */ std::string getAnyAddressUrlString(const Address::IpVersion version); /** * Get an IP any address as a string. * @param version IP address version of any address. * @return std::string any address as a string. */ std::string getAnyAddressString(const Address::IpVersion version); /** * Return a string version of enum IpVersion version. * @param version IP address version. * @return std::string string version of IpVersion. */ std::string addressVersionAsString(const Address::IpVersion version); /** * Returns a loopback address for the specified IP version (127.0.0.1 for IPv4 and ::1 for IPv6). * @param version the IP version of the loopback address. * @returns a loopback address for the specified IP version. */ Address::InstanceConstSharedPtr getCanonicalLoopbackAddress(const Address::IpVersion version); /** * Returns the any address for the specified IP version. * @param version the IP version of the any address. * @param v4_compat determines whether a v4-mapped addresses bound to a socket listening on the * returned ANY address are to be treated as IPv4 or IPv6 addresses. Defaults to 'false', * has no effect with IPv4 ANY address. * @returns the any address for the specified IP version. */ Address::InstanceConstSharedPtr getAnyAddress(const Address::IpVersion version, bool v4_compat = false); /** * This function tries to create a socket of type IpVersion version and bind to it. If * successful this function returns true. If either socket creation or socket * bind fail, this function returns false. * @param version the IP version to test. * @return bool whether IpVersion addresses are "supported". */ bool supportsIpVersion(const Address::IpVersion version); /** * Returns the DNS family for the specified IP version. * @param version the IP version of the DNS lookup family. */ std::string ipVersionToDnsFamily(Network::Address::IpVersion version); /** * Bind a socket to a free port on a loopback address, and return the socket's fd and bound address. * Enables a test server to reliably "select" a port to listen on. * @param version the IP version of the loopback address. * @param type the type of socket to be bound. * @param reuse_port specifies whether the socket option SO_REUSEADDR has been set on the socket. * @returns the address and the fd of the socket bound to that address. */ std::pair bindFreeLoopbackPort(Address::IpVersion version, Socket::Type type, bool reuse_port = false); /** * Create a transport socket for testing purposes. * @return TransportSocketPtr the transport socket factory to use with a connection. */ TransportSocketPtr createRawBufferSocket(); /** * Create a transport socket factory for testing purposes. * @return TransportSocketFactoryPtr the transport socket factory to use with a cluster or a * listener. */ TransportSocketFactoryPtr createRawBufferSocketFactory(); /** * Implementation of Network::FilterChain with empty filter chain, but pluggable transport socket * factory. */ class EmptyFilterChain : public FilterChain { public: EmptyFilterChain(TransportSocketFactoryPtr&& transport_socket_factory) : transport_socket_factory_(std::move(transport_socket_factory)) {} // Network::FilterChain const TransportSocketFactory& transportSocketFactory() const override { return *transport_socket_factory_; } const std::vector& networkFilterFactories() const override { return empty_network_filter_factory_; } private: const TransportSocketFactoryPtr transport_socket_factory_; const std::vector empty_network_filter_factory_{}; }; /** * Create an empty filter chain for testing purposes. * @param transport_socket_factory transport socket factory to use when creating transport sockets. * @return const FilterChainSharedPtr filter chain. */ const FilterChainSharedPtr createEmptyFilterChain(TransportSocketFactoryPtr&& transport_socket_factory); /** * Create an empty filter chain creating raw buffer sockets for testing purposes. * @return const FilterChainSharedPtr filter chain. */ const FilterChainSharedPtr createEmptyFilterChainWithRawBufferSockets(); /** * Wrapper for Utility::readFromSocket() which reads a single datagram into the supplied * UdpRecvData without worrying about the packet processor interface. The function will * instantiate the buffer returned in data. */ Api::IoCallUint64Result readFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpRecvData& data); /** * A synchronous UDP peer that can be used for testing. */ class UdpSyncPeer { public: UdpSyncPeer(Network::Address::IpVersion version); // Writer a datagram to a remote peer. void write(const std::string& buffer, const Network::Address::Instance& peer); // Receive a datagram. void recv(Network::UdpRecvData& datagram); // Return the local peer's socket address. const Network::Address::InstanceConstSharedPtr& localAddress() { return socket_->localAddress(); } private: const Network::SocketPtr socket_; std::list received_datagrams_; }; } // namespace Test } // namespace Network } // namespace Envoy ================================================ FILE: test/test_common/network_utility_test.cc ================================================ #include #include "common/api/os_sys_calls_impl.h" #include "test/test_common/environment.h" #include "test/test_common/network_utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Network { namespace Test { class NetworkUtilityTest : public testing::TestWithParam { protected: NetworkUtilityTest() : version_(GetParam()) {} const Address::IpVersion version_; }; INSTANTIATE_TEST_SUITE_P(IpVersions, NetworkUtilityTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest())); // This validates Network::Test::bindFreeLoopbackPort behaves as desired, i.e. that we don't have // a significant risk of flakes due to re-use of a port over short time intervals. We can't drive // this too long else we'll eventually run out of ephemeral ports. // // Tested: IPv4 with --gtest_repeats=1000 and kLimit=1000 on Ubuntu with docker. // Result: Zero failures, presumably because of the randomization of the address. // // Tested: IPv6 --gtest_repeats=1000 and kLimit=50 on Ubuntu with docker. // Result: In about 5% of runs, two of the 50 allocated ports were the same, though not // more than that. // The test is DISABLED as we don't want the occasional expected collisions to cause problems. TEST_P(NetworkUtilityTest, DISABLED_ValidateBindFreeLoopbackPort) { std::map seen; const size_t kLimit = 50; for (size_t n = 0; n < kLimit; ++n) { auto addr_fd = Network::Test::bindFreeLoopbackPort(version_, Socket::Type::Stream); addr_fd.second->close(); auto addr = addr_fd.first->asString(); auto search = seen.find(addr); if (search != seen.end()) { ADD_FAILURE() << "Saw duplicate binds for address " << addr << " at steps " << n << " and " << search->second; } seen[addr] = n; } } } // namespace Test } // namespace Network } // namespace Envoy ================================================ FILE: test/test_common/only_one_thread.cc ================================================ #include "test/test_common/only_one_thread.h" #include "envoy/thread/thread.h" #include "common/common/lock_guard.h" #include "test/test_common/thread_factory_for_test.h" namespace Envoy { namespace Thread { OnlyOneThread::OnlyOneThread() : thread_factory_(threadFactoryForTest()) {} void OnlyOneThread::checkOneThread() { LockGuard lock(mutex_); if (thread_advancing_time_.isEmpty()) { thread_advancing_time_ = thread_factory_.currentThreadId(); } else { RELEASE_ASSERT(thread_advancing_time_ == thread_factory_.currentThreadId(), "time should only be advanced on one thread in the context of a test"); } } } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/only_one_thread.h ================================================ #pragma once #include "common/common/assert.h" #include "common/common/thread.h" namespace Envoy { namespace Thread { // Ensures that an operation is performed on only one thread. The first caller // to OnlyOneThread::checkOneThread establishes the thread ID, and subsequent // ones will assert-fail if they do not match. class OnlyOneThread { public: OnlyOneThread(); /** * Ensures that one thread is used in a testcase to access some resource. */ void checkOneThread(); private: ThreadFactory& thread_factory_; ThreadId thread_advancing_time_ ABSL_GUARDED_BY(mutex_); mutable MutexBasicLockable mutex_; }; } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/printers.cc ================================================ #include "printers.h" #include "test/test_common/printers.h" #include #include "common/buffer/buffer_impl.h" #include "common/http/header_map_impl.h" namespace Envoy { namespace Http { // NOLINTNEXTLINE(readability-identifier-naming) void PrintTo(const HeaderMapImpl& headers, std::ostream* os) { headers.iterate([os](const HeaderEntry& header) -> HeaderMap::Iterate { *os << "{'" << header.key().getStringView() << "','" << header.value().getStringView() << "'}"; return HeaderMap::Iterate::Continue; }); } void PrintTo(const HeaderMapPtr& headers, std::ostream* os) { PrintTo(*dynamic_cast(headers.get()), os); } void PrintTo(const HeaderMap& headers, std::ostream* os) { PrintTo(*dynamic_cast(&headers), os); } } // namespace Http namespace Buffer { void PrintTo(const Instance& buffer, std::ostream* os) { *os << "buffer with size=" << buffer.length(); } void PrintTo(const Buffer::OwnedImpl& buffer, std::ostream* os) { PrintTo(dynamic_cast(buffer), os); } } // namespace Buffer namespace Network { namespace Address { void PrintTo(const Instance& address, std::ostream* os) { *os << address.asString(); } } // namespace Address } // namespace Network } // namespace Envoy ================================================ FILE: test/test_common/printers.h ================================================ #pragma once #include #include #include "envoy/network/address.h" namespace Envoy { namespace Http { /** * Pretty print const HeaderMapImpl& */ class HeaderMapImpl; void PrintTo(const HeaderMapImpl& headers, std::ostream* os); /** * Pretty print const HeaderMapPtr& */ class HeaderMap; using HeaderMapPtr = std::unique_ptr; void PrintTo(const HeaderMap& headers, std::ostream* os); void PrintTo(const HeaderMapPtr& headers, std::ostream* os); } // namespace Http namespace Buffer { /** * Pretty print const Instance& */ class Instance; void PrintTo(const Instance& buffer, std::ostream* os); /** * Pretty print const Buffer::OwnedImpl& */ class OwnedImpl; void PrintTo(const OwnedImpl& buffer, std::ostream* os); } // namespace Buffer namespace Network { namespace Address { void PrintTo(const Instance& address, std::ostream* os); } } // namespace Network } // namespace Envoy ================================================ FILE: test/test_common/registry.h ================================================ #pragma once #include "envoy/registry/registry.h" #include "gtest/gtest.h" namespace Envoy { namespace Registry { /** * Factory registration template for tests. This can be used to inject a mock or dummy version * of a factory for testing purposes. It will restore the original value, if any, when it goes * out of scope. */ template class InjectFactory { public: InjectFactory(Base& instance) : InjectFactory(instance, {}) {} InjectFactory(Base& instance, std::initializer_list deprecated_names) : instance_(instance) { EXPECT_STRNE(instance.category().c_str(), ""); original_ = Registry::FactoryRegistry::getFactory(instance_.name()); restore_factories_ = Registry::FactoryRegistry::replaceFactoryForTest(instance_, deprecated_names); } ~InjectFactory() { restore_factories_(); auto* restored = Registry::FactoryRegistry::getFactory(instance_.name()); ASSERT(restored == original_); } // Rebuilds the registry's factory-by-type mapping from scratch. In most cases, this is handled // by the replaceFactoryForTest calls in the constructor and destructor. This method is only // necessary if the disabled state of the factory is modified. void resetTypeMappings() { Registry::FactoryRegistry::rebuildFactoriesByTypeForTest(); } private: Base& instance_; Base* original_{}; std::function restore_factories_; }; /** * Registers a factory category for tests. Most tests do not need this functionality. It's only * useful for testing the registration infrastructure. */ template class InjectFactoryCategory { public: InjectFactoryCategory(Base& instance) : proxy_(std::make_unique>()), instance_(instance) { // Register a new category. FactoryCategoryRegistry::registerCategory(instance_.category(), proxy_.get()); } ~InjectFactoryCategory() { FactoryCategoryRegistry::deregisterCategoryForTest(instance_.category()); } private: std::unique_ptr> proxy_; Base& instance_; }; } // namespace Registry } // namespace Envoy ================================================ FILE: test/test_common/resources.h ================================================ #pragma once #include #include "common/singleton/const_singleton.h" namespace Envoy { namespace Config { /** * Constant Type URLs. */ class TypeUrlValues { public: const std::string Listener{"type.googleapis.com/envoy.api.v2.Listener"}; const std::string Cluster{"type.googleapis.com/envoy.api.v2.Cluster"}; const std::string ClusterLoadAssignment{"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"}; const std::string Secret{"type.googleapis.com/envoy.api.v2.auth.Secret"}; const std::string RouteConfiguration{"type.googleapis.com/envoy.api.v2.RouteConfiguration"}; const std::string VirtualHost{"type.googleapis.com/envoy.api.v2.route.VirtualHost"}; const std::string ScopedRouteConfiguration{ "type.googleapis.com/envoy.api.v2.ScopedRouteConfiguration"}; const std::string Runtime{"type.googleapis.com/envoy.service.discovery.v2.Runtime"}; }; using TypeUrl = ConstSingleton; } // namespace Config } // namespace Envoy ================================================ FILE: test/test_common/simulated_time_system.cc ================================================ #include "test/test_common/simulated_time_system.h" #include #include "envoy/event/dispatcher.h" #include "common/common/assert.h" #include "common/common/lock_guard.h" #include "common/event/real_time_system.h" #include "common/event/timer_impl.h" #include "common/runtime/runtime_features.h" namespace Envoy { namespace Event { namespace { class UnlockGuard { public: /** * Establishes a scoped mutex-lock; the mutex is unlocked upon construction. * The main motivation for setting up a class to manage this, rather than * simply { mutex.unlock(); operation(); mutex.lock(); } is that in method * Alarm::activateLockHeld(), the mutex is owned by the time-system, which * lives long enough. However the Alarm may be destructed while the lock is * dropped, so there can be a tsan error when re-taking time_system_.mutex_. * * It's also easy to make a temp mutex reference, however this confuses * clang's thread-annotation analysis, whereas this unlock-guard seems to work * with thread annotation. * * Another reason to use this Guard class is so that the mutex is re-taken * even if there is an exception thrown while the lock is dropped. That is * not likely to happen at this call-site as the functions being called don't * throw. * * @param lock the mutex. */ explicit UnlockGuard(absl::Mutex& lock) : lock_(lock) { lock_.Unlock(); } /** * Destruction of the UnlockGuard re-locks the lock. */ ~UnlockGuard() { lock_.Lock(); } private: absl::Mutex& lock_; }; } // namespace // Each timer is maintained and ordered by a common TimeSystem, but is // associated with a scheduler. The scheduler creates the timers with a libevent // context, so that the timer callbacks can be executed via Dispatcher::run() in // the expected thread. class SimulatedTimeSystemHelper::SimulatedScheduler : public Scheduler { public: SimulatedScheduler(SimulatedTimeSystemHelper& time_system, CallbackScheduler& cb_scheduler) : time_system_(time_system), cb_scheduler_(cb_scheduler), thread_factory_(Thread::threadFactoryForTest()), run_alarms_cb_(cb_scheduler.createSchedulableCallback([this] { runReadyAlarms(); })), monotonic_time_(time_system_.monotonicTime()), system_time_(time_system_.systemTime()) { time_system_.registerScheduler(this); } ~SimulatedScheduler() override { time_system_.unregisterScheduler(this); } // From Scheduler. TimerPtr createTimer(const TimerCb& cb, Dispatcher& /*dispatcher*/) override; // Implementation of SimulatedTimeSystemHelper::Alarm methods. bool isEnabled(Alarm& alarm) ABSL_LOCKS_EXCLUDED(mutex_); void enableAlarm(Alarm& alarm, const std::chrono::microseconds duration) ABSL_LOCKS_EXCLUDED(mutex_); void disableAlarm(Alarm& alarm) ABSL_LOCKS_EXCLUDED(mutex_) { absl::MutexLock lock(&mutex_); disableAlarmLockHeld(alarm); // Wait until alarm processing for the current thread completes when disabling from outside the // event loop thread. This helps avoid data races when deleting Alarm objects from outside the // event loop thread. if (running_cbs_ && !thread_advancing_time_.isEmpty() && thread_advancing_time_ != thread_factory_.currentThreadId()) { waitForNoRunningCallbacksLockHeld(); } } // Called by SimulatedTimeSystemHelper::setMonotonicTime to update the time associated with each // of the simulated schedulers and associated alarms. void updateTime(MonotonicTime monotonic_time, SystemTime system_time) ABSL_LOCKS_EXCLUDED(mutex_) { bool inc_pending = false; { absl::MutexLock lock(&mutex_); // Wait until the event loop associated with this scheduler is not executing callbacks so time // does not change in the middle of a callback. waitForNoRunningCallbacksLockHeld(); monotonic_time_ = monotonic_time; system_time_ = system_time; if (!pending_dec_ && (!registered_alarms_.empty() || !triggered_alarms_.empty())) { // Selectively increment the pending updates counter only on dispatchers that have active // alarms to allow advanceTimeWait to work but avoid getting stuck if some of the event // loops associated with some of the registered simulated schedulers is not currently // active. inc_pending = true; pending_dec_ = true; } } if (inc_pending) { time_system_.incPending(); } if (!run_alarms_cb_->enabled()) { if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.activate_timers_next_event_loop")) { run_alarms_cb_->scheduleCallbackNextIteration(); } else { run_alarms_cb_->scheduleCallbackCurrentIteration(); } } } private: void waitForNoRunningCallbacksLockHeld() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_) { mutex_.Await(absl::Condition( +[](bool* running_cbs) -> bool { return !*running_cbs; }, &running_cbs_)); } void disableAlarmLockHeld(Alarm& alarm) ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); // Collect expired alarms and execute associated callbacks. void runReadyAlarms() ABSL_LOCKS_EXCLUDED(mutex_); struct AlarmRegistration { AlarmRegistration(MonotonicTime time, uint64_t randomness, Alarm& alarm) : time_(time), randomness_(randomness), alarm_(alarm) {} MonotonicTime time_; // Random tie-breaker for alarms scheduled for the same monotonic time used to mimic // non-deterministic execution of real alarms scheduled for the same wall time. uint64_t randomness_; Alarm& alarm_; friend bool operator<(const AlarmRegistration& lhs, const AlarmRegistration& rhs) { if (lhs.time_ != rhs.time_) { return lhs.time_ < rhs.time_; } if (lhs.randomness_ != rhs.randomness_) { return lhs.randomness_ < rhs.randomness_; } // Out of paranoia, use pointer comparison on the alarms as a final tie-breaker but also // ASSERT that this branch isn't hit in debug modes since in practice the randomness_ // associated with two registrations should never be equal. ASSERT(false, "Alarm registration randomness_ for two alarms should never be equal."); return &lhs.alarm_ < &rhs.alarm_; } }; class AlarmSet { public: bool empty() const { return sorted_alarms_.empty(); } const AlarmRegistration& next() const { ASSERT(!empty()); return *sorted_alarms_.begin(); } void add(AlarmRegistration registration) { auto insert_result = sorted_alarms_.insert(registration); ASSERT(insert_result.second); alarm_registrations_map_.emplace(®istration.alarm_, insert_result.first); // Sanity check that the parallel data structures used for alarm registration have the same // number of entries. ASSERT(sorted_alarms_.size() == alarm_registrations_map_.size()); } bool remove(Alarm& alarm) { auto it = alarm_registrations_map_.find(&alarm); if (it == alarm_registrations_map_.end()) { return false; } sorted_alarms_.erase(it->second); alarm_registrations_map_.erase(it); // Sanity check that the parallel data structures used for alarm registration have the same // number of entries. ASSERT(sorted_alarms_.size() == alarm_registrations_map_.size()); return true; } bool contains(Alarm& alarm) const { return alarm_registrations_map_.find(&alarm) != alarm_registrations_map_.end(); } private: std::set sorted_alarms_; absl::flat_hash_map::const_iterator> alarm_registrations_map_; }; SimulatedTimeSystemHelper& time_system_; CallbackScheduler& cb_scheduler_; Thread::ThreadFactory& thread_factory_; SchedulableCallbackPtr run_alarms_cb_; absl::Mutex mutex_; bool running_cbs_ ABSL_GUARDED_BY(mutex_) = false; AlarmSet registered_alarms_ ABSL_GUARDED_BY(mutex_); AlarmSet triggered_alarms_ ABSL_GUARDED_BY(mutex_); MonotonicTime monotonic_time_ ABSL_GUARDED_BY(mutex_); SystemTime system_time_ ABSL_GUARDED_BY(mutex_); // Id of the thread where the event loop is running. Thread::ThreadId thread_advancing_time_ ABSL_GUARDED_BY(mutex_); // True if the SimulatedTimeSystemHelper is waiting for the scheduler to process expired alarms // and call decPending after an update to monotonic time. bool pending_dec_ ABSL_GUARDED_BY(mutex_) = false; // Used to randomize the ordering of alarms scheduled for the same time when the runtime feature // envoy.reloadable_features.activate_timers_next_event_loop is enabled. This mimics the trigger // order of real timers scheduled for the same absolute time is non-deterministic. // Each simulated scheduler has it's own TestRandomGenerator with the same seed to improve test // failure reproducibility when running against a specific seed by minimizing cross scheduler // interactions. TestRandomGenerator random_source_ ABSL_GUARDED_BY(mutex_); uint64_t legacy_next_idx_ ABSL_GUARDED_BY(mutex_) = 0; }; // Our simulated alarm inherits from TimerImpl so that the same dispatching // mechanism used in RealTimeSystem timers is employed for simulated alarms. class SimulatedTimeSystemHelper::Alarm : public Timer { public: Alarm(SimulatedScheduler& simulated_scheduler, SimulatedTimeSystemHelper& time_system, CallbackScheduler& /*cb_scheduler*/, TimerCb cb) : cb_(cb), simulated_scheduler_(simulated_scheduler), time_system_(time_system) {} ~Alarm() override; // Timer void disableTimer() override; void enableTimer(const std::chrono::milliseconds duration, const ScopeTrackedObject* scope) override { enableHRTimer(duration, scope); }; void enableHRTimer(const std::chrono::microseconds duration, const ScopeTrackedObject* scope) override; bool enabled() override { return simulated_scheduler_.isEnabled(*this); } SimulatedTimeSystemHelper& timeSystem() { return time_system_; } void runAlarm() { cb_(); } private: TimerCb cb_; SimulatedScheduler& simulated_scheduler_; SimulatedTimeSystemHelper& time_system_; }; TimerPtr SimulatedTimeSystemHelper::SimulatedScheduler::createTimer(const TimerCb& cb, Dispatcher& /*dispatcher*/) { return std::make_unique(*this, time_system_, cb_scheduler_, cb); } bool SimulatedTimeSystemHelper::SimulatedScheduler::isEnabled(Alarm& alarm) { absl::MutexLock lock(&mutex_); return registered_alarms_.contains(alarm) || triggered_alarms_.contains(alarm); } void SimulatedTimeSystemHelper::SimulatedScheduler::enableAlarm( Alarm& alarm, const std::chrono::microseconds duration) { { absl::MutexLock lock(&mutex_); if (duration.count() == 0 && triggered_alarms_.contains(alarm)) { return; } else if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.activate_timers_next_event_loop")) { disableAlarmLockHeld(alarm); registered_alarms_.add({monotonic_time_ + duration, random_source_.random(), alarm}); } else { disableAlarmLockHeld(alarm); AlarmSet& alarm_set = (duration.count() != 0) ? registered_alarms_ : triggered_alarms_; alarm_set.add({monotonic_time_ + duration, ++legacy_next_idx_, alarm}); } } if (duration.count() == 0) { if (Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.activate_timers_next_event_loop")) { run_alarms_cb_->scheduleCallbackNextIteration(); } else { run_alarms_cb_->scheduleCallbackCurrentIteration(); } } } void SimulatedTimeSystemHelper::SimulatedScheduler::disableAlarmLockHeld(Alarm& alarm) { if (triggered_alarms_.contains(alarm)) { ASSERT(!registered_alarms_.contains(alarm)); triggered_alarms_.remove(alarm); } else { ASSERT(!triggered_alarms_.contains(alarm)); registered_alarms_.remove(alarm); } } void SimulatedTimeSystemHelper::SimulatedScheduler::runReadyAlarms() { bool dec_pending = false; { absl::MutexLock lock(&mutex_); if (pending_dec_) { dec_pending = true; pending_dec_ = false; } if (thread_advancing_time_.isEmpty()) { thread_advancing_time_ = thread_factory_.currentThreadId(); } else { ASSERT(thread_advancing_time_ == thread_factory_.currentThreadId()); } auto monotonic_time = monotonic_time_; while (!registered_alarms_.empty()) { const AlarmRegistration& alarm_registration = registered_alarms_.next(); MonotonicTime alarm_time = alarm_registration.time_; if (alarm_time > monotonic_time) { break; } triggered_alarms_.add(alarm_registration); registered_alarms_.remove(alarm_registration.alarm_); } ASSERT(!running_cbs_); running_cbs_ = true; while (!triggered_alarms_.empty()) { Alarm& alarm = triggered_alarms_.next().alarm_; triggered_alarms_.remove(alarm); UnlockGuard unlocker(mutex_); alarm.runAlarm(); } ASSERT(running_cbs_); ASSERT(monotonic_time == monotonic_time_); running_cbs_ = false; } if (dec_pending) { time_system_.decPending(); } } SimulatedTimeSystemHelper::Alarm::Alarm::~Alarm() { simulated_scheduler_.disableAlarm(*this); } void SimulatedTimeSystemHelper::Alarm::Alarm::disableTimer() { simulated_scheduler_.disableAlarm(*this); } void SimulatedTimeSystemHelper::Alarm::Alarm::enableHRTimer( const std::chrono::microseconds duration, const ScopeTrackedObject* /*scope*/) { simulated_scheduler_.enableAlarm(*this, duration); } // It would be very confusing if there were more than one simulated time system // extant at once. Technically this might be something we want, but more likely // it indicates some kind of plumbing error in test infrastructure. So track // the instance count with a simple int. In the future if there's a good reason // to have more than one around at a time, this variable can be deleted. static int instance_count = 0; // When we initialize our simulated time, we'll start the current time based on // the real current time. But thereafter, real-time will not be used, and time // will march forward only by calling advanceTimeAndRun() or advanceTimeWait(). SimulatedTimeSystemHelper::SimulatedTimeSystemHelper() : monotonic_time_(MonotonicTime(std::chrono::seconds(0))), system_time_(real_time_source_.systemTime()), pending_updates_(0) { ++instance_count; ASSERT(instance_count <= 1); } SimulatedTimeSystemHelper::~SimulatedTimeSystemHelper() { --instance_count; } bool SimulatedTimeSystemHelper::hasInstance() { return instance_count > 0; } SystemTime SimulatedTimeSystemHelper::systemTime() { absl::MutexLock lock(&mutex_); return system_time_; } MonotonicTime SimulatedTimeSystemHelper::monotonicTime() { absl::MutexLock lock(&mutex_); return monotonic_time_; } void SimulatedTimeSystemHelper::advanceTimeAsyncImpl(const Duration& duration) { only_one_thread_.checkOneThread(); absl::MutexLock lock(&mutex_); MonotonicTime monotonic_time = monotonic_time_ + std::chrono::duration_cast(duration); setMonotonicTimeLockHeld(monotonic_time); } void SimulatedTimeSystemHelper::advanceTimeWaitImpl(const Duration& duration) { only_one_thread_.checkOneThread(); absl::MutexLock lock(&mutex_); MonotonicTime monotonic_time = monotonic_time_ + std::chrono::duration_cast(duration); setMonotonicTimeLockHeld(monotonic_time); waitForNoPendingLockHeld(); } void SimulatedTimeSystemHelper::waitForNoPendingLockHeld() const ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_) { mutex_.Await(absl::Condition( +[](const uint32_t* pending_updates) -> bool { return *pending_updates == 0; }, &pending_updates_)); } SchedulerPtr SimulatedTimeSystemHelper::createScheduler(Scheduler& /*base_scheduler*/, CallbackScheduler& cb_scheduler) { return std::make_unique(*this, cb_scheduler); } void SimulatedTimeSystemHelper::setMonotonicTimeLockHeld(const MonotonicTime& monotonic_time) { only_one_thread_.checkOneThread(); // We don't have a MutexLock construct that allows temporarily // dropping the lock to run a callback. The main issue here is that we must // be careful not to be holding mutex_ when an exception can be thrown. // That can only happen here in alarm->activate(), which is run with the mutex // released. if (monotonic_time >= monotonic_time_) { system_time_ += std::chrono::duration_cast(monotonic_time - monotonic_time_); monotonic_time_ = monotonic_time; for (SimulatedScheduler* scheduler : schedulers_) { UnlockGuard unlocker(mutex_); scheduler->updateTime(monotonic_time_, system_time_); } } } void SimulatedTimeSystemHelper::setSystemTime(const SystemTime& system_time) { absl::MutexLock lock(&mutex_); if (system_time > system_time_) { MonotonicTime monotonic_time = monotonic_time_ + std::chrono::duration_cast(system_time - system_time_); setMonotonicTimeLockHeld(monotonic_time); } else { system_time_ = system_time; } } } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/simulated_time_system.h ================================================ #pragma once #include "envoy/event/timer.h" #include "common/common/lock_guard.h" #include "common/common/thread.h" #include "common/common/utility.h" #include "test/test_common/test_time_system.h" #include "test/test_common/utility.h" #include "absl/container/flat_hash_map.h" namespace Envoy { namespace Event { // Implements a simulated time system including a scheduler for timers. This is // designed to be used as the exclusive time-system resident in a process at // any particular time, and as such should not be instantiated directly by // tests. Instead it should be instantiated via SimulatedTimeSystem, declared // below. class SimulatedTimeSystemHelper : public TestTimeSystem { public: SimulatedTimeSystemHelper(); ~SimulatedTimeSystemHelper() override; // TimeSystem SchedulerPtr createScheduler(Scheduler& base_scheduler, CallbackScheduler& cb_scheduler) override; // TestTimeSystem void advanceTimeWaitImpl(const Duration& duration) override; void advanceTimeAsyncImpl(const Duration& duration) override; // TimeSource SystemTime systemTime() override; MonotonicTime monotonicTime() override; /** * Sets the time forward monotonically. If the supplied argument moves * backward in time, the call is a no-op. If the supplied argument moves * forward, any applicable timers are fired, and system-time is also moved * forward by the same delta. * * @param monotonic_time The desired new current time. */ void setMonotonicTime(const MonotonicTime& monotonic_time) { absl::MutexLock lock(&mutex_); setMonotonicTimeLockHeld(monotonic_time); } /** * Sets the system-time, whether forward or backward. If time moves forward, * applicable timers are fired and monotonic time is also increased by the * same delta. * * @param system_time The desired new system time. */ void setSystemTime(const SystemTime& system_time); static bool hasInstance(); private: class SimulatedScheduler; class Alarm; void registerScheduler(SimulatedScheduler* scheduler) { absl::MutexLock lock(&mutex_); schedulers_.insert(scheduler); } void unregisterScheduler(SimulatedScheduler* scheduler) { absl::MutexLock lock(&mutex_); schedulers_.erase(scheduler); } /** * Sets the time forward monotonically. If the supplied argument moves * backward in time, the call is a no-op. If the supplied argument moves * forward, any applicable timers are fired, and system-time is also moved * forward by the same delta. * * @param monotonic_time The desired new current time. */ void setMonotonicTimeLockHeld(const MonotonicTime& monotonic_time) ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); // Keeps track of the number of simulated schedulers that have pending monotonic time updates. // Used by advanceTimeWait() to determine when the time updates have finished propagating. void incPending() { absl::MutexLock lock(&mutex_); ++pending_updates_; } void decPending() { absl::MutexLock lock(&mutex_); --pending_updates_; } void waitForNoPendingLockHeld() const ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); RealTimeSource real_time_source_; // Used to initialize monotonic_time_ and system_time_; MonotonicTime monotonic_time_ ABSL_GUARDED_BY(mutex_); SystemTime system_time_ ABSL_GUARDED_BY(mutex_); TestRandomGenerator random_source_ ABSL_GUARDED_BY(mutex_); std::set schedulers_ ABSL_GUARDED_BY(mutex_); mutable absl::Mutex mutex_; uint32_t pending_updates_ ABSL_GUARDED_BY(mutex_); }; // Represents a simulated time system, where time is advanced by calling // sleep(), setSystemTime(), or setMonotonicTime(). systemTime() and // monotonicTime() are maintained in the class, and alarms are fired in response // to adjustments in time. class SimulatedTimeSystem : public DelegatingTestTimeSystem { public: void setMonotonicTime(const MonotonicTime& monotonic_time) { timeSystem().setMonotonicTime(monotonic_time); } void setSystemTime(const SystemTime& system_time) { timeSystem().setSystemTime(system_time); } template void setMonotonicTime(const Duration& duration) { setMonotonicTime(MonotonicTime(duration)); } template void setSystemTime(const Duration& duration) { setSystemTime(SystemTime(duration)); } }; // Class encapsulating a SimulatedTimeSystem, intended for integration tests. // Inherit from this mixin in a test fixture class to use a SimulatedTimeSystem // during the test. class TestUsingSimulatedTime { public: SimulatedTimeSystem& simTime() { return sim_time_; } private: SimulatedTimeSystem sim_time_; }; } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/simulated_time_system_test.cc ================================================ #include "common/common/thread.h" #include "common/event/libevent.h" #include "common/event/libevent_scheduler.h" #include "common/event/timer_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" #include "event2/event.h" #include "gtest/gtest.h" namespace Envoy { namespace Event { namespace Test { namespace { enum class ActivateMode { DelayActivateTimers, EagerlyActivateTimers }; class SimulatedTimeSystemTest : public testing::TestWithParam { protected: SimulatedTimeSystemTest() : scheduler_(time_system_.createScheduler(base_scheduler_, base_scheduler_)), start_monotonic_time_(time_system_.monotonicTime()), start_system_time_(time_system_.systemTime()) { Runtime::LoaderSingleton::getExisting()->mergeValues( {{"envoy.reloadable_features.activate_timers_next_event_loop", activateMode() == ActivateMode::DelayActivateTimers ? "true" : "false"}}); } ActivateMode activateMode() { return GetParam(); } void trackPrepareCalls() { base_scheduler_.registerOnPrepareCallback([this]() { output_.append(1, 'p'); }); } void addTask(int64_t delay_ms, char marker, bool expect_monotonic = true) { addCustomTask( delay_ms, marker, []() {}, expect_monotonic); } void addCustomTask(int64_t delay_ms, char marker, std::function cb, bool expect_monotonic = true) { std::chrono::milliseconds delay(delay_ms); TimerPtr timer = scheduler_->createTimer( [this, marker, delay, cb, expect_monotonic]() { output_.append(1, marker); if (expect_monotonic) { EXPECT_GE(time_system_.monotonicTime(), start_monotonic_time_ + delay); } cb(); }, dispatcher_); timer->enableTimer(delay); timers_.push_back(std::move(timer)); } void advanceMsAndLoop(int64_t delay_ms) { time_system_.advanceTimeAndRun(std::chrono::milliseconds(delay_ms), base_scheduler_, Dispatcher::RunType::NonBlock); } void advanceSystemMsAndLoop(int64_t delay_ms) { time_system_.setSystemTime(time_system_.systemTime() + std::chrono::milliseconds(delay_ms)); base_scheduler_.run(Dispatcher::RunType::NonBlock); } TestScopedRuntime scoped_runtime_; Event::MockDispatcher dispatcher_; LibeventScheduler base_scheduler_; SimulatedTimeSystem time_system_; SchedulerPtr scheduler_; std::string output_; std::vector timers_; MonotonicTime start_monotonic_time_; SystemTime start_system_time_; }; INSTANTIATE_TEST_SUITE_P(DelayTimerActivation, SimulatedTimeSystemTest, testing::Values(ActivateMode::DelayActivateTimers, ActivateMode::EagerlyActivateTimers)); TEST_P(SimulatedTimeSystemTest, AdvanceTimeAsync) { EXPECT_EQ(start_monotonic_time_, time_system_.monotonicTime()); EXPECT_EQ(start_system_time_, time_system_.systemTime()); advanceMsAndLoop(5); EXPECT_EQ(start_monotonic_time_ + std::chrono::milliseconds(5), time_system_.monotonicTime()); EXPECT_EQ(start_system_time_ + std::chrono::milliseconds(5), time_system_.systemTime()); } TEST_P(SimulatedTimeSystemTest, TimerTotalOrdering) { trackPrepareCalls(); addTask(0, '0'); addTask(1, '1'); addTask(2, '2'); EXPECT_EQ(3, timers_.size()); advanceMsAndLoop(5); // Verify order. EXPECT_EQ("p012", output_); } TEST_P(SimulatedTimeSystemTest, TimerPartialOrdering) { trackPrepareCalls(); std::set outputs; for (int i = 0; i < 100; ++i) { addTask(0, '0'); addTask(1, '1'); addTask(1, '2'); addTask(3, '3'); EXPECT_EQ(4, timers_.size()); advanceMsAndLoop(5); outputs.insert(output_); // Cleanup before the next iteration. output_.clear(); timers_.clear(); } if (activateMode() == ActivateMode::DelayActivateTimers) { // Execution order of timers 1 and 2 is non-deterministic because the two timers were scheduled // for the same time. Verify that both orderings were observed. EXPECT_THAT(outputs, testing::ElementsAre("p0123", "p0213")); } else { EXPECT_THAT(outputs, testing::ElementsAre("p0123")); } } TEST_P(SimulatedTimeSystemTest, TimerPartialOrdering2) { trackPrepareCalls(); std::set outputs; for (int i = 0; i < 100; ++i) { addTask(0, '0'); addTask(15, '1'); advanceMsAndLoop(10); // Timer 1 has 5ms remaining, so timer 2 ends up scheduled at the same monotonic time as 1. addTask(5, '2'); addTask(6, '3'); advanceMsAndLoop(10); outputs.insert(output_); // Cleanup before the next iteration. output_.clear(); timers_.clear(); } if (activateMode() == ActivateMode::DelayActivateTimers) { // Execution order of timers 1 and 2 is non-deterministic because the two timers were scheduled // for the same time. Verify that both orderings were observed. EXPECT_THAT(outputs, testing::ElementsAre("p0p123", "p0p213")); } else { EXPECT_THAT(outputs, testing::ElementsAre("p0p123")); } } // Timers that are scheduled to execute and but are disabled first do not trigger. TEST_P(SimulatedTimeSystemTest, TimerOrderAndDisableTimer) { trackPrepareCalls(); // Create 3 timers. The first timer should disable the second, so it doesn't trigger. addCustomTask(0, '0', [this]() { timers_[1]->disableTimer(); }); addTask(1, '1'); addTask(2, '2'); EXPECT_EQ(3, timers_.size()); // Expect timers to execute in order since the timers are scheduled at have different times and // that timer 1 does not execute because it was disabled as part of 0's execution. advanceMsAndLoop(5); // Verify that timer 1 was skipped. EXPECT_EQ("p02", output_); } // Capture behavior of timers which are rescheduled without being disabled first. TEST_P(SimulatedTimeSystemTest, TimerOrderAndRescheduleTimer) { trackPrepareCalls(); // Reschedule timers 1, 2 and 4 without disabling first. addCustomTask(0, '0', [this]() { timers_[1]->enableTimer(std::chrono::milliseconds(0)); timers_[2]->enableTimer(std::chrono::milliseconds(100)); timers_[4]->enableTimer(std::chrono::milliseconds(0)); }); addTask(1, '1'); addTask(2, '2'); addTask(3, '3'); addTask(10000, '4', false); EXPECT_EQ(5, timers_.size()); // Rescheduling timers that are already scheduled to run in the current event loop iteration has // no effect if the time delta is 0. Expect timers 0, 1 and 3 to execute in the original order. // Timer 4 runs as part of the first wakeup since its new schedule time has a delta of 0. Timer 2 // is delayed since it is rescheduled with a non-zero delta. advanceMsAndLoop(5); if (activateMode() == ActivateMode::DelayActivateTimers) { #ifdef WIN32 // Force it to run again to pick up next iteration callbacks. // The event loop runs for a single iteration in NonBlock mode on Windows as a hack to work // around LEVEL trigger fd registrations constantly firing events and preventing the NonBlock // event loop from ever reaching the no-fd event and no-expired timers termination condition. It // is not possible to get consistent event loop behavior since the time system does not override // the base scheduler's run behavior, and libevent does not provide a mode where it runs at most // N iterations before breaking out of the loop for us to prefer over the single iteration mode // used on Windows. advanceMsAndLoop(0); #endif EXPECT_EQ("p013p4", output_); } else { EXPECT_EQ("p0134", output_); } advanceMsAndLoop(100); if (activateMode() == ActivateMode::DelayActivateTimers) { EXPECT_EQ("p013p4p2", output_); } else { EXPECT_EQ("p0134p2", output_); } } // Disable and re-enable timers that is already pending execution and verify that execution is // delayed. TEST_P(SimulatedTimeSystemTest, TimerOrderDisableAndRescheduleTimer) { trackPrepareCalls(); // Disable and reschedule timers 1, 2 and 4 when timer 0 triggers. addCustomTask(0, '0', [this]() { timers_[1]->disableTimer(); timers_[1]->enableTimer(std::chrono::milliseconds(0)); timers_[2]->disableTimer(); timers_[2]->enableTimer(std::chrono::milliseconds(100)); timers_[4]->disableTimer(); timers_[4]->enableTimer(std::chrono::milliseconds(0)); }); addTask(1, '1'); addTask(2, '2'); addTask(3, '3'); addTask(10000, '4', false); EXPECT_EQ(5, timers_.size()); // timer 0 is expected to run first and reschedule timers 1 and 2. Timer 3 should fire before // timer 1 since timer 3's registration is unaffected. timer 1 runs in the same iteration // because it is scheduled with zero delay. Timer 2 executes in a later iteration because it is // re-enabled with a non-zero timeout. advanceMsAndLoop(5); if (activateMode() == ActivateMode::DelayActivateTimers) { #ifdef WIN32 // The event loop runs for a single iteration in NonBlock mode on Windows. Force it to run again // to pick up next iteration callbacks. advanceMsAndLoop(0); #endif EXPECT_THAT(output_, testing::AnyOf("p03p14", "p03p41")); } else { EXPECT_EQ("p0314", output_); } advanceMsAndLoop(100); if (activateMode() == ActivateMode::DelayActivateTimers) { EXPECT_THAT(output_, testing::AnyOf("p03p14p2", "p03p41p2")); } else { EXPECT_EQ("p0314p2", output_); } } TEST_P(SimulatedTimeSystemTest, AdvanceTimeWait) { EXPECT_EQ(start_monotonic_time_, time_system_.monotonicTime()); EXPECT_EQ(start_system_time_, time_system_.systemTime()); addTask(4, 'Z'); addTask(2, 'X'); addTask(3, 'Y'); addTask(6, 'A'); // This timer will never be run, so "A" will not be appended. std::atomic done(false); auto thread = Thread::threadFactoryForTest().createThread([this, &done]() { while (!done) { base_scheduler_.run(Dispatcher::RunType::Block); } }); time_system_.advanceTimeWait(std::chrono::milliseconds(5)); EXPECT_EQ("XYZ", output_); done = true; thread->join(); EXPECT_EQ(start_monotonic_time_ + std::chrono::milliseconds(5), time_system_.monotonicTime()); EXPECT_EQ(start_system_time_ + std::chrono::milliseconds(5), time_system_.systemTime()); } TEST_P(SimulatedTimeSystemTest, WaitFor) { EXPECT_EQ(start_monotonic_time_, time_system_.monotonicTime()); EXPECT_EQ(start_system_time_, time_system_.systemTime()); // Run an event loop in the background to activate timers. absl::Mutex mutex; bool done(false); auto thread = Thread::threadFactoryForTest().createThread([this, &mutex, &done]() { for (;;) { { absl::MutexLock lock(&mutex); if (done) { return; } } base_scheduler_.run(Dispatcher::RunType::Block); } }); TimerPtr timer = scheduler_->createTimer( [&mutex, &done]() { absl::MutexLock lock(&mutex); done = true; }, dispatcher_); timer->enableTimer(std::chrono::seconds(60)); // Wait 1ms of real time. waitFor() does not advance simulated time, so this is just going to // verify that we return quickly and nothing has fired. { absl::MutexLock lock(&mutex); EXPECT_FALSE(time_system_.waitFor(mutex, absl::Condition(&done), std::chrono::milliseconds(1))); } EXPECT_FALSE(done); EXPECT_EQ(MonotonicTime(std::chrono::seconds(0)), time_system_.monotonicTime()); // Fire the timeout by advancing time and then verify that waitFor() returns without any timeout. time_system_.advanceTimeWait(std::chrono::seconds(60)); { absl::MutexLock lock(&mutex); EXPECT_TRUE(time_system_.waitFor(mutex, absl::Condition(&done), std::chrono::seconds(0))); } EXPECT_TRUE(done); EXPECT_EQ(MonotonicTime(std::chrono::seconds(60)), time_system_.monotonicTime()); thread->join(); // Waiting a third time, with no pending timeouts, will just sleep out for // the max duration and return a timeout. done = false; { absl::MutexLock lock(&mutex); EXPECT_FALSE(time_system_.waitFor(mutex, absl::Condition(&done), std::chrono::seconds(0))); } EXPECT_FALSE(done); EXPECT_EQ(MonotonicTime(std::chrono::seconds(60)), time_system_.monotonicTime()); } TEST_P(SimulatedTimeSystemTest, Monotonic) { // Setting time forward works. time_system_.setMonotonicTime(start_monotonic_time_ + std::chrono::milliseconds(5)); EXPECT_EQ(start_monotonic_time_ + std::chrono::milliseconds(5), time_system_.monotonicTime()); // But going backward does not. time_system_.setMonotonicTime(start_monotonic_time_ + std::chrono::milliseconds(3)); EXPECT_EQ(start_monotonic_time_ + std::chrono::milliseconds(5), time_system_.monotonicTime()); } TEST_P(SimulatedTimeSystemTest, System) { // Setting time forward works. time_system_.setSystemTime(start_system_time_ + std::chrono::milliseconds(5)); EXPECT_EQ(start_system_time_ + std::chrono::milliseconds(5), time_system_.systemTime()); // And going backward works too. time_system_.setSystemTime(start_system_time_ + std::chrono::milliseconds(3)); EXPECT_EQ(start_system_time_ + std::chrono::milliseconds(3), time_system_.systemTime()); } TEST_P(SimulatedTimeSystemTest, Ordering) { addTask(5, '5'); addTask(3, '3'); addTask(6, '6'); EXPECT_EQ("", output_); advanceMsAndLoop(5); EXPECT_EQ("35", output_); advanceMsAndLoop(1); EXPECT_EQ("356", output_); } TEST_P(SimulatedTimeSystemTest, SystemTimeOrdering) { addTask(5, '5'); addTask(3, '3'); addTask(6, '6'); EXPECT_EQ("", output_); advanceSystemMsAndLoop(5); EXPECT_EQ("35", output_); advanceSystemMsAndLoop(1); EXPECT_EQ("356", output_); time_system_.setSystemTime(start_system_time_ + std::chrono::milliseconds(1)); time_system_.setSystemTime(start_system_time_ + std::chrono::milliseconds(100)); EXPECT_EQ("356", output_); // callbacks don't get replayed. } TEST_P(SimulatedTimeSystemTest, DisableTimer) { addTask(5, '5'); addTask(3, '3'); addTask(6, '6'); timers_[0]->disableTimer(); EXPECT_EQ("", output_); advanceMsAndLoop(5); EXPECT_EQ("3", output_); advanceMsAndLoop(1); EXPECT_EQ("36", output_); } TEST_P(SimulatedTimeSystemTest, IgnoreRedundantDisable) { addTask(5, '5'); timers_[0]->disableTimer(); timers_[0]->disableTimer(); advanceMsAndLoop(5); EXPECT_EQ("", output_); } TEST_P(SimulatedTimeSystemTest, OverrideEnable) { addTask(5, '5'); timers_[0]->enableTimer(std::chrono::milliseconds(6)); advanceMsAndLoop(5); EXPECT_EQ("", output_); // Timer didn't wake up because we overrode to 6ms. advanceMsAndLoop(1); EXPECT_EQ("5", output_); } TEST_P(SimulatedTimeSystemTest, DeleteTime) { addTask(5, '5'); addTask(3, '3'); addTask(6, '6'); timers_[0].reset(); EXPECT_EQ("", output_); advanceMsAndLoop(5); EXPECT_EQ("3", output_); advanceMsAndLoop(1); EXPECT_EQ("36", output_); } // Regression test for issues documented in https://github.com/envoyproxy/envoy/pull/6956 TEST_P(SimulatedTimeSystemTest, DuplicateTimer) { // Set one alarm two times to test that pending does not get duplicated.. std::chrono::milliseconds delay(0); TimerPtr zero_timer = scheduler_->createTimer([this]() { output_.append(1, '2'); }, dispatcher_); zero_timer->enableTimer(delay); zero_timer->enableTimer(delay); advanceMsAndLoop(1); EXPECT_EQ("2", output_); } // Regression test for issues documented in https://github.com/envoyproxy/envoy/pull/6956 TEST_P(SimulatedTimeSystemTest, DuplicateTimer2) { // Now set an alarm which requires 10s of progress and make sure advanceTimeWait and waitFor // works. absl::Mutex mutex; bool done(false); auto thread = Thread::threadFactoryForTest().createThread([this, &mutex, &done]() { for (;;) { { absl::MutexLock lock(&mutex); if (done) { return; } } base_scheduler_.run(Dispatcher::RunType::Block); } }); TimerPtr timer = scheduler_->createTimer( [&mutex, &done]() { absl::MutexLock lock(&mutex); done = true; }, dispatcher_); timer->enableTimer(std::chrono::seconds(10)); { absl::MutexLock lock(&mutex); EXPECT_FALSE(time_system_.waitFor(mutex, absl::Condition(&done), std::chrono::seconds(0))); } EXPECT_FALSE(done); time_system_.advanceTimeWait(std::chrono::seconds(10)); { absl::MutexLock lock(&mutex); EXPECT_TRUE(time_system_.waitFor(mutex, absl::Condition(&done), std::chrono::seconds(0))); } EXPECT_TRUE(done); thread->join(); } TEST_P(SimulatedTimeSystemTest, Enabled) { TimerPtr timer = scheduler_->createTimer({}, dispatcher_); timer->enableTimer(std::chrono::milliseconds(0)); EXPECT_TRUE(timer->enabled()); } TEST_P(SimulatedTimeSystemTest, DeleteTimerFromThread) { TimerPtr timer = scheduler_->createTimer([]() {}, dispatcher_); timer->enableTimer(std::chrono::milliseconds(0)); auto thread = Thread::threadFactoryForTest().createThread([&timer]() { timer.reset(); }); advanceMsAndLoop(1); thread->join(); } TEST_P(SimulatedTimeSystemTest, DeleteTimerFromThread2) { TimerPtr timer = scheduler_->createTimer([]() {}, dispatcher_); timer->enableTimer(std::chrono::milliseconds(1)); auto thread = Thread::threadFactoryForTest().createThread([&timer]() { timer.reset(); }); advanceMsAndLoop(1); thread->join(); } } // namespace } // namespace Test } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/status_utility.h ================================================ #pragma once #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace StatusHelpers { // Check that a StatusOr is OK and has a value equal to its argument. // // For example: // // StatusOr status(3); // EXPECT_THAT(status, IsOkAndHolds(3)); MATCHER_P(IsOkAndHolds, expected, "") { if (!arg) { *result_listener << "which has unexpected status: " << arg.status(); return false; } if (*arg != expected) { *result_listener << "which has wrong value: " << *arg; return false; } return true; } // Check that a StatusOr as a status code equal to its argument. // // For example: // // StatusOr status(absl::InvalidArgumentError("bad argument!")); // EXPECT_THAT(status, StatusIs(absl::StatusCode::kInvalidArgument)); MATCHER_P(StatusIs, expected_code, "") { if (arg.status().code() != expected_code) { *result_listener << "which has unexpected status: " << arg.status(); return false; } return true; } } // namespace StatusHelpers } // namespace Envoy ================================================ FILE: test/test_common/test_runtime.h ================================================ // A simple test utility to easily allow for runtime feature overloads in unit tests. // // As long as this class is in scope one can do runtime feature overrides: // // TestScopedRuntime scoped_runtime; // Runtime::LoaderSingleton::getExisting()->mergeValues( // {{"envoy.reloadable_features.test_feature_true", "false"}}); // // As long as a TestScopedRuntime exists, Runtime::LoaderSingleton::getExisting()->mergeValues() // can safely be called to override runtime values. #pragma once #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "common/runtime/runtime_impl.h" #include "common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" #include "test/mocks/init/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/protobuf/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/thread_local/mocks.h" #include "gmock/gmock.h" namespace Envoy { class TestScopedRuntime { public: TestScopedRuntime() : api_(Api::createApiForTest()) { envoy::config::bootstrap::v3::LayeredRuntime config; // The existence of an admin layer is required for mergeValues() to work. config.add_layers()->mutable_admin_layer(); loader_ = std::make_unique( std::make_unique(dispatcher_, tls_, config, local_info_, store_, generator_, validation_visitor_, *api_)); } private: Event::MockDispatcher dispatcher_; testing::NiceMock tls_; Stats::IsolatedStoreImpl store_; Random::MockRandomGenerator generator_; Api::ApiPtr api_; testing::NiceMock local_info_; testing::NiceMock validation_visitor_; std::unique_ptr loader_; }; } // namespace Envoy ================================================ FILE: test/test_common/test_time.cc ================================================ #include "test/test_common/test_time.h" #include "common/common/utility.h" #include "test/test_common/global.h" namespace Envoy { DangerousDeprecatedTestTime::DangerousDeprecatedTestTime() = default; namespace Event { TestTimeSystem& GlobalTimeSystem::timeSystem() { // TODO(#4160): Switch default to SimulatedTimeSystem. auto make_real_time_system = []() -> std::unique_ptr { return std::make_unique(); }; return singleton_->timeSystem(make_real_time_system); } void TestRealTimeSystem::advanceTimeWaitImpl(const Duration& duration) { only_one_thread_.checkOneThread(); std::this_thread::sleep_for(duration); } void TestRealTimeSystem::advanceTimeAsyncImpl(const Duration& duration) { advanceTimeWait(duration); } SystemTime TestRealTimeSystem::systemTime() { return real_time_system_.systemTime(); } MonotonicTime TestRealTimeSystem::monotonicTime() { return real_time_system_.monotonicTime(); } } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/test_time.h ================================================ #pragma once #include "common/event/real_time_system.h" #include "test/test_common/global.h" #include "test/test_common/test_time_system.h" namespace Envoy { namespace Event { class TestRealTimeSystem : public TestTimeSystem { public: // TestTimeSystem void advanceTimeAsyncImpl(const Duration& duration) override; void advanceTimeWaitImpl(const Duration& duration) override; // Event::TimeSystem Event::SchedulerPtr createScheduler(Scheduler& base_scheduler, CallbackScheduler& cb_scheduler) override { return real_time_system_.createScheduler(base_scheduler, cb_scheduler); } // TimeSource SystemTime systemTime() override; MonotonicTime monotonicTime() override; private: Event::RealTimeSystem real_time_system_; }; class GlobalTimeSystem : public DelegatingTestTimeSystemBase { public: TestTimeSystem& timeSystem() override; private: Test::Global singleton_; }; } // namespace Event // Instantiates real-time sources for testing purposes. In general, this is a // bad idea, and tests should use simulated or mock time. // // TODO(#4160): change most references to this class to SimulatedTimeSystem. class DangerousDeprecatedTestTime { public: DangerousDeprecatedTestTime(); Event::TestTimeSystem& timeSystem() { return time_system_.timeSystem(); } private: Event::DelegatingTestTimeSystem time_system_; }; } // namespace Envoy ================================================ FILE: test/test_common/test_time_system.cc ================================================ #include "test/test_common/test_time_system.h" #include "envoy/event/timer.h" #include "common/common/thread.h" namespace Envoy { namespace Event { TestTimeSystem& SingletonTimeSystemHelper::timeSystem(const MakeTimeSystemFn& make_time_system) { Thread::LockGuard lock(mutex_); if (time_system_ == nullptr) { time_system_ = make_time_system(); } return *time_system_; } } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/test_time_system.h ================================================ #pragma once #include "envoy/common/time.h" #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" #include "common/common/assert.h" #include "common/common/thread.h" #include "test/test_common/global.h" #include "test/test_common/only_one_thread.h" namespace Envoy { namespace Event { // Adds sleep() and waitFor() interfaces to Event::TimeSystem. class TestTimeSystem : public Event::TimeSystem { public: ~TestTimeSystem() override = default; /** * This class will use the real monotonic time regardless of the time system in use (real * or simulated). This should only be used when time is needed for real timeouts that govern * networking, etc. It should never be used for time that only advances explicitly for alarms. */ class RealTimeBound { public: template RealTimeBound(const D& duration) : end_time_(std::chrono::steady_clock::now() + duration) // NO_CHECK_FORMAT(real_time) {} std::chrono::milliseconds timeLeft() { const auto current_time = std::chrono::steady_clock::now(); // NO_CHECK_FORMAT(real_time) if (current_time > end_time_) { return std::chrono::milliseconds(0); } return std::chrono::duration_cast(end_time_ - current_time); } bool withinBound() { return std::chrono::steady_clock::now() < end_time_; // NO_CHECK_FORMAT(real_time) } private: const MonotonicTime end_time_; }; /** * Advances time forward by the specified duration, running any timers * scheduled to fire, and blocking until the timer callbacks are complete. * See also advanceTimeAndRun(), which provides the option to run a specific * dispatcher or scheduler after advancing the time. * * This function should be used in multi-threaded tests, where other * threads are running dispatcher loops. Integration tests should usually * use this variant. * * @param duration The amount of time to advance. */ virtual void advanceTimeWaitImpl(const Duration& duration) PURE; template void advanceTimeWait(const D& duration = false) { advanceTimeWaitImpl(std::chrono::duration_cast(duration)); } /** * Advances time forward by the specified duration. Timers on event loops outside the current * thread may trigger, but unlike advanceTimeWait(), this method does not block waiting for them * to complete. This method also takes in a parameter the dispatcher or scheduler for the current * thread, which will be run in the requested mode after advancing the time forward. * * This function should be used in single-threaded tests that want to advance time and then run * the test thread event loop. Unit tests will often use this variant. * * @param duration The amount of time to advance. * @param dispatcher_or_scheduler The event loop to run after advancing time forward. * @param mode The mode to use when running the event loop. */ template void advanceTimeAndRun(const D& duration, DispatcherOrScheduler& dispatcher_or_scheduler, Dispatcher::RunType mode) { advanceTimeAsyncImpl(std::chrono::duration_cast(duration)); dispatcher_or_scheduler.run(mode); } /** * Helper function used by the implementation of advanceTimeAndRun which just advances time * forward by the specified amount. * * @param duration The amount of time to advance. */ virtual void advanceTimeAsyncImpl(const Duration& duration) PURE; /** * Waits for the specified duration to expire, or for the condition to be satisfied, whichever * comes first. * * NOTE: This function takes a duration parameter which is the timeout of the wait. This is *real* * time in all time systems. This is to avoid test hangs and provide a useful error message. * When using simulated time this does not advance monotonic time. Thus, to simulated time * tests all network behavior will appear instantaneous. If time needs to advance to fire * alarms advanceTimeWait() or advanceTimeAsync() should be used. * * @param mutex A mutex which must be held before calling this function. * @param condition The condition to wait on. * @param duration The maximum amount of time to wait. * @return Thread::CondVar::WaitStatus whether the condition timed out or not. */ template bool waitFor(absl::Mutex& mutex, const absl::Condition& condition, const D& duration) noexcept ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex) { only_one_thread_.checkOneThread(); return mutex.AwaitWithTimeout(condition, absl::FromChrono(std::chrono::duration_cast(duration))); } /** * This function will perform a real sleep in all time systems (real or simulated). This function * should NOT be used without a good reason. It is either for supporting old code that needs to * be converted to an event based approach, simulated time, or some other solution. Be ready * to explain why you are using this in code review. */ template void realSleepDoNotUseWithoutScrutiny(const D& duration) { std::this_thread::sleep_for(duration); // NO_CHECK_FORMAT(real_time) } protected: Thread::OnlyOneThread only_one_thread_; }; // There should only be one instance of any time-system resident in a test // process at once. This helper class is used with Test::Global to help enforce // that with an ASSERT. Each time-system derivation should have a helper // implementation which is referenced from a delegate (see // DelegatingTestTimeSystemBase). In each delegate, a SingletonTimeSystemHelper // should be instantiated via Test::Global. Only one // instance of SingletonTimeSystemHelper per process, at a time. When all // references to the delegates are destructed, the singleton will be destroyed // as well, so each test-method will get a fresh start. class SingletonTimeSystemHelper { public: SingletonTimeSystemHelper() : time_system_(nullptr) {} using MakeTimeSystemFn = std::function()>; /** * Returns a singleton time-system, creating a default one of there's not * one already. This method is thread-safe. * * @return the time system. */ TestTimeSystem& timeSystem(const MakeTimeSystemFn& make_time_system); private: std::unique_ptr time_system_ ABSL_GUARDED_BY(mutex_); Thread::MutexBasicLockable mutex_; }; // Implements the TestTimeSystem interface, delegating implementation of all // methods to a TestTimeSystem reference supplied by a timeSystem() method in a // subclass. template class DelegatingTestTimeSystemBase : public TestTimeSystem { public: void advanceTimeAsyncImpl(const Duration& duration) override { timeSystem().advanceTimeAsyncImpl(duration); } void advanceTimeWaitImpl(const Duration& duration) override { timeSystem().advanceTimeWaitImpl(duration); } SchedulerPtr createScheduler(Scheduler& base_scheduler, CallbackScheduler& cb_scheduler) override { return timeSystem().createScheduler(base_scheduler, cb_scheduler); } SystemTime systemTime() override { return timeSystem().systemTime(); } MonotonicTime monotonicTime() override { return timeSystem().monotonicTime(); } TimeSystemVariant& operator*() { return timeSystem(); } virtual TimeSystemVariant& timeSystem() PURE; }; // Wraps a concrete time-system in a delegate that ensures there is only one // time-system of any variant resident in a process at a time. Attempts to // instantiate multiple instances of the same type of time-system will simply // reference the same shared delegate, which will be deleted when the last one // goes out of scope. Attempts to instantiate different types of type-systems // will result in a RELEASE_ASSERT. See the testcases in // test_time_system_test.cc to understand the allowable sequences. template class DelegatingTestTimeSystem : public DelegatingTestTimeSystemBase { public: DelegatingTestTimeSystem() : time_system_(initTimeSystem()) {} TimeSystemVariant& timeSystem() override { return time_system_; } private: TimeSystemVariant& initTimeSystem() { auto make_time_system = []() -> std::unique_ptr { return std::make_unique(); }; auto time_system = dynamic_cast(&singleton_->timeSystem(make_time_system)); RELEASE_ASSERT(time_system, "Two different types of time-systems allocated. If deriving from " "Event::TestUsingSimulatedTime make sure it is the first base class."); return *time_system; } Test::Global singleton_; TimeSystemVariant& time_system_; }; } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/test_time_system_test.cc ================================================ #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_time.h" #include "test/test_common/test_time_system.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { namespace Event { namespace Test { namespace { class TestTimeSystemTest : public testing::Test { protected: }; TEST_F(TestTimeSystemTest, TwoSimsSameReference) { SimulatedTimeSystem t1, t2; EXPECT_EQ(&t1.timeSystem(), &t2.timeSystem()); } TEST_F(TestTimeSystemTest, TwoRealsSameReference) { DangerousDeprecatedTestTime t1, t2; EXPECT_EQ(&t1.timeSystem(), &t2.timeSystem()); } TEST_F(TestTimeSystemTest, SimThenRealConflict) { SimulatedTimeSystem t1; EXPECT_DEATH({ DangerousDeprecatedTestTime t2; }, ".*Two different types of time-systems allocated.*"); } TEST_F(TestTimeSystemTest, SimThenRealSerial) { { SimulatedTimeSystem t1; } { DangerousDeprecatedTestTime t2; } } TEST_F(TestTimeSystemTest, RealThenSim) { DangerousDeprecatedTestTime t1; EXPECT_DEATH({ SimulatedTimeSystem t2; }, ".*Two different types of time-systems allocated.*"); } TEST_F(TestTimeSystemTest, RealThenSimSerial) { { DangerousDeprecatedTestTime t2; } { SimulatedTimeSystem t1; } } } // namespace } // namespace Test } // namespace Event } // namespace Envoy ================================================ FILE: test/test_common/test_version_linkstamp.cc ================================================ // NOLINT(namespace-envoy) extern const char build_scm_revision[]; extern const char build_scm_status[]; const char build_scm_revision[] = "0"; const char build_scm_status[] = "test"; ================================================ FILE: test/test_common/thread_factory_for_test.cc ================================================ #include "common/common/thread_impl.h" namespace Envoy { namespace Thread { // TODO(sesmith177) Tests should get the ThreadFactory from the same location as the main code ThreadFactory& threadFactoryForTest() { #ifdef WIN32 static auto* thread_factory = new ThreadFactoryImplWin32(); #else static auto* thread_factory = new ThreadFactoryImplPosix(); #endif return *thread_factory; } } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/thread_factory_for_test.h ================================================ #include "envoy/thread/thread.h" namespace Envoy { namespace Thread { ThreadFactory& threadFactoryForTest(); } // namespace Thread } // namespace Envoy ================================================ FILE: test/test_common/threadsafe_singleton_injector.h ================================================ #pragma once #include "common/singleton/threadsafe_singleton.h" namespace Envoy { // Note this class is not thread-safe, and should be called exceedingly carefully. template class TestThreadsafeSingletonInjector { public: TestThreadsafeSingletonInjector(T* instance) { latched_instance_ = &ThreadSafeSingleton::get(); ThreadSafeSingleton::instance_ = instance; } ~TestThreadsafeSingletonInjector() { ThreadSafeSingleton::instance_ = latched_instance_; } private: T* latched_instance_; }; } // namespace Envoy ================================================ FILE: test/test_common/utility.cc ================================================ #include "utility.h" #include #include #include #include #include #include #include #include #include #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/codec.h" #include "envoy/service/runtime/v3/rtds.pb.h" #include "common/api/api_impl.h" #include "common/common/fmt.h" #include "common/common/lock_guard.h" #include "common/common/thread_impl.h" #include "common/common/utility.h" #include "common/config/resource_name.h" #include "common/filesystem/directory.h" #include "common/filesystem/filesystem_impl.h" #include "common/json/json_loader.h" #include "common/network/address_impl.h" #include "common/network/utility.h" #include "test/mocks/common.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/printers.h" #include "test/test_common/resources.h" #include "test/test_common/test_time.h" #include "absl/container/fixed_array.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" #include "gtest/gtest.h" using testing::GTEST_FLAG(random_seed); namespace Envoy { // The purpose of using the static seed here is to use --test_arg=--gtest_random_seed=[seed] // to specify the seed of the problem to replay. int32_t getSeed() { static const int32_t seed = std::chrono::duration_cast( std::chrono::system_clock::now().time_since_epoch()) .count(); return seed; } TestRandomGenerator::TestRandomGenerator() : seed_(GTEST_FLAG(random_seed) == 0 ? getSeed() : GTEST_FLAG(random_seed)), generator_(seed_) { std::cerr << "TestRandomGenerator running with seed " << seed_ << "\n"; } uint64_t TestRandomGenerator::random() { return generator_(); } bool TestUtility::headerMapEqualIgnoreOrder(const Http::HeaderMap& lhs, const Http::HeaderMap& rhs) { if (lhs.size() != rhs.size()) { return false; } bool equal = true; rhs.iterate([&lhs, &equal](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { const Http::HeaderEntry* entry = lhs.get(Http::LowerCaseString(std::string(header.key().getStringView()))); if (entry == nullptr || (entry->value() != header.value().getStringView())) { equal = false; return Http::HeaderMap::Iterate::Break; } return Http::HeaderMap::Iterate::Continue; }); return equal; } bool TestUtility::buffersEqual(const Buffer::Instance& lhs, const Buffer::Instance& rhs) { if (lhs.length() != rhs.length()) { return false; } // Check whether the two buffers contain the same content. It is valid for the content // to be arranged differently in the buffers. For example, lhs could have one slice // containing 10 bytes while rhs has ten slices containing one byte each. Buffer::RawSliceVector lhs_slices = lhs.getRawSlices(); Buffer::RawSliceVector rhs_slices = rhs.getRawSlices(); size_t rhs_slice = 0; size_t rhs_offset = 0; for (auto& lhs_slice : lhs_slices) { for (size_t lhs_offset = 0; lhs_offset < lhs_slice.len_; lhs_offset++) { while (rhs_offset >= rhs_slices[rhs_slice].len_) { rhs_slice++; ASSERT(rhs_slice < rhs_slices.size()); rhs_offset = 0; } auto lhs_str = static_cast(lhs_slice.mem_); auto rhs_str = static_cast(rhs_slices[rhs_slice].mem_); if (lhs_str[lhs_offset] != rhs_str[rhs_offset]) { return false; } rhs_offset++; } } return true; } bool TestUtility::rawSlicesEqual(const Buffer::RawSlice* lhs, const Buffer::RawSlice* rhs, size_t num_slices) { for (size_t slice = 0; slice < num_slices; slice++) { auto rhs_slice = rhs[slice]; auto lhs_slice = lhs[slice]; if (rhs_slice.len_ != lhs_slice.len_) { return false; } auto rhs_slice_data = static_cast(rhs_slice.mem_); auto lhs_slice_data = static_cast(lhs_slice.mem_); for (size_t offset = 0; offset < rhs_slice.len_; offset++) { if (rhs_slice_data[offset] != lhs_slice_data[offset]) { return false; } } } return true; } void TestUtility::feedBufferWithRandomCharacters(Buffer::Instance& buffer, uint64_t n_char, uint64_t seed) { const std::string sample = "Neque porro quisquam est qui dolorem ipsum.."; std::mt19937 generate(seed); std::uniform_int_distribution<> distribute(1, sample.length() - 1); std::string str{}; for (uint64_t n = 0; n < n_char; ++n) { str += sample.at(distribute(generate)); } buffer.add(str); } Stats::CounterSharedPtr TestUtility::findCounter(Stats::Store& store, const std::string& name) { return findByName(store.counters(), name); } Stats::GaugeSharedPtr TestUtility::findGauge(Stats::Store& store, const std::string& name) { return findByName(store.gauges(), name); } Stats::TextReadoutSharedPtr TestUtility::findTextReadout(Stats::Store& store, const std::string& name) { return findByName(store.textReadouts(), name); } AssertionResult TestUtility::waitForCounterEq(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout, Event::Dispatcher* dispatcher) { Event::TestTimeSystem::RealTimeBound bound(timeout); while (findCounter(store, name) == nullptr || findCounter(store, name)->value() != value) { time_system.advanceTimeWait(std::chrono::milliseconds(10)); if (timeout != std::chrono::milliseconds::zero() && !bound.withinBound()) { return AssertionFailure() << fmt::format("timed out waiting for {} to be {}", name, value); } if (dispatcher != nullptr) { dispatcher->run(Event::Dispatcher::RunType::NonBlock); } } return AssertionSuccess(); } AssertionResult TestUtility::waitForCounterGe(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout) { Event::TestTimeSystem::RealTimeBound bound(timeout); while (findCounter(store, name) == nullptr || findCounter(store, name)->value() < value) { time_system.advanceTimeWait(std::chrono::milliseconds(10)); if (timeout != std::chrono::milliseconds::zero() && !bound.withinBound()) { return AssertionFailure() << fmt::format("timed out waiting for {} to be {}", name, value); } } return AssertionSuccess(); } AssertionResult TestUtility::waitForGaugeGe(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout) { Event::TestTimeSystem::RealTimeBound bound(timeout); while (findGauge(store, name) == nullptr || findGauge(store, name)->value() < value) { time_system.advanceTimeWait(std::chrono::milliseconds(10)); if (timeout != std::chrono::milliseconds::zero() && !bound.withinBound()) { return AssertionFailure() << fmt::format("timed out waiting for {} to be {}", name, value); } } return AssertionSuccess(); } AssertionResult TestUtility::waitForGaugeEq(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout) { Event::TestTimeSystem::RealTimeBound bound(timeout); while (findGauge(store, name) == nullptr || findGauge(store, name)->value() != value) { time_system.advanceTimeWait(std::chrono::milliseconds(10)); if (timeout != std::chrono::milliseconds::zero() && !bound.withinBound()) { return AssertionFailure() << fmt::format("timed out waiting for {} to be {}", name, value); } } return AssertionSuccess(); } std::list TestUtility::makeDnsResponse(const std::list& addresses, std::chrono::seconds ttl) { std::list ret; for (const auto& address : addresses) { ret.emplace_back(Network::DnsResponse(Network::Utility::parseInternetAddress(address), ttl)); } return ret; } std::vector TestUtility::listFiles(const std::string& path, bool recursive) { std::vector file_names; Filesystem::Directory directory(path); for (const Filesystem::DirectoryEntry& entry : directory) { std::string file_name = fmt::format("{}/{}", path, entry.name_); if (entry.type_ == Filesystem::FileType::Directory) { if (recursive && entry.name_ != "." && entry.name_ != "..") { std::vector more_file_names = listFiles(file_name, recursive); file_names.insert(file_names.end(), more_file_names.begin(), more_file_names.end()); } } else { // regular file file_names.push_back(file_name); } } return file_names; } std::string TestUtility::xdsResourceName(const ProtobufWkt::Any& resource) { if (resource.type_url() == Config::TypeUrl::get().Listener) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::TypeUrl::get().RouteConfiguration) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::TypeUrl::get().Cluster) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::TypeUrl::get().ClusterLoadAssignment) { return TestUtility::anyConvert(resource) .cluster_name(); } if (resource.type_url() == Config::TypeUrl::get().VirtualHost) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::TypeUrl::get().Runtime) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource) .cluster_name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource).name(); } if (resource.type_url() == Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3)) { return TestUtility::anyConvert(resource).name(); } throw EnvoyException( absl::StrCat("xdsResourceName does not know about type URL ", resource.type_url())); } std::string TestUtility::addLeftAndRightPadding(absl::string_view to_pad, int desired_length) { int line_fill_len = desired_length - to_pad.length(); int first_half_len = line_fill_len / 2; int second_half_len = line_fill_len - first_half_len; return absl::StrCat(std::string(first_half_len, '='), to_pad, std::string(second_half_len, '=')); } std::vector TestUtility::split(const std::string& source, char split) { return TestUtility::split(source, std::string{split}); } std::vector TestUtility::split(const std::string& source, const std::string& split, bool keep_empty_string) { std::vector ret; const auto tokens_sv = StringUtil::splitToken(source, split, keep_empty_string); std::transform(tokens_sv.begin(), tokens_sv.end(), std::back_inserter(ret), [](absl::string_view sv) { return std::string(sv); }); return ret; } // static absl::Time TestUtility::parseTime(const std::string& input, const std::string& input_format) { absl::Time time; std::string parse_error; EXPECT_TRUE(absl::ParseTime(input_format, input, &time, &parse_error)) << " error \"" << parse_error << "\" from failing to parse timestamp \"" << input << "\" with format string \"" << input_format << "\""; return time; } // static std::string TestUtility::formatTime(const absl::Time input, const std::string& output_format) { static const absl::TimeZone utc = absl::UTCTimeZone(); return absl::FormatTime(output_format, input, utc); } // static std::string TestUtility::formatTime(const SystemTime input, const std::string& output_format) { return TestUtility::formatTime(absl::FromChrono(input), output_format); } // static std::string TestUtility::convertTime(const std::string& input, const std::string& input_format, const std::string& output_format) { return TestUtility::formatTime(TestUtility::parseTime(input, input_format), output_format); } // static std::string TestUtility::nonZeroedGauges(const std::vector& gauges) { // Returns all gauges that are 0 except the circuit_breaker remaining resource // gauges which default to the resource max. std::regex omitted(".*circuit_breakers\\..*\\.remaining.*"); std::string non_zero; for (const Stats::GaugeSharedPtr& gauge : gauges) { if (!std::regex_match(gauge->name(), omitted) && gauge->value() != 0) { non_zero.append(fmt::format("{}: {}; ", gauge->name(), gauge->value())); } } return non_zero; } // static bool TestUtility::gaugesZeroed(const std::vector& gauges) { return nonZeroedGauges(gauges).empty(); } // static bool TestUtility::gaugesZeroed( const std::vector>& gauges) { // Returns true if all gauges are 0 except the circuit_breaker remaining resource // gauges which default to the resource max. std::regex omitted(".*circuit_breakers\\..*\\.remaining.*"); for (const auto& gauge : gauges) { if (!std::regex_match(std::string(gauge.first), omitted) && gauge.second.get().value() != 0) { return false; } } return true; } void ConditionalInitializer::setReady() { absl::MutexLock lock(&mutex_); EXPECT_FALSE(ready_); ready_ = true; } void ConditionalInitializer::waitReady() { absl::MutexLock lock(&mutex_); if (ready_) { ready_ = false; return; } mutex_.Await(absl::Condition(&ready_)); EXPECT_TRUE(ready_); ready_ = false; } void ConditionalInitializer::wait() { absl::MutexLock lock(&mutex_); mutex_.Await(absl::Condition(&ready_)); EXPECT_TRUE(ready_); } constexpr std::chrono::milliseconds TestUtility::DefaultTimeout; namespace Api { class TestImplProvider { protected: Event::GlobalTimeSystem global_time_system_; testing::NiceMock default_stats_store_; testing::NiceMock mock_random_generator_; }; class TestImpl : public TestImplProvider, public Impl { public: TestImpl(Thread::ThreadFactory& thread_factory, Filesystem::Instance& file_system, Stats::Store* stats_store = nullptr, Event::TimeSystem* time_system = nullptr, Random::RandomGenerator* random = nullptr) : Impl(thread_factory, stats_store ? *stats_store : default_stats_store_, time_system ? *time_system : global_time_system_, file_system, random ? *random : mock_random_generator_) {} }; ApiPtr createApiForTest() { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest()); } ApiPtr createApiForTest(Random::RandomGenerator& random) { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), nullptr, nullptr, &random); } ApiPtr createApiForTest(Stats::Store& stat_store) { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), &stat_store); } ApiPtr createApiForTest(Stats::Store& stat_store, Random::RandomGenerator& random) { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), &stat_store, nullptr, &random); } ApiPtr createApiForTest(Event::TimeSystem& time_system) { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), nullptr, &time_system); } ApiPtr createApiForTest(Stats::Store& stat_store, Event::TimeSystem& time_system) { return std::make_unique(Thread::threadFactoryForTest(), Filesystem::fileSystemForTest(), &stat_store, &time_system); } } // namespace Api } // namespace Envoy ================================================ FILE: test/test_common/utility.h ================================================ #pragma once #include #include #include #include #include #include "envoy/api/api.h" #include "envoy/buffer/buffer.h" #include "envoy/network/address.h" #include "envoy/stats/stats.h" #include "envoy/stats/store.h" #include "envoy/thread/thread.h" #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/v3/percent.pb.h" #include "common/buffer/buffer_impl.h" #include "common/common/c_smart_ptr.h" #include "common/common/empty_string.h" #include "common/common/thread.h" #include "common/config/decoded_resource_impl.h" #include "common/config/opaque_resource_decoder_impl.h" #include "common/config/version_converter.h" #include "common/http/header_map_impl.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/stats/symbol_table_impl.h" #include "test/test_common/file_system_for_test.h" #include "test/test_common/printers.h" #include "test/test_common/test_time_system.h" #include "test/test_common/thread_factory_for_test.h" #include "absl/strings/string_view.h" #include "absl/time/time.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; // NOLINT(misc-unused-using-decls) using testing::AssertionFailure; using testing::AssertionResult; using testing::AssertionSuccess; using testing::Invoke; // NOLINT(misc-unused-using-decls) namespace Envoy { /* Macro to use for validating that a statement throws the specified type of exception, and that the exception's what() method returns a string which is matched by the specified matcher. This allows for expectations such as: EXPECT_THAT_THROWS_MESSAGE( bad_function_call(), EnvoyException, AllOf(StartsWith("expected prefix"), HasSubstr("some substring"))); */ #define EXPECT_THAT_THROWS_MESSAGE(statement, expected_exception, matcher) \ try { \ statement; \ ADD_FAILURE() << "Exception should take place. It did not."; \ } catch (expected_exception & e) { \ EXPECT_THAT(std::string(e.what()), matcher); \ } // Expect that the statement throws the specified type of exception with exactly the specified // message. #define EXPECT_THROW_WITH_MESSAGE(statement, expected_exception, message) \ EXPECT_THAT_THROWS_MESSAGE(statement, expected_exception, ::testing::Eq(message)) // Expect that the statement throws the specified type of exception with a message containing a // substring matching the specified regular expression (i.e. the regex doesn't have to match // the entire message). #define EXPECT_THROW_WITH_REGEX(statement, expected_exception, regex_str) \ EXPECT_THAT_THROWS_MESSAGE(statement, expected_exception, ::testing::ContainsRegex(regex_str)) // Expect that the statement throws the specified type of exception with a message that does not // contain any substring matching the specified regular expression. #define EXPECT_THROW_WITHOUT_REGEX(statement, expected_exception, regex_str) \ EXPECT_THAT_THROWS_MESSAGE(statement, expected_exception, \ ::testing::Not(::testing::ContainsRegex(regex_str))) #define VERBOSE_EXPECT_NO_THROW(statement) \ try { \ statement; \ } catch (EnvoyException & e) { \ ADD_FAILURE() << "Unexpected exception: " << std::string(e.what()); \ } #define VERIFY_ASSERTION(statement) \ do { \ ::testing::AssertionResult status = statement; \ if (!status) { \ return status; \ } \ } while (false) // A convenience macro for testing Envoy deprecated features. This will disable the test when // tests are built with --define deprecated_features=disabled to avoid the hard-failure mode for // deprecated features. Sample usage is: // // TEST_F(FixtureName, DEPRECATED_FEATURE_TEST(TestName)) { // ... // } #ifndef ENVOY_DISABLE_DEPRECATED_FEATURES #define DEPRECATED_FEATURE_TEST(X) X #else #define DEPRECATED_FEATURE_TEST(X) DISABLED_##X #endif // Random number generator which logs its seed to stderr. To repeat a test run with a non-zero seed // one can run the test with --test_arg=--gtest_random_seed=[seed] class TestRandomGenerator { public: TestRandomGenerator(); uint64_t random(); private: const int32_t seed_; std::ranlux48 generator_; RealTimeSource real_time_source_; }; class TestUtility { public: /** * Compare 2 HeaderMaps. * @param lhs supplies HeaderMap 1. * @param rhs supplies HeaderMap 2. * @return TRUE if the HeaderMaps are equal, ignoring the order of the * headers, false if not. */ static bool headerMapEqualIgnoreOrder(const Http::HeaderMap& lhs, const Http::HeaderMap& rhs); /** * Compare 2 buffers. * @param lhs supplies buffer 1. * @param rhs supplies buffer 2. * @return TRUE if the buffers contain equal content * (i.e., if lhs.toString() == rhs.toString()), false if not. */ static bool buffersEqual(const Buffer::Instance& lhs, const Buffer::Instance& rhs); /** * Compare 2 RawSlice pointers. * @param lhs supplies raw slice 1. * @param rhs supplies raw slice 2. * @param num_slices The number of slices to compare. It is assumed lhs and rhs have the same * number. * @return true if for num_slices, all lhs raw slices are equal to the corresponding rhs raw slice * in length and a byte by byte data comparison. false otherwise */ static bool rawSlicesEqual(const Buffer::RawSlice* lhs, const Buffer::RawSlice* rhs, size_t num_slices); /** * Feed a buffer with random characters. * @param buffer supplies the buffer to be fed. * @param n_char number of characters that should be added to the supplied buffer. * @param seed seeds pseudo-random number generator (default = 0). */ static void feedBufferWithRandomCharacters(Buffer::Instance& buffer, uint64_t n_char, uint64_t seed = 0); /** * Finds a stat in a vector with the given name. * @param name the stat name to look for. * @param v the vector of stats. * @return the stat */ template static T findByName(const std::vector& v, const std::string& name) { auto pos = std::find_if(v.begin(), v.end(), [&name](const T& stat) -> bool { return stat->name() == name; }); if (pos == v.end()) { return nullptr; } return *pos; } /** * Find a counter in a stats store. * @param store supplies the stats store. * @param name supplies the name to search for. * @return Stats::CounterSharedPtr the counter or nullptr if there is none. */ static Stats::CounterSharedPtr findCounter(Stats::Store& store, const std::string& name); /** * Find a gauge in a stats store. * @param store supplies the stats store. * @param name supplies the name to search for. * @return Stats::GaugeSharedPtr the gauge or nullptr if there is none. */ static Stats::GaugeSharedPtr findGauge(Stats::Store& store, const std::string& name); /** * Wait for a counter to == a given value. * @param store supplies the stats store. * @param name supplies the name of the counter to wait for. * @param value supplies the value of the counter. * @param time_system the time system to use for waiting. * @param timeout the maximum time to wait before timing out, or 0 for no timeout. * @param dispatcher the dispatcher to run non-blocking periodically during the wait. * @return AssertionSuccess() if the counter was == to the value within the timeout, else * AssertionFailure(). */ static AssertionResult waitForCounterEq(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout = std::chrono::milliseconds::zero(), Event::Dispatcher* dispatcher = nullptr); /** * Wait for a counter to >= a given value. * @param store supplies the stats store. * @param name counter name. * @param value target value. * @param time_system the time system to use for waiting. * @param timeout the maximum time to wait before timing out, or 0 for no timeout. * @return AssertionSuccess() if the counter was >= to the value within the timeout, else * AssertionFailure(). */ static AssertionResult waitForCounterGe(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()); /** * Wait for a gauge to >= a given value. * @param store supplies the stats store. * @param name gauge name. * @param value target value. * @param time_system the time system to use for waiting. * @param timeout the maximum time to wait before timing out, or 0 for no timeout. * @return AssertionSuccess() if the counter gauge >= to the value within the timeout, else * AssertionFailure(). */ static AssertionResult waitForGaugeGe(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()); /** * Wait for a gauge to == a given value. * @param store supplies the stats store. * @param name gauge name. * @param value target value. * @param time_system the time system to use for waiting. * @param timeout the maximum time to wait before timing out, or 0 for no timeout. * @return AssertionSuccess() if the gauge was == to the value within the timeout, else * AssertionFailure(). */ static AssertionResult waitForGaugeEq(Stats::Store& store, const std::string& name, uint64_t value, Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()); /** * Find a readout in a stats store. * @param store supplies the stats store. * @param name supplies the name to search for. * @return Stats::TextReadoutSharedPtr the readout or nullptr if there is none. */ static Stats::TextReadoutSharedPtr findTextReadout(Stats::Store& store, const std::string& name); /** * Convert a string list of IP addresses into a list of network addresses usable for DNS * response testing. */ static std::list makeDnsResponse(const std::list& addresses, std::chrono::seconds = std::chrono::seconds(0)); /** * List files in a given directory path * * @param path directory path to list * @param recursive whether or not to traverse subdirectories * @return std::vector filenames */ static std::vector listFiles(const std::string& path, bool recursive); /** * Return a unique temporary filename for use in tests. * * @return a filename based on the process id and current time. */ static std::string uniqueFilename() { return absl::StrCat(getpid(), "_", std::chrono::system_clock::now().time_since_epoch().count()); } /** * Compare two protos of the same type for equality. * * @param lhs proto on LHS. * @param rhs proto on RHS. * @param ignore_repeated_field_ordering if true, repeated field ordering will be ignored. * @return bool indicating whether the protos are equal. */ static bool protoEqual(const Protobuf::Message& lhs, const Protobuf::Message& rhs, bool ignore_repeated_field_ordering = false) { Protobuf::util::MessageDifferencer differencer; differencer.set_message_field_comparison(Protobuf::util::MessageDifferencer::EQUIVALENT); if (ignore_repeated_field_ordering) { differencer.set_repeated_field_comparison(Protobuf::util::MessageDifferencer::AS_SET); } return differencer.Compare(lhs, rhs); } static bool protoEqualIgnoringField(const Protobuf::Message& lhs, const Protobuf::Message& rhs, const std::string& field_to_ignore) { Protobuf::util::MessageDifferencer differencer; const Protobuf::FieldDescriptor* ignored_field = lhs.GetDescriptor()->FindFieldByName(field_to_ignore); ASSERT(ignored_field != nullptr, "Field name to ignore not found."); differencer.IgnoreField(ignored_field); return differencer.Compare(lhs, rhs); } /** * Compare two decoded resources for equality. * * @param lhs decoded resource on LHS. * @param rhs decoded resource on RHS. * @return bool indicating whether the decoded resources are equal. */ static bool decodedResourceEq(const Config::DecodedResource& lhs, const Config::DecodedResource& rhs) { return lhs.name() == rhs.name() && lhs.aliases() == rhs.aliases() && lhs.version() == rhs.version() && lhs.hasResource() == rhs.hasResource() && (!lhs.hasResource() || protoEqual(lhs.resource(), rhs.resource())); } /** * Compare two JSON strings serialized from ProtobufWkt::Struct for equality. When two identical * ProtobufWkt::Struct are serialized into JSON strings, the results have the same set of * properties (values), but the positions may be different. * * @param lhs JSON string on LHS. * @param rhs JSON string on RHS. * @return bool indicating whether the JSON strings are equal. */ static bool jsonStringEqual(const std::string& lhs, const std::string& rhs) { return protoEqual(jsonToStruct(lhs), jsonToStruct(rhs)); } /** * Symmetrically pad a string with '=' out to a desired length. * @param to_pad the string being padded around. * @param desired_length the length we want the padding to bring the string up to. * @return the padded string. */ static std::string addLeftAndRightPadding(absl::string_view to_pad, int desired_length = 80); /** * Split a string. * @param source supplies the string to split. * @param split supplies the char to split on. * @return vector of strings computed after splitting `source` around all instances of `split`. */ static std::vector split(const std::string& source, char split); /** * Split a string. * @param source supplies the string to split. * @param split supplies the string to split on. * @param keep_empty_string result contains empty strings if the string starts or ends with * 'split', or if instances of 'split' are adjacent. * @return vector of strings computed after splitting `source` around all instances of `split`. */ static std::vector split(const std::string& source, const std::string& split, bool keep_empty_string = false); /** * Compare two RepeatedPtrFields of the same type for equality. * * @param lhs RepeatedPtrField on LHS. * @param rhs RepeatedPtrField on RHS. * @param ignore_ordering if ordering should be ignored. Note if true this turns * comparison into an N^2 operation. * @return bool indicating whether the RepeatedPtrField are equal. TestUtility::protoEqual() is * used for individual element testing. */ template static bool repeatedPtrFieldEqual(const Protobuf::RepeatedPtrField& lhs, const Protobuf::RepeatedPtrField& rhs, bool ignore_ordering = false) { if (lhs.size() != rhs.size()) { return false; } if (!ignore_ordering) { for (int i = 0; i < lhs.size(); ++i) { if (!TestUtility::protoEqual(lhs[i], rhs[i], /*ignore_ordering=*/false)) { return false; } } return true; } using ProtoList = std::list>; // Iterate through using protoEqual as ignore_ordering is true, and fields // in the sub-protos may also be out of order. ProtoList lhs_list = RepeatedPtrUtil::convertToConstMessagePtrContainer(lhs); ProtoList rhs_list = RepeatedPtrUtil::convertToConstMessagePtrContainer(rhs); while (!lhs_list.empty()) { bool found = false; for (auto it = rhs_list.begin(); it != rhs_list.end(); ++it) { if (TestUtility::protoEqual(*lhs_list.front(), **it, /*ignore_ordering=*/true)) { lhs_list.pop_front(); rhs_list.erase(it); found = true; break; } } if (!found) { return false; } } return true; } template static AssertionResult assertRepeatedPtrFieldEqual(const Protobuf::RepeatedPtrField& lhs, const Protobuf::RepeatedPtrField& rhs, bool ignore_ordering = false) { if (!repeatedPtrFieldEqual(lhs, rhs, ignore_ordering)) { return AssertionFailure() << RepeatedPtrUtil::debugString(lhs) << " does not match " << RepeatedPtrUtil::debugString(rhs); } return AssertionSuccess(); } /** * Returns the closest thing to a sensible "name" field for the given xDS resource. * @param resource the resource to extract the name of. * @return the resource's name. */ static std::string xdsResourceName(const ProtobufWkt::Any& resource); /** * Returns a "novel" IPv4 loopback address, if available. * For many tests, we want a loopback address other than 127.0.0.1 where possible. For some * platforms such as macOS, only 127.0.0.1 is available for IPv4 loopback. * * @return string 127.0.0.x , where x is "1" for macOS and "9" otherwise. */ static std::string getIpv4Loopback() { #ifdef __APPLE__ return "127.0.0.1"; #else return "127.0.0.9"; #endif } /** * Return typed proto message object for YAML. * @param yaml YAML string. * @return MessageType parsed from yaml. */ template static MessageType parseYaml(const std::string& yaml) { MessageType message; TestUtility::loadFromYaml(yaml, message); return message; } // Allows pretty printed test names for TEST_P using TestEnvironment::getIpVersionsForTest(). // // Tests using this will be of the form IpVersions/SslSocketTest.HalfClose/IPv4 // instead of IpVersions/SslSocketTest.HalfClose/1 static std::string ipTestParamsToString(const ::testing::TestParamInfo& params) { return params.param == Network::Address::IpVersion::v4 ? "IPv4" : "IPv6"; } /** * Return flip-ordered bytes. * @param bytes input bytes. * @return Type flip-ordered bytes. */ template static Type flipOrder(const Type& bytes) { Type result{0}; Type data = bytes; for (Type i = 0; i < sizeof(Type); i++) { result <<= 8; result |= (data & Type(0xFF)); data >>= 8; } return result; } static absl::Time parseTime(const std::string& input, const std::string& input_format); static std::string formatTime(const absl::Time input, const std::string& output_format); static std::string formatTime(const SystemTime input, const std::string& output_format); static std::string convertTime(const std::string& input, const std::string& input_format, const std::string& output_format); static constexpr std::chrono::milliseconds DefaultTimeout = std::chrono::milliseconds(10000); /** * Return a prefix string matcher. * @param string prefix. * @return Object StringMatcher. */ static const envoy::type::matcher::v3::StringMatcher createPrefixMatcher(std::string str) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_prefix(str); return matcher; } /** * Return an exact string matcher. * @param string exact. * @return Object StringMatcher. */ static const envoy::type::matcher::v3::StringMatcher createExactMatcher(std::string str) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_exact(str); return matcher; } /** * Return a regex string matcher. * @param string exact. * @return Object StringMatcher. */ static const envoy::type::matcher::v3::StringMatcher createRegexMatcher(std::string str) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_hidden_envoy_deprecated_regex(str); return matcher; } /** * Checks that passed gauges have a value of 0. Gauges can be omitted from * this check by modifying the regex that matches gauge names in the * implementation. * * @param vector of gauges to check. * @return bool indicating that passed gauges not matching the omitted regex have a value of 0. */ static bool gaugesZeroed(const std::vector& gauges); static bool gaugesZeroed( const std::vector>& gauges); /** * Returns the members of gauges that are not zero. Uses the same regex filter as gaugesZeroed(). */ static std::string nonZeroedGauges(const std::vector& gauges); // Strict variants of Protobuf::MessageUtil static void loadFromJson(const std::string& json, Protobuf::Message& message, bool preserve_original_type = false, bool avoid_boosting = false) { MessageUtil::loadFromJson(json, message, ProtobufMessage::getStrictValidationVisitor(), !avoid_boosting); if (!preserve_original_type) { Config::VersionConverter::eraseOriginalTypeInformation(message); } } static void loadFromJson(const std::string& json, ProtobufWkt::Struct& message) { MessageUtil::loadFromJson(json, message); } static void loadFromYaml(const std::string& yaml, Protobuf::Message& message, bool preserve_original_type = false, bool avoid_boosting = false) { MessageUtil::loadFromYaml(yaml, message, ProtobufMessage::getStrictValidationVisitor(), !avoid_boosting); if (!preserve_original_type) { Config::VersionConverter::eraseOriginalTypeInformation(message); } } static void loadFromFile(const std::string& path, Protobuf::Message& message, Api::Api& api, bool preserve_original_type = false) { MessageUtil::loadFromFile(path, message, ProtobufMessage::getStrictValidationVisitor(), api); if (!preserve_original_type) { Config::VersionConverter::eraseOriginalTypeInformation(message); } } template static inline MessageType anyConvert(const ProtobufWkt::Any& message) { return MessageUtil::anyConvert(message); } template static void loadFromYamlAndValidate(const std::string& yaml, MessageType& message, bool preserve_original_type = false, bool avoid_boosting = false) { MessageUtil::loadFromYamlAndValidate( yaml, message, ProtobufMessage::getStrictValidationVisitor(), avoid_boosting); if (!preserve_original_type) { Config::VersionConverter::eraseOriginalTypeInformation(message); } } template static void validate(const MessageType& message) { MessageUtil::validate(message, ProtobufMessage::getStrictValidationVisitor()); } template static const MessageType& downcastAndValidate(const Protobuf::Message& config) { return MessageUtil::downcastAndValidate( config, ProtobufMessage::getStrictValidationVisitor()); } static void jsonConvert(const Protobuf::Message& source, Protobuf::Message& dest) { // Explicit round-tripping to support conversions inside tests between arbitrary messages as a // convenience. ProtobufWkt::Struct tmp; MessageUtil::jsonConvert(source, tmp); MessageUtil::jsonConvert(tmp, ProtobufMessage::getStrictValidationVisitor(), dest); } static ProtobufWkt::Struct jsonToStruct(const std::string& json) { ProtobufWkt::Struct message; MessageUtil::loadFromJson(json, message); return message; } /** * Extract the Protobuf binary format of a google.protobuf.Message as a string. * @param message message of type type.googleapis.com/google.protobuf.Message. * @return std::string of the Protobuf binary object. */ static std::string getProtobufBinaryStringFromMessage(const Protobuf::Message& message) { std::string pb_binary_str; pb_binary_str.reserve(message.ByteSizeLong()); message.SerializeToString(&pb_binary_str); return pb_binary_str; } template static Config::DecodedResourcesWrapper decodeResources(std::initializer_list resources, const std::string& name_field = "name") { Config::DecodedResourcesWrapper decoded_resources; for (const auto& resource : resources) { auto owned_resource = std::make_unique(resource); decoded_resources.owned_resources_.emplace_back(new Config::DecodedResourceImpl( std::move(owned_resource), MessageUtil::getStringField(resource, name_field), {}, "")); decoded_resources.refvec_.emplace_back(*decoded_resources.owned_resources_.back()); } return decoded_resources; } template static Config::DecodedResourcesWrapper decodeResources(std::vector resources, const std::string& name_field = "name") { Config::DecodedResourcesWrapper decoded_resources; for (const auto& resource : resources) { auto owned_resource = std::make_unique(resource); decoded_resources.owned_resources_.emplace_back(new Config::DecodedResourceImpl( std::move(owned_resource), MessageUtil::getStringField(resource, name_field), {}, "")); decoded_resources.refvec_.emplace_back(*decoded_resources.owned_resources_.back()); } return decoded_resources; } template static Config::DecodedResourcesWrapper decodeResources(const Protobuf::RepeatedPtrField& resources, const std::string& version, const std::string& name_field = "name") { TestOpaqueResourceDecoderImpl resource_decoder(name_field); return Config::DecodedResourcesWrapper(resource_decoder, resources, version); } template static Config::DecodedResourcesWrapper decodeResources(const envoy::service::discovery::v3::DiscoveryResponse& resources, const std::string& name_field = "name") { return decodeResources(resources.resources(), resources.version_info(), name_field); } template static Config::DecodedResourcesWrapper decodeResources( const Protobuf::RepeatedPtrField& resources, const std::string& name_field = "name") { Config::DecodedResourcesWrapper decoded_resources; TestOpaqueResourceDecoderImpl resource_decoder(name_field); for (const auto& resource : resources) { decoded_resources.owned_resources_.emplace_back( new Config::DecodedResourceImpl(resource_decoder, resource)); decoded_resources.refvec_.emplace_back(*decoded_resources.owned_resources_.back()); } return decoded_resources; } template class TestOpaqueResourceDecoderImpl : public Config::OpaqueResourceDecoderImpl { public: TestOpaqueResourceDecoderImpl(absl::string_view name_field) : Config::OpaqueResourceDecoderImpl(ProtobufMessage::getStrictValidationVisitor(), name_field) {} }; /** * Returns the string representation of a envoy::config::core::v3::ApiVersion. * * @param api_version to be converted. * @return std::string representation of envoy::config::core::v3::ApiVersion. */ static std::string getVersionStringFromApiVersion(envoy::config::core::v3::ApiVersion api_version) { switch (api_version) { case envoy::config::core::v3::ApiVersion::AUTO: return "AUTO"; case envoy::config::core::v3::ApiVersion::V2: return "V2"; case envoy::config::core::v3::ApiVersion::V3: return "V3"; default: NOT_REACHED_GCOVR_EXCL_LINE; } } /** * Returns the fully-qualified name of a service, rendered from service_full_name_template. * * @param service_full_name_template the service fully-qualified name template. * @param api_version version of a service. * @param use_alpha if the alpha version is preferred. * @param service_namespace to override the service namespace. * @return std::string full path of a service method. */ static std::string getVersionedServiceFullName(const std::string& service_full_name_template, envoy::config::core::v3::ApiVersion api_version, bool use_alpha = false, const std::string& service_namespace = EMPTY_STRING) { switch (api_version) { case envoy::config::core::v3::ApiVersion::AUTO: FALLTHRU; case envoy::config::core::v3::ApiVersion::V2: return fmt::format(service_full_name_template, use_alpha ? "v2alpha" : "v2", service_namespace); case envoy::config::core::v3::ApiVersion::V3: return fmt::format(service_full_name_template, "v3", service_namespace); default: NOT_REACHED_GCOVR_EXCL_LINE; } } /** * Returns the full path of a service method. * * @param service_full_name_template the service fully-qualified name template. * @param method_name the method name. * @param api_version version of a service method. * @param use_alpha if the alpha version is preferred. * @param service_namespace to override the service namespace. * @return std::string full path of a service method. */ static std::string getVersionedMethodPath(const std::string& service_full_name_template, absl::string_view method_name, envoy::config::core::v3::ApiVersion api_version, bool use_alpha = false, const std::string& service_namespace = EMPTY_STRING) { return absl::StrCat("/", getVersionedServiceFullName(service_full_name_template, api_version, use_alpha, service_namespace), "/", method_name); } }; /** * Wraps the common case of having a cross-thread "one shot" ready condition. * * It functions like absl::Notification except the usage of notifyAll() appears * to trigger tighter simultaneous wakeups in multiple threads, resulting in * more contentions, e.g. for BM_CreateRace in * ../common/stats/symbol_table_speed_test.cc. * * See * https://github.com/abseil/abseil-cpp/blob/master/absl/synchronization/notification.h * for the absl impl, which appears to result in fewer contentions (and in * tests we want contentions). */ class ConditionalInitializer { public: /** * Set the conditional to ready. */ void setReady(); /** * Block until the conditional is ready, will return immediately if it is already ready. This * routine will also reset ready_ so that the initializer can be used again. setReady() should * only be called once in between a call to waitReady(). */ void waitReady(); /** * Waits until ready; does not reset it. This variation is immune to spurious * condvar wakeups, and is also suitable for having multiple threads wait on * a common condition. */ void wait(); private: absl::Mutex mutex_; bool ready_ ABSL_GUARDED_BY(mutex_){false}; }; namespace Http { /** * All of the inline header functions that just pass through to the child header map. */ #define DEFINE_TEST_INLINE_HEADER_FUNCS(name) \ public: \ const HeaderEntry* name() const override { return header_map_->name(); } \ void append##name(absl::string_view data, absl::string_view delimiter) override { \ header_map_->append##name(data, delimiter); \ header_map_->verifyByteSizeInternalForTest(); \ } \ void setReference##name(absl::string_view value) override { \ header_map_->setReference##name(value); \ header_map_->verifyByteSizeInternalForTest(); \ } \ void set##name(absl::string_view value) override { \ header_map_->set##name(value); \ header_map_->verifyByteSizeInternalForTest(); \ } \ void set##name(uint64_t value) override { \ header_map_->set##name(value); \ header_map_->verifyByteSizeInternalForTest(); \ } \ size_t remove##name() override { \ const size_t headers_removed = header_map_->remove##name(); \ header_map_->verifyByteSizeInternalForTest(); \ return headers_removed; \ } \ absl::string_view get##name##Value() const override { return header_map_->get##name##Value(); } /** * Base class for all test header map types. This class wraps an underlying real header map * implementation, passes through all calls, and adds some niceties for testing that we don't * want in the production implementation for performance reasons. The wrapping functionality is * primarily here to deal with complexities around virtual calls in some constructor paths in * HeaderMapImpl. */ template class TestHeaderMapImplBase : public Interface { public: TestHeaderMapImplBase() = default; TestHeaderMapImplBase(const std::initializer_list>& values) { for (auto& value : values) { header_map_->addCopy(LowerCaseString(value.first), value.second); } header_map_->verifyByteSizeInternalForTest(); } TestHeaderMapImplBase(const TestHeaderMapImplBase& rhs) : TestHeaderMapImplBase(*rhs.header_map_) {} TestHeaderMapImplBase(const HeaderMap& rhs) { HeaderMapImpl::copyFrom(*header_map_, rhs); header_map_->verifyByteSizeInternalForTest(); } TestHeaderMapImplBase& operator=(const TestHeaderMapImplBase& rhs) { if (this == &rhs) { return *this; } clear(); HeaderMapImpl::copyFrom(*header_map_, rhs); header_map_->verifyByteSizeInternalForTest(); return *this; } // Value added methods on top of HeaderMap. void addCopy(const std::string& key, const std::string& value) { addCopy(LowerCaseString(key), value); } std::string get_(const std::string& key) const { return get_(LowerCaseString(key)); } std::string get_(const LowerCaseString& key) const { const HeaderEntry* header = get(key); if (!header) { return EMPTY_STRING; } else { return std::string(header->value().getStringView()); } } bool has(const std::string& key) const { return get(LowerCaseString(key)) != nullptr; } bool has(const LowerCaseString& key) const { return get(key) != nullptr; } size_t remove(const std::string& key) { return remove(LowerCaseString(key)); } // HeaderMap bool operator==(const HeaderMap& rhs) const override { return header_map_->operator==(rhs); } bool operator!=(const HeaderMap& rhs) const override { return header_map_->operator!=(rhs); } void addViaMove(HeaderString&& key, HeaderString&& value) override { header_map_->addViaMove(std::move(key), std::move(value)); header_map_->verifyByteSizeInternalForTest(); } void addReference(const LowerCaseString& key, absl::string_view value) override { header_map_->addReference(key, value); header_map_->verifyByteSizeInternalForTest(); } void addReferenceKey(const LowerCaseString& key, uint64_t value) override { header_map_->addReferenceKey(key, value); header_map_->verifyByteSizeInternalForTest(); } void addReferenceKey(const LowerCaseString& key, absl::string_view value) override { header_map_->addReferenceKey(key, value); header_map_->verifyByteSizeInternalForTest(); } void addCopy(const LowerCaseString& key, uint64_t value) override { header_map_->addCopy(key, value); header_map_->verifyByteSizeInternalForTest(); } void addCopy(const LowerCaseString& key, absl::string_view value) override { header_map_->addCopy(key, value); header_map_->verifyByteSizeInternalForTest(); } void appendCopy(const LowerCaseString& key, absl::string_view value) override { header_map_->appendCopy(key, value); header_map_->verifyByteSizeInternalForTest(); } void setReference(const LowerCaseString& key, absl::string_view value) override { header_map_->setReference(key, value); header_map_->verifyByteSizeInternalForTest(); } void setReferenceKey(const LowerCaseString& key, absl::string_view value) override { header_map_->setReferenceKey(key, value); } void setCopy(const LowerCaseString& key, absl::string_view value) override { header_map_->setCopy(key, value); header_map_->verifyByteSizeInternalForTest(); } uint64_t byteSize() const override { return header_map_->byteSize(); } const HeaderEntry* get(const LowerCaseString& key) const override { return header_map_->get(key); } HeaderMap::GetResult getAll(const LowerCaseString& key) const override { return header_map_->getAll(key); } void iterate(HeaderMap::ConstIterateCb cb) const override { header_map_->iterate(cb); } void iterateReverse(HeaderMap::ConstIterateCb cb) const override { header_map_->iterateReverse(cb); } void clear() override { header_map_->clear(); header_map_->verifyByteSizeInternalForTest(); } size_t remove(const LowerCaseString& key) override { size_t headers_removed = header_map_->remove(key); header_map_->verifyByteSizeInternalForTest(); return headers_removed; } size_t removeIf(const HeaderMap::HeaderMatchPredicate& predicate) override { size_t headers_removed = header_map_->removeIf(predicate); header_map_->verifyByteSizeInternalForTest(); return headers_removed; } size_t removePrefix(const LowerCaseString& key) override { size_t headers_removed = header_map_->removePrefix(key); header_map_->verifyByteSizeInternalForTest(); return headers_removed; } size_t size() const override { return header_map_->size(); } bool empty() const override { return header_map_->empty(); } void dumpState(std::ostream& os, int indent_level = 0) const override { header_map_->dumpState(os, indent_level); } using Handle = typename CustomInlineHeaderRegistry::Handle; const HeaderEntry* getInline(Handle handle) const override { return header_map_->getInline(handle); } void appendInline(Handle handle, absl::string_view data, absl::string_view delimiter) override { header_map_->appendInline(handle, data, delimiter); header_map_->verifyByteSizeInternalForTest(); } void setReferenceInline(Handle handle, absl::string_view value) override { header_map_->setReferenceInline(handle, value); header_map_->verifyByteSizeInternalForTest(); } void setInline(Handle handle, absl::string_view value) override { header_map_->setInline(handle, value); header_map_->verifyByteSizeInternalForTest(); } void setInline(Handle handle, uint64_t value) override { header_map_->setInline(handle, value); header_map_->verifyByteSizeInternalForTest(); } size_t removeInline(Handle handle) override { const size_t rc = header_map_->removeInline(handle); header_map_->verifyByteSizeInternalForTest(); return rc; } std::unique_ptr header_map_{Impl::create()}; }; /** * Typed test implementations for all of the concrete header types. */ class TestRequestHeaderMapImpl : public TestHeaderMapImplBase { public: using TestHeaderMapImplBase::TestHeaderMapImplBase; INLINE_REQ_HEADERS(DEFINE_TEST_INLINE_HEADER_FUNCS) INLINE_REQ_RESP_HEADERS(DEFINE_TEST_INLINE_HEADER_FUNCS) }; using TestRequestTrailerMapImpl = TestHeaderMapImplBase; class TestResponseHeaderMapImpl : public TestHeaderMapImplBase { public: using TestHeaderMapImplBase::TestHeaderMapImplBase; INLINE_RESP_HEADERS(DEFINE_TEST_INLINE_HEADER_FUNCS) INLINE_REQ_RESP_HEADERS(DEFINE_TEST_INLINE_HEADER_FUNCS) INLINE_RESP_HEADERS_TRAILERS(DEFINE_TEST_INLINE_HEADER_FUNCS) }; class TestResponseTrailerMapImpl : public TestHeaderMapImplBase { public: using TestHeaderMapImplBase::TestHeaderMapImplBase; INLINE_RESP_HEADERS_TRAILERS(DEFINE_TEST_INLINE_HEADER_FUNCS) }; // Helper method to create a header map from an initializer list. Useful due to make_unique's // inability to infer the initializer list type. template inline std::unique_ptr makeHeaderMap(const std::initializer_list>& values) { return std::make_unique>&>( values); } } // namespace Http namespace Api { ApiPtr createApiForTest(); ApiPtr createApiForTest(Random::RandomGenerator& random); ApiPtr createApiForTest(Stats::Store& stat_store); ApiPtr createApiForTest(Stats::Store& stat_store, Random::RandomGenerator& random); ApiPtr createApiForTest(Event::TimeSystem& time_system); ApiPtr createApiForTest(Stats::Store& stat_store, Event::TimeSystem& time_system); } // namespace Api MATCHER_P(HeaderMapEqualIgnoreOrder, expected, "") { const bool equal = TestUtility::headerMapEqualIgnoreOrder(*arg, *expected); if (!equal) { *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected header map:") << "\n" << *expected << TestUtility::addLeftAndRightPadding("is not equal to actual header map:") << "\n" << *arg << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } MATCHER_P(ProtoEq, expected, "") { const bool equal = TestUtility::protoEqual(arg, expected, /*ignore_repeated_field_ordering=*/false); if (!equal) { *result_listener << "\n" << "==========================Expected proto:===========================\n" << expected.DebugString() << "------------------is not equal to actual proto:---------------------\n" << arg.DebugString() << "====================================================================\n"; } return equal; } MATCHER_P(ProtoEqIgnoreRepeatedFieldOrdering, expected, "") { const bool equal = TestUtility::protoEqual(arg, expected, /*ignore_repeated_field_ordering=*/true); if (!equal) { *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected proto:") << "\n" << expected.DebugString() << TestUtility::addLeftAndRightPadding("is not equal to actual proto:") << "\n" << arg.DebugString() << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } MATCHER_P2(ProtoEqIgnoringField, expected, ignored_field, "") { const bool equal = TestUtility::protoEqualIgnoringField(arg, expected, ignored_field); if (!equal) { std::string but_ignoring = absl::StrCat("(but ignoring ", ignored_field, ")"); *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected proto:") << "\n" << TestUtility::addLeftAndRightPadding(but_ignoring) << "\n" << expected.DebugString() << TestUtility::addLeftAndRightPadding("is not equal to actual proto:") << "\n" << arg.DebugString() << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } MATCHER_P(RepeatedProtoEq, expected, "") { const bool equal = TestUtility::repeatedPtrFieldEqual(arg, expected); if (!equal) { *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected repeated:") << "\n" << RepeatedPtrUtil::debugString(expected) << "\n" << TestUtility::addLeftAndRightPadding("is not equal to actual repeated:") << "\n" << RepeatedPtrUtil::debugString(arg) << "\n" << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } MATCHER_P(DecodedResourcesEq, expected, "") { const bool equal = std::equal(arg.begin(), arg.end(), expected.begin(), expected.end(), TestUtility::decodedResourceEq); if (!equal) { const auto format_resources = [](const std::vector& resources) -> std::string { std::vector resource_strs; std::transform( resources.begin(), resources.end(), std::back_inserter(resource_strs), [](const Config::DecodedResourceRef& resource) -> std::string { return fmt::format( "", resource.get().name(), absl::StrJoin(resource.get().aliases(), ","), resource.get().version(), resource.get().hasResource() ? resource.get().resource().DebugString() : "(none)"); }); return absl::StrJoin(resource_strs, ", "); }; *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected resources:") << "\n" << format_resources(expected) << "\n" << TestUtility::addLeftAndRightPadding("are not equal to actual resources:") << "\n" << format_resources(arg) << "\n" << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } MATCHER_P(Percent, rhs, "") { envoy::type::v3::FractionalPercent expected; expected.set_numerator(rhs); expected.set_denominator(envoy::type::v3::FractionalPercent::HUNDRED); return TestUtility::protoEqual(expected, arg, /*ignore_repeated_field_ordering=*/false); } MATCHER_P(JsonStringEq, expected, "") { const bool equal = TestUtility::jsonStringEqual(arg, expected); if (!equal) { *result_listener << "\n" << TestUtility::addLeftAndRightPadding("Expected JSON string:") << "\n" << expected << TestUtility::addLeftAndRightPadding("is not equal to actual JSON string:") << "\n" << arg << TestUtility::addLeftAndRightPadding("") // line full of padding << "\n"; } return equal; } } // namespace Envoy ================================================ FILE: test/test_common/utility_test.cc ================================================ #include "envoy/service/discovery/v3/discovery.pb.h" #include "test/test_common/utility.h" #include "gtest/gtest.h" namespace Envoy { TEST(HeaderMapEqualIgnoreOrder, ActuallyEqual) { Http::TestRequestHeaderMapImpl lhs{{":method", "GET"}, {":path", "/"}, {":authority", "host"}}; Http::TestRequestHeaderMapImpl rhs{{":method", "GET"}, {":path", "/"}, {":authority", "host"}}; EXPECT_TRUE(TestUtility::headerMapEqualIgnoreOrder(lhs, rhs)); EXPECT_EQ(lhs, rhs); } TEST(HeaderMapEqualIgnoreOrder, IgnoreOrder) { Http::TestRequestHeaderMapImpl lhs{{":method", "GET"}, {":authority", "host"}, {":path", "/"}}; Http::TestRequestHeaderMapImpl rhs{{":method", "GET"}, {":path", "/"}, {":authority", "host"}}; EXPECT_TRUE(TestUtility::headerMapEqualIgnoreOrder(lhs, rhs)); EXPECT_THAT(&lhs, HeaderMapEqualIgnoreOrder(&rhs)); EXPECT_FALSE(lhs == rhs); } TEST(HeaderMapEqualIgnoreOrder, NotEqual) { Http::TestRequestHeaderMapImpl lhs{ {":method", "GET"}, {":authority", "host"}, {":authority", "host"}}; Http::TestRequestHeaderMapImpl rhs{{":method", "GET"}, {":authority", "host"}}; EXPECT_FALSE(TestUtility::headerMapEqualIgnoreOrder(lhs, rhs)); } TEST(ProtoEqIgnoreField, ActuallyEqual) { // Ignored field equal { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_response_nonce("nonce"); rhs.set_response_nonce("nonce"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_TRUE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field not equal { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_response_nonce("nonce"); rhs.set_response_nonce("noncense"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_TRUE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field not present { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_TRUE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field only present in one { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; rhs.set_response_nonce("noncense"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_TRUE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } } TEST(ProtoEqIgnoreField, NotEqual) { // Ignored field equal { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_response_nonce("nonce"); rhs.set_response_nonce("nonce"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.Listener"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_FALSE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field not equal { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_response_nonce("nonce"); rhs.set_response_nonce("noncense"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.Listener"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_FALSE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field not present { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; lhs.set_type_url("type.googleapis.com/envoy.api.v2.Listener"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_FALSE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } // Ignored field only present in one { envoy::service::discovery::v3::DeltaDiscoveryRequest lhs, rhs; rhs.set_response_nonce("noncense"); lhs.set_type_url("type.googleapis.com/envoy.api.v2.Listener"); rhs.set_type_url("type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"); EXPECT_FALSE(TestUtility::protoEqualIgnoringField(lhs, rhs, "response_nonce")); } } TEST(BuffersEqual, Aligned) { Buffer::OwnedImpl buffer1, buffer2; EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); buffer1.appendSliceForTest("hello"); EXPECT_FALSE(TestUtility::buffersEqual(buffer1, buffer2)); buffer2.appendSliceForTest("hello"); EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); buffer1.appendSliceForTest(", world"); EXPECT_FALSE(TestUtility::buffersEqual(buffer1, buffer2)); buffer2.appendSliceForTest(", world"); EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); } TEST(BuffersEqual, NonAligned) { Buffer::OwnedImpl buffer1, buffer2; EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); buffer1.appendSliceForTest("hello"); EXPECT_FALSE(TestUtility::buffersEqual(buffer1, buffer2)); buffer2.appendSliceForTest("hello"); EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); buffer1.appendSliceForTest(", "); buffer1.appendSliceForTest("world"); EXPECT_FALSE(TestUtility::buffersEqual(buffer1, buffer2)); buffer2.appendSliceForTest(", world"); EXPECT_TRUE(TestUtility::buffersEqual(buffer1, buffer2)); } } // namespace Envoy ================================================ FILE: test/test_common/wasm_base.h ================================================ #include #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/server/lifecycle_notifier.h" #include "common/buffer/buffer_impl.h" #include "common/http/message_impl.h" #include "common/stats/isolated_store_impl.h" #include "common/stream_info/stream_info_impl.h" #include "extensions/common/wasm/wasm.h" #include "extensions/common/wasm/wasm_state.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/http/mocks.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/mocks.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stream_info/mocks.h" #include "test/mocks/thread_local/mocks.h" #include "test/mocks/upstream/mocks.h" #include "test/test_common/environment.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace Envoy { namespace Extensions { namespace Common { namespace Wasm { #define MOCK_CONTEXT_LOG_ \ using Context::log; \ proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { \ log_(static_cast(level), message); \ return proxy_wasm::WasmResult::Ok; \ } \ MOCK_METHOD2(log_, void(spdlog::level::level_enum level, absl::string_view message)) class DeferredRunner { public: ~DeferredRunner() { if (f_) { f_(); } } void setFunction(std::function f) { f_ = f; } private: std::function f_; }; template class WasmTestBase : public Base { public: // NOLINTNEXTLINE(readability-identifier-naming) void SetUp() override { clearCodeCacheForTesting(); } void setupBase(const std::string& runtime, const std::string& code, CreateContextFn create_root, std::string root_id = "", std::string vm_configuration = "", bool fail_open = false, std::string plugin_configuration = "") { envoy::extensions::wasm::v3::VmConfig vm_config; vm_config.set_vm_id("vm_id"); vm_config.set_runtime(absl::StrCat("envoy.wasm.runtime.", runtime)); ProtobufWkt::StringValue vm_configuration_string; vm_configuration_string.set_value(vm_configuration); vm_config.mutable_configuration()->PackFrom(vm_configuration_string); vm_config.mutable_code()->mutable_local()->set_inline_bytes(code); Api::ApiPtr api = Api::createApiForTest(stats_store_); scope_ = Stats::ScopeSharedPtr(stats_store_.createScope("wasm.")); auto name = "plugin_name"; auto vm_id = ""; plugin_ = std::make_shared( name, root_id, vm_id, runtime, plugin_configuration, fail_open, envoy::config::core::v3::TrafficDirection::INBOUND, local_info_, &listener_metadata_); // Passes ownership of root_context_. Extensions::Common::Wasm::createWasm( vm_config, plugin_, scope_, cluster_manager_, init_manager_, dispatcher_, *api, lifecycle_notifier_, remote_data_provider_, [this](WasmHandleSharedPtr wasm) { wasm_ = wasm; }, create_root); if (wasm_) { wasm_ = getOrCreateThreadLocalWasm( wasm_, plugin_, dispatcher_, [this, create_root](Wasm* wasm, const std::shared_ptr& plugin) { root_context_ = static_cast(create_root(wasm, plugin)); return root_context_; }); } } WasmHandleSharedPtr& wasm() { return wasm_; } Context* rootContext() { return root_context_; } DeferredRunner deferred_runner_; Stats::IsolatedStoreImpl stats_store_; Stats::ScopeSharedPtr scope_; NiceMock tls_; NiceMock dispatcher_; NiceMock cluster_manager_; NiceMock init_manager_; WasmHandleSharedPtr wasm_; PluginSharedPtr plugin_; NiceMock ssl_; NiceMock connection_; NiceMock decoder_callbacks_; NiceMock encoder_callbacks_; NiceMock local_info_; NiceMock lifecycle_notifier_; envoy::config::core::v3::Metadata listener_metadata_; Context* root_context_ = nullptr; // Unowned. Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; template class WasmHttpFilterTestBase : public WasmTestBase { public: template void setupFilterBase(const std::string root_id = "") { auto wasm = WasmTestBase::wasm_ ? WasmTestBase::wasm_->wasm().get() : nullptr; int root_context_id = wasm ? wasm->getRootContext(root_id)->id() : 0; context_ = std::make_unique(wasm, root_context_id, WasmTestBase::plugin_); context_->setDecoderFilterCallbacks(decoder_callbacks_); context_->setEncoderFilterCallbacks(encoder_callbacks_); } std::unique_ptr context_; NiceMock decoder_callbacks_; NiceMock encoder_callbacks_; NiceMock request_stream_info_; }; template class WasmNetworkFilterTestBase : public WasmTestBase { public: template void setupFilterBase(const std::string root_id = "") { auto wasm = WasmTestBase::wasm_ ? WasmTestBase::wasm_->wasm().get() : nullptr; int root_context_id = wasm ? wasm->getRootContext(root_id)->id() : 0; context_ = std::make_unique(wasm, root_context_id, WasmTestBase::plugin_); context_->initializeReadFilterCallbacks(read_filter_callbacks_); context_->initializeWriteFilterCallbacks(write_filter_callbacks_); } std::unique_ptr context_; NiceMock read_filter_callbacks_; NiceMock write_filter_callbacks_; }; } // namespace Wasm } // namespace Common } // namespace Extensions } // namespace Envoy ================================================ FILE: test/test_listener.cc ================================================ #include "test/test_listener.h" #include "common/common/assert.h" #include "test/test_common/global.h" namespace Envoy { void TestListener::OnTestEnd(const ::testing::TestInfo& test_info) { // Check that all singletons have been destroyed. std::string active_singletons = Envoy::Test::Globals::describeActiveSingletons(); RELEASE_ASSERT(active_singletons.empty(), absl::StrCat("FAIL [", test_info.test_suite_name(), ".", test_info.name(), "]: Active singletons exist. Something is leaking. Consider " "commenting out this assert and letting the heap checker run:\n", active_singletons)); } } // namespace Envoy ================================================ FILE: test/test_listener.h ================================================ #pragma once #include "gtest/gtest.h" namespace Envoy { // Provides a test listener to be called after each test method. This offers // a place to put hooks we'd like to run on every test. There's currently a // check that all test-scoped singletons have been destroyed. A test-scoped // singleton might remain at the end of a test if it's transitively referenced // by a leaked structure or a static. // // In the future, we can also add: // - a test-specific ThreadFactory that enables us to verify there are no // outstanding threads at the end of each thread. // - a check that no more bytes of memory are allocated at the end of a test // than there were at the start of it. This is likely to fail in a few // places when introduced, but we could add known test overrides for this. // // Note: nothing compute-intensive should be put in this class, as it will // be a tax paid by every test method in the codebase. class TestListener : public ::testing::EmptyTestEventListener { void OnTestEnd(const ::testing::TestInfo& test_info) override; }; } // namespace Envoy ================================================ FILE: test/test_runner.cc ================================================ #include "test/test_runner.h" #include #include "common/common/logger.h" #include "common/common/logger_delegates.h" #include "common/common/thread.h" #include "common/event/libevent.h" #include "common/runtime/runtime_features.h" #include "exe/process_wide.h" #include "server/backtrace.h" #include "test/common/runtime/utility.h" #include "test/mocks/access_log/mocks.h" #include "test/test_common/environment.h" #include "test/test_listener.h" #include "gmock/gmock.h" namespace Envoy { namespace { std::string findAndRemove(const std::regex& pattern, int& argc, char**& argv) { std::smatch matched; std::string return_value; for (int i = 0; i < argc; ++i) { if (return_value.empty()) { std::string argument = std::string(argv[i]); if (regex_search(argument, matched, pattern)) { return_value = matched[1]; argc--; } } if (!return_value.empty() && i < argc) { argv[i] = argv[i + 1]; } } return return_value; } // This class is created iff a test is run with the special runtime override flag. class RuntimeManagingListener : public ::testing::EmptyTestEventListener { public: RuntimeManagingListener(std::string& runtime_override, bool disable = false) : runtime_override_(runtime_override), disable_(disable) {} // On each test start, edit RuntimeFeaturesDefaults with our custom runtime defaults. void OnTestStart(const ::testing::TestInfo&) override { if (!runtime_override_.empty()) { bool reset = disable_ ? Runtime::RuntimeFeaturesPeer::disableFeature(runtime_override_) : Runtime::RuntimeFeaturesPeer::enableFeature(runtime_override_); if (!reset) { // If the entry was already in the hash map, don't remove it OnTestEnd. runtime_override_.clear(); } } } // As each test ends, clean up the RuntimeFeaturesDefaults state. void OnTestEnd(const ::testing::TestInfo&) override { if (!runtime_override_.empty()) { disable_ ? Runtime::RuntimeFeaturesPeer::enableFeature(runtime_override_) : Runtime::RuntimeFeaturesPeer::disableFeature(runtime_override_); } } std::string runtime_override_; // This marks whether the runtime feature was enabled by default and needs to be overridden to // false. bool disable_; }; } // namespace int TestRunner::RunTests(int argc, char** argv) { ::testing::InitGoogleMock(&argc, argv); // We hold on to process_wide to provide RAII cleanup of process-wide // state. ProcessWide process_wide; // Add a test-listener so we can call a hook where we can do a quiescence // check after each method. See // https://github.com/google/googletest/blob/master/googletest/docs/advanced.md // for details. ::testing::TestEventListeners& listeners = ::testing::UnitTest::GetInstance()->listeners(); listeners.Append(new TestListener); // Use the recommended, but not default, "threadsafe" style for the Death Tests. // See: https://github.com/google/googletest/commit/84ec2e0365d791e4ebc7ec249f09078fb5ab6caa ::testing::FLAGS_gtest_death_test_style = "threadsafe"; // Set gtest properties // (https://github.com/google/googletest/blob/master/googletest/docs/advanced.md#logging-additional-information), // they are available in the test XML. // TODO(htuch): Log these as well? testing::Test::RecordProperty("TemporaryDirectory", TestEnvironment::temporaryDirectory()); TestEnvironment::setEnvVar("TEST_UDSDIR", TestEnvironment::unixDomainSocketDirectory(), 1); // Before letting TestEnvironment latch argv and argc, remove any runtime override flag. // This allows doing test overrides of Envoy runtime features without adding // test flags to the Envoy production command line. const std::regex ENABLE_PATTERN{"--runtime-feature-override-for-tests=(.*)", std::regex::optimize}; std::string runtime_override_enable = findAndRemove(ENABLE_PATTERN, argc, argv); if (!runtime_override_enable.empty()) { ENVOY_LOG_TO_LOGGER(Logger::Registry::getLog(Logger::Id::testing), info, "Running with runtime feature override enable {}", runtime_override_enable); // Set up a listener which will create a global runtime and set the feature // to true for the duration of each test instance. ::testing::TestEventListeners& listeners = ::testing::UnitTest::GetInstance()->listeners(); listeners.Append(new RuntimeManagingListener(runtime_override_enable)); } const std::regex DISABLE_PATTERN{"--runtime-feature-disable-for-tests=(.*)", std::regex::optimize}; std::string runtime_override_disable = findAndRemove(DISABLE_PATTERN, argc, argv); if (!runtime_override_disable.empty()) { ENVOY_LOG_TO_LOGGER(Logger::Registry::getLog(Logger::Id::testing), info, "Running with runtime feature override disable {}", runtime_override_disable); // Set up a listener which will create a global runtime and set the feature // to false for the duration of each test instance. ::testing::TestEventListeners& listeners = ::testing::UnitTest::GetInstance()->listeners(); listeners.Append(new RuntimeManagingListener(runtime_override_disable, true)); } #ifdef ENVOY_CONFIG_COVERAGE // Coverage tests are run with -l trace --log-path /dev/null, in order to // ensure that all of the code-paths from the maximum level of tracing are // covered in tests, but we don't wind up filling up CI with useless detailed // artifacts. // // The downside of this is that if there's a crash, the backtrace is lost, as // the backtracing mechanism uses logging, so force the backtraces to stderr. BackwardsTrace::setLogToStderr(true); #endif TestEnvironment::initializeOptions(argc, argv); Thread::MutexBasicLockable lock; Server::Options& options = TestEnvironment::getOptions(); Logger::Context logging_state(options.logLevel(), options.logFormat(), lock, false, options.enableFineGrainLogging()); // Allocate fake log access manager. testing::NiceMock access_log_manager; std::unique_ptr file_logger; // Redirect all logs to fake file when --log-path arg is specified in command line. if (!TestEnvironment::getOptions().logPath().empty()) { file_logger = std::make_unique( TestEnvironment::getOptions().logPath(), access_log_manager, Logger::Registry::getSink()); } return RUN_ALL_TESTS(); } } // namespace Envoy ================================================ FILE: test/test_runner.h ================================================ #pragma once namespace Envoy { class TestRunner { public: static int RunTests(int argc, char** argv); }; } // namespace Envoy ================================================ FILE: test/tools/config_load_check/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_binary", "envoy_cc_test_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test_library( name = "config_load_check_lib", srcs = ["config_load_check.cc"], deps = [ "//source/common/config:protobuf_link_hacks", "//test/config_test:config_test_lib", ], ) envoy_cc_test_binary( name = "config_load_check_tool", deps = [ ":config_load_check_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//source/common/config:protobuf_link_hacks", "//source/common/event:libevent_lib", ], ) ================================================ FILE: test/tools/config_load_check/config_load_check.cc ================================================ // NOLINT(namespace-envoy) #include #include #include #include "common/common/fmt.h" #include "common/common/logger.h" #include "common/common/thread.h" #include "common/config/protobuf_link_hacks.h" #include "common/event/libevent.h" #include "test/config_test/config_test.h" #include "gtest/gtest.h" int main(int argc, char* argv[]) { if (argc != 2) { std::cerr << "Usage: config_load_check PATH\n" "\nValidate configuration files against json schema\n" "\n\tPATH - root of the path that holds the json files to verify." " The tool recursively searches for json files to validate." << std::endl; return EXIT_FAILURE; } try { Envoy::Event::Libevent::Global::initialize(); Envoy::Thread::MutexBasicLockable lock; Envoy::Logger::Context logging_context(static_cast(2), Envoy::Logger::Logger::DEFAULT_LOG_FORMAT, lock, false); const uint32_t num_tested = Envoy::ConfigTest::run(std::string(argv[1])); std::cout << fmt::format("Configs tested: {}. ", num_tested); if (testing::Test::HasFailure()) { std::cerr << "There were failures. Please Fix your configuration files." << std::endl; return EXIT_FAILURE; } else { std::cout << "No failures." << std::endl; return EXIT_SUCCESS; } } catch (const std::runtime_error& e) { // catch directory not found runtime exception. std::cerr << e.what() << std::endl; } return EXIT_FAILURE; } ================================================ FILE: test/tools/router_check/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_binary", "envoy_cc_test_library", "envoy_package", "envoy_proto_library", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test_binary( name = "router_check_tool", deps = [":router_check_main_lib"], ) envoy_cc_test_library( name = "router_check_main_lib", srcs = [ "coverage.cc", "coverage.h", "router.cc", "router.h", "router_check.cc", ], copts = ["-DHAVE_LONG_LONG"], external_deps = ["tclap"], deps = [ ":validation_proto_cc_proto", "//source/common/event:dispatcher_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/json:json_loader_lib", "//source/common/router:config_lib", "//source/common/stats:stats_lib", "//source/common/stream_info:stream_info_lib", "//source/exe:platform_impl_lib", "//test/mocks/server:instance_mocks", "//test/test_common:printers_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) envoy_proto_library( name = "validation_proto", srcs = ["validation.proto"], deps = [ "@envoy_api//envoy/config/core/v3:pkg", "@envoy_api//envoy/config/route/v3:pkg", ], ) ================================================ FILE: test/tools/router_check/coverage.cc ================================================ #include "test/tools/router_check/coverage.h" #include namespace Envoy { double RouteCoverage::report() { uint64_t route_weight = 0; for (auto covered_field : coverageFields()) { if (covered_field) { route_weight += 1; } } return static_cast(route_weight) / coverageFields().size(); } std::vector RouteCoverage::coverageFields() { if (route_entry_ != nullptr) { return std::vector{cluster_covered_, virtual_cluster_covered_, virtual_host_covered_, path_rewrite_covered_, host_rewrite_covered_}; } else if (direct_response_entry_ != nullptr) { return std::vector{redirect_path_covered_}; } else { return std::vector{}; } } void Coverage::markClusterCovered(const Envoy::Router::Route& route) { coveredRoute(route).setClusterCovered(); } void Coverage::markVirtualClusterCovered(const Envoy::Router::Route& route) { coveredRoute(route).setVirtualClusterCovered(); } void Coverage::markVirtualHostCovered(const Envoy::Router::Route& route) { coveredRoute(route).setVirtualHostCovered(); } void Coverage::markPathRewriteCovered(const Envoy::Router::Route& route) { coveredRoute(route).setPathRewriteCovered(); } void Coverage::markHostRewriteCovered(const Envoy::Router::Route& route) { coveredRoute(route).setHostRewriteCovered(); } void Coverage::markRedirectPathCovered(const Envoy::Router::Route& route) { coveredRoute(route).setRedirectPathCovered(); } double Coverage::report() { uint64_t num_routes = 0; for (const auto& host : route_config_.virtual_hosts()) { for (const auto& route : host.routes()) { if (route.route().has_weighted_clusters()) { num_routes += route.route().weighted_clusters().clusters_size(); } else { num_routes += 1; } } } return 100 * static_cast(covered_routes_.size()) / num_routes; } double Coverage::detailedReport() { std::set all_route_names; std::set covered_route_names; uint64_t num_routes = 0; for (const auto& host : route_config_.virtual_hosts()) { for (const auto& route : host.routes()) { if (route.route().has_weighted_clusters()) { num_routes += route.route().weighted_clusters().clusters_size(); } else { num_routes += 1; } all_route_names.emplace(route.name()); } } double cumulative_coverage = 0; for (auto& covered_route : covered_routes_) { cumulative_coverage += covered_route->report(); covered_route_names.emplace(covered_route->routeName()); } printMissingTests(all_route_names, covered_route_names); return 100 * cumulative_coverage / num_routes; } void Coverage::printMissingTests(const std::set& all_route_names, const std::set& covered_route_names) { std::set missing_route_names; std::set_difference(all_route_names.begin(), all_route_names.end(), covered_route_names.begin(), covered_route_names.end(), std::inserter(missing_route_names, missing_route_names.end())); for (const auto& host : route_config_.virtual_hosts()) { for (const auto& route : host.routes()) { if (missing_route_names.find(route.name()) != missing_route_names.end()) { std::cout << "Missing test for host: " << host.name() << ", route: " << route.match().DebugString() << std::endl; } } } } RouteCoverage& Coverage::coveredRoute(const Envoy::Router::Route& route) { std::string route_name; if (route.routeEntry() != nullptr) { const Envoy::Router::RouteEntry* route_entry = route.routeEntry(); route_name = route.routeEntry()->routeName(); for (auto& route_coverage : covered_routes_) { if (route_coverage->covers(route_entry)) { return *route_coverage; } } std::unique_ptr new_coverage = std::make_unique(route_entry, route_name); covered_routes_.push_back(std::move(new_coverage)); return coveredRoute(route); } else if (route.directResponseEntry() != nullptr) { const Envoy::Router::DirectResponseEntry* direct_response_entry = route.directResponseEntry(); route_name = route.directResponseEntry()->routeName(); for (auto& route_coverage : covered_routes_) { if (route_coverage->covers(direct_response_entry)) { return *route_coverage; } } std::unique_ptr new_coverage = std::make_unique(direct_response_entry, route_name); covered_routes_.push_back(std::move(new_coverage)); return coveredRoute(route); } NOT_REACHED_GCOVR_EXCL_LINE; }; } // namespace Envoy ================================================ FILE: test/tools/router_check/coverage.h ================================================ #pragma once #include "envoy/config/route/v3/route.pb.h" #include "envoy/router/router.h" namespace Envoy { class RouteCoverage : Logger::Loggable { public: RouteCoverage(const Envoy::Router::RouteEntry* route, const std::string route_name) : route_entry_(route), direct_response_entry_(nullptr), route_name_(route_name){}; RouteCoverage(const Envoy::Router::DirectResponseEntry* route, const std::string route_name) : route_entry_(nullptr), direct_response_entry_(route), route_name_(route_name){}; double report(); void setClusterCovered() { cluster_covered_ = true; } void setVirtualClusterCovered() { virtual_cluster_covered_ = true; } void setVirtualHostCovered() { virtual_host_covered_ = true; } void setPathRewriteCovered() { path_rewrite_covered_ = true; } void setHostRewriteCovered() { host_rewrite_covered_ = true; } void setRedirectPathCovered() { redirect_path_covered_ = true; } bool covers(const Envoy::Router::RouteEntry* route) { return route_entry_ == route; } bool covers(const Envoy::Router::DirectResponseEntry* route) { return direct_response_entry_ == route; } const std::string routeName() { return route_name_; }; private: const Envoy::Router::RouteEntry* route_entry_; const Envoy::Router::DirectResponseEntry* direct_response_entry_; const std::string route_name_; bool cluster_covered_{false}; bool virtual_cluster_covered_{false}; bool virtual_host_covered_{false}; bool path_rewrite_covered_{false}; bool host_rewrite_covered_{false}; bool redirect_path_covered_{false}; std::vector coverageFields(); }; class Coverage : Logger::Loggable { public: Coverage(envoy::config::route::v3::RouteConfiguration config) : route_config_(config){}; void markClusterCovered(const Envoy::Router::Route& route); void markVirtualClusterCovered(const Envoy::Router::Route& route); void markVirtualHostCovered(const Envoy::Router::Route& route); void markPathRewriteCovered(const Envoy::Router::Route& route); void markHostRewriteCovered(const Envoy::Router::Route& route); void markRedirectPathCovered(const Envoy::Router::Route& route); double report(); double detailedReport(); private: RouteCoverage& coveredRoute(const Envoy::Router::Route& route); void printMissingTests(const std::set& all_route_names, const std::set& covered_route_names); std::vector> covered_routes_; const envoy::config::route::v3::RouteConfiguration route_config_; }; } // namespace Envoy ================================================ FILE: test/tools/router_check/router.cc ================================================ #include "test/tools/router_check/router.h" #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/random_generator.h" #include "common/network/utility.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/stream_info/stream_info_impl.h" #include "test/test_common/printers.h" namespace { const std::string toString(envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase specifier) { switch (specifier) { case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kExactMatch: return "exact_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: kHiddenEnvoyDeprecatedRegexMatch: return "regex_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kSafeRegexMatch: return "safe_regex_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kRangeMatch: return "range_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPresentMatch: case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: HEADER_MATCH_SPECIFIER_NOT_SET: return "present_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPrefixMatch: return "prefix_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kSuffixMatch: return "suffix_match"; break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kContainsMatch: return "contains_match"; break; } NOT_REACHED_GCOVR_EXCL_LINE; } const std::string toString(const Envoy::Http::HeaderEntry* entry) { return entry == nullptr ? "NULL" : std::string(entry->value().getStringView()); } } // namespace namespace Envoy { // static ToolConfig ToolConfig::create(const envoy::RouterCheckToolSchema::ValidationItem& check_config) { // Add header field values std::unique_ptr request_headers( new Http::TestRequestHeaderMapImpl()); std::unique_ptr response_headers( new Http::TestResponseHeaderMapImpl()); request_headers->addCopy(":authority", check_config.input().authority()); request_headers->addCopy(":path", check_config.input().path()); request_headers->addCopy(":method", check_config.input().method()); request_headers->addCopy("x-forwarded-proto", check_config.input().ssl() ? "https" : "http"); if (check_config.input().internal()) { request_headers->addCopy("x-envoy-internal", "true"); } if (check_config.input().additional_request_headers().data()) { for (const envoy::config::core::v3::HeaderValue& header_config : check_config.input().additional_request_headers()) { request_headers->addCopy(header_config.key(), header_config.value()); } } if (check_config.input().additional_response_headers().data()) { for (const envoy::config::core::v3::HeaderValue& header_config : check_config.input().additional_response_headers()) { response_headers->addCopy(header_config.key(), header_config.value()); } } return ToolConfig(std::move(request_headers), std::move(response_headers), check_config.input().random_value()); } ToolConfig::ToolConfig(std::unique_ptr request_headers, std::unique_ptr response_headers, int random_value) : request_headers_(std::move(request_headers)), response_headers_(std::move(response_headers)), random_value_(random_value) {} // static RouterCheckTool RouterCheckTool::create(const std::string& router_config_file, const bool disable_deprecation_check) { // TODO(hennna): Allow users to load a full config and extract the route configuration from it. envoy::config::route::v3::RouteConfiguration route_config; auto stats = std::make_unique(); auto api = Api::createApiForTest(*stats); TestUtility::loadFromFile(router_config_file, route_config, *api); assignUniqueRouteNames(route_config); assignRuntimeFraction(route_config); auto factory_context = std::make_unique>(); auto config = std::make_unique( route_config, *factory_context, ProtobufMessage::getNullValidationVisitor(), false); if (!disable_deprecation_check) { MessageUtil::checkForUnexpectedFields(route_config, ProtobufMessage::getStrictValidationVisitor(), &factory_context->runtime_loader_); } return RouterCheckTool(std::move(factory_context), std::move(config), std::move(stats), std::move(api), Coverage(route_config)); } void RouterCheckTool::assignUniqueRouteNames( envoy::config::route::v3::RouteConfiguration& route_config) { Random::RandomGeneratorImpl random; for (auto& host : *route_config.mutable_virtual_hosts()) { for (auto& route : *host.mutable_routes()) { route.set_name(random.uuid()); } } } void RouterCheckTool::assignRuntimeFraction( envoy::config::route::v3::RouteConfiguration& route_config) { for (auto& host : *route_config.mutable_virtual_hosts()) { for (auto& route : *host.mutable_routes()) { if (route.match().has_runtime_fraction() && route.match().runtime_fraction().default_value().numerator() == 0) { route.mutable_match()->mutable_runtime_fraction()->mutable_default_value()->set_numerator( 1); } } } } void RouterCheckTool::finalizeHeaders(ToolConfig& tool_config, Envoy::StreamInfo::StreamInfoImpl stream_info) { if (!headers_finalized_ && tool_config.route_ != nullptr) { if (tool_config.route_->directResponseEntry() != nullptr) { tool_config.route_->directResponseEntry()->rewritePathHeader(*tool_config.request_headers_, true); sendLocalReply(tool_config, *tool_config.route_->directResponseEntry()); tool_config.route_->directResponseEntry()->finalizeResponseHeaders( *tool_config.response_headers_, stream_info); } else if (tool_config.route_->routeEntry() != nullptr) { tool_config.route_->routeEntry()->finalizeRequestHeaders(*tool_config.request_headers_, stream_info, true); tool_config.route_->routeEntry()->finalizeResponseHeaders(*tool_config.response_headers_, stream_info); } } headers_finalized_ = true; } void RouterCheckTool::sendLocalReply(ToolConfig& tool_config, const Router::DirectResponseEntry& entry) { auto encode_functions = Envoy::Http::Utility::EncodeFunctions{ nullptr, nullptr, [&](Envoy::Http::ResponseHeaderMapPtr&& headers, bool end_stream) -> void { UNREFERENCED_PARAMETER(end_stream); Http::HeaderMapImpl::copyFrom(*tool_config.response_headers_->header_map_, *headers); }, [&](Envoy::Buffer::Instance& data, bool end_stream) -> void { UNREFERENCED_PARAMETER(data); UNREFERENCED_PARAMETER(end_stream); }}; bool is_grpc = false; bool is_head_request = false; Envoy::Http::Utility::LocalReplyData local_reply_data{ is_grpc, entry.responseCode(), entry.responseBody(), absl::nullopt, is_head_request}; Envoy::Http::Utility::sendLocalReply(false, encode_functions, local_reply_data); } RouterCheckTool::RouterCheckTool( std::unique_ptr> factory_context, std::unique_ptr config, std::unique_ptr stats, Api::ApiPtr api, Coverage coverage) : factory_context_(std::move(factory_context)), config_(std::move(config)), stats_(std::move(stats)), api_(std::move(api)), coverage_(std::move(coverage)) { ON_CALL(factory_context_->runtime_loader_.snapshot_, featureEnabled(_, testing::An(), testing::An())) .WillByDefault(testing::Invoke(this, &RouterCheckTool::runtimeMock)); } Json::ObjectSharedPtr loadFromFile(const std::string& file_path, Api::Api& api) { std::string contents = api.fileSystem().fileReadToEnd(file_path); if (absl::EndsWith(file_path, ".yaml")) { contents = MessageUtil::getJsonStringFromMessage(ValueUtil::loadFromYaml(contents)); } return Json::Factory::loadFromString(contents); } bool RouterCheckTool::compareEntries(const std::string& expected_routes) { envoy::RouterCheckToolSchema::Validation validation_config; auto stats = std::make_unique(); auto api = Api::createApiForTest(*stats); const std::string contents = api->fileSystem().fileReadToEnd(expected_routes); TestUtility::loadFromFile(expected_routes, validation_config, *api); TestUtility::validate(validation_config); bool no_failures = true; for (const envoy::RouterCheckToolSchema::ValidationItem& check_config : validation_config.tests()) { active_runtime_ = check_config.input().runtime(); headers_finalized_ = false; Envoy::StreamInfo::StreamInfoImpl stream_info(Envoy::Http::Protocol::Http11, factory_context_->dispatcher().timeSource()); stream_info.setDownstreamRemoteAddress(Network::Utility::getCanonicalIpv4LoopbackAddress()); ToolConfig tool_config = ToolConfig::create(check_config); tool_config.route_ = config_->route(*tool_config.request_headers_, stream_info, tool_config.random_value_); const std::string& test_name = check_config.test_name(); tests_.emplace_back(test_name, std::vector{}); const envoy::RouterCheckToolSchema::ValidationAssert& validate = check_config.validate(); using CheckerFunc = std::function; CheckerFunc checkers[] = { [this](auto&... params) -> bool { return this->compareCluster(params...); }, [this](auto&... params) -> bool { return this->compareVirtualCluster(params...); }, [this](auto&... params) -> bool { return this->compareVirtualHost(params...); }, [this](auto&... params) -> bool { return this->compareRewritePath(params...); }, [this](auto&... params) -> bool { return this->compareRewriteHost(params...); }, [this](auto&... params) -> bool { return this->compareRedirectPath(params...); }, [this](auto&... params) -> bool { return this->compareRequestHeaderFields(params...); }, [this](auto&... params) -> bool { return this->compareResponseHeaderFields(params...); }, }; finalizeHeaders(tool_config, stream_info); // Call appropriate function for each match case. for (const auto& test : checkers) { if (!test(tool_config, validate)) { no_failures = false; } } } printResults(); return no_failures; } bool RouterCheckTool::compareCluster(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->routeEntry() != nullptr) { actual = tool_config.route_->routeEntry()->clusterName(); } const bool matches = compareResults(actual, expected, "cluster_name"); if (matches && tool_config.route_->routeEntry() != nullptr) { coverage_.markClusterCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareCluster( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_cluster_name()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.cluster_name().value(), "cluster_name"); } return compareCluster(tool_config, expected.cluster_name().value()); } bool RouterCheckTool::compareVirtualCluster(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->routeEntry() != nullptr && tool_config.route_->routeEntry()->virtualCluster(*tool_config.request_headers_) != nullptr) { Stats::StatName stat_name = tool_config.route_->routeEntry()->virtualCluster(*tool_config.request_headers_)->statName(); actual = tool_config.symbolTable().toString(stat_name); } const bool matches = compareResults(actual, expected, "virtual_cluster_name"); if (matches && tool_config.route_->routeEntry() != nullptr) { coverage_.markVirtualClusterCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareVirtualCluster( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_virtual_cluster_name()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.virtual_cluster_name().value(), "virtual_cluster_name"); } return compareVirtualCluster(tool_config, expected.virtual_cluster_name().value()); } bool RouterCheckTool::compareVirtualHost(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->routeEntry() != nullptr) { Stats::StatName stat_name = tool_config.route_->routeEntry()->virtualHost().statName(); actual = tool_config.symbolTable().toString(stat_name); } const bool matches = compareResults(actual, expected, "virtual_host_name"); if (matches && tool_config.route_->routeEntry() != nullptr) { coverage_.markVirtualHostCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareVirtualHost( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_virtual_host_name()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.virtual_host_name().value(), "virtual_host_name"); } return compareVirtualHost(tool_config, expected.virtual_host_name().value()); } bool RouterCheckTool::compareRewritePath(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->routeEntry() != nullptr) { actual = tool_config.request_headers_->get_(Http::Headers::get().Path); } const bool matches = compareResults(actual, expected, "path_rewrite"); if (matches && tool_config.route_->routeEntry() != nullptr) { coverage_.markPathRewriteCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareRewritePath( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_path_rewrite()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.path_rewrite().value(), "path_rewrite"); } return compareRewritePath(tool_config, expected.path_rewrite().value()); } bool RouterCheckTool::compareRewriteHost(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->routeEntry() != nullptr) { actual = tool_config.request_headers_->get_(Http::Headers::get().Host); } const bool matches = compareResults(actual, expected, "host_rewrite"); if (matches && tool_config.route_->routeEntry() != nullptr) { coverage_.markHostRewriteCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareRewriteHost( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_host_rewrite()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.host_rewrite().value(), "host_rewrite"); } return compareRewriteHost(tool_config, expected.host_rewrite().value()); } bool RouterCheckTool::compareRedirectPath(ToolConfig& tool_config, const std::string& expected) { std::string actual = ""; if (tool_config.route_->directResponseEntry() != nullptr) { actual = tool_config.route_->directResponseEntry()->newPath(*tool_config.request_headers_); } const bool matches = compareResults(actual, expected, "path_redirect"); if (matches && tool_config.route_->directResponseEntry() != nullptr) { coverage_.markRedirectPathCovered(*tool_config.route_); } return matches; } bool RouterCheckTool::compareRedirectPath( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { if (!expected.has_path_redirect()) { return true; } if (tool_config.route_ == nullptr) { return compareResults("", expected.path_redirect().value(), "path_redirect"); } return compareRedirectPath(tool_config, expected.path_redirect().value()); } bool RouterCheckTool::compareRequestHeaderFields( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { bool no_failures = true; if (expected.request_header_matches().data()) { for (const envoy::config::route::v3::HeaderMatcher& header : expected.request_header_matches()) { if (!matchHeaderField(*tool_config.request_headers_, header, "request_header_matches")) { no_failures = false; } } } // TODO(kb000) : Remove deprecated request_header_fields. if (expected.request_header_fields().data()) { for (const envoy::config::core::v3::HeaderValue& header : expected.request_header_fields()) { auto actual = tool_config.request_headers_->get_(header.key()); auto const& expected = header.value(); if (!compareResults(actual, expected, "request_header_fields")) { no_failures = false; } } } return no_failures; } bool RouterCheckTool::compareResponseHeaderFields( ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected) { bool no_failures = true; if (expected.response_header_matches().data()) { for (const envoy::config::route::v3::HeaderMatcher& header : expected.response_header_matches()) { if (!matchHeaderField(*tool_config.response_headers_, header, "response_header_matches")) { no_failures = false; } } } // TODO(kb000) : Remove deprecated response_header_fields. if (expected.response_header_fields().data()) { for (const envoy::config::core::v3::HeaderValue& header : expected.response_header_fields()) { auto actual = tool_config.response_headers_->get_(header.key()); auto const& expected = header.value(); if (!compareResults(actual, expected, "response_header_fields")) { no_failures = false; } } } return no_failures; } template bool RouterCheckTool::matchHeaderField(const HeaderMap& header_map, const envoy::config::route::v3::HeaderMatcher& header, const std::string test_type) { Envoy::Http::HeaderUtility::HeaderData expected_header_data{header}; if (Envoy::Http::HeaderUtility::matchHeaders(header_map, expected_header_data)) { return true; } // Test failed. Decide on what to log. std::string actual, expected; std::string match_test_type{test_type + "." + ::toString(header.header_match_specifier_case())}; switch (header.header_match_specifier_case()) { case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kExactMatch: actual = header.name() + ": " + ::toString(header_map.get(Http::LowerCaseString(header.name()))); expected = header.name() + ": " + header.exact_match(); reportFailure(actual, expected, match_test_type, !header.invert_match()); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPresentMatch: case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: HEADER_MATCH_SPECIFIER_NOT_SET: actual = "has(" + header.name() + "):" + (header.invert_match() ? "true" : "false"); expected = "has(" + header.name() + "):" + (header.invert_match() ? "false" : "true"); reportFailure(actual, expected, match_test_type); break; default: actual = header.name() + ": " + ::toString(header_map.get(Http::LowerCaseString(header.name()))); tests_.back().second.emplace_back("actual: [" + actual + "], test type: " + match_test_type); break; } return false; } bool RouterCheckTool::compareResults(const std::string& actual, const std::string& expected, const std::string& test_type, const bool expect_match) { if ((expected == actual) != expect_match) { reportFailure(actual, expected, test_type, expect_match); return false; } return true; } void RouterCheckTool::reportFailure(const std::string& actual, const std::string& expected, const std::string& test_type, const bool expect_match) { tests_.back().second.emplace_back("expected: [" + expected + "], " + "actual: " + (expect_match ? "" : "NOT ") + "[" + actual + "]," + " test type: " + test_type); } void RouterCheckTool::printResults() { // Output failure details to stdout if details_ flag is set to true for (const auto& test_result : tests_) { // All test names are printed if the details_ flag is true unless only_show_failures_ is // also true. if ((details_ && !only_show_failures_) || (only_show_failures_ && !test_result.second.empty())) { if (test_result.second.empty()) { std::cout << test_result.first << std::endl; } else { std::cerr << test_result.first << std::endl; for (const auto& failure : test_result.second) { std::cerr << failure << std::endl; } } } } } // The Mock for runtime value checks. // This is a simple implementation to mimic the actual runtime checks in Snapshot.featureEnabled bool RouterCheckTool::runtimeMock(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value, uint64_t random_value) { return !active_runtime_.empty() && key.compare(active_runtime_) == 0 && ProtobufPercentHelper::evaluateFractionalPercent(default_value, random_value); } Options::Options(int argc, char** argv) { TCLAP::CmdLine cmd("router_check_tool", ' ', "none", true); TCLAP::SwitchArg is_detailed("d", "details", "Show detailed test execution results", cmd, false); TCLAP::SwitchArg only_show_failures("", "only-show-failures", "Only display failing tests", cmd, false); TCLAP::SwitchArg disable_deprecation_check("", "disable-deprecation-check", "Disable deprecated fields check", cmd, false); TCLAP::ValueArg fail_under("f", "fail-under", "Fail if test coverage is under a specified amount", false, 0.0, "float", cmd); TCLAP::SwitchArg comprehensive_coverage( "", "covall", "Measure coverage by checking all route fields", cmd, false); TCLAP::ValueArg config_path("c", "config-path", "Path to configuration file.", false, "", "string", cmd); TCLAP::ValueArg test_path("t", "test-path", "Path to test file.", false, "", "string", cmd); TCLAP::UnlabeledMultiArg unlabelled_configs( "unlabelled-configs", "unlabelled configs", false, "unlabelledConfigStrings", cmd); try { cmd.parse(argc, argv); } catch (TCLAP::ArgException& e) { std::cerr << "error: " << e.error() << std::endl; exit(EXIT_FAILURE); } is_detailed_ = is_detailed.getValue(); only_show_failures_ = only_show_failures.getValue(); fail_under_ = fail_under.getValue(); comprehensive_coverage_ = comprehensive_coverage.getValue(); disable_deprecation_check_ = disable_deprecation_check.getValue(); config_path_ = config_path.getValue(); test_path_ = test_path.getValue(); if (config_path_.empty() || test_path_.empty()) { std::cerr << "error: " << "Both --config-path/c and --test-path/t are mandatory" << std::endl; exit(EXIT_FAILURE); } } } // namespace Envoy ================================================ FILE: test/tools/router_check/router.h ================================================ #pragma once #include #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/type/v3/percent.pb.h" #include "common/common/logger.h" #include "common/common/utility.h" #include "common/http/header_map_impl.h" #include "common/http/headers.h" #include "common/json/json_loader.h" #include "common/router/config_impl.h" #include "common/stats/symbol_table_impl.h" #include "common/stream_info/stream_info_impl.h" #include "test/mocks/server/instance.h" #include "test/test_common/global.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" #include "test/tools/router_check/coverage.h" #include "test/tools/router_check/validation.pb.h" #include "test/tools/router_check/validation.pb.validate.h" #include "tclap/CmdLine.h" namespace Envoy { /** * Struct that stores the configuration parameters of the router check tool extracted from a json * input file. */ struct ToolConfig { ToolConfig() = default; /** * @param check_config tool config proto object. * @return ToolConfig a ToolConfig instance with member variables set by the tool config json * file. */ static ToolConfig create(const envoy::RouterCheckToolSchema::ValidationItem& check_config); Stats::SymbolTable& symbolTable() { return *symbol_table_; } std::unique_ptr request_headers_; std::unique_ptr response_headers_; Router::RouteConstSharedPtr route_; int random_value_{0}; private: ToolConfig(std::unique_ptr request_headers, std::unique_ptr response_headers, int random_value); Stats::TestSymbolTable symbol_table_; }; /** * A route table check tool that check whether route parameters returned by a router match * what is expected. */ class RouterCheckTool : Logger::Loggable { public: /** * @param router_config_file v2 router config file. * @param disable_deprecation_check flag to disable the RouteConfig deprecated field check * @return RouterCheckTool a RouterCheckTool instance with member variables set by the router * config file. * */ static RouterCheckTool create(const std::string& router_config_file, const bool disable_deprecation_check); /** * @param expected_route_json tool config json file. * @return bool if all routes match what is expected. */ bool compareEntries(const std::string& expected_routes); /** * Set whether to print out match case details. */ void setShowDetails() { details_ = true; } /** * Set whether to only print failing match cases. */ void setOnlyShowFailures() { only_show_failures_ = true; } float coverage(bool detailed) { return detailed ? coverage_.detailedReport() : coverage_.report(); } private: RouterCheckTool( std::unique_ptr> factory_context, std::unique_ptr config, std::unique_ptr stats, Api::ApiPtr api, Coverage coverage); /** * Set UUID as the name for each route for detecting missing tests during the coverage check. */ static void assignUniqueRouteNames(envoy::config::route::v3::RouteConfiguration& route_config); /** * For each route with runtime fraction 0%, set the numerator to a nonzero value so the * route can be tested as enabled or disabled. */ static void assignRuntimeFraction(envoy::config::route::v3::RouteConfiguration& route_config); /** * Perform header transforms for any request/response headers for the route matched. * Can be called at most once for each test route. */ void finalizeHeaders(ToolConfig& tool_config, Envoy::StreamInfo::StreamInfoImpl stream_info); /* * Performs direct-response reply actions for a response entry. */ void sendLocalReply(ToolConfig& tool_config, const Router::DirectResponseEntry& entry); bool compareCluster(ToolConfig& tool_config, const std::string& expected); bool compareCluster(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareVirtualCluster(ToolConfig& tool_config, const std::string& expected); bool compareVirtualCluster(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareVirtualHost(ToolConfig& tool_config, const std::string& expected); bool compareVirtualHost(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareRewriteHost(ToolConfig& tool_config, const std::string& expected); bool compareRewriteHost(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareRewritePath(ToolConfig& tool_config, const std::string& expected); bool compareRewritePath(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareRedirectPath(ToolConfig& tool_config, const std::string& expected); bool compareRedirectPath(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareRequestHeaderFields(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); bool compareResponseHeaderFields(ToolConfig& tool_config, const envoy::RouterCheckToolSchema::ValidationAssert& expected); template bool matchHeaderField(const HeaderMap& header_map, const envoy::config::route::v3::HeaderMatcher& header, const std::string test_type); /** * Compare the expected and actual route parameter values. Print out match details if details_ * flag is set. * @param actual holds the actual route returned by the router. * @param expected holds the expected parameter value of the route. * @param expect_match negates the expectation if false. * @return bool if actual and expected match. */ bool compareResults(const std::string& actual, const std::string& expected, const std::string& test_type, const bool expect_match = true); void reportFailure(const std::string& actual, const std::string& expected, const std::string& test_type, const bool expect_match = true); void printResults(); bool runtimeMock(absl::string_view key, const envoy::type::v3::FractionalPercent& default_value, uint64_t random_value); bool headers_finalized_{false}; bool details_{false}; bool only_show_failures_{false}; // The first member of each pair is the name of the test. // The second member is a list of any failing results for that test as strings. std::vector>> tests_; // TODO(hennna): Switch away from mocks following work done by @rlazarus in github issue #499. std::unique_ptr> factory_context_; std::unique_ptr config_; std::unique_ptr stats_; Api::ApiPtr api_; std::string active_runtime_; Coverage coverage_; }; /** * Parses command line arguments for Router Check Tool. */ class Options { public: Options(int argc, char** argv); /** * @return the path to configuration file. */ const std::string& configPath() const { return config_path_; } /** * @return the path to test file. */ const std::string& testPath() const { return test_path_; } /** * @return the minimum required percentage of routes coverage. */ double failUnder() const { return fail_under_; } /** * @return true if test coverage should be comprehensive. */ bool comprehensiveCoverage() const { return comprehensive_coverage_; } /** * @return true if detailed test execution results are displayed. */ bool isDetailed() const { return is_detailed_; } /** * @return true if only test failures are displayed. */ bool onlyShowFailures() const { return only_show_failures_; } /** * @return true if the deprecated field check for RouteConfiguration is disabled. */ bool disableDeprecationCheck() const { return disable_deprecation_check_; } private: std::string test_path_; std::string config_path_; float fail_under_; bool comprehensive_coverage_; bool is_detailed_; bool only_show_failures_; bool disable_deprecation_check_; }; } // namespace Envoy ================================================ FILE: test/tools/router_check/router_check.cc ================================================ // NOLINT(namespace-envoy) #include #include #include "exe/platform_impl.h" #include "test/tools/router_check/router.h" int main(int argc, char* argv[]) { Envoy::Options options(argc, argv); const bool enforce_coverage = options.failUnder() != 0.0; // We need this to ensure WSAStartup is called on Windows Envoy::PlatformImpl platform_impl_; try { Envoy::RouterCheckTool checktool = Envoy::RouterCheckTool::create(options.configPath(), options.disableDeprecationCheck()); if (options.isDetailed()) { checktool.setShowDetails(); } if (options.onlyShowFailures()) { checktool.setOnlyShowFailures(); } bool is_equal = checktool.compareEntries(options.testPath()); // Test fails if routes do not match what is expected if (!is_equal) { return EXIT_FAILURE; } const double current_coverage = checktool.coverage(options.comprehensiveCoverage()); std::cout << "Current route coverage: " << current_coverage << "%" << std::endl; if (enforce_coverage) { if (current_coverage < options.failUnder()) { std::cerr << "Failed to meet coverage requirement: " << options.failUnder() << "%" << std::endl; return EXIT_FAILURE; } } } catch (const Envoy::EnvoyException& ex) { std::cerr << ex.what() << std::endl; return EXIT_FAILURE; } return EXIT_SUCCESS; } ================================================ FILE: test/tools/router_check/test/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_package", "envoy_sh_test", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_sh_test( name = "router_tool_test", srcs = ["route_tests.sh"], cc_binary = ["//test/tools/router_check:router_check_tool"], data = [ ":configs", ], ) filegroup( name = "configs", srcs = glob([ "config/*.yaml", "config/*.json", "config/*.pb_text", ]), ) ================================================ FILE: test/tools/router_check/test/config/ClusterHeader.golden.proto.json ================================================ { "tests": [ { "test_name": "Test1", "input": { "authority": "some_cluster", "path": "/foo", "method": "GET" }, "validate": {"cluster_name": "some_cluster"} }, { "test_name": "Test2", "input": { "authority": "www.lyft.com", "path": "/bar", "method": "GET" }, "validate": {"cluster_name": ""} }, { "test_name": "Test3", "input": { "authority": "www.lyft.com", "path": "/bar", "method": "GET", "additional_request_headers": [ { "key": "some_header", "value": "some_cluster" } ] }, "validate": {"cluster_name": "some_cluster"} } ] } ================================================ FILE: test/tools/router_check/test/config/ClusterHeader.yaml ================================================ virtual_hosts: - name: local_service domains: - '*' routes: - match: prefix: "/foo" headers: - name: ":authority" route: cluster_header: ":authority" - match: prefix: "/bar" route: cluster_header: "some_header" timeout: nanos: 0 ================================================ FILE: test/tools/router_check/test/config/ComprehensiveRoutes.golden.proto.json ================================================ { "tests": [ { "test_name": "Test 1", "input": { "authority": "www.lyft.com", "path": "/new_endpoint", "method": "GET" }, "validate": { "cluster_name": "www2", "virtual_cluster_name": "other", "virtual_host_name": "www2_host", "path_rewrite": "/api/new_endpoint", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test 2", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET" }, "validate": { "cluster_name": "root_www2", "virtual_cluster_name": "other", "virtual_host_name": "www2_host", "path_rewrite": "/", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test 3", "input": { "authority": "www.lyft.com", "path": "/foobar", "method": "GET" }, "validate": { "cluster_name": "www2", "virtual_cluster_name": "other", "virtual_host_name": "www2_host", "path_rewrite": "/foobar", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test 4", "input": { "authority": "www.lyft.com", "path": "/users/123", "method": "PUT" }, "validate": { "virtual_cluster_name": "update_user" } } ] } ================================================ FILE: test/tools/router_check/test/config/ComprehensiveRoutes.yaml ================================================ virtual_hosts: - name: www2_host domains: - www.lyft.com routes: - match: prefix: /new_endpoint route: cluster: www2 prefix_rewrite: /api/new_endpoint - match: path: / route: cluster: root_www2 - match: prefix: / route: cluster: www2 virtual_clusters: - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users/\d+$ - name: :method exact_match: PUT name: update_user ================================================ FILE: test/tools/router_check/test/config/ContentType.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET" }, "validate": {"cluster_name":"local_service"} }, { "test_name": "Test_2", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [{"key": "content-type", "value": "application/grpc"}] }, "validate": {"cluster_name": "local_service_grpc"} }, { "test_name": "Test_3", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [{"key": "content-type", "value": "foo"}] }, "validate": {"cluster_name": "local_service"} } ] } ================================================ FILE: test/tools/router_check/test/config/ContentType.yaml ================================================ virtual_hosts: - name: local_service domains: - '*' routes: - match: prefix: "/" headers: - name: "content-type" exact_match: "application/grpc" route: cluster: local_service_grpc - match: prefix: "/" route: cluster: local_service ================================================ FILE: test/tools/router_check/test/config/DirectResponse.golden.proto.json ================================================ { "tests": [ { "test_name": "Direct Response", "input": { "authority": "lyft.com", "path": "/ping", "method": "GET" }, "validate": { "path_redirect": "http://lyft.com/ping", "cluster_name": "", "host_rewrite": "", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "exact_match": "text/plain" }, { "name": "content-length", "exact_match": "8" } ] } }, { "test_name": "Direct Response custom content-type", "input": { "authority": "lyft.com", "path": "/ping-json", "method": "GET" }, "validate": { "path_redirect": "http://lyft.com/ping-json", "cluster_name": "", "host_rewrite": "", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "exact_match": "application/json" }, { "name": "content-length", "exact_match": "25" } ] } }, { "test_name": "Direct Response custom content-type appended", "input": { "authority": "lyft.com", "path": "/ping-json2", "method": "GET" }, "validate": { "path_redirect": "http://lyft.com/ping-json2", "cluster_name": "", "host_rewrite": "", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "exact_match": "text/plain,application/json" } ] } }, { "test_name": "Direct Response empty body", "input": { "authority": "lyft.com", "path": "/ping-empty", "method": "GET" }, "validate": { "path_redirect": "http://lyft.com/ping-empty", "cluster_name": "", "host_rewrite": "", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "present_match": true, "invert_match": true }, { "name": "content-length", "present_match": true, "invert_match": true } ] } } ] } ================================================ FILE: test/tools/router_check/test/config/DirectResponse.yaml ================================================ virtual_hosts: - name: www2 domains: - lyft.com routes: - match: path: /ping direct_response: status: 200 body: inline_string: "Success!" - match: path: /ping-json direct_response: status: 200 body: inline_string: "{ 'message': 'Success!' }" response_headers_to_add: - header: key: "content-type" value: "application/json" append: false - match: path: /ping-json2 direct_response: status: 200 body: inline_string: "{ 'message': 'Success!' }" response_headers_to_add: # This is bad, don't do it! Use append: false! - header: key: "content-type" value: "application/json" - match: path: /ping-empty direct_response: status: 200 body: inline_string: "" ================================================ FILE: test/tools/router_check/test/config/HeaderMatchedRouting.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET" }, "validate": {"cluster_name": "local_service_without_headers"} }, { "test_name": "Test_2", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "test_header", "value": "test" } ] }, "validate": {"cluster_name": "local_service_with_headers"} }, { "test_name": "Test_3", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "test_header_multiple1", "value": "test1" }, { "key": "test_header_multiple2", "value": "test2" } ] }, "validate": {"cluster_name": "local_service_with_multiple_headers"} }, { "test_name": "Test_4", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "non_existent_header", "value": "foo" } ] }, "validate": {"cluster_name": "local_service_without_headers"} }, { "test_name": "Test_5", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "test_header_presence", "value": "test" } ] }, "validate": {"cluster_name": "local_service_with_empty_headers"} }, { "test_name": "Test_6", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "test_header_pattern", "value": "user=test-1223" } ] }, "validate": {"cluster_name": "local_service_with_header_pattern_set_regex"} }, { "test_name": "Test_7", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "test_header_pattern", "value": "customer=test-1223" } ] }, "validate": {"cluster_name": "local_service_without_headers"} }, { "test_name": "Test_8", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "content-type", "value": "application/grpc+proto" } ] }, "validate": {"cluster_name": "local_service_with_grpc"} }, { "test_name": "Test_9", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "additional_request_headers": [ { "key": "content-type", "value": "application/grpc+proto" }, { "key": "test_header", "value": "some_value" } ] }, "validate": {"cluster_name": "local_service_with_grpc_and_other_header"} } ] } ================================================ FILE: test/tools/router_check/test/config/HeaderMatchedRouting.yaml ================================================ virtual_hosts: - name: local_service domains: - '*' routes: - match: prefix: / headers: - name: test_header exact_match: test route: cluster: local_service_with_headers - match: prefix: / headers: - name: test_header_multiple1 exact_match: test1 - name: test_header_multiple2 exact_match: test2 route: cluster: local_service_with_multiple_headers - match: prefix: / headers: - name: test_header_presence route: cluster: local_service_with_empty_headers - match: prefix: / headers: - name: test_header_pattern safe_regex_match: google_re2: {} regex: ^user=test-\d+$ route: cluster: local_service_with_header_pattern_set_regex - match: prefix: / headers: - name: test_header_pattern exact_match: ^customer=test-\d+$ route: cluster: local_service_with_header_pattern_unset_regex - match: prefix: / grpc: {} headers: - name: test_header exact_match: some_value route: cluster: local_service_with_grpc_and_other_header - match: prefix: / grpc: {} route: cluster: local_service_with_grpc - match: prefix: / route: cluster: local_service_without_headers ================================================ FILE: test/tools/router_check/test/config/Redirect.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.foo.com", "path": "/foo", "method": "GET", "internal": true, "ssl": true }, "validate": {"path_redirect": ""} }, { "test_name": "Test_2", "input": { "authority": "www.lyft.com", "path": "/foo", "method": "GET", "ssl": true, "internal": true }, "validate": {"path_redirect": ""} }, { "test_name": "Test_3", "input": { "authority": "www.lyft.com", "path": "/foo", "method": "GET", "ssl": false, "internal": false }, "validate": {"path_redirect": "https://www.lyft.com/foo"} }, { "test_name": "Test_4", "input": { "authority": "api.lyft.com", "path": "/foo", "method": "GET", "internal": true }, "validate": {"path_redirect": ""} }, { "test_name": "Test_5", "input": { "authority": "api.lyft.com", "path": "/foo", "method": "GET" }, "validate": {"path_redirect": "https://api.lyft.com/foo"} }, { "test_name": "Test_6", "input": { "authority": "redirect.lyft.com", "path": "/foo", "method": "GET", "ssl": false, "internal": false }, "validate": {"path_redirect": "http://new.lyft.com/foo"} }, { "test_name": "Test_7", "input": { "authority": "redirect.lyft.com", "path": "/bar", "method": "GET", "ssl": true }, "validate": {"path_redirect": "https://redirect.lyft.com/new_bar"} }, { "test_name": "Test_8", "input": { "authority": "redirect.lyft.com", "path": "/baz", "method": "GET", "ssl": true, "internal": false }, "validate": {"path_redirect": "https://new.lyft.com/new_baz"} }, { "test_name": "Test_9", "input": { "authority": "api.lyft.com", "path": "/pretest", "method": "GET", "ssl": true }, "validate": { "host_rewrite": "api.lyft.com", "virtual_host_name": "api", "path_rewrite": "/pre/test", "cluster_name": "www2" } }, { "test_name": "Test_10", "input": { "authority": "api.lyft.com", "path": "/secondtest", "method": "GET", "ssl": true }, "validate": { "host_rewrite": "api.lyft.com", "virtual_host_name": "api", "path_rewrite": "/second/test", "cluster_name": "www2" } }, { "test_name": "Test_11", "input": { "authority": "redirect.lyft.com", "path": "/rewrite", "method": "GET", "ssl": true }, "validate": { "host_rewrite": "", "virtual_host_name": "", "path_rewrite": "", "cluster_name": "", "path_redirect": "https://redirect.lyft.com/blah" } } ] } ================================================ FILE: test/tools/router_check/test/config/Redirect.yaml ================================================ virtual_hosts: - name: www2 domains: - www.lyft.com require_tls: ALL routes: - match: prefix: / route: cluster: www2 - name: api domains: - api.lyft.com require_tls: EXTERNAL_ONLY routes: - match: prefix: /pretest route: prefix_rewrite: /pre/test cluster: www2 - match: prefix: /secondtest route: prefix_rewrite: /second/test cluster: www2 - match: prefix: / route: cluster: www2 - name: redirect domains: - redirect.lyft.com routes: - match: prefix: /blah route: cluster: www2 - match: prefix: /foo redirect: host_redirect: new.lyft.com - match: prefix: /bar redirect: path_redirect: /new_bar - match: prefix: /baz redirect: host_redirect: new.lyft.com path_redirect: /new_baz - match: prefix: /rewrite redirect: prefix_rewrite: /blah ================================================ FILE: test/tools/router_check/test/config/Redirect2.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.lyft.com", "path": "/foo", "method": "GET", "ssl": true, "internal": true }, "validate": { "path_redirect": "", "cluster_name": "www2" } }, { "test_name": "Test_2", "input": { "authority": "redirect.lyft.com", "path": "/foo", "method": "GET", "ssl": false, "internal": false }, "validate": { "path_redirect": "http://new.lyft.com/foo", "cluster_name": "" } }, { "test_name": "Test_3", "input": { "authority": "redirect.lyft.com", "path": "/foo", "method": "GET" }, "validate": { "path_redirect": "http://new.lyft.com/foo", "cluster_name": "" } }, { "test_name": "Test_4", "input": { "authority": "redirect.lyft.com", "path": "/foo", "method": "GET", "ssl": false }, "validate": { "path_redirect": "http://new.lyft.com/foo", "cluster_name": "" } }, { "test_name": "Test_5", "input": { "authority": "redirect.lyft.com", "ssl": false, "path": "/foo", "method": "GET" }, "validate": { "path_redirect": "http://new.lyft.com/foo", "cluster_name": "" } } ] } ================================================ FILE: test/tools/router_check/test/config/Redirect2.yaml ================================================ virtual_hosts: - name: www2 domains: - www.lyft.com routes: - match: prefix: / route: cluster: www2 - name: redirect domains: - redirect.lyft.com routes: - match: prefix: /foo redirect: host_redirect: new.lyft.com ================================================ FILE: test/tools/router_check/test/config/Redirect3.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.lyft.com", "path": "/foo", "method": "GET", "ssl": true, "internal": true }, "validate": { "path_redirect": "", "cluster_name": "www2" } }, { "test_name": "Test_2", "input": { "authority": "redirect.lyft.com", "path": "/foo", "method": "GET" }, "validate": { "cluster_name": "", "path_redirect": "http://new.lyft.com/foo" } } ] } ================================================ FILE: test/tools/router_check/test/config/Redirect3.yaml ================================================ virtual_hosts: - name: www2 domains: - www.lyft.com routes: - match: prefix: / route: weighted_clusters: clusters: - name: www2 weight: 100 total_weight: 100 - name: redirect domains: - redirect.lyft.com routes: - match: prefix: /foo redirect: host_redirect: new.lyft.com ================================================ FILE: test/tools/router_check/test/config/Runtime.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "ssl": true, "internal": true }, "validate": { "cluster_name": "www3", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_2", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "ssl": true, "internal": true, "runtime": "runtime.key", "random_value": 70 }, "validate": { "cluster_name": "www3", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_3", "input": { "authority": "www.lyft.com", "path": "/", "method": "GET", "ssl": true, "internal": true, "runtime": "runtime.key", "random_value": 20 }, "validate": { "cluster_name": "www2", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_4", "input": { "authority": "www.lyft.com", "path": "/disabled", "method": "GET", "ssl": true, "internal": true, "runtime": "runtime.key", "random_value": 0 }, "validate": { "cluster_name": "www4", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/disabled", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_5", "input": { "authority": "www.lyft.com", "path": "/disabled", "method": "GET", "ssl": true, "internal": true, "runtime": "runtime.key", "random_value": 2 }, "validate": { "cluster_name": "www2", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/disabled", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_6", "input": { "authority": "www.lyft.com", "path": "/disabled", "method": "GET", "ssl": true, "internal": true, "random_value": 2 }, "validate": { "cluster_name": "www3", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/disabled", "host_rewrite": "www.lyft.com", "path_redirect": "" } }, { "test_name": "Test_7", "input": { "authority": "www.lyft.com", "path": "/disabled", "method": "GET", "ssl": true, "internal": true }, "validate": { "cluster_name": "www3", "virtual_cluster_name": "", "virtual_host_name": "www2", "path_rewrite": "/disabled", "host_rewrite": "www.lyft.com", "path_redirect": "" } } ] } ================================================ FILE: test/tools/router_check/test/config/Runtime.yaml ================================================ virtual_hosts: - name: www2 domains: - www.lyft.com routes: - match: prefix: /disabled runtime_fraction: runtime_key: runtime.key default_value: numerator: 0 denominator: HUNDRED route: cluster: www4 - match: prefix: / runtime_fraction: runtime_key: runtime.key default_value: numerator: 30 denominator: HUNDRED route: cluster: www2 - match: prefix: / route: cluster: www3 ================================================ FILE: test/tools/router_check/test/config/TestRoutes.golden.proto.json ================================================ { "tests": [ { "test_name": "Test1", "input": { "authority": "api.lyft.com", "path": "/", "method": "GET" }, "validate": { "cluster_name": "instant-server", "virtual_cluster_name": "other", "virtual_host_name": "default", "path_rewrite": "/", "host_rewrite": "api.lyft.com", "path_redirect": ""} }, { "test_name": "Test2", "input": { "authority": "api.lyft.com", "path": "/api/leads/me", "method": "GET" }, "validate": {"cluster_name": "ats"} }, { "test_name": "Test3", "input": { "authority": "api.lyft.com", "path": "/api/locations?works=true", "method": "GET" }, "validate": {"cluster_name": "locations"} }, { "test_name": "Test4", "input": { "authority": "api.lyft.com", "path": "/api/locations", "method": "GET" }, "validate": {"cluster_name": "locations"} }, { "test_name": "Test5", "input": { "authority": "lyft.com", "path": "/foo", "method": "GET" }, "validate": {"cluster_name": "www2"} }, { "test_name": "Test6", "input": { "authority": "wwww.lyft.com", "path": "/", "method": "GET" }, "validate": {"cluster_name": "root_www2"} }, { "test_name": "Test7", "input": { "authority": "www.lyft.com", "path": "/new_endpoint/foo", "method": "GET" }, "validate": { "cluster_name": "www2", "virtual_host_name": "www2" } }, { "test_name": "Test8", "input": { "authority": "www.lyft.com", "path": "/new_endpoint/foo", "method": "GET" }, "validate": {"path_rewrite": "/api/new_endpoint/foo"} }, { "test_name": "Test9", "input": { "authority": "api.lyft.com", "path": "/api/locations?works=true", "method": "GET" }, "validate": {"path_rewrite": "/rewrote?works=true"} }, { "test_name": "Test10", "input": { "authority": "api.lyft.com", "path": "/foo", "method": "GET" }, "validate": {"path_rewrite": "/bar"} }, { "test_name": "Test11", "input": { "authority": "api.lyft.com", "path": "/host/rewrite/me", "method": "GET" }, "validate": {"host_rewrite":"new_host"} }, { "test_name": "Test12", "input": { "authority": "api.lyft.com", "path": "/API/locations?works=true", "method": "GET" }, "validate": {"path_rewrite": "/rewrote?works=true"} }, { "test_name": "Test13", "input": { "authority": "api.lyft.com", "path": "/fooD", "method": "GET" }, "validate": {"path_rewrite": "/cAndy"} }, { "test_name": "Test14", "input": { "authority": "api.lyft.com", "path": "/FOO", "method": "GET" }, "validate": {"path_rewrite": "/FOO"} }, { "test_name": "Test15", "input": { "authority": "api.lyft.com", "path": "/ApPles", "method": "GET" }, "validate": {"path_rewrite": "/ApPles"} }, { "test_name": "Test16", "input": { "authority": "api.lyft.com", "path": "/oLDhost/rewrite/me", "method": "GET" }, "validate": {"host_rewrite": "api.lyft.com"} }, { "test_name": "Test17", "input": { "authority": "api.lyft.com", "path": "/Tart", "method": "GET" }, "validate": {"path_rewrite": "/Tart"} }, { "test_name": "Test18", "input": { "authority": "api.lyft.com", "path": "/newhost/rewrite/me", "method": "GET" }, "validate": {"host_rewrite": "new_host"} }, { "test_name": "Test19", "input": { "authority": "api.lyft.com", "path": "/rides", "method": "GET" }, "validate": {"virtual_cluster_name": "other"} }, { "test_name": "Test20", "input": { "authority": "api.lyft.com", "path": "/rides/blah", "method": "POST" }, "validate": {"virtual_cluster_name": "other"} }, { "test_name": "Test21", "input": { "authority": "api.lyft.com", "path": "/rides", "method": "POST" }, "validate": {"virtual_cluster_name": "ride_request"} }, { "test_name": "Test22", "input": { "authority": "api.lyft.com", "path": "/rides/123", "method": "PUT" }, "validate": {"virtual_cluster_name": "update_ride"} }, { "test_name": "Test23", "input": { "authority": "api.lyft.com", "path": "/users/123/chargeaccounts", "method": "POST" }, "validate": {"virtual_cluster_name": "cc_add"} }, { "test_name": "Test24", "input": { "authority": "api.lyft.com", "path": "/users/123/chargeaccounts/hello123", "method": "PUT" }, "validate": {"virtual_cluster_name": "cc_add"} }, { "test_name": "Test25", "input": { "authority": "api.lyft.com", "path": "/users/123/chargeaccounts/validate", "method": "PUT" }, "validate": {"virtual_cluster_name": "other"} }, { "test_name": "Test26", "input": { "authority": "api.lyft.com", "path": "/foo/bar", "method": "PUT" }, "validate": {"virtual_cluster_name": "other"} }, { "test_name": "Test27", "input": { "authority": "api.lyft.com", "path": "/users", "method": "POST" }, "validate": {"virtual_cluster_name": "create_user_login"} }, { "test_name": "Test28", "input": { "authority": "api.lyft.com", "path": "/users/123", "method": "PUT" }, "validate": {"virtual_cluster_name": "update_user"} }, { "test_name": "Test29", "input": { "authority": "api.lyft.com", "path": "/users/123/location", "method": "POST" }, "validate": {"virtual_cluster_name": "ulu"} }, { "test_name": "Test30", "input": { "authority": "api.lyft.com", "path": "/something/else", "method": "GET" }, "validate": {"virtual_cluster_name": "other"} }, { "test_name": "RequestHeaderMatches 1", "input": { "authority": "api.lyft.com", "path": "/host/rewrite/me", "method": "GET" }, "validate": { "host_rewrite": "new_host", "request_header_matches": [ { "name": ":authority", "exact_match": "new_host" }, { "name": ":path", "exact_match": "/host/rewrite/me" }, { "name": ":method", "exact_match": "GET" }, { "name": ":cookie", "invert_match": true } ] } }, { "test_name": "RequestHeaderMatches 2", "input": { "authority": "api.lyft.com", "path": "/customheaders", "method": "GET" }, "validate": { "request_header_matches": [ { "name": "X-Client-IP", "exact_match": "127.0.0.1" } ] } }, { "test_name": "ResponseHeaderMatches", "input": { "authority": "www.lyft.com", "path": "/ping", "method": "GET" }, "validate": { "cluster_name": "", "host_rewrite": "", "path_redirect": "http://www.lyft.com/ping", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "exact_match": "text/plain" }, { "name": "content-length", "range_match": { "start": 0, "end": 100 } }, { "name": "x-ping-response", "exact_match": "yes" }, { "name": "x-ping-response", "present_match": true }, { "name": "x-pong-response", "present_match": true, "invert_match": true }, ] } } ] } ================================================ FILE: test/tools/router_check/test/config/TestRoutes.yaml ================================================ virtual_hosts: - name: www2 domains: - lyft.com - www.lyft.com - w.lyft.com - ww.lyft.com - wwww.lyft.com routes: - match: prefix: /new_endpoint route: cluster: www2 prefix_rewrite: /api/new_endpoint - match: prefix: /ping direct_response: status: 200 body: inline_string: "{ 'message': 'Success!' }" response_headers_to_add: - header: key: "x-ping-response" value: "yes" - match: path: / route: cluster: root_www2 - match: prefix: / route: cluster: www2 - name: www2_staging domains: - www-staging.lyft.net - www-staging-orca.lyft.com routes: - match: prefix: / route: cluster: www2_staging - name: default domains: - '*' routes: - match: prefix: /api/application_data route: cluster: ats - match: path: /api/locations case_sensitive: false route: cluster: locations prefix_rewrite: /rewrote - match: prefix: /api/leads/me route: cluster: ats - match: prefix: /host/rewrite/me route: cluster: ats host_rewrite: new_host - match: prefix: /oldhost/rewrite/me route: cluster: ats host_rewrite: new_oldhost - match: path: /foo case_sensitive: true route: prefix_rewrite: /bar cluster: instant-server - match: path: /tar case_sensitive: false route: prefix_rewrite: /car cluster: instant-server - match: prefix: /newhost/rewrite/me case_sensitive: false route: cluster: ats host_rewrite: new_host - match: path: /FOOD case_sensitive: false route: prefix_rewrite: /cAndy cluster: ats - match: path: /ApplEs case_sensitive: true route: prefix_rewrite: /oranGES cluster: instant-server - match: prefix: /customheaders route: cluster: ats host_rewrite: new_host request_headers_to_add: - header: key: X-Client-IP value: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%' - match: prefix: / route: cluster: instant-server timeout: seconds: 30 virtual_clusters: - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/rides$ - name: :method exact_match: POST name: ride_request - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/rides/\d+$ - name: :method exact_match: PUT name: update_ride - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users/\d+/chargeaccounts$ - name: :method exact_match: POST name: cc_add - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users/\d+/chargeaccounts/[^validate]\w+$ - name: :method exact_match: PUT name: cc_add - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users$ - name: :method exact_match: POST name: create_user_login - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users/\d+$ - name: :method exact_match: PUT name: update_user - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/users/\d+/location$ - name: :method exact_match: POST name: ulu internal_only_headers: - x-lyft-user-id response_headers_to_add: - header: key: x-envoy-upstream-canary value: "true" response_headers_to_remove: - x-envoy-upstream-canary - x-envoy-virtual-cluster ================================================ FILE: test/tools/router_check/test/config/TestRoutesFailures.golden.proto.json ================================================ { "tests": [ { "test_name": "ResponseHeaderMatches Failures", "input": { "authority": "www.lyft.com", "path": "/ping", "method": "GET" }, "validate": { "cluster_name": "", "host_rewrite": "", "path_redirect": "http://www.lyft.com/ping", "path_rewrite": "", "virtual_cluster_name": "", "virtual_host_name": "", "response_header_matches": [ { "name": "content-type", "exact_match": "text/plain", "invert_match": true }, { "name": "content-length", "range_match": { "start": 100, "end": 1000 } }, { "name": "x-ping-response", "exact_match": "pong" }, { "name": "x-ping-response", "present_match": true, "invert_match": true }, { "name": "x-pong-response", "present_match": true, "invert_match": false } ] } } ] } ================================================ FILE: test/tools/router_check/test/config/Weighted.golden.proto.json ================================================ { "tests": [ { "test_name": "Test_1", "input": { "authority": "www1.lyft.com", "path": "/foo", "ssl": true, "internal": true, "method": "GET" }, "validate": {"path_redirect": ""} }, { "test_name": "Test_2", "input": { "authority": "www1.lyft.com", "path": "/test/123", "method": "GET", "random_value": 115 }, "validate": {"cluster_name": "cluster1", "virtual_cluster_name": "test_virtual_cluster"} }, { "test_name": "Test_3", "input": { "authority": "www1.lyft.com", "path": "/foo", "method": "GET", "random_value": 445 }, "validate": {"cluster_name": "cluster2"} }, { "test_name": "Test_4", "input": { "authority": "www1.lyft.com", "path": "/foo", "method": "GET", "random_value": 560 }, "validate": {"cluster_name": "cluster3"} } ] } ================================================ FILE: test/tools/router_check/test/config/Weighted.golden.proto.pb_text ================================================ tests { test_name: "Test_1" input: { authority: "www1.lyft.com" path: "/foo" ssl: true internal: true method: "GET" } validate: { path_redirect: { value: "" } } } tests { test_name: "Test_2" input: { authority: "www1.lyft.com" path: "/test/123" method: "GET" random_value: 115 } validate: { cluster_name: { value: "cluster1"} virtual_cluster_name: { value: "test_virtual_cluster" } } } ================================================ FILE: test/tools/router_check/test/config/Weighted.golden.proto.yaml ================================================ tests: - test_name: Test_1 input: authority: www1.lyft.com path: "/foo" ssl: true method: GET internal: true validate: path_redirect: '' - test_name: Test_2 input: authority: www1.lyft.com path: "/test/123" method: GET random_value: 115 validate: cluster_name: cluster1 virtual_cluster_name: test_virtual_cluster - test_name: Test_3 input: authority: www1.lyft.com path: "/foo" method: GET random_value: 445 validate: cluster_name: cluster2 - test_name: Test_4 input: authority: www1.lyft.com path: "/foo" method: GET random_value: 560 validate: cluster_name: cluster3 ================================================ FILE: test/tools/router_check/test/config/Weighted.yaml ================================================ virtual_hosts: - name: www1 domains: - www1.lyft.com routes: - match: prefix: / route: weighted_clusters: clusters: - name: cluster1 weight: 30 - name: cluster2 weight: 30 - name: cluster3 weight: 40 virtual_clusters: - headers: - name: :path safe_regex_match: google_re2: {} regex: ^/test/\d+$ - name: :method exact_match: GET name: test_virtual_cluster - name: www2 domains: - www2.lyft.com routes: - match: prefix: / route: weighted_clusters: runtime_key_prefix: www2_weights clusters: - name: cluster1 weight: 30 - name: cluster2 weight: 30 - name: cluster3 weight: 40 ================================================ FILE: test/tools/router_check/test/route_tests.sh ================================================ #!/bin/bash set -e # Router_check_tool binary path PATH_BIN="${TEST_SRCDIR}/envoy"/test/tools/router_check/router_check_tool # Config json path PATH_CONFIG="${TEST_SRCDIR}/envoy"/test/tools/router_check/test/config TESTS=("ContentType" "ClusterHeader" "DirectResponse" "HeaderMatchedRouting" "Redirect" "Redirect2" "Redirect3" "Runtime" "TestRoutes" "Weighted") # Testing expected matches for t in "${TESTS[@]}" do "${PATH_BIN}" "-c" "${PATH_CONFIG}/${t}.yaml" "-t" "${PATH_CONFIG}/${t}.golden.proto.json" "--details" done # Testing coverage flag passes COVERAGE_CMD="${PATH_BIN} -c ${PATH_CONFIG}/Redirect.yaml -t ${PATH_CONFIG}/Redirect.golden.proto.json --details -f " COVERAGE_OUTPUT=$($COVERAGE_CMD "1.0" 2>&1) || echo "${COVERAGE_OUTPUT:-no-output}" if [[ "${COVERAGE_OUTPUT}" != *"Current route coverage: "* ]] ; then exit 1 fi COMP_COVERAGE_CMD="${PATH_BIN} -c ${PATH_CONFIG}/ComprehensiveRoutes.yaml -t ${PATH_CONFIG}/ComprehensiveRoutes.golden.proto.json --details -f " COVERAGE_OUTPUT=$($COMP_COVERAGE_CMD "100" "--covall" 2>&1) || echo "${COVERAGE_OUTPUT:-no-output}" if [[ "${COVERAGE_OUTPUT}" != *"Current route coverage: 100%"* ]] ; then exit 1 fi DIRECT_RESPONSE_COVERAGE_CMD="${PATH_BIN} -c ${PATH_CONFIG}/DirectResponse.yaml -t ${PATH_CONFIG}/DirectResponse.golden.proto.json --details -f " COVERAGE_OUTPUT=$($DIRECT_RESPONSE_COVERAGE_CMD "100" "--covall" 2>&1) || echo "${DIRECT_RESPONSE_COVERAGE_CMD:-no-output}" if [[ "${COVERAGE_OUTPUT}" != *"Current route coverage: 100%"* ]] ; then exit 1 fi RUNTIME_COVERAGE_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/Runtime.yaml" "-t" "${PATH_CONFIG}/Runtime.golden.proto.json" "--details" "--covall" 2>&1) || echo "${RUNTIME_COVERAGE_OUTPUT:-no-output}" if [[ "${RUNTIME_COVERAGE_OUTPUT}" != *"Current route coverage: 100%"* ]] ; then exit 1 fi # Testing coverage flag fails COVERAGE_OUTPUT=$($COVERAGE_CMD "100" 2>&1) || echo "${COVERAGE_OUTPUT:-no-output}" if [[ "${COVERAGE_OUTPUT}" != *"Failed to meet coverage requirement: 100%"* ]] ; then exit 1 fi # Test the yaml test file support "${PATH_BIN}" "-c" "${PATH_CONFIG}/Weighted.yaml" "-t" "${PATH_CONFIG}/Weighted.golden.proto.yaml" "--details" # Test the proto text test file support "${PATH_BIN}" "-c" "${PATH_CONFIG}/Weighted.yaml" "-t" "${PATH_CONFIG}/Weighted.golden.proto.pb_text" "--details" # Bad config file echo "testing bad config output" BAD_CONFIG_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/Redirect.golden.proto.json" "-t" "${PATH_CONFIG}/TestRoutes.yaml" 2>&1) || echo "${BAD_CONFIG_OUTPUT:-no-output}" if [[ "${BAD_CONFIG_OUTPUT}" != *"Protobuf message (type envoy.config.route.v3.RouteConfiguration reason INVALID_ARGUMENT:tests: Cannot find field.) has unknown fields"* ]]; then exit 1 fi # Failure output flag test cases echo "testing failure test cases" # Failure test case with only details flag set FAILURE_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/TestRoutes.yaml" "-t" "${PATH_CONFIG}/Weighted.golden.proto.json" "--details" 2>&1) || echo "${FAILURE_OUTPUT:-no-output}" if [[ "${FAILURE_OUTPUT}" != *"Test_1"*"Test_2"*"expected: [cluster1], actual: [instant-server], test type: cluster_name"*"expected: [test_virtual_cluster], actual: [other], test type: virtual_cluster_name"*"Test_3"* ]]; then exit 1 fi # Failure test case with details flag set and failures flag set FAILURE_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/TestRoutes.yaml" "-t" "${PATH_CONFIG}/Weighted.golden.proto.json" "--details" "--only-show-failures" 2>&1) || echo "${FAILURE_OUTPUT:-no-output}" if [[ "${FAILURE_OUTPUT}" != *"Test_2"*"expected: [cluster1], actual: [instant-server], test type: cluster_name"* ]] || [[ "${FAILURE_OUTPUT}" == *"Test_1"* ]]; then exit 1 fi # Failure test case with details flag unset and failures flag set FAILURE_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/TestRoutes.yaml" "-t" "${PATH_CONFIG}/Weighted.golden.proto.json" "--only-show-failures" 2>&1) || echo "${FAILURE_OUTPUT:-no-output}" if [[ "${FAILURE_OUTPUT}" != *"Test_2"*"expected: [cluster1], actual: [instant-server], test type: cluster_name"* ]] || [[ "${FAILURE_OUTPUT}" == *"Test_1"* ]]; then exit 1 fi # Failure test case to examine error strings echo "testing error strings" FAILURE_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/TestRoutes.yaml" "-t" "${PATH_CONFIG}/TestRoutesFailures.golden.proto.json" "--only-show-failures" 2>&1) || echo "${FAILURE_OUTPUT:-no-output}" if ! echo "${FAILURE_OUTPUT}" | grep -Fxq "expected: [content-type: text/plain], actual: NOT [content-type: text/plain], test type: response_header_matches.exact_match"; then exit 1 fi if ! echo "${FAILURE_OUTPUT}" | grep -Fxq "actual: [content-length: 25], test type: response_header_matches.range_match"; then exit 1 fi if ! echo "${FAILURE_OUTPUT}" | grep -Fxq "expected: [x-ping-response: pong], actual: [x-ping-response: yes], test type: response_header_matches.exact_match"; then exit 1 fi if ! echo "${FAILURE_OUTPUT}" | grep -Fxq "expected: [has(x-ping-response):false], actual: [has(x-ping-response):true], test type: response_header_matches.present_match"; then exit 1 fi if ! echo "${FAILURE_OUTPUT}" | grep -Fxq "expected: [has(x-pong-response):true], actual: [has(x-pong-response):false], test type: response_header_matches.present_match"; then exit 1 fi # Missing test results echo "testing missing tests output test cases" MISSING_OUTPUT=$("${PATH_BIN}" "-c" "${PATH_CONFIG}/TestRoutes.yaml" "-t" "${PATH_CONFIG}/TestRoutes.golden.proto.json" "--details" "--covall" 2>&1) || echo "${MISSING_OUTPUT:-no-output}" if [[ "${MISSING_OUTPUT}" != *"Missing test for host: www2_staging, route: prefix: \"/\""*"Missing test for host: default, route: prefix: \"/api/application_data\""* ]]; then exit 1 fi ================================================ FILE: test/tools/router_check/validation.proto ================================================ syntax = "proto3"; package envoy.RouterCheckToolSchema; import "envoy/config/core/v3/base.proto"; import "envoy/config/route/v3/route_components.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; // [#protodoc-title: RouterCheckTool Validation] // The Validation Schema of the envoy router check test files. // The accepted input formats for the test are json and yaml. // The tool transparently converts json/yaml into this proto schema. message Validation { // A collection of test cases. repeated ValidationItem tests = 1 [(validate.rules).repeated .min_items = 1]; } // Schema for each test case. message ValidationItem { // Name of the test case. There is no uniqueness constraint among the test case names. // The name has to be non empty. string test_name = 1 [(validate.rules).string.min_len = 1]; // The input constraints of the test case. ValidationInput input = 2 [(validate.rules).message.required = true]; // The validations that need to be performed on the resultant route. ValidationAssert validate = 3 [(validate.rules).message.required = true]; } // Input values sent to the router that determine the returned route. // This includes the `pseudo-header `_ fields // defined in HTTP2. message ValidationInput { reserved 8; // This pseudo-header field includes the authority portion of the target URI. // Clients that generate HTTP/2 requests directly SHOULD use the :authority pseudo-header field // instead of the Host header field. string authority = 1 [(validate.rules).string.min_len = 1]; // The :path pseudo-header field includes the path and query parts of the target URI. // This pseudo-header field MUST NOT be empty for http or https URIs. // http or https URIs that do not contain a path component MUST include a value of '/' // The exception to this rule is an OPTIONS request for an http or https URI that does not include // a path component. string path = 2 [(validate.rules).string.min_len = 1]; // This pseudo-header field includes the HTTP method. string method = 4 [(validate.rules).string.min_len = 3]; // An integer used to identify the target for weighted cluster selection. // The default value of random_value is 0. uint64 random_value = 5; // A flag that determines whether to set x-forwarded-proto to https or http. // By setting x-forwarded-proto to a given protocol, the tool is able to simulate the behavior of // a client issuing a request via http or https. By default ssl is false which corresponds to // x-forwarded-proto set to http. bool ssl = 6; // A flag that determines whether to set x-envoy-internal to “true”. // If not specified, or if internal is equal to false, x-envoy-internal is not set. bool internal = 7; // Additional request or response headers to be added as input for route determination. // The “:authority”, “:path”, “:method”, “x-forwarded-proto”, and “x-envoy-internal” fields are // specified by the other config options and should not be set here. repeated envoy.config.core.v3.HeaderValue additional_request_headers = 10; repeated envoy.config.core.v3.HeaderValue additional_response_headers = 11; // Runtime setting key to enable for the test case. // If a route depends on the runtime, the route will be enabled based on the random_value defined // in the test. Only a random_value less than the fractional percentage will enable the route. string runtime = 9; } // The validate object specifies the returned route parameters to match. // At least one test parameter must be specified. // Use “” (empty string) to indicate that no return value is expected. // For example, to test that no cluster match is expected use {“cluster_name”: “”}. message ValidationAssert { reserved 7, 8; // Match the cluster name. google.protobuf.StringValue cluster_name = 1; // Match the virtual cluster name. google.protobuf.StringValue virtual_cluster_name = 2; // Match the virtual host name. google.protobuf.StringValue virtual_host_name = 3; // Match the host header field after rewrite. google.protobuf.StringValue host_rewrite = 4; // Match the path header field after rewrite. google.protobuf.StringValue path_rewrite = 5; // Match the returned redirect path. google.protobuf.StringValue path_redirect = 6; // Match the listed request or response header fields. These fields are deprecated, use *_header_matches instead. repeated envoy.config.core.v3.HeaderValue request_header_fields = 9 [deprecated = true]; repeated envoy.config.core.v3.HeaderValue response_header_fields = 10 [deprecated = true]; // Match the listed request or response headers. // Example header fields include the “:path”, “cookie”, and “date” fields. // The header fields are checked after all other test cases. // Thus, the header fields checked will be those of the redirected or rewritten routes when // applicable. repeated envoy.config.route.v3.HeaderMatcher request_header_matches = 11; repeated envoy.config.route.v3.HeaderMatcher response_header_matches = 12; } ================================================ FILE: test/tools/schema_validator/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_binary", "envoy_cc_test_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test_binary( name = "schema_validator_tool", deps = [":schema_validator_lib"], ) envoy_cc_test_library( name = "schema_validator_lib", srcs = [ "schema_validator.cc", "validator.cc", "validator.h", ], # TCLAP command line parser needs this to support int64_t/uint64_t in several build environments. copts = ["-DHAVE_LONG_LONG"], external_deps = ["tclap"], deps = [ "//include/envoy/api:api_interface", "//source/common/protobuf:utility_lib", "//source/common/stats:isolated_store_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", ], ) ================================================ FILE: test/tools/schema_validator/schema_validator.cc ================================================ // NOLINT(namespace-envoy) #include #include #include "envoy/common/exception.h" #include "test/tools/schema_validator/validator.h" int main(int argc, char** argv) { Envoy::Options options(argc, argv); Envoy::Validator v; try { v.validate(options.configPath(), options.schemaType()); } catch (const Envoy::EnvoyException& ex) { std::cerr << ex.what() << std::endl; return EXIT_FAILURE; } return EXIT_SUCCESS; } ================================================ FILE: test/tools/schema_validator/validator.cc ================================================ #include "test/tools/schema_validator/validator.h" #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/service/discovery/v3/discovery.pb.validate.h" #include "common/protobuf/utility.h" #include "tclap/CmdLine.h" namespace Envoy { const std::string Schema::DISCOVERY_RESPONSE = "discovery_response"; const std::string Schema::ROUTE = "route"; const std::string& Schema::toString(Type type) { switch (type) { case Type::DiscoveryResponse: return DISCOVERY_RESPONSE; case Type::Route: return ROUTE; } NOT_REACHED_GCOVR_EXCL_LINE; } Options::Options(int argc, char** argv) { TCLAP::CmdLine cmd("schema_validator_tool", ' ', "none", false); TCLAP::ValueArg config_path("c", "config-path", "Path to configuration file.", true, "", "string", cmd); TCLAP::ValueArg schema_type( "t", "schema-type", "Type of schema to validate the configuration against. Supported schema is: 'route'.", true, "", "string", cmd); try { cmd.parse(argc, argv); } catch (TCLAP::ArgException& e) { std::cerr << "error: " << e.error() << std::endl; exit(EXIT_FAILURE); } if (schema_type.getValue() == Schema::toString(Schema::Type::Route)) { schema_type_ = Schema::Type::Route; } else if (schema_type.getValue() == Schema::toString(Schema::Type::DiscoveryResponse)) { schema_type_ = Schema::Type::DiscoveryResponse; } else { std::cerr << "error: unknown schema type '" << schema_type.getValue() << "'" << std::endl; exit(EXIT_FAILURE); } config_path_ = config_path.getValue(); } void Validator::validate(const std::string& config_path, Schema::Type schema_type) { switch (schema_type) { case Schema::Type::DiscoveryResponse: { envoy::service::discovery::v3::DiscoveryResponse discovery_response_config; TestUtility::loadFromFile(config_path, discovery_response_config, *api_); TestUtility::validate(discovery_response_config); break; } case Schema::Type::Route: { envoy::config::route::v3::RouteConfiguration route_config; TestUtility::loadFromFile(config_path, route_config, *api_); TestUtility::validate(route_config); break; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } } // namespace Envoy ================================================ FILE: test/tools/schema_validator/validator.h ================================================ #pragma once #include #include "envoy/api/api.h" #include "common/stats/isolated_store_impl.h" #include "test/test_common/utility.h" namespace Envoy { /** * Class for Schemas supported by validation tool. */ class Schema { public: /** * List of supported schemas to validate. */ enum Type { DiscoveryResponse, Route }; /** * Get a string representation of the schema type. * @param type to convert. * @return string representation of type. */ static const std::string& toString(Type type); private: static const std::string DISCOVERY_RESPONSE; static const std::string ROUTE; }; /** * Parses command line arguments for Schema Validator Tool. */ class Options { public: Options(int argc, char** argv); /** * @return the schema type. */ Schema::Type schemaType() const { return schema_type_; } /** * @return the path to configuration file. */ const std::string& configPath() const { return config_path_; } private: Schema::Type schema_type_; std::string config_path_; }; /** * Validates the schema of a configuration. */ class Validator { public: Validator() : api_(Api::createApiForTest(stats_)) {} /** * Validates the configuration at config_path against schema_type. * An EnvoyException is thrown in several cases: * - Cannot load the configuration from config_path(invalid path or malformed data). * - A schema error from validating the configuration. * @param config_path specifies the path to the configuration file. * @param schema_type specifies the schema to validate the configuration against. */ void validate(const std::string& config_path, Schema::Type schema_type); private: Stats::IsolatedStoreImpl stats_; Api::ApiPtr api_; }; } // namespace Envoy ================================================ FILE: test/tools/type_whisperer/BUILD ================================================ load("//bazel:envoy_build_system.bzl", "envoy_cc_test", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_test( name = "api_type_db_test", srcs = ["api_type_db_test.cc"], # MSVC does not allow strings over a certain length, see error C2026 tags = ["skip_on_windows"], deps = ["//tools/type_whisperer:api_type_db_lib"], ) ================================================ FILE: test/tools/type_whisperer/api_type_db_test.cc ================================================ #include "gtest/gtest.h" #include "tools/type_whisperer/api_type_db.h" namespace Envoy { namespace Tools { namespace TypeWhisperer { namespace { // Validate that ApiTypeDb::getLatestTypeInformation returns nullopt when no // type information exists. TEST(ApiTypeDb, GetLatestTypeInformationForTypeUnknown) { const auto unknown_type_information = ApiTypeDb::getLatestTypeInformation("foo"); EXPECT_EQ(absl::nullopt, unknown_type_information); } // Validate that ApiTypeDb::getLatestTypeInformation fetches the latest type // information when an upgrade occurs. TEST(ApiTypeDb, GetLatestTypeInformationForTypeKnownUpgraded) { const auto known_type_information = ApiTypeDb::getLatestTypeInformation("envoy.type.Int64Range"); EXPECT_EQ("envoy.type.v3.Int64Range", known_type_information->type_name_); EXPECT_EQ("envoy/type/v3/range.proto", known_type_information->proto_path_); } // Validate that ApiTypeDb::getLatestTypeInformation is idempotent when no // upgrade occurs. TEST(ApiTypeDb, GetLatestTypeInformationForTypeKnownNoUpgrade) { const auto known_type_information = ApiTypeDb::getLatestTypeInformation("envoy.type.v3.Int64Range"); EXPECT_EQ("envoy.type.v3.Int64Range", known_type_information->type_name_); EXPECT_EQ("envoy/type/v3/range.proto", known_type_information->proto_path_); } } // namespace } // namespace TypeWhisperer } // namespace Tools } // namespace Envoy ================================================ FILE: test/tools/wee8_compile/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_binary", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "wee8_compile_tool", deps = [":wee8_compile_lib"], ) envoy_cc_library( name = "wee8_compile_lib", srcs = ["wee8_compile.cc"], external_deps = ["wee8"], ) ================================================ FILE: test/tools/wee8_compile/wee8_compile.cc ================================================ // NOLINT(namespace-envoy) #include #include #include #include #include #include "v8-version.h" #include "wasm-api/wasm.hh" uint32_t parseVarint(const byte_t*& pos, const byte_t* end) { uint32_t n = 0; uint32_t shift = 0; byte_t b; do { if (pos + 1 > end) { return static_cast(-1); } b = *pos++; n += (b & 0x7f) << shift; shift += 7; } while ((b & 0x80) != 0); return n; } wasm::vec getVarint(uint32_t value) { byte_t bytes[5]; int pos = 0; while (pos < 5) { if ((value & ~0x7F) == 0) { bytes[pos++] = static_cast(value); break; } bytes[pos++] = static_cast(value & 0x7F) | 0x80; value >>= 7; } auto vec = wasm::vec::make_uninitialized(pos); ::memcpy(vec.get(), bytes, pos); return vec; } wasm::vec readWasmModule(const char* path, const std::string& name) { // Open binary file. auto file = std::ifstream(path, std::ios::binary); file.seekg(0, std::ios_base::end); const auto size = file.tellg(); file.seekg(0); auto content = wasm::vec::make_uninitialized(size); file.read(content.get(), size); file.close(); if (file.fail()) { std::cerr << "ERROR: Failed to read the input file from: " << path << std::endl; return wasm::vec::invalid(); } // Wasm header is 8 bytes (magic number + version). const uint8_t magic_number[4] = {0x00, 0x61, 0x73, 0x6d}; if (size < 8 || ::memcmp(content.get(), magic_number, 4) != 0) { std::cerr << "ERROR: Failed to parse corrupted Wasm module from: " << path << std::endl; return wasm::vec::invalid(); } // Parse custom sections to see if precompiled module already exists. const byte_t* pos = content.get() + 8 /* Wasm header */; const byte_t* end = content.get() + content.size(); while (pos < end) { if (pos + 1 > end) { std::cerr << "ERROR: Failed to parse corrupted Wasm module from: " << path << std::endl; return wasm::vec::invalid(); } const auto section_type = *pos++; const auto section_len = parseVarint(pos, end); if (section_len == static_cast(-1) || pos + section_len > end) { std::cerr << "ERROR: Failed to parse corrupted Wasm module from: " << path << std::endl; return wasm::vec::invalid(); } if (section_type == 0 /* custom section */) { const auto section_data_start = pos; const auto section_name_len = parseVarint(pos, end); if (section_name_len == static_cast(-1) || pos + section_name_len > end) { std::cerr << "ERROR: Failed to parse corrupted Wasm module from: " << path << std::endl; return wasm::vec::invalid(); } if (section_name_len == name.size() && ::memcmp(pos, name.data(), section_name_len) == 0) { std::cerr << "ERROR: Wasm module: " << path << " already contains precompiled module." << std::endl; return wasm::vec::invalid(); } pos = section_data_start + section_len; } else { pos += section_len; } } return content; } wasm::vec stripWasmModule(const wasm::vec& module) { std::vector stripped; const byte_t* pos = module.get(); const byte_t* end = module.get() + module.size(); // Copy Wasm header. stripped.insert(stripped.end(), pos, pos + 8); pos += 8; while (pos < end) { const auto section_start = pos; if (pos + 1 > end) { std::cerr << "ERROR: Failed to parse corrupted Wasm module." << std::endl; return wasm::vec::invalid(); } const auto section_type = *pos++; const auto section_len = parseVarint(pos, end); if (section_len == static_cast(-1) || pos + section_len > end) { std::cerr << "ERROR: Failed to parse corrupted Wasm module." << std::endl; return wasm::vec::invalid(); } if (section_type != 0 /* custom section */) { stripped.insert(stripped.end(), section_start, pos + section_len); } pos += section_len; } return wasm::vec::make(stripped.size(), stripped.data()); } wasm::vec serializeWasmModule(const char* path, const wasm::vec& content) { const auto engine = wasm::Engine::make(); if (engine == nullptr) { std::cerr << "ERROR: Failed to start V8." << std::endl; return wasm::vec::invalid(); } const auto store = wasm::Store::make(engine.get()); if (store == nullptr) { std::cerr << "ERROR: Failed to create V8 isolate." << std::endl; return wasm::vec::invalid(); } const auto module = wasm::Module::make(store.get(), content); if (module == nullptr) { std::cerr << "ERROR: Failed to instantiate WebAssembly module from: " << path << std::endl; return wasm::vec::invalid(); } // TODO(PiotrSikora): figure out how to hook the completion callback. sleep(3); return module->serialize(); } bool writeWasmModule(const char* path, const wasm::vec& module, size_t stripped_module_size, const std::string& section_name, const wasm::vec& serialized) { auto file = std::fstream(path, std::ios::out | std::ios::binary); file.write(module.get(), module.size()); const char section_type = '\0'; // custom section file.write(§ion_type, 1); const auto section_name_len = getVarint(section_name.size()); const auto section_size = getVarint(section_name_len.size() + section_name.size() + serialized.size()); file.write(section_size.get(), section_size.size()); file.write(section_name_len.get(), section_name_len.size()); file.write(section_name.data(), section_name.size()); file.write(serialized.get(), serialized.size()); file.close(); if (file.fail()) { std::cerr << "ERROR: Failed to write the output file to: " << path << std::endl; return false; } const auto total_size = module.size() + 1 + section_size.size() + section_name_len.size() + section_name.size() + serialized.size(); std::cout << "Written " << total_size << " bytes (bytecode: " << stripped_module_size << " bytes," << " precompiled: " << serialized.size() << " bytes)." << std::endl; return true; } #if defined(__linux__) && defined(__x86_64__) #define WEE8_PLATFORM "linux_x86_64" #else #define WEE8_PLATFORM "" #endif int main(int argc, char* argv[]) { if (sizeof(WEE8_PLATFORM) - 1 == 0) { std::cerr << "Unsupported platform." << std::endl; return EXIT_FAILURE; } if (argc != 3) { std::cerr << "Usage: " << argv[0] << " " << std::endl; return EXIT_FAILURE; } const std::string section_name = "precompiled_wee8_v" + std::to_string(V8_MAJOR_VERSION) + "." + std::to_string(V8_MINOR_VERSION) + "." + std::to_string(V8_BUILD_NUMBER) + "." + std::to_string(V8_PATCH_LEVEL) + "_" + WEE8_PLATFORM; const auto module = readWasmModule(argv[1], section_name); if (!module) { return EXIT_FAILURE; } const auto stripped_module = stripWasmModule(module); if (!stripped_module) { return EXIT_FAILURE; } const auto serialized = serializeWasmModule(argv[1], stripped_module); if (!serialized) { return EXIT_FAILURE; } if (!writeWasmModule(argv[2], module, stripped_module.size(), section_name, serialized)) { return EXIT_FAILURE; } return EXIT_SUCCESS; } ================================================ FILE: third_party/statusor/BUILD ================================================ licenses(["notice"]) # Apache 2 load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_cc_test", "envoy_package", ) envoy_package() envoy_cc_library( name = "statusor_lib", srcs = [ "statusor.cc", ], hdrs = [ "statusor.h", "statusor_internals.h", ], external_deps = [ "abseil_status", ], deps = ["//source/common/common:assert_lib"], ) envoy_cc_test( name = "statusor_test", srcs = ["statusor_test.cc"], deps = [ ":statusor_lib", ], ) ================================================ FILE: third_party/statusor/statusor.cc ================================================ /** * IMPORTANT: this file is a fork of the soon to be open-source absl::StatusOr class. * When the absl::StatusOr lands this file will be removed. */ /* * Copyright 2019 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "third_party/statusor/statusor.h" #include #include "common/common/assert.h" namespace absl { namespace internal_statusor { void Helper::HandleInvalidStatusCtorArg(absl::Status* status) { const char* kMessage = "An OK status is not a valid constructor argument to StatusOr"; ASSERT(false, kMessage); // In optimized builds, we will fall back to ::util::error::INTERNAL. *status = absl::Status(absl::StatusCode::kInternal, kMessage); } void Helper::Crash(const absl::Status&) { abort(); } } // namespace internal_statusor } // namespace Envoy ================================================ FILE: third_party/statusor/statusor.h ================================================ /** * IMPORTANT: this file is a fork of the soon to be open-source absl::StatusOr class. * When the absl::StatusOr lands this file will be removed. */ /* * Copyright 2019 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ // StatusOr is the union of a Status object and a T // object. StatusOr models the concept of an object that is either a // usable value, or an error Status explaining why such a value is // not present. To this end, StatusOr does not allow its Status // value to be OkStatus(). // // The primary use-case for StatusOr is as the return value of a // function which may fail. // // Example usage of a StatusOr: // // StatusOr result = DoBigCalculationThatCouldFail(); // if (result) { // result->DoSomethingCool(); // } else { // GOOGLE_LOG(ERROR) << result.status(); // } // // Example that is guaranteed crash if the result holds no value: // // StatusOr result = DoBigCalculationThatCouldFail(); // const Foo& foo = result.value(); // foo.DoSomethingCool(); // // Example usage of a StatusOr>: // // StatusOr> result = FooFactory::MakeNewFoo(arg); // if (!result) { // GOOGLE_LOG(ERROR) << result.status(); // } else if (*result == nullptr) { // GOOGLE_LOG(ERROR) << "Unexpected null pointer"; // } else { // (*result)->DoSomethingCool(); // } // // Example factory implementation returning StatusOr: // // StatusOr FooFactory::MakeFoo(int arg) { // if (arg <= 0) { // return ::cel_base::Status(::cel_base::INVALID_ARGUMENT, // "Arg must be positive"); // } // return Foo(arg); // } // #include #include #include #include #include "third_party/statusor/statusor_internals.h" #include "absl/base/attributes.h" #include "absl/base/macros.h" namespace absl { // Returned StatusOr objects may not be ignored. template class ABSL_MUST_USE_RESULT StatusOr; template class StatusOr : private internal_statusor::StatusOrData, private internal_statusor::TraitsBase::value, std::is_move_constructible::value> { template friend class StatusOr; typedef internal_statusor::StatusOrData Base; public: using element_type = T; // Constructs a new StatusOr with Status::UNKNOWN status. This is marked // 'explicit' to try to catch cases like 'return {};', where people think // StatusOr> will be initialized with an empty vector, // instead of a Status::UNKNOWN status. explicit StatusOr(); // StatusOr will be copy constructible/assignable if T is copy // constructible. StatusOr(const StatusOr&) = default; StatusOr& operator=(const StatusOr&) = default; // StatusOr will be move constructible/assignable if T is move // constructible. StatusOr(StatusOr&&) = default; StatusOr& operator=(StatusOr&&) = default; // Conversion copy/move constructor, T must be convertible from U. // These should not participate in overload resolution if U // is not convertible to T. template StatusOr(const StatusOr& other); template StatusOr(StatusOr&& other); // Conversion copy/move assignment operator, T must be convertible from U. template StatusOr& operator=(const StatusOr& other); template StatusOr& operator=(StatusOr&& other); // Constructs a new StatusOr with the given value. After calling this // constructor, this->ok() will be true and the contained value may be // retrieved with value(), operator*(), or operator->(). // // NOTE: Not explicit - we want to use StatusOr as a return type // so it is convenient and sensible to be able to do 'return T()' // when the return type is StatusOr. // // REQUIRES: T is copy constructible. StatusOr(const T& value); // Constructs a new StatusOr with the given non-ok status. After calling this // constructor, this->ok() will be false and calls to value() will // CHECK-fail. // // NOTE: Not explicit - we want to use StatusOr as a return // value, so it is convenient and sensible to be able to do 'return // Status()' when the return type is StatusOr. // // REQUIRES: !status.ok(). This requirement is checked by ASSERT. // In optimized builds, passing OkStatus() here will have the effect // of passing INTERNAL as a fallback. StatusOr(const absl::Status& status); StatusOr& operator=(const absl::Status& status); // Similar to the `const T&` overload. // // REQUIRES: T is move constructible. StatusOr(T&& value); // RValue versions of the operations declared above. StatusOr(absl::Status&& status); StatusOr& operator=(absl::Status&& status); // Returns this->ok() explicit operator bool() const { return ok(); } // Returns this->status().ok() ABSL_MUST_USE_RESULT bool ok() const { return this->status_.ok(); } // Returns a reference to our status. If this contains a T, then // returns OkStatus(). const absl::Status& status() const&; absl::Status status() &&; // Returns a reference to our current value, or ASSERT-fails if !this->ok(). If // you have already checked the status using this->ok() or operator bool(), // then you probably want to use operator*() or operator->() to access the // current value instead of value(). // // Note: for value types that are cheap to copy, prefer simple code: // // T value = status_or.value(); // // Otherwise, if the value type is expensive to copy, but can be left // in the StatusOr, simply assign to a reference: // // T& value = status_or.value(); // or `const T&` // // Otherwise, if the value type supports an efficient move, it can be // used as follows: // // T value = std::move(status_or).value(); // // The std::move on status_or instead of on the whole expression enables // warnings about possible uses of the status_or object after the move. const T& value() const&; T& value() &; const T&& value() const&&; T&& value() &&; // Returns a reference to the current value. // // REQUIRES: this->ok() == true, otherwise the behavior is undefined. // // Use this->ok() or `operator bool()` to verify that there is a current // value. Alternatively, see value() for a similar API that guarantees // ASSERT-failing if there is no current value. const T& operator*() const&; T& operator*() &; const T&& operator*() const&&; T&& operator*() &&; // Returns a pointer to the current value. // // REQUIRES: this->ok() == true, otherwise the behavior is undefined. // // Use this->ok() or `operator bool()` to verify that there is a current // value. const T* operator->() const; T* operator->(); // Returns a copy of the current value if this->ok() == true. Otherwise // returns a default value. template T value_or(U&& default_value) const&; template T value_or(U&& default_value) &&; // Ignores any errors. This method does nothing except potentially suppress // complaints from any tools that are checking that errors are not dropped on // the floor. void IgnoreError() const; }; //////////////////////////////////////////////////////////////////////////////// // Implementation details for StatusOr template StatusOr::StatusOr() : Base(absl::Status(absl::StatusCode::kUnknown, "")) {} template StatusOr::StatusOr(const T& value) : Base(value) {} template StatusOr::StatusOr(const absl::Status& status) : Base(status) {} template StatusOr& StatusOr::operator=(const absl::Status& status) { this->Assign(status); return *this; } template StatusOr::StatusOr(T&& value) : Base(std::move(value)) {} template StatusOr::StatusOr(absl::Status&& status) : Base(std::move(status)) {} template StatusOr& StatusOr::operator=(absl::Status&& status) { this->Assign(std::move(status)); return *this; } template template inline StatusOr::StatusOr(const StatusOr& other) : Base(static_cast::Base&>(other)) {} template template inline StatusOr& StatusOr::operator=(const StatusOr& other) { if (other.ok()) this->Assign(other.value()); else this->Assign(other.status()); return *this; } template template inline StatusOr::StatusOr(StatusOr&& other) : Base(static_cast::Base&&>(other)) {} template template inline StatusOr& StatusOr::operator=(StatusOr&& other) { if (other.ok()) { this->Assign(std::move(other).value()); } else { this->Assign(std::move(other).status()); } return *this; } template const absl::Status& StatusOr::status() const& { return this->status_; } template absl::Status StatusOr::status() && { return ok() ? absl::OkStatus() : std::move(this->status_); } template const T& StatusOr::value() const& { this->EnsureOk(); return this->data_; } template T& StatusOr::value() & { this->EnsureOk(); return this->data_; } template const T&& StatusOr::value() const&& { this->EnsureOk(); return std::move(this->data_); } template T&& StatusOr::value() && { this->EnsureOk(); return std::move(this->data_); } template const T& StatusOr::operator*() const& { this->EnsureOk(); return this->data_; } template T& StatusOr::operator*() & { this->EnsureOk(); return this->data_; } template const T&& StatusOr::operator*() const&& { this->EnsureOk(); return std::move(this->data_); } template T&& StatusOr::operator*() && { this->EnsureOk(); return std::move(this->data_); } template const T* StatusOr::operator->() const { this->EnsureOk(); return &this->data_; } template T* StatusOr::operator->() { this->EnsureOk(); return &this->data_; } template template T StatusOr::value_or(U&& default_value) const& { if (ok()) { return this->data_; } return std::forward(default_value); } template template T StatusOr::value_or(U&& default_value) && { if (ok()) { return std::move(this->data_); } return std::forward(default_value); } template void StatusOr::IgnoreError() const { // no-op } } // namespace absl ================================================ FILE: third_party/statusor/statusor_internals.h ================================================ /** * IMPORTANT: this file is a fork of the soon to be open-source absl::StatusOr class. * When the absl::StatusOr lands this file will be removed. */ /* * Copyright 2019 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include "absl/base/attributes.h" #include "absl/meta/type_traits.h" #include "absl/status/status.h" namespace absl { namespace internal_statusor { class Helper { public: // Move type-agnostic error handling to the .cc. static void HandleInvalidStatusCtorArg(absl::Status*); ABSL_ATTRIBUTE_NORETURN static void Crash(const absl::Status& status); }; // Construct an instance of T in `p` through placement new, passing Args... to // the constructor. // This abstraction is here mostly for the gcc performance fix. template void PlacementNew(void* p, Args&&... args) { #if defined(__GNUC__) && !defined(__clang__) // Teach gcc that 'p' cannot be null, fixing code size issues. if (p == nullptr) __builtin_unreachable(); #endif new (p) T(std::forward(args)...); } // Helper base class to hold the data and all operations. // We move all this to a base class to allow mixing with the appropriate // TraitsBase specialization. template class StatusOrData { template friend class StatusOrData; public: StatusOrData() = delete; StatusOrData(const StatusOrData& other) { if (other.ok()) { MakeValue(other.data_); MakeStatus(); } else { MakeStatus(other.status_); } } StatusOrData(StatusOrData&& other) noexcept { if (other.ok()) { MakeValue(std::move(other.data_)); MakeStatus(); } else { MakeStatus(std::move(other.status_)); } } template StatusOrData(const StatusOrData& other) { if (other.ok()) { MakeValue(other.data_); MakeStatus(); } else { MakeStatus(other.status_); } } template StatusOrData(StatusOrData&& other) { if (other.ok()) { MakeValue(std::move(other.data_)); MakeStatus(); } else { MakeStatus(std::move(other.status_)); } } explicit StatusOrData(const T& value) : data_(value) { MakeStatus(); } explicit StatusOrData(T&& value) : data_(std::move(value)) { MakeStatus(); } explicit StatusOrData(const absl::Status& status) : status_(status) { EnsureNotOk(); } explicit StatusOrData(absl::Status&& status) : status_(std::move(status)) { EnsureNotOk(); } StatusOrData& operator=(const StatusOrData& other) { if (this == &other) return *this; if (other.ok()) Assign(other.data_); else Assign(other.status_); return *this; } StatusOrData& operator=(StatusOrData&& other) { if (this == &other) return *this; if (other.ok()) Assign(std::move(other.data_)); else Assign(std::move(other.status_)); return *this; } ~StatusOrData() { if (ok()) { status_.~Status(); data_.~T(); } else { status_.~Status(); } } void Assign(const T& value) { if (ok()) { data_.~T(); MakeValue(value); } else { MakeValue(value); status_ = absl::OkStatus(); } } void Assign(T&& value) { if (ok()) { data_.~T(); MakeValue(std::move(value)); } else { MakeValue(std::move(value)); status_ = absl::OkStatus(); } } void Assign(const absl::Status& status) { Clear(); status_ = status; EnsureNotOk(); } void Assign(absl::Status&& status) { Clear(); status_ = std::move(status); EnsureNotOk(); } bool ok() const { return status_.ok(); } protected: // status_ will always be active after the constructor. // We make it a union to be able to initialize exactly how we need without // waste. // E/g. in the copy constructor we use the default constructor of // Status in the ok() path to avoid an extra Ref call. union { absl::Status status_; }; // data_ is active iff status_.ok()==true struct Dummy {}; union { // When T is const, we need some non-const object we can cast to void* for // the placement new. dummy_ is that object. Dummy dummy_; T data_; }; void Clear() { if (ok()) data_.~T(); } void EnsureOk() const { if (!ok()) Helper::Crash(status_); } void EnsureNotOk() { if (ok()) Helper::HandleInvalidStatusCtorArg(&status_); } // Construct the value (i.e. data_) through placement new with the passed // argument. template void MakeValue(Arg&& arg) { internal_statusor::PlacementNew(&dummy_, std::forward(arg)); } // Construct the status (i.e. status_) through placement new with the passed // argument. template void MakeStatus(Args&&... args) { internal_statusor::PlacementNew(&status_, std::forward(args)...); } }; // Helper base class to allow implicitly deleted constructors and assignment // operations in StatusOr. // TraitsBase will explicitly delete what it can't support and StatusOr will // inherit that behavior implicitly. template struct TraitsBase { TraitsBase() = default; TraitsBase(const TraitsBase&) = default; TraitsBase(TraitsBase&&) = default; TraitsBase& operator=(const TraitsBase&) = default; TraitsBase& operator=(TraitsBase&&) = default; }; template <> struct TraitsBase { TraitsBase() = default; TraitsBase(const TraitsBase&) = delete; TraitsBase(TraitsBase&&) = default; TraitsBase& operator=(const TraitsBase&) = delete; TraitsBase& operator=(TraitsBase&&) = default; }; template <> struct TraitsBase { TraitsBase() = default; TraitsBase(const TraitsBase&) = delete; TraitsBase(TraitsBase&&) = delete; TraitsBase& operator=(const TraitsBase&) = delete; TraitsBase& operator=(TraitsBase&&) = delete; }; } // namespace internal_statusor } // namespace absl ================================================ FILE: third_party/statusor/statusor_test.cc ================================================ /** * IMPORTANT: this file is a fork of the soon to be open-source absl::StatusOr class. * When the absl::StatusOr lands this file will be removed. */ /* Copyright 2017 The TensorFlow Authors. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ==============================================================================*/ // Unit tests for StatusOr #include #include #include "third_party/statusor/statusor.h" #include "gmock/gmock.h" #include "gtest/gtest.h" namespace absl { namespace { class Base1 { public: virtual ~Base1() {} int pad_; }; class Base2 { public: virtual ~Base2() {} int yetotherpad_; }; class Derived : public Base1, public Base2 { public: ~Derived() override {} int evenmorepad_; }; class CopyNoAssign { public: explicit CopyNoAssign(int value) : foo_(value) {} CopyNoAssign(const CopyNoAssign& other) : foo_(other.foo_) {} int foo_; private: const CopyNoAssign& operator=(const CopyNoAssign&); }; class NoDefaultConstructor { public: explicit NoDefaultConstructor(int foo); }; static_assert(!std::is_default_constructible(), "Should not be default-constructible."); StatusOr> ReturnUniquePtr() { // Uses implicit constructor from T&& return std::unique_ptr(new int(0)); } TEST(StatusOr, ElementType) { static_assert(std::is_same::element_type, int>(), ""); static_assert(std::is_same::element_type, char>(), ""); } TEST(StatusOr, NullPointerStatusOr) { // As a very special case, null-plain-pointer StatusOr used to be an // error. Test that it no longer is. StatusOr null_status(nullptr); EXPECT_TRUE(null_status.ok()); EXPECT_EQ(null_status.value(), nullptr); } TEST(StatusOr, TestNoDefaultConstructorInitialization) { // Explicitly initialize it with an error code. StatusOr statusor(absl::CancelledError("")); EXPECT_FALSE(statusor.ok()); EXPECT_EQ(statusor.status().code(), absl::StatusCode::kCancelled); // Default construction of StatusOr initializes it with an UNKNOWN error code. StatusOr statusor2; EXPECT_FALSE(statusor2.ok()); EXPECT_EQ(statusor2.status().code(), absl::StatusCode::kUnknown); } TEST(StatusOr, TestMoveOnlyInitialization) { StatusOr> thing(ReturnUniquePtr()); ASSERT_TRUE(thing.ok()); EXPECT_EQ(0, *thing.value()); int* previous = thing.value().get(); thing = ReturnUniquePtr(); EXPECT_TRUE(thing.ok()); EXPECT_EQ(0, *thing.value()); EXPECT_NE(previous, thing.value().get()); } TEST(StatusOr, TestMoveOnlyStatusCtr) { StatusOr> thing(absl::CancelledError("")); ASSERT_FALSE(thing.ok()); } TEST(StatusOr, TestMoveOnlyValueExtraction) { StatusOr> thing(ReturnUniquePtr()); ASSERT_TRUE(thing.ok()); std::unique_ptr ptr = std::move(thing).value(); EXPECT_EQ(0, *ptr); thing = std::move(ptr); ptr = std::move(thing.value()); EXPECT_EQ(0, *ptr); } TEST(StatusOr, TestMoveOnlyConversion) { StatusOr> const_thing(ReturnUniquePtr()); EXPECT_TRUE(const_thing.ok()); EXPECT_EQ(0, *const_thing.value()); // Test rvalue converting assignment const int* const_previous = const_thing.value().get(); const_thing = ReturnUniquePtr(); EXPECT_TRUE(const_thing.ok()); EXPECT_EQ(0, *const_thing.value()); EXPECT_NE(const_previous, const_thing.value().get()); } TEST(StatusOr, TestMoveOnlyVector) { // Sanity check that StatusOr works in vector. std::vector>> vec; vec.push_back(ReturnUniquePtr()); vec.resize(2); auto another_vec = std::move(vec); EXPECT_EQ(0, *another_vec[0].value()); EXPECT_EQ(absl::StatusCode::kUnknown, another_vec[1].status().code()); } TEST(StatusOr, TestMoveWithValuesAndErrors) { StatusOr status_or(std::string(1000, '0')); StatusOr value1(std::string(1000, '1')); StatusOr value2(std::string(1000, '2')); StatusOr error1(Status(absl::StatusCode::kUnknown, "error1")); StatusOr error2(Status(absl::StatusCode::kUnknown, "error2")); ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '0'), status_or.value()); // Overwrite the value in status_or with another value. status_or = std::move(value1); ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '1'), status_or.value()); // Overwrite the value in status_or with an error. status_or = std::move(error1); ASSERT_FALSE(status_or.ok()); EXPECT_EQ("error1", status_or.status().message()); // Overwrite the error in status_or with another error. status_or = std::move(error2); ASSERT_FALSE(status_or.ok()); EXPECT_EQ("error2", status_or.status().message()); // Overwrite the error with a value. status_or = std::move(value2); ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '2'), status_or.value()); } TEST(StatusOr, TestCopyWithValuesAndErrors) { StatusOr status_or(std::string(1000, '0')); StatusOr value1(std::string(1000, '1')); StatusOr value2(std::string(1000, '2')); StatusOr error1(Status(absl::StatusCode::kUnknown, "error1")); StatusOr error2(Status(absl::StatusCode::kUnknown, "error2")); ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '0'), status_or.value()); // Overwrite the value in status_or with another value. status_or = value1; ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '1'), status_or.value()); // Overwrite the value in status_or with an error. status_or = error1; ASSERT_FALSE(status_or.ok()); EXPECT_EQ("error1", status_or.status().message()); // Overwrite the error in status_or with another error. status_or = error2; ASSERT_FALSE(status_or.ok()); EXPECT_EQ("error2", status_or.status().message()); // Overwrite the error with a value. status_or = value2; ASSERT_TRUE(status_or.ok()); EXPECT_EQ(std::string(1000, '2'), status_or.value()); // Verify original values unchanged. EXPECT_EQ(std::string(1000, '1'), value1.value()); EXPECT_EQ("error1", error1.status().message()); EXPECT_EQ("error2", error2.status().message()); EXPECT_EQ(std::string(1000, '2'), value2.value()); } TEST(StatusOr, TestDefaultCtor) { StatusOr thing; EXPECT_FALSE(thing.ok()); EXPECT_EQ(thing.status().code(), absl::StatusCode::kUnknown); } TEST(StatusOrDeathTest, TestDefaultCtorValue) { StatusOr thing; EXPECT_DEATH(thing.value(), ""); const StatusOr thing2; EXPECT_DEATH(thing.value(), ""); } TEST(StatusOr, TestStatusCtor) { StatusOr thing(Status(absl::StatusCode::kCancelled, "")); EXPECT_FALSE(thing.ok()); EXPECT_EQ(thing.status().code(), absl::StatusCode::kCancelled); } TEST(StatusOr, TestValueCtor) { const int kI = 4; const StatusOr thing(kI); EXPECT_TRUE(thing.ok()); EXPECT_EQ(kI, thing.value()); } TEST(StatusOr, TestCopyCtorStatusOk) { const int kI = 4; const StatusOr original(kI); const StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); EXPECT_EQ(original.value(), copy.value()); } TEST(StatusOr, TestCopyCtorStatusNotOk) { StatusOr original(Status(absl::StatusCode::kCancelled, "")); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); } TEST(StatusOr, TestCopyCtorNonAssignable) { const int kI = 4; CopyNoAssign value(kI); StatusOr original(value); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); EXPECT_EQ(original.value().foo_, copy.value().foo_); } TEST(StatusOr, TestCopyCtorStatusOKConverting) { const int kI = 4; StatusOr original(kI); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); EXPECT_DOUBLE_EQ(original.value(), copy.value()); } TEST(StatusOr, TestCopyCtorStatusNotOkConverting) { StatusOr original(Status(absl::StatusCode::kCancelled, "")); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); } TEST(StatusOr, TestAssignmentStatusOk) { const int kI = 4; StatusOr source(kI); StatusOr target; target = source; EXPECT_EQ(target.status(), source.status()); EXPECT_EQ(source.value(), target.value()); } TEST(StatusOr, TestAssignmentStatusNotOk) { StatusOr source(Status(absl::StatusCode::kCancelled, "")); StatusOr target; target = source; EXPECT_EQ(target.status(), source.status()); } TEST(StatusOr, TestStatus) { StatusOr good(4); EXPECT_TRUE(good.ok()); StatusOr bad(Status(absl::StatusCode::kCancelled, "")); EXPECT_FALSE(bad.ok()); EXPECT_EQ(bad.status(), Status(absl::StatusCode::kCancelled, "")); } TEST(StatusOr, TestValue) { const int kI = 4; StatusOr thing(kI); EXPECT_EQ(kI, thing.value()); } TEST(StatusOr, TestValueConst) { const int kI = 4; const StatusOr thing(kI); EXPECT_EQ(kI, thing.value()); } TEST(StatusOrDeathTest, TestValueNotOk) { StatusOr thing(Status(absl::StatusCode::kCancelled, "cancelled")); EXPECT_DEATH(thing.value(), ""); } TEST(StatusOrDeathTest, TestValueNotOkConst) { const StatusOr thing(Status(absl::StatusCode::kUnknown, "")); EXPECT_DEATH(thing.value(), ""); } TEST(StatusOr, TestPointerDefaultCtor) { StatusOr thing; EXPECT_FALSE(thing.ok()); EXPECT_EQ(thing.status().code(), absl::StatusCode::kUnknown); } TEST(StatusOrDeathTest, TestPointerDefaultCtorValue) { StatusOr thing; EXPECT_DEATH(thing.value(), ""); } TEST(StatusOr, TestPointerStatusCtor) { StatusOr thing(Status(absl::StatusCode::kCancelled, "")); EXPECT_FALSE(thing.ok()); EXPECT_EQ(thing.status(), Status(absl::StatusCode::kCancelled, "")); } TEST(StatusOr, TestPointerValueCtor) { const int kI = 4; StatusOr thing(&kI); EXPECT_TRUE(thing.ok()); EXPECT_EQ(&kI, thing.value()); } TEST(StatusOr, TestPointerCopyCtorStatusOk) { const int kI = 0; StatusOr original(&kI); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); EXPECT_EQ(original.value(), copy.value()); } TEST(StatusOr, TestPointerCopyCtorStatusNotOk) { StatusOr original(Status(absl::StatusCode::kCancelled, "")); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); } TEST(StatusOr, TestPointerCopyCtorStatusOKConverting) { Derived derived; StatusOr original(&derived); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); EXPECT_EQ(static_cast(original.value()), copy.value()); } TEST(StatusOr, TestPointerCopyCtorStatusNotOkConverting) { StatusOr original(Status(absl::StatusCode::kCancelled, "")); StatusOr copy(original); EXPECT_EQ(copy.status(), original.status()); } TEST(StatusOr, TestPointerAssignmentStatusOk) { const int kI = 0; StatusOr source(&kI); StatusOr target; target = source; EXPECT_EQ(target.status(), source.status()); EXPECT_EQ(source.value(), target.value()); } TEST(StatusOr, TestPointerAssignmentStatusNotOk) { StatusOr source(Status(absl::StatusCode::kCancelled, "")); StatusOr target; target = source; EXPECT_EQ(target.status(), source.status()); } TEST(StatusOr, TestPointerStatus) { const int kI = 0; StatusOr good(&kI); EXPECT_TRUE(good.ok()); StatusOr bad(Status(absl::StatusCode::kCancelled, "")); EXPECT_EQ(bad.status(), Status(absl::StatusCode::kCancelled, "")); } TEST(StatusOr, TestPointerValue) { const int kI = 0; StatusOr thing(&kI); EXPECT_EQ(&kI, thing.value()); } TEST(StatusOr, TestPointerValueConst) { const int kI = 0; const StatusOr thing(&kI); EXPECT_EQ(&kI, thing.value()); } // NOTE(tucker): StatusOr does not support this kind // of resize op. // TEST(StatusOr, StatusOrVectorOfUniquePointerCanResize) { // using EvilType = std::vector>; // static_assert(std::is_copy_constructible::value, ""); // std::vector> v(5); // v.reserve(v.capacity() + 10); // } TEST(StatusOrDeathTest, TestPointerValueNotOk) { StatusOr thing(Status(absl::StatusCode::kCancelled, "cancelled")); EXPECT_DEATH(thing.value(), ""); } TEST(StatusOrDeathTest, TestPointerValueNotOkConst) { const StatusOr thing(Status(absl::StatusCode::kCancelled, "cancelled")); EXPECT_DEATH(thing.value(), ""); } // Benchmarks were removed as we not intend to change forked code. } // namespace } // namespace absl ================================================ FILE: tools/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_library") load( "//bazel:envoy_build_system.bzl", "envoy_cc_binary", "envoy_cc_platform_dep", "envoy_package", "envoy_py_test_binary", ) licenses(["notice"]) # Apache 2 envoy_package() exports_files([ "gen_git_sha.sh", "code_format/check_format.py", "code_format/header_order.py", "code_format/envoy_build_fixer.py", "check_repositories.sh", ]) envoy_py_test_binary( name = "socket_passing", srcs = [ "socket_passing.py", ], ) py_library( name = "run_command", srcs = [ "run_command.py", ], visibility = ["//visibility:public"], ) envoy_cc_binary( name = "bootstrap2pb", srcs = ["bootstrap2pb.cc"], deps = [ "//source/common/api:api_lib", "//source/common/common:assert_lib", "//source/common/protobuf:message_validator_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:isolated_store_lib", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", ] + envoy_cc_platform_dep("//source/exe:platform_impl_lib"), ) ================================================ FILE: tools/api/generate_go_protobuf.py ================================================ #!/usr/bin/env python3 from subprocess import check_output from subprocess import check_call import glob import os import shutil import sys import re TARGETS = '@envoy_api//...' IMPORT_BASE = 'github.com/envoyproxy/go-control-plane' OUTPUT_BASE = 'build_go' REPO_BASE = 'go-control-plane' BRANCH = 'master' MIRROR_MSG = 'Mirrored from envoyproxy/envoy @ ' USER_NAME = 'go-control-plane(CircleCI)' USER_EMAIL = 'go-control-plane@users.noreply.github.com' def generateProtobufs(output): bazel_bin = check_output(['bazel', 'info', 'bazel-bin']).decode().strip() go_protos = check_output([ 'bazel', 'query', 'kind("go_proto_library", %s)' % TARGETS, ]).split() # Each rule has the form @envoy_api//foo/bar:baz_go_proto. # First build all the rules to ensure we have the output files. # We preserve source info so comments are retained on generated code. check_call([ 'bazel', 'build', '-c', 'fastbuild', '--experimental_proto_descriptor_sets_include_source_info' ] + go_protos) for rule in go_protos: # Example rule: # @envoy_api//envoy/config/bootstrap/v2:pkg_go_proto # # Example generated directory: # bazel-bin/external/envoy_api/envoy/config/bootstrap/v2/linux_amd64_stripped/pkg_go_proto%/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v2/ # # Example output directory: # go_out/envoy/config/bootstrap/v2 rule_dir, proto = rule.decode()[len('@envoy_api//'):].rsplit(':', 1) input_dir = os.path.join(bazel_bin, 'external', 'envoy_api', rule_dir, proto + '_', IMPORT_BASE, rule_dir) input_files = glob.glob(os.path.join(input_dir, '*.go')) output_dir = os.path.join(output, rule_dir) # Ensure the output directory exists os.makedirs(output_dir, 0o755, exist_ok=True) for generated_file in input_files: shutil.copy(generated_file, output_dir) print('Go artifacts placed into: ' + output) def git(repo, *args): cmd = ['git'] if repo: cmd = cmd + ['-C', repo] for arg in args: cmd = cmd + [arg] return check_output(cmd).decode() def cloneGoProtobufs(repo): # Create a local clone of go-control-plane git(None, 'clone', 'git@github.com:envoyproxy/go-control-plane', repo) git(repo, 'fetch') git(repo, 'checkout', '-B', BRANCH, 'origin/master') def findLastSyncSHA(repo): # Determine last envoyproxy/envoy SHA in envoyproxy/go-control-plane last_commit = git(repo, 'log', '--grep=' + MIRROR_MSG, '-n', '1', '--format=%B').strip() # Initial SHA from which the APIs start syncing. Prior to that it was done manually. if last_commit == "": return 'e7f0b7176efdc65f96eb1697b829d1e6187f4502' m = re.search(MIRROR_MSG + '(\w+)', last_commit) return m.group(1) def updatedSinceSHA(repo, last_sha): # Determine if there are changes to API since last SHA return git(None, 'rev-list', '%s..HEAD' % last_sha).split() def writeRevisionInfo(repo, sha): # Put a file in the generated code root containing the latest mirrored SHA dst = os.path.join(repo, 'envoy', 'COMMIT') with open(dst, 'w') as fh: fh.write(sha) def syncGoProtobufs(output, repo): # Sync generated content against repo and return true if there is a commit necessary dst = os.path.join(repo, 'envoy') # Remove subtree at envoy in repo git(repo, 'rm', '-r', 'envoy') # Copy subtree at envoy from output to repo shutil.copytree(os.path.join(output, 'envoy'), dst) git(repo, 'add', 'envoy') def publishGoProtobufs(repo, sha): # Publish generated files with the last SHA changes to API git(repo, 'config', 'user.name', USER_NAME) git(repo, 'config', 'user.email', USER_EMAIL) git(repo, 'add', 'envoy') git(repo, 'commit', '--allow-empty', '-s', '-m', MIRROR_MSG + sha) git(repo, 'push', 'origin', BRANCH) def updated(repo): return len( [f for f in git(repo, 'diff', 'HEAD', '--name-only').splitlines() if f != 'envoy/COMMIT']) > 0 if __name__ == "__main__": workspace = check_output(['bazel', 'info', 'workspace']).decode().strip() output = os.path.join(workspace, OUTPUT_BASE) generateProtobufs(output) repo = os.path.join(workspace, REPO_BASE) cloneGoProtobufs(repo) syncGoProtobufs(output, repo) last_sha = findLastSyncSHA(repo) changes = updatedSinceSHA(repo, last_sha) if updated(repo): print('Changes detected: %s' % changes) new_sha = changes[0] writeRevisionInfo(repo, new_sha) publishGoProtobufs(repo, new_sha) ================================================ FILE: tools/api/validate_structure.py ================================================ #!/usr/bin/env python3 # Validate the API package structure. Usage: # # ./tools/api/validate_structure.py import pathlib import re import sys # Only v2 protos are allowed in these trees. V2_ONLY_PATHS = [ 'api', 'config/filter', 'config/transport_socket', 'config/common/dynamic_forward_proxy', 'config/common/tap', ] # These are the only legacy trees that we permit not to terminate with a versioned suffix. VERSIONLESS_PATHS = [ 'annotations', 'api/v2/ratelimit', 'api/v2/auth', 'api/v2/listener', 'api/v2/core', 'api/v2/endpoint', 'api/v2/route', 'api/v2/cluster', 'type', 'type/matcher', 'config/cluster/redis', 'config/retry/previous_priorities', ] class ValidationError(Exception): pass # Extract major version and full API version string from a proto path. def ProtoApiVersion(proto_path): match = re.match('v(\d+).*', proto_path.parent.name) if match: return str(proto_path.parent.name)[1:], int(match.group(1)) return None, 0 # Validate a single proto path. def ValidateProtoPath(proto_path): version_str, major_version = ProtoApiVersion(proto_path) # Validate version-less paths. if major_version == 0: if not any(str(proto_path.parent) == p for p in VERSIONLESS_PATHS): raise ValidationError('Package is missing a version') # Validate that v3+ versions are regular. if major_version >= 3: if not re.match('\d+(alpha)?$', version_str): raise ValidationError('Invalid v3+ version: %s' % version_str) # Validate v2-only paths. for p in V2_ONLY_PATHS: if str(proto_path).startswith(p): raise ValidationError('v3+ protos are not allowed in %s' % p) # Validate a list of proto paths. def ValidateProtoPaths(proto_paths): error_msgs = [] for proto_path in proto_paths: try: ValidateProtoPath(proto_path) except ValidationError as e: error_msgs.append('Invalid .proto location [%s]: %s' % (proto_path, e)) return error_msgs if __name__ == '__main__': api_root = 'api/envoy' api_protos = pathlib.Path(api_root).rglob('*.proto') error_msgs = ValidateProtoPaths(p.relative_to(api_root) for p in api_protos) if error_msgs: for m in error_msgs: print(m) sys.exit(1) sys.exit(0) ================================================ FILE: tools/api_boost/README.md ================================================ # Envoy API upgrades This directory contains tooling to support the [Envoy API versioning guidelines](api/API_VERSIONING.md). Envoy internally tracks the latest API version for any given package. Since each package may have a different API version, and we have have > 15k of API protos, we require machine assistance to scale the upgrade process. We refer to the process of upgrading Envoy to the latest version of the API as *API boosting*. This is a manual process, where a developer wanting to bump major version at the API clock invokes: ```console /tools/api_boost/api_boost.py --build_api_booster --generate_compilation_database ``` followed by `fix_format`. The full process is still WiP, but we expect that there will be some manual fixup required of test cases (e.g. YAML fragments) as well. You will need to configure `LLVM_CONFIG` as per the [Clang Libtooling setup guide](tools/clang_tools/README.md). ## Status The API boosting tooling is still WiP. It is slated to land in the v3 release (EOY 2019), at which point it should be considered ready for general consumption by experienced developers who work on Envoy APIs. ================================================ FILE: tools/api_boost/api_boost.py ================================================ #!/usr/bin/env python3 # Tool that assists in upgrading the Envoy source tree to the latest API. # Internally, Envoy uses the latest vN or vNalpha for a given package. Envoy # will perform a reflection based version upgrade on any older protos that are # presented to it in configuration at ingestion time. # # Usage (from a clean tree): # # api_boost.py --generate_compilation_database --build_api_booster import argparse import functools import json import os import multiprocessing as mp import pathlib import re import shlex import subprocess as sp # Detect API #includes. API_INCLUDE_REGEX = re.compile('#include "(envoy/.*)/[^/]+\.pb\.(validate\.)?h"') # Needed for CI to pass down bazel options. BAZEL_BUILD_OPTIONS = shlex.split(os.environ.get('BAZEL_BUILD_OPTIONS', '')) # Obtain the directory containing a path prefix, e.g. ./foo/bar.txt is ./foo, # ./foo/ba is ./foo, ./foo/bar/ is ./foo/bar. def PrefixDirectory(path_prefix): return path_prefix if os.path.isdir(path_prefix) else os.path.dirname(path_prefix) # Update a C++ file to the latest API. def ApiBoostFile(llvm_include_path, debug_log, path): print('Processing %s' % path) if 'API_NO_BOOST_FILE' in pathlib.Path(path).read_text(): if debug_log: print('Not boosting %s due to API_NO_BOOST_FILE\n' % path) return None # Run the booster try: result = sp.run([ './bazel-bin/external/envoy_dev/clang_tools/api_booster/api_booster', '--extra-arg-before=-xc++', '--extra-arg=-isystem%s' % llvm_include_path, '--extra-arg=-Wno-undefined-internal', '--extra-arg=-Wno-old-style-cast', path ], capture_output=True, check=True) except sp.CalledProcessError as e: print('api_booster failure for %s: %s %s' % (path, e, e.stderr.decode('utf-8'))) raise if debug_log: print(result.stderr.decode('utf-8')) # Consume stdout containing the list of inferred API headers. return sorted(set(result.stdout.decode('utf-8').splitlines())) # Rewrite API includes to the inferred headers. Currently this is handled # outside of the clang-ast-replacements. In theory we could either integrate # with this or with clang-include-fixer, but it's pretty simply to handle as done # below, we have more control over special casing as well, so ¯\_(ツ)_/¯. def RewriteIncludes(args): path, api_includes = args # Files with API_NO_BOOST_FILE will have None returned by ApiBoostFile. if api_includes is None: return # We just dump the inferred API header includes at the start of the #includes # in the file and remove all the present API header includes. This does not # match Envoy style; we rely on later invocations of fix_format.sh to take # care of this alignment. output_lines = [] include_lines = ['#include "%s"' % f for f in api_includes] input_text = pathlib.Path(path).read_text() for line in input_text.splitlines(): if include_lines and line.startswith('#include'): output_lines.extend(include_lines) include_lines = None # Exclude API includes, except for a special case related to v2alpha # ext_authz; this is needed to include the service descriptor in the build # and is a hack that will go away when we remove v2. if re.match(API_INCLUDE_REGEX, line) and 'envoy/service/auth/v2alpha' not in line: continue output_lines.append(line) # Rewrite file. pathlib.Path(path).write_text('\n'.join(output_lines) + '\n') # Update the Envoy source tree the latest API. def ApiBoostTree(target_paths, generate_compilation_database=False, build_api_booster=False, debug_log=False, sequential=False): dep_build_targets = ['//%s/...' % PrefixDirectory(prefix) for prefix in target_paths] # Optional setup of state. We need the compilation database and api_booster # tool in place before we can start boosting. if generate_compilation_database: print('Building compilation database for %s' % dep_build_targets) sp.run(['./tools/gen_compilation_database.py', '--include_headers'] + dep_build_targets, check=True) if build_api_booster: # Similar to gen_compilation_database.py, we only need the cc_library for # setup. The long term fix for this is in # https://github.com/bazelbuild/bazel/issues/9578. # # Figure out some cc_libraries that cover most of our external deps. This is # the same logic as in gen_compilation_database.py. query = 'kind(cc_library, {})'.format(' union '.join(dep_build_targets)) dep_lib_build_targets = sp.check_output(['bazel', 'query', query]).decode().splitlines() # We also need some misc. stuff such as test binaries for setup of benchmark # dep. query = 'attr("tags", "compilation_db_dep", {})'.format(' union '.join(dep_build_targets)) dep_lib_build_targets.extend(sp.check_output(['bazel', 'query', query]).decode().splitlines()) extra_api_booster_args = [] if debug_log: extra_api_booster_args.append('--copt=-DENABLE_DEBUG_LOG') # Slightly easier to debug when we build api_booster on its own. sp.run([ 'bazel', 'build', '--strip=always', '@envoy_dev//clang_tools/api_booster', ] + BAZEL_BUILD_OPTIONS + extra_api_booster_args, check=True) sp.run([ 'bazel', 'build', '--config=libc++', '--strip=always', ] + BAZEL_BUILD_OPTIONS + dep_lib_build_targets, check=True) # Figure out where the LLVM include path is. We need to provide this # explicitly as the api_booster is built inside the Bazel cache and doesn't # know about this path. # TODO(htuch): this is fragile and depends on Clang version, should figure out # a cleaner approach. llvm_include_path = os.path.join( sp.check_output([os.getenv('LLVM_CONFIG'), '--libdir']).decode().rstrip(), 'clang/9.0.0/include') # Determine the files in the target dirs eligible for API boosting, based on # known files in the compilation database. file_paths = set([]) for entry in json.loads(pathlib.Path('compile_commands.json').read_text()): file_path = entry['file'] if any(file_path.startswith(prefix) for prefix in target_paths): file_paths.add(file_path) # Ensure a determinstic ordering if we are going to process sequentially. if sequential: file_paths = sorted(file_paths) # The API boosting is file local, so this is trivially parallelizable, use # multiprocessing pool with default worker pool sized to cpu_count(), since # this is CPU bound. try: with mp.Pool(processes=1 if sequential else None) as p: # We need multiple phases, to ensure that any dependency on files being modified # in one thread on consumed transitive headers on the other thread isn't an # issue. This also ensures that we complete all analysis error free before # any mutation takes place. # TODO(htuch): we should move to run-clang-tidy.py once the headers fixups # are Clang-based. api_includes = p.map(functools.partial(ApiBoostFile, llvm_include_path, debug_log), file_paths) # Apply Clang replacements before header fixups, since the replacements # are all relative to the original file. for prefix_dir in set(map(PrefixDirectory, target_paths)): sp.run(['clang-apply-replacements', prefix_dir], check=True) # Fixup headers. p.map(RewriteIncludes, zip(file_paths, api_includes)) finally: # Cleanup any stray **/*.clang-replacements.yaml. for prefix in target_paths: clang_replacements = pathlib.Path( PrefixDirectory(prefix)).glob('**/*.clang-replacements.yaml') for path in clang_replacements: path.unlink() if __name__ == '__main__': parser = argparse.ArgumentParser(description='Update Envoy tree to the latest API') parser.add_argument('--generate_compilation_database', action='store_true') parser.add_argument('--build_api_booster', action='store_true') parser.add_argument('--debug_log', action='store_true') parser.add_argument('--sequential', action='store_true') parser.add_argument('paths', nargs='*', default=['source', 'test', 'include']) args = parser.parse_args() ApiBoostTree(args.paths, generate_compilation_database=args.generate_compilation_database, build_api_booster=args.build_api_booster, debug_log=args.debug_log, sequential=args.sequential) ================================================ FILE: tools/api_boost/api_boost_test.py ================================================ #!/usr/bin/env python3 # Golden C++ source tests for API boosting. This is effectively a test for the # combination of api_boost.py, the Clang libtooling-based # tools/clang_tools/api_booster, as well as the type whisperer and API type # database. import argparse from collections import namedtuple import logging import os import pathlib import shutil import subprocess import sys import tempfile import api_boost TestCase = namedtuple('TestCase', ['name', 'description']) # List of test in the form [(file_name, explanation)] TESTS = list( map(lambda x: TestCase(*x), [ ('deprecate', 'Deprecations'), ('elaborated_type', 'ElaboratedTypeLoc type upgrades'), ('using_decl', 'UsingDecl upgrades for named types'), ('rename', 'Annotation-based renaming'), ('decl_ref_expr', 'DeclRefExpr upgrades for named constants'), ('no_boost_file', 'API_NO_BOOST_FILE annotations'), ('validate', 'Validation proto header inference'), ])) TESTDATA_PATH = 'tools/api_boost/testdata' def Diff(some_path, other_path): result = subprocess.run(['diff', '-u', some_path, other_path], capture_output=True) if result.returncode == 0: return None return result.stdout.decode('utf-8') + result.stderr.decode('utf-8') if __name__ == '__main__': parser = argparse.ArgumentParser(description='Golden C++ source tests for api_boost.py') parser.add_argument('tests', nargs='*') args = parser.parse_args() # Accumulated error messages. logging.basicConfig(format='%(message)s') messages = [] def ShouldRunTest(test_name): return len(args.tests) == 0 or test_name in args.tests # Run API booster against test artifacts in a directory relative to workspace. # We use a temporary copy as the API booster does in-place rewriting. with tempfile.TemporaryDirectory(dir=pathlib.Path.cwd()) as path: # Setup temporary tree. shutil.copy(os.path.join(TESTDATA_PATH, 'BUILD'), path) for test in TESTS: if ShouldRunTest(test.name): shutil.copy(os.path.join(TESTDATA_PATH, test.name + '.cc'), path) else: # Place an empty file to make Bazel happy. pathlib.Path(path, test.name + '.cc').write_text('') # Run API booster. relpath_to_testdata = str(pathlib.Path(path).relative_to(pathlib.Path.cwd())) api_boost.ApiBoostTree([ os.path.join(relpath_to_testdata, test.name) for test in TESTS if ShouldRunTest(test.name) ], generate_compilation_database=True, build_api_booster=True, debug_log=True, sequential=True) # Validate output against golden files. for test in TESTS: if ShouldRunTest(test.name): delta = Diff(os.path.join(TESTDATA_PATH, test.name + '.cc.gold'), os.path.join(path, test.name + '.cc')) if delta is not None: messages.append('Non-empty diff for %s (%s):\n%s\n' % (test.name, test.description, delta)) if len(messages) > 0: logging.error('FAILED:\n{}'.format('\n'.join(messages))) sys.exit(1) logging.warning('PASS') ================================================ FILE: tools/api_boost/testdata/BUILD ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_library( name = "decl_ref_expr", srcs = ["decl_ref_expr.cc"], deps = [ "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/api/v2/route:pkg_cc_proto", "@envoy_api//envoy/config/overload/v2alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "deprecate", srcs = ["deprecate.cc"], deps = [ "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/api/v2/route:pkg_cc_proto", "@envoy_api//envoy/type/matcher:pkg_cc_proto", ], ) envoy_cc_library( name = "elaborated_type", srcs = ["elaborated_type.cc"], deps = [ "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/overload/v2alpha:pkg_cc_proto", ], ) envoy_cc_library( name = "rename", srcs = ["rename.cc"], deps = ["@envoy_api//envoy/api/v2/route:pkg_cc_proto"], ) envoy_cc_library( name = "no_boost_file", srcs = ["no_boost_file.cc"], deps = ["@envoy_api//envoy/config/overload/v2alpha:pkg_cc_proto"], ) envoy_cc_library( name = "using_decl", srcs = ["using_decl.cc"], deps = ["@envoy_api//envoy/config/overload/v2alpha:pkg_cc_proto"], ) envoy_cc_library( name = "validate", srcs = ["validate.cc"], deps = [ "//include/envoy/protobuf:message_validator_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", ], ) ================================================ FILE: tools/api_boost/testdata/decl_ref_expr.cc ================================================ #include "envoy/api/v2/cds.pb.h" #include "envoy/api/v2/route/route.pb.h" #include "envoy/config/overload/v2alpha/overload.pb.h" #define API_NO_BOOST(x) x #define BAR(x) x #define ASSERT(x) static_cast(x) using envoy::config::overload::v2alpha::Trigger; using envoy::api::v2::Cluster; using MutableStringClusterAccessor = std::string* (Cluster::*)(); class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const envoy::config::overload::v2alpha::Trigger& config) { switch (config.trigger_oneof_case()) { case envoy::config::overload::v2alpha::Trigger::kThreshold: break; default: break; } switch (config.trigger_oneof_case()) { case Trigger::kThreshold: break; default: break; } API_NO_BOOST(envoy::api::v2::route::RouteAction) route_action; route_action.host_rewrite(); API_NO_BOOST(envoy::config::overload::v2alpha::Trigger) foo; BAR(API_NO_BOOST(envoy::config::overload::v2alpha::Trigger)) bar; BAR(envoy::config::overload::v2alpha::Trigger) baz; envoy::config::overload::v2alpha::ThresholdTrigger::default_instance(); ASSERT(envoy::config::overload::v2alpha::Trigger::kThreshold == Trigger::kThreshold); ASSERT(Foo::kThreshold == Trigger::kThreshold); envoy::api::v2::Cluster::LbPolicy_Name(0); static_cast(envoy::api::v2::Cluster::MAGLEV); MutableStringClusterAccessor foo2 = &envoy::api::v2::Cluster::mutable_name; static_cast(foo2); } using Foo = envoy::config::overload::v2alpha::Trigger; }; ================================================ FILE: tools/api_boost/testdata/decl_ref_expr.cc.gold ================================================ #include "envoy/api/v2/route/route_components.pb.h" #include "envoy/config/cluster/v4alpha/cluster.pb.h" #include "envoy/config/overload/v2alpha/overload.pb.h" #include "envoy/config/overload/v3/overload.pb.h" #define API_NO_BOOST(x) x #define BAR(x) x #define ASSERT(x) static_cast(x) using envoy::config::overload::v3::Trigger; using envoy::config::cluster::v4alpha::Cluster; using MutableStringClusterAccessor = std::string* (Cluster::*)(); class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const envoy::config::overload::v3::Trigger& config) { switch (config.trigger_oneof_case()) { case envoy::config::overload::v3::Trigger::TriggerOneofCase::kThreshold: break; default: break; } switch (config.trigger_oneof_case()) { case Trigger::kThreshold: break; default: break; } API_NO_BOOST(envoy::api::v2::route::RouteAction) route_action; route_action.host_rewrite(); API_NO_BOOST(envoy::config::overload::v2alpha::Trigger) foo; BAR(API_NO_BOOST(envoy::config::overload::v2alpha::Trigger)) bar; BAR(envoy::config::overload::v3::Trigger) baz; envoy::config::overload::v3::ThresholdTrigger::default_instance(); ASSERT(envoy::config::overload::v3::Trigger::TriggerOneofCase::kThreshold == Trigger::kThreshold); ASSERT(Foo::kThreshold == Trigger::kThreshold); envoy::config::cluster::v4alpha::Cluster::LbPolicy_Name(0); static_cast(envoy::config::cluster::v4alpha::Cluster::MAGLEV); MutableStringClusterAccessor foo2 = &envoy::config::cluster::v4alpha::Cluster::mutable_name; static_cast(foo2); } using Foo = envoy::config::overload::v3::Trigger; }; ================================================ FILE: tools/api_boost/testdata/deprecate.cc ================================================ #include "envoy/api/v2/cds.pb.h" #include "envoy/api/v2/route/route.pb.h" #include "envoy/type/matcher/string.pb.h" void test() { envoy::api::v2::route::VirtualHost vhost; vhost.per_filter_config(); vhost.mutable_per_filter_config(); static_cast(envoy::type::matcher::StringMatcher::kRegex); static_cast(envoy::api::v2::Cluster::ORIGINAL_DST_LB); } ================================================ FILE: tools/api_boost/testdata/deprecate.cc.gold ================================================ #include "envoy/config/cluster/v4alpha/cluster.pb.h" #include "envoy/config/route/v4alpha/route_components.pb.h" #include "envoy/type/matcher/v4alpha/string.pb.h" void test() { envoy::config::route::v4alpha::VirtualHost vhost; vhost.hidden_envoy_deprecated_per_filter_config(); vhost.mutable_hidden_envoy_deprecated_per_filter_config(); static_cast(envoy::type::matcher::v4alpha::StringMatcher::MatchPatternCase::kHiddenEnvoyDeprecatedRegex); static_cast(envoy::config::cluster::v4alpha::Cluster::hidden_envoy_deprecated_ORIGINAL_DST_LB); } ================================================ FILE: tools/api_boost/testdata/elaborated_type.cc ================================================ #include "envoy/api/v2/cds.pb.h" #include "envoy/config/overload/v2alpha/overload.pb.h" class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const envoy::config::overload::v2alpha::ThresholdTrigger& /*config*/) {} void someMethod(envoy::api::v2::Cluster_LbPolicy) {} const envoy::config::overload::v2alpha::Trigger::TriggerOneofCase case_{}; }; ================================================ FILE: tools/api_boost/testdata/elaborated_type.cc.gold ================================================ #include "envoy/config/cluster/v4alpha/cluster.pb.h" #include "envoy/config/overload/v3/overload.pb.h" class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const envoy::config::overload::v3::ThresholdTrigger& /*config*/) {} void someMethod(envoy::config::cluster::v4alpha::Cluster::LbPolicy) {} const envoy::config::overload::v3::Trigger::TriggerOneofCase case_{}; }; ================================================ FILE: tools/api_boost/testdata/no_boost_file.cc ================================================ #include "envoy/config/overload/v2alpha/overload.pb.h" // API_NO_BOOST_FILE using envoy::config::overload::v2alpha::ThresholdTrigger; using SomePtrAlias = std::unique_ptr; class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const ThresholdTrigger& /*config*/) {} ThresholdTriggerImpl(SomePtrAlias /*config*/) {} }; ================================================ FILE: tools/api_boost/testdata/no_boost_file.cc.gold ================================================ #include "envoy/config/overload/v2alpha/overload.pb.h" // API_NO_BOOST_FILE using envoy::config::overload::v2alpha::ThresholdTrigger; using SomePtrAlias = std::unique_ptr; class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const ThresholdTrigger& /*config*/) {} ThresholdTriggerImpl(SomePtrAlias /*config*/) {} }; ================================================ FILE: tools/api_boost/testdata/rename.cc ================================================ #include "envoy/api/v2/route/route.pb.h" void test() { envoy::api::v2::route::RouteAction route_action; route_action.host_rewrite(); route_action.set_host_rewrite("blah"); } ================================================ FILE: tools/api_boost/testdata/rename.cc.gold ================================================ #include "envoy/config/route/v4alpha/route_components.pb.h" void test() { envoy::config::route::v4alpha::RouteAction route_action; route_action.host_rewrite_literal(); route_action.set_host_rewrite_literal("blah"); } ================================================ FILE: tools/api_boost/testdata/using_decl.cc ================================================ #include "envoy/config/overload/v2alpha/overload.pb.h" using envoy::config::overload::v2alpha::ThresholdTrigger; using ::envoy::config::overload::v2alpha::Trigger; using SomePtrAlias = std::unique_ptr; class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const ThresholdTrigger& /*config*/) {} ThresholdTriggerImpl(SomePtrAlias /*config*/) {} }; ================================================ FILE: tools/api_boost/testdata/using_decl.cc.gold ================================================ #include "envoy/config/overload/v3/overload.pb.h" using envoy::config::overload::v3::ThresholdTrigger; using envoy::config::overload::v3::Trigger; using SomePtrAlias = std::unique_ptr; class ThresholdTriggerImpl { public: ThresholdTriggerImpl(const ThresholdTrigger& /*config*/) {} ThresholdTriggerImpl(SomePtrAlias /*config*/) {} }; ================================================ FILE: tools/api_boost/testdata/validate.cc ================================================ #include "envoy/api/v2/cds.pb.h" #include "envoy/api/v2/cluster.pb.validate.h" #include "envoy/protobuf/message_validator.h" #include "common/protobuf/utility.h" void foo(Envoy::ProtobufMessage::ValidationVisitor& validator) { envoy::api::v2::Cluster msg; Envoy::MessageUtil::downcastAndValidate(msg, validator); } ================================================ FILE: tools/api_boost/testdata/validate.cc.gold ================================================ #include "envoy/config/cluster/v4alpha/cluster.pb.h" #include "envoy/config/cluster/v4alpha/cluster.pb.validate.h" #include "envoy/protobuf/message_validator.h" #include "common/protobuf/utility.h" void foo(Envoy::ProtobufMessage::ValidationVisitor& validator) { envoy::config::cluster::v4alpha::Cluster msg; Envoy::MessageUtil::downcastAndValidate(msg, validator); } ================================================ FILE: tools/api_proto_plugin/BUILD ================================================ load("@bazel_skylib//rules:common_settings.bzl", "string_flag") load("@rules_python//python:defs.bzl", "py_library") load("//tools/type_whisperer:type_database.bzl", "type_database") licenses(["notice"]) # Apache 2 py_library( name = "api_proto_plugin", srcs = [ "annotations.py", "plugin.py", "traverse.py", "type_context.py", "visitor.py", ], visibility = ["//visibility:public"], deps = [ "@com_google_protobuf//:protobuf_python", ], ) py_library( name = "utils", srcs = ["utils.py"], visibility = ["//visibility:public"], ) label_flag( name = "default_type_db_target", # While this is not completely empty but type_db_gen generates nothing on this target. build_setting_default = "@com_google_protobuf//:empty_proto", visibility = ["//visibility:public"], ) type_database( name = "default_type_db", targets = [":default_type_db_target"], visibility = ["//visibility:public"], ) string_flag( name = "extra_args", build_setting_default = "", visibility = ["//visibility:public"], ) ================================================ FILE: tools/api_proto_plugin/__init__.py ================================================ ================================================ FILE: tools/api_proto_plugin/annotations.py ================================================ """Envoy API annotations.""" from collections import namedtuple import re # Key-value annotation regex. ANNOTATION_REGEX = re.compile('\[#([\w-]+?):\s*(.*?)\](\s?)', re.DOTALL) # Page/section titles with special prefixes in the proto comments DOC_TITLE_ANNOTATION = 'protodoc-title' # When documenting an extension, this should be used to specify the qualified # name that the extension registers as in the static registry, e.g. # envoy.filters.network.http_connection_manager. EXTENSION_ANNOTATION = 'extension' # Not implemented yet annotation on leading comments, leading to hiding of # field. NOT_IMPLEMENTED_HIDE_ANNOTATION = 'not-implemented-hide' # For large protos, place a comment at the top that specifies the next free field number. NEXT_FREE_FIELD_ANNOTATION = 'next-free-field' # Comment that allows for easy searching for things that need cleaning up in the next major # API version. NEXT_MAJOR_VERSION_ANNOTATION = 'next-major-version' # Comment. Just used for adding text that will not go into the docs at all. COMMENT_ANNOTATION = 'comment' VALID_ANNOTATIONS = set([ DOC_TITLE_ANNOTATION, EXTENSION_ANNOTATION, NOT_IMPLEMENTED_HIDE_ANNOTATION, NEXT_FREE_FIELD_ANNOTATION, NEXT_MAJOR_VERSION_ANNOTATION, COMMENT_ANNOTATION, ]) # These can propagate from file scope to message/enum scope (and be overridden). INHERITED_ANNOTATIONS = set([ # Nothing here right now, this used to be PROTO_STATUS_ANNOTATION. Retaining # this capability for potential future use. ]) class AnnotationError(Exception): """Base error class for the annotations module.""" def ExtractAnnotations(s, inherited_annotations=None): """Extract annotations map from a given comment string. Args: s: string that may contains annotations. inherited_annotations: annotation map from file-level inherited annotations (or None) if this is a file-level comment. Returns: Annotation map. """ annotations = { k: v for k, v in (inherited_annotations or {}).items() if k in INHERITED_ANNOTATIONS } # Extract annotations. groups = re.findall(ANNOTATION_REGEX, s) for group in groups: annotation = group[0] if annotation not in VALID_ANNOTATIONS: raise AnnotationError('Unknown annotation: %s' % annotation) annotations[group[0]] = group[1].lstrip() return annotations def XformAnnotation(s, annotation_xforms): """Return transformed string with annotation transformers. The annotation will be replaced with the new value returned by the transformer. If the transformer returns None, then the annotation will be removed. If the annotation presented in transformers doesn't exist in the original string, a new annotation will be appended to the end of string. Args: annotation_xforms: a dict of transformers for annotations. Returns: transformed string. """ present_annotations = set() def xform(match): annotation, content, trailing = match.groups() present_annotations.add(annotation) annotation_xform = annotation_xforms.get(annotation) if annotation_xform: value = annotation_xform(annotation) return '[#%s: %s]%s' % (annotation, value, trailing) if value is not None else '' else: return match.group(0) def append(s, annotation, content): return '%s [#%s: %s]\n' % (s, annotation, content) xformed = re.sub(ANNOTATION_REGEX, xform, s) for annotation, xform in sorted(annotation_xforms.items()): if annotation not in present_annotations: value = xform(None) if value is not None: xformed = append(xformed, annotation, value) return xformed def WithoutAnnotations(s): return re.sub(ANNOTATION_REGEX, '', s) ================================================ FILE: tools/api_proto_plugin/plugin.bzl ================================================ load("@bazel_skylib//rules:common_settings.bzl", "BuildSettingInfo") load("@rules_proto//proto:defs.bzl", "ProtoInfo") # Borrowed from https://github.com/grpc/grpc-java/blob/v1.24.1/java_grpc_library.bzl#L61 def _path_ignoring_repository(f): # Bazel creates a _virtual_imports directory in case the .proto source files # need to be accessed at a path that's different from their source path: # https://github.com/bazelbuild/bazel/blob/0.27.1/src/main/java/com/google/devtools/build/lib/rules/proto/ProtoCommon.java#L289 # # In that case, the import path of the .proto file is the path relative to # the virtual imports directory of the rule in question. virtual_imports = "/_virtual_imports/" if virtual_imports in f.path: return f.path.split(virtual_imports)[1].split("/", 1)[1] elif len(f.owner.workspace_root) == 0: # |f| is in the main repository return f.short_path else: # If |f| is a generated file, it will have "bazel-out/*/genfiles" prefix # before "external/workspace", so we need to add the starting index of "external/workspace" return f.path[f.path.find(f.owner.workspace_root) + len(f.owner.workspace_root) + 1:] def api_proto_plugin_impl(target, ctx, output_group, mnemonic, output_suffixes): # Compute output files from the current proto_library node's dependencies. transitive_outputs = depset(transitive = [dep.output_groups[output_group] for dep in ctx.rule.attr.deps]) proto_sources = target[ProtoInfo].direct_sources # If this proto_library doesn't actually name any sources, e.g. //api:api, # but just glues together other libs, we just need to follow the graph. if not proto_sources: return [OutputGroupInfo(**{output_group: transitive_outputs})] # Figure out the set of import paths. Ideally we would use descriptor sets # built by proto_library, which avoid having to do nasty path mangling, but # these don't include source_code_info, which we need for comment # extractions. See https://github.com/bazelbuild/bazel/issues/3971. import_paths = [] for f in target[ProtoInfo].transitive_sources.to_list(): import_paths.append("{}={}".format(_path_ignoring_repository(f), f.path)) # The outputs live in the ctx.label's package root. We add some additional # path information to match with protoc's notion of path relative locations. outputs = [] for output_suffix in output_suffixes: outputs += [ctx.actions.declare_file(ctx.label.name + "/" + _path_ignoring_repository(f) + output_suffix) for f in proto_sources] # Create the protoc command-line args. inputs = target[ProtoInfo].transitive_sources ctx_path = ctx.label.package + "/" + ctx.label.name output_path = outputs[0].root.path + "/" + outputs[0].owner.workspace_root + "/" + ctx_path args = ["-I./" + ctx.label.workspace_root] args += ["-I" + import_path for import_path in import_paths] args += ["--plugin=protoc-gen-api_proto_plugin=" + ctx.executable._api_proto_plugin.path, "--api_proto_plugin_out=" + output_path] if hasattr(ctx.attr, "_type_db"): inputs = depset(transitive = [inputs] + [ctx.attr._type_db.files]) if len(ctx.attr._type_db.files.to_list()) != 1: fail("{} must have one type database file".format(ctx.attr._type_db)) args.append("--api_proto_plugin_opt=type_db_path=" + ctx.attr._type_db.files.to_list()[0].path) if hasattr(ctx.attr, "_extra_args"): args.append("--api_proto_plugin_opt=extra_args=" + ctx.attr._extra_args[BuildSettingInfo].value) args += [src.path for src in target[ProtoInfo].direct_sources] env = {} ctx.actions.run( executable = ctx.executable._protoc, arguments = args, inputs = inputs, tools = [ctx.executable._api_proto_plugin], outputs = outputs, mnemonic = mnemonic, use_default_shell_env = True, ) transitive_outputs = depset(outputs, transitive = [transitive_outputs]) return [OutputGroupInfo(**{output_group: transitive_outputs})] def api_proto_plugin_aspect(tool_label, aspect_impl, use_type_db = False): _attrs = { "_protoc": attr.label( default = Label("@com_google_protobuf//:protoc"), executable = True, cfg = "exec", ), "_api_proto_plugin": attr.label( default = Label(tool_label), executable = True, cfg = "exec", ), } if use_type_db: _attrs["_type_db"] = attr.label( default = Label("@envoy//tools/api_proto_plugin:default_type_db"), ) _attrs["_extra_args"] = attr.label( default = Label("@envoy//tools/api_proto_plugin:extra_args"), ) return aspect( attr_aspects = ["deps"], attrs = _attrs, implementation = aspect_impl, ) ================================================ FILE: tools/api_proto_plugin/plugin.py ================================================ """Python protoc plugin for Envoy APIs.""" import cProfile from collections import namedtuple import io import os import pstats import sys from tools.api_proto_plugin import traverse from google.protobuf.compiler import plugin_pb2 OutputDescriptor = namedtuple( 'OutputDescriptor', [ # Output files are generated alongside their corresponding input .proto, # with the output_suffix appended. 'output_suffix', # The visitor factory is a function to create a visitor.Visitor defining # the business logic of the plugin for the specific output descriptor. 'visitor_factory', # FileDescriptorProto transformer; this is applied to the input # before any output generation. 'xform', # Supply --//tools/api_proto_plugin CLI args as a parameters dictionary # to visitor_factory constructor and xform function? 'want_params', ]) def DirectOutputDescriptor(output_suffix, visitor, want_params=False): return OutputDescriptor(output_suffix, visitor, (lambda x, _: x) if want_params else lambda x: x, want_params) def Plugin(output_descriptors): """Protoc plugin entry point. This defines protoc plugin and manages the stdin -> stdout flow. An api_proto_plugin is defined by the provided visitor. See http://www.expobrain.net/2015/09/13/create-a-plugin-for-google-protocol-buffer/ for further details on protoc plugin basics. Args: output_descriptors: a list of OutputDescriptors. """ request = plugin_pb2.CodeGeneratorRequest() request.ParseFromString(sys.stdin.buffer.read()) response = plugin_pb2.CodeGeneratorResponse() cprofile_enabled = os.getenv('CPROFILE_ENABLED') # We use request.file_to_generate rather than request.file_proto here since we # are invoked inside a Bazel aspect, each node in the DAG will be visited once # by the aspect and we only want to generate docs for the current node. for file_to_generate in request.file_to_generate: # Find the FileDescriptorProto for the file we actually are generating. file_proto = [pf for pf in request.proto_file if pf.name == file_to_generate][0] if cprofile_enabled: pr = cProfile.Profile() pr.enable() for od in output_descriptors: f = response.file.add() f.name = file_proto.name + od.output_suffix # Don't run API proto plugins on things like WKT types etc. if not file_proto.package.startswith('envoy.'): continue if request.HasField("parameter") and od.want_params: params = dict(param.split('=') for param in request.parameter.split(',')) xformed_proto = od.xform(file_proto, params) visitor_factory = od.visitor_factory(params) else: xformed_proto = od.xform(file_proto) visitor_factory = od.visitor_factory() f.content = traverse.TraverseFile(xformed_proto, visitor_factory) if xformed_proto else '' if cprofile_enabled: pr.disable() stats_stream = io.StringIO() ps = pstats.Stats(pr, stream=stats_stream).sort_stats(os.getenv('CPROFILE_SORTBY', 'cumulative')) stats_file = response.file.add() stats_file.name = file_proto.name + '.profile' ps.print_stats() stats_file.content = stats_stream.getvalue() # Also include the original FileDescriptorProto as text proto, this is # useful when debugging. descriptor_file = response.file.add() descriptor_file.name = file_proto.name + ".descriptor.proto" descriptor_file.content = str(file_proto) sys.stdout.buffer.write(response.SerializeToString()) ================================================ FILE: tools/api_proto_plugin/traverse.py ================================================ """FileDescriptorProto traversal for api_proto_plugin framework.""" from tools.api_proto_plugin import type_context def TraverseService(type_context, service_proto, visitor): """Traverse a service definition. Args: type_context: type_context.TypeContext for service type. service_proto: ServiceDescriptorProto for service. visitor: visitor.Visitor defining the business logic of the plugin. Returns: Plugin specific output. """ return visitor.VisitService(service_proto, type_context) def TraverseEnum(type_context, enum_proto, visitor): """Traverse an enum definition. Args: type_context: type_context.TypeContext for enum type. enum_proto: EnumDescriptorProto for enum. visitor: visitor.Visitor defining the business logic of the plugin. Returns: Plugin specific output. """ return visitor.VisitEnum(enum_proto, type_context) def TraverseMessage(type_context, msg_proto, visitor): """Traverse a message definition. Args: type_context: type_context.TypeContext for message type. msg_proto: DescriptorProto for message. visitor: visitor.Visitor defining the business logic of the plugin. Returns: Plugin specific output. """ # We need to do some extra work to recover the map type annotation from the # synthesized messages. type_context.map_typenames = { '%s.%s' % (type_context.name, nested_msg.name): (nested_msg.field[0], nested_msg.field[1]) for nested_msg in msg_proto.nested_type if nested_msg.options.map_entry } nested_msgs = [ TraverseMessage( type_context.ExtendNestedMessage(index, nested_msg.name, nested_msg.options.deprecated), nested_msg, visitor) for index, nested_msg in enumerate(msg_proto.nested_type) ] nested_enums = [ TraverseEnum( type_context.ExtendNestedEnum(index, nested_enum.name, nested_enum.options.deprecated), nested_enum, visitor) for index, nested_enum in enumerate(msg_proto.enum_type) ] return visitor.VisitMessage(msg_proto, type_context, nested_msgs, nested_enums) def TraverseFile(file_proto, visitor): """Traverse a proto file definition. Args: file_proto: FileDescriptorProto for file. visitor: visitor.Visitor defining the business logic of the plugin. Returns: Plugin specific output. """ source_code_info = type_context.SourceCodeInfo(file_proto.name, file_proto.source_code_info) package_type_context = type_context.TypeContext(source_code_info, file_proto.package) services = [ TraverseService(package_type_context.ExtendService(index, service.name), service, visitor) for index, service in enumerate(file_proto.service) ] msgs = [ TraverseMessage(package_type_context.ExtendMessage(index, msg.name, msg.options.deprecated), msg, visitor) for index, msg in enumerate(file_proto.message_type) ] enums = [ TraverseEnum(package_type_context.ExtendEnum(index, enum.name, enum.options.deprecated), enum, visitor) for index, enum in enumerate(file_proto.enum_type) ] return visitor.VisitFile(file_proto, package_type_context, services, msgs, enums) ================================================ FILE: tools/api_proto_plugin/type_context.py ================================================ """Type context for FileDescriptorProto traversal.""" from collections import namedtuple from tools.api_proto_plugin import annotations class Comment(object): """Wrapper for proto source comments.""" def __init__(self, comment, file_level_annotations=None): self.raw = comment self.file_level_annotations = file_level_annotations self.annotations = annotations.ExtractAnnotations(self.raw, file_level_annotations) def getCommentWithTransforms(self, annotation_xforms): """Return transformed comment with annotation transformers. Args: annotation_xforms: a dict of transformers for annotations in leading comment. Returns: transformed Comment object. """ return Comment(annotations.XformAnnotation(self.raw, annotation_xforms), self.file_level_annotations) class SourceCodeInfo(object): """Wrapper for SourceCodeInfo proto.""" def __init__(self, name, source_code_info): self.name = name self.proto = source_code_info # Map from path to SourceCodeInfo.Location self._locations = {str(location.path): location for location in self.proto.location} self._file_level_comments = None self._file_level_annotations = None @property def file_level_comments(self): """Obtain inferred file level comment.""" if self._file_level_comments: return self._file_level_comments comments = [] # We find the earliest detached comment by first finding the maximum start # line for any location and then scanning for any earlier locations with # detached comments. earliest_detached_comment = max(location.span[0] for location in self.proto.location) + 1 for location in self.proto.location: if location.leading_detached_comments and location.span[0] < earliest_detached_comment: comments = location.leading_detached_comments earliest_detached_comment = location.span[0] self._file_level_comments = comments return comments @property def file_level_annotations(self): """Obtain inferred file level annotations.""" if self._file_level_annotations: return self._file_level_annotations self._file_level_annotations = dict( sum([list(annotations.ExtractAnnotations(c).items()) for c in self.file_level_comments], [])) return self._file_level_annotations def LocationPathLookup(self, path): """Lookup SourceCodeInfo.Location by path in SourceCodeInfo. Args: path: a list of path indexes as per https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto#L717. Returns: SourceCodeInfo.Location object if found, otherwise None. """ return self._locations.get(str(path), None) # TODO(htuch): consider integrating comment lookup with overall # FileDescriptorProto, perhaps via two passes. def LeadingCommentPathLookup(self, path): """Lookup leading comment by path in SourceCodeInfo. Args: path: a list of path indexes as per https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto#L717. Returns: Comment object. """ location = self.LocationPathLookup(path) if location is not None: return Comment(location.leading_comments, self.file_level_annotations) return Comment('') def LeadingDetachedCommentsPathLookup(self, path): """Lookup leading detached comments by path in SourceCodeInfo. Args: path: a list of path indexes as per https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto#L717. Returns: List of detached comment strings. """ location = self.LocationPathLookup(path) if location is not None and location.leading_detached_comments != self.file_level_comments: return location.leading_detached_comments return [] def TrailingCommentPathLookup(self, path): """Lookup trailing comment by path in SourceCodeInfo. Args: path: a list of path indexes as per https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto#L717. Returns: Raw detached comment string """ location = self.LocationPathLookup(path) if location is not None: return location.trailing_comments return '' class TypeContext(object): """Contextual information for a message/field. Provides information around namespaces and enclosing types for fields and nested messages/enums. """ def __init__(self, source_code_info, name): # SourceCodeInfo as per # https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto. self.source_code_info = source_code_info # path: a list of path indexes as per # https://github.com/google/protobuf/blob/a08b03d4c00a5793b88b494f672513f6ad46a681/src/google/protobuf/descriptor.proto#L717. # Extended as nested objects are traversed. self.path = [] # Message/enum/field name. Extended as nested objects are traversed. self.name = name # Map from type name to the correct type annotation string, e.g. from # ".envoy.api.v2.Foo.Bar" to "map". This is lost during # proto synthesis and is dynamically recovered in TraverseMessage. self.map_typenames = {} # Map from a message's oneof index to the fields sharing a oneof. self.oneof_fields = {} # Map from a message's oneof index to the name of oneof. self.oneof_names = {} # Map from a message's oneof index to the "required" bool property. self.oneof_required = {} self.type_name = 'file' self.deprecated = False def _Extend(self, path, type_name, name, deprecated=False): if not self.name: extended_name = name else: extended_name = '%s.%s' % (self.name, name) extended = TypeContext(self.source_code_info, extended_name) extended.path = self.path + path extended.type_name = type_name extended.map_typenames = self.map_typenames.copy() extended.oneof_fields = self.oneof_fields.copy() extended.oneof_names = self.oneof_names.copy() extended.oneof_required = self.oneof_required.copy() extended.deprecated = self.deprecated or deprecated return extended def ExtendMessage(self, index, name, deprecated): """Extend type context with a message. Args: index: message index in file. name: message name. deprecated: is the message depreacted? """ return self._Extend([4, index], 'message', name, deprecated) def ExtendNestedMessage(self, index, name, deprecated): """Extend type context with a nested message. Args: index: nested message index in message. name: message name. deprecated: is the message depreacted? """ return self._Extend([3, index], 'message', name, deprecated) def ExtendField(self, index, name): """Extend type context with a field. Args: index: field index in message. name: field name. """ return self._Extend([2, index], 'field', name) def ExtendEnum(self, index, name, deprecated): """Extend type context with an enum. Args: index: enum index in file. name: enum name. deprecated: is the message depreacted? """ return self._Extend([5, index], 'enum', name, deprecated) def ExtendService(self, index, name): """Extend type context with a service. Args: index: service index in file. name: service name. """ return self._Extend([6, index], 'service', name) def ExtendNestedEnum(self, index, name, deprecated): """Extend type context with a nested enum. Args: index: enum index in message. name: enum name. deprecated: is the message depreacted? """ return self._Extend([4, index], 'enum', name, deprecated) def ExtendEnumValue(self, index, name): """Extend type context with an enum enum. Args: index: enum value index in enum. name: value name. """ return self._Extend([2, index], 'enum_value', name) def ExtendOneof(self, index, name): """Extend type context with an oneof declaration. Args: index: oneof index in oneof_decl. name: oneof name. """ return self._Extend([8, index], 'oneof', name) def ExtendMethod(self, index, name): """Extend type context with a service method declaration. Args: index: method index in service. name: method name. """ return self._Extend([2, index], 'method', name) @property def location(self): """SourceCodeInfo.Location for type context.""" return self.source_code_info.LocationPathLookup(self.path) @property def leading_comment(self): """Leading comment for type context.""" return self.source_code_info.LeadingCommentPathLookup(self.path) @property def leading_detached_comments(self): """Leading detached comments for type context.""" return self.source_code_info.LeadingDetachedCommentsPathLookup(self.path) @property def trailing_comment(self): """Trailing comment for type context.""" return self.source_code_info.TrailingCommentPathLookup(self.path) ================================================ FILE: tools/api_proto_plugin/utils.py ================================================ import os def ProtoFileCanonicalFromLabel(label): """Compute path from API root to a proto file from a Bazel proto label. Args: label: Bazel source proto label string. Returns: A string with the path, e.g. for @envoy_api//envoy/type/matcher:metadata.proto this would be envoy/type/matcher/matcher.proto. """ assert (label.startswith('@envoy_api_canonical//')) return label[len('@envoy_api_canonical//'):].replace(':', '/') def BazelBinPathForOutputArtifact(label, suffix, root=''): """Find the location in bazel-bin/ for an api_proto_plugin output file. Args: label: Bazel source proto label string. suffix: output suffix for the artifact from label, e.g. ".types.pb_text". root: location of bazel-bin/, if not specified, PWD. Returns: Path in bazel-bin/external/envoy_api_canonical for label output with given suffix. """ proto_file_path = ProtoFileCanonicalFromLabel(label) return os.path.join(root, 'bazel-bin/external/envoy_api_canonical', os.path.dirname(proto_file_path), 'pkg', proto_file_path + suffix) ================================================ FILE: tools/api_proto_plugin/visitor.py ================================================ """FileDescriptorProto visitor interface for api_proto_plugin implementations.""" class Visitor(object): """Abstract visitor interface for api_proto_plugin implementation.""" def VisitService(self, service_proto, type_context): """Visit a service definition. Args: service_proto: ServiceDescriptorProto for service. type_context: type_context.TypeContext for service type. Returns: Plugin specific output. """ pass def VisitEnum(self, enum_proto, type_context): """Visit an enum definition. Args: enum_proto: EnumDescriptorProto for enum. type_context: type_context.TypeContext for enum type. Returns: Plugin specific output. """ pass def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): """Visit a message definition. Args: msg_proto: DescriptorProto for message. type_context: type_context.TypeContext for message type. nested_msgs: a list of results from visiting nested messages. nested_enums: a list of results from visiting nested enums. Returns: Plugin specific output. """ pass def VisitFile(self, file_proto, type_context, services, msgs, enums): """Visit a proto file definition. Args: file_proto: FileDescriptorProto for file. type_context: type_context.TypeContext for file. services: a list of results from visiting services. msgs: a list of results from visiting messages. enums: a list of results from visiting enums. Returns: Plugin specific output. """ pass ================================================ FILE: tools/bazel-test-docker.sh ================================================ #!/bin/bash # Run a single Bazel test target under a privileged docker. Usage: # # tools/bazel-test-docker //test/foo:bar --some_other --bazel_args # By default, this will run in a local docker container, mounting the local shared library paths # into the counter. To run remotely, use RUN_REMOTE=yes. If the test was compiled with a different # toolchain than the envoy-build container, passing in LOCAL_MOUNT=yes will force it to copy the # local libraries into the container. if [[ -z "$1" ]]; then echo "First argument to $0 must be a [@repo]//test/foo:bar label identifying a set of test to run" echo "\"$1\" does not match this pattern" exit 1 fi SCRIPT_DIR="$(realpath "$(dirname "$0")")" [[ -z "${BAZEL}" ]] && BAZEL=bazel [[ -z "${DOCKER}" ]] && DOCKER=docker if [[ -z "${RUN_REMOTE}" ]]; then LOCAL_MOUNT="${LOCAL_MOUNT:-yes}" RUN_REMOTE=no else LOCAL_MOUNT="${LOCAL_MOUNT:-no}" RUN_REMOTE=yes fi # Pass through the docker environment DOCKER_ENV=$(mktemp -t docker_env.XXXXXX) function cleanup() { rm -f "${DOCKER_ENV}" } trap cleanup EXIT cat > "${DOCKER_ENV}" < */ #include #include #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "common/api/api_impl.h" #include "common/common/assert.h" #include "common/event/real_time_system.h" #include "common/protobuf/message_validator_impl.h" #include "common/protobuf/utility.h" #include "common/stats/isolated_store_impl.h" #include "exe/platform_impl.h" // NOLINT(namespace-envoy) int main(int argc, char** argv) { if (argc != 3) { std::cerr << "Usage: " << argv[0] << " " << std::endl; return EXIT_FAILURE; } Envoy::PlatformImpl platform_impl_; Envoy::Stats::IsolatedStoreImpl stats_store; Envoy::Event::RealTimeSystem time_system; // NO_CHECK_FORMAT(real_time) Envoy::Api::Impl api(platform_impl_.threadFactory(), stats_store, time_system, platform_impl_.fileSystem()); envoy::config::bootstrap::v2::Bootstrap bootstrap; Envoy::MessageUtil::loadFromFile(argv[1], bootstrap, Envoy::ProtobufMessage::getStrictValidationVisitor(), api); std::ofstream bootstrap_file(argv[2]); bootstrap_file << bootstrap.DebugString(); return EXIT_SUCCESS; } ================================================ FILE: tools/build_profile.py ================================================ #!/usr/bin/env python # This tool take the foo.dep.log output from a build recipe run under recipe_wrapper.sh on stdin and # produces a profile of command execution time on the stdout. from __future__ import print_function import re import sys def PrintProfile(f): prev_cmd = None prev_timestamp = None for line in f: sr = re.match('\++ (\d+\.\d+) (.*)', line) if sr: timestamp, cmd = sr.groups() if prev_cmd: print('%.2f %s' % (float(timestamp) - float(prev_timestamp), prev_cmd)) prev_timestamp, prev_cmd = timestamp, cmd if __name__ == '__main__': PrintProfile(sys.stdin) ================================================ FILE: tools/check_repositories.sh ================================================ #!/bin/bash set -eu # Check whether any git repositories are defined. # Git repository definition contains `commit` and `remote` fields. if git grep -n "commit =\|remote =" -- '*.bzl'; then echo "Using git repositories is not allowed." echo "To ensure that all dependencies can be stored offline in distdir, only HTTP repositories are allowed." exit 1 fi # Check whether number of defined `url =` or `urls =` and `sha256 =` kwargs in # repository definitions is equal. urls_count=$(git grep -E "\/bin/llvm-config ``` Assuming that `CC` and `CXX` already point at Clang, you should be able to build with: ```console bazel build @envoy_dev//clang_tools/syntax_only ``` To run `libtooling` based tools against Envoy, you will need to first generate a compilation database, which tells the tool how to take a source file and locate its various dependencies. The `tools/gen_compilation_database.py` script generates this and also does setup of the Bazel cache paths to allow external dependencies to be located: ```console tools/gen_compilation_database.py --include_headers ``` Finally, the tool can be run against source files in the Envoy tree: ```console bazel-bin/external/envoy_dev/clang_tools/syntax_only/syntax_only \ source/common/common/logger.cc ``` ## Adding a new Envoy libtooling based tool Follow the example at `tools/clang_tools/syntax_only`, based on the tutorial example at https://clang.llvm.org/docs/LibTooling.html. Please use the `envoy_clang_tools_cc_binary` Bazel macro for the tool, this disables use of RTTI/exceptions and allows developer tools to be structurally excluded from the build as needed. ================================================ FILE: tools/clang_tools/api_booster/BUILD ================================================ load( "//clang_tools/support:clang_tools.bzl", "clang_tools_cc_binary", "clang_tools_cc_library", "clang_tools_cc_test", ) licenses(["notice"]) # Apache 2 clang_tools_cc_binary( name = "api_booster", srcs = ["main.cc"], deps = [ ":proto_cxx_utils_lib", "@clang_tools//:clang_astmatchers", "@clang_tools//:clang_basic", "@clang_tools//:clang_tooling", "@envoy//tools/type_whisperer:api_type_db_lib", ], ) clang_tools_cc_library( name = "proto_cxx_utils_lib", srcs = ["proto_cxx_utils.cc"], hdrs = ["proto_cxx_utils.h"], deps = [ "@com_google_absl//absl/container:node_hash_map", "@com_google_absl//absl/strings", "@com_google_absl//absl/types:optional", ], ) clang_tools_cc_test( name = "proto_cxx_utils_test", srcs = ["proto_cxx_utils_test.cc"], deps = [":proto_cxx_utils_lib"], ) ================================================ FILE: tools/clang_tools/api_booster/main.cc ================================================ // Upgrade a single Envoy C++ file to the latest API version. // // Currently this tool is a WIP and only does inference of .pb[.validate].h // #include locations. This already exercises some of the muscles we need, such // as AST matching, rudimentary type inference and API type database lookup. // // NOLINT(namespace-envoy) #include #include #include #include // Declares clang::SyntaxOnlyAction. #include "clang/ASTMatchers/ASTMatchers.h" #include "clang/ASTMatchers/ASTMatchFinder.h" #include "clang/Frontend/FrontendActions.h" #include "clang/Tooling/CommonOptionsParser.h" #include "clang/Tooling/Core/Replacement.h" #include "clang/Tooling/Refactoring.h" #include "clang/Tooling/ReplacementsYaml.h" // Declares llvm::cl::extrahelp. #include "llvm/Support/CommandLine.h" #include "proto_cxx_utils.h" #include "tools/type_whisperer/api_type_db.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" // Enable to see debug log messages. #ifdef ENABLE_DEBUG_LOG #define DEBUG_LOG(s) \ do { \ std::cerr << (s) << std::endl; \ } while (0) #else #define DEBUG_LOG(s) #endif using namespace Envoy::Tools::TypeWhisperer; namespace ApiBooster { class ApiBooster : public clang::ast_matchers::MatchFinder::MatchCallback, public clang::tooling::SourceFileCallbacks { public: ApiBooster(std::map& replacements) : replacements_(replacements) {} // AST match callback dispatcher. void run(const clang::ast_matchers::MatchFinder::MatchResult& match_result) override { clang::SourceManager& source_manager = match_result.Context->getSourceManager(); DEBUG_LOG("AST match callback dispatcher"); for (const auto it : match_result.Nodes.getMap()) { const std::string match_text = getSourceText(it.second.getSourceRange(), source_manager); const clang::SourceRange spelling_range = getSpellingRange(it.second.getSourceRange(), source_manager); const std::string spelling_text = getSourceText(spelling_range, source_manager); DEBUG_LOG(absl::StrCat(" Result for ", it.first, " [", truncateForDebug(match_text), "]")); if (match_text != spelling_text) { DEBUG_LOG(absl::StrCat(" with spelling text [", truncateForDebug(spelling_text), "]")); } } if (const auto* type_loc = match_result.Nodes.getNodeAs("type")) { onTypeLocMatch(*type_loc, source_manager); return; } if (const auto* using_decl = match_result.Nodes.getNodeAs("using_decl")) { onUsingDeclMatch(*using_decl, source_manager); return; } if (const auto* decl_ref_expr = match_result.Nodes.getNodeAs("decl_ref_expr")) { onDeclRefExprMatch(*decl_ref_expr, *match_result.Context, source_manager); return; } if (const auto* call_expr = match_result.Nodes.getNodeAs("call_expr")) { onCallExprMatch(*call_expr, *match_result.Context, source_manager); return; } if (const auto* member_call_expr = match_result.Nodes.getNodeAs("member_call_expr")) { onMemberCallExprMatch(*member_call_expr, source_manager); return; } if (const auto* tmpl = match_result.Nodes.getNodeAs("tmpl")) { onClassTemplateSpecializationDeclMatch(*tmpl, source_manager); return; } } // Visitor callback for start of a compilation unit. bool handleBeginSource(clang::CompilerInstance& CI) override { source_api_proto_paths_.clear(); return true; } // Visitor callback for end of a compilation unit. void handleEndSource() override { // Dump known API header paths to stdout for api_boost.py to rewrite with // (no rewriting support in this tool yet). for (const std::string& proto_path : source_api_proto_paths_) { std::cout << proto_path << std::endl; } } private: static bool isEnvoyNamespace(absl::string_view s) { return absl::StartsWith(s, "envoy::") || absl::StartsWith(s, "::envoy::"); } static std::string truncateForDebug(const std::string& text) { const uint32_t MaxExpansionChars = 250; return text.size() > MaxExpansionChars ? text.substr(0, MaxExpansionChars) + "..." : text; } // Match callback for TypeLoc. These are explicit mentions of the type in the // source. If we have a match on type, we should track the corresponding .pb.h // and attempt to upgrade. void onTypeLocMatch(const clang::TypeLoc& type_loc, const clang::SourceManager& source_manager) { absl::optional source_range; const std::string type_name = type_loc.getType().getCanonicalType().getUnqualifiedType().getAsString(); // Remove qualifiers, e.g. const. const clang::UnqualTypeLoc unqual_type_loc = type_loc.getUnqualifiedLoc(); DEBUG_LOG(absl::StrCat("Type class ", type_loc.getType()->getTypeClassName())); // Today we are only smart enough to rewrite ElaborateTypeLoc, which are // full namespace prefixed types. We probably will need to support more, in // particular if we want message-level type renaming. TODO(htuch): add more // supported AST TypeLoc classes as needed. if (unqual_type_loc.getTypeLocClass() == clang::TypeLoc::Elaborated && isEnvoyNamespace(getSourceText( getSpellingRange(unqual_type_loc.getSourceRange(), source_manager), source_manager))) { source_range = absl::make_optional(unqual_type_loc.getSourceRange()); tryBoostType(type_name, source_range, source_manager, type_loc.getType()->getTypeClassName(), false); } else { // If we're not going to rewrite, we still deliver SourceLocation to // tryBoostType to assist with determination of API_NO_BOOST(). tryBoostType(type_name, unqual_type_loc.getBeginLoc(), -1, source_manager, type_loc.getType()->getTypeClassName(), false); } } // Match callback for clang::UsingDecl. These are 'using' aliases for API type // names. void onUsingDeclMatch(const clang::UsingDecl& using_decl, const clang::SourceManager& source_manager) { // Not all using declaration are types, but we try the rewrite in case there // is such an API type database match. const clang::SourceRange source_range = clang::SourceRange( using_decl.getQualifierLoc().getBeginLoc(), using_decl.getNameInfo().getEndLoc()); const std::string type_name = getSourceText(source_range, source_manager); tryBoostType(type_name, source_range, source_manager, "UsingDecl", true); } // Match callback for clang::DeclRefExpr. These occur when enums constants, // e.g. foo::bar::kBaz, appear in the source. void onDeclRefExprMatch(const clang::DeclRefExpr& decl_ref_expr, const clang::ASTContext& context, const clang::SourceManager& source_manager) { // We don't need to consider non-namespace qualified DeclRefExprfor now (no // renaming support yet). if (!decl_ref_expr.hasQualifier()) { return; } const std::string decl_name = decl_ref_expr.getNameInfo().getAsString(); // There are generated methods to stringify/parse/validate enum values, // these need special treatment as they look like types with special // suffices. for (const std::string& enum_generated_method_suffix : {"_Name", "_Parse", "_IsValid"}) { if (absl::EndsWith(decl_name, enum_generated_method_suffix)) { // Remove trailing suffix from reference for replacement range and type // name purposes. const clang::SourceLocation begin_loc = source_manager.getSpellingLoc(decl_ref_expr.getBeginLoc()); const std::string type_name_with_suffix = getSourceText(decl_ref_expr.getSourceRange(), source_manager); const std::string type_name = type_name_with_suffix.substr( 0, type_name_with_suffix.size() - enum_generated_method_suffix.size()); tryBoostType(type_name, begin_loc, type_name.size(), source_manager, "DeclRefExpr suffixed " + enum_generated_method_suffix, false); return; } } // Remove trailing : from namespace qualifier. const clang::SourceRange source_range = clang::SourceRange(decl_ref_expr.getQualifierLoc().getBeginLoc(), decl_ref_expr.getQualifierLoc().getEndLoc().getLocWithOffset(-1)); // Only try to boost type if it's explicitly an Envoy qualified type. const std::string source_type_name = getSourceText(source_range, source_manager); const clang::QualType ast_type = decl_ref_expr.getDecl()->getType().getCanonicalType().getUnqualifiedType(); const std::string ast_type_name = ast_type.getAsString(); if (isEnvoyNamespace(source_type_name)) { // Generally we pull the type from the named entity's declaration type, // since this allows us to map from things like envoy::type::HTTP2 to the // underlying fully qualified envoy::type::CodecClientType::HTTP2 prior to // API type database lookup. However, for the generated static methods or // field accessors, we don't want to deal with lookup via the function // type, so we use the source text directly. const std::string type_name = ast_type.isPODType(context) ? ast_type_name : source_type_name; tryBoostType(type_name, source_range, source_manager, "DeclRefExpr", true); } const auto latest_type_info = getTypeInformationFromCType(ast_type_name, true); // In some cases we need to upgrade the name the DeclRefExpr points at. If // this isn't a known API type, our work here is done. if (!latest_type_info) { return; } const clang::SourceRange decl_source_range = decl_ref_expr.getNameInfo().getSourceRange(); // Deprecated enum constants need to be upgraded. if (latest_type_info->enum_type_) { const auto enum_value_rename = ProtoCxxUtils::renameEnumValue(decl_name, latest_type_info->renames_); if (enum_value_rename) { const clang::SourceRange decl_source_range = decl_ref_expr.getNameInfo().getSourceRange(); const clang::tooling::Replacement enum_value_replacement( source_manager, source_manager.getSpellingLoc(decl_source_range.getBegin()), sourceRangeLength(decl_source_range, source_manager), *enum_value_rename); insertReplacement(enum_value_replacement); } return; } // We need to map from envoy::type::matcher::StringMatcher::kRegex to // envoy::type::matcher::v3::StringMatcher::kHiddenEnvoyDeprecatedRegex. const auto constant_rename = ProtoCxxUtils::renameConstant(decl_name, latest_type_info->renames_); if (constant_rename) { const clang::tooling::Replacement constant_replacement( source_manager, decl_source_range.getBegin(), sourceRangeLength(decl_source_range, source_manager), *constant_rename); insertReplacement(constant_replacement); } } // Match callback clang::CallExpr. We don't need to rewrite, but if it's something like // loadFromYamlAndValidate, we might need to look at the argument type to // figure out any corresponding .pb.validate.h we require. void onCallExprMatch(const clang::CallExpr& call_expr, const clang::ASTContext& context, const clang::SourceManager& source_manager) { auto* direct_callee = call_expr.getDirectCallee(); if (direct_callee != nullptr) { const absl::node_hash_map ValidateNameToArg = { {"loadFromYamlAndValidate", 1}, {"loadFromFileAndValidate", 1}, {"downcastAndValidate", -1}, {"validate", 0}, }; const std::string& callee_name = direct_callee->getNameInfo().getName().getAsString(); DEBUG_LOG(absl::StrCat("callee_name ", callee_name)); const auto arg = ValidateNameToArg.find(callee_name); // Sometimes we hit false positives because we aren't qualifying above. // TODO(htuch): fix this. if (arg != ValidateNameToArg.end() && arg->second < static_cast(call_expr.getNumArgs())) { const std::string type_name = arg->second >= 0 ? call_expr.getArg(arg->second) ->getType() .getCanonicalType() .getUnqualifiedType() .getAsString() : call_expr.getCallReturnType(context) .getNonReferenceType() .getCanonicalType() .getUnqualifiedType() .getAsString(); DEBUG_LOG(absl::StrCat("Validation header boosting ", type_name)); tryBoostType(type_name, {}, source_manager, "validation invocation", true, true); } } } // Match callback for clang::CxxMemberCallExpr. We rewrite things like // ->mutable_foo() to ->mutable_foo_new_name() during renames. void onMemberCallExprMatch(const clang::CXXMemberCallExpr& member_call_expr, const clang::SourceManager& source_manager) { const std::string type_name = member_call_expr.getObjectType().getCanonicalType().getUnqualifiedType().getAsString(); const auto latest_type_info = getTypeInformationFromCType(type_name, true); // If this isn't a known API type, our work here is done. if (!latest_type_info) { return; } // Figure out if the referenced object was declared under API_NO_BOOST. This // only works for simple cases, best effort. const auto* object_expr = member_call_expr.getImplicitObjectArgument(); if (object_expr != nullptr) { const auto* decl = object_expr->getReferencedDeclOfCallee(); if (decl != nullptr && getSourceText(decl->getSourceRange(), source_manager).find("API_NO_BOOST") != std::string::npos) { DEBUG_LOG("Skipping method replacement due to API_NO_BOOST"); return; } } tryRenameMethod(*latest_type_info, member_call_expr.getExprLoc(), source_manager); } bool tryRenameMethod(const TypeInformation& type_info, clang::SourceLocation method_loc, const clang::SourceManager& source_manager) { const clang::SourceRange source_range = {source_manager.getSpellingLoc(method_loc), source_manager.getSpellingLoc(method_loc)}; const std::string method_name = getSourceText(source_range, source_manager); DEBUG_LOG(absl::StrCat("Checking for rename of ", method_name)); const auto method_rename = ProtoCxxUtils::renameMethod(method_name, type_info.renames_); if (method_rename) { const clang::tooling::Replacement method_replacement( source_manager, source_range.getBegin(), sourceRangeLength(source_range, source_manager), *method_rename); insertReplacement(method_replacement); return true; } return false; } // Match callback for clang::ClassTemplateSpecializationDecl. An additional // place we need to look for .pb.validate.h reference is instantiation of // FactoryBase. void onClassTemplateSpecializationDeclMatch(const clang::ClassTemplateSpecializationDecl& tmpl, const clang::SourceManager& source_manager) { const std::string tmpl_type_name = tmpl.getSpecializedTemplate() ->getInjectedClassNameSpecialization() .getCanonicalType() .getAsString(); if (absl::EndsWith(tmpl_type_name, "FactoryBase")) { const std::string type_name = tmpl.getTemplateArgs() .get(0) .getAsType() .getCanonicalType() .getUnqualifiedType() .getAsString(); tryBoostType(type_name, {}, source_manager, "FactoryBase template", true, true); } if (tmpl_type_name == "FactoryBase") { const std::string type_name_0 = tmpl.getTemplateArgs() .get(0) .getAsType() .getCanonicalType() .getUnqualifiedType() .getAsString(); tryBoostType(type_name_0, {}, source_manager, "FactoryBase template", true, true); const std::string type_name_1 = tmpl.getTemplateArgs() .get(1) .getAsType() .getCanonicalType() .getUnqualifiedType() .getAsString(); tryBoostType(type_name_1, {}, source_manager, "FactoryBase template", true, true); } } // Attempt to boost a given type and rewrite the given source range. void tryBoostType(const std::string& type_name, absl::optional source_range, const clang::SourceManager& source_manager, absl::string_view debug_description, bool requires_enum_truncation, bool validation_required = false) { if (source_range) { tryBoostType(type_name, source_range->getBegin(), sourceRangeLength(*source_range, source_manager), source_manager, debug_description, requires_enum_truncation, validation_required); } else { tryBoostType(type_name, {}, -1, source_manager, debug_description, requires_enum_truncation, validation_required); } } bool underApiNoBoost(clang::SourceLocation loc, const clang::SourceManager& source_manager) { if (loc.isMacroID()) { const auto macro_name = clang::Lexer::getImmediateMacroName(loc, source_manager, lexer_lopt_); if (macro_name.str() == "API_NO_BOOST") { return true; } } return false; } void tryBoostType(const std::string& type_name, clang::SourceLocation begin_loc, int length, const clang::SourceManager& source_manager, absl::string_view debug_description, bool requires_enum_truncation, bool validation_required = false) { bool is_skip_macro = false; if (underApiNoBoost(begin_loc, source_manager)) { DEBUG_LOG("Skipping replacement due to API_NO_BOOST"); is_skip_macro = true; } const auto type_info = getTypeInformationFromCType(type_name, !is_skip_macro); // If this isn't a known API type, our work here is done. if (!type_info) { return; } DEBUG_LOG(absl::StrCat("Matched type '", type_name, "' (", debug_description, ") length ", length, " at ", begin_loc.printToString(source_manager))); // Track corresponding imports. source_api_proto_paths_.insert(adjustProtoSuffix(type_info->proto_path_, ".pb.h")); if (validation_required) { source_api_proto_paths_.insert(adjustProtoSuffix(type_info->proto_path_, ".pb.validate.h")); } // Not all AST matchers know how to do replacements (yet?). if (length == -1 || is_skip_macro) { return; } const clang::SourceLocation spelling_begin = source_manager.getSpellingLoc(begin_loc); // We need to look at the text we're replacing to decide whether we should // use the qualified C++'ified proto name. const bool qualified = getSourceText(spelling_begin, length, source_manager).find("::") != std::string::npos; std::string case_residual; if (absl::EndsWith(type_name, "Case")) { case_residual = type_name.substr(type_name.rfind(':') - 1); } // Add corresponding replacement. const clang::tooling::Replacement type_replacement( source_manager, source_manager.getSpellingLoc(begin_loc), length, ProtoCxxUtils::protoToCxxType(type_info->type_name_, qualified, type_info->enum_type_ && requires_enum_truncation) + case_residual); insertReplacement(type_replacement); } void insertReplacement(const clang::tooling::Replacement& replacement) { llvm::Error error = replacements_[replacement.getFilePath()].add(replacement); if (error) { std::cerr << " Replacement insertion error: " << llvm::toString(std::move(error)) << std::endl; } else { std::cerr << " Replacement added: " << replacement.toString() << std::endl; } } // Modeled after getRangeSize() in Clang's Replacements.cpp. Turns out it's // non-trivial to get the actual length of a SourceRange, as the end location // point to the start of the last token. int sourceRangeLength(clang::SourceRange source_range, const clang::SourceManager& source_manager) { const clang::SourceLocation spelling_begin = source_manager.getSpellingLoc(source_range.getBegin()); const clang::SourceLocation spelling_end = source_manager.getSpellingLoc(source_range.getEnd()); std::pair start = source_manager.getDecomposedLoc(spelling_begin); std::pair end = source_manager.getDecomposedLoc(spelling_end); if (start.first != end.first) { return -1; } end.second += clang::Lexer::MeasureTokenLength(spelling_end, source_manager, lexer_lopt_); return end.second - start.second; } std::string getSourceText(clang::SourceLocation begin_loc, int size, const clang::SourceManager& source_manager) { return clang::Lexer::getSourceText( {clang::SourceRange(begin_loc, begin_loc.getLocWithOffset(size)), false}, source_manager, lexer_lopt_, 0); } std::string getSourceText(clang::SourceRange source_range, const clang::SourceManager& source_manager) { return clang::Lexer::getSourceText(clang::CharSourceRange::getTokenRange(source_range), source_manager, lexer_lopt_, 0); } void addNamedspaceQualifiedTypeReplacement() {} // Remove .proto from a path, apply specified suffix instead. std::string adjustProtoSuffix(absl::string_view proto_path, absl::string_view suffix) { return absl::StrCat(proto_path.substr(0, proto_path.size() - 6), suffix); } // Obtain the latest type information for a given from C++ type, e.g. envoy:config::v2::Cluster, // from the API type database. absl::optional getTypeInformationFromCType(const std::string& c_type_name, bool latest) { // Ignore compound or non-API types. // TODO(htuch): this is all super hacky and not really right, we should be // removing qualifiers etc. to get to the underlying type name. const std::string type_name = std::regex_replace(c_type_name, std::regex("^(class|enum) "), ""); if (!isEnvoyNamespace(type_name) || absl::StrContains(type_name, " ")) { return {}; } const std::string proto_type_name = ProtoCxxUtils::cxxToProtoType(type_name); // Use API type database to map from proto type to path. auto result = latest ? ApiTypeDb::getLatestTypeInformation(proto_type_name) : ApiTypeDb::getExistingTypeInformation(proto_type_name); if (result) { // Remove the .proto extension. return result; } else if (!absl::StartsWith(proto_type_name, "envoy.HotRestart") && !absl::StartsWith(proto_type_name, "envoy.RouterCheckToolSchema") && !absl::StartsWith(proto_type_name, "envoy.annotations") && !absl::StartsWith(proto_type_name, "envoy.test") && !absl::StartsWith(proto_type_name, "envoy.tracers.xray.daemon")) { // Die hard if we don't have a useful proto type for something that looks // like an API type(modulo a short allowlist). std::cerr << "Unknown API type: " << proto_type_name << std::endl; // TODO(htuch): maybe there is a nicer way to terminate AST traversal? ::exit(1); } return {}; } static clang::SourceRange getSpellingRange(clang::SourceRange source_range, const clang::SourceManager& source_manager) { return {source_manager.getSpellingLoc(source_range.getBegin()), source_manager.getSpellingLoc(source_range.getEnd())}; } // Set of inferred .pb[.validate].h, updated as the AST matcher callbacks above fire. std::set source_api_proto_paths_; // Map from source file to replacements. std::map& replacements_; // Language options for interacting with Lexer. Currently empty. clang::LangOptions lexer_lopt_; }; // namespace ApiBooster } // namespace ApiBooster int main(int argc, const char** argv) { // Apply a custom category to all command-line options so that they are the // only ones displayed. llvm::cl::OptionCategory api_booster_tool_category("api-booster options"); clang::tooling::CommonOptionsParser options_parser(argc, argv, api_booster_tool_category); clang::tooling::RefactoringTool tool(options_parser.getCompilations(), options_parser.getSourcePathList()); ApiBooster::ApiBooster api_booster(tool.getReplacements()); clang::ast_matchers::MatchFinder finder; // Match on all mentions of types in the AST. auto type_matcher = clang::ast_matchers::typeLoc(clang::ast_matchers::isExpansionInMainFile()).bind("type"); finder.addMatcher(type_matcher, &api_booster); // Match on all "using" declarations. auto using_decl_matcher = clang::ast_matchers::usingDecl(clang::ast_matchers::isExpansionInMainFile()) .bind("using_decl"); finder.addMatcher(using_decl_matcher, &api_booster); // Match on references to enum constants. auto decl_ref_expr_matcher = clang::ast_matchers::declRefExpr(clang::ast_matchers::isExpansionInMainFile()) .bind("decl_ref_expr"); finder.addMatcher(decl_ref_expr_matcher, &api_booster); // Match on all call expressions. We are interested in particular in calls // where validation on protos is performed. auto call_matcher = clang::ast_matchers::callExpr(clang::ast_matchers::isExpansionInMainFile()).bind("call_expr"); finder.addMatcher(call_matcher, &api_booster); // Match on all .foo() or ->foo() expressions. We are interested in these for renames // and deprecations. auto member_call_expr = clang::ast_matchers::cxxMemberCallExpr(clang::ast_matchers::isExpansionInMainFile()) .bind("member_call_expr"); finder.addMatcher(member_call_expr, &api_booster); // Match on all template instantiations. We are interested in particular in // instantiations of factories where validation on protos is performed. auto tmpl_matcher = clang::ast_matchers::classTemplateSpecializationDecl( clang::ast_matchers::matchesName(".*FactoryBase.*")) .bind("tmpl"); finder.addMatcher(tmpl_matcher, &api_booster); // Apply ApiBooster to AST matches. This will generate a set of replacements in // tool.getReplacements(). const int run_result = tool.run(newFrontendActionFactory(&finder, &api_booster).get()); if (run_result != 0) { std::cerr << "Exiting with non-zero result " << run_result << std::endl; return run_result; } // Serialize replacements to
    .clang-replacements.yaml. // These are suitable for consuming by clang-apply-replacements. for (const auto& file_replacement : tool.getReplacements()) { // Populate TranslationUnitReplacements from file replacements (this is what // there exists llvm::yaml serialization support for). clang::tooling::TranslationUnitReplacements tu_replacements; tu_replacements.MainSourceFile = file_replacement.first; for (const auto& r : file_replacement.second) { tu_replacements.Replacements.push_back(r); DEBUG_LOG(r.toString()); } // Serialize TranslationUnitReplacements to YAML. std::string yaml_content; llvm::raw_string_ostream yaml_content_stream(yaml_content); llvm::yaml::Output yaml(yaml_content_stream); yaml << tu_replacements; // Write to
    .clang-replacements.yaml. std::ofstream serialized_replacement_file(tu_replacements.MainSourceFile + ".clang-replacements.yaml"); serialized_replacement_file << yaml_content_stream.str(); } return 0; } ================================================ FILE: tools/clang_tools/api_booster/proto_cxx_utils.cc ================================================ #include "proto_cxx_utils.h" namespace ApiBooster { std::string ProtoCxxUtils::cxxToProtoType(const std::string& cxx_type_name) { // Convert from C++ to a qualified proto type. This is fairly hacky stuff, // we're essentially reversing the conventions that the protobuf C++ // compiler is using, e.g. replacing _ and :: with . as needed, guessing // that a Case suffix implies some enum switching. const std::string rel_cxx_type_name = absl::StartsWith(cxx_type_name, "::") ? cxx_type_name.substr(2) : cxx_type_name; std::vector frags = absl::StrSplit(rel_cxx_type_name, "::"); // TODO(htuch): if we add some more stricter checks on mangled name usage in // check_format.py, we should be able to eliminate this. for (std::string& frag : frags) { if (!frag.empty() && isupper(frag[0])) { frag = std::regex_replace(frag, std::regex("_"), "."); } } if (absl::EndsWith(frags.back(), "Case")) { frags.pop_back(); } return absl::StrJoin(frags, "."); } std::string ProtoCxxUtils::protoToCxxType(const std::string& proto_type_name, bool qualified, bool enum_type) { std::vector frags = absl::StrSplit(proto_type_name, '.'); // We drop the enum type name, it's not needed and confuses the mangling // when enums are nested in messages. if (enum_type) { frags.pop_back(); } if (qualified) { return absl::StrJoin(frags, "::"); } else { return frags.back(); } } absl::optional ProtoCxxUtils::renameMethod(absl::string_view method_name, const absl::node_hash_map renames) { // Simple O(N * M) match, where M is constant (the set of prefixes/suffixes) so // should be fine. for (const auto& field_rename : renames) { const std::vector GeneratedMethodPrefixes = { "clear_", "set_", "has_", "mutable_", "set_allocated_", "release_", "add_", "", }; // Most of the generated methods are some prefix. for (const std::string& prefix : GeneratedMethodPrefixes) { if (method_name == prefix + field_rename.first) { return prefix + field_rename.second; } } // _size is the only suffix. if (method_name == field_rename.first + "_size") { return field_rename.second + "_size"; } } return {}; } absl::optional ProtoCxxUtils::renameConstant(absl::string_view constant_name, const absl::node_hash_map renames) { if (constant_name.size() < 2 || constant_name[0] != 'k' || !isupper(constant_name[1])) { return {}; } std::vector frags; for (const char c : constant_name.substr(1)) { if (isupper(c)) { frags.emplace_back(1, tolower(c)); } else { frags.back().push_back(c); } } const std::string field_name = absl::StrJoin(frags, "_"); const auto it = renames.find(field_name); if (it == renames.cend()) { return {}; } std::vector new_frags = absl::StrSplit(it->second, '_'); for (auto& frag_it : new_frags) { if (!frag_it.empty()) { frag_it[0] = toupper(frag_it[0]); } } return "k" + absl::StrJoin(new_frags, ""); } absl::optional ProtoCxxUtils::renameEnumValue(absl::string_view enum_value_name, const absl::node_hash_map renames) { const auto it = renames.find(std::string(enum_value_name)); if (it == renames.cend()) { return {}; } return it->second; } } // namespace ApiBooster ================================================ FILE: tools/clang_tools/api_booster/proto_cxx_utils.h ================================================ #pragma once #include #include "absl/container/node_hash_map.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "absl/types/optional.h" namespace ApiBooster { // Protobuf C++ code generation hackery. This is where the utilities that map // between C++ and protobuf types, enum constants and identifiers live. Most of // this is heuristic and needs to match whatever the protobuf compiler does. // TODO(htuch): investigate what can be done to make use of embedded proto // descriptors in generated stubs to make these utils more robust. class ProtoCxxUtils { public: // Convert from a C++ type, e.g. foo::bar::v2, to a protobuf type, e.g. // foo.bar.v2. static std::string cxxToProtoType(const std::string& cxx_type_name); // Given a method, e.g. mutable_foo, rele, and a map of renames in a give proto, // determine if the method is covered by a generated C++ stub for a renamed // field in proto, and if so, return the new method name. static absl::optional renameMethod(absl::string_view method_name, const absl::node_hash_map renames); // Given a constant, e.g. kFooBar, determine if it needs upgrading. We need // this for synthesized oneof cases. static absl::optional renameConstant(absl::string_view constant_name, const absl::node_hash_map renames); // Given an enum value, e.g. FOO_BAR determine if it needs upgrading. static absl::optional renameEnumValue(absl::string_view enum_value_name, const absl::node_hash_map renames); // Convert from a protobuf type, e.g. foo.bar.v2, to a C++ type, e.g. // foo::bar::v2. static std::string protoToCxxType(const std::string& proto_type_name, bool qualified, bool enum_type); }; } // namespace ApiBooster ================================================ FILE: tools/clang_tools/api_booster/proto_cxx_utils_test.cc ================================================ #include "gtest/gtest.h" #include "proto_cxx_utils.h" namespace ApiBooster { namespace { // Validate C++ to proto type name conversion. TEST(ProtoCxxUtils, CxxToProtoType) { EXPECT_EQ("", ProtoCxxUtils::cxxToProtoType("")); EXPECT_EQ("foo", ProtoCxxUtils::cxxToProtoType("foo")); EXPECT_EQ("foo.bar", ProtoCxxUtils::cxxToProtoType("foo::bar")); EXPECT_EQ("foo.bar", ProtoCxxUtils::cxxToProtoType("foo::bar::FooCase")); EXPECT_EQ("foo.bar.Baz.Blah", ProtoCxxUtils::cxxToProtoType("foo::bar::Baz_Blah")); } // Validate proto to C++ type name conversion. TEST(ProtoCxxUtils, ProtoToCxxType) { EXPECT_EQ("", ProtoCxxUtils::protoToCxxType("", false, false)); EXPECT_EQ("", ProtoCxxUtils::protoToCxxType("", true, false)); EXPECT_EQ("foo", ProtoCxxUtils::protoToCxxType("foo", false, false)); EXPECT_EQ("foo", ProtoCxxUtils::protoToCxxType("foo", true, false)); EXPECT_EQ("bar", ProtoCxxUtils::protoToCxxType("foo.bar", false, false)); EXPECT_EQ("foo::bar", ProtoCxxUtils::protoToCxxType("foo.bar", true, false)); EXPECT_EQ("foo::Bar", ProtoCxxUtils::protoToCxxType("foo.Bar", true, false)); EXPECT_EQ("foo", ProtoCxxUtils::protoToCxxType("foo.Bar", true, true)); EXPECT_EQ("foo::Bar::Baz", ProtoCxxUtils::protoToCxxType("foo.Bar.Baz", true, false)); EXPECT_EQ("foo::Bar::Baz::Blah", ProtoCxxUtils::protoToCxxType("foo.Bar.Baz.Blah", true, false)); EXPECT_EQ("foo::Bar::Baz", ProtoCxxUtils::protoToCxxType("foo.Bar.Baz.Blah", true, true)); } // Validate proto field accessor upgrades. TEST(ProtoCxxUtils, RenameMethod) { const absl::node_hash_map renames = { {"foo", "bar"}, {"bar", "baz"}, }; EXPECT_EQ(absl::nullopt, ProtoCxxUtils::renameMethod("whatevs", renames)); EXPECT_EQ("bar", ProtoCxxUtils::renameMethod("foo", renames)); EXPECT_EQ("baz", ProtoCxxUtils::renameMethod("bar", renames)); EXPECT_EQ("clear_bar", ProtoCxxUtils::renameMethod("clear_foo", renames)); EXPECT_EQ("set_bar", ProtoCxxUtils::renameMethod("set_foo", renames)); EXPECT_EQ("has_bar", ProtoCxxUtils::renameMethod("has_foo", renames)); EXPECT_EQ("mutable_bar", ProtoCxxUtils::renameMethod("mutable_foo", renames)); EXPECT_EQ("set_allocated_bar", ProtoCxxUtils::renameMethod("set_allocated_foo", renames)); EXPECT_EQ("release_bar", ProtoCxxUtils::renameMethod("release_foo", renames)); EXPECT_EQ("add_bar", ProtoCxxUtils::renameMethod("add_foo", renames)); EXPECT_EQ("bar_size", ProtoCxxUtils::renameMethod("foo_size", renames)); } // Validate proto constant upgrades. TEST(ProtoCxxUtils, RenameConstant) { const absl::node_hash_map renames = { {"foo_bar", "bar_foo"}, {"foo_baz", "baz"}, }; EXPECT_EQ(absl::nullopt, ProtoCxxUtils::renameConstant("whatevs", renames)); EXPECT_EQ("kBarFoo", ProtoCxxUtils::renameConstant("kFooBar", renames)); EXPECT_EQ("kBaz", ProtoCxxUtils::renameConstant("kFooBaz", renames)); } // Validate proto enum value upgrades. TEST(ProtoCxxUtils, RenameEnumValue) { const absl::node_hash_map renames = { {"FOO_BAR", "BAR_FOO"}, }; EXPECT_EQ(absl::nullopt, ProtoCxxUtils::renameEnumValue("FOO_BAZ", renames)); EXPECT_EQ("BAR_FOO", ProtoCxxUtils::renameEnumValue("FOO_BAR", renames)); } } // namespace } // namespace ApiBooster ================================================ FILE: tools/clang_tools/support/BUILD ================================================ licenses(["notice"]) # Apache 2 ================================================ FILE: tools/clang_tools/support/BUILD.prebuilt ================================================ # Clang 10.0 library pre-built Bazel. # # This file was mostly manually assembled (with some hacky Python scripts) from # clang+llvm-10.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz and corresponding # https://github.com/llvm/llvm-project.git source. It needs Clang 10.0 to work. # # The BUILD file has sufficient dependency relationships # between the prebuilt libraries in a clang-llvm distribution to support building libtooling # based binaries in the Envoy repository. We're chasing a moving target and as new libraries are # depended upon in new Clang versions, it will be necessary to augment these definitions. # # The key to understanding llvm-project layout is that there are a collection of libraries in # {clang,llvm}/lib. For the clang libraries, the CMakeLists.txt supplies the Clang library deps in # LINK_LIBS inside add_clang_library() and the llvm deps in LLVM_LINK_COMPONENTS. For the llvm # libraries, LLVMBuild.txt provides llvm deps (it does not reference any of the clang libs). # # It's kind of terrible that we need to do this by hand, but llvm-project is CMake canonical, and we # don't want to use rules_foreign_cc to build the libraries from source just to access some # developer libs which will exist on the filesystem of most devs who are using Clang. package(default_visibility = ["//visibility:public"]) # We should use cc_import below, but it doesn't like .def files in Clang. See # https://github.com/bazelbuild/bazel/issues/6767. # cc_library( name = "clang_analysis", srcs = ["lib/libclangAnalysis.a"], hdrs = glob(["clang/Analysis/**"]), deps = [ ":clang_ast", ":clang_astmatchers", ":clang_basic", ":clang_lex", ":llvm_support", ], ) cc_library( name = "clang_basic", srcs = ["lib/libclangBasic.a"], hdrs = glob([ "clang/Basic/**", "clang-c/**", ]), deps = [ ":llvm_core", ":llvm_mc", ":llvm_support", ":llvm_target", ], ) cc_library( name = "clang_ast", srcs = ["lib/libclangAST.a"], hdrs = glob(["clang/AST/**"]), deps = [ ":clang_basic", ":clang_lex", ":llvm_binaryformat", ":llvm_core", ":llvm_support", ], ) cc_library( name = "clang_astmatchers", srcs = ["lib/libclangASTMatchers.a"], hdrs = glob(["clang/ASTMatchers/**"]), deps = [ ":clang_ast", ":clang_basic", ":llvm_support", ], ) cc_library( name = "clang_driver", srcs = ["lib/libclangDriver.a"], hdrs = glob(["clang/Driver/**"]), deps = [ ":clang_basic", ":llvm_binaryformat", ":llvm_option", ":llvm_support", ], ) cc_library( name = "clang_edit", srcs = ["lib/libclangEdit.a"], hdrs = glob(["clang/Edit/**"]), deps = [ ":clang_ast", ":clang_basic", ":clang_lex", ":llvm_support", ], ) cc_library( name = "clang_format", srcs = ["lib/libclangFormat.a"], hdrs = glob(["clang/Format/**"]), deps = [ ":clang_basic", ":clang_lex", ":clang_toolingcore", ":clang_toolinginclusions", ":llvm_support", ], ) cc_library( name = "clang_frontend", srcs = ["lib/libclangFrontend.a"], hdrs = glob(["clang/Frontend/**"]), deps = [ ":clang_ast", ":clang_basic", ":clang_driver", ":clang_edit", ":clang_lex", ":clang_parse", ":clang_sema", ":clang_serialization", ":llvm_bitreader", ":llvm_option", ":llvm_profiledata", ":llvm_support", ], ) cc_library( name = "clang_lex", srcs = ["lib/libclangLex.a"], hdrs = glob(["clang/Lex/**"]), deps = [ ":clang_basic", ":llvm_support", ], ) cc_library( name = "clang_parse", srcs = ["lib/libclangParse.a"], hdrs = glob(["clang/Parse/**"]), deps = [ ":clang_ast", ":clang_basic", ":clang_lex", ":clang_sema", ":llvm_frontend_omp", ":llvm_mc", ":llvm_mcparser", ":llvm_support", ], ) cc_library( name = "clang_rewrite", srcs = ["lib/libclangRewrite.a"], hdrs = glob(["clang/Rewrite/**"]), deps = [ ":clang_basic", ":clang_lex", ":llvm_support", ], ) cc_library( name = "clang_sema", srcs = ["lib/libclangSema.a"], hdrs = glob(["clang/Sema/**"]), deps = [ ":clang_analysis", ":clang_ast", ":clang_basic", ":clang_edit", ":clang_lex", ":llvm_support", ], ) cc_library( name = "clang_serialization", srcs = ["lib/libclangSerialization.a"], hdrs = glob(["clang/Serialization/**"]), deps = [ ":clang_ast", ":clang_basic", ":clang_lex", ":clang_sema", ":llvm_bitreader", ":llvm_bitstreamreader", ":llvm_support", ], ) cc_library( name = "clang_tooling", srcs = ["lib/libclangTooling.a"], hdrs = glob(["clang/Tooling/**"]), deps = [ ":clang_ast", ":clang_astmatchers", ":clang_basic", ":clang_driver", ":clang_format", ":clang_frontend", ":clang_lex", ":clang_rewrite", ":clang_serialization", ":clang_toolingcore", ":llvm_option", ":llvm_support", ], ) cc_library( name = "clang_toolingcore", srcs = ["lib/libclangToolingCore.a"], hdrs = glob(["clang/Tooling/Core/**"]), deps = [ ":clang_ast", ":clang_basic", ":clang_lex", ":clang_rewrite", ":llvm_support", ], ) cc_library( name = "clang_toolinginclusions", srcs = ["lib/libclangToolingInclusions.a"], hdrs = glob(["clang/Tooling/Inclusions/**"]), deps = [ ":clang_basic", ":clang_lex", ":clang_rewrite", ":clang_toolingcore", ":llvm_support", ], ) cc_library( name = "llvm_analysis", srcs = ["lib/libLLVMAnalysis.a"], hdrs = glob(["llvm/Analysis/**"]), deps = [ ":llvm_binaryformat", ":llvm_core", ":llvm_object", ":llvm_profiledata", ":llvm_support", ], ) cc_library( name = "llvm_binaryformat", srcs = ["lib/libLLVMBinaryFormat.a"], hdrs = glob(["llvm/BinaryFormat/**"]), deps = [":llvm_support"], ) cc_library( name = "llvm_bitreader", srcs = ["lib/libLLVMBitReader.a"], hdrs = glob(["llvm/Bitcode/**"]), deps = [ ":llvm_bitstreamreader", ":llvm_core", ":llvm_support", ], ) cc_library( name = "llvm_bitstreamreader", srcs = ["lib/libLLVMBitstreamReader.a"], hdrs = glob(["llvm/Bitstream/**"]), deps = [ ":llvm_support", ], ) cc_library( name = "llvm_core", srcs = ["lib/libLLVMCore.a"], hdrs = glob([ "llvm/ADT/**", "llvm/IR/**", "llvm/*", "llvm-c/**", ]), deps = [ ":llvm_binaryformat", ":llvm_remarks", ":llvm_support", ], ) cc_library( name = "llvm_demangle", srcs = ["lib/libLLVMDemangle.a"], hdrs = glob(["llvm/Demangle/**"]), ) cc_library( name = "llvm_frontend_omp", srcs = ["lib/libLLVMFrontendOpenMP.a"], hdrs = glob(["llvm/Frontend/OpenMP/**"]), ) cc_library( name = "llvm_mc", srcs = ["lib/libLLVMMC.a"], hdrs = glob(["llvm/MC/**"]), deps = [ ":llvm_binaryformat", ":llvm_support", ], ) cc_library( name = "llvm_mcparser", srcs = ["lib/libLLVMMCParser.a"], hdrs = glob(["llvm/MC/MCParser/**"]), deps = [ ":llvm_mc", ":llvm_support", ], ) cc_library( name = "llvm_object", srcs = ["lib/libLLVMObject.a"], hdrs = glob(["llvm/Object/**"]), deps = [ ":llvm_binaryformat", ":llvm_bitreader", ":llvm_core", ":llvm_mc", ":llvm_mcparser", ":llvm_support", ], ) cc_library( name = "llvm_option", srcs = ["lib/libLLVMOption.a"], hdrs = glob(["llvm/Option/**"]), deps = [ ":llvm_support", ], ) cc_library( name = "llvm_profiledata", srcs = ["lib/libLLVMProfileData.a"], hdrs = glob(["llvm/ProfileData/**"]), deps = [ ":llvm_core", ":llvm_support", ], ) cc_library( name = "llvm_remarks", srcs = ["lib/libLLVMRemarks.a"], hdrs = glob(["llvm/Remarks/**"]), deps = [ ":llvm_support", ], ) cc_library( name = "llvm_support", srcs = ["lib/libLLVMSupport.a"], hdrs = glob([ "llvm/Config/**", "llvm/Support/**", ]), linkopts = [ "-lcurses", "-lpthread", ], deps = [ ":llvm_demangle", ], ) cc_library( name = "llvm_target", srcs = ["lib/libLLVMTarget.a"], hdrs = glob(["llvm/Target/**"]), deps = [ ":llvm_analysis", ":llvm_core", ":llvm_mc", ":llvm_support", ], ) ================================================ FILE: tools/clang_tools/support/clang_tools.bzl ================================================ load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test") _clang_tools_copts = [ "-fno-exceptions", "-fno-rtti", ] def clang_tools_cc_binary(name, copts = [], tags = [], deps = [], **kwargs): cc_binary( name = name, copts = copts + _clang_tools_copts, tags = tags + ["manual"], deps = deps + ["@envoy//bazel/foreign_cc:zlib"], **kwargs ) def clang_tools_cc_library(name, copts = [], **kwargs): cc_library( name = name, copts = copts + _clang_tools_copts, **kwargs ) def clang_tools_cc_test(name, copts = [], deps = [], **kwargs): cc_test( name = name, copts = copts + _clang_tools_copts, deps = deps + ["@com_google_googletest//:gtest_main"], **kwargs ) ================================================ FILE: tools/clang_tools/syntax_only/BUILD ================================================ load("//clang_tools/support:clang_tools.bzl", "envoy_clang_tools_cc_binary") licenses(["notice"]) # Apache 2 envoy_clang_tools_cc_binary( name = "syntax_only", srcs = ["main.cc"], deps = [ "@clang_tools//:clang_astmatchers", "@clang_tools//:clang_basic", "@clang_tools//:clang_tooling", ], ) ================================================ FILE: tools/clang_tools/syntax_only/main.cc ================================================ // This is a copy of the Hello World-style syntax check tool described in // https://clang.llvm.org/docs/LibTooling.html. It's purpose is to provide an // example of how to build and run libtooling based Envoy developer tools. // // NOLINT(namespace-envoy) // Declares clang::SyntaxOnlyAction. #include "clang/Frontend/FrontendActions.h" #include "clang/Tooling/CommonOptionsParser.h" #include "clang/Tooling/Tooling.h" // Declares llvm::cl::extrahelp. #include "llvm/Support/CommandLine.h" using namespace clang::tooling; using namespace llvm; int main(int argc, const char** argv) { // Apply a custom category to all command-line options so that they are the // only ones displayed. llvm::cl::OptionCategory MyToolCategory("my-tool options"); // CommonOptionsParser declares HelpMessage with a description of the common // command-line options related to the compilation database and input files. // It's nice to have this help message in all tools. cl::extrahelp CommonHelp(CommonOptionsParser::HelpMessage); // A help message for this specific tool can be added afterwards. cl::extrahelp MoreHelp("\nMore help text...\n"); CommonOptionsParser OptionsParser(argc, argv, MyToolCategory); ClangTool Tool(OptionsParser.getCompilations(), OptionsParser.getSourcePathList()); return Tool.run(newFrontendActionFactory().get()); } ================================================ FILE: tools/code_format/.style.yapf ================================================ # The Google Python styles can be found here: https://github.com/google/styleguide/blob/gh-pages/pyguide.md # TODO: Look into enforcing single vs double quote. [style] based_on_style=Google indent_width=2 column_limit=100 ================================================ FILE: tools/code_format/check_format.py ================================================ #!/usr/bin/env python3 import argparse import common import functools import multiprocessing import os import os.path import pathlib import re import subprocess import stat import sys import traceback import shutil import paths EXCLUDED_PREFIXES = ( "./generated/", "./thirdparty/", "./build", "./.git/", "./bazel-", "./.cache", "./source/extensions/extensions_build_config.bzl", "./bazel/toolchains/configs/", "./tools/testdata/check_format/", "./tools/pyformat/", "./third_party/", "./test/extensions/filters/http/wasm/test_data", "./test/extensions/filters/network/wasm/test_data", "./test/extensions/stats_sinks/wasm/test_data", "./test/extensions/bootstrap/wasm/test_data", "./test/extensions/common/wasm/test_data", "./test/extensions/access_loggers/wasm/test_data", "./source/extensions/common/wasm/ext", "./examples/wasm", ) SUFFIXES = ("BUILD", "WORKSPACE", ".bzl", ".cc", ".h", ".java", ".m", ".md", ".mm", ".proto", ".rst") DOCS_SUFFIX = (".md", ".rst") PROTO_SUFFIX = (".proto") # Files in these paths can make reference to protobuf stuff directly GOOGLE_PROTOBUF_ALLOWLIST = ("ci/prebuilt", "source/common/protobuf", "api/test", "test/extensions/bootstrap/wasm/test_data") REPOSITORIES_BZL = "bazel/repositories.bzl" # Files matching these exact names can reference real-world time. These include the class # definitions for real-world time, the construction of them in main(), and perf annotation. # For now it includes the validation server but that really should be injected too. REAL_TIME_ALLOWLIST = ( "./source/common/common/utility.h", "./source/extensions/common/aws/utility.cc", "./source/common/event/real_time_system.cc", "./source/common/event/real_time_system.h", "./source/exe/main_common.cc", "./source/exe/main_common.h", "./source/server/config_validation/server.cc", "./source/common/common/perf_annotation.h", "./test/common/common/log_macros_test.cc", "./test/common/protobuf/utility_test.cc", "./test/test_common/simulated_time_system.cc", "./test/test_common/simulated_time_system.h", "./test/test_common/test_time.cc", "./test/test_common/test_time.h", "./test/test_common/utility.cc", "./test/test_common/utility.h", "./test/integration/integration.h") # Tests in these paths may make use of the Registry::RegisterFactory constructor or the # REGISTER_FACTORY macro. Other locations should use the InjectFactory helper class to # perform temporary registrations. REGISTER_FACTORY_TEST_ALLOWLIST = ("./test/common/config/registry_test.cc", "./test/integration/clusters/", "./test/integration/filters/") # Files in these paths can use MessageLite::SerializeAsString SERIALIZE_AS_STRING_ALLOWLIST = ( "./source/common/config/version_converter.cc", "./source/common/protobuf/utility.cc", "./source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc", "./test/common/protobuf/utility_test.cc", "./test/common/config/version_converter_test.cc", "./test/common/grpc/codec_test.cc", "./test/common/grpc/codec_fuzz_test.cc", "./test/extensions/filters/http/common/fuzz/uber_filter.h", "./test/extensions/bootstrap/wasm/test_data/speed_cpp.cc", ) # Files in these paths can use Protobuf::util::JsonStringToMessage JSON_STRING_TO_MESSAGE_ALLOWLIST = ("./source/common/protobuf/utility.cc", "./test/extensions/bootstrap/wasm/test_data/speed_cpp.cc") # Histogram names which are allowed to be suffixed with the unit symbol, all of the pre-existing # ones were grandfathered as part of PR #8484 for backwards compatibility. HISTOGRAM_WITH_SI_SUFFIX_ALLOWLIST = ("downstream_cx_length_ms", "downstream_cx_length_ms", "initialization_time_ms", "loop_duration_us", "poll_delay_us", "request_time_ms", "upstream_cx_connect_ms", "upstream_cx_length_ms") # Files in these paths can use std::regex STD_REGEX_ALLOWLIST = ( "./source/common/common/utility.cc", "./source/common/common/regex.h", "./source/common/common/regex.cc", "./source/common/stats/tag_extractor_impl.h", "./source/common/stats/tag_extractor_impl.cc", "./source/common/formatter/substitution_formatter.cc", "./source/extensions/filters/http/squash/squash_filter.h", "./source/extensions/filters/http/squash/squash_filter.cc", "./source/server/admin/utils.h", "./source/server/admin/utils.cc", "./source/server/admin/stats_handler.h", "./source/server/admin/stats_handler.cc", "./source/server/admin/prometheus_stats.h", "./source/server/admin/prometheus_stats.cc", "./tools/clang_tools/api_booster/main.cc", "./tools/clang_tools/api_booster/proto_cxx_utils.cc", "./source/common/version/version.cc") # Only one C++ file should instantiate grpc_init GRPC_INIT_ALLOWLIST = ("./source/common/grpc/google_grpc_context.cc") # These files should not throw exceptions. Add HTTP/1 when exceptions removed. EXCEPTION_DENYLIST = ("./source/common/http/http2/codec_impl.h", "./source/common/http/http2/codec_impl.cc") CLANG_FORMAT_PATH = os.getenv("CLANG_FORMAT", "clang-format-10") BUILDIFIER_PATH = paths.getBuildifier() BUILDOZER_PATH = paths.getBuildozer() ENVOY_BUILD_FIXER_PATH = os.path.join(os.path.dirname(os.path.abspath(sys.argv[0])), "envoy_build_fixer.py") HEADER_ORDER_PATH = os.path.join(os.path.dirname(os.path.abspath(sys.argv[0])), "header_order.py") SUBDIR_SET = set(common.includeDirOrder()) INCLUDE_ANGLE = "#include <" INCLUDE_ANGLE_LEN = len(INCLUDE_ANGLE) PROTO_PACKAGE_REGEX = re.compile(r"^package (\S+);\n*", re.MULTILINE) X_ENVOY_USED_DIRECTLY_REGEX = re.compile(r'.*\"x-envoy-.*\".*') DESIGNATED_INITIALIZER_REGEX = re.compile(r"\{\s*\.\w+\s*\=") MANGLED_PROTOBUF_NAME_REGEX = re.compile(r"envoy::[a-z0-9_:]+::[A-Z][a-z]\w*_\w*_[A-Z]{2}") HISTOGRAM_SI_SUFFIX_REGEX = re.compile(r"(?<=HISTOGRAM\()[a-zA-Z0-9_]+_(b|kb|mb|ns|us|ms|s)(?=,)") TEST_NAME_STARTING_LOWER_CASE_REGEX = re.compile(r"TEST(_.\(.*,\s|\()[a-z].*\)\s\{") EXTENSIONS_CODEOWNERS_REGEX = re.compile(r'.*(extensions[^@]*\s+)(@.*)') COMMENT_REGEX = re.compile(r"//|\*") DURATION_VALUE_REGEX = re.compile(r'\b[Dd]uration\(([0-9.]+)') PROTO_VALIDATION_STRING = re.compile(r'\bmin_bytes\b') VERSION_HISTORY_NEW_LINE_REGEX = re.compile("\* ([a-z \-_]+): ([a-z:`]+)") VERSION_HISTORY_SECTION_NAME = re.compile("^[A-Z][A-Za-z ]*$") RELOADABLE_FLAG_REGEX = re.compile(".*(.)(envoy.reloadable_features.[^ ]*)\s.*") # Check for punctuation in a terminal ref clause, e.g. # :ref:`panic mode. ` REF_WITH_PUNCTUATION_REGEX = re.compile(".*\. <[^<]*>`\s*") DOT_MULTI_SPACE_REGEX = re.compile("\\. +") # yapf: disable PROTOBUF_TYPE_ERRORS = { # Well-known types should be referenced from the ProtobufWkt namespace. "Protobuf::Any": "ProtobufWkt::Any", "Protobuf::Empty": "ProtobufWkt::Empty", "Protobuf::ListValue": "ProtobufWkt::ListValue", "Protobuf::NULL_VALUE": "ProtobufWkt::NULL_VALUE", "Protobuf::StringValue": "ProtobufWkt::StringValue", "Protobuf::Struct": "ProtobufWkt::Struct", "Protobuf::Value": "ProtobufWkt::Value", # Other common mis-namespacing of protobuf types. "ProtobufWkt::Map": "Protobuf::Map", "ProtobufWkt::MapPair": "Protobuf::MapPair", "ProtobufUtil::MessageDifferencer": "Protobuf::util::MessageDifferencer" } LIBCXX_REPLACEMENTS = { "absl::make_unique<": "std::make_unique<", } UNOWNED_EXTENSIONS = { "extensions/filters/http/ratelimit", "extensions/filters/http/buffer", "extensions/filters/http/rbac", "extensions/filters/http/ip_tagging", "extensions/filters/http/tap", "extensions/filters/http/health_check", "extensions/filters/http/cors", "extensions/filters/http/ext_authz", "extensions/filters/http/dynamo", "extensions/filters/http/lua", "extensions/filters/http/common", "extensions/filters/common", "extensions/filters/common/ratelimit", "extensions/filters/common/rbac", "extensions/filters/common/lua", "extensions/filters/listener/original_dst", "extensions/filters/listener/proxy_protocol", "extensions/stat_sinks/statsd", "extensions/stat_sinks/common", "extensions/stat_sinks/common/statsd", "extensions/health_checkers/redis", "extensions/access_loggers/grpc", "extensions/access_loggers/file", "extensions/common/tap", "extensions/transport_sockets/raw_buffer", "extensions/transport_sockets/tap", "extensions/tracers/zipkin", "extensions/tracers/dynamic_ot", "extensions/tracers/opencensus", "extensions/tracers/lightstep", "extensions/tracers/common", "extensions/tracers/common/ot", "extensions/retry/host/previous_hosts", "extensions/filters/network/ratelimit", "extensions/filters/network/client_ssl_auth", "extensions/filters/network/rbac", "extensions/filters/network/tcp_proxy", "extensions/filters/network/echo", "extensions/filters/network/ext_authz", "extensions/filters/network/redis_proxy", "extensions/filters/network/kafka", "extensions/filters/network/kafka/broker", "extensions/filters/network/kafka/protocol", "extensions/filters/network/kafka/serialization", "extensions/filters/network/mongo_proxy", "extensions/filters/network/common", "extensions/filters/network/common/redis", } # yapf: enable class FormatChecker: def __init__(self, args): self.operation_type = args.operation_type self.target_path = args.target_path self.api_prefix = args.api_prefix self.api_shadow_root = args.api_shadow_prefix self.envoy_build_rule_check = not args.skip_envoy_build_rule_check self.namespace_check = args.namespace_check self.namespace_check_excluded_paths = args.namespace_check_excluded_paths + [ "./tools/api_boost/testdata/", "./tools/clang_tools/", ] self.build_fixer_check_excluded_paths = args.build_fixer_check_excluded_paths + [ "./bazel/external/", "./bazel/toolchains/", "./bazel/BUILD", "./tools/clang_tools", ] self.include_dir_order = args.include_dir_order # Map a line transformation function across each line of a file, # writing the result lines as requested. # If there is a clang format nesting or mismatch error, return the first occurrence def evaluateLines(self, path, line_xform, write=True): error_message = None format_flag = True output_lines = [] for line_number, line in enumerate(self.readLines(path)): if line.find("// clang-format off") != -1: if not format_flag and error_message is None: error_message = "%s:%d: %s" % (path, line_number + 1, "clang-format nested off") format_flag = False if line.find("// clang-format on") != -1: if format_flag and error_message is None: error_message = "%s:%d: %s" % (path, line_number + 1, "clang-format nested on") format_flag = True if format_flag: output_lines.append(line_xform(line, line_number)) else: output_lines.append(line) # We used to use fileinput in the older Python 2.7 script, but this doesn't do # inplace mode and UTF-8 in Python 3, so doing it the manual way. if write: pathlib.Path(path).write_text('\n'.join(output_lines), encoding='utf-8') if not format_flag and error_message is None: error_message = "%s:%d: %s" % (path, line_number + 1, "clang-format remains off") return error_message # Obtain all the lines in a given file. def readLines(self, path): return self.readFile(path).split('\n') # Read a UTF-8 encoded file as a str. def readFile(self, path): return pathlib.Path(path).read_text(encoding='utf-8') # lookPath searches for the given executable in all directories in PATH # environment variable. If it cannot be found, empty string is returned. def lookPath(self, executable): return shutil.which(executable) or '' # pathExists checks whether the given path exists. This function assumes that # the path is absolute and evaluates environment variables. def pathExists(self, executable): return os.path.exists(os.path.expandvars(executable)) # executableByOthers checks whether the given path has execute permission for # others. def executableByOthers(self, executable): st = os.stat(os.path.expandvars(executable)) return bool(st.st_mode & stat.S_IXOTH) # Check whether all needed external tools (clang-format, buildifier, buildozer) are # available. def checkTools(self): error_messages = [] clang_format_abs_path = self.lookPath(CLANG_FORMAT_PATH) if clang_format_abs_path: if not self.executableByOthers(clang_format_abs_path): error_messages.append("command {} exists, but cannot be executed by other " "users".format(CLANG_FORMAT_PATH)) else: error_messages.append( "Command {} not found. If you have clang-format in version 10.x.x " "installed, but the binary name is different or it's not available in " "PATH, please use CLANG_FORMAT environment variable to specify the path. " "Examples:\n" " export CLANG_FORMAT=clang-format-10.0.0\n" " export CLANG_FORMAT=/opt/bin/clang-format-10\n" " export CLANG_FORMAT=/usr/local/opt/llvm@10/bin/clang-format".format( CLANG_FORMAT_PATH)) def checkBazelTool(name, path, var): bazel_tool_abs_path = self.lookPath(path) if bazel_tool_abs_path: if not self.executableByOthers(bazel_tool_abs_path): error_messages.append("command {} exists, but cannot be executed by other " "users".format(path)) elif self.pathExists(path): if not self.executableByOthers(path): error_messages.append("command {} exists, but cannot be executed by other " "users".format(path)) else: error_messages.append("Command {} not found. If you have {} installed, but the binary " "name is different or it's not available in $GOPATH/bin, please use " "{} environment variable to specify the path. Example:\n" " export {}=`which {}`\n" "If you don't have {} installed, you can install it by:\n" " go get -u github.com/bazelbuild/buildtools/{}".format( path, name, var, var, name, name, name)) checkBazelTool('buildifier', BUILDIFIER_PATH, 'BUILDIFIER_BIN') checkBazelTool('buildozer', BUILDOZER_PATH, 'BUILDOZER_BIN') return error_messages def checkNamespace(self, file_path): for excluded_path in self.namespace_check_excluded_paths: if file_path.startswith(excluded_path): return [] nolint = "NOLINT(namespace-%s)" % self.namespace_check.lower() text = self.readFile(file_path) if not re.search("^\s*namespace\s+%s\s*{" % self.namespace_check, text, re.MULTILINE) and \ not nolint in text: return [ "Unable to find %s namespace or %s for file: %s" % (self.namespace_check, nolint, file_path) ] return [] def packageNameForProto(self, file_path): package_name = None error_message = [] result = PROTO_PACKAGE_REGEX.search(self.readFile(file_path)) if result is not None and len(result.groups()) == 1: package_name = result.group(1) if package_name is None: error_message = ["Unable to find package name for proto file: %s" % file_path] return [package_name, error_message] # To avoid breaking the Lyft import, we just check for path inclusion here. def allowlistedForProtobufDeps(self, file_path): return (file_path.endswith(PROTO_SUFFIX) or file_path.endswith(REPOSITORIES_BZL) or \ any(path_segment in file_path for path_segment in GOOGLE_PROTOBUF_ALLOWLIST)) # Real-world time sources should not be instantiated in the source, except for a few # specific cases. They should be passed down from where they are instantied to where # they need to be used, e.g. through the ServerInstance, Dispatcher, or ClusterManager. def allowlistedForRealTime(self, file_path): if file_path.endswith(".md"): return True return file_path in REAL_TIME_ALLOWLIST def allowlistedForRegisterFactory(self, file_path): if not file_path.startswith("./test/"): return True return any(file_path.startswith(prefix) for prefix in REGISTER_FACTORY_TEST_ALLOWLIST) def allowlistedForSerializeAsString(self, file_path): return file_path in SERIALIZE_AS_STRING_ALLOWLIST or file_path.endswith(DOCS_SUFFIX) def allowlistedForJsonStringToMessage(self, file_path): return file_path in JSON_STRING_TO_MESSAGE_ALLOWLIST def allowlistedForHistogramSiSuffix(self, name): return name in HISTOGRAM_WITH_SI_SUFFIX_ALLOWLIST def allowlistedForStdRegex(self, file_path): return file_path.startswith("./test") or file_path in STD_REGEX_ALLOWLIST or file_path.endswith( DOCS_SUFFIX) def allowlistedForGrpcInit(self, file_path): return file_path in GRPC_INIT_ALLOWLIST def allowlistedForUnpackTo(self, file_path): return file_path.startswith("./test") or file_path in [ "./source/common/protobuf/utility.cc", "./source/common/protobuf/utility.h" ] def denylistedForExceptions(self, file_path): # Returns true when it is a non test header file or the file_path is in DENYLIST or # it is under toos/testdata subdirectory. if file_path.endswith(DOCS_SUFFIX): return False return (file_path.endswith('.h') and not file_path.startswith("./test/")) or file_path in EXCEPTION_DENYLIST \ or self.isInSubdir(file_path, 'tools/testdata') def isApiFile(self, file_path): return file_path.startswith(self.api_prefix) or file_path.startswith(self.api_shadow_root) def isBuildFile(self, file_path): basename = os.path.basename(file_path) if basename in {"BUILD", "BUILD.bazel"} or basename.endswith(".BUILD"): return True return False def isExternalBuildFile(self, file_path): return self.isBuildFile(file_path) and (file_path.startswith("./bazel/external/") or file_path.startswith("./tools/clang_tools")) def isStarlarkFile(self, file_path): return file_path.endswith(".bzl") def isWorkspaceFile(self, file_path): return os.path.basename(file_path) == "WORKSPACE" def isBuildFixerExcludedFile(self, file_path): for excluded_path in self.build_fixer_check_excluded_paths: if file_path.startswith(excluded_path): return True return False def hasInvalidAngleBracketDirectory(self, line): if not line.startswith(INCLUDE_ANGLE): return False path = line[INCLUDE_ANGLE_LEN:] slash = path.find("/") if slash == -1: return False subdir = path[0:slash] return subdir in SUBDIR_SET def checkCurrentReleaseNotes(self, file_path, error_messages): first_word_of_prior_line = '' next_word_to_check = '' # first word after : prior_line = '' def endsWithPeriod(prior_line): if not prior_line: return True # Don't punctuation-check empty lines. if prior_line.endswith('.'): return True # Actually ends with . if prior_line.endswith('`') and REF_WITH_PUNCTUATION_REGEX.match(prior_line): return True # The text in the :ref ends with a . return False for line_number, line in enumerate(self.readLines(file_path)): def reportError(message): error_messages.append("%s:%d: %s" % (file_path, line_number + 1, message)) if VERSION_HISTORY_SECTION_NAME.match(line): if line == "Deprecated": # The deprecations section is last, and does not have enforced formatting. break # Reset all parsing at the start of a section. first_word_of_prior_line = '' next_word_to_check = '' # first word after : prior_line = '' # make sure flags are surrounded by ``s flag_match = RELOADABLE_FLAG_REGEX.match(line) if flag_match: if not flag_match.groups()[0].startswith('`'): reportError("Flag `%s` should be enclosed in back ticks" % flag_match.groups()[1]) if line.startswith("* "): if not endsWithPeriod(prior_line): reportError("The following release note does not end with a '.'\n %s" % prior_line) match = VERSION_HISTORY_NEW_LINE_REGEX.match(line) if not match: reportError("Version history line malformed. " "Does not match VERSION_HISTORY_NEW_LINE_REGEX in check_format.py\n %s" % line) else: first_word = match.groups()[0] next_word = match.groups()[1] # Do basic alphabetization checks of the first word on the line and the # first word after the : if first_word_of_prior_line and first_word_of_prior_line > first_word: reportError( "Version history not in alphabetical order (%s vs %s): please check placement of line\n %s. " % (first_word_of_prior_line, first_word, line)) if first_word_of_prior_line == first_word and next_word_to_check and next_word_to_check > next_word: reportError( "Version history not in alphabetical order (%s vs %s): please check placement of line\n %s. " % (next_word_to_check, next_word, line)) first_word_of_prior_line = first_word next_word_to_check = next_word prior_line = line elif not line: # If we hit the end of this release note block block, check the prior line. if not endsWithPeriod(prior_line): reportError("The following release note does not end with a '.'\n %s" % prior_line) elif prior_line: prior_line += line def checkFileContents(self, file_path, checker): error_messages = [] if file_path.endswith("version_history/current.rst"): # Version file checking has enough special cased logic to merit its own checks. # This only validates entries for the current release as very old release # notes have a different format. self.checkCurrentReleaseNotes(file_path, error_messages) def checkFormatErrors(line, line_number): def reportError(message): error_messages.append("%s:%d: %s" % (file_path, line_number + 1, message)) checker(line, file_path, reportError) evaluate_failure = self.evaluateLines(file_path, checkFormatErrors, False) if evaluate_failure is not None: error_messages.append(evaluate_failure) return error_messages def fixSourceLine(self, line, line_number): # Strip double space after '.' This may prove overenthusiastic and need to # be restricted to comments and metadata files but works for now. line = re.sub(DOT_MULTI_SPACE_REGEX, ". ", line) if self.hasInvalidAngleBracketDirectory(line): line = line.replace("<", '"').replace(">", '"') # Fix incorrect protobuf namespace references. for invalid_construct, valid_construct in PROTOBUF_TYPE_ERRORS.items(): line = line.replace(invalid_construct, valid_construct) # Use recommended cpp stdlib for invalid_construct, valid_construct in LIBCXX_REPLACEMENTS.items(): line = line.replace(invalid_construct, valid_construct) return line # We want to look for a call to condvar.waitFor, but there's no strong pattern # to the variable name of the condvar. If we just look for ".waitFor" we'll also # pick up time_system_.waitFor(...), and we don't want to return true for that # pattern. But in that case there is a strong pattern of using time_system in # various spellings as the variable name. def hasCondVarWaitFor(self, line): wait_for = line.find(".waitFor(") if wait_for == -1: return False preceding = line[0:wait_for] if preceding.endswith("time_system") or preceding.endswith("timeSystem()") or \ preceding.endswith("time_system_"): return False return True # Determines whether the filename is either in the specified subdirectory, or # at the top level. We consider files in the top level for the benefit of # the check_format testcases in tools/testdata/check_format. def isInSubdir(self, filename, *subdirs): # Skip this check for check_format's unit-tests. if filename.count("/") <= 1: return True for subdir in subdirs: if filename.startswith('./' + subdir + '/'): return True return False # Determines if given token exists in line without leading or trailing token characters # e.g. will return True for a line containing foo() but not foo_bar() or baz_foo def tokenInLine(self, token, line): index = 0 while True: index = line.find(token, index) # the following check has been changed from index < 1 to index < 0 because # this function incorrectly returns false when the token in question is the # first one in a line. The following line returns false when the token is present: # (no leading whitespace) violating_symbol foo; if index < 0: break if index == 0 or not (line[index - 1].isalnum() or line[index - 1] == '_'): if index + len(token) >= len(line) or not (line[index + len(token)].isalnum() or line[index + len(token)] == '_'): return True index = index + 1 return False def checkSourceLine(self, line, file_path, reportError): # Check fixable errors. These may have been fixed already. if line.find(". ") != -1: reportError("over-enthusiastic spaces") if self.isInSubdir(file_path, 'source', 'include') and X_ENVOY_USED_DIRECTLY_REGEX.match(line): reportError( "Please do not use the raw literal x-envoy in source code. See Envoy::Http::PrefixValue." ) if self.hasInvalidAngleBracketDirectory(line): reportError("envoy includes should not have angle brackets") for invalid_construct, valid_construct in PROTOBUF_TYPE_ERRORS.items(): if invalid_construct in line: reportError("incorrect protobuf type reference %s; " "should be %s" % (invalid_construct, valid_construct)) for invalid_construct, valid_construct in LIBCXX_REPLACEMENTS.items(): if invalid_construct in line: reportError("term %s should be replaced with standard library term %s" % (invalid_construct, valid_construct)) # Do not include the virtual_includes headers. if re.search("#include.*/_virtual_includes/", line): reportError("Don't include the virtual includes headers.") # Some errors cannot be fixed automatically, and actionable, consistent, # navigable messages should be emitted to make it easy to find and fix # the errors by hand. if not self.allowlistedForProtobufDeps(file_path): if '"google/protobuf' in line or "google::protobuf" in line: reportError("unexpected direct dependency on google.protobuf, use " "the definitions in common/protobuf/protobuf.h instead.") if line.startswith("#include ") or line.startswith("#include or , switch to " "Thread::MutexBasicLockable in source/common/common/thread.h") if line.startswith("#include "): # We don't check here for std::shared_timed_mutex because that may # legitimately show up in comments, for example this one. reportError("Don't use , use absl::Mutex for reader/writer locks.") if not self.allowlistedForRealTime(file_path) and not "NO_CHECK_FORMAT(real_time)" in line: if "RealTimeSource" in line or \ ("RealTimeSystem" in line and not "TestRealTimeSystem" in line) or \ "std::chrono::system_clock::now" in line or "std::chrono::steady_clock::now" in line or \ "std::this_thread::sleep_for" in line or self.hasCondVarWaitFor(line): reportError("Don't reference real-world time sources from production code; use injection") duration_arg = DURATION_VALUE_REGEX.search(line) if duration_arg and duration_arg.group(1) != "0" and duration_arg.group(1) != "0.0": # Matching duration(int-const or float-const) other than zero reportError( "Don't use ambiguous duration(value), use an explicit duration type, e.g. Event::TimeSystem::Milliseconds(value)" ) if not self.allowlistedForRegisterFactory(file_path): if "Registry::RegisterFactory<" in line or "REGISTER_FACTORY" in line: reportError("Don't use Registry::RegisterFactory or REGISTER_FACTORY in tests, " "use Registry::InjectFactory instead.") if not self.allowlistedForUnpackTo(file_path): if "UnpackTo" in line: reportError("Don't use UnpackTo() directly, use MessageUtil::unpackTo() instead") # Check that we use the absl::Time library if self.tokenInLine("std::get_time", line): if "test/" in file_path: reportError("Don't use std::get_time; use TestUtility::parseTime in tests") else: reportError("Don't use std::get_time; use the injectable time system") if self.tokenInLine("std::put_time", line): reportError("Don't use std::put_time; use absl::Time equivalent instead") if self.tokenInLine("gmtime", line): reportError("Don't use gmtime; use absl::Time equivalent instead") if self.tokenInLine("mktime", line): reportError("Don't use mktime; use absl::Time equivalent instead") if self.tokenInLine("localtime", line): reportError("Don't use localtime; use absl::Time equivalent instead") if self.tokenInLine("strftime", line): reportError("Don't use strftime; use absl::FormatTime instead") if self.tokenInLine("strptime", line): reportError("Don't use strptime; use absl::FormatTime instead") if self.tokenInLine("strerror", line): reportError("Don't use strerror; use Envoy::errorDetails instead") # Prefer using abseil hash maps/sets over std::unordered_map/set for performance optimizations and # non-deterministic iteration order that exposes faulty assertions. # See: https://abseil.io/docs/cpp/guides/container#hash-tables if "std::unordered_map" in line: reportError("Don't use std::unordered_map; use absl::flat_hash_map instead or " "absl::node_hash_map if pointer stability of keys/values is required") if "std::unordered_set" in line: reportError("Don't use std::unordered_set; use absl::flat_hash_set instead or " "absl::node_hash_set if pointer stability of keys/values is required") if "std::atomic_" in line: # The std::atomic_* free functions are functionally equivalent to calling # operations on std::atomic objects, so prefer to use that instead. reportError("Don't use free std::atomic_* functions, use std::atomic members instead.") # Block usage of certain std types/functions as iOS 11 and macOS 10.13 # do not support these at runtime. # See: https://github.com/envoyproxy/envoy/issues/12341 if self.tokenInLine("std::any", line): reportError("Don't use std::any; use absl::any instead") if self.tokenInLine("std::get_if", line): reportError("Don't use std::get_if; use absl::get_if instead") if self.tokenInLine("std::holds_alternative", line): reportError("Don't use std::holds_alternative; use absl::holds_alternative instead") if self.tokenInLine("std::make_optional", line): reportError("Don't use std::make_optional; use absl::make_optional instead") if self.tokenInLine("std::monostate", line): reportError("Don't use std::monostate; use absl::monostate instead") if self.tokenInLine("std::optional", line): reportError("Don't use std::optional; use absl::optional instead") if self.tokenInLine("std::string_view", line): reportError("Don't use std::string_view; use absl::string_view instead") if self.tokenInLine("std::variant", line): reportError("Don't use std::variant; use absl::variant instead") if self.tokenInLine("std::visit", line): reportError("Don't use std::visit; use absl::visit instead") if "__attribute__((packed))" in line and file_path != "./include/envoy/common/platform.h": # __attribute__((packed)) is not supported by MSVC, we have a PACKED_STRUCT macro that # can be used instead reportError("Don't use __attribute__((packed)), use the PACKED_STRUCT macro defined " "in include/envoy/common/platform.h instead") if DESIGNATED_INITIALIZER_REGEX.search(line): # Designated initializers are not part of the C++14 standard and are not supported # by MSVC reportError("Don't use designated initializers in struct initialization, " "they are not part of C++14") if " ?: " in line: # The ?: operator is non-standard, it is a GCC extension reportError("Don't use the '?:' operator, it is a non-standard GCC extension") if line.startswith("using testing::Test;"): reportError("Don't use 'using testing::Test;, elaborate the type instead") if line.startswith("using testing::TestWithParams;"): reportError("Don't use 'using testing::Test;, elaborate the type instead") if TEST_NAME_STARTING_LOWER_CASE_REGEX.search(line): # Matches variants of TEST(), TEST_P(), TEST_F() etc. where the test name begins # with a lowercase letter. reportError("Test names should be CamelCase, starting with a capital letter") if not self.allowlistedForSerializeAsString(file_path) and "SerializeAsString" in line: # The MessageLite::SerializeAsString doesn't generate deterministic serialization, # use MessageUtil::hash instead. reportError( "Don't use MessageLite::SerializeAsString for generating deterministic serialization, use MessageUtil::hash instead." ) if not self.allowlistedForJsonStringToMessage(file_path) and "JsonStringToMessage" in line: # Centralize all usage of JSON parsing so it is easier to make changes in JSON parsing # behavior. reportError("Don't use Protobuf::util::JsonStringToMessage, use TestUtility::loadFromJson.") if self.isInSubdir(file_path, 'source') and file_path.endswith('.cc') and \ ('.counterFromString(' in line or '.gaugeFromString(' in line or \ '.histogramFromString(' in line or '.textReadoutFromString(' in line or \ '->counterFromString(' in line or '->gaugeFromString(' in line or \ '->histogramFromString(' in line or '->textReadoutFromString(' in line): reportError("Don't lookup stats by name at runtime; use StatName saved during construction") if MANGLED_PROTOBUF_NAME_REGEX.search(line): reportError("Don't use mangled Protobuf names for enum constants") hist_m = HISTOGRAM_SI_SUFFIX_REGEX.search(line) if hist_m and not self.allowlistedForHistogramSiSuffix(hist_m.group(0)): reportError( "Don't suffix histogram names with the unit symbol, " "it's already part of the histogram object and unit-supporting sinks can use this information natively, " "other sinks can add the suffix automatically on flush should they prefer to do so.") if not self.allowlistedForStdRegex(file_path) and "std::regex" in line: reportError("Don't use std::regex in code that handles untrusted input. Use RegexMatcher") if not self.allowlistedForGrpcInit(file_path): grpc_init_or_shutdown = line.find("grpc_init()") grpc_shutdown = line.find("grpc_shutdown()") if grpc_init_or_shutdown == -1 or (grpc_shutdown != -1 and grpc_shutdown < grpc_init_or_shutdown): grpc_init_or_shutdown = grpc_shutdown if grpc_init_or_shutdown != -1: comment = line.find("// ") if comment == -1 or comment > grpc_init_or_shutdown: reportError("Don't call grpc_init() or grpc_shutdown() directly, instantiate " + "Grpc::GoogleGrpcContext. See #8282") if self.denylistedForExceptions(file_path): # Skpping cases where 'throw' is a substring of a symbol like in "foothrowBar". if "throw" in line.split(): comment_match = COMMENT_REGEX.search(line) if comment_match is None or comment_match.start(0) > line.find("throw"): reportError("Don't introduce throws into exception-free files, use error " + "statuses instead.") if "lua_pushlightuserdata" in line: reportError( "Don't use lua_pushlightuserdata, since it can cause unprotected error in call to" + "Lua API (bad light userdata pointer) on ARM64 architecture. See " + "https://github.com/LuaJIT/LuaJIT/issues/450#issuecomment-433659873 for details.") if file_path.endswith(PROTO_SUFFIX): exclude_path = ['v1', 'v2', 'generated_api_shadow'] result = PROTO_VALIDATION_STRING.search(line) if result is not None: if not any(x in file_path for x in exclude_path): reportError("min_bytes is DEPRECATED, Use min_len.") def checkBuildLine(self, line, file_path, reportError): if "@bazel_tools" in line and not (self.isStarlarkFile(file_path) or file_path.startswith("./bazel/") or "python/runfiles" in line): reportError("unexpected @bazel_tools reference, please indirect via a definition in //bazel") if not self.allowlistedForProtobufDeps(file_path) and '"protobuf"' in line: reportError("unexpected direct external dependency on protobuf, use " "//source/common/protobuf instead.") if (self.envoy_build_rule_check and not self.isStarlarkFile(file_path) and not self.isWorkspaceFile(file_path) and not self.isExternalBuildFile(file_path) and "@envoy//" in line): reportError("Superfluous '@envoy//' prefix") def fixBuildLine(self, file_path, line, line_number): if (self.envoy_build_rule_check and not self.isStarlarkFile(file_path) and not self.isWorkspaceFile(file_path) and not self.isExternalBuildFile(file_path)): line = line.replace("@envoy//", "//") return line def fixBuildPath(self, file_path): self.evaluateLines(file_path, functools.partial(self.fixBuildLine, file_path)) error_messages = [] # TODO(htuch): Add API specific BUILD fixer script. if not self.isBuildFixerExcludedFile(file_path) and not self.isApiFile( file_path) and not self.isStarlarkFile(file_path) and not self.isWorkspaceFile(file_path): if os.system("%s %s %s" % (ENVOY_BUILD_FIXER_PATH, file_path, file_path)) != 0: error_messages += ["envoy_build_fixer rewrite failed for file: %s" % file_path] if os.system("%s -lint=fix -mode=fix %s" % (BUILDIFIER_PATH, file_path)) != 0: error_messages += ["buildifier rewrite failed for file: %s" % file_path] return error_messages def checkBuildPath(self, file_path): error_messages = [] if not self.isBuildFixerExcludedFile(file_path) and not self.isApiFile( file_path) and not self.isStarlarkFile(file_path) and not self.isWorkspaceFile(file_path): command = "%s %s | diff %s -" % (ENVOY_BUILD_FIXER_PATH, file_path, file_path) error_messages += self.executeCommand(command, "envoy_build_fixer check failed", file_path) if self.isBuildFile(file_path) and (file_path.startswith(self.api_prefix + "envoy") or file_path.startswith(self.api_shadow_root + "envoy")): found = False for line in self.readLines(file_path): if "api_proto_package(" in line: found = True break if not found: error_messages += ["API build file does not provide api_proto_package()"] command = "%s -mode=diff %s" % (BUILDIFIER_PATH, file_path) error_messages += self.executeCommand(command, "buildifier check failed", file_path) error_messages += self.checkFileContents(file_path, self.checkBuildLine) return error_messages def fixSourcePath(self, file_path): self.evaluateLines(file_path, self.fixSourceLine) error_messages = [] if not file_path.endswith(DOCS_SUFFIX): if not file_path.endswith(PROTO_SUFFIX): error_messages += self.fixHeaderOrder(file_path) error_messages += self.clangFormat(file_path) if file_path.endswith(PROTO_SUFFIX) and self.isApiFile(file_path): package_name, error_message = self.packageNameForProto(file_path) if package_name is None: error_messages += error_message return error_messages def checkSourcePath(self, file_path): error_messages = self.checkFileContents(file_path, self.checkSourceLine) if not file_path.endswith(DOCS_SUFFIX): if not file_path.endswith(PROTO_SUFFIX): error_messages += self.checkNamespace(file_path) command = ("%s --include_dir_order %s --path %s | diff %s -" % (HEADER_ORDER_PATH, self.include_dir_order, file_path, file_path)) error_messages += self.executeCommand(command, "header_order.py check failed", file_path) command = ("%s %s | diff %s -" % (CLANG_FORMAT_PATH, file_path, file_path)) error_messages += self.executeCommand(command, "clang-format check failed", file_path) if file_path.endswith(PROTO_SUFFIX) and self.isApiFile(file_path): package_name, error_message = self.packageNameForProto(file_path) if package_name is None: error_messages += error_message return error_messages # Example target outputs are: # - "26,27c26" # - "12,13d13" # - "7a8,9" def executeCommand(self, command, error_message, file_path, regex=re.compile(r"^(\d+)[a|c|d]?\d*(?:,\d+[a|c|d]?\d*)?$")): try: output = subprocess.check_output(command, shell=True, stderr=subprocess.STDOUT).strip() if output: return output.decode('utf-8').split("\n") return [] except subprocess.CalledProcessError as e: if (e.returncode != 0 and e.returncode != 1): return ["ERROR: something went wrong while executing: %s" % e.cmd] # In case we can't find any line numbers, record an error message first. error_messages = ["%s for file: %s" % (error_message, file_path)] for line in e.output.decode('utf-8').splitlines(): for num in regex.findall(line): error_messages.append(" %s:%s" % (file_path, num)) return error_messages def fixHeaderOrder(self, file_path): command = "%s --rewrite --include_dir_order %s --path %s" % (HEADER_ORDER_PATH, self.include_dir_order, file_path) if os.system(command) != 0: return ["header_order.py rewrite error: %s" % (file_path)] return [] def clangFormat(self, file_path): command = "%s -i %s" % (CLANG_FORMAT_PATH, file_path) if os.system(command) != 0: return ["clang-format rewrite error: %s" % (file_path)] return [] def checkFormat(self, file_path): if file_path.startswith(EXCLUDED_PREFIXES): return [] if not file_path.endswith(SUFFIXES): return [] error_messages = [] # Apply fixes first, if asked, and then run checks. If we wind up attempting to fix # an issue, but there's still an error, that's a problem. try_to_fix = self.operation_type == "fix" if self.isBuildFile(file_path) or self.isStarlarkFile(file_path) or self.isWorkspaceFile( file_path): if try_to_fix: error_messages += self.fixBuildPath(file_path) error_messages += self.checkBuildPath(file_path) else: if try_to_fix: error_messages += self.fixSourcePath(file_path) error_messages += self.checkSourcePath(file_path) if error_messages: return ["From %s" % file_path] + error_messages return error_messages def checkFormatReturnTraceOnError(self, file_path): """Run checkFormat and return the traceback of any exception.""" try: return self.checkFormat(file_path) except: return traceback.format_exc().split("\n") def checkOwners(self, dir_name, owned_directories, error_messages): """Checks to make sure a given directory is present either in CODEOWNERS or OWNED_EXTENSIONS Args: dir_name: the directory being checked. owned_directories: directories currently listed in CODEOWNERS. error_messages: where to put an error message for new unowned directories. """ found = False for owned in owned_directories: if owned.startswith(dir_name) or dir_name.startswith(owned): found = True if not found and dir_name not in UNOWNED_EXTENSIONS: error_messages.append("New directory %s appears to not have owners in CODEOWNERS" % dir_name) def checkApiShadowStarlarkFiles(self, file_path, error_messages): command = "diff -u " command += file_path + " " api_shadow_starlark_path = self.api_shadow_root + re.sub(r"\./api/", '', file_path) command += api_shadow_starlark_path error_message = self.executeCommand(command, "invalid .bzl in generated_api_shadow", file_path) if self.operation_type == "check": error_messages += error_message elif self.operation_type == "fix" and len(error_message) != 0: shutil.copy(file_path, api_shadow_starlark_path) return error_messages def checkFormatVisitor(self, arg, dir_name, names): """Run checkFormat in parallel for the given files. Args: arg: a tuple (pool, result_list, owned_directories, error_messages) pool and result_list are for starting tasks asynchronously. owned_directories tracks directories listed in the CODEOWNERS file. error_messages is a list of string format errors. dir_name: the parent directory of the given files. names: a list of file names. """ # Unpack the multiprocessing.Pool process pool and list of results. Since # python lists are passed as references, this is used to collect the list of # async results (futures) from running checkFormat and passing them back to # the caller. pool, result_list, owned_directories, error_messages = arg # Sanity check CODEOWNERS. This doesn't need to be done in a multi-threaded # manner as it is a small and limited list. source_prefix = './source/' full_prefix = './source/extensions/' # Check to see if this directory is a subdir under /source/extensions # Also ignore top level directories under /source/extensions since we don't # need owners for source/extensions/access_loggers etc, just the subdirectories. if dir_name.startswith(full_prefix) and '/' in dir_name[len(full_prefix):]: self.checkOwners(dir_name[len(source_prefix):], owned_directories, error_messages) for file_name in names: if dir_name.startswith("./api") and self.isStarlarkFile(file_name): result = pool.apply_async(self.checkApiShadowStarlarkFiles, args=(dir_name + "/" + file_name, error_messages)) result_list.append(result) result = pool.apply_async(self.checkFormatReturnTraceOnError, args=(dir_name + "/" + file_name,)) result_list.append(result) # checkErrorMessages iterates over the list with error messages and prints # errors and returns a bool based on whether there were any errors. def checkErrorMessages(self, error_messages): if error_messages: for e in error_messages: print("ERROR: %s" % e) return True return False if __name__ == "__main__": parser = argparse.ArgumentParser(description="Check or fix file format.") parser.add_argument("operation_type", type=str, choices=["check", "fix"], help="specify if the run should 'check' or 'fix' format.") parser.add_argument( "target_path", type=str, nargs="?", default=".", help="specify the root directory for the script to recurse over. Default '.'.") parser.add_argument("--add-excluded-prefixes", type=str, nargs="+", help="exclude additional prefixes.") parser.add_argument("-j", "--num-workers", type=int, default=multiprocessing.cpu_count(), help="number of worker processes to use; defaults to one per core.") parser.add_argument("--api-prefix", type=str, default="./api/", help="path of the API tree.") parser.add_argument("--api-shadow-prefix", type=str, default="./generated_api_shadow/", help="path of the shadow API tree.") parser.add_argument("--skip_envoy_build_rule_check", action="store_true", help="skip checking for '@envoy//' prefix in build rules.") parser.add_argument("--namespace_check", type=str, nargs="?", default="Envoy", help="specify namespace check string. Default 'Envoy'.") parser.add_argument("--namespace_check_excluded_paths", type=str, nargs="+", default=[], help="exclude paths from the namespace_check.") parser.add_argument("--build_fixer_check_excluded_paths", type=str, nargs="+", default=[], help="exclude paths from envoy_build_fixer check.") parser.add_argument("--bazel_tools_check_excluded_paths", type=str, nargs="+", default=[], help="exclude paths from bazel_tools check.") parser.add_argument("--include_dir_order", type=str, default=",".join(common.includeDirOrder()), help="specify the header block include directory order.") args = parser.parse_args() if args.add_excluded_prefixes: EXCLUDED_PREFIXES += tuple(args.add_excluded_prefixes) format_checker = FormatChecker(args) # Check whether all needed external tools are available. ct_error_messages = format_checker.checkTools() if format_checker.checkErrorMessages(ct_error_messages): sys.exit(1) # Returns the list of directories with owners listed in CODEOWNERS. May append errors to # error_messages. def ownedDirectories(error_messages): owned = [] maintainers = [ '@mattklein123', '@htuch', '@alyssawilk', '@zuercher', '@lizan', '@snowp', '@asraa', '@yavlasov', '@junr03', '@dio', '@jmarantz', '@antoniovicente' ] try: with open('./CODEOWNERS') as f: for line in f: # If this line is of the form "extensions/... @owner1 @owner2" capture the directory # name and store it in the list of directories with documented owners. m = EXTENSIONS_CODEOWNERS_REGEX.search(line) if m is not None and not line.startswith('#'): owned.append(m.group(1).strip()) owners = re.findall('@\S+', m.group(2).strip()) if len(owners) < 2: error_messages.append("Extensions require at least 2 owners in CODEOWNERS:\n" " {}".format(line)) maintainer = len(set(owners).intersection(set(maintainers))) > 0 if not maintainer: error_messages.append("Extensions require at least one maintainer OWNER:\n" " {}".format(line)) return owned except IOError: return [] # for the check format tests. # Calculate the list of owned directories once per run. error_messages = [] owned_directories = ownedDirectories(error_messages) if os.path.isfile(args.target_path): error_messages += format_checker.checkFormat("./" + args.target_path) else: results = [] def PooledCheckFormat(path_predicate): pool = multiprocessing.Pool(processes=args.num_workers) # For each file in target_path, start a new task in the pool and collect the # results (results is passed by reference, and is used as an output). for root, _, files in os.walk(args.target_path): format_checker.checkFormatVisitor((pool, results, owned_directories, error_messages), root, [f for f in files if path_predicate(f)]) # Close the pool to new tasks, wait for all of the running tasks to finish, # then collect the error messages. pool.close() pool.join() # We first run formatting on non-BUILD files, since the BUILD file format # requires analysis of srcs/hdrs in the BUILD file, and we don't want these # to be rewritten by other multiprocessing pooled processes. PooledCheckFormat(lambda f: not format_checker.isBuildFile(f)) PooledCheckFormat(lambda f: format_checker.isBuildFile(f)) error_messages += sum((r.get() for r in results), []) if format_checker.checkErrorMessages(error_messages): print("ERROR: check format failed. run 'tools/code_format/check_format.py fix'") sys.exit(1) if args.operation_type == "check": print("PASS") ================================================ FILE: tools/code_format/check_format_test.sh ================================================ #!/bin/bash tools="$(dirname "$(dirname "$(realpath "$0")")")" root=$(realpath "$tools/..") ci="${root}/ci" export ci cd "$root" || exit 1 exec ./ci/run_envoy_docker.sh ./tools/code_format/check_format_test_helper.sh "$@" ================================================ FILE: tools/code_format/check_format_test_helper.py ================================================ #!/usr/bin/env python3 # Tests check_format.py. This must be run in a context where the clang # version and settings are compatible with the one in the Envoy # docker. Normally this is run via check_format_test.sh, which # executes it in under docker. from __future__ import print_function from run_command import runCommand import argparse import logging import os import shutil import sys import tempfile curr_dir = os.path.dirname(os.path.realpath(__file__)) tools = os.path.dirname(curr_dir) src = os.path.join(tools, 'testdata', 'check_format') check_format = sys.executable + " " + os.path.join(curr_dir, 'check_format.py') errors = 0 # Runs the 'check_format' operation, on the specified file, printing # the comamnd run and the status code as well as the stdout, and returning # all of that to the caller. def runCheckFormat(operation, filename): command = check_format + " " + operation + " " + filename status, stdout, stderr = runCommand(command) return (command, status, stdout + stderr) def getInputFile(filename, extra_input_files=None): files_to_copy = [filename] if extra_input_files is not None: files_to_copy.extend(extra_input_files) for f in files_to_copy: infile = os.path.join(src, f) directory = os.path.dirname(f) if not directory == '' and not os.path.isdir(directory): os.makedirs(directory) shutil.copyfile(infile, f) return filename # Attempts to fix file, returning a 4-tuple: the command, input file name, # output filename, captured stdout as an array of lines, and the error status # code. def fixFileHelper(filename, extra_input_files=None): command, status, stdout = runCheckFormat( "fix", getInputFile(filename, extra_input_files=extra_input_files)) infile = os.path.join(src, filename) return command, infile, filename, status, stdout # Attempts to fix a file, returning the status code and the generated output. # If the fix was successful, the diff is returned as a string-array. If the file # was not fixable, the error-messages are returned as a string-array. def fixFileExpectingSuccess(file, extra_input_files=None): command, infile, outfile, status, stdout = fixFileHelper(file, extra_input_files=extra_input_files) if status != 0: print("FAILED: " + infile) emitStdoutAsError(stdout) return 1 status, stdout, stderr = runCommand('diff ' + outfile + ' ' + infile + '.gold') if status != 0: print("FAILED: " + infile) emitStdoutAsError(stdout + stderr) return 1 return 0 def fixFileExpectingNoChange(file): command, infile, outfile, status, stdout = fixFileHelper(file) if status != 0: return 1 status, stdout, stderr = runCommand('diff ' + outfile + ' ' + infile) if status != 0: logging.error(file + ': expected file to remain unchanged') return 1 return 0 def emitStdoutAsError(stdout): logging.error("\n".join(stdout)) def expectError(filename, status, stdout, expected_substring): if status == 0: logging.error("%s: Expected failure `%s`, but succeeded" % (filename, expected_substring)) return 1 for line in stdout: if expected_substring in line: return 0 logging.error("%s: Could not find '%s' in:\n" % (filename, expected_substring)) emitStdoutAsError(stdout) return 1 def fixFileExpectingFailure(filename, expected_substring): command, infile, outfile, status, stdout = fixFileHelper(filename) return expectError(filename, status, stdout, expected_substring) def checkFileExpectingError(filename, expected_substring, extra_input_files=None): command, status, stdout = runCheckFormat( "check", getInputFile(filename, extra_input_files=extra_input_files)) return expectError(filename, status, stdout, expected_substring) def checkAndFixError(filename, expected_substring, extra_input_files=None): errors = checkFileExpectingError(filename, expected_substring, extra_input_files=extra_input_files) errors += fixFileExpectingSuccess(filename, extra_input_files=extra_input_files) return errors def checkToolNotFoundError(): # Temporarily change PATH to test the error about lack of external tools. oldPath = os.environ["PATH"] os.environ["PATH"] = "/sbin:/usr/sbin" clang_format = os.getenv("CLANG_FORMAT", "clang-format-9") # If CLANG_FORMAT points directly to the binary, skip this test. if os.path.isfile(clang_format) and os.access(clang_format, os.X_OK): os.environ["PATH"] = oldPath return 0 errors = checkFileExpectingError("no_namespace_envoy.cc", "Command %s not found." % clang_format) os.environ["PATH"] = oldPath return errors def checkUnfixableError(filename, expected_substring): errors = checkFileExpectingError(filename, expected_substring) errors += fixFileExpectingFailure(filename, expected_substring) return errors def checkFileExpectingOK(filename): command, status, stdout = runCheckFormat("check", getInputFile(filename)) if status != 0: logging.error("Expected %s to have no errors; status=%d, output:\n" % (filename, status)) emitStdoutAsError(stdout) return status + fixFileExpectingNoChange(filename) def runChecks(): errors = 0 # The following error is the error about unavailability of external tools. errors += checkToolNotFoundError() # The following errors can be detected but not fixed automatically. errors += checkUnfixableError("no_namespace_envoy.cc", "Unable to find Envoy namespace or NOLINT(namespace-envoy)") errors += checkUnfixableError("mutex.cc", "Don't use or ") errors += checkUnfixableError("condition_variable.cc", "Don't use or ") errors += checkUnfixableError("condition_variable_any.cc", "Don't use or ") errors += checkUnfixableError("shared_mutex.cc", "shared_mutex") errors += checkUnfixableError("shared_mutex.cc", "shared_mutex") real_time_inject_error = ( "Don't reference real-world time sources from production code; use injection") errors += checkUnfixableError("real_time_source.cc", real_time_inject_error) errors += checkUnfixableError("real_time_system.cc", real_time_inject_error) errors += checkUnfixableError( "duration_value.cc", "Don't use ambiguous duration(value), use an explicit duration type, e.g. Event::TimeSystem::Milliseconds(value)" ) errors += checkUnfixableError("system_clock.cc", real_time_inject_error) errors += checkUnfixableError("steady_clock.cc", real_time_inject_error) errors += checkUnfixableError( "unpack_to.cc", "Don't use UnpackTo() directly, use MessageUtil::unpackTo() instead") errors += checkUnfixableError("condvar_wait_for.cc", real_time_inject_error) errors += checkUnfixableError("sleep.cc", real_time_inject_error) errors += checkUnfixableError("std_atomic_free_functions.cc", "std::atomic_*") errors += checkUnfixableError("std_get_time.cc", "std::get_time") errors += checkUnfixableError("no_namespace_envoy.cc", "Unable to find Envoy namespace or NOLINT(namespace-envoy)") errors += checkUnfixableError("bazel_tools.BUILD", "unexpected @bazel_tools reference") errors += checkUnfixableError("proto.BUILD", "unexpected direct external dependency on protobuf") errors += checkUnfixableError("proto_deps.cc", "unexpected direct dependency on google.protobuf") errors += checkUnfixableError("attribute_packed.cc", "Don't use __attribute__((packed))") errors += checkUnfixableError("designated_initializers.cc", "Don't use designated initializers") errors += checkUnfixableError("elvis_operator.cc", "Don't use the '?:' operator") errors += checkUnfixableError("testing_test.cc", "Don't use 'using testing::Test;, elaborate the type instead") errors += checkUnfixableError( "serialize_as_string.cc", "Don't use MessageLite::SerializeAsString for generating deterministic serialization") errors += checkUnfixableError( "version_history/current.rst", "Version history not in alphabetical order (zzzzz vs aaaaa): please check placement of line") errors += checkUnfixableError( "version_history/current.rst", "Version history not in alphabetical order (this vs aaaa): please check placement of line") errors += checkUnfixableError( "version_history/current.rst", "Version history line malformed. Does not match VERSION_HISTORY_NEW_LINE_REGEX in " "check_format.py") errors += checkUnfixableError( "counter_from_string.cc", "Don't lookup stats by name at runtime; use StatName saved during construction") errors += checkUnfixableError( "gauge_from_string.cc", "Don't lookup stats by name at runtime; use StatName saved during construction") errors += checkUnfixableError( "histogram_from_string.cc", "Don't lookup stats by name at runtime; use StatName saved during construction") errors += checkUnfixableError( "regex.cc", "Don't use std::regex in code that handles untrusted input. Use RegexMatcher") errors += checkUnfixableError( "grpc_init.cc", "Don't call grpc_init() or grpc_shutdown() directly, instantiate Grpc::GoogleGrpcContext. " + "See #8282") errors += checkUnfixableError( "grpc_shutdown.cc", "Don't call grpc_init() or grpc_shutdown() directly, instantiate Grpc::GoogleGrpcContext. " + "See #8282") errors += checkUnfixableError("clang_format_double_off.cc", "clang-format nested off") errors += checkUnfixableError("clang_format_trailing_off.cc", "clang-format remains off") errors += checkUnfixableError("clang_format_double_on.cc", "clang-format nested on") errors += fixFileExpectingFailure( "api/missing_package.proto", "Unable to find package name for proto file: ./api/missing_package.proto") errors += checkUnfixableError("proto_enum_mangling.cc", "Don't use mangled Protobuf names for enum constants") errors += checkUnfixableError("test_naming.cc", "Test names should be CamelCase, starting with a capital letter") errors += checkUnfixableError( "test/register_factory.cc", "Don't use Registry::RegisterFactory or REGISTER_FACTORY in tests, use " "Registry::InjectFactory instead.") errors += checkUnfixableError("strerror.cc", "Don't use strerror; use Envoy::errorDetails instead") errors += checkUnfixableError( "std_unordered_map.cc", "Don't use std::unordered_map; use absl::flat_hash_map instead " + "or absl::node_hash_map if pointer stability of keys/values is required") errors += checkUnfixableError( "std_unordered_set.cc", "Don't use std::unordered_set; use absl::flat_hash_set instead " + "or absl::node_hash_set if pointer stability of keys/values is required") errors += checkUnfixableError("std_any.cc", "Don't use std::any; use absl::any instead") errors += checkUnfixableError("std_get_if.cc", "Don't use std::get_if; use absl::get_if instead") errors += checkUnfixableError( "std_holds_alternative.cc", "Don't use std::holds_alternative; use absl::holds_alternative instead") errors += checkUnfixableError("std_make_optional.cc", "Don't use std::make_optional; use absl::make_optional instead") errors += checkUnfixableError("std_monostate.cc", "Don't use std::monostate; use absl::monostate instead") errors += checkUnfixableError("std_optional.cc", "Don't use std::optional; use absl::optional instead") errors += checkUnfixableError("std_string_view.cc", "Don't use std::string_view; use absl::string_view instead") errors += checkUnfixableError("std_variant.cc", "Don't use std::variant; use absl::variant instead") errors += checkUnfixableError("std_visit.cc", "Don't use std::visit; use absl::visit instead") errors += checkUnfixableError( "throw.cc", "Don't introduce throws into exception-free files, use error statuses instead.") errors += checkUnfixableError("pgv_string.proto", "min_bytes is DEPRECATED, Use min_len.") errors += checkFileExpectingOK("commented_throw.cc") # The following files have errors that can be automatically fixed. errors += checkAndFixError("over_enthusiastic_spaces.cc", "./over_enthusiastic_spaces.cc:3: over-enthusiastic spaces") errors += checkAndFixError("extra_enthusiastic_spaces.cc", "./extra_enthusiastic_spaces.cc:3: over-enthusiastic spaces") errors += checkAndFixError("angle_bracket_include.cc", "envoy includes should not have angle brackets") errors += checkAndFixError("proto_style.cc", "incorrect protobuf type reference") errors += checkAndFixError("long_line.cc", "clang-format check failed") errors += checkAndFixError("header_order.cc", "header_order.py check failed") errors += checkAndFixError("clang_format_on.cc", "./clang_format_on.cc:7: over-enthusiastic spaces") # Validate that a missing license is added. errors += checkAndFixError("license.BUILD", "envoy_build_fixer check failed") # Validate that an incorrect license is replaced and reordered. errors += checkAndFixError("update_license.BUILD", "envoy_build_fixer check failed") # Validate that envoy_package() is added where there is an envoy_* rule occurring. errors += checkAndFixError("add_envoy_package.BUILD", "envoy_build_fixer check failed") # Validate that we don't add envoy_package() when no envoy_* rule. errors += checkFileExpectingOK("skip_envoy_package.BUILD") # Validate that we clean up gratuitous blank lines. errors += checkAndFixError("canonical_spacing.BUILD", "envoy_build_fixer check failed") # Validate that unused loads are removed. errors += checkAndFixError("remove_unused_loads.BUILD", "envoy_build_fixer check failed") # Validate that API proto package deps are computed automagically. errors += checkAndFixError("canonical_api_deps.BUILD", "envoy_build_fixer check failed", extra_input_files=[ "canonical_api_deps.cc", "canonical_api_deps.h", "canonical_api_deps.other.cc" ]) errors += checkAndFixError("bad_envoy_build_sys_ref.BUILD", "Superfluous '@envoy//' prefix") errors += checkAndFixError("proto_format.proto", "clang-format check failed") errors += checkAndFixError( "cpp_std.cc", "term absl::make_unique< should be replaced with standard library term std::make_unique<") errors += checkFileExpectingOK("real_time_source_override.cc") errors += checkFileExpectingOK("duration_value_zero.cc") errors += checkFileExpectingOK("time_system_wait_for.cc") errors += checkFileExpectingOK("clang_format_off.cc") return errors if __name__ == "__main__": parser = argparse.ArgumentParser(description='tester for check_format.py.') parser.add_argument('--log', choices=['INFO', 'WARN', 'ERROR'], default='INFO') args = parser.parse_args() logging.basicConfig(format='%(message)s', level=args.log) # Now create a temp directory to copy the input files, so we can fix them # without actually fixing our testdata. This requires chdiring to the temp # directory, so it's annoying to comingle check-tests and fix-tests. with tempfile.TemporaryDirectory() as tmp: os.chdir(tmp) errors = runChecks() if errors != 0: logging.error("%d FAILURES" % errors) exit(1) logging.warning("PASS") ================================================ FILE: tools/code_format/check_format_test_helper.sh ================================================ #!/bin/bash tools="$(dirname "$(dirname "$(realpath "$0")")")" root=$(realpath "$tools/..") cd "$root" || exit 1 # to satisfy dependency on run_command export PYTHONPATH="$tools" ./tools/code_format/check_format_test_helper.py "$@" ================================================ FILE: tools/code_format/check_shellcheck_format.sh ================================================ #!/bin/bash -e EXCLUDED_SHELLFILES=${EXCLUDED_SHELLFILES:-"^.github|.rst$|.md$"} find_shell_files () { local shellfiles shellfiles=() shellfiles+=("$(git grep "^#!/bin/bash" | cut -d: -f1)") shellfiles+=("$(git grep "^#!/bin/sh" | cut -d: -f1)") shellfiles+=("$(find . -name "*.sh" | cut -d/ -f2-)") shellfiles=("$(echo "${shellfiles[@]}" | tr ' ' '\n' | sort | uniq)") for file in "${shellfiles[@]}"; do echo "$file" done } run_shellcheck_on () { local file file="$1" echo "Shellcheck: ${file}" shellcheck -f diff -x "$file" } run_shellchecks () { local all_shellfiles=() failed=() failure \ filtered_shellfiles=() found_shellfiles \ line skipped_count success_count found_shellfiles=$(find_shell_files) while read -r line; do all_shellfiles+=("$line"); done \ <<< "$found_shellfiles" while read -r line; do filtered_shellfiles+=("$line"); done \ <<< "$(echo -e "$found_shellfiles" | grep -vE "${EXCLUDED_SHELLFILES}")" for file in "${filtered_shellfiles[@]}"; do run_shellcheck_on "$file" || { failed+=("$file") } done if [[ "${#failed[@]}" -ne 0 ]]; then echo -e "\nShellcheck failures:" >&2 for failure in "${failed[@]}"; do echo "$failure" >&2 done fi skipped_count=$((${#all_shellfiles[@]} - ${#filtered_shellfiles[@]})) success_count=$((${#filtered_shellfiles[@]} - ${#failed[@]})) echo -e "\nShellcheck totals (skipped/failed/success): ${skipped_count}/${#failed[@]}/${success_count}" if [[ "${#failed[@]}" -ne 0 ]]; then return 1 fi } run_shellchecks ================================================ FILE: tools/code_format/common.py ================================================ def includeDirOrder(): return ( "envoy", "common", "source", "exe", "server", "extensions", "test", ) ================================================ FILE: tools/code_format/envoy_build_fixer.py ================================================ #!/usr/bin/env python3 # Enforces: # - License headers on Envoy BUILD files # - envoy_package() or envoy_extension_package() top-level invocation for standard Envoy package setup. # - Infers API dependencies from source files. # - Misc. cleanups: avoids redundant blank lines, removes unused loads. # - Maybe more later? import functools import os import re import subprocess import sys import tempfile import pathlib import paths # Where does Buildozer live? BUILDOZER_PATH = paths.getBuildozer() # Where does Buildifier live? BUILDIFIER_PATH = paths.getBuildifier() # Canonical Envoy license. LICENSE_STRING = 'licenses(["notice"]) # Apache 2\n\n' # Match any existing licenses in a BUILD file. OLD_LICENSES_REGEX = re.compile(r'^licenses\(.*\n+', re.MULTILINE) # Match an Envoy rule, e.g. envoy_cc_library( in a BUILD file. ENVOY_RULE_REGEX = re.compile(r'envoy[_\w]+\(') # Match a load() statement for the envoy_package macros. PACKAGE_LOAD_BLOCK_REGEX = re.compile('("envoy_package".*?\)\n)', re.DOTALL) EXTENSION_PACKAGE_LOAD_BLOCK_REGEX = re.compile('("envoy_extension_package".*?\)\n)', re.DOTALL) # Match Buildozer 'print' output. Example of Buildozer print output: # cc_library json_transcoder_filter_lib [json_transcoder_filter.cc] (missing) (missing) BUILDOZER_PRINT_REGEX = re.compile( '\s*([\w_]+)\s+([\w_]+)\s+[(\[](.*?)[)\]]\s+[(\[](.*?)[)\]]\s+[(\[](.*?)[)\]]') # Match API header include in Envoy source file? API_INCLUDE_REGEX = re.compile('#include "(envoy/.*)/[^/]+\.pb\.(validate\.)?h"') class EnvoyBuildFixerError(Exception): pass # Run Buildozer commands on a string representing a BUILD file. def RunBuildozer(cmds, contents): with tempfile.NamedTemporaryFile(mode='w') as cmd_file: # We send the BUILD contents to buildozer on stdin and receive the # transformed BUILD on stdout. The commands are provided in a file. cmd_input = '\n'.join('%s|-:%s' % (cmd, target) for cmd, target in cmds) cmd_file.write(cmd_input) cmd_file.flush() r = subprocess.run([BUILDOZER_PATH, '-stdout', '-f', cmd_file.name], input=contents.encode(), stdout=subprocess.PIPE, stderr=subprocess.PIPE) # Buildozer uses 3 for success but no change (0 is success and changed). if r.returncode != 0 and r.returncode != 3: raise EnvoyBuildFixerError('buildozer execution failed: %s' % r) # Sometimes buildozer feels like returning nothing when the transform is a # nop. if not r.stdout: return contents return r.stdout.decode('utf-8') # Add an Apache 2 license and envoy_package() import and rule as needed. def FixPackageAndLicense(path, contents): regex_to_use = PACKAGE_LOAD_BLOCK_REGEX package_string = 'envoy_package' if 'source/extensions' in path: regex_to_use = EXTENSION_PACKAGE_LOAD_BLOCK_REGEX package_string = 'envoy_extension_package' # Ensure we have an envoy_package import load if this is a real Envoy package. We also allow # the prefix to be overridden if envoy is included in a larger workspace. if re.search(ENVOY_RULE_REGEX, contents): new_load = 'new_load {}//bazel:envoy_build_system.bzl %s' % package_string contents = RunBuildozer([ (new_load.format(os.getenv("ENVOY_BAZEL_PREFIX", "")), '__pkg__'), ], contents) # Envoy package is inserted after the load block containing the # envoy_package import. package_and_parens = package_string + '()' if package_and_parens not in contents: contents = re.sub(regex_to_use, r'\1\n%s\n\n' % package_and_parens, contents) if package_and_parens not in contents: raise EnvoyBuildFixerError('Unable to insert %s' % package_and_parens) # Delete old licenses. if re.search(OLD_LICENSES_REGEX, contents): contents = re.sub(OLD_LICENSES_REGEX, '', contents) # Add canonical Apache 2 license. contents = LICENSE_STRING + contents return contents # Run Buildifier commands on a string with lint mode. def BuildifierLint(contents): r = subprocess.run([BUILDIFIER_PATH, '-lint=fix', '-mode=fix', '-type=build'], input=contents.encode(), stdout=subprocess.PIPE, stderr=subprocess.PIPE) if r.returncode != 0: raise EnvoyBuildFixerError('buildozer execution failed: %s' % r) return r.stdout.decode('utf-8') # Find all the API headers in a C++ source file. def FindApiHeaders(source_path): api_hdrs = set([]) contents = pathlib.Path(source_path).read_text(encoding='utf8') for line in contents.split('\n'): match = re.match(API_INCLUDE_REGEX, line) if match: api_hdrs.add(match.group(1)) return api_hdrs # Infer and adjust rule dependencies in BUILD files for @envoy_api proto # files. This is very cheap to do purely via a grep+buildozer syntax level # step. # # This could actually be done much more generally, for all symbols and headers # if we made use of Clang libtooling semantic analysis. However, this requires a # compilation database and full build of Envoy, envoy_build_fixer.py is run # under check_format, which should be fast for developers. def FixApiDeps(path, contents): source_dirname = os.path.dirname(path) buildozer_out = RunBuildozer([ ('print kind name srcs hdrs deps', '*'), ], contents).strip() deps_mutation_cmds = [] for line in buildozer_out.split('\n'): match = re.match(BUILDOZER_PRINT_REGEX, line) if not match: # buildozer might emit complex multiline output when a 'select' or other # macro is used. We're not smart enough to handle these today and they # require manual fixup. # TODO(htuch): investigate using --output_proto on buildozer to be able to # consume something more usable in this situation. continue kind, name, srcs, hdrs, deps = match.groups() if not name: continue source_paths = [] if srcs != 'missing': source_paths.extend( os.path.join(source_dirname, f) for f in srcs.split() if f.endswith('.cc') or f.endswith('.h')) if hdrs != 'missing': source_paths.extend(os.path.join(source_dirname, f) for f in hdrs.split() if f.endswith('.h')) api_hdrs = set([]) for p in source_paths: # We're not smart enough to infer on generated files. if os.path.exists(p): api_hdrs = api_hdrs.union(FindApiHeaders(p)) actual_api_deps = set(['@envoy_api//%s:pkg_cc_proto' % h for h in api_hdrs]) existing_api_deps = set([]) if deps != 'missing': existing_api_deps = set([ d for d in deps.split() if d.startswith('@envoy_api') and d.endswith('pkg_cc_proto') and d != '@com_github_cncf_udpa//udpa/annotations:pkg_cc_proto' ]) deps_to_remove = existing_api_deps.difference(actual_api_deps) if deps_to_remove: deps_mutation_cmds.append(('remove deps %s' % ' '.join(deps_to_remove), name)) deps_to_add = actual_api_deps.difference(existing_api_deps) if deps_to_add: deps_mutation_cmds.append(('add deps %s' % ' '.join(deps_to_add), name)) return RunBuildozer(deps_mutation_cmds, contents) def FixBuild(path): with open(path, 'r') as f: contents = f.read() xforms = [ functools.partial(FixPackageAndLicense, path), functools.partial(FixApiDeps, path), BuildifierLint, ] for xform in xforms: contents = xform(contents) return contents if __name__ == '__main__': if len(sys.argv) == 2: sys.stdout.write(FixBuild(sys.argv[1])) sys.exit(0) elif len(sys.argv) == 3: reorderd_source = FixBuild(sys.argv[1]) with open(sys.argv[2], 'w') as f: f.write(reorderd_source) sys.exit(0) print('Usage: %s []' % sys.argv[0]) sys.exit(1) ================================================ FILE: tools/code_format/format_python_tools.py ================================================ import argparse import fnmatch import os import sys from yapf.yapflib.yapf_api import FormatFile EXCLUDE_LIST = ['generated', 'venv'] def collectFiles(): """Collect all Python files in the tools directory. Returns: A collection of python files in the tools directory excluding any directories in the EXCLUDE_LIST constant. """ # TODO: Add ability to collect a specific file or files. matches = [] path_parts = os.getcwd().split('/') dirname = '.' if path_parts[-1] == 'tools': dirname = '/'.join(path_parts[:-1]) for root, dirnames, filenames in os.walk(dirname): dirnames[:] = [d for d in dirnames if d not in EXCLUDE_LIST] for filename in fnmatch.filter(filenames, '*.py'): if not filename.endswith('_pb2.py') and not filename.endswith('_pb2_grpc.py'): matches.append(os.path.join(root, filename)) return matches def validateFormat(fix=False): """Check the format of python files in the tools directory. Arguments: fix: a flag to indicate if fixes should be applied. """ fixes_required = False failed_update_files = set() successful_update_files = set() for python_file in collectFiles(): reformatted_source, encoding, changed = FormatFile(python_file, style_config='tools/code_format/.style.yapf', in_place=fix, print_diff=not fix) if not fix: fixes_required = True if changed else fixes_required if reformatted_source: print(reformatted_source) continue file_list = failed_update_files if reformatted_source else successful_update_files file_list.add(python_file) if fix: displayFixResults(successful_update_files, failed_update_files) fixes_required = len(failed_update_files) > 0 return not fixes_required def displayFixResults(successful_files, failed_files): if successful_files: print('Successfully fixed {} files'.format(len(successful_files))) if failed_files: print('The following files failed to fix inline:') for failed_file in failed_files: print(' - {}'.format(failed_file)) if __name__ == '__main__': parser = argparse.ArgumentParser(description='Tool to format python files.') parser.add_argument('action', choices=['check', 'fix'], default='check', help='Fix invalid syntax in files.') args = parser.parse_args() is_valid = validateFormat(args.action == 'fix') sys.exit(0 if is_valid else 1) ================================================ FILE: tools/code_format/format_python_tools.sh ================================================ #!/bin/bash "$(dirname "$0")"/../git/modified_since_last_github_commit.sh ./ py || \ [[ "${FORCE_PYTHON_FORMAT}" == "yes" ]] || \ { echo "Skipping format_python_tools.sh due to no Python changes"; exit 0; } . tools/shell_utils.sh set -e echo "Running Python format check..." python_venv format_python_tools "$1" echo "Running Python3 flake8 check..." python3 -m flake8 --version python3 -m flake8 . --exclude=*/venv/* --count --select=E9,F63,F72,F82 --show-source --statistics ================================================ FILE: tools/code_format/header_order.py ================================================ #!/usr/bin/env python3 # Enforce header order in a given file. This will only reorder in the first sequence of contiguous # #include statements, so it will not play well with #ifdef. # # This attempts to enforce the guidelines at # https://google.github.io/styleguide/cppguide.html#Names_and_Order_of_Includes # with some allowances for Envoy-specific idioms. # # There is considerable overlap with what this does and clang-format's IncludeCategories (see # https://clang.llvm.org/docs/ClangFormatStyleOptions.html). But, clang-format doesn't seem smart # enough to handle block splitting and correctly detecting the main header subject to the Envoy # canonical paths. import argparse import common import pathlib import re import sys def ReorderHeaders(path): source = pathlib.Path(path).read_text(encoding='utf-8') all_lines = iter(source.split('\n')) before_includes_lines = [] includes_lines = [] after_includes_lines = [] # Collect all the lines prior to the first #include in before_includes_lines. try: while True: line = next(all_lines) if line.startswith('#include'): includes_lines.append(line) break before_includes_lines.append(line) except StopIteration: pass # Collect all the #include and whitespace lines in includes_lines. try: while True: line = next(all_lines) if not line: continue if not line.startswith('#include'): after_includes_lines.append(line) break includes_lines.append(line) except StopIteration: pass # Collect the remaining lines in after_includes_lines. after_includes_lines += list(all_lines) # Filter for includes that finds the #include of the header file associated with the source file # being processed. E.g. if 'path' is source/common/common/hex.cc, this filter matches # "common/common/hex.h". def file_header_filter(): return lambda f: f.endswith('.h"') and path.endswith(f[1:-3] + '.cc') def regex_filter(regex): return lambda f: re.match(regex, f) # Filters that define the #include blocks block_filters = [ file_header_filter(), regex_filter('<.*\.h>'), regex_filter('<.*>'), ] for subdir in include_dir_order: block_filters.append(regex_filter('"' + subdir + '/.*"')) blocks = [] already_included = set([]) for b in block_filters: block = [] for line in includes_lines: header = line[len('#include '):] if line not in already_included and b(header): block.append(line) already_included.add(line) if len(block) > 0: blocks.append(block) # Anything not covered by block_filters gets its own block. misc_headers = list(set(includes_lines).difference(already_included)) if len(misc_headers) > 0: blocks.append(misc_headers) reordered_includes_lines = '\n\n'.join(['\n'.join(sorted(block)) for block in blocks]) if reordered_includes_lines: reordered_includes_lines += '\n' return '\n'.join( filter(lambda x: x, [ '\n'.join(before_includes_lines), reordered_includes_lines, '\n'.join(after_includes_lines), ])) if __name__ == '__main__': parser = argparse.ArgumentParser(description='Header reordering.') parser.add_argument('--path', type=str, help='specify the path to the header file') parser.add_argument('--rewrite', action='store_true', help='rewrite header file in-place') parser.add_argument('--include_dir_order', type=str, default=','.join(common.includeDirOrder()), help='specify the header block include directory order') args = parser.parse_args() target_path = args.path include_dir_order = args.include_dir_order.split(',') reorderd_source = ReorderHeaders(target_path) if args.rewrite: pathlib.Path(target_path).write_text(reorderd_source, encoding='utf-8') else: sys.stdout.buffer.write(reorderd_source.encode('utf-8')) ================================================ FILE: tools/code_format/paths.py ================================================ import os import os.path import shutil def getBuildifier(): return os.getenv("BUILDIFIER_BIN") or (os.path.expandvars("$GOPATH/bin/buildifier") if os.getenv("GOPATH") else shutil.which("buildifier")) def getBuildozer(): return os.getenv("BUILDOZER_BIN") or (os.path.expandvars("$GOPATH/bin/buildozer") if os.getenv("GOPATH") else shutil.which("buildozer")) ================================================ FILE: tools/code_format/requirements.txt ================================================ flake8==3.8.3 \ --hash=sha256:15e351d19611c887e482fb960eae4d44845013cc142d42896e9862f775d8cf5c \ --hash=sha256:f04b9fcbac03b0a3e58c0ab3a0ecc462e023a9faf046d57794184028123aa208 importlib-metadata==2.0.0 \ --hash=sha256:77a540690e24b0305878c37ffd421785a6f7e53c8b5720d211b211de8d0e95da \ --hash=sha256:cefa1a2f919b866c5beb7c9f7b0ebb4061f30a8a9bf16d609b000e2dfaceb9c3 mccabe==0.6.1 \ --hash=sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42 \ --hash=sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f pycodestyle==2.6.0 \ --hash=sha256:2295e7b2f6b5bd100585ebcb1f616591b652db8a741695b3d8f5d28bdc934367 \ --hash=sha256:c58a7d2815e0e8d7972bf1803331fb0152f867bd89adf8a01dfd55085434192e pyflakes==2.2.0 \ --hash=sha256:0d94e0e05a19e57a99444b6ddcf9a6eb2e5c68d3ca1e98e90707af8152c90a92 \ --hash=sha256:35b2d75ee967ea93b55750aa9edbbf72813e06a66ba54438df2cfac9e3c27fc8 yapf==0.30.0 \ --hash=sha256:3000abee4c28daebad55da6c85f3cd07b8062ce48e2e9943c8da1b9667d48427 \ --hash=sha256:3abf61ba67cf603069710d30acbc88cfe565d907e16ad81429ae90ce9651e0c9 zipp==3.2.0 \ --hash=sha256:43f4fa8d8bb313e65d8323a3952ef8756bf40f9a5c3ea7334be23ee4ec8278b6 \ --hash=sha256:b52f22895f4cfce194bc8172f3819ee8de7540aa6d873535a8668b730b8b411f ================================================ FILE: tools/config_validation/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary") load("@config_validation_pip3//:requirements.bzl", "requirement") licenses(["notice"]) # Apache 2 py_binary( name = "validate_fragment", srcs = ["validate_fragment.py"], data = ["//tools/type_whisperer:all_protos_with_ext_pb_text.pb_text"], visibility = ["//visibility:public"], deps = [ requirement("PyYAML"), "@bazel_tools//tools/python/runfiles", "@com_google_protobuf//:protobuf_python", ], ) ================================================ FILE: tools/config_validation/requirements.txt ================================================ PyYAML==5.3.1 \ --hash=sha256:06a0d7ba600ce0b2d2fe2e78453a470b5a6e000a985dd4a4e54e436cc36b0e97 \ --hash=sha256:240097ff019d7c70a4922b6869d8a86407758333f02203e0fc6ff79c5dcede76 \ --hash=sha256:4f4b913ca1a7319b33cfb1369e91e50354d6f07a135f3b901aca02aa95940bd2 \ --hash=sha256:69f00dca373f240f842b2931fb2c7e14ddbacd1397d57157a9b005a6a9942648 \ --hash=sha256:73f099454b799e05e5ab51423c7bcf361c58d3206fa7b0d555426b1f4d9a3eaf \ --hash=sha256:74809a57b329d6cc0fdccee6318f44b9b8649961fa73144a98735b0aaf029f1f \ --hash=sha256:7739fc0fa8205b3ee8808aea45e968bc90082c10aef6ea95e855e10abf4a37b2 \ --hash=sha256:95f71d2af0ff4227885f7a6605c37fd53d3a106fcab511b8860ecca9fcf400ee \ --hash=sha256:b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d \ --hash=sha256:cc8955cfbfc7a115fa81d85284ee61147059a753344bc51098f3ccd69b0d7e0c \ --hash=sha256:d13155f591e6fcc1ec3b30685d50bf0711574e2c0dfffd7644babf8b5102ca1a ================================================ FILE: tools/config_validation/validate_fragment.py ================================================ # Validate a YAML fragment against an Envoy API proto3 type. # # Example usage: # # bazel run //tools/config_validation:validate_fragment -- \ # envoy.config.bootstrap.v3.Bootstrap $PWD/configs/google_com_proxy.v2.yaml import json import pathlib import sys import yaml from google.protobuf import descriptor_pb2 from google.protobuf import descriptor_pool from google.protobuf import json_format from google.protobuf import message_factory from google.protobuf import text_format from bazel_tools.tools.python.runfiles import runfiles import argparse def ValidateFragment(type_name, fragment): """Validate a dictionary representing a JSON/YAML fragment against an Envoy API proto3 type. Throws Protobuf errors on parsing exceptions, successful validations produce no result. Args: type_name: a string providing the type name, e.g. envoy.config.bootstrap.v3.Bootstrap. fragment: a dictionary representing the parsed JSON/YAML configuration fragment. """ json_fragment = json.dumps(fragment) r = runfiles.Create() all_protos_pb_text_path = r.Rlocation( 'envoy/tools/type_whisperer/all_protos_with_ext_pb_text.pb_text') file_desc_set = descriptor_pb2.FileDescriptorSet() text_format.Parse(pathlib.Path(all_protos_pb_text_path).read_text(), file_desc_set, allow_unknown_extension=True) pool = descriptor_pool.DescriptorPool() for f in file_desc_set.file: pool.Add(f) desc = pool.FindMessageTypeByName(type_name) msg = message_factory.MessageFactory(pool=pool).GetPrototype(desc)() json_format.Parse(json_fragment, msg, descriptor_pool=pool) def ParseArgs(): parser = argparse.ArgumentParser( description='Validate a YAML fragment against an Envoy API proto3 type.') parser.add_argument( 'message_type', help='a string providing the type name, e.g. envoy.config.bootstrap.v3.Bootstrap.') parser.add_argument('fragment_path', nargs='?', help='Path to a YAML configuration fragment.') parser.add_argument('-s', required=False, help='YAML configuration fragment.') return parser.parse_args() if __name__ == '__main__': parsed_args = ParseArgs() message_type = parsed_args.message_type content = parsed_args.s if (parsed_args.fragment_path is None) else pathlib.Path( parsed_args.fragment_path).read_text() ValidateFragment(message_type, yaml.safe_load(content)) ================================================ FILE: tools/debugging/run-valgrind.sh ================================================ #!/bin/sh # # Helper script to run tests under valgrind. Usage: # bazel test --run_under=`pwd`/tools/debugging/run-valgrind.sh ... # dir=$(dirname "$0") # In order to add suppressions, it's helpful to run the tool in a mode # where it uses the suppressions file we have so far, but also # generates possible new suppressions in the test output, so you can # paste them into the suppressions file. #yes | exec valgrind --gen-suppressions=yes --suppressions="$dir/valgrind-suppressions.txt" "$@" # Ordinarily, we run with cleaner output. exec valgrind --gen-suppressions=yes --suppressions="$dir/valgrind-suppressions.txt" "$@" ================================================ FILE: tools/debugging/valgrind-suppressions.txt ================================================ { eliminate new/free mismatch warnings altogether, as something in the current toolchain generates this scenario. Memcheck:Free fun:free ... } { re2 cond-jump failure Memcheck:Cond fun:_ZNK3re210SparseSetTIvE8containsEi ... } { re2 uninit-value Memcheck:Value8 fun:_ZNK3re210SparseSetTIvE8containsEi ... } { re2 cond-jump failure Memcheck:Cond fun:_ZNK3re211SparseArrayIiE9has_indexEi ... } { re2 uninit-value Memcheck:Value8 fun:_ZNK3re211SparseArrayIiE9has_indexEi ... } ================================================ FILE: tools/dependency/validate.py ================================================ #!/usr/bin/env python3 """Validate the relationship between Envoy dependencies and core/extensions. This script verifies that bazel query of the build graph is consistent with the use_category metadata in bazel/repository_locations.bzl. """ import re import subprocess import sys from importlib.machinery import SourceFileLoader from importlib.util import spec_from_loader, module_from_spec # bazel/repository_locations.bzl must have a .bzl suffix for Starlark import, so # we are forced to do this workaround. _repository_locations_spec = spec_from_loader( 'repository_locations', SourceFileLoader('repository_locations', 'bazel/repository_locations.bzl')) repository_locations = module_from_spec(_repository_locations_spec) _repository_locations_spec.loader.exec_module(repository_locations) # source/extensions/extensions_build_config.bzl must have a .bzl suffix for Starlark # import, so we are forced to do this workaround. _extensions_build_config_spec = spec_from_loader( 'extensions_build_config', SourceFileLoader('extensions_build_config', 'source/extensions/extensions_build_config.bzl')) extensions_build_config = module_from_spec(_extensions_build_config_spec) _extensions_build_config_spec.loader.exec_module(extensions_build_config) BAZEL_QUERY_EXTERNAL_DEP_RE = re.compile('@(\w+)//') EXTENSION_LABEL_RE = re.compile('(//source/extensions/.*):') # TODO(htuch): Add API dependencies to metadata, shrink this set. UNKNOWN_DEPS = [ 'org_golang_x_tools', 'com_github_cncf_udpa', 'org_golang_google_protobuf', 'io_bazel_rules_nogo', 'com_envoyproxy_protoc_gen_validate', 'opencensus_proto', 'io_bazel_rules_go', 'foreign_cc_platform_utils', 'com_github_golang_protobuf', 'com_google_googleapis' ] IGNORE_DEPS = set(['envoy', 'envoy_api', 'platforms', 'bazel_tools', 'local_config_cc'] + UNKNOWN_DEPS) class DependencyError(Exception): """Error in dependency relationships.""" pass class DependencyInfo(object): """Models dependency info in bazel/repositories.bzl.""" def DepsByUseCategory(self, use_category): """Find the set of external dependencies in a given use_category. Args: use_category: string providing use_category. Returns: Set of dependency identifiers that match use_category. """ return set(name for name, metadata in repository_locations.DEPENDENCY_REPOSITORIES.items() if use_category in metadata['use_category']) def GetMetadata(self, dependency): """Obtain repository metadata for a dependency. Args: dependency: string providing dependency identifier. Returns: A dictionary with the repository metadata as defined in bazel/repository_locations.bzl. """ return repository_locations.DEPENDENCY_REPOSITORIES.get(dependency) class BuildGraph(object): """Models the Bazel build graph.""" def QueryExternalDeps(self, *targets): """Query the build graph for transitive external dependencies. Args: targets: Bazel targets. Returns: A set of dependency identifiers that are reachable from targets. """ deps_query = ' union '.join(f'deps({l})' for l in targets) deps = subprocess.check_output(['bazel', 'query', deps_query], stderr=subprocess.PIPE).decode().splitlines() ext_deps = set() for d in deps: match = BAZEL_QUERY_EXTERNAL_DEP_RE.match(d) if match: ext_dep = match.group(1) if ext_dep not in IGNORE_DEPS: ext_deps.add(ext_dep) return set(ext_deps) def ListExtensions(self): """List all extensions. Returns: Dictionary items from source/extensions/extensions_build_config.bzl. """ return extensions_build_config.EXTENSIONS.items() class Validator(object): """Collection of validation methods.""" def __init__(self, dep_info, build_graph): self._dep_info = dep_info self._build_graph = build_graph self._queried_core_deps = build_graph.QueryExternalDeps( '//source/exe:envoy_main_common_with_core_extensions_lib') def ValidateBuildGraphStructure(self): """Validate basic assumptions about dependency relationship in the build graph. Raises: DependencyError: on a dependency validation error. """ print('Validating build dependency structure...') queried_core_ext_deps = self._build_graph.QueryExternalDeps( '//source/exe:envoy_main_common_with_core_extensions_lib', '//source/extensions/...') queried_all_deps = self._build_graph.QueryExternalDeps('//source/...') if queried_all_deps != queried_core_ext_deps: raise DependencyError('Invalid build graph structure. deps(//source/...) != ' 'deps(//source/exe:envoy_main_common_with_core_extensions_lib) ' 'union deps(//source/extensions/...)') def ValidateTestOnlyDeps(self): """Validate that test-only dependencies aren't included in //source/... Raises: DependencyError: on a dependency validation error. """ print('Validating test-only dependencies...') queried_source_deps = self._build_graph.QueryExternalDeps('//source/...') expected_test_only_deps = self._dep_info.DepsByUseCategory('test_only') bad_test_only_deps = expected_test_only_deps.intersection(queried_source_deps) if len(bad_test_only_deps) > 0: raise DependencyError(f'//source depends on test-only dependencies: {bad_test_only_deps}') def ValidateDataPlaneCoreDeps(self): """Validate dataplane_core dependencies. Check that we at least tag as dataplane_core dependencies that match some well-known targets for the data-plane. Raises: DependencyError: on a dependency validation error. """ print('Validating data-plane dependencies...') # Necessary but not sufficient for dataplane. With some refactoring we could # probably have more precise tagging of dataplane/controlplane/other deps in # these paths. queried_dataplane_core_min_deps = self._build_graph.QueryExternalDeps( '//source/common/api/...', '//source/common/buffer/...', '//source/common/chromium_url/...', '//source/common/crypto/...', '//source/common/conn_pool/...', '//source/common/formatter/...', '//source/common/http/...', '//source/common/ssl/...', '//source/common/tcp/...', '//source/common/tcp_proxy/...', '//source/common/network/...') expected_dataplane_core_deps = self._dep_info.DepsByUseCategory('dataplane_core') bad_dataplane_core_deps = queried_dataplane_core_min_deps.difference( expected_dataplane_core_deps) if len(bad_dataplane_core_deps) > 0: raise DependencyError( f'Observed dataplane core deps {queried_dataplane_core_min_deps} is not covered by ' '"use_category" implied core deps {expected_dataplane_core_deps}: {bad_dataplane_core_deps} ' 'are missing') def ValidateControlPlaneDeps(self): """Validate controlplane dependencies. Check that we at least tag as controlplane dependencies that match some well-known targets for the control-plane. Raises: DependencyError: on a dependency validation error. """ print('Validating control-plane dependencies...') # Necessary but not sufficient for controlplane. With some refactoring we could # probably have more precise tagging of dataplane/controlplane/other deps in # these paths. queried_controlplane_core_min_deps = self._build_graph.QueryExternalDeps( '//source/common/config/...') expected_controlplane_core_deps = self._dep_info.DepsByUseCategory('controlplane') bad_controlplane_core_deps = queried_controlplane_core_min_deps.difference( expected_controlplane_core_deps) if len(bad_controlplane_core_deps) > 0: raise DependencyError( f'Observed controlplane core deps {queried_controlplane_core_min_deps} is not covered ' 'by "use_category" implied core deps {expected_controlplane_core_deps}: ' '{bad_controlplane_core_deps} are missing') def ValidateExtensionDeps(self, name, target): """Validate that extensions are correctly declared for dataplane_ext and observability_ext. Args: name: extension name. target: extension Bazel target. Raises: DependencyError: on a dependency validation error. """ print(f'Validating extension {name} dependencies...') queried_deps = self._build_graph.QueryExternalDeps(target) marginal_deps = queried_deps.difference(self._queried_core_deps) expected_deps = [] for d in marginal_deps: # TODO(htuch): Ensure that queried deps are fully contained in # repository_locations, i.e. that we're tracking with metadata all actual # dependencies. Today, we are missing API and pip3 deps based on manual # inspection. metadata = self._dep_info.GetMetadata(d) if metadata: use_category = metadata['use_category'] valid_use_category = any( c in use_category for c in ['dataplane_ext', 'observability_ext', 'other']) if not valid_use_category: raise DependencyError( f'Extensions {name} depends on {d} with "use_category" not including ' '["dataplane_ext", "observability_ext", "other"]') if 'extensions' in metadata: allowed_extensions = metadata['extensions'] if name not in allowed_extensions: raise DependencyError( f'Extension {name} depends on {d} but {d} does not list {name} in its allowlist') def ValidateAll(self): """Collection of all validations. Raises: DependencyError: on a dependency validation error. """ self.ValidateBuildGraphStructure() self.ValidateTestOnlyDeps() self.ValidateDataPlaneCoreDeps() self.ValidateControlPlaneDeps() # Validate the marginal dependencies introduced for each extension. for name, target in sorted(build_graph.ListExtensions()): target_all = EXTENSION_LABEL_RE.match(target).group(1) + '/...' self.ValidateExtensionDeps(name, target_all) if __name__ == '__main__': dep_info = DependencyInfo() build_graph = BuildGraph() validator = Validator(dep_info, build_graph) try: validator.ValidateAll() except DependencyError as e: print('Dependency validation failed, please check metadata in bazel/repository_locations.bzl') print(e) sys.exit(1) ================================================ FILE: tools/dependency/validate_test.py ================================================ #!/usr/bin/env python3 """Tests for validate.py""" import unittest import validate class FakeDependencyInfo(object): """validate.DependencyInfo fake.""" def __init__(self, deps): self._deps = deps def DepsByUseCategory(self, use_category): return set(n for n, m in self._deps.items() if use_category in m['use_category']) def GetMetadata(self, dependency): return self._deps.get(dependency) class FakeBuildGraph(object): """validate.BuildGraph fake.""" def __init__(self, reachable_deps, extensions): self._reachable_deps = reachable_deps self._extensions = extensions def QueryExternalDeps(self, *targets): return set(sum((self._reachable_deps.get(t, []) for t in targets), [])) def ListExtensions(self): return self._extensions def FakeDep(use_category, extensions=[]): return {'use_category': use_category, 'extensions': extensions} class ValidateTest(unittest.TestCase): def BuildValidator(self, deps, reachable_deps, extensions=[]): return validate.Validator(FakeDependencyInfo(deps), FakeBuildGraph(reachable_deps, extensions)) def test_valid_build_graph_structure(self): validator = self.BuildValidator({}, { '//source/exe:envoy_main_common_with_core_extensions_lib': ['a'], '//source/extensions/...': ['b'], '//source/...': ['a', 'b'] }) validator.ValidateBuildGraphStructure() def test_invalid_build_graph_structure(self): validator = self.BuildValidator({}, { '//source/exe:envoy_main_common_with_core_extensions_lib': ['a'], '//source/extensions/...': ['b'], '//source/...': ['a', 'b', 'c'] }) self.assertRaises(validate.DependencyError, lambda: validator.ValidateBuildGraphStructure()) def test_valid_test_only_deps(self): validator = self.BuildValidator({'a': FakeDep('dataplane_core')}, {'//source/...': ['a']}) validator.ValidateTestOnlyDeps() def test_invalid_test_only_deps(self): validator = self.BuildValidator({'a': FakeDep('test_only')}, {'//source/...': ['a']}) self.assertRaises(validate.DependencyError, lambda: validator.ValidateTestOnlyDeps()) def test_valid_dataplane_core_deps(self): validator = self.BuildValidator({'a': FakeDep('dataplane_core')}, {'//source/common/http/...': ['a']}) validator.ValidateDataPlaneCoreDeps() def test_invalid_dataplane_core_deps(self): validator = self.BuildValidator({'a': FakeDep('controlplane')}, {'//source/common/http/...': ['a']}) self.assertRaises(validate.DependencyError, lambda: validator.ValidateDataPlaneCoreDeps()) def test_valid_controlplane_deps(self): validator = self.BuildValidator({'a': FakeDep('controlplane')}, {'//source/common/config/...': ['a']}) validator.ValidateControlPlaneDeps() def test_invalid_controlplane_deps(self): validator = self.BuildValidator({'a': FakeDep('other')}, {'//source/common/config/...': ['a']}) self.assertRaises(validate.DependencyError, lambda: validator.ValidateControlPlaneDeps()) def test_valid_extension_deps(self): validator = self.BuildValidator( { 'a': FakeDep('controlplane'), 'b': FakeDep('dataplane_ext', ['foo']) }, { '//source/extensions/foo/...': ['a', 'b'], '//source/exe:envoy_main_common_with_core_extensions_lib': ['a'] }) validator.ValidateExtensionDeps('foo', '//source/extensions/foo/...') def test_invalid_extension_deps_wrong_category(self): validator = self.BuildValidator( { 'a': FakeDep('controlplane'), 'b': FakeDep('controlplane', ['foo']) }, { '//source/extensions/foo/...': ['a', 'b'], '//source/exe:envoy_main_common_with_core_extensions_lib': ['a'] }) self.assertRaises(validate.DependencyError, lambda: validator.ValidateExtensionDeps('foo', '//source/extensions/foo/...')) def test_invalid_extension_deps_allowlist(self): validator = self.BuildValidator( { 'a': FakeDep('controlplane'), 'b': FakeDep('dataplane_ext', ['bar']) }, { '//source/extensions/foo/...': ['a', 'b'], '//source/exe:envoy_main_common_with_core_extensions_lib': ['a'] }) self.assertRaises(validate.DependencyError, lambda: validator.ValidateExtensionDeps('foo', '//source/extensions/foo/...')) if __name__ == '__main__': unittest.main() ================================================ FILE: tools/deprecate_features/deprecate_features.py ================================================ # A simple script to snag deprecated proto fields and add them to runtime_features.cc from __future__ import print_function import re import subprocess import fileinput from six.moves import input # Sorts out the list of deprecated proto fields which should be disallowed and returns a tuple of # email and code changes. def deprecate_proto(): grep_output = subprocess.check_output('grep -r "deprecated = true" api/*', shell=True) filenames_and_fields = set() # Compile the set of deprecated fields and the files they're in, deduping via set. deprecated_regex = re.compile(r'.*\/([^\/]*.proto):[^=]* ([^= ]+) =.*') for byte_line in grep_output.splitlines(): line = str(byte_line) match = deprecated_regex.match(line) if match: filenames_and_fields.add(tuple([match.group(1), match.group(2)])) else: print('no match in ' + line + ' please address manually!') # Now discard any deprecated features already listed in runtime_features exiting_deprecated_regex = re.compile(r'.*"envoy.deprecated_features.(.*):(.*)",.*') with open('source/common/runtime/runtime_features.cc', 'r') as features: for line in features.readlines(): match = exiting_deprecated_regex.match(line) if match: filenames_and_fields.discard(tuple([match.group(1), match.group(2)])) # Finally sort out the code to add to runtime_features.cc and a canned email for envoy-announce. code_snippets = [] email_snippets = [] for (filename, field) in filenames_and_fields: code_snippets.append(' "envoy.deprecated_features.' + filename + ':' + field + '",\n') email_snippets.append(field + ' from ' + filename + '\n') code = ''.join(code_snippets) email = '' if email_snippets: email = ('\nThe following deprecated configuration fields will be disallowed by default:\n' + ''.join(email_snippets)) return email, code # Gather code and suggested email changes. deprecate_email, deprecate_code = deprecate_proto() email = ('The Envoy maintainer team is cutting the next Envoy release. In the new release ' + deprecate_email) print('\n\nSuggested envoy-announce email: \n') print(email) if not input('Apply relevant runtime changes? [yN] ').strip().lower() in ('y', 'yes'): exit(1) for line in fileinput.FileInput('source/common/runtime/runtime_features.cc', inplace=1): if 'envoy.deprecated_features.deprecated.proto:is_deprecated_fatal' in line: line = line.replace(line, line + deprecate_code) print(line, end='') print('\nChanges applied. Please send the email above to envoy-announce.\n') ================================================ FILE: tools/deprecate_features/deprecate_features.sh ================================================ #!/bin/bash . tools/shell_utils.sh set -e python_venv deprecate_features ================================================ FILE: tools/deprecate_features/requirements.txt ================================================ six==1.15.0 \ --hash=sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259 \ --hash=sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced ================================================ FILE: tools/deprecate_version/deprecate_version.py ================================================ # Script for automating cleanup PR creation for deprecated runtime features # # sh tools/deprecate_version/deprecate_version.sh # # Direct usage (not recommended): # # python tools/deprecate_version/deprecate_version.py # # e.g # # python tools/deprecate_version/deprecate_version.py # # A GitHub access token must be set in GH_ACCESS_TOKEN. To create one, go to # Settings -> Developer settings -> Personal access tokens in GitHub and create # a token with public_repo scope. Keep this safe, it's broader than it needs to # be thanks to GH permission model # (https://github.com/dear-github/dear-github/issues/113). # # Known issues: # - Minor fixup PRs (e.g. fixing a typo) will result in the creation of spurious # issues. from __future__ import print_function import datetime from datetime import date from collections import defaultdict import os import re import subprocess import sys import github from git import Repo try: input = raw_input # Python 2 except NameError: pass # Python 3 # Tag issues created with these labels. LABELS = ['deprecation', 'tech debt', 'no stalebot'] # Errors that happen during issue creation. class DeprecateVersionError(Exception): pass def GetConfirmation(): """Obtain stdin confirmation to create issues in GH.""" return input('Creates issues? [yN] ').strip().lower() in ('y', 'yes') def CreateIssues(access_token, runtime_and_pr): """Create issues in GitHub for code to clean up old runtime guarded features. Args: access_token: GitHub access token (see comment at top of file). runtime_and_pr: a list of runtime guards and the PRs and commits they were added. """ git = github.Github(access_token) repo = git.get_repo('envoyproxy/envoy') # Find GitHub label objects for LABELS. labels = [] for label in repo.get_labels(): if label.name in LABELS: labels.append(label) if len(labels) != len(LABELS): raise DeprecateVersionError('Unknown labels (expected %s, got %s)' % (LABELS, labels)) issues = [] for runtime_guard, pr, commit in runtime_and_pr: # Who is the author? if pr: # Extract PR title, number, and author. pr_info = repo.get_pull(pr) change_title = pr_info.title number = ('#%d') % pr login = pr_info.user.login else: # Extract commit message, sha, and author. # Only keep commit message title (remove description), and truncate to 50 characters. change_title = commit.message.split('\n')[0][:50] number = ('commit %s') % commit.hexsha email = commit.author.email # Use the commit author's email to search through users for their login. search_user = git.search_users(email.split('@')[0] + " in:email") login = search_user[0].login if search_user else None title = '%s deprecation' % (runtime_guard) body = ('Your change %s (%s) introduced a runtime guarded feature. It has been 6 months since ' 'the new code has been exercised by default, so it\'s time to remove the old code ' 'path. This issue tracks source code cleanup so we don\'t forget.') % (number, change_title) print(title) print(body) print(' >> Assigning to %s' % (login or email)) search_title = '%s in:title' % title # TODO(htuch): Figure out how to do this without legacy and faster. exists = repo.legacy_search_issues('open', search_title) or repo.legacy_search_issues( 'closed', search_title) if exists: print("Issue with %s already exists" % search_title) print(exists) print(' >> Issue already exists, not posting!') else: issues.append((title, body, login)) if not issues: print('No features to deprecate in this release') return if GetConfirmation(): print('Creating issues...') for title, body, login in issues: try: repo.create_issue(title, body=body, assignees=[login], labels=labels) except github.GithubException as e: try: if login: body += '\ncc @' + login repo.create_issue(title, body=body, labels=labels) print(('unable to assign issue %s to %s. Add them to the Envoy proxy org' 'and assign it their way.') % (title, login)) except github.GithubException as e: print('GithubException while creating issue.') raise def GetRuntimeAndPr(): """Returns a list of tuples of [runtime features to deprecate, PR, commit the feature was added] """ repo = Repo(os.getcwd()) # grep source code looking for reloadable features which are true to find the # PR they were added. features_to_flip = [] runtime_features = re.compile(r'.*"(envoy.reloadable_features..*)",.*') removal_date = date.today() - datetime.timedelta(days=183) found_test_feature_true = False # Walk the blame of runtime_features and look for true runtime features older than 6 months. for commit, lines in repo.blame('HEAD', 'source/common/runtime/runtime_features.cc'): for line in lines: match = runtime_features.match(line) if match: runtime_guard = match.group(1) if runtime_guard == 'envoy.reloadable_features.test_feature_false': print("Found end sentinel\n") if not found_test_feature_true: # The script depends on the cc file having the true runtime block # before the false runtime block. Fail if one isn't found. print('Failed to find test_feature_true. Script needs fixing') sys.exit(1) return features_to_flip if runtime_guard == 'envoy.reloadable_features.test_feature_true': found_test_feature_true = True continue pr_num = re.search('\(#(\d+)\)', commit.message) # Some commits may not come from a PR (if they are part of a security point release). pr = (int(pr_num.group(1))) if pr_num else None pr_date = date.fromtimestamp(commit.committed_date) removable = (pr_date < removal_date) # Add the runtime guard and PR to the list to file issues about. print('Flag ' + runtime_guard + ' added at ' + str(pr_date) + ' ' + (removable and 'and is safe to remove' or 'is not ready to remove')) if removable: features_to_flip.append((runtime_guard, pr, commit)) print('Failed to find test_feature_false. Script needs fixing') sys.exit(1) if __name__ == '__main__': runtime_and_pr = GetRuntimeAndPr() if not runtime_and_pr: print('No code is deprecated.') sys.exit(0) access_token = os.getenv('GH_ACCESS_TOKEN') if not access_token: print( 'Missing GH_ACCESS_TOKEN: see instructions in tools/deprecate_version/deprecate_version.py') sys.exit(1) CreateIssues(access_token, runtime_and_pr) ================================================ FILE: tools/deprecate_version/deprecate_version.sh ================================================ #!/bin/bash . tools/shell_utils.sh set -e python_venv deprecate_version ================================================ FILE: tools/deprecate_version/requirements.txt ================================================ certifi==2020.6.20 \ --hash=sha256:5930595817496dd21bb8dc35dad090f1c2cd0adfaf21204bf6732ca5d8ee34d3 \ --hash=sha256:8fc0819f1f30ba15bdb34cceffb9ef04d99f420f68eb75d901e9560b8749fc41 chardet==3.0.4 \ --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \ --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 Deprecated==1.2.10 \ --hash=sha256:525ba66fb5f90b07169fdd48b6373c18f1ee12728ca277ca44567a367d9d7f74 \ --hash=sha256:a766c1dccb30c5f6eb2b203f87edd1d8588847709c78589e1521d769addc8218 gitdb==4.0.5 \ --hash=sha256:91f36bfb1ab7949b3b40e23736db18231bf7593edada2ba5c3a174a7b23657ac \ --hash=sha256:c9e1f2d0db7ddb9a704c2a0217be31214e91a4fe1dea1efad19ae42ba0c285c9 GitPython==3.1.8 \ --hash=sha256:080bf8e2cf1a2b907634761c2eaefbe83b69930c94c66ad11b65a8252959f912 \ --hash=sha256:1858f4fd089abe92ae465f01d5aaaf55e937eca565fb2c1fce35a51b5f85c910 idna==2.10 \ --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 PyGithub==1.53 \ --hash=sha256:776befaddab9d8fddd525d52a6ca1ac228cf62b5b1e271836d766f4925e1452e \ --hash=sha256:8ad656bf79958e775ec59f7f5a3dbcbadac12147ae3dc42708b951064096af15 PyJWT==1.7.1 \ --hash=sha256:5c6eca3c2940464d106b99ba83b00c6add741c9becaec087fb7ccdefea71350e \ --hash=sha256:8d59a976fb773f3e6a39c85636357c4f0e242707394cadadd9814f5cbaa20e96 requests==2.24.0 \ --hash=sha256:b3559a131db72c33ee969480840fff4bb6dd111de7dd27c8ee1f820f4f00231b \ --hash=sha256:fe75cc94a9443b9246fc7049224f75604b113c36acb93f87b80ed42c44cbb898 smmap==3.0.4 \ --hash=sha256:54c44c197c819d5ef1991799a7e30b662d1e520f2ac75c9efbeb54a742214cf4 \ --hash=sha256:9c98bbd1f9786d22f14b3d4126894d56befb835ec90cef151af566c7e19b5d24 urllib3==1.25.10 \ --hash=sha256:91056c15fa70756691db97756772bb1eb9678fa585d9184f24534b100dc60f4a \ --hash=sha256:e7983572181f5e1522d9c98453462384ee92a0be7fac5f1413a1e35c56cc0461 wrapt==1.12.1 \ --hash=sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7 ================================================ FILE: tools/docker_wrapper.sh ================================================ #!/bin/bash # # Wraps a test invocation in docker. set -e IMAGE=$1 RUN_REMOTE=$2 LOCAL_MOUNT=$3 DOCKER_ENV=$4 TEST_PATH=$(realpath "$5") shift 5 if [ "${RUN_REMOTE}" == "yes" ]; then echo "Using docker environment from ${DOCKER_ENV}:" cat "${DOCKER_ENV}" fi # shellcheck disable=SC1090 . "${DOCKER_ENV}" CONTAINER_NAME="envoy-test-runner" ENVFILE=$(mktemp -t "bazel-test-env.XXXXXX") function cleanup() { rm -f "${ENVFILE}" if [ "${RUN_REMOTE}" == "yes" ]; then docker rm -f "${CONTAINER_NAME}" || true # We don't really care if it fails. fi } trap cleanup EXIT cat > "${ENVFILE}" < ``` Envoy will run as normal, but when interrupted by SIGINT (e.g. via `kill -s INT` or ctrl-c on stdin), it will write to `/path/to/debug.tar` a dump of various logs and the admin endpoint handlers. The wrapper configures Envoy for maximum logging verbosity. This tarball may be useful to attach to issues when reporting. However, a high degree of caution is recommended here, as the logs are verbose and will reveal low level traffic details. It is **NOT** recommended to attach this to a GitHub issue if there are any privacy concerns whatsoever, otherwise the data should be manually sanitized prior to posting in public view. ## Performance To collect a performance profile, as well as the non-performance impacting logs and stats, invoke `/path/to/envoy-static` as follows under the `envoy_collect.py` wrapper: ``` envoy_collect.py --performance --envoy-binary /path/to/envoy-static --output-path /path/to/debug.tar -c \ /path/to/envoy-config.json ``` This will run Envoy under `perf record` and include a `perf.data` file in the tarball, suitable for later analysis with `perf report` or flamegraph generation. ================================================ FILE: tools/envoy_collect/envoy_collect.py ================================================ #!/usr/bin/env python """Wrapper for Envoy command-line that collects stats/log/profile. Example use: ./tools/envoy_collect.py --output-path=./envoy.tar -c ./configs/google_com_proxy.v2.yaml --service-node foo tar -tvf ./envoy.tar -rw------- htuch/eng 0 2017-08-13 21:13 access_0.log -rw------- htuch/eng 876 2017-08-13 21:13 clusters.txt -rw------- htuch/eng 19 2017-08-13 21:13 listeners.txt -rw------- htuch/eng 70 2017-08-13 21:13 server_info.txt -rw------- htuch/eng 8443 2017-08-13 21:13 stats.txt -rw------- htuch/eng 1551 2017-08-13 21:13 config.json -rw------- htuch/eng 32681 2017-08-13 21:13 envoy.log The Envoy process will execute as normal and will terminate when interrupted with SIGINT (ctrl-c on stdin), collecting the various stats/log/profile in the --output-path tarball. TODO(htuch): - Generate the full perf trace as well, since we may have a different version of perf local vs. remote. - Add a Bazel run wrapper. - Support v2 proto config in ModifyEnvoyConfig(). - Flamegraph generation in post-processing. - Support other modes of data collection (e.g. snapshotting on SIGUSR, periodic). - Validate in performance mode that we're using an opt binary. - Consider handling other signals. - Optional real time logging while Envoy process is running. - bz2 compress tarball. - Use freeze or something similar to build a static binary with embedded Python, ending need to have Python on remote host (and care about version). """ from __future__ import print_function import argparse import ctypes import ctypes.util import datetime import json import os import pipes import shutil import signal import subprocess as sp import sys import tarfile import tempfile from six.moves import urllib DEFAULT_ENVOY_PATH = os.getenv('ENVOY_PATH', 'bazel-bin/source/exe/envoy-static') PERF_PATH = os.getenv('PERF_PATH', 'perf') PR_SET_PDEATHSIG = 1 # See prtcl(2). DUMP_HANDLERS = ['clusters', 'listeners', 'server_info', 'stats'] def fetch_url(url): return urllib.request.urlopen(url).read().decode('utf-8') def modify_envoy_config(config_path, perf, output_directory): """Modify Envoy config to support gathering logs, etc. Args: config_path: the command-line specified Envoy config path. perf: boolean indicating whether in performance mode. output_directory: directory path for additional generated files. Returns: (modified Envoy config path, list of additional files to collect) """ # No modifications yet when in performance profiling mode. if perf: return config_path, [] # Load original Envoy config. with open(config_path, 'r') as f: envoy_config = json.loads(f.read()) # Add unconditional access logs for all listeners. access_log_paths = [] for n, listener in enumerate(envoy_config['listeners']): for network_filter in listener['filters']: if network_filter['name'] == 'http_connection_manager': config = network_filter['config'] access_log_path = os.path.join(output_directory, 'access_%d.log' % n) access_log_config = {'path': access_log_path} if 'access_log' in config: config['access_log'].append(access_log_config) else: config['access_log'] = [access_log_config] access_log_paths.append(access_log_path) # Write out modified Envoy config. modified_envoy_config_path = os.path.join(output_directory, 'config.json') with open(modified_envoy_config_path, 'w') as f: f.write(json.dumps(envoy_config, indent=2)) return modified_envoy_config_path, access_log_paths def run_envoy(envoy_shcmd_args, envoy_log_path, admin_address_path, dump_handlers_paths): """Run Envoy subprocess and trigger admin endpoint gathering on SIGINT. Args: envoy_shcmd_args: list of Envoy subprocess args. envoy_log_path: path to write Envoy stderr log to. admin_address_path: path to where admin address is written by Envoy. dump_handlers_paths: map from admin endpoint handler to path to where the respective contents are to be written. Returns: The Envoy subprocess exit code. """ envoy_shcmd = ' '.join(map(pipes.quote, envoy_shcmd_args)) print(envoy_shcmd) # Some process setup stuff to ensure the child process gets cleaned up properly if the # collector dies and doesn't get its signals implicitly. def envoy_preexec_fn(): os.setpgrp() libc = ctypes.CDLL(ctypes.util.find_library('c'), use_errno=True) libc.prctl(PR_SET_PDEATHSIG, signal.SIGTERM) # Launch Envoy, register for SIGINT, and wait for the child process to exit. with open(envoy_log_path, 'w') as envoy_log: envoy_proc = sp.Popen(envoy_shcmd, stdin=sp.PIPE, stderr=envoy_log, preexec_fn=envoy_preexec_fn, shell=True) def signal_handler(signum, frame): # The read is deferred until the signal so that the Envoy process gets a # chance to write the file out. with open(admin_address_path, 'r') as f: admin_address = 'http://%s' % f.read() # Fetch from the admin endpoint. for handler, path in dump_handlers_paths.items(): handler_url = '%s/%s' % (admin_address, handler) print('Fetching %s' % handler_url) with open(path, 'w') as f: f.write(fetch_url(handler_url)) # Send SIGINT to Envoy process, it should exit and execution will # continue from the envoy_proc.wait() below. print('Sending Envoy process (PID=%d) SIGINT...' % envoy_proc.pid) envoy_proc.send_signal(signal.SIGINT) signal.signal(signal.SIGINT, signal_handler) return envoy_proc.wait() def envoy_collect(parse_result, unknown_args): """Run Envoy and collect its artifacts. Args: parse_result: Namespace object with envoy_collect.py's args. unknown_args: list of remaining args to pass to Envoy binary. """ # Are we in performance mode? Otherwise, debug. perf = parse_result.performance return_code = 1 # Non-zero default return. envoy_tmpdir = tempfile.mkdtemp(prefix='envoy-collect-tmp-') # Try and do stuff with envoy_tmpdir, rm -rf regardless of success/failure. try: # Setup Envoy config and determine the paths of the files we're going to # generate. modified_envoy_config_path, access_log_paths = modify_envoy_config( parse_result.config_path, perf, envoy_tmpdir) dump_handlers_paths = {h: os.path.join(envoy_tmpdir, '%s.txt' % h) for h in DUMP_HANDLERS} envoy_log_path = os.path.join(envoy_tmpdir, 'envoy.log') # The manifest of files that will be placed in the output .tar. manifest = access_log_paths + list( dump_handlers_paths.values()) + [modified_envoy_config_path, envoy_log_path] # This is where we will find out where the admin endpoint is listening. admin_address_path = os.path.join(envoy_tmpdir, 'admin_address.txt') # Only run under 'perf record' in performance mode. if perf: perf_data_path = os.path.join(envoy_tmpdir, 'perf.data') manifest.append(perf_data_path) perf_record_args = [ PERF_PATH, 'record', '-o', perf_data_path, '-g', '--', ] else: perf_record_args = [] # This is how we will invoke the wrapped envoy. envoy_shcmd_args = perf_record_args + [ parse_result.envoy_binary, '-c', modified_envoy_config_path, '-l', 'error' if perf else 'trace', '--admin-address-path', admin_address_path, ] + unknown_args[1:] # Run the Envoy process (under 'perf record' if needed). return_code = run_envoy(envoy_shcmd_args, envoy_log_path, admin_address_path, dump_handlers_paths) # Collect manifest files and tar them. with tarfile.TarFile(parse_result.output_path, 'w') as output_tar: for path in manifest: if os.path.exists(path): print('Adding %s to archive' % path) output_tar.add(path, arcname=os.path.basename(path)) else: print('%s not found' % path) print('Wrote Envoy artifacts to %s' % parse_result.output_path) finally: shutil.rmtree(envoy_tmpdir) return return_code if __name__ == '__main__': parser = argparse.ArgumentParser(description='Envoy wrapper to collect stats/log/profile.') default_output_path = 'envoy-%s.tar' % datetime.datetime.now().isoformat('-') parser.add_argument('--output-path', default=default_output_path, help='path to output .tar.') # We either need to interpret or override these, so we declare them in # envoy_collect.py and always parse and present them again when invoking # Envoy. parser.add_argument('--config-path', '-c', required=True, help='Path to Envoy configuration file.') parser.add_argument('--log-level', '-l', help='Envoy log level. This will be overridden when invoking Envoy.') # envoy_collect specific args. parser.add_argument('--performance', action='store_true', help='Performance mode (collect perf trace, minimize log verbosity).') parser.add_argument('--envoy-binary', default=DEFAULT_ENVOY_PATH, help='Path to Envoy binary (%s by default).' % DEFAULT_ENVOY_PATH) sys.exit(envoy_collect(*parser.parse_known_args(sys.argv))) ================================================ FILE: tools/envoy_headersplit/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary", "py_test") load("@headersplit_pip3//:requirements.bzl", "requirement") load( "//bazel:envoy_build_system.bzl", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() py_binary( name = "headersplit", srcs = [ "headersplit.py", ], python_version = "PY3", srcs_version = "PY3", visibility = ["//visibility:public"], deps = [ requirement("clang"), ], ) py_binary( name = "replace_includes", srcs = [ "replace_includes.py", ], python_version = "PY3", srcs_version = "PY3", visibility = ["//visibility:public"], deps = [ ":headersplit", ], ) py_test( name = "headersplit_test", srcs = [ "headersplit_test.py", ], data = glob(["code_corpus/**"]), python_version = "PY3", srcs_version = "PY3", tags = ["no-sandbox"], # TODO (foreseeable): make this test run under sandbox visibility = ["//visibility:public"], deps = [ requirement("clang"), ":headersplit", ], ) py_test( name = "replace_includes_test", srcs = [ "replace_includes_test.py", ], data = glob(["code_corpus/**"]), python_version = "PY3", srcs_version = "PY3", tags = ["no-sandbox"], # TODO (foreseeable): make this test run under sandbox visibility = ["//visibility:public"], deps = [ ":replace_includes", ], ) ================================================ FILE: tools/envoy_headersplit/README.md ================================================ # Envoy Header Split Tool for spliting monolithic header files in Envoy to speed up compilation Steps to divide Envoy mock headers: 1. Run `headersplit.py` to divide the monolithic mock header into different classes Example (to split monolithic mock header test/mocks/network/mocks.h): ``` cd ${ENVOY_SRCDIR}/test/mocks/network/ python3 ${ENVOY_SRCDIR}/tools/envoy_headersplit/headersplit.py -i mocks.cc -d mocks.h ``` 2. Remove unused `#includes` from the new mock headers, and write Bazel dependencies for the newly divided mock classes. (this step needs to be done manually) 3. Run `replace_includes.py` to replace superfluous `#includes` in Envoy directory after dividing. It will also modify the corresponding Bazel `BUILD` file. Example (to replace `#includes` after dividing mock header test/mocks/network/mocks.h): ``` cd ${ENVOY_SRCDIR} python3 ${ENVOY_SRCDIR}/tools/envoy_headersplit/replace_includes.py -m network ``` ================================================ FILE: tools/envoy_headersplit/code_corpus/class_defn.h ================================================ #include "envoy/split" // NOLINT(namespace-envoy) namespace { class Foo {}; class Bar { Foo getFoo(); }; class FooBar : Foo, Bar {}; class DeadBeaf { public: int val(); FooBar foobar; }; } // namespace ================================================ FILE: tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h ================================================ #include "envoy/split" // NOLINT(namespace-envoy) class Foo {}; class Bar { Foo getFoo(); }; class FooBar : Foo, Bar {}; class DeadBeaf { public: int val(); FooBar foobar; }; ================================================ FILE: tools/envoy_headersplit/code_corpus/class_impl.cc ================================================ #include "class_defn.h" // NOLINT(namespace-envoy) namespace { Foo Bar::getFoo() { Foo foo; return foo; } int DeadBeaf::val() { return 42; } DeadBeaf::DeadBeaf() = default; } // namespace ================================================ FILE: tools/envoy_headersplit/code_corpus/fail_mocks.cc ================================================ #include "fail_mocks.h" // NOLINT(namespace-envoy) #include #include "envoy/admin/v3/server_info.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "common/singleton/manager_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" using testing::_; using testing::Invoke; using testing::Return; using testing::ReturnPointee; using testing::ReturnRef; using testing::SaveArg; namespace Envoy { namespace Server { MockConfigTracker::MockConfigTracker() { ON_CALL(*this, add_(_, _)) .WillByDefault(Invoke([this](const std::string& key, Cb callback) -> EntryOwner* { EXPECT_TRUE(config_tracker_callbacks_.find(key) == config_tracker_callbacks_.end()); config_tracker_callbacks_[key] = callback; return new MockEntryOwner(); })); } MockConfigTracker::~MockConfigTracker() = default; MockListenerComponentFactory::MockListenerComponentFactory() : socket_(std::make_shared>()) { ON_CALL(*this, createListenSocket(_, _, _, _)) .WillByDefault(Invoke([&](Network::Address::InstanceConstSharedPtr, Network::Socket::Type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams&) -> Network::SocketSharedPtr { if (!Network::Socket::applyOptions(options, *socket_, envoy::config::core::v3::SocketOption::STATE_PREBIND)) { throw EnvoyException("MockListenerComponentFactory: Setting socket options failed"); } return socket_; })); } MockListenerComponentFactory::~MockListenerComponentFactory() = default; } // namespace Server } // namespace Envoy ================================================ FILE: tools/envoy_headersplit/code_corpus/fail_mocks.h ================================================ #pragma once // NOLINT(namespace-envoy) #include #include #include #include namespace Envoy { namespace Server { class MockConfigTracker : public ConfigTracker { public: MockConfigTracker(); ~MockConfigTracker() override; struct MockEntryOwner : public EntryOwner {}; MOCK_METHOD(EntryOwner*, add_, (std::string, Cb)); // Server::ConfigTracker MOCK_METHOD(const CbsMap&, getCallbacksMap, (), (const)); EntryOwnerPtr add(const std::string& key, Cb callback) override { return EntryOwnerPtr{add_(key, std::move(callback))}; } absl::node_hash_map config_tracker_callbacks_; }; class MockListenerComponentFactory : public ListenerComponentFactory { public: MockListenerComponentFactory(); ~MockListenerComponentFactory() override; DrainManagerPtr createDrainManager(envoy::config::listener::v3::Listener::DrainType drain_type) override { return DrainManagerPtr{createDrainManager_(drain_type)}; } LdsApiPtr createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config) override { return LdsApiPtr{createLdsApi_(lds_config)}; } MOCK_METHOD(LdsApi*, createLdsApi_, (const envoy::config::core::v3::ConfigSource& lds_config)); MOCK_METHOD(std::vector, createNetworkFilterFactoryList, (const Protobuf::RepeatedPtrField& filters, Configuration::FilterChainFactoryContext& filter_chain_factory_context)); MOCK_METHOD(std::vector, createListenerFilterFactoryList, (const Protobuf::RepeatedPtrField&, Configuration::ListenerFactoryContext& context)); MOCK_METHOD(std::vector, createUdpListenerFilterFactoryList, (const Protobuf::RepeatedPtrField&, Configuration::ListenerFactoryContext& context)); MOCK_METHOD(Network::SocketSharedPtr, createListenSocket, (Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, const Network::Socket::OptionsSharedPtr& options, const ListenSocketCreationParams& params)); MOCK_METHOD(DrainManager*, createDrainManager_, (envoy::config::listener::v3::Listener::DrainType drain_type)); MOCK_METHOD(uint64_t, nextListenerTag, ()); std::shared_ptr socket_; }; } // namespace Server } // namespace Envoy ================================================ FILE: tools/envoy_headersplit/code_corpus/fake_build ================================================ envoy_cc_test( name = "async_client_impl_test", srcs = ["async_client_impl_test.cc"], deps = [ ":common_lib", "//source/common/buffer:buffer_lib", "//source/common/http:async_client_lib", "//source/common/http:context_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/extensions/upstreams/http/generic:config", "//test/mocks:common_lib", "//test/mocks/buffer:buffer_mocks", "//test/mocks/http:http_mocks", "//test/mocks/local_info:local_info_mocks", "//test/mocks/router:router_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/stats:stats_mocks", "//test/mocks/upstream:upstream_mocks", "//test/test_common:test_time_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) ================================================ FILE: tools/envoy_headersplit/code_corpus/fake_source_code.cc ================================================ // NOLINT(namespace-envoy) #include #include #include #include #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" #include "common/buffer/buffer_impl.h" #include "common/http/async_client_impl.h" #include "common/http/context_impl.h" #include "common/http/headers.h" #include "common/http/utility.h" #include "test/common/http/common.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/common.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/router/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/upstream/mocks.h" #include "test/test_common/printers.h" ....useless stuff... NiceMock cm_; ... uninteresting stuff.. ================================================ FILE: tools/envoy_headersplit/code_corpus/hello.h ================================================ // your first c++ program // NOLINT(namespace-envoy) #include // random strings #include "foo/bar" class test { test() { std::cout << "Hello World" << std::endl; } }; ================================================ FILE: tools/envoy_headersplit/headersplit.py ================================================ # !/usr/bin/env python3 # Lint as: python3 """ This python script can dividing monolithic mock headers into different mock classes. We need to remove the over-included header files in generated class codes and resolve dependencies in the corresponding Bazel files manually. """ import argparse import os import subprocess import sys from typing import Type, List, Tuple, Dict # libclang imports import clang.cindex from clang.cindex import TranslationUnit, Index, CursorKind, Cursor def to_filename(classname: str) -> str: """ maps mock class name (in C++ codes) to filenames under the Envoy naming convention. e.g. map "MockAdminStream" to "admin_stream" Args: classname: mock class name from source Returns: corresponding file name """ filename = classname.replace("Mock", "", 1) # Remove only first "Mock" ret = "" for index, val in enumerate(filename): if val.isupper() and index > 0: ret += "_" ret += val return ret.lower() def get_directives(translation_unit: Type[TranslationUnit]) -> str: """ "extracts" all header includes statements and other directives from the target source code file for instance: foo.h: #pragma once #include "a.h" #include "b.h" int foo(){ } this function should return '#pragma once\n#include "a.h"\n#include "b.h"' Args: translation_unit: parsing result of target source code by libclang Returns: A string, contains all includes statements and other preprocessor directives before the first non-directive statement. Notes: clang lib provides API like tranlation_unit.get_includes() to get include directives. But we can't use it as it requires presence of the included files to return the full list. We choose to return the string instead of list of includes since we will simply copy-paste the include statements into generated headers. Return string seems more convenient """ cursor = translation_unit.cursor for descendant in cursor.walk_preorder(): if descendant.location.file is not None and descendant.location.file.name == cursor.displayname: filename = descendant.location.file.name contents = read_file_contents(filename) return contents[:descendant.extent.start.offset] return "" def cursors_in_same_file(cursor: Cursor) -> List[Cursor]: """ get all child cursors which are pointing to the same file as the input cursor Args: cursor: cursor of parsing result of target source code by libclang Returns: a list of cursor """ cursors = [] for descendant in cursor.walk_preorder(): # We don't want Cursors from files other than the input file, # otherwise we get definitions for every file included # when clang parsed the input file (i.e. if we don't limit descendant location, # it will check definitions from included headers and get class definitions like std::string) if descendant.location.file is None: continue if descendant.location.file.name != cursor.displayname: continue cursors.append(descendant) return cursors def class_definitions(cursor: Cursor) -> List[Cursor]: """ extracts all class definitions in the file pointed by cursor. (typical mocks.h) Args: cursor: cursor of parsing result of target source code by libclang Returns: a list of cursor, each pointing to a class definition. """ cursors = cursors_in_same_file(cursor) class_cursors = [] for descendant in cursors: # check if descendant is pointing to a class declaration block. if descendant.kind != CursorKind.CLASS_DECL: continue if not descendant.is_definition(): continue # check if this class is directly enclosed by a namespace. if descendant.semantic_parent.kind != CursorKind.NAMESPACE: continue class_cursors.append(descendant) return class_cursors def class_implementations(cursor: Cursor) -> List[Cursor]: """ extracts all class implementation in the file pointed by cursor. (typical mocks.cc) Args: cursor: cursor of parsing result of target source code by libclang Returns: a list of cursor, each pointing to a class implementation. """ cursors = cursors_in_same_file(cursor) impl_cursors = [] for descendant in cursors: if descendant.kind == CursorKind.NAMESPACE: continue # check if descendant is pointing to a class method if descendant.semantic_parent is None: continue if descendant.semantic_parent.kind == CursorKind.CLASS_DECL: impl_cursors.append(descendant) return impl_cursors def extract_definition(cursor: Cursor, classnames: List[str]) -> Tuple[str, str, List[str]]: """ extracts class definition source code pointed by the cursor parameter. and find dependent mock classes by naming look up. Args: cursor: libclang cursor pointing to the target mock class definition. classnames: all mock class names defined in the definition header that needs to be divided, used to parse class dependencies. Returns: class_name: a string representing the mock class name. class_defn: a string contains the whole class definition body. deps: a set of string contains all dependent classes for the return class. Note: It can not detect and resolve forward declaration and cyclic dependency. Need to address manually. """ filename = cursor.location.file.name contents = read_file_contents(filename) class_name = cursor.spelling class_defn = contents[cursor.extent.start.offset:cursor.extent.end.offset] + ";" # need to know enclosing semantic parents (namespaces) # to generate corresponding definitions parent_cursor = cursor.semantic_parent while parent_cursor.kind == CursorKind.NAMESPACE: if parent_cursor.spelling == "": break class_defn = "namespace {} {{\n".format(parent_cursor.spelling) + class_defn + "\n}\n" parent_cursor = parent_cursor.semantic_parent # resolve dependency # by simple naming look up deps = set() for classname in classnames: if classname in class_defn and classname != class_name: deps.add(classname) return class_name, class_defn, deps def get_implline(cursor: Cursor) -> int: """ finds the first line of implementation source code for class method pointed by the cursor parameter. Args: cursor: libclang cursor pointing to the target mock class definition. Returns: an integer, the line number of the first line of the corresponding method implementation code (zero indexed) Note: This function return line number only. Because in certain case libclang will fail in parsing the method body and stops parsing early (see headersplit_test.test_class_implementations_error for details). To address this issue when parsing implementation code, we passed the flag that ask clang to ignore function bodies. We can not get the function body directly with the same way we used in extract_definition() since clang didn't parse function this time. Though we can't get the correct method extent offset from Cursor, we can still get the start line of the corresponding method instead. (We can't get the correct line number for the last line due to skipping function bodies) """ return cursor.extent.start.line - 1 def extract_implementations(impl_cursors: List[Cursor], source_code: str) -> Dict[str, str]: """ extracts method function body for each cursor in list impl_cursors from source code groups those function bodies with class name to help generating the divided {classname}.cc returns a dict maps class name to the concatenation of all its member methods implementations. Args: impl_cursors: list of cursors, each pointing to a mock class member function implementation. source_code: string, the source code for implementations (e.g. mocks.cc) Returns: classname_to_impl: a dict maps class name to its member methods implementations """ classname_to_impl = dict() for i, cursor in enumerate(impl_cursors): classname = cursor.semantic_parent.spelling # get first line of function body implline = get_implline(cursor) # get last line of function body if i + 1 < len(impl_cursors): # i is not the last method, get the start line for the next method # as the last line of i impl_end = get_implline(impl_cursors[i + 1]) impl = "".join(source_code[implline:impl_end]) else: # i is the last method, after removing the lines containing close brackets # for namespaces, the rest should be the function body offset = 0 while implline + offset < len(source_code): if "// namespace" in source_code[implline + offset]: break offset += 1 impl = "".join(source_code[implline:implline + offset]) if classname in classname_to_impl: classname_to_impl[classname] += impl + "\n" else: classname_to_impl[classname] = impl + "\n" return classname_to_impl def get_enclosing_namespace(defn: Cursor) -> Tuple[str, str]: """ retrieves all enclosing namespaces for the class pointed by defn. this is necessary to construct the mock class header e.g.: defn is pointing MockClass in the follow source code: namespace Envoy { namespace Server { class MockClass2 {...} namespace Configuration { class MockClass {...} ^ defn } } } this function will return: "namespace Envoy {\nnamespace Server {\nnamespace Configuration{\n" and "\n}\n}\n}\n" Args: defn: libclang Cursor pointing to a mock class Returns: namespace_prefix, namespace_suffix: a pair of string, representing the enclosing namespaces """ namespace_prefix = "" namespace_suffix = "" parent_cursor = defn.semantic_parent while parent_cursor.kind == CursorKind.NAMESPACE: if parent_cursor.spelling == "": break namespace_prefix = "namespace {} {{\n".format(parent_cursor.spelling) + namespace_prefix namespace_suffix += "\n}" parent_cursor = parent_cursor.semantic_parent namespace_suffix += "\n" return namespace_prefix, namespace_suffix def read_file_contents(path): with open(path, "r") as input_file: return input_file.read() def write_file_contents(class_name, class_defn, class_impl): with open("{}.h".format(to_filename(class_name)), "w") as decl_file: decl_file.write(class_defn) with open("{}.cc".format(to_filename(class_name)), "w") as impl_file: impl_file.write(class_impl) # generating bazel build file, need to fill dependency manually bazel_text = """ envoy_cc_mock( name = "{}_mocks", srcs = ["{}.cc"], hdrs = ["{}.h"], deps = [ ] ) """.format(to_filename(class_name), to_filename(class_name), to_filename(class_name)) with open("BUILD", "r+") as bazel_file: contents = bazel_file.read() if 'name = "{}_mocks"'.format(to_filename(class_name)) not in contents: bazel_file.write(bazel_text) def main(args): """ divides the monolithic mock file into different mock class files. """ decl_filename = args["decl"] impl_filename = args["impl"] idx = Index.create() impl_translation_unit = TranslationUnit.from_source( impl_filename, options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) impl_includes = get_directives(impl_translation_unit) decl_translation_unit = idx.parse(decl_filename, ["-x", "c++"]) defns = class_definitions(decl_translation_unit.cursor) decl_includes = get_directives(decl_translation_unit) impl_cursors = class_implementations(impl_translation_unit.cursor) contents = read_file_contents(impl_filename) classname_to_impl = extract_implementations(impl_cursors, contents) classnames = [cursor.spelling for cursor in defns] for defn in defns: # writing {class}.h and {classname}.cc class_name, class_defn, deps = extract_definition(defn, classnames) includes = "" for name in deps: includes += '#include "{}.h"\n'.format(to_filename(name)) class_defn = decl_includes + includes + class_defn class_impl = "" if class_name not in classname_to_impl: print("Warning: empty class {}".format(class_name)) else: impl_include = impl_includes.replace(decl_filename, "{}.h".format(to_filename(class_name))) # we need to enclose methods with namespaces namespace_prefix, namespace_suffix = get_enclosing_namespace(defn) class_impl = impl_include + namespace_prefix + \ classname_to_impl[class_name] + namespace_suffix write_file_contents(class_name, class_defn, class_impl) if __name__ == "__main__": PARSER = argparse.ArgumentParser() PARSER.add_argument( "-d", "--decl", default="mocks.h", help="Path to the monolithic header .h file that needs to be splitted", ) PARSER.add_argument( "-i", "--impl", default="mocks.cc", help="Path to the implementation code .cc file that needs to be splitted", ) main(vars(PARSER.parse_args())) ================================================ FILE: tools/envoy_headersplit/headersplit_test.py ================================================ # Lint as: python3 """Tests for headersplit.""" import headersplit import io import os import subprocess import sys import unittest # libclang imports import clang.cindex from clang.cindex import TranslationUnit, Index, CursorKind class HeadersplitTest(unittest.TestCase): # A header contains a simple class print hello world source_code_hello_world = open("tools/envoy_headersplit/code_corpus/hello.h", "r").read() # A C++ source code contains definition for several classes source_class_defn = open("tools/envoy_headersplit/code_corpus/class_defn.h", "r").read() # almost the same as above, but classes are not enclosed by namespace source_class_defn_without_namespace = open( "tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h", "r").read() # A C++ source code contains method implementations for class_defn.h source_class_impl = open("tools/envoy_headersplit/code_corpus/class_impl.cc", "r").read() def test_to_filename(self): # Test class name with one "mock" self.assertEqual(headersplit.to_filename("MockAdminStream"), "admin_stream") # Test class name with two "Mock" self.assertEqual(headersplit.to_filename("MockClusterMockPrioritySet"), "cluster_mock_priority_set") # Test class name with no "Mock" self.assertEqual(headersplit.to_filename("TestRetryHostPredicateFactory"), "test_retry_host_predicate_factory") def test_get_directives(self): includes = """// your first c++ program // NOLINT(namespace-envoy) #include // random strings #include "foo/bar" """ translation_unit_hello_world = TranslationUnit.from_source( "tools/envoy_headersplit/code_corpus/hello.h", options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) self.assertEqual(headersplit.get_directives(translation_unit_hello_world), includes) def test_class_definitions(self): idx = Index.create() translation_unit_class_defn = idx.parse("tools/envoy_headersplit/code_corpus/class_defn.h", ["-x", "c++"]) defns_cursors = headersplit.class_definitions(translation_unit_class_defn.cursor) defns_names = [cursor.spelling for cursor in defns_cursors] self.assertEqual(defns_names, ["Foo", "Bar", "FooBar", "DeadBeaf"]) idx = Index.create() translation_unit_class_defn = idx.parse( "tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h", ["-x", "c++"]) defns_cursors = headersplit.class_definitions(translation_unit_class_defn.cursor) defns_names = [cursor.spelling for cursor in defns_cursors] self.assertEqual(defns_names, []) def test_class_implementations(self): translation_unit_class_impl = TranslationUnit.from_source( "tools/envoy_headersplit/code_corpus/class_impl.cc", options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) impls_cursors = headersplit.class_implementations(translation_unit_class_impl.cursor) impls_names = [cursor.spelling for cursor in impls_cursors] self.assertEqual(impls_names, ["getFoo", "val", "DeadBeaf"]) def test_class_implementations_error(self): # LibClang will fail in parse this source file (it's modified from the original # test/server/mocks.cc from Envoy repository) if we don't add flag PARSE_SKIP_FUNCTION_BODIES # to ignore function bodies. impl_translation_unit = TranslationUnit.from_source( "tools/envoy_headersplit/code_corpus/fail_mocks.cc") impls_cursors = headersplit.class_implementations(impl_translation_unit.cursor) # impls_name is not complete in this case impls_names = [cursor.spelling for cursor in impls_cursors] # LibClang will stop parsing at # MockListenerComponentFactory::MockListenerComponentFactory() # : socket_(std::make_shared>()) { # ^ # Since parsing stops early, we will have incomplete method list. # The reason is not clear, however, this issue can be addressed by adding parsing flag to # ignore function body # get correct list of member methods impl_translation_unit_correct = TranslationUnit.from_source( "tools/envoy_headersplit/code_corpus/fail_mocks.cc", options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) impls_cursors_correct = headersplit.class_implementations(impl_translation_unit_correct.cursor) impls_names_correct = [cursor.spelling for cursor in impls_cursors_correct] self.assertNotEqual(impls_names, impls_names_correct) if __name__ == "__main__": unittest.main() ================================================ FILE: tools/envoy_headersplit/replace_includes.py ================================================ # !/usr/bin/env python3 # Lint as: python3 """ This python script can be used to refactor Envoy source code #include after dividing the monolithic mock headers into different mock classes. This will reduce the building time for specific tests significantly. e.g. #include "test/mocks/server.h" -> #include "test/mocks/admin.h" if the source code only used mock class Server::MockAdmin. this script needs to be executed in the Envoy directory """ from pathlib import Path from headersplit import to_filename from typing import List import argparse def to_classname(filename: str) -> str: """ maps divided mock class file name to class names inverse function of headersplit.to_filename e.g. map "test/mocks/server/admin_stream.h" to "MockAdminStream" Args: filename: string, mock class header file name (might be the whole path instead of the base name) Returns: corresponding class name """ classname_tokens = filename.split('/')[-1].replace('.h', '').split('_') classname = "Mock" + ''.join(map(lambda x: x[:1].upper() + x[1:], classname_tokens)) return classname def to_bazelname(filename: str, mockname: str) -> str: """ maps divided mock class file name to bazel target name e.g. map "test/mocks/server/admin_stream.h" to "//test/mocks/server:admin_stream_mocks" Args: filename: string, mock class header file name (might be the whole path instead of the base name) mockname: string, mock directory name Returns: corresponding bazel target name """ bazelname = "//test/mocks/{}:".format(mockname) bazelname += filename.split('/')[-1].replace('.h', '') + '_mocks'.format(mockname) return bazelname def get_filenames(mockname: str) -> List[str]: """ scans all headers in test/mocks/{mockname}, return corresponding file names Args: mockname: string, mock directory name Returns: List of file name for the headers in test/mock/{mocksname} """ dir = Path("test/mocks/{}/".format(mockname)) filenames = list(map(str, dir.glob('*.h'))) return filenames def replace_includes(mockname): filenames = get_filenames(mockname) classnames = [to_classname(filename) for filename in filenames] p = Path('./test') changed_list = [] # list of test code that been refactored # walk through all files and check files that contains "{mockname}/mocks.h" # don't forget change dependency on bazel for test_file in p.glob('**/*.cc'): replace_includes = "" used_mock_header = False bazel_targets = "" with test_file.open() as f: content = f.read() if '#include "test/mocks/{}/mocks.h"'.format(mockname) in content: used_mock_header = True replace_includes = "" for classname in classnames: if classname in content: # replace mocks.h with mock class header used by this test library # limitation: if some class names in classnames are substrings of others, this part # will bring over-inclusion e.g. if we have MockCluster and MockClusterFactory, and # the source code only used MockClusterFactory, then the result code will also include # MockCluster since it also shows in the file. # TODO: use clang to analysis class usage instead by simple find and replace replace_includes += '#include "test/mocks/{}/{}.h"\n'.format( mockname, to_filename(classname)) bazel_targets += '"{}",'.format(to_bazelname(to_filename(classname), mockname)) if used_mock_header: changed_list.append(str(test_file.relative_to(Path('.'))) + '\n') with test_file.open(mode='w') as f: f.write( content.replace('#include "test/mocks/{}/mocks.h"\n'.format(mockname), replace_includes)) with (test_file.parent / 'BUILD').open() as f: # write building files content = f.read() split_content = content.split(test_file.name) split_content[1] = split_content[1].replace( '"//test/mocks/{}:{}_mocks",'.format(mockname, mockname), bazel_targets, 1) content = split_content[0] + test_file.name + split_content[1] with (test_file.parent / 'BUILD').open('w') as f: f.write(content) with open("changed.txt", "w") as f: f.writelines(changed_list) if __name__ == '__main__': PARSER = argparse.ArgumentParser() PARSER.add_argument('-m', '--mockname', default="server", help="mock folder that been divided") mockname = vars(PARSER.parse_args())['mockname'] replace_includes(mockname) ================================================ FILE: tools/envoy_headersplit/replace_includes_test.py ================================================ # Lint as: python3 """Tests for replace_includes.""" import unittest from unittest import mock import os from pathlib import Path import replace_includes class ReplaceIncludesTest(unittest.TestCase): def test_to_classname(self): # Test file name with whole path self.assertEqual(replace_includes.to_classname("test/mocks/server/admin_stream.h"), "MockAdminStream") # Test file name without .h extension self.assertEqual(replace_includes.to_classname("cluster_mock_priority_set"), "MockClusterMockPrioritySet") def test_to_bazelname(self): # Test file name with whole path self.assertEqual(replace_includes.to_bazelname("test/mocks/server/admin_stream.h", "server"), "//test/mocks/server:admin_stream_mocks") # Test file name without .h extension self.assertEqual(replace_includes.to_bazelname("cluster_mock_priority_set", "upstream"), "//test/mocks/upstream:cluster_mock_priority_set_mocks") class FakeDir(): # fake directory to test get_filenames def glob(self, _): return [ Path("test/mocks/server/admin_stream.h"), Path("test/mocks/server/admin.h"), Path("test/mocks/upstream/cluster_manager.h") ] @mock.patch("replace_includes.Path", return_value=FakeDir()) def test_get_filenames(self, mock_Path): self.assertEqual(replace_includes.get_filenames("sever"), [ "test/mocks/server/admin_stream.h", "test/mocks/server/admin.h", "test/mocks/upstream/cluster_manager.h" ]) def test_replace_includes(self): fake_source_code = open("tools/envoy_headersplit/code_corpus/fake_source_code.cc", "r").read() fake_build_file = open("tools/envoy_headersplit/code_corpus/fake_build", "r").read() os.mkdir("test") os.mkdir("test/mocks") os.mkdir("test/mocks/upstream") open("test/mocks/upstream/cluster_manager.h", "a").close() with open("test/async_client_impl_test.cc", "w") as f: f.write(fake_source_code) with open("test/BUILD", "w") as f: f.write(fake_build_file) replace_includes.replace_includes("upstream") source_code = "" build_file = "" with open("test/async_client_impl_test.cc", "r") as f: source_code = f.read() with open("test/BUILD", "r") as f: build_file = f.read() self.assertEqual(source_code, fake_source_code.replace("upstream/mocks", "upstream/cluster_manager")) self.assertEqual( build_file, fake_build_file.replace("upstream:upstream_mocks", "upstream:cluster_manager_mocks")) if __name__ == "__main__": unittest.main() ================================================ FILE: tools/envoy_headersplit/requirements.txt ================================================ clang==10.0.1 \ --hash=sha256:c90eca387fede58e2398c4e211e2b38a310f5caa9adb367a8f84aa1ba2fe98b5 \ --hash=sha256:f8d8e02ebaed0e9b8d5e6173c3c38b68e5f381ba34841aeb8145087d16750d89 ================================================ FILE: tools/find_related_envoy_files.py ================================================ #!/usr/bin/env python # # Emits related filenames given an envoy source/include/test filename. # This can assist a text-editor with a hot-key to rotate between # files. E.g. for Emacs this is enabled by loading # envoy-emacs-hooks.el. # # Takes a filename as its only arg, and emits a list of files that are # related to it, in a deterministic order so that by visiting the # first file in the list, you cycle through impl, header, test, and # interface -- whichever of those happen to exist. One file is emitted # per line. import os import os.path import sys # Name of top level git directory. ENVOY_ROOT = "/envoy/" SOURCE_ROOT = "source" TEST_ROOT = "test" INTERFACE_REAL_ROOT = "include/envoy" # Synthetic name for /include/envoy/, which helps us disambiguate # the 'envoy' underneath include from the top level of the git repo. INTERFACE_SYNTHETIC_ROOT = "include-envoy" # We want to search the file from the leaf up for 'envoy', which is # the name of the top level directory in the git repo. However, it's # also the name of a subdirectory of 'include' -- the only # subdirectory of 'include' currently, so it's easier just to treat # that as a single element. fname = sys.argv[1].replace("/" + INTERFACE_REAL_ROOT + "/", "/" + INTERFACE_SYNTHETIC_ROOT + "/") # Parse the absolute location of this repo, its relative path, and # file extension, exiting with no output along the way any time there # is trouble. envoy_index = fname.rfind(ENVOY_ROOT) if envoy_index == -1: sys.exit(0) envoy_index += len(ENVOY_ROOT) absolute_location = fname[0:envoy_index] # "/path/to/gitroot/envoy/" path = fname[envoy_index:] path_elements = path.split("/") if len(path_elements) < 3: sys.exit(0) leaf = path_elements[len(path_elements) - 1] dot = leaf.rfind(".") if dot == -1 or dot == len(leaf) - 1: sys.exit(0) ext = leaf[dot:] # Transforms the input filename based on some transformation rules. Nothing # is emitted if the input path or extension does not match the expected pattern, # or if the file doesn't exist. def emit(source_path, dest_path, source_ending, dest_ending): if fname.endswith(source_ending) and path.startswith(source_path + "/"): path_len = len(path) - len(source_path) - len(source_ending) new_path = (absolute_location + dest_path + path[len(source_path):-len(source_ending)] + dest_ending) if os.path.isfile(new_path): print(new_path) # Depending on which type of file is passed into the script: test, cc, # h, or interface, emit any related ones in cyclic order. root = path_elements[0] if root == TEST_ROOT: emit("test/common", INTERFACE_REAL_ROOT, "_impl_test.cc", ".h") emit(TEST_ROOT, SOURCE_ROOT, "_test.cc", ".cc") emit(TEST_ROOT, SOURCE_ROOT, "_test.cc", ".h") emit(TEST_ROOT, TEST_ROOT, ".cc", ".h") emit(TEST_ROOT, TEST_ROOT, ".cc", "_test.cc") emit(TEST_ROOT, TEST_ROOT, ".h", "_test.cc") emit(TEST_ROOT, TEST_ROOT, ".h", ".cc") emit(TEST_ROOT, TEST_ROOT, "_test.cc", ".cc") emit(TEST_ROOT, TEST_ROOT, "_test.cc", ".h") elif root == SOURCE_ROOT and ext == ".cc": emit(SOURCE_ROOT, SOURCE_ROOT, ".cc", ".h") emit(SOURCE_ROOT, TEST_ROOT, ".cc", "_test.cc") emit("source/common", INTERFACE_REAL_ROOT, "_impl.cc", ".h") elif root == SOURCE_ROOT and ext == ".h": emit(SOURCE_ROOT, TEST_ROOT, ".h", "_test.cc") emit("source/common", INTERFACE_REAL_ROOT, "_impl.h", ".h") emit(SOURCE_ROOT, SOURCE_ROOT, ".h", ".cc") elif root == INTERFACE_SYNTHETIC_ROOT: emit(INTERFACE_SYNTHETIC_ROOT, "source/common", ".h", "_impl.cc") emit(INTERFACE_SYNTHETIC_ROOT, "source/common", ".h", "_impl.h") emit(INTERFACE_SYNTHETIC_ROOT, "test/common", ".h", "_impl_test.cc") ================================================ FILE: tools/gen_compilation_database.py ================================================ #!/usr/bin/env python3 import argparse import glob import json import logging import os import shlex import subprocess from pathlib import Path # This method is equivalent to https://github.com/grailbio/bazel-compilation-database/blob/master/generate.sh def generateCompilationDatabase(args): # We need to download all remote outputs for generated source code. This option lives here to override those # specified in bazelrc. bazel_options = shlex.split(os.environ.get("BAZEL_BUILD_OPTIONS", "")) + [ "--config=compdb", "--remote_download_outputs=all", ] subprocess.check_call(["bazel", "build"] + bazel_options + [ "--aspects=@bazel_compdb//:aspects.bzl%compilation_database_aspect", "--output_groups=compdb_files,header_files" ] + args.bazel_targets) execroot = subprocess.check_output(["bazel", "info", "execution_root"] + bazel_options).decode().strip() compdb = [] for compdb_file in Path(execroot).glob("**/*.compile_commands.json"): compdb.extend(json.loads("[" + compdb_file.read_text().replace("__EXEC_ROOT__", execroot) + "]")) return compdb def isHeader(filename): for ext in (".h", ".hh", ".hpp", ".hxx"): if filename.endswith(ext): return True return False def isCompileTarget(target, args): filename = target["file"] if not args.include_headers and isHeader(filename): return False if not args.include_genfiles: if filename.startswith("bazel-out/"): return False if not args.include_external: if filename.startswith("external/"): return False return True def modifyCompileCommand(target, args): cc, options = target["command"].split(" ", 1) # Workaround for bazel added C++11 options, those doesn't affect build itself but # clang-tidy will misinterpret them. options = options.replace("-std=c++0x ", "") options = options.replace("-std=c++11 ", "") if args.vscode: # Visual Studio Code doesn't seem to like "-iquote". Replace it with # old-style "-I". options = options.replace("-iquote ", "-I ") if isHeader(target["file"]): options += " -Wno-pragma-once-outside-header -Wno-unused-const-variable" options += " -Wno-unused-function" if not target["file"].startswith("external/"): # *.h file is treated as C header by default while our headers files are all C++17. options = "-x c++ -std=c++17 -fexceptions " + options target["command"] = " ".join([cc, options]) return target def fixCompilationDatabase(args, db): db = [modifyCompileCommand(target, args) for target in db if isCompileTarget(target, args)] with open("compile_commands.json", "w") as db_file: json.dump(db, db_file, indent=2) if __name__ == "__main__": parser = argparse.ArgumentParser(description='Generate JSON compilation database') parser.add_argument('--include_external', action='store_true') parser.add_argument('--include_genfiles', action='store_true') parser.add_argument('--include_headers', action='store_true') parser.add_argument('--vscode', action='store_true') parser.add_argument('bazel_targets', nargs='*', default=["//source/...", "//test/...", "//tools/..."]) args = parser.parse_args() fixCompilationDatabase(args, generateCompilationDatabase(args)) ================================================ FILE: tools/git/last_github_commit.sh ================================================ #!/bin/bash # Looking back from HEAD, find the first commit that was merged onto master by GitHub. This is # likely the last non-local change on a given branch. There may be some exceptions for this # heuristic, e.g. when patches are manually merged for security fixes on master, but this is very # rare. git rev-list --no-merges --committer="GitHub " --max-count=1 HEAD ================================================ FILE: tools/git/modified_since_last_github_commit.sh ================================================ #!/bin/bash BASE="$(dirname "$0")" declare -r BASE declare -r TARGET_PATH=$1 declare -r EXTENSION=$2 export TARGET_PATH git diff --name-only "$("${BASE}"/last_github_commit.sh)" | grep "\.${EXTENSION}$" ================================================ FILE: tools/github/requirements.txt ================================================ PyGithub==1.53 \ --hash=sha256:776befaddab9d8fddd525d52a6ca1ac228cf62b5b1e271836d766f4925e1452e \ --hash=sha256:8ad656bf79958e775ec59f7f5a3dbcbadac12147ae3dc42708b951064096af15 ================================================ FILE: tools/github/sync_assignable.py ================================================ # Sync envoyproxy organization users to envoyproxy/assignable team. # # This can be used for bulk cleanups if envoyproxy/assignable is not consistent # with organization membership. In general, prefer to add new members by editing # the envoyproxy/assignable in the GitHub UI, which will also cause an # organization invite to be sent; this reduces the need to manually manage # access tokens. # # Note: the access token supplied must have admin:org (write:org, read:org) # permissions (and ideally be scoped no more widely than this). See Settings -> # Developer settings -> Personal access tokens for access token generation. # Ideally, these should be cleaned up after use. import os import sys import github def GetConfirmation(): """Obtain stdin confirmation to add users in GH.""" return input('Add users to envoyproxy/assignable ? [yN] ').strip().lower() in ('y', 'yes') def SyncAssignable(access_token): organization = github.Github(access_token).get_organization('envoyproxy') team = organization.get_team_by_slug('assignable') organization_members = set(organization.get_members()) assignable_members = set(team.get_members()) missing = organization_members.difference(assignable_members) if not missing: print('envoyproxy/assignable is consistent with organization membership.') return 0 print('The following organization members are missing from envoyproxy/assignable:') for m in missing: print(m.login) if not GetConfirmation(): return 1 for m in missing: team.add_membership(m, 'member') if __name__ == '__main__': access_token = os.getenv('GH_ACCESS_TOKEN') if not access_token: print('Missing GH_ACCESS_TOKEN') sys.exit(1) sys.exit(SyncAssignable(access_token)) ================================================ FILE: tools/github/sync_assignable.sh ================================================ #!/bin/bash . tools/shell_utils.sh set -e python_venv sync_assignable ================================================ FILE: tools/path_fix.sh ================================================ #!/bin/bash # This script can be used to run bazel commands. It will attempt to translate paths in compiler # error messages to real system paths (vs. bazel symbolic links) which may be necessary for some # IDEs to properly associate error messages to files. # To invoke, do something like: # tools/path_fix.sh bazel build //test/... # # NOTE: This implementation is far from perfect and will need to be refined to cover all cases. "$@" 2>&1 | while IFS= read -r LINE do if [[ "${LINE}" =~ [[:space:]]*([^:[:space:]]+):[[:digit:]]+:[[:digit:]]+: ]]; then # Bazel now appears to sometimes spit out paths that don't actually exist on disk at all. I # have no idea why this is happening (sigh). This check makes it so that if readlink fails we # don't attempt to fix the path and just print out what we got. if REAL_PATH=$(readlink -f "${BASH_REMATCH[1]}"); then LINE=${LINE//${BASH_REMATCH[1]}/${REAL_PATH}} fi fi echo "${LINE}" done ================================================ FILE: tools/print_dependencies.py ================================================ #!/usr/bin/env python # Quick-and-dirty python to fetch dependency information import imp import json import os.path import re import subprocess import sys API_DEPS = imp.load_source('api', 'api/bazel/repository_locations.bzl') DEPS = imp.load_source('deps', 'bazel/repository_locations.bzl') def print_deps(deps): print(json.dumps(deps, sort_keys=True, indent=2)) if __name__ == '__main__': deps = [] DEPS.REPOSITORY_LOCATIONS.update(API_DEPS.REPOSITORY_LOCATIONS) for key, loc in DEPS.REPOSITORY_LOCATIONS.items(): deps.append({ 'identifier': key, 'file-sha256': loc.get('sha256'), 'file-url': loc.get('urls')[0], 'file-prefix': loc.get('strip_prefix', ''), }) deps = sorted(deps, key=lambda k: k['identifier']) # Print all dependencies if a target is unspecified if len(sys.argv) == 1: print_deps(deps) exit(0) # Bazel target to print target = sys.argv[1] output = subprocess.check_output(['bazel', 'query', 'deps(%s)' % target]) repos = set() # Gather the explicit list of repositories repo_regex = re.compile('^@(.*)\/\/') for line in output.split('\n'): match = repo_regex.match(line) if match: repos.add(match.group(1)) deps = filter(lambda dep: dep['identifier'] in repos, deps) print_deps(deps) ================================================ FILE: tools/proto_format/active_protos_gen.py ================================================ #!/usr/bin/env python3 # Generate ./api/versioning/BUILD based on packages with files containing # "package_version_status = ACTIVE." import os import string import subprocess import sys BUILD_FILE_TEMPLATE = string.Template( """# DO NOT EDIT. This file is generated by tools/proto_format/active_protos_gen.py. load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 # This tracks active development versions of protos. proto_library( name = "active_protos", visibility = ["//visibility:public"], deps = [ $active_pkgs ], ) # This tracks frozen versions of protos. proto_library( name = "frozen_protos", visibility = ["//visibility:public"], deps = [ $frozen_pkgs ], ) """) # Key sort function to achieve consistent results with buildifier. def BuildOrderKey(key): return key.replace(':', '!') def DepsFormat(pkgs): if not pkgs: return '' return '\n'.join( ' "//%s:pkg",' % p.replace('.', '/') for p in sorted(pkgs, key=BuildOrderKey)) + '\n' # Find packages with a given package version status in a given API tree root. def FindPkgs(package_version_status, api_root): try: active_files = subprocess.check_output( ['grep', '-l', '-r', 'package_version_status = %s;' % package_version_status, api_root]).decode().strip().split('\n') api_protos = [f for f in active_files if f.endswith('.proto')] except subprocess.CalledProcessError: api_protos = [] return set([os.path.dirname(p)[len(api_root) + 1:] for p in api_protos]) if __name__ == '__main__': api_root = sys.argv[1] active_pkgs = FindPkgs('ACTIVE', api_root) frozen_pkgs = FindPkgs('FROZEN', api_root) sys.stdout.write( BUILD_FILE_TEMPLATE.substitute(active_pkgs=DepsFormat(active_pkgs), frozen_pkgs=DepsFormat(frozen_pkgs))) ================================================ FILE: tools/proto_format/proto_format.sh ================================================ #!/bin/bash # Reformat API protos to canonical proto style using protoxform. set -e set -x read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" [[ "$1" == "check" || "$1" == "fix" || "$1" == "freeze" ]] || \ (echo "Usage: $0 "; exit 1) # Developers working on protoxform and other proto format tooling changes will need to override the # following check by setting FORCE_PROTO_FORMAT=yes in the environment. ./tools/git/modified_since_last_github_commit.sh ./api/envoy proto || \ [[ "${FORCE_PROTO_FORMAT}" == "yes" ]] || \ { echo "Skipping proto_format.sh due to no API change"; exit 0; } if [[ "$2" == "--test" ]] then echo "protoxform_test..." ./tools/protoxform/protoxform_test.sh bazel test "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:merge_active_shadow_test fi # Generate //versioning:active_protos. ./tools/proto_format/active_protos_gen.py ./api > ./api/versioning/BUILD # This is for local RBE setup, should be no-op for builds without RBE setting in bazelrc files. BAZEL_BUILD_OPTIONS+=("--remote_download_outputs=all") # If the specified command is 'freeze', we tell protoxform to adjust package version status to # reflect a major version freeze and then do a regular 'fix'. PROTO_SYNC_CMD="$1" if [[ "$1" == "freeze" ]] then declare -r FREEZE_ARG="--//tools/api_proto_plugin:extra_args=freeze" PROTO_SYNC_CMD="fix" fi # Invoke protoxform aspect. bazel build "${BAZEL_BUILD_OPTIONS[@]}" --//tools/api_proto_plugin:default_type_db_target=@envoy_api_canonical//versioning:active_protos ${FREEZE_ARG} \ @envoy_api_canonical//versioning:active_protos --aspects //tools/protoxform:protoxform.bzl%protoxform_aspect --output_groups=proto # Find all source protos. PROTO_TARGETS=() for proto_type in active frozen; do protos=$(bazel query "labels(srcs, labels(deps, @envoy_api_canonical//versioning:${proto_type}_protos))") while read -r line; do PROTO_TARGETS+=("$line"); done \ <<< "$protos" done # Setup for proto_sync.py. TOOLS="$(dirname "$(dirname "$(realpath "$0")")")" # To satisfy dependency on api_proto_plugin. export PYTHONPATH="$TOOLS" # Build protoprint and merge_active_shadow_tools for use in proto_sync.py. bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:protoprint //tools/protoxform:merge_active_shadow # Copy back the FileDescriptorProtos that protoxform emittted to the source tree. This involves # pretty-printing to format with protoprint and potentially merging active/shadow versions of protos # with merge_active_shadow. ./tools/proto_format/proto_sync.py "--mode=${PROTO_SYNC_CMD}" "${PROTO_TARGETS[@]}" # Need to regenerate //versioning:active_protos before building type DB below if freezing. if [[ "$1" == "freeze" ]] then ./tools/proto_format/active_protos_gen.py ./api > ./api/versioning/BUILD fi # Generate api/BUILD file based on updated type database. bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/type_whisperer:api_build_file cp -f bazel-bin/tools/type_whisperer/BUILD.api_build_file api/BUILD # Misc. manual copies to keep generated_api_shadow/ in sync with api/. cp -f ./api/bazel/*.bzl ./api/bazel/BUILD ./generated_api_shadow/bazel ================================================ FILE: tools/proto_format/proto_sync.py ================================================ #!/usr/bin/env python3 # 1. Take protoxform artifacts from Bazel cache and pretty-print with protoprint.py. # 2. In the case where we are generating an Envoy internal shadow, it may be # necessary to combine the current active proto, subject to hand editing, with # shadow artifacts from the previous verion; this is done via # merge_active_shadow.py. # 3. Diff or copy resulting artifacts to the source tree. import argparse from collections import defaultdict import functools import multiprocessing as mp import os import pathlib import re import shutil import string import subprocess import sys import tempfile from api_proto_plugin import utils from importlib.util import spec_from_loader, module_from_spec from importlib.machinery import SourceFileLoader # api/bazel/external_protos_deps.bzl must have a .bzl suffix for Starlark # import, so we are forced to this workaround. _external_proto_deps_spec = spec_from_loader( 'external_proto_deps', SourceFileLoader('external_proto_deps', 'api/bazel/external_proto_deps.bzl')) external_proto_deps = module_from_spec(_external_proto_deps_spec) _external_proto_deps_spec.loader.exec_module(external_proto_deps) # These .proto import direct path prefixes are already handled by # api_proto_package() as implicit dependencies. API_BUILD_SYSTEM_IMPORT_PREFIXES = [ 'google/api/annotations.proto', 'google/protobuf/', 'google/rpc/status.proto', 'validate/validate.proto', ] BUILD_FILE_TEMPLATE = string.Template( """# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package($fields) """) IMPORT_REGEX = re.compile('import "(.*)";') SERVICE_REGEX = re.compile('service \w+ {') PACKAGE_REGEX = re.compile('\npackage: "([^"]*)"') PREVIOUS_MESSAGE_TYPE_REGEX = re.compile(r'previous_message_type\s+=\s+"([^"]*)";') class ProtoSyncError(Exception): pass class RequiresReformatError(ProtoSyncError): def __init__(self, message): super(RequiresReformatError, self).__init__( '%s; either run ./ci/do_ci.sh fix_format or ./tools/proto_format/proto_format.sh fix to reformat.\n' % message) def GetDirectoryFromPackage(package): """Get directory path from package name or full qualified message name Args: package: the full qualified name of package or message. """ return '/'.join(s for s in package.split('.') if s and s[0].islower()) def GetDestinationPath(src): """Obtain destination path from a proto file path by reading its package statement. Args: src: source path """ src_path = pathlib.Path(src) contents = src_path.read_text(encoding='utf8') matches = re.findall(PACKAGE_REGEX, contents) if len(matches) != 1: raise RequiresReformatError("Expect {} has only one package declaration but has {}".format( src, len(matches))) return pathlib.Path(GetDirectoryFromPackage( matches[0])).joinpath(src_path.name.split('.')[0] + ".proto") def GetAbsRelDestinationPath(dst_root, src): """Obtain absolute path from a proto file path combined with destination root. Creates the parent directory if necessary. Args: dst_root: destination root path. src: source path. """ rel_dst_path = GetDestinationPath(src) dst = dst_root.joinpath(rel_dst_path) dst.parent.mkdir(0o755, parents=True, exist_ok=True) return dst, rel_dst_path def ProtoPrint(src, dst): """Pretty-print FileDescriptorProto to a destination file. Args: src: source path for FileDescriptorProto. dst: destination path for formatted proto. """ print('ProtoPrint %s' % dst) subprocess.check_output([ 'bazel-bin/tools/protoxform/protoprint', src, str(dst), './bazel-bin/tools/protoxform/protoprint.runfiles/envoy/tools/type_whisperer/api_type_db.pb_text' ]) def MergeActiveShadow(active_src, shadow_src, dst): """Merge active/shadow FileDescriptorProto to a destination file. Args: active_src: source path for active FileDescriptorProto. shadow_src: source path for active FileDescriptorProto. dst: destination path for FileDescriptorProto. """ print('MergeActiveShadow %s' % dst) subprocess.check_output([ 'bazel-bin/tools/protoxform/merge_active_shadow', active_src, shadow_src, dst, ]) def SyncProtoFile(dst_srcs): """Pretty-print a proto descriptor from protoxform.py Bazel cache artifacts." In the case where we are generating an Envoy internal shadow, it may be necessary to combine the current active proto, subject to hand editing, with shadow artifacts from the previous verion; this is done via MergeActiveShadow(). Args: dst_srcs: destination/sources path tuple. """ dst, srcs = dst_srcs assert (len(srcs) > 0) # If we only have one candidate source for a destination, just pretty-print. if len(srcs) == 1: src = srcs[0] ProtoPrint(src, dst) else: # We should only see an active and next major version candidate from # previous version today. assert (len(srcs) == 2) shadow_srcs = [ s for s in srcs if s.endswith('.next_major_version_candidate.envoy_internal.proto') ] active_src = [s for s in srcs if s.endswith('active_or_frozen.proto')][0] # If we're building the shadow, we need to combine the next major version # candidate shadow with the potentially hand edited active version. if len(shadow_srcs) > 0: assert (len(shadow_srcs) == 1) with tempfile.NamedTemporaryFile() as f: MergeActiveShadow(active_src, shadow_srcs[0], f.name) ProtoPrint(f.name, dst) else: ProtoPrint(active_src, dst) src = active_src rel_dst_path = GetDestinationPath(src) return ['//%s:pkg' % str(rel_dst_path.parent)] def GetImportDeps(proto_path): """Obtain the Bazel dependencies for the import paths from a .proto file. Args: proto_path: path to .proto. Returns: A list of Bazel targets reflecting the imports in the .proto at proto_path. """ imports = [] with open(proto_path, 'r', encoding='utf8') as f: for line in f: match = re.match(IMPORT_REGEX, line) if match: import_path = match.group(1) # We can ignore imports provided implicitly by api_proto_package(). if any(import_path.startswith(p) for p in API_BUILD_SYSTEM_IMPORT_PREFIXES): continue # Special case handling for UDPA annotations. if import_path.startswith('udpa/annotations/'): imports.append('@com_github_cncf_udpa//udpa/annotations:pkg') continue # Special case handling for UDPA core. if import_path.startswith('udpa/core/v1/'): imports.append('@com_github_cncf_udpa//udpa/core/v1:pkg') continue # Explicit remapping for external deps, compute paths for envoy/*. if import_path in external_proto_deps.EXTERNAL_PROTO_IMPORT_BAZEL_DEP_MAP: imports.append(external_proto_deps.EXTERNAL_PROTO_IMPORT_BAZEL_DEP_MAP[import_path]) continue if import_path.startswith('envoy/'): # Ignore package internal imports. if os.path.dirname(proto_path).endswith(os.path.dirname(import_path)): continue imports.append('//%s:pkg' % os.path.dirname(import_path)) continue raise ProtoSyncError( 'Unknown import path mapping for %s, please update the mappings in tools/proto_format/proto_sync.py.\n' % import_path) return imports def GetPreviousMessageTypeDeps(proto_path): """Obtain the Bazel dependencies for the previous version of messages in a .proto file. We need to link in earlier proto descriptors to support Envoy reflection upgrades. Args: proto_path: path to .proto. Returns: A list of Bazel targets reflecting the previous message types in the .proto at proto_path. """ contents = pathlib.Path(proto_path).read_text(encoding='utf8') matches = re.findall(PREVIOUS_MESSAGE_TYPE_REGEX, contents) deps = [] for m in matches: target = '//%s:pkg' % GetDirectoryFromPackage(m) deps.append(target) return deps def HasServices(proto_path): """Does a .proto file have any service definitions? Args: proto_path: path to .proto. Returns: True iff there are service definitions in the .proto at proto_path. """ with open(proto_path, 'r', encoding='utf8') as f: for line in f: if re.match(SERVICE_REGEX, line): return True return False # Key sort function to achieve consistent results with buildifier. def BuildOrderKey(key): return key.replace(':', '!') def BuildFileContents(root, files): """Compute the canonical BUILD contents for an api/ proto directory. Args: root: base path to directory. files: a list of files in the directory. Returns: A string containing the canonical BUILD file content for root. """ import_deps = set(sum([GetImportDeps(os.path.join(root, f)) for f in files], [])) history_deps = set(sum([GetPreviousMessageTypeDeps(os.path.join(root, f)) for f in files], [])) deps = import_deps.union(history_deps) has_services = any(HasServices(os.path.join(root, f)) for f in files) fields = [] if has_services: fields.append(' has_services = True,') if deps: if len(deps) == 1: formatted_deps = '"%s"' % list(deps)[0] else: formatted_deps = '\n' + '\n'.join( ' "%s",' % dep for dep in sorted(deps, key=BuildOrderKey)) + '\n ' fields.append(' deps = [%s],' % formatted_deps) formatted_fields = '\n' + '\n'.join(fields) + '\n' if fields else '' return BUILD_FILE_TEMPLATE.substitute(fields=formatted_fields) def SyncBuildFiles(cmd, dst_root): """Diff or in-place update api/ BUILD files. Args: cmd: 'check' or 'fix'. """ for root, dirs, files in os.walk(str(dst_root)): is_proto_dir = any(f.endswith('.proto') for f in files) if not is_proto_dir: continue build_contents = BuildFileContents(root, files) build_path = os.path.join(root, 'BUILD') with open(build_path, 'w') as f: f.write(build_contents) def GenerateCurrentApiDir(api_dir, dst_dir): """Helper function to generate original API repository to be compared with diff. This copies the original API repository and deletes file we don't want to compare. Args: api_dir: the original api directory dst_dir: the api directory to be compared in temporary directory """ dst = dst_dir.joinpath("envoy") shutil.copytree(str(api_dir.joinpath("envoy")), str(dst)) for p in dst.glob('**/*.md'): p.unlink() # envoy.service.auth.v2alpha exist for compatibility while we don't run in protoxform # so we ignore it here. shutil.rmtree(str(dst.joinpath("service", "auth", "v2alpha"))) def GitStatus(path): return subprocess.check_output(['git', 'status', '--porcelain', str(path)]).decode() def GitModifiedFiles(path, suffix): """Obtain a list of modified files since the last commit merged by GitHub. Args: path: path to examine. suffix: path suffix to filter with. Return: A list of strings providing the paths of modified files in the repo. """ try: modified_files = subprocess.check_output( ['tools/git/modified_since_last_github_commit.sh', 'api', 'proto']).decode().split() return modified_files except subprocess.CalledProcessError as e: if e.returncode == 1: return [] raise # If we're not forcing format, i.e. FORCE_PROTO_FORMAT=yes, in the environment, # then try and see if we can skip reformatting based on some simple path # heuristics. This saves a ton of time, since proto format and sync is not # running under Bazel and can't do change detection. def ShouldSync(path, api_proto_modified_files, py_tools_modified_files): if os.getenv('FORCE_PROTO_FORMAT') == 'yes': return True # If tools change, safest thing to do is rebuild everything. if len(py_tools_modified_files) > 0: return True # Check to see if the basename of the file has been modified since the last # GitHub commit. If so, rebuild. This is safe and conservative across package # migrations in v3 and v4alpha; we could achieve a lower rate of false # positives if we examined package migration annotations, at the expense of # complexity. for p in api_proto_modified_files: if os.path.basename(p) in path: return True # Otherwise we can safely skip syncing. return False def Sync(api_root, mode, labels, shadow): api_proto_modified_files = GitModifiedFiles('api', 'proto') py_tools_modified_files = GitModifiedFiles('tools', 'py') with tempfile.TemporaryDirectory() as tmp: dst_dir = pathlib.Path(tmp).joinpath("b") paths = [] for label in labels: paths.append(utils.BazelBinPathForOutputArtifact(label, '.active_or_frozen.proto')) paths.append( utils.BazelBinPathForOutputArtifact( label, '.next_major_version_candidate.envoy_internal.proto' if shadow else '.next_major_version_candidate.proto')) dst_src_paths = defaultdict(list) for path in paths: if os.stat(path).st_size > 0: abs_dst_path, rel_dst_path = GetAbsRelDestinationPath(dst_dir, path) if ShouldSync(path, api_proto_modified_files, py_tools_modified_files): dst_src_paths[abs_dst_path].append(path) else: print('Skipping sync of %s' % path) src_path = str(pathlib.Path(api_root, rel_dst_path)) shutil.copy(src_path, abs_dst_path) with mp.Pool() as p: pkg_deps = p.map(SyncProtoFile, dst_src_paths.items()) SyncBuildFiles(mode, dst_dir) current_api_dir = pathlib.Path(tmp).joinpath("a") current_api_dir.mkdir(0o755, True, True) api_root_path = pathlib.Path(api_root) GenerateCurrentApiDir(api_root_path, current_api_dir) # These support files are handled manually. for f in [ 'envoy/annotations/resource.proto', 'envoy/annotations/deprecation.proto', 'envoy/annotations/BUILD' ]: copy_dst_dir = pathlib.Path(dst_dir, os.path.dirname(f)) copy_dst_dir.mkdir(exist_ok=True) shutil.copy(str(pathlib.Path(api_root, f)), str(copy_dst_dir)) diff = subprocess.run(['diff', '-Npur', "a", "b"], cwd=tmp, stdout=subprocess.PIPE).stdout if diff.strip(): if mode == "check": print("Please apply following patch to directory '{}'".format(api_root), file=sys.stderr) print(diff.decode(), file=sys.stderr) sys.exit(1) if mode == "fix": git_status = GitStatus(api_root) if git_status: print('git status indicates a dirty API tree:\n%s' % git_status) print( 'Proto formatting may overwrite or delete files in the above list with no git backup.' ) if input('Continue? [yN] ').strip().lower() != 'y': sys.exit(1) src_files = set(str(p.relative_to(current_api_dir)) for p in current_api_dir.rglob('*')) dst_files = set(str(p.relative_to(dst_dir)) for p in dst_dir.rglob('*')) deleted_files = src_files.difference(dst_files) if deleted_files: print('The following files will be deleted: %s' % sorted(deleted_files)) print( 'If this is not intended, please see https://github.com/envoyproxy/envoy/blob/master/api/STYLE.md#adding-an-extension-configuration-to-the-api.' ) if input('Delete files? [yN] ').strip().lower() == 'y': subprocess.run(['patch', '-p1'], input=diff, cwd=str(api_root_path.resolve())) else: sys.exit(1) else: subprocess.run(['patch', '-p1'], input=diff, cwd=str(api_root_path.resolve())) if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument('--mode', choices=['check', 'fix']) parser.add_argument('--api_root', default='./api') parser.add_argument('--api_shadow_root', default='./generated_api_shadow') parser.add_argument('labels', nargs='*') args = parser.parse_args() Sync(args.api_root, args.mode, args.labels, False) Sync(args.api_shadow_root, args.mode, args.labels, True) ================================================ FILE: tools/protodoc/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary") load("@protodoc_pip3//:requirements.bzl", "requirement") load("//bazel:envoy_build_system.bzl", "envoy_package", "envoy_proto_library") licenses(["notice"]) # Apache 2 envoy_package() py_binary( name = "generate_empty", srcs = ["generate_empty.py"], visibility = ["//visibility:public"], deps = [":protodoc"], ) envoy_proto_library( name = "manifest_proto", srcs = ["manifest.proto"], ) py_binary( name = "protodoc", srcs = ["protodoc.py"], data = ["//docs:protodoc_manifest.yaml"], visibility = ["//visibility:public"], deps = [ ":manifest_proto_py_proto", "//tools/api_proto_plugin", "//tools/config_validation:validate_fragment", "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_protobuf//:protobuf_python", requirement("PyYAML"), ], ) ================================================ FILE: tools/protodoc/generate_empty.py ================================================ # Generate pseudo API docs for extensions that have google.protobuf.Empty # config. import json import pathlib import string import sys import protodoc EMPTY_EXTENSION_DOCS_TEMPLATE = string.Template("""$header $description $reflink This extension does not have a structured configuration, `google.protobuf.Empty `_ should be used instead. $extension """) def GenerateEmptyExtensionsDocs(extension, details, api_extensions_root): extension_root = pathlib.Path(details['path']) path = pathlib.Path(api_extensions_root, extension_root, 'empty', extension_root.name + '.rst') path.parent.mkdir(parents=True, exist_ok=True) description = details.get('description', '') reflink = '' if 'ref' in details: reflink = '%s %s.' % (details['title'], protodoc.FormatInternalLink('configuration overview', details['ref'])) content = EMPTY_EXTENSION_DOCS_TEMPLATE.substitute(header=protodoc.FormatHeader( '=', details['title']), description=description, reflink=reflink, extension=protodoc.FormatExtension(extension)) path.write_text(content) if __name__ == '__main__': empty_extensions_path = sys.argv[1] api_extensions_root = sys.argv[2] empty_extensions = json.loads(pathlib.Path(empty_extensions_path).read_text()) for extension, details in empty_extensions.items(): GenerateEmptyExtensionsDocs(extension, details, api_extensions_root) ================================================ FILE: tools/protodoc/manifest.proto ================================================ syntax = "proto3"; package tools.protodoc; import "google/protobuf/struct.proto"; // Additional structure information consumed by protodoc when generating // documentation for a field. message Description { message EdgeConfiguration { // Example secure edge default for the field. google.protobuf.Value example = 1; // Additional note to include in the configuration warning. string note = 2; } // Additional information for when this field is used in edge deployments. EdgeConfiguration edge_config = 1; // TODO: add additional information here to reflect things like Envoy // implementation status. } message Manifest { // Map from fully qualified field name to additional information to be used in // protodoc generation. map fields = 1; } ================================================ FILE: tools/protodoc/protodoc.bzl ================================================ load("//tools/api_proto_plugin:plugin.bzl", "api_proto_plugin_aspect", "api_proto_plugin_impl") def _protodoc_impl(target, ctx): return api_proto_plugin_impl(target, ctx, "rst", "protodoc", [".rst"]) # Bazel aspect (https://docs.bazel.build/versions/master/starlark/aspects.html) # that can be invoked from the CLI to produce docs via //tools/protodoc for # proto_library targets. Example use: # # bazel build //api --aspects tools/protodoc/protodoc.bzl%protodoc_aspect \ # --output_groups=rst # # The aspect builds the transitive docs, so any .proto in the dependency graph # get docs created. protodoc_aspect = api_proto_plugin_aspect("//tools/protodoc", _protodoc_impl) ================================================ FILE: tools/protodoc/protodoc.py ================================================ # protoc plugin to map from FileDescriptorProtos to Envoy doc style RST. # See https://github.com/google/protobuf/blob/master/src/google/protobuf/descriptor.proto # for the underlying protos mentioned in this file. See # https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html for Sphinx RST syntax. from collections import defaultdict import json import functools import os import pathlib import re import string import sys from google.protobuf import json_format from bazel_tools.tools.python.runfiles import runfiles import yaml # We have to do some evil things to sys.path due to the way that Python module # resolution works; we have both tools/ trees in bazel_tools and envoy. By # default, Bazel leaves us with a sys.path in which the @bazel_tools repository # takes precedence. Now that we're done with importing runfiles above, we can # just remove it from the sys.path. sys.path = [p for p in sys.path if not p.endswith('bazel_tools')] from tools.api_proto_plugin import annotations from tools.api_proto_plugin import plugin from tools.api_proto_plugin import visitor from tools.config_validation import validate_fragment from tools.protodoc import manifest_pb2 from udpa.annotations import security_pb2 from udpa.annotations import status_pb2 from validate import validate_pb2 # Namespace prefix for Envoy core APIs. ENVOY_API_NAMESPACE_PREFIX = '.envoy.api.v2.' # Namespace prefix for Envoy top-level APIs. ENVOY_PREFIX = '.envoy.' # Namespace prefix for WKTs. WKT_NAMESPACE_PREFIX = '.google.protobuf.' # Namespace prefix for RPCs. RPC_NAMESPACE_PREFIX = '.google.rpc.' # http://www.fileformat.info/info/unicode/char/2063/index.htm UNICODE_INVISIBLE_SEPARATOR = u'\u2063' # Template for data plane API URLs. DATA_PLANE_API_URL_FMT = 'https://github.com/envoyproxy/envoy/blob/{}/api/%s#L%d'.format( os.environ['ENVOY_BLOB_SHA']) # Template for formating extension descriptions. EXTENSION_TEMPLATE = string.Template("""$anchor This extension may be referenced by the qualified name *$extension* .. note:: $status $security_posture """) # A map from the extension security postures (as defined in the # envoy_cc_extension build macro) to human readable text for extension docs. EXTENSION_SECURITY_POSTURES = { 'robust_to_untrusted_downstream': 'This extension is intended to be robust against untrusted downstream traffic. It ' 'assumes that the upstream is trusted.', 'robust_to_untrusted_downstream_and_upstream': 'This extension is intended to be robust against both untrusted downstream and ' 'upstream traffic.', 'requires_trusted_downstream_and_upstream': 'This extension is not hardened and should only be used in deployments' ' where both the downstream and upstream are trusted.', 'unknown': 'This extension has an unknown security posture and should only be ' 'used in deployments where both the downstream and upstream are ' 'trusted.', 'data_plane_agnostic': 'This extension does not operate on the data plane and hence is intended to be robust against untrusted traffic.', } # A map from the extension status value to a human readable text for extension # docs. EXTENSION_STATUS_VALUES = { 'alpha': 'This extension is functional but has not had substantial production burn time, use only with this caveat.', 'wip': 'This extension is work-in-progress. Functionality is incomplete and it is not intended for production use.', } class ProtodocError(Exception): """Base error class for the protodoc module.""" def HideNotImplemented(comment): """Should a given type_context.Comment be hidden because it is tagged as [#not-implemented-hide:]?""" return annotations.NOT_IMPLEMENTED_HIDE_ANNOTATION in comment.annotations def GithubUrl(type_context): """Obtain data plane API Github URL by path from a TypeContext. Args: type_context: type_context.TypeContext for node. Returns: A string with a corresponding data plane API GitHub Url. """ if type_context.location is not None: return DATA_PLANE_API_URL_FMT % (type_context.source_code_info.name, type_context.location.span[0]) return '' def FormatCommentWithAnnotations(comment, type_name=''): """Format a comment string with additional RST for annotations. Args: comment: comment string. type_name: optional, 'message' or 'enum' may be specified for additional message/enum specific annotations. Returns: A string with additional RST from annotations. """ formatted_extension = '' if annotations.EXTENSION_ANNOTATION in comment.annotations: extension = comment.annotations[annotations.EXTENSION_ANNOTATION] formatted_extension = FormatExtension(extension) return annotations.WithoutAnnotations(StripLeadingSpace(comment.raw) + '\n') + formatted_extension def MapLines(f, s): """Apply a function across each line in a flat string. Args: f: A string transform function for a line. s: A string consisting of potentially multiple lines. Returns: A flat string with f applied to each line. """ return '\n'.join(f(line) for line in s.split('\n')) def Indent(spaces, line): """Indent a string.""" return ' ' * spaces + line def IndentLines(spaces, lines): """Indent a list of strings.""" return map(functools.partial(Indent, spaces), lines) def FormatInternalLink(text, ref): return ':ref:`%s <%s>`' % (text, ref) def FormatExternalLink(text, ref): return '`%s <%s>`_' % (text, ref) def FormatHeader(style, text): """Format RST header. Args: style: underline style, e.g. '=', '-'. text: header text Returns: RST formatted header. """ return '%s\n%s\n\n' % (text, style * len(text)) def FormatExtension(extension): """Format extension metadata as RST. Args: extension: the name of the extension, e.g. com.acme.foo. Returns: RST formatted extension description. """ try: extension_metadata = json.loads(pathlib.Path( os.getenv('EXTENSION_DB_PATH')).read_text())[extension] anchor = FormatAnchor('extension_' + extension) status = EXTENSION_STATUS_VALUES.get(extension_metadata['status'], '') security_posture = EXTENSION_SECURITY_POSTURES[extension_metadata['security_posture']] return EXTENSION_TEMPLATE.substitute(anchor=anchor, extension=extension, status=status, security_posture=security_posture) except KeyError as e: sys.stderr.write( '\n\nDid you forget to add an entry to source/extensions/extensions_build_config.bzl?\n\n') exit(1) # Raising the error buries the above message in tracebacks. def FormatHeaderFromFile(style, source_code_info, proto_name): """Format RST header based on special file level title Args: style: underline style, e.g. '=', '-'. source_code_info: SourceCodeInfo object. proto_name: If the file_level_comment does not contain a user specified title, use this as page title. Returns: RST formatted header, and file level comment without page title strings. """ anchor = FormatAnchor(FileCrossRefLabel(proto_name)) stripped_comment = annotations.WithoutAnnotations( StripLeadingSpace('\n'.join(c + '\n' for c in source_code_info.file_level_comments))) formatted_extension = '' if annotations.EXTENSION_ANNOTATION in source_code_info.file_level_annotations: extension = source_code_info.file_level_annotations[annotations.EXTENSION_ANNOTATION] formatted_extension = FormatExtension(extension) if annotations.DOC_TITLE_ANNOTATION in source_code_info.file_level_annotations: return anchor + FormatHeader( style, source_code_info.file_level_annotations[ annotations.DOC_TITLE_ANNOTATION]) + formatted_extension, stripped_comment return anchor + FormatHeader(style, proto_name) + formatted_extension, stripped_comment def FormatFieldTypeAsJson(type_context, field): """Format FieldDescriptorProto.Type as a pseudo-JSON string. Args: type_context: contextual information for message/enum/field. field: FieldDescriptor proto. Return: RST formatted pseudo-JSON string representation of field type. """ if TypeNameFromFQN(field.type_name) in type_context.map_typenames: return '"{...}"' if field.label == field.LABEL_REPEATED: return '[]' if field.type == field.TYPE_MESSAGE: return '"{...}"' return '"..."' def FormatMessageAsJson(type_context, msg): """Format a message definition DescriptorProto as a pseudo-JSON block. Args: type_context: contextual information for message/enum/field. msg: message definition DescriptorProto. Return: RST formatted pseudo-JSON string representation of message definition. """ lines = [] for index, field in enumerate(msg.field): field_type_context = type_context.ExtendField(index, field.name) leading_comment = field_type_context.leading_comment if HideNotImplemented(leading_comment): continue lines.append('"%s": %s' % (field.name, FormatFieldTypeAsJson(type_context, field))) if lines: return '.. code-block:: json\n\n {\n' + ',\n'.join(IndentLines(4, lines)) + '\n }\n\n' else: return '.. code-block:: json\n\n {}\n\n' def NormalizeFieldTypeName(field_fqn): """Normalize a fully qualified field type name, e.g. .envoy.foo.bar. Strips leading ENVOY_API_NAMESPACE_PREFIX and ENVOY_PREFIX. Args: field_fqn: a fully qualified type name from FieldDescriptorProto.type_name. Return: Normalized type name. """ if field_fqn.startswith(ENVOY_API_NAMESPACE_PREFIX): return field_fqn[len(ENVOY_API_NAMESPACE_PREFIX):] if field_fqn.startswith(ENVOY_PREFIX): return field_fqn[len(ENVOY_PREFIX):] return field_fqn def NormalizeTypeContextName(type_name): """Normalize a type name, e.g. envoy.foo.bar. Strips leading ENVOY_API_NAMESPACE_PREFIX and ENVOY_PREFIX. Args: type_name: a name from a TypeContext. Return: Normalized type name. """ return NormalizeFieldTypeName(QualifyTypeName(type_name)) def QualifyTypeName(type_name): return '.' + type_name def TypeNameFromFQN(fqn): return fqn[1:] def FormatEmph(s): """RST format a string for emphasis.""" return '*%s*' % s def FormatFieldType(type_context, field): """Format a FieldDescriptorProto type description. Adds cross-refs for message types. TODO(htuch): Add cross-refs for enums as well. Args: type_context: contextual information for message/enum/field. field: FieldDescriptor proto. Return: RST formatted field type. """ if field.type_name.startswith(ENVOY_API_NAMESPACE_PREFIX) or field.type_name.startswith( ENVOY_PREFIX): type_name = NormalizeFieldTypeName(field.type_name) if field.type == field.TYPE_MESSAGE: if type_context.map_typenames and TypeNameFromFQN( field.type_name) in type_context.map_typenames: return 'map<%s, %s>' % tuple( map(functools.partial(FormatFieldType, type_context), type_context.map_typenames[TypeNameFromFQN(field.type_name)])) return FormatInternalLink(type_name, MessageCrossRefLabel(type_name)) if field.type == field.TYPE_ENUM: return FormatInternalLink(type_name, EnumCrossRefLabel(type_name)) elif field.type_name.startswith(WKT_NAMESPACE_PREFIX): wkt = field.type_name[len(WKT_NAMESPACE_PREFIX):] return FormatExternalLink( wkt, 'https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#%s' % wkt.lower()) elif field.type_name.startswith(RPC_NAMESPACE_PREFIX): rpc = field.type_name[len(RPC_NAMESPACE_PREFIX):] return FormatExternalLink( rpc, 'https://cloud.google.com/natural-language/docs/reference/rpc/google.rpc#%s' % rpc.lower()) elif field.type_name: return field.type_name pretty_type_names = { field.TYPE_DOUBLE: 'double', field.TYPE_FLOAT: 'float', field.TYPE_INT32: 'int32', field.TYPE_SFIXED32: 'int32', field.TYPE_SINT32: 'int32', field.TYPE_FIXED32: 'uint32', field.TYPE_UINT32: 'uint32', field.TYPE_INT64: 'int64', field.TYPE_SFIXED64: 'int64', field.TYPE_SINT64: 'int64', field.TYPE_FIXED64: 'uint64', field.TYPE_UINT64: 'uint64', field.TYPE_BOOL: 'bool', field.TYPE_STRING: 'string', field.TYPE_BYTES: 'bytes', } if field.type in pretty_type_names: return FormatExternalLink(pretty_type_names[field.type], 'https://developers.google.com/protocol-buffers/docs/proto#scalar') raise ProtodocError('Unknown field type ' + str(field.type)) def StripLeadingSpace(s): """Remove leading space in flat comment strings.""" return MapLines(lambda s: s[1:], s) def FileCrossRefLabel(msg_name): """File cross reference label.""" return 'envoy_api_file_%s' % msg_name def MessageCrossRefLabel(msg_name): """Message cross reference label.""" return 'envoy_api_msg_%s' % msg_name def EnumCrossRefLabel(enum_name): """Enum cross reference label.""" return 'envoy_api_enum_%s' % enum_name def FieldCrossRefLabel(field_name): """Field cross reference label.""" return 'envoy_api_field_%s' % field_name def EnumValueCrossRefLabel(enum_value_name): """Enum value cross reference label.""" return 'envoy_api_enum_value_%s' % enum_value_name def FormatAnchor(label): """Format a label as an Envoy API RST anchor.""" return '.. _%s:\n\n' % label def FormatSecurityOptions(security_option, field, type_context, edge_config): sections = [] if security_option.configure_for_untrusted_downstream: sections.append( Indent(4, 'This field should be configured in the presence of untrusted *downstreams*.')) if security_option.configure_for_untrusted_upstream: sections.append( Indent(4, 'This field should be configured in the presence of untrusted *upstreams*.')) if edge_config.note: sections.append(Indent(4, edge_config.note)) example_dict = json_format.MessageToDict(edge_config.example) validate_fragment.ValidateFragment(field.type_name[1:], example_dict) field_name = type_context.name.split('.')[-1] example = {field_name: example_dict} sections.append( Indent(4, 'Example configuration for untrusted environments:\n\n') + Indent(4, '.. code-block:: yaml\n\n') + '\n'.join(IndentLines(6, yaml.dump(example).split('\n')))) return '.. attention::\n' + '\n\n'.join(sections) def FormatFieldAsDefinitionListItem(outer_type_context, type_context, field, protodoc_manifest): """Format a FieldDescriptorProto as RST definition list item. Args: outer_type_context: contextual information for enclosing message. type_context: contextual information for message/enum/field. field: FieldDescriptorProto. protodoc_manifest: tools.protodoc.Manifest for proto. Returns: RST formatted definition list item. """ field_annotations = [] anchor = FormatAnchor(FieldCrossRefLabel(NormalizeTypeContextName(type_context.name))) if field.options.HasExtension(validate_pb2.rules): rule = field.options.Extensions[validate_pb2.rules] if ((rule.HasField('message') and rule.message.required) or (rule.HasField('duration') and rule.duration.required) or (rule.HasField('string') and rule.string.min_len > 0) or (rule.HasField('string') and rule.string.min_bytes > 0) or (rule.HasField('repeated') and rule.repeated.min_items > 0)): field_annotations = ['*REQUIRED*'] leading_comment = type_context.leading_comment formatted_leading_comment = FormatCommentWithAnnotations(leading_comment) if HideNotImplemented(leading_comment): return '' if field.HasField('oneof_index'): oneof_context = outer_type_context.ExtendOneof(field.oneof_index, type_context.oneof_names[field.oneof_index]) oneof_comment = oneof_context.leading_comment formatted_oneof_comment = FormatCommentWithAnnotations(oneof_comment) if HideNotImplemented(oneof_comment): return '' # If the oneof only has one field and marked required, mark the field as required. if len(type_context.oneof_fields[field.oneof_index]) == 1 and type_context.oneof_required[ field.oneof_index]: field_annotations = ['*REQUIRED*'] if len(type_context.oneof_fields[field.oneof_index]) > 1: # Fields in oneof shouldn't be marked as required when we have oneof comment below it. field_annotations = [] oneof_template = '\nPrecisely one of %s must be set.\n' if type_context.oneof_required[ field.oneof_index] else '\nOnly one of %s may be set.\n' formatted_oneof_comment += oneof_template % ', '.join( FormatInternalLink( f, FieldCrossRefLabel(NormalizeTypeContextName( outer_type_context.ExtendField(i, f).name))) for i, f in type_context.oneof_fields[field.oneof_index]) else: formatted_oneof_comment = '' # If there is a udpa.annotations.security option, include it after the comment. if field.options.HasExtension(security_pb2.security): manifest_description = protodoc_manifest.fields.get(type_context.name) if not manifest_description: raise ProtodocError('Missing protodoc manifest YAML for %s' % type_context.name) formatted_security_options = FormatSecurityOptions( field.options.Extensions[security_pb2.security], field, type_context, manifest_description.edge_config) else: formatted_security_options = '' comment = '(%s) ' % ', '.join([FormatFieldType(type_context, field)] + field_annotations) + formatted_leading_comment return anchor + field.name + '\n' + MapLines(functools.partial( Indent, 2), comment + formatted_oneof_comment) + formatted_security_options def FormatMessageAsDefinitionList(type_context, msg, protodoc_manifest): """Format a DescriptorProto as RST definition list. Args: type_context: contextual information for message/enum/field. msg: DescriptorProto. protodoc_manifest: tools.protodoc.Manifest for proto. Returns: RST formatted definition list item. """ type_context.oneof_fields = defaultdict(list) type_context.oneof_required = defaultdict(bool) type_context.oneof_names = defaultdict(list) for index, field in enumerate(msg.field): if field.HasField('oneof_index'): leading_comment = type_context.ExtendField(index, field.name).leading_comment if HideNotImplemented(leading_comment): continue type_context.oneof_fields[field.oneof_index].append((index, field.name)) for index, oneof_decl in enumerate(msg.oneof_decl): if oneof_decl.options.HasExtension(validate_pb2.required): type_context.oneof_required[index] = oneof_decl.options.Extensions[validate_pb2.required] type_context.oneof_names[index] = oneof_decl.name return '\n'.join( FormatFieldAsDefinitionListItem(type_context, type_context.ExtendField(index, field.name), field, protodoc_manifest) for index, field in enumerate(msg.field)) + '\n' def FormatEnumValueAsDefinitionListItem(type_context, enum_value): """Format a EnumValueDescriptorProto as RST definition list item. Args: type_context: contextual information for message/enum/field. enum_value: EnumValueDescriptorProto. Returns: RST formatted definition list item. """ anchor = FormatAnchor(EnumValueCrossRefLabel(NormalizeTypeContextName(type_context.name))) default_comment = '*(DEFAULT)* ' if enum_value.number == 0 else '' leading_comment = type_context.leading_comment formatted_leading_comment = FormatCommentWithAnnotations(leading_comment) if HideNotImplemented(leading_comment): return '' comment = default_comment + UNICODE_INVISIBLE_SEPARATOR + formatted_leading_comment return anchor + enum_value.name + '\n' + MapLines(functools.partial(Indent, 2), comment) def FormatEnumAsDefinitionList(type_context, enum): """Format a EnumDescriptorProto as RST definition list. Args: type_context: contextual information for message/enum/field. enum: DescriptorProto. Returns: RST formatted definition list item. """ return '\n'.join( FormatEnumValueAsDefinitionListItem(type_context.ExtendEnumValue(index, enum_value.name), enum_value) for index, enum_value in enumerate(enum.value)) + '\n' def FormatProtoAsBlockComment(proto): """Format a proto as a RST block comment. Useful in debugging, not usually referenced. """ return '\n\nproto::\n\n' + MapLines(functools.partial(Indent, 2), str(proto)) + '\n' class RstFormatVisitor(visitor.Visitor): """Visitor to generate a RST representation from a FileDescriptor proto. See visitor.Visitor for visitor method docs comments. """ def __init__(self): r = runfiles.Create() with open(r.Rlocation('envoy/docs/protodoc_manifest.yaml'), 'r') as f: # Load as YAML, emit as JSON and then parse as proto to provide type # checking. protodoc_manifest_untyped = yaml.safe_load(f.read()) self.protodoc_manifest = manifest_pb2.Manifest() json_format.Parse(json.dumps(protodoc_manifest_untyped), self.protodoc_manifest) def VisitEnum(self, enum_proto, type_context): normal_enum_type = NormalizeTypeContextName(type_context.name) anchor = FormatAnchor(EnumCrossRefLabel(normal_enum_type)) header = FormatHeader('-', 'Enum %s' % normal_enum_type) github_url = GithubUrl(type_context) proto_link = FormatExternalLink('[%s proto]' % normal_enum_type, github_url) + '\n\n' leading_comment = type_context.leading_comment formatted_leading_comment = FormatCommentWithAnnotations(leading_comment, 'enum') if HideNotImplemented(leading_comment): return '' return anchor + header + proto_link + formatted_leading_comment + FormatEnumAsDefinitionList( type_context, enum_proto) def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): # Skip messages synthesized to represent map types. if msg_proto.options.map_entry: return '' normal_msg_type = NormalizeTypeContextName(type_context.name) anchor = FormatAnchor(MessageCrossRefLabel(normal_msg_type)) header = FormatHeader('-', normal_msg_type) github_url = GithubUrl(type_context) proto_link = FormatExternalLink('[%s proto]' % normal_msg_type, github_url) + '\n\n' leading_comment = type_context.leading_comment formatted_leading_comment = FormatCommentWithAnnotations(leading_comment, 'message') if HideNotImplemented(leading_comment): return '' return anchor + header + proto_link + formatted_leading_comment + FormatMessageAsJson( type_context, msg_proto) + FormatMessageAsDefinitionList( type_context, msg_proto, self.protodoc_manifest) + '\n'.join(nested_msgs) + '\n' + '\n'.join(nested_enums) def VisitFile(self, file_proto, type_context, services, msgs, enums): has_messages = True if all(len(msg) == 0 for msg in msgs) and all(len(enum) == 0 for enum in enums): has_messages = False # TODO(mattklein123): The logic in both the doc and transform tool around files without messages # is confusing and should be cleaned up. This is a stop gap to have titles for all proto docs # in the common case. if (has_messages and not annotations.DOC_TITLE_ANNOTATION in type_context.source_code_info.file_level_annotations and file_proto.name.startswith('envoy')): raise ProtodocError('Envoy API proto file missing [#protodoc-title:] annotation: {}'.format( file_proto.name)) # Find the earliest detached comment, attribute it to file level. # Also extract file level titles if any. header, comment = FormatHeaderFromFile('=', type_context.source_code_info, file_proto.name) # If there are no messages, we don't include in the doc tree (no support for # service rendering yet). We allow these files to be missing from the # toctrees. if not has_messages: header = ':orphan:\n\n' + header warnings = '' if file_proto.options.HasExtension(status_pb2.file_status): if file_proto.options.Extensions[status_pb2.file_status].work_in_progress: warnings += ('.. warning::\n This API is work-in-progress and is ' 'subject to breaking changes.\n\n') debug_proto = FormatProtoAsBlockComment(file_proto) return header + warnings + comment + '\n'.join(msgs) + '\n'.join(enums) # + debug_proto def Main(): plugin.Plugin([plugin.DirectOutputDescriptor('.rst', RstFormatVisitor)]) if __name__ == '__main__': Main() ================================================ FILE: tools/protodoc/requirements.txt ================================================ PyYAML==5.3.1 \ --hash=sha256:06a0d7ba600ce0b2d2fe2e78453a470b5a6e000a985dd4a4e54e436cc36b0e97 \ --hash=sha256:240097ff019d7c70a4922b6869d8a86407758333f02203e0fc6ff79c5dcede76 \ --hash=sha256:4f4b913ca1a7319b33cfb1369e91e50354d6f07a135f3b901aca02aa95940bd2 \ --hash=sha256:69f00dca373f240f842b2931fb2c7e14ddbacd1397d57157a9b005a6a9942648 \ --hash=sha256:73f099454b799e05e5ab51423c7bcf361c58d3206fa7b0d555426b1f4d9a3eaf \ --hash=sha256:74809a57b329d6cc0fdccee6318f44b9b8649961fa73144a98735b0aaf029f1f \ --hash=sha256:7739fc0fa8205b3ee8808aea45e968bc90082c10aef6ea95e855e10abf4a37b2 \ --hash=sha256:95f71d2af0ff4227885f7a6605c37fd53d3a106fcab511b8860ecca9fcf400ee \ --hash=sha256:b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d \ --hash=sha256:cc8955cfbfc7a115fa81d85284ee61147059a753344bc51098f3ccd69b0d7e0c \ --hash=sha256:d13155f591e6fcc1ec3b30685d50bf0711574e2c0dfffd7644babf8b5102ca1a ================================================ FILE: tools/protoxform/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary", "py_test") licenses(["notice"]) # Apache 2 py_binary( name = "merge_active_shadow", srcs = ["merge_active_shadow.py"], deps = [ "//tools/api_proto_plugin", "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_googleapis//google/api:annotations_py_proto", "@com_google_protobuf//:protobuf_python", "@envoy_api_canonical//envoy/annotations:pkg_py_proto", ], ) py_test( name = "merge_active_shadow_test", srcs = ["merge_active_shadow_test.py"], deps = [ ":merge_active_shadow", "//tools/api_proto_plugin", "@com_google_protobuf//:protobuf_python", ], ) py_binary( name = "protoxform", srcs = [ "migrate.py", "options.py", "protoxform.py", "utils.py", ], visibility = ["//visibility:public"], deps = [ "//tools/api_proto_plugin", "//tools/type_whisperer:api_type_db_proto_py_proto", "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_googleapis//google/api:annotations_py_proto", "@envoy_api_canonical//envoy/annotations:pkg_py_proto", ], ) py_binary( name = "protoprint", srcs = [ "options.py", "protoprint.py", "utils.py", ], data = [ "//:.clang-format", "//tools/type_whisperer:api_type_db.pb_text", ], visibility = ["//visibility:public"], deps = [ "//tools/type_whisperer", "//tools/type_whisperer:api_type_db_proto_py_proto", "@com_envoyproxy_protoc_gen_validate//validate:validate_py", "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_googleapis//google/api:annotations_py_proto", "@com_google_protobuf//:protobuf_python", "@envoy_api_canonical//envoy/annotations:pkg_py_proto", ], ) ================================================ FILE: tools/protoxform/merge_active_shadow.py ================================================ # Merge active and previous version's generated next major version candidate # shadow. This involve simultaneously traversing both FileDescriptorProtos and: # 1. Recovering hidden_envoy_depreacted_* fields and enum values in active proto. # 2. Recovering deprecated (sub)message types. # 3. Misc. fixups for oneof metadata and reserved ranges/names. from collections import defaultdict import copy import pathlib import sys from tools.api_proto_plugin import type_context as api_type_context from google.protobuf import descriptor_pb2 from google.protobuf import text_format # Note: we have to include those proto definitions for text_format sanity. from google.api import annotations_pb2 as _ from validate import validate_pb2 as _ from envoy.annotations import deprecation_pb2 as _ from envoy.annotations import resource_pb2 as _ from udpa.annotations import migrate_pb2 as _ from udpa.annotations import security_pb2 as _ from udpa.annotations import sensitive_pb2 as _ from udpa.annotations import status_pb2 as _ from udpa.annotations import versioning_pb2 as _ # Set reserved_range in target_proto to reflect previous_reserved_range skipping # skip_reserved_numbers. def AdjustReservedRange(target_proto, previous_reserved_range, skip_reserved_numbers): del target_proto.reserved_range[:] for rr in previous_reserved_range: # We can only handle singleton ranges today. assert ((rr.start == rr.end) or (rr.end == rr.start + 1)) if rr.start not in skip_reserved_numbers: target_proto.reserved_range.add().MergeFrom(rr) # Merge active/shadow EnumDescriptorProtos to a fresh target EnumDescriptorProto. def MergeActiveShadowEnum(active_proto, shadow_proto, target_proto): target_proto.MergeFrom(active_proto) if not shadow_proto: return shadow_values = {v.name: v for v in shadow_proto.value} skip_reserved_numbers = [] # For every reserved name, check to see if it's in the shadow, and if so, # reintroduce in target_proto. del target_proto.reserved_name[:] for n in active_proto.reserved_name: hidden_n = 'hidden_envoy_deprecated_' + n if hidden_n in shadow_values: v = shadow_values[hidden_n] skip_reserved_numbers.append(v.number) target_proto.value.add().MergeFrom(v) else: target_proto.reserved_name.append(n) AdjustReservedRange(target_proto, active_proto.reserved_range, skip_reserved_numbers) # Special fixup for deprecation of default enum values. for tv in target_proto.value: if tv.name == 'DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE': for sv in shadow_proto.value: if sv.number == tv.number: assert (sv.number == 0) tv.CopyFrom(sv) # Adjust source code info comments path to reflect insertions of oneof fields # inside the middle of an existing collection of fields. def AdjustSourceCodeInfo(type_context, field_index, field_adjustment): def HasPathPrefix(s, t): return len(s) <= len(t) and all(p[0] == p[1] for p in zip(s, t)) for loc in type_context.source_code_info.proto.location: if HasPathPrefix(type_context.path + [2], loc.path): path_field_index = len(type_context.path) + 1 if path_field_index < len(loc.path) and loc.path[path_field_index] >= field_index: loc.path[path_field_index] += field_adjustment # Merge active/shadow DescriptorProtos to a fresh target DescriptorProto. def MergeActiveShadowMessage(type_context, active_proto, shadow_proto, target_proto): target_proto.MergeFrom(active_proto) if not shadow_proto: return shadow_fields = {f.name: f for f in shadow_proto.field} skip_reserved_numbers = [] # For every reserved name, check to see if it's in the shadow, and if so, # reintroduce in target_proto. We track both the normal fields we need to add # back in (extra_simple_fields) and those that belong to oneofs # (extra_oneof_fields). The latter require special treatment, as we can't just # append them to the end of the message, they need to be reordered. extra_simple_fields = [] extra_oneof_fields = defaultdict(list) # oneof index -> list of fields del target_proto.reserved_name[:] for n in active_proto.reserved_name: hidden_n = 'hidden_envoy_deprecated_' + n if hidden_n in shadow_fields: f = shadow_fields[hidden_n] skip_reserved_numbers.append(f.number) missing_field = copy.deepcopy(f) # oneof fields from the shadow need to have their index set to the # corresponding index in active/target_proto. if missing_field.HasField('oneof_index'): oneof_name = shadow_proto.oneof_decl[missing_field.oneof_index].name missing_oneof_index = None for oneof_index, oneof_decl in enumerate(target_proto.oneof_decl): if oneof_decl.name == oneof_name: missing_oneof_index = oneof_index if missing_oneof_index is None: missing_oneof_index = len(target_proto.oneof_decl) target_proto.oneof_decl.add().MergeFrom( shadow_proto.oneof_decl[missing_field.oneof_index]) missing_field.oneof_index = missing_oneof_index extra_oneof_fields[missing_oneof_index].append(missing_field) else: extra_simple_fields.append(missing_field) else: target_proto.reserved_name.append(n) # Copy existing fields, as we need to nuke them. existing_fields = copy.deepcopy(target_proto.field) del target_proto.field[:] # Rebuild fields, taking into account extra_oneof_fields. protoprint.py # expects that oneof fields are consecutive, so need to sort for this. current_oneof_index = None def AppendExtraOneofFields(current_oneof_index, last_oneof_field_index): # Add fields from extra_oneof_fields for current_oneof_index. for oneof_f in extra_oneof_fields[current_oneof_index]: target_proto.field.add().MergeFrom(oneof_f) field_adjustment = len(extra_oneof_fields[current_oneof_index]) # Fixup the comments in source code info. Note that this is really # inefficient, O(N^2) in the worst case, but since we have relatively few # deprecated fields, is the easiest to implement method. if last_oneof_field_index is not None: AdjustSourceCodeInfo(type_context, last_oneof_field_index, field_adjustment) del extra_oneof_fields[current_oneof_index] return field_adjustment field_index = 0 for f in existing_fields: if current_oneof_index is not None: field_oneof_index = f.oneof_index if f.HasField('oneof_index') else None # Are we exiting the oneof? If so, add the respective extra_one_fields. if field_oneof_index != current_oneof_index: field_index += AppendExtraOneofFields(current_oneof_index, field_index) current_oneof_index = field_oneof_index elif f.HasField('oneof_index'): current_oneof_index = f.oneof_index target_proto.field.add().MergeFrom(f) field_index += 1 if current_oneof_index is not None: # No need to adjust source code info here, since there are no comments for # trailing deprecated fields, so just set field index to None. AppendExtraOneofFields(current_oneof_index, None) # Non-oneof fields are easy to treat, we just append them to the existing # fields. They don't get any comments, but that's fine in the generated # shadows. for f in extra_simple_fields: target_proto.field.add().MergeFrom(f) for oneof_index in sorted(extra_oneof_fields.keys()): for f in extra_oneof_fields[oneof_index]: target_proto.field.add().MergeFrom(f) # Same is true for oneofs that are exclusively from the shadow. AdjustReservedRange(target_proto, active_proto.reserved_range, skip_reserved_numbers) # Visit nested message types del target_proto.nested_type[:] shadow_msgs = {msg.name: msg for msg in shadow_proto.nested_type} for index, msg in enumerate(active_proto.nested_type): MergeActiveShadowMessage( type_context.ExtendNestedMessage(index, msg.name, msg.options.deprecated), msg, shadow_msgs.get(msg.name), target_proto.nested_type.add()) # Visit nested enum types del target_proto.enum_type[:] shadow_enums = {msg.name: msg for msg in shadow_proto.enum_type} for enum in active_proto.enum_type: MergeActiveShadowEnum(enum, shadow_enums.get(enum.name), target_proto.enum_type.add()) # Ensure target has any deprecated sub-message types in case they are needed. active_msg_names = set([msg.name for msg in active_proto.nested_type]) for msg in shadow_proto.nested_type: if msg.name not in active_msg_names: target_proto.nested_type.add().MergeFrom(msg) # Merge active/shadow FileDescriptorProtos, returning a the resulting FileDescriptorProto. def MergeActiveShadowFile(active_file_proto, shadow_file_proto): target_file_proto = copy.deepcopy(active_file_proto) source_code_info = api_type_context.SourceCodeInfo(target_file_proto.name, target_file_proto.source_code_info) package_type_context = api_type_context.TypeContext(source_code_info, target_file_proto.package) # Visit message types del target_file_proto.message_type[:] shadow_msgs = {msg.name: msg for msg in shadow_file_proto.message_type} for index, msg in enumerate(active_file_proto.message_type): MergeActiveShadowMessage( package_type_context.ExtendMessage(index, msg.name, msg.options.deprecated), msg, shadow_msgs.get(msg.name), target_file_proto.message_type.add()) # Visit enum types del target_file_proto.enum_type[:] shadow_enums = {msg.name: msg for msg in shadow_file_proto.enum_type} for enum in active_file_proto.enum_type: MergeActiveShadowEnum(enum, shadow_enums.get(enum.name), target_file_proto.enum_type.add()) # Ensure target has any deprecated message types in case they are needed. active_msg_names = set([msg.name for msg in active_file_proto.message_type]) for msg in shadow_file_proto.message_type: if msg.name not in active_msg_names: target_file_proto.message_type.add().MergeFrom(msg) return target_file_proto if __name__ == '__main__': active_src, shadow_src, dst = sys.argv[1:] active_proto = descriptor_pb2.FileDescriptorProto() text_format.Merge(pathlib.Path(active_src).read_text(), active_proto) shadow_proto = descriptor_pb2.FileDescriptorProto() text_format.Merge(pathlib.Path(shadow_src).read_text(), shadow_proto) pathlib.Path(dst).write_text(str(MergeActiveShadowFile(active_proto, shadow_proto))) ================================================ FILE: tools/protoxform/merge_active_shadow_test.py ================================================ import unittest import merge_active_shadow from tools.api_proto_plugin import type_context as api_type_context from google.protobuf import descriptor_pb2 from google.protobuf import text_format class MergeActiveShadowTest(unittest.TestCase): # Dummy type context for tests that don't care about this. def fakeTypeContext(self): fake_source_code_info = descriptor_pb2.SourceCodeInfo() source_code_info = api_type_context.SourceCodeInfo('fake', fake_source_code_info) return api_type_context.TypeContext(source_code_info, 'fake_package') # Poor man's text proto equivalence. Tensorflow has better tools for this, # i.e. assertProto2Equal. def assertTextProtoEq(self, lhs, rhs): self.assertMultiLineEqual(lhs.strip(), rhs.strip()) def testAdjustReservedRange(self): """AdjustReservedRange removes specified skip_reserved_numbers.""" desc_pb_text = """ reserved_range { start: 41 end: 41 } reserved_range { start: 42 end: 42 } reserved_range { start: 43 end: 44 } reserved_range { start: 50 end: 51 } """ desc = descriptor_pb2.DescriptorProto() text_format.Merge(desc_pb_text, desc) target = descriptor_pb2.DescriptorProto() merge_active_shadow.AdjustReservedRange(target, desc.reserved_range, [42, 43]) target_pb_text = """ reserved_range { start: 41 end: 41 } reserved_range { start: 50 end: 51 } """ self.assertTextProtoEq(target_pb_text, str(target)) def testMergeActiveShadowEnum(self): """MergeActiveShadowEnum recovers shadow values.""" active_pb_text = """ value { number: 1 name: "foo" } value { number: 0 name: "DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE" } value { number: 3 name: "bar" } reserved_name: "baz" reserved_range { start: 2 end: 3 } """ active_proto = descriptor_pb2.EnumDescriptorProto() text_format.Merge(active_pb_text, active_proto) shadow_pb_text = """ value { number: 1 name: "foo" } value { number: 0 name: "wow" } value { number: 3 name: "bar" } value { number: 2 name: "hidden_envoy_deprecated_baz" } value { number: 4 name: "hidden_envoy_deprecated_huh" } """ shadow_proto = descriptor_pb2.EnumDescriptorProto() text_format.Merge(shadow_pb_text, shadow_proto) target_proto = descriptor_pb2.EnumDescriptorProto() merge_active_shadow.MergeActiveShadowEnum(active_proto, shadow_proto, target_proto) target_pb_text = """ value { name: "foo" number: 1 } value { name: "wow" number: 0 } value { name: "bar" number: 3 } value { name: "hidden_envoy_deprecated_baz" number: 2 } """ self.assertTextProtoEq(target_pb_text, str(target_proto)) def testMergeActiveShadowMessageComments(self): """MergeActiveShadowMessage preserves comment field correspondence.""" active_pb_text = """ field { number: 9 name: "oneof_1_0" oneof_index: 0 } field { number: 1 name: "simple_field_0" } field { number: 0 name: "oneof_2_0" oneof_index: 2 } field { number: 8 name: "oneof_2_1" oneof_index: 2 } field { number: 3 name: "oneof_0_0" oneof_index: 1 } field { number: 4 name: "newbie" } field { number: 7 name: "oneof_3_0" oneof_index: 3 } reserved_name: "missing_oneof_field_0" reserved_name: "missing_oneof_field_1" reserved_name: "missing_oneof_field_2" oneof_decl { name: "oneof_0" } oneof_decl { name: "oneof_1" } oneof_decl { name: "oneof_2" } oneof_decl { name: "oneof_3" } """ active_proto = descriptor_pb2.DescriptorProto() text_format.Merge(active_pb_text, active_proto) active_source_code_info_text = """ location { path: [4, 1, 2, 4] leading_comments: "field_4" } location { path: [4, 1, 2, 5] leading_comments: "field_5" } location { path: [4, 1, 2, 3] leading_comments: "field_3" } location { path: [4, 1, 2, 0] leading_comments: "field_0" } location { path: [4, 1, 2, 1] leading_comments: "field_1" } location { path: [4, 0, 2, 2] leading_comments: "ignore_0" } location { path: [4, 1, 2, 6] leading_comments: "field_6" } location { path: [4, 1, 2, 2] leading_comments: "field_2" } location { path: [3] leading_comments: "ignore_1" } """ active_source_code_info = descriptor_pb2.SourceCodeInfo() text_format.Merge(active_source_code_info_text, active_source_code_info) shadow_pb_text = """ field { number: 10 name: "hidden_envoy_deprecated_missing_oneof_field_0" oneof_index: 0 } field { number: 11 name: "hidden_envoy_deprecated_missing_oneof_field_1" oneof_index: 3 } field { number: 11 name: "hidden_envoy_deprecated_missing_oneof_field_2" oneof_index: 2 } oneof_decl { name: "oneof_0" } oneof_decl { name: "oneof_1" } oneof_decl { name: "oneof_2" } oneof_decl { name: "some_removed_oneof" } oneof_decl { name: "oneof_3" } """ shadow_proto = descriptor_pb2.DescriptorProto() text_format.Merge(shadow_pb_text, shadow_proto) target_proto = descriptor_pb2.DescriptorProto() source_code_info = api_type_context.SourceCodeInfo('fake', active_source_code_info) fake_type_context = api_type_context.TypeContext(source_code_info, 'fake_package') merge_active_shadow.MergeActiveShadowMessage(fake_type_context.ExtendMessage(1, "foo", False), active_proto, shadow_proto, target_proto) target_pb_text = """ field { name: "oneof_1_0" number: 9 oneof_index: 0 } field { name: "hidden_envoy_deprecated_missing_oneof_field_0" number: 10 oneof_index: 0 } field { name: "simple_field_0" number: 1 } field { name: "oneof_2_0" number: 0 oneof_index: 2 } field { name: "oneof_2_1" number: 8 oneof_index: 2 } field { name: "hidden_envoy_deprecated_missing_oneof_field_2" number: 11 oneof_index: 2 } field { name: "oneof_0_0" number: 3 oneof_index: 1 } field { name: "newbie" number: 4 } field { name: "oneof_3_0" number: 7 oneof_index: 3 } field { name: "hidden_envoy_deprecated_missing_oneof_field_1" number: 11 oneof_index: 4 } oneof_decl { name: "oneof_0" } oneof_decl { name: "oneof_1" } oneof_decl { name: "oneof_2" } oneof_decl { name: "oneof_3" } oneof_decl { name: "some_removed_oneof" } """ target_source_code_info_text = """ location { path: 4 path: 1 path: 2 path: 6 leading_comments: "field_4" } location { path: 4 path: 1 path: 2 path: 7 leading_comments: "field_5" } location { path: 4 path: 1 path: 2 path: 4 leading_comments: "field_3" } location { path: 4 path: 1 path: 2 path: 0 leading_comments: "field_0" } location { path: 4 path: 1 path: 2 path: 2 leading_comments: "field_1" } location { path: 4 path: 0 path: 2 path: 2 leading_comments: "ignore_0" } location { path: 4 path: 1 path: 2 path: 8 leading_comments: "field_6" } location { path: 4 path: 1 path: 2 path: 3 leading_comments: "field_2" } location { path: 3 leading_comments: "ignore_1" } """ self.maxDiff = None self.assertTextProtoEq(target_pb_text, str(target_proto)) self.assertTextProtoEq(target_source_code_info_text, str(fake_type_context.source_code_info.proto)) def testMergeActiveShadowMessage(self): """MergeActiveShadowMessage recovers shadow fields with oneofs.""" active_pb_text = """ field { number: 1 name: "foo" } field { number: 0 name: "bar" oneof_index: 2 } field { number: 3 name: "baz" } field { number: 4 name: "newbie" } reserved_name: "wow" reserved_range { start: 2 end: 3 } oneof_decl { name: "ign" } oneof_decl { name: "ign2" } oneof_decl { name: "some_oneof" } """ active_proto = descriptor_pb2.DescriptorProto() text_format.Merge(active_pb_text, active_proto) shadow_pb_text = """ field { number: 1 name: "foo" } field { number: 0 name: "bar" } field { number: 3 name: "baz" } field { number: 2 name: "hidden_envoy_deprecated_wow" oneof_index: 0 } oneof_decl { name: "some_oneof" } """ shadow_proto = descriptor_pb2.DescriptorProto() text_format.Merge(shadow_pb_text, shadow_proto) target_proto = descriptor_pb2.DescriptorProto() merge_active_shadow.MergeActiveShadowMessage(self.fakeTypeContext(), active_proto, shadow_proto, target_proto) target_pb_text = """ field { name: "foo" number: 1 } field { name: "bar" number: 0 oneof_index: 2 } field { name: "hidden_envoy_deprecated_wow" number: 2 oneof_index: 2 } field { name: "baz" number: 3 } field { name: "newbie" number: 4 } oneof_decl { name: "ign" } oneof_decl { name: "ign2" } oneof_decl { name: "some_oneof" } """ self.assertTextProtoEq(target_pb_text, str(target_proto)) def testMergeActiveShadowMessageNoShadowMessage(self): """MergeActiveShadowMessage doesn't require a shadow message for new nested active messages.""" active_proto = descriptor_pb2.DescriptorProto() shadow_proto = descriptor_pb2.DescriptorProto() active_proto.nested_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() merge_active_shadow.MergeActiveShadowMessage(self.fakeTypeContext(), active_proto, shadow_proto, target_proto) self.assertEqual(target_proto.nested_type[0].name, 'foo') def testMergeActiveShadowMessageNoShadowEnum(self): """MergeActiveShadowMessage doesn't require a shadow enum for new nested active enums.""" active_proto = descriptor_pb2.DescriptorProto() shadow_proto = descriptor_pb2.DescriptorProto() active_proto.enum_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() merge_active_shadow.MergeActiveShadowMessage(self.fakeTypeContext(), active_proto, shadow_proto, target_proto) self.assertEqual(target_proto.enum_type[0].name, 'foo') def testMergeActiveShadowMessageMissing(self): """MergeActiveShadowMessage recovers missing messages from shadow.""" active_proto = descriptor_pb2.DescriptorProto() shadow_proto = descriptor_pb2.DescriptorProto() shadow_proto.nested_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() merge_active_shadow.MergeActiveShadowMessage(self.fakeTypeContext(), active_proto, shadow_proto, target_proto) self.assertEqual(target_proto.nested_type[0].name, 'foo') def testMergeActiveShadowFileMissing(self): """MergeActiveShadowFile recovers missing messages from shadow.""" active_proto = descriptor_pb2.FileDescriptorProto() shadow_proto = descriptor_pb2.FileDescriptorProto() shadow_proto.message_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() target_proto = merge_active_shadow.MergeActiveShadowFile(active_proto, shadow_proto) self.assertEqual(target_proto.message_type[0].name, 'foo') def testMergeActiveShadowFileNoShadowMessage(self): """MergeActiveShadowFile doesn't require a shadow message for new active messages.""" active_proto = descriptor_pb2.FileDescriptorProto() shadow_proto = descriptor_pb2.FileDescriptorProto() active_proto.message_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() target_proto = merge_active_shadow.MergeActiveShadowFile(active_proto, shadow_proto) self.assertEqual(target_proto.message_type[0].name, 'foo') def testMergeActiveShadowFileNoShadowEnum(self): """MergeActiveShadowFile doesn't require a shadow enum for new active enums.""" active_proto = descriptor_pb2.FileDescriptorProto() shadow_proto = descriptor_pb2.FileDescriptorProto() active_proto.enum_type.add().name = 'foo' target_proto = descriptor_pb2.DescriptorProto() target_proto = merge_active_shadow.MergeActiveShadowFile(active_proto, shadow_proto) self.assertEqual(target_proto.enum_type[0].name, 'foo') # TODO(htuch): add some test for recursion. if __name__ == '__main__': unittest.main() ================================================ FILE: tools/protoxform/migrate.py ================================================ # API upgrade business logic. import copy import re from tools.api_proto_plugin import traverse from tools.api_proto_plugin import visitor from tools.protoxform import options from tools.protoxform import utils from envoy_api_canonical.envoy.annotations import resource_pb2 from udpa.annotations import migrate_pb2 from udpa.annotations import status_pb2 from google.api import annotations_pb2 ENVOY_API_TYPE_REGEX_STR = 'envoy_api_(msg|enum_value|field|enum)_([\w\.]+)' ENVOY_COMMENT_WITH_TYPE_REGEX = re.compile('<%s>|:ref:`%s`' % (ENVOY_API_TYPE_REGEX_STR, ENVOY_API_TYPE_REGEX_STR)) class UpgradeVisitor(visitor.Visitor): """Visitor to generate an upgraded proto from a FileDescriptor proto. See visitor.Visitor for visitor method docs comments. """ def __init__(self, n, typedb, envoy_internal_shadow, package_version_status): self._base_version = n self._typedb = typedb self._envoy_internal_shadow = envoy_internal_shadow self._package_version_status = package_version_status def _UpgradedComment(self, c): def UpgradeType(match): # We're upgrading a type within a RST anchor reference here. These are # stylized and match the output format of tools/protodoc. We need to do # some special handling of field/enum values, and also the normalization # that was performed in v2 for envoy.api.v2 types. label_ref_type, label_normalized_type_name, section_ref_type, section_normalized_type_name = match.groups( ) if label_ref_type is not None: ref_type = label_ref_type normalized_type_name = label_normalized_type_name else: ref_type = section_ref_type normalized_type_name = section_normalized_type_name if ref_type == 'field' or ref_type == 'enum_value': normalized_type_name, residual = normalized_type_name.rsplit('.', 1) else: residual = '' type_name = 'envoy.' + normalized_type_name api_v2_type_name = 'envoy.api.v2.' + normalized_type_name if type_name in self._typedb.types: type_desc = self._typedb.types[type_name] else: # We need to deal with envoy.api.* normalization in the v2 API. We won't # need this in v3+, so rather than churn docs, we just have this workaround. type_desc = self._typedb.types[api_v2_type_name] repl_type = type_desc.next_version_type_name[ len('envoy.'):] if type_desc.next_version_type_name else normalized_type_name # TODO(htuch): this should really either go through the type database or # via the descriptor pool and annotations, but there are only two of these # we need for the initial v2 -> v3 docs cut, so hard coding for now. # Tracked at https://github.com/envoyproxy/envoy/issues/9734. if repl_type == 'config.route.v3.RouteAction': if residual == 'host_rewrite': residual = 'host_rewrite_literal' elif residual == 'auto_host_rewrite_header': residual = 'auto_host_rewrite' new_ref = 'envoy_api_%s_%s%s' % (ref_type, repl_type, '.' + residual if residual else '') if label_ref_type is not None: return '<%s>' % new_ref else: return ':ref:`%s`' % new_ref return re.sub(ENVOY_COMMENT_WITH_TYPE_REGEX, UpgradeType, c) def _UpgradedPostMethod(self, m): return re.sub(r'^/v%d/' % self._base_version, '/v%d/' % (self._base_version + 1), m) # Upgraded type using canonical type naming, e.g. foo.bar. def _UpgradedTypeCanonical(self, t): if not t.startswith('envoy'): return t type_desc = self._typedb.types[t] if type_desc.next_version_type_name: return type_desc.next_version_type_name return t # Upgraded type using internal type naming, e.g. .foo.bar. def _UpgradedType(self, t): if not t.startswith('.envoy'): return t return '.' + self._UpgradedTypeCanonical(t[1:]) def _Deprecate(self, proto, field_or_value): """Deprecate a field or value in a message/enum proto. Args: proto: DescriptorProto or EnumDescriptorProto message. field_or_value: field or value inside proto. """ if self._envoy_internal_shadow: field_or_value.name = 'hidden_envoy_deprecated_' + field_or_value.name else: reserved = proto.reserved_range.add() reserved.start = field_or_value.number reserved.end = field_or_value.number + 1 proto.reserved_name.append(field_or_value.name) options.AddHideOption(field_or_value.options) def _Rename(self, proto, migrate_annotation): """Rename a field/enum/service/message Args: proto: DescriptorProto or corresponding proto message migrate_annotation: udpa.annotations.MigrateAnnotation message """ if migrate_annotation.rename: proto.name = migrate_annotation.rename migrate_annotation.rename = "" def _OneofPromotion(self, msg_proto, field_proto, migrate_annotation): """Promote a field to a oneof. Args: msg_proto: DescriptorProto for message containing field. field_proto: FieldDescriptorProto for field. migrate_annotation: udpa.annotations.FieldMigrateAnnotation message """ if migrate_annotation.oneof_promotion: oneof_index = -1 for n, oneof_decl in enumerate(msg_proto.oneof_decl): if oneof_decl.name == migrate_annotation.oneof_promotion: oneof_index = n if oneof_index == -1: oneof_index = len(msg_proto.oneof_decl) oneof_decl = msg_proto.oneof_decl.add() oneof_decl.name = migrate_annotation.oneof_promotion field_proto.oneof_index = oneof_index migrate_annotation.oneof_promotion = "" def VisitService(self, service_proto, type_context): upgraded_proto = copy.deepcopy(service_proto) for m in upgraded_proto.method: if m.options.HasExtension(annotations_pb2.http): http_options = m.options.Extensions[annotations_pb2.http] # TODO(htuch): figure out a more systematic approach using the type DB # to service upgrade. http_options.post = self._UpgradedPostMethod(http_options.post) m.input_type = self._UpgradedType(m.input_type) m.output_type = self._UpgradedType(m.output_type) if service_proto.options.HasExtension(resource_pb2.resource): upgraded_proto.options.Extensions[resource_pb2.resource].type = self._UpgradedTypeCanonical( service_proto.options.Extensions[resource_pb2.resource].type) return upgraded_proto def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): upgraded_proto = copy.deepcopy(msg_proto) if upgraded_proto.options.deprecated and not self._envoy_internal_shadow: options.AddHideOption(upgraded_proto.options) options.SetVersioningAnnotation(upgraded_proto.options, type_context.name) # Mark deprecated fields as ready for deletion by protoxform. for f in upgraded_proto.field: if f.options.deprecated: self._Deprecate(upgraded_proto, f) if self._envoy_internal_shadow: # When shadowing, we use the upgraded version of types (which should # themselves also be shadowed), to allow us to avoid unnecessary # references to the previous version (and complexities around # upgrading during API boosting). f.type_name = self._UpgradedType(f.type_name) else: # Make sure the type name is erased so it isn't picked up by protoxform # when computing deps. f.type_name = "" else: f.type_name = self._UpgradedType(f.type_name) if f.options.HasExtension(migrate_pb2.field_migrate): field_migrate = f.options.Extensions[migrate_pb2.field_migrate] self._Rename(f, field_migrate) self._OneofPromotion(upgraded_proto, f, field_migrate) # Upgrade nested messages. del upgraded_proto.nested_type[:] upgraded_proto.nested_type.extend(nested_msgs) # Upgrade enums. del upgraded_proto.enum_type[:] upgraded_proto.enum_type.extend(nested_enums) return upgraded_proto def VisitEnum(self, enum_proto, type_context): upgraded_proto = copy.deepcopy(enum_proto) if upgraded_proto.options.deprecated and not self._envoy_internal_shadow: options.AddHideOption(upgraded_proto.options) for v in upgraded_proto.value: if v.options.deprecated: # We need special handling for the zero field, as proto3 needs some value # here. if v.number == 0 and not self._envoy_internal_shadow: v.name = 'DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE' else: # Mark deprecated enum values as ready for deletion by protoxform. self._Deprecate(upgraded_proto, v) elif v.options.HasExtension(migrate_pb2.enum_value_migrate): self._Rename(v, v.options.Extensions[migrate_pb2.enum_value_migrate]) return upgraded_proto def VisitFile(self, file_proto, type_context, services, msgs, enums): upgraded_proto = copy.deepcopy(file_proto) # Upgrade imports. upgraded_proto.dependency[:] = [ dependency for dependency in upgraded_proto.dependency if dependency not in ("udpa/annotations/migrate.proto") ] # Upgrade package. upgraded_proto.package = self._typedb.next_version_protos[upgraded_proto.name].qualified_package upgraded_proto.name = self._typedb.next_version_protos[upgraded_proto.name].proto_path upgraded_proto.options.ClearExtension(migrate_pb2.file_migrate) upgraded_proto.options.Extensions[ status_pb2.file_status].package_version_status = self._package_version_status # Upgrade comments. for location in upgraded_proto.source_code_info.location: location.leading_comments = self._UpgradedComment(location.leading_comments) location.trailing_comments = self._UpgradedComment(location.trailing_comments) for n, c in enumerate(location.leading_detached_comments): location.leading_detached_comments[n] = self._UpgradedComment(c) # Upgrade services. del upgraded_proto.service[:] upgraded_proto.service.extend(services) # Upgrade messages. del upgraded_proto.message_type[:] upgraded_proto.message_type.extend(msgs) # Upgrade enums. del upgraded_proto.enum_type[:] upgraded_proto.enum_type.extend(enums) return upgraded_proto def VersionUpgradeXform(n, envoy_internal_shadow, file_proto, params): """Transform a FileDescriptorProto from vN[alpha\d] to v(N+1). Args: n: version N to upgrade from. envoy_internal_shadow: generate a shadow for Envoy internal use containing deprecated fields. file_proto: vN[alpha\d] FileDescriptorProto message. params: plugin parameters. Returns: v(N+1) FileDescriptorProto message. """ # Load type database. if params['type_db_path']: utils.LoadTypeDb(params['type_db_path']) typedb = utils.GetTypeDb() # If this isn't a proto in an upgraded package, return None. if file_proto.name not in typedb.next_version_protos or not typedb.next_version_protos[ file_proto.name]: return None # Otherwise, this .proto needs upgrading, do it. freeze = 'extra_args' in params and params['extra_args'] == 'freeze' existing_pkg_version_status = file_proto.options.Extensions[ status_pb2.file_status].package_version_status # Normally, we are generating the NEXT_MAJOR_VERSION_CANDIDATE. However, if # freezing and previously this was the active major version, the migrated # version is now the ACTIVE version. if freeze and existing_pkg_version_status == status_pb2.ACTIVE: package_version_status = status_pb2.ACTIVE else: package_version_status = status_pb2.NEXT_MAJOR_VERSION_CANDIDATE return traverse.TraverseFile( file_proto, UpgradeVisitor(n, typedb, envoy_internal_shadow, package_version_status)) ================================================ FILE: tools/protoxform/options.py ================================================ # Manage internal options on messages/enums/fields/enum values. from udpa.annotations import versioning_pb2 def AddHideOption(options): """Mark message/enum/field/enum value as hidden. Hidden messages are ignored when generating output. Args: options: MessageOptions/EnumOptions/FieldOptions/EnumValueOptions message. """ hide_option = options.uninterpreted_option.add() hide_option.name.add().name_part = 'protoxform_hide' def HasHideOption(options): """Is message/enum/field/enum value hidden? Hidden messages are ignored when generating output. Args: options: MessageOptions/EnumOptions/FieldOptions/EnumValueOptions message. Returns: Hidden status. """ return any( option.name[0].name_part == 'protoxform_hide' for option in options.uninterpreted_option) def SetVersioningAnnotation(options, previous_message_type): """Set the udpa.annotations.versioning option. Used by Envoy to chain back through the message type history. Args: options: MessageOptions message. previous_message_type: string with earlier API type name for the message. """ options.Extensions[versioning_pb2.versioning].previous_message_type = previous_message_type def GetVersioningAnnotation(options): """Get the udpa.annotations.versioning option. Used by Envoy to chain back through the message type history. Args: options: MessageOptions message. Returns: versioning.Annotation if set otherwise None. """ if not options.HasExtension(versioning_pb2.versioning): return None return options.Extensions[versioning_pb2.versioning] ================================================ FILE: tools/protoxform/protoprint.py ================================================ # FileDescriptorProtos pretty-printer tool. # # protoprint.py provides the canonical .proto formatting for the Envoy APIs. # # See https://github.com/google/protobuf/blob/master/src/google/protobuf/descriptor.proto # for the underlying protos mentioned in this file. # # Usage: protoprint.py from collections import deque import copy import functools import io import os import pathlib import re import subprocess import sys from tools.api_proto_plugin import annotations from tools.api_proto_plugin import plugin from tools.api_proto_plugin import traverse from tools.api_proto_plugin import visitor from tools.protoxform import options as protoxform_options from tools.protoxform import utils from tools.type_whisperer import type_whisperer from tools.type_whisperer.types_pb2 import Types from google.protobuf import descriptor_pb2 from google.protobuf import text_format # Note: we have to include those proto definitions to make FormatOptions work, # this also serves as allowlist of extended options. from google.api import annotations_pb2 as _ from validate import validate_pb2 as _ from envoy.annotations import deprecation_pb2 as _ from envoy.annotations import resource_pb2 from udpa.annotations import migrate_pb2 from udpa.annotations import security_pb2 as _ from udpa.annotations import sensitive_pb2 as _ from udpa.annotations import status_pb2 NEXT_FREE_FIELD_MIN = 5 class ProtoPrintError(Exception): """Base error class for the protoprint module.""" def ExtractClangProtoStyle(clang_format_text): """Extract a key:value dictionary for proto formatting. Args: clang_format_text: text from a .clang-format file. Returns: key:value dictionary suitable for passing to clang-format --style. """ lang = None format_dict = {} for line in clang_format_text.split('\n'): if lang is None or lang != 'Proto': match = re.match('Language:\s+(\w+)', line) if match: lang = match.group(1) continue match = re.match('(\w+):\s+(\w+)', line) if match: key, value = match.groups() format_dict[key] = value else: break return str(format_dict) # Ensure we are using the canonical clang-format proto style. CLANG_FORMAT_STYLE = ExtractClangProtoStyle(pathlib.Path('.clang-format').read_text()) def ClangFormat(contents): """Run proto-style oriented clang-format over given string. Args: contents: a string with proto contents. Returns: clang-formatted string """ return subprocess.run( ['clang-format', '--style=%s' % CLANG_FORMAT_STYLE, '--assume-filename=.proto'], input=contents.encode('utf-8'), stdout=subprocess.PIPE).stdout def FormatBlock(block): """Append \n to a .proto section (e.g. comment, message definition, etc.) if non-empty. Args: block: a string representing the section. Returns: A string with appropriate whitespace. """ if block.strip(): return block + '\n' return '' def FormatComments(comments): """Format a list of comment blocks from SourceCodeInfo. Prefixes // to each line, separates blocks by spaces. Args: comments: a list of blocks, each block is a list of strings representing lines in each block. Returns: A string reprenting the formatted comment blocks. """ # TODO(htuch): not sure why this is needed, but clang-format does some weird # stuff with // comment indents when we have these trailing \ def FixupTrailingBackslash(s): return s[:-1].rstrip() if s.endswith('\\') else s comments = '\n\n'.join( '\n'.join(['//%s' % FixupTrailingBackslash(line) for line in comment.split('\n')[:-1]]) for comment in comments) return FormatBlock(comments) def CreateNextFreeFieldXform(msg_proto): """Return the next free field number annotation transformer of a message. Args: msg_proto: DescriptorProto for message. Returns: the next free field number annotation transformer. """ next_free = max( sum([ [f.number + 1 for f in msg_proto.field], [rr.end for rr in msg_proto.reserved_range], [ex.end for ex in msg_proto.extension_range], ], [1])) return lambda _: next_free if next_free > NEXT_FREE_FIELD_MIN else None def FormatTypeContextComments(type_context, annotation_xforms=None): """Format the leading/trailing comments in a given TypeContext. Args: type_context: contextual information for message/enum/field. annotation_xforms: a dict of transformers for annotations in leading comment. Returns: Tuple of formatted leading and trailing comment blocks. """ leading_comment = type_context.leading_comment if annotation_xforms: leading_comment = leading_comment.getCommentWithTransforms(annotation_xforms) leading = FormatComments(list(type_context.leading_detached_comments) + [leading_comment.raw]) trailing = FormatBlock(FormatComments([type_context.trailing_comment])) return leading, trailing def FormatHeaderFromFile(source_code_info, file_proto, empty_file): """Format proto header. Args: source_code_info: SourceCodeInfo object. file_proto: FileDescriptorProto for file. empty_file: are there no message/enum/service defs in file? Returns: Formatted proto header as a string. """ # Load the type database. typedb = utils.GetTypeDb() # Figure out type dependencies in this .proto. types = Types() text_format.Merge(traverse.TraverseFile(file_proto, type_whisperer.TypeWhispererVisitor()), types) type_dependencies = sum([list(t.type_dependencies) for t in types.types.values()], []) for service in file_proto.service: for m in service.method: type_dependencies.extend([m.input_type[1:], m.output_type[1:]]) # Determine the envoy/ import paths from type deps. envoy_proto_paths = set( typedb.types[t].proto_path for t in type_dependencies if t.startswith('envoy.') and typedb.types[t].proto_path != file_proto.name) def CamelCase(s): return ''.join(t.capitalize() for t in re.split('[\._]', s)) package_line = 'package %s;\n' % file_proto.package file_block = '\n'.join(['syntax = "proto3";\n', package_line]) options = descriptor_pb2.FileOptions() options.java_outer_classname = CamelCase(os.path.basename(file_proto.name)) for msg in file_proto.message_type: if msg.name == options.java_outer_classname: # This is a workaround for Java outer class names that would otherwise # conflict with types defined within the same proto file, see # https://github.com/envoyproxy/envoy/pull/13378. # TODO: in next major version, make this consistent. options.java_outer_classname += "OuterClass" options.java_multiple_files = True options.java_package = 'io.envoyproxy.' + file_proto.package # This is a workaround for C#/Ruby namespace conflicts between packages and # objects, see https://github.com/envoyproxy/envoy/pull/3854. # TODO(htuch): remove once v3 fixes this naming issue in # https://github.com/envoyproxy/envoy/issues/8120. if file_proto.package in ['envoy.api.v2.listener', 'envoy.api.v2.cluster']: qualified_package = '.'.join(s.capitalize() for s in file_proto.package.split('.')) + 'NS' options.csharp_namespace = qualified_package options.ruby_package = qualified_package if file_proto.service: options.java_generic_services = True if file_proto.options.HasExtension(migrate_pb2.file_migrate): options.Extensions[migrate_pb2.file_migrate].CopyFrom( file_proto.options.Extensions[migrate_pb2.file_migrate]) if file_proto.options.HasExtension( status_pb2.file_status) and file_proto.package.endswith('alpha'): options.Extensions[status_pb2.file_status].CopyFrom( file_proto.options.Extensions[status_pb2.file_status]) if not empty_file: options.Extensions[ status_pb2.file_status].package_version_status = file_proto.options.Extensions[ status_pb2.file_status].package_version_status options_block = FormatOptions(options) requires_versioning_import = any( protoxform_options.GetVersioningAnnotation(m.options) for m in file_proto.message_type) envoy_imports = list(envoy_proto_paths) google_imports = [] infra_imports = [] misc_imports = [] public_imports = [] for idx, d in enumerate(file_proto.dependency): if idx in file_proto.public_dependency: public_imports.append(d) continue elif d.startswith('envoy/annotations') or d.startswith('udpa/annotations'): infra_imports.append(d) elif d.startswith('envoy/'): # We ignore existing envoy/ imports, since these are computed explicitly # from type_dependencies. pass elif d.startswith('google/'): google_imports.append(d) elif d.startswith('validate/'): infra_imports.append(d) elif d in ['udpa/annotations/versioning.proto', 'udpa/annotations/status.proto']: # Skip, we decide to add this based on requires_versioning_import and options. pass else: misc_imports.append(d) if options.HasExtension(status_pb2.file_status): infra_imports.append('udpa/annotations/status.proto') if requires_versioning_import: infra_imports.append('udpa/annotations/versioning.proto') def FormatImportBlock(xs): if not xs: return '' return FormatBlock('\n'.join(sorted('import "%s";' % x for x in set(xs) if x))) def FormatPublicImportBlock(xs): if not xs: return '' return FormatBlock('\n'.join(sorted('import public "%s";' % x for x in xs))) import_block = '\n'.join( map(FormatImportBlock, [envoy_imports, google_imports, misc_imports, infra_imports])) import_block += '\n' + FormatPublicImportBlock(public_imports) comment_block = FormatComments(source_code_info.file_level_comments) return ''.join(map(FormatBlock, [file_block, import_block, options_block, comment_block])) def NormalizeFieldTypeName(type_context, field_fqn): """Normalize a fully qualified field type name, e.g. .envoy.foo.bar is normalized to foo.bar. Considers type context to minimize type prefix. Args: field_fqn: a fully qualified type name from FieldDescriptorProto.type_name. type_context: contextual information for message/enum/field. Returns: Normalized type name as a string. """ if field_fqn.startswith('.'): # Let's say we have type context namespace a.b.c.d.e and the type we're # trying to normalize is a.b.d.e. We take (from the end) on package fragment # at a time, and apply the inner-most evaluation that protoc performs to see # if we evaluate to the fully qualified type. If so, we're done. It's not # sufficient to compute common prefix and drop that, since in the above # example the normalized type name would be d.e, which proto resolves inner # most as a.b.c.d.e (bad) instead of the intended a.b.d.e. field_fqn_splits = field_fqn[1:].split('.') type_context_splits = type_context.name.split('.')[:-1] remaining_field_fqn_splits = deque(field_fqn_splits[:-1]) normalized_splits = deque([field_fqn_splits[-1]]) if list(remaining_field_fqn_splits)[:1] != type_context_splits[:1] and ( len(remaining_field_fqn_splits) == 0 or remaining_field_fqn_splits[0] in type_context_splits[1:]): # Notice that in some cases it is error-prone to normalize a type name. # E.g., it would be an error to replace ".external.Type" with "external.Type" # in the context of "envoy.extensions.type.external.vX.Config". # In such a context protoc resolves "external.Type" into # "envoy.extensions.type.external.Type", which is exactly what the use of a # fully-qualified name ".external.Type" was meant to prevent. # # A type SHOULD remain fully-qualified under the following conditions: # 1. its root package is different from the root package of the context type # 2. EITHER the type doesn't belong to any package at all # OR its root package has a name that collides with one of the packages # of the context type # # E.g., # a) although ".some.Type" has a different root package than the context type # "TopLevelType", it is still safe to normalize it into "some.Type" # b) although ".google.protobuf.Any" has a different root package than the context type # "envoy.api.v2.Cluster", it still safe to normalize it into "google.protobuf.Any" # c) it is error-prone to normalize ".TopLevelType" in the context of "some.Type" # into "TopLevelType" # d) it is error-prone to normalize ".external.Type" in the context of # "envoy.extensions.type.external.vX.Config" into "external.Type" return field_fqn def EquivalentInTypeContext(splits): type_context_splits_tmp = deque(type_context_splits) while type_context_splits_tmp: # If we're in a.b.c and the FQN is a.d.Foo, we want to return true once # we have type_context_splits_tmp as [a] and splits as [d, Foo]. if list(type_context_splits_tmp) + list(splits) == field_fqn_splits: return True # If we're in a.b.c.d.e.f and the FQN is a.b.d.e.Foo, we want to return True # once we have type_context_splits_tmp as [a] and splits as [b, d, e, Foo], but # not when type_context_splits_tmp is [a, b, c] and FQN is [d, e, Foo]. if len(splits) > 1 and '.'.join(type_context_splits_tmp).endswith('.'.join( list(splits)[:-1])): return False type_context_splits_tmp.pop() return False while remaining_field_fqn_splits and not EquivalentInTypeContext(normalized_splits): normalized_splits.appendleft(remaining_field_fqn_splits.pop()) # `extensions` is a keyword in proto2, and protoc will throw error if a type name # starts with `extensions.`. if normalized_splits[0] == 'extensions': normalized_splits.appendleft(remaining_field_fqn_splits.pop()) return '.'.join(normalized_splits) return field_fqn def TypeNameFromFQN(fqn): return fqn[1:] def FormatFieldType(type_context, field): """Format a FieldDescriptorProto type description. Args: type_context: contextual information for message/enum/field. field: FieldDescriptor proto. Returns: Formatted proto field type as string. """ label = 'repeated ' if field.label == field.LABEL_REPEATED else '' type_name = label + NormalizeFieldTypeName(type_context, field.type_name) if field.type == field.TYPE_MESSAGE: if type_context.map_typenames and TypeNameFromFQN( field.type_name) in type_context.map_typenames: return 'map<%s, %s>' % tuple( map(functools.partial(FormatFieldType, type_context), type_context.map_typenames[TypeNameFromFQN(field.type_name)])) return type_name elif field.type_name: return type_name pretty_type_names = { field.TYPE_DOUBLE: 'double', field.TYPE_FLOAT: 'float', field.TYPE_INT32: 'int32', field.TYPE_SFIXED32: 'int32', field.TYPE_SINT32: 'int32', field.TYPE_FIXED32: 'uint32', field.TYPE_UINT32: 'uint32', field.TYPE_INT64: 'int64', field.TYPE_SFIXED64: 'int64', field.TYPE_SINT64: 'int64', field.TYPE_FIXED64: 'uint64', field.TYPE_UINT64: 'uint64', field.TYPE_BOOL: 'bool', field.TYPE_STRING: 'string', field.TYPE_BYTES: 'bytes', } if field.type in pretty_type_names: return label + pretty_type_names[field.type] raise ProtoPrintError('Unknown field type ' + str(field.type)) def FormatServiceMethod(type_context, method): """Format a service MethodDescriptorProto. Args: type_context: contextual information for method. method: MethodDescriptorProto proto. Returns: Formatted service method as string. """ def FormatStreaming(s): return 'stream ' if s else '' leading_comment, trailing_comment = FormatTypeContextComments(type_context) return '%srpc %s(%s%s%s) returns (%s%s) {%s}\n' % ( leading_comment, method.name, trailing_comment, FormatStreaming( method.client_streaming), NormalizeFieldTypeName( type_context, method.input_type), FormatStreaming(method.server_streaming), NormalizeFieldTypeName(type_context, method.output_type), FormatOptions(method.options)) def FormatField(type_context, field): """Format FieldDescriptorProto as a proto field. Args: type_context: contextual information for message/enum/field. field: FieldDescriptor proto. Returns: Formatted proto field as a string. """ if protoxform_options.HasHideOption(field.options): return '' leading_comment, trailing_comment = FormatTypeContextComments(type_context) return '%s%s %s = %d%s;\n%s' % (leading_comment, FormatFieldType(type_context, field), field.name, field.number, FormatOptions(field.options), trailing_comment) def FormatEnumValue(type_context, value): """Format a EnumValueDescriptorProto as a proto enum value. Args: type_context: contextual information for message/enum/field. value: EnumValueDescriptorProto. Returns: Formatted proto enum value as a string. """ if protoxform_options.HasHideOption(value.options): return '' leading_comment, trailing_comment = FormatTypeContextComments(type_context) formatted_annotations = FormatOptions(value.options) return '%s%s = %d%s;\n%s' % (leading_comment, value.name, value.number, formatted_annotations, trailing_comment) def TextFormatValue(field, value): """Format the value as protobuf text format Args: field: a FieldDescriptor that describes the field value: the value stored in the field Returns: value in protobuf text format """ out = io.StringIO() text_format.PrintFieldValue(field, value, out) return out.getvalue() def FormatOptions(options): """Format *Options (e.g. MessageOptions, FieldOptions) message. Args: options: A *Options (e.g. MessageOptions, FieldOptions) message. Returns: Formatted options as a string. """ formatted_options = [] for option_descriptor, option_value in sorted(options.ListFields(), key=lambda x: x[0].number): option_name = '({})'.format( option_descriptor.full_name) if option_descriptor.is_extension else option_descriptor.name if option_descriptor.message_type and option_descriptor.label != option_descriptor.LABEL_REPEATED: formatted_options.extend([ '{}.{} = {}'.format(option_name, subfield.name, TextFormatValue(subfield, value)) for subfield, value in option_value.ListFields() ]) else: formatted_options.append('{} = {}'.format(option_name, TextFormatValue(option_descriptor, option_value))) if formatted_options: if options.DESCRIPTOR.name in ('EnumValueOptions', 'FieldOptions'): return '[{}]'.format(','.join(formatted_options)) else: return FormatBlock(''.join( 'option {};\n'.format(formatted_option) for formatted_option in formatted_options)) return '' def FormatReserved(enum_or_msg_proto): """Format reserved values/names in a [Enum]DescriptorProto. Args: enum_or_msg_proto: [Enum]DescriptorProto message. Returns: Formatted enum_or_msg_proto as a string. """ rrs = copy.deepcopy(enum_or_msg_proto.reserved_range) # Fixups for singletons that don't seem to always have [inclusive, exclusive) # format when parsed by protoc. for rr in rrs: if rr.start == rr.end: rr.end += 1 reserved_fields = FormatBlock( 'reserved %s;\n' % ','.join(map(str, sum([list(range(rr.start, rr.end)) for rr in rrs], [])))) if rrs else '' if enum_or_msg_proto.reserved_name: reserved_fields += FormatBlock('reserved %s;\n' % ', '.join('"%s"' % n for n in enum_or_msg_proto.reserved_name)) return reserved_fields class ProtoFormatVisitor(visitor.Visitor): """Visitor to generate a proto representation from a FileDescriptor proto. See visitor.Visitor for visitor method docs comments. """ def VisitService(self, service_proto, type_context): leading_comment, trailing_comment = FormatTypeContextComments(type_context) methods = '\n'.join( FormatServiceMethod(type_context.ExtendMethod(index, m.name), m) for index, m in enumerate(service_proto.method)) options = FormatBlock(FormatOptions(service_proto.options)) return '%sservice %s {\n%s%s%s\n}\n' % (leading_comment, service_proto.name, options, trailing_comment, methods) def VisitEnum(self, enum_proto, type_context): if protoxform_options.HasHideOption(enum_proto.options): return '' leading_comment, trailing_comment = FormatTypeContextComments(type_context) formatted_options = FormatOptions(enum_proto.options) reserved_fields = FormatReserved(enum_proto) values = [ FormatEnumValue(type_context.ExtendField(index, value.name), value) for index, value in enumerate(enum_proto.value) ] joined_values = ('\n' if any('//' in v for v in values) else '').join(values) return '%senum %s {\n%s%s%s%s\n}\n' % (leading_comment, enum_proto.name, trailing_comment, formatted_options, reserved_fields, joined_values) def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): # Skip messages synthesized to represent map types. if msg_proto.options.map_entry: return '' if protoxform_options.HasHideOption(msg_proto.options): return '' annotation_xforms = { annotations.NEXT_FREE_FIELD_ANNOTATION: CreateNextFreeFieldXform(msg_proto) } leading_comment, trailing_comment = FormatTypeContextComments(type_context, annotation_xforms) formatted_options = FormatOptions(msg_proto.options) formatted_enums = FormatBlock('\n'.join(nested_enums)) formatted_msgs = FormatBlock('\n'.join(nested_msgs)) reserved_fields = FormatReserved(msg_proto) # Recover the oneof structure. This needs some extra work, since # DescriptorProto just gives use fields and a oneof_index that can allow # recovery of the original oneof placement. fields = '' oneof_index = None for index, field in enumerate(msg_proto.field): if oneof_index is not None: if not field.HasField('oneof_index') or field.oneof_index != oneof_index: fields += '}\n\n' oneof_index = None if oneof_index is None and field.HasField('oneof_index'): oneof_index = field.oneof_index assert (oneof_index < len(msg_proto.oneof_decl)) oneof_proto = msg_proto.oneof_decl[oneof_index] oneof_leading_comment, oneof_trailing_comment = FormatTypeContextComments( type_context.ExtendOneof(oneof_index, field.name)) fields += '%soneof %s {\n%s%s' % (oneof_leading_comment, oneof_proto.name, oneof_trailing_comment, FormatOptions( oneof_proto.options)) fields += FormatBlock(FormatField(type_context.ExtendField(index, field.name), field)) if oneof_index is not None: fields += '}\n\n' return '%smessage %s {\n%s%s%s%s%s%s\n}\n' % (leading_comment, msg_proto.name, trailing_comment, formatted_options, formatted_enums, formatted_msgs, reserved_fields, fields) def VisitFile(self, file_proto, type_context, services, msgs, enums): empty_file = len(services) == 0 and len(enums) == 0 and len(msgs) == 0 header = FormatHeaderFromFile(type_context.source_code_info, file_proto, empty_file) formatted_services = FormatBlock('\n'.join(services)) formatted_enums = FormatBlock('\n'.join(enums)) formatted_msgs = FormatBlock('\n'.join(msgs)) return ClangFormat(header + formatted_services + formatted_enums + formatted_msgs) if __name__ == '__main__': proto_desc_path = sys.argv[1] file_proto = descriptor_pb2.FileDescriptorProto() input_text = pathlib.Path(proto_desc_path).read_text() if not input_text: sys.exit(0) text_format.Merge(input_text, file_proto) dst_path = pathlib.Path(sys.argv[2]) utils.LoadTypeDb(sys.argv[3]) dst_path.write_bytes(traverse.TraverseFile(file_proto, ProtoFormatVisitor())) ================================================ FILE: tools/protoxform/protoxform.bzl ================================================ load("//tools/api_proto_plugin:plugin.bzl", "api_proto_plugin_aspect", "api_proto_plugin_impl") def _protoxform_impl(target, ctx): return api_proto_plugin_impl( target, ctx, "proto", "protoxform", [ ".active_or_frozen.proto", ".next_major_version_candidate.proto", ".next_major_version_candidate.envoy_internal.proto", ], ) # Bazel aspect (https://docs.bazel.build/versions/master/starlark/aspects.html) # that can be invoked from the CLI to perform API transforms via //tools/protoxform for # proto_library targets. Example use: # # bazel build //api --aspects tools/protoxform/protoxform.bzl%protoxform_aspect \ # --output_groups=proto protoxform_aspect = api_proto_plugin_aspect("//tools/protoxform", _protoxform_impl, use_type_db = True) ================================================ FILE: tools/protoxform/protoxform.py ================================================ # protoc plugin to map from FileDescriptorProtos to intermediate form # # protoxform takes a source FileDescriptorProto and generates active/next major # version candidate FileDescriptorProtos. The resulting FileDescriptorProtos are # then later processed by proto_sync.py, which invokes protoprint.py to format. import copy import functools from tools.api_proto_plugin import plugin from tools.api_proto_plugin import visitor from tools.protoxform import migrate from tools.protoxform import utils # Note: we have to include those proto definitions to ensure we don't lose these # during FileDescriptorProto printing. from google.api import annotations_pb2 as _ from validate import validate_pb2 as _ from envoy_api_canonical.envoy.annotations import deprecation_pb2 as _ from envoy_api_canonical.envoy.annotations import resource_pb2 from udpa.annotations import migrate_pb2 from udpa.annotations import security_pb2 as _ from udpa.annotations import sensitive_pb2 as _ from udpa.annotations import status_pb2 class ProtoXformError(Exception): """Base error class for the protoxform module.""" class ProtoFormatVisitor(visitor.Visitor): """Visitor to generate a proto representation from a FileDescriptor proto. See visitor.Visitor for visitor method docs comments. """ def __init__(self, active_or_frozen, params): if params['type_db_path']: utils.LoadTypeDb(params['type_db_path']) self._freeze = 'extra_args' in params and params['extra_args'] == 'freeze' self._active_or_frozen = active_or_frozen def VisitService(self, service_proto, type_context): return None def VisitEnum(self, enum_proto, type_context): return None def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): return None def VisitFile(self, file_proto, type_context, services, msgs, enums): # Freeze protos that have next major version candidates. typedb = utils.GetTypeDb() output_proto = copy.deepcopy(file_proto) existing_pkg_version_status = output_proto.options.Extensions[ status_pb2.file_status].package_version_status empty_file = len(services) == 0 and len(enums) == 0 and len(msgs) == 0 pkg_version_status_exempt = file_proto.name.startswith('envoy/annotations') or empty_file # It's a format error not to set package_version_status. if existing_pkg_version_status == status_pb2.UNKNOWN and not pkg_version_status_exempt: raise ProtoXformError('package_version_status must be set in %s' % file_proto.name) # Only update package_version_status for .active_or_frozen.proto, # migrate.VersionUpgradeXform has taken care of next major version # candidates. if self._active_or_frozen and not pkg_version_status_exempt: # Freeze if this is an active package with a next major version. Preserve # frozen status otherwise. if self._freeze and typedb.next_version_protos.get(output_proto.name, None): target_pkg_version_status = status_pb2.FROZEN elif existing_pkg_version_status == status_pb2.FROZEN: target_pkg_version_status = status_pb2.FROZEN else: assert (existing_pkg_version_status == status_pb2.ACTIVE) target_pkg_version_status = status_pb2.ACTIVE output_proto.options.Extensions[ status_pb2.file_status].package_version_status = target_pkg_version_status return str(output_proto) def Main(): plugin.Plugin([ plugin.DirectOutputDescriptor('.active_or_frozen.proto', functools.partial(ProtoFormatVisitor, True), want_params=True), plugin.OutputDescriptor('.next_major_version_candidate.proto', functools.partial(ProtoFormatVisitor, False), functools.partial(migrate.VersionUpgradeXform, 2, False), want_params=True), plugin.OutputDescriptor('.next_major_version_candidate.envoy_internal.proto', functools.partial(ProtoFormatVisitor, False), functools.partial(migrate.VersionUpgradeXform, 2, True), want_params=True) ]) if __name__ == '__main__': Main() ================================================ FILE: tools/protoxform/protoxform_test.sh ================================================ #!/bin/bash set -e rm -rf bazel-bin/tools read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" BAZEL_BUILD_OPTIONS+=("--remote_download_outputs=all") TOOLS="$(dirname "$(dirname "$(realpath "$0")")")" # to satisfy dependency on run_command export PYTHONPATH="$TOOLS" # protoxform fix test cases PROTO_TARGETS=() protos=$(bazel query "labels(srcs, labels(deps, //tools/testdata/protoxform:fix_protos))") while read -r line; do PROTO_TARGETS+=("$line"); done \ <<< "$protos" bazel build "${BAZEL_BUILD_OPTIONS[@]}" --//tools/api_proto_plugin:default_type_db_target=//tools/testdata/protoxform:fix_protos \ //tools/testdata/protoxform:fix_protos --aspects //tools/protoxform:protoxform.bzl%protoxform_aspect --output_groups=proto bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:protoprint ./tools/protoxform/protoxform_test_helper.py fix "${PROTO_TARGETS[@]}" # protoxform freeze test cases PROTO_TARGETS=() protos=$(bazel query "labels(srcs, labels(deps, //tools/testdata/protoxform:freeze_protos))") while read -r line; do PROTO_TARGETS+=("$line"); done \ <<< "$protos" bazel build "${BAZEL_BUILD_OPTIONS[@]}" --//tools/api_proto_plugin:default_type_db_target=//tools/testdata/protoxform:freeze_protos \ --//tools/api_proto_plugin:extra_args=freeze \ //tools/testdata/protoxform:freeze_protos --aspects //tools/protoxform:protoxform.bzl%protoxform_aspect --output_groups=proto bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:protoprint ./tools/protoxform/protoxform_test_helper.py freeze "${PROTO_TARGETS[@]}" ================================================ FILE: tools/protoxform/protoxform_test_helper.py ================================================ #!/usr/bin/env python3 from run_command import runCommand import logging import os import pathlib import re import subprocess import sys import tempfile def PathAndFilename(label): """Retrieve actual path and filename from bazel label Args: label: bazel label to specify target proto. Returns: actual path and filename """ if label.startswith('/'): label = label.replace('//', '/', 1) elif label.startswith('@'): label = re.sub(r'@.*/', '/', label) else: return label label = label.replace(":", "/") splitted_label = label.split('/') return ['/'.join(splitted_label[:len(splitted_label) - 1]), splitted_label[-1]] def GoldenProtoFile(path, filename, version): """Retrieve golden proto file path. In general, those are placed in tools/testdata/protoxform. Args: path: target proto path filename: target proto filename version: api version to specify target golden proto filename Returns: actual golden proto absolute path """ base = "./" base += path + "/" + filename + "." + version + ".gold" return os.path.abspath(base) def ProtoPrint(src, dst): """Pretty-print FileDescriptorProto to a destination file. Args: src: source path for FileDescriptorProto. dst: destination path for formatted proto. """ print('ProtoPrint %s -> %s' % (src, dst)) subprocess.check_call([ 'bazel-bin/tools/protoxform/protoprint', src, dst, './bazel-bin/tools/protoxform/protoprint.runfiles/envoy/tools/type_whisperer/api_type_db.pb_text' ]) def ResultProtoFile(cmd, path, tmp, filename, version): """Retrieve result proto file path. In general, those are placed in bazel artifacts. Args: cmd: fix or freeze? path: target proto path tmp: temporary directory. filename: target proto filename version: api version to specify target result proto filename Returns: actual result proto absolute path """ base = "./bazel-bin" base += os.path.join(path, "%s_protos" % cmd) base += os.path.join(base, path) base += "/{0}.{1}.proto".format(filename, version) dst = os.path.join(tmp, filename) ProtoPrint(os.path.abspath(base), dst) return dst def Diff(result_file, golden_file): """Execute diff command with unified form Args: result_file: result proto file golden_file: golden proto file Returns: output and status code """ command = 'diff -u ' command += result_file + ' ' command += golden_file status, stdout, stderr = runCommand(command) return [status, stdout, stderr] def Run(cmd, path, filename, version): """Run main execution for protoxform test Args: cmd: fix or freeze? path: target proto path filename: target proto filename version: api version to specify target result proto filename Returns: result message extracted from diff command """ message = "" with tempfile.TemporaryDirectory() as tmp: golden_path = GoldenProtoFile(path, filename, version) test_path = ResultProtoFile(cmd, path, tmp, filename, version) if os.stat(golden_path).st_size == 0 and not os.path.exists(test_path): return message status, stdout, stderr = Diff(golden_path, test_path) if status != 0: message = '\n'.join([str(line) for line in stdout + stderr]) return message if __name__ == "__main__": messages = "" logging.basicConfig(format='%(message)s') cmd = sys.argv[1] for target in sys.argv[2:]: path, filename = PathAndFilename(target) messages += Run(cmd, path, filename, 'active_or_frozen') messages += Run(cmd, path, filename, 'next_major_version_candidate') messages += Run(cmd, path, filename, 'next_major_version_candidate.envoy_internal') if len(messages) == 0: logging.warning("PASS") sys.exit(0) else: logging.error("FAILED:\n{}".format(messages)) sys.exit(1) ================================================ FILE: tools/protoxform/utils.py ================================================ import os from tools.type_whisperer.api_type_db_pb2 import TypeDb from google.protobuf import text_format _typedb = None def GetTypeDb(): assert _typedb != None return _typedb def LoadTypeDb(type_db_path): global _typedb _typedb = TypeDb() with open(type_db_path, 'r') as f: text_format.Merge(f.read(), _typedb) ================================================ FILE: tools/run_command.py ================================================ import subprocess # Echoes and runs an OS command, returning exit status and the captured # stdout and stderr as a string array. def runCommand(command): proc = subprocess.run([command], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) return proc.returncode, proc.stdout.decode('utf-8').split('\n'), proc.stderr.decode( 'utf-8').split('\n') ================================================ FILE: tools/shell_utils.sh ================================================ #!/bin/bash source_venv() { VENV_DIR=$1 if [[ "${VIRTUAL_ENV}" == "" ]]; then if [[ ! -d "${VENV_DIR}"/venv ]]; then virtualenv "${VENV_DIR}"/venv --python=python3 fi # shellcheck disable=SC1090 source "${VENV_DIR}/venv/bin/activate" else echo "Found existing virtualenv" fi } python_venv() { SCRIPT_DIR=$(realpath "$(dirname "$0")") BUILD_DIR=build_tools PY_NAME="$1" VENV_DIR="${BUILD_DIR}/${PY_NAME}" source_venv "${VENV_DIR}" pip install -r "${SCRIPT_DIR}"/requirements.txt shift python3 "${SCRIPT_DIR}/${PY_NAME}.py" "$*" } ================================================ FILE: tools/socket_passing.py ================================================ #!/usr/bin/env python3 # This tool is a helper script that queries the admin address for all listener # addresses after envoy startup. (The admin address is written out to a file by # setting the -a flag in the envoy binary.) The script then outputs a new json # config file with updated listener addresses. This script is currently called # in the hot restart integration test to update listener addresses bound to # port 0 in the initial json config file. from collections import OrderedDict import argparse import http.client import json import os.path import re import sys import time # Seconds to wait for the admin address output file to appear. The script exits # with failure if the file is not found. ADMIN_FILE_TIMEOUT_SECS = 20 # Because the hot restart files are yaml but yaml support is not included in # python by default, we parse this fairly manually. def GenerateNewConfig(original_yaml, admin_address, updated_json): # Get original listener addresses with open(original_yaml, 'r') as original_file: sys.stdout.write('Admin address is ' + admin_address + '\n') try: admin_conn = http.client.HTTPConnection(admin_address) admin_conn.request('GET', '/listeners?format=json') admin_response = admin_conn.getresponse() if not admin_response.status == 200: return False discovered_listeners = json.loads(admin_response.read().decode('utf-8')) except Exception as e: sys.stderr.write('Cannot connect to admin: %s\n' % e) return False else: raw_yaml = original_file.readlines() index = 0 for discovered in discovered_listeners['listener_statuses']: replaced = False if 'pipe' in discovered['local_address']: path = discovered['local_address']['pipe']['path'] for index in range(index + 1, len(raw_yaml) - 1): if 'pipe:' in raw_yaml[index] and 'path:' in raw_yaml[index + 1]: raw_yaml[index + 1] = re.sub('path:.*', 'path: "' + path + '"', raw_yaml[index + 1]) replaced = True break else: addr = discovered['local_address']['socket_address']['address'] port = str(discovered['local_address']['socket_address']['port_value']) if addr[0] == '[': addr = addr[1:-1] # strip [] from ipv6 address. for index in range(index + 1, len(raw_yaml) - 2): if ('socket_address:' in raw_yaml[index] and 'address:' in raw_yaml[index + 1] and 'port_value:' in raw_yaml[index + 2]): raw_yaml[index + 1] = re.sub('address:.*', 'address: "' + addr + '"', raw_yaml[index + 1]) raw_yaml[index + 2] = re.sub('port_value:.*', 'port_value: ' + port, raw_yaml[index + 2]) replaced = True break if replaced: sys.stderr.write('replaced listener at line ' + str(index) + ' with ' + str(discovered) + '\n') else: sys.stderr.write('Failed to replace a discovered listener ' + str(discovered) + '\n') return False with open(updated_json, 'w') as outfile: outfile.writelines(raw_yaml) finally: admin_conn.close() return True if __name__ == '__main__': parser = argparse.ArgumentParser(description='Replace listener addressses in json file.') parser.add_argument('-o', '--original_json', type=str, required=True, help='Path of the original config json file') parser.add_argument('-a', '--admin_address_path', type=str, required=True, help='Path of the admin address file') parser.add_argument('-u', '--updated_json', type=str, required=True, help='Path to output updated json config file') args = parser.parse_args() admin_address_path = args.admin_address_path # Read admin address from file counter = 0 while not os.path.exists(admin_address_path): time.sleep(1) counter += 1 if counter > ADMIN_FILE_TIMEOUT_SECS: break if not os.path.exists(admin_address_path): sys.exit(1) with open(admin_address_path, 'r') as admin_address_file: admin_address = admin_address_file.read() success = GenerateNewConfig(args.original_json, admin_address, args.updated_json) if not success: sys.exit(1) ================================================ FILE: tools/spelling/check_spelling.sh ================================================ #!/bin/bash # Applies requisite code formatters to the source tree # check_spelling.sh # Why choose misspell? # https://github.com/client9/misspell#what-are-other-misspelling-correctors-and-whats-wrong-with-them set -u set -e VERSION="0.3.4" LINUX_MISSPELL_SHA="34d489dbc5ddb4dfd6d3cfac9fde8660e6c37e6c" MAC_MISSPELL_SHA="f2607e2297b9e8af562e384c38045033375c7433" TMP_DIR="/tmp" OS="" MISSPELL_ARGS="-error -o stderr" if [[ "$#" -lt 1 ]]; then echo "Usage: $0 check|fix" exit 1 fi if [[ "$1" == "fix" ]]; then MISSPELL_ARGS="-w" fi if [[ "$(uname)" == "Darwin" ]]; then OS="mac" elif [[ "$(uname)" == "Linux" ]]; then OS="linux" else echo "Current only support mac/Linux" exit 1 fi SCRIPTPATH=$( cd "$(dirname "$0")" ; pwd -P ) ROOTDIR="${SCRIPTPATH}/../.." cd "$ROOTDIR" BIN_FILENAME="misspell_${VERSION}_${OS}_64bit.tar.gz" # Install tools we need if [[ ! -e "${TMP_DIR}/misspell" ]]; then if ! wget https://github.com/client9/misspell/releases/download/v"${VERSION}"/"${BIN_FILENAME}" \ -O "${TMP_DIR}/${BIN_FILENAME}" --no-verbose --tries=3 -o "${TMP_DIR}/wget.log"; then cat "${TMP_DIR}/wget.log" exit 1 fi tar -xvf "${TMP_DIR}/${BIN_FILENAME}" -C "${TMP_DIR}" &> /dev/null fi ACTUAL_SHA="" EXPECT_SHA="" if [[ "${OS}" == "linux" ]]; then ACTUAL_SHA=$(sha1sum "${TMP_DIR}"/misspell|cut -d' ' -f1) EXPECT_SHA="${LINUX_MISSPELL_SHA}" else ACTUAL_SHA=$(shasum -a 1 "${TMP_DIR}"/misspell|cut -d' ' -f1) EXPECT_SHA="${MAC_MISSPELL_SHA}" fi if [[ ! ${ACTUAL_SHA} == "${EXPECT_SHA}" ]]; then echo "Expect shasum is ${ACTUAL_SHA}, but actual is shasum ${EXPECT_SHA}" exit 1 fi chmod +x "${TMP_DIR}/misspell" # Spell checking # All the skipping files are defined in tools/spelling/spelling_skip_files.txt read -ra SKIP_FILES < "${ROOTDIR}/tools/spelling/spelling_skip_files.txt" read -ra SKIP_FILES <<< "${SKIP_FILES[@]/#/-e }" # All the ignore words are defined in tools/spelling/spelling_allowlist_words.txt SPELLING_ALLOWLIST_WORDS_FILE="${ROOTDIR}/tools/spelling/spelling_allowlist_words.txt" ALLOWLIST_WORDS=$(grep -vE '^#|^$' "${SPELLING_ALLOWLIST_WORDS_FILE}" | xargs | tr ' ' ',') git ls-files | grep -v "${SKIP_FILES[@]}" | xargs "${TMP_DIR}/misspell" -i \ "${ALLOWLIST_WORDS}" ${MISSPELL_ARGS} ================================================ FILE: tools/spelling/check_spelling_pedantic.py ================================================ #! /usr/bin/env python3 from __future__ import print_function import argparse import locale import math import os import re import subprocess import sys from functools import partial from itertools import chain # Handle function rename between python 2/3. try: input = raw_input except NameError: pass try: cmp except NameError: def cmp(x, y): return (x > y) - (x < y) CURR_DIR = os.path.dirname(os.path.realpath(__file__)) # Special comment commands control behavior. These may appear anywhere # within a comment, but only one per line. The command applies to the # entire line on which it appears. The "off" command disables spell # checking until the next "on" command, or end-of-file. The # "skip-file" command disables spell checking in the entire file (even # previous comments). In a multi-line (/* */) comment, "skip-block" # disables spell checking for the remainder of the comment. For # sequences of full-line comments (only white space before a // # comment), "skip-block" disables spell checking the sequence of # comments is interrupted by a blank line or a line with code. SPELLCHECK_OFF = "SPELLCHECKER(off)" # disable SPELLCHECK_ON (or EOF) SPELLCHECK_ON = "SPELLCHECKER(on)" # (re-)enable SPELLCHECK_SKIP_FILE = "SPELLCHECKER(skip-file)" # disable checking this entire file SPELLCHECK_SKIP_BLOCK = "SPELLCHECKER(skip-block)" # disable to end of comment # Single line comments: // comment OR /* comment */ # Limit the characters that may precede // to help filter out some code # mistakenly processed as a comment. INLINE_COMMENT = re.compile(r'(?:^|[^:"])//( .*?$|$)|/\*+(.*?)\*+/') # Multi-line comments: /* comment */ (multiple lines) MULTI_COMMENT_START = re.compile(r'/\*(.*?)$') MULTI_COMMENT_END = re.compile(r'^(.*?)\*/') # Envoy TODO comment style. TODO = re.compile(r'(TODO|NOTE)\s*\(@?[A-Za-z0-9-]+\):?') # Ignore parameter names in doxygen comments. METHOD_DOC = re.compile('@(param\s+\w+|return(\s+const)?\s+\w+)') # Camel Case splitter CAMEL_CASE = re.compile(r'[A-Z]?[a-z]+|[A-Z]+(?=[A-Z]|$)') # Base64: we assume base64 encoded data in tests is never mixed with # other comments on a single line. BASE64 = re.compile(r'^[\s*]+([A-Za-z0-9/+=]{16,})\s*$') NUMBER = re.compile(r'\d') # Hex: match 1) longish strings of hex digits (to avoid matching "add" and # other simple words that happen to look like hex), 2) 2 or more two digit # hex numbers separated by colons, 3) "0x" prefixed hex numbers of any length, # or 4) UUIDs. HEX = re.compile(r'(?:^|\s|[(])([A-Fa-f0-9]{8,})(?:$|\s|[.,)])') HEX_SIG = re.compile(r'(?:\W|^)([A-Fa-f0-9]{2}(:[A-Fa-f0-9]{2})+)(?:\W|$)') PREFIXED_HEX = re.compile(r'0x[A-Fa-f0-9]+') UUID = re.compile(r'[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}') BIT_FIELDS = re.compile(r'[01]+[XxYy]+') AB_FIELDS = re.compile(r'\W([AB]+)\W') # Matches e.g. FC00::/8 or 2001::abcd/64. Does not match ::1/128, but # aspell ignores that anyway. IPV6_ADDR = re.compile(r'(?:\W|^)([A-Fa-f0-9]+:[A-Fa-f0-9:]+/[0-9]{1,3})(?:\W|$)') # Quoted words: "word", 'word', or *word*. QUOTED_WORD = re.compile(r'((["\'])[A-Za-z0-9.:-]+(\2))|(\*[A-Za-z0-9.:-]+\*)') # Backtick-quoted words that look like code. Note the overlap with RST_LINK. QUOTED_EXPR = re.compile(r'`[A-Za-z0-9:()<>_.,/{}\[\]&*-]+`') # Tuple expressions like (abc, def). TUPLE_EXPR = re.compile(r'\([A-Za-z0-9]+(?:, *[A-Za-z0-9]+){1,}\)') # Command flags (e.g. "-rf") and percent specifiers. FLAG = re.compile(r'\W([-%][A-Za-z]+)') # Bare github users (e.g. @user). USER = re.compile(r'\W(@[A-Za-z0-9-]+)') # RST Links (e.g. `text `_, :ref:`text `) RST_LINK = re.compile(r'`([^`<])+<([^ ]+)>`') # RST inline literals. RST_LITERAL = re.compile(r'``.*``') # RST code block marker. RST_CODE_BLOCK = '.. code-block::' # Path names. ABSPATH = re.compile(r'(?:\s|^)((/[A-Za-z0-9_.*-]+)+)(?:\s|$)') FILEREF = re.compile(r'(?:\s|^)([A-Za-z0-9_./-]+\.(cc|h|py|sh))(?:\s|$)') # Ordinals (1st, 2nd, 3rd, 4th, ...) ORDINALS = re.compile(r'([0-9]*1st|[0-9]*2nd|[0-9]*3rd|[0-9]+th)') # Start of string indent. INDENT = re.compile(r'^( *)') SMART_QUOTES = { "\u2018": "'", "\u2019": "'", "\u201c": '"', "\u201d": '"', } # Valid dictionary words. Anything else crashes aspell. DICTIONARY_WORD = re.compile(r"^[A-Za-z']+$") DEBUG = 0 COLOR = True MARK = False def red(s): if COLOR: return "\33[1;31m" + s + "\033[0m" return s def debug(s): if DEBUG > 0: print(s) def debug1(s): if DEBUG > 1: print(s) class SpellChecker: """Aspell-based spell checker.""" def __init__(self, dictionary_file): self.dictionary_file = dictionary_file self.aspell = None self.prefixes = [] self.suffixes = [] self.prefix_re = None self.suffix_re = None def start(self): words, prefixes, suffixes = self.load_dictionary() self.prefixes = prefixes self.suffixes = suffixes self.prefix_re = re.compile("(?:\s|^)((%s)-)" % ("|".join(prefixes)), re.IGNORECASE) self.suffix_re = re.compile("(-(%s))(?:\s|$)" % ("|".join(suffixes)), re.IGNORECASE) # Generate aspell personal dictionary. pws = os.path.join(CURR_DIR, '.aspell.en.pws') with open(pws, 'w') as f: f.write("personal_ws-1.1 en %d\n" % (len(words))) f.writelines(words) # Start an aspell process. aspell_args = ["aspell", "pipe", "--lang=en_US", "--encoding=utf-8", "--personal=" + pws] self.aspell = subprocess.Popen(aspell_args, bufsize=4096, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, universal_newlines=True) # Read the version line that aspell emits on startup. self.aspell.stdout.readline() def stop(self): if not self.aspell: return self.aspell.stdin.close() self.aspell.wait() self.aspell = None def check(self, line): if line.strip() == '': return [] self.aspell.poll() if self.aspell.returncode is not None: print("aspell quit unexpectedly: return code %d" % (self.aspell.returncode)) sys.exit(2) debug1("ASPELL< %s" % (line)) self.aspell.stdin.write(line + os.linesep) self.aspell.stdin.flush() errors = [] while True: result = self.aspell.stdout.readline().strip() debug1("ASPELL> %s" % (result)) # Check for end of results. if result == "": break t = result[0] if t == "*" or t == "-" or t == "+": # *: found in dictionary. # -: found run-together words in dictionary. # +: found root word in dictionary. continue # & : m1, m2, ... mN, g1, g2, ... # ? 0 : g1, g2, .... # # original, rem = result[2:].split(" ", 1) if t == "#": # Not in dictionary, but no suggestions. errors.append((original, int(rem), [])) elif t == '&' or t == '?': # Near misses and/or guesses. _, rem = rem.split(" ", 1) # Drop N (may be 0). o, rem = rem.split(": ", 1) # o is offset from start of line. suggestions = rem.split(", ") errors.append((original, int(o), suggestions)) else: print("aspell produced unexpected output: %s" % (result)) sys.exit(2) return errors def load_dictionary(self): # Read the custom dictionary. all_words = [] with open(self.dictionary_file, 'r') as f: all_words = f.readlines() # Strip comments, invalid words, and blank lines. words = [w for w in all_words if len(w.strip()) > 0 and re.match(DICTIONARY_WORD, w)] suffixes = [w.strip()[1:] for w in all_words if w.startswith('-')] prefixes = [w.strip()[:-1] for w in all_words if w.strip().endswith('-')] # Allow acronyms and abbreviations to be spelled in lowercase. # (e.g. Convert "HTTP" into "HTTP" and "http" which also matches # "Http"). for word in words: if word.isupper(): words += word.lower() return (words, prefixes, suffixes) def add_words(self, additions): lines = [] with open(self.dictionary_file, 'r') as f: lines = f.readlines() additions = [w + os.linesep for w in additions] additions.sort() # Insert additions into the lines ignoring comments, suffixes, and blank lines. idx = 0 add_idx = 0 while idx < len(lines) and add_idx < len(additions): line = lines[idx] if len(line.strip()) != 0 and line[0] != "#" and line[0] != '-': c = cmp(additions[add_idx], line) if c < 0: lines.insert(idx, additions[add_idx]) add_idx += 1 elif c == 0: add_idx += 1 idx += 1 # Append any remaining additions. lines += additions[add_idx:] with open(self.dictionary_file, 'w') as f: f.writelines(lines) self.stop() self.start() # Split camel case words and run them through the dictionary. Returns # a replacement list of errors. The replacement list may contain just # the original error (if the word is not camel case), may be empty if # the split words are all spelled correctly, or may be a new set of # errors referencing the misspelled sub-words. def check_camel_case(checker, err): (word, word_offset, _) = err debug("check camel case %s" % (word)) parts = re.findall(CAMEL_CASE, word) # Word is not camel case: the previous result stands. if len(parts) <= 1: debug(" -> not camel case") return [err] split_errs = [] part_offset = 0 for part in parts: debug(" -> part: %s" % (part)) split_err = checker.check(part) if split_err: debug(" -> not found in dictionary") split_errs += [(part, word_offset + part_offset, split_err[0][2])] part_offset += len(part) return split_errs # Check for affixes and run them through the dictionary again. Returns # a replacement list of errors which may just be the original errors # or empty if an affix was successfully handled. def check_affix(checker, err): (word, word_offset, _) = err debug("check affix %s" % (word)) for prefix in checker.prefixes: debug(" -> try %s" % (prefix)) if word.lower().startswith(prefix.lower()): root = word[len(prefix):] if root != '': debug(" -> check %s" % (root)) root_err = checker.check(root) if not root_err: debug(" -> ok") return [] for suffix in checker.suffixes: if word.lower().endswith(suffix.lower()): root = word[:-len(suffix)] if root != '': debug(" -> try %s" % (root)) root_err = checker.check(root) if not root_err: debug(" -> ok") return [] return [err] # Find occurrences of the regex within comment and replace the numbered # matching group with spaces. If secondary is defined, the matching # group must also match secondary to be masked. def mask_with_regex(comment, regex, group, secondary=None): found = False for m in regex.finditer(comment): if secondary and secondary.search(m.group(group)) is None: continue start = m.start(group) end = m.end(group) comment = comment[:start] + (' ' * (end - start)) + comment[end:] found = True return (comment, found) # Checks the comment at offset against the spell checker. Result is an array # of tuples where each tuple is the misspelled word, it's offset from the # start of the line, and an array of possible replacements. def check_comment(checker, offset, comment): # Strip smart quotes which cause problems sometimes. for sq, q in SMART_QUOTES.items(): comment = comment.replace(sq, q) # Replace TODO comments with spaces to preserve string offsets. comment, _ = mask_with_regex(comment, TODO, 0) # Ignore @param varname comment, _ = mask_with_regex(comment, METHOD_DOC, 0) # Similarly, look for base64 sequences, but they must have at least one # digit. comment, _ = mask_with_regex(comment, BASE64, 1, NUMBER) # Various hex constants: comment, _ = mask_with_regex(comment, HEX, 1) comment, _ = mask_with_regex(comment, HEX_SIG, 1) comment, _ = mask_with_regex(comment, PREFIXED_HEX, 0) comment, _ = mask_with_regex(comment, BIT_FIELDS, 0) comment, _ = mask_with_regex(comment, AB_FIELDS, 1) comment, _ = mask_with_regex(comment, UUID, 0) comment, _ = mask_with_regex(comment, IPV6_ADDR, 1) # Single words in quotes: comment, _ = mask_with_regex(comment, QUOTED_WORD, 0) # RST inline literals: comment, _ = mask_with_regex(comment, RST_LITERAL, 0) # Mask the reference part of an RST link (but not the link text). Otherwise, check for a quoted # code-like expression (which would mask the link text if not guarded). comment, found = mask_with_regex(comment, RST_LINK, 0) if not found: comment, _ = mask_with_regex(comment, QUOTED_EXPR, 0) comment, _ = mask_with_regex(comment, TUPLE_EXPR, 0) # Command flags: comment, _ = mask_with_regex(comment, FLAG, 1) # Github user refs: comment, _ = mask_with_regex(comment, USER, 1) # Absolutew paths and references to source files. comment, _ = mask_with_regex(comment, ABSPATH, 1) comment, _ = mask_with_regex(comment, FILEREF, 1) # Ordinals (1st, 2nd...) comment, _ = mask_with_regex(comment, ORDINALS, 0) if checker.prefix_re is not None: comment, _ = mask_with_regex(comment, checker.prefix_re, 1) if checker.suffix_re is not None: comment, _ = mask_with_regex(comment, checker.suffix_re, 1) # Everything got masked, return early. if comment == "" or comment.strip() == "": return [] # Mask leading punctuation. if not comment[0].isalnum(): comment = ' ' + comment[1:] errors = checker.check(comment) # Fix up offsets relative to the start of the line vs start of the comment. errors = [(w, o + offset, s) for (w, o, s) in errors] # CamelCase words get split and re-checked errors = [*chain.from_iterable(map(lambda err: check_camel_case(checker, err), errors))] errors = [*chain.from_iterable(map(lambda err: check_affix(checker, err), errors))] return errors def print_error(file, line_offset, lines, errors): # Highlight misspelled words. line = lines[line_offset] prefix = "%s:%d:" % (file, line_offset + 1) for (word, offset, suggestions) in reversed(errors): line = line[:offset] + red(word) + line[offset + len(word):] print("%s%s" % (prefix, line.rstrip())) if MARK: # Print a caret at the start of each misspelled word. marks = ' ' * len(prefix) last = 0 for (word, offset, suggestions) in errors: marks += (' ' * (offset - last)) + '^' last = offset + 1 print(marks) def print_fix_options(word, suggestions): print("%s:" % (word)) print(" a: accept and add to dictionary") print(" A: accept and add to dictionary as ALLCAPS (for acronyms)") print(" f : replace with the given word without modifying dictionary") print(" i: ignore") print(" r : replace with given word and add to dictionary") print(" R : replace with given word and add to dictionary as ALLCAPS (for acronyms)") print(" x: abort") if not suggestions: return col_width = max(len(word) for word in suggestions) opt_width = int(math.log(len(suggestions), 10)) + 1 padding = 2 # Two spaces of padding. delim = 2 # Colon and space after number. num_cols = int(78 / (col_width + padding + opt_width + delim)) num_rows = int(len(suggestions) / num_cols + 1) rows = [""] * num_rows indent = " " * padding for idx, sugg in enumerate(suggestions): row = idx % len(rows) row_data = "%d: %s" % (idx, sugg) rows[row] += indent + row_data.ljust(col_width + opt_width + delim) for row in rows: print(row) def fix_error(checker, file, line_offset, lines, errors): print_error(file, line_offset, lines, errors) fixed = {} replacements = [] additions = [] for (word, offset, suggestions) in errors: if word in fixed: # Same typo was repeated in a line, so just reuse the previous choice. replacements += [fixed[word]] continue print_fix_options(word, suggestions) replacement = "" while replacement == "": try: choice = input("> ") except EOFError: choice = "x" add = None if choice == "x": print("Spell checking aborted.") sys.exit(2) elif choice == "a": replacement = word add = word elif choice == "A": replacement = word add = word.upper() elif choice[:1] == "f": replacement = choice[1:].strip() if replacement == "": print("Invalid choice: '%s'. Must specify a replacement (e.g. 'f corrected')." % (choice)) continue elif choice == "i": replacement = word elif choice[:1] == "r" or choice[:1] == "R": replacement = choice[1:].strip() if replacement == "": print("Invalid choice: '%s'. Must specify a replacement (e.g. 'r corrected')." % (choice)) continue if choice[:1] == "R": if replacement.upper() not in suggestions: add = replacement.upper() elif replacement not in suggestions: add = replacement else: try: idx = int(choice) except ValueError: idx = -1 if idx >= 0 and idx < len(suggestions): replacement = suggestions[idx] else: print("Invalid choice: '%s'" % (choice)) fixed[word] = replacement replacements += [replacement] if add: if re.match(DICTIONARY_WORD, add): additions += [add] else: print("Cannot add %s to the dictionary: it may only contain letter and apostrophes" % add) if len(errors) != len(replacements): print("Internal error %d errors with %d replacements" % (len(errors), len(replacements))) sys.exit(2) # Perform replacements on the line. line = lines[line_offset] for idx in range(len(replacements) - 1, -1, -1): word, offset, _ = errors[idx] replacement = replacements[idx] if word == replacement: continue line = line[:offset] + replacement + line[offset + len(word):] lines[line_offset] = line # Update the dictionary. checker.add_words(additions) class Comment: """Comment represents a comment at a location within a file.""" def __init__(self, line, col, text, last_on_line): self.line = line self.col = col self.text = text self.last_on_line = last_on_line # Extract comments from lines. Returns an array of Comment. def extract_comments(lines): in_comment = False comments = [] for line_idx, line in enumerate(lines): line_comments = [] last = 0 if in_comment: mc_end = MULTI_COMMENT_END.search(line) if mc_end is None: # Full line is within a multi-line comment. line_comments.append((0, line)) else: # Start of line is the end of a multi-line comment. line_comments.append((0, mc_end.group(1))) last = mc_end.end() in_comment = False if not in_comment: for inline in INLINE_COMMENT.finditer(line, last): # Single-line comment. m = inline.lastindex # 1 is //, 2 is /* ... */ line_comments.append((inline.start(m), inline.group(m))) last = inline.end(m) if last < len(line): mc_start = MULTI_COMMENT_START.search(line, last) if mc_start is not None: # New multi-lie comment starts at end of line. line_comments.append((mc_start.start(1), mc_start.group(1))) in_comment = True for idx, line_comment in enumerate(line_comments): col, text = line_comment last_on_line = idx + 1 >= len(line_comments) comments.append(Comment(line=line_idx, col=col, text=text, last_on_line=last_on_line)) # Handle control statements and filter out comments that are part of # RST code block directives. result = [] n = 0 nc = len(comments) while n < nc: text = comments[n].text if SPELLCHECK_SKIP_FILE in text: # Skip the file: just don't return any comments. return [] pos = text.find(SPELLCHECK_ON) if pos != -1: # Ignored because spellchecking isn't disabled. Just mask out the command. comments[n].text = text[:pos] + ' ' * len(SPELLCHECK_ON) + text[pos + len(SPELLCHECK_ON):] result.append(comments[n]) n += 1 elif SPELLCHECK_OFF in text or SPELLCHECK_SKIP_BLOCK in text: skip_block = SPELLCHECK_SKIP_BLOCK in text last_line = n n += 1 while n < nc: if skip_block: if comments[n].line - last_line > 1: # Gap in comments. We've skipped the block. break line = lines[comments[n].line] if line[:comments[n].col].strip() != "": # Some code here. We've skipped the block. break elif SPELLCHECK_ON in comments[n].text: # Turn checking back on. n += 1 break n += 1 elif text.strip().startswith(RST_CODE_BLOCK): # Start of a code block. indent = len(INDENT.search(text).group(1)) last_line = comments[n].line n += 1 while n < nc: if comments[n].line - last_line > 1: # Gap in comments. Code block is finished. break last_line = comments[n].line if comments[n].text.strip() != "": # Blank lines are ignored in code blocks. if len(INDENT.search(comments[n].text).group(1)) <= indent: # Back to original indent, or less. The code block is done. break n += 1 else: result.append(comments[n]) n += 1 return result def check_file(checker, file, lines, error_handler): in_code_block = 0 code_block_indent = 0 num_errors = 0 comments = extract_comments(lines) errors = [] for comment in comments: errors += check_comment(checker, comment.col, comment.text) if comment.last_on_line and len(errors) > 0: # Handle all the errors in a line. num_errors += len(errors) error_handler(file, comment.line, lines, errors) errors = [] return (len(comments), num_errors) def execute(files, dictionary_file, fix): checker = SpellChecker(dictionary_file) checker.start() handler = print_error if fix: handler = partial(fix_error, checker) total_files = 0 total_comments = 0 total_errors = 0 for path in files: with open(path, 'r') as f: lines = f.readlines() total_files += 1 (num_comments, num_errors) = check_file(checker, path, lines, handler) total_comments += num_comments total_errors += num_errors if fix and num_errors > 0: with open(path, 'w') as f: f.writelines(lines) checker.stop() print("Checked %d file(s) and %d comment(s), found %d error(s)." % (total_files, total_comments, total_errors)) return total_errors == 0 if __name__ == "__main__": # Force UTF-8 across all open and popen calls. Fallback to 'C' as the # language to handle hosts where en_US is not recognized (e.g. CI). try: locale.setlocale(locale.LC_ALL, 'en_US.UTF-8') except: locale.setlocale(locale.LC_ALL, 'C.UTF-8') default_dictionary = os.path.join(CURR_DIR, 'spelling_dictionary.txt') parser = argparse.ArgumentParser(description="Check comment spelling.") parser.add_argument('operation_type', type=str, choices=['check', 'fix'], help="specify if the run should 'check' or 'fix' spelling.") parser.add_argument('target_paths', type=str, nargs="*", help="specify the files for the script to process.") parser.add_argument('-d', '--debug', action='count', default=0, help="Debug spell checker subprocess.") parser.add_argument('--mark', action='store_true', help="Emits extra output to mark misspelled words.") parser.add_argument('--dictionary', type=str, default=default_dictionary, help="specify a location for Envoy-specific dictionary words") parser.add_argument('--color', type=str, choices=['on', 'off', 'auto'], default="auto", help="Controls colorized output. Auto limits color to TTY devices.") parser.add_argument('--test-ignore-exts', dest='test_ignore_exts', action='store_true', help="For testing, ignore file extensions.") args = parser.parse_args() COLOR = args.color == "on" or (args.color == "auto" and sys.stdout.isatty()) DEBUG = args.debug MARK = args.mark paths = args.target_paths if not paths: paths = ['./api', './include', './source', './test', './tools'] # Exclude ./third_party/ directory from spell checking, even when requested through arguments. # Otherwise git pre-push hook checks it for merged commits. paths = [ path for path in paths if not path.startswith('./third_party/') and not path.startswith('./third_party/') ] exts = ['.cc', '.h', '.proto'] if args.test_ignore_exts: exts = None target_paths = [] for p in paths: if os.path.isdir(p): for root, _, files in os.walk(p): target_paths += [ os.path.join(root, f) for f in files if (exts is None or os.path.splitext(f)[1] in exts) ] if os.path.isfile(p) and (exts is None or os.path.splitext(p)[1] in exts): target_paths += [p] rv = execute(target_paths, args.dictionary, args.operation_type == 'fix') if args.operation_type == 'check': if not rv: print( "ERROR: spell check failed. Run 'tools/spelling/check_spelling_pedantic.py fix and/or add new " "words to tools/spelling/spelling_dictionary.txt'") sys.exit(1) print("PASS") ================================================ FILE: tools/spelling/check_spelling_pedantic_test.py ================================================ #! /usr/bin/env python3 # Tests check_spelling_pedantic.py. Normally run from check_spelling_pedantic.sh. from __future__ import print_function from run_command import runCommand import argparse import logging import os import sys curr_dir = os.path.dirname(os.path.realpath(__file__)) tools = os.path.dirname(curr_dir) src = os.path.join(tools, 'testdata', 'spelling') check_spelling = sys.executable + " " + os.path.join(curr_dir, 'check_spelling_pedantic.py') # Runs the 'check_spelling_pedanic' operation, on the specified file, # printing the comamnd run and the status code as well as the stdout, # and returning all of that to the caller. def runCheckFormat(operation, filename): command = check_spelling + " --test-ignore-exts " + operation + " " + filename status, stdout, stderr = runCommand(command) return (command, status, stdout + stderr) def getInputFile(filename): return os.path.join(src, filename) def emitStdoutAsError(stdout): logging.error("\n".join(stdout)) def expectError(filename, status, stdout, expected_substrings): if status == 0: logging.error("%s: Expected %d errors, but succeeded" % (filename, len(expected_substrings))) return 1 errors = 0 for expected_substring in expected_substrings: found = False for line in stdout: if expected_substring in line: found = True break if not found: logging.error("%s: Could not find '%s' in:\n" % (filename, expected_substring)) emitStdoutAsError(stdout) errors += 1 return errors def checkFileExpectingErrors(filename, expected_substrings): command, status, stdout = runCheckFormat("check", getInputFile(filename)) return expectError(filename, status, stdout, expected_substrings) def checkFilePathExpectingOK(filename): command, status, stdout = runCheckFormat("check", filename) if status != 0: logging.error("Expected %s to have no errors; status=%d, output:\n" % (filename, status)) emitStdoutAsError(stdout) return status def checkFileExpectingOK(filename): return checkFilePathExpectingOK(getInputFile(filename)) def runChecks(): errors = 0 errors += checkFileExpectingOK("valid") errors += checkFileExpectingOK("skip_file") errors += checkFileExpectingOK("exclusions") errors += checkFileExpectingOK("third_party/something/file.cc") errors += checkFileExpectingOK("./third_party/something/file.cc") errors += checkFileExpectingErrors("typos", ["spacific", "reelistic", "Awwful", "combeenations", "woork"]) errors += checkFileExpectingErrors( "skip_blocks", ["speelinga", "speelingb", "speelingc", "speelingd", "speelinge"]) errors += checkFileExpectingErrors("on_off", ["speelinga", "speelingb"]) errors += checkFileExpectingErrors("rst_code_block", ["speelinga", "speelingb"]) errors += checkFileExpectingErrors("word_splitting", ["Speeled", "Korrectly"]) return errors if __name__ == "__main__": parser = argparse.ArgumentParser(description='tester for check_format.py.') parser.add_argument('--log', choices=['INFO', 'WARN', 'ERROR'], default='INFO') args = parser.parse_args() logging.basicConfig(format='%(message)s', level=args.log) errors = runChecks() if errors != 0: logging.error("%d FAILURES" % errors) exit(1) logging.warning("PASS") ================================================ FILE: tools/spelling/check_spelling_pedantic_test.sh ================================================ #!/bin/bash tools=$(dirname "$(dirname "$(realpath "$0")")") root=$(realpath "$tools/..") cd "$root" || exit 1 # to satisfy dependency on run_command export PYTHONPATH="$tools" ./tools/spelling/check_spelling_pedantic_test.py "$@" ================================================ FILE: tools/spelling/spelling_allowlist_words.txt ================================================ # One word per line, these words are not spell checked. # you can add a comment to each word to explain why you don't need to do a spell check. ================================================ FILE: tools/spelling/spelling_dictionary.txt ================================================ # Word list for check_spelling_pedantic.py -- any entry in ALLCAPS will also be accepted in # lower case and title case (e.g. HTTP will accept http and Http). Entries in all lower case # will accept title case (e.g. lyft matches Lyft). Prefixes (e.g., un-) or suffixes (e.g. -ing) # are allowed for any otherwise correctly spelled word. ABI ACK ACL AES AFAICT ALPN ALS AMZ APC API ARN ASAN ASCII ASM ASSERTs AST AWS Allowlisted BACKTRACE BSON BPF CAS CB CDN CDS CEL DSR HEXDIG HEXDIGIT LTT OWS TIDs ceil CHACHA CHLO CHMOD CHLOS CHLOs CIDR CLA CLI CMSG CN CNAME COMMANDREPLY CP CPP CPU CQ CRC CRL CRLFs CRT CSDS CSRF CSS CSV CTX CTXs CVC CVE CX Cxx CYGWIN DER DESC DFATAL DGRAM DLOG DNS DNSSEC DQUOTE DRYs DS DST DW DWORD EADDRINUSE EADDRNOTAVAIL EAGAIN ECDH ECDHE ECDS ECDSA ECDSAs ECMP ECONNREFUSED EDESTRUCTION EDF EINPROGRESS EINVAL ELB EMSGSIZE ENOTFOUND ENOTSUP ENV EOF EOS EOY EPOLLOUT EPOLLRDHUP EQ ERANGE EV EVAL EVLOOP EVP EWOULDBLOCK EXPECTs EXPR FAQ FASTOPEN FB FCDS FCM FFFF FIN FIPS FIRSTHDR FQDN FREEBIND FUZZER FUZZERS GC GCC GCE GCM GCOVR GCP GETting GLB GOAWAY GRPC GRO GSO GSS GTEST GURL Grabbit Hashable HC HCM HDS HMAC HPACK HTAB HTML HTTP HTTPS HV IAM IANA IDL IETF INADDR INET INVAL IO IOS IP IPPROTO IPV IPs IPv ITOA Injectable Isode Iters JSON JSONs JWKS JWKs JWS JWT JWTs KB KDS Karlsson KiB Kille LBs LC LDS LEV LF LHS LLVM LPT LRS Loggable MB MD MERCHANTABILITY MGET MQ MSET MSVC MTLS MTU MULTIFRAME NACK NACKed NACKs NBF NBSP NDEBUG NEXTHDR NGHTTP NOAUTH NOCHECKRESP NODELAY NOLINT NOLINTNEXTLINE NONBLOCK NONCES NOSORT NS NUL Nilsson Nonhashable Oauth OCSP OID OK OOM OOMs OS OSI OSS OSX OT OU OVFL PAYLOADLEN PB PCC PEERCRED PEM PERF PGV PID PKTINFO PNG PostCBs PREBIND PRNG PROT Postgre Postgres Prereq QDCOUNT QUIC QoS RAII RANLUX RBAC RDN RDS README RECVDSTADDR RECVPKTINFO REFNIL REQ REUSEADDR REUSEPORT RFC RHS RLE RLS RNG RPC RSA RST RTDS RTTI RUNDIR RW RX RXQ Rebalance Runn SA SAN SCT SDK SDS SENDSRCADDR SHA SHM SIGABRT SIGBUS SIGFPE SIGILL SIGINT SIGPIPE SIGSEGV SIGTERM SMTP SNI SOTW SPD SPDY SPIFFE SPKI SQL SR SRCDIR SRDS SRV SS SSL STDSTRING STL STRLEN STS SVG Symbolizer TBD TCLAP TCP TE TFO TID TLS TLSv TLV TMPDIR TODO TPM TSAN TSI TTL TTLs TX TXT UA UBSAN UDP UDS UNC URI URL USEVC UTC UTF UUID UUIDs VC VCHAR VH VHDS VLOG VM WAITFORONE WASM WAVM WIP WKT WRONGPASS WRR WS WSA WSABUF WSAEINVAL WSS Welford's Wi XDS XFCC XFF XML XN XNOR XSS YAML ZXID absl accesslog accessor accessors acks acls addr agg alice alignas alignof alloc alloca allocator allowlist allowlisted alls alphanumerics amongst anno anys appmesh arg argc args argv artisanal ary asctime asm async atoi atomicity atomics atoull auth authenticator authenticators authlen authn auths authz autoscale backend backends backgrounded backoff backpressure backticks backtraces backtracing balancer balancers barbaz basename baz bazel behaviour benchmarked bidi bignum bitfield bitset bitwise blackhole blackholed bookkeep bool boolean booleans bools boringssl borks broadcasted buf buflen bugprone builtin builtins bulkstrings bursty bytecode bytestream bytestring cacheable cacheability callee callsite callsites callstack cancellable cancelled cancelling canonicalization canonicalize canonicalized canonicalizer canonicalizing cardinality casted charset checkin checksum chrono chroot chunked ci ciphersuite ciphersuites circllhist CITT cloneable cloneability cmd cmsghdr codebase codec codecs codepath codings combinatorial comparator compat completable cond condvar conf config configs conn conns const constexpr constructible copyable coroutine coroutines cors cout coverity cplusplus cpuset creds crypto cryptographic cryptographically cstate cstring ctor ctrl customizations darwin datadog datagram datagrams de deallocate deallocated deallocating deallocation dec dechunk dechunked decl decls decompressor decompressors decrement decrypt dedup dedupe deduplicate deduplicates deflater deletable deleter delim deque deprecations dereference dereferences deregistered deserialization deserialize deserialized deserializer deserializers deserializing dest destructor destructors desynchronize deterministically determinize dev dgst dir dirname djb downcalls downcasted downcased downstreams drainable dtor dubbo dup durations dynamodb emplace emplaced emscripten emsdk enablement encodings endian endianness endl enqueue enqueued enqueues enum enums epoll errno etag etags evaluator evbuffer evbuffers evconnlistener evented evwatch exe execlp exprfor expectable extrahelp faceplant facto failover fallbacks fastbuild favicon fbs fcntl fd fds fdstat filename filenames fileno filesystem firefox fixdate fixup flatbuffer flatc fmt fmtlib fn formatter formatters formedness frontend ftruncate func functor functors gRPC gateway gcov genrule getaddrinfo getaffinity gethostname getifaddrs getpeername getsockname getsockopt getter getters github globals gmock goog google goto gso gzip hackery hacky handshaker hardcoded hardcoding hasher hashtagging hd hdr healthcheck healthchecker healthcheckers healthchecks healths healthz hermeticity highp hoc hostname hostnames hostset hotrestart hrefs huffman hystrix idempotency idx ifdef iff ified impl implementors impls indices inflater inflight -ing init initializer initializers inlined inlining inobservability inotify instantiation instantiations interpretable intra ints invariance iovec iovecs ips iptables ish istio istream istringstream iteratively javascript jitter jittered kafka keepalive keepalives ketama keyder kqueue kubernetes kv kvs lala latencies ld ldd len lenenc lexically libc libevent libprotobuf libtool libstdc lifecycle lightstep linearization linearize linearized linux livelock llvm loc localhost lockless login loglevel logstream lookup lookups loopback lossy lowp lstat ltrim lua lyft maglev malloc marshaller matchable matcher matchers maxage maxbuffer megamiss mem memcmp memcpy mergeable messagename metadata metamethod metaprogramming metatable microbenchmarks midp milli misconfiguration misconfigured mixin mkdir mmap mmsg mmsghdr mongo moveable msec msg msghdr multi multicast multikill multimap multivalue mutator mutex mutexes mux muxed mysql namelen nameserver namespace namespaced namespaces namespacing nan natively ndk netblock netblocks netfilter nonblocking noncopyable nonresponsive noop nop nthreads ntohl ntop nullable nulled nullopt nullptr num numkeys oauth observability ocagent offsetof oneof oneway opcode opencensus openssl opentracing optimizations optname optval ostream outlier outliers overprovisioned overprovisioning overridable oversized packagename pageheap param parameterization parameterize parameterized parameterizing params paren parens parentid parentspanid parseable parsers passphrase passthrough pathname pausable pcall pcap pclose performant pfctl pipelined pipelining pkey plaintext pluggable pointee popen pos posix postfix postfixes postgres postgresql pragma pre preallocate preallocating preallocation precalculated precompile precompiled precompute precomputed predeclared prefetch prefetched prefetches preflight preorder prepend prepended prepends prev probabilistically proc profiler programmatically prometheus proto protobuf protobufs protoc protodoc protos protoxform proxied pseudocode pthread pton ptr ptrs pubkey pwd py qdtext qps quantile quantiles quiesce quitquitquit qvalue rapidjson ratelimit ratelimited ratelimiter rawseti rc readded readonly readv realloc rebalanced rebalancing rebuffer rebuilder reconnection recurse recv recvfrom recvmmsg recvmsg redis redispatch redistributions reentrant refactor refactored refcount referencee referer refetch regex regexes reified reify reimplements rele releasor reloadable remoting renderers reparse repeatability reperform repicked repo reproducibility requirepass reselecting reserialize reservable resize resized resizes resizing resolv resolvers responder restarter resync retransmitting retriable retriggers revalidated revalidation rmdir rocketmq rewriter rollout roundtrip rpcs rq rtrim rtt ruleset runfiles runtime runtimes rver rxhash sandboxed sanitization sanitizer satisfiable scalability sched schedulable schemas scopekey sd secp sendmsg sendmmsg sendto serializable serializer serv setenv setsockopt sig sigaction sigactions siginfo signalstack siloed sim sizeof smatch snapshotted sockaddr socketpair sockfd socklen sockopt sockopts somestring spanid spdlog splitter spoofable src ssize stackdriver stacktrace startup stateful statsd stderr stdev stdin stdout stmt str streambuf strerr strerror stringbuf stringified stringify stringstream strtoull struct structs subclassed subclasses subdirectories subdirectory subdirs subexpr subexpressions subitems submatch submessages subnet subnets suboptimal subsecond subseconds subsequence subsetting substr substring substrings subtrees subtype subtypes subzone superclass superset symlink symlinked symlinks synchronizer syncookie sys syscall syscalls sysctl sz tchar tchars tcmalloc tcpdump teardown tempdir templated templating templatize templatized templatizing testability testcase testcases testdata testee threadsafe thru timespan timestamp timestamps timeval tmp tmpfile tokenize tokenizes tokenizing toolchain traceid traceparent transcode transcoded transcoder transcoding transferral triaged trie tuple tuples typedef typeid typesafe uber ucontext udpa uint un- unacked unary unconfigurable undef underflowing unfreed unicast unicode unindexed uninstantiated uniq unittest unix unref unreferenced unzigzag upcasts upstreams uptime upvalue urls userdata userinfo username usr util utils valgrind validator validators vanishingly varchar variadic varint vec vectorize verifier verifiers versa versioned vhost viewable vip virtualhost virtualize vptr wakeup wakeups websocket wepoll whitespace whitespaces wildcard wildcards winsock workspace writev xDS xDSes xeon xform xhtml xid xmodem xxhash xxs zag zig zipkin zlib OBQ SemVer SCM ================================================ FILE: tools/spelling/spelling_skip_files.txt ================================================ OWNERS.md corpus ================================================ FILE: tools/stack_decode.py ================================================ #!/usr/bin/env python3 # Call addr2line as needed to resolve addresses in a stack trace. The addresses # will be replaced if they can be resolved into file and line numbers. The # executable must include debugging information to get file and line numbers. # # Two ways to call: # 1) Execute binary as a subprocess: stack_decode.py executable_file [args] # 2) Read log data from stdin: stack_decode.py -s executable_file # # In each case this script will add file and line information to any backtrace log # lines found and echo back all non-Backtrace lines untouched. import collections import re import subprocess import sys # Process the log output looking for stacktrace snippets, for each line found to # contain backtrace output extract the address and call add2line to get the file # and line information. Output appended to end of original backtrace line. Output # any nonmatching lines unmodified. End when EOF received. def decode_stacktrace_log(object_file, input_source, address_offset=0): traces = {} # Match something like: # [backtrace] [bazel-out/local-dbg/bin/source/server/_virtual_includes/backtrace_lib/server/backtrace.h:84] backtrace_marker = "\[backtrace\] [^\s]+" # Match something like: # ${backtrace_marker} #10: SYMBOL [0xADDR] # or: # ${backtrace_marker} #10: [0xADDR] stackaddr_re = re.compile("%s #\d+:(?: .*)? \[(0x[0-9a-fA-F]+)\]$" % backtrace_marker) # Match something like: # #10 0xLOCATION (BINARY+0xADDR) asan_re = re.compile(" *#\d+ *0x[0-9a-fA-F]+ *\([^+]*\+(0x[0-9a-fA-F]+)\)") try: while True: line = input_source.readline() if line == "": return # EOF stackaddr_match = stackaddr_re.search(line) if not stackaddr_match: stackaddr_match = asan_re.search(line) if stackaddr_match: address = stackaddr_match.groups()[0] if address_offset != 0: address = hex(int(address, 16) - address_offset) file_and_line_number = run_addr2line(object_file, address) file_and_line_number = trim_proc_cwd(file_and_line_number) if address_offset != 0: sys.stdout.write("%s->[%s] %s" % (line.strip(), address, file_and_line_number)) else: sys.stdout.write("%s %s" % (line.strip(), file_and_line_number)) continue else: # Pass through print all other log lines: sys.stdout.write(line) except KeyboardInterrupt: return # Execute addr2line with a particular object file and input string of addresses # to resolve, one per line. # # Returns list of result lines def run_addr2line(obj_file, addr_to_resolve): return subprocess.check_output(["addr2line", "-Cpie", obj_file, addr_to_resolve]).decode('utf-8') # Because of how bazel compiles, addr2line reports file names that begin with # "/proc/self/cwd/" and sometimes even "/proc/self/cwd/./". This isn't particularly # useful information, so trim it out and make a perfectly useful relative path. def trim_proc_cwd(file_and_line_number): trim_regex = r'/proc/self/cwd/(\./)?' return re.sub(trim_regex, '', file_and_line_number) # Execute pmap with a pid to calculate the addr offset # # Returns list of extended process memory information. def run_pmap(pid): return subprocess.check_output(['pmap', '-qX', str(pid)]).decode('utf-8')[1:] # Find the virtual address offset of the process. This may be needed due ASLR. # # Returns the virtual address offset as an integer, or 0 if unable to determine. def find_address_offset(pid): try: proc_memory = run_pmap(pid) match = re.search(r'([a-f0-9]+)\s+r-xp', proc_memory) if match is None: return 0 return int(match.group(1), 16) except (subprocess.CalledProcessError, PermissionError): return 0 if __name__ == "__main__": if len(sys.argv) > 2 and sys.argv[1] == '-s': decode_stacktrace_log(sys.argv[2], sys.stdin) sys.exit(0) elif len(sys.argv) > 1: rununder = subprocess.Popen(sys.argv[1:], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, universal_newlines=True) offset = find_address_offset(rununder.pid) decode_stacktrace_log(sys.argv[1], rununder.stdout, offset) rununder.wait() sys.exit(rununder.returncode) # Pass back test pass/fail result else: print("Usage (execute subprocess): stack_decode.py executable_file [additional args]") print("Usage (read from stdin): stack_decode.py -s executable_file") sys.exit(1) ================================================ FILE: tools/testdata/check_format/add_envoy_package.BUILD ================================================ licenses(["notice"]) # Apache 2 envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/add_envoy_package.BUILD.gold ================================================ load("//bazel:envoy_build_system.bzl", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/angle_bracket_include.cc ================================================ namespace Envoy { #include } // namespace Envoy ================================================ FILE: tools/testdata/check_format/angle_bracket_include.cc.gold ================================================ namespace Envoy { #include "common/common/utility.h" } // namespace Envoy ================================================ FILE: tools/testdata/check_format/api/missing_package.proto ================================================ ================================================ FILE: tools/testdata/check_format/attribute_packed.cc ================================================ namespace Envoy { typedef struct { int a; int b; } __attribute__((packed)) s; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/bad_envoy_build_sys_ref.BUILD ================================================ load( "@envoy//bazel:envoy_build_system.bzl", "envoy_cc_binary", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "envoy-static", stamped = True, ) ================================================ FILE: tools/testdata/check_format/bad_envoy_build_sys_ref.BUILD.gold ================================================ load( "//bazel:envoy_build_system.bzl", "envoy_cc_binary", "envoy_package", ) licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "envoy-static", stamped = True, ) ================================================ FILE: tools/testdata/check_format/bazel_tools.BUILD ================================================ licenses(["notice"]) # Apache 2 envoy_cc_binary( name = "envoy-static", stamped = True, deps = ["@bazel_tools//some:thing"], ) ================================================ FILE: tools/testdata/check_format/canonical_api_deps.BUILD ================================================ load("//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() # Deps can be inferred, irrelevant deps are removed. envoy_cc_library( name = "foo", srcs = ["canonical_api_deps.cc", "canonical_api_deps.other.cc"], hdrs = ["canonical_api_deps.h"], deps = ["@envoy_api//envoy/types:pkg_cc_proto"], ) ================================================ FILE: tools/testdata/check_format/canonical_api_deps.BUILD.gold ================================================ load("//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() # Deps can be inferred, irrelevant deps are removed. envoy_cc_library( name = "foo", srcs = [ "canonical_api_deps.cc", "canonical_api_deps.other.cc", ], hdrs = ["canonical_api_deps.h"], deps = [ "@envoy_api//envoy/api/v2/core:pkg_cc_proto", "@envoy_api//envoy/api/v2/route:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v2:pkg_cc_proto", ], ) ================================================ FILE: tools/testdata/check_format/canonical_api_deps.cc ================================================ #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "envoy/api/v2/core/base.pb.h" ================================================ FILE: tools/testdata/check_format/canonical_api_deps.h ================================================ #include "envoy/api/v2/route/route.pb.h" ================================================ FILE: tools/testdata/check_format/canonical_api_deps.other.cc ================================================ include "envoy/api/v2/listener/listener.validate.pb.h" ================================================ FILE: tools/testdata/check_format/canonical_spacing.BUILD ================================================ licenses(["notice"]) # Apache 2 load("//bazel:envoy_build_system.bzl", "envoy_package") envoy_package() envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/canonical_spacing.BUILD.gold ================================================ load("//bazel:envoy_build_system.bzl", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/clang_format_double_off.cc ================================================ namespace Envoy { // clang-format off // Turning clang format off should not be nested // clang-format off } // namespace Envoy ================================================ FILE: tools/testdata/check_format/clang_format_double_on.cc ================================================ namespace Envoy { // Turning clang format on when it already is enabled is not allowed // clang-format on } // namespace Envoy ================================================ FILE: tools/testdata/check_format/clang_format_off.cc ================================================ namespace Envoy { // clang-format off // Deliberate trailing spaces after periods in formatted content/comments // need to be retained, follow clang-format handling for Envoy-specific // rule sets. // ~ ~ // . . // ) // ---- // clang-format on } // namespace Envoy ================================================ FILE: tools/testdata/check_format/clang_format_on.cc ================================================ namespace Envoy { // clang-format off // Some ignored content. // clang-format on // Over enthusiastic spaces should be fixed after clang-format is turned on // Too many spaces. Here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/clang_format_on.cc.gold ================================================ namespace Envoy { // clang-format off // Some ignored content. // clang-format on // Over enthusiastic spaces should be fixed after clang-format is turned on // Too many spaces. Here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/clang_format_trailing_off.cc ================================================ namespace Envoy { // clang format should be turned back on before the end of the file // clang-format off } // namespace Envoy ================================================ FILE: tools/testdata/check_format/commented_throw.cc ================================================ namespace Envoy { void foo() { // throw std::runtime_error("error"); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/condition_variable.cc ================================================ #include namespace Envoy { // Awesome stuff goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/condition_variable_any.cc ================================================ #include namespace Envoy { // Awesome stuff goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/condvar_wait_for.cc ================================================ namespace Envoy { // Directly calling waitFor on a condvar no good; need to inject TimeSystem. int waiting() { return condvar.waitFor(mutex, duration); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/counter_from_string.cc ================================================ namespace Envoy { void init(Stats::Scope& scope) { scope.counterFromString("hello"); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/cpp_std.cc ================================================ #include #include "absl/memory/memory.h" namespace Envoy { std::unique_ptr to_be_fix = absl::make_unique(0); // Awesome stuff goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/cpp_std.cc.gold ================================================ #include #include "absl/memory/memory.h" namespace Envoy { std::unique_ptr to_be_fix = std::make_unique(0); // Awesome stuff goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/designated_initializers.cc ================================================ namespace Envoy { typedef struct { int a; int b; } s; s my_struct = {.a = 1, .b = 2}; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/duration_value.cc ================================================ #include namespace Envoy { std::chrono::duration foo() { return std::chrono::steady_clock::duration(12345); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/duration_value_zero.cc ================================================ #include namespace Envoy { std::chrono::duration foo_int() { return std::chrono::steady_clock::duration(0); } std::chrono::duration foo_decimal() { return std::chrono::steady_clock::duration(0.0); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/elvis_operator.cc ================================================ namespace Envoy { int val = 0 ?: 1; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/extra_enthusiastic_spaces.cc ================================================ namespace Envoy { // Three spaces. Need to fix them all in one shot if we want "fix" to result // in a file that "check"s. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/extra_enthusiastic_spaces.cc.gold ================================================ namespace Envoy { // Three spaces. Need to fix them all in one shot if we want "fix" to result // in a file that "check"s. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/gauge_from_string.cc ================================================ namespace Envoy { void init(Stats::Scope& scope) { scope.gaugeFromString("hello"); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/grpc_init.cc ================================================ namespace Envoy { void foo() { grpc_init(); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/grpc_shutdown.cc ================================================ namespace Envoy { void foo() { grpc_shutdown(); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/header_order.cc ================================================ #include "absl/types/optional.h" #include "common/api/api_impl.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/utility.h" #include "common/version/version.h" #include "common/config/resources.h" #include "common/config/utility.h" #include "common/local_info/local_info_impl.h" #include "common/memory/stats.h" #include "common/network/address_impl.h" #include "common/protobuf/utility.h" #include "common/router/rds_impl.h" #include "common/runtime/runtime_impl.h" #include "common/singleton/manager_impl.h" #include "common/stats/thread_local_store.h" #include "common/upstream/cluster_manager_impl.h" #include #include "envoy/admin/v2alpha/config_dump.pb.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "envoy/config/bootstrap/v2//bootstrap.pb.validate.h" #include "envoy/event/dispatcher.h" #include "envoy/event/signal.h" #include "envoy/event/timer.h" #include "envoy/network/dns.h" #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" #include #include "server/configuration_impl.h" #include "server/connection_handler_impl.h" #include "server/guarddog_impl.h" #include "server/listener_hooks.h" #include #include #include namespace Envoy { // Something awesome goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/header_order.cc.gold ================================================ #include #include #include #include #include #include "envoy/admin/v2alpha/config_dump.pb.h" #include "envoy/config/bootstrap/v2//bootstrap.pb.validate.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/event/signal.h" #include "envoy/event/timer.h" #include "envoy/network/dns.h" #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" #include "common/api/api_impl.h" #include "common/api/os_sys_calls_impl.h" #include "common/common/utility.h" #include "common/config/resources.h" #include "common/config/utility.h" #include "common/local_info/local_info_impl.h" #include "common/memory/stats.h" #include "common/network/address_impl.h" #include "common/protobuf/utility.h" #include "common/router/rds_impl.h" #include "common/runtime/runtime_impl.h" #include "common/singleton/manager_impl.h" #include "common/stats/thread_local_store.h" #include "common/upstream/cluster_manager_impl.h" #include "common/version/version.h" #include "server/configuration_impl.h" #include "server/connection_handler_impl.h" #include "server/guarddog_impl.h" #include "server/listener_hooks.h" #include "absl/types/optional.h" namespace Envoy { // Something awesome goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/histogram_from_string.cc ================================================ namespace Envoy { void init(Stats::Scope& scope) { scope.histogramFromString("hello", Stats::Histogram::Unit::Unspecified); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/license.BUILD ================================================ ================================================ FILE: tools/testdata/check_format/license.BUILD.gold ================================================ licenses(["notice"]) # Apache 2 ================================================ FILE: tools/testdata/check_format/long_line.cc ================================================ namespace Envoy { HereIsAVeryLongTypeItsReallyPrettyAbsurdButSomeTimesWeNeedToBeCreative& andIfWeMakeTypeLongWeShouldMakeTheFunctionLongTooDontYouThink(int a, int b); } // namespace Envoy ================================================ FILE: tools/testdata/check_format/long_line.cc.gold ================================================ namespace Envoy { HereIsAVeryLongTypeItsReallyPrettyAbsurdButSomeTimesWeNeedToBeCreative & andIfWeMakeTypeLongWeShouldMakeTheFunctionLongTooDontYouThink(int a, int b); } // namespace Envoy ================================================ FILE: tools/testdata/check_format/mutex.cc ================================================ #include namespace Envoy { // Awesome stuff goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/no_namespace_envoy.cc ================================================ // Lacks the proper Envoy namespace. ================================================ FILE: tools/testdata/check_format/over_enthusiastic_spaces.cc ================================================ namespace Envoy { // Two spaces. No, one space is the style in Envoy. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/over_enthusiastic_spaces.cc.gold ================================================ namespace Envoy { // Two spaces. No, one space is the style in Envoy. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/pgv_string.proto ================================================ // this proto file is used to check proto validation ERROR min_bytes ================================================ FILE: tools/testdata/check_format/proto.BUILD ================================================ licenses(["notice"]) # Apache 2 envoy_cc_binary( name = "envoy-static", stamped = True, deps = ["protobuf"], ) ================================================ FILE: tools/testdata/check_format/proto.BUILD.gold ================================================ licenses(["notice"]) # Apache 2 envoy_cc_binary( name = "envoy-static", stamped = True, deps = ["protobuf"], ) ================================================ FILE: tools/testdata/check_format/proto_deps.cc ================================================ #include "google/protobuf.h" namespace Envoy { // Something awesome goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/proto_deps.cc.gold ================================================ #include "google/protobuf.h" namespace Envoy { // Something awesome goes here. } // namespace Envoy ================================================ FILE: tools/testdata/check_format/proto_enum_mangling.cc ================================================ #include "foo.h" namespace Envoy { void foo() { auto bar = ::envoy::foo::bar::v2::RedisProxy_ConnPoolSettings_ReadPolicy_ANY; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/proto_format.proto ================================================ // This comment is too long for the line-limit built into our clang configuration, so it will need to be wrapped. ================================================ FILE: tools/testdata/check_format/proto_format.proto.gold ================================================ // This comment is too long for the line-limit built into our clang // configuration, so it will need to be wrapped. ================================================ FILE: tools/testdata/check_format/proto_style.cc ================================================ namespace Envoy { Protobuf::Any any; Protobuf::Empty empty; Protobuf::ListValue list_value; Protobuf::Value value = Protobuf::NULL_VALUE; Protobuf::StringValue stringvalue; Protobuf::Struct struct; Protobuf::Value value; Protobuf::MapPair mappair; ProtobufWkt::Map map; ProtobufWkt::MapPair mappair; ProtobufUtil::MessageDifferencer messagedifferencer; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/proto_style.cc.gold ================================================ namespace Envoy { ProtobufWkt::Any any; ProtobufWkt::Empty empty; ProtobufWkt::ListValue list_value; ProtobufWkt::Value value = ProtobufWkt::NULL_VALUE; ProtobufWkt::StringValue stringvalue; ProtobufWkt::Struct struct; ProtobufWkt::Value value; Protobuf::MapPair mappair; Protobuf::Map map; Protobuf::MapPair mappair; Protobuf::util::MessageDifferencer messagedifferencer; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/real_time_source.cc ================================================ namespace Envoy { int foo() { RealTimeSource real_time_source; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/real_time_source_override.cc ================================================ namespace Envoy { int foo() { RealTimeSource real_time_source; // NO_CHECK_FORMAT(real_time) } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/real_time_system.cc ================================================ namespace Envoy { int foo() { RealTimeSystem real_time_system; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/regex.cc ================================================ #include namespace Envoy { struct BadRegex { std::regex bad_; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/remove_unused_loads.BUILD ================================================ load("//foo.bzl", "bar") load("//bazel:envoy_build_system.bzl", "envoy_package", "envoy_cc_library") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/remove_unused_loads.BUILD.gold ================================================ load("//bazel:envoy_build_system.bzl", "envoy_package") licenses(["notice"]) # Apache 2 envoy_package() envoy_cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/serialize_as_string.cc ================================================ namespace Envoy { void use_serialize_as_string() { google::protobuf::FieldMask mask; const std::string key = mask.SerializeAsString(); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/shared_mutex.cc ================================================ #include namespace Envoy { void make_a_mutex() { std::shared_timed_mutex mutex; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/skip_envoy_package.BUILD ================================================ load("@rules_cc//cc:defs.bzl", "cc_binary") licenses(["notice"]) # Apache 2 cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/skip_envoy_package.BUILD.gold ================================================ load("@rules_cc//cc:defs.bzl", "cc_binary") licenses(["notice"]) # Apache 2 cc_binary( name = "foo", ) ================================================ FILE: tools/testdata/check_format/sleep.cc ================================================ namespace Envoy { // Directly calling sleep_for is no good; must inject time system. int waiting() { return std::this_thread::sleep_for(mutex, duration); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_any.cc ================================================ #include namespace Envoy { void bar() { std::any foo; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_atomic_free_functions.cc ================================================ #include namespace Envoy { void do_atomic_stuff() { std::atomic atomic_flag(false); std::atomic_store(&atomic_flag, true); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_get_if.cc ================================================ #include namespace Envoy { void foo() { absl::variant x{12}; auto y = std::get_if(&x); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_get_time.cc ================================================ #include #include namespace Envoy { void parse_time() { std::tm t = {}; std::istringstream ss("2018-December-17 14:38:00"); ss >> std::get_time(&t, "%Y-%b-%d %H:%M:%S"); if (ss.fail()) { std::cout << "Parse failed\n"; } else { std::cout << std::put_time(&t, "%c") << '\n'; } } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_holds_alternative.cc ================================================ #include namespace Envoy { void foo() { absl::variant x{12}; auto y = std::holds_alternative(x); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_make_optional.cc ================================================ #include namespace Envoy { void foo() { uint64_t value = 1; uint64_t optional_value = std::make_optional(value); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_monostate.cc ================================================ #include namespace Envoy { struct S { S(int i) : i(i) {} int i; }; void foo() { absl::variant x; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_optional.cc ================================================ #include namespace Envoy { void bar() { std::optional foo; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_string_view.cc ================================================ #include namespace Envoy { void foo() { std::string_view x("a string literal"); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_unordered_map.cc ================================================ #include namespace Envoy { std::unordered_map foo; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_unordered_set.cc ================================================ #include namespace Envoy { std::unordered_set foo; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_variant.cc ================================================ #include namespace Envoy { void bar() { std::variant foo; } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/std_visit.cc ================================================ #include namespace Envoy { struct SomeVisitorFunctor { template void operator()(const T& i) const {} }; void foo() { absl::variant x{12}; SomeVisitorFunctor visitor; std::visit(visitor, x); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/steady_clock.cc ================================================ namespace Envoy { int foo() { return std::chrono::steady_clock::now(); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/strerror.cc ================================================ #include namespace Envoy { char* get_error_illegal(int err) { return strerror(err); } char* get_error_legal1(int err) { return some_other_strerror(err); } char* get_error_legal2(int err) { return strerror2(err); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/system_clock.cc ================================================ namespace Envoy { int foo() { return std::chrono::system_clock::now(); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/test/register_factory.cc ================================================ namespace Envoy { static Registry::RegisterFactory registration; } // namespace ================================================ FILE: tools/testdata/check_format/test_naming.cc ================================================ namespace Envoy { TEST_F(FooBar, testSomething) { } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/testing_test.cc ================================================ namespace Envoy { using testing::Test; } // namespace Envoy ================================================ FILE: tools/testdata/check_format/throw.cc ================================================ namespace Envoy { void foo() { throw std::runtime_error("error"); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/time_system_wait_for.cc ================================================ namespace Envoy { int waiting() { return timeSystem().waitFor(mutex, condvar, duration); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/unpack_to.cc ================================================ namespace Envoy { int foo() { ProtobufWky::Any bar; Protobuf::Message baz; bar.UnpackTo(baz); } } // namespace Envoy ================================================ FILE: tools/testdata/check_format/update_license.BUILD ================================================ load("//some:thing.bzl", "foo") licenses(["whatevs"]) foo() ================================================ FILE: tools/testdata/check_format/update_license.BUILD.gold ================================================ load("//some:thing.bzl", "foo") licenses(["notice"]) # Apache 2 foo() ================================================ FILE: tools/testdata/check_format/version_history/current.rst ================================================ 1.10.0 (pending) ================ Section One ----------------------------- *Some doc text* * zzzzz: this should be alphabatized after a. * aaaaa: this should be alphabatized before z. * aaaaa: aaaa is before 'this'. * access log: Added should be added not Added. Another Section --------------- *Doc string here* * server: changed server code. * upstream: made a change. Deprecated ---------- * no * enforcement * here ================================================ FILE: tools/testdata/protoxform/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "fix_protos", visibility = ["//visibility:public"], deps = [ "//tools/testdata/protoxform/envoy/v2:fix_protos", ], ) proto_library( name = "freeze_protos", visibility = ["//visibility:public"], deps = [ "//tools/testdata/protoxform/envoy/active_non_terminal/v2:freeze_protos", "//tools/testdata/protoxform/envoy/active_terminal/v2:freeze_protos", "//tools/testdata/protoxform/envoy/frozen/v2:freeze_protos", "//tools/testdata/protoxform/envoy/frozen/v3:freeze_protos", ], ) ================================================ FILE: tools/testdata/protoxform/envoy/active_non_terminal/v2/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "freeze_protos", srcs = ["active_non_terminal.proto"], visibility = ["//visibility:public"], deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: tools/testdata/protoxform/envoy/active_non_terminal/v2/active_non_terminal.proto ================================================ syntax = "proto3"; package envoy.active_non_terminal.v2; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message ActiveNonTerminal { int32 foo = 1 [deprecated = true]; int32 bar = 2; } ================================================ FILE: tools/testdata/protoxform/envoy/active_non_terminal/v2/active_non_terminal.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.active_non_terminal.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.active_non_terminal.v2"; option java_outer_classname = "ActiveNonTerminalProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; message ActiveNonTerminal { int32 foo = 1 [deprecated = true]; int32 bar = 2; } ================================================ FILE: tools/testdata/protoxform/envoy/active_non_terminal/v2/active_non_terminal.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.active_non_terminal.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.active_non_terminal.v3"; option java_outer_classname = "ActiveNonTerminalProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; message ActiveNonTerminal { option (udpa.annotations.versioning).previous_message_type = "envoy.active_non_terminal.v2.ActiveNonTerminal"; int32 hidden_envoy_deprecated_foo = 1 [deprecated = true]; int32 bar = 2; } ================================================ FILE: tools/testdata/protoxform/envoy/active_non_terminal/v2/active_non_terminal.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.active_non_terminal.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.active_non_terminal.v3"; option java_outer_classname = "ActiveNonTerminalProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; message ActiveNonTerminal { option (udpa.annotations.versioning).previous_message_type = "envoy.active_non_terminal.v2.ActiveNonTerminal"; reserved 1; reserved "foo"; int32 bar = 2; } ================================================ FILE: tools/testdata/protoxform/envoy/active_terminal/v2/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "freeze_protos", srcs = ["active_terminal.proto"], visibility = ["//visibility:public"], deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: tools/testdata/protoxform/envoy/active_terminal/v2/active_terminal.proto ================================================ syntax = "proto3"; package envoy.active_terminal.v2; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message ActiveTerminal { int32 foo = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/active_terminal/v2/active_terminal.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.active_terminal.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.active_terminal.v2"; option java_outer_classname = "ActiveTerminalProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; message ActiveTerminal { int32 foo = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/active_terminal/v2/active_terminal.proto.next_major_version_candidate.envoy_internal.gold ================================================ ================================================ FILE: tools/testdata/protoxform/envoy/active_terminal/v2/active_terminal.proto.next_major_version_candidate.gold ================================================ ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v2/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "freeze_protos", srcs = ["frozen.proto"], visibility = ["//visibility:public"], deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v2/frozen.proto ================================================ syntax = "proto3"; package envoy.frozen.v2; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = FROZEN; message Frozen { int32 foo = 1; int32 bar = 2 [deprecated = true]; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v2/frozen.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.frozen.v2; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.frozen.v2"; option java_outer_classname = "FrozenProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = FROZEN; message Frozen { int32 foo = 1; int32 bar = 2 [deprecated = true]; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v2/frozen.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.frozen.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.frozen.v3"; option java_outer_classname = "FrozenProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message Frozen { option (udpa.annotations.versioning).previous_message_type = "envoy.frozen.v2.Frozen"; int32 foo = 1; int32 hidden_envoy_deprecated_bar = 2 [deprecated = true]; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v2/frozen.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.frozen.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.frozen.v3"; option java_outer_classname = "FrozenProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message Frozen { option (udpa.annotations.versioning).previous_message_type = "envoy.frozen.v2.Frozen"; reserved 2; reserved "bar"; int32 foo = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v3/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "freeze_protos", srcs = ["frozen.proto"], visibility = ["//visibility:public"], deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v3/frozen.proto ================================================ syntax = "proto3"; package envoy.frozen.v3; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message Frozen { int32 foo = 1; reserved 2; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v3/frozen.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.frozen.v3; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.frozen.v3"; option java_outer_classname = "FrozenProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; message Frozen { reserved 2; int32 foo = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v3/frozen.proto.next_major_version_candidate.envoy_internal.gold ================================================ ================================================ FILE: tools/testdata/protoxform/envoy/frozen/v3/frozen.proto.next_major_version_candidate.gold ================================================ ================================================ FILE: tools/testdata/protoxform/envoy/v2/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "fix_protos", srcs = [ "discovery_service.proto", "fully_qualified_names.proto", "oneof.proto", "package_move.proto", "sample.proto", ], visibility = ["//visibility:public"], deps = [ "//tools/testdata/protoxform/external:external_protos", "@com_github_cncf_udpa//udpa/annotations:pkg", "@envoy_api//envoy/annotations:pkg", "@envoy_api//envoy/api/v2:pkg", ], ) proto_library( name = "freeze_protos", srcs = [ "active_non_terminal.proto", "active_terminal.proto", "frozen.proto", ], visibility = ["//visibility:public"], deps = [ "@com_github_cncf_udpa//udpa/annotations:pkg", "@envoy_api//envoy/annotations:pkg", "@envoy_api//envoy/api/v2:pkg", ], ) ================================================ FILE: tools/testdata/protoxform/envoy/v2/discovery_service.proto ================================================ syntax = "proto3"; package envoy.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; service SomeDiscoveryService { option (envoy.annotations.resource).type = "envoy.v2.SomeResource"; rpc StreamSomething(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaSomething(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchSomething(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:some"; option (google.api.http).body = "*"; } } message SomeResource { string foo = 1 [(udpa.annotations.field_migrate).rename = "bar"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/discovery_service.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.v2; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.v2"; option java_outer_classname = "DiscoveryServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; service SomeDiscoveryService { option (envoy.annotations.resource).type = "envoy.v2.SomeResource"; rpc StreamSomething(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaSomething(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchSomething(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v2/discovery:some"; option (google.api.http).body = "*"; } } message SomeResource { string foo = 1 [(udpa.annotations.field_migrate).rename = "bar"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/discovery_service.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.v3; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "DiscoveryServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; service SomeDiscoveryService { option (envoy.annotations.resource).type = "envoy.v3.SomeResource"; rpc StreamSomething(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaSomething(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchSomething(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:some"; option (google.api.http).body = "*"; } } message SomeResource { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.SomeResource"; string bar = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/discovery_service.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.v3; import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; import "envoy/annotations/resource.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "DiscoveryServiceProto"; option java_multiple_files = true; option java_generic_services = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; service SomeDiscoveryService { option (envoy.annotations.resource).type = "envoy.v3.SomeResource"; rpc StreamSomething(stream api.v2.DiscoveryRequest) returns (stream api.v2.DiscoveryResponse) { } rpc DeltaSomething(stream api.v2.DeltaDiscoveryRequest) returns (stream api.v2.DeltaDiscoveryResponse) { } rpc FetchSomething(api.v2.DiscoveryRequest) returns (api.v2.DiscoveryResponse) { option (google.api.http).post = "/v3/discovery:some"; option (google.api.http).body = "*"; } } message SomeResource { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.SomeResource"; string bar = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/fully_qualified_names.proto ================================================ syntax = "proto3"; package envoy.v2; import "envoy/api/v2/core/base.proto"; import "tools/testdata/protoxform/external/root_type.proto"; import "tools/testdata/protoxform/external/package_type.proto"; import "google/protobuf/any.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option (udpa.annotations.file_migrate).move_to_package = "envoy.external.v3"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // Verifies normalization of fully-qualified type names. message UsesFullyQualifiedTypeNames { envoy.api.v2.core.Locality another_envoy_type = 1; .envoy.api.v2.core.Locality another_envoy_type_fqn = 2; google.protobuf.Any google_protobuf_any = 3; .google.protobuf.Any google_protobuf_any_fqn = 4; external.PackageLevelType external_package_level_type = 5; .external.PackageLevelType external_package_level_type_fqn = 6; .RootLevelType external_root_level_type_fqn = 7; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/fully_qualified_names.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.v2; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "tools/testdata/protoxform/external/package_type.proto"; import "tools/testdata/protoxform/external/root_type.proto"; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.v2"; option java_outer_classname = "FullyQualifiedNamesProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.external.v3"; option (udpa.annotations.file_status).package_version_status = ACTIVE; // Verifies normalization of fully-qualified type names. // [#next-free-field: 8] message UsesFullyQualifiedTypeNames { api.v2.core.Locality another_envoy_type = 1; api.v2.core.Locality another_envoy_type_fqn = 2; google.protobuf.Any google_protobuf_any = 3; google.protobuf.Any google_protobuf_any_fqn = 4; external.PackageLevelType external_package_level_type = 5; external.PackageLevelType external_package_level_type_fqn = 6; .RootLevelType external_root_level_type_fqn = 7; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/fully_qualified_names.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.external.v3; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "tools/testdata/protoxform/external/package_type.proto"; import "tools/testdata/protoxform/external/root_type.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.external.v3"; option java_outer_classname = "FullyQualifiedNamesProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // Verifies normalization of fully-qualified type names. // [#next-free-field: 8] message UsesFullyQualifiedTypeNames { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.UsesFullyQualifiedTypeNames"; api.v2.core.Locality another_envoy_type = 1; api.v2.core.Locality another_envoy_type_fqn = 2; google.protobuf.Any google_protobuf_any = 3; google.protobuf.Any google_protobuf_any_fqn = 4; .external.PackageLevelType external_package_level_type = 5; .external.PackageLevelType external_package_level_type_fqn = 6; .RootLevelType external_root_level_type_fqn = 7; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/fully_qualified_names.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.external.v3; import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; import "tools/testdata/protoxform/external/package_type.proto"; import "tools/testdata/protoxform/external/root_type.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.external.v3"; option java_outer_classname = "FullyQualifiedNamesProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // Verifies normalization of fully-qualified type names. // [#next-free-field: 8] message UsesFullyQualifiedTypeNames { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.UsesFullyQualifiedTypeNames"; api.v2.core.Locality another_envoy_type = 1; api.v2.core.Locality another_envoy_type_fqn = 2; google.protobuf.Any google_protobuf_any = 3; google.protobuf.Any google_protobuf_any_fqn = 4; .external.PackageLevelType external_package_level_type = 5; .external.PackageLevelType external_package_level_type_fqn = 6; .RootLevelType external_root_level_type_fqn = 7; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/oneof.proto ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message OneofExample { string foo = 1 [(udpa.annotations.field_migrate).oneof_promotion = "baz_specifier"]; oneof bar_specifier { string bar = 2; } string blah = 3 [(udpa.annotations.field_migrate).oneof_promotion = "bar_specifier"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/oneof.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.v2"; option java_outer_classname = "OneofProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; message OneofExample { string foo = 1 [(udpa.annotations.field_migrate).oneof_promotion = "baz_specifier"]; oneof bar_specifier { string bar = 2; } string blah = 3 [(udpa.annotations.field_migrate).oneof_promotion = "bar_specifier"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/oneof.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "OneofProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message OneofExample { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.OneofExample"; oneof baz_specifier { string foo = 1; } oneof bar_specifier { string bar = 2; string blah = 3; } } ================================================ FILE: tools/testdata/protoxform/envoy/v2/oneof.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "OneofProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message OneofExample { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.OneofExample"; oneof baz_specifier { string foo = 1; } oneof bar_specifier { string bar = 2; string blah = 3; } } ================================================ FILE: tools/testdata/protoxform/envoy/v2/package_move.proto ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option (udpa.annotations.file_migrate).move_to_package = "envoy.foo.v3"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message Package { message Entry { string key = 1; string value = 2; } repeated Entry entries = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/package_move.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.v2"; option java_outer_classname = "PackageMoveProto"; option java_multiple_files = true; option (udpa.annotations.file_migrate).move_to_package = "envoy.foo.v3"; option (udpa.annotations.file_status).package_version_status = ACTIVE; message Package { message Entry { string key = 1; string value = 2; } repeated Entry entries = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/package_move.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.foo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.foo.v3"; option java_outer_classname = "PackageMoveProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message Package { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Package"; message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Package.Entry"; string key = 1; string value = 2; } repeated Entry entries = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/package_move.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.foo.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.foo.v3"; option java_outer_classname = "PackageMoveProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; message Package { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Package"; message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Package.Entry"; string key = 1; string value = 2; } repeated Entry entries = 1; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/sample.proto ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option (udpa.annotations.file_status).package_version_status = ACTIVE; enum SomeEnum { DEFAULT = 0 [deprecated = true]; FOO = 1; BAR = 2 [deprecated = true]; BAZ = 3 [(udpa.annotations.enum_value_migrate).rename = "WOW"]; } message Sample { message Entry { string key = 1; string value = 2; } enum DeprecateEnum { option deprecated = true; FIRST = 0; SECOND = 1; } repeated Entry entries = 1; string will_deprecated = 2 [deprecated = true]; string will_rename_compoent = 3 [(udpa.annotations.field_migrate).rename = "renamed_component"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/sample.proto.active_or_frozen.gold ================================================ syntax = "proto3"; package envoy.v2; import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; option java_package = "io.envoyproxy.envoy.v2"; option java_outer_classname = "SampleProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; enum SomeEnum { DEFAULT = 0 [deprecated = true]; FOO = 1; BAR = 2 [deprecated = true]; BAZ = 3 [(udpa.annotations.enum_value_migrate).rename = "WOW"]; } message Sample { enum DeprecateEnum { option deprecated = true; FIRST = 0; SECOND = 1; } message Entry { string key = 1; string value = 2; } repeated Entry entries = 1; string will_deprecated = 2 [deprecated = true]; string will_rename_compoent = 3 [(udpa.annotations.field_migrate).rename = "renamed_component"]; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/sample.proto.next_major_version_candidate.envoy_internal.gold ================================================ syntax = "proto3"; package envoy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "SampleProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; enum SomeEnum { hidden_envoy_deprecated_DEFAULT = 0 [deprecated = true]; FOO = 1; hidden_envoy_deprecated_BAR = 2 [deprecated = true]; WOW = 3; } message Sample { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Sample"; enum DeprecateEnum { option deprecated = true; FIRST = 0; SECOND = 1; } message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Sample.Entry"; string key = 1; string value = 2; } repeated Entry entries = 1; string hidden_envoy_deprecated_will_deprecated = 2 [deprecated = true]; string renamed_component = 3; } ================================================ FILE: tools/testdata/protoxform/envoy/v2/sample.proto.next_major_version_candidate.gold ================================================ syntax = "proto3"; package envoy.v3; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.v3"; option java_outer_classname = "SampleProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; enum SomeEnum { reserved 2; reserved "BAR"; DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE = 0 [deprecated = true]; FOO = 1; WOW = 3; } message Sample { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Sample"; message Entry { option (udpa.annotations.versioning).previous_message_type = "envoy.v2.Sample.Entry"; string key = 1; string value = 2; } reserved 2; reserved "will_deprecated"; repeated Entry entries = 1; string renamed_component = 3; } ================================================ FILE: tools/testdata/protoxform/external/BUILD ================================================ load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "external_protos", srcs = [ "package_type.proto", "root_type.proto", ], visibility = ["//visibility:public"], deps = [], ) ================================================ FILE: tools/testdata/protoxform/external/package_type.proto ================================================ syntax = "proto3"; package external; // Type that belongs to a non-envoy package. // // Part of a test suite that verifies normalization of // fully-qualified type names. message PackageLevelType { } ================================================ FILE: tools/testdata/protoxform/external/root_type.proto ================================================ syntax = "proto3"; // Type that doesn't belong to any package. // // Part of a test suite that verifies normalization of // fully-qualified type names. message RootLevelType { } ================================================ FILE: tools/testdata/spelling/exclusions ================================================ // Lots of things are excluded: // Github user names: // TODO(speeling): is ok // TODO(@speeling): is ok // TODO(speeling) is ok // TODO(@speeling) is ok // NOTE(speeling): is ok // NOTE(@speeling): is ok // NOTE(speeling) is ok // NOTE(@speeling) is ok // Even just bare @speeling is ok // Documentation comments: // @param speeling is ignored here // @return speeling is ignored here // Base64: // ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789/+= // ABCDEFGHIJKLMN12 // Hex: // ACEFBCDA acefbcda // (ACEFBCDA) (acefbcda) // AB:CD:EF ab:cd:ef // 0xABCD 0xabcd // 0xD 0xd // ABCDEFAB-ABCD-ABCD-ABCD-ABCDEFABCDEF // abcdefab-abcd-abcd-abcd-abcdefabcdef // Bit fields: // 00xxxxxx 00XXXXX // 11yyyyyy 11YYYYY // AABBAABB // IPv6: // FC00::/8 // 2001::abcd/64 // Quoted words: // "speeling" 'speeling' *speeling* // "speeling-is-fun-1" 'speeling-is-fun-1' *speeling-is-fun-1* // "speeling:is:fun:1" 'speeling:is:fun:1' *speeling:is:fun:1* // "speeling.is.fun.1" 'speeling.is.fun.1' *speeling.is.fun.1* // Quoted expressions: // `std::speeling` // `namespace::speeling` // Tuple expressions // (speeling, phun) // (speeling,phun) // Flags: // %speeling // -speeling // RST links: // `speeling `_ // :ref:`speeling ` // RST literals: // ``speeling`` // Paths: // /usr/local/speeling // /dev/speeling/* // envoy/speeling.h // envoy/speeling.cc // envoy/speeling.py // envoy/speeling.sh // Ordinals: // 1st, 2nd, 3rd, 4th, 10th, 11th, 1525th. // Affixes: // un-comment // uncomment // verb-ing // verbing ================================================ FILE: tools/testdata/spelling/on_off ================================================ // Bad speelinga. // SPELLCHECKER(off) // Ignoring bad speeling. // SPELLCHECKER(on) // Bad speelingb. // SPELLCHECKER(off) // Ignoring bad speeling to EOF. ================================================ FILE: tools/testdata/spelling/rst_code_block ================================================ // Code blocks are ignored. // .. code-block:: yaml // // - speeling: ignored // foo: bar // // - speeling: still ignored // // Code block ends. No bad speelinga allowed here. // // .. code-block:: cpp // // std::string speeling = "ignored"; // // Code block ends. No bad speelingb allowed here. ================================================ FILE: tools/testdata/spelling/skip_blocks ================================================ // Bad speelinga. // // SPELLCHECKER(skip-block) // Ignored bad speeling. // Bad speelingb. // // SPELLCHECKER(skip-block) // Ignored bad speeling. // // Also ignored bad speeling. Code with bad speeling // Bad speelingc. /* * Bad speelingd. * * SPELLCHECKER(skip-block) * * Ignored bad speeling. */ /* Bad speelinge. */ ================================================ FILE: tools/testdata/spelling/skip_file ================================================ // Bad speeling is ignored everywhere in this file. // SPELLCHECKER(skip-file) // Still ignorig bad speeling. ================================================ FILE: tools/testdata/spelling/typos ================================================ // Don't be too spacific. /** * Let's be reelistic. */ /* Awwful */ /* combeenations */ // still woork. ================================================ FILE: tools/testdata/spelling/valid ================================================ // This is totally fine. Ignore stufff that isn't a komment. /* So is this. */ Heer too. /** * As well as this. */ ================================================ FILE: tools/testdata/spelling/word_splitting ================================================ // CamelCaseWordsMustBeSpeeledCorrectly. // snakeCaseWordsMustBeSpelledKorrectlyToo. ================================================ FILE: tools/type_whisperer/BUILD ================================================ load("@rules_python//python:defs.bzl", "py_binary") load("//bazel:envoy_build_system.bzl", "envoy_cc_library", "envoy_package", "envoy_proto_library") load("//tools/type_whisperer:api_build_file.bzl", "api_build_file") load("//tools/type_whisperer:file_descriptor_set_text.bzl", "file_descriptor_set_text") load("//tools/type_whisperer:type_database.bzl", "type_database") load("//tools/type_whisperer:proto_cc_source.bzl", "proto_cc_source") licenses(["notice"]) # Apache 2 envoy_package() envoy_proto_library( name = "types", srcs = ["types.proto"], ) py_binary( name = "type_whisperer", srcs = ["type_whisperer.py"], visibility = ["//visibility:public"], deps = [ ":types_py_proto", "//tools/api_proto_plugin", "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_protobuf//:protobuf_python", ], ) py_binary( name = "typedb_gen", srcs = ["typedb_gen.py"], visibility = ["//visibility:public"], deps = [ ":api_type_db_proto_py_proto", ":types_py_proto", "//tools/api_proto_plugin:utils", "@com_google_protobuf//:protobuf_python", ], ) py_binary( name = "file_descriptor_set_text_gen", srcs = ["file_descriptor_set_text_gen.py"], visibility = ["//visibility:public"], deps = [ "@com_github_cncf_udpa//udpa/annotations:pkg_py_proto", "@com_google_protobuf//:protobuf_python", ], ) py_binary( name = "proto_cc_source_gen", srcs = ["proto_cc_source_gen.py"], visibility = ["//visibility:public"], ) label_flag( name = "api_type_db_target", build_setting_default = "@envoy_api_canonical//versioning:active_protos", visibility = ["//visibility:public"], ) type_database( name = "api_type_db", targets = [":api_type_db_target"], visibility = ["//visibility:public"], ) file_descriptor_set_text( name = "all_protos_pb_text", deps = ["@envoy_api_canonical//:all_protos"], ) file_descriptor_set_text( name = "all_protos_with_ext_pb_text", with_external_deps = True, deps = ["@envoy_api_canonical//:all_protos"], ) proto_cc_source( name = "embedded_all_protos", constant = "AllProtosPbText", deps = [":all_protos_pb_text"], ) proto_cc_source( name = "embedded_api_type_db", constant = "ApiTypeDbPbText", deps = [":api_type_db"], ) envoy_cc_library( name = "api_type_db_lib", srcs = [ "api_type_db.cc", ":embedded_all_protos", ":embedded_api_type_db", ], hdrs = ["api_type_db.h"], deps = [ "//source/common/protobuf", "//tools/type_whisperer:api_type_db_proto_cc_proto", "@com_github_cncf_udpa//udpa/annotations:pkg_cc_proto", "@com_google_absl//absl/container:node_hash_map", ], ) envoy_proto_library( name = "api_type_db_proto", srcs = ["api_type_db.proto"], deps = ["//tools/type_whisperer:types"], ) py_binary( name = "proto_build_targets_gen", srcs = ["proto_build_targets_gen.py"], deps = [ ":api_type_db_proto_py_proto", ], ) api_build_file( name = "api_build_file", typedb = "//tools/type_whisperer:api_type_db", ) ================================================ FILE: tools/type_whisperer/api_build_file.bzl ================================================ def _api_build_file(ctx): pb_text_set = depset() type_db_file = ctx.attr.typedb.files.to_list()[0] args = [type_db_file.path, ctx.outputs.build.path] ctx.actions.run( executable = ctx.executable._proto_build_targets_gen, arguments = args, inputs = [type_db_file], outputs = [ctx.outputs.build], mnemonic = "ApiBuildFile", use_default_shell_env = True, ) api_build_file = rule( attrs = { "typedb": attr.label( doc = "Type database label.", mandatory = True, ), "_proto_build_targets_gen": attr.label( default = Label("//tools/type_whisperer:proto_build_targets_gen"), executable = True, cfg = "exec", ), }, outputs = { "build": "BUILD.%{name}", }, implementation = _api_build_file, ) ================================================ FILE: tools/type_whisperer/api_type_db.cc ================================================ #include "tools/type_whisperer/api_type_db.h" #include "common/protobuf/protobuf.h" #include "tools/type_whisperer/api_type_db.pb.h" #include "udpa/annotations/migrate.pb.h" namespace Envoy { namespace Tools { namespace TypeWhisperer { extern const char* AllProtosPbText; extern const char* ApiTypeDbPbText; namespace { Protobuf::DescriptorPool* loadDescriptorPool() { Protobuf::FileDescriptorSet file_descriptor_set; if (Protobuf::TextFormat::ParseFromString(AllProtosPbText, &file_descriptor_set)) { auto* descriptor_pool = new Protobuf::DescriptorPool; // The file descriptor pb_text isn't topologically sorted, so need to relax // dependency checking here. descriptor_pool->AllowUnknownDependencies(); for (const auto& file : file_descriptor_set.file()) { descriptor_pool->BuildFile(file); } return descriptor_pool; } return nullptr; } const Protobuf::DescriptorPool& getDescriptorPool() { static auto* descriptor_pool = loadDescriptorPool(); return *descriptor_pool; } tools::type_whisperer::TypeDb* loadApiTypeDb() { auto* api_type_db = new tools::type_whisperer::TypeDb; if (Protobuf::TextFormat::ParseFromString(ApiTypeDbPbText, api_type_db)) { return api_type_db; } return nullptr; } const tools::type_whisperer::TypeDb& getApiTypeDb() { static auto* api_type_db = loadApiTypeDb(); return *api_type_db; } } // namespace absl::optional ApiTypeDb::getExistingTypeInformation(const std::string& type_name) { auto it = getApiTypeDb().types().find(type_name); if (it == getApiTypeDb().types().end()) { return {}; } return absl::make_optional(type_name, it->second.proto_path(), false); } absl::optional ApiTypeDb::getLatestTypeInformation(const std::string& type_name) { std::string latest_type_name; const tools::type_whisperer::TypeDbDescription* latest_type_desc{}; std::string current_type_name = type_name; while (true) { auto it = getApiTypeDb().types().find(current_type_name); if (it == getApiTypeDb().types().end()) { break; } latest_type_name = it->first; latest_type_desc = &it->second; current_type_name = it->second.next_version_type_name(); } if (latest_type_desc == nullptr) { return {}; } const auto* enum_desc = getDescriptorPool().FindEnumTypeByName(type_name); if (enum_desc != nullptr) { auto result = absl::make_optional(latest_type_name, latest_type_desc->proto_path(), true); for (int index = 0; index < enum_desc->value_count(); ++index) { const auto* value = enum_desc->value(index); if (value->options().HasExtension(udpa::annotations::enum_value_migrate)) { result->renames_[value->name()] = value->options().GetExtension(udpa::annotations::enum_value_migrate).rename(); } else if (value->options().deprecated()) { result->renames_[value->name()] = "hidden_envoy_deprecated_" + value->name(); } } return result; } const auto* message_desc = getDescriptorPool().FindMessageTypeByName(type_name); if (message_desc != nullptr) { auto result = absl::make_optional(latest_type_name, latest_type_desc->proto_path(), false); for (int index = 0; index < message_desc->field_count(); ++index) { const auto* field = message_desc->field(index); if (field->options().HasExtension(udpa::annotations::field_migrate)) { result->renames_[field->name()] = field->options().GetExtension(udpa::annotations::field_migrate).rename(); } else if (field->options().deprecated()) { result->renames_[field->name()] = "hidden_envoy_deprecated_" + field->name(); } } return result; } return {}; } } // namespace TypeWhisperer } // namespace Tools } // namespace Envoy ================================================ FILE: tools/type_whisperer/api_type_db.h ================================================ #pragma once #include #include "absl/container/node_hash_map.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" namespace Envoy { namespace Tools { namespace TypeWhisperer { // C++ representation of TypeDbDescription. struct TypeInformation { TypeInformation(absl::string_view type_name, absl::string_view proto_path, bool enum_type) : type_name_(type_name), proto_path_(proto_path), enum_type_(enum_type) {} // Type's name in the next major version of the API. const std::string type_name_; // Path to .proto from API root. const std::string proto_path_; // Is this an enum type? const bool enum_type_; // Field or enum value renames. absl::node_hash_map renames_; }; // We don't expose the raw API type database to consumers, as this requires RTTI // and this may be linked in environments where this is not available (e.g. // libtool binaries). class ApiTypeDb { public: static absl::optional getExistingTypeInformation(const std::string& type_name); static absl::optional getLatestTypeInformation(const std::string& type_name); }; } // namespace TypeWhisperer } // namespace Tools } // namespace Envoy ================================================ FILE: tools/type_whisperer/api_type_db.proto ================================================ syntax = "proto3"; package tools.type_whisperer; message TypeDbDescription { // Fully qualified package name. string qualified_package = 2; // Path to .proto from API root. string proto_path = 3; // Type's name in the next major version of the API. string next_version_type_name = 4; } message NextVersionFileDescription { // Next version qualified package name. string qualified_package = 1; // Next version proto file path. string proto_path = 2; } // API type database. This describes the types in the API and the upgrade path // of types, packages and proto paths across major versions of the API. message TypeDb { // Map from fully qualified type name to description. map types = 1; // Map from .proto path to the proto's path in the next major version of the // API. map next_version_protos = 2; } ================================================ FILE: tools/type_whisperer/file_descriptor_set_text.bzl ================================================ load("@rules_proto//proto:defs.bzl", "ProtoInfo") def _file_descriptor_set_text(ctx): file_descriptor_sets = depset() for dep in ctx.attr.deps: file_descriptor_sets = depset(transitive = [ file_descriptor_sets, dep[ProtoInfo].transitive_descriptor_sets, ]) args = [ctx.outputs.pb_text.path] for dep in file_descriptor_sets.to_list(): ws_name = dep.owner.workspace_name if (not ws_name) or ws_name in ctx.attr.proto_repositories or ctx.attr.with_external_deps: args.append(dep.path) ctx.actions.run( executable = ctx.executable._file_descriptor_set_text_gen, arguments = args, inputs = file_descriptor_sets, outputs = [ctx.outputs.pb_text], mnemonic = "FileDescriptorSetTextGen", use_default_shell_env = True, ) file_descriptor_set_text = rule( attrs = { "deps": attr.label_list( doc = "List of all proto_library deps to be included.", ), "proto_repositories": attr.string_list( default = ["envoy_api_canonical"], allow_empty = False, ), "with_external_deps": attr.bool( doc = "Include file descriptors for external dependencies.", default = False, ), "_file_descriptor_set_text_gen": attr.label( default = Label("//tools/type_whisperer:file_descriptor_set_text_gen"), executable = True, cfg = "exec", ), }, outputs = { "pb_text": "%{name}.pb_text", }, implementation = _file_descriptor_set_text, ) ================================================ FILE: tools/type_whisperer/file_descriptor_set_text_gen.py ================================================ # Generate a text proto from a given list of FileDescriptorSets. # TODO(htuch): switch to base64 encoded binary output in the future, # this will avoid needing to deal with option preserving imports below. import sys from google.protobuf import descriptor_pb2 # Needed to avoid annotation option stripping during pb_text generation. from udpa.annotations import migrate_pb2 def Decode(path): with open(path, 'rb') as f: file_set = descriptor_pb2.FileDescriptorSet() file_set.ParseFromString(f.read()) return str(file_set) if __name__ == '__main__': output_path = sys.argv[1] input_paths = sys.argv[2:] pb_text = '\n'.join(Decode(path) for path in input_paths) with open(output_path, 'w') as f: f.write(pb_text) ================================================ FILE: tools/type_whisperer/proto_build_targets_gen.py ================================================ # Generate api/BUILD based on API type database. This contains target for v2, v3 # and all API protos. This is not the ideal way to be generating docs, see # https://github.com/envoyproxy/envoy/issues/10311#issuecomment-603518498. import os import re import string import sys from tools.type_whisperer.api_type_db_pb2 import TypeDb from google.protobuf import text_format V2_REGEXES = list( map(re.compile, [ r'envoy[\w\.]*\.(v1alpha\d?|v1)', r'envoy[\w\.]*\.(v2alpha\d?|v2)', r'envoy\.type\.matcher$', r'envoy\.type$', r'envoy\.config\.cluster\.redis', r'envoy\.config\.retry\.previous_priorities', ])) V3_REGEX = re.compile(r'envoy[\w\.]*\.(v3alpha|v3)') API_BUILD_FILE_TEMPLATE = string.Template( """# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. load("@rules_proto//proto:defs.bzl", "proto_library") licenses(["notice"]) # Apache 2 proto_library( name = "v2_protos", visibility = ["//visibility:public"], deps = [ $v2_deps ], ) proto_library( name = "v3_protos", visibility = ["//visibility:public"], deps = [ $v3_deps ], ) proto_library( name = "all_protos", visibility = ["//visibility:public"], deps = [ ":v2_protos", ":v3_protos", ], ) """) def LoadTypeDb(type_db_path): type_db = TypeDb() with open(type_db_path, 'r') as f: text_format.Merge(f.read(), type_db) return type_db # Key sort function to achieve consistent results with buildifier. def BuildOrderKey(key): return key.replace(':', '!') # Remove any packages that are definitely non-root, e.g. annotations. def FilterPkgs(pkgs): def AllowedPkg(pkg): return not pkg.startswith('envoy.annotations') return filter(AllowedPkg, pkgs) def DepsFormat(pkgs): return '\n'.join(' "//%s:pkg",' % p.replace('.', '/') for p in sorted(FilterPkgs(pkgs), key=BuildOrderKey)) def IsV2Package(pkg): for regex in V2_REGEXES: if regex.match(pkg): return True return False def IsV3Package(pkg): return V3_REGEX.match(pkg) is not None if __name__ == '__main__': type_db_path, output_path = sys.argv[1:] type_db = LoadTypeDb(type_db_path) # TODO(htuch): generalize to > 2 versions v2_packages = set([]) v3_packages = set([]) for desc in type_db.types.values(): pkg = desc.qualified_package if IsV3Package(pkg): v3_packages.add(pkg) continue if IsV2Package(pkg): v2_packages.add(pkg) # Special case for v2 packages that are part of v3 (still active) if not desc.next_version_type_name: v3_packages.add(pkg) # Generate BUILD file. build_file_contents = API_BUILD_FILE_TEMPLATE.substitute(v2_deps=DepsFormat(v2_packages), v3_deps=DepsFormat(v3_packages)) with open(output_path, 'w') as f: f.write(build_file_contents) ================================================ FILE: tools/type_whisperer/proto_cc_source.bzl ================================================ def _proto_cc_source(ctx): pb_text_set = depset() for src in ctx.attr.deps: pb_text_set = depset(transitive = [pb_text_set, src.files]) args = [ctx.attr.constant, ctx.outputs.cc.path] for pb_text in pb_text_set.to_list(): args.append(pb_text.path) ctx.actions.run( executable = ctx.executable._proto_cc_source_gen, arguments = args, inputs = pb_text_set, outputs = [ctx.outputs.cc], mnemonic = "ProtoCcSourceGen", use_default_shell_env = True, ) proto_cc_source = rule( attrs = { "constant": attr.string( doc = "Name of C++ constant definition.", mandatory = True, ), "deps": attr.label_list( doc = "List of all text protos to be included.", ), "proto_repositories": attr.string_list( default = ["envoy_api_canonical"], allow_empty = False, ), "_proto_cc_source_gen": attr.label( default = Label("//tools/type_whisperer:proto_cc_source_gen"), executable = True, cfg = "exec", ), }, outputs = { "cc": "%{name}.cc", }, implementation = _proto_cc_source, ) ================================================ FILE: tools/type_whisperer/proto_cc_source_gen.py ================================================ # Generate a C++ source file with given text protos embedded. import pathlib import string import sys CC_SOURCE_TEMPLATE = string.Template("""namespace Envoy { namespace Tools { namespace TypeWhisperer { const char* $constant = R"EOF($pb_text)EOF"; } } } """) if __name__ == '__main__': constant_name = sys.argv[1] output_path = sys.argv[2] input_paths = sys.argv[3:] pb_text = '\n'.join(pathlib.Path(path).read_text() for path in input_paths) with open(output_path, 'w') as f: f.write(CC_SOURCE_TEMPLATE.substitute(constant=constant_name, pb_text=pb_text)) ================================================ FILE: tools/type_whisperer/type_database.bzl ================================================ load(":type_whisperer.bzl", "type_whisperer_aspect") def _type_database_impl(ctx): type_db_deps = [] for target in ctx.attr.targets: type_db_deps.append(target[OutputGroupInfo].types_pb_text) type_db_deps = depset(transitive = type_db_deps) args = [ctx.outputs.pb_text.path] for dep in type_db_deps.to_list(): ws_name = dep.owner.workspace_name if (not ws_name) or ws_name in ctx.attr.proto_repositories: args.append(dep.path) ctx.actions.run( executable = ctx.executable._type_db_gen, arguments = args, inputs = type_db_deps, outputs = [ctx.outputs.pb_text], mnemonic = "TypeDbGen", use_default_shell_env = True, ) type_database = rule( attrs = { "targets": attr.label_list( aspects = [type_whisperer_aspect], doc = "List of all proto_library target to be included.", ), "proto_repositories": attr.string_list( default = ["envoy_api_canonical"], allow_empty = False, ), "_type_db_gen": attr.label( default = Label("//tools/type_whisperer:typedb_gen"), executable = True, cfg = "exec", ), }, outputs = { "pb_text": "%{name}.pb_text", }, implementation = _type_database_impl, ) ================================================ FILE: tools/type_whisperer/type_whisperer.bzl ================================================ load("//tools/api_proto_plugin:plugin.bzl", "api_proto_plugin_aspect", "api_proto_plugin_impl") def _type_whisperer_impl(target, ctx): return api_proto_plugin_impl(target, ctx, "types_pb_text", "TypeWhisperer", [".types.pb_text"]) # Bazel aspect (https://docs.bazel.build/versions/master/starlark/aspects.html) # that can be invoked from the CLI to perform API type analysis via //tools/type_whisperer for # proto_library targets. Example use: # # bazel build //api --aspects tools/type_whisperer/protoxform.bzl%protoxform_aspect \ # --output_groups=types_pb_text type_whisperer_aspect = api_proto_plugin_aspect("//tools/type_whisperer", _type_whisperer_impl) ================================================ FILE: tools/type_whisperer/type_whisperer.py ================================================ # protoc plugin to map from FileDescriptorProtos to a tools.type_whisperer.Types # proto. This is the type information for a single .proto, consumed by # typedb_gen.py. from tools.api_proto_plugin import plugin from tools.api_proto_plugin import visitor from tools.type_whisperer.types_pb2 import Types from udpa.annotations import migrate_pb2 from udpa.annotations import status_pb2 class TypeWhispererVisitor(visitor.Visitor): """Visitor to compute type information from a FileDescriptor proto. See visitor.Visitor for visitor method docs comments. """ def __init__(self): super(TypeWhispererVisitor, self).__init__() self._types = Types() def VisitService(self, service_proto, type_context): pass def VisitEnum(self, enum_proto, type_context): type_desc = self._types.types[type_context.name] type_desc.next_version_upgrade = any(v.options.deprecated for v in enum_proto.value) type_desc.deprecated_type = type_context.deprecated def VisitMessage(self, msg_proto, type_context, nested_msgs, nested_enums): type_desc = self._types.types[type_context.name] type_desc.map_entry = msg_proto.options.map_entry type_desc.deprecated_type = type_context.deprecated type_deps = set([]) for f in msg_proto.field: if f.type_name.startswith('.'): type_deps.add(f.type_name[1:]) if f.options.deprecated: type_desc.next_version_upgrade = True type_desc.type_dependencies.extend(type_deps) def VisitFile(self, file_proto, type_context, services, msgs, enums): next_version_package = '' if file_proto.options.HasExtension(migrate_pb2.file_migrate): next_version_package = file_proto.options.Extensions[migrate_pb2.file_migrate].move_to_package for t in self._types.types.values(): t.qualified_package = file_proto.package t.proto_path = file_proto.name t.active = file_proto.options.Extensions[ status_pb2.file_status].package_version_status == status_pb2.ACTIVE if next_version_package: t.next_version_package = next_version_package t.next_version_upgrade = True # Return in text proto format. This makes things easier to debug, these # don't need to be compact as they are only interim build artifacts. return str(self._types) def Main(): plugin.Plugin([ plugin.DirectOutputDescriptor('.types.pb_text', TypeWhispererVisitor), ]) if __name__ == '__main__': Main() ================================================ FILE: tools/type_whisperer/typedb_gen.py ================================================ # Python binary that stitches together the various tools.type_whisperer.Types # protos generated by type_whisperer.py for the entire API. The result is a type # database in tools.type_whisperer.TypeDb format. import re import sys from google.protobuf import text_format from tools.type_whisperer.api_type_db_pb2 import TypeDb from tools.type_whisperer.types_pb2 import Types, TypeDescription # Regexes governing v3upgrades. TODO(htuch): The regex approach will have # to be rethought as we go beyond v3, this is WiP. TYPE_UPGRADE_REGEXES = [ (r'(envoy[\w\.]*\.)(v3alpha|v3)', r'\1v4alpha'), (r'(envoy[\w\.]*\.)(v1alpha\d?|v1)', r'\1v3'), (r'(envoy[\w\.]*\.)(v2alpha\d?|v2)', r'\1v3'), # These are special cases, e.g. upgrading versionless packages. ('envoy\.type\.matcher', 'envoy.type.matcher.v3'), ('envoy\.type', 'envoy.type.v3'), ('envoy\.config\.cluster\.redis', 'envoy.extensions.clusters.redis.v3'), ('envoy\.config\.retry\.previous_priorities', 'envoy.extensions.retry.priority.previous_priorities.v3'), ] # These packages must be upgraded to v3, even if there are no protos # modified. This is largely for situations where we know we want to be doing # structural change to have the APIs follow the x/y//vN/z.proto structure of # organization. PKG_FORCE_UPGRADE = [ 'envoy.v2', 'envoy.api.v2', 'envoy.api.v2.auth', 'envoy.api.v2.cluster', 'envoy.api.v2.core', 'envoy.api.v2.endpoint', 'envoy.api.v2.listener', 'envoy.api.v2.ratelimit', 'envoy.api.v2.route', 'envoy.type', 'envoy.type.matcher', ] def UpgradedPackage(type_desc): """Determine upgrade package for a type.""" if type_desc.next_version_package: return type_desc.next_version_package for pattern, repl in TYPE_UPGRADE_REGEXES: s = re.sub(pattern, repl, type_desc.qualified_package) if s != type_desc.qualified_package: return s raise ValueError('{} is not upgradable'.format(type_desc.qualified_package)) def UpgradedType(type_name, type_desc): """Determine upgraded type name.""" upgraded_package = UpgradedPackage(type_desc) return type_name.replace(type_desc.qualified_package, upgraded_package) def UpgradedPath(proto_path, upgraded_package): """Determine upgraded API .proto path.""" return '/'.join([upgraded_package.replace('.', '/'), proto_path.split('/')[-1]]) def UpgradedTypeWithDescription(type_name, type_desc): upgrade_type_desc = TypeDescription() upgrade_type_desc.qualified_package = UpgradedPackage(type_desc) upgrade_type_desc.proto_path = UpgradedPath(type_desc.proto_path, upgrade_type_desc.qualified_package) upgrade_type_desc.deprecated_type = type_desc.deprecated_type upgrade_type_desc.map_entry = type_desc.map_entry return (UpgradedType(type_name, type_desc), upgrade_type_desc) def LoadTypes(path): """Load a tools.type_whisperer.Types proto from the filesystem. Args: path: filesystem path for a file in text proto format. Returns: tools.type_whisperer.Types proto loaded from path. """ types = Types() with open(path, 'r') as f: text_format.Merge(f.read(), types) return types def NextVersionUpgrade(type_name, type_map, next_version_upgrade_memo, visited=None): """Does a given type require upgrade between major version? Performs depth-first search through type dependency graph for any upgraded types that will force type_name to be upgraded. Args: type_name: fully qualified type name. type_map: map from type name to tools.type_whisperer.TypeDescription. next_version_upgrade_memo: a memo dictionary to avoid revisiting nodes across invocations. visited: a set of visited nodes in the current search, used to detect loops. Returns: A boolean indicating whether the type requires upgrade. """ if not visited: visited = set([]) # Ignore non-API types. if not type_name.startswith('envoy'): return False # If we have a loop, we can't learn anything new by circling around again. if type_name in visited: return False visited = visited.union(set([type_name])) # If we have seen this type in a previous NextVersionUpgrade(), use that # result. if type_name in next_version_upgrade_memo: return next_version_upgrade_memo[type_name] type_desc = type_map[type_name] # Force upgrade packages that we enumerate. if type_desc.qualified_package in PKG_FORCE_UPGRADE: return True # Recurse and memoize. should_upgrade = type_desc.next_version_upgrade or any( NextVersionUpgrade(d, type_map, next_version_upgrade_memo, visited) for d in type_desc.type_dependencies) next_version_upgrade_memo[type_name] = should_upgrade return should_upgrade if __name__ == '__main__': # Output path for type database. out_path = sys.argv[1] # Load type descriptors for each type whisper type_desc_paths = sys.argv[2:] type_whispers = map(LoadTypes, type_desc_paths) # Aggregate type descriptors to a single type map. type_map = dict(sum([list(t.types.items()) for t in type_whispers], [])) all_pkgs = set([type_desc.qualified_package for type_desc in type_map.values()]) # Determine via DFS on each type descriptor and its deps which packages require upgrade. next_version_upgrade_memo = {} next_versions_pkgs = set([ type_desc.qualified_package for type_name, type_desc in type_map.items() if NextVersionUpgrade(type_name, type_map, next_version_upgrade_memo) ]).union(set(['envoy.config.retry.previous_priorities', 'envoy.config.cluster.redis'])) # Generate type map entries for upgraded types. We run this twice to allow # things like a v2 deprecated map field's synthesized map entry to forward # propagate to v4alpha (for shadowing purposes). for _ in range(2): type_map.update([ UpgradedTypeWithDescription(type_name, type_desc) for type_name, type_desc in type_map.items() if type_desc.qualified_package in next_versions_pkgs and (type_desc.active or type_desc.deprecated_type or type_desc.map_entry) ]) # Generate the type database proto. To provide some stability across runs, in # terms of the emitted proto binary blob that we track in git, we sort before # loading the map entries in the proto. This seems to work in practice, but # has no guarantees. type_db = TypeDb() next_proto_info = {} for t in sorted(type_map): type_desc = type_db.types[t] type_desc.qualified_package = type_map[t].qualified_package type_desc.proto_path = type_map[t].proto_path if type_desc.qualified_package in next_versions_pkgs: type_desc.next_version_type_name = UpgradedType(t, type_map[t]) assert (type_desc.next_version_type_name != t) next_proto_info[type_map[t].proto_path] = ( type_map[type_desc.next_version_type_name].proto_path, type_map[type_desc.next_version_type_name].qualified_package) for proto_path, (next_proto_path, next_package) in sorted(next_proto_info.items()): type_db.next_version_protos[proto_path].proto_path = next_proto_path type_db.next_version_protos[proto_path].qualified_package = next_package # Write out proto text. with open(out_path, 'w') as f: f.write(str(type_db)) ================================================ FILE: tools/type_whisperer/types.proto ================================================ syntax = "proto3"; package tools.type_whisperer; // Description for a single type. message TypeDescription { // Fully qualified package name. string qualified_package = 2; // Path to .proto from API root. string proto_path = 3; // Fully qualified type names for type dependencies. repeated string type_dependencies = 4; // Does this type have a breaking change? If so, it needs to be upgraded at // the next major version. bool next_version_upgrade = 5; // The package of the type in next version string next_version_package = 6; // Is this a type in an active package? bool active = 7; // Is this type a synthesized map entry? bool map_entry = 8; // Is this type deprecated? bool deprecated_type = 9; } message Types { // Map from fully qualified type name to description. map types = 1; } ================================================ FILE: tools/vscode/README.md ================================================ # Tools for VSCode This directory contains tools which is useful for developers using VSCode. ## Recommended VSCode setup It is recommended to use [devcontainer](../.devcontainer/README.md), or setting up an equivalent environment. Recommended extensions and settings are listed in [devcontainer.json](../.devcontainer/devcontainer.json). ## Refresh compilation database `tools/vscode/refresh_compdb.sh` is a script to refresh compilation database, it may take a while to generate all dependencies for code completion, such as protobuf generated codes, external dependencies. If you changed proto definition, or changed any bazel structure, rerun this to get code completion correctly. Note that it is recommended to disable VSCode Microsoft C/C++ extension and use `vscode-clangd` instead for C/C++ code completion. ## Generate debug config `tools/vscode/generate_debug_config.py` is a script to generate VSCode debug config in `.vscode/launch.json`. The generated config will be named ` `. For example: ``` tools/vscode/generate_debug_config.py //source/exe:envoy-static --args "-c envoy.yaml" ``` Generates an entry named `gdb //source/exe:envoy-static` for GDB in `launch.json`. It can be used to generate config for tests also. The generated `gdb` config are compatible with [Native Debug](https://marketplace.visualstudio.com/items?itemName=webfreak.debug) extension, `lldb` config are compatible with [VSCode LLDB](https://marketplace.visualstudio.com/items?itemName=vadimcn.vscode-lldb) extension. ================================================ FILE: tools/vscode/generate_debug_config.py ================================================ #!/usr/bin/env python3 import argparse import json import os import pathlib import shlex import shutil import subprocess BAZEL_OPTIONS = shlex.split(os.environ.get("BAZEL_BUILD_OPTIONS", "")) def bazelInfo(name, bazel_extra_options=[]): return subprocess.check_output(["bazel", "info", name] + BAZEL_OPTIONS + bazel_extra_options).decode().strip() def getWorkspace(): return bazelInfo("workspace") def getExecutionRoot(workspace): # If compilation database exists, use its execution root, this allows setting # breakpoints with clangd navigation easier. try: compdb = pathlib.Path(workspace, "compile_commands.json").read_text() return json.loads(compdb)[0]['directory'] except: return bazelInfo("execution_root") def binaryPath(bazel_bin, target): return pathlib.Path( bazel_bin, *[s for s in target.replace('@', 'external/').replace(':', '/').split('/') if s != '']) def buildBinaryWithDebugInfo(target): targets = [target, target + ".dwp"] subprocess.check_call(["bazel", "build", "-c", "dbg"] + BAZEL_OPTIONS + targets) bazel_bin = bazelInfo("bazel-bin", ["-c", "dbg"]) return binaryPath(bazel_bin, target) def getLaunchJson(workspace): try: return json.loads(pathlib.Path(workspace, ".vscode", "launch.json").read_text()) except: return {"version": "0.2.0"} def writeLaunchJson(workspace, launch): launch_json = pathlib.Path(workspace, ".vscode", "launch.json") backup_launch_json = pathlib.Path(workspace, ".vscode", "launch.json.bak") if launch_json.exists(): shutil.move(str(launch_json), str(backup_launch_json)) launch_json.write_text(json.dumps(launch, indent=4)) def gdbConfig(target, binary, workspace, execroot, arguments): return { "name": "gdb " + target, "request": "launch", "arguments": arguments, "type": "gdb", "target": str(binary), "debugger_args": ["--directory=" + execroot], "cwd": "${workspaceFolder}", "valuesFormatting": "disabled" } def lldbConfig(target, binary, workspace, execroot, arguments): return { "name": "lldb " + target, "program": str(binary), "sourceMap": { "/proc/self/cwd": workspace, "/proc/self/cwd/external": execroot + "/external", "/proc/self/cwd/bazel-out": execroot + "/bazel-out" }, "cwd": "${workspaceFolder}", "args": shlex.split(arguments), "type": "lldb", "request": "launch" } def addToLaunchJson(target, binary, workspace, execroot, arguments, debugger_type): launch = getLaunchJson(workspace) new_config = {} if debugger_type == "lldb": new_config = lldbConfig(target, binary, workspace, execroot, arguments) else: new_config = gdbConfig(target, binary, workspace, execroot, arguments) configurations = launch.get("configurations", []) for config in configurations: if config.get("name", None) == new_config["name"]: config.clear() config.update(new_config) break else: configurations.append(new_config) launch["configurations"] = configurations writeLaunchJson(workspace, launch) if __name__ == "__main__": parser = argparse.ArgumentParser(description='Build and generate launch config for VSCode') parser.add_argument('--debugger', default="gdb") parser.add_argument('--args', default='') parser.add_argument('target') args = parser.parse_args() workspace = getWorkspace() execution_root = getExecutionRoot(workspace) debug_binary = buildBinaryWithDebugInfo(args.target) addToLaunchJson(args.target, debug_binary, workspace, execution_root, args.args, args.debugger) ================================================ FILE: tools/vscode/refresh_compdb.sh ================================================ #!/usr/bin/env bash [[ -z "${SKIP_PROTO_FORMAT}" ]] && tools/proto_format/proto_format.sh fix # Setting TEST_TMPDIR here so the compdb headers won't be overwritten by another bazel run TEST_TMPDIR=${BUILD_DIR:-/tmp}/envoy-compdb tools/gen_compilation_database.py # Kill clangd to reload the compilation database killall -v /opt/llvm/bin/clangd